Whitepaper called Adobe Reader's Custom Memory Management: A Heap Of Trouble.
1ca66990a4d34dc7ac4eb9341396985d911c6f0afad2d4386e9f8b52dc992276
WHMCS Control suffers from a remote SQL injection vulnerability.
47fe91c334029232006355f39bce6b9c16e31c371edf741831002469fdf9d7fc
NCT Jobs Portal Script suffers from a cross site scripting vulnerability. It also suffers from a remote SQL injection vulnerability that allows for authentication bypass.
7fe5d69d5bf05bfc2a622dbf3942699d7f0bf328bad2e885b70497323168bef3
ZipWrangler version 1.20 SEH overwrite exploit that creates a malicious .zip file.
29f7dd7ad0c8b7b814ab450c0ac1bd3a7ceb95aaef19efa6ace9ed04c4ddc5c0
Hashdays 2010 Call For Papers - Hashdays is an international security technology and research conference which is preceded by several 2-day workshops delivering IT security training. The event features many international IT security experts sharing their deep technical knowledge in an open environment and takes place November 3rd to 6th, 2010 in Lucerne.
32a0e10bbfff19e76a2d6f9af283552a2a65f2322051bafb9dfb968ad8e9445e
HP Digital Imaging (hpodio08.dll) insecure method exploit.
d7abb4532a2c0fc0930b25af470ad742cd982d6fb1e12e2700ca431e98515d1d
27 bytes small setuid(0) ^ execve("/bin/sh", 0, 0) shellcode.
bc725e28e8a64631ad59b2098ef7c8fea440c0c8ed4a8fbb8fed438361746f39
Openpresse version 1.01 suffers from a local file inclusion vulnerability.
87fe63d7ff9b4c1864531a03b2899afbc7ea28f523341b181736b6831e044df8
Openplanning version 1.00 suffers from local file inclusion and remote file inclusion vulnerabilities.
d03315e2e2d3ec353424a59aa61d45a091b13d7b92fcd5555b9987f4d7580165
Openfoncier version 2.00 suffers from local file inclusion and remote file inclusion vulnerabilities.
c172882bb0fcdce6cbc536438393312d3e7e8e8e01bdb07c97a04915d2fc30fc
27 bytes small setreuid(0, 0) and execve("/bin/sh") shellcode.
0732c3a86d1f15b87fe5d154f77016499a306775e51a4749d0dc7e73c87b513b
NKInfoWeb suffers from a remote SQL injection vulnerability.
05e00195d5607e194df776f5c7ee0897291f32201ff5eb0523fc9c01caa9e425
CommView version 6.1 (build 636) suffers from a local denial of service vulnerability.
fa3e95eb2eee13656e06e0aa498a7f95c2e01e0766d9ca539cdfabe285f444f7
Memorial Web Site Script suffers from password reset and insecure cookie handling vulnerabilities.
760ef13c884034f144f3aa8a797f01be878b0fd0add4599eadc774e096738faa
Memorial Web Site Script suffers from arbitrary deletion vulnerabilities.
34df70ef7f3e332dedf0d10c15adb1e459312dee1c3fdf01c2cc20cad236c322
CommView version 6.1 (build 636) local denial of service exploit.
683751d3a51548067321ba0b482b1609c1c457682303e6d71eef5df9cf8747be
Debian Linux Security Advisory 2039-1 - It was discovered that Cacti, a frontend to rrdtool for monitoring systems and services missed input sanitising, making an SQL injection attack possible.
67725f0da189f4468427212a6ae29a56dc5cf0c8be16bf1862cdaa2e2694f088
EPay Enterprise version 4.13 suffers from a remote SQL injection vulnerability.
44bdc05e34f75889522cea22cd711d5f26f5f184e257063b716158d6b991584f
DataLife Engine version 6.9 suffers from a cross site scripting vulnerability via the Referer header.
834c22ffd4a6284859f5402db67eed9b0bf1d107fec82b95d45b50c33cce9285
Zero Day Initiative Advisory 10-078 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ZENworks Server (zenserver.exe). This Tomcat server listens by default on TCP ports 80 and 443. The vulnerability exists in the UploadServlet. Using the UploadServlet an attacker can upload a malicious file outside of the TEMP directory on the server. By accessing this uploaded file remotely it is executed in the context of the zenserver.exe process. This can be exploited to gain arbitrary code execution in the context of the user running the ZENworks server.
11c9411dcfafccd770058445c9f215256689e44ba7381a574691d4d2382efd2c
Mihao8 CMS suffers from cross site scripting vulnerabilities.
a37b5e00d6e38d139840f9c6d87b88698e0e37cebb1b17b7d9983182e16b3aef
Firebrand Technologies suffers from a local file inclusion vulnerability.
1e81045fc17688c5203ea154f25072f7a2f8cbb2e3d700d258da96b99d2e221c
29 bytes small setuid(0) and execve("/bin/sh",...) shellcode.
bf11caa3797eaf5b8e59dc0d530a61d2fc9afc1e6256a15d978aab04a9db9369
afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
3fbc00b9baf21d4e47916f9da5ebf3cad4f643b51f83c0d0862eb96cf85c07af
Mac OS X version 10.6.3 suffers from a HFS related denial of service vulnerability.
164e411db38aa88a7e22d17c8d7b70711b8105a1c5ddae787f697ee6ae07c1ab