i-doit Pro version 1.2.4 suffers from a remote SQL injection vulnerability.
d379f529ab470d5a06615e5f294809fa07ba0dae5a6174febf60965b570f9834
Office Assistant Pro version 2.2.2 suffers from a local file inclusion vulnerability.
30cb2b510b5e639ac51997a9817262bd51d72ac919a3800bdeb9af06a3f2976e
Proof of concept exploit used by the recent Linksys worm (known as "Moon"). Exploits blind command injection in tmUnblock.cgi.
ae7d5127e7b3b8fa46d888c48b1a569122f9a4eb074e9be265ffb8853f9989d3
RSA BSAFE SSL-J versions 5.x and 6.0 suffer from multiple information disclosure and denial of service vulnerabilities.
aef6a2ba87b30e68a9a10673a1798725a3ae0ed907984518f8d17582846d1f32
HP Data Protector EXEC_BAR remote command execution exploit that affects versions 6.10, 6.11, and 6.20.
61724438d24f7c3fae1f27461fbde907581b70b0ea7feeb0605890476a22853c
Open Web Analytics (OWA) is open source web analytics software that can track and analyze how visitors use websites and applications. OWA is vulnerable to SQL injection that allows an attacker to execute arbitrary SQL statements in the context of the configured OWA database user without authenticating to the web application. This vulnerability affects Open Web Analytics version 1.5.4.
33fdc3435e7222254bf0a84debe464683ce87c332c33bea4a6d45b428d72c3e2
mbDriveHD version 1.0.7 suffers from local file inclusion and command injection vulnerabilities.
0defc0dabaff7f035a35e570bac2932c3ed3359b798d8fef709339759dcd991e
Pina CMS suffers from cross site scripting and remote SQL injection vulnerabilities.
cc20e5401576a2ab22f58f1619da4ecf79fe33e2b0a925c31896dc3c7d7c65a8
DSMS suffers from cross site scripting and content spoofing vulnerabilities.
a532f56dcb6a02581fb990ea71eac48b12052295b174c9a01efdf3d1bc99fea3
This small python script scans for a number of variations on the PHP-CGI remote code execution vulnerability, includes "apache magica" and plesk paths, along with other misconfigurations.
78e9601c9d4667d30bde2edbe6d0b41d7549713beeeda32559e31be022767d22
This code abuses PJL functionality on HP network printers to print documents and also change the "ReadyMessage". Useful for avoiding printer payment systems in universities. Scan for port 9100 to find printers.
0cfc418101360d5c0f8ce242ec0a13b08842bfc2efb02f687606c41de85db95f
Joomla Wire Immogest component suffers from a remote SQL injection vulnerability.
00f576b8ef70f91d67d4a0cdd53e86330293ac059312acb206cf9b1dee235766
phpMyBackupPro version 2.4 suffers from a cross site scripting vulnerability.
6767817fe5860950f41ec819032f9c3840f6da224c3da044c7046a905e269882
Azazel is a userland rootkit written in C based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection. Features include log cleaning, pcap subversion, and more.
ec98508fc4cdf0112e94528e07c54147f753faa6a4210d9ea336d8c58a2140de
Linksys products EA2700, EA3500, E4200, and EA4500 suffer from having an unauthenticated interface on port 8083 periodically.
c93dc6b97572e7b9d7273d159d461be3bb7465f6b1ea286140fabecda91500c0
This is a small perl script called NTP DRDoS which is a denial of service tool for use against NTP.
aace077f2d1467ac05f3510cdb0dd50536eb654724f84af89c96b51140890230
This is a whitepaper discussing the bypassing of Clamwin Antivirus. Written in Azerbaijan.
98bc6e18cd7a7451a7a16c334edae8e56514a14d1cb46d89f1f663f542990e1d
Linksys E-Series unauthenticated remote command execution exploit that leverages the same vulnerability as used in the "Moon" worm.
78e82ca781d0bf202c1592072afde4056c2f49e9ef54f2deb4e6b7ae0a5203ab