Exploit that demonstrates a vulnerability in the comment_delete_cgi.php from SimplePHPBlog. The PHP script allows for the arbitrary deletion of files. This vulnerability, in combination with the fact that the installation scripts are left on the server after installation, allows an arbitrary user to reset the admin password to one of the attacker's choosing.
0709918fda79c675a96d4652e41493a81d31f543e718af8b4e99466278e268a4
Secunia Security Advisory - Secunia Research has discovered a vulnerability in SqWebMail, which can be exploited by malicious people to conduct script insertion attacks. The vulnerability is caused due to SqWebMail failing to properly sanitize HTML emails. This can be exploited to include arbitrary script code in HTML emails, which will be executed in context of the SqWebMail server, as soon as the user views a received email. Version 5.0.4 is affected.
9f8815d1479722e3a79864780a1f90bda89aae671d21b3d259241bad31b87763
PunBB 1.2.6 suffers from a script injection flaw in its use of IMG tags.
76a92ae5e6fde10cb9ced424297930667ae0f73758379c6a6d9c3cb5473d861c
Cosmoshop versions 8.10.78 and below suffer from SQL injection flaws, clear text passwords, and directory traversal flaws.
7afc580e4915d241635c89dec9a0e70603c257327ef5b3095f6601a40f25460b
PHP-Fusion versions 6.00.107 and below are susceptible to cross site scripting attacks.
3f15c2e7208df48104b823b6d206252cac343bd4b84152f7a763ad185f2e8c4a
AutoLinks Pro 2.1 suffers from a remote file inclusion vulnerability.
fdf8ad358727d559b58a4bf28b0a1d5750cbce6c5965413ec5179d2c16ba2c95
Land Down Under suffers from cross site scripting vulnerabilities in the signature and topic payloads.
d4b8c0632ce9ee367d669aaa4e499bd98d6d5b4df9f966eaa3ddfa694ee9fe45
MyBulletinBoard (MyBB) member.php SQL injection exploit.
d9970d3e92d9a79fdbe50423107349fe1d2b90158ed70add7b503ebe9e897a30
Multiple vulnerabilities have been discovered in various CMS and forum software. e107 suffers from a cross site scripting flaw, Wordpress suffers from a SQL injection flaw, PHPNews suffers from a remote inclusion flaw, phpBB suffers from a SQL injection flaw, Google suffers from a SQL injection flaw, and myspace.com suffers from a user profile defacement flaw. Oh.. and UBB 6.3.2 suffers from a remote code execution flaw.
9a74fd1c631bb86cd84d03df760f1891aba24c8535b0f1c98d23a917eb38b163
Secunia Security Advisory - Alexander Gerasiov has reported a security issue in phpLDAPadmin, which can be exploited by malicious people to bypass certain security restrictions.
df7dc1a276065204206babdcd62214ff177b7bbb077a3ee35064efc5ff43edad
Secunia Security Advisory - Sowhat has discovered a vulnerability in BNBT EasyTracker, which can be exploited by malicious people to cause a DoS (Denial of Service).
0b8a62a0b46c6f3bfb6dc6578c3d1bb0f4b4226ec44339f85e3c081c333caebd
Secunia Security Advisory - vade79 has discovered a vulnerability in Gopher client, which can be exploited by malicious people to compromise a vulnerable system.
50bcf8a16f5e21a7b20a90180232741714c21f38727cfc022f016f7f0654d010
Secunia Security Advisory - Kutbuddin Trunkwala has reported a vulnerability in BlueWhaleCRM, which can be exploited by malicious users to conduct SQL injection attacks.
b24efbe0dd772d918caafd9e5255560eee7735275bf2f5921f220a09a2c7bc75
Secunia Security Advisory - NewAngels Team and 4Degrees have reported a vulnerability in AutoLinks Pro, which can be exploited by malicious people to compromise a vulnerable system.
5a6d7b2649819dbe194231040599f100c8cf7f89be0e28884c99ef9491ec18f0
Secunia Security Advisory - s2b has discovered a vulnerability in Helpdesk software Hesk, which can be exploited by malicious people to bypass certain security restrictions.
716e046bd43b96fcc32ec17e75bc2910aeb70964067b5243c85c3689d6e5a0e8
Secunia Security Advisory - l0om has reported a vulnerability in Cosmoshop, which can be exploited by malicious people to conduct SQL injection attacks and disclose sensitive information.
b2796b56a21e6fa5d9d3140ee4351c68878211375a9cbd02fb96bfec38ebd0dc
Secunia Security Advisory - riklaunim has discovered a vulnerability in FUDforum, which can be exploited by malicious people to compromise a vulnerable system.
0c5da1180156602dbba89167c0b2cc435fe592201ed6d852412bb94e0ae3c6b7
Secunia Security Advisory - Red Hat has issued an update for evolution. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
81690b0cd720f32e8daa418f42ad3788e9254123df4b000f0c957777e4b7a3c2
Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in BFCommand & Control Server Manager, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
e81f68da2d23bd11abfef85fc8dfbdee73f5c25cf24aa7286539f841ca06e35c
Secunia Security Advisory - Debian has issued an update for php4. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges, or by malicious people to compromise a vulnerable system.
8b11e6ff2ac27670be7ffc83cdf29ed6e181c4e91d16a391764eebdd270d5cb3
Secunia Security Advisory - slacker4ever_1 has discovered a vulnerability in PHP-Fusion, which can be exploited by malicious people to conduct script insertion attacks.
25ce040dee3cfa343558392f572c5d0a1446ef5e85b52a93d261a34041d4d447
Secunia Security Advisory - Debian has issued an update for Kismet. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system.
0740dc595a2b63ee85231026603a0ae3f71810779dc9a8d41810552544ad2bbf
Secunia Security Advisory - Debian has issued an update for phpldapadmin. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
1ee0fa53911b812d8bcf60653a6b044ecaa2e68d0e8c6e62dbd2f320227022df