DBabble 2.5i suffers from cross site scripting issues that can lead to cookie hijacking.
9621a85331b7dc09b3f7e86de4a39a480e82852474c273f85f4ca1868cd200b6
Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS. Upon success, the target will have a user added as the letter e with a password of asd#321.
1aecaf0cce333af298b5df7d6880ca92c9442ee27738f94ed70f45095f52b0a2
Liquidwar 5.4.5 local exploit that has been tested on Slackware Linux 9.0.0 and Gentoo Linux 1.4.
6038ccaf0089d0c6b1b982024c5d6232813a117568c7c20900bb183dcfc26458
Remote root exploit for rpc.mountd that makes use of the xlog off-by-one vulnerability discussed here.
8301fb1c155cefd9ce319e1358f25b7e25d8bf34a49b62722987e5f5a7b76328
Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS. Upon success, the target will have a user added as the letter e with a password of asd#321.
8deeb2c01d158751b1bf4ee8adcd15343d9a1beaeded00158eb8c71a0eb8577a
Texonet Security Advisory 20030902 - SCO OpenServer / Internet Manager (mana) versions 5.0.5 to 5.0.7 are susceptible to escalating a local attacker's privileges due to being tricked into executing the environment variable REMOTE_ADDR when it is set.
5046fb8c6f2157de1eeef06f1ff7086a72da814debcc822a30e046b466d87a8d
Remote exploit for Mysql 3.x versions 3.23.56 and Mysql 4.x versions below 4.0.15. More information available here.
031cb79c22ead773279128cdcad002a6b7cea61a3829c158c874f16857a8ab9e
Remote Pine exploit for versions 4.56 and below. Makes use of a vulnerability discussed here.Binds a shell to port 6682. Written for Slackware 8.0, 8.1, and 9.0 and works for RedHat as well.
e851c723d21209a6b26900e885356e35a071b04eb77c23187facc15b5835af99
Minihttpserver 1.x Host Engine is susceptible to a directory traversal attack and has a login parsing flaw that allows a remote attacker to gain administrative privileges.
c3811137432dca7f6b3480030b9e97885c8de1ef80de534902b0ea664f882952
Easy File Sharing Web Server 1.2 is vulnerable to directory traversal bugs, cross site scripting, HTML injection, and password snatching due to them being left in the clear.
f44612ef4731652eedc76c34971ccef6fbab01c107847e6496e2fa6d924e38f8
Secunia Research Advisory - Two vulnerabilities have been identified in FTGatePro mail server version 1.x that allow malicious users to access sensitive information. One lies in the file ftgatedump.fts allowing an attacker to see the system configuration while another lies in exportmbx.fts that holds all the usernames and passwords for the system.
37e62379ae7d3410654e1b6dbec013a2f429722f7a11bac666000f9c31637ac1
Bandsite portal system version 1.5 lacks authentication validation in its admin.php code when an administrator is added, thus allowing a remote attacker to gain administrative privileges.
5d166e4129b983e42146f8f03a2ab30cec5d84c35a9f1631e971a799a69627ba
4D WebSTAR FTP server suite version 5.3.1 remote exploit that binds a shell to port 6969 as the uid running the server. This exploit makes use of the pre-authentication buffer overflow that exists in the login mechanism of the WebSTAR FTP service.
01bd8e388df9d06a72dc6ebd9d02e2c90f9818694359d81010f1bde7d75c1d8e
myPHPNuke version 1.8.8_7 performs improper variable sanitizing that will inadvertently allow a remote attacker to upload files from another site to the current site.
3a1d3adb28ded0cb43ab4856777f220e3e957aa1f45290d28d02a1d2cd088a90
RealOne Player 9 exploit for Unix/Linux that escalates privileges to the person using the utility by taking advantage of group write permissions on user configuration files.
a67aea9bdace7eee5565929ef499259903de9f4e7f7f1daf7852e5af5e5e6f4f
WebX 1.1 and WebX Lite 1.1 web servers are vulnerable to a directory traversal attack that allows a remote attacker to access any files outside of the web root.
7014784cf66c6d123c7d3916676819429d1d52080f19f20f5455df1029596905
Remote denial of service exploit for MyServer 0.4.3.
6f3302a7429180063c9629e4dcd76ed0569671725b2912b7a5a1de9b985dee4b
Stunnel v3.25 and below exploit which makes use of the file descriptor leak discussed in this Conectiva Security Advisory. Allows local attackers to hijack the stunnel server.
09a9bb3888296e39b2d5be94dc6ce4fb1ec76e2101199eaddf6995a5a5035a8a
Denial of service exploit for Microsoft Windows 98 that floods UDP traffic to random destination ports causing the system to lock up.
d42c427dffab7c2d44d0d3ffe21318255dd5cf99fd207e095dd5ff374fa68ffe
Exploit that makes use of the Microsoft Word WordPerfect document converter which has been found vulnerable to a buffer overflow when a malicious .doc file is opened.
2fa509d670aa52809545e6a62f5886f884f5b653c4ef5c22e96e146011fc403f
Proof of concept remote exploit for Foxweb 2.5 on Microsoft Windows that achieves access of the web server user id and makes use of a buffer overflow found in the PATH_INFO variable in foxweb.dll.
acda3c0fb0938e9fbbd07848f2cc1d6b3651f7d31839f816dca84820331df857
Tellurian TFTPDNT server version 1.8 for Windows NT and Windows 9x suffers from a buffer overflow that allows remote attackers to execute arbitrary code.
934987843a4ddfbb1fb41d02028e9084c43e90a88dbcd8c1079c016552ea4f9d