todoyu is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The Zenphoto application is vulnerable to multiple cross-site scripting (XSS) vulnerabilities due to inadequate sanitization of user-supplied data. An attacker can exploit these vulnerabilities to execute arbitrary script code in the context of an unsuspecting user's browser, potentially leading to the theft of authentication credentials and other malicious activities.
SyCtel Design is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
Automagick Tube Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Viola DVR is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting the issues can allow an attacker to obtain sensitive information that could aid in further attacks.
webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
An attacker can execute arbitrary script code in the browser of an unsuspecting user by leveraging the cross-site scripting vulnerabilities in Oracle JD Edwards EnterpriseOne. This can lead to the theft of authentication credentials and other attacks.
This exploit allows an attacker to perform a blind SQL injection attack on Joomla Component Car Manager version 1.1. It retrieves the admin username and password from the database.
An attacker can execute arbitrary script code in the browser of a user in the context of the affected site, potentially stealing authentication credentials and launching other attacks.
The ChatLakTurk PHP Botlu Video application is prone to a cross-site scripting vulnerability. This vulnerability occurs due to insufficient sanitization of user-supplied data. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user. This can lead to the theft of cookie-based authentication credentials and the launch of further attacks.
Services By CQR