header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability

mod_security <= 2.1.0 is vulnerable to a bypass vulnerability where ASCIIZ bytes in POST data of the application/x-www-form-urlencoded content-type are not properly handled, allowing an attacker to bypass security rules. This vulnerability occurs due to a mismatch between the RFC-defined rules followed by mod_security and the actual behavior of HTTP request parsers in scripting languages like Perl, Python, Java, and PHP.

Multiple Remote Denial-of-Service Vulnerabilities in Freeciv

Freeciv is prone to multiple remote denial-of-service vulnerabilities because the application fails to properly handle specially crafted network packets. An attacker can exploit these issues to cause the applications to become unresponsive or to crash the affected game servers, denying service to legitimate users.

Remote Buffer Overflow in EDItran Communications Platform

The EDItran Communications Platform (editcp) is vulnerable to a remote buffer overflow due to insufficient input validation. Attackers can exploit this vulnerability to execute arbitrary code within the context of the application. Failed attacks may lead to a denial-of-service condition.

PHP 5 – substr_compare Information Leak Vulnerability

This vulnerability allows an attacker to leak sensitive information from memory using the substr_compare function in PHP 5. By manipulating the function parameters, an attacker can retrieve data from memory that should not be accessible. This can lead to the exposure of sensitive information such as passwords or cryptographic keys.

Cross-Site Scripting Vulnerability in Xplico

Xplico is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Cross-Site Scripting and HTML Injection vulnerabilities in Wiki Web Help

Wiki Web Help is prone to a cross-site scripting vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code could run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.

Cross-Site Scripting Vulnerability in Flatnux

Flatnux is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

DPScms SQL Injection and Cross-Site Scripting Vulnerabilities

DPScms is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Recent Exploits: