CVE-2024-42815

In the TP-Link RE365 V1180213, there is a buffer overflow vulnerability due to the lack of length verification for the USERAGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

CVE-2024-42815

In the TP-Link RE365 V1180213, there is a buffer overflow vulnerability due to the lack of length verification for the USERAGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

CVE-2024-42815

TP-Link RE365 V1_180213 is affected by CVE-2024-42815 due to a buffer overflow in /usr/bin/httpd arising from insufficient length verification of the USER_AGENT field. This can allow remote attackers to crash the device or execute arbitrary commands. The vulnerability is widely reported across mu...

CVE-2024-42815

In the TP-Link RE365 V1180213, there is a buffer overflow vulnerability due to the lack of length verification for the USERAGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

CVE-2024-42815

In the TP-Link RE365 V1180213, there is a buffer overflow vulnerability due to the lack of length verification for the USERAGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

CVE-2018-12580

CVE-2018-12580 affects DragonByte vBSecurity 3.x up to 3.3.0 for vBulletin 3/4. The issue is a self-XSS in the Login Sessions feature caused by untrusted input in the session field $session['user_agent'], enabling an attacker to inject script/HTML. The Red Hat entry and CNVD/NVD records corrobora...

Adobe ColdFusion 6/7 User_Agent Error Page Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22401/info Adobe ColdFusion is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker could exploit this vulnerability to execute arbitrary script code in t...

phpdisk V7 （20140604） 绕过补丁继续上传任意文件。

简要描述： 验证encryptkey. 这个会上首页吗。。 好紧张。。 详细说明： 首先说一下 官方的demo站竟然还没打补丁。 我进去的时候已经看见里面有几个马儿了。。 打下补丁 清下马儿把。 来看看0604出的补丁修改了哪里。 在plugins/phpdiskclient/clientsub.php switch $action case 'uploadfile': //writefilePHPDISKROOT.'system/2.txt',varexport$POST,true;...

Janissaries Joomla Civicrm Shell Upload

||| /|/ | /\ | //|| /\ / / / / / / /// ----------------------------------------------------------------------------- Janissaries Joomla ComCivicrm Exploitation Tool with MultiThread Coded by Miyachung Stay away from lamers o.O Contact: [email protected] Special Thanks : B127Y Site:...

Weeds Weedcms v4. 0-5. 0 blind injection vulnerability-vulnerability warning-the black bar safety net

Weeds Weedcms v4. 0 sp1 to the latest 5.0 New Year Edition USERAGENT blind injection vulnerability Program description: wild Weedcms based on the PHP+MYSQL schema. Innovative content management mode, the establishment of channels can be defined in the content model, both in the background you can...

CVE-2006-5227

Cross-site scripting XSS vulnerability in admin.php in TorrentFlux 2.1 allows remote attackers to inject arbitrary web script or HTML via 1 the $useragent variable, probably obtained from the User-Agent HTTP header, and possibly 2 the $ipresolved variable...

Linuxconf 1.1.6 r10 - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/2352/info Linuxconf is a Linux configuration utility from Solucorp. An attacker supplying excess data to the USERAGENT field in vulnerable versions of Linuxconf. This data can overflow the relevant buffer, creating a stack overflow and, properly...