- [webapps] - Invision Gallery SQL Injection Vulnerability
- [remote] - Nagios3 history.cgi Host Command Execution
- [webapps] - Oracle Application Framework Diagnostic Mode Bypass Vulnerability
- [webapps] - Cydia Repo Manager CSRF Vulnerability
- [papers] - Detecting System Intrusions
- [webapps] - CMS snews SQL Injection Vulnerability
- [remote] - Freesshd Authentication Bypass
- [papers] - [Turkish] Pen-Tester's Guide for Metasploit Framework
- [dos] - Serva v2.0.0 HTTP Server GET Remote Denial of Service Vulnerability
- [dos] - Serva v2.0.0 DNS Server QueryName Remote Denial of Service Vulnerability
- [papers] - DOMSDAY - Analyzing a Dom-Based XSS in Yahoo!
- [webapps] - CMS phpshop 2.0 SQL Injection Vulnerability
- [webapps] - phlyLabs phlyMail Lite 4.03.04 (go param) Open Redirect Vulnerability
- [webapps] - phlyLabs phlyMail Lite 4.03.04 Path Disclosure and Stored XSS Vulnerabili
- [papers] - Stack Smashing On A Modern Linux System
- [remote] - Nagios history.cgi Remote Command Execution Vulnerability
- [webapps] - phpliteadmin
- [remote] - Java Applet JMX Remote Code Execution
- [remote] - eXtplorer v2.1 Arbitrary File Upload Vulnerability
- [remote] - Ruby on Rails XML Processor YAML Deserialization Code Execution
- [remote] - Microsoft Internet Explorer Option Element Use-After-Free
- [dos] - Nero MediaHome 4.5.8.0 Denial Of Service Vulnerability
- [remote] - Honeywell Tema Remote Installer ActiveX Remote Code Execution
- [dos] - Colloquy 1.3.5 and 1.3.6 Denial of Service Vulnerability
- [remote] - Internet Explorer 8 Fixed Col Span ID full ASLR & DEP bypass
- [webapps] - WeBid 1.0.6 SQL Injection Vulnerability
- [local] - Inmatrix Ltd. Zoom Player 8.5 Crafted JPEG File Exploit
- [webapps] - Watson Management Console 4.11.2.G Directory Traversal Vulnerability
- [webapps] - Free Blog 1.0 Multiple Vulnerabilities
- [webapps] - Websitebaker Add-on Concert Calendar 2.1.4 Multiple Vulnerabilities
- [papers] - [French] Une simple exploitation de vulnérabilité Format String
- [webapps] - WordPress Plugin Google Document Embedder Arbitrary File Disclosure
- [remote] - IBM Cognos tm1admsd.exe Overflow Vulnerability
- [webapps] - Advantech WebAccess HMI/SCADA Software Persistence XSS Vulnerability
- [webapps] - E SMS Script Multiple SQL Injection Vulnerabilities
- [dos] - Ettercap
- [dos] - Foxit Reader
- [webapps] - Nexpose Security Console CSRF Vulnerability
- [dos] - FoxPlayer v2.9.0 Denial of Service Vulnerability
- [papers] - [Spanish] Hashcat Manual de Usuario
- [webapps] - pfSense 2.0.1 XSS / CSRF / Remote Command Execution
- [remote] - Enterasys NetSight nssyslogd.exe Buffer Overflow
- [webapps] - MyBB Profile Wii Friend Code Multiple Vulnerabilities
- [webapps] - Simple Webserver 2.3-rc1 Directory Traversal
- [webapps] - SelectSurvey CMS (ASP.NET) Arbitrary File Upload
- [webapps] - Invision Power Services Invision Gallery 1.0.1 Multiple SQL Injection Vul
- [remote] - WordPress Plugin Advanced Custom Fields Remote File Inclusion
- [remote] - Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Access
- [webapps] - MyBB (editpost.php, posthash) SQL Injection Vulnerability
- [papers] - Analyzing Near Field Communication (NFC) Security
- [remote] - Microsoft Internet Explorer CButton Object Use-After-Free Vulnerability
- [papers] - [Hebrew] Digital Whisper Security Magazine #38
- [dos] - Astium VoIP PBX
- [webapps] - e107 v1.0.2 CSRF Resulting in SQL Injection
- [webapps] - e107 v1.0.1 CSRF Resulting in Arbitrary Javascript Execution
- [webapps] - Astium VoIP PBX
- [webapps] - MyBB Profile Skype ID Plugin 1.0 Privilege Escalation Vulnerability
- [papers] - [Turkish] Introduction to ARM Exploiting on Linux
- [local] - BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (MSF)
- [dos] - Grep < 2.11 Integer Overflow Crash PoC
- [remote] - IBM Lotus iNotes dwa85W ActiveX Buffer Overflow
- [remote] - Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free Vulnerabili
- [remote] - IBM Lotus QuickR qp2 ActiveX Buffer Overflow
- [remote] - Ubiquiti AirOS
- [remote] - RealPlayer RealMedia File Handling Buffer Overflow
- [shellcode] - Linux/x86 Remote Port Forwarding Shellcode 87 bytes
- [webapps] - MyBB HM My Country Flags SQL Injection
- [webapps] - Guru Auction 2.0 Multiple SQL Injection Vulnerabilities
- [remote] - Microsoft SQL Server Database Link Crawling Command Execution
- [remote] - IBM Lotus Notes Client URL Handler Command Injection
- [remote] - WordPress WP-Property PHP File Upload Vulnerability
- [remote] - WordPress Asset-Manager PHP File Upload Vulnerability
- [webapps] - City Directory Review and Rating Script (search.php) SQL Injection Vulner
- [webapps] - MyBB AwayList Plugin (index.php, id parameter) SQL Injection Vulnerabilit
- [remote] - Netwin SurgeFTP Remote Command Execution
- [remote] - Foswiki MAKETEXT Remote Command Execution
- [remote] - TWiki MAKETEXT Remote Command Execution
- [papers] - [French] - DNS Phishing Paper and DNS Phishing Redirector
- [webapps] - Banana Dance B.2.6 Multiple Vulnerabilities
- [dos] - FireFly Mediaserver 1.0.0.1359 NULL Pointer Dereference
- [webapps] - Elite Bulletin Board 2.1.21 Multiple SQL Injection Vulnerabilities
- [webapps] - YeaLink IP Phone SIP-TxxP firmware
- [dos] - Sony PC Companion 2.1 (Load()) Stack-based Unicode Buffer Overflow
- [dos] - Sony PC Companion 2.1 (DownloadURLToFile()) Stack-based Unicode Buffer Overfl
- [dos] - Sony PC Companion 2.1 (CheckCompatibility()) Stack-based Unicode Buffer Overf
- [papers] - In-Memory Fuzzing with Java
- [dos] - Sony PC Companion 2.1 (Admin_RemoveDirectory()) Stack-based Unicode Buffer Ov
- [dos] - Microsoft Internet Explorer 9.x
- [dos] - IDA Pro 6.3 Crash PoC
- [dos] - gdb (GNU debugger)
- [remote] - NetWin SurgeFTP Authenticated Admin Command Injection
- [remote] - InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow
- [dos] - Adobe Flash Player 11,5,502,135 Crash PoC
- [webapps] - Free hosting manager v2.0.2 Stored XSS
- [dos] - DIMIN Viewer 5.4.0 GIF Decode Crash PoC
- [webapps] - SonicWall SonicOS 5.8.1.8 WAF XSS Vulnerability
- [webapps] - Enterpriser16 Load Balancer v7.1 Multiple XSS Vulnerabilities
- [webapps] - Clockstone and other CMSMasters Theme File Upload Vulnerabilities
- [webapps] - MyTube MyBB Plugin 1.0 Stored XSS
- [remote] - Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property
- [webapps] - phpwcms
- [webapps] - MyBB User Profile Skype ID Plugin 1.0 Stored XSS
- [webapps] - Social Sites MyBB Plugin 0.2.2 Cross Site Scripting
- [webapps] - MyBB AJAX Chat Persistent XSS Vulnerability
- [papers] - Ideas of advanced runtime Encryption of .NET Executables
- [webapps] - Facebook Profile MyBB Plugin 2.4 Persistant XSS
- [remote] - PostgreSQL for Linux Payload Execution
- [webapps] - MyBB DyMy User Agent Plugin (newreply.php) SQL Injection Vulnerability
- [webapps] - Portable phpMyAdmin Wordpress Plugin Authentication Bypass
- [dos] - Cisco Wireless Lan Controller 7.2.110.0 Multiple Vulnerabilities
- [webapps] - Centreon Enterprise Server 2.3.3-2.3.9-4 Blind SQL Injection Exploit
- [webapps] - MyYoutube MyBB Plugin 1.0 SQL Injection
- [webapps] - TipsOfTheDay MyBB Plugin Multiple Vulnerabilities
- [remote] - Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability
- [webapps] - Axway Secure Transport 5.1 SP2 Path Traversal Vulnerability
- [remote] - Microsoft Internet Explorer 6-10 Mouse Tracking
- [remote] - HP Data Protector DtbClsLogin Buffer Overflow
- [webapps] - MyBB Bank-v3 Plugin SQL Injection
- [dos] - IrfanView 4.33 IMXCF.DLL Plugin Code Execution
- [webapps] - Joomla JooProperty 1.13.0 Multiple Vulnerabilities
- [webapps] - MyBB Profile Blogs Plugin 1.2 Multiple Vulnerabilities
- [dos] - DIMIN Viewer 5.4.0 Crash PoC
- [dos] - FreeVimager 4.1.0 Crash PoC
- [papers] - Reversing & Malware Analysis Training Presentations
- [papers] - Reversing & Malware Analysis Training Articles
- [local] - Centrify Deployment Manager v2.1.0.283 Local Root
- [webapps] - ClipBucket 2.6 Revision 738 Multiple SQL Injection Vulnerabilities
- [webapps] - Achievo 1.4.5 Multiple Vulnerabilities
- [dos] - TVMOBiLi 2.1.0.3557 Denial of Service Vulnerability
- [remote] - Splunk 5.0 Custom App Remote Code Execution
- [remote] - Maxthon3 about:history XCS Trusted Zone Code Execution
- [remote] - FreeFloat FTP Server Arbitrary File Upload
- [dos] - Sumatra 2.1.1/MuPDF 1.0 Integer Overflow
- [remote] - Free Float FTP Server USER Command Buffer Overflow
- [remote] - Nagios XI Network Monitor Graph Explorer Component Command Injection
- [webapps] - MyBB KingChat Plugin Persistent XSS
- [dos] - Android Kernel 2.6 Local DoS Crash PoC
- [webapps] - Cisco DPC2420 Multiples Vulnerabilities
- [webapps] - Advantech Studio v7.0 SCADA/HMI Directory Traversal 0-day
- [dos] - VLC Media Player 2.0.4 Crash PoC
- [remote] - IBM System Director Agent DLL Injection
- [webapps] - m0n0wall 1.33 Multiple CSRF Vulnerabilities
- [dos] - NVIDIA Install Application 2.1002.85.551 (NVI2.dll) Unicode Buffer Overflow P
- [remote] - Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution
- [remote] - Oracle MySQL for Microsoft Windows MOF Execution
- [webapps] - Kordil EDMS v2.2.60rc3 SQL Injection Vulnerability
- [remote] - Ektron 8.02 XSLT Transform Remote Code Execution
- [remote] - Tectia SSH USERAUTH Change Request Password Reset Vulnerability
- [webapps] - MyBB AwayList Plugin SQL Injection
- [webapps] - SchoolCMS Persistent XSS
- [webapps] - myBB KingChat Plugin SQL Injection
- [dos] - Opera Web Browser 12.11 Crash PoC
- [papers] - CVE-2012-5076 Technical Analysis Report
- [webapps] - Symantec Messaging Gateway 9.5.3-3 CSRF Vulnerability
- [webapps] - Symantec Messaging Gateway 9.5.3-3 Arbitrary File Download
- [webapps] - FirePass SSL VPN Unauthenticated Local File Inclusion
- [remote] - MySQL Remote Preauth User Enumeration Zeroday
- [remote] - FreeSSHD Remote Authentication Bypass Zeroday Exploit
- [remote] - MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day
- [remote] - SSH.com Communications SSH Tectia Authentication Bypass Remote Zeroday Exp
- [remote] - MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)
- [remote] - IBM System Director Remote System Level Exploit
- [dos] - MySQL (Linux) Heap Based Overrun PoC Zeroday
- [dos] - MySQL (Linux) Stack Based Buffer Overrun PoC Zeroday
- [remote] - FreeFTPD Remote Authentication Bypass Zeroday Exploit
- [dos] - MySQL Denial of Service Zeroday PoC
- [local] - MySQL (Linux) Database Privilege Elevation Zeroday Exploit
- [local] - BlazeVideo HDTV Player Pro v6.6 Filename Handling Vulnerability
- [webapps] - SilverStripe CMS 3.0.2 Multiple Vulnerabilities
- [webapps] - SmartCMS (index.php, menuitem param) SQL Injection & Cross Site Scripting
- [webapps] - Free Hosting Manager 2.0 (packages.php, id param) SQL Injection Vulnerabi
- [dos] - UMPlayer Portable 0.95 Crash PoC
- [remote] - Network Shutdown Module
- [local] - Windows AlwaysInstallElevated MSI
- [webapps] - Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities
- [webapps] - FCKEditor ASP Version 2.6.8 File Upload Protection Bypass
- [webapps] - Gleamtech FileVista/FileUltimate 4.6 Directory Traversal
- [remote] - Apple QuickTime 7.7.2 MIME Type Buffer Overflow
- [papers] - [Spanish] Penetration Testing - Analisis Web - Evaluacion de Vulnerabilida
- [dos] - mcrypt
- [webapps] - PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability
- [webapps] - SmartCMS (index.php, idx parameter) SQL Injection Vulnerability
- [dos] - Websense Proxy Filter Bypass
- [papers] - D-Link DSR-250N Persistent Root Access
