SonicBB is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
A file include- & arbitrary file upload web vulnerability has been discovered in the official Imagam iFiles v1.16.0 mobile application for apple iOS.
The SonicBB application fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of a user visiting the affected site. This can be used to steal authentication credentials and launch further attacks.
The EQDKP application fails to properly sanitize user-supplied input, allowing an attacker to execute arbitrary script code in the browser of an unsuspecting user. This can lead to the theft of cookie-based authentication credentials and the possibility of launching further attacks.
The CommuniGate Pro software fails to sufficiently sanitize user-supplied input, which allows an attacker to inject HTML and script code into the affected site. This can lead to various attacks such as stealing authentication credentials or controlling the rendering of the site.
TFTP Server TFTPDWIN is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to gain read/write access to privileged directories and files.
TeamSpeak Server is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.TeamSpeak Server 2.0.20.1 is vulnerable; other versions may also be affected.
The libexif library is prone to an integer-overflow vulnerability because the software fails to properly ensure that integer math operations do not result in overflows. Successful exploits of this vulnerability allow remote attackers to execute arbitrary machine code in the context of an application using the vulnerable library. Failed attempts will likely result in denial-of-service conditions.
OpenEdge is prone to multiple denial-of-service vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits can allow attackers to cause the application to become unresponsive, denying service to legitimate users.
The PHP Multi User Randomizer application fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user within the context of the affected site. This can enable the attacker to steal cookie-based authentication credentials and carry out further attacks.
Services By CQR