Synergiser is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
Attackers can execute arbitrary code within the context of the affected application and delete arbitrary files on the client's computer. Failed exploit attempts will result in denial-of-service conditions.
The Blue Coat ProxySG Management Console is prone to two cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Yarssr is prone to a remote code-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to inject and execute arbitrary malicious Perl code with the privileges of the user running the application. Successful exploits can compromise the application and possibly the underlying computer; other attacks are also possible.
Perdition IMAP proxy server is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. An attacker can exploit this issue to execute arbitrary machine code in the context of the affected application. A successful attack will compromise the application. Failed attempts may cause denial-of-service conditions.
GlobalLink is prone to a stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in denial-of-service conditions.
Saxon is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Saxon is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The Omnistar Live application fails to properly sanitize user-supplied input, resulting in a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other attacks.
SMART-SHOP is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
Services By CQR