wp-import-export-lite domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121insert-headers-and-footers domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121
It is possible to create a denial of Service condition by appending a null character to a request for a MS-DOS device name (such as AUX). Multiple malformed requests will cause the server to hang.
A vulnerability exists in some versions of the Performance Co-Pilot (PCP) daemon. It is possible to cause a denial of service condition by sending the daemon a large string of arbitrary data. An example of this exploit is using a Perl script to generate a large string of data and sending it to the PCP daemon via telnet.
Messagerie is a web message board application maintained by La Basse. An issue has been discovered in Messagerie, which could allow an attacker to delete arbitrary user accounts. Reportedly, submitting a specially crafted URL will successfully remove user accounts. It should be noted that known usernames of the system is required.
MiniBB does not filter script code from URL parameters, making it prone to cross-site scripting attacks. This may enable a remote attacker to steal cookie-based authentication credentials from legitimate users of a website running MiniBB.
Blahz-DNS is a web based management tool for DNS information implemented in PHP and available for Linux systems. By directly calling scripts included with Blahz-DNS, it is possible to bypass the authentication check, gaining full access to the Blahz-DNS tool.
A vulnerability has been reported in some versions of DNSTools which allows any remote attacker to gain administrative access. An artificially constructed URL may define variables used to track user authentication and administrative access.
Admanager is banner advertisement management software. It is written in PHP and will run on most Unix and Linux variants, in addition to Microsoft Windows operating systems. Access to the 'add.php3' script does not require authentication. It is possible for a remote attacker to manipulate URL parameters of this script and change banner advertisement content.
Ultimate PHP Board (UPB) is web forum software. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. Ultimate PHP Board does not filter script code from image tags. This may allow an attacker to include script code in forum messages. Injected script code will be executed in the browser of an arbitrary web user who views the malicious forum message, in the context of the website running UPB. It may be possible to inject script code into other UPB-Code formatting tags, though this has not been confirmed.
Cross Site Scripting (XSS) issues has been reported in some versions of thttpd. thttpd fails to check URLs for the presence of script commands when generating error pages, allowing the attacker-supplied code to execute within the context of the hosted site.
PHProjekt is a freely available, open source PHP Groupware package. It is actively maintained by the PHPProjekt Development Team. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. Some of the PHProjekt scripts are only intended to be accessed by users who have been authenticated. However, it has been reported that it is possible for an unauthenticated attacker to access these scripts via a specially crafted web request. An attacker can access the script by appending an extraneous string to the URL, such as http://www.somehost.com/phprojekt/mail/mail_send.php/sms, where the extraneous “sms” is included to be passed to the $PHP_SELF variable as part of the PATH_INFO. This causes PHPProjekt to behave as though the attacker accessing the script is logged on to PHPProjekt as a legitimate user.
Services By CQR
