header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Codefixer Membership Remote Database Disclosure Vulnerability

The vulnerability allows a remote attacker to gain access to the membership database of the Codefixer Membership script system. The vulnerability exists due to the lack of authentication for the members.mdb file. A remote attacker can send a request to the vulnerable script and gain access to the membership database.

Arbitrary File Upload in OSSIM

The vulnerability is caused due to an improper check in “repository_attachment.php” script, allowing the upload of files with arbitrary extensions to a folder inside the Webroot. This can be exploited to e.g. execute arbitrary PHP code by uploading a specially crafted PHP script containing some kind of Web Shell. Also, using path traversal technique, an attacker can change the original destination path.

Advisory Name: SQL injection in OSSIM

A vulnerability has been discovered in OSSIM, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id_document" parameter to repository_attachment.php is not properly sanitized before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

iSupport <= 1.8 XSS/Local File Include Exploit

iSupport version 1.8 is vulnerable to Cross-Site Scripting (XSS) and Local File Inclusion (LFI) attacks. An attacker can inject malicious JavaScript code into the vulnerable parameters of the application, which will be executed in the browser of the victim. An attacker can also exploit the LFI vulnerability to read sensitive files from the server.

Recipe Script v5.0 (Shell Upload/XSRF/XSS) Multiple Vulnerabilities

We can use the following exploit to change users email and then go to 'forget your password' form and it will send us password on the email. We can upload a shell to the server using the following exploit. We can use the following exploit to change admin password and send email to subscribers. We can use the following exploit to inject malicious code into the application. We can use the following exploit to inject malicious code into the application.

JM CMS 1.0 <== 1.0 (Auth Bypass) SQL Injection Vulnerability

JM CMS 1.0 is vulnerable to an authentication bypass vulnerability due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability by supplying a specially crafted username parameter in the login form. By supplying a username parameter of 'admin' or 1=1--, an attacker can bypass authentication and gain access to the administrative panel.

Monkey HTTP Daemon Denial-of-Service Vulnerability

Monkey HTTP Daemon is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application to crash, denying service to legitimate users. Versions prior to Monkey HTTP Daemon 0.9.3 are vulnerable. A python script is available to exploit this vulnerability.

Family Connections <= 2.1.3 Multiple Remote Vulnerabilities

Many fields are not properly sanitised and some checks can be bypassed. All fields that were tested are vulnerable to Blind SQL Injection. An attacker may try to exploit this vulnerability using the full path disclosure released by the MySQL error to write a file into the remote file system, using as destination path the gallery directories, where the permissions must be setted to 777. When we want to write a module to upload a file, we must check the file extension. The application doesn't check the file extension, so an attacker can upload a malicious file with a double extension like .php.jpg. The application also doesn't check the file extension, so an attacker can upload a malicious file with a double extension like .php.jpg.

SitePal v1.1(Auth Bypass) Remote SQL Injection Vulnerability

A vulnerability exists in SitePal v1.1 which allows an attacker to bypass authentication and gain access to the application. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with a username of 'admin' and a password of 'X' or '1=1--' to the server/SitePalDemo/z_admin_login.asp page.

Recent Exploits: