header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Tour de France Pool for Joomla Remote File Include Vulnerability

The Tour de France Pool for Joomla is vulnerable to a remote file-include vulnerability. The application fails to properly sanitize user-supplied input, allowing an attacker to include and execute arbitrary files remotely. Exploiting this vulnerability can lead to compromise of the application and the underlying system. Other attacks may also be possible.

WebDirector Cross-Site Scripting Vulnerability

The WebDirector application is vulnerable to a cross-site scripting (XSS) attack due to insufficient input sanitization. An attacker can exploit this vulnerability by injecting malicious code into the 'deslocal' parameter of the affected website's URL. When an unsuspecting user visits the manipulated URL, the injected code will be executed in their browser, allowing the attacker to perform various malicious actions such as stealing authentication credentials and launching further attacks.

BlueSkyChat ActiveX Control Buffer Overflow Vulnerability

BlueSkyChat ActiveX control is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.

Cross-Site Scripting Vulnerability in WebEvent

The WebEvent application fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This allows the attacker to steal cookie-based authentication credentials and launch other attacks.

Privilege Escalation through JavaScript in Mozilla Firefox, Thunderbird, and SeaMonkey

The vulnerability allows JavaScript to execute with unintended privileges. A malicious site can cause the execution of a script with Chrome privileges, allowing attackers to execute hostile script code with privileges that exceed those intended. This issue affects Mozilla Firefox, Thunderbird, and SeaMonkey. Proof of concept code is available.

Aplomb Poll multiple remote file-include vulnerabilities

The Aplomb Poll application fails to properly sanitize user-supplied input, leading to multiple remote file-include vulnerabilities. An attacker can exploit these vulnerabilities to include a remote file containing malicious PHP code and execute it in the context of the webserver process. This can result in a compromise of the application and the underlying system, allowing for various other attacks as well.

Aplomb Poll Remote File Include Vulnerabilities

The Aplomb Poll application is prone to multiple remote file-include vulnerabilities due to improper sanitization of user-supplied input. An attacker can exploit these vulnerabilities to include a remote file containing malicious PHP code and execute it in the context of the webserver process. This can lead to compromise of the application and the underlying system, as well as other possible attacks.

Aplomb Poll Multiple Remote File Include Vulnerabilities

Aplomb Poll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

Multiple Cross-Site Scripting Vulnerabilities in IT!CMS

IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Cross-Site Scripting vulnerabilities in IT!CMS

IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Recent Exploits: