Cerberus FTP server versions 2.32 and below remote denial of service exploit.
f22de0e2d4844c1294de07fe53ef9dc93dad62bddf095223e5f309589eac21f9
HomeFTP r1.0.7 is susceptible to a denial of service condition. Exploit provided.
b8d1a8782b1d5466279e00c6898f2133b9f66204741fdffd0c4a16648a2c1a81
Apache Geronimo version 1.0 suffers from cross site scripting vulnerabilities.
a7abdcc2cf2d5a7466c234929075a4549954e4fd37dc2826b8144ae0ebd188fd
Ultimate Auction versions 3.67 and below suffer from cross site scripting flaws.
9128386042efd1779d1c7c56f599177b0f4f184a4a37715ff86f4358c23d98db
EZDatabase versions below 2.1.2 are susceptible to cross site scripting, directory traversal, and path disclosure flaws.
cc361d96f5afcac49024f0503bb6866e25b0a4c51fe3912ad76626370d097d6e
Microsoft(R) Internet Explorer 5 and 6 suffer from a remote denial of service flaw using IMG and XML elements. Proof of concept code included.
3dca4c4cb9b808ced948bbb4b399c728f0dc2c96e5fc2e9c346f368f6960df83
SimpleBlog version 2.1 suffers from SQL injection and cross site scripting flaws.
d4fb2adb740daa9fffe2e1e48ba721f85ceb9532fe0e801646e944208411a7dc
123flashchat server versions 5.1 and below suffer from directory traversal attacks that allow for arbitrary file creation.
c355585c5c78eafe4950127b4ae6fcaf275381bbd3eae5c5002c6553dbf4ad06
DDSN is susceptible to SQL injection attacks via the login sequence.
1cda4535a5ac0899268f5998818c4af726d0349d27c329a67c4a381e2d19f8cc
DCP Portal is susceptible to cross site scripting.
44f8acaccac126396d9456ee255032d73c4a23b66ee801125e3934ce5e9b8ebd
Visual Studio 2005 and below code execution exploit.
f474e8cd34809a660252ae97ee80d5be531c9b414e3d576accb0feb55e852f8b
AlstraSoft Template Seller Pro is susceptible to cross site scripting attacks.
a0177fb98f44613ad8cfdaf399eccc228055714b2475c946fef6698c10cebe8e
Light Weight Calendar version 1.0 is susceptible to remote php code execution. Exploitation details provided.
4210bba43b5fd9c8143b0d83c05e3b20030ab97ecad964e9fd6b758715dcf1f2
SimpleBlog version 2.1 is susceptible to SQL injection and cross site scripting attacks due to a lack of variable sanitization.
ff3506b3610ffd9f70066e0dfd16bf0eefd11f81fdae4679dc4fb59c83fa407c
HomeFTP versions 1.1 and below remote denial of service exploit.
bfe507a22b3a191feed82a1e2d6e93ea181a1033f05c8b587ee2c18c91fc4df0
ezDatabase versions 2.0 and below are susceptible to remote php file inclusion flaws due to a lack of sanitizing variables.
ac57b93b8fc1d7e7df2e5d472a80f4f20f28d7027c75879ea8e99db34f8ddc2a
Farmers WIFE version 4.4 sp1 ftpd remote exploit that allows for system compromise.
890997b51723f28c17e0b21e78bc7cc7e3e5fb4620c3ebe70555565e6bffafc1
xmame version 0.102 -lang local buffer overflow exploit.
caeb134ee85336174f93db9c40254941cea8034983b2bef940871d7882de9aba
MiniNuke CMS System versions 1.8.2 and below suffer from a flaw where an authenticated user can change any password via membership.asp.
c6423873b6c974af6954684aa5e8d239c47ef8a713d5e4956fc919cf56f47cc6
MiniNuke CMS System versions 1.8.2 and below suffer from a SQL injection attack in news.asp.
3061308ccb8ff80555c1621b1060cbc2a6137f5856046a796d3781f41899d5b3
Using ussp-push from the Toshiba Bluetooth Stack versions 4.00.23(T) and below, an attacker can place a trojaned file anywhere on the filesystem.
032e619b38af3404776cca356075de5f940987e34114e0fcfc11faaae45c8d2f
Wordcircle 2.17 is susceptible to SQL injection and cross site scripting flaws. Exploitation details provided.
cfbaca141f33fbd3f94c5292e59db592091d0f2814113d049ab2029dff58c815
Wordcircle version 2.17 is susceptible to SQL injection attacks that allows for authentication bypass. Exploitation details provided.
03db31b609ab28517fa463c90a4a6207e7660ea232e5adca2d71d60c52e5f467
TankLogger version 2.4 is susceptible to SQL injection attacks. Exploitation details provided.
1d6a67762af5cc3470ae87fa925528892796b1ed012e1ccb5c48482c3ac921da
Helm version 3.2.8 is susceptible to cross site scripting attacks.
98f6d7f5855ce6ab1b9554f2db091a9884c3041a4f6b80c4407d78668a2a8c46