- [webapps] - Scripts Genie Domain Trader (catalog.php, id param) - SQL Injection Vulne
- [webapps] - Hiverr v2.2 - Multiple Vulnerabilities
- [webapps] - OpenEMR 4.1.1 (ofc_upload_image.php) Arbitrary File Upload Vulnerability
- [webapps] - Cometchat - Multiple Vulnerabilities
- [webapps] - chillyCMS 1.3.0 - Multiple Vulnerabilities
- [webapps] - Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities
- [webapps] - TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities
- [local] - Photodex ProShow Producer v5.0.3297 (.pxs) Memory Corruption Exploit
- [remote] - Foxit Reader Plugin URL Processing Buffer Overflow
- [papers] - A Short Guide on ARM Exploitation
- [remote] - Polycom HDX Telnet Authorization Bypass
- [remote] - Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009)
- [webapps] - Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability
- [webapps] - Transferable Remote v1.1 iPad iPhone - Multiple Vulnerabilities
- [webapps] - OpenPLI v3.0 beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabi
- [webapps] - Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities
- [webapps] - Raidsonic IB-NAS5220 and IB-NAS4220-B - Multiple Vulnerabilities
- [webapps] - Ultra Light Forum Persistant XSS Vulnerability
- [remote] - VMWare OVF Tools Format String Vulnerability
- [remote] - Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution
- [remote] - FreeFloat FTP 1.0 Raw Commands Buffer Overflow
- [dos] - cURL Buffer Overflow Vulnerability
- [dos] - Google Chrome Silent HTTP Authentication
- [dos] - MS13-005 HWND_BROADCAST PoC
- [papers] - Manipulating Memory for Fun & Profit
- [webapps] - IP.Gallery 4.2.x and 5.0.x Persistent XSS Vulnerability
- [webapps] - IRIS Citations Management Tool (post auth) Remote Command Execution
- [webapps] - TP-LINK Admin Panel Multiple CSRF Vulnerabilities
- [webapps] - Air Disk Wireless 1.9 iPad iPhone - Multiple Vulnerabilities
- [webapps] - D-Link DIR-615 rev H - Multiple Vulnerabilities
- [webapps] - Linksys WAG200G - Multiple Vulnerabilities
- [webapps] - Linksys E1500/E2500 - Multiple Vulnerabilities
- [webapps] - Linksys WRT160N - Multiple Vulnerabilities
- [dos] - Schneider Electric Accutech Manager Heap Overflow PoC
- [webapps] - Netgear DGN1000B - Multiple Vulnerabilities
- [webapps] - WirelessFiles v1.1 iPad iPhone - Multiple Vulnerabilities
- [webapps] - CubeCart 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability
- [remote] - ActFax 5.01 RAW Server Exploit
- [dos] - Cool PDF Reader 3.0.2.256 Buffer Overflow
- [remote] - VMWare OVF Tools Format String Vulnerability
- [webapps] - Simple Machine Forum 2.0.x < 2.0.4 File Disclosure/Path Traversal
- [dos] - Linux Kernel /dev/ptmx Key Stroke Timing Local Disclosure
- [local] - Oracle Automated Service Manager 1.3 Installation Local Privilege Escalatio
- [webapps] - Free Monthly Websites v2.0 Multiple Vulnerabilities
- [webapps] - D-Link DIR-600 and DIR-300 (rev B) Multiple Vulnerabilities
- [webapps] - AdaptCMS 2.0.4 (config.php, question parameter) SQL Injection Vulnerabili
- [remote] - Portable UPnP SDK unique_service_name() Remote Code Execution
- [webapps] - ArrowChat 1.5.61 Multiple Vulnerabilities
- [webapps] - Glossword 1.8.3 SQL Injection Vulnerability
- [webapps] - Glossword 1.8.12 Multiple Vulnerabilities
