ISAA-2006-001.txt
123flashchat server versions 5.1 and below suffer from directory traversal attacks that allow for arbitrary file creation.
View ArticleISAA-2006-007.txt
The BlueSocket web administration interface is vulnerable to a cross site scripting attack. Versions below 5.2 are susceptible.
View Articleisa-2006-013.txt
Microsoft IIS5 suffers from NTLM and basic authentication bypass vulnerabilities.
View Articlevtls-xss.txt
VTLS Inc.'s vtls.web.gateway CGI is susceptible to a cross site scripting vulnerability. Versions up to 48.1.0 are affected.
View Articlecygwin-overflow.txt
Cygwin is vulnerable to a buffer overflow when checking filename lengths. cygwin1.dll versions up to 1.5.7 are susceptible.
View ArticlewwwstatsHack.txt
Simple exploit that demonstrates a script insertion vulnerability in wwwstats.
View Articleisaa-2007-004.txt
wwwstats versions 3.21 and below suffer from a persistent cross site scripting vulnerability.
View Articletikiwiki-traverse.txt
The Tikiwiki CMS has a vulnerability that allows an attacker to get the first 1000 bytes from an arbitrary file through the tiki-listmovies.php script.
View Articlesmbclientparser-exec.txt
The SmbClientParser perl module suffers from a vulnerability that allows for remote command execution.
View ArticleWordpress Forced Upgrade Vulnerability
Wordpress suffers from an unauthenticated forced upgrade vulnerability.
View ArticlePSI Integer Overflow Denial Of Service
PSI suffers from a remote integer overflow denial of service vulnerability. Proof of concept code is included.
View ArticleJoomla Exploit Scanner
This python script scans for 58 vulnerable Joomla component payloads.
View Articlemount.cifs chdir() File Identification
mount.cifs chdir() allows for arbitrary file identification as root. All versions prior to 5.4 are affected.
View Article
