The CommonSpot Server application fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user, potentially stealing authentication credentials and launching further attacks.
The Discuz! application fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user, potentially stealing authentication credentials and launching further attacks.
IBM DB2 is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application.
PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application.
The vulnerability exists due to the insufficient sanitization of user-supplied input in SAP BusinessObjects. Attackers can exploit these issues to execute arbitrary script or HTML code, steal cookie-based authentication credentials, and conduct phishing attacks.
The vulnerability allows an attacker to view sensitive MySQL data by accessing the 'browser.php' file in the 'inc/filebrowser' directory. By specifying the 'file' parameter as 'inc/mysql.php', the attacker can retrieve the contents of the MySQL configuration file.
The HP System Management Homepage, also known as Systems Insight Manager, is prone to a cross-site scripting vulnerability. An attacker can exploit this vulnerability by injecting arbitrary script code in the browser of an unsuspecting user visiting the affected site. This can be used to steal cookie-based authentication credentials.
The MiFi 2352 access point firmware 11.47.17 is prone to an information-disclosure vulnerability that may expose sensitive information. Successful exploits will allow authenticated attackers to obtain passwords, which may aid in further attacks. The vulnerability is caused by the disclosure of sensitive information through certain URIs.
The Cisco Secure Desktop application is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The 3D Cloud component for Joomla! is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.