- [dos] - FreeBSD 9.1 ftpd Remote Denial of Service
- [webapps] - Cisco Unity Express Multiple Vulnerabilities
- [papers] - [Hebrew] Digital Whisper Security Magazine #39
- [remote] - DataLife Engine preview.php PHP Code Injection
- [webapps] - D-Link DCS Cameras - Multiple Vulnerabilities
- [webapps] - Buffalo TeraStation TS-Series - Multiple Vulnerabilities
- [webapps] - Netgear SPH200D Multiple Vulnerabilities
- [webapps] - Wordpress RLSWordPressSearch plugin SQL Injection
- [webapps] - DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability
- [dos] - Apple Quick Time Player (Windows) Version 7.7.3 Out of Bound Read
- [remote] - Ruby on Rails JSON Processor YAML Deserialization Code Execution
- [webapps] - Fortinet FortiMail 400 IBE Multiple Vulnerabilities
- [webapps] - Kohana Framework v2.3.3 Directory Traversal Vulnerability
- [webapps] - PFsense UTM Platform 2.0.1 XSS Vulnerability
- [webapps] - PHP Weby Directory Software 1.2 Multiple Vulnerabilities
- [remote] - SQLiteManager 1.2.4 Remote PHP Code Injection Vulnerability
- [local] - Windows Manage Memory Payload Injection
- [webapps] - WordPress SolveMedia 1.1.0 CSRF Vulnerability
- [webapps] - ImageCMS 4.0.0b Multiple Vulnerabilities
- [shellcode] - Allwin URLDownloadToFile + WinExec + ExitProcess Shellcode
- [remote] - Novell eDirectory 8 Buffer Overflow
- [remote] - SonicWALL GMS 6 Arbitrary File Upload
- [remote] - Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
- [remote] - Java Applet Method Handle Remote Code Execution
- [remote] - ZoneMinder Video Server packageControl Command Execution
- [remote] - Java Applet AverageRangeStatisticImpl Remote Code Execution
- [dos] - Aloaha PDF Crypter (3.5.0.1164) ActiveX Arbitrary File Overwrite
- [webapps] - NConf 1.3 (detail.php detail_admin_items.php, id parameter) SQL Injection
- [webapps] - Wordpress Developer Formatter CSRF Vulnerability
- [webapps] - Adult Webmaster Script Password Disclosure Vulnerability
- [remote] - PHP-Charts v1.0 PHP Code Execution Vulnerability
- [remote] - Jenkins Script-Console Java Execution
- [local] - Aloaha Credential Provider Monitor 5.0.226 Local Privilege Escalation Vulne
- [webapps] - Wordpress plugin Ripe HD FLV Player SQL Injection Vulnerability
- [webapps] - Joomla com_collector Component Arbitrary File Upload Vulnerability
- [local] - NVidia Display Driver Service (Nsvr) Exploit
- [remote] - Jenkins CI Script Console Command Execution MSF Module
- [dos] - Novell NCP Pre-Auth Remote Root Exploit
- [webapps] - Linksys WRT54GL Firmware 4.30.15 build 2 Multiple Vulnerabilities
- [webapps] - php-Charts Arbitrary PHP Code Execution Vulnerability
- [webapps] - Invision Gallery SQL Injection Vulnerability
- [remote] - Nagios3 history.cgi Host Command Execution
- [webapps] - Oracle Application Framework Diagnostic Mode Bypass Vulnerability
- [webapps] - Cydia Repo Manager CSRF Vulnerability
- [papers] - Detecting System Intrusions
- [webapps] - CMS snews SQL Injection Vulnerability
- [remote] - Freesshd Authentication Bypass
- [papers] - [Turkish] Pen-Tester's Guide for Metasploit Framework
- [dos] - Serva v2.0.0 HTTP Server GET Remote Denial of Service Vulnerability
- [dos] - Serva v2.0.0 DNS Server QueryName Remote Denial of Service Vulnerability
- [papers] - DOMSDAY - Analyzing a Dom-Based XSS in Yahoo!
