header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

SQL Injection Vulnerability in Godly Forums

The Godly Forums website is vulnerable to SQL injection attacks. This vulnerability occurs due to the lack of proper sanitization of user-supplied data before using it in SQL queries. An attacker can exploit this vulnerability to compromise the application, gain unauthorized access or modify data, and potentially exploit other vulnerabilities in the underlying database.

Cross-Site Scripting Vulnerabilities in Cyberoam UTM

Cyberoam UTM is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Cross-site scripting vulnerability in Tiki Wiki CMS Groupware

Tiki Wiki CMS Groupware is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

bSuite Plugin for WordPress HTML-injection Vulnerabilities

The bSuite plug-in for WordPress is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code could be executed in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks may also be possible.

Iskratel SI2000 Callisto 821+ Cross-Site Request Forgery and HTML-Injection Vulnerabilities

The Iskratel SI2000 Callisto 821+ is prone to a cross-site request-forgery vulnerability and multiple HTML-injection vulnerabilities. An attacker can exploit the cross-site request-forgery issue to perform unauthorized actions in the context of a user's session. This may aid in other attacks. The attacker can exploit the HTML-injection issues to execute arbitrary script code in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered. Other attacks are also possible.

Xoops Module Friendfinder <= 3.3 (view.php id) BLIND SQL Injection Exploit

This exploit allows an attacker to perform a blind SQL injection attack on the Xoops Module Friendfinder version 3.3 or below. By manipulating the 'id' parameter in the 'view.php' file, an attacker can extract sensitive information from the database, such as usernames and passwords.

BlueSoft Social Networking CMS SQL Injection Vulnerability

BlueSoft Social Networking CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Multiple SQL-injection vulnerabilities in BlueSoft products

Multiple BlueSoft products are prone to multiple SQL-injection vulnerabilities because the applications fail to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

SQL Injection vulnerability in com_newssearch component for Joomla!

The 'com_newssearch' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Recent Exploits: