CVE-2015-20121

Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting arbitrary SQL code through the GET parameter 'uid' in /admin/users.php and the POST parameter 'agent' in /admin/mailer.php. Attackers can...

RealtyScript SQL注入漏洞

RealtyScript is a real estate website management system developed by RealtyScript Inc. Version 4.0.2 of RealtyScript has a SQL injection vulnerability, which stems from improper cleaning of the uid and agent parameters. This vulnerability could allow unverified attackers to inject arbitrary SQL...

CVE-2015-20121 RealtyScript 4.0.2 SQL Injection via u_id and agent Parameters

Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting arbitrary SQL code through the GET parameter 'uid' in /admin/users.php and the POST parameter 'agent' in /admin/mailer.php. Attackers can...

CVE-2015-20121

Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting arbitrary SQL code through the GET parameter 'uid' in /admin/users.php and the POST parameter 'agent' in /admin/mailer.php. Attackers can...

EUVD-2000-0815

Malware in sbrugna...

EUVD-2021-11091

Malware in sbrugna...

CVE-2021-24177

In the default configuration of the File Manager WordPress plugin before 7.1, a Reflected XSS can occur on the endpoint /wp-admin/admin.php?page=wpfilemanagerproperties when a payload is submitted on the User-Agent parameter. The payload is then reflected back on the web application response...

U.S. Dept Of Defense: Blind Sql Injection in https://████

A SQL injection vulnerability was discovered in the User-Agent parameter of the website "https://██████████/". The vulnerability allowed an attacker to inject SQL commands through the User-Agent HTTP header...

D-Link DIR-823G Buffer Overflow Vulnerability

The D-Link DIR-823G is a home dual-band Gigabit wireless router with second-generation 802.11ac Wi-Fi5 technology designed for medium- to high-speed broadband networks. The D-Link DIR-823G suffers from a buffer overflow vulnerability that stems from a buffer overflow vulnerability in the User-Age...

Buffer overflow

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input, and possibly remote code execution...

CVE-2024-27657

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input, and possibly remote code execution...

CVE-2022-34879

Reflected Cross Site Scripting XSS vulnerabilities in AST Agent Time Sheet interface /vicidial/ASTagenttimesheet.php of VICIdial via agent, and searcharchiveddata parameters. This issue affects: VICIdial 2.14b0.5 versions prior to 3555...

PT-2022-22051 · Jenkins · Jenkins Agent Server Parameter Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Agent Server Parameter Plugin versions 1.1 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which can be exploited by attackers with Item/Configure permission. This occurs because the name...

WordPress visitors-app 0.3 Plugin - (user-agent) Stored Cross-Site Scripting Vulnerability

Exploit Title: WordPress Plugin visitors-app 0.3 - 'user-agent' Stored Cross-Site Scripting XSS Exploit Author: Mesut Cetin Vendor Homepage: https://profiles.wordpress.org/domingoruiz/ Software Link: https://wordpress.org/plugins/visitors-app/ Version: 0.3 Tested on: Debian GNU/Linux 10 Reference...

Default configuration

In the default configuration of the File Manager WordPress plugin before 7.1, a Reflected XSS can occur on the endpoint /wp-admin/admin.php?page=wpfilemanagerproperties when a payload is submitted on the User-Agent parameter. The payload is then reflected back on the web application response...

WP File Manager < 7.1 - Reflected Cross-Site Scripting (XSS)

During a quick security auditing of the plugin, in the default configuration a Reflected XSS can occur on the endpoint /wp-admin/admin.php?page=wpfilemanagerproperties when a payload is submitted on the User-Agent parameter. The payload is then reflected back on the web application response...

BRS Webweaver 1.06 - HTTPd User-Agent Remote Denial of Service

BRS Webweaver 1.06 - HTTPd User-Agent Remote Denial of Service // source: https://www.securityfocus.com/bid/8947/info It has been reported that BRS WebWeaver may be prone to a denial of service issue that may allow a remote attacker to cause the software to crash or hang. The issue presents itsel...

BRS Webweaver 1.06 - HTTPd &#039;User-Agent&#039; Remote Denial of Service

// source: https://www.securityfocus.com/bid/8947/info It has been reported that BRS WebWeaver may be prone to a denial of service issue that may allow a remote attacker to cause the software to crash or hang. The issue presents itself when the server receives a request containing a large string...

CVE-2000-0828

Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter...

CVE-2000-0828

Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter...