Sites designed by Debliteck Ltd suffer from a remote SQL injection vulnerability.
8d93cc34a9e629c8e748ce0f5fde796834584de43543033a6cf32c114bd7b7ec
FreeWebShop versions 2.2.9 R2 and below remote code execution exploit that leverages ajax_save_name.php.
54fc69534b6de9553e10af1d006f73f8e25e1e441624950268bd042a1a4ad066
Attachmate Reflection FTP client suffers from a heap overflow vulnerability. Metasploit module included.
d7519a6bb8e2eb7868f507a448deea4430ef3465d8311c31c0fd75536a64a723
FleaHttpd suffers from a remote denial of service vulnerability.
9badb22c64d9e1ded045b4b9fcd6838c15cccff2dbc9548993ded78aba438330
Webistry CMS version 1.0 suffers from a remote SQL injection vulnerability.
6edb28e4c81024e8d00431096566cd509f7a0a78158653208ffd0a6f9eb22329
Adobe ColdFusion 9 suffers from denial of service and path disclosure vulnerabilities.
c762cc8de72a8791139ab35b5a17100c35a7cd95e037d72f1b167b6f20fde5eb
This is an amusing method of spawning an xterm using a macro in OpenOffice.org when using a Linux box.
e4ad2fa3a4cf1f1de98c219c6348e38c684d69e735f6c6fbde372c495a2f152c
QuiXplorer version 2.3 suffers from a shell upload vulnerability.
5f04afaf1d8c19d764840fd75adbac66b95fe7f0f66c8315d89e84988a0ae1d3
Seraphim Tech Upload version 1.2 suffers from a remote shell upload vulnerability.
b3c3f51e17bad2bbdf4ea65728d0ee2309ff5f1bb206dd2db6ed932902839e8a
This Metasploit module exploits a stack based buffer overflow found in Mini-Stream RM-MP3 Converter version 3.1.2.1. The overflow is triggered when an unsuspecting victim opens the malicious PLS file.
5ba000d57dfee2b89374d1cbe0fecbd7000e2d1a915017055f38009808d25ac1
Optima APIFTP server versions 1.5.2.13 and below suffer from endless loop and NULL pointer vulnerabilities.
3b2741903629c4845132b4ba7b1e2d6652a0a961f5708a28aad6d53aaf6442df
Pixie CMS versions 1.01 through 1.0.4 suffer from a remote blind SQL injection vulnerability.
7b2708fe684ea83fd0cc9bf43f6033e345d66dab52ee886a45d008189cf588b8
WordPress AdRotate plugin versions 3.6.6 and below suffer from a remote SQL injection vulnerability.
3bb42de4a002aa25706c025efa5ad5b0963b00e7cbc442bcd0a325c3b279c41c
Mozilla Firefox version 8.0 null pointer dereference proof of concept exploit.
1c399562f937d2014b93949fdc6edcec1bed3a75ac04c8bded93a486e4204297
Hotaru CMS version 1.4.2 suffers from multiple cross site scripting vulnerabilities, both reflected and persistent.
fa2ef1aad0681d48f3581080ac6a6160c931a45f3967201df13527f13b3c6a67
The WordPress Zingiri plugin versions 2.2.3 and below suffer from a code execution vulnerability in ajax_save_name.php.
0ef65aff1100619321dc29eb5f7be615cb790f5fd230f08b18b2ca6ec35edd76
The Mambo CMS zorder parameter suffers from a remote SQL injection vulnerability.
fdd00ec07f4b5e7cf7b6cb2a7c4cc01d14b406fa218e4f80da10880f25043c50
This Metasploit module exploits a vulnerability found in Aviosoft Digital TV Player Pro version 1.x. An overflow occurs when the process copies the content of a playlist file on to the stack, which may result arbitrary code execution under the context of the user.
40796a9ff8ef6ef45d0fa1a9d3f0de273180cbc7d8cbb49f00ac35473f6640a3
This Metasploit module combines two separate issues within Support Incident Tracker versions 3.65 and below to upload arbitrary data and thus execute a shell. The two issues exist in ftp_upload_file.php. The first vulnerability exposes the upload dir used to store attachments. The second vulnerability allows arbitrary file upload since there is no validation function to prevent from uploading any file type. Authentication is required to exploit both vulnerabilities.
dbc7a2ae369700f4243579f8576c1fb42786b65ea5a9ec60c838072b7d4ea678
Kool Media Converter version 2.6.0 denial of service exploit that creates a malicious .ogg file.
cc75a992f0262dc577852abe71fa9192e933cdc77c65f3a152f64dc98a717b6e
Catalogue 2011 suffers from a remote SQL injection vulnerability.
8a262513115f5409aceeb57f4b44a2acd1211b1c4ad6b1724b0300974daf5851
The Joomla Content component suffers from a remote blind SQL injection vulnerability.
2e512eedd5f4ab4a0a48db04f9dc574fbe2b10500492950c7c3367c1627ff060
4shared.com suffers from a cross site scripting vulnerability.
4a097611bd26647f91cbceaadedc5af210cba48d13181cdd5c048a046e2672a7
Agentportal.westernunion.com suffers from a cross site scripting vulnerability.
de42a1656deb7e30879a65442f0a0ddae03d218e8335e13e747942475a1bebb0
Shockwave.com suffers from a cross site scripting vulnerability.
1c346d7d92e5f11ec467171084c6a946ad3500134aaf59ff28667968bb8e2beb