Clicker CMS suffers from a remote blind SQL injection vulnerability.
53aea5f301dea447bd0f5913090b5b594b7d6628bde172f9b26819d0ed7cfae8
The Joomla JE Story component version 1.4 suffers from a remote SQL injection vulnerability.
55fda917e4ea6621b9cfcc1503c63d18888a1c25867b2a48c9d48fe0d223c0f2
Simple Fuzzer is a simple fuzzer. It has two network modes of operation, an output mode for developing command line fuzzing scripts, as well as taking fuzzing strings from literals and building strings from sequences. It is built to fill a need - the need for a quickly configurable black box testing utility that does not require intimate knowledge of the inner workings of C or require specialized software rigs. The aim is to just provide a simple interface, clear inputs/outputs, and reusability.
7fcf7aee05ab2a2049ef8d39184286e639df7b34f15f5b6e43a24ec87d86dc8a
Web Wiz Guide suffers from a remote file inclusion vulnerability.
866cf7c625672092751430af640d3da34b008e36fb762c8ea1d095b1cdac3be2
195 bytes small Allwin WinExec cmd.exe and ExitProcess shellcode.
e8eb8a98115988394ca6de24d3d78c535fb29fe942b577d3ddd288bdf54a49ce
Zero Day Initiative Advisory 10-115 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AVM bytecode verifier. Specifically, the newFrameState method performs arithmetic when calculating the size of a stack frame. It implicitly trusts the max_scope and max_stack variables as obtained from the bytecode. By crafting specific values, the integer indicating the size of the frame can be made to overflow. This value is later used during memory copy operations which an attacker can influence to gain arbitrary code execution under the context of the user running the browser.
139e76865c566f8d4bd7f23f54fbaf8173ed164ea7d438acc9c3348fae886f55
Zero Day Initiative Advisory 10-114 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required in that a target must visit a malicious web page. The specific vulnerability exists within the parsing of an undocumented opcode within Adobe's ActionScript Virtual Machine 2 bytecode. The operand to this opcode is used as an offset to a structure and if set to a malicious value can be pointed to attacker controlled data. The structure contains a function pointer that is later called. If an attacker modifies the controlled data pointed to by the invalid offset, this function pointer can be set to point to malicious code thus gaining execution under the context of the user running the browser.
bc523bf97a29c0519e786f3f7ff150ec48db8fe0ec2c26715708d5e08820be3f
ASRC Really Chat version 3.3 suffers from cross site scripting and remote file inclusion vulnerabilities.
2d8b92762790672e65568ce3dbe44be5682e1357d3c46d68ceb309e9dd419e1a
2daybiz B2B Portal Script suffers from a remote SQL injection vulnerability.
f21c22f477dd5406504394bc12292d7f4280c443a3329bd68c146b0eebb58ed3
Simple Machines Forum version 1.1.11 suffers from a remote administrative password changing vulnerability.
2728719224d039cf9a9a9eb0c582fd3458662bdaf3fdd638178b573e4d2809b3
Allomani and Clips version 2.7.0 suffers from a cross site request forgery vulnerability.
770f3cca312c9180eb770cb5d3eba54d2ee457fbb84051f94183756c7f826034
FieldNotes 32 version 5.0 SEH overwrite local exploit that produces a malicious .dxf file.
f75c21baa55aab7b4a56e64265927e5c83a13dfe8d7b75f74e3384b105fabf2d
VMware Security Advisory - Multiple security vulnerabilities have been addressed in the ESX 3.5 third party update for Service Console kernel.
aa1a26637b1e580254f4bbb305140b8c04268ad3825842369f0d59c42358231a
HP Security Bulletin - Potential security vulnerabilities have been identified on HP-UX running Kerberos. These vulnerabilities could be exploited by remote unauthenticated users to create a Denial of Service (DoS) or to execute arbitrary code.
74962b06b4a33ce0a59c0eac814963277e24f8113b42042b84eecfd2ac0c3973
Cisco Adaptive Security Appliance (ASA) is vulnerable to HTTP response splitting caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim?s web browser within the security context of the Adaptive Security Appliance site. Versions 8.1(1) and earlier are affected.
3064d44bee1b7468da72c1186ac4343d80636c9c5e6f3943f1d2992b6d3100b1
Geomau 7 .wg2 local buffer overflow proof of concept exploit.
2f39bfb7dae3475663d63ece63cce9d2d32d173cdbaf300971c8f48d9a9effc9
THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.
1feae3b40bec40fb79876c35a511b5cb596fdef9ebe443b049104963156dde91
Wincalc 2 .num local buffer overflow proof of concept exploit.
44b63ce263198b0ebb00b88643c8dcee37b44f8b7464701659bc6a8c5fb4ac85
Big Forum version 5.2 suffers from local file inclusion and shell upload vulnerabilities.
5b7303c4822a22c842f844bc09abef70c6b23363fda5ea6748fef2983e191671
40 bytes small sys_rmdir("/") Linux / x86 polymorphic shellcode.
eca5aca59dac15b0821be80cb2a5b864977ed5c5d6cc446883dbfe9cbd55dc78
16 bytes small delete all data on filesystem Linux / x86 shellcode.
afd825b68c8dbcf1b142e9fbba04c8f2151522ffee1307067fd466ef99a5b81d
2daybiz B2B Portal Script suffers from a remote SQL injection vulnerability.
671c4a5b26f146435b51df429b7f693f13648271cc5622292eca0bea66718f26
BPTraveling Site suffers from a remote SQL injection vulnerability.
eb90638fcffba6478b8a2422745f52f345f0e815665bc096e49887c7ec8ffc7a
XT-Commerce version 3.0.4 remote SQL injection exploit.
1cdcb2f02c42cc0deaffc029a7ac12bdf79ac5f32d3d5853516f5769bc4144aa