This exploit allows an attacker to perform a blind SQL injection attack on the ScriptMagix FAQ Builder version 2.0 or lower. By exploiting this vulnerability, the attacker can extract sensitive information such as usernames and passwords from the admin database.
The pfSense firewall software is prone to multiple cross-site scripting vulnerabilities due to inadequate sanitization of user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a targeted user, potentially leading to the theft of authentication credentials and other malicious activities.
The Safe Search plugin for Wordpress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The Processing Embed plugin for Wordpress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
SolarWinds Orion NPM is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Zimplit CMS is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
RDM Embedded is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Successful exploits may allow an attacker to execute arbitrary code in the context of a user running an application that uses the affected library. Failed exploit attempts may crash the application, denying service to legitimate users.
Successful exploits will allow attackers to make the affected computer unresponsive, denying service to legitimate users.
Aigaion is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
This exploit allows an attacker to change the admin login and password in Guestbara version 1.2. The attacker can modify the admin email, admin name, and admin password through a form submission. The exploit is performed by sending a POST request to the configuration.php file with the necessary parameters.
Services By CQR