A stack buffer overflow vulnerability exists in gAlan 0.2.1. The vulnerability is due to inadequate boundary checks on user-supplied input. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code in the context of the application.

A stack-based buffer overflow exists in Fatek Automation PLC WinProladder. The vulnerability is due to improper validation of user supplied data before copying to a stack-based buffer. A remote attacker could exploit this vulnerability by sending a crafted pdw file over a network to the vulnerable application.

A directory traversal vulnerability exists in Brocade Network Advisor. The vulnerability is due to lack of authentication and insufficient input validation when processing HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending a request with a crafted URL to the target server which can enable unauthorized access to sensitive information.

Multiple vulnerabilities exist in AVTECH devices. An attacker could exploit this vulnerability via direct requests. Successful exploitation of this vulnerability could allow a remote attacker to gain access to the devices.

FusionVM is a vulnerability scanning product. Remote attackers can use FusionVM to detect vulnerabilities on a target server.

A remote code execution vulnerability exists in WeBid. The vulnerability is due to the way WeBid handles injected PHP code in the includes/currencies.php script without any authentication. A remote attacker can exploit this issue by sending a specially crafted HTTP request.

CMSmap is a dedicated vulnerability scanning product for Content Management Systems. Remote attackers can use CMSmap to detect vulnerabilities on a target server.

A remote code execution vulnerability exists in CakePHP. The vulnerability is due to the way the security component of CakePHP fails to validate user input. A remote attacker can exploit this issue by sending a specially crafted HTTP request.

An information disclosure vulnerability exists in Trend Micro Control Manager. The vulnerability is due to security misconfiguration which allows access to the unreferenced download.php file, which in turn allow reading of the arbitrary files.