header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Remote Vulnerability in Oracle WebLogic Server

This vulnerability in Oracle WebLogic Server can be exploited over the HTTP protocol. The attacker must have 'Plugins for Apache, Sun and IIS web servers' privileges for the exploit to succeed. By sending specially crafted requests, an attacker can execute arbitrary code on the affected server.

Cross-site scripting vulnerability in Oracle Business Process Management

The Oracle Business Process Management is prone to a cross-site scripting vulnerability due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of a user visiting the affected site. This can lead to the theft of cookie-based authentication credentials and enable the attacker to launch further attacks.

Easy FTP Pro v4.2 iOS – Command Inject Vulnerabilities

Two command injection vulnerabilities have been discovered in the official Easy FTP Pro v4.2 iOS mobile application. The vulnerabilities allow remote attackers to inject their own commands by exploiting misconfigured stored system/device values to compromise the application.

Multiple Cross-Site Scripting Vulnerabilities in Diem

The application fails to properly sanitize user-supplied input, leading to multiple cross-site scripting vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user, potentially stealing authentication credentials and launching further attacks.

Arbitrary File Upload in Antz Toolkit Module for CMS Made Simple

The Antz toolkit module for CMS Made Simple is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input.An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

Adobe PDF Reader plug-in AcroPDF.dll ver. 8.0.0.0 Resource Consumption

Input passed to a hosted PDF file is not properly sanitised by the browser plug-in before being returned to users. This can be exploited to execute arbitrary script code in a user's browser session in context of an affected site.

Recent Exploits: