header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Drupal < 4.7.6 Remote Command Execution Exploit

Previews on comments were not passed through normal form validation routines, enabling users with the 'post comments' permission and access to more than one input filter to execute arbitrary code. By default, anonymous and authenticated users have access to only one input format. Immediate workarounds include: disabling the comment module, revoking the 'post comments' permission for all users or limiting access to one input format.

Drupal < 5.1 Remote Command Execution Exploit

Previews on comments were not passed through normal form validation routines, enabling users with the 'post comments' permission and access to more than one input filter to execute arbitrary code. By default, anonymous and authenticated users have access to only one input format.

PG Matchmaking Multiple Cross-Site Scripting Vulnerabilities

The PG Matchmaking application is prone to multiple cross-site scripting vulnerabilities due to insufficient sanitization of user-supplied data. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a victim user, potentially leading to the theft of authentication credentials and other malicious activities.

Jupiter CMS 1.1.5 SQL Injection Vulnerability

The Jupiter CMS 1.1.5 is vulnerable to SQL Injection. The vulnerability allows an attacker to execute arbitrary SQL queries by manipulating the user input. By exploiting the vulnerability, an attacker can retrieve sensitive information such as usernames and passwords from the database.

iDefense COMRaider ActiveX control Multiple Insecure-Method Vulnerabilities

The iDefense COMRaider ActiveX control is prone to multiple insecure-method vulnerabilities.Successfully exploiting these issues allows remote attackers to create arbitrary directories and copy arbitrary local files. This may lead to a denial-of-service condition or aid in further attacks.

Recent Exploits: