header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Arbitrary File Upload in Bits Video Script

Bits Video Script is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

Arbitrary file disclosure vulnerability in rrdbrowse

Due to inproper input validation, the CGI application 'rrdbrowse' (versions <=1.6) is vulnerable to an arbitrary file disclosure vulnerability. It allows an unauthenticated remote attacker to read any file on the remote system if the user the webserver is running as has permissions to do so. Thus an attacker is able to gain access potentially sensitive information. The vulnerability is trivial to exploit and only requires specifying an URL with a relative file path on the remote system.

Arbitrary File Upload Vulnerabilities in Bits Video Script

Bits Video Script is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

Cross-Site Scripting Vulnerabilities in Hitmaaan Gallery

Hitmaaan Gallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Bits Video Script Multiple Remote File-Include Vulnerabilities

Bits Video Script is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

Bits Video Script Remote File Include Vulnerabilities

Bits Video Script is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

Cross-Site Scripting Vulnerability in McAfee UTM Firewall

The web interface of McAfee UTM Firewall fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of a victim user, potentially stealing authentication credentials and launching further attacks.

SQL Injection in GREEZLE – Global Real Estate Agent Site

The GREEZLE - Global Real Estate Agent Site is vulnerable to multiple SQL injection vulnerabilities. These vulnerabilities occur because the application does not properly sanitize user-supplied data before using it in SQL queries. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit other latent vulnerabilities in the underlying database.

PG Auto Pro SQL Injection and Cross-Site Scripting Vulnerabilities

PG Auto Pro is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Recent Exploits: