phpslash versions 0.8.1.1 and below remote code execution exploit.
662d1a5b90d0b1590026d37a8495f4800f94426aea13fcf80d044e5e24df7bcc
Invision Power Board versions 2.3.5 and below remote exploit that brute forces, attempts IDS evasion, and more.
7779c993b7397aaec65eef50dc7ff88cbb5936a2ae85c14d56352edc8fc4a524
VHCS versions 2.4.7.1 and below vhcs2_daemon remote root exploit.
0f89a135847145f07fbebdb0d3507cdc68865f9f1108e58976edd75a9c02e200
The PHP Security Framework Beta 1 is susceptible to remote file inclusion and SQL injection vulnerabilities.
29c648ed7e7f8232f64de587847ec1c8dfe19f344a1f10bf37ccaf05a569d65c
JBC Explorer versions 7.20 RC 1 and below remote code execution exploit.
46de6bd53fd7a60db18f6a9b5c51986f8f8b09cc72b77bc7f269e2b543ec77f3
Simple PHP Blog versions 0.5.1 and below suffer from multiple vulnerabilities including cross site scripting, local file inclusion, and code execution flaws.
55a5a9c2c79638a9c0edde9067c02a342d88b6cce70587c7758addd7add2c95d
Pluxml version 0.3.1 remote code execution exploit.
314a2e05ffd4f6f727a1201243521b1913ade489d0e3a04ab29ba9b2d6be0f20
The PHP parse_str() function suffers from an arbitrary variable overwrite issue.
0d9ad5e9250b7849f116c5dd0fc42cd6cb2b7fd428f5102e4b0e44f2ec808162
Nuked-Klan version 1.7.6 remote code execution exploit.
8653c43c649a6a0903519b26ac0c9186fecd60f206422bdf6493074d96c95ee1
PunBB versions 1.2.14 and below remote code execution exploit.
de1c80ad02e101abd2d5094d78393cd13498e3f063370a5d158d7d47e649f94d
PunBB versions 1.2.14 and below suffer from multiple vulnerabilities.
5d2be5dcc00b16ada33d5146ae4115b4f670aac32e4db5a6f40085ff3aa0000f
MyBulletinBoard aka MyBB versions 1.2.3 and below remote code execution exploit.
6dea563dfd93a98a244015d060b022f01495a14a52faec6b3fb00bc6d2c685f1
Net Portal Dynamic System (NPDS) versions 5.10 and below remote code execution exploit.
f611f400d1e64c3f1c2aee616a3d06e17bc0ae85b9057dccaea054926fbfde3a
NukeSentinel versions 2.5.06 and below SQL injection exploit for use with mysql versions 4.0.24 and above.
e3cc24343fd420723a8e26cf924ee898a7a68f6a9c355fcab4fc34d0fe741846
webSPELL versions 4.01.02 and below remote code execution exploit.
29547bcb116a8a5c976676f6723cca0288b40635aecde39ddaec964f24859f18
Connectix Boards versions 0.7 and below privilege escalation and remote code execution exploit.
8742c336adf7d155a3f10103baaf50e551901f676c5f3fbd554cce9517ea8658
NukeSentinel version 2.5.05 file disclosure exploit that makes use of nukesentinel.php.
9eda76df34870717b1469d403f9965373ceafdd5f76965769639ce770fba4091
NukeSentinel version 2.5.05 blind SQL injection exploit that makes use of nsbypass.php.
b39f4d5f095a03fc0ebd7c32b29313e4d75034acbc441b90128f82e2c9ac5d46
Jupiter CMS version 1.1.5 suffers from multiple vulnerabilities including SQL injection, cross site scripting, local and remote file inclusion, and more. I think it should be a do-over.
29e4e1338ce8216c5004ac09b14b7abd2b0eea6f1b8b9af2df13bcfda27ab063
Aztek Forum version 4.1 exploit that demonstrates multiple vulnerabilities including SQL injection and filter bypas flaws.
981c779961031b5c76898596d2e11fac06d836924f262d6e6ce915897ad516eb
@lex Guestbook versions 4.0.2 and below remote command execution exploit.
aa6d5158fc31eea29f35203721b5d772d041076d1554427728369b89e7418a39
Coppermine Photo Gallery versions 1.4.10 and below remote SQL injection exploit.
65b174348d0e69181017fad62d2dd2609111f2c11a1049d1c610d15a085015d9
Simple Web Content Management System remote SQL injection exploit.
ae1947f37891ca007e171029404c600608b010a2265cef7d487134f813e64348
Cahier de texte version 2.2 suffers from a bypass vulnerability.
5c0ac412956c7f1a0d4be57717ba940c21ce9a5f58403cd85761f560ef8485c1
Ixprim version 1.2 remote blind SQL injection exploit.
aec29fc93d3d359b2ff53e290036f5098f53c7fa9975ee28b67553cea97daac1