wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
This vulnerability allows an attacker to bypass authentication in SonicWALL GMS/Viewpoint/Analyzer by exploiting a flaw in the /sgms/ endpoint.
This script exploits a vulnerability in Fastgraf's whois.cgi script, allowing an attacker to execute arbitrary commands on the target server. By sending a specially crafted POST request, the attacker can inject a command in the 'host' parameter and execute it on the server. The script then captures the output of the command and displays it. This vulnerability was discovered by Marco van Berkum and the script can be found on his homepage at http://ws.obit.nl.
The 'ssi.php' script in Invision Power Board is prone to a cross-site scripting vulnerability. This vulnerability occurs due to a lack of sufficient sanitization in the 'ssi.php' script when processing the user-influenced 'f' parameter. An attacker can exploit this vulnerability to steal cookie-based authentication credentials and potentially perform other malicious activities.
A remote user can launch cross-site scripting attacks by injecting malicious code through the 'msg' parameter in the 'shoperror.asp' script.
The Linksys Web Camera software is prone to a cross-site scripting vulnerability that may allow a remote attacker to steal cookie-based authentication credentials or carry out other attacks. The vulnerability occurs when an attacker passes malicious HTML or script code to the application via the 'next_file' parameter of the 'main.cgi' script.
The WinAgents TFTP Server is prone to a remote off-by-one buffer overrun vulnerability. The issue occurs due to a lack of sufficient boundary checks performed on filenames when a request is made for a file. A remote attacker can exploit this vulnerability by sending a malicious request with a filename of excessive length, triggering the vulnerability and resulting in a denial of service.
PHP-Nuke is prone to multiple vulnerabilities including cross-site scripting (XSS) in the 'Faq', 'Encyclopedia', and 'Reviews' modules, SQL injection in the 'Reviews' module, and a remote denial of service (DoS) vulnerability in the score subsystem of the 'Review' module. These vulnerabilities occur due to insufficient sanitization of user-supplied data, allowing remote attackers to execute malicious code, modify database queries, and deny service to legitimate users.
PHP-Nuke is prone to multiple vulnerabilities including cross-site scripting issues in the 'Faq', 'Encyclopedia', and 'Reviews' modules, an SQL Injection vulnerability in the 'Reviews' module, and a remote denial of service vulnerability in the score subsystem of the 'Review' module. These vulnerabilities are caused by insufficient sanitization of user-supplied data, allowing attackers to execute malicious code, modify database queries, and deny service to legitimate users.
An attacker can obfuscate the URI of a link in Microsoft Internet Explorer and Opera, which can lead to the impersonation of legitimate websites and the theft of sensitive information from users. This vulnerability allows an attacker to redirect users to an attacker-controlled site.
Blackboard allows users to download files posted in the 'Digital Dropbox' without proper authorization. The application does not verify the requester's authorization, allowing anyone with the URI to download the file. An attacker can exploit this vulnerability to access potentially sensitive information.
Services By CQR