Mandriva Linux Security Advisory 2009-113 - Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c. The updated packages have been patched to prevent this.
494dcee9739d518edf4a883fc1403ef5183896bc21eef190648871d2788c1df7
MoonCat suffers from a direct access information changing vulnerability.
6ac6c09080572526111477d362247f7e701b0d9f1ff651871d2f26f46c3d0492
DGNews version 3.0 Beta suffers from a remote SQL injection vulnerability in berita.php.
7db9b31f200a9740cb4a1a8d3136193502971c93b466cd1fad51ea99a1382e03
Infinities eCommerce Web Hosting and Shopping Cart Solution suffer from a remote SQL injection vulnerability.
dcdf12f5f82bebd42eb7e70b6a8766ef74e3a110a946514b3ffa6de9c9754c30
Creative CMS suffers from a blind SQL injection vulnerability.
5804d90d1a4d6086990beae411569f5a0f121e4d36ed6f9dd28d35f2515488cf
Dana Portal remote administrative password changing exploit.
4f08edfa876033a8bd17991ceba51363e9a53bcdc7d8fc1805bad174ce41ebdf
DOURAN Portal versions 3.9.0.23 and below suffer from file upload and download vulnerabilities.
a743e43b0d6bbc5053b5f8ba1261c41798f0b4153cfc1d3ea7b1331bd6b4c4ea
ClanWeb version 1.4.2 remote password changing and add administrator exploit.
1fb01548f693290d15a3428149b46a9131a16124ab7448e458acfab415243537
Coppermine Photo Gallery versions 1.4.22 and below suffer from a local file inclusion and SQL injection vulnerabilities.
87fb58bb7126db45e8e2a82016ce2ff92205219ffac850ab2799c1e7d47ca882
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
01fea516e262cb224fa1eb0371c0967f6c7d0d944e408e9d2118fce18b9d98ed
PHP Dir Submit suffers from a remote SQL injection vulnerability that allows for authentication bypass.
27e605a12a09832c0e6414f4dfcf62c0bbdd228b937a66ffe6244848e319da6d
LightOpenCMS version 0.1 suffers from a remote SQL injection vulnerability.
6fed646b57762779d09f1e7c19edfd60e8a505ed73b93520e1eab192e4ea7d0f
Proxy Harvesting tool that uses google and evaluates the sites.
517e1265f9e5f9aae9917f456036e6e736b6c8cd4018adce8f4760ccafdb26cf
MD5 MySQL database brute forcing utility. Written in Python.
812ddd835e746192f01da1dcf222b86c588ac9cdebf484c6cfe2ee1309c1b87b
Flyspeck CMS version 6.8 remote change administrator password exploit that also notes a local file inclusion vulnerability.
2c20cd91db975d5bf93e9c15e2286a58c9205ae7e663861c0068bc3cf6fa0fdc
Pluck version 3.6.2 suffers from a local file inclusion vulnerability.
d1086dd005ddea1a48811c30ca3ba4fc5ec0dc6dabf091f9b019b765a707245a
Mereo version 1.8.0 remote denial of service exploit that leverages a GET request.
c0ae30fc274cf02ada901b8931178eee652d6afae6a9b81bf09b950850a47231
Zervit Webserver version 0.04 remote buffer overflow proof of concept exploit that leverages a GET request.
a754013827b30ab9f35c4c169cfa69abd59bb250c5a7e9a232124ffa84901d99
Online Rental Property Script version 5.0 and below suffer from a remote SQL injection vulnerability.
c3c21340d20313ef1bae85b6a95c546f95af0efba0bac19d2cdea819b5b51acc
OpenSSL versions 0.9.8k and 1.0.0-beta2 DTLS remote memory exhaustion denial of service exploit.
707ecaa806e575970e45edb096353e9e70a251a1b313a57024ad97ba671abea1
Pc4Uploader version 9.0 suffers from a remote blind SQL injection vulnerability.
7be00aa2fb0eec64f7d01e08862fd1bf4848b03c4f75f70c79ca0f9995d72017
PHP Article Publisher remote change administrator password exploit.
685d4a8a0b55e6464329434c9a453962a9988dfe8a4b9e21ee234d36c63de053
Jieqi CMS versions 1.5 and below remote code execution exploit.
1c2a832857f6976fe1e986e76b7b2acfb2ac75e630f8297f0c32145adc00e9ed
132 bytes of Linux x86-64 bindshell shellcode that binds to port 4444.
ef198bbead2c90ea935df966bc848938545d87d4d2757df3f887b2ac76f4de93
FreeBSD x86-64 exec("/bin/sh") 31 bytes shellcode.
88dba800db065fb8a7e0f2a9ae8fa356557eee8a01331e59dc0272f4e7206f22