ALPHA Player is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
This exploit allows attackers to execute arbitrary code by enticing a user to open a file from a network share location that contains a specially crafted DLL file. The vulnerability affects PowerDVD version 5.00.1107 and potentially other versions as well.
The vulnerability allows an attacker to inject SQL queries through the 'jobid' parameter in the 'joblogs.php' page of the Bacula-web application. This can lead to unauthorized access to the database and potentially execute malicious commands.
eXV2 CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The vulnerability is caused by an invalid include function in the comanda.php file, which allows an attacker to include remote files and execute arbitrary code.
The AdvertisementManager application fails to sufficiently sanitize user-supplied input, leading to local and remote file-include vulnerabilities. Exploiting these vulnerabilities may allow a remote attacker to obtain sensitive information or compromise the application and the underlying computer.
The 1CLICK DVD Converter is prone to multiple vulnerabilities that allow attackers to execute arbitrary code. An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
The vulnerability allows attackers to execute arbitrary code by enticing a legitimate user to open a file from a network share location containing a specially crafted DLL file.
PluXml is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
Ronny CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
Services By CQR