milw0rm Archive |
From 2010 |
- MS Windows WebDAV (ntdll.dll) Remote Exploit
- MS Windows WebDAV Remote PoC Exploit
- Linux Kernel 2.2.x - 2.4.x ptrace/kmod Local Root Exploit
- Sun SUNWlldap Library Hostname Buffer Overflow Exploit
- MS Windows RPC Locator Service Remote Exploit
- WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit
- Samba 2.2.x Remote Root Buffer Overflow Exploit
- SETI@home Clients Buffer Overflow Exploit
- Apache HTTP Server 2.x Memory Leak Exploit
- Samba 2.2.8 Remote Root Exploit - sambal.c
- Apache <= 2.0.44 Linux Remote Denial of Service Exploit
- Linux Kernel < 2.4.20 Module Loader Local Root Exploit
- Chindi Server 1.0 Denial of Service Exploit
- Mac OS X <= 10.2.4 DirectoryService (PATH) Local Root Exploit
- PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit
- Xeneo Web Server 2.2.9.0 Denial of Service Exploit
- Snort <=1.9.1 Remote Root Exploit (p7snort191.sh)
- PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit (poptop-sane.c)
- MS Windows SMB Authentication Remote Exploit
- Qpopper 4.0.x poppassd Local Root Exploit
- Pi3Web 2.0.1 Denial of Service - Proof of Concept
- Real Server < 8.0.2 Remote Exploit (Windows Platforms)
- Sendmail <= 8.12.8 prescan() BSD Remote Root Exploit
- OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool
- OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
- CommuniGate Pro Webmail 4.0.6 Session Hijacking Exploit
- Kerio Personal Firewall 2.1.4 Remote Code Execution Exploit
- Firebird 1.0.2 FreeBSD 4.7-RELEASE Local Root Exploit
- Snitz Forums 3.3.03 Remote Command Execution Exploit
- CdRecord Version <= 2.0 Mandrake local root exploit
- MS Windows XP (explorer.exe) Buffer Overflow Exploit
- WsMp3d 0.x Remote Root Heap Overflow Exploit
- Webfroot Shoutbox < 2.32 (Apache) Remote Exploit
- MS Windows IIS 5.0 - 5.1 Remote Denial of Service Exploit
- MS Windows WebDav II (New) Remote Root Exploit
- MS Internet Explorer Object Tag Exploit (MS03-020)
- Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl
- Atftpd 0.6 Remote Root Exploit (atftpdx.c)
- Mandrake Linux 8.2 /usr/mail local exploit (d86mail.pl)
- mnoGoSearch 3.1.20 Remote Command Execution Exploit
- Winmail Mail Server 2.3 Remote Format String Exploit
- ProFTPD 1.2.9RC1 (mod_sql) Remote SQL Injection Exploit
- phpBB 2.0.5 SQL Injection password disclosure Exploit
- Yahoo Messenger 5.5 Remote Exploit (DSR-ducky.c)
- Kerio MailServer 5.6.3 Remote Buffer Overflow Exploit
- phpBB 2.0.4 Remote php File Include Exploit
- MS Windows Media Services Remote Exploit (MS03-022)
- Linux eXtremail 1.5.x Remote Format Strings Exploit
- ColdFusion MX Remote Development Service Exploit
- MS Windows WebDav III remote root Exploit (xwdav)
- ICQ Pro 2003a Password Bypass exploit (ca1-icq.asm)
- CCBILL CGI Remote Exploit for whereami.cgi (ccbillx.c)
- LeapFTP 2.7.x Remote Buffer Overflow Exploit
- Samba 2.2.8 (Bruteforce Method) Remote Root Exploit
- MS Windows Media Services (nsiislog.dll) Remote Exploit
- Solaris 2.6/7/8 (TTYPROMPT in.telnet) Remote Authentication Bypass
- Citadel/UX BBS 6.07 Remote Exploit
- Cisco IOS IPv4 Packets Denial of Service Exploit
- Cisco IOS IPv4 Packet Denial of Service Exploit (cisco-bug-44020.c)
- MS Windows 2000 RPC DCOM Interface DoS Exploit
- Cisco IOS (using hping) Remote Denial of Service Exploit
- miniSQL (mSQL) 1.3 Remote GID Root Exploit
- MS Windows (RPC DCOM) Remote Buffer Overflow Exploit
- MS Windows SQL Server Denial of Service Remote Exploit (MS03-031)
- MS Windows (RPC DCOM) Remote Exploit (w2k+XP Targets)
- Apache 1.3.x mod_mylo Remote Code Execution Exploit
- Linux Kernel <= 2.4.20 decode_fh Denial of Service Exploit
- MS Windows RPC DCOM Remote Exploit (18 Targets)
- MS Windows (RPC DCOM) Remote Exploit (48 Targets)
- XGalaga 2.0.34 local game exploit (Red Hat 9.0)
- xtokkaetama 1.0b Local Game Exploit (Red Hat 9.0)
- Trillian 0.74 Remote Denial of Service Exploit
- wu-ftpd 2.6.2 off-by-one Remote Root Exploit
- man-db 2.4.1 open_cat_stream() Local uid=man Exploit
- MS Windows (RPC DCOM) Remote Exploit (Universal Targets)
- Cisco IOS 12.x/11.x HTTP Remote Integer Overflow Exploit
- wu-ftpd 2.6.2 Remote Root Exploit (advanced version)
- DameWare Mini Remote Control Server SYSTEM Exploit
- Oracle XDB FTP Service UNLOCK Buffer Overflow Exploit
- MS Windows 2000 RSVP Server Authority Hijacking PoC Exploit
- Piolet Client 1.05 Remote Denial of Service Exploit
- MS Internet Explorer Object Data Remote Exploit (M03-032)
- Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit
- Real Server 7/8/9 Remote Root Exploit (Windows & Linux)
- GtkFtpd 1.0.4 Remote Root Buffer Overflow Exploit
- Linux pam_lib_smb < 1.1.6 /bin/login Remote Exploit
- eMule/xMule/LMule OP_SERVERMESSAGE Format String Exploit
- Stunnel <= 3.24, 4.00 Daemon Hijacking Proof of Concept Exploit
- Microsoft WordPerfect Document Converter Exploit (MS03-036)
- RealPlayer 9 *nix Local Privilege Escalation Exploit
- 4D WebSTAR FTP Server Suite Remote Buffer Overflow Exploit
- MS Windows (RPC DCOM) Scanner (MS03-039)
- MySQL 3.23.x/4.0.x Remote Exploit
- Pine <= 4.56 Remote Buffer Overflow Exploit
- MS Windows (RPC DCOM) Long Filename Overflow Exploit (MS03-026)
- Solaris Sadmind Default Configuration Remote Root Exploit
- Knox Arkeia Pro 5.1.12 Backup Remote Root Exploit
- MS Windows (RPC DCOM2) Remote Exploit (MS03-039)
- hztty 2.0 Local root exploit (Tested on Red Hat 9.0)
- GNU Cfengine 2.-2.0.3 Remote Stack Overflow Exploit
- IBM DB2 Universal Database 7.2 (db2licm) Local Exploit
- ProFTPD 1.2.9rc2 ASCII File Remote Root Exploit
- MS Windows (RPC2) Universal Exploit & DoS (RPC3) (MS03-039)
- ProFTPD 1.2.7 - 1.2.9rc2 Remote Root & brute-force Exploit
- MS Windows Messenger Service Denial of Service Exploit (MS03-043)
- mIRC 6.1 "IRC" Protocol Remote Buffer Overflow Exploit
- MS Exchange 2000 XEXCH50 Heap Overflow PoC (MS03-046)
- Solaris Runtime Linker (ld.so.1) Buffer Overflow Exploit (SPARC version)
- wu-ftpd 2.6.2 Remote Denial Of Service Exploit (wuftpd-freezer.c)
- NIPrint LPD-LPR Print Server <= 4.10 Remote Exploit
- MS Windows XP/2000 RPC Remote (non exec memory) Exploit
- OpenBSD (ibcs2_exec) Kernel Local Exploit
- MS Windows 2000/XP Workstation Service Overflow (MS03-049)
- TerminatorX <= 3.81 stack overflow local root exploit
- MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)
- MS Windows (ListBox/ComboBox Control) Local Exploit (MS03-045)
- MS Windows Workstation Service WKSSVC Remote Exploit (MS03-049)
- IA WebMail 3.x (iaregdll.dll version 1.0.0.5) Remote Exploit
- OpenBSD 2.x - 3.3 exec_ibcs2_coff_prep_zmagic() Kernel Exploit
- Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit
- Opera 7.22 File Creation and Execution Exploit (Malicious Webserver)
- Linux Kernel 2.4.22 "do_brk()" local Root Exploit (PoC)
- MS Windows XP Workstation Service Remote Exploit (MS03-049)
- Linux Kernel <= 2.4.22 (do_brk) Local Root Exploit (working)
- Apache 1.3.*-2.0.48 mod_userdir Remote Users Disclosure Exploit
- Eznet v3.5.0 Remote Stack Overflow and Denial of Service Exploit
- HP-UX B11.11 /usr/bin/ct Local Format String Root Exploit
- MS Windows Messenger Service Remote Exploit FR (MS03-043)
- Eznet 3.5.0 Remote Stack Overflow Universal Exploit
- phpBB 2.0.6 search_id sql injection MD5 Hash Remote Exploit
- PHP-NUKE version <= 6.9 'cid' sql injection Remote Exploit
- Cyrus IMSPD v1.7 abook_dbname Remote Root Exploit
- Xsok v1.02 "-xsokdir" local buffer overflow game exploit
- Linux Kernel "do_mremap" Local Proof of Concept
- Linux Kernel "do_mremap" Local Proof of Concept II
- lftp <= 2.6.9 Remote Stack based Overflow Exploit
- SuSE linux 9.0 YaST config Skribt Local Exploit
- Linux Kernel 2.4.x mremap() bound checking Root Exploit
- Need for Speed 2 Remote Client Buffer Overflow Exploit
- MS Windows XP/2003 Samba Share Resource Exhaustion Exploit
- Serv-U FTPD 3.x/4.x "SITE CHMOD" Command Remote Exploit
- MS Internet Explorer URL Injection in History List (MS04-004)
- rsync <= 2.5.7 Local stack overflow Root Exploit
- MS Windows ASN.1 LSASS.EXE Remote Exploit (MS04-007)
- Linux Kernel "mremap()"#2 Local Proof-of-concept
- GateKeeper Pro 4.7 web proxy Remote Buffer Overflow Exploit
- PSOProxy 0.91 Remote Buffer Overflow Exploit (Win2k/XP)
- IPSwitch IMail LDAP Daemon Remote Buffer Overflow Exploit
- Serv-U FTPD 3.x/4.x/5.x (MDTM) Remote Overflow Exploit
- WFTPD Server <= 3.21 Remote Buffer Overflow Exploit
- Linux Kernel 2.x mremap missing do_munmap Exploit
- Red Faction <= 1.20 Server Reply Remote Buffer Overflow Exploit
- Eudora 6.0.3 Attachment Spoofing Exploit (windows)
- Foxmail 5.0 PunyLib.dll Remote Stack Overflow Exploit
- WS_FTP Server <= 4.0.2 ALLO Remote Buffer Overflow Exploit
- eSignal 7.6 STREAMQUOTE Remote Buffer Overflow Exploit
- Ethereal 0.10.0-0.10.2 IGAP Overflow Remote Root Exploit
- RealSecure / Blackice iss_pam1.dll Remote Overflow Exploit
- Multiple Cisco Products Vulnerabilities Exploit (Cisco Global Exploiter)
- FirstClass Desktop 7.1 (latest) Buffer Overflow Exploit
- Monit <= 4.1 Remote Root Buffer Overflow Exploit
- Monit <= 4.2 Remote Root Buffer Overflow Exploit
- eMule <= 0.42d IRC Remote Buffer Overflow Exploit
- MS Windows IIS SSL Remote Denial of Service Exploit (MS04-011)
- Poll It CGI v2.0 exploit
- traceroute Local Root Exploit
- News Update 1.1 Change Admin Password
- GnomeHack 1.0.5 Local Buffer Overflow Exploit
- Half Life (rcon) Remote Buffer Overflow Exploit
- /sbin/restore exploit (rh6.2)
- Oracle (oidldapd connect) Local Command Line Overflow Exploit
- Restore and Dump Local Exploit
- Slackware Linux /usr/bin/ppp-off Insecure /tmp Call Exploit
- xsplumber - strcpy() buffer overflow
- ListMail v112 - Command Execution
- UtilMind Mail List 1.7 - Users Can Execute Commands
- MS Windows IIS Unicode Remote Transversal Bug
- MS Windows IIS Unicode Remote Transversal Bug (2)
- MS Windows IIS Unicode Remote Transversal Bug (3)
- MS Windows IIS Unicode Remote Transversal Bug (4)
- dump 0.4b15 Local Root Exploit
- HP-UX 11.00/10.20 crontab Overwrite Files Exploit
- Solaris/SPARC 2.7 / 7 locale Format String Exploit
- HP-UX 11.0 pppd Stack Buffer Overflow Exploit
- BSDi suidperl Local Stack Buffer Overflow Exploit
- wu-ftpd 2.6.0 Remote Root Exploit
- BSDi 3.0 / 4.0 rcvtty[mh] Local Exploit
- vixie-cron Local Root Exploit
- BFTPd vsprintf() Format Strings Exploit
- rpc Suid Privledge Exploit
- dump 0.4b15 exploit (Redhat 6.2)
- BSDi 3.0 inc Local Root Buffer Overflow Exploit
- INND/NNRP < 1.6.X Remote Root Overflow Exploit
- GLIBC (via /bin/su) Local Root Exploit
- Solaris locale Format Strings (noexec stack) Exploit
- phf buffer overflow exploit for Linux-x86
- HP-UX FTPD Remote Buffer Overflow Exploit
- Solaris sadmind Remote Buffer Overflow Exploit
- MS Windows (Jolt2.c) Denial of Service Exploit
- mount exploit for glibc locale bug
- dislocate - Local i386 exploit in v1.3
- UUCP Exploit - file creation/overwriting (symlinks)
- expect (/usr/bin/expect) buffer overflow
- GnomeHack Local Buffer Overflow Exploit (gid=games)
- PHP 3.0.16/4.0.2 Remote Format Overflow Exploit
- Kwintv Local Buffer Overflow Exploit (gid=video(33))
- gnome_segv local buffer overflow
- BFTPd 1.0.12 Remote Exploit
- LPRng 3.6.22/23/24 Remote Root Exploit
- LPRng (RedHat 7.0) lpd Remote Root Format String Exploit
- Oops! 1.4.6 (one russi4n proxy-server) Heap Buffer Overflow Exploit
- Linux xsoldier-0.96 exploit (Red Hat 6.2)
- LPRng 3.6.24-1 Remote Root Exploit
- Pine (Local Message Grabber) Exploit
- Check Point VPN-1/FireWall-1 4.1 SP2 Blocked Port Bypass Exploit
- Solaris 2.7 / 2.8 Catman - Local Insecure tmp Symlink Exploit
- OpenBSD 2.6 / 2.7ftpd Remote Exploit
- SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber Exploit
- Redhat 6.1 / 6.2 TTY Flood Users Exploit
- Linux Kernel 2.2 (TCP/IP Weakness) Exploit
- ml2 - local users can crash processes
- wu-ftpd 2.6.0 Remote Format Strings Exploit
- Solaris 2.6 / 7 / 8 Lock Users Out of mailx Exploit
- Fastgraf's whois.cgi Remote Command Execution Exploit
- BSD chpass (pw_error(3)) Local Root Exploit
- HP-UX 11.0 /bin/cu Privilege Escalation Exploit
- Solaris 2.5 / 2.5.1 getgrnam() Local Overflow Exploit
- GLIBC locale format strings exploit
- Solaris 7 / 8-beta arp Local Overflow Exploit
- APC UPS 3.7.2 (apcupsd) Local Denial of Service Exploit
- Seyon Exploit / Tested Version 2.1 rev. 4b i586-Linux
- IMAP4rev1 10.190 Authentication Stack Overflow Exploit
- Cisco Password Bruteforcer Exploit
- Redhat 6.1 man Local Exploit (egid 15)
- Solaris 2.6 / 2.7 /usr/bin/write Local Overflow Exploit
- jaZip 0.32-2 Local Buffer Overflow Exploit
- glibc-2.2 and openssh-2.3.0p1 exploits glibc >= 2.1.9x
- Tru64 5 (su) Env Local Stack Overflow Exploit
- splitvt < 1.6.5 Local Exploit
- SCO OpenServer 5.0.5 Env Local Stack Overflow Exploit
- Cisco Multiple Products Automated Exploit Tool
- Netscape Enterprise Server 4.0/sparc/SunOS 5.7 Remote Exploit
- Novell BorderManager Enterprise Edition 3.5 Denial of Service Exploit
- IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) /usr/bin/lpstat Local Exploit
- MS Windows 2000 sp1/sp2 isapi .printer Extension Overflow Exploit
- MS Windows 2000 sp1/sp2 isapi .printer Extension Overflow Exploit (2)
- BeroFTPD 1.3.4(1) Linux x86 Remote Root Exploit
- IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) /usr/lib/print/netprint Local Exploit
- MS Windows Utility Manager Local SYSTEM Exploit (MS04-011)
- WinZIP MIME Parsing Overflow Proof of Concept Exploit
- SquirrelMail chpasswd buffer overflow
- Linux Kernel <= 2.6.3 (setsockopt) Local Denial of Service Exploit
- MS Windows IIS 5.0 SSL Remote buffer overflow Exploit (MS04-011)
- MS Windows 2K/XP TCP Connection Reset Remote Attack Tool
- BIND 8.2.x (TSIG) Remote Root Stack Overflow Exploit
- BIND 8.2.x (TSIG) Remote Root Stack Overflow Exploit (2)
- BIND 8.2.x (TSIG) Remote Root Stack Overflow Exploit (3)
- Tru64 UNIX 4.0g /usr/bin/at Local Root Exploit
- BIND 8.2.x (TSIG) Remote Root Stack Overflow Exploit (4)
- IMAP4rev1 12.261/12.264/2000.284 (lsub) Remote Exploit
- Slackware 7.1 /usr/bin/mail Local Exploit
- FreeBSD 3.5.1/4.2 ports package local root exploit
- FreeBSD 3.5.1/4.2 Ports Package Local Root Exploit
- Progress Database Server 8.3b (prodb) Local Root Exploit
- sendtemp.pl Read Access to Files
- GLIBC 2.1.3 ld_preload Local Exploit
- MS Windows Lsasrv.dll RPC Remote Buffer Overflow Exploit (MS04-011)
- HP Web JetAdmin 6.5 (connectedNodes.ovpl) Remote Root Exploit
- MS Windows XP/2K Lsasrv.dll Remote Universal Exploit (MS04-011)
- XChat 1.8.0/2.0.8 socks5 Remote Buffer overflow Exploit
- Sasser Worm ftpd Remote Buffer Overflow Exploit (port 5554)
- Symantec Multiple Firewall DNS Response Denial of Service
- CVS Remote Entry Line Heap Overflow Root Exploit (Linux/FreeBSD)
- CVS Remote Entry Line Root Heap Overflow Exploit
- UNIX 7th Edition /bin/mkdir Local Buffer Overflow Exploit
- Borland Interbase <= 7.x Remote Exploit
- Subversion 1.0.2 svn_time_from_cstring() Remote Exploit
- Linux Kernel 2.4.x-2.6.x Assembler Inline Function Local DoS Exploit
- rlpr <= 2.04 msg() Remote Format String Exploit
- MPlayer <= 1.0pre4 GUI filename handling Overflow Exploit
- phpMyAdmin 2.5.7 Remote code injection Exploit
- MS Internet Explorer Remote Application.Shell Exploit
- MySQL 4.1/5.0 zero-length password Auth. Bypass Exploit
- Norton AntiVirus Denial of Service Vulnerability
- MS Outlook Express Window Opener Vulnerability
- MS Outlook Express Javascript Execution Vulnerability
- MS Internet Explorer Remote Wscript.Shell Exploit
- Resolv+ (RESOLV_HOST_CONF) Linux Library Local Exploit
- sudo.bin NLSPATH Local Root Exploit
- suid_perl 5.001 vulnerability
- Linux & BSD umount Local Root Exploit
- Xt Library Local Root Command Execution Exploit
- Ping of Death Remote Denial of Service Exploit
- BSD and Linux lpr Command Local Root Exploit
- Solaris 2.4 /bin/fdformat Local Buffer Overflow Exploits
- MS Windows NT Crash with an Extra Long Username DoS Exploit
- Solaris 2.5.1 lp and lpsched Symlink Vulnerabilities
- LibXt XtAppInitialize() overflow *xterm exploit
- Solaris 2.5.0/2.5.1 ps & chkey Data Buffer Exploit
- AIX 4.2 /usr/dt/bin/dtterm Local Buffer Overflow Exploit
- IRIX Multiple Buffer Overflow Exploits (LsD)
- AIX lquerylv Local Root Buffer Overflow Exploit
- IRIX /bin/login Local Buffer Overflow Exploit
- IRIX 5.3 /usr/sbin/iwsh Local Root Buffer Overflow
- Solaris 5.5.1 X11R6.3 xterm (-xrm) Local Root Exploit
- zgv $HOME overflow
- Linux imapd Remote Overflow File Retrieve Exploit
- Solaris 2.4 passwd, yppasswd, and nispasswd Overflow Exploits
- TCP SYN Denial of Service Exploit (bang.c)
- UDP Stress Tester Denial of Service Exploit
- Solaris /bin/login Remote Root Exploit (SPARC/x86)
- Squid 2.4.1 Remote Buffer Overflow Exploit
- wu-ftpd <= 2.6.1 Remote Root Exploit
- SSH (x2) Remote Root Exploit
- MS Windows 2000 Utility Manager Privilege Elevation Exploit (MS04-019)
- MS Windows 2K POSIX Subsystem Privilege Escalation Exploit (MS04-020)
- MS Windows 2000 Universal Language Utility Manager Exploit (MS04-019)
- MS Windows 2K/XP Task Scheduler .job Exploit (MS04-022)
- MS Internet Explorer Overly Trusted Location Cache Exploit
- MS Windows 2k Utility Manager (All-In-One) Exploit (MS04-019)
- OverByte ICS FTP Server Remote Denial of Service Exploit
- Medal of Honor Remote Buffer Overflow Vulnerability
- Lexmark Multiple HTTP Servers Denial of Service Vulnerability
- Drcat 0.5.0-beta (drcatd) Remote Root Exploit
- Flash FTP Server Directory Traversal
- Xitami Web Server Denial of Service Exploit
- Conceptronic CADSLR1 Router Denial of Service Vulnerability
- Samba <= 3.0.4 SWAT Authorization Buffer Overflow Exploit
- MS Internet Explorer (11 bytes) Denial of Service Exploit
- MS Windows SMS 2.0 Denial of Service Exploit
- Mac OS X Panther Internet Connect Local Root Exploit
- MS Windows XP Task Scheduler (.job) Universal Exploit (MS04-022)
- SoX Local Buffer Overflow Exploit
- Citadel/UX Remote Denial of Service Exploit (PoC)
- Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)
- OpenFTPD (<= 0.30.2) Remote Exploit
- OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit
- SoX Local Buffer Overflow Exploiter (Via Crafted WAV File)
- Linux Kernel File Offset Pointer Handling Memory Disclosure Exploit
- MS Internet Explorer Remote Null Pointer Crash (mshtml.dll)
- BlackJumboDog Remote Buffer Overflow Exploit
- CVSTrac Remote Arbitrary Code Execution Exploit
- Pavuk Digest Authentication Buffer Overflow Remote Exploit
- Serv-U 3x - 5.x Local Privilege Escalation Exploit
- Melange Chat Server 1.10 Remote Buffer Overflow Exploit
- PHP (php-exec-dir) Patch Command Access Restriction Bypass
- MS Messenger Denial of Service Exploit (MS03-043) (linux ver)
- xine 0.99.2 Remote Stack Overflow Exploit
- Dropbear SSH <= 0.34 Remote Root Exploit
- Ollydbg <= 1.10 Format String Bug
- LibPNG Graphics Library Remote Buffer Overflow Exploit
- GV PostScript Viewer Remote Buffer overflow Exploit
- Mac OS X <= 10.3.3 AppleFileServer Remote Root Overflow Exploit
- Remote CVS <= 1.11.15 (error_prog_name) Remote Exploit
- LibPNG <= 1.2.5 png_jmpbuf() Local Buffer Overflow Exploit
- ProFTPd Local pr_ctrls_connect Vuln - ftpdctl
- AOL Instant Messenger AIM "Away" Message Local Exploit
- OpenBSD ftp Exploit (teso)
- WU-IMAP 2000.287(1-2) Remote Exploit
- rsync <= 2.5.1 Remote Exploit
- rsync <= 2.5.1 Remote Exploit (2)
- GV PostScript Viewer Remote Buffer overflow Exploit (2)
- IPSwitch IMail Server <= 8.1 Local Password Decryption Utility
- IPD (Integrity Protection Driver) Local Exploit
- PlaySMS <= 0.7 SQL Injection Exploit
- XV 3.x BMP Parsing Local Buffer Overflow Exploit
- phpMyWebhosting SQL Injection Exploit
- AWStats Input Validation Hole in 'logfile'
- Qt BMP Parsing Bug Heap Overflow Exploit
- BSD (telnetd) Remote Root Exploit
- Sendmail 8.11.x Exploit (i386-Linux)
- MusicDaemon <= 0.0.3 v2 Remote DoS and /etc/shadow Stealer
- Hafiye 1.0 Remote Terminal Escape Sequence Injection Vulnerability
- SquirrelMail (chpasswd) Local Root Bruteforce Exploit
- Winamp <= 5.04 Skin File (.wsz) Remote Code Execution Exploit
- BadBlue 2.52 Web Server Multiple Connections Denial of Service Exploit
- Gaucho 1.4 Mail Client Buffer Overflow Vulnerability
- Painkiller <= 1.3.1 Denial of Service Exploit
- Easy File Sharing Webserver 1.25 Denial of Service Exploit
- Citadel/UX Remote Buffer Overflow Exploit
- D-Link DCS-900 Camera Remote IP Address Changer Exploit
- TiTan FTP Server Long Command Heap Overflow PoC Exploit
- WFTPD Pro Server 3.21 MLST Remote Denial of Service Exploit
- CesarFTP Server Long Command Denial of Service Exploit
- Ground Control <= 1.0.0.7 (Server/Client) Denial of Service Exploit
- TorrentTrader 1.0 RC2 SQL Injection Exploit
- AOL Instant Messenger AIM "Away" Message Remote Exploit
- Courier-IMAP <= 3.0.2-r1 auth_debug() Remote Format String Exploit
- CDRDAO Local Root Exploit
- Trillian 0.74i Remote Buffer Overflow Exploit (MSN Module Bug)
- PHP-Nuke 7.4 Remote Privilege Escalation
- Citadel/UX <= 6.23 Remote USER Directive Exploit (Private Version)
- cdrecord $RSH exec() SUID Shell Creation
- BlackJumboDog FTP Server 3.6.1 Remote Buffer Overflow Exploit
- Serv-U < 5.2 Remote Denial of Service Exploit
- Turbo Seek Null Byte Error Discloses Files to Remote Users
- PHP-Nuke SQL Injection Edit/Save Message(s) Bug
- htpasswd Apache 1.3.31 Local Exploit
- CDRecord's ReadCD Local Root Privileges
- SudoEdit 1.6.8 Local Change Permission Exploit
- MS Windows JPEG GDI+ Overflow Shellcoded Exploit
- MDaemon 6.5.1 IMAP/SMTP Remote Buffer Overflow Exploit
- MS Windows JPEG Processing Buffer Overrun Exploit (MS04-028)
- MS Windows JPEG GDI+ Overflow Administrator Exploit (MS04-028)
- glFTPd Local Stack Overflow Exploit (PoC) (Slackware 9.0/9.1/10.0)
- MS Windows JPEG GDI+ Overflow Download Shellcode Exploit (MS04-028)
- GNU Sharutils <= 4.2.1 Local Format String PoC Exploit
- MS Windows JPEG GDI+ Remote Heap Overflow Exploit (MS04-028)
- HP-UX 11.0/11.11 swxxx Local Root Shell Exploit
- MyServer 0.7.1 (POST) Denial Of Service Exploit
- MS Windows JPEG GDI+ All-In-One Bind/Reverse/Admin/FileDownload
- WinRAR 1.0 Local Buffer Overflow Exploit
- Zinf 2.2.1 Local Buffer Overflow Exploit
- GlobalSCAPE - CuteFTP macros (*.mcr) Local Vulnerability
- Serendipity 0.7-beta1 SQL Injection Proof of Concept
- MSSQL 7.0 Remote Denial of Service Exploit
- Silent Storm Portal Multiple Vulnerabilities
- IPSwitch WhatsUp Gold 8.03 Remote Buffer Overflow Exploit
- Icecast <= 2.0.1 Win32 Remote Code Execution Exploit
- WordPress Blog HTTP Splitting Vulnerability
- Monolith Games Local Buffer Overflow Exploit
- Eudora 6.2.0.7 Attachment Spoofer Exploit
- Icecast <= 2.0.1 Win32 Remote Code Execution Exploit (modded)
- ocPortal 1.0.3 Remote File Inclusion
- YahooPOPs <= 1.6 SMTP Port Buffer Overflow Exploit
- MS Windows NNTP Service (XPAT) Denial of Service Exploit (MS04-036)
- BSD bmon <= 1.2.1_2 Local Exploit
- Monit <= 4.2 Basic Authentication Remote Root Exploit
- ProFTPD <= 1.2.10 Remote Users Enumeration Exploit
- YahooPOPs <= 1.6 SMTP Remote Buffer Overflow Exploit
- SLX Server 6.1 Arbitrary File Creation Exploit (PoC)
- MS Windows Metafile (.emf) Heap Overflow Exploit (MS04-032)
- MS Windows IIS WebDAV XML Denial of Service Exploit (MS04-030)
- BitchX 1.0c19 Local Root Exploit (suid?)
- Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit
- Ability Server <= 2.34 (STOR) Remote Buffer Overflow Exploit
- Multiple (Almost all) Browsers Tabbed Browsing Vulnerabilities
- ShixxNote 6.net Remote Buffer Overflow Exploit
- socat <= 1.4.0.2 Local Format String Exploit (not setuid)
- Ability Server <= 2.34 (APPE) Remote Buffer Overflow Exploit
- Quick 'n EasY <= 3.0 FTP Server Remote Denial of Service Exploit
- BaSoMail Server 1.24 POP3/SMTP Remote Denial of Service Exploit
- MailCarrier 2.51 SMTP EHLO / HELO Buffer Overflow Exploit
- BaSoMail Multiple Buffer Overflow Denial of Service Exploit
- GD Graphics Library Heap Overflow Proof of Concept Exploit
- libxml 2.6.12 nanoftp Remote Buffer Overflow Proof of Concept Exploit
- SCO Openserver 5.0.7 (MMDF deliver) Local Root Exploit
- Master of Orion III <= 1.2.5 Denial of Service Exploit
- Age of Sail II <= 1.04.151 Remote Buffer Overflow Exploit
- Alpha Black Zero <= 1.04 Remote Denial of Service Exploit
- Chatman <= 1.5.1 RC1 Broadcast Crash Exploit
- Flash Messaging <= 5.2.0g Remote Denial of Service Exploit
- WvTFTPd 0.9 Remote Root Heap Overflow Exploit
- zgv 5.5 Multiple Arbitrary Code Execution PoC Exploits
- Chesapeake TFTP Server 1.0 Directory Traversal and DoS PoC Exploit
- MS Internet Explorer (IFRAME Tag) Buffer Overflow Exploit
- MiniShare <= 1.4.1 Remote Buffer Overflow Exploit
- Ability Server 2.34 FTP STOR Buffer Overflow Exploit (Unix Exploit)
- CCProxy Log Remote Stack Overflow Exploit
- Qwik SMTP 0.3 Remote Root Format String Exploit
- CCProxy 6.2 (ping) Remote Buffer Overflow Exploit
- SlimFTPd <= 3.15 Remote Buffer Overflow Exploit
- Linux Kernel (<= 2.4.27 , 2.6.8) binfmt_elf Executable File Read Exploit
- WinFTP Server 1.6 Denial of Service Exploit
- Kerio Personal Firewall <= 4.1.1 Multiple IP Options DoS Exploit
- IPSwitch IMail 8.13 (DELETE) Remote Stack Overflow Exploit
- NetNote Server (<= 2.2 build 230) Crafted String DoS Exploit
- Multiple AntiVirus (zip file) Detection Bypass Exploit
- UBB.threads 6.2.*-6.3.* one char bruteforce exploit
- vBulletin LAST.PHP SQL Injection Vulnerability
- Secure Network Messenger <= 1.4.2 Denial of Service Exploit
- miniBB Input Validation Hole in 'user' Parameter
- MiniShare Remote Buffer Overflow Exploit (c source)
- MailCarrier 2.51 Remote Buffer Overflow Exploit
- SLMail 5.5 POP3 PASS Buffer Overflow Exploit
- MS Windows Compressed Zipped Folders Exploit (MS04-034)
- MS Internet Explorer 6.0 SP2 File Download Security Warning Bypass
- TWiki 20030201 search.pm Remote Command Execution Exploit
- DMS POP3 Server (1.5.3 build 37) Buffer Overflow Exploit
- GFHost PHP GMail Remote Command Execution Exploit
- phpBB <= 2.0.10 Remote Command Execution Exploit
- Invision Power Board v2.0.0 - 2.0.2 Sql Injection Exploit
- wodFtpDLX Client ActiveX Control Buffer Overflow Crash Exploit
- CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) BoF Exploit
- Halo <= 1.05 Broadcast Client Crash Exploit
- Prozilla 1.3.6 Remote Stack Overflow Exploit
- Soldier of Fortune II <= 1.3 Server/Client Denial of Service Exploit
- Winamp <= 5.06 IN_CDDA.dll Remote Buffer Overflow Exploit
- Star Wars Battlefront <= 1.1 Fake Players Denial of Service Exploit
- atari800 Local Root Exploit
- MailEnable Mail Server IMAP <= 1.52 Remote Buffer Overflow Exploit
- EZshopper Directory Transversal in loadpage.cgi
- PHP <= 4.3.7/ 5.0.0RC3 memory_limit Remote Exploit
- 3Dmax 6.x backburner Manager <= 2.2 Denial of Service Exploit
- Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit
- WS_FTP Server <= 5.03 MKD Remote Buffer Overflow Exploit
- Orbz Game <= 2.10 Remote Buffer Overflow Exploit
- Jana Server <= 2.4.4 (http/pna) Denial of Service Exploit
- Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit (c code)
- Aspell (word-list-compress) Command Line Stack Overflow
- Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow v2 (c code)
- Neverwinter Nights special Fake Players Denial of Service Exploit
- Kreed <= 1.05 Format String and Denial of Service Exploit
- phpBB <= 2.0.10 Remote Command Execution Exploit (cgi version)
- Hosting Controller <= 0.6.1 Hotfix 1.4 Directory Browsing Vulnerability
- phpBB v1.0.0 - 2.0.10 admin_cash.php remote exploit
- GetRight <= 5.2a Skin File (*.grs) Buffer Overflow Exploit
- Battlefield 1942 <= 1.6.19 and Vietnam <= 1.2 Broadcast Client Crash
- Mac OS X Adobe Version Cue Local Root Exploit
- Citadel/UX <= 6.27 Remote Root Format String Exploit
- Codename Eagle <= 1.42 Socket Unreacheable DoS Exploit
- Lithtech Engine (new protocol) Socket Unreacheable DoS
- TipxD <= 1.1.1 Local Format String Vulnerability (not setuid)
- Linux Kernel <= 2.4.28 and <= 2.6.9 scm_send local DoS Exploit
- Linux Kernel (<= 2.6.9, 2.4.22-28) (igmp.c) Local Denial of Service Exploit
- OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS
- Ricoh Aficio 450/455 PCL 5e Printer ICMP Denial of Service Exploit
- wget <= 1.9 Directory Traversal Exploit
- Linux Kernel <= 2.6.9, <= 2.4.28 vc_resize int Local Overflow Exploit
- Linux Kernel <= 2.6.9, <= 2.4.28 Memory Leak Local DoS
- Linux Kernel <= 2.6.9, <= 2.4.28 ip_options_get Local Overflow
- Ability Server <= 2.34 Remote APPE Buffer Overflow Exploit
- WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC
- Cscope <= 15.5 Symlink Vulnerability Exploit
- PHP <= 4.3.9 & phpBB 2.x with unserialize() Remote Exploit (compiled)
- Ultrix 4.5/MIPS dxterm Local Buffer Overflow Exploit
- AIX 5.1 to 5.3 paginit Local Stack Overflow Exploit
- MS Internet Explorer & MSN Memory_Access_Violation DoS
- AIX 4.3/5.1 - 5.3 lsmcode Local Root Command Execution
- phpBB highlight Arbitrary File Upload (Santy.A)
- phpMyChat 0.14.5 Remote Improper File Permissions Exploit
- e107 include() Remote Exploit
- Webmin BruteForce and Command Execution Exploit
- CrystalFTP Pro 2.8 Remote Buffer Overflow Exploit
- SHOUTcast DNAS/Linux 1.9.4 Format String Remote Exploit
- Solaris 7/8/9 CDE LibDTHelp Local Buffer Overflow Exploit
- Solaris 7/8/9 CDE LibDTHelp Local Buffer Overflow Exploit (2)
- Solaris 8/9 passwd circ() Local Root Exploit
- Solaris 2.5.1/2.6/7/8 rlogin /bin/login Buffer Overflow Exploit (SPARC)
- Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit
- MS Internet Explorer (<= XP SP2) HTML Help Control Local Zone Bypass
- Sanity.b - phpBB <= 2.0.10 Bot Install (AOL/Yahoo Search)
- MS Windows Kernel ANI File Parsing Crash Vulnerability
- PhpInclude.Worm - PHP Scripts Automated Arbitrary File Inclusion
- Netcat v1.1 "-e" Switch Remote Buffer Overflow Exploit
- PHP <= 4.3.7 openlog() Buffer Overflow Exploit
- MS Internet Explorer Remote Code Execution with Parameters - PoC
- MS Windows 2000 WINS Remote Code Execution Exploit
- MS Windows NetDDE Remote Buffer Overflow Exploit (MS04-031)
- SOLDNER Secret Wars <= 30830 Denial of Service Exploit
- QWikiwiki Directory Traversal Vulnerability
- iWebNegar Configuration Nullification Denial of Service Exploit
- FreeBSD TOP Format String Vulnerability
- phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)
- HTGET <= 0.9.x Local Root Exploit
- Gore <= 1.50 Socket Unreacheable Denial of Service Exploit
- Norton Antivirus < 2005 Remote Stack Overflow Exploit
- Linux Kernel <= 2.4.29-rc2 uselib() Privilege Elevation
- Webmin Web Brute Force v1.5 (cgi-version)
- Webmin BruteForce + Command Execution v1.5
- MS Windows Improper Token Validation Local Exploit (working)
- Veritas Backup Exec Agent 8.x/9.x Browser Overflow (c version)
- MS Internet Explorer .ANI Remote Stack Overflow (0.2)
- ITA Forum <= 1.49 SQL Injection Exploit
- Breed <= patch #1 zero-length Remote Crash Exploit
- Exim <= 4.41 dns_build_reverse Local Exploit PoC
- Apple iTunes Playlist Local Parsing Buffer Overflow Exploit
- Apple iTunes Playlist Buffer Overflow Download Shellcoded Exploit
- Peer2Mail <= 1.4 Encrypted Password Dumper Exploit
- NodeManager Professional 2.00 Buffer Overflow Vulnerability
- Mac OS X <= 10.3.7 Input Validation Flaw parse_machfile() DoS
- fkey <= 0.0.2 Local File Accessibility Exploit
- Apache OpenSSL Remote Exploit (Multiple Targets) (OpenFuckV2.c)
- MS Internet Explorer .ANI files handling Universal Exploit (MS05-002)
- Mac OS X <= 10.3.7 mRouter Local Privilege Escalation Exploit
- Golden FTP Server <= 2.02b Remote Buffer Overflow Exploit
- Funduc Search and Replace Compressed File Local BoF Exploit
- Apple QuickTime <= 6.5.2.10 (.qtif) Image Parsing Vulnerability
- MS Internet Explorer .ANI files handling Downloader Exploit (MS05-002)
- AWStats configdir Remote Command Execution Exploit (c code)
- AWStats configdir Remote Command Execution Exploit (perl code)
- Siteman <= 1.1.10 Remote Administrative Account Addition Exploit
- Berlios gpsd <= 2.7.x Remote Format String Vulnerability
- /usr/bin/trn Local Exploit (not suid)
- Linux Kernel 2.4 uselib() Privilege Elevation Exploit
- Linux ncpfs Local Exploit
- Xpand Rally <= 1.0.0.0 (Server/Clients) Crash Exploit
- Savant Web Server 3.1 Remote Buffer Overflow Exploit
- TinyWeb 1.9 Denial of Service Exploit
- Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit
- ngIRCd <= 0.8.2 Remote Format String Exploit
- Newspost 2.1 socket_getline() Remote Buffer Overflow Exploit v2
- LiteForum 2.1.1 sql injection exploit
- Savant Web Server 3.1 Remote Buffer OverflowExploit (win2003)
- Operator Shell (osh) 1.7-12 Local Root Exploit
- ngIRCd <= 0.8.1 Remote Denial of Service Exploit (2)
- PerlDesk 1.x SQL-Injection Exploit
- Setuid perl PerlIO_Debug() overflow
- Setuid perl PerlIO_Debug() root owned file creation
- Mac OS X DS_Store Arbitrary File Overwrite Exploit
- 3CServer 1.1 FTP Server Remote Exploit
- Mac OS X Adobe Version Cue Local Root Exploit
- Exim <= 4.42 Local Root Exploit
- Foxmail 2.0 (MAIL FROM:) Denial of Service Exploit
- DelphiTurk CodeBank 3.1 Local Username and Password Disclosure
- Mac OS X AppleFileServer Remote Denial of Service Exploit
- PostNuke PostWrap Module Remote Exploit
- PHP-Nuke v7.4 admin exploit (old exploit)
- MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit
- DelphiTurk FTP v1.0 Passwords to Local Users Exploit
- MSN Messenger PNG Image Buffer Overflow (linux compile)
- ELOG <= 2.5.6 Remote Shell Exploit
- Prozilla <= 1.3.7.3 Remote Format String Exploit
- MyPHP Forum 1.0 SQL Injection Exploit
- CMScore SQL Injection Exploit
- Chipmunk Forums SQL Injection Exploit
- Armagetron Advanced <= 0.2.7.0 Server Crash Exploit
- DelphiTurk e-Posta v1.0 Local Exploit
- Exim <= 4.43 auth_spa_server() Remote PoC Exploit
- Quake 3 Engine Infostring Crash and Shutdown Exploit
- MercuryBoard <= 1.1.1 Working Sql Injection
- CA BrightStor ARCserve Backup Remote Buffer Overlow PoC
- GNU a2ps "Anything to PostScript" Local Exploit (not suid)
- AwStats <= 6.4 Denial Of Service (with Advisory)
- vBulletin <= 3.0.4 "forumdisplay.php" Code Execution
- Savant Web Server 3.1 Remote BoF (French Win OS support)
- vBulletin <= 3.0.4 "forumdisplay.php" Code Execution (part 2)
- Serv-U 4.x "site chmod" Remote Buffer Overflow Exploit
- Dream FTP 1.2 Remote Format String Exploit
- VisualBoyAdvanced 1.7.x Local Shell Exploit (non suid) (updated)
- 3Com Ftp Server 2.0 Remote Overflow Exploit
- Medal of Honor Spearhead Server Remote Buffer Overflow (Linux)
- 3Com 3CDaemon FTP Unauthorized "USER" Remote BoF Exploit
- Knox Arkeia Server Backup 5.3.x Remote Root Exploit
- Thomson TCW690 POST Password Validation Exploit
- SHOUTcast 1.9.4 File Request Format String Remote Exploit (win)
- GNU Cfengine 2.17p1 RSA Authentication Heap Overflow Exploit
- vBulletin <= 3.0.6 php Code Injection
- PeerFTP 5 Local Password Disclosure Exploit
- eXeem 0.21 Local Password Disclosure Exploit
- SendLink 1.5 Local Password Disclosure Exploit
- WWW File Share Pro 2.72 Local Password Disclosure Exploit
- Chat Anywhere 2.72a Local Password Disclosure Exploit
- WebConnect 6.4.4 - 6.5 Directory Traversal and Denial of Service Exploit
- Avaya IP Office Phone Manager Local Password Disclosure Exploit
- AWStats 5.7 - 6.2 Multiple Remote Exploit
- Soldier of Fortune 2 <= 1.03 "cl_guid" Server Crash
- wu-ftpd <= 2.6.2 File Globbing Denial of Service Exploit
- Knet <= 1.04c Buffer Overflow Denial of Service Exploit
- eXeem 0.21 Local Password Disclosure Exploit (asm)
- BadBlue 2.5 Easy File Sharing Remote Buffer Overflow
- Einstein <= 1.01 Local Password Disclosure Exploit
- BadBlue 2.55 Web Server Remote Buffer Overflow
- Einstein <= 1.01 Local Password Disclosure Exploit (asm)
- Scrapland <= 1.0 Server Termination Denial of Service Exploit
- Trillian Basic 3.0 PNG Image Processing Buffer Overflow Exploit
- AWStats 5.7 - 6.2 Multiple Remote Exploit (extra)
- Foxmail 1.1.0.1 POP3 Temp Dir Stack Overflow Exploit
- Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
- Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (update)
- PHP Form Mail 2.3 Arbitrary File Inclusion
- phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial)
- CA License Server (GETCONFIG) Remote Buffer Overflow Exploit (c)
- Aztek Forum <= 4.0 [myadmin.php] Database Dumper Exploit
- MS Windows XP/2003 Remote Denial of Service Exploit
- The Includer CGI <= 1.0 Remote Command Execution
- RealPlayer 10 ".smil" File Local Buffer Overflow Exploit
- phpWebLog <= 0.5.3 Arbitrary File Inclusion
- PHP mcNews <= 1.3 (skinfile) Remote File Include Vulnerability
- paNews 2.0b4 Remote Admin Creation SQL Injection Exploit
- Ethereal <= 0.10.9 "3G-A11" Remote Buffer Overflow Exploit
- MS Internet Explorer "mshtml.dll" CSS Parsing Buffer Overflow
- OpenBSD 2.0 - 3.6 TCP TIMESTAMP Remote Denial of Service Exploit
- Download Center Lite (DCL) <= 1.5 Remote File Inclusion
- phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial 2)
- SocialMPN Arbitrary File Injection Exploit
- phpDEV5 Remote Default Insecure Users Vuln
- Ethereal <= 0.10.9 "3G-A11" Remote Buffer Overflow Exploit (2)
- Sentinel LM 7.x UDP License Service Remote Buffer Overflow Exploit
- PaX Double-Mirrored VMA munmap Local Root Exploit
- Frank McIngvale LuxMan 0.41 Local Buffer Overflow Exploit
- Ethereal <= 0.10.9 "3G-A11" Remote Buffer Overflow Exploit
- LimeWire 4.1.2 - 4.5.6 Inappropriate Get Request Remote Exploit
- Freeciv Server <= 2.0.0beta8 Denial of Service Exploit
- ZPanel <= 2.5 Remote SQL Injection Exploit
- GoodTech Telnet Server < 5.0.7 Buffer Overflow Crash Exploit
- GoodTech Telnet Server < 5.0.7 Remote BoF Exploit (updated)
- iSnooker <= 1.6.8 Local Password Disclosure Exploit
- iPool <= 1.6.81 Local Password Disclosure Exploit
- PlatinumFTP <= 1.0.18 Multiple Remote Denial of Service Exploit
- MailEnable 1.8 Remote Format String Denial of Service Exploit
- phpDEV5 System-Call Local Denial of Service Exploit
- phpBB <= 2.0.12 Change User Rights Authentication Bypass
- PostScript Utilities - psnup Argument Buffer Overflow
- MCPWS Personal WebServer <= 1.3.21 Denial of Service Exploit
- phpMyFamily <= 1.4.0 Admin Bypass SQL Injection
- Ocean FTP Server 1.00 Denial of Service Exploit
- Linux Kernel 2.4.x / 2.6.x uselib() Local Privilege Escalation Exploit
- Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local Root Buffer Overflow
- phpBB <= 2.0.12 Change User Rights Authentication Bypass (c code)
- AIX <= 5.3.0 (invscout) Local Command Execution Vulnerability
- SPECTral Personal SMTP Server <= 0.4.2 Denial of Service Exploit
- Smail 3.2.0.120 Remote Root Heap Overflow Exploit
- PunBB version <= 1.2.2 Authentication Bypass Exploit
- mtftpd <= 0.0.3 Remote Root Exploit
- Cyrus imapd 2.2.4 - 2.2.8 (imapmagicplus) Remote Exploit
- Linux Kernel <= 2.6.10 Local Denial of Service Exploit
- BakBone NetVault 6.x/7.x Local Stack Buffer Overflow Exploit
- BakBone NetVault 6.x/7.x Remote Heap Buffer Overflow Exploit (2)
- phpBB <= 2.0.13 'downloads.php' mod Remote Exploit
- ArGoSoft FTP Server <= 1.4.2.8 Denial of Service Exploit
- MS Windows (WINS) Remote Buffer Overflow Exploit (v.3)
- phpBB <= 2.0.13 'Calendar Pro' mod Remote Exploit
- Linux Kernel PPC64/IA64 (AIO) Local Denial of Service Exploit
- GetDataBack Data Recovery 2.31 Local Exploit
- Aeon 0.2a Local Linux Exploit (perl code)
- Aeon 0.2a Local Linux Exploit (c code)
- MailEnable Enterprise 1.x Imapd Remote Exploit
- MailEnable Enterprise 1.x SMTP Remote Denial of Service Exploit
- FTP Now <= 2.6.14 Local Password Disclosure Exploit
- FireFly 1.0 Local Proxy Password Disclosure Exploit
- P2P Share Spy 2.2 Local Password Disclosure Exploit
- PHP-Nuke 6.x - 7.6 Top module Remote Sql Injection Exploit (working)
- The Includer CGI <= 1.0 Remote Command Execution (new version)
- The Includer CGI <= 1.0 Remote Command Execution (new version2)
- sash <= 3.7 Local Buffer Overflow Exploit
- ACNews <= 1.0 Admin Authentication Bypass SQL Injection Exploit
- Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit (update)
- MS Jet Database (msjet40.dll) DB File Buffer Overflow Exploit
- PunBB 1.2.4 (change_email) SQL Injection Exploit
- MS Jet Database (msjet40.dll) Reverse Shell Exploit
- MS Internet Explorer DHTML Object Memory Corruption Exploit
- MS Internet Explorer DHTML Object Handling Vulns (MS05-020)
- Oracle Database Server <= 10.1.0.2 Buffer Overflow Exploit
- Oracle Database PL/SQL Statement Multiple SQL Injection Exploits
- gld 1.4 (Postfix Greylisting Daemon) Remote Format String Exploit
- Morpheus <= 4.8 Local Chat Passwords Disclosure Exploit
- DeluxeFtp 6.x Local Password Disclosure Exploit
- BitComet 0.57 Local Proxy Password Disclosure Exploit
- MS Windows (HTA) Script Execution Exploit (MS05-016)
- Serendipity 0.8beta4 exit.php SQL Injection Exploit
- Sumus 0.2.2 httpd Remote Buffer Overflow Exploit
- Yager <= 5.24 Multiple Denial of Service Exploit
- MS Windows Malformed IP Options DoS Exploit (MS05-019)
- Mozilla Browsers x (Link) Code Execution Exploit
- WheresJames Webcam Publisher Beta 2.0.0014 Remote Buffer Overflow
- PMSoftware Simple Web Server (GET Request) Remote BoF Exploit
- PostgreSQL <= 8.01 Remote Reboot Denial of Service Exploit
- MS Exchange Server Remote Code Execution Exploit (MS05-021)
- Multiple OS (win32/aix/cisco) Crafted ICMP Messages DoS Exploit
- PMsoftware Simple Web Server 1.0 Remote Stack Overflow Exploit
- BitchX <= 1.0c20 Local Buffer Overflow Exploit
- MS Jet Database (msjet40.dll) Reverse Shell Exploit
- MailEnable Enterprise & Professional https Remote BoF Exploit
- Yager <= 5.24 Remote Buffer Overflow Exploit
- E-Cart <= 1.1 (index.cgi) Remote Command Execution Exploit
- NetFTPd 4.2.2 User Authentication Remote Buffer Overflow Exploit
- Ethereal / tcpdump (rsvp_print) Infinite Loop Denial of Service Exploit
- Tcpdump 3.8.x (ldp_print) Infinite Loop Denial of Service Exploit
- Tcpdump 3.8.x (rt_routing_info) Infinite Loop Denial of Service Exploit
- Tcpdump 3.8.x/3.9.1 (isis_print) Infinite Loop DoS Exploit
- MySQL MaxDB Webtool <= 7.5.00.23 Remote Stack Overflow Exploit
- GoText 1.01 Local User Informations Disclosure Exploit
- FilePocket 1.2 Local Proxy Password Disclosure Exploit
- ICUII 7.0 Local Password Disclosure Exploit
- NotJustBrowsing 1.0.3 Local Password Disclosure Exploit
- Golden FTP Server Pro 2.52 Remote Buffer Overflow Exploit
- Golden FTP Server Pro 2.52 Remote Buffer Overflow Exploit (2nd)
- Golden FTP Server Pro 2.52 Remote Buffer Overflow Exploit (3rd)
- Snmppd SNMP Proxy Daemon Remote Format String Exploit
- BulletProof FTP Server 2.4.0.31 Local Privilege Escalation Exploit
- Solaris 10.x ESRI Arcgis Local Root Format String Exploit
- ARPUS/Ce Local File Overwrite Exploit (setuid)
- ARPUS/Ce Local Overflow Exploit (setuid) (perl)
- GlobalScape Secure FTP Server 3.0 Buffer Overflow Exploit
- MS Windows WINS Vulnerability and OS/SP Scanner
- HP-UX FTPD <= 1.1.214.4 "REST" Remote Brute Force Exploit
- Ashley's Web Server Denial of Service Exploit
- Hosting Controller <= 0.6.1 Unauthenticated User Registration Exploit
- I-Mall Commerce (i-mall.cgi) Remote Command Execution Exploit
- dSMTP Mail Server 3.1b Linux Remote Root Format String Exploit
- ZeroBoard Worm Source Code
- DataTrac Activity Console Denial of Service Exploit
- Ethereal <= 0.10.10 (dissect_ipc_state) Remote Denial of Service Exploit
- Mozilla Firefox Install Method Remote Arbitrary Code Execution Exploit
- Hosting Controller <= 0.6.1 Unauthenticated User Registeration (2nd)
- Remote File Manager 1.0 Denial of Service Exploit
- PhotoPost Arbitrary Data Remote Exploit
- BakBone NetVault 6.x/7.x Remote Heap Buffer Overflow
- ZPanel <= 2.5b10 Remote SQL Injection Exploit
- Linux Mandrake <= 10.2 cdrdao Local Root Exploit (unfixed)
- Linux Kernel <= 2.6.12-rc4 (ioctl_by_bdev) Local Denial of Service Exploit
- Gaim <= 1.2.1 URL Handling Remote Stack Overflow Exploit
- MS Windows XP/2003 IPv6 Remote Denial of Service Exploit
- AIX 5.1 Bellmail Local Race Condition Exploit (Instructions w/ Exploit)
- Fusion SBX <= 1.2 Remote Command Execution Exploit
- WebAPP v0.9.9.2.1 Remote Command Execution Exploit (2nd updated)
- WebAPP v0.9.9.2.1 Remote Command Execution Exploit (1st)
- Woltlab Burning Board <= 2.3.1 register.php SQL-Injection Exploit
- Mozilla Firefox view-source:javascript url Code Execution Exploit
- TCP TIMESTAMPS Denial of Service Exploit
- Exim <= 4.41 dns_build_reverse Local Exploit
- Maxwebportal <= 1.36 password.asp Change Password Exploit (3 - perl)
- Maxwebportal <= 1.36 password.asp Change Password Exploit (2 - php)
- Maxwebportal <= 1.36 password.asp Change Password Exploit (1 - html)
- Invision Power Board <= 2.0.3 Login.PHP SQL Injection Exploit
- Invision Power Board <= 2.0.3 Login.PHP SQL Injection (tutorial)
- Hosting Controller <= 0.6.1 Unauthenticated User Registeration (3rd)
- phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (perl)
- phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php)
- phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php 2)
- MS Windows COM Structured Storage Local Exploit (MS05-012)
- Zeroboard 4.1 preg_replace Remote nobody Shell Exploit
- Ethereal <= 0.10.10 (SIP) Protocol Dissector Remote BoF Exploit
- MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit
- myBloggie 2.1.1 - 2.1.2 SQL Injection Exploit
- MS Internet Explorer - Multiple Stack Overflows Crash
- MS Internet Explorer - javascript "window()" Crash
- e-Post SPA-PRO 4.01 (imap) Remote Buffer Overflow Exploit
- FutureSoft TFTP Server 2000 Remote Denial of Service Exploit
- Crob FTP Server <= 3.6.1 Remote Stack Overflow Exploit
- ePSXe <= 1.6.0 nogui() Local Exploit
- PostNuke <= 0.750 readpmsg.php SQL Injection Exploit
- Portail PHP < 1.3 SQL Injection Exploit
- Kaspersky AntiVirus "klif.sys" Privilege Escalation Vulnerability
- WordPress <= 1.5.1.1 SQL Injection Exploit
- WinZIP <= 8.1 Command Line Local Buffer Overflow Exploit
- IPSwitch IMAP Server LOGON Remote Stack Overflow
- Invision Power Board <= 1.3.1 Login.PHP SQL Injection (working)
- Tcpdump bgp_update_print Remote Denial of Service Exploit
- GNU Mailutils imap4d 0.5 < 0.6.90 Remote Format String Exploit
- Webhints <= 1.03 Remote Command Execution Exploit (perl code) (1)
- Webhints <= 1.03 Remote Command Execution Exploit (c code) (2)
- Webhints <= 1.03 Remote Command Execution Exploit (perl code) (3)
- Mac OS X 10.4 launchd Race Condition Exploit
- AIX 5.2 netpmon Local Elevated Privileges Exploit
- AIX 5.2 ipl_varyon Local Elevated Privileges Exploit
- AIX 5.2 paginit Local Root Exploit
- ViRobot Advanced Server 2.0 (addschup) Remote Cookie Exploit
- eXtropia Shopping Cart web_store.cgi Remote Exploit
- Mambo 4.5.2.1 Fetch Password Hash Remote Exploit
- PHP Arena <= 1.1.3 pafiledb.php Remote Change Password Exploit
- Ultimate PHP Board <= 1.9.6 GOLD users.dat Password Decryptor
- Claroline e-Learning <= 1.6 Remote Hash SQL Injection Exploit
- Claroline e-Learning <= 1.6 Remote Hash SQL Injection Exploit (2)
- PeerCast <= 0.1211 Remote Format String Exploit
- Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service
- Simple Machines Forum <= 1.0.4 (modify) SQL Injection Exploit
- MercuryBoard <= 1.1.4 SQL Injection Exploit
- WordPress <= 1.5.1.1 "add new admin" SQL Injection Exploit
- Forum Russian Board 4.2 Full Command Execution Exploit
- Mambo <= 4.5.2.1 SQL Injection Exploit
- Cacti <= 0.8.6d Remote Command Execution Exploit
- phpBB <= 2.0.15 Register Multiple Users Denial of Service (perl code)
- phpBB <= 2.0.15 Register Multiple Users Denial of Service (c code)
- MS Windows (SMB) Transaction Response Handling Exploit (MS05-011)
- MS Outlook Express NNTP Buffer Overflow Exploit (MS05-030)
- TCP-IP Datalook <= 1.3 Local Denial of Service Exploit
- PHP-Fusion <= 6.00.105 Accessible Database Backups Download Exploit
- UBB Threads < 6.5.2 Beta (mailthread.php) SQL Injection Exploit
- ASPNuke <= 0.80 (article.asp) SQL Injection Exploit
- ASPNuke <= 0.80 (comment_post.asp) SQL Injection Exploit
- Stream / Raped Denial of Service Attack (win version)
- Solaris 9 / 10 ld.so Local Root Exploit (1)
- Solaris 9 / 10 ld.so Local Root Exploit (2)
- MS Windows Message Queuing BoF Universal Exploit (MS05-017) (v.0.3)
- phpBB 2.0.15 (highlight) Remote PHP Code Execution
- Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection Exploit
- XML-RPC Library <= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit
- MS Internet Explorer (javaprxy.dll) COM Object Remote Exploit
- phpBB 2.0.15 (highlight) Database Authentication Details Exploit
- Nokia Affix < 3.2.0 btftp Remote Client Exploit
- XOOPS <= 2.0.11 xmlrpc.php SQL Injection Exploit
- xmlrpc.php Library <= 1.3.0 Remote Command Execute Exploit (2)
- xmlrpc.php Library <= 1.3.0 Remote Command Execute Exploit (3)
- Willing Webcam 2.8 Licence Info Disclosure Local Exploit
- Access Remote PC 4.5.1 Local Password Disclosure Exploit
- Sudo 1.3.1 - 1.6.8p Pathname Validation Local Root Exploit (openbsd)
- Drupal <= 4.5.3 & <= 4.6.1 Comments PHP Injection Exploit
- Mozilla FireFox <= 1.0.1 Remote GIF Heap Overflow Exploit
- TCP Chat (TCPX) 1.0 Denial of Service Exploit
- Internet Download Manager <= 4.05 Input URL Stack Overflow Exploit
- Solaris SPARC / x86 Local Socket Hijack Exploit
- PrivaShare <= 1.3 Denial of Service Exploit
- AnalogX SimpleServer:WWW <= 1.05 Denial of Service Exploit
- phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit
- Hosting Controller <= 0.6.1 HotFix 2.1 Change Credit Limit Exploit
- BlogTorrent <= 0.92 Remote Password Disclosure Exploit
- Baby Web Server <= 2.6.2 Command Validation Exploit
- Remote File Explorer <= 1.0 Denial of Service Exploit
- wMailServer 1.0 Remote Denial of Service Exploit
- Mozilla Firefox <= 1.0.4 "Set As Wallpaper" Code Execution Exploit
- phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (cookie grabber)
- MS Windows Netman Service Local Denial of Service Exploit
- NetPanzer <= 0.8 Remote Denial of Service Exploit
- e107 <= 0.617 XSS Remote Cookie Disclosure Exploit
- Remote Control Server 1.6.2 Denial of Service Exploit
- Small HTTP Server <= 3.05.28 Arbitrary Data Execution Exploit
- DzSoft PHP Editor <= 3.1.2.8 Denial of Service Exploit
- MS Internet Explorer / MSN ICC Profiles Crash PoC Exploit
- Open Bulletin Board <= 1.0.5 SQL Injection Exploit
- Hosting Controller <= 6.1 HotFix 2.2 Add Domain without Quota Exploit
- phpBB 2.0.15 Remote PHP Code Execution Exploit (metasploit)
- HP OpenView OmniBack II Generic Remote Exploit
- Intruder Client 1.00 Remote Command Execution & DoS Exploit
- MS Windows Color Management Module Overflow Exploit (MS05-036)
- SlimFTPd <= 3.16 Remote Buffer Overflow Exploit
- vim 6.3 < 6.3.082 (modlines) Local Command Execution Exploit
- FtpLocate <= 2.02 (current) Remote Command Execution Exploit
- FTPshell Server <= 3.38 Remote Denial of Service Exploit
- GNU Mailutils imap4d <= 0.6 Remote Format String Exploit
- IPSwitch IMail Server <= 8.15 IMAPD Remote Root Exploit
- BusinessMail Server <= 4.60.00 Remote Denial of Service Exploit
- ProRat Server <= 1.9 (Fix-2) Buffer Overflow Crash Exploit
- MS Windows (LegitCheckControl.dll) Genuine Advantage Validation Patch
- Quick 'n EasY <= 3.0 FTP Server Remote Denial of Service Exploit
- CA BrightStor ARCserve Backup Agent (dbasqlr.exe) Remote Exploit
- CA BrightStor ARCserve Backup (dsconfig.exe) Buffer Overflow
- CA BrightStor ARCserve Backup Auto Scanner / Exploiter
- vBulletin <= 3.0.6 (Template) Command Execution Exploit (metasploit)
- MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit
- PHP-Fusion <= 6.0 106 BBCode IMG Tag Script Injection Exploit
- Acunetix HTTP Sniffer Denial of Service Exploit
- nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit
- Ethereal 10.x AFP Protocol Dissector Remote Format String Exploit
- Flatnuke <= 2.5.5 Remote Code Execution
- Wordpress <= 1.5.1.3 Remote Code Execution 0-Day Exploit
- MS Windows XP SP2 (rdpwd.sys) Remote Kernel DoS Exploit
- MS Internet Explorer (blnmgr.dll) COM Object Remote Exploit (MS05-038)
- Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit)
- MS Windows Plug-and-Play Service Remote Overflow (MS05-039)
- Veritas Backup Exec Remote File Access Exploit (windows)
- MS Windows Plug-and-Play Service Remote Universal Exploit (MS05-039)
- ZENworks 6.5 Desktop/Server Management Remote Stack Overflow
- MDaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow Exploit
- Novell eDirectory 8.7.3 iMonitor Remote Stack Overflow
- Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit
- Operator Shell (osh) 1.7-13 Local Root Exploit
- Chris Moneymakers World Poker Championship 1.0 DoS Exploit
- GTChat <= 0.95 Alpha Remote Denial of Service Exploit
- WS_FTP Server <= 5.03 (RNFR) Buffer Overflow Exploit
- Mercury/32 Mail Server <= 4.01a (check) Buffer Overflow Exploit
- Golden FTP Server Pro <= 2.52 (USER) Remote Buffer Overflow Exploit
- BakBone NetVault 7.1 Local Privilege Escalation Exploit
- GoodTech SMTP Server <= 5.14 Denial of Service Exploit
- IA eMailServer Corporate Edition Version <= 5.2.2 DoS Exploit
- BusinessMail <= 4.60.00 Remote Buffer Overflow Exploit
- Inframail Advantage Server Edition 6.0 <= 6.37 (SMTP) BoF Exploit
- Inframail Advantage Server Edition 6.0 <= 6.37 (FTP) BoF Exploit
- Solaris <= 10 LPD Arbitrary File Delete Exploit (metasploit)
- WinAce 2.6.0.5 Temporary File Parsing Buffer Overflow Vulnerability
- Debian 2.2 /usr/bin/pileup Local Root Exploit
- Elm < 2.5.8 (Expires Header) Remote Buffer Overflow Exploit
- MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit
- Mercora IMRadio <= 4.0.0.0 Local Password Disclosure Exploit
- ZipTorrent <= 1.3.7.3 Local Proxy Password Disclosure Exploit
- GTChat <= 0.95 Alpha (adduser) Remote Denial of Service Exploit
- Ventrilo <= 2.3.0 Remote Denial of Service Exploit (all platforms)
- MS Windows IIS 5.0 (500-100.asp) Server Name Spoof Exploit
- MS Windows Plug-and-Play Service Remote Universal Exploit (spanish fix)
- MS Windows Plug-and-Play Service Remote Universal Exploit (french fix)
- MySQL 4.0.17 UDF Dynamic Library Exploit
- Solaris 2.6/7/8/9 (ld.so.1) Local Root Exploit (sparc)
- Battlefield (BFCC/BFVCC/BF2CC) Login Bypass/Pass Stealer/DoS Exploit
- Savant Web Server 3.1 Remote Buffer Overflow Exploit
- Adobe Version Cue 1.0/1.0.1 Local Root Exploit (OSX)
- Adobe Version Cue 1.0/1.0.1 (-lib) Local Root Exploit (OSX)
- Gopher <= 3.0.9 (+VIEWS) Remote (Client Side) Buffer Overflow Exploit
- HP OpenView Network Node Manager <= 7.50 Remote Exploit
- vBulletin <= 3.0.8 Accessible Database Backup Searcher (update 3)
- DameWare Mini Remote Control 4.0 < 4.9 (Client Agent) Remote Exploit
- Simple PHP Blog <= 0.4.0 Multiple Remote Exploits
- P2P Pro 1.0 (command) Denial of Service Exploit
- Free SMTP Server <= 2.2 Spam Filter Vulnerability
- man2web <= 0.88 Multiple Remote Command Execution Exploit (update2)
- CUPS Server <= 1.1 (Get Request) Denial of Service Exploit
- MS Windows (keybd_event) Local Privilege Elevation Exploit
- MS Windows CSRSS Local Privilege Escalation Exploit (MS05-018)
- BNBT BitTorrent EasyTracker <= 7.7r3 Denial of Service Exploit
- PBLang <= 4.65 Remote Command Execution Exploit
- FTP Internet Access Manager <= 1.2 Command Execution Exploit
- PBLang <= 4.65 Remote Command Execution Exploit (2)
- Mozilla Products (Host:) Buffer Overflow Denial of Service String
- Class-1 Forum <= 0.24.4 Remote Code Execution Exploit
- phpMyFamily <= 1.4.0 SQL Injection Exploit
- GNU Mailutils imap4d 0.6 (search) Remote Format String Exploit
- WebAdmin <= 2.0.4 USER Buffer Overflow Exploit
- PhpTagCool <= 1.0.3 SQL Injection Attacks Exploit
- COOL! Remote Control <= 1.12 Remote Denial of Service Exploit
- Snort <= 2.4.0 SACK TCP Option Error Handling Denial of Service Exploit
- AzDGDatingLite <= 2.1.3 Remote Code Execution Exploit
- Wireless Tools 26 (iwconfig) Local Root Exploit (some setuid)
- phpWebSite <= 0.10.0 (module) SQL Injection Exploit
- Stoney FTPd Denial Of Service Exploit (rxBot mods ftpd)
- PHP-Nuke <= 7.8 (modules.php) SQL Injection Exploit
- Fastream NETFile Web Server <= 7.1.2 (HEAD) DoS Exploit
- CuteNews <= 1.4.0 (shell inject) Remote Command Execution Exploit
- MCCS (Multi-Computer Control Systems) Command DoS Exploit
- Mercury Mail <= 4.01a (Pegasus) IMAP Buffer Overflow Exploit
- Mozilla Browsers 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (v2)
- My Little Forum <= 1.5 (searchstring) SQL Injection Exploit
- phpMyFAQ <= 1.5.1 (User-Agent) Remote Shell Injection Exploit
- MailGust <= 1.9 (board takeover) SQL Injection Exploit
- Qpopper <= 4.0.8 (poppassd) Local Root Exploit (linux)
- Qpopper <= 4.0.8 (poppassd) Local Root Exploit (freebsd)
- WzdFTPD <= 0.5.4 Remote Command Execution Exploit
- RealPlayer/Helix Player Remote Format String Exploit (linux)
- Mozilla Firefox <= 1.0.7 Integer Overflow Denial of Service Exploit
- GNU Mailutils imap4d 0.6 (search) Remote Format String Exploit (fbsd)
- MultiTheftAuto 0.5 patch 1 Server Crash and MOTD Deletion Exploit
- Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (meta)
- PHP-Fusion 6.00.109 (msg_send) SQL Injection Exploit
- Prozilla <= 1.3.7.4 (ftpsearch) Results Handling Buffer Overflow Exploit
- Virtools Web Player <= 3.0.0.100 Buffer Overflow DoS Exploit
- Utopia News Pro <= 1.1.3 (news.php) SQL Injection Exploit
- Cyphor <= 0.19 (board takeover) SQL Injection Exploit
- xine-lib <= 1.1 (media player library) Remote Format String Exploit
- CA iGateway (debug mode) Remote Buffer Overflow Exploit
- phpMyAdmin 2.6.4-pl1 Remote Directory Traversal Exploit
- versatileBulletinBoard 1.00 RC2 (board takeover) SQL Injection Exploit
- RBExplorer 1.0 (Hijacking Command) Denial of Service Exploit
- phpBB 2.0.13 (admin_styles.php) Remote Command Execution Exploit
- Solaris 10 DtPrintinfo/Session Local Root Exploit (x86)
- w-Agora <= 4.2.0 (quicklist.php) Remote Code Execution Exploit
- TYPSoft FTP Server <= 1.11 (RETR) Denial of Service Vulnerability
- MuOnline Loopholes Web Server (pkok.asp) SQL Injection Exploit
- Mozilla (Firefox <= 1.0.7) (Thunderbird <= 1.0.6) Denial of Service Exploit
- Opera <= 8.02 Remote Denial of Service Exploit
- Opera <= 8.02 Remote Denial of Service Exploit (2)
- Lynx <= 2.8.6dev.13 Remote Buffer Overflow Exploit (PoC)
- Mozilla (Firefox <= 1.0.7) (Mozilla <= 1.7.12) Denial of Service Exploit
- e107 <= 0.6172 (resetcore.php) Remote SQL Injection Exploit
- HP-UX FTP Server Preauthentication Directory Listing Exploit (meta)
- MS Windows IIS SA WebAgent 5.2/5.3 Redirect Overflow Exploit (meta)
- HP-UX <= 11.11 lpd Remote Command Execution Exploit (meta)
- CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (meta)
- Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (linux)
- Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (win32)
- Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (OS X)
- Ethereal 0.9.1 - 0.10.12 SLIMP3 Remote Buffer Overflow PoC
- XMail 1.21 (-t Command Line Option) Local Root Buffer Overflow Exploit
- Net Portal Dynamic System <= 5.0 (register users) Denial of Service
- MS Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047)
- PHP-Nuke 7.8 SQL Injection / Remote Command Execution Exploit
- MS Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2)
- Snort <= 2.4.2 Back Orifice Parsing Remote Buffer Overflow Exploit
- TClanPortal <= 1.1.3 (id) Remote SQL Injection Exploit
- MS Internet Explorer 6.0 (mshtmled.dll) Denial of Service Exploit
- Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit
- Subdreamer 2.2.1 SQL Injection / Command Execution Exploit
- Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (meta)
- VuBB Forum RC1 (m) Remote SQL Injection Exploit
- Battle Carry <= .005 Socket Termination Denial of Service Exploit
- Blitzkrieg 2 <= 1.21 (server/client) Denial of Service Exploit
- FlatFrag <= 0.3 Buffer Overflow / Denial of Service Exploit
- Glider collectn kill <= 1.0.0.0 Buffer Overflow (PoC)
- Scorched 3D <= 39.1 Multiple Vulnerabilities (All-in-One) (PoC)
- GO-Global Windows Clients <= 3.1.0.3270 Buffer Overflow (PoC)
- GO-Global Windows Server <= 3.1.0.3270 Buffer Overflow (PoC)
- Lynx <= 2.8.6dev.13 Remote Buffer Overflow Exploit (port bind)
- CuteNews <= 1.4.1 (shell inject) Remote Command Execution Exploit
- gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (ppc)
- gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (x86)
- WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (meta)
- linux-ftpd-ssl 0.17 (MKD/CWD) Remote Root Exploit
- ibProArcade 2.x module (vBulletin/IPB) Remote SQL Injection Exploit
- F-Secure Internet Gatekeeper for linux < 2.15.484 Local Root Exploit
- ATutor 1.5.1pl2 SQL Injection / Command Execution Exploit
- SuSE Linux <= 9.3, 10 (chfn) Local Root Privilege Escalation Exploit
- Operator Shell (osh) 1.7-14 Local Root Exploit
- Sudo <= 1.6.8p9 (SHELLOPTS/PS4 ENV variables) Local Root Exploit
- FreeBSD (4.x , < 5.4) master.passwd Disclosure Exploit
- Moodle <= 1.6dev SQL Injection / Command Execution Exploit
- Snort <= 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (3)
- Snort <= 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (4)
- XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit
- Veritas Storage Foundation 4.0 VCSI18N_LANG Local Overflow Exploit
- Coppermine Photo Gallery <= 1.3.2 File Retrieval SQL Injection Exploit
- Unclassified NewsBoard 1.5.3 Patch 3 Blind SQL Injection Exploit
- Arki-DB 1.0 (catid) Remote SQL Injection Vulnerabilities
- Cyphor 0.19 (show.php id) Remote SQL Injection Exploit
- Wizz Forum 1.20 (TopicID) Remote SQL Injection Exploit
- PHPWebThings <= 1.4 (msg/forum) SQL Injection Exploit
- PHPWebThings <= 1.4 (forum) SQL Injection Exploit
- PHP-Nuke <= 7.8 Search Module Remote SQL Injection Exploit
- FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC
- MS Windows 2k UPNP (getdevicelist) Memory Leak DoS Exploit
- EkinBoard 1.0.3 (config.php) SQL Injection / Command Execution Exploit
- FreeFTPD <= 1.0.8 (USER) Remote Buffer Overflow Exploit
- Macromedia Flash Plugin <= 7.0.19.0 (Action) Denial of Service Exploit
- MailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit
- Google Search Appliance proxystylesheet XSLT Java Code Execution
- FileZilla Server Terminal 0.9.4d Buffer Overflow PoC
- Mambo <= 4.5.2 Globals Overwrite / Remote Command Exection Exploit
- Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service Exploit
- FreeFTPD <= 1.0.10 (PORT Command) Denial of Service Exploit
- eFiction <= 2.0 Fake GIF Shell Upload Exploit
- MS Windows MSDTC Service Remote Memory Modification PoC (MS05-051)
- Guppy <= 4.5.9 (REMOTE_ADDR) Remote Commands Execution Exploit
- MS Windows Metafile (gdi32.dll) Denial of Service Exploit (MS05-053)
- Xaraya <= 1.0.0 RC4 create() Denial of Service Exploit
- MS Windows Metafile (mtNoObjects) Denial of Service Exploit (MS05-053)
- QNX RTOS 6.3.0 (phgrafx) Local Buffer Overflow Exploit (x86)
- Microsoft Windows DTC Remote Exploit (PoC) (MS05-051) (updated)
- WinEggDropShell 1.7 Multiple PreAuth Remote Stack Overflow PoC
- Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
- sobexsrv 1.0.0_pre3 Bluetooth syslog() Remote Format String Exploit
- DoceboLMS <= 2.0.4 connector.php Shell Upload Exploit
- WIDCOMM Bluetooth Software < 3.0 Remote Buffer Overflow Exploit
- SimpleBBS <= 1.1 Remote Commands Execution Exploit
- SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit
- Appfluent Database IDS < 2.1.0.103 (Env Variable) Local Exploit
- SimpleBBS <= 1.1 Remote Commands Execution Exploit (c code)
- Mozilla Firefox <= 1.5 (history.dat) Looping Vulnerability PoC
- Website Baker <= 2.6.0 Login Bypass / Remote Code Execution Exploit
- SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit (c)
- Oracle 9.2.0.1 Universal XDB HTTP Pass Overflow Exploit
- Lyris ListManager Read Message Attachment SQL Injection Exploit
- Flatnuke 2.5.6 Privilege Escalation / Remote Commands Execution Exploit
- Counter Strike 2D <= 0.1.0.1 Denial of Service Vulnerability
- Mozilla Firefox <= 1.04 compareTo() Remote Code Execution Exploit
- phpCOIN 1.2.2 (phpcoinsessid) SQL Inj / Remote Code Execution Exploit
- Macromedia Flash Media Server 2 Remote Denial of Service Exploit
- MS Internet Explorer 6.0 (pre tag multiple single tags) Denial of Service
- Limbo <= 1.0.4.2 _SERVER[REMOTE_ADDR] Overwrite Remote Exploit
- Watchfire AppScan QA 5.0.x Remote Code Execution Exploit PoC
- Mercury Mail Transport System 4.01b Remote Exploit (PH SERVER)
- MS Windows IIS Malformed HTTP Request Denial of Service Exploit (c)
- MS Windows IIS Malformed HTTP Request Denial of Service Exploit (pl)
- MailEnable Enterprise Edition 1.1 (EXAMINE) Buffer Overflow Exploit
- PHPGedView <= 3.3.7 Arbitrary Remote Code Execution Exploit
- Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit
- Golden FTP Server <= 1.92 (APPE) Remote Overflow Exploit (meta)
- phpBB <= 2.0.18 Remote Bruteforce/Dictionary Attack Tool (updated)
- phpBB <= 2.0.18 Remote XSS Cookie Disclosure Exploit
- PHP-Fusion 6.00.3 (rating) Parameter Remote SQL Injection Exploit
- Dev Web Management System <= 1.5 (cat) Remote SQL Injection Exploit
- phpBB <= 2.0.17 (signature_bbcode_uid) Remote Command Exploit
- MS Internet Explorer 6.0 (mshtml.dll datasrc) Denial of Service Vuln
- BZFlag <= 2.0.4 (undelimited string) Denial of Service Exploit
- Windows XP/2003 Metafile Escape() Code Execution Exploit (meta)
- MS Internet Explorer 6.0 (mshtml.dll div) Denial of Service Exploit
- phpDocumentor <= 1.3.0 rc4 Remote Commands Execution Exploit
- MS Windows IIS Malformed HTTP Request Denial of Service Exploit (cpp)
- Linux Kernel <= 2.6.11 (CPL 0) Local Root Exploit (k-rad3.c)
- CubeCart <= 3.0.6 Remote Command Execution Exploit
- WebWiz Products (1.0 , <= 3.06) Login Bypass SQL Injection Exploits
- CuteNews <= 1.4.1 (categories.mdu) Remote Command Execution Exploit
- Valdersoft Shopping Cart <= 3.0 Remote Command Execution Exploit
- SCO Openserver 5.0.7 (termsh) Local Privilege Escalation Exploit
- WinRAR 3.30 Long Filename Buffer Overflow Exploit
- WinRAR 3.30 Long Filename Buffer Overflow Exploit (more targets) (2)
- FlatCMS <= 1.01 (file_editor.php) Remote Command Execution Exploit
- PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit
- MS Windows 2k Kernel APC Data-Free Local Escalation Exploit (MS05-055)
- BlueCoat WinProxy 6.0 R1c (Host) Remote Stack/SEH Overflow Exploit
- BlueCoat WinProxy <= 6.0 R1c (GET Request) Denial of Service Exploit
- Magic News Plus <= 1.0.3 Admin Pass Change Exploit
- Cisco IP Phone 7940 (Reboot) Denial of Service Exploit
- Xmame 0.102 (-lang) Local Buffer Overflow Exploit
- eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit
- eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit (2)
- Xmame 0.102 (-lang) Local Buffer Overflow Exploit (c code)
- HomeFtp 1.1 (NLST) Denial of Service Vulnerability
- Farmers WIFE 4.4 sp1 (FTP) Remote System Access Exploit
- MiniNuke <= 1.8.2 Multiple SQL Injection Vulnerabilities
- MiniNuke <= 1.8.2 (news.asp hid) SQL Injection Exploit
- MS Windows Metafile (WMF) Remote File Download Exploit Generator
- Veritas NetBackup 4/5 Volume Manager Daemon Remote BoF Exploit
- Cerberus FTP Server <= 2.32 Denial of Service Exploit
- MS Internet Explorer <= 6.x (IMG / XML elements) Denial of Service
- Tftpd32 2.81 (GET Request) Format String Denial of Service PoC
- Xmame <= 0.102 (-pb/-lang/-rec) Local Buffer Overflow Exploit
- ezDatabase <= 2.0 (db_id) Remote Command Execution Exploit
- Eterm LibAST < 0.7 (-X Option) Local Privilege Escalation Exploit
- creLoaded <= 6.15 (HTMLAREA) Automated Perl Exploit
- Cisco Aironet Wireless Access Points Memory Exhaustion ARP Attack DoS
- Sami FTP Server 2.0.1 Remote Stack Based Buffer Overflow PoC
- SquirrelMail 3.1 Change Passwd Plugin Local Buffer Overflow Exploit
- Sami FTP Server 2.0.1 Remote Buffer Overflow Exploit (meta)
- Phpclanwebsite 1.23.1 (par) Remote SQL Injection Exploit
- Oracle Database Server 9i/10g (XML) Buffer Overflow Exploit
- SHOUTcast <= 1.9.4 File Request Format String Exploit (Leaked)
- phpBB <= 2.0.19 XSS Remote Cookie Disclosure Exploit
- Winamp <= 5.12 (Crafted PLS) Remote Buffer Overflow Exploit (0-Day)
- xeCMS 1.0.0 RC 2 (cookie) Remote Command Execution Exploit
- Winamp <= 5.12 (Crafted PLS) Remote Buffer Overflow Exploit (meta)
- Invision Power Board Dragoran Portal Mod <= 1.3 SQL Injection Exploit
- Sami FTP Server 2.0.1 Remote Buffer Overflow Exploit (cpp)
- SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (meta)
- Arescom NetDSL-1000 (telnetd) Remote Denial of Service Exploit
- MS Windows Services ACLs Local Privilege Escalation Exploit (updated)
- eXchange POP3 5.0.050203 (rcpt to) Remote Buffer Overflow Exploit
- LoudBlog <= 0.4 (path) Arbitrary Remote Inclusion Exploit
- Clever Copy <= 3.0 Admin Auth Details / Remote SQL Injection Exploit
- phpBB 2.0.19 (Style Changer/Demo Mod) SQL Injection Exploit
- Microsoft HTML Help Workshop (.hhp file) Buffer Overflow Exploit
- MyQuiz 1.01 (PATH_INFO) Arbitrary Command Execution Exploit
- ASPThai.Net Guestbook <= 5.5 (Auth Bypass) SQL Injection Exploit
- Sony/Ericsson Bluetooth (Reset Display) Denial of Service Exploit
- Mozilla Firefox 1.5 location.QueryInterface() Code Execution (linux)
- MS Internet Explorer 7.0 Beta 2 (urlmon.dll) Denial of Service Vuln
- CPGNuke Dragonfly 9.0.6.1 Remote Commands Execution Exploit
- QNX Neutrino 6.2.1 (phfont) Race Condition Local Root Exploit
- Mozilla Firefox 1.5 location.QueryInterface() Code Execution (osx)
- QNX RTOS 6.3.0 Insecure rc.local Permissions Plus System Crash Exploit
- SPIP <= 1.8.2g Remote Commands Execution Exploit
- Half-Life CSTRIKE Server <= 1.6 (non steam) Denial of Service Exploit
- FCKEditor 2.0 <= 2.2 (connector.php) Remote Shell Upload Exploit
- RunCMS <= 1.2 (class.forumposts.php) Arbitrary Remote Inclusion Exploit
- Power Daemon <= 2.0.2 (WHATIDO) Remote Format String Exploit
- OpenVMPSd <= 1.3 Remote Format String Exploit (Multiple Targets)
- Microsoft HTML Help Workshop (.hhp file) Buffer Overflow Exploit (new)
- Invision Power Board <= 2.1.4 (Register Users) Denial of Service Exploit
- Microsoft HTML Help Workshop (.hhp file) Buffer Overflow Exploit (new)
- DocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit
- Invision Power Board Army System Mod 2.1 SQL Injection Exploit
- EnterpriseGS <= 1.0 rc4 Remote Commands Execution Exploit
- FlySpray 0.9.7 (install-0.9.7.php) Remote Commands Execution Exploit
- Microsoft HTML Help Workshop (.hhp file) Buffer Overflow Exploit (3)
- D-Link Wireless Access Point (Fragmented UDP) DoS Exploit
- webSPELL <= 4.01 (title_op) Remote SQL Injection Exploit
- MyBulletinBoard (MyBB) <= 1.03 Multiple SQL Injection Exploit
- Windows Media Player 7.1 <= 10 BMP Heap Overflow PoC (MS06-005)
- PHPKIT <= 1.6.1R2 (filecheck) Remote Commands Execution Exploit
- Windows Media Player 7.1 <= 10 BMP Heap Overflow PoC (MS06-005) (2)
- YapBB <= 1.2 (cfgIncludeDirectory) Remote Command Execution Exploit
- MS Windows Media Player 9 Plugin Overflow Exploit (MS06-006) (meta)
- MS Windows Media Player 10 Plugin Overflow Exploit (MS06-006)
- MS Windows Color Management Module Overflow Exploit (MS05-036) (2)
- AWStats < 6.4 (referer) Remote Command Execution Exploit
- Zorum Forum 3.5 (rollid) Remote SQL Injection Exploit
- Gravity Board X <= 1.1 (csscontent) Remote Code Execution Exploit
- Coppermine Photo Gallery <= 1.4.3 Remote Commands Execution Exploit
- Admbook <= 1.2.2 (X-Forwarded-For) Remote Command Execution Exploit
- BXCP <= 0.2.9.9 (tid) Remote SQL Injection Exploit
- MiniNuke <= 1.8.2b (pages.asp) Remote SQL Injection Exploit
- GeekLog 1.sh (error.log) Remote Commands Execution Exploit (gpc = Off)
- ilchClan <= 1.05g (tid) Remote SQL Injection Exploit
- PunBB <= 2.0.10 (Register Multiple Users) Denial of Service Exploit
- MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit
- Mac OS X Safari Browser (Safe File) Remote Code Execution Exploit
- MS Windows Media Player Plugin Overflow Exploit (MS06-006)(3)
- Noahs Classifieds <= 1.3 (lowerTemplate) Remote Code Execution
- NOCC Webmail <= 1.0 (Local Inclusion) Remote Code Execution Exploit
- PHP-Nuke 7.5 - 7.8 (Search) Remote SQL Injection Exploit
- VHCS <= 2.4.7.1 (Add User) Authentication Bypass Exploit
- phpWebSite <= 0.10.0-full (topics.php) Remote SQL Injection Exploit
- Lansuite <= 2.1.0 Beta (fid) Remote SQL Injection Exploit
- iGENUS WebMail <= 2.0.2 (config_inc.php) Remote Code Execution Exploit
- Pentacle In-Out Board <= 6.03 (newsdetailsview) Remote SQL Injection
- Pentacle In-Out Board <= 6.03 (login.asp) Remote Auth Bypass
- SaphpLesson 2.0 (forumid) Remote SQL Injection Exploit
- ArGoSoft FTP Server <= 1.4.3.5 Remote Buffer Overflow PoC
- PwsPHP <= 1.2.3 (index.php) Remote SQL Injection Exploit
- 4Images <= 1.7.1 (Local Inclusion) Remote Code Execution Exploit
- SCO Unixware 7.1.3 (ptrace) Local Privilege Escalation Exploit
- CrossFire <= 1.8.0 (oldsocketmode) Remote Buffer Overflow PoC
- MS Internet Explorer 6.0 SP0 IsComponentInstalled() Remote Exploit
- Kerio Personal Firewall <= 2.1.4 Remote Authentication Packet Overflow
- FarsiNews <= 2.5 Directory Traversal Arbitrary (users.db) Access Exploit
- MyBulletinBoard (MyBB) <= 1.03 (misc.php COMMA) SQL Injection
- FreeBSD 6.0 (nfsd) Remote Kernel Panic Denial of Service Exploit
- Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit
- phpRPC Library <= 0.7 XML Data Decoding Remote Code Execution
- vuBB <= 0.2 (Cookie) Final Remote SQL Injection Exploit (mq=off)
- Woltlab Burning Board 2.x Datenbank MOD (fileid) Remote SQL Injection
- Apple Mac OS X (/usr/bin/passwd) Custom Passwd Local Root Exploit
- phpRPC Library <= 0.7 XML Data Decoding Remote Code Execution (2)
- Aztek Forum 4.00 (XSS/SQL) Multiple Vulnerabilities (PoC)
- MyBulletinBoard (MyBB) <= 1.04 (misc.php COMMA) SQL Injection (2)
- PHP-Stats <= 0.1.9.1 Remote Commands Execution Exploit
- TotalECommerce <= 1.0 (index.asp id) Remote SQL Injection Exploit
- Multiple Routers (IRC Request) Disconnect Denial of Service Vulnerability
- XM Easy Personal FTP Server 1.0 (Port) Remote Overflow PoC
- Fantastic News <= 2.1.2 (script_path) Remote Code Execution Exploit
- LibTiff 3.7.1 (BitsPerSample Tag) Local Buffer Overflow Exploit
- MS Visual Studio 6.0 sp6 (Malformed .dbp File) Buffer Overflow Exploit
- D2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit
- Freeciv <= 2.0.7 (Jumbo Malloc) Denial of Service Crash
- LieroX <= 0.62b Remote Server/Client Denial of Service Exploit
- Sauerbraten <= 2006_02_28 Multiple BoF/Crash Vulnerabilities Exploit
- Cube <= 2005_08_29 Multiple BoF/Crash Vulnerabilities Exploit
- OWL Intranet Engine 0.82 (xrms_file_root) Code Execution Exploit
- CilemNews System <= 1.1 (yazdir.asp haber_id) SQL Injection Exploit
- Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (meta)
- Alien Arena 2006 Gold Edition <= 5.00 Multiple Vulnerabilities Exploit
- RevilloC MailServer 1.21 (USER) Remote Buffer Overflow Exploit PoC
- Gallery <= 2.0.3 stepOrder[] Remote Commands Execution Exploit
- RedBLoG <= 0.5 (cat_id) Remote SQL Injection Exploit
- d2kBlog 1.0.3 (memName) Remote SQL Injection Exploit
- Light Weight Calendar 1.x (date) Remote Code Execution Vulnerability
- JiRos Banner Experience 1.0 (Create Admin Bypass) Remote Exploit
- Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
- Guppy <= 4.5.11 (Delete Databases) Remote Denial of Service Exploit
- PeerCast <= 0.1216 (nextCGIarg) Remote Buffer Overflow Exploit
- GuestBook Script <= 1.7 (include_files) Remote Code Execution Exploit
- Jupiter CMS <= 1.1.5 Multiple XSS Attack Vectors
- SGI IRIX <= 6.5.28 (runpriv) Design Error Vulnerability
- PeerCast <= 0.1216 (nextCGIarg) Remote Buffer Overflow Exploit (2)
- Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability
- Simple PHP Blog <= 0.4.7.1 Remote Command Execution Exploit
- crossfire-server <= 1.9.0 SetUp() Remote Buffer Overflow Exploit
- Apple Mac OS X 10.4.5 Mail.app (Real Name) Buffer Overflow Exploit
- MS Windows Telephony Service Command Execution Exploit (MS05-040)
- php iCalendar <= 2.21 (Cookie) Remote Code Execution Exploit
- php iCalendar <= 2.21 (publish.ical.php) Remote Code Execution Exploit
- KnowledgebasePublisher 1.2 (include) Remote Code Execution Exploit
- Nodez <= 4.6.1.1 Mercury Multiple Remote Vulnerabilities
- BetaParticle Blog <= 6.0 (fldGalleryID) Remote SQL Injection Exploit
- ShoutLIVE <= 1.1.0 (savesettings.php) Remote Code Execution Exploit
- Python <= 2.4.2 realpath() Local Stack Overflow Exploit
- Mercur Mailserver 5.0 SP3 (IMAP) Remote Buffer Overflow Exploit
- Mercur Mailserver 5.0 SP3 (IMAP) Denial of Service Exploit
- SoftBB 0.1 (mail) Remote Blind SQL Injection Exploit
- gCards <= 1.45 Multiple Vulnerabilities All-In-One Exploit
- X.Org X11 (X11R6.9.0/X11R7.0) Local Root Privilege Escalation Exploit
- ASPPortal <= 3.1.1 (downloadid) Remote SQL Injection Exploit
- MS Internet Explorer 6.0 (script action handlers) (mshtml.dll) DoS
- MS Windows XP/2003 (IGMP v3) Denial of Service Exploit (MS06-007)
- FreeWPS <= 2.11 (images.php) Remote Code Execution Exploit
- ASP.NET w3wp (COM Components) Remote Crash Exploit
- BomberClone < 0.11.6.2 (Error Messages) Remote Buffer Overflow Exploit
- MS Windows XP/2003 (IGMP v3) Denial of Service Exploit (MS06-007) (2)
- MS Internet Explorer 6.0 (mshtml.dll checkbox) Crash
- XHP CMS <= 0.5 (upload) Remote Command Execution Exploit
- MS Internet Explorer (createTextRang) Remote Code Execution Exploit
- MS Internet Explorer (createTextRang) Download Shellcoded Exploit
- WebAlbum <= 2.02pl COOKIE[skin2] Remote Code Execution Exploit
- PHP Ticket <= 0.71 (search.php) Remote SQL Injection Exploit
- phpBookingCalendar <= 1.0c [details_view.php] Remote SQL Injection
- TFT Gallery <= 0.10 [Password Disclosure] Remote Exploit
- CuteNews <= 1.4.1 (function.php) Local File Include Exploit
- Vavoom <= 1.19.1 [Multiple Vulnerabilities] Denial of Service Exploit
- csDoom <= 0.7 [Multiple Vulnerabilities] Denial of Service Exploit
- MS Office Products Array Index Bounds Error (unpatched) PoC
- Aztek Forum 4.00 (myadmin.php) User Privilege Escalation Exploit
- PHPCollab 2.x / NetOffice 2.x (sendpassword.php) SQL Injection Exploit
- GreyMatter WebLog <= 1.21d Remote Command Execution Exploit (1)
- GreyMatter WebLog <= 1.21d Remote Command Execution Exploit (2)
- MS Internet Explorer (createTextRang) Remote Exploit (meta update)
- Plogger <= Beta 2.1 Administrative Credentials Disclosure Exploit
- RealPlayer <= 10.5 (6.0.12.1040-1348) SWF Buffer Overflow PoC
- EzASPSite <= 2.0 RC3 (Scheme) Remote SQL Injection Exploit
- Tru64 UNIX 5.0 (Rev. 910) rdist NLSPATH Buffer Overflow Exploit
- Tru64 UNIX 5.0 (Rev. 910) edauth NLSPATH Buffer Overflow Exploit
- PeerCast <= 0.1216 Remote Buffer Overflow Exploit (win32) (meta)
- Claroline <= 1.7.4 (scormExport.inc.php) Remote Code Execution Exploit
- MS Internet Explorer (createTextRang) Download Shellcoded Exploit (2)
- SQuery <= 4.5 (libpath) Remote File Inclusion Exploit
- PHPNuke-Clan 3.0.1 (vwar_root2) Remote File Inclusion Exploit
- ReloadCMS <= 1.2.5 Cross Site Scripting / Remote Code Execution Exploit
- VWar 1.5.0 R12 Remote File Inclusion Exploit
- Total Commander 6.x (unacev2.dll) Buffer Overflow PoC Exploit
- mpg123 0.59r Malformed mp3 (SIGSEGV) Proof of Concept
- AngelineCMS 0.8.1 (installpath) Remote File Inclusion Exploit
- Libxine <= 1.14 MPEG Stream Buffer Overflow Vulnerability PoC
- Ultr@VNC <= 1.0.1 VNCLog::ReallyPrint Remote Buffer Overflow PoC
- Ultr@VNC <= 1.0.1 client Log::ReallyPrint Buffer Overflow PoC
- INDEXU <= 5.0.1 (base_path) Remote File Inclusion Exploit
- Crafty Syntax Image Gallery <= 3.1g Remote Code Execution Exploit
- phpMyChat <= 0.14.5 (SYS enter) Remote Code Execution Exploit
- phpMyChat 0.15.0dev (SYS enter) Remote Code Execution Exploit
- Horde Help Viewer <= 3.1 Remote Command Execution Exploit
- ADODB < 4.70 (tmssql.php) Denial of Service Vulnerability
- ADODB < 4.70 (PhpOpenChat 3.0.x) Server.php SQL Injection Exploit
- dnGuestbook <= 2.0 Remote SQL Injection Vulnerabilities
- Autonomous LAN Party <= 0.98.1.0 Remote File Inclusion Vulnerability
- XBrite Members <= 1.1 (id) Remote SQL Injection Exploit
- Sire 2.0 (lire.php) Remote File Inclusion/Arbitary File Upload Vulnerability
- Linux Kernel 2.6.x sys_timer_create() Local Denial of Service Exploit
- PHPList <= 2.10.2 GLOBALS[] Remote Code Execution Exploit
- Horde <= 3.0.9, 3.1.0 (Help Viewer) Remote Code Execution (metasploit)
- phpBB <= 2.0.19 (user_sig_bbcode_uid) Remote Code Execution Exploit
- Clansys v.1.1 (showid) Remote SQL Injection Exploit
- Simplog <= 0.9.2 (s) Remote Commands Execution Exploit
- Ultr@VNC <= 1.0.1 client Log::ReallyPrint Buffer Overflow Exploit
- Sphider <= 1.3 (configset.php) Arbitrary Remote Inclusion Exploit
- PHP121 Instant Messenger <= 1.4 Remote Code Execution Exploit
- Mozilla Firefox <= 1.5.0.1, Camino <= 1.0 Null Pointer Dereference Crash
- vBulletin ImpEx <= 1.74 Remote Command Execution Exploit
- Censtore <= 7.3.x (censtore.cgi) Remote Command Execution Exploit
- quizz <= 1.01 (quizz.pl) Remote Command Execution Exploit
- panic-reloaded TCP Denial of Service Tool
- PAJAX <= 0.5.1 Remote Code Execution Exploit
- phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit
- osCommerce <= 2.2 (extras) Source Code Disclosure Vulnerability
- SysInfo 1.21 (sysinfo.cgi) Remote Command Execution Exploit
- PHP Album <= 0.3.2.3 Remote Command Execution Exploit
- Novell Messenger Server 2.0 (Accept-Language) Remote Overflow Exploit
- Symantec Sygate Management Server (login) SQL Injection Exploit
- Sybase EAServer 5.2 (WebConsole) Remote Stack Overflow Exploit
- Fuju News 1.0 Authentication Bypass / Remote SQL Injection Exploit
- Blackorpheus ClanMemberSkript 1.0 Remote SQL Injection Exploit
- FlexBB <= 0.5.5 (/inc/start.php _COOKIE) Remote SQL ByPass Exploit
- MyEvent <= 1.3 (myevent_path) Remote File Inclusion Vulnerability
- Neon Responder 5.4 (Clock Synchronization) Denial of Service Exploit
- Internet PhotoShow (page) Remote File Inclusion Exploit
- PHP Net Tools <= 2.7.1 Remote Code Execution Exploit
- PCPIN Chat <= 5.0.4 (login/language) Remote Code Execution Exploit
- Mambo <= 4.5.3 , Joomla <=1.0.7 (feed) Denial of Service Exploit
- RechnungsZentrale V2 <= 1.1.3 Remote Inclusion Vulnerability
- ASPSitem <= 1.83 (Haberler.asp) Remote SQL Injection Exploit
- PHPSurveyor <= 0.995 (surveyid) Remote Command Execution Exploit
- Symantec Scan Engine 5.0.x.x Change Admin Password Remote Exploit
- CoreNews <= 2.0.1 (userid) Remote SQL Injection Exploit
- Simplog <= 0.9.3 (tid) Remote SQL Injection Exploit
- dForum <= 1.5 (DFORUM_PATH) Multiple Remote File Inclusions
- My Gaming Ladder Combo System <= 7.0 Remote Code Execution Exploit
- Skulltag <= 0.96f (Version String) Remote Format String PoC
- OpenTTD <= 0.4.7 (multiple vulnerabilities) Denial of Service Exploit
- Clansys <= v.1.1 (index.php page) PHP Code Insertion Vulnerability
- Built2Go PHP Movie Review <= 2B Remote File Inclusion Vulnerability
- Apple Mac OS X Safari <= 2.0.3 (417.9.2) Multiple Vulnerabilities PoC
- FlexBB <= 0.5.5 (function/showprofile.php) SQL Injection Exploit
- BK Forum <= 4.0 (member.asp) Remote SQL Injection Vulnerability
- Apple Mac OS X Safari <= 2.0.3 (417.9.2) (ROWSPAN) DoS PoC
- Mozilla Firefox <= 1.5.0.2 (js320.dll/xpcom_core.dll) Denial of Service PoC
- Fenice OMS 1.10 (long get request) Remote Buffer Overflow Exploit
- OCE 3121/3122 Printer (parser.exe) Denial of Service Exploit
- Oracle <= 10g Release 2 (DBMS_EXPORT_EXTENSION) Local SQL Exploit
- Invision Power Board <= 2.1.5 (lastdate) Remote Code Execution Exploit
- BL4 SMTP Server < 0.1.5 Remote Buffer Overflow PoC
- TopList <= 1.3.8 (phpBB Hack) Remote File Inclusion Vulnerability
- Advanced GuestBook <= 2.4.0 (phpBB) File Inclusion Vulnerability
- TopList <= 1.3.8 (phpBB Hack) Remote Inclusion Exploit
- Advanced GuestBook <= 2.4.0 (phpBB) Remote File Inclusion Exploit
- Invision Power Board <= 2.1.5 search.php Remote Code Execution Exploit
- OpenPHPNuke <= 2.3.3 Remote File Inclusion Vulnerability
- Knowledge Base Mod <= 2.0.2 (phpBB) Remote Inclusion Vulnerability
- Limbo CMS <= 1.0.4.2 (sql.php) Remote File Inclusion Vulnerability
- Aardvark Topsites PHP <= 4.2.2 (path) Remote File Inclusion Vuln
- phpMyAgenda <= 3.0 Final (rootagenda) Remote Include Vulnerability
- Aardvark Topsites PHP <= 4.2.2 (lostpw.php) Remote Include Exploit
- Invision Power Board <= 2.1.5 (from_contact) SQL Injection Exploit
- X7 Chat <= 2.0 (help_file) Remote Commands Execution Exploit
- Darwin Streaming Server <= 4.1.2 (parse_xml.cgi) Code Execution Exploit
- Fast Click (<= 1.1.3 , <= 2.3.8) (show.php) Remote File Inclusion Exploit
- MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
- MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
- Golden FTP Server Pro 2.70 (APPE) Remote Buffer Overflow PoC
- Albinator <= 2.0.6 (Config_rootdir) Remote File Inclusion Exploit
- zawhttpd <= 0.8.23 (GET) Remote Buffer Overflow DoS
- Auction <= 1.3m (phpbb_root_path) Remote File Include Exploit
- XM Easy Personal FTP Server <= 4.3 (USER) Remote Buffer Overflow PoC
- acFTP FTP Server <= 1.4 (USER) Remote Buffer Overflow PoC
- Quake 3 Engine 1.32b R_RemapShader() Remote Client BoF Exploit
- Limbo CMS <= 1.0.4.2 (catid) Remote SQL Injection Exploit
- StatIt v4 (statitpath) Remote File Inclusion Exploit
- TotalCalendar <= 2.30 (inc) Remote File Include Vulnerability
- FileCOPA FTP Server <= 1.01 (USER) Remote Pre-Auth DoS
- AWStats <= 6.5 (migrate) Remote Shell Command Injection Exploit
- HiveMail <= 1.3 (addressbook.add.php) Remote Code Execution Exploit
- acFTP FTP Server <= 1.4 (USER) Remote Denial of Service Exploit
- TinyFTPD <= 1.4 (USER) Remote Buffer Overflow DoS
- VP-ASP 6.00 (shopcurrency.asp) Remote SQL Injection Vulnerability
- PHP-Fusion <= 6.00.306 Multiple Vulnerabilities Exploit
- Jetbox CMS <= 2.1 (relative_script_path) Remote File Inclusion Exploit
- ACal <= 2.2.6 (day.php) Remote File Inclusion Vulnerability
- EQdkp <= 1.3.0 (dbal.php) Remote File Inclusion Vulnerability
- Dokeos LMS <= 1.6.4 (authldap.php) Remote File Include Exploit
- Claroline e-Learning 1.75 (ldap.inc.php) Remote File Inclusion Exploit
- ActualAnalyzer Server <= 8.23 (rf) Remote File Include Vulnerability
- ActualAnalyzer Pro <= 6.88 (rf) Remote File Include Exploit
- phpListPro <= 2.01 Multiple Remote File Include Vulnerabilities
- Intel Wireless Service (s24evmon.exe) Shared Memory Exploit
- phpRaid <= 3.0.b3 (phpBB/SMF) Remote File Inclusion Vulnerabilities
- pafileDB <= 2.0.1 (mxBB/phpBB) Remote File Inclusion Vulnerability
- MS Internet Explorer <= 6.0.2900 SP2 (CSS Attribute) Denial of Service
- Medal of Honor (getinfo) Remote Buffer Overflow Exploit
- Unclassified NewsBoard <= 1.6.1 patch 1 Arbitrary Local Inclusion Exploit
- Foing <= 0.7.0 (phpBB) Remote File Inclusion Vulnerability
- Php Blue Dragon CMS <= 2.9 Remote File Include Vulnerability
- phpBB <= 2.0.20 (Admin/Restore DB/default_lang) Remote Exploit
- Outgun <= 1.0.3 bot 2 Multiple Remote Vulnerabilities Exploit
- Empire <= 4.3.2 (strncat) Denial of Service Exploit
- Genecys <= 0.2 (BoF/NULL pointer) Denial of Service Exploit
- Raydium <= SVN 309 Multiple Remote Vulnerabilities Exploit
- Sugar Suite Open Source <= 4.2 (OptimisticLock) Remote Exploit
- freeSSHd <= 1.0.9 Key Exchange Algorithm Buffer Overflow Exploit
- PuTTy.exe <= 0.53 (validation) Remote Buffer Overflow Exploit (meta)
- TR Newsportal <= 0.36tr1 (poll.php) Remote File Inclusion Vulnerability
- Squirrelcart <= 2.2.0 (cart_content.php) Remote Inclusion Vulnerability
- RealVNC 4.1.0 - 4.1.1 (VNC Null Authentication) Auth Bypass Patch/EXE
- GNUnet <= 0.7.0d (Empty UDP Packet) Remote Denial of Service Exploit
- DeluxeBB <= 1.06 (name) Remote SQL Injection Exploit (mq=off)
- RealVNC 4.1.0 - 4.1.1 (Null Authentication) Auth Bypass Exploit (meta)
- ezUserManager <= 1.6 Remote File Inclusion Vulnerability
- PHP-Fusion <= 6.00.306 (srch_where) SQL Injection Exploit
- DeluxeBB <= 1.06 (Attachment mod_mime) Remote Exploit
- Quezza BB <= 1.0 (quezza_root_path) File Inclusion Vulnerability
- RealVNC 4.1.0 - 4.1.1 (VNC Null Authentication) Vulnerability Scanners
- ScozNews <= 1.2.1 (mainpath) Remote File Inclusion Vulnerability
- libextractor <= 0.5.13 Multiple Heap Overflow PoC Exploits
- Mozilla Firefox <= 1.5.0.3 (Loop) Denial of Service Exploit
- phpBazar <= 2.1.0 Remote (Include/Auth Bypass) Vulnerabilities
- phpListPro <= 2.0.1 (Language) Remote Code Execution Exploit
- IntelliTamper 2.07 (*.map file) Local Arbitrary Code Execution Exploit
- Zix Forum <= 1.12 (layid) SQL Injection Vulnerability
- phpMyDirectory <= 10.4.4 (ROOT_PATH) Remote Inclusion Vulnerability
- CaLogic Calendars 1.2.2 (CLPath) Remote File Include Vulnerabilities
- Woltlab Burning Board <= 2.3.5 (links.php) SQL Injection Exploit
- XOOPS <= 2.0.13.2 xoopsOption[nocommon] Remote Exploit
- Fusion News v.1.0 (fil_config) Remote File Inclusion Exploit
- Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
- UBB Threads 6.4.x-6.5.2 (thispath) Remote File Inclusion Vulnerability
- portmap 5 beta (Set/Dump) Local Denial of Service Exploit
- Nucleus CMS <= 3.22 (DIR_LIBS) Arbitrary Remote Inclusion Exploit
- Docebo <= 3.0.3 Multiple Remote File Include Vulnerabilities
- phpCommunityCalendar <= 4.0.3 Multiple (XSS/SQL) Vulnerabilities
- PunkBuster < 1.229 (WebTool Service) Remote Buffer Overflow DoS
- netPanzer 0.8 rev 952 (frameNum) Server Terminiation Exploit
- Drupal <= 4.7 (attachment mod_mime) Remote Exploit
- BASE <= 1.2.4 melissa (Snort Frontend) Remote Inclusion Vulnerabilities
- open-medium.CMS <= 0.25 (404.php) Remote File Include Vulnerability
- Back-End CMS <= 0.7.2.2 (BE_config.php) Remote Include Vulnerability
- Socketmail <= 2.2.6 (site_path) Remote File Include Vulnerability
- V-Webmail <= 1.6.4 (pear_dir) Remote File Include Vulnerability
- DoceboLMS <= 2.0.5 (help.php) Remote File Include Vulnerability
- APC ActionApps CMS 2.8.1 Remote File Include Vulnerabilities
- tiffsplit (libtiff <= 3.8.2) Local Stack Buffer Overflow PoC
- Plume CMS <= 1.0.3 (manager_path) Remote File Include Vulnerability
- qjForum (member.asp) SQL Injection Vulnerability
- Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities
- Hot Open Tickets <= 11012004 (CLASS_PATH) Remote Include Vuln
- PrideForum 1.0 (forum.asp) Remote SQL Injection Vulnerability
- MiniNuke 2.x (create an admin) Remote SQL Injection Exploit
- MS Internet Explorer (HTML Tag) Memory Corruption (MS06-013)
- tinyBB <= 0.3 Remote (Include / SQL Injection) Vulnerabilities
- Enigma Haber <= 4.3 Multiple Remote SQL Injection Vulnerabilities
- F@cile Interactive Web <= 0.8x Remote (Include / XSS) Vulnerabilities
- Eggblog < 3.07 Remote (SQL Injection / Privilege Escalation) Exploit
- UBB Threads 5.x / 6.x Multiple Remote File Inclusion Vulnerabilities
- Activity MOD Plus <= 1.1.0 (phpBB Mod) File Inclusion Vulnerability
- ASPSitem <= 2.0 Remote (SQL Injection / DB Disclosure) Vulnerabilities
- Blend Portal <= 1.2.0 (phpBB Mod) Remote File Inclusion Vulnerability
- CosmicShoppingCart (search.php) Remote SQL Injection Vulnerability
- Fastpublish CMS 1.6.9 config[fsBase] Remote Include Vulnerabilities
- Speedy ASP Forum (profileupdate.asp) User Pass Change Exploit
- Nukedit CMS <= 4.9.6 Unauthorized Admin Add Exploit
- gnopaste <= 0.5.3 (common.php) Remote File Include Vulnerability
- gxine 0.5.6 (HTTP Plugin) Remote Buffer Overflow PoC
- pppBlog <= 0.3.8 (randompic.php) System Disclosure Exploit
- Ottoman CMS <= 1.1.3 (default_path) Remote File Include Vulnerabilities
- metajour 2.1 (system_path) Remote File Include Vulnerabilities
- MS Internet Explorer (inetconn.dll) Stack Overflow Crash
- TinyPHP Forum <= 3.6 (profile.php) Remote Code Execution Exploit
- AssoCIateD CMS 1.1.3 (root_path) Remote File Include Vulnerability
- aspWebLinks 2.0 Remote SQL Injection / Admin Pass Change Exploit
- Bytehoard 2.1 (server.php) Remote File Include Vulnerability
- Redaxo CMS <= 3.2 (INCLUDE_PATH) Remote File Include Vulnerabilities
- iShopCart vGetPost() Remote Buffer Overflow Exploit (cgi)
- Igloo <= 0.1.9 (Wiki.php) Remote File Include Vulnerability
- ashNews 0.83 (pathtoashnews) Remote File Include Vulnerabilities
- Informium 0.12.0 (common-menu.php) Remote File Include Vulnerabilities
- PHP-Nuke <= 7.9 Final (phpbb_root_path) Remote File Inclusions
- Mozilla Firefox <= 1.5.0.4 (marquee) Denial of Service Exploit
- Pixelpost <= 1-5rc1-2 Remote Privilege Escalation Exploit
- DotClear <= 1.2.4 (prepend.php) Arbitrary Remote Inclusion Exploit
- BlueShoes Framework <= 4.6 Remote File Include Vulnerabilities
- WebspotBlogging <= 3.0.1 (path) Remote File Include Vulnerability
- CS-Cart <= 1.3.3 (classes_dir) Remote File Include Vulnerability
- ProPublish 2.0 (catid) Remote SQL Injection Vulnerability
- LifeType <= 1.0.4 SQL Injection / Admin Credentials Disclosure Exploit
- FunkBoard CF0.71 (profile.php) Remote User Pass Change Exploit
- SCart 2.0 (page) Remote Code Execution Exploit
- Claroline <= 1.7.6 (includePath) Remote Code Execution Exploit
- Particle Wiki <= 1.0.2 (version) Remote SQL Injection Vulnerability
- dotWidget CMS <= 1.0.6 (file_path) Remote File Include Vulnerabilities
- Linux Kernel < 2.6.16.18 (Netfilter NAT SNMP Module) Remote DoS Exploit
- DreamAccount <= 3.1 (da_path) Remote File Include Vulnerabilities
- Dmx Forum <= 2.1a (edit.php) Remote Password Disclosure Exploit
- Wikiwig <= 4.1 (wk_lang.php) Remote File Include Vulnerability
- myNewsletter <= 1.1.2 (adminLogin.asp) Login Bypass Exploit
- QBik Wingate 6.1.1.1077 (POST) Remote Buffer Overflow Exploit
- OpenEMR <= 2.8.1 (fileroot) Remote File Include Vulnerability
- Xtreme/Ditto News <= 1.0 (post.php) Remote File Include Vulnerability
- Back-End CMS <= 0.7.2.1 (jpcache.php) Remote Include Vulnerability
- D-Link Access-Point <= 2.10na (DWL Series) Config Disclosure Vuln
- cms-bandits 2.5 (spaw_root) Remote File Include Vulnerabilities
- Enterprise Payroll Systems <= 1.1 (footer) Remote Include Vulnerability
- Guestex Guestbook 1.00 (email) Remote Code Execution Exploit
- MailEnable Enterprise <= 2.0 (ASP Version) Multiple Vulnerabilities
- 0verkill 0.16 (ASCII-ART Game) Remote Integer Overflow Crash Exploit
- empris <= r20020923 (phormationdir) Remote Include Vulnerability
- aePartner <= 0.8.3 (dir[data]) Remote Include Vulnerability
- phpOnDirectory <= 1.0 Remote File Include Vulnerabilities
- WebprojectDB <= 0.1.3 (INCDIR) Remote File Include Vulnerability
- free QBoard <= 1.1 (qb_path) Remote File Include Vulnerability
- MaxiSepet <= 1.0 (link) SQL Injection Vulnerability
- RCblog <= 1.03 (post) Remote Command Execution Exploit
- AWF CMS 1.11 (spaw_root) Remote File Include Vulnerability
- Content-Builder (CMS) 0.7.5 Multiple Include Vulnerabilities
- blur6ex <= 0.3.462 (ID) Admin Disclosure / Blind SQL Injection Exploit
- DCP-Portal 6.1.x (root) Remote File Include Vulnerability
- CesarFTP 0.99g (MKD) Remote Buffer Overflow Exploit
- aWebNews <= 1.5 (visview.php) Remote File Include Vulnerability
- Minerva <= 2.0.8a Build 237 (phpbb_root_path) File Include Vulnerability
- MyBulletinBoard (MyBB) < 1.1.3 Remote Code Execution Exploit
- MS Windows (NtClose DeadLock) Vulnerability PoC (MS06-030)
- MS Windows XP/2K (Mrxsmb.sys) Privilege Escalation PoC (MS06-030)
- The Bible Portal Project <= 2.12 (destination) File Include Vulnerability
- Php Blue Dragon CMS <= 2.9.1 (template.php) File Include Vulnerability
- Content-Builder (CMS) <= 0.7.2 Multiple Include Vulnerabilities
- CesarFTP 0.99g (MKD) Remote Buffer Overflow Exploit (meta)
- DeluxeBB <= 1.06 (templatefolder) Remote File Include Vulnerabilities
- Pico Zip 4.01 (Long Filename) Buffer Overflow Exploit
- bitweaver <= 1.3 (tmpImagePath) Attachment mod_mime Exploit
- CMS Faethon <= 1.3.2 (mainpath) Remote File Inclusion Vulnerability
- Mambo <= 4.6rc1 (Weblinks) Blind SQL Injection Exploit
- FlashBB <= 1.1.8 (phpbb_root_path) Remote File Include Exploit
- Joomla <= 1.0.9 (Weblinks) Remote Blind SQL Injection Exploit
- Ad Manager Pro 2.6 (ipath) Remote File Include Vulnerability
- Sun iPlanet Messaging Server 5.2 HotFix 1.16 Root Password Disclosure
- INDEXU <= 5.0.1 (admin_template_path) Remote Include Vulnerabilities
- PHP Live Helper <= 1.x (abs_path) Remote File Include Vulnerability
- Microsoft Excel Unicode Local Overflow Exploit PoC
- IdeaBox <= 1.1 (gorumDir) Remote File Include Vulnerability
- Micro CMS <= 0.3.5 (microcms_path) Remote File Include Vulnerability
- WeBBoA Host Script 1.1 Remote SQL Injection Vulnerability
- ASP Stats Generator <= 2.1.1 SQL Injection Vulnerabilities
- Ultimate PHP Board <= 1.96 GOLD Multiple Vulnerabilities Exploit
- BandSite CMS <= 1.1.1 (root_path) Remote File Include Vulnerabilities
- dotProject <= 2.0.3 (baseDir) Remote File Inclusion Vulnerability
- Winamp <= 5.21 (Midi File Header Handling) Buffer Overflow PoC
- SmartSiteCMS 1.0 (root) Remote File Inclusion Vulnerability
- Opera 9 (long href) Remote Denial of Service Exploit
- DataLife Engine <= 4.1 Remote SQL Injection Exploit (perl)
- DataLife Engine <= 4.1 Remote SQL Injection Exploit (php)
- MS Windows RRAS Remote Stack Overflow Exploit (MS06-025)
- Mambo <= 4.6rc1 (Weblinks) Remote Blind SQL Injection Exploit (2)
- Ralf Image Gallery <= 0.7.4 Multiple Remote Vulnerabilities
- Harpia CMS <= 1.0.5 Remote File Include Vulnerabilities
- Microsoft Excel Unspecified Remote Code Execution Exploit
- w-Agora <= 4.2.0 (inc_dir) Remote File Include Exploit
- Jaws <= 0.6.2 (Search gadget) Remote SQL Injection Exploit
- BitchX <= 1.1-final do_hook() Remote Denial of Service Exploit
- phpMySms 2.0 (ROOT_PATH) Remote File Include Vulnerability
- XM Easy Personal FTP Server 5.0.1 (Port) Remote Overflow PoC
- MyBulletinBoard (MyBB) <= 1.1.3 (usercp.php) Create Admin Exploit
- MagNet BeeHive CMS (header) Remote File Include Vulnerability
- THoRCMS <= 1.3.1 (phpbb_root_path) Remote File Include Vulnerability
- DeluxeBB <= 1.07 (cp.php) Create Admin Exploit
- DreamAccount <= 3.1 (auth.api.php) Remote File Include Exploit
- CBSMS Mambo Module <= 1.0 Remote File Include Vulnerability
- Pearl For Mambo <= 1.6 Multiple Remote File Include Vulnerabilities
- Scout Portal Toolkit <= 1.4.0 (forumid) Remote SQL Injection Exploit
- Microsoft Excel 2003 Hlink Stack/SEH Buffer Overflow Exploit
- RsGallery2 <= 1.11.2 (rsgallery.html.php) File Include Vulnerability
- BLOG:CMS <= 4.0.0k Remote SQL Injection Exploit
- XOOPS myAds Module (lid) Remote SQL Injection Vulnerability
- Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)
- GeekLog <= 1.4.0sr3 (_CONF[path]) Remote File Include Vulnerabilities
- GeekLog <= 1.4.0sr3 f(u)ckeditor Remote Code Execution Exploit
- MS Windows RRAS RASMAN Registry Stack Overflow Exploit (MS06-025)
- MS Windows TCP/IP Protocol Driver Remote Buffer Overflow Exploit
- deV!Lz Clanportal [DZCP] <= 1.34 (id) Remote SQL Injection Exploit
- Stud.IP <= 1.3.0-2 Multiple Remote File Include Vulnerabilities
- Plume CMS 1.1.3 (dbinstall.php) Remote File Include Vulnerability
- Randshop <= 1.1.1 (header.inc.php) Remote File Include Vulnerability
- Opera Web Browser 9.00 (iframe) Remote Denial of Service Exploit
- Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (ppc)
- SmartSiteCMS 1.0 (root) Multiple Remote File Inclusion Vulnerabilities
- BXCP <= 0.3.0.4 (where) Remote SQL Injection Exploit
- Quake 3 Engine Client CG_ServerCommand() Remote Overflow Exploit
- Quake 3 Engine Client CS_ITEMS Remote Overflow Exploit (Win32)
- Microsoft Excel Universal Hlink Local Buffer Overflow Exploit
- ImgSvr <= 0.6.5 (long http post) Denial of Service Exploit
- galleria Mambo Module <= 1.0b Remote File Include Vulnerability
- WonderEdit Pro CMS (template_path) Remote File Include Vulnerabilities
- MyPHP CMS <= 0.3 (domain) Remote File Include Vulnerability
- WinRAR <= 3.60 beta 6 (SFX Path) Stack Overflow Exploit PoC
- WinRAR <= 3.60 beta 6 (SFX Path) Local Stack Overflow Exploit
- Microsoft Excel 2000/2003 Hlink Local Buffer Overflow Exploit (french)
- Hosting Controller <= 6.1 Hotfix 3.1 Privilege Escalation Vulnerability
- Microsoft Excel 2003 Hlink Local Buffer Overflow Exploit (italian)
- MS Internet Explorer 6 Table.Frameset NULL Dereference Vulnerability
- MS Internet Explorer 6 (Internet.HHCtrl) Heap Overflow Vulnerability
- Pivot <= 1.30 RC2 Privileges Escalation/Remote Code Execution Exploit
- WinRAR <= 3.60 beta 6 (SFX Path) Local Stack Overflow Exploit (french)
- PAPOO <= 3_RC3 SQL Injection/Admin Credentials Disclosure Exploit
- SimpleBoard Mambo Component <= 1.1.0 Remote Include Vulnerability
- com_forum Mambo Component <= 1.2.4RC3 Remote Include Vulnerability
- Sabdrimer PRO <= 2.2.4 (pluginpath) Remote File Include Vulnerability
- Webmin < 1.290 / Usermin < 1.220 Arbitrary File Disclosure Exploit
- Ottoman CMS <= 1.1.3 (default_path) Remote File Inclusion Exploit
- Microsoft Word 2000/2003 Hlink Local Buffer Overflow Exploit PoC
- SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit PoC
- Microsoft Word 2000/2003 Unchecked Boundary Condition Vulnerability
- EJ3 TOPo 2.2 (descripcion) Remote Command Execution Exploit
- SQuery <= 4.5 (gore.php) Remote File Inclusion Vulnerability
- Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit
- Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (2)
- Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (3)
- phpBB 3 (memberlist.php) Remote SQL Injection Exploit
- Phorum 5 (pm.php) Arbitrary Local Inclusion Exploit
- CzarNews <= 1.14 (tpath) Remote File Inclusion Vulnerability
- Invision Power Board 2.1 <= 2.1.6 Remote SQL Injection Exploit
- Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (4)
- MyBulletinBoard (MyBB) <= 1.1.5 (CLIENT-IP) SQL Injection Exploit
- Linux Kernel <= 2.6.17.4 (proc) Local Root Exploit
- Winlpd 1.2 Build 1076 Remote Buffer Overflow Exploit
- Rocks Clusters <= 4.1 (umount-loop) Local Root Exploit
- Rocks Clusters <= 4.1 (mount-loop) Local Root Exploit
- Webmin < 1.290 / Usermin < 1.220 Arbitrary File Disclosure Exploit (perl)
- FlushCMS <= 1.0.0-pre2 (class.rich.php) Remote Inclusion Vulnerability
- mail2forum phpBB Mod <= 1.2 (m2f_root_path) Remote Include Vulns
- com_videodb Mambo Component <= 0.3en Remote Include Vulnerability
- SMF Forum Mambo Component <= 1.3.1.3 Include Vulnerability
- com_extcalendar Mambo Component <= 2.0 Include Vulnerability
- com_loudmouth Mambo Component <= 4.0j Include Vulnerability
- pc_cookbook Mambo Component <= 0.3 Include Vulnerability
- perForms Mambo Component <= 1.0 Remote File Inclusion
- com_hashcash Mambo Component <= 1.2.1 Include Vulnerability
- HTMLArea3 Mambo Module <= 1.5 Remote Include Vulnerability
- Sitemap Mambo Component <= 2.0.0 Remote Include Vulnerability
- pollxt Mambo Component <= 1.22.07 Remote Include Vulnerability
- MiniBB Mambo Component <= 1.5a Remote File Include Vulnerabilities
- Linux Kernel 2.6.13 <= 2.6.17.4 prctl() Local Root Exploit (logrotate)
- Eskolar CMS 0.9.0.0 Remote Blind SQL Injection Exploit
- Invision Power Board 2.1 <= 2.1.6 Remote SQL Injection Exploit (2)
- BT Voyager 2091 (Wireless ADSL) Multiple Vulnerabilities
- toendaCMS <= 1.0.0 (FCKeditor) Remote File Upload Exploit
- PHP-Post 1.0 Cookie Modification Privilege Escalation Vulnerability
- Dumb <= 0.9.3 (it_read_envelope) Remote Heap Overflow PoC
- MS Internet Explorer 6 (Content-Type) Stack Overflow Crash
- iManage CMS <= 4.0.12 (absolute_path) Remote File Inclusion
- FileCOPA FTP Server <= 1.01 (LIST) Remote Buffer Overflow Exploit
- Cisco/Protego CS-MARS < 4.2.1 (JBoss) Remote Code Execution Exploit
- SiteDepth CMS <= 3.0.1 (SD_DIR) Remote File Include Vulnerability
- LoudBlog <= 0.5 (id) SQL Injection / Admin Credentials Disclosure
- Sendmail <= 8.13.5 Remote Signal Handling Exploit PoC
- MS Internet Explorer (MDAC) Remote Code Execution Exploit (MS06-014)
- Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
- MS Windows DHCP Client Broadcast Attack Exploit (MS06-036)
- Microsoft IIS ASP Stack Overflow Exploit (MS06-034)
- MS Windows Mailslot Ring0 Memory Corruption Exploit (MS06-035)
- PHP Forge <= 3 beta 2 (cfg_racine) Remote File Inclusion Vulnerability
- D-Link Router UPNP Stack Overflow Denial of Service Exploit (PoC)
- PHP Live! <= 3.2.1 (help.php) Remote Inclusion Vulnerability
- Apache Tomcat < 5.5.17 Remote Directory Listing Vulnerability
- MoSpray Mambo Component <= 18RC1 Remote Include Vulnerability
- ArticlesOne <= 07232006 (page) Remote Include Vulnerability
- Mam-Moodle Mambo Component alpha Remote Inclusion Vulnerability
- Cheese Tracker <= 0.9.9 Local Buffer Overflow Exploit PoC
- multibanners Mambo Component <= 1.0.1 Remote Inclusion Vulnerability
- Solaris <= 10 sysinfo() Local Kernel Memory Disclosure Exploit
- X7 Chat <= 2.0.4 (old_prefix) Remote Blind SQL Injection Exploit
- PrinceClan Chess Mambo Com <= 0.8 Remote Inclusion Vulnerability
- SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit
- Etomite CMS <= 0.6.1 (username) SQL Injection Exploit (mq = off)
- Etomite CMS <= 0.6.1 (rfiles.php) Remote Command Execution Exploit
- libmikmod <= 3.2.2 (GT2 loader) Local Heap Overflow PoC
- eIQnetworks License Manager Remote Buffer Overflow Exploit (1262)
- eIQnetworks License Manager Remote Buffer Overflow Exploit (494)
- AIM Triton 1.0.4 (SipXtapi) Remote Buffer Overflow Exploit (PoC)
- WMNews <= 0.2a (base_datapath) Remote Inclusion Vulnerability
- a6mambohelpdesk Mambo Component <= 18RC1 Include Vulnerability
- eIQnetworks ESA (Syslog Server) Remote Buffer Overflow Exploit
- eIQnetworks License Manager Remote Buffer Overflow Exploit (multi)
- Portail PHP <= 1.7 (chemin) Remote Inclusion Vulnerability
- Mozilla Firefox <= 1.5.0.4 Javascript Navigator Object Code Execution PoC
- Mambo Security Images Component <= 3.0.5 Inclusion Vulnerabilities
- Mambo MGM Component <= 0.95r2 Remote Inclusion Vulnerability
- Mambo Colophon Component <= 1.2 Remote Inclusion Vulnerability
- Mambo mambatStaff Component <= 3.1b Remote Inclusion Vulnerability
- vbPortal 3.0.2 <= 3.6.0 b1 (cookie) Remote Code Excution Exploit
- ATutor <= 1.5.3.1 (links) Remote Blind SQL Injection Exploit
- Mambo User Home Pages Component <= 0.5 Remote Include Vulnerability
- Joomla com_bayesiannaivefilter Component <= 1.1 Inclusion Vulnerability
- Microsoft PowerPoint 2003 SP2 Local Code Execution Exploit (french)
- Joomla LMO Component <= 1.0b2 Remote Include Vulnerability
- Open Cubic Player <= 2.6.0pre6 / 0.1.10_rc5 Multiple BOF Exploit
- PhpReactor 1.2.7pl1 (pathtohomedir) Remote Inclusion Vulnerability
- MyNewsGroups <= 0.6b (myng_root) Remote Inclusion Vulnerability
- NewsLetter <= 3.5 (NL_PATH) Remote File Inclusion Vulnerability
- TSEP <= 0.942 (copyright.php) Remote Inclusion Vulnerability
- WoW Roster <= 1.5.1 (subdir) Remote File Include Vulnerability
- PHPAuction 2.1 (phpAds_path) Remote File Inclusion Vulnerability
- newsReporter <= 1.1 (index.php) Remote Inclusion Vulnerability
- Voodoo chat <= 1.0RC1b (file_path) Remote File Inclusion Vulnerability
- k_shoutBox <= 4.4 Remote File Inclusion Vulnerability
- k_fileManager <= 1.2 (dwl_include_path) Remote Inclusion Vulnerability
- XMB <= 1.9.6 (u2uid) Remote SQL Injection Exploit (mq=off)
- Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit (x86)
- Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit (ppc)
- Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit
- WoW Roster <= 1.70 (/lib/phpbb.php) Remote File Include Vulnerability
- TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (meta)
- Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local BOF Exploit (2)
- SaveWeb Portal <= 3.4 (SITE_Path) Remote File Inclusion Vulnerabilities
- TinyPHP Forum <= 3.6 (makeadmin) Remote Admin Maker Exploit
- Kayako eSupport <= 2.3.1 (subd) Remote File Inclusion Vulnerability
- TSEP <= 0.942 (colorswitch.php) Remote Inclusion Vulnerability
- SendCard <= 3.4.0 Unauthorized Administrative Access Exploit
- myBloggie <= 2.1.4 (trackback.php) Multiple SQL Injections Exploit
- PHP Simple Shop <= 2.0 (abs_path) Remote File Inclusion Vulnerability
- PHP Live Helper <= 2.0 (abs_path) Remote File Inclusion Vulnerability
- Torbstoff News 4 (pfad) Remote File Inclusion Vulnerability
- ME Download System <= 1.3 (header.php) Remote Inclusion Vulnerability
- SQLiteWebAdmin 0.1 (tpl.inc.php) Remote Include Vulnerability
- XChat <= 2.6.7 (win version) Remote Denial of Service Exploit (php)
- Joomla JD-Wiki Component <= 1.0.2 Remote Include Vulnerability
- Modernbill <= 1.6 (config.php) Remote File Include Vulnerability
- SAPID CMS <= 1.2.3.05 (root_path) Remote File Include Vulnerabilities
- SAPID Blog <= beta 2 (root_path) Remote File Include Vulnerabilities
- SAPID Gallery <= 1.0 (root_path) Remote File Include Vulnerabilities
- SAPID Shop <= 1.2 (root_path) Remote File Include Vulnerability
- phpAutoMembersArea <= 3.2.5 (installed_config_file) Remote Inclusion
- Simple CMS Administrator Authentication Bypass Vulnerability
- phpCC 4.2 beta (base_dir) Remote File Inclusion Vulnerability
- NEWSolved Lite v1.9.2 (abs_path) Remote File Inclusion Vulnerabilities
- Barracuda Spam Firewall <= 3.3.03.053 Remote Code Execution
- QuestCMS (main.php) Remote File Include Vulnerability
- YenerTurk Haber Script 1.0 Remote SQL Injection Vulnerability
- PHPCodeCabinet <= 0.5 (Core.php) Remote File Include Vulnerability
- eIQnetworks License Manager Remote Buffer Overflow Exploit (multi)
- Visual Events Calendar 1.1 (cfg_dir) Remote Include Vulnerability
- ZoneX 1.0.3 Publishers Gold Edition Remote File Inclusion Vulnerability
- TWiki <= 4.0.4 (configure) Remote Command Execution Exploit
- liblesstif <= 2-0.93.94-4mdk (DEBUG_FILE) Local Root Exploit
- Barracuda Spam Firewall <= 3.3.03.053 Remote Code Execution (extra)
- docpile:we <= 0.2.2 (INIT_PATH) Remote File Inclusion Vulnerabilities
- XChat <= 2.6.7 (win version) Remote Denial of Service Exploit (perl)
- phNNTP <= 1.3 (article-raw.php) Remote File Include Vulnerability
- Hitweb <= 4.2.1 (REP_INC) Remote File Include Vulnerability
- CLUB-Nuke [XP] 2.0 LCID 2048 (Turkish Version) SQL Injection
- Cwfm <= 0.9.1 (Language) Remote File Inclusion Vulnerability
- PHP <= 4.4.3 / 5.1.4 (objIndex) Local Buffer Overflow Exploit PoC
- Boite de News <= 4.0.1 (index.php) Remote File Inclusion Vulnerability
- PgMarket <= 2.2.3 (CFG[libdir]) Remote File Inclusion Vulnerability
- See-Commerce <= 1.0.625 (owimg.php3) Remote Include Vulnerability
- PocketPC MMS Composer (WAPPush) Denial of Service Exploit
- Tagger Luxury Edition (BBCodeFile) Remote File Include Vulnerability
- TinyWebGallery <= 1.5 (image) Remote Include Vulnerabilities
- PHPMyRing <= 4.2.0 (view_com.php) Remote SQL Injection Exploit
- OpenMPT <= 1.17.02.43 Multiple Remote Buffer Overflow Exploit PoC
- SAPID CMS <= 1.2.3_rc3 (rootpath) Remote Code Execution Exploit
- MS Windows NetpIsRemote() Remote Overflow Exploit (MS06-040)
- phpwcms <= 1.1-RC4 (spaw) Remote File Include Vulnerability
- Internet Explorer (MDAC) Remote Code Execution Exploit (MS06-014) (2)
- Spaminator <= 1.7 (page) Remote File Include Vulnerability
- Thatware <= 0.4.6 (root_path) Remote File Include Vulnerability
- SaveWebPortal <= 3.4 (page) Remote File Inclusion Vulnerability
- phpPrintAnalyzer <= 1.2 Remote File Include Vulnerability
- Chaussette <= 080706 (_BASE) Remote File Include Vulnerabilities
- VWar <= 1.50 R14 (online.php) Remote SQL Injection Vulnerability
- WEBInsta MM 1.3e (cabsolute_path) Remote File Include Vulnerability
- Mambo Remository Component <= 3.25 Remote Include Vulnerability
- MVCnPHP <= 3.0 glConf[path_libraries] Remote Include Vulnerabilities
- Wheatblog <= 1.1 (session.php) Remote File Include Vulnerability
- WEBinsta CMS <= 0.3.1 (templates_dir) Remote File Include Exploit
- Nokia Symbian 60 3rd Edition Browser Denial of Service Crash
- Joomla Webring Component <= 1.0 Remote Include Vulnerability
- XMB <= 1.9.6 Final basename() Remote Command Execution Exploit
- Opera 9 IRC Client Remote Denial of Service Exploit (c)
- Opera 9 IRC Client Remote Denial of Service Exploit (py)
- phPay <= 2.02 (nu_mail.inc.php) Remote mail() Injection Exploit
- Mambo mmp Component <= 1.2 Remote File Include Vulnerability
- ProjectButler <= 0.8.4 (rootdir) Remote File Include Vulnerabilities
- Mambo Peoplebook Component 1.0 Remote File Include Vulnerability
- Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
- Spidey Blog Script <= 1.5 (tr) Remote SQL Injection Vulnerability
- WEBInsta MM <= 1.3e (absolute_path) Remote File Include Exploit
- Discloser <= 0.0.4 (fileloc) Remote File Include Vulnerabilities
- WEBInsta CMS <= 0.3.1 (users.php) Remote File Include Vulnerability
- PHProjekt <= 5.1 Multiple Remote File Include Vulnerabilities
- dotProject <= 2.0.4 (baseDir) Remote File Include Vulnerability
- OPT Max <= 1.2.0 (CRM_inc) Remote File Include Vulnerability
- PHP <= 4.4.3 / 5.1.4 (sscanf) Local Buffer Overflow Exploit
- MS Windows PNG File IHDR Block Denial of Service Exploit PoC
- VMware 5.5.1 COM Object Arbitrary Partition Table Delete Exploit
- Mambo CopperminePhotoGalery Component Remote Include Vulnerability
- CubeCart <= 3.0.11 (oid) Remote Blind SQL Injection Exploit
- IRSR <= 0.2 (_sysSessionPath) Remote File Include Vulnerability
- WTcom <= 0.2.4-alpha (torrents.php) Remote SQL Injection Vulnerability
- POWERGAP <= 2003 (s0x.php) Remote File Include Vulnerability
- Mambo mambelfish Component <= 1.1 Remote File Include Vulnerability
- Joomla com_jim Component <= 1.0.1 Remote File Include Vulnerability
- MS Windows PNG File IHDR Block Denial of Service Exploit PoC (c)
- Joomla Mosets Tree <= 1.0 Remote File Include Vulnerability
- Mambo phpShop Component <= 1.2 RC2b File Include Vulnerability
- Mambo a6mambocredits Component 1.0.0 File Include Vulnerability
- Macromedia Flash 9 (IE Plugin) Remote Denial of Service Crash Exploit
- Joomla Artlinks Component <= 1.0b4 Remote Include Vulnerability
- MS Windows PNG File IHDR Block Denial of Service Exploit PoC (c) (2)
- PHlyMail Lite <= 3.4.4 (mod.listmail.php) Remote Include Vulnerability
- phpCodeGenie <= 3.0.2 (BEAUT_PATH) Remote File Include Vulnerability
- Mambo MamboWiki Component <= 0.9.6 Remote Include Vulnerability
- Joomla Link Directory Component <= 1.0.3 Remote Include Vulnerability
- Joomla Kochsuite Component <= 0.9.4 Remote File Include Vulnerability
- Sonium Enterprise Adressbook <= 0.2 (folder) Include Vulnerability
- Mambo cropimage Component <= 1.0 Remote File Include Vulnerability
- interact <= 2.2 (CONFIG[BASE_PATH]) Remote File Include Vulnerability
- Joomla <=1.0.10 (poll component) Arbitrary Add Votes Exploit
- Tutti Nova <= 1.6 (TNLIB_DIR) Remote File Include Vulnerability
- Fantastic News <= 2.1.3 (script_path) Remote File Include Vulnerability
- Mambo com_lurm_constructor Component <= 0.6b Include Vulnerability
- MS Windows CanonicalizePathName() Remote Exploit (MS06-040)
- ZZ:FlashChat <= 3.1 (adminlog) Remote File Incude Vulnerability
- mambo com_babackup Component <= 1.1 File Include Vulnerability
- NES Game and NES System <= c108122 File Include Vulnerabilities
- SportsPHool <= 1.0 (mainnav) Remote File Include Vulnerability
- SimpleBlog <= 2.0 (comments.asp) Remote SQL Injection Vulnerability
- Shadows Rising RPG <= 0.0.5b Remote File Include Vulnerabilities
- LBlog <= 1.05 (comments.asp) Remote SQL Injection Vulnerability
- Simple Machines Forum <= 1.1 rc2 (lngfile) Remote Exploit (windows)
- SimpleBlog <= 2.0 (comments.asp) Remote SQL Injection Exploit
- WFTPD 3.23 (SIZE) Remote Buffer Overflow Exploit
- Easy File Sharing FTP Server 2.0 (PASS) Remote Exploit (PoC)
- PHProjekt <= 6.1 (path_pre) Multiple Remote File Include Vulnerabilities
- PHlyMail Lite <= 3.4.4 (folderprops.php) Remote Include Vulnerability (2)
- Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
- MS Internet Explorer Multiple COM Object Color Property DoS
- Empire CMS <= 3.7 (checklevel.php) Remote File Include Vulnerability
- HPE <= 1.0 (HPEinc) Remote File Include Vulnerabilities (updated)
- Solaris 10 sysinfo(2) Local Kernel Memory Disclosure Exploit
- Solaris 8 / 9 (/usr/ucb/ps) Local Information Leak Exploit
- Simple Machines Forum <= 1.1 rc2 Lock Topics Remote Exploit
- Mozilla Firefox <= 1.5.0.6 (FTP Request) Remote Denial of Service Exploit
- MDaemon POP3 Server < 9.06 (USER) Remote Buffer Overflow PoC
- 2wire Modems/Routers CRLF Denial of Service Exploit
- MercuryBoard <= 1.1.4 (User-Agent) Remote SQL Injection Exploit
- phpBB All Topics Mod <= 1.5.0 (start) Remote SQL Injection Exploit
- pSlash 0.7 (lvc_include_dir) Remote File Include Vulnerability
- Integramod Portal <= 2.x (functions_portal.php) Remote Include Exploit
- VistaBB <= 2.x (functions_mod_user.php) Remote Include Exploit
- Wikepage Opus 10 <= 2006.2a (lng) Remote Command Execution Exploit
- Phaos <= 0.9.2 basename() Remote Command Execution Exploit
- phpCOIN 1.2.3 (session_set.php) Remote Include Vulnerability
- eFiction < 2.0.7 Remote Admin Authentication Bypass Vulnerability
- Integramod Portal <= 2.0 rc2 (phpbb_root_path) Remote File Include
- CliServ Web Community <= 0.65 (cl_headers) Include Vulnerability
- MDaemon POP3 Server < 9.06 (USER) Remote Heap Overflow Exploit
- proManager <= 0.73 (note.php) Remote SQL Injection Vulnerability
- AlberT-EasySite <= 1.0a5 (PSA_PATH) Remote File Include Exploit
- iziContents <= RC6 GLOBALS[] Remote Code Execution Exploit
- CMS Frogss <= 0.4 (podpis) Remote SQL Injection Exploit
- Ay System CMS <= 2.6 (main.php) Remote File Include Vulnerability
- VMware 5.5.1 (ActiveX) Local Buffer Overflow Exploit
- MS Windows NetpIsRemote() Remote Overflow Exploit (MS06-040) (2)
- Cybozu Products (id) Arbitrary File Retrieval Vulnerability
- Cybuzu Garoon 2.1.0 Multiple Remote SQL Injection Vulnerabilities
- e107 <= 0.75 (GLOBALS Overwrite) Remote Code Execution Exploit
- Web3news <= 0.95 (PHPSECURITYADMIN_PATH) Remote Include Vuln
- phpGroupWare <= 0.9.16.010 GLOBALS[] Remote Code Execution Exploit
- PortailPHP mod_phpalbum <= 2.1.5 (chemin) Remote Include Vuln
- MiniBill <= 1.22b config[plugin_dir] Remote File Inclusion Vulnerabilities
- ExBB Italiano <= 0.2 exbb[home_path] Remote File Include Vulnerability
- Streamripper <= 1.61.25 HTTP Header Parsing Buffer Overflow Exploit
- phpECard <= 2.1.4 (functions.php) Remote File Include Vulnerability
- IBM eGatherer <= 3.20.0284.0 (ActiveX) Remote Code Execution Exploit
- Streamripper <= 1.61.25 HTTP Header Parsing Buffer Overflow Exploit 2
- ZipCentral 4.01 ZIP File Handling Local Buffer Overflow Exploit
- phpAtm <= 1.21 (include_location) Remote File Include Vulnerabilities
- Lanifex DMO <= 2.3b (_incMgr) Remote File Include Exploit
- Pheap CMS <= 1.1 (lpref) Remote File Include Exploit
- YACS CMS <= 6.6.1 context[path_to_root] Remote File Include Vuln
- TIBCO Rendezvous <= 7.4.11 (add router) Remote BOF Exploit
- TIBCO Rendezvous <= 7.4.11 Password Extractor Local Exploit
- MyBace Light (login_check.php) Remote File Vulnerability
- PowerZip <= 7.06.3895 Long Filename Handling Buffer Overflow Exploit
- icblogger v2 (YID) Remote SQL Injection Vulnerability
- TikiWiki <= 1.9 Sirius (jhot.php) Remote Command Execution Exploit
- Annuaire 1Two 2.2 Remote SQL Injection Exploit
- Dyncms <= Release 6 (x_admindir) Remote File Include Vulnerability
- PmWiki <= 2.1.19 (Zend_Hash_Del_Key_Or_Index) Remote Exploit
- yappa-ng <= 2.3.1 (admin_modules) Remote File Include Vulnerability
- FlashChat <= 4.5.7 (aedating4CMS.php) Remote File Include Vulnerability
- Muratsoft Haber Portal 3.6 (tr) Remote SQL Injection Vulnerability
- In-link <= 2.3.4 (ADODB_DIR) Remote File Include Vulnerabilities
- SimpleBlog <= 2.3 (id) Remote SQL Injection Vulnerability
- Tr Forum 2.0 SQL Injection / Bypass Security Restriction Exploit
- pHNews <= alpha 1 (templates_dir) Remote Code Execution Exploit
- PHP Proxima <= v.6 completepack Remote Code Execution Exploit
- SoftBB 0.1 (cmd) Remote Command Execution Exploit
- MySpeach <= 3.0.2 (my_ms[root]) Remote File Include Vulnerability
- J. River Media Center 11.0.309 Remote Denial of Service PoC
- dsock <= 1.3 (buf) Remote Buffer Overflow PoC
- GrapAgenda 0.1 (page) Remote File Include Vulnerability
- AnnonceV News Script <= 1.1 (page) Remote File Include Vulnerability
- Zix Forum <= 1.12 (RepId) Remote SQL Injection Vulnerability
- ACGV News <= 0.9.1 (PathNews) Remote File Inclusion Vulnerability
- C-News <= 1.0.1 (path) Remote File Inclusion Vulnerability
- Sponge News <= 2.2 (sndir) Remote File Include Vulnerability
- PhpCommander <= 3.0 (upload) Remote Code Execution Exploit
- phpBB Shadow Premod <= 2.7.1 Remote File Include Vulnerability
- BinGo News <= 3.01 (bnrep) Remote File Include Vulnerability
- phpFullAnnu <= 5.1 (repmod) Remote File Include Vulnerability
- Beautifier 0.1 (Core.php) Remote File Include Vulnerability
- Akarru <= 0.4.3.34 (bm_content) Remote File Include Vulnerability
- PayProCart <= 1146078425 Multiple Remote File Include Vulnerabilities
- SL_Site <= 1.0 (spaw_root) Remote File Include Vulnerability
- Web Server Creator v0.1 (l) Remote Include Vulnerability
- Fire Soft Board <= RC 3 (racine) Remote File Include Vulnerability
- IBM Director < 5.10 (Redirect.bat) Directory Transversal Vulnerability
- DokuWiki <= 2006-03-09b (dwpage.php) Remote Code Execution Exploit
- DokuWiki <= 2006-03-09b (dwpage.php) System Disclosure Exploit
- PhpNews 1.0 (Include) Remote File Include Vulnerabilities
- ACGV News 0.9.1 (PathNews) Remote File Include Vulnerability
- News Evolution 3.0.3 _NE[AbsPath] Remote File Include Vulnerabilities
- WM-News <= 0.5 Multiple Remote File Include Vulnerabilities
- PhotoKorn Gallery <= 1.52 (dir_path) Remote File Include Vulnerabilities
- RaidenHTTPD 1.1.49 (SoftParserFileXml) Remote Code Execution Exploit
- Somery <= 0.4.6 (skin_dir) Remote File Include Vulnerability
- X11R6 <= 6.4 XKEYBOARD Local Buffer Overflow Exploit (solaris/sparc)
- X11R6 <= 6.4 XKEYBOARD Local Buffer Overflow Exploit (solaris/x86)
- X11R6 <= 6.4 XKEYBOARD Local Buffer Overflow Exploit (sco/x86)
- CCleague Pro <= 1.0.1RC1 (Cookie) Remote Code Execution Exploit
- Multithreaded TFTP <= 1.1 (Long Get Request) Denial of Service Exploit
- MyABraCaDaWeb <= 1.0.3 (base) Remote File Include Vulnerabilities
- Socketwiz Bookmarks <= 2.0 (root_dir) Remote File Include Exploit
- Vivvo Article Manager <= 3.2 (id) Remote SQL Injection Vulnerability
- openmovieeditor <= 0.0.20060901 (name) Local Buffer Overflow Exploit
- Vivvo Article Manager <= 3.2 (classified_path) File Include Vulnerability
- PUMA <= 1.0 RC 2 (config.php) Remote File Include Vulnerability
- Open Bulletin Board <= 1.0.8 (root_path) File Include Vulnerability
- mcGalleryPRO <= 2006 (path_to_folder) Remote Include Vulnerability
- MiniPort@l <= 0.1.5 beta (skiny) Remote File Include Vulnerability
- OPENi-CMS <= 1.0.1beta (config) Remote File Include Vulnerability
- Mercur Mailserver 5.0 SP3 (IMAP) Remote Buffer Overflow Exploit (2)
- WTools 0.0.1a (include_path) Remote File Include Vulnerability
- PhpLinkExchange 1.0 (include/xss) Remote Vulnerabilities
- phpBB <= 2.0.21 (Poison NULL Byte) Remote Exploit
- phpBB XS <= 0.58 (functions.php) Remote File Include Vulnerability
- p4CMS <= 1.05 (abs_pfad) Remote File Include Vulnerability
- Popper <= v1.41-r2 (form) Remote File Include Vulnerability
- webSPELL <= 4.01.01 Database Backup Download Vulnerability
- Vitrax Pre-modded <= 1.0.6-r3 Remote File Include Vulnerability
- Signkorn Guestbook <= 1.3 (dir_path) Remote File Include Vulnerability
- MS Windows NetpIsRemote() Remote Overflow Exploit (MS06-040) (2k3)
- Quicksilver Forums <= 1.2.1 (set) Remote File Include Vulnerability
- phpunity.postcard (gallery_path) Remote File Include Vulnerability
- MS Internet Explorer COM Object Remote Heap Overflow Exploit
- Downstat <= 1.8 (art) Remote File Include Vulnerability
- X11R6 <= 6.4 XKEYBOARD Local Buffer Overflow Exploit (solaris/sparc)
- Shadowed Portal <= 5.599 (root) Remote File Include Vulnerability
- TualBLOG 1.0 (icerikno) Remote SQL Injection Vulnerability
- Magic News Pro <= 1.0.3 (script_path) Remote File Include Vulnerability
- KnowledgeBuilder <= 2.2 (visEdit_root) Remote File Include Vulnerability
- Newsscript <= 0.5 Remote and Local File Include Vulnerability
- phpQuiz 0.1 (pagename) Remote File Include Vulnerability
- Mambo com_serverstat Component <= 0.4.4 File Include Vulnerability
- TeamCal Pro <= 2.8.001 (app_root) Remote file Include Vulnerability
- PhotoPost <= 4.6 (PP_PATH) Remote File Include Vulnerability
- Limbo CMS <= 1.0.4.2L (com_contact) Remote Code Execution Exploit
- Haberx 1.02 <= 1.1 (tr) Remote SQL Injection Vulnerability
- BolinOS <= 4.5.5 (gBRootPath) Remote File Include Vulnerability
- PHP DocWriter <= 0.3 (script) Remote File Include Exploit
- Site@School <= 2.4.02 Advisory / Remote File Upload Exploit
- Coppermine Photo Gallery <= 1.2.2b (Nuke Addon) Include Vulnerability
- phpQuiz <= 0.1.2 Remote SQL Injection / Code Execution Exploit
- aeDating <= 4.1 dir[inc] Remote File Include Vulnerabilities
- GNUTURK <= 2G (t_id) Remote SQL Injection Exploit
- Mambo com_registration_detailed <= 4.1 Remote File Include
- UNAK-CMS <= 1.5 (dirroot) Remote File Include Vulnerabilities
- guanxiCRM Business Solution <= 0.9.1 Remote File Include Vulnerability
- Zix Forum <= 1.12 (RepId) Remote SQL Injection Exploit
- MobilePublisherPHP <= 1.5 RC2 Remote File Include Vulnerability
- Q-Shop 3.5 (browse.asp) Remote SQL Injection Vulnerability
- Techno Dreams FAQ Manager 1.0 Remote SQL Injection Vulnerability
- Techno Dreams Articles & Papers 2.0 Remote SQL Injection Vulnerability
- Charon Cart v3 (Review.asp) Remote SQL Injection Vulnerability
- CMtextS <= 1.0 (users_logins/admin.txt) Credentials Disclosure Vuln
- AlstraSoft E-Friends <= 4.85 Remote Command Execution Exploit
- PNphpBB2 <= 1.2g (phpbb_root_path) Remote File Include Vulnerability
- Exponent CMS <= 0.96.3 (view) Remote Command Execution Exploit
- Pie Cart Pro (Home_Path) Remote File Include Vulnerability
- Pie Cart Pro (Inc_Dir) Remote File Include Vulnerabilities
- more.groupware <= 0.74 (new_calendarid) Remote SQL Injection Exploit
- Tekman Portal 1.0 (tr) Remote SQL Injection Vulnerability
- Simple Discussion Board 0.1.0 Remote File Include Vulnerability
- MyReview 1.9.4 (email) Remote SQL Injection / Code Execution Exploit
- Digital WebShop <= 1.128 Multiple Remote File Include Vulnerabilities
- BCWB <= 0.99 (root_path) Remote File Include Vulnerability
- MS Internet Explorer (VML) Remote Denial of Service Exploit PoC
- WS_FTP LE 5.08 (PASV response) Remote Buffer Overflow Exploit
- Php Blue Dragon CMS <= 2.9.1 (XSS/SQL) Code Execution Exploit
- MS Internet Explorer (VML) Remote Buffer Overflow Exploit
- Dr.Web Antivirus 4.33 (LHA long directory name) Local Overflow Exploit
- AllMyGuests <= 0.4.1 (cfg_serverpath) Remote File Include Vulnerability
- exV2 <= 2.0.4.3 (sort) Remote SQL Injection Exploit
- pNews <= 1.1.0 (nbs) Remote File Include Vulnerability
- MS Internet Explorer (VML) Remote Buffer Overflow Exploit (XP SP1)
- PHPartenaire 1.0 (dix.php3) Remote File Include Vulnerability
- phpQuestionnaire 3.12 (phpQRootDir) Remote File Include Vulnerability
- ProgSys <= 0.156 (RR.php) Remote File Include Exploit
- MS Windows (Windows Kernel) Privilege Escalation Exploit (MS06-049)
- SolidState <= 0.4 Multiple Remote File Include Vulnerabilities
- Wili-CMS <= 0.1.1 (include/xss/full path) Remote Vulnerabilities
- exV2 <= 2.0.4.3 extract() Remote Command Execution Exploit
- xweblog <= 2.1 (kategori.asp) Remote SQL Injection Vulnerability
- Eskolar CMS 0.9.0.0 (index.php) Remote SQL Injection Exploit
- e-Vision CMS 2.0 (all_users.php) Remote SQL Injection Exploit
- Web-News <= 1.6.3 (template.php) Remote File Include Vulnerability
- ZoomStats <= 1.0.2 (mysql.php) Remote File Include Vulnerability
- Spidey Blog Script <= 1.5 (tr) Remote SQL Injection Exploit
- Advaced-Clan-Script <= 3.4 (mcf.php) Remote File Include Vulnerability
- iyzi Forum <= 1.0 Beta 3 (uye_ayrinti.asp) Remote SQL Injection
- SyntaxCMS <= 1.3 (0004_init_urls.php) Remote File Include Vulnerability
- MS Internet Explorer (VML) Remote Buffer Overflow Exploit (XP SP2)
- MS Internet Explorer (VML) Remote Buffer Overflow Exploit (SP2) (pl)
- Polaring <= 0.04.03 (general.php) Remote File Include Vulnerability
- PBLang <= 4.66z (temppath) Remote File Include Vulnerability
- Minerva <= 2.0.21 build 238a (phpbb_root_path) File Include Vulnerability
- evoBB <= 0.3 (path) Remote File Include Vulnerability
- BrudaNews <= 1.1 (admin/index.php) Remote File Include Vulnerability
- BrudaGB <= 1.1 (admin/index.php) Remote File Include Vulnerability
- faceStones personal <= 2.0.42 (fs_form_links.php) File Include Vuln
- WEB//NEWS <= 1.4 (parser.php) Remote File Include Vulnerability
- A-Blog V2 (menu.php) Remote File Include Vulnerability
- paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit
- Kietu? <= 4.0.0b2 (hit.php) Remote File Include Vulnerability
- Newswriter SW <= 1.42 (editfunc.inc.php) File Include Vulnerability
- MS Internet Explorer WebViewFolderIcon setSlice() Overflow Exploit
- Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit
- A-Blog 2.0 Multiple Remote File Include Vulnerabilities
- Newswriter SW 1.4.2 (main.inc.php) Remote File Include Exploit
- OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit
- NaviCOPA Web Server 2.01 (GET) Remote Buffer Overflow Exploit
- PPA Gallery <= 1.0 (functions.inc.php) Remote File Include Exploit
- KGB 1.87 (Local Inclusion) Remote Code Execution Exploit
- MS Internet Explorer WebViewFolderIcon setSlice() Exploit (html)
- Les Visiteurs (Visitors) <= 2.0 (config.inc.php) File Include Vulnerability
- TagIt! Tagboard <= 2.1.b b2 (index.php) Remote File Include Vulnerability
- phpMyWebmin 1.0 (window.php) Remote File Include Vulnerability
- phpSecurePages <= 0.28b (secure.php) Remote File Include Vulnerability
- phpBB XS <= 0.58a (phpbb_root_path) Remote File Include Vulnerability
- PowerPortal 1.3a (index.php) Remote File Include Vulnerability
- VideoDB <= 2.2.1 (pdf.php) Remote File Include Exploit
- PHP Krazy Image Hosting 0.7a (display.php) SQL Injection Exploit
- UBB.threads <= 6.5.1.1 (doeditconfig.php) Code Execution Exploit
- MS Internet Explorer WebViewFolderIcon setSlice() Exploit (pl)
- Forum82 <= 2.5.2b (repertorylevel) Multiple File Include Vulnerabilities
- MS Internet Explorer WebViewFolderIcon setSlice() Exploit (c)
- VAMP Webmail <= 2.0beta1 (yesno.phtml) Remote Include Vulnerability
- phpMyWebmin <= 1.0 (target) Remote File Include Vulnerabilities
- Mac OS X <= 10.4.7 Mach Exception Handling Local Root Exploit
- Mac OS X <= 10.4.7 Mach Exception Handling Local Exploit (10.3.x 0day)
- BasiliX 1.1.1 (BSX_LIBDIR) Remote File Include Exploit
- cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit
- McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 (Source) Remote Exploit
- BBaCE <= 3.5 (includes/functions.php) Remote File Include Vulnerability
- JAF CMS <= 4.0 RC1 (forum.php) Remote File Include Exploit
- phpMyProfiler <= 0.9.6 Remote File Include Vulnerability
- Travelsized CMS <= 0.4 (frontpage.php) Remote File Include Exploit
- Klinza Professional CMS <= 5.0.1 (show_hlp.php) File Include Exploit
- Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit
- JAF CMS <= 4.0 RC1 Multiple Remote File Include Vulnerabilities
- phpBB Admin Topic Action Logging Mod <= 0.94b File Include Vuln
- phpGreetz <= 0.99 (footer.php) Remote File Include Vulnerability
- phpBB Static Topics <= 1.0 [phpbb_root_path] File Include Vulnerability
- phpMyTeam <= 2.0 (smileys_dir) Remote File Include Vulnerability
- PHP Classifieds 7.1 (index.php) Remote SQL Injection Vulnerability
- phpBB Security Suite Mod 1.0.0 (logger_engine.php) Remote File Include
- Dimension of phpBB <= 0.2.6 (phpbb_root_path) Remote File Includes
- SHTTPD 1.34 (POST) Remote Buffer Overflow Exploit
- phpBB User Viewed Posts Tracker <= 1.0 File Include Vulnerability
- FreeForum <= 0.9.7 (forum.php) Remote File Include Vulnerability
- Cahier de texte 2.0 (lire.php) Remote SQL Injection Exploit
- phpBB Random User Registration Number 1.0 Mod Inclusion Vulnerability
- 4images 1.7.x (search.php) Remote SQL Injection Exploit
- PHPMyNews <= 1.4 (cfg_include_dir) Remote File Include Vulnerabilities
- Ciamos CMS <= 0.9.6b (config.php) Remote File Include Exploit
- Freenews <= 1.1 (moteur.php) Remote File Include Vulnerability
- phpPC <= 1.03 RC1 (/lib/functions.inc.php) Remote File Include Exploit
- Infecting Elf Binaries to Gain Local Root Exploit
- docmint <= 2.0 (engine/require.php) Remote File Inclusion Exploit
- OpenDock Easy Doc <=1.4 (doc_directory) File Include Vulnerabilities
- OpenDock Easy Blog <=1.4 (doc_directory) File Include Vulnerabilities
- WebYep <= 1.1.9 (webyep_sIncludePath) File Include Vulnerabilities
- OpenDock Easy Gallery <= 1.4 (doc_directory) File Include Vulnerabilities
- Flatnuke <= 2.5.8 file() Priv Escalation / Code Execution Exploit
- Flatnuke 2.5.8 (userlang) Local Inclusion / Delete All Users Exploit
- phpMyAgenda <= 3.1 (templates/header.php3) Local File Include Exploit
- TribunaLibre 3.12 Beta (ftag.php) Remote File Include Vulnerability
- registroTL (main.php) Remote File Include Vulnerability
- compteur v2 (param_editor.php) Remote File Include Vulnerability
- eboli (index.php) Remote File Include Vulnerability
- JASmine <= 0.0.2 (index.php) Remote File Include Vulnerability
- Foafgen <= 0.3 (redir.php) Local Source Disclosure Vulnerability
- Album Photo Sans Nom <= 1.6 Remote Source Disclosure Vulnerability
- vtiger CRM <= 4.2 (calpath) Multiple Remote File Include Vulnerabilities
- Exhibit Engine <= 1.5 RC 4 (photo_comment.php) File Include Exploit
- Claroline <= 1.8.0 rc1 (import.lib.php) Remote File Include Vulnerability
- PHPLibrary <= 1.5.3 (grid3.lib.php) Remote File Include Vulnerability
- Jinzora <= 2.1 (media.php) Remote File Include Vulnerability
- ae2 (standart.inc.php) Remote File Include Vulnerability
- n@board <= 3.1.9e (naboard_pnr.php) Remote File Include Vulnerability
- Kmail <= 1.9.1 (IMG SRC) Remote Denial of Service Vulnerability
- CommunityPortals 1.0 (import-archive.php) File Include Vulnerability
- PHP News Reader <= 2.6.4 (phpbb.inc.php) Remote File Include Exploit
- SH-News <= 3.1 (scriptpath) Multiple Remote File Include Vulnerabilities
- Minichat v6 (ftag.php) Remote File Include Vulnerability
- Softerra PHP Developer Library <= 1.5.3 File Include Vulnerabilities
- Download-Engine <= 1.4.2 (spaw) Remote File Include Vulnerability
- phpBB Journals System Mod 1.0.2 [RC2] Remote File Include Exploit
- Microsoft Office 2003 PPT Local Buffer Overflow PoC
- FreeBSD 5.4 / 6.0 (ptrace PT_LWPINFO) Local Denial of Service Exploit
- phpBB Insert User Mod <= 0.1.2 Remote File Include Exploit
- phpht Topsites (common.php) Remote File Include Vulnerability
- Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit (linux)
- miniBB keyword_replacer <= 1.0 (pathToFiles) File Include Vulnerability
- AFGB GUESTBOOK 2.2 (Htmls) Remote File Include Vulnerabilities
- BulletProof FTP Client 2.45 Remote Buffer Overflow Exploit (PoC)
- phpBB Import Tools Mod <= 0.1.4 Remote File Include Vulnerability
- phpBB Ajax Shoutbox <= 0.0.5 Remote File Include Vulnerability
- phpBB SpamBlocker Mod <= 1.0.2 Remote File Include Exploit
- Redaction System 1.0 (lang_prefix) Remote File Include Exploit
- phpMyConferences <= 8.0.2 (menu.inc.php) File Include Vulnerability
- Open Conference Systems <= 1.1.4 (fullpath) File Include Vulnerabilities
- maluinfo <= 206.2.38 (bb_usage_stats.php) Remote File Include Exploit
- phpBB PlusXL <= 2.0_272 (constants.php) Remote File Include Exploit
- Genepi <= 1.6 (genepi.php) Remote File Include Vulnerability
- Cdsagenda <= 4.2.9 (SendAlertEmail.php) File Include Vulnerability
- FreeBSD <= 6.1-RELEASE-p10 (ftruncate) Local Denial of Service Exploit
- FreeBSD <= 6.1-RELEASE-p10 (scheduler) Local Denial of Service Exploit
- Solaris 10 (libnspr) Arbitrary File Creation Local Root Exploit
- phpBB Amazonia Mod (zufallscodepart.php) Remote File Include Exploit
- phpBB News Defilante Horizontale <= 4.1.1 Remote Include Exploit
- phpBB lat2cyr Mod 1.0.1 (lat2cyr.php) Remote File Include Exploit
- phpBB SpamOborona Mod <= 1.0b Remote File Include Exploit
- phpBB RPG Events 1.0 functions_rpg_events Remote File Include Exploit
- phpBB SearchIndexer Mod (archive_topic.php) Remote File Include Exploit
- phpBB Prillian French Mod <= 0.8.0 Remote File Include Exploit
- phpBB ACP User Registration Mod 1.0 File Inclusion Vulnerability
- phpBB Security <= 1.0.1 (php_security.php) Remote File Include Exploit
- YaBBSM 3.0.0 (Offline.php) Remote File Include Vulnerability
- cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
- CentiPaid <= 1.4.2 centipaid_class.php Remote File Include Vulnerability
- E-Uploader Pro <= 1.0 Image Upload with Code Execution Vulnerability
- IncCMS Core <= 1.0.0 (settings.php) Remote File Include Vulnerability
- Jinzora <= 2.6 (extras/mt.php) Remote File Include Vulnerability
- CyberBrau <= 0.9.4 (forum/track.php) Remote File Include Vulnerability
- CampSite <= 2.6.1 (g_documentRoot) Remote File Include Vulnerability
- NuralStorm Webmail <= 0.98b (process.php) Remote Include Vulnerability
- AROUNDMe <= 0.5.2 (templatePath) Remote File Include Vulnerability
- phpBurningPortal <= 1.0.1 (lang_path) Remote File Include Exploit
- phpBBFM <= 206-3-3 (phpbb_root_path) Remote File Include Exploit
- Xcode OpenBase <= 9.1.5 Local Root Exploit (OSX)
- DigitalHive <= 2.0 RC2 (base_include.php) Remote Include Vulnerability
- Def-Blog <= 1.0.3 (comadd.php) Remote SQL Injection Vulnerability
- webSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit
- Solaris 10 libnspr LD_PRELOAD Arbitrary File Creation Local Root Exploit
- OpenDock FullCore <= 4.4 Remote File Include Vulnerabilities
- Xfire <= 1.6.4 (Malicious Request) Remote Denial of Service Exploit (pl)
- Osprey <= 1.0 GetRecord.php Remote File Include Vulnerability
- Comdev One Admin 4.1 adminfoot.php Remote Code Execution Exploit
- Simplog <= 0.9.3.1 comments.php Remote SQL Injection Exploit
- Boonex Dolphin <= 5.2 index.php Remote Code Execution Exploit
- Specimen Image Database (client.php) Remote File Include Vulnerability
- P-News <= 1.16 Remote File Include Vulnerability
- phpMyManga <= 0.8.1 (template.php) Multiple File Include Vulnerabilities
- WoltLab Burning Book <= 1.1.2 Remote SQL Injection Exploit PoC
- Xcode OpenBase <= 9.1.5 (root file create) Local Root Exploit (OSX)
- NVIDIA Graphics Driver <= 8774 Local Buffer Overflow Exploit
- ALiCE-CMS 0.1 (CONFIG[local_root]) Remote File Include Vulnerability
- WSN Forum <= 1.3.4 (prestart.php) Remote Code Execution Exploit
- PHPRecipeBook <= 2.35 (g_rb_basedir) Remote File Include Exploit
- PHPmybibli <= 3.0.1 Multiple Remote File Inclusion Vulnerabilities
- Clam AntiVirus <= 0.88.4 CHM Chunk Name Length DoS PoC
- Clam AntiVirus <= 0.88.4 (rebuildpe) Remote Heap Overflow PoC
- Easynews <= 4.4.1 (admin.php) Authentication Bypass Vulnerability
- Brim <= 1.2.1 (renderer) Multiple Remote File Include Vulnerabilities
- phpPowerCards 2.10 (txt.inc.php) Remote Code Execution Vulnerability
- Php AMX 0.90 (plugins/main.php) Remote File Include Vulnerability
- Active Bulletin Board <= 1.1b2 Remote User Pass Change Exploit
- PHP-Post <= 1.01 (template) Remote Code Execution Exploit
- YapBB <= 1.2 Beta2 (yapbb_session.php) Remote File Include Exploit
- LoCal Calendar 1.1 (lcUser.php) Remote File Include Vulnerability
- EPNadmin <= 0.7 (constantes.inc.php) Remote File Include Exploit
- Asterisk <= 1.0.12 / 1.2.12.1 (chan_skinny) Remote Heap Overflow (PoC)
- PH Pexplorer <= 0.24 (explorer_load_lang.php) Local Include Exploit
- pandaBB (displayCategory) Remote File Include Vulnerabilities
- Segue CMS <= 1.5.8 (themesdir) Remote File Include Vulnerability
- Ipswitch IMail Server 2006 / 8.x (RCPT) Remote Stack Overflow Exploit
- Power Phlogger <= 2.0.9 (config.inc.php3) File Include Vulnerability
- Lou Portail 1.4.1 (admin_module.php) Remote File Include Vulnerability
- WGCC <= 0.5.6b (quiz.php) Remote SQL Injection Vulnerability
- RSSonate (xml2rss.php) Remote File Include Exploit
- CASTOR <= 1.1.1 (lib/rs.php) Remote File Include Exploit
- kawf <= 1.0 (main.php) Remote File Include Vulnerability
- Virtual Law Office (phpc_root_path) Remote File Include Vulnerabilities
- Open Meetings Filing Application Remote File Include Vulnerabilities
- Trawler Web CMS <= 1.8.1 Multiple Remote File Include Vulnerabilities
- PGOSD (misc/function.php3) Remote File Include Vulnerability
- MambWeather Mambo Module <= 1.8.1 Remote Include Vulnerability
- Net_DNS <= 0.3 (DNS/RR.php) Remote File Include Vulnerability
- SpeedBerg <= 1.2beta1 (SPEEDBERG_PATH) File Include Vulnerabilities
- JaxUltraBB <= 2.0 (delete.php) Remote Auto Deface Exploit
- PHP-Nuke <= 7.9 (Encyclopedia) Remote SQL Injection Exploit
- EZ-Ticket 0.0.1 (common.php) Remote File Include Vulnerability
- Fully Modded phpBB <= 2021.4.40 Multiple File Include Vulnerabilities
- OTSCMS <= 2.1.3 Multiple Remote File Include Vulnerabilities
- SourceForge <= 1.0.4 (database.php) Remote File Include Exploit
- WiClear <= 0.10 (path) Remote File Include Vulnerabilities
- QK SMTP <= 3.01 (RCPT TO) Remote Denial of Service Exploit
- MDweb <= 1.3 (chemin_appli) Remote File Include Vulnerabilities
- Jaws <= 0.5.2 (include/JawsDB.php) Remote File Include Vulnerability
- JumbaCMS 0.0.1 (includes/functions.php) Remote File Include Exploit
- MS Internet Explorer (ADODB Execute) Denial of Service PoC
- InteliEditor 1.2.x (lib.editor.inc.php) Remote File Include Vulnerability
- Ascended Guestbook <= 1.0.0 (embedded.php) File Include Exploit
- CMS Faethon <= 2.0 (mainpath) Remote File Include Exploit
- HP-UX 11i (swpackage) Stack Overflow Local Root Exploit
- HP-UX 11i (swmodify) Stack Overflow Local Root Exploit
- HP-UX 11i (swask) Format String Local Root Exploit
- HP-UX 11i (LIBC TZ enviroment variable) Local Root Exploit
- AEP SmartGate 4.3b (GET) Arbitrary File Download Exploit
- Cisco VPN 3000 Concentrator <= 4.1.7, 4.7.2 (FTP) Remote Exploit
- FreeBSD 6.1 (/dev/crypto) Local Kernel Denial of Service Exploit
- UeberProject <= 1.0 (login/secure.php) Remote File Include Vulnerability
- Solaris 10 libnspr constructor Local Root Exploit
- Berty Forum <= 1.4 (index.php) Remote Blind SQL Injection Exploit
- JaxUltraBB <= 2.0 Topic Reply Command Execution Exploit
- Discuz! 5.0.0 GBK SQL Injection / Admin Credentials Disclosure Exploit
- ArticleBeach Script <= 2.0 (index.php) Remote File Inclusion Vulnerability
- TextPattern <= 1.19 (publish.php) Remote File Inclusion Vulnerability
- Imageview <= 5 (Cookie/index.php) Remote Local Include Exploit
- CommentIT (PathToComment) Remote File Include Vulnerabilities
- QK SMTP <= 3.01 (RCPT TO) Remote Buffer Overflow Exploit
- RevilloC MailServer 1.x (RCPT TO) Remote Denial of Service Exploit
- MiniHttpServer Web Forum & File Sharing Server 4.0 Add User Exploit
- Php League <= 0.81 (config.php) Remote File Include Exploit
- MPCS <= 1.0 (path) Remote File Include Vulnerabilities
- ask_rave <= 0.9 PR (end.php footfile) Remote File Include Vulnerability
- miniBB <= 2.0.2 (bb_func_txt.php) Remote File Include Exploit
- MiniBill <= 20061010 (menu_builder.php) File Include Vulnerability
- MS Internet Explorer 7 Popup Address Bar Spoofing Weakness
- Light Blog Remote Multiple Vulnerabilities Exploit
- N/X WCMS <= 4.1 (nxheader.inc.php) Remote File Include Exploit
- Coppermine Photo Gallery 1.4.9 Remote SQL Injection Vulnerability
- Php League 0.82 (classement.php) Remote SQL Injection Exploit
- Hosting Controller <= 6.1 Hotfix 3.2 Remote Unauthenticated Vulns
- PhpShop Core <= 0.9.0 RC1 (PS_BASE) File Include Vulnerabilities
- PHPMyDesk 1.0beta (viewticket.php) Local Include Exploit
- freePBX 2.1.3 (upgrade.php) Remote File Include Vulnerability
- mp3SDS 3.0 (Core/core.inc.php) Remote File Include Vulnerability
- Electronic Engineering Tool (EE TOOL) <= 0.4.1 File Include Vulnerability
- MiraksGalerie <= 2.62 (pcltar.lib.php) Remote File Include Exploit
- Free Image Hosting <= 1.0 (forgot_pass.php) File Include Exploit
- Free File Hosting <= 1.1 (forgot_pass.php) File Include Exploit
- Novell eDirectory 8.8 NDS Server Remote Stack Overflow Exploit
- MS Windows NAT Helper Components (ipnathlp.dll) Remote DoS Exploit
- Simple Website Software 0.99 (common.php) File Include Vulnerability
- MySource CMS <= 2.16.2 (init_mysource.php) Remote File Include Exploit
- PHPEasyData Pro 2.2.2 (index.php) Remote SQL Injection Exploit
- Kaspersky Internet Security 6.0.0.303 IOCTL KLICK Local Exploit
- Netref 4 (cat_for_aff.php) Source Code Disclosure Exploit
- Faq Administrator 2.1 (faq_reply.php) Remote File Include Vulnerability
- PHPMyRing <= 4.2.1 (cherche.php) Remote SQL Injection Vulnerability
- PrivateWire Gateway 3.7 Remote Buffer Overflow Exploit (win32)
- QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Exploit
- MS Windows NAT Helper Components Remote DoS Exploit (perl)
- Techno Dreams Announcement (key) Remote SQL Injection Vulnerability
- Techno Dreams Guestbook 1.0 (key) Remote SQL Injection Vulnerability
- Nitrotech 0.0.3a (includes/common.php) Remote Code Execution Exploit
- phpBB Spider Friendly Module <= 1.3.10 File Include Exploit
- E Annu 1.0 Login Bypass SQL Injection Exploit
- phpProfiles 2.1 Beta Multiple Remote File Include Vulnerabilities
- Novell eDirectory <= 9.0 DHost Remote Buffer Overflow Exploit
- Easy File Sharing Web Server 4 Remote Information Stealer Exploit
- P-Book <= 1.17 (pb_lang) Remote File Inclusion Vulnerabilities
- GEPI <= 1.4.0 gestion/savebackup.php Remote File Include Vulnerability
- PwsPHP <= 1.1 (themes/fin.php) Remote File Include Vulnerablity
- T.G.S. CMS <= 0.1.7 (logout.php) Remote SQL Injection Exploit
- Mozilla Firefox <= 1.5.0.7/ 2.0 (createRange) Remote DoS Exploit
- Invision Power Board <= 2.1.7 (Debug) Remote Password Change Exploit
- Innovate Portal <= 2.0 (acp.php) Remote Code Execution Exploit
- 2BGal 3.0 (admin/configuration.inc.php) Local Inclusion Exploit
- EFS Easy Address Book Web Server <= 1.2 Remote File Stream Exploit
- Apple Airport 802.11 Probe Response Kernel Memory Corruption PoC
- TikiWiki 1.9.5 Sirius (sort_mode) Information Disclosure Vulnerability
- Lithium CMS <= 4.04c (classes/index.php) Local File Include Exploit
- Article System 0.6 (volume.php) Remote File Include Vulnerability
- FreeWebshop.org Script <= 2.2.2 Multiple Remote Vulnerabilities
- MODx CMS <= 0.9.2.1 (FCKeditor) Remote File Include Vulnerability
- PostNuke <= 0.763 (PNSV lang) Remote Code Execution Exploit
- Nullsoft Winamp <= 5.3 (Ultravox-Max-Msg) Heap Overflow DoS PoC
- Creasito E-Commerce Content Manager (admin) Authentication Bypass
- Ariadne <= 2.4 store_config[code] Remote File Include Vulnerabilities
- e107 <= 0.75 (e107language_e107cookie) Local File Include Exploit
- MDPro <= 1.0.76 (Cookie: PNSVlang) Local File Include Exploit
- Drake CMS < 0.2.3 ALPHA rev.916Remote File Inclusion Vulnerability
- PHPKIT <= 1.6.1R2 (search_user) Remote SQL Injection Exploit
- XM Easy Personal FTP Server <= 5.2.1 Remote Denial of Service Exploit
- Essentia Web Server 2.15 (GET Request) Remote DoS Exploit
- phpDynaSite <= 3.2.2 (racine) Remote File Include Vulnerabilities
- SazCart <= 1.5 (cart.php) Remote File Include Vulnerability
- Quick.Cms.Lite <= 0.3 (Cookie sLanguage) Local File Include Exploit
- PHP Classifieds <= 7.1 (detail.php) Remote SQL Injection Exploit
- Ultimate PHP Board <= 2.0 (header_simple.php) File Include Exploit
- Webdrivers Simple Forum (message_details.php) SQL Injection Exploit
- Soholaunch Pro <= 4.9 r36 Remote File Inclusion Vulnerabilities
- Cyberfolio <= 2.0 RC1 (av) Remote File Include Vulnerabilities
- Agora 1.4 RC1 (MysqlfinderAdmin.php) Remote File Include Vulnerability
- OpenEMR <= 2.8.1 (srcdir) Multiple Remote File Inclusion Vulnerabilities
- Article Script <= 1.6.3 (rss.php) Remote SQL Injection Vulnerability
- Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (meta)
- OpenLDAP 2.2.29 Remote Denial of Service Exploit (meta)
- iPrimal Forums (admin/index.php) Change User Password Exploit
- PHPGiggle 12.08 (CFG_PHPGIGGLE_ROOT) File Include Vulnerability
- iWare Pro <= 5.0.4 (chat_panel.php) Remote Code Execution Vulnerability
- WFTPD Pro Server 3.23.1.1 (APPE) Remote Buffer Overflow PoC
- WarFTPd 1.82.00-RC11 Remote Denial of Service Exploit
- PHPAdventure 1.1 (ad_main.php) Remote File Include Vulnerability
- Xcode OpenBase <= 10.0.0 (symlink) Local Root Exploit (OSX)
- Xcode OpenBase <= 10.0.0 (unsafe system call) Local Root Exploit (OSX)
- iPrimal Forums (admin/index.php) Remote File Include Vulnerability
- vBlog / C12 0.1 (cfgProgDir) Remote File Include Vulnerabilities
- IrayoBlog 0.2.4 (inc/irayofuncs.php) Remote File Include Vulnerability
- DodosMail <= 2.0.1 (dodosmail.php) Remote File Include Vulnerability
- MS Internet Explorer 6/7 (XML Core Services) Remote Code Exec Exploit
- LetterIt v2 (inc/session.php) Remote File Include Vulnerability
- gtcatalog <= 0.9.1 (index.php) Remote File Include Vulnerability
- AspPired2Poll <= 1.0 (MoreInfo.asp) Remote SQL Injection Exploit
- MyAlbum <= 3.02 (language.inc.php) Remote File Inclusion Vulnerability
- phpManta <= 1.0.2 (view-sourcecode.php) Local File Include Exploit
- MS Internet Explorer 6/7 (XML Core Services) Remote Code Exec Exploit 2
- EncapsCMS 0.3.6 (core/core.php) Remote File Include Vulnerability
- BrewBlogger 1.3.1 (printLog.php) Remote SQL Injection Vulnerability
- WORK System E-Commerce <= 3.0.1 Remote Include Vulnerability
- MS Internet Explorer 6/7 (XML Core Services) Remote Code Exec Exploit 3
- NuCommunity 1.0 (cl_CatListing.asp) Remote SQL Injection Exploit
- NuRems 1.0 (propertysdetails.asp) Remote SQL Injection Exploit
- NuStore 1.0 (Products.asp) Remote SQL Injection Vulnerability
- NuSchool 1.0 (CampusNewsDetails.asp) Remote SQL Injection Exploit
- phpwcms <= 1.2.6 (Cookie: wcs_user_lang) Local File Include Exploit
- PHPWind <= 5.0.1 (AdminUser) Remote Blind SQL Injection Exploit
- Rama CMS <= 0.68 (Cookie: lang) Local File Include Exploit
- Munch Pro 1.0 (switch.asp) Remote SQL Injection Exploit
- ASPPortal <= 4.0.0 (default1.asp) Remote SQL Injection Exploit
- UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability
- USupport 1.0 (detail.asp) Remote SQL Injection Vulnerability
- UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability
- CMSmelborp Beta (user_standard.php) Remote File Include Exploit
- StoryStream 4.0 (baseDir) Remote File Include Vulnerabilities
- ContentNow 1.30 (Local/Upload/Delete) Multiple Remote Vulnerabilities
- Quick.Cart <= 2.0 (actions_client/gallery.php) Local File Include Exploit
- Broadcom Wireless Driver Probe Response SSID Overflow Exploit (meta)
- D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (meta)
- Online Event Registration <= 2.0 (save_profile.asp) Pass Change Exploit
- Estate Agent Manager <= v1.3 (default.asp) Login Bypass Vulnerability
- Property Pro 1.0 (vir_Login.asp) Remote Login Bypass Vulnerability
- Phpjobscheduler 3.0 (installed_config_file) File Include Vulnerabilities
- ContentNow 1.30 (upload/xss) Multiple Remote Vulnerabilities
- Aigaion <= 1.2.1 (DIR) Remote File Include Vulnerabilities
- phpPeanuts 1.3 Beta (Inspect.php) Remote File Include Vulnerability
- ASP Smiley 1.0 (default.asp) Login ByPass SQL Injection Vulnerability
- NetVIOS <= 2.0 (page.asp) Remote SQL Injection Vulnerability
- BlogMe 3.0 (XSS/Auth Bypass) Multiple Remote Vulnerabilities
- Hpecs Shopping Cart Remote Login Bypass Vulnerability
- WinZIP <= 10.0.7245 (FileView ActiveX Control) Stack Overflow PoC
- Links 1.00pre12 (smbclient) Remote Code Execution Exploit
- WinZIP <= 10.0.7245 (FileView ActiveX) Remote Buffer Overflow Exploit
- TorrentFlux <= 2.2 (Create/Exec/Delete) Multiple Remote Vulnerabilities
- UniversalFTP 1.0.50 (MKD) Remote Denial of Service Exploit
- Kerio WebSTAR 5.4.2 (libucache.dylib) Privilege Escalation Exploit (OSX)
- MS Windows NetpManageIPCConnect Stack Overflow Exploit (MS06-070)
- Etomite CMS <= 0.6.1.2 (manager/index.php) Local File Include Exploit
- HTTP Upload Tool (download.php) Information Disclosure Vulnerability
- mg.applanix <= 1.3.1 (apx_root_path) Remote File Include Vulnerabilities
- DoSePa 1.0.4 (textview.php) Information Disclosure Vulnerability
- miniCWB <= 1.0.0 (contact.php) Local File Include Exploit
- Powies pForum <= 1.29a (editpoll.php) SQL Injection Vulnerability
- Powies MatchMaker 4.05 (matchdetail.php) SQL Injection Vulnerability
- mxBB Module calsnails 1.06 (mx_common.php) File Include Vulnerability
- MS Windows Wkssvc NetrJoinDomain2 Stack Overflow Exploit (MS06-070)
- MosReporter Joomla Component 0.9.3 Remote File Include Exploit
- Dicshunary 0.1a (check_status.php) Remote File Include Vulnerability
- MS Windows NetpManageIPCConnect Stack Overflow Exploit (py)
- Oxygen <= 1.1.3 (O2PHP Bulletin Board) Remote SQL Injection Exploit
- phpWebThings <= 1.5.2 (editor.php) Remote File Include Vulnerability
- PHP Easy Downloader <= 1.5 (save.php) Remote Code Execution Exploit
- ASPNuke <= 0.80 (register.asp) Remote SQL Injection Vulnerability
- PHPQuickGallery <= 1.9 (textFile) Remote File Include Vulnerability
- XMPlay 3.3.0.4 (M3U Filename) Local Buffer Overflow Exploit
- Photo Cart 3.9 (adminprint.php) Remote File Include Vulnerability
- e-Ark 1.0 (src/ark_inc.php) Remote File Include Vulnerability
- LDU <= 8.x (avatarselect id) Remote SQL Injection Vulnerability
- Seditio <= 1.10 (avatarselect id) Remote SQL Injection Vulnerability
- XMPlay 3.3.0.4 (PLS) Local/Remote Buffer Overflow Exploit
- ContentNow 1.39 (pageid) Remote SQL Injection Exploit
- aBitWhizzy (abitwhizzy.php) Information Disclosure Vulnerability
- XMPlay 3.3.0.4 (ASX Filename) Local Buffer Overflow Exploit
- Pearl Forums 2.4 Multiple Remote File Include Vulnerabilities
- phpPC <= 1.04 Multiple Remote File Inclusion Vulnerabilities
- fipsCMS <= 4.5 (index.asp) Remote SQL Injection Exploit
- fipsGallery <= 1.5 (index1.asp) Remote SQL Injection Vulnerability
- fipsForum <= 2.6 (default2.asp) Remote SQL Injection Vulnerability
- a-ConMan <= 3.2b (common.inc.php) Remote File Inclusion Vulnerability
- Messagerie Locale (centre.php) Remote File Inclusion Vulnerability
- Site News (centre.php) Remote File Inclusion Vulnerability
- Recipes Complete Website 1.1.14 Remote SQL Injection Vulnerabilities
- Wallpaper Complete Website 1.0.09 Remote SQL Injection Vulnerabilities
- JiRos FAQ Manager 1.0 (index.asp) Remote SQL Injection Vulnerability
- Oracle <= 9i / 10g (read/write/execute) Exploitation Suite
- HSRS 1.0 (addcode.php) Remote File Include Vulnerability
- OWLLib 1.0 (OWLMemoryProperty.php) Remote File Include Vulnerability
- PEGames (index.php) Remote File Include Vulnerability
- Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection Exploit
- Woltlab Burning Board Lite 1.0.2 Blind SQL Injection Exploit
- PHP-Nuke NukeAI Module 3b (util.php) Remote File Include Exploit
- Cahier de texte 2.0 (Database Backup/Source Disclosure) Remote Exploit
- Liberum Help Desk <= 0.97.3 (details.asp) SQL Injection Vulnerability
- Sisfo Kampus <= 0.8 Remote File Inclusion / Download Vulnerabilities
- Basic Forum <= 1.1 (edit.asp) Remote SQL Injection Vulnerability
- ASP-Nuke Community <= 1.5 Cookie Privilege Escalation Vulnerability
- Exhibit Engine <= 1.22 (styles.php) Remote File Include Vulnerability
- Hacks List phpBB Mod <= 1.21 Remote SQL Injection Vulnerability
- com_flyspray Mambo Com. <= 1.0.1 Remote File Disclosure Vulnerability
- SimpleBlog <= 2.3 (admin/edit.asp) Remote SQL Injection Vulnerability
- AT-TFTP <= 1.9 (Long Filename) Remote Buffer Overflow PoC
- 3Com TFTP Service <= 2.0.1 (Long Transporting Mode) Overflow PoC
- ProFTPD 1.3.0 (sreplace) Remote Stack Overflow Exploit (meta)
- PHP <= 4.4.4/5.1.6 htmlentities() Local Buffer Overflow PoC
- Evince Document Viewer (DocumentMedia) Buffer Overflow Exploit
- Discuz! 4.x SQL Injection / Admin Credentials Disclosure Exploit
- Quintessential Player <= 4.50.1.82 (Playlist) Denial of Service PoC
- Songbird Media Player <= 0.2 Format String Denial of Service PoC
- P-News v2 (user.txt) Remote Password Disclosure Vulnerability
- Kubix <= 0.7 Multiple Remote Vulnerabilities Exploit
- b2evolution 1.8.5 - 1.9b (import-mt.php) Remote File Include Vulnerability
- 3Com TFTP Service <= 2.0.1 (Long Transporting Mode) Overflow Exploit
- Acer LunchApp.APlunch (ActiveX Control) Command Execution Exploit
- PHPGraphy 0.9.12 Privilege Escalation / Commands Execution Exploit
- Serendipity <= 1.0.3 (comment.php) Local File Include Exploit
- VUPlayer <= 2.44 (M3U UNC Name) Buffer Overflow Exploit (meta)
- LDU <= 8.x (polls.php) Remote SQL Injection Vulnerability
- VUPlayer <= 2.44 (M3U UNC Name) Buffer Overflow Exploit (c)
- AtomixMP3 <= 2.3 Malformed M3U Buffer Overflow Exploit
- NetBSD FTPd / tnftpd Remote Stack Overflow PoC
- deV!Lz Clanportal [DZCP] <= 1.3.6 Arbitrary File Upload Vulnerability
- Invision Community Blog Mod 1.2.4 SQL Injection Vulnerability
- ContentServ 4.x (admin/FileServer.php) File Disclosure Vulnerability
- MS Windows spoolss GetPrinterData() Remote DoS Exploit (0day)
- BlazeVideo HDTV Player <= 2.1 Malformed PLF Buffer Overflow PoC
- Ultimate HelpDesk (XSS/Local File Disclosure) Vulnerabilities
- BBS E-Market Professional (Path Disclosure/Include) Multiple Vulns
- Simple File Manager 0.24a Multiple Remote Vulnerabilities
- awrate.com Message Board 1.0 (search.php) Remote Include Vulnerability
- mxBB Module mx_tinies <= 1.3.0 Remote File Include Vulnerability
- PHP Upload Center 2.0 (activate.php) File Include Vulnerabilities
- AT-TFTP <= 1.9 (Long Filename) Remote Buffer Overflow Exploit
- Envolution <= 1.1.0 (PNSVlang) Remote Code Execution Exploit
- QuickCart 2.0 (categories.php) Local File Inclusion Exploit
- php-revista <= 1.1.2 (adodb) Multiple Remote File Include Vulnerabilities
- cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability
- F-Prot Antivirus 4.6.6 (ACE) Denial of Service Exploit
- F-Prot Antivirus 4.6.6 (CHM) Heap Overflow Exploit PoC
- Phorum <= 3.2.11 (common.php) Remote File Include Vulnerability
- J-OWAMP Web Interface <= 2.1b (link) Remote File Include Exploit
- Tucows Client Code Suite (CSS) <= 1.2.1015 File Include Vulnerability
- CM68 News <= 12.02.06 (addpth) Remote File Inclusion Vulnerability
- ThinkEdit 1.9.2 (render.php) Remote File Inclusion Vulnerability
- paFileDB 3.5.2/3.5.3 Remote Login Bypass SQL Injection Vulnerability
- MS Windows DNS Resolution Remote Denial of Service PoC (MS06-041)
- Filezilla FTP Server 0.9.20b/0.9.21 (STOR) Denial of Service Exploit
- TorrentFlux 2.2 (downloaddetails.php) Local File Disclosure Exploit
- TorrentFlux 2.2 (maketorrent.php) Remote Command Execution Exploit
- mxBB Module Profile CP 0.91c Remote File Include Vulnerability
- Gizzar <= 03162002 (index.php) Remote File Include Vulnerability
- Fantastic News 2.1.4 (news.php) Remote SQL Injection Exploit
- SpotLight CRM 1.0 (login.asp) Remote SQL Injection Vulnerability
- Request For Travel 1.0 (product) Remote SQL Injection Vulnerability
- HR Assist <= 1.05 (vdateUsr.asp) Remote Login ByPass Vulnerability
- Sophos Antivirus CHM File Heap Overflow PoC
- Sophos Antivirus CHM Chunk Name Length Memory Corruption PoC
- Sophos / Trend Micro Antivirus RAR File Denial of Service PoC
- phpAlbum <= 0.4.1 Beta 6 (language.php) Local File Inclusion Exploit
- Filezilla FTP Server <= 0.9.21 (LIST/NLST) Denial of Service Exploit
- D-Link DWL-2000AP 2.11 (ARP Flood) Remote Denial of Service Exploit
- Golden FTP server 1.92 (USER/PASS) Heap Overflow PoC
- mxBB Module ErrorDocs 1.0 (common.php) Remote Inclusion Vulnerability
- mxBB Module Activity Games 0.92 Remote File Include Vulnerability
- Barman 0.0.1r3 (interface.php) Remote File Include Vulnerability
- mxBB Module mx_modsdb 1.0 Remote File Include Vulnerability
- Microsoft Word Document (malformed pointer) Proof of Concept
- BLOG:CMS <= 4.1.3 (NP_UserSharing.php) Remote Inclusion Vulnerability
- mxBB Module kb_mods <= 2.0.2 Remote Inclusion Vulnerabilities
- mxBB Module newssuite 1.03 Remote File Inclusion Exploit
- Crob FTP Server 3.6.1 build 263 (LIST/NLST) Denial of Service Exploit
- PhpMyCms <= 0.3 (basic.inc.php) Remote File Include Vulnerability
- ProFTPD <= 1.3.0a (mod_ctrls support) Local Buffer Overflow PoC
- MS Internet Explorer 7 (DLL-load hijacking) Code Execution Exploit PoC
- yaplap <= 0.6.1b (ldap.php) Remote File Include Exploit
- AR Memberscript (usercp_menu.php) Remote File Include Vulnerability
- Kerio MailServer 6.2.2 preauth Remote Denial of Service PoC
- OpenLDAP <= 2.4.3 (KBIND) Remote Buffer Overflow Exploit
- Sambar FTP Server 6.4 (SIZE) Remote Denial of Service Exploit
- Windows Media Player 9/10 (MID File) Denial Of Service Exploit
- GNU InetUtils ftpd 1.4.2 (ld.so.preload) Remote Root Exploit
- extreme-fusion <= 4.02 Remote Code Execution Exploit
- Bandwebsite <= 1.5 (Login) Remote Add Admin Exploit
- mxBB Module WebLinks <= 2.05 Remote Inclusion Vulnerability
- mxBB Module Charts <= 1.0.0 Remote File Inclusion Vulnerability
- mxBB Module Meeting <= 1.1.2 Remote FileInclusion Vulnerability
- Star FTP Server 1.10 (RETR) Remote Denial of Service Exploit
- Azucar CMS <= 1.3 (admin/index_sitios.php) File Inclusion Vulnerability
- VerliAdmin <= 0.3 (index.php) Remote File Include Exploit
- Uploader & Downloader 3.0 (id_user) Remote SQL Injection Vulnerability
- MS Office Outlook Recipient Control (ole32.dll) Denial of Service Exploit
- wget <= 1.10.2 (Unchecked Boundary Condition) Denial of Service Exploit
- RateMe <= 1.3.2 (main.inc.php) Remote File Include Vulnerability
- Intel 2200BG 802.11 Beacon frame Kernel Memory Corruption Exploit
- DeepBurner 1.8.0 .dbr File Parsing Buffer Overflow Exploit
- Oracle <= 9i / 10g (extproc) Local/Remote Command Execution Exploit
- WinFtp Server 2.0.2 (PASV) Remote Denial of Service Exploit
- PHP-Update <= 2.7 extract() Auth Bypass / Shell Inject Exploit
- KDE 3.5 (libkhtml) <= 4.2.0 / Unhandled HTML Parse Exception Exploit
- Paristemi 0.8.3b (buycd.php) Remote File Include Vulnerability
- phpProfiles <= 3.1.2b Multiple Remote File Include Vulnerabilities
- PHPFanBase 2.x (protection.php) Remote File Include Vulnerability
- cwmVote 1.0 (archive.php) Remote File Include Vulnerability
- Oracle <= 9i / 10g File System Access via utl_file Exploit
- cwmCounter 5.1.1 (statistic.php) Remote File Include Exploit
- Hewlett-Packard FTP Print Server <= 2.4.5 Buffer Overflow (PoC)
- Burak Yilmaz Download Portal (down.asp) SQL Injection Vulnerability
- cwmExplorer 1.0 (show_file) Source Code Disclosure Vulnerability
- Valdersoft Shopping Cart 3.0 Multiple Remote File Include Vulnerabilities
- TextSend <= 1.5 (config/sender.php) Remote File Include Vulnerability
- RealPlayer 10.5 (ActiveX Control) Denial of Service Exploit
- MS Windows (MessageBox) Memory Corruption Local Denial of Service
- PHP Advanced Transfer Manager <= 1.30 Source Code Disclosure Exploit
- Php/Mysql Site Builder 0.0.2 (htm2php.php) File Disclosure Vulnerability
- Newxooper-php 0.9.1 (mapage.php) Remote File Include Vulnerability
- PgmReloaded <= 0.8.5 Multiple Remote File Include Vulnerabilities
- DREAM FTP Server 1.0.2 (PORT) Remote Denial of Service Exploit
- PowerClan <= 1.14a (footer.inc.php) Remote File Include Vulnerability
- Http explorer Web Server 1.02 Directory Transversal Vulnerability
- Ixprim CMS 1.2 Remote Blind SQL Injection Exploit
- inertianews 0.02b (inertianews_main.php) Remote Include Vulnerability
- MKPortal M1.1.1 (Urlobox) Cross Site Request Forgery Vulnerability
- XM Easy Personal FTP Server 5.2.1 (USER) Format String DoS Exploit
- KISGB <= 5.1.1 (authenticate.php) Remote File Include Vulnerability
- EternalMart Guestbook 1.10 (admin/auth.php) Remote Inclusion Vuln
- Open Newsletter <= 2.5 Multiple Remote Vulnerabilities Exploit (update)
- 3editor CMS <= 0.42 (index.php) Local File Include Vulnerability
- b2 Blog <= 0.5 (b2verifauth.php) Remote File Include Vulnerability
- SH-News 0.93 (misc.php) Remote File Include Exploit
- acFTP FTP Server 1.5 (REST/PBSZ) Remote Denial of Service Exploit
- Enthrallweb ePhotos 1.0 (subLevel2.asp) SQL Injection Vulnerability
- Enthrallweb eHomes 1.0 Multiple (SQL/XSS) Vulnerabilities
- Enthrallweb eJobs (newsdetail.asp) Remote SQL Injection Exploit
- Enthrallweb eCars 1.0 (types.asp) Remote SQL Injection Vulnerability
- Enthrallweb emates 1.0 (newsdetail.asp) Remote SQL Injection Exploit
- Enthrallweb ePages (actualpic.asp) Remote SQL Injection Exploit
- Dragon Business Directory <= 3.01.12 (ID) SQL Injection Vulnerability
- Calendar MX BASIC <= 1.0.2 (ID) Remote SQL Injection Vulnerability
- Enthrallweb eClassifieds 1.0 Remote User Pass Change Exploit
- Enthrallweb eCoupons 1.0(myprofile.asp) Remote Pass Change Exploit
- Enthrallweb eNews 1.0 Remote User Pass Change Exploit
- File Upload Manager <= 1.0.6 (detail.asp) Remote SQL Injection Exploit
- Newsletter MX <= 1.0.2 (ID) Remote SQL Injection Exploit
- Ultimate PHP Board <= 2.0b1 (chat/login.php) Code Execution Exploit
- Pagetool CMS <= 1.07 (pt_upload.php) Remote File Include Vulnerability
- Ananda Real Estate <= 3.4 (agent) Remote SQL Injection Vulnerability
- HLStats <=1.34 (hlstats.php) Remote SQL Injection Exploit
- Jinzora <= 2.7 (include_path) Multiple Remote File Include Vulnerabilities
- eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities
- MTCMS <= 2.0 (admin/admin_settings.php) Remote File Include Exploit
- PhpbbXtra 2.0 (phpbb_root_path) Remote File Include Vulnerability
- Irokez CMS <= 0.7.1 Multiple Remote File Include Vulnerabilities
- Ciberia Content Federator <= 1.0.1 (path) Remote File Include Exploit
- Shadowed Portal Module Character Roster (mod_root) RFI Vulnerability
- myphpNuke Module My_eGallery 2.5.6 (basepath) RFI Vulnerability
- Fishyshoop <= 0.930b Remote Add Administrator Account Exploit
- Okul Merkezi Portal 1.0 (ataturk.php) Remote File Include Vulnerability
- MS Windows NetrWkstaUserEnum() Remote DoS Exploit (0day)
- logahead UNU edition 1.0 Remote Upload File / Code Execution Vuln
- The Classified Ad System 1.0 (main) Remote SQL Injection Exploit
- Cahier de texte 2.2 Bypass General Access Protection Exploit
- PHP-Update <= 2.7 Multiple Remote Vulnerabilities Exploit
- mxBB Module pafiledb <= 2.0.1b Remote File Include Vulnerability
- myPHPCalendar 10192000b (cal_dir) Remote File Include Vulnerabilities
- PHP-Update <= 2.7 (admin/uploads.php) Remote Code Execution Exploit
- ProFTPD <= 1.2.9 rc2 (ASCII File) Remote Root Exploit
- MS Windows ASN.1 Remote Exploit (MS04-007)
- KsIRC 1.3.12 (PRIVMSG) Remote Buffer Overflow PoC
- MS Windows NtRaiseHardError Csrss.exe Memory Disclosure Exploit
- Yrch 1.0 (plug.inc.php path variable) Remote File Include Exploit
- Bubla <= 1.0.0rc2 (bu/process.php) Remote File Include Vulnerability
- Fantastic News <= 2.1.4 Multiple Remote File Include Vulnerabilities
- Limbo CMS Module event 1.0 Remote File Include Vulnerability
- Cacti <= 0.8.6i cmd.php popen() Remote Injection Exploit
- RealPlayer 10.5 ierpplug.dll Internet Explorer Denial of Service Exploit
- aFAQ 1.0 (faqDsp.asp catcode) Remote SQL Injection Vulnerability
- WYWO - InOut Board 1.0 Multiple Remote Vulnerabilities
- phpBB2 Plus 1.53 (Acronym Mod) Remote SQL Injection Vulnerability
- AIDeX Mini-WebServer <= 1.1 Remote Denial of Service Crash Exploit
- ASPTicker 1.0 (admin.asp) Login ByPass SQL Injection Vulnerability
- WebText <= 0.4.5.2 Remote Code Execution Exploit
- Durian Web Application Server 3.02 Remote Buffer Overflow Exploit
- Durian Web Application Server 3.02 Denial of Service Exploit
- EasyNews PRO News Publishing 4.0 Password Disclosure Vulnerability
- Adobe Reader 7.0.8.0 AcroPDF.dll Internet Explorer Denial of Service
- Macromedia Flash 8 (Flash8b.ocx) Internet Explorer Denial of Service
- Macromedia Shockwave 10 (SwDir.dll) Internet Explorer Denial of Service
- x-news 1.1 (users.txt) Remote Password Disclosure Vulnerability
- Voodoo chat 1.0RC1b (users.dat) Password Disclosure Vulnerability
- Cacti 0.8.6i (copy_cacti_user.php) SQL Injection Create Admin Exploit
- SoftArtisans SAFileUp 5.0.14 (viewsrc.asp) Script Source Disclosure
- FreeStyle Wiki <= 3.6.2 (user.dat) Password Disclosure Vulnerability
- Click N Print Coupons <= V2006.01 (key) Remote SQL Injection Exploit
- IMGallery <= 2.5 Create Uploader Script Exploit
- Enigma 2 Coppermine Bridge (boarddir) Remote File Include Vulnerability
- Enigma 2 WordPress Bridge (boarddir) Remote File Include Vulnerability
- MS Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free
- Vz (Adp) Forum 2.0.3 Remote Password Disclosure Vulnerablity
- P-News 1.16 / 1.17 (user.dat) Remote Password Disclosure Vulnerablity
- WinZIP 10.0 FileView ActiveX Controls Remote Overflow Exploit
- Formbankserver 1.9 (Name) Remote Denial of Service Exploit
- MDForum <= 2.0.1 (PNSVlang) Remote Code Execution Exploit
- Rediff Bol Downloader (ActiveX Control) Execute Local File Exploit
- Bubla <= 0.9.2 (bu_dir) Multiple Remote File Include Vulnerabilities
- RBlog 1.0 (admin.mdb) Remote Password Disclosure Vulnerablity
- Vizayn Haber (haberdetay.asp id variable) SQL Injection Vulnerability
- autoDealer <= 2.0 (detail.asp iPro) Remote SQL Injection Vulnerability
- Formbankserver 1.9 (Name) Directory Transversal Vulnerability
- Apple Quicktime (rtsp URL Handler) Stack Buffer Overflow Exploit
- WWWBoard 2.0 (passwd.txt) Remote Password Disclosure Vulnerability
- newsCMSlite (newsCMS.mdb) Remote Password Disclosure Vulnerability
- QK SMTP <= 3.01 (RCPT TO) Remote Buffer Overflow Exploit (pl)
- TaskTracker <= 1.5 (Customize.asp) Remote Add Administrator Exploit
- VLC Media Player 0.8.6 (udp://) Format String Exploit PoC (ppc)
- VLC Media Player 0.8.6 (udp://) Format String Exploit (x86)
- Microsoft Vista (NtRaiseHardError) Privilege Escalation Exploit
- Apple Quicktime (rtsp URL Handler) Buffer Overflow Exploit (win2k)
- LocazoList <= 2.01a beta5 (subcatID) Remote SQL Injection Vulnerability
- E-SMARTCART 1.0 (product_id) Remote SQL Injection Vulnerability
- VerliAdmin <= 0.3 (language.php) Local File Inclusion Exploit
- Simple Web Content Management System Remote SQL Injection Exploit
- Apple Quicktime <= 7.1.3 (HREFTrack) Cross-Zone Scripting Exploit
- Acunetix WVS <= 4.0 20060717 HTTP Sniffer Component Remote DoS
- Aratix <= 0.2.2b11 (inc/init.inc.php) Remote File Include Vulnerability
- iLife iPhoto Photocast (XML title) Remote Format String PoC
- DigiRez <= 3.4 (book_id) Remote SQL Injection Exploit
- iG Calendar 1.0 (user.php id variable) Remote SQL Injection Vulnerability
- iG Shop 1.0 (eval/sql injection) Multiple Remote Vulnerabilities
- Adobe Acrobat Reader Plugin <= 7.0.x (acroreader) XSS Vulnerability
- Coppermine Photo Gallery <= 1.4.10 Remote SQL Injection Exploit
- CA BrightStor ARCserve (tapeeng.exe) Remote Buffer Overflow Exploit
- Mac OS X 10.4.8 DiskManagement BOM Local Privilege Escalation Exploit
- Mac OS X 10.4.8 DiskManagement BOM (cron) Privilege Escalation Exploit
- QUOTE&ORDERING SYSTEM 1.0 (ordernum) Multiple Vulnerabilities
- NUNE News Script 2.0pre2 Multiple Remote File Include Vulnerabilities
- L2J Statistik Script <= 0.09 (index.php page) Local File Include Exploit
- NaviCOPA Web Server 2.01 (GET) Remote Buffer Overflow Exploit meta
- AllMyGuests <= 0.3.0 (AMG_serverpath) Remote Inclusion Vulnerabilities
- OpenBSD 3.x - 4.0 vga_ioctl() Local Root Exploit
- Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit
- AllMyLinks <= 0.5.0 (index.php) Remote File Include Vulnerability
- AllMyVisitors 0.4.0 (index.php) Remote File Inclusion Vulnerability
- OmniWeb 5.5.1 Javascript alert() Remote Format String PoC
- Berlios GPSD <= 2.7 Remote Format String Exploit (meta)
- Magic Photo Storage Website _config[site_path] File Include Vuln
- Opera <= 9.10 JPG Image DHT Marker Heap Corruption Vulnerabilities
- Application Enhancer (APE) 2.0.2 Local Privilege Escalation Exploit
- @lex Guestbook <= 4.0.2 Remote Command Execution Exploit
- PPC Search Engine 1.61 (INC) Multiple Remote File Include Vulnerabilities
- MOTIONBORG Web Real Estate <= 2.1 SQL Injection Vulnerability
- uniForum <= v4 (wbsearch.aspx) Remote SQL Injection Vulnerability
- FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (meta)
- Axiom Photo/News Gallery 0.8.6 Remote File Include Exploit
- Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit
- Mac OS X 10.4.8 Apple Finder DMG Volume Name Memory Corruption PoC
- MS Windows Explorer (WMF) CreateBrushIndirect DoS Exploit
- eIQnetworks Network Security Analyzer Null Pointer Dereference Exploit
- Jshop Server 1.3 (fieldValidation.php) Remote File Include Vulnerability
- Article System 0.1 (INCLUDE_DIR) Remote File Include Vulnerabilities
- VP-ASP Shopping Cart 6.09 (SQL/XSS) Multiple Remote Vulnerabilities
- sNews <= 1.5.30 Remote Reset Admin Pass / Command Exec Exploit
- LunarPoll 1.0 (show.php PollDir) Remote File Include Vulnerability
- TLM CMS <= 1.1 (i-accueil.php chemin) Remote File Include Vulnerability
- VLC Media Player 0.8.6a Unspecified Denial of Service Exploit
- Mint Haber Sistemi 2.7 (duyuru.asp id) Remote SQL Injection Vulnerability
- Poplar Gedcom Viewer <= 2.0 (common.php) Remote Inclusion Vuln
- DigiAffiliate <= 1.4 (visu_user.asp id) Remote SQL Injection Exploit
- FdWeB Espace Membre <= 2.01 (path) Remote File Include Exploit
- ThWboard <= 3.0b2.84-php5 SQL Injection / Code Execution Exploit
- JV2 Folder Gallery 3.0 (download.php) Remote File Disclosure Exploit
- WFTPD Pro Server <= 3.25 SITE ADMN Remote Denial of Service Exploit
- Sami FTP Server 2.0.2 (USER/PASS) Remote Buffer Overflow PoC
- BolinTech DreamFTP (USER) Remote Buffer Overflow PoC
- Mac OS X 10.4.8 AppleTalk ATPsndrsp() Heap Buffer Overflow PoC
- Kaspersky Antivirus 6.0 Local Privilege Escalation Exploit
- TFTPDWIN 0.4.2 Remote Buffer Overflow Exploit
- Mercur Messaging 2005 IMAP Remote Buffer Overflow Exploit
- KGB <= 1.9 (sesskglogadmin.php) Local File Include Exploit
- Okul Web Otomasyon Sistemi 4.0.1 Remote SQL Injection Vulnerability
- MS Internet Explorer VML Remote Buffer Overflow Exploit (MS07-004)
- Twilight Webserver 1.3.3.0 (GET) Remote Denial of Service Exploit
- Colloquy <= 2.1.3545 (INVITE) Format String Denial of Service Exploit
- Sami FTP Server 2.0.2 (USER/PASS) Remote Buffer Overflow Exploit
- MGB 0.5.4.5 (email.php id variable) Remote SQL Injection Exploit
- CCRP Folder Treeview Control (ccrpftv6.ocx) IE Denial of Service Exploit
- Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit
- Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit 2
- PHPMyphorum 1.5a (mep/frame.php) Remote File Include Vulnerability
- Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit 3
- Uberghey 0.3.1 (frontpage.php) Remote File Include Vulnerability
- MS Internet Explorer VML Download and Execute Exploit (MS07-004)
- Microsoft Help Workshop 4.03.0002 (.CNT) Buffer Overflow Exploit
- Oreon <= 1.2.3 RC4 (lang/index.php file) Remote InclusionVulnerability
- Mac OS X 10.4.8 SLP Daemon Service Registration Buffer Overflow PoC
- ComVironment 4.0 (grab_globals.lib.php) Remote File Include Vulnerability
- phpBP <= RC3 (2.204) (sql/cmd) Remote Code Execution Exploit
- GNU/Linux mbse-bbs <= 0.70.0 Local Buffer Overflow Exploit
- BrowseDialog Class (ccrpbds6.dll) Internet Explorer Denial of Service
- Rumpus 5.1 Local Privilege Escalation / Remote FTP LIST PoC Exploit
- DivX Player 6.4.1 (DivXBrowserPlugin npdivx32.dll) IE DoS
- Intel Centrino ipw2200BG Wireless Driver Remote Overflow PoC
- Microsoft Help Workshop 4.03.0002 (.HPJ) Buffer Overflow Exploit
- Transmit.app <= 3.5.5 ftps:// URL Handler Heap Buffer Overflow PoC
- PhpSherpa (include/config.inc.php) Remote File Include Vulnerability
- Bradabra <= 2.0.5 (include/includes.php) Remote Inclusion Vulnerability
- Neon Labs Website <= 3.2 (nl.php g_strRootDir) Remote Inclusion Vuln
- phpIndexPage <= 1.0.1 (config.php) Remote Inclusion Exploit
- MySpeach <= 2.1b (up.php) Remote Inclusion Vulnerability
- Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC
- Mac OS X 10.4.x Kernel shared_region_map_file_np() Memory Corruption
- Sun Microsystems Java GIF File Parsing Memory Corruption Exploit
- WebChat 0.77 (defines.php WEBCHATPATH) Remote File Include Vuln
- 3Com TFTP Service <= 2.0.1 Remote Buffer Overflow Exploit (meta)
- Mafia Scum Tools 2.0.0 (index.php gen) Remote File Include Exploit
- webSPELL 4.01.02 (gallery.php) Remote Blind SQL Injection Exploit
- Mac OS X 10.4.8 System Preferences Local Privilege Escalation Exploit
- Upload Service 1.0 (top.php maindir) Remote File Inclusion Vulnerability
- VisoHotlink 1.01 functions.visohotlink.php Remote File Include Exploit
- Microsoft Visual C++ (.RC Resource Files) Local Buffer Overflow Exploit
- Oracle 10g SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL/SQL Injection
- Oracle 10g SYS.KUPW$WORKER.MAIN PL/SQL Injection Exploit
- Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL/SQL Injection Exploit
- Vote-Pro 4.0 (poll_frame.php poll_id) Remote Code Execution Exploit
- Mac OS X 10.4.8 (UserNotificationCenter) Privilege Escalation Exploit
- Sami HTTP Server 2.0.1 (HTTP 404 - Object not found) DoS Exploit
- BBClone 0.31 (selectlang.php) Remote File Inclusion Vulnerability
- phpXD <= 0.3 (path) Remote File Inclusion Vulnerability
- RPW 1.0.2 (config.php sql_language) Remote File Inclusion Vulnerability
- ASP EDGE <= 1.2b (user.asp) Remote SQL Injection Vulnerability
- ASP NEWS <= v3 (news_detail.asp) Remote SQL Injection Vulnerability
- PA168 Chipset IP Phones Weak Session Management Exploit
- MS Windows Explorer (AVI) Unspecified Denial of Service Exploit
- vhostadmin 0.1 (MODULES_DIR) Remote File Inclusion Vulnerability
- Xero Portal (phpbb_root_path) Remote File Include Vulnerablity
- Microsoft Excel Malformed Palette Record DoS PoC (MS07-002)
- makit Newsposter Script v3 Remote SQL Injection Vulnerability
- GPS CMS 1.2 (print.asp) Remote SQL Injection Vulnerability
- Aztek Forum 4.0 Multiple Vulnerabilities Exploit
- Forum Livre 1.0 (SQL Injection / XSS) Multiple Remote Vulnerabilities
- Virtual Path 1.0 (vp/configure.php) Remote File Include Vulnerability
- Apple CFNetwork HTTP Response Denial of Service Exploit (rb code)
- MyPHPcommander 2.0 (package.php) Remote File Include Vulnerability
- AINS 0.02b (ains_main.php ains_path) Remote File Include Vulnerability
- FdScript <= 1.3.2 (download.php) Remote File Disclosure Vulnerability
- Citrix Metaframe Presentation Server Print Provider Buffer Overflow PoC
- nsGalPHP (includes/config.inc.php racineTBS) Remote Inclusion Vuln
- ACGVclick <= 0.2.0 (path) Remote File Include Vulnerability
- Drunken:Golem Portal 0.5.1 Alpha 2 Remote File Include Exploit
- ACGVannu <= 1.3 (index2.php) Remote User Pass Change Vulnerability
- Xt-Stats v.2.4.0.b3 (server_base_dir) Remote File Include Vulnerability
- chernobiLe Portal 1.0 (default.asp) Remote SQL Injection Vulnerability
- CA BrightStor ARCserve (msgeng.exe) Remote Heap Overflow Exploit
- phpMyReports <= 3.0.11 (lib_head.php) Remote File Include Vulnerability
- Trend Micro VirusWall 3.81 (vscan/VSAPI) Local Buffer Overflow Exploit
- EclipseBB 0.5.0 Lite (phpbb_root_path) Remote File Include Exploit
- Foro Domus 2.10 (phpbb_root_path) Remote File Include Exploit
- xNews 1.3 (xNews.php) Remote SQL Injection Vulnerability
- PhP Generic library & framework (include_path) RFI Vulnerability
- CA BrightStor ARCserve (msgeng.exe) Remote Heap Overflow Exploit 2
- Mac OS X 10.4.8 (8L2127) crashdump Privilege Escalation Exploit
- Multiple Printer Providers (spooler service) Privilege Escalation Exploit
- GuppY <= 4.5.16 Remote Commands Execution Exploit
- Webfwlog <= 0.92 (debug.php) Remote File Disclosure Vulnerability
- CVSTrac 2.0.0 Post-Attack Database Resurrection DoS Exploit
- Intel 2200BG 802.11 disassociation packet Kernel Memory Corruption
- Galeria Zdjec <= 3.0 (zd_numer.php) Local File Include Exploit
- PHPFootball 1.6 (show.php) Remote Database Disclosure Vulnerability
- CascadianFAQ <= 4.1 (index.php) Remote SQL Injection Vulnerability
- MyNews <= 4.2.2 (themefunc.php) Remote File Include Vulnerability
- Dev-C++ 4.9.9.2 CPP File Parsing Local Stack Overflow PoC
- Apple iChat Bonjour 3.1.6.441 Multiple Denial of Service Exploit
- phpBB2 MODificat <= 0.2.0 (functions.php) Remote Include Vulnerability
- Michelles L2J Dropcalc <= v4 Remote SQL Injection Vulnerability
- Fullaspsite Asp Hosting Sitesi (tr) SQL Injection Vulnerability
- ExoPHPDesk <= 1.2.1 (faq.php) Remote SQL Injection Vulnerability
- Phpbb Tweaked <= 3 (phpbb_root_path) Remote Inclusion Vulnerability
- Hailboards 1.2.0 (phpbb_root_path) Remote File Include Vulnerability
- Cadre PHP Framework Remote File Include Vulnerability
- PHPMyRing <= 4.1.3b (fichier) Remote File Include Vulnerability
- Extcalendar <= 2 (profile.php) Remote User Pass Change Exploit
- JV2 Folder Gallery <= 3.0 Remote File Include Vulnerability
- Hunkaray Duyuru Scripti (tr) Remote SQL Injection Exploit
- Omegaboard <= 1.0beta4 (functions.php) Remote File Include Vuln
- Cerulean Portal System 0.7b Remote File Include Vulnerability
- CA BrightStor ARCserve (lgserver.exe) Remote Stack Overflow Exploit
- SIPS <= 0.3.1 (box.inc.php) Remote File Include Vulnerability
- phpEventMan 1.0.2 (level) Remote File Include Vulnerabilities
- Epistemon 1.0 (common.php inc_path) Remote File Include Vulnerability
- CA BrightStor ARCserve 11.5.2.0 (catirpc.dll) RPC Server DoS Exploit
- WebBuilder 2.0 (StageLoader.php) Remote File Include Vulnerability
- Portail Web Php <= 2.5.1 (includes.php) Remote File Inclusion Vuln
- CoD2: DreamStats <= 4.2 (index.php) Remote File Include Vulnerability
- EQdkp <= 1.3.1 (Referer Spoof) Remote Database Backup Vulnerability
- Flipper Poll 1.1.0 (poll.php root_path) Remote File Include Vulnerability
- Remotesoft .NET Explorer 2.0.1 Local Stack Overflow PoC
- F3Site <= 2.1 Remote Code Execution Exploit
- dB Masters Curium CMS <= 1.03 (c_id) Remote SQL Injection Vulnerability
- Chicken of the VNC 2.0 (NULL-pointer) Remote Denial of Service Exploit
- phpBB ezBoard converter 0.2 (ezconvert_dir) Remote File Include Exploit
- phpBB++ Build 100 (phpbb_root_path) Remote File Include Exploit
- Microsoft Word 2000 Unspecified Code Execution Exploit (0day)
- Photo Galerie Standard <= 1.1 (view.php) SQL Injection Vulnerability
- Woltlab Burning Board Lite <= 1.0.2pl3e (pms.php) SQL Injection Exploit
- KDPics <= 1.11 (exif.php lib_path) Remote File Include Vulnerability
- Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit
- Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (meta)
- Flip 2.01 final (previewtheme.php inc_path) RFI Vulnerability
- Geeklog 2 (BaseView.php) Remote File Inclusion Vulnerability
- SMA-DB <= 0.3.9 (settings.php) Remote File Inclusion Vulnerability
- Oracle 9i/10g DBMS_EXPORT_EXTENSION SQL Injection Exploit
- Categories hierarchy phpBB Mod 2.1.2 (phpbb_root_path) RFI Exploit
- GGCMS <= 1.1.0 RC1 Remote Code Execution Exploit
- MS Internet Explorer 6 (mshtml.dll) Null Pointer Dereference Exploit
- HP Tru64 Alpha OSF1 v5.1 (ps) Information Leak Exploit
- MySQL 4.x/5.0 User-Defined Function Command Execution Exploit (win)
- LightRO CMS 1.0 (inhalt.php) Remote File Include Vulnerability
- FlashFXP 3.4.0 build 1145 Remote Buffer Overflow DoS Exploit
- SmartFTP Client 2.0.1002 Remote Heap Overflow DoS Exploit
- Kisisel Site 2007 (tr) Remote SQL Injection Vulnerability
- Alibaba Alipay (Remove ActiveX) Remote Code Execution Exploit
- AgerMenu 0.01 (top.inc.php rootdir) Remote File Include Vulnerability
- WebMatic 2.6 (index_album.php) Remote File Include Vulnerability
- Advanced Poll <= 2.0.5-dev Remote Admin Session Generator Exploit
- OTSCMS <= 2.1.5 (SQL/XSS) Multiple Remote Vulnerabilities
- Maian Recipe 1.0 (path_to_folder) Remote File Include Vulnerability
- Site-Assistant <= v0990 (paths[version]) Remote File Include Exploit
- LightRO CMS 1.0 (index.php projectid) Remote SQL Injection Exploit
- LushiNews <= 1.01 (comments.php) Remote SQL Injection Exploit
- LushiWarPlaner 1.0 (register.php) Remote SQL Injection Exploit
- Axigen <= 2.0.0b1 Remote Denial of Service Exploit
- Axigen <= 2.0.0b1 Remote Denial of Service Exploit (2)
- SAP Web Application Server 6.40 Arbitrary File Disclosure Exploit
- OPENi-CMS Site Protection Plugin Remote File Inclusion Vulnerability
- SunOS 5.10/5.11 in.telnetd Remote Authentication Bypass Exploit
- IP3 NetAccess < 4.1.9.6 Remote Arbitrary File Disclosure Vulnerability
- Philboard <= 1.14 (philboard_forum.asp) SQL Injection Vulnerability
- uTorrent 1.6 build 474 (announce) Key Remote Heap Overflow Exploit
- AT Contenator <= v1.0 (Root_To_Script) Remote File Include Exploit
- Xaran Cms <= 2.0 (xarancms_haupt.php) SQL Injection Exploit
- phpCC <= 4.2 beta (nickpage.php npid) Remote SQL Injection Exploit
- Advanced Poll <= 2.0.5-dev Remote Code Execution Exploit
- PollMentor 2.0 (pollmentorres.asp id) SQL Injection Vulnerability
- Lotus Domino <= R6 Webmail Remote Password Hash Dumper Exploit
- Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit
- MiniWebsvr <= 0.0.6 Remote Resource Consumption DoS Exploit
- nabopoll 1.2 Remote Unprotected Admin Section Vulnerability
- MailEnable Professional/Enterprise <= 2.35 Out of Bounds DoS Exploit
- ActSoft DVD-Tools (dvdtools.ocx) Remote Buffer Overflow Exploit PoC
- MailEnable Professional/Enterprise <= 2.37 Denial of Service Exploit
- Jupiter CMS 1.1.5 (index.php) Local/Remote File Include Vulnerability
- Jupiter CMS 1.1.5 (Client-IP) Remote SQL Injection Exploit
- Jupiter CMS 1.1.5 Remote File Upload Exploit
- Drupal < 5.1 (post comments) Remote Command Execution Exploit v2
- Drupal < 4.7.6 (post comments) Remote Command Execution Exploit v2
- ZebraFeeds 1.0 (zf_path) Remote File Include Vulnerabilities
- nabopoll 1.2 (survey.inc.php path) Remote File Include Vulnerability
- CodeAvalanche News 1.x (CAT_ID) Remote SQL Injection Vulnerability
- Aktueldownload Haber scripti (id) Remote SQL Injection Vulnerability
- MailEnable Enterprise <= 2.32 - 2.34 Remote Buffer Overflow Exploit
- MailEnable Professional 2.35 Remote Buffer Overflow Exploit
- Snitz Forums 2000 v3.1 SR4 (pop_profile.asp) SQL Injection Vulnerability
- VS-News-System <= 1.2.1 (newsordner) Remote File Include Exploit
- VS-Link-Partner <= 2.1 (script_pfad) Remote File Include Exploit
- Htaccess Passwort Generator 1.1 (ht_pfad) RFI Vulnerability
- webSPELL 4.01.02 (showonly) Remote Blind SQL Injection Exploit
- Vivvo Article Manager 3.4 (root) Local File Inclusion Vulnerability
- XLAtunes 0.1 (album) Remote SQL Injection Vulnerability
- S-Gastebuch <= 1.5.3 (gb_pfad) Remote File Include Exploit
- Axigen eMail Server 2.0.0b2 (pop3) Remote Format String Exploit
- ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit
- VicFTPS < 5.0 (CWD) Remote Buffer Overflow Exploit PoC
- Xpression News 1.0.1 (archives.php) Remote File Disclosure Exploit
- ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit 2
- PHP-Nuke Module Emporium <= 2.3.0 Remote SQL Injection Exploit
- IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (meta)
- Ultimate Fun Book 1.02 (function.php) Remote File Include Vulnerability
- NukeSentinel 2.5.05 (nsbypass.php) Blind SQL Injection Exploit
- NukeSentinel 2.5.05 (nukesentinel.php) File Disclosure Exploit
- Online Web Building 2.0 (id) Remote SQL Injection Vulnerability
- Mozilla Firefox <= 2.0.0.1 (location.hostname) Cross-Domain Vulnerability
- TurboFTP 5.30 Build 572 (newline/LIST) Multiple Remote DoS Exploit
- News Rover 12.1 Rev 1 Remote Stack Overflow Exploit
- FTP Voyager <= 14.0.0.3 (CWD) Remote Stack Overflow Exploit PoC
- PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
- PHP-Nuke <= 8.0 Final (INSERT) Remote SQL Injection Exploit
- PHP-Nuke <= 8.0 Final (HTTP Referers) Remote SQL Injection Exploit
- FTP Explorer 1.0.1 Build 047 (CPU consumption) Remote DoS Exploit
- SendStudio <= 2004.14 (ROOTDIR) Remote File Inclusion Vulnerability
- News Bin Pro 5.33 (.NBI File) Local Buffer Overflow Exploit
- BrowseDialog Class (ccrpbds6.dll) Multiple Methods DoS Exploit
- webSPELL <= 4.01.02 (topic) Remote SQL Injection Exploit
- Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit
- DBImageGallery 1.2.2 (donsimg_base_path) RFI Vulnerabilities
- DBGuestbook 1.1 (dbs_base_path) Remote File Include Vulnerabilities
- Nabopoll 1.2 (result.php surv) Remote Blind SQL Injection Exploit
- Nortel SSL VPN Linux Client <= 6.0.3 Local Privilege Escalation Exploit
- deV!Lz Clanportal [DZCP] <= 1.4.5 Remote File Disclosure Vulnerability
- Oracle 10g KUPW$WORKER.MAIN Grant/Revoke dba Permission Exploit
- Oracle 10g KUPV$FT.ATTACH_JOB Grant/Revoke dba Permission Exploit
- FlashGameScript 1.5.4 (index.php func) Remote File Include Vulnerability
- eFiction <= 3.1.1 (path_to_smf) Remote File Include Vulnerabilities
- Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit
- Oracle 9i/10g DBMS_METADATA.GET_DDL SQL Injection Exploit
- Oracle 9i/10g ACTIVATE_SUBSCRIPTION SQL Injection Exploit
- FCRing <= 1.31 (fcring.php s_fuss) Remote File Include Vulnerability
- Sinapis 2.2 Gastebuch (sinagb.php fuss) Remote File Include Vulnerability
- Sinapis Forum 2.2 (sinapis.php fuss) Remote File Include Vulnerability
- News Rover 12.1 Rev 1 Remote Stack Overflow Exploit (perl)
- Extreme phpBB 3.0.1 (functions.php) Remote File Include Exploit
- Coppermine Photo Gallery 1.3.x Remote Blind SQL Injection Exploit
- CS-Gallery 2.0 (index.php album) Remote File Include Exploit
- phpBB Module NoMoKeTos Rules 0.0.1 Remote File Include Exploit
- PHP-MIP 0.1 (top.php laypath) Remote File Include Vulnerability
- Oracle 10g KUPW$WORKER.MAIN SQL Injection Exploit v2
- Oracle 10g KUPV$FT.ATTACH_JOB SQL Injection Exploit v2
- Oracle 9i/10g DBMS_METADATA.GET_DDL SQL Injection Exploit v2
- Oracle 9i/10g ACTIVATE_SUBSCRIPTION SQL Injection Exploit v2
- STWC-Counter <= 3.4.0 (downloadcounter.php) RFI Exploit
- Kiwi CatTools TFTP <= 3.2.8 Remote Path Traversal Vulnerability
- NetProxy <= 4.03 Web Filter Evasion / Bypass Logging Exploit
- Admin Phorum 3.3.1a (del.php include_path) RFI Vulnerability
- Plan 9 Kernel (devenv.c OTRUNC/pwrite) Local Exploit
- Ubuntu/Debian Apache 1.3.33/1.3.34 (CGI TTY) Local Root Exploit
- XM Easy Personal FTP Server 5.30 (ABOR) Format String DoS Exploit
- McAfee VirusScan for Mac (Virex) <= 7.7 Local Root Exploit
- vBulletin <= 3.6.4 (inlinemod.php postids) Remote SQL Injection Exploit
- 3Com TFTP Service <= 2.0.1 (Long Transporting Mode) Exploit (perl)
- madwifi <= 0.9.2.1 WPA/RSN IE Remote Kernel Buffer Overflow Exploit
- Angel LMS 7.1 (default.asp id) Remote SQL Injection Vulnerability
- Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow Exploit
- DivX Web Player 1.3.0 (npdivx32.dll) Remote Denial of Service Exploit
- phpMyFAQ <= 1.6.7 Remote SQL Injection / Command Execution Exploit
- PHP 4 Userland ZVAL Reference Counter Overflow Exploit PoC
- WebMod 0.48 (Content-Length) Remote Buffer Overflow Exploit PoC
- PHP <= 4.4.4 unserialize() ZVAL Reference Counter Overflow Exploit PoC
- MailEnable Pro/Ent <= 2.37 (APPEND) Remote Buffer Overflow Exploit
- Mani Stats Reader <= 1.2 (ipath) Remote File Include Vulnerability
- Netrek 2.12.0 pmessage2() Remote Limited Format String Exploit
- webSPELL <= 4.01.02 Multiple Remote SQL Injection Exploit
- webSPELL <= 4.01.02 Remote PHP Code Execution Exploit
- Rigter Portal System (RPS) 6.2 Remote Blind SQL Injection Exploit
- PHP wddx_deserialize() String Append Crash Exploit
- PHP 4.4.3 - 4.4.6 phpinfo() Remote XSS Vulnerability
- News-Letterman 1.1 (eintrag.php sqllog) Remote File Include Exploit
- Asterisk <= 1.2.15 / 1.4.0 pre-auth Remote Denial of Service Exploit
- AJ Auction Pro All Versions (subcat.php) Remote SQL Injection Exploit
- AJ Dating 1.0 (view_profile.php) Remote SQL Injection Exploit
- AJ Classifieds 1.0 (postingdetails.php) Remote SQL Injection Exploit
- AJ Forum 1.0 (topic_title.php) Remote SQL Injection Exploit
- RRDBrowse <= 1.6 Remote Arbitrary File Disclosure Vulnerability
- PHP < 4.4.5 / 5.2.1 php_binary Session Deserialization Information Leak
- PHP < 4.4.5 / 5.2.1 WDDX Session Deserialization Information Leak
- Konqueror 3.5.5 (JavaScript Read of FTP Iframe) DoS Exploit
- Links Management Application 1.0 (lcnt) Remote SQL Injection Exploit
- PHP <= 4.4.6 mssql_[p]connect() Local Buffer Overflow Exploit
- Mercury/32 Mail Server <= 4.01b (check) Buffer Overflow Exploit PoC
- MS Windows (.doc File) Malformed Pointers Denial of Service Exploit
- WinZip <= 10.0.7245 FileView ActiveX Buffer Overflow Exploit v2
- Macromedia 10.1.4.20 SwDir.dll Internet Explorer Stack Overflow DoS
- Winamp <= 5.12 (Crafted PLS) Remote Buffer Overflow Exploit (perl)
- PHP-Nuke Module PostGuestbook 0.6.1 (tpl_pgb_moddir) RFI Vulnerability
- PHP <= 5.2.1 substr_compare() Information Leak Exploit
- mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability
- PHP < 4.4.5 / 5.2.1 (shmop Functions) Local Code Execution Exploit
- PHP < 4.4.5 / 5.2.1 (shmop) SSL RSA Private-Key Disclosure Exploit
- Flat Chat 2.0 (include online.txt) Remote Code Execution Vulnerability
- PHP COM extensions (inconsistent Win32) safe_mode Bypass Exploit
- Adobe Reader plug-in AcroPDF.dll 8.0.0.0 Resource Consumption
- PHP 4.4.6 crack_opendict() Local Buffer Overflow Exploit PoC
- TFTPDWIN Server 0.4.2 (UDP) Denial of Service Exploit
- Rediff Toolbar ActiveX Control Remote Denial of Service Exploit
- Snort 2.6.1.1/2.6.1.2/2.7.0 (fragementation) Remote DoS Exploit
- netForo! 0.1 (down.php file_to_download) Remote File Disclosure Vuln
- WEBO (Web Organizer) <= 1.0 (baseDir) Remote File Inclusion Vuln
- GaziYapBoz Game Portal (kategori.asp) Remote SQL Injection Vuln
- Magic CMS 4.2.747 (mysave.php file) Remote File Include Vulnerability
- PHP 4.4.6 snmpget() object id Local Buffer Overflow Exploit PoC
- PHP 5.2.0 / PHP with PECL ZIP <= 1.8.3 zip:// URL Wrapper BoF Exploit
- Linux Omnikey Cardman 4040 driver Local Buffer Overflow Exploit PoC
- PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC
- PMB Services <= 3.0.13 Multiple Remote File Inclusion Vulnerability
- MS Internet Explorer (FTP Server Response) DoS Exploit (MS07-016)
- Grayscale Blog 0.8.0 (Security Bypass/SQL/XSS) Multiple Remote Vulns
- WORK system e-commerce <= 3.0.5 Remote File Inclusion Vulnerability
- HC Newssystem 1.0-1.4 (index.php ID) Remote SQL Injection Vulnerability
- NukeSentinel <= 2.5.06 (mysql >= 4.0.24) Remote SQL Injection Exploit
- Oracle 10g (PROCESS_DUP_HANDLE) Local Privilege Elevation (win32)
- PHP <= 5.2.0 ext/filter FDF Post Filter Bypass Exploit
- MS Windows DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption
- PostNuke Module phgstats 0.5 (phgdir) Remote File Include Exploit
- JobSitePro 1.0 (search.php) Remote SQL Injection Exploit
- Top Auction 1.0 (viewcat.php) Remote SQL Injection Exploit
- SonicMailer Pro <= 3.2.3 (index.php) Remote SQL Injection Exploit
- AssetMan <= 2.4a (download_pdf.php) Remote File Disclosure Vuln
- cPanel <= 10.9.x (fantastico) Local File Inclusion Vulnerabilities
- PHP 5.2.0 ext/filter Space Trimming Buffer Underflow Exploit (MacOSX)
- TFTP Server 1.3 Remote Buffer Overflow Denial of Service Exploit
- NewsReactor 20070220 Article Grabbing Remote BoF Exploit (1)
- NewsReactor 20070220 Article Grabbing Remote BoF Exploit (2)
- News Bin Pro 4.32 Article Grabbing Remote Unicode BoF Exploit
- OES (Open Educational System) 0.1beta Remote File Inclusion Vuln
- BP Blog 7.0 (default.asp layout) Remote SQL Injection Vulnerability
- GestArt beta 1 (aide.php aide) Remote File Inclusion Vulnerability
- MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability
- X-ice News System 1.0 (devami.asp id) SQL Injection Vulnerability
- JGBBS 3.0beta1 (search.asp author) SQL Injection Exploit
- Activist Mobilization Platform (AMP) 3.2 Remote File Include Vuln
- CARE2X 1.1 (root_path) Remote File Inclusion Vulnerability
- WebCreator <= 0.2.6-rc3 (moddir) Remote File Inclusion Vulnerability
- WarFTP 1.65 (USER) Remote Buffer Overflow Exploit (win2k SP4)
- Zomplog <= 3.7.6 Local File Inclusion Vulnerabilty (win32)
- WSN Guest 1.21 (comments.php id) Remote SQL Injection Exploit
- Dayfox Blog 4 (postpost.php) Remote Code Execution Vulnerability
- PHP <= 5.2.1 session_regenerate_id() Double Free Exploit
- PHP 5.2.0/5.2.1 Rejected Session ID Double Free Exploit
- Orion-Blog 2.0 (AdminBlogNewsEdit.asp) Remote Auth Bypass Vuln
- WarFTP 1.65 (USER) Remote Buffer Overflow SEH Overflow Exploit
- Woltlab Burning Board 2.x (usergroups.php) Remote SQL Injection Exploit
- WebLog (index.php file) Remote File Disclosure Vulnerability
- Company WebSite Builder PRO 1.9.8 (INCLUDE_PATH) RFI Vulnerability
- Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability
- CcMail 1.0.1 (update.php functions_dir) Remote File Inclusion Exploit
- PHP <= 4.4.6 ibase_connect() Local Buffer Overflow Exploit
- Creative Guestbook 1.0 Multiple Remote Vulnerabilities
- WBBlog (XSS/SQL) Multiple Remote Vulnerabilities
- OpenBSD ICMPv6 Fragment Remote Execution Exploit PoC
- WebCalendar 0.9.45 (includedir) Remote File Inclusion Vulnerability
- Absolute Image Gallery 2.0 (gallery.php categoryid) SQL Injection Vuln
- McGallery 0.5b (download.php) Arbitrary File Download Vulnerability
- CA BrightStor ARCserve (msgeng.exe) Remote Stack Overflow Exploit
- Php-Stats <= 0.1.9.1b (PC-REMOTE-ADDR) SQL Injection Exploit
- Php-Stats <= 0.1.9.1b (ip) Remote SQL Injection Exploit
- Creative Files 1.2 (kommentare.php) Remote SQL Injection Vulnerability
- PHP <= 4.4.6 / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit
- Particle Blogger <= 1.2.0 (post.php postid) Remote SQL Injection Exploit
- PHP DB Designer <= 1.02 Remote File Include Vulnerabilities
- Php-Stats <= 0.1.9.1b (php-stats-options.php) admin 2 exec() eExploit
- MPM Chat 2.5 (view.php logi) Local File Include Vulnerability
- Active PHP Bookmark Notes <= 0.2.5 Remote File Inclusion Exploit
- Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution
- Guestbara <= 1.2 Change Admin Login and Password Exploit
- ScriptMagix FAQ Builder <= 2.0 (index.php) Remote SQL Injection Exploit
- Moodle <= 1.5.2 (moodledata) Remote Session Disclosure Vulnerability
- ScriptMagix Jokes <= 2.0 (index.php catid) Remote SQL Injection Exploit
- ScriptMagix Recipes <= 2.0 (index.php catid) SQL Injection Exploit
- ScriptMagix Photo Rating <= 2.0 Remote SQL Injection Exploit
- iFrame for Phpnuke (iframe.php) Remote File Inclusion Vulnerability
- Katalog Plyt Audio (pl) <= 1.0 Remote SQL Injection Exploit
- Avant Browser <= 11.0 build 26 Remote Stack Overflow Crash Exploit
- ScriptMagix Lyrics <= 2.0 (index.php recid) SQL Injection Exploit
- MetaForum <= 0.513 Beta Remote File Upload Exploit
- PHP 5.2.0 header() Space Trimming Buffer Underflow Exploit (MacOSX)
- PHP-Nuke Module splattforum 4.0 RC1 Local File Inclusion Exploit
- phpBB Minerva Mod <= 2.0.21 build 238a SQL Injection Vulnerability
- NetVios Portal (page.asp) Remote SQL Injection Vulnerability
- pragmaMX Module Landkarten 2.1 Local File Inclusion Exploit (win)
- GeBlog 0.1 GLOBALS[tplname] Local File Inclusion Exploit (win)
- FTPDMIN 0.96 (LIST) Remote Denial of Service Exploit
- PHP-Nuke Module htmltonuke 2.0alpha (htmltonuke.php) RFI Vuln
- PHP <= 4.4.6 / 5.2.1 ext/gd Already Freed Resources Usage Exploit
- Cisco Phone 7940/7960 (SIP INVITE) Remote Denial of Service Exploit
- Mercur IMAPD 5.00.14 Remote Denial of Service Exploit (win32)
- phpRaid < 3.0.7 (rss.php phpraid_dir) Remote File Inclusion Exploit
- PHP <= 5.2.1 hash_update_file() Freed Resource Usage Exploit
- Monster Top List <= 1.4.2 (functions.php root_path) RFI Exploit
- Helix Server 11.0.1 Remote Heap Overflow Exploit (win2k SP4)
- Study planner (Studiewijzer) <= 0.15 Remote File Inclusion Vulnerability
- Digital Eye CMS 0.1.1b (module.php) Remote File Inclusion Vulnerability
- Active Link Engine (default.asp catid) Remote SQL Injection Vulnerability
- Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit
- Active Photo Gallery (default.asp catid) SQL Injection Vulnerability
- Mercur Messaging 2005 IMAP (SUBSCRIBE) Remote Exploit (win2k SP4)
- php-revista <= 1.1.2 Multiple Remote SQL Injection Vulnerabilities
- Mambo Component nfnaddressbook 0.4 Remote File Inclusion Vulnerability
- Mercur Messaging 2005 <= SP4 IMAP Remote Exploit (egghunter mod)
- FutureSoft TFTP Server 2000 Remote SEH Overwrite Exploit
- ClassWeb 2.0.3 (BASE) Remote File Inclusion Vulnerabilities
- PortailPhp 2.0 (idnews) Remote SQL Injection Exploit
- Microsoft DNS Server (Dynamic DNS Updates) Remote Exploit
- LMS <= 1.8.9 Vala Remote File Inclusion Vulnerabilities
- aspWebCalendar 4.5 (calendar.asp eventid) SQL Injection Vulnerability
- 0irc-client v1345 build20060823 Denial of Service Exploit
- RoseOnlineCMS 3 beta2 (op) Local File Inclusion Exploit
- Active Trade v 2 (default.asp catid) Remote SQL Injection Vulnerability
- ActiveBuyandSell 6.2 (buyersend.asp catid) SQL Injection Vulnerability
- Active Auction Pro 7.1 (default.asp catid) SQL Injection Vulnerability
- Philex <= 0.2.3 RFI / File Disclosure Remote Vulnerabilities
- dproxy <= 0.5 Remote Buffer Overflow Exploit (meta 2.7)
- Ethernet Device Drivers Frame Padding Info Leakage Exploit (Etherleak)
- Active Newsletter <= 4.3 (ViewNewspapers.asp) SQL Injection Exploit
- Joomla/Mambo Component SWmenuFree 4.0 RFI Vulnerability
- eWebquiz <= V.8 (eWebQuiz.asp) Remote SQL Injection Exploit
- PHP 5.2.1 unserialize() Local Information Leak Exploit
- Joomla Component Joomlaboard 1.1.1 (sbp) RFI Vulnerability
- Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit
- Net-Side.net CMS (index.php cms) Remote File Inclusion Vulnerability
- ttCMS <= v4 (ez_sql.php lib_path) Remote File Inclusion Vulnerability
- Joomla Component Car Manager <= 1.1 Remote SQL Injection Exploit
- Joomla Component RWCards <= 2.4.3 Remote SQL Injection Exploit
- Asterisk <= 1.2.16 / 1.4.1 SIP INVITE Remote Denial of Service Exploit
- Mambo Module Flatmenu <= 1.07 Remote File Include Exploit
- Free Image Hosting <= 2.0 (AD_BODY_TEMP) Remote File Inclusion Vulns
- PBlang <= 4.66z Remote Create Admin Exploit
- WarFTP 1.65 (USER) Remote Buffer Overlow Exploit (multiple targets)
- PHP < 4.4.5 / 5.2.1 _SESSION unset() Local Exploit
- PHP < 4.4.5 / 5.2.1 _SESSION Deserialization Overwrite Exploit
- PBlang 4.66z Remote Code Execution Exploit
- Frontbase <= 4.2.7 Remote Buffer Overflow Exploit (windows)
- PHP 5.2.1 with PECL phpDOC Local Buffer Overflow Exploit
- MS Internet Explorer Recordset Double Free Memory Exploit (MS07-009)
- FreeBSD mcweject 0.9 (eject) Local Root Buffer Overflow Exploit
- Easy File Sharing FTP Server 2.0 (PASS) Remote Exploit (Win2K SP4)
- IceBB 1.0-rc5 Remote Create Admin Exploit
- IceBB 1.0-rc5 Remote Code Execution Exploit
- PHP-Nuke Module Addressbook 1.2 Local File Inclusion Exploit
- C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability
- Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit v2
- Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit
- PHP 4.4.5 / 4.4.6 session_decode() Double Free Exploit PoC
- Linux Kernel <= 2.6.20 with DCCP Support Memory Disclosure Exploit
- XOOPS module Articles <= 1.02 (print.php id) SQL Injection Exploit
- NaviCOPA Web Server 2.01 Remote Buffer Overflow Exploit (meta)
- Joomla Component D4JeZine <= 2.8 Remote BLIND SQL Injection Exploit
- PHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability
- Web Content System 2.7.1 Remote File Inclusion Exploit
- Corel Wordperfect X3 13.0.0.565 (.PRS) Local Buffer Overflow Exploit
- XOOPS module Articles <= 1.03 (index.php cat_id) SQL Injection Exploit
- Linux Kernel <= 2.6.20 with DCCP Support Memory Disclosure Exploit v2
- iPhotoAlbum 1.1 (header.php) Remote File Include Vulnerability
- XOOPS Module Friendfinder <= 3.3 (view.php id) SQL Injection Exploit
- MangoBery CMS 0.5.5 (quotes.php) Remote File Inclusion Vulnerability
- CodeBB 1.0 beta 2 (phpbb_root_path) Remote File Inclusion Vulnerability
- Softerra Time-Assistant <= 6.2 (inc_dir) Remote File Inclusion Vuln
- sBLOG 0.7.3 Beta (inc/lang.php) Local File Inclusion Exploit
- IBM Lotus Domino Server 6.5 (username) Remote Denial of Service Exploit
- XOOPS Module MyAds Bug Fix <= 2.04jp (index.php) SQL Injection Exploit
- CA BrightStor Backup 11.5.2.0 (Mediasvr.exe) Remote Code Exploit
- Picture-Engine <= 1.2.0 (wall.php cat) Remote SQL Injection Exploit
- Mozilla Firefox 2.0.0.3 / Gran Paradiso 3.0a3 DoS Hang / Crash Exploit
- Kaqoo Auction (install_root) Multiple Remote File Include Vulnerabilities
- Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability
- Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow Exploit (linux)
- ActSoft DVD-Tools (dvdtools.ocx) Remote Buffer Overflow Exploit
- JC URLshrink 1.3.1 Remote Code Execution Vulnerability
- XOOPS Module Repository (viewcat.php) Remote SQL Injection Exploit
- phpBB MOD Forum picture and META tags 1.7 RFI Vulnerability
- JSBoard 2.0.10 (login.php table) Local File Inclusion Vulnerability
- dproxy-nexgen Remote Root Buffer Overflow Exploit (x86-lnx)
- IBM Lotus Domino Server 6.5 PRE AUTH Remote Exploit
- MS Windows Animated Cursor (.ANI) Stack Overflow Exploit
- XOOPS Module Lykos Reviews 1.00 (index.php) SQL Injection Exploit
- XOOPS Module Library (viewcat.php) Remote SQL Injection Exploit
- XOOPS Module Core (viewcat.php) Remote SQL Injection Exploit
- XOOPS Module Tutoriais (viewcat.php) Remote SQL Injection Exploit
- WinMail Server 4.4 build 1124 (WebMail) Remote Add Super User Exploit
- XOOPS Module eCal <= 2.24 (display.php) Remote SQL Injection Exploit
- BT-sondage 1.12 (gestion_sondage.php) RFI Vulnerability
- XOOPS Module Tiny Event <= 1.01 (id) Remote SQL Injection Exploit
- XOOPS Module Kshop <= 1.17 (id) Remote SQL Injection Exploit
- IPSwitch IMail Server <= 8.20 IMAPD Remote Buffer Overflow Exploit
- CWB PRO 1.5 (INCLUDE_PATH) Remote File Inclusion Vulnerabilities
- XOOPS Module Camportail <= 1.1 (camid) Remote SQL Injection Exploit
- XOOPS Module debaser <= 0.92 (genre.php) BLIND SQL Injection Exploit
- Flexphpnews 0.0.5 (news.php newsid) Remote SQL Injection Vulnerability
- XOOPS Module myAlbum-P <= 2.0 (cid) Remote SQL Injection Exploit
- XOOPS Module RM+Soft Gallery 1.0 BLIND SQL Injection Exploit
- MS Windows XP/Vista Animated Cursor (.ANI) Remote Overflow Exploit
- MS Windows XP Animated Cursor (.ANI) Remote Overflow Exploit 2
- MS Windows Animated Cursor (.ANI) Remote Exploit (eeye patch bypass)
- MapLab MS4W 2.2.1 Remote File Inclusion Vulnerability
- PHP-Fusion Module topliste 1.0 (cid) Remote SQL Injection Vulnerability
- PHP-Fusion Module Arcade 1.0 (cid) Remote SQL Injection Vulnerability
- Really Simple PHP and Ajax (RSPA) 2007-03-23 RFI Vulnerability
- XOOPS Module WF-Section <= 1.01 (articleid) SQL Injection Exploit
- XOOPS Module XFsection <= 1.07 (articleid) BLIND SQL Injection Exploit
- XOOPS Module Zmagazine 1.0 (print.php) Remote SQL Injection Exploit
- MS Windows Animated Cursor (.ANI) Local Buffer Overflow Exploit
- IrfanView 3.99 (.ANI File) Local Buffer Overflow Exploit
- Ipswitch WS_FTP 5.05 Server Manager Local Site Buffer Overflow Exploit
- Frontbase <= 4.2.7 POST-AUTH Remote Buffer Overflow Exploit v2.2
- MS Windows Animated Cursor (.ANI) Universal Exploit Generator
- MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)
- MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit
- HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit
- XOOPS Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit
- Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit
- MySpeach <= 3.0.7 Remote/Local File Inclusion Vulnerability
- phpMyNewsletter 0.6.10 (customize.php l) RFI Vulnerability
- AROUNDMe 0.7.7 Multiple Remote File Inclusion Vulnerabilities
- CyBoards PHP Lite 1.21 (script_path) Remote File Include Exploit
- HP Mercury Quality Center Spider90.ocx ProgColor Overflow Exploit
- AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (meta)
- XOOPS Module WF-Snippets <= 1.02 (c) BLIND SQL Injection Exploit
- TrueCrypt <= 4.3 Local Privilege Escalation Exploit (CVE-2007-1738)
- Mutant 0.9.2 mutant_functions.php Remote File Inclusion Exploit
- XOOPS Module Rha7 Downloads 1.0 (visit.php) SQL Injection Exploit
- Sisplet CMS <= 05.10 (site_path) Remote File Inclusion Vulnerability
- CodeWand phpBrowse (site_path) Remote File Inclusion Vulnerability
- PHP-Generics 1.0.0 beta Multiple Remote File Inclusion Vulnerabilities
- XOOPS Module WF-Links <= 1.03 (cid) Remote SQL Injection Exploit
- phpMyNewsletter <= 0.8 (beta5) Multiple Vuln Exploit
- XOOPS Module Jobs <= 2.4 (cid) Remote SQL Injection Exploit
- WebSPELL <= 4.01.02 (picture.php) File Disclosure Vulnerability
- Wserve HTTP Server 4.6 (Long Directory Name) Denial of Service Exploit
- FileCOPA FTP Server <= 1.01 (LIST) Remote Buffer Overflow Exploit (2)
- Beryo 2.0 (downloadpic.php chemin) Remote File Disclosure Vulnerability
- cattaDoc 2.21 (download2.php fn1) Remote File Disclosure Vulnerability
- SmodBIP <= 1.06 (aktualnosci zoom) Remote SQL Injection Exploit
- SmodCMS <= 2.10 (Slownik ssid) Remote SQL Injection Exploit
- Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32)
- Scorp Book 1.0 (smilies.php config) Remote File Inclusion Vulnerability
- PHP-Nuke Module eBoard 1.0.7 GLOBALS[name] LFI Exploit
- MS Windows Explorer Unspecified .ANI File Denial of Service Exploit
- MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability
- WitShare 0.9 (index.php menu) Local File Inclusion Vulnerability
- ScarNews 1.2.1 (sn_admin_dir) Local File Inclusion Exploit
- MS Windows GDI Local Privilege Escalation Exploit (MS07-017)
- PcP-Guestbook 3.0 (lang) Local File Inclusion Vulnerabilities
- Microsoft Office Word 2007 Multiple Vulnerabilities
- Battle.net Clan Script for PHP 1.5.1 Remote SQL Injection Vulnerability
- IrfanView 3.99 .ANI File Local Buffer Overflow Exploit (multiple targets)
- MS Windows .HLP File Local HEAP Overflow PoC 0day
- PHP121 Instant Messenger 2.2 Local File Inclusion Vulnerability
- MS Windows Animated Cursor (.ANI) Local Overflow Exploit
- Pathos CMS 0.92-2 (warn.php file) Remote File Inclusion Vulnerability
- HIOX GUEST BOOK (HGB) 4.0 Remote Code Execution Vulnerability
- Kerberos 1.5.1 Kadmind Remote Root Buffer Overflow Vulnerability
- phpGalleryScript 1.0 (init.gallery.php include_class) RFI Vulnerability
- Weatimages <= 1.7.1 ini[langpack] Remote File Inclusion Vulnerability
- Crea-Book <= 1.0 Admin Access Bypass / DB Disclosure / Code Execution
- InoutMailingListManager <= 3.1 Remote Command Execution Exploit
- Joomla/Mambo Component Taskhopper 1.1 RFI Vulnerabilities
- pL-PHP beta 0.9 Multiple Remote Vulnerabilities
- SimpCMS <= 04.10.2007 (site) Remote File Inclusion Vulnerability
- Mambo Component zOOm Media Gallery <= 2.5 Beta 2 RFI Vulnerabilities
- TOSMO/Mambo 1.4.13a (absolute_path) Remote File Inclusion Vulns
- MiniWebsvr 0.0.7 Remote Directory Transversal Exploit
- Gran Paradiso 3.0a3 non-existent applet Denial of Service Exploit
- PunBB <= 1.2.14 Remote Code Execution Exploit
- CodeBreak 1.1.2 (codebreak.php) Remote File Inclusion Exploit
- Mambo Module Weather (absolute_path) RFI Vulnerability
- Mambo Module Calendar (Agenda) 1.5.5 RFI Vulnerability
- Joomla Component mosMedia <= 1.0.8 Remote File Inclusion Vulnerability
- Sami HTTP Server 2.0.1 POST Request Denial of Service Exploit
- mxBB Module MX Shotcast 1.0 RC2 (getinfo1.php) RFI Exploit
- WebKalk2 1.9.0 (absolute_path) Remote File Inclusion Vulnerability
- RicarGBooK 1.2.1 (header.php lang) Local File Inclusion Vulnerability
- MyBulletinBoard (MyBB) <= 1.2.2 (CLIENT-IP) SQL Injection Exploit
- e107 0.7.8 (mailout.php) Access Escalation Exploit (admin needed)
- Expow 0.8 (autoindex.php cfg_file) Remote File Inclusion Vulnerability
- Request It 1.0b (index.php id) Remote File Inclusion Vulnerability
- Aircrack-ng 0.7 (specially crafted 802.11 packets) Remote BoF Exploit
- Chatness <= 2.5.3 (options.php/save.php) Remote Code Execution Exploit
- Ettercap-NG 0.7.3 Remote Denial of Service Exploit
- VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit
- IE NCTAudioFile2.AudioFile ActiveX Remote Overflow Exploit
- QDBlog 0.4 (SQL Injection/LFI) Multiple Remote Vulnerabilities
- ProFTPD 1.3.0/1.3.0a (mod_ctrls) Local Overflow Exploit (exec-shield)
- Frogss CMS <= 0.7 Remote SQL Injection Exploit
- Garennes 0.6.1 (repertoire_config) Remote File Inclusion Vulnerabilities
- Pixaria Gallery 1.x (class.Smarty.php) Remote File Include Vulnerability
- Joomla Module AutoStand 1.0 Remote File Inclusion Vulnerability
- LS simple guestbook (v1) Remote Code Execution Vulnerability
- Mambo/Joomla Component Article 1.1 Remote File Inclusion Vulnerability
- MS Windows DNS RPC Remote Buffer Overflow Exploit (win2k SP4)
- XAMPP for Windows <= 1.6.0a mssql_connect() Remote BoF Exploit
- Papoo <= 3.02 (kontakt menuid) Remote SQL Injection Exploit
- MS Windows DNS DnssrvQuery Remote Stack Overflow Exploit
- CNStats 2.9 (who_r.php bj) Remote File Inclusion Vulnerability
- NMDeluxe 1.0.1 (footer.php template) Local File Inclusion Exploit
- Gallery 1.2.5 (GALLERY_BASEDIR) Multiple RFI Vulnerabilities
- audioCMS arash 0.1.4 (arashlib_dir) Remote File Inclusion Vulnerabilities
- Web Slider 0.6 (path) Remote File Inclusion Vulnerabilities
- MS Windows DNS RPC Remote Buffer Overflow Exploit (port 445) v2
- openMairie 1.10 (scr/soustab.php) Local File Inclusion Vulnerability
- SunShop Shopping Cart <= 3.5 (abs_path) RFI Vulnerabilities
- StoreFront for Gallery (GALLERY_BASEDIR) RFI Vulnerabilities
- XOOPS Module tsdisplay4xoops 0.1 Remote File Inclusion Vulnerability
- Anthologia 0.5.2 (index.php ads_file) Remote File Inclusion Vulnerability
- AjPortal2Php (PagePrefix) Remote File Inclusion Vulnerabilities
- Joomla Component JoomlaPack 1.0.4a2 RE (CAltInstaller.php) RFI
- MiniGal b13 (image backdoor) Remote Code Execution Exploit
- MS Windows GDI Local Privilege Escalation Exploit (MS07-017) 2
- Cabron Connector 1.1.0-Full Remote File Inclusion Vulnerability
- OllyDbg 1.10 Local Format String Exploit
- ShoutPro <= 1.5.2 (shout.php) Remote Code Injection Exploit
- Joomla Template Be2004-2 (index.php) Remote File Include Exploit
- jGallery 1.3 (index.php) Remote File Inclusion Vulnerability
- Mozzers SubSystem final (subs.php) Remote Code Execution Vulnerability
- AimStats 3.2 (process.php update) Remote Code Execution Exploit
- Rezervi 0.9 (root) Remote File Inclusion Vulnerabilities
- Zomplog 3.8 (force_download.php file) Remote File Disclosure Vuln
- OpenSurveyPilot <= 1.2.1 Remote File Inclusion Vulnerability
- Mx Module Smartor Album FAP 2.0 RC 1 Remote File Inclusion Vuln
- CreaDirectory 1.2 (error.asp id) Remote SQL Injection Vulnerability
- Winamp <= 5.3 (WMV File) Remote Denial of Service Exploit
- eXtremail <= 2.1.1 DNS Parsing Bugs Remote Exploit PoC
- Foxit Reader 2.0 (PDF) Remote Denial of Service Exploit
- Supasite 1.23b Multiple Remote File Inclusion Vulnerabilities
- Photofiltre Studio v8.1.1 (.TIF File) Local Buffer Overflow Exploit
- JChit counter 1.0.0 (imgsrv.php ac) Remote File Disclosure Vulnerability
- PHP-Ring Webring System 0.9 Remote SQL Injection Vulnerability
- Maran PHP Forum (forum_write.php) Remote Code Execution Vulnerability
- ACDSee 9.0 (.XPM File) Local Buffer Overflow Exploit
- XnView 1.90.3 (.XPM File) Local Buffer Overflow Exploit
- WEBInsta FM 0.1.4 login.php absolute_path Remote File Inclusion Exploit
- Corel Paint Shop Pro Photo 11.20 (.CLP File) Buffer Overflow Exploit
- MyBulletinBoard (MyBB) <= 1.2.5 calendar.php Blind SQL Injection Exploit
- Joomla 1.5.0 Beta (pcltar.php) Remote File Inclusion Vulnerability
- Winamp <= 5.33 (.AVI File) Remote Denial of Service Exploit
- Pagode 0.5.8 (navigator_ok.php asolute) Remote File Disclosure Vuln
- Opera 9.2 (torrent File) Remote Denial of Service Exploit
- Post Revolution <= 0.7.0 RC 2 (dir) Remote File Inclusion Vulnerability
- GPB Bulletin Board Multiple Remote File Inclusion Vulnerabilities
- GNU Mailutils imap4d 0.6 Remote Format String Exploit (exec-shield)
- Second Sight Software ActiveGS.ocx ActiveX Buffer Overflow POC
- Second Sight Software ActiveMod.ocx ActiveX Buffer Overflow POC
- NetSprint Toolbar ActiveX toolbar.dll Denial of Service POC
- Linksys SPA941 \377 character Remote Denial of Service Exploit
- Linksys SPA941 (remote reboot) Remote Denial of Service Exploit
- Adobe Photoshop CS2 / CS3 Unspecified .BMP File Buffer Overflow Exploit
- USP FOSS Distribution 1.01 (dnld) Remote File Disclosure Vulnerability
- Advanced Webhost Billing System (AWBS) cart2.php RFI Vulnerability
- wavewoo 0.1.1 (loading.php path_include) Remote File Inclusion Exploit
- ABC-View Manager 1.42 (.PSP File) Buffer Overflow Exploit
- FreshView 7.15 (.PSP File) Buffer Overflow Exploit
- JulmaCMS 1.4 (file.php file) Remote File Disclosure Vulnerability
- Ext 1.0 (feed-proxy.php feed) Remote File Disclosure Vulnerability
- Gimp 2.2.14 .RAS File SUNRAS Plugin Buffer Overflow Exploit
- phpBandManager 0.8 (index.php pg) Remote File Inclusion Vulnerability
- phpOracleView (include_all.inc.php page_dir) RFI Vulnerability
- MS Windows (.ANI) GDI Remote Elevation of Privilege Exploit (MS07-017)
- Firefly 1.1.01 (doc_root) Remote File Inclusion Vulnerabilities
- EsForum 3.0 (forum.php idsalon) Remote SQL Injection Vulnerability
- MyDNS 1.1.0 Remote Heap Overflow PoC
- IE NCTAudioFile2.AudioFile ActiveX Remote Stack Overflow Exploit 2
- burnCMS <= 0.2 (root) Remote File Inclusion Vulnerabilities
- IPIX Image Well ActiveX (iPIX-ImageWell-ipix.dll) BoF Exploit
- IrfanView <= 4.00 .IFF File Buffer Overflow Exploit
- Photoshop CS2/CS3 / Paint Shop Pro 11.20 .PNG File BoF Exploit
- PostNuke pnFlashGames Module 1.5 Remote SQL Injection Vulnerability
- Wordpress Plugin myGallery <= 1.4b4 Remote File Inclusion Vulnerability
- Fenice OMS server 1.10 Remote Buffer Overflow Exploit (exec-shield)
- TCExam <= 4.0.011 (SessionUserLang) Shell Injection Exploit
- Imageview 5.3 (fileview.php album) Local File Inclusion Vulnerability
- The Merchant <= 2.2.0 (index.php show) Remote File Inclusion Exploit
- RealPlayer 10 (.ra file) Remote Denial of Service Exploit
- psipuss 1.0 (editusers.php) Remote Change Admin Password Exploit
- 3proxy 0.5.3g proxy.c logurl() Remote Buffer Overflow Exploit (linux)
- 3proxy 0.5.3g proxy.c logurl() Remote Buffer Overflow Exploit (win32)
- Winamp <= 5.34 .MP4 File Code Execution Exploit
- Wordpress plugin wp-Table <= 1.43 (inc_dir) RFI Vulnerability
- Wordpress plugin wordTube <= 1.43 (wpPATH) RFI Vulnerability
- PowerPoint Viewer OCX 3.2 (ActiveX Control) Denial of Service Exploit
- Sendcard <= 3.4.1 (sendcard.php form) Local File Inclusion Vulnerability
- Wordpress plugin myflash <= 1.00 (wppath) RFI Vulnerability
- 3proxy 0.5.3g proxy.c logurl() Remote Overflow Exploit (exec-shield)
- Excel Viewer OCX 3.1.0.6 Multiple Methods Denial of Service Exploit
- PStruh-CZ 1.3/1.5 (download.asp File) File Disclosure Vulnerability
- 1024 CMS 0.7 (download.php item) Remote File Disclosure Vulnerability
- mxBB Module FAQ & RULES 2.0.0 Remote File Inclusion Exploit
- YaPIG 0.95b Remote Code Execution Exploit
- PostNuke Module v4bJournal Remote SQL Injection Vulnerability
- Word Viewer OCX 3.2 Remote Denial of Service Exploit
- phpChess Community Edition 2.0 Multiple RFI Vulnerabilities
- Open Translation Engine (OTE) 0.7.8 (header.php ote_home) RFI Vuln
- PHP Coupon Script 3.0 (index.php bus) Remote SQL Injection Vulnerability
- Pre Classifieds Listings 1.0 Remote SQL Injection Vulnerability
- Pre News Manager 1.0 Remote SQL Injection Vulnerability
- Pre Shopping Mall 1.0 Remote SQL Injection Vulnerability
- Censura 1.15.04 (censura.php vendorid) SQL Injection Vulnerability
- ActSoft DVD-Tools (dvdtools.ocx 3.8.5.0) Stack Overflow Exploit
- Office Viewer OCX 3.2.0.5 Multiple Methods Denial of Service Exploit
- E-GADS! 2.2.6 (common.php locale) Remote File Inclusion Vulnerability
- Versado CMS 1.07 (ajax_listado.php urlModulo) RFI Vulnerability
- workbench 0.11 (header.php path) Remote File Inclusion Vulnerability
- XOOPS Flashgames Module 1.0.1 Remote SQL Injection Vulnerability
- RunCms <= 1.5.2 (debug_show.php) Remote SQL Injection Exploit
- Multiple vendors ZOO file decompression Infinite Loop DoS PoC
- PMECMS <= 1.0 config[pathMod] Remote File Inclusion Vulnerabilities
- Persism CMS <= 0.9.2 system[path] Remote File Inclusion Vulnerabilities
- PHP TopTree BBS 2.0.1a (right_file) Remote File Inclusion Vulnerability
- Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution (2)
- East Wind Software (advdaudio.ocx 1.5.1.1) Local BoF Exploit
- vm watermark for Gallery 0.4.1 Remote File Inclusion Vulnerability
- Nuked-klaN 1.7.6 Remote Code Execution Exploit
- Archangel Weblog 0.90.02 Local File Inclusion / Admin Bypass Vulns
- PHPtree 1.3 (cms2.php s_dir) Remote File Inclusion Vulnerability
- NoAh <= 0.9 pre 1.2 (mfa_theme.php) Remote File Inclusion Vulnerability
- XOOPS Module wfquotes 1.0 0 Remote SQL Injection Vulnerability
- Wikivi5 (show.php sous_rep) Remote File Inclusion Vulnerability
- Friendly <= 1.0d1 (friendly_path) Remote File Inclusion Vulnerabilities
- Tropicalm Crowell Resource 4.5.2 (RESPATH) RFI Vulnerabilities
- Versalsoft HTTP File Upload ActiveX 6.36 (AddFile) Remote DoS Exploit
- ACGVAnnu <= 1.3 (acgv.php rubrik) Local File Inclusion Vulnerability
- DynamicPAD <= 1.02.18 (HomeDir) Remote File Inclusion Vulnerabilities
- Berylium2 2003-08-18 (beryliumroot) Remote File Inclusion Vulnerability
- LaVague <= 0.3 (printbar.php views_path) RFI Vulnerability
- Opera 9.10 alert() Remote Denial of Service Exploit
- Taltech Tal Bar Code ActiveX Control Buffer Overflow Exploit
- SmartCode VNC Manager 3.6 (scvncctrl.dll) Denial of Service Exploit
- CGX 20050314 (pathCGX) Remote File Inclusion Vulnerabilities
- PHPLojaFacil 0.1.5 (path_local) Remote File Inclusion Vulnerabilities
- GNUEDU 1.3b2 Multiple Remote File Inclusion Vulnerabilities
- IncrediMail IMMenuShellExt ActiveX Control Buffer Overflow Exploit
- Miplex2 (SmartyFU.class.php) Remote File Inclusion Vulnerability
- phpMyPortal 3.0.0 RC3 GLOBALS[CHEMINMODULES] RFI Exploit
- Sienzo Digital Music Mentor 2.6.0.4 SetEvalExpiryDate SEH Overwrite
- Sienzo Digital Music Mentor 2.6.0.4 SetEvalExpiryDate EIP Overwrite
- BarCodeWiz ActiveX Control 2.52 (BarcodeWiz.dll) SEH Overwrite Exploit
- BarCodeWiz ActiveX Control 2.0 (BarcodeWiz.dll) Remote BoF PoC
- aForum <= 1.32 (CommonAbsDir) Remote File Inclusion Vulnerability
- telltarget <= 1.3.3 (tt_docroot) Remote File Inclusion Vulnerabilities
- SimpleNews <= 1.0.0 FINAL (print.php news_id) SQL Injection Exploit
- TutorialCMS <= 1.00 (search.php search) SQL Injection Exploit
- Gimp 2.2.14 .RAS File Download/Execute Buffer Overflow Exploit (win32)
- GDivX Zenith Player AviFixer Class (fix.dll 1.0.0.1) Buffer Overflow PoC
- McAfee VirusScan 10.0.21 ActiveX control Stack Overflow PoC
- Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service Exploit
- MS Internet Explorer <= 7 Remote Arbitrary File Rewrite PoC (MS07-027)
- McAfee Security Center IsOldAppInstalled ActiveX BoF Exploit
- Original 0.11 config.inc.php x[1] Remote File Inclusion Vulnerability
- Thyme Calendar 1.3 Remote SQL Injection Vulnerability
- TaskDriver <= 1.2 Login Bypass/SQL Injection Exploit
- eTrust Antivirus Agent r8 Local Privilege Elevation Exploit
- Hewlett Packard 1.0.0.309 hpqvwocx.dll ActiveX Magview Overflow PoC
- Morovia Barcode ActiveX Professional 3.3.1304 Arbitrary File Overwrite
- Snaps! Gallery 1.4.4 Remote User Pass Change Exploit
- maGAZIn 2.0 (phpThumb.php src) Remote File Disclosure Vulnerability
- R2K Gallery 1.7 (galeria.php lang2) Local File Inclusion Vulnerability
- Monalbum 0.8.7 Remote Code Execution Exploit
- W1L3D4 Philboard 0.2 (W1L3D4_bolum.asp forumid) SQL Injection Vuln
- PHP FirstPost 0.1 (block.php Include) Remote File Inclusion Exploit
- iG Shop 1.4 (page.php) Remote SQL Injection Vulnerability
- YAAP <= 1.5 __autoload() Remote File Inclusion Vulnerability
- Beacon 0.2.0 (splash.lang.php) Remote File Inclusion Vulnerability
- PrecisionID Barcode ActiveX 1.3 Denial of Service Exploit
- EfesTECH Haber 5.0 (id) Remote SQL Injection Vulnerability
- notepad++ 4.1 ruby file processing Buffer Overflow Exploit (win32)
- webdesproxy 0.0.1 (GET Request) Remote Buffer Overflow Exploit
- BlogMe 3.0 (archshow.asp var) Remote SQL Injection Vulnerability
- CJG EXPLORER PRO 3.2 (g_pcltar_lib_dir) RFI Vulnerabilities
- VImpX ActiveX (VImpX.ocx v. 4.7.3.0) Remote Buffer Overflow Exploit
- ID Automation Linear Barcode ActiveX Denial of Service Exploit
- phpAtm 1.30 (downloadfile) Remote File Disclosure Vulnerability
- NagiosQL 2005 2.00 (prepend_adm.php) Remote File Inclusion Vuln
- Feindt Computerservice News 2.0 (newsadmin.php action) RFI Vuln
- Clever Database Comparer ActiveX 2.2 Remote Buffer Overflow PoC
- webdesproxy 0.0.1 (GET Request) Remote Root Exploit (exec-shield)
- Linksnet Newsfeed 1.0 Remote File Inclusion Vulnerability
- Media Gallery for Geeklog <= 1.4.8a Remote File Inclusion Vulnerability
- TinyIdentD <= 2.2 Remote Buffer Overflow Exploit
- MS Windows Vista forged ARP packet Network Stack DoS Exploit
- DeWizardX (DEWizardAX.ocx) Arbitrary File Overwrite Exploit
- Achievo 1.1.0 (atk.inc config_atkroot) Remote File Inclusion Vulnerability
- BitsCast 0.13.0 (invalid string) Remote Denial of Service Exploit
- NewzCrawler 1.8 (invalid string) Remote Denial of Service Exploit
- XOOPS Module resmanager <= 1.21 BLIND SQL Injection Exploit
- XOOPS Module Glossarie <= 1.7 (sid) Remote SQL Injection Exploit
- XOOPS Module MyConference 1.0 (index.php) SQL Injection Exploit
- Eudora 7.1 SMTP ResponseRemote Remote Buffer Overflow Exploit
- Glossword 1.8.1 custom_vars.php Remote File Inclusion Vulnerability
- RunawaySoft Haber portal 1.0 (tr) Multiple Remote Vulnerabilities
- PrecisionID Barcode ActiveX 1.9 Remote Denial of Service Exploit
- PrecisionID Barcode ActiveX 1.9 Remote Arbitrary File Overwrite Exploit
- CA BrightStor Backup 11.5.2.0 caloggderd.exe Denial of Service Exploit
- CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Exploit
- PHPGlossar 0.8 (format_menue) Remote File Inclusion Vulnerabilities
- SimpNews <= 2.40.01 (print.php newnr) Remote SQL Injection Exploit
- FAQEngine <= 4.16.03 (question.php questionref) SQL Injection Exploit
- Mambo com_yanc 1.4 beta (id) Remote SQL Injection Vulnerability
- MagicISO <= 5.4(build239) .cue File Heap Overflow PoC
- GeekLog 2.x ImageImageMagick.php Remote File Inclusion Vulnerability
- Build it Fast (bif3) 0.4.1 Multiple Remote File Inclusion Vulnerabilities
- Libstats <= 1.0.3 (template_csv.php) Remote File Inclusion Vulnerability
- MolyX BOARD 2.5.0 (index.php lang) Local File Inclusion Vulnerability
- LeadTools JPEG 2000 COM Object Remote Stack Overflow Exploit
- LeadTools Thumbnail Browser Control (lttmb14E.ocx) Remote BoF Exploit
- LeadTools Raster Thumbnail Object Library (LTRTM14e.DLL) BoF Exploit
- SunLight CMS 5.3 (root) Remote File Inclusion Vulnerabilities
- Rational Software Hidden Administrator 1.7 Auth Bypass Exploit
- Zomplog <= 3.8 (mp3playlist.php speler) Remote SQL Injection Exploit
- AlstraSoft E-Friends <= 4.21 Admin Session Retrieve Exploit
- AlstraSoft Live Support v1.21 Admin Credential Retrieve Exploit
- AlstraSoft Template Seller Pro <= 3.25 Admin Password Change Exploit
- AlstraSoft Template Seller Pro <= 3.25 Remote Code Execution Exploit
- Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit
- LeadTools Raster Variant (LTRVR14e.dll) Remote File Overwrite Exploit
- Ol Bookmarks Manager 0.7.4 (root) Remote File Inclusion Vulnerabilities
- TutorialCMS <= 1.01 Authentication Bypass Vulnerability
- Ol Bookmarks Manager 0.7.4 Remote SQL Injection Vulnerability
- Microsoft IIS 6.0 (/AUX/.aspx) Remote Denial of Service Exploit
- Pegasus ImagN ActiveX Control Remote Buffer Overflow Exploit
- Virtual CD 9.0.0.2 (vc9api.DLL) Remote Shell Commands Execution Exploit
- KSign KSignSWAT <= 2.0.3.3 ActiveX Control Remote BoF Exploit
- LeadTools ISIS Control (ltisi14E.ocx v.14.5.0.44) Remote DoS Exploit
- BtiTracker <= 1.4.1 (become admin) Remote SQL Injection Vulnerability
- NavBoard 2.6.0 Remote Code Execution Exploit
- Scallywag (template.php path) Remote File Inclusion Vulnerabilities
- Microsoft Office 2000 (OUACTRL.OCX v. 1.0.1.9) Remote DoS Exploit
- Dokeos <= 1.8.0 (my_progress.php course) Remote SQL Injection Exploit
- MagicISO <= 5.4 (build239) .cue File Local Buffer Overflow Exploit
- Microsoft Visual Basic 6.0 Project (Company Name) Stack overflow PoC
- Microsoft Visual Basic 6.0 Project (Description) Stack overflow PoC
- UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow PoC
- LeadTools Raster Dialog File Object Activex Remote Buffer Overflow PoC
- Dokeos <= 1.6.5 (courseLog.php scormcontopen) SQL Injection Exploit
- cpCommerce <= 1.1.0 (category.php id_category) SQL Injection Exploit
- Dart Communications PowerTCP Service Control Remote BoF Exploit
- FirmWorX 0.1.2 Multiple Remote File Inclusion Vulnerabilities
- Dart Communications PowerTCP ZIP Compression Remote BoF Exploit
- Mac OS X <= 10.4.8 pppd Plugin Loading Privilege Escalation Exploit
- LeadTools Raster Dialog File_D Object Remote Buffer Overflow Exploit
- Webavis 0.1.1 (class.php root) Remote File Inclusion Vulnerability
- gCards <= 1.46 SQL Injection/Remote Code Execution Exploit
- My Little Forum <= 1.7 (user.php id) Remote SQL Injection Exploit
- vBulletin vBGSiteMap 2.41 (root) Remote File Inclusion Vulnerabilities
- OpenBASE 0.6a (root_prefix) Remote File Inclusion Vulnerabilities
- FlaP 1.0b (pachtofile) Remote File Inclusion Vulnerabilities
- IE 6 / Ademco, co., ltd. ATNBaseLoader100 Module Remote BoF Exploit
- Mazens PHP Chat V3 (basepath) Remote File Inclusion Vulnerabilities
- TROforum 0.1 (admin.php site_url) Remote File Inclusion Vulnerability
- Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)
- Frequency Clock 0.1b (securelib) Remote File Inclusion Vulnerabilities
- Fundanemt <= 2.2.0 (spellcheck.php) Remote Code Execution Exploit
- Vistered Little 1.6a (skin) Remote File Disclosure Vulnerability
- WAnewsletter <= 2.1.3 Remote File Inclusion Vulnerability
- UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow Exploit
- UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow Exploit 2
- Joomla Component Phil-a-Form <= 1.2.0.0 SQL Injection Exploit
- Inout Search Engine (all version) Remote Code Execution Exploit
- AdminBot 9.0.5 (live_status.lib.php ROOT) RFI Vulnerability
- Pheap 2.0 Admin Bypass / Remote Code Execution Exploit
- Vizayn Urun Tanitim Sistemi 0.2 (tr) Remote SQL Injection Vulnerability
- Zenturi ProgramChecker ActiveX File Download/Overwrite Exploit
- EDraw Office Viewer Component Denial of Service Exploit
- EDraw Office Viewer Component Unsafe Method Exploit
- LeadTools Raster ISIS Object (LTRIS14e.DLL v. 14.5.0.44) Remote BoF
- LeadTools Raster OCR Document Object Library Memory Corruption Exploit
- Mac OS X < 2007-005 (vpnd) Local Privilege Escalation Exploit
- Eudora 7.1.0.9 (IMAP FLAGS) Remote SEH Overwrite Exploit 0day
- Vivotek Motion Jpeg Control (MjpegDecoder.dll 2.0.0.13) Remote Exploit
- Microsoft IIS <= 5.1 Hit Highlighting Authentication Bypass Exploit
- Acoustica MP3 CD Burner 4.32 Local Buffer Overflow PoC
- Particle Gallery <= 1.0.1 Remote SQL Injection Exploit
- RevokeBB <= 1.0 RC4 Blind SQL Injection / Hash Retrieve Exploit
- Zenturi ProgramChecker ActiveX (sasatl.dll) Remote BoF Exploit
- XOOPS Module icontent 1.0/4.5 Remote File Inclusion Exploit
- IE6 / Provideo Camimage (ISSCamControl.dll 1.0.1.5) Remote BoF Exploit
- DVD X Player 4.1 Professional .PLF file Buffer Overflow Exploit
- Quick.Cart <= 2.2 RFI/LFI Remote Code Execution Exploit
- PNphpBB2 <= 1.2 (index.php c) Remote SQL Injection Exploit
- IBM Tivoli Provisioning Manager PRE AUTH Remote Exploit
- screen 4.0.3 Local Authentication Bypass Vulnerability (OpenBSD)
- Sendcard <= 3.4.1 (Local File Inclusion) Remote Code Execution Exploit
- EQdkp <= 1.3.2 (listmembers.php rank) Remote SQL Injection Exploit
- Madirish Webmail 2.0 (addressbook.php) Remote File Inclusion Vuln
- HP Tru64 Remote Secure Shell User Enumeration Exploit (CVE-2007-2791)
- SNMPc <= 7.0.18 Remote Denial of Service Exploit (meta)
- Kravchuk letter script 1.0 (scdir) Remote File Inclusion Vulnerabilities
- Comicsense 0.2 (index.php epi) Remote SQL Injection Vulnerability
- PBLang <= 4.67.16.a Remote Code Execution Exploit
- Comicsense 0.2 (index.php epi) Remote SQL Injection Exploit
- DRDoS - Distributed Reflection Denial of Service
- Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit
- Kartli Alisveris Sistemi 1.0 Remote SQL Injection Vulnerability
- NewsSync for phpBB 1.5.0rc6 Remote File Inclusion Exploit
- Yahoo! Messenger Webcam 8.1 ActiveX Remote Buffer Overflow Exploit
- Yahoo! Messenger Webcam 8.1 ActiveX Remote Buffer Overflow Exploit 2
- MS Windows GDI+ ICO File Remote Denial of Service Exploit
- Microsoft Windows Animated Cursor Stack Overflow Exploit
- MiniWeb Http Server 0.8.x Remote Denial of Service Exploit
- SafeNET High Assurance Remote 1.4.0 (IPSecDrv.sys) Remote DoS
- Zenturi ProgramChecker ActiveX Multiple Insecure Methods Exploit
- Zenturi ProgramChecker ActiveX NavigateUrl() Insecure Method Exploit
- MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
- Yahoo! Messenger Webcam 8.1 (Ywcvwr.dll) Download / Execute Exploit
- Yahoo! Messenger Webcam 8.1 (Ywcupl.dll) Download / Execute Exploit
- e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit
- PHP Real Estate Classifieds Remote File Inclusion Exploit
- Internet Download Accelerator 5.2 Remote Buffer Overflow PoC
- GeometriX Download Portal (down_indir.asp id) SQL Injection Vuln
- Ace-FTP Client 1.24a Remote Buffer Overflow PoC
- Link Request Contact Form 3.4 Remote Code Execution Vulnerability
- TEC-IT TBarCode OCX ActiveX Remote Arbitrary File Overwrite Exploit
- Safari 3 for Windows Beta Remote Command Execution PoC
- Fuzzylime Forum 1.0 (low.php topic) Remote SQL Injection Exploit
- XOOPS Module TinyContent 1.5 Remote File Inclusion Vulnerability
- XOOPS Module Horoscope <= 2.0 Remote File Inclusion Vulnerability
- Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
- Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
- Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
- XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
- XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
- XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
- Sitellite CMS <= 4.2.12 (559668.php) Remote File Inclusion Vulnerability
- PHP::HTML 0.6.4 (phphtml.php) Remote File Inclusion Vulnerability
- phpMyInventory 2.8 (global.inc.php) Remote File Inclusion Vulnerability
- YourFreeScreamer 1.0 (serverPath) Remote File Inclusion Vulnerability
- MiniBB 2.0.5 (language) Local File Inclusion Exploit
- Solar Empire <= 2.9.1.1 Blind SQL Injection / Hash Retrieve Exploit
- MiniBill 1.2.5 (run_billing.php) Remote File Inclusion Vulnerability
- PHP 5.2.3 Tidy extension Local Buffer Overflow Exploit
- Jasmine CMS 1.0 SQL Injection/Remote Code Execution Exploit
- LiveCMS <= 3.4 (categoria.php cid) Remote SQL Injection Exploit
- W1L3D4 WEBmarket 0.1 Remote SQL Injection Vulnerability
- XOOPS Module WiwiMod 0.4 Remote File Inclusion Vulnerability
- Musoo 0.21 Remote File Inclusion Vulnerabilities
- LAN Management System (LMS) <= 1.9.6 Remote File Inclusion Exploit
- BitchX 1.1-final (EXEC) Remote Command Execution Exploit
- HTTP SERVER (httpsv) 1.6.2 (GET 404) Remote Denial of Service Exploit
- SerWeb 0.9.4 (load_lang.php) Remote File Inclusion Exploit
- Powl 0.94 (htmledit.php) Remote File Inclusion Vulnerability
- Sun Board 1.00.00 alpha Remote File Inclusion Vulnerabilities
- NetClassifieds (SQL/XSS/Full Path) Multiple Remote Vulnerabilities
- Apache mod_jk 1.2.19/1.2.20 Remote Buffer Overflow Exploit
- BarCode ActiveX Control BarCodeAx.dll 4.9 Remote Overflow Exploit
- Pharmacy System 2.0 (index.php ID) Remote SQL Injection Vulnerability
- Pluxml 0.3.1 Remote Code Execution Exploit
- DAGGER Web Engine <= 23jan2007 Remote File Inclusion Vulnerability
- Simple Invoices 2007 05 25 (index.php submit) SQL Injection Exploit
- e107 <= 0.7.8 (photograph) Arbitrary File Upload Vulnerability
- phpTrafficA <= 1.4.2 (pageid) Remote SQL Injection Vulnerability
- NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll v. 2.6.2.157) Exploit
- b1gbb 2.24.0 (footer.inc.php tfooter) Remote File Inclusion Vulnerability
- BugMall Shopping Cart 2.5 (SQL/XSS) Multiple Remote Vulnerabilities
- 6ALBlog (newsid) Remote SQL Injection Vulnerability
- SiteDepth CMS 3.44 (ShowImage.php name) File Disclosure Vulnerability
- DreamLog 0.5 (upload.php) Arbitrary File Upload Exploit
- Pagetool 1.07 (news_id) Remote SQL Injection Vulnerability
- eDocStore (doc.php doc_id) Remote SQL Injection Vulnerability
- NCTAudioStudio2 ActiveX DLL 2.6.1.148 CreateFile() Insecure Method
- Avaxswf.dll v.1.0.0.1 from Avax Vector ActiveX Arbitrary Data Write
- phpSiteBackup 0.1 (pcltar.lib.php) Remote File Inclusion Vulnerability
- EVA-Web 1.1<= 2.2 (index.php3) Remote File Inclusion Vulnerabilities
- WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit
- elkagroup Image Gallery 1.0 Remote SQL Injection Vulnerability
- QuickTalk forum 1.3 (lang) Local File Inclusion Vulnerabilities
- QuickTicket 1.2 (qti_checkname.php) Local File Inclusion Vulnerability
- RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow PoC
- HP Digital Imaging (hpqxml.dll 2.0.0.133) Arbitary Data Write Exploit
- Sony Network Camera SNC-P5 v1.0 ActiveX viewer Heap Overflow PoC
- Microsoft Excel 2000/2003 Sheet Name Vulnerability PoC
- b1gbb 2.24.0 (SQL Injection / XSS) Remote Vulnerabilities
- AMX Corp. VNC ActiveX Control (AmxVnc.dll 1.0.13.0) BoF Exploit
- GL-SH Deaf Forum <= 6.4.4 Local File Inclusion Vulnerabilities
- WebChat 0.78 (login.php rid) Remote SQL Injection Vulnerability
- W3Filer 2.1.3 Remote Stack Overflow PoC
- Buddy Zone 1.5 (view_sub_cat.php cat_id) SQL Injection Vulnerability
- Buddy Zone <= 1.5 Multiple SQL Injection Vulnerabilities
- Ripe Website Manager (CMS) <= 0.8.9 Remote File Inclusion Vulns
- TotalCalendar <= 2.402 (view_event.php) Remote SQL Injection Vulns
- XCMS 1.1 (Galerie.php) Local File Inclusion Vulnerabilities
- sPHPell 1.01 Multiple Remote File Inclusion Vulnerabilities
- ArcadeBuilder Game Portal Manager 1.7 Remote SQL Injection Vuln
- Easybe 1-2-3 Music Store (process.php) Remote SQL Injection Vuln
- phpEventCalendar <= 0.2.3 (eventdisplay.php) SQL Injection Exploit
- YouTube Clone Script (msg.php id) Remote SQL Injection Vulnerability
- HP Instant Support (Driver Check) Remote Buffer Overflow Exploit PoC
- AV Arcade 2.1b (index.php id) Remote SQL Injection Vulnerability
- PHPDirector <= 0.21 (videos.php id) Remote SQL Injection Vulnerability
- vbzoom 1.x (forum.php MainID) Remote SQL Injection Vulnerability
- SuperCali PHP Event Calendar 0.4.0 SQL Injection Vulnerability
- Girlserv ads <= 1.5 (details_news.php) SQL Injection Vulnerability
- AXIS Camera Control (AxisCamControl.ocx v. 1.0.2.15) BoF Exploit
- MyCMS <= 0.9.8 Remote Command Execution Exploit (2 method)
- MyCMS <= 0.9.8 Remote Command Execution Exploit
- ESRI ArcSDE 9.0 - 9.2sp1 Remote Buffer Overflow Exploit
- PNphpBB2 <= 1.2i viewforum.php Remote SQL Injection Exploit
- EnjoySAP ActiveX kweditcontrol.kwedit.1 Remote Stack Overflow PoC
- EnjoySAP ActiveX rfcguisink.rfcguisink.1 Remote Heap Overflow PoC
- VRNews 1.1.1 (admin.php) Remote Permission Bypass Vulnerability
- AsteriDex <= 3.0 Remote (callboth.php) Remote Code Execution Exploit
- ViRC 2.0 (JOIN Response) Remote SEH Overwrite Exploit 0day
- phpVID 0.9.9 (categories_type.php cat) SQL Injection Vulnerability
- eMeeting Online Dating Software 5.2 SQL Injection Vulnerabilities
- HP Digital Imaging (hpqvwocx.dll v. 2.1.0.556) SaveToFile() Exploit
- LimeSurvey (PHPSurveyor) 1.49RC2 Remote File Inclusion Vulnerability
- SAP DB 7.4 WebTools Remote SEH overwrite Exploit
- NeoTracePro 3.25 ActiveX TraceTarget() Remote BoF Exploit
- GameSiteScript <= 3.1 (profile id) Remote SQL Injection Vulnerability
- Chilkat Zip ActiveX Component 12.4 Multiple Insecure Methods Exploit
- FlashGameScript <= 1.7 (user) Remote SQL Injection Vulnerability
- Apache Tomcat Connector (mod_jk) Remote Exploit (exec-shield)
- AV Tutorial Script 1.0 Remote User Pass Change Exploit
- Aigaion <= 1.3.3 (topic topic_id) Remote SQL Injection Vulnerability
- WinPcap 4.0 NPF.SYS Privilege Elevation Vulnerability PoC Exploit
- vBulletin Mod RPG Inferno 2.4 (inferno.php) SQL Injection Vulnerability
- OpenLD <= 1.2.2 (index.php id) Remote SQL Injection Vulnerability
- Sun Java WebStart JNLP Stack Buffer Overflow Exploit PoC
- FlashBB <= 1.1.8 (sendmsg.php) Remote File Inclusion Vulnerability
- Program Checker (sasatl.dll 1.5.0.531) Javascript Heap Spraying Exploit
- Mail Machine <= 3.989 Local File Inclusion Exploit
- Linux Kernel < 2.6.20.2 IPV6_Getsockopt_Sticky Memory Leak PoC
- SquirrelMail G/PGP Encryption Plug-in 2.0 Command Execution Vuln
- PsNews 1.1 (show.php newspath) Local File Inclusion Vulnerability
- PHP 5.2.3 bz2 com_print_typeinfo() Denial of Service Exploit
- SecureBlackbox (PGPBBox.dll 5.1.0.112) Arbitary Data Write Exploit
- Program Checker (sasatl.dll 1.5.0.531) DebugMsgLog Heap Spraying Exploit
- Symantec AntiVirus symtdi.sys Local Privilege Escalation Exploit
- MkPortal <= 1.1.1 reviews / gallery modules SQL Injection Exploit
- MKPortal NoBoard Module (BETA) Remote File Inclusion Vulnerability
- PHP 5.2.3 glob() Denial of Service Exploit
- CMScout <= 1.23 (index.php) Remote SQL Injection Vulnerability
- eSyndiCat Directory Software Multiple SQL Injection Vulnerabilities
- Realtor 747 (index.php categoryid) Remote SQL Injection Vulnerbility
- Prozilla Directory Script (directory.php cat_id) SQL Injection Vulnerbility
- paFileDB 3.6 (search.php) Remote SQL Injection Vulnerability
- Traffic Stats (referralUrl.php offset) Remote SQL Injection Vulnerbility
- Flash Player/Plugin Video file parsing Remote Code Execution POC
- Expert Advisior (index.php id) Remote SQL Injection Vulnerbility
- Data Dynamics ActiveBar ActiveX (actbar3.ocx <= 3.1) Insecure Methods
- Pictures Rating (index.php msgid) Remote SQL Injection Vulnerbility
- Vivvo CMS <= 3.4 (index.php) Remote BLIND SQL Injection Exploit
- QuickEStore <= 8.2 (insertorder.cfm) Remote SQL Injection Vulnerability
- Joomla Component Expose <= RC35 Remote File Upload Vulnerability
- BBS E-Market (postscript.php p_mode) Remote File Inclusion Vulnerability
- Asterisk < 1.2.22 / 1.4.8 / 2.2.1 chan_skinny Remote Denial of Service
- phpBB Module SupaNav 1.0.0 (link_main.php) RFI Vulnerability
- A-shop <= 0.70 Remote File Deletion Vulnerability
- Md-Pro <= 1.0.8x (Topics topicid) Remote SQL Injection Vulnerability
- Versalsoft HTTP File Uploader AddFile() Remote Buffer Overflow Exploit
- Joomla Component Pony Gallery <= 1.5 SQL Injection Vulnerability
- Oracle 9i/10g evil views Change Passwords Exploit (CVE-2007-3855)
- PHP <= 5.2.3 snmpget() object id Local Buffer Overflow Exploit
- TeamSpeak 2.0 (Windows Release) Remote Denial of Service Exploit
- Blog System 1.x (index.php news_id) Remote SQL Injection Vulnerability
- Lotus Domino IMAP4 Server 6.5.4 Remote Buffer Overflow Exploit
- Data Dynamics ActiveReport ActiveX (actrpt2.dll <= 2.5) Inscure Method
- WSN Links Basic Edition (displaycat catid) SQL Injection Vulnerbility
- RGameScript Pro (page.php id) Remote File Inclusion Vulnerability
- JBlog 1.0 Create / Delete Admin Authentication Bypass Exploit
- Joomla! CMS 1.5 beta 2 (search) Remote Code Execution Vulnerability
- bwired (index.php newsID) Remote SQL Injection Vulnerability
- Zenturi NixonMyPrograms Class (sasatl.dll v. 1.5.0.531) Remote BoF
- MS Windows Explorer.exe Gif Image Denial of Service Exploit
- Xserver 0.1 Alpha Post Request Remote Buffer Overflow Exploit
- LinkedIn Toolbar 3.0.2.1098 Remote Buffer Overflow Exploit
- PHP 5.2.3 win32std ext. safe_mode/disable_functions Protections Bypass
- Confixx Pro <= 3.3.1 (saveserver.php) Remote File Inclusion Vulnerability
- Entertainment CMS (Local Inclusion) Remote Command Execution Exploit
- Article Directory (index.php page) Remote File Inclusion Vulnerability
- Windows RSH daemon 1.7 Remote Buffer Overflow Exploit
- IPSwitch IMail Server 2006 SEARCH Remote Stack Overflow Exploit
- Webyapar 2.0 Multiple Remote SQL Injection Vulnerabilities
- IndexScript <= 2.8 (show_cat.php cat_id) SQL Injection Vulnerability
- Clever Internet ActiveX Suite 6.2 Arbitrary File Download/Overwrite
- PHP php_gd2.dll imagepsloadfont Local Buffer Overflow PoC
- IPSwitch IMail Server 2006 9.10 SUBSCRIBE Remote Overflow Exploit
- CrystalPlayer 1.98 Playlist Crafted mls File Local Buffer Overflow Exploit
- Nessus Vulnerability Scanner 3.0.6 ActiveX Remote Delete File Exploit
- IBM AIX <= 5.3 sp6 capture Terminal Sequence Local Root Exploit
- IBM AIX <= 5.3 sp6 pioout Arbitrary Library Loading Local Root Exploit
- IBM AIX <= 5.3 sp6 ftp gets() Local Root Exploit
- mlsrvx.dll 1.8.9.1 ArGoSoft Mail Server Data Write/Code Execution
- Seditio CMS <= v121 (pfs.php) Remote File Upload Vulnerability
- PHP 5.x (win32service) Local Safe Mode Bypass Exploit
- Nessus Vulnerability Scanner 3.0.6 ActiveX Command Exec Exploit
- Adult Directory (cat_id) Remote SQL Injection Vulnerability
- SimpleBlog 3.0 (comments_get.asp id) Remote SQL Injection Vulnerability
- VMware IntraProcessLogging.dll 5.5.3.42958 Arbitrary Data Write Exploit
- PHP123 Top Sites (category.php cat) Remote SQL Injection Vuln
- LinPHA <= 1.3.1 (new_images.php) Remote Blind SQL Injection Exploit
- corehttp 0.5.3alpha (httpd) Remote Buffer Overflow Exploit
- VMware Inc 6.0.0 (vielib.dll 2.2.5.42958) Remode Code Execution Exploit
- VMware Inc 6.0.0 CreateProcess Remote Code Execution Exploit
- wolioCMS Auth Bypass / Remote SQL Injection Vulnerabilities
- Borland Interbase <= 2007 SP1 Create-Request Remote Overflow Exploit
- Joomla Component com_gmaps 1.00 (mapId) Remote SQL Injection
- Asterisk < 1.2.22, 1.4.8 IAX2 channel driver Remote Crash Exploit
- Yahoo! Widget < 4.0.5 GetComponentVersion() Remote Overflow Exploit
- MS Internet Explorer 6 DirectX Media Remote Overflow DoS Exploit
- Live for Speed S1/S2/Demo (.mpr replay file) Buffer Overflow Exploit
- paBugs <= 2.0 Beta 3 (main.php cid) Remote SQL Injection Exploit
- AuraCMS [Forum Module] Remote SQL Injection Vulnerability
- CHILKAT ASP String (CkString.dll <= 1.1) SaveToFile() Inscure Method
- Envolution <= 1.1.0 (topic) Remote SQL Injection Exploit
- Panda Antivirus 2008 Local Privilege Escalation Exploit
- la-nai cms 1.2.14 Multiple Remote SQL Injection Vulnerabilities
- Microsoft Visual 6 (VDT70.DLL NotSafe) Stack Overflow Exploit
- PHP mSQL (msql_connect) Local Buffer Overflow PoC
- YNP Portal System 2.2.0 (showpage.cgi p) Remote File Disclosure
- Live for Speed S1/S2/Demo (.ply file) Buffer Overflow Exploit
- Live for Speed S1/S2/Demo (.spr file) Buffer Overflow Exploit
- CartWeaver (Details.cfm ProdID) Remote SQL Injection Vulnerability
- Prozilla Pub Site Directory (directory.php cat) SQL Injection Vulnerbility
- BIND 9 DNS Cache Poisoning Exploit (v0.3beta)
- PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion Vulnerability
- PHPNews 0.93 (format_menue) Remote File Inclusion Vulnerability
- FrontAccounting 1.12 Build 31 Remote File Inclusion Vulnerability
- PHP mSQL (msql_connect) Local Buffer Overflow Exploit
- FishCart <= 3.2 RC2 (fc_example.php) Remote File Inclusion Vulnerability
- Cisco IOS Next Hop Resolution Protocol (NHRP) Denial of Service Exploit
- Ncaster 1.7.2 (archive.php) Remote File Inclusion Vulnerability
- PHP <= 5.2.3 snmpget() object id Local Buffer Overflow Exploit (EDI)
- Php Blue Dragon CMS 3.0.0 Remote SQL Injection Exploit
- Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability
- Php Blue Dragon CMS 3.0.0 Remote Code Execution Exploit
- Pixlie 1.7 (pixlie.php root) Remote File Disclosure Vulnerability
- Microsoft DXMedia SDK 6 (SourceUrl) ActiveX Remote Code Execution
- Savant 3.1 Get Request Remote Overflow Exploit (Universal)
- WengoPhone 2.x SIP Phone Remote Denial of Service Exploit
- SOTEeSKLEP <= 3.5RC9 (file) Remote File Disclosure Vulnerability
- Racer v0.5.3 beta 5 Remote Buffer Overflow Exploit
- Prozilla Webring Website Script (category.php cat) Remote SQL Injection
- CounterPath X-Lite 3.x SIP phone Remote Denial of Service Exploit
- IBM Rational ClearQuest Web Login Bypass SQL Injection Vulnerability
- SurgeMail 38k (SEARCH) Remote Buffer Overflow Exploit
- WireShark < 0.99.6 MMS Remote Denial of Service Exploit
- Easy Chat Server 2.2 Remote Denial of Service Exploit
- EDraw Office Viewer Component 5.1 HttpDownloadFile() Insecure Method
- GetMyOwnArcade (search.php query) Remote SQL Injection Vulnerability
- Diskeeper 9 Remote Memory Disclosure Exploit
- PHP <= 5.2.0 (php_win32sti) Local Buffer Overflow PoC (win32)
- Mercury SMTPD Remote Preauth Stack Based Overrun PoC
- Squirrelcart <= 1.x.x (cart.php) Remote File Inclusion Vulnerability
- Mambo Component SimpleFAQ 2.11 Remote SQL Injection Vulnerability
- Cisco IP Phone 7940 (3 SIP messages) Remote Denial of Service Exploit
- Cisco IP Phone 7940 (10 SIP messages) Remote Denial of Service Exploit
- eCentrex VOIP Client module (uacomx.ocx 2.0.1) Remote BOF Exploit
- litecommerce 2004 (category_id) Remote SQL Injection Vulnerability
- Mercury/32 4.51 SMTPD CRAM-MD5 Pre-Auth Remote Overflow Exploit
- PHP <= 5.2.3 (php_win32sti) Local Buffer Overflow Exploit
- PHP <= 5.2.3 (php_win32sti) Local Buffer Overflow Exploit (2)
- PHP 5.2.3 php_ntuser ntuser_getuserlist() Local Buffer Overflow PoC
- Joomla Component NeoRecruit <= 1.4 (id) SQL Injection Vulnerability
- Mambo Component RemoSitory (cat) Remote SQL Injection Vulnerability
- Joomla Component RSfiles <= 1.0.2 (path) File Download Vulnerability
- Joomla Component Nice Talk <= 0.9.3 (tagid) SQL Injection Vulnerability
- Joomla Component EventList <= 0.8 (did) SQL Injection Vulnerability
- Joomla Component BibTeX <= 1.3 Remote Blind SQL Injection Exploit
- PHP FFI Extension 5.0.5 Local Safe_mode Bypass Exploit
- ProFTPD 1.x (module mod_tls) Remote Buffer Overflow Exploit
- SunShop 4.0 RC 6 (search) Remote Blind SQL Injection Exploit
- PHP Perl Extension Safe_mode BypassExploit
- SIDVault LDAP Server Preauth Remote Buffer Overflow Exploit
- Mercury/32 v3.32-v4.51 SMTP Pre-Auth EIP Overwrite Exploit
- 2532|Gigs 1.2.1 (activateuser.php) Local File Inclusion Vulnerability
- PHP <= 5.2.0 (php_iisfunc.dll) Local Buffer Overflow PoC (win32)
- Thomson SIP phone ST 2030 Remote Denial of Service Exploit
- SomeryC <= 0.2.4 (include.php skindir) Remote File Inclusion Vulnerability
- BitchX 1.1 Final MODE Remote Heap Overflow Exploit (0-day)
- NVR SP2 2.0 (nvUnifiedControl.dll v. 1.1.45.0)SetText() Remote Exploit
- NVR SP2 2.0 (nvUtility.dll v. 1.0.14.0) SaveXMLFile() Inscure Method
- NVR SP2 2.0 (nvUtility.dll v. 1.0.14.0) DeleteXMLFile() Inscure Method
- XAMPP for Windows 1.6.3a Local Privilege Escalation Exploit
- Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties
- WBB2-Addon: Acrotxt v1 (show) Remote SQL Injection Vulnerability
- Postcast Server Pro 3.0.61 / Quiksoft EasyMail (emsmtp.dll 6.0.1) BoF
- Micro CMS 3.5 (revert-content.php) Remote SQL Injection Vulnerability
- ACG News 1.0 (aid/catid) Remote SQL Injection Vulnerabilities
- DL PayCart 1.01 (viewitem.php ItemID) Blind SQL Injection Exploit
- VWar <= v1.5.0 R15 (mvcw.php) Remote File Inclusion Vulnerability
- PHPNuke-Clan <= 4.2.0 (mvcw_conver.php) RFI Vulnerability
- MSN messenger 7.x (8.0?) VIDEO Remote Heap Overflow Exploit
- Yahoo! Messenger 8.1.0.413 (webcam) Remote Crash Exploit
- xGB 2.0 (xGB.php) Remote Permission Bypass Vulnerability
- MS Windows (GDI32.DLL) Denial of Service Exploit (MS07-046)
- ABC estore 3.0 (cat_id) Remote Blind SQL Injection Exploit
- PHPNS 1.1 (shownews.php id) Remote SQL Injection Vulnerability
- phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerabilities
- Pakupaku CMS <= 0.4 Remote File Upload / LFI Vulnerability
- NMDeluxe 2.0.0 (id) Remote SQL Injection Vulnerability
- Ourspace 2.0.9 (uploadmedia.cgi) Remote File Upload Vulnerability
- Hexamail Server 3.0.0.001 (pop3) pre-auth Remote Overflow PoC
- Norman Virus Control nvcoaft51.sys ioctl BF672028 Exploit
- phpBB Links MOD 1.2.2 Remote SQL Injection Exploit
- Wireshark < 0.99.5 DNP3 Dissector Infinite Loop Exploit
- PPStream (PowerPlayer.dll 2.0.1.3829) Activex Remote Overflow Exploit
- CKGold Shopping Cart 2.0 (category.php) Blind SQL Injection Exploit
- Joomla! 1.5 Beta1/Beta2/RC1 Remote SQL Injection Exploit
- Yahoo! Messenger (YVerInfo.dll <= 2007.8.27.1) ActiveX BoF Exploit
- Weblogicnet (files_dir) Multiple Remote File Inclusion Vulnerabilities
- Yvora CMS 1.0 (error_view.php ID) Remote SQL Injection Vulnerability
- Virtual DJ 5.0 (m3u File) Local Buffer OverFlow Exploit
- OTSTurntables 1.00 (m3u File) Local Buffer Overflow Exploit
- eNetman v.20050830 (index.php page) Remote File Inclusion Vulnerability
- Telecom Italy Alice Messenger Remote registry key manipulation Exploit
- STPHPLibrary (STPHPLIB_DIR) Remote File Inclusion Vulnerability
- Apple Quicktime < 7.2 SMIL Remote Integer Overflow PoC
- CCProxy <= v6.2 Telnet Proxy Ping Overflow Exploit (meta)
- Microsoft Visual Basic 6.0 VBP_Open OLE Local CodeExec Exploit
- Web Oddity Web Server 0.09b Directory Transversal Exploit
- PHPOF <= 20040226 (DB_adodb.class.php) RFI Vulnerability
- AtomixMP3 2.3 (pls File) Local Buffer OverFlow Exploit
- AnyInventory <= 2.0 (environment.php) Remote File Inclusion Vuln
- GlobalLink 2.7.0.8 glItemCom.dll SetInfo() Heap Overflow Exploit
- Trend Micro ServerProtect eng50.dll Remote Stack Overflow Exploit
- phpMytourney (menu.php) Remote File Inclusion Vulnerability
- Microsoft Visual FoxPro 6.0 (FPOLE.OCX v. 6.0.8450.0) Remote PoC
- Webace-Linkscript 1.3 SE (start.php) Remote SQL Injection Vulnerability
- RW::Download 2.0.3 lite (index.php dlid) Remote SQL Injection Vuln
- GlobalLink 2.7.0.8 glitemflat.dll SetClientInfo() Heap Overflow Exploit
- EDraw Office Viewer Component 5.2 ActiveX Remote BoF PoC
- Online Fantasy Football League (OFFL) 0.2.6 RFI Vulnerabilities
- BaoFeng2 Mps.dll Activex Multiple Remote Buffer Overflow PoCs
- TLM CMS 3.2 Multiple Remote SQL Injection Vulnerabilities
- Focus/SIS <= 1.0/2.2 Remote File Inclusion Vulnerabilities
- fuzzylime cms <= 3.0 Local File Inclusion Vulnerability
- Microsoft SQL Server Distributed Management Objects (sqldmo.dll) BoF
- Sisfo Kampus 2006 (blanko.preview.php) Local File Disclosure Vuln
- Txx CMS 0.2 Multiple Remote File Inclusion Vulnerabilities
- phpress 0.2.0 (adisplay.php lang) Local File Inclusion Vulnerability
- Joomla Component Restaurante Remote File Upload Vulnerability
- WebED 0.8999a Multiple Remote File Inclusion Vulnerabilities
- AuraCMS 1.5rc Multiple Remote SQL Injection Vulnerabilities
- Sisfo Kampus 2006 (dwoprn.php f) Remote File Download Vulnerability
- phpRealty 0.02 (MGR) Multiple Remote File Inclusion Vulnerabilities
- Ultra Crypto Component (CryptoX.dll <= 2.0) SaveToFile() Inscure Method
- Ultra Crypto Component (CryptoX.dll <= 2.0) Remote BoF Exploit
- AuraCMS 2.1 Remote File Attachment / LFI Vulnerabilities
- Lighttpd <= 1.4.16 FastCGI Header Overflow Remote Exploit
- PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability
- Microsoft Visual Studio 6.0 (PDWizard.ocx) Remote Command Execution
- Microsoft Visual Studio 6.0 (VBTOVSI.DLL 1.0.0.0) File Overwrite Exploit
- NuclearBB Alpha 2 (root_path) Remote File Inclusion Vulnerability
- X-Cart <= ? Multiple Remote File Inclusion Vulnerabilities
- Wordpress Multiple Versions Pwnpress Exploitation Tookit (0.2pub)
- Microsoft SQL Server Distributed Management Objects BoF Exploit
- Apple Quicktime (Multiple Browsers) Command Execution PoC (0day)
- KwsPHP Module jeuxflash 1.0 (id) Remote SQL Injection Vulnerability
- Joomla Component joomlaradio v5 Remote File Inclusion Vulnerability
- JetCast Server 2.0.0.4308 Remote Denial of Service Exploit
- GForge < 4.6b2 (skill_delete) Remote SQL Injection Vulnerability
- Ajax File Browser 3b (settings.inc.php approot) RFI Vulnerability
- phpFFL 1.24 PHPFFL_FILE_ROOT Remote File Inclusion Vulnerabilities
- PHP Webquest <= 2.5 (id_actividad) Remote SQL Injection Exploit
- JBlog 1.0 (index.php id) Remote SQL Injection Exploit
- HP ActiveX (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow PoC
- Gelato (index.php post) Remote SQL Injection Exploit
- Chupix CMS 0.2.3 (download.php) Remote File Disclosure Vulnerability
- KwsPHP 1.0 (login.php) Remote SQL Injection Exploit
- KwsPHP 1.0 Member_Space Module SQL Injection Exploit
- KwsPHP 1.0 stats Module Remote SQL Injection Exploit
- Joomla Component Flash Fun! 1.0 Remote File Inclusion Vulnerability
- Joomla Component joom12Pic 1.0 Remote File Inclusion Vulnerability
- SimpCMS <= all (keyword) Remote SQL Injection Vulnerability
- Omnistar Article Manager Software (article.php) SQL Injection Exploit
- Shop-Script FREE <= 2.0 Remote Command Execution Exploit
- MW6 Technologies QRCode ActiveX 3.0 Remote File Overwrite Exploit
- phpsyncml <= 0.1.2 Remote File Include Vulnerabilities
- KwsPHP 1.0 sondages Module Remote SQL Injection Vulnerability
- modifyform (modifyform.html) Remote File Inclusion Vulnerability
- Apple Quicktime /w IE .qtl Version XAS Remote Exploit PoC
- phpBB Mod Ktauber.com StylesDemo Blind SQL Injection Exploit
- Airsensor M520 HTTPD Remote Preauth DoS / BOF PoC
- jetAudio 7.x ActiveX DownloadFromMusicStore() Code Execution Exploit
- Yahoo! Messenger 8.1.0.421 CYFT Object Arbitrary File Download
- Mercury/32 4.52 IMAPD SEARCH command Post-Auth Overflow Exploit
- Streamline PHP Media Server 1.0-beta4 RFI Vulnerability
- Microsoft Visual Basic Enterprise Edition 6.0 SP6 Code Execution Exploit
- Sun jre1.6.0_X isInstalled.dnsResolve Function Overflow PoC
- OneCMS 2.4 (userreviews.php abc) Remote SQL Injection Exploit
- phpBB Plus <= 1.53 (phpbb_root_path) Remote File Inclusion Vuln
- Flip <= 3.0 Remoe Admin Creation Exploit
- Flip <= 3.0 Remote Password Hash Disclosure Exploit
- Lighttpd <= 1.4.17 FastCGI Header Overflow Remote Exploit
- IPSwitch IMail Server 8.0x Remote Heap Overflow Exploit
- neuron news 1.0 (index.php q) Local File Inclusion Vulnerability
- Joomla Component com_slideshow Remote File Inclusion Vulnerability
- iziContents <= RC6 (RFI/LFI) Multiple Remote Vulnerabilities
- CMS Made Simple 1.2 Remote Code Execution Vulnerability
- Clansphere 2007.4 (cat_id) Remote SQL Injection Vulnerability
- Black Lily 2007 (products.php class) Remote SQL Injection Vulnerability
- EasyMail MessagePrinter Object (emprint.DLL 6.0.1.0) BOF Exploit
- Wordsmith 1.1b (config.inc.php _path) Remote File Inclusion Vuln
- PHP-Nuke addon Nuke Mobile Entartainment LFI Vulnerability
- helplink 0.1.0 (show.php file) Remote File Inclusion Vulnerability
- phpFullAnnu (PFA) 6.0 Remote SQL Injection Vulnerability
- Xitami Web Server 2.5 (If-Modified-Since) Remote BoF Exploit (0day)
- DFD Cart 1.1 Multiple Remote File Inclusion Vulnerabilities
- AskJeeves Toolbar 4.0.2.53 activex Remote Buffer Overflow Exploit
- EB Design Pty Ltd (EBCRYPT.DLL v.2.0) Multiple Remote Vulnerabilites
- sk.log <= 0.5.3 (skin_url) Remote File Inclusion Vulnerability
- Motorola Timbuktu Pro <= 8.6.5 File Deletion/Creation Exploit
- FrontAccounting 1.13 Remote File Inclusion Vulnerabilities
- Softbiz Classifieds PLUS (id) Remote SQL Injection Vulnerability
- Novus 1.0 (notas.asp nota_id) Remote SQL Injection Vulnerability
- ActiveKB Knowledgebase 2.? (catId) Remote SQL Injection Vulnerability
- Linux Kernel 2.4/2.6 x86-64 System Call Emulation Exploit
- lustig.cms BETA 2.5 (forum.php view) Remote File Inclusion Vulnerability
- Chupix CMS 0.2.3 (repertoire) Remote File Inclusion Vulnerability
- IntegraMOD Nederland 1.4.2 Remote File Inclusion Vulnerability
- PhFiTo 1.3.0 (SRC_PATH) Remote File Inclusion Vulnerability
- Public Media Manager <= 1.3 Remote File Inclusion Vulnerability
- Zomplog <= 3.8.1 upload_files.php Arbitrary File Upload Exploit
- MDPro 1.0.76 Remote SQL Injection Exploit
- Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit
- Mambo Component Mambads <= 1.5 Remote SQL Injection Vulnerability
- mxBB Module mx_glance 2.3.3 Remote File Include Vulnerability
- phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion Vuln
- actSite 1.56 (news.php) Local File Inclusion Vulnerability
- actSite 1.991 Beta (base.php) Remote File Inclusion Vulnerability
- EDraw Office Viewer Component 5.3 FtpDownloadFile() Remote BoF
- PHP-Fusion module Expanded Calendar 2.x SQL Injection Exploit
- Segue CMS <= 1.8.4 index.php Remote File Inclusion Vulnerability
- php wcms XT 0.0.7 Multiple Remote File Inclusion Vulnerabilities
- smbftpd 0.96 SMBDirList-function Remote Format String Exploit
- CyberLink PowerDVD CreateNewFile Arbitrary Remote Rewrite DoS
- MultiCart 1.0 Remote Blind SQL Injection Exploit
- Poppawid 2.7 (form) Remote File Inclusion Vulnerability
- Web Template Management System 1.3 Remote SQL Injection
- Ossigeno CMS <= 2.2a3 (footer.php) Remote File Inclusion Vulnerability
- FSFDT v3.000 d9 (HELP) Remote Buffer Overflow Exploit
- Trionic Cite CMS <= 1.2rev9 Remote File Inclusion Vulnerability
- Furkan Tastan Blog Remote SQL Injection Vulnerability
- Pegasus Imaging ThumbnailXpress 1.0 Remote Arbitrary File Deletion
- Pegasus Imaging ImagXpress 8.0 Remote Arbitrary File Overwrite
- Joomla panoramic component 1.0 Remote File Inclusion Vulnerability
- ELSE IF CMS 0.6 Multiple Remote Vulnerabilities / Exploit
- CMS Creamotion (securite.php) Remote File Inclusion Exploit
- Picturesolution <= v2.1 (config.php path) Remote File Inclusion Vuln
- SkaDate Online 5.0/6.0 Remote File Disclosure Vulnerability
- Verlihub Control Panel <= 1.7.x Local File Inclusion Vulnerability
- idmos-phoenix cms (aural.php) Remote File Inclusion Vulnerability
- Joomla Flash Image Gallery Component RFI Vulnerability
- Joomla Component wmtportfolio 1.0 Remote File Inclusion Vulnerability
- wzdftpd <= 0.8.0 (USER) Remote Denial of Service Exploit
- Joomla component MOSMediaLite451 Remote File Inclusion Vulnerability
- TorrentTrader Classic 1.07 Multiple Remote Vulnerabilities
- PHP Homepage M 1.0 galerie.php Remote SQL Injection Exploit
- xKiosk 3.0.1i (xkurl.php PEARPATH) Remote File Inclusion Vulnerability
- LiveAlbum 0.9.0 common.php Remote File Inclusion Vulnerability
- Softbiz Jobs & Recruitment Remote SQL Injection Vulnerability
- LightBlog 8.4.1.1 Remote Code Execution Exploit
- Microsoft Visual FoxPro 6.0 FPOLE.OCX Arbitrary Command Execution
- Joomla Component MP3 Allopass 1.0 Remote File Inclusion Vulnerability
- Joomla Component JContentSubscription 1.5.8 Multiple RFI Vulns
- TikiWiki 1.9.8 Remote PHP Injection Vulnerability
- Drupal <= 5.2 PHP Zend Hash Vulnerability Exploitation Vector
- cpDynaLinks 1.02 category.php Remote SQL Injection Exploit
- NuSEO PHP Enterprise 1.6 Remote File Inclusion Vulnerability
- Php-Stats 0.1.9.2 Multiple Vulnerabilities Exploit
- Eggdrop Server Module Message Handling Remote BoF Exploit
- Solaris 10 x86/sparc sysinfo Kernel Memory Disclosure Exploit
- Solaris fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc)
- PHP 5.2.4 ionCube extension safe_mode / disable_functions Bypass
- WebDesktop 0.1 Remote File Inclusion Vulnerabilities
- Pindorama 0.1 client.php Remote File Inclusion Vulnerability
- PicoFlat CMS <= 0.4.14 index.php Remote File Inclusion Vulnerability
- Joomla Flash uploader 2.5.1 Remote File Inclusion Vulnerabilities
- Apple iTouch/iPhone 1.1.1 tif File Remote Jailbreak Exploit
- KwsPHP 1.0 Newsletter Module Remote SQL Injection Exploit
- Joomla Component com_colorlab 1.0 Remote File Inclusion Vulnerability
- TikiWiki <= 1.9.8 tiki-graph_formula.php Command Execution Exploit
- PBEmail 7 ActiveX Edition Insecure Method Exploit
- Softbiz Recipes Portal Script Remote SQL Injection Vulnerability
- KwsPHP 1.0 mg2 Module Remote SQL Injection Vulnerability
- WWWISIS <= 7.1 (IsisScript) Local File Disclosure / XSS Vulnerabilities
- Apache Tomcat (webdav) Remote File Disclosure Exploit
- jetAudio 7.x (m3u File) Local SEH Overwrite Exploit
- eXtremail <= 2.1.1 memmove() Remote Denial of Service Exploit
- eXtremail <= 2.1.1 (LOGIN) Remote Stack Overflow Exploit
- eXtremail <= 2.1.1 PLAIN authentication Remote Stack Overflow Exploit
- eXtremail <= 2.1.1 Remote Heap Overflow PoC
- doop CMS <= 1.3.7 (page) Local File Inclusion Vulnerability
- Subversion 0.3.7/1.0.0 Remote Buffer Overflow Exploit
- Artmedic CMS <= 3.4 (index.php page) Local File Inclusion Vulnerability
- Okul Otomasyon Portal 2.0 Remote SQL Injection Vulnerability
- GCALDaemon <= 1.0-beta13 Remote Denial of Service Exploit
- Half-Life Server 3.1.1.0 Remote Buffer Overflow Exploit
- Boa 0.93.15 HTTP Basic Authentication Bypass Exploit
- PHPDJ 0.5 (djpage.php page) Remote File Inclusion Vulnerability
- LimeSurvey <= 1.52 (language.php) Remote File Inclusion Vulnerability
- awzMB <= 4.2 beta 1 Multiple Remote File Inclusion Vulnerabilities
- ZZ FlashChat <= (help.php) 3.1 Local File Inclusion Vulnerability
- Simple Machines Forum 1.1.3 Remote Blind SQL Injection Exploit
- Vanilla <= 1.1.3 Remote Blind SQL Injection Exploit
- PHP Project Management <= 0.8.10 Multiple RFI / LFI Vulnerabilities
- BBPortalS <= 2.0 Remote Blind SQL Injection Exploit
- PeopleAggregator <= 1.2pre6-release-53 Multiple RFI Vulnerabilities
- Apache Tomcat (webdav) Remote File Disclosure Exploit (ssl support)
- PHP 5.x COM functions safe_mode and disable_function bypass
- SocketMail 2.2.8 fnc-readmail3.php Remote File Inclusion Vulnerability
- TOWeLS 0.1 scripture.php Remote File Inclusion Vulnerability
- LiteSpeed Web Server <= 3.2.3 Remote Source Code Disclosure Vuln
- Simple PHP Blog (sphpblog) <= 0.5.1 Multiple Vulnerabilities
- InstaGuide Weather Script (index.php) Local File Inclusion Vulnerability
- Mozilla Firefox <= 2.0.0.7 Remote Denial of Service Exploit
- DNS Recursion bandwidth amplification Denial of Service PoC
- Flatnuke 3 Remote Command Execution / Privilege Escalation
- Flatnuke 3 Remote Cookie Manipoulation / Privilege Escalation
- PHP-Nuke Platinum 7.6.b.5 Remote File Inclusion Vulnerability
- Oracle 10g CTX_DOC.MARKUP SQL Injection Exploit
- PHP Image 1.2 Multiple Remote File Inclusion Vulnerabilities
- eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (meta)
- Jakarta Slide <= 2.1 RC1 Remote File Disclosure Exploit
- TikiWiki <= 1.9.8.1 Local File Inclusion Vulnerabilities
- CA BrightStor HSM <= r11.5 Remote Stack Based Overflow / DoS
- Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit
- Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit (2)
- Oracle 10g LT.FINDRICSET Local SQL Injection Exploit (IDS evasion)
- IBM Tivoli Storage Manager 5.3 Express CAD Service BoF Exploit
- IBM Lotus Domino 7.0.2FP1 IMAP4 Server LSUB Command Exploit
- GoSamba 1.0.1 (include_path) Multiple RFI Vulnerabilities
- JobSite Professional 2.0 file.php Remote SQL Injection Vulnerability
- CaupoShop Pro 2.x (action) Remote File Inclusion Vulnerability
- emagiC CMS.Net 4.0 (emc.asp) Remote SQL Injection Vulnerability
- GOM Player 2.1.6.3499 (GomWeb3.dll 1.0.0.12) Remote Overflow Exploit
- FireConfig 0.5 (dl.php file) Remote File Disclosure Vulnerability
- Sige 0.1 sige_init.php Remote File Inclusion Vulnerability
- teatro 1.6 (basePath) Remote File Include Vulnerability
- Sony CONNECT Player 4.x (m3u File) Local Stack Overflow Exploit
- Kodak Image Viewer TIF/TIFF Code Execution Exploit PoC (MS07-055)
- MySpace Resource Script (MSRS) 1.21 RFI Vulnerability
- ProfileCMS 1.0 Remote File Upload Vulnerability Shell Upload Exploit
- miniBB 2.1 (table) Remote SQL Injection Vulnerability
- phpFaber URLInn 2.0.5 (dir_ws) Remote File Inclusion Vulnerability
- PHP-AGTC membership system 1.1a Remote Add Admin Exploit
- ModuleBuilder V1.0 (file) Remote File Disclosure Vulnerability
- ISPworker 1.21 download.php Remote File Disclosure Vulnerability
- WordPress Plugin BackUpWordPress <= 0.4.2b RFI Vulnerability
- SonicWall SSL-VPN NeLaunchCtrl ActiveX Control Remote Exploit
- Synergiser <= 1.2 RC1 Local File Inclusion / Full Path Disclosure
- Scribe <= 0.2 Remote PHP Code Execution Vulnerability
- DM Guestbook <= 0.4.1 Multiple Local File Inclusion Vulnerabilities
- EDraw Flowchart ActiveX Control 2.0 Insecure Method Exploit
- Ax Developer CMS 0.1.1 (index.php module) Local File Inclusion Vuln
- Firefly Media Server <= 0.2.4 Remote Denial of Service Exploit
- Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit
- GuppY 4.6.3 (includes.inc selskin) Remote File Inclusion Vulnerability
- Quick and Dirty Blog 0.4 (categories.php) Local File Inclusion Vuln
- scWiki 1.0 Beta 2 (common.php pathdot) Remote File Inclusion Vuln
- Vortex Portal 1.0.42 Remote File Inclusion Vulnerabilities
- nuBoard 0.5 (index.php site) Remote File Inclusion Vulnerability
- syndeoCMS 2.5.01 (cmsdir) Remote File Inclusion Vulnerability
- JBC Explorer <= 7.20 RC 1 Remote Code Execution Exploit
- ASP Message Board 2.2.1c Remote SQL Injection Vulnerability
- Viewpoint Media Player for IE 3.2 Remote Stack Overflow PoC
- jPORTAL 2 mailer.php Remote SQL Injection Vulnerability
- IBM AIX <= 5.3.0 setlocale() Local Privilege Escalation Exploit
- Adobe Shockwave ShockwaveVersion() Stack Overflow PoC
- jPORTAL <= 2.3.1 articles.php Remote SQL Injection Vulnerability
- MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
- Microsoft Internet Explorer TIF/TIFF Code Execution (MS07-055)
- Softbiz Auctions Script product_desc.php Remote SQL Injection Vuln
- Softbiz Ad Management plus Script ver 1 Remote SQL Injection Vuln
- Softbiz Banner Exchange Network Script 1.0 SQL Injection Vulnerability
- Softbiz Link Directory Script Remote SQL Injection Vulnerability
- patBBcode 1.0 bbcodeSource.php Remote File Inclusion Vulnerability
- Myspace Clone Script Remote SQL Injection Vulnerability
- Toko Instan 7.6 Multiple Remote SQL Injection Vulnerabilities
- Apple Mac OS X 10.4.x Kernel i386_set_ldt() Integer Overflow PoC
- Microsoft Jet Engine MDB File Parsing Stack Overflow PoC
- Joomla Component Carousel Flash Image Gallery RFI Vulnerability
- ProfileCMS <= 1.0 (id) Remote SQL Injection Vulnerability
- Myspace Clone Script (index.php) Remote File Inclusion Vulnerability
- net-finity (links.php) Remote SQL Injection Vulnerability
- meBiblio 0.4.5 (index.php action) Remote File Inclusion Vulnerability
- phpBBViet <= 02.03.2007 (phpbb_root_path) Remote File Inclusion
- VigileCMS 1.4 Multiple Remote Vulnerabilities
- HotScripts Clone Script Remote SQL Injection Vulnerability
- IceBB 1.0-rc6 Remote Database Authentication Details Exploit
- Sciurus Hosting Panel Remote Code Injection Exploit
- Joomla Component JUser 1.0.14 Remote File Inclusion Vulnerability
- bcoos 1.0.10 (LFI / SQL Injection) Multiple Remote Vulnerabilities
- SkyPortal vRC6 Multiple Remote Vulnerabilities
- Ucms <= 1.8 Backdoor Remote Command Execution Exploit
- TalkBack 2.2.7 Multiple Remote File Inclusion Vulnerabilities
- alstrasoft E-Friends <= 4.98 (seid) Multiple SQL Injection Vulnerabilities
- DevMass Shopping Cart <= 1.0 Remote File Include Vulnerability
- VigileCMS <= 1.8 Stealth Remote Command Execution Exploit
- NetAuctionHelp 4.1 (nsearch) Remote SQL Injection Vulnerability
- Content Injector 1.52 (index.php cat) Remote SQL Injection Vulnerability
- PHPKIT 1.6.4pl1 article.php Remote SQL Injection Exploit
- KB-Bestellsystem (kb_whois.cgi) Command Execution Vulnerability
- Apple QuickTime 7.2/7.3 RTSP Response Remote SEH Overwrite PoC
- Irola My-Time 3.5 Remote SQL Injection Vulnerability
- Mp3 ToolBox 1.0 beta 5 (skin_file) Remote File Inclusion Vulnerability
- Apple QuickTime 7.2/7.3 RSTP Response Code Exec Exploit (Vista/XP)
- Amber Script 1.0 (show_content.php id) Local File Inclusion Vulnerability
- WorkingOnWeb 2.0.1400 events.php Remote SQL Injection Vulnerability
- PBLang <= 4.99.17.q Remote File Rewriting / Command Execution
- project alumni <= 1.0.9 Remote XSS / SQL Injection Vulnerability
- RunCMS <= 1.6 Local File Inclusion Vulnerability
- Apple QuickTime 7.2/7.3 RTSP Response Universal Exploit (IE7/FF/Opera)
- RunCMS <= 1.6 disclaimer.php Remote File Overwrite Exploit
- IAPR COMMENCE 1.3 Multiple Remote File Inclusion Vulnerability
- Softbiz Freelancers Script v.1 Remote SQL Injection Exploit
- DeluxeBB <= 1.09 Remote Admin Email Change Exploit
- Tilde CMS <= 4.x (aarstal) Remote SQL Injection Vulnerability
- BitDefender Online Scanner 8 ActiveX Heap Overflow Exploit
- Apple QuickTime 7.2/7.3 RSTP Response Universal Exploit (cool)
- Eurologon CMS Multiple Remote SQL Injection Vulnerabilities
- Eurologon CMS files.php Arbitrary File Download Vulnerability
- PHP-Nuke NSN Script Depository 1.0.0 Remote Source Disclosure Vuln
- wpQuiz 2.7 Multiple Remote SQL Injection Vulnerabilities
- project alumni 1.0.9 (index.php act) Local File Inclusion Vulnerability
- PHP-CON 1.3 (include.php) Remote File Inclusion Vulnerability
- EHCP <= 0.22.8 Multiple Remote File Inclusion Vulnerabilities
- Charrays CMS 0.9.3 Multiple Remote File Inclusion Vulnerabilities
- Apple QuickTime 7.2/7.3 RSTP Response Universal Exploit (win/osx)
- TuMusika Evolution 1.7R5 Remote File Disclosure Vulnerability
- NoAh <= 0.9 pre 1.2 (filepath) Remote File Disclosure Vulnerabilities
- Web-MeetMe 3.0.3 (play.php) Remote File Disclosure Vulnerability
- WebED 0.0.9 (index.php) Remote File Disclosure Vulnerability
- Seditio CMS <= 121 Remote SQL Injection Exploit
- KML share 1.1 (region.php layer) Remote File Disclosure Vulnerability
- LearnLoop 2.0beta7 (sFilePath) Remote File Disclosure Vulnerability
- FTP Admin 0.1.0 (LFI/XSS/AB) Multiple Remote Vulnerabilities
- Windows Media Player AIFF Divide By Zero Exception DoS PoC
- RealPlayer 11 Malformed AU File Denial of Service Exploit
- tellmatic 1.0.7 Multiple Remote File Inclusion Vulnerabilities
- Rayzz Script 2.0 Remote / Local File Inclusion Vulnerabilities
- phpBB Garage 1.2.0 Beta3 Remote SQL Injection Vulnerability
- Snitz Forums 2000 Active.asp Remote SQL Injection Vulnerability
- VLC 0.86 < 0.86d ActiveX Remote Bad Pointer Initialization PoC
- Apple Mac OS X xnu <= 1228.0 Local Kernel Denial of Service PoC
- Apple Mac OS X 10.5.0 (leopard) vpnd Remote Denial of Service PoC
- Mambo/Joomla Component rsgallery <= 2.0b5 (catid) SQL Injection Vuln
- Cisco Phone 7940 Remote Denial of Service Exploit
- SineCMS <= 2.3.4 Calendar Remote SQL Injection Vulnerability
- ezContents 1.4.5 (index.php link) Remote File Disclosure Vulnerability
- Wordpress Plugin PictPress <= 0.91 Remote File Disclosure Vulnerability
- SerWeb <= 2.0.0 dev1 2007-02-20 Multiple RFI / LFI Vulnerabilities
- MWOpen E-Commerce leggi_commenti.asp Remote SQL Injection
- Send ICMP Nasty Garbage (sing) Append File Logrotate Exploit
- Firefly Media Server (mt-daapd) 2.4.1 / SVN 1699 Multiple Vulnerabilities
- Simple HTTPD <= 1.38 Multiple Remote Vulnerabilities
- Media Player Classic 6.4.9 MP4 File Stack Overflow Exploit
- Windows Media Player 6.4 MP4 File Stack Overflow PoC
- Nullsoft Winamp 5.32 MP4 tags Stack Overflow Exploit
- PolDoc CMS 0.96 (download_file.php) File Disclosure Vulnerability
- Flat PHP Board <= 1.2 Multiple Vulnerabilities
- Content Injector 1.53 (index.php) Remote SQL Injection Vulnerability
- Ace Image Hosting Script (id) Remote SQL Injection Vulnerability
- DWdirectory <= 2.1 Remote SQL Injection Vulnerability
- SH-News 3.0 (comments.php id) Remote SQL Injection Vulnerability
- Lotfian.com DATABASE DRIVEN TRAVEL SITE SQL Injection Vuln
- Falt4 CMS RC4 10.9.2007 Multiple Remote Vulnerabilities
- Falcon CMS 1.4.3 (RFI/XSS) Multiple Remote Vulnerabilities
- BarracudaDrive <= 3.7.2 Multiple Remote Vulnerabilities
- MonAlbum 0.87 Upload Shell / Password Grabber Exploit
- BadBlue <= 2.72b Multiple Remote Vulnerabilities
- Online Media Technologies AVSMJPEGFILE.DLL 1.1 Remote BoF PoC
- Simple HTTPD <= 1.41 (/aux) Remote Denial of Service Exploit
- SquirrelMail G/PGP Plugin deletekey() Command Injection Exploit
- Mcms Easy Web Make (index.php template) Local File Inclusion Vuln
- HP Compaq Notebooks ActiveX Remote Code Execution Exploit
- Wordpress <= 2.3.1 Charset Remote SQL Injection Vulnerability
- ViArt CMS/Shop/HelpDesk 3.3.2 Remote File Inclusion Vulnerability
- Apple Mac OS X xnu <= 1228.0 Local kernel Denial of Service PoC
- HP OpenView Network Node Manager 07.50 CGI Remote BoF Exploit
- Fastpublish CMS 1.9999 config[fsBase] RFI Vulnerability
- CityWriter 0.9.7 head.php Remote File Inclusion Vulnerability
- CMS Galaxie Software (category_id) Remote SQL Injection Vulnerability
- MMS Gallery PHP 1.0 (id) Remote File Disclosure Vulnerability
- xml2owl 0.1.1 (filedownload.php) Remote File Disclosure Vulnerability
- Hosting Controller 6.1 Hot fix <= 3.3 Multiple Remote Vulnerabilities
- Adult Script <= 1.6 Unauthorized Administrative Access Exploit
- Samba 3.0.27a send_mailslot() Remote Buffer Overflow PoC
- 123tkShop 0.9.1 Remote Authentication Bypass Vulnerability
- Anon Proxy Server 0.1000 Remote Command Execution Vulnerability
- Oreon 1.4 / Centreon 1.4.1 Multiple RFI Vulnerabilties
- Form Tools 1.5.0b Multiple Remote File Inclusion Vulnerabilities
- PHP Real Estate (fullnews.php id) Remote SQL Injection Vulnerability
- GF-3XPLORER 2.4 (XSS/LFI/Etc.) Multiple Remote Vulnerabilities
- MOG-WebShop (index.php group) Remote SQL Injection Exploit
- FreeWebshop 2.2.1 Remote Blind SQL Injection Exploit
- MySpace Content Zone 3.x Remote File Upload Vulnerability
- WFTPD Explorer Pro 1.0 Remote Heap Overflow PoC
- FreeWebshop <= 2.2.7 (cookie) Admin Password Grabber Exploit
- rooter VDSL Device (Goahead WEBSERVER) Disclosure Vulnerability
- MS Windows Message Queuing Service RPC BOF Exploit (MS07-065)
- RavWare Software MAS Flic Control Remote Buffer Overflow Exploit
- RaidenHTTPD 2.0.19 (ulang) Remote Command Execution Exploit
- SurgeMail v.38k4 webmail Host header Denial of Service Exploit
- Rosoft Media Player <= 4.1.7 .M3U Stack Overflow Exploit
- phpMyRealty 1.0.x (search.php type) Remote SQL Injection Vulnerability
- jetAudio 7.0.5 COWON Media Center MP4 Stack Overflow Exploit
- iMesh <= 7.1.0.x (IMWeb.dll 7.0.0.x) Remote Heap Overflow Exploit
- Dokeos 1.8.4 Bypass Upload Shell From Your Profile Vulnerability
- 3proxy 0.5.3g logurl() Remote Buffer Overflow Exploit (win32) (pl)
- PhpMyDesktop|arcade 1.0 Final (phpdns_basedir) RFI Vulnerability
- Linux Kernel < 2.6.11.5 BLUETOOTH Stack Local Root Exploit
- HP Software Update client 3.0.8.4 Multiple Remote Vulnerabilities
- xeCMS 1.x (view.php list) Remote File Disclosure Vulnerability
- Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Exploit
- MS Windows 2000 AS SP4 Message Queue Exploit (MS07-065)
- Sendmail with clamav-milter < 0.91.2 Remote Root Exploit
- nicLOR CMS (sezione_news.php) Remote SQL Injection Vulnerability
- NmnNewsletter 1.0.7 (output) Remote File Inclusion Vulnerability
- Arcadem LE 2.04 (loadadminpage) Remote File Inclusion Vulnerability
- 1024 CMS 1.3.1 (LFI/SQL) Multiple Remote Vulnerabilities
- mBlog 1.2 (page) Remote File Disclosure Vulnerability
- Social Engine 2.0 Multiple Local File Inclusion Vulnerabilities
- Shadowed Portal <= 5.7d3 Remote Command Execution Exploit
- Shadowed Portal <= 5.7d3 (POST) Remote File Inclusion Vulnerability
- Wallpaper Site 1.0.09 (category.php) Remote SQL Injection Vulnerability
- Ip Reg 0.3 Multiple Remote SQL Injection Vulnerabilities
- zBlog 1.2 Remote SQL Injection Vulnerability
- OpenSSL < 0.9.7l / 0.9.8d SSLv2 Client Crash Exploit
- PHP ZLink 0.3 (go.php) Remote SQL Injection Exploit
- Adult Script <= 1.6.5 Multiple Remote SQL Injection Vulnerabilities
- MMSLamp (idpro) Remote SQL Injection Vulnerability
- WebSihirbazi 5.1.1 (pageid) Remote SQL Injection Vulnerability
- MeGaCheatZ 1.1 Multiple Remote SQL Injection Vulnerabilities
- CuteNews <= 1.4.5 Admin Password md5 Hash Fetching Exploit
- ThemeSiteScript 1.0 (index.php loadadminpage) RFI Vulnerability
- Jupiter 1.1.5ex Privileges Escalation Exploit
- Agares PhpAutoVideo 2.21 Remote/Local File Inclusion Vulnerabilities
- Joomla Component mosDirectory 2.3.2 Remote File Inclusion Vuln
- BadBlue 2.72 PassThru Remote Buffer Overflow Exploit
- TeamCalPro 3.1.000 Multiple Remote/Local File Inclusion Vulnerabilities
- AuraCMS 2.2 (admin_users.php) Remote Add Administrator Exploit
- RunCMS 1.6 Get Admin Cookie Remote Blind SQL Injection Exploit
- MailMachine Pro 2.2.4 Remote SQL Injection Vulnerability
- PMOS Help Desk <= 2.4 Remote Command Execution Exploit
- RunCMS 1.6 Multiple Remote Vulnerabilities
- eSyndiCat Link Exchange Script 2005-2006 SQL Injection Vulnerability
- RunCMS 1.6 Remote Blind SQL Injection Exploit (IDS evasion)
- Blakord Portal <= Beta 1.3.A (all modules) SQL Injection Vulnerability
- XZero Community Classifieds <= 4.95.11 LFI / SQL Injection
- XZero Community Classifieds <= 4.95.11 Remote File Inclusion Vuln
- PNphpBB2 <= 1.2i (printview.php phpEx) Local File Inclusion Vuln
- March Networks DVR 3204 Logfile Information Disclosure Exploit
- ZeusCMS <= 0.3 Remote Blind SQL Injection Exploit
- Joovili <= 3.0.6 (joovili.images.php) Remote File Disclosure Vulnerability
- xml2owl 0.1.1 showCode.php Remote Command Execution Vulnerability
- SkyFex Client 1.0 ActiveX Start() Method Remote Stack Overflow
- XCMS <= 1.82 Remote Local File Inclusion Vulnerability
- Hot or Not Clone by Jnshosts.com Database Backup Dump Vulnerability
- NoseRub <= 0.5.2 Login SQL Injection Vulnerability
- Persits Software XUpload Control AddFolder() Buffer Overflow Exploit
- jPORTAL 2.3.1 & UserPatch (forum.php) Remote Code Execution Exploit
- Mihalism Multi Forum Host <= 3.0.x Remote File Inclusion Vulnerability
- CCMS 3.1 Demo Remote SQL Injection Exploit
- CMS Made Simple <= 1.2.2 (TinyMCE module) SQL Injection Vuln
- Kontakt Formular 1.4 Remote File Inclusion Vulnerability
- Mihalism Multi Host 2.0.7 download.php Remote File Disclosure Vuln
- XCMS <= 1.83 Remote Command Execution Exploit
- Bitweaver R2 CMS Remote File Upload / Disclosure Vulnerabilities
- MatPo Bilder Galerie 1.1 Remote File Inclusion Vulnerability
- SanyBee Gallery 0.1.1 (p) Local File Inclusion Vulnerability
- w-Agora <= 4.2.1 (cat) Remote SQL Injection Vulnerability
- IBM Domino Web Access Upload Module inotes6.dll BoF Exploit
- Macrovision Installshield isusweb.dll SEH Overwrite Exploit
- IBM Domino Web Access Upload Module dwa7w.dll BoF Exploit
- IPTBB <= 0.5.4 (viewdir id) Remote Sql Injection Vulnerability
- MyPHP Forum <= 3.0 (Final) Multiple SQL Injection Vulnerabilities
- Zenphoto 1.1.3 (rss.php albumnr) Remote SQL Injection Exploit
- oneSCHOOL (all versions) admin/login.asp SQL Injection exploit
- Vantage Linguistics AnswerWorks 4 API ActiveX Control BoF Exploit
- WebPortal CMS <= 0.6.0 (index.php m) Remote SQL Injection Exploit
- Joomla Component PU Arcade <= 2.1.3 SQL Injection Vulnerability
- AGENCY4NET WEBFTP 1 download2.php File Disclosure Vulnerability
- DivX Player 6.6.0 ActiveX SetPassword() Denial of Service PoC
- ClipShare (uprofile.php UID) Remote SQL Injection Vulnerability
- MyPHP Forum <= 3.0 (Final) Remote SQL Injection Vulnerability
- Site@School <= 2.4.10 Remote Blind SQL Injection Exploit
- NetRisk <= 1.9.7 Remote/Local File Inclusion Vulnerability
- samPHPweb (db.php commonpath) Remote File Inclusion Vulnerability
- WebPortal CMS 0.6-beta Remote Password Change Exploit
- samPHPweb (songinfo.php) Remote SQL Injection Vulnerability
- ClipShare 2.6 Remote User Password Change Exploit
- SNETWORKS PHP CLASSIFIEDS 5.0 Remote File Inclusion Vulnerability
- CoolPlayer 2.17 .m3u Playlist Stack Overflow Exploit
- Tribisur <= 2.0 Remote SQL Injection Exploit
- Invision Power Board <= 2.1.7 ACTIVE XSS/SQL Injection Exploit
- NetRisk 1.9.7 (change_submit.php) Remote Password Change Exploit
- MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities
- Wordpress Plugin Wp-FileManager 1.2 Remote Upload Vulnerability
- RunCMS Newbb_plus <= 0.92 Client IP Remote SQL Injection Exploit
- Uebimiau Web-Mail 2.7.10/2.7.2 Remote File Disclosure Vulnerability
- XOOPS mod_gallery Zend_Hash_key + Extract RFI Vulnerability
- PortalApp 4.0 (SQL/XSS/Auth Bypasses) Multiple Remote Vulnerabilities
- LoudBlog <= 0.6.1 (parsedpage) Remote Code Execution Vulnerability
- Horde Web-Mail 3.x (go.php) Remote File Disclosure Vulnerability
- CuteNews 1.1.1 (html.php) Remote Code Execution Vulnerability
- NetRisk 1.9.7 (XSS/SQL) Multiple Remote Vulnerabilities
- DCP-Portal <= 6.11 Remote SQL Injection Exploit
- SineCMS <= 2.3.5 Local File Inclusion / RCE Vulnerabilities
- Shop-Script 2.0 index.php Remote File Disclosure Vulnerability
- Half-Life CSTRIKE Server 1.6 Denial of Service Exploit (no-steam)
- OneCMS 2.4 Remote SQL Injection / Upload Vulnerabilities
- FlexBB <= 0.6.3 Cookies Remote SQL Injection Exploit
- EkinBoard <= 1.1.0 Remote File Upload / Auth Bypass Vulnerabilities
- Eggblog <= 3.1.0 Cookies Remote SQL Injection Exploit
- TUTOS 1.3 (cmd.php) Remote Command Execution Vulnerability
- ClamAV 0.91.2 libclamav MEW PE Buffer Overflow Exploit
- SmallNuke 2.0.4 Pass Recovery Remote SQL Injection Exploit
- Zero CMS 1.0 Alpha Arbitrary File Upload / SQL Injection Vulnerabilities
- EvilBoard 0.1a (SQL/XSS) Multiple Remote Vulnerabilities
- Microsoft DirectX SAMI File Parsing Remote Stack Overflow Exploit
- PHP Webquest 2.6 (id_actividad) Remote SQL Injection Exploit
- Move Networks Quantum Streaming Player SEH Overwrite Exploit
- Gateway Weblaunch ActiveX Control Insecure Method Exploit
- osData <= 2.08 Modules Php121 Local File Inclusion Vulnerability
- UploadImage/UploadScript 1.0 Remote Change Admin Password Exploit
- PHP Webquest 2.6 Get Database Credentials Vulnerability
- Microsoft FoxServer (vfp6r.dll 6.0.8862.0) ActiveX Command Execution
- Microsoft Rich Textbox Control 6.0 (SP6) SaveFile() Insecure Method
- Tuned Studios Templates Local File Inclusion Vulnerability
- SAP MaxDB <= 7.6.03.07 pre-auth Remote Command Execution Exploit
- McAfee E-Business Server Remote pre-auth Code Execution / DoS PoC
- Docebo <= 3.5.0.3 (lib.regset.php) Command Execution Exploit
- DomPHP <= 0.81 Remote Add Administrator Exploit
- SunOS 5.10 Remote ICMP Kernel Crash Exploit
- MTCMS <= 2.0 Remote SQL Injection Vulnerabilities
- DomPHP 0.81 (index.php page) Remote File Inclusion Vulnerability
- Evilsentinel <= 1.0.9 (multiple vulnerabilities) Disable Exploit
- Quicktime Player <= 7.3.1.70 (rtsp) Buffer Overflow Vulnerability
- iGaming CMS <= 1.3.1/1.5 Remote SQL Injection Exploit
- DigitalHive <= 2.0 RC2 (user_id) Remote SQL Injection Exploit
- DomPHP 0.81 (index.php cat) Remote SQL Injection Vulnerability
- vcart 3.3.2 Multiple Remote File Inclusion Vulnerabilities
- AJchat 0.10 unset() bug Remote SQL Injection Vulnerability
- Docebo <= 3.5.0.3 (lib.regset.php/non-blind) SQL Injection Exploit
- Microsoft Visual InterDev 6.0 (SP6) .sln File Local Buffer Overflow Exploit
- Linux Kernel <=2.6.21.1 IPv6 Jumbo Bug Remote DoS Exploit
- StreamAudio ChainCast ProxyManager ccpm_0237.dll BoF Exploit
- ImageAlbum 2.0.0b2 (id) Remote SQL Injection Vulnerability
- 0DayDB 2.3 (delete id) Remote Admin Bypass Exploit
- photokron <= 1.7 (update script) Remote Database Disclosure Exploit
- Agares PhpAutoVideo 2.21 (articlecat) SQL Injection Vulnerability
- TaskFreak! <= 0.6.1 Remote SQL Injection Vulnerability
- ASP Photo Gallery 1.0 Multiple SQL Injection Vulnerabilities
- TutorialCMS 1.02 (userName) Remote SQL Injection Vulnerability
- minimal Gallery 0.8 Remote File Disclosure Vulnerability
- NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) BoF Exploit
- Binn SBuilder (nid) Remote Blind SQL Injection Vulnerability
- Agares PhpAutoVideo 2.21 (articlecat) Remote SQL Injection Exploit
- Quicktime Player 7.3.1.70 rtsp Remote Buffer Overflow Exploit PoC
- X7 Chat <= 2.0.5 (day) Remote SQL Injection Exploit
- Xforum 1.4 (topic) Remote SQL Injection Exploit
- Macrovision FlexNet DownloadManager Insecure Methods Exploit
- RichStrong CMS (showproduct.asp cat) Remote SQL Injection Exploit
- Cisco VPN Client IPSec Driver Local kernel system pool Corruption PoC
- LulieBlog 1.0.1 (delete id) Remote Admin Bypass Vulnerability
- Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit
- FaScript FaMp3 v1 (show.php) Remote SQL Injection Vulnerability
- FaScript FaName v1 (page.php) Remote SQL Injection Vulnerability
- FaScript FaPersian Petition (show.php) SQL Injection Vulnerability
- FaScript FaPersianHack v1 (show.php) SQL Injection Vulnerability
- RTS Sentry Digital Surveillance (CamPanel.dll 2.1.0.2) BOF Exploit
- Blogcms 4.2.1b (SQL/XSS) Multiple Remote Vulnerabilities
- Aria 0.99-6 (effect.php page) Local File Inclusion Vulnerability
- MailBee WebMail Pro 4.1 (ASP.NET) Remote File Disclosure Vulnerability
- ALITALK 1.9.1.1 Multiple Remote Vulnerabilities
- MiniWeb 0.8.19 Multiple Remote Vulnerabilities
- PixelPost 1.7 Remote Blind SQL Injection Exploit
- PHP-RESIDENCE 0.7.2 (Search) Remote SQL Injection Vulnerability
- Gradman <= 0.1.3 (agregar_info.php) Local File Inclusion Exploit
- MyBulletinBoard (MyBB) <= 1.2.10 Remote Code Execution Exploit
- MyBulletinBoard (MyBB) <= 1.2.10 Multiple Remote Vulnerabilities
- PHPEcho CMS 2.0 (id) Remote SQL Injection Vulnerability
- Mini File Host 1.2 (upload.php language) LFI Vulnerability
- Crystal Reports XI Release 2 (Enterprise Tree Control) ActiveX BOF/DoS
- Digital Data Communications (RtspVaPgCtrl) Remote BOF Exploit
- AuraCMS 1.62 (stat.php) Remote Code Execution Exploit
- MS Windows Message Queuing Service RPC BOF Exploit (dnsname)
- OpenBSD 4.2 rtlabel_id2name() Local Null Pointer Dereference DoS
- Gradman <= 0.1.3 (info.php tabla) Local File Inclusion Vulnerability
- Small Axe 0.3.1 (linkbar.php cfile) Remote File Inclusion Vulnerability
- MS Visual Basic Enterprise Ed. 6 SP6 .dsr File Handling BOF Exploit
- Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability
- Mini File Host 1.2.1 (upload.php language) Local File Inclusion Exploit
- Belkin Wireless G Plus MIMO Router F5D9230-4 Auth Bypass Vulnerability
- TikiWiki < 1.9.9 tiki-listmovies.php Directory Traversal Vulnerability
- Frimousse 0.0.2 explorerdir.php Local Directory Traversal Vulnerability
- 360 Web Manager 3.0 (IDFM) SQL Injection Vulnerability
- Bloofox 0.3 (SQL/FD) Multiple Remote Vulnerabilities
- Toshiba Surveillance (MeIpCamX.DLL 1.0.0.4) Remote BOF Exploit
- Axigen <= 5.0.2 AXIMilter Remote Format String Exploit
- Windows RSH daemon <= 1.8 Remote Buffer Overflow Exploit
- Citadel SMTP <= 7.10 Remote Overflow Exploit
- Coppermine Photo Gallery 1.4.10 Remote SQL Injection Exploit
- Mooseguy Blog System 1.0 (blog.php month) SQL Injection Vulnerability
- boastMachine <= 3.1 (mail.php id) SQL Injection Vulnerability
- OZJournals 2.1.1 (id) File Disclosure Vulnerability
- IDM-OS 1.0 (download.php fileName) File Disclosure Vulnerability
- Lama Software (14.12.2007) Multiple Remote File Inclusion Vulnerabilities
- AlstraSoft Forum Pay Per Post Exchange 2.0 SQL Injection Vulnerability
- MoinMoin 1.5.x MOIND_ID cookie Bug Remote Exploit
- aflog 1.01 comments.php XSS / SQL Injection Vulnerability
- HP Virtual Rooms WebHPVCInstall Control Buffer Overflow Exploit
- Easysitenetwork Recipe (categoryid) Remote SQL Injection Vulnerability
- Coppermine Photo Gallery <= 1.4.14 Remote SQL Injection Exploit
- SetCMS 3.6.5 (setcms.org) Remote Command Execution Exploit
- YaBB SE <= 1.5.5 Remote Command Execution Exploit
- PHP-Nuke < 8.0 (sid) Remote SQL Injection Exploit
- PHP-Nuke <= 8.0 Final (sid) Remote SQL Injection Exploit
- Invision Gallery <= 2.0.7 Remote SQL Injection Exploit
- Lycos FileUploader Control ActiveX Remote Buffer Overflow Exploit
- Foojan WMS 1.0 (index.php story) Remote SQL Injection Vulnerability
- LulieBlog 1.02 (voircom.php id) Remote SQL Injection Vulnerability
- Web Wiz Forums <= 9.07 (sub) Remote Directory Traversal Vulnerability
- Web Wiz Rich Text Editor 4.0 Multiple Remote Vulnerabilities
- Web Wiz NewsPad 1.02 (sub) Remote Directory Traversal Vulnerability
- Siteman 1.1.9 (cat) Remote File Disclosure Vulnerability
- Comodo AntiVirus 2.0 ExecuteStr() Remote Command Execution Exploit
- SLAED CMS 2.5 Lite (newlang) Local File Inclusion Vulnerability
- Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability
- Aconon Mail 2004 Remote Directory Traversal Vulnerability
- Apple iPhone 1.1.2 Remote Denial of Service Exploit
- Move Networks Upgrade Manager Control Buffer Overflow Exploit
- Seagull 0.6.3 (optimizer.php files) Remote File Disclosure Vulnerability
- ImageShack Toolbar 4.5.7 FileUploader Class InsecureMethod PoC
- Gateway WebLaunch ActiveX Remote Buffer Overflow Exploit
- Tiger PHP News System 1.0b build 39 Remote SQL Injection Vulnerability
- flinx <= 1.3 (category.php id) Remote SQL Injection Vulnerability
- Sejoong Namo ActiveSquare 6 NamoInstaller.dll install Method Exploit
- Persits XUpload 3.0 AddFile() Remote Buffer Overflow Exploit
- CandyPress eCommerce suite 4.1.1.26 Multiple Remote Vulnerabilities
- Simple Forum 3.2 (FD/XSS) Multiple Remote Vulnerabilities
- phpIP 4.3.2 Numerous Remote SQL Injection Vulnerabilities
- Bubbling Library 1.32 Multiple Local File Inclusion Vulnerabilities
- Wordpress Plugin WP-Cal 0.3 editevent.php SQL Injection Vulnerability
- Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability
- Oracle 10g R1 pitrig_drop PLSQL Injection (get users hash)
- Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash)
- Oracle 10g R1 xdb.xdb_pitrig_pkg PLSQL Injection (change sys password)
- Oracle 10g R1 xdb.xdb_pitrig_pkg Buffer Overflow Exploit (PoC)
- IrfanView 4.10 .FPX File Memory Corruption Exploit
- MailBee Objects 5.5 (MailBee.dll) Remote Insecure Method Exploit
- phpMyClub 0.0.1 (page_courante) Local File Inclusion Vulnerability
- bubbling library 1.32 dispatcher.php Remote File Disclosure Vulnerabilities
- Bigware Shop 2.0 pollid Remote SQL Injection Vulnerability
- Smart Publisher 1.0.1 (disp.php) Remote Code Execution Vulnerability
- Safenet IPSecDrv.sys <= 10.4.0.12 Local kernel ring0 SYSTEM Exploit
- Chilkat Mail ActiveX 7.8 (ChilkatCert.dll) Insecure Method Exploit
- phpCMS 1.2.2 (parser.php file) Remote File Disclosure Vulnerability
- Mambo Component Newsletter (listid) Remote SQL Injection Vulnerability
- Mambo Component Fq (listid) Remote SQL Injection Vulnerability
- Mambo Component MaMML (listid) Remote SQL Injection Vulnerability
- Mambo Component Glossary 2.0 (catid) SQL Injection Vulnerability
- Mambo Component musepoes (aid) Remote SQL Injection Vulnerability
- Connectix Boards <= 0.8.2 template_path Remote File Inclusion Exploit
- Wordpress Plugin Adserve 0.2 adclick.php SQL Injection Exploit
- Mambo Component Recipes 1.00 (id) Remote SQL Injection Vulnerability
- Mambo Component jokes 1.0 (cat) SQL Injection Vulnerability
- Mambo Component EstateAgent 0.1 Remote SQL Injection Vulnerability
- Wordpress Plugin WassUp 1.4.3 (spy.php to_date) SQL Injection Exploit
- ibProArcade <= 3.3.0 Remote SQL Injection Exploit
- Coppermine Photo Gallery 1.4.14 Remote Command Execution Exploit
- Joomla Component ChronoForms 2.3.5 RFI Vulnerabilities
- PHP Links <= 1.3 (vote.php id) Remote SQL Injection Vulnerability
- PHP Links <= 1.3 smarty.php Remote File Inclusion Vulnerability
- MySpace Uploader (MySpaceUploader.ocx 1.0.0.4) BOF Exploit
- Mindmeld 1.2.0.10 Multiple Remote File Inclusion Vulnerabilities
- sflog! 0.96 Remote File Disclosure Vulnerabilities
- Chilkat FTP ActiveX 2.0 (ChilkatCert.dll) Insecure Method Exploit
- Mambo Component AkoGallery 2.5b SQL Injection Vulnerability
- Mambo Component Catalogshop 1.0b1 SQL Injection Vulnerability
- Mambo Component Restaurant 1.0 Remote SQL Injection Vulnerability
- Total Video Player 1.03 M3U File Local Buffer Overflow Exploit
- LightBlog 9.5 cp_upload_image.php Remote File Upload Vulnerability
- Joomla Component NeoReferences 1.3.1 (catid) SQL Injection Vuln
- Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities
- Titan FTP Server 6.03 (USER/PASS) Remote Heap Overflow PoC
- The Everything Development System <= Pre-1.0 SQL Injection Vuln
- Wordpress Plugin Wordspew Remote SQL Injection Vulnerability
- BookmarkX script 2007 (topicid) Remote SQL Injection Vulnerability
- phpShop <= 0.8.1 Remote SQL injection / Filter Bypass Vulnerabilities
- BlogPHP v.2 (id) XSS / Remote SQL Injection Exploit
- Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BOF PoC Exploit
- IpSwitch WS_FTP Server with SSH 6.1.0.0 Remote Buffer Overflow PoC
- Sejoong Namo ActiveSquare 6 NamoInstaller.dll ActiveX BoF Exploit
- Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BOF Exploit
- Joomla Component mosDirectory 2.3.2 (catid) SQL Injection Vulnerability
- Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BOF Exploit (2)
- FaceBook PhotoUploader (ImageUploader4.ocx 4.5.57.0) BOF Exploit
- A-Blog V.2 (id) XSS / Remote SQL Injection Exploit
- Yahoo! Music Jukebox 2.2 AddButton() ActiveX Remote BOF Exploit (3)
- Yahoo! JukeBox MediaGrid ActiveX mediagrid.dll AddBitmap() BOF Exploit
- Wordpress Plugin st_newsletter Remote SQL Injection Vulnerability
- MicroTik RouterOS <= 3.2 SNMPd snmp-set Denial of Service Exploit
- Joomla Component Marketplace 1.1.1 SQL Injection Vulnerability
- ITechBids 5.0 (bidhistory.php item_id) Remote SQL Injection Vulnerability
- XOOPS 2.0.18 Local File Inclusion / URL Redirecting Vulnerabilities
- Mambo Component Awesom <= 0.3.2 (listid) SQL Injection Vulnerability
- Mambo Component Shambo2 (Itemid) Remote SQL Injection Vulnerability
- VHD Web Pack 2.0 (index.php page) Local File Inclusion Vulnerability
- All Club CMS <= 0.0.1f index.php Local File Inclusion Vulnerability
- RMSOFT Gallery System 2.0 (images.php id) SQL Injection Vulnerability
- NERO Media Player <= 1.4.0.35b M3U File Buffer Overflow PoC
- All Club CMS <= 0.0.2 index.php Remote SQL Injection Vulnerability
- Photokorn Gallery 1.543 (pic) SQL Injection Vulnerability
- Wordpress MU < 1.3.2 active_plugins option Code Execution Exploit
- dBpowerAMP Audio Player Release 2 M3U File Buffer Overflow PoC
- OpenSiteAdmin <= 0.9.1.1 Multiple File Inclusion Vulnerabilities
- dBpowerAMP Audio Player Release 2 M3U File Buffer Overflow Exploit
- MyBulletinBoard (MyBB) <= 1.2.11 private.php SQL Injection Exploit
- Astanda Directory Project 1.2 (link_id) SQL Injection Vulnerability
- Joomla Component Ynews 1.0.0 (id) Remote SQL Injection Vulnerability
- Mambo Component com_downloads Remote SQL Injection Vulnerability
- Mihalism Multi Host Download (Username) Blind SQL Injection Exploit
- osCommerce Addon Customer Testimonials 3.1 SQL Injection Vulnerability
- Mambo Component Sermon 0.2 (gid) SQL Injection Vulnerability
- Total Video Player 1.20 M3U File Local Stack Buffer Overflow Exploit
- Backup Exec System Recovery Manager <= 7.0.1 File Upload Exploit
- SapLPD 6.28 Remote Buffer Overflow Exploit (win32)
- Joomla Component com_doc Remote SQL Injection Vulnerability
- Joomla Component com_noticias 1.0 SQL Injection Vulnerability
- PowerNews (Newsscript) 2.5.6 Local File Inclusion Vulnerabilities
- Joomla Component NeoGallery 1.1 SQL Injection Vulnerability
- Mambo Component com_gallery Remote SQL Injection Vulnerability
- jetAudio <= 7.0.5 (.ASX) Remote Stack Overflow Exploit PoC
- ImageStation (SonyISUpload.cab 1.0.0.38) ActiveX Buffer Overflow PoC
- Microsoft DirectSpeechSynthesis Module Remote Buffer Overflow Exploit
- Limbo CMS <= 1.0.4.2 Cuid cookie Blind SQL Injection Exploit
- DomPHP 0.82 (index.php page) Local File Inclusion Vulnerability
- Open-Realty <= 2.4.3 (last_module) Remote Code Execution Exploit
- Journalness <= 4.1 (last_module) Remote Code Execution exploit
- Linux Kernel 2.6.17 - 2.6.24.1 vmsplice Local Root Exploit
- Linux Kernel 2.6.23 - 2.6.24 vmsplice Local Root Exploit
- Mambo Component Comments <= 0.5.8.5g SQL Injection Vulnerability
- PKs Movie Database 3.0.3 XSS / SQL Injection Vulnerabilities
- ITechBids 6.0 (detail.php item_id) SQL Injection Vulnerability
- SAPID CMF Build 87 (last_module) Remote Code Execution Vulnerability
- PacerCMS 0.6 (last_module) Remote Code Execution Vulnerability
- Mix Systems CMS (parent/id) Remote SQL Injection Exploit
- ImageStation (SonyISUpload.cab 1.0.0.38) ActiveX BOF Exploit
- vKios <= 2.0.0 (products.php cat) Remote SQL Injection Exploit
- FaceBook PhotoUploader <= 5.0.14.0 Remote Buffer Overflow Exploit
- Joomla Component rapidrecipe <= 1.6.5 SQL Injection Vulnerability
- Joomla Component pcchess <= 0.8 Remote SQL Injection Vulnerability
- AuraCMS 2.2 (gallery_data.php) Remote SQL Injection Exploit
- Citrix Presentation Server Client WFICA.OCX ActiveX Heap BOF Exploit
- Microsoft Office .WPS File Stack Overflow Exploit (MS08-011)
- Affiliate Market Ver.0.1 BETA (language) Local File Inclusion Vulnerability
- Joomla Component xfaq 1.2 (aid) Remote SQL Injection Vulnerability
- QuickTime 7.4.1 QTPlugin.ocx Multiple Stack Overflow Vulnerabilities
- IBM Domino Web Access Upload Module SEH Overwrite Exploit
- JSPWiki 2.4.104 / 2.5.139 Multiple Remote Vulnerabilities
- Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities
- Affiliate Market Ver.0.1 BETA XSS / SQL Injection Exploit
- nuBoard 0.5 (threads.php ssid) SQL Injection Vulnerability
- artmedic weblog 1.0 Multiple Local File Inclusion Vulnerabilities
- Joomla Component paxxgallery 0.2 (iid) SQL Injection Vulnerability
- Joomla Component MCQuiz 0.9 Final (tid) SQL Injection Vulnerability
- Joomla Component Quiz <= 0.81 (tid) SQL Injection Vulnerability
- Joomla Component mediaslide (albumnum) Blind SQL Injection Exploit
- LookStrike Lan Manager 0.9 Remote / Local File Inclusion Vulnerabilities
- Rosoft Media Player 4.1.8 M3U File Remote Buffer Overflow PoC
- Scribe <= 0.2 (index.php page) Local File Inclusion Vulnerability
- freePHPgallery 0.6 Cookie Local File Inclusion Vulnerability
- PHP Live! <= 3.2.2 (questid) Remote SQL Injection Vulnerability
- Wordpress Plugin Simple Forum 2.0-2.1 SQL Injection Vulnerability
- Wordpress Plugin Simple Forum 1.10-1.11 SQL Injection Vulnerability
- Mambo Component Quran <= 1.1 (surano) SQL Injection Vulnerability
- TRUC 0.11.0 (download.php) Remote File Disclosure Vulnerability
- AuraCMS 1.62 Multiple Remote SQL Injection Exploit
- Simple CMS <= 1.0.3 (indexen.php area) Remote SQL Injection Exploit
- Joomla Component jooget <= 2.6.8 Remote SQL Injection Vulnerability
- Mambo Component Ricette 1.0 Remote SQL Injection Vulnerability
- Joomla Component com_galeria Remote SQL Injection Vulnerability
- Wordpress Photo album Remote SQL Injection Vulnerability
- PHPizabi 0.848b C1 HFP1 Remote File Upload Vulnerability
- XPWeb 3.3.2 (Download.php url) Remote File Disclosure Vulnerability
- Joomla Component astatsPRO 1.0 refer.php SQL Injection Vulnerability
- Mambo Component Portfolio 1.0 (categoryId) SQL Injection Vulnerability
- LightBlog 9.6 (username) Local File Inclusion Vulnerability
- DESlock+ <= 3.2.6 (list) Local Kernel Memory Leak PoC
- DESlock+ <= 3.2.6 DLMFENC.sys Local Kernel ring0 link list zero PoC
- DESlock+ <= 3.2.6 local kernel ring0 link list zero SYSTEM Exploit
- DESlock+ <= 3.2.6 DLMFDISK.sys local kernel ring0 SYSTEM Exploit
- Joomla Component com_pccookbook (user_id) SQL Injection Vulnerability
- Joomla Component com_clasifier (cat_id) SQL Injection Vulnerability
- PHP-Nuke Module books SQL (cid) Remote SQL Injection Vulnerability
- XOOPS Module myTopics (articleid) Remote SQL Injection Vulnerability
- sCssBoard (pwnpack) Multiple Versions Remote Exploit
- Thecus N5200Pro NAS Server Control Panel RFI Vulnerability
- Apple iPhoto 4.0.3 DPAP Server Denial of Service Exploit
- X.Org xorg-server <= 1.1.1-48.13 Probe for Files Exploit PoC
- Ourgame GLWorld 2.x hgs_startNotify() ActiveX Buffer Overflow Exploit
- PHP-Nuke Module Sections (artid) Remote SQL Injection Vulnerability
- PHP-Nuke Module EasyContent (page_id) SQL Injection Vulnerability
- RunCMS Module MyAnnonces (cid) SQL Injection Vulnerability
- XOOPS Module eEmpregos (cid) Remote SQL Injection Vulnerability
- XOOPS Module classifieds (cid) Remote SQL Injection Vulnerability
- PHP-Nuke Modules Okul 1.0 (okulid) Remote SQL Injection Vulnerability
- Joomla Component com_hwdvideoshare SQL Injection Vulnerability
- PHP-Nuke Module Docum (artid) SQL Injection Vulnerability
- Globsy 1.0 (file) Remote File Disclosure Vulnerability
- PHP-Nuke Module Inhalt (cid) SQL Injection Vulnerability
- Woltlab Burning Board 3.0.x Remote Blind SQL Injection Exploit
- PunBB <= 1.2.16 Blind Password Recovery Exploit
- MultiCart 2.0 (productdetails.php) Remote SQL Injection Exploit
- X.Org xorg-x11-xfs <= 1.0.2-3.1 Local Race Condition Exploit
- PHP-Nuke Modules Manuales 0.1 (cid) SQL Injection Vulnerability
- PHP-Nuke Module Siir (id) Remote SQL Injection Vulnerability
- BeContent v.031 (id) Remote SQL Injection Vulnerability
- OSSIM 0.9.9rc5 (XSS/SQL Injection) Multiple Remote Vulnerabilities
- PHP-Nuke Module NukeC 2.1 (id_catg) SQL Injection Vulnerability
- phpQLAdmin 2.2.7 Multiple Remote File Inclusion Vulnerabilities
- Quantum Game Library 0.7.2c Remote File Inclusion Vulnerabilities
- phpProfiles 4.5.2 BETA (body_comm.inc.php) RFI Vulnerability
- Quinsonnas Mail Checker 1.55 (footer.php) RFI Vulnerability
- Joomla Component simple shop 2.0 SQL Injection Vulnerability
- Mambo Component garyscookbook <= 1.1.1 SQL Injection Vulnerability
- phpUserBase 1.3b (unverified.inc.php) Local File Inclusion Vulnerability
- phpUserBase 1.3b (unverified.inc.php) Remote File Inclusion Vulnerability
- Pigyard Art Gallery Multiple Remote Vulnerabilities
- Portail Web Php <= 2.5.1.1 Multiple Inclusion Vulnerabilities
- php Download Manager <= 1.1 Local File Inclusion Vulnerability
- MyServer 0.8.11 (204 No Content) error Remote Denial of Service Exploit
- PORAR WEBBOARD (question.asp) Remote SQL Injection Vulnerability
- PHP-Nuke Module Kose_Yazilari (artid) SQL Injection Vulnerability
- MiniNuke 2.1 (members.asp uid) Remote SQL Injection Vulnerability
- Rising Antivirus Online Scanner Insecure Method Flaw Exploit
- DBHcms <= 1.1.4 Remote File Inclusion exploit
- Move Networks Quantum Streaming Player Control BOF Exploit
- Apple Mac OS X xnu <= 1228.3.13 ipv6-ipcomp Remote kernel DoS PoC
- Nukedit 4.9.x Remote Create Admin Exploit
- D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5) BOF Exploit
- Wordpress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple Vulnerabilities
- Mambo Component Simpleboard 1.0.3 (catid) SQL Injection Vulnerability
- EazyPortal <= 1.0 (COOKIE) Remote SQL Injection Exploit
- GROUP-E 1.6.41 (head_auth.php) Remote File Inclusion Vulnerability
- Koobi Pro 5.7 (categ) Remote SQL Injection Vulnerability
- SiteBuilderElite 1.2 Multiple Remote File Inclusion Vulnerabilities
- Podcast Generator <= 1.0 BETA 2 RFI / File Disclosure Vulnerabilities
- Crysis <= 1.1.1.5879 Remote Format String Denial of Service PoC
- Barryvan Compo Manager 0.5pre-1 Remote File Inclusion Vulnerability
- PHP-Nuke My_eGallery <= 2.7.9 Remote SQL Injection Vulnerability
- Centreon <= 1.4.2.3 (get_image.php) Remote File Disclosure Exploit
- Symantec BackupExec Calendar Control (PVCalendar.ocx) BoF Exploit
- Koobi CMS 4.3.0 - 4.2.3 (categ) Remote SQL Injection Vulnerability
- Mambo Component com_Musica (id) Remote SQL Injection Vulnerability
- phpArcadeScript <= 3.0RC2 (userid) SQL Injection Vulnerability
- phpComasy 0.8 (mod_project_id) Remote SQL Injection Vulnerability
- Galaxy FTP Server 1.0 (Neostrada Livebox DSL Router) DoS Exploit
- Dynamic photo gallery 1.02 (albumID) Remote SQL Injection Vulnerability
- MiniWebSvr 0.0.9a Remote Directory Transversal Vulnerability
- Versant Object Database <= 7.0.1.3 Commands Execution Exploit
- Mitra Informatika Solusindo cart Remote SQL Injection Vulnerability
- Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory Traversal Vulnerability
- XOOPS Module Glossario 2.2 (sid) Remote SQL Injection Vulnerability
- ICQ Toolbar 2.3 ActiveX Remote Denial of Service Exploit
- XOOPS Module wfdownloads (cid) Remote SQL Injection Vulnerability
- zKup CMS 2.0 <= 2.3 Remote Add Admin Exploit
- zKup CMS 2.0 <= 2.3 Remote Upload Exploit
- Joomla Component Candle 1.0 (cID) SQL Injection Vulnerability
- QuickTicket <= 1.5 (qti_usr.php id) SQL Injection Vulnerability
- BM Classifieds <= 20080409 Multiple SQL Injection Vulnerabilities
- VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit
- KingSoft UpdateOcx2.dll SetUninstallName() Heap Overflow PoC
- Mambo Component eWriting 1.2.1 (cat) SQL Injection Vulnerability
- Solaris 8/9/10 fifofs I_PEEK Local Kernel memory Leak Exploit
- Acronis PXE Server 2.0.0.1076 Directory Traversal / NULL Pointer Vulns
- ASG-Sentry <= 7.0.0 Multiple Remote Vulnerabilities
- Argon Client Management Services <= 1.31 Directory Traversal Vuln
- phpMyNewsletter <= 0.8b5 (archives.php msg_id) SQL Injection Exploit
- Mapbender <= 2.4.4 (mapFiler.php) Remote Code Execution Vulnerability
- Mapbender 2.4.4 (gaz) Remote SQL Injection Vulnerability
- Bloo <= 1.00 Multiple Remote SQL Injection Vulnerabilities
- MailEnable SMTP Service VRFY/EXPN Command Buffer Overflow DoS
- phpBB Mod FileBase (id) Remote SQL Injection Vulnerability
- Joomla Component ProductShowcase <= 1.5 SQL Injection Vulnerability
- Motorola Timbuktu Pro 8.6.5/8.7 Path Traversal / Log Injection Exploit
- Danneo CMS <= 0.5.1 Remote Blind SQL Injection Exploit
- QuickTalk Forum <= 1.6 Remote Blind SQL Injection Exploit
- XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability
- XOOPS Module My_eGallery 3.04 (gid) SQL Injection Vulnerability
- Fully Modded phpBB (kb.php) Remote SQL Injection Vulnerability
- eXV2 Module bamaGalerie 3.03 Remote SQL Injection Vulnerability
- XOOPS Module tutorials (printpage.php) SQL Injection Vulnerability
- EasyCalendar <= 4.0tr Multiple Remote Vulnerabilities
- EasyGallery <= 5.0tr Multiple Remote Vulnerabilities
- MDaemon IMAP server 9.6.4 (FETCH) Remote Buffer Overflow Exploit
- MailEnable Pro/Ent <= 3.13 (Fetch) post-auth Remote BOF Exploit
- VLC <= 0.8.6e Subtitle Parsing Local Buffer Overflow Exploit
- eXV2 Module MyAnnonces (lid) Remote SQL Injection Vulnerability
- eXV2 Module eblog 1.2 (blog_id) Remote SQL Injection Vulnerability
- eXV2 Module Viso <= 2.0.4.3 (kid) Remote SQL Injection Vulnerability
- eXV2 Module WebChat 1.60 (roomid) Remote SQL Injection Vulnerability
- AuraCMS <= 2.2.1 (online.php) Remote Blind SQL Injection Exploit
- Dovecot IMAP 1.0.10 <= 1.1rc2 Remote Email Disclosure Exploit
- SunOS 5.10 Sun Cluster rpc.metad Denial of Service PoC
- NetWin Surgemail 3.8k4-4 IMAP post-auth Remote LIST Universal Exploit
- fuzzylime cms <= 3.01 (admindir) Remote File Inclusion Vulnerability
- Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow PoC
- Mutiple Timesheets <= 5.0 Multiple Remote Vulnerabilities
- phpBP <= RC3 (2.204) FIX4 Remote SQL Injection Vulnerability
- CA BrightStor ARCserve Backup r11.5 ActiveX Remote BOF Exploit
- Exero CMS 1.0.1 (theme) Multiple Local File Inclusion Vulnerabilities
- PHPauction GPL Enhanced 2.51 Multiple RFI Vulnerabilities
- XOOPS Module Dictionary <= 0.94 Remote SQL Injection Vulnerability
- Apple Safari (webkit) Remote Denial of Service Exploit (iphone/osx/win)
- MG-SOFT Net Inspector 6.5.0.828 Multiple Remote Vulnerabilities
- Home FTP Server 1.4.5 Remote Denial of Service Exploit
- Joomla Component Acajoom (com_acajoom) SQL Injection Vulnerability
- KAPhotoservice (album.asp) Remote SQL Injection Exploit
- Easy-Clanpage 2.2 (id) Remote SQL Injection Vulnerability
- ASPapp (links.asp CatId) Remote SQL Injection Vulnerability
- Joomla Component joovideo 1.2.2 (id) SQL Injection Vulnerability
- Joomla Component Alberghi <= 2.1.3 (id) SQL Injection Vulnerability
- Mambo Component accombo 1.x (id) SQL Injection Vulnerability
- Joomla Component Restaurante 1.0 (id) SQL Injection Vulnerability
- PEEL CMS Admin Hash Extraction and Remote Upload Exploit
- Sun Solaris <= 10 rpc.ypupdated Remote Root Exploit
- CenterIM <= 4.22.3 Remote Command Execution Vulnerability
- RunCMS Module section (artid) Remote SQL Injection Vulnerability
- ASPapp Knowledge Base Remote SQL Injection Vulnerability
- Microsoft Office Excel Code Execution Exploit (MS08-014)
- phpAddressBook 2.11 Multiple Local File Inclusion Vulnerabilities
- ZyXEL ZyWALL Quagga/Zebra (default pass) Remote Root Vulnerability
- RunCMS Module Photo 3.02 (cid) Remote SQL Injection Vulnerability
- D.E. Classifieds (cat_id) Remote SQL Injection Vulnerability
- PostNuke <= 0.764 Blind SQL Injection Exploit
- XLPortal <= 2.2.4 (search) Remote SQL Injection Exploit
- Joomla Components custompages 1.1 Remote File Inclusion Vulnerability
- PHP-Nuke Platinum 7.6.b.5 (dynamic_titles.php) SQL Injection Exploit
- Cuteflow Bin 1.5.0 (login.php) Local File Inclusion Vulnerability
- Joomla Component rekry 1.0.0 (op_id) SQL Injection Vulnerability
- destar 0.2.2-5 Arbitrary Add New User Exploit
- Joomla Component d3000 1.0.0 Remote SQL Injection Vulnerability
- Joomla Component Cinema 1.0 Remote SQL Injection Vulnerability
- phpBB Module XS-Mod 2.3.1 Local File Inclusion Vulnerability
- PowerBook 1.21 (index.php page) Local File Inclusion Vulnerability
- PowerPHPBoard 1.00b Multiple Local File Inclusion Vulnerabilities
- HIS-Webshop (his-webshop.pl t) Remote File Disclosure Vulnerability
- destar 0.2.2-5 Arbitrary Add Admin User Exploit
- snircd <= 1.3.4 (send_user_mode) Denial of Service Vulnerability
- MPlayer sdpplin_parse() Array Indexing Buffer Overflow Exploit PoC
- e107 Plugin My_Gallery 2.3 Arbitrary File Download Vulnerability
- BolinOS 4.6.1 (LFI/XSS) Multiple Security Vulnerabilities
- Joomla Component alphacontent <= 2.5.8 (id) SQL Injection Vulnerability
- TopperMod 2.0 Remote SQL Injection Vulnerability
- TopperMod 1.0 (mod.php) Local File Inclusion Vulnerability
- Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities
- TFTP Server for Windows 1.4 ST Buffer Overflow Exploit (0day)
- Quick TFTP Pro 2.1 Remote SEH Overflow Exploit (0day)
- PacketTrap Networks pt360 2.0.39 TFTPD Remote DoS Exploit
- JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities
- Joomla Component MyAlbum 1.0 (album) SQL Injection Vulnerability
- AuraCMS 2.x (user.php) Security Code Bypass / Add Administrator Exploit
- Microsoft Office XP SP3 PPT File Buffer Overflow Exploit (ms08-016)
- Visual Basic (vbe6.dll) Local Stack Overflow PoC / DoS
- Smoothflash (admin_view_image.php cid) SQL Injection Vulnerability
- mxBB Module mx_blogs 2.0.0-beta Remote File Inclusion Exploit
- KISGB <= (tmp_theme) 5.1.1 Local File Inclusion Vulnerability
- JShop 1.x - 2.x (page.php xPage) Local File Inclusion Vulnerability
- Wordpress Plugin Download (dl_id) SQL Injection Vulnerability
- MS Windows Explorer Unspecified .DOC File Denial of Service Exploit
- phpSpamManager 0.53b (body.php) Remote File Disclosure Vulnerability
- Woltlab Burning Board Addon JGS-Treffen SQL Injection Vulnerability
- mod_jk2 v2.0.2 for Apache 2.0 Remote Buffer Overflow Exploit (win32)
- Neat weblog 0.2 (articleId) Remote SQL Injection Vulnerability
- Real Player rmoc3260.dll ActiveX Control Remote Code Execution Exploit
- EasyNews 40tr (SQL/XSS/LFI) Remote SQL Injection Exploit
- FaScript FaPhoto v1 (show.php id) SQL Injection Vulnerability
- Mambo Component ahsShop <= 1.51 (vara) SQL Injection Vulnerability
- eggBlog 4.0 Password Retrieve Remote SQL Injection Exploit
- Joomla Component actualite 1.0 (id) SQL Injection Vulnerability
- ChilkatHttp ActiveX 2.3 Arbitrary Files Overwrite Exploit
- Nuked-Klan <= 1.7.6 Multiple Vulnerabilities Exploit
- RunCMS Module bamagalerie3 Remote SQL Injection Vulnerability
- Noticeware Email Server 4.6.1.0 Denial of Service Exploit
- HP OpenView NNM 7.5.1 OVAS.exe SEH PRE AUTH Overflow Exploit
- Mcafee EPO 4.0 FrameworkService.exe Remote Denial of Service Exploit
- Novel eDirectory HTTP Denial of Service Exploit
- Joomla Component OnlineFlashQuiz <= 1.0.2 RFI Vulnerability
- XnView 1.92.1 Slideshow (FontName) Buffer Overflow Exploit
- DaZPHP 0.1 (prefixdir) Local File Inclusion Vulnerability
- PhpBlock a8.4 (PATH_TO_CODE) Remote File Inclusion Vulnerability
- Microsoft Visual InterDev 6.0 (SP6) SLN File Local Buffer Overflow PoC
- KwsPHP Module Galerie (id_gal) Remote SQL Injection Vulnerability
- KwsPHP Module Archives (id) Remote SQL Injection Vulnerability
- KwsPHP Module jeuxflash (cat) Remote SQL Injection Vulnerability
- KwsPHP Module ConcoursPhoto (C_ID) SQL Injection Vulnerability
- Xitami Web Server v2.5c2 LRWP Processing Format String PoC
- SCO UnixWare < 7.1.4 p534589 (pkgadd) Local Root Exploit
- SCO UnixWare Reliant HA Local Root Exploit
- SCO UnixWare Merge mcd Local Root Exploit
- XPOZE Pro <= 3.05 (reed) Remote SQL Injection Exploit
- Vastal I-Tech Software Zone (cat_id) SQL Injection Vulnerability
- sabros.us 1.75 (thumbnails.php) Remote File Disclosure Vulnerability
- MS Visual Basic Enterprise Ed. 6 SP6 DSR File Local BOF Exploit
- Comdev News Publisher Remote SQL Injection Vulnerability
- Affiliate Directory (cat_id) Remote SQL Injection Vulnerbility
- PHP Photo Gallery 1.0 (photo_id) SQL Injection Vulnerability
- Blogator-script 0.95 (incl_page) Remote File Inclusion Vulnerability
- Sun Solaris <= 10 rpc.ypupdated Remote Root Exploit (meta)
- PIGMy-SQL <= 1.4.1 (getdata.php id) Blind SQL Injection Exploit
- Blogator-script 0.95 (id_art) Remote SQL Injection Vulnerability
- Dragoon 0.1 (lng) Local File Inclusion Vulnerability
- Blogator-script 0.95 Change User Password Vulnerability
- Entertainment Directory <= 1.1 SQL Injection Vulnerability
- Easynet Forum Host (forum.php forum) SQL Injection Vulnerability
- CoBaLT 0.1 Multiple Remote SQL Injection Vulnerabilities
- Gaming Directory 1.0 (cat_id) Remote SQL Injection Vulnerability
- VisualPic 0.3.1 Remote File Inclusion Vulnerability
- Picture Rating 1.0 Blind SQL Injection Exploit
- Links Directory 1.1 (cat_id) Remote SQL Injection Vulnerability
- Software Index 1.1 (cid) Remote SQL Injection Vulnerability
- MyBB Plugin Custom Pages 1.0 Remote SQL Injection Vulnerability
- Blog PixelMotion (sauvBase.php) Arbitrary Database Backup Vulnerability
- Blog PixelMotion (modif_config.php) Remote File Upload Vulnerability
- Blog PixelMotion (index.php categorie) SQL Injection Vulnerability
- Site Sift Listings (id) Remote SQL Injection Vulnerability
- Prozilla Top 100 v1.2 Arbitrary Delete Stats Vulnerability
- Prozilla Forum Service (forum.php forum) SQL Injection Vulnerability
- Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit
- Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability
- Prozilla Topsites 1.0 Arbitrary Edit/Add Users Vulnerability
- Prozilla Cheat Script 2.0 (id) Remote SQL Injection Vulnerability
- Prozilla Freelancers (project) Remote SQL Injection Vulnerability
- Drake CMS <= 0.4.11 Remote Blind SQL Injection Exploit
- LinPHA <= 1.3.3 (maps plugin) Remote Command Execution Exploit
- Dragoon 0.1 (root) Remote File Inclusion Vulnerability
- Mole 2.1.0 (viewsource.php) Remote File Disclosure Vulnerability
- Data Dynamics ActiveBar (Actbar3.ocx 3.2) Multiple Insecure Methods
- HP OpenView NNM 7.53 Multiple Remote Vulnerabilities
- CDNetworks Nefficient Download (NeffyLauncher.dll) Code Execution Vuln
- Tumbleweed SecureTransport FileTransfer ActiveX BOF Exploit
- ChartDirector 4.1 (viewsource.php file) File Disclosure Vulnerability
- 724CMS <= 4.01 Enterprise (index.php ID) SQL Injection Vulnerability
- My Gaming Ladder <= 7.5 (ladderid) SQL Injection Vulnerability
- iScripts SocialWare (id) Remote SQL Injection Vulnerbility
- phpTournois <= G4 Remote File Upload/Code Execution Exploit
- ExBB <= 0.22 (LFI/RFI) Multiple Remote Vulnerabilities
- Pligg CMS 9.9.0 (editlink.php id) Remote SQL Injection Vulnerability
- FLABER <= 1.1 RC1 Remote Command Execution Exploit
- LokiCMS <= 0.3.3 Remote Command Execution Exploit
- SuperNET Shop 1.0 Remote SQL Injection Vulnerabilities
- Prediction Football 1.x (matchid) Remote SQL Injection Vulnerability
- Koobi Pro 6.25 links Remote SQL Injection Vulnerability
- Koobi Pro 6.25 shop Remote SQL Injection Vulnerability
- Koobi Pro 6.25 gallery Remote SQL Injection Vulnerability
- Koobi Pro 6.25 showimages Remote SQL Injection Vulnerability
- Koobi 4.4/5.4 gallery Remote SQL Injection Vulnerability
- IBiz E-Banking Integrator V2 ActiveX Edition Insecure Method Exploit
- phpBB Add-on Fishing Cat Portal Remote File Inclusion Exploit
- KnowledgeQuest 2.5 Arbitrary Add Admin Exploit
- Free Photo Gallery Site Script (path) File Disclosure Vulnerability
- Phaos R4000 Version (file) Remote File Disclosure Vulnerability
- KnowledgeQuest 2.6 SQL Injection Vulnerabilities
- LiveCart <= 1.1.1 (category id) Blind SQL Injection Exploit
- Ksemail (index.php language) Local File Inclusion Vulnerability
- Alsaplayer < 0.99.80-rc3 Vorbis Input Local Buffer Overflow Exploit
- LightNEasy 1.2 (no database) Remote Hash Retrieve Exploit
- RX Maxsoft (popup_img.php fotoID) Remote SQL Injection Vulnerability
- Borland InterBase 2007 ibserver.exe Buffer Overflow PoC
- PHPKB 1.5 Knowledge Base (ID) SQL Injection Vulnerability
- NewsOffice 1.1 Remote File Inclusion Vulnerability
- HP OpenView Network Node Manager <= 7.53 Multiple Vulnerabilities
- Joomla Component joomlaXplorer <= 1.6.2 Remote Vulnerabilities
- phpAddressBook 2.11 (view.php id) SQL Injection Vulnerability
- CcMail <= 1.0.1 Insecure Cookie Handling Vulnerability
- 1024 CMS <= 1.4.2 Local File Inclusion / Blind SQL Injection Exploit
- Joomla Component com_extplorer <= 2.0.0 RC2 Local Directory Traversal
- Pollbooth <= 2.0 (pollID) Remote SQL Injection Vulnerability
- cpCommerce 1.1.0 (XSS/LFI) Multiple Remote Vulnerabilities
- XM Easy Personal FTP Server 5.4.0 (XCWD) Denial of Service Exploit
- PostCard 1.0 Remote Insecure Cookie Handling Vulnerability
- Mumbo Jumbo Media OP4 Remote Blind SQL Injection Exploit
- SmallBiz 4 Seasons CMS Remote SQL Injection Vulnerability
- MS Windows GDI Image Parsing Stack Overflow Exploit (MS08-021)
- SmallBiz eShop (content_id) Remote SQL Injection Vulnerability
- BosClassifieds 3.0 (index.php cat) SQL Injection Vulnerability
- HP OpenView NNM v7.5.1 ovalarmsrv.exe Remote Overflow Exploit
- BosNews 4.0 (article) Remote SQL Injection Vulnerability
- Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities
- Koobi Pro 6.25 poll Remote SQL Injection Vulnerability
- KwsPHP (Upload) Remote Code Execution Exploit
- Classifieds Caffe (index.php cat_id) SQL Injection Vulnerability
- BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day)
- LightNEasy SQLite / no database <= 1.2.2 Multiple Remote Vulnerabilities
- DivX Player <= 6.7.0 SRT File Buffer Overflow PoC
- Lasernet CMS 1.5 (new) Remote SQL Injection Vulnerability
- BS.Player 2.27 Build 959 SRT File Buffer Overflow PoC
- Carbon Communities <= 2.4 Multiple Remote Vulnerabilities
- XplodPHP AutoTutorials <= 2.1 (id) SQL Injection Vulnerability
- xine-lib <= 1.1.12 NSF demuxer Stack Overflow Vulnerability PoC
- e107 Module 123 Flash Chat 6.8.0 Remote File Inclusion Vulnerability
- Microsoft Works 7 WkImgSrv.dll ActiveX Denial of Service PoC
- Intel Centrino ipw2200BG Wireless Driver Remote BOF Exploit (meta)
- DivX Player 6.6.0 SRT File SEH Buffer Overflow Exploit
- Grape Statistics 0.2a (location) Remote File Inclusion Vulnerability
- 5th Avenue Shopping Cart (category_ID) SQL Injection Vulnerability
- 2532|Gigs <= 1.2.2 Arbitrary Database Backup/Download Vulnerability
- OpenInvoice 0.9 Arbitrary Change User Password Exploit
- PhShoutBox <= 1.5 (final) Insecure Cookie Handling Vulnerability
- Simple Customer 1.2 (contact.php id) SQL Injection Vulnerability
- AllMyGuests <= 0.4.1 (AMG_id) Remote SQL Injection Vulnerability
- PHP-Fusion <= 6.01.14 Remote Blind SQL Injection Exploit
- Apartment Search Script (listtest.php r) SQL Injection Vulnerability
- SubEdit Player build 4066 subtitle Buffer Overflow PoC
- XOOPS Module Recipe (detail.php id) SQL Injection Vulnerability
- Aterr 0.9.1 (class) Local File Inclusion Vulnerabilities (php5)
- W1L3D4 Philboard 1.0 (philboard_reply.asp) SQL Injection Vulnerability
- HostDirectory Pro Insecure Cookie Handling Vulnerability
- Kubelance 1.6.4 (ipn.php i) Local File Inclusion Vulnerability
- Acidcat CMS 3.4.1 Multiple Remote Vulnerabilities
- Adobe Album Starter 3.2 Unchecked Local Buffer Overflow Exploit
- BlogWorx 1.0 (view.asp id) Remote SQL Injection Vulnerability
- Crazy Goomba 1.2.1 (id) Remote SQL Injection Vulnerability
- RedDot CMS 7.5 (LngId) Remote SQL Injection Exploit
- TR News 2.1 (nb) Remote SQL Injection Vulnerability
- Joomla Component FlippingBook 1.0.4 SQL Injection Vulnerability
- Web Calendar <= 4.1 Blind SQL Injection Exploit
- Wordpress Plugin Spreadsheet <= 0.6 SQL Injection Vulnerability
- E RESERV 2.1 (index.php ID_loc) SQL Injection Vulnerability
- Joomla Component Filiale 1.0.4 (idFiliale) SQL Injection Vulnerability
- Zune Software ActiveX Arbitrary File Overwrite Exploit
- YouTube Clone Script (spages.php) Remote Code Execution Exploit
- Joomla Community Builder <= 1.0.1 Blind SQL Injection Vulnerability
- DivX Player 6.7 SRT File Subtitle Parsing Buffer Overflow Exploit
- Joomla Component JPad 1.0 SQL Injection Vulnerability (postauth)
- miniBB 2.2 (CSS/SQL/FPD) Multiple Remote Vulnerabilities
- PostNuke Module PostSchedule (eid) SQL Injection Vulnerability
- WatchFire Appscan 7.0 ActiveX Multiple Insecure Methods Exploit
- Joomla Component Joomla-Visites 1.1 RC2 RFI Vulnerability
- Kantaris 0.3.4 SSA Subtitle Local Buffer Overflow Exploit
- Siteman 2.x (EXEC/LFI/XSS) Multiple Remote Vulnerabilities
- PostNuke Module pnFlashGames <= 2.5 SQL Injection Vulnerabilities
- Content Management System for Phprojekt 0.6.1 RFI Vulnerabiltiies
- Clever Copy 3.0 (postview.php) Remote SQL Injection Exploit
- Angelo-Emlak 1.0 Multiple Remote SQL injection Vulnerabilities
- PHP Forge <= 3 beta 2 (id) Remote SQL Injection Vulnerability
- RunCMS Module MyArticles 0.6 Beta-1 SQL Injection Vulnerability
- PHPizabi v0.848b C1 HFP3 Database Information Disclosure Vuln
- MegaBBS Forum 2.2 (SQL/XSS) Multiple Remote Vulnerabilities
- Jokes Site Script (jokes.php?catagorie) SQL Injection Vulnerability
- FluentCMS (view.php sid) Remote SQL Injection Vulnerability
- Content Management System for Phprojekt 0.6.1 File Disclosure Vuln
- HP Software Update (Hpufunction.dll 4.0.0.1) Insecure Method PoC
- Joomla Component com_alphacontent Blind SQL Injection Exploit
- ODFaq 2.1.0 Blind SQL Injection Exploit
- Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection Exploit
- GroupWise 7.0 (mailto: scheme) Buffer Overflow PoC
- Prozilla Hosting Index (directory.php cat_id) SQL Injection Vulnerability
- Softbiz Web Host Directory Script (host_id) SQL Injection Vulnerability
- MS Windows XP SP2 (win32k.sys) Privilege Escalation Exploit (MS08-025)
- VLC 0.8.6d httpd_FileCallBack Remote Format String Exploit
- Joovili 3.1 (browse.videos.php category) SQL Injection Vulnerability
- SugarCRM Community Edition 4.5.1/5.0.0 File Disclosure Vulnerability
- LokiCMS <= 0.3.3 Arbitrary File Delete Vulnerability
- Project Based Calendaring System (PBCS) 0.7.1 Multiple Vulnerabilities
- OxYProject 0.85 (edithistory.php) Remote Code Execution Vulnerability
- Harris WapChat v.1 Multiple Remote File Inclusion Vulnerabilities
- interact 2.4.1 Multiple Remote File Inclusion Vulnerabilities
- Joomla Component Webhosting (catid) Blind SQL Injection Exploit
- ActualAnalyzer Lite (free) 2.78 Local File Inclusion Vulnerability
- vlBook 1.21 (XSS/LFI) Multiple Remote Vulnerabilities
- Microsoft Works 7 WkImgSrv.dll ActiveX Remote BOF Exploit
- Open Auto Classifieds 1.4.3b Remote SQL Injection Vulnerabilities
- ItCMS 1.9 (boxpop.php) Remote Code Execution Vulnerability
- BlogMe PHP (comments.php id) SQL Injection Vulnerability
- HLDS WebMod 0.48 Multiple Remote Vulnerabilties
- Smartblog (index.php tid) Remote SQL Injection Vulnerability
- HLDS WebMod 0.48 (rconpass) Remote Heap Overflow Exploit
- phpDirectorySource 1.1 Multiple Remote SQL Injection Vulnerabilities
- cpLinks 1.03 (bypass/SQL/XXS) Multiple Remote Vulnerabilities
- ScorpNews 1.0 (example.php site) Remote File Inclusion Vulnerability
- Scout Portal Toolkit <= 1.4.0 (ParentId) Remote SQL Injection Exploit
- PostNuke Module pnEncyclopedia <= 0.2.0 SQL Injection Vulnerability
- Online Rental Property Script <= 4.5 (pid) SQL Injection Vulnerability
- Anserv Auction XL (viewfaqs.php cat) SQL Injection Vulnerability
- Kmita Tellfriend <= 2.0 (file) Remote File Inclusion Vulnerability
- Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability
- BackLinkSpider (cat_id) Remote SQL Injection Vulnerability
- Novell eDirectory < 8.7.3 SP 10 / 8.8.2 HTTP headers DOS Vulnerability
- Miniweb 2.0 (historymonth) Remote SQL Injection Vulnerability
- Power Editor 2.0 Remote File Disclosure / Edit Vulnerability
- DeluxeBB <= 1.2 Multiple Remote Vulnerabilities Exploit
- Pre Shopping Mall 1.1 (search.php search) SQL Injection Vulnerability
- PHPEasyData 1.5.4 (cat_id) Remote SQL Injection Vulnerability
- fipsCMS (print.asp lg) Remote SQL Injection Vulnerability
- Galleristic 1.0 (index.php cat) Remote SQL Injection Exploit
- gameCMS Lite 1.0 (index.php systemId) SQL Injection Vulnerability
- PostcardMentor (step1.asp cat_fldAuto) SQL Injection Vulnerability
- OneCMS 2.5 Remote Blind SQL Injection Exploit
- CMS Faethon 2.2 Ultimate (RFI/XSS) Multiple Remote Vulnerabilies
- ezContents CMS 2.0.0 Multiple Remote SQL Injection Vulnerabilities
- Musicbox <= 2.3.7 (artistId) Remote SQL Injection Vulnerability
- rdesktop 1.5.0 iso_recv_msg() Integer Underflow Vulnerability PoC
- RunCMS <= 1.6.1 (msg_image) SQL Injection Exploit
- TFTP Server for Windows 1.4 ST Remote BSS Overflow Exploit
- Shader TV (Beta) Multiple Remote SQL Injection Vulnerabilities
- vShare Youtube Clone 2.6 (tid) Remote SQL Injection Vulnerability
- SazCart 1.5.1 Multiple Remote File Inclusion Vulnerabilities
- Cyberfolio 7.12 (rep) Remote File Inclusion Vulnerability
- miniBloggie 1.0 (del.php) Arbitrary Delete Post Vulnerability
- Admidio 1.4.8 (getfile.php) Remote File Disclosure Vulnerability
- SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit
- HispaH Model Search (cat.php cat) Remote SQL Injection Vulnerability
- Phoenix View CMS <= Pre Alpha2 (SQL/LFI/XSS) Multiple Vulnerabilities
- txtCMS 0.3 (index.php) Local File Inclusion Exploit
- Ktools PhotoStore <= 3.5.1 (gallery.php gid) SQL Injection Vulnerability
- Advanced Links Management (ALM) 1.52 SQL Injection Vulnerability
- Ktools PhotoStore <= 3.5.2 Multiple SQL Injection Vulnerabilities
- Joomla Component com_datsogallery 1.6 Blind SQL Injection Exploit
- Open Office.org 2.31 swriter Local Code Execution Exploit
- rdesktop 1.5.0 process_redirect_pdu() BSS Overflow Vulnerability PoC
- PhpBlock a8.5 Multiple Remote File Inclusion Vulnerabilities
- Joomla Component xsstream-dm 0.01b Remote SQL Injection Exploit
- QuickUpCMS Multiple Remote SQL Injection Vulnerabilities Exploit
- Vortex CMS (index.php pageid) Blind SQL Injection Exploit
- AJ Article 1.0 (featured_article.php) Remote SQL Injection Vulnerability
- AJ Auction <= 6.2.1 (classifide_ad.php) SQL Injection Vulnerability
- AJ Classifieds 2008 (index.php) Remote SQL Injection Vulnerability
- ZeusCart <= 2.0 (category_list.php) SQL Injection Vulnerability
- ClanLite 2.x (SQL Injection/XSS) Multiple Remote Vulnerabilities
- BIGACE 2.4 Multiple Remote File Inclusion Vulnerabilities
- Battle.net Clan Script <= 1.5.x Remote SQL Injection Exploit
- Mega File Hosting Script 1.2 (fid) Remote SQL Injection Vulnerability
- PHP Classifieds Script <= 05122008 SQL Injection Vulnerabilities
- CMS Made Simple <= 1.2.4 (FileManager module) File Upload Exploit
- Advanced Image Hosting (AIH) 2.1 Remote SQL Injection Exploit
- AJ HYIP ACME (topic_detail.php id) Remote SQL Injection Vulnerability
- EQDKP 1.3.2f (user_id) Authentication Bypass (PoC)
- e107 Plugin BLOG Engine 2.2 (rid) Blind SQL Injection Vulnerability
- e-107 Plugin zogo-shop 1.16 Beta 13 SQL Injection Vulnerability
- Web Group Communication Center (WGCC) <= 1.0.3 SQL Injection Vuln
- CaLogic Calendars 1.2.2 (langsel) Remote SQL Injection Vulnerability
- Meto Forum 1.1 Multiple Remote SQL Injection Vulnerabilities
- EMO Realty Manager (news.php ida) SQL Injection Vulnerability
- The Real Estate Script (dpage.php docID) SQL Injection Vulnerability
- Linkspile (link.php cat_id) Remote SQL Injection Vulnerability
- IDAutomation Bar Code ActiveX Multiple Remote Vulnerabilities
- Freelance Auction Script 1.0 (browseproject.php) SQL Injection Vuln
- Feedback and Rating Script 1.0 (detail.php) SQL Injection Vulnerability
- AS-GasTracker 1.0.0 Insecure Cookie Handling Vulnerability
- ActiveKB <= 1.5 Insecure Cookie Handling/Arbitrary Admin Access
- Internet Photoshow (Special Edition) Insecure Cookie Handling Vuln
- La-Nai CMS <= 1.2.16 (fckeditor) Arbitrary File Upload Exploit
- MS Internet Explorer (Print Table of Links) Cross-Zone Scripting PoC
- Rgboard <= 3.0.12 (RFI/XSS) Multiple Remote Vulnerabilities
- Kostenloses Linkmanagementscript (page_to_include) RFI Vulnerability
- Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit
- Kostenloses Linkmanagementscript SQL Injection Vulnerabilities
- Newsmanager 2.0 (RFI/RFD/SQL/PB) Multiple Remote Vulnerabilities
- Symantec Altiris Client Service 6.8.378 Local Privilege Escalation Exploit
- 68 Classifieds 4.0 (category.php cat) SQL Injection Vulnerability
- Pet Grooming Management System <= 2.0 Arbitrary Add-Admin Exploit
- RantX 1.0 Insecure Admin Authentication Vulnerability
- Web Slider <= 0.6 Insecure Cookie/Authentication Handling Vuln
- Multi-Page Comment System 1.1.0 Insecure Cookie Handling Vulnerability
- IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities
- Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (ruby)
- StanWeb.CMS (default.asp id) Remote SQL Injection Exploit
- Zomplog <= 3.8.2 (newuser.php) Arbitrary Add Admin Exploit
- Archangel Weblog 0.90.02 (post_id) SQL Injection Exploit
- Zomplog <= 3.8.2 (force_download.php) File Disclosure Vulnerability
- WR-Meeting 1.0 (msnum) Local File Disclosure Vulnerability
- How2ASP.net Webboard <= 4.1 Remote SQL Injection Vulnerability
- FicHive 1.0 (category) Remote Blind SQL Injection Exploit
- Smeego 1.0 (Cookie lang) Local File Inclusion Exploit
- CMS WebManager-Pro Multiple Remote SQL Injection Vulnerabilities
- TAGWORX.CMS Multiple Remote SQL Injection Vulnerabilities
- Ajax framework (lang) Local File Inclusion Vulnerability
- LulieBlog 1.2 Multiple Remote Vulnerabilities
- AlkalinePHP <= 0.77.35 (adduser.php) Arbitrary Add-Admin Vuln
- easyCMS <= 0.4.2 Multiple Remote Vulnerabilities
- GNU/Gallery <= 1.1.1.0 (admin.php) Local File Inclusion Vulnerability
- MeltingIce File System <= 1.0 Remote Arbitrary Add-User Exploit
- PHP AGTC-Membership System <= 1.1a Arbitrary Add-Admin Exploit
- MyPicGallery 1.0 Arbitrary Add-Admin Exploit
- microSSys CMS <= 1.5 Remote File Inclusion Vulnerability
- AlkalinePHP <= 0.80.00 beta (thread.php id) SQL Injection Exploit
- MercuryBoard <= 1.1.5 (login.php) Remote Blind SQL Injection Exploit
- EntertainmentScript (play.php id) Remote SQL Injection Vulnerability
- EntertainmentScript 1.4.0 (page.php page) Local File Inclusion Exploit
- eCMS 0.4.2 (SQL/PB) Multiple Remote Vulnerabilities
- Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities
- ComicShout 2.5 (index.php comic_id) Remote SQL Injection Vulnerability
- MX-System 2.7.3 (index.php page) Remote SQL Injection Vulnerability
- Php Jokesite 2.0 (cat_id) Remote SQL Injection Vulnerability
- Netious CMS 0.4 (index.php pageid) SQL Injection Vulnerability
- Alcatel OmniPCX Office 210/061.1 Remote Command Execution Vuln
- 6rbScript (news.php newsid) Remote SQL Injection Vulnerability
- Webløsninger <= v4 (XSS/SQL) Multiple Remote Vulnerabilities
- Netbutikker <= v4 Remote SQL Injection Vulnerabilities
- e107 Plugin BLOG Engine 2.2 (uid) Blind SQL Injection Vulnerability
- VLC 0.8.6d SSA Parsing Double Sh311 Universal Exploit
- Quate CMS 0.3.4 (RFI/LFI/XSS/DT) Multiple Remote Vulnerabilities
- OneCMS 2.5 (install_mod.php) Local File Inclusion Vulnerability
- RoomPHPlanning 1.5 (idresa) Remote SQL Injection Vulnerability
- phpRaider 1.0.7 (phpbb3.functions.php) RFI Vulnerability
- plusPHP URL Shortening Software 1.6 Remote File Inclusion Vulnerability
- Xomol CMS <= 1.2 Login Bypass / LFI Vulnerabilities
- RoomPHPlanning 1.5 Arbitrary Add Admin User Vulnerability
- RoomPHPlanning 1.5 Multiple Remote SQL Injection Vulnerabilities
- CMS MAXSITE <= 1.10 (category) Remote SQL Injection Vulnerability
- RevokeBB 1.0 RC11 (search) Remote SQL Injection Vulnerability
- CKGold Shopping Cart 2.5 (category_id) SQL Injection Vulnerability
- PHP 5.2.6 sleep() Local Memory Exhaust Exploit
- OtomiGen.X 2.2 (lang) Local File Inclusion Vulnerabilities
- Creative Software AutoUpdate Engine ActiveX Stack Overflow Exploit
- CA Internet Security Suite 2008 SaveToFile()File Corruption PoC
- PHPhotoalbum 0.5 Multiple Remote SQL Injection Vulnerabilities
- Joomla Component Artist (idgalery) SQL Injection Vulnerability
- FlashBlog (articulo_id) Remote SQL Injection Vulnerability
- Adobe Acrobat Reader <= 8.1.2 Malformed PDF Remote DOS PoC
- SyntaxCMS <= 1.3 (fckeditor) Arbitrary File Upload Exploit
- AirvaeCommerce 3.0 (pid) Remote SQL Injection Vulnerability
- PicoFlat CMS 0.5.9 Local File Inclusion Vulnerabilitty (win)
- CMS from Scratch <= 1.1.3 (fckeditor) Remote Shell Upload Exploit
- Mambo Component mambads <= 1.0 RC1 Beta SQL Injection Vulnerability
- CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability
- ASUS DPC Proxy 2.0.0.16/19 Remote Buffer Overflow Exploit
- Now SMS/MMS Gateway 5.5 Remote Buffer Overflow Exploit
- PHP Booking Calendar 10 d Remote SQL Injection Exploit
- PHP Booking Calendar 10 d (fckeditor) Arbitrary File Upload Exploit
- HiveMaker Professional <= 1.0.2 (cid) SQL Injection Vulnerability
- PsychoStats <= 2.3.3 Multiple Remote SQL Injection Vulnerabilities
- CMSimple 3.1 Local File Inclusion / Arbitrary File Upload Exploit
- Social Site Generator (sgc_id) Remote SQL Injection Vulnerability
- AzureSites CMS Multiple Remote Vulnerabilities
- PHP Visit Counter <= 0.4 (datespan) SQL Injection Vulnerability
- PassWiki <= 0.9.16 RC3 (site_id) Local File Inclusion Vulnerability
- BP Blog 6.0 (id) Remote Blind SQL Injection Vulnerability
- EasyWay CMS (index.php mid) Remote SQL Injection Exploit
- Social Site Generator (path) Remote File Inclusion Vulnerability
- Joomla Component prayercenter <= 1.4.9 (id) SQL Injection Vulnerability
- freeSSHd 1.2.1 Remote Stack Overflow PoC (auth)
- Joomla Component com_biblestudy 1.5.0 (id) SQL Injection Exploit
- Social Site Generator v2 Multiple Remote File Disclosure Vulnerabilities
- Samba (client) receive_smb_raw() Buffer Overflow Vulnerability PoC
- ComicShout 2.8 (news.php news_id) SQL Injection Vulnerability
- Joomla Component com_mycontent 1.1.13 Blind SQL Injection Exploit
- DesktopOnNet 3 Beta Multiple Remote File Inclusion Vulnerabilities
- meBiblio 0.4.7 (SQL/Upload/XSS) Multiple Remote Vulnerabilities
- I-Pos Internet Pay Online Store <= 1.3 Beta SQL Injection Vulnerability
- SecurityGateway 1.0.1 (username) Remote Buffer Overflow PoC
- Joomla Component JooBB 0.5.9 Blind SQL Injection Exploit
- Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (Python)
- Joomla Component acctexp <= 0.12.x Blind SQL Injection Exploit
- Booby 1.0.1 Multiple Remote File Inclusion Vulnerabilities
- Joomla Component equotes 0.9.4 Remote SQL injection Vulnerability
- pLog (albumId) Remote SQL Injection Vulnerability
- SMEweb 1.4b (SQL/XSS) Multiple Remote Vulnerabilities
- MDaemon <= 9.6.5 Multiple Remote Buffer Overflow Exploit PoC
- FlashBlog 0.31b Remote Arbitrary File Upload Vulnerability
- Joomla Component joomradio 1.0 (id) SQL Injection Vulnerability
- Joomla Component iDoBlog <= b24 Remote SQL Injection Vulnerability
- Battle Blog <= 1.25 (comment.asp) Remote SQL Injection Vulnerability
- C6 Messenger ActiveX Remote Download & Execute Exploit
- QuickerSite 1.8.5 Multiple Remote Vulnerabilities
- Joomla Component JooBlog 0.1.1 Blind SQL Injection Exploit
- 1Book Guestbook Script Code Execution Vulnerability
- Joomla Component jotloader <= 1.2.1.a Blind SQL injection Exploit
- HP StorageWorks NSI Double Take Remote Overflow Exploit (meta)
- PHP-Address Book <= 3.1.5 (SQL/XSS) Multiple Vulnerabilities
- Joomla Component EasyBook 1.1 (gbid) SQL Injection Exploit
- Akamai Download Manager < 2.2.3.7 ActiveX Remote Download Exploit
- 427BB 2.3.1 (SQL/XSS) Multiple Remote Vulnerabilities
- Joomla Component simpleshop <= 3.4 SQL injection Vulnerability
- Power Phlogger 2.2.5 (css_str) SQL Injection Vulnerability
- pSys 0.7.0.a (shownews) Remote SQL Injection Vulnerability
- Black Ice Software Inc Barcode SDK (BITiff.ocx) Remote BOF Exploit
- Black Ice Software Inc Barcode SDK (BITiff.ocx) Remote BOF Exploit (2)
- Joomla Component JoomlaDate (user) SQL injection Vulnerability
- Asterisk (SIP channel driver / in pedantic mode) Remote Crash Exploit
- Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulns
- freeSSHd 1.2.1 (Post Auth) Remote SEH Overflow Exploit
- Joomla Component GameQ <= 4.0 Remote SQL injection Vulnerability
- JiRo´s FAQ Manager (read.asp fID) SQL Injection Vulnerability
- PHPInv 0.8.0 (LFI/XSS) Multiple Remote Vulnerabilities
- Joomla Component yvcomment <= 1.16 Blind SQL Injection Exploit
- XOOPS Module Uploader 1.1 (filename) File Disclosure Vulnerability
- BrowserCRM 5.002.00 (clients.php) Remote File Inclusion Vulnerability
- Galatolo Web Manager 1.0 XSS / Local File Inclusion Vulnerability
- Joomla Component rapidrecipe Remote SQL injection Vulnerability
- Galatolo Web Manager <= 1.0 Remote SQL Injection Exploit
- iJoomla News Portal (Itemid) Remote SQL Injection Exploit
- ProManager 0.73 (config.php) Local File Inclusion Vulnerability
- Real Estate Web Site 1.0 (SQL/XSS) Multiple Remote Vulnerabilities
- Telephone Directory 2008 (SQL/XSS) Multiple Remote Vulnerabilities
- ASPilot Pilot Cart 7.3 (article) Remote SQL Injection Vulnerability
- Realm CMS <= 2.3 Multiple Remote Vulnerabilities
- Flux CMS <= 1.5.0 (loadsave.php) Remote Arbitrary File Overwrite Exploit
- pNews 2.08 (shownews) Remote SQL Injection Vulnerability
- Telephone Directory 2008 Arbitrary Delete Contact Exploit
- Achievo <= 1.3.2 (fckeditor) Arbitrary File Upload Exploit
- ErfurtWiki <= R1.02b (css) Local File Inclusion Vulnerabilities
- DCFM Blog 0.9.4 (comments) Remote SQL Injection Vulnerability
- yBlog 0.2.2.2 (XSS/SQL) Multiple Remote Vulnerabilities
- Insanely Simple Blog 0.5 (index) Remote SQL Injection Vulnerabilities
- ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability
- Experts (answer.php) Remote SQL Injection Vulnerability
- Black Ice Software Annotation Plugin (BiAnno.ocx) Remote BOF Exploit
- Black Ice Software Annotation Plugin (BiAnno.ocx) BOF Exploit (2)
- Syndeo CMS 2.6.0 (LFI/XSS) Multiple Remote Vulnerabilities
- ASP Download 1.03 Arbitrary Change Administrator Account Vulnerability
- Todd Woolums ASP News Management 2.2 SQL Injection Vulnerabiltiy
- TNT Forum 0.9.4 Local File Inclusion Vulnerabilities
- Yuhhu 2008 SuperStar (board) Remote SQL Injection Exploit
- FOG Forum 0.8.1 Multiple Local File Inclusion Vulnerabilities
- eFiction 3.0 (toplists.php list) Remote SQL Injection Vulnerability
- IPTBB 0.5.6 Arbitrary Add-Admin Exploit
- MycroCMS 0.5 Remote Blind SQL Injection Vulnerability
- Pooya Site Builder (PSB) 6.0 Multiple SQL Injection Vulnerabilities
- JAMM CMS (id) Remote Blind SQL Injection Exploit
- SNMPv3 HMAC validation error Remote Authentication Bypass Exploit
- Gravity Board X 2.0 Beta (SQL/XSS) Multiple Remote Vulnerabilities
- Facil-CMS 0.1RC Multiple Local File Inclusion Vulnerabilities
- muvee autoProducer <= 6.1 (TextOut.dll) ActiveX Remote BOF Exploit
- Clever Copy 3.0 (results.php) Remote SQL Injection Exploit
- XChat <= 2.8.7b (URI Handler) Remote Code Execution Exploit (ie6/ie7)
- GLLCTS2 <= 4.2.4 (login.php detail) SQL Injection Exploit
- Butterfly Organizer 2.0.0 (SQL/XSS) Multiple Remote Vulnerabilities
- WebChamado 1.1 Arbitrary Add Admin Exploit
- Mambo Component galleries 1.0 (aid) Remote SQL Injection Exploit
- Butterfly Organizer 2.0.0 Arbitrary Delete (Category/Account) Exploit
- Easy-Clanpage 3.0b1 (section) Local File Inclusion Vulnerability
- WebChamado 1.1 (tsk_id) Remote SQL Injection Vulnerability
- Pre News Manager <= 1.0 (index.php id) SQL Injection Vulnerability
- Pre Ads Portal <= 2.0 Remote SQL Injection Vulnerability
- E-SMART CART (productsofcat.asp) Remote SQL Injection Vulnerability
- GLLCTS2 (listing.php sort) Remote Blind SQL Injection Exploit
- PHP JOBWEBSITE PRO (JobSearch3.php) SQL Injection Vulnerability
- Mambo <= 4.6.4 (Output.php) Remote File Inclusion Vulnerability
- Pre Job Board (JobSearch.php) Remote SQL Injection Vulnerability
- Contenido 4.8.4 (RFI/XSS) Multiple Remote Vulnerabilities
- Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities
- PHPMyCart (shop.php cat) Remote SQL Injection Vulnerability
- Shoutcast Admin Panel 2.0 (page) Local File Inclusion Vulnerability
- vsftpd 2.0.5 (CWD) Remote Memory Consumption Exploit (post auth)
- Cartweaver 3 (prodId) Remote Blind SQL Injection Exploit
- DIY (index_topic did ) Blind SQL Injection Exploit
- Dana IRC <= 1.3 Remote Buffer Overflow PoC
- xeCMS <= 1.0.0 RC2 Insecure Cookie Handling Vulnerability
- EZCMS <= 1.2 (bSQL/Admin Byapss) Multiple Remote Vulnerabilities
- PHPEasyNews <= 1.13 RC2 (post) Remote SQL Injection Vulnerability
- AlstraSoft AskMe Pro <= 2.1 Multiple SQL Injection Vulnerabilities
- Devalcms 1.4a (currentfile) Local File Inclusion Vulnerability
- AWBS <= 2.7.1 (news.php viewnews) Remote SQL Injection Vulnerability
- Anata CMS 1.0b5 (change.php) Arbitrary Add Admin Vulnerability
- Simple Machines Forum <= 1.1.4 Remote SQL Injection Exploit
- Alt-N SecurityGateway 1.00-1.01 Remote Stack Overflow Exploit
- Oxygen 2.0 (repquote) Remote SQL Injection Vulnerability
- SH-News 3.0 Insecure Cookie Handling Vulnerability
- NiTrO Web Gallery <= 1.4.3 (section) Remote SQL Injection Vulnerability
- Open Azimyt CMS <= 0.22 (lang) Local File Inclusion Vulnerability
- MyMarket 1.72 Blind SQL Injection Exploit
- Joomla Simple Shop Galore Component 3.x (catid) SQL Injection
- Comparison Engine Power 1.0 Blind SQL Injection Exploit
- Bizon-CMS 2.0 (index.php Id) Remote SQL Injection Vulnerability
- BaSiC-CMS (index.php r) Remote SQL Injection Vulnerability
- Deterministic Network Enhancer dne2000.sys kernel ring0 SYSTEM exploit
- FreeCMS.us 0.2 (index.php page) Remote SQL Injection Vulnerability
- ClipShare < 3.0.1 (tid) Remote SQL Injection Vulnerability
- easyTrade 2.x (detail.php id) Remote SQL Injection Vulnerability
- ThaiQuickCart (sLanguage) Local File Inclusion Vulnerability
- PHP Site Lock 2.0 (index.php page) Remote SQL Injection Vulnerability
- P2P Foxy Out of Memory Denial of Service Exploit
- FreeCMS.us 0.2 (fckeditor) Arbitrary File Upload Exploit
- MyShoutPro 1.2 Final Insecure Cookie Handling Vulnerability
- eroCMS <= 1.4 (index.php site) SQL Injection Vulnerability
- WebCalendar 1.0.4 (includedir) Remote File Inclusion Vulnerability
- Traindepot 0.1 (LFI/XSS) Multiple Remote Vulnerabilities
- doITlive CMS <= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities
- AspWebCalendar 2008 Remote File Upload Vulnerability
- Visual Basic Enterprise Edition SP6 vb6skit.dll Buffer Overflow PoC
- netBIOS (showNews.php newsid) SQL Injection Vulnerability
- Maxtrade AIO 1.3.23 (categori) Remote SQL Injection Vulnerability
- Mybizz-Classifieds (index.php cat) SQL Injection Vulnerability
- Easy Webstore 1.2 (index.php postid) Remote SQL Injection Vulnerability
- nweb2fax <= 0.2.7 Multiple Remote Vulnerabilities
- Carscripts Classifieds (index.php cat) Remote SQL Injection Vulnerability
- BoatScripts Classifieds (index.php type) SQL Injection Vulnerability
- eLineStudio Site Composer (ESC) <= 2.6 Multiple Vulnerabilities
- OwnRS Blog beta3 (SQL/XSS) Multiple Remote Vulnerabilities
- Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities
- samart-cms 2.0 (contentsid) Remote SQL Injection Vulnerability
- CMS-BRD (menuclick) Remote SQL Injection Vulnerability
- Orlando CMS 0.6 Remote File Inclusion Vulnerabilities
- CaupoShop Classic 1.3 (saArticle[ID]) Remote SQL Injection Vulnerability
- Lotus Core CMS 1.0.1 Remote File Inclusion Vulnerabilities
- AJ Auction Web 2.0 (cate_id) SQL Injection Vulnerability
- AJ Auction v1 (id) Remote SQL Injection Vulnerability
- Virtual Support Office-XP <= 3.0.29 Multiple Remote Vulnerabilities
- GL-SH Deaf Forum <= 6.5.5 Multiple Remote Vulnerabilities
- FireAnt 1.3 (index.php page) Local File Inclusion Vulnerability
- FubarForum 1.5 (index.php page) Local File Inclusion Vulnerability
- Lightweight News Portal [LNP] 1.0b Multiple Remote Vulnerabilities
- IPTBB 0.5.6 (index.php act) Local File Inclusion Vulnerability
- CiBlog 3.1 (links-extern.php id) Remote SQL Injection Vulnerability
- Jamroom 3.3.5 Remote File Inclusion Vulnerabilities
- JaxUltraBB <= 2.0 (LFI/XSS) Multiple Remote Vulnerabilities
- emuCMS 0.3 (cat_id) Remote SQL Injection Vulnerability
- PHPAuction (profile.php user_id) Remote SQL Injection Vulnerability
- SiteXS CMS 0.1.1 (Upload/XSS) Multiple Remote Vulnerabilities
- @CMS 2.1.1 (readarticle.php article_id) SQL Injection Vulnerability
- eNews 0.1 (delete.php) Arbitrary Delete Post Vulnerability
- PHP KnowledgeBase Script 2.4 (cat_id) SQL Injection Vulnerability
- Aprox CMS Engine v5(.1.0.4) Local File Inclusion Vulnerability
- Scientific Image DataBase <= 0.41 Blind SQL Injection Exploit
- LaserNet CMS <= 1.5 Arbitrary File Upload Exploit
- LE.CMS <= 1.4 Remote Arbitrary File Upload Exploit
- CCLeague Pro <= 1.2 Insecure Cookie Authentication Vulnerability
- OFFL <= 0.2.6 (teams.php fflteam) Remote SQL Injection Vulnerability
- AJ HYIP ACME (news.php id) Remote SQL Injection Vulnerability
- phpAuction 3.2.1 (item.php id) Remote SQL Injection Vulnerability
- Joomla Component EXP Shop (catid) SQL Injection Vulnerability
- DUdForum 3.0 (forum.asp iFor) Remote SQL Injection Vulnerability
- sHibby sHop <= 2.2 (SQL/Update) Multiple Remote Vulnerabilities
- CMS Mini 0.2.2 Multiple Local File Inclusion Vulnerabilities
- phpDMCA 1.0.0 Multiple Remote File Inclusion Vulnerabilities
- IGSuite 3.2.4 (reverse shell) Blind SQL Injection Exploit
- PageSquid CMS (index.php page) Remote SQL Injection Vulnerability
- RSS-Aggregator (display.php path) Remote File Inclusion Vulnerability
- MiGCMS 2.0.5 Multiple Remote File Inclusion Vulnerabilities
- HoMaP-CMS 0.1 (plugin_admin.php) Remote File Inclusion Vulnerability
- HomePH Design 2.10 RC2 (RFI/LFI/XSS) Multiple Vulnerabilities
- Hedgehog-CMS 1.21 (header.php) Local File Inclusion Vulnerability
- CMReams CMS 1.3.1.1 Beta2 (LFI/XSS) Multiple Remote Vulnerabilities
- ODARS CMS 1.0.2 Remote File Inclusion Vulnerability
- emuCMS 0.3 (fckeditor) Arbitrary File Upload Exploit
- HoMaP-CMS 0.1 (index.php go) Remote SQL Injection Vulnerability
- BlogPHP 2.0 Remote Privilege Escalation Exploit
- Ready2Edit (pages.php menuid) Remote SQL Injection Vulnerability
- ResearchGuide 0.5 (guide.php id) SQL Injection Vulnerability
- MVC-Web CMS 1.0/1.2 (index.asp newsid) SQL Injection Vulnerability
- MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities
- Demo4 CMS (index.php id) Remote SQL Injection Vulnerability
- Joomla Component com_facileforms 1.4.4 RFI Vulnerability
- Dagger CMS 2008 (dir_inc) Remote File Inclusion Vulnerability
- TinX CMS 1.1 (LFI/XSS) Multiple Remote Vulnerabilities
- uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header DoS Exploit
- MM Chat 1.5 (LFI/XSS) Multiple Remote Vulnerabilities
- Ourvideo CMS 9.5 (RFI/LFI/XSS) Multiple Remote Vulnerabilities
- cmsWorks 2.2 RC4 (mod_root) Remote File Inclusion Vulnerability
- cmsWorks 2.2 RC4 (fckeditor) Remote Arbitrary File Upload Exploit
- Demo4 CMS 1b (fckeditor) Arbitrary File Upload Exploit
- Relative Real Estate Systems <= 3.0 (listing_id) SQL Injection Vuln
- ShareCMS 0.1 Multiple Remote SQL Injection Vulnerabilities
- Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities (2)
- DUcalendar 1.0 (detail.asp iEve) Remote SQL Injection Vulnerability
- HiveMaker Directory (index.php cid) SQL Injection Vulnerability
- E-topbiz ViralDX 2.07 (adclick.php bannerid) SQL Injection Vulnerability
- Link ADS 1 (out.php linkid) Remote SQL Injection Vulnerability
- TOKOKITA (barang.php produk_id) Remote SQL Injection Exploit
- Webdevindo-CMS 0.1 (index.php hal) Remote SQL Injection Vulnerability
- mUnky 0.0.1 (index.php zone) Local File Inclusion Vulnerability
- Jokes & Funny Pics Script (sb_jokeid) SQL Injection Vulnerability
- Mambo Component Articles (artid) Blind SQL Injection Exploit
- Page Manager CMS Remote Arbitrary File Upload Vulnerability
- MyPHP CMS 0.3.1 (page.php pid) Remote SQL Injection Vulnerability
- PHPmotion <= 2.0 (update_profile.php) Remote Shell Upload Exploit
- Joomla Component netinvoice 1.2.0 SP1 SQL Injection Vulnerability
- Keller Web Admin CMS 0.94 Pro Local File Inclusion Vulnerability
- PolyPager <= 1.0rc2 (SQL/XSS) Multiple Remote Vulnerabilities
- PHP-Fusion Mod Kroax <= 4.42 (category) SQL Injection Vulnerability
- Galmeta Post CMS 0.2 Multiple Local File Inclusion Vulnerabilities
- Seagull PHP Framework <= 0.6.4 (fckeditor) Arbitrary File Upload Exploit
- Riddles Complete Website 1.2.1 (riddleid) SQL Injection Vulnerability
- Tips Complete Website 1.2.0 (tipid) SQL Injection Vulnerability
- Jokes Complete Website 2.1.3 (jokeid) SQL Injection Vulnerability
- Drinks Complete Website 2.1.0 (drinkid) SQL Injection Vulnerability
- Cheats Complete Website 1.1.1 (itemid) SQL Injection Vulnerability
- XnView 1.93.6 for Windows .taac Local Buffer Overflow Exploit PoC
- phpBLASTER CMS 1.0 RC1 Multiple Local File Inclusion Vulnerabilities
- A+ PHP Scripts NMS Insecure Cookie Handling Vulnerability
- Orca 2.0/2.0.2 (params.php) Remote File Inclusion Vulnerability
- Keller Web Admin CMS 0.94 Pro Local File Inclusion Vulnerability (1st)
- OTManager CMS 24a (LFI/XSS) Multiple Remote Vulnerabilities
- W1L3D4 Philboard 1.2 (Blind SQL/XSS) Multiple Remote Vulnerabilities
- OTManager CMS 2.4 Insecure Cookie Handling Vulnerability
- SePortal 2.4 (poll.php poll_id) Remote SQL Injection Vulnerability
- PHP-Fusion Mod classifieds (lid) Remote SQL Injection Vulnerability
- PowerAward 1.1.0 RC1 (LFI /XSS) Multiple Remote Vulnerabilities
- Joomla Component jabode (id) Remote SQL Injection Vulnerability
- Online Booking Manager 2.2 (id) SQL Injection Vulnerability
- Joomla Component beamospetition Remote SQL Injection Vulnerability
- Joomla Component Xe webtv (id) Blind SQL Injection Exploit
- SebracCMS <= 0.4 Multiple SQL Injection Vulnerabilities
- Surgemail 39e-1 Post Auth IMAP Remote Buffer Overflow DoS
- AcmlmBoard 1.A2 (pow) Remote SQL Injection Vulnerability
- eSHOP100 (SUB) Remote SQL Injection Vulnerability
- BareNuked CMS 1.1.0 Arbitrary Add Admin Exploit
- RCM Revision Web Development (products.php) SQL Injection Vulnerability
- Pivot 1.40.5 Dreamwind load_template() Credentials Disclosure Exploit
- Catviz 0.4.0 beta1 Multiple Remote SQL Injection Vulnerabilities
- myBloggie 2.1.6 Multiple Remote SQL Injection Vulnerabilities
- AShop Deluxe 4.x (catalogue.php cat) Remote SQL Injection Exploit
- pSys v0.7.0 Alpha (chatbox.php) Remote SQL Injection Vulnerability
- OpenBSD 4.0 (FIRST ANIMATED EXPLOIT) Local Root Exploit (vga)
- Mambo Component n-gallery Multiple SQL Injection Vulnerabilities
- HIOX Banner Rotator 1.3 (hm) Remote File Inclusion Vulnerability
- php-Agenda 2.2.4 (index.php page) Local File Inclusion Vulnerability
- CAT2 (spaw_root) Local File Inclusion Vulnerability
- Sisplet CMS (index.php id) Remote SQL Injection Vulnerability
- VanGogh Web CMS 0.9 (article_ID) Remote SQL Injection Vulnerability
- PHP-Nuke Platinium <= 7.6.b.5 Remote Code Execution Exploit
- Efestech Shop 2.0 (cat_id) Remote SQL Injection Vulnerability
- plx Ad Trader 3.2 (adid) Remote SQL Injection Vulnerability
- Joomla Component versioning 1.0.2 (id) SQL Injection Vulnerability
- Joomla Component mygallery (cid) Remote SQL Injection Vulnerability
- XchangeBoard 1.70 (boardID) Remote SQL Injection Vulnerability
- CMS little (index.php template) Local File Inclusion Vulnerability
- Joomla Component com_brightweblinks (catid) SQL Injection Vulnerability
- Joomla Component QuickTime VR 0.1 Remote SQL Injection Exploit
- Joomla Component is 1.0.1 Multiple Remote SQL Injection Exploit
- phPortal 1.2 Multiple Remote File Inclusions Exploit
- CMS WebBlizzard (index.php page) Blind SQL Injection Exploit
- phpWebNews 0.2 MySQL Edition (id_kat) SQL Injection Vulnerability
- phpWebNews 0.2 MySQL Edition (det) SQL Injection Vulnerability
- pHNews CMS Multiple Local File Inclusion Vulnerabilities
- 1024 CMS <= 1.4.4 Multiple Remote/Local File Inclusion Vulnerabilities
- Joomla Component altas 1.0 Multiple Remote SQL Injection Exploit
- Joomla Component DBQuery <= 1.4.1.1 RFI Vulnerability
- Panda Security ActiveScan 2.0 (Update) Remote BOF Exploit
- Site@School <= 2.4.10 (fckeditor) Session Hijacking / File Upload Exploit
- Thelia 1.3.5 Multiple Vulnerabilities Exploit
- Kasseler CMS 1.3.0 (LFI/XSS) Multiple Vulnerabilities
- ImperialBB <= 2.3.5 Remote File Upload Exploit
- fuzzylime cms 3.01 Remote Command Execution Exploit
- XPOZE Pro 3.06 (uid) Remote SQL Injection Vulnerability
- ContentNow 1.4.1 (Upload/XSS) Multiple Remote Vulnerabilities
- CMailServer 5.4.6 (CMailCOM.dll) Remote SEH Overwrite Exploit
- Safari + Quicktime <= 7.3 RTSP Content-Type Remote BOF Exploit
- SmartPPC Pay Per Click Script (idDirectory) Blind SQL Injection Vuln
- WebXell Editor 0.1.3 Arbitrary File Upload Vulnerability
- fuzzylime cms 3.01a (file) Local File Inclusion Exploit
- Triton CMS Pro (X-Forwarded-For) Blind SQL Injection Exploit
- Neutrino 0.8.4 Atomic Edition Remote Code Execution Exploit
- SmartPPC Pay Per Click Script (idDirectory) Blind SQL Injection Exploit
- Mole Group Hotel Script 1.0 Remote SQL Injection Vulnerability
- Mole Group Real Estate Script <= 1.1 Remote SQL Injection Vulnerability
- BrewBlogger 2.1.0.1 Arbitrary Add Admin Exploit
- Boonex Dolphin 6.1.2 Multiple Remote File Inclusion Vulnerabilities
- Joomla Component com_content 1.0.0 (ItemID) SQL Injection Vuln
- trixbox (langChoice) Local File Inclusion Exploit (connect-back) v2
- Mole Group Last Minute Script <= 4.0 Remote SQL Injection Vulnerability
- BoonEx Ray 3.5 (sIncPath) Remote File Inclusion Vulnerability
- Multiple Vendors Malicious SVG File Denial of Service PoC
- Download Accelerator Plus - DAP 8.x (m3u) Local BOF Exploit 0day
- OllyDBG v1.10 and ImpREC v1.7f (export name) BOF PoC
- Poppler <= 0.8.4 libpoppler uninitialized pointer Code Execution PoC
- AuraCMS <= 2.2.2 (pages_data.php) Arbitrary Edit/Add/Delete Exploit
- Dreampics Builder (page) Remote SQL Injection Vulnerability
- DreamNews Manager (id) Remote SQL Injection Vulnerability
- gapicms 9.0.2 (dirDepth) Remote File Inclusion Vulnerability
- phpDatingClub (website.php page) Local File Inclusion Vulnerability
- Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit (c)
- File Store PRO 3.2 Multiple Blind SQL Injection Vulnerabilities
- Facebook Newsroom CMS 0.5.0 Beta 1 Remote File Inclusion Vulnerability
- Wysi Wiki Wyg 1.0 (LFI/XSS/PHPInfo) Remote Vulnerabilities
- Core Image Fun House <= 2.0 Arbitrary Code Execution PoC (OSX)
- Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability
- trixbox 2.6.1 (langChoice) Remote Root Exploit (py)
- reSIProcate 1.3.2 Remote Denial of Service PoC
- Maian Cart 1.1 Insecure Cookie Handling Vulnerability
- Maian Events 2.0 Insecure Cookie Handling Vulnerability
- Maian Gallery 2.0 Insecure Cookie Handling Vulnerability
- Maian Greetings 2.1 Insecure Cookie Handling Vulnerability
- Maian Music 1.0 Insecure Cookie Handling Vulnerability
- fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (php)
- fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (pl)
- Joomla Component n-forms 1.01 Blind SQL Injection Exploit
- WebCMS Portal Edition (id) Remote SQL Injection Vulnerability
- jSite 1.0 OE (SQL/LFI) Multiple Remote Vulnerabilities
- Avlc Forum (vlc_forum.php id) Remote SQL Injection Vulnerability
- Simple DNS Plus <= 5.0/4.1 Remote Denial of Service Exploit
- fuzzylime cms 3.01 (commrss.php) Remote Code Execution Exploit
- Maian Guestbook <= 3.2 Insecure Cookie Handling Vulnerability
- Maian Links <= 3.1 Insecure Cookie Handling Vulnerability
- Maian Recipe <= 1.2 Insecure Cookie Handling Vulnerability
- Maian Weblog <= 4.0 Insecure Cookie Handling Vulnerability
- Maian Uploader <= 4.0 Insecure Cookie Handling Vulnerability
- Maian Search <= 1.1 Insecure Cookie Handling Vulnerability
- Ultrastats <= 0.2.142 (players-detail.php) Blind SQL Injection Exploit
- MFORUM 0.1a Arbitrary Add-Admin Vulnerability
- ITechBids 7.0 Gold (XSS/SQL) Multiple Remote Vulnerabilities
- Scripteen Free Image Hosting Script 1.2 (cookie) Pass Grabber Exploit
- CodeDB (list.php lang) Local File Inclusion Vulnerability
- Yahoo Messenger 8.1 ActiveX Remote Denial of Service Exploit
- Bilboblog 2.1 Multiple Remote Vulnerabilities
- Pluck 4.5.1 (blogpost) Local File Inclusion Vulnerability (win only)
- Galatolo Web Manager 1.3a <= XSS / Remote SQL Injection Vulnerability
- pSys 0.7.0 Alpha Multiple Remote File Inclusion Vulnerability
- WinRemotePC Full+Lite 2008 r.2server Denial of Service Exploit
- Pragyan CMS 2.6.2 (sourceFolder) Remote File Inclusion Vulnerability
- Comdev Web Blogger <= 4.1.3 (arcmonth) Sql Injection Vulnerability
- php Help Agent <= 1.1 (content) Local File Inclusion Vulnerability
- Galatolo Web Manager 1.3a Insecure Cookie Handling Vulnerability
- PhotoPost vBGallery 2.4.2 Arbitrary File Upload Vulnerability
- Document Imaging SDK 10.95 ActiveX Buffer Overflow PoC
- HockeySTATS Online 2.0 Multiple Remote SQL Injection Vulnerabilities
- PHPizabi 0.848b C1 HFP1 Remote Code Execution Exploit
- Joomla Component DT Register Remote SQL injection Vulnerability
- AlstraSoft Affiliate Network Pro (pgm) Remote SQL Injection Vulnerability
- tplSoccerSite 1.0 Multiple Remote SQL Injection Vulnerabilities
- Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit
- PPMate PPMedia Class ActiveX Control Buffer Overflow PoC
- phpHoo3 <= 5.2.6 (phpHoo3.php viewCat) SQL injection Vulnerability
- AlstraSoft Video Share Enterprise 4.5.1 (UID) SQL Injection Vulnerability
- Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)
- AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit
- preCMS v.1 (index.php page) Remote SQL injection Vulnerability
- Artic Issue Tracker 2.0.0 (index.php filter) SQL Injection Vulnerability
- Aprox CMS Engine 5.1.0.4 (index.php page) SQL Injection Vulnerability
- Siteframe (folder.php id) Remote SQL Injection Vulnerability
- Apache mod_jk 1.2.19 Remote Buffer Overflow Exploit (win32)
- Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit
- PHPFootball 1.6 (show.php) Remote SQL Injection Vulnerability
- IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow PoC
- DigiLeave 1.2 (info_book.asp book_id) Blind SQL Injection Exploit
- HRS Multi (picture_pic_bv.asp key) Blind SQL Injection Exploit
- IntelliTamper 2.07 (map file) Local Arbitrary Code Execution Exploit (pl)
- Interact E-Learning System 2.4.1 (help.php) LFI Vulnerabilities
- MojoClassifieds 2.0 Remote Blind SQL Injection Exploit
- MojoPersonals (mojoClassified.cgi mojo) Blind SQL Injection Exploit
- MojoJobs (mojoJobs.cgi mojo) Blind SQL Injection Exploit
- MojoAuto (mojoAuto.cgi mojo) Blind SQL Injection Exploit
- EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability
- Arctic Issue Tracker 2.0.0 (index.php filter) SQL Injection Exploit
- ShopCartDx 4.30 (pid) Remote SQL Injection Vulnerability
- EZWebAlbum Insecure Cookie Handling Vulnerability
- IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow Exploit
- YouTube Blog 0.1 (RFI/SQL/XSS) Multiple Remote Vulnerabilities
- IntelliTamper 2.07 (server header) Remote Code Execution Exploit
- Pre Survey Poll (default.asp catid) SQL Injection Vulnerability
- minix 3.1.2a tty panic Local Denial of Service Vulnerability
- IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow Exploit (c)
- BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta)
- BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
- Microsoft Access (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit
- Atom PhotoBlog 1.1.5b1 (photoId) Remote SQL Injection Vulnerability
- ibase <= 2.03 (download.php) Remote File Disclosure Vulnerability
- Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit
- Live Music Plus 1.1.0 (id) Remote SQL Injection Vulnerability
- minix 3.1.2a tty panic Remote Denial of Service Vulnerability
- BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
- xrms 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities
- Camera Life 2.6.2 (id) Remote SQL Injection Vulnerability
- FizzMedia 1.51.2 (comment.php mid) SQL Injection Vulnerability
- phpTest 0.6.3 (picture.php image_id) Remote SQL Injection Vulnerability
- fipsCMS light <= 2.1 (r) Remote SQL Injection Vulnerability
- phpWebNews 0.2 MySQL Edition (SQL) Insecure Cookie Handling Vuln
- IceBB <= 1.0-RC9.2 Blind SQL Injection / Session Hijacking Exploit
- Mobius <= 1.4.4.1 (browse.php id) Remote SQL Injection Vulnerability
- EPShop < 3.0 (pid) Remote SQL Injection Vulnerability
- phpLinkat 0.1 Insecure Cookie Handling / SQL Injection Vulnerability
- TriO <= 2.1 (browse.php id) Remote SQL Injection Vulnerability
- CMScout 2.05 (common.php bit) Local File Inclusion Vulnerability
- Getacoder clone (sb_protype) Remote SQL Injection Vulnerability
- GC Auction Platinum (cate_id) Remote SQL Injection Vulnerability
- SiteAdmin CMS (art) Remote SQL Injection Vulnerability
- Pligg CMS 9.9.0 (story.php id) Remote SQL Injection Vulnerability
- Youtuber Clone (ugroups.php UID) Remote SQL Injection Vulnerability
- TalkBack 2.3.5 (language) Local File Inclusion Vulnerability
- Dokeos E-Learning System 1.8.5 Local File Inclusion Vulnerability
- PixelPost 1.7.1 (language_full) Local File Inclusion Vulnerability
- Velocity web-server 1.0 Directory Traversal File Download Vulnerability
- Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control BOF Exploit
- ATutor <= 1.6.1-pl1 (import.php) Remote File Inclusion Vulnerability
- ViArt Shop <= 3.5 (category_id) Remote SQL Injection Vulnerability
- Cisco IOS 12.3(18) FTP Server Remote Exploit (attached to gdb)
- Minishowcase 09b136 (lang) Local File Inclusion Vulnerability
- CoolPlayer m3u File Local Buffer Overflow Exploit
- e107 Plugin BLOG Engine 2.2 Blind SQL Injection Exploit
- Gregarius <= 0.5.4 rsargs[] Remote SQL Injection Vulnerability
- PHP Hosting Directory 2.0 (admin.php rd) RFI Vulnerability
- HIOX Random Ad 1.3 (hioxRandomAd.php hm) RFI Vulnerability
- HIOX Browser Statistics 2.0 Remote File Inclusion Vulnerability
- PHP Hosting Directory 2.0 Insecure Cookie Handling Vulnerability
- nzFotolog 0.4.1 (action_file) Local File Inclusion Vulnerability
- ZeeReviews (comments.php ItemID) Remote SQL Injection Vulnerability
- HIOX Random Ad 1.3 Arbitrary Add Admin User Exploit
- Article Friendly Pro/Standard (Cat) Remote SQL Injection Vulnerability
- HIOX Browser Statistics 2.0 Arbitrary Add Admin User Exploit
- PozScripts Classified Ads Script (cid) SQL Injection Vulnerability
- TubeGuru Video Sharing Script (UID) SQL Injection Vulnerability
- eNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit
- Pligg <= 9.9.0 Remote Code Execution Exploit
- Pligg <= 9.9.0 (XSS/LFI/SQL) Multiple Remote Vulnerabilities
- F-PROT antivirus 6.2.1.4252 (malformed archive) Infinite Loop DoS Exploit
- NCTsoft AudFile.dll ActiveX Control Remote Buffer Overflow Exploit
- PHPX 3.5.16 Cookie Poisoning and Login Bypass Vulnerability
- Symphony <= 1.7.01 (non-patched) Remote Code Execution Exploit
- Coppermine Photo Gallery <= 1.4.18 LFI / Remote Code Execution Exploit
- LetterIt 2 (language) Local File Inclusion Vulnerability
- phpMyRealty (location) Remote SQL Injection Vulnerability
- RealVNC Windows Client 4.1.2 Remote DOS Crash PoC
- PHPAuction GPL Enhanced 2.51 (profile.php) SQL Injection Vulnerability
- ABG Blocking Script 1.0a (abg_path) Remote File Inclusion Vulnerability
- E-topbiz Dating 3 PHP Script (mail_id) Remote SQL Injection Vulnerability
- Scripts24 iTGP 1.0.4 (id) Remote SQL Injection Vulnerability
- Scripts24 iPost 1.0.1 (id) Remote SQL Injection Vulnerability
- eStoreAff 0.1 (cid) Remote SQL Injection Vulnerability
- IrfanView <= 3.99 IFF File Local Stack Buffer Overflow Exploit
- GreenCart PHP Shopping Cart (id) Remote SQL Injection Vulnerability
- phsBlog 0.1.1 Multiple Remote SQL Injection Vulnerabilities
- e-Vision CMS <= 2.02 (SQL/Upload/IG) Multiple Remote Vulnerabilities
- K-Links Directory (SQL/XSS) Multiple Remote Vulnerabilities
- E-Store Kit- <= 2 PayPal Edition (pid) SQL Injection Vulnerability
- moziloCMS 1.10.1 (download.php) Arbitrary Download File Exploit
- IntelliTamper 2.07 (imgsrc) Remote Buffer Overflow Exploit
- Xerox Phaser 8400 (reboot) Remote Denial of Service Exploit
- Joomla Component EZ Store Remote Blind SQL Injection Exploit
- syzygyCMS 0.3 (index.php page) Local File Inclusion Vulnerability
- HydraIrc <= 0.3.164 (last) Remote Denial of Service Exploit
- Dayfox Blog 4 Multiple Local File Inclusion Vulnerabilities
- Plogger <= 3.0 Remote SQL Injection Vulnerability
- IGES CMS <= 2.0 (XSS/SQL) Multiple Remote Vulnerabilities
- LiteNews <= 0.1 Insecure Cookie Handling Vulnerability
- LiteNews <= 0.1 (id) Remote SQL Injection Vulnerability
- Multiple Wsn Products (LFI) Code Execution Vulnerability
- LoveCMS 1.6.2 Final Remote Code Execution Exploit
- LoveCMS 1.6.2 Final Update Settings Remote Exploit
- Quate CMS 0.3.4 (LFI/XSS) Multiple Remote Vulnerabilities
- Free Hosting Manager 1.2/2.0 Insecure Cookie Handling Vulnerability
- Discuz! 6.0.1 (searchid) Remote SQL Injection Exploit
- Ppim <= 1.0 (Arbitrary File Delete/XSS) Multiple Vulnerabilities
- Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow PoC
- BlazeDVD 5.0 PLF Playlist File Remote Buffer Overflow Exploit
- Sun xVM VirtualBox < 1.6.4 Privilege Escalation Vulnerability PoC
- e107 <= 0.7.11 Arbitrary Variable Overwriting Vulnerability
- Cisco WebEx Meeting Manager (atucfobj.dll) ActiveX Remote BOF Exploit
- Vacation Rental Script 3.0 (id) Remote SQL Injection Vulnerability
- Quicksilver Forums 1.4.1 forums[] Remote SQL Injection Exploit
- txtSQL 2.2 Final (startup.php) Remote File Inclusion Vulnerability
- PHP-Ring Webring System 0.9.1 Insecure Cookie Handling Vulnerability
- psipuss 1.0 Multiple Remote SQL Injection Vulnerabilities
- IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit
- OpenImpro 1.1 (image.php id) SQL Injection Vulnerability
- Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability
- ZeeBuddy 2.1 (bannerclick.php adid) SQL Injection Vulnerability
- Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities
- Ovidentia 6.6.5 (item) Remote SQL Injection Vulnerability
- BBlog 0.7.6 (mod) Remote SQL Injection Vulnerability
- Joomla 1.5.x (Token) Remote Admin Change Password Vulnerability
- gelato CMS 0.95 (img) Remote File Disclosure Vulnerability
- BIND 9.5.0-P2 (randomized ports) Remote DNS Cache Poisoning Exploit
- Ventrilo <= 3.0.2 NULL pointer Remote DoS Exploit
- IntelliTamper 2.07/2.08 Beta 4 A HREF Remote Buffer Overflow Exploit
- Ruby <= 1.9 (regex engine) Remote Socket Memory Leak Exploit
- FlashGet 1.9 (FTP PWD Response) Remote BOF Exploit PoC 0day
- Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF PoC
- dotCMS 1.6 (id) Multiple Local File Inclusion Vulnerabilities
- FlashGet 1.9.0.1012 (FTP PWD Response) SEH STACK Overflow Exploit
- ZEEJOBSITE 2.0 (adid) Remote SQL Injection Vulnerability
- DeeEmm CMS (DMCMS) 0.7.4 Multiple Remote Vulnerabilities
- ESET Smart Security 3.0.667.0 Privilege Escalation PoC
- VLC 0.8.6i tta File Parsing Heap Overflow PoC
- EO Video 1.36 Local Heap Overflow DOS / PoC
- XNova 0.8 sp1 (xnova_root_path) Remote File Inclusion Vulnerability
- phpArcadeScript v4 (cat) Remote SQL Injection Vulnerability
- FlashGet 1.9.0.1012 (FTP PWD Response) BOF Exploit (safeseh)
- WS_FTP Home/Professional FTP Client Remote Format String PoC
- PHPBasket (product.php pro_id) SQL Injection Vulnerability
- VidiScript (Avatar) Remote Arbitrary File Upload Vulnerability
- cyberBB 0.6 Multiple Remote SQL Injection Vulnerabilities
- PHP Live Helper <= 2.0.1 Multiple Remote Vulnerabilities
- VMware Workstation (hcmon.sys 6.0.0.45731) Local DoS Vulnerability
- TWiki 4.2.0 (configure) Remote File Disclosure Vulnerability
- SFS Affiliate Directory (id) SQL Injection Vulnerability
- Ad Board (id) Remote SQL Injection Vulnerability
- SunShop <= 4.1.4 (id) Remote SQL Injection Vulnerability
- Banner Management Script (tr.php id) Remote SQL Injection Vulnerability
- Active PHP Bookmarks 1.1.02 Remote SQL Injection Vulnerability
- Anzio Web Print Object <= 3.2.30 ActiveX Buffer Overflow Exploit
- Pars4U Videosharing V1 XSS / Remote Blind SQL Injection Exploit
- phpBazar 2.0.2 (adid) Remote SQL Injection Vulnerability
- webEdition CMS (we_objectID) Blind SQL Injection Exploit
- CustomCMS 4.0 (CCMS) print.php Remote SQL Injection Vulnerability
- PhotoCart <= 3.9 Multiple Remote SQL Injection Vulnerabilities
- BandSite CMS 1.1.4 (Download Backup/XSS/CSRF) Remote Vulnerabilities
- tinyCMS 1.1.2 (templater.php) Local File Inclusion Vulnerability
- EasySite 2.3 Multiple Remote Vulnerabilities
- NoName Script <= 1.1 Multiple Remote Vulnerabilities
- OneNews Beta 2 (XSS/HI/SQL) Multiple Remote Vulnerabilities
- VLC 0.8.6i MMS Protocol Handling Heap Overflow PoC
- 5 Star Review (XSS/SQL) Multiple Remote Vulnerabilities
- MiaCMS <= 4.6.5 Multiple Remote SQL Injection Vulnerabilities
- BtiTracker <= 1.4.7, xbtit <= 2.0.542 SQL Injection Vulnerability
- Matterdaddy Market 1.1 Multiple SQL Injection Vulnerabilities
- Web Directory Script <= 2.0 (name) SQL Injection Vulnerability
- Pluck CMS 4.5.2 Multiple Local File Inclusion Vulnerabilities
- ezContents CMS 2.0.3 Multiple Local File Inclusion Vulnerabilities
- Dana IRC 1.4a Remote Buffer Overflow Exploit
- WebBoard <= 2.0 Arbitrary SQL Question/Anwser Delete Vulnerability
- Belkin wireless G router + ADSL2 modem Auth Bypass Exploit
- GeekLog <= 1.5.0 Remote Arbitrary File Upload Exploit
- Crafty Syntax Live Help <= 2.14.6 (department) SQL Injection Vuln
- z-breaknews 2.0 (single.php) Remote SQL Injection Vulnerability
- Kolifa.net Download Script 1.2 (id) SQL Injection Vulnerability
- Simple PHP Blog (SPHPBlog) <= 0.5.1 Code Execution Exploit
- K-Rate (SQL/XSS) Multiple Remote Vulnerabilities
- CMME 1.12 (LFI/XSS/CSRF/Backup/MkDir) Multiple Vulnerabilities
- Thickbox Gallery v2 (admins.php) Admin Data Disclosure Vulnerability
- iFdate <= 2.0.3 Remote SQL Injection Vulnerability
- MyBulletinBoard (MyBB) <= 1.2.11 private.php SQL Injection Exploit (2)
- Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF Exploit
- Ultra Office ActiveX Control Remote Buffer Overflow Exploit
- Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit
- phpMyRealty <= 1.0.9 Multiple Remote SQL Injection Vulnerabilities
- YourOwnBux 3.1, 3.2 Beta Remote SQL Injection Vulnerability
- Acoustica Mixcraft <= 4.2 Build 98 (mx4 file) Local BOF Exploit
- Friendly Technologies (fwRemoteCfg.dll) ActiveX Remote BOF Exploit
- Friendly Technologies (fwRemoteCfg.dll) ActiveX Command Exec Exploit
- Invision Power Board <= 2.3.5 Multiple Vulnerabilities Exploit (revised)
- LogMeIn Remote Access Utility ActiveX Memory Corruption DoS
- Najdi.si Toolbar ActiveX Remote Buffer Overflow PoC
- Sun Solaris <= 10 snoop(1M) Utility Remote Exploit
- Acoustica MP3 CD Burner 4.51 Build 147 (asx file) Local BOF Exploit
- Micrsoft Windows GDI (CreateDIBPatternBrushPt) Heap Overflow PoC
- Brim 2.0.0 (SQL/XSS) Multiple Remote Vulnerabilities
- Acoustica Beatcraft 1.02 Build 19 (bcproj file) Local BOF Exploit
- Friendly Technologies Read/Write Registry/Read Files Exploit
- Web Directory Script 1.5.3 (site) SQL Injection Vulnerability
- Words tag script 1.2 (word) Remote SQL Injection Vulnerability
- Postfix <= 2.6-20080814 (symlink) Local Privilege Escalation Exploit
- myPHPNuke < 1.8.8_8rc2 (XSS/SQL) Multiple Remote Vulnerabilities
- WeBid 0.5.4 Multiple Remote Vulnerabilities
- WeBid 0.5.4 (item.php id) Remote SQL Injection Vulnerability
- EasyClassifields 3.0 (go) Remote SQL Injection Vulnerability
- CMSbright (id_rub_page) Remote SQL Injection Vulnerability
- WeBid 0.5.4 (fckeditor) Remote Arbitrary File Upload Exploit
- VMware COM API ActiveX Remote Buffer Overflow PoC
- e107 Plugin BLOG Engine 2.2 (uid) SQL Injection Exploit
- myPHPNuke < 1.8.8_8rc2 (artid) SQL Injection Vulnerability
- Coupon Script 4.0 (id) Remote SQL Injection Vulnerability
- Reciprocal Links Manager 1.1 (site) SQL Injection Vulnerability
- AJ HYIP ACME (comment.php artid) SQL Injection Vulnerability
- AJ HYIP ACME (readarticle.php artid) SQL Injection Vulnerability
- CS-Cart <= 1.3.5 (Auth Bypass) SQL Injection Vulnerability
- Google Chrome Browser 0.2.149.27 malicious link DoS Vulnerability
- Spice Classifieds (cat_path) Remote SQL Injection Vulnerability
- Google Chrome Browser 0.2.149.27 Automatic File Download Exploit
- Moodle <= 1.8.4 Remote Code Execution Exploit
- aspWebAlbum 3.2 (Upload/SQL/XSS) Multiple Remote Vulnerabilities
- TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload Vulnerability
- Living Local Website (listtest.php r) SQL Injection Vulnerability
- ACG-PTP 1.0.6 (adid) Remote SQL Injection Vulnerability
- Qwicsite Pro (SQL/XSS) Multiple Remote Vulnerabilities
- ACG-ScriptShop (cid) Remote SQL Injection Vulnerability
- Google Chrome Browser 0.2.149.27 (1583) Remote Silent Crash PoC
- MicroTik RouterOS <= 3.13 SNMP write (Set request) PoC
- Google Chrome Browser 0.2.149.27 (SaveAs) Remote BOF Exploit
- AWStats Totals (awstatstotals.php sort) Remote Code Execution Exploit
- devalcms 1.4a XSS / Remote Code Execution Exploit
- WebCMS Portal Edition (index.php id) Blind SQL Injection Exploit
- Vastal I-Tech Agent Zone (ann_id) SQL Injection Vulnerability
- Google Chrome Browser 0.2.149.27 A HREF Denial of Service Exploit
- Vastal I-Tech Visa Zone (news_id) SQL Injection Vulnerability
- Vastal I-Tech Toner Cart (id) SQL Injection Vulnerability
- Vastal I-Tech Share Zone (id) SQL Injection Vulnerability
- Vastal I-Tech DVD Zone (cat_id) SQL Injection Vulnerability
- Vastal I-Tech Jobs Zone (news_id) SQL Injection Vulnerability
- Vastal I-Tech MMORPG Zone (game_id) SQL Injection Vulnerability
- Vastal I-Tech Mag Zone (cat_id) SQL Injection Vulnerability
- Vastal I-Tech Freelance Zone (coder_id) SQL Injection Vulnerability
- Vastal I-Tech Cosmetics Zone (cat_id) SQL Injection Vulnerability
- EsFaq 2.0 (idcat) Remote SQL Injection Vulnerability
- Vastal I-Tech Shaadi Zone 1.0.9 (tage) SQL Injection Vulnerability
- Google Chrome Browser 0.2.149.27 Inspect Element DoS Exploit
- CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (meta)
- Vastal I-Tech Dating Zone (fage) SQL Injection Vulnerability
- Numark Cue 5.0 rev 2 Local .M3U File Stack Buffer Overflow Exploit
- IntegraMOD 1.4.x (Insecure Directory) Download Database Vulnerability
- Flock Social Web Browser 1.2.5 (loop) Remote Denial of Service Exploit
- Simple Machines Forum <= 1.1.5 Admin Reset Password Exploit (win32)
- MemHT Portal <= 3.9.0 Remote Create Shell Exploit
- Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC
- Masir Camp E-Shop Module <= 3.0 (ordercode) SQL Injection Vuln
- Alstrasoft Forum (cat) Remote SQL Injection Vulnerability
- Wordpress 2.6.1 SQL Column Truncation Vulnerability
- E-Shop Shopping Cart Script (search_results.php) SQL Injection Vuln
- Alstrasoft Forum (catid) Remote SQL Injection Vulnerability
- Stash 1.0.3 Multiple SQL Injection Vulnerabilities
- Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities
- Live TV Script (index.php mid) SQL Injection Vulnerability
- Creator CMS 5.0 (sideid) Remote SQL Injection Vulnerability
- Stash 1.0.3 Insecure Cookie Handling Vulnerability
- Microworld Mailscan 5.6.a Password Reveal Exploit
- CMS Buzz (id) Remote SQL Injection Vulnerability
- Availscript Article Script (articles.php) Multiple Vulnerabilities
- Kim Websites 1.0 (fckeditor) Remote Arbitrary File Upload Vulnerability
- Availscript Photo Album (pics.php) Multiple Vulnerabilities
- Availscript Classmate Script (viewprofile.php) SQL Injection Vulnerability
- Zanfi CMS lite 1.2 Multiple Local File Inclusion Vulnerabilities
- Peachtree Accounting 2004 (PAWWeb11.ocx) ActiveX Insecure Method
- Libera CMS <= 1.12 (Cookie) Remote SQL Injection Exploit
- Availscript Jobs Portal Script (jid) SQL Injection Vulnerability (auth)
- Zanfi CMS lite / Jaw Portal free (fckeditor) Arbitrary File Upload Vuln
- aspWebAlbum 3.2 Multiple Remote Vulnerabilities
- Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit
- phpVID 1.1 (XSS/SQL) Multiple Remote Vulnerabilities
- Zanfi CMS lite / Jaw Portal free (page) SQL Injection Vulnerability
- Adobe Acrobat 9 ActiveX Remote Denial of Service Exploit
- PhpWebGallery 1.3.4 (XSS/LFI) Multiple Vulnerabilities
- Autodealers CMS AutOnline (pageid) SQL Injection Vulnerability
- Sports Clubs Web Panel 0.0.1 (p) Local File Inclusion Vulnerability
- Easy Photo Gallery 2.1 XSS/FD/Bypass/SQL Injection Exploit
- D-iscussion Board 3.01 (topic) Local File Inclusion Vulnerability
- phsBlog 0.2 Bypass SQL Injection Filtering Exploit
- minb 0.1.0 Remote Code Execution Exploit
- Autodealers CMS AutOnline (id) SQL Injection Vulnerability
- Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC
- Sports Clubs Web Panel 0.0.1 (id) SQL Injection Vulnerabilities
- PhpWebGallery 1.3.4 (cat) Blind SQL Injection Vulnerability
- Easy Photo Gallery 2.1 Arbitrary Add Admin / remove user Vulnerability
- Yourownbux 4.0 (COOKIE) Authentication Bypass Exploit
- Sports Clubs Web Panel 0.0.1 Remote File Upload Vulnerability
- PhpWebGallery 1.3.4 Remote Blind SQL Injection Exploit
- pForum 1.30 (showprofil.php id) Remote SQL Injection Vulnerability
- WebPortal CMS <= 0.7.4 (download.php aid) SQL Injection Exploit
- iBoutique 4.0 (cat) Remote SQL Injection Vulnerability
- SkaLinks 1.5 (register.php) Remote Arbitrary Add Editor Vulnerability
- vbLOGIX Tutorial Script <= 1.0 (cat_id) SQL Injection Vulnerability
- pNews 2.03 (newsid) Remote SQL Injection Vulnerability
- WebPortal CMS <= 0.7.4 (fckeditor) Arbitrary File Upload Vulnerability
- pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit
- Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit
- Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure Vulns
- phpSmartCom 0.2 (LFI/SQL) Multiple Remote Vulnerabilities
- FoT Video scripti 1.1b (oyun) Remote SQL Injection Vulnerability
- Windows Media Encoder wmex.dll ActiveX BOF Exploit (MS08-053)
- Linkarity (link.php) Remote SQL Injection Vulnerability
- Free PHP VX Guestbook 1.06 Arbitrary Database Backup Vulnerability
- Free PHP VX Guestbook 1.06 Insecure Cookie Handling Vulnerability
- The Personal FTP Server 6.0f RETR Denial of Service Exploit
- Nokia e90/n82 (s60v3) Remote Denial of Service Vulnerability
- Kasseler CMS 1.1.0/1.2.0 Lite Remote SQL Injection Vulnerabilities
- Cpanel <= 11.x (Fantastico) LFI Vulnerability (sec bypass)
- CzarNews <= 1.20 (Cookie) Remote SQL Injection Exploit
- MS Windows WRITE_ANDX SMB command handling Kernel DoS (meta)
- CzarNews <= 1.20 (Account Hijacking) Remote SQL Injection Vuln
- Pre Real Estate Listings (search.php c) SQL Injection Vulnerability
- Link Bid Script 1.5 Multiple Remote SQL Injection Vulnerabilities
- iScripts EasyIndex (produid) Remote SQL Injection Vulnerability
- Attachmax Dolphin <= 2.1.0 Multiple Remote Vulnerabilities
- Gonafish LinksCaffePRO 4.5 (index.php) SQL Injection Vulnerability
- Hotel reservation System (city.asp city) Blind SQL Injection Vulnerability
- QuickTime 7.5.5 / ITunes 8.0 Remote off by one Crash Exploit
- Postfix < 2.4.9, 2.5.5, 2.6-20080902 (.forward) Local DoS Exploit
- phpRealty 0.3 (INC) Remote File Inclusion Vulnerability
- WonderWare SuiteLink 2.0 Remote Denial of Service Exploit (meta)
- PHP Crawler 0.8 (footer) Remote File Inclusion Vulnerability
- Cisco Router HTTP Administration CSRF Command Execution Exploit
- Cisco Router HTTP Administration CSRF Command Execution Exploit 2
- Technote 7 (shop_this_skin_path) Remote File Inclusion Vulnerability
- X10media Mp3 Search Engine 1.5.5 Remote File Inclusion Vulnerability
- Femitter FTP Server 1.03 (RETR) Remote Denial of Service Exploit PoC
- addalink <= 4 Write Approved Links Remote Vulnerability
- E-Php CMS (article.php es_id) Remote SQL Injection Vulnerability
- addalink <= 4 (category_id) Remote SQL Injection Vulnerability
- ProArcadeScript 1.3 (random) Remote SQL Injection Vulnerability
- CYASK 3.x (collect.php neturl) Local File Disclosure Vulnerability
- Diesel Joke Site (picture_category.php id) SQL Injection Vulnerability
- ProActive CMS (template) Local File Inclusion Vulnerability
- AssetMan v2.5-b SQL Injection using Session Fixation Attack
- NuMedia Soft NMS DVD Burning SDK Activex (NMSDVDX.dll) Exploit
- Pluck 4.5.3 (update.php) Remote File Corruption Exploit
- fhttpd 0.4.2 un64() Remote Denial of Service Exploit
- easyLink 1.1.0 (detail.php) Remote SQL Injection Vulnerability
- Explay CMS <= 2.1 Persistent XSS and CSRF Vulnerability
- DESlock+ <= 3.2.7 Local Kernel Overflow PoC
- DESlock+ <= 3.2.7 Local Kernel Race Condition Denial of Service PoC
- DESlock+ <= 3.2.7 (probe read) Local Kernel Denial of Service PoC
- Advanced Electron Forum <= 1.0.6 Remote Code Execution Vulnerability
- Explay CMS <= 2.1 Insecure Cookie Handling Vulnerability
- MyFWB 1.0 (index.php page) Remote SQL Injection Vulnerability
- Diesel Pay Script (area) Remote SQL Injection Vulnerability
- Plaincart 1.1.2 (p) Remote SQL Injection Vulnerability
- Oceandir <= 2.9 (show_vote.php id) Remote SQL Injection Vulnerability
- jPORTAL 2 (humor.php id) Remote SQL Injection Vulnerability
- Unreal Tournament 3 v1.3 Remote Directory Traversal Vulnerability
- Invision Power Board <= 2.3.5 Remote SQL Injection Exploit
- Basic PHP Events Lister 1.0 Remote SQL Injection Vulnerability
- TWiki <= 4.2.2 (action) Remote Code Execution Vulnerability
- PHPKB 1.5 Professional Multiple Remote SQL Injection Vulnerabilities
- 6rbScript 3.3 (singerid) Remote SQL Injection Vulnerability
- Diesel Job Site (job_id) Blind SQL Injection Vulnerability
- Rianxosencabos CMS 0.9 Arbitrary Add-Admin Vulnerability
- Availscript Jobs Portal Script File Upload Vulnerability (auth)
- DESlock+ 3.2.7 (vdlptokn.sys) Local Denial of Service Exploit
- e107 Plugin Image Gallery 0.9.6.2 (image) SQL Injection Vulnerability
- NetArtMedia Jobs Portal 1.3 Multiple SQL Injection Vulnerabilities
- NetArtMedia Real Estate Portal 1.2 SQL Injection Vulnerability
- PHP iCalendar <= 2.24 (cookie_language) LFI / File Upload Exploit
- 6rbScript 3.3 (section.php name) Local File Inclusion Vulnerability
- Rianxosencabos CMS 0.9 Insecure Cookie Handling Vulnerability
- Availscript Article Script (view.php v) SQL Injection Vulnerability
- WCMS v.1.0b Arbitrary Add Admin Exploit
- WSN Links 2.22/2.23 (vote.php) Remote SQL Injection Vulnerability
- WSN Links 2.20 (comments.php) SQL Injection Vulnerability
- PHP iCalendar <= 2.24 Insecure Cookie Handling Vulnerability
- BuzzyWall <= 1.3.1 (search.php search) SQL Injection Vulnerability
- WCMS v.1.0b (news_detail.asp id) Remote SQL Injection Vulnerability
- WSN Links Free 4.0.34P (comments.php) Blind SQL Injection Exploit
- OpenElec <= v3.01 (form.php obj) Local File Inclusion Vulnerability
- MyBlog <= 0.9.8 Insecure Cookie Handling Vulnerability
- Sagem Routers F@ST Remote CSRF Exploit (dhcp hostname attack)
- basebuilder <= 2.0.1 (main.inc.php) Remote File Inclusion Vulnerability
- Fez 1.3/2.0 RC1 (list.php) Remote SQL Injection Vulnerability
- CJ Ultra Plus <= 1.0.4 Cookie Remote SQL Injection Exploit
- Chilkat XML ActiveX Remote Arbitrary File Creation/Execution Exploit
- OpenRat <= 0.8-beta4 (tpl_dir) Remote File Inclusion Vulnerability
- Sofi WebGui <= 0.6.3 PRE (mod_dir) Remote File Inclusion Vulnerability
- iGaming CMS <= 1.5 Multiple Remote SQL Injection Exploit
- Galmeta Post CMS <= 0.2 Remote Code Execution / Arbitrary File Upload
- JETIK-WEB Software (sayfa.php kat) SQL Injection Vulnerability
- Ol Bookmarks Manager 0.7.5 Local File Inclusion Vulnerability
- WebPortal CMS <= 0.7.4 (code) Remote Code Execution Vulnerability
- Hotscripts Clone (cid) Remote SQL Injection Vulnerability
- Rianxosencabos CMS 0.9 Remote Add Admin Exploit
- Ol Bookmarks Manager 0.7.5 RFI / LFI / SQL Injection Vulnerabilities
- BurnAware NMSDVDXU ActiveX Remote Arbitrary File Creation/Execution
- Jetik Emlak ESA 2.0 Multiple Remote SQL Injection Vulnerabilities
- AJ Auction Pro Platinum Skin #2 (detail.php item_id) SQL Injection Vuln
- emergecolab 1.0 (sitecode) Local File Inclusion Vulnerability
- mailwatch <= 1.0.4 (docs.php doc) Local File Inclusion Vulnerability
- PHPcounter <= 1.3.2 (defs.php l) Local File Inclusion Vulnerability
- Google Chrome Browser Carriage Return Null Object Memory Exhaustion
- Jadu CMS for Government (recruit_details.php) SQL Injection Vuln
- webcp 0.5.7 (filelocation) Remote File Disclosure Vulnerability
- ADN Forum <= 1.0b Insecure Cookie Handling Vulnerability
- barcodegen <= 2.0.0 Local File Inclusion Vulnerability
- Observer 0.3.2.1 Multiple Remote Command Execution Vulnerabilities
- MS Windows Wordpad .doc File Local Denial of Service PoC
- AJ Auction Pro Platinum (seller_id) SQL Injection Vulnerability
- LanSuite 3.3.2 (design) Local File Inclusion Vulnerability
- phpOCS <= 0.1-beta3 (index.php act) Local File Inclusion Vulnerability
- Vikingboard <= 0.2 Beta (task) Local File Inclusion Vulnerability
- K-Lite Mega Codec Pack 3.5.7.0 Local Windows Explorer DoS PoC
- PHP infoBoard v.7 Plus Multiple Remote Vulnerabilities
- Libra PHP File Manager <= 1.18/2.0 Local File Inclusion Exploit
- PHP infoBoard v.7 Plus Insecure Cookie Handling Vulnerability
- Vikingboard <= 0.2 Beta SQL Column Truncation Vulnerability
- ICONICS Vessel / Gauge / Switch 8.02.140 ActiveX BOF Exploit (meta)
- openEngine <= 2.0 beta4 Remote File Inclusion Vulnerability
- Atomic Photo Album 1.1.0pre4 (XSS/SQL) Remote Vulnerabilities
- LanSuite 3.3.2 (fckeditor) Arbitrary File Upload Exploit
- Atomic Photo Album 1.1.0pre4 Blind SQL Injection Exploit
- barcodegen <= 2.0.0 (class_dir) Remote File Inclusion Vulnerability
- Ultimate Webboard 3.00 (Category) SQL Injection Vulnerability
- PromoteWeb MySQL (go.php id) Remote SQL Injection Vulnerability
- 212cafe Board 0.07 (view.php qID) SQL Injection Vulnerability
- Libra PHP File Manager <= 1.18 Insecure Cookie Handling Vulnerability
- Atomic Photo Album 1.1.0pre4 Insecure Cookie Handling Vulnerability
- WinFTP Server 2.3.0 (NLST) Denial of Service Exploit
- Windows Mobile 6.0 Device long name Remote Reboot Exploit
- Esqlanelapse Software Project <= 2.6.2 Insecure Cookie Handling Vuln
- The Gemini Portal <= 4.7 Insecure Cookie Handling Vulnerability
- openEngine 2.0 beta2 Remote File Inclusion Vulnerability
- Crux Gallery <= 1.32 Insecure Cookie Handling Vulnerability
- The Gemini Portal (lang) Remote File Inclusion Vulnerabilities
- MS Windows GDI+ (.ico File) Remote Division By Zero Exploit
- RPG.Board <= 0.0.8Beta2 (showtopic) SQL Injection Vulnerability
- ASPapp KnowledgeBase (catid) Remote SQL Injection Vulnerability
- RPG.Board <= 0.0.8Beta2 Insecure Cookie Handling Vulnerability
- X7 Chat <= 2.0.1A1 (mini.php help_file) Local File Inclusion Vulnerability
- Vbgooglemap Hotspot Edition 1.0.3 Remote SQL Injection Vulnerability
- Camera Life 2.6.2b4 Arbitrary File Upload Vulnerability
- Joovili <= 3.0 Multiple SQL Injection Vulnerabilities
- E-Uploader Pro <= 1.0 Multiple Remote SQL Injection Vulnerabilities
- CoAST 0.95 (sections_file) Remote File Inclusion Vulnerability
- Real Estate Manager (cat_id) Remote SQL injection vulnerability
- Chilkat IMAP ActiveX 7.9 File Execution / IE DoS Exploit
- LnBlog <= 0.9.0 (plugin) Local File Inclusion Vulnerability
- PlugSpace 0.1 (index.php navi) Local File Inclusion Vulnerability
- MyCard 1.0.2 (gallery.php id) Remote SQL Injection Vulnerability
- PowerPortal 2.0.13 (path) Local Directory Traversal Vulnerability
- PHP-Lance 1.52 (show.php catid) Remote SQL Injection Vulnerability
- Yoxel <= 1.23beta (itpm_estimate.php a) Remote Code Execution Vuln
- X7 Chat <= 2.0.1A1 Local File Inclusion Vulnerability (original find)
- ZEELYRICS 2.0 (bannerclick.php adid) SQL Injection Vulnerability
- Google Chrome 0.2.149.30 Window Object Suppressing DoS Exploit
- ParsaWeb CMS (Search) Remote SQL Injection Vulnerability
- PHPcounter <= 1.3.2 (index.php name) Remote SQL Injection Exploit
- Pro Chat Rooms 3.0.3 (guid) SQL Injection Vulnerabilities
- Pilot Group eTraining (news_read.php id) SQL Injection Vulnerability
- Mozilla Firefox 3.0.3 User Interface Null Pointer Dereference Crash
- Opera 9.52 Window Object Suppressing Remote Denial of Service Exploit
- MS Windows Explorer Unspecified .ZIP File Denial of Service Exploit
- BbZL.PhP 0.92 (lien_2) Local Directory Traversal Vulnerability
- Joomla Component imagebrowser <= 0.1.5 RC2 Directory Traversal Vuln
- MS Internet Explorer GDI+ Proof of Concept (MS08-052)
- PHP-Fusion Mod freshlinks (linkid) Remote SQL Injection Vuln
- BbZL.PhP 0.92 Insecure Cookie Handling Vulnerability
- Wireshark 1.0.x Malformed .ncf packet capture Local Denial of Service
- Events Calendar 1.1 Remote File Inclusion Vulnerability
- Arcadem Pro (articlecat) Remote SQL Injection Vulnerability
- Post Comments 3.0 Insecure Cookie Handling Vulnerability
- PG Matchmaking Script Multiple SQL Injection Vulnerabilities
- ArabCMS (rss.php rss) Local File Inclusion Vulnerability
- FAQ Management Script (catid) Remote SQL Injection Vulnerability
- Autodesk DWF Viewer Control / LiveUpdate Module Remote Exploit
- SG Real Estate Portal 2.0 Blind SQL Injection/Local File Inclusion Vulns
- MiNBank 1.5.0 Multiple Remote File Inclusion Vulnerability
- eFront <= 3.5.1 / build 2710 Remote Arbitrary Upload Vulnerability
- SG Real Estate Portal 2.0 Blind SQL Injection Exploit
- SG Real Estate Portal 2.0 Insecure Cookie Handling Vulnerability
- Rianxosencabos CMS 0.9 Remote Blind SQL Injection Vulnerability
- BookMarks Favourites Script (view_group.php id) SQL Injection Vuln
- GdPicture Pro ActiveX (gdpicture4s.ocx) File Overwrite / Exec Exploit
- Pritlog <= 0.4 (filename) Remote File Disclosure Vulnerability
- ADN Forum <= 1.0b Blind SQL Injection Exploit
- MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability
- BMForum 5.6 (tagname) Remote SQL Injection Vulnerability
- Discussion Forums 2k v3.3 Multiple SQL Injection Vulnerabilities
- Noname CMS 1.0 Multiple SQL Injection Vulnerabilities
- Crux Gallery <= 1.32 (index.php theme) Local File Inclusion Vulnerability
- phpScheduleIt <= 1.2.10 (reserve.php) Remote Code Execution Exploit
- ESET SysInspector - 1.1.1.0 (esiadrv.sys) Proof of Concept Exploit
- RPortal 1.1 (file_op) Remote File Inclusion Vulnerability
- phpscripts Ranking Script Insecure Cookie Handling Vulnerability
- Link Trader (ratelink.php lnkid) Remote SQL Injection Vulnerability
- vxFtpSrv 2.0.3 CWD command Remote Buffer Overflow PoC
- Bux.to Clone Script Insecure Cookie Handling Vulnerability
- OLIB 7 WebView 2.5.1.1 (infile) Local File Inclusion Vulnerability
- mIRC 6.34 Remote Buffer Overflow PoC
- OpenX 2.6 (ac.php bannerid) Remote Blind SQL Injection Exploit
- MS Windows GDI (EMR_COLORMATCHTOTARGETW) Exploit MS08-021
- IP Reg <= 0.4 Remote Blind SQL Injection Exploit
- VBA32 Personal Antivirus 3.12.8.x (malformed archive) DoS Exploit
- Full PHP Emlak Script (arsaprint.php id) SQL Injection Vulnerability
- Serv-U <= 7.3 (stou con:1) Denial of Service Vulnerability (auth)
- Serv-U <= 7.3 Remote FTP File Replacement Vulnerability (auth)
- AdaptCMS Lite <= 1.3 Blind SQL Injection Exploit
- CCMS 3.1 (skin) Multiple Local File Inclusion Vulnerabilities
- Kwalbum <= 2.0.2 Arbitary File Upload Vulnerability
- mIRC 6.34 Remote Buffer Overflow Exploit
- pPIM 1.01 (notes.php id) Local File Inclusion Vulnerability
- AyeView 2.20 (malformed gif image) Local Crash Exploit
- JMweb Multiple (src) Local File Inclusion Vulnerabilities
- FOSS Gallery Admin <= 1.0 Remote Arbitrary Upload Exploit
- MS Windows Vista Access Violation from Limited Account Exploit (BSoD)
- AyeView 2.20 (invalid bitmap header parsing) Crash Exploit
- FastStone Image Viewer 3.6 (malformed bmp image) Crash Exploit
- FOSS Gallery Public <= 1.0 Arbitrary Upload / Information c99 Expoit
- Galerie 3.2 (pic) WBB Lite Addon Blind SQL Injection Exploit
- OpenNMS < 1.5.96 Multiple Remote Vulnerabilities
- geccBBlite 2.0 (leggi.php id) Remote SQL Injection Exploit
- Fastpublish CMS 1.9999 (LFI/SQL) Multiple Remote Vulnerabilities
- phpAbook <= 0.8.8b (COOKIE) Local File Inclusion Vulnerability
- FOSS Gallery Public <= 1.0 Arbitrary File Upload Vulnerabilities
- PHP-Fusion Mod manuals (manual) Remote SQL Injection Vulnerability
- PHP-Fusion Mod raidtracker_panel (INFO_RAID_ID) SQL Injection
- PHP-Fusion Mod recept (kat_id) SQL Injection Vulnerability
- PHP-Fusion Mod triscoop_race_system (raceid) SQL Injection Vuln
- asiCMS alpha 0.208 Multiple Remote File Inclusion Vulnerabilities
- Hammer Software MetaGauge 1.0.0.17 Directory Traversal Vulnerability
- Yerba SACphp <= 6.3 (mod) Local File Inclusion Exploit
- Konqueror 3.5.9 (font color) Remote Crash Vulnerability
- Skype extension for Firefox BETA 2.2.0.95 Clipboard Writing Vulnerability
- Yerba SACphp <= 6.3 Multiple Remote Vulnerabilities
- Joomla Component com_hotspots (w) Remote SQL Injection Vulnerability
- YourOwnBux 4.0 (COOKIE) Remote SQL Injection Vulnerability
- PHP Realtor 1.5 (view_cat.php v_cat) Remote SQL Injection Vulnerability
- PHP Auto Dealer 2.7 (view_cat.php v_cat) SQL Injection Vulnerability
- PHP Autos 2.9.1 (searchresults.php catid) SQL Injection Vulnerability
- Built2Go PHP RealEstate 1.5 (event_detail.php) SQL Injection Vuln
- TorrentTrader Classic <= 1.04 Blind SQL Injection Vulnerability
- Microsoft PicturePusher ActiveX Cross Site File Upload Attack PoC
- DFF PHP Framework API (Data Feed File) RFI Vulnerabilities
- HispaH textlinksads (index.php) Remote SQL Injection Vulnerability
- AdMan 1.1.20070907 (campaignId) SQL Injection Vulnerability
- WebBiscuits Modules Controller <= 1.1 (RFI/RFD) Remote Vulnerabilities
- Konqueror 3.5.9 (color/bgcolor) Multiple Remote Crash Vulnerabilities
- MS Windows 2003 Token Kidnapping Local Exploit PoC
- Kusaba <= 1.0.4 Remote Code Execution Exploit
- Gforge <= 4.5.19 Multiple Remote SQL Injection Vulnerabilities
- Gforge <= 4.6 rc1 (skill_edit) SQL Injection Vulnerability
- Joomla Component Joomtracker 1.01 Remote SQL injection Vulnerability
- Camera Life 2.6.2b4 (SQL/XSS) Multiple Remote Vulnerabilities
- Kusaba <= 1.0.4 Remote Code Execution Exploit #2
- IranMC Arad Center (news.php id) SQL Injection Vulnerability
- ScriptsEz Mini Hosting Panel (members.php) LFI Vulnerability
- Stash 1.0.3 (SQL) User Credentials Disclosure Exploit
- ScriptsEz Easy Image Downloader Local File Download Vulnerability
- MS Windows GDI+ Proof of Concept (MS08-052) #2
- WinFTP 2.3.0 (PASV mode) Remote Denial of Service Exploit
- Konqueror 3.5.9 (load) Remote Crash Vulnerability
- NoticeWare E-mail Server 5.1.2.2 (POP3) Pre-Auth DoS Exploit
- Ayco Okul Portali (linkid) SQL Injection Vulnerability (tr)
- Easynet4u Forum Host (forum.php) SQL Injection Vulnerability
- Easynet4u faq Host (faq.php faq) Remote SQL Injection Vulnerability
- Joomla Component Ignite Gallery 0.8.3 SQL Injection Vulnerability
- Joomla Component mad4joomla SQL Injection Vulnerability
- MunzurSoft Wep Portal W3 (kat) SQL Injection Vulnerability
- Nokia Mini Map Browser (array sort) Silent Crash Vulnerability
- Easynet4u Link Host (cat_id) SQL Injection Vulnerability
- SlimCMS <= 1.0.0 (redirect.php) Privilege Escalation Exploit
- Joomla Component ownbiblio 1.5.3 (catid) SQL Injection Vulnerability
- Absolute Poll Manager XE 4.1 (xlacomments.asp) SQL Injection Vuln
- MS Windows InternalOpenColorProfile Heap Overflow PoC (MS08-046)
- mini-pub 0.3 (LFD/CE) Multiple Remote Vulnerabilities
- mini-pub 0.3 Local Directory Traversal / File Disclosure Vulnerabilities
- Globsy <= 1.0 Remote File Rewriting Exploit
- Real Estate Scripts 2008 (index.php cat) SQL Injection Vulnerability
- LokiCMS <= 0.3.4 (index.php page) Arbitrary Check File Exploit
- GuildFTPd 0.999.8.11/0.999.14 Heap Corruption PoC/DoS Exploit
- NewLife Blogger <= 3.0 Insecure Cookie Handling / SQL Injection Vuln
- My PHP Indexer 1.0 (index.php) Local File Download Vulnerability
- XM Easy Personal FTP Server 5.6.0 Remote Denial of Service Exploit
- RaidenFTPD 2.4 build 3620 Remote Denial of Service Exploit
- LokiCMS 0.3.4 writeconfig() Remote Command Execution Exploit
- LokiCMS 0.3.4 (admin.php) Create Local File Inclusion Exploit
- ParsBlogger (links.asp id) Remote SQL Injection Vulnerability
- IndexScript 3.0 (sug_cat.php parent_id) SQL Injection Vulnerability
- WP Comment Remix 1.4.3 Remote SQL Injection Exploit
- XOOPS Module xhresim (index.php no) Remote SQL Injection Vuln
- Nuked-klaN <= 1.7.7 / <= SP4.4 Multiple Vulnerabilities Exploit
- Telecom Italia Alice Pirelli routers Backdoor from internal LAN/WAN
- SezHoo 0.1 (IP) Remote File Inclusion Vulnerability
- Eserv 3.x FTP Server (ABOR) Remote Stack Overflow PoC
- Titan FTP server 6.26 build 630 Remote Denial of Service Exploit
- My PHP Dating (success_story.php id) SQL Injection Vulnerability
- PhpWebGallery <= 1.7.2 Session Hijacking / Code Execution Exploit
- VLC 0.9.2 Media Player XSPF Memory Corruption Vulnerability
- MS Windows XP/2003 AFD.sys Privilege Escalation Exploit (K-plugin)
- AstroSPACES (id) Remote SQL Injection Vulnerability
- myStats (hits.php) Multiple Remote Vulnerabilities Exploit
- myEvent 1.6 (viewevent.php) Remote SQL Injection Vulnerability
- Hummingbird <= 13.0 ActiveX Remote Buffer Overflow PoC
- CafeEngine Multiple Remote SQL Injection Vulnerabilities
- Mosaic Commerce (category.php cid) SQL Injection Vulnerability
- Mic_blog 0.0.3 (SQL Injection/Privilege Escalation) Remote Exploit
- IP Reg <= 0.4 Multiple Remote SQL Injection Vulnerabilities
- PokerMax Poker League Insecure Cookie Handling Vulnerability
- Kure 0.6.3 (index.php post,doc) Local File Inclusion Vulnerability
- Mantis Bug Tracker <= 1.1.3 Remote Code Execution Exploit
- iGaming CMS 2.0 Alpha 1 (search.php) Remote SQL Injection Exploit
- PHP Easy Downloader 1.5 (file) File Disclosure Vulnerability
- Calendars for the Web 4.02 Admin Auth Bypass Vulnerability
- Post Affiliate Pro 2.0 (index.php md) Local File Inclusion Vulnerability
- Hummingbird Deployment Wizard 2008 ActiveX Command Execution
- Hummingbird Deployment Wizard 2008 Registry Values Creation/Change
- Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
- Hummingbird Deployment Wizard 2008 ActiveX File Execution(2)
- Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln
- XOOPS Module GesGaleri (kategorino) Remote SQL Injection Exploit
- phpFastNews 1.0.0 Insecure Cookie Handling Vulnerability
- zeeproperty (adid) Remote SQL Injection Vulnerability
- Meeting Room Booking System (MRBS) < 1.4 SQL Injection Exploit
- miniBloggie 1.0 (del.php) Remote Blind SQL Injection Exploit
- Nuke ET <= 3.4 (fckeditor) Remote Arbitrary File Upload Exploit
- PHP Easy Downloader <= 1.5 Remote File Creation Exploit
- Fast Click SQL 1.1.7 Lite (init.php) Remote File Inclusion Vulnerability
- Solaris 9 [UltraSPARC] sadmind Remote Root Exploit
- BitTorrent 6.0.3 .torrent File Stack Buffer Overflow Exploit
- yappa-ng <= 2.3.3-beta0 (album) Local File Inclusion Vulnerability
- Vivvo CMS <= 3.4 Multiple Vulnerabilities Destroyer Exploit
- WBB Plugin rGallery 1.09 (itemID) Blind SQL Injection Exploit
- e107 <= 0.7.13 (usersettings.php) Blind SQL Injection Exploit
- Joomla Component ds-syndicate (feed_id) SQL Injection Vulnerability
- Dart Communications PowerTCP FTP module Remote BOF Exploit
- XOOPS Module makale Remote SQL Injection Vulnerability
- Limbo CMS (Private Messaging Component) SQL Injection Vulnerability
- LightBlog 9.8 (GET,POST,COOKIE) Multiple LFI Vulnerabilities
- VLC Media Player TY File Stack Based Buffer Overflow Exploit
- ShopMaker 1.0 (product.php id) Remote SQL Injection Vulnerability
- freeSSHd 1.2.1 sftp rename Remote Buffer Overflow PoC (auth)
- Opera <= 9.60 Stored Cross Site Scripting Vulnerability
- Joomla Component Daily Message 1.0.3 (id) SQL Injection Vuln
- Iamma Simple Gallery 1.0/2.0 Arbitrary File Upload Vulnerability
- GoodTech SSH (SSH_FXP_OPEN) Remote Buffer Overflow Exploit
- LibSPF2 < 1.2.8 DNS TXT Record Parsing Bug Heap Overflow PoC
- phpcrs <= 2.06 (importFunction) Local File Inclusion Vulnerability
- LoudBlog <= 0.8.0a (ajax.php) SQL Injection Vulnerability (auth)
- Joomla Component ionFiles 4.4.2 File Disclosure Vulnerability
- DorsaCms (ShowPage.aspx) Remote SQL Injection Vulnerability
- YDC (kdlist.php cat) Remote SQL Injection Vulnerability
- freeSSHd 1.2.1 sftp realpath Remote Buffer Overflow PoC (auth)
- Opera 9.52/9.60 Stored Cross Site Scripting Code Exec PoC
- CSPartner 1.0 (Delete All Users/SQL Injection) Remote Exploit
- SilverSHielD 1.0.2.34 (opendir) Denial of Service Exploit
- txtshop 1.0b (language) Local File Inclusion Vulnerability (win only)
- Joomla Component RWCards 3.0.11 Local File Inclusion Vulnerability
- aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies
- MindDezign Photo Gallery 2.2 (index.php id) SQL Injection Vulnerability
- MindDezign Photo Gallery 2.2 Arbitrary Add Admin Exploit
- miniPortail <= 2.2 (XSS/LFI) Remote Vulnerabilities
- WebSVN <= 2.0 (XSS/FH/CE) Multiple Remote Vulnerabilities
- SiteEngine 5.x Multiple Remote Vulnerabilities
- MS Windows Server Service Code Execution PoC (MS08-067)
- VLC 0.9.4 .TY File Buffer Overflow Exploit (SEH)
- Joomla Component Archaic Binary Gallery 0.2 Directory Traversal Vuln
- Joomla Component Kbase 1.0 Remote SQL Injection Vulnerability
- db Software Laboratory VImpX (VImpX.ocx) Multiple Vulnerabilities
- Aj RSS Reader (EditUrl.php url) SQL Injection Vulnerability
- NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability
- TUGzip 3.00 archiver .ZIP File Local Buffer Overflow Exploit
- KVIrc 3.4.0 Virgo Remote Format String Exploit PoC
- PHPdaily (SQL/XSS/LFD) Multiple Remote Vulnerabilities
- vicFTP 5.0 (LIST) Remote Denial of Service Exploit
- BuzzyWall 1.3.1 (download id) Remote File Disclosure Vulnerability
- Tlnews 2.2 Insecure Cookie Handling Vulnerability
- Kasra CMS (index.php) Multiple SQL Injection Vulnerabilities
- PumpKIN TFTP Server 2.7.2.0 Denial of Service Exploit (meta)
- PozScripts Classified Auctions (gotourl.php id) SQL Injection Vuln
- PowerTCP FTP module Multiple Technique Exploit (SEH/HeapSpray)
- MS Windows Server Service Code Execution Exploit (MS08-067) (Univ)
- WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln
- SFS Ez Forum (forum.php id) SQL Injection Vulnerability
- MyForum 1.3 (lecture.php id) Remote SQL Injection Exploit
- Ads Pro (dhtml.pl page) Remote Command Execution Exploit
- MyForum 1.3 (padmin) Local File Inclusion Vulnerability
- Persia BME E-Catalogue Remote SQL Injection Vulnerability
- TlAds v1 Remote Insecure Cookie Handling Vulnerability
- e107 Plugin alternate_profiles (id) SQL Injection Vulnerability
- MyKtools 2.4 (langage) Local File Inclusion Vulnerability
- Linux Kernel < 2.6.22 ftruncate()/open() Local Exploit
- e107 Plugin EasyShop (category_id) Blind SQL Injection Exploit
- Questcms (XSS/Directory Traversal/SQL) Multiple Remote Vulnerabilities
- Aiocp 1.4 (poll_id) Remote SQL Injection Vulnerability
- MyKtools 2.4 Arbitrary Database Backup Vulnerability
- e107 Plugin BLOG Engine 2.1.4 Remote SQL Injection Vulnerability
- MyForum 1.3 Insecure Cookie Handling Vulnerability
- PersianBB (iranian_music.php id) Remote SQL Injection Vulnerability
- Agares ThemeSiteScript 1.0 (loadadminpage) RFI Vulnerability
- TlGuestBook 1.2 Insecure Cookie Handling Vulnerability
- H2O-CMS <= 3.4 Remote Command Execution Exploit (mq = off)
- H2O-CMS <= 3.4 Insecure Cookie Handling Vulnerability
- PacketTrap TFTPD 2.2.5459.0 Remote Denial of Service Exploit
- Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability
- e107 Plugin fm pro v1 (FD/Upload/DT) Multiple Remote Vulnerabilities
- 7Shop <= 1.1 Remote Arbitrary File Upload Exploit
- Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit
- Mambo Component SimpleBoard <= 1.0.1 Arbitrary File Upload Exploit
- WebCards <= 1.3 Remote SQL Injection Vulnerability
- MW6 Aztec ActiveX (Aztec.dll) Remote Insecure Method Exploit
- MW6 Barcode ActiveX (Barcode.dll) Insecure Method Exploit
- MW6 DataMatrix ActiveX (DataMatrix.dll) Insecure Method Exploit
- MW6 PDF417 ActiveX (MW6PDF417.dll) Remote Insecure Method Exploit
- Harlandscripts Pro Traffic One (mypage.php) SQL Injection Vulnerability
- Visagesoft eXPert PDF ViewerX (VSPDFViewerX.ocx) File Overwrite
- Venalsur on-line Booking Centre (OfertaID) XSS/SQL Injection Vulns
- Pro Traffic One (poll_results.php id) Remote SQL Injection Vulnerability
- DjVu ActiveX Control 3.0 ImageURL Property Overflow Exploit
- MyPHP Forum <= 3.0 Edit Topics/Blind SQL Injection Vulnerabilities
- Opera 9.61 opera:historysearch Code Execution Exploit PoC
- Absolute File Send 1.0 Remote Cookie Handling Vulnerability
- Absolute Podcast 1.0 Remote Insecure Cookie Handling Vulnerability
- Absolute Poll Manager XE 4.1 Cookie Handling Vulnerability
- e107 Plugin lyrics_menu (lyrics_song.php l_id) SQL Injection Vulnerability
- Tribiq CMS 5.0.9a (beta) Insecure Cookie Handling Vulnerability
- Cybershade CMS 0.2b Remote File Inclusion Vulnerability
- Tribiq CMS 5.0.10a Local File Inclusion Vulnerability (win)
- Absolute Content Rotator 6.0 Insecure Cookie Handling Vulnerability
- Absolute Banner Manager Insecure Cookie Handling Vulnerability
- Absolute Form Processor 4.0 Insecure Cookie Handling Vulnerability
- Absolute Live Support 5.1 Insecure Cookie Handling Vulnerability
- Absolute Control Panel XE 1.5 Insecure Cookie Handling Vulnerability
- SFS EZ Gaming Directory (directory.php id) SQL Injection Vulnerability
- SFS EZ Adult Directory (directory.php id) SQL Injection Vulnerability
- Logz podcast CMS 1.3.1 (add_url.php art) SQL Injection Vulnerability
- cpanel 11.x XSS / Local File Inclusion Vulnerability
- U-Mail Webmail 4.91 (edit.php) Arbitrary File Write Vulnerability
- A-Link WL54AP3 and WL54AP2 CSRF+XSS Vulnerability
- Absolute News Manager 5.1 Insecure Cookie Handling Vulnerability
- Absolute News Feed 1.0 Remote Insecure Cookie Handling Vulnerability
- Absolute FAQ Manager 6.0 Insecure Cookie Handling Vulnerability
- SFS EZ Hotscripts-like Site (cid) Remote SQL Injection Vulnerability
- Absolute Newsletter 6.1 Insecure Cookie Handling Vulnerability
- SFS EZ Hosting Directory (cat_id) Remote SQL Injection Vulnerability
- SFS EZ Gaming Directory (cat_id) Remote SQL Injection Vulnerability
- SFS EZ Home Business Directory (cat_id) SQL Injection Vulnerability
- SFS EZ Link Directory (cat_id) Remote SQL Injection Vulnerability
- Adult Banner Exchange Website (targetid) SQL Injection Vulnerability
- SFS EZ BIZ PRO (track.php id) Remote SQL Injection Vulnerability
- SFS EZ Affiliate (cat_id) Remote SQL Injection Vulnerability
- Article Publisher PRO 1.5 (SQL Injection) Auth Bypass Vulnerability
- SFS EZ Webring (cat) Remote SQL Injection Vulnerability
- SFS EZ Hot or Not (phid) Remote SQL Injection Vulnerability
- SFS EZ Software (id) Remote SQL Injection Vulnerability
- ModernBill <= 4.4.x XSS / Remote File Inclusion Vulnerability
- Article Publisher PRO (userid) Remote SQL Injection Exploit
- SFS EZ Auction (viewfaqs.php cat) Blind SQL Injection Vulnerability
- SFS EZ Career (content.php topic) SQL Injection Vulnerability
- SFS EZ Top Sites (topsite.php ts) Remote SQL Injection Vulnerability
- GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (meta)
- SFS EZ Webstore (where) Remote SQL Injection Vulnerability
- SFS EZ Pub Site (directory.php cat) SQL Injection Vulnerability
- SFS EZ Gaming Cheats (id) Remote SQL Injection vulnerability
- Bloggie Lite 0.0.2 Beta SQL Injection by Insecure Cookie Handling
- FTP Now 2.6 Server Response Remote Crash PoC
- AJ ARTICLE (featured_article.php mode) SQL injection Vulnerability
- Joomla Component Flash Tree Gallery 1.0 RFI Vulnerability
- Article Publisher PRO 1.5 Insecure Cookie Handling Vulnerability
- GO4I.NET ASP Forum 1.0 (forum.asp iFor) SQL Injection Vulnerability
- YourFreeWorld Programs Rating (details.php id) SQL Injection Vuln
- AJ ARTICLE (SQL Injection) Remote Auth Bypass Vulnerability
- Micro CMS <= 0.3.5 Remote (Add/Delete/Password Change) Exploit
- Shahrood (ndetail.php id) Blind SQL Injection Vulnerability
- YourFreeWorld Downline Builder (id) Remote SQL Injection Vulnerability
- YourFreeWorld Banner Management (id) SQL Injection Vulnerability
- YourFreeWorld Blog Blaster (id) Remote SQL Injection Vulnerability
- YourFreeWorld Autoresponder Hosting (id) SQL Injection Vulnerability
- YourFreeWorld Forced Matrix Script (id) SQL Injection Vulnerability
- YourFreeWorld Short Url & Url Tracker (id) SQL Injection Vuln
- YourFreeWorld Viral Marketing (id) SQL Injection Vulnerability
- YourFreeWorld Scrolling Text Ads (id) SQL Injection Vulnerability
- YourFreeWorld Reminder Service (id) SQL Injection Vulnerability
- YourFreeWorld Classifieds Blaster (id) SQL Injection Vulnerability
- YourFreeWorld Classifieds (category) Remote SQL Injection Vulnerability
- Downline Goldmine Builder (tr.php id) Remote SQL Injection Vulnerability
- Downline Goldmine Category Addon (id) SQL Injection Vulnerability
- YourFreeWorld Classifieds Hosting (id) SQL Injection Vulnerability
- YourFreeWorld URL Rotator (id) Remote SQL Injection Vulnerability
- Downline Goldmine paidversion (tr.php id) SQL Injection Vulnerability
- Downline Goldmine newdownlinebuilder (tr.php id) SQL Injection Vuln
- YourFreeWorld Shopping Cart (index.php c) Blind SQL Injection Vuln
- Maran PHP Shop (prod.php cat) SQL Injection Vulnerability
- Maran PHP Shop (admin.php) Insecure Cookie Handling Vulnerability
- Joovili 3.1.4 Insecure Cookie Handling Vulnerability
- Apartment Search Script (RFU/XSS) Multiple Remote Vulnerabilities
- NetRisk <= 2.0 (XSS/SQL Injection) Remote Vulnerabilities
- Maran PHP Shop (prodshow.php) SQL Injection Vulnerability
- 1st News (products.php id) Remote SQL Injection Vulnerability
- deV!Lz Clanportal [DZCP] <= 1.4.9.6 Blind SQL Injection Exploit
- BosDev BosClassifieds (cat_id) SQL Injection Vulnerability
- Chilkat Crypt Activex Arbitrary File Creation/Execution PoC
- Acc Real Estate 4.0 Insecure Cookie Handling Vulnerability
- Acc Statistics 1.1Insecure Cookie Handling Vulnerability
- Acc PHP eMail 1.1 Insecure Cookie Handling Vulnerability
- MatPo Link 1.2b (view.php id) Remote SQL Injection Vulnerability
- Acc Autos 4.0 Insecure Cookie Handling Vulnerability
- Apoll 0.7b (SQL Injection) Remote Auth Bypass Vulnerability
- MatPo Link 1.2b (Blind SQL Injection/XSS) Multiple Vulnerabilities
- pppBlog <= 0.3.11 (randompic.php) File Disclosure Vulnerability
- TBmnetCMS 1.0 (index.php content) Local File Inclusion Vulnerability
- WEBBDOMAIN WebShop 1.02 (SQL/XSS) Multiple Vulnerabilities
- Joomla Component VirtueMart Google Base 1.1 RFI Vulnerability
- Joomla Component ongumatimesheet20 4b RFI Vulnerability
- WEBBDOMAIN Post Card <= 1.02 (catid) SQL Injection Vulnerability
- Vibro-CMS Multiple Remote SQL Injection Vulnerabilities
- nicLOR Puglia Landscape (id) Local File Inclusion Vulnerability
- Joomla Component ProDesk 1.0/1.2 Local File Inclusion Vulnerability
- Vibro-School-CMS (nID) Remote SQL injection Vulnerability
- CMS-School 2005 (showarticle.php) Remote SQL injection Vulnerability
- WEBBDOMAIN Petition 1.02/2.0/3.0 (SQL Injection) Auth Bypass Vuln
- WEBBDOMAIN Polls 1.01 (SQL Injection) Auth Bypass Vulnerability
- WEBBDOMAIN Quiz <= 1.02 (Auth Bypass) SQL Injection Vulnerability
- WEBBDOMAIN Webshop <= 1.02 (SQL Injection) Auth Bypass Vuln
- Simple Document Management System 1.1.4 SQL Injection Auth Bypass
- Tours Manager v1 (cityview.php cityid) SQL Injection Vulnerability
- WEBBDOMAIN Post Card <= 1.02 (SQL Injection) Auth Bypass Vuln
- nicLOR Sito includefile Local File Inclusion Vulnerabilities
- TR News <= 2.1 (login.php) Remote Login Bypass Exploit
- wotw <= 5.0 Local/Remote File Inclusion Vulnerability
- Simple Machines Forum (SMF) 1.1.6 Code Execution Exploit
- Adobe Reader util.printf() JavaScript Function Stack Overflow Exploit
- phpBB Mod Small ShoutBox 1.4 Remote Edit/Delete Messages Vuln
- PHPX 3.5.16 (news_id) Remote SQL Injection Exploit
- Pre Podcast Portal (Tour.php id) SQL Injection Vulnerability
- Pre Shopping Mall Insecure Cookie Handling Vulnerability
- Pre Multi-Vendor Shopping Malls Multiple Remote Vulnerabilities
- Pre Classified Listings Insecure Cookie Handling Vulnerability
- DFLabs PTK <= 1.0 Local Command Execution Vulnerability
- Joomla Component Dada Mail Manager 2.6 RFI Vulnerability
- PHP Auto Listings (moreinfo.php pg) SQL Injection Vulnerability
- Pre Simple CMS (Auth Bypass) SQL Injection Vulnerability
- PHP JOBWEBSITE PRO (Auth Bypass) SQL Injection Vulnerability
- Adobe Reader util.printf() JavaScript Function Stack Overflow Exploit #2
- HarlandScripts drinks (recid) Remote SQL Injection Velnerability
- Pre Real Estate Listings (Auth Bypass) SQL Injection Vulnerability
- Mole Group Airline Ticket Script SQL Injection Vulnerability
- Mole Group Taxi Calc Dist Script (Auth Bypass) SQL Injection Vuln
- Simple Machines Forum <= 1.1.6 (LFI) Code Execution Exploit
- hMAilServer 4.4.2 (PHPWebAdmin) File Inclusion Vulnerabilities
- DevelopItEasy Events Calendar 1.2 Multiple SQL Injection Vulnerabilities
- DevelopItEasy News And Article System 1.4 SQL Injection Vulns
- DevelopItEasy Membership System 1.3 (Auth Bypass) SQL Injection
- DevelopItEasy Photo Gallery 1.2 SQL Injection Vulnerabilities
- Pre ADS Portal <= 2.0 (Auth Bypass/XSS) Multiple Vulnerabilities
- NICE FAQ Script (Auth Bypass) SQL Injection Vulnerability
- Arab Portal 2.1 Remote File Disclosure Vulnerability (win only)
- MySQL Quick Admin 1.5.5 Local File Inclusion Vulnerability
- SoftComplex PHP Image Gallery 1.0 (Auth Bypass) SQL Injection Vuln
- LoveCMS 1.6.2 Final Arbitrary File Delete Vulnerability
- DeltaScripts PHP Classifieds <= 7.5 (Auth Bypass) SQL Injection Vuln
- DeltaScripts PHP Links <= 1.3 (Auth Bypass) SQL Injection Vuln
- DeltaScripts PHP Shop 1.0 (Auth Bypass) SQL Injection Vulnerability
- SoftComplex PHP Image Gallery (ctg) SQL Injection Vulnerability
- Prozilla Software Directory (XSS/SQL) Multiple Vulnerabilities
- turnkeyforms Entertainment Portal 2.0 Insecure Cookie Handling Vuln
- turnkeyforms Business Survey Pro 1.0 (id) SQL Injection Vuln
- Mole Group Pizza (manufacturers_id) Script SQL Injection Vuln
- e-Vision CMS <= 2.0.2 Multiple Local File Inclusion Exploit
- U&M Software Signup 1.1 Auth Bypass Vulnerability
- U&M Software JustBookIt 1.0 Auth Bypass Vulnerability
- U&M Software Event Lister 1.0 Auth Bypass Vulnerability
- turnkeyforms Local Classifieds (XSS/SQL) Multiple Vulnerabilities
- Joomla Component Clickheat 1.0.1 Multiple RFI Vulnerabilities
- Joomla Component Recly!Competitions 1.0.0 Multiple RFI Vulnerabilities
- Joomla Component Feederator 1.0.5 Multiple RFI Vulnerabilities
- E-topbiz Online Store 1 (Auth Bypass) SQL Injection Vuln
- PHP Auto Listings Script (Auth Bypass) SQL Injection Vuln
- Mole Group Rental Script (Auth Bypass) SQL Injection Vuln
- MyioSoft Ajax Portal 3.0 (Auth Bypass) SQL Injection Vulnerability
- MyioSoft EasyBookMarker (Auth Bypass) SQL Injection Vulnerability
- MyioSoft EasyCalendar (Auth Bypass) Remote SQL Injection Vulnerability
- DeltaScripts PHP Classifieds <= 7.5 SQL Injection Vulnerability
- E-topbiz Online Store 1 (cat_id) SQL Injection Vulnerability
- Mini Web Calendar 1.2 (File Disclosure/XSS) Multiple Vulnerabilities
- E-topbiz Number Links 1 (id) Remote SQL Injection Vulnerability
- VLC Media Player < 0.9.6 .RT Stack Buffer Overflow Exploit
- Domain Seller Pro 1.5 (id) Remote SQL Injection Vulnerability
- Myiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability
- Anti-Keylogger Elite 3.3.0 (AKEProtect.sys) Privilege Escalation Exploit
- SpeedStream 5200 Authentication Bypass Config Download Vulnerability
- GE Proficy Real Time Information Portal Credentials Leak Sniffer (meta)
- MemHT Portal <= 4.0 Remote Code Execution Exploit
- zeeproperty 1.0 (Upload/XSS) Multiple Remote Vulnerabilities
- Enthusiast 3.1.4 (show_joined.php path) Remote File Inclusion Vuln
- 2WIRE DSL Router (xslt) Denial of Service Vulnerability
- V3 Chat Profiles/Dating Script 3.0.2 (Auth Bypass) SQL Injection Vuln
- ZEEJOBSITE 2.0 Remote File Upload Vulnerability
- V3 Chat - Profiles/Dating Script 3.0.2 Insecure Cookie Handling Vuln
- Mambo Component n-form (form_id) Blind SQL Injection Exploit
- Cyberfolio <= 7.12.2 (css.php theme) Local File Inclusion Vulnerability
- Zeeways Shaadi Clone 2.0 Auth Bypass Vulnerability
- DigiAffiliate <= 1.4 (Auth Bypass) SQL Injection Vulnerability
- Mole Group Airline Ticket Script (Auth Bypass) SQL Injection Vuln
- V3 Chat Live Support 3.0.4 Insecure Cookie Handling Vulnerability
- Zeeways PHOTOVIDEOTUBE 1.1 Auth Bypass Vulnerability
- ExoPHPDesk 1.2 Final (Auth Bypass) SQL Injection Vulnerability
- ZEEMATRI 3.0 (bannerclick.php adid) SQL Injection Vulnerability
- X10media Mp3 Search Engine <= 1.6 Remote File Disclosure Vulnerability
- Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities
- Collabtive 0.4.8 (XSS/Auth Bypass/Upload) Multiple Vulnerabilities
- OTManager CMS 2.4 (Tipo) Remote File Inclusion Vulnerability
- Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vulnerability
- FREEsimplePHPguestbook (guestbook.php) Remote Code Execution Vulnerability
- Fresh Email Script 1.0 Multiple Remote Vulnerabilities
- AJ ARTICLE Remote Authentication Bypass Vulnerability
- PHPStore Car Dealers Remote File Upload Vulnerability
- PHPStore PHP Job Search Script Remote File Upload Vulnerability
- PHPStore Complete Classifieds Script File Upload Vulnerability
- PHPStore Real Estate Remote File Upload Vulnerability
- AJSquare Free Polling Script (DB) Multiple Vulnerabilities
- AJ Auction Authentication Bypass Vulnerability
- smcFanControl 2.1.2 Multiple Buffer Overflow Vulnerabilities PoC (OSX)
- Aj Classifieds Authentication Bypass Vulnerability
- ooVoo 1.7.1.35 (URL Protocol) Remote Unicode Buffer Overflow PoC
- Linux Kernel < 2.4.36.9/2.6.27.5 Unix Sockets Local Kernel Panic Exploit
- Joomla Component com_books (book_id) SQL Injection Vulnerability
- Joomla Component Contact Info 1.0 SQL Injection Vulnerability
- Pre Real Estate Listings File Upload Vulnerability
- Joomla/Mambo com_catalogproduction (id) SQL Injection Vulnerability
- Joomla Component Simple RSS Reader 1.0 RFI Vulnerability
- Joomla Component com_marketplace 1.2.1 (catid) SQL Injection Vuln
- PozScripts Business Directory Script (cid) Remote SQL Injection Vuln
- Castle Rock Computing SNMPc < 7.1.1 (Community) Remote BOF PoC
- Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC
- AlstraSoft SendIt Pro Remote File Upload Vulnerability
- AlstraSoft Article Manager Pro (Auth Bypass) SQL Injection Vuln
- AlstraSoft Web Host Directory (Auth Bypass) SQL Injection Vuln
- MS Windows Server Service Code Execution Exploit (MS08-067)
- Quick Poll Script (code.php id) Remote SQL Injection Vulnerability
- turnkeyforms Local Classifieds Auth Bypass Vulnerability
- turnkeyforms Web Hosting Directory Multiple Vulnerabilities
- Pi3Web <= 2.0.3 (ISAPI) Remote Denial of Service Exploit
- ScriptsFeed (SF) Real Estate Classifieds Software File Upload Vuln
- ScriptsFeed (SF) Auto Classifieds Software Remote File Upload Vuln
- ScriptsFeed (SF) Recipes Listing Portal Remote File Upload Vulnerability
- BandSite CMS 1.1.4 Insecure Cookie Handling Vulnerability
- MemHT Portal 4.0.1 SQL Injection Code Execution Exploit
- AlstraSoft Web Host Directory 1.2 Multiple Vulnerabilities
- GS Real Estate Portal US/International Module Multiple Vulnerabilities
- turnkeyforms Text Link Sales Auth Bypass Vulnerability
- Discuz! 6.x/7.x Remote Code Execution Exploit
- Bankoi Webhost Panel 1.20 (Auth Bypass) SQL Injection Vulnerability
- SlimCMS <= 1.0.0 (edit.php) Remote SQL Injection Exploit
- GS Real Estate Portal Multiple SQL Injection Vulnerability
- X7 Chat 2.0.5 (Auth Bypass) SQL Injection Vulnerability
- turnkeyforms Text Link Sales (id) XSS/SQL Injection Vulnerability
- SmbRelay3 NTLM Replay Attack Tool/Exploit (MS08-068)
- VeryPDF PDFView OCX ActiveX OpenPDF Heap Overflow PoC
- ClipShare Pro 2006-2007 (chid) SQL Injection Vulnerability
- Sudo <= 1.6.9p18 (Defaults setenv) Local Privilege Escalation Exploit
- Minigal b13 (index.php list) Remote File Disclosure Exploit
- yahoo answers (id) Remote SQL Injection Vulnerability
- MS Windows Server Service Code Execution Exploit (MS08-067) (2k/2k3)
- FloSites Blog Multiple Remote SQL Injection Vulnerabilities
- phpstore Wholesale (track.php?id) SQL Injection Vulnerability
- Opera 9.62 file:// Local Heap Overflow Exploit
- mxCamArchive 2.2 Bypass Config Download Vulnerability
- OpenASP <= 3.0 Blind SQL Injection Vulnerability
- E-topbiz AdManager 4 (group) Blind SQL Injection Vulnerability
- FREEze Greetings 1.0 Remote Password Retrieve Exploit
- Q-Shop 3.0 Remote XSS/SQL Injection Vulnerabilities
- Chilkat Socket activex 2.3.1.1 Remote Arbitrary File Creation Exploit
- phpfan 3.3.4 (init.php includepath) Remote File Inclusion Vulnerability
- Jadu Galaxies (categoryID) Blind SQL Injection Vulnerability
- Exodus 0.10 (uri handler) Arbitrary Parameter Injection Vulnerability
- Simple Customer 1.2 (Auth Bypass) SQL Injection Vulnerability
- SaturnCMS (view) Blind SQL Injection Vulnerability
- Ultrastats 0.2.144/0.3.11 (index.php serverid) SQL Injection Vulnerability
- VideoScript <= 4.0.1.50 Admin Change Password Exploit
- CUPS 1.3.7 CSRF (add rss subscription) Remote Crash Exploit
- No-IP DUC <= 2.1.7 Remote Code Execution Exploit
- Musicbox 2.3.8 (viewalbums.php artistId) SQL Injection Vulnerability
- Pluck CMS 4.5.3 (g_pcltar_lib_dir) Local File Inclusion Vulnerability
- Free Directory Script 1.1.1 (API_HOME_DIR) RFI Vulnerability
- E-topbiz Link Back Checker 1 Insecure Cookie Handling Vulnerability
- Alex News-Engine 1.5.1 Remote Arbitrary File Upload Vulnerability
- Alex Article-Engine 1.3.0 (fckeditor) Arbitrary File Upload Vulnerability
- PunBB (Private Messaging System 1.2.x) Multiple LFI Exploit
- MyTopix <= 1.3.0 (notes send) Remote SQL Injection Exploit
- MauryCMS <= 0.53.2 Remote Shell Upload Exploit
- RevSense (Auth bypass) Remote SQL Injection Vulnerability
- Pre Job Board (Auth Bypass) Remote SQL Injection Vulnerability
- wPortfolio <= 0.3 Remote Arbitrary File Upload Exploit
- AskPert (Auth bypass) Remote SQL Injection Vulnerability
- Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit
- PunBB Mod PunPortal 0.1 Local File Inclusion Exploit
- wPortfolio <= 0.3 Admin Password Changing Exploit
- PHP 5.2.6 (error_log) safe_mode Bypass Vulnerability
- NatterChat 1.1 (Auth Bypass) Remote SQL Injection Vulnerability
- PHP-Fusion 7.00.1 (messages.php) Remote SQL Injection Exploit
- vBulletin 3.7.3 Visitor Message XSS/XSRF + worm Exploit
- Natterchat 1.12 (Auth Bypass) Remote SQL Injection Vulnerability
- ToursManager (tourview.php tourid) Blind SQL Injection Vulnerability
- Oracle Database Vault ptrace(2) Privilege Escalation Exploit
- BitDefender (module pdf.xmd) Infinite Loop Denial of Service PoC
- NatterChat 1.1 Remote Admin Bypass Vulnerability
- VCalendar (VCalendar.mdb) Remote Database Disclosure Vulnerability
- KVIrc 3.4.2 Shiny (uri handler) Remote Command Execution Exploit
- Joomla Component Thyme 1.0 (event) SQL Injection Vulnerability
- verlihub <= 0.9.8d-RC2 Remote Command Execution Vulnerability
- e107 Plugin ZoGo-Shop 1.15.4 (product) SQL Injection Vulnerability
- Discuz! Remote Reset User Password Exploit
- Vlog System 1.1 (blog.php user) Remote SQL Injection Vulnerability
- getaphpsite Real Estate Remote File Upload Vulnerability
- getaphpsite Auto Dealers Remote File Upload Vulnerability
- Ez Ringtone Manager Multiple Remote File Disclosure Vulnerabilities
- LoveCMS 1.6.2 Final (Simple Forum 3.1d) Change Admin Password Exploit
- Prozilla Hosting Index (id) Remote SQL Injection Vulnerability
- Microsoft XML Core Services DTD Cross-Domain Scripting PoC MS08-069
- Goople Cms 1.7 Remote File Upload Vulnerability
- NetArtMedia Cars Portal 2.0 (image.php id) SQL Injection Vulnerability
- NetArtMedia Blog System (image.php id) SQL Injection Vulnerability
- PG Real Estate (Auth Bypass) SQL Injection Vulnerability
- PG Roomate Finder Solution (Auth Bypass) SQL Injection Vulnerability
- PG Job Site (poll_view_id) Blind SQL Injection Vulnerability
- MODx CMS <= 0.9.6.2 (RFI/XSS) Multiple Remote Vulnerabilities
- Goople Cms 1.7 Insecure Cookie Handling Vulnerability
- PHP Classifieds Script Remote Database Disclosure Vulnerability
- Nero ShowTime 5.0.15.0 m3u Playlist File Remote Buffer Overflow PoC
- NetArtMedia Real Estate Portal 1.2 (ad_id) SQL Injection Vuln
- W3C Amaya 10.1 Web Browser (URL Bar) Remote Stack Overflow PoC
- Goople Cms 1.7 Arbitrary Code Execution Vulnerability
- VideoScript 3.0 <= 4.0.1.50 Official Shell Injection Exploit
- VideoScript 3.0 <= 4.1.5.55 Unofficial Shell Injection Exploit
- W3C Amaya 10.1 Web Browser (id) Remote Stack Overflow PoC
- FTPzik (XSS/LFI) Multiple Remote Vulnerabilities
- Bandwebsite 1.5 (SQL/XSS) Multiple Remote Vulnerabilities
- WebStudio CMS (index.php pageid) Blind SQL Injection Vulnerability
- Quicksilver Forums <= 1.4.2 RCE Exploit (windows only)
- Nitrotech 0.0.3a (RFI/SQL) Multiple Remote Vulnerabilities
- Total Video Player (vcen.dll) Remote off by one Crash Exploit
- Siemens C450IP/C475IP Remote Denial of Service Vulnerability
- Pie Web M{a,e}sher 0.5.3 Multiple Remote File Inclusion Vulnerability
- WebStudio eHotel (pageid) Blind SQL Injection Vulnerability
- WebStudio eCatalogue (pageid) Blind SQL Injection Vulnerability
- FAQ Manager 1.2 (categorie.php cat_id) SQL Injection Vulnerability
- Pie Web M{a,e}sher Mod Rss 0.1 Remote File Inclusion Vulnerability
- Google Chrome Browser MetaCharacter URI Obfuscation Vulnerability
- Chipmunk Topsites (Auth Bypass/XSS) Multiple Remote Vulnerabilities
- Clean CMS 1.5 (Blind SQL Injection/XSS) Multiple Remote Vulnerabilities
- FAQ Manager 1.2 (config_path) Remote File Inclusion Vulnerability
- Clean CMS 1.5 (full_txt.php id) Blind SQL Injection Exploit
- fuzzylime cms 3.03 (track.php p) Local File Inclusion Vulnerability
- SimpleBlog 3.0 (simpleBlog.mdb) Database Disclosure Vulnerability
- LoveCMS 1.6.2 Final (Download Manager 1.0) File Upload Exploit
- VideoGirls BiZ (view_snaps.php type) Blind SQL Injection Vulnerability
- Jamit Job Board 3.x (show_emp) Blind SQL Injection Vulnerability
- WebStudio CMS (pageid) Remote Blind SQL Injection Vuln (mil mixup)
- CMS Ortus <= 1.13 Remote SQL Injection Vulnerability
- Post Affiliate Pro v.3 (umprof_status) Blind SQL Injection Vulnerability
- ParsBlogger (blog.asp wr) Remote SQL Injection Vulnerability
- Star Articles 6.0 Remote Blind SQL Injection Vulnerability
- TxtBlog (index.php m) Local File Inclusion Vulnerability
- Web Calendar System 3.12/3.30 Multiple Remote Vulnerabilities
- Star Articles 6.0 Remote Blind SQL Injection exploit
- Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities
- Ocean12 Membership Manager Pro Database Disclosure Vulnerability
- Ocean12 Poll Manager Pro Database Disclosure Vulnerability
- Ocean12 Calendar Manager Gold Database Disclosure Vulnerability
- Family Project 2.x (Auth Bypass) SQL Injection Vulnerability
- i.Scribe SMTP Client <= 2.00b (wscanf) Remote Format String PoC
- RakhiSoftware Shopping Cart (subcategory_id) SQL Injection Vulnerability
- Star Articles 6.0 Remote File Upload Vulnerability
- Web Calendar 4.1 (Auth Bypass) SQL Injection Vulnerability
- Booking Centre 2.01 (HotelID) Remote SQL Injection Vulnerability
- Ocean12 Membership Manager Pro (Auth Bypass) SQL Injection Vuln
- PageTree CMS 0.0.2 BETA 0001 Remote File Inclusion Vulnerability
- Turnkey Arcade Script (id) Remote SQL Injection Vulnerability
- BaSiC-CMS (index.php r) Remote SQL Injection Vulnerability
- Ocean12 FAQ Manager Pro Database Disclosure Vulnerability
- Comersus ASP Shopping Cart (DD/XSS) Multiple Remote Vulnerabilities
- BaSiC-CMS (acm2000.mdb) Remote Database Disclosure Vulnerability
- Basic PHP CMS (index.php id) Blind SQL Injection Vulnerability
- Microsoft Office Communicator (SIP) Remote Denial of Service Exploit
- Booking Centre 2.01 (Auth Bypass) SQL Injection Vulnerability
- Apache Tomcat runtime.getRuntime().exec() Privilege Escalation (win)
- Web Calendar System <= 3.40 (XSS/SQL) Multiple Remote Vulnerabilities
- All Club CMS <= 0.0.2 Remote DB Config Retrieve Exploit
- SailPlanner 0.3a (Auth Bypass) SQL Injection Vulnerability
- Bluo CMS 1.2 (index.php id) Blind SQL Injection Vulnerability
- CMS little (index.php term) Remote SQL Injection Exploit
- ReVou Twitter Clone (Auth Bypass) SQL Injection Vulnerability
- Ocean12 FAQ Manager Pro (ID) Blind SQL Injection Vulnerabillity
- Active Force Matrix v2 (Auth Bypass) Remote SQL Injection Vulnerability
- ASPReferral 5.3 (AccountID) Blind SQL Injection Vulnerability
- ActiveVotes 2.2 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Test 2.1 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Websurvey 9.1 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Membership v 2 (Auth Bypass) Remote SQL Injection Vulnerability
- eWebquiz v 8 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Newsletter 4.3 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Web Mail v 4 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Trade 2 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Price Comparison 4 (Auth Bypass) SQL Injection Vulnerability
- PHP TV Portal 2.0 (index.php mid) SQL Injection Vulnerability
- CMS Made Simple 1.4.1 Local File Inclusion Vulnerability
- OraMon 2.0.1 Remote Config File Disclosure Vulnerability
- ActiveVotes 2.2 (AccountID) Blind SQL Injection Vulnerability
- Active Web Mail v 4 Blind SQL Injection Vulnerability
- Active Price Comparison v4 (ProductID) Blind SQL Injection Vulnerability
- Active Bids 3.5 (ItemID) Blind SQL Injection Vulnerability
- OpenForum 0.66 Beta Remote Reset Admin Password Exploit
- ASPThai.NET Forum 8.5 Remote Database Disclosure Vulnerability
- Active Web Helpdesk v 2 (Auth Bypass) SQL Injection Vulnerability
- Lito Lite CMS (cate.php cid) Remote SQL Injection Exploit
- Active Test 2.1 (QuizID) Blind SQL Injection Vulnerability
- Itunes 8.0.2.20/Quicktime 7.5.5 (.mov File) Multiple Off By Overflow PoC
- Cain & Abel 4.9.23 (rdp file) Buffer Overflow PoC
- Active Web Helpdesk v 2 (CategoryID) Blind SQL Injection Vulnerability
- Active Photo Gallery 6.2 (Auth Bypass) SQL Injection Vulnerability
- Active Price Comparison v 4 (ProductID) Blind SQL Injection Vulnerability
- Active Time Billing 3.2 (Auth Bypass) SQL Injection Vulnerability
- Active Business Directory v 2 Remote blind SQL Injection Vulnerability
- Quick Tree View .NET 3.1 (qtv.mdb) Database Disclosure Vulnerability
- KTP Computer Customer Database CMS Local File Inclusion Vulnerability
- KTP Computer Customer Database CMS Blind SQL Injection Vulnerability
- Minimal Ablog 0.4 (SQL/FU/Bypass) Multiple Remote Vulnerabilities
- Electronics Workbench (EWB File) Local Stack Overflow PoC
- cpCommerce 1.2.6 (URL Rewrite) Input variable overwrite / Auth bypass
- Cain & Abel <= v4.9.24 .RDP Stack Overflow Exploit
- Broadcast Machine 0.1 Multiple Remote File Inclusion Vulnerabilities
- z1exchange 1.0 (edit.php site) Remote SQL Injection Vulnerability
- Andy's PHP Knowledgebase 0.92.9 Arbitrary File Upload Vulnerability
- Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC
- Maxum Rumpus 6.0 Multiple Remote Buffer Overflow Vulnerabilities
- E.Z. Poll v.2 (Auth Bypass) Remote SQL Injection Vulnerability
- ASPPortal 3.2.5 (ASPPortal.mdb) Database Disclosure Vulnreability
- bcoos 1.0.13 (viewcat.php cid) Remote SQL Injection Exploit
- PacPoll 4.0 (poll.mdb/poll97.mdb) Database Disclosure Vulnerability
- Ocean12 Mailing List Manager Gold (DD/SQL/XSS) Vulnerabilities
- CMS MAXSITE Component Guestbook Remote Command Execution Exploit
- SunByte e-Flower (id) Remote SQL Injection Vulnerability
- Rapid Classified 3.1 (cldb.mdb) Database Disclosure Vulnerability
- Codefixer MailingListPro (MailingList.mdb) Database Disclosure Vuln
- Gallery MX 2.0.0 (pics_pre.asp ID) Blind SQL Injection Vulnerability
- Calendar MX Professional 2.0.0 Blind SQL Injection Vulnerability
- Check New 4.52 (findoffice.php search) Remote SQL Injection Exploit
- Cain & Abel 4.9.23 (rdp file) Buffer overflow Exploit
- ClamAV < 0.94.2 (JPEG Parsing) Recursive Stack Overflow PoC
- Joomla Component com_jmovies 1.1 (id) SQL Injection Exploit
- ASP User Engine .NET Remote Database Disclosure Vulnerability
- Rae Media Contact MS (Auth Bypass) SQL Injection Vulnerability
- RadAsm <= 2.2.1.5 (.RAP File) WindowCallProcA Pointer Hijack Exploit
- Multi SEO phpBB 1.1.0 (pfad) Remote File Inclusion Vulnerability
- ccTiddly 1.7.4 (cct_base) Multiple Remote File Inclusion Vulnerabilities
- Wbstreet v.1.0 (SQL/DD) Multiple Remote Vulnerabilities
- User Engine Lite ASP (users.mdb) Database Disclosure Vulnerability
- Template Creature (SQL/DD) Multiple Remote Vulnerabilities
- Easy News Content Management (News.mdb) Database Disclosure Vuln
- lcxbbportal 0.1 Alpha 2 Remote File Inclusion Vulnerability
- My Simple Forum 3.0 (index.php action) Local File Inclusion Vulnerability
- Joomla Component mydyngallery 1.4.2 (directory) SQL Injection Vuln
- Gravity GTD <= 0.4.5 (rpc.php objectname) LFI/RCE Vulnerability
- BNCwi <= 1.04 Local File Inclusion Vulnerability
- Multiple Membership Script 2.5 (id) SQL Injection Vulnerability
- PEiD <= 0.92 Malformed PE File Universal Buffer Overflow Exploit
- Merlix Educate Servert (Bypass/DD) Multiple Remote Vulnerabilities
- RankEm (rankup.asp siteID) Remote SQL Injection Vulnerability
- RankEm (auth bypass) Remote SQL Injection Vulnerability
- NightFall Personal Diary 1.0 (XSS/DD) Multiple Remote Vulnerabilities
- Merlix Teamworx Server (DD/Bypass) Multiple Remote Vulns
- Cold BBS (cforum.mdb) Remote Database Disclosure Vulnerability
- Tizag Countdown Creator .v.3 Insecure Upload Vulnerability
- NULL FTP Server 1.1.0.7 SITE Parameters Command Injection Vuln
- ASP AutoDealer (SQL/DD) Multiple Remote Vulnerabilities
- ASP PORTAL Multiple Remote SQL Injection Vulnerabilities
- Visagesoft eXPert PDF EditorX (VSPDFEditorX.ocx) Insecure Method
- ASPTicker 1.0 (news.mdb) Remote Database Disclosure Vulnerability
- ASP AutoDealer Remote Database Disclosure Vulnerability
- ASP PORTAL (xportal.mdb) Remote Database Disclosure Vulnerability
- DesignWorks Professional 4.3.1 Local .CCT File Stack BOF PoC
- phpPgAdmin <= 4.2.1 (_language) Local File Inclusion Vulnerability
- IPNPro3 <= 1.44 Admin Password Changing Exploit
- DL PayCart <= 1.34 Admin Password Changing Exploit
- Bonza Cart <= 1.10 Admin Password Changing Exploit
- PayPal eStore Admin Password Changing Exploit
- Product Sale Framework 0.1b (forum_topic_id) SQL Injection Vulnerability
- w3blabor CMS 3.0.5 Arbitrary File Upload & LFI Exploit
- NatterChat 1.12 (natterchat112.mdb) Database Disclosure Vulnerability
- Professional Download Assistant 0.1 Database Disclosure Vulnerability
- Ikon AdManager 2.1 Remote Database Disclosure Vulnerability
- ASPManage Banners (RFU/DD) Multiple Remote Vulnerabilities
- Mini Blog 1.0.1 (index.php) Multiple Local File Inclusion Vulnerabilities
- Mini-CMS 1.0.1 (index.php) Multiple Local File Inclusion Vulnerabilities
- QMail Mailing List Manager 1.2 Database Disclosure Vulnerability
- PHPmyGallery Gold 1.51 (index.php) Directory Traversal Vulnerability
- ASP Talk (SQL/CSS) Multiple Remote Vulnerabilities
- MG2 0.5.1 (filename) Remote Code Execution Vulnerability
- XOOPS 2.3.1 Multiple Local File Inclusion Vulnerabilities
- SIU Guarani Multiple Remote Vulnerabilities
- phpMyAdmin 3.1.0 (XSRF) SQL Injection Vulnerability
- Simple Directory Listing 2 Cross Site File Upload Vulnerability
- XAMPP 1.6.8 (XSRF) Change Administrative Password Exploit
- Secure Downloads v2.0.0r for vBulletin SQL Injection Vulnerability
- phpBB 3 (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit
- Neostrada Livebox Router Remote Network Down PoC Exploit
- WebCAF <= 1.4 (LFI/RCE) Multiple Remote Vulnerabilities
- DD-WRT v24-sp1 (XSRF) Cross Site Reference Forgery Exploit
- Professional Download Assistant 0.1 (Auth Bypass) SQL Injection Vuln
- Poll Pro 2.0 (Auth Bypass) Remote SQL Injection Vulnerability
- PHPmyGallery 1.0beta2 (RFI/LFI) Multiple Remote Vulnerabilities
- PHP safe_mode bypass via proc_open() and custom environment
- Peel Shopping 3.1 (index.php rubid) SQL Injection Vulnerability
- Netref 4.0 Multiple Remote SQL Injection Vulnerabilities
- ProQuiz 1.0 (Auth Bypass) SQL Injection Vulnerability
- PostEcards (SQL/DD) Multiple Remote Vulnerabilities
- PHPmyGallery 1.5beta (common-tpl-vars.php) LFI/RFI Vulnerabilities
- PHP Multiple Newsletters 2.7 (LFI/XSS) Multiple Vulnerabilities
- Vinagre < 2.24.2 show_error() Remote Format String PoC
- EasyMail ActiveX (emmailstore.dll 6.5.0.3) Buffer Overflow Exploit
- MS Internet Explorer XML Parsing Remote Buffer Overflow Exploit 0day
- HTMPL 1.11 (htmpl_admin.cgi help) Command Execution Vulnerability
- Linux Kernel <= 2.6.27.8 ATMSVC Local Denial of Service Exploit
- eZ Publish < 3.9.5/3.10.1/4.0.1 Privilege Escalation Exploit
- Webmaster Marketplace (member.php u) SQL Injection Vulnerability
- Living Local 1.1 (XSS-RFU) Multiple Remote Vulnerabilities
- Pro Chat Rooms 3.0.2 (XSS/CSRF) Multiple Vulnerabilities
- MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day
- Butterfly Organizer 2.0.1 (view.php id) SQL Injection Vulnerability
- CF SHOPKART 5.2.2 (SQL/DD) Multiple Remote Vulnerabilities
- CF_Calendar (calendarevent.cfm) Remote SQL Injection Exploit
- CF_Auction (forummessage) Blind SQL Injection Vulnerability
- CFMBLOG (index.cfm categorynbr) Blind SQL Injection Vulnerability
- CF_Forum Blind SQL Injection Vulnerability
- phpAddEdit 1.3 (editform) Local File Inclusion Vulnerability
- PhpAddEdit 1.3 (Cookie) Login Bypass Vulnerability
- evCal Events Calendar Database Disclosure Vulnerability
- MyCal Personal Events Calendar (mycal.mdb) Database Disclosure Vuln
- eZ Publish 3.9.0/3.9.5/3.10.1 Command Execution Exploit (admin req)
- Feed Cms 1.07.03.19b (lang) Local File Inclusion Vulnerability
- Affiliate Software Java 4.0 (Auth Bypass) SQL Injection Vulnerability
- Ad Management Java (Auth Bypass) SQL Injection Vulnerability
- Banner Exchange Java (Auth Bypass) SQL Injection Vulnerability
- PHP Support Tickets 2.2 Remote File Upload Vulnerability
- The Net Guys ASPired2Poll Remote Database Disclosure Vulnerability
- The Net Guys ASPired2Protect Database Disclosure Vulnerability
- ASP-CMS 1.0 (index.asp cha) SQL Injection Vulnerability
- SUMON <= 0.7.0 (chg.php host) Command Execution Vulnerability
- MS Visual Basic ActiveX Controls mscomct2.ocx Buffer Overflow PoC
- Xpoze 4.10 (home.html menu) Blind SQL Injection Vulnerability
- Social Groupie (group_index.php id) Remote SQL Injection Vulnerability
- Wysi Wiki Wyg 1.0 Remote Password Retrieve Exploit
- Social Groupie (create_album.php) Remote File Upload Vulnerability
- The Net Guys ASPired2Blog (SQL/DD) Multiple Remote Vulnerabilities
- Moodle 1.9.3 Remote Code Execution Vulnerability
- VP-ASP Shopping Cart 6.50 Database Disclosure Vulnerability
- Umer Inc Songs Portal Script (id) SQL Injection Vulnerability
- ColdFusion Scripts Red_Reservations Database Disclosure Vulnerability
- Joomla Live Chat (SQL/Proxy) Multiple Remote Vulnerabilities
- TmaxSoft JEUS Alternate Data Streams File Disclosure Vulnerability
- FlexPHPNews 0.0.6 & PRO (Auth Bypass) SQL Injection Vulnerability
- Simple Text-File Login script 1.0.6 (DD/RFI) Multiple Vulnerabilities
- Discussion Web v4 Remote Database Disclosure Vulnerability
- ASPired2Quote (quote.mdb) Remote Database Disclosure Vulnerability
- ASP-DEV Internal E-Mail System (Auth Bypass) SQL Injection Vuln
- AutositePHP 2.0.3 (LFI/CSRF/Edit File) Multiple Remote Vulnerabilities
- iyzi Forum 1.0b3 (iyziforum.mdb) Database Disclosure Vulnerability
- CodeAvalanche FreeForum (CAForum.mdb) Database Disclosure Vulnerability
- PHP Weather 2.2.2 (LFI/XSS) Multiple Remote Vulnerabilities
- ProSysInfo TFTP server TFTPDWIN <= 0.4.2 Univ. Remote BOF Exploit
- FLDS 1.2a (redir.php id) Remote SQL Injection Vulnerability
- Linux Kernel 2.6.27.7-generic - 2.6.18 - 2.6.24-1 Local DoS Exploit
- The Rat Cms Alpha 2 (download.php) Remote Vulnerability
- Availscript Article Script Remote File Upload Vulnerability
- Availscript Classmate Script Remote File Upload Vulnerability
- Mediatheka 4.2 (index.php lang) Local File Inclusion Vulnerability
- CFAGCMS v1 Remote File Inclusion Vulnerabilities
- EvansFTP (EvansFTP.ocx) Remote Buffer Overflow PoC
- Flatnux html/javascript Injection Cookie Grabber Exploit
- ASPSiteWare Home Builder 1.0/2.0 SQL Injection Vulnerability
- ASPSiteWare Automotive Dealer V1/V2 SQL Injection Vulnerability
- ASPSiteWare RealtyListing V1/V2 SQL Injection Vulnerabilities
- IsWeb CMS 3.0 (SQL/XSS) Multiple Remote Vulnerabilities
- Forest Blog 1.3.2 (blog.mdb) Remote Database Disclosure Vulnerability
- Amaya Web Browser 10.0.1/10.1-pre5 (html tag) Buffer Overflow PoC
- CodeAvalanche Directory (CADirectory.mdb) Database Disclosure Vuln
- CodeAvalanche FreeForAll (CAFFAPage.mdb) Database Disclosure Vuln
- CodeAvalanche FreeWallpaper Remote Database Disclosure Vulnerability
- CodeAvalanche Articles (CAArticles.mdb) Database Disclosure Vuln
- CodeAvalanche RateMySite (CARateMySite.mdb) Database Disclosure
- eZ Publish < 3.9.5/3.10.1/4.0.1 (token) Privilege Escalation Exploit
- FLDS 1.2a (lpro.php id) Remote SQL Injection Vulnerability
- BabbleBoard 1.1.6 (username) CSRF/Cookie Grabber Exploit
- Mediatheka <= 4.2 Remote Blind SQL Injection Exploit
- MS Internet Explorer XML Parsing Buffer Overflow Exploit (allinone)
- The Rat Cms Alpha 2 (Auth Bypass) SQL Injection Vulnerability
- XOOPS Module Amevents (print.php id) SQL Injection Vulnerability
- CadeNix (cid) Remote SQL Injection Vulnerability
- WorkSimple 1.2.1 RFI / Sensitive Data Disclosure Vulnerabilities
- Aperto Blog 0.1.1 Local File Inclusion / SQL Injection Vulnerabilities
- CFAGCMS v1 (right.php title) SQL Injection Vulnerability
- Click&BaneX Multiple Remote SQL Injection Vulnerabilities
- ClickAndEmaiL (SQL/XSS) Multiple Remote Vulnerabilities
- Click&Rank (SQL/XSS) Multiple Remote Vulnerabilities
- FaScript FaUpload (download.php) SQL Injection Vulnerability
- Web Wiz Guestbook 8.21 (WWGguestbook.mdb) DD Vulnerability
- FLDS 1.2a report.php (linkida) Remote SQL Injection Exploit
- Aiyoota! CMS - Blind SQL Injection Exploit
- Nukedit 4.9.8 Remote Database Disclosure Vulnerability
- Realtek Sound Manager (rtlrack.exe v. 1.15.0.0) PlayList BOF Exploit
- Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities
- Zelta E Store (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities
- Gnews Publisher .NET (authors.asp authorID) SQL Injection Vulnerability
- Barracuda Spam Firewall v3.5.11.020, Model 600 SQL Injection Vuln
- RSMScript 1.21 XSS/Insecure Cookie Handling Vulnerabilities
- BP Blog 6.0/7.0/8.0/9.0 Remote Database Disclosure Vulnerability
- K&S Shopsysteme Arbitrary Remote File Upload Vulnerability
- Microsoft SQL Server sp_replwritetovarbin() Heap Overflow Exploit
- r.cms v2 Multiple SQL Injection Vulnerabilities
- PHP python extension safe_mode Bypass Local Vulnerability
- Joomla Component Tech Article 1.x (item) SQL Injection Vulnerability
- Phoenician Casino FlashAX ActiveX Remote Code Execution Exploit
- TinyMCE 2.0.1 (index.php menuID) Remote SQL Injection Vulnerability
- Lizardware CMS <= 0.6.0 Blind SQL Injection Exploit
- QuickerSite Easy CMS (QuickerSite.mdb) Database Disclosure Vulnerability
- Mini File Host 1.x Arbitrary PHP File Upload Vulnerability
- 2532|Gigs 1.2.2 Stable Multiple Remote Vulnerabilities
- 2532|Gigs 1.2.2 Stable Remote Login Bypass Vulnerability
- 2532|Gigs 1.2.2 Stable Remote Command Execution Exploit
- Calendar Script 1.1 Insecure Cookie Handling Vulnerability
- I-Rater Basic (messages.php) Remote SQL Injection Vulnerability
- Phpclanwebsite <= 1.23.3 Fix Pack #5 Multiple Remote Vulnerabilities
- ESET Smart Security <= 3.0.672 (epfw.sys) Privilege Escalation Exploit
- Injader CMS 2.1.1 (id) Remote SQL Injection Vulnerability
- Gobbl CMS 1.0 Insecure Cookie Handling Vulnerability
- MyPHPsite (index.php mod) Local File Inclusion Vulnerability
- Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
- webcamXP 5.3.2.375 Remote File Disclosure Vulnerability
- MyPBS (index.php seasonID) Remote SQL Injection Exploit
- ReVou Twitter Clone Admin Password Changing Exploit
- Online Keyword Research Tool (download.php) File Disclosure Vuln
- Extract Website (download.php filename) File Disclosure Vulnerability
- myPHPscripts Login Session 2.0 XSS/Database Disclosure Vulns
- FreeLyrics 1.0 (source.php p) Remote File Disclosure Vulnerability
- OneOrZero helpdesk 1.6.*. Remote Shell Upload Exploit
- Constructr CMS <= 3.02.5 Stable Multiple Remote Vulnerabilities
- Userlocator 3.0 (y) Remote Blind SQL Injection Exploit
- ReVou Twitter Clone Arbitrary File Upload Vulnerability
- chicomas <= 2.0.4 (DB Backup/DD/XSS) Multiple Vulnerabilities
- PowerStrip < = 3.84 (pstrip.sys) Privilege Escalation Exploit
- Emefa Guestbook 3.0 Remote Database Disclosure Vulnerability
- Linksys Wireless ADSL Router (WAG54G V.2) httpd DoS Exploit
- CoolPlayer 2.19 (Skin File) Local Buffer Overflow Exploit
- BLOG 1.55B (image_upload.php) Arbitrary File Upload Vulnerability
- Joomla Component com_hbssearch 1.0 Blind SQL Injection Vuln
- Joomla Component com_tophotelmodule 1.0 Blind SQL Injection Vuln
- PHPg 1.6 (XSS/PD/DoS) Multiple Remote Vulnerabilities
- RSS Simple News (news.php pid) Remote SQL Injection Exploit
- Text Lines Rearrange Script (filename) File Disclosure Vulnerability
- Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln
- Pligg 9.9.5b (check_url.php url) Upload Shell/SQL Injection Exploit
- YourPlace <= 1.0.2 Multiple Remote Vulnerabilities + RCE Exploit
- Joomla Component Volunteer 2.0 (job_id) SQL Injection Vulnerability
- CoolPlayer 2.19 (Skin File) Local Buffer Overflow Exploit (py)
- SolarCMS 0.53.8 (Forum) Remote Cookies Disclosure Exploit
- RoundCube Webmail <= 0.2-3 beta Code Execution Vulnerability
- CUPS < 1.3.8-4 (pstopdf filter) Privilege Escalation Exploit
- Calendar Script 1.1 (Auth Bypass) SQL Injection Vulnerability
- REDPEACH CMS (zv) Remote SQL Injection Vulnerability
- RoundCube Webmail <= 0.2b Remote Code Execution Exploit
- Mozilla Firefox 3.0.5 location.hash Remote Crash Exploit
- Psi Jabber Client (8010/tcp) Remote Denial of Service Exploit (win/lin)
- PGP Desktop 9.0.6 (PGPwded.sys) Local Denial of Service Exploit
- PHPmotion <= 2.1 CSRF Vulnerability
- phpLD 3.3 (page.php name) Blind SQL Injection Vulnerability
- CMS NetCat 3.12 (password_recovery.php) Blind SQL Injection Exploit
- CMS NetCat <= 3.12 Multiple Remote Vulnerabilities
- phpGreetCards XSS/Arbitrary File Upload Vulnerability
- phpAdBoard (php uploads) Arbitrary File Upload Vulnerability
- phpEmployment (php upload) Arbitrary File Upload Vulnerability
- Getleft 1.2 Remote Buffer Overflow Proof of Concept
- StormBoard 1.0.1 (thread.php id) SQL Injection Vulnerability
- Google Chrome Browser (ChromeHTML://) Remote Parameter Injection
- Joomla Component com_lowcosthotels (id) Blind SQL Injection Vuln
- Joomla Component com_allhotels (id) Blind SQL Injection Vulnerability
- doop CMS <= 1.4.0b (CSRF/Upload Shell) Multiple Remote Vulnerabilities
- ILIAS <= 3.7.4 (ref_id) Blind SQL Injection Vulnerability
- BulletProof FTP Client 2.63 Local Heap Overflow PoC
- Joomla Component Ice Gallery 0.5b2 (catid) Blind SQL Injection Vuln
- Joomla Component Live Ticker 1.0 (tid) Blind SQL Injection Vuln
- Joomla Component mdigg 2.2.8 (category) SQL Injection Vuln
- Joomla Component 5starhotels (id) SQL Injection Exploit
- PHP-Fusion <= 7.0.2 Remote Blind SQL Injection Exploit
- Acoustica Mixcraft <= 4.2 Universal Stack Overflow Exploit (SEH)
- SAWStudio 3.9i (prf File) Local Buffer Overflow PoC
- ClaSS <= 0.8.60 (export.php ftype) Local File Inclusion Vulnerability
- BloofoxCMS 0.3.4 (lang) Local File Inclusion Vulnerability
- FreeBSD 6x/7 protosw kernel Local Privledge Escalation Exploit
- IntelliTamper 2.07/2.08 (MAP File) Local SEH Overwrite Exploit
- MS Internet Explorer XML Parsing Buffer Overflow Exploit
- Amaya Web Browser <= 11.0.1 Remote Buffer Overflow Exploit (vista)
- MS Windows Media Player 1.sh index.html index.html.working milw0rm.tar.bz2 milw0rm-wi.jpg platforms rport sploitlist.txt (.WAV) Remote Crash PoC
- Miniweb 2.0 (Auth Bypass) SQL Injection Vulnerability
- Joomla Component PAX Gallery 0.1 Blind SQL Injection Vulnerability
- BulletProof FTP Client (.bps File) Local Stack Overflow PoC
- Hex Workshop 5.1.4 (Color Mapping File) Local Buffer Overflow PoC
- DeluxeBB <= 1.2 Remote Blind SQL Injection Exploit
- Chilkat FTP ActiveX (SaveLastError) Insecure Method Exploit
- FubarForum 1.6 Arbitrary Admin Bypass Vulnerability
- AlstraSoft Web Email Script Enterprise (id) SQL Injection Vuln
- OwenPoll 1.0 Insecure Cookie Handling Vulnerability
- PHP-Fusion Mod TI (id) Remote SQL Injection Vulnerability
- ForumApp 3.3 Remote Database Disclosure Vulnerability
- Flexphplink Pro Arbitrary File Upload Exploit
- Silentum LoginSys 1.0.0 Insecure Cookie Handling vulnerability
- webClassifieds 2005 (Auth Bypass) SQL Injection Vulnerability
- eDNews v2 (lg) Local File Inclusion Vulnerability
- eDContainer v2.22 (lg) Local File Inclusion Vulnerability
- TaskDriver <= 1.3 Remote Change Admin Password Exploit
- FubarForum 1.6 Admin Bypass Change User Password Vulnerability
- Ultimate PHP Board <= 2.2.1 (log inj) Privilege Escalation Exploit
- IntelliTamper 2.07/2.08 (ProxyLogin) Local Stack Overflow Exploit
- Sepcity Shopping Mall (shpdetails.asp ID) SQL Injection Vulnerability
- Sepcity Lawyer Portal (deptdisplay.asp ID) SQL Injection Vulnerability
- CMS NetCat 3.0/3.12 Blind SQL Injection Exploit
- Joomla Component com_na_content 1.0 Blind SQL Injection Vulnerability
- Sepcity Classified (classdis.asp ID) SQL Injection Vulnerability
- FlexPHPDirectory 0.0.1 (Auth Bypass) SQL Injection Vulnerability
- Flexphpsite 0.0.1 (Auth Bypass) SQL Injection Vulnerability
- Flexphplink 0.0.x (Auth Bypass) SQL Injection Vulnerability
- SasCam WebCam Server 2.6.5 ActiveX Remote BOF Exploit
- Linux Kernel < 2.6.26.4 SCTP Kernel Memory Disclosure Exploit
- eDNews v2 (eDNews_view.php newsid) SQL Injection Vulnerability
- ThePortal 2.2 Arbitrary Remote File Upload Exploit
- PHPAlumni (Acomment.php id) SQL Injection Vulnerability
- Flexcustomer 0.0.6 Admin Login Bypass / Possible PHP code writing
- Megacubo 5.0.7 (mega://) Remote eval() Injection Exploit
- Flexphpic 0.0.x (Auth Bypass) SQL Injection Vulnerability
- CMScout 2.06 SQL Injection/Local File Inclusion Vulnerabilities
- Mole Group Vacation Estate Listing Script (editid1) Blind SQL Injection
- Pixel8 Web Photo Album 3.0 Remote SQL Injection Vulnerability
- ViArt Shopping Cart 3.5 Multiple Remote Vulnerabilities
- DDL-Speed Script (acp/backup) Admin Backup Bypass Vulnerability
- Megacubo 5.0.7 (mega://) Remote File Download and Execute Exploit
- 2Capsule (sticker.php id) Remote SQL Injection Vulnerability
- Nokia S60 SMS/MMS (Curse of Silence) Denial of Service Vulnerability
- EggBlog 3.1.10 Change Admin Pass CSRF Vulnerability
- Audacity 1.6.2 (.gro File) Local Buffer Overflow PoC
- ASPThai.Net Webboard 6.0 (bview.asp) SQL Injection Vulnerability
- PHPFootball <= 1.6 (filter.php) Remote Hash Disclosure Exploit
- Elecard MPEG Player 5.5 (.m3u File) Stack Buffer Overflow PoC
- Memberkit 1.0 Remote PHP File Upload Vulnerability
- phpScribe 0.9 (user.cfg) Remote Config Disclosure Vulnerability
- w3blabor CMS <= 3.3.0 (Admin Bypass) SQL Injection Vulnerability
- PowerNews 2.5.4 (news.php newsid) SQL Injection Vulnerability
- PowerClan 1.14a (Auth Bypass) SQL Injection Vulnerability
- Konqueror 4.1 XSS / Remote Crash Vulnerabilities
- Built2Go PHP Link Portal 1.95.1 Remote File Upload Vulnerability
- Built2Go PHP Rate My Photo 1.46.4 Remote File Upload Vulnerability
- PHP <= 5.2.8 gd library - imageRotate() Information Leak Vulnerability
- VMware <= 2.5.1 (Vmware-authd) Remote Denial of Service Exploit
- phpSkelSite 1.4 (RFI/LFI/XSS) Multiple Remote Vulnerabilities
- Destiny Media Player 1.61 (.m3u File) Local Buffer Overflow PoC
- Lito Lite CMS Multiple Cross Site Scripting / Blind SQL Injection Exploit
- Destiny Media Player 1.61 (.m3u File) Local Stack Overflow Exploit
- Destiny Media Player 1.61 (lst File) Local Buffer overflow PoC
- Webspell 4 (Auth Bypass) SQL Injection Vulnerability
- Destiny Media Player 1.61 (lst File) Local Buffer Overflow Exploit
- Destiny Media Player 1.61 (lst File) Local Buffer Overflow Exploit #2
- Destiny Media Player 1.61 (lst File) Local Buffer Overflow Exploit #3
- webSPELL <= 4.01.02 (id) Remote Edit Topics Vulnerability
- PNphpBB2 <= 1.2i (ModName) Multiple Local File Inclusion Exploit
- WSN Guest 1.23 (search) Remote SQL Injection Vulnerability
- PhpMesFilms 1.0 (index.php id) Remote SQL Injection Vulnerability
- Destiny Media Player 1.61 (lst File) Local Buffer Overflow Exploit #4
- Destiny Media Player 1.61 (lst File) Local Buffer Overflow Exploit #5
- plxAutoReminder 3.7 (id) Remote SQL Injection Vulnerability
- The Rat CMS Alpha 2 (viewarticle.php id) Blind SQL Injection Exploit
- Ayemsis Emlak Pro (acc.mdb) Database Disclosure Vulnerability
- Ayemsis Emlak Pro (Auth Bypass) SQL Injection Vulnerability
- Joomla Component simple_review 1.x SQL Injection Vulnerability
- Cybershade CMS 0.2b (index.php) Remote File Inclusion Exploit
- Joomla com_na_newsdescription (newsid) SQL Injection Exploit
- Joomla com_phocadocumentation (id) Remote SQL Injection Exploit
- VUPlayer 2.49 (.wax File) Local Buffer Overflow Exploit
- PHPAuctionSystem (XSS/SQL) Multiple Remote Vulnerabilities
- Safari (Arguments) Array Integer Overflow PoC (New Heap Spray)
- PHPAuctionSystem Insecure Cookie Handling Vulnerability
- Oracle 10g SYS.LT.REMOVEWORKSPACE SQL Injection Exploit
- Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit
- Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit
- PHPAuctionSystem Multiple Remote File Inclusion Vulnerabilities
- RiotPix <= 0.61 (forumid) Blind SQL Injection Exploit
- ezPack 4.2b2 (XSS/SQL) Multiple Remote Vulnerabilities
- Debian GNU/Linux XTERM (DECRQSS/comments) Weakness Vulnerability
- RiotPix <= 0.61 (Auth Bypass) SQL Injection Vulnerability
- Goople <= 1.8.2 (frontpage.php) Blind SQL Injection Exploit
- Rosoft Media Player 4.2.1 Local Buffer Overflow Exploit
- SeaMonkey <= 1.1.14 (marquee) Denial of Service Exploit
- ItCMS <= 2.1a (Auth Bypass) SQL Injection Vulnerability
- playSMS 0.9.3 Multiple Remote/Local File Inclusion Vulnerabilities
- Cain & Abel 4.9.25 (Cisco IOS-MD5) Local Buffer Overflow Exploit
- BlogHelper (common_db.inc) Remote Config File Disclosure Vulnerability
- PollHelper (poll.inc) Remote Config File Disclosure Vulnerability
- Joomla <= 1.5.8 (xstandard editor) Local Directory Traversal Vulnerability
- CoolPlayer BUILD 219 (PlaylistSkin) Buffer Overflow Exploit
- Perception LiteServe 2.0.1 (user) Remote Buffer Overflow PoC
- Audacity 1.6.2 (.aup File) Remote off by one Crash Exploit
- VUPlayer <= 2.49 .PLS Universal Buffer Overflow Exploit
- WinAmp GEN_MSN Plugin Heap Buffer Overflow PoC
- PHP-Fusion Mod Members CV (job) 1.0 SQL Injection Vulnerability
- PHP-Fusion Mod E-Cart 1.3 (items.php CA) SQL Injection Vulnerability
- QuoteBook (poll.inc) Remote Config File Disclosure Vulnerability
- CuteNews <= 1.4.6 (ip ban) XSS/Command Execution Exploit (adm req.)
- Samba < 3.0.20 Remote Heap Overflow Exploit (oldie but goodie)
- GOM Player 2.0.12.3375 (.ASX File) Stack Overflow Exploit
- PHP-Fusion Mod vArcade 1.8 (comment_id) SQL Injection Vulnerability
- Pizzis CMS <= 1.5.1 (visualizza.php idvar) Blind SQL Injection Exploit
- XOOPS 2.3.2 (mydirname) Remote PHP Code Execution Exploit
- Anope IRC Services With bs_fantasy_ext <= 1.2.0-RC1 mIRC script
- IntelliTamper (2.07/2.08) Language Catalog SEH Overflow Exploit
- MP3 TrackMaker 1.5 (.mp3 File) Local Heap Overflow PoC
- VUPlayer 2.49 .ASX File (HREF) Local Buffer Overflow PoC
- MS Internet Explorer JavaScript screen[ ] Denial of Service Exploit
- Fast FAQs System (Auth Bypass) SQL Injection Vulnerability
- Netgear WG102 Leaks SNMP write password with read access
- VUPlayer 2.49 .ASX File (HREF) Local Buffer Overflow Exploit
- VUPlayer 2.49 .ASX File (HREF) Local Buffer Overflow Exploit
- VUPlayer 2.49 .ASX File (HREF) Universal Buffer Overflow Exploit
- Joomla com_xevidmegahd (catid) Remote SQL Injection Exploit
- Joomla com_jashowcase (catid) Remote SQL Injection Exploit
- Joomla com_newsflash (id) Remote SQL Injection Vulnerability
- Fast Guest Book (Auth Bypass) SQL Injection Vulnerability
- MS Windows (.CHM File) Denial of Service (html compiled)
- Browse3D 3.5 (.sfs File) Local Buffer Overflow PoC
- DZcms v.3.1 (products.php pcat) Remote SQL Injection Vulnerability
- Seo4SMF for SMF forums Multiple Vulnerabilities
- phpMDJ <= 1.0.3 (id_animateur) Blind SQL Injection Exploit
- XOOPS Module tadbook2 (open_book.php book_sn) SQL Injection Vuln
- BKWorks ProPHP 0.50b1 (Auth Bypass) SQL Injection Vulnerability
- Microsoft HTML Workshop <= 4.74 Universal Buffer Overflow Exploit
- Weight Loss Recipe Book 3.1 (Auth Bypass) SQL Injection Vuln
- PHP-Fusion Mod the_kroax (comment_id) SQL Injection Vulnerability
- Social Engine (browse_classifieds.php s) SQL Injection Vulnerability
- fttss <= 2.0 Remote Command Execution Vulnerability
- Silentum Uploader 1.4.0 Remote File Deletion Exploit
- Photobase 1.2 (language) Local File Inclusion Vulnerability
- Joomla Component Portfol (vcatid) SQL Injection Vulnerability
- Simple Machines Forum - Destroyer 0.1
- Comersus Shopping Cart <= v6 Remote User Pass Exploit
- Triologic Media Player 7 (.m3u) Local Heap Buffer Overflow PoC
- Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection Vulnerability
- ExcelOCX ActiveX 3.2 (Download File) Insecure Method Exploit
- PWP Wiki Processor 1-5-1 Remote File Upload Vulnerability
- dMx READY ( 25 Products ) Remote Database Disclosure Vulnerability
- Winamp <= 5.541 (mp3/aiff) Multiple Denial of Service Exploits
- Realtor 747 (define.php INC_DIR) Remote File Inclusion Vulnerability
- Virtual GuestBook 2.1 Remote Database Disclosure Vulnerability
- VUPlayer 2.49 .ASX File (Universal) Local Buffer Overflow Exploit
- Joomla Component com_gigcal (gigcal_gigs_id) SQL Injection Vuln
- Word Viewer OCX 3.2 ActiveX (Save) Remote File Overwrite Exploit
- Office Viewer ActiveX Control 3.0.1 (Save) Remote File Overwrite Exploit
- Office Viewer ActiveX Control 3.0.1 Remote File Execution Exploit
- PowerPoint Viewer OCX 3.1 Remote File Overwrite Exploit
- dBpowerAMP Audio Player 2 .PLS File Local Buffer Overflow PoC
- DMXReady News Manager <= 1.1 Arbitrary Category Change Vuln
- HSPell 1.1 (cilla.cgi) Remote Command Execution Exploit
- DMXReady Account List Manager <= 1.1 Contents Change Vulnerability
- PowerPoint Viewer OCX 3.1 Remote File Execution Exploit
- Nofeel FTP Server 3.6 (CWD) Remote Memory Consumption Exploit
- Word Viewer OCX 3.2 Remote File Execution exploit
- Dark Age CMS <= v0.2c Beta (Auth Bypass) SQL Injection Vulnerability
- Syzygy CMS <= 0.3 (Auth Bypass) SQL Injection Vulnerability
- TeamSpeak <= 2.0.23.17 Remote File Disclosure Vulnerability
- Netvolution CMS 1.0 (XSS/SQL) Multiple Remote Vulnerabilities
- EDraw Office Viewer 5.4 HttpDownloadFile() Insecure Method Vuln
- Excel Viewer OCX 3.2 Remote File Execution Exploit
- DMXReady Blog Manager <= 1.1 Remote File Delete Vulnerability
- OTSTurntables 1.00.027 (.ofl) Local Stack Overflow Exploit
- DMXReady Catalog Manager <= 1.1 Remote Contents Change Vuln
- DMXReady Classified Listings Manager <= 1.1 SQL Injection Vulnerability
- DMXReady Contact Us Manager <= 1.1 Remote Contents Change Vuln
- DMXReady Document Library Manager <= 1.1 Contents Change Vuln
- DMXReady Faqs Manager <= 1.1 Remote Contents Change Vulnerability
- DMXReady Job Listing <= 1.1 Remote Contents Change Vulnerability
- DMXReady Links Manager <= 1.1 Remote Contents Change Vulnerability
- DMXReady Member Directory Manager <= 1.1 SQL Injection Vulnerability
- DMXReady Members Area Manager <= 1.2 SQL Injection Vulnerability
- Joomla Component Camelcitydb2 2.2 SQL Injection Vulnerabilities
- Cisco VLAN Trunking Protocol Denial of Service Exploit
- Joomla Component Fantasytournament SQL Injection Vulnerabilities
- phpList <= 2.10.8 Local File Inclusion Vulnerability
- AAA EasyGrid ActiveX 3.51 Remote File Overwrite Exploit
- phosheezy 2.0 Remote Command Execution Exploit
- Oracle Secure Backup 10g exec_qr() Command Injection Vulnerability
- DMXReady PayPal Store Manager <= 1.1 Contents Change Vulnerability
- DMXReady Photo Gallery Manager <= 1.1 Contents Change Vulnerability
- DMXReady Registration Manager <= 1.1 Contents Change Vulnerability
- Oracle TimesTen Remote Format String PoC
- Php Photo Album 0.8b (index.php preview) Local File Inclusion Vulnerability
- DMXReady Secure Document Library <= 1.1 Remote SQL Injection Vuln
- DMXReady BillboardManager <= 1.1 Contents Change Vulnerability
- DMXReady SDK <= 1.1 Remote File Download Vulnerability
- NetSurf Web Browser 1.2 Multiple Remote Vulnerabilities
- DMXReady Billboard Manager <= 1.1 Remote File Upload Vulnerability
- GNUBoard 4.31.03 (08.12.29) Local File Inclusion Vulnerability
- Joomla com_Eventing 1.6.x Blind SQL Injection Exploit
- Ciansoft PDFBuilderX 2.2 ActiveX Arbitrary File Overwrite Exploit
- Joomla Component RD-Autos 1.5.5 (id) SQL Injection Vulnerability
- MKPortal <= 1.2.1 () Multiple Remote Vulnerabilities
- Blue Eye CMS <= 1.0.0 (clanek) Blind SQL Injection Exploit
- Free Bible Search PHP Script (readbible.php) SQL Injection Vulnerability
- Novell Netware 6.5 (ICEbrowser) Remote System DoS Exploit
- eFAQ (Auth Bypass) SQL Injection Vulnerability
- eReservations (Auth Bypass) SQL Injection Vulnerability
- The Walking Club (Auth Bypass) SQL Injection Vulnerability
- Ping IP (Auth Bypass) SQL Injection Vulnerability
- MetaProducts MetaTreeX V 1.5.100 ActiveX File Overwrite Exploit
- RankEm (DD/XSS/CM) Multiple Remote Vulnerabilities
- BlogIt! (SQL/DD/XSS) Multiple Remote Vulnerabilities
- ASP ActionCalendar v.1.3 (Auth Bypass) SQL Injection Vulnerability
- Aj Classifieds - Real Estate v3 Remote Shell Upload Vulnerability
- Aj Classifieds - Personals v3 Remote Shell Upload Vulnerability
- Aj Classifieds - For Sale v3 Remote Shell Upload Vulnerability
- MPlayer 1.0rc2 TwinVQ Stack Buffer Overflow PoC
- Simple PHP Newsletter 1.5 (olang) Local File Inclusion Vulnerabilities
- BibCiter 1.4 Multiple SQL Injection Vulnerabilities
- Joomla Component Gigcal 1.x (id) SQL Injection Vulnerability
- DS-IPN.NET Digital Sales IPN Database Disclosure Vulnerability
- Click&Email (Auth Bypass) SQL Injection Vulnerability
- SCMS v1 (index.php p) Local File Inclusion Vulnerability
- ESPG (Enhanced Simple PHP Gallery) 1.72 File Disclosure Vulnerability
- Fhimage 1.2.1 Remote Index Change Exploit
- Fhimage 1.2.1 Remote Command Execution Exploit (mq = off)
- D-Bus Daemon < 1.2.4 (libdbus) Denial of Service Exploit
- QNX 6.4.0 bitflipped elf binary (id) Kernel Panic Exploit
- Joomla com_pccookbook (recipe_id) Blind SQL Injection Exploit
- SmartVmd ActiveX v 1.1 Remote File Overwrite Exploit
- SmartVmd ActiveX v 1.1 Remote File Deletion Exploit
- Joomla Component com_news SQL Injection Vulnerability
- Gallery Kys 1.0 Admin Password Disclosure / Permanent XSS Vulns
- RCBlog v1.03 Authentication Bypass Vulnerability
- Ninja Blog 4.8 Remote Information Disclosure Vulnerability
- PHPAds 2.0 Multiple Remote Vulnerabilities
- Joomla com_waticketsystem Blind SQL Injection Exploit
- Ninja Blog 4.8 (CSRF/HTML Injection) Vulnerability
- Max.Blog 1.0.6 Arbitrary Delete Post Exploit
- AJ Auction Pro OOPD 2.3 (id) SQL Injection Vulnerability
- LinPHA Photo Gallery 2.0 Remote Command Execution Exploit
- Dodo's Quiz Script 1.1 (dodosquiz.php) Local File Inclusion Vulnerability
- Total Video Player 1.31 (DefaultSkin.ini) Local Stack Overflow Exploit
- Joomla Com BazaarBuilder Shopping Cart v.5.0 SQL Injection Exploit
- Mambo Component SOBI2 RC 2.8.2 (bid) SQL Injection Vulnerability
- Firefox 3.0.5 Status Bar Obfuscation / Clickjacking
- Browser3D 3.5 (.sfs File) Local Stack Overflow Exploit (c)
- Sad Raven's Click Counter 1.0 passwd.dat Disclosure Exploit
- AXIS 70U Network Document Server Privilege Escalation/XSS
- Joomla com_pcchess (game_id) Blind SQL Injection Exploit
- Joomla Component beamospetition 1.0.12 SQL Injection / XSS
- Browser3D 3.5 (.sfs File) Local Stack Overflow Exploit
- OwnRS Blog 1.2 (autor.php) SQL Injection Vulnerability
- asp-project 1.0 Insecure Cookie Method Vulnerability
- Pardal CMS <= 0.2.0 Blind SQL Injection Exploit
- FTPShell Server 4.3 (licence key) Remote Buffer Overflow PoC
- EleCard MPEG PLAYER (.m3u file) Local Stack Overflow Exploit
- MediaMonkey 3.0.6 (.m3u file) Local Buffer Overflow PoC
- PostgreSQL 8.2/8.3/8.4 UDF for Command Execution
- MySQL 4/5/6 UDF for Command Execution
- Merak Media Player 3.2 m3u file Local Buffer Overflow PoC
- Siemens ADSL SL2-141 CSRF Exploit
- MemHT Portal <= 4.0.1 (avatar) Remote Code Execution Exploit
- Mambo com_sim v0.8 Blind SQL Injection Exploit
- Web-Calendar Lite 1.0 (Auth Bypass) SQL Injection Vulnerability
- Flax Article Manager 1.1 (cat_id) SQL Injection Vulnerability
- OpenGoo 1.1 (script_class) Local File Inclusion Vulnerability
- EPOLL SYSTEM 3.1 (password.dat) Disclosure Exploit
- SunOS Release 5.11 Version snv_101b Remote IPV6 Crash Exploit
- Simple Machines Forum <= 1.1.7 XSRF/XSS/Package Upload Vuln
- ITLPoll 2.7 Stable2 (index.php id) Blind SQL Injection Exploit
- FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit
- MW6 Barcode ActiveX (Barcode.dll) Reamote Heap Overflow PoC
- NCTVideoStudio ActiveX DLLs 1.6 Insecure Method File Creation Exploit
- E-ShopSystem Auth Bypass / SQL Injection Multiple Vulnerabilities
- Script Toko Online 5.01 (shop_display_products.php) SQL Injection Vuln
- SHOP-INET v4 (show_cat2.php grid) SQL Injection Vulnerability
- WinFTP 2.3.0 (LIST) Remote Buffer Overflow Exploit (post-auth)
- PHP-CMS 1 (username) Blind SQL Injection Exploit
- Wazzum Dating Software (userid) SQL Injection Vulnerability
- Groone's GLink Organizer (index.php cat) SQL Injection Vulnerability
- SiteXS <= 0.1.1 (type) Local File Inclusion Exploit
- ClickAuction (Auth Bypass) Remote SQL Injection Vulnerability
- Joomla com_flashmagazinedeluxe (mag_id) SQL Injection Vulnerability
- NCTVideoStudio ActiveX DLLs Version 1.6 Remote Heap Overflow PoC
- OpenX 2.6.3 (MAX_type) Local File Inclusion Vulnerability
- Flax Article Manager 1.1 Remote PHP Script Upload Vulnerability
- Max.Blog <= 1.0.6 (show_post.php) SQL Injection Vulnerability
- Pixie CMS 1.0 Multiple Local File Inclusion Vulnerabilities
- Zinf Audio Player 2.2.1 (PLS File) Stack Overflow PoC
- Zinf Audio Player 2.2.1 (PLS File) Local Buffer Overflow Exploit (univ)
- Zinf Audio Player 2.2.1 (M3U FILE) Local Heap Overflow PoC
- Zinf Audio Player 2.2.1 (gqmpeg File) Buffer Overflow PoC
- Community CMS <= 0.4 (/index.php id) Blind SQL Injection Exploit
- GameScript 4.6 (XSS/SQL/LFI) Multiple Remote Vulnerabilities
- Chipmunk Blog (Auth Bypass) Add Admin Exploit
- Gazelle CMS (template) Local File Inclusion Vulnerability
- Lore 1.5.6 (article.php) Blind SQL Injection Exploit
- phplist 2.10.x (RCE by environ inclusion) Local File Inclusion Exploit
- Max.Blog <= 1.0.6 (submit_post.php) SQL Injection Vulnerability
- Max.Blog <= 1.0.6 (offline_auth.php) Offline Authentication Bypass
- Social Engine (category_id) SQL Injection Vulnerability
- SmartSiteCMS 1.0 (articles.php var) Blind SQL Injection Exploit
- Amaya Web Editor XML and HTML parser Vulnerabilities
- Google Chrome 1.0.154.43 ClickJacking Vulnerability (2009-01-23)
- Thomson mp3PRO Player/Encoder (M3U File) Crash PoC
- Personal Site Manager <= 0.3 Remote Command Execution Exploit
- Amaya Web Editor <= 11.0 Remote Buffer Overflow PoC
- Star Articles 6.0 (admin.manage) Remote Contents Change Vulnerability
- Coppermine Photo Gallery 1.4.19 Remote PHP File Upload Vulnerability
- WOW - Web On Windows ActiveX Control 2 Remote Code Execution
- GLPI v 0.71.3 Multiple Remote SQL Injection VUlnerabilities
- Internet Explorer 7 ClickJacking Vulnerability (2009-01-23)
- WFTPD Explorer Pro 1.0 Remote Heap Overflow Exploit
- Motorola Wimax modem CPEi300 (FD/XSS) Multiple Vulnerabilities
- NetArtMedia Car Portal 1.0 (Auth Bypass) SQL Injection Vulnerability
- PLE CMS 1.0 beta 4.2 (login.php school) Blind SQL Injection Exploit
- ManageEngine Firewall Analyzer 5 XSRF/XSS Vulnerability
- Profense Web Application Firewall 2.6.2 XSRF/XSS Vulnerabilities
- D-Link VoIP Phone Adapter XSS/XSRF Remote Firmware Overwrite
- Zoom VoIP Phone Adapater ATA1+1 1.2.5 XSRF Exploit
- Pligg 9.9.5 XSRF Protection Bypass and Captcha Bypass
- Total Video Player 1.3.7 (.m3u) Local Buffer Overflow Exploit
- SalesCart (Auth Bypass) SQL Injection Vulnerability
- ReVou Twitter Clone (XSS/SQL) Multiple Remote Vulnerabilities
- Amaya Web Editor 11 Remote SEH Overwrite Exploit
- GNUBoard 4.31.04 (09.01.30) Multiple Local/Remote Vulnerabilities
- Synactis All_IN_THE_BOX ActiveX v3 Null byte File Overwrite Vuln
- GOM Player 2.0.12 (.PLS) Universal Buffer Overflow Exploit
- BPAutoSales 1.0.1 (XSS/SQL) Multiple Remote Vulnerabilities
- Orca 2.0.2 (Topic) Remote XSS Vulnerability
- SkaLinks 1.5 (Auth Bypass) SQL Injection Vulnerability
- eVision CMS <= 2.0 (field) SQL Injection Vulnerability
- Spider Player 2.3.9.5 (asx File) off by one Crash Exploit
- Google Chrome 1.0.154.46 (ChromeHTML://) Parameter Injection PoC
- SMA-DB 0.3.12 (RFI/XSS) Multiple Remote Vulnerabilities
- Flatnux 2009-01-27 (Job fields) XSS/Iframe Injection PoC
- AJA Portal 1.2 Local File Inclusion Vulnerabilities (win)
- WholeHogSoftware Ware Support (Auth Bypass) SQL Injection Vuln
- WholeHogSoftware Password Protect (Auth Bypass) SQL Injection Vuln
- Elecard AVC HD PLAYER (m3u/xpl file) Local Stack Overflow PoC
- RealVNC 4.1.2 (vncviewer.exe) RFB Protocol Remote Code Execution PoC
- phpBLASTER 1.0 RC1 (blaster_user) Blind SQL Injection Exploit
- CMS Mini <= 0.2.2 Remote Command Execution Exploit
- sourdough 0.3.5 Remote File Inclusion Vulnerability
- eVision CMS 2.0 Remote Code Execution Exploit
- phpslash <= 0.8.1.1 Remote Code Execution Exploit
- OpenHelpDesk 1.0.100 eval() Code Execution Exploit (meta)
- CMS from Scratch <= 1.9.1 (fckeditor) Remote File Upload Exploit
- WholeHogSoftware Ware Support Insecure Cookie Handling Vulnerability
- WholeHogSoftware Password Protect Insecure Cookie Handling Vuln
- ClickCart 6.0 (Auth Bypass) Remote SQL Injection Vulnerability
- Groone GLinks 2.1 Remote File Inclusion Vulnerability
- Groone's Guestbook 2.0 Remote File Inclusion Vulnerability
- Online Grades 3.2.4 (Auth Bypass) SQL Injection Vulnerability
- Free Download Manager <= 3.0 Build 844 .torrent BOF Exploit
- Euphonics Audio Player v1.0 (.pls) Local Buffer Overflow Exploit
- Simple Machines Forums (BBCode) Cookie Stealing Vulnerability
- AJA Modules Rapidshare 1.0.0 Remote Shell Upload Vulnerability
- WEBalbum 2.4b (photo.php id) Blind SQL Injection Exploit
- Hex Workshop v6 (ColorMap files .cmap) Invalid Memory Reference PoC
- MyDesing Sayac 2.0 (Auth Bypass) SQL Injection Vulnerability
- 4Site CMS <= 2.6 Multiple Remote SQL Injection Vulnerabilities
- Technote 7.2 Remote File Inclusion Vulnerability
- NaviCopa webserver 3.0.1 (BOF/SD) Multiple Remote Vulnerabilities
- TxtBlog 1.0 Alpha Remote Command Execution Exploit
- DreamPics Photo/Video Gallery Blind SQL Injection Exploit
- Flatnux 2009-01-27 Remote File Inclusion Vulnerability
- Openfiler 2.3 (Auth Bypass) Remote Password Change Exploit
- Euphonics Audio Player 1.0 (.pls) Universal Local Buffer Overflow Exploit
- Euphonics Audio Player 1.0 (.pls) Local Buffer Overflow Exploit (xp/sp3)
- BlazeVideo HDTV Player <= 3.5 PLF Playlist File Remote Overflow Exploit
- Jaws 0.8.8 Multiple Local File Inclusion Vulnerabilities
- Syntax Desktop 2.7 (synTarget) Local File Inclusion Vulnerability
- rgboard v4 5p1 (07.07.27) Multiple Remote Vulnerabilities
- GRBoard 1.8 Multiple Remote File Inclusion Vulnerabilities
- PHPbbBook 1.3 (bbcode.php l) Local File Inclusion Exploit
- Power System Of Article Management (DD/XSS) Vulnerabilities
- Team 1.x (DD/XSS) Multiple Remote Vulnerabilities
- YapBB <= 1.2 (forumID) Blind SQL Injection Exploit
- Novell GroupWise <= 8.0 Malformed RCPT command Off-by-one Exploit
- Free Download Manager 2.5/3.0 (Authorization) Stack BOF PoC
- GR Blog 1.1.4 (Upload/Bypass) Multiple Remote Vulnerabilities
- Amaya Web Browser 11 (bdo tag) Remote Stack Overflow Exploit (xp)
- Amaya Web Browser 11 (bdo tag) Remote Stack Overflow Exploit (vista)
- UltraVNC/TightVNC Multiple VNC Clients Multiple Integer Overflow PoC
- GR Note 0.94 beta (Auth Bypass) Remote Database Backup Vulnerability
- ClearBudget 0.6.1 Insecure Cookie Handling / LFI Vulnerabilities
- Kipper 2.01 (XSS/LFI/DD) Multiple Vulnerabilities
- dBpowerAMP Audio Player 2 .PLS File Local Buffer Overflow Exploit
- FeedMon 2.7.0.0 outline Tag Buffer Overflow Exploit PoC
- ClearBudget 0.6.1 (Misspelled htaccess) Insecure DD Vulnerability
- txtBB <= 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit
- WikkiTikkiTavi 1.11 Remote PHP File Upload Vulnerability
- Simple PHP News 1.0 Remote Command Execution Exploit
- ZeroBoard4 pl8 (07.12.17) Multiple Remote Vulnerabilities
- Mailist 3.0 Insecure Backup/Local File Inclusion Vulnerabilities
- CafeEngine (index.php catid) Remote SQL Injection Vulnerability
- 1024 CMS <= 1.4.4 Remote Command Execution with RFI (c99) Exploit
- SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities
- phpYabs 0.1.2 (Azione) Remote File Inclusion Vulnerability
- Traidnt UP Version 1.0 Remote File Upload Vulnerability
- IF-CMS <= 2.0 (frame.php id) Blind SQL Injection Exploit
- Netgear embedded Linux for the SSL312 router DOS Vulnerability
- w3bcms <= v3.5.0 Multiple Remote Vulnerabilities Exploit
- FeedDemon <=2.7 OPML Outline Tag Buffer Overflow Exploit
- BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability
- A Better Member-Based ASP Photo Gallery (entry) SQL Injection Vuln
- Nokia N95-8 (JPG File) Remote Crash PoC
- PHP Director <= 0.21 Remote Command Execution Exploit
- Hedgehog-CMS <= 1.21 Remote Command Execution Exploit
- AdaptCMS Lite 1.4 (XSS/RFI) Multiple Remote Vulnerabilities
- SnippetMaster Webpage Editor 2,2,2 (RFI/XSS) Multiple Vulnerabilities
- FlexCMS (catId) Remote SQL Injection Vulnerability
- ZeroBoardXE 1.1.5 (09.01.22) XSS Vulnerability
- Yet Another NOCC <= 0.1.0 Local File Inclusion Vulnerability
- Squid < 3.1 5 HTTP Version Number Parsing Denial of Service Exploit
- 3Com OfficeConnect Wireless Cable/DSL Router Authentication Bypass
- ZeroShell <= 1.0beta11 Remote Code Execution Vulnerability
- TightVNC Authentication Failure Integer Overflow PoC
- webframe 0.76 Multiple File Inclusion Vulnerabilities
- WB News 2.1.1 config[installdir] Remote File Inclusion Vulnerability
- Gaeste 1.6 (gastbuch.php) Remote File Disclosure Vulnerability
- Hedgehog-CMS 1.21 (LFI) Remote Command Execution Exploit
- Thyme <= 1.3 (export_to) Local File Inclusion Vulnerability
- Papoo CMS 3.x (pfadhier) Local File Inclusion Vulnerability
- q-news 2.0 Remote Command Execution Exploit
- Potato News 1.0.0 (user) Local File Inclusion Vulnerability
- AuthPhp 1.0 (Auth Bypass) SQL Injection Vulnerability
- Mynews 0_10 (Auth Bypass) SQL Injection Vulnerability
- BlueBird Pre-Release (Auth Bypass) SQL Injection Vulnerability
- Fluorine CMS 0.1 rc 1 FD / SQL Injection Command Execution Exploit
- ProFTPd with mod_mysql Authentication Bypass Vulnerability
- TYPO3 < 4.0.12/4.1.10/4.2.6 (jumpUrl) Remote File Disclosure Exploit
- SkaDate Online 7 Remote Shell Upload Vulnerability
- Graugon Gallery 1.0 (XSS/SQL/Cookie Bypass) Remote Vulnerabilities
- GeoVision Digital Video Surveillance System (geohttpserver) DT Vuln
- Dacio's CMS 1.08 (XSS/SQL/DD) Multiple Remote Vulnerabilities
- Bloggeruniverse v2Beta (editcomments.php id) SQL Injection Exploit
- Den Dating 9.01(searchmatch.php) SQL Injection Vulnerability
- InselPhoto 1.1 (query) Remote SQL Injection Exploit
- PHP Krazy Image Host Script 1.01 (viewer.php id) SQL Injection Vuln
- Free Joke Script 1.0 Auth Bypass / SQL Injection Vulnerability
- Baran CMS 1.0 Arbitrary ASP File Upload/DB/SQL/XSS/CM Vulns
- IdeaCart 0.02 (LFI/SQL) Multiple Remote Vulnerabilities
- Vlinks 1.1.6 (id) Remote SQL Injection Vulnerability
- Nokia N95-8 browser (setAttributeNode) Method Crash Exploit
- ea-gBook 0.1 Remote Command Execution with RFI (c99) Exploit
- BlogWrite 0.91 Remote FD / SQL Injection Exploit
- CmsFaethon 2.2.0 (info.php item) SQL Command Injection Exploit
- FreeBSD 7.0-RELEASE Telnet Daemon Local Privilege Escalation Exploit
- InselPhoto 1.1 Persistent XSS Vulnerability
- TPTEST <= 3.1.7 Stack Buffer Overflow PoC
- GeoVision LiveX_v8200 ActiveX (LIVEX_~1.OCX) File Corruption PoC
- Falt4 CMS RC4 (fckeditor) Arbitrary File Upload Exploit
- simplePMS CMS 0.1.3a LFI / Remote Command Execution Exploit
- PowerMovieList 0.14b (SQL/XSS) Multiple Remote Vulnerabilities
- NovaBoard 1.0.0 Multiple Remote Vulnerabilities
- MemHT Portal <= 4.0.1 (pvtmsg) Delete All Private Messages Exploit
- SAS Hotel Management System (myhotel_info.asp) SQL Injection Vuln
- YACS CMS 8.11 update_trailer.php Remote File Inclusion Vulnerability
- Enomaly ECP / Enomalism < 2.2.1 Multiple Local Vulnerabilities
- RavenNuke 2.3.0 Multiple Remote Vulnerabilities
- Grestul 1.x Auth Bypass by Cookie SQL Injection Vulnerability
- SAS Hotel Management System Remote Shell Upload Vulnerability
- S-Cms 1.1 Stable Insecure Cookie Handling / Mass Page Delete Vulns
- pHNews Alpha 1 (header.php mod) SQL Injection Vulnerability
- pHNews Alpha 1 (genbackup.php) Database Disclosure Vulnerability
- Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta)
- Firepack (admin/ref.php) Remote Code Execution Exploit
- smNews 1.0 Auth Bypass/Column Truncation Vulnerabilities
- MS Internet Explorer 7 Memory Corruption PoC (MS09-002)
- MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (xp sp2)
- MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (py)
- MS Internet Explorer 7 Memory Corruption PoC (MS09-002) (win2k3sp2)
- phpBB 3 (autopost bot mod <= 0.1.3) Remote File Include Vulnerability
- Got All Media 7.0.0.3 (t00t) Remote Denial of Service Exploit
- i-dreams Mailer 1.2 Final (admin.dat) File Disclosure Vulnerability
- i-dreams GB 5.4 Final (admin.dat) File Disclosure Vulnerability
- i-dreams GB Server (admin.dat) File Disclosure Vulnerability
- Osmodia Bulletin Board 1.x (admin.txt) File Disclosure Vulnerability
- Graugon Forum v1 (id) SQL Command Injection Exploit
- Multiple PDF Readers JBIG2 Local Buffer Overflow PoC
- Mozilla Firefox 3.0.6 (BODY onload) Remote Crash Exploit
- zFeeder 1.6 (admin.php) No Authentication Vulnerability
- pPIM 1.01 (notes.php id) Remote Command Execution Exploit
- Free Arcade Script 1.0 LFI Command Execution Exploit
- Pyrophobia 2.1.3.1 LFI Command Execution Exploit
- Optus/Huawei E960 HSDPA Router SMS XSS Attack
- MLdonkey <= 2.9.7 HTTP DOUBLE SLASH Arbitrary File Disclosure Vuln
- taifajobs <= 1.0 (jobid) Remote SQL Injection Vulnerability
- Adobe Acrobat Reader JBIG2 Local Buffer Overflow PoC #2 0day
- MDPro Module My_eGallery (pid) Remote SQL Injection Exploit
- XGuestBook 2.0 (Auth Bypass) SQL Injection Vulnerability
- Counter Strike Source ManiAdminPlugin 1.x Remote Buffer Overflow PoC
- Qwerty CMS (id) Remote SQL Injection Vulnerability
- pPIM 1.0 Multiple Remote Vulnerabilities
- Netgear WGR614v9 Wireless Router Get Request Denial of Service Vuln
- PenPal 2.0 (Auth Bypass) Remote SQL Injection Vulnerability
- Apple MACOS X xnu <= 1228.x Local Kernel Memory Disclosure Exploit
- SkyPortal Classifieds System 0.12 Contents Change Vulnerability
- SkyPortal Picture Manager 0.11 Contents Change Vulnerability
- SkyPortal WebLinks 0.12 Contents Change Vulnerability
- Golabi CMS Remote File Inclusion Vulnerability
- DesignerfreeSolutions Newsletter Manager Pro Auth Bypass Vuln
- Coppermine Photo Gallery <= 1.4.20 (BBCode IMG) Privilege Escalation
- Coppermine Photo Gallery <= 1.4.20 (IMG) Privilege Escalation Exploit
- BannerManager 0.81 (Auth Bypass) SQL Injection Vulnerability
- POP Peeper 3.4.0.0 UIDL Remote Buffer Overflow Exploit (SEH)
- Orbit <= 2.8.4 Long Hostname Remote Buffer Overflow Exploit
- SkyPortal Downloads Manager v1.1 Remote Contents Change Vuln
- Hex Workshop v6 (.HEX File) Local Code Execution Exploit
- Irokez BLog 0.7.3.2 (XSS/RFI/BSQL) Multiple Remote Vulnerabilities
- Demium CMS 0.2.1B Multiple Vulnerabilities and Exploit
- HTC Touch vCard over IP Denial of Service Exploit
- Merak Media PLayer 3.2 m3u File Local Buffer Overflow Exploit (SEH)
- BlogMan 0.45 Multiple Remote Vulnerabilities
- EZ-Blog 1b Delete All Posts / SQL Injection Vulnerabilities
- Novell eDirectory iMonitor (Accept-Language) Request BOF PoC
- Document Library 1.0.1 Arbitrary Change Admin Vulnerability
- Digital Interchange Calendar 5.7.13 Contents Change Vulnerability
- Access2asp imageLibrary Arbitrary ASP Shell Upload Vulnerability
- Graugon PHP Article Publisher 1.0 (SQL/CH) Multiple Remote Vulns
- Joomla com_digistore (pid) Blind SQL Injection Exploit
- Media Commands (M3U,M3l,TXT,LRC Files) Local Heap Overflow PoC
- Joomla/Mambo Component eXtplorer Code Execution Vulnerability
- Media Commands (m3u File) Local SEH Overwrite Exploit
- VUplayer 2.49 .CUE File Local Buffer Overflow Exploit
- RitsBlog 0.4.2 (AB/XSS) Multiple Remote Vulnerabilities
- Zabbix 1.6.2 Frontend Multiple Vulnerabilities
- BlindBlog 1.3.1 (SQL/AB/LFI) Multiple Remote Vulnerabilities
- EFS Easy Chat Server Authentication Request BOF Exploit (SEH)
- Sopcast SopCore Control (sopocx.ocx) Command Execution Exploit
- Imera ImeraIEPlugin ActiveX Control Remote Code Execution Exploit
- ghostscripter Amazon Shop (XSS/DT/RFI) Multiple Vulnerabilities
- Yaws < 1.80 (multiple headers) Remote Denial of Service Exploit
- EFS Easy Chat Server (XSRF) Change Admin Pass Vulnerability
- NovaBoard <= 1.0.1 (message) Persistent XSS Vulnerability
- Jogjacamp JProfile Gold (id_news) Remote SQL Injection Vulnerability
- MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (fast)
- EFS Easy Chat Server Authentication Request Buffer Overflow Exploit (pl)
- Easy File Sharing Web Server 4.8 File Disclosure Vulnerability
- Easy Web Password 1.2 Local Heap Memory Consumption PoC
- Winamp <= 5.541 Skin Universal Buffer Overflow Exploit
- Media Commands .m3l File Local Buffer Overflow Exploit
- SupportSoft DNA Editor Module (dnaedit.dll) Code Execution Exploit
- CelerBB 0.0.2 Multiple Remote Vulnerabilities
- Media Commands (m3u File) Universal SEH Overwrite Exploit
- Multiple Vendors libc:fts_*() Local Denial of Service Exploit
- Joomla com_ijoomla_archive Blind SQL Injection Exploit
- Blue Eye CMS <= 1.0.0 Remote Cookie SQL Injection Vulnerability
- Wili-CMS 0.4.0 (RFI/LFI/AB) Multiple Remote Vulnerabilities
- isiAJAX v1 (praises.php id) Remote SQL Injection Vulnerability
- OneOrZero Helpdesk <= 1.6.5.7 Local File Inclusion Vulnerability
- nForum 1.5 Multiple Remote SQL Injection Vulnerabilities
- Nokia Multimedia Player 1.0 (playlist) Universal SEH Overwrite Exploit
- CMS S.Builder <= 3.7 Remote File Inclusion Vulnerability
- Belkin BullDog Plus UPS-Service Buffer Overflow Exploit
- Realtek Sound Manager 1.15.0.0 PlayList SEH Overwrite Exploit
- mks_vir 9b < 1.2.0.0b297 (mksmonen.sys) Privilege Escalation Exploit
- EO Video v1.36 PlayList SEH Overwrite Exploit
- RadASM 2.2.1.5 (.RAP File) Local Stack Overflow Exploit
- MediaCoder 0.6.2.4275 (m3u File) Universal Stack Overflow Exploit
- MediaCoder 0.6.2.4275 Universal Buffer Overflow Exploit (SEH)
- eZip Wizard 3.0 Local Stack Buffer Overflow PoC (SEH)
- PHP Director <= 0.21 (sql into outfile) eval() Injection Exploit
- PHPRecipeBook 2.24 (base_id) Remote SQL Injection Vulnerability
- Woltlab Burning Board 3.0.x Multiple Remote Vulnerabilities
- CS-Cart 2.0.0 Beta 3 (product_id) SQL Injection Vulnerability
- phpCommunity 2.1.8 (SQL/DT/XSS) Multiple Vulnerabilities
- PHP-Fusion Mod Book Panel (bookid) SQL Injection Vulnerability
- Addonics NAS Adapter Post-Auth Denial of Service Exploit
- CMS WEBjump! Multiple SQL Injection Vulnerabilities
- VUPlayer <= 2.49 .cue File Universal Buffer Overflow Exploit
- IBM Director <= 5.20.3su2 CIM Server Remote DoS Vulnerability
- NextApp Echo < 2.1.1 XML Injection Vulnerability
- RainbowPlayer 0.91 (playlist) Universal SEH Overwrite Exploit
- PHP-Fusion Mod Book Panel (course_id) SQL Injection Vulnerability
- WeBid <= 0.7.3 RC9 Multiple Remote File Inclusion Vulnerabilities
- Wordpress MU < 2.7 'HOST' HTTP Header XSS Vulnerability
- Joomla Djice Shoutbox 1.0 Permanent XSS Vulnerability
- RoomPHPlanning <= 1.6 (userform.php) Create Admin User Exploit
- GuildFTPd FTP Server 0.999.14 Remote Delete Files Exploit
- Foxit Reader 3.0 (<= Build 1301) PDF Buffer Overflow Exploit (Univ.)
- Traidnt up 2.0 (Cookie) Add Extension By Pass Exploit
- POP Peeper 3.4.0.0 Date Remote Buffer Overflow Exploit
- PhpMySport 1.4 (XSS/SQL) Multiple Remote Vulnerabilities
- JDKChat 1.5 Remote Integer Overflow PoC
- GeoVision LiveAudio ActiveX Remote Freed-Memory Access Exploit
- YAP 1.1.1 (index.php page) Local File Inclusion Vulnerability
- Morovia Barcode ActiveX 3.6.2 (MrvBarCd.dll) Insecure Method Exploit
- Kim Websites 1.0 (Auth Bypass) SQL Injection Vulnerability
- UBB.threads 5.5.1 (message) Remote SQL Injection Vulnerability
- Serv-U 7.4.0.1 (MKD) Create Arbitrary Directories Exploit
- Serv-U 7.4.0.1 (SMNT) Denial of Service Exploit (post auth)
- VLC 0.9.8a Web UI (input) Remote Denial of Service Exploit
- Rosoft Media Player 4.2.1 Local Buffer Overflow Exploit (multi target)
- PPLive <= 1.9.21 (/LoadModule) URI Handlers Argument Injection Vuln
- Beerwin's PHPLinkAdmin 1.0 RFI/SQL Injection Vulnerabilities
- YAP 1.1.1 Blind SQL Injection/SQL Injection Vulnerabilities
- Mozilla Firefox 3.0.7 OnbeforeUnLoad DesignMode Dereference Crash
- phpComasy 0.9.1 (entry_id) SQL Injection Vulnerability
- WinAsm Studio 5.1.5.0 Local Heap Overflow PoC
- Gretech GOM Encoder 1.0.0.11 (Subtitle File) Buffer Overflow PoC
- PHPRunner 4.2 (SearchOption) Blind SQL Injection Vulnerability
- Talkative IRC 0.4.4.16 Remote Stack Overflow Exploit (SEH)
- GDL 4.x (node) Remote SQL Injection Vulnerability
- Wordpress Plugin fMoblog 2.1 (id) SQL Injection Vulnerability
- Mega File Hosting Script 1.2 (cross.php url) RFI Vulnerability
- CDex 1.70b2 (.ogg) Local Buffer Overflow Exploit (xp/ sp3)
- Chasys Media Player 1.1 (.pls) Local Buffer Overflow PoC (SEH)
- Chasys Media Player 1.1 (.pls) Local Stack overflow Exploit
- Chasys Media Player 1.1 (.pls) Stack Overflow Exploit #2
- Chasys Media Player 1.1 (.m3u) Stack Overflow Exploit
- Icarus 2.0 (.PGN File) Local Stack Overflow Exploit (SEH)
- Facil-CMS 0.1RC2 Multiple Remote Vulnerabilities
- Advanced Image Hosting (AIH) 2.3 (gal) Blind SQL Injection Vuln
- Pivot 1.40.6 Remote Arbitrary File Deletion Vulnerability
- DeluxeBB <= 1.3 (qorder) Remote SQL Injection Vulnerability
- ModSecurity < 2.5.9 Remote Denial of Service Vulnerability
- Chasys Media Player 1.1 .cue File Stack Overflow Exploit
- Bloginator v1a (Cookie Bypass/SQL) Multiple Remote Vulnerabilities
- Bloginator v1a SQL Command Injection via Cookie Bypass Exploit
- SW-HTTPD Server 0.x Remote Denial of Service Exploit
- Chasys Media Player (.lst playlist) Local Buffer Overflow Exploit
- Hannon Hill Cascade Server Command Execution Vulnerability (post auth)
- POP Peeper 3.4.0.0 (From) Remote Buffer Overflow Exploit (SEH)
- BS.Player <= 2.34 Build 980 (.bsl) Local Buffer Overflow Exploit (SEH)
- CloneCD/DVD (ElbyCDIO.sys < 6.0.3.2) Local Privilege Escalation Exploit
- BS.Player 2.34 (.bsl) Universal SEH Overwrite Exploit
- Pixie CMS (XSS/SQL) Multiple Remote Vulnerabilities
- Racer 0.5.3b5 Remote Stack Buffer Overflow Exploit
- WBB3 rGallery 1.2.3 (UserGallery) Blind SQL Injection Exploit
- SuperNews 1.5 (valor.php noticia) SQL Injection Vulnerability
- Sysax Multi Server 4.3 Remote Arbitrary Delete Files Exploit
- Orbit Downloader 2.8.7 Arbitrary File Deletion Vulnerability
- X-BLC 0.2.0 (get_read.php section) SQL Injection Vulnerability
- FreeBSD 7.x (Dumping Environment) Local Kernel Panic Exploit
- Gigaset SE461 WiMAX router Remote Denial of Service Vulns
- FreeBSD 7.0/7.1 (ktimer) Local Kernel Root Exploit
- Mac OS X xnu <= 1228.3.13 (zip-notify) Remote Kernel Overflow PoC
- Mac OS X xnu <= 1228.3.13 (macfsstat) Local Kernel Memory Leak/DoS
- Mac OS X xnu <= 1228.3.13 (profil) Kernel Memory Leak/DoS PoC
- Mac OS X xnu <=1228.x (vfssysctl) Local Kernel DoS PoC
- Mac OS X xnu <= 1228.x (hfs-fcntl) Local Kernel Root Exploit
- Zinf Audio Player 2.2.1 (.pls) Universal Seh Overwrite Exploit
- PHPizabi v0.848b C1 HFP1-3 Remote Command Execution Exploit
- Rittal CMC-TC Processing Unit II Multiple Vulnerabilities
- eXeScope 6.50 Local Buffer Overflow Exploit
- Pluck CMS 4.6.1 (module_pages_site.php post) LFI Exploit
- Codice CMS 2 Remote SQL Command Execution Exploit
- Telnet-Ftp Service Server v1.x Multiple Vulnerabilities (post auth)
- POP Peeper 3.4.0.0 .eml file Universal SEH Overwrite Exploit
- POP Peeper 3.4.0.0 .html file Universal SEH Overwrite Exploit
- Syzygy CMS 0.3 LFI/SQL Command Injection Exploit
- Free Arcade Script 1.0 Auth Bypass (SQL) / Upload Shell Vulnerabilities
- Jinzora Media Jukebox <= 2.8 (name) Local File Inclusion Vulnerability
- PHPizabi v0.848b C1 HFP1 Remote Privilege Escalation Vulnerability
- Adobe Acrobat Reader JBIG2 Universal Exploit Bind Shell port 5500
- Microsoft GdiPlus EMF GpFont.SetData Integer Overflow PoC
- SurfMyTV Script 1.0 (view.php id) SQL Injection Vulnerability
- Femitter FTP Server 1.x Multiple Vulnerabilities (post auth)
- IncrediMail 5.86 (XSS) Script Execution Exploit
- Mozilla Firefox XSL Parsing Remote Memory Corruption PoC 0day
- PHPizabi v0.848b C1 HFP1-3 Remote Arbitrary File Upload Exploit
- WeBid 0.7.3 RC9 (upldgallery.php) Remote File Upload Vulnerability
- PhotoStand 1.2.0 Remote Command Execution Exploit
- blogplus 1.0 Multiple Local File Inclusion Vulnerabilities
- Acute Control Panel 1.0.0 (SQL/RFI) Multiple Remote Vulnerabilities
- Simply Classified 0.2 (category_id) SQL Injection Vulnerability
- Free PHP Petition Signing Script (Auth Bypass) SQL Injection Vuln
- XM Easy Personal FTP Server <= 5.7.0 (NLST) DoS Exploit
- FreeSSHd 1.2.1 (rename) Remote Buffer Overflow Exploit (SEH)
- Arcadwy Arcade Script (username) Static XSS Vulnerability
- Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure Vulnerability
- My Simple Forum 7.1 (LFI) Remote Command Execution Exploit
- Abee Chm Maker 1.9.5 (CMP File) Stack overflow Exploit
- PowerCHM 5.7 (hhp File) Stack Overflow poC
- PowerCHM 5.7 (hhp) Local Buffer Overflow Exploit
- glFusion <= 1.1.2 COM_applyFilter()/order SQL Injection Exploit
- pam-krb5 < 3.13 Local Privilege Escalation Exploit
- Arcadwy Arcade Script (Auth Bypass) Insecure Cookie Handling Vuln
- iWare CMS 5.0.4 Multiple Remote SQL Injection Vulnerabilities
- Firefox 3.0.x (XML Parser) Memory Corruption / DoS PoC
- Diskos CMS Manager (SQL/DB/Auth Bypass) Multiple Vulnerabilities
- Wireshark <= 1.0.6 PN-DCP Format String Exploit PoC
- BandSite CMS 1.1.4 (members.php memid) SQL Injection Vulnerability
- Sami HTTP Server 2.x (HEAD) Remote Denial of Service Exploit
- Abee Chm eBook Creator 2.11 (FileName) Local Stack Overflow Exploit
- AtomixMP3 <= 2.3 (playlist) Universal SEH Overwrite Exploit
- Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow
- Amaya 11.1 W3C Editor/Browser (defer) Stack Overflow PoC
- Gravy Media CMS 1.07 Multiple Remote Vulnerabilities
- NOKIA Siemens FlexiISN 3.1 Multiple Auth Bypass Vulnerabilities
- X-Forum 0.6.2 Remote Command Execution Exploit
- JobHut <= 1.2 (pk) Remote SQL Injection Vulnerability
- Family Connection 1.8.1 Multiple Remote Vulnerabilities
- Opera 9.64 (7400 nested elements) XML Parsing Remote Crash Exploit
- Amaya 11.1 W3C Editor/Browser (defer) Stack Overflow Exploit
- Trend Micro Internet Security Pro 2009 Priviliege Escalation PoC
- Community CMS 0.5 Multiple SQL Injection Vulnerabilities
- Podcast Generator <= 1.1 Remote Code Execution Exploit
- Safari 3.2.2/4b (nested elements) XML Parsing Remote Crash Exploit
- VirtueMart <= 1.1.2 Remote SQL Injection Exploit (meta)
- VirtueMart <= 1.1.2 Multiple Remote Vulnerabilities
- webEdition <= 6.0.0.4 (WE_LANGUAGE) Local File Inclusion Vulnerability
- JobHut 1.2 Remote Password Change/Delete/Activate User Vulnerability
- PHPRecipeBook 2.39 (course_id) Remote SQL Injection Vulnerability
- vsp stats processor 0.45 (gamestat.php gameID) SQL Injection Vuln
- PrecisionID Datamatrix ActiveX Arbitrary File Overwrite Vuln
- Sun Calendar Express Web Server (DoS/XSS) Multiple Remote Vulns
- Koschtit Image Gallery 1.82 Multiple Local File Inclusion Vulnerabilities
- DeepBurner 1.9.0.228 Stack Buffer Overflow (SEH) PoC
- Oracle WebLogic IIS connector JSESSIONID Remote Overflow Exploit
- XBMC 8.10 (GET Requests) Multiple Remote Buffer Overflow PoC
- XBMC 8.10 (Get Request) Remote Buffer Overflow Exploit (win)
- XBMC 8.10 (takescreenshot) Remote Buffer Overflow Exploit
- XBMC 8.10 (get tag from file name) Remote Buffer Overflow Exploit
- MyioSoft Ajax Portal 3.0 (page) SQL Injection Vulnerability
- TinyPHPForum 3.61 File Disclosure / Code Execution Vulnerabilities
- UltraISO <= 9.3.3.2685 CCD/IMG Universal Buffer Overflow Exploit
- IBM DB2 < 9.5 pack 3a Malicious Connect Denial of Service Exploit
- IBM DB2 < 9.5 pack 3a Malicious Data Stream Denial of Service Exploit
- ActiveKB Knowledgebase (loadpanel.php Panel) Local File Inclusion Vuln
- glFusion <= 1.1.2 COM_applyFilter()/cookies Blind SQL Injection Exploit
- form2list (page.php id) Remote SQL Injection Vulnerability
- Family Connections <= 1.8.2 Remote Shell Upload Exploit
- Gravity Board X 2.0b SQL Injection / Post Auth Code Execution
- AdaptBB 1.0 (topic_id) SQL Injection / Credentials Disclosure Exploit
- Amaya 11.1 XHTML Parser Remote Buffer Overflow PoC
- Joomla Component com_bookjoomlas 0.1 SQL Injection Vulnerability
- XBMC 8.10 GET Request Remote Buffer Overflow Exploit (SEH) (univ)
- FlexCMS Calendar (ItemId) Blind SQL Injection Vulnerability
- Mozilla Firefox XSL Parsing Remote Memory Corruption PoC #2
- iDB 0.2.5pa SVN 243 (skin) Local File Inclusion Exploit
- UltraISO <= 9.3.3.2685 .ui Off By One / Buffer Overflow PoC
- Pirelli Discus DRG A225 wifi router WPA2PSK Default Algorithm Exploit
- Unsniff Network Analyzer 1.0 (usnf) Local Heap Overflow PoC
- Family Connections CMS <= 1.8.2 Blind SQL Injection Vulnerability
- Lanius CMS <= 0.5.2 Remote Arbitrary File Upload Exploit
- XBMC 8.10 (HEAD) Remote Buffer Overflow Exploit (SEH)
- SASPCMS 0.9 Multiple Remote Vulnerabilities
- Joomla Component Maian Music 1.2.1 (category) SQL Injection Vuln
- Joomla Component MailTo (article) SQL Injection Vulnerability
- Joomla Component Cmimarketplace (viewit) Directory Traversal Vuln
- peterConnects Web Server Traversal Arbitrary File Access Vulnerability
- Linux Kernel < 2.6.29 exit_notify() Local Privilege Escalation Exploit
- GOM Player 2.1.16.6134 Subtitle Local Buffer Overflow PoC
- OTSTurntables 1.00.027 (.m3u/.ofl file) Universal BOF Exploit
- Photo Graffix 3.4 Multiple Remote Vulnerabilities
- Xplode CMS (wrap_script) Remote SQL Injection Vulnerability
- WebFileExplorer 3.1 (DB.MDB) Database Disclosure Vulnerability
- Geeklog <= 1.5.2 SEC_authenticate() SQL Injection Exploit
- Exjune Guestbook v2 Remote Database Disclosure Exploit
- SWF Opener 1.3 (.swf File) Off By One Buffer Overflow PoC
- BackendCMS 5.0 (main.asp id) SQL Injection Vulnerability
- Simbas CMS 2.0 (Auth Bypass) SQL Injection Vulnerability
- WebFileExplorer 3.1 (Auth Bypass) SQL Injection Vulnerability
- AdaptBB 1.0b Multiple Remote Vulnerabilities
- net2ftp <= 0.97 Cross-Site Scripting/Request Forgery Vulnerabilities
- My Dealer CMS 2.0 (Auth Bypass) SQL Injection Vulnerability
- Absolute Form Processor XE-V 1.5 (Auth Bypass) SQL Injection Vuln
- Dynamic Flash Forum 1.0 Beta Multiple Remote Vulnerabilities
- PHP-Agenda <= 2.2.5 Remote File Overwriting Vulnerabilities
- Loggix Project 9.4.5 (refer_id) Blind SQL Injection Vulnerability
- Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow PoC
- Chance-i DiViS-Web DVR System ActiveX Control Heap Overflow PoC
- Chance-i DiViS DVR System Web-server Directory Traversal Vulnerability
- Cisco ASA/PIX Appliances Fail to Properly Check Fragmented TCP Packets
- moziloCMS 1.11 (LFI/PD/XSS) Multiple Remote Vulnerabilities
- Redaxscript 0.2.0 (language) Local File Inclusion Vulnerability
- w3bcms Gaestebuch 3.0.0 Blind SQL Injection Exploit
- FunkyASP AD System 1.1 Remote Shell Upload Vulnerability
- ftpdmin 0.96 RNFR Remote Buffer Overflow Exploit (xp sp3/case study)
- Flatnuke <= 2.7.1 (level) Remote Privilege Escalation Exploit
- HTML Email Creator <= 2.1b668 (html) Local SEH Overwrite Exploit
- Mini-stream Ripper (.M3U File) Local Stack Overflow PoC
- WM Downloader (.M3U File) Local Stack Overflow PoC
- RM Downloader (.M3U File) Local Stack Overflow PoC
- Mini-stream RM-MP3 Converter (.M3U File) Local Stack Overflow PoC
- OpenBSD <= 4.5 (IP datagrams) Remote DOS Vulnerability
- ASX to MP3 Converter (.M3U File) Local Stack Overflow PoC
- X10Media Mp3 Search Engine < 1.6.2 Admin Access Vulnerability
- Yellow Duck Weblog 2.1.0 (lang) Local File Inclusion Vulnerability
- RM Downloader 3.0.0.9 .m3u Universal Stack Overflow Exploit
- WM Downloader 3.0.0.9 .m3u Universal Stack Overflow Exploit
- ASX to MP3 Converter 3.0.0.7 .m3u Universal Stack Overflow Exploit
- Mini-stream RM-MP3 Converter 3.0.0.7 .m3u Stack Overflow Exploit
- XEngineSoft PMS/MGS/NM/AMS 1.0 (Auth Bypass) SQL Injection Vulns
- FreznoShop 1.3.0 (id) Remote SQL Injection Vulnerability
- Mini-stream Ripper 3.0.1.1 .m3u Universal Stack Overflow Exploit
- e107 Plugin userjournals_menu (blog.id) SQL Injection Vulnerability
- ASP Product Catalog 1.0 (XSS/DD) Multiple Remote Exploits
- ftpdmin 0.96 Arbitrary File Disclosure Exploit
- BulletProof FTP Client 2009 (.bps) Buffer Overflow Exploit (SEH)
- Steamcast (HTTP Request) Remote Buffer Overflow Exploit (SEH) [1]
- Steamcast (HTTP Request) Remote Buffer Overflow Exploit (SEH) [2]
- Jamroom (index.php t) Local File Inclusion Vulnerability
- AbleSpace 1.0 (XSS/BSQL) Multiple Remote Vulnerabilities
- PHP-Revista 1.1.2 (RFI/SQLi/CB/XSS) Multiple Remote Vulnerabilities
- Shadow Stream Recorder (.m3u file) Universal Stack Overflow Exploit
- Easy RM to MP3 Converter Universal Stack Overflow Exploit
- MonGoose 2.4 Webserver Directory Traversal Vulnerability (win)
- Steamcast 0.9.75b Remote Denial of Service Exploit
- OpenBSD <= 4.5 IP datagram Null Pointer Deref DoS Exploit
- GuestCal 2.1 (index.php lang) Local File Inclusion Vulnerability
- Aqua CMS (username) SQL Injection Vulnerability
- RQMS (Rash) <= 1.2.2 Multiple SQL Injection Vulnerabilities
- PowerCHM 5.7 (Long URL) Local Stack Overflow PoC
- W2B phpEmployment (conf.inc) File Disclosure VUlnerability
- Job2C 4.2 (profile) Remote Shell Upload Vulnerability
- phpAdBoard (conf.inc) Remote Config File Disclosure Vulnerability
- phpGreetCards (conf.inc) Config File Disclosure Vulnerability
- W2B Restaurant 1.2 (conf.inc) Config File Disclosure Vulnerability
- phpAdBoardPro (config.inc) Config File Disclosure Vulnerability
- phpDatingClub (conf.inc) File Disclosure Vulnerability
- Job2C (conf.inc) Config File Disclosure Vulnerability
- Job2C 4.2 (adtype) Local File Inclusion Vulnerability
- Star Downloader Free <= 1.45 (.dat) Universal SEH Overwrite Exploit
- MS Windows Media Player (.mid File) Integer Overflow PoC
- FreeWebshop.org 2.2.9 RC2 (lang_file) Local File Inclusion Vulnerability
- Zervit Webserver 0.02 Remote Buffer Overflow PoC
- Geeklog <= 1.5.2 savepreferences()/*blocks[] SQL Injection Exploit
- NetHoteles 2.0/3.0 (Auth Bypass) SQL Injection Vulnerability
- Online Password Manager 4.1 Insecure Cookie Handling Vulnerability
- Apollo 37zz (M3u File) Local Heap Overflow PoC
- Elecard AVC HD Player .XPL Stack Buffer Overflow (SEH) PoC
- webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing Vulnerability
- DNS Tools (PHP Digger) Remote Command Execution Vuln
- cpCommerce 1.2.8 (id_document) Blind SQL Injection Vulnerability
- Oracle APEX 3.2 Unprivileged DB users can see APEX password hashes
- NetHoteles 3.0 (ficha.php) SQL Injection Vulnerability
- Apache Geronimo <= 2.1.3 Multiple Directory Traversal Vulnerabilities
- eLitius 1.0 (manage-admin.php) Add Admin/Change Password Exploit
- SMA-DB 0.3.13 Multiple Remote File Inclusion Vulnerabilities
- chCounter 3.1.3 (Login Bypass) SQL Injection Vulnerability
- MagicISO CCD/Cue Local Heap Overflow Exploit PoC
- Zervit Webserver 0.02 Remote Directory Traversal Vulnerability
- Tiny Blogr 1.0.0 rc4 (Auth Bypass) SQL Injection Vulnerability
- Microsoft Media Player (quartz.dll .mid) Denial of Service Exploit
- Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC
- Microsoft Media Player (quartz.dll .wav) Multiple Remote DoS Vulns
- Limbo CMS 1.0.4.2 CSRF Privilege Escalation PoC
- XRDP <= 0.4.1 Remote Buffer Overflow PoC (pre-auth)
- cTorrent/DTorrent (.Torrent File) Buffer Overflow Exploit
- ClanTiger < 1.1.1 Multiple Cookie Handling Vulnerabilities
- ClanTiger <= 1.1.1 (Auth Bypass) SQL Injection Vulnerability
- ClanTiger <= 1.1.1 (slug) Blind SQL Injection Exploit
- e-cart.biz Shopping Cart Arbitrary File Upload Vulnerability
- Online Guestbook Pro (display) Blind SQL Injection Vulnerability
- Online Email Manager Insecure Cookie Handling Vulnerability
- Hot Project v7 (Auth Bypass) SQL Injection Vulnerability
- Linux Kernel 2.6 UDEV Local Privilege Escalation Exploit
- MS Internet Explorer EMBED Memory Corruption PoC (MS09-014)
- Multi-lingual E-Commerce System 0.2 Multiple Remote Vulnerabilities
- Studio Lounge Address Book 2.5 (profile) Shell Upload Vulnerability
- Seditio CMS Events Plugin (c) Remote SQL Injection Vulnerability
- Flatnux 2009-03-27 (Upload/ID) Multiple Remote Vulnerabilities
- 1by1 1.67 (.m3u File) Local Stack Overflow PoC
- Groovy Media Player 1.1.0 (.m3u File) Local Stack Overflow PoC
- webClassifieds 2005 (Auth Bypass) Insecure Cookie Handling Vuln
- EZ Webitor (Auth Bypass) SQL Injection Vulnerability
- Pligg 9.9.0 (editlink.php id) Blind SQL Injection Exploit
- CoolPlayer Portable 2.19.1 (.m3u File) Local Stack Overflow PoC
- Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth)
- WysGui CMS 1.2b (Insecure Cookie Handling) Blind SQL Injection Exploit
- WB News 2.1.2 Insecure Cookie Handling Vulnerability
- FunGamez rc1 (AB/LFI) Multiple Remote Vulnerabilities
- TotalCalendar 2.4 (inc_dir) Remote File Inclusion Vulnerability
- e107 <= 0.7.15 (extended_user_fields) Blind SQL Injection Exploit
- TotalCalendar 2.4 Remote Password Change Exploit
- Creasito e-Commerce 1.3.16 (Auth Bypass) SQL Injection Vuln
- eLitius 1.0 Arbitrary Database Backup Exploit
- Dokeos LMS <= 1.8.5 (whoisonline.php) PHP Code Injection Exploit
- Zervit Webserver 0.3 Remote Denial Of Service Exploit
- CRE Loaded 6.2 (products_id) SQL Injection Vulnerability
- PastelCMS 0.8.0 (LFI/SQL) Multiple Remote Vulnerabilities
- TotalCalendar 2.4 (include) Local File Inclusion Vulnerability
- NotFTP 1.3.1 (newlang) Local File Inclusion Vulnerability
- Quick.Cms.Lite 0.5 (id) Remote SQL Injection Vulnerability
- VS PANEL 7.3.6 (Cat_ID) Remote SQL Injection Vulnerability
- Oracle RDBMS 10.2.0.3/11.1.0.6 TNS Listener PoC (CVE-2009-0991)
- I-Rater Pro/Plantinum v4 (Auth Bypass) SQL Injection Vulnerability
- Studio Lounge Address Book 2.5 Authentication Bypass Vulnerability
- MixedCMS 1.0b (LFI/SU/AB/FD) Multiple Remote Vulnerabilities
- Xitami Web Server <= 5.0 Remote Denial of Service Exploit
- Counter Strike Source ManiAdminPlugin v2 Remote Crash Exploit
- Dokeos LMS <= 1.8.5 (include) Remote Code Execution Exploit
- elkagroup Image Gallery 1.0 Arbitrary File Upload Vulnerability
- 5 star Rating 1.2 (Auth Bypass) SQL Injection Vulnerability
- WebPortal CMS 0.8b Multiple Remote/Local File Inclusion Vulnerabilities
- Joomla Component rsmonials Remote Cross Site Scxripting Exploit
- Femitter FTP Server 1.03 Arbitrary File Disclosure Exploit
- CoolPlayer Portable 2.19.1 (m3u) Buffer Overflow Exploit
- CoolPlayer Portable 2.19.1 (m3u) Buffer Overflow Exploit #2
- FOWLCMS 1.1 (AB/LFI/SU) Multiple Remote Vulnerabilities
- Zervit HTTP Server <= 0.3 (sockets++ crash) Remote Denial of Service
- Norton Ghost Support module for EasySetup wizard Remote DoS PoC
- Home Web Server <= r1.7.1 (build 147) Gui Thread-Memory Corruption
- Dream FTP Server 1.02 (users.dat) Arbitrary File Disclosure Exploit
- Popcorn 1.87 Remote Heap Overflow Exploit PoC
- CoolPlayer Portable 2.19.1 (Skin) Buffer Overflow Exploit
- Absolute Form Processor XE-V 1.5 (auth Bypass) SQL Injection Vuln
- Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln
- Absolute Form Processor XE-V 1.5 Remote Change Pasword Exploit
- SDP Downloader v2.3.0 (.ASX File) Local Heap Overflow PoC
- Photo-Rigma.BiZ v30 (SQL/XSS) Multiple Remote Vulnerabilities
- Pragyan CMS 2.6.4 Multiple SQL Injection Vulnerabilities
- libvirt_proxy <= 0.5.1 Local Privilege Escalation Exploit
- Destiny Media Player 1.61 (.rdl) Local Buffer Overflow Exploit
- SDP Downloader 2.3.0 (.ASX) Local Buffer Overflow Exploit (SEH)
- dWebPro 6.8.26 (DT/FD) Multiple Remote Vulnerabilities
- Invision Power Board 3.0.0b5 Active XSS & Path Disclosure Vulns
- Opencart 1.1.8 (route) Local File Inclusion Vulnerability
- SDP Downloader 2.3.0 (.ASX) Local Buffer Overflow Exploit (SEH) #2
- Zoom Player Pro v.3.30 .m3u File Buffer Overflow Exploit (seh)
- Icewarp Merak Mail Server 9.4.1 Base64FileEncode() BOF PoC
- LightBlog <= 9.9.2 (register.php) Remote Code Execution Exploit
- iodined <= 0.4.2-2 (forged DNS packet) Denial of Service Exploit
- DEW-NEWphpLinks 2.0 (LFI/XSS) Multiple Remote Vulnerabilities
- Thickbox Gallery v2 (index.php ln) Local File Inclusion Vulnerability
- EZ-Blog Beta2 (category) Remote SQL Injection Vulnerability
- ECShop 2.5.0 (order_sn) Remote SQL Injection Vulnerability
- Flatchat 3.0 (pmscript.php with) Local File Inclusion Vulnerability
- Teraway LinkTracker 1.0 Insecure Cookie Handling Vulnerability
- Teraway FileStream 1.0 Insecure Cookie Handling Vulnerability
- Teraway LiveHelp 2.0 Insecure Cookie Handling Vulnerability
- Teraway LinkTracker 1.0 Remote Password Change Exploit
- Belkin Bulldog Plus HTTP Server Remote Buffer Overflow Exploit
- ABC Advertise 1.0 Admin Password Disclosure Vulnerability
- Linux Kernel 2.6.x SCTP FWD Memory Corruption Remote Exploit
- VisionLMS 1.0 (changePW.php) Remote Password Change Exploit
- MIM: InfiniX 1.2.003 Multiple SQL Injection Vulnerabilities
- webSPELL <= 4.2.0d Local File Disclosure Exploit (.c linux)
- Autodesk IDrop ActiveX Remote Code Execution Exploit
- Quick 'n Easy Web Server 3.3.5 Arbitrary File Disclosure Exploit
- Symantec Fax Viewer Control 10 (DCCFAXVW.DLL) Remote BOF Exploit
- eLitius 1.0 (banner-details.php id) SQL Injection Vulnerability
- Baby Web Server 2.7.2.0 Arbitrary File Disclosure Exploit
- ProjectCMS 1.0b (index.php sn) Remote SQL Injection Vulnerability
- S-Cms 1.1 Stable (page) Local File Inclusion Vulnerability
- Zubrag Smart File Download 1.3 Arbitrary File Download Vulnerability
- mpegable Player 2.12 (YUV File) Local Stack Overflow PoC
- Adobe Reader 8.1.4/9.1 GetAnnots() Remote Code Execution Exploit
- Adobe 8.1.4/9.1 customDictionaryOpen() Code Execution Exploit
- Tiger DMS (Auth Bypass) Remote SQL Injection Vulnerability
- Linux Kernel 2.6 UDEV < 141 Local Privilege Escalation Exploit
- Google Chrome 1.0.154.53 (Null Pointer) Remote Crash Exploit
- Leap CMS 0.1.4 (searchterm) Blind SQL Injection Exploit
- Leap CMS 0.1.4 (SQL/XSS/SU) Multiple Remote Vulnerabilities
- Mercury Audio Player 1.21 (.M3U File) Local Stack Overflow PoC
- BaoFeng ActiveX OnBeforeVideoDownload() Remote BOF Exploit
- Mercury Audio Player 1.21 (.b4s) Local Stack Overflow Exploit
- Multiple Vendor PF Null Pointer Dereference Vulnerability
- Mercury Audio Player 1.21 (.pls) SEH Overwrite Exploit
- Mercury Audio Player 1.21 (.m3u) Local Stack Overflow Exploit
- Addonics NAS Adapter FTP Remote Denial of Service Exploit
- Golabi CMS <= 1.0.1 Session Poisoning Vulnerability
- MiniTwitter 0.2b Multiple SQL Injection Vulnerabilities
- MiniTwitter 0.2b Remote User Options Changer Exploit
- Beatport Player 1.0.0.283 (.M3U File) Local Buffer Overflow PoC
- RM Downloader (.smi File) Local Stack Overflow Exploit
- Beatport Player 1.0.0.283 (.m3u) Local SEH Overwrite Exploit
- Beatport Player 1.0.0.283 (.M3U File) Local Stack Overflow Exploit #2
- Beatport Player 1.0.0.283 (.M3U File) Local Stack Overflow Exploit #3
- pecio cms 1.1.5 (index.php language) Local File Inclusion Vulnerability
- RM Downloader (.smi File) Universal Local Buffer Overflow Exploit
- Adobe Acrobat Reader 8.1.2 – 9.0 getIcon() Memory Corruption Exploit
- Winn ASP Guestbook 1.01b Remote Database Disclosure Exploit
- Solaris 10 / OpenSolaris (dtrace) Local Kernel Denial of Service PoC
- Solaris 10 / OpenSolaris (fasttrap) Local Kernel Denial of Service PoC
- AGTC MyShop 3.2 Insecure Cookie Handling Vulnerability
- BluSky CMS (news_id) Remote SQL Injection Vulnerability
- EW-MusicPlayer 0.8 (.m3u file) Local Buffer Overflow PoC
- Qt quickteam Multiple Remote File Inclusion Vulnerabilities
- eLitius 1.0 Remote Command Execution Exploit
- PHP Site Lock 2.0 Insecure Cookie Handling Vulnerability
- Million Dollar Text Links 1.0 Arbitrary Auth Bypass Vulnerability
- Quick 'n Easy Mail Server 3.3 (Demo) Remote Denial of Service PoC
- Bmxplay 0.4.4b (.BMX File) Local Buffer Overflow PoC
- ProjectCMS 1.1b Multiple Remote Vulnerabilities
- Uguestbook 1.0b (guestbook.mdb) Arbitrary Database Disclosure Exploit
- Ublog access version Arbitrary Database Disclosure Exploit
- 32bit FTP (09.04.24) Banner Remote Buffer Overflow PoC
- Grabit <= 1.7.2 Beta 3 (.nzb) Local Buffer Overflow Exploit (SEH)
- 32bit FTP (09.04.24) (CWD response) Remote Buffer Overflow Exploit
- 32bit FTP (09.04.24) (Banner) Remote Buffer Overflow Exploit
- TemaTres 1.0.3 (Auth Bypass/SQL/XSS) Multiple Remote Vulnerabilities
- TemaTres 1.0.3 Remote Blind SQL Injection Exploit
- Sorinara Streaming Audio Player 0.9 (.m3u) Local Stack Overflow PoC
- LinkBase 2.0 Remote Cookie Grabber Vulnerability
- Joomla Almond Classifieds 5.6.2 Blind SQL Injection Vuln
- Sorinara Streaming Audio Player 0.9 (.m3u) Local Stack Overflow Exploit
- 32bit FTP (09.04.24) (CWD Response) Universal Seh Overwrite Exploit
- webSPELL <= 4.2.0e (page) Remote Blind SQL Injection Exploit
- 32bit FTP (PASV) Reply Client Remote Overflow Exploit (meta)
- Soritong MP3 Player 1.0 Local Buffer Overflow Exploit (SEH)
- Sorinara Streaming Audio Player 0.9 (.PLA) Local Stack Overflow PoC
- TCPDB 3.8 Arbitrary Add Admin Account Vulnerability
- T-Dreams Job Career Package 3.0 Insecure Cookie Handling Vulnerability
- RM Downloader 3.0.0.9 (.RAM) Local Buffer Overflow Exploit
- Mini-stream ASX to MP3 Converter 3.0.0.7 (.RAM) Buffer Overflow Exploit
- Mini-stream ASX to MP3 Converter 3.0.0.7 (.ASX HREF) Local BOF Exploit
- Mini-stream Ripper 3.0.1.1 (.RAM) Local Buffer Overflow Exploit
- Mini-stream Ripper 3.0.1.1 .ASX File (HREF) Local BOF Exploit
- Mini-stream RM-MP3 Converter 3.0.0.7 (.RAM) Local BOF Exploit
- Mini-stream RM-MP3 Converter 3.0.0.7 .ASX File Local BOF Exploit
- VIDEOSCRIPT.us (Auth Bypass) SQL Injection Vulnerability
- ST-Gallery 0.1a Multiple SQL Injection Vulnerabilities
- GrabIt 1.7.2x NZB DTD Reference Buffer Overflow Exploit
- Simple Customer 1.3 Arbitrary Change Admin Password Exploit
- Job Script 2.0 Arbitrary Change Admin Password Exploit
- Sorinara Streaming Audio Player 0.9 (.PLA) Stack Overflow Exploit
- PHP mb_ereg(i)_replace() Evaluate Replacement String Vulnerability
- The Recipe Script 5 (Auth Bypass) SQL Injection / DB Backup Vulns
- Realty Web-Base 1.0 (Auth Bypass) SQL Injection Vulnerability
- ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC
- Luxbum 0.5.5/stable (Auth Bypass) SQL Injection Vulnerability
- Mortbay Jetty <= 7.0.0-pre5 Dispatcher Servlet Denial of Service Exploit
- Battle Blog 1.25 (uploadform.asp) Arbitrary File Upload Vulnerability
- RTWebalbum 1.0.462 (AlbumID) Blind SQL Injection Exploit
- TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit
- TYPSoft FTP Server 1.11 (ABORT) Remote DoS Exploit
- Mereo 1.8.0 Arbitrary File Disclosure Exploit
- eggBlog <= 4.1.1 Local Directory Transversal Exploit
- Dacio's Image Gallery 1.6 (DT/Bypass/SU) Remote Vulnerabilities
- openWYSIWYG <= 1.4.7 Local Directory Transversal Vulnerability
- microTopic v1 (rating) Remote Blind SQL Injection Exploit
- MPLAB IDE 8.30 (.mcp) Universal Seh Overwrite Exploit
- EasyPHP 3.0 Arbitrary Modify Configuration File Vulnerability
- Php Recommend <= 1.3 (AB/RFI/CI) Multiple Remote Vulnerabilities
- Bitweaver <= 2.6 saveFeed() Remote Code Execution Exploit
- CastRipper 2.50.70 (.m3u) Local Buffer Overflow Exploit
- CastRipper 2.50.70 (.m3u) Universal Stack Overflow Exploit
- CastRipper 2.50.70 (.m3u) Universal Stack Overflow Exploit (py)
- CastRipper 2.50.70 (.pls) Universal Stack Overflow Exploit
- BIGACE CMS 2.5 (username) Remote SQL Injection Exploit
- Java SE Runtime Environment - JRE 6 Update 13 Multiple Vulnerabilities
- Zervit Webserver 0.4 Directory Traversal / Memory Corruption PoC
- TinyButStrong 3.4.0 (script) Local File Disclosure Vulnerability
- Password Protector SD 1.3.1 Insecure Cookie Handling Vulnerability
- ipsec-tools racoon frag-isakmp Denial of Service PoC
- Pinnacle Studio 12 (.hfz) Directory Traversal Vulnerability
- Family Connections CMS <= 1.9 (member) SQL Injection Exploit
- MaxCMS 2.0 (m_username) Arbitrary Create Admin Exploit
- Linux Kernel 2.6.x ptrace_attach Local Privilege Escalation Exploit
- Mlffat 2.1 (Auth Bypass / Cookie) SQL Injection Vulnerability
- Ascad Networks 5 Products Insecure Cookie Handling Vulnerability
- My Game Script 2.0 (Auth Bypass) SQL Injection Vulnerability
- DigiMode Maya 1.0.2 (.m3u / .m3l files) Buffer Overflow PoCs
- Linux Kernel 2.6.29 ptrace_attach() Local Root Race Condition Exploit
- Shutter 0.1.1 Multiple Remote SQL Injection Vulnerabilities
- beLive v.0.2.3 (arch.php arch) Local File Inclusion Vulnerability
- StrawBerry 1.1.1 LFI / Remote Command Execution Exploit
- MRCGIGUY ClickBank Directory 1.0.1 Insecure Cookie Handling Vuln
- Submitter Script (Auth Bypass) SQL Injection Vulnerability
- MRCGIGUY Hot Links SQL 3.2.0 Insecure Cookie Handling Vuln
- MRCGIGUY Amazon Directory 1.0/2.0 Insecure Cookie Handling Vuln
- MRCGIGUY Message Box 1.0 Insecure Cookie Handling Vuln
- MRCGIGUY The Ticket System 2.0 Insecure Cookie Handling Vuln
- MRCGIGUY Ultimate Profit Portal 1.0.1 Insecure Cookie Handling Vuln
- 2daybiz Business Community Script Multiple Remote Vulnerabilities
- Easy Scripts Answer and Question Script Multiple Vulnerabilities
- 2daybiz Template Monster Clone (edituser.php) Change Pass Exploit
- MRCGIGUY SimpLISTic SQL 2.0.0 Insecure Cookie Handling Vuln
- MRCGIGUY Top Sites 1.0.0 Insecure Cookie Handling Vuln
- Eggdrop/Windrop 1.6.19 ctcpbuf Remote Crash Vulnerability
- D-Link Products Captcha Bypass Vulnerability
- Joomla Component ArtForms 2.1 b7 Remote File Inclusion Vulnerabilities
- Audioactive Player 1.93b (.m3u) Local Buffer Overflow Exploit
- Harland Scripts 11 Products Remote Command Execution Exploit
- Rama CMS <= 0.9.8 (download.php file) File Disclosure Vulnerability
- Audioactive Player 1.93b (.m3u) Local Buffer Overflow Exploit (SEH)
- 2daybiz Custom T-shirt Design (SQL/XSS) Multiple Remote Vulns
- Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Vulnerability
- DMXReady Registration Manager 1.1 Database Disclosure Vulnerability
- PHPenpals <= 1.1 (mail.php ID) Remote SQL Injection Exploit
- my-colex 1.4.2 (AB/XSS/SQL) Multiple Remote Vulnerabilities
- my-Gesuad 0.9.14 (AB/SQL/XSS) Multiple Remote Vulnerabilities
- Pc4Uploader 9.0 Remote Blind SQL Injection Vulnerability
- PHP Dir Submit (Auth Bypass) SQL Injection Vulnerability
- Online Rental Property Script <= 5.0 (pid) SQL Injection Vulnerability
- httpdx <= 0.5b Multiple Remote Denial of Service Vulnerabilities
- Coppermine Photo Gallery <= 1.4.22 Multiple Remote Vulnerabilities
- Flyspeck CMS 6.8 Remote LFI / Change Add Admin Exploit
- Pluck 4.6.2 (langpref) Local File Inclusion Vulnerabilities
- httpdx <= 0.5b FTP Server (USER) Remote BOF Exploit (SEH)
- ClanWeb 1.4.2 Remote Change Password / Add Admin Exploit
- DOURAN Portal <= 3.9.0.23 Multiple Remote Vulnerabilities
- Dana Portal Remote Change Admin Password Exploit
- OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS
- Zervit Webserver 0.04 (GET Request) Remote Buffer Overflow PoC
- Mereo 1.8.0 (Get Request) Remote Denial of Service Exploit
- LightOpenCMS 0.1 (id) Remote SQL Injection Vulnerability
- Jieqi CMS <= 1.5 Remote Code Execution Exploit
- MaxCMS 2.0 (inc/ajax.asp) Remote SQL Injection Vulnerability
- DGNews 3.0 Beta (id) Remote SQL Injection Vulnerability
- PHP Article Publisher Remote Change Admin Password Exploit
- VidShare Pro Arbitrary Shell Upload Vulnerability
- Joomla com_gsticketsystem (catid) Blind SQL Injection Exploit
- httpdx <= 0.5b FTP Server (CWD) Remote BOF Exploit (SEH)
- AOL IWinAmpActiveX Class ConvertFile() Remote BOF Exploit
- Namad (IMenAfzar) 2.0.0.0 Remote File Disclosure Vulnerability
- PAD Site Scripts 3.6 Insecure Cookie Handling Vulnerability
- Coppermine Photo Gallery <= 1.4.22 Remote Exploit
- VidShare Pro (SQL/XSS) Multiple Remote Vulnerabilities
- Dog Pedigree Online Database 1.0.1b Multiple SQL Injection Vulns
- Dog Pedigree Online Database 1.0.1b Insecure Cookie Handling Vuln
- Dog Pedigree Online Database 1.0.1b Blind SQL Injection Exploit
- DM FileManager 3.9.2 (Auth Bypass) SQL Injection Vulnerability
- KingSoft Web Shield <= 1.1.0.62 XSS/Code Execution Vulnerability
- Joomla Casino 0.3.1 Multiple SQL Injection Exploits
- exJune Officer Message System v1 Multiple Remote Vulnerabilities
- Catviz 0.4.0b1 (LFI/XSS) Multiple Remote Vulnerabilities
- NC GBook 1.0 Remote Command injection Exploit
- NC LinkList 1.3.1 Remote Command Injection Exploit
- Realty Web-Base 1.0 (list_list.php id) SQL Injection Vulnerability
- DMXReady Registration Manager 1.1 Arbitrary File Upload Vulnerability
- PHP Article Publisher Arbitrary Auth Bypass Vulnerability
- bSpeak 1.10 (forumid) Remote Blind SQL Injection Vulnerability
- Jorp 1.3.05.09 Remote Arbitrary Remove Projects/Tasks Vulnerabilities
- Mac OS X Java applet Remote Deserialization Remote PoC (updated)
- Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (patch)
- VICIDIAL 2.0.5-173 (Auth Bypass) SQL Injection Vulnerability
- ASP Inline Corporate Calendar (SQL/XSS) Multiple Remote Vulnerabilities
- BaoFeng (config.dll) ActiveX Remote Code Execution Exploit
- ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit
- Flash Quiz Beta 2 Multiple Remote SQL Injection Vulnerabilities
- Article Directory (Auth Bypass) SQL Injection Vulnerability
- Article Directory (page.php) Remote Blind SQL Injection Vulnerability
- ZaoCMS Insecure Cookie Handling Vulnerability
- ZaoCMS (download.php) Remote File Disclosure Vulnerability
- Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (php)
- Tutorial Share <= 3.5.0 Insecure Cookie Handling Vulnerability
- Winamp 5.551 MAKI Parsing Integer Overflow PoC
- ZaoCMS (user_id) Remote SQL Injection Vulnerability
- Winamp <= 5.55 (MAKI script) Universal Seh Overwrite Exploit
- ZaoCMS (user_updated.php) Remote Change Password Exploit
- Winamp <= 5.55 (MAKI script) Universal Integer Overflow Exploit
- ZaoCMS (PhpCommander) Arbitary Remote File Upload Vulnerability
- Mole Group Sky Hunter/Bus Ticket Scripts Change Admin Pass Exploit
- Mole Group Restaurant Directory Script 3.0 Change Admin Pass Vuln
- PhotoVideoTube 1.11 Multiple Remote Vulnerabilities
- Soulseek 157 NS platforms/ rport/ 156.* Remote Distributed Search Code Execution
- MiniTwitter 0.3-Beta (SQL/XSS) Multiple Remote Vulnerabilities
- Joomla Boy Scout Advancement 0.3 (id) SQL Injection Exploit
- COWON America jetCast 2.0.4.1109 (.mp3) Local Overflow Exploit
- Dokuwiki 2009-02-14 Local File Inclusion Vulnerability
- ArcaVir 2009 < 9.4.320X.9 (ps_drv.sys) Local Privilege Escalation Exploit
- Winamp 5.551 MAKI Parsing Integer Overflow Exploit
- vBulletin vbBux/vbPlaza <= 2.x (vbplaza.php) Blind SQL Injection Vuln
- Cute Editor ASP.NET Remote File Disclosure Vulnerability
- Lighttpd < 1.4.23 Source Code Disclosure Vulnerability (BSD/Solaris bug)
- MyFirstCMS <= 1.0.2 Remote Arbitrary File Delete Vulnerability
- Mole Adult Portal Script (profile.php user_id) SQL Injection Vulnerability
- Slayer 2.4 (skin) Universal Buffer Overflow Exploit (SEH)
- cpCommerce 1.2.x GLOBALS[prefix] Arbitrary File Inclusion Exploit
- Wordpress Plugin Lytebox (wp-lytebox) Local File Inclusion Vulnerability
- Webradev Download Protect 1.0 Remote File Inclusion Vulnerabilities
- eZoneScripts Hotornot2 Script (Admin Bypass) Multiple Remote Vulns
- Mozilla Firefox (unclamped loop) Denial of Service Exploit
- Ultimate Media Script 2.0 Remote Change Content Vulnerabilities
- Gallarific (user.php) Arbirary Change Admin Information Exploit
- RoomPHPlanning 1.6 Multiple Remote Vulnerabilities
- Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC
- PHP <= 5.2.9 Local Safemod Bypass Exploit (win32)
- Joomla Component com_rsgallery2 1.14.x/2.x Remote Backdoor Vuln
- Kensei Board <= 2.0.0b Multiple SQL Injection Vulnerabilities
- MyForum 1.3 (Auth Bypass) Remote SQL Injection Vulnerability
- Soulseek 157 NS Remote Buffer Overflow Exploit (SEH)
- Flash Image Gallery 1.1 Arbitrary Config File Disclosure Vulnerability
- Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (pl)
- ShaadiClone 2.0 (addadminmembercode.php) Add Admin Exploit
- phpBugTracker 1.0.3 (Auth Bypass) SQL Injection Vulnerability
- ZeeCareers 2.0 (addadminmembercode.php) Add Admin Exploit
- WebMember 1.0 (formID) Remote SQL Injection Vulnerability
- Joomla Component Com_Agora 3.0.0 RC1 Remote File Upload Vulnerability
- Dokuwiki 2009-02-14 Remote/Temporary File Inclusion exploit
- Million Dollar Text Links 1.x Insecure Cookie Handling Vulnerability
- Joomla Component AgoraGroup 0.3.5.3 Blind SQL Injection Vulnerability
- Easy Px 41 CMS v09.00.00B1 (fiche) Local File Inclusion Vulnerability
- SiteX <= 0.7.4.418 (THEME_FOLDER) Local File Inclusion Vulnerabilities
- Evernew Free Joke Script 1.2 (cat_id) Remote SQL Injection Vulnerability
- AdPeeps 8.5d1 XSS and HTML Injection Vulnerabilities
- Small Pirate v-2.1 (XSS/SQL) Multiple Remote Vulnerabilities
- AMember 3.1.7 (XSS/SQL/HI) Multiple Remote Vulnerabilities
- Joomla Component JVideo 0.3.x SQL Injection Vulnerability
- Mozilla Firefox 3.0.10 (KEYGEN) Remote Denial of Service Exploit
- Webboard <= v.2.90 beta Remote File Disclosure Vulnerability
- Roxio CinePlayer 3.2 (SonicMediaPlayer.dll) Remote BOF Exploit
- Zen Help Desk 2.1 (Auth Bypass) SQL Injection Vulnerability
- Adobe Acrobat <= 9.1.1 Stack Overflow Crash PoC (osx/win)
- ecshop 2.6.2 Multiple Remote Command Execution Vulnerabilities
- Arab Portal 2.2 (Auth Bypass) Remote SQL Injection Vulnerability
- ZeusCart <= 2.3 (maincatid) SQL Injection Vulnerability
- Million Dollar Text Links <= 1.0 (id) SQL injection Vulnerability
- Traidnt Up 2.0 (Auth Bypass / Cookie) SQL Injection Vulnerability
- ICQ 6.5 URL Search Hook (Windows Explorer) Remote BOF PoC
- Linksys WAG54G2 Web Management Console Arbitrary Command Exec
- RadCLASSIFIEDS Gold v2 (seller) Remote SQL Injection Exploit
- Roxio CinePlayer 3.2 (IAManager.dll) Remote BOF Exploit (heap spray)
- OCS Inventory NG 1.02 Multiple SQL Injection Vulnerabilities
- AIMP 2.51 build 330 (ID3v1/ID3v2 Tag) Remote Stack BOF PoC (SEH)
- eliteCMS 1.01 (SQL/XSS) Multiple Remote Vulnerabilities
- Open-school 1.0 (id) Remote SQL Injection Vulnerability
- Escon SupportPortal Pro 3.0 (tid) Blind SQL Injection Vulnerability
- Unclassified NewsBoard 1.6.4 Multiple Remote Vulnerabilities
- Apache mod_dav / svn Remote Denial of Service Exploit
- Online Grades & Attendance 3.2.6 Credentials Changer SQL Exploit
- Online Grades & Attendance 3.2.6 Multiple SQL Injection Vulnerabilities
- ASMAX AR 804 gu Web Management Console Arbitrary Command Exec
- Joomla Component Joomlaequipment 2.0.4 (com_juser) SQL Injection
- ecsportal rel 6.5 (article_view_photo.php id) SQL Injection Vulnerability
- R2 Newsletter Lite/Pro/Stats (admin.mdb) Database Disclosure Vuln
- PAD Site Scripts 3.6 Remote Arbitrary Database Backup Vulnerability
- AdaptBB 1.0 (forumspath) Remote File Inclusion Vulnerability
- ASP Football Pool 2.3 Remote Database Disclosure Vulnerability
- Online Grades & Attendance 3.2.6 Multiple Local File Inclusion Vulns
- Online Grades & Attendance 3.2.6 Blind SQL Injection Exploit
- AlstraSoft Article Manager Pro Remote Shell Upload Vulnerability
- Flashlight Free Edition (LFI/SQL) Multiple Remote Vulnerabilities
- WebCal (webCal3_detail.asp event_id) SQL Injection Vulnerability
- PropertyMax Pro FREE (SQL/XSS) Multiple Remote Vulnerabilities
- WebEyes Guest Book v.3 (yorum.asp mesajid) SQL Injection Vulnerability
- Podcast Generator <= 1.2 GLOBALS[] Multiple Remote Vulnerabilities
- Apple iTunes 8.1.1 (ITMS) Multiple Protocol Handler BOF Exploit (meta)
- Apple QuickTime Image Description Atom Sign Extension PoC
- Atomix Virtual Dj Pro 6.0 Stack Buffer Overflow PoC (SEH)
- My Mini Bill (orderid) Remote SQL Injection Vulnerability
- EgyPlus 7ml <= 1.0.1 (Auth Bypass) SQL Injection Vulnerability
- Podcast Generator <= 1.2 unauthorized Re-Installation Remote Exploit
- Joomla Component Seminar 1.28 (id) Blind SQL Injection Exploit
- OCS Inventory NG 1.02 Remote File Disclosure Vulnerability
- Supernews 2.6 (index.php noticia) Remote SQL Injection Vulnerability
- Joomla Omilen Photo Gallery 0.5b Local File Inclusion Vulnerability
- Movie PHP Script 2.0 (init.php anticode) Code Execution Vulnerability
- Joomla Component com_mosres Multiple SQL Injection Vulnerabilities
- OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
- SuperCali PHP Event Calendar Arbitrary Change Admin Password Exploit
- Online Armor < 3.5.0.12 (OAmon.sys) Local Privilege Escalation Exploit
- Web Directory PRO (admins.php) Change Admin Password Exploit
- Host Directory PRO 2.1.0 Remote Database Backup Vulnerability
- Web Directory PRO Remote Database Backup Vulnerability
- Host Directory PRO 2.1.0 Remote Change Admin Password Exploit
- Kloxo 5.75 (24 Issues) Multiple Remote Vulnerabilities
- PeaZIP <= 2.6.1 Compressed Filename Command Injection Exploit
- Pixelactivo 3.0 (idx) Remote SQL Injection Vulnerability
- Pixelactivo 3.0 (Auth Bypass) Remote SQL Injection Vulnerability
- Kjtechforce mailman b1 (code) SQL Injection Delete Row Vulnerability
- Kjtechforce mailman b1 (dest) Remote Blind SQL Injection Exploit
- MyCars Automotive (Auth Bypass) SQL Injection Vulnerability
- VT-Auth 1.0 (zHk8dEes3.txt) File Disclosure Vulnerability
- fipsCMS Light 2.1 (db.mdb) Remote Database Disclosure Vulnerability
- Joomla Component com_school 1.4 (classid) SQL Injection Vulnerability
- Virtue Classifieds (category) SQL Injection Vulnerability
- Virtue Book Store (cid) Remote SQL Injection Vulnerability
- Virtue Shopping Mall (cid) Remote SQL Injection Vulnerability
- Interlogy Profile Manager Basic Insecure Cookie Handling Vulnerability
- Apple MACOS X xnu <= 1228.9.59 Local Kernel Root Exploit
- httpdx <= 0.8 FTP Server Delete/Get/Create Directories/Files Exploit
- Joomla Component MooFAQ (com_moofaq) LFI Vulnerability
- SAP GUI 6.4 ActiveX (Accept) Remote Buffer Overflow PoC
- Frontis 3.9.01.24 (source_class) Remote SQL Injection Vulnerability
- Virtue News (SQL/XSS) Multiple Remote Vulnerabilities
- Grestul 1.2 Remote Add Administrator Account Exploit
- DM FileManager 3.9.2 Insecure Cookie Handling Vulnerability
- Automated Link Exchange Portal 1.3 Multiple Remote Vulnerabilities
- Joomla Component com_portafolio (cid) SQL injection Vulnerability
- Shop Script Pro 2.12 Remote SQL Injection Exploit
- Apple Safari <= 3.2.x (XXE attack) Local File Theft Vulnerability
- Joomla Component BookLibrary 1.5.2.4 Remote File Inclusion Vuln
- Joomla Component Akobook 2.3 (gbid) SQL Injection Vulnerability
- Joomla Component com_media_library 1.5.3 RFI Vulnerability
- S-CMS <= 2.0b3 Multiple Local File Inclusion Vulnerabilities
- S-CMS <= 2.0b3 Multiple SQL Injection Vulnerabilities
- S-CMS <= 2.0b3 (username) Blind SQL Injection Exploit
- Free Download Manager 2.5/3.0 (Control Server) Remote BOF Exploit
- MRCGIGUY The Ticket System 2.0 PHP Multiple Remote Vulnerabilities
- MRCGIGUY Hot Links (report.php id) Remote SQL Injection Vulnerability
- Joomla Component com_realestatemanager 1.0 RFI Vulnerability
- Joomla Component com_vehiclemanager 1.0 RFI Vulnerability
- phpMyAdmin (/scripts/setup.php) PHP Code Injection Exploit
- DX Studio Player < 3.0.29.1 Firefox plug-in Command Injection Vuln
- LightNEasy sql/no-db <= 2.2.x system Config Disclosure Exploit
- School Data Navigator (page) Local/Remote File Inclusion Vulnerability
- Desi Short URL Script (Auth Bypass) Insecure Cookie Handling Vuln
- MRCGIGUY FreeTicket (CH/SQL) Multiple Remote Vulnerabilities
- Open Biller 0.1 (username) Blind SQL Injection Exploit
- phpWebThings <= 1.5.2 (help.php module) Local File Inclusion Vuln
- Splog <= 1.2 Beta Multiple Remote SQL Injection Vulnerabilities
- ModSecurity <= 2.5.9 (Core Rules <= 2.5-1.6.1) Filter Bypass Vuln
- TorrentVolve 1.4 (deleteTorrent) Delete Arbitrary File Vulnerability
- Yogurt 0.3 (XSS/SQL Injection) Multiple Remote Vulnerabilities
- Sniggabo CMS (article.php id) Remote SQL Injection Exploit
- Apple iTunes 8.1.1.10 (itms/itcp) Remote Buffer Overflow Exploit (win)
- Zip Store Chat 4.0/5.0 (Auth Bypass) SQL Injection Vulnerability
- 4images <= 1.7.7 Filter Bypass HTML Injection/XSS Vulnerability
- Campus Virtual-LMS (XSS/SQL Injection) Multiple Remote Vulnerabilities
- Green Dam 3.17 (URL) Remote Buffer Overflow Exploit (xp/sp2)
- phpWebThings <= 1.5.2 MD5 Hash Retrieve/File Disclosure Exploit
- Asterisk IAX2 Resource Exhaustion via Attacked IAX Fuzzer
- Pivot 1.40.4-7 Multiple Remote Vulnerabilities
- TBDev 01-01-2008 Multiple Remote Vulnerabilities
- TransLucid 1.75 Multiple Remote Vulnerabilities
- Uebimiau Web-Mail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities
- Joomla Component com_Projectfork 2.0.10 Local File Inclusion Vuln
- Impleo Music Collection 2.0 (SQL/XSS) Multiple Remote Vulnerabilities
- Mundi Mail 0.8.2 (top) Remote File Inclusion Vulnerability
- SugarCRM 5.2.0e Remote Code Execution Vulnerability
- FormMail 1.92 Multiple Remote Vulnerabilities
- DB Top Sites 1.0 Remote Command Execution Exploit
- DB Top Sites 1.0 (index.php u) Local File Inclusion Vulnerability
- Elvin BTS 1.2.0 Multiple Remote Vulnerabilities
- AdaptWeb 0.9.2 (LFI/SQL) Multiple Remote Vulnerabilities
- LinkLogger 2.4.10.15 (syslog) Denial of Service Exploit
- Evernew Free Joke Script 1.2 Remote Change Password Exploit
- Apple Safari & Quicktime Denial of Service Vulnerability
- TorrentTrader Classic 1.09 Multiple Remote Vulnerabilities
- Joomla Component com_ijoomla_rss Blind SQL Injection Exploit
- Apple QuickTime CRGN Atom Local Crash Exploit
- WordPress Plugin Photoracer 1.0 (id) SQL Injection Vulnerability
- phpCollegeExchange 0.1.5c (listing_view.php itemnr) SQL Injection Vuln
- Netgear DG632 Router Authentication Bypass Vulnerability
- Netgear DG632 Router Remote Denial of Service Vulnerability
- vBulletin Radio and TV Player Add-On HTML Injection Vulnerability
- phportal v1 (topicler.php id) Remote SQL Injection Vulnerability
- The Recipe Script 5 Remote XSS Vulnerability
- Joomla Component com_jumi (fileid) Blind SQL Injection Exploit
- Green Dam 3.17 URL Processing Buffer Overflow Exploit (meta)
- McAfee 3.6.0.608 naPolicyManager.dll ActiveX Arbitrary Data Write Vuln
- Carom3D 5.06 Unicode Buffer Overrun/DoS Vulnerability
- XOOPS <= 2.3.3 Remote File Disclosure Vulnerability (.htaccess)
- phpFK 7.03 (page_bottom.php) Local File Inclusion Vulnerability
- Multiple HTTP Server Low Bandwidth Denial of Service (slowloris.pl)
- TekBase All-in-One 3.1 Multiple SQL Injection Vulnerabilities
- fuzzylime cms <= 3.03a Local Inclusion / Arbitrary File Corruption PoC
- FretsWeb 1.2 Multiple Local File Inclusion Vulnerabilities
- FretsWeb 1.2 (name) Remote Blind SQL Injection Exploit
- phportal 1.0 Insecure Cookie Handling Vulnerability
- compface <= 1.5.2 (XBM File) Local Buffer Overflow PoC
- DESlock+ 4.0.2 dlpcrypt.sys Local Kernel ring0 Code Execution Exploit
- CMS Buzz (XSS/PC/HI) Multiple Remote Vulnerabilities
- Edraw PDF Viewer Component < 3.2.0.126 ActiveX Insecure Method Vuln
- MIDAS 1.43 (Auth Bypass) Insecure Cookie Handling Vulnerability
- pc4 Uploader <= 10.0 Remote File Disclosure Vulnerability
- phpDatingClub 3.7 Remote SQL/XSS Injection Vulnerabilities
- Multiple HTTP Server Low Bandwidth Denial of Service #2
- pmaPWN! - phpMyAdmin Code Injection RCE Scanner & Exploit
- Elgg (XSS/CSRF/Change Password) Multiple Remote Vulnerabilities
- AWScripts Gallery Search Engine 1.x Insecure Cookie Vulnerability
- Campsite 3.3.0 RC1 Multiple Remote File Inclusion Vulnerabilities
- Gravy Media Photo Host 1.0.8 Local File Disclosure Vulnerability
- Kasseler CMS (FD/XSS) Multiple Remote Vulnerabilities
- Sourcebans <= 1.4.2 Arbitrary Change Admin Email Vulnerability
- Joomla Component com_tickets <= 2.1 (id) SQL Injection Vuln
- RS-CMS 2.1 (key) Remote SQL Injection Vulnerability
- MyBB <= 1.4.6 Remote Code Execution Exploit
- Bopup Communications Server 3.2.26.5460 Remote SYSTEM Exploit
- Zen Cart 1.3.8 Remote Code Execution Exploit
- Zen Cart 1.3.8 Remote SQL Execution Exploit
- HP Data Protector 4.00-SP1b43064 Remote Memory Leak/Dos Exploit
- HP Data Protector 4.00-SP1b43064 Remote Memory Leak/Dos (meta)
- phpCollegeExchange 0.1.5c (RFI/LFI/XSS) Multiple Vulnerabilities
- BASE <= 1.2.4 (Auth Bypass) Insecure Cookie Handling Vulnerability
- Glossword <= 1.8.11 (index.php x) Local File Inclusion Vulnerability
- Joomla Component com_pinboard Remote File Upload Vulnerability
- Tribiq CMS 5.0.12c (XSS/LFI) Multiple Remote Vulnerabilities
- PHPEcho CMS 2.0-rc3 (forum) XSS Cookie Stealing / Blind Vulnerability
- LightOpenCMS 0.1 (smarty.php cwd) Local File Inclusion Vulnerability
- Joomla Component com_amocourse (catid) SQL Injection Vuln
- Joomla Component com_pinboard (task) SQL Injection Exploit
- MyFusion 6b settings[locale] Local File Inclusion Vulnerability
- AlumniServer 1.0.1 (Auth Bypass) SQL Injection Vulnerability
- AlumniServer 1.0.1 (resetpwemail) Blind SQL Injection Exploit
- MD-Pro 1.083.x Survey Module (pollID) Blind SQL Injection Vulnerability
- Virtue Online Test Generator (AB/SQL/XSS) Multiple Vulnerabilities
- PHP-Address Book 4.0.x Multiple SQL Injection Vulnerabilities
- ForumPal FE 1.1 (Auth Bypass) Remote SQL Injection Vulnerability
- Mega File Manager 1.0 (index.php page) LFI Vulnerability
- WHOISCART (Auth Bypass) Information Disclosure Vulnerability
- Messages Library 2.0 (cat.php CatID) SQL Injection Vulnerability
- Joomla Component com_php (id) Blind SQL Injection Vulnerability
- VideoLAN VLC Media Player 0.9.9 smb:// URI Stack BOF PoC
- Joomla Component com_K2 <= 1.0.1b (category) SQL Injection Vuln
- Bopup Communications Server (3.2.26.5460) Remote BOF Exploit (SEH)
- osTicket 1.6 RC4 Admin Login Blind SQL Injection Vulnerability
- SCMPX 1.5.1 (.m3u File) Local Heap Overflow PoC
- HT-MP3Player 1.0 (.ht3 File) Local Buffer Overflow Exploit (SEH)
- Almnzm (COOKIE: customer) Remote SQL Injection Vulnerability
- PHP-Sugar 0.80 (index.php t) Local File Inclusion Vulnerability
- Clicknet CMS 2.1 (side) Arbitrary File Disclosure Vulnlerability
- HT-MP3Player 1.0 (.ht3) Universal Buffer Overflow (SEH)
- Cpanel (lastvisit.html domain) Arbitrary File Disclosure Vuln (auth)
- Joomla com_bookflip (book_id) Remote SQL Injection Vulnerability
- Audio Article Directory (file) Remote File Disclosure Vulnerability
- Newsolved 1.1.6 (login grabber) Multiple SQL Injection Exploit
- WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln
- DM FileManager 3.9.4 Remote File Inclusion Vulnerability
- TFM MMPlayer 2.0 (m3u/ppl) Universal Buffer Overflow Exploit (SEH)
- WordPress Plugin DM Albums 1.9.2 Remote File Disclosure Vulnerability
- DM FileManager 3.9.4 Remote File Disclosure Vulnerability
- SMF Mod Member Awards 1.0.2 Blind SQL Injection Exploit
- Jax FormMailer 3.0.0 Remote File Inclusion Vulnerability
- BIGACE CMS 2.6 (cmd) Local File Inclusion Vulnerability
- phpMyBlockchecker 1.0.0055 Insecure Cookie Handling Vulnerability
- WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability
- PunBB Affiliates Mod <= 1.1 Remote Blind SQL Injection Exploit
- MDPro Module CWGuestBook <= 2.1 Remote SQL Injection Vulnerability
- TSEP <= 0.942.02 Multiple Remote Vulnerabilities
- PunBB Extension Vote For Us <= 1.0.1 Blind SQL Injection Exploit
- Messages Library 2.0 Arbitrary Administrator Account Vulnerability
- MP3-Nator 2.0 (plf File) Universal Buffer Overflow Exploit (SEH)
- PEamp 1.02b (.M3U File) Local Buffer Overflow PoC
- Messages Library 2.0 Arbitrary Delete Message Vulnerability
- Messages Library 2.0 Insecure Cookie Handling Vulnerability
- AudioPLUS 2.00.215 (.lst & .m3u File) Local buffer Overflow (seh)
- Green Dam Remote Change System Time Exploit
- ARD-9808 DVR Card Security Camera Arbitrary Config Disclosure Vuln
- ARD-9808 DVR Card Security Camera (GET Request) Remote DoS Exploit
- KerviNet Forum <= 1.1 Multiple Remote Vulnerabilities
- CMS Chainuk <= 1.2 Multiple Remote Vulnerabilities
- AudioPLUS 2.00.215 (.pls) Local Buffer Overflow Exploit (SEH)
- Apple Safari 4.x JavaScript Reload Remote Crash Exploit
- Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit
- YourTube <= 2.0 Arbitrary Database Disclosure Exploit
- Sourcefire 3D Sensor & Defense Center 4.8.x Privilege Escalation Vuln
- AdminLog 0.5 (valid_login) Authentication Bypass Vulnerability
- Almnzm 2.0 Remote Blind SQL Injection Exploit
- conpresso 3.4.8 (detail.php) Remote Blind SQL Injection Vuln
- Opial 1.0 (Auth Bypass) Remote SQL Injection Vulnerability
- Opial 1.0 (albumid) Remote SQL Injection Vulnerability
- Rentventory Multiple Remote SQL Injection Vulnerabilities
- FreeBSD 7.0/7.1 vfs.usermount Local Privilege Escalation Exploit
- Linux Kernel <= 2.6.28.3 set_selection() UTF-8 Off By One Local Exploit
- Soulseek 157 NS < 13e/156.* Remote Peer Search Code Execution PoC
- MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
- MRCGIGUY Thumbnail Gallery Post 1b Arb. Shell Upload Vulnerability
- Nwahy Dir 2.1 Arbitrary Change Admin Password Exploit
- Glossword <= 1.8.11 Arbitrary Uninstall / Install Vulnerability
- ClearContent (image.php url) RFI/LFI Vulnerability
- otsAV DJ 1.85.064 (.ofl File) Local Heap Overflow PoC
- Mlffat 2.2 Remote Blind SQL Injection Exploit
- WebAsyst Shop-Script (bSQL/XSS) Multiple Remote Vulnerabilities
- Windows Live Messenger Plus! FileServer 1.0 Directory Traversal Vuln
- EasyVillaRentalSite (Id) Remote SQL Injection Vulnerability
- TalkBack 2.3.14 Multiple Remote Vulnerabilities
- Sun One WebServer 6.1 JSP Source Viewing Vulnerability
- xscreensaver 5.01 Arbitrary File Disclosure Symlink Attack Vulnerability
- Siteframe CMS 3.2.x SQL Injection/phpinfo() Multiple Vulnerabilities
- Universe CMS 1.0.6 (vnews.php id) Remote SQL Injection Exploit
- Microsoft Internet Explorer (AddFavorite) Remote Crash PoC
- phpBMS 0.96 Multiple Remote Vulnerabilities
- PatPlayer 3.9 (M3U File) Local Heap Overflow PoC
- GenCMS 2006 Multiple Remote Vulnerabilities
- Photo DVD Maker Pro <= 8.02 (.pdm) Local BOF Exploit (SEH)
- MyMsg 1.0.3 (uid) Remote SQL Injection Vulnerability
- Citrix XenCenterWeb (XSS/SQL/RCE) Multiple Remote Vulnerabilities
- Phenotype CMS 2.8 (login.php user) Blind SQL Injection Vulnerability
- MS Internet Explorer 7 Video ActiveX Remote Buffer Overflow Exploit
- ToyLog 0.1 SQL Injection Vulnerability/RCE Exploit
- WordPress Privileges Unchecked in admin.php and Multiple Information
- Jobbr 2.2.7 Multiple Remote SQL Injection Vulnerabilities
- Joomla Component com_propertylab (auction_id) SQL injection Vuln
- OtsAv DJ/TV/Radio Multiple Local Heap Overflow PoCs
- eEye Retina WiFi Security Scanner 1.0 (.rws Parsing) Buffer Overflow PoC
- Digitaldesign CMS 0.1 Remote Database Disclosure Vulnerability
- AwingSoft Web3D Player (WindsPly.ocx) Remote BOF PoC
- HTC / Windows Mobile OBEX FTP Service Directory Traversal Vuln
- Ebay Clone 2009 (XSS/bSQL) Multiple Remote Vulnerabilities
- LionWiki (index.php page) Local File Inclusion Vulnerability
- Morcego CMS <= 1.7.6 Remote Blind SQL Injection Exploit
- Opial 1.0 Arbitrary File Upload/XSS/SQL Injection Vulnerabilities
- M3U/M3L to ASX/WPL 1.1 (ASX,M3U,M3L) Local BOF PoC
- Playlistmaker 1.5 (.M3U/M3L/TXT File) Local Stack Overflow PoC
- Ebay Clone 2009 Multiple SQL Injection Vulnerabilities
- Joomla Component com_category (catid) SQL Injection Vulnerability
- d.net CMS Arbitrary Reinstall/Blind SQL Injection Exploit
- Pirch IRC 98 Client (response) Remote BOF Exploit (SEH)
- Censura 1.16.04 (bSQL/XSS) Multiple Remote Vulnerabilities
- Php AdminPanel Free version 1.0.5 Remote File Disclosure Vuln
- Tandberg MXP F7.0 (USER) Remote Buffer Overflow PoC
- RunCMS <= 1.6.3 (double ext) Remote Shell Injection Exploit
- ScITE Editor 1.72 Local Crash Vulnerability Exploit
- FreeBSD 6/8 (ata device) Local Denial of Service Exploit
- Openswan <= 2.4.12/2.6.16 Insecure Temp File Creation Root Exploit
- Mp3-Nator 2.0 (ListData.dat) Universal Buffer Overflow Exploit (SEH)
- Mozilla Firefox 3.5 (Font tags) Remote Buffer Overflow Exploit
- onepound shop 1.x products.php SQL Injection Vulnerability
- JetAudio 7.5.3 COWON Media Center (.wav File) Crash Exploit
- DJ Calendar (DJcalendar.cgi TEMPLATE) File Disclosure Vuln
- Icarus 2.0 (.ICP File) Local Stack Overflow PoC
- Live For Speed 2 Version Z .Mpr Local buffer Overflow Exploit
- Virtualmin < 3.703 Multiple Local/Remote Vulnerabilities
- Mobilelib Gold v3 Local File Disclosure Vulnerability
- Traidnt UP 2.0 Remote Blind SQL Injection Exploit
- Icarus 2.0 (.ICP File) Local Stack Overflow Exploit
- MixVibes Pro 7.043 (.vib File) Local Stack Overflow PoC
- Live For Speed 2 Version Z (.mpr ) Buffer Overflow Exploit (SEH)
- Icarus 2.0 (.ICP File) Local Buffer Overflow Exploit (SEH)
- WordPress Plugin My Category Order <= 2.8 SQL Injection Vulnerability
- ILIAS LMS <= 3.9.9/3.10.7 Arbitrary Edition/Info Disclosure Vulns
- AudioPLUS 2.00.215 (.m3u .lst) Universal SEH Overwrite Exploit
- Admin News Tools 2.5 (fichier) Remote File Disclosure Vulnerability
- ZenPhoto 1.2.5 Completely Blind SQL Injection Exploit
- PHPGenealogy 2.0 (DataDirectory) RFI Vulnerability
- Greenwood Content Manager 0.3.2 Local File Inclusion Exploit
- Hamster Audio Player 0.3a Local Buffer Overflow PoC
- Mozilla Firefox 3.5 unicode Remote Buffer Overflow PoC
- Infinity <= 2.0.5 Arbitrary Create Admin Exploit
- Multiple Web Browsers Denial of Service Exploit (1 bug to rule them all)
- Admin News Tools Remote Contents Change Vulnerability
- WebLeague 2.2.0 (profile.php) SQL Injection Vulnerability
- Microsoft Office Web Components (Spreadsheet) ActiveX BOF PoC
- webLeague 2.2.0 (install.php) Remote Change Password Exploit
- webLeague 2.2.0 (Auth Bypass) Remote SQL Injection Exploit
- ZenPhoto Gallery 1.2.5 Admin Password Reset (CRSF)
- Music Tag Editor 1.61 build 212 Remote Buffer Overflow PoC
- Zortam MP3 Player 1.50 (m3u) Integer Division by Zero Exploit
- Zortam MP3 Media Studio 9.40 Multiple Memory Corruption Vulns
- Audio Editor Pro 2.91 Remote Memory Corruption PoC
- VS PANEL 7.5.5 (results.php Cat_ID) SQL Injection Vulnerability
- Hamster Audio Player 0.3a Universal Buffer Overflow Exploit (SEH)
- MultiMedia Jukebox 4.0 Build 020124 (.pst / .m3u) Heap Overflow PoC
- PHP Live! 3.2.1/2 (x) Remote Blind SQL Injection Vulnerability
- Sguil/PADS Remote Server Crash Vulnerability
- dB Masters Multimedia's Content Manager 4.5 SQL Injection Vulnerability
- Easy RM to MP3 Converter 2.7.3.700 (.m3u) Universal BOF Exploit
- MixSense 1.0.0.1 DJ Studio (.mp3 file) Crash Exploit
- Super Simple Blog Script 2.5.4 Local File Inclusion Vulnerability
- Super Simple Blog Script 2.5.4 (entry) SQL Injection Vulnerability
- Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit
- AJOX Poll (managepoll.php) Authentication Bypass Vulnerability
- Battle Blog 1.25 Auth Bypass SQL Injection / HTML Injection Vulns
- Ger Versluis 2000 5.5 24 SITE_fiche.php SQL Injection Vulnerability
- Good/Bad Vote (XSS/LFI) Multiple Remote Vulnerabilities
- Easy RM to MP3 Converter .m3u file Universal Stack Overflow Exploit
- Joomla Component Jobline <= 1.3.1 Blind SQL Injection Vulnerability
- Streaming Audio Player 0.9 (skin) Local Stack Overflow PoC (SEH)
- htmldoc 1.8.27.1 (.html) Universal Stack Overflow Exploit
- Linux 2.6.30+/SELinux/RHEL5 Test Kernel Local Root Exploit 0day
- Soritong MP3 Player 1.0 (SKIN) Local Stack Overflow PoC (SEH)
- WebVision 2.1 (news.php n) Remote SQL Injection Exploit
- RadBIDS GOLD v4 Multiple Remote Vulnerabilities
- RadLance Gold 7.5 Multiple Remote Vulnerabilities
- RadNICS Gold v5 Multiple Remote Vulnerabilities
- Real Helix DNA RTSP and SETUP Request Handler Vulnerabilities
- Adobe related service (getPlus_HelperSvc.exe) Local Privilege Escalation
- EpicVJ 1.2.8.0 (.mpl/.m3u) Local Heap Overflow PoC
- Silentum Guestbook 2.0.2 (silentum_guestbook.php) SQL Injection Vuln
- Netrix CMS 1.0 Authentication Bypass Vulnerability
- MiniCWB 2.3.0 (LANG) Remote File Inclusion Vulnerabilities
- MCshoutbox 1.1 (SQL/XSS/Shell) Multiple Remote Vulnerabilities
- FreeBSD 7.2 (pecoff executable) Local Denial of Service Exploit
- PulseAudio setuid Local Privilege Escalation Exploit
- PulseAudio (setuid) Priv. Escalation Exploit (ubu/9.04)(slack/12.2.0)
- DD-WRT (httpd service) Remote Command Execution Vulnerability
- Alibaba-clone CMS (SQL/bSQL) Remote SQL Injection Vulnerabilities
- Acoustica MP3 Audio Mixer 2.471 (.sgp file) Crash Exploit
- Acoustica MP3 Audio Mixer 2.471(.m3u) Local Heap Overflow PoC
- Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit (pl)
- Streaming Audio Player 0.9 (skin) Local Stack Overflow (SEH)
- Soritong MP3 Player 1.0 (SKIN) Local Stack Overflow Exploit (SEH)
- E-Xoopport 3.1 Module MyAnnonces (lid) SQL Injection Vulnerability
- powerUpload 2.4 (Auth Bypass) Insecure Cookie Handling Vulnerability
- KMplayer <= 2.9.4.1433 (.srt File) Local Buffer Overflow PoC
- WINMOD 1.4 (.lst File) Local Buffer Overflow Exploit (SEH)
- FlyHelp (.CHM File) Local Buffer Overflow PoC
- Adobe Acrobat 9.1.2 NOS Local Privilege Escalation Exploit
- MS Office Web Components Spreadsheet ActiveX (OWC10/11) Exploit
- AnotherPHPBook (APB) v.1.3.0 (Auth Bypass) SQL Injection Vulnerability
- phpDirectorySource (XSS/SQL) Multiple Remote Vulnerabilities
- Meta Search Engine Script (url) Local File Disclosure Vulnerability
- otsAV 1.77.001 (.ofl File) Local Heap Overflow PoC
- WINMOD 1.4 (.lst) Universal Buffer Overflow Exploit (SEH) #2
- Phorum <= 5.2.11 Permanent Cross Site Scripting Vulnerabilities
- WINMOD 1.4 (.lst) Local Stack Overflow Exploit
- e107 Plugin my_gallery 2.4.1 readfile() Local File Disclosure Exploit
- GLinks 2.1 (cat) Remote Blind SQL Injection Vulnerability
- AWCM 2.1 Local File Inclusion / Auth Bypass Vulnerabilities
- Joomla Component com_joomloads (packageId) SQL Injection Vuln
- PHP Melody 1.5.3 Remote File Upload Injection Vulnerability
- OpenH323 Opal SIP Protocol Remote Denial of Service Exploit
- Ekiga 2.0.5 (GetHostAddress) Remote Denial of Service Exploit
- WzdFTPD <= 8.0 Remote Denial of Service Exploit
- Million-Dollar Pixel Ads Platinum (SQL/XSS) Multiple Vulnerabilities
- Joomla Extension UIajaxIM 1.1 JavaScript Execution Vulnerability
- PHP Live! 3.2.1/2 (x) Remote Blind SQL Injection Exploit
- Basilic 1.5.13 (index.php idAuthor) SQL Injection Vulnerability
- Mozilla Firefox 3.5 (Font tags) Remote Buffer Overflow Exploit (osx)
- SaphpLesson v4.0 (Auth Bypass) SQL Injection Vulnerability
- Xoops Celepar Module Qas (codigo) SQL Injection Vulnerability
- Wordpress 2.8.1 (url) Remote Cross Site Scripting Exploit
- Deonixscripts Templates Management 1.3 SQL Injection Vulnerability
- Scripteen Free Image Hosting Script 2.3 SQL Injection Exploit
- MS Internet Explorer 7/8 findText Unicode Parsing Crash Exploit
- PHP Live! <= 3.2.2 (questid) Remote SQL Injection Vulnerability
- Clip Bucket <= 1.7.1 Insecure Cookie Handling Vulnerability
- Scripteen Free Image Hosting Script 2.3 Insecure Cookie Handling Vuln
- Pixaria Gallery 2.3.5 (file) Remote File Disclosure Exploit
- Joomla Almond Classifieds 7.5 (com_aclassf) Multiple Vulnerabilities
- Almond Classifieds Ads (bSQL/XSS) Multiple Remote Vulnerabilities
- SkaDate Dating (RFI/LFI/XSS) Multiple Remote Vulnerabilities
- XOOPS Celepar Module Qas (bSQL/XSS) Multiple Remote Vulnerabilities
- GarageSalesJunkie (SQL/XSS) Multiple Remote Vulnerabilities
- URA 3.0 (cat) remote SQL injection Vulnerability
- stftp <= 1.10 (PWD Response) Remote Stack Overflow PoC
- ISC DHCP dhclient < 3.1.2p1 Remote Buffer Overflow PoC
- iWiccle 1.01 (LFI/SQL) Multiple Remote Vulnerabilities
- VS PANEL 7.5.5 (Cat_ID) SQL Injection Vulnerability (patched?)
- Cisco WLC 4402 Basic Auth Remote Denial of Service (meta)
- PHP Paid 4 Mail Script (home.php page) Remote File Inclusion Vuln
- Super Mod System v3 (s) SQL Injection Vulnerability
- Inout Adserver (id) Remote SQL injection Vulnerability
- Adobe Acrobat 9.1.2 NOS Local Privilege Escalation Exploit (py)
- Allomani Mobile 2.5 Remote Blind SQL Injection Exploit
- Allomani Songs & Clips 2.7.0 Blind SQL Injection Exploit
- Allomani Movies & Clips 2.7.0 Remote Blind SQL Injection Exploit
- IXXO Cart! Standalone and Joomla Component SQL Injection Vuln
- MP3 Studio 1.0 (.mpf /.m3u File) Local Stack Overflow PoC
- NcFTPd <= 2.8.5 Remote Jail Breakout Vulnerability
- PunBB Automatic Image Upload <= 1.3.5 Remote SQL Injection Exploit
- PunBB Automatic Image Upload <= 1.3.5 Delete Arbitrary File Exploit
- Limny 1.01 (Auth Bypass) SQL Injection Vulnerability
- Magician Blog <= 1.0 (ids) Remote SQL Injection Vulnerability
- Magician Blog <= 1.0 (Auth Bypass) SQL injection Vulnerability
- SerWeb <= 2.1.0-dev1 2009-07-02 Multiple RFI Vulnerabilities
- MP3 Studio 1.0 (.mpf /.m3u File) Local Stack Overflow Exploit (SEH)
- PHP Paid 4 Mail Script (paidbanner.php ID) SQL Injection Vulnerability
- phpArcadeScript 4.0 (linkout.php id) SQL Injection Vulnerability
- PunBB Reputation.php Mod <= 2.0.4 Blind SQL Injection Exploit
- In-Portal 4.3.1 Arbitrary Shell Upload Vulnerability
- MP3 Studio v1.0 (mpf File) Local BOF Exploit (SEH)
- PaoLink 1.0 (login_ok) Authentication Bypass Vulnerability
- PaoBacheca Guestbook 2.1 (login_ok) Auth Bypass Vulnerability
- PaoLiber 1.1 (login_ok) Authentication Bypass Vulnerability
- Firebird SQL op_connect_request main listener shutdown Vulnerability
- TinyBrowser (TinyMCE Editor File browser) 1.41.6 Multiple Vulnerabilities
- Ultrize TimeSheet 1.2.2 Remote File Inclusion Vulnerability
- Millenium MP3 Studio 1.0 .mpf File Local Stack Overflow Exploit (update)
- WINMOD 1.4 (.lst) Local Stack Overflow Exploit XP SP3 (RET+SEH) #3
- ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
- Microsoft Windows XP (win32k.sys) Local Privilege Escalation Exploit
- Compface 1.1.5 (.xbm File) Local Buffer Overflow Exploit
- VLC Media Player 0.8.6f smb:// URI Handling Remote BOF Exploit
- Epiri Professional Web Browser 3.0 Remote Crash Exploit
- EPSON Status Monitor 3 Local Privilege Escalation Vulnerability
- IBM AIX 5.3 libc MALLOCDEBUG File Overwrite Vulnerability
- Ultrize TimeSheet 1.2.2 readfile() Local File Disclosure Vulnerability
- justVisual 1.2 (fs_jVroot) Remote File Inclusion Vulnerabilities
- Orbis CMS 1.0 (AFD/ADF/ASU/SQL) Multiple Remote Vulnerabilities
- dit.cms 1.3 (path/sitemap/relPath) Local File Inclusion Vulnerabilities
- CMSphp 0.21 (LFI/XSS) Multiple Remote Vulnerabilities
- d.net CMS (LFI/SQLI) Multiple Remote Vulnerabilities
- Really Simple CMS 0.3a (pagecontent.php PT) Local File Inclusion Vulnerability
- MUJE CMS 1.0.4.34 Local File Inclusion Vulnerabilities
- PunBB Reputation.php Mod <= 2.0.4 Local File Inclusion Exploit
- linkSpheric 0.74b6 (listID) Remote SQL Injection Vulnerability
- Google SketchUp Pro 7.0 (.skp file) Remote Stack Overflow PoC
- VLC Media Player 0.8.6f smb:// URI Handling Remote BOF Exploit (univ)
- SAP Business One 2005-A License Manager Remote BOF Exploit
- Arab Portal v2.x (forum.php qc) Remote SQL Injection Exploit
- Destiny Media Player 1.61 (.pls) Universal Buffer Overflow Exploit (SEH)
- MAXcms 3.11.20b Multiple Remote File Inclusion Vulnerabilities
- VirtualBox 2.2 - 3.0.2 r49928 Local Host Reboot PoC
- Joomla Component com_jfusion (Itemid) Blind SQL Injection Vuln
- PortalXP - Teacher Edition 1.2 Multiple SQL Injection Vulnerabilities
- aa33code 0.0.1 (LFI/Auth Bypass/DCD) Multiple Remote Vulnerabilites
- Mobilelib Gold v3 (Auth Bypass/SQL) Multiple Remote Vulnerabilities
- AW BannerAd (Auth Bypass) SQL Injection Vulnerability
- BlazeDVD 5.1 Professional (.PLF File) Local Buffer Overflow Exploit (SEH)
- Amaya 11.2 W3C Editor/Browser (defer) Remote BOF Exploit (SEH)
- ProjectButler 1.5.0 (pda_projects.php offset) RFI Vulnerability
- Ajax Short URL Script (Auth Bypass) SQL Injection Vulnerability
- Netpet CMS 1.9 (confirm.php language) Local File Inclusion Vulnerability
- QuickDev 4 (download.php file) File Disclosure Vulnerability
- TT Web Site Manager 0.5 (Auth Bypass) SQL Injection Vulnerability
- SimpleLoginSys 0.5 (Auth Bypass) SQL Injection Vulnerability
- simplePHPWeb 0.2 (files.php) Authentication Bypass Vulnerability
- Miniweb 2.0 Module Publisher (bSQL-XSS) Multiple Vulnerabilities
- Miniweb 2.0 Module Survey Pro (bSQL/XSS) Multiple Vulnerabilities
- x10 Media Adult Script 1.7 Multiple Remote Vulnerabilities
- Questions Answered 1.3 (Auth Bypass) Remote SQL Injection Vuln
- Elvin BTS 1.2.2 (SQL/XSS) Multiple Remote Vulnerabilities
- MediaCoder 0.6.2.4275 (.lst File) Stack Buffer Overflow Exploit
- Multi Website 1.5 (index php action) SQL Injection Vulnerability
- RadASM 2.2.1.5 (.mnu File) Local Format String PoC
- Blaze HDTV Player 6.0 (.PLF File) Local Buffer Overflow Exploit (SEH)
- Arab Portal <= 2.2 (mod.php module) Local File Inclusion Vulnerability
- Blink Blog System (Auth Bypass) SQL Injection Vulnerability
- Discloser 0.0.4-rc2 (index.php more) SQL Injection Vulnerability
- MAXcms 3.11.20b RFI / File Disclosure Vulnerabilities
- Payment Processor Script (shop.htm cid) SQL Injection Vulnerability
- Linux Kernel <= 2.6.31-rc5 sigaltstack 4-Byte Stack Disclosure Exploit
- MOC Designs PHP News 1.1 (Auth Bypass) SQL Injection Vulnerability
- MediaCoder 0.7.1.4486 (.lst) Universal Buffer Overflow Exploit (SEH)
- elgg <= 1.5 (/_css/js.php) Local File Inclusion Vulnerability
- Shopmaker CMS 2.0 (bSQL/ LFI) Multiple Remote Vulnerabilities
- Perl$hop e-commerce Script Trust Boundary Input Parameter Injection
- In-Portal 4.3.1 (index.php env) Local File Inclusion Vulnerability
- jetAudio 7.1.9.4030 plus vx (.m3u) Local Buffer Overflow PoC
- BlazeDVD 5.1/HDTV Player 6.0 (.PLF File) Universal BOF Exploit (SEH)
- RadASM 2.2.1.6 Menu Editor (.mnu) Stack Overflow PoC
- MS Internet Explorer 8.0.7100.0 Simple HTML Remote Crash PoC
- Linux Kernel < 2.6.14.6 procfs Kernel Memory Disclosure Exploit
- Tuniac v.090517c (.M3U File) Local File Crash PoC
- MyBackup 1.4.0 (AFD/RFI) Multiple Remote Vulnerabilities
- jetAudio v 7.1.9.4030 plus vx (.m3u ) Local Stack Overflow (SEH)
- Tenrok 1.1.0 (UDD/RCE) Multiple Remote Vulnerabilities
- UltraPlayer Media Player 2.112 Local Buffer Overflow PoC
- Irokez CMS 0.7.1 Remote SQL Injection Vulnerability
- AccessoriesMe PHP Affiliate Script 1.4 (bSQL-XSS) Multiple Vulns
- OpenNews 1.0 (SQLI/RCE) Multiple Remote Vulnerabilities
- Portel v2008 (decide.php patron) Blind SQL Injection Vulnerability
- FreeBSD 7.2-RELEASE SCTP Local Kernel Denial of Service Exploit
- JetAudio 7.1.9.4030 Universal Stack Overflow Exploit (SEH)
- jetAudio <= 7.5.5 plus vx (M3U/ASX/WAX/WVX) Local Crash PoC
- A2 Media Player Pro 2.51 (.m3u /m3l) Universal Local BOF Exploit (SEH)
- PHP Script Forum Hoster (Topic Delete/XSS) Multiple Vulnerabilities
- Playlistmaker 1.5 (.M3U/M3L File) Local Stack Overflow Exploit (seh)
- TYPO3 CMS 4.0 (showUid) Remote SQL Injection Vulnerability
- Groovy Media Player 1.2.0 (.m3u) Local Buffer Overflow PoC
- ImTOO MPEG Encoder 3.1.53 (.cue/.m3u) Local Buffer Overflow PoC
- LM Starmail 2.0 (SQL Injection/File Inclusion) Multiple Vulnerabilities
- Alwasel 1.5 Multiple Remote SQL Injection Vulnerabilities
- PHotoLa Gallery <= 1.0 (Auth Bypass) SQL Injection Vulnerability
- Steam v.54/894 Local Privilege Escalation Vulnerability
- Banner Exchange Script 1.0 (targetid) Blind SQL Injection Vuln
- Logoshows BBS 2.0 (forumid) Remote SQL Injection Vulnerability
- Typing Pal <= 1.0 (idTableProduit) SQL Injection Vulnerability
- iRehearse (.m3u File) Local Buffer Overflow PoC
- FoxPlayer 1.1.0 (m3u File) Local Buffer Overflow PoC
- Arab Portal 2.2 (Auth Bypass) Blind SQL Injection Exploit
- PHPCityPortal (Auth Bypass) Remote SQL Injection Vulnerability
- Facil Helpdesk (RFI/LFI/XSS) Multiples Remote Vulnerabilities
- IsolSoft Support Center 2.5 (RFI/LFI/XSS) Multiples Vulnerabilities
- Joomla Component com_pms 2.0.4 (Ignore-List) SQL Injection Exploit
- Logoshows BBS 2.0 (Auth Bypass) SQL Injection Vulnerability
- Logoshows BBS 2.0 (DD/ICH) Multiple Remote Vulnerabilities