saphp Lesson is vulnerable to SQL injection. Exploitation provided.
b18e140b3a9e28b98d2832d38991426a351a2144143751fa0b2cc1f5ec52768c
DCP Portal versions less than or equal to v6 are vulnerable to SQL injection and XSS attacks.
59b439177fcdb36ff0ee49e4344d52bbda2cdf6d0181c073634a787e13c0130c
Nuked klan 1.7: Remote Exploit.
3c8098a28fe10e80eaf203e2936fec0e9630968fb220238be19fb8ba9d349779
SUSE Security Announcement - information disclosure via permissions package.
889712208a141b0cc0923e610a384ea3c068b06274ed61d01d4e3c65d7770093
Trustix Secure Linux Security Advisory #2005-0059 - Multiple vulnerabilities in apache, lynx, mod_php4, openssl, php4, php, squid, texinfo, and wget.
b4197c01fe5f684fdb98b3e5b534d68a67f885d006e32bc2b7bb8fef99c8c5f0
php version 4.4.1 .htaccess apache DOS exploit.
89b45db948a6dc9783df06193d900b40d886c9e201fd99c49f8648806d4d12c6
PHPNuke 7.8 SQL INjection and remote commands execution poc exploit.
df4acdcff0846dbb205c33f3ea005fe82b2971d79290c887fc92d2b99710b645
PunBB versions between 1.1.2 and 1.1.5 suffer from a remote file inclusion vulnerability.
f713bad666ccd0bd7baae90f57cab948c2071b3654468d1386d041ef728e2c96
A simple libpcap based MSN protocol sniffer.
f03c69e064f1269dfd5adbc668204d0a7e0eafb86317e293e9d6c1ce0a4f5761
This is a ipv6 banner grabber by c1zc0 Security
e85388d2e1be213c5e3ff508b15076266d49cb3ff37175580006ed793cf2433e
This is a basic cisco mgx scanner that scans for default passwords.
645f8f559a0d20025f86a35683429de0b85591f451ec739fd80a1c5d15bc5966
Qcrack is a program written to test the security of md5 passwords by attempting to brute force them. The user can also specify the characters to use when brute-forcing.
8474efd25891851e4fd91bf9b3ce4da6f2ec3c5a13c27121c5f4c24a0de25238
Flatnuke suffers from file inclusion vulnerabilities and XSS
bb52f22a19b5c079e852968d2c6a8389a56300c5f66d5204debbb35f52f6e435
AL-Caricatier suffers from a login bypass vulnerability.
f7b1cadb07d37326efea2ea0eb7d07f8d10779038dba1b6279795775bdd42eb2
Hardened-PHP Project Security Advisory - And audit of phpMyAdmin revealed a design flaw in the way phpMyAdmin includes it's register_globals compatibility layer, that allows inclusion of arbitrary local files, which usually leads to remote code execution.
07c39621998dfc6ec31c6e8cee28b68e1549bc5e4f8dd5cf117ed955de7ddbc5
phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit - This exploit details a method which uses the Gif bug in IE to perform a XSS attack.
d91dff60352e732640beee7806aa41a9c45b5959d3f48c32e267e9a5b93cc466
Gentoo Linux Security Advisory GLSA 200510-21 - Stefan Esser discovered that by calling certain PHP files directly, it was possible to workaround the grab_globals.lib.php security model and overwrite the $cfg configuration array. Systems running PHP in safe mode are not affected. Furthermore, Tobias Klein reported several cross-site-scripting issues resulting from insufficient user input sanitizing. Versions less than 2.6.4_p3 are affected.
bdc34b73151d595048e983ee59c1ac6b53aeef0310b18852111bdc00a67958ec
Gentoo Linux Security Advisory GLSA 200510-20 - Zope honors file inclusion directives in RestructuredText objects by default. Versions less than 2.7.8 are affected.
fa3508d05860a34beb4eaf6ad27147ade6dd88c2ba2ef0d5255a87e4300bf526
Gentoo Linux Security Advisory GLSA 200510-19 - iDEFENSE reported that insufficient bounds checking on a memcpy() of the supplied NTLM username can result in a stack overflow. Versions less than 7.15.0 are affected.
b403869cb001836a2a8f8c3b58aa4ab7d808f737aa05a63af0cbcdbbd522b133
BMC's Control M enterprise scheduling facility creates temporary files insecurely.
10159e46cbab518398523ed1786a87cbc0d512a8f648293114d56d7015f86202
Qcrack is a program written to test the security of md5 passwords by attempting to brute force them. The user can also specify the characters to use when brute-forcing.
67aa24c0dcc7ce582aa9d7359224e4f37030cfa21591ca3eb4a793a2d8e7985d
[KAPDA::#8] Domain Manager Pro Vulnerability - A remote user can conduct cross-site scripting attacks.The 'panel' script does not properly validate user-supplied input at the 'err' parameter.So remote user can inject html script to fake login form and steal admin's password.
884d2c7cab6a1fb8491aefd45b26685f951bc1ff50e09b9c0295fdebbf165705
aRCHILLES Newsworld versions less than 1.5.0-rc1 suffer from multiple vulnerabilities including login bypass and information disclosure. POC and workarounds included.
9227656086e77f731c91ef4311c8666b9482d7c9442c448649307de93e6d155c
MWCHAT 6.8 SQL injection and remote command execution exploit.
41110b8a0d1dc327dbda05febcf2566569f15a2637fd71c9e8c0e5d01e2bc6f7
F.E.A.R. (First Encounter Assault and Recon) 1.01 is still vulnerable to a bug discovered in December 2004.
1bd561f56fa4976f859ecef647720e1eb9ae93c82482cbb22ccd4ed2d2c48187