CodeDB suffers from a local file inclusion vulnerability in list.php.
56a2663dce48b0521bb75e349218563a73d072d01c14cfb3c65d04310ef30ebe
Scripteen Free Image Hosting Script version 1.2 administrative password grabbing exploit.
6a0a610f81f0863e880117b1e3ac6a87e0141fd6b9b5fdce033db61209d64ce3
ITechBids version 7.0 Gold suffers from cross site scripting and SQL injection vulnerabilities.
3738018d4c007f87135d3353ef09c273379c8aa5348129adbff3cafca24ae3c4
Pluck version 4.5.1 suffers from a local file inclusion vulnerability.
97359dbd07b27df4394cfd514c94a283ac92098fcbf90ff15c5c3cfc0e028c60
The Call For Papers for DeepSec IDSC 2008 ends tomorrow. Get your submission in today!
20b960645ed6dfedd3a4d472a94e74ca34f364ce7013583ff139630ebb4895f6
FreeBSD Security Advisory - The BIND DNS implementation does not randomize the UDP source port when doing remote queries, and the query id alone does not provide adequate randomization.
fb04e361ce950a2eb37bbee1c2ca35ab538b362079ecb611780d440663993f72
Avlc Forum suffers from a remote SQL injection vulnerability in vlc_forum.php.
6179f2da4d08d4a167d084865f97f3185b39cff49c836ed0b85fe2c00a6cfe71
MFORUM version 0.1a suffers from an arbitrary add administrator vulnerability.
807f18e60215df83baf72791fca62e63d51add18a51c869243eddde68c0bb583
jSite version 1.0 OE suffers from SQL injection and local file inclusion vulnerabilities.
fdd01faf208fb1601f555295be0fe1dfc2afd66dfe54d830f0c6ede0312317a4
Fuzzylime CMS version 3.01 remote code execution exploit that leverages commrss.php. Written in PHP.
bfb84d50396053f20de768ceab95923c2ab02c1c3871d340f8128bd4c32e42cf
Fuzzylime CMS version 3.01 remote code execution exploit that leverages polladd.php. Written in Perl.
14aeffdf9e319fce05296d28467b43e83c68ba71e5948fae3423e2be99820120
Fuzzylime CMS version 3.01 remote code execution exploit that leverages polladd.php. Written in PHP.
a8c44acead9986af75368b435f55146aa609a6ffaefd0d7e3f9ac812287aa5b6
Yahoo! Messenger version 8.1 ActiveX remote denial of service exploit.
b86529c5c94705d2fa1eb098389b8c296df0db1270649c873ef34d3cbd30931c
Debian Security Advisory 1608-1 - Sergei Golubchik discovered that MySQL, a widely-deployed database server, did not properly validate optional data or index directory paths given in a CREATE TABLE statement, nor would it (under proper conditions) prevent two databases from using the same paths for data or index files. This permits an authenticated user with authorization to create tables in one database to read, write or delete data from tables subsequently created in other databases, regardless of other GRANT authorizations.
f36bea7ac060105616e86d6befc0a778abc8db40a7c072eabdd764d2b4e156ae
Simple DNS Plus versions 5.0 and 4.1 remote denial of service exploit.
6c347700d81e481ba932dc2c036c6a9ad7f8890deff1e0a3dff7bfebc77dbe17
Mandriva Linux Security Advisory - A denial of service vulnerability was discovered in the way the OpenLDAP slapd daemon processed certain network messages. An unauthenticated remote attacker could send a specially crafted request that would crash the slapd daemon. The updated packages have been patched to correct this issue.
0086e0b69ef62cdf3040c7dbe542813ee38fad87afd143e3d4de43d040215a78
Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. The updated packages have been patched to fix the issue. The OpenOffice.org package for Mandriva Corporate 3 missed the patch application due to a build error. This update fixes that.
cba8ef6fe369d68f51876e63cd4e84efabd1b52022f827bc2ffa123464041e03
Snoop is a GNU/Linux file descriptor monitoring tool inspired by FreeBSD's 'watch'. It goes beyond simple TTY snooping by allowing the interception of any file descriptor. You can attach on the fly to regular files, TTYs, named pipes, character devices, and pretty much anything that is represented by a file descriptor and addressable in the standard name space.
ac10fd95cf6b885d3ca967216b94200f527e87415a52f0f743d521a845da925f
SiLK (System for Internet-Level Knowledge) consists of two sets of tools: a packing system and an analysis suite. The packing system receives Netflow V5 PDUs and converts them into a more space efficient format, recording the packed records into service-specific binary flat files. The analysis suite consists of tools that can read these flat files and then perform various query operations, ranging from per-record filtering to statistical analysis of groups of records. The analysis tools interoperate using pipes, allowing a user to develop a relatively sophisticated query from a simple beginning.
a6367a8c25a709527279819c4ec474da194eccd5bb306d9b195f22e9f7ad640c
Ultrastats versions 0.2.142 and below remote blind SQL injection exploit that makes use of players-detail.php.
019e21465b24053ea907149e640207acc794f0d6201b1b7a809e5c5162b188fb
WebCMS Portal suffers from a remote SQL injection vulnerability.
8c0060a7cca56e19e7977dcdc0f0ee2f5f3d7ebf8a2ea6babdfc83f6164d55d1
Joomla n-forms component version 1.01 blind SQL injection exploit.
2563504ee8b94b0f75e1a2841c690b08d2c111348c01ad6c28cefd90ea8cc090
Trixbox version 2.6.1 remote root exploit written in Python that spawns a reverse shell.
3f6ae161657fee10bb1b94f8851f662ec45c6d00a9982ae5161a385caba2cc38
Maian Recipe versions 1.2 and below suffer from a poorly designed cookie vulnerability.
c01a73156e6de4fa6d759d7ca6ad2eecc65ff0223e229fcdb73deea384319e23
Maian Links versions 3.1 and below suffer from a poorly designed cookie vulnerability.
007bf1d1fddad50e1b187cc8bd740a5c3dc8dc39919720f1b4fe547e052c3afa