NSA Group Advisory - FCKeditor version 2.2 allows for arbitrary file creation.
69bf745a0c3c9d5868bc2f1cde167d0a63687d4a89274111f181bd786d8bcfcd
NSA Group Advisory - FCKeditor version 2.0 FC is susceptible to a directory creation and browsing flaw.
653ae1535de881d418e3377cdceec377cb1d45ffffa6063c368b3140da2fd503
Simple perl exploit that makes use of a flaw in VU Site Engine version 2.0 that allows for unauthenticated addition of administrative users.
751a8d15d2ce78414266b46272df811caa502e9ce0cffa142b10fdaf54664d81
HYSA-2006-003 h4cky0u.org Advisory 012 - Oi! Email Marketing version 3.0 is susceptible to SQL injection attacks.
687949ee71b86619f46edf41d2bb5753195131785008c76db7b75768dbbfaaea
Teca Diary PE version 1.0 is susceptible to SQL injection attacks. Exploitation details provided.
8eb6e205d3a2aacdf35639c2acb12f3308e47da9037f9c177e4824bd4fe395f7
All versions of DownloadingBirds software have been found susceptible to a remote file inclusion flaw.
fc848f3c2282cf6a5d322bfaa9d1bf6b5b65a5bb7cd9500996f571622639b05d
NOCC Webmail versions 1.0 and below suffer from arbitrary local file inclusion, PHP injection, remote code execution, and cross site scripting flaws. Exploit included.
5cce9d8b726cfb32b227e81702d729501afb194318a8e97a65c6263f51a55d55
www.rubronegro.net is susceptible to cross site scripting and SQL injection attacks.
af8a3cdb259c8c5ea4af85c6a1dfb576f9e27889fea8feb19f02be285b156d65
Mozilla Thunderbird's WYSIWYG rendering engine insufficiently filters javascript scripts. It is possible to write javascript in the SRC attribute of the IFRAME tag. This leads to execution when the email is edited (for instance when replying to the email), even if javascript is disabled in the preferences. Versions 1.0.7 and below are affected.
b215a779092dd0caca33f471515297a08cca5d1ca016e757d5235e56f8590ec5
Noah's Classifieds versions 1.3 and below are susceptible to path disclosure, SQL injection, cross site scripting, local file inclusion, and remote code execution flaws.
222c5ab8614a5070ec578a3880f833eec8e4283ef7b6e8203c91dc0d803fb051
IPSwitch WhatsUp Professional 2006 is susceptible to a denial of service condition. Details provided.
9119a80ec0c9b33ed189c8cd59ba6129630ab16b6e6653b0067d501c16b92142
Runcms 1.x is susceptible to cross site scripting attacks.
cc0222c4844dfb019b0120e9b8f26813cc93d65224b05ad5bec32e9b1a19088d
Exploit for the Windows Media Player vulnerabilities discussed in MS06-006. Written in Perl.
bb7d11bbd0b5d375eb88156ba7c14a48802c78cd9b354a8fddc33c3472cc07b2
Blockbuster.com is susceptible to cross site scripting attacks.
8929769eff845e40b6bcccc1e9982328c09cfd50bbce1d114a60ad369a40fd64
Login - Guestbox version 0.6 suffers from cross site scripting and administrative bypass flaws.
e7678dce241a98b21a240835ec53db5b588aaa2c1116c60056d1f0f6406a043e
Schooltools Site Builder Educator Edition remote SQL injection exploit.
dbb43d5af0232344d2fc03d06ec23b7fdbc0a99d0904970df94ebd74492234e1
PHPNuke versions 7.8 and below remote SQL injection exploit that makes use of the vulnerability in the Your_Account module.
68d1eaa641dc8926b7ab6f98c8e02a5f6bfa771ebdad7bdc9f4c18eb1eba373a
The Bluetooth stack on Nokia N70 cellular phones is susceptible to a remote denial of service attack.
88e56cf63c296d16b4bfd3dbb4bd7d0257aec42cb75ca655864e91235890c7c1
PHPNuke version 7.8 "Your_Account" SQL injection exploit.
3f9ba5b05254da335d45717f9c5e334d4b011930c7386ab55c1dfac3fd749703
dragonflycms 9.0.6.1 suffers from multiple XSS vulnerabilities.
7093b1b9468e1dc3b7fe7e29287711b4973fe038355ad72337f9dbb59d9ae3cf
Magic Downloads 1.1.3 allows untrusted users to make changes to config.php.
96bf8fe88d2fd2c64aac14658763937cbe1ed2ea302ca3a8bf2b53a5b96a1a44
Reamday Enterprises Magic News Lite version 1.2.3 is vulnerable to remote code execution.
e3744687c220f765c14c79cfa2a6b44fa9259a239ef033802305a5f454950be6
BirthSys 3.1 suffers from SQL injection.
4bbc6fc29c3fea2a0b6c2f4039628116c26844502ccc25f349ee9e4d6fda7afb
Geeklog is vulnerable to a number of different attacks such as SQL Injection, and arbitrary file inclusion. These attacks can be combined to ultimately execute code on the vulnerable web server in a very reliable manner.
f63a332bff24a88aa1358f71bc647bc9ea6ad592d707b5ce433c86f107764593
The MiniNuke CMS system suffers from a SQL injection vulnerability in pages.asp. Detailed exploitation provided.
a744c329570b707c8183a340f1418a18e37680b8875f2041fcf11863eadea937