header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

SQL Injection vulnerability in com_szallasok component for Joomla!

The 'com_szallasok' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

audioCMS arash 0.1.4(arashlib_dir)Remote File Inclusion Vulnerabilities

The audioCMS arash 0.1.4 is vulnerable to remote file inclusion. The vulnerability allows an attacker to include remote files by manipulating the 'arashlib_dir' parameter in various scripts. This can lead to arbitrary code execution and compromise of the affected system.

Endian Firewall < 3.0.0 Proxy Password Change Command Injection

This module exploits an OS command injection vulnerability in a web-accessible CGI script used to change passwords for locally-defined proxy user accounts. Valid credentials for such an account are required. Command execution will be in the context of the "nobody" account, but on versions of EFW I tested, this account had broad sudo permissions, including to run the script /usr/local/bin/chrootpasswd as root. This script changes the password for the Linux root account on the system to the value specified by console input once it is executed. The password for the proxy user account specified will *not* be changed by the use of this module, as long as the target system is vulnerable to the exploit. Very early versions of Endian Firewall (e.g. 1.1 RC5) require HTTP basic auth credentials as well to exploit this vulnerability. Use the standard USERNAME and PASSWORD advanced options to specify these values if required. Versions >= 3.0.0 still contain the vulnerable code, but it appears to never be executed due to a bug in the vulnerable CGI script which also prevents normal use. Tested successfully against the following versions of EFW Community: 1.1 RC5, 2.0, 2.1, 2.5.1, 2.5.2. Used Apache mod_cgi Bash Environment Variable Code Injection and Novell ZENworks Configuration Management Remote Execution modules as templates.

Dedecms variable coverage leads to getshell

This vulnerability allows remote attackers to execute arbitrary code and gain unauthorized access to the affected system. By manipulating the 'install_demo_name' parameter in the 'install/index.php' file, an attacker can overwrite the contents of the 'config_update.php' file, leading to remote code execution and unauthorized access.

NetArt Media Jobs Portal Multiple HTML and SQL Injection Vulnerabilities

NetArt Media Jobs Portal is prone to multiple HTML-injection vulnerabilities and an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to compromise the application, access or modify data, exploit vulnerabilities in the underlying database, execute HTML and script code in the context of the affected site, steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.

Windows DNS DnssrvQuery() Stack Overflow

A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in an RPC interface of the DNS service used for remote management of the service. This can be exploited to cause a stack-based buffer overflow via a specially crafted RPC request. The DnssrvQuery function is vulnerable to this stack overflow.

Recent Exploits: