header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

e107 Plugin Akira Powered’s ‘Image Gallery’ Remote SQL-injetion Vulnerability

e107 Plugin Akira Powered's 'Image Gallery' is vulnerable to a remote SQL-injection vulnerability. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords. The vulnerability is caused due to the improper sanitization of user-supplied input to the 'page' and 'image' parameters in the 'image_gallery.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script. Successful exploitation of this vulnerability can result in unauthorized access to the database.

DESlock+ Virtual Token Driver – 1.0.2.43 – vdlptokn.sys DoS Exploit

Data Encryption Systems Ltd.’s DESlock+ Virtual Token Driver version 1.0.2.43 contains a vulnerability that can be exploited to cause a denial of service. The vulnerability is due to the driver failing to properly validate user-supplied input when handling certain IOCTLs. An attacker can exploit this vulnerability by sending a specially crafted IOCTL to the driver, resulting in a denial of service condition.

Rianxosencabos CMS 0.9 Arbitrary Add-Admin Vulnerability

Rianxosencabos CMS 0.9 has Vulnerability to escalate user to administartor's privilege. That Vulnerable in 'http://[Target]/[rsccms_path]/?s=admin&accion=lista' and You can Arbitrary change user's permission or delete user. This action will give your account can use All Admin Control Panel with Administrative's Privilege or Arbitrary Delete account in website.

Availscript Jobs Portal Script

Availscript Jobs Portal Script is vulnerable to a remote file upload vulnerability. An attacker can register as an employer and upload a malicious file to the server. This can be done by visiting the registeremp.php page and logging in. Then, the attacker can visit the editlogo.php page and upload a malicious file such as a shell.php file.

6rbScript V3.3 (singerid) Remote SQL Injection Vulnerability

An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable server. The attacker can use the ‘singerid’ parameter to inject malicious SQL code into the application. This can allow the attacker to gain access to the database and potentially execute arbitrary code on the server.

PHPKB Knowledge Base Software v1.5 Professional (question.php) – SQL Injection Vulnerability

An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable application. This can be done by appending the malicious SQL query to the vulnerable parameter in the HTTP request. This can allow an attacker to gain access to sensitive information such as usernames and passwords stored in the database.

TWiki Remote Code Execution <= 4.2.2

The 'configure' file in TWiki's bin folder is vulnerable to code execution and local file inclusion. According to TWiki's documentation this file is meant to be protected with .htaccess, but many a times you find it is not. An attacker can exploit this vulnerability by sending a malicious HTTP request to the vulnerable server.

Unreal Tournament 3 Directory Traversal Vulnerability

UT3, as any other game based on the Unreal engine, has an internal web server called uWeb for controlling the own server remotely using a web browser. This interface is disabled by default and in the case of UT3 are needed the additional files located on http://ut3webadmin.elmuerte.com (choice made by Epic for fixing possibly issues more quickly). In the last 1.3 patch released the 13th August 2008 has been made a bad and unusual modification to uWeb. In fact the WebAdmin component is composed by two sub components/classes called UTServerAdmin (used for everything) and UTImageServer used only for the handling of the HTTP requests for the files in the /images folder. In the script of the ImageServer component in version 1.3 has been made the following change which has removed the limitation of downloading only files with the extentions JPG, JPEG, GIF, BMP and PNG.

Recent Exploits: