sNews versions 1.5.30 and below remote administrative password reset and code execution exploit.
f04a733858f7408bda758be8c1e8792d544592a36499c3ed1ccccda1dfcc1e61
Durian Web Application Server version 3.02 freeware for Win32 buffer overflow exploit.
1ec4bec9b4831edea37252314d1cf5ab292efd79cfee4332f818a0de5267884b
Durian Web Application Server version 3.02 freeware for Win32 denial of service exploit.
36e7d8607fffd1652b89eac5d8cda415e96ffcc2d435145cc53598d9e824249c
Woltlab Burning Board Lite version 1.0.2 Zend_Hash_Del_Key_Or_Index / blind SQL injection exploit.
e295471bd99cd36e304cd10cd62404b9cf790413f6c6c2cb855454e1081f5dae
PHPWind versions 5.0.1 and below AdminUser remote blind SQL injection exploit.
6b4a7509f2fee6ad9ed6bda931e59746e8b01f682a6e0508a9d0aec0cbcaf8a2
DokuWiki versions 2006-03-09b and below /bin/dwpage.php remote command execution exploit.
b3aeaf21f9796f070c9cd179491db5683160befa275d0cd729fb805788a25341
PHPFusion versions 6.01.4 and below extract()/_SERVER[REMOTE_ADDR] SQL injection exploit.
dd4b190a2ba9b3f73a1c5ef44f3f21d6efc7482616bbf953a0a1726dae42e586
e107 versions 0.75 and below GLOBALS[] overwrite/Zend_Hash_Del_Key_Or_Index remote command execution exploit.
2a2104f4d8276945c201078b7353259c08bc03ee77385661a195fda93688fe0c
Simple Machines Forum versions 1.1 rc2 and below "lock"/Zend_Hash_Del_Key_Or_Index exploit.
711deb0b4203aa77219b3a6ff363dbce6e2703dc948d9f080f362eaf5aeb3b22
Simple Machines Forum versions 1.1 rc2 and below "lngfile" Zend_Hash_Del_Key_Or_Index/arbitrary local inclusion exploit for use on Windows machines.
7ed25559e33e56afba3a0addcba3d760b08a56feccefa5b9f141e0cef632796d
CubeCart versions 3.0.11 and below "x_invoice_num" blind SQL injection / admin credentials disclosure exploit.
5e9a928c7148b01b50cad53afece6f67472f69766063fd0ca94325e988350bad
CubeCart versions 3.0.11 and below "oid" blind SQL injection / admin credentials disclosure exploit.
b0668df87bb7d60eceafe98ac84e2fe759a486ec5184e33da418856352982331
CubeCart versions 3.0.11 and below suffer from cross site scripting flaws.
fd87e86a0f7bedddd0d3276475643923cdef6f516abe98d1222d6d97efeb0050
XMB versions 1.9.6 and below arbitrary local inclusion and remote command execution exploit.
1fb0c064eac37843fe8458f941cd8677cdc94620cecd38cf49b512d8aa7b03c1
MyBloggie versions 2.1.4 and below trackback.php SQL injection exploit.
71088034db90935b56cb302d40745770dd0309f90ceb313fb41cc8d902d9ce31
SendCard version 3.4.0 and below unauthorized administrative access and remote command execution exploit.
75ee26461b1a9743494527d1488013f8671b535012ea009d2b763768d441b763
ATutor versions 1.5.3.1 and below 'links' blind SQL injection exploit.
744ac1c5b69dbe75ff5e08b1116abdf005ea1862eed261399ccefcf937c59c27
PHP versions 5.0.2 and 4.3.3 suffer from a bypass flaw in ip2long().
077c509657db441601b3a7b0b8b67d798b80cbfbe715a8351e25417221ed27e9
Etomite CMS versions 0.6.1 and below 'username' SQL injection and administrative credential disclosure exploit.
620bdf667e0fa3f353fc138d5dfe20509298865beffecfea4b15e781ea7a4210
Etomite CMS versions 0.6.1 and below remote command execution exploit making use of rfiles.php.
f32148cfde5038ca39dc41c079d83a1c70f26109c9fdb480d1b79b8fbb729cad
LoudBlog versions 0.5 and below 'id' SQL injection and administrative credential disclosure exploit.
0f8ecda7665dd0a872e199b07de3d22d808c060e10c44316b9277c9b528ac791
ToendaCMS versions 1.0.0 and below Shizouka stable 'F(u)CKeditor' remote command execution exploit.
4078edb0692788bf72e86e7b49a7f3e7fb493a4be972d72abf20b7fa6618583c
Remote 'CLIENT-IP' SQL injection / create new admin exploit for MyBulletinBoard (MyBB) versions 1.1.5 and below.
ef6d3cdf56b16ae8f852111b57787f5ddefb30111d30ec58052a42e409597bb0
Flatnuke 2.5.7 arbitrary file upload and remote code execution exploit.
4c36d564b9a21eaf526abd940f7ef69273f5288149b2f17ca7fd936d615d23ee
PHORUM 5 arbitrary local inclusion exploit.
911736c049c47a2e5779c689396db8803f3912ab18327ec60d1d2c9b3653dcc3