header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

SQL Injection in Invision Power Board ‘ssi.php’ script

Invision Power Board's 'ssi.php' script is prone to an SQL injection vulnerability. Attackers can exploit this vulnerability by passing SQL statements to the underlying database through the script. Depending on the underlying database, this vulnerability can result in data corruption or theft, execution of commands or procedures on the database server, or exploitation of other vulnerabilities in the database.

Access Validation Vulnerability in AspDotNetStorefront

AspDotNetStorefront is prone to an access validation vulnerability that may allow a remote attacker to delete arbitrary contents from a vulnerable Web site. The issue occurs because the 'deleteicon.aspx' script does not validate access before allowing an unprivileged user to delete contents such as icons and images from the site. Other attacks may be possible as well, however, this has not been confirmed.

cPanel Remote SQL Injection Vulnerability in passwd script

cPanel is affected by a remote SQL injection vulnerability in the passwd script. The issue occurs when user-supplied URI parameter input is not properly sanitized before being used in an SQL query. Malicious SQL statements can be passed to the passwd script through URI parameters, allowing a malicious user to influence database queries and potentially view or modify sensitive information.

CVS Multiple Vulnerabilities

The vulnerabilities include a double free vulnerability, format string vulnerabilities, and integer overflows. There is also a null termination issue in the security patch for BID 10384, potentially leading to a server crash. Some of these issues may be leveraged to execute arbitrary code, while other issues may only result in a denial of service.

OpenBSD isakmpd Remote Denial of Service Vulnerability

An attacker can delete security associations and policies from IPSec VPN's by sending a malformed UDP ISAKMP packet to a vulnerable server. The malformed packet contains payloads for both setting up a new tunnel and deleting a tunnel. Isakmpd improperly acts upon the delete payload and terminates the associations and policies relating to the tunnel. This can result in the destruction of security associations, effectively eliminating the VPN connection between gateways and denying service to legitimate users of the VPN.

Multiple Remote Denial of Service Vulnerabilities in ToCA Race Driver

ToCA Race Driver is affected by multiple remote denial of service vulnerabilities. These vulnerabilities occur due to a failure of the application to handle exceptional network traffic. An attacker can exploit these vulnerabilities to crash or hang the application, resulting in a denial of service for legitimate users.

SurgeMail/WebMail Multiple Vulnerabilities

SurgeMail/WebMail is prone to multiple vulnerabilities. These issue result from insufficient sanitization of user-supplied data. The issues can allow an attacker to carry out path disclosure and cross-site scripting attacks.

Recent Exploits: