ManageEngine Applications Manager build 12700 suffers from information disclosure and remote SQL injection vulnerabilities.
9638bd04858f548d97b6c5c4af204f6913898488f0894e3070466dacb592dded
VLC Media Player version 2.1.2 denial of service proof of concept integer division by zero exploit.
e8080f60a26416fb2e3fb8b700578598d70d8d39ad0a3beed77c793a95aaa73c
This is a brief whitepaper tutorial to help facilitate the understanding of C integer boundaries (overflows and underflows).
9017f0c8e3e11504b161f2abf7f058a5d57d87373489674675bfd92f1d5caf25
This is a brief whitepaper tutorial discussing return-to-libc exploitation.
f1935f980e5eab5d3c4772be6b97efb487d82c08b13fc527519a912c04c08094
This is a brief whitepaper tutorial that discusses integer overflows and underflows.
9b9f3ebcd70a62a4189cceeaf49edd91a6d027ae60c29bc9f51bfd8eb1a1f3fa
This is a brief whitepaper tutorial discussing stack-based buffer overflow exploitation.
11b14091592ce665a4052fa63c683bede3f54a2039f3e8ac022b17bc903078c5
This is a brief whitepaper tutorial that discusses format string exploitation.
1544465d9c53bc46b45f199277e5af8bfc93c0c6d2f40f5ff2478c2db9d3714b
This whitepaper is called Off-By-One Exploitation Tutorial. The off by one vulnerability in general means that if an attacker supplied input with certain length if the program has an incorrect length condition the program will write one byte outside the bounds of the space allocated to hold this input causing one of two scenarios depending on the input.
5f0e7988d1f9efa82633300226d7ad14a89ebbc4f3ad3eb4a3d67306232ea70c
Whitepaper called Return-Oriented-Programming (ROP FTW).
0df3dba7ba4fbf596b77ccb6bcaf64bddf65e2fae569ec24d7481f4b6ce3f8b6
WordPress UPM-POLLS plugin version 1.0.4 suffers from a remote blind SQL injection vulnerability.
98921f30cbd1957f41300ca9134e7e6e2f77a9de7141c68ac2698d31cd442e95
WeBid version 1.0.2 suffers from cross site scripting and remote SQL injection vulnerabilities.
0bce39b5bffc7a4bc13046662ad8b39b8fab588076ace249f26f92528f70f715
ZenPhoto version 1.4.0.3 suffers from a x-forwarded-for HTTP header persistent cross site scripting vulnerability.
31943b0ed4c18db66f55e83de7afe3e61f31ce216337eebd49027363f3ec405c
WordPress plugin Relevanssi User Searches version 2.7.2 suffers from a stored cross site scripting vulnerability.
76749fc499c98e9eac65ec4bb7effa27387d7bc7dfdddba9afb3483a0f68f2ea
WordPress plugin GigPress version 2.1.10 suffers from a stored cross site scripting vulnerability.
60271d96a706125046c8d70c43a6ff00813e622943ff4ae8ee8dbfffeb923397
Icy Phoenix version 1.3.0.53a suffers from a HTTP referer stored cross site scripting vulnerability.
7e21dc6cb916e5754d234f2cc69721fa5bf810a752f56e4374e0459c035fe46e
Eventum version 2.3.1 suffers from a stored cross site scripting vulnerability.
cb295a1e7e93f019aa19e9a36adcdb63bce4b05f67ec606e15dee157e351b661
PHP-Fusion Auto Database System version 1.0 Infusion suffers from a remote SQL injection vulnerability.
707572eda0949f9187d7f0eb4227494189e0f6d0dd2ddc05a645688c48d316b8
JAKCMS version 2.0 PRO RC5 suffers from a stored cross site scripting vulnerability that is leveraged via user-agent HTTP header injection.
0fa14945da66a1025b90d7c2d83ae4c10d8911af357302c935b38825ea48f490
NinkoBB version 1.3RC5 suffers from a stored cross site scripting vulnerability.
fdd928f2d4a74862bfd438ea010c17bdf53d51bdf3ec9be94e314271f040f726
PHP-Fusion Team Structure Infusion suffers from a remote SQL injection vulnerability.
fe56cc3ad8cf8d69a82f6cfc1199c45c4a0f776e96da2f877885d15711d94004
glfusion CMS version 1.2.1 suffers from a stored cross site scripting vulnerability.
7a3e610c9d58ff611844e59f6bd52516278164a8d1fc59bf3d06bec32059c272
Lifetype version 1.2.10 suffers from a HTTP referer persistent cross site scripting vulnerability.
8561472683c237f97e479ff45778a4766cfc551b2fe037369ecf260a0e801a25
The WordPress statspressCN plugin version 1.9.0 suffers from a stored cross site scripting vulnerability.
f6bd7dda63607ede5e4c13e0fc24faa70b7abb9bce55899b1ff2b68e12c7f8ee