FlatNuke versions 3.1.x and below suffer from a cross site scripting vulnerability.
5a24e71816224fb41d555208fcaab69216971ec2ba44033ca2958711ffde12ca
Safari version 8.0 on OS X 10.10 crash proof of concept exploit.
437eafb52bef71c294744b306d459d357ec21d1f6d232fc3c079998fd5a24784
D-Link DCS-2103 suffers from path disclosure and directory traversal vulnerabilities.
8a1b364b3a3e47f5f519c83bb9ae78b5440d137f047bc090cd3015b9cf12f0b3
Planet Source code suffers from URL redirection, cross site scripting, remote file upload, and remote SQL injection vulnerabilities.
08ccbd2d051bcbffef50f9d6c06e60df15faee3476135babf9dd60a3950d3d1c
Proticaret E-Commerce Script version 3.0 suffers from a remote SQL injection vulnerability.
bd5d7654d4fd1b54122c71873d9e0f021e90c28e8004489851ec54a5409d888a
Gogs markdown renderer suffers from a cross site scripting vulnerability. Versions 0.3.1-9-g49dc57e are affected.
f4ed141215063e5aa1d383bf0253f2da4d53f16ac3236dd18eebfb6ef1c26dc4
Gogs suffers from a remote unauthenticated SQL injection vulnerability via repository search. Versions 0.3.1-9-g49dc57e through 0.5.6.1104-g0c5ba45 are affected.
75a30ce63d077066f565a7c16174dcf041cb8db82fd902166167eaf3fedc1808
Gogs suffers from a remote blind SQL injection vulnerability via label search. Versions 0.3.1-9-g49dc57e through 0.5.6.1024-gf1d8746 are affected.
2851ea458aa2e82aaa0a27096e36b5135119f31a01be29a5ad53a9467291bfa2
Atlas Systems Aeon versions 3.5 and 3.6 suffer from a cross site scripting vulnerability.
9ba04841645a78bda5e98d5917531ade59b39c79cb2d4828e6134f5a2d31375a
Google's DoubleClick suffers from open redirection vulnerabilities.
c23752baac6dd86cbf0176e6fdab70b9a1f185b1490d25b9a4eff4e7a5816ba2
Pandora FMS version 5.1SP1 suffers from a cross site scripting vulnerability.
1d2359ceb00b99d37b461e40a33a97a4fe449239c6784b1386e31c6752f50d8a
OSSEC version 2.8 suffers from a privilege escalation vulnerability via insecure temporary file creation.
332b68c81e70da70ebe0fdd5bb80f7cf99f639232aa5b944919b393533981fcb
This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, bypassing the patch MS14-060, for the vulnerability publicly known as "Sandworm", on systems with Python for Windows installed. Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our testing, the most reliable setup is on Windows platforms running Office 2013 and Office 2010 SP2. Please keep in mind that some other setups such as those using Office 2010 SP1 may be less stable, and may end up with a crash due to a failure in the CPackage::CreateTempFileName function.
98f844496d43dbf5a1ce7018422d72a76de82b8bafeead5008c67a30054879fd
MyBB versions 1.8.1 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
d2831c09fb98312458a15b01dea782086d5dbef7931a614feb632379185db28c
Digi Online Examination System version 2.0 suffers from a remote shell upload vulnerability.
f4913846e2a4ef9da4fd1637116121697e047ae77978d936fc3a3c8fa24a1825
Mouse Media Script version 1.6.0 suffers from a stored cross site scripting vulnerability.
9bd45d892cefca1ccd97f12064adcdccdc46d6ba039a2cfc0cb41b78b22fe4e5
Esotalk CMS suffers from a cross site scripting vulnerability.
426b2a3130a36ea5b3de2f2855da80f068e88fd9e639135153ea7097754de135
Serenity Client Management Portal version 1.0.1 suffers from a stored cross site scripting vulnerability.
1782a2875c2b21cc946c66f6e5cb34da9592b5108bffec951aaa36b484595522
phpSound Music Sharing Platform version 1.0.5 suffers from multiple cross site scripting vulnerabilities
1ae73d636017b49c679573513259adb0882c02129b5d8004898e8ae43f7829f1
WordPress SupportEzzy Ticket System plugin version 1.2.5 suffers from a stored cross site scripting vulnerability.
2f89b65717afb33161b3fa89fe8224f3f1ba65b3f2e38c1b28f79f9277acbb1f
Who's Who Script suffers from a cross site request forgery vulnerability.
47f9a3f742cf238fe2b35e17df618c2251aafa10b62f1517868c27f5feaa4662
This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly exploited in the wild as MS14-060 patch bypass. The Microsoft update tried to fix the vulnerability publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our testing, the most reliable setup is on Windows platforms running Office 2013 and Office 2010 SP2. And please keep in mind that some other setups such as using Office 2010 SP1 might be less stable, and sometimes may end up with a crash due to a failure in the CPackage::CreateTempFileName function.
22d50e4cf87dbb4ac9f6d51a9b1c21edb0ba7405f489b927842967eda685d577
This Metasploit module exploits the Windows OLE automation array remote code execution vulnerability. The vulnerability exists in Internet Explorer 3.0 until version 11 within Windows 95 up to Windows 10.
9f3d76c6deb7093d4abe28ad57a0baaa94e5d5aac7b91cda94946db86e90b217
Joomla HD FLV component version 2.1.0.1 suffers from a remote SQL injection vulnerability.
733162606ba1c6d3ad296a0f60b1de5ca10abf359fa141da227db38f94650974
The Joomla Eventbooking component suffers from a cross site scripting vulnerability.
9b50f14aee44e44f20b0a4a6c605e2468e48bfe13ddce60537854cd9cb83ea26