PHPSurveyor versions less than or equal to 0.995 save.php/surveyid remote command execution exploit.
eef4c09bd1f9895eccd382b0246d6034fd69476f95309bf385a89bf1ef1e3ea9
PCPIN Chat versions less than or equal to 5.0.4 remote command execution exploit.
2a4437a3cec47e9dba8c9698dfcd4764cd33e5c7da3052286368e1ca4e9c024c
Fenice - Open Media Streaming Server remote BOF exploit
db831e0334e07625a17fd472f344abe95b35aa6b688f1aa2dae0eaa4669a3ce9
VWar versions less than or equal to 1.21 remote code execution exploit.
595a5ecb4c341efa104c9eac2223f56b35870bbdb9993e1ed6fa5e452b3436cb
DbbS versions 2.0 and below suffer from many vulnerabilities including XSS, code execution, and SQL injection. POC included.
24fad60bcc123a00d5ea26d8f72a5ff93f6f8bebbbb97504a69ccafcd2e3fd86
Local DOS exploit for Linux kernel 2.6 which uses sys_timer_create() to exhaust system memory.
c36cacecf9ade5d6e253387c925e3e2afd7126df3467e072d9b71af851dd3347
MyEvent v1.2 suffers from a remote code execution vulnerability in Event.php.
6548a9178fabe7b3ea795b487c78a672b84f26b2f3476f869e8059ab2501520e
PHP Album versions less than or equal to 0.3.2.3 remote command execution exploit.
cd96f0af1930df45546f5f541ccaf375c8697f8dafb0fb58d6b80ea881247b30
SimpleBBS v1.1(posts.php) remote command execution exploit.
519694ffe2172eff175adf5451805147e0e86baa066d584b0682a8f2a577a444
VBulletin ImpEx suffers from a remote file inclusion vulnerability. POC included.
b07054bd9ae1cd16abbfe504240781c9f708d9ffb2b3676d95edbe5e8410c498
PAJAX versions less than pajax-0.5.2 suffer from remote code injection and arbitrary file inclusion. POC included.
0a7cdff679ce3cf98d1a3f09f26716a9b0feae110597d211b27b6b74615af08e
PHP121 Instant Messenger versions less than or equal to 1.4 remote commands execution exploit.
4f500420ae021a12f0c97b72682ef7dc378e59151587d6457602e17d599689fe
Sphider versions less than or equal to 1.3 remote file inclusion exploit.
1d87ea3e22a1f16c087df435b92e9cffdcd916d065e20b1073384c7074645933
PHPList versions less than or equal to 2.10.2 remote command execution exploit. Requires register_globals to be on.
ed08f2e6861b32d6f2d0788d7ce4eaeacb13c209f65ee7b01c880b309f350f3a
phpBB remote command execution exploit. Requires administrative access on the forum. Tested on 2.0.12, 2.0.13, 2.0.19.
f009df4e0f190e91ba722fdf1f0317ec936d8de0bc6de12914478646cc8e6945
PhpOpenChat 3.0.x and ADODB versions less than 4.70 SQL injection exploit. Requires a blank mysql root password.
52e060638d3b695d7178ecc602a375536408442e2504a9b0d5ba9ff349dd7426
AzDGVote suffers from a remote file inclusion vulnerability.
5fe9fcb1b1ad616c7aad90e8fa4ad3129b3943b2df8ec62e4d69fdccc91306ff
Ultr@VNC 1.0.1 Client Buffer Overflow exploit. Spawns an instance of calc.exe.
2fcdc0f17a5a95906e55a96c88e2e56425da544a1bfe0f190964c31c98046b57
If register_globals is on, Sire 2.0 Nws suffers from a remote file inclusion vulnerability.
09b9f5fd33c45fc9142d354995077da4827ea5d5a7fe96e90d48da53759c1c2f
Clever Copy versions less than or equal to 3.0 allows one of its configuration files to be read remotely, resulting in critical information disclosure. Exploit included.
a4aca55e0dc9e2ab030231b253111a3938a4d6832dccebaf2a3b1c80515c72cd
Indexu versions less than or equal to 5.0.1 theme_path and base_path remote file inclusion exploit
3af1bf97b475720f85febaba93150319aa42a9977635181d5fc55d779a239e5e
Simplog versions less than or equal to 0.9.2 remote commands execution exploit.
298a8ab09c6b9549821cbb48c6f5e062cf47f26f804fbab508209ac2513bfe23
Horde versions less than or equal to 3.0.9 and 3.1.0 help viewer Metasploit Framework exploit.
db378988e98b9549df7f3cca304d901236f0426ce8cf95aa1ce38e6d59286894
PHPList versions less that or equal to 2.10.2 remote commands execution exploit.
de9c0544a6abcb065ce0e10198841d868f6f2309a2024366263601e574427dfe
Exploit for AngelineCMS 0.8.1 remote php include vulnerability in loadkernel.php.
25089666e022fd3219f595a1386fec8873afddf932fdfb8edb5804353632adc0