header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

ecoCMS Cross-Site Scripting Vulnerability

The ecoCMS web application is prone to a cross-site scripting vulnerability. This vulnerability occurs due to the application's failure to properly sanitize user-supplied input. An attacker can exploit this vulnerability by injecting arbitrary script code into the affected site, which will then be executed in the context of unsuspecting users' browsers. This can lead to the theft of cookie-based authentication credentials and enable the attacker to launch further attacks.

SamaGraph CMS SQL Injection Vulnerability

The SamaGraph CMS is prone to an SQL-injection vulnerability. This vulnerability occurs because the application does not sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability by injecting malicious SQL statements into the affected application, potentially allowing them to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Arbitrary File Upload Vulnerabilities in CH-CMS.ch

CH-CMS.ch is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

Multiple Remote SQL Injection Vulnerabilities in IslamSound

The IslamSound application is prone to multiple remote SQL injection vulnerabilities. These vulnerabilities can be exploited by sending specially crafted requests to the affected application. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

DivX Web Player 1.3.0 (npdivx32.dll) “Resize” method Denial of Service

This exploit allows an attacker to cause a denial of service by sending a specially crafted request to the vulnerable application. The vulnerability exists in the "Resize" method of the DivX Web Player 1.3.0 (npdivx32.dll) plugin. By providing large values for the arguments of the "Resize" method, an attacker can cause the application to crash due to an access violation error.

SQL Injection and Cross-Site Scripting Vulnerabilities in NolaPro Enterprise

NolaPro Enterprise is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Arbitrary File Upload Vulnerability in CF Image Hosting Script

CF Image Hosting Script is prone to an arbitrary-file-upload vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

SQL Injection vulnerability in Billwerx

The Billwerx application is prone to an SQL-injection vulnerability due to insufficient sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Recent Exploits: