Published Exploits

WebApp Exploit PoC

• ACal v2.2.6 - 1-Click Remote Code Execution
• WebTareas 2.0p8 - Cross Site Scripting
• Pisay Online E-Learning System 1.0 - Remote Code Execution
• Online Scheduling System 1.0 - Authentication Bypass
• Online Scheduling System 1.0 - Persistent Cross-Site Scripting
• ChemInv 1.0 - Authenticated Persistent Cross-Site Scripting

Windows Exploits

Unicode SEH Stack Buffer Overflow

• Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow (SEH)
• Atomic Alarm Clock 6.3 - Stack Overflow (Unicode+SEH)

SEH Stack Buffer Overflow

• FTP Navigator 8.03 - Stack Overflow (SEH)
• Domain Quester Pro 6.02 - Stack Overflow (SEH)
• Torrent 3GP Converter 1.51 - Stack Overflow (SEH)

Stack Buffer Overflow

• FTP Commander Pro 8.03 - Local Stack Overflow
• AVS Audio Converter 9.1.2.600 - Stack Overflow (PoC)
• Torrent iPod Video Converter 1.51 - Stack Overflow
• Cuckoo Clock v5.0 - Buffer Overflow
• Easy File Sharing Web Server 7.2 Buffer Overflow
• FTPShell Server 6.85 Buffer Overflow

Local Privilege Escalation

• OpenTFTP 1.66 - Local Privilege Escalation
• SprintWork 2.3.1 - Local Privilege Escalation