The X-Motor Racing software is prone to a buffer-overflow vulnerability and multiple denial-of-service vulnerabilities. Successful exploitation of these vulnerabilities can allow remote attackers to execute arbitrary code or crash the affected application, resulting in a denial of service for legitimate users.
Local attackers can exploit these issues to obtain sensitive information that may lead to further attacks.
The Cisco ACE is prone to a security weakness that allows attackers to obfuscate HTTP server log entries. Attackers can exploit this issue to avoid having client IP addresses logged by servers.
ECShop is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This exploit takes advantage of a buffer overflow vulnerability in the unserialize() function in PHP 4. By manipulating the hashtable variable, an attacker can overwrite memory and execute arbitrary code. This specific exploit is designed for Linux x86 systems.
The Consona products, including Consona Live Assistance, Consona Dynamic Agent, and Consona Subscriber Assistance, are prone to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can lead to the theft of cookie-based authentication credentials and other possible attacks.
Publique! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
kloNews is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The HAWHAW application is vulnerable to SQL injection due to inadequate sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to compromise the application, access or modify data, or exploit other vulnerabilities in the underlying database.
The WebMod v0.48 software is vulnerable to a stack buffer overflow. This vulnerability can be exploited by sending a specially crafted HTTP request to the server. The exploit code included in the code section of the program demonstrates how to inject malicious code into the server's memory and execute it. This particular exploit code only works on Windows 2000 SP4 with kernel32.dll v5.0.2195.6688.
Services By CQR