header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

PHPWind Multiple Cross-Site Scripting Vulnerabilities

PHPWind is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Kempt SiteDone SQL Injection and Cross-Site Scripting Vulnerabilities

The SQL injection vulnerability and cross-site scripting vulnerability in Kempt SiteDone could allow an attacker to steal authentication credentials, control site rendering, compromise the application, access or modify data, or exploit other vulnerabilities in the database.

Xilisoft Video Converter Stack-based Buffer Overflow Vulnerability

The Xilisoft Video Converter application fails to perform adequate boundary checks on user-supplied input, leading to a stack-based buffer overflow vulnerability. Attackers can exploit this vulnerability to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

SQL Injection in tenfourzero.net’s Shutter

The application fails to sufficiently sanitize user-supplied data before using it in an SQL query, leading to SQL injection vulnerabilities. An attacker can exploit this to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

phpBB2 Plus SQL Injection Vulnerability

phpBB2 Plus is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

SQL Injection Vulnerability in Joomla com_alert Component

The 'com_alert' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Remote Oracle DBMS_METADATA.GET_DDL exploit (9i/10g)

This exploit allows an attacker to grant or revoke dba permission to an unprivileged user in Oracle DBMS_METADATA.GET_DDL. It uses an 'evil cursor injection' technique and does not require 'create procedure' privilege. The exploit has been tested on Oracle Database 10g Enterprise Edition Release 10.1.0.3.0. The exploit script is provided in Perl.

SQL Injection vulnerability in com_as component for Joomla!

The 'com_as' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Recent Exploits: