Music Box version 2.3 is susceptible to SQL injection and cross site scripting flaws.
1634d8569b5744a5debb98c3739b1e71f042c07ea759bb7cbad9237a99eace75
VihorDesign is susceptible to remote command execution and cross site scripting flaws.
643c5a1f48780fec01cf1de15a34b4abb3833e9fef6b8373f9ac7cd587acd05d
HeffnerCMS version 1.07 is susceptible to cross site scripting attacks.
0655f6ff95ad9856cecb7d5d77d2a28a107ff626a8685366f77245cea8e187d6
Versions 1.74 and below of the ImpEx module for vBulletin are susceptible to a remote command execution vulnerability. Exploit included.
e8de5ea8f27ed49f2c6e941c20225a510732579c87ef61e54001c29a5e814ce2
Bomberclone versions less than 0.11.6.2 remote exploit.
de7ebf09bae8d3533c40c6d55892e6d9cc4b1781559d10601d5383d129026681
It is possible to DOS the IIS Worker Process (w3wp) due to improper reference of STA COM components in ASP.NET. POC Exploit included.
08835ab51fb255d6fe3eb1745d1e532f650748175084efc2259cda056de558dc
ASPPortal versions less than 3.1.1 Multiple Remote SQL Injection exploit.
70d81b25b7f53ba1155e66fe5919e491a9aa6a6d6dcd3aae4f8746a9eeddd3cd
Mercur IMAPD 5.0 SP3 Remote Exploit
dd30eb87449435a179e9bb86708d4bcd13589508b49294f43757046154a8e7b8
Local privilege escalation in X.Org server 1.0.0 and later and X11R6.9.0 and X11R7.0 exploit.
81d5540a611e74f98271be7be6e7aa9d94af55ec197cd0cc41de55e8effc075b
A vulnerability in HT 9.1 allows attackers to supply a malicious file that will cause a buffer overflow to occur when it copies [file name] to [fullfilename] and print it on *htapp::window_create_file_bin using *printf()*. Local exploit.
8891b52c870f8802bc053fec0d2a286c8c027a8964df1839696982bde03f0df4
Milkeyway Captive Portal versions 0.1 and 0.1.1 are vulnerable to many SQL injection and XSS vulnerabilities. Detailed POC included.
ac204592ba8d46b51a0cd05581ac6ff707420ab9e164e86a54872fef2b8f131e
KnowledgebasePublisher 1.2 Remote Code Execution Exploit.
49bc0b4aa43f1399e0466008ace7a5af7b9849e696b8f319e542f70e0476febe
DMA[2006-0313a] - Apple OSX Mail.app RFC1740 Real Name Buffer Overflow exploit.
13f2fb6a69d07991ff1a09e325d85755140c6c20f25a04064067a182186dfc6b
Vegas Forum version 1.0 suffers from SQL injection.
45ac70a8bdd5e72938e369b5dafe84ada75903492a47c4c323d049dce6ac57b5
GNU PeerCast versions less than or equal to v0.1216 Remote Exploit.
52782b7c57a34d83e13abde55ce91f90e5499e6f8617ad2fe720595a4239b49e
vCard 2.x suffers from multiple cross site scripting vulnerabilities.
6ab9658c010a399b015e34b6359dc7b19a727dd6f6203b3b18974134f7430397
SGI IRIX 6.5 local root exploit that makes use of /usr/sysadm/bin/lezririx.
9e782c3248720f5c96b198b4d71e6be19f6122f33549f5c9a73407a910e5dbf2
Jupiter CMS versions 1.1.5 and below suffer from multiple cross site scripting attack vectors. Details provided.
1f79e4a03638be31b3768bc68f04efa0e0ddce94f173c1dc73c554c773f95dce
CoreNews version 2.0.1 suffers from a remote command execution flaw.
10ad1be71cd7ff9470f7f0ac1905e7121fba0bcd144c26823a0d6ba073eaa5c7
Jiros Banner Experience Pro version 1.0 is susceptible to a remote privilege escalation flaw.
427706de5f7f0c0230d5930dad02b4cf54bc198ca11423e6899d43acbdf1bbc1
FreeForum version 1.2 is susceptible to PHP code execution and cross site scripting flaws.
b4a88688c8368c2f89f2856c431b289c2361744d9ab961d2b1ba8efd04417424
There is a high risk vulnerability in Guppy versions 4.5.11 and below that will allow remote attackers to destroy database files. Details provided.
a56334d59160722210ec923946ac49e919e81d4c1acbc090031cf3742db3b438
PHP Upload Center allows anyone to download users password hashes and upload malicious php scripts.
c9121b0e7c141f324a8113f226faa8d61c1346fe0babb7462765aa95ebe4f7a3
n8cms versions 1.1 and 1.2 suffer from XSS and SQL injection.
cbeb9a84efe8ff88818b084a4abdeb582aa02dddaa34adca0fd3a9fd8e4b75f6
It is possible to download the users password hashed in PHP Advanced Transfer Manager 1.x via a special URL.
94dd1adf4a7926508e3f52f536f7a190f575b355f715a85e793baf17aa2aa609