Microsoft Windows is prone to a remote command-execution vulnerability because it opens help files from unsafe locations. An attacker could exploit this issue by enticing a victim to load help files when working in a directory containing crafted '.chm' files.
ARTIS ABTON CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The vulnerability allows an attacker to include remote files on the server by manipulating the 'laypath' parameter in the 'top.php' file. This can lead to remote code execution.
The vulnerabilities in SUPERAntiSpyware and Super Ad Blocker can be exploited by an attacker to gain elevated privileges, crash the affected computer, access sensitive information, or overwrite arbitrary files. Other attacks are also possible.
DDL CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The vulnerability is caused due to an input validation error when processing HTTP requests. This can be exploited to break all services http & ftp.
The 60cycleCMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
The Friendly Technologies TR-069 ACS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, gain administrator access, access or modify data, or exploit latent vulnerabilities in the underlying database.
Max Network Technology BBSMAX is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
This is a Perl script that exploits a remote file inclusion vulnerability in the phpBB Module NoMoKeTos Rules 0.0.1. It allows an attacker to include a remote file and execute arbitrary commands on the target server.
Services By CQR