header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Identity Theft Exploit

This exploit allows for the overwrite of specific kernel addresses to elevate privileges. It requires a deep understanding of the Plan9 kernel and careful execution. The process involves determining the user and hostowner, overwriting kernel addresses, writing the username to '#c/hostowner', stealing credentials, resetting overwritten functions, and restoring the original username.

WinSoftMagic Photo Editor PNG File Buffer Overflow

The WinSoftMagic Photo Editor is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Successful exploits may allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Cross-Site Scripting Vulnerability in Istgah for Centerhost

The Istgah for Centerhost is vulnerable to a cross-site scripting (XSS) attack due to inadequate input sanitization. An attacker can exploit this vulnerability by injecting arbitrary script code into the browser of a victim user, within the context of the affected site. This can lead to the theft of authentication credentials and enable the attacker to launch further attacks.

Ziggurat Farsi CMS Cross-Site Scripting Vulnerability

Ziggurat Farsi CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

n-cms-equipe local file-include vulnerabilities

n-cms-equipe is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

PotatoNews Multiple Local File Inclusion Vulnerabilities

PotatoNews is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

Admin Phorum 3.3.1.a (del.php include_path)File Include Vulnerability

This vulnerability allows an attacker to include arbitrary files by manipulating the 'include_path' parameter in the 'del.php' script of Admin Phorum 3.3.1.a. By exploiting this vulnerability, an attacker can execute arbitrary code or disclose sensitive information.

McAfee Email Gateway multiple vulnerabilities

An attacker can exploit these vulnerabilities to compromise affected computers, execute arbitrary commands, steal authentication credentials, crash the application, and gain access to sensitive information

Ericom AccessNow Server Buffer Overflow

This module exploits a stack based buffer overflow in Ericom AccessNow Server. The vulnerability is due to an insecure usage of vsprintf with user controlled data, which can be triggered with a malformed HTTP request. This module has been tested successfully with Ericom AccessNow Server 2.4.0.2 on Windows XP SP3 and Windows 2003 Server SP2.

Recent Exploits: