CVE-2024-0787

phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'getuserip' function in 'class.Common.php' at lines 1044 and 1045, where the presence of the...

CVE-2024-0787 Improper Restriction of Excessive Authentication Attempts in phpipam/phpipam

phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'getuserip' function in 'class.Common.php' at lines 1044 and 1045, where the presence of the...

CVE-2022-1601

The User Access Manager WordPress plugin before 2.2.18 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible for attackers to access restricted content in certain situations...

CVE-2022-1601 User Access Manager < 2.2.18 - IP Spoofing

The User Access Manager WordPress plugin before 2.2.18 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible for attackers to access restricted content in certain situations...

User Access Manager < 2.2.18 - IP Spoofing

Description The plugin prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible for attackers to access restricted content in certain situations. PoC Set HTTPXREALIP which is used in checkUserGroupAccess to use an IP from the allowlist...

FluentAuth < 1.0.2 - Bypass blocks by IP Spoofing

The plugin prioritizes getting a visitor's IP address from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass the IP-based blocks set by the plugin. PoC Set HTTPXREALIP, HTTPXFORWARDEDFOR, HTTPCFCONNECTINGIP or HTTPCLIENTIP to spoof the IP address...

Restricted Site Access < 7.3.2 - Access Bypass via IP Spoofing

The plugin prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations in certain situations. PoC Set HTTPCFCONNECTINGIP or any of the other headers in getclientipaddress to spoof the IP address...

CVE-2022-1600 YOP Poll < 6.4.3 - IP Spoofing

The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations to vote in certain situations...

Stack overflow

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wificaptiveportallogin with a sufficiently long REMOTEADDR key...

CVE-2020-14078

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wificaptiveportallogin with a sufficiently long REMOTEADDR key...

Fedora 28 : php-symfony (2018-9b54497b6e)

2.8.44 2018-08-01 - security cve-2018-14774 HttpKernel fix trusted headers management in HttpCache and InlineFragmentRenderer nicolas-grekas - security cve-2018-14773 HttpFoundation Remove support for legacy and risky HTTP headers nicolas-grekas - bug 28003 HttpKernel Fixes invalid REMOTEADDR in...

CVE-2018-10996

The webloginlog function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service buffer overflow via a session.cgi?ACTION=logout request involving a long REMOTEADDR environment variable...

Wordpress Simple Ads Manager Plugin - Multiple SQL Injection Vulnerability

Exploit for php platform in category web applications Vulnerability title: Wordpress plugin Simple Ads Manager - SQL Injection Product: Wordpress plugin Simple Ads Manager Vendor: https://profiles.wordpress.org/minimus/ Affected version: Simple Ads Manager 2.5.94 and 2.5.96 Download link:...

SCO OpenServer 5.0.x 'mana' REMOTE_ADDR Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8616/info It has been reported that SCO OpenServer Internet Manager 'mana' process is prone to an authentication bypass issue. The issue is reported to occur as a local user is able to export the REMOTEADDR environment...

Traidnt up 2.0 (report.php trtext) Blind SQL Injection Vulnerability

Traidnt up is a php online upload script assignmessage,charset$errors."انتظر سوف يتم تحويلك للملف مرة أخري".""; $traidnt-display"message.tpl"; else $ip = getenv'REMOTEADDR'; $reportquery = $db-query" INSERT INTO report reportkey ,reportwhy ,reportip VALUES '$fileid', '$trtext', '$ip';";...

BBSGood Forum program moprepost. asp variable HTTP_X_FORWARDED_FOR injection vulnerability-vulnerability warning-the black bar safety net

BBSGOOD is domestic first using the cache technology Forum, BBSGOOD posts and list home can generate a static HTML file. In the file moprepost. asp: if Request. ServerVariables"HTTPXFORWARDEDFOR"="" then ipdress=Request. ServerVariables"REMOTEADDR" else ipdress=Request...

Joomla Module Camp26 Visitor Data 1.1 Remote code Execution

No description provided by source. Joomla Module Camp26 Visitor Data 1.1 Remote code Execution ============================================================ - Discovered by : Chip D3 Bi0s - Email : [email protected] - Date : 2010-04-28 - Severity : 9/10 CVSS scored -----------------------------...

auracms-blindsql.txt

!/usr/bin/perl -w Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 2.x online.php - Remote Blind SQL Injection Exploit Waktu : Feb 15 2008 01:00PM Software : AuraCMS Versi : 2.0 2.1 2.2.1 Vendor : http://www.auracms.org/ ------------------------------------ Audit...

AuraCMS 1.62 (stat.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 1.62 - stat.php Remote Code Execution Exploit Waktu : Jan 16 2008 10:00PM Software : AuraCMS 1.62 ...

Back-end = 0.7.2.1 &#40;jpcache.php&#41; Remote command execution

/ Federico Fazzi, [email protected] / Back-end = 0.7.2.1 jpcache.php Remote command execution / 08/06/2006 1:04 Bug: jpcache.php: line 40 --- $includedir = $PSL'classdir' . "/jpcache"; --- Proof of concept: Back-end have a default path pre-set on jpcache.php, and cracker can execute a remote...