Publique! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
kloNews is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The HAWHAW application is vulnerable to SQL injection due to inadequate sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to compromise the application, access or modify data, or exploit other vulnerabilities in the underlying database.
The WebMod v0.48 software is vulnerable to a stack buffer overflow. This vulnerability can be exploited by sending a specially crafted HTTP request to the server. The exploit code included in the code section of the program demonstrates how to inject malicious code into the server's memory and execute it. This particular exploit code only works on Windows 2000 SP4 with kernel32.dll v5.0.2195.6688.
PCRE is prone to a buffer-overflow vulnerability because the library fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of an application using the PCRE library. Failed attacks may result in denial-of-service conditions.
The vulnerability allows an attacker to perform SQL injection attacks by manipulating user-supplied data in an SQL query. By exploiting this vulnerability, an attacker can compromise the application, access or modify data, or exploit other vulnerabilities in the database.
Last Wizardz is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
EmiratesHost is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication. Attackers can exploit this vulnerability to gain administrative access to the affected application, which may aid in further attacks.
DeluxeBB is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The exploit bypasses full ASLR, DEP, and EMET 4.1.X in Internet Explorer 8.