oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. Linux and Windows binaries are included.
196a49145a9a65032b5a225b6d7fe9397b32670c984be1fa6e801a298e9d301d
Hashcat is a CPU hash cracking tool that supports multi-hash functionality and is multi-threaded. Linux and Windows binaries are included.
b12331b96592de8246e7b870d155e03f55fef7b9dd344dee58df68bc26a54e43
WordPress Plugin WP Forum Server version 1.6.5 suffers from a remote SQL injection vulnerability.
c7b1746f764a0391671ea7e4522b2b38265456d0acd3791d41efa7c1f4464db3
IWantOneButton version 3.0.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
8fd8e8fa93009892023e743b3a25ba12ae97c562da5fd08139ae584c24e4372c
ParsCMS B2B suffers from a remote SQL injection vulnerability.
6f70533153c76d2dda079a151a910e2fa31786f7504bc9cd8686cc1acc35c39a
Cumulus version 6.x-1.4 for Drupal suffers from a cross site scripting vulnerability.
478e693b6cccffc031dddae6f788629a2591fc16323430c9645de745ebea9ff3
Mandriva Linux Security Advisory 2011-037 - avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service via an empty IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
b4edc2d48e2b118b538b66c07b71c4376fd7f4b19f502be783b104e4065ba609
WordPress plugin Relevanssi User Searches version 2.7.2 suffers from a stored cross site scripting vulnerability.
76749fc499c98e9eac65ec4bb7effa27387d7bc7dfdddba9afb3483a0f68f2ea
WordPress plugin GigPress version 2.1.10 suffers from a stored cross site scripting vulnerability.
60271d96a706125046c8d70c43a6ff00813e622943ff4ae8ee8dbfffeb923397
Elecard MPEG Player version 5.7 local buffer overflow proof of concept exploit.
e924badb6b079b6080a73804ebae6bfddae61d8bb4d1cbcdd18b7b2f41db3392
Novell Netware RPC XNFS xdrDecodeString proof of concept exploit that demonstrates an arbitrary code execution vulnerability.
9bee9619b110c9cc533ba4115cbc37e05b3dbe59c286619fd9d13cdafbbc7aa2
HAM3D Shop Engine suffers from a shell upload vulnerability.
6318c2a143d9918aa40288bbde3ac5ca7ae4a971c150af9e2777bc6404188cf3
XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.
4de4d18fc0472010c5289b7c509270a9628d2883314d90de3888b92ee68106a0
Victory FTP Server version 5.0 suffers from a denial of service vulnerability.
2f4e7d0cb8bdc8833fb1515569b0b34f64fa4dabc9566239341f150a14418ed2
Alcassoft's Sophia CMS suffers from a remote SQL injection vulnerability.
f085174405a2b16007a5d25d4727564e551ebdbbce238d9b5aa14f7088764c35
iPhone PDF Reader Pro version 2.3 suffers from a directory traversal vulnerability.
02569250d98ac973880f7a0c81ec18308ea71d7ca1f8682ab0cc5361fd1e164d
iPhone Guitar suffers from a directory traversal vulnerability.
4d6bbf24558d8c444994bad35d232a50db125fb42a1cb34a6c171395a16db4c9
iPhone iShred version 1.93 suffers from a directory traversal vulnerability.
2672bdf8a12f0f6096e4749c6433401c5e9cc241b2079f7198e3fa31e50cdc1c
Share version 1.0 for iPhone / iPod Touch suffers from a directory traversal vulnerability.
daadc08c54015704e382a999abca47cf30b3fb00299067ebb97ca7bdae7ea6e4
myDBLite version 1.1.10 for iPhone / iPod Touch suffers from a directory traversal vulnerability.
7186c249ee35d25c27247d782e3fc67ac4109256f4cd1668a8019d5c933e4b99
iDocManager version 1.0.0 for iPhone / iPod Touch suffers from a directory traversal vulnerability.
747557963d406362ded08fd7a7cd6e6045df00ee0ff22a5081d5a7f51a930ac4
Filer Lite version 2.1.0 for iPhone / iPod Touch suffers from a directory traversal vulnerability.
417181ee090d1136ece6f7d559f43621f79a2b21d74ece66f574607edf73d160
Air Files version 2.6 for iPhone / iPod Touch suffers from a directory traversal vulnerability.
f9ca960901d7fbfb17004be3a2a7568d910d02bc12a3b78bfb0c0f6a7d1f9e3e
CBTArchitects.com suffers from a remote SQL injection vulnerability.
ca9a49eebee71c476041cbf434b4fc95088fbef23fddb14c26cc3b96c5f96699
Zero Day Initiative Advisory 11-093 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Internet Security Suite 2010. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the XMLSecDB ActiveX control which is installed with HIPSEngine component. SetXml and Save methods are implemented insecurely and can allow creation of an arbitrary file on the victim's system. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user.
0225620ac45d2c989d5b7c60785c597870130a1c9beb75e8bb6bb8a1d2bd2c7e