ZoRLu

253 exploits Active since Feb 2007
EIP-2026-100134 EXPLOITDB text WRITEUP
aspmanage banners - Arbitrary File Upload / File Disclosure
CVE-2008-5562 EXPLOITDB text WRITEUP
ASPPortal - Unauthenticated Sensitive Information Exposure via Direct Database File Access
ASPPortal stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for xportal.mdb.
CVE-2009-1504 EXPLOITDB text WORKING POC
Absolute Form Processor XE 1.5 - Unauthenticated Authentication Bypass via xlaAFPadmin Cookie
Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."