The Digest module for Perl is prone to a vulnerability that will let attackers inject and execute arbitrary Perl code. Remote attackers can exploit this issue to run arbitrary code in the context of the affected application.
Remote attackers can exploit this issue to cause the application to crash, denying service to legitimate users.
ezCourses is prone to a security-bypass vulnerability because it fails to properly validate user-supplied input. Attackers could exploit the issue to bypass certain security restrictions and add or change the 'admin' account password.
SonicWall Viewpoint is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The Trending theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The vulnerability exists because the application does not properly sanitize user-supplied input. An attacker can exploit this vulnerability by injecting arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other attacks.
The WP Bannerize plug-in for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
A2CMS is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks.
The RedLine theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
This script exploits a blind SQL injection vulnerability in the XOOPS Module Library (viewcat.php) script. It allows an attacker to extract the username and password from the xoops_users table by injecting a UNION SELECT statement.
Services By CQR