header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

DBMS_JVM_EXP_PERMS 10gR2, 11gR1/R2 OS Command Execution

This module exploits a flaw (0 day) in DBMS_JVM_EXP_PERMS package that allows any user with create session privilege to grant themselves java IO privileges. Identified by David Litchfield. Works on 10g R2, 11g R1 and R2 (Windows only)

FlashGameScript Remote Command Execution Vulnerability

The vulnerability exists in the index.php file of the FlashGameScript application. It allows an attacker to execute arbitrary commands by manipulating the 'func' parameter in a GET request. This can be exploited by sending a malicious link with the 'func' parameter pointing to an attacker-controlled script.

Cross-Site Scripting Vulnerability in Data 1 Systems UltraBB

Data 1 Systems UltraBB is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Cross-Site Scripting Vulnerabilities in KnowGate hipergate

The application fails to properly sanitize user-supplied input, leading to multiple XSS vulnerabilities. An attacker can execute arbitrary script code in the browser of an unsuspecting user, potentially stealing authentication credentials and launching further attacks.

Interspire Knowledge Manager Multiple Vulnerabilities

The Interspire Knowledge Manager is prone to multiple vulnerabilities including SQL injection, cross-site scripting (XSS), and information disclosure vulnerabilities. Exploiting these vulnerabilities could allow an attacker to obtain sensitive information, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Microsoft Windows TCP/IP Remote Code Execution Vulnerability

The Microsoft Windows TCP/IP protocol implementation is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful attacks will completely compromise affected computers. Failed exploit attempts will likely result in denial-of-service conditions.

Windows NtFilterToken() Double Free Vulnerability

NtFilterToken() in Microsoft Windows kernel is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges, resulting in the complete compromise of affected computers. Failed exploit attempts will cause a denial of service.

Recent Exploits: