DrayTek Vigor Format String Vulnerability

DrayTek Vigor is a router. a format string vulnerability exists in DrayTek Vigor, which can be exploited by remote attackers to execute arbitrary code via specially crafted HTTP messages containing malformed query strings...

Draytek多款产品格式化字符串错误漏洞

DrayTek Vigor is a router. a format string vulnerability exists in DrayTek Vigor, which can be exploited by remote attackers to execute arbitrary code via specially crafted HTTP messages containing malformed query strings...

undertow: special character in query results in server errors

A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability...

PHP-Nuke 5.6 - modules.php SQL Injection

PHP-Nuke 5.6 - modules.php SQL Injection source: https://www.securityfocus.com/bid/6088/info A SQL injection vulnerability has been reported for PHP-Nuke 5.6. The vulnerability is due to insufficient sanitization of variables used to construct SQL queries in some scripts. It is possible to modify...