TYPO3 versions below 4.0.12/4.1.10/4.2.6 remote file disclosure exploit.
dff52ea5f385763119d7989422182ad07e1008253d628bb6b2f633bfbf5d5a59
Whitepaper called Transferring Exploitcode Using HTML Canvas.
cd8402982c3f169f1ca4c03e4f41fd035deb6063e36e36053d75d6af0e9c8f65
Whitepaper called Bypassing Windows Server 2008 Password Protection.
dafaeeb1f9b5d5b9f13d745ee76e9384b863cdd583876ecffeb2680d1971ae9a
The Web Application Security Consortium Glossary. Written in Persian.
9036a7e9a5f9f88b2d3cf365665a8b639cffe135d76365a82735b41f7a1eb967
Whitepaper called Format String Exploitation On Windows Using Immunity Debugger / Python.
f7598f438ab72ca2c8b0322f31972b57a2033437683d39ad40db27bd7d64f7f3
Whitepaper called Practical SQL Injection: Bit By Bit.
ad841634804924e767f7bd0426338353c65c780f387ad40adc2da54a6b09f9b9
Technical Cyber Security Alert TA09-041A - Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.
aa7ea04c44048b12cdc677cd86ce0008c2d001ebaac81fc7c47470892af4495f
Zero Day Initiative Advisory 09-012 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when processing, in XHTML strict mode, a CSS stylesheet containing a specific combination of style directives one of which must be a 'zoom'. The fault in processing results in a memory corruption vulnerability which can be leveraged to execute arbitrary code under the context of the current user.
49b91ae6e02af8783586f7f9aa3c578036a59ad840eb44e365f5a5c15c236280
Zero Day Initiative Advisory 09-011 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of document objects. When an object is appended and deleted in a specific order memory corruption occurs. Successful exploitation leads to remote compromise of the affected system under the credentials of the currently logged in user.
1c88d27d7627b5a7daaaaa980d6a5dd149e3b3cd4f5a8338e1a2cede4ba41b04
ProFTP using mod_mysql suffers from an authentication bypass vulnerability.
a9e502607a0251bbb13c3ebcacf090dd4c8066d61ca3ed72be9f0b756fffd2c9
Debian Security Advisory DSA 1720-1 - Several remote vulnerabilities have been discovered in the TYPO3 web content management framework.
ff7e269eb9f1a53dec62ad6e6160669f85bf73d93ebb658e6894efae9a0f85b3
BlueBird Pre-Release suffers from a remote SQL injection vulnerability that allows for authentication bypass.
0dd51a06715abc005eccc213f28b7265aa935583dd44537b4c8fa4b14f5ad0ce
MyNews version 0_10 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
a7260c6008519d2293f523063881648f0267f1eee6d8a83b65fd9a43cfa78fad
AuthPhp version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6224026d7ec6d0f297316913cddef032150d78e1ea1a399a113b35e4b09432cf
Potato News version 1.0.0 suffers from a local file inclusion vulnerability.
e5faf3def4976f54f7dc397f4536d724aa4e254190b1ca9860f50c54d492b128
Banking@Home versions 2.1 and below from Craft Silicon suffer from a remote SQL injection vulnerability.
513ef1eed6f0a7a5b30bd7f163fa42ca82917d2aa564834fd4ce1dcceffdb330
This file documents recent incidents that have been reported to the Web Hacking Incidents Database (WHID).
0115772792f8b7d585fd324c28a2a76194c0c27906e09d2df8ff2fbe35cac1d1
Fluorine CMS version 0.1 RC 1 remote command execution exploit that makes use of SQL injection and file disclosure vulnerabilities.
fba9cd1f22d06af6db3a6cd343f722047f153643fb252b8b78751e46c84f24ad
Mandriva Linux Security Advisory 2009-034 - Due to an internal error Squid is vulnerable to a denial of service attack when processing specially crafted requests. This problem allows any client to perform a denial of service attack on the Squid service. The updated packages have been patched to address this.
01a6e1aed3743cee1e6d28aff876724f367142e85922af5563de7d72b2527047
Thyme versions 1.3 and below suffer from a local file inclusion vulnerability.
9a7a6c674444d52319c8c1546d454aea86fb65a89d9753eec32ea6385fc18b04
Lanius CMS version 0.5.1 cross site request forgery exploit.
e66c349caae46b62e231dbdf4640b2a6968920ac08f714054adfaf28c0068095
Papoo CMS version 3.6 suffers from a local file inclusion vulnerability.
3bbe1f8e6015aea3a6502c48a1b2139533fa607a78222502928e6d20646af997
q-news version 2.0 remote command execution exploit.
5a96e01a99f6293d73e57199b9d36997a4544b85b4975140c7459ae9a0e2c2b3
The CCTV DVR being marketed by Swann Security suffers from a remote file disclosure vulnerability that leaks credential information.
07c459e6ef6c1a89c83decc11beeb4d60d7ef946657d75f71b08df8c9cccecb0
Gaeste version 1.6 suffers from a remote file disclosure vulnerability in gastbuch.php.
8feb5fa1d56e32903df4dabcb44642275fe4ba7e8ea5722d35981bb1af9bdfca