HotWeb Rentals is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
The Social Share application is vulnerable to a cross-site scripting (XSS) attack due to inadequate input sanitization. An attacker can exploit this vulnerability by injecting malicious script code into the 'search' parameter of the 'search.php' page. When an unsuspecting user visits the affected page, the injected script code will be executed in their browser, potentially allowing the attacker to steal sensitive information such as authentication credentials and launch further attacks.
MyBB is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
MyBB is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This exploit causes a remote stack overflow in Avant Browser (ALL Version) when connecting to http://127.0.0.1/. It was discovered by DATA_SNIPER. The exploit involves sending an evil packet to the server, causing it to crash.
The Social Share application fails to sufficiently sanitize user-supplied data, leading to an HTTP response-splitting vulnerability. Attackers can exploit this vulnerability to manipulate the way web content is served, cached, or interpreted, potentially deceiving users and compromising their trust.
The Accept Signups Plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The Joomla! Classified component is prone to an SQL-injection vulnerability. This vulnerability occurs because the component fails to properly sanitize user-supplied input before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries, which may allow them to bypass the authentication mechanism and gain unauthorized access to the application or the underlying database. This could lead to the compromise of sensitive information, data modification, or the exploitation of other latent vulnerabilities in the database.
ImpressCMS is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
The Mediatricks Viva Thumbs plugin for WordPress is prone to multiple information-disclosure vulnerabilities because it fails to properly sanitize user-supplied input. Attackers can exploit these issues using directory-traversal strings to confirm the existence of local files outside of the WordPress webroot. Information obtained can aid in launching further attacks.
Services By CQR