The Trading Marketplace script is vulnerable to SQL injection due to insufficient input sanitization. An attacker can exploit this vulnerability by injecting malicious SQL code into the 'cid' parameter of the 'selloffers.php' page.
The Sagem F@st 3304 router is prone to a remote information-disclosure vulnerability because it fails to restrict access to sensitive information. A remote attacker can exploit this issue to obtain sensitive information, possibly aiding in further attacks.
This vulnerability allows an attacker to escalate privileges by overwriting the HAL dispatch table. By controlling the input buffer, the attacker can overwrite pointers in the table, which can be used to execute arbitrary code or gain elevated privileges. The vulnerability was discovered by Parvez Anwar and affects multiple BullGuard products. The affected versions range from 14.1.285.4 to 15.0.288.1. The vulnerability has a CVE ID of CVE-2014-9642. The vendor has released a fix for this vulnerability, which can be found at the provided URL. The fixed version is 15.0.288.1. The exploit was tested on a 32-bit Windows XP SP3 system. The vulnerability can be mitigated by updating to the fixed version of the software.
The AVG Internet Security 2015 software allows an attacker to escalate privileges by overwriting the HAL dispatch table. By controlling the input buffer, the attacker can overwrite static pointers, leading to privilege escalation.
The PHPJunkYard GBook application is prone to multiple cross-site scripting vulnerabilities due to insufficient sanitization of user-supplied data. An attacker can exploit these vulnerabilities to execute arbitrary script code in the context of the affected site, potentially stealing authentication credentials and launching further attacks.
The vulnerability allows an attacker to include a remote file by manipulating the 'phpbb_root_path' parameter in the 'pass_code.php' and 'lang_select' files of codebb 1.1b3.
Support Incident Tracker is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
Support Incident Tracker is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
The application fails to properly sanitize user-supplied input before using it in an SQL query, leading to multiple SQL-injection vulnerabilities. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
Support Incident Tracker is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
Services By CQR