header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

DBSite w/b CMS Multiple XSS Vulnerability

DBSite wb CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

MIT Kerberos Remote Memory-Corruption Vulnerability

An authenticated attacker can exploit this issue by sending specially crafted ticket-renewal requests to a vulnerable computer. Successfully exploiting this issue can allow the attacker to execute arbitrary code with superuser privileges, completely compromising the affected computer. Failed exploit attempts will result in a denial-of-service condition.

Cross-Site Scripting in Two-Step External Link module for vBulletin

The Two-Step External Link module for vBulletin is vulnerable to a cross-site scripting (XSS) attack. This vulnerability occurs due to the application's failure to properly sanitize user-supplied input. An attacker can exploit this vulnerability by injecting arbitrary script code into the 'url' parameter of the 'externalredirect.php' script. When an unsuspecting user visits the affected site and clicks on the malicious link, the injected script code will execute in their browser, allowing the attacker to steal their cookie-based authentication credentials and potentially launch further attacks.

Kleophatra CMS XSS Vulnerability

Kleophatra CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Directory Traversal Vulnerability in HTTP Application

The HTTP application is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary local files and directories within the context of the webserver. Information harvested may aid in launching further attacks.

WordPress TimThumb 2.8.13 WebShot Remote Code Execution (0-day)

TimThumb is a small php script for cropping, zooming and resizing web images (jpg, png, gif). It is used in many Wordpress themes and plugins. The vulnerability allows an attacker to execute arbitrary code on the affected website by manipulating the 'webshot' parameter in the 'timthumb.php' file. The payload for the exploit must be within specific character sets. The vulnerability affects multiple themes and plugins, including Wordpress Gallery Plugin and IGIT Posts Slider Widget.

XM Easy Personal FTP Server 5.3.0 Multiple vulnerabilities

Multiple format string attacks and buffer overflow vulnerabilities exist in XM Easy Personal FTP Server version 5.3.0. These vulnerabilities can be exploited to crash the server and potentially execute code. Every command in the server is vulnerable to these attacks. It is recommended to use a custom fuzzer to fuzz the server for better results.

WinMount Remote Buffer Overflow Vulnerability

WinMount is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.

Recent Exploits: