RuubikCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The vulnerabilities in 1 Flash Gallery allow an attacker to execute SQL commands and inject malicious scripts. These exploits can lead to the theft of authentication credentials, data compromise, application compromise, and exploitation of underlying database vulnerabilities.
This exploit allows an attacker to perform a remote SQL injection attack on the Portail PHP v20 index.php file. The script prompts the user to select a language and then asks for the victim's website URL, path, and user ID. It then attempts to connect to the website and perform the SQL injection attack to retrieve user information, specifically the hashed password. If successful, it displays the user ID and hashed password. If unsuccessful, it displays an error message.
The PhotoSmash Galleries WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
This exploit allows an attacker to upload a file to a vulnerable instance of ProjectSend r-651. By sending a specially crafted request to the 'process-upload.php' script, an attacker can upload arbitrary files to the server.
The ClassWeb version 2.03 and earlier is vulnerable to remote file inclusion. An attacker can exploit this vulnerability to include a malicious file from a remote server, which can lead to remote code execution.
The Inline Gallery WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Automne is prone to an arbitrary-file-upload vulnerability. An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.
Interleave is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Kodak InSite is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.