- [local] - BlazeVideo HDTV Player 6.6 Professional (Direct Retn)
- [local] - Aviosoft Digital TV Player Professional 1.x (Direct Retn)
- [papers] - [Turkish] Exploitation of MsSQL Servers Explained
- [local] - mcrypt
- [webapps] - BuyClassifiedScript PHP Code Injection Vulnerability
- [webapps] - ES CmS 0.1 Sql Injection Vulnerability
- [webapps] - jBilling 3.0.2 Cross Site Scripting Vulnerability
- [remote] - Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Ov
- [dos] - TrouSerS Denial Of Service Vulnerability
- [dos] - Adobe Reader 10.1.4 JP2KLib&CoolType Crash PoC
- [remote] - NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execu
- [dos] - lighttpd 1.4.31 Denial of Service PoC
- [webapps] - PHP Server Monitor Stored XSS
- [webapps] - ManageEngine ServiceDesk 8.0 Multiple Vulnerabilities
- [remote] - Narcissus Image Configuration Passthru Vulnerability
- [webapps] - Yii Framework 1.1.8 Search SQL Injection Vulnerability
- [webapps] - SonicWALL CDP 5040 v6.x Multiple Vulnerabilities
- [local] - FormatFactory v3.0.1 Profile File Handling Buffer Overflow
- [dos] - Apple QuickTime 7.7.2 Targa image Buffer Overflow
- [remote] - LAN.FS Messenger v2.4 Command Execution Vulnerability
- [webapps] - Wordpress Facebook Survey v1 SQL Injection Vulnerability
- [webapps] - WeBid
- [webapps] - WeBid
- [remote] - NFR Agent FSFUI Record File Upload RCE
- [webapps] - friendsinwar FAQ Manager (view_faq.php, question param) SQL Injection Vul
- [papers] - Guidelines for Pentesting a Joomla Based Site
- [webapps] - FarODP v6.1 Remote File Disclosure Vulnerability (.htaccess)
- [webapps] - ReciPHP 1.1 SQL Injection Vulnerability
- [remote] - Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll ldapagnt_eval() Pe
- [remote] - Novell NetIQ Privileged User Manager 2.3.1 auth.dll pa_modify_accounts() R
- [webapps] - Friends in War Make or Break v1.3 SQL Injection (authbypass) Vulnerabilit
- [remote] - Oracle Database Client System Analyzer Arbitrary File Upload
- [papers] - [Spanish] Software Exploitation
- [dos] - Broadcom DoS on BCM4325 and BCM4329 Devices
- [webapps] - BabyGekko 1.2.2e Multiple Vulnerabilities
- [webapps] - iDev Rentals v1.0 Multiple Vulnerabilities
- [webapps] - Myrephp Business Directory Multiple Vulnerabilities
- [webapps] - MYRE Realty Manager Multiple Vulnerabilities
- [webapps] - MYREphp Vacation Rental Software Multiple Vulnerabilities
- [webapps] - friendsinwar FAQ Manager SQL Injection (authbypass) Vulnerability
- [webapps] - Narcissus Remote Command Execution Vulnerability
- [dos] - Novell Groupwise Internet Agent LDAP BIND Request Overflow Vulnerability
- [webapps] - dotProject
- [remote] - Invision IP.Board
- [dos] - IrfanView RLE Image Decompression Buffer Overflow Vulnerability
- [remote] - Jira Scriptrunner 2.0.7
- [remote] - Java Applet JAX-WS Remote Code Execution
- [dos] - Zoner Photo Studio v15 b3 Buffer Overflow Vulnerabilities
- [webapps] - Eventy CMS v1.8 Plus Multiple Vulnerabilities
- [local] - HT Editor 2.0.20 Buffer Overflow (ROP PoC)
- [dos] - IrfanView TIF Image Decompression Buffer Overflow Vulnerability
- [webapps] - vBulletin vBay
- [dos] - Smadav Anti Virus 9.1 Crash PoC
- [local] - Zoner Photo Studio v15 Build 3 (Zps.exe) Registry Value Parsing Exploit
- [webapps] - BananaDance Wiki b2.2 Multiple Vulnerabilities
- [dos] - Microsoft Office Excel 2007 WriteAV Crash PoC
- [webapps] - netOffice Dwins
- [remote] - WinRM VBS Remote Code Execution
- [remote] - EMC Networker Format String
- [webapps] - Xivo 1.2 Arbitrary File Download
- [webapps] - AVerCaster Pro RS3400 Web Server Directory Traversal
- [webapps] - Invision Power Board
- [dos] - Internet Explorer 9 Memory Corruption Crash PoC
- [webapps] - Zenphoto 1.4.3.3 Multiple Vulnerabilities
- [dos] - Adobe Reader 11.0.0 Stack Overflow Crash PoC
- [papers] - Sophail: Applied attacks against Sophos Antivirus