header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

LinuxStat Directory Traversal Vulnerability

LinuxStat is vulnerable to a directory traversal vulnerability. Attackers can exploit this vulnerability by using '../' directory traversal sequences in the affected URI argument, which can cause the inclusion of potentially sensitive web-server readable files in the output of the requested page. This can lead to information disclosure and further attacks.

MoniWiki Cross-Site Scripting Vulnerability

MoniWiki is prone to a cross-site scripting vulnerability due to improper sanitization of user-supplied URI input. An attacker can create a malicious URI link containing hostile HTML and script code. When a victim user follows this link, the code may be executed in their browser, potentially allowing the attacker to steal authentication credentials or launch other attacks.

OpenWFE Cross-Site Scripting and Connection Proxy Vulnerability

The OpenWFE application fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. This can be exploited by an attacker to steal authentication credentials and execute malicious code in a user's browser. Additionally, OpenWFE is also affected by a connection proxy vulnerability, allowing anonymous scanning of network computers.

Information Disclosure Vulnerability in Netbilling ‘nbmember.cgi’ script

The Netbilling 'nbmember.cgi' script is prone to an information disclosure vulnerability. This vulnerability can be exploited by remote attackers to gain access to user authentication credentials and potentially sensitive configuration information.

getgrnam() function overflow

This exploit targets the getgrnam() function overflow vulnerability in Solaris 2.5/2.5.1 (SPARC). The default offset should work. The exploit code is provided in the form of a shellcode. The author of this exploit is Pablo Sor from Buenos Aires, Argentina. The contact email address is psor@afip.gov.ar.

Denial of Service Vulnerability in Microsoft Windows XP

The vulnerability exists due to a lack of sufficient sanitization performed on WAV file header values before they are processed. An attacker can exploit this vulnerability to cause the Windows Explorer process to consume CPU resources, resulting in a denial of service condition.

UBBCentral UBB.threads SQL Injection Vulnerability

The UBBCentral UBB.threads application is prone to an SQL injection vulnerability due to a failure in validating user-supplied URI input. A malicious user can exploit this vulnerability to manipulate database queries and potentially access or modify sensitive information.

Integer Underflow Vulnerability in iptables Logging Rules

This exploit takes advantage of an integer underflow vulnerability in the iptables logging rules of the Linux kernel 2.6 branch. A remote attacker can use this vulnerability to crash a computer running the affected kernel. The 2.6 Linux kernel is reported to be prone to this vulnerability, while the 2.4 kernel is not vulnerable.

Apache mod_include Local Buffer Overflow Vulnerability

The vulnerability exists in the mod_include module of Apache 1.3.x. It occurs when the module attempts to parse mod_include-specific tag values and fails to properly validate the lengths of user-supplied tag strings before copying them into finite buffers, allowing for a buffer overflow. A local attacker can exploit this vulnerability to execute arbitrary code on the affected computer with the privileges of the affected Apache server.

Recent Exploits: