header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

SQL Injection Vulnerability in ‘com_biitatemplateshop’ component for Joomla!

The 'com_biitatemplateshop' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Windows .ANI LoadAniIcon Stack Overflow

A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to take complete control of an affected system. This issue is due to a stack overflow error within the "LoadAniIcon()" [user32.dll] function when rendering cursors, animated cursors or icons with a malformed header, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a malicious web page or viewing an email message containing a specially crafted ANI file.

AdaptCMS Cross-Site Scripting and Information Disclosure Vulnerabilities

AdaptCMS is prone to multiple cross-site scripting vulnerabilities and an information disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

HTML-injection vulnerability in multiple products

An attacker can execute arbitrary script code in the browser by injecting malicious code in the name and description parameters of the group creation request. This can lead to the theft of authentication credentials and control over website rendering.

TWiki Multiple Cross-Site Scripting Vulnerabilities

TWiki is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Multiple Cross-Site Scripting Vulnerabilities in TWiki

TWiki is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Multiple reflecting XSS-, SQLi and InformationDisclosure-vulnerabilities in Zeuscart v.4

ECommerce-Shopping Cart Zeuscart v. 4 suffers from multiple XSS-, SQLi- and InformationDisclosure-vulnerabilities. Reflecting XSS-vulnerabilities can be found in a common Zeuscart-installation in the parameter 'search', 'schltr', and 'brand' in the index.php file. SQL injection vulnerabilities can be found in the administrative backend of Zeuscart v. 4 in the 'id' parameter.

Zyncro social network SQL Injection Vulnerability

Zyncro social network is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Recent Exploits: