header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Directory Traversal Vulnerability in AutartiTarot component for Joomla!

The AutartiTarot component for Joomla! is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks.

ElasticSearch Dynamic Script Arbitrary Java Execution

This module exploits a remote command execution vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 1.2.0. The bug is found in the REST API, which requires no authentication or authorization, where the search function allows dynamic scripts execution, and can be used for remote attackers to execute arbitrary Java code. This module has been tested successfully on ElasticSearch 1.1.1 on Ubuntu Server 12.04 and Windows XP SP3.

SQL Injection in com_gambling component for Joomla!

The 'com_gambling' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

SQL Injection in com_rsgallery2 component for Joomla!

The 'com_rsgallery2' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Cross-Site Scripting Vulnerability in Comtrend CT-507 IT

The Comtrend CT-507 IT device's web interface does not properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of a victim user, potentially allowing the attacker to steal authentication credentials and launch further attacks.

Ingres Database Heap-based Buffer Overflow Vulnerability

The Ingres Database is prone to a heap-based buffer-overflow vulnerability due to inadequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with the privileges of the application or crash the affected application.

Recent Exploits: