Astaro Security Linux is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The PHPKIT 'b-day.php' addon is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Vanilla is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the computer; other attacks are also possible.
IBM Lotus Notes is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
agXchange ESM is prone to an open-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks are possible.
Remote attackers can exploit this issue to cause the application to crash, denying service to legitimate users. Due to the nature of this issue arbitrary code-execution may be possible; however this has not been confirmed.
PHPWind is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The SQL injection vulnerability and cross-site scripting vulnerability in Kempt SiteDone could allow an attacker to steal authentication credentials, control site rendering, compromise the application, access or modify data, or exploit other vulnerabilities in the database.
The Xilisoft Video Converter application fails to perform adequate boundary checks on user-supplied input, leading to a stack-based buffer overflow vulnerability. Attackers can exploit this vulnerability to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
IBM Lotus Notes is prone to an open-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks are possible.
Services By CQR