header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Cross-Site Scripting Vulnerability in Netautor Professional

The Netautor Professional web application fails to properly sanitize user-supplied data, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary HTML and script code in the browser of an unsuspecting user, potentially allowing them to steal authentication credentials and launch further attacks.

The Revenge of the Scammers

This exploit is an 0day in Ammyy Admin, a remote desktop type software. It allows the attacker to take over the controller when someone tries to connect to them. The exploit is launched from a DLL injected into a copy of AA, which hooks AA's data send functions, replacing them with the exploit data.

Arbitrary File Upload in chillyCMS

chillyCMS is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input.An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

Cross-Site Scripting Vulnerability in Mollify

Mollify is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary JavaScript code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

News Bin Pro 4.32 Article Grabbing Remote Unicode Buffer Overflow

There is remote buffer overflow in News Bin Pro 4.32 that can be triggered by grabbing articles that contain an overly long file name. To exploit, convince someone to set his newsgroup server to your ip:119 and ask him to download an article and to bypass filters. This is just a DoS. I couldnt make EIP point to some interesting place. This is a unicode buffer overflow and we can force EIP to point on 0x00410041. But there's no good call esp in those places. However if we can set EIP to 0x41004100 the problem is solved. Tell me if you go further. Have Fun!

Local File Include Vulnerability in CMScout

CMScout is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to view files and execute local scripts in the context of the webserver process. This may aid in further attacks.

Local File Inclusion Vulnerability in NWS-Classifieds

The NWS-Classifieds application is prone to a local file-include vulnerability due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability to obtain sensitive information and execute arbitrary local scripts in the context of the webserver process. This can lead to application and system compromise.

Willscript Auction Website Script SQL Injection Vulnerability

The Willscript Auction Website Script is vulnerable to SQL injection due to insufficient sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to execute arbitrary code, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Multiple Cross-Site Scripting Vulnerabilities in I-Escorts Products

The I-Escorts products are prone to multiple cross-site scripting vulnerabilities due to insufficient input sanitization. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a victim user, potentially leading to the theft of authentication credentials and other attacks.

Recent Exploits: