Max Network Technology BBSMAX is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The Pre E-Learning Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The vulnerability allows remote attackers to cause a denial-of-service (DoS) condition on vulnerable Windows applications by sending a specially crafted '.ani' file. When the file is processed, it causes the affected applications to crash or become unresponsive, resulting in a denial of service for legitimate users.
phpCOIN is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible.
The application fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user, potentially stealing authentication credentials and launching other attacks.
Saskia's Shopsystem is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible.
The Spectrum Software WebManager CMS is vulnerable to a cross-site scripting (XSS) attack due to insufficient input sanitization. An attacker can exploit this vulnerability by injecting arbitrary script code into the affected website, potentially compromising the user's browser. This can lead to the theft of authentication credentials and enable further malicious activities.
There is an XSSHTML Injection in a song history in song history, allowing inject a JavaScript script or HTML code in site.
The VLC Media Player is prone to a buffer-overflow vulnerability due to inadequate boundary checks on user-supplied data. Attackers can exploit this vulnerability to execute arbitrary code in the context of the application. Failed attacks may cause denial-of-service conditions.
The BS.Player software is prone to a buffer-overflow vulnerability due to insufficient boundary checks on user-supplied data. This vulnerability can be exploited by attackers to execute arbitrary code within the context of the application. Failed attacks may result in denial-of-service conditions.