SocketMail is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The SocketKB application is prone to multiple cross-site scripting vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other attacks.
OmniVista 4760 is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
This is a vanilla format string exploit for VLC Player on OSX for PowerPC (ppc) architecture. The exploit overwrites a saved return address with a shellcode address. The exploit creates a malicious .m3u file that when executed by VLC Player, executes arbitrary code.
SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple arbitrary-script-code-execution vulnerabilities - Multiple cross-site scripting vulnerabilities - A URI-redirection vulnerability. Exploiting these issues can allow attackers to access potentially sensitive information, to execute arbitrary script code in the context of the webserver process, to steal cookie-based authentication credentials, and to redirect users to malicious webpages.
SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple arbitrary-script-code-execution vulnerabilities - Multiple cross-site scripting vulnerabilities - A URI-redirection vulnerability. Exploiting these issues can allow attackers to access potentially sensitive information, to execute arbitrary script code in the context of the webserver process, to steal cookie-based authentication credentials, and to redirect users to malicious webpages.
The SpeedFan application is prone to a local privilege-escalation vulnerability. An attacker could exploit this issue to execute arbitrary machine code with SYSTEM-level privileges, resulting in the complete compromise of affected computers.
Macrovision SafeDisc is prone to a local privilege-escalation vulnerability because it fails to adequately sanitize user-supplied input. Exploiting this vulnerability allows local attackers to execute arbitrary malicious code with SYSTEM-level privileges, facilitating the complete compromise of affected computers.
This exploit allows an attacker to add an admin user remotely to the TaskTracker application. The vulnerability exists in the Customize.asp file, which can be accessed through the 'Add' action. By submitting a specially crafted form, an attacker can create a new admin user with the desired credentials.
Attackers can exploit this issue to open an audio channel with the phone's microphone, allowing them to remotely eavesdrop on conversations and gather potentially sensitive information.
Services By CQR