The Wpeasystats Wordpress plugin is vulnerable to a Remote File Inclusion (RFI) attack. An attacker can send a malicious URL to an unsuspecting user, which when clicked, will execute arbitrary code on the vulnerable server. This is possible due to the lack of input validation in the export.php file, which allows an attacker to include a remote file via the 'homep' parameter.
Allwebmenus Wordpress Menu Plugin is vulnerable to Remote File Inclusion (RFI) vulnerability. An attacker can exploit this vulnerability by sending a crafted HTTP request with a malicious file path in the 'abspath' parameter. This will allow the attacker to execute arbitrary code on the vulnerable system.
Thecartpress Wordpress plugin is vulnerable to Remote File Inclusion (RFI) due to insufficient sanitization of user-supplied input. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This can allow the attacker to execute arbitrary code on the server, resulting in a complete compromise of the system.
Input passed to the 'charSet' parameter in 'edit.php' is not properly sanitised before being returned to the user. This can be exploited to insert arbitrary HTTP headers, which are included in a response sent to the user.
The WordPress Filedownload Plugin 0.1 is vulnerable to a remote file disclosure vulnerability. An attacker can exploit this vulnerability by sending a crafted request to the download.php file with the path parameter set to the path of the file they wish to disclose. This vulnerability can be exploited by using the Google Dork 'inurl:/wp-content/plugins/filedownload/download.php/?path'
The vulnerability exists due to insufficient sanitization of user-supplied input in the 'month' parameter of the 'notes.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in the context of the application. This can allow the attacker to bypass authentication and gain access to the application data.
The KnFTP Server is vulnerable to a buffer overflow attack, which can be exploited to cause a denial of service. The vulnerable commands are MKD, LS, ABOR, CD, APPE, REST, and PWD. The application was tested on Windows XP SP2/SP3 Professional with DEP off. The EAX, ECX, EDX, EBX, ESP, EBP, ESI, EDI, EIP, C, P, A, Z, S, T, D, O, EFL, ST0-ST7, FST, and FCW registers are all overwritten.
This module exploits a stack buffer overflow in Azeotech's DaqFactory product. The specfic vulnerability is triggered when sending a specially crafted 'NETB' request to port 20034. Exploitation of this vulnerability may take a few seconds due to the use of egghunter. This vulnerability was one of the 14 releases discovered by researcher Luigi Auriemma.
Input passed to the 'd' parameter in /scripts/phpCrop/crop.php is not properly sanitised before being used to delete files. This can be exploited to delete files with the permissions of the web server via directory traversal sequences passed within the 'd' parameter.
iManager suffers from a file inlcusion vulnerability (LFI) / file disclosure vulnerability (FD) when input passed thru the 'lang' parameter to imanager.php, rfiles.php, symbols.php, colorpicker.php, loadmsg.php, ov_rfiles.php and examples.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks and URL encoded NULL bytes.
Services By CQR