Sharutils 4.2.1 local root exploit. Note: shar is NOT setuid by default, so this exploit is completely proof of concept if for some reason the binary was setuid.
edd1020fd999d8177e094173be570e3a68f63ad358f7757f48ef91abc923b842
Remote test code that verifies buffer overflows in the Medal of Honor games including Allied Assault version 1.11v9 and below, Breakthrough version 2.40b and below, and Spearhead version 2.15 and below.
d9dedeac1cdba39e43966b1bd9cafc503a11804078a6604f32a375fcd32513a2
Local elevation of privileges exploit for the Microsoft Windows 2000 Utility Manager vulnerability. Updated version that can be executed via simple cmd.exe shells using a normal user account. Gives a shell with SYSTEM privileges.
075b9e7810c1d745ad80808bae307f18bd645d2e8f49f32f7a9315895c6f6671
Local elevation of privileges exploit for the Microsoft Windows 2000 Utility Manager vulnerability. Gives a shell with SYSTEM privileges.
6b4c09c3bcb0f4713a12fc777f2245169344041b7020220a150fb035f8202c0f
Web_Store.cgi allows for remote command execution due to a lack of variable sanitization.
a77628094a6127c5e36615486c6060183b4949cad68e0d36d30f9e53dae43249
PHP Nuke versions 6.x through 7.3 suffer from cross site scripting and SQL injection flaws.
70f19d1381815ef51a0a74bdb7a4451ff7d7ed90c0e356680bec2079856ee621
Remote denial of service exploit for a flaw in the Half-Life server on Linux and Windows where a write occurs to a read-only memory zone.
e7c70144dd5330c1cc7ffb608a02732ad9ec1fa4f17140d79be8c64ffa1b32d3
A .diff file, applied to the MySQL 5.0.0-alpha source distribution will allow building a MySQL client that can be used to connect to a remote MySQL server with no password.
576c8349f99ca721889a85397e1a11e6091d306a88102e339b9bede903f555e3
Eudora versions 5.x to 6.0.3 local exploit that makes use of the attachment buffer overflow.
b12afdc02490ee71c2c3aa96f757819e0536e0c849fc10475ea6f7c61d1b9fb2
Proof of concept exploit for setterm, which is not usually suid by default.
37fc3910aea9e92bebf4de0177bdd4956c99895ef67c20698d3cab977eeefda0
Exploit for a buffer overflow in drcatd 0.5.0 beta. This may allow for command execution when the system administrator has assumed that only read access to files has been granted, but as it requires a valid username and password, this is unlikely to ever be a high-risk exploit.
0155b39c65536150f635524e364054ab87c6d89aece5942882b50c8ecf65b315
A lack of sanity checking in Centre version 1.0 allows unprivileged users the ability to change administrator options and create new accounts.
d807a0fae0b3b4095b2aa40f70ea4d4a25e1b17df1521ae12a2acf5f9d7e285f
phpMyAdmin version 2.5.7 is susceptible to allowing remote malicious users the ability to inject PHP code. Full exploit provided.
3887a9ab442dd9cfe54535fe2c1cf53956fc6d2b0c4af5c41bb474addb3c2202