header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

ASP-Rider SQL Injection Vulnerability

ASP-Rider is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. An example Referer header has been supplied: http://[SQLINJECTION]

Cross-Site Scripting Vulnerabilities in SearchSolutions SearchFeed, RevenuePilot, and Google API

The vulnerabilities exist due to a lack of proper sanitization of user-supplied input in SearchSolutions SearchFeed, RevenuePilot, and Google API. An attacker can exploit these vulnerabilities by injecting arbitrary script code into the affected site, leading to the execution of malicious code in the browser of unsuspecting users. This can result in the theft of authentication credentials and other potential attacks.

Local File Include Vulnerability in PHP Doc System

PHP Doc System is prone to a local file-include vulnerability. This is due to the application's failure to properly sanitize user-supplied input. This may facilitate the unauthorized viewing of files and unauthorized execution of local PHP code.

Multiple Local File Include and Information Disclosure Vulnerabilities in GuppY

An attacker can execute arbitrary server-side script code and gain unauthorized access by exploiting these vulnerabilities in GuppY. The attacker can also read arbitrary files on the affected computer using directory traversal sequences and NULL characters.

GuppY Local File Include and Information Disclosure Vulnerabilities

An attacker can execute arbitrary server-side script code and gain unauthorized access by exploiting these vulnerabilities in GuppY. The attacker can also disclose arbitrary files on the affected computer using directory traversal sequences and NULL characters.

GuppY Multiple Local File Include and Information Disclosure Vulnerabilities

GuppY is affected by multiple local file include and information disclosure vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code that resides on an affected computer with the privileges of the Web server process. This may potentially facilitate unauthorized access. It should be noted that these issues may also be leveraged to read arbitrary files on an affected computer with the privileges of the Web server. An attacker can employ directory traversal sequences and NULL characters to disclose arbitrary files.

Multiple SQL Injection Vulnerabilities in Helpdesk Issue Manager

The Helpdesk Issue Manager is prone to multiple SQL injection vulnerabilities. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

PHP Web Statistik Content Injection Vulnerabilities

PHP Web Statistik is prone to multiple content injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The vulnerabilities could allow for HTML injection and cross-site scripting attacks. An attacker may leverage these issues to have arbitrary script and HTML code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of cookie-based authentication credentials, and also exploit these issues to control how the site is rendered to the user. Examples for cross-site scripting and HTML injection attacks have been provided.

Multiple Cross-Site Scripting Vulnerabilities in FreeWebStat

The application fails to properly sanitize user-supplied input, leading to multiple XSS vulnerabilities. An attacker can execute arbitrary script code in the browser of a user visiting the affected site, potentially stealing authentication credentials and performing other attacks.

Recent Exploits: