header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Denial-of-Service Vulnerability in Microsoft Windows Vista

Remote attackers may exploit this issue by submitting malicious ARP requests to the vulnerable computer. To exploit this issue, attackers must have access to the local network segment of a target computer. Remote attackers can exploit this issue to cause the network interface to stop responding, denying further service to legitimate users.

Multiple Cross-Site Scripting Vulnerabilities in Atlassian JIRA

The Atlassian JIRA application fails to properly sanitize user-supplied input, leading to multiple cross-site scripting vulnerabilities. An attacker can exploit this by injecting arbitrary script code into the browser of a victim user, allowing them to steal authentication credentials and launch further attacks.

Integer-Overflow Vulnerability in PHP

PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a buffer overflow and to corrupt process memory. Exploiting this issue may allow attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

PHP-Fusion ‘Calendar_Panel’ Module show_event.PHP (m_month) SQL Injection Exploit And PoC

PHP-Fusion is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation. This issue may help the attacker gain unauthorized access.

PHP open_basedir Restriction Bypass Vulnerability

The PHP open_basedir restriction-bypass vulnerability allows attackers to access sensitive information or write files in unauthorized locations. This vulnerability is due to a design error. It can be exploited in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code. The 'safe_mode' and 'open_basedir' restrictions are expected to isolate users from each other, but this vulnerability bypasses those restrictions.

LimeSurvey v2.00+ (build 131107) Script Insertion And SQL Injection Vulnerability

LimeSurvey suffers from a stored cross-site scripting and SQL Injection vulnerability. Input passed to the 'label_name' POST parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Input passed to the 'group_name' POST parameter is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

PHP integer-overflow vulnerability leading to heap-based buffer overflow

PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a heap-based buffer overflow. Exploiting this issue may allow attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

Recent Exploits: