wp-import-export-lite domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121insert-headers-and-footers domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121
An input validation error has been reported in Invision Board which may result in the manipulation of SQL queries. An attacker may be able to exploit this vulnerability by manipulating some URI parameter to include malicious SQL commands and queries which may result in information disclosure, or database corruption.
A denial of service vulnerability has been reported for Abyss Web Server. The vulnerability exists when Abyss attempts to parse certain incomplete HTTP headers. Sending either of the incomplete HTTP headers 'Connection:' and 'Range:' to the server will cause it to crash.
Local users may be capable of influencing the include path for PHPSysinfo language include files. If the malicious language file is symlinked to a web server readable file, the contents of the linked file may be disclosed to the attacker. The file may also contain PHP code which may be executed in the context of the web server hosting the vulnerable application.
A weakness has been discovered on various systems that may result in an attacker gaining information pertaining to the existence of inaccessible files. The problem lies in the return times when attempting to access existent and non-existent files. By making requests for various files, it may be possible for an attacker to deduce whether the file exists, by examining the amount of time it takes for an error to be returned.
It has been reported that WebC will execute in the directory of a symbolic link from which it is invoked. Because of this, it may be possible for a local user to load a configuration file that enabled dangerous variables.
The Netgear FM114P allows certain ports to be blocked, both for external users attempting to enter the local network and for local users connecting to the WAN. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a UPnP SOAP request can cause a connection to be intitiated through a port that is normally blocked.
The Netgear FM114P ProSafe Wireless Router is vulnerable to information disclosure. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a UPnP SOAP request can retrieve the username and password for the WAN interface.
A vulnerability in ChiTex has been reported that may allow local users to obtain root privileges on vulnerable systems. The vulnerability exists due to the existence of two setuid root binaries that execute the 'cat' program without an absolute path. An attacker can exploit this vulnerability by creating a malicious 'cat' file and invoking the setuid binaries. This will result in the execution of the attacker-supplied 'cat' file with root privileges.
It has been reported that it is possible to inject malicious script code into the subject of a message in Phorum. This may be done by constructing a malicious subject line (or other fields) before sending an email to the target victim.
It has been reported that passlogd does not properly handle some types of input. Because of this, an attacker may be able to gain unauthorized access to hosts running the vulnerable software.
Services By CQR
