header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

MegaBook HTML Injection Vulnerabilities

MegaBook is prone to multiple HTML injection vulnerabilities. This is due to insufficient sanitization of HTML and script code from user-supplied input, including input supplied to the administrative login page and via the client HTTP User-Agent: header field. Exploitation of these issues could permit hostile HTML or script code to be injected into the guestbook system and rendered in the browser of a legitimate guestbook user.

Buffer Overrun in Elm

A buffer overrun has been discovered in Elm. The problem occurs due to insufficient bounds checking performed before copying user-supplied data into an internal memory buffer. Specifically, a TERM environment variable containing excessive data would cause a buffer within Elm to be overrun. As Elm is installed setgid on some systems, the exploitation of this vulnerability could potentially allow for the elevation of local privileges.

Infinity CGI Exploit Scanner

Infinity CGI Exploit Scanner is prone to a remote command execution vulnerability. This is due to insufficient sanitization of input supplied via URI parameters. Exploitation could allow for execution of commands with the privileges of the web server process.

PostNuke ‘modules.php’ Cross-Site Scripting Vulnerability

The PostNuke 'modules.php' script does not sufficiently sanitize data supplied via URI parameters, making it prone to cross-site scripting attacks. This could allow for execution of hostile HTML and script code in the web client of a user who visits a web page that contains the malicious code. Exploitation could allow for theft of cookie-based authentication credentials. Other attacks are also possible.

Microsoft Internet Explorer File Loading Vulnerability

Microsoft Internet Explorer is prone to an issue which could permit an attacker to load a known, existing file in a user's temporary directory (or possibly other directories in a user's profile). It is possible to exploit this issue via a malicious web page or HTML document. Exploitation would either require that an attacker already knows of a file in the user's temporary directory or that the attacker can place an arbitrary file in this directory.

Buffer Overflow Vulnerability in kon2 Utility

A buffer overflow vulnerability has been reported for the kon2 utility shipped with various Linux distributions. Exploitation of this vulnerability may result in a local attacker obtaining elevated privileges on a vulnerable system. The vulnerability exists due to insufficient bounds checking performed on some commandline options passed to the vulnerable utility.

Xmame Locally Exploitable Buffer Overflow

Xmame is prone to a locally exploitable buffer overflow. This is due to insufficient bounds checking of the command line parameter used to specify language settings (--lang). Successful exploitation on some systems could result in execution of malicious instructions with elevated privileges.

Recent Exploits: