Embedthis Appweb version 3.1.2 remote denial of service exploit.
ba154d0b11a211b6d23de88823245b3b47942976389c8e0fba1e257a275ff35d
httpdx version 1.5.3b remote pre-authentication denial of service proof of concept exploit.
585d744956b19dde8b38791dfcca4761b2b16c8555c7a44ae6ce69bd4ae46dc5
Media Player version 6.4.9.1 with K-Lite Codec Pack denial of service exploit that creates a malicious .avi file.
d8a6f2009741ecce1daa45aed288808ae33187fc8050a199303864c752d09b4d
GOM Player version 2.1.21 denial of service exploit that creates a malicious .avi file.
3586ef38c50d1e2b9951d218d55c3329164824bf7a2614699fed54cce3b516c6
QuickZip version 4.60.019 stack buffer overflow exploit for XP SP3.
c249e4b1ead7403ecda55a227cb5bf69e66217aaf1853b178e0c25e90293670b
GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
650a5d4bc8dd0f9726545daee450684d5dfefeef3b24c3ccb5e63a1432b1f774
This Metasploit module exploits a stack overflow in the USER verb in Open & Compact FTPd version 1.2. The program will crash once the payload is sent, so bind shell payloads are not effective.
1ae431d61e50c5b14fa336ca601d49fc1d63997a3d2836735d649f9123e42bf4
phpAdsNew, OpenAds and OpenX suffer from a cross site scripting vulnerability in banner.swf.
5aa539503c5152a93dca15cb865e8674896c69a43668e2240159823d394fd87a
WhatWeb next generation web scanner identifies what websites are running. Released at the Kiwicon conference (kiwicon.org) in Wellington, New Zealand. Written in Ruby for Linux. Flexible plugin architecture with over 70 plugins so far. Passive plugins use information in the headers, cookies, HTML body and URL. Aggressive plugins can identify versions of Joomla, phpBB, etc by making extra requests to the webserver.
20c3ad738e1fdee029d4aba2f9a577f770fe605f58b1eb9399aca929dc716c33
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
7e815be1c57fe444aa3aa1d74c19fa2f05fe4a28a56ab7185596070d893e360f
The Joomla GCalendar component version 2.1.5 suffers from a local file inclusion vulnerability.
84575ae6dddbf32d2821b9beb9db0ed79e3e86c51bad61191b3f522e974fc32d
PHP Classifieds version 7.5 suffers from a remote blind SQL injection vulnerability.
d7725a7ddac54e6687eca8f23299ec9e1c5f7780e3d9b449b9d2db6889cba9ad
The Joomla Ninja RSS Syndicator component version 1.0.8 suffers from a local file inclusion vulnerability.
ece581ee4b421fcc5654775abba243b7d22dbbecdb33237ebb5b159b62ec3c7f
Phenix version 3.5b suffers from a remote SQL injection vulnerability.
4e374cdaa4d09edeecaaac146e041367152a784e5fc2ab117e367283bbb71d2c
The Joomla Bidding component suffers from a remote SQL injection vulnerability.
650b19e9d4b45c03f5ff96feb56195efca04d692a39e01082f6da57705260c57
The Joomla Ulti RPX component version 2.1.0 suffers from a local file inclusion vulnerability.
a66e0f7cc74482d42d716de96486f80dfda5e6fee7ef3660f30412f912d08751
Duhok Forum version 1.0 suffers from a cross site scripting vulnerability.
d95a27848465ccf884060cf969b0f5164f2ac7939a2a461c1577354d2464b600
FreeHost version 1.00 suffers from a remote shell upload vulnerability.
3fc030a232ad4fe18352528ad36453e3c873ddb1a3ee0e5dd02e54b4091bf7a2
Torrent Hoster suffers from cross site scripting and shell upload vulnerabilities.
d561d9c57c4c45153f35b831159f2adc36530ceae6b48149640597bf2a53c274
CH-CMS.ch version 2 suffers from a remote shell upload vulnerability.
6142c7de2ef087aae21422a27e98d6be2e3adfd23f5f9a4654168adfa86b13c3
Interspire Shopping Cart version 5.5.4 suffers from backup related and shell upload vulnerabilities.
962a0ebd3ed3dad8404d9343414b3ef3b237a4bde0fcc41eaa1bb3d3e3a5caac
Subdreamer CMS version 3.0.1 suffers from an arbitrary file upload vulnerability.
f9487d7b9b1845c831ad2476561d097a2931de7e558706084ae6be9a7c60f70b
Zero Day Initiative Advisory 10-029 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the WebCore's HTMLObjectElement::renderFallBackContent() method. By rewriting an HTML element via the document's innerHTML() method a memory corruption occurs resulting from a call-after-free. This can be leveraged to execute arbitrary code under the context of the current user.
96ac047753aa8b572260a0c5d67b5b0fbef2fd3f84eeab18e24c2bba4a0d4823
Andromeda version 1.9.2 suffers from cross site scripting and cookie manipulation vulnerabilities.
308dc803cb67dc0c0ef0e4a2e133cf2a21c0aeb85464470a9992a17ec80893f6
This is a list of Iranian names to be used for cracking.
34fa5cb2b56956318d60d6f09dea83f2ffca66a495cced31641a6cad9574b721