header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Show More

Avaya IP Office Manager TFTP Server Directory Traversal Vulnerability

The vulnerability is caused due to improper validation to Read Request Parameter containing '../' sequences, which allows attackers to read arbitrary files via directory traversal attacks.

5.5
CVSS
MEDIUM
Directory Traversal
22
CWE
Product Name
Avaya IP Office Manager TFTP Server
Platforms Tested
Windows XP SP3
Affected Version
From:
Avaya IP Office Manager TFTP Server Version 8.1
To:
Avaya IP Office Manager TFTP Server Version 8.1
2011
Show More

MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflow

This module exploits a vulnerability found in MicroP 0.1.1.1600. A stack-based buffer overflow occurs when the content of a .mppl file gets copied onto the stack, which overwrites the lpFileName parameter of a CreateFileA() function, and results arbitrary code execution under the context of the user.

N/A
CVSS
N/A
Stack Buffer Overflow
119
CWE
Product Name
MicroP
Platforms Tested
Windows XP SP3 / Vista / 7
Affected Version
From:
MicroP 0.1.1.1600
To:
MicroP 0.1.1.1600
2010
Show More

LuxCal Web Calendar v2.4.2 / v2.5.0 SQL Injection Vulnerability

LuxCal Web Calendar versions 2.4.2 and 2.5.0 are vulnerable to SQL injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by sending a specially crafted HTTP request to the vulnerable application. This can allow an attacker to gain access to sensitive information stored in the database.

7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name
LuxCal Web Calendar
Platforms Tested
N/A
Affected Version
From:
2.4.2002
To:
2.5.2000
2011
Show More

ESTsoft ALPlayer 2.0 ASX Playlist File Handling Buffer Overflow Vulnerability

The vulnerability is caused due to a boundary error in the processing of a playlist file, which can be exploited to cause a stack-based buffer overflow when a user opens a specially crafted .asx file. Successful exploitation may allow execution of arbitrary code.

9.3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name
ALPlayer
Platforms Tested
Microsoft Windows XP Professional SP3 (EN)
Affected Version
From:
2.0.0.4
To:
2.0.0.4
2011

Recent Exploits:

RDPGuard 9.9.9 – Privilege Escalation

author
Ahmet Ümit BAYRAM
vendor
RDPGuard
severity
6.1
HIGH

YesWiki Unauthenticated Path Traversal

author
Al Baradi Joy
vendor
YesWiki
severity
7.1
HIGH

ABB Cylon Aspect 3.08.02 Stored Cross-Site Scripting Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
ABB Ltd.
severity
6.1
HIGH

Apache ActiveMQ 6.1.6 – Denial of Service (DOS)

author
Abdualhadi khalifa
vendor
Apache
severity
6.1
HIGH

GeoVision GV-ASManager 6.1.1.0 – CSRF

author
Giorgi Dograshvili [DRAGOWN]
vendor
GeoVision
severity
6.1
HIGH

ABB Cylon FLXeon 9.3.4 WebSocket Command Spawning Vulnerability

author
Zero Science Lab
vendor
ABB Ltd.
severity
6.1
HIGH

GestioIP 3.5.7 – Stored Cross-Site Scripting Vulnerability

author
m4xth0r (Maximiliano Belino)
vendor
GestioIP
severity
6.1
HIGH

Cacti 1.2.26 – Remote Code Execution (RCE) (Authenticated)

author
D3Ext
vendor
Cacti
severity
6.1
HIGH

Exclusive Addons for Elementor ≤ 2.6.9 – Authenticated Stored Cross-Site Scripting (XSS)

author
Al Baradi Joy
vendor
exclusiveaddons
severity
5.1
MEDIUM

Kentico Xperience 13.0.178 – Cross Site Scripting (XSS)

author
Alex Messham
vendor
Kentico
severity
6.1
HIGH

Navigation

Suggest Exploit

Services By CQR