This Metasploit module exploits a vulnerability in the history component of TWiki. By passing a 'rev' parameter containing shell metacharacters to the TWikiUsers script, an attacker can execute arbitrary OS commands.
6015a5f92d65c08ab6a53af23d26272da84f1c51e6957e6ce58905ecb62617c4
Easy FTP Server version 1.7.0.2 remote buffer overflow exploit.
606a0e53d73e41e3179f9b19a3df894919b9fa12dec32e997546c5dfe0b8102c
This Metasploit module exploits a vulnerability in the picEditor.php script of Coppermine Photo Gallery. When configured to use the ImageMagick library, the 'quality', 'angle', and 'clipval' parameters are not properly escaped before being passed. NOTE: Use of the ImageMagick library is a non-default option. However, a user can specify its use at installation time.
c125091ac8421181cd0302afb6f49897b22d6f924ad3dc28cf4a23ab0afcfdee
vBseo version 3.1.0 suffers from a local file inclusion vulnerability.
03b163a08af5ba4845ba51e805f3345ae191975a5a507a0487799be3ea22a883
VideoSearchScript Pro version 3.5 suffers from a cross site scripting vulnerability.
2762ff239c36924a13d281ad9aa8ede8773e40645cd1289428906e9908010c25
vBulletin version 4.0.2 suffers from a cross site scripting vulnerability.
25e2efeff135c8b89fed46a69e35543acb5d3af91e80a983b640cc8b46239903
Coupons suffers from a direct access administrative bypass vulnerability.
417f88d2280d1c0147e0130dd92582aa2f2521bc358f34fa36a9a3bef780b899
Symev CMS suffers from a remote SQL injection vulnerability.
f4a51b02ab1a40e140d6e0ed98df1865a9862f416a448534c19e28e9a82b0d7f
phpBugTracker version 1.0.1 suffers from a file disclosure vulnerability.
eae26f12ff303094302534796ec86d43b4393a7f9883f6096d2e308d60f6fe7e
FlatFile System suffers from a remote password disclosure vulnerability.
bc87352c872b397c0cea7e0fa6e8d42b04a71560c3d84ed2164976568d551dfd
TimeClock cross site request forgery add administrator exploit.
932c15b3c8ccd8c98777f4ec4b00c83849bcb01e88189a228e34ba90ff55b39f
phpAutoVideo suffers from a cross site request forgery vulnerability.
693d03421eb960be87cb1d96dfbc8fc57143ab006242ea13aa30a08cf3942aad
The Joomla Recipe component suffers from remote SQL injection vulnerabilities.
c79e24d6537850a4053d04e4085939131483dfa2b615ebb22381d96c8b975d34
Litespeed Web Server version 4.0.12 suffers from cross site request forgery and cross site scripting vulnerabilities.
42695247a12bced074b1083518bea75e3a254928c1308f86d09f29d44fee0514
WSC CMS suffers from a remote SQL injection vulnerability that allows for authentication bypass.
bcc1de040fbcae7a0ff58e503fe48378a0a6504e451bd7a60e8fe94f9fab1657
Amelia CMS suffers from a remote SQL injection vulnerability.
b271ac60d9c12ce1f944d05869040ac13cb7bb955f49e28eaaa57b0fa9e41673
Easy FTP Server version 1.7.0.2 HTTP remote buffer overflow exploit.
5c98e2b155f2d8592a555a6bbc6cd89ee7da62b37271325ca52740165008a832
Kusaba X versions 0.9 and below suffer from cross site request forgery and cross site scripting vulnerabilities.
0efffad24e809213a0331fc3b194aaf3bf0e78a066842acb193fa4966352556b
Trixbox version 2.2.4 suffers from a remote SQL injection vulnerability in PhonecDirectory.php.
46847e1e6a7c27210dca9ffa2b65a0793d47e09909319c0142363c2dc6a06cb1
PHP-Kit version 1.6.1 suffers from a remote SQL injection vulnerability in member.php.
04144ce3bc149adf23bb00f62d88e1218d88bba64637ce4205fe7912fa16b7f0
The Joomla Community Polls component suffers from a local file inclusion vulnerability.
3f0ff7fc4920e3d8f290a994dda63aaf12e15a63d80caf788ebc09983f7337f8
SphereCMS version 1.1 Alpha suffers from a remote blind SQL injection vulnerability.
9431cbe88f2428736d7c267ae83535ba81f25462355a52476e9c29052d518294
Open Source Classifieds version 1.1.0 Alpha suffers from cross site scripting and remote SQL injection vulnerabilities.
edb76ff2234a4a2dab661efc1a6f76fe7dee35d13cd0e0c436bc4ca9420b547c
FileApp version 1.7 for iPhone / iPod remote denial of service exploit.
4109c0d6bb570b74ebd596122ca5ea499cee774772a9d79c4476e2f770a5d8e7
CubeCart suffers from a remote SQL injection vulnerability.
db7a78ff121d3a197e0fb63d11d567199b738d089c65aa279fcc15b69e1abaa8