Tel: 888.235.1906
info@emagined.com
KNOWLEDGEBASE SECURITY DASHBOARD PARTNERS PRODUCTS SERVICES COMPANY HOME
1092 Milw0rm Security Exploits Published
 Forest Blog 1.3.2 (blog.mdb) Remote Database Disclosure Vulnerability2008-12-15
 BabbleBoard 1.1.6 (username) CSRF/Cookie Grabber Exploit2008-12-15
 FLDS 1.2a (lpro.php id) Remote SQL Injection Vulnerability2008-12-15
 eZ Publish < 3.9.5/3.10.1/4.0.1 (token) Privilege Escalation Exploit2008-12-15
 CodeAvalanche RateMySite (CARateMySite.mdb) Database Disclosure2008-12-15
 CodeAvalanche Articles (CAArticles.mdb) Database Disclosure Vuln2008-12-15
 CodeAvalanche FreeWallpaper Remote Database Disclosure Vulnerability2008-12-15
 CodeAvalanche FreeForAll (CAFFAPage.mdb) Database Disclosure Vuln2008-12-15
 CodeAvalanche Directory (CADirectory.mdb) Database Disclosure Vuln2008-12-15
 Amaya Web Browser 10.0.1/10.1-pre5 (html tag) Buffer Overflow PoC2008-12-15
 Mediatheka 4.2 Remote Blind SQL Injection Expoit2008-12-15
 The Rat Cms Alpha 2 (Auth Bypass) SQL Injection Vulnerability2008-12-15
 FLDS 1.2a (redir.php id) Remote SQL Injection Vulnerability 2008-12-14
 ProSysInfo TFTP server TFTPDWIN <= 0.4.2 Univ. Remote BOF Exploit2008-12-14
 PHP Weather 2.2.2 (LFI/XSS) Multiple Remote Vulnerabilities2008-12-14
 FreeForum (CAForum.mdb) Database Disclosure Vulnerability2008-12-14
 iyzi Forum 1.0b3 (iyziforum.mdb) Database Disclosure Vulnerability2008-12-14
 AutositePHP 2.0.3 (LFI/CSRF/Edit File) Multiple Remote Vulnerabilities2008-12-14
 ASP-DEV Internal E-Mail System (Auth Bypass) SQL Injection Vuln2008-12-14
 ASPired2Quote (quote.mdb) Remote Database Disclosure Vulnerability2008-12-14
 Discussion Web v4 Remote Database Disclosure Vulnerability2008-12-14
 Simple Text-File Login script 1.0.6 (DD/RFI) Multiple Vulnerabilities2008-12-14
 Flatnux html/javascript Injection Cookie Grabber Exploit2008-12-14
 EvansFTP (EvansFTP.ocx) Remote Buffer Overflow PoC2008-12-14
 CFAGCMS v1 Remote File Inclusion Vulnerabilities2008-12-14
 Médiathéka 4.2 (index.php lang) Local File Inclusion Vulnerability2008-12-14
 Availscript Classmate Script Remote File Upload Vulnerability2008-12-14
 Availscript Article Script Remote File Upload Vulnerability2008-12-14
 The Rat Cms Alpha 2 (download.php) Remote Vulnerability2008-12-14
 Linux Kernel 2.6.27.7-generic - 2.6.18 - 2.6.24-1 Local DoS Exploit2008-12-14
 IsWeb CMS 3.0 (SQL/XSS) Multiple Remote Vulnerabilities2008-12-14
 ASPSiteWare RealtyListing V1/V2 SQL Injection Vulnerabilities2008-12-14
 ASPSiteWare Automotive Dealer V1/V2 SQL Injection Vulnerability2008-12-14
 ASPSiteWare Home Builder 1.0/2.0 SQL Injection Vulnerability2008-12-14
 Social Groupie (group_index.php id) Remote SQL Injection Vulnerability2008-12-12
 Xpoze 4.10 (home.html menu) Blind SQL Injection Vulnerability2008-12-12
 MS Visual Basic ActiveX Controls mscomct2.ocx Buffer Overflow PoC2008-12-12
 SUMON <= 0.7.0 (chg.php host) Command Execution Vulnerability2008-12-12
 ASP-CMS 1.0 (index.asp cha) SQL Injection Vulnerability2008-12-12
 The Net Guys ASPired2Protect Database Disclosure Vulnerability2008-12-12
 The Net Guys ASPired2Blog (SQL/DD) Multiple Remote Vulnerabilities2008-12-12
 Social Groupie (create_album.php) Remote File Upload Vulnerability2008-12-12
 Wysi Wiki Wyg 1.0 Remote Password Retrieve Exploit2008-12-12
 Moodle 1.9.3 Remote Code Execution Vulnerability2008-12-12
 Joomla Live Chat (SQL/Proxy) Multiple Remote Vulnerabilities2008-12-12
 ColdFusion Scripts Red_Reservations Database Disclosure Vulnerability2008-12-12
 Umer Inc Songs Portal Script (id) SQL Injection Vulnerability2008-12-12
 VP-ASP Shopping Cart 6.50 Database Disclosure Vulnerability2008-12-12
 TmaxSoft JEUS Alternate Data Streams File Disclosure Vulnerability2008-12-12
 eZ Publish 3.9.0/3.9.5/3.10.1 Command Execution Exploit (admin req)2008-12-11
 MyCal Personal Events Calendar (mycal.mdb) Database Disclosure Vuln2008-12-11
 evCal Events Calendar Database Disclosure Vulnerability2008-12-11
