[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":42,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":49,"vulnerability-2588":55,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":86},[4,15,21,30,37],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[20],"/blog",{"title":22,"slug":23,"text":24,"link":25,"external":9,"targets":26,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","Detect 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/vulnerabilities-exploits/phpbb-authentication-bypass_29369",[27],"/vulnerabilities-exploits","See the details","phpbb-authentication-bypass",{"title":31,"slug":32,"text":33,"link":34,"external":9,"targets":35,"cta":36,"variant":13,"campaign_id":29},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve","See how our research team discovered these 2 new CVEs in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",[27],"Read the research",{"title":38,"slug":39,"text":24,"link":25,"external":9,"targets":40,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper",[41],"/exploit-helpers/sniper",["Island",43],{"key":44,"params":45,"result":47},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":46},"{}",{"head":48},{},["Island",50],{"key":51,"params":52,"result":53},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":46},{"head":54},{},{"id":56,"detectable_with":57,"vuln_details":64,"vuln_id":83,"name":84,"published":85,"updated":65},2588,{"tool":58,"engine":61},{"id":59,"name":60},1,"Network Scanner",{"id":62,"name":63},2,"Nuclei",{"id":56,"codename":65,"description":65,"severity":66,"risk_description":67,"public_description":68,"public_recommendation":69,"recommendation":65,"references":70,"cvssv3":76,"epss_score":77,"epss_percentile":78,"cve":79,"in_cisa_catalog":81,"date":82,"software_type":65,"vendor":65,"product":65,"ptt_exploit_capabilities":65},null,"high","Unauthenticated attackers can execute time-based blind SQL injection through the IP parameter to extract sensitive database information including user credentials, posts, comments, and WordPress configuration data.","The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the IP parameter found in the ~/includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 13.1.5.","Update WP Statistics plugin to version 13.1.6 or later that properly escapes and parameterizes the IP parameter.",[71,72,73,74,75],"https://wordpress.org/plugins/wp-statistics/","https://gist.github.com/Xib3rR4dAr/5dbd58b7f57a5037fe461fba8e696042","https://nvd.nist.gov/vuln/detail/CVE-2022-25149","https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2679983%40wp-statistics&new=2679983%40wp-statistics&sfp_email=&sfph_mail=","https://www.wordfence.com/vulnerability-advisories/#CVE-2022-25149",7.5,0.77956,0.99517,[80],"CVE-2022-25149",false,"2022-02-24T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2022-25149","WordPress Plugin WP Statistics \u003C= 13.1.5 - SQL Injection","2023-10-18T00:00:00Z",["Island",87],{"key":88,"params":89,"result":91},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":90},"{\"text-color\":\"gray\"}",{"head":92},{}]