Tftpd32 DNS server version 4.00 suffers from a denial of service vulnerability.
ae64a094bcfcc8018eb6bfa205de45c996bbf7910049e67596d1e1c0a5e3c12c
WHMCS appears to suffer from a remote blind SQL injection vulnerability.
ffc1a03fc3a0f290ac1373d8d574a5ef3822f230c1fccb7c08eebe2405c0db9f
This Metasploit module exploits a vulnerability found in QuickShare File Share's FTP service. By supplying "../" in the file path, it is possible to trigger a directory traversal flaw, allowing the attacker to read a file outside the virtual directory. By default, the "Writable" option is enabled during account creation, therefore this makes it possible to create a file at an arbitrary location, which leads to remote code execution.
6ec3545a1080c917dedf3c676152c00eb53f82eef025b7df8d5bd1ad6fb56805
b2ePMS version 1.0 suffers from multiple remote SQL injection vulnerabilities.
d4194d4158912ad5ab4eb71a05c9628be3881c3e06fca865002845aa04f9cbf5
WhyWeb suffers from a remote SQL injection vulnerability.
2a6a2d596da441301dfeece9bc161fa6ce705ade07ab868a2e76a2973ebca61b
Santilga CMS version 1.2.6.3 suffers from cross site request forgery and remote SQL injection vulnerabilities.
8a0563560c5278232bee426b67531c717a2f791ad068e36e4a01e78a1f3d99fa
AzDGDatingMedium version 1.9.3 suffers from cross site request forgery, cross site scripting, php code execution, remote SQL injection, and directory traversal vulnerabilities.
fca95caa0dc8e622b5578c80db1cc25787bae0c338499f4de51aa6149b181c7b
iOS versions 5.1.1 and below Safari Browser JS match(), search() crash proof of concept exploit.
88bf13ee6936fd4a41664c0ccb5fe91fdf90eb621dae78246483afea0a274ca3
PHP List version 2.10.9 suffers from a remote PHP code injection vulnerability.
c0cd3d38f573e33e53f01d69feeb8194bc1884cbe78a7bafd51ad3ccfed51be8
Small CMS suffers from a remote PHP code injection vulnerability.
0e3a9859ea3125d9c006d7cd5165bb3dd6f354ff5d19ecf1a7e15e8aadc18427
Symantec Web Gateway version 5.0.2 remote local file inclusion root exploit.
1f988ae10011c9e9527aa54aee6542a4e4f221f26948b02c388b89c3b9e6db66
This Metasploit module exploits a vulnerability found in WeBid version 1.0.2. By abusing the converter.php file, a malicious user can inject PHP code in the includes/currencies.php script without any authentication, which results in arbitrary code execution.
80a84c00e66900b12e9cef081970706d89671fdd6de08048a29a545f296cfe05
This Metasploit module exploits a vulnerability found in RabidHamster R4's web server. By supplying a malformed HTTP request, it is possible to trigger a stack-based buffer overflow when generating a log, which may result in arbitrary code execution under the context of the user.
9bd2fe133907afe8dae3b0872be07135e15c6152fbb081eaf7b8fefe328ad0a3
ResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included.
b262a9976e97dcbc6e64df36a7f4ee9302668979e3d09d6cc91825b139dcfede
This Metasploit module exploits a vulnerability found in Dorn Content Management Script (CMS), version 1.4. By abusing the add_page.php file, the attacker can upload/add a new file (.php) to the /cms/pages/ directory without any authentication, which results in arbitrary code execution.
d9e8467b701cbfb9bbe903c58d26bef4b2a9541424f51ceb8b51542282f6f250
LogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities.
20e0cd6da8ae12e950d981ee3947ff25853bdc8fedef7053293f570dfee099d1
Pligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.
a7d8c229d604afce14ad7a8fb8d44e7b7cc72c937a69259550169bc098531f63
pragmaMx version 1.12.1 suffers from a cross site scripting vulnerability.
cff5f8ae37aa417115fc3dcd726341dfa6ed0e74700583b162c5da31739d0fdb
DynPage version 1.0 suffers from cross site request forgery and shell upload vulnerabilities.
37621a0070cbaef6aa5d4f64bb886aef4c1af19162680673b6c79897100c5b03
Social Engine version 4.2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
0fa6f5de7bdbe3290ed0ede01f2bace1adff3a4674976586858e62e0e8ba2d18
Wireshark versions 1.4.0 through 1.4.12 and 1.6.0 through 1.6.7 suffer from a DIAMETER dissector denial of service vulnerability.
e6f77a65be835da3e603a103f2c0bcabc8223ab38cfca9aa785e589fc21ac947
Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from multiple dissector related denial of service vulnerabilities.
e3de518339a43d0a5f512990af923fedfb53c8e45b810e538dc48e45374c8f12
Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from a misaligned memory denial of service vulnerability.
6f40723d1c25a14ace173c31accd9416895fc2c1be2de9994389ad008ea69ad4
Jaow versions 2.4.5 and below suffer from a remote blind SQL injection vulnerability.
17bcc9a70dabb36b21745a5acce3fd83ccd2bda58d99ebddf8329eeee0b55a99
bsnes version 0.87 suffers from a denial of service vulnerability.
27d8383734f9c7ed9fc5d3b879938acc56c7b08d1cdc6b9cc4f08bae17606375