Net-SNMP is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the SNMPD to crash, exhaust CPU resources or trigger infinite loop; denying service to legitimate users.
Multiple D-Link DIR series routers are prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information from local files on devices running the vulnerable application. This may aid in further attacks.
phpThumb is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because it fails to properly validate file extensions before uploading them. An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.
Attackers can exploit this issue to perform certain administrative actions and gain unauthorized access to the affected device. An attacker can craft a malicious HTML page that contains a form with hidden fields that will be submitted to the vulnerable router. The form contains the parameters 'rc', 'Pa', 'P1' and 'rd' with arbitrary values.
Thomson Reuters Velocity Analytics is prone to a vulnerability that lets attackers inject and execute arbitrary code. Successfully exploiting this issue may allow an attacker to upload and execute arbitrary code with SYSTEM privileges.
The Suco themes for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.
An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions.
SKIDATA Freemotion.Gate is prone to multiple remote command-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary commands in the context of the affected system by sending a specially crafted POST request containing a malicious XML payload to the vulnerable server.
The Blue Wrench Video Widget plugin for WordPress is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.
TomatoCart is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts. This could allow the attacker to compromise the application and the computer; other attacks are also possible.
Services By CQR