header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Wiccle Web Builder CMS and iWiccle CMS Community Builder Multiple Cross-Site Scripting Vulnerabilities

Wiccle Web Builder CMS and iWiccle CMS Community Builder are prone to multiple cross-site scripting vulnerabilities because they fail to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

Creative Guestbook 1.0 Add Remote Admin User and Cross Site Scripting Vulnerability

The Creative Guestbook 1.0 portal allows an attacker to add a remote admin user and perform cross site scripting attacks. The portal can be downloaded from http://www.thecreativeheads.de/CreativeFiles/downloads.php. The vulnerability can be exploited by inserting malicious scripts in the Guestbook.php file. An example script is <script> alert (' dj7xpl ^_^ ') </script>.

sNews Cross-Site Scripting and HTML-Injection Vulnerabilities

sNews is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.

Memory Corruption Vulnerability in Mozilla Firefox, Thunderbird, and Seamonkey

The vulnerability allows an attacker to execute arbitrary code in the context of the user running an affected application. It occurs due to inadequate validation of user-supplied data in Mozilla Firefox, Thunderbird, and Seamonkey.

PHP <= 4.4.6 ibase_connect() & ibase_pconnect() local buffer overflow

This is a proof-of-concept exploit for a local buffer overflow vulnerability in PHP versions <= 4.4.6. The vulnerability exists in the ibase_connect() and ibase_pconnect() functions. The exploit targets Windows 2000 SP3 EN and utilizes a SEH overwrite technique. The exploit was created by rgod.

Recent Exploits: