wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of 'dataOffsets[0]' boundary checks. This vulnerability allows for remote code execution.
This module exploits a buffer overflow vulnerability found in Chasys Draw IES (version 4.10.01). The vulnerability exists in the module flt_BMP.dll, while parsing BMP files, where the ReadFile function is used to store user provided data on the stack in an insecure way. It results in arbitrary code execution under the context of the user viewing a specially crafted BMP file. This module has been tested successfully with Chasys Draw IES 4.10.01 on Windows XP SP3 and Windows 7 SP1.
This module exploits a vulnerability in MiniWeb HTTP server (build 300). The software contains a file upload vulnerability that allows an unauthenticated remote attacker to write arbitrary files to the file system. Code execution can be achieved by first uploading the payload to the remote machine as an exe file, and then upload another mof file, which enables WMI (Management Instrumentation service) to execute the uploaded payload. Please note that this module currently only works for Windows before Vista.
This exploit is used to send TCP reset packets to terminate an established TCP connection. It is compiled with Delphi 5/6/7.
APT-webshop is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
This exploit allows an attacker to perform a blind SQL injection attack on PHPWind version 5.0.1 and below. The vulnerability can be exploited by an authenticated admin user to execute arbitrary SQL queries and gain unauthorized access to the database.
This is a local file inclusion vulnerability in phpwcms version 1.2.6. It allows an attacker to include local files by manipulating the 'wcs_user_lang' cookie. The vulnerability exists in the 'login.php' file, specifically in lines 45-63. The code checks if the 'form_lang' parameter is set in the POST request and then sets the 'wcs_user_lang' session variable to a lowercase version of the parameter. However, there is no validation or sanitization of the input, allowing an attacker to include any file on the server. This can lead to unauthorized access, information disclosure, and remote code execution.
The vulnerability allows an attacker to inject SQL queries into the application, potentially compromising its security and accessing or modifying data. In this case, the vulnerability is triggered by the application's failure to properly sanitize user-supplied input before using it in an SQL query.
The BASE application fails to properly sanitize user-supplied input in the 'PrintFreshPage' function, allowing an attacker to execute arbitrary script code in the browser of an unsuspecting user.
UltraVNC is susceptible to multiple error-logging remote buffer-overflow vulnerabilities. These issues are due to the application's failure to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers. A successful attack may allow remote attackers to execute arbitrary code on a vulnerable computer to gain unauthorized access in the context of the application.
Services By CQR