wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
AneCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
AneCMS is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.
This PHP code demonstrates a proof of concept for a vulnerability in the WDDX extension of PHP. The vulnerability allows for an information leak through the deserialization of session data. By sending a specially crafted session data, an attacker can retrieve sensitive information from the server's memory stack.
The VideoWhisper PHP 2 Way Video Chat application is prone to a cross-site scripting vulnerability due to insufficient input sanitization. This vulnerability can be exploited by an attacker to execute arbitrary script code in the browser of a victim user, within the context of the affected site. This can lead to the theft of authentication credentials stored in cookies and enable the attacker to launch further attacks.
The Plesk Server Administrator (PSA) is prone to a local file-include vulnerability due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible.
The crash occurs due to an out of bounds read. We overwrite 4 bytes in an FG44 chunk header with xffxffxffxff. The crash occurs during image parsing.
This PHP script demonstrates a proof of concept for the php_binary session deserialization vulnerability. By manipulating the session data, an attacker can leak sensitive information from the server.
Arab Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The Help and Support Center is vulnerable to cross-site scripting attacks due to inadequate input sanitization. An attacker can exploit this vulnerability to execute arbitrary script code in the browser's privileged zone of an unsuspecting user.
Bits Video Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Services By CQR