header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

MolyX BOARD 2.5.0 Local File Inclusion

This vulnerability allows an attacker to include local files on the server by manipulating the 'lang' parameter in the 'index.php' file. By using a relative path traversal technique, an attacker can access sensitive files such as the '/etc/passwd' file. This vulnerability affects all files within the MolyX BOARD 2.5.0 web application.

AnyDesk 2.5.0 Unquoted Service Path Elevation of Privilege

The Anydesk installs as a service with an unquoted service path running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.

LuxCal Web Calendar v2.4.2 / v2.5.0 SQL Injection Vulnerability

LuxCal Web Calendar versions 2.4.2 and 2.5.0 are vulnerable to SQL injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by sending a specially crafted HTTP request to the vulnerable application. This can allow an attacker to gain access to sensitive information stored in the database.

Super Multimedia Library 2.5.0 XSRF Vulnerability (Add Admin)

A Cross-Site Request Forgery (XSRF) vulnerability exists in Super Multimedia Library 2.5.0, which allows an attacker to add an admin user to the system. An attacker can craft a malicious HTML form and submit it to the vulnerable application, which will add the specified user to the system without any authentication.

Tandis CMS Multiple SQL Injection Vulnerabilities

Tandis CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Recent Exploits: