header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Directory Traversal and Cross-Site Scripting Vulnerabilities in 1st Class Mail Server

Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks. The vulnerability exists in the 'general.tagz' file of 1st Class Mail Server, where an attacker can manipulate the 'Site' and 'Mailbox' parameters to execute arbitrary code or access sensitive files on the server.

Multiple vulnerabilities in 1st Class Mail Server

The 1st Class Mail Server version 4.01 is vulnerable to directory traversal and cross-site scripting attacks. An attacker can exploit these vulnerabilities by manipulating the 'viewmail.tagz' parameter in the URL, allowing them to access arbitrary files on the server and inject malicious HTML code.

LCDproc Server Multiple Remote Vulnerabilities

The LCDproc Server (LCDd) is prone to multiple remote vulnerabilities. The first issue exists in the parse_all_client_messages() function of parse.c, where a lack of sufficient boundary checks on user-supplied arguments allows a remote attacker to execute arbitrary instructions in the context of the vulnerable service. The second issue exists in the test_func_func() function of client_functions.c, where a lack of sufficient boundary checks allows an attacker to trigger a buffer overflow. The third issue is due to an erroneous implementation of a formatted print function in the test_func_func() function of client_functions.c, allowing a remote attacker to execute code in the context of the affected service.

NukeCalendar Multiple Vulnerabilities

NukeCalendar, a third-party calendar module for PHP-Nuke, is vulnerable to multiple security issues. These include path disclosure, SQL injection, and cross-site scripting. These vulnerabilities can lead to the disclosure of sensitive information, compromise of user accounts, compromise of the bulletin board, and potential attacks against the database through SQL injection.

Multiple Vulnerabilities in NukeCalendar

NukeCalendar, a third-party calendar module for PHP-Nuke, is vulnerable to multiple issues including path disclosure, SQL injection, and cross-site scripting. These vulnerabilities can lead to the disclosure of sensitive information, compromise of user accounts and bulletin boards, and potential attacks against the database through SQL injection.

Multiple vulnerabilities in NukeCalendar module for PHP-Nuke

The NukeCalendar module for PHP-Nuke is prone to multiple vulnerabilities including path disclosure, SQL injection, and cross-site scripting. These vulnerabilities could result in the disclosure of sensitive information, compromise of user accounts or bulletin boards, and possible attacks against the database implementation itself through SQL injection.

FirstClass Desktop Client Local Buffer Overflow Vulnerability

The FirstClass Desktop Client is prone to a local buffer overflow vulnerability. This vulnerability could allow attackers to execute arbitrary code on a vulnerable system, potentially leading to elevated privileges. The issue is reported to exist due to the 'PROXYADDR' variable of the 'LOCAL NETWORK.FCP' configuration file.

Recent Exploits: