Apache Rave returns the full user object, including the salted and hashed password, via the User RPC API. This endpoint is only available to authenticated users, but will return all User objects in the database given the correct query. Versions 0.11 through 0.20 are affected.
0fc0f4d0dcf747beda3059f5ac91c70414ea7169915d9f52f748260badb8a8b5
Web Cookbook suffers from multiple remote SQL injection vulnerabilities.
74eb1ad64b0bce3e3791e0693f15a1c7c3d96dee667109bbba5c77d600b03146
Yandex xdLab TagScanner version 5.1 suffers from a stack buffer overflow vulnerability.
e693f08c846eafa2d28e63c5d1b289cee7c19b70f6f1ed43ea8bdba4743dc36a
The PayPal Portable Store Front widget suffered from a cross site scripting vulnerability.
7300da6ef827e8502849d57a847fcb00022ac5b9910f43357bb2e9aaeeb37ec2
Cam2pc version 4.6.2 Freeware suffers from a BMP image processing integer overflow vulnerability.
b1cf810934a520037613b1ade4af79ae169021363455268874990d40afa27bb8
This Metasploit modules exploits a vulnerability found in the Honeywell HSC Remote Deployer ActiveX. This control can be abused by using the LaunchInstaller() function to execute an arbitrary HTA from a remote location. This Metasploit module has been tested successfully with the HSC Remote Deployer ActiveX installed with HoneyWell EBI R410.1.
1f3cef2a50e87d41ca54ec3ec66187a9eab588ff63fb1178c75bc47d21f21a3c
Local root exploit for Ubuntu 12.10 64bit that leverages the sock_diag_handlers[] vulnerability in Linux kernels before 3.7.10.
8cb1664fe3e4114405f60c70992efc4583eb8c783e92650a7895c3f8aa6712b5
Privoxy version 3.0.20-1 suffers from an authentication credential exposure vulnerability.
64df167b1234ce7ef9560ad0dec948e6b6b51a7112712080b8c1c40e0cebdb89
TinyMCE version 3.5.8 suffers from a cross site scripting vulnerability.
f8c9ff61aa722eff9d8b70db05c7eb7538744c819d92adc412486e43a0c64c31
Asteriskguru Queue Statistics suffers from a cross site scripting vulnerability.
ca70d68877f3107fe540b91c1de6b16259fb738161d4b40961cb1d369d0785c9
KindEditor version 4.1.5 suffers from a remote shell upload vulnerability.
d88c733d219132a2b1ee32a692f47acc95782683a3c055cf97d79c82150148cb
PHPBoost version 4.0 suffers from shell upload and information disclosure vulnerabilities.
57a0ed69df2dfe6a08556e979aa44517e786e8aafe00b57724d89f4f48485e75
LCG Disk Pool Manager (DPM) suffers from multiple remote SQL injection vulnerabilities.
c09db0699a877aaa44c50f0e0b466403ccf2000c38640bf54a52c32b5d1f0385
WordPress Terillion Reviews plugin suffers from a persistent cross site scripting vulnerability.
62684a3baca42139d0e32dcec4e3d4b607181140aeffe213e63ac42b45039168
This file contains multiple cross site request forgery proof of concepts for old issues associated with the D-Link DAP 1150.
1ce4b9cbe4f534fbae4789b1f32592413776835b37addb31f2b0d689d734ecd4
McAfee Vulnerability Manager version 7.5 suffers from a cross site scripting vulnerability due to improperly sanitizing user-supplied Cookie values.
566957c0cfaab8f9b783af3bdf8496ff6eb513ff719e2c486f97028c19b84632
This Metasploit module exploits a directory traversal vulnerability that allows arbitrary file creation, which can be used to execute a mof file in order to gain remote execution within the SCADA system.
cb4ca7e2b6ed001985ac60257eb7224986eb62545c9d0e35bf5632761adc890b
This Metasploit module exploits a vulnerability in Firebird SQL Server. A specially crafted packet can be sent which will overwrite a pointer allowing the attacker to control where data is read from. Shortly, following the controlled read, the pointer is called resulting in code execution. The vulnerability exists with a group number extracted from the CNCT information, which is sent by the client, and whose size is not properly checked. This Metasploit module uses an existing call to memcpy, just prior to the vulnerable code, which allows a small amount of data to be written to the stack. A two-phases stackpivot allows to execute the ROP chain which ultimately is used to execute VirtualAlloc and bypass DEP.
7de29ccbc4fc0af57c3834340b87fbe2ce27419e8888190bc1a4620767590552
This is a demonstration cross site request forgery exploit for Question2Answer that also takes advantage of an insufficient anti-automation issue.
e8a626660486f464fd58c9ab8052bbb89a6150a1f60768dade0cfcad6e8669e4
ALLMediaServer version 0.94 SEH overflow exploit that spawns calc.exe.
581d11bf437584999c610e53bfc9f899cf4e9ab8f2b4079740da0b9dff03d908
Google Fusion Tables suffers from a cross site scripting vulnerability.
c519dac8f756067d0fa8add23bde2f82d6721b4e72018779151d20aa116ec072
Corel Quattro Pro version X6 Standard Edition suffers from a NULL pointer dereference vulnerability.
2175709f7a6a472e1af99f68d9a7e4070f1f9f784793aab30da9105ac0d83ee5
Corel WordPerfect version X6 Standard Edition suffers from an untrusted pointer dereference vulnerability.
8832b3303002c58c42ba8a6647668b520210078b09fd600c76f27e5f6abdb855
MLS Property Finder suffers from an improper access control vulnerability. Note that this finding houses site-specific data.
bfe705a9600eec5c7967a56b122c9365f0981b9776ce2992d7d4575f6eaaa5bd
Your Own Classifieds suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
e786093e3303c069a9fedd85ac436abf93cbe3ccc5bf77ce4365711adb19c1e0