i-doit Pro version 1.2.4 suffers from a remote SQL injection vulnerability.
cd86f2985111361778304bdb69725908
Office Assistant Pro version 2.2.2 suffers from a local file inclusion vulnerability.
fcb6079757399d2addbf840ead768e76
Proof of concept exploit used by the recent Linksys worm (known as "Moon"). Exploits blind command injection in tmUnblock.cgi.
98029f878e6fe6748f2a3f31170306c5
RSA BSAFE SSL-J versions 5.x and 6.0 suffer from multiple information disclosure and denial of service vulnerabilities.
585d244fc5d4f95d8b2ac2a7d4b24d26
HP Data Protector EXEC_BAR remote command execution exploit that affects versions 6.10, 6.11, and 6.20.
4664adb906972194b524f406999b4e3b
Open Web Analytics (OWA) is open source web analytics software that can track and analyze how visitors use websites and applications. OWA is vulnerable to SQL injection that allows an attacker to execute arbitrary SQL statements in the context of the configured OWA database user without authenticating to the web application. This vulnerability affects Open Web Analytics version 1.5.4.
f3cdb946582c0caac4477f0b4de44584
mbDriveHD version 1.0.7 suffers from local file inclusion and command injection vulnerabilities.
f1da121ecb207ef2869dc8e838c18a45
Pina CMS suffers from cross site scripting and remote SQL injection vulnerabilities.
791bf8e62fd1fff9ca8fac1d79b93766
DSMS suffers from cross site scripting and content spoofing vulnerabilities.
78ca53dd2f7e2d22e1e719ac9043d492
This small python script scans for a number of variations on the PHP-CGI remote code execution vulnerability, includes "apache magica" and plesk paths, along with other misconfigurations.
c043d2636d722f6c633d0653ab1ca8f5
This code abuses PJL functionality on HP network printers to print documents and also change the "ReadyMessage". Useful for avoiding printer payment systems in universities. Scan for port 9100 to find printers.
9b47937b50909097a1c6c720756ccb6e
Joomla Wire Immogest component suffers from a remote SQL injection vulnerability.
3264c7b802500b95ea3e1f62903c2e99
phpMyBackupPro version 2.4 suffers from a cross site scripting vulnerability.
55563b345a1fa5fa2cd3cf67285786e5
Azazel is a userland rootkit written in C based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection. Features include log cleaning, pcap subversion, and more.
c7ce7a9fa69ba1a58b66f3dca0284df4
Linksys products EA2700, EA3500, E4200, and EA4500 suffer from having an unauthenticated interface on port 8083 periodically.
14e65fc1b6fb02790688636e83743de0
This is a small perl script called NTP DRDoS which is a denial of service tool for use against NTP.
2d962184caf83044296ccfae04065109
This is a whitepaper discussing the bypassing of Clamwin Antivirus. Written in Azerbaijan.
bc2e8d077733bf8e8632f4cc642685a0
Linksys E-Series unauthenticated remote command execution exploit that leverages the same vulnerability as used in the "Moon" worm.
e5e8a82bab2ad32c6f6fbad03561fa32