- [dos] - Guitar Pro 6.1.1 r10791 (.gpx) Crash POC
- [local] - DecisionTools SharpGrid ActiveX Control RCE
- [webapps] - PHP Agenda 2.2.8 SQLi Vulnerability
- [remote] - Firefox 7/8 (
- [webapps] - myCare2x CMS Multiple Vulnerabilities
- [webapps] - MYRE Real Estate Mobile 2012|2 Multiple Vulnerabilities
- [webapps] - Genium CMS 2012|Q2 Multiple Vulnerabilities
- [webapps] - Lynx Message Server Multiple Vulnerabilities
- [webapps] - Fortinet FortiWeb Web Application Firewall Policy Bypass
- [papers] - [Hebrew] Digital Whisper Security Magazine #31
- [remote] - PHP CGI Argument Injection Exploit
- [dos] - Format Factory v2.95 - Buffer Overflow Vulnerabilities
- [remote] - PHP CGI Argument Injection
- [remote] - Solarwinds Storage Manager 5.1.0 SQL Injection
- [webapps] - Symantec Web Gateway Cross Site Scripting
- [papers] - Reverse Engineering Malware Part 1
- [papers] - iOS Application (In)Security
- [local] - AnvSoft Any Video Converter 4.3.6 Stack Overflow Exploit
- [webapps] - Baby Gekko CMS v1.1.5c Multiple Stored XSS Vulnerabilities
- [webapps] - PluXml 5.1.5 Local File Inclusion
- [remote] - VLC MMS Stream Handling Buffer Overflow
- [dos] - Microsoft Windows xp Win32k.sys Local Kernel DoS Vulnerability
- [webapps] - php-decoda Cross-Site Scripting In Video Tag
- [webapps] - OpenConf
- [webapps] - Websense Triton 'ws_irpt.exe' RCE Vulnerability
- [local] - Symantec pcAnywhere Insecure File Permissions Local Privilege Escalation
- [remote] - Solarwinds Storage Manager 5.1.0 Remote SYSTEM SQL Injection Exploit
- [local] - SAMSUNG NET-i Viewer 1.37 SEH Overwrite
- [papers] - [French] Pas Pas Vers L'Assembleur
- [webapps] - GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities
- [webapps] - Wordpress Zingiri Web Shop Plugin
- [webapps] - MyClientBase v0.12 - Multiple Vulnerabilities
- [webapps] - STRATO Newsletter Manager Directory Traversal
- [dos] - LAN Messenger
- [dos] - Mikrotik Router Denial of Service
- [webapps] - OpenCart 1.5.2.1 Multiple Vulnerabilities
- [remote] - McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability
- [remote] - McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control G
- [webapps] - C4B XPhone UC Web 4.1.890S R1 XSS Vulnerability
- [webapps] - Opial CMS v2.0 Multiple Vulnerabilities
- [webapps] - Alienvault OSSIM Open Source SIEM 3.1 Multiple Security Vulnerabilities
- [dos] - Remote-Anything Player 5.60.15 Denial of Service
- [webapps] - Soco CMS Local File Include Vulnerability
- [webapps] - Car Portal CMS v3.0 - Multiple Vulnerabilities
- [webapps] - DIY CMS v1.0 Poll Multiple Vulnerabilities
- [webapps] - WebCalendar 1.2.4 Pre-Auth Remote Code Injection
- [dos] - Nokia PC Suite Video Manager 7.1.180.64 (.mp4) Denial of Service
- [webapps] - Axous 1.1.0 SQL Injection Vulnerabilitiy
- [webapps] - Wordpress 3.3.1 Multiple CSRF Vulnerabilities
- [local] - CPE17 Autorun Killer
- [webapps] - SilverStripe CMS 2.4.7 (install.php) Remote Command Execution
- [webapps] - PHP Volunteer Management 1.0.2 Multiple Vulnerabilities
- [local] - Parallels PLESK 9.x Insecure Permissions
- [webapps] - Wordpress Zingiri Web Shop Plugin
- [local] - mount.cifs chdir() Arbitrary root File Identification
- [webapps] - Piwigo 2.3.3 Multiple Vulnerabilities
- [remote] - MS12-027 MSCOMCTL ActiveX Buffer Overflow
- [local] - Shadow Stream Recorder 3.0.1.7 Buffer Overflow
- [webapps] - vtiger CRM 5.1.0 Local File Inclusion
- [dos] - SumatraPDF v2.0.1 .chm and .mobi Memory Corruption
- [webapps] - Havalite CMS v1.0.4 Multiple Vulnerabilities
- [webapps] - ExponentCMS 2.0.5 Multiple Vulnerabilities
- [dos] - Mobipocket Reader 6.2 Build 608 Buffer Overflow
- [webapps] - WebCalendar
- [dos] - BeyondCHM 1.1 Buffer Overflow
- [dos] - .NET Framework EncoderParameter Integer Overflow Vulnerability
- [webapps] - PHP Ticket System Beta 1 (index.php p parameter) SQL Injection
- [remote] - RuggedCom Devices Backdoor Access
- BigAnt Server
- Snort < 2.8.5 Unified1 Output Denial of Service Exploit
- Loggix Project
- ProdLer
- CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
- cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit
- Winplot (.wp2 File) Local Buffer Overflow Exploit
- WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
- Joomla com_jinc (newsid) Blind SQL Injection Vulnerability
- Joomla com_mytube (user_id) Blind SQL Injection Exploit
- BigAnt Server
- Joomla com_mytube (user_id) Blind SQL Injection Exploit
- WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
- Loggix Project
- ProdLer
- Winplot (.wp2 File) Local Buffer Overflow Exploit
- Snort < 2.8.5 Unified1 Output Denial of Service Exploit
- cP Creator 2.7.1 (****** tickets) Remote SQL Injection Exploit
- Joomla com_jinc (newsid) Blind SQL Injection Vulnerability
- CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
- <META HTTP-*****="*******" CONTENT="0; url=http://www.lajmpress.com/reklama/">
- أشكرك يا قرصانا الغالي
- ComicShout 2.5 (index.php comic_id) Remote SQL Injection Vulnerability
- Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities
- Netbutikker
- Weblأ¸sninger
- Alcatel OmniPCX Office 210/061.1 Remote Command Execution Vuln
- Php Jokesite 2.0 (cat_id) Remote SQL Injection Vulnerability
- Netious CMS 0.4 (index.php pageid) SQL Injection Vulnerability
- 6rbScript (news.php newsid) Remote SQL Injection Vulnerability
- MX-System 2.7.3 (index.php page) Remote SQL Injection Vulnerability
- eCMS 0.4.2 (SQL/PB) Multiple Remote Vulnerabilities
- EntertainmentScript (play.php id) Remote SQL Injection Vulnerability
- MercuryBoard
- AlkalinePHP
- microSSys CMS
- PHP AGTC-Membership System
- MeltingIce File System
- GNU/Gallery
- MyPicGallery 1.0 Arbitrary Add-Admin Exploit
- EntertainmentScript 1.4.0 (page.php page) Local File Inclusion Exploit
- IDAutomation Bar Code ActiveX Multiple Remote Vulnerabilities
- Linkspile (link.php cat_id) Remote SQL Injection Vulnerability
- The Real Estate Script (dpage.php docID) SQL Injection Vulnerability
- EMO Realty Manager (news.php ida) SQL Injection Vulnerability
- Meto Forum 1.1 Multiple Remote SQL Injection Vulnerabilities
- CaLogic Calendars 1.2.2 (langsel) Remote SQL Injection Vulnerability
- Web Group Communication Center (WGCC)
- e-107 Plugin zogo-shop 1.16 Beta 13 SQL Injection Vulnerability
- e107 Plugin BLOG Engine 2.2 (rid) Blind SQL Injection Vulnerability
- EQDKP 1.3.2f (user_id) Authentication Bypass (PoC)
- Open Office.org 2.31 swriter Local Code Execution Exploit
- Joomla Component com_datsogallery 1.6 Blind SQL Injection Exploit
- Ktools PhotoStore
- Ktools PhotoStore 3.4.3 (gallery.php gid) SQL Injection Vulnerability
- txtCMS 0.3 (index.php) Local File Inclusion Exploit
- Phoenix View CMS
- HispaH Model Search (cat.php cat) Remote SQL Injection Vulnerability
- SazCart
- Admidio 1.4.8 (getfile.php) Remote File Disclosure Vulnerability
- Advanced Links Management (ALM) 1.52 SQL Injection Vulnerability
- Secure File Delete Wizard
- Registry Pro (epRegPro.ocx) Remote Insecure Methods Exploit
- EvansFTP (EvansFTP.ocx) Remote Insecure Methods Exploit
- aaxRegistry (aaxRegistry.ocx) Remote Registry Deletion Exploit
- Univeral HTTP Image/File Upload ActiveX Remote File Deletion Exploit
- miniBloggie 1.0 (del.php) Arbitrary Delete Post Vulnerability
- Cyberfolio 7.12 (rep) Remote File Inclusion Vulnerability
- SazCart 1.5.1 Multiple Remote File Inclusion Vulnerabilities
- vShare Youtube Clone 2.6 (tid) Remote SQL Injection Vulnerability
- Shader TV (Beta) Multiple Remote SQL Injection Vulnerabilities
- TFTP Server for Windows 1.4 ST Remote BSS Overflow Exploit
- RunCMS
- rdesktop 1.5.0 iso_recv_msg() Integer Underflow Vulnerability PoC
- Musicbox
- ezContents CMS 2.0.0 Multiple Remote SQL Injection Vulnerabilities
- CMS Faethon 2.2 Ultimate (RFI/XSS) Multiple Remote Vulnerabilies
- OneCMS 2.5 Remote Blind SQL Injection Exploit
- PostcardMentor (step1.asp cat_fldAuto) SQL Injection Vulnerability
- gameCMS Lite 1.0 (index.php systemId) SQL Injection Vulnerability
- Galleristic 1.0 (index.php cat) Remote SQL Injection Exploit
- fipsCMS (print.asp lg) Remote SQL Injection Vulnerability
- PHPEasyData 1.5.4 (cat_id) Remote SQL Injection Vulnerability
- Pre Shopping Mall 1.1 (search.php search) SQL Injection Vulnerability
- Musicbox
- ezContents CMS 2.0.0 Multiple Remote SQL Injection Vulnerabilities
- CMS Faethon 2.2 Ultimate (RFI/XSS) Multiple Remote Vulnerabilies
- OneCMS 2.5 Remote Blind SQL Injection Exploit
- PostcardMentor (step1.asp cat_fldAuto) SQL Injection Vulnerability
- gameCMS Lite 1.0 (index.php systemId) SQL Injection Vulnerability
- Galleristic 1.0 (index.php cat) Remote SQL Injection Exploit
- fipsCMS (print.asp lg) Remote SQL Injection Vulnerability
- PHPEasyData 1.5.4 (cat_id) Remote SQL Injection Vulnerability
- Pre Shopping Mall 1.1 (search.php search) SQL Injection Vulnerability
- ItCMS 1.9 (boxpop.php) Remote Code Execution Vulnerability
- Open Auto Classifieds 1.4.3b Remote SQL Injection Vulnerabilities
- Microsoft Works 7 WkImgSrv.dll ActiveX Remote BOF Exploit
- vlBook 1.21 (XSS/LFI) Multiple Remote Vulnerabilities
- ActualAnalyzer Lite (free) 2.78 Local File Inclusion Vulnerability
- Joomla Component Webhosting (catid) Blind SQL Injection Exploit
- interact 2.4.1 Multiple Remote File Inclusion Vulnerabilities
- Harris WapChat v.1 Multiple Remote File Inclusion Vulnerabilities
- OxYProject 0.85 (edithistory.php) Remote Code Execution Vulnerability
- Project Based Calendaring System (PBCS) 0.7.1 Multiple Vulnerabilities
- LokiCMS
- SugarCRM Community Edition 4.5.1/5.0.0 File Disclosure Vulnerability
- Joovili 3.1 (browse.videos.php category) SQL Injection Vulnerability
- VLC 0.8.6d httpd_FileCallBack Remote Format String Exploit
- MS Windows XP SP2 (win32k.sys) Privilege Escalation Exploit (MS08-025)
- Softbiz Web Host Directory Script (host_id) SQL Injection Vulnerability
- Kantaris 0.3.4 SSA Subtitle Local Buffer Overflow Exploit
- Joomla Component Joomla-Visites 1.1 RC2 RFI Vulnerability
- WatchFire Appscan 7.0 ActiveX Multiple Insecure Methods Exploit
- PostNuke Module PostSchedule (eid) SQL Injection Vulnerability
- miniBB 2.2 (CSS/SQL/FPD) Multiple Remote Vulnerabilities
- Joomla Component JPad 1.0 SQL Injection Vulnerability (postauth)
- Joomla Community Builder
- YouTube Clone Script (spages.php) Remote Code Execution Exploit
- Zune Software ActiveX Arbitrary File Overwrite Exploit
- Joomla Component Filiale 1.0.4 (idFiliale) SQL Injection Vulnerability
- E RESERV 2.1 (index.php ID_loc) SQL Injection Vulnerability
- Wordpress Plugin Spreadsheet
- Web Calendar
- Joomla Component FlippingBook 1.0.4 SQL Injection Vulnerability
- DivX Player 6.7 SRT File Subtitle Parsing Buffer Overflow Exploit
- RX Maxsoft (popup_img.php fotoID) Remote SQL Injection Vulnerability
- LightNEasy 1.2 (no database) Remote Hash Retrieve Exploit
- Alsaplayer < 0.99.80-rc3 Vorbis Input Local Buffer Overflow Exploit
- Ksemail (index.php language) Local File Inclusion Vulnerability
- LiveCart
- RX Maxsoft (popup_img.php fotoID) Remote SQL Injection Vulnerability
- LightNEasy 1.2 (no database) Remote Hash Retrieve Exploit
- Alsaplayer < 0.99.80-rc3 Vorbis Input Local Buffer Overflow Exploit
- Ksemail (index.php language) Local File Inclusion Vulnerability
- LiveCart
- KnowledgeQuest 2.6 SQL Injection Vulnerabilities
- Free Photo Gallery Site Script (path) File Disclosure Vulnerability
- KnowledgeQuest 2.5 Arbitrary Add Admin Exploit
- phpBB Add-on Fishing Cat Portal Remote File Inclusion Exploit
- IBiz E-Banking Integrator V2 ActiveX Edition Insecure Method Exploit
- Koobi 4.4/5.4 gallery Remote SQL Injection Vulnerability
- Koobi Pro 6.25 gallery Remote SQL Injection Vulnerability
- Koobi Pro 6.25 shop Remote SQL Injection Vulnerability
- Phaos R4000 Version (file) Remote File Disclosure Vulnerability
- Koobi Pro 6.25 showimages Remote SQL Injection Vulnerability
- KnowledgeQuest 2.6 SQL Injection Vulnerabilities
- Phaos R4000 Version (file) Remote File Disclosure Vulnerability
- Free Photo Gallery Site Script (path) File Disclosure Vulnerability
- KnowledgeQuest 2.5 Arbitrary Add Admin Exploit
- phpBB Add-on Fishing Cat Portal Remote File Inclusion Exploit
- IBiz E-Banking Integrator V2 ActiveX Edition Insecure Method Exploit
- Koobi 4.4/5.4 gallery Remote SQL Injection Vulnerability
- Koobi Pro 6.25 gallery Remote SQL Injection Vulnerability
- Koobi Pro 6.25 shop Remote SQL Injection Vulnerability
- Koobi Pro 6.25 showimages Remote SQL Injection Vulnerability
- Prozilla Topsites 1.0 Arbitrary Edit/Add Users Vulnerability
- Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability
- Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit
- Prozilla Forum Service (forum.php forum) SQL Injection Vulnerability
- Prozilla Top 100 v1.2 Arbitrary Delete Stats Vulnerability
- Site Sift Listings (id) Remote SQL Injection Vulnerability
- Blog PixelMotion (index.php categorie) SQL Injection Vulnerability
- Blog PixelMotion (modif_config.php) Remote File Upload Vulnerability
- Blog PixelMotion (sauvBase.php) Arbitrary Database Backup Vulnerability
- Prozilla Cheat Script 2.0 (id) Remote SQL Injection Vulnerability
- Prozilla Cheat Script 2.0 (id) Remote SQL Injection Vulnerability
- Prozilla Topsites 1.0 Arbitrary Edit/Add Users Vulnerability
- Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability
- Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit
- Prozilla Forum Service (forum.php forum) SQL Injection Vulnerability
- Prozilla Top 100 v1.2 Arbitrary Delete Stats Vulnerability
- Site Sift Listings (id) Remote SQL Injection Vulnerability
- Blog PixelMotion (index.php categorie) SQL Injection Vulnerability
- Blog PixelMotion (modif_config.php) Remote File Upload Vulnerability
- Blog PixelMotion (sauvBase.php) Arbitrary Database Backup Vulnerability
- Prozilla Cheat Script 2.0 (id) Remote SQL Injection Vulnerability
- Prozilla Topsites 1.0 Arbitrary Edit/Add Users Vulnerability
- Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability
- Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit
- Prozilla Forum Service (forum.php forum) SQL Injection Vulnerability
- Prozilla Top 100 v1.2 Arbitrary Delete Stats Vulnerability
- Site Sift Listings (id) Remote SQL Injection Vulnerability