wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
The 'tcpdump' utility is prone to an integer-underflow vulnerability because it fails to bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.An attacker can exploit this issue to execute arbitrary malicious code in the context of the user running the affected application. Failed exploit attempts will likely crash the affected application.
Insanely Simple Blog is prone to multiple input-validation vulnerabilities, including cross-site scripting, HTML-injection, and SQL-injection issues. These vulnerabilities are due to the application's failure to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitrary script code in the context of the webserver process, compromise the application, obtain sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database.
The 'husrevforum' program is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
TBDev.NET DR is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.
Citadel WebCit is prone to multiple input-validation vulnerabilities, including multiple HTML-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.
The Piwigo CMS version 2.5.3 is vulnerable to Stored XSS on multiple parameters and CSRF vulnerability. In the first vulnerability, an attacker can inject malicious payload in the album name and execute arbitrary code. The payload can also be executed when managing albums. In the second vulnerability, an attacker can exploit the 'add a user' functionality using CSRF vulnerability.
The AzDG Dating Gold application fails to properly sanitize user-supplied input, leading to multiple remote file inclusion vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary remote files containing malicious script code in the context of the webserver process. This can result in the compromise of the application and the underlying system.
The AzDG Dating Gold application fails to properly sanitize user-supplied input, which leads to multiple remote file-include vulnerabilities. An attacker can exploit these vulnerabilities by injecting a malicious script code through the 'int_path' parameter in the 'footer.php' script. This allows the attacker to execute arbitrary remote files and potentially compromise the application and the underlying system.
The application fails to properly sanitize user-supplied input, allowing an attacker to execute arbitrary remote files containing malicious script code in the context of the webserver process. This can lead to compromise of the application and the underlying system.
MzK Blog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Services By CQR