- MemHT Portal 4.0 Remote Code Execution Exploit
- Anti-Keylogger Elite 3.3.0 (AKEProtect.sys) Privilege Escalation Exploit
- SpeedStream 5200 Authentication Bypass Config Download Vulnerability
- Myiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability
- Domain Seller Pro 1.5 (id) Remote SQL Injection Vulnerability
- VLC Media Player < 0.9.6 .RT Stack Buffer Overflow Exploit
- E-topbiz Number Links 1 (id) Remote SQL Injection Vulnerability
- Mini Web Calendar 1.2 (File Disclosure/XSS) Multiple Vulnerabilities
- E-topbiz Online Store 1 (cat_id) SQL Injection Vulnerability
- DeltaScripts PHP Classifieds 7.5 SQL Injection Vulnerability
- MyioSoft EasyCalendar (Auth Bypass) Remote SQL Injection Vulnerability
- MyioSoft EasyBookMarker (Auth Bypass) SQL Injection Vulnerability
- MyioSoft Ajax Portal 3.0 (Auth Bypass) QL Injection Vulnerability
- Mole Group Rental Script (Auth Bypass) SQL Injection Vuln
- PHP Auto Listings Script (Auth Bypass) SQL Injection Vuln
- Joomla Component Recly!Competitions 1.0.0 Multiple RFI Vulnerabilities
- Joomla Component Feederator 1.0.5 Multiple RFI Vulnerabilities
- E-topbiz Online Store 1 (Auth Bypass) SQL Injection Vuln
- Joomla Component Clickheat 1.0.1 Multiple RFI Vulnerabilities
- E-topbiz Domain Shop v2.0 (Auth Bypass) SQL Injection Vulnerability
- E-topbiz Slide Popups 1.0 (Auth Bypass) SQL Injection Vuln
- turnkeyforms Local Classifieds (XSS/SQL) Multiple Vulnerabilities
- U&M Software Event Lister 1.0 Auth Bypass Vulnerability
- U&M Software JustBookIt 1.0 Auth Bypass Vulnerability
- U&M Software Signup 1.1 Auth Bypass Vulnerability
- e-Vision CMS 2.0.2 Multiple Local File Inclusion Exploit
- Mole Group Pizza (manufacturers_id) Script SQL Injection Vuln
- turnkeyforms Business Survey Pro 1.0 (id) SQL Injection Vuln
- turnkeyforms Entertainment Portal 2.0 Insecure Cookie Handling Vuln
- turnkeyforms Software Directory (XSS/SQL) Multiple Vulnerabilities
- SoftComplex PHP Image Gallery (ctg) SQL Injection Vulnerability
- DeltaScripts PHP Classifieds 7.5 (Auth Bypass) SQL Injection Vuln
- DeltaScripts PHP Links 1.3 (Auth Bypass) SQL Injection Vuln
- DeltaScripts PHP Shop 1.0 (Auth Bypass) SQL Injection Vulnerability
- LoveCMS 1.6.2 Final Arbitrary File Delete Vulnerability
- SoftComplex PHP Image Gallery 1.0 (Auth Bypass) SQL Injection Vuln
- MySQL Quick Admin 1.5.5 Local File Inclusion Vulnerability
- Arab Portal 2.1 Remote File Disclosure Vulnerability (win only)
- NICE FAQ Script (Auth Bypass) SQL Injection Vulnerability
- DevelopItEasy Membership System 1.3 (Auth Bypass) SQL Injection
- DevelopItEasy Photo Gallery 1.2 SQL Injection Vulnerabilities
- Pre ADS Portal 2.0 (Auth Bypass/XSS) Multiple Vulnerabilities
- hMAilServer 4.4.2 (PHPWebAdmin) File Inclusion Vulnerabilities
- DevelopItEasy Events Calendar 1.2 Multiple SQL Injection Vulnerabilities
- DevelopItEasy News And Article System 1.4 SQL Injection Vulns
- Adobe Reader util.printf() JavaScript Function Stack Overflow Exploit #2
- HarlandScripts drinks (recid) Remote SQL Injection Velnerability
- Pre Real Estate Listings (Auth Bypass) SQL Injection Vulnerability
- Mole Group Airline Ticket Script SQL Injection Vulnerability
- Mole Group Taxi Calc Dist Script (Auth Bypass) SQL Injection Vuln
- Simple Machines Forum 1.1.6 (LFI) Code Execution Exploit
- Pre Simple CMS (Auth Bypass) SQL Injection Vulnerability
- PHP JOBWEBSITE PRO (Auth Bypass) SQL Injection Vulnerability
- DFLabs PTK 0.2 Local Command Execution Vulnerability
- Joomla Component Dada Mail Manager 2.6 RFI Vulnerability
- PHP Auto Listings (moreinfo.php pg) SQL Injection Vulnerability
- Pre Classified Listings Insecure Cookie Handling Vulnerability
- Pre Multi-Vendor Shopping Malls Multiple Remote Vulnerabilities
- Pre Shopping Mall Insecure Cookie Handling Vulnerability
- Pre Podcast Portal (Tour.php id) SQL Injection Vulnerability
- PHPX 3.5.16 (news_id) Remote SQL Injection Exploit
- phpBB Mod Small ShoutBox 1.4 Remote Edit/Delete Messages Vuln
- Adobe Reader / Acrobat 8.1.2 Code Execution Exploit (APSB08-19)
- Simple Machines Forum (SMF) 1.1.6 Remote Code Execution Exploit
- wotw 5.0 Local/Remote File Inclusion Vulnerability
- TR News 2.1 (login.php) Remote Login Bypass Exploit
- nicLOR Sito includefile Local File Inclusion Vulnerabilities
- WEBBDOMAIN Post Cart 1.02 (SQL Injection) Auth Bypass Vuln
- Tours Manager v1 (cityview.php cityid) SQL Injection Vulnerability
- WEBBDOMAIN Webshop 1.02 (SQL Injection) Auth Bypass Vuln
- Simple Document Management System 1.1.4 SQL Injection Auth Bypass
- WEBBDOMAIN Quiz 1.02 (Auth Bypass) SQL Injection Vulnerability
- WEBBDOMAIN Polls 1.01 (SQL Injection) Auth Bypass Vulnerability
- WEBBDOMAIN Petition 1.02/2.0/3.0 (SQL Injection) Auth Bypass Vuln
- CMS-School 2005 (showarticle.php) Remote SQL injection Vulnerability
- Vibro-School-CMS (nID) Remote SQL injection Vulnerability
- nicLOR Puglia Landscape (id) Local File Inclusion Vulnerability
- Joomla Component ProDesk 1.0/1.2 Local File Inclusion Vulnerability
- Vibro-CMS Multiple Remote SQL Injection Vulnerabilities
- WEBBDOMAIN Post Cart 1.02 (catid) SQL Injection Vulnerability
- Joomla Component ongumatimesheet20 4b Remote File Inclusion Vulnerability
- Joomla Component VirtueMart Google Base 1.1 RFI Vulnerability
- Multi Languages WebShop Online 1.02 (SQL/XSS) Multiple Vulnerabilities
- TBmnetCMS 1.0 (index.php content) Local File Inclusion Vulnerability
- pppBlog 0.3.11 (randompic.php) File Disclosure Vulnerability
- Agavi 1.0.0 beta 5 (cmplang) Remote File Disclosure Vulnerability
- MatPo Link 1.2b (Blind SQL Injection/XSS) Multiple Vulnerabilities
- Acc Autos 4.0 Insecure Cookie Handling Vulnerability
- Apoll 0.7b (SQL Injection) Remote Auth Bypass Vulnerability
- MatPo Link 1.2b (view.php id) Remote SQL Injection Vulnerability
- Acc Statistics 1.1Insecure Cookie Handling Vulnerability
- Acc PHP eMail 1.1Insecure Cookie Handling Vulnerability
- Chilkat Crypt Activex Arbitrary File Creation/Execution PoC
- Acc Real Estate 4.0 Insecure Cookie Handling Vulnerability
- BosDev BosClassifieds (cat_id) SQL Injection Vulnerability
- deV!Lz Clanportal [DZCP] 1.4.9.6 Blind SQL Injection Exploit
- 1st News (products.php id) Remote SQL Injection Vulnerability
- Chipmunk CMS (reguser.php) Add Admin Exploit (html)
- Maran PHP Shop (prodshow.php) SQL Injection Vulnerability
- NetRisk 2.0 (XSS/SQL Injection) Remote Vulnerabilities
- Apartment Search Script (RFU/XSS) Multiple Remote Vulnerabilities
- Joovili 3.1.4 Insecure Cookie Handling Vulnerability
- Maran PHP Shop (admin.php) Insecure Cookie Handling Vulnerability
- Maran PHP Shop (prod.php cat) SQL Injection Vulnerability
- YourFreeWorld Shopping Cart (index.php c) Blind SQL Injection Vuln
- Downline Goldmine newdownlinebuilder (tr.php id) SQL Injection Vuln
- Downline Goldmine paidversion (tr.php id) SQL Injection Vulnerability
- YourFreeWorld URL Rotator (id) Remote SQL Injection Vulnerability
- YourFreeWorld Classifieds Hosting (id) SQL Injection Vulnerability
- Downline Goldmine Category Addon (id) SQL Injection Vulnerability
- Downline Goldmine Builder (tr.php id) Remote SQL Injection Vulnerability
- YourFreeWorld Classifieds (category) Remote SQL Injection Vulnerability
- YourFreeWorld Reminder Service (id) SQL Injection Vulnerability
- YourFreeWorld Scrolling Text Ads (id) SQL Injection Vulnerability
- YourFreeWorld Viral Marketing (id) SQL Injection Vulnerability
- YourFreeWorld Short Url & Url Tracker (id) SQL Injection Vuln
- YourFreeWorld Forced Matrix Script (id) SQL Injection Vulnerability
- YourFreeWorld Classifieds Blaster (id) SQL Injection Vulnerability
- YourFreeWorld Downline Builder (id) Remote SQL Injection Vulnerability
- YourFreeWorld Banner Management (id) SQL Injection Vulnerability
- Shahrood (ndetail.php id) Blind SQL Injection Vulnerability
- Micro CMS 0.3.5 Remote (Add/Delete/Password Change) Exploit
- AJ ARTICLE (SQL Injection) Remote Auth Bypass Vulnerability
- YourFreeWorld Programs Rating (details.php id) SQL Injection Vuln
- YourFreeWorld Blog Blaster (id) Remote SQL Injection Vulnerability
- GO4I.NET ASP Forum 1.0 (forum.asp iFor) SQL Injection Vulnerability
- Joomla Component Flash Tree Gallery 1.0 RFI Vulnerability
- Article Publisher PRO 1.5 Insecure Cookie Handling Vulnerability
- FTP Now 2.6 Server Response Remote Crash PoC
- AJ ARTICLE (featured_article.php mode) SQL injection Vulnerability
- Bloggie Lite 0.0.2 Beta SQL Injection by Insecure Cookie Handling
- SFS EZ Pub Site (directory.php cat) SQL Injection Vulnerability
- SFS EZ Webstore (where) Remote SQL Injection Vulnerability
- SFS EZ Gaming Cheats (id) Remote SQL Injection vulnerability
- GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (meta)
- SFS EZ Top Sites (topsite.php ts) Remote SQL Injection Vulnerability
- SFS EZ Auction (viewfaqs.php cat) Blind SQL Injection Vulnerability
- Article Publisher PRO (userid) Remote SQL Injection Exploit
- ModernBill 4.4.x XSS / Remote File Inclusion Vulnerability
- SFS EZ Software (id) Remote SQL Injection Vulnerability
- SFS EZ Hot or Not (phid) Remote SQL Injection Vulnerability
- SFS EZ Career (content.php topic) SQL Injection Vulnerability
- SFS EZ Webring (cat) Remote SQL Injection Vulnerability
- Article Publisher PRO 1.5 (SQL Injection) Auth Bypass Vulnerability
- SFS EZ Affiliate (cat_id) Remote SQL Injection Vulnerability
- SFS EZ BIZ PRO (track.php id) Remote SQL Injection Vulnerability
- SFS EZ Hotscripts-like Site (cid) Remote SQL Injection Vulnerability
- Absolute Newsletter 6.1 Insecure Cookie Handling Vulnerability
- SFS EZ Hosting Directory (cat_id) Remote SQL Injection Vulnerability
- SFS EZ Gaming Directory (cat_id) Remote SQL Injection Vulnerability
- SFS EZ Home Business Directory (cat_id) SQL Injection Vulnerability
- SFS EZ Link Directory (cat_id) Remote SQL Injection Vulnerability
- Adult Banner Exchange Website (targetid) SQL Injection Vulnerability
- Absolute FAQ Manager 6.0 Insecure Cookie Handling Vulnerability
- Absolute News Feed 1.0 Remote Insecure Cookie Handling Vulnerability
- U-Mail Webmail 4.91 (edit.php) Arbitrary File Write Vulnerability
- A-Link WL54AP3 and WL54AP2 CSRF+XSS Vulnerability
- Absolute News Manager 5.1 Insecure Cookie Handling Vulnerability
- cpanel 11.x XSS / Local File Inclusion Vulnerability
- Logz podcast CMS 1.3.1 (add_url.php art) SQL Injection Vulnerability
- SFS EZ Gaming Directory (directory.php id) SQL Injection Vulnerability
- SFS EZ Adult Directory (directory.php id) SQL Injection Vulnerability
- Absolute Live Support 5.1 Insecure Cookie Handling Vulnerability
- Absolute Control Panel XE 1.5 Insecure Cookie Handling Vulnerability
- Absolute Form Processor 4.0 Insecure Cookie Handling Vulnerability
- Absolute Banner Manager Insecure Cookie Handling Vulnerability
- Absolute Content Rotator 6.0 Insecure Cookie Handling Vulnerability
- Tribiq CMS 5.0.10a Local File Inclusion Vulnerability (win)
- Cybershade CMS 0.2b Remote File Inclusion Vulnerability
- e107 Plugin lyrics_menu (lyrics_song.php l_id) SQL Injection Vulnerability
- Tribiqcms 5.0.9a (beta) Insecure Cookie Handling Vulnerability
- Opera 9.62 (opera:allinone) Remote Code Execution Exploit PoC
- Absolute Podcast 1.0 Remote Insecure Cookie Handling Vulnerability
- Absolute Poll Manager XE 4.1 Cookie Handling Vulnerability
- Absolute File Send 1.0 Remote Cookie Handling Vulnerability
- Opera 9.61 opera:historysearch Code Execution Exploit PoC
- MyPHP Forum 3.0 Edit Topics/Blind SQL Injection Vulnerabilities
- Pro Traffic One (poll_results.php id) Remote SQL Injection Vulnerability
- DjVu ActiveX Control 3.0 ImageURL Property Overflow Exploit
- Venalsur on-line Booking Centre (OfertaID) XSS/SQL Injection Vulns
- Visagesoft eXPert PDF ViewerX (VSPDFViewerX.ocx) File Overwrite
- Harlandscripts Pro Traffic One (mypage.php) SQL Injection Vulnerability
- MW6 PDF417 ActiveX (MW6PDF417.dll) Remote Insecure Method Exploit
- MW6 DataMatrix ActiveX (DataMatrix.dll) Insecure Method Exploit
- MW6 Barcode ActiveX (Barcode.dll) Insecure Method Exploit
- MW6 Aztec ActiveX 3.0.0.1 Insecure Method Exploit
- 7Shop 1.1 Remote Arbitrary File Upload Exploit
- Wordpress Plugin e-Commerce 3.4 Arbitrary File Upload Exploit
- Mambo Component SimpleBoard 1.0.1 Arbitrary File Upload Exploit
- WebCards 1.3 Remote SQL Injection Vulnerability
- Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability
- e107 Plugin fm pro v1 (FD/Upload/DT) Multiple Remote Vulnerabilities
- H2O-CMS 3.4 Insecure Cookie Handling Vulnerability
- PacketTrap TFTPD 2.2.5459.0 Remote Denial of Service Exploit
- H2O-CMS 3.4 Remote Command Execution Exploit (mq = off)
- TlGuestBook 1.2 Insecure Cookie Handling Vulnerability
- Agares ThemeSiteScript 1.0 (loadadminpage) RFI Vulnerability
- MyForum 1.3 Insecure Cookie Handling Vulnerability
- PersianBB (iranian_music.php id) Remote SQL Injection Vulnerability
- e107 Plugin BLOG Engine 2.1.4 Remote SQL Injection Vulnerability
- MyKtools 2.4 Arbitrary Database Backup Vulnerability
- Aiocp 1.4 (poll_id) Remote SQL Injection Vulnerability
- Questcms (XSS/Directory Traversal/SQL) Multiple Remote Vulnerabilities
- Linux Kernel < 2.6.22 ftruncate()/open() Local Exploit
- e107 Plugin EasyShop (category_id) Blind SQL Injection Exploit
- TlAds v1 Remote Insecure Cookie Handling Vulnerability
- e107 Plugin alternate_profiles (id) SQL Injection Vulnerability
- MyKtools 2.4 (langage) Local File Inclusion Vulnerability
- MyForum 1.3 (padmin) Local File Inclusion Vulnerability
- Persia BME E-Catalogue Remote SQL Injection Vulnerability
- Ads Pro (dhtml.pl page) Remote Command Execution Exploit
- MyForum 1.3 (lecture.php id) Remote SQL Injection Exploit
- SFS Ez Forum (forum.php id) SQL Injection Vulnerability
- WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln
- MS Windows Server Service Code Execution Exploit (MS08-067) (cn univ.)
- PowerTCP FTP module Multiple Technique Exploit (SEH/HeapSpray)
- PozScripts Classified Ads Script (gotourl.php id) SQL Injection Vuln
- Kasra CMS (index.php) Multiple SQL Injection Vulnerabilities
- PumpKIN TFTP Server 2.7.2.0 Denial of Service Exploit (meta)
- Tlnews 2.2 Insecure Cookie Handling Vulnerability
- TUGzip 3.00 archiver .ZIP File Local Buffer Overflow Exploit
- KVIrc 3.4.0 Virgo Remote Format String Exploit PoC
- PHPdaily (SQL/XSS/LFD) Multiple Remote Vulnerabilities
- vicFTP 5.0 (LIST) Remote Denial of Service Exploit
- BuzzyWall 1.3.1 (download id) Remote File Disclosure Vulnerability
- NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability
- Aj RSS Reader (EditUrl.php url) SQL Injection Vulnerability
- db Software Laboratory VImpX (VImpX.ocx) Multiple Vulnerabilities
- SiteEngine 5.x Multiple Remote Vulnerabilities
- MS Windows Server Service Code Execution PoC (MS08-067)
- VLC 0.9.4 .TY File Buffer Overflow Exploit (SEH)
- Joomla Component Kbase 1.0 Remote SQL Injection Vulnerability
- Joomla Component Archaic Binary Gallery Directory Traversal Vuln
- WebSVN 2.0 (XSS/FH/CE) Multiple Remote Vulnerabilities
- miniPortail 2.2 (XSS/LFI) Remote Vulnerabilities
- MindDezign Photo Gallery 2.2 Arbitrary Add Admin Exploit
- MindDezign Photo Gallery 2.2 (index.php id) SQL Injection Vulnerability
- aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies
- Joomla Component RWCards 3.0.11 Local File Inclusion Vulnerability
- txtshop 1.0b (language) Local File Inclusion Vulnerability (win only)
- SilverSHielD 1.0.2.34 (opendir) Denial of Service Exploit
- CSPartner 1.0 (Delete All Users/SQL Injection) Remote Exploit
- Opera 9.52/9.60 Stored Cross Site Scripting Code Exec PoC
- freeSSHd 1.2.1 sftp realpath Remote Buffer Overflow PoC (auth)
- YDC (kdlist.php cat) Remote SQL Injection Vulnerability
- DorsaCms (ShowPage.aspx) Remote SQL Injection Vulnerability
- Joomla Component ionFiles 4.4.2 File Disclosure Vulnerability
- LoudBlog 0.8.0a (ajax.php) SQL Injection Vulnerability (auth)
- phpcrs 2.06 (importFunction) Local File Inclusion Vulnerability
- LibSPF2 < 1.2.8 DNS TXT Record Parsing Bug Heap Overflow PoC