header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

IE8.0.7100.0 on W7 x64 RC

This vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted HTML document. This vulnerability affects Internet Explorer 8.0.7100.0 on Windows 7 x64 RC. The vulnerability is due to the application not properly sanitizing user-supplied input. An attacker can exploit this vulnerability to inject arbitrary web script or HTML into a user's browser in the context of the affected application. This may allow the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.

BlazeDVD 5.1 Professional/Blaze HDTV Player 6.0 /(.PLF File) Universal Buffer Overflow Exploit (SEH)

A buffer overflow vulnerability exists in BlazeDVD 5.1 Professional/Blaze HDTV Player 6.0 /(.PLF File) due to improper bounds checking of user-supplied data. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. This vulnerability is triggered when a specially crafted .PLF file is opened, which causes a buffer overflow, overwriting the SEH handler.

Perl$hop Multiple Vulnerabilities

Perl$hop is an e-commerce script developed by Waverider Systems. It contains multiple vulnerabilities such as Cross Site Scripting (XSS), Directory Traversal, and Code Execution. The GET variable ?thispage? is vulnerable to a directory traversal and potential code execution depending on the environment. The GET variable CUR, thispage, LANG, and most likely others contain cross site scripting vulnerabilities.

Elgg <= 1.5 Remote File Include Vulnerability

A remote file include vulnerability exists in Elgg version 1.5 and below. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to include a remote file containing arbitrary code and execute it in the context of the webserver process.

MediaCoder 0.7.1.4486 (.lst) Universal Buffer overflow (SEH)

MediaCoder 0.7.1.4486 is vulnerable to a universal buffer overflow vulnerability when a specially crafted .lst file is opened. This can be exploited to execute arbitrary code by corrupting the SEH chain and overwriting the return address with a pointer to malicious code.

MOC Designs PHP News v1.1 (Auth Bypass) SQL Injection Vulnerability

MOC Designs PHP News v1.1 is vulnerable to an authentication bypass vulnerability due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability by supplying a crafted input to the 'User' and 'Password' fields of the login page. This will allow the attacker to bypass authentication and gain access to the application.

Linux Kernel <= 2.6.31-rc5 sigaltstack 4-Byte Stack Disclosure

Linux Kernel <= 2.6.31-rc5 sigaltstack 4-Byte Stack Disclosure is an information disclosure vulnerability which allows an attacker to leak 4 bytes of uninitialized kernel stack from the padding between stack_t's ss_flags and ss_size. This vulnerability only affects 64-bit hosts.

PaymentProcessorScript.net R-Sql/B-Sql Multiple Vulns

PaymentProcessorScript.net is prone to a SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Recent Exploits: