Proof of concept exploit for the Realplayer 10 .smil file local buffer overflow vulnerability.
22d82300c1485868a19f0dfce289aa8a20aeffe10d4c219085cc85586df5053b
Simple exploit to test for the file inclusion bug in SocialMPN.
7dbc4a0a4028de5f32efed7acd3e9c6d4d6f0b2e87f5348facc4e4f49077bc18
The Includer is susceptible to a remote command execution flaw.
2192f814127c69d8c303b8d200a27e374610e51b36ee276d58d83ba75dc012c6
PHP Form Mail script versions 2.3 and below arbitrary file inclusion proof of concept exploit.
74887d87414b0b882092ef323375919772a64f21ed7760f16cd8de8df7f06a4d
php-fusion is susceptible to a cross site scripting attack. Detailed exploitation explained.
1de35e908ee7e75d08f3ca9f6c4bd4fb8c2929c3adc0e037042e4201a1e21ec4
This exploit takes advantage of a stack overflow vulnerability in the CA License Server network service. Versions 1.61 and below are susceptible.
7d2cf16bb7713ea7d275c701f1c25126c9a157166b80c35eb4d2bbdd5353043e
Forum-Aztek version 4.0 myadmin.php remote database dumping exploit.
e71d21fc1a132c411cf07a2793966649633c03cc90cebb36877ce133423e0b1d
Windows Server 2003 and XP SP2 remote denial of service exploit. Tested under OpenBSD 3.6 at WinXP SP 2.
0e93f099021b10239134c2069b579ace5acbb9a94e5480cc2cbbe1cad668a9b6
phpBB 2.0.12 session handling exploit that allows for administrative compromise.
8142b72c22b6629166d0585d515d339b725b68c6888afca57777e9af981784dd
Form Mail versions 2.3 and below suffer from a remote file inclusion flaw.
283411d050ddb78c150c7c41dc9425f9a5ba79a64596ad9652d9f729380464a3
Download Center Lite (DCL) versions 1.5 and below are susceptible to remote file inclusion.
43f57b913db929992724eae47a2728e399d2130c988a03d52f0a704688c56390
Multiple browsers suffer from a sensitive information disclosure flaw. Proof of concept exploitation included.
4ba7e08f0a610bb4551c5abb6a76d434acea2ba0583996775ff2d8437877fb2c
This module exploits an vulnerability in the CA License Server network service. This is a simple stack overflow and just one of many serious problems with this software.
bf5126926d528fef10504d4baf7762d721fb352b140f76cf11829e96f5c69e14
This module exploits a vulnerability in the CA License Client service. This exploit will only work if your IP address will resolve to the target system. This can be accomplished on a local network by running the nmbd service that comes with Samba. If you are running this exploit from Windows and do not filter udp port 137, this should not be a problem (if the target is on the same network segment). Due to the bugginess of the software, you are only allowed one connection to the agent port before it starts ignoring you. If it was not for this issue, it would be possible to repeatedly exploit this bug.
8f742b1d2f8f4be4c918b2a485a7be87c69a6f8c540baac8a0c7fa32f7b196d6
This module exploits a simple stack overflow in the TrackerCam web server. All current versions of this software are vulnerable to a large number of security issues. This module abuses the directory traversal flaw to gain information about the system and then uses the PHP overflow to execute arbitrary code.
7244a504bd98374b1cbad0f3b42746581b5833f5706b85f1142f3aca4cab0c5f
TYPO3 SQL injection proof of concept exploit.
226a9a103cb644685e94a798222ffe152e90b1f5a8022289a4ce13be5f50ad10
Proof of concept exploit for Carsten's 3D Engine which suffers from a format string vulnerability allowing an attacker to execute remote code.
0b7fa71d3a76cde2ad42ed07070a95ea39226e5a2fb74f4d0e6456fe699135c2
phpBB 2.0.13 fails to properly sanitize some variables in the usercp_register.php script.
0752a9f2af60d8528ee32be5f69a3cf658ac23e6660bd352fd557917bff6672f
FOROS version 3.2 allows for account compromise by changing the username and forumid in a cookie to someone else's.
492008e324e8509317922f46824f23cef8ee3a42bb3cd8c138c42510f5e09cb3
PHP News version 1.2.4 remote file inclusion exploit.
12ee37a4339310474492728fd58eefcfed15208e9eac7767a56dba4658bc1a6e
Exploit for wu-ftpd that makes use of the globbing denial of service flaw.
77b446fb929c57c3b6eb8452ee7f7f4034c86535094cd0eb6f01b548f2c92aea
Awstats remote exploit that allows for remote command execution on the host with privileges of the httpd process. Versions 5.7 through 6.2 are affected.
e0d6aacf97481633bcc02f886a5337792a2211c0e98331682b0c4276982738ae
Trillian Basic 3.0 PNG image processing buffer overflow exploit.
0d9a068f2b0a271b2df57c4326763f0cf3aa4f856d5d81c504e510b3c6b4206c
Computalynx CProxy versions 3.3.x and 3.4.x are susceptible to denial of service and directory traversal attacks. Detailed exploitation provided.
b59285890b0fe1711b6b600c33215928b7523920cb4f2953589670170c16e8ae
Golden FTP server version 1.92 suffers from a buffer overflow when more than 284 characters is entered in the Username field at logon. As EIP can be overwritten, it is possible to execute arbitrary code in systems running this version of the daemon.
fb180903ad4f40525a0bd52a26b62cfbed17d7b32acbc0a71a31803bce43357b