header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

SPAMINA Cloud Email Firewall Directory Traversal Vulnerability

SPAMINA Cloud Email Firewall is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. A remote attacker could exploit the vulnerability using directory-traversal characters ('../') to access arbitrary files that contain sensitive information. Information harvested may aid in launching further attacks.

VLC v. 1.1.11 .eac3 DOS

VLC Media Player is prone to a denial-of-service vulnerability. Successful exploits may allow attackers to crash the affected application, denying service to legitimate users. VLC Media Player 1.1.11 is vulnerable; other versions may also be affected. The exploit includes a code update to an eac3 file, which can be found on the Videolan FTP server.

xBoard Local File-Include Vulnerability

xBoard is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts. This could allow the attacker to compromise the application and the computer; other attacks are also possible.

Advanced Dewplayer Plugin Directory Traversal Vulnerability

The Advanced Dewplayer plugin for WordPress is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks.

CMS Afroditi SQL Injection Vulnerability

CMS Afroditi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

AFCommerce Multiple Remote File-Include Vulnerabilities

AFCommerce is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary script code in the context of the web server process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

WordPress Cross-Site Request-Forgery Vulnerability

WordPress is prone to a cross-site request-forgery vulnerability because it does not properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are also possible.

JForum Cross-Site Request Forgery Vulnerability

JForum is prone to a cross-site request-forgery vulnerability because the application does not properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are also possible.

Hancom Office Remote Heap-Based Buffer-Overflow Vulnerability

Hancom Office is prone to a remote heap-based buffer-overflow vulnerability. An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious '.hml' document file. Successful exploits will result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.

Recent Exploits: