header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Nuke Evolution Xtreme Local File Inclusion and SQL Injection Vulnerabilities

Nuke Evolution Xtreme is prone to a local file-include vulnerability and an SQL-injection vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute arbitrary local files within the context of the webserver process. The attacker can exploit the SQL-injection vulnerability to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Dolibarr Local File Inclusion and Cross-Site Scripting Vulnerabilities

Dolibarr is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the context of the affected application. The attacker may leverage the cross-site scripting issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

LightNEasy SQL Injection Vulnerability

LightNEasy is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Cross-Site Scripting Vulnerability in todoyu

todoyu is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Multiple Cross-Site Scripting Vulnerabilities in Zenphoto

The Zenphoto application is vulnerable to multiple cross-site scripting (XSS) vulnerabilities due to inadequate sanitization of user-supplied data. An attacker can exploit these vulnerabilities to execute arbitrary script code in the context of an unsuspecting user's browser, potentially leading to the theft of authentication credentials and other malicious activities.

SyCtel Design Local File Include Vulnerabilities

SyCtel Design is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

Cross-Site Scripting Vulnerability in Automagick Tube Script

Automagick Tube Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Multiple Cross-Site Scripting Vulnerabilities in webSPELL

webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Recent Exploits: