The Urchin application is vulnerable to a cross-site scripting (XSS) attack due to inadequate input sanitization. An attacker can exploit this vulnerability by injecting malicious script code into the affected application, which will be executed by the victim's browser when the page is viewed. This allows the attacker to perform various malicious actions, such as stealing authentication credentials and launching further attacks.
Exploiting this issue may allow local attackers to gain elevated privileges, facilitating the complete compromise of affected computers.
This exploit takes advantage of a bug in the x86_64 Linux kernel ia32syscall emulation. By exploiting this vulnerability, local attackers can gain elevated privileges, potentially leading to the complete compromise of affected computers.
Xcms is prone to a vulnerability that lets attackers execute arbitrary PHP code because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary malicious PHP code in the context of the webserver process. This may help the attacker compromise the application and the underlying system; other attacks are also possible.
The Vigile CMS wiki module is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The application fails to perform adequate boundary-checks on user-supplied data, leading to a remote buffer-overflow vulnerability. An attacker can exploit this vulnerability by tricking users into visiting a maliciously crafted webpage. Successful exploitation allows the attacker to execute arbitrary code within the context of the application using the ActiveX control, typically in Microsoft Internet Explorer. Failed exploit attempts result in a denial-of-service condition.
The vulnerability allows an attacker to remotely download databases from the target server. The attacker can access sensitive information such as admin credentials and other data stored in the databases.
This exploit crashes any kernel from 2.4.18 to 2.6.7 because frstor in assembler inline offsets in memory by 4.
WebBatch is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. The attacker may leverage the information-disclosure issue to obtain potentially sensitive information that could aid in further attacks.
WebBatch is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. The attacker may leverage the information-disclosure issue to obtain potentially sensitive information that could aid in further attacks.
Services By CQR