The System CMS Contentia is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
TornadoStore is prone to an SQL-injection vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials, control how the site is viewed, and launch other attacks.
The vulnerabilities in Kryn.cms allow a remote attacker to perform administrative actions, gain unauthorized access, delete data, execute arbitrary script or HTML code, and steal authentication credentials.
Attackers can execute arbitrary commands in the context of the Miyabi CGI Tools application by exploiting a failure in input sanitization. This can lead to compromise of the application and potentially the underlying computer.
Iatek PortalApp is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
CANDID is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The V-EVA Classified Script is vulnerable to SQL injection attacks due to insufficient sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to compromise the application, access or modify data, or exploit other vulnerabilities in the database.
Clix'N'Cash Clone 2010 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
eBay Clone Script 2010 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The MySpace Clone 2010 application is prone to an SQL-injection and a cross-site scripting vulnerability due to insufficient sanitization of user-supplied data. Exploiting these vulnerabilities could lead to various consequences such as stealing cookie-based authentication credentials, compromising the application, accessing or modifying data, or exploiting latent vulnerabilities in the underlying database.
Services By CQR