wp-import-export-lite domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121insert-headers-and-footers domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121
Alt-n WebAdmin is reportedly affected by multiple remote vulnerabilities. The application is affected by multiple cross-site scripting issues. An attacker may leverage these issues to execute arbitrary HTML and script code in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. The application is reportedly also affected by an access validation vulnerability with regards to user accounts. This issue could permit an attacker to modify various aspects of an existing users account.
It is reported that WebWasher Classic is prone to a weakness that may allow remote attackers to connect to arbitrary ports on a vulnerable computer. This weakness may be combined with other attacks to exploit latent vulnerabilities. An attacker can bypass access controls implemented by the application through this attack.
Magic Winmail Server is reportedly affected by multiple vulnerabilities. There are two distinct directory traversal vulnerabilities in the Webmail interface allowing both arbitrary file downloads and uploads. There is also a HTML injection vulnerability in the Webmail interface that could lead to the theft of the administrator's session cookie. There are several directory traversal vulnerabilities in the IMAP service commands which could permit a malicious user to read arbitrary emails, create or delete arbitrary files on the server and possibly retrieve arbitrary files from the server. Magic Winmail Server's FTP service also reportedly fails to properly verify the IP address supplied by a user in a PORT command.
War FTP Daemon is reported prone to a remote denial of service vulnerability. This issue arises because the application fails to handle exceptional conditions in a proper manner. War FTP Daemon 1.82.00-RC9 is reported prone to this issue. It is likely that previous versions are vulnerable as well.
A remote buffer overflow vulnerability affects the IN_CDDA.dll library of Nullsoft's Winamp. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into finite process buffers. An attacker may distribute malicious play-list files and entice unsuspecting users to process them with the affected application.
Comersus Cart is reportedly affected by multiple vulnerabilities. There is a possiblity of gaining administrator access due to a failure of the application to remove an installation script after install. There is the possiblity of SQL injection by passing a malicious HTTP referer header. There are also some possible cross-site scripting issues. The vendor has addressed these issues in Comersus Cart version 6.0.2; earlier version are reportedly vulnerable. The following proof of concept is available for the SQL injection issue: GET /comersus/store/default.asp HTTP/1.1 Referer: <SQLCODE HERE>
Multiple input validation vulnerabilities affect MercuryBoard due to a failure of the application to properly sanitize user-supplied input prior to using it in critical functionality. An attacker may leverage these issues to execute arbitrary code in the browser of an unsuspecting user and manipulate SQL queries against the underlying database, which may facilitate the theft of authentication credentials, destruction of data, and other attacks.
Exponent is reported prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user facilitating theft of cookie-based authentication credentials and other attacks. Exponent 0.95 is reported prone to these issues. It is likely that previous versions are vulnerable as well.
DivX Player is prone to a directory traversal vulnerability when DPS '.dps', archive files are processed. An attacker may exploit this issue to save a script or executable file in an arbitrary location, which may lead to the execution of malicious code when the affected system is restarted. Alternatively, the attacker may overwrite a target file with the privileges of a user that is installing a malicious skin file.
Netscape Navigator is prone to a vulnerability that may result in a browser crash when the browser performs an infinite JavaScript array sort operation. It is conjectured that this will only result in a denial of service and is not further exploitable to execute arbitrary code, though this has not been confirmed.
Services By CQR
