The application fails to sanitize user-supplied input, allowing an attacker to delete arbitrary files, rename files, or reset the content of certain files.
The WP-SlimStat Plugin for WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Attackers can exploit these issues to crash applications that use the ActiveX control, denying service to legitimate users.
PHP is prone to multiple denial-of-service vulnerabilities because it fails to perform adequate boundary checks on user-supplied input. Attackers can exploit these issues to cause denial-of-service conditions. Given the nature of these issues, attackers may also be able to execute arbitrary code, but this has not been confirmed.
The Web Gateway software is vulnerable to a cross-site scripting (XSS) attack due to insufficient input sanitization. An attacker can inject arbitrary script code into the affected site, potentially leading to the theft of authentication credentials and other malicious activities.
X7 Chat is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal potentially sensitive information and launch other attacks.
X7 Chat is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal potentially sensitive information and launch other attacks.
The Microsoft Forms 2.0 ActiveX Control is prone to multiple memory-access violation denial-of-service vulnerabilities. Attackers can exploit these issues to crash Internet Explorer and deny service to legitimate users.
F5 FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker to steal cookie-based authentication credentials and to launch other attacks.
The AutoIndex PHP Script is vulnerable to a remote denial-of-service vulnerability due to improper handling of unexpected input. An attacker can exploit this vulnerability by sending a specially crafted request to the affected application. Successful exploitation of this vulnerability can result in excessive consumption of CPU resources, potentially leading to a denial-of-service condition.
Services By CQR