- [webapps] - Hexamail Server
- [webapps] - Mnews
- [local] - Sysax
- [webapps] - Vanilla Forums Poll Plugin 0.9 Stored XSS
- [webapps] - Vanilla Forums 2.0.18.4 Tagging Stored XSS
- [webapps] - Log1 CMS writeInfo() PHP Code Injection
- [dos] - PHP 5.3.10 spl_autoload_call() Local Denial of Service
- [dos] - PHP 5.3.10 spl_autoload_register() Local Denial of Service
- [dos] - PHP 5.3.10 spl_autoload() Local Denial of Service
- [remote] - GIMP script-fu Server Buffer Overflow
- [webapps] - Membris v 2.0.1 Multiple Vulnerabilities
- [webapps] - Vanilla Tagging Enchanced 1.0.1 Stored XSS
- [dos] - IrfanView 4.33 Format PlugIn TTF File Parsing Stack Based Overflow
- [remote] - Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffe
- [remote] - Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020004 Buffe
- [remote] - Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020006 Buffe
- [webapps] - 4PSA VoipNow Professional 2.5.3 Multiple Vulnerabilities
- [papers] - [Hebrew] Digital Whisper Security Magazine #32
- [dos] - IrfanView Format PlugIn ECW Decompression Heap Overflow
- [dos] - Sorensoft Power Media 6.0 Denial of Service
- [webapps] - Supernews
- [dos] - Microsoft Wordpad 5.1 (.doc) Null Pointer Dereference Vulnerability
- [local] - Browser Navigation Download Trick
- [webapps] - NewsAdd
- [webapps] - Simple Web Content Management System 1.1 Multiple SQL Injection
- [dos] - Sony VAIO Wireless Manager 4.0.0.0 Buffer Overflows
- [webapps] - PHP Volunteer Management System v1.0.2 Arbitrary File Upload
- [dos] - GIMP 2.6 script-fu < 2.8.0 Buffer Overflow Vulnerability
- [local] - MPlayer SAMI Subtitle File Buffer Overflow
- [webapps] - Ganesha Digital Library 4.0 Multiple Vulnerabilities
- [webapps] - NewsAdd
- [papers] - Breaking The Crypt - Advanced Hash Cracking
- [dos] - WinRadius Server 2009 Denial Of Service
- [dos] - Tftpd32 DNS Server 4.00 Denial Of Service
- [webapps] - PBBoard v2.1.4 Multiple SQL Injection Vulnerabilities
- [local] - ispVM System XCF File Handling Overflow
- [webapps] - PBBoard 2.1.4 Local File Inclusion
- [remote] - Symantec Web Gateway 5.0.2.8 Command Execution Vulnerability
- [webapps] - PHP Volunteer Management System v 1.0.2 multiple SQLi Vuln.
- [dos] - LibreOffice 3.5.3 .rtf FileOpen Crash
- [dos] - iOS
- [webapps] - PHP Volunteer Management System v 1.0.2 Multiple Vulnerabilities
- [papers] - [Portuguese] Tutorial Thc-Hydra ver 2.1
- [remote] - QuickShare File Share 1.2.1 Directory Traversal Vulnerability
- [webapps] - WeBid converter.php Remote PHP Code Injection
- [webapps] - b2ePMS 1.0 multiple SQLi Vulnerabilities
- [remote] - Symantec Web Gateway 5.0.2 Remote LFI Root Exploit
- [remote] - RabidHamster R4 Log Entry sprintf() Buffer Overflow
- [webapps] - SocialEngine 4.2.2 Multiple Vulnerabilities
- [papers] - Uncovering Zero-Days and Advanced Fuzzing - Slides
- [dos] - bsnes v0.87 Local Denial Of Service
- [webapps] - appRain CMF Arbitrary PHP File Upload Vulnerability
- [local] - OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
- [papers] - Uncovering Zero-Days and Advanced Fuzzing - Notes
- [dos] - Wireshark Multiple Dissector Denial of Service Vulnerabilities
- [dos] - Wireshark DIAMETER Dissector Denial of Service
- [local] - Mod_Auth_OpenID Session Stealing Vulnerability
- [webapps] - Jaow
- [dos] - Wireshark Misaligned Memory Denial of Service Vulnerability
- [dos] - Symantec End Point Protection 11.x & Symantec Network Access Control 11.x LCE
- [remote] - FlexNet License Server Manager lmgrd Buffer Overflow
- [shellcode] - linux/x86 execve(/bin/dash) 42 bytes
- [dos] - Windows XP Keyboard Layouts Pool Corruption LPE 0day PoC (post-MS12-034)
- [local] - Novell Client 4.91 SP4 Privilege Escalation Exploit
- [webapps] - Supernews
- [webapps] - Vanilla FirstLastNames 1.3.2 Plugin Persistant XSS
- [webapps] - Vanilla Forums About Me Plugin Persistant XSS
- [dos] - PHP
- [dos] - PHP
- [dos] - Real-DRAW PRO 5.2.4 Import File Crash
- [dos] - DVD-Lab Studio 1.25 DAL File Open Crash
- [webapps] - Vanilla Forums LatestComment 1.1 Plugin Persistent XSS
- [remote] - HP StorageWorks P4000 Virtual SAN Appliance Command Execution
- [local] - Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow
- [webapps] - FreeNAC version 3.02 SQL Injection and XSS Vulnerabilties
- [webapps] - PHP Address Book 7.0.0 Multiple Vulnerabilities
- [remote] - Active Collab "chat module"
- [remote] - Squiggle 1.7 SVG Browser Java Code Execution
- [remote] - Oracle Weblogic Apache Connector POST Request Buffer Overflow
- [local] - SkinCrafter ActiveX Control version 3.0 Buffer Overflow
- [remote] - HP VSA Remote Command Execution Exploit
- [papers] - Complete Cross-site Scripting Walkthrough
- [dos] - Trigerring Java Code from a SVG Image
- [webapps] - Artiphp CMS 5.5.0 Database Backup Disclosure Exploit
- [webapps] - OpenKM Document Management System 5.1.7 Command Execution
- [webapps] - Axous 1.1.1 Multiple Vulnerabilities (CSRF - Persistent XSS)
- [webapps] - Serendipity 1.6 Backend XSS And SQLi Vulnerability
- [dos] - Universal Reader 1.16.740.0 (.epub) Denial Of Service
- [webapps] - Liferay Portal 6.1 - 6.0.x Privilege Escalation
- [dos] - Multimedia Builder 4.9.8 Malicious mef Crash
- [webapps] - b2ePMS 1.0 Authentication Bypass Vulnerability
- [dos] - FlexNet License Server Manager Stack Overflow In lmgrd
- [dos] - Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities
- [webapps] - Galette (picture.php) SQL Injection Vulnerability
- [webapps] - Free Realty v3.1-0.6 Multiple Vulnerabilities
- [webapps] - Viscacha Forum CMS v0.8.1.1 Multiple Vulnerabilities
- [webapps] - Proman Xpress v5.0.1 Multiple Vulnerabilities
- [webapps] - Travelon Express CMS v6.2.2 Multiple Vulnerabilities
- [papers] - Hyperion: Implementation of a PE Crypter
- [webapps] - Belkin N150 Wireless Router Password Disclosure
- [local] - PHP 5.4 (5.4.3) Code Execution (Win32)
- [remote] - Firefox 8/9 AttributeChildRemoved() Use-After-Free
- [webapps] - Sockso
- [local] - AnvSoft Any Video Converter 4.3.6 Unicode Buffer Overflow
- [webapps] - WikkaWiki 1.3.2 Spam Logging PHP Injection
- [remote] - Distinct TFTP 3.01 Writable Directory Traversal Execution
- [local] - Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow
- [dos] - QNX phrelay/phindows/phditto Multiple Vulnerabilities
- [dos] - Asterisk 'ast_parse_digest()' Stack Buffer Overflow Vulnerability
- [webapps] - Kerio WinRoute Firewall Web Server < 6 Source Code Disclosure
- [webapps] - eLearning Server 4G Multiple Remote Vulnerabilities
- [dos] - SAP Netweaver Dispatcher Multiple Vulnerabilities
- [webapps] - X7 Chat 2.0.5.1 CSRF Add Admin Exploit
- [dos] - Guitar Pro 6.1.1 r10791 (.gpx) Crash POC
- [local] - DecisionTools SharpGrid ActiveX Control RCE
- [webapps] - PHP Agenda 2.2.8 SQLi Vulnerability
- [remote] - Firefox 7/8 (
- [webapps] - myCare2x CMS Multiple Vulnerabilities
- [webapps] - MYRE Real Estate Mobile 2012|2 Multiple Vulnerabilities
- [webapps] - Genium CMS 2012|Q2 Multiple Vulnerabilities
- [webapps] - Lynx Message Server Multiple Vulnerabilities
- [webapps] - Fortinet FortiWeb Web Application Firewall Policy Bypass
- [papers] - [Hebrew] Digital Whisper Security Magazine #31
- [remote] - PHP CGI Argument Injection Exploit
- [dos] - Format Factory v2.95 - Buffer Overflow Vulnerabilities
- [remote] - PHP CGI Argument Injection
- [remote] - Solarwinds Storage Manager 5.1.0 SQL Injection
- [webapps] - Symantec Web Gateway Cross Site Scripting
- [papers] - Reverse Engineering Malware Part 1
- [papers] - iOS Application (In)Security
- [local] - AnvSoft Any Video Converter 4.3.6 Stack Overflow Exploit
- [webapps] - Baby Gekko CMS v1.1.5c Multiple Stored XSS Vulnerabilities
- [webapps] - PluXml 5.1.5 Local File Inclusion
- [remote] - VLC MMS Stream Handling Buffer Overflow
- [dos] - Microsoft Windows xp Win32k.sys Local Kernel DoS Vulnerability
- [webapps] - php-decoda Cross-Site Scripting In Video Tag
- [webapps] - OpenConf
- [webapps] - Websense Triton 'ws_irpt.exe' RCE Vulnerability
- [local] - Symantec pcAnywhere Insecure File Permissions Local Privilege Escalation
- [remote] - Solarwinds Storage Manager 5.1.0 Remote SYSTEM SQL Injection Exploit
- [local] - SAMSUNG NET-i Viewer 1.37 SEH Overwrite
- [papers] - [French] Pas Pas Vers L'Assembleur
- [webapps] - GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities
- [webapps] - Wordpress Zingiri Web Shop Plugin
- [webapps] - MyClientBase v0.12 - Multiple Vulnerabilities
- [webapps] - STRATO Newsletter Manager Directory Traversal
- [dos] - LAN Messenger
- [dos] - Mikrotik Router Denial of Service
- [webapps] - OpenCart 1.5.2.1 Multiple Vulnerabilities
- [remote] - McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability
- [remote] - McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control G
- [webapps] - C4B XPhone UC Web 4.1.890S R1 XSS Vulnerability
- [webapps] - Opial CMS v2.0 Multiple Vulnerabilities
- [webapps] - Alienvault OSSIM Open Source SIEM 3.1 Multiple Security Vulnerabilities
- [dos] - Remote-Anything Player 5.60.15 Denial of Service
- [webapps] - Soco CMS Local File Include Vulnerability
- [webapps] - Car Portal CMS v3.0 - Multiple Vulnerabilities
- [webapps] - DIY CMS v1.0 Poll Multiple Vulnerabilities
- [webapps] - WebCalendar 1.2.4 Pre-Auth Remote Code Injection
- [dos] - Nokia PC Suite Video Manager 7.1.180.64 (.mp4) Denial of Service
- [webapps] - Axous 1.1.0 SQL Injection Vulnerabilitiy
- [webapps] - Wordpress 3.3.1 Multiple CSRF Vulnerabilities
- [local] - CPE17 Autorun Killer
- [webapps] - SilverStripe CMS 2.4.7 (install.php) Remote Command Execution
- [webapps] - PHP Volunteer Management 1.0.2 Multiple Vulnerabilities
- [local] - Parallels PLESK 9.x Insecure Permissions
- [webapps] - Wordpress Zingiri Web Shop Plugin
- [local] - mount.cifs chdir() Arbitrary root File Identification
- [webapps] - Piwigo 2.3.3 Multiple Vulnerabilities
- [remote] - MS12-027 MSCOMCTL ActiveX Buffer Overflow
- [local] - Shadow Stream Recorder 3.0.1.7 Buffer Overflow
- [webapps] - vtiger CRM 5.1.0 Local File Inclusion
- [dos] - SumatraPDF v2.0.1 .chm and .mobi Memory Corruption
- [webapps] - Havalite CMS v1.0.4 Multiple Vulnerabilities
- [webapps] - ExponentCMS 2.0.5 Multiple Vulnerabilities
- [dos] - Mobipocket Reader 6.2 Build 608 Buffer Overflow
- [webapps] - WebCalendar
- [dos] - BeyondCHM 1.1 Buffer Overflow
- [dos] - .NET Framework EncoderParameter Integer Overflow Vulnerability
- [webapps] - PHP Ticket System Beta 1 (index.php p parameter) SQL Injection
