ALeadSoft Search Engine Builder is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The Unreal Engine is prone to a remote denial-of-service vulnerability because the application fails to properly bounds-check user-supplied input. Successfully exploiting this issue allows remote attackers to corrupt application memory in a manner that causes a crash. Remote code execution may be possible, but this has not been confirmed.
An SQL injection vulnerability exists in Gurur Haber due to insufficient sanitization of user-supplied data before using it in an SQL query. By exploiting this vulnerability, an attacker can compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Firesoft is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
Dalai Forum is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
Toribash is prone to multiple remote code-execution and denial-of-service vulnerabilities that affect game servers and clients. Seven vulnerabilities were reported. Attackers may exploit these issues to execute arbitrary code in the content of the game server and game client or to deny service to both servers and clients.
The gMotor2 game engine is prone to multiple code-execution and denial-of-service vulnerabilities. Four vulnerabilities were reported. These vulnerabilities may be triggered by malicious client requests to games that use the affected engine, including rFactor. Successful exploits could crash a game server or let remote attackers execute arbitrary code on the computer hosting affected software.
The vulnerability is caused by the software's failure to handle certain CLI commands. Attackers can trigger this vulnerability by successfully authenticating to vulnerable devices through remote anonymous means or by sending specially crafted input to web interfaces. Successful exploitation allows attackers to trigger device reboots, resulting in a denial of service for legitimate users.
Text File Search Classic is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The Olate Download application is prone to an authentication-bypass vulnerability. An attacker can exploit this vulnerability to gain administrative access to the affected application, leading to remote compromise.
Services By CQR