header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

VEGO Links Builder SQL Injection Vulnerability

VEGO Links Builder is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

VEGO Web Forum SQL Injection Vulnerability

The VEGO Web Forum is prone to an SQL injection vulnerability. This vulnerability occurs due to a failure in the application's input sanitization process. An attacker can exploit this vulnerability by supplying malicious input that is not properly sanitized, which is then used in an SQL query. Successful exploitation of this vulnerability can lead to compromise of the application, disclosure or modification of data, or exploitation of vulnerabilities in the underlying database implementation.

Apple Airport 802.11 Probe Response Kernel Memory Corruption

The Apple Airport driver provided with Orinoco-based Airport cards (1999-2003 PowerBooks, iMacs) is vulnerable to a remote memory corruption flaw. When the driver is placed into active scanning mode, a malformed probe response frame can be used to corrupt internal kernel structures, leading to arbitrary code execution. This vulnerability is triggered when a probe response frame is received that does not contain valid information element (IE) fields after the fixed-length header. The data following the fixed-length header is copied over internal kernel structures, resulting in memory operations being performed on attacker-controlled pointer values.

Session Hijacking and Mail Downloading Exploit for CommuniGatePro 4.0.6

This exploit code allows an attacker to hijack a session and download messages from the victim's mailbox in CommuniGatePro 4.0.6. The attacker needs to place the exploit code in the cgi-bin and configure the necessary variables. They can then send a victim an HTML message with an image source pointing to AnyImage.gif. When the victim reads the message, the script will download messages 1 to 10 from their mailbox.

Remote File Include Vulnerability in oaBoard Application

The oaBoard application is prone to a remote file-include vulnerability. As a result, remote users may specify external PHP scripts to be included by the application. This could result in the execution of arbitrary PHP code in the context of the webserver hosting the application.

Cross-Site Scripting Vulnerability in phpDocumentor

The phpDocumentor application fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability by injecting arbitrary script code into the affected site, which can result in the execution of malicious code in the browser of an unsuspecting user. This can lead to the theft of authentication credentials and enable various other attacks.

Cross-Site Scripting Vulnerabilities in Kayako SupportSuite

Multiple cross-site scripting vulnerabilities exist in Kayako SupportSuite. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a user visiting the affected site. This can lead to the theft of authentication credentials stored in cookies and other malicious activities.

Recent Exploits: