IRIS Citations management tool suffers from a remote command execution vulnerability.
e789e15c69c2329a965883f322fff813ff1f36966e788f2e72e60793bc951b08
Linksys E1500 and E2500 suffer from cross site request forgery, cross site scripting, remote command injection, and directory traversal vulnerabilities.
8f4ca31ed3ff1f131edf930a3e632c1433e475e164124e9a7516f54e7b1af180
Linksys WRT160N suffers from cross site scripting, cross site request forgery, and remote command injection vulnerabilities.
39b1aacd1083769cd903e8b6c46c0bcef01ce5e97ca668800168ca3378fa2176
D-Link DIR-615 rev H suffers from cross site request forgery, information disclosure, and remote command injection vulnerabilities.
41b970b21adea1850727bf853c7a64b9e73638cbc268a00e301d4a225d17b956
Linksys WAG200G suffers from cross site scripting and remote command injection vulnerabilities.
2b6dddc567f756cb697c510a2e5bf2220a9fb207d776b1a3492dc2707810ea56
This Metasploit module will create a boot persistent reverse Meterpreter session by installing on the target host the payload as a script that will be executed at user logon or system startup depending on privilege and selected startup method.
a70c92598f1b41407de595305edcc17da7cf3dfe1de0793892f2d4271ae6f663
Schneider Electric Accutech Manager heap overflow proof of concept exploit.
49fa635763252eb16e9ccbb0e26e8f22a39b5d34dff91c81384d96f3f04280ca
FreeFloat FTP version 1.0 raw command buffer overflow exploit.
4f7362ee6be1e79970cb01ac60656901c0993df1ed4c92ead3f4b9a9440a878b
The TP-LINK administrative panel in WR2543ND with firmware version 3.13.6 build 110923 release 53137n suffers from a cross site request forgery.
a4ebb5a456113d1552369e105ce64cd004f64b5c019766c4fd17357cc443baea
This exploit demonstrates the remote root vulnerability discovered by Michael Messner in D-Link DIR-300 and DIR-600 devices.
838e77a770f310592d0086570fd3486761116a8c97ae1aa49719f77441d5b192
Cool PDF Reader version 3.0.2.256 buffer overflow exploit.
6da7c58daf97d72e5909ad30ae708e07b6f2050611b64f2bee8d97d06baa8e86
A remotely exploitable buffer overflow vulnerability was discovered in the libcurl POP3 and SMTP protocol handlers. Proper exploitation can allow for arbitrary code execution.
8301b167f691755d2779432656ccab76e908343bbdfa0eb41f5123856c8be321
Air Disk Wireless version 1.9 for iPad and iPhone suffers from local file inclusion and command injection vulnerabilities.
6f2789cd45882d7450ce7572d4406c8d84c4b10091095db5ba30b7f40fd8ded1
PayPal suffered from a cross site scripting vulnerability.
e19a65a1052304005af595306660d4a925618d0cfa3ed99124632ab0c6814601
The Netgear N150 Wireless ADSL2+ Modem Router DGN1000 suffers from cross site scripting, OS command injection, and insecure cryptographic storage vulnerabilities. Firmware versions 1.1.00.24 and 1.1.00.45 are affected.
dcec7c5cda6f10f1bbcd85f15e43d09cfdc1cbee7d31d660686584eb925c0e5c
MS13-005 proof of concept exploit to drive a medium IL cmd.exe via a low IL process and message broadcasted.
50404753c972884d4bcaef2608e159561551d0c67fc240493d896a9db7df8d75
WordPress Audio Player versions prior to 2.0.4.6 suffer from a cross site scripting vulnerability in player.swf.
2d9bd848a0d278160ec2ebe2b901736dd2667a68289c93d31309b38279ed0bac
Easy Live Shop System suffers from a remote SQL injection vulnerability.
14c565f2b3a0a2248f1e2058efecb954d7169abfe319c9898b9ffe7fe2436e55
SiteGo suffers from cross site scripting and local file inclusion vulnerabilities.
c99e07b9068b26af1eac0acf23ab7ecb21e147155ffa12778fcd6ca5436149a1
This Metasploit module exploits a vulnerability in ActFax Server 5.01 RAW server. The RAW Server can be used to transfer fax messages to the fax server without any underlying protocols. To note significant fields in the fax being transfered, like fax number and recipient, you can use ActFax data fields. @F506,@F605, and @F000 are all data fields that are vulnerable. This has been fixed in a beta version which will not be pushed to release until May 2013.
4a69b08e3f25832796905f1a619e884a1be0ddff4a7741e5aa998ad429b5daae
Google Chrome version 24.0.1312.57 fails to properly recognize HTTP Basic Authentication when injected in various HTML tags. As a result of this behavior Chrome will not alert the user when HTTP Basic Authentication is taking place or when credentials are rejected.
e316ddd6ab2e95da7b3c2e08ac9ea8e27e40250049abf354194730d177c70c74
This Metasploit module exploits a format string vulnerability in VMWare OVF Tools 2.1 for Windows. The vulnerability occurs when printing error messages while parsing a a malformed OVF file. The module has been tested successfully with VMWare OVF Tools 2.1 on Windows XP SP3.
947c3e740f21931c7ef1cd3e576fdca5e6de25b2e58c1c570786397ac62955dd
This Metasploit module exploits a format string vulnerability in VMWare OVF Tools 2.1 for Windows. The vulnerability occurs when printing error messages while parsing a a malformed OVF file. The module has been tested successfully with VMWare OVF Tools 2.1 on Windows XP SP3.
9db02738e3d911d404dec888f15753cc6ace8f4996b9bf8064037d16d77e53a5
The Microsoft Skype GiftCards application suffers from multiple cross site scripting vulnerabilities.
cf8abc721feaf16edbdec7700d540b0a83197f500581fd8cc33afc04c7238248
WirelessFiles version 1.1 suffers from local file inclusion and remote file access vulnerabilities.
3850602449bad921852b410c589969cec88b5db971be283eacaa3ba68c2677a6