Proof of concept exploit for the locally exploitable buffer overflow in Exim version 4.41.
a3703739ac743a76f5e34f4b14e40e5c169129e1431122ee072a0597ad2ba497
Siteman version 1.1.9 is susceptible to cross site scripting attacks.
e80dd8eb12e76829443ea47b0ca233d7382c4328f5d33c7d4206955bd26662b5
MPM Guestbook Pro 1.05 is susceptible to file inclusion and directory traversal attacks.
bd873c882571bb58ef6d64418f8f55cbf92793860c9f7d62816db4ac2fa81055
Remote denial of service proof of concept exploit for the Breed game server that crashes upon accepting an empty UDP packet.
90b331b9e3b1f4f07df307eb710d50ccf1aa56a88ebdb3f89d780cf9049f0898
ITA Forum 1.49 SQL injection exploit with one character bruteforce.
2e1f9c9d8e1c7b34aa1a3cd45aac2108339a478a3d27ff0ed4012a4e18b82d51
Microsoft Internet Explorer 6 is susceptible to a flaw that allows for malicious file download via manipulation of the File Download Information bar functionality.
9819de7846ae70cadf20f378c91cc61117a83847a9ab9ea1767507c8b371ec78
forumKIT 1.0 suffers from a cross site scripting vulnerability.
6838b682b5f32e1beb7f6200c5cdac9786c241115776b6c8d1e6fe8a36c72614
STG Security Advisory: An input validation flaw in ZeroBoard can allow malicious attackers the ability to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user.
0c9e35a9c275bc19120772f641e5b82ca15d9b4c4e3661ccf564440202b8c080
Horde 3.0 contains two XSS attacks that can be exploited through GET requests. Once exploited, these requests could be used to execute any javascript commands in the context of that user, potentially including but not limited to reading and deleting email, and stealing authentication tokens.
74a66b7743cd681267539641ac2b61777f2dca3586fbe4f9c385f6dd94d19edf
Proof of concept exploit for the Windows ANI File Parsing vulnerability along with a complete detailed paper describing the process of creating it.
ffba59f6dfec03389c5e1d961d4a05a3a53fc3cbbf541367bf3885c7b77566d2
SGallery version 1.01 suffers from path disclosure, file inclusion, and SQL injection bugs.
63e83634fdc1f28b76fb5d6c48aae1837f5ddd74bbe1b90923816331b5dbc867
Arkeia versions 4.2.x, 5.2.x, and 5.3.x all have blank default root passwords and various other flaws.
7d5be354b29fc5701ad583c134c26444425e523e05d233ff9ea5ff438ba0f3f2
InternetExploiter 3, .ANI-file Animation header length stack based buffer overflow exploit for Internet Explorer. Uses Cascading Style Sheets to load a malicious animated cursor. Runs a bindshell on port 28876.
2c241ffbbd01971af65ed38f537c9d5cc267d13e058013c5e7fd39635abbc94c
expand_stack SMP race proof of concept exploit that makes use of a locally exploitable flaw in the Linux page fault handler code.
d3d25f66960b33f304bf4382ad16d8f3fcd86d9c63cf0fd47c4257c388fa98d0
Remote buffer overflow exploit for the w3who.dll in Microsoft Windows 2000. Drops to a command shell.
791c811f7b49febb9fa1bb40a85b1ab1d9f1f2712120f52a797cf5c3770e9942
Remote Microsoft Windows WINS exploit created by the Metasploit Framework.
389f409a7d45860686e46e3506c07570873310d3c58abcf4654df37406bd247e
LSS Security Advisory #LSS-2005-01-03 - There is a privilege escalation and arbitrary file read vulnerability in ftpfile, the Squirrelmail Vacation plugin. Version 0.15 is affected. Detailed exploitation provided.
7688f4089c87f00981c0f9d4b007b41913c9605ad778a2cfa060942962b562f8
Remote stack overflow exploit for Veritas Backup Exec. Works for versions 9.1.4691.SP1, 9.1.4691.SP0, and 8.5.3572. Allows for a shell to be bound to port 101 or it spawn a reverse shell as well.
66d099090c243e36b9f7564b05d434f6f4b2b0d4406b819eb60322f646d6b2fc
Local privilege escalation exploit for the improper token validation vulnerability discovered in Microsoft Windows 2000/2003/XP.
ff2667276d645551dbd24afe95ca5f4631323cfd8b7dd7ffb5bbb7cb99e91911
Portcullis Security Advisory - The Emotion MediaPartner Web Server version 5.0 suffers from a classic directory traversal attack.
6be621a00b4ac12f30f5e4697e1024e0eab7f2133fbd8e721232b10ea90de2e7
The Invision Community Blog system is susceptible to a SQL injection attack on the eid variable.
36265105588ccc92584f9456a31f92502a12abd1b33d0faae8566e5fc2d61e61
Woltlab Burning Board Lite version 1.0.0 and 1.0.1e are susceptible to a cross site scripting flaw.
6de24017e17875d943c41277f135a9f35263b691c2126505a2cfda4256449ff4
SPHPBlog 0.3.7c is susceptible to a directory traversal attack. Fixed in release 0.3.7r2.
e36068983fcd00d46f6dcd628206297051c8060e3793ed88228add5b177e6284
Locally exploitable flaws have been found in the Linux binary format loaders' uselib() functions that allow local users to gain root privileges. Linux kernel versions 2.4 up to and including 2.4.29-pre3, 2.6 up to and including 2.6.10 are affected. Exploit included.
dc8912477cabd4620eccb9621b77afc571d533b90b200dfc6fc0b9d16173ee04
Proof of concept denial of service exploit for the Amp II 3D game engine that is susceptible to attack when receiving UDP datagrams of zero bytes.
80d677ae8b10d22ddbe0c994296c32782336b61e029dcafac8acdd83a4c4290d