header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Cross-site scripting vulnerabilities in XOOPS

The XOOPS application fails to properly sanitize user-supplied input, leading to multiple cross-site scripting vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary script code in the context of the affected site, potentially stealing authentication credentials and launching further attacks.

Cross-Site Scripting vulnerabilities in Rating-Widget

The Rating-Widget plugin is prone to multiple cross-site scripting vulnerabilities due to inadequate input sanitization. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a targeted user, potentially leading to the theft of authentication credentials and other malicious activities.

Cross-Site Scripting and HTML-Injection Vulnerabilities in Wikiwig

Wikiwig is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.

Monkey’s File Audio (All MPlayers) Buffer Overflow

Monkey's Audio is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition.

SugarCRM Information Disclosure Vulnerability

SugarCRM is prone to an information-disclosure vulnerability because it fails to restrict access to certain application data. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

Multiple SQL Injection Vulnerabilities in Pixie

The Pixie application is vulnerable to multiple SQL injection vulnerabilities. These vulnerabilities occur because the application does not properly sanitize user-supplied input before using it in an SQL query. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

Recent Exploits: