EZ-Shop version 1.02 suffers from a remote SQL injection vulnerability.
83f97db3a90cce74a879bcd39d3d63097da8549f56aba09ae5f3a6948b2c3fca
S40 CMS version 0.4.2b suffers from a local file inclusion vulnerability.
cdeb09a0f1390c3f32b053d7ee5f8c94b4566882ad81feeb09c6f09346bf55d8
YCrawler is a web crawler that is useful for grabbing all user supplied input related to a given website and will save the output. It has proxy and log file support.
602e299d0d83a27072e94350f35ff2215599c2fc81c708ab79ed31bcc7d34dc0
yInjector is a MySQL injection penetration tool. It has multiple features, proxy support, and multiple exploitation methods.
b52774ac099292a94a0f4f4c96f55843e963024e991196b4ce6f06d98c62454c
WebFileExplorer version 3.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e49da55861cd0f74fdaec1e380c299bbe5d9dd12d15f3a53aee92837013d1b1c
L-Forum version 2.4.0 local file inclusion and command injection via SQL injection exploit.
5700d2ecc7227e2a744509a398a139df728096cdbfa4c24e4a833f7b99debea8
X-Forum version 0.6.2 remote command execution exploit that performs authentication bypass via a cookie handling vulnerability. SQL injection vulnerabilities also exist.
d9183587e4ad9215c1a97cac3e4f9677d61baa356ee16ea1106f8ac7be7a2200
My Simple Forum version 7.1 remote command execution exploit that leverages a local file inclusion vulnerability.
aecd9473523f12342ec2c7e647e527582de5aa5dbf9dda8a2f7df9a97002f58b
PhotoStand version 1.2.0 remote command execution exploit.
33acea214b6c3109d61b4aebe98cf7eb051be607078d8fc25cdfeec5e27b7d9f
Syzygy CMS version 0.3 local file inclusion and command injection via SQL injection exploit.
4b2919b75558263baad9329e05be565899ce4ba9bd71afd8e03a2c1c68e5d399
Bloginator version 1a SQL command injection via cookie bypass exploit.
b8172605df4b145cf245c69432ea57caeca02389a3ee55d556b10e5072a6bf6d
Demium CMS version 0.2.1 Beta suffers from local file inclusion, remote SQL injection, and file disclosure vulnerabilities. Full exploits included that perform local file inclusion and remote command execution leveraging both local file inclusion and SQL injection.
b101c63b28fd04922859e97761abeb7fbf14793b22ee253afcde294a8f958e80
Pyrophobia version 2.1.3.1 command execution exploit that leverages local file inclusion.
96908c3bb8f930153d1c72cd84d0d9ef9479856a453dcea97919bbd2e156f9d2
Free Arcade Script version 1.0 command execution exploit that leverages local file inclusion.
760f3aa37672fbff5e8a85a9b9c8297515e5ef595a4f439550042959705efc3f
This is a perl script that will visit a page repeatedly using various proxies. Can be used for testing purposes.
b64aaf2e2c1ae0d074f0f673d2a3833e95a4d9a915ee5ea551a718154d8c8960
Graugon Forum version 1 remote SQL command injection exploit.
6c2ec2aad1ea76fe2b23455770e447fd19c79c244d1aa9d8a11899e433b8efcc
simplePMS CMS version 0.1.3A remote command execution exploit that also notes local file inclusion vulnerabilities.
039e6f2f5535db1d149d878833ad8d5d4086d0908b69775b2f7481bf7303e689
CmsFaethon version 2.2.0 SQL injection and command execution exploit using info.php.
da5498d0b296251678a7e3b40bc930e12ffad1f8a1b099588c465432dafc4978
BlogWrite version 0.91 remote file disclosure and remote SQL injection exploit.
3df0fa790ca86608bd16c2b663a419a8fd36f5c562a592e845b8934f107ba9b1
Remote exploit for InselPhoto version 1.1 that uses SQL injection to extract administrative credentials and perform file disclosure.
bb07e6526359351e0ec4b102924238f2cf20609c7a81da5dd39b2057f07d89b7
Remote exploit for Bloggeruniverse version 2Beta that uses SQL injection to extract administrative credentials, file disclosure, and remote command execution.
2c0d883c2325166492708347aba64e0139eb3fda8b4a9bd4540c7bf1a1e8495e
Fluorine CMS version 0.1 RC 1 remote command execution exploit that makes use of SQL injection and file disclosure vulnerabilities.
fba9cd1f22d06af6db3a6cd343f722047f153643fb252b8b78751e46c84f24ad
Hedgedog CMS version 1.21 remote command execution exploit that performs an arbitrary overwrite. It also notes a local file inclusion vulnerability.
601a59d86ccc6e188584cf6ec00c456fdca793e0b7b2b8d579f4853cb496a476
Simple PHP News version 1.0 Final remote command execution exploit.
8dd581d106f343d38f8105a12dd49f0a81c77856bc8ef9a0ada8477a69278064
PHPbbBook version 1.3 local file inclusion exploit that leverages bbcode.php.
91442a85468196228259433d5c88831f522791e40bccaf649cd84e9e36240704