- evCal Events Calendar Database Disclosure Vulnerability
- MyCal Personal Events Calendar (mycal.mdb) Database Disclosure Vuln
- eZ Publish 3.9.0/3.9.5/3.10.1 Command Execution Exploit (admin req)
- PhpAddEdit 1.3 (Cookie) Login Bypass Vulnerability
- phpAddEdit 1.3 (editform) Local File Inclusion Vulnerability
- CF_Forum Blind SQL Injection Vulnerability
- CFMBLOG (index.cfm categorynbr) Blind SQL Injection Vulnerability
- CF_Auction (forummessage) Blind SQL Injection Vulnerability
- CF_Calendar (calendarevent.cfm) Remote SQL Injection Vulnerabilty
- CF SHOPKART 5.2.2 (SQL/DD) Multiple Remote Vulnerabilities
- Butterfly Organizer 2.0.1 (view.php id) SQL Injection Vulnerability
- MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista)
- Living Local 1.1 (XSS-RFU) Multiple Remote Vulnerabilities
- Pro Chat Rooms 3.0.2 (XSS/CSRF) Multiple Vulnerabilities
- Webmaster Marketplace (member.php u) SQL Injection Vulnerability
- eZ Publish < 3.9.5/3.10.1/4.0.1 Privilege Escalation Exploit
- HTMPL 1.11 (htmpl_admin.cgi help) Command Execution Vulnerability
- Linux Kernel 2.6.27.8 ATMSVC Local Denial of Service Exploit
- MS Internet Explorer XML Parsing Remote Buffer Overflow Exploit
- Vinagre < 2.24.2 show_error() Remote Format String PoC
- EasyMail ActiveX (emmailstore.dll 6.5.0.3) Buffer Overflow Exploit
- PHP Multiple Newsletters 2.7 (LFI/XSS) Multiple Vulnerabilities
- PHPmyGallery 1.5beta (common-tpl-vars.php) LFI/RFI Vulnerabilities
- PostEcards (SQL/DD) Multiple Remote Vulnerabilities
- ProQuiz 1.0 (Auth Bypass) SQL Injection Vulnerability
- Netref 4.0 Multiple Remote SQL Injection Vulnerabilities
- Peel Shopping 3.1 (index.php rubid) SQL Injection Vulnerability
- PHP safe_mode can be bypassed via proc_open() and custom environment
- Poll Pro 2.0 (Auth Bypass) Remote SQL Injection Vulnerability
- PHPmyGallery 1.0beta2 (RFI/LFI) Multiple Remote Vulnerabilities
- Professional Download Assistant 0.1 (Auth Bypass) SQL Injection Vuln
- DD-WRT v24-sp1 (XSRF) Cross Site Reference Forgery Exploit
- WebCAF 1.4 (LFI/RCE) Multiple Remote Vulnerabilities
- Neostrada Livebox Router Remote Network Down PoC Exploit
- phpBB 3 (Mod Tag Board 4) Remote Blind SQL Injection Exploit
- Secure Downloads v2.0.0r for vBulletin SQL Injection Vulnerability
- phpMyAdmin 3.1.0 (XSRF) SQL Injection Vulnerability
- Simple Directory Listing 2 Cross Site File Upload Vulnerability
- XAMPP 1.6.8 (XSRF) Change Administrative Password Exploit
- SIU Guarani Multiple Remote Vulnerabilities
- MG2 0.5.1 (filename) Remote Code Execution Vulnerability
- XOOPS 2.3.1 Multiple Local File Inclusion Vulnerabilities
- ASP Talk (SQL/CSS) Multiple Remote Vulnerabilities
- PHPmyGallery Gold 1.51 (index.php) Directory Traversal Vulnerability
- QMail Mailing List Manager 1.2 Database Disclosure Vulnerability
- Mini-CMS 1.0.1 (index.php) Multiple Local File Inclusion Vulnerabilities
- Mini Blog 1.0.1 (index.php) Multiple Local File Inclusion Vulnerabilities
- ASPManage Banners (RFU/DD) Multiple Remote Vulnerabilities
- Ikon AdManager 2.1 Remote Database Disclosure Vulnerability
- Professional Download Assistant 0.1 Database Disclosure Vulnerability
- NatterChat 1.12 (natterchat112.mdb) Database Disclosure Vulnerability
- Product Sale Framework 0.1b (forum_topic_id) SQL Injection Vulnerability
- PayPal eStore Admin Password Changing Exploit
- Bonza Cart 1.10 Admin Password Changing Exploit
- DL PayCart 1.34 Admin Password Changing Exploit
- IPNPro3 1.44 Admin Password Changing Exploit
- w3blabor CMS 3.0.5 Arbitrary File Upload & LFI Exploit
- phpPgAdmin 4.2.1 (_language) Local File Inclusion Vulnerability
- DesignWorks Professional 4.3.1 Local .CCT File Stack BOF PoC
- ASP AutoDealer Remote Database Disclosure Vulnerability
- ASP PORTAL (xportal.mdb) Remote Database Disclosure Vulnerability
- ASP Ticker (news.mdb) Remote Database Disclosure Vulnerability
- Visagesoft eXPert PDF EditorX (VSPDFEditorX.ocx) Insecure Method
- ASP AutoDealer (SQL/DD) Multiple Remote Vulnerabilities
- ASP PORTAL Multiple Remote SQL Injection Vulnerabilities
- NULL FTP Server 1.1.0.7 SITE Parameters Command Injection Vuln
- Cold BBS (cforum.mdb) Remote Database Disclosure Vulnerability
- Tizag Countdown Creator .v.3 Insecure Upload Vulnerability
- Merlix Teamworx Server (DD/Bypass) Multiple Remote Vulns
- RankEm (rankup.asp siteID) Remote SQL Injection Vulnerability
- RankEm (auth bypass) Remote SQL Injection Vulnerability
- NightFall Personal Diary 1.0 (XSS/DD) Multiple Remote Vulnerabilities
- Merlix Educate Servert (Bypass/DD) Multiple Remote Vulnerabilities
- Multiple Membership Script 2.5 (id) SQL Injection Vulnerability
- PEiD 0.92 Malformed PE File Universal Buffer Overflow Exploit
- BNCwi 1.04 Local File Inclusion Vulnerability
- Gravity GTD 0.4.5 (rpc.php objectname) LFI/RCE Vulnerability
- lcxbbportal 0.1 Alpha 2 Remote File Inclusion Vulnerability
- My Simple Forum 3.0 (index.php action) Local File Inclusion Vulnerability
- Joomla Component mydyngallery 1.4.2 (directory) SQL Injection Vuln
- Easy News Content Management (News.mdb) Database Disclosure Vuln
- Template Creature (SQL/DD) Multiple Remote Vulnerabilities
- User Engine Lite ASP (users.mdb) Database Disclosure Vulnerability
- Wbstreet v.1.0 (SQL/DD) Multiple Remote Vulnerabilities
- ccTiddly 1.7.4 (cct_base) Multiple Remote File Inclusion Vulnerabilities
- Multi SEO phpBB 1.1.0 (pfad) Remote File Inclusion Vulnerability
- RadAsm 2.2.1.4 (.RAP File) WindowCallProcA Pointer Hijack Exploit
- ASP User Engine .NET Remote Database Disclosure Vulnerability
- Rae Media Contact MS (Auth Bypass) SQL Injection Vulnerability
- Joomla Component com_jmovies 1.1 (id) SQL Injection Exploit
- ClamAV < 0.94.2 (JPG File) Stack Overflow PoC
- Check New 4.52 (findoffice.php search) Remote SQL Injection Exploit
- Cain & Abel 4.9.23 (rdp file) Buffer overflow Exploit
- Calendar MX Professional 2.0.0 Blind SQL Injection Vulnerability
- Gallery MX 2.0.0 (pics_pre.asp ID) Blind SQL Injection Vulnerability
- Codefixer MailingListPro (MailingList.mdb) Database Disclosure Vuln
- Rapid Classified 3.1 (cldb.mdb) Database Disclosure Vulnerability
- CMS MAXSITE Component Guestbook Remote Command Execution Exploit
- SunByte e-Flower (id) Remote SQL Injection Vulnerability
- Ocean12 Mailing List Manager Gold (DD/SQL/XSS) Vulnerabilities
- PacPoll 4.0 (poll.mdb/poll97.mdb) Database Disclosure Vulnerability
- bcoos 1.0.13 (viewcat.php cid) Remote SQL Injection Exploit
- Maxum Rumpus 6.0 Multiple Remote Buffer Overflow Vulnerabilities
- E.Z. Poll v.2 (Auth Bypass) Remote SQL Injection Vulnerability
- ASPPortal 3.2.5 (ASPPortal.mdb) Database Disclosure Vulnreability
- Debian GNU/Linux group utmp to root Privilege Escalation PoC
- Andy's PHP Knowledgebase 0.92.9 Arbitrary File Upload Vulnerability
- z1exchange 1.0 (edit.php site) Remote SQL Injection Vulnerability
- Broadcast Machine 0.1 Multiple Remote File Inclusion Vulnerabilities
- Cain & Abel v4.9.24 .RDP Stack Overflow Exploit
- cpCommerce 1.2.6 (URL Rewrite) Input variable overwrite / Auth bypass PoC
- Electronics Workbench (EWB File) Local Stack Overflow PoC
- Minimal Ablog 0.4 (SQL/FU/Bypass) Multiple Remote Vulnerabilities
- KTP Computer Customer Database CMS Local File Inclusion Vulnerability
- KTP Computer Customer Database CMS Blind SQL Injection Vulnerability
- Quick Tree View .NET 3.1 (qtv.mdb) Database Disclosure Vulnerability
- Active Business Directory v 2 Remote blind SQL Injection Vulnerability
- Active Time Billing 3.2 (Auth Bypass) SQL Injection Vulnerability
- Cain & Abel 4.9.23 (rdp file) Buffer Overflow PoC
- Active Price Comparison v 4 (ProductID) Blind SQL Injection Vulnerability
- Active Photo Gallery 6.2 (Auth Bypass) SQL Injection Vulnerability
- Active Web Helpdesk v 2 (CategoryID) Blind SQL Injection Vulnerability
- Itunes 8.0.2.20/Quicktime 7.5.5 (.mov File) Multiple Off By Overflow PoC
- Active Test 2.1 (QuizID) Blind SQL Injection Vulnerability
- Active Bids 3.5 (ItemID) Blind SQL Injection Vulnerability
- OpenForum 0.66 Beta Remote Reset Admin Password Exploit
- ASPThai.NET Forum 8.5 Remote Database Disclosure Vulnerability
- Active Web Helpdesk v 2 (Auth Bypass) SQL Injection Vulnerability
- Lito Lite CMS (cate.php cid) Remote SQL Injection Exploit
- Active Web Mail v 4 Blind SQL Injection Vulnerability
- OraMon 2.0.1 Remote Config File Disclosure Vulnerability
- ActiveVotes 2.2 (AccountID) Blind SQL Injection Vulnerability
- CMS Made Simple 1.4.1 Local File Inclusion Vulnerability
- PHP TV Portal 2.0 (index.php mid) SQL Injection Vulnerability
- Active Price Comparison 4 (Auth Bypass) SQL Injection Vulnerability
- Active Trade 2 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Web Mail v 4 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Newsletter 4.3 (Auth Bypass) Remote SQL Injection Vulnerability
- eWebquiz v 8 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Membership v 2 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Websurvey 9.1 (Auth Bypass) Remote SQL Injection Vulnerability
- Active Test 2.1 (Auth Bypass) Remote SQL Injection Vulnerability
- ActiveVotes 2.2 (Auth Bypass) Remote SQL Injection Vulnerability
- ReVou Twitter Clone (Auth Bypass) SQL Injection Vulnerability
- Ocean12 FAQ Manager Pro (ID) Blind SQL Injection Vulnerabillity
- CMS little (index.php term) Remote SQL Injection Exploit
- Bluo CMS 1.2 (index.php id) Blind SQL Injection Vulnerability
- SailPlanner 0.3a (Auth Bypass) SQL Injection Vulnerability
- Apache Tomcat untime.getRuntime().exec() Privilege Escalation (win)
- Web Calendar System 3.40 (XSS/SQL) Multiple Remote Vulnerabilities
- All Club CMS 0.0.2 Remote DB Config Retrieve Exploit
- Booking Centre 2.01 (Auth Bypass) SQL Injection Vulnerability
- Microsoft Office Communicator (SIP) Remote Denial of Service Exploit
- Basic PHP CMS (index.php id) Blind SQL Injection Vulnerability
- BaSiC-CMS (acm2000.mdb) Remote Database Disclosure Vulnerability
- Ocean12 FAQ Manager Pro Database Disclosure Vulnerability
- Comersus ASP Shopping Cart (DD/XSS) Multiple Remote Vulnerabilities
- BaSiC-CMS (index.php r) Remote SQL Injection Vulnerability
- Turnkey Arcade Script (id) Remote SQL Injection Vulnerability
- PageTree CMS 0.0.2 BETA 0001 Remote File Inclusion Vulnerability
- Ocean12 Membership Manager Pro (Auth Bypass) SQL Injection Vuln
- Booking Centre 2.01 (HotelID) Remote SQL Injection Vulnerability
- Web Calendar 4.1 (Auth Bypass) SQL Injection Vulnerability
- Star Articles 6.0 Remote File Upload Vulnerability
- RakhiSoftware Shopping Cart (subcategory_id) SQL Injection Vulnerability
- i.Scribe SMTP Client 2.00b (wscanf) Remote Format String PoC
- Family Project 2.x (Auth Bypass) SQL Injection Vulnerability
- Ocean12 Calendar Manager Gold Database Disclosure Vulnerability
- Ocean12 Poll Manager Pro Database Disclosure Vulnerability
- Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities
- Ocean12 Membership Manager Pro Database Disclosure Vulnerability
- TxtBlog (index.php m) Local File Inclusion Vulnerability
- Web Calendar System 3.12/3.30 Multiple Remote Vulnerabilities
- Star Articles 6.0 Remote Blind SQL Injection exploit
- Star Articles 6.0 Remote Blind SQL Injection Vulnerability
- ParsBlogger (blog.asp wr) Remote SQL Injection Vulnerability
- Post Affiliate Pro v.3 (umprof_status) Blind SQL Injection Vulnerability
- CMS Ortus 1.13 Remote SQL Injection Vulnerability
- WebStudio CMS (pageid) Remote Blind SQL Injection Vuln (mil mixup)
- LoveCMS 1.6.2 Final (Download Manager 1.0) File Upload Exploit
- VideoGirls BiZ (view_snaps.php type) Blind SQL Injection Vulnerability
- Jamit Job Board 3.4.10 (show_emp) Blind SQL Injection Vulnerability
- SimpleBlog 3.0 (simpleBlog.mdb) Database Disclosure Vulnerability
- fuzzylime cms 3.03 (track.php p) Local File Inclusion Vulnerability
- Clean CMS 1.5 (full_txt.php id) Blind SQL Injection Exploit
- FAQ Manager 1.2 (config_path) Remote File Inclusion Vulnerability
- Clean CMS 1.5 (Blind SQL Injection/XSS) Multiple Remote Vulnerabilities
- Chipmunk Topsites (Auth Bypass/XSS) Multiple Remote Vulnerabilities
- Google Chrome Browser MetaCharacter URI Obfuscation Vulnerability
- Pie Web M{a,e}sher Mod Rss 0.1 Remote File Inclusion Vulnerability
- FAQ Manager 1.2 (categorie.php cat_id) SQL Injection Vulnerability
- WebStudio eCatalogue (pageid) Blind SQL Injection Vulnerability
- WebStudio eHotel (pageid) Blind SQL Injection Vulnerability
- Siemens C450IP/C475IP Remote Denial of Service Vulnerability
- Pie Web M{a,e}sher 0.5.3 Multiple Remote File Inclusion Vulnerability
- Quicksilver Forums 1.4.2 RCE Exploit (windows only)
- Nitrotech 0.0.3a (RFI/SQL) Multiple Remote Vulnerabilities
- Total Video Player (vcen.dll) Remote off by one Crash Exploit
- WebStudio CMS (index.php pageid) Blind SQL Injection Vulnerability
- Bandwebsite 1.5 (SQL/XSS) Multiple Remote Vulnerabilities
- FTPzik (XSS/LFI) Multiple Remote Vulnerabilities
- Goople Cms 1.7 Arbitrary Code Execution Vulnerability
- VideoScript 3.0 4.0.1.50 Official Shell Injection Exploit
- VideoScript 3.0 4.1.5.55 Unofficial Shell Injection Exploit
- W3C Amaya 10.1 Web Browser (id) Remote Stack Overflow PoC
- W3C Amaya 10.1 Web Browser (URL Bar) Remote Stack Overflow PoC
- NetArtMedia Real Estate Portal 1.2 (ad_id) SQL Injection Vuln
- Nero ShowTime 5.0.15.0 m3u Playlist File Remote Buffer Overflow PoC
- PHP Classifieds Script Remote Database Disclosure Vulnerability
- MauryCMS 0.53.2 (fckeditor) Remote Arbitrary File Upload Vuln
- MODx CMS 0.9.6.2 (RFI/XSS) Multiple Remote Vulnerabilities
- Goople Cms 1.7 Insecure Cookie Handling Vulnerability
- PG Roomate Finder Solution (Auth Bypass) SQL Injection Vulnerability
- PG Real Estate (Auth Bypass) SQL Injection Vulnerability
- NetArtMedia Blog System (image.php id) SQL Injection Vulnerability
- PG Job Site (poll_view_id) Blind SQL Injection Vulnerability
- NetArtMedia Cars Portal 2.0 (image.php id) SQL Injection Vulnerability
- Goople Cms 1.7 Remote File Upload Vulnerability
- Microsoft XML Core Services DTD Cross-Domain Scripting PoC MS08-069
- turnkeyforms Host Directory (id) SQL Injection Vulnerability
- getaphpsite Real Estate Remote File Upload Vulnerability
- getaphpsite Auto Dealers Remote File Upload Vulnerability
- Ez Ringtone Manager Multiple Remote File Disclosure Vulnerabilities
- LoveCMS 1.6.2 Final (Simple Forum 3.1d) Change Admin Password Exploit
- Vlog System 1.1 (blog.php user) Remote SQL Injection Vulnerability
- Discuz! Remote Reset User Password Exploit
- e107 Plugin ZoGo-Shop 1.15.4 (product) SQL Injection Vulnerability
- verlihub 0.9.8d-RC2 Remote Command Execution Vulnerability
- Joomla Component Thyme 1.0 (event) SQL Injection Vulnerability
- KVIrc 3.4.2 Shiny (uri handler) Remote Command Execution Exploit
- VCalendar (VCalendar.mdb) Remote Database Disclosure Vulnerability
- BitDefender (module pdf.xmd) Infinite Loop Denial of Service PoC
- NatterChat 1.1 Remote Admin Bypass Vulnerability
- Oracle Database Vault ptrace(2) Privilege Escalation Exploit
- Natterchat 1.12 (Auth Bypass) Remote SQL Injection Vulnerability
- ToursManager (tourview.php tourid) Blind SQL Injection Vulnerability
- PHP-Fusion 7.00.1 (messages.php) Remote SQL Injection Exploit
- vBulletin 3.7.3 Visitor Message XSS/XSRF + worm Exploit
- NatterChat 1.1 (Auth Bypass) Remote SQL Injection Vulnerability
- PHP 5.2.6 (error_log) safe_mode Bypass Vulnerability
- wPortfolio 0.3 Admin Password Changing Exploit
- PunBB Mod PunPortal 0.1 Local File Inclusion Exploit
- Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit
- AskPert (Auth bypass) Remote SQL Injection Vulnerability
- Pre Job Board (Auth Bypass) Remote SQL Injection Vulnerability
- wPortfolio 0.3 Remote Arbitrary File Upload Exploit
- RevSense (Auth bypass) Remote SQL Injection Vulnerability
- MauryCMS 0.53.2 Remote Shell Upload Exploit
- MyTopix 1.3.0 (notes send) Remote SQL Injection Exploit
- PunBB (Private Messaging System 1.2.x) Multiple LFI Exploit