header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Opera JPEG processing – Heap corruption vulnerabilities

Opera is vulnerable in parsing the JPEG file format. Discovered were four vulnerabilities, each in different segments of the file format. The two important ones are ntdll.RtlAllocateHeap() DHT vulnerability and ntdll.RtlAllocateHeap() SOS vulnerability. Opera Mini for mobile phones could also be vulnerable.

magic photo storage website — Remote File Inclusion

The magic photo storage website is vulnerable to Remote File Inclusion. An attacker can exploit this vulnerability by injecting a malicious payload in the _config[site_path] parameter of the common_function.php file. This allows the attacker to include arbitrary remote files, potentially leading to remote code execution or sensitive data disclosure.

Buffer Overflow in libcdio

The GNU Compact Disc Input and Control Library ('libcdio') is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. The issues occur when the 'cd-info' and 'iso-info' programs handle specially crafted ISO files. Successfully exploiting these issues may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts likely result in denial-of-service conditions.

Cross-Site Scripting Vulnerabilities in eTicket

eTicket is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Multiple Remote Code Execution Vulnerabilities in Georgia SoftWorks Secure Shell Server

The Georgia SoftWorks Secure Shell Server is prone to multiple remote code-execution vulnerabilities. These include a format-string vulnerability and two buffer-overflow vulnerabilities. Successful exploitation of these vulnerabilities allows remote attackers to execute arbitrary machine code with SYSTEM-level privileges, leading to the complete compromise of affected computers.

Recent Exploits: