header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Cross-Site Scripting Vulnerability in Flowplayer

Flowplayer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Sphider Multiple SQL Injection Vulnerabilities

Sphider is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. The following example input is available: Username: ' or 0=0 # Password: ' or 0=0 #

Xoops module Articles <= 1.02 (index.php cat_id) SQL Injection Exploit

The Xoops module Articles version 1.02 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by injecting malicious SQL queries in the 'cat_id' parameter of the 'index.php' file. This allows the attacker to retrieve sensitive information from the database, such as usernames and passwords of Xoops users.

Alice Modem Cross-Site Scripting and Denial-of-Service Vulnerability

The Alice Modem is prone to a cross-site scripting vulnerability and a denial-of-service vulnerability due to improper handling of user-supplied input. An attacker can exploit these vulnerabilities to cause a denial-of-service condition or execute arbitrary script code in the browser of a user visiting the affected site. Successful exploitation of the cross-site scripting vulnerability may result in the theft of cookie-based authentication credentials and enable further attacks.

ICMusic SQL Injection Vulnerability

ICMusic is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Cross-Site Scripting Vulnerability in Prontus CMS

Prontus CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.

SQL Injection vulnerability in com_voj component for Joomla!

The 'com_voj' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Pro Softnet IDrive Online Backup ActiveX Control Arbitrary File Overwrite

The Pro Softnet IDrive Online Backup ActiveX control is prone to a vulnerability that allows attackers to overwrite files with arbitrary, attacker-controlled content. An attacker can exploit this issue to corrupt and overwrite arbitrary files on a victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). The provided HTML code demonstrates an example of the exploit.

Cross-Site Scripting Vulnerability in Classified Script

The Classified Script is vulnerable to a cross-site scripting (XSS) attack due to inadequate sanitization of user-supplied data. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other malicious activities.

Recent Exploits: