SkyOut

6 exploits Active since Oct 2007
CVE-2009-2419 EXPLOITDB text WORKING POC
Apple Safari <4.0.1 - Use After Free
Use-after-free vulnerability in the servePendingRequests function in WebCore in WebKit in Apple Safari 4.0 and 4.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted HTML document that references a zero-length .js file and the JavaScript reload function. NOTE: some of these details are obtained from third party information.
CVE-2008-0723 EXPLOITDB text WORKING POC
MyNews < 1.6.4 - Cross-Site Scripting via Hash Parameter
Cross-site scripting (XSS) vulnerability in mynews.inc.php in MyNews 1.6.4, and other earlier 1.6.x versions, allows remote attackers to inject arbitrary web script or HTML via the hash parameter in an admin action to index.php, a different vulnerability than CVE-2006-2208.1.
EIP-2026-107705 EXPLOITDB text WORKING POC
IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injections
CVE-2008-2895 EXPLOITDB text WRITEUP
AproxEngine 5.1.0.4 - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
EIP-2026-103414 EXPLOITDB text WORKING POC
Apple Safari 4.x - JavaScript Reload Remote Crash
CVE-2007-5562 EXPLOITDB text WRITEUP
Netgear SSL312 - Cross-Site Scripting via err Parameter in Login Page
Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via the err parameter in the context of an error page.