- [remote] - RuggedCom Devices Backdoor Access
- BigAnt Server
- Snort < 2.8.5 Unified1 Output Denial of Service Exploit
- Loggix Project
- ProdLer
- CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
- cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit
- Winplot (.wp2 File) Local Buffer Overflow Exploit
- WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
- Joomla com_jinc (newsid) Blind SQL Injection Vulnerability
- Joomla com_mytube (user_id) Blind SQL Injection Exploit
- BigAnt Server
- Joomla com_mytube (user_id) Blind SQL Injection Exploit
- WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
- Loggix Project
- ProdLer
- Winplot (.wp2 File) Local Buffer Overflow Exploit
- Snort < 2.8.5 Unified1 Output Denial of Service Exploit
- cP Creator 2.7.1 (****** tickets) Remote SQL Injection Exploit
- Joomla com_jinc (newsid) Blind SQL Injection Vulnerability
- CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
- <META HTTP-*****="*******" CONTENT="0; url=http://www.lajmpress.com/reklama/">
- أشكرك يا قرصانا الغالي
- ComicShout 2.5 (index.php comic_id) Remote SQL Injection Vulnerability
- Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities
- Netbutikker
- Weblأ¸sninger
- Alcatel OmniPCX Office 210/061.1 Remote Command Execution Vuln
- Php Jokesite 2.0 (cat_id) Remote SQL Injection Vulnerability
- Netious CMS 0.4 (index.php pageid) SQL Injection Vulnerability
- 6rbScript (news.php newsid) Remote SQL Injection Vulnerability
- MX-System 2.7.3 (index.php page) Remote SQL Injection Vulnerability
- eCMS 0.4.2 (SQL/PB) Multiple Remote Vulnerabilities
- EntertainmentScript (play.php id) Remote SQL Injection Vulnerability
- MercuryBoard
- AlkalinePHP
- microSSys CMS
- PHP AGTC-Membership System
- MeltingIce File System
- GNU/Gallery
- MyPicGallery 1.0 Arbitrary Add-Admin Exploit
- EntertainmentScript 1.4.0 (page.php page) Local File Inclusion Exploit
- IDAutomation Bar Code ActiveX Multiple Remote Vulnerabilities
- Linkspile (link.php cat_id) Remote SQL Injection Vulnerability
- The Real Estate Script (dpage.php docID) SQL Injection Vulnerability
- EMO Realty Manager (news.php ida) SQL Injection Vulnerability
- Meto Forum 1.1 Multiple Remote SQL Injection Vulnerabilities
- CaLogic Calendars 1.2.2 (langsel) Remote SQL Injection Vulnerability
- Web Group Communication Center (WGCC)
- e-107 Plugin zogo-shop 1.16 Beta 13 SQL Injection Vulnerability
- e107 Plugin BLOG Engine 2.2 (rid) Blind SQL Injection Vulnerability
- EQDKP 1.3.2f (user_id) Authentication Bypass (PoC)
- Open Office.org 2.31 swriter Local Code Execution Exploit
- Joomla Component com_datsogallery 1.6 Blind SQL Injection Exploit
- Ktools PhotoStore
- Ktools PhotoStore 3.4.3 (gallery.php gid) SQL Injection Vulnerability
- txtCMS 0.3 (index.php) Local File Inclusion Exploit
- Phoenix View CMS
- HispaH Model Search (cat.php cat) Remote SQL Injection Vulnerability
- SazCart
- Admidio 1.4.8 (getfile.php) Remote File Disclosure Vulnerability
- Advanced Links Management (ALM) 1.52 SQL Injection Vulnerability
- Secure File Delete Wizard
- Registry Pro (epRegPro.ocx) Remote Insecure Methods Exploit
- EvansFTP (EvansFTP.ocx) Remote Insecure Methods Exploit
- aaxRegistry (aaxRegistry.ocx) Remote Registry Deletion Exploit
- Univeral HTTP Image/File Upload ActiveX Remote File Deletion Exploit
- miniBloggie 1.0 (del.php) Arbitrary Delete Post Vulnerability
- Cyberfolio 7.12 (rep) Remote File Inclusion Vulnerability
- SazCart 1.5.1 Multiple Remote File Inclusion Vulnerabilities