header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Apache Tomcat Host Manager Servlet Cross-Site Scripting Vulnerability

The Apache Tomcat Host Manager Servlet is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to inject HTML and script code into the browser of an unsuspecting victim. The attacker may then steal cookie-based authentication credentials and launch other attacks.

JobLister3 SQL Injection Vulnerability

The JobLister3 application is vulnerable to SQL injection attacks. This vulnerability occurs due to the application's failure to properly sanitize user-supplied input before using it in an SQL query. An attacker can exploit this vulnerability by injecting malicious SQL statements into the 'jobid' parameter of the 'showbyID' mode. Successful exploitation could allow the attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

OWASP Stinger Filter-Bypass Weakness

OWASP Stinger is prone to a filter-bypass weakness because the application fails to properly handle certain input. Since the OWASP Stinger project is a software module designed to be incorporated into other applications, this weakness may be exploitable only if applications use it in a vulnerable way. Successfully exploiting this issue may allow attackers to bypass the filter, aiding them in further attacks.

Microsoft Visual Basic 6 TypeLib Information Library (TLI) ActiveX Control Remote Code Execution Vulnerability

The Microsoft Visual Basic 6 TypeLib Information Library (TLI) ActiveX control is prone to a remote code-execution vulnerability. An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.

Php-Stats Cross-Site Scripting Vulnerability

Php-Stats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

ZyXEL ZyWALL 2 Multiple Remote Vulnerabilities

The ZyXEL ZyWALL 2 is prone to multiple remote vulnerabilities that affect the management interface. An attacker can exploit these issues to carry out cross-site request forgery, HTML-injection, and denial-of-service attacks. The exploit code provided demonstrates a cross-site request forgery attack that injects malicious HTML code into the 'sysSystemName' and 'sysDomainName' fields, potentially leading to HTML-injection attacks. Additionally, the exploit sets the 'StdioTimout' field to '0', causing a denial-of-service condition. The vulnerability is reported to affect ZyWALL 2 devices running firmware V3.62(WK.6).

Recent Exploits: