The vulnerability allows an attacker to download arbitrary files from the target system by exploiting the 'download.php' script in McGallery 0.5b. By manipulating the 'filename' parameter, an attacker can specify any file to be downloaded, including sensitive system files.
W-Agora is prone to multiple local file-include vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.An attacker can exploit these vulnerabilities to view and execute local files within the context of the webserver process or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Attackers can exploit this issue by sending a specially crafted voice transmission packet containing malicious data. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service condition.
Feindura CMS is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerabilities using directory-traversal strings to view and execute local files within the context of the webserver process. Information harvested may aid in further attacks. The attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
An attacker can exploit this SQL-injection issue to carry out unauthorized actions on the underlying database, which may compromise the application and aid in further attacks.
The 'com_projects' component for Joomla! is prone to an SQL-injection vulnerability and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. By using directory-traversal strings to execute local script code in the context of the application, the attacker may be able to obtain sensitive information that may aid in further attacks.
The NitroView ESM software fails to properly sanitize user-supplied input, which allows remote attackers to execute arbitrary commands on the appliance in the context of the webserver process.
Microsoft Windows 'lpksetup.exe' is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
The Absolute Image Gallery Gallery.ASP script is vulnerable to SQL injection. An attacker can exploit this vulnerability by manipulating the 'categoryid' parameter in the 'gallery.asp' script. By injecting SQL code, the attacker can bypass authentication, access unauthorized data, modify or delete data, or perform other malicious actions.
The WebCalendar v0.9.45 (13 Dec 2004) is vulnerable to remote file inclusion in the login.php, get_reminders.php, and get_events.php scripts. An attacker can include an arbitrary file by manipulating the includedir parameter in the URLs provided. This can lead to remote code execution and compromise of the affected system.