 PhpAddEdit 1.3 (Cookie) Login Bypass Vulnerability2008-12-11
 Banner Exchange Java (Auth Bypass) SQL Injection Vulnerability2008-12-11
 Ad Management Java (Auth Bypass) SQL Injection Vulnerability2008-12-11
 Affiliate Software Java 4.0 (Auth Bypass) SQL Injection Vulnerability2008-12-11
 Feed Cms 1.07.03.19b (lang) Local File Inclusion Vulnerability2008-12-11
 PHP Support Tickets 2.2 Remote File Upload Vulnerability2008-12-11
 The Net Guys ASPired2Poll Remote Database Disclosure Vulnerability2008-12-11
 Linux Kernel <= 2.6.27.8 ATMSVC Local Denial of Service Exploit2008-12-10
 HTMPL 1.11 (htmpl_admin.cgi help) Command Execution Vulnerability2008-12-10
 MS Internet Explorer XML Parsing Remote Buffer Overflow Exploit2008-12-10
 Pro Chat Rooms 3.0.2 (XSS/CSRF) Multiple Vulnerabilities2008-12-10
 Living Local 1.1 (XSS-RFU) Multiple Remote Vulnerabilities2008-12-10
 Webmaster Marketplace (member.php u) SQL Injection Vulnerability2008-12-10
 eZ Publish < 3.9.5/3.10.1/4.0.1 Privilege Escalation Exploit2008-12-10
 MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista)2008-12-10
 CF_Forum Blind SQL Injection Vulnerability2008-12-10
 CFMBLOG (index.cfm categorynbr) Blind SQL Injection Vulnerability2008-12-10
 CF_Auction (forummessage) Blind SQL Injection Vulnerability2008-12-10
 CF_Calendar (calendarevent.cfm) Remote SQL Injection Vulnerabilty2008-12-10
 CF SHOPKART 5.2.2 (SQL/DD) Multiple Remote Vulnerabilities2008-12-10
 Butterfly Organizer 2.0.1 (view.php id) SQL Injection Vulnerability2008-12-10
 phpAddEdit 1.3 (editform) Local File Inclusion Vulnerability2008-12-10
 PHPmyGallery 1.0beta2 (RFI/LFI) Multiple Remote Vulnerabilities2008-12-09
 Poll Pro 2.0 (Auth Bypass) Remote SQL Injection Vulnerability2008-12-09
 Professional Download Assistant 0.1 (Auth Bypass) SQL Injection Vuln2008-12-09
 PHP safe_mode can be bypassed via proc_open() and custom environment2008-12-09
 Peel Shopping 3.1 (index.php rubid) SQL Injection Vulnerability2008-12-09
 PHP Multiple Newsletters 2.7 (LFI/XSS) Multiple Vulnerabilities2008-12-09
 PHPmyGallery 1.5beta (common-tpl-vars.php) LFI/RFI Vulnerabilities2008-12-09
 PostEcards (SQL/DD) Multiple Remote Vulnerabilities2008-12-09
 ProQuiz 1.0 (Auth Bypass) SQL Injection Vulnerability2008-12-09
 Netref 4.0 Multiple Remote SQL Injection Vulnerabilities2008-12-09
 Vinagre < 2.24.2 show_error() Remote Format String PoC2008-12-09
 EasyMail ActiveX (emmailstore.dll 6.5.0.3) Buffer Overflow Exploit2008-12-09
 XOOPS 2.3.1 Multiple Local File Inclusion Vulnerabilities2008-12-08
 MG2 0.5.1 (filename) Remote Code Execution Vulnerability2008-12-08
 XAMPP 1.6.8 (XSRF) Change Administrative Password Exploit2008-12-08
 Simple Directory Listing 2 Cross Site File Upload Vulnerability2008-12-08
 phpMyAdmin 3.1.0 (XSRF) SQL Injection Vulnerability2008-12-08
 SIU Guarani Multiple Remote Vulnerabilities2008-12-08
 phpBB 3 (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit2008-12-08
 Secure Downloads v2.0.0r for vBulletin SQL Injection Vulnerability2008-12-08
 DD-WRT v24-sp1 (XSRF) Cross Site Reference Forgery Exploit2008-12-08
 WebCAF <= 1.4 (LFI/RCE) Multiple Remote Vulnerabilities2008-12-08
 Neostrada Livebox Router Remote Network Down PoC Exploit2008-12-08
 PayPal eStore Admin Password Changing Exploit2008-12-07
 Bonza Cart <= 1.10 Admin Password Changing Exploit2008-12-07
 DL PayCart <= 1.34 Admin Password Changing Exploit2008-12-07
 IPNPro3 <= 1.44 Admin Password Changing Exploit2008-12-07
 ASP Talk (SQL/CSS) Multiple Remote Vulnerabilities2008-12-07
 PHPmyGallery Gold 1.51 (index.php) Directory Traversal Vulnerability2008-12-07
 QMail Mailing List Manager 1.2 Database Disclosure Vulnerability2008-12-07
 Mini-CMS 1.0.1 (index.php) Multiple Local File Inclusion Vulnerabilities2008-12-07
 Mini Blog 1.0.1 (index.php) Multiple Local File Inclusion Vulnerabilities2008-12-07
 ASPManage Banners (RFU/DD) Multiple Remote Vulnerabilities2008-12-07
 Ikon AdManager 2.1 Remote Database Disclosure Vulnerability2008-12-07
 Professional Download Assistant 0.1 Database Disclosure Vulnerability2008-12-07
 NatterChat 1.12 (natterchat112.mdb) Database Disclosure Vulnerability2008-12-07
 w3blabor CMS 3.0.5 Arbitrary File Upload & LFI Exploit2008-12-07
 ASP PORTAL (xportal.mdb) Remote Database Disclosure Vulnerability2008-12-06
 ASP AutoDealer Remote Database Disclosure Vulnerability2008-12-06
 phpPgAdmin <= 4.2.1 (_language) Local File Inclusion Vulnerability2008-12-06
 DesignWorks Professional 4.3.1 Local .CCT File Stack BOF PoC2008-12-06
 PEiD <= 0.92 Malformed PE File Universal Buffer Overflow Exploit2008-12-05
 Multiple Membership Script 2.5 (id) SQL Injection Vulnerability2008-12-05
 Merlix Educate Servert (Bypass/DD) Multiple Remote Vulnerabilities2008-12-05
 NightFall Personal Diary 1.0 (XSS/DD) Multiple Remote Vulnerabilities2008-12-05
 RankEm (auth bypass) Remote SQL Injection Vulnerability2008-12-05
 RankEm (rankup.asp siteID) Remote SQL Injection Vulnerability2008-12-05
 Tizag Countdown Creator .v.3 Insecure Upload Vulnerability2008-12-05
 Cold BBS (cforum.mdb) Remote Database Disclosure Vulnerability2008-12-05
 Merlix Teamworx Server (DD/Bypass) Multiple Remote Vulns2008-12-05
 NULL FTP Server 1.1.0.7 SITE Parameters Command Injection Vuln2008-12-05
 ASP PORTAL Multiple Remote SQL Injection Vulnerabilities2008-12-05
 ASP AutoDealer (SQL/DD) Multiple Remote Vulnerabilities2008-12-05
 ASP Ticker (news.mdb) Remote Database Disclosure Vulnerability2008-12-05
 Visagesoft eXPert PDF EditorX (VSPDFEditorX.ocx) Insecure Method2008-12-05
 Wbstreet v.1.0 (SQL/DD) Multiple Remote Vulnerabilities2008-12-04
 ccTiddly 1.7.4 (cct_base) Multiple Remote File Inclusion Vulnerabilities2008-12-04
 User Engine Lite ASP (users.mdb) Database Disclosure Vulnerability2008-12-04
 Template Creature (SQL/DD) Multiple Remote Vulnerabilities2008-12-04
 Joomla Component mydyngallery 1.4.2 (directory) SQL Injection Vuln2008-12-04
 My Simple Forum 3.0 (index.php action) Local File Inclusion Vulnerability2008-12-04
 lcxbbportal 0.1 Alpha 2 Remote File Inclusion Vulnerability2008-12-04
 Easy News Content Management (News.mdb) Database Disclosure Vuln2008-12-04
 BNCwi <= 1.04 Local File Inclusion Vulnerability2008-12-04
 Gravity GTD <= 0.4.5 (rpc.php objectname) LFI/RCE Vulnerability2008-12-04
 Calendar MX Professional 2.0.0 Blind SQL Injection Vulnerability2008-12-03
 Gallery MX 2.0.0 (pics_pre.asp ID) Blind SQL Injection Vulnerability2008-12-03
 Check New 4.52 (findoffice.php search) Remote SQL Injection Exploit2008-12-03
 Cain & Abel 4.9.23 (rdp file) Buffer overflow Exploit2008-12-03
 Joomla Component com_jmovies 1.1 (id) SQL Injection Exploit2008-12-03
 ClamAV < 0.94.2 (JPG File) Stack Overflow PoC2008-12-03
 RadAsm <= 2.2.1.4 (.RAP File) WindowCallProcA Pointer Hijack Exploit2008-12-03
 Rae Media Contact MS (Auth Bypass) SQL Injection Vulnerability2008-12-03
 ASP User Engine .NET Remote Database Disclosure Vulnerability2008-12-03
 Multi SEO phpBB 1.1.0 (pfad) Remote File Inclusion Vulnerability2008-12-03
 Ocean12 Mailing List Manager Gold (DD/SQL/XSS) Vulnerabilities2008-12-02
 Rapid Classified 3.1 (cldb.mdb) Database Disclosure Vulnerability2008-12-02
 SunByte e-Flower (id) Remote SQL Injection Vulnerability2008-12-02
 CMS MAXSITE Component Guestbook Remote Command Execution Exploit2008-12-02
 Codefixer MailingListPro (MailingList.mdb) Database Disclosure Vuln2008-12-02
 Andy's PHP Knowledgebase 0.92.9 Arbitrary File Upload Vulnerability2008-12-01
 z1exchange 1.0 (edit.php site) Remote SQL Injection Vulnerability2008-12-01
 Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC2008-12-01
 E.Z. Poll v.2 (Auth Bypass) Remote SQL Injection Vulnerability2008-12-01
 Maxum Rumpus 6.0 Multiple Remote Buffer Overflow Vulnerabilities2008-12-01
 bcoos 1.0.13 (viewcat.php cid) Remote SQL Injection Exploit2008-12-01
 ASPPortal 3.2.5 (ASPPortal.mdb) Database Disclosure Vulnreability2008-12-01
 PacPoll 4.0 (poll.mdb/poll97.mdb) Database Disclosure Vulnerability2008-12-01
 KTP Computer Customer Database CMS Blind SQL Injection Vulnerability2008-11-30
 KTP Computer Customer Database CMS Local File Inclusion Vulnerability2008-11-30
 Quick Tree View .NET 3.1 (qtv.mdb) Database Disclosure Vulnerability2008-11-30
 Active Business Directory v 2 Remote blind SQL Injection Vulnerability2008-11-30
 Active Time Billing 3.2 (Auth Bypass) SQL Injection Vulnerability 2008-11-30
 Active Price Comparison v 4 (ProductID) Blind SQL Injection Vulnerability2008-11-30
 Active Photo Gallery 6.2 (Auth Bypass) SQL Injection Vulnerability2008-11-30
 Active Web Helpdesk v 2 (CategoryID) Blind SQL Injection Vulnerability2008-11-30
 Cain & Abel 4.9.23 (rdp file) Buffer Overflow PoC2008-11-30
 Itunes 8.0.2.20/Quicktime 7.5.5 (.mov File) Multiple Off By Overflow PoC2008-11-30
 cpCommerce 1.2.6 (URL Rewrite) Input variable overwrite / Auth bypass PoC2008-11-30
 Electronics Workbench (EWB File) Local Stack Overflow PoC2008-11-30
 Minimal Ablog 0.4 (SQL/FU/Bypass) Multiple Remote Vulnerabilities2008-11-30
 Broadcast Machine 0.1 Multiple Remote File Inclusion Vulnerabilities2008-11-30
 Cain & Abel <= v4.9.24 .RDP Stack Overflow Exploit2008-11-30
 Star Articles 6.0 Remote Blind SQL Injection exploit2008-11-27
 Web Calendar System 3.12/3.30 Multiple Remote Vulnerabilities2008-11-27
 TxtBlog (index.php m) Local File Inclusion Vulnerability2008-11-27
 Ocean12 Calendar Manager Gold Database Disclosure Vulnerability2008-11-27
 Ocean12 Poll Manager Pro Database Disclosure Vulnerability2008-11-27
 Ocean12 Membership Manager Pro Database Disclosure Vulnerability2008-11-27
 Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities2008-11-27
 RakhiSoftware Shopping Cart (subcategory_id) SQL Injection Vulnerability2008-11-27
 i.Scribe SMTP Client <= 2.00b (wscanf) Remote Format String PoC2008-11-27
 Family Project 2.x (Auth Bypass) SQL Injection Vulnerability2008-11-27
 WebStudio CMS (pageid) Remote Blind SQL Injection Vuln (mil mixup)2008-11-26
 Post Affiliate Pro v.3 (umprof_status) Blind SQL Injection Vulnerability2008-11-26
 CMS Ortus <= 1.13 Remote SQL Injection Vulnerability2008-11-26
 Star Articles 6.0 Remote Blind SQL Injection Vulnerability2008-11-26
 ParsBlogger (blog.asp wr) Remote SQL Injection Vulnerability2008-11-26
 FAQ Manager 1.2 (categorie.php cat_id) SQL Injection Vulnerability2008-11-25
 WebStudio eCatalogue (pageid) Blind SQL Injection Vulnerability2008-11-25
 WebStudio eHotel (pageid) Blind SQL Injection Vulnerability2008-11-25
 Pie Web M{a,e}sher Mod Rss 0.1 Remote File Inclusion Vulnerability2008-11-25
 Chipmunk Topsites (Auth Bypass/XSS) Multiple Remote Vulnerabilities2008-11-25
 Google Chrome Browser MetaCharacter URI Obfuscation Vulnerability2008-11-25
 FAQ Manager 1.2 (config_path) Remote File Inclusion Vulnerability2008-11-25
 Clean CMS 1.5 (Blind SQL Injection/XSS) Multiple Remote Vulnerabilities2008-11-25
 Clean CMS 1.5 (full_txt.php id) Blind SQL Injection Exploit2008-11-25
 fuzzylime cms 3.03 (track.php p) Local File Inclusion Vulnerability2008-11-25
 SimpleBlog 3.0 (simpleBlog.mdb) Database Disclosure Vulnerability2008-11-25
 Jamit Job Board 3.4.10 (show_emp) Blind SQL Injection Vulnerability2008-11-25
 VideoGirls BiZ (view_snaps.php type) Blind SQL Injection Vulnerability2008-11-25
 LoveCMS 1.6.2 Final (Download Manager 1.0) File Upload Exploit2008-11-25
 Nero ShowTime 5.0.15.0 m3u Playlist File Remote Buffer Overflow PoC2008-11-24
 NetArtMedia Real Estate Portal 1.2 (ad_id) SQL Injection Vuln2008-11-24
 Goople Cms 1.7 Arbitrary Code Execution Vulnerability2008-11-24
 W3C Amaya 10.1 Web Browser (URL Bar) Remote Stack Overflow PoC2008-11-24
 W3C Amaya 10.1 Web Browser (id) Remote Stack Overflow PoC2008-11-24
 VideoScript 3.0 <= 4.1.5.55 Unofficial Shell Injection Exploit2008-11-24
 VideoScript 3.0 <= 4.0.1.50 Official Shell Injection Exploit2008-11-24
 Quicksilver Forums <= 1.4.2 RCE Exploit (windows only)2008-11-24
 WebStudio CMS (index.php pageid) Blind SQL Injection Vulnerability2008-11-24
 Bandwebsite 1.5 (SQL/XSS) Multiple Remote Vulnerabilities2008-11-24
 FTPzik (XSS/LFI) Multiple Remote Vulnerabilities2008-11-24
 Pie Web M{a,e}sher 0.5.3 Multiple Remote File Inclusion Vulnerability2008-11-24
 Siemens C450IP/C475IP Remote Denial of Service Vulnerability2008-11-24
 Total Video Player (vcen.dll) Remote off by one Crash Exploit2008-11-24
 Nitrotech 0.0.3a (RFI/SQL) Multiple Remote Vulnerabilities2008-11-24
 Microsoft XML Core Services DTD Cross-Domain Scripting PoC (MS08-069)2008-11-23
 Prozilla Hosting Index (id) Remote SQL Injection Vulnerability2008-11-23
 PG Job Site (poll_view_id) Blind SQL Injection Vulnerability2008-11-23
 PG Roomate Finder Solution (Auth Bypass) SQL Injection Vulnerability2008-11-23
 PG Real Estate (Auth Bypass) SQL Injection Vulnerability2008-11-23
 NetArtMedia Blog System (image.php id) SQL Injection Vulnerability2008-11-23
 NetArtMedia Cars Portal 2.0 (image.php id) SQL Injection Vulnerability2008-11-23
 Goople Cms 1.7 Remote File Upload Vulnerability2008-11-23
 MauryCMS <= 0.53.2 (fckeditor) Remote Arbitrary File Upload Vuln2008-11-23
 Goople Cms 1.7 Insecure Cookie Handling Vulnerability2008-11-23
 MODx CMS <= 0.9.6.2 (RFI/XSS) Multiple Remote Vulnerabilities2008-11-23
 PHP Classifieds Script Remote Database Disclosure Vulnerability2008-11-23
 Vlog System 1.1 (blog.php user) Remote SQL Injection Vulnerability2008-11-22
 Discuz! Remote Reset User Password Exploit2008-11-22
 e107 Plugin ZoGo-Shop 1.15.4 (product) SQL Injection Vulnerability2008-11-22
 LoveCMS 1.6.2 Final (Simple Forum 3.1d) Change Admin Password Exploit2008-11-22
 Ez Ringtone Manager Multiple Remote File Disclosure Vulnerabilities2008-11-22
 getaphpsite Auto Dealers Remote File Upload Vulnerability2008-11-22
 getaphpsite Real Estate Remote File Upload Vulnerability2008-11-22
 KVIrc 3.4.2 Shiny (uri handler) Remote Command Execution Exploit2008-11-21
 Joomla Component Thyme 1.0 (event) SQL Injection Vulnerability2008-11-21
 verlihub <= 0.9.8d-RC2 Remote Command Execution Vulnerability2008-11-21
 Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit2008-11-20
 PunBB Mod PunPortal 0.1 Local File Inclusion Exploit2008-11-20
 wPortfolio <= 0.3 Admin Password Changing Exploit2008-11-20
 PHP 5.2.6 (error_log) safe_mode Bypass Vulnerability2008-11-20
 NatterChat 1.1 (Auth Bypass) Remote SQL Injection Vulnerability2008-11-20
 vBulletin 3.7.3 Visitor Message XSS/XSRF + worm Exploit2008-11-20
 PHP-Fusion 7.00.1 (messages.php) Remote SQL Injection Exploit2008-11-20
 Oracle Database Vault ptrace(2) Privilege Escalation Exploit2008-11-20
 ToursManager (tourview.php tourid) Blind SQL Injection Vulnerability2008-11-20
 Natterchat 1.12 (Auth Bypass) Remote SQL Injection Vulnerability2008-11-20
 BitDefender (module pdf.xmd) Infinite Loop Denial of Service PoC2008-11-20
 VCalendar (VCalendar.mdb) Remote Database Disclosure Vulnerability2008-11-20
 NatterChat 1.1 Remote Admin Bypass Vulnerability2008-11-20
 Alex Article-Engine 1.3.0 (fckeditor) Arbitrary File Upload Vulnerability2008-11-19
 Alex News-Engine 1.5.1 Remote Arbitrary File Upload Vulnerability2008-11-19
 PunBB (Private Messaging System 1.2.x) Multiple LFI Exploit2008-11-19
 MyTopix <= 1.3.0 (notes send) Remote SQL Injection Exploit2008-11-19
 RevSense (Auth bypass) Remote SQL Injection Vulnerability2008-11-19
 MauryCMS <= 0.53.2 Remote Shell Upload Exploit2008-11-19
 AskPert (Auth bypass) Remote SQL Injection Vulnerability2008-11-19
 wPortfolio <= 0.3 Remote Arbitrary File Upload Exploit2008-11-19
 Pre Job Board (Auth Bypass) Remote SQL Injection Vulnerability2008-11-19
 No-IP DUC <= 2.1.7 Remote Code Execution Exploit2008-11-18
 CUPS 1.3.7 CSRF (add rss subscription) Remote Crash Exploit2008-11-18
 Pluck CMS 4.5.3 (g_pcltar_lib_dir) Local File Inclusion Vulnerability2008-11-18
 Musicbox 2.3.8 (viewalbums.php artistId) SQL Injection Vulnerability2008-11-18
 Free Directory Script 1.1.1 (API_HOME_DIR) RFI Vulnerability 2008-11-18
 E-topbiz Link Back Checker 1 Insecure Cookie Handling Vulnerability2008-11-18
 Opera 9.62 file:// Local Heap Overflow Exploit2008-11-17
 Q-Shop 3.0 Remote XSS/SQL Injection Vulnerabilities2008-11-17
 FREEze Greetings 1.0 Remote Password Retrieve Exploit2008-11-17
 Myiosoft easygallery (catid) Blind SQL Injection Vulnerability2008-11-17
 E-topbiz AdManager 4 (group) Blind SQL Injection Vulnerability2008-11-17
 OpenASP <= 3.0 Blind SQL Injection Vulnerability2008-11-17
 mxCamArchive 2.2 Bypass Config Download Vulnerability2008-11-17
 Chilkat Socket activex 2.3.1.1 Remote Arbitrary File Creation Exploit2008-11-17
 Jadu Galaxies (categoryID) Blind SQL Injection Vulnerability2008-11-17
 phpfan 3.3.4 (init.php includepath) Remote File Inclusion Vulnerability2008-11-17
 SaturnCMS (view) Blind SQL Injection Vulnerability2008-11-17
 Simple Customer 1.2 (Auth Bypass) SQL Injection Vulnerability2008-11-17
 Exodus 0.10 (uri handler) Arbitrary Parameter Injection Vulnerability2008-11-17
 Ultrastats 0.2.144/0.3.11 (index.php serverid) SQL Injection Vulnerability2008-11-17
 VideoScript <= 4.0.1.50 Admin Change Password Exploit2008-11-17
 FloSites Blog Multiple Remote SQL Injection Vulnerabilities2008-11-16
 MS Windows Server Service Code Execution Exploit (MS08-067) (2k/2k3)2008-11-16
 yahoo answers (id) Remote SQL Injection Vulnerability2008-11-16
 phpstore Wholesale (track.php?id) SQL Injection Vulnerability2008-11-16
 Lazarus Guestbook 1.x Insecure Cookie Handling Vulnerability2008-11-15
 VeryPDF PDFView OCX ActiveX OpenPDF Heap Overflow PoC2008-11-15
 ClipShare Pro 2006-2007 (chid) SQL Injection Vulnerability2008-11-15
 Sudo <= 1.6.9p18 (Defaults setenv) Local Privilege Escalation Exploit2008-11-15
 Minigal b13 (index.php list) Remote File Disclosure Exploit2008-11-15
 SlimCMS <= 1.0.0 (edit.php) Remote SQL Injection Exploit2008-11-14
 Bankoi Webhost Panel 1.20 (Auth Bypass) SQL Injection Vulnerability2008-11-14
 Discuz! 6.x/7.x Remote Code Execution Exploit2008-11-14
 turnkeyforms Text Link Sales Auth Bypass Vulnerability2008-11-14
 GS Real Estate Portal US/International Module Multiple Vulnerabilities2008-11-14
 AlstraSoft Web Host Directory 1.2 Multiple Vulnerabilities2008-11-14
 turnkeyforms Text Link Sales (id) XSS/SQL Injection Vulnerability2008-11-14
 X7 Chat 2.0.5 (Auth Bypass) SQL Injection Vulnerability2008-11-14
 GS Real Estate Portal Multiple SQL Injection Vulnerability2008-11-14
 SmbRelay3 NTLM Replay Attack Tool/Exploit (MS08-068)2008-11-14
 Pi3Web <= 2.0.13 (ISAPI) Remote Denial of Service Exploit2008-11-13
 BandSite CMS 1.1.4 Insecure Cookie Handling Vulnerability2008-11-13
 ScriptsFeed (SF) Recipes Listing Portal Remote File Upload Vulnerability2008-11-13
 ScriptsFeed (SF) Auto Classifieds Software Remote File Upload Vuln2008-11-13
 ScriptsFeed (SF) Real Estate Classifieds Software File Upload Vuln2008-11-13
 MemHT Portal 4.0.1 SQL Injection Code Execution Exploit2008-11-13
 Castle Rock Computing SNMPc < 7.1.1 (Community) Remote BOF PoC2008-11-12
 Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC2008-11-12
 MS Windows Server Service Code Execution Exploit (MS08-067)2008-11-12
 AlstraSoft Web Host Directory (Auth Bypass) SQL Injection Vuln2008-11-12
 AlstraSoft Article Manager Pro (Auth Bypass) SQL Injection Vuln2008-11-12
 AlstraSoft SendIt Pro Remote File Upload Vulnerability2008-11-12
 Quick Poll Script (code.php id) Remote SQL Injection Vulnerability2008-11-12
 turnkeyforms Web Hosting Directory Multiple Vulnerabilities2008-11-12
 turnkeyforms Local Classifieds Auth Bypass Vulnerability2008-11-12
 ooVoo 1.7.1.35 (URL Protocol) Remote Unicode Buffer Overflow PoC2008-11-11
 Aj Classifieds Authentication Bypass Vulnerability2008-11-11
 smcFanControl 2.1.2 Multiple Buffer Overflow Vulnerabilities PoC (OSX)2008-11-11
 Linux Kernel < 2.4.36.9/2.6.27.5 Unix Sockets Local Kernel Panic Exploit2008-11-11
 Pre Real Estate Listings File Upload Vulnerability2008-11-11
 Joomla Component Contact Info 1.0 SQL Injection Vulnerability2008-11-11
 Joomla Component com_books (book_id) SQL Injection Vulnerability2008-11-11
 Joomla/ Mambo com_catalogproduction (id) SQL Injection Vulnerability2008-11-11
 PozScripts Business Directory Script (id) Remote SQL Injection Vuln2008-11-11
 Joomla Component com_marketplace 1.3.1 (catid) SQL Injection Vuln2008-11-11
 Joomla Component Simple RSS Reader 1.0 RFI Vulnerability2008-11-11
 Collabtive 0.4.8 (XSS/Auth Bypass/Upload) Multiple Vulnerabilities2008-11-10
 Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vulnerability2008-11-10
 OTManager CMS 2.4 (Tipo) Remote File Inclusion Vulnerability2008-11-10
 Fresh Email Script 1.0 Multiple Remote Vulnerabilities2008-11-10
 FREEsimplePHPguestbook (guestbook.php) Remote Code Execution Vulnerability 2008-11-10
 PHPStore Real Estate Remote File Upload Vulnerability2008-11-10
 PHPStore Complete Classifieds Script File Upload Vulnerability2008-11-10
 PHPStore PHP Job Search Script Remote File Upload Vulnerability2008-11-10
 PHPStore Car Dealers Remote File Upload Vulnerability2008-11-10
 AJ ARTICLE Remote Authentication Bypass Vulnerability2008-11-10
 AJ Auction Authentication Bypass Vulnerability2008-11-10
 AJSquare Free Polling Script (DB) Multiple Vulnerabilities2008-11-10
 ExoPHPDesk 1.2 Final (Auth Bypass) SQL Injection Vulnerability2008-11-09
 ZEEMATRI 3.0 (bannerclick.php adid) SQL Injection Vulnerability2008-11-09
 Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities2008-11-09
 X10media Mp3 Search Engine <= 1.6 Remote File Disclosure Vulnerability2008-11-09
 MemHT Portal <= 4.0 Remote Code Execution Exploit2008-11-08
 GE Proficy Real Time Information Portal Credentials Leak Sniffer (meta)2008-11-08
 V3 Chat Profiles/Dating Script 3.0.2 (Auth Bypass) SQL Injection Vuln2008-11-08
 2WIRE DSL Router (xslt) Denial of Service Vulnerability2008-11-08
 Enthusiast 3.1.4 (show_joined.php path) Remote File Inclusion Vuln2008-11-08
 zeeproperty 1.0 (Upload/XSS) Multiple Remote Vulnerabilities2008-11-08
 V3 Chat - Profiles/Dating Script 3.0.2 Insecure Cookie Handling Vuln2008-11-08
 ZEEJOBSITE 2.0 Remote File Upload Vulnerability2008-11-08
 Mambo Component n-form (form_id) Blind SQL Injection Exploit2008-11-08
 Cyberfolio <= 7.12.2 (css.php theme) Local File Inclusion Vulnerability2008-11-08
 DigiAffiliate <= 1.4 (Auth Bypass) SQL Injection Vulnerability2008-11-08
 Zeeways Shaadi Clone 2.0 Auth Bypass Vulnerability2008-11-08
 Zeeways PHOTOVIDEOTUBE 1.1 Auth Bypass Vulnerability2008-11-08
 V3 Chat Live Support 3.0.4 Insecure Cookie Handling Vulnerability2008-11-08
 Mole Group Airline Ticket Script (Auth Bypass) SQL Injection Vuln2008-11-08
 turnkeyforms Business Survey Pro 1.0 (id) SQL Injection Vuln2008-11-07
 turnkeyforms Entertainment Portal 2.0 Insecure Cookie Handling Vuln2008-11-07
 E-topbiz Domain Shop v2.0 (Auth Bypass) SQL Injection Vulnerability2008-11-07
 E-topbiz Slide Popups 1.0 (Auth Bypass) SQL Injection Vuln2008-11-07
 turnkeyforms Local Classifieds (XSS/SQL) Multiple Vulnerabilities2008-11-07
 U&M Software Event Lister 1.0 Auth Bypass Vulnerability2008-11-07
 U&M Software JustBookIt 1.0 Auth Bypass Vulnerability2008-11-07
 U&M Software Signup 1.1 Auth Bypass Vulnerability2008-11-07
 e-Vision CMS <= 2.0.2 Multiple Local File Inclusion Exploit2008-11-07
 Mole Group Pizza (manufacturers_id) Script SQL Injection Vuln2008-11-07
 E-topbiz Online Store 1 (Auth Bypass) SQL Injection Vuln2008-11-07
 Joomla Component Feederator 1.0.5 Multiple RFI Vulnerabilities2008-11-07
 Joomla Component Recly!Competitions 1.0.0 Multiple RFI Vulnerabilities2008-11-07
 Joomla Component Clickheat 1.0.1 Multiple RFI Vulnerabilities2008-11-07
 DeltaScripts PHP Classifieds <= 7.5 SQL Injection Vulnerability2008-11-07
 MyioSoft EasyCalendar (Auth Bypass) Remote SQL Injection Vulnerability2008-11-07
 MyioSoft EasyBookMarker (Auth Bypass) SQL Injection Vulnerability2008-11-07
 MyioSoft Ajax Portal 3.0 (Auth Bypass) QL Injection Vulnerability2008-11-07
 Mole Group Rental Script (Auth Bypass) SQL Injection Vuln2008-11-07
 PHP Auto Listings Script (Auth Bypass) SQL Injection Vuln2008-11-07
 E-topbiz Number Links 1 (id) Remote SQL Injection Vulnerability2008-11-07
 Mini Web Calendar 1.2 (File Disclosure/XSS) Multiple Vulnerabilities2008-11-07
 E-topbiz Online Store 1 (cat_id) SQL Injection Vulnerability2008-11-07
 Anti-Keylogger Elite 3.3.0 (AKEProtect.sys) Privilege Escalation Exploit2008-11-07
 Myiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability2008-11-07
 Domain Seller Pro 1.5 (id) Remote SQL Injection Vulnerability2008-11-07
 VLC Media Player < 0.9.6 .RT Stack Buffer Overflow Exploit2008-11-07
 SpeedStream 5200 Authentication Bypass Config Download Vulnerability2008-11-07
 DevelopItEasy Photo Gallery 1.2 SQL Injection Vulnerabilities2008-11-06
 DevelopItEasy Membership System 1.3 (Auth Bypass) SQL Injection2008-11-06
 DevelopItEasy News And Article System 1.4 SQL Injection Vulns2008-11-06
 DevelopItEasy Events Calendar 1.2 Multiple SQL Injection Vulnerabilities2008-11-06
 hMAilServer 4.4.2 (PHPWebAdmin) File Inclusion Vulnerabilities2008-11-06
 Pre ADS Portal <= 2.0 (Auth Bypass/XSS) Multiple Vulnerabilities2008-11-06
 Arab Portal 2.1 Remote File Disclosure Vulnerability (win only)2008-11-06
 NICE FAQ Script (Auth Bypass) SQL Injection Vulnerability2008-11-06
 LoveCMS 1.6.2 Final Arbitrary File Delete Vulnerability2008-11-06
 SoftComplex PHP Image Gallery 1.0 (Auth Bypass) SQL Injection Vuln2008-11-06
 MySQL Quick Admin 1.5.5 Local File Inclusion Vulnerability2008-11-06
 DeltaScripts PHP Shop 1.0 (Auth Bypass) SQL Injection Vulnerability2008-11-06
 DeltaScripts PHP Links <= 1.3 (Auth Bypass) SQL Injection Vuln 2008-11-06
 DeltaScripts PHP Classifieds <= 7.5 (Auth Bypass) SQL Injection Vuln2008-11-06
 turnkeyforms Software Directory (XSS/SQL) Multiple Vulnerabilities2008-11-06
 SoftComplex PHP Image Gallery (ctg) SQL Injection Vulnerability2008-11-06
 Adobe Reader / Acrobat <= 8.1.2 Code Execution Exploit (APSB08-19)2008-11-05
 Pre Podcast Portal (Tour.php id) SQL Injection Vulnerability2008-11-05
 PHPX 3.5.16 (news_id) Remote SQL Injection Exploit2008-11-05
 phpBB Mod Small ShoutBox 1.4 Remote Edit/Delete Messages Vuln2008-11-05
 Pre Classified Listings Insecure Cookie Handling Vulnerability2008-11-05
 Pre Multi-Vendor Shopping Malls Multiple Remote Vulnerabilities2008-11-05
 Pre Shopping Mall Insecure Cookie Handling Vulnerability2008-11-05
 PHP JOBWEBSITE PRO (Auth Bypass) SQL Injection Vulnerability2008-11-05
 Pre Simple CMS (Auth Bypass) SQL Injection Vulnerability2008-11-05
 PHP Auto Listings (moreinfo.php pg) SQL Injection Vulnerability2008-11-05
 Joomla Component Dada Mail Manager 2.6 RFI Vulnerability2008-11-05
 DFLabs PTK <= 1.0 Local Command Execution Vulnerability2008-11-05
 Mole Group Taxi Calc Dist Script (Auth Bypass) SQL Injection Vuln2008-11-05
 Mole Group Airline Ticket Script SQL Injection Vulnerability2008-11-05
 Pre Real Estate Listings (Auth Bypass) SQL Injection Vulnerability2008-11-05
 HarlandScripts drinks (recid) Remote SQL Injection Velnerability2008-11-05
 Adobe Reader util.printf() JavaScript Function Stack Overflow Exploit #22008-11-05
 Simple Machines Forum <= 1.1.6 (LFI) Code Execution Exploit2008-11-05
 TBmnetCMS 1.0 (index.php content) Local File Inclusion Vulnerability2008-11-04
 Joomla Component VirtueMart Google Base 1.1 RFI Vulnerability2008-11-04
 Multi Languages WebShop Online 1.02 (SQL/XSS) Multiple Vulnerabilities2008-11-04
 Joomla Component ongumatimesheet20 4b RFI Vulnerability2008-11-04
 Vibro-CMS Multiple Remote SQL Injection Vulnerabilities2008-11-04
 WEBBDOMAIN Post Cart <= 1.02 (catid) SQL Injection Vulnerability2008-11-04
 Tours Manager v1 (cityview.php cityid) SQL Injection Vulnerability2008-11-04
 Simple Document Management System 1.1.4 SQL Injection Auth Bypass2008-11-04
 WEBBDOMAIN Webshop <= 1.02 (SQL Injection) Auth Bypass Vuln2008-11-04
 WEBBDOMAIN Quiz <= 1.02 (Auth Bypass) SQL Injection Vulnerability2008-11-04
 WEBBDOMAIN Polls