Exploits 2485 - exploit.company

explore-vulnerabilities

Explore Vulnerabilities

Explore all Exploits:

Show More

FULLY FUNCTIONAL ASP FORUM – MtMWebForum 1.0 DB Download Vulnerability

A vulnerability in the FULLY FUNCTIONAL ASP FORUM - MtMWebForum 1.0 script allows an attacker to download the database by accessing the URL http://server/FULLY/ForumDb.mdb.

Database Download Vulnerability

FULLY FUNCTIONAL ASP FORUM - MtMWebForum

Platforms Tested

Affected Version

Show More

BaalASP 2.0 DB Download Vulnerability

The vulnerability allows an attacker to download the database of the application by accessing the URL http://server/BaalASP/database/baalsmartform.mdb

Database Download

Platforms Tested

Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)

Affected Version

Show More

Asp Uguestbook DB Download Vulnerability

The vulnerability allows an attacker to download the database of the vulnerable application. The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted request to the vulnerable application and download the database. Successful exploitation of this vulnerability may result in unauthorized access to sensitive information.

Database Download Vulnerability

Uguestbook !talian script

Platforms Tested

Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)

Affected Version

Interactive Tools

Show More

htmlArea v2.03 DB Download Vulnerability

The vulnerability allows an attacker to download the database of the htmlArea v2.03 application. The attacker can access the database by sending a request to the URL http://server/htmlArea/data/newsdata.mdb.

DB Download Vulnerability

Platforms Tested

Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)

Affected Version

Show More

Futility Forum 1.0 Revamp DB Download Vulnerability

The vulnerability allows an attacker to download the database of the Futility Forum 1.0 Revamp application. The attacker can access the database by sending a request to the message.mdb file.

Database Download Vulnerability

Futility Forum 1.0 Revamp

Platforms Tested

Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)

Affected Version

Futility Forum 1.0 Revamp

Futility Forum 1.0 Revamp

Show More

[ AspBB ] – Active Server Page Bulletin Board DB Download Vulnerability

The vulnerability allows an attacker to download the database of the AspBB bulletin board. The attacker can access the database by sending a request to the URL http://server/AspBB/db/betaboard.mdb

DB Download Vulnerability

Platforms Tested

Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)

Affected Version

Show More

QuickEStore v.7.9 SQLInjection and Path Diclosure Download Vulnerability

Input passed to the 'CategoryID' parameter in prodpage.cfm, the 'SubCatID' parameter in index.cfm, the 'OrderID' parameter in shipping.cfm, and to the 'ItemID' parameter in proddetail.cfm is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Note that error messages disclose the full installation path.

Platforms Tested

Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)

Affected Version

Show More

PSnews DB Download Vulnerability

The vulnerability allows an attacker to download the database of the PSnews application. The attacker can access the database by sending a request to the URL http://server/PSnews/PSnews_th3_d4t4b453.mdb.

Database Download

Platforms Tested

Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)

Affected Version

Show More

Asp jgbbs-3.0beta1 DB Download Vulnerability

A vulnerability in the jgbbs-3.0beta1 script allows an attacker to download the database file bbs.mdb from the server.

Database Download

Platforms Tested

Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)

Affected Version

Show More

Dren’s PHP Uploader Remote File Upload Vulnerability

A vulnerability exists in Dren's PHP Uploader which allows an attacker to upload a malicious file to the server. The attacker can then access the uploaded file by accessing the URL http://localhost/path/files/shell.php

Remote File Upload

Dren's PHP Uploader

Platforms Tested

Affected Version

Recent Exploits:

RDPGuard 9.9.9 – Privilege Escalation

author

Ahmet Ümit BAYRAM

vendor

severity

YesWiki Unauthenticated Path Traversal

author

vendor

severity

ABB Cylon Aspect 3.08.02 Stored Cross-Site Scripting Vulnerability

author

Gjoko 'LiquidWorm' Krstic

vendor

severity

Apache ActiveMQ 6.1.6 – Denial of Service (DOS)

author

Abdualhadi khalifa

vendor

severity

GeoVision GV-ASManager 6.1.1.0 – CSRF

author

Giorgi Dograshvili [DRAGOWN]

vendor

severity

ABB Cylon FLXeon 9.3.4 WebSocket Command Spawning Vulnerability

author

Zero Science Lab

vendor

severity

GestioIP 3.5.7 – Stored Cross-Site Scripting Vulnerability

author

m4xth0r (Maximiliano Belino)

vendor

severity

Cacti 1.2.26 – Remote Code Execution (RCE) (Authenticated)

author

vendor

severity

Exclusive Addons for Elementor ≤ 2.6.9 – Authenticated Stored Cross-Site Scripting (XSS)

author

vendor

exclusiveaddons

severity

Kentico Xperience 13.0.178 – Cross Site Scripting (XSS)

author

vendor

severity