Successful exploits of these issues allow the attacker-supplied HTML and script code to run in the context of the affected browser potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user, or to bypass security mechanisms.
An attacker can exploit this issue to gain unauthorized access to the affected device. A successful authentication of a privilege (admin) ID in the web portal allows any attacker in the network to hijack and reuse the existing session in order to trick and allow the web server to execute administrative commands. The command may be freely executed from any terminal in the network as long as the session of the privilege ID is valid.
Multiple Aztech routers are prone to a denial-of-service vulnerability. Attackers may exploit this issue to cause an affected device to crash, resulting in a denial-of-service condition. Aztech DSL5018EN, DSL705E and DSL705EU are vulnerable.
Aztech Modem Routers are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks.
Food Order Portal is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.
W3 Total Cache plugin for WordPress is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.
Xhanch My Twitter plugin for WordPress is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.
WP to Twitter Plugin for WordPress is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. WP to Twitter 2.9.3 is vulnerable; other versions may also be affected.
The Ninja Forms Plugin for WordPress is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Antioch theme for Wordpress is prone to an arbitrary file-download vulnerability. An attacker can exploit this issue to download arbitrary files from the web server and obtain potentially sensitive information.
Services By CQR