Saxon is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Saxon is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The Omnistar Live application fails to properly sanitize user-supplied input, resulting in a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other attacks.
SMART-SHOP is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.This issue affects WordPress 2.3; other versions may also be vulnerable.http://www.example.com/wp-admin/edit-post-rows.php?posts_columns[]=alert(123);
The IBM Lotus Domino Server is vulnerable to a remote buffer-overflow vulnerability. The vulnerability occurs due to a failure to properly bounds-check user-supplied data before copying it to a memory buffer that is insufficiently sized. An attacker can exploit this vulnerability to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service. An exploit is available for Lotus Domino Server running on Windows platforms. It is not known if other platforms are affected. This vulnerability may be related to the IMAP buffer-overflow vulnerability described in BID 26176.
The vulnerability in Mozilla Firefox allows for a persistent denial of service attack. This can be achieved by setting a malicious bookmark and then following it. Once successful, the browser will stop responding to all URI requests. Even after restarting the browser, the condition persists.
Multi-Forums is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in SQL queries. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
A remote attacker can exploit this issue by using directory-traversal sequences to retrieve arbitrary files on a victim user's computer.
The Aleris Web Publishing Server is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Services By CQR
