This exploit allows an attacker to register a user with admin access in PBlang 4.66z.
OpenMyZip is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Asterisk is prone to a user-enumeration weakness. An attacker may leverage this issue to harvest valid usernames, which may aid in brute-force attacks.
LDAP Account Manager is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The LANSA aXes Web Terminal TN5250 is vulnerable to a cross-site scripting (XSS) attack due to inadequate input sanitization. An attacker can exploit this vulnerability by injecting arbitrary script code into the browser of a victim user, potentially leading to the theft of authentication credentials and other malicious activities.
Tine is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The OProfile tool is vulnerable to a local privilege escalation vulnerability. An attacker can exploit this vulnerability to execute arbitrary commands with superuser privileges. By using a specially crafted command, an attacker can run arbitrary commands with elevated privileges.
ClanSphere is prone to a local file-include vulnerability and multiple arbitrary-file-upload vulnerabilities. An attacker can exploit these issues to upload arbitrary files onto the webserver, execute arbitrary local files within the context of the webserver, and obtain sensitive information.
This exploit allows an attacker to include a malicious file from a remote server into the target website. By manipulating the 'AD_BODY_TEMP' parameter in various PHP files, the attacker can execute arbitrary code or perform unauthorized actions on the target system.
phpGraphy is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Services By CQR