header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Toko LiteCMS HTTP Response Splitting and Cross-Site Scripting Vulnerabilities

Toko LiteCMS is prone to an HTTP-response-splitting vulnerability and multiple cross-site scripting vulnerabilities. An attacker can execute arbitrary script code in the browser, steal authentication credentials, and manipulate web content. The vulnerability exists in Toko LiteCMS version 1.5.2.

Multiple SQL-injection vulnerabilities in Ay Computer products

Multiple Ay Computer products are prone to multiple SQL-injection vulnerabilities because they fail to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

ASP Basit Haber Script SQL Injection Vulnerability

The ASP Basit Haber Script is vulnerable to an SQL injection attack due to improper sanitization of user-supplied input used in an SQL query. An attacker can exploit this vulnerability to compromise the application, gain unauthorized access or modify data, and exploit vulnerabilities in the underlying database.

Cross-Site Scripting Vulnerabilities in PunBB

PunBB is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

StarDevelop LiveHelp Local File Include Vulnerability

The StarDevelop LiveHelp application is prone to a local file-include vulnerability. This vulnerability occurs due to insufficient sanitization of user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts within the context of the web server process. This could lead to the compromise of the application and the underlying computer. Other attacks may also be possible.

Auctions plug-in for WordPress SQL Injection Vulnerability

The Auctions plug-in for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Multiple URI Open-Redirection Vulnerabilities in Microsoft SharePoint

Microsoft SharePoint is prone to multiple URI open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input. Successful exploits may redirect a user to a potentially malicious site; this may aid in phishing attacks.

Cross-Site Scripting Vulnerability in Orion Network Performance Monitor

Orion Network Performance Monitor is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Cross-Site Scripting vulnerabilities in Papoo CMS Light

Papoo CMS Light is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

Recent Exploits: