ICMusic is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Prontus CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Proof of concept exploit for a stack based overflow in Corel Wordperfext X3. The vulnerability can be exploited by tricking a user into opening a specially crafted document.
The 'com_voj' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The Pro Softnet IDrive Online Backup ActiveX control is prone to a vulnerability that allows attackers to overwrite files with arbitrary, attacker-controlled content. An attacker can exploit this issue to corrupt and overwrite arbitrary files on a victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). The provided HTML code demonstrates an example of the exploit.
The Classified Script is vulnerable to a cross-site scripting (XSS) attack due to inadequate sanitization of user-supplied data. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other malicious activities.
eTAWASOL is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
An attacker may obtain sensitive information, cause a denial-of-service condition, or bypass security restrictions by sending specially crafted HTTP POST requests.
There is an authentication bypass vulnerability in ClearSCADA that can be exploited by triggering an exception in dbserver.exe and taking advantage of the way the program handles it. When an exception occurs, ClearSCADA enters "Safe Mode" which exposes its diagnostic functions to remote users without requiring a valid login. A remote attacker could view sensitive information and possibly modify functions of the server running on the affected host.
The Paliz Portal application is prone to multiple SQL-injection vulnerabilities and a cross-site scripting vulnerability. These vulnerabilities occur due to a failure in properly sanitizing user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials, control the rendering of the site, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Services By CQR