header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

HTML-injection vulnerability in AneCMS

AneCMS is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.

PHP WDDX Session Deserialization Stack Information Leak

This PHP code demonstrates a proof of concept for a vulnerability in the WDDX extension of PHP. The vulnerability allows for an information leak through the deserialization of session data. By sending a specially crafted session data, an attacker can retrieve sensitive information from the server's memory stack.

VideoWhisper PHP 2 Way Video Chat Cross-Site Scripting Vulnerability

The VideoWhisper PHP 2 Way Video Chat application is prone to a cross-site scripting vulnerability due to insufficient input sanitization. This vulnerability can be exploited by an attacker to execute arbitrary script code in the browser of a victim user, within the context of the affected site. This can lead to the theft of authentication credentials stored in cookies and enable the attacker to launch further attacks.

Plesk Server Administrator (PSA) Local File-Include Vulnerability

The Plesk Server Administrator (PSA) is prone to a local file-include vulnerability due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible.

Arab Portal SQL Injection Vulnerability

Arab Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Cross-Site Scripting in Help and Support Center

The Help and Support Center is vulnerable to cross-site scripting attacks due to inadequate input sanitization. An attacker can exploit this vulnerability to execute arbitrary script code in the browser's privileged zone of an unsuspecting user.

Cross-site scripting vulnerability in Bits Video Script

Bits Video Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Recent Exploits: