pgp4pine local exploit for version 1.76 (and possibly below) for the buffer overflow which allows specially crafted emails the ability to execute arbitrary code on the recipient box when the mail is opened.
PHP Nuke 6.0 has vulnerabilities in the Forums and Private_Messages modules which allow attackers to save forum information and user data to a text file.
Remote CGI exploit written in Perl for Cpanel 5 Guestbook. Spawns a bash shell with the uid of the webserver. Windows version. Warning: Use this binary at your own risk.
Postnuke v0.723 has SQL injection and directory traversal vulnerabilities which allow an attacker to view directories and perform remote command execution.
Win32hlp exploit for the :LINK overflow that traps a .CNT file with arbitrary code that once downloaded will execute without a user being prompted for verification. Tested against Windows 2000 PRO/SERVER SP0/SP1/SP2.
PHP Nuke 6.0 is vulnerable to multiple SQL injection attacks that will allow an attacker to access member lists, show users by user ID, show moderators, show administrators, privilege escalation, and more.
Security Corporation Security Advisory [SCSA-009]: PHP ping, a utility that allows an end user to ping a remote machine, has a vulnerability which allows remote attackers to execute commands remotely and could lead to compromise of some, if not all, the operating system.
Forum Web Server v1.60 has multiple vulnerabilities including a directory traversal that can be used to get usernames and passwords for the server and a cross site scripting vulnerability during message replies.
LHTTPd 0.1 remote buffer overflow exploit for the Win32 platform. This exploits a buffer overflow in GET request handling of HTTPd 0.1 for Microsoft Windows and binds a shell to the desired port.
0x333cya.tar.gz is a Mandrake 9.0 local root exploit which uses bugs in the printer-drivers package. Cya.c gets group sys privileges with a bug in /usr/bin/mtink, and anger.c uses the sys privileges to exploit a bug in /usr/bin/ml85p, spawning a root shell.
ST-tcphump.c is a remote tcpdump ISAKMP denial of service exploit. Sends a packet on UDP port 500 which sends tcpdump into an infinite loop upon receipt of the specially crafted packet. Supports spoofed and non-spoofed packets.