Fuzzylime is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
Php Hosting Biller is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
This exploit targets a buffer overflow vulnerability in the /bin/mkdir command on Unix V7 PDP-11 systems. The vulnerability occurs when checking if the directory in /arg/with/slashes/fname exists. By exploiting this vulnerability, an attacker can run /bin/sh with elevated privileges (euid 0).
WebIf is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
TDizin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
WSPortal is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
Apple Safari for Windows is prone to a denial-of-service vulnerability because it fails to properly handle user-supplied input. An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document. Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions. Attackers may also be able to execute arbitrary code, but Symantec had not confirmed this.
Kaspersky Internet Security 6 is prone to multiple local vulnerabilities. Exploiting these vulnerabilities allows local attackers to crash affected computers, denying service to legitimate users. Attackers might also be able to gain elevated privileges by executing arbitrary machine code in the context of the kernel, but this has not been confirmed.
The Apache Tomahawk MyFaces JSF Framework is vulnerable to a cross-site scripting (XSS) attack due to insufficient input sanitization. An attacker can exploit this vulnerability to launch XSS attacks on unsuspecting users, potentially leading to the theft of authentication credentials and other malicious activities.
The Joomla! Letterman Subscriber module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Services By CQR