Whitepaper discussing the fact that the Microsoft Server Message Block Redirector Driver (mrxsmb.sys) does not verify the user-mode buffer properly, allowing any user to overwrite any desired memory address. The successful exploitation results in Ring0 code execution.
8e72140b6ea3bdc38e8d99a76cc14e568dce6926a301540aba00a78f7cb44a46
TikiWiki version 1.9.3.2 has been reported as being susceptible to SQL injection and cross site scripting vulnerabilities.
83ace86f75ddc3641aed5a5e7173fc801dbc52d68af4ce11497aaab6dca5d27b
Chipmailer versions 1.09 and below suffer from cross site scripting and SQL injection flaws.
c51d5dafa1a5d0f69530a3c251837dd821f7e098a75c7354db8c0046ab72b6d9
Jobline version 1.1.1 suffers from a remote file inclusion flaw.
17d8c77877ed3a395378b7f82c3ca3973c8817202cacdb7bc1c2e57f6b6ae166
Simpleshout version 1.6.0 suffers from a remote file inclusion flaw.
1ed7dee882eb8d7e037ff7480a98c80b711c493f52e72ffda33a4c5308d46e51
Shoutpro version 1.0 suffers from a remote file inclusion flaw.
109d31a7e276db857e8587d2283a682aa17e27681bce1b82a2b025be3401367f
Peter Winter-Smith of NGSSoftware has discovered a high risk vulnerability in the Microsoft Windows Remote Access Connection Manager (RASMAN) service which (under certain versions of the OS) can allow a remote, anonymous attacker to gain complete control over a vulnerable system.
ce666f7ac90d12808bb6374e61c4e98e95f0a4b83af01d5cda10c9d11a769958
S H O U T B O X version 1.5 suffers from a remote file inclusion flaw.
32bdd323ab4a94a1ae73a8d43fc5d99adacd30d0c14409143d31bc666ee011c4
PHP MESSENGER version 1.0 suffers from a remote file inclusion flaw.
86f3ef386ca03e7a8671efbd82a050ca833a32827872f6c5b310ed66b77e6ac7
G Shout version 1.3.1 suffers from a remote file inclusion flaw.
326d07219f372369c07fc5516637e1b0180523f039dca7e9a5c10053c01ea445
Amr Talkbox suffers from a remote file inclusion flaw.
3e9f6d18362e1688f1a1ebee4d76e1b3573483fd73b9c5ce119c5d1729d26dc1
Ltwcalendar version 4.1.3 suffers from a remote file inclusion flaw.
fa42273ce700114277f0bc0662c9da2fb307b201ebb1385719bf9ced0dea20d7
Wheatblog version 1.0 suffers from a remote file inclusion flaw.
da80b6e72451a68026e7b3a6209cce77c592e020caba3fe5c1c0f293837c5e9f
Mamblog version 1.0 suffers from a remote file inclusion flaw.
e95cb66ae78166423e6c8ab33da4a2466e3ae26df71c8254faf94e3b241185bc
Flog version 1.1.2 suffers from a remote file inclusion flaw.
1aad1dc5f41f7d5706a2825844719a264949c8a288b3bdfabd7c6d661c4c24d7
boastMachine version 3.1 suffers from a remote file inclusion flaw.
4f1e38cd693d54099520bac58fa6555a3ff15052e3822e73a8470bd81543efb0
phphg Guestbook suffers from a remote file inclusion flaw.
c19272bd4786fafc7bd948f4125db00273e893d77efec36502b0938a68d826a5
Somery version 0.4.4 suffers from a remote file inclusion flaw.
90ca2b8207ff35ec80b88bcb605812a745cf3e1c86b7371dedd8cf9760b5d94c
SAXON version 4.6 suffers from a remote file inclusion flaw.
ec593cf95d7478b9f36a91fed9b8c603f6a532b117f6bf36e0de7ee70a025eb8
MD News version 1.0 suffers from a remote file inclusion flaw.
6811f568fcb7c349aef9ce1bb0e795beb172cb12e3a91e92099eb8cb8a06c329
aWebNews version 1.0 suffers from a remote file inclusion flaw.
815f458aa1e184e3b54f752f19d1f7537474bd1a53f0a83c14ec66c70c658725
CzarNews version 1.14 suffers from a remote file inclusion flaw.
fa25248be42aaa948df6ca0b885f65fe4b28ff15aa19a7b3d1268a519568f0ad
mcGuestbook version 1.3 is susceptible to remote file inclusion flaws.
dac48cd340446412b0ce899b9ce5dd68d46bc31bbce04cc5f32646cf40b95d92
Proof of concept exploit for MyBB version 1.1.2 that makes use of a flaw where user input is not properly sanitized.
b97bc347ff4a06fe79245d24aa4d71f4ce12dfdd5a51353ada535d4a1c44b413
myPHP Guestbook version 2.0.2 is susceptible to cross site scripting attacks.
f12b40566ffb47c05c7cf5751bf326ef3ccfa64a01b77b45220e56546d060b77