header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Cross-Site Scripting Vulnerability in PHP Membership Manager

PHP Membership Manager is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Remote Format String Vulnerability in xine

The 'xine' program is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the application and to compromise affected computers.

Apple Software Update Format String Vulnerability

Apple Software Update is prone to a format-string vulnerability. This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. A successful attack may crash the application or possibly lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context of the user running the application.

Virtual Host Administrator Remote File-Include Vulnerability

Virtual Host Administrator is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Mac OS X QuickDraw Remote Memory-Corruption Vulnerability

The vulnerability exists in Mac OS X QuickDraw due to its failure to handle malformed PICT image files correctly. This can be exploited by remote attackers to corrupt memory and crash the affected software. It may also potentially allow the execution of arbitrary machine code, although this has not been confirmed.

Recent Exploits: