ApartmentSearch suffers from remote SQL injection and insecure cookie handling vulnerabilities.
f70664f1159346a32dca8e14d11a30139bed900ebb07ff196dbbd374ada33bc1
BannerExchange suffers from an insecure cookie handling vulnerability.
e6d0111b2dca63521463c8ae4ca37a41f3c50211060634a71c8b9853bea7d921
ClassifiedUltra suffers from remote SQL injection and insecure cookie handling vulnerabilities.
9a674906fdb7031cbaff11a38e68a300bf41c37b405c77bd92d4b8944bce45d2
GameRoom suffers from a remote shell upload vulnerability.
a9ec7763d3e0bc2e157489e25db92ed4476ea0edf90e465bfce5d050a379aeb5
Fonts Site Script suffers from a remote file disclosure vulnerability.
8d0749bec84e8468c254282169645aafae25ea0c7bf0c66066c95dc31e4a76b0
PLS PLA WMDownloader proof of concept denial of service exploit.
58723fafbe0a13a70b30f483aebbfa7a0bb5aca7d0cb7d5d97ac8939e9185028
osTicket version 1.6 RC5 suffers from a remote SQL injection vulnerability.
01c73a88cbfab7465580491f7f4e97899dda1ff7a5d9a516e04f11303f9fdafc
osTicket version 1.6 RC5 suffers from a reflected cross site scripting vulnerability.
c0f6f29fe0189dab5804cfd0a4ebd7b44b06e5d7695e3669030949749e416e3c
Flaws in Microsoft's implementation of the NTLM challenge-response authentication protocol causing the server to generate duplicate challenges/nonces and an information leak allow an unauthenticated remote attacker without any kind of credentials to access the SMB service of the target system under the credentials of an authorized user. Depending on the privileges of the user, the attacker will be able to obtain and modify files on the target system and execute arbitrary code. Proof of concept exploit included.
6b3ebf2a7a39c7c5203cde6f4027d748b138e372cc4996244b973486d32706b4
Whitepaper called Building Your Own Shell-codes.
86ef527d9aa10343480e09786cd1e4d1938ad0c3b246d7d5f2f5973fcf16289d
UltraISO version 9.3.6.2750 local buffer overflow exploit that spawns calc.exe. Written in Python.
3a37514859add1cff54bec0372109f4964da0dd81e184d0298c7ccab2cfe5e1d
Zomorrod CMS suffers from a remote SQL injection vulnerability.
0b26af37ace660ffd257755a383e61ab47239725ba11dfff398513d5f7365922
Newsletter Tailor suffers from a remote file inclusion vulnerability.
d5a917e2d95aa23b1b63f5751fdbc33d48d9a93fcd4f61f46d71fdc6fb2c5508
Various product from ARWScripts.com suffer from cross site scripting and remote SQL injection vulnerabilities.
35e3c63c76f4df3b619c33c2867fe717d4da902b054619ffbcc1dfc3e0428136
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint Viewer. User interaction is required to exploit this vulnerability in that the target must open a malicious PowerPoint PPT file. The specific flaw exists in the handling of TextCharsAtom (0x0fa0) records contained in a PPT file. Due to the lack of bounds checking on the size argument an unchecked memcpy copies user-supplied data from the file to the stack, overflowing key exception structures. Exploitation of this vulnerability can lead to remote compromise of the affected system under the credentials of the currently logged in user.
8e1c23ac15700c930c9745ee6e55c11fbeb356f471c8041790add6cbebb32c65
Limny suffers from a remote shell upload vulnerability.
ce4958a529d1e760b0bfda8b73f662f612126e8d2adc32df7041e151c4c91fd0
phpMiniSite suffers from an insecure cookie handling vulnerability.
abb797a1cbdbeb51750c59fd85c4e4888087ee4a570730b1e83e2bca599e59bf
vBulletin Adsense suffers from a remote SQL injection vulnerability.
a219122b84ab22aebec20e7ea061e96fc62e32affca9485b6515c03632753173