Textpattern CMS version 4.3.0 suffers from a cross site request forgery vulnerability.
22472be12c3fa9c6aa3bf6761a96b8c6c087af95ee558e861daa3f576ce793cb
This Metasploit module exploits a stack buffer overflow in Magix Musik Maker 16. When opening a specially crafted arrangement file (.mmm) in the application, an unsafe strcpy() will allow you to overwrite a SEH handler. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7. Egghunter is used, and might require up to several seconds to receive a shell.
270a3316873b5bc88495642eac3f7de2a3221c8b7aa36519b966bed7c9dff806
vBulletin version 4.0.x suffers from a remote SQL injection vulnerability that can be leveraged using a cross site request forgery vulnerability.
f9857c4738bd671fa3a07ef92ee6901ad48b101a0bda8bf8372d643d1114462e
Pligg CMS version 1.1.4 suffers from multiple cross site request forgery vulnerabilities.
8cabab4755f3dfc3cf2c108c7bb0bff9c1319b5ac6edc5c8870afcae353cccd3
Homepages Admin suffers from a remote SQL injection vulnerability that allows for authentication bypass. An attacker can then upload a php shell.
6684b565beb5170192ff35a07632c64d22a4fc4fa000765a30e120773848069c
The Joomla Maplocator component suffers from a remote SQL injection vulnerability.
06a0ca2a7aa9915e32916356e3b9edf4e7814fec6bfb1a30a74fffb8c8c408fc
xtcModified version 1.05 (FCKeditor) arbitrary shell upload exploit.
7392a082a0edb8f2b4b42760293cb1430bf9c388f76faa5272f6541241f87c05
Tugux CMS version 1.2 suffers from cross site scripting, local file inclusion, url redirection, and remote SQL injection vulnerabilities.
b5b2ff3bd99d5a8b947cc3f1d1e8127651974a13726a26182e02c17102388137
chillyCMS version 1.2.x suffers cross site request forgery and remote file disclosure vulnerabilities.
2545b5c82fa3df40c9d39eab5aa04640564087f43ce46f64517b580d5cb6b972
E-Manage MySchool version 7.02 suffers from a remote SQL injection vulnerability.
b5bb6c54604cff4f0a246ebe39b746423cd07008e7d19206c6460c3a6877089d
NucleusCMS version 3.64 suffers from multiple cross site request forgery vulnerabilities.
61346924420842ad8b2946c9ab35618c5c8de86fb39694bfe29dc895fc03c7c0
Mathew Callingham Associates version 3.x.x suffers from administrative bypass and SQL injection vulnerabilities.
3f99b5a8b3d22db59e6b1cf8632f35237f3fc0f2936164d80e3e287d8f1c4d42
vBulletin versions 4.0.x through 4.1.2 suffer from a remote SQL injection vulnerability.
9905c4541f0ab913046a1adbc85e999c3f1167862f2838381864c6756578f1aa
Easy Contact WordPress Plugin version 0.1.2 suffers from cross site scripting and abuse of functionality vulnerabilities.
1544b4216f123c8bbdf99ebbf0b989fcf2771ba92534dd056c8e5a7e620347f6
Ultimate PHP Board version 2.2.7 suffers from broken authentication and session management vulnerabilities.
39bfe5d5ddc6f10395834c1f3405eda7bf64bdf52fa8461fa21eb0f937b9a3b6
PHPCaptcha / Securimage versions 1.0.4 through 2.0.2 suffer from an authentication bypass vulnerability. Proof of concept code included.
241cf163dd08c5ba7d4da72cdecbbb268ce65adffc9dc6337e5656dedb08a513
Limesurvey version 1.85 suffers from multiple cross site scripting vulnerabilities.
1660602664ea3f29659410a7af7c7725ea989a2ca57267161090909b87a49610
A directory traversal vulnerability in Rootage version 1.0.0.4 Alpha can be exploited to read files outside of the web root.
8c669b84bf734d7eb0e8d0a295c05656da437353f2a0e6d5ec5575062b32d9a8
A reflected cross site scripting vulnerability in Room Juice version 0.3.3 can be exploited to execute arbitrary JavaScript.
0e525f6cc62abc9bb10acfd118803dab5bdc6e0a9c42be5f9b9516855679f56e
Aphpkb version 0.95.4 suffers from an arbitrary php code execution vulnerability.
77c1922b309a0b397c6fedf8d3332918d5581d34dafc2bcd2b93e1a9478841de
Trade Line Web suffers from remote SQL injection vulnerabilities.
f0345a423cbf5b52e2d6ff9eb112069136c6716da1c92af4cab7cfba271df971
99ko versions 0.4b and below suffer from a cross site request forgery vulnerability.
5a4c1fa8bf774e31c5ca5c534ebcb343b7d69c99e5ae3491da8bb76f16086b6a
ImmoPHP version 1.1.1 suffers from a cross site request forgery vulnerability.
feb458f9c3a6fa238e1ca030c8daed62efdb3704e2d992ff88feda396769f2dd
SEH overwrite exploit for SpongeBob SquarePants Typing from The Learning Company. The shellcode spawns calc.exe.
6d3e1d40f542676379324177ba769e4fe6240a6c010ede1fe6efc7d11296afd2
Joomla jDownloads component version 1.0 suffers from a shell upload vulnerability.
078e6a97c6378ac798fddc253508829bf70f94a103de3ef02d16e043770f8de0