The F8 Lite theme for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
This exploit allows an attacker to perform a blind SQL injection attack on the XOOPS Module Lykos Reviews 1.00 (index.php). The vulnerability allows the attacker to extract sensitive information from the database.
The Hybrid theme for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The Atahualpa theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Bitweaver is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Joomla! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.An attacker could leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Traq is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
An attacker can exploit these issues to execute arbitrary HTML and script code in the context of the browser or the Web server, gain access to sensitive information, send multiple SMS messages, and perform certain administrative tasks. Other attacks are also possible.
Vanira CMS is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
The vulnerabilities allow attackers to execute arbitrary script code in the context of the affected website, potentially leading to the theft of cookie-based authentication credentials and other attacks.