header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Forma LMS 1.3 Multiple PHP Object Injection Vulnerabilities

Forma LMS 1.3 is prone to multiple PHP Object Injection vulnerabilities, due to a repeated unsafe use of the unserialize() function, which allows unprivileged users to inject arbitrary PHP objects. A potential attacker could exploit this vulnerability by sending specially crafted requests to the web application containing malicious serialized input, in order to execute code on the remote server or abuse arbitrary functionalities.

SimpCMS Light Arbitrary File Inclusion Vulnerability

The SimpCMS Light script is vulnerable to an arbitrary file inclusion vulnerability. The bug file 'index.php' contains the vulnerable code on line 31, where it includes the file specified by the 'site' parameter. An attacker can exploit this vulnerability by supplying a malicious script as the 'site' parameter, leading to arbitrary file inclusion.

pL-PHP beta 0.9 – MULTIPLE VULNERABILITIES

The pL-PHP beta 0.9 version is affected by multiple vulnerabilities. The first vulnerability is an SQL Injection that allows an attacker to bypass the admin access. The second vulnerability is a global variable problem that also allows an attacker to bypass the admin access.

InoutMailingListManager Command Execution Exploit + Login Retrieve + Advisory

This exploit allows an attacker to execute arbitrary commands on the target server. It also allows the attacker to bypass the login mechanism and gain administrative rights. The exploit takes advantage of vulnerabilities in the FCKEditor component and SQL injection vulnerabilities in the changename.php script.

Recent Exploits: