FlexNet License Server Manager versions 11.9.1 and below suffer from a stack overflow vulnerability in lmgrd. Proof of concept included.
e1685cec49a2c9fdbef7f2df8194086852d758d0cee891a610d91b40c7e329ac
Wonderware Archestra SuiteLink suffers from resource consumption and denial of service vulnerabilities.
c34e1df7a3082d619c7c03aab1d1f9f1341e2d5947161396f2bcfcb5128fa599
Pro-face Pro-Server EX versions 1.30.000 and PCRuntime versions 3.1.00 suffer from memory related and integer overflow vulnerabilities. Proof of concept included.
6eba0c58436511df2a7c1ddd9624d256ee11fcd20a797290f0587ece9614fe70
WordPress WP-FaceThumb Gallery plugin versions 3.1 and higher suffer from a cross site scripting vulnerability.
9beec02367ad1737a52b89f4f90216d274bf0044e74cac21b7b7924057dad896
Netgear WNDRMAC versions 1.0.0.22 and below suffer from a serial number disclosure vulnerability.
664bd8ae2a0cd1c838915a72e05bf722f27b543f881fd63debb15589291aab4c
NetBill Billing System version 1.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
8f6bf5ec394c63f7d50c41b4d6c7a436f70c91cbd1b7a83283315cdb666be9ab
Travelon Express CMS version 6.2.2 suffers from cross site scripting, shell upload, and remote SQL injection vulnerabilities.
f549a1f0e6b7524a1a9ae207fbc978522a07900ebc30a5d12bb88b30343a0ed0
Proman Xpress version 5.0.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
4984ed76784209bd646dce9acd9136744c4c220bc0daebffc20be2e746ec85c6
Viscacha Forum CMS version 0.8.1.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
66814beeb0356914b125267098c6da55e7109417eb5ae798097d07811ebcd24b
Free Reality version 3.1-0.6 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
493f04f3ec7af900fb32e04bb9d6040d9d5478aa3e1ab908625ea0aa19e36bbd
AnvSoft Any Video Converter version 4.3.6 unicode buffer overflow exploit that creates a malicious .reg file.
c532021cc23d12aa672117669ee1f244c0d5045941bccdba57ba511e3b959328
Sockso versions 1.51 and below suffer from a persistent cross site scripting vulnerability.
ce4130dfcdd5f03d5815606f2541cae70de1c7e752e6e762e838a81b94563ec2
GENU CMS version 2012.4 suffers from cross site request forgery and remote SQL injection vulnerabilities.
6bddc2191901810274fa3dc11c1b25d1771893d78a5b2233469550f82f00e35d
Serendipity CMS version 1.6 suffers from a cross site scripting vulnerability.
10b7368991d50674bb817ccf140405847e9ce14c0a0c273269026118e68149f0
GetSimple CMS version 3.1 suffers from multiple cross site scripting vulnerabilities.
907c8b643da2c6b6cde7782c0dc396629ae2402f8972644e23c2e574d7f1ee23
Indexa suffers from a remote SQL injection vulnerability.
dc8c877edeeba28ad84395fbc9eaec87591e83a222a3bfec24a3f4e87705371a
It appears that high performance servers from NEC suffer from a hard-coded administrative account that can manipulate memory.
eb4272908d1ad7c1709578a39de60f3cbe679c413cb078dd31662645958fdcb3
This Metasploit module exploits a vulnerability found in Distinct TFTP server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context of 'SYSTEM'.
f9ed713ff3be483dd14a09fbef83afaa998846ace3aab19c3588c2a752aaa832
This Metasploit module exploits a vulnerability found in WikkaWiki. When the spam logging feature is enabled, it is possible to inject PHP code into the spam log file via the UserAgent header, and then request it to execute our payload. There are at least three different ways to trigger spam protection, this module does so by generating 10 fake URLs in a comment (by default, the max_new_comment_urls parameter is 6). Please note that in order to use the injection, you must manually pick a page first that allows you to add a comment, and then set it as 'PAGE'.
979dd7941c1071466332c8564dba032aa510362e1fb22f874339cf269936c50e
Owncloud versions 3.0.3 and below suffer from a clear text ldap password disclosure vulnerability in owncloud.db.
31549886f764c292ef5d70e3a5a923ec24afda76b24471bdb34b6fc0fa48ebe5
QNX phrelay/phindows/phditto suffer from bpe_decompress stack overflow and Photon Session buffer overflow vulnerabilities. Proof of concept test code included.
a8febe1f7594f7227637fd1ab3e211df28595f24d5860319add7faa94e431a79
Adobe Photoshop version CS5.1 U3D.8BI suffers from a library collada asset elements stack based buffer overflow vulnerability. Proof of concept included.
3b56287d07b0ddbf3d319fb8f5847cc3fb85dc7f6c1df369e6873d52c0c28335
Kerio WinRoute Firewall Embedded Web Server version prior to 6 suffer from a source code disclosure vulnerability.
a9b2d547021c7228d6ca8bc163da0d1d602976d34a4d91607ab1178f64961ef6
eLearning Server version 4G suffers from remote file inclusion and remote SQL injection vulnerabilities.
41e20fa49cc1f8fdca910d1a1867f399a18b00b5955ee10221592384e80d1790
The WordPress Bad Behavior plugin suffers from multiple cross site scripting vulnerabilities.
39a4dfbfed1ff091b2170a63180a37194ebf673217a7d0fc2e945b4a2def914f