header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Honeywell HSC Remote Deployer ActiveX Remote Code Execution

This modules exploits a vulnerability found in the Honewell HSC Remote Deployer ActiveX. This control can be abused by using the LaunchInstaller() function to execute an arbitrary HTA from a remote location. This module has been tested successfully with the HSC Remote Deployer ActiveX installed with HoneyWell EBI R410.1.

NetNote Server Remote Denial of Service Vulnerability

The NetNote server is prone to a remote denial of service vulnerability. This vulnerability occurs because the application does not handle exceptional conditions properly. By sending a specially crafted payload to the server, an attacker can cause the server to crash, resulting in a denial of service.

Thefacebook Cross-Site Scripting Vulnerabilities

Thefacebook is affected by various cross-site scripting vulnerabilities. These vulnerabilities occur due to a failure to properly sanitize user-supplied URI input. An attacker can create a malicious URI link containing hostile HTML and script code. If a victim user follows this link, the malicious code can be executed in the web browser, potentially leading to the theft of authentication credentials or other attacks.

Remote HTTP Response Splitting Vulnerability in phpWebSite User Module

A remote HTTP response splitting vulnerability reportedly affects phpWebSite in its user module. This issue is due to a failure of the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.

Private Message System Multiple Vulnerabilities

Private Message System is prone to multiple vulnerabilities that can allow remote attackers to carry out cross-site scripting attacks and disclose arbitrary private messages. The vulnerability exists in the 'message_send.php' script, specifically in the 'tid' parameter. An attacker can exploit this issue by injecting arbitrary HTML or script code into the vulnerable parameter, potentially allowing them to steal sensitive information or execute arbitrary code in the context of the affected site.

Multiple Remote Vulnerabilities in 04WebServer

The vulnerabilities in 04WebServer allow for cross-site scripting attacks and log injection due to improper input sanitization. An attacker can exploit these issues to execute arbitrary scripts on the affected server and inject arbitrary characters into log files, potentially leading to corruption.

Recent Exploits: