header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Claus Muus Spitfire Multiple Cross-Site Scripting Vulnerabilities

The Claus Muus Spitfire application is prone to multiple cross-site scripting vulnerabilities due to improper sanitization of user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a victim user, potentially leading to the theft of authentication credentials and other attacks.

Arora browser Remote Denial fo Service

This exploit targets the Arora browser and utilizes a remote memory-corruption vulnerability in Qt. By clicking on a link, the attacker can trigger the exploit, leading to the execution of arbitrary code within the application's context. In cases where the exploit fails, a denial-of-service condition will be triggered.

Firefox toString console.time Privileged Javascript Injection

This exploit gains remote code execution on Firefox 15-22 by abusing two separate Javascript-related vulnerabilities to ultimately inject malicious Javascript code into a context running with chrome:// privileges.

Monolith Lithtech Game Engine Memory Corruption Vulnerability

The Monolith Lithtech Game Engine is prone to a memory-corruption vulnerability. An attacker can exploit this issue to cause a denial-of-service condition or execute arbitrary code within the context of the affected application. Other attacks may also be possible.

Cross-Site Request Forgery in Microsoft Outlook Web Access for Exchange Server 2003

The vulnerability allows a remote attacker to perform actions in the context of an authorized user's session and gain unauthorized access to the affected application. The exploit involves submitting a form with hidden fields that perform certain actions.

SnowFlake CMS SQL Injection Vulnerability

SnowFlake CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

HTML Injection Vulnerability in Sourcefabric Campsite

The Sourcefabric Campsite is vulnerable to HTML injection due to inadequate input sanitization. This vulnerability allows attackers to inject and execute arbitrary HTML and script code within the context of the affected browser. Exploiting this vulnerability could lead to the theft of cookie-based authentication credentials and control over the rendering of the site to the user.

Recent Exploits: