DB: 2016-08-12
1 new exploits WordPress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub) WordPress Core 1.5.1.1 <= 2.2.2 - Multiple Vulnerabilities WordPress and Pyrmont 2.x - SQL Injection WordPress Pyrmont 2.x Plugin - SQL Injection WordPress Copperleaf Photolog 0.16 - SQL injection WordPress Copperleaf Photolog 0.16 Plugin - SQL injection WordPress 3.3.1 - Multiple Vulnerabilities WordPress Core 3.3.1 - Multiple Vulnerabilities WordPress 2.x - PHP_Self Cross-Site Scripting WordPress Core 2.x - PHP_Self Cross-Site Scripting WordPress 2.2 - Request_URI Parameter Cross-Site Scripting WordPress Core 2.2 - Request_URI Parameter Cross-Site Scripting WordPress MailPoet - (wysija-newsletters) Unauthenticated File Upload WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload Drupal Core 7.32 - SQL Injection (1) Drupal Core 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (1) Drupal Core 7.32 - SQL Injection (2) Drupal Core 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (2) Drupal < 7.32 Pre Auth SQL Injection Drupal Core < 7.32 - Pre Auth SQL Injection Live Wire 2.3.1 For WordPress - Multiple Security Vulnerabilities Wordpress Live Wire 2.3.1 Theme - Multiple Security Vulnerabilities The Gazette Edition 2.9.4 For WordPress - Multiple Security Vulnerabilities WordPress The Gazette Edition 2.9.4 Theme - Multiple Security Vulnerabilities WordPress Webdorado Spider Event Calendar 1.4.9 - SQL Injection WordPress Webdorado Spider Event Calendar 1.4.9 Plugin - SQL Injection WordPress Trending 0.1 - 'cpage' Parameter Cross-Site Scripting WordPress Trending 0.1 Theme - 'cpage' Parameter Cross-Site Scripting WordPress WPML - Multiple Vulnerabilities WordPress WPML 3.1.9 Plugin - Multiple Vulnerabilities WordPress 4.2 - Stored XSS WordPress Core 4.2 - Stored XSS WordPress RevSlider File Upload and Execute WordPress RevSlider 3.0.95 Plugin - File Upload and Execute WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution WordPress MailChimp Subscribe Forms 1.1 - Remote Code Execution WordPress Track That Stat 1.0.8 Cross-Site Scripting WordPress Track That Stat 1.0.8 - Cross-Site Scripting WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta - Shell Upload WordPress Wp-ImageZoom 'file' Parameter Remote File Disclosure WordPress Wp-ImageZoom - 'file' Parameter Remote File Disclosure WordPress Flip Book 'php.php' Arbitrary File Upload WordPress Flip Book - 'php.php' Arbitrary File Upload WordPress PHPFreeChat 'url' Parameter Cross-Site Scripting WordPress PHPFreeChat - 'url' Parameter Cross-Site Scripting WordPress Finder 'order' Parameter Cross-Site Scripting WordPress Finder - 'order' Parameter Cross-Site Scripting WordPress Multiple Path Dislosure Vulnerabilities WordPress Core 3.4.2 - Multiple Path Dislosure Vulnerabilities WordPress Video Gallery 2.7 SQL Injection WordPress Video Gallery 2.7 - SQL Injection WordPress Cross Site Request Forgery WordPress - Cross Site Request Forgery WordPress CStar Design 'id' Parameter SQL Injection WordPress CStar Design Theme - 'id' Parameter SQL Injection WordPress White-Label Framework 2.0.6 - XSS WordPress White-Label Framework 2.0.6 Theme - XSS WordPress NextGEN Gallery 'upload.php' Arbitrary File Upload WordPress NextGEN Gallery - 'upload.php' Arbitrary File Upload WordPress Xorbin Digital Flash Clock 'widgetUrl' Parameter Cross-Site Scripting WordPress Xorbin Digital Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting WordPress Lead Octopus Power 'id' Parameter SQL Injection WordPress Lead Octopus Power - 'id' Parameter SQL Injection WordPress Booking Calendar Contact Form 1.1.24 - Multiple Vulnerabilities WordPress Booking Calendar Contact Form 1.1.24 - addslashes SQL Injection WordPress Booking Calendar Contact Form 1.1.24 Plugin - Multiple Vulnerabilities WordPress Booking Calendar Contact Form 1.1.24 Plugin - addslashes SQL Injection Wordpress Ultimate Product Catalog 3.9.8 - (do_shortcode via ajax) Blind SQL Injection Wordpress Ultimate Product Catalog 3.9.8 Plugin - (do_shortcode via ajax) Blind SQL Injection Wireshark 1.12.0 - 1.12.12 - NDS Dissector Denial of Service Wireshark 2.0.0 to 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service Wireshark 1.12.0-1.12.12 - NDS Dissector Denial of Service Wireshark 2.0.0 - 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service Microsoft Office Word 2007_2010_2013_2016 - Out-of-Bounds Read Remote Code Execution (MS16-099) Microsoft Office Word 2007/2010/2013/2016 - Out-of-Bounds Read Remote Code Execution (MS16-099) WebNMS Framework Server 5.2 and 5.2 SP1 - Multiple Vulnerabilities WebNMS Framework Server 5.2 / 5.2 SP1 - Multiple Vulnerabilities ColoradoFTP 1.3 Prime Edition (Build 8) - Directory Traversal
This commit is contained in:
Offensive Security
parent
832f9cf8b5
commit
27bb5a6384
2 changed files with 174 additions and 39 deletions
77
files.csv
77
files.csv
|
|
@ -4043,7 +4043,7 @@ id,file,description,date,author,platform,type,port
|
|||
4394,platforms/windows/remote/4394.html,"Microsoft Visual Studio 6.0 - (VBTOVSI.DLL 1.0.0.0) File Overwrite Exploit",2007-09-11,shinnai,windows,remote,0
|
||||
4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 - (root_path) Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0
|
||||
4396,platforms/php/webapps/4396.txt,"X-Cart - Multiple Remote File Inclusion",2007-09-11,aLiiF,php,webapps,0
|
||||
4397,platforms/php/webapps/4397.rb,"WordPress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub)",2007-09-14,"Lance M. Havok",php,webapps,0
|
||||
4397,platforms/php/webapps/4397.rb,"WordPress Core 1.5.1.1 <= 2.2.2 - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0
|
||||
4398,platforms/windows/remote/4398.html,"Microsoft SQL Server Distributed Management Objects BoF Exploit",2007-09-12,96sysim,windows,remote,0
|
||||
4399,platforms/multiple/remote/4399.html,"Apple Quicktime (Multiple Browsers) Command Execution PoC (0Day)",2007-09-12,pdp,multiple,remote,0
|
||||
4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - (id) SQL Injection",2007-09-13,Houssamix,php,webapps,0
|
||||
|
|
@ -9781,7 +9781,7 @@ id,file,description,date,author,platform,type,port
|
|||
10532,platforms/php/webapps/10532.txt,"Piwik Open Flash Chart - Remote Code Execution",2009-12-17,"Braeden Thomas",php,webapps,0
|
||||
10533,platforms/php/webapps/10533.txt,"VirtueMart 'product_id' Parameter SQL Injection",2009-12-17,Neo-GabrieL,php,webapps,0
|
||||
10534,platforms/php/webapps/10534.txt,"Rumba XML suffers from a Cross-Site scripting",2009-12-17,"Hadi Kiamarsi",php,webapps,0
|
||||
10535,platforms/php/webapps/10535.txt,"WordPress and Pyrmont 2.x - SQL Injection",2009-12-18,Gamoscu,php,webapps,0
|
||||
10535,platforms/php/webapps/10535.txt,"WordPress Pyrmont 2.x Plugin - SQL Injection",2009-12-18,Gamoscu,php,webapps,0
|
||||
10537,platforms/php/webapps/10537.txt,"gpEasy 1.5RC3 - Remote File Inclusion Exploit",2009-12-18,"cr4wl3r ",php,webapps,0
|
||||
10540,platforms/asp/webapps/10540.txt,"E-Smartcart SQL Injection",2009-12-18,R3d-D3V!L,asp,webapps,0
|
||||
10542,platforms/windows/remote/10542.py,"TFTP Server 1.4 - Buffer Overflow Remote Exploit (2)",2009-12-18,Molotov,windows,remote,69
|
||||
|
|
@ -10487,7 +10487,7 @@ id,file,description,date,author,platform,type,port
|
|||
11455,platforms/php/webapps/11455.txt,"Généré par KDPics 1.18 - Remote Add Admin",2010-02-15,snakespc,php,webapps,0
|
||||
11456,platforms/php/webapps/11456.txt,"superengine CMS (Custom Pack) SQL Injection",2010-02-15,10n1z3d,php,webapps,0
|
||||
11457,platforms/windows/remote/11457.pl,"Microsoft Internet Explorer 6/7 - Remote Code Execution (Remote User Add Exploit)",2010-02-15,"Sioma Labs",windows,remote,0
|
||||
11458,platforms/php/webapps/11458.txt,"WordPress Copperleaf Photolog 0.16 - SQL injection",2010-02-15,kaMtiEz,php,webapps,0
|
||||
11458,platforms/php/webapps/11458.txt,"WordPress Copperleaf Photolog 0.16 Plugin - SQL injection",2010-02-15,kaMtiEz,php,webapps,0
|
||||
11460,platforms/php/webapps/11460.txt,"Dodo Upload 1.3 - Upload Shell (Bypass)",2010-02-15,indoushka,php,webapps,0
|
||||
11461,platforms/php/webapps/11461.txt,"CoffieNet CMS - Bypass Admin",2010-02-15,indoushka,php,webapps,0
|
||||
11462,platforms/php/webapps/11462.txt,"blog ink Bypass Setting",2010-02-15,indoushka,php,webapps,0
|
||||
|
|
@ -15962,7 +15962,7 @@ id,file,description,date,author,platform,type,port
|
|||
18413,platforms/php/webapps/18413.txt,"SpamTitan Application 5.08x - SQL Injection",2012-01-23,Vulnerability-Lab,php,webapps,0
|
||||
18701,platforms/php/webapps/18701.txt,"phpPaleo - Local File Inclusion",2012-04-04,"Mark Stanislav",php,webapps,0
|
||||
18416,platforms/jsp/webapps/18416.txt,"stoneware webnetwork6 - Multiple Vulnerabilities",2012-01-24,"Jacob Holcomb",jsp,webapps,0
|
||||
18417,platforms/php/webapps/18417.txt,"WordPress 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0
|
||||
18417,platforms/php/webapps/18417.txt,"WordPress Core 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0
|
||||
18418,platforms/php/webapps/18418.html,"VR GPub 4.0 - CSRF",2012-01-26,Cyber-Crystal,php,webapps,0
|
||||
18419,platforms/php/webapps/18419.html,"phplist 2.10.9 - CSRF/XSS",2012-01-26,Cyber-Crystal,php,webapps,0
|
||||
18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0
|
||||
|
|
@ -26793,7 +26793,7 @@ id,file,description,date,author,platform,type,port
|
|||
29751,platforms/php/webapps/29751.php,"PHPStats 0.1.9 PHP-Stats-Options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0
|
||||
29752,platforms/php/remote/29752.php,"PHP 5.1.6 Mb_Parse_Str Function Register_Globals Activation Weakness",2007-03-19,"Stefan Esser",php,remote,0
|
||||
29753,platforms/linux/remote/29753.c,"File(1) 4.13 Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0
|
||||
29754,platforms/php/webapps/29754.html,"WordPress 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0
|
||||
29754,platforms/php/webapps/29754.html,"WordPress Core 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0
|
||||
29755,platforms/php/webapps/29755.html,"Guesbara 1.2 Administrator Password Change",2007-03-19,Kacper,php,webapps,0
|
||||
29756,platforms/php/webapps/29756.txt,"PHPX 3.5.15/3.5.16 print.php news_id Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0
|
||||
29757,platforms/php/webapps/29757.txt,"PHPX 3.5.15/3.5.16 forums.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0
|
||||
|
|
@ -26879,7 +26879,7 @@ id,file,description,date,author,platform,type,port
|
|||
30163,platforms/multiple/dos/30163.html,"Blue Coat Systems K9 Web Protection 32.36 - Remote Buffer Overflow",2007-06-08,"Dennis Rand",multiple,dos,0
|
||||
30164,platforms/hardware/remote/30164.txt,"3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting",2007-06-08,"Secunia Research",hardware,remote,0
|
||||
30165,platforms/asp/webapps/30165.txt,"Ibrahim Ã?AKICI Okul Portal Haber_Oku.ASP - SQL Injection",2007-06-08,ertuqrul,asp,webapps,0
|
||||
30166,platforms/php/webapps/30166.txt,"WordPress 2.2 - Request_URI Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0
|
||||
30166,platforms/php/webapps/30166.txt,"WordPress Core 2.2 - Request_URI Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0
|
||||
30167,platforms/hardware/dos/30167.txt,"Packeteer PacketShaper 7.x Web Interface Remote Denial of Service",2007-06-08,nnposter,hardware,dos,0
|
||||
30168,platforms/php/webapps/30168.txt,"vBSupport 2.0.0 Integrated Ticket System vBSupport.php SQL Injection",2007-06-09,rUnViRuS,php,webapps,0
|
||||
30169,platforms/windows/remote/30169.txt,"WindowsPT 1.2 User ID Key Spoofing",2007-06-11,nnposter,windows,remote,0
|
||||
|
|
@ -30624,7 +30624,7 @@ id,file,description,date,author,platform,type,port
|
|||
33987,platforms/php/webapps/33987.txt,"PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-Site Scripting",2010-01-03,indoushka,php,webapps,0
|
||||
34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0
|
||||
33990,platforms/multiple/remote/33990.rb,"Gitlist - Unauthenticated Remote Command Execution",2014-07-07,Metasploit,multiple,remote,80
|
||||
33991,platforms/php/remote/33991.rb,"WordPress MailPoet - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,Metasploit,php,remote,80
|
||||
33991,platforms/php/remote/33991.rb,"WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,Metasploit,php,remote,80
|
||||
33992,platforms/asp/webapps/33992.txt,"Platnik 8.1.1 - Multiple SQL Injection",2010-05-17,podatnik386,asp,webapps,0
|
||||
33993,platforms/php/webapps/33993.txt,"Planet Script 1.x - 'idomains.php' Cross-Site Scripting",2010-05-14,Mr.ThieF,php,webapps,0
|
||||
33994,platforms/php/webapps/33994.txt,"PonVFTP Insecure Cookie Authentication Bypass",2010-05-17,SkuLL-HackeR,php,webapps,0
|
||||
|
|
@ -31512,7 +31512,7 @@ id,file,description,date,author,platform,type,port
|
|||
34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - (BthPan.sys) Privilege Escalation",2014-10-15,Metasploit,win_x86,local,0
|
||||
34994,platforms/cgi/webapps/34994.txt,"OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-13,"dave b",cgi,webapps,0
|
||||
34995,platforms/php/webapps/34995.txt,"Simea CMS 'index.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0
|
||||
34984,platforms/php/webapps/34984.py,"Drupal Core 7.32 - SQL Injection (1)",2014-10-16,fyukyuk,php,webapps,0
|
||||
34984,platforms/php/webapps/34984.py,"Drupal Core 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (1)",2014-10-16,fyukyuk,php,webapps,0
|
||||
34985,platforms/php/remote/34985.txt,"pfSense 2 Beta 4 - 'graph.php' Multiple Cross-Site Scripting Vulnerabilities",2010-11-05,"dave b",php,remote,0
|
||||
34986,platforms/hardware/remote/34986.txt,"D-Link DIR-300 - Multiple Security Bypass Vulnerabilities",2010-11-09,"Karol Celia",hardware,remote,0
|
||||
34987,platforms/linux/local/34987.c,"Linux Kernel 2.6.x - 'net/core/filter.c' Local Information Disclosure",2010-11-09,"Dan Rosenberg",linux,local,0
|
||||
|
|
@ -31520,7 +31520,7 @@ id,file,description,date,author,platform,type,port
|
|||
34989,platforms/php/webapps/34989.txt,"WeBid 0.85P1 - Multiple Input Validation Vulnerabilities",2010-11-10,"John Leitch",php,webapps,0
|
||||
34990,platforms/php/webapps/34990.txt,"Ricoh Web Image Monitor 2.03 - Cross-Site Scripting",2010-11-09,thelightcosine,php,webapps,0
|
||||
34996,platforms/php/webapps/34996.txt,"Raised Eyebrow CMS 'venue.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0
|
||||
34992,platforms/php/webapps/34992.txt,"Drupal Core 7.32 - SQL Injection (2)",2014-10-17,"Claudio Viviani",php,webapps,0
|
||||
34992,platforms/php/webapps/34992.txt,"Drupal Core 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (2)",2014-10-17,"Claudio Viviani",php,webapps,0
|
||||
34993,platforms/php/webapps/34993.php,"Drupal Core 7.32 - SQL Injection (PHP)",2014-10-17,"Dustin Dörr",php,webapps,0
|
||||
34997,platforms/windows/remote/34997.txt,"DServe Multiple Cross-Site Scripting Vulnerabilities",2010-11-16,Axiell,windows,remote,0
|
||||
34998,platforms/linux/remote/34998.txt,"Eclipse 3.6.1 Help Server help/index.jsp URI XSS",2010-11-16,"Aung Khant",linux,remote,0
|
||||
|
|
@ -31672,7 +31672,7 @@ id,file,description,date,author,platform,type,port
|
|||
35146,platforms/php/webapps/35146.txt,"PHP < 5.6.2 - Bypass disable_functions Exploit (Shellshock)",2014-11-03,"Ryan King (Starfall)",php,webapps,0
|
||||
35148,platforms/linux/remote/35148.txt,"IBM Tivoli Access Manager 6.1.1 for e-business Directory Traversal",2010-12-24,anonymous,linux,remote,0
|
||||
35149,platforms/php/webapps/35149.txt,"LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-Site Scripting",2010-12-27,"Ulisses Castro",php,webapps,0
|
||||
35150,platforms/php/webapps/35150.php,"Drupal < 7.32 Pre Auth SQL Injection",2014-11-03,"Stefan Horst",php,webapps,443
|
||||
35150,platforms/php/webapps/35150.php,"Drupal Core < 7.32 - Pre Auth SQL Injection",2014-11-03,"Stefan Horst",php,webapps,443
|
||||
35151,platforms/hardware/remote/35151.rb,"Xerox Multifunction Printers (MFP) 'Patch' DLM",2014-11-03,Metasploit,hardware,remote,9100
|
||||
35153,platforms/osx/dos/35153.c,"Mac OS X Mavericks - IOBluetoothHCIUserClient Privilege Escalation",2014-11-03,"rpaleari and joystick",osx,dos,0
|
||||
35154,platforms/asp/dos/35154.txt,"Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service",2010-12-27,"Pouya Daneshmand",asp,dos,0
|
||||
|
|
@ -32078,12 +32078,12 @@ id,file,description,date,author,platform,type,port
|
|||
35600,platforms/linux/dos/35600.c,"Linux Kernel 2.6.x - 'inotify_init1()' Double Free Local Denial of Service",2011-04-11,anonymous,linux,dos,0
|
||||
35601,platforms/php/webapps/35601.txt,"Etki Video PRO 2.0 izle.asp id Parameter SQL Injection",2011-04-11,Kurd-Team,php,webapps,0
|
||||
35602,platforms/php/webapps/35602.txt,"Etki Video PRO 2.0 kategori.asp cat Parameter SQL Injection",2011-04-11,Kurd-Team,php,webapps,0
|
||||
35603,platforms/php/webapps/35603.txt,"Live Wire 2.3.1 For WordPress - Multiple Security Vulnerabilities",2011-04-11,MustLive,php,webapps,0
|
||||
35603,platforms/php/webapps/35603.txt,"Wordpress Live Wire 2.3.1 Theme - Multiple Security Vulnerabilities",2011-04-11,MustLive,php,webapps,0
|
||||
35604,platforms/php/webapps/35604.txt,"eForum 1.1 - '/eforum.php' Arbitrary File Upload",2011-04-09,QSecure,php,webapps,0
|
||||
35605,platforms/php/webapps/35605.txt,"Lazarus Guestbook 1.22 - Multiple Vulnerabilities",2014-12-24,TaurusOmar,php,webapps,80
|
||||
35606,platforms/linux/remote/35606.txt,"MIT Kerberos 5 kadmind Change Password Feature Remote Code Execution",2011-04-11,"Felipe Ortega",linux,remote,0
|
||||
35607,platforms/php/webapps/35607.txt,"Spellchecker Plugin 3.1 for WordPress - 'general.php' Local File Inclusion / Remote File Inclusion",2011-04-12,"Dr Trojan",php,webapps,0
|
||||
35608,platforms/php/webapps/35608.txt,"The Gazette Edition 2.9.4 For WordPress - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0
|
||||
35608,platforms/php/webapps/35608.txt,"WordPress The Gazette Edition 2.9.4 Theme - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0
|
||||
35609,platforms/php/webapps/35609.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-12,"High-Tech Bridge SA",php,webapps,0
|
||||
35610,platforms/php/webapps/35610.txt,"Plogger 1.0 RC1 - 'gallery_name' Parameter Cross-Site Scripting",2011-04-12,"High-Tech Bridge SA",php,webapps,0
|
||||
35611,platforms/php/webapps/35611.txt,"Website Baker 2.8.1 - Multiple SQL Injection",2011-04-12,"High-Tech Bridge SA",php,webapps,0
|
||||
|
|
@ -32501,7 +32501,7 @@ id,file,description,date,author,platform,type,port
|
|||
36056,platforms/windows/remote/36056.rb,"Achat 0.150 beta7 - Buffer Overflow (Metasploit)",2015-02-11,Metasploit,windows,remote,9256
|
||||
36057,platforms/cgi/webapps/36057.txt,"IBM Endpoint Manager - Stored XSS",2015-02-11,"RedTeam Pentesting",cgi,webapps,52311
|
||||
36070,platforms/php/dos/36070.txt,"PHP Prior to 5.3.7 - Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities",2011-08-19,"Maksymilian Arciemowicz",php,dos,0
|
||||
36061,platforms/php/webapps/36061.php,"WordPress Webdorado Spider Event Calendar 1.4.9 - SQL Injection",2015-02-13,"Mateusz Lach",php,webapps,0
|
||||
36061,platforms/php/webapps/36061.php,"WordPress Webdorado Spider Event Calendar 1.4.9 Plugin - SQL Injection",2015-02-13,"Mateusz Lach",php,webapps,0
|
||||
36062,platforms/windows/local/36062.txt,"Realtek 11n Wireless LAN utility - Privilege Escalation",2015-02-13,"Humberto Cabrera",windows,local,0
|
||||
36063,platforms/asp/webapps/36063.txt,"Code Widgets Online Job Application 'admin.asp' Multiple SQL Injection",2011-08-17,"L0rd CrusAd3r",asp,webapps,0
|
||||
36064,platforms/asp/webapps/36064.txt,"Code Widgets DataBound Index Style Menu 'category.asp' SQL Injection",2011-08-17,Inj3ct0r,asp,webapps,0
|
||||
|
|
@ -32628,7 +32628,7 @@ id,file,description,date,author,platform,type,port
|
|||
36192,platforms/php/webapps/36192.txt,"A2CMS 'index.php' Local File Disclosure",2011-09-28,St493r,php,webapps,0
|
||||
36193,platforms/php/webapps/36193.txt,"WordPress WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0
|
||||
36194,platforms/php/webapps/36194.txt,"ProjectForum 7.0.1 3038 - 'more' Object HTML Injection",2011-09-30,"Paul Davis",php,webapps,0
|
||||
36195,platforms/php/webapps/36195.txt,"WordPress Trending 0.1 - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0
|
||||
36195,platforms/php/webapps/36195.txt,"WordPress Trending 0.1 Theme - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0
|
||||
36196,platforms/php/webapps/36196.txt,"SonicWall Viewpoint 6.0 - 'scheduleID' Parameter SQL Injection",2011-10-02,Rem0ve,php,webapps,0
|
||||
36197,platforms/php/webapps/36197.txt,"ezCourses admin.asp Security Bypass",2011-10-01,J.O,php,webapps,0
|
||||
36198,platforms/multiple/dos/36198.pl,"Polipo 1.0.4.1 POST/PUT Requests HTTP Header Processing Denial Of Service",2011-10-01,"Usman Saeed",multiple,dos,0
|
||||
|
|
@ -32836,7 +32836,7 @@ id,file,description,date,author,platform,type,port
|
|||
36402,platforms/asp/webapps/36402.txt,"Hero 3.69 - 'month' Parameter Cross-Site Scripting",2011-12-01,"Gjoko Krstic",asp,webapps,0
|
||||
36403,platforms/windows/dos/36403.html,"HP Device Access Manager for HP ProtectTools 5.0/6.0 Heap Memory Corruption",2011-12-02,"High-Tech Bridge SA",windows,dos,0
|
||||
36404,platforms/linux/dos/36404.c,"GNU glibc Timezone Parsing Remote Integer Overflow",2009-06-01,dividead,linux,dos,0
|
||||
36414,platforms/php/webapps/36414.txt,"WordPress WPML - Multiple Vulnerabilities",2015-03-16,"Jouko Pynnonen",php,webapps,80
|
||||
36414,platforms/php/webapps/36414.txt,"WordPress WPML 3.1.9 Plugin - Multiple Vulnerabilities",2015-03-16,"Jouko Pynnonen",php,webapps,80
|
||||
36415,platforms/java/remote/36415.rb,"ElasticSearch - Search Groovy Sandbox Bypass",2015-03-16,Metasploit,java,remote,9200
|
||||
36482,platforms/php/webapps/36482.txt,"Siena CMS 1.242 - 'err' Parameter Cross-Site Scripting",2012-01-01,Net.Edit0r,php,webapps,0
|
||||
36483,platforms/php/webapps/36483.txt,"WordPress WP Live.php 1.2.1 - 's' Parameter Cross-Site Scripting",2012-01-01,"H4ckCity Security Team",php,webapps,0
|
||||
|
|
@ -33240,7 +33240,7 @@ id,file,description,date,author,platform,type,port
|
|||
36835,platforms/php/webapps/36835.txt,"Joomla Xcomp 'com_xcomp' Component Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0
|
||||
36836,platforms/multiple/remote/36836.py,"Legend Perl IRC Bot - Remote Code Execution PoC",2015-04-27,"Jay Turla",multiple,remote,0
|
||||
36837,platforms/windows/local/36837.rb,"iTunes 10.6.1.7 - '.PLS' Title Buffer Overflow",2015-04-27,"Fady Mohammed Osman",windows,local,0
|
||||
36844,platforms/php/webapps/36844.txt,"WordPress 4.2 - Stored XSS",2015-04-27,klikki,php,webapps,0
|
||||
36844,platforms/php/webapps/36844.txt,"WordPress Core 4.2 - Stored XSS",2015-04-27,klikki,php,webapps,0
|
||||
36839,platforms/multiple/remote/36839.py,"MiniUPnPd 1.0 - Stack Overflow RCE for AirTies RT Series (MIPS)",2015-04-27,"Onur Alanbel (BGA)",multiple,remote,0
|
||||
36840,platforms/multiple/dos/36840.py,"Wireshark 1.12.4 - Memory Corruption and Access Violation PoC",2015-04-27,"Avinash Thapa",multiple,dos,0
|
||||
36841,platforms/windows/local/36841.py,"UniPDF 1.2 - 'xml' Buffer Overflow Crash PoC",2015-04-27,"Avinash Thapa",windows,local,0
|
||||
|
|
@ -33354,7 +33354,7 @@ id,file,description,date,author,platform,type,port
|
|||
36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin 4.2.4 - CSRF",2015-05-08,Evex,php,webapps,80
|
||||
36955,platforms/osx/remote/36955.py,"MacKeeper URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0
|
||||
36956,platforms/windows/remote/36956.rb,"Adobe Flash Player domainMemory ByteArray Use After Free",2015-05-08,Metasploit,windows,remote,0
|
||||
36957,platforms/php/remote/36957.rb,"WordPress RevSlider File Upload and Execute",2015-05-08,Metasploit,php,remote,80
|
||||
36957,platforms/php/remote/36957.rb,"WordPress RevSlider 3.0.95 Plugin - File Upload and Execute",2015-05-08,Metasploit,php,remote,80
|
||||
36958,platforms/php/webapps/36958.txt,"WordPress Ultimate Profile Builder Plugin 2.3.3 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80
|
||||
36959,platforms/php/webapps/36959.txt,"WordPress ClickBank Ads Plugin 1.7 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80
|
||||
36960,platforms/windows/webapps/36960.txt,"Manage Engine Asset Explorer 6.1.0 Build: 6110 - CSRF",2015-05-08,"Kaustubh G. Padwad",windows,webapps,8080
|
||||
|
|
@ -33496,7 +33496,7 @@ id,file,description,date,author,platform,type,port
|
|||
37108,platforms/php/webapps/37108.txt,"WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80
|
||||
37109,platforms/php/webapps/37109.txt,"WordPress GigPress Plugin 2.3.8 - SQL Injection",2015-05-26,"Adrián M. F.",php,webapps,80
|
||||
37110,platforms/java/webapps/37110.py,"Apache Jackrabbit WebDAV XXE Exploit",2015-05-26,"Mikhail Egorov",java,webapps,8080
|
||||
37111,platforms/php/webapps/37111.txt,"WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution",2015-05-26,woodspeed,php,webapps,80
|
||||
37111,platforms/php/webapps/37111.txt,"WordPress MailChimp Subscribe Forms 1.1 - Remote Code Execution",2015-05-26,woodspeed,php,webapps,80
|
||||
37112,platforms/php/webapps/37112.txt,"WordPress church_admin Plugin 0.800 Stored XSS",2015-05-26,woodspeed,php,webapps,80
|
||||
37113,platforms/php/webapps/37113.txt,"Wordpess Simple Photo Gallery 1.7.8 Blind SQL Injection",2015-05-26,woodspeed,php,webapps,80
|
||||
37114,platforms/jsp/webapps/37114.txt,"Sendio ESP Information Disclosure",2015-05-26,"Core Security",jsp,webapps,80
|
||||
|
|
@ -33582,7 +33582,7 @@ id,file,description,date,author,platform,type,port
|
|||
37201,platforms/php/webapps/37201.txt,"WordPress Sharebar Plugin 1.2.1 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0
|
||||
37202,platforms/php/webapps/37202.txt,"Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0
|
||||
37203,platforms/php/webapps/37203.txt,"WordPress Soundcloud Is Gold 2.1 - 'width' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0
|
||||
37204,platforms/php/webapps/37204.txt,"WordPress Track That Stat 1.0.8 Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0
|
||||
37204,platforms/php/webapps/37204.txt,"WordPress Track That Stat 1.0.8 - Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0
|
||||
37205,platforms/php/webapps/37205.txt,"LongTail JW Player 'debug' Parameter Cross-Site Scripting",2012-05-16,gainover,php,webapps,0
|
||||
37206,platforms/php/webapps/37206.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 demo/phpThumb.demo.showpic.php title Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0
|
||||
37207,platforms/php/webapps/37207.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 demo/phpThumb.demo.random.php dir Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0
|
||||
|
|
@ -33659,7 +33659,7 @@ id,file,description,date,author,platform,type,port
|
|||
37271,platforms/multiple/webapps/37271.txt,"Opsview 4.6.2 - Multiple XSS Vulnerabilities",2015-06-12,"Dolev Farhi",multiple,webapps,80
|
||||
37272,platforms/jsp/webapps/37272.txt,"ZCMS 1.1 - Multiple Vulnerabilities",2015-06-12,hyp3rlinx,jsp,webapps,8080
|
||||
37274,platforms/php/webapps/37274.txt,"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal",2015-06-12,"Larry W. Cashdollar",php,webapps,80
|
||||
37275,platforms/php/webapps/37275.txt,"WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload",2015-06-12,"Larry W. Cashdollar",php,webapps,80
|
||||
37275,platforms/php/webapps/37275.txt,"WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta - Shell Upload",2015-06-12,"Larry W. Cashdollar",php,webapps,80
|
||||
37277,platforms/php/webapps/37277.txt,"concrete5 index.php/tools/required/files/search_dialog ocID Parameter XSS",2012-05-20,AkaStep,php,webapps,0
|
||||
37278,platforms/php/webapps/37278.txt,"concrete5 index.php/tools/required/files/customize_search_columns searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0
|
||||
37279,platforms/php/webapps/37279.txt,"concrete5 index.php/tools/required/files/search_results searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0
|
||||
|
|
@ -33772,7 +33772,7 @@ id,file,description,date,author,platform,type,port
|
|||
37416,platforms/java/webapps/37416.txt,"Squiz CMS Multiple Cross-Site Scripting and XML External Entity Injection Vulnerabilities",2012-06-14,"Nadeem Salim",java,webapps,0
|
||||
37417,platforms/php/webapps/37417.php,"WordPress Multiple Themes 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0
|
||||
37418,platforms/php/webapps/37418.php,"WordPress LB Mixed Slideshow Plugin 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0
|
||||
37419,platforms/php/webapps/37419.txt,"WordPress Wp-ImageZoom 'file' Parameter Remote File Disclosure",2012-06-18,"Sammy FORGIT",php,webapps,0
|
||||
37419,platforms/php/webapps/37419.txt,"WordPress Wp-ImageZoom - 'file' Parameter Remote File Disclosure",2012-06-18,"Sammy FORGIT",php,webapps,0
|
||||
37420,platforms/php/webapps/37420.txt,"VANA CMS 'index.php' Script SQL Injection",2012-06-18,"Black Hat Group",php,webapps,0
|
||||
37565,platforms/php/webapps/37565.txt,"Mahara 1.4.1 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-08-02,anonymous,php,webapps,0
|
||||
37566,platforms/php/dos/37566.php,"PHP 5.4.3 PDO Memory Access Violation Denial of Service",2012-08-02,0x721427D8,php,dos,0
|
||||
|
|
@ -33805,7 +33805,7 @@ id,file,description,date,author,platform,type,port
|
|||
37449,platforms/hardware/webapps/37449.txt,"Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities",2015-06-30,"SEC Consult",hardware,webapps,0
|
||||
37450,platforms/php/webapps/37450.txt,"Amazon S3 Uploadify Script 'uploadify.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0
|
||||
37451,platforms/php/webapps/37451.txt,"SilverStripe Pixlr Image Editor 'upload.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0
|
||||
37452,platforms/php/webapps/37452.txt,"WordPress Flip Book 'php.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0
|
||||
37452,platforms/php/webapps/37452.txt,"WordPress Flip Book - 'php.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0
|
||||
37453,platforms/php/webapps/37453.php,"Drupal Drag & Drop Gallery 'upload.php' Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0
|
||||
37454,platforms/hardware/webapps/37454.txt,"D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities",2015-07-01,DNO,hardware,webapps,0
|
||||
37499,platforms/php/webapps/37499.txt,"Phonalisa - Multiple HTML-Injection Cross-Site Scripting",2012-07-12,"Benjamin Kunz Mejri",php,webapps,0
|
||||
|
|
@ -33837,7 +33837,7 @@ id,file,description,date,author,platform,type,port
|
|||
37482,platforms/php/webapps/37482.txt,"WordPress custom tables Plugin 'key' Parameter Cross-Site Scripting",2012-07-03,"Sammy FORGIT",php,webapps,0
|
||||
37483,platforms/php/webapps/37483.txt,"WordPress church_admin Plugin 'id' parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0
|
||||
37484,platforms/php/webapps/37484.txt,"WordPress Knews Multilingual Newsletters Plugin Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0
|
||||
37485,platforms/php/webapps/37485.txt,"WordPress PHPFreeChat 'url' Parameter Cross-Site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0
|
||||
37485,platforms/php/webapps/37485.txt,"WordPress PHPFreeChat - 'url' Parameter Cross-Site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0
|
||||
37486,platforms/php/webapps/37486.txt,"sflog! 'section' Parameter Local File Inclusion",2012-07-06,dun,php,webapps,0
|
||||
37487,platforms/multiple/dos/37487.txt,"Apache Sling Denial Of Service",2012-07-06,IOactive,multiple,dos,0
|
||||
37488,platforms/asp/webapps/37488.txt,"WebsitePanel 'ReturnUrl' Parameter URI Redirection",2012-07-09,"Anastasios Monachos",asp,webapps,0
|
||||
|
|
@ -34008,7 +34008,7 @@ id,file,description,date,author,platform,type,port
|
|||
37674,platforms/php/webapps/37674.txt,"PHP Web Scripts Text Exchange Pro 'page' Parameter Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0
|
||||
37675,platforms/php/webapps/37675.txt,"Joomla! Komento Component 'cid' Parameter SQL Injection",2012-08-27,Crim3R,php,webapps,0
|
||||
37676,platforms/asp/webapps/37676.txt,"Power-eCommerce Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0
|
||||
37677,platforms/php/webapps/37677.txt,"WordPress Finder 'order' Parameter Cross-Site Scripting",2012-08-25,Crim3R,php,webapps,0
|
||||
37677,platforms/php/webapps/37677.txt,"WordPress Finder - 'order' Parameter Cross-Site Scripting",2012-08-25,Crim3R,php,webapps,0
|
||||
37678,platforms/asp/webapps/37678.txt,"Web Wiz Forums Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0
|
||||
37679,platforms/php/webapps/37679.txt,"LibGuides Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,php,webapps,0
|
||||
37680,platforms/php/webapps/37680.txt,"Mihalism Multi Host 'users.php' Cross-Site Scripting",2012-08-25,Explo!ter,php,webapps,0
|
||||
|
|
@ -34034,7 +34034,7 @@ id,file,description,date,author,platform,type,port
|
|||
37706,platforms/linux/dos/37706.txt,"Libuser Library - Multiple Vulnerabilities",2015-07-27,"Qualys Corporation",linux,dos,0
|
||||
37737,platforms/windows/local/37737.rb,"Heroes of Might and Magic III .h3m Map file Buffer Overflow",2015-08-07,Metasploit,windows,local,0
|
||||
37825,platforms/osx/local/37825.txt,"OS X 10.10.5 - XNU Local Privilege Escalation",2015-08-18,kpwn,osx,local,0
|
||||
37826,platforms/php/webapps/37826.txt,"WordPress Multiple Path Dislosure Vulnerabilities",2012-09-18,AkaStep,php,webapps,0
|
||||
37826,platforms/php/webapps/37826.txt,"WordPress Core 3.4.2 - Multiple Path Dislosure Vulnerabilities",2012-09-18,AkaStep,php,webapps,0
|
||||
37751,platforms/php/webapps/37751.txt,"WordPress WPTF Image Gallery 1.03 - Aribtrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80
|
||||
37752,platforms/php/webapps/37752.txt,"WordPress Recent Backups Plugin 0.7 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80
|
||||
37705,platforms/php/webapps/37705.txt,"WordPress Unite Gallery Lite Plugin 1.4.6 - Multiple Vulnerabilities",2015-07-27,"Nitin Venkatesh",php,webapps,80
|
||||
|
|
@ -34075,7 +34075,7 @@ id,file,description,date,author,platform,type,port
|
|||
37741,platforms/osx/dos/37741.txt,"OSX Keychain - EXC_BAD_ACCESS DoS",2015-08-08,"Juan Sacco",osx,dos,0
|
||||
37824,platforms/php/webapps/37824.txt,"WordPress WP Symposium Plugin 15.1 - SQL Injection",2015-08-18,PizzaHatHacker,php,webapps,80
|
||||
37743,platforms/linux/dos/37743.pl,"Brasero - Crash Proof Of Concept",2015-08-08,"Mohammad Reza Espargham",linux,dos,0
|
||||
37744,platforms/php/webapps/37744.txt,"WordPress Video Gallery 2.7 SQL Injection",2015-08-09,"Kacper Szurek",php,webapps,0
|
||||
37744,platforms/php/webapps/37744.txt,"WordPress Video Gallery 2.7 - SQL Injection",2015-08-09,"Kacper Szurek",php,webapps,0
|
||||
37749,platforms/lin_x86/shellcode/37749.c,"Linux/x86 - Egg Hunter Shellcode (19 bytes)",2015-08-10,"Guillaume Kaddouch",lin_x86,shellcode,0
|
||||
37750,platforms/php/webapps/37750.txt,"WDS CMS - SQL Injection",2015-08-10,"Ismail Marzouk",php,webapps,80
|
||||
37746,platforms/windows/remote/37746.py,"Netsparker 2.3.x - Remote Code Execution",2015-08-09,"Hesam Bazvand",windows,remote,0
|
||||
|
|
@ -34167,7 +34167,7 @@ id,file,description,date,author,platform,type,port
|
|||
38067,platforms/hardware/webapps/38067.py,"Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass",2015-09-02,Orwelllabs,hardware,webapps,80
|
||||
37833,platforms/php/webapps/37833.txt,"YCommerce - Multiple SQL Injection",2012-09-21,"Ricardo Almeida",php,webapps,0
|
||||
37834,platforms/linux/remote/37834.py,"Samba 3.5.11/3.6.3 Unspecified Remote Code Execution",2012-09-24,kb,linux,remote,0
|
||||
37835,platforms/php/webapps/37835.html,"WordPress Cross Site Request Forgery",2012-09-22,AkaStep,php,webapps,0
|
||||
37835,platforms/php/webapps/37835.html,"WordPress - Cross Site Request Forgery",2012-09-22,AkaStep,php,webapps,0
|
||||
37836,platforms/php/webapps/37836.txt,"WordPress Token Manager Plugin 'tid' Parameter Cross-Site Scripting",2012-09-25,TheCyberNuxbie,php,webapps,0
|
||||
37837,platforms/php/webapps/37837.html,"WordPress Sexy Add Template Plugin Cross Site Request Forgery",2012-09-22,the_cyber_nuxbie,php,webapps,0
|
||||
37838,platforms/php/webapps/37838.txt,"Neturf eCommerce Shopping Cart 'SearchFor' Parameter Cross-Site Scripting",2011-12-30,farbodmahini,php,webapps,0
|
||||
|
|
@ -34377,7 +34377,7 @@ id,file,description,date,author,platform,type,port
|
|||
38061,platforms/php/webapps/38061.txt,"Beat Websites 'id' Parameter SQL Injection",2012-11-24,Metropolis,php,webapps,0
|
||||
38062,platforms/multiple/webapps/38062.txt,"Forescout CounterACT 'a' Parameter Open Redirection",2012-11-26,"Joseph Sheridan",multiple,webapps,0
|
||||
38063,platforms/php/webapps/38063.txt,"WordPress Wp-ImageZoom Theme 'id' Parameter SQL Injection",2012-11-26,Amirh03in,php,webapps,0
|
||||
38064,platforms/php/webapps/38064.txt,"WordPress CStar Design 'id' Parameter SQL Injection",2012-11-27,Amirh03in,php,webapps,0
|
||||
38064,platforms/php/webapps/38064.txt,"WordPress CStar Design Theme - 'id' Parameter SQL Injection",2012-11-27,Amirh03in,php,webapps,0
|
||||
38065,platforms/osx/shellcode/38065.txt,"OS-X/x86-64 - /bin/sh Null Free Shellcode (34 bytes)",2015-09-02,"Fitzl Csaba",osx,shellcode,0
|
||||
38068,platforms/php/webapps/38068.txt,"MantisBT 1.2.19 - Host Header Attack",2015-09-02,"Pier-Luc Maltais",php,webapps,80
|
||||
38071,platforms/php/webapps/38071.rb,"YesWiki 0.2 - Path Traversal",2015-09-02,HaHwul,php,webapps,80
|
||||
|
|
@ -34409,7 +34409,7 @@ id,file,description,date,author,platform,type,port
|
|||
38096,platforms/linux/remote/38096.rb,"Endian Firewall Proxy Password Change Command Injection",2015-09-07,Metasploit,linux,remote,10443
|
||||
38097,platforms/hardware/webapps/38097.txt,"NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation",2015-09-07,"Elliott Lewis",hardware,webapps,80
|
||||
38098,platforms/jsp/webapps/38098.txt,"JSPMySQL Administrador - Multiple Vulnerabilities",2015-09-07,hyp3rlinx,jsp,webapps,8081
|
||||
38105,platforms/php/webapps/38105.txt,"WordPress White-Label Framework 2.0.6 - XSS",2015-09-08,Outlasted,php,webapps,80
|
||||
38105,platforms/php/webapps/38105.txt,"WordPress White-Label Framework 2.0.6 Theme - XSS",2015-09-08,Outlasted,php,webapps,80
|
||||
38108,platforms/windows/dos/38108.txt,"Advantech WebAccess 8.0_ 3.4.3 ActiveX - Multiple Vulnerabilities",2015-09-08,"Praveen Darshanam",windows,dos,0
|
||||
38109,platforms/linux/remote/38109.pl,"Oracle MySQL and MariaDB Insecure Salt Generation Security Bypass Weakness",2012-12-06,kingcope,linux,remote,0
|
||||
38110,platforms/php/webapps/38110.txt,"DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities",2015-09-08,"Ashiyane Digital Security Team",php,webapps,0
|
||||
|
|
@ -34859,7 +34859,7 @@ id,file,description,date,author,platform,type,port
|
|||
38582,platforms/hardware/remote/38582.html,"Brickcom Multiple IP Cameras Cross Site Request Forgery",2013-06-12,Castillo,hardware,remote,0
|
||||
38583,platforms/hardware/remote/38583.html,"Sony CH and DH Series IP Cameras Multiple Cross Site Request Forgery Vulnerabilities",2013-06-12,Castillo,hardware,remote,0
|
||||
38584,platforms/hardware/remote/38584.txt,"Grandstream Multiple IP Cameras Cross Site Request Forgery",2013-06-12,Castillo,hardware,remote,0
|
||||
38585,platforms/php/webapps/38585.pl,"WordPress NextGEN Gallery 'upload.php' Arbitrary File Upload",2013-06-12,"Marcos Garcia",php,webapps,0
|
||||
38585,platforms/php/webapps/38585.pl,"WordPress NextGEN Gallery - 'upload.php' Arbitrary File Upload",2013-06-12,"Marcos Garcia",php,webapps,0
|
||||
38586,platforms/android/remote/38586.txt,"TaxiMonger for Android 'name' Parameter HTML Injection",2013-06-15,"Ismail Kaleem",android,remote,0
|
||||
38587,platforms/multiple/remote/38587.txt,"Monkey HTTP Daemon Mandril Security Plugin Security Bypass",2013-06-14,felipensp,multiple,remote,0
|
||||
38588,platforms/php/webapps/38588.php,"bloofoxCMS 'index.php' Arbitrary File Upload",2013-06-17,"CWH Underground",php,webapps,0
|
||||
|
|
@ -34897,7 +34897,7 @@ id,file,description,date,author,platform,type,port
|
|||
38632,platforms/hardware/remote/38632.txt,"Multiple Zoom Telephonics Devices Multiple Security Vulnerabilities",2013-07-09,"Kyle Lovett",hardware,remote,0
|
||||
38630,platforms/php/webapps/38630.html,"phpVibe Information Disclosure and Remote File Inclusion",2013-07-06,indoushka,php,webapps,0
|
||||
38620,platforms/linux/dos/38620.txt,"FreeType 2.6.1 TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads",2015-11-04,"Google Security Research",linux,dos,0
|
||||
38621,platforms/php/webapps/38621.txt,"WordPress Xorbin Digital Flash Clock 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0
|
||||
38621,platforms/php/webapps/38621.txt,"WordPress Xorbin Digital Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0
|
||||
38622,platforms/linux/dos/38622.txt,"libvirt 'virConnectListAllInterfaces' Method Denial of Service",2013-07-01,"Daniel P. Berrange",linux,dos,0
|
||||
38623,platforms/multiple/dos/38623.html,"RealNetworks RealPlayer Denial of Service",2013-07-02,"Akshaysinh Vaghela",multiple,dos,0
|
||||
38624,platforms/php/webapps/38624.txt,"WordPress WP Feed Plugin 'nid' Parameter SQL Injection",2013-07-02,"Iranian Exploit DataBase",php,webapps,0
|
||||
|
|
@ -35512,7 +35512,7 @@ id,file,description,date,author,platform,type,port
|
|||
39266,platforms/php/webapps/39266.txt,"SeaWell Networks Spectrum - Multiple Vulnerabilities",2016-01-18,"Karn Ganeshen",php,webapps,443
|
||||
39267,platforms/php/webapps/39267.html,"Ilya Birman E2 - '/@actions/comment-process' SQL Injection",2014-07-23,"High-Tech Bridge",php,webapps,0
|
||||
39268,platforms/php/webapps/39268.java,"Ubiquiti Networks UniFi Video Default 'crossdomain.xml' Security Bypass",2014-07-23,"Seth Art",php,webapps,0
|
||||
39269,platforms/php/webapps/39269.txt,"WordPress Lead Octopus Power 'id' Parameter SQL Injection",2014-07-28,Amirh03in,php,webapps,0
|
||||
39269,platforms/php/webapps/39269.txt,"WordPress Lead Octopus Power - 'id' Parameter SQL Injection",2014-07-28,Amirh03in,php,webapps,0
|
||||
39270,platforms/php/webapps/39270.txt,"WhyDoWork AdSense Plugin for WordPress options-general.php Option Manipulation CSRF",2014-07-28,"Dylan Irzi",php,webapps,0
|
||||
39271,platforms/php/webapps/39271.txt,"CMSimple Default Administrator Credentials",2014-07-28,"Govind Singh",php,webapps,0
|
||||
39272,platforms/php/webapps/39272.txt,"CMSimple Remote file Inclusion",2014-07-28,"Govind Singh",php,webapps,0
|
||||
|
|
@ -35585,8 +35585,8 @@ id,file,description,date,author,platform,type,port
|
|||
39338,platforms/linux/shellcode/39338.c,"Linux x86 & x86_64 - Read /etc/passwd Shellcode (156 bytes)",2016-01-27,B3mB4m,linux,shellcode,0
|
||||
39339,platforms/php/webapps/39339.txt,"BK Mobile jQuery CMS 2.4 - Multiple Vulnerabilities",2016-01-27,"Rahul Pratap Singh",php,webapps,80
|
||||
39340,platforms/android/local/39340.cpp,"Android - sensord Local Root Exploit",2016-01-27,s0m3b0dy,android,local,0
|
||||
39341,platforms/php/webapps/39341.txt,"WordPress Booking Calendar Contact Form 1.1.24 - Multiple Vulnerabilities",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80
|
||||
39342,platforms/php/webapps/39342.txt,"WordPress Booking Calendar Contact Form 1.1.24 - addslashes SQL Injection",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80
|
||||
39341,platforms/php/webapps/39341.txt,"WordPress Booking Calendar Contact Form 1.1.24 Plugin - Multiple Vulnerabilities",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80
|
||||
39342,platforms/php/webapps/39342.txt,"WordPress Booking Calendar Contact Form 1.1.24 Plugin - addslashes SQL Injection",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80
|
||||
39343,platforms/php/webapps/39343.txt,"ol-commerce /OL-Commerce/affiliate_signup.php a_country Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0
|
||||
39344,platforms/php/webapps/39344.txt,"ol-commerce /OL-Commerce/affiliate_show_banner.php affiliate_banner_id Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0
|
||||
39345,platforms/php/webapps/39345.txt,"ol-commerce /OL-Commerce/create_account.php country Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0
|
||||
|
|
@ -36331,7 +36331,7 @@ id,file,description,date,author,platform,type,port
|
|||
40170,platforms/python/remote/40170.rb,"Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)",2016-07-27,Metasploit,python,remote,80
|
||||
40172,platforms/windows/local/40172.py,"VUPlayer 2.49 - (.pls) Stack Buffer Overflow (DEP Bypass)",2016-07-29,vportal,windows,local,0
|
||||
40173,platforms/windows/local/40173.txt,"mySCADAPro 7 - Local Privilege Escalation",2016-07-29,"Karn Ganeshen",windows,local,0
|
||||
40174,platforms/php/webapps/40174.txt,"Wordpress Ultimate Product Catalog 3.9.8 - (do_shortcode via ajax) Blind SQL Injection",2016-07-29,"i0akiN SEC-LABORATORY",php,webapps,80
|
||||
40174,platforms/php/webapps/40174.txt,"Wordpress Ultimate Product Catalog 3.9.8 Plugin - (do_shortcode via ajax) Blind SQL Injection",2016-07-29,"i0akiN SEC-LABORATORY",php,webapps,80
|
||||
40175,platforms/win_x86/shellcode/40175.c,"Windows 7 x86 - localhost Port Scanner Shellcode (556 bytes)",2016-07-29,"Roziul Hasan Khan Shifat",win_x86,shellcode,0
|
||||
40176,platforms/linux/remote/40176.rb,"Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post Auth Remote Root Exploit (Metasploit) (3)",2016-07-29,xort,linux,remote,8000
|
||||
40177,platforms/linux/remote/40177.rb,"Barracuda Web Application Firewall 8.0.1.008 - Post Auth Remote Root Exploit (Metasploit)",2016-07-29,xort,linux,remote,8000
|
||||
|
|
@ -36345,7 +36345,7 @@ id,file,description,date,author,platform,type,port
|
|||
40191,platforms/php/webapps/40191.txt,"WordPress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) CSRF",2016-08-01,"Yorick Koster",php,webapps,80
|
||||
40192,platforms/windows/dos/40192.py,"Halliburton LogView Pro 9.7.5 - (.cgm/.tif/.tiff/.tifh) Crash PoC",2016-08-01,"Karn Ganeshen",windows,dos,0
|
||||
40194,platforms/multiple/dos/40194.txt,"Wireshark 1.12.0-1.12.12 - NDS Dissector Denial of Service",2016-08-03,"Chris Benedict",multiple,dos,0
|
||||
40195,platforms/multiple/dos/40195.txt,"Wireshark 2.0.0 to 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service",2016-08-03,"Antti Levomäki",multiple,dos,0
|
||||
40195,platforms/multiple/dos/40195.txt,"Wireshark 2.0.0 - 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service",2016-08-03,"Antti Levomäki",multiple,dos,0
|
||||
40196,platforms/win_x86-64/dos/40196.txt,"Wireshark 2.0.0 - 2.0.4 - CORBA IDL Dissectors Denial of Service",2016-08-03,Igor,win_x86-64,dos,0
|
||||
40197,platforms/multiple/dos/40197.txt,"Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - PacketBB Dissector Denial of Service",2016-08-03,"Chris Benedict",multiple,dos,0
|
||||
40198,platforms/multiple/dos/40198.txt,"Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - WSP Dissector Denial of Service",2016-08-03,"Chris Benedict",multiple,dos,0
|
||||
|
|
@ -36373,10 +36373,11 @@ id,file,description,date,author,platform,type,port
|
|||
40221,platforms/php/webapps/40221.txt,"Nagios Network Analyzer 2.2.1 - Multiple CSRF",2016-08-10,hyp3rlinx,php,webapps,80
|
||||
40222,platforms/lin_x86/shellcode/40222.c,"Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes)",2016-08-10,thryb,lin_x86,shellcode,0
|
||||
40223,platforms/lin_x86/shellcode/40223.c,"Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)",2016-08-10,thryb,lin_x86,shellcode,0
|
||||
40224,platforms/windows/dos/40224.txt,"Microsoft Office Word 2007_2010_2013_2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)",2016-08-10,"Sébastien Morin",windows,dos,0
|
||||
40224,platforms/windows/dos/40224.txt,"Microsoft Office Word 2007/2010/2013/2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)",2016-08-10,"Sébastien Morin",windows,dos,0
|
||||
40225,platforms/php/webapps/40225.py,"vBulletin 5.2.2 - Preauth Server Side Request Forgery (SSRF)",2016-08-10,"Dawid Golunski",php,webapps,80
|
||||
40226,platforms/windows/local/40226.txt,"EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation",2016-08-10,LiquidWorm,windows,local,0
|
||||
40227,platforms/php/webapps/40227.txt,"EyeLock nano NXT 3.5 - Local File Disclosure",2016-08-10,LiquidWorm,php,webapps,80
|
||||
40228,platforms/php/webapps/40228.py,"EyeLock nano NXT 3.5 - Remote Root Exploit",2016-08-10,LiquidWorm,php,webapps,80
|
||||
40229,platforms/jsp/webapps/40229.txt,"WebNMS Framework Server 5.2 and 5.2 SP1 - Multiple Vulnerabilities",2016-08-10,"Pedro Ribeiro",jsp,webapps,0
|
||||
40229,platforms/jsp/webapps/40229.txt,"WebNMS Framework Server 5.2 / 5.2 SP1 - Multiple Vulnerabilities",2016-08-10,"Pedro Ribeiro",jsp,webapps,0
|
||||
40230,platforms/linux/dos/40230.txt,"SAP SAPCAR - Multiple Vulnerabilities",2016-08-10,"Core Security",linux,dos,0
|
||||
40231,platforms/java/webapps/40231.txt,"ColoradoFTP 1.3 Prime Edition (Build 8) - Directory Traversal",2016-08-11,Rv3Laboratory,java,webapps,80
|
||||
|
|
|
|||
|
Can't render this file because it is too large.
|
134
platforms/java/webapps/40231.txt
Executable file
134
platforms/java/webapps/40231.txt
Executable file
|
|
@ -0,0 +1,134 @@
|
|||
###################################################
|
||||
|
||||
01. ### Advisory Information ###
|
||||
|
||||
Title: Directory Traversal Vulnerability in ColoradoFTP v1.3 Prime
|
||||
Edition (Build 8)
|
||||
Date published: n/a
|
||||
Date of last update: n/a
|
||||
Vendors contacted: ColoradoFTP author Sergei Abramov
|
||||
Discovered by: Rv3Laboratory [Research Team]
|
||||
Severity: High
|
||||
|
||||
|
||||
02. ### Vulnerability Information ###
|
||||
|
||||
OVE-ID: OVE-20160718-0006
|
||||
CVSS v2 Base Score: 8.5
|
||||
CVSS v2 Vector: (AV:N/AC:M/Au:S/C:C/I:C/A:C)
|
||||
Component/s: ColoradoFTP Core v1.3
|
||||
Class: Path Traversal
|
||||
|
||||
|
||||
03. ### Introduction ###
|
||||
|
||||
ColoradoFTP is the open source Java FTP server. It is fast, reliable and
|
||||
extendable.
|
||||
Fully compatible with RFC 959 and RFC 3659 (File Transfer Protocol and
|
||||
Extensions)
|
||||
this implementation makes it easy to extend the functionality with
|
||||
virtually any feature.
|
||||
Well commented source code and existing plug-ins make it possible to
|
||||
shape the
|
||||
FTP server just the way you want!
|
||||
|
||||
http://cftp.coldcore.com/
|
||||
|
||||
04. ### Vulnerability Description ###
|
||||
|
||||
The default installation and configuration of Colorado FTP Prime Edition
|
||||
(Build 8) is prone to a
|
||||
security vulnerability. Colorado FTP contains a flaw that may allow a
|
||||
remote attacker to traverse directories on the FTP server.
|
||||
A remote attacker (a colorado FTP user) can send a command (MKDIR, PUT,
|
||||
GET or DEL) followed by sequences (\\\..\\) to traverse directories
|
||||
and create, upload, download or delete the contents of arbitrary files
|
||||
and directories on the FTP server.
|
||||
To exploit the vulnerability It is important to use "\\\" at the
|
||||
beginning of string.
|
||||
|
||||
|
||||
05. ### Technical Description / Proof of Concept Code ###
|
||||
|
||||
By supplying "\\\..\\..\\..\\..\\" in the file path, it is possible to
|
||||
trigger a directory traversal flaw, allowing the attacker
|
||||
(anonymous user or Colorado FTP user) to upload or download a file
|
||||
outside the virtual directory.
|
||||
|
||||
|
||||
05.01
|
||||
We tried to upload a file (netcat - nc.exe), to Windows %systemroot%
|
||||
directory (C:\WINDOWS\system32\) using a PUT command:
|
||||
|
||||
ftp> put nc.exe \\\..\\..\\..\\Windows\\system32\\nc.exe
|
||||
|
||||
Netcat was successfully uploaded.
|
||||
|
||||
|
||||
05.02
|
||||
We tried to create a directory (test), using a MKDIR command:
|
||||
|
||||
ftp> mkdir nc.exe \\\..\\..\\..\\test
|
||||
|
||||
The directory test was successfully created.
|
||||
|
||||
|
||||
06. ### Business Impact ###
|
||||
|
||||
This may allow an attacker to upload and download files from remote machine.
|
||||
|
||||
|
||||
07. ### Systems Affected ###
|
||||
|
||||
This vulnerability was tested against: ColoradoFTP v1.3 Prime Edition
|
||||
(Build 8)
|
||||
O.S.: Microsoft Windows 7 32bit
|
||||
JDK: v1.7.0_79
|
||||
Others versions are probably affected too, but they were not checked.
|
||||
|
||||
|
||||
08. ### Vendor Information, Solutions and Workarounds ###
|
||||
|
||||
This issue is fixed in ColoradoFTP Prime Edition (Build 9),
|
||||
which can be downloaded from:
|
||||
|
||||
http://cftp.coldcore.com/download.htm
|
||||
|
||||
|
||||
09. ### Credits ###
|
||||
|
||||
Rv3Laboratory [Research Team] - www.Rv3Lab.org
|
||||
|
||||
This vulnerability has been discovered by:
|
||||
Rv3Lab - [www.rv3lab.org] - research(at)rv3lab(dot)org
|
||||
Christian Catalano aka wastasy - wastasy(at)rv3lab(dot)org
|
||||
Marco Fornaro aka Chaplin89 - chaplin89(at)rv3lab(dot)org
|
||||
|
||||
|
||||
10. ### Vulnerability History ###
|
||||
|
||||
July 07th, 2016: Vulnerability discovered.
|
||||
July 19th, 2016: Vendor informed. [Colorado FTP team]
|
||||
July 21st, 2016: Vendor responds asking for details.
|
||||
July 28th, 2016: Sent detailed information to the vendor.
|
||||
August 08th, 2016: Vendor confirms vulnerability.
|
||||
August 10th, 2016: Vendor reveals patch release date.
|
||||
August 11th, 2016: Vulnerability disclosure
|
||||
|
||||
|
||||
11. ### Disclaimer ###
|
||||
|
||||
The information contained within this advisory is supplied "as-is" with
|
||||
no warranties or guarantees of fitness of use or otherwise.
|
||||
We accept no responsibility for any damage caused by the use or misuse of
|
||||
this information.
|
||||
|
||||
|
||||
12. ### About Rv3Lab ###
|
||||
|
||||
Rv3Lab is an independent Security Research Lab.
|
||||
For more information, please visit [www.Rv3Lab.org]
|
||||
For more information regarding the vulnerability feel free to contact the
|
||||
Rv3Research Team: research(at)rv3lab(dot)org
|
||||
|
||||
###################################################
|
||||
Loading…
Add table
Reference in a new issue