header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

GIMP Multiple Remote Stack-based Buffer Overflow Vulnerabilities

GIMP is prone to multiple remote stack-based buffer-overflow vulnerabilities because it fails to perform adequate checks on user-supplied input. Successfully exploiting these issues may allow remote attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

MetaForum <= 0.513 Beta - Remote file upload Vulnerability

A security bug has been discovered in MetaForum 0.513 Beta. This bug can be used by an attacker to upload a malicious php file on the server. During the upload, the MIME type of the file is the only verified parameter. The extension isn't. This enables an attacker to fake the MIME type of a php file so that it is considered as an image.

MODX Revolution CSRF Tokens Bypass + Reflected Cross Site Scripting + Stored XSS

The vulnerability allows an attacker to perform Cross-Site Scripting (XSS) attacks and bypass CSRF Tokens Protection. This can lead to various malicious activities such as taking over victim accounts, changing primary email addresses, sending forged requests, and tricking admins to attack their own users.

Multiple Cross-Site Scripting Vulnerabilities in Coppermine Photo Gallery

Coppermine Photo Gallery is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Multiple Input-Validation Vulnerabilities in CruxCMS

Multiple input-validation vulnerabilities, including security-bypass, arbitrary-file-upload, SQL-injection, local file-include, cross-site-scripting, and information-disclosure issues, allow unauthorized access, execution of scripts, data modification, stealing authentication credentials, and other attacks.

Recent Exploits: