phpScheduleIt is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The 'com_maplocator' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The LimeSurvey application fails to properly sanitize user-supplied data, allowing an attacker to execute arbitrary script code in the browser of a victim user. This can lead to the theft of authentication credentials and other malicious actions.
klibc is prone to a shell-command-execution vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary shell commands in the context of the application that uses the vulnerable library.
The Zend Framework is prone to a security-bypass vulnerability that allows attackers to bypass certain security restrictions. Successful exploits may allow attackers to exploit SQL-injection vulnerabilities.
The vulnerability allows remote attackers to execute arbitrary PHP code by exploiting the application's failure to sanitize user-supplied input. By submitting a specially crafted input, attackers can execute arbitrary code within the context of the affected webserver process.
Room Juice is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
A remote attacker could exploit this vulnerability using directory-traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may result in the disclosure of sensitive information or lead to a complete compromise of the affected computer.
The vulnerability allows an attacker to inject and execute arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other attacks.
This is a local root exploit for BSD's eject.c. It allows an attacker to escalate their privileges to root level. The vulnerability was found by kokanin. The exploit takes advantage of a buffer overflow in the eject program to overwrite the return address and execute arbitrary code.