APC SmartSwitch and UPS products use an HTTP/SNMP management card that have backdoor passwords in them. Tested vulnerable: SmartUPS 3000RM with AP9606 AOS v3.2.1 and SmartUPS App v3.2.6, MasterSwitch AP9212 with AP9606 AOS v3.0.3 and MasterSwitch App v2.2.0.
0989efe070b1c7429abb7289c478d608124cb94c6c330d1264d2dceb29eed5c1
Robot FTP server versions 1.0 and 2.0 beta 1 have a buffer overflow vulnerability when taking in a username.
9a44aad3f8e6c0db56451fda95fc12fc8be929e688de14d3ff9a4383aea86d72
AllMyGuests suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
942969a79939e95cfeb0e66489b2a7bb67da8d59077abece9d3530faf4dd8620
AllMyLinks suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
455fe13e78ca8b714120c34b21cfa370f26b8f7c2c0cfce088dba787c7fc699b
AllMyVisitors suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
df8aa30a5295614238725f5082a8277bb929aac6924ee98fb15d32f55b2aeb85
ASP Portal suffers from multiple vulnerabilities that can lead to disclosure of authentication information, disclosure of user information, execution of arbitrary code remotely, modification of user information, and identity spoofing. Cookie hijacking exploit enclosed.
e8e1d8a121e11e0a9246f324ce6326b2f6d53ab92eace97fe8e0cd1214ba9a81
Remote denial of service exploit that causes a windows machine to reboot by manipulating the ASN.1 vulnerabilities mentioned here.
4b1303246713d534c4f2ba06e4601987ac52ec41c2f9c015ca77017cf870ed60
Crob FTP version 2.5.2 is vulnerable to a denial of service attack.
d203607240612684c7152609c705dc92cf03ee5e54cb90b79d49814973d234f4
Local root exploit for the XFree86 font.alias vulnerability discussed in the advisory here. Tested on various versions of RedHat Linux.
ed1c569efa3e325a52a9440160ee982d9cf1d8e3c61594c37edad149d60c1e3a
BosDates lacks sufficient sanitization of user-supplied data. Inadvertantly, it allows a remote attacker to influence SQL query logic to disclose sensitive information that can be used to gain unauthorized access.
99f16a5fc0fa02d0ef6ab68973a1477d5cc41f825bce692666aeaceb13a1ba27
PHPNuke versions 6.x and greater remote php-based exploit that extracts the administrator hash using a SQL injection attack.
791d39105cfc044976d705a568eb8942b33b8ffcca0d90a5ec35d5163bb96b29
The TrackMania game server that listens on TCP port 2350 can be crashed when garbage data is sent resulting in a denial of service.
679bdbc58dd5a64c64906445a5ca1bcb61f1c3b41fd72b74a16e4ead64037f83
A bug exists in the PalmOS httpd that causes a crash with a "Fatal Error". Full exploit included.
5b285308b063e2d59eb136e0072c9ab4a49538d664eb748f4491f7dabcadc37a
Open Journal Blog versions 2.5 and below lack proper user authentication prior to attempting to add a new user to the system.
401cc728745468c6c5fefe43aac710a09eb1b0b3e23eec037542fd5593ae1b60
Local exploit that breaks out of a vserver, even if it is secured with chmod 000 /vservers. Modified version of the chroot-again exploit. Tested with linux 2.4.24 and vserver 1.24. Fixed in release 1.25.
ecb32af70153e79f3accdcb8ad729fc7c190f6447576c9716239b96b27b6bad2
A cross site scripting vulnerability exists in Discuz! Board versions 2.x and 3.x.
37321841d97c7b320b61a7e918a129093b97db3a73d154e774707b7d1f4519c5
Multiple SQL Injection vulnerabilities live in ReviewPost PHP Pro due to insufficient sanitization of user-supplied data.
ebc67630c35361eae82fca9970ac250ef2e0cde6a6c9ca3b39f3c9f8e8441843
There lies a way to inject a javascript url in the history list of Microsoft Internet Explorer causing a cross site/zone scripting attack when the user presses the backbutton. An attacker may use this to read arbitrary cookies/local files and execute programs leading to total system compromise if IE is run as administrator.
e01b9463a639085838e90199fac938b440e307d2558b62b00d81aa347385b6ed
Test exploit for the server of Chaser versions 1.50 and below.
5db8a2952d0d3502c0d77bedd136b57adbcd6b86f01c70c113c3ededd395d65b
Test exploit for the client of Chaser versions 1.50 and below.
94f8a2af34c9faacbd305b4a981f59d043e979b2eac32d0782cae09ca7532000
Web Crossing versions 4.x and 5.x have a denial of service vulnerability. When an HTTP POST request is made to the built-in server, if the 'Content-Length' header supplied with the request is an extremely large or negative number, the server will encounter a set of instructions which lead to an integer-divide-by-zero problem, immediately crashing the server and denying any further service.
a4cb26465dde1aa7db4e37e9bae87f085ad4ccdeb6c14a77fa125516a33bbbd6
PHPscripts suffer from a file include vulnerability.
f7531beaf196d3efafda379976dbdb9162fcf36480cb7dff573a5603c34728e7
phpMyAdmin versions 2.5.5-pl1 and below do not properly sanitize variables resulting in them being susceptible to a directory traversal attack.
81168b522d27c42876217622e1f8214fcf0c77dfd436e34b4b0aedbe9e03a637
X-Cart version 3.4.3 fails to sanitize various input variables leaving itself open to directory traversal and remote command execution attacks.
310f9a8cac8979d8671622dad1d75561c158e182b0a88454b82adc760eb65407
smbmount can cause a denial of service attack on Microsoft Windows. The attack induces a memory shortage on the Windows system by creating directories in a special way.
8ccb97f425f4922eeaaacb2ffe330c9f9fa5c7bdf43159239648210620c8916a