- [webapps] - CMS phpshop 2.0 SQL Injection Vulnerability
- [webapps] - phlyLabs phlyMail Lite 4.03.04 (go param) Open Redirect Vulnerability
- [webapps] - phlyLabs phlyMail Lite 4.03.04 Path Disclosure and Stored XSS Vulnerabili
- [papers] - Stack Smashing On A Modern Linux System
- [remote] - Nagios history.cgi Remote Command Execution Vulnerability
- [webapps] - phpliteadmin
- [remote] - Java Applet JMX Remote Code Execution
- [remote] - eXtplorer v2.1 Arbitrary File Upload Vulnerability
- [remote] - Ruby on Rails XML Processor YAML Deserialization Code Execution
- [remote] - Microsoft Internet Explorer Option Element Use-After-Free
- [dos] - Nero MediaHome 4.5.8.0 Denial Of Service Vulnerability
- [remote] - Honeywell Tema Remote Installer ActiveX Remote Code Execution
- [dos] - Colloquy 1.3.5 and 1.3.6 Denial of Service Vulnerability
- [remote] - Internet Explorer 8 Fixed Col Span ID full ASLR & DEP bypass
- [webapps] - WeBid 1.0.6 SQL Injection Vulnerability
- [local] - Inmatrix Ltd. Zoom Player 8.5 Crafted JPEG File Exploit
- [webapps] - Watson Management Console 4.11.2.G Directory Traversal Vulnerability
- [webapps] - Free Blog 1.0 Multiple Vulnerabilities
- [webapps] - Websitebaker Add-on Concert Calendar 2.1.4 Multiple Vulnerabilities
- [papers] - [French] Une simple exploitation de vulnérabilité Format String
- [webapps] - WordPress Plugin Google Document Embedder Arbitrary File Disclosure
- [remote] - IBM Cognos tm1admsd.exe Overflow Vulnerability
- [webapps] - Advantech WebAccess HMI/SCADA Software Persistence XSS Vulnerability
- [webapps] - E SMS Script Multiple SQL Injection Vulnerabilities
- [dos] - Ettercap
- [dos] - Foxit Reader
- [webapps] - Nexpose Security Console CSRF Vulnerability
- [dos] - FoxPlayer v2.9.0 Denial of Service Vulnerability
- [papers] - [Spanish] Hashcat Manual de Usuario
- [webapps] - pfSense 2.0.1 XSS / CSRF / Remote Command Execution
- [remote] - Enterasys NetSight nssyslogd.exe Buffer Overflow
- [webapps] - MyBB Profile Wii Friend Code Multiple Vulnerabilities
- [webapps] - Simple Webserver 2.3-rc1 Directory Traversal
- [webapps] - SelectSurvey CMS (ASP.NET) Arbitrary File Upload
- [webapps] - Invision Power Services Invision Gallery 1.0.1 Multiple SQL Injection Vul
- [remote] - WordPress Plugin Advanced Custom Fields Remote File Inclusion
- [remote] - Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Access
- [webapps] - MyBB (editpost.php, posthash) SQL Injection Vulnerability
- [papers] - Analyzing Near Field Communication (NFC) Security
- [remote] - Microsoft Internet Explorer CButton Object Use-After-Free Vulnerability
- [papers] - [Hebrew] Digital Whisper Security Magazine #38
- [dos] - Astium VoIP PBX
- [webapps] - e107 v1.0.2 CSRF Resulting in SQL Injection
- [webapps] - e107 v1.0.1 CSRF Resulting in Arbitrary Javascript Execution
- [webapps] - Astium VoIP PBX
- [webapps] - MyBB Profile Skype ID Plugin 1.0 Privilege Escalation Vulnerability
- [papers] - [Turkish] Introduction to ARM Exploiting on Linux
- [local] - BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (MSF)
- [dos] - Grep < 2.11 Integer Overflow Crash PoC
- [remote] - IBM Lotus iNotes dwa85W ActiveX Buffer Overflow
- [remote] - Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free Vulnerabili
- [remote] - IBM Lotus QuickR qp2 ActiveX Buffer Overflow
- [remote] - Ubiquiti AirOS
- [remote] - RealPlayer RealMedia File Handling Buffer Overflow
- [shellcode] - Linux/x86 Remote Port Forwarding Shellcode 87 bytes
- [webapps] - MyBB HM My Country Flags SQL Injection
- [webapps] - Guru Auction 2.0 Multiple SQL Injection Vulnerabilities
- [remote] - Microsoft SQL Server Database Link Crawling Command Execution
- [remote] - IBM Lotus Notes Client URL Handler Command Injection
- [remote] - WordPress WP-Property PHP File Upload Vulnerability
- [remote] - WordPress Asset-Manager PHP File Upload Vulnerability
- [webapps] - City Directory Review and Rating Script (search.php) SQL Injection Vulner
- [webapps] - MyBB AwayList Plugin (index.php, id parameter) SQL Injection Vulnerabilit
- [remote] - Netwin SurgeFTP Remote Command Execution
- [remote] - Foswiki MAKETEXT Remote Command Execution
- [remote] - TWiki MAKETEXT Remote Command Execution
- [papers] - [French] - DNS Phishing Paper and DNS Phishing Redirector
- [webapps] - Banana Dance B.2.6 Multiple Vulnerabilities
- [webapps] - Elite Bulletin Board 2.1.21 Multiple SQL Injection Vulnerabilities
- [webapps] - YeaLink IP Phone SIP-TxxP firmware
- [dos] - Sony PC Companion 2.1 (Load()) Stack-based Unicode Buffer Overflow
- [dos] - Sony PC Companion 2.1 (DownloadURLToFile()) Stack-based Unicode Buffer Overfl
- [dos] - Sony PC Companion 2.1 (CheckCompatibility()) Stack-based Unicode Buffer Overf
- [papers] - In-Memory Fuzzing with Java
- [dos] - Sony PC Companion 2.1 (Admin_RemoveDirectory()) Stack-based Unicode Buffer Ov
- [dos] - Microsoft Internet Explorer 9.x
- [dos] - IDA Pro 6.3 Crash PoC
- [dos] - gdb (GNU debugger)
- [remote] - NetWin SurgeFTP Authenticated Admin Command Injection
- [remote] - InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow
- [dos] - Adobe Flash Player 11,5,502,135 Crash PoC
- [webapps] - Free hosting manager v2.0.2 Stored XSS
- [dos] - DIMIN Viewer 5.4.0 GIF Decode Crash PoC
- [webapps] - SonicWall SonicOS 5.8.1.8 WAF XSS Vulnerability
- [webapps] - Enterpriser16 Load Balancer v7.1 Multiple XSS Vulnerabilities
- [webapps] - Clockstone and other CMSMasters Theme File Upload Vulnerabilities
- [webapps] - MyTube MyBB Plugin 1.0 Stored XSS
- [remote] - Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property
- [webapps] - phpwcms
- [webapps] - MyBB User Profile Skype ID Plugin 1.0 Stored XSS
- [webapps] - Social Sites MyBB Plugin 0.2.2 Cross Site Scripting
- [webapps] - MyBB AJAX Chat Persistent XSS Vulnerability
- [papers] - Ideas of advanced runtime Encryption of .NET Executables
- [webapps] - Facebook Profile MyBB Plugin 2.4 Persistant XSS
- [remote] - PostgreSQL for Linux Payload Execution
- [webapps] - MyBB DyMy User Agent Plugin (newreply.php) SQL Injection Vulnerability
- [webapps] - Portable phpMyAdmin Wordpress Plugin Authentication Bypass
- [dos] - Cisco Wireless Lan Controller 7.2.110.0 Multiple Vulnerabilities
- [webapps] - Centreon Enterprise Server 2.3.3-2.3.9-4 Blind SQL Injection Exploit
- [webapps] - MyYoutube MyBB Plugin 1.0 SQL Injection
- [webapps] - TipsOfTheDay MyBB Plugin Multiple Vulnerabilities
- [remote] - Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability
- [webapps] - Axway Secure Transport 5.1 SP2 Path Traversal Vulnerability
- [remote] - Microsoft Internet Explorer 6-10 Mouse Tracking
- [remote] - HP Data Protector DtbClsLogin Buffer Overflow
- [webapps] - MyBB Bank-v3 Plugin SQL Injection
- [dos] - IrfanView 4.33 IMXCF.DLL Plugin Code Execution
- [webapps] - Joomla JooProperty 1.13.0 Multiple Vulnerabilities
- [webapps] - MyBB Profile Blogs Plugin 1.2 Multiple Vulnerabilities
- [dos] - DIMIN Viewer 5.4.0 Crash PoC
- [dos] - FreeVimager 4.1.0 Crash PoC
- [papers] - Reversing & Malware Analysis Training Presentations
- [papers] - Reversing & Malware Analysis Training Articles
- [local] - Centrify Deployment Manager v2.1.0.283 Local Root
- [webapps] - ClipBucket 2.6 Revision 738 Multiple SQL Injection Vulnerabilities
- [webapps] - Achievo 1.4.5 Multiple Vulnerabilities
- [dos] - TVMOBiLi 2.1.0.3557 Denial of Service Vulnerability
- [remote] - Splunk 5.0 Custom App Remote Code Execution
- [remote] - Maxthon3 about:history XCS Trusted Zone Code Execution
- [remote] - FreeFloat FTP Server Arbitrary File Upload
- [dos] - Sumatra 2.1.1/MuPDF 1.0 Integer Overflow
- [remote] - Free Float FTP Server USER Command Buffer Overflow
- [remote] - Nagios XI Network Monitor Graph Explorer Component Command Injection
- [webapps] - MyBB KingChat Plugin Persistent XSS
- [dos] - Android Kernel 2.6 Local DoS Crash PoC
- [webapps] - Cisco DPC2420 Multiples Vulnerabilities
- [webapps] - Advantech Studio v7.0 SCADA/HMI Directory Traversal 0-day
- [dos] - VLC Media Player 2.0.4 Crash PoC
- [remote] - IBM System Director Agent DLL Injection
- [webapps] - m0n0wall 1.33 Multiple CSRF Vulnerabilities
- [dos] - NVIDIA Install Application 2.1002.85.551 (NVI2.dll) Unicode Buffer Overflow P
- [remote] - Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution
- [remote] - Oracle MySQL for Microsoft Windows MOF Execution
- [webapps] - Kordil EDMS v2.2.60rc3 SQL Injection Vulnerability
- [remote] - Ektron 8.02 XSLT Transform Remote Code Execution
- [remote] - Tectia SSH USERAUTH Change Request Password Reset Vulnerability
- [webapps] - MyBB AwayList Plugin SQL Injection
- [webapps] - SchoolCMS Persistent XSS
- [webapps] - myBB KingChat Plugin SQL Injection
- [dos] - Opera Web Browser 12.11 Crash PoC
- [papers] - CVE-2012-5076 Technical Analysis Report
- [webapps] - Symantec Messaging Gateway 9.5.3-3 CSRF Vulnerability
- [webapps] - Symantec Messaging Gateway 9.5.3-3 Arbitrary File Download
- [webapps] - FirePass SSL VPN Unauthenticated Local File Inclusion
- [remote] - MySQL Remote Preauth User Enumeration Zeroday
- [remote] - FreeSSHD Remote Authentication Bypass Zeroday Exploit
- [remote] - MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day
- [remote] - SSH.com Communications SSH Tectia Authentication Bypass Remote Zeroday Exp
- [remote] - MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)