Code Exploits Collection (37869 exploits)

Title	Author	Platform	Source	Description	Date

FreeNAC version 3.02 SQL Injection and XSS Vulnerabilties	Blake	php	exploit-db.com	FreeNAC version 3.02 SQL Injection and XSS Vulnerabilties Date: May 19, 2012 Author: Blake Software Link: http://sourceforge.net/project/showfiles.php?group_id=170004 Version: 3.02 Tested on: Ubuntu 8.04 (freenac version 3.02 vmware appliance) FreeNAC FreeNAC provides Virtual LAN assignment,	Saturday
PHP Address Book 7.0.0 Multiple Vulnerabilities	Stefan Schurtz	php	exploit-db.com	Advisory: PHP Address Book 7.0.0 Multiple security vulnerabilities Advisory ID: SSCHADV2012-013 Author: Stefan Schurtz Affected Software: Successfully tested on PHP Address Book 7.0.0 Vendor URL: http:/	Saturday
Active Collab "chat module" <= 2.3.8 Remote PHP Code Injection Exploit	metasploit	php	exploit-db.com	This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 < Msf::Exploit	Saturday
Vanilla Latest Comment 1.1 Cross Site Scripting	Henry Hoggard	na	packetstormsecurity.org	Vanilla version 2.0.18.4 with Latest Comment plugin version 1.1 suffers from a cross site scripting vulnerability.	Saturday
Vanilla About Me 1.1.1 Cross Site Scripting	Henry Hoggard	na	packetstormsecurity.org	Vanilla version 2.0.18.4 with About Me plugin version 1.1.1 suffers from a cross site scripting vulnerability.	Saturday
Vanilla 2.0.18.4 Cross Site Scripting	Henry Hoggard	na	packetstormsecurity.org	The moderator edit account functionality in Vanilla version 2.0.18.4 suffers from a cross site scripting vulnerability.	Saturday
PHP 5.4 Win32 Code Execution	0in	na	packetstormsecurity.org	PHP version 5.4.3 code execution exploit for Win32.	Friday
Oracle Weblogic Apache Connector POST Request Buffer Overflow		na	packetstormsecurity.org	This Metasploit module exploits a stack based buffer overflow in the BEA Weblogic Apache plugin. The connector fails to properly handle specially crafted HTTP POST requests, resulting a buffer overflow due to the insecure usage of sprintf. Currently, this module works over Windows systems without DEP, and has been tested with Windows 2000 / XP. In addition, the Weblogic Apache plugin version is fingerprinted with a POST request containing a specially crafted Transfer-Encoding header.	Friday
Squiggle 1.7 SVG Browser Java Code Execution	Nicolas Gregoire	na	sinn3r	This Metasploit module abuses the SVG support to execute Java Code in the Squiggle Browser included in the Batik framework 1.7 through a crafted svg file referencing a jar file. In order to gain arbitrary code execution, the browser must meet the following conditions: (1) It must support at least SVG version 1.1 or newer, (2) It must support Java code and (3) The "Enforce secure scripting" check must be disabled. The module has been tested against Windows and Linux platforms.	Friday
SkinCrafter 3.0 Buffer Overflow	Saurabh Sharma	na	packetstormsecurity.org	SkinCrafter active-x control version 3.0 suffers from a buffer overflow vulnerability.	Friday
Cryptographp Local File Inclusion / HTTP Response Splitting	Lu33Y	na	packetstormsecurity.org	Cryptographp suffers from local file inclusion and HTTP response splitting vulnerabilities.	Friday
HP VSA Command Execution	Nicolas Gregoire	na	packetstormsecurity.org	HP VSA remote command execution exploit.	Friday
SkinCrafter ActiveX Control version 3.0 Buffer Overflow	saurabh sharma	windows	exploit-db.com	Software : SkinCrafter from NMSoft Technologies Version : SkinCrafter version 3.0 Title : Buffer overflow in skincrafter3_vs2005.dll of skinCrafter vs3.0 Link : http://www.skincrafter.com/downloads/SkinCrafter_Demo_2005_2008_x86.zip Date : May 17, 2012 Tested on : X	Thursday
Division 6 IT SQL Injection / Cross Site Scripting	the_cyber_nuxbie	na	packetstormsecurity.org	Division 6 IT suffers from cross site scripting and remote SQL injection vulnerabilities.	Thursday
Artiphp CMS 5.5.0 Cross Site Scripting	LiquidWorm	na	zeroscience.mk	Artiphp CMS version 5.5.0 suffers from multiple POST cross site scripting vulnerabilities.	Thursday

Older posts >>