bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1184 commits 1 branch 0 tags 351 MiB
Commit graph

1184 commits

This branch
This branch
All branches
Author SHA1 Message Date
Offensive Security
91fedcad08 Merge branch 'g0tmi1k-searchsploit' 2016-09-20 22:38:15 +00:00
g0tmi1k
01cd5bae40 Fix an clipboard issue if it there wasn't $DISPLAY 2016-09-20 23:28:07 +01:00
Offensive Security
235761b103 DB: 2016-09-20 
12 new exploits

OpenSSL ASN.1<= 0.9.6j 0.9.7b - Brute Forcer for Parsing Bugs
OpenSSL ASN.1 <= 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs

ZineBasic 1.1 - Arbitrary File Disclosure

SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation

VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions

VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow

MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities

MyBB 1.8.6 - SQL Injection

Kajona 4.7 - Cross-Site Scripting / Directory Traversal

Docker Daemon - Privilege Escalation (Metasploit)

SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation

EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow

WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure

PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow
 2016-09-20 05:07:15 +00:00
Offensive Security
99fb353a74 Merge branch 'g0tmi1k-searchsploit' 2016-09-19 22:39:07 +00:00
g0tmi1k
52d612d57a Able to update via package management 2016-09-19 23:37:14 +01:00
Offensive Security
c663f43049 DB: 2016-09-18 2016-09-18 05:06:48 +00:00
Offensive Security
4aa6d571e7 DB: 2016-09-17 
3 new exploits

Too many to list!
 2016-09-17 05:08:43 +00:00
Offensive Security
54446fef7a Merge branch 'g0tmi1k-searchsploit' 2016-09-16 15:53:11 +00:00
g0tmi1k
a53a982fb2 Fixed a few minor bugs in SearchSploit & more verbose output. 2016-09-16 16:22:52 +01:00
Offensive Security
5fefdd465d Merge PR #46, closes #44 2016-09-16 11:07:30 +00:00
Offensive Security
751e61a6bf DB: 2016-09-16 
3 new exploits

Avaya IP Office Phone Manager - Local Password Disclosure

BT Voyager 2091 (Wireless ADSL) - Multiple Vulnerabilities

PA168 Chipset IP Phones - Weak Session Management Exploit

CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash

phpMyAdmin - '/scripts/setup.php' PHP Code Injection

NScan 0.9.1 - (Target) Buffer Overflow
NScan 0.9.1 - 'Target' Buffer Overflow

Xerox WorkCentre - Multiple Models Denial of Service
Xerox WorkCentre  (Multiple Models) - Denial of Service
Cisco EPC 3925 - Multiple Vulnerabilities

httpdx 1.4 - h_handlepeer Buffer Overflow (Metasploit)

Novell eDirectory 8.8sp5 - Buffer Overflow

Uebimiau Webmail 3.2.0-2.0 - Email Disclosure

ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x32/x64) - LZH archive parsing (PoC)

Integard Home and Pro 2 - Remote HTTP Buffer Overflow

Multiple D-Link Router Models - Authentication Bypass
D-Link Router (Multiple Models) - Authentication Bypass

iSO Air Files 2.6 - Directory Traversal
iOS FtpDisc 1.0 - Directory Traversal
iOS SideBooks 1.0 - Directory Traversal
iOS FtpDisc 1.0 - Directory Traversal
iOS SideBooks 1.0 - Directory Traversal
iSO Filer Lite 2.1.0 - Directory Traversal
iOS iDocManager 1.0.0 - Directory Traversal
iOS myDBLite 1.1.10 - Directory Traversal
iSO Filer Lite 2.1.0 - Directory Traversal
iOS iDocManager 1.0.0 - Directory Traversal
iOS myDBLite 1.1.10 - Directory Traversal

iOS Share 1.0 - Directory Traversal

iOS TIOD 1.3.3 - Directory Traversal

Zapya Desktop 1.803 - (ZapyaService.exe) Privilege Escalation
Zapya Desktop 1.803 - 'ZapyaService.exe' Privilege Escalation

Dansie Shopping Cart - Server Error Message Installation Full Path Disclosure

Apache/mod_ssl 2.0.x - Remote Denial of Service

SPIP - CMS < 3.0.9 / 2.1.22 / 2.0.23 - Privilege Escalation

Airlive IP Cameras - Multiple Vulnerabilities

Monkey CMS - Multiple Vulnerabilities

NetBSD mail.local - Privilege Escalation (Metasploit)

Apache Mina 2.0.13 - Remote Command Execution

Apache Mina 2.0.13 - Remote Command Execution

DeepOfix SMTP Server 3.3 - Authentication Bypass

xEpan 1.0.4 - Multiple Vulnerabilities
Humhub 0.10.0-rc.1 - SQL Injection
Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities
Humhub 0.10.0-rc.1 - SQL Injection
Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities

Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness
Koha 3.20.1 - Multiple SQL Injections
Koha 3.20.1 - Directory Traversal
Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
Koha 3.20.1 - Multiple SQL Injections
Koha 3.20.1 - Directory Traversal
Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities

8 TOTOLINK Router Models - Backdoor and Remote Code Execution
8 TOTOLINK Router Models - Backdoor / Remote Code Execution

Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow

TestLink 1.9.14 - Cross-Site Request Forgery

PaKnPost Pro 1.14 - Multiple Vulnerabilities

zFTP Client 20061220 - (Connection Name) Local Buffer Overflow
zFTP Client 20061220 - 'Connection Name' Local Buffer Overflow

NUUO NVRmini 2 3.0.8 - (strong_user.php) Backdoor Remote Shell Access
NUUO NVRmini 2 3.0.8 - 'strong_user.php' Backdoor Remote Shell Access

Cisco ASA 8.x - Authentication Bypass (EXTRABACON)
Cisco ASA 8.x - 'EXTRABACON' Authentication Bypass
Watchguard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN)
Cisco ASA / PIX - Privilege Escalation (EPICBANANA)
TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT)
TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE)
TOPSEC Firewalls - Remote Code Execution (ELIGIBLEBOMBSHELL)
TOPSEC Firewalls - Remote Exploit (ELIGIBLEBACHELOR)
Fortigate Firewalls - Remote Code Execution (EGREGIOUSBLUNDER)
Watchguard Firewalls - 'ESCALATEPLOWMAN' ifconfig Privilege Escalation
Cisco ASA / PIX - 'EPICBANANA' Privilege Escalation
TOPSEC Firewalls - 'ELIGIBLECONTESTANT' Remote Code Execution
TOPSEC Firewalls - 'ELIGIBLECANDIDATE' Remote Code Execution
TOPSEC Firewalls - 'ELIGIBLEBOMBSHELL' Remote Code Execution
TOPSEC Firewalls - 'ELIGIBLEBACHELOR' Remote Exploit
Fortigate Firewalls - 'EGREGIOUSBLUNDER' Remote Code Execution

tcPbX - (tcpbx_lang) Local File Inclusion
tcPbX - 'tcpbx_lang' Local File Inclusion
 2016-09-16 05:08:37 +00:00
Offensive Security
f1e68e0b1d DB: 2016-09-15 
3 new exploits

Android - getpidcon Usage binder Service Replacement Race Condition

PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure

Apache Mina 2.0.13 - Remote Command Execution
 2016-09-15 05:07:49 +00:00
Offensive Security
d5138d6962 DB: 2016-09-14 
17 new exploits

Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script
Cherry Music 0.35.1 - Arbitrary File Disclosure
Battle.Net 1.5.0.7963 - Insecure File Permissions Privilege Escalation
Windows x86 - Password Protected TCP Bind Shell (637 bytes)
wdCalendar 2 - SQL Injection
Zapya Desktop 1.803 - (ZapyaService.exe) Privilege Escalation
Exper EWM-01 ADSL/MODEM - Unauthenticated DNS Change

Open-Xchange App Suite 7.8.2 - Cross Site Scripting

Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting

Multiple Icecream Apps - Insecure File Permissions Privilege Escalation

WinSMS 3.43 - Insecure File Permissions Privilege Escalation

Microsoft Internet Explorer 11.0.9600.18482 - Use After Free

AIOCP 1.3.x - 'cp_dpage.php' Full Path Disclosure
AIOCP 1.3.x - Multiple Vulnerabilities

ASUS DSL-X11 ADSL Router - Unauthenticated DNS Change

COMTREND ADSL Router CT-5367 C01_R12_ CT-5624 C01_R03 - Unauthenticated DNS Change

Tenda ADSL2/2+ Modem 963281TAN - Unauthenticated DNS Change

PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change

PIKATEL 96338WS_ 96338L-2M-8M - Unauthenticated DNS Change

Inteno EG101R1 VoIP Router - Unauthenticated DNS Change
 2016-09-14 05:08:39 +00:00
Offensive Security
28e25eeea1 DB: 2016-09-13 
1 new exploits

Too many to list!
 2016-09-13 05:08:52 +00:00
xtrm0
5512cfc6f3 Gets the physical script path in case of link 2016-09-13 02:14:42 +01:00
Offensive Security
79d7b397e6 Merge branch 'unix-ninja-master' 2016-09-12 22:07:44 +00:00
Chris Baal
51ac261a7f Adjust usage info and README to reflect new flags 2016-09-12 17:48:40 -04:00
Chris Baal
2ce9b3fd51 Remove -X flag and replace with -m for mirror only 2016-09-12 17:42:29 -04:00
Chris Baal
a30ebe3ca1 Add two flags for viewing exploits in terminal pager 2016-09-12 17:19:32 -04:00
Offensive Security
094f4ef355 DB: 2016-09-12 2016-09-12 05:08:21 +00:00
Offensive Security
b621d13801 DB: 2016-09-11 2016-09-11 05:08:43 +00:00
Offensive Security
7607be84a3 DB: 2016-09-10 
3 new exploits

freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated)
freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated

freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow
freeSSHd 1.2.1 - Authenticated Remote SEH Overflow

Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit
Debian OpenSSH - Authenticated Remote SELinux Privilege Elevation Exploit

AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection
AvailScript Jobs Portal Script - Authenticated (jid) SQL Injection

AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload
AvailScript Jobs Portal Script - Authenticated Arbitrary File Upload
Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service
Serv-U 7.3 - (Authenticated) Remote FTP File Replacement
Serv-U 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U 7.3 - Authenticated Remote FTP File Replacement

freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC
freeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow PoC

LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection
LoudBlog 0.8.0a - Authenticated (ajax.php) SQL Injection

freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC
freeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow PoC

Hannon Hill Cascade Server - (Authenticated) Command Execution
Hannon Hill Cascade Server - Authenticated Command Execution

Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - Authenticated Multiple Vulnerabilities

Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities
Femitter FTP Server 1.x - Authenticated Multiple Vulnerabilities

Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure
Cpanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure

MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC
MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String PoC

FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service
FtpXQ FTP Server 3.0 - Authenticated Remote Denial of Service

NetAccess IP3 - (Authenticated) (ping option) Command Injection
NetAccess IP3 - Authenticated (ping option) Command Injection

Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - Authenticated Remote Buffer Overflow

Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting
Apache Axis2 Administration console - Authenticated Cross-Site Scripting
Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow

Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow

Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)

UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow
UPlusFTP Server 1.7.1.01 - Authenticated HTTP Remote Buffer Overflow

Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow

ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - Authenticated Remote Buffer Overflow

ActFax Server FTP - (Authenticated) Remote Buffer Overflow
ActFax Server FTP - Authenticated Remote Buffer Overflow

Oracle Database - Protocol  Authentication Bypass
Oracle Database - Protocol Authentication Bypass

IRIS Citations Management Tool - (Authenticated) Remote Command Execution
IRIS Citations Management Tool - Authenticated Remote Command Execution

Airmail 3.0.2 - Cross-Site Scripting

LamaHub 0.0.6.2 - Buffer Overflow

Vodafone Mobile Wifi - Reset Admin Password

Zabbix 2.0 - 3.0.3 - SQL Injection
Zabbix 2.0 < 3.0.3 - SQL Injection

Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution
Acuity CMS 2.6.2 - (ASP) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution

GLPI 0.85.5 -  Arbitrary File Upload / Filter Bypass / Remote Code Execution
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
Alfresco - /proxy endpoint Parameter Server Side Request Forgery (SSRF)
Alfresco - /cmisbrowser url Parameter Server Side Request Forgery (SSRF)
Alfresco - /proxy endpoint Parameter Server Side Request Forgery
Alfresco - /cmisbrowser url Parameter Server Side Request Forgery

vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF)
vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery
 2016-09-10 05:08:39 +00:00
Offensive Security
0be1ea959a DB: 2016-09-09 
11 new exploits

Samba 3.0.4 - SWAT Authorization Buffer Overflow
Samba 3.0.4 SWAT - Authorisation Buffer Overflow

Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit
Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2)

HP-UX FTP Server - Pre-Authentication Directory Listing Exploit (Metasploit)
HP-UX FTP Server - Unauthenticated Directory Listing Exploit (Metasploit)

WinEggDropShell 1.7 - Multiple Pre-Authentication Remote Stack Overflow (PoC)
WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflow (PoC)

FileCOPA FTP Server 1.01 - (USER) Remote Pre-Authentication Denial of Service
FileCOPA FTP Server 1.01 - (USER) Remote Unauthenticated Denial of Service

Multiple Applications - Local Credentials Disclosure

Asterisk 1.2.15 / 1.4.0 - Pre-Authentication Remote Denial of Service
Asterisk 1.2.15 / 1.4.0 - Unauthenticated Remote Denial of Service

IBM Lotus Domino Server 6.5 - Pre-Authentication Remote Exploit
IBM Lotus Domino Server 6.5 - Unauthenticated Remote Exploit

Frontbase 4.2.7 - Post-Authentication Remote Buffer Overflow (2.2)
Frontbase 4.2.7 - Authenticated Remote Buffer Overflow (2.2)

IBM Tivoli Provisioning Manager - Pre-Authentication Remote Exploit
IBM Tivoli Provisioning Manager - Unauthenticated Remote Exploit

Mercury SMTPD - Remote Pre-Authentication Stack Based Overrun (PoC)
Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)

Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authentication Remote Overflow
Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
SIDVault LDAP Server - Pre-Authentication Remote Buffer Overflow
Mercury/32 3.32-4.51 - SMTP Pre-Authentication EIP Overwrite
SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow
Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite

Hexamail Server 3.0.0.001 - (pop3) Pre-Authentication Remote Overflow (PoC)
Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC)

Airsensor M520 - HTTPD Remote Pre-Authentication Denial of Service / Buffer Overflow (PoC)
Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC)

Mercury/32 4.52 IMAPD - SEARCH command Post-Authentication Overflow
Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow
SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution
McAfee E-Business Server - Remote Pre-Authentication Code Execution / Denial of Service (PoC)
SAP MaxDB 7.6.03.07 - Unauthenticated Remote Command Execution
McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC)

MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow
MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow

NetWin Surgemail 3.8k4-4 - IMAP Post-Authentication Remote LIST Universal Exploit
NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit

HP OpenView NNM 7.5.1 - OVAS.exe SEH Pre-Authentication Overflow
HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow

BigAnt Server 2.2 - Pre-Authentication Remote SEH Overflow
BigAnt Server 2.2 - Unauthenticated Remote SEH Overflow

Joomla Component JPad 1.0 - Post-Authentication SQL Injection
Joomla Component JPad 1.0 - Authenticated SQL Injection

CMS Made Simple 1.2.4 - (FileManager module) File Upload
CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload

freeSSHd 1.2.1 - Remote Stack Overflow PoC (Post-Authentication)
freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated)

freeSSHd 1.2.1 - (Post-Authentication) Remote SEH Overflow
freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow

vsftpd 2.0.5 - (CWD) Post-Authentication Remote Memory Consumption Exploit
vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit

Surgemail 39e-1 - Post-Authentication IMAP Remote Buffer Overflow Denial of Service
Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow Denial of Service

Debian OpenSSH - (Post-Authentication) Remote SELinux Privilege Elevation Exploit
Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit

Oracle Internet Directory 10.1.4 - Remote Pre-Authentication Denial of Service
Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service

AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection
AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection

AvailScript Jobs Portal Script - (Post-Authentication) File Upload
AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload
Serv-U 7.3 - (Post-Authentication) (stou con:1) Denial of Service
Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement
Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service
Serv-U 7.3 - (Authenticated) Remote FTP File Replacement

Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack (PoC)
Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC)

Noticeware E-mail Server 5.1.2.2 - (POP3) Pre-Authentication Denial of Service
Noticeware E-mail Server 5.1.2.2 - (POP3) Unauthenticated Denial of Service

freeSSHd 1.2.1 - (Post-Authentication) SFTP rename Remote Buffer Overflow PoC
freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC

LoudBlog 0.8.0a - (Post-Authentication) (ajax.php) SQL Injection
LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection

freeSSHd 1.2.1 - (Post-Authentication) SFTP realpath Remote Buffer Overflow PoC
freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC

AJ Auction Authentication - Bypass Exploit
AJ Auction - Authentication Bypass

Simple Directory Listing 2 - Cross-Site File Upload
Simple Directory Listing 2 - Cross-Site Arbitrary File Upload

Mini File Host 1.x - Arbitrary PHP File Upload
Mini File Host 1.x - Arbitrary .PHP File Upload

Memberkit 1.0 - Remote PHP File Upload
Memberkit 1.0 - Remote Arbitrary .PHP File Upload

WinFTP 2.3.0 - 'LIST' Post-Authentication Remote Buffer Overflow
WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow

Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload
Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload

Free Download Manager 2.5/3.0 - (Authorization) Stack Buffer Overflow (PoC)
Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC)

WikkiTikkiTavi 1.11 - Remote PHP File Upload
WikkiTikkiTavi 1.11 - Remote Arbitrary.PHP File Upload

Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation
Baran CMS 1.0 - Arbitrary .ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation

zFeeder 1.6 - 'admin.php' Pre-Authentication
zFeeder 1.6 - 'admin.php' Unauthenticated

Addonics NAS Adapter - Post-Authentication Denial of Service
Addonics NAS Adapter - Authenticated Denial of Service

Serv-U 7.4.0.1 - (SMNT) Post-Authentication Denial of Service
Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service

Hannon Hill Cascade Server - (Post-Authentication) Command Execution
Hannon Hill Cascade Server - (Authenticated) Command Execution

Telnet-Ftp Service Server 1.x - (Post-Authentication) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities

Femitter FTP Server 1.x - (Post-Authentication) Multiple Vulnerabilities
Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities

Gravity Board X 2.0b - SQL Injection / Post-Authentication Code Execution
Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution

XRDP 0.4.1 - Pre-Authentication Remote Buffer Overflow (PoC)
XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC)

Addonics NAS Adapter - 'bts.cgi' Post-Authentication Remote Denial of Service
Addonics NAS Adapter - 'bts.cgi' Authenticated Remote Denial of Service

Cpanel - (Post-Authentication) (lastvisit.html domain) Arbitrary File Disclosure
Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure

MySQL 5.0.45 - (Post-Authentication) COM_CREATE_DB Format String PoC
MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC

Adobe JRun 4 - (logfile) Post-Authentication Directory Traversal
Adobe JRun 4 - (logfile) Authenticated Directory Traversal

FtpXQ FTP Server 3.0 - (Post-Authentication) Remote Denial of Service
FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service

NetAccess IP3 - (Post-Authentication) (ping option) Command Injection
NetAccess IP3 - (Authenticated) (ping option) Command Injection

Joomla 1.5.12 - tinybrowser Arbitrary File Upload / Execute
Joomla 1.5.12 tinybrowser - Arbitrary File Upload /Execution

Cerberus FTP server 3.0.6 - Pre-Authentication Denial of Service
Cerberus FTP server 3.0.6 - Unauthenticated Denial of Service

HP NNM 7.53 - ovalarm.exe CGI Pre-Authentication Remote Buffer Overflow
HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow

Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow

httpdx 1.5.2 - Remote Pre-Authentication Denial of Service (PoC)
httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC)

(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Crash (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Crash (PoC)

(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Exploit
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)

httpdx 1.5.3b - Multiple Remote Pre-Authentication Denial of Service (PoC)
httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service (PoC)

Kerio MailServer 6.2.2 - Pre-Authentication Remote Denial of Service (PoC)
Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC)

(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit)
eDisplay Personal FTP server 1.0.0 - Pre-Authentication Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)
eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC)

eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (1)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)

eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (2)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)

uTorrent WebUI 0.370 - Authorization header Denial of Service
uTorrent WebUI 0.370 - Authorisation Header Denial of Service

Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication Buffer Overflow
Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow

ProSSHD 1.2 - Remote Post-Authentication Exploit (ASLR + DEP Bypass)
ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass)

Apache Axis2 Administration console - (Post-Authentication) Cross-Site Scripting
Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting

(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authentication Denial of Service
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service

BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ALSR + DEP Bypass)
BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ASLR + DEP Bypass)

dotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting)
dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting)
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow

Easy FTP Server 1.7.0.11 - (Post-Authentication) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow

Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit)

UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow
UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow

Easy FTP Server 1.7.0.11 - (Post-Authentication) Multiple Commands Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow

Achievo 1.4.3 - Multiple Authorization Flaws
Achievo 1.4.3 - Multiple Authorisation Flaws

PHPMotion 1.62 - 'FCKeditor' File Upload
PHPMotion 1.62 - 'FCKeditor' Arbitrary File Upload

Home FTP Server 1.11.1.149 - Post-Authentication Directory Traversal
Home FTP Server 1.11.1.149 - Authenticated Directory Traversal

News Script PHP Pro - 'FCKeditor' File Upload
News Script PHP Pro - 'FCKeditor' Arbitrary File Upload

Microsoft Windows 2003 - AD Pre-Authentication BROWSER ELECTION Remote Heap Overflow
Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow

ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Post-Authentication) Remote Buffer Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow

Vtiger CRM 5.0.4 - Pre-Authentication Local File Inclusion
Vtiger CRM 5.0.4 - Unauthenticated Local File Inclusion

HP OpenView NNM 7.53/7.51 - OVAS.exe Pre-Authentication Stack Buffer Overflow
HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow

MailEnable - Authorization Header Buffer Overflow
MailEnable - Authorisation Header Buffer Overflow
ColdFusion 8.0.1 - Arbitrary File Upload and Execution
Adobe RoboHelp Server 8 - Arbitrary File Upload and Execution
ColdFusion 8.0.1 - Arbitrary File Upload / Execution
Adobe RoboHelp Server 8 - Arbitrary File Upload / Execution

OpenX - banner-edit.php File Upload PHP Code Execution
OpenX - banner-edit.php Arbitrary File Upload / PHP Code Execution

Joomla 1.5.12 - tinybrowser File Upload Code Execution
Joomla 1.5.12 tinybrowser - Arbitrary File Upload / Code Execution

N_CMS 1.1E - Pre-Authentication Local File Inclusion / Remote Code Exploit
N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code Exploit

If-CMS 2.07 - Pre-Authentication Local File Inclusion (1)
If-CMS 2.07 - Unauthenticated Local File Inclusion (1)

IPComp - encapsulation Pre-Authentication kernel memory Corruption
IPComp - encapsulation Unauthenticated kernel memory Corruption

SQL-Ledger 2.8.33 - Post-Authentication Local File Inclusion / Edit
SQL-Ledger 2.8.33 - Authenticated Local File Inclusion / Edit

Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP + ASLR Bypass)
Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (ASLR + DEP Bypass)

Easy Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow
Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow

ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow
ActFax Server FTP - (Authenticated) Remote Buffer Overflow

If-CMS 2.07 - Pre-Authentication Local File Inclusion (Metasploit) (2)
If-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2)

DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass)
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (ASLR + DEP Bypass)

DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit
DVD X Player 5.5 Pro - (SEH + ASLR + DEP Bypass) Exploit

TomatoCart 1.1 - Post-Authentication Local File Inclusion
TomatoCart 1.1 - Authenticated Local File Inclusion

BlazeVideo HDTV Player 6.6 Professional - Universal DEP + ASLR Bypass
BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass

QuiXplorer 2.3 - Bugtraq File Upload
QuiXplorer 2.3 - Bugtraq Arbitrary File Upload

QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR Bypass (Metasploit)
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows (ASLR + DEP Bypass) (Metasploit)

Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Authentication Command Execution
Avaya WinPDM UniteHostRouter 3.8.2 - Remote Unauthenticated Command Execution
Sysax Multi Server 5.53 - SFTP Post-Authentication SEH Exploit
Sysax 5.53 - SSH 'Username' Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter)
Sysax Multi Server 5.53 - SFTP Authenticated SEH Exploit
Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter)

BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR
BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass

Dolibarr ERP & CRM 3 - Post-Authentication OS Command Injection
Dolibarr ERP & CRM 3 - Authenticated OS Command Injection

V-CMS - PHP File Upload and Execution
V-CMS - Arbitrary .PHP File Upload / Execution

WebCalendar 1.2.4 - Pre-Authentication Remote Code Injection
WebCalendar 1.2.4 - Unauthenticated Remote Code Injection

appRain CMF - Arbitrary PHP File Upload
appRain CMF - Arbitrary .PHP File Upload

EGallery - PHP File Upload
EGallery - Arbitrary .PHP File Upload

SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Post-Authentication SQL Injection
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection

WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload
WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary .PHP File Upload

WebPageTest - Arbitrary PHP File Upload
WebPageTest - Arbitrary .PHP File Upload

XODA 0.4.5 - Arbitrary PHP File Upload
XODA 0.4.5 - Arbitrary .PHP File Upload

Elcom CMS 7.4.10 - Community Manager Insecure File Upload
Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload

Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Authentication Blind SQL Injection
Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection

Mod_SSL 2.8.x - Off-by-One HTAccess Buffer Overflow
Apache/mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow
Dropbox Desktop Client 9.4.49 (64bit) - Local Credentials Disclosure
OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (1)
OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (2)
Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1)
Apache/mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow Exploit

qdPM 7.0 - Arbitrary PHP File Upload
qdPM 7.0 - Arbitrary .PHP File Upload

Oracle Database - Authentication Protocol Security Bypass
Oracle Database - Protocol  Authentication Bypass

Mod_NTLM 0.x - Authorization Heap Overflow
Mod_NTLM 0.x - Authorisation Heap Overflow

Mod_NTLM 0.x - Authorization Format String
Mod_NTLM 0.x - Authorisation Format String

Geeklog 1.3.x - Authentication SQL Injection
Geeklog 1.3.x - Authenticated SQL Injection

NFR Agent FSFUI Record - Arbitrary File Upload Remote Code Execution
NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution

PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload and Execution
PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload / Execution

MySQL - Remote Pre-Authentication User Enumeration
MySQL - Remote Unauthenticated User Enumeration

vbPortal 2.0 alpha 8.1 - Authentication SQL Injection
vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (3)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3)
WordPress WP-Property Plugin - PHP File Upload
WordPress Asset-Manager Plugin - PHP File Upload
WordPress WP-Property Plugin - Arbitrary .PHP File Upload
WordPress Asset-Manager Plugin - Arbitrary .PHP File Upload

Ubiquiti AirOS 5.5.2 - Remote Post-Authentication Root Command Execution
Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution

RobotFTP Server 1.0/2.0 - Remote Pre-Authentication Command Denial of Service
RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (1)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (2)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2)

Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload and Execution
Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload / Execution

Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun
Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun

Novell NCP - Pre-Authentication Remote Root Exploit
Novell NCP - Unauthenticated Remote Root Exploit

Polar Helpdesk 3.0 - Cookie Based Authentication System Bypass
Polar Helpdesk 3.0 - Cookie Based Authentication Bypass

IRIS Citations Management Tool - (Post-Authentication) Remote Command Execution
IRIS Citations Management Tool - (Authenticated) Remote Command Execution

Polycom HDX - Telnet Authorization Bypass (Metasploit)
Polycom HDX - Telnet Authentication Bypass (Metasploit)

OpenEMR - PHP File Upload
OpenEMR - Arbitrary .PHP File Upload

PolarPearCMS - PHP File Upload
PolarPearCMS - Arbitrary .PHP File Upload

Apache 2.0.x - mod_ssl Remote Denial of Service
Apache/mod_ssl 2.0.x - Remote Denial of Service

phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload
phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload

BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload
BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated Arbitrary File Upload

BlueSoleil 1.4 - Object Push Service BlueTooth File Upload Directory Traversal
BlueSoleil 1.4 - Object Push Service BlueTooth Arbitrary File Upload / Directory Traversal

MoinMoin - twikidraw Action Traversal File Upload
MoinMoin - twikidraw Action Traversal Arbitrary File Upload

Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authentication Heap Corruption
Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption

Alt-N MDaemon 2-8 - Remote Pre-Authentication IMAP Buffer Overflow
Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow

FlexWATCH 3.0 - AIndex.asp Authorization Bypass
FlexWATCH 3.0 - AIndex.asp Authentication Bypass
HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload
HP ProCurve Manager SNAC - UpdateCertificatesServlet File Upload
HP ProCurve Manager - SNAC UpdateDomainControllerServlet Arbitrary File Upload
HP ProCurve Manager SNAC - UpdateCertificatesServlet Arbitrary File Upload

WordPress Curvo Themes - Cross-Site Request Forgery File Upload
WordPress Curvo Themes - Cross-Site Request Forgery / Arbitrary File Upload

WordPress Highlight Premium Theme - Cross-Site Request Forgery / File Upload
WordPress Highlight Premium Theme - Cross-Site Request Forgery / Arbitrary File Upload

PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass
PHPBB2 - Admin_Ug_Auth.php Administrative Bypass

Adobe Acrobat Reader - ASLR + DEP Bypass with SANDBOX Bypass
Adobe Acrobat Reader - ASLR + DEP Bypass with Sandbox Bypass

Castripper 2.50.70 - '.pls' DEP Exploit
Castripper 2.50.70 - '.pls' DEP Bypass Exploit

Google Urchin 5.7.3 - Report.cgi Authorization Bypass
Google Urchin 5.7.3 - Report.cgi Authentication Bypass

Adobe Flash - Method Calls Use-After-Free

Adobe Flash - Transform.colorTranform Getter Info Leak

RSA Authentication Agent for Web 5.3 - URI redirection
RSA Authentication Agent for Web 5.3 - URI Redirection

Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow

Zabbix 2.0 - 3.0.3 - SQL Injection

ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution
ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload / Arbitrary Code Execution

Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure

LogMeIn Client 1.3.2462 (64bit) - Local Credentials Disclosure

SpagoBI 4.0 - Arbitrary Cross-Site Scripting / File Upload
SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload

Katello (Red Hat Satellite) - users/update_roles Missing Authorization
Katello (Red Hat Satellite) - users/update_roles Missing Authorisation

Freepbx 13.0.x < 13.0.154 - Remote Command Execution
FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution

Jobberbase 2.0 - Multiple Vulnerabilities

Windows x86 - Bind Shell TCP Shellcode

WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload
WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated Arbitrary File Upload
Bits Video Script 2.04/2.05 - 'addvideo.php' File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'register.php' File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'register.php' Arbitrary File Upload / Arbitrary PHP Code Execution

Moab < 7.2.9 - Authorization Bypass
Moab < 7.2.9 - Authentication Bypass

Tapatalk for vBulletin 4.x - Pre-Authentication Blind SQL Injection
Tapatalk for vBulletin 4.x - Unauthenticated Blind SQL Injection

Drupal Core < 7.32 - Pre-Authentication SQL Injection
Drupal Core < 7.32 - Unauthenticated SQL Injection

Tincd - Post-Authentication Remote TCP Stack Buffer Overflow
Tincd - Authenticated Remote TCP Stack Buffer Overflow

PMB 4.1.3 - Post-Authentication SQL Injection
PMB 4.1.3 - Authenticated SQL Injection

Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authentication Remote Code Execution
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution

ManageEngine Multiple Products - Authenticated File Upload
ManageEngine Multiple Products - Authenticated Arbitrary File Upload
Chyrp 2.x - swfupload Extension upload_handler.php File Upload Arbitrary PHP Code Execution
X360 VideoPlayer ActiveX Control 2.6 - (Full ASLR + DEP Bypass)
Chyrp 2.x - swfupload Extension upload_handler.php Arbitrary File Upload / Arbitrary PHP Code Execution
X360 VideoPlayer ActiveX Control 2.6 - (ASLR + DEP Bypass)

Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution
Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution

Symantec Web Gateway 5 - restore.php Post-Authentication Command Injection
Symantec Web Gateway 5 - restore.php Authenticated Command Injection

JBoss Seam 2 - Arbitrary File Upload and Execution
JBoss Seam 2 - Arbitrary File Upload / Execution

Barracuda Firmware 5.0.0.012 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit)

Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload / Arbitrary Code Execution
Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted Arbitrary File Upload / Arbitrary Code Execution

WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload and Execution
WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload / Execution

JibberBook 2.3 - 'Login_form.php' Authentication Security Bypass
JibberBook 2.3 - 'Login_form.php' Authentication Bypass

Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter File Upload / Code Execution
Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution

Zenoss 3.2.1 - Remote Post-Authentication Command Execution
Zenoss 3.2.1 - Remote Authenticated Command Execution

Microweber 1.0.3 - Arbitrary File Upload Filter Bypass Remote PHP Code Execution
Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / Remote PHP Code Execution

Magento CE < 1.9.0.1 - Post-Authentication Remote Code Execution
Magento CE < 1.9.0.1 - Authenticated Remote Code Execution

Netsweeper 4.0.9 - Arbitrary File Upload and Execution
Netsweeper 4.0.9 - Arbitrary File Upload / Execution

Netsweeper 4.0.8 - Arbitrary File Upload and Execution
Netsweeper 4.0.8 - Arbitrary File Upload / Execution

EasyITSP - 'customers_edit.php' Authentication Security Bypass
EasyITSP - 'customers_edit.php' Authentication Bypass

Wolf CMS - Arbitrary File Upload and Execution
Wolf CMS - Arbitrary File Upload / Execution

Konica Minolta FTP Utility 1.00 - Post-Authentication CWD Command SEH Overflow
Konica Minolta FTP Utility 1.00 - Authenticated CWD Command SEH Overflow

GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass)
GLPI 0.85.5 -  Arbitrary File Upload / Filter Bypass / Remote Code Execution

Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / Arbitrary File Upload PHP Code Execution
Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution

vBulletin 5.1.x - Pre-Authentication Remote Code Execution
vBulletin 5.1.x - Unauthenticated Remote Code Execution
WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass
WordPress WP to Twitter Plugin - Authorization Bypass
WordPress Ninja Forms 2.7.7 Plugin - Authentication Bypass
WordPress WP to Twitter Plugin - Authentication Bypass

Novell ServiceDesk - Authenticated File Upload
Novell ServiceDesk - Authenticated Arbitrary File Upload

Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated File Upload
Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated Arbitrary File Upload

Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal DEP + ASLR Bypass)
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal ASLR + DEP Bypass)

phpATM 1.32 - Remote Command Execution (Arbitrary File Upload) on Windows Servers
phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers)
vBulletin 5.x/4.x - Post-Authentication Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API
vBulletin 4.x - Post-Authentication SQL Injection in breadcrumbs via xmlrpc API
vBulletin 5.x/4.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API
vBulletin 4.x - Authenticated SQL Injection in breadcrumbs via xmlrpc API

Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit)

phpMyAdmin 4.6.2 - Post-Authentication Remote Code Execution
phpMyAdmin 4.6.2 - Authenticated Remote Code Execution

vBulletin 5.2.2 - Pre-Authentication Server Side Request Forgery (SSRF)
vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF)

ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass
 2016-09-09 05:09:09 +00:00
Offensive Security
2aa9d941de DB: 2016-09-08 
6 new exploits

Too many to list!
 2016-09-08 05:08:29 +00:00
Offensive Security
d36011b4f9 DB: 2016-09-07 
3 new exploits

Too many to list!
 2016-09-07 05:09:19 +00:00
Offensive Security
479ae86249 DB: 2016-09-06 
5 new exploits

ProFTPD 1.2.9RC1 - (mod_sql) SQL Injection
ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection

PHPBB 2.0.4 - PHP Remote File Inclusion Exploit
phpBB 2.0.4 - PHP Remote File Inclusion Exploit

wu-ftpd 2.6.2 - Off-by-One Remote Root Exploit
WU-FTPD 2.6.2 - Off-by-One Remote Root Exploit

wu-ftpd 2.6.2 - Remote Root Exploit
WU-FTPD 2.6.2 - Remote Root Exploit

ProFTPD 1.2.9rc2 - ASCII File Remote Root Exploit
ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit

ProFTPD 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit
ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit

wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service
WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service

wu-ftpd 2.6.0 - Remote Root Exploit
WU-FTPD 2.6.0 - Remote Root Exploit

OpenBSD 2.6 / 2.7ftpd - Remote Exploit
OpenBSD 2.6 / 2.7 ftpd - Remote Exploit

wu-ftpd 2.6.0 - Remote Format Strings Exploit
WU-FTPD 2.6.0 - Remote Format Strings Exploit

ProFTPD 1.2.0 (rc2) - memory leakage example Exploit
ProFTPd 1.2.0 (rc2) - memory leakage example Exploit

ProFTPD 1.2.0pre10 - Remote Denial of Service
ProFTPd 1.2.0pre10 - Remote Denial of Service

wu-ftpd 2.6.1 - Remote Root Exploit
WU-FTPD 2.6.1 - Remote Root Exploit
OpenFTPD 0.30.2 - Remote Exploit
OpenFTPD 0.30.1 - (message system) Remote Shell Exploit
OpenFTPd 0.30.2 - Remote Exploit
OpenFTPd 0.30.1 - (message system) Remote Shell Exploit

PHP - (PHP-exec-dir) Patch Command Access Restriction Bypass
PHP - (php-exec-dir) Patch Command Access Restriction Bypass

ProFTPd (ftpdctl) - Local pr_ctrls_connect
ProFTPd - (ftpdctl) Local pr_ctrls_connect

ProFTPD 1.2.10 - Remote Users Enumeration Exploit
ProFTPd 1.2.10 - Remote Users Enumeration Exploit

PHPBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit
phpBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit

PHP 4.3.9 + PHPBB 2.x - unserialize() Remote Exploit (Compiled)
PHP 4.3.9 + phpBB 2.x - unserialize() Remote Exploit (Compiled)

Apple QuickTime 6.5.2.10 - '.qtif'Image Parsing
Apple QuickTime 6.5.2.10 - '.qtif' Image Parsing

wu-ftpd 2.6.2 - File Globbing Denial of Service
WU-FTPD 2.6.2 - File Globbing Denial of Service

RealPlayer 10 - '.smil'Local Buffer Overflow
RealPlayer 10 - '.smil' Local Buffer Overflow

PHPBB 2.0.13 - 'downloads.php' mod Remote Exploit
phpBB 2.0.13 - 'downloads.php' mod Remote Exploit

PHPPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting
phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting
Invision Power Board 2.0.3 - login.php SQL Injection
Invision Power Board 2.0.3 - login.php SQL Injection (tutorial)
Invision Power Board 2.0.3 - 'login.php' SQL Injection
Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial)
PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl)
PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1)
PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2)
phpStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl)
phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1)
phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2)

Invision Power Board 1.3.1 - login.php SQL Injection
Invision Power Board 1.3.1 - 'login.php' SQL Injection

PHPBB 2.0.15 - (highlight) Remote PHP Code Execution
phpBB 2.0.15 - (highlight) Remote PHP Code Execution

Solaris SPARC / x86 - Local Socket Hijack Exploit
Solaris (SPARC / x86) - Local Socket Hijack Exploit

PHPBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit)
phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit)

Microsoft Windows XP SP2 - 'rdpwd.sys'Remote Kernel Denial of Service
Microsoft Windows XP SP2 - 'rdpwd.sys' Remote Kernel Denial of Service

PHPBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit
phpBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit

FreeFTPD 1.0.8 - (USER) Remote Buffer Overflow
freeFTPd 1.0.8 - (USER) Remote Buffer Overflow

FreeFTPD 1.0.10 - (PORT Command) Denial of Service
freeFTPd 1.0.10 - (PORT Command) Denial of Service

Tftpd32 2.81 - (GET Request) Format String Denial of Service (PoC)
TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC)

Microsoft HTML Help Workshop - '.hhp'Denial of Service
Microsoft HTML Help Workshop - '.hhp' Denial of Service

PHPWebSite 0.10.0-full - (topics.php) SQL Injection
phpWebSite 0.10.0-full - (topics.php) SQL Injection

Microsoft Visual Studio 6.0 sp6 - '.dbp'Buffer Overflow
Microsoft Visual Studio 6.0 sp6 - '.dbp' Buffer Overflow

PHPBookingCalendar 1.0c - (details_view.php) SQL Injection
phpBookingCalendar 1.0c - (details_view.php) SQL Injection

Navicat Premium 11.2.11 (64bit) - Local Database Password Disclosure

Microsoft Internet Explorer 6 - 'Internet.HHCtrl'Heap Overflow
Microsoft Internet Explorer 6 - 'Internet.HHCtrl' Heap Overflow

PHPBB 3 - 'memberlist.php' SQL Injection
phpBB 3 - 'memberlist.php' SQL Injection

WoW Roster 1.70 - (/lib/PHPbb.php) Remote File Inclusion
WoW Roster 1.70 - (/lib/phpBB.php) Remote File Inclusion

PHPBB XS 0.58 - (functions.php) Remote File Inclusion
phpBB XS 0.58 - (functions.php) Remote File Inclusion

phpBB XS 0.58a - (phpbb_root_path) Remote File Inclusion
phpBB XS 0.58a - (phpBB_root_path) Remote File Inclusion

phpBB Static Topics 1.0 - phpbb_root_path File Include
phpBB Static Topics 1.0 - phpBB_root_path File Include
PHPBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion
Dimension of phpBB 0.2.6 - (phpbb_root_path) Remote File Inclusions
phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion
Dimension of phpBB 0.2.6 - (phpBB_root_path) Remote File Inclusions

PHP News Reader 2.6.4 - (PHPbb.inc.php) Remote File Inclusion Exploit
PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion Exploit

PHPBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit
phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit

PHPBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit
phpBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit

PHPBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit
phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit

PHPBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit
phpBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit

PHPBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit
phpBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit

PGOSD - 'misc/function.php3'Remote File Inclusion
PGOSD - 'misc/function.php3' Remote File Inclusion

HP-UX 11i - (LIBC TZ enviroment variable) Privilege Escalation
HP-UX 11i - (LIBC TZ enviroment Variable) Privilege Escalation

ProFTPD 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit)
ProFTPd 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit)

ProFTPD 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC)
ProFTPd 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC)

ProFTPD 1.2.9 rc2 - (ASCII File) Remote Root Exploit
ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit

Yrch 1.0 - (plug.inc.php path variable) Remote File Inclusion Exploit
Yrch 1.0 - (plug.inc.php path Variable) Remote File Inclusion Exploit

Vizayn Haber - 'haberdetay.asp id variable'SQL Injection
Vizayn Haber - 'haberdetay.asp id Variable' SQL Injection

newsCMSlite - 'newsCMS.mdb'Remote Password Disclosure
newsCMSlite - 'newsCMS.mdb' Remote Password Disclosure

iG Calendar 1.0 - (user.php id variable) SQL Injection
iG Calendar 1.0 - (user.php id Variable) SQL Injection

uniForum 4 - 'wbsearch.aspx'SQL Injection
uniForum 4 - 'wbsearch.aspx' SQL Injection

MGB 0.5.4.5 - (email.php id variable) SQL Injection
MGB 0.5.4.5 - (email.php id Variable) SQL Injection

Microsoft Help Workshop 4.03.0002 - '.CNT'Buffer Overflow
Microsoft Help Workshop 4.03.0002 - '.cnt' Buffer Overflow

Microsoft Help Workshop 4.03.0002 - '.HPJ'Buffer Overflow
Microsoft Help Workshop 4.03.0002 - '.HPJ' Buffer Overflow

Microsoft Visual C++ - '.RC Resource Files'Local Buffer Overflow
Microsoft Visual C++ - '.RC Resource Files' Local Buffer Overflow

Phpbb Tweaked 3 - (phpbb_root_path) Remote File Inclusion
phpBB Tweaked 3 - (phpBB_root_path) Remote File Inclusion

phpBB++ Build 100 - (phpbb_root_path) Remote File Inclusion Exploit
phpBB++ Build 100 - (phpBB_root_path) Remote File Inclusion Exploit

Categories hierarchy phpBB Mod 2.1.2 - (phpbb_root_path) Remote File Inclusion Exploit
Categories hierarchy phpBB Mod 2.1.2 - (phpBB_root_path) Remote File Inclusion Exploit

ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1)
ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1)

ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2)
ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2)

News Bin Pro 5.33 - '.NBI'Local Buffer Overflow
News Bin Pro 5.33 - '.nbi' Local Buffer Overflow

Extreme PHPBB 3.0.1 - (functions.php) Remote File Inclusion Exploit
Extreme phpBB 3.0.1 - (functions.php) Remote File Inclusion Exploit

Plan 9 Kernel - 'devenv.c OTRUNC/pwrite'Local Exploit
Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local Exploit

Microsoft Windows - '.doc'Malformed Pointers Denial of Service
Microsoft Windows - '.doc' Malformed Pointers Denial of Service

GestArt Beta 1 - 'aide.php aide'Remote File Inclusion
GestArt Beta 1 - 'aide.php aide' Remote File Inclusion

ttCMS 4 - 'ez_sql.php lib_path'Remote File Inclusion
ttCMS 4 - 'ez_sql.php lib_path' Remote File Inclusion

Corel Wordperfect X3 13.0.0.565 - '.PRS'Local Buffer Overflow
Corel Wordperfect X3 13.0.0.565 - '.prs' Local Buffer Overflow

ProFTPD 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield)
ProFTPd 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield)

Winamp 5.3 - '.WMV'Remote Denial of Service
Winamp 5.3 - '.wmv' Remote Denial of Service
ACDSee 9.0 - '.XPM'Local Buffer Overflow
XnView 1.90.3 - '.XPM'Local Buffer Overflow
WEBInsta FM 0.1.4 - login.php absolute_path Remote File Inclusion Exploit
Corel Paint Shop Pro Photo 11.20 - '.CLP'Buffer Overflow
ACDSee 9.0 - '.xpm' Local Buffer Overflow
XnView 1.90.3 - '.xpm' Local Buffer Overflow
WEBInsta FM 0.1.4 - 'login.php' absolute_path Remote File Inclusion Exploit
Corel Paint Shop Pro Photo 11.20 - '.clp' Buffer Overflow
ABC-View Manager 1.42 - '.PSP'Buffer Overflow
FreshView 7.15 - '.PSP'Buffer Overflow
ABC-View Manager 1.42 - '.psp' Buffer Overflow
FreshView 7.15 - '.psp' Buffer Overflow

Gimp 2.2.14 - '.ras'SUNRAS Plugin Buffer Overflow
Gimp 2.2.14 - '.ras' SUNRAS Plugin Buffer Overflow
IrfanView 4.00 - '.iff'Buffer Overflow
Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png'Buffer Overflow Exploit
IrfanView 4.00 - '.iff' Buffer Overflow
Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png' Buffer Overflow Exploit

RealPlayer 10 - '.ra'Remote Denial of Service
RealPlayer 10 - '.ra' Remote Denial of Service

Winamp 5.34 - '.mp4'Code Execution Exploit
Winamp 5.34 - '.mp4' Code Execution Exploit

Wikivi5 - 'show.php sous_rep'Remote File Inclusion
Wikivi5 - 'show.php sous_rep' Remote File Inclusion

LeadTools Raster Thumbnail Object Library - 'LTRTM14e.DLL'Buffer Overflow Exploit
LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Buffer Overflow Exploit

Scallywag - 'template.php path'Remote File Inclusion
Scallywag - 'template.php path' Remote File Inclusion

Simple Invoices 2007 05 25 - 'index.php submit'SQL Injection
Simple Invoices 2007 05 25 - 'index.php submit' SQL Injection

Traffic Stats - 'referralUrl.php offset'SQL Injection
Traffic Stats - 'referralUrl.php offset' SQL Injection

BBS E-Market - 'postscript.php p_mode'Remote File Inclusion
BBS E-Market - 'postscript.php p_mode' Remote File Inclusion

PHPBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion
phpBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion

bwired - 'index.php newsID'SQL Injection
bwired - 'index.php newsID' SQL Injection

CrystalPlayer 1.98 - '.mls'Local Buffer Overflow
CrystalPlayer 1.98 - '.mls' Local Buffer Overflow

PHP123 Top Sites - 'category.php cat'SQL Injection
PHP123 Top Sites - 'category.php cat' SQL Injection

Live for Speed S1/S2/Demo - '.mpr replay'Buffer Overflow
Live for Speed S1/S2/Demo - '.mpr replay' Buffer Overflow

Microsoft Visual 6 - 'VDT70.dll NotSafe'Stack Overflow
Microsoft Visual 6 - 'VDT70.dll NotSafe' Stack Overflow
Live for Speed S1/S2/Demo - '.ply'Buffer Overflow
Live for Speed S1/S2/Demo - '.spr'Buffer Overflow
CartWeaver - 'Details.cfm ProdID'SQL Injection
Prozilla Pub Site Directory - 'directory.php cat'SQL Injection
Live for Speed S1/S2/Demo - '.ply' Buffer Overflow
Live for Speed S1/S2/Demo - '.spr' Buffer Overflow
CartWeaver - 'Details.cfm ProdID' SQL Injection
Prozilla Pub Site Directory - 'directory.php cat' SQL Injection

Prozilla Webring Website Script - 'category.php cat'SQL Injection
Prozilla Webring Website Script - 'category.php cat' SQL Injection

GetMyOwnArcade - 'search.php query'SQL Injection
GetMyOwnArcade - 'search.php query' SQL Injection

ProFTPD 1.x (module mod_tls) - Remote Buffer Overflow
ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow

Sisfo Kampus 2006 - 'dwoprn.php f'Remote File Download
Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download

Gelato - 'index.php post'SQL Injection
Gelato - 'index.php post' SQL Injection

modifyform - 'modifyform.html'Remote File Inclusion
modifyform - 'modifyform.html' Remote File Inclusion

phpBB Plus 1.53 - (phpbb_root_path) Remote File Inclusion
phpBB Plus 1.53 - (phpBB_root_path) Remote File Inclusion

Black Lily 2007 - 'products.php class'SQL Injection
Black Lily 2007 - 'products.php class' SQL Injection

PHPBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion
phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion

wzdftpd 0.8.0 - (USER) Remote Denial of Service
WzdFTPD 0.8.0 - (USER) Remote Denial of Service
Solaris 10 - x86/sparc sysinfo Kernel Memory Disclosure Exploit
Solaris - fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc)
Solaris 10 (sparc/x86) - sysinfo Kernel Memory Disclosure Exploit
Solaris (sparc/x86) - fifofs I_PEEK Kernel Memory Disclosure Exploit

Mcms Easy Web Make - 'index.php template'Local File Inclusion
Mcms Easy Web Make - 'index.php template' Local File Inclusion

MOG-WebShop - 'index.php group'SQL Injection
MOG-WebShop - 'index.php group' SQL Injection

ClipShare - 'uprofile.php UID'SQL Injection
ClipShare - 'uprofile.php UID' SQL Injection

samPHPweb - 'db.php commonpath'Remote File Inclusion
samPHPweb - 'db.php commonpath' Remote File Inclusion

RichStrong CMS - 'showproduct.asp cat'SQL Injection
RichStrong CMS - 'showproduct.asp cat' SQL Injection

Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr'File Handling Buffer Overflow Exploit
Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow Exploit

IrfanView 4.10 - '.fpx'Memory Corruption Exploit
IrfanView 4.10 - '.fpx' Memory Corruption Exploit

Fully Modded PHPBB - 'kb.php' SQL Injection
Fully Modded phpBB - 'kb.php' SQL Injection

ASPapp - 'links.asp CatId'SQL Injection
ASPapp - 'links.asp CatId' SQL Injection

HIS-Webshop - 'his-webshop.pl t'Remote File Disclosure
HIS-Webshop - 'his-webshop.pl t' Remote File Disclosure

Easynet Forum Host - 'forum.php forum'SQL Injection
Easynet Forum Host - 'forum.php forum' SQL Injection

Blog PixelMotion - 'index.php categorie'SQL Injection
Blog PixelMotion - 'index.php categorie' SQL Injection

Prozilla Forum Service - 'forum.php forum'SQL Injection
Prozilla Forum Service - 'forum.php forum' SQL Injection

Ksemail - 'index.php language'Local File Inclusion
Ksemail - 'index.php language' Local File Inclusion

RX Maxsoft - 'popup_img.php fotoID'SQL Injection
RX Maxsoft - 'popup_img.php fotoID' SQL Injection

Apartment Search Script - 'listtest.php r'SQL Injection
Apartment Search Script - 'listtest.php r' SQL Injection

Jokes Site Script - 'jokes.php?catagorie'SQL Injection
Jokes Site Script - 'jokes.php?catagorie' SQL Injection

Anserv Auction XL - 'viewfaqs.php cat'SQL Injection
Anserv Auction XL - 'viewfaqs.php cat' SQL Injection

fipsCMS - 'print.asp lg'SQL Injection
fipsCMS - 'print.asp lg' SQL Injection

PostcardMentor - 'step1.asp cat_fldAuto'SQL Injection
PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection

HispaH Model Search - 'cat.php cat'SQL Injection
HispaH Model Search - 'cat.php cat' SQL Injection
EMO Realty Manager - 'news.php ida'SQL Injection
The Real Estate Script - 'dpage.php docID'SQL Injection
EMO Realty Manager - 'news.php ida' SQL Injection
The Real Estate Script - 'dpage.php docID' SQL Injection

GLLCTS2 - 'listing.php sort'Blind SQL Injection
GLLCTS2 - 'listing.php sort' Blind SQL Injection

PHPMyCart - 'shop.php cat'SQL Injection
PHPMyCart - 'shop.php cat' SQL Injection

BaSiC-CMS - 'index.php r'SQL Injection
BaSiC-CMS - 'index.php r' SQL Injection

Mybizz-Classifieds - 'index.php cat'SQL Injection
Mybizz-Classifieds - 'index.php cat' SQL Injection
Carscripts Classifieds - 'index.php cat'SQL Injection
BoatScripts Classifieds - 'index.php type'SQL Injection
Carscripts Classifieds - 'index.php cat' SQL Injection
BoatScripts Classifieds - 'index.php type' SQL Injection

RSS-Aggregator - 'display.php path'Remote File Inclusion
RSS-Aggregator - 'display.php path' Remote File Inclusion

MyBlog: PHP and MySQL Blog/CMS software - SQL / Cross-Site Scripting
MyBlog: PHP and MySQL Blog/CMS software - SQL Injection / Cross-Site Scripting

CodeDB - 'list.php lang'Local File Inclusion
CodeDB - 'list.php lang' Local File Inclusion

HRS Multi - 'picture_pic_bv.asp key'Blind SQL Injection
HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection
MojoPersonals - 'mojoClassified.cgi mojo'Blind SQL Injection
MojoJobs - 'mojoJobs.cgi mojo'Blind SQL Injection
MojoAuto - 'mojoAuto.cgi mojo'Blind SQL Injection
MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection
MojoJobs - 'mojoJobs.cgi mojo' Blind SQL Injection
MojoAuto - 'mojoAuto.cgi mojo' Blind SQL Injection

Youtuber Clone - 'ugroups.php UID'SQL Injection
Youtuber Clone - 'ugroups.php UID' SQL Injection

ZeeReviews - 'comments.php ItemID'SQL Injection
ZeeReviews - 'comments.php ItemID' SQL Injection

Acoustica Beatcraft 1.02 Build 19 - '.bcproj'Local Buffer Overflow Exploit
Acoustica Beatcraft 1.02 Build 19 - '.bcproj' Local Buffer Overflow Exploit

Living Local Website - 'listtest.php r'SQL Injection
Living Local Website - 'listtest.php r' SQL Injection

AWStats Totals - 'AWStatstotals.php sort'Remote Code Execution Exploit
AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution Exploit

Pre Real Estate Listings - 'search.php c'SQL Injection
Pre Real Estate Listings - 'search.php c' SQL Injection

Hotel reservation System - 'city.asp city'Blind SQL Injection
Hotel reservation System - 'city.asp city' Blind SQL Injection

Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward'Local Denial of Service
Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward' Local Denial of Service

Availscript Article Script - 'view.php v'SQL Injection
Availscript Article Script - 'view.php v' SQL Injection

JETIK-WEB Software - 'sayfa.php kat'SQL Injection
JETIK-WEB Software - 'sayfa.php kat' SQL Injection

Microsoft Windows GDI+ - '.ico'Remote Division By Zero Exploit
Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit

ArabCMS - 'rss.php rss'Local File Inclusion
ArabCMS - 'rss.php rss' Local File Inclusion

Easynet4u faq Host - 'faq.php faq'SQL Injection
Easynet4u faq Host - 'faq.php faq' SQL Injection

Real Estate Scripts 2008 - 'index.php cat'SQL Injection
Real Estate Scripts 2008 - 'index.php cat' SQL Injection

RaidenFTPD 2.4 build 3620 - Remote Denial of Service
RaidenFTPd 2.4 build 3620 - Remote Denial of Service

XOOPS Module xhresim - 'index.php no'SQL Injection
XOOPS Module xhresim - 'index.php no' SQL Injection

Solaris 9 - [UltraSPARC] sadmind Remote Root Exploit
Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit
DorsaCMS - 'ShowPage.aspx'SQL Injection
YDC - 'kdlist.php cat'SQL Injection
DorsaCMS - 'ShowPage.aspx' SQL Injection
YDC - 'kdlist.php cat' SQL Injection

Aj RSS Reader - 'EditUrl.php url'SQL Injection
Aj RSS Reader - 'EditUrl.php url' SQL Injection

Aiocp 1.4 - (poll_id) SQL Injection
AIOCP 1.4 - 'poll_id' SQL Injection
SFS EZ Auction - 'viewfaqs.php cat'Blind SQL Injection
SFS EZ Career - 'content.php topic'SQL Injection
SFS EZ Top Sites - 'topsite.php ts'SQL Injection
SFS EZ Auction - 'viewfaqs.php cat' Blind SQL Injection
SFS EZ Career - 'content.php topic' SQL Injection
SFS EZ Top Sites - 'topsite.php ts' SQL Injection

SFS EZ Pub Site - 'directory.php cat'SQL Injection
SFS EZ Pub Site - 'directory.php cat' SQL Injection

AJ ARTICLE - 'featured_article.php mode'SQL Injection
AJ ARTICLE - 'featured_article.php mode' SQL Injection
YourFreeWorld Shopping Cart - 'index.php c'Blind SQL Injection
Maran PHP Shop - 'prod.php cat'SQL Injection
YourFreeWorld Shopping Cart - 'index.php c' Blind SQL Injection
Maran PHP Shop - 'prod.php cat' SQL Injection

PHP Auto Listings - 'moreinfo.php pg'SQL Injection
PHP Auto Listings - 'moreinfo.php pg' SQL Injection

VLC Media Player < 0.9.6 - '.rt'Stack Buffer Overflow
VLC Media Player < 0.9.6 - '.rt' Stack Buffer Overflow

Minigal b13 - 'index.php list'Remote File Disclosure Exploit
Minigal b13 - 'index.php list' Remote File Disclosure Exploit

VCalendar - 'VCalendar.mdb'Remote Database Disclosure
VCalendar - 'VCalendar.mdb' Remote Database Disclosure

VideoGirls BiZ - 'view_snaps.php type'Blind SQL Injection
VideoGirls BiZ - 'view_snaps.php type' Blind SQL Injection

ParsBlogger - 'blog.asp wr'SQL Injection
ParsBlogger - 'blog.asp wr' SQL Injection

BaSiC-CMS - 'acm2000.mdb'Remote Database Disclosure
BaSiC-CMS - 'acm2000.mdb' Remote Database Disclosure
cpCommerce 1.2.6 - (URL Rewrite) Input variable overwrite / Authentication Bypass
Cain & Abel 4.9.24 - '.rdp'Stack Overflow
cpCommerce 1.2.6 - (URL Rewrite) Input Variable overwrite / Authentication Bypass
Cain & Abel 4.9.24 - '.rdp' Stack Overflow

Ocean12 Mailing List Manager Gold - DD / SQL / Cross-Site Scripting
Ocean12 Mailing List Manager Gold - File Disclosure / SQL Injection / Cross-Site Scripting

Cain & Abel 4.9.23 - '.rdp'Buffer Overflow Exploit
Cain & Abel 4.9.23 - '.rdp' Buffer Overflow Exploit

User Engine Lite ASP - 'users.mdb'Database Disclosure
User Engine Lite ASP - 'users.mdb' Database Disclosure

Easy News Content Management - 'News.mdb'Database Disclosure
Easy News Content Management - 'News.mdb' Database Disclosure

RankEm - 'rankup.asp siteID'SQL Injection
RankEm - 'rankup.asp siteID' SQL Injection

Cold BBS - 'cforum.mdb'Remote Database Disclosure
Cold BBS - 'cforum.mdb' Remote Database Disclosure

ASP PORTAL - 'xportal.mdb'Remote Database Disclosure
ASP PORTAL - 'xportal.mdb' Remote Database Disclosure

Webmaster Marketplace - 'member.php u'SQL Injection
Webmaster Marketplace - 'member.php u' SQL Injection

CF_Calendar - 'calendarevent.cfm'SQL Injection
CF_Calendar - 'calendarevent.cfm' SQL Injection

CFMBLOG - 'index.cfm categorynbr'Blind SQL Injection
CFMBLOG - 'index.cfm categorynbr' Blind SQL Injection

MyCal Personal Events Calendar - 'mycal.mdb'Database Disclosure
MyCal Personal Events Calendar - 'mycal.mdb' Database Disclosure

ASPired2Quote - 'quote.mdb'Remote Database Disclosure
ASPired2Quote - 'quote.mdb' Remote Database Disclosure

CodeAvalanche FreeForum - 'CAForum.mdb'Database Disclosure
CodeAvalanche FreeForum - 'CAForum.mdb' Database Disclosure
CodeAvalanche Directory - 'CADirectory.mdb'Database Disclosure
CodeAvalanche FreeForAll - 'CAFFAPage.mdb'Database Disclosure
CodeAvalanche Directory - 'CADirectory.mdb' Database Disclosure
CodeAvalanche FreeForAll - 'CAFFAPage.mdb' Database Disclosure
CodeAvalanche Articles - 'CAArticles.mdb'Database Disclosure
CodeAvalanche RateMySite - 'CARateMySite.mdb'Database Disclosure
CodeAvalanche Articles - 'CAArticles.mdb' Database Disclosure
CodeAvalanche RateMySite - 'CARateMySite.mdb' Database Disclosure

CFAGCMS 1 - 'right.php title'SQL Injection
CFAGCMS 1 - 'right.php title' SQL Injection

click&rank - SQL / Cross-Site Scripting
click&rank - SQL Injection / Cross-Site Scripting

Liberum Help Desk 0.97.3 - SQL / DD
Liberum Help Desk 0.97.3 - SQL Injection / File Disclosure

QuickerSite Easy CMS - 'QuickerSite.mdb'Database Disclosure
QuickerSite Easy CMS - 'QuickerSite.mdb' Database Disclosure

MyPHPsite - 'index.php mod'Local File Inclusion
MyPHPsite - 'index.php mod' Local File Inclusion

MyPBS - 'index.php seasonID'SQL Injection
MyPBS - 'index.php seasonID' SQL Injection

Extract Website - 'download.php filename'File Disclosure
Extract Website - 'download.php filename' File Disclosure

CoolPlayer 2.19 - '.Skin'Local Buffer Overflow
CoolPlayer 2.19 - '.Skin' Local Buffer Overflow
Sepcity Shopping Mall - 'shpdetails.asp ID'SQL Injection
Sepcity Lawyer Portal - 'deptdisplay.asp ID'SQL Injection
Sepcity Shopping Mall - 'shpdetails.asp ID' SQL Injection
Sepcity Lawyer Portal - 'deptdisplay.asp ID' SQL Injection

Sepcity Classified - 'classdis.asp ID'SQL Injection
Sepcity Classified - 'classdis.asp ID' SQL Injection

Ayemsis Emlak Pro - 'acc.mdb'Database Disclosure
Ayemsis Emlak Pro - 'acc.mdb' Database Disclosure

VUPlayer 2.49 - '.wax'Local Buffer Overflow
VUPlayer 2.49 - '.wax' Local Buffer Overflow
BlogHelper - 'common_db.inc'Remote Config File Disclosure
PollHelper - 'poll.inc'Remote Config File Disclosure
BlogHelper - 'common_db.inc' Remote Config File Disclosure
PollHelper - 'poll.inc' Remote Config File Disclosure

Audacity 1.6.2 - '.aup'Remote Off-by-One Crash Exploit
Audacity 1.6.2 - '.aup' Remote Off-by-One Crash Exploit

QuoteBook - 'poll.inc'Remote Config File Disclosure
QuoteBook - 'poll.inc' Remote Config File Disclosure

XOOPS Module tadbook2 - 'open_book.php book_sn'SQL Injection
XOOPS Module tadbook2 - 'open_book.php book_sn' SQL Injection

Social Engine - 'browse_classifieds.php s'SQL Injection
Social Engine - 'browse_classifieds.php s' SQL Injection

Realtor 747 - 'define.php INC_DIR'Remote File Inclusion
Realtor 747 - 'define.php INC_DIR' Remote File Inclusion

OTSTurntables 1.00.027 - '.ofl'Local Stack Overflow
OTSTurntables 1.00.027 - '.ofl' Local Stack Overflow

SCMS 1 - 'index.php p'Local File Inclusion
SCMS 1 - 'index.php p' Local File Inclusion

Graugon Gallery 1.0 - Cross-Site Scripting / SQL / Cookie Bypass
Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass

Baran CMS 1.0 - Arbitrary ASP File Upload / DB / SQL / Cross-Site Scripting / CM
Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / CM

pHNews Alpha 1 - 'header.php mod'SQL Injection
pHNews Alpha 1 - 'header.php mod' SQL Injection

i-dreams GB Server - 'admin.dat'File Disclosure
i-dreams GB Server - 'admin.dat' File Disclosure

VUplayer 2.49 - '.cue'Local Buffer Overflow
VUplayer 2.49 - '.cue' Local Buffer Overflow

VUPlayer 2.49 - '.cue'Universal Buffer Overflow
VUPlayer 2.49 - '.cue' Universal Buffer Overflow

Chasys Media Player 1.1 - '.cue'Stack Overflow
Chasys Media Player 1.1 - '.cue' Stack Overflow

Chasys Media Player - '.lst Playlist'Local Buffer Overflow
Chasys Media Player - '.lst Playlist' Local Buffer Overflow

BS.Player 2.34 - '.bsl'Universal SEH Overwrite
BS.Player 2.34 - '.bsl' Universal SEH Overwrite

POP Peeper 3.4.0.0 - '.eml'Universal SEH Overwrite
POP Peeper 3.4.0.0 - '.eml' Universal SEH Overwrite

Abee Chm Maker 1.9.5 - '.CMP'Stack Overflow
Abee Chm Maker 1.9.5 - '.CMP' Stack Overflow

ActiveKB Knowledgebase - 'loadpanel.php Panel'Local File Inclusion
ActiveKB Knowledgebase - 'loadpanel.php Panel' Local File Inclusion

ftpdmin 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study)
FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study)

ftpdmin 0.96 - Arbitrary File Disclosure Exploit
FTPDMIN 0.96 - Arbitrary File Disclosure Exploit

Jamroom - 'index.php t'Local File Inclusion
Jamroom - 'index.php t' Local File Inclusion

W2B phpEmployment - 'conf.inc'File Disclosure
W2B phpEmployment - 'conf.inc' File Disclosure
phpAdBoard - 'conf.inc'Remote Config File Disclosure
phpGreetCards - 'conf.inc'Config File Disclosure
phpAdBoard - 'conf.inc' Remote Config File Disclosure
phpGreetCards - 'conf.inc' Config File Disclosure
phpAdBoardPro - 'config.inc'Config File Disclosure
phpDatingClub - 'conf.inc'File Disclosure
Job2C - 'conf.inc'Config File Disclosure
phpAdBoardPro - 'config.inc' Config File Disclosure
phpDatingClub - 'conf.inc' File Disclosure
Job2C - 'conf.inc' Config File Disclosure

Star Downloader Free 1.45 - '.dat'Universal SEH Overwrite
Star Downloader Free 1.45 - '.dat' Universal SEH Overwrite

Destiny Media Player 1.61 - '.rdl'Local Buffer Overflow
Destiny Media Player 1.61 - '.rdl' Local Buffer Overflow

Thickbox Gallery 2 - 'index.php ln'Local File Inclusion
Thickbox Gallery 2 - 'index.php ln' Local File Inclusion

Symantec Fax Viewer Control 10 - 'DCCFAXVW.DLL'Remote Buffer Overflow Exploit
Symantec Fax Viewer Control 10 - 'DCCFAXVW.dll' Remote Buffer Overflow Exploit

Mercury Audio Player 1.21 - '.b4s'Local Stack Overflow
Mercury Audio Player 1.21 - '.b4s' Local Stack Overflow

RM Downloader - '.smi'Local Stack Overflow
RM Downloader - '.smi' Local Stack Overflow

RM Downloader - '.smi'Universal Local Buffer Overflow
RM Downloader - '.smi' Universal Local Buffer Overflow
RM Downloader 3.0.0.9 - '.RAM'Local Buffer Overflow
Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM'Buffer Overflow
Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF'Local Buffer Overflow Exploit
Mini-stream Ripper 3.0.1.1 - '.RAM'Local Buffer Overflow
RM Downloader 3.0.0.9 - '.RAM' Local Buffer Overflow
Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM' Buffer Overflow
Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF' Local Buffer Overflow Exploit
Mini-stream Ripper 3.0.1.1 - '.RAM' Local Buffer Overflow

Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM'Local Buffer Overflow Exploit
Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM' Local Buffer Overflow Exploit

MPLAB IDE 8.30 - '.mcp'Universal Seh Overwrite
MPLAB IDE 8.30 - '.mcp' Universal Seh Overwrite

Pinnacle Studio 12 - '.hfz'Directory Traversal
Pinnacle Studio 12 - '.hfz' Directory Traversal

COWON America jetCast 2.0.4.1109 - '.mp3'Local Overflow
COWON America jetCast 2.0.4.1109 - '.mp3' Local Overflow

R2 Newsletter Lite/Pro/Stats - 'admin.mdb'Database Disclosure
R2 Newsletter Lite/Pro/Stats - 'admin.mdb' Database Disclosure

phpDatingClub 3.7 - SQL / Cross-Site Scripting Injection
phpDatingClub 3.7 - SQL Injection / Cross-Site Scripting Injection

ClearContent - 'image.php url'Remote File Inclusion / Local File Inclusion
ClearContent - 'image.php url' Remote File Inclusion / Local File Inclusion

DJ Calendar - 'DJcalendar.cgi TEMPLATE'File Disclosure
DJ Calendar - 'DJcalendar.cgi TEMPLATE' File Disclosure

Icarus 2.0 - '.ICP'Local Stack Overflow Exploit
Icarus 2.0 - '.ICP' Local Stack Overflow Exploit

MixSense 1.0.0.1 DJ Studio - '.mp3'Crash Exploit
MixSense 1.0.0.1 DJ Studio - '.mp3' Crash Exploit

htmldoc 1.8.27.1 - '.html'Universal Stack Overflow
htmldoc 1.8.27.1 - '.html' Universal Stack Overflow

Acoustica MP3 Audio Mixer 2.471 - '.sgp'Crash Exploit
Acoustica MP3 Audio Mixer 2.471 - '.sgp' Crash Exploit

PHP Paid 4 Mail Script - 'paidbanner.php ID'SQL Injection
PHP Paid 4 Mail Script - 'paidbanner.php ID' SQL Injection

Microsoft Windows XP - 'win32k.sys'Privilege Escalation
Microsoft Windows XP - 'win32k.sys' Privilege Escalation

Portel 2008 - 'decide.php patron'Blind SQL Injection
Portel 2008 - 'decide.php patron' Blind SQL Injection

Microsoft Windows 2003 - '.EOT'BSOD Crash Exploit
Microsoft Windows 2003 - '.EOT' BSOD Crash Exploit

THOMSON ST585 - 'user.ini'Arbitrary Download
THOMSON ST585 - 'user.ini' Arbitrary Download

PHP Email Manager - 'remove.php ID'SQL Injection
PHP Email Manager - 'remove.php ID' SQL Injection

WAR-FTPD 1.65 - (MKD/CD Requests) Denial of Service
War-FTPD 1.65 - (MKD/CD Requests) Denial of Service

EMO Breader Manager - 'video.php movie'SQL Injection
EMO Breader Manager - 'video.php movie' SQL Injection

Invisible Browsing 5.0.52 - '.ibkey'Local Buffer Overflow
Invisible Browsing 5.0.52 - '.ibkey' Local Buffer Overflow

HotWeb Rentals - 'details.asp PropId'Blind SQL Injection
HotWeb Rentals - 'details.asp PropId' Blind SQL Injection

Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend'Command Injection
Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend' Command Injection

Blender 2.49b - '.blend'Remote Command Execution
Blender 2.49b - '.blend' Remote Command Execution

Aiocp 1.4.001 - File Inclusion
AIOCP 1.4.001 - File Inclusion

BibTeX - '.bib'File Handling Memory Corruption
BibTeX - '.bib' File Handling Memory Corruption

PHP 5.0.0 - domxml_open_file() Local Denial of Service
PHP 5.0.0 - 'domxml_open_file()' Local Denial of Service

PHP 5.0.0 - simplexml_load_file() Local Denial of Service
PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service

MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack-Based Buffer Overflows
MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack Based Buffer Overflows

Audacity 1.2.6 - '.gro'Buffer Overflow
Audacity 1.2.6 - '.gro' Buffer Overflow

gAlan - '.galan'Universal Buffer Overflow
gAlan - '.galan' Universal Buffer Overflow
ASPGuest - 'edit.asp ID'Blind SQL Injection
Smart ASPad - 'campaignEdit.asp CCam'Blind SQL Injection
ASPGuest - 'edit.asp ID' Blind SQL Injection
Smart ASPad - 'campaignEdit.asp CCam' Blind SQL Injection

dblog - 'dblog.mdb'Remote Database Disclosure
dblog - 'dblog.mdb' Remote Database Disclosure

PHP 5.0.0 - xmldocfile() Local Denial of Service
PHP 5.0.0 - 'xmldocfile()' Local Denial of Service

Apollo Player 37.0.0.0 - '.aap'Buffer Overflow Denial of Service
Apollo Player 37.0.0.0 - '.aap' Buffer Overflow Denial of Service

OpenOffice - '.slk'Parsing Null Pointer
OpenOffice - '.slk' Parsing Null Pointer

crownweb - 'page.cfm'SQL Injection
crownweb - 'page.cfm' SQL Injection

OtsTurntables Free 1.00.047 - '.olf'Universal Buffer Overflow
OtsTurntables Free 1.00.047 - '.olf' Universal Buffer Overflow

Windows Media Player 11.0.5721.5145 - '.mpg'Buffer Overflow
Windows Media Player 11.0.5721.5145 - '.mpg' Buffer Overflow

Orbital Viewer 1.04 - '.orb'Local Universal SEH Overflow
Orbital Viewer 1.04 - '.orb' Local Universal SEH Overflow

iPhone / iTouch FTPDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service
iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service

JAD java decompiler 1.5.8g - '.class'Stack Overflow Denial of Service
JAD java decompiler 1.5.8g - '.class' Stack Overflow Denial of Service

Media Player 6.4.9.1 with K-Lite Codec Pack - Denial of Service/Crash '.avi'
Media Player 6.4.9.1 with K-Lite Codec Pack - '.avi' Denial of Service/Crash

no$gba 2.5c - '.nds'Local crash
no$gba 2.5c - '.nds' Local crash

Xilisoft Blackberry Ring Tone Maker - '.wma'Local Crash
Xilisoft Blackberry Ring Tone Maker - '.wma' Local Crash

Dualis 20.4 - '.bin'Local Daniel Of Service
Dualis 20.4 - '.bin' Local Daniel Of Service

DSEmu 0.4.10 - '.nds'Local Crash Exploit
DSEmu 0.4.10 - '.nds' Local Crash Exploit

MP3 Wav Editor 3.80 - '.mp3'Local Denial of Service
MP3 Wav Editor 3.80 - '.mp3' Local Denial of Service

FontForge - .BDF Font File Stack-Based Buffer Overflow
FontForge - .BDF Font File Stack Based Buffer Overflow

Dolphin 2.0 - '.elf'Local Daniel Of Service
Dolphin 2.0 - '.elf' Local Daniel Of Service

e-webtech - 'new.asp?id='SQL Injection
e-webtech - 'new.asp?id=' SQL Injection

SmallFTPD FTP Server 1.0.3 - DELE Command Denial of Service
SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service

RahnemaCo - page.php PageID Remote File Inclusion
RahnemaCo - 'page.php' PageID Remote File Inclusion

goffgrafix - Design's SQL Injection
goffgrafix - Design's - SQL Injection

Spaceacre - SQL / Cross-Site Scripting / HTML Injection
Spaceacre - SQL Injection / Cross-Site Scripting / HTML Injection

ZipExplorer 7.0 - '.zar'Denial of Service
ZipExplorer 7.0 - '.zar' Denial of Service

ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation

iOS - Version-independent shellcode
iOS - Version-independent Shellcode

Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 shellcode
Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 Shellcode

Win32 - SEH omelet shellcode
Win32 - SEH omelet Shellcode

Win32 - Connectback_ receive_ save and execute shellcode
Win32 - Connectback_ receive_ save and execute Shellcode

Windows XP - download and exec source shellcode
Windows XP - download and exec source Shellcode
Win32 XP SP3 - ShellExecuteA shellcode
Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) shellcode
Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 shellcode
Win32 XP SP3 - ShellExecuteA Shellcode
Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) Shellcode
Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 Shellcode

Win32 - JITed stage-0 shellcode
Win32 - JITed stage-0 Shellcode

Windows - JITed egg-hunter stage-0 shellcode
Windows - JITed egg-hunter stage-0 Shellcode

Linux/x86 - nc -lvve/bin/sh -p13377 shellcode
Linux/x86 - nc -lvve/bin/sh -p13377 Shellcode

Corel VideoStudio Pro X3 - '.mp4'Buffer Overflow
Corel VideoStudio Pro X3 - '.mp4' Buffer Overflow

Boat Classifieds - 'printdetail.asp?Id'SQL Injection
Boat Classifieds - 'printdetail.asp?Id' SQL Injection

PHPBB MOD 2.0.19 - Invitation Only (PassCode Bypass)
phpBB MOD 2.0.19 - Invitation Only (PassCode Bypass)

SnoGrafx - 'cat.php?cat'SQL Injection
SnoGrafx - 'cat.php?cat' SQL Injection

Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow
Mediacoder 0.7.5.4710 - ' Universal' SEH Buffer Overflow

PlayPad Music Player 1.12 - '.mp3'Denial of Service
PlayPad Music Player 1.12 - '.mp3' Denial of Service

Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscal'l Emulation Privilege Escalation
Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation

xt:Commerce Gambio 2008 - 2010 - ERROR Based SQL Injection 'reviews.php'
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection

CuteNews - 'index.php?page'Local File Inclusion
CuteNews - 'index.php?page' Local File Inclusion

Hanso Converter 1.4.0 - '.ogg'Denial of Service
Hanso Converter 1.4.0 - '.ogg' Denial of Service
ARM - Bindshell port 0x1337 shellcode
ARM - Bind Connect UDP Port 68 shellcode
ARM - Loader Port 0x1337 shellcode
ARM - ifconfig eth0 and Assign Address 192.168.0.2 shellcode
ARM - Bindshell port 0x1337 Shellcode
ARM - Bind Connect UDP Port 68 Shellcode
ARM - Loader Port 0x1337 Shellcode
ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode

SmallFTPD 1.0.3 - Remote Directory Traversal
SmallFTPd 1.0.3 - Remote Directory Traversal

HtaEdit 3.2.3.0 - '.hta'Buffer Overflow
HtaEdit 3.2.3.0 - '.hta' Buffer Overflow

ProFTPD IAC 1.3.x - Remote Root Exploit
ProFTPd IAC 1.3.x - Remote Root Exploit
VbsEdit 4.7.2.0 - '.vbs'Buffer Overflow
Power Audio Editor 7.4.3.230 - '.cda'Denial of Service
VbsEdit 4.7.2.0 - '.vbs' Buffer Overflow
Power Audio Editor 7.4.3.230 - '.cda' Denial of Service

Sitefinity CMS - 'ASP.NET'Arbitrary File Upload
Sitefinity CMS - 'ASP.NET' Arbitrary File Upload

Native Instruments Traktor Pro 1.2.6 - Stack-based Buffer Overflow
Native Instruments Traktor Pro 1.2.6 - Stack Based Buffer Overflow

ProFTPD 1.3.3c - Compromised Source Remote Root Trojan
ProFTPd 1.3.3c - Compromised Source Remote Root Trojan

Dejcom Market CMS - 'showbrand.aspx'SQL Injection
Dejcom Market CMS - 'showbrand.aspx' SQL Injection

Aesop GIF Creator 2.1 - '.aep'Buffer Overflow
Aesop GIF Creator 2.1 - '.aep' Buffer Overflow

Apple iPhone Safari - 'JS .'Remote Crash
Apple iPhone Safari - 'JS .' Remote Crash

Microsoft Windows Fax Services Cover Page Editor - '.cov'Memory Corruption
Microsoft Windows Fax Services Cover Page Editor - '.cov' Memory Corruption

Win32 - speaking shellcode
Win32 - speaking Shellcode

ProFTPD mod_sftp - Integer Overflow Denial of Service (PoC)
ProFTPd mod_sftp - Integer Overflow Denial of Service (PoC)

BWMeter 5.4.0 - '.csv'Denial of Service
BWMeter 5.4.0 - '.csv' Denial of Service

Magic Music Editor - '.cda'Denial of Service
Magic Music Editor - '.cda' Denial of Service

wu-ftpd - SITE EXEC/INDEX Format String
WU-FTPD - SITE EXEC/INDEX Format String

Samba - trans2open Overflow (Solaris SPARC)
Samba (Solaris SPARC) - trans2open Overflow

FreeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow
freeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow

Microsoft IIS 4.0 - '.htr'Path Overflow
Microsoft IIS 4.0 - '.htr' Path Overflow

VariCAD 2010-2.05 EN - '.DWB'Stack Buffer Overflow
VariCAD 2010-2.05 EN - '.DWB' Stack Buffer Overflow

AOL 9.5 - Phobos.Playlist Import() Stack-based Buffer Overflow
AOL 9.5 - Phobos.Playlist Import() Stack Based Buffer Overflow
ProFTPD 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow
ProFTPD 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow
ProFTPd 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow
ProFTPd 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow

ProFTPD 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow
ProFTPd 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow

PHPBB - viewtopic.php Arbitrary Code Execution
phpBB - viewtopic.php Arbitrary Code Execution

ProFTPD-1.3.3c - Backdoor Command Execution
ProFTPd-1.3.3c - Backdoor Command Execution

ABBS Electronic Flash Cards 2.1 - '.fcd'Buffer Overflow
ABBS Electronic Flash Cards 2.1 - '.fcd' Buffer Overflow

VeryTools Video Spirit Pro 1.70 - '.visprj'Buffer Overflow
VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow

Wordtrainer 3.0 - '.ord'Buffer Overflow
Wordtrainer 3.0 - '.ord' Buffer Overflow

PlaylistMaker 1.5 - '.txt'Buffer Overflow
PlaylistMaker 1.5 - '.txt' Buffer Overflow

libmodplug 0.8.8.2 - (.abc) Stack-Based Buffer Overflow (PoC)
libmodplug 0.8.8.2 - (.abc) Stack Based Buffer Overflow (PoC)
MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m'Stack Buffer Overflow
MJM Core Player 2011 - '.s3m'Stack Buffer Overflow
MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m' Stack Buffer Overflow
MJM Core Player 2011 - '.s3m' Stack Buffer Overflow

Magix Musik Maker 16 - '.mmm'Stack Buffer Overflow
Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow

Smallftpd 1.0.3 FTP Server - Denial of Service
SmallFTPd 1.0.3 FTP Server - Denial of Service

FreeAmp 2.0.7 - '.fat'Buffer Overflow
FreeAmp 2.0.7 - '.fat' Buffer Overflow

VSFTPD 2.3.4 - Backdoor Command Execution
vsftpd 2.3.4 - Backdoor Command Execution

OS-X - Universal ROP shellcode
OS-X - Universal ROP Shellcode

Citrix XenApp / XenDesktop - Stack-Based Buffer Overflow
Citrix XenApp / XenDesktop - Stack Based Buffer Overflow

World Of Warcraft - 'chat-cache.txt'Local Stack Overflow Denial of Service
World Of Warcraft - 'chat-cache.txt' Local Stack Overflow Denial of Service

Wav Player 1.1.3.6 - '.pll'Buffer Overflow
Wav Player 1.1.3.6 - '.pll' Buffer Overflow

Norman Security Suite 8 - 'nprosec.sys'Privilege Escalation
Norman Security Suite 8 - 'nprosec.sys' Privilege Escalation

Ashampoo Burning Studio Elements 10.0.9 - '.ashprj'Heap Overflow
Ashampoo Burning Studio Elements 10.0.9 - '.ashprj' Heap Overflow

Cytel Studio 9.0 - '.CY3'Stack Buffer Overflow
Cytel Studio 9.0 - '.CY3' Stack Buffer Overflow

Xion Audio Player 1.0.127 - '.aiff'Denial of Service
Xion Audio Player 1.0.127 - '.aiff' Denial of Service

SnackAmp 3.1.3 - '.aiff'Denial of Service
SnackAmp 3.1.3 - '.aiff' Denial of Service

PHP Ticket System Beta 1 - 'index.php p parameter'SQL Injection
PHP Ticket System Beta 1 - 'index.php p parameter' SQL Injection

Nokia PC Suite Video Manager 7.1.180.64 - '.mp4'Denial of Service
Nokia PC Suite Video Manager 7.1.180.64 - '.mp4' Denial of Service

Multimedia Builder 4.9.8 - '.mef'Denial of Service
Multimedia Builder 4.9.8 - '.mef' Denial of Service
Tftpd32 DNS Server 4.00 - Denial of Service
LibreOffice 3.5.3 - '.rtf'FileOpen Crash
TFTPD32 DNS Server 4.00 - Denial of Service
LibreOffice 3.5.3 - '.rtf' FileOpen Crash

Microsoft Wordpad 5.1 - '.doc'Null Pointer Dereference
Microsoft Wordpad 5.1 - '.doc' Null Pointer Dereference

Lattice Semiconductor PAC-Designer 6.21 - '.PAC'Exploit
Lattice Semiconductor PAC-Designer 6.21 - '.PAC' Exploit
wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (1)
wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (2)
WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (1)
WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (2)
ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1)
ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2)
ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1)
ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2)

ProFTPD 1.2 pre6 - snprintf
ProFTPd 1.2 pre6 - snprintf

Washington University wu-ftpd 2.5.0 - message Buffer Overflow
Washington University WU-FTPD 2.5.0 - message Buffer Overflow

GlFtpd 1.17.2 - Exploit
glFTPd 1.17.2 - Exploit

Oracle Outside-In - .LWP File Parsing Stack-Based Buffer Overflow
Oracle Outside-In - .LWP File Parsing Stack Based Buffer Overflow
wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)
wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2)
wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3)
WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)
WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2)
WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3)

Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw'Cross-Site Scripting
Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw' Cross-Site Scripting

Microsoft Windows Media Player 7.0 - '.wms'Arbitrary Script
Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script

Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE'
Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Exploit

ProFTPD 1.2 - SIZE Remote Denial of Service
ProFTPd 1.2 - SIZE Remote Denial of Service

Microsoft Windows Media Player 7.0 - '.wmz'Arbitrary Java Applet
Microsoft Windows Media Player 7.0 - '.wmz' Arbitrary Java Applet

wu-ftpd 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion
WU-FTPD 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion

Wu-Ftpd 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String
WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String

Joe Text Editor 2.8 - '.joerc'Arbitrary Command Execution
Joe Text Editor 2.8 - '.joerc' Arbitrary Command Execution

whitsoft slimserve ftpd 1.0/2.0 - Directory Traversal
WhitSoft slimserve ftpd 1.0/2.0 - Directory Traversal

wu-ftpd 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPD 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion
WU-FTPD 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPd 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion

freebsd 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities
FreeBSD 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities

raidenftpd 2.1 - Directory Traversal
RaidenFTPd 2.1 - Directory Traversal

AV Arcade Free Edition - 'add_rating.php id parameter'Blind SQL Injection
AV Arcade Free Edition - 'add_rating.php id parameter' Blind SQL Injection

Solaris 2.6/7/8 - SPARC xlock Heap Overflow
Solaris 2.6/7/8 -(SPARC) xlock Heap Overflow

glFTPD 1.x - LIST Denial of Service
glFTPd 1.x - 'LIST' Denial of Service

Wu-Ftpd 2.6 - File Globbing Heap Corruption
WU-FTPD 2.6 - File Globbing Heap Corruption

Joomla RokModule Component - 'index.php module parameter'Blind SQL Injection
Joomla RokModule Component - 'index.php module parameter' Blind SQL Injection

PHPWebsite 0.8.2 - PHP File Include
phpWebSite 0.8.2 - PHP File Include

PHPWebSite 0.8.3 - News Message HTML Injection
phpWebSite 0.8.3 - News Message HTML Injection

PHPWebSite 0.8.3 - article.php Cross-Site Scripting
phpWebSite 0.8.3 - article.php Cross-Site Scripting

PHPBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion
phpBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion

PHPBB 2.0.3 - search.php Cross-Site Scripting
phpBB 2.0.3 - search.php Cross-Site Scripting

ProFTPD 1.2.x - STAT Command Denial of Service
ProFTPd 1.2.x - STAT Command Denial of Service

Joomla Tags - 'index.php tag parameter'SQL Injection
Joomla Tags - 'index.php tag parameter' SQL Injection
Joomla Commedia Plugin - 'index.php task parameter'SQL Injection
Joomla Kunena Component - 'index.php search parameter'SQL Injection
Joomla Commedia Plugin - 'index.php task parameter' SQL Injection
Joomla Kunena Component - 'index.php search parameter' SQL Injection

PHPBB 2.0.3 - privmsg.php SQL Injection
phpBB 2.0.3 - privmsg.php SQL Injection

Joomla Spider Catalog - 'index.php product_id parameter'SQL Injection
Joomla Spider Catalog - 'index.php product_id parameter' SQL Injection

Battleaxe Software BTTLXE Forum - login.asp SQL Injection
Battleaxe Software BTTLXE Forum - 'login.asp' SQL Injection

SudBox Boutique 1.2 - login.php Authentication Bypass
SudBox Boutique 1.2 - 'login.php' Authentication Bypass

friendsinwar FAQ Manager - 'view_faq.php question parameter'SQL Injection
friendsinwar FAQ Manager - 'view_faq.php question parameter' SQL Injection

GuildFTPD 0.999.8 - CWD Command Denial of Service
GuildFTPd 0.999.8 - CWD Command Denial of Service

ProductCart 1.5/1.6/2.0 - login.asp SQL Injection
ProductCart 1.5/1.6/2.0 - 'login.asp' SQL Injection

SmartCMS - 'index.php idx parameter'SQL Injection
SmartCMS - 'index.php idx parameter' SQL Injection

mcrypt 2.6.8 - stack-based Buffer Overflow (PoC)
mcrypt 2.6.8 - Stack Based Buffer Overflow (PoC)

wu-ftpd 2.6.2 - realpath() Off-by-One Buffer Overflow
WU-FTPD 2.6.2 - realpath() Off-by-One Buffer Overflow
wu-ftpd 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow
freeBSD 4.8 - realpath() Off-by-One Buffer Overflow
WU-FTPD 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow
FreeBSD 4.8 - realpath() Off-by-One Buffer Overflow

SmartCMS - 'index.php menuitem parameter'SQL Injection / Cross-Site Scripting
SmartCMS - 'index.php menuitem parameter' SQL Injection / Cross-Site Scripting

FreeFTPD - Remote Authentication Bypass Exploit
freeFTPd - Remote Authentication Bypass Exploit

PHPBB 2.0.6 - URL BBCode HTML Injection
phpBB 2.0.6 - URL BBCode HTML Injection
wzdftpd 0.1 rc5 - Login Remote Denial of Service
ProFTPD 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun
WzdFTPD 0.1 rc5 - Login Remote Denial of Service
ProFTPd 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun

PHPBB 2.0.x - profile.php SQL Injection
phpBB 2.0.x - profile.php SQL Injection

PHPBB 2.0.6 - privmsg.php Cross-Site Scripting
phpBB 2.0.6 - privmsg.php Cross-Site Scripting

Sony PC Companion 2.1 - (DownloadURLToFile()) Stack-based Unicode Buffer Overflow
Sony PC Companion 2.1 - (DownloadURLToFile()) Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - (Load()) Stack-based Unicode Buffer Overflow
Sony PC Companion 2.1 - (CheckCompatibility()) Stack-based Unicode Buffer Overflow
Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overflow
SelectSurvey CMS - 'ASP.NET'Arbitrary File Upload
Sony PC Companion 2.1 - (Load()) Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - (CheckCompatibility()) Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack Based Unicode Buffer Overflow
SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload

MyBB AwayList Plugin - 'index.php id parameter'SQL Injection
MyBB AwayList Plugin - 'index.php id parameter' SQL Injection

SmallFTPD 1.0.3 - Remote Denial of Service
SmallFTPd 1.0.3 - Remote Denial of Service
MyBB - 'editpost.php posthash'SQL Injection
Joomla Spider Calendar - 'index.php date parameter'Blind SQL Injection
MyBB - 'editpost.php posthash' SQL Injection
Joomla Spider Calendar - 'index.php date parameter' Blind SQL Injection

Phorum 3.x - login.php HTTP_REFERER Cross-Site Scripting
Phorum 3.x - 'login.php' HTTP_REFERER Cross-Site Scripting

PHPBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection
phpBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection

Inmatrix Ltd. Zoom Player 8.5 - '.jpeg'Exploit
Inmatrix Ltd. Zoom Player 8.5 - '.jpeg' Exploit

PHPBB 2.0.x - album_portal.php Remote File Inclusion
phpBB 2.0.x - album_portal.php Remote File Inclusion

PHPBB 2.0.x - viewtopic.php PHP Script Injection
phpBB 2.0.x - viewtopic.php PHP Script Injection

JShop E-Commerce Suite 3.0 - page.php Cross-Site Scripting
JShop E-Commerce Suite 3.0 - 'page.php' Cross-Site Scripting

NullSoft Winamp 2-5 - '.wsz'Remote Code Execution
NullSoft Winamp 2-5 - '.wsz' Remote Code Execution

phpWebsite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting
phpWebSite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting

Scripts Genie Gallery Personals - 'gallery.php L parameter'SQL Injection
Scripts Genie Gallery Personals - 'gallery.php L parameter' SQL Injection

Scripts Genie Domain Trader - 'catalog.php id parameter'SQL Injection
Scripts Genie Domain Trader - 'catalog.php id parameter' SQL Injection

Scripts Genie Games Site Script - 'index.php id parameter'SQL Injection
Scripts Genie Games Site Script - 'index.php id parameter' SQL Injection

Photodex ProShow Producer 5.0.3297 - '.pxs'Memory Corruption Exploit
Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption Exploit

Scripts Genie Top Sites - 'out.php id parameter'SQL Injection
Scripts Genie Top Sites - 'out.php id parameter' SQL Injection

Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter'SQL Injection
Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter' SQL Injection

W-Agora 4.1.6 - a login.php loginuser Parameter Cross-Site Scripting
W-Agora 4.1.6 - a 'login.php' loginuser Parameter Cross-Site Scripting

PHPWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting
phpWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting

Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack-Based Buffer Overflow
Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack Based Buffer Overflow

PHPBB 2.0.x - admin_cash.php Remote PHP File Include
phpBB 2.0.x - admin_cash.php Remote PHP File Include

UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter Cross-Site Scripting
UBBCentral UBB.threads 6.2.3/6.5 - 'login.php' Cat Parameter Cross-Site Scripting
PHPGedView 2.5/2.6 - login.php URL Parameter Cross-Site Scripting
PHPGedView 2.5/2.6 - login.php Username Parameter Cross-Site Scripting
PHPGedView 2.5/2.6 - login.php Newlanguage Cross-Site Scripting
PHPGedView 2.5/2.6 - 'login.php' URL Parameter Cross-Site Scripting
PHPGedView 2.5/2.6 - 'login.php' Username Parameter Cross-Site Scripting
PHPGedView 2.5/2.6 - 'login.php' Newlanguage Cross-Site Scripting

Rebus:list - 'list.php list_id parameter'SQL Injection
Rebus:list - 'list.php list_id parameter' SQL Injection

SynConnect Pms - 'index.php loginid parameter'SQL Injection
SynConnect Pms - 'index.php loginid parameter' SQL Injection

Groovy Media Player 3.2.0 - '.mp3'Buffer Overflow
Groovy Media Player 3.2.0 - '.mp3' Buffer Overflow

glFTPD 1.x/2.0 ZIP Plugins - Multiple Directory Traversal Vulnerabilities
glFTPd 1.x/2.0 'ZIP' Plugins - Multiple Directory Traversal Vulnerabilities

PHPWebSite 0.x - Image File Processing Arbitrary PHP File Upload
phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload
PHPBB 2.0.x - Authentication Bypass (1)
PHPBB 2.0.x - Authentication Bypass (2)
PHPBB 2.0.x - Authentication Bypass (3)
phpBB 2.0.x - Authentication Bypass (1)
phpBB 2.0.x - Authentication Bypass (2)
phpBB 2.0.x - Authentication Bypass (3)

PHPCOIN 1.2 - login.php Multiple Parameter Cross-Site Scripting
PHPCOIN 1.2 - 'login.php' Multiple Parameter Cross-Site Scripting

Multiple Vendor Telnet Client - Env_opt_add Heap-Based Buffer Overflow
Multiple Vendor Telnet Client - Env_opt_add Heap Based Buffer Overflow
PHPBB 2.0.13 DLMan Pro Module - SQL Injection
PHPBB 2.0.13 Linkz Pro Module - SQL Injection
phpBB 2.0.13 DLMan Pro Module - SQL Injection
phpBB 2.0.13 Linkz Pro Module - SQL Injection
PHPBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting
PHPBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting
phpBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting
phpBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting

Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter'SQL Injection
Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter' SQL Injection
PHPBB Remote - mod.php SQL Injection
Datenbank Module For PHPBB - Remote mod.php Cross-Site Scripting
phpBB Remote - mod.php SQL Injection
Datenbank Module For phpBB - Remote mod.php Cross-Site Scripting

PHPBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection
phpBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection
PHPBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection
PHPBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection
phpBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection
phpBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection

RaidenFTPD 2.4 - Unauthorized File Access
RaidenFTPd 2.4 - Unauthorized File Access

CartWIZ 1.10 - login.asp Redirect Argument Cross-Site Scripting
CartWIZ 1.10 - 'login.asp' Redirect Argument Cross-Site Scripting

CartWIZ 1.10 - login.asp Message Argument Cross-Site Scripting
CartWIZ 1.10 - 'login.asp' Message Argument Cross-Site Scripting
PHPBB 2.0.x - profile.php Cross-Site Scripting
PHPBB 2.0.x - viewtopic.php Cross-Site Scripting
phpBB 2.0.x - profile.php Cross-Site Scripting
phpBB 2.0.x - viewtopic.php Cross-Site Scripting

Notes Module for PHPBB - SQL Injection
Notes Module for phpBB - SQL Injection

PHPCOIN 1.2 - login.php PHPcoinsessid Parameter SQL Injection
PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection

CodetoSell ViArt Shop Enterprise 2.1.6 - page.php page Parameter Cross-Site Scripting
CodetoSell ViArt Shop Enterprise 2.1.6 - 'page.php' page Parameter Cross-Site Scripting

PHPBB 2.0.x - URL Tag BBCode.php
phpBB 2.0.x - URL Tag BBCode.php

Active News Manager - login.asp SQL Injection
Active News Manager - 'login.asp' SQL Injection

FunkyASP AD Systems 1.1 - login.asp SQL Injection
FunkyASP AD Systems 1.1 - 'login.asp' SQL Injection

SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow
SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow

OS4E - login.asp SQL Injection
OS4E - 'login.asp' SQL Injection
JiRo's Upload System 1.0 - login.asp SQL Injection
NEXTWEB - (i)Site login.asp SQL Injection
JiRo's Upload System 1.0 - 'login.asp' SQL Injection
NEXTWEB - (i)Site 'login.asp' SQL Injection

Livingcolor Livingmailing 1.3 - login.asp SQL Injection
Livingcolor Livingmailing 1.3 - 'login.asp' SQL Injection

WWWeb Concepts Events System 1.0 - login.asp SQL Injection
WWWeb Concepts Events System 1.0 - 'login.asp' SQL Injection

Cool Cafe Chat 1.2.1 - login.asp SQL Injection
Cool Cafe Chat 1.2.1 - 'login.asp' SQL Injection

LaGarde StoreFront 5.0 Shopping Cart - login.asp SQL Injection
LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection

Ipswitch WhatsUp Professional 2005 SP1 - login.asp SQL Injection
Ipswitch WhatsUp Professional 2005 SP1 - 'login.asp' SQL Injection

Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp SQL Injection
Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' SQL Injection

PHPWebsite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal
phpWebSite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal

Cuppa CMS - 'alertConfigField.php urlConfig parameter'Remote / Local File Inclusion
Cuppa CMS - 'alertConfigField.php urlConfig parameter' Remote / Local File Inclusion

VBZoom 1.0/1.11 - login.php UserID Parameter Cross-Site Scripting
VBZoom 1.0/1.11 - 'login.php' UserID Parameter Cross-Site Scripting

PHP Lite Calendar Express 2.2 - login.php cid Parameter SQL Injection
PHP Lite Calendar Express 2.2 - 'login.php' cid Parameter SQL Injection

ATutor 1.5.1 - login.php course Parameter Cross-Site Scripting
ATutor 1.5.1 - 'login.php' course Parameter Cross-Site Scripting

Adrenalin Player 2.2.5.3 - '.wax'SEH Buffer Overflow
Adrenalin Player 2.2.5.3 - '.wax' SEH Buffer Overflow

PHPwcms 1.2.5 -DEV - login.php form_lang Parameter Traversal Arbitrary File Access
PHPwcms 1.2.5 -DEV - 'login.php' form_lang Parameter Traversal Arbitrary File Access

AVS Media Player 4.1.11.100 - '.ac3'Denial of Service
AVS Media Player 4.1.11.100 - '.ac3' Denial of Service

Adrenalin Player 2.2.5.3 - '.wvx'SEH Buffer Overflow
Adrenalin Player 2.2.5.3 - '.wvx' SEH Buffer Overflow

WinAmp 5.63 - Stack-based Buffer Overflow
WinAmp 5.63 - Stack Based Buffer Overflow

PHPX 3.5.x - Admin login.php SQL Injection
PHPX 3.5.x - Admin 'login.php' SQL Injection

DRZES Hms 3.2 - login.php Cross-Site Scripting
DRZES Hms 3.2 - 'login.php' Cross-Site Scripting
PortalApp 3.3/4.0 - login.asp Cross-Site Scripting
SiteEnable 3.3 - login.asp Cross-Site Scripting
IntranetApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting
PortalApp 3.3/4.0 - 'login.asp' Cross-Site Scripting
SiteEnable 3.3 - 'login.asp' Cross-Site Scripting
IntranetApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting

ProjectApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting
ProjectApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting

VbsEdit 5.9.3 - '.smi'Buffer Overflow
VbsEdit 5.9.3 - '.smi' Buffer Overflow

Artweaver 3.1.5 - '.awd'Buffer Overflow
Artweaver 3.1.5 - '.awd' Buffer Overflow

XnView 2.03 - '.pct'Buffer Overflow
XnView 2.03 - '.pct' Buffer Overflow

aoblogger 2.3 - login.php username Field SQL Injection
aoblogger 2.3 - 'login.php' username Field SQL Injection

WebspotBlogging 3.0 - login.php SQL Injection
WebspotBlogging 3.0 - 'login.php' SQL Injection

miniBloggie 1.0 - login.php SQL Injection
miniBloggie 1.0 - 'login.php' SQL Injection

ASPThai Forums 8.0 - login.asp SQL Injection
ASPThai Forums 8.0 - 'login.asp' SQL Injection

Windows RT ARM - Bind Shell (Port 4444) shellcode
Windows RT ARM - Bind Shell (Port 4444) Shellcode

Virtual Hosting Control System 2.2/2.4 - login.php check_login() Function Authentication Bypass
Virtual Hosting Control System 2.2/2.4 - 'login.php' check_login() Function Authentication Bypass

Siteframe Beaumont 5.0.1/5.0.2 - page.php HTML Injection
Siteframe Beaumont 5.0.1/5.0.2 - 'page.php' HTML Injection

Ginkgo CMS - 'index.php rang parameter'SQL Injection
Ginkgo CMS - 'index.php rang parameter' SQL Injection

Game-Panel 2.6 - login.php Cross-Site Scripting
Game-Panel 2.6 - 'login.php' Cross-Site Scripting

QwikiWiki 1.4/1.5 - login.php Multiple Parameter Cross-Site Scripting
QwikiWiki 1.4/1.5 - 'login.php' Multiple Parameter Cross-Site Scripting
PHPWebsite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection
PHPWebsite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection
phpWebSite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection
phpWebSite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection

PhxContacts 0.93 - login.php Cross-Site Scripting
PhxContacts 0.93 - 'login.php' Cross-Site Scripting

MLMAuction Script - 'gallery.php id parameter'SQL Injection
MLMAuction Script - 'gallery.php id parameter' SQL Injection

RedCMS 0.1 - login.php Multiple Parameter SQL Injection
RedCMS 0.1 - 'login.php' Multiple Parameter SQL Injection

ShopWeezle 2.0 - login.php itemID Parameter SQL Injection
ShopWeezle 2.0 - 'login.php' itemID Parameter SQL Injection

ContentBoxx - login.php Cross-Site Scripting
ContentBoxx - 'login.php' Cross-Site Scripting

PHPBB Chart Mod 1.1 - charts.php id Parameter SQL Injection
phpBB Chart Mod 1.1 - charts.php id Parameter SQL Injection

PHPBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion
phpBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion

JSBoard 2.0.10/2.0.11 - login.php Cross-Site Scripting
JSBoard 2.0.10/2.0.11 - 'login.php' Cross-Site Scripting

CyberBuild - login.asp SessionID Parameter SQL Injection
CyberBuild - 'login.asp' SessionID Parameter SQL Injection

CyberBuild - login.asp SessionID Parameter Cross-Site Scripting
CyberBuild - 'login.asp' SessionID Parameter Cross-Site Scripting

PHPBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting
phpBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting

PHPBB 2.0.20 - Unauthorized HTTP Proxy
phpBB 2.0.20 - Unauthorized HTTP Proxy

PHPBB 2.0.x - template.php Remote File Inclusion
phpBB 2.0.x - template.php Remote File Inclusion
PHPBB - BBRSS.php Remote File Inclusion
RahnemaCo - page.php Remote File Inclusion
phpBB - BBRSS.php Remote File Inclusion
RahnemaCo - 'page.php' Remote File Inclusion

BlueDragon Server 6.2.1 - '.cfm'Denial of Service
BlueDragon Server 6.2.1 - '.cfm' Denial of Service

MyMail 1.0 - login.php Cross-Site Scripting
MyMail 1.0 - 'login.php' Cross-Site Scripting

Woltlab Burning Board FLVideo Addon - 'video.php value parameter'SQL Injection
Woltlab Burning Board FLVideo Addon - 'video.php value parameter' SQL Injection

PHPBB 1.2.4 For Mambo - Multiple Remote File Inclusion
phpBB 1.2.4 For Mambo - Multiple Remote File Inclusion
PHPbb-auction 1.x - auction_room.php ar Parameter SQL Injection
PHPbb-auction 1.x - auction_store.php u Parameter SQL Injection
phpBB-auction 1.x - auction_room.php ar Parameter SQL Injection
phpBB-auction 1.x - auction_store.php u Parameter SQL Injection

Linux/x86 - Multi-Egghunter shellcode
Linux/x86 - Multi-Egghunter Shellcode

Jamroom 3.0.16 - login.php Cross-Site Scripting
Jamroom 3.0.16 - 'login.php' Cross-Site Scripting

DCP-Portal 6.0 - login.php username Parameter SQL Injection
DCP-Portal 6.0 - 'login.php' username Parameter SQL Injection

PhpBB XS 0.58 - Multiple Remote File Inclusion
phpBB XS 0.58 - Multiple Remote File Inclusion

AckerTodo 4.2 - login.php Multiple SQL Injection
AckerTodo 4.2 - 'login.php' Multiple SQL Injection

PHPWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion
phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion
PHPBB Add Name Module - Not_Mem.php Remote File Inclusion
IcoFX 2.5.0.0 - '.ico'Buffer Overflow
phpBB Add Name Module - Not_Mem.php Remote File Inclusion
IcoFX 2.5.0.0 - '.ico' Buffer Overflow

Evandor Easy notesManager 0.0.1 - login.php username Parameter SQL Injection
Evandor Easy notesManager 0.0.1 - 'login.php' username Parameter SQL Injection
AIOCP 1.3.x - cp_forum_view.php Multiple Parameter Cross-Site Scripting
AIOCP 1.3.x - cp_dpage.php choosed_language Parameter Cross-Site Scripting
AIOCP 1.3.x - cp_show_ec_products.php order_field Parameter Cross-Site Scripting
AIOCP 1.3.x - cp_users_online.php order_field Parameter Cross-Site Scripting
AIOCP 1.3.x - cp_links_search.php orderdir Parameter Cross-Site Scripting
AIOCP 1.3.x - /admin/code/index.php load_page Parameter Remote File Inclusion
AIOCP 1.3.x - cp_dpage.php choosed_language Parameter SQL Injection
AIOCP 1.3.x - cp_news.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_forum_view.php choosed_language Parameter SQL Injection
AIOCP 1.3.x - cp_edit_user.php choosed_language Parameter SQL Injection
AIOCP 1.3.x - cp_newsletter.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_links.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_contact_us.php choosed_language Parameter SQL Injection
AIOCP 1.3.x - cp_show_ec_products.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_login.php choosed_language Parameter SQL Injection
AIOCP 1.3.x - cp_users_online.php order_field Parameter SQL Injection
AIOCP 1.3.x - cp_codice_fiscale.php choosed_language Parameter SQL Injection
AIOCP 1.3.x - cp_links_search.php orderdir Parameter SQL Injection
AIOCP 1.3.x - cp_dpage.php Full Path Disclosure
AIOCP 1.3.x - cp_show_ec_products.php Full Path Disclosure
AIOCP 1.3.x - cp_show_page_help.php Full Path Disclosure
AIOCP 1.3.x - 'cp_forum_view.php' Multiple Parameter Cross-Site Scripting
Windows x86 - Persistent Reverse Shell TCP (494 Bytes)
AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter Cross-Site Scripting
AIOCP 1.3.x - 'cp_show_ec_products.php' order_field Parameter Cross-Site Scripting
AIOCP 1.3.x - 'cp_users_online.php order_field Parameter Cross-Site Scripting
AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter Cross-Site Scripting
AIOCP 1.3.x - '/admin/code/index.php' load_page Parameter Remote File Inclusion
AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter SQL Injection
AIOCP 1.3.x - 'cp_news.php' Multiple Parameter SQL Injection
AIOCP 1.3.x - 'cp_forum_view.php' choosed_language Parameter SQL Injection
AIOCP 1.3.x - 'cp_edit_user.php' choosed_language Parameter SQL Injection
AIOCP 1.3.x - 'cp_newsletter.php' Multiple Parameter SQL Injection
AIOCP 1.3.x - 'cp_links.php' Multiple Parameter SQL Injection
AIOCP 1.3.x - 'cp_contact_us.php' choosed_language Parameter SQL Injection
AIOCP 1.3.x - 'cp_show_ec_products.php' Multiple Parameter SQL Injection
AIOCP 1.3.x - 'cp_login.php' choosed_language Parameter SQL Injection
AIOCP 1.3.x - 'cp_users_online.php' order_field Parameter SQL Injection
AIOCP 1.3.x - 'cp_codice_fiscale.php' choosed_language Parameter SQL Injection
AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter SQL Injection
AIOCP 1.3.x - 'cp_dpage.php' Full Path Disclosure
AIOCP 1.3.x - 'cp_show_ec_products.php' Full Path Disclosure
AIOCP 1.3.x - 'cp_show_page_help.php' Full Path Disclosure

INFINICART - login.asp Multiple Parameter Cross-Site Scripting
INFINICART - 'login.asp' Multiple Parameter Cross-Site Scripting

Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path'] Multiple Remote File Inclusion
Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path' ] Multiple Remote File Inclusion

SIAP CMS - login.asp SQL Injection
SIAP CMS - 'login.asp' SQL Injection

AppIntellect SpotLight CRM - login.asp SQL Injection
AppIntellect SpotLight CRM - 'login.asp' SQL Injection

DMXReady Secure Login Manager 1.0 - login.asp sent Parameter SQL Injection
DMXReady Secure Login Manager 1.0 - 'login.asp' sent Parameter SQL Injection

PHPBB 2.0.21 - privmsg.php HTML Injection
phpBB 2.0.21 - privmsg.php HTML Injection

Indexu 5.0/5.3 - login.php error_msg Parameter Cross-Site Scripting
Indexu 5.0/5.3 - 'login.php' error_msg Parameter Cross-Site Scripting

myBloggie 2.1.5 - login.php PATH_INFO Parameter Cross-Site Scripting
myBloggie 2.1.5 - 'login.php' PATH_INFO Parameter Cross-Site Scripting

Avira Secure Backup 1.0.0.1 Build 3616 - '.reg'Buffer Overflow
Avira Secure Backup 1.0.0.1 Build 3616 - '.reg' Buffer Overflow

Boilsoft RM TO MP3 Converter 1.72 - Crash PoC '.wav'
Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC

Tyger Bug Tracking System 1.1.3 - login.php PATH_INFO Parameter Cross-Site Scripting
Tyger Bug Tracking System 1.1.3 - 'login.php' PATH_INFO Parameter Cross-Site Scripting

Horde Framework 3.1.3 - login.php Cross-Site Scripting
Horde Framework 3.1.3 - 'login.php' Cross-Site Scripting
PHPStats 0.1.9 - Multiple SQL Injections
PHPStats 0.1.9 - PHP-Stats-options.php Remote Code Execution
phpStats 0.1.9 - Multiple SQL Injections
phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution

Free File Hosting System 1.1 - login.php AD_BODY_TEMP Parameter Remote File Inclusion
Free File Hosting System 1.1 - 'login.php' AD_BODY_TEMP Parameter Remote File Inclusion

DeskPro 2.0.1 - login.php HTML Injection
DeskPro 2.0.1 - 'login.php' HTML Injection

plesk 8.1.1 - login.php3 Directory Traversal
plesk 8.1.1 - 'login.php3' Directory Traversal

Ahhp Portal - page.php Multiple Remote File Inclusion
Ahhp Portal - 'page.php' Multiple Remote File Inclusion
Campsite 2.6.1 - 'LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - 'LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ' LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ' LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion

PHPPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting
phpPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting

Maia Mailguard 1.0.2 - login.php Multiple Local File Inclusion
Maia Mailguard 1.0.2 - 'login.php' Multiple Local File Inclusion

Nukedit 4.9.x - login.asp Cross-Site Scripting
Nukedit 4.9.x - 'login.asp' Cross-Site Scripting

Pay Roll Time Sheet and Punch Card Application With Web UI - login.asp SQL Injection
Pay Roll Time Sheet and Punch Card Application With Web UI - 'login.asp' SQL Injection

RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp'Version Attribute Buffer Overflow
RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp' Version Attribute Buffer Overflow

PHPGedView 4.1 - login.php Cross-Site Scripting
PHPGedView 4.1 - 'login.php' Cross-Site Scripting
E-Smart Cart 1.0 - login.asp SQL Injection
AkkyWareHOUSE 7-zip32.dll 4.42 - Heap-Based Buffer Overflow
E-Smart Cart 1.0 - 'login.asp' SQL Injection
AkkyWareHOUSE 7-zip32.dll 4.42 - Heap Based Buffer Overflow

SWSoft Plesk 8.2 - login.php3 PLESKSESSID Cookie SQL Injection
SWSoft Plesk 8.2 - 'login.php3' PLESKSESSID Cookie SQL Injection

AfterLogic MailBee WebMail Pro 3.x - login.php mode Parameter Cross-Site Scripting
AfterLogic MailBee WebMail Pro 3.x - 'login.php' mode Parameter Cross-Site Scripting

Miro Broadcast Machine 0.9.9 - login.php Cross-Site Scripting
Miro Broadcast Machine 0.9.9 - 'login.php' Cross-Site Scripting

JiRo's Banner System 2.0 - login.asp Multiple SQL Injection
JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection

WinUAE 1.4.4 - 'zfile.c' Stack-Based Buffer Overflow
WinUAE 1.4.4 - 'zfile.c' Stack Based Buffer Overflow

Toshiba Surveillance Surveillix DVR 'MeIpCamX.DLL' 1.0 - ActiveX Control Buffer Overflow
Toshiba Surveillance Surveillix DVR 'MeIpCamX.dll' 1.0 - ActiveX Control Buffer Overflow

MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color()
MuPDF 1.3 - Stack Based Buffer Overflow in xps_parse_color()

Android Web Browser - GIF File Heap-Based Buffer Overflow
Android Web Browser - GIF File Heap Based Buffer Overflow

NCH Software Express Burn Plus 4.68 - '.EBP'Project File Buffer Overflow
NCH Software Express Burn Plus 4.68 - '.EBP' Project File Buffer Overflow

PHPstats 0.1_alpha - 'PHPstats.php' Cross-Site Scripting
phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting

Publish-It 3.6d - '.pui'SEH Buffer Overflow
Publish-It 3.6d - '.pui' SEH Buffer Overflow
LeadTools Multimedia 15 - 'LTMM15.DLL' ActiveX Control Arbitrary File Overwrite Vulnerabilities
PHPBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion
LeadTools Multimedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities
phpBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion

PHPBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion
phpBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion

EsContacts 1.0 - login.php msg Parameter Cross-Site Scripting
EsContacts 1.0 - 'login.php' msg Parameter Cross-Site Scripting

NASA Ames Research Center BigView 1.8 - '.PNM'Stack-Based Buffer Overflow
NASA Ames Research Center BigView 1.8 - '.PNM' Stack Based Buffer Overflow

PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter'SQL Injection
PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter' SQL Injection

VCDGear 3.50 - '.cue'Stack Buffer Overflow
VCDGear 3.50 - '.cue' Stack Buffer Overflow

FaName 1.0 - page.php name Parameter Cross-Site Scripting
FaName 1.0 - 'page.php' name Parameter Cross-Site Scripting

TGS Content Management 0.3.2r2 - login.php Multiple Parameter Cross-Site Scripting
TGS Content Management 0.3.2r2 - 'login.php' Multiple Parameter Cross-Site Scripting
Claroline 1.8.9 - PHPbb/newtopic.php URL Cross-Site Scripting
Claroline 1.8.9 - PHPbb/reply.php URL Cross-Site Scripting
Claroline 1.8.9 - PHPbb/viewtopic.php URL Cross-Site Scripting
Claroline 1.8.9 - phpBB/newtopic.php URL Cross-Site Scripting
Claroline 1.8.9 - phpBB/reply.php URL Cross-Site Scripting
Claroline 1.8.9 - phpBB/viewtopic.php URL Cross-Site Scripting

Trixbox - 'endpoint_aastra.php mac parameter'Remote Code Injection
Trixbox - 'endpoint_aastra.php mac parameter' Remote Code Injection

Free Download Manager - Stack-based Buffer Overflow
Free Download Manager - Stack Based Buffer Overflow

XRms 1.99.2 - login.php target Parameter Cross-Site Scripting
XRms 1.99.2 - 'login.php' target Parameter Cross-Site Scripting

Microsoft DebugDiag 1.0 - 'CrashHangExt.dll' ActiveX Control Remote Denial of Service
Microsoft DebugDiag 1.0 - ' CrashHangExt.dll' ActiveX Control Remote Denial of Service

PHPWebSite 0.9.3 - 'links.php' SQL Injection
phpWebSite 0.9.3 - 'links.php' SQL Injection

Easyedit CMS - page.php intPageID Parameter SQL Injection
Easyedit CMS - 'page.php' intPageID Parameter SQL Injection

aMSN - '.ctt'Remote Denial of Service
aMSN - '.ctt' Remote Denial of Service

68 Classifieds 4.1 - login.php goto Parameter Cross-Site Scripting
68 Classifieds 4.1 - 'login.php' goto Parameter Cross-Site Scripting

ProFTPD 1.3 - 'mod_sql' Username SQL Injection
ProFTPd 1.3 - 'mod_sql' Username SQL Injection

LinPHA 1.3.2/1.3.3 - login.php Cross-Site Scripting
LinPHA 1.3.2/1.3.3 - 'login.php' Cross-Site Scripting

Recover Data for Novell Netware 1.0 - '.sav'Remote Denial of Service
Recover Data for Novell Netware 1.0 - '.sav' Remote Denial of Service

J. River Media Jukebox 12 - '.mp3'Remote Heap Buffer Overflow
J. River Media Jukebox 12 - '.mp3' Remote Heap Buffer Overflow

Invision Power Board 3.0.3 - '.txt'MIME-Type Cross-Site Scripting
Invision Power Board 3.0.3 - '.txt' MIME-Type Cross-Site Scripting

OpenOffice 3.1 - '.csv'Remote Denial of Service
OpenOffice 3.1 - '.csv' Remote Denial of Service

OpenOffice 3.1 - '.slk'NULL Pointer Dereference Remote Denial of Service
OpenOffice 3.1 - '.slk' NULL Pointer Dereference Remote Denial of Service

BS.Player 2.51 - '.mp3'Buffer Overflow
BS.Player 2.51 - '.mp3' Buffer Overflow

netKar PRO 1.1 - '.nkuser'File Creation NULL Pointer Denial Of Service
netKar PRO 1.1 - '.nkuser' File Creation NULL Pointer Denial Of Service

Aqua Real Screensaver - '.ar'Buffer Overflow
Aqua Real Screensaver - '.ar' Buffer Overflow

Mthree Development MP3 to WAV Decoder - '.mp3'Remote Buffer Overflow
Mthree Development MP3 to WAV Decoder - '.mp3' Remote Buffer Overflow

Sonique 2.0 - '.xpl'Remote Stack-Based Buffer Overflow
Sonique 2.0 - '.xpl' Remote Stack Based Buffer Overflow

Property Watch - login.php redirect Parameter Cross-Site Scripting
Property Watch - 'login.php' redirect Parameter Cross-Site Scripting

Xilisoft Video Converter 3.1.8.0720b - '.ogg'Buffer Overflow
Xilisoft Video Converter 3.1.8.0720b - '.ogg' Buffer Overflow

Mulitple Wordpress Themes - 'admin-ajax.php img parameter'Arbitrary File Download
Mulitple Wordpress Themes - 'admin-ajax.php img parameter' Arbitrary File Download

Crystal Player 1.98 - '.mls'Buffer Overflow
Crystal Player 1.98 - '.mls' Buffer Overflow

Wordpress Acento Theme - 'view-pdf.php file parameter'Arbitrary File Download
Wordpress Acento Theme - 'view-pdf.php file parameter' Arbitrary File Download

GreenBrowser - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution
GreenBrowser - 'RSRC32.dll' DLL Loading Arbitrary Code Execution

DragDropCart - login.php redirect Parameter Cross-Site Scripting
DragDropCart - 'login.php' redirect Parameter Cross-Site Scripting

Microsoft Bluetooth Personal Area Networking - 'BthPan.sys'Privilege Escalation
Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Privilege Escalation

WordPress RB Agency Plugin 2.4.7 - Local File Disclosure

Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'Buffer Overflow/Denial of Service EIP Overwrite
Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Buffer Overflow/Denial of Service EIP Overwrite

Wireshark 1.4.3 - '.pcap'Memory Corruption
Wireshark 1.4.3 - '.pcap' Memory Corruption

Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'SEH Buffer Overflow
Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' SEH Buffer Overflow
KMPlayer 2.9.3.1214 - '.ksf'Remote Buffer Overflow
DivX Player 6.x - '.dps'Remote Buffer Overflow
KMPlayer 2.9.3.1214 - '.ksf' Remote Buffer Overflow
DivX Player 6.x - '.dps' Remote Buffer Overflow

VLC Media Player 1.0.5 - '.ape'Denial of Service
VLC Media Player 1.0.5 - '.ape' Denial of Service

RealPlayer 11 - '.rmp'Remote Buffer Overflow
RealPlayer 11 - '.rmp' Remote Buffer Overflow

Advantech AdamView 4.30.003 - '.gni'SEH Buffer Overflow
Advantech AdamView 4.30.003 - '.gni' SEH Buffer Overflow

FLVPlayer4Free 2.9 - '.fp4f'Remote Buffer Overflow
FLVPlayer4Free 2.9 - '.fp4f' Remote Buffer Overflow

eXPert PDF 7.0.880.0 - '.pj'Heab-based Buffer Overflow
eXPert PDF 7.0.880.0 - '.pj' Heap Based Buffer Overflow

BlueVoda Website Builder 11 - '.bvp' File Stack-Based Buffer Overflow
BlueVoda Website Builder 11 - '.bvp' File Stack Based Buffer Overflow

PHPWebSite 1.7.1 - 'upload.php' Arbitrary File Upload
phpWebSite 1.7.1 - 'upload.php' Arbitrary File Upload

xAurora 10.00 - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution
xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution

PHPWebSite 1.7.1 - 'mod.php' SQL Injection
phpWebSite 1.7.1 - 'mod.php' SQL Injection

Linux/x86 - custom execve-shellcode Encoder/Decoder
Linux/x86 - custom execve-Shellcode Encoder/Decoder

ProFTPd 1.3.5 (mod_copy) - Remote Command Execution
ProFTPd 1.3.5 - (mod_copy) Remote Command Execution

ProFTPD 1.3.5 - Mod_Copy Command Execution
ProFTPd 1.3.5 - 'Mod_Copy' Command Execution

Linux/x86 - Download & Execute shellcode
Linux/x86 - Download & Execute Shellcode
Adobe Flash - Heap-Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec
Adobe Flash - Heap-Based Buffer Overflow Due to Indexing Error When Loading FLV File
Adobe Flash - Heap Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec
Adobe Flash - Heap Based Buffer Overflow Due to Indexing Error When Loading FLV File

Valhala Honeypot 1.8 - Stack-Based Buffer Overflow
Valhala Honeypot 1.8 - Stack Based Buffer Overflow

Microsoft Office 2007 - Malformed Document Stack-Based Buffer Overflow
Microsoft Office 2007 - Malformed Document Stack Based Buffer Overflow

WebKit Cross-Site Scripting Filter - 'Cross-Site ScriptingAuditor.cpp' Security Bypass
WebKit Cross-Site Scripting Filter - ' Cross-Site ScriptingAuditor.cpp' Security Bypass

Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow
Mpxplay Multimedia Commander 2.00a - .m3u Stack Based Buffer Overflow

Linux/x86-64 - /bin/sh shellcode
Linux/x86-64 - /bin/sh Shellcode

Last PassBroker 3.2.16 - Stack-Based Buffer Overflow
Last PassBroker 3.2.16 - Stack Based Buffer Overflow

C2 WebResource - 'File' Parameter Cross-Site Scripting
C2 WebResource - ' File' Parameter Cross-Site Scripting

SmallFTPD - Unspecified Denial of Service
SmallFTPd - Unspecified Denial of Service

VLC 2.2.1 libvlccore - '.mp3'Stack Overflow
VLC 2.2.1 libvlccore - '.mp3' Stack Overflow

FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads
FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap Based Out-of-Bounds Reads

FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read
FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Based Out-of-Bounds Read

FBZX 2.10 - Local Stack-Based Buffer Overflow
FBZX 2.10 - Local Stack Based Buffer Overflow

TACK 1.07 - Local Stack-Based Buffer Overflow
TACK 1.07 - Local Stack Based Buffer Overflow

Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp Multiple Field SQL Injection Authentication Bypass
Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injection Authentication Bypass
Wireshark - iseries_parse_packet Heap-Based Buffer Overflow
Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow
Wireshark - iseries_parse_packet Heap Based Buffer Overflow
Wireshark - dissect_tds7_colmetadata_token Stack Based Buffer Overflow

Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack-Based Buffer Overflow
Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack Based Buffer Overflow
Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack-Based Buffer Overflow
Wireshark - find_signature Stack-Based Out-of-Bounds Read
Wireshark - AirPDcapPacketProcess Stack-Based Buffer Overflow
Wireshark - getRate Stack-Based Out-of-Bounds Read
Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Based Buffer Overflow
Wireshark - find_signature Stack Based Out-of-Bounds Read
Wireshark - AirPDcapPacketProcess Stack Based Buffer Overflow
Wireshark - getRate Stack Based Out-of-Bounds Read

Adobe Flash TextField.variable Setter - Use-After-Free
Adobe Flash TextField.Variable Setter - Use-After-Free
Wireshark infer_pkt_encap - Heap-Based Out-of-Bounds Read
Wireshark AirPDcapDecryptWPABroadcastKey - Heap-Based Out-of-Bounds Read
Wireshark infer_pkt_encap - Heap Based Out-of-Bounds Read
Wireshark AirPDcapDecryptWPABroadcastKey - Heap Based Out-of-Bounds Read

eshtery CMS - 'FileManager.aspx' Local File Disclosure
eshtery CMS - ' FileManager.aspx' Local File Disclosure
pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap-Based Out-of-Bounds Read
pdfium CPDF_TextObject::CalcPositionData - Heap-Based Out-of-Bounds Read
pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read
pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read

pdfium CPDF_Function::Call - Stack-Based Buffer Overflow
pdfium CPDF_Function::Call - Stack Based Buffer Overflow

MySQL 5.5.45 (64bit) - Local Credentials Disclosure
pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read
pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read
Wireshark - iseries_check_file_type Stack-Based Out-of-Bounds Read
Wireshark - dissect_nhdr_extopt Stack-Based Buffer Overflow
pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read
pdfium - opj_j2k_read_mcc (libopenjpeg) Heap Based Out-of-Bounds Read
Wireshark - iseries_check_file_type Stack Based Out-of-Bounds Read
Wireshark - dissect_nhdr_extopt Stack Based Buffer Overflow
Wireshark - nettrace_3gpp_32_423_file_open Stack-Based Out-of-Bounds Read
Wireshark - dissect_ber_constrained_bitstring Heap-Based Out-of-Bounds Read
Wireshark - nettrace_3gpp_32_423_file_open Stack Based Out-of-Bounds Read
Wireshark - dissect_ber_constrained_bitstring Heap Based Out-of-Bounds Read

Tftpd32 and Tftpd64 - Denial Of Service
TFTPD32 and Tftpd64 - Denial Of Service

glibc - getaddrinfo Stack-Based Buffer Overflow
glibc - getaddrinfo Stack Based Buffer Overflow
Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow
libxml2 - xmlDictAddString Heap-Based Buffer Overread
libxml2 - xmlParseEndTag2 Heap-Based Buffer Overread
libxml2 - xmlParserPrintFileContextInternal Heap-Based Buffer Overread
libxml2 - htmlCurrentChar Heap-Based Buffer Overread
Wireshark - vwr_read_s2_s3_W_rec Heap Based Buffer Overflow
libxml2 - xmlDictAddString Heap Based Buffer Overread
libxml2 - xmlParseEndTag2 Heap Based Buffer Overread
libxml2 - xmlParserPrintFileContextInternal Heap Based Buffer Overread
libxml2 - htmlCurrentChar Heap Based Buffer Overread

Kamailio 4.3.4 - Heap-Based Buffer Overflow
Kamailio 4.3.4 - Heap Based Buffer Overflow

Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read
Wireshark - dissect_pktc_rekey Heap Based Out-of-Bounds Read

Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow
Wireshark - dissect_2008_16_security_4 Stack Based Buffer Overflow

TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow
TRN Threaded USENET News Reader 3.6-23 - Local Stack Based Overflow

NRSS Reader 0.3.9 - Local Stack-Based Overflow
NRSS Reader 0.3.9 - Local Stack Based Overflow

Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read
Wireshark - AirPDcapDecryptWPABroadcastKey Heap Based Out-of-Bounds Read

Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)
Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)
Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow
Graphite2 - GlyphCache::Loader Heap-Based Overreads
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread
Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads
Graphite2 - GlyphCache::GlyphCache Heap Based Buffer Overflow
Graphite2 - GlyphCache::Loader Heap Based Overreads
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Based Overread
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Based Overread
Graphite2 - NameTable::getName Multiple Heap Based Out-of-Bounds Reads

Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap-Based Memory Corruption
Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap Based Memory Corruption

Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)
Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)

Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overflow (MS16-097)
Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097)

PHP 5.0.0 - imap_mail() Local Denial of Service
PHP 5.0.0 - 'imap_mail()' Local Denial of Service

PHP 5.0.0 - html_doc_file() Local Denial of Service
PHP 5.0.0 - 'html_doc_file()' Local Denial of Service
 2016-09-06 05:08:08 +00:00
Offensive Security
51bcf38036 DB: 2016-09-05 
1 new exploits

Too many to list!
 2016-09-05 05:09:09 +00:00
Offensive Security
b2749125b0 DB: 2016-09-04 2016-09-04 05:08:08 +00:00
Offensive Security
5e2fc10125 DB: 2016-09-03 2016-09-03 13:13:25 +00:00
Offensive Security
31a21bb68d DB: 2016-09-03 
14 new exploits

Too many to list!
 2016-09-03 05:08:42 +00:00
Offensive Security
f96ddba143 DB: 2016-09-02 
2 new exploits

SAPID Blog beta 2 - (root_path) Remote File Inclusion
SAPID Gallery 1.0 - (root_path) Remote File Inclusion
SAPID Shop 1.2 - (root_path) Remote File Inclusion
SAPID Blog beta 2 - (root_path) Remote File Inclusion
SAPID Gallery 1.0 - (root_path) Remote File Inclusion
SAPID Shop 1.2 - (root_path) Remote File Inclusion

PHPCodeCabinet 0.5 - (Core.php) Remote File Inclusion

phNNTP 1.3 - (article-raw.php) Remote File Inclusion
Cwfm 0.9.1 - (Language) Remote File Inclusion
PHP 4.4.3 / 5.1.4 - (objIndex) Local Buffer Overflow PoC
Cwfm 0.9.1 - (Language) Remote File Inclusion
PHP 4.4.3 / 5.1.4 - (objIndex) Local Buffer Overflow PoC

PgMarket 2.2.3 - (CFG[libdir]) Remote File Inclusion

PHPMyRing 4.2.0 - (view_com.php) SQL Injection

SAPID CMS 1.2.3_rc3 - (rootpath) Remote Code Execution Exploit

phpwcms 1.1-RC4 - (spaw) Remote File Inclusion
Spaminator 1.7 - (page) Remote File Inclusion
Thatware 0.4.6 - (root_path) Remote File Inclusion
Spaminator 1.7 - (page) Remote File Inclusion
Thatware 0.4.6 - (root_path) Remote File Inclusion

phpPrintAnalyzer 1.2 - Remote File Inclusion

Wheatblog 1.1 - (session.php) Remote File Inclusion

phPay 2.02 - (nu_mail.inc.php) Remote mail() Injection Exploit

WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload
WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Disclosure/Arbitrary File Upload

FortiClient SSLVPN 5.4 - Credentials Disclosure
 2016-09-02 05:08:35 +00:00
Offensive Security
3a2154afbd DB: 2016-09-01 
15 new exploits

WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload
PHP 5.0.0 - snmpwalkoid() Local Denial of Service
PHP 5.0.0 - fbird_[p]connect() Local Denial of Service
PHP 5.0.0 - snmpwalk() Local Denial of Service
PHP 5.0.0 - snmprealwalk() Local Denial of Service
PHP 5.0.0 - snmpset() Local Denial of Service
PHP 7.0 - AppendIterator::append Local Denial of Service
ZKTeco ZKTime.Net 3.0.1.6 - Insecure File Permissions Privilege Escalation
ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation
ZKTeco ZKBioSecurity 3.0 - Hardcoded Credentials Remote SYSTEM Code Execution
ZKTeco ZKBioSecurity 3.0 - (Add Superadmin) Cross-Site Request Forgery
ZKTeco ZKBioSecurity 3.0 - Directory Traversal
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass
ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting
PHP 7.0 - JsonSerializable::jsonSerialize json_encode Local Denial of Service
 2016-09-01 05:08:40 +00:00
Offensive Security
1f0c845486 DB: 2016-08-31 
3 new exploits

Too many to list!
 2016-08-31 05:07:37 +00:00
Offensive Security
760d823bc8 DB: 2016-08-30 
18 new exploits

Too many to list!
 2016-08-30 05:08:40 +00:00
Offensive Security
4011b4f053 DB: 2016-08-27 2016-08-27 05:08:40 +00:00
Offensive Security
9be5679994 DB: 2016-08-26 
1 new exploits

Too many to list!
 2016-08-26 05:06:52 +00:00
Offensive Security
8650c53f70 DB: 2016-08-25 2016-08-25 10:41:52 +00:00
Offensive Security
4c43b1da2b DB: 2016-08-25 2016-08-25 05:07:18 +00:00
Offensive Security
6be90e9280 DB: 2016-08-24 
5 new exploits

Too many to list!
 2016-08-24 05:06:46 +00:00
Offensive Security
0be2139745 DB: 2016-08-23 
7 new exploits

Too many to list!
 2016-08-23 05:06:48 +00:00
Offensive Security
a1d85642d6 DB: 2016-08-22 2016-08-22 05:08:19 +00:00
Offensive Security
32bd251480 DB: 2016-08-20 
17 new exploits

Too many to list!
 2016-08-20 05:06:28 +00:00
Offensive Security
ae53a02150 DB: 2016-08-19 
4 new exploits

Too many too list!
 2016-08-19 05:06:41 +00:00
Offensive Security
37ddb2eb21 Merge branch 'g0tmi1k-searchsploit' 2016-08-18 16:07:28 +00:00
g0tmi1k
45ec8a72aa Fix up of bash fu for both OSX & Linux 2016-08-18 16:53:10 +01:00
Offensive Security
5be2377b41 DB: 2016-08-18 
4 new exploits

Apache 2.0.44 (Linux) - Remote Denial of Service Exploit
Apache 2.0.44 (Linux) - Remote Denial of Service

Chindi Server 1.0 - Denial of Service Exploit
Chindi Server 1.0 - Denial of Service

Xeneo Web Server 2.2.9.0 - Denial of Service Exploit
Xeneo Web Server 2.2.9.0 - Denial of Service

Microsoft Windows IIS 5.0 < 5.1 - Remote Denial of Service Exploit
Microsoft Windows IIS 5.0 < 5.1 - Remote Denial of Service
Cisco IOS - IPv4 Packets Denial of Service Exploit
Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service Exploit
Microsoft Windows 2000 - RPC DCOM Interface DoS Exploit
Cisco IOS - (using hping) Remote Denial of Service Exploit
Cisco IOS - IPv4 Packets Denial of Service
Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service
Microsoft Windows 2000 - RPC DCOM Interface Denial of Service
Cisco IOS - (using hping) Remote Denial of Service

Linux Kernel 2.4.20 - decode_fh Denial of Service Exploit
Linux Kernel 2.4.20 - decode_fh Denial of Service

Trillian 0.74 - Remote Denial of Service Exploit
Trillian 0.74 - Remote Denial of Service

Piolet Client 1.05 - Remote Denial of Service Exploit
Piolet Client 1.05 - Remote Denial of Service

Microsoft Windows Messenger Service - Denial of Service Exploit (MS03-043)
Microsoft Windows Messenger Service - Denial of Service (MS03-043)

wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service Exploit
wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service

Eznet 3.5.0 - Remote Stack Overflow / Denial of Service Exploit
Eznet 3.5.0 - Remote Stack Overflow / Denial of Service

Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote DoS Exploit
Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote Denial of Service

Microsoft Windows IIS - SSL Remote Denial of Service Exploit (MS04-011)
Microsoft Windows IIS - SSL Remote Denial of Service (MS04-011)

Microsoft Windows - 'Jolt2.c' Denial of Service Exploit
Microsoft Windows - 'Jolt2.c' Denial of Service

ProFTPD 1.2.0pre10 - Remote Denial of Service Exploit
ProFTPD 1.2.0pre10 - Remote Denial of Service

APC UPS 3.7.2 - (apcupsd) Local Denial of Service Exploit
APC UPS 3.7.2 - (apcupsd) Local Denial of Service

Novell BorderManager Enterprise Edition 3.5 - Denial of Service Exploit
Novell BorderManager Enterprise Edition 3.5 - Denial of Service

Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service Exploit
Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service

Emule 0.42e Remote Denial of Service Exploit
Emule 0.42e Remote Denial of Service

Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local DoS Exploit
Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local Denial of Service

Ping of Death Remote Denial of Service Exploit
Ping of Death Remote Denial of Service

Microsoft Windows NT Crash with an Extra Long Username DoS Exploit
Microsoft Windows NT Crash with an Extra Long Username Denial of Service
TCP SYN - 'bang.c' Denial of Service Exploit
UDP Stress Tester Denial of Service Exploit
TCP SYN - 'bang.c' Denial of Service
UDP Stress Tester Denial of Service

OverByte ICS FTP Server Remote Denial of Service Exploit
OverByte ICS FTP Server Remote Denial of Service

Xitami Web Server Denial of Service Exploit
Xitami Web Server Denial of Service
Microsoft Internet Explorer - Denial of Service Exploit (11 bytes)
Microsoft Windows SMS 2.0 - Denial of Service Exploit
Microsoft Internet Explorer - Denial of Service (11 bytes)
Microsoft Windows SMS 2.0 - Denial of Service

Citadel/UX Remote Denial of Service Exploit (PoC)
Citadel/UX Remote Denial of Service (PoC)

psyBNC 2.3 - Denial of Service Exploit
psyBNC 2.3 - Denial of Service

Microsoft Messenger - Denial of Service Exploit (MS03-043) (Linux)
Microsoft Messenger - Denial of Service (MS03-043) (Linux)

BadBlue 2.52 Web Server - Multiple Connections Denial of Service Exploit
BadBlue 2.52 Web Server - Multiple Connections Denial of Service
Painkiller 1.3.1 - Denial of Service Exploit
Easy File Sharing Webserver 1.25 - Denial of Service Exploit
Painkiller 1.3.1 - Denial of Service
Easy File Sharing Webserver 1.25 - Denial of Service
WFTPD Pro Server 3.21 MLST Remote Denial of Service Exploit
CesarFTP Server Long Command Denial of Service Exploit
Ground Control 1.0.0.7 - (Server/Client) Denial of Service Exploit
WFTPD Pro Server 3.21 MLST Remote Denial of Service
CesarFTP Server Long Command Denial of Service
Ground Control 1.0.0.7 - (Server/Client) Denial of Service

Call of Duty 1.4 - Denial of Service Exploit
Call of Duty 1.4 - Denial of Service

Serv-U < 5.2 - Remote Denial of Service Exploit
Serv-U < 5.2 - Remote Denial of Service

Pigeon Server 3.02.0143 - Denial of Service Exploit
Pigeon Server 3.02.0143 - Denial of Service

Emulive Server4 7560 - Remote Denial of Service Exploit
Emulive Server4 7560 - Remote Denial of Service

PopMessenger 1.60 - Remote Denial of Service Exploit
PopMessenger 1.60 - Remote Denial of Service

MyServer 0.7.1 - (POST) Denial of Service Exploit
MyServer 0.7.1 - (POST) Denial of Service

MSSQL 7.0 - Remote Denial of Service Exploit
MSSQL 7.0 - Remote Denial of Service

Microsoft Windows NNTP Service (XPAT) Denial of Service Exploit (MS04-036)
Microsoft Windows NNTP Service (XPAT) Denial of Service (MS04-036)

Microsoft Windows IIS - WebDAV XML Denial of Service Exploit (MS04-030)
Microsoft Windows IIS - WebDAV XML Denial of Service (MS04-030)

BaSoMail Server 1.24 POP3/SMTP Remote Denial of Service Exploit
BaSoMail Server 1.24 POP3/SMTP Remote Denial of Service

BaSoMail - Multiple Buffer Overflow Denial of Service Exploit
BaSoMail - Multiple Buffer Overflow Denial of Service

Master of Orion III 1.2.5 - Denial of Service Exploit
Master of Orion III 1.2.5 - Denial of Service

Alpha Black Zero 1.04 - Remote Denial of Service Exploit
Alpha Black Zero 1.04 - Remote Denial of Service

Flash Messaging 5.2.0g - Remote Denial of Service Exploit
Flash Messaging 5.2.0g - Remote Denial of Service
WinFTP Server 1.6 - Denial of Service Exploit
Kerio Personal Firewall 4.1.1 - Multiple IP Options DoS Exploit
WinFTP Server 1.6 - Denial of Service
Kerio Personal Firewall 4.1.1 - Multiple IP Options Denial of Service

NetNote Server 2.2 build 230 - Crafted String DoS Exploit
NetNote Server 2.2 build 230 - Crafted String Denial of Service

Secure Network Messenger 1.4.2 - Denial of Service Exploit
Secure Network Messenger 1.4.2 - Denial of Service

Soldier of Fortune II 1.3 Server/Client - Denial of Service Exploit
Soldier of Fortune II 1.3 Server/Client - Denial of Service

Star Wars Battlefront 1.1 - Fake Players Denial of Service Exploit
Star Wars Battlefront 1.1 - Fake Players Denial of Service

3Dmax 6.x backburner Manager 2.2 - Denial of Service Exploit
3Dmax 6.x backburner Manager 2.2 - Denial of Service

Jana Server 2.4.4 - (http/pna) Denial of Service Exploit
Jana Server 2.4.4 - (http/pna) Denial of Service
Neverwinter Nights special Fake Players Denial of Service Exploit
Kreed 1.05 - Format String / Denial of Service Exploit
Neverwinter Nights special Fake Players Denial of Service
Kreed 1.05 - Format String / Denial of Service

Codename Eagle 1.42 - Socket Unreacheable DoS Exploit
Codename Eagle 1.42 - Socket Unreacheable Denial of Service
Linux Kernel 2.4.28 / 2.6.9 - scm_send Local DoS Exploit
Linux Kernel 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit
Linux Kernel 2.4.28 / 2.6.9 - scm_send Local Denial of Service
Linux Kernel 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service

Ricoh Aficio 450/455 PCL 5e Printer ICMP Denial of Service Exploit
Ricoh Aficio 450/455 PCL 5e Printer ICMP Denial of Service

SOLDNER Secret Wars 30830 - Denial of Service Exploit
SOLDNER Secret Wars 30830 - Denial of Service

iWebNegar 1.1 - Configuration Nullification Denial of Service Exploit
iWebNegar 1.1 - Configuration Nullification Denial of Service

Gore 1.50 - Socket Unreacheable Denial of Service Exploit
Gore 1.50 - Socket Unreacheable Denial of Service

TinyWeb 1.9 - Denial of Service Exploit
TinyWeb 1.9 - Denial of Service

ngIRCd 0.8.1 - Remote Denial of Service Exploit (2)
ngIRCd 0.8.1 - Remote Denial of Service (2)

Foxmail 2.0 - (MAIL FROM:) Denial of Service Exploit
Foxmail 2.0 - (MAIL FROM:) Denial of Service

Mac OS X AppleFileServer Remote Denial of Service Exploit
Mac OS X AppleFileServer Remote Denial of Service

webconnect 6.4.4 < 6.5 - Directory Traversal / Denial of Service Exploit
webconnect 6.4.4 < 6.5 - Directory Traversal / Denial of Service
wu-ftpd 2.6.2 - File Globbing Denial of Service Exploit
Knet 1.04c - Buffer Overflow Denial of Service Exploit
wu-ftpd 2.6.2 - File Globbing Denial of Service
Knet 1.04c - Buffer Overflow Denial of Service

Scrapland 1.0 - Server Termination Denial of Service Exploit
Scrapland 1.0 - Server Termination Denial of Service

Apache 2.0.52 - HTTP GET request Denial of Service Exploit
Apache 2.0.52 - HTTP GET request Denial of Service

Microsoft Windows 2003/XP - Remote Denial of Service Exploit
Microsoft Windows 2003/XP - Remote Denial of Service

OpenBSD 2.0 - 3.6 TCP TIMESTAMP Remote Denial of Service Exploit
OpenBSD 2.0 - 3.6 TCP TIMESTAMP Remote Denial of Service

Freeciv Server 2.0.0beta8 - Denial of Service Exploit
Freeciv Server 2.0.0beta8 - Denial of Service
PlatinumFTP 1.0.18 - Multiple Remote Denial of Service Exploit
MailEnable 1.8 - Remote Format String Denial of Service Exploit
phpDEV5 - System-Call Local Denial of Service Exploit
PlatinumFTP 1.0.18 - Multiple Remote Denial of Service
MailEnable 1.8 - Remote Format String Denial of Service
phpDEV5 - System-Call Local Denial of Service

MCPWS Personal WebServer 1.3.21 - Denial of Service Exploit
MCPWS Personal WebServer 1.3.21 - Denial of Service

Ocean FTP Server 1.00 - Denial of Service Exploit
Ocean FTP Server 1.00 - Denial of Service

SPECTral Personal SMTP Server 0.4.2 - Denial of Service Exploit
SPECTral Personal SMTP Server 0.4.2 - Denial of Service

Linux Kernel 2.6.10 - Local Denial of Service Exploit
Linux Kernel 2.6.10 - Local Denial of Service

ArGoSoft FTP Server 1.4.2.8 - Denial of Service Exploit
ArGoSoft FTP Server 1.4.2.8 - Denial of Service

Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service Exploit
Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service

MailEnable Enterprise 1.x - SMTP Remote Denial of Service Exploit
MailEnable Enterprise 1.x - SMTP Remote Denial of Service
Yager 5.24 - Multiple Denial of Service Exploit
Microsoft Windows - Malformed IP Options DoS Exploit (MS05-019)
Yager 5.24 - Multiple Denial of Service
Microsoft Windows - Malformed IP Options Denial of Service (MS05-019)

PostgreSQL 8.01 - Remote Reboot Denial of Service Exploit
PostgreSQL 8.01 - Remote Reboot Denial of Service

Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages DoS Exploit
Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service
Ethereal 0.10.10 / tcpdump 3.9.1 - (rsvp_print) Infinite Loop Denial of Service Exploit
Tcpdump 3.8.x - (ldp_print) Infinite Loop Denial of Service Exploit
Tcpdump 3.8.x - (rt_routing_info) Infinite Loop Denial of Service Exploit
Tcpdump 3.8.x/3.9.1 - (isis_print) Infinite Loop DoS Exploit
Ethereal 0.10.10 / tcpdump 3.9.1 - (rsvp_print) Infinite Loop Denial of Service
Tcpdump 3.8.x - (ldp_print) Infinite Loop Denial of Service
Tcpdump 3.8.x - (rt_routing_info) Infinite Loop Denial of Service
Tcpdump 3.8.x/3.9.1 - (isis_print) Infinite Loop Denial of Service

Ashley's Web Server Denial of Service Exploit
Ashley's Web Server Denial of Service
DataTrac Activity Console Denial of Service Exploit
Ethereal 0.10.10 - (dissect_ipc_state) Remote Denial of Service Exploit
DataTrac Activity Console Denial of Service
Ethereal 0.10.10 - (dissect_ipc_state) Remote Denial of Service

Remote File Manager 1.0 - Denial of Service Exploit
Remote File Manager 1.0 - Denial of Service

Linux Kernel 2.6.12-rc4 - (ioctl_by_bdev) Local Denial of Service Exploit
Linux Kernel 2.6.12-rc4 - (ioctl_by_bdev) Local Denial of Service

Microsoft Windows 2003/XP - IPv6 Remote Denial of Service Exploit
Microsoft Windows 2003/XP - IPv6 Remote Denial of Service

TCP TIMESTAMPS Denial of Service Exploit
TCP TIMESTAMPS Denial of Service

FutureSoft TFTP Server 2000 - Remote Denial of Service Exploit
FutureSoft TFTP Server 2000 - Remote Denial of Service

Tcpdump bgp_update_print Remote Denial of Service Exploit
Tcpdump bgp_update_print Remote Denial of Service

TCP-IP Datalook 1.3 - Local Denial of Service Exploit
TCP-IP Datalook 1.3 - Local Denial of Service

UBB Threads < 6.5.2 Beta (mailthread.php) SQL Injection Exploit
UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection Exploit

TCP Chat (TCPX) 1.0 - Denial of Service Exploit
TCP Chat (TCPX) 1.0 - Denial of Service
PrivaShare 1.3 - Denial of Service Exploit
AnalogX SimpleServer:WWW 1.05 - Denial of Service Exploit
PrivaShare 1.3 - Denial of Service
AnalogX SimpleServer:WWW 1.05 - Denial of Service
Remote File Explorer 1.0 - Denial of Service Exploit
wMailServer 1.0 - Remote Denial of Service Exploit
Remote File Explorer 1.0 - Denial of Service
wMailServer 1.0 - Remote Denial of Service
Microsoft Windows Netman Service Local Denial of Service Exploit
NetPanzer 0.8 - Remote Denial of Service Exploit
Microsoft Windows Netman Service Local Denial of Service
NetPanzer 0.8 - Remote Denial of Service

Remote Control Server 1.6.2 - Denial of Service Exploit
Remote Control Server 1.6.2 - Denial of Service

DzSoft PHP Editor 3.1.2.8 - Denial of Service Exploit
DzSoft PHP Editor 3.1.2.8 - Denial of Service

Intruder Client 1.00 - Remote Command Execution & DoS Exploit
Intruder Client 1.00 - Remote Command Execution & Denial of Service

FTPshell Server 3.38 - Remote Denial of Service Exploit
FTPshell Server 3.38 - Remote Denial of Service

BusinessMail Server 4.60.00 - Remote Denial of Service Exploit
BusinessMail Server 4.60.00 - Remote Denial of Service

Quick 'n EasY 3.0 FTP Server Remote Denial of Service Exploit
Quick 'n EasY 3.0 FTP Server Remote Denial of Service

Acunetix HTTP Sniffer - Denial of Service Exploit
Acunetix HTTP Sniffer - Denial of Service

Microsoft Windows XP SP2 - (rdpwd.sys) Remote Kernel DoS Exploit
Microsoft Windows XP SP2 - (rdpwd.sys) Remote Kernel Denial of Service

Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit
Grandstream Budge Tone 101/102 VOIP Phone Denial of Service
Chris Moneymakers World Poker Championship 1.0 DoS Exploit
GTChat 0.95 Alpha - Remote Denial of Service Exploit
Chris Moneymakers World Poker Championship 1.0 Denial of Service
GTChat 0.95 Alpha - Remote Denial of Service
GoodTech SMTP Server 5.14 - Denial of Service Exploit
IA eMailServer Corporate Edition 5.2.2 - DoS Exploit
GoodTech SMTP Server 5.14 - Denial of Service
IA eMailServer Corporate Edition 5.2.2 - Denial of Service
GTChat 0.95 Alpha - (adduser) Remote Denial of Service Exploit
Ventrilo 2.3.0 - Remote Denial of Service Exploit (all platforms)
GTChat 0.95 Alpha - (adduser) Remote Denial of Service
Ventrilo 2.3.0 - Remote Denial of Service (all platforms)

Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/DoS Exploit
Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/Denial of Service

P2P Pro 1.0 - (command) Denial of Service Exploit
P2P Pro 1.0 - (command) Denial of Service

CUPS Server 1.1 - (Get Request) Denial of Service Exploit
CUPS Server 1.1 - (Get Request) Denial of Service

BNBT BitTorrent EasyTracker 7.7r3 - Denial of Service Exploit
BNBT BitTorrent EasyTracker 7.7r3 - Denial of Service
COOL! Remote Control 1.12 - Remote Denial of Service Exploit
Snort 2.4.0 SACK TCP Option Error Handling Denial of Service Exploit
COOL! Remote Control 1.12 - Remote Denial of Service
Snort 2.4.0 SACK TCP Option Error Handling Denial of Service

Stoney FTPd Denial of Service Exploit (rxBot mods ftpd)
Stoney FTPd Denial of Service (rxBot mods ftpd)

Fastream NETFile Web Server 7.1.2 - (HEAD) DoS Exploit
Fastream NETFile Web Server 7.1.2 - (HEAD) Denial of Service

MCCS (Multi-Computer Control Systems) Command DoS Exploit
MCCS (Multi-Computer Control Systems) Command Denial of Service

Mozilla Firefox 1.0.7 - Integer Overflow Denial of Service Exploit
Mozilla Firefox 1.0.7 - Integer Overflow Denial of Service

Virtools Web Player 3.0.0.100 - Buffer Overflow DoS Exploit
Virtools Web Player 3.0.0.100 - Buffer Overflow Denial of Service

RBExplorer 1.0 - (Hijacking Command) Denial of Service Exploit
RBExplorer 1.0 - (Hijacking Command) Denial of Service
Mozilla (Firefox 1.0.7) (Thunderbird 1.0.6) Denial of Service Exploit
Opera 8.02 - Remote Denial of Service Exploit (1)
Opera 8.02 - Remote Denial of Service Exploit (2)
Mozilla (Firefox 1.0.7) (Thunderbird 1.0.6) Denial of Service
Opera 8.02 - Remote Denial of Service (1)
Opera 8.02 - Remote Denial of Service (2)

Mozilla (Firefox 1.0.7) (Mozilla 1.7.12) Denial of Service Exploit
Mozilla (Firefox 1.0.7) (Mozilla 1.7.12) Denial of Service

Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047)
Microsoft Windows Plug-and-Play (Umpnpmgr.dll) Denial of Service (MS05-047)

Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2)
Microsoft Windows Plug-and-Play (Umpnpmgr.dll) Denial of Service (MS05-047) (2)

Microsoft Internet Explorer 6.0 - (mshtmled.dll) Denial of Service Exploit
Microsoft Internet Explorer 6.0 - (mshtmled.dll) Denial of Service
Battle Carry .005 Socket Termination Denial of Service Exploit
Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service Exploit
FlatFrag 0.3 - Buffer Overflow / Denial of Service Exploit
Battle Carry .005 Socket Termination Denial of Service
Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service
FlatFrag 0.3 - Buffer Overflow / Denial of Service

Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak DoS Exploit
Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak Denial of Service

Macromedia Flash Plugin 7.0.19.0 - (Action) Denial of Service Exploit
Macromedia Flash Plugin 7.0.19.0 - (Action) Denial of Service
Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service Exploit
FreeFTPD 1.0.10 - (PORT Command) Denial of Service Exploit
Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service
FreeFTPD 1.0.10 - (PORT Command) Denial of Service
Microsoft Windows Metafile (gdi32.dll) Denial of Service Exploit (MS05-053)
Xaraya 1.0.0 RC4 - create() Denial of Service Exploit
Microsoft Windows Metafile - (mtNoObjects) Denial of Service Exploit (MS05-053)
Microsoft Windows Metafile (gdi32.dll) Denial of Service (MS05-053)
Xaraya 1.0.0 RC4 - create() Denial of Service
Microsoft Windows Metafile - (mtNoObjects) Denial of Service (MS05-053)

SugarSuite Open Source 4.0beta Remote Code Execution Exploit
SugarSuite Open Source 4.0beta - Remote Code Execution Exploit

Macromedia Flash Media Server 2 - Remote Denial of Service Exploit
Macromedia Flash Media Server 2 - Remote Denial of Service
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (Perl)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service
Microsoft Windows IIS - Malformed HTTP Request Denial of Service (Perl)

BZFlag 2.0.4 - (undelimited string) Denial of Service Exploit
BZFlag 2.0.4 - (undelimited string) Denial of Service

Microsoft Internet Explorer 6.0 - (mshtml.dll div) Denial of Service Exploit
Microsoft Internet Explorer 6.0 - (mshtml.dll div) Denial of Service

Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (cpp)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service (cpp)

BlueCoat WinProxy 6.0 R1c (GET Request) Denial of Service Exploit
BlueCoat WinProxy 6.0 R1c (GET Request) Denial of Service

Cisco IP Phone 7940 - (Reboot) Denial of Service Exploit
Cisco IP Phone 7940 - (Reboot) Denial of Service

Cerberus FTP Server 2.32 - Denial of Service Exploit
Cerberus FTP Server 2.32 - Denial of Service

Arescom NetDSL-1000 - (telnetd) Remote Denial of Service Exploit
Arescom NetDSL-1000 - (telnetd) Remote Denial of Service

Sony/Ericsson Bluetooth (Reset Display) Denial of Service Exploit
Sony/Ericsson Bluetooth (Reset Display) Denial of Service

Half-Life CSTRIKE Server 1.6 (Non Steam) - Denial of Service Exploit
Half-Life CSTRIKE Server 1.6 (Non Steam) - Denial of Service

Invision Power Board 2.1.4 - (Register Users) Denial of Service Exploit
Invision Power Board 2.1.4 - (Register Users) Denial of Service

D-Link Wireless Access Point (Fragmented UDP) DoS Exploit
D-Link Wireless Access Point (Fragmented UDP) Denial of Service

PunBB 2.0.10 - (Register Multiple Users) Denial of Service Exploit
PunBB 2.0.10 - (Register Multiple Users) Denial of Service

Lansuite 2.1.0 Beta (fid) SQL Injection Exploit
Lansuite 2.1.0 Beta - (fid) SQL Injection Exploit

FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service Exploit
FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service

LieroX 0.62b Remote Server/Client Denial of Service Exploit
LieroX 0.62b Remote Server/Client Denial of Service

Guppy 4.5.11 - (Delete Databases) Remote Denial of Service Exploit
Guppy 4.5.11 - (Delete Databases) Remote Denial of Service

Mercur Mailserver 5.0 SP3 - (IMAP) Denial of Service Exploit
Mercur Mailserver 5.0 SP3 - (IMAP) Denial of Service

Microsoft Windows 2003/XP - (IGMP v3) Denial of Service Exploit (MS06-007)
Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007)

Microsoft Windows 2003/XP - (IGMP v3) Denial of Service Exploit (MS06-007) (2)
Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2)
Vavoom 1.19.1 - Multiple Vulnerabilities/Denial of Service Exploit
csDoom 0.7 - Multiple Vulnerabilities/Denial of Service Exploit
Vavoom 1.19.1 - Multiple Vulnerabilities/Denial of Service
csDoom 0.7 - Multiple Vulnerabilities/Denial of Service

Plogger Beta 2.1 Administrative Credentials Disclosure Exploit
Plogger Beta 2.1 - Administrative Credentials Disclosure Exploit

Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service Exploit
Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service

Neon Responder 5.4 - (Clock Synchronization) Denial of Service Exploit
Neon Responder 5.4 - (Clock Synchronization) Denial of Service

Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure / Denial of Service Exploit
Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure / Denial of Service

OCE 3121/3122 Printer (parser.exe) Denial of Service Exploit
OCE 3121/3122 Printer (parser.exe) Denial of Service

phpMyAgenda 3.0 Final - (rootagenda) Remote Include
phpMyAgenda 3.0 Final - (rootagenda) Remote File Inclusion
Empire 4.3.2 - (strncat) Denial of Service Exploit
Genecys 0.2 - (BoF/NULL pointer) Denial of Service Exploit
Empire 4.3.2 - (strncat) Denial of Service
Genecys 0.2 - (BoF/NULL pointer) Denial of Service

GNUnet 0.7.0d - (Empty UDP Packet) Remote Denial of Service Exploit
GNUnet 0.7.0d - (Empty UDP Packet) Remote Denial of Service
Mozilla Firefox 1.5.0.3 - (Loop) Denial of Service Exploit
phpBazar 2.1.0 - Remote File Include / Auth Bypass
Mozilla Firefox 1.5.0.3 - (Loop) Denial of Service
phpBazar 2.1.0 - Remote File Inclusion / Auth Bypass

portmap 5 beta (Set/Dump) Local Denial of Service Exploit
portmap 5 beta - (Set/Dump) Local Denial of Service

Back-End CMS 0.7.2.2 - (BE_config.php) Remote Include
Back-End CMS 0.7.2.2 - (BE_config.php) Remote File Inclusion

tinyBB 0.3 - Remote File Include / SQL Injection
tinyBB 0.3 -Remote File Inclusion / SQL Injection

F@cile Interactive Web 0.8x - Remote File Include / XSS
F@cile Interactive Web 0.8x - Remote File Inclusion / XSS

PHP-Nuke 7.9 Final (phpbb_root_path) Remote File Inclusions
PHP-Nuke 7.9 Final - (phpbb_root_path) Remote File Inclusions

LifeType 1.0.4 - Multiple Vulnerabilities
LifeType 1.0.4 - SQL Injection

Back-End CMS 0.7.2.1 - (jpcache.php) Remote Include
Back-End CMS 0.7.2.1 - (jpcache.php) Remote File Inclusion

Opera Web Browser 9.00 - (iframe) Remote Denial of Service Exploit
Opera Web Browser 9.00 - (iframe) Remote Denial of Service

ImgSvr 0.6.5 - (long http post) Denial of Service Exploit
ImgSvr 0.6.5 - (long http post) Denial of Service
SimpleBoard Mambo Component 1.1.0 - Remote Include
com_forum Mambo Component 1.2.4RC3 - Remote Include
SimpleBoard Mambo Component 1.1.0 - Remote File Inclusion
com_forum Mambo Component 1.2.4RC3 - Remote File Inclusion

com_videodb Mambo Component 0.3en Remote Include
com_videodb Mambo Component 0.3en Remote File Inclusion
HTMLArea3 Mambo Module 1.5 - Remote Include
Sitemap Mambo Component 2.0.0 - Remote Include
pollxt Mambo Component 1.22.07 - Remote Include
HTMLArea3 Mambo Module 1.5 - Remote File Inclusion
Sitemap Mambo Component 2.0.0 - Remote File Inclusion
pollxt Mambo Component 1.22.07 - Remote File Inclusion

D-Link Router UPNP Stack Overflow Denial of Service Exploit (PoC)
D-Link Router UPNP Stack Overflow Denial of Service (PoC)
MoSpray Mambo Component 18RC1 - Remote Include
ArticlesOne 07232006 - (page) Remote Include
Mam-Moodle Mambo Component alpha Remote Inclusion
MoSpray Mambo Component 18RC1 - Remote File Inclusion
ArticlesOne 07232006 - (page) Remote File Inclusion
Mam-Moodle Mambo Component alpha - Remote Inclusion

Mambo User Home Pages Component 0.5 - Remote Include
Mambo User Home Pages Component 0.5 - Remote File Inclusion

Joomla LMO Component 1.0b2 - Remote Include
Joomla LMO Component 1.0b2 - Remote File Inclusion
SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote Include
XChat 2.6.7 - (Windows) Remote Denial of Service Exploit (PHP)
Joomla JD-Wiki Component 1.0.2 - Remote Include
SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote File Inclusion
XChat 2.6.7 - (Windows) Remote Denial of Service (PHP)
Joomla JD-Wiki Component 1.0.2 - Remote File Inclusion

phpCC 4.2 beta (base_dir) Remote File Inclusion
phpCC 4.2 beta - (base_dir) Remote File Inclusion

Visual Events Calendar 1.1 - (cfg_dir) Remote Include
Visual Events Calendar 1.1 - (cfg_dir) Remote File Inclusion

XChat 2.6.7 - (Windows) Remote Denial of Service Exploit (Perl)
XChat 2.6.7 - (Windows) Remote Denial of Service (Perl)
See-Commerce 1.0.625 - (owimg.php3) Remote Include
PocketPC Mms Composer (WAPPush) Denial of Service Exploit
See-Commerce 1.0.625 - (owimg.php3) Remote File Inclusion
PocketPC Mms Composer (WAPPush) Denial of Service

Mambo Remository Component 3.25 - Remote Include
Mambo Remository Component 3.25 - Remote File Inclusion

Joomla Webring Component 1.0 - Remote Include
Joomla Webring Component 1.0 - Remote File Inclusion
Opera 9 - IRC Client Remote Denial of Service Exploit
Opera 9 IRC Client - Remote Denial of Service Exploit (Python)
Opera 9 - IRC Client Remote Denial of Service
Opera 9 IRC Client - Remote Denial of Service (Python)

Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC
Microsoft Windows PNG File IHDR Block Denial of Service PoC

Mambo CopperminePhotoGalery Component Remote Include
Mambo CopperminePhotoGalery Component Remote File Inclusion

WTcom 0.2.4-alpha (torrents.php) SQL Injection
WTcom 0.2.4-alpha - (torrents.php) SQL Injection

Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (1)
Microsoft Windows - PNG File IHDR Block Denial of Service PoC (1)
Joomla Artlinks Component 1.0b4 - Remote Include
Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (2)
PHlyMail Lite 3.4.4 - (mod.listmail.php) Remote Include
Joomla Artlinks Component 1.0b4 - Remote File Inclusion
Microsoft Windows - PNG File IHDR Block Denial of Service PoC (2)
PHlyMail Lite 3.4.4 - (mod.listmail.php) Remote File Inclusion
Mambo MamboWiki Component 0.9.6 - Remote Include
Joomla Link Directory Component 1.0.3 - Remote Include
Mambo MamboWiki Component 0.9.6 - Remote File Inclusion
Joomla Link Directory Component 1.0.3 - Remote File Inclusion

PHlyMail Lite 3.4.4 - (folderprops.php) Remote Include (2)
PHlyMail Lite 3.4.4 - (folderprops.php) Remote File Inclusion (2)

Mozilla Firefox 1.5.0.6 - (FTP Request) Remote Denial of Service Exploit
Mozilla Firefox 1.5.0.6 - (FTP Request) Remote Denial of Service

2Wire Modems/Routers CRLF - Denial of Service Exploit
2Wire Modems/Routers CRLF - Denial of Service
Integramod Portal 2.x - (functions_portal.php) Remote Include Exploit
VistaBB 2.x - (functions_mod_user.php) Remote Include Exploit
Integramod Portal 2.x - (functions_portal.php) Remote File Inclusion Exploit
VistaBB 2.x - (functions_mod_user.php) Remote File Inclusion Exploit

phpCOIN 1.2.3 - (session_set.php) Remote Include
phpCOIN 1.2.3 - (session_set.php) Remote File Inclusion

Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote Include
Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote File Inclusion

PortailPHP mod_phpalbum 2.1.5 - (chemin) Remote Include
PortailPHP mod_phpalbum 2.1.5 - (chemin) Remote File Inclusion

Web Server Creator 0.1 - (l) Remote Include
Web Server Creator 0.1 - (l) Remote File Inclusion

Multithreaded TFTP 1.1 - (Long Get Request) Denial of Service Exploit
Multithreaded TFTP 1.1 - (Long Get Request) Denial of Service
mcGalleryPRO 2006 - (path_to_folder) Remote Include
MiniPort@l 0.1.5 beta (skiny) Remote File Inclusion
OPENi-CMS 1.0.1beta (config) Remote File Inclusion
mcGalleryPRO 2006 - (path_to_folder) Remote File Inclusion
MiniPort@l 0.1.5 beta - (skiny) Remote File Inclusion
OPENi-CMS 1.0.1beta - (config) Remote File Inclusion

Microsoft Internet Explorer (VML) Remote Denial of Service Exploit PoC
Microsoft Internet Explorer (VML) Remote Denial of Service PoC

OpenSSH 4.3 p1 - (Duplicated Block) Remote Denial of Service Exploit
OpenSSH 4.3 p1 - (Duplicated Block) Remote Denial of Service

VAMP Webmail 2.0beta1 - (yesno.phtml) Remote Include
VAMP Webmail 2.0beta1 - (yesno.phtml) Remote File Inclusion

TribunaLibre 3.12 Beta (ftag.php) Remote File Inclusion
TribunaLibre 3.12 Beta - (ftag.php) Remote File Inclusion

FreeBSD 5.4 / 6.0 - (ptrace PT_LWPINFO) Local Denial of Service Exploit
FreeBSD 5.4 / 6.0 - (ptrace PT_LWPINFO) Local Denial of Service
FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service Exploit
FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service Exploit
FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service
FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service

phpBB News Defilante Horizontale 4.1.1 - Remote Include Exploit
phpBB News Defilante Horizontale 4.1.1 - Remote File Inclusion Exploit

NuralStorm Webmail 0.98b (process.php) Remote Include
NuralStorm Webmail 0.98b (process.php) Remote File Inclusion

DigitalHive 2.0 RC2 - (base_include.php) Remote Include
DigitalHive 2.0 RC2 - (base_include.php) Remote File Inclusion
Xfire 1.6.4 - Remote Denial of Service Exploit (Perl)
Osprey 1.0 GetRecord.php Remote File Inclusion
Xfire 1.6.4 - Remote Denial of Service (Perl)
Osprey 1.0 - GetRecord.php Remote File Inclusion

MambWeather Mambo Module 1.8.1 - Remote Include
MambWeather Mambo Module 1.8.1 - Remote File Inclusion

QK SMTP 3.01 - (RCPT TO) Remote Denial of Service Exploit
QK SMTP 3.01 - (RCPT TO) Remote Denial of Service

FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service Exploit
FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service

RevilloC MailServer 1.x - (RCPT TO) Remote Denial of Service Exploit
RevilloC MailServer 1.x - (RCPT TO) Remote Denial of Service

PHPMyDesk 1.0beta (viewticket.php) Local File Inclusion Exploit
PHPMyDesk 1.0 beta - (viewticket.php) Local File Inclusion Exploit

Microsoft Windows NAT Helper Components (ipnathlp.dll) Remote DoS Exploit
Microsoft Windows NAT Helper Components (ipnathlp.dll) Remote Denial of Service

Microsoft Windows NAT Helper Components Remote DoS Exploit (perl)
Microsoft Windows NAT Helper Components Remote Denial of Service (perl)

GEPI 1.4.0 gestion/savebackup.php Remote File Inclusion
GEPI 1.4.0 - gestion/savebackup.php Remote File Inclusion

Mozilla Firefox 1.5.0.7/2.0 - (createRange) Remote DoS Exploit
Mozilla Firefox 1.5.0.7/2.0 - (createRange) Remote Denial of Service

Drake CMS < 0.2.3 ALPHA rev.916Remote File Inclusion
Drake CMS < 0.2.3 ALPHA rev.916 - Remote File Inclusion
XM Easy Personal FTP Server 5.2.1 - Remote Denial of Service Exploit
Essentia Web Server 2.15 - (GET Request) Remote DoS Exploit
XM Easy Personal FTP Server 5.2.1 - Remote Denial of Service
Essentia Web Server 2.15 - (GET Request) Remote Denial of Service

OpenLDAP 2.2.29 - Remote Denial of Service Exploit (Metasploit)
OpenLDAP 2.2.29 - Remote Denial of Service (Metasploit)

WarFTPd 1.82.00-RC11 - Remote Denial of Service Exploit
WarFTPd 1.82.00-RC11 - Remote Denial of Service

WORK System E-Commerce 3.0.1 - Remote Include
WORK System E-Commerce 3.0.1 - Remote File Inclusion

CMSmelborp Beta (user_standard.php) Remote File Inclusion Exploit
CMSmelborp Beta - (user_standard.php) Remote File Inclusion Exploit

phpPeanuts 1.3 Beta (Inspect.php) Remote File Inclusion
phpPeanuts 1.3 Beta - (Inspect.php) Remote File Inclusion

UniversalFTP 1.0.50 - (MKD) Remote Denial of Service Exploit
UniversalFTP 1.0.50 - (MKD) Remote Denial of Service

Microsoft Windows spoolss GetPrinterData() Remote DoS Exploit (0Day)
Microsoft Windows spoolss GetPrinterData() Remote Denial of Service (0Day)

awrate.com Message Board 1.0 - (search.php) Remote Include
awrate.com Message Board 1.0 - (search.php) Remote File Inclusion

F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit
F-Prot Antivirus 4.6.6 - (ACE) Denial of Service

Filezilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service Exploit
Filezilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service
Filezilla FTP Server 0.9.21 - (LIST/NLST) Denial of Service Exploit
D-Link DWL-2000AP 2.11 - (ARP Flood) Remote Denial of Service Exploit
Filezilla FTP Server 0.9.21 - (LIST/NLST) Denial of Service
D-Link DWL-2000AP 2.11 - (ARP Flood) Remote Denial of Service

Crob FTP Server 3.6.1 build 263 - (LIST/NLST) Denial of Service Exploit
Crob FTP Server 3.6.1 build 263 - (LIST/NLST) Denial of Service
Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service Exploit
Windows Media Player 9/10 - (.MID) Denial of Service Exploit
Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service
Windows Media Player 9/10 - (.MID) Denial of Service

Star FTP Server 1.10 - (RETR) Remote Denial of Service Exploit
Star FTP Server 1.10 - (RETR) Remote Denial of Service
Microsoft Office Outlook Recipient Control (ole32.dll) Denial of Service Exploit
wget 1.10.2 - (Unchecked Boundary Condition) Denial of Service Exploit
Microsoft Office Outlook Recipient Control (ole32.dll) Denial of Service
wget 1.10.2 - (Unchecked Boundary Condition) Denial of Service

WinFtp Server 2.0.2 - (PASV) Remote Denial of Service Exploit
WinFtp Server 2.0.2 - (PASV) Remote Denial of Service

RealPlayer 10.5 - (ActiveX Control) Denial of Service Exploit
RealPlayer 10.5 - (ActiveX Control) Denial of Service

DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service Exploit
DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service

inertianews 0.02b (inertianews_main.php) Remote Include
inertianews 0.02b (inertianews_main.php) Remote File Inclusion

XM Easy Personal FTP Server 5.2.1 - (USER) Format String DoS Exploit
XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service

acFTP FTP Server 1.5 - (REST/PBSZ) Remote Denial of Service Exploit
acFTP FTP Server 1.5 - (REST/PBSZ) Remote Denial of Service

Microsoft Windows NetrWkstaUserEnum() Remote DoS Exploit (0Day)
Microsoft Windows NetrWkstaUserEnum() Remote Denial of Service (0Day)

RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service Exploit
RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service

Durian Web Application Server 3.02 - Denial of Service Exploit
Durian Web Application Server 3.02 - Denial of Service

Formbankserver 1.9 - (Name) Remote Denial of Service Exploit
Formbankserver 1.9 - (Name) Remote Denial of Service

Microsoft Windows - Explorer (WMF) CreateBrushIndirect DoS Exploit
Microsoft Windows - Explorer (WMF) CreateBrushIndirect Denial of Service

VLC Media Player 0.8.6a Unspecified Denial of Service Exploit
VLC Media Player 0.8.6a Unspecified Denial of Service

WFTPD Pro Server 3.25 SITE ADMN Remote Denial of Service Exploit
WFTPD Pro Server 3.25 SITE ADMN Remote Denial of Service
Twilight Webserver 1.3.3.0 - (GET) Remote Denial of Service Exploit
Colloquy 2.1.3545 - (INVITE) Format String Denial of Service Exploit
Twilight Webserver 1.3.3.0 - (GET) Remote Denial of Service
Colloquy 2.1.3545 - (INVITE) Format String Denial of Service

CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service Exploit
CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service

Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) DoS Exploit
Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service

Microsoft Windows - Explorer (AVI) Unspecified Denial of Service Exploit
Microsoft Windows - Explorer (AVI) Unspecified Denial of Service

Apple CFNetwork - HTTP Response Denial of Service Exploit (Ruby)
Apple CFNetwork - HTTP Response Denial of Service (Ruby)

CVSTrac 2.0.0 - Post-Attack Database Resurrection DoS Exploit
CVSTrac 2.0.0 - Post-Attack Database Resurrection Denial of Service
Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service Exploit
phpBB2 MODificat 0.2.0 - (functions.php) Remote Include
Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service
phpBB2 MODificat 0.2.0 - (functions.php) Remote File Inclusion

CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server DoS Exploit
CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server Denial of Service

Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service Exploit
Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service
FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow DoS Exploit
SmartFTP Client 2.0.1002 - Remote Heap Overflow DoS Exploit
FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow Denial of Service
SmartFTP Client 2.0.1002 - Remote Heap Overflow Denial of Service
Axigen 2.0.0b1 - Remote Denial of Service Exploit
Axigen 2.0.0b1 - Remote Denial of Service Exploit (2)
Axigen 2.0.0b1 - Remote Denial of Service
Axigen 2.0.0b1 - Remote Denial of Service (2)

phpCC 4.2 beta (nickpage.php npid) SQL Injection Exploit
phpCC 4.2 beta - (nickpage.php npid) SQL Injection Exploit

MiniWebsvr 0.0.6 - Remote Resource Consumption DoS Exploit
MiniWebsvr 0.0.6 - Remote Resource Consumption Denial of Service

MailEnable Professional/Enterprise 2.35 Out of Bounds DoS Exploit
MailEnable Professional/Enterprise 2.35 Out of Bounds Denial of Service

MailEnable Professional/Enterprise 2.37 - Denial of Service Exploit
MailEnable Professional/Enterprise 2.37 - Denial of Service

TurboFTP 5.30 Build 572 - (newline/LIST) Multiple Remote DoS Exploit
TurboFTP 5.30 Build 572 - (newline/LIST) Multiple Remote Denial of Service
PHP-Nuke 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
PHP-Nuke 8.0 Final (INSERT) SQL Injection Exploit
PHP-Nuke 8.0 Final (HTTP Referers) SQL Injection Exploit
FTP Explorer 1.0.1 Build 047 - (CPU consumption) Remote DoS Exploit
PHP-Nuke 8.0 Final - (INSERT) Blind SQL Injection Exploit (mysql)
PHP-Nuke 8.0 Final - (INSERT) SQL Injection Exploit
PHP-Nuke 8.0 Final - (HTTP Referers) SQL Injection Exploit
FTP Explorer 1.0.1 Build 047 - (CPU consumption) Remote Denial of Service

BrowseDialog Class - (ccrpbds6.dll) Multiple Methods DoS Exploit
BrowseDialog Class - (ccrpbds6.dll) Multiple Methods Denial of Service

Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit
Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow Denial of Service

XM Easy Personal FTP Server 5.30 - (ABOR) Format String DoS Exploit
XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service

DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service Exploit
DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service

Asterisk 1.2.15 / 1.4.0 - pre-auth Remote Denial of Service Exploit
Asterisk 1.2.15 / 1.4.0 - pre-auth Remote Denial of Service

Konqueror 3.5.5 - (JavaScript Read of FTP Iframe) DoS Exploit
Konqueror 3.5.5 - (JavaScript Read of FTP Iframe) Denial of Service

Microsoft Windows - (.doc) Malformed Pointers Denial of Service Exploit
Microsoft Windows - (.doc) Malformed Pointers Denial of Service
TFTPDWIN Server 0.4.2 - (UDP) Denial of Service Exploit
Rediff Toolbar ActiveX Control Remote Denial of Service Exploit
Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote DoS Exploit
TFTPDWIN Server 0.4.2 - (UDP) Denial of Service
Rediff Toolbar ActiveX Control Remote Denial of Service
Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote Denial of Service

Microsoft Internet Explorer - (FTP Server Response) DoS Exploit (MS07-016)
Microsoft Internet Explorer - (FTP Server Response) Denial of Service (MS07-016)

TFTP Server 1.3 - Remote Buffer Overflow Denial of Service Exploit
TFTP Server 1.3 - Remote Buffer Overflow Denial of Service

MetaForum 0.513 Beta Remote File Upload Exploit
MetaForum 0.513 Beta - Remote File Upload Exploit
Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service Exploit
Mercur IMAPD 5.00.14 - Remote Denial of Service Exploit (Win32)
Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service
Mercur IMAPD 5.00.14 - Remote Denial of Service (Win32)

Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit
Grandstream Budge Tone-200 IP Phone (Digest domain) Denial of Service

0irc-client 1345 build20060823 - Denial of Service Exploit
0irc-client 1345 build20060823 - Denial of Service

Asterisk 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service Exploit
Asterisk 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service
sBLOG 0.7.3 Beta (inc/lang.php) Local File Inclusion Exploit
IBM Lotus Domino Server 6.5 - (username) Remote Denial of Service Exploit
sBLOG 0.7.3 Beta - (inc/lang.php) Local File Inclusion Exploit
IBM Lotus Domino Server 6.5 - (username) Remote Denial of Service

Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service Exploit
Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service

Microsoft Windows - Explorer Unspecified .ANI File Denial of Service Exploit
Microsoft Windows - Explorer Unspecified .ANI File Denial of Service

Gran Paradiso 3.0a3 non-existent applet Denial of Service Exploit
Gran Paradiso 3.0a3 non-existent applet Denial of Service

Sami HTTP Server 2.0.1 POST Request Denial of Service Exploit
Sami HTTP Server 2.0.1 POST Request Denial of Service

Ettercap-NG 0.7.3 - Remote Denial of Service Exploit
Ettercap-NG 0.7.3 - Remote Denial of Service

Mozzers SubSystem final (subs.php) Remote Code Execution
Mozzers SubSystem final - (subs.php) Remote Code Execution

Winamp 5.3 - (.WMV) Remote Denial of Service Exploit
Winamp 5.3 - (.WMV) Remote Denial of Service

Foxit Reader 2.0 - (PDF) Remote Denial of Service Exploit
Foxit Reader 2.0 - (PDF) Remote Denial of Service
Joomla 1.5.0 Beta (pcltar.php) Remote File Inclusion
Winamp 5.33 - (.AVI) Remote Denial of Service Exploit
Joomla 1.5.0 Beta - (pcltar.php) Remote File Inclusion
Winamp 5.33 - (.AVI) Remote Denial of Service

Opera 9.2 - (.torrent) Remote Denial of Service Exploit
Opera 9.2 - (.torrent) Remote Denial of Service
Linksys SPA941 \377 character Remote Denial of Service Exploit
Linksys SPA941 - (remote reboot) Remote Denial of Service Exploit
Linksys SPA941 \377 character Remote Denial of Service
Linksys SPA941 - (remote reboot) Remote Denial of Service

RealPlayer 10 - (.ra) Remote Denial of Service Exploit
RealPlayer 10 - (.ra) Remote Denial of Service

PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service Exploit
PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service

Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service Exploit
Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service

Word Viewer OCX 3.2 - Remote Denial of Service Exploit
Word Viewer OCX 3.2 - Remote Denial of Service

Office Viewer OCX 3.2.0.5 - Multiple Methods Denial of Service Exploit
Office Viewer OCX 3.2.0.5 - Multiple Methods Denial of Service

Versalsoft HTTP File Upload ActiveX 6.36 - (AddFile) Remote DoS Exploit
Versalsoft HTTP File Upload ActiveX 6.36 - (AddFile) Remote Denial of Service

Opera 9.10 alert() Remote Denial of Service Exploit
Opera 9.10 alert() Remote Denial of Service

SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service Exploit
SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service

SimpleNews 1.0.0 FINAL (print.php news_id) SQL Injection Exploit
SimpleNews 1.0.0 FINAL - (print.php news_id) SQL Injection Exploit

Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service Exploit
Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service

PrecisionID Barcode ActiveX 1.3 - Denial of Service Exploit
PrecisionID Barcode ActiveX 1.3 - Denial of Service

ID Automation Linear Barcode ActiveX Denial of Service Exploit
ID Automation Linear Barcode ActiveX Denial of Service

Microsoft Windows Vista - Forged ARP packet Network Stack DoS Exploit
Microsoft Windows Vista - Forged ARP packet Network Stack Denial of Service
BitsCast 0.13.0 - (invalid string) Remote Denial of Service Exploit
NewzCrawler 1.8 - (invalid string) Remote Denial of Service Exploit
BitsCast 0.13.0 - (invalid string) Remote Denial of Service
NewzCrawler 1.8 - (invalid string) Remote Denial of Service

PrecisionID Barcode ActiveX 1.9 - Remote Denial of Service Exploit
PrecisionID Barcode ActiveX 1.9 - Remote Denial of Service
CA BrightStor Backup 11.5.2.0 caloggderd.exe Denial of Service Exploit
CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Exploit
CA BrightStor Backup 11.5.2.0 caloggderd.exe Denial of Service
CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service

Mambo com_yanc 1.4 beta (id) SQL Injection
Mambo com_yanc 1.4 beta - (id) SQL Injection

Microsoft IIS 6.0 - (/AUX/.aspx) Remote Denial of Service Exploit
Microsoft IIS 6.0 - (/AUX/.aspx) Remote Denial of Service

LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote DoS Exploit
LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote Denial of Service

Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote DoS Exploit
Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote Denial of Service

EDraw Office Viewer Component Denial of Service Exploit
EDraw Office Viewer Component Denial of Service

SNMPc 7.0.18 - Remote Denial of Service Exploit (Metasploit)
SNMPc 7.0.18 - Remote Denial of Service (Metasploit)

Microsoft Windows GDI+ - ICO File Remote Denial of Service Exploit
Microsoft Windows GDI+ - ICO File Remote Denial of Service

MiniWeb Http Server 0.8.x - Remote Denial of Service Exploit
MiniWeb Http Server 0.8.x - Remote Denial of Service

Safari 3 for Windows Beta Remote Command Execution PoC
Safari 3 for Windows Beta - Remote Command Execution PoC

BitchX 1.1-final (EXEC) Remote Command Execution Exploit
BitchX 1.1-final - (EXEC) Remote Command Execution Exploit

PHP 5.2.3 - bz2 com_print_typeinfo() Denial of Service Exploit
PHP 5.2.3 - bz2 com_print_typeinfo() Denial of Service

PHP 5.2.3 - glob() Denial of Service Exploit
PHP 5.2.3 - glob() Denial of Service

TeamSpeak 2.0 - (Windows Release) Remote Denial of Service Exploit
TeamSpeak 2.0 - (Windows Release) Remote Denial of Service
Microsoft Windows - Explorer.exe Gif Image Denial of Service Exploit
Xserver 0.1 Alpha Post Request Remote Buffer Overflow Exploit
Microsoft Windows - Explorer.exe Gif Image Denial of Service
Xserver 0.1 Alpha - Post Request Remote Buffer Overflow Exploit

Microsoft Internet Explorer 6 DirectX Media Remote Overflow DoS Exploit
Microsoft Internet Explorer 6 DirectX Media Remote Overflow Denial of Service

Cisco IOS Next Hop Resolution Protocol (NHRP) Denial of Service Exploit
Cisco IOS Next Hop Resolution Protocol (NHRP) Denial of Service

WengoPhone 2.x - SIP Phone Remote Denial of Service Exploit
WengoPhone 2.x - SIP Phone Remote Denial of Service

CounterPath X-Lite 3.x - SIP phone Remote Denial of Service Exploit
CounterPath X-Lite 3.x - SIP phone Remote Denial of Service
WireShark < 0.99.6 Mms Remote Denial of Service Exploit
Easy Chat Server 2.2 - Remote Denial of Service Exploit
WireShark < 0.99.6 Mms Remote Denial of Service
Easy Chat Server 2.2 - Remote Denial of Service
Cisco IP Phone 7940 - (3 SIP messages) Remote Denial of Service Exploit
Cisco IP Phone 7940 - (10 SIP messages) Remote Denial of Service Exploit
eCentrex VOIP Client module (uacomx.ocx 2.0.1) Remote BoF Exploit
Cisco IP Phone 7940 - (3 SIP messages) Remote Denial of Service
Cisco IP Phone 7940 - (10 SIP messages) Remote Denial of Service
eCentrex VOIP Client module - (uacomx.ocx 2.0.1) Remote BoF Exploit

Thomson SIP phone ST 2030 - Remote Denial of Service Exploit
Thomson SIP phone ST 2030 - Remote Denial of Service

Microsoft Windows - (GDI32.DLL) Denial of Service Exploit (MS07-046)
Microsoft Windows - (GDI32.DLL) Denial of Service (MS07-046)

JetCast Server 2.0.0.4308 - Remote Denial of Service Exploit
JetCast Server 2.0.0.4308 - Remote Denial of Service

actSite 1.991 Beta (base.php) Remote File Inclusion
actSite 1.991 Beta - (base.php) Remote File Inclusion

wzdftpd 0.8.0 - (USER) Remote Denial of Service Exploit
wzdftpd 0.8.0 - (USER) Remote Denial of Service

LiveAlbum 0.9.0 common.php Remote File Inclusion
LiveAlbum 0.9.0 - common.php Remote File Inclusion

eXtremail 2.1.1 memmove() Remote Denial of Service Exploit
eXtremail 2.1.1 memmove() Remote Denial of Service

GCALDaemon 1.0-beta13 - Remote Denial of Service Exploit
GCALDaemon 1.0-beta13 - Remote Denial of Service

Mozilla Firefox 2.0.0.7 - Remote Denial of Service Exploit
Mozilla Firefox 2.0.0.7 - Remote Denial of Service
Firefly Media Server 0.2.4 - Remote Denial of Service Exploit
Ubuntu 6.06 DHCPd - Remote Denial of Service Exploit
Firefly Media Server 0.2.4 - Remote Denial of Service
Ubuntu 6.06 DHCPd - Remote Denial of Service

patBBcode 1.0 bbcodeSource.php Remote File Inclusion
patBBcode 1.0 - bbcodeSource.php Remote File Inclusion

RealPlayer 11 Malformed AU File Denial of Service Exploit
RealPlayer 11 Malformed AU File Denial of Service

Cisco Phone 7940 - Remote Denial of Service Exploit
Cisco Phone 7940 - Remote Denial of Service

Simple HTTPD 1.41 - (/aux) Remote Denial of Service Exploit
Simple HTTPD 1.41 - (/aux) Remote Denial of Service

SurgeMail 38k4 - webmail Host header Denial of Service Exploit
SurgeMail 38k4 - webmail Host header Denial of Service

Blakord Portal Beta 1.3.A (all modules) SQL Injection
Blakord Portal Beta 1.3.A - (all modules) SQL Injection

WebPortal CMS 0.6-beta Remote Password Change Exploit
WebPortal CMS 0.6-beta - Remote Password Change Exploit

Half-Life CSTRIKE Server 1.6 - Denial of Service Exploit (no-steam)
Half-Life CSTRIKE Server 1.6 - Denial of Service (no-steam)

Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote DoS Exploit
Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote Denial of Service

PHP-Nuke 8.0 Final (sid) SQL Injection Exploit
PHP-Nuke 8.0 Final - (sid) SQL Injection Exploit

Apple iPhone 1.1.2 - Remote Denial of Service Exploit
Apple iPhone 1.1.2 - Remote Denial of Service

MicroTik RouterOS 3.2 SNMPd snmp-set Denial of Service Exploit
MicroTik RouterOS 3.2 SNMPd snmp-set Denial of Service

Joomla Component MCQuiz 0.9 Final (tid) SQL Injection
Joomla Component MCQuiz 0.9 Final - (tid) SQL Injection

Apple iPhoto 4.0.3 DPAP Server Denial of Service Exploit
Apple iPhoto 4.0.3 DPAP Server Denial of Service

MyServer 0.8.11 - (204 No Content) error Remote Denial of Service Exploit
MyServer 0.8.11 - (204 No Content) error Remote Denial of Service

Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) DoS Exploit
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service

ICQ Toolbar 2.3 - ActiveX Remote Denial of Service Exploit
ICQ Toolbar 2.3 - ActiveX Remote Denial of Service

Apple Safari (webkit) Remote Denial of Service Exploit (iphone/osx/win)
Apple Safari (webkit) Remote Denial of Service (iphone/osx/win)

Home FTP Server 1.4.5 - Remote Denial of Service Exploit
Home FTP Server 1.4.5 - Remote Denial of Service

PacketTrap Networks pt360 2.0.39 TFTPD - Remote DoS Exploit
PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service

mxBB Module mx_blogs 2.0.0-beta Remote File Inclusion Exploit
mxBB Module mx_blogs 2.0.0-beta - Remote File Inclusion Exploit

Microsoft Windows - Explorer Unspecified .DOC File Denial of Service Exploit
Microsoft Windows - Explorer Unspecified .DOC File Denial of Service

Noticeware Email Server 4.6.1.0 - Denial of Service Exploit
Noticeware Email Server 4.6.1.0 - Denial of Service
Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service Exploit
Novel eDirectory HTTP - Denial of Service Exploit
Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service
Novel eDirectory HTTP - Denial of Service

XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service Exploit
XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service

e-107 Plugin zogo-shop 1.16 Beta 13 SQL Injection
e-107 Plugin zogo-shop 1.16 Beta 13 - SQL Injection

AlkalinePHP 0.80.00 beta (thread.php id) SQL Injection Exploit
AlkalinePHP 0.80.00 beta - (thread.php id) SQL Injection Exploit

Mambo Component mambads 1.0 RC1 Beta SQL Injection
Mambo Component mambads 1.0 RC1 Beta - SQL Injection

I-Pos Internet Pay Online Store 1.3 Beta SQL Injection
I-Pos Internet Pay Online Store 1.3 Beta - SQL Injection

P2P Foxy Out of Memory Denial of Service Exploit
P2P Foxy Out of Memory Denial of Service

uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header DoS Exploit
uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header Denial of Service

Simple DNS Plus 5.0/4.1 - Remote Denial of Service Exploit
Simple DNS Plus 5.0/4.1 - Remote Denial of Service

Yahoo Messenger 8.1 - ActiveX Remote Denial of Service Exploit
Yahoo Messenger 8.1 - ActiveX Remote Denial of Service

WinRemotePC Full+Lite 2008 r.2server Denial of Service Exploit
WinRemotePC Full+Lite 2008 r.2server Denial of Service

Bea Weblogic Apache Connector - Code Execution / Denial of Service Exploit
Bea Weblogic Apache Connector - Code Execution / Denial of Service

Oracle Internet Directory 10.1.4 - Remote Preauth DoS Exploit
Oracle Internet Directory 10.1.4 - Remote Preauth Denial of Service

F-PROT antivirus 6.2.1.4252 - (malformed archive) Infinite Loop DoS Exploit
F-PROT antivirus 6.2.1.4252 - (malformed archive) Infinite Loop Denial of Service

Xerox Phaser 8400 - (reboot) Remote Denial of Service Exploit
Xerox Phaser 8400 - (reboot) Remote Denial of Service

HydraIrc 0.3.164 - (last) Remote Denial of Service Exploit
HydraIrc 0.3.164 - (last) Remote Denial of Service

txtSQL 2.2 Final (startup.php) Remote File Inclusion
txtSQL 2.2 Final - (startup.php) Remote File Inclusion

Ventrilo 3.0.2 - NULL pointer Remote DoS Exploit
Ventrilo 3.0.2 - NULL pointer Remote Denial of Service

Google Chrome Browser 0.2.149.27 A HREF Denial of Service Exploit
Google Chrome Browser 0.2.149.27 A HREF Denial of Service

Google Chrome Browser 0.2.149.27 Inspect Element DoS Exploit
Google Chrome Browser 0.2.149.27 Inspect Element Denial of Service

Flock Social Web Browser 1.2.5 - (loop) Remote Denial of Service Exploit
Flock Social Web Browser 1.2.5 - (loop) Remote Denial of Service

Adobe Acrobat 9 - ActiveX Remote Denial of Service Exploit
Adobe Acrobat 9 - ActiveX Remote Denial of Service

The Personal FTP Server 6.0f RETR Denial of Service Exploit
The Personal FTP Server 6.0f RETR Denial of Service

Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - (.forward) Local DoS Exploit
Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - (.forward) Local Denial of Service

WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (Metasploit)
WonderWare SuiteLink 2.0 - Remote Denial of Service (Metasploit)

Femitter FTP Server 1.03 - (RETR) Remote Denial of Service Exploit PoC
Femitter FTP Server 1.03 - (RETR) Remote Denial of Service PoC

fhttpd 0.4.2 un64() - Remote Denial of Service Exploit
fhttpd 0.4.2 un64() - Remote Denial of Service

DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service Exploit
DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service

Vikingboard 0.2 Beta (task) Local File Inclusion
Vikingboard 0.2 Beta - (task) Local File Inclusion

Vikingboard 0.2 Beta SQL Column Truncation
Vikingboard 0.2 Beta - SQL Column Truncation

WinFTP Server 2.3.0 - (NLST) Denial of Service Exploit
WinFTP Server 2.3.0 - (NLST) Denial of Service

Chilkat IMAP ActiveX 7.9 - File Execution / IE DoS Exploit
Chilkat IMAP ActiveX 7.9 - File Execution / IE Denial of Service

Google Chrome 0.2.149.30 Window Object Suppressing DoS Exploit
Google Chrome 0.2.149.30 Window Object Suppressing Denial of Service
Opera 9.52 Window Object Suppressing Remote Denial of Service Exploit
Microsoft Windows Explorer - (.zip) Denial of Service Exploit
Opera 9.52 Window Object Suppressing Remote Denial of Service
Microsoft Windows Explorer - (.zip) Denial of Service

Autodesk DWF Viewer Control / LiveUpdate Module Remote Exploit
Autodesk DWF Viewer Control / LiveUpdate Module - Remote Exploit

VBA32 Personal Antivirus 3.12.8.x - (malformed archive) DoS Exploit
VBA32 Personal Antivirus 3.12.8.x - (malformed archive) Denial of Service

Skype extension for Firefox BETA 2.2.0.95 Clipboard Writing
Skype extension for Firefox BETA 2.2.0.95 - Clipboard Writing

WinFTP 2.3.0 - (PASV mode) Remote Denial of Service Exploit
WinFTP 2.3.0 - (PASV mode) Remote Denial of Service

NoticeWare E-mail Server 5.1.2.2 - (POP3) Pre-Auth DoS Exploit
NoticeWare E-mail Server 5.1.2.2 - (POP3) Pre-Auth Denial of Service

GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/DoS Exploit
GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/Denial of Service
XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service Exploit
RaidenFTPD 2.4 build 3620 - Remote Denial of Service Exploit
XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service
RaidenFTPD 2.4 build 3620 - Remote Denial of Service

Titan FTP server 6.26 build 630 - Remote Denial of Service Exploit
Titan FTP server 6.26 build 630 - Remote Denial of Service

Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote Denial of Service

Dart Communications PowerTCP FTP module Remote BoF Exploit
Dart Communications PowerTCP FTP module - Remote BoF Exploit

SilverSHielD 1.0.2.34 - (opendir) Denial of Service Exploit
SilverSHielD 1.0.2.34 - (opendir) Denial of Service

vicFTP 5.0 - (LIST) Remote Denial of Service Exploit
vicFTP 5.0 - (LIST) Remote Denial of Service

PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (Metasploit)
PumpKIN TFTP Server 2.7.2.0 - Denial of Service (Metasploit)

PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service Exploit
PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service

Bloggie Lite 0.0.2 Beta SQL Injection by Insecure Cookie Handling
Bloggie Lite 0.0.2 Beta - SQL Injection by Insecure Cookie Handling

ExoPHPDesk 1.2 Final (Auth Bypass) SQL Injection
ExoPHPDesk 1.2 Final - (Auth Bypass) SQL Injection

Pi3Web 2.0.3 - (ISAPI) Remote Denial of Service Exploit
Pi3Web 2.0.3 - (ISAPI) Remote Denial of Service

LoveCMS 1.6.2 Final (Simple Forum 3.1d) Change Admin Password Exploit
LoveCMS 1.6.2 Final (Simple Forum 3.1d) - Change Admin Password Exploit

Microsoft Office Communicator (SIP) Remote Denial of Service Exploit
Microsoft Office Communicator (SIP) Remote Denial of Service

OpenForum 0.66 Beta Remote Reset Admin Password Exploit
OpenForum 0.66 Beta - Remote Reset Admin Password Exploit

Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service Exploit
Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service

Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local DoS Exploit
Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local Denial of Service

Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service Exploit
Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service

Linksys Wireless ADSL Router (WAG54G v2) - httpd DoS Exploit
Linksys Wireless ADSL Router (WAG54G v2) - httpd Denial of Service
Psi Jabber Client (8010/tcp) Remote Denial of Service Exploit (win/lin)
PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service Exploit
Psi Jabber Client (8010/tcp) Remote Denial of Service (win/lin)
PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service

VMware 2.5.1 - (Vmware-authd) Remote Denial of Service Exploit
VMware 2.5.1 - (Vmware-authd) Remote Denial of Service

SeaMonkey 1.1.14 - (marquee) Denial of Service Exploit
SeaMonkey 1.1.14 - (marquee) Denial of Service

Microsoft Internet Explorer - JavaScript screen[ ] Denial of Service Exploit
Microsoft Internet Explorer - JavaScript screen[ ] Denial of Service

Winamp 5.541 - (mp3/aiff) Multiple Denial of Service Exploits
Winamp 5.541 - (mp3/aiff) Multiple Denial of Services

Cisco VLAN Trunking Protocol Denial of Service Exploit
Cisco VLAN Trunking Protocol Denial of Service

Novell Netware 6.5 - (ICEbrowser) Remote System DoS Exploit
Novell Netware 6.5 - (ICEbrowser) Remote System Denial of Service

D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service Exploit
D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service

TxtBlog 1.0 Alpha Remote Command Execution Exploit
TxtBlog 1.0 Alpha - Remote Command Execution Exploit

GR Note 0.94 beta (Auth Bypass) Remote Database Backup
GR Note 0.94 beta - (Auth Bypass) Remote Database Backup

Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service Exploit
Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service

BlueBird Pre-Release (Auth Bypass) SQL Injection
BlueBird Pre-Release - (Auth Bypass) SQL Injection

Got All Media 7.0.0.3 - (t00t) Remote Denial of Service Exploit
Got All Media 7.0.0.3 - (t00t) Remote Denial of Service

HTC Touch vCard over IP Denial of Service Exploit
HTC Touch vCard over IP Denial of Service

Yaws < 1.80 - (multiple headers) Remote Denial of Service Exploit
Yaws < 1.80 - (multiple headers) Remote Denial of Service

Multiple Vendors libc:fts_*() - Local Denial of Service Exploit
Multiple Vendors libc:fts_*() - Local Denial of Service

Addonics NAS Adapter Post-Auth Denial of Service Exploit
Addonics NAS Adapter Post-Auth Denial of Service
Serv-U 7.4.0.1 - (SMNT) Denial of Service Exploit (post auth)
VLC 0.9.8a Web UI (input) Remote Denial of Service Exploit
Serv-U 7.4.0.1 - (SMNT) Denial of Service (post auth)
VLC 0.9.8a Web UI (input) Remote Denial of Service

SW-HTTPD Server 0.x - Remote Denial of Service Exploit
SW-HTTPD Server 0.x - Remote Denial of Service

XM Easy Personal FTP Server 5.7.0 - (NLST) DoS Exploit
XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service

Sami HTTP Server 2.x - (HEAD) Remote Denial of Service Exploit
Sami HTTP Server 2.x - (HEAD) Remote Denial of Service
IBM DB2 < 9.5 pack 3a - Connect Denial of Service Exploit
IBM DB2 < 9.5 pack 3a - Data Stream Denial of Service Exploit
IBM DB2 < 9.5 pack 3a - Connect Denial of Service
IBM DB2 < 9.5 pack 3a - Data Stream Denial of Service
Steamcast 0.9.75b Remote Denial of Service Exploit
OpenBSD 4.5 IP datagram Null Pointer Deref DoS Exploit
Steamcast 0.9.75b Remote Denial of Service
OpenBSD 4.5 IP datagram Null Pointer Deref Denial of Service

Microsoft Media Player - (quartz.dll .mid) Denial of Service Exploit
Microsoft Media Player - (quartz.dll .mid) Denial of Service

Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth)
Addonics NAS Adapter (bts.cgi) Remote Denial of Service (post-auth)

Zervit Web Server 0.3 - Remote Denial of Service Exploit
Zervit Web Server 0.3 - Remote Denial of Service

Xitami Web Server 5.0 - Remote Denial of Service Exploit
Xitami Web Server 5.0 - Remote Denial of Service

iodined 0.4.2-2 - (forged DNS packet) Denial of Service Exploit
iodined 0.4.2-2 - (forged DNS packet) Denial of Service

Addonics NAS Adapter FTP Remote Denial of Service Exploit
Addonics NAS Adapter FTP Remote Denial of Service

Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet Denial of Service Exploit
Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet Denial of Service

TYPSoft FTP Server 1.11 - (ABORT) Remote DoS Exploit
TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service

Mereo 1.8.0 - (Get Request) Remote Denial of Service Exploit
Mereo 1.8.0 - (Get Request) Remote Denial of Service

DGNews 3.0 Beta (id) SQL Injection
DGNews 3.0 Beta - (id) SQL Injection

Mozilla Firefox (unclamped loop) Denial of Service Exploit
Mozilla Firefox (unclamped loop) Denial of Service

Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service Exploit
Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service

Apache mod_dav / svn Remote Denial of Service Exploit
Apache mod_dav / svn Remote Denial of Service

OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote Denial of Service

LinkLogger 2.4.10.15 - (syslog) Denial of Service Exploit
LinkLogger 2.4.10.15 - (syslog) Denial of Service

ARD-9808 DVR Card Security Camera (GET Request) Remote DoS Exploit
ARD-9808 DVR Card Security Camera (GET Request) Remote Denial of Service

FreeBSD 6/8 - (ata device) Local Denial of Service Exploit
FreeBSD 6/8 - (ata device) Local Denial of Service

Multiple Web Browsers Denial of Service Exploit (1 bug to rule them all)
Multiple Web Browsers Denial of Service (1 bug to rule them all)

FreeBSD 7.2 - (pecoff executable) Local Denial of Service Exploit
FreeBSD 7.2 - (pecoff executable) Local Denial of Service

E-Xoopport 3.1 Module MyAnnonces (lid) SQL Injection
E-Xoopport 3.1 Module MyAnnonces - (lid) SQL Injection
OpenH323 Opal SIP Protocol Remote Denial of Service Exploit
Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service Exploit
WzdFTPD 8.0 - Remote Denial of Service Exploit
OpenH323 Opal SIP Protocol Remote Denial of Service
Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service
WzdFTPD 8.0 - Remote Denial of Service

FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service Exploit
FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service

Linux Kernel < 2.6.30.5 cfg80211 - Remote Denial of Service Exploit
Linux Kernel < 2.6.30.5 cfg80211 - Remote Denial of Service

TheGreenBow VPN Client tgbvpn.sys Local DoS Exploit
TheGreenBow VPN Client tgbvpn.sys Local Denial of Service

HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service Exploit
HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service

KSP 2006 FINAL (.M3U) Universal Local Buffer Exploit (SEH)
KSP 2006 FINAL - (.M3U) Universal Local Buffer Exploit (SEH)
Xerox WorkCentre Multiple Models Denial of Service Exploit
Cerberus FTP 3.0.1 - (ALLO) Remote Overflow DoS Exploit (Metasploit)
Xerox WorkCentre Multiple Models Denial of Service
Cerberus FTP 3.0.1 - (ALLO) Remote Overflow Denial of Service (Metasploit)

TFTPUtil GUI 1.3.0 - Remote Denial of Service Exploit
TFTPUtil GUI 1.3.0 - Remote Denial of Service

SolarWinds TFTP Server 9.2.0.111 - Remote DoS Exploit
SolarWinds TFTP Server 9.2.0.111 - Remote Denial of Service

Re-Script 0.99 Beta (listings.php op) SQL Injection
Re-Script 0.99 Beta - (listings.php op) SQL Injection

Novell eDirectory 8.8 SP5 - Remote Denial of Service Exploit
Novell eDirectory 8.8 SP5 - Remote Denial of Service

Safari 3.2.3 - (Win32) JavaScript (eval) Remote DoS Exploit
Safari 3.2.3 - (Win32) JavaScript (eval) Remote Denial of Service

WarFTPd 1.82.00-RC12 - (LIST command) Format String DoS Exploit
WarFTPd 1.82.00-RC12 - (LIST command) Format String Denial of Service

FreeRadius < 1.1.8 - Zero-length Tunnel-Password DoS Exploit
FreeRadius < 1.1.8 - Zero-length Tunnel-Password Denial of Service

httpdx Web Server 1.4 - (Host Header) Remote Format String DoS Exploit
httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service

FtpXQ FTP Server 3.0 - Remote Denial of Service Exploit (Auth)
FtpXQ FTP Server 3.0 - Remote Denial of Service (Auth)

Cerberus FTP Server 3.0.3 - Remote Denial of Service Exploit
Cerberus FTP Server 3.0.3 - Remote Denial of Service

FTPDMIN 0.96 - (LIST) Remote Denial of Service Exploit
FTPDMIN 0.96 - (LIST) Remote Denial of Service

Safari 4.0.3 - (Win32) CSS Remote Denial of Service Exploit
Safari 4.0.3 - (Win32) CSS Remote Denial of Service

PHP < 5.3.1 - 'multipart/form-data' Denial of Service Exploit (Python)
PHP < 5.3.1 - 'multipart/form-data' Denial of Service (Python)

Drupal Sections Module XSS
Drupal Sections Module - XSS

3Com OfficeConnect Routers - Remote DoS Exploit
3Com OfficeConnect Routers - Remote Denial of Service

TFTP Daemon 1.9 - Denial of Service Exploit
TFTP Daemon 1.9 - Denial of Service

SimplePlayer 0.2 - (.wav) Overflow DoS Exploit (0Day)
SimplePlayer 0.2 - (.wav) Overflow Denial of Service (0Day)

Joomla Component com_abbrev Local File Inclusion
Joomla Component com_abbrev - Local File Inclusion

iOS Udisk FTP Basic Edition - Remote DoS Exploit (0Day)
iOS Udisk FTP Basic Edition - Remote Denial of Service (0Day)

P2GChinchilla HTTP Server 1.1.1 - Denial of Service Exploit
P2GChinchilla HTTP Server 1.1.1 - Denial of Service

iOS Serversman 3.1.5 - HTTP Remote DoS Exploit
iOS Serversman 3.1.5 - HTTP Remote Denial of Service

Opera 10.10 - Remote Code Execution DoS Exploit
Opera 10.10 - Remote Code Execution Denial of Service

Mozilla Firefox 3.6 - (Multitudinous looping) Denial of Service Exploit
Mozilla Firefox 3.6 - (Multitudinous looping) Denial of Service

Microsoft Internet Explorer 8 - (Multitudinous looping) Denial of Service Exploit
Microsoft Internet Explorer 8 - (Multitudinous looping) Denial of Service

iOS My DBLite Edition - Remote DoS Exploit (0Day)
iOS My DBLite Edition - Remote Denial of Service (0Day)

iOS FileApp 1.7 - Remote DoS Exploit
iOS FileApp 1.7 - Remote Denial of Service

iOS iFTPStorage 1.2 - Remote DoS Exploit
iOS iFTPStorage 1.2 - Remote Denial of Service

Winamp 5.57 - (Browser) IE Denial of Service Exploit
Winamp 5.57 - (Browser) IE Denial of Service

VKPlayer 1.0 - (.mid) Denial of Service Exploit
VKPlayer 1.0 - (.mid) Denial of Service

iPhone FTP Server By Zhang Boyang Remote DoS Exploit
iPhone FTP Server By Zhang Boyang Remote Denial of Service

Mozilla Firefox 3.6 - Denial of Service Exploit
Mozilla Firefox 3.6 - Denial of Service

Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote Include
Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote File Inclusion

PowieSys 0.7.7 alpha index.php (shownews) SQL Injection
PowieSys 0.7.7 alpha - index.php (shownews) SQL Injection

BitComet 1.19 - Remote DoS Exploit
BitComet 1.19 - Remote Denial of Service

ALPHA CMS Local File Inclusion
ALPHA CMS - Local File Inclusion

uTorrent WebUI 0.370 - Authorization header DoS Exploit
uTorrent WebUI 0.370 - Authorization header Denial of Service
Microsoft Office (2010 beta) Communicator SIP Denial of Service Exploit
Foxit Reader 3.2.1.0401 - Denial of Service Exploit
Microsoft Office (2010 beta) Communicator SIP Denial of Service
Foxit Reader 3.2.1.0401 - Denial of Service

Joomla Component JTM Reseller 1.9 Beta SQL Injection
Joomla Component JTM Reseller 1.9 Beta - SQL Injection

EDraw Flowchart ActiveX Control 2.3 - (EDImage.ocx) Remote DoS Exploit (IE)
EDraw Flowchart ActiveX Control 2.3 - (EDImage.ocx) Remote Denial of Service (IE)

Webmoney Advisor ActiveX Remote DoS Exploit
Webmoney Advisor ActiveX Remote Denial of Service

Apple Safari 4.0.3 - (Win32) CSS Remote Denial of Service Exploit
Apple Safari 4.0.3 - (Win32) CSS Remote Denial of Service

Press Release Script (page.php id) SQL Injection
Press Release Script - (page.php id) SQL Injection

dotWidget for articles 2.0 admin/editconfig.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 - admin/editconfig.php Multiple Parameter Remote File Inclusion

HomeFTP Server r1.10.3 - (build 144) Denial of Service Exploit
HomeFTP Server r1.10.3 - (build 144) Denial of Service

Solarwinds 10.4.0.13 - Denial of Service Exploit
Solarwinds 10.4.0.13 - Denial of Service

EZPX Photoblog 1.2 beta Remote File Inclusion Exploit
EZPX Photoblog 1.2 beta - Remote File Inclusion Exploit

Drupal Sections 5.x-1.2/6.x-1.2 Module HTML Injection
Drupal Sections 5.x-1.2/6.x-1.2 Module - HTML Injection

MP3 Cutter 1.5 - DoS Exploit
MP3 Cutter 1.5 - Denial of Service

Really Simple IM 1.3beta DoS Proof of Concept
Really Simple IM 1.3beta - DoS Proof of Concept

QQ Computer Manager TSKsp.sys Local Denial of Service Exploit
QQ Computer Manager TSKsp.sys Local Denial of Service

SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) DoS Exploit
SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service

VMware Workstation 7.1.1 - VMkbd.sys Denial of Service Exploit
VMware Workstation 7.1.1 - VMkbd.sys Denial of Service

iOS FileApp < 2.0 - FTP Remote Denial of Service Exploit
iOS FileApp < 2.0 - FTP Remote Denial of Service

AVG Internet Security 9.0.851 - Local Denial of Service Exploit
AVG Internet Security 9.0.851 - Local Denial of Service

GSPlayer 1.83a Win32 Release Buffer Overflow
GSPlayer 1.83a Win32 Release - Buffer Overflow

Sami HTTP Server 2.0.1 - GET Request Denial of Service Exploit
Sami HTTP Server 2.0.1 - GET Request Denial of Service

PCSX2 0.9.7 beta Binary Denial of Service
PCSX2 0.9.7 beta - Binary Denial of Service

HttpBlitz Web Server Denial of Service Exploit
HttpBlitz Web Server Denial of Service

Xynph 1.0 USER Denial of Service Exploit
Xynph 1.0 USER Denial of Service

Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode DoS Exploit
Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service

Solar FTP 2.1 - Denial of Service Exploit
Solar FTP 2.1 - Denial of Service

Victory FTP Server 5.0 - Denial of Service Exploit
Victory FTP Server 5.0 - Denial of Service

TWiki History TWikiUsers rev Parameter Command Execution
TWiki History TWikiUsers - rev Parameter Command Execution

AVIPreview 0.26 Alpha Denial of Service
AVIPreview 0.26 Alpha - Denial of Service

Microsoft Windows XP - afd.sys Local Kernel DoS Exploit
Microsoft Windows XP - afd.sys Local Kernel Denial of Service

Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel DoS Exploit
Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel Denial of Service

Adobe Reader/Acrobat 10.0.1 DoS Exploit
Adobe Reader/Acrobat 10.0.1 Denial of Service

Omnicom Alpha 4.0e LPD Server DoS
Omnicom Alpha 4.0e LPD Server - DoS

OpenSLP 1.2.1 / < 1647 trunk - Denial of Service Exploit
OpenSLP 1.2.1 / < 1647 trunk - Denial of Service

World Of Warcraft Local Stack Overflow DoS Exploit (chat-cache.txt)
World Of Warcraft Local Stack Overflow Denial of Service (chat-cache.txt)

TOWeb 3.0 - Local Format String DoS Exploit (TOWeb.MO file corruption)
TOWeb 3.0 - Local Format String Denial of Service (TOWeb.MO file corruption)

1024 CMS 1.1.0 Beta force_download.php Local File Inclusion
1024 CMS 1.1.0 Beta - force_download.php Local File Inclusion

FleaHttpd Remote Denial of Service Exploit
FleaHttpd Remote Denial of Service

ComSndFTP Server 1.3.7 Beta Remote Format String Overflow
ComSndFTP Server 1.3.7 Beta - Remote Format String Overflow

Play [EX] 2.1 - Playlist File (M3U/PLS/LST) DoS Exploit
Play [EX] 2.1 - Playlist File (M3U/PLS/LST) Denial of Service

Windows OpenType Font - File Format DoS Exploit
Windows OpenType Font - File Format Denial of Service

HP JetAdmin 1.0.9 Rev. D symlink
HP JetAdmin 1.0.9 Rev. D - symlink

Microsoft Site Server Commerce Edition 3.0 alpha AdSamples
Microsoft Site Server Commerce Edition 3.0 alpha - AdSamples Sensitive Information

Daniel Beckham The Finger Server 0.82 BETA Pipe
Daniel Beckham The Finger Server 0.82 BETA - Pipe

Sambar Server 4.2 beta 7 Batch CGI
Sambar Server 4.2 beta 7 - Batch CGI

DomsHttpd 1.0 - Remote Denial of Service Exploit
DomsHttpd 1.0 - Remote Denial of Service
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta Mail Logging Buffer Overflow (1)
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta Mail Logging Buffer Overflow (2)
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta Mail Logging Buffer Overflow (3)
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (1)
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (2)
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (3)
Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha DNS Decode (1)
Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha DNS Decode (2)
Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha - DNS Decode (1)
Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha - DNS Decode (2)

Real Networks Real Server 7.0/7.0.1/8.0 Beta View-Source DoS
Real Networks Real Server 7.0/7.0.1/8.0 Beta - View-Source DoS

Omnicron OmniHTTPD 1.1/2.0 Alpha 1 visiadmin.exe Denial of Service
Omnicron OmniHTTPD 1.1/2.0 Alpha 1 - visiadmin.exe Denial of Service

Sun Java Web Server 1.1 Beta Viewable .jhtml Source
Sun Java Web Server 1.1 Beta - Viewable .jhtml Source

HP JetDirect rev. G.08.x/rev. H.08.x/x.08.x/J3111A LCD Display Modification
HP JetDirect rev. G.08.x/rev. H.08.x/x.08.x/J3111A - LCD Display Modification

Sambar Server 4.1 beta Admin Access
Sambar Server 4.1 beta - Admin Access

Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Password Disclosure
Alpha Networks ADSL2/2+ Wireless Router ASL-26555 - Password Disclosure

Cisco IOS 12 UDP Denial of Service
Cisco IOS 12 - UDP Denial of Service

XMB Forum 1.6 pre-beta Image Tag Script Injection
XMB Forum 1.6 pre-beta - Image Tag Script Injection

DCShop Beta 1.0 Form Manipulation
DCShop Beta 1.0 - Form Manipulation

Cisco IOS 11.x/12.0 ICMP Redirect Denial of Service
Cisco IOS 11.x/12.0 - ICMP Redirect Denial of Service

SmartMail Server 1.0 BETA 10 Oversized Request Denial of Service
SmartMail Server 1.0 BETA 10 - Oversized Request Denial of Service
Ultimate PHP Board 1.0 final beta ViewTopic.php Directory Contents Browsing
Ultimate PHP Board Board 1.0 final beta ViewTopic.php Cross-Site Scripting
Ultimate PHP Board 1.0 final beta - ViewTopic.php Directory Contents Browsing
Ultimate PHP Board Board 1.0 final beta - ViewTopic.php Cross-Site Scripting

N/X Web Content Management System 2002 Prerelease 1 datasets.php c_path Parameter LFI
N/X Web Content Management System 2002 Prerelease 1 - datasets.php c_path Parameter LFI

PHPOutsourcing Zorum 3.x - Remote Include Command Execution
PHPOutsourcing Zorum 3.x - Remote File Inclusion Command Execution
Sage 1.0 beta 3 Content Management System Path Disclosure
Sage 1.0 beta 3 Content Management System Cross-Site Scripting
Sage 1.0 beta 3 - Content Management System Path Disclosure
Sage 1.0 beta 3 - Content Management System Cross-Site Scripting

E-theni Remote Include Command Execution
E-theni Remote File Inclusion Command Execution

BZFlag 1.7 g0 Reconnect Denial of Service
BZFlag 1.7 g0 - Reconnect Denial of Service

Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module Integer Overflow
Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module - Integer Overflow

PMachine 2.2.1 Lib.Inc.php Remote Include Command Execution
PMachine 2.2.1 Lib.Inc.php Remote File Inclusion Command Execution

PHPForum 2.0 RC1 Mainfile.php Remote File Inclusion
PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion

IdealBB 1.4.9 Beta HTML Injection
IdealBB 1.4.9 Beta - HTML Injection
Escapade 0.2.1 Beta Scripting Engine PAGE Parameter Cross-Site Scripting
Escapade 0.2.1 Beta Scripting Engine PAGE Parameter Path Disclosure
Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Cross-Site Scripting
Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Path Disclosure

Koch Roland Rolis Guestbook 1.0 $path Remote File Inclusion
Koch Roland Rolis Guestbook 1.0 - $path Remote File Inclusion

My_EGallery Module 3.1.1 - Remote Include Command Injection
My_EGallery Module 3.1.1 - Remote File Inclusion Command Injection
Apache 2.0.4x mod_php Module File Descriptor Leakage (1)
Apache 2.0.4x mod_php Module File Descriptor Leakage (2)
Apache 2.0.4x mod_php Module - File Descriptor Leakage (1)
Apache 2.0.4x mod_php Module - File Descriptor Leakage (2)

Apache 2.0.4x mod_perl Module File Descriptor Leakage
Apache 2.0.4x mod_perl Module - File Descriptor Leakage
Laurent Adda Les Commentaires 2.0 PHP Script fonctions.lib.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 PHP Script derniers_commentaires.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 PHP Script admin.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script fonctions.lib.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script derniers_commentaires.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script admin.php Remote File Inclusion

NewsTraXor Website Management Script 2.9 beta Database Disclosure
NewsTraXor Website Management Script 2.9 beta - Database Disclosure

Adam Webb NukeJokes 1.7/2.0 Module modules.php jokeid Parameter SQL Injection
Adam Webb NukeJokes 1.7/2.0 Module - modules.php jokeid Parameter SQL Injection

PHP 4/5 Input/Output Wrapper Remote Include Function Command Execution Weakness
PHP 4/5 Input/Output Wrapper Remote File Inclusion Function Command Execution Weakness
Sambar Server 6.1 beta 2 show.asp show Parameter XSS
Sambar Server 6.1 beta 2 showperf.asp title Parameter XSS
Sambar Server 6.1 beta 2 showini.asp Arbitrary File Access
Sambar Server 6.1 beta 2 - show.asp show Parameter XSS
Sambar Server 6.1 beta 2 - showperf.asp title Parameter XSS
Sambar Server 6.1 beta 2 - showini.asp Arbitrary File Access

EasyWeb 1.0 FileManager Module Directory Traversal
EasyWeb 1.0 FileManager Module - Directory Traversal

EasyIns Stadtportal 4.0 Site Parameter Remote File Inclusion
EasyIns Stadtportal 4.0 - Site Parameter Remote File Inclusion
Free Web Chat Initial Release UserManager.java Null Pointer DoS
Free Web Chat Initial Release Connection Saturation DoS
Free Web Chat Initial Release - UserManager.java Null Pointer DoS
Free Web Chat Initial Release - Connection Saturation DoS

Cerulean Studios Trillian Client 0.74 MSN Module Remote Buffer Overflow
Cerulean Studios Trillian Client 0.74 MSN Module - Remote Buffer Overflow

TP-Link TL-WR740N Wireless Router - Denial of Service Exploit
TP-Link TL-WR740N Wireless Router - Denial of Service

Singapore 0.9.11 beta Image Gallery Index.php Cross-Site Scripting
Singapore 0.9.11 beta Image Gallery - Index.php Cross-Site Scripting

Datenbank Module For PHPBB Remote Mod.php Cross-Site Scripting
Datenbank Module For PHPBB - Remote Mod.php Cross-Site Scripting

Convert-UUlib 1.04/1.05 Perl Module Buffer Overflow
Convert-UUlib 1.04/1.05 Perl Module - Buffer Overflow

Atomic Photo Album 0.x/1.0 Apa_PHPInclude.INC.php Remote File Inclusion
Atomic Photo Album 0.x/1.0 - Apa_PHPInclude.INC.php Remote File Inclusion

Comdev ECommerce 3.0 Config.php Remote File Inclusion
Comdev ECommerce 3.0 - Config.php Remote File Inclusion
PHPTB Topic Board 2.0 admin_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 board_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 dev_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 file_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 tech_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 - admin_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 - board_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 - dev_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 - file_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 - tech_o.php absolutepath Parameter Remote File Inclusion

PHPWebNotes 2.0 Api.php Remote File Inclusion
PHPWebNotes 2.0 - Api.php Remote File Inclusion

CMS Made Simple 0.10 Lang.php Remote File Inclusion
CMS Made Simple 0.10 - Lang.php Remote File Inclusion

MusicBee 2.0.4663 - (.m3u) Denial of Service Exploit
MusicBee 2.0.4663 - (.m3u) Denial of Service

Help Center Live 1.0/1.2/2.0 Module.php Local File Inclusion
Help Center Live 1.0/1.2/2.0 - Module.php Local File Inclusion

Edgewall Software Trac 0.9 Ticket Query Module SQL Injection
Edgewall Software Trac 0.9 Ticket Query Module - SQL Injection
Thwboard Beta 2.8 calendar.php year Parameter SQL Injection
Thwboard Beta 2.8 v_profile.php user Parameter SQL Injection
Thwboard Beta 2.8 misc.php userid Parameter SQL Injection
Thwboard Beta 2.8 - calendar.php year Parameter SQL Injection
Thwboard Beta 2.8 - v_profile.php user Parameter SQL Injection
Thwboard Beta 2.8 - misc.php userid Parameter SQL Injection

Bitweaver 1.1.1 beta list_galleries.php sort_mode Parameter XSS
Bitweaver 1.1.1 beta - list_galleries.php sort_mode Parameter XSS

OABoard 1.0 Forum Script Remote File Inclusion
OABoard 1.0 Forum - Script Remote File Inclusion

InTouch 0.5.1 Alpha User Variable SQL Injection
InTouch 0.5.1 Alpha - User Variable SQL Injection
LinPHA 0.9.x/1.0 install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 sec_stage_install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 forth_stage_install.php language Variable POST Method Local File Inclusion
LinPHA 0.9.x/1.0 - install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - sec_stage_install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - forth_stage_install.php language Variable POST Method Local File Inclusion
Dotproject 2.0 /includes/db_connect.php baseDir Remote File Inclusion
Dotproject 2.0 /includes/session.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 - /includes/db_connect.php baseDir Remote File Inclusion
Dotproject 2.0 - /includes/session.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 /modules/public/calendar.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 /modules/public/date_format.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 - /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 - /modules/public/calendar.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 - /modules/public/date_format.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 - /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion
Web Host Automation Ltd. Helm 3.2.10 beta domains.asp txtDomainName Parameter XSS
Web Host Automation Ltd. Helm 3.2.10 beta default.asp Multiple Parameter XSS
Web Host Automation Ltd. Helm 3.2.10 beta - domains.asp txtDomainName Parameter XSS
Web Host Automation Ltd. Helm 3.2.10 beta - default.asp Multiple Parameter XSS

CutePHP CuteNews 1.4.1 Editnews Module Cross-Site Scripting
CutePHP CuteNews 1.4.1 Editnews Module - Cross-Site Scripting

RadScripts RadLance 7.0 Popup.php Local File Inclusion
RadScripts RadLance 7.0 - Popup.php Local File Inclusion
dotWidget for articles 2.0 showcatpicks.php file_path Parameter Remote File Inclusion
dotWidget for articles 2.0 showarticle.php file_path Parameter Remote File Inclusion
dotWidget for articles 2.0 admin/authors.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 admin/articles.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 admin/index.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 admin/categories.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 - showcatpicks.php file_path Parameter Remote File Inclusion
dotWidget for articles 2.0 - showarticle.php file_path Parameter Remote File Inclusion
dotWidget for articles 2.0 - admin/authors.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 - admin/articles.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 - admin/index.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 - admin/categories.php Multiple Parameter Remote File Inclusion

CrisoftRicette 1.0 Cookbook.php Remote File Inclusion
CrisoftRicette 1.0 - Cookbook.php Remote File Inclusion

MF Piadas 1.0 Admin.php Remote File Inclusion
MF Piadas 1.0 - Admin.php Remote File Inclusion

ExtCalendar 2.0 ExtCalendar.php Remote File Inclusion
ExtCalendar 2.0 - ExtCalendar.php Remote File Inclusion

Calendar Module 1.5.7 For Mambo Com_Calendar.php Remote File Inclusion
Calendar Module 1.5.7 For Mambo - Com_Calendar.php Remote File Inclusion

Lussumo Vanilla 1.0 RootDirectory Remote File Inclusion
Lussumo Vanilla 1.0 - RootDirectory Remote File Inclusion

Bosdates 3.x/4.0 Payment.php Remote File Inclusion
Bosdates 3.x/4.0 - Payment.php Remote File Inclusion

Liga Manager Online 2.0 Joomla! Component Remote File Inclusion
Liga Manager Online 2.0 Joomla! Component - Remote File Inclusion

Knusperleicht FAQ 1.0 Script Index.php Remote File Inclusion
Knusperleicht FAQ 1.0 Script - Index.php Remote File Inclusion

MyWebland miniBloggie 1.0 Fname Remote File Inclusion
MyWebland miniBloggie 1.0 - Fname Remote File Inclusion

PHP-Nuke 2.0 AutoHTML Module Local File Inclusion
PHP-Nuke 2.0 AutoHTML Module - Local File Inclusion

Reporter 1.0 Mambo Component Reporter.sql.php Remote File Inclusion
Reporter 1.0 Mambo Component - Reporter.sql.php Remote File Inclusion

Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Inclusion
Mambo Rssxt Component 1.0 - MosConfig_absolute_path Multiple Remote File Inclusion

Headline Portal Engine 0.x/1.0 HPEInc Parameter Multiple Remote File Inclusion
Headline Portal Engine 0.x/1.0 - HPEInc Parameter Multiple Remote File Inclusion

Mambo/Joomla Com_comprofiler 1.0 Plugin.class.php Remote File Inclusion
Mambo/Joomla Com_comprofiler 1.0 Plugin.- class.php Remote File Inclusion

PHP-Proxima 6.0 BB_Smilies.php Local File Inclusion
PHP-Proxima 6.0 - BB_Smilies.php Local File Inclusion

Hitweb 3.0 REP_CLASS Multiple Remote File Inclusion
Hitweb 3.0 - REP_CLASS Multiple Remote File Inclusion
php_news 2.0 user_user.php language Parameter Remote File Inclusion
php_news 2.0 admin/news.php language Parameter Remote File Inclusion
php_news 2.0 admin/catagory.php language Parameter Remote File Inclusion
php_news 2.0 creat_news_all.php language Parameter Remote File Inclusion
php_news 2.0 - user_user.php language Parameter Remote File Inclusion
php_news 2.0 - admin/news.php language Parameter Remote File Inclusion
php_news 2.0 - admin/catagory.php language Parameter Remote File Inclusion
php_news 2.0 - creat_news_all.php language Parameter Remote File Inclusion

CommunityPortals 1.0 Bug.php Remote File Inclusion
CommunityPortals 1.0 - Bug.php Remote File Inclusion

PHPTreeView 1.0 TreeViewClass.php Remote File Inclusion
PHPTreeView 1.0 - TreeViewClass.php Remote File Inclusion

NewP News Publishing System 1.0 Class.Database.php Remote File Inclusion
NewP News Publishing System 1.0 - Class.Database.php Remote File Inclusion

Boonex 2.0 Dolphin Index.php Remote File Inclusion
Boonex 2.0 Dolphin - Index.php Remote File Inclusion

Apple Mac OS X 10.4.8 UDIF Disk Image Remote Denial of Service
Apple Mac OS X 10.4.8 -UDIF Disk Image Remote Denial of Service

Apple Mac OS X 10.4.8 UDTO Disk Image Remote Denial of Service
Apple Mac OS X 10.4.8 - UDTO Disk Image Remote Denial of Service

eCardMAX HotEditor 4.0 Keyboard.php Local File Inclusion
eCardMAX HotEditor 4.0 - Keyboard.php Local File Inclusion

Comus 2.0 Accept.php Remote File Inclusion
Comus 2.0 - Accept.php Remote File Inclusion

Active PHP Bookmarks 1.0 APB.php Remote File Inclusion
Active PHP Bookmarks 1.0 - APB.php Remote File Inclusion

ABC Excel Parser Pro 4.0 Parser_Path Remote File Inclusion
ABC Excel Parser Pro 4.0 - Parser_Path Remote File Inclusion

PHP-Nuke 8.0 autohtml.php Local File Inclusion
PHP-Nuke 8.0 - autohtml.php Local File Inclusion

Drupal Ajax Checklist 5.x-1.0 Module Multiple SQL Injection
Drupal Ajax Checklist 5.x-1.0 Module - Multiple SQL Injection

EagleGet 1.1.8.1 - Denial of Service Exploit
EagleGet 1.1.8.1 - Denial of Service

Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection
Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module - SQL Injection

Jeebles Technology Jeebles Directory 2.9.60 Download.php Local File Inclusion
Jeebles Technology Jeebles Directory 2.9.60 - Download.php Local File Inclusion
CodeWidgets Web Based Alpha Tabbed Address Book Index.ASP SQL Injection
Phpbasic basicFramework 1.0 Includes.php Remote File Inclusion
CodeWidgets Web Based Alpha Tabbed Address Book - Index.ASP SQL Injection
Phpbasic basicFramework 1.0 - Includes.php Remote File Inclusion

Download Management 1.00 for PHP-Fusion Multiple Local File Inclusion
Download Management 1.00 for PHP-Fusion - Multiple Local File Inclusion

PlutoStatus Locator 1.0pre alpha 'index.php' Local File Inclusion
PlutoStatus Locator 1.0pre alpha - 'index.php' Local File Inclusion

Microsoft Internet Explorer 7/8 Beta 1 Frame Location Cross Domain Security Bypass
Microsoft Internet Explorer 7/8 Beta 1 - Frame Location Cross Domain Security Bypass

miniBB RSS 2.0 Plugin Multiple Remote File Inclusion
miniBB RSS 2.0 Plugin - Multiple Remote File Inclusion
phpKF-Portal 1.10 baslik.php tema_dizin Parameter Traversal Local File Inclusion
phpKF-Portal 1.10 anket_yonetim.php portal_ayarlarportal_dili Parameter Traversal Local File Inclusion
phpKF-Portal 1.10 - baslik.php tema_dizin Parameter Traversal Local File Inclusion
phpKF-Portal 1.10 - anket_yonetim.php portal_ayarlarportal_dili Parameter Traversal Local File Inclusion

Couchdb 1.5.0 - uuids DoS Exploit
Couchdb 1.5.0 - uuids Denial of Service

CuteNews 1.4.6 editnews Module doeditnews Action Admin Moderation Bypass
CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass

ZTE and TP-Link RomPager - DoS Exploit
ZTE and TP-Link RomPager - Denial of Service

C99Shell 1.0 pre-release buil 'Ch99.php' Cross-Site Scripting
C99Shell 1.0 pre-release build 16 - 'Ch99.php' Cross-Site Scripting

Percha Gallery Component 1.6 Beta for Joomla! index.php controller Parameter Traversal Arbitrary File Access
Percha Gallery Component 1.6 Beta for Joomla! - index.php controller Parameter Traversal Arbitrary File Access

log1 CMS 2.0 Session Handling Remote Security Bypass and Remote File Inclusion
log1 CMS 2.0 - Session Handling Remote Security Bypass / Remote File Inclusion

Miniwork Studio Canteen 1.0 Component for Joomla! SQL Injection and Local File Inclusion
Miniwork Studio Canteen 1.0 Component for Joomla! - SQL Injection / Local File Inclusion

CMS Made Simple Download Manager 1.4.1 Module Arbitrary File Upload
CMS Made Simple Download Manager 1.4.1 Module - Arbitrary File Upload

CMS Made Simple Antz Toolkit 1.02 Module Arbitrary File Upload
CMS Made Simple Antz Toolkit 1.02 Module - Arbitrary File Upload

TWiki 5.0 bin/view rev Parameter XSS
TWiki 5.0 - bin/view rev Parameter XSS

slickMsg 0.7-alpha 'top.php' Cross-Site Scripting
slickMsg 0.7-alpha - 'top.php' Cross-Site Scripting

Drupal CAPTCHA Module Security Bypass
Drupal CAPTCHA Module - Security Bypass

WordPress 4.0 - Denial of Service Exploit
WordPress 4.0 - Denial of Service

Cradlepoint MBR1400 and MBR1200 Local File Inclusion
Cradlepoint MBR1400 and MBR1200 - Local File Inclusion

mIRC 'projects.php' Cross-Site Scripting
mIRC - 'projects.php' Cross-Site Scripting

Apache 'mod_wsgi' Module Information Disclosure
Apache 'mod_wsgi' Module - Information Disclosure

Microsoft Windows 7 x64 - afd.sys Privilege Escalation (MS14-040)
Microsoft Windows 7 (x64) - afd.sys Privilege Escalation (MS14-040)
SIEMENS IP-Camera CVMS2025-IR_ CCMS2025 - Credentials Disclosure
Microsoft GDI+ - DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097)
Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)
Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overflow (MS16-097)
 2016-08-18 05:02:07 +00:00
Offensive Security
edb6b2e39f Merge branch 'g0tmi1k-searchsploit' 2016-08-17 16:35:08 +00:00
g0tmi1k
f2bad1410c SearchSploit version bump (v3.4) & Update for OSX support since #23 2016-08-17 17:31:09 +01:00
Offensive Security
1ee59272f8 Merge branch 'x62en-master' 2016-08-17 15:04:14 +00:00
Offensive Security
fe449aa010 Merge branch 'default_gitpath_to_script_dir' of https://github.com/cbrunnkvist/exploit-database 2016-08-17 14:42:03 +00:00