From 3d6d1ee44bdcdc2287df2662592af46fbf493e7e Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Mon, 3 Apr 2017 05:01:17 +0000 Subject: [PATCH] DB: 2017-04-03 --- files.csv | 544 +++++++++++++++++++++++++++--------------------------- 1 file changed, 272 insertions(+), 272 deletions(-) diff --git a/files.csv b/files.csv index 81dc588c0..3e5da8922 100644 --- a/files.csv +++ b/files.csv @@ -10,7 +10,7 @@ id,file,description,date,author,platform,type,port 60,platforms/hardware/dos/60.c,"Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service",2003-07-21,"Martin Kluge",hardware,dos,0 61,platforms/windows/dos/61.c,"Microsoft Windows Server 2000 - RPC DCOM Interface Denial of Service",2003-07-21,Flashsky,windows,dos,0 62,platforms/hardware/dos/62.sh,"Cisco IOS - (using hping) Remote Denial of Service",2003-07-22,zerash,hardware,dos,0 -65,platforms/windows/dos/65.c,"Microsoft Windows SQL Server - Remote Denial of Service (MS03-031)",2003-07-25,refdom,windows,dos,0 +65,platforms/windows/dos/65.c,"Microsoft Windows SQL Server - Remote Denial of Service (MS03-031)",2003-07-25,refdom,windows,dos,0 68,platforms/linux/dos/68.c,"Linux Kernel 2.4.20 - 'decode_fh' Denial of Service",2003-07-29,"Jared Stanbrough",linux,dos,0 73,platforms/windows/dos/73.c,"Trillian 0.74 - Remote Denial of Service",2003-08-01,l0bstah,windows,dos,0 82,platforms/windows/dos/82.c,"Piolet Client 1.05 - Remote Denial of Service",2003-08-20,"Luca Ercoli",windows,dos,0 @@ -643,7 +643,7 @@ id,file,description,date,author,platform,type,port 4426,platforms/hardware/dos/4426.pl,"Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC)",2007-09-18,"Alex Hernandez",hardware,dos,0 4432,platforms/multiple/dos/4432.html,"Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow",2007-09-19,"YAG KOHHA",multiple,dos,0 4474,platforms/windows/dos/4474.html,"EDraw Office Viewer Component 5.3 - FtpDownloadFile() Remote Buffer Overflow",2007-10-01,shinnai,windows,dos,0 -4479,platforms/windows/dos/4479.html,"CyberLink PowerDVD - CreateNewFile Arbitrary Remote Rewrite Denial of Service",2007-10-01,rgod,windows,dos,0 +4479,platforms/windows/dos/4479.html,"CyberLink PowerDVD - CreateNewFile Remote Rewrite Denial of Service",2007-10-01,rgod,windows,dos,0 4498,platforms/windows/dos/4498.pl,"WzdFTPD 0.8.0 - (USER) Remote Denial of Service",2007-10-07,k1tk4t,windows,dos,0 4532,platforms/linux/dos/4532.pl,"eXtremail 2.1.1 - memmove() Remote Denial of Service",2007-10-15,mu-b,linux,dos,0 4535,platforms/linux/dos/4535.pl,"eXtremail 2.1.1 - Remote Heap Overflow (PoC)",2007-10-15,mu-b,linux,dos,0 @@ -895,7 +895,7 @@ id,file,description,date,author,platform,type,port 7647,platforms/multiple/dos/7647.txt,"VMware 2.5.1 - 'VMware-authd' Remote Denial of Service",2009-01-02,"laurent gaffié",multiple,dos,0 7649,platforms/windows/dos/7649.pl,"Destiny Media Player 1.61 - '.m3u' Local Buffer Overflow (PoC)",2009-01-02,"aBo MoHaMeD",windows,dos,0 7652,platforms/windows/dos/7652.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (PoC)",2009-01-03,Encrypt3d.M!nd,windows,dos,0 -7673,platforms/multiple/dos/7673.html,"Apple Safari - 'ARGUMENTS' Array Integer Overflow (PoC) (New Heap Spray)",2009-01-05,Skylined,multiple,dos,0 +7673,platforms/multiple/dos/7673.html,"Apple Safari - 'ARGUMENTS' Array Integer Overflow (PoC) (Heap Spray)",2009-01-05,Skylined,multiple,dos,0 7685,platforms/multiple/dos/7685.pl,"SeaMonkey 1.1.14 - Denial of Service",2009-01-06,StAkeR,multiple,dos,0 7693,platforms/windows/dos/7693.pl,"Perception LiteServe 2.0.1 - (user) Remote Buffer Overflow (PoC)",2009-01-07,Houssamix,windows,dos,0 7694,platforms/windows/dos/7694.py,"Audacity 1.6.2 - '.aup' Remote Off-by-One Crash",2009-01-07,Stack,windows,dos,0 @@ -933,7 +933,7 @@ id,file,description,date,author,platform,type,port 7942,platforms/windows/dos/7942.pl,"Elecard AVC HD player - '.m3u' / '.xpl' Local Stack Overflow (PoC)",2009-02-02,AlpHaNiX,windows,dos,0 7943,platforms/windows/dos/7943.py,"RealVNC 4.1.2 - 'vncviewer.exe' RFB Protocol Remote Code Execution (PoC)",2009-02-02,"Andres Luksenberg",windows,dos,0 7962,platforms/windows/dos/7962.pl,"Hex Workshop 6.0 - '.cmap' Invalid Memory Reference (PoC)",2009-02-03,DATA_SNIPER,windows,dos,0 -7985,platforms/windows/dos/7985.pl,"Novell Groupwise 8.0 - Malformed RCPT command Off-by-One Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0 +7985,platforms/windows/dos/7985.pl,"Novell Groupwise 8.0 - Malformed RCPT Command Off-by-One Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0 7986,platforms/windows/dos/7986.pl,"Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC)",2009-02-04,"Praveen Darshanam",windows,dos,0 7990,platforms/windows/dos/7990.py,"UltraVNC/TightVNC - Multiple VNC Clients Multiple Integer Overflow (PoC)",2009-02-04,"Andres Luksenberg",windows,dos,0 7995,platforms/windows/dos/7995.pl,"FeedMon 2.7.0.0 - outline Tag Buffer Overflow (PoC)",2009-02-05,"Praveen Darshanam",windows,dos,0 @@ -1113,7 +1113,7 @@ id,file,description,date,author,platform,type,port 9173,platforms/windows/dos/9173.pl,"MultiMedia Jukebox 4.0 Build 020124 - '.pst' / '.m3u' Heap Overflow (PoC)",2009-07-16,hack4love,windows,dos,0 9175,platforms/multiple/dos/9175.txt,"Sguil/PADS - Remote Server Crash",2009-07-17,Ataraxia,multiple,dos,0 9178,platforms/windows/dos/9178.pl,"MixSense 1.0.0.1 DJ Studio - '.mp3' Crash",2009-07-16,prodigy,windows,dos,0 -9189,platforms/windows/dos/9189.pl,"Streaming Audio Player 0.9 - 'skin' Local Stack Overflow (PoC) (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 +9189,platforms/windows/dos/9189.pl,"Streaming Audio Player 0.9 - 'skin' Local Stack Overflow (PoC) (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 9192,platforms/windows/dos/9192.pl,"Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (PoC) (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 9198,platforms/multiple/dos/9198.txt,"Real Helix DNA - RTSP and SETUP Request Handler Vulnerabilities",2009-07-17,"Core Security",multiple,dos,0 9200,platforms/windows/dos/9200.pl,"EpicVJ 1.2.8.0 - '.mpl' / '.m3u' Local Heap Overflow (PoC)",2009-07-20,hack4love,windows,dos,0 @@ -1320,7 +1320,7 @@ id,file,description,date,author,platform,type,port 11020,platforms/windows/dos/11020.pl,"GOM Audio - Local Crash (PoC)",2010-01-06,applicationlayer,windows,dos,0 11021,platforms/windows/dos/11021.txt,"FlashGet 3.x - IEHelper Remote Execution (PoC)",2010-01-06,superli,windows,dos,0 11034,platforms/windows/dos/11034.txt,"Microsoft HTML Help Compiler (hhc.exe) - Buffer Overflow (PoC)",2010-01-06,s4squatch,windows,dos,0 -11043,platforms/hardware/dos/11043.txt,"Total MultiMedia Features - Sony Ericsson Phones Denial of Service (PoC)",2010-01-06,Aodrulez,hardware,dos,0 +11043,platforms/hardware/dos/11043.txt,"Total MultiMedia Features - Sony Ericsson Phones Denial of Service (PoC)",2010-01-06,Aodrulez,hardware,dos,0 11044,platforms/linux/dos/11044.txt,"Gnome Panel 2.28.0 - Denial of Service (PoC)",2010-01-06,"Pietro Oliva",linux,dos,0 11052,platforms/windows/dos/11052.pl,"Kantaris 0.5.6 - Local Denial of Service (PoC)",2010-01-07,anonymous,windows,dos,0 11053,platforms/windows/dos/11053.py,"ttplayer 5.6Beta3 - Denial of Service (PoC)",2010-01-07,"t-bag YDteam",windows,dos,0 @@ -1565,7 +1565,7 @@ id,file,description,date,author,platform,type,port 12751,platforms/windows/dos/12751.pl,"Adobe Photoshop CS4 Extended 11.0 - '.ABR' File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 12752,platforms/windows/dos/12752.c,"Adobe Photoshop CS4 Extended 11.0 - '.GRD' File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 12753,platforms/windows/dos/12753.c,"Adobe Photoshop CS4 Extended 11.0 - '.ASL' File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 -12762,platforms/freebsd/dos/12762.txt,"FreeBSD 8.0 ftpd (FreeBSD-SA-10:05) - Off- By One (PoC)",2010-05-27,"Maksymilian Arciemowicz",freebsd,dos,0 +12762,platforms/freebsd/dos/12762.txt,"FreeBSD 8.0 ftpd (FreeBSD-SA-10:05) - Off-By-One (PoC)",2010-05-27,"Maksymilian Arciemowicz",freebsd,dos,0 12774,platforms/windows/dos/12774.py,"Home FTP Server 1.10.3 (build 144) - Denial of Service",2010-05-28,Dr_IDE,windows,dos,0 12775,platforms/multiple/dos/12775.py,"VideoLAN VLC Media Player 1.0.6 - '.avi' Media File Crash (PoC)",2010-05-28,Dr_IDE,multiple,dos,0 12816,platforms/windows/dos/12816.py,"ZipExplorer 7.0 - '.zar' Denial of Service",2010-05-31,TecR0c,windows,dos,0 @@ -2064,7 +2064,7 @@ id,file,description,date,author,platform,type,port 18043,platforms/windows/dos/18043.py,"GFI Faxmaker Fax Viewer 10.0 (build 237) - Denial of Service (PoC)",2011-10-28,loneferret,windows,dos,0 40298,platforms/windows/dos/40298.py,"Goron WebServer 2.0 - Multiple Vulnerabilities",2016-08-29,"Guillaume Kaddouch",windows,dos,80 18028,platforms/windows/dos/18028.py,"zFTPServer - 'cwd/stat' Remote Denial of Service",2011-10-24,"Myo Soe",windows,dos,0 -18029,platforms/windows/dos/18029.pl,"BlueZone - Malformed .zft file Local Denial of Service",2011-10-24,"Iolo Morganwg",windows,dos,0 +18029,platforms/windows/dos/18029.pl,"BlueZone - Malformed '.zft' File Local Denial of Service",2011-10-24,"Iolo Morganwg",windows,dos,0 18030,platforms/windows/dos/18030.pl,"BlueZone Desktop Multiple - Malformed files Local Denial of Service Vulnerabilities",2011-10-25,Silent_Dream,windows,dos,0 18049,platforms/windows/dos/18049.txt,"Microsys PROMOTIC 8.1.4 - ActiveX GetPromoticSite Unitialized Pointer",2011-10-13,"Luigi Auriemma",windows,dos,0 18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Based Buffer Overflow (PoC)",2011-10-31,rgod,windows,dos,0 @@ -2080,7 +2080,7 @@ id,file,description,date,author,platform,type,port 18159,platforms/linux/dos/18159.py,"XChat 2.8.9 - Heap Overflow Denial of Service",2011-11-25,"Jane Doe",linux,dos,0 18165,platforms/windows/dos/18165.txt,"siemens automation license manager 500.0.122.1 - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 18166,platforms/windows/dos/18166.txt,"Siemens SIMATIC WinCC Flexible (Runtime) - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 -18173,platforms/windows/dos/18173.pl,"Bugbear FlatOut 2005 - Malformed .bed file Buffer Overflow",2011-11-30,Silent_Dream,windows,dos,0 +18173,platforms/windows/dos/18173.pl,"Bugbear FlatOut 2005 - Malformed '.bed' File Buffer Overflow",2011-11-30,Silent_Dream,windows,dos,0 18188,platforms/windows/dos/18188.txt,"Hillstone Software HS TFTP Server 1.3.2 - Denial of Service",2011-12-02,"SecPod Research",windows,dos,0 18200,platforms/windows/dos/18200.txt,"SopCast 3.4.7 - 'sop://' URI Handling Remote Stack Buffer Overflow (PoC)",2011-12-05,LiquidWorm,windows,dos,0 18196,platforms/windows/dos/18196.py,"NJStar Communicator MiniSmtp - Buffer Overflow [ASLR Bypass]",2011-12-03,Zune,windows,dos,0 @@ -2142,7 +2142,7 @@ id,file,description,date,author,platform,type,port 18524,platforms/windows/dos/18524.py,"Tiny HTTP Server 1.1.9 - Remote Crash (PoC)",2012-02-25,localh0t,windows,dos,0 18541,platforms/windows/dos/18541.py,"Netmechanica NetDecision HTTP Server - Denial of Service",2012-02-29,"SecPod Research",windows,dos,0 18546,platforms/windows/dos/18546.txt,"Novell Groupwise - Address Book Remote Code Execution",2012-03-01,"Francis Provencher",windows,dos,0 -18552,platforms/windows/dos/18552.pl,"Passport PC To Host - Malformed .zws file Memory Corruption",2012-03-03,Silent_Dream,windows,dos,0 +18552,platforms/windows/dos/18552.pl,"Passport PC To Host - Malformed '.zws' File Memory Corruption",2012-03-03,Silent_Dream,windows,dos,0 18600,platforms/multiple/dos/18600.txt,"presto! pagemanager 9.01 - Multiple Vulnerabilities",2012-03-14,"Luigi Auriemma",multiple,dos,0 18601,platforms/multiple/dos/18601.txt,"EMC NetWorker 7.6 sp3 - Denial of Service",2012-03-14,"Luigi Auriemma",multiple,dos,0 18579,platforms/linux/dos/18579.txt,"PyPAM - Python bindings for PAM - Double-Free Corruption",2012-03-10,"Markus Vervier",linux,dos,0 @@ -3283,7 +3283,7 @@ id,file,description,date,author,platform,type,port 24818,platforms/multiple/dos/24818.txt,"Digital Illusions CE Codename Eagle - Remote Denial of Service",2004-12-13,"Luigi Auriemma",multiple,dos,0 24828,platforms/linux/dos/24828.txt,"Opera Web Browser 7.54 - KDE KFMCLIENT Remote Command Execution",2004-12-13,"Giovanni Delvecchio",linux,dos,0 24839,platforms/hardware/dos/24839.c,"Ricoh Aficio 450/455 PCL Printer - Remote ICMP Denial of Service",2004-12-14,"Hongzhen Zhou",hardware,dos,0 -24841,platforms/windows/dos/24841.txt,"Adobe Acrobat/Acrobat Reader 6.0 - ETD File Parser Format String",2004-12-14,"Greg MacManus",windows,dos,0 +24841,platforms/windows/dos/24841.txt,"Adobe Acrobat / Acrobat Reader 6.0 - ETD File Parser Format String",2004-12-14,"Greg MacManus",windows,dos,0 24843,platforms/osx/dos/24843.txt,"Apple Safari Web Browser 1.x - HTML Form Status Bar Misrepresentation",2004-12-15,Guillaume,osx,dos,0 24855,platforms/php/dos/24855.txt,"PHP 3/4/5 - Multiple Local And Remote Vulnerabilities (2)",2004-12-15,Slythers,php,dos,0 24865,platforms/linux/dos/24865.txt,"GnuTLS libgnutls - Double-Free Certificate List Parsing Remote Denial of Service",2013-03-22,"Shawn the R0ck",linux,dos,0 @@ -3564,7 +3564,7 @@ id,file,description,date,author,platform,type,port 27981,platforms/linux/dos/27981.c,"GD Graphics Library 2.0.33 - Remote Denial of Service",2006-06-06,"Xavier Roche",linux,dos,0 28001,platforms/windows/dos/28001.c,"Microsoft SMB Driver - Local Denial of Service",2006-06-13,"Ruben Santamarta",windows,dos,0 28026,platforms/linux/dos/28026.txt,"MySQL Server 4/5 - Str_To_Date Remote Denial of Service",2006-06-14,Kanatoko,linux,dos,0 -28065,platforms/multiple/dos/28065.vmx,"VMware Player 1.0.1 Build 19317 - Malformed VMX File Denial of Service",2006-06-19,n00b,multiple,dos,0 +28065,platforms/multiple/dos/28065.vmx,"VMware Player 1.0.1 Build 19317 - Malformed '.VMX' File Denial of Service",2006-06-19,n00b,multiple,dos,0 28077,platforms/linux/dos/28077.txt,"GnuPG 1.4.3/1.9.x - Parse_User_ID Remote Buffer Overflow",2006-06-20,"Evgeny Legerov",linux,dos,0 28079,platforms/windows/dos/28079.py,"jetAudio 8.0.16.2000 Plus VX - '.wav' Crash (PoC)",2013-09-04,ariarat,windows,dos,0 28080,platforms/windows/dos/28080.py,"GOMPlayer 2.2.53.5169 - '.wav' Crash (PoC)",2013-09-04,ariarat,windows,dos,0 @@ -3785,7 +3785,7 @@ id,file,description,date,author,platform,type,port 29860,platforms/windows/dos/29860.c,"ZoneAlarm 6.1.744.001/6.5.737.000 - Vsdatant.SYS Driver Local Denial of Service",2007-04-15,"Matousec Transparent security",windows,dos,0 29867,platforms/windows/dos/29867.xml,"NetSprint Ask IE Toolbar 1.1 - Multiple Denial of Service Vulnerabilities",2007-04-17,"Michal Bucko",windows,dos,0 29875,platforms/multiple/dos/29875.py,"AMSN 0.96 - Malformed Message Denial of Service",2007-04-21,"Levent Kayan",multiple,dos,0 -29896,platforms/windows/dos/29896.c,"Cdelia Software ImageProcessing - Malformed BMP File Denial of Service",2007-04-24,Dr.Ninux,windows,dos,0 +29896,platforms/windows/dos/29896.c,"Cdelia Software ImageProcessing - Malformed '.BMP' File Denial of Service",2007-04-24,Dr.Ninux,windows,dos,0 29900,platforms/multiple/dos/29900.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (1)",2007-03-21,"Barrie Dempster",multiple,dos,0 29901,platforms/multiple/dos/29901.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (2)",2007-03-21,"Barrie Dempster",multiple,dos,0 29916,platforms/linux/dos/29916.c,"Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service",2007-04-26,"Alexey Kuznetsov",linux,dos,0 @@ -3795,7 +3795,7 @@ id,file,description,date,author,platform,type,port 29934,platforms/windows/dos/29934.py,"ZIP Password Recovery Professional 5.1 - '.zip' Crash (PoC)",2013-11-30,KAI,windows,dos,0 29939,platforms/linux/dos/29939.txt,"X.Org X Window System Xserver 1.3 - XRender Extension Divide by Zero Denial of Service",2007-05-01,"Derek Abdine",linux,dos,0 29940,platforms/windows/dos/29940.html,"Mozilla Firefox 2.0.0.3 - Href Denial of Service",2007-05-01,"Carl Hardwick",windows,dos,0 -29942,platforms/windows/dos/29942.c,"Atomix MP3 Malformed MP3 - File Buffer Overflow",2007-05-02,preth00nker,windows,dos,0 +29942,platforms/windows/dos/29942.c,"Atomix MP3 - Malformed '.MP3' File Buffer Overflow",2007-05-02,preth00nker,windows,dos,0 29943,platforms/windows/dos/29943.c,"Progress WebSpeed 3.0/3.1 - Denial of Service",2007-05-02,"Eelko Neven",windows,dos,0 29949,platforms/windows/dos/29949.c,"Multiple Vendors - Zoo Compression Algorithm Remote Denial of Service",2007-05-04,Jean-Sébastien,windows,dos,0 30080,platforms/linux/dos/30080.c,"Linux Kernel 2.6.x - VFat Compat IOCTLS Local Denial of Service",2007-05-24,"Bart Oldeman",linux,dos,0 @@ -3852,7 +3852,7 @@ id,file,description,date,author,platform,type,port 32705,platforms/windows/dos/32705.py,"EagleGet 1.1.8.1 - Denial of Service",2014-04-06,"Interference Security",windows,dos,0 30580,platforms/linux/dos/30580.txt,"KMPlayer 2.9.3.1214 - Multiple Remote Denial of Service Vulnerabilities",2007-09-12,"Code Audit Labs",linux,dos,0 30584,platforms/linux/dos/30584.py,"Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass",2007-09-14,"Luca Carettoni",linux,dos,0 -30590,platforms/windows/dos/30590.txt,"WinImage 8.0/8.10 - Malformed .IMG File BPB_BytsPerSec Field Denial of Service",2007-09-17,j00ru//vx,windows,dos,0 +30590,platforms/windows/dos/30590.txt,"WinImage 8.0/8.10 - Malformed '.IMG' File BPB_BytsPerSec Field Denial of Service",2007-09-17,j00ru//vx,windows,dos,0 30592,platforms/multiple/dos/30592.py,"Python 2.2 ImageOP Module - Multiple Integer Overflow Vulnerabilities",2007-09-17,"Slythers Bro",multiple,dos,0 30593,platforms/windows/dos/30593.txt,"Microsoft MFC Library - CFileFind::FindFile Buffer Overflow",2007-09-14,"Jonathan Sarba",windows,dos,0 30619,platforms/windows/dos/30619.txt,"Microsoft Windows Explorer - '.png' Image Local Denial of Service",2007-07-26,"Xavier Roche",windows,dos,0 @@ -3912,7 +3912,7 @@ id,file,description,date,author,platform,type,port 31014,platforms/windows/dos/31014.py,"haneWIN DNS Server 1.5.3 - Denial of Service",2014-01-17,sajith,windows,dos,53 31018,platforms/linux/dos/31018.txt,"GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities",2008-01-11,"Sam Hocevar",linux,dos,0 31021,platforms/osx/dos/31021.html,"Apple Safari 2.0.4 - KHTML WebKit Remote Denial of Service",2008-01-12,"David Barroso",osx,dos,0 -31054,platforms/linux/dos/31054.txt,"SDL_image 1.2.6 - Invalid GIF File LWZ Minimum Code Size Remote Buffer Overflow",2008-01-23,"Gynvael Coldwind",linux,dos,0 +31054,platforms/linux/dos/31054.txt,"SDL_image 1.2.6 - Invalid '.GIF' File LWZ Minimum Code Size Remote Buffer Overflow",2008-01-23,"Gynvael Coldwind",linux,dos,0 31057,platforms/ios/dos/31057.html,"Apple iOS Mobile Safari - Memory Exhaustion Remote Denial of Service",2008-01-24,fuzion,ios,dos,0 31100,platforms/multiple/dos/31100.txt,"Anon Proxy Server 0.100/0.102 - Remote Authentication Buffer Overflow",2008-02-04,L4teral,multiple,dos,0 31102,platforms/hardware/dos/31102.c,"MikroTik RouterOS 3.0 - SNMP SET Denial of Service",2008-02-04,ShadOS,hardware,dos,0 @@ -3971,7 +3971,7 @@ id,file,description,date,author,platform,type,port 31478,platforms/hardware/dos/31478.txt,"Linksys SPA-2102 Phone Adapter Packet Handling - Denial of Service",2008-03-24,sipherr,hardware,dos,0 31522,platforms/windows/dos/31522.py,"OneHTTPD 0.8 - Crash (PoC)",2014-02-08,"Mahmod Mahajna (Mahy)",windows,dos,80 31542,platforms/multiple/dos/31542.txt,"IBM solidDB 6.0.10 - Format String / Denial of Service",2008-03-26,"Luigi Auriemma",multiple,dos,0 -31984,platforms/linux/dos/31984.txt,"Mozilla Firefox 3.0 - Malformed JPEG File Denial of Service",2008-06-27,"Beenu Arora",linux,dos,0 +31984,platforms/linux/dos/31984.txt,"Mozilla Firefox 3.0 - Malformed '.JPEG' File Denial of Service",2008-06-27,"Beenu Arora",linux,dos,0 31550,platforms/bsd/dos/31550.c,"Multiple BSD Platforms - 'strfmon()' Function Integer Overflow",2008-03-27,"Maksymilian Arciemowicz",bsd,dos,0 31552,platforms/linux/dos/31552.txt,"Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service",2008-03-28,"Peter Makrai",linux,dos,0 31553,platforms/linux/dos/31553.txt,"Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service",2008-03-28,"Peter Makrai",linux,dos,0 @@ -4026,7 +4026,7 @@ id,file,description,date,author,platform,type,port 31964,platforms/windows/dos/31964.txt,"5th street - 'dx8render.dll' Format String",2008-06-25,superkhung,windows,dos,0 31965,platforms/linux/dos/31965.c,"Linux Kernel 2.6.9 < 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1)",2008-06-25,"Alexei Dobryanov",linux,dos,0 31966,platforms/linux/dos/31966.c,"Linux Kernel 2.6.9 < 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2)",2008-06-25,"Alexei Dobryanov",linux,dos,0 -31968,platforms/linux/dos/31968.txt,"GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial of Service",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0 +31968,platforms/linux/dos/31968.txt,"GNOME Rhythmbox 0.11.5 - Malformed '.Playlist' File Denial of Service",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0 32095,platforms/linux/dos/32095.pl,"Asterisk 1.6 IAX - 'POKE' Requests Remote Denial of Service",2008-07-21,"Blake Cornell",linux,dos,0 31979,platforms/linux/dos/31979.html,"GNOME Evolution 2.22.2 - 'html_engine_get_view_width()' Denial of Service",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0 31998,platforms/multiple/dos/31998.txt,"S.T.A.L.K.E.R Shadow of Chernobyl 1.0006 - Multiple Remote Vulnerabilities",2008-06-28,"Luigi Auriemma",multiple,dos,0 @@ -4116,7 +4116,7 @@ id,file,description,date,author,platform,type,port 32712,platforms/multiple/dos/32712.txt,"IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial of Service",2009-01-08,Erik,multiple,dos,0 32715,platforms/php/dos/32715.php,"PHP 5.2.8 - 'popen()' Function Buffer Overflow",2009-01-12,e.wiZz!,php,dos,0 32726,platforms/linux/dos/32726.txt,"Ganglia gmetad 3.0.6 - 'process_path()' Remote Stack Buffer Overflow",2009-01-15,"Spike Spiegel",linux,dos,0 -32740,platforms/linux/dos/32740.txt,"QNX RTOS 6.4 - Malformed ELF Binary File Local Denial of Service",2009-01-19,kokanin,linux,dos,0 +32740,platforms/linux/dos/32740.txt,"QNX RTOS 6.4 - Malformed '.ELF' Binary File Local Denial of Service",2009-01-19,kokanin,linux,dos,0 32749,platforms/linux/dos/32749.txt,"Pidgin 2.4.2 - 'msn_slplink_process_msg()' Denial of Service",2009-01-26,"Juan Pablo Lopez Yacubian",linux,dos,0 32754,platforms/osx/dos/32754.c,"Apple Mac OSX 10.9 - Hard Link Memory Corruption",2014-04-08,"Maksymilian Arciemowicz",osx,dos,0 32755,platforms/windows/dos/32755.c,"WFTPD Pro 3.30 - Multiple Command Remote Denial of Service Vulnerabilities",2009-01-26,LiquidWorm,windows,dos,0 @@ -4136,7 +4136,7 @@ id,file,description,date,author,platform,type,port 32857,platforms/linux/dos/32857.txt,"MPlayer - '.OGM' File Handling Denial of Service",2008-10-07,"Hanno Bock",linux,dos,0 32860,platforms/java/dos/32860.txt,"Sun Java System Calendar Server 6.3 - Duplicate URI Request Denial of Service",2009-03-31,"SCS team",java,dos,0 32865,platforms/multiple/dos/32865.py,"WhatsApp < 2.11.7 - Remote Crash",2014-04-14,"Jaime Sánchez",multiple,dos,0 -32881,platforms/windows/dos/32881.py,"QtWeb Browser 2.0 - Malformed HTML File Remote Denial of Service",2009-04-01,LiquidWorm,windows,dos,0 +32881,platforms/windows/dos/32881.py,"QtWeb Browser 2.0 - Malformed '.HTML' File Remote Denial of Service",2009-04-01,LiquidWorm,windows,dos,0 32899,platforms/windows/dos/32899.py,"Jzip - SEH Unicode Buffer Overflow (Denial of Service)",2014-04-16,"motaz reda",windows,dos,0 32902,platforms/windows/dos/32902.py,"Microsoft Internet Explorer 8 - File Download Denial of Service",2009-04-11,"Nam Nguyen",windows,dos,0 32926,platforms/linux/dos/32926.c,"Linux group_info refcounter - Overflow Memory Corruption",2014-04-18,"Thomas Pollet",linux,dos,0 @@ -4153,7 +4153,7 @@ id,file,description,date,author,platform,type,port 33017,platforms/linux/dos/33017.txt,"Adobe Acrobat 9.1.3 - Stack Exhaustion Denial of Service",2009-05-29,"Saint Patrick",linux,dos,0 33018,platforms/windows/dos/33018.txt,"cFos Personal Net 3.09 - Remote Heap Memory Corruption (Denial of Service)",2014-04-25,LiquidWorm,windows,dos,0 33020,platforms/linux/dos/33020.py,"CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial of Service",2009-06-02,"Anibal Sacco",linux,dos,0 -33031,platforms/linux/dos/33031.html,"Mozilla Firefox 3.0.x - Large GIF File Background Denial of Service",2009-05-10,"Ahmad Muammar",linux,dos,0 +33031,platforms/linux/dos/33031.html,"Mozilla Firefox 3.0.x - Large '.GIF' File Background Denial of Service",2009-05-10,"Ahmad Muammar",linux,dos,0 33036,platforms/linux/dos/33036.txt,"Git 1.6.3 - Parameter Processing Remote Denial of Service",2009-05-05,"Shawn O. Pearce",linux,dos,0 33037,platforms/multiple/dos/33037.html,"Apple QuickTime 7.4.1 - Null Pointer Dereference Denial of Service",2009-05-14,"Thierry Zoller",multiple,dos,0 33040,platforms/linux/dos/33040.txt,"GUPnP 0.12.7 - Message Handling Denial of Service",2009-05-03,"Zeeshan Ali",linux,dos,0 @@ -4254,7 +4254,7 @@ id,file,description,date,author,platform,type,port 33713,platforms/windows/dos/33713.py,"Core FTP LE 2.2 - Heap Overflow (PoC)",2014-06-11,"Gabor Seljan",windows,dos,0 33677,platforms/php/dos/33677.txt,"PHP 5.3.1 - LCG Entropy Security",2010-02-26,Rasmus,php,dos,0 33672,platforms/linux/dos/33672.txt,"Kojoney 0.0.4.1 - 'urllib.urlopen()' Remote Denial of Service",2010-02-24,Nicob,linux,dos,0 -33707,platforms/windows/dos/33707.txt,"Orb Networks 2.54.18 - Orb Direct Show Filter MP3 File Divide-by-Zero Denial of Service",2010-03-04,"Matthew Bergin",windows,dos,0 +33707,platforms/windows/dos/33707.txt,"Orb Networks 2.54.18 - Orb Direct Show Filter '.MP3' File Divide-by-Zero Denial of Service",2010-03-04,"Matthew Bergin",windows,dos,0 33708,platforms/bsd/dos/33708.c,"FreeBSD 8.0 / OpenBSD 4.x - 'ftpd' Null Pointer Dereference Denial of Service",2010-03-05,kingcope,bsd,dos,0 33838,platforms/windows/dos/33838.py,"Mocha W32 LPD 1.9 - Remote Buffer Overflow",2010-04-15,mr_me,windows,dos,0 33711,platforms/windows/dos/33711.txt,"BS.Player 2.51 - '.mp3' Buffer Overflow",2010-03-05,"Gjoko Krstic",windows,dos,0 @@ -5008,7 +5008,7 @@ id,file,description,date,author,platform,type,port 39466,platforms/multiple/dos/39466.txt,"Adobe Flash - H264 File Stack Corruption",2016-02-17,"Google Security Research",multiple,dos,0 39467,platforms/multiple/dos/39467.txt,"Adobe Flash - BitmapData.drawWithQuality Heap Overflow",2016-02-17,"Google Security Research",multiple,dos,0 39470,platforms/windows/dos/39470.py,"XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service",2016-02-19,"Pawan Lal",windows,dos,0 -39471,platforms/windows/dos/39471.txt,"STIMS Buffer 1.1.20 - Buffer Overflow SEH (Denial of Service)",2016-02-19,"Shantanu Khandelwal",windows,dos,0 +39471,platforms/windows/dos/39471.txt,"STIMS Buffer 1.1.20 - Buffer Overflow (SEH) (Denial of Service)",2016-02-19,"Shantanu Khandelwal",windows,dos,0 39472,platforms/windows/dos/39472.txt,"STIMS Cutter 1.1.3.20 - Buffer Overflow Denial of Service",2016-02-19,"Shantanu Khandelwal",windows,dos,0 39475,platforms/windows/dos/39475.py,"QuickHeal 16.00 - 'webssx.sys' Driver Denial of Service",2016-02-19,"Fitzl Csaba",windows,dos,0 39476,platforms/multiple/dos/39476.txt,"Adobe Flash - SimpleButton Creation Type Confusion",2016-02-19,"Google Security Research",multiple,dos,0 @@ -5127,7 +5127,7 @@ id,file,description,date,author,platform,type,port 39825,platforms/multiple/dos/39825.txt,"Adobe Flash - Out-of-Bounds Read when Placing Object",2016-05-17,"Google Security Research",multiple,dos,0 39826,platforms/multiple/dos/39826.txt,"Adobe Flash - Overflow in Processing Raw 565 Textures",2016-05-17,"Google Security Research",multiple,dos,0 39827,platforms/multiple/dos/39827.txt,"Adobe Flash - Heap Overflow in ATF Processing (Image Reading)",2016-05-17,"Google Security Research",multiple,dos,0 -39828,platforms/multiple/dos/39828.txt,"Adobe Flash - .MP4 File Stack Corruption",2016-05-17,"Google Security Research",multiple,dos,0 +39828,platforms/multiple/dos/39828.txt,"Adobe Flash - '.MP4' File Stack Corruption",2016-05-17,"Google Security Research",multiple,dos,0 39829,platforms/multiple/dos/39829.txt,"Adobe Flash - Type Confusion in FileReference Constructor",2016-05-17,"Google Security Research",multiple,dos,0 39830,platforms/multiple/dos/39830.txt,"Adobe Flash - addProperty Use-After-Free",2016-05-17,"Google Security Research",multiple,dos,0 39831,platforms/multiple/dos/39831.txt,"Adobe Flash - SetNative Use-After-Free",2016-05-17,"Google Security Research",multiple,dos,0 @@ -5591,7 +5591,7 @@ id,file,description,date,author,platform,type,port 669,platforms/linux/local/669.c,"Aspell (word-list-compress) - Command Line Stack Overflow",2004-12-01,c0d3r,linux,local,0 680,platforms/osx/local/680.txt,"Apple Mac OSX Adobe Version Cue - Privilege Escalation (Bash)",2004-12-08,"Jonathan Bringhurst",osx,local,0 684,platforms/linux/local/684.c,"TipxD 1.1.1 - Local Format String (not setuid)",2004-12-14,CoKi,linux,local,0 -694,platforms/windows/local/694.c,"WinRAR 3.4.1 - Corrupt ZIP File (PoC)",2004-12-16,"Vafa Khoshaein",windows,local,0 +694,platforms/windows/local/694.c,"WinRAR 3.4.1 - Corrupt '.ZIP' File (PoC)",2004-12-16,"Vafa Khoshaein",windows,local,0 695,platforms/linux/local/695.c,"Cscope 15.5 - Symlink Exploit",2004-12-17,Gangstuck,linux,local,0 698,platforms/ultrix/local/698.c,"Ultrix 4.5/MIPS - dxterm 0 Local Buffer Overflow",2004-12-20,"Kristoffer BrÃ¥nemyr",ultrix,local,0 699,platforms/aix/local/699.c,"AIX 5.1 < 5.3 - paginit Local Stack Overflow",2004-12-20,cees-bart,aix,local,0 @@ -6042,7 +6042,7 @@ id,file,description,date,author,platform,type,port 7313,platforms/linux/local/7313.sh,"Debian - (symlink attack in login) Arbitrary File Ownership (PoC)",2008-12-01,"Paul Szabo",linux,local,0 7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - '.rdp' Buffer Overflow",2008-12-03,Encrypt3d.M!nd,windows,local,0 7334,platforms/windows/local/7334.pl,"RadASM 2.2.1.5 - '.rap' WindowCallProcA Pointer Hijack Exploit",2008-12-03,DATA_SNIPER,windows,local,0 -7347,platforms/windows/local/7347.pl,"PEiD 0.92 - Malformed PE File Universal Buffer Overflow",2008-12-05,SkD,windows,local,0 +7347,platforms/windows/local/7347.pl,"PEiD 0.92 - Malformed '.PE' File Universal Buffer Overflow",2008-12-05,SkD,windows,local,0 7393,platforms/linux/local/7393.txt,"PHP - Safe_mode Bypass via proc_open() and custom Environment",2008-12-09,gat3way,linux,local,0 7492,platforms/windows/local/7492.py,"Realtek Sound Manager (rtlrack.exe 1.15.0.0) - Playlist Buffer Overflow",2008-12-16,shinnai,windows,local,0 7501,platforms/windows/local/7501.asp,"Microsoft SQL Server - sp_replwritetovarbin() Heap Overflow",2008-12-17,"Guido Landi",windows,local,0 @@ -6310,7 +6310,7 @@ id,file,description,date,author,platform,type,port 9580,platforms/windows/local/9580.pl,"Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer Exploit (SEH) (2)",2009-09-03,hack4love,windows,local,0 9581,platforms/windows/local/9581.pl,"SAP Player 0.9 - '.m3u' Universal Local Buffer Overflow (SEH)",2009-09-03,PLATEN,windows,local,0 9589,platforms/windows/local/9589.pl,"OtsTurntables 1.00.027 - '.m3u' / '.ofl' Local Universal Buffer Overflow (SEH)",2009-09-04,hack4love,windows,local,0 -9595,platforms/linux/local/9595.c,"HTMLDOC 1.8.27 - (html File Handling) Stack Buffer Overflow",2009-09-09,"Pankaj Kohli",linux,local,0 +9595,platforms/linux/local/9595.c,"HTMLDOC 1.8.27 - '.html' File Handling Stack Buffer Overflow",2009-09-09,"Pankaj Kohli",linux,local,0 9598,platforms/linux/local/9598.txt,"Linux Kernel 2.4 / 2.6 (Fedora 11) - 'sock_sendpage()' Privilege Escalation (2)",2009-09-09,"Ramon Valle",linux,local,0 9608,platforms/linux/local/9608.c,"GemStone/S 6.3.1 - (stoned) Local Buffer Overflow",2009-09-09,"Jeremy Brown",linux,local,0 9610,platforms/windows/local/9610.py,"Audio Lib Player - '.m3u' Buffer Overflow (SEH)",2009-09-09,blake,windows,local,0 @@ -6350,7 +6350,7 @@ id,file,description,date,author,platform,type,port 14273,platforms/linux/local/14273.sh,"Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (1)",2010-07-08,"Kristian Erik Hermansen",linux,local,0 9988,platforms/windows/local/9988.txt,"Adobe Photoshop Elements - Active File Monitor Service Privilege Escalation",2009-10-29,bellick,windows,local,0 9990,platforms/multiple/local/9990.txt,"Adobe Reader and Acrobat - '.U3D' File Invalid Array Index Remote",2009-11-09,"Felipe Andres Manzano",multiple,local,0 -9991,platforms/windows/local/9991.txt,"Alleycode 2.21 - SEH Overflow (PoC)",2009-10-05,"Rafael Sousa",windows,local,0 +9991,platforms/windows/local/9991.txt,"Alleycode 2.21 - Overflow (SEH) (PoC)",2009-10-05,"Rafael Sousa",windows,local,0 10009,platforms/windows/local/10009.txt,"Free Download Manager - Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)",2009-11-11,"Carsten Eiram",windows,local,0 10010,platforms/windows/local/10010.txt,"Free WMA MP3 Converter 1.1 - '.wav' Local Buffer Overflow",2009-10-09,KriPpLer,windows,local,0 10018,platforms/linux/local/10018.sh,"Linux Kernel 2.6.32 - 'pipe.c' Privilege Escalation (4)",2009-11-12,"Earl Chew",linux,local,0 @@ -6407,7 +6407,7 @@ id,file,description,date,author,platform,type,port 10484,platforms/windows/local/10484.txt,"Kaspersky Lab - Multiple Products Privilege Escalation",2009-12-16,"Maxim A. Kulakov",windows,local,0 10487,platforms/linux/local/10487.txt,"VideoCache 1.9.2 - 'vccleaner' Privilege Escalation",2009-12-16,"Dominick LaTrappe",linux,local,0 10544,platforms/multiple/local/10544.html,"Mozilla Firefox - Location Bar Spoofing",2009-12-18,"Jordi Chancel",multiple,local,0 -10556,platforms/windows/local/10556.c,"PlayMeNow 7.3 / 7.4 - Malformed M3U Playlist File Buffer",2009-12-19,Gr33nG0bL1n,windows,local,0 +10556,platforms/windows/local/10556.c,"PlayMeNow 7.3 / 7.4 - Malformed '.M3U' Playlist File Buffer",2009-12-19,Gr33nG0bL1n,windows,local,0 10557,platforms/php/local/10557.php,"PHP 5.2.12/5.3.1 - symlink() open_basedir Bypass",2009-12-19,"Maksymilian Arciemowicz",php,local,0 10563,platforms/windows/local/10563.py,"PlayMeNow - Malformed M3U Playlist Buffer Overflow (Windows XP Universal)",2009-12-19,loneferret,windows,local,0 10577,platforms/windows/local/10577.pl,"PlayMeNow - Malformed M3U Playlist Buffer Overflow (SEH)",2009-12-21,"ThE g0bL!N",windows,local,0 @@ -6438,13 +6438,13 @@ id,file,description,date,author,platform,type,port 11029,platforms/multiple/local/11029.txt,"DirectAdmin 1.33.6 - Symlink Security Bypass",2010-01-06,alnjm33,multiple,local,0 11046,platforms/windows/local/11046.py,"Quick Player 1.2 - Unicode Buffer Overflow (Bindshell)",2010-01-06,sinn3r,windows,local,0 11079,platforms/windows/local/11079.rb,"Audiotran 1.4.1 (Windows XP SP2/SP3 English) - Buffer Overflow",2010-01-10,"Sébastien Duquette",windows,local,0 -11093,platforms/windows/local/11093.rb,"Soritong 1.0 - Universal Buffer Overflow SEH (Metasploit)",2010-01-10,fb1h2s,windows,local,0 +11093,platforms/windows/local/11093.rb,"Soritong 1.0 - Universal Buffer Overflow (SEH) (Metasploit)",2010-01-10,fb1h2s,windows,local,0 11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 - '.pls' Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 11112,platforms/win_x86/local/11112.c,"HTMLDOC 1.9.x-r1629 (Windows x86) - Local .html Buffer Overflow",2010-01-11,"fl0 fl0w",win_x86,local,0 11139,platforms/windows/local/11139.c,"Winamp 5.05 < 5.13 - '.ini' Local Stack Buffer Overflow (PoC)",2010-01-14,"fl0 fl0w",windows,local,0 11146,platforms/windows/local/11146.py,"BS.Player 2.51 - Overwrite (SEH)",2010-01-15,"Mert SARICA",windows,local,0 11152,platforms/windows/local/11152.py,"Google SketchUp 7.1.6087 - 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0 -11154,platforms/windows/local/11154.py,"BS.Player 2.51 - Universal SEH Overflow",2010-01-16,Dz_attacker,windows,local,0 +11154,platforms/windows/local/11154.py,"BS.Player 2.51 - Universal Overflow (SEH)",2010-01-16,Dz_attacker,windows,local,0 11161,platforms/windows/local/11161.pl,"Rosoft Media Player 4.4.4 - Buffer Overflow (SEH) (1)",2010-01-16,Red-D3v1L,windows,local,0 11171,platforms/windows/local/11171.pl,"Audiotran 1.4.1 - Direct RET Buffer Overflow",2010-01-17,jacky,windows,local,0 11174,platforms/windows/local/11174.c,"VideoLAN VLC Media Player 0.8.6 a/b/c/d - '.ass' Buffer Overflow (Win32 Universal)",2010-01-17,"fl0 fl0w",windows,local,0 @@ -6597,7 +6597,7 @@ id,file,description,date,author,platform,type,port 14566,platforms/windows/local/14566.c,"Microsoft Windows - 'win32k.sys' Driver 'CreateDIBPalette()' Buffer Overflow",2010-08-06,Arkon,windows,local,0 14576,platforms/windows/local/14576.c,"Mini-stream Ripper 3.1.2.1 - Buffer Overflow (DEP Bypass)",2010-08-07,"fl0 fl0w",windows,local,0 14581,platforms/windows/local/14581.py,"myMP3-Player 3.0 - Buffer Overflow",2010-08-08,"Oh Yaw Theng",windows,local,0 -14591,platforms/windows/local/14591.py,"Fat Player 0.6b - WAV File Processing Buffer Overflow (SEH)",2010-08-09,"Praveen Darshanam",windows,local,0 +14591,platforms/windows/local/14591.py,"Fat Player 0.6b - '.WAV' File Processing Buffer Overflow (SEH)",2010-08-09,"Praveen Darshanam",windows,local,0 14610,platforms/windows/local/14610.txt,"Microsoft Windows - Tracing Registry Key ACL Privilege Escalation",2010-08-10,"Cesar Cerrudo",windows,local,0 14612,platforms/windows/local/14612.py,"Mediacoder 0.7.5.4710 - Buffer Overflow",2010-08-11,anonymous,windows,local,0 14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - 'Universal' Buffer Overflow (SEH)",2010-08-12,Dr_IDE,windows,local,0 @@ -6671,7 +6671,7 @@ id,file,description,date,author,platform,type,port 14944,platforms/windows/local/14944.py,"Microsoft Visio 2002 - '.DXF' File Stack based Overflow",2010-09-08,Abysssec,windows,local,0 14966,platforms/windows/local/14966.py,"Excel RTD - Memory Corruption",2010-09-10,Abysssec,windows,local,0 14959,platforms/windows/local/14959.py,"Acoustica MP3 Audio Mixer 2.471 - Extended M3U directives SEH Exploit",2010-09-09,"Carlos Mario Penagos Hollmann",windows,local,0 -14961,platforms/win_x86/local/14961.py,"Audiotran 1.4.2.4 - SEH Overflow",2010-09-09,"Abhishek Lyall",win_x86,local,0 +14961,platforms/win_x86/local/14961.py,"Audiotran 1.4.2.4 - Overflow (SEH)",2010-09-09,"Abhishek Lyall",win_x86,local,0 14982,platforms/windows/local/14982.py,"Adobe Acrobat and Reader - 'pushstring' Memory Corruption",2010-09-12,Abysssec,windows,local,0 15013,platforms/windows/local/15013.pl,"MP3 Workstation 9.2.1.1.2 - SEH Exploit",2010-09-15,"sanjeev gupta",windows,local,0 15022,platforms/windows/local/15022.py,"Honestech VHS to DVD 3.0.30 Deluxe - Local Buffer Overflow (SEH)",2010-09-16,"Brennon Thomas",windows,local,0 @@ -6680,14 +6680,14 @@ id,file,description,date,author,platform,type,port 15026,platforms/windows/local/15026.py,"BACnet OPC Client - Buffer Overflow (1)",2010-09-16,"Jeremy Brown",windows,local,0 15031,platforms/windows/local/15031.py,"DJ Studio Pro 8.1.3.2.1 - SEH Exploit",2010-09-17,"Abhishek Lyall",windows,local,0 15033,platforms/windows/local/15033.py,"A-PDF All to MP3 Converter 1.1.0 - Universal Local SEH Exploit",2010-09-17,modpr0be,windows,local,0 -15047,platforms/windows/local/15047.rb,"Audiotran 1.4.2.4 - SEH Overflow (DEP Bypass)",2010-09-19,"Muhamad Fadzil Ramli",windows,local,0 +15047,platforms/windows/local/15047.rb,"Audiotran 1.4.2.4 - Overflow (SEH) (DEP Bypass)",2010-09-19,"Muhamad Fadzil Ramli",windows,local,0 15099,platforms/windows/local/15099.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH)",2010-09-24,"James Fitts",windows,local,0 15069,platforms/windows/local/15069.py,"Acoustica Audio Converter Pro 1.1 (build 25) - Heap Overflow (.mp3 / .wav / .ogg / .wma) (PoC)",2010-09-21,"Carlos Mario Penagos Hollmann",windows,local,0 15074,platforms/linux/local/15074.sh,"mountall 2.15.2 (Ubuntu 10.04/10.10) - Privilege Escalation",2010-09-21,fuzz,linux,local,0 15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - SEH Exploit (Metasploit)",2010-09-22,Madjix,windows,local,0 15094,platforms/windows/local/15094.py,"Microsoft Excel - OBJ Record Stack Overflow",2010-09-24,Abysssec,windows,local,0 -15133,platforms/windows/local/15133.pl,"iworkstation 9.3.2.1.4 - seh Exploit",2010-09-27,"sanjeev gupta",windows,local,0 -15134,platforms/windows/local/15134.rb,"Digital Music Pad 8.2.3.3.4 - SEH Overflow (Metasploit)",2010-09-27,"Abhishek Lyall",windows,local,0 +15133,platforms/windows/local/15133.pl,"iworkstation 9.3.2.1.4 - SEH Exploit",2010-09-27,"sanjeev gupta",windows,local,0 +15134,platforms/windows/local/15134.rb,"Digital Music Pad 8.2.3.3.4 - Overflow (SEH) (Metasploit)",2010-09-27,"Abhishek Lyall",windows,local,0 15150,platforms/linux/local/15150.c,"Linux Kernel < 2.6.36-rc6 (RedHat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC)",2010-09-29,"Jon Oberheide",linux,local,0 15155,platforms/linux/local/15155.c,"XFS - Deleted Inode Local Information Disclosure",2010-09-29,"Red Hat",linux,local,0 15156,platforms/windows/local/15156.py,"Quick Player 1.3 - Unicode SEH Exploit",2010-09-29,"Abhishek Lyall",windows,local,0 @@ -6747,7 +6747,7 @@ id,file,description,date,author,platform,type,port 15774,platforms/linux/local/15774.c,"Linux Kernel < 2.6.37-rc2 - 'ACPI custom_method' Privilege Escalation",2010-12-18,"Jon Oberheide",linux,local,0 15782,platforms/windows/local/15782.pl,"Word Splash Pro 9.5 - Buffer Overflow",2010-12-20,h1ch4m,windows,local,0 15785,platforms/windows/local/15785.py,"MP3 CD Converter Professional - Buffer Overflow (SEH)",2010-12-20,"C4SS!0 G0M3S",windows,local,0 -15855,platforms/windows/local/15855.py,"Digital Music Pad 8.2.3.4.8 - '.pls' SEH Overflow",2010-12-29,"Abhishek Lyall",windows,local,0 +15855,platforms/windows/local/15855.py,"Digital Music Pad 8.2.3.4.8 - '.pls' Overflow (SEH)",2010-12-29,"Abhishek Lyall",windows,local,0 15895,platforms/windows/local/15895.py,"CoolPlayer 2.18 - DEP Bypass",2011-01-02,blake,windows,local,0 15888,platforms/windows/local/15888.c,"Bywifi 2.8.1 - Stack Buffer Overflow",2011-01-01,anonymous,windows,local,0 15901,platforms/windows/local/15901.py,"Music Animation Machine MIDI Player - Buffer Overflow (SEH)",2011-01-04,Acidgen,windows,local,0 @@ -6871,7 +6871,7 @@ id,file,description,date,author,platform,type,port 16999,platforms/windows/local/16999.rb,"POP Peeper 3.7 - SEH Exploit",2011-03-18,"Anastasios Monachos",windows,local,0 17001,platforms/windows/local/17001.pl,"CORE MultiMedia Suite 2011 CORE Player 2.4 - '.m3u' Buffer Overflow",2011-03-18,Rh0,windows,local,0 17012,platforms/windows/local/17012.py,"Mediacoder 2011 RC3 - '.m3u' Buffer Overflow",2011-03-20,"Oh Yaw Theng",windows,local,0 -17013,platforms/windows/local/17013.pl,"MPlayer Lite r33064 - m3u SEH Overflow",2011-03-20,"C4SS!0 and h1ch4m",windows,local,0 +17013,platforms/windows/local/17013.pl,"MPlayer Lite r33064 - '.m3u' SEH Overflow",2011-03-20,"C4SS!0 and h1ch4m",windows,local,0 17064,platforms/windows/local/17064.py,"IDEAL Administration 2011 11.4 - Local Buffer Overflow (SEH)",2011-03-29,Dr_IDE,windows,local,0 17083,platforms/linux/local/17083.pl,"HT Editor 2.0.18 - File Opening Stack Overflow",2011-03-30,ZadYree,linux,local,0 17086,platforms/windows/local/17086.pl,"Word List Builder - Buffer Overflow (SEH)",2011-04-01,h1ch4m,windows,local,0 @@ -6923,7 +6923,7 @@ id,file,description,date,author,platform,type,port 17511,platforms/windows/local/17511.pl,"ZipGenius 6.3.2.3000 - '.zip' Buffer Overflow",2011-07-08,"C4SS!0 G0M3S",windows,local,0 40085,platforms/windows/local/40085.rb,"Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDAV Privilege Escalation (MS16-016) (Metasploit)",2016-07-11,Metasploit,windows,local,0 17561,platforms/windows/local/17561.c,"Kingsoft AntiVirus 2012 'KisKrnl.sys' 2011.7.8.913 - Local Kernel Mode Privilege Escalation",2011-07-22,MJ0011,windows,local,0 -17563,platforms/windows/local/17563.py,"Download Accelerator plus (DAP) 9.7 - M3U File Buffer Overflow (Unicode SEH)",2011-07-23,"C4SS!0 G0M3S",windows,local,0 +17563,platforms/windows/local/17563.py,"Download Accelerator Plus (DAP) 9.7 - '.M3U' File Buffer Overflow (Unicode SEH)",2011-07-23,"C4SS!0 G0M3S",windows,local,0 17565,platforms/windows/local/17565.pl,"MPlayer Lite r33064 - m3u Buffer Overflow (DEP Bypass)",2011-07-24,"C4SS!0 and h1ch4m",windows,local,0 17600,platforms/windows/local/17600.rb,"Zinf Audio Player 2.2.1 - '.pls' Buffer Overflow (DEP Bypass)",2011-08-03,"C4SS!0 and h1ch4m",windows,local,0 17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow (Metasploit)",2011-08-04,"James Fitts",windows,local,0 @@ -6986,7 +6986,7 @@ id,file,description,date,author,platform,type,port 18147,platforms/linux/local/18147.c,"bzexe (bzip2) - Race Condition",2011-11-23,vladz,linux,local,0 18174,platforms/windows/local/18174.py,"GOM Player 2.1.33.5071 - '.asx' File Unicode Stack Buffer Overflow",2011-11-30,"Debasish Mandal",windows,local,0 18176,platforms/windows/local/18176.py,"Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080)",2011-11-30,ryujin,windows,local,0 -18178,platforms/windows/local/18178.rb,"CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow SEH Exploit (Metasploit)",2011-11-30,Rh0,windows,local,0 +18178,platforms/windows/local/18178.rb,"CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow (SEH) (Metasploit)",2011-11-30,Rh0,windows,local,0 18184,platforms/windows/local/18184.rb,"Final Draft 8 - Multiple Stack Buffer Overflows (Metasploit)",2011-12-01,"Nick Freeman",windows,local,0 18186,platforms/windows/local/18186.rb,"StoryBoard Quick 6 - Stack Buffer Overflow (Metasploit)",2011-12-01,"Nick Freeman",windows,local,0 18195,platforms/windows/local/18195.rb,"CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow (Metasploit)",2011-12-03,Metasploit,windows,local,0 @@ -7640,7 +7640,7 @@ id,file,description,date,author,platform,type,port 21290,platforms/unix/local/21290.sh,"Tarantella Enterprise 3 - Symbolic Link",2002-02-19,"Larry W. Cashdollar",unix,local,0 21302,platforms/linux/local/21302.c,"Century Software Term For Linux 6.27.869 - Command Line Buffer Overflow",2002-02-25,"Haiku Hacker",linux,local,0 21318,platforms/windows/local/21318.pl,"Internet Download Manager - Stack Based Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 -21320,platforms/windows/local/21320.pl,"Internet Download Manager - SEH Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 +21320,platforms/windows/local/21320.pl,"Internet Download Manager - Buffer Overflow (SEH)",2012-09-14,Dark-Puzzle,windows,local,0 21323,platforms/linux/local/21323.c,"libdbus - 'DBUS_SYSTEM_BUS_ADDRESS' Privilege Escalation",2012-07-17,"Sebastian Krahmer",linux,local,0 21331,platforms/windows/local/21331.py,"NCMedia Sound Editor Pro 7.5.1 - MRUList201202.dat File Handling Buffer Overflow",2012-09-17,"Julien Ahrens",windows,local,0 21341,platforms/linux/local/21341.c,"Ecartis 1.0.0/0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (1)",2002-02-27,"the itch",linux,local,0 @@ -7747,8 +7747,8 @@ id,file,description,date,author,platform,type,port 21848,platforms/linux/local/21848.rb,"Linux Kernel UDEV < 1.4.1 - Netlink Privilege Escalation (Metasploit)",2012-10-10,Metasploit,linux,local,0 21856,platforms/multiple/local/21856.txt,"OpenVms 5.3/6.2/7.x - UCX POP Server Arbitrary File Modification",2002-09-25,"Mike Riley",multiple,local,0 21865,platforms/linux/local/21865.c,"Interbase 5/6 - GDS_Lock_MGR UMask File Permission Changing",2002-09-25,grazer,linux,local,0 -21871,platforms/linux/local/21871.c,"GV 2.x/3.x - Malformed PDF/PS File Buffer Overflow (1)",2002-09-26,zen-parse,linux,local,0 -21872,platforms/linux/local/21872.c,"GV 2.x/3.x - Malformed PDF/PS File Buffer Overflow (2)",2002-09-26,infamous42md,linux,local,0 +21871,platforms/linux/local/21871.c,"GV 2.x/3.x - Malformed '.PDF'/'.PS' File Buffer Overflow (1)",2002-09-26,zen-parse,linux,local,0 +21872,platforms/linux/local/21872.c,"GV 2.x/3.x - Malformed '.PDF'/'.PS' File Buffer Overflow (2)",2002-09-26,infamous42md,linux,local,0 21887,platforms/windows/local/21887.php,"PHP 5.3.4 Win Com Module - Com_sink Exploit",2012-10-11,fb1h2s,windows,local,0 21892,platforms/windows/local/21892.txt,"FileBound 6.2 - Privilege Escalation",2012-10-11,"Nathaniel Carew",windows,local,0 21904,platforms/aix/local/21904.pl,"IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow",2003-04-16,watercloud,aix,local,0 @@ -8039,7 +8039,7 @@ id,file,description,date,author,platform,type,port 25411,platforms/linux/local/25411.py,"No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow",2013-05-13,"Alberto Ortega",linux,local,0 25419,platforms/windows/local/25419.pl,"Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow (SEH)",2013-05-13,seaofglass,windows,local,0 25444,platforms/linux/local/25444.c,"Linux Kernel 2.6.32 < 3.x.x (CentOS) - 'PERF_EVENTS' Privilege Escalation (1)",2013-05-14,sd,linux,local,0 -25448,platforms/windows/local/25448.rb,"ERS Viewer 2011 - ERS File Handling Buffer Overflow (Metasploit)",2013-05-14,Metasploit,windows,local,0 +25448,platforms/windows/local/25448.rb,"ERS Viewer 2011 - '.ERS' File Handling Buffer Overflow (Metasploit)",2013-05-14,Metasploit,windows,local,0 25450,platforms/linux/local/25450.c,"Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation",2013-05-14,"Andrew Lutomirski",linux,local,0 25554,platforms/windows/local/25554.c,"Altiris Client 6.0.88 - Service Privilege Escalation",2005-04-27,"Reed Arvin",windows,local,0 40394,platforms/linux/local/40394.rb,"Docker Daemon - Privilege Escalation (Metasploit)",2016-09-19,Metasploit,linux,local,0 @@ -8095,7 +8095,7 @@ id,file,description,date,author,platform,type,port 28085,platforms/windows/local/28085.html,"KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)",2013-09-04,blake,windows,local,0 26579,platforms/windows/local/26579.rb,"ABBS Audio Media Player - '.LST' Buffer Overflow (Metasploit)",2013-07-03,Metasploit,windows,local,0 26703,platforms/windows/local/26703.py,"Adobe Reader X 10.1.4.38 - BMP/RLE Heap Corruption",2013-07-08,feliam,windows,local,0 -26708,platforms/windows/local/26708.rb,"ERS Viewer 2013 - ERS File Handling Buffer Overflow (Metasploit)",2013-07-09,Metasploit,windows,local,0 +26708,platforms/windows/local/26708.rb,"ERS Viewer 2013 - '.ERS' File Handling Buffer Overflow (Metasploit)",2013-07-09,Metasploit,windows,local,0 26709,platforms/lin_x86/local/26709.txt,"Solaris Recommended Patch Cluster 6/19 (x86) - Privilege Escalation",2013-07-09,"Larry W. Cashdollar",lin_x86,local,0 26752,platforms/windows/local/26752.s,"Multiple Vendor BIOS - Keyboard Buffer Password Persistence Weakness (1)",2005-12-06,Endrazine,windows,local,0 26753,platforms/unix/local/26753.c,"Multiple Vendor BIOS - Keyboard Buffer Password Persistence Weakness (2)",2005-12-06,Endrazine,unix,local,0 @@ -8178,7 +8178,7 @@ id,file,description,date,author,platform,type,port 29446,platforms/linux/local/29446.c,"Grsecurity Kernel PaX - Privilege Escalation",2006-12-18,anonymous,linux,local,0 29465,platforms/windows/local/29465.txt,"Outpost Firewall PRO 4.0 - Privilege Escalation",2007-01-15,"Matousec Transparent security",windows,local,0 29467,platforms/linux/local/29467.c,"Rixstep Undercover - Privilege Escalation",2007-01-15,"Rixstep Pwned",linux,local,0 -30032,platforms/windows/local/30032.rb,"Steinberg MyMp3PRO 5.0 - Buffer Overflow SEH Exploit (DEP Bypass with ROP)",2013-12-04,metacom,windows,local,0 +30032,platforms/windows/local/30032.rb,"Steinberg MyMp3PRO 5.0 - Buffer Overflow (SEH) (DEP Bypass with ROP)",2013-12-04,metacom,windows,local,0 30039,platforms/multiple/local/30039.txt,"Multiple Personal Firewall Products - Local Protection Mechanism Bypass",2007-05-15,"Matousec Transparent security",multiple,local,0 30017,platforms/unix/local/30017.sh,"HP Tru64 5.0.1 - DOP Command Privilege Escalation",2007-05-08,"Daniele Calore",unix,local,0 30021,platforms/solaris/local/30021.txt,"Sun Microsystems Solaris SRSEXEC 3.2.x - Arbitrary File Read Local Information Disclosure",2007-05-10,anonymous,solaris,local,0 @@ -8361,7 +8361,7 @@ id,file,description,date,author,platform,type,port 34314,platforms/solaris/local/34314.sh,"Oracle Solaris Management Console - WBEM Insecure Temporary File Creation",2010-07-13,"Frank Stuart",solaris,local,0 34333,platforms/windows/local/34333.rb,"Oracle VM VirtualBox Guest Additions 4.3.10r93012 - 'VBoxGuest.sys' Privilege Escalation (Metasploit)",2014-08-13,Metasploit,windows,local,0 34331,platforms/windows/local/34331.py,"BlazeDVD Pro 7.0 - '.plf' Stack Based Buffer Overflow (Direct RET)",2014-08-12,"Giovanni Bartolomucci",windows,local,0 -34421,platforms/linux/local/34421.c,"glibc - Off-by-One NUL Byte gconv_translit_find Exploit",2014-08-27,"taviso and scarybeasts",linux,local,0 +34421,platforms/linux/local/34421.c,"glibc - NUL Byte gconv_translit_find Off-by-One Exploit",2014-08-27,"taviso and scarybeasts",linux,local,0 34489,platforms/windows/local/34489.py,"HTML Help Workshop 1.4 - Local Buffer Overflow (SEH)",2014-08-31,mr.pr0n,windows,local,0 34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling Buffer Overflow (SEH)",2014-09-01,k3170makan,windows,local,0 34537,platforms/linux/local/34537.txt,"EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation Weaknesses",2010-08-26,"Micha Riser",linux,local,0 @@ -8384,7 +8384,7 @@ id,file,description,date,author,platform,type,port 35101,platforms/windows/local/35101.rb,"Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (MS14-058) (Metasploit)",2014-10-28,Metasploit,windows,local,0 35112,platforms/linux/local/35112.sh,"IBM Tivoli Monitoring 6.2.2 kbbacf1 - Privilege Escalation",2014-10-29,"Robert Jaroszuk",linux,local,0 35161,platforms/linux/local/35161.c,"Linux Kernel 2.6.39 < 3.2.2 (x86/x64) - 'Mempodipper.c' Privilege Escalation (2)",2012-01-12,zx2c4,linux,local,0 -35177,platforms/windows/local/35177.py,"i-FTP 2.20 - Buffer Overflow SEH Exploit",2014-11-06,metacom,windows,local,0 +35177,platforms/windows/local/35177.py,"i-FTP 2.20 - Buffer Overflow (SEH)",2014-11-06,metacom,windows,local,0 35189,platforms/windows/local/35189.c,"SafeGuard PrivateDisk 2.0/2.3 - 'privatediskm.sys' Multiple Local Security Bypass Vulnerabilities",2008-03-05,mu-b,windows,local,0 35216,platforms/windows/local/35216.py,"Microsoft Office 2007 / 2010 - OLE Arbitrary Command Execution",2014-11-12,"Abhishek Lyall",windows,local,0 35234,platforms/linux/local/35234.py,"OSSEC 2.8 - 'hosts.deny' Privilege Escalation",2014-11-14,skynet-13,linux,local,0 @@ -8479,7 +8479,7 @@ id,file,description,date,author,platform,type,port 36859,platforms/windows/local/36859.txt,"Foxit Reader PDF 7.1.3.320 - Parsing Memory Corruption",2015-04-29,"Francis Provencher",windows,local,0 36887,platforms/linux/local/36887.py,"GNOME NetworkManager 0.x - Local Arbitrary File Access",2012-02-29,Ludwig,linux,local,0 36909,platforms/windows/local/36909.rb,"RM Downloader 2.7.5.400 - Local Buffer Overflow (Metasploit)",2015-05-04,"TUNISIAN CYBER",windows,local,0 -36920,platforms/windows/local/36920.py,"Mediacoder 0.8.34.5716 - '.m3u' Buffer Overflow SEH Exploit",2015-05-06,evil_comrade,windows,local,0 +36920,platforms/windows/local/36920.py,"Mediacoder 0.8.34.5716 - '.m3u' Buffer Overflow (SEH)",2015-05-06,evil_comrade,windows,local,0 36966,platforms/linux/local/36966.txt,"LightDM 1.0.6 - Arbitrary File Deletion",2012-03-13,"Ryan Lortie",linux,local,0 36928,platforms/windows/local/36928.py,"Macro Toolworks 7.5 - Local Buffer Overflow",2012-03-08,"Julien Ahrens",windows,local,0 36980,platforms/windows/local/36980.py,"VideoCharge Express 3.16.3.04 - Buffer Overflow",2015-05-11,evil_comrade,windows,local,0 @@ -8526,7 +8526,7 @@ id,file,description,date,author,platform,type,port 37771,platforms/windows/local/37771.py,"Microsoft HTML Help Compiler 4.74.8702.0 - SEH Based Overflow",2015-08-15,St0rn,windows,local,0 37772,platforms/multiple/local/37772.js,"Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy Exploit",2015-08-15,"Tantaryu MING",multiple,local,0 37780,platforms/windows/local/37780.c,"ThinPrint - 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution",2012-09-04,"Moshe Zioni",windows,local,0 -37799,platforms/windows/local/37799.py,"MASM321 11 Quick Editor - '.qeditor' 4.0g - .qse SEH Based Buffer Overflow (ASLR & SAFESEH Bypass)",2015-08-17,St0rn,windows,local,0 +37799,platforms/windows/local/37799.py,"MASM321 11 Quick Editor - '.qeditor' 4.0g - '.qse' SEH Based Buffer Overflow (ASLR & SAFESEH Bypass)",2015-08-17,St0rn,windows,local,0 37813,platforms/windows/local/37813.rb,"VideoCharge Studio - Buffer Overflow (SEH) (Metasploit)",2015-08-18,Metasploit,windows,local,0 37937,platforms/linux/local/37937.c,"Linux Kernel 3.2.x - 'uname()' System Call Local Information Disclosure",2012-10-09,"Brad Spengler",linux,local,0 37890,platforms/windows/local/37890.py,"Multiple ChiefPDF Software 2.0 - Buffer Overflow",2015-08-20,metacom,windows,local,0 @@ -8552,7 +8552,7 @@ id,file,description,date,author,platform,type,port 38200,platforms/windows/local/38200.txt,"Microsoft Windows Task Scheduler - DeleteExpiredTaskAfter File Deletion Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 38201,platforms/windows/local/38201.txt,"Microsoft Windows - CreateObjectTask TileUserBroker Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 38202,platforms/windows/local/38202.txt,"Microsoft Windows - CreateObjectTask SettingsSyncDiagnostics Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 -38218,platforms/windows/local/38218.py,"IKEView.exe R60 - '.elg' Local SEH Exploit",2015-09-17,cor3sm4sh3r,windows,local,0 +38218,platforms/windows/local/38218.py,"IKEView.exe R60 - '.elg' Local Exploit (SEH)",2015-09-17,cor3sm4sh3r,windows,local,0 38219,platforms/windows/local/38219.py,"ZTE PC UI USB Modem Software - Buffer Overflow",2015-09-17,R-73eN,windows,local,0 38220,platforms/windows/local/38220.py,"IKEView R60 - Buffer Overflow Local Exploit (SEH)",2015-09-17,VIKRAMADITYA,windows,local,0 38222,platforms/win_x86-64/local/38222.rb,"Microsoft Windows - Font Driver Buffer Overflow (MS15-078) (Metasploit)",2015-09-17,Metasploit,win_x86-64,local,0 @@ -8586,7 +8586,7 @@ id,file,description,date,author,platform,type,port 38474,platforms/windows/local/38474.txt,"Microsoft Windows 10 - Sandboxed Mount Reparse Point Creation Mitigation Bypass (MS15-111)",2015-10-15,"Google Security Research",windows,local,0 38486,platforms/windows/local/38486.py,"Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow",2015-10-18,"yokoacc_ nudragn_ rungga_reksya",windows,local,0 38504,platforms/windows/local/38504.py,"HandyPassword 4.9.3 - Overwrite (SEH)",2015-10-21,Un_N0n,windows,local,0 -38532,platforms/windows/local/38532.py,"Alreader 2.5 .fb2 - SEH Based Stack Overflow (ASLR + DEP Bypass)",2015-10-25,g00dv1n,windows,local,0 +38532,platforms/windows/local/38532.py,"Alreader 2.5 .fb2 - Based Stack Overflow (SEH) (ASLR + DEP Bypass)",2015-10-25,g00dv1n,windows,local,0 38533,platforms/windows/local/38533.c,"Microsoft Windows 10 - pcap Driver Privilege Escalation",2015-10-26,Rootkitsmm,windows,local,0 38540,platforms/osx/local/38540.rb,"Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,Metasploit,osx,local,0 38559,platforms/linux/local/38559.txt,"Linux Kernel 3.3.5 - 'b43' Wireless Driver Privilege Escalation",2013-06-07,"Kees Cook",linux,local,0 @@ -8641,7 +8641,7 @@ id,file,description,date,author,platform,type,port 40360,platforms/linux/local/40360.txt,"MySQL / MariaDB / PerconaDB 5.5.51 / 5.6.32 / 5.7.14 - Code Execution / Privilege Escalation",2016-09-12,"Dawid Golunski",linux,local,3306 40774,platforms/linux/local/40774.sh,"Nagios 4.2.2 - Privilege Escalation",2016-11-18,"Vincent Malguy",linux,local,0 39340,platforms/android/local/39340.cpp,"Google Android - 'sensord' Privilege Escalation",2016-01-27,s0m3b0dy,android,local,0 -39417,platforms/windows/local/39417.py,"FTPShell Client 5.24 - (Create NewFolder) Local Buffer Overflow",2016-02-04,"Arash Khazaei",windows,local,0 +39417,platforms/windows/local/39417.py,"FTPShell Client 5.24 - Create NewFolder Local Buffer Overflow",2016-02-04,"Arash Khazaei",windows,local,0 39432,platforms/win_x86/local/39432.c,"Microsoft Windows 7 SP1 (x86) - 'WebDAV' Privilege Escalation (MS16-016) (1)",2016-02-10,koczkatamas,win_x86,local,0 39433,platforms/linux/local/39433.py,"Deepin Linux 15 - 'lastore-daemon' Privilege Escalation",2016-02-10,"King's Way",linux,local,0 39438,platforms/xml/local/39438.txt,"Wieland wieplan 4.1 - Document Parsing Java Code Execution Using XMLDecoder",2016-02-10,LiquidWorm,xml,local,0 @@ -8708,7 +8708,7 @@ id,file,description,date,author,platform,type,port 39980,platforms/windows/local/39980.rb,"Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow (Metasploit)",2016-06-20,s0nk3y,windows,local,0 39984,platforms/win_x86-64/local/39984.txt,"ACROS Security 0patch 2016.05.19.539 - '0PatchServicex64.exe' Unquoted Service Path Privilege Escalation",2016-06-20,LiquidWorm,win_x86-64,local,0 39992,platforms/linux/local/39992.txt,"Linux - ecryptfs and /proc/$pid/environ Privilege Escalation",2016-06-21,"Google Security Research",linux,local,0 -40017,platforms/windows/local/40017.py,"Mediacoder 0.8.43.5830 - '.m3u' Buffer Overflow SEH Exploit",2016-06-27,"Sibusiso Sishi",windows,local,0 +40017,platforms/windows/local/40017.py,"Mediacoder 0.8.43.5830 - '.m3u' Buffer Overflow (SEH)",2016-06-27,"Sibusiso Sishi",windows,local,0 40018,platforms/windows/local/40018.py,"VUPlayer 2.49 - '.m3u' Buffer Overflow (Win 7 DEP Bypass)",2016-06-27,secfigo,windows,local,0 40020,platforms/windows/local/40020.txt,"Panda Security Multiple Products - Privilege Escalation",2016-06-27,Security-Assessment.com,windows,local,0 40023,platforms/linux/local/40023.py,"PInfo 0.6.9-5.1 - Local Buffer Overflow",2016-06-27,"Juan Sacco",linux,local,0 @@ -8831,7 +8831,7 @@ id,file,description,date,author,platform,type,port 40871,platforms/lin_x86-64/local/40871.c,"Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' Race Condition Privilege Escalation",2016-12-06,rebel,lin_x86-64,local,0 40873,platforms/windows/local/40873.txt,"Microsoft PowerShell - XML External Entity Injection",2016-12-06,hyp3rlinx,windows,local,0 40902,platforms/windows/local/40902.txt,"EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation",2016-12-11,"Ashiyane Digital Security Team",windows,local,0 -40903,platforms/windows/local/40903.py,"10-Strike Network File Search Pro 2.3 - SEH Local Buffer Overflow",2016-12-10,malwrforensics,windows,local,0 +40903,platforms/windows/local/40903.py,"10-Strike Network File Search Pro 2.3 - Local Buffer Overflow (SEH)",2016-12-10,malwrforensics,windows,local,0 40921,platforms/linux/local/40921.sh,"Nagios < 4.2.4 - Privilege Escalation",2016-12-15,"Dawid Golunski",linux,local,0 40931,platforms/multiple/local/40931.txt,"iOS 10.1.1 / macOS 10.12 16A323 XNU Kernel - set_dp_control_port Lack of Locking Use-After-Free",2016-12-16,"Google Security Research",multiple,local,0 40937,platforms/linux/local/40937.txt,"Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution",2016-12-14,"Donncha OCearbhaill",linux,local,0 @@ -9849,7 +9849,7 @@ id,file,description,date,author,platform,type,port 5416,platforms/windows/remote/5416.html,"IBiz E-Banking Integrator 2.0 - ActiveX Edition Insecure Method Exploit",2008-04-09,shinnai,windows,remote,0 5430,platforms/multiple/remote/5430.txt,"HP OpenView Network Node Manager 7.53 - Multiple Vulnerabilities",2008-04-11,"Luigi Auriemma",multiple,remote,0 5445,platforms/windows/remote/5445.cpp,"HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow",2008-04-14,Heretic2,windows,remote,2954 -5451,platforms/windows/remote/5451.py,"BigAnt Server 2.2 - Unauthenticated Remote SEH Overflow",2008-04-15,ryujin,windows,remote,6080 +5451,platforms/windows/remote/5451.py,"BigAnt Server 2.2 - Unauthenticated Remote Overflow (SEH)",2008-04-15,ryujin,windows,remote,6080 5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG - Wireless Driver Remote Buffer Overflow (Metasploit)",2008-04-17,oveRet,windows,remote,0 5489,platforms/windows/remote/5489.html,"Zune Software - ActiveX Arbitrary File Overwrite",2008-04-23,"ilion security",windows,remote,0 5496,platforms/windows/remote/5496.html,"Watchfire Appscan 7.0 - ActiveX Multiple Insecure Methods",2008-04-25,callAX,windows,remote,0 @@ -9873,7 +9873,7 @@ id,file,description,date,author,platform,type,port 5746,platforms/windows/remote/5746.html,"Black Ice Software Inc Barcode SDK - 'BITiff.ocx' Remote Buffer Overflow (1)",2008-06-05,shinnai,windows,remote,0 5747,platforms/windows/remote/5747.html,"Black Ice Software Inc Barcode SDK - 'BITiff.ocx' Remote Buffer Overflow (2)",2008-06-05,shinnai,windows,remote,0 5750,platforms/windows/remote/5750.html,"Black Ice Software Inc Barcode SDK - 'BIDIB.ocx' Multiple Vulnerabilities",2008-06-05,shinnai,windows,remote,0 -5751,platforms/windows/remote/5751.pl,"freeSSHd 1.2.1 - Authenticated Remote SEH Overflow",2008-06-06,ryujin,windows,remote,22 +5751,platforms/windows/remote/5751.pl,"freeSSHd 1.2.1 - Authenticated Remote Overflow (SEH)",2008-06-06,ryujin,windows,remote,22 5777,platforms/windows/remote/5777.html,"Black Ice Software Annotation Plugin - 'BiAnno.ocx' Remote Buffer Overflow",2008-06-10,shinnai,windows,remote,0 5778,platforms/windows/remote/5778.html,"Black Ice Software Annotation Plugin - 'BiAnno.ocx' Buffer Overflow (2)",2008-06-10,shinnai,windows,remote,0 5790,platforms/multiple/remote/5790.txt,"SNMPv3 - HMAC Validation error Remote Authentication Bypass",2008-06-12,"Maurizio Agazzini",multiple,remote,161 @@ -10339,7 +10339,7 @@ id,file,description,date,author,platform,type,port 11179,platforms/windows/remote/11179.rb,"Exploit EFS Software Easy Chat Server 2.2 - Buffer Overflow",2010-01-18,"John Babio",windows,remote,0 11203,platforms/multiple/remote/11203.py,"Pidgin MSN 2.6.4 - File Download",2010-01-19,"Mathieu GASPARD",multiple,remote,0 11204,platforms/windows/remote/11204.html,"AOL 9.5 - ActiveX Exploit (Heap Spray)",2010-01-20,Dz_attacker,windows,remote,0 -11210,platforms/windows/remote/11210.rb,"EFS Easy Chat Server - Universal Buffer Overflow SEH (Metasploit)",2010-01-21,fb1h2s,windows,remote,0 +11210,platforms/windows/remote/11210.rb,"EFS Easy Chat Server - Universal Buffer Overflow (SEH) (Metasploit)",2010-01-21,fb1h2s,windows,remote,0 11220,platforms/windows/remote/11220.py,"IntelliTamper 2.07/2.08 - Remote Buffer Overflow (SEH)",2010-01-22,loneferret,windows,remote,0 11257,platforms/windows/remote/11257.rb,"AOL 9.5 - Phobos.Playlist 'Import()' Buffer Overflow (Metasploit)",2010-01-25,Trancer,windows,remote,0 11272,platforms/windows/remote/11272.py,"CamShot 1.2 - Overwrite (SEH)",2010-01-27,tecnik,windows,remote,0 @@ -11400,7 +11400,7 @@ id,file,description,date,author,platform,type,port 18723,platforms/multiple/remote/18723.rb,"Snort 2 - DCE/RPC Preprocessor Buffer Overflow (Metasploit)",2012-04-09,Metasploit,multiple,remote,0 18727,platforms/windows/remote/18727.rb,"IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 - ActiveX RunAndUploadFile() Method Overflow (Metasploit)",2012-04-10,Metasploit,windows,remote,0 18735,platforms/windows/remote/18735.rb,"Quest InTrust - Annotation Objects Uninitialized Pointer (Metasploit)",2012-04-13,Metasploit,windows,remote,0 -18738,platforms/php/remote/18738.rb,"V-CMS - Arbitrary .PHP File Upload / Execution (Metasploit)",2012-04-14,Metasploit,php,remote,0 +18738,platforms/php/remote/18738.rb,"V-CMS - Arbitrary '.PHP' File Upload / Execution (Metasploit)",2012-04-14,Metasploit,php,remote,0 18759,platforms/windows/remote/18759.rb,"TFTP Server 1.4 - ST WRQ Buffer Overflow (Metasploit)",2012-04-20,Metasploit,windows,remote,0 18761,platforms/linux/remote/18761.rb,"Adobe Flash Player - ActionScript Launch Command Execution (Metasploit)",2012-04-20,Metasploit,linux,remote,0 18763,platforms/multiple/remote/18763.txt,"Liferay 6.0.x - WebDAV File Reading",2012-04-22,"Jelmer Kuperus",multiple,remote,0 @@ -11612,7 +11612,7 @@ id,file,description,date,author,platform,type,port 19621,platforms/windows/remote/19621.c,"Admiral Systems EmailClub 1.0.0.5 - Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19622,platforms/windows/remote/19622.c,"Antelope Software W4-Server 2.6 a/Win32 - Cgitest.exe Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19623,platforms/windows/remote/19623.c,"International TeleCommunications WebBBS 2.13 - login & Password Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 -19625,platforms/windows/remote/19625.py,"ALLMediaServer 0.8 - SEH Overflow",2012-07-06,"motaz reda",windows,remote,888 +19625,platforms/windows/remote/19625.py,"ALLMediaServer 0.8 - Overflow (SEH)",2012-07-06,"motaz reda",windows,remote,888 19632,platforms/hardware/remote/19632.txt,"Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink WebServer - Retrieve Administrator Password",1999-11-17,"Dennis W. Mattison",hardware,remote,0 19634,platforms/linux/remote/19634.c,"ETL Delegate 5.9.x / 6.0.x - Buffer Overflow",1999-11-13,scut,linux,remote,0 19637,platforms/windows/remote/19637.txt,"Microsoft Internet Explorer 5 (Windows 95/98/2000/NT 4) - XML HTTP Redirect",1999-11-22,"Georgi Guninksi",windows,remote,0 @@ -11826,7 +11826,7 @@ id,file,description,date,author,platform,type,port 20180,platforms/windows/remote/20180.c,"RobTex Viking Server 1.0.6 Build 355 - Buffer Overflow",2000-08-28,wildcoyote,windows,remote,0 20181,platforms/multiple/remote/20181.txt,"Kerberos 4 4.0/5 5.0 - KDC Spoofing",2000-08-28,"Dug Song",multiple,remote,0 20182,platforms/windows/remote/20182.txt,"Ipswitch IMail 6.x - File Attachment",2000-08-30,Timescape,windows,remote,0 -20183,platforms/cgi/remote/20183.pl,"GWScripts News Publisher 1.0 - author.file Write",2000-08-29,n30,cgi,remote,0 +20183,platforms/cgi/remote/20183.pl,"GWScripts News Publisher 1.0 - 'author.file' Write",2000-08-29,n30,cgi,remote,0 20184,platforms/windows/remote/20184.txt,"eEye Digital Security IRIS 1.0.1 / SpyNet CaptureNet 3.0.12 - Buffer Overflow",2000-08-31,"Ussr Labs",windows,remote,0 20194,platforms/cgi/remote/20194.pl,"CGI Script Center Auction Weaver 1.0.2 - Remote Command Execution",2000-08-30,teleh0r,cgi,remote,0 20299,platforms/windows/remote/20299.pl,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (2)",2000-10-21,"Roelof Temmingh",windows,remote,0 @@ -12270,7 +12270,7 @@ id,file,description,date,author,platform,type,port 21191,platforms/linux/remote/21191.rb,"OpenFiler 2.x - NetworkCard Command Execution (Metasploit)",2012-09-10,Metasploit,linux,remote,0 21192,platforms/linux/remote/21192.c,"STunnel 3.x - Client Negotiation Protocol Format String",2001-12-22,deltha,linux,remote,0 21193,platforms/multiple/remote/21193.txt,"DeleGate 7.7.1 - Cross-Site Scripting",2001-12-28,"SNS Research",multiple,remote,0 -21194,platforms/cgi/remote/21194.txt,"Abe Timmerman - zml.cgi File Disclosure",2001-12-31,blackshell,cgi,remote,0 +21194,platforms/cgi/remote/21194.txt,"Abe Timmerman - 'zml.cgi' File Disclosure",2001-12-31,blackshell,cgi,remote,0 21195,platforms/windows/remote/21195.txt,"Microsoft Internet Explorer 5/6 - GetObject File Disclosure",2002-01-01,"Georgi Guninski",windows,remote,0 21196,platforms/windows/remote/21196.txt,"AOL Instant Messenger 4.x - Remote Buffer Overflow",2002-01-02,"Matt Conover",windows,remote,0 21197,platforms/multiple/remote/21197.txt,"BSCW 3.4/4.0 - Insecure Default Installation",2002-01-03,"Thomas Seliger",multiple,remote,0 @@ -12282,7 +12282,7 @@ id,file,description,date,author,platform,type,port 21204,platforms/windows/remote/21204.txt,"Apache 1.3.20 (Win32) - 'PHP.exe' Remote File Disclosure",2002-01-04,"Paul Brereton",windows,remote,0 21205,platforms/linux/remote/21205.c,"Boozt 0.9.8 - Buffer Overflow",2002-01-07,"Rafael San Miguel Carrasco",linux,remote,0 21207,platforms/windows/remote/21207.c,"RealPlayer 7.0/8.0 - Media File Buffer Overflow",2002-01-05,UNYUN,windows,remote,0 -21210,platforms/linux/remote/21210.txt,"X-Chat 1.x - CTCP Ping Arbitrary Remote IRC Command Execution",2002-01-09,"Marcus Meissner",linux,remote,0 +21210,platforms/linux/remote/21210.txt,"X-Chat 1.x - CTCP Ping Remote IRC Command Execution",2002-01-09,"Marcus Meissner",linux,remote,0 21211,platforms/windows/remote/21211.txt,"EServ 2.9x - Password-Protected File Access",2002-01-10,"Tamer Sahin",windows,remote,0 21212,platforms/multiple/remote/21212.txt,"Cacheflow CacheOS 3.1/4.0 Web Administration - Arbitrary Cached Page Code Leakage",2002-01-08,"Bjorn Djupvik",multiple,remote,0 21214,platforms/windows/remote/21214.c,"SapporoWorks Black JumboDog 2.6.4/2.6.5 - HTTP Proxy Buffer Overflow",2002-01-01,UNYUN,windows,remote,0 @@ -12640,7 +12640,7 @@ id,file,description,date,author,platform,type,port 22305,platforms/windows/remote/22305.rb,"HP Operations Agent Opcode - coda.exe 0x8c Buffer Overflow (Metasploit)",2012-10-29,Metasploit,windows,remote,0 22306,platforms/windows/remote/22306.rb,"HP Operations Agent - Opcode coda.exe 0x34 Buffer Overflow (Metasploit)",2012-10-29,Metasploit,windows,remote,0 22311,platforms/cgi/remote/22311.txt,"Axis Communications Video Server 2.x - Command.cgi File Creation",2003-02-28,"Martin Eiszner",cgi,remote,0 -22312,platforms/cgi/remote/22312.txt,"Apple QuickTime/Darwin Streaming Server 4.1.x - parse_xml.cgi File Disclosure",2003-02-28,"Joe Testa",cgi,remote,0 +22312,platforms/cgi/remote/22312.txt,"Apple QuickTime/Darwin Streaming Server 4.1.x - 'parse_xml.cgi' File Disclosure",2003-02-28,"Joe Testa",cgi,remote,0 22313,platforms/unix/remote/22313.c,"Sendmail 8.12.x - Header Processing Buffer Overflow (1)",2003-03-02,"Last Stage of Delirium",unix,remote,0 22314,platforms/unix/remote/22314.c,"Sendmail 8.12.x - Header Processing Buffer Overflow (2)",2003-03-02,bysin,unix,remote,0 22319,platforms/hardware/remote/22319.txt,"HP JetDirect Printer - SNMP JetAdmin Device Password Disclosure",2003-03-03,"Sven Pechler",hardware,remote,0 @@ -12809,8 +12809,8 @@ id,file,description,date,author,platform,type,port 23006,platforms/php/remote/23006.rb,"Network Shutdown Module 3.21 - (sort_values) Remote PHP Code Injection (Metasploit)",2012-11-29,Metasploit,php,remote,0 22969,platforms/linux/remote/22969.c,"Valve Software Half-Life Server 3.1.1.0 - Multiplayer Request Buffer Overflow",2003-07-29,KnbykL,linux,remote,0 22973,platforms/windows/remote/22973.rb,"Apple QuickTime 7.7.2 - MIME Type Buffer Overflow (Metasploit)",2012-11-28,Metasploit,windows,remote,0 -22974,platforms/unix/remote/22974.c,"WU-FTPD 2.6.2 - realpath() Off-by-One Buffer Overflow",2003-08-02,Xpl017Elz,unix,remote,0 -22975,platforms/unix/remote/22975.c,"WU-FTPD 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow",2003-08-06,Xpl017Elz,unix,remote,0 +22974,platforms/unix/remote/22974.c,"WU-FTPD 2.6.2 - 'realpath()' Off-by-One Buffer Overflow",2003-08-02,Xpl017Elz,unix,remote,0 +22975,platforms/unix/remote/22975.c,"WU-FTPD 2.6.2 / 2.6.0 / 2.6.1 - 'realpath()' Off-by-One Buffer Overflow",2003-08-06,Xpl017Elz,unix,remote,0 22976,platforms/freebsd/remote/22976.pl,"FreeBSD 4.8 - realpath() Off-by-One Buffer Overflow",2003-07-31,daniels@legend.co.uk,freebsd,remote,0 22994,platforms/multiple/remote/22994.txt,"Sun One 5.1 / IPlanet 5.0/5.1 - Administration Server Directory Traversal",2003-08-08,"Jim Hardisty",multiple,remote,0 23002,platforms/windows/remote/23002.txt,"MDaemon SMTP Server 5.0.5 - Null Password Authentication",2003-08-09,"Buckaroo Banzai",windows,remote,0 @@ -13018,8 +13018,8 @@ id,file,description,date,author,platform,type,port 23643,platforms/windows/remote/23643.txt,"Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy (MS04-004)",2004-02-03,"Andreas Sandblad",windows,remote,0 23649,platforms/windows/remote/23649.rb,"Microsoft SQL Server - Database Link Crawling Command Execution (Metasploit)",2012-12-25,Metasploit,windows,remote,0 23650,platforms/windows/remote/23650.rb,"IBM Lotus Notes Client URL Handler - Command Injection (Metasploit)",2012-12-25,Metasploit,windows,remote,0 -23651,platforms/php/remote/23651.rb,"WordPress Plugin WP-Property - Arbitrary .PHP File Upload (Metasploit)",2012-12-25,Metasploit,php,remote,0 -23652,platforms/php/remote/23652.rb,"WordPress Plugin Asset-Manager - Arbitrary .PHP File Upload (Metasploit)",2012-12-25,Metasploit,php,remote,0 +23651,platforms/php/remote/23651.rb,"WordPress Plugin WP-Property - Arbitrary '.PHP' File Upload (Metasploit)",2012-12-25,Metasploit,php,remote,0 +23652,platforms/php/remote/23652.rb,"WordPress Plugin Asset-Manager - Arbitrary '.PHP' File Upload (Metasploit)",2012-12-25,Metasploit,php,remote,0 23668,platforms/windows/remote/23668.txt,"Microsoft Internet Explorer 5.0.1 - LoadPicture File Enumeration",2004-02-07,Jelmer,windows,remote,0 23671,platforms/linux/remote/23671.txt,"Caucho Technology Resin 2.1.12 - Directory Listings Disclosure",2004-02-09,"Wang Yun",linux,remote,0 23675,platforms/windows/remote/23675.txt,"Microsoft Windows XP - HCP URI Handler Arbitrary Command Execution",2004-02-09,"Bartosz Kwitkowski",windows,remote,0 @@ -13217,12 +13217,12 @@ id,file,description,date,author,platform,type,port 24526,platforms/windows/remote/24526.py,"Microsoft Office 2010 - Download Execute",2013-02-20,g11tch,windows,remote,0 24527,platforms/windows/remote/24527.rb,"BigAnt Server 2.97 - SCH And DUPF Buffer Overflow (Metasploit)",2013-02-20,Metasploit,windows,remote,0 24528,platforms/windows/remote/24528.rb,"BigAnt Server 2.97 - DUPF Command Arbitrary File Upload (Metasploit)",2013-02-20,Metasploit,windows,remote,0 -24529,platforms/php/remote/24529.rb,"OpenEMR - Arbitrary .PHP File Upload (Metasploit)",2013-02-20,Metasploit,php,remote,0 +24529,platforms/php/remote/24529.rb,"OpenEMR - Arbitrary '.PHP' File Upload (Metasploit)",2013-02-20,Metasploit,php,remote,0 24538,platforms/windows/remote/24538.rb,"Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) (2)",2013-02-23,Metasploit,windows,remote,0 24539,platforms/multiple/remote/24539.rb,"Java Applet JMX - Remote Code Execution (Metasploit) (2)",2013-02-25,Metasploit,multiple,remote,0 24547,platforms/php/remote/24547.rb,"Kordil EDms 2.2.60rc3 - Unauthenticated Arbitrary File Upload (Metasploit)",2013-02-26,Metasploit,php,remote,0 24548,platforms/php/remote/24548.rb,"Glossword 1.8.8 < 1.8.12 - Arbitrary File Upload (Metasploit)",2013-02-26,Metasploit,php,remote,0 -24549,platforms/php/remote/24549.rb,"PolarPearCMS - Arbitrary .PHP File Upload (Metasploit)",2013-02-26,Metasploit,php,remote,0 +24549,platforms/php/remote/24549.rb,"PolarPearCMS - Arbitrary '.PHP' File Upload (Metasploit)",2013-02-26,Metasploit,php,remote,0 24557,platforms/windows/remote/24557.py,"Sami FTP Server 2.0.1 - LIST Command Buffer Overflow",2013-03-01,superkojiman,windows,remote,0 24567,platforms/multiple/remote/24567.txt,"Oracle Database Server 8.1.7/9.0.x - ctxsys.driload Access Validation",2004-09-03,"Alexander Kornbrust",multiple,remote,0 24568,platforms/windows/remote/24568.html,"Grokster 1.3/2.6 / KaZaA Media Desktop 1.3.x/1.6.1/2.0.x - ActiveX Control Remote Buffer Overflow",2004-09-03,celebrityhacker,windows,remote,0 @@ -13596,7 +13596,7 @@ id,file,description,date,author,platform,type,port 27326,platforms/linux/remote/27326.txt,"MySQL 5.0.18 - Query Logging Bypass",2006-02-27,1dt.w0lf,linux,remote,0 27378,platforms/windows/remote/27378.txt,"Easy File Sharing Web Server 3.2 - Full Path Request Arbitrary File Upload",2006-03-09,"Revnic Vasile",windows,remote,0 27397,platforms/linux/remote/27397.txt,"Apache suEXEC - Privilege Elevation / Information Disclosure",2013-08-07,kingcope,linux,remote,0 -27400,platforms/windows/remote/27400.py,"HP Data Protector - Arbitrary Remote Command Execution",2013-08-07,"Alessandro Di Pinto and Claudio Moletta",windows,remote,0 +27400,platforms/windows/remote/27400.py,"HP Data Protector - Remote Command Execution",2013-08-07,"Alessandro Di Pinto and Claudio Moletta",windows,remote,0 27401,platforms/windows/remote/27401.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Authentication Bypass / Directory Traversal SAM Retrieval Exploit",2013-08-07,Wireghoul,windows,remote,0 27428,platforms/hardware/remote/27428.rb,"D-Link Devices - 'tools_vct.xgi' Unauthenticated Remote Command Execution (Metasploit)",2013-08-08,Metasploit,hardware,remote,0 27429,platforms/windows/remote/27429.rb,"Mozilla Firefox - onreadystatechange Event DocumentViewerImpl Use-After-Free (Metasploit)",2013-08-08,Metasploit,windows,remote,0 @@ -13635,7 +13635,7 @@ id,file,description,date,author,platform,type,port 27716,platforms/multiple/remote/27716.txt,"Asterisk Recording Interface 0.7.15 - Audio.php Information Disclosure",2006-04-21,"Francois Harvey",multiple,remote,0 27744,platforms/windows/remote/27744.html,"Microsoft Internet Explorer 5.0.1 - Modal Dialog Manipulation",2006-04-26,"Matthew Murphy",windows,remote,0 27746,platforms/windows/remote/27746.txt,"winiso 5.3 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 -27747,platforms/windows/remote/27747.pl,"freeFTPd 1.0.10 - 'PASS' SEH Buffer Overflow",2013-08-21,Wireghoul,windows,remote,21 +27747,platforms/windows/remote/27747.pl,"freeFTPd 1.0.10 - 'PASS' Buffer Overflow (SEH)",2013-08-21,Wireghoul,windows,remote,21 27752,platforms/unix/remote/27752.rb,"Graphite Web - Unsafe Pickle Handling (Metasploit)",2013-08-21,Metasploit,unix,remote,0 27754,platforms/windows/remote/27754.txt,"Oracle Java - BytePackedRaster.verify() Signed Integer Overflow",2013-08-21,"Packet Storm",windows,remote,0 27758,platforms/windows/remote/27758.txt,"ezb systems ultraiso 8.0.1392 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 @@ -13677,7 +13677,7 @@ id,file,description,date,author,platform,type,port 28082,platforms/windows/remote/28082.rb,"Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059) (Metasploit)",2013-09-04,Metasploit,windows,remote,0 28083,platforms/windows/remote/28083.rb,"HP LoadRunner - lrFileIOService ActiveX WriteFileString Remote Code Execution (Metasploit)",2013-09-04,Metasploit,windows,remote,0 28118,platforms/windows/remote/28118.html,"Microsoft Internet Explorer 5.0.1 - OuterHTML redirection Handling Information Disclosure",2006-06-27,"Plebo Aesdi Nael",windows,remote,0 -28170,platforms/windows/remote/28170.rb,"freeFTPd 1.0.10 - 'PASS' SEH Buffer Overflow (Metasploit)",2013-09-09,"Muhamad Fadzil Ramli",windows,remote,21 +28170,platforms/windows/remote/28170.rb,"freeFTPd 1.0.10 - 'PASS' Buffer Overflow (SEH) (Metasploit)",2013-09-09,"Muhamad Fadzil Ramli",windows,remote,21 28181,platforms/linux/remote/28181.c,"AdPlug 2.0 - Multiple Remote File Buffer Overflow Vulnerabilities",2006-07-06,"Luigi Auriemma",linux,remote,0 28183,platforms/windows/remote/28183.py,"eM Client e-mail client 5.0.18025.0 - Persistent Cross-Site Scripting",2013-09-10,loneferret,windows,remote,0 28186,platforms/windows/remote/28186.c,"Kaillera 0.86 - Message Buffer Overflow",2006-07-06,"Luigi Auriemma",windows,remote,0 @@ -13787,7 +13787,7 @@ id,file,description,date,author,platform,type,port 29302,platforms/linux/remote/29302.txt,"Mono XSP 1.x/2.0 - Source Code Information Disclosure",2006-12-20,jose.palanco,linux,remote,0 29316,platforms/php/remote/29316.py,"Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner)",2013-10-31,noptrix,php,remote,0 29319,platforms/php/remote/29319.rb,"vTigerCRM 5.3.0 5.4.0 - Authenticated Remote Code Execution (Metasploit)",2013-10-31,Metasploit,php,remote,80 -29320,platforms/php/remote/29320.rb,"NAS4Free - Arbitrary Remote Code Execution (Metasploit)",2013-10-31,Metasploit,php,remote,80 +29320,platforms/php/remote/29320.rb,"NAS4Free - Remote Code Execution (Metasploit)",2013-10-31,Metasploit,php,remote,80 29321,platforms/linux/remote/29321.rb,"Zabbix - Authenticated Remote Command Execution (Metasploit)",2013-10-31,Metasploit,linux,remote,80 29322,platforms/php/remote/29322.rb,"ISPConfig - Authenticated Arbitrary PHP Code Execution (Metasploit)",2013-10-31,Metasploit,php,remote,80 29323,platforms/linux/remote/29323.rb,"OpenMediaVault Cron - Remote Command Execution (Metasploit)",2013-10-31,Metasploit,linux,remote,80 @@ -14144,13 +14144,13 @@ id,file,description,date,author,platform,type,port 31918,platforms/multiple/remote/31918.txt,"Crysis 1.21 - 'keyexchange' Packet Information Disclosure",2008-06-15,"Luigi Auriemma",multiple,remote,0 31920,platforms/multiple/remote/31920.txt,"Glub Tech Secure FTP 2.5.15 - 'LIST' Command Directory Traversal",2008-06-13,"Tan Chew Keong",multiple,remote,0 31921,platforms/multiple/remote/31921.txt,"3D-FTP 8.01 - 'LIST' and 'MLSD' Directory Traversal",2008-06-16,"Tan Chew Keong",multiple,remote,0 -31922,platforms/multiple/remote/31922.txt,"GlassFish Application Server resourceNode/customResourceNew.jsf - Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 -31923,platforms/multiple/remote/31923.txt,"GlassFish Application Server resourceNode/externalResourceNew.jsf - Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 -31924,platforms/multiple/remote/31924.txt,"GlassFish Application Server resourceNode/jmsDestinationNew.jsf - Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 -31925,platforms/multiple/remote/31925.txt,"GlassFish Application Server resourceNode/jmsConnectionNew.jsf - Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 -31926,platforms/multiple/remote/31926.txt,"GlassFish Application Server resourceNode/jdbcResourceNew.jsf - Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 -31927,platforms/multiple/remote/31927.txt,"GlassFish Application Server Applications/lifecycleModulesNew.jsf - Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 -31928,platforms/multiple/remote/31928.txt,"GlassFish Application Server - resourceNode/jdbcConnectionPoolNew1.jsf Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31922,platforms/multiple/remote/31922.txt,"GlassFish Application Server - 'resourceNode/customResourceNew.jsf' Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31923,platforms/multiple/remote/31923.txt,"GlassFish Application Server - 'resourceNode/externalResourceNew.jsf' Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31924,platforms/multiple/remote/31924.txt,"GlassFish Application Server - 'resourceNode/jmsDestinationNew.jsf' Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31925,platforms/multiple/remote/31925.txt,"GlassFish Application Server - 'resourceNode/jmsConnectionNew.jsf' Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31926,platforms/multiple/remote/31926.txt,"GlassFish Application Server - 'resourceNode/jdbcResourceNew.jsf' Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31927,platforms/multiple/remote/31927.txt,"GlassFish Application Server - 'Applications/lifecycleModulesNew.jsf' Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31928,platforms/multiple/remote/31928.txt,"GlassFish Application Server - 'resourceNode/jdbcConnectionPoolNew1.jsf' Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 31936,platforms/multiple/remote/31936.txt,"UltraEdit 14.00b - FTP/SFTP 'LIST' Command Directory Traversal",2008-06-17,"Tan Chew Keong",multiple,remote,0 31941,platforms/multiple/remote/31941.txt,"WISE-FTP 4.1/5.5.8 - FTP Client 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 31942,platforms/multiple/remote/31942.txt,"Classic FTP 1.02 - 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 @@ -14242,7 +14242,7 @@ id,file,description,date,author,platform,type,port 32684,platforms/windows/remote/32684.c,"Microsoft Windows Media Player 9/10/11 - '.WAV' File Parsing Code Execution",2008-12-29,anonymous,windows,remote,0 32686,platforms/multiple/remote/32686.xml,"MagpieRSS 0.72 - CDATA HTML Injection",2008-12-29,system_meltdown,multiple,remote,0 32690,platforms/linux/remote/32690.txt,"xterm - DECRQSS Remote Command Execution",2008-12-29,"Paul Szabo",linux,remote,0 -32691,platforms/linux/remote/32691.txt,"Audio File Library 0.2.6 - libaudiofile 'msadpcm.c' .WAV File Processing Buffer Overflow",2008-12-30,"Anton Khirnov",linux,remote,0 +32691,platforms/linux/remote/32691.txt,"Audio File Library 0.2.6 - libaudiofile 'msadpcm.c' '.WAV' File Processing Buffer Overflow",2008-12-30,"Anton Khirnov",linux,remote,0 32699,platforms/windows/remote/32699.txt,"Google Chrome 1.0.154.36 - FTP Client PASV Port Scan Information Disclosure",2009-01-05,"Aditya K Sood",windows,remote,0 32711,platforms/windows/remote/32711.txt,"Multiple CA Service Management Products - Unspecified Remote Command Execution",2009-01-07,"Michel Arboi",windows,remote,0 32723,platforms/hardware/remote/32723.txt,"Cisco IOS 12.x - HTTP Server Multiple Cross-Site Scripting Vulnerabilities",2009-01-14,"Adrian Pastor",hardware,remote,0 @@ -15173,7 +15173,7 @@ id,file,description,date,author,platform,type,port 39089,platforms/hardware/remote/39089.txt,"Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution",2014-02-05,"Marcel Mangold",hardware,remote,0 39114,platforms/ios/remote/39114.txt,"Apple iOS 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 39115,platforms/multiple/remote/39115.py,"ET - Chat Password Reset Security Bypass",2014-03-09,IRH,multiple,remote,0 -39119,platforms/windows/remote/39119.py,"KiTTY Portable 0.65.0.2p - Chat Remote Buffer Overflow (SEH Windows XP/7/10)",2015-12-29,"Guillaume Kaddouch",windows,remote,0 +39119,platforms/windows/remote/39119.py,"KiTTY Portable 0.65.0.2p (Windows XP/7/10) - Chat Remote Buffer Overflow (SEH)",2015-12-29,"Guillaume Kaddouch",windows,remote,0 39138,platforms/hardware/remote/39138.html,"ICOMM 610 Wireless Modem - Cross-Site Request Forgery",2014-04-12,"Blessen Thomas",hardware,remote,0 39227,platforms/hardware/remote/39227.txt,"FingerTec Fingerprint Reader - Remote Access and Remote Enrolment",2016-01-12,"Daniel Lawson",hardware,remote,0 39154,platforms/hardware/remote/39154.txt,"Comtrend CT-5361T Router - Password.cgi Cross-Site Request Forgery (Admin Password Manipulation)",2014-04-21,"TUNISIAN CYBER",hardware,remote,0 @@ -15359,7 +15359,7 @@ id,file,description,date,author,platform,type,port 41073,platforms/windows/remote/41073.py,"WinaXe Plus 8.7 - Buffer Overflow",2017-01-16,"Peter Baris",windows,remote,0 41079,platforms/windows/remote/41079.rb,"DiskBoss Enterprise - GET Buffer Overflow (Metasploit)",2017-01-16,Metasploit,windows,remote,80 41146,platforms/windows/remote/41146.rb,"Disk Savvy Enterprise - GET Buffer Overflow (Metasploit)",2017-01-23,Metasploit,windows,remote,80 -41148,platforms/windows/remote/41148.html,"Cisco WebEx - 'nativeMessaging' Arbitrary Remote Command Execution",2017-01-24,"Google Security Research",windows,remote,0 +41148,platforms/windows/remote/41148.html,"Cisco WebEx - 'nativeMessaging' Remote Command Execution",2017-01-24,"Google Security Research",windows,remote,0 41151,platforms/windows/remote/41151.rb,"Mozilla Firefox < 50.0.2 - 'nsSMILTimeContainer::NotifyTimeChange()' Remote Code Execution (Metasploit)",2017-01-24,Metasploit,windows,remote,0 41153,platforms/windows/remote/41153.rb,"Geutebrueck GCore 1.3.8.42/1.4.2.37 - Remote Code Execution (Metasploit)",2017-01-24,"Maurice Popp",windows,remote,0 41160,platforms/windows/remote/41160.py,"Autodesk Backburner Manager 3 < 2016.0.0.2150 - Null Dereference Denial of Service",2017-01-26,b0nd,windows,remote,0 @@ -16194,7 +16194,7 @@ id,file,description,date,author,platform,type,port 1214,platforms/php/webapps/1214.php,"AzDGDatingLite 2.1.3 - Remote Code Execution",2005-09-13,rgod,php,webapps,0 1217,platforms/php/webapps/1217.pl,"phpWebSite 0.10.0 - (module) SQL Injection",2005-09-15,RusH,php,webapps,0 1219,platforms/php/webapps/1219.c,"PHP-Nuke 7.8 - 'modules.php' SQL Injection",2005-09-16,RusH,php,webapps,0 -1221,platforms/php/webapps/1221.php,"CuteNews 1.4.0 - (shell inject) Remote Command Execution",2005-09-17,rgod,php,webapps,0 +1221,platforms/php/webapps/1221.php,"CuteNews 1.4.0 - Shell Inject Remote Command Execution",2005-09-17,rgod,php,webapps,0 1225,platforms/php/webapps/1225.php,"My Little Forum 1.5 - (SearchString) SQL Injection",2005-09-22,rgod,php,webapps,0 1226,platforms/php/webapps/1226.php,"phpMyFAQ 1.5.1 - (User-Agent) Remote Shell Injection",2005-09-23,rgod,php,webapps,0 1227,platforms/php/webapps/1227.php,"MailGust 1.9 - (board takeover) SQL Injection",2005-09-24,rgod,php,webapps,0 @@ -16210,7 +16210,7 @@ id,file,description,date,author,platform,type,port 1273,platforms/php/webapps/1273.pl,"TClanPortal 1.1.3 - 'id' SQL Injection",2005-10-26,Devil-00,php,webapps,0 1278,platforms/php/webapps/1278.pl,"Subdreamer 2.2.1 - SQL Injection / Command Execution",2005-10-31,RusH,php,webapps,0 1280,platforms/php/webapps/1280.pl,"VuBB Forum RC1 - (m) SQL Injection",2005-11-02,Devil-00,php,webapps,0 -1289,platforms/php/webapps/1289.php,"CuteNews 1.4.1 - (shell inject) Remote Command Execution",2005-11-03,rgod,php,webapps,0 +1289,platforms/php/webapps/1289.php,"CuteNews 1.4.1 - Shell Inject Remote Command Execution",2005-11-03,rgod,php,webapps,0 1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x - module (vBulletin/IPB) SQL Injection",2005-11-06,B~HFH,php,webapps,0 1298,platforms/php/webapps/1298.php,"ATutor 1.5.1pl2 - SQL Injection / Command Execution",2005-11-07,rgod,php,webapps,0 1312,platforms/php/webapps/1312.php,"Moodle 1.6dev - SQL Injection / Command Execution",2005-11-10,rgod,php,webapps,0 @@ -16237,7 +16237,7 @@ id,file,description,date,author,platform,type,port 1367,platforms/php/webapps/1367.php,"Flatnuke 2.5.6 - Privilege Escalation / Remote Commands Execution",2005-12-10,rgod,php,webapps,0 1370,platforms/php/webapps/1370.php,"phpCOIN 1.2.2 - 'phpcoinsessid' SQL Injection / Remote Code Execution",2005-12-12,rgod,php,webapps,0 1373,platforms/php/webapps/1373.php,"Limbo 1.0.4.2 - _SERVER[REMOTE_ADDR] Overwrite Remote Exploit",2005-12-14,rgod,php,webapps,0 -1379,platforms/php/webapps/1379.php,"PHPGedView 3.3.7 - Arbitrary Remote Code Execution",2005-12-20,rgod,php,webapps,0 +1379,platforms/php/webapps/1379.php,"PHPGedView 3.3.7 - Remote Code Execution",2005-12-20,rgod,php,webapps,0 1382,platforms/php/webapps/1382.pl,"phpBB 2.0.18 - Remote Brute Force/Dictionary Attack Tool (2)",2006-02-20,DarkFig,php,webapps,0 1383,platforms/php/webapps/1383.txt,"phpBB 2.0.18 - Cross-Site Scripting / Cookie Disclosure",2005-12-21,jet,php,webapps,0 1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 - 'rating' Parameter SQL Injection",2005-12-23,krasza,php,webapps,0 @@ -16258,7 +16258,7 @@ id,file,description,date,author,platform,type,port 1457,platforms/php/webapps/1457.txt,"phpBB 2.0.19 - Cross-Site Scripting Remote Cookie Disclosure",2006-01-29,threesixthousan,php,webapps,0 1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 - 'cookie' Remote Command Execution",2006-01-30,cijfer,php,webapps,0 1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod 1.3 - SQL Injection",2006-01-31,SkOd,php,webapps,0 -1467,platforms/php/webapps/1467.php,"LoudBlog 0.4 - Arbitrary Remote File Inclusion",2006-02-03,rgod,php,webapps,0 +1467,platforms/php/webapps/1467.php,"LoudBlog 0.4 - Remote File Inclusion",2006-02-03,rgod,php,webapps,0 1468,platforms/php/webapps/1468.php,"Clever Copy 3.0 - Admin Auth Details / SQL Injection",2006-02-04,rgod,php,webapps,0 1469,platforms/php/webapps/1469.pl,"phpBB 2.0.19 - (Style Changer/Demo Mod) SQL Injection",2006-02-05,SkOd,php,webapps,0 1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - (PATH_INFO) Arbitrary Command Execution",2006-02-06,Hessam-x,cgi,webapps,0 @@ -16266,7 +16266,7 @@ id,file,description,date,author,platform,type,port 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1482,platforms/php/webapps/1482.php,"SPIP 1.8.2g - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 < 2.2 - 'FileManager connector.php' Arbitrary File Upload",2006-02-09,rgod,php,webapps,0 -1485,platforms/php/webapps/1485.php,"RunCMS 1.2 - 'class.forumposts.php' Arbitrary Remote File Inclusion",2006-02-09,rgod,php,webapps,0 +1485,platforms/php/webapps/1485.php,"RunCMS 1.2 - 'class.forumposts.php' Remote File Inclusion",2006-02-09,rgod,php,webapps,0 1491,platforms/php/webapps/1491.php,"DocMGR 0.54.2 - (file_exists) Remote Commands Execution Exploit",2006-02-11,rgod,php,webapps,0 1492,platforms/php/webapps/1492.php,"Invision Power Board Army System Mod 2.1 - SQL Injection",2006-02-13,fRoGGz,php,webapps,0 1493,platforms/php/webapps/1493.php,"EnterpriseGS 1.0 rc4 - Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0 @@ -16296,7 +16296,7 @@ id,file,description,date,author,platform,type,port 1530,platforms/php/webapps/1530.pl,"saPHP Lesson 2.0 - (forumid) SQL Injection",2006-02-25,SnIpEr_SA,php,webapps,0 1532,platforms/php/webapps/1532.pl,"PwsPHP 1.2.3 - 'index.php' SQL Injection",2006-02-25,papipsycho,php,webapps,0 1533,platforms/php/webapps/1533.php,"4Images 1.7.1 - (Local Inclusion) Remote Code Execution",2006-02-26,rgod,php,webapps,0 -1538,platforms/php/webapps/1538.pl,"Farsinews 2.5 - Directory Traversal Arbitrary (users.db) access Exploit",2006-02-28,Hessam-x,php,webapps,0 +1538,platforms/php/webapps/1538.pl,"Farsinews 2.5 - Directory Traversal Arbitrary 'users.db' Access Exploit",2006-02-28,Hessam-x,php,webapps,0 1539,platforms/php/webapps/1539.txt,"MyBulletinBoard (MyBB) 1.03 - 'misc.php' SQL Injection",2006-02-28,Devil-00,php,webapps,0 1541,platforms/php/webapps/1541.pl,"Limbo CMS 1.0.4.2 - 'itemID' Parameter Remote Code Execution",2006-03-01,str0ke,php,webapps,0 1542,platforms/php/webapps/1542.pl,"phpRPC Library 0.7 - XML Data Decoding Remote Code Execution (1)",2006-03-01,LorD,php,webapps,0 @@ -16307,10 +16307,10 @@ id,file,description,date,author,platform,type,port 1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) 1.04 - 'misc.php' SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 1549,platforms/php/webapps/1549.php,"PHP-Stats 0.1.9.1 - Remote Commands Execution Exploit",2006-03-04,rgod,php,webapps,0 1550,platforms/asp/webapps/1550.txt,"TotalECommerce 1.0 - 'index.asp id' SQL Injection",2006-03-04,nukedx,asp,webapps,0 -1553,platforms/php/webapps/1553.pl,"Fantastic News 2.1.2 - (script_path) Remote Code Execution",2006-03-04,uid0,php,webapps,0 +1553,platforms/php/webapps/1553.pl,"Fantastic News 2.1.2 - 'script_path' Remote Code Execution",2006-03-04,uid0,php,webapps,0 1556,platforms/php/webapps/1556.pl,"D2-Shoutbox 4.2 IPB Mod - (load) SQL Injection",2006-03-06,SkOd,php,webapps,0 1561,platforms/php/webapps/1561.pl,"OWL Intranet Engine 0.82 - (xrms_file_root) Code Execution",2006-03-07,rgod,php,webapps,0 -1562,platforms/asp/webapps/1562.pl,"CilemNews System 1.1 - 'yazdir.asp haber_id' SQL Injection",2006-03-07,nukedx,asp,webapps,0 +1562,platforms/asp/webapps/1562.pl,"CilemNews System 1.1 - 'yazdir.asp' haber_id SQL Injection",2006-03-07,nukedx,asp,webapps,0 1563,platforms/php/webapps/1563.pm,"Limbo CMS 1.0.4.2 - 'itemID' Parameter Remote Code Execution (Metasploit)",2006-03-07,sirh0t,php,webapps,0 1566,platforms/php/webapps/1566.php,"Gallery 2.0.3 - stepOrder[] Remote Commands Execution Exploit",2006-03-08,rgod,php,webapps,0 1567,platforms/php/webapps/1567.php,"RedBLoG 0.5 - 'cat_id' SQL Injection",2006-03-08,x128,php,webapps,0 @@ -16363,7 +16363,7 @@ id,file,description,date,author,platform,type,port 1661,platforms/php/webapps/1661.pl,"phpBB 2.0.19 - (user_sig_bbcode_uid) Remote Code Execution",2006-04-10,RusH,php,webapps,0 1662,platforms/php/webapps/1662.php,"Clansys 1.1 (showid) - SQL Injection",2006-04-10,snatcher,php,webapps,0 1663,platforms/php/webapps/1663.php,"Simplog 0.9.2 - (s) Remote Commands Execution Exploit",2006-04-11,rgod,php,webapps,0 -1665,platforms/php/webapps/1665.pl,"Sphider 1.3 - 'configset.php' Arbitrary Remote File Inclusion",2006-04-12,rgod,php,webapps,0 +1665,platforms/php/webapps/1665.pl,"Sphider 1.3 - 'configset.php' Remote File Inclusion",2006-04-12,rgod,php,webapps,0 1666,platforms/php/webapps/1666.php,"PHP121 Instant Messenger 1.4 - Remote Code Execution",2006-04-12,rgod,php,webapps,0 1668,platforms/php/webapps/1668.php,"vBulletin ImpEx 1.74 - Remote Command Execution",2006-04-13,ReZEN,php,webapps,0 1669,platforms/cgi/webapps/1669.pl,"Censtore 7.3.x - 'censtore.cgi' Remote Command Execution",2006-04-13,FOX_MULDER,cgi,webapps,0 @@ -16422,8 +16422,8 @@ id,file,description,date,author,platform,type,port 1764,platforms/php/webapps/1764.txt,"EQdkp 1.3.0 - 'dbal.php' Remote File Inclusion",2006-05-07,OLiBekaS,php,webapps,0 1765,platforms/php/webapps/1765.pl,"Dokeos Lms 1.6.4 - 'authldap.php' Remote File Inclusion",2006-05-08,beford,php,webapps,0 1766,platforms/php/webapps/1766.pl,"Claroline E-Learning 1.75 - 'ldap.inc.php' Remote File Inclusion",2006-05-08,beford,php,webapps,0 -1767,platforms/php/webapps/1767.txt,"ActualAnalyzer Server 8.23 - (rf) Remote File Inclusion",2006-05-08,Aesthetico,php,webapps,0 -1768,platforms/php/webapps/1768.php,"ActualAnalyzer Pro 6.88 - (rf) Remote File Inclusion",2006-05-08,ReZEN,php,webapps,0 +1767,platforms/php/webapps/1767.txt,"ActualAnalyzer Server 8.23 - 'rf' Remote File Inclusion",2006-05-08,Aesthetico,php,webapps,0 +1768,platforms/php/webapps/1768.php,"ActualAnalyzer Pro 6.88 - 'rf' Remote File Inclusion",2006-05-08,ReZEN,php,webapps,0 1769,platforms/php/webapps/1769.txt,"phpListPro 2.01 - Multiple Remote File Inclusion",2006-05-08,Aesthetico,php,webapps,0 1773,platforms/php/webapps/1773.txt,"phpRaid 3.0.b3 - (phpBB/SMF) Remote File Inclusion",2006-05-09,"Kurdish Security",php,webapps,0 1774,platforms/php/webapps/1774.txt,"pafileDB 2.0.1 - (mxBB/phpBB) Remote File Inclusion",2006-05-09,Darkfire,php,webapps,0 @@ -16439,7 +16439,7 @@ id,file,description,date,author,platform,type,port 1796,platforms/php/webapps/1796.php,"PHP-Fusion 6.00.306 - 'srch_where' Parameter SQL Injection",2006-05-16,rgod,php,webapps,0 1797,platforms/php/webapps/1797.php,"DeluxeBB 1.06 - 'Attachment mod_mime' Remote Exploit",2006-05-16,rgod,php,webapps,0 1798,platforms/php/webapps/1798.txt,"Quezza BB 1.0 - (quezza_root_path) File Inclusion",2006-05-17,nukedx,php,webapps,0 -1800,platforms/php/webapps/1800.txt,"ScozNews 1.2.1 - (mainpath) Remote File Inclusion",2006-05-17,Kacper,php,webapps,0 +1800,platforms/php/webapps/1800.txt,"ScozNews 1.2.1 - 'mainpath' Remote File Inclusion",2006-05-17,Kacper,php,webapps,0 1804,platforms/php/webapps/1804.txt,"phpBazar 2.1.0 - Remote File Inclusion / Authentication Bypass",2006-05-19,[Oo],php,webapps,0 1805,platforms/php/webapps/1805.pl,"phpListPro 2.0.1 - 'Language' Remote Code Execution",2006-05-19,[Oo],php,webapps,0 1807,platforms/asp/webapps/1807.txt,"Zix Forum 1.12 - 'layid' SQL Injection",2006-05-19,FarhadKey,asp,webapps,0 @@ -16449,7 +16449,7 @@ id,file,description,date,author,platform,type,port 1811,platforms/php/webapps/1811.php,"XOOPS 2.0.13.2 - xoopsOption[nocommon] Remote Exploit",2006-05-21,rgod,php,webapps,0 1812,platforms/php/webapps/1812.pl,"Fusion News 1.0 (fil_config) - Remote File Inclusion",2006-05-21,X0r_1,php,webapps,0 1814,platforms/php/webapps/1814.txt,"UBB Threads 6.4.x < 6.5.2 - (thispath) Remote File Inclusion",2006-05-22,V4mu,php,webapps,0 -1816,platforms/php/webapps/1816.php,"Nucleus CMS 3.22 - (DIR_LIBS) Arbitrary Remote File Inclusion",2006-05-23,rgod,php,webapps,0 +1816,platforms/php/webapps/1816.php,"Nucleus CMS 3.22 - (DIR_LIBS) Remote File Inclusion",2006-05-23,rgod,php,webapps,0 1817,platforms/php/webapps/1817.txt,"Docebo 3.0.3 - Multiple Remote File Inclusion",2006-05-23,Kacper,php,webapps,0 1818,platforms/php/webapps/1818.txt,"phpCommunityCalendar 4.0.3 - Multiple (Cross-Site Scripting / SQL Injection) Vulnerabilities",2006-05-23,X0r_1,php,webapps,0 1821,platforms/php/webapps/1821.php,"Drupal 4.7 - (attachment mod_mime) Remote Exploit",2006-05-24,rgod,php,webapps,0 @@ -16488,11 +16488,11 @@ id,file,description,date,author,platform,type,port 1860,platforms/php/webapps/1860.txt,"Bytehoard 2.1 - 'server.php' Remote File Inclusion",2006-06-01,beford,php,webapps,0 1861,platforms/php/webapps/1861.txt,"Redaxo 3.2 - 'INCLUDE_PATH' Remote File Inclusion",2006-06-02,beford,php,webapps,0 1863,platforms/php/webapps/1863.txt,"Igloo 0.1.9 - 'Wiki.php' Remote File Inclusion",2006-06-02,Kacper,php,webapps,0 -1864,platforms/php/webapps/1864.txt,"ashNews 0.83 - (pathtoashnews) Remote File Inclusion",2006-06-02,Kacper,php,webapps,0 +1864,platforms/php/webapps/1864.txt,"ashNews 0.83 - 'pathtoashnews' Remote File Inclusion",2006-06-02,Kacper,php,webapps,0 1865,platforms/php/webapps/1865.txt,"Informium 0.12.0 - 'common-menu.php' Remote File Inclusion",2006-06-02,Kacper,php,webapps,0 1866,platforms/php/webapps/1866.txt,"PHP-Nuke 7.9 Final - 'phpbb_root_path' Remote File Inclusions",2006-06-02,ddoshomo,php,webapps,0 1868,platforms/php/webapps/1868.php,"PixelPost 1-5rc1-2 - Privilege Escalation",2006-06-03,rgod,php,webapps,0 -1869,platforms/php/webapps/1869.php,"DotClear 1.2.4 - 'prepend.php' Arbitrary Remote File Inclusion",2006-06-03,rgod,php,webapps,0 +1869,platforms/php/webapps/1869.php,"DotClear 1.2.4 - 'prepend.php' Remote File Inclusion",2006-06-03,rgod,php,webapps,0 1870,platforms/php/webapps/1870.txt,"BlueShoes Framework 4.6 - Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 1871,platforms/php/webapps/1871.txt,"WebspotBlogging 3.0.1 - (path) Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 1872,platforms/php/webapps/1872.txt,"CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 @@ -16515,7 +16515,7 @@ id,file,description,date,author,platform,type,port 1892,platforms/php/webapps/1892.pl,"Guestex Guestbook 1.00 - (email) Remote Code Execution",2006-06-08,K-sPecial,php,webapps,0 1893,platforms/asp/webapps/1893.txt,"MailEnable Enterprise 2.0 - (ASP) Multiple Vulnerabilities",2006-06-09,"Soroush Dalili",asp,webapps,0 1895,platforms/php/webapps/1895.txt,"empris r20020923 - (phormationdir) Remote File Inclusion",2006-06-10,Kacper,php,webapps,0 -1896,platforms/php/webapps/1896.txt,"aePartner 0.8.3 - (dir[data]) Remote File Inclusion",2006-06-10,Kacper,php,webapps,0 +1896,platforms/php/webapps/1896.txt,"aePartner 0.8.3 - 'dir[data]' Remote File Inclusion",2006-06-10,Kacper,php,webapps,0 1897,platforms/php/webapps/1897.txt,"phpOnDirectory 1.0 - Remote File Inclusion",2006-06-10,Kacper,php,webapps,0 1898,platforms/php/webapps/1898.txt,"WebprojectDB 0.1.3 - (INCDIR) Remote File Inclusion",2006-06-11,Kacper,php,webapps,0 1899,platforms/php/webapps/1899.txt,"free QBoard 1.1 - (qb_path) Remote File Inclusion",2006-06-11,Kacper,php,webapps,0 @@ -16732,7 +16732,7 @@ id,file,description,date,author,platform,type,port 2218,platforms/php/webapps/2218.txt,"Interact 2.2 - 'CONFIG[base_path]' Remote File Inclusion",2006-08-19,Kacper,php,webapps,0 2219,platforms/php/webapps/2219.php,"Joomla! Component Poll 1.0.10 - Arbitrary Add Votes Exploit",2006-08-19,trueend5,php,webapps,0 2220,platforms/php/webapps/2220.txt,"Tutti Nova 1.6 - (TNLIB_DIR) Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 -2221,platforms/php/webapps/2221.txt,"Fantastic News 2.1.3 - (script_path) Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 +2221,platforms/php/webapps/2221.txt,"Fantastic News 2.1.3 - 'script_path' Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 2222,platforms/php/webapps/2222.txt,"Mambo Component com_lurm_constructor 0.6b - Remote File Inclusion",2006-08-19,mdx,php,webapps,0 2224,platforms/php/webapps/2224.txt,"ZZ:FlashChat 3.1 - 'adminlog' Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 2225,platforms/php/webapps/2225.txt,"Mambo Component bigAPE-Backup 1.1 - File Inclusion",2006-08-19,mdx,php,webapps,0 @@ -16794,14 +16794,14 @@ id,file,description,date,author,platform,type,port 2300,platforms/php/webapps/2300.pl,"SoftBB 0.1 - (cmd) Remote Command Execution",2006-09-04,DarkFig,php,webapps,0 2301,platforms/php/webapps/2301.txt,"MySpeach 3.0.2 - (my_ms[root]) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 2304,platforms/php/webapps/2304.txt,"GrapAgenda 0.1 - (page) Remote File Inclusion",2006-09-05,"Kurdish Security",php,webapps,0 -2305,platforms/php/webapps/2305.txt,"AnnonceV News Script 1.1 - (page) Remote File Inclusion",2006-09-05,"Kurdish Security",php,webapps,0 +2305,platforms/php/webapps/2305.txt,"AnnonceV News Script 1.1 - 'page' Remote File Inclusion",2006-09-05,"Kurdish Security",php,webapps,0 2306,platforms/asp/webapps/2306.txt,"Zix Forum 1.12 - 'RepId' SQL Injection (1)",2006-09-05,"Chironex Fleckeri",asp,webapps,0 2307,platforms/php/webapps/2307.txt,"ACGV News 0.9.1 - 'article.php' Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 -2308,platforms/php/webapps/2308.txt,"C-News 1.0.1 - (path) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 -2309,platforms/php/webapps/2309.txt,"Sponge News 2.2 - (sndir) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 +2308,platforms/php/webapps/2308.txt,"C-News 1.0.1 - 'path' Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 +2309,platforms/php/webapps/2309.txt,"Sponge News 2.2 - 'sndir' Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 2310,platforms/php/webapps/2310.php,"PhpCommander 3.0 - (upload) Remote Code Execution",2006-09-05,Kacper,php,webapps,0 2311,platforms/php/webapps/2311.txt,"phpBB Shadow Premod 2.7.1 - Remote File Inclusion",2006-09-06,Kw3[R]Ln,php,webapps,0 -2312,platforms/php/webapps/2312.txt,"BinGo News 3.01 - (bnrep) Remote File Inclusion",2006-09-06,SHiKaA,php,webapps,0 +2312,platforms/php/webapps/2312.txt,"BinGo News 3.01 - 'bnrep' Remote File Inclusion",2006-09-06,SHiKaA,php,webapps,0 2313,platforms/php/webapps/2313.txt,"phpFullAnnu 5.1 - (repmod) Remote File Inclusion",2006-09-06,SHiKaA,php,webapps,0 2314,platforms/php/webapps/2314.txt,"Beautifier 0.1 - 'Core.php' Remote File Inclusion",2006-09-06,"the master",php,webapps,0 2315,platforms/php/webapps/2315.txt,"Akarru 0.4.3.34 - (bm_content) Remote File Inclusion",2006-09-06,ddoshomo,php,webapps,0 @@ -17252,7 +17252,7 @@ id,file,description,date,author,platform,type,port 2894,platforms/php/webapps/2894.txt,"Phorum 3.2.11 - 'common.php' Remote File Inclusion",2006-12-06,Mr-m07,php,webapps,0 2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b - (link) Remote File Inclusion",2006-12-07,3l3ctric-Cracker,php,webapps,0 2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) 1.2.1015 - File Inclusion",2006-12-08,3l3ctric-Cracker,php,webapps,0 -2897,platforms/php/webapps/2897.txt,"CM68 News 12.02.06 - (addpth) Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 +2897,platforms/php/webapps/2897.txt,"CM68 News 12.02.06 - 'addpth' Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 - 'render.php' Remote File Inclusion",2006-12-08,r0ut3r,php,webapps,0 2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Login Bypass (SQL Injection)",2006-12-08,koray,php,webapps,0 2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 - 'downloaddetails.php' Local File Disclosure",2006-12-09,r0ut3r,php,webapps,0 @@ -17519,7 +17519,7 @@ id,file,description,date,author,platform,type,port 3313,platforms/php/webapps/3313.pl,"Drupal < 4.7.6 - (Post Comments) Remote Command Execution",2007-02-15,str0ke,php,webapps,0 3314,platforms/php/webapps/3314.txt,"ZebraFeeds 1.0 - 'zf_path' Remote File Inclusion",2007-02-15,"ThE dE@Th",php,webapps,0 3315,platforms/php/webapps/3315.txt,"nabopoll 1.2 - 'survey.inc.php path' Remote File Inclusion",2007-02-15,Cr@zy_King,php,webapps,0 -3317,platforms/asp/webapps/3317.txt,"CodeAvalanche News 1.x - (CAT_ID) SQL Injection",2007-02-15,beks,asp,webapps,0 +3317,platforms/asp/webapps/3317.txt,"CodeAvalanche News 1.x - 'CAT_ID' SQL Injection",2007-02-15,beks,asp,webapps,0 3318,platforms/asp/webapps/3318.txt,"Aktueldownload Haber scripti - 'id' SQL Injection",2007-02-15,"Mehmet Ince",asp,webapps,0 3321,platforms/asp/webapps/3321.txt,"Snitz Forums 2000 3.1 SR4 - 'pop_profile.asp' SQL Injection",2007-02-16,"Mehmet Ince",asp,webapps,0 3322,platforms/php/webapps/3322.htm,"VS-News-System 1.2.1 - (newsordner) Remote File Inclusion",2007-02-16,ajann,php,webapps,0 @@ -17646,7 +17646,7 @@ id,file,description,date,author,platform,type,port 3538,platforms/php/webapps/3538.txt,"PHP-revista 1.1.2 - Multiple SQL Injections",2007-03-21,"Cold Zero",php,webapps,0 3539,platforms/php/webapps/3539.txt,"Mambo Component nfnaddressbook 0.4 - Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 3542,platforms/php/webapps/3542.txt,"ClassWeb 2.0.3 - (BASE) Remote File Inclusion",2007-03-22,GoLd_M,php,webapps,0 -3543,platforms/php/webapps/3543.pl,"PortailPhp 2.0 - (idnews) SQL Injection",2007-03-22,"Mehmet Ince",php,webapps,0 +3543,platforms/php/webapps/3543.pl,"PortailPhp 2.0 - 'idnews' SQL Injection",2007-03-22,"Mehmet Ince",php,webapps,0 3545,platforms/php/webapps/3545.txt,"Lms 1.8.9 - Vala Remote File Inclusion",2007-03-22,Kacper,php,webapps,0 3546,platforms/asp/webapps/3546.txt,"AspWebCalendar 4.5 - 'eventid' Parameter SQL Injection",2007-03-22,parad0x,asp,webapps,0 3548,platforms/php/webapps/3548.pl,"RoseOnlineCMS 3 beta2 - (op) Local File Inclusion",2007-03-23,GoLd_M,php,webapps,0 @@ -17736,7 +17736,7 @@ id,file,description,date,author,platform,type,port 3683,platforms/php/webapps/3683.pl,"PHP-Nuke Module eBoard 1.0.7 - GLOBALS[name] Local File Inclusion",2007-04-08,bd0rk,php,webapps,0 3685,platforms/php/webapps/3685.txt,"MyBlog: PHP and MySQL Blog/CMS software - Remote File Inclusion",2007-04-08,the_Edit0r,php,webapps,0 3686,platforms/php/webapps/3686.txt,"WitShare 0.9 - 'index.php menu' Local File Inclusion",2007-04-08,the_Edit0r,php,webapps,0 -3687,platforms/php/webapps/3687.txt,"ScarNews 1.2.1 - (sn_admin_dir) Local File Inclusion",2007-04-08,BeyazKurt,php,webapps,0 +3687,platforms/php/webapps/3687.txt,"ScarNews 1.2.1 - 'sn_admin_dir' Local File Inclusion",2007-04-08,BeyazKurt,php,webapps,0 3689,platforms/php/webapps/3689.txt,"PcP-Guestbook 3.0 - 'lang' Local File Inclusion",2007-04-08,Dj7xpl,php,webapps,0 3691,platforms/php/webapps/3691.txt,"Battle.net Clan Script for PHP 1.5.1 - SQL Injection",2007-04-09,"h a c k e r _ X",php,webapps,0 3694,platforms/php/webapps/3694.txt,"PHP121 Instant Messenger 2.2 - Local File Inclusion",2007-04-09,Dj7xpl,php,webapps,0 @@ -17990,7 +17990,7 @@ id,file,description,date,author,platform,type,port 4104,platforms/php/webapps/4104.txt,"6ALBlog - 'newsid' SQL Injection",2007-06-25,Crackers_Child,php,webapps,0 4105,platforms/php/webapps/4105.txt,"SiteDepth CMS 3.44 - 'ShowImage.php name' File Disclosure",2007-06-25,"H4 / XPK",php,webapps,0 4106,platforms/php/webapps/4106.php,"DreamLog 0.5 - 'upload.php' Arbitrary File Upload",2007-06-25,Dj7xpl,php,webapps,0 -4107,platforms/php/webapps/4107.txt,"Pagetool 1.07 - (news_id) SQL Injection",2007-06-25,Katatafish,php,webapps,0 +4107,platforms/php/webapps/4107.txt,"Pagetool 1.07 - 'news_id' SQL Injection",2007-06-25,Katatafish,php,webapps,0 4108,platforms/php/webapps/4108.txt,"eDocStore - 'doc.php doc_id' SQL Injection",2007-06-25,t0pP8uZz,php,webapps,0 4111,platforms/php/webapps/4111.txt,"PHPSiteBackup 0.1 - 'pcltar.lib.php' Remote File Inclusion",2007-06-26,GoLd_M,php,webapps,0 4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1 < 2.2 - 'index.php3' Remote File Inclusion",2007-06-26,g00ns,php,webapps,0 @@ -18106,7 +18106,7 @@ id,file,description,date,author,platform,type,port 4326,platforms/php/webapps/4326.txt,"Arcadem 2.01 - SQL Injection / Remote File Inclusion",2007-08-27,SmOk3,php,webapps,0 4327,platforms/php/webapps/4327.txt,"WBB2-Addon: Acrotxt 1.0 - (show) SQL Injection",2007-08-27,D4m14n,php,webapps,0 4329,platforms/php/webapps/4329.txt,"Micro CMS 3.5 - 'revert-content.php' SQL Injection",2007-08-28,"not sec group",php,webapps,0 -4330,platforms/php/webapps/4330.txt,"ACG News 1.0 - (aid/catid) SQL Injection",2007-08-28,SmOk3,php,webapps,0 +4330,platforms/php/webapps/4330.txt,"ACG News 1.0 - 'aid'/'catid' SQL Injection",2007-08-28,SmOk3,php,webapps,0 4331,platforms/php/webapps/4331.pl,"DL PayCart 1.01 - 'viewitem.php ItemID' Blind SQL Injection",2007-08-28,irvian,php,webapps,0 4332,platforms/php/webapps/4332.txt,"VWar 1.5.0 R15 - 'mvcw.php' Remote File Inclusion",2007-08-28,DNX,php,webapps,0 4333,platforms/php/webapps/4333.txt,"PHPNuke-Clan 4.2.0 - 'mvcw_conver.php' Remote File Inclusion",2007-08-28,DNX,php,webapps,0 @@ -18394,7 +18394,7 @@ id,file,description,date,author,platform,type,port 4755,platforms/php/webapps/4755.txt,"PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) Remote File Inclusion",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 4758,platforms/php/webapps/4758.txt,"xeCMS 1.x - 'view.php' Remote File Disclosure",2007-12-19,p4imi0,php,webapps,0 4762,platforms/php/webapps/4762.txt,"nicLOR CMS - 'sezione_news.php' SQL Injection",2007-12-21,x0kster,php,webapps,0 -4763,platforms/php/webapps/4763.txt,"NmnNewsletter 1.0.7 - (output) Remote File Inclusion",2007-12-21,CraCkEr,php,webapps,0 +4763,platforms/php/webapps/4763.txt,"NmnNewsletter 1.0.7 - 'output' Remote File Inclusion",2007-12-21,CraCkEr,php,webapps,0 4764,platforms/php/webapps/4764.txt,"Arcadem LE 2.04 - (loadadminpage) Remote File Inclusion",2007-12-21,KnocKout,php,webapps,0 4765,platforms/php/webapps/4765.txt,"1024 CMS 1.3.1 - Local File Inclusion / SQL Injection",2007-12-21,irk4z,php,webapps,0 4766,platforms/php/webapps/4766.txt,"mBlog 1.2 - (page) Remote File Disclosure",2007-12-21,irk4z,php,webapps,0 @@ -18449,7 +18449,7 @@ id,file,description,date,author,platform,type,port 4824,platforms/asp/webapps/4824.py,"oneSCHOOL - admin/login.asp SQL Injection",2007-12-31,Guga360,asp,webapps,0 4826,platforms/php/webapps/4826.pl,"WebPortal CMS 0.6.0 - 'index.php' SQL Injection",2007-12-31,x0kster,php,webapps,0 4827,platforms/php/webapps/4827.txt,"Joomla! Component PU Arcade 2.1.3 - SQL Injection",2007-12-31,Houssamix,php,webapps,0 -4828,platforms/php/webapps/4828.txt,"AGENCY4NET WEBFTP 1 - download2.php File Disclosure",2008-01-01,GoLd_M,php,webapps,0 +4828,platforms/php/webapps/4828.txt,"AGENCY4NET WEBFTP 1 - 'download2.php' File Disclosure",2008-01-01,GoLd_M,php,webapps,0 4830,platforms/php/webapps/4830.txt,"ClipShare - 'UID' Parameter SQL Injection",2008-01-02,Krit,php,webapps,0 4831,platforms/php/webapps/4831.txt,"MyPHP Forum 3.0 - (Final) SQL Injection",2008-01-03,The:Paradox,php,webapps,0 4832,platforms/php/webapps/4832.php,"Site@School 2.4.10 - Blind SQL Injection",2008-01-03,EgiX,php,webapps,0 @@ -19690,7 +19690,7 @@ id,file,description,date,author,platform,type,port 6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite - SQL Injection",2008-09-14,~!Dok_tOR!~,php,webapps,0 6461,platforms/php/webapps/6461.txt,"cPanel 11.x - 'Fantastico' Local File Inclusion (sec Bypass)",2008-09-14,joker_1,php,webapps,0 6462,platforms/php/webapps/6462.pl,"CzarNews 1.20 - 'cookie' SQL Injection",2008-09-15,StAkeR,php,webapps,0 -6464,platforms/php/webapps/6464.txt,"CzarNews 1.20 - (Account Hijacking) SQL Injection",2008-09-15,0ut0fbound,php,webapps,0 +6464,platforms/php/webapps/6464.txt,"CzarNews 1.20 - Account Hijacking SQL Injection",2008-09-15,0ut0fbound,php,webapps,0 6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings - 'search.php' SQL Injection",2008-09-15,JosS,php,webapps,0 6466,platforms/php/webapps/6466.txt,"Link Bid Script 1.5 - Multiple SQL Injections",2008-09-15,SirGod,php,webapps,0 6467,platforms/php/webapps/6467.txt,"iScripts EasyIndex - 'produid' Parameter SQL Injection",2008-09-16,SirGod,php,webapps,0 @@ -20524,7 +20524,7 @@ id,file,description,date,author,platform,type,port 7506,platforms/php/webapps/7506.txt,"TinyMCE 2.0.1 - 'menuID' Parameter SQL Injection",2008-12-17,AnGeL25dZ,php,webapps,0 7507,platforms/php/webapps/7507.pl,"Lizardware CMS 0.6.0 - Blind SQL Injection",2008-12-17,StAkeR,php,webapps,0 7508,platforms/asp/webapps/7508.txt,"QuickerSite Easy CMS - Database Disclosure",2008-12-17,AlpHaNiX,asp,webapps,0 -7509,platforms/php/webapps/7509.txt,"Mini File Host 1.x - Arbitrary .PHP File Upload",2008-12-18,Pouya_Server,php,webapps,0 +7509,platforms/php/webapps/7509.txt,"Mini File Host 1.x - Arbitrary '.PHP' File Upload",2008-12-18,Pouya_Server,php,webapps,0 7510,platforms/php/webapps/7510.txt,"2532/Gigs 1.2.2 Stable - Multiple Vulnerabilities",2008-12-18,Osirys,php,webapps,0 7511,platforms/php/webapps/7511.txt,"2532/Gigs 1.2.2 Stable - Remote Login Bypass",2008-12-18,StAkeR,php,webapps,0 7512,platforms/php/webapps/7512.php,"2532/Gigs 1.2.2 Stable - Remote Command Execution",2008-12-18,StAkeR,php,webapps,0 @@ -20844,7 +20844,7 @@ id,file,description,date,author,platform,type,port 7993,platforms/php/webapps/7993.txt,"Kipper 2.01 - Cross-Site Scripting / Local File Inclusion / File Disclosure",2009-02-05,RoMaNcYxHaCkEr,php,webapps,0 7996,platforms/php/webapps/7996.txt,"ClearBudget 0.6.1 - Insecure Database Download",2009-02-05,Room-Hacker,php,webapps,0 7997,platforms/php/webapps/7997.htm,"txtBB 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit",2009-02-05,cOndemned,php,webapps,0 -7998,platforms/php/webapps/7998.txt,"WikkiTikkiTavi 1.11 - Remote Arbitrary.PHP File Upload",2009-02-06,ByALBAYX,php,webapps,0 +7998,platforms/php/webapps/7998.txt,"WikkiTikkiTavi 1.11 - Arbitrary '.PHP' File Upload",2009-02-06,ByALBAYX,php,webapps,0 7999,platforms/php/webapps/7999.pl,"Simple PHP News 1.0 - Remote Command Execution",2009-02-06,Osirys,php,webapps,0 8000,platforms/php/webapps/8000.txt,"Zeroboard4 pl8 (07.12.17) - Multiple Vulnerabilities",2009-02-06,make0day,php,webapps,0 8001,platforms/php/webapps/8001.txt,"Mailist 3.0 - Insecure Backup / Local File Inclusion",2009-02-06,SirGod,php,webapps,0 @@ -20885,7 +20885,7 @@ id,file,description,date,author,platform,type,port 8045,platforms/php/webapps/8045.pl,"InselPhoto 1.1 - 'query' Parameter SQL Injection",2009-02-11,Osirys,php,webapps,0 8046,platforms/php/webapps/8046.txt,"PHP Krazy Image Host Script 1.01 - 'id' Parameter SQL Injection",2009-02-12,x0r,php,webapps,0 8047,platforms/php/webapps/8047.txt,"Free Joke Script 1.0 - Authentication Bypass / SQL Injection",2009-02-12,Muhacir,php,webapps,0 -8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary .ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation",2009-02-12,"Aria-Security Team",asp,webapps,0 +8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary '.ASP' File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation",2009-02-12,"Aria-Security Team",asp,webapps,0 8049,platforms/php/webapps/8049.txt,"ideacart 0.02 - Local File Inclusion / SQL Injection",2009-02-13,nuclear,php,webapps,0 8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - 'id' Parameter SQL Injection",2009-02-13,JIKO,php,webapps,0 8052,platforms/php/webapps/8052.pl,"ea-gBook 0.1 - Remote Command Execution / Remote File Inclusion (c99)",2009-02-13,bd0rk,php,webapps,0 @@ -21123,7 +21123,7 @@ id,file,description,date,author,platform,type,port 8501,platforms/php/webapps/8501.txt,"CRE Loaded 6.2 - (products_id) SQL Injection",2009-04-21,Player,php,webapps,0 8502,platforms/php/webapps/8502.txt,"pastelcms 0.8.0 - Local File Inclusion / SQL Injection",2009-04-21,SirGod,php,webapps,0 8503,platforms/php/webapps/8503.txt,"TotalCalendar 2.4 - 'Include' Local File Inclusion",2009-04-21,SirGod,php,webapps,0 -8504,platforms/php/webapps/8504.txt,"NotFTP 1.3.1 - (newlang) Local File Inclusion",2009-04-21,Kacper,php,webapps,0 +8504,platforms/php/webapps/8504.txt,"NotFTP 1.3.1 - 'newlang' Local File Inclusion",2009-04-21,Kacper,php,webapps,0 8505,platforms/php/webapps/8505.txt,"Quick.CMS.Lite 0.5 - 'id' SQL Injection",2009-04-21,Player,php,webapps,0 8506,platforms/php/webapps/8506.txt,"VS PANEL 7.3.6 - (Cat_ID) SQL Injection",2009-04-21,Player,php,webapps,0 8508,platforms/php/webapps/8508.txt,"I-Rater Pro/Plantinum 4.0 - Authentication Bypass",2009-04-21,Hakxer,php,webapps,0 @@ -21168,7 +21168,7 @@ id,file,description,date,author,platform,type,port 8593,platforms/php/webapps/8593.txt,"pecio CMS 1.1.5 - 'index.php language' Local File Inclusion",2009-05-01,SirGod,php,webapps,0 8596,platforms/asp/webapps/8596.pl,"Winn ASP Guestbook 1.01b - Remote Database Disclosure",2009-05-04,ZoRLu,asp,webapps,0 8599,platforms/php/webapps/8599.txt,"AGTC MyShop 3.2 - Insecure Cookie Handling",2009-05-04,Mr.tro0oqy,php,webapps,0 -8600,platforms/php/webapps/8600.txt,"BluSky CMS - (news_id) SQL Injection",2009-05-04,snakespc,php,webapps,0 +8600,platforms/php/webapps/8600.txt,"BluSky CMS - 'news_id' SQL Injection",2009-05-04,snakespc,php,webapps,0 8602,platforms/php/webapps/8602.txt,"Qt QuickTeam - Multiple Remote File Inclusion",2009-05-04,ahmadbady,php,webapps,0 8603,platforms/php/webapps/8603.php,"eLitius 1.0 - Remote Command Execution",2009-05-04,G4N0K,php,webapps,0 8604,platforms/php/webapps/8604.txt,"PHP Site Lock 2.0 - Insecure Cookie Handling",2009-05-04,"ThE g0bL!N",php,webapps,0 @@ -21471,7 +21471,7 @@ id,file,description,date,author,platform,type,port 9037,platforms/php/webapps/9037.txt,"Clicknet CMS 2.1 - (side) Arbitrary File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 9040,platforms/php/webapps/9040.txt,"Joomla! Component com_bookflip - (book_id) SQL Injection",2009-06-29,boom3rang,php,webapps,0 9041,platforms/php/webapps/9041.txt,"Audio Article Directory - (file) Remote File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 -9042,platforms/php/webapps/9042.pl,"NEWSolved 1.1.6 - (login grabber) Multiple SQL Injection",2009-06-29,jmp-esp,php,webapps,0 +9042,platforms/php/webapps/9042.pl,"NEWSolved 1.1.6 - 'login grabber' Multiple SQL Injection",2009-06-29,jmp-esp,php,webapps,0 9043,platforms/php/webapps/9043.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 9044,platforms/php/webapps/9044.txt,"dm FileManager 3.9.4 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 9048,platforms/php/webapps/9048.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Disclosure",2009-06-30,Stack,php,webapps,0 @@ -22387,7 +22387,7 @@ id,file,description,date,author,platform,type,port 10883,platforms/asp/webapps/10883.txt,"BlogWorx 1.0 Blog - Database Disclosure",2010-01-01,LionTurk,asp,webapps,0 10884,platforms/asp/webapps/10884.txt,"ArticleLive 1.7.1.2 (blogs.php?Id) - SQL Injection",2010-01-01,BAYBORA,asp,webapps,0 10885,platforms/php/webapps/10885.txt,"Cype CMS - SQL Injection",2010-01-01,Sora,php,webapps,0 -10889,platforms/php/webapps/10889.txt,"DS CMS 1.0 - (NewsId) SQL Injection",2010-01-01,Palyo34,php,webapps,0 +10889,platforms/php/webapps/10889.txt,"DS CMS 1.0 - 'NewsId' SQL Injection",2010-01-01,Palyo34,php,webapps,0 10891,platforms/php/webapps/10891.txt,"UCStats 1.1 - SQL Injection",2010-01-01,Sora,php,webapps,0 10897,platforms/php/webapps/10897.txt,"WD-CMS 3.0 - Multiple Vulnerabilities",2010-01-01,Sora,php,webapps,0 10899,platforms/php/webapps/10899.txt,"XlentCMS 1.0.4 - 'downloads.php?cat' SQL Injection",2010-01-01,Gamoscu,php,webapps,0 @@ -22442,7 +22442,7 @@ id,file,description,date,author,platform,type,port 11003,platforms/php/webapps/11003.txt,"LightOpenCMS 0.1 - 'smarty.php' Remote File Inclusion",2010-01-04,"Zer0 Thunder",php,webapps,0 11005,platforms/asp/webapps/11005.txt,"KMSoft Guestbook 1.0 - Database Disclosure",2010-01-04,LionTurk,asp,webapps,0 11008,platforms/asp/webapps/11008.txt,"YP Portal MS-Pro Surumu 1.0 - Database Download",2010-01-05,indoushka,asp,webapps,0 -11012,platforms/php/webapps/11012.txt,"ITaco Group ITaco.biz - (view_news) SQL Injection",2010-01-06,Err0R,php,webapps,0 +11012,platforms/php/webapps/11012.txt,"ITaco Group ITaco.biz - 'view_news' SQL Injection",2010-01-06,Err0R,php,webapps,0 11013,platforms/php/webapps/11013.txt,"PHPDirector Game Edition 0.1 - Local File Inclusion / SQL Injection / Cross-Site Scripting",2010-01-06,"Zer0 Thunder",php,webapps,0 11014,platforms/php/webapps/11014.txt,"Myuploader - Arbitrary File Upload",2010-01-06,S2K9,php,webapps,0 11015,platforms/asp/webapps/11015.txt,"Lebi soft Ziyaretci Defteri 7.5 - Database Download",2010-01-06,indoushka,asp,webapps,0 @@ -22607,7 +22607,7 @@ id,file,description,date,author,platform,type,port 11352,platforms/php/webapps/11352.txt,"Joomla! Component com_productbook - SQL Injection",2010-02-07,snakespc,php,webapps,0 11353,platforms/php/webapps/11353.txt,"Croogo 1.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-02-07,"Milos Zivanovic",php,webapps,0 11354,platforms/php/webapps/11354.txt,"Killmonster 2.1 - Authentication Bypass",2010-02-07,cr4wl3r,php,webapps,0 -11355,platforms/php/webapps/11355.txt,"EncapsCMS 0.3.6 - (config[path]) Remote File Inclusion",2010-02-07,cr4wl3r,php,webapps,0 +11355,platforms/php/webapps/11355.txt,"EncapsCMS 0.3.6 - 'config[path]' Remote File Inclusion",2010-02-07,cr4wl3r,php,webapps,0 11356,platforms/php/webapps/11356.txt,"Rostermain 1.1 - Authentication Bypass",2010-02-07,cr4wl3r,php,webapps,0 11357,platforms/php/webapps/11357.txt,"Uiga Business Portal - SQL Injection / Cross-Site Scripting",2010-02-07,"Sioma Labs",php,webapps,0 11358,platforms/php/webapps/11358.txt,"TinyMCE WYSIWYG Editor - Multiple Vulnerabilities",2010-02-07,mc2_s3lector,php,webapps,0 @@ -22687,8 +22687,8 @@ id,file,description,date,author,platform,type,port 11484,platforms/php/webapps/11484.txt,"uGround 1.0b - SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 11485,platforms/php/webapps/11485.txt,"Multiple File Attachments Mail Form Pro 2.0 - Arbitrary File Upload",2010-02-17,EgoPL,php,webapps,0 11486,platforms/php/webapps/11486.txt,"PHPIDS 0.4 - Remote File Inclusion",2010-02-17,eidelweiss,php,webapps,0 -11487,platforms/php/webapps/11487.txt,"Auktionshaus 4 - news.php SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 -11488,platforms/php/webapps/11488.txt,"Auktionshaus Gelb 3 - news.php SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 +11487,platforms/php/webapps/11487.txt,"Auktionshaus 4 - 'news.php' SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 +11488,platforms/php/webapps/11488.txt,"Auktionshaus Gelb 3 - 'news.php' SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 11489,platforms/php/webapps/11489.txt,"Erotik Auktionshaus - news.php SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 11490,platforms/php/webapps/11490.txt,"PunBBAnnuaire 0.4 - Blind SQL Injection",2010-02-17,Metropolis,php,webapps,0 11494,platforms/php/webapps/11494.txt,"Joomla! Component com_otzivi - Local File Inclusion",2010-02-18,AtT4CKxT3rR0r1ST,php,webapps,0 @@ -22705,7 +22705,7 @@ id,file,description,date,author,platform,type,port 11515,platforms/php/webapps/11515.txt,"FlatFile Login System - Remote Password Disclosure",2010-02-20,ViRuSMaN,php,webapps,0 11516,platforms/php/webapps/11516.html,"TimeClock 0.99 - Cross-Site Request Forgery (Add Admin)",2010-02-20,ViRuSMaN,php,webapps,0 11517,platforms/php/webapps/11517.txt,"Netzbrett - Database Disclosure",2010-02-20,ViRuSMaN,php,webapps,0 -11518,platforms/php/webapps/11518.txt,"Softbiz Jobs - (news_desc) SQL Injection",2010-02-22,BAYBORA,php,webapps,0 +11518,platforms/php/webapps/11518.txt,"Softbiz Jobs - 'news_desc' SQL Injection",2010-02-22,BAYBORA,php,webapps,0 11519,platforms/php/webapps/11519.txt,"Ac4p.com Gallery 1.0 - Multiple Vulnerabilities",2010-02-22,indoushka,php,webapps,0 11521,platforms/php/webapps/11521.txt,"Ero Auktion 2.0 - 'news.php' SQL Injection",2010-02-22,"Easy Laster",php,webapps,0 11522,platforms/php/webapps/11522.txt,"Ero Auktion 2010 - 'news.php' SQL Injection",2010-02-22,"Easy Laster",php,webapps,0 @@ -22779,7 +22779,7 @@ id,file,description,date,author,platform,type,port 11634,platforms/hardware/webapps/11634.pl,"Sagem Routers - Remote Authentication Bypass",2010-03-04,AlpHaNiX,hardware,webapps,0 11635,platforms/php/webapps/11635.pl,"OneCMS 2.5 - SQL Injection",2010-03-05,"Ctacok and .:[melkiy]:",php,webapps,0 11636,platforms/php/webapps/11636.php,"Kolang - proc_open PHP safe mode Bypass 4.3.10 - 5.3.0 Exploit",2010-03-05,"Hamid Ebadi",php,webapps,0 -11637,platforms/php/webapps/11637.txt,"Auktionshaus 3.0.0.1 - news.php 'id' SQL Injection",2010-03-05,"Easy Laster",php,webapps,0 +11637,platforms/php/webapps/11637.txt,"Auktionshaus 3.0.0.1 - 'news.php' 'id' SQL Injection",2010-03-05,"Easy Laster",php,webapps,0 11638,platforms/php/webapps/11638.txt,"E-topbiz Link ADS 1 PHP script - (linkid) Blind SQL Injection",2010-03-05,JosS,php,webapps,0 11641,platforms/php/webapps/11641.txt,"PHPCOIN 1.2.1 - 'mod.php' Local File Inclusion",2010-03-06,_mlk_,php,webapps,0 11643,platforms/php/webapps/11643.txt,"dev4u CMS - (Personenseiten) go_target.php SQL Injection",2010-03-06,"Easy Laster",php,webapps,0 @@ -22905,7 +22905,7 @@ id,file,description,date,author,platform,type,port 11836,platforms/php/webapps/11836.txt,"CMS Openpage - 'index.php' SQL Injection",2010-03-22,Phenom,php,webapps,0 14128,platforms/php/webapps/14128.txt,"Joomla! Component com_wmtpic 1.0 - SQL Injection",2010-06-30,RoAd_KiLlEr,php,webapps,0 11837,platforms/php/webapps/11837.txt,"Uiga Fan Club - SQL Injection",2010-03-22,"Sioma Labs",php,webapps,0 -11840,platforms/php/webapps/11840.txt,"PowieSys 0.7.7 alpha - 'index.php' (shownews) SQL Injection",2010-03-22,"Easy Laster",php,webapps,0 +11840,platforms/php/webapps/11840.txt,"PowieSys 0.7.7 alpha - 'index.php' shownews SQL Injection",2010-03-22,"Easy Laster",php,webapps,0 11841,platforms/php/webapps/11841.txt,"New Advisore Stack 1.1 - Directory Traversal",2010-03-22,R3VAN_BASTARD,php,webapps,0 11844,platforms/php/webapps/11844.txt,"Joomla! Component com_flash - SQL Injection",2010-03-22,"DevilZ TM",php,webapps,0 11845,platforms/php/webapps/11845.txt,"Joomla! Component com_jwmmxtd - Remote File Inclusion",2010-03-23,eidelweiss,php,webapps,0 @@ -24057,7 +24057,7 @@ id,file,description,date,author,platform,type,port 14640,platforms/php/webapps/14640.txt,"ACollab - Multiple Vulnerabilities",2010-08-14,AmnPardaz,php,webapps,0 14643,platforms/php/webapps/14643.txt,"sFileManager 24a - Local File Inclusion",2010-08-14,Pepelux,php,webapps,0 14644,platforms/php/webapps/14644.html,"Saurus CMS Admin Panel - Multiple Cross-Site Request Forgery Vulnerabilities",2010-08-14,"Fady Mohammed Osman",php,webapps,0 -14645,platforms/php/webapps/14645.txt,"Sports Accelerator Suite 2.0 - (news_id) SQL Injection",2010-08-14,LiquidWorm,php,webapps,0 +14645,platforms/php/webapps/14645.txt,"Sports Accelerator Suite 2.0 - 'news_id' SQL Injection",2010-08-14,LiquidWorm,php,webapps,0 14647,platforms/php/webapps/14647.php,"PHP-Fusion - Local File Inclusion",2010-08-15,MoDaMeR,php,webapps,0 14648,platforms/php/webapps/14648.txt,"Guestbook Script PHP - Cross-Site Scripting / HTML Injection",2010-08-15,"AnTi SeCuRe",php,webapps,0 14650,platforms/php/webapps/14650.html,"Zomplog 3.9 - Cross-Site Scripting / Cross-Site Request Forgery",2010-08-15,10n1z3d,php,webapps,0 @@ -24841,7 +24841,7 @@ id,file,description,date,author,platform,type,port 17123,platforms/php/webapps/17123.txt,"Tutorialms 1.4 (show) - SQL Injection",2011-04-05,LiquidWorm,php,webapps,0 17098,platforms/php/webapps/17098.txt,"InTerra Blog Machine 1.84 - Cross-Site Scripting",2011-04-01,"High-Tech Bridge SA",php,webapps,0 17099,platforms/php/webapps/17099.txt,"Feng Office 1.7.3.3 - Cross-Site Request Forgery",2011-04-01,"High-Tech Bridge SA",php,webapps,0 -17100,platforms/php/webapps/17100.txt,"spidaNews 1.0 - news.php 'id' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 +17100,platforms/php/webapps/17100.txt,"spidaNews 1.0 - 'news.php' 'id' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 17101,platforms/php/webapps/17101.txt,"ilchClan 1.0.5 - 'regist.php' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 17102,platforms/php/webapps/17102.txt,"Anzeigenmarkt 2011 - 'index.php' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 17103,platforms/php/webapps/17103.txt,"Advanced Image Hosting 2.2 - 'index.php' SQL Injection",2011-04-03,keracker,php,webapps,0 @@ -25629,7 +25629,7 @@ id,file,description,date,author,platform,type,port 18912,platforms/php/webapps/18912.txt,"Vanilla FirstLastNames 1.3.2 Plugin - Persistent Cross-Site Scripting",2012-05-21,"Henry Hoggard",php,webapps,0 18913,platforms/php/webapps/18913.php,"Supernews 2.6.1 - SQL Injection",2012-05-21,WhiteCollarGroup,php,webapps,0 18908,platforms/php/webapps/18908.txt,"Vanilla Forums LatestComment 1.1 Plugin - Persistent Cross-Site Scripting",2012-05-18,"Henry Hoggard",php,webapps,0 -18922,platforms/php/webapps/18922.rb,"appRain CMF - Arbitrary .PHP File Upload (Metasploit)",2012-05-25,Metasploit,php,webapps,0 +18922,platforms/php/webapps/18922.rb,"appRain CMF - Arbitrary '.PHP' File Upload (Metasploit)",2012-05-25,Metasploit,php,webapps,0 18921,platforms/php/webapps/18921.txt,"Jaow 2.4.5 - Blind SQL Injection",2012-05-24,kallimero,php,webapps,0 18927,platforms/php/webapps/18927.txt,"SocialEngine 4.2.2 - Multiple Vulnerabilities",2012-05-25,i4k,php,webapps,0 18950,platforms/php/webapps/18950.txt,"NewsAdd 1.0 - Multiple SQL Injections",2012-05-30,WhiteCollarGroup,php,webapps,0 @@ -25676,7 +25676,7 @@ id,file,description,date,author,platform,type,port 19031,platforms/php/webapps/19031.txt,"Webspell dailyinput Movie Addon 4.2.x - SQL Injection",2012-06-10,"Easy Laster",php,webapps,0 19035,platforms/php/webapps/19035.txt,"freepost 0.1 r1 - Multiple Vulnerabilities",2012-06-10,"ThE g0bL!N",php,webapps,0 19036,platforms/php/webapps/19036.php,"WordPress Plugin Content Flow 3D 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0 -19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 - Arbitrary PHP File Upload (Metasploit)",2012-06-10,Metasploit,php,webapps,0 +19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 - Arbitrary '.PHP' File Upload (Metasploit)",2012-06-10,Metasploit,php,webapps,0 19050,platforms/php/webapps/19050.txt,"WordPress Plugin wp-gpx-map 1.1.21 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19051,platforms/php/webapps/19051.txt,"ClanSuite 2.9 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19052,platforms/php/webapps/19052.txt,"WordPress Plugin User Meta 1.1.1 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 @@ -25738,7 +25738,7 @@ id,file,description,date,author,platform,type,port 19597,platforms/php/webapps/19597.txt,"Guestbook Scripts PHP 1.5 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 19598,platforms/php/webapps/19598.txt,"Freeside SelfService CGI/API 2.3.3 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 19600,platforms/php/webapps/19600.txt,"CLscript CMS 3.0 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 -30094,platforms/php/webapps/30094.txt,"DGNews 2.1 - footer.php Cross-Site Scripting",2007-05-28,"Jesper Jurcenoks",php,webapps,0 +30094,platforms/php/webapps/30094.txt,"DGNews 2.1 - 'footer.php' Cross-Site Scripting",2007-05-28,"Jesper Jurcenoks",php,webapps,0 19626,platforms/php/webapps/19626.txt,"sflog! 1.00 - Multiple Vulnerabilities",2012-07-06,dun,php,webapps,0 19628,platforms/php/webapps/19628.txt,"Event Script PHP 1.1 CMS - Multiple Vulnerabilities",2012-07-06,Vulnerability-Lab,php,webapps,0 19629,platforms/php/webapps/19629.txt,"Webmatic 3.1.1 - Blind SQL Injection",2012-07-06,"High-Tech Bridge SA",php,webapps,0 @@ -25768,7 +25768,7 @@ id,file,description,date,author,platform,type,port 19927,platforms/php/webapps/19927.html,"Nwahy Articles 2.2 - Cross-Site Request Forgery (Add Admin)",2012-07-18,DaOne,php,webapps,0 19985,platforms/php/webapps/19985.txt,"iBoutique 4.0 - 'key' Parameter SQL Injection",2012-07-20,"SecPod Research",php,webapps,0 20011,platforms/windows/webapps/20011.js,"SolarWinds orion network performance monitor 10.2.2 - Multiple Vulnerabilities",2012-07-21,muts,windows,webapps,0 -20029,platforms/php/webapps/20029.rb,"EGallery - Arbitrary .PHP File Upload (Metasploit)",2012-07-23,Metasploit,php,webapps,0 +20029,platforms/php/webapps/20029.rb,"EGallery - Arbitrary '.PHP' File Upload (Metasploit)",2012-07-23,Metasploit,php,webapps,0 20033,platforms/php/webapps/20033.py,"Dell SonicWALL Scrutinizer 9.0.1 - 'statusFilter.php q Parameter' SQL Injection",2012-07-22,muts,php,webapps,0 20035,platforms/asp/webapps/20035.js,"ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting / Blind SQL Injection / Remote Code Execution",2012-07-22,muts,asp,webapps,0 20037,platforms/linux/webapps/20037.txt,"Atmail WebAdmin and Webmail Control Panel - SQL Root Password Disclosure",2012-07-23,Ciph3r,linux,webapps,0 @@ -25777,7 +25777,7 @@ id,file,description,date,author,platform,type,port 20055,platforms/php/webapps/20055.txt,"MySQL Squid Access Report 2.1.4 - HTML Injection",2012-07-23,"Daniel Godoy",php,webapps,0 20062,platforms/php/webapps/20062.py,"Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection",2012-07-23,muts,php,webapps,0 20063,platforms/windows/webapps/20063.txt,"SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection",2012-07-23,dookie,windows,webapps,0 -20083,platforms/php/webapps/20083.txt,"WordPress Plugin Front End Upload 0.5.4.4 - Arbitrary .PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0 +20083,platforms/php/webapps/20083.txt,"WordPress Plugin Front End Upload 0.5.4.4 - Arbitrary '.PHP' File Upload",2012-07-24,"Chris Kellum",php,webapps,0 20087,platforms/php/webapps/20087.py,"Zabbix 2.0.1 - Session Extractor",2012-07-24,muts,php,webapps,0 20111,platforms/php/webapps/20111.rb,"CuteFlow 2.11.2 - Arbitrary File Upload (Metasploit)",2012-07-27,Metasploit,php,webapps,0 20123,platforms/php/webapps/20123.py,"Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php groupid Parameter' Blind SQL Injection",2012-07-30,Kc57,php,webapps,0 @@ -25787,7 +25787,7 @@ id,file,description,date,author,platform,type,port 20170,platforms/php/webapps/20170.txt,"Joomla! Component 'com_movm' - SQL Injection",2012-08-01,D4NB4R,php,webapps,0 20171,platforms/php/webapps/20171.txt,"ManageEngine Application Manager 10 - Multiple Vulnerabilities",2012-08-01,Vulnerability-Lab,php,webapps,0 20172,platforms/php/webapps/20172.txt,"ManageEngine Mobile Application Manager 10 - SQL Injection",2012-08-01,Vulnerability-Lab,php,webapps,0 -20173,platforms/php/webapps/20173.rb,"WebPageTest - Arbitrary .PHP File Upload (Metasploit)",2012-08-02,Metasploit,php,webapps,0 +20173,platforms/php/webapps/20173.rb,"WebPageTest - Arbitrary '.PHP' File Upload (Metasploit)",2012-08-02,Metasploit,php,webapps,0 20197,platforms/php/webapps/20197.txt,"Joomla! Component 'com_joomgalaxy' 1.2.0.4 - Multiple Vulnerabilities",2012-08-02,D4NB4R,php,webapps,0 20198,platforms/php/webapps/20198.txt,"am4ss 1.2 - Multiple Vulnerabilities",2012-08-02,s3n4t00r,php,webapps,0 20199,platforms/php/webapps/20199.php,"am4ss Support System 1.2 - PHP Code Injection",2012-08-02,i-Hmx,php,webapps,0 @@ -25872,7 +25872,7 @@ id,file,description,date,author,platform,type,port 20671,platforms/php/webapps/20671.html,"PG Portal Pro - Cross-Site Request Forgery",2012-08-20,Noxious,php,webapps,0 20672,platforms/php/webapps/20672.py,"Hivemail Webmail - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-08-20,"Shai rod",php,webapps,0 20673,platforms/php/webapps/20673.txt,"YourArcadeScript 2.4 - 'index.php id Parameter' SQL Injection",2012-08-20,DaOne,php,webapps,0 -20713,platforms/php/webapps/20713.rb,"XODA 0.4.5 - Arbitrary .PHP File Upload (Metasploit)",2012-08-22,Metasploit,php,webapps,0 +20713,platforms/php/webapps/20713.rb,"XODA 0.4.5 - Arbitrary '.PHP' File Upload (Metasploit)",2012-08-22,Metasploit,php,webapps,0 20675,platforms/php/webapps/20675.py,"uebimiau webmail 2.7.2 - Persistent Cross-Site Scripting",2012-08-20,"Shai rod",php,webapps,0 20677,platforms/windows/webapps/20677.txt,"IOServer 1.0.18.0 - Directory Traversal",2012-08-20,hinge,windows,webapps,0 20707,platforms/linux/webapps/20707.py,"Symantec Web Gateway 5.0.3.18 - Arbitrary Password Change",2012-08-21,Kc57,linux,webapps,0 @@ -26028,7 +26028,7 @@ id,file,description,date,author,platform,type,port 21460,platforms/cgi/webapps/21460.pl,"CGIScript.net 1.0 - Information Disclosure",2002-05-17,"Steve Gustin",cgi,webapps,0 21461,platforms/php/webapps/21461.txt,"Phorum 3.3.2 - Cross-Site Scripting",2002-05-18,"markus arndt",php,webapps,0 21463,platforms/php/webapps/21463.txt,"mcNews 1.x - File Disclosure",2002-05-17,frog,php,webapps,0 -21464,platforms/asp/webapps/21464.txt,"Hosting Controller 1.x - Browse.asp File Disclosure",2002-05-19,"Bao Dai Nhan",asp,webapps,0 +21464,platforms/asp/webapps/21464.txt,"Hosting Controller 1.x - 'Browse.asp' File Disclosure",2002-05-19,"Bao Dai Nhan",asp,webapps,0 21473,platforms/cgi/webapps/21473.txt,"ViewCVS 0.9.2 - Cross-Site Scripting",2002-05-24,office,cgi,webapps,0 21474,platforms/php/webapps/21474.txt,"OpenBB 1.0.0 RC3 - BBCode Cross Agent HTML Injection",2002-05-24,frog,php,webapps,0 21478,platforms/php/webapps/21478.txt,"OpenBB 1.0 - Unauthorized Moderator Access",2002-05-24,frog,php,webapps,0 @@ -26122,7 +26122,7 @@ id,file,description,date,author,platform,type,port 21822,platforms/multiple/webapps/21822.txt,"Endpoint Protector 4.0.4.0 - Multiple Vulnerabilities",2012-10-09,Vulnerability-Lab,multiple,webapps,0 21825,platforms/php/webapps/21825.txt,"phpWebSite 0.8.2 - PHP File Inclusion",2002-09-23,"Tim Vandermeersch",php,webapps,0 21829,platforms/php/webapps/21829.txt,"XOOPS 1.0 RC3 - HTML Injection",2002-09-24,das@hush.com,php,webapps,0 -21835,platforms/php/webapps/21835.rb,"qdPM 7.0 - Arbitrary .PHP File Upload (Metasploit)",2012-10-10,Metasploit,php,webapps,0 +21835,platforms/php/webapps/21835.rb,"qdPM 7.0 - Arbitrary '.PHP' File Upload (Metasploit)",2012-10-10,Metasploit,php,webapps,0 21836,platforms/linux/webapps/21836.rb,"Auxilium RateMyPet - Arbitrary File Upload (Metasploit)",2012-10-10,Metasploit,linux,webapps,0 21855,platforms/php/webapps/21855.txt,"PHP-Nuke 6.0/6.5 - Search Form Cross-Site Scripting",2002-09-24,"Mark Grimes",php,webapps,0 21859,platforms/php/webapps/21859.txt,"PHP-Nuke 6.0 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 @@ -26173,7 +26173,7 @@ id,file,description,date,author,platform,type,port 21967,platforms/php/webapps/21967.txt,"Benjamin Lefevre Dobermann Forum 0.x - entete.php subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 21968,platforms/php/webapps/21968.txt,"Benjamin Lefevre Dobermann Forum 0.x - enteteacceuil.php subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 21969,platforms/php/webapps/21969.txt,"Benjamin Lefevre Dobermann Forum 0.x - 'index.php' subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 -21970,platforms/php/webapps/21970.txt,"Benjamin Lefevre Dobermann Forum 0.x - newtopic.php subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 +21970,platforms/php/webapps/21970.txt,"Benjamin Lefevre Dobermann Forum 0.x - 'newtopic.php' subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 21976,platforms/php/webapps/21976.txt,"Jason Orcutt Prometheus 3.0/4.0/6.0 - Remote File Inclusion",2002-11-01,"Karol Wiesek",php,webapps,0 21977,platforms/php/webapps/21977.txt,"PHP-Nuke 5.6 - modules.php SQL Injection",2002-11-01,kill9,php,webapps,0 21979,platforms/cgi/webapps/21979.txt,"ION Script 1.4 - Remote File Disclosure",2002-11-01,"Zero X",cgi,webapps,0 @@ -26238,7 +26238,7 @@ id,file,description,date,author,platform,type,port 22146,platforms/php/webapps/22146.txt,"YABB 1.4.1 SE - Reminder.php SQL Injection",2003-01-12,"VOID.AT Security",php,webapps,0 22148,platforms/php/webapps/22148.txt,"PHPPass 2 - AccessControl.php SQL Injection",2003-01-13,frog,php,webapps,0 22149,platforms/php/webapps/22149.txt,"W-Agora 4.1.6 - 'index.php' bn Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 -22150,platforms/php/webapps/22150.txt,"W-Agora 4.1.6 - modules.php file Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 +22150,platforms/php/webapps/22150.txt,"W-Agora 4.1.6 - 'modules.php' File Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 22151,platforms/php/webapps/22151.txt,"Movable Type Pro 5.13en - Persistent Cross-Site Scripting",2012-10-22,sqlhacker,php,webapps,0 22152,platforms/php/webapps/22152.txt,"Joomla! Component 'com_commedia' - 'task' Parameter SQL Injection",2012-10-22,D4NB4R,php,webapps,0 22153,platforms/php/webapps/22153.pl,"Joomla! Component 'com_kunena' - 'search' Parameter SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 @@ -26293,13 +26293,13 @@ id,file,description,date,author,platform,type,port 22268,platforms/php/webapps/22268.txt,"myPHPNuke 1.8.8 - 'links.php' Cross-Site Scripting",2003-02-20,"Tacettin Karadeniz",php,webapps,0 22277,platforms/php/webapps/22277.txt,"Nuked-klaN 1.3 - Remote Information Disclosure",2003-02-23,"gregory Le Bras",php,webapps,0 22281,platforms/php/webapps/22281.php,"Mambo Site Server 4.0.12 RC2 - Cookie Validation",2003-02-24,"Simen Bergo",php,webapps,0 -22282,platforms/php/webapps/22282.txt,"WihPhoto 0.86 - dev sendphoto.php File Disclosure",2003-02-24,frog,php,webapps,0 +22282,platforms/php/webapps/22282.txt,"WihPhoto 0.86 dev - 'sendphoto.php' File Disclosure",2003-02-24,frog,php,webapps,0 22283,platforms/php/webapps/22283.txt,"CuteNews 0.88 - 'shownews.php' Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 22284,platforms/php/webapps/22284.txt,"CuteNews 0.88 - 'search.php' Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 22285,platforms/php/webapps/22285.txt,"CuteNews 0.88 - 'comments.php' Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 22293,platforms/php/webapps/22293.txt,"E-theni - Remote File Inclusion Command Execution",2003-01-06,frog,php,webapps,0 22295,platforms/php/webapps/22295.txt,"Invision Board 1.1.1 - ipchat.php Remote File Inclusion",2003-02-27,frog,php,webapps,0 -22297,platforms/php/webapps/22297.pl,"Typo3 3.5 b5 - showpic.php File Enumeration",2003-02-28,"Martin Eiszner",php,webapps,0 +22297,platforms/php/webapps/22297.pl,"Typo3 3.5 b5 - 'showpic.php' File Enumeration",2003-02-28,"Martin Eiszner",php,webapps,0 22298,platforms/php/webapps/22298.txt,"Typo3 3.5 b5 - Translations.php Remote File Inclusion",2003-02-28,"Martin Eiszner",php,webapps,0 22300,platforms/php/webapps/22300.txt,"WordPress Plugin Easy Webinar - Blind SQL Injection",2012-10-28,"Robert Cooper",php,webapps,0 22315,platforms/php/webapps/22315.pl,"Typo3 3.5 b5 - HTML Hidden Form Field Information Disclosure Weakness (1)",2003-02-28,"Martin Eiszner",php,webapps,0 @@ -26343,7 +26343,7 @@ id,file,description,date,author,platform,type,port 22413,platforms/php/webapps/22413.txt,"PHP-Nuke 5.6/6.x News Module - article.php SQL Injection",2003-03-22,frog,php,webapps,0 22414,platforms/php/webapps/22414.php,"PHP-Nuke 5.6/6.x News Module - 'index.php' SQL Injection",2003-03-23,frog,php,webapps,0 22421,platforms/php/webapps/22421.txt,"Web Chat Manager 2.0 - HTML Code Injection",2003-03-25,Over_G,php,webapps,0 -22422,platforms/php/webapps/22422.txt,"PHP-Nuke 6.5 Addon - Viewpage.php File Disclosure",2003-03-25,"Zero-X www.lobnan.de Team",php,webapps,0 +22422,platforms/php/webapps/22422.txt,"PHP-Nuke 6.5 Addon - 'Viewpage.php' File Disclosure",2003-03-25,"Zero-X www.lobnan.de Team",php,webapps,0 22423,platforms/php/webapps/22423.txt,"PHP-Nuke 6.0/6.5 Forum Module - viewtopic.php SQL Injection",2003-03-25,frog,php,webapps,0 22424,platforms/php/webapps/22424.txt,"PHP-Nuke 6.0/6.5 Forum Module - viewforum.php SQL Injection",2003-03-25,frog,php,webapps,0 22427,platforms/php/webapps/22427.txt,"WordPress Plugin All Video Gallery 1.1 - SQL Injection",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 @@ -26497,7 +26497,7 @@ id,file,description,date,author,platform,type,port 22821,platforms/php/webapps/22821.txt,"XMB Forum 1.8 - buddy.php action Parameter Cross-Site Scripting",2003-06-23,"Knight Commander",php,webapps,0 22826,platforms/php/webapps/22826.txt,"VisNetic WebMail 5.8.6 .6 - Information Disclosure",2003-06-23,posidron,php,webapps,0 22828,platforms/php/webapps/22828.txt,"WeBid 1.0.5 - Cross-Site Scripting",2012-11-19,"Woody Hughes",php,webapps,0 -22841,platforms/php/webapps/22841.txt,"iXmail 0.2/0.3 - iXmail_NetAttach.php File Deletion",2003-06-26,leseulfrog,php,webapps,0 +22841,platforms/php/webapps/22841.txt,"iXmail 0.2/0.3 - 'iXmail_NetAttach.php' File Deletion",2003-06-26,leseulfrog,php,webapps,0 22842,platforms/php/webapps/22842.txt,"CutePHP CuteNews 1.3 - HTML Injection",2003-06-29,"Peter Winter-Smith",php,webapps,0 22843,platforms/cgi/webapps/22843.txt,"MegaBook 1.1/2.0/2.1 - Multiple HTML Injection Vulnerabilities",2003-06-29,"Morning Wood",cgi,webapps,0 22845,platforms/php/webapps/22845.txt,"PABox 1.6 - Password Reset",2003-06-30,silentscripter,php,webapps,0 @@ -26705,12 +26705,12 @@ id,file,description,date,author,platform,type,port 23445,platforms/php/webapps/23445.txt,"osCommerce 2.2 - osCsid Parameter Cross-Site Scripting",2003-12-17,JeiAr,php,webapps,0 23447,platforms/cgi/webapps/23447.txt,"SiteInteractive Subscribe Me - Setup.pl Arbitrary Command Execution",2003-12-18,"Paul Craig",cgi,webapps,0 23448,platforms/php/webapps/23448.php,"PHPWCMS 1.5.4.6 - 'preg_replace' Multiple Vulnerabilities",2012-12-17,aeon,php,webapps,0 -23453,platforms/php/webapps/23453.txt,"BES-CMS 0.4/0.5 - index.inc.php File Inclusion",2003-12-20,frog,php,webapps,0 -23454,platforms/php/webapps/23454.txt,"BES-CMS 0.4/0.5 - members/index.inc.php File Inclusion",2003-12-20,frog,php,webapps,0 -23455,platforms/php/webapps/23455.txt,"BES-CMS 0.4/0.5 - message.php File Inclusion",2003-12-20,frog,php,webapps,0 -23456,platforms/php/webapps/23456.txt,"BES-CMS 0.4/0.5 - start.php File Inclusion",2003-12-20,frog,php,webapps,0 -23457,platforms/php/webapps/23457.txt,"BES-CMS 0.4/0.5 - folder.php File Inclusion",2003-12-20,frog,php,webapps,0 -23458,platforms/php/webapps/23458.txt,"BES-CMS 0.4/0.5 - hacking.php File Inclusion",2003-12-20,frog,php,webapps,0 +23453,platforms/php/webapps/23453.txt,"BES-CMS 0.4/0.5 - 'index.inc.php' File Inclusion",2003-12-20,frog,php,webapps,0 +23454,platforms/php/webapps/23454.txt,"BES-CMS 0.4/0.5 - 'members/index.inc.php' File Inclusion",2003-12-20,frog,php,webapps,0 +23455,platforms/php/webapps/23455.txt,"BES-CMS 0.4/0.5 - 'message.php' File Inclusion",2003-12-20,frog,php,webapps,0 +23456,platforms/php/webapps/23456.txt,"BES-CMS 0.4/0.5 - 'start.php' File Inclusion",2003-12-20,frog,php,webapps,0 +23457,platforms/php/webapps/23457.txt,"BES-CMS 0.4/0.5 - 'folder.php' File Inclusion",2003-12-20,frog,php,webapps,0 +23458,platforms/php/webapps/23458.txt,"BES-CMS 0.4/0.5 - 'hacking.php' File Inclusion",2003-12-20,frog,php,webapps,0 23459,platforms/php/webapps/23459.txt,"Xoops 2.0.5.1 - MyLinks Myheader.php Cross-Site Scripting",2003-12-21,"Chintan Trivedi",php,webapps,0 23462,platforms/php/webapps/23462.txt,"osCommerce 2.2 - products_id URI Parameter SQL Injection",2003-12-22,JeiAr,php,webapps,0 23463,platforms/php/webapps/23463.txt,"osCommerce 2.2 - manufacturers_id Parameter Cross-Site Scripting",2003-12-22,JeiAr,php,webapps,0 @@ -26735,12 +26735,12 @@ id,file,description,date,author,platform,type,port 23498,platforms/hardware/webapps/23498.txt,"SonicWALL SonicOS 5.8.1.8 WAF - Cross-Site Scripting",2012-12-19,Vulnerability-Lab,hardware,webapps,0 23499,platforms/hardware/webapps/23499.txt,"Enterpriser16 Load Balancer 7.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-12-19,Vulnerability-Lab,hardware,webapps,0 23628,platforms/php/webapps/23628.txt,"JBrowser 1.0/2.x - Unauthorized Admin Access",2004-01-30,"Himeur Nourredine",php,webapps,0 -23507,platforms/php/webapps/23507.txt,"EasyDynamicPages 1.0 - config_page.php Remote PHP File Inclusion",2004-01-02,tsbeginnervn,php,webapps,0 +23507,platforms/php/webapps/23507.txt,"EasyDynamicPages 1.0 - 'config_page.php' Remote PHP File Inclusion",2004-01-02,tsbeginnervn,php,webapps,0 23513,platforms/php/webapps/23513.txt,"Athena Web Registration - Remote Command Execution",2004-01-02,"Peter Kieser",php,webapps,0 23515,platforms/asp/webapps/23515.txt,"ASPApp PortalApp - Remote User Database Access",2004-01-04,newbie6290,asp,webapps,0 23516,platforms/asp/webapps/23516.txt,"ASP-Nuke 1.0/1.2/1.3 - Remote User Database Access",2004-01-04,"Vietnamese Security Group",asp,webapps,0 -23517,platforms/php/webapps/23517.txt,"HotNews 0.x - hotnews-engine.inc.php3 config[header] Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 -23518,platforms/php/webapps/23518.txt,"HotNews 0.x - config[incdir] Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 +23517,platforms/php/webapps/23517.txt,"HotNews 0.x - 'hotnews-engine.inc.php3' config[header] Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 +23518,platforms/php/webapps/23518.txt,"HotNews 0.x - 'config[incdir]' Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 23519,platforms/php/webapps/23519.txt,"FreznoShop 1.2.3/1.3 - Search Script Cross-Site Scripting",2004-01-04,"David S. Ferreira",php,webapps,0 23520,platforms/php/webapps/23520.txt,"PHPGedView 2.61 - Multiple PHP Remote File Inclusion",2004-01-06,Windak,php,webapps,0 23691,platforms/php/webapps/23691.txt,"vBulletin 3.0 - search.php Cross-Site Scripting",2004-02-13,"Rafel Ivgi The-Insider",php,webapps,0 @@ -26783,7 +26783,7 @@ id,file,description,date,author,platform,type,port 23636,platforms/php/webapps/23636.txt,"Qualiteam X-Cart 3.x - general.php perl_binary Parameter Arbitrary Command Execution",2004-02-03,Philip,php,webapps,0 23637,platforms/php/webapps/23637.txt,"Qualiteam X-Cart 3.x - upgrade.php perl_binary Parameter Arbitrary Command Execution",2004-02-03,Philip,php,webapps,0 23639,platforms/php/webapps/23639.txt,"Qualiteam X-Cart 3.x - Multiple Remote Information Disclosure Vulnerabilities",2004-02-03,Philip,php,webapps,0 -23640,platforms/php/webapps/23640.txt,"phpMyAdmin 2.x - Export.php File Disclosure",2004-02-03,"Cedric Cochin",php,webapps,0 +23640,platforms/php/webapps/23640.txt,"phpMyAdmin 2.x - 'Export.php' File Disclosure",2004-02-03,"Cedric Cochin",php,webapps,0 23644,platforms/php/webapps/23644.php,"PHPX 3.2.3 - Multiple Vulnerabilities",2004-02-03,"Manuel L?pez",php,webapps,0 23645,platforms/php/webapps/23645.txt,"All Enthusiast ReviewPost PHP Pro 2.5 - 'showproduct.php' SQL Injection",2004-02-04,G00db0y,php,webapps,0 23646,platforms/php/webapps/23646.txt,"All Enthusiast ReviewPost PHP Pro 2.5 - 'showcat.php' SQL Injection",2004-02-04,G00db0y,php,webapps,0 @@ -26818,8 +26818,8 @@ id,file,description,date,author,platform,type,port 23720,platforms/php/webapps/23720.txt,"eCommerce Corporation Online Store Kit 3.0 - listing.php id Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 23722,platforms/php/webapps/23722.txt,"Fool's Workshop Owl's Workshop 1.0 - multiplechoice/index.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 23723,platforms/php/webapps/23723.txt,"Fool's Workshop Owl's Workshop 1.0 - glossary.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23724,platforms/php/webapps/23724.txt,"Fool's Workshop Owl's Workshop 1.0 - newmultiplechoice.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 -23725,platforms/php/webapps/23725.txt,"Fool's Workshop Owl's Workshop 1.0 - glossaries/index.php file Parameter Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23724,platforms/php/webapps/23724.txt,"Fool's Workshop Owl's Workshop 1.0 - 'newmultiplechoice.php' Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 +23725,platforms/php/webapps/23725.txt,"Fool's Workshop Owl's Workshop 1.0 - 'glossaries/index.php' File Parameter Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 23726,platforms/php/webapps/23726.txt,"Fool's Workshop Owl's Workshop 1.0 - readings/index.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 23727,platforms/php/webapps/23727.txt,"Fool's Workshop Owl's Workshop 1.0 - resultsignore.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 23729,platforms/asp/webapps/23729.txt,"WebCortex WebStores2000 - error.asp Cross-Site Scripting",2004-02-18,"Nick Gudov",asp,webapps,0 @@ -26873,17 +26873,17 @@ id,file,description,date,author,platform,type,port 23843,platforms/php/webapps/23843.txt,"Belchior Foundry VCard 2.8 - Authentication Bypass",2004-03-17,"saudi linux",php,webapps,0 23844,platforms/php/webapps/23844.txt,"PHP-Nuke Error Manager Module 2.1 - error.php language Variable Full Path Disclosure",2004-03-18,"Janek Vind",php,webapps,0 23845,platforms/php/webapps/23845.txt,"PHP-Nuke Error Manager Module 2.1 - error.php Multiple Variables Cross-Site Scripting",2004-03-18,"Janek Vind",php,webapps,0 -23851,platforms/asp/webapps/23851.txt,"Expinion.net Member Management System 2.1 - news_view.asp ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 +23851,platforms/asp/webapps/23851.txt,"Expinion.net Member Management System 2.1 - 'news_view.asp' ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23852,platforms/asp/webapps/23852.txt,"Expinion.net Member Management System 2.1 - resend.asp ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23853,platforms/asp/webapps/23853.txt,"Expinion.net Member Management System 2.1 - error.asp err Parameter Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 40401,platforms/php/webapps/40401.txt,"ZineBasic 1.1 - Arbitrary File Disclosure",2016-09-19,bd0rk,php,webapps,80 23854,platforms/asp/webapps/23854.txt,"Expinion.net Member Management System 2.1 - register.asp err Parameter Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 -23857,platforms/asp/webapps/23857.txt,"Expinion.net News Manager Lite 2.5 - comment_add.asp Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 -23858,platforms/asp/webapps/23858.txt,"Expinion.net News Manager Lite 2.5 - search.asp Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 -23859,platforms/asp/webapps/23859.txt,"Expinion.net News Manager Lite 2.5 - category_news_headline.asp Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 -23860,platforms/asp/webapps/23860.txt,"Expinion.net News Manager Lite 2.5 - more.asp ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 -23861,platforms/asp/webapps/23861.txt,"Expinion.net News Manager Lite 2.5 - category_news.asp ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 -23862,platforms/asp/webapps/23862.txt,"Expinion.net News Manager Lite 2.5 - news_sort.asp filter Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 +23857,platforms/asp/webapps/23857.txt,"Expinion.net News Manager Lite 2.5 - 'comment_add.asp' Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 +23858,platforms/asp/webapps/23858.txt,"Expinion.net News Manager Lite 2.5 - 'search.asp' Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 +23859,platforms/asp/webapps/23859.txt,"Expinion.net News Manager Lite 2.5 - 'category_news_headline.asp' Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 +23860,platforms/asp/webapps/23860.txt,"Expinion.net News Manager Lite 2.5 - 'more.asp' ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 +23861,platforms/asp/webapps/23861.txt,"Expinion.net News Manager Lite 2.5 - 'category_news.asp' ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 +23862,platforms/asp/webapps/23862.txt,"Expinion.net News Manager Lite 2.5 - 'news_sort.asp' filter Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23863,platforms/asp/webapps/23863.txt,"Expinion.net News Manager Lite 2.5 - NEWS_LOGIN Cookie Admin Parameter Manipulation Admin Authentication Bypass",2004-03-20,"Manuel Lopez",asp,webapps,0 23865,platforms/php/webapps/23865.txt,"vBulletin 2.x - private.php Cross-Site Scripting",2004-03-22,JeiAr,php,webapps,0 23866,platforms/php/webapps/23866.txt,"phpBB 1.x/2.0.x - Multiple Input Validation Vulnerabilities",2004-03-22,JeiAr,php,webapps,0 @@ -26925,8 +26925,8 @@ id,file,description,date,author,platform,type,port 23947,platforms/php/webapps/23947.txt,"TikiWiki Project 1.8 - 'tiki-switch_theme.php' theme Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 23948,platforms/php/webapps/23948.txt,"TikiWiki Project 1.8 - 'img/wiki_up' Arbitrary File Upload",2004-04-12,JeiAr,php,webapps,0 23949,platforms/php/webapps/23949.txt,"TikiWiki Project 1.8 - 'tiki-map.phtml' Traversal Arbitrary File / Directory Enumeration",2004-04-12,JeiAr,php,webapps,0 -23950,platforms/php/webapps/23950.txt,"TikiWiki Project 1.8 - User Profile Multiple Option Arbitrary Remote Code Injection",2004-04-12,JeiAr,php,webapps,0 -23951,platforms/php/webapps/23951.txt,"TikiWiki Project 1.8 - Add Site Multiple Options Arbitrary Remote Code Injection",2004-04-12,JeiAr,php,webapps,0 +23950,platforms/php/webapps/23950.txt,"TikiWiki Project 1.8 - User Profile Multiple Option Remote Code Injection",2004-04-12,JeiAr,php,webapps,0 +23951,platforms/php/webapps/23951.txt,"TikiWiki Project 1.8 - Add Site Multiple Options Remote Code Injection",2004-04-12,JeiAr,php,webapps,0 23952,platforms/php/webapps/23952.txt,"TikiWiki Project 1.8 - 'categorize.php' Direct Request Full Path Disclosure",2004-04-12,JeiAr,php,webapps,0 23953,platforms/php/webapps/23953.txt,"TikiWiki Project 1.8 - 'messu-mailbox.php' Multiple Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 23954,platforms/php/webapps/23954.txt,"TikiWiki Project 1.8 - 'messu-read.php' Multiple Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 @@ -27154,7 +27154,7 @@ id,file,description,date,author,platform,type,port 24391,platforms/php/webapps/24391.txt,"Mantis 0.x - Multiple Cross-Site Scripting Vulnerabilities",2004-08-21,"Jose Antonio",php,webapps,0 24392,platforms/php/webapps/24392.php,"Mantis 0.x - New Account Signup Mass Emailing",2004-08-21,"Jose Antonio",php,webapps,0 24393,platforms/php/webapps/24393.txt,"MyDms 1.4 - SQL Injection / Directory Traversal",2004-08-21,"Jose Antonio",php,webapps,0 -24397,platforms/asp/webapps/24397.txt,"Compulsive Media CNU5 - News.mdb Database Disclosure",2004-08-23,"Security .Net Information",asp,webapps,0 +24397,platforms/asp/webapps/24397.txt,"Compulsive Media CNU5 - 'News.mdb' Database Disclosure",2004-08-23,"Security .Net Information",asp,webapps,0 24399,platforms/php/webapps/24399.txt,"PhotoADay - Pad_selected Parameter Cross-Site Scripting",2004-08-23,"King Of Love",php,webapps,0 24400,platforms/cgi/webapps/24400.txt,"Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution",2004-08-23,bashis,cgi,webapps,0 24403,platforms/php/webapps/24403.txt,"eGroupWare 1.0 Calendar Module - date Parameter Cross-Site Scripting",2004-08-23,"Joxean Koret",php,webapps,0 @@ -27335,7 +27335,7 @@ id,file,description,date,author,platform,type,port 24742,platforms/php/webapps/24742.txt,"Web Cookbook - Multiple SQL Injections",2013-03-13,"Saadat Ullah",php,webapps,0 24744,platforms/multiple/webapps/24744.txt,"Apache Rave 0.11 < 0.20 - User Information Disclosure",2013-03-13,"Andreas Guth",multiple,webapps,0 24748,platforms/php/webapps/24748.txt,"event Calendar - Multiple Vulnerabilities",2004-11-16,"Janek Vind",php,webapps,0 -24751,platforms/php/webapps/24751.pl,"phpBB 2.0.x - admin_cash.php Remote PHP File Inclusion",2004-11-17,"Jerome Athias",php,webapps,0 +24751,platforms/php/webapps/24751.pl,"phpBB 2.0.x - 'admin_cash.php' Remote PHP File Inclusion",2004-11-17,"Jerome Athias",php,webapps,0 24752,platforms/php/webapps/24752.txt,"Invision Power Board 2.0 - 'index.php' Post Action SQL Injection",2004-11-18,anonymous,php,webapps,0 24759,platforms/php/webapps/24759.txt,"IPBProArcade 2.5 - SQL Injection",2004-11-20,"axl daivy",php,webapps,0 24762,platforms/php/webapps/24762.txt,"PHPKIT 1.6 - Multiple Input Validation Vulnerabilities",2004-11-22,Steve,php,webapps,0 @@ -27454,7 +27454,7 @@ id,file,description,date,author,platform,type,port 25184,platforms/php/webapps/25184.txt,"ProjectBB 0.4.5.1 - Multiple SQL Injections",2005-03-02,"benji lemien",php,webapps,0 25185,platforms/php/webapps/25185.txt,"D-Forum 1.11 - Nav.php3 Cross-Site Scripting",2005-03-03,benjilenoob,php,webapps,0 25186,platforms/php/webapps/25186.txt,"Typo3 CMW_Linklist 1.4.1 Extension - SQL Injection",2005-03-03,"Fabian Becker",php,webapps,0 -25189,platforms/php/webapps/25189.txt,"Stadtaus.Com Download Center Lite 1.5 - Arbitrary Remote PHP File Inclusion",2005-03-04,"Filip Groszynski",php,webapps,0 +25189,platforms/php/webapps/25189.txt,"Stadtaus.Com Download Center Lite 1.5 - Remote PHP File Inclusion",2005-03-04,"Filip Groszynski",php,webapps,0 25192,platforms/php/webapps/25192.pl,"Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion",2005-03-05,mozako,php,webapps,0 25193,platforms/php/webapps/25193.txt,"Jason Hines PHPWebLog 0.4/0.5 - Remote File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 29278,platforms/php/webapps/29278.pl,"Work System eCommerce 3.0.3/3.0.4 - forum.php Remote File Inclusion",2006-12-13,the_Edit0r,php,webapps,0 @@ -27535,7 +27535,7 @@ id,file,description,date,author,platform,type,port 25158,platforms/php/webapps/25158.txt,"OOApp Guestbook - Multiple HTML Injection Vulnerabilities",2005-02-24,m1o1d1,php,webapps,0 25159,platforms/jsp/webapps/25159.txt,"cyclades alterpath manager 1.1 - Multiple Vulnerabilities",2005-02-24,sullo@cirt.net,jsp,webapps,0 25160,platforms/php/webapps/25160.txt,"PunBB 3.0/3.1 - Multiple Remote Input Validation Vulnerabilities",2005-02-24,"John Gumbel",php,webapps,0 -25161,platforms/php/webapps/25161.txt,"phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload",2005-02-24,tjomka,php,webapps,0 +25161,platforms/php/webapps/25161.txt,"phpWebSite 0.x - Image File Processing Arbitrary '.PHP' File Upload",2005-02-24,tjomka,php,webapps,0 25162,platforms/php/webapps/25162.txt,"CubeCart 2.0.x - Multiple Cross-Site Scripting Vulnerabilities",2005-02-25,Lostmon,php,webapps,0 25168,platforms/php/webapps/25168.c,"phpBB 2.0.x - Authentication Bypass (1)",2005-02-28,Paisterist,php,webapps,0 25169,platforms/php/webapps/25169.pl,"phpBB 2.0.x - Authentication Bypass (2)",2005-02-28,phuket,php,webapps,0 @@ -27580,7 +27580,7 @@ id,file,description,date,author,platform,type,port 25239,platforms/php/webapps/25239.txt,"CoolForum 0.5/0.7/0.8 - avatar.php img Parameter Cross-Site Scripting",2005-03-19,Romano,php,webapps,0 25240,platforms/php/webapps/25240.txt,"CoolForum 0.5/0.7/0.8 - 'register.php' login Parameter SQL Injection",2005-03-19,Romano,php,webapps,0 25241,platforms/php/webapps/25241.html,"PHP-Fusion 4/5 - 'Setuser.php' HTML Injection",2005-03-19,"PersianHacker Team",php,webapps,0 -25242,platforms/php/webapps/25242.txt,"Ciamos 0.9.2 - Highlight.php File Disclosure",2005-03-19,"Majid NT",php,webapps,0 +25242,platforms/php/webapps/25242.txt,"Ciamos 0.9.2 - 'Highlight.php' File Disclosure",2005-03-19,"Majid NT",php,webapps,0 40397,platforms/aspx/webapps/40397.txt,"MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities",2016-09-19,"Paul Baade and Sven Krewitt",aspx,webapps,0 25243,platforms/php/webapps/25243.txt,"TRG News 3.0 Script - Remote File Inclusion",2005-03-21,Frank_Reiner,php,webapps,0 25244,platforms/php/webapps/25244.txt,"CzarNews 1.13/1.14 - 'headlines.php' Remote File Inclusion",2005-03-21,brOmstar,php,webapps,0 @@ -27679,7 +27679,7 @@ id,file,description,date,author,platform,type,port 25372,platforms/php/webapps/25372.txt,"RadScripts RadBids Gold 2.0 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-04-09,Dcrab,php,webapps,0 25373,platforms/php/webapps/25373.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - view.php id Parameter Cross-Site Scripting",2005-04-09,kre0n,php,webapps,0 25374,platforms/php/webapps/25374.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - view.php id Parameter SQL Injection",2005-04-09,kre0n,php,webapps,0 -25376,platforms/php/webapps/25376.txt,"ModernGigabyte ModernBill 4.3 - news.php File Inclusion",2005-04-10,"James Bercegay",php,webapps,0 +25376,platforms/php/webapps/25376.txt,"ModernGigabyte ModernBill 4.3 - 'news.php' File Inclusion",2005-04-10,"James Bercegay",php,webapps,0 25377,platforms/php/webapps/25377.txt,"ModernGigabyte ModernBill 4.3 - C_CODE Parameter Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 25378,platforms/php/webapps/25378.txt,"ModernGigabyte ModernBill 4.3 - Aid Parameter Cross-Site Scripting",2005-04-11,"James Bercegay",php,webapps,0 25379,platforms/php/webapps/25379.txt,"Zoom Media Gallery 2.1.2 - 'index.php' SQL Injection",2005-04-11,"Andreas Constantinides",php,webapps,0 @@ -27703,13 +27703,13 @@ id,file,description,date,author,platform,type,port 25415,platforms/ios/webapps/25415.txt,"Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,ios,webapps,0 25416,platforms/hardware/webapps/25416.txt,"SimpleTransfer 2.2.1 - Command Injection",2013-05-13,Vulnerability-Lab,hardware,webapps,0 25417,platforms/ios/webapps/25417.txt,"File Lite 3.3 / 3.5 PRO iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,ios,webapps,0 -25422,platforms/php/webapps/25422.txt,"All4WWW-HomePageCreator 1.0 - 'index.php' Arbitrary Remote File Inclusion",2005-04-14,"Francisco Alisson",php,webapps,0 +25422,platforms/php/webapps/25422.txt,"All4WWW-HomePageCreator 1.0 - 'index.php' Remote File Inclusion",2005-04-14,"Francisco Alisson",php,webapps,0 25423,platforms/php/webapps/25423.txt,"SPHPBlog 0.4 - search.php Cross-Site Scripting",2005-04-14,y3dips,php,webapps,0 -25424,platforms/asp/webapps/25424.txt,"OneWorldStore - OWAddItem.asp SQL Injection",2005-04-14,Dcrab,asp,webapps,0 -25425,platforms/asp/webapps/25425.txt,"OneWorldStore - OWListProduct.asp Multiple SQL Injection",2005-04-14,Dcrab,asp,webapps,0 -25426,platforms/asp/webapps/25426.txt,"OneWorldStore - OWProductDetail.asp SQL Injection",2005-04-14,Dcrab,asp,webapps,0 -25427,platforms/asp/webapps/25427.txt,"OneWorldStore - OWContactUs.asp Cross-Site Scripting",2005-04-14,Dcrab,asp,webapps,0 -25428,platforms/asp/webapps/25428.txt,"OneWorldStore - OWListProduct.asp Cross-Site Scripting",2005-04-14,Dcrab,asp,webapps,0 +25424,platforms/asp/webapps/25424.txt,"OneWorldStore - 'OWAddItem.asp' SQL Injection",2005-04-14,Dcrab,asp,webapps,0 +25425,platforms/asp/webapps/25425.txt,"OneWorldStore - 'OWListProduct.asp' Multiple SQL Injection",2005-04-14,Dcrab,asp,webapps,0 +25426,platforms/asp/webapps/25426.txt,"OneWorldStore - 'OWProductDetail.asp' SQL Injection",2005-04-14,Dcrab,asp,webapps,0 +25427,platforms/asp/webapps/25427.txt,"OneWorldStore - 'OWContactUs.asp' Cross-Site Scripting",2005-04-14,Dcrab,asp,webapps,0 +25428,platforms/asp/webapps/25428.txt,"OneWorldStore - 'OWListProduct.asp' Cross-Site Scripting",2005-04-14,Dcrab,asp,webapps,0 25430,platforms/php/webapps/25430.txt,"PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting",2005-04-15,Dcrab,php,webapps,0 25431,platforms/php/webapps/25431.pl,"Ariadne CMS 2.4 - Remote File Inclusion",2006-10-19,"Fidel Costa",php,webapps,0 25432,platforms/php/webapps/25432.txt,"phpBB Remote - mod.php SQL Injection",2005-04-16,"tom cruise",php,webapps,0 @@ -27725,8 +27725,8 @@ id,file,description,date,author,platform,type,port 25447,platforms/php/webapps/25447.txt,"Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections",2013-05-14,RunRunLevel,php,webapps,0 25449,platforms/php/webapps/25449.txt,"UMI CMS 2.9 - Cross-Site Request Forgery",2013-05-14,"High-Tech Bridge SA",php,webapps,0 25451,platforms/php/webapps/25451.txt,"phpBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection",2005-04-13,deluxe@security-project.org,php,webapps,0 -25455,platforms/asp/webapps/25455.txt,"OneWorldStore - DisplayResults.asp SQL Injection",2005-04-19,Lostmon,asp,webapps,0 -25456,platforms/asp/webapps/25456.txt,"OneWorldStore - DisplayResults.asp Cross-Site Scripting",2005-04-19,Lostmon,asp,webapps,0 +25455,platforms/asp/webapps/25455.txt,"OneWorldStore - 'DisplayResults.asp' SQL Injection",2005-04-19,Lostmon,asp,webapps,0 +25456,platforms/asp/webapps/25456.txt,"OneWorldStore - 'DisplayResults.asp' Cross-Site Scripting",2005-04-19,Lostmon,asp,webapps,0 25457,platforms/php/webapps/25457.c,"UBBCentral 6.0 - UBB.threads Printthread.php SQL Injection",2005-03-11,HLL,php,webapps,0 25458,platforms/php/webapps/25458.txt,"CityPost PHP LNKX 52.0 - message.php Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 25459,platforms/php/webapps/25459.txt,"CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - URI Parameter Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 @@ -27823,7 +27823,7 @@ id,file,description,date,author,platform,type,port 25577,platforms/php/webapps/25577.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - reviews.php Multiple Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 25578,platforms/php/webapps/25578.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - product_details.php category_id Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 25579,platforms/php/webapps/25579.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - products.php Multiple Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 -25580,platforms/php/webapps/25580.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - news_view.php Multiple Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 +25580,platforms/php/webapps/25580.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - 'news_view.php' Multiple Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 25720,platforms/php/webapps/25720.txt,"Vanilla Forums 2.0.18.8 - Multiple Vulnerabilities",2013-05-26,"Henry Hoggard",php,webapps,0 25585,platforms/asp/webapps/25585.txt,"Maxwebportal 1.3 - dl_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 25586,platforms/asp/webapps/25586.txt,"Maxwebportal 1.3 - links_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 @@ -27970,7 +27970,7 @@ id,file,description,date,author,platform,type,port 33417,platforms/php/webapps/33417.txt,"cPanel 11.x - 'fileop' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-12-17,RENO,php,webapps,0 33418,platforms/php/webapps/33418.txt,"Joomla! Component com_joomportfolio - 'secid' Parameter SQL Injection",2009-12-17,"Fl0riX and Snakespc",php,webapps,0 33419,platforms/php/webapps/33419.txt,"F3Site 2009 - mod/poll.php GLOBALS[nlang] Parameter Traversal Local File Inclusion",2009-12-18,cr4wl3r,php,webapps,0 -33420,platforms/php/webapps/33420.txt,"F3Site 2009 - mod/new.php GLOBALS[nlang] Parameter Traversal Local File Inclusion",2009-12-18,cr4wl3r,php,webapps,0 +33420,platforms/php/webapps/33420.txt,"F3Site 2009 - 'mod/new.php' GLOBALS[nlang] Parameter Traversal Local File Inclusion",2009-12-18,cr4wl3r,php,webapps,0 40390,platforms/php/webapps/40390.php,"BuilderEngine 3.5.0 - Arbitrary File Upload",2016-09-19,metanubix,php,webapps,80 33421,platforms/php/webapps/33421.txt,"Ampache 3.4.3 - 'login.php' Multiple SQL Injection",2009-12-18,R3d-D3V!L,php,webapps,0 33422,platforms/php/webapps/33422.txt,"JBC Explorer 7.20 - 'arbre.php' Cross-Site Scripting",2009-12-20,Metropolis,php,webapps,0 @@ -28026,7 +28026,7 @@ id,file,description,date,author,platform,type,port 25847,platforms/asp/webapps/25847.txt,"LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection",2003-12-07,G00db0y,asp,webapps,0 25848,platforms/php/webapps/25848.pl,"PAFaq beta4 - Database Unauthorized Access",2005-06-20,james,php,webapps,0 25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File Manipulation (newvalue) / Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 -26289,platforms/cgi/webapps/26289.txt,"Alkalay.Net Multiple Scripts - Arbitrary Remote Command Execution Vulnerabilities",2005-08-21,sullo@cirt.net,cgi,webapps,0 +26289,platforms/cgi/webapps/26289.txt,"Alkalay.Net Multiple Scripts - Remote Command Execution",2005-08-21,sullo@cirt.net,cgi,webapps,0 26290,platforms/cgi/webapps/26290.txt,"PerlDiver 2.31 - Perldiver.cgi Cross-Site Scripting",2005-08-21,"Donnie Werner",cgi,webapps,0 26291,platforms/asp/webapps/26291.txt,"Mall23 - AddItem.asp SQL Injection",2005-08-21,SmOk3,asp,webapps,0 25853,platforms/asp/webapps/25853.txt,"I-Gallery - Folder Argument Directory Traversal",2005-06-20,"Seyed Hamid Kashfi",asp,webapps,0 @@ -28059,13 +28059,13 @@ id,file,description,date,author,platform,type,port 25880,platforms/php/webapps/25880.txt,"CarLine Forum Russian Board 4.2 - search.php text_poisk Parameter Cross-Site Scripting",2005-06-23,1dt.w0lf,php,webapps,0 25881,platforms/php/webapps/25881.txt,"CarLine Forum Russian Board 4.2 - set.php name_ig_array[] Parameter Cross-Site Scripting",2005-06-23,1dt.w0lf,php,webapps,0 25882,platforms/php/webapps/25882.txt,"CarLine Forum Russian Board 4.2 - reply.php Multiple Parameter Cross-Site Scripting",2005-06-23,1dt.w0lf,php,webapps,0 -25884,platforms/php/webapps/25884.txt,"CarLine Forum Russian Board 4.2 - new.php Multiple Parameter Cross-Site Scripting",2005-06-23,1dt.w0lf,php,webapps,0 +25884,platforms/php/webapps/25884.txt,"CarLine Forum Russian Board 4.2 - 'new.php' Multiple Parameter Cross-Site Scripting",2005-06-23,1dt.w0lf,php,webapps,0 25885,platforms/php/webapps/25885.txt,"CarLine Forum Russian Board 4.2 - edit_msg.php Multiple Parameter Cross-Site Scripting",2005-06-23,1dt.w0lf,php,webapps,0 25886,platforms/php/webapps/25886.txt,"CarLine Forum Russian Board 4.2 - menu_header.php table_sql Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25887,platforms/php/webapps/25887.txt,"CarLine Forum Russian Board 4.2 - set.php name_ig_array[1] Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25888,platforms/php/webapps/25888.txt,"CarLine Forum Russian Board 4.2 - reply_in.php Multiple Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25889,platforms/php/webapps/25889.txt,"CarLine Forum Russian Board 4.2 - reply.php name_ig_array1[1] Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 -25890,platforms/php/webapps/25890.txt,"CarLine Forum Russian Board 4.2 - new.php name_ig_array1[1] Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 +25890,platforms/php/webapps/25890.txt,"CarLine Forum Russian Board 4.2 - 'new.php' name_ig_array1[1] Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25891,platforms/php/webapps/25891.txt,"CarLine Forum Russian Board 4.2 - edit_msg.php name_ig_array1[1] Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25892,platforms/php/webapps/25892.txt,"CarLine Forum Russian Board 4.2 - memory.php Multiple Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25893,platforms/php/webapps/25893.txt,"CarLine Forum Russian Board 4.2 - line.php Multiple Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 @@ -28102,9 +28102,9 @@ id,file,description,date,author,platform,type,port 25930,platforms/php/webapps/25930.txt,"EasyPHPCalendar 6.1.5/6.2.x - header.inc.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 25931,platforms/php/webapps/25931.txt,"EasyPHPCalendar 6.1.5/6.2.x - datePicker.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 25932,platforms/php/webapps/25932.txt,"EasyPHPCalendar 6.1.5/6.2.x - setupSQL.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 -25934,platforms/php/webapps/25934.txt,"Plague News System 0.7 - CID Parameter SQL Injection",2005-07-04,Easyex,php,webapps,0 -25935,platforms/php/webapps/25935.txt,"Plague News System 0.7 - CID Parameter Cross-Site Scripting",2005-07-04,Easyex,php,webapps,0 -25937,platforms/php/webapps/25937.txt,"Plague News System 0.7 - delete.php Access Restriction Bypass",2005-07-04,Easyex,php,webapps,0 +25934,platforms/php/webapps/25934.txt,"Plague News System 0.7 - 'CID' Parameter SQL Injection",2005-07-04,Easyex,php,webapps,0 +25935,platforms/php/webapps/25935.txt,"Plague News System 0.7 - 'CID' Parameter Cross-Site Scripting",2005-07-04,Easyex,php,webapps,0 +25937,platforms/php/webapps/25937.txt,"Plague News System 0.7 - 'delete.php' Access Restriction Bypass",2005-07-04,Easyex,php,webapps,0 25938,platforms/php/webapps/25938.txt,"phpPgAdmin 3.x - Login Form Directory Traversal",2005-07-05,rznvynqqe@hushmail.com,php,webapps,0 25939,platforms/cgi/webapps/25939.txt,"GlobalNoteScript 4.20 - Read.cgi Remote Command Execution",2005-07-05,AcidCrash,cgi,webapps,0 25940,platforms/php/webapps/25940.txt,"AutoIndex PHP Script 1.5.2 - 'index.php' Cross-Site Scripting",2005-07-05,mozako,php,webapps,0 @@ -28155,7 +28155,7 @@ id,file,description,date,author,platform,type,port 26015,platforms/php/webapps/26015.txt,"Form Sender 1.0 - Processform.php3 Failed Cross-Site Scripting",2005-07-19,rgod,php,webapps,0 26016,platforms/php/webapps/26016.txt,"PHPNews 1.2.x - 'auth.php' SQL Injection",2005-07-20,GHC,php,webapps,0 26017,platforms/cgi/webapps/26017.txt,"Greasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities",2005-07-20,"Mark Pilgrim",cgi,webapps,0 -26018,platforms/php/webapps/26018.txt,"Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting",2005-07-21,rgod,php,webapps,0 +26018,platforms/php/webapps/26018.txt,"Pyrox Search 1.0.5 - 'Newsearch.php' Whatdoreplace Cross-Site Scripting",2005-07-21,rgod,php,webapps,0 26019,platforms/php/webapps/26019.txt,"Contrexx 1.0.4 - Multiple Input Validation Vulnerabilities",2005-07-22,"Christopher Kunz",php,webapps,0 26020,platforms/php/webapps/26020.txt,"Asn Guestbook 1.5 - header.php version Parameter Cross-Site Scripting",2005-07-22,rgod,php,webapps,0 26021,platforms/php/webapps/26021.txt,"Asn Guestbook 1.5 - footer.php version Parameter Cross-Site Scripting",2005-07-22,rgod,php,webapps,0 @@ -28212,7 +28212,7 @@ id,file,description,date,author,platform,type,port 26079,platforms/php/webapps/26079.txt,"Comdev eCommerce 3.0 - config.php Remote File Inclusion",2005-08-05,anonymous,php,webapps,0 26080,platforms/php/webapps/26080.txt,"Comdev eCommerce 3.0 - WCE.download.php Directory Traversal",2005-08-05,anonymous,php,webapps,0 26081,platforms/php/webapps/26081.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - dwt_editor.php Multiple Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 -26082,platforms/php/webapps/26082.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - jax_newsletter.php language Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 +26082,platforms/php/webapps/26082.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - 'jax_newsletter.