PHP Nuke 6.0 has vulnerabilities in the Forums and Private_Messages modules which allow attackers to save forum information and user data to a text file.
PHP Nuke 6.0 is vulnerable to multiple SQL injection attacks that will allow an attacker to access member lists, show users by user ID, show moderators, show administrators, privilege escalation, and more.
Postnuke v0.723 has SQL injection and directory traversal vulnerabilities which allow an attacker to view directories and perform remote command execution.
Rs_iis_xpl.pl is a remote exploit for rs_iis.c, a remote IIS exploit. Sets up a web server, and if rs_iis.c is used to attempt an exploit, a shell will be spawned on the attacking host. Tested against FreeBSD 4.7-RELEASE-p7.
Win32hlp exploit for the :LINK overflow that traps a .CNT file with arbitrary code that once downloaded will execute without a user being prompted for verification. Tested against Windows 2000 PRO/SERVER SP0/SP1/SP2.
NSFOCUS Security Advisory SA2003-01 - The NSFOCUS Security Team has found a buffer overflow vulnerability in Microsoft Windows XP Redirector that can be exploited locally and can allow attackers to crash the system or gain local system privilege by carefully crafted code.
Security Corporation Security Advisory [SCSA-009]: PHP ping, a utility that allows an end user to ping a remote machine, has a vulnerability which allows remote attackers to execute commands remotely and could lead to compromise of some, if not all, the operating system.
Security Corporation Security Advisory [SCSA-012]: The Sambar server default installation has a cgi-bin directory which contains executables that allow remote users to view information regarding the operating system and web server's directory. It also path disclosure and tons of cross site scripting vulnerabilities.
ST-tcphump.c is a remote tcpdump ISAKMP denial of service exploit. Sends a packet on UDP port 500 which sends tcpdump into an infinite loop upon receipt of the specially crafted packet. Supports spoofed and non-spoofed packets.
Wd.pl is a remote IIS exploit in perl which exploits the bug in ntdll.dll described inms03-007. Tested on Windows 2000 Advanced Server SP3 - Korean language edition.
Local root exploit utilizing the overflow in XLOCALEDIR under XFree86 Version 4.2.x using xterm. Tested against Slackware 8.1 with kernel version 2.2.25.