KPhone versions 4.0.1 and below are vulnerable to a denial of service attack when receiving a malformed STUN response packet.
12d4c98fd485fb0fefda4a56371fd88ee6fd8c0ce96b29a81aca47739fbb89b8
Remote root proof of concept exploit for gv versions 3.5.8 and below. Binds a shell to port 65535. Makes use of an old vulnerability that does not have an exploit circulating for it.
11d8cbe05d44de0b0c307ee9081118802cb84f87aeb270e7921d6390d73955dc
Remote exploit that makes use of a SQL injection vulnerability in Phorum version 3.4.7.
9f4cf79038884aae5dcd94f78963562f26d6d2bddc3d43b27874e515c90298cb
Local root exploit for Squirrelmail's chpasswd utility. Original bug found by Matias Neiff.
3c36b2150910beb2509306f98b2cb97e6805d8171120ac5902aad390be155c8d
Gemitel versions 3.5 and below allow for malicious file inclusion in its affich.php script. This vulnerability allows an attacker to forcibly execute arbitrary scripts from remote resources on the server.
483f0f3f00299f5b8710d0ee6366376e76b18b0d54ae99b5df2b8b47f8dac39d
Local exploit that makes use of the flaw in lsass.exe. Binds a shell to port 31337.
5ab651d859d8f895fdbb8b2254456e49cb8e5b76f76710c0e0c66777d172abb3
X-Micro WLAN 11b Broadband Routers versions 1.2.2, 1.2.2.3, 1.2.2.4, 1.6.0.0, and 1.6.0.1 all have a backdoor account of super with a password of super. 1.6.0.1 also has an account 1502 with a password of 1502 hardcoded.
64892dc9a672cf3b949e8d313aac43042cb932445ac5b9c7a5e2041d9398be66
Remote denial of service exploit for IIS SSL vulnerability documented in MS04-011.
f960c76a400cb9cfcd8e6e70117716d00cd34051375ddc7429703a7e73802833
Proof of concept exploit for the WinZip32 MIME Parsing Overflow. Tested against WinZip 8.1 on Windows XP SP1 and Windows 2000 SP1. Instructions for use are included.
8a7e5cb801e4ff9423fec6d0c994638590a6f7103e548f3888181d78cc1db3c2
Proof of concept demonstration exploit for cdp versions 0.4 and below.
71e8dcfd75673f8e3b2dd6868f7308fc0129309e7be74ce7e3020b9fd0c39176
SurgeLDAP 1.0g suffers from a directory traversal vulnerability in the user.cgi script due to a lack of input validation.
34ce5dbb260c3c2dd896e707f072cf00a0a21333f04143d00d8e2175bb2c19f1
ADA Image Server (ImgSvr) 0.4 suffers from a buffer overflow via GET requests, directory traversal vulnerabilities, and a denial of service flaw.
1370cfce6a031c225513a395b16a06250d429c03c51eb6ad76a3faa9db212314
Microsoft Internet Explorer 6.0 allows malicious Javascript to send documents to the printer without notifying the end user.
2c2171de70fe2e714e0da33b8bb2b0a81c2a7c66e84b62519324f0117db82e8d
Monit versions 4.2 and below remote exploit that makes use of a buffer overflow in the handling of basic authentication. Binds a shell to port 31337.
ba0446ecc2f07da2a2e4e121bf6475f2fd33ff6fdc434504fec164c267d88c3d
eMule versions 0.42d and below remote exploit that makes use of the buffer overflow in the DecodeBase16() function. Tested against Windows XP SP1 and Windows 2000 SP4.
3593a07b9342dcd9a1d5535855246fa52ec72837d95266e930d2d5157c286cdb
Tiki CMS/Groupware (aka TikiWiki) versions 1.8.1 and below suffer from path disclosure, cross site scripting, SQL injection, directory traversal, and arbitrary file upload vulnerabilities.
0beea7b6fb302a52336dbb87602b0275464f82d4af7d6975982a5c965546d0c5
X-Micro WLAN 11b Broadband Routers versions 1.2.2 and 1.2.2.3 have a backdoor account of super with a password of super.
2bc9bded9b37b3cbd6030cedf8022c1079fe447269c0aad5e928e1ea9737bdbf
Proof of concept exploit that causes a denial of service condition in RSniff.
27dd90162b626e64cea457d09acb5e09e8e34397206f3274120e96764781b96f
Monit versions 4.1 and below remote denial of service exploit. Tested on Mandrake 9.1.
fd0e0cb327f08cd59490c5fa7b8eb5cdf849d936a4d69a4b1ac7526e864adcdd
Remote exploit that makes use of overflows in versions 0.4.4 and below of LCDproc's daemon.
88025a702af48e6df6a33abdefbf654f1a43d47098fb37126af799e9e62b42d0
NukeCalendar version 1.1.a, the PHP-Nuke Calendar Module, suffers from SQL injection, cross site scripting, and full path disclosure flaws.
9ed68b9089dd4b93ef762cb223c7d26e800b51eb979692145d29e2422ab62f3f
Local root exploit for the Solaris vfs_getvfssw() Loadable Kernel Module Path vulnerability found by Immunity Security.
b55b7e3a00169c3b2dfe431cfa9a812584c8138a714dbbf728f7444853b50ac6
Proof of concept exploit that makes use of a format string bug in IGI 2: Covert Strike. Affected versions are 1.3 and below.
e963bebcef000f6153acb4f8a4cc85894d3778effc37a72da254057fb13164a1
A lack of proper input validation on Abrior's Encore WebForum allows for remote command execution via Display.cgi.
a225a0cf6ccc802588889328e4dbf45be13b2e47c70b9e1bfe9bbbbcbe463037
Under its default, imgSvr version 0.4 allows some security checks to be bypassed allowing an attacker to see the contents of a web directory and see or download the files of a web directory.
b711f350f35077c45e1cc833d486378caef8d18b07e07664db20fa3f484d8e20