The Ibrahim Γ?AKICI Okul Portal is vulnerable to an SQL injection vulnerability due to insufficient sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability by manipulating the SQL query logic to perform unauthorized actions on the underlying database.
The OfficeConnect Secure Router is vulnerable to cross-site scripting attacks. An attacker can exploit this vulnerability to launch attacks on unsuspecting users by injecting malicious code into the affected website. This can lead to the theft of cookie-based authentication credentials and other attacks.
The K9 Web Protection software is vulnerable to a buffer-overflow vulnerability that allows an attacker to execute arbitrary code with administrative privileges. This can lead to the complete compromise of the affected system.
WmsCMS is prone to multiple cross-site scripting vulnerabilities because it fails to adequately sanitize user-supplied input data before rendering it in a user's browser. Attackers could exploit these issues to steal cookie-based authentication credentials from legitimate users of the site; other attacks are also possible.
Atom PhotoBlog is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input data before rendering it in a user's browser. These issues include multiple HTML-injection vulnerabilities and a cross-site scripting vulnerability. Attackers could exploit these issues to steal cookie-based authentication credentials from legitimate users of the site; other attacks are also possible.
The vulnerability exists in Microsoft Windows due to its failure to handle maliciously crafted ICO files. An attacker can exploit this vulnerability by tricking users into opening a malicious file. Successful exploitation of this vulnerability will lead to denial-of-service conditions on applications that use the affected library. Vulnerable applications include Windows Explorer and Picture and Fax viewer.
ASP Folder Gallery is prone to an arbitrary-file-download vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to download arbitrary files within the context of the affected webserver.
JD-Wiki is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.
JD-Wiki is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.
The CGILua application is vulnerable to SQL injection. An attacker can exploit this vulnerability by injecting SQL queries into the 'sid' parameter in the start.htm page.
Services By CQR