The vulnerability allows local attackers to execute arbitrary code with superuser privileges by exploiting a flaw in the 'pam_start()' function in OpenPAM. This can lead to the complete compromise of affected computers.
The PBCS Technology is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to compromise the application, access or modify data, or exploit other vulnerabilities in the database implementation.
The Linux kernel is prone to a local information-disclosure weakness. Successful exploits allow local attackers to obtain the password length of a victim's account; information harvested may aid in further attacks.
The Centreon application is prone to a remote command-injection vulnerability. Attackers can exploit this issue to execute arbitrary commands in the context of the application.
Oracle NoSQL is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain arbitrary local files in the context of the webserver process.
Multiple cross-site scripting vulnerabilities in XAMPP allow remote attackers to inject arbitrary web script or HTML via the (1) /security/xamppsecurity.php, (2) /xampp/perlinfo.pl, or (3) /xampp/cds.php URI.
The Admin Bot application is vulnerable to an SQL Injection attack due to insufficient sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability by injecting malicious SQL code into the 'wgo' parameter of the 'news.php' page. Successful exploitation could result in compromising the application, unauthorized access or modification of data, or exploitation of other latent vulnerabilities in the underlying database implementation.
This exploit allows an attacker to perform a remote BLIND SQL injection attack on XOOPS Module Camportail version 1.1. By exploiting this vulnerability, an attacker can retrieve sensitive information from the database, such as usernames and passwords.
SmartJobBoard is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Multiple Vendors' libc library is prone to a denial-of-service vulnerability due to stack exhaustion. Successful exploits will allow attackers to make the applications that use the affected library, unresponsive, denying service to legitimate users.
Services By CQR