Real-DRAW PRO version 5.2.4 import file crash exploit.
27f6a9f28a767c7934f513559eb717b27d3864cfb5ab167f652b55fde794f48a
Ajaxmint-Gallery version 1.0 suffers from a cross site request forgery vulnerability.
75aab5ec49b45f29fd9cd17396f521f35a6baa0bb85bb434c5e2a2a7d7f276d2
Acuity CMS version 2.6.x suffers from a directory traversal vulnerability.
ad8b1bf9899ab1799f374a4a67350dc902f4719fa2d2aef608d9b1f719fea44a
AZ Photo Album Script suffers from a cross site scripting vulnerability.
67c1f4e7e765e2ef1004814e8c609e03928e2d5b01480f844ec760aa7baca03a
DVD-Lab Studio version 1.25 DAL file denial of service exploit.
6c92ab45feabb5aded08e3f4832ee741f917bd89f4974e8f8422d5086af11be8
CHICCO SnoopyClub suffers from cross site scripting and remote SQL injection vulnerabilities.
b1ae17f53b8459d223aa7fcc620234e629964c2fce1de0383bdcb7922b42b1aa
Concrete CMS version 5.5 suffers from shell upload and denial of service vulnerabilities.
6ec38ad9d2006135e28b4b0fb7f180db578fa58f67aac5af3c4a62bcf7e28a38
CMS-AhMeBa Professional suffers from a shell upload vulnerability.
8999bb5fdeb5f65185110d656bb316ddba010fe277906e9d7b549586c9fe929e
Double Take Design CMS suffers from a remote SQL injection vulnerability.
0b18f1293e895c91c862b92d6f6949e455b10ef54485aee3bae488ce172e5a20
Nogod suffers from multiple remote SQL injection vulnerabilities.
4b2d46a1773ec0e0e5d87898ec7949e8fcfbf5d7ba3afc39b12cc6d1a7607dcb
Vanilla FirstLastNames plugin version 1.3.2 suffers from a persistent cross site scripting vulnerability.
ce54150b465a972b7900ca0f80815290778044bc42d0424b3285bd9f8a55dd62
Vertrigoserv version 2.27 local privilege escalation exploit.
ba28adebd6177911ad385cd217cc5aab499dbcebb1a6018dd42105c54d466e49
Concrete version 5.5.21 suffers from cross site request forgery, cross site scripting, and various other vulnerabilities.
5ac1d030026e6dafa107fc698cbef0d084004e12ed50f82b12710a096a1680e9
Attractweb CMS suffers from a remote SQL injection vulnerability.
68184e78c65b743747b8dc3cee8dede59132981958e8b1d59503a21064309c3f
Vanilla version 2.0.18.4 with Latest Comment plugin version 1.1 suffers from a cross site scripting vulnerability.
5940dc8345e122271b5360d4b41d2b1135f0e003c2a8a7b10fe00dc55dd8e5a6
Vanilla version 2.0.18.4 with About Me plugin version 1.1.1 suffers from a cross site scripting vulnerability.
8cf3107438d256a581d9c4e325c1decd73c84acf1c277cd12e196eee128ef1d2
Results Unlimited CMS suffers from a remote SQL injection vulnerability.
65631b4d7ecd05aa606eb5b145211e34ee59cb0acb0167b67abda5595bcb38e0
This Metasploit module exploits a stack based buffer overflow in the BEA Weblogic Apache plugin. The connector fails to properly handle specially crafted HTTP POST requests, resulting a buffer overflow due to the insecure usage of sprintf. Currently, this module works over Windows systems without DEP, and has been tested with Windows 2000 / XP. In addition, the Weblogic Apache plugin version is fingerprinted with a POST request containing a specially crafted Transfer-Encoding header.
c5633687f5d4dea297197de9035ee5ddaf873d0ee50394f6fa17d80638863e7f
This Metasploit module abuses the SVG support to execute Java Code in the Squiggle Browser included in the Batik framework 1.7 through a crafted svg file referencing a jar file. In order to gain arbitrary code execution, the browser must meet the following conditions: (1) It must support at least SVG version 1.1 or newer, (2) It must support Java code and (3) The "Enforce secure scripting" check must be disabled. The module has been tested against Windows and Linux platforms.
24c7b9f43ad4bc7ab845971e498435dbb71b35eb0f5542e9973eab4ad82fb513
PHP version 5.4.3 code execution exploit for Win32.
112d363fff422a3298c43a35cb8f1208ab8151662b7d29a70a218c64597855b7
HP VSA remote command execution exploit.
e2634c82bf61b7660279ef87efb9959dc4f17ce4f09dbbb9b22dc962a374b58e
SkinCrafter active-x control version 3.0 suffers from a buffer overflow vulnerability.
30d450dc3599d00c2b250dec0560160d749a900ba9963b7810e0f6b67cf7e422
Cryptographp suffers from local file inclusion and HTTP response splitting vulnerabilities.
df3273a74be6628785ae6c91b0dd3244d0a775aef7296f6386350fbeeabd45af
Division 6 IT suffers from cross site scripting and remote SQL injection vulnerabilities.
beb72df7b1666169389e4e6e3035fd20971cddf0a679f8f6d5b10c1ecb0e553c
Artiphp CMS version 5.5.0 suffers from a database backup disclosure vulnerability.
2d47b6d911592d5ad10e5f9ed6aee5747555241f52f6549700cf57ce4a15e301