There appears to be a vulnerability in how Microsoft Internet Explorer handles (or fails to handle) certain combinations of nested OBJECT tags. This may lead to execution of code.
6880a1239046effd5defd553a873969d4f86cd06011c2e3d852b721791b32847
RIblog suffers from SQL injection. POC included.
b37bde6ffa4540d6a62205acacb7eff62c9b79c4b495ebbfcc2e743f857b37e0
Firefox 1.5.0.2 suffers from a buffer overflow which may lead to execution of arbitrary code. POC included that crashes firefox 1.5.0.2.
3bcdcf8e9858bdd514b50af3e51464c02f75764f9b25174f6b98fdc25bd86214
Scry Gallery v1.1 suffers from XSS.
5927b3444ab2aa0d898c26b0ef9d345e7a28559c508e8b4b9e55d5d95279ff1f
Clansys versions less than or equal to 1.1 suffer from a PHP code insertion vulnerability.
29407a2b2f167f57c593bc3ae310f197012456c4a89fa12c3c9a270d54eb16ba
CoreNews versions less than or equal to 2.0.1 suffer from multiple remote vulnerabilities.
25de6652f5ae9f8c2ad915509e1b3624cbae55bceefc8ddcc5fbad143a0d620b
Three vulnerabilities have been discovered in the Symantec Scan Engine which can lead to unauthorized access of critical data.
030a179c7996e7676ef83aab58100acfa484b11d85f5aa94d340a80dac313bcb
Skulltag 0.96f and prior suffers from a format string vulnerability exploitable when a client passes a wrong version string.
62649cd57e18a1f22dddb4770c1e4efb93a0e15ae7ad93d2c1ab16515169b11c
OpenTTD versions less than or equal to 0.4.7 suffers from several flaws.
a819727493428087200b3598dffc9d4dc2eb93491c611a3414bd30d2a2a7dc83
TotalCalendar 2.30 suffers from a remote file inclusion vulnerability if register_globals = On.
1b720877142bcc02d5c11e21e8d3e6d589dcd24a3d0aac57eaf94436de1b1030
FileLodge Bolt suffers from XSS in showonlineusers.php.
53e0689da7ea262cfba9282b818852e6227d5d5d8e3e6766ba4056dbb29e78be
Fenice - Open Media Streaming Server suffers from a buffer-overflow in parse_url and a crash in RTSP_msg_len.
97fd1021667245b031e7494691930e013c6617a325f7eb3099dd728b0863d800
The recent exploit provided by aliHackers for VWar (VWar ver 1.21 Remote Code Execution Exploit ) has also another affect on the higher unptached versions of vWAR such as v1.5 and also on versions less than 1.2 . Apart from the successful code execution exploit even if the exploit fails still running the following code on the web browser shows the full path of the installed modules even if the remote php shell is not achieved.
d98282e373a41ebc4911fdf1334453f7ce03792cd17661405fcdf8ac04983e8a
NSFOCUS Security Advisory (SA2006-02): IBM AIX mklvcopy Local Privilege Escalation Vulnerability
62545be78e2bdd657ef035511e3d0d122ea36c621b5faa8bea8ca547dd698287
NSFOCUS Security Advisory (SA2006-03): IBM AIX rm_mlcache_file Local Race Condition Vulnerability
b78993d91feb9e19859cc9ecd3706f50c6b1b0f2cba30dad4fbd09d467c5de4c
Quick 'n Easy FTP Server pro/lite suffers from a stack overflow when logging unicode.
5d0f58169dc6c03be6787b48959c3c6fb409f2d8fffc8273a09e5e26e90c04c9
Multiple browsers Windows mailto protocol Office 2003 file attachment exploit: Application protocols handling in Microsoft Windows is badly designed, i.e. when someone types mailto:someone@somewhere.com into a browser the protocol is first looked up under HKEY_CLASSES_ROOT\%protocol%\shell\open\command, if it is a protocol that is allowed under the current user context then the value is simply replaced by the contents in the address bar at %1.
e9d335bf8d915cd060f8c111a59da1d0d42a6dbbbd5cadd09f58e5c92e11646f
Apple Mac OS X Safari 2.0.3 Vulnerability: A vulnerability exists in Safari 2.0.3 (417.9.2) and perhaps in prior versions which causes the operating system to slow down SRCOD (Spinning Rainbow Cursor Of Death), and therefore, it's not possible to launch any applications like Terminal to kill the process. After several minutes Safari crashes.
1b1b00d7a05322c9df74a0bf3744fc5fa2b4665c1d920ba9ac0ca53cb19b8700
A buffer overflow vulnerability exists in the implementation of split() function in NASL. This causes nasl to consume a large amount of CPU and memory resources and stop responding. Execution of arbitrary commands on the vulnerable host may be possible. This affects Nessus 3.0.2, 2.2.7 and prior releases.
68a5c54fa28164efc323ca5826b72c0f02880ab4074690d5a28896ac257ac42b
DCForumLite v3.0 suffers from XSS and SQL injection.
cc138d465fdf4a8e66d3961835ac5dd07e981b0f08d86bf4f50d45f9d68f0e1b
Invision Power Board 2.1.5 and possibly earlier versions suffer from a flaw that could allow for remote code execution.
faceaa034a8ec3401f7b815e0ab17e115e8eea2f2bde4b80846bc9695d108006
NextAge Shopping Cart suffers from XSS.
6ed1ea598389e542615d527b1e1f906d2c62c4f76c2340a4b854259f8e67d2a2
photokorn 1.53 and 1.542 suffer from SQL injection.
b6f9cba84ee82a8e0b0806540daf45e32b4d31b9dfffdfd4a37ef8b014a84e95
PhpWebFtp v2.3 suffers from multiple XSS vulnerabilities.
52c3c9539f9c8c690302211547cb89b2e70d232bf6cb56b17ed896729148ab00
Instant Photo Gallery suffers from XSS.
cd0f466de4a727ce28cf3b5a9a1ff5c30c20f902e1c76b31d810d24cc4bd0ff3