ISR-sqlget is a blind SQL injection tool developed in Perl. It supports 20 databases, has various evasions features, SSL and proxy support, and more.
4ac98124e44160901dbd4f0fd6e7b92ffa530dcbfcbc73d2f2122fe5549a1093
Simple shellcode generator written in Perl.
03991e43ec5d4d5b8c519651b343e547584481d7614bcb0c1b8961c3ebb016be
Mandriva Linux Security Advisory - Multiple cross site scripting vulnerabilities were discovered in pam_login.cgi in webmin prior to version 1.350, which could allow a remote attacker to inject arbitrary web scripts or HTML.
1bbbe676ac186d3ae6bd66dd9d54848626a7c80788f138d68e26053c9496a365
Debian Security Advisory 1320-1 - Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. It was discovered that the OLE2 parser can be tricked into an infinite loop and memory exhaustion. It was discovered that the NsPack decompression code performed insufficient sanitizing on an internal length variable, resulting in a potential buffer overflow. It was discovered that temporary files were created with insecure permissions, resulting in information disclosure. It was discovered that the decompression code for RAR archives allows bypassing a scan of a RAR archive due to insufficient validity checks. It was discovered that the decompression code for RAR archives performs insufficient validation of header values, resulting in a buffer overflow.
62a4dcd169bebdf40e44a94dd161b10f047c7e6c91ce7107661336b7d9b5089d
Debian Security Advisory 1319-1 - Several remote vulnerabilities have been discovered in MaraDNS, a simple security-aware Domain Name Service server.
402998143f0f2092d26bcd32bc571ec697568c6b823e5fe4dee1f4a8ef9c0560
Debian Security Advisory 1318-1 - Several remote vulnerabilities have been discovered in ekg, a console Gadu Gadu client.
5c48b9b7359ae496f303d7bea1ef0aabd1f975e1ffc22adfcd9dd2c6442349fa
Debian Security Advisory 1317-1 - duskwave discovered that tinymux, a text-based multi-user virtual world server, performs insufficient boundary checks when working with user-supplied data, which might lead to the execution of arbitrary code.
3bf1bb01d6597bed9cfb800df13f7d338860554dbaed4e0091223f0bd87bb56c
BarCodeAx.dll version 4.9 ActiveX control is susceptible to a remote stack buffer overflow.
5b8f251469b6b6ff16e87adec7af89f0e53ad8ce7a91fe3df07f6af3b97ab875
Ubuntu Security Notice 476-1 - Fabio Massimo Di Nitto discovered that cman did not correctly validate the size of client messages. A local user could send a specially crafted message and execute arbitrary code with cluster manager privileges or crash the manager, leading to a denial of service.
e83c4673488457a524361a3367db932545cc68725676633da10de545d14b93c5
Orkut fails to expire or disable the session associated with the 'orkut_state' cookie when the user logs out or fails to authenticate himself during a session.
3a90b01bdb461209a1a19adeb541b056df60200c9788a2bc7f1b48172b8ad24c
eNdonesia version 8.4 suffers from a SQL injection vulnerability.
39adbd09c3de049026347d06dcda7c3dd848119e60eabdf6004f1b254c5c1ddd
Various CA products that embed Ingres products contain multiple vulnerabilities that can allow an attacker to potentially execute arbitrary code.
b9420a8daa8448c325330f47f53519fd6d8bf578d33c969e755fb2c28d048bb8
Avaxswf.dll, a library included in the Avax Vector ActiveX version 1.3 software package from the Company Civitech, has a flaw that allows for arbitrary file overwrite on the underlying system.
4ca55d3c8f70a52a5379bf51316724a294795bf8c806940932fe86568b7aca3a
NCTAudioEditor2 ActiveX DLL NCTWMAFile2.dll version 2.6.2.157 exploit.
28a728208a8f4004c82fff2c6ff50e58377091a3c0e399bc41dfb3662e338c47
NCTAudioStudio2 ActiveX DLL version 2.6.1.148 CreateFile() insecure method exploit.
641ca86b050b1f939e4516b7263fb460927024d0e291ff0eabbbbbf258573c45
WordPress version 2.2 arbitrary file upload exploit that makes use of wp-app.php.
e3615ba509c5134cf8c8ab046f0939498ecebfe904efdf37d2c908beacd8ee87
EVA-Web versions 1.1 through 2.2 suffer from a remote file inclusion vulnerability in index.php3.
15b51c2ca20967dfed1be0d23d5e9378dde61d5d32bfe061a3caa442b6c2038a
phpSiteBackup version 0.1 suffers from a remote file inclusion vulnerability in pcltar.lib.php.
c15f8ed1a607da3a1ac5c714f34eec526bd4bc367a375d3cf0beaedc231ea9d6
eDocStore suffers from a remote SQL injection vulnerability in doc.php.
e3be96d036a42982f6fb79111cf74e992a897d3c5b2112c827677d91a90d247e
Pagetool version 1.07 suffers from a remote SQL injection vulnerability.
bbb74469dd2079489b3d3d016b1faca6605a3d83a5383f894f11e57a120f6391
Mambo and Joomla appear to suffer from multiple remote file inclusion vulnerabilities. Versions unavailable.
1f7e53adfcfbceb41bf299873bfc1fb6da23836fc81df035b7f99be016a520e3
In Internet Explorer, using the mhtml: protocol handler and using Outlook Express's feature, arbitrary resources (such as HTML, image, application file and so on) can opened as MHTML formatted file and Content-Type: is disregarded.
379ef6bb17aaa05e0d8acff0481a2b322c0bc4e0908f5922391b81fb379775d0
Mandriva Linux Security Advisory - xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
92555421d2dc923d15c2bfb45f542e1a5fd7a2573294255b84ddd68b9c72ac36
Ubuntu Security Notice 475-1 - Philip Van Hoof discovered that the IMAP client in Evolution did not correctly verify the SEQUENCE value. A malicious or spoofed server could exploit this to execute arbitrary code with user privileges.
ff622ba311e9c8544b1c98b631427e0bd81209035858f95156eb83039afc0983
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
493166dd08a51d3f9649ed02ad91d119b7c4e9944155acc66331ce161a4bb5da