makit news/blog poster versions 3 and below suffer from a remote SQL injection vulnerability in news_page.asp.
9d971d37dd0a2964f7b78dd6b427200905345294e381a3aca416fadf91ad83d3
ASP EDGE versions 1.2b and below suffer from a remote SQL injection vulnerability in user.asp.
1e33aa05c09debb585604e20f242e058dee9e37283a03b9b377537c31d839418
ASP NEWS version 3 suffers from a remote SQL injection vulnerability in news_detail.asp.
5380209fc780ce1991271b20465815ce050a987bc39d0d1b6f274e6a381e5fb0
GPS version 1.2 suffers from a remote SQL injection vulnerability in print.asp.
cc591995364d5b916d837484b9841b6e9f180e6df2b57d4cbae3773daeeb406f
Xero Portal version 1.2 local file inclusion exploit.
09941014a410f6135b305eac88986452312c2ec5889f5ff03454e1e137392e9b
IP Phones based on the Centrality Communications/Aredfox PA168 chipset suffer from a weak session management vulnerability. Exploit included.
1821bfb5f8cd756cd89b28517356ba2347b103a4fe336db4aabb7a4ab85a7751
Upload Service version 1.0 suffers from a remote file inclusion flaw.
ba0bfa958df599ce727eaf211393014b2e9944204f9b13abb3650607af4ea8ee
Bitweaver version 1.3.1 is susceptible to cross site scripting attacks.
3c529894f4f1dae48debfb510b1132234ee5cd8c473db9dfd614319f61e4c675
Microsoft Visual C++ 6.0 is prone to a stack based memory corruption vulnerability during the processing of .RC resource files. Exploit included.
8696e5a5416cd2f40b051e194616ca6a631f2a6140fa34b75255ec156816cf72
Check Point Connectra End Point is susceptible to a bypass flaw.
9c4bd92a1c99cc73f4cff85e7926a401ced28074124ee8b438d2858e5df2c682
Fish Cart is susceptible to SQL injection attacks.
2a6bbf15f38a3aa2d131fc77d3ed42070f0ce7357d7ee50f55e87b2ad61f7727
Month of Apple Bugs - A vulnerability exists in the handling of ARGB records (Alpha RGB) within PICT images, that leads to an exploitable memory corruption condition. This is the proof of concept exploit in .pct format that demonstrates this vulnerability.
cae45c1818004c6d0fa86b4df9d9713a53b3af47e14c3b7813983523855384ba
Month of Apple Bugs - InputManager provided by the user. Code within the input manager will run under wheel privileges. In combination with diskutil and a wheel-writable setuid binary, this allows unprivileged users to gain root privileges. This is the proof of concept exploit that demonstrates this vulnerability.
649846dcedfd17c9b293d5b586249ab6641f7f2f4b7077ce8728d64523c3794e
Month of Apple Bugs - The preference panes setuid helper, writeconfig, makes use of a shell script which lacks of PATH sanitization, allowing users to execute arbitrary binaries under root privileges. This is the proof of concept exploit that demonstrates this vulnerability.
bc6a6482959f9f36bea4aefc8de705de29960037c93a88c4c71f6382b1e18c26
Month of Apple Bugs - Apple iChat AIM URI scheme (referred as the 'url handler') handling is affected by a classic format string vulnerability, allowing remote users to cause a denial of service condition or arbitrary code execution. This is the proof of concept exploit that demonstrates this vulnerability.
c72c10a4e48008dc4508828d784627e557382e0c510236900986c74a82eab3f4
Month of Apple Bugs - Transmit does not allocate enough space when dealing with the string passed on via the ftps:// URL handler, leading to an exploitable heap-based buffer overflow condition. This is the proof of concept exploit.
9080e0d951067307f9ad1fe2f1c855dcceaac4dd146e38b6c610d666ed9c242f
Oracle 10g SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL SQL injection exploit.
ff6fb0134cfc47331035b5f15c58c56826677223f77908b27cd35cbb99a246e5
Oracle 10g SYS.KUPW$WORKER.MAIN PL SQL injection exploit.
8beaa06d01b567da971ba185e7339af52a5064fb0a7948237f40db6c321bfd9a
Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL SQL injection exploit.
ed9f5b91026cb15dc943ab62c9204654d1437846a3973ebd51b5c69cb614ffde
Vote-Pro version 4.0 remote code execution exploit that makes use of poll_frame.php.
00009b7e4146bd3200b4090538fa6e83c6a88916b5ac2a8a616d4ecc63a8ee0c
BBClone version 0.31 suffers from a remote file inclusion vulnerability in selectlang.php.
e7adc8dfccb70309e1f6bfc9f2a2afead0b714d3314269447ae6dba45d0442b6
phpXD versions 0.3 and below remote file inclusion exploit.
a458745ac671c26d9c651cb1bd37fcbf6d430224b0bdad3671c24d4cac1d8cff
Sami HTTP Server version 2.0.1 remote denial of service exploit.
2326d69f70737e6f9c98f0454fa72eeb1651ffc0778b1363535a83c316ced6b0
Sun Microsystems Java GIF file parsing memory corruption vulnerability proof of concept exploit.
bef001eada19b002d8d220d83f479254605f9fc79694a55346531c4c2aa13a42
FreeForum version 0.9.0 suffers from a remote file inclusion vulnerability in index.php.
e4902e71f33f297d1b5dc3c869fcc1b26c9122c8001e6591f0ddbbbbd713ee7c