header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

PHPX Input Validation Vulnerabilities

The PHPX application is vulnerable to multiple input-validation vulnerabilities due to improper sanitization of user-supplied input. These vulnerabilities can be exploited by an attacker to steal cookie-based authentication credentials, execute arbitrary script code within the webserver process context, compromise the application, gain access to sensitive information, modify data, or exploit latent vulnerabilities in the underlying database implementation.

Input-validation vulnerabilities in PHPX

The PHPX application fails to properly sanitize user-supplied input, leading to multiple input-validation vulnerabilities. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, execute arbitrary script code, compromise the application, obtain sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

PHPX Multiple Input-Validation Vulnerabilities

PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitrary script code in the context of the webserver process, compromise the application, obtain sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Integer Underflow Vulnerability in file(1) command

The file(1) command is prone to an integer-underflow vulnerability because the command fails to adequately handle user-supplied data. An attacker can leverage this issue to corrupt heap memory and execute arbitrary code with the privileges of a user running the command. A successful attack may result in the compromise of affected computers. Failed attempts will likely cause denial-of-service conditions.

PHP register_globals Directive Activation Weakness

This weakness allows attackers to enable the 'register_globals' directive in PHP by exploiting a memory-limit exception. Enabling 'register_globals' may allow further exploitation of latent vulnerabilities in PHP scripts. This issue is related to the weakness found in the non-multibyte 'parse_str()' from BID 15249.

Php-Stats SQL Injection Vulnerabilities

Php-Stats is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

Cross-Site Scripting Vulnerability in Oracle Portal

Oracle Portal is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Holtstraeter Rot 13 Directory Traversal Vulnerability

Holtstraeter Rot 13 is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve the contents of arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.

Recent Exploits: