header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Winamp <= 5.57 Stack Overflow

A stack overflow vulnerability exists in Winamp versions 5.57 and 5.56. An attacker can exploit this vulnerability by sending a specially crafted audio/x-mpegurl header to the vulnerable application. This will cause a stack overflow, resulting in a denial of service.

PoC: XSS in Installation File

The web application is vulnerable to XSS in its installation file. An attacker can post data without any security, allowing them to put malicious code in the host textbox on the install.php?step=2 page. This malicious code can then be executed, allowing for path disclosure.

Joomla Component com_mediaslide Directory Traversal Vuln

A directory traversal vulnerability exists in the Joomla component com_mediaslide. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This request contains a maliciously crafted path parameter which can be used to traverse the directory structure of the server. The vulnerability can be exploited by sending a request to the vulnerable server with the following URL: http://server/components/com_mediaslide/viewer.php?path=/../..

PHPhotoalbum Remote sql injection Vulnerability

This vulnerability allows an attacker to inject malicious SQL code into the PHPhotoalbum application. By sending a specially crafted HTTP request to the application, an attacker can execute arbitrary SQL commands on the underlying database. This can be used to gain access to sensitive information such as usernames and passwords.

JCal Pro Component Remote File Include Vulnerability

A remote file include vulnerability exists in JCal Pro Component, which allows an attacker to include a remote file containing malicious code on the vulnerable system. This vulnerability is due to insufficient sanitization of user-supplied input in the 'mosConfig_absolute_path' parameter of the 'cal_popup.php' script. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable script. Successful exploitation could result in arbitrary remote code execution.

VideoCMS SQL injection vulnerability – (id)

A SQL injection vulnerability exists in VideoCMS version 3.1 or lower. An attacker can send a specially crafted HTTP request to the vulnerable server in order to execute arbitrary SQL commands in the back-end database. The vulnerable parameter is the 'v' parameter in the 'index.php' script. An attacker can exploit this issue by sending a malicious HTTP request containing a specially crafted SQL statement to the vulnerable script. This can be used to manipulate the back-end database content, compromise the application, access or modify sensitive data, or exploit various other vulnerabilities in the underlying database implementation.

webCocoon’s simpleCMS Vulnerability

An SQL injection vulnerability exists in the webCocoon's simpleCMS plugin, which allows an attacker to execute arbitrary SQL commands via the 'id' parameter in the 'show.php' file. The vulnerable code is located in the 'show.php' file, where the 'id' parameter is not properly sanitized before being used in an SQL query. An attacker can exploit this vulnerability by sending a specially crafted HTTP POST request to the 'index.php' file, which contains malicious SQL commands.

Recent Exploits: