header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Cross-Site Scripting Vulnerability in PortWise SSL VPN

The PortWise SSL VPN is vulnerable to a cross-site scripting (XSS) attack due to inadequate input sanitization. An attacker can exploit this vulnerability to inject and execute arbitrary script code in the browser of a targeted user, within the context of the affected site. This can lead to the theft of cookie-based authentication credentials and enable the attacker to launch further attacks.

New-CMS Local File Include and HTML-Injection Vulnerabilities

New-CMS is prone to multiple local file-include vulnerabilities and an HTML-Injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerabilities using directory-traversal strings to view and execute a crafted 'cmd.php' script within the context of the webserver process. Information harvested may aid in further attacks. The attacker may leverage the HTML-Injection issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

EziScript Google Page Rank Cross-Site Scripting Vulnerability

The EziScript Google Page Rank is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Cross-Site Scripting Vulnerability in Extreme Mobster

Extreme Mobster is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

BGSvetionik BGS CMS Cross-Site Scripting Vulnerability

BGSvetionik BGS CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Multiple Cross-Site Request Forgery Vulnerabilities in Huawei HG510

Huawei HG510 is prone to multiple cross-site request-forgery vulnerabilities. Successful exploits may allow attackers to run privileged commands on the affected device, change configuration, cause denial-of-service conditions, or inject arbitrary script code. Other attacks are also possible. The following example URI is available: http://www.example.com/password.cgi?sysPassword=BASE64_NEW_PASSWORD.

Cross-Site Scripting vulnerabilities in Portrait Campaign Manager

The Portrait Campaign Manager software is prone to multiple cross-site scripting vulnerabilities. These vulnerabilities occur due to insufficient sanitization of user-supplied data. An attacker can exploit these issues by injecting arbitrary script code into the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and the execution of other malicious activities.

Recent Exploits: