The Linksys Wireless-G ADSL Gateway is prone to multiple cross-site scripting vulnerabilities due to inadequate input sanitization. Attackers can exploit this by enticing victims to open a malicious URI. This can lead to the execution of arbitrary script code in the user's browser within the context of the affected device. The attacker can then steal authentication credentials, cause denial-of-service conditions, and launch further attacks. Successful exploits allow persistent storage of script code in the affected device.
eTicket is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The Conti FTP Server is prone to a denial-of-service vulnerability. A remote attacker may be able to exploit this issue to deny service to legitimate users of the application.
The GD graphics library is prone to multiple vulnerabilities. An attacker can exploit this issue to cause denial-of-service conditions or execute arbitrary code in the context of applications implementing the affected library.
Papoo is prone to an authentication-bypass vulnerability because the application fails to check user privileges when accessing the administration pages. An attacker can exploit this issue to gain access to administration plugins. This may lead to other attacks.
The Calendarix application is prone to multiple SQL-injection vulnerabilities. These vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data before using it in SQL queries. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Multiple cross-site scripting vulnerabilities exist in Calendrix due to insufficient input sanitization. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a targeted user, potentially leading to the theft of authentication credentials and other malicious activities.
The Key Focus Web Server application fails to properly sanitize user-supplied input, allowing an attacker to execute arbitrary script code in the browser of an unsuspecting user. This can lead to the theft of authentication credentials and other attacks.
MyNews is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
SHTTPD is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may lead to further attacks.
Services By CQR