header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Serenity Audio Player Buffer Overflow

Serenity Audio Player is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Angel Learning Management Suite 7.1 SQL Injection Vulnerability

Angel 7.1 contains an SQL injection vulnerability in section/default.asp that grants an un-authenticated user access to all database tables and data. Examples include enumeration of tables, columns, user names, passwords, grades, and test questions/answers.

MS13-097 Registry Symlink IE Sandbox Escape

This module exploits a vulnerability in Internet Explorer Sandbox which allows to escape the Enhanced Protected Mode and execute code with Medium Integrity. The vulnerability exists in the IESetProtectedModeRegKeyOnly function from the ieframe.dll component, which can be abused to force medium integrity IE to user influenced keys. By using registry symlinks it's possible force IE to add a policy entry in the registry and finally bypass Enhanced Protected Mode.

madwifi WPA/RSN IE remote kernel buffer overflow

This exploit code is for a remote kernel buffer overflow vulnerability in madwifi. It takes advantage of a memcpy function that copies data from the se_wpa_ie buffer without proper bounds checking. By crafting a malicious WPA/RSN IE packet, an attacker can overflow the buffer and execute arbitrary code.

SmartBlog SQL Injection and Cross-Site Scripting Vulnerabilities

SmartBlog is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Cross-Site Scripting Vulnerability in ProArcadeScript

ProArcadeScript is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

Recent Exploits: