The vulnerability allows an attacker to remotely download databases from the target server. The attacker can access sensitive information such as admin credentials and other data stored in the databases.
This exploit crashes any kernel from 2.4.18 to 2.6.7 because frstor in assembler inline offsets in memory by 4.
WebBatch is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. The attacker may leverage the information-disclosure issue to obtain potentially sensitive information that could aid in further attacks.
WebBatch is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. The attacker may leverage the information-disclosure issue to obtain potentially sensitive information that could aid in further attacks.
The LevelOne WBR3404TX Broadband Router is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied input. These issues occur in the web management panel. Exploiting these vulnerabilities may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected site. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
The b1gMail application is prone to a cross-site scripting vulnerability due to insufficient input sanitization. This vulnerability can be exploited by an attacker to execute arbitrary script code in the context of the affected website, potentially leading to the theft of authentication credentials and other malicious actions.
The Coppermine Photo Gallery is vulnerable to a cross-site scripting issue and a local file-include issue. Attackers can exploit these vulnerabilities to steal cookie-based authentication credentials, execute arbitrary code, and retrieve arbitrary content within the context of the webserver process.
The Coppermine Photo Gallery is prone to a cross-site scripting issue and a local file-include issue. Attackers can exploit these issues to steal cookie-based authentication credentials, execute arbitrary code, and retrieve arbitrary content within the context of the webserver process.
The CFileFind::FindFile method in the MFC library for Microsoft Windows is prone to a buffer-overflow vulnerability because the method fails to perform adequate boundary checks of user-supplied input. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of applications that use the vulnerable method.
Python's imageop module is prone to multiple integer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input to ensure that integer operations do not overflow. To successfully exploit these issues, an attacker must be able to control the arguments to imageop functions. Remote attackers may be able to do this, depending on the nature of applications that use the vulnerable functions. Attackers would likely submit invalid or specially crafted images to applications that perform imageop operations on the data. A successful exploit may allow attacker-supplied machine code to run in the context of affected applications, facilitating the remote compromise of computers.