MyBB version 1.6 suffers from a path disclosure vulnerability.
fb61889e93832fed75b7cd0efb437c32d5e0103f8c4933dfeab205d1b680e937
DZCP version 1.5.4 suffers from a local file inclusion vulnerability.
6b96d2bb7ae63af23c43a5f8f2a0228c43841ab939560ff58c6915d3a55a4798
ACC IMoveis version 4.0 suffers from a remote SQL injection vulnerability.
a5a8363e5190c06712687d4aacd8f94a10f0c2f4834c62d7fd7a214f6f579ef3
Firefox Interleaving document.write and appendChild denial of service exploit.
a43b05010abfc8a21721223d7f181abcebccf2f3c2f17bf1541dcc9a4be55167
DATAC RealWin SCADA version 1.06 buffer overflow exploit.
6818f87a91e009b671fe428a53fdce95774746ae0a3c4d078f33d078501fe807
Novaboard version 1.1.4 suffers from a local file inclusion vulnerability.
ad3152110254e0c465425d7ab2b2b398133f8bc85097d5989f37953b09687241
BloofoxCMS version 0.3.5 suffers from information disclosure vulnerabilities.
410e3d2d80986f2be076e0dc21d60c5d985769e1bb60a9e8999032bfd54e7fb3
BlogBird suffers from multiple cross site scripting vulnerabilities.
69687c4161f06f9b0c5cabc45b8632182d0c7ca95f0dd7a229b4717c7999fb1c
Zomplog version 3.9 suffers from cross site request forgery and cross site scripting vulnerabilities.
5c5fd1b8bbc0a9423a14d73f6c6032b11eaf728c85485b9ebe3a7cfc92de5c79
Energine CMS suffers from a remote SQL injection vulnerability.
9d322793eef93151511e9b868a2729d8c8d3635a89209ec5cccff447faab4997
BloofoxCMS version 0.3.5 suffers from a remote SQL injection vulnerability.
4ccf8e1916bc33bcf1ed20adcdfb80f6ce671f9ff51eec7d0cb626fdad438b6b
Zomplog version 3.9 suffers from a cross site scripting vulnerability.
7a3e242631c616ec8042ae0de0cb7a6d2f968366ce85c99f5f7fc36130177206
14H28.com LES PACKS suffers from a remote SQL injection vulnerability.
3a4e357884b1ab1a9157d573039a3810fa8b38f6810124c642ad8ea7db3ae4cd
Bigace version 2.7.3 suffers from a cross site request forgery vulnerability.
0aaeaa40222ddce3eecf56595dfc4f0b7ea7547f48deb7ebfeffb94374c65a28
The Joomla Projects component suffers from local file inclusion and remote SQL injection vulnerabilities.
f53c54d2bc0815983b63bcb8e7f5fc2941dfe90b05adb7dbdd782551d8d4290b
SmartFTP version 4.0.1142.0, Speak Aloud, The GodFather version 0.80, Vip Rumor Player version 3.7 and Wise Registry Cleaner DLL hijacking exploit.
0a8c2d9a9b6b25e76828d4528d063bf6d6e6d75f8d9314b1a6682e9bf35411b7
Microsoft Windows Vista/7 suffers from a DLL hijacking vulnerability in lpksetup.exe.
0b0eb9feb6c3855164b908c8fb3a05f19029df2808703a991ee4ae4932833ec6
Apache 2.2 suffers from a local denial of service issue on Windows.
a2ae731ec092009c52e197c594544de0d92bdc247403bbef73391ab3d382af0e
NitroSecurity ESM version 8.4.0a suffers from a remote code execution vulnerability.
5a5dff0296b475d5d8af442fad48c87fe0e18e612bc44dab86e13d7fc361a66c
This Metasploit module exploits a flaw in the new plugin component of the Sun Java Runtime Environment before v6 Update 22. By specifying specific parameters to the new plugin, an attacker can cause a stack-based buffer overflow and execute arbitrary code. When the new plugin is invoked with a "launchjnlp" parameter, it will copy the contents of the "docbase" parameter to a stack-buffer using the "sprintf" function. A string of 396 bytes is enough to overflow the 256 byte stack buffer and overwrite some local variables as well as the saved return address. NOTE: The string being copied is first passed through the "WideCharToMultiByte". Due to this, only characters which have a valid localized multibyte representation are allowed. Invalid characters will be replaced with question marks ('?'). This vulnerability was originally discovered independently by both Stephen Fewer and Berend Jan Wever (SkyLined). Although exhaustive testing hasn't been done, all versions since version 6 Update 10 are believed to be affected by this vulnerability. This vulnerability was patched as part of the October 2010 Oracle Patch release.
dfbadc6979afc5d422243d430c6c8f9d84ede4aee2963020fcf6c4c80f0ba887
This Metasploit module exploits a weakness in the Adobe Shockwave player's handling of Director movies (.DIR). A memory corruption vulnerability occurs through an undocumented rcsL chunk. This vulnerability was discovered by http://www.abysssec.com.
edbfcc271f52640c5283e776893d943627be757790c777c863e113627287a4e1
This Metasploit module exploits a command injection flaw within Oracle\\'s VM Server Virtual Server Agent (ovs-agent) service. By including shell meta characters within the second parameter to the 'utl_test_url' XML-RPC methodCall, an attacker can execute arbitrary commands. The service typically runs with root privileges. NOTE: Valid credentials are required to trigger this vulnerable. The username appears to be hardcoded as 'oracle', but the password is set by the administrator at installation time.
a344bd54fa4c477119c5044e88885c1a910d29d6cdf06faf3ada865aec5793cd
MinaliC Webserver version 1.0 suffers from a denial of service vulnerability.
3ab3f9b4f8db837e41c853797142e2f7df8a77688a4ae396d0ae8f66b544545a
MinaliC Webserver version 1.0 suffers from a directory traversal vulnerability.
ead72a6bb8f230f533f692b2b034a67c99dc4c2679e9d63e5f3f4ccf08d8e869
HP Data Protector Media Operations version 6.11 HTTP server remote integer overflow denial of service exploit.
4d3d1965bea2dedd57e80ca25e0124e7fe28ea8e1822d292ae5429b5ad45ae92