Bits Video Script is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
Bits Video Script is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
The web interface of McAfee UTM Firewall fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of a victim user, potentially stealing authentication credentials and launching further attacks.
An attacker can exploit this vulnerability to rename uploaded files on the affected webserver. Successful exploits may allow attackers to execute arbitrary code within the context of the affected webserver.
The GREEZLE - Global Real Estate Agent Site is vulnerable to multiple SQL injection vulnerabilities. These vulnerabilities occur because the application does not properly sanitize user-supplied data before using it in SQL queries. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit other latent vulnerabilities in the underlying database.
PG Auto Pro is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This exploit takes advantage of a blind SQL injection vulnerability in AJ Forum 1.0. It allows an attacker to extract sensitive information from the database, such as usernames and passwords.
log1 CMS is prone to a security-bypass vulnerability because of a design flaw and a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to gain unauthorized access, obtain potentially sensitive information or to execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
The boastMachine application fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker can exploit this vulnerability by injecting arbitrary script code in the affected site, potentially allowing them to steal authentication credentials and launch further attacks.
The cPanel Image Manager is vulnerable to a local file-include vulnerability due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts within the context of the webserver process, potentially leading to further attacks.
Services By CQR