wp-pagenavi
domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init
action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114A SQL injection vulnerability was discovered in OS4Ed Open Source Information System Community version 9.1. By manipulating the 'X-Forwarded-For' header parameters in a POST request to /Ajax.php, an attacker can execute malicious SQL queries.
The vulnerability exists in NoteMark version 0.13.0 and below. By injecting a malicious payload into a note and rendering it using the 'Rendered' tab, an attacker can execute arbitrary JavaScript code in the context of the user's session.
The exploit targets Windows 10, 11 <10.0.26100.1457 and Server 2016-2019-2022 <10.0.17763.6189, allowing an attacker to cause denial-of-service. By corrupting the tcpip.sys memory per batch, the attacker can disrupt the normal functioning of the system. This vulnerability is identified as CVE-2024-38063.
A Remote Code Execution (RCE) vulnerability was found in the DICOM file import process of Invesalius 3. This vulnerability affects versions 3.1.99991 to 3.1.99998. By utilizing a specially crafted DICOM file, an attacker can execute arbitrary code on the victim's system.
Gitea version 1.22.0 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. This security flaw enables a malicious actor to insert harmful scripts that are stored on the server and run within the context of another user's session.
The Elber ESE DVB-S/S2 Satellite Receiver 1.5.x devices suffer from an unauthenticated device configuration and client-side hidden functionality disclosure. An attacker can exploit this vulnerability to manipulate device configuration settings and reveal hidden functionalities without authentication.
The Elber Wayber Analog/Digital Audio STL version 3.0.0 and below, including Firmware versions 4.00 Rev. 1501, 4.00 Rev. 1516, and 3.00 Rev. 1350, are vulnerable to an authentication bypass. By exploiting this vulnerability, an attacker can gain unauthorized access to the password management functionality, allowing them to change passwords for any user in the system. This unauthorized access compromises the security of the device.
Elber Wayber Analog/Digital Audio STL 4.00 devices are vulnerable to unauthenticated device configuration and disclosure of hidden functionalities on the client-side. An attacker can exploit this issue to modify device configurations without authentication and reveal hidden functionalities that are not intended for regular users.
An exploit that allows an attacker to remotely execute commands on an Aurba 501 device. By manipulating the 'ping_ip' parameter in a POST request, an attacker can inject arbitrary commands, leading to unauthorized access.
The Elber ESE DVB-S/S2 Satellite Receiver 1.5.x devices are prone to an authentication bypass vulnerability due to unauthorized access to the password management function. By manipulating the set_pwd endpoint, attackers can change the password of any user, granting them unauthorized administrative access to critical parts of the application and compromising system security.