Phorum versions 5.0.0.alpha through 5.0.20 are susceptible to SQL injection attacks. Exploitation details provided.
2095d33829bf7521cc5c52117c9629192a253f782b8f080588a301d08a0b3f06
Zoomblog is prone to HTML injection attacks which can allow for cross site scripting attacks. Exploitation details provided.
e26d17ca9a481c777c0355a52e49c14660698258ab903b4582b6ed1744eac96c
Gallery version 2.4 remote SQL injection exploit.
91c43abf3578419713bf80ceb1e9314d1f38cf8bc595ce584ab2cbce5f53cc11
Wzdftpd SITE command arbitrary command execution Metasploit plugin exploit for versions 0.5.4 and below.
3e85d32db1a1b151f81bc4597b865d596dd534d0730ffb45e51d9520107e8d72
Exploit for the format string vulnerability found in the friendsd server that comes with GpsDrive. x86 version. Binds a shell to port 5074.
de673cde91a63e038403a137ba948626e811cb07bebe8fe092b400487c6d5169
Exploit for the format string vulnerability found in the friendsd server that comes with GpsDrive. PowerPC version.
768ba4a55ceffa1d68472a0647f755e17c5a821c24580850c632022b10c98bd8
Spymac Web OS 4.0 is susceptible to multiple cross site scripting vulnerabilities. Full exploitation details provided.
244a313132b1eb86d6630a5e3c39dd3c83967f090e772d86ba20a2868b1928af
Proof of concept code showing the simple syntax needed to exploit the cross site scripting vulnerability in phpinfo.php for PHP versions 4.4.0 and below and 5.0.5 and below.
df410a755e0237e3e4f3fb77b4b9b431dc74d3c5756c946f73da426fd1261a7d
By playing with parameter manipulation, you can download other people's uploads in Cerberus Helpdesk.
89dd670a39963a99cbb22bbc52bca82a2dc1bb072c00aaec3284fae378a6d6b4
Superclick is susceptible to cross site scripting attacks in popup.php.
b33025e5cf8f2003785202f15e39c3074938cc2093cb49722715fd41efd48e0e
Remote exploit that makes use of a buffer length checking issue in the Microsoft UMPNPMGR PNP_GetDeviceList (services.exe - ms05-047).
345a0d8ab4a6509f06d6a75f4f2eae744f2bf4df914b5e46c61fd00ce658368c
CuteNews 1.4.1 Arbitrary file inclusion and remote code execution exploit.
b914cc41173788699408b2682073f31a26b0ddf39c5b0e48e606a6b8ae4d6665
PHP HANDICAPPER is susceptible to cross site scripting, SQL injection, and other flaws. Details provided.
2b6f990448729227c0ef62fc5049f14e49cdcabb515a207f26749fe31b402dc7
Whatsup Small Business 2004 is susceptible to a directory traversal attack. Exploitation details provided.
c98f702c5a3e9db935de9b30864367cd84f73883b72753bdf77073dc45b31e2f
Proof of concept exploit for a denial of service flaw in Battle Carry versions .005 and below.
1e666d38c52624ec93a7527705397b601e2503b8728c4a034998faa99fa7a1f7
Proof of concept exploit for FlatFrag versions 0.3 and below which suffer from a null pointer crash and buffer overflow bugs.
ecbae1fe96c75090a5bdbe7c4eb4eef3c6cf2031603d24c5edd8165b8dce16aa
Proof of concept exploit code for Asus Video Security versions 3.5.0.0 and below which suffer from buffer overflow and directory traversal vulnerabilities.
e1656c9207376a311c89ac40c7073ba34422ca2e45a6f870c20906639ce4bcab
NeroNET versions 1.2.0.2 and below suffer from a directory traversal vulnerability. Details provided.
caf6bc98000a0f796df469d019b316414cc7649fc8e6ec50faadbd0864fe16d4
Proof of concept exploit for the buffer overflow vulnerability discovered in Glider collect'n kill version 1.0.0.0.
4e2387f9f96eccfc1d6cfed3966253699994fefaa69e6aac9e26929e2822910e
Proof of concept code for various format string and buffer overflow vulnerabilities discovered in Scorched 3D versions 39.1 and below.
ac5a69343e7732a11d481f3c963e0df1b98001ec0a08e1ce3c466109ad9c7ed1
Client related exploit for a buffer overflow discovered in the handshaking process for GO-Global for Windows versions 3.1.0.3270 and below.
0a93f8ce4862b60ad91ef33c6e78063804ef1699375439f328b4a009574a4de6
Server related exploit for a buffer overflow discovered in the handshaking process for GO-Global for Windows versions 3.1.0.3270 and below.
fb10be242375f9a2a4c03179abf563a311fcef3db9d8e4d6f7e77199562d9682
Simple PHP Blog versions 0.4.5 and below are susceptible to multiple cross site scripting attacks.
d4d034b85b65608e369d70db521ab6f2b868bf1dd511e823e402ce734243ac24
Sambar Server 6.3 BETA 2 is susceptible to cross-site scripting attacks under the proxy configuration section.
5957cba9ec9ed58ee99046652d72a489b94e91e3f654c2ab2747439b3f5a059d
A format string vulnerability exists in Imapproxy versions 1.2.4 and below. Proof of concept exploit included.
a957e64eb23300ef5bd04f9396a66646f9eb4e1d06921f1eaf18205dd93c00f5