header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Wserve HTTP Server 4.6 Version (Long Directory Name) Buffer Overflow – Denial Of Service

This exploit is for the Wserve HTTP Server 4.6 version which is vulnerable to a buffer overflow attack. The attacker sends a specially crafted HTTP request with a long directory name, causing a buffer overrun. This results in a denial of service as the program's internal state gets corrupted and it cannot continue execution safely.

WebSPELL <= 4.01.02 (picture.php) Remote File Disclosure Vulnerability

This vulnerability allows an attacker to remotely disclose files on the target system. It works independently from PHP version but depends on PHP option register_globals (= on) or PHP versions (< 4.3.0). The exploit can be triggered by accessing the picture.php file with specific parameters.

XOOPS Module Jobs <= 2.4 (cid) Remote BLIND SQL Injection Exploit

This exploit allows an attacker to perform a blind SQL injection attack on the XOOPS Module Jobs <= 2.4. By manipulating the 'cid' parameter in the index.php file, an attacker can retrieve sensitive information from the database, including the usernames and passwords of the admin users.

phpMyNewsletter <= 0.8 (beta5) Multiple Vuln Exploit

This exploit allows an attacker to perform two different attacks on a vulnerable version of phpMyNewsletter. Attack N°1 allows an attacker to inject a shell into the config file if mq=off. Attack N°2 allows an attacker to send previously created newsletters and spam.

php-generics 1.0 Remote File Inclusion Vulnerabilities

The vulnerability allows an attacker to include a remote file in the application, which can lead to remote code execution. The vulnerability exists in the include.php, /dbcommon/include.php, and /exception/include.php files.

SQL Injection Vulnerability in Dolibarr

Dolibarr is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Recent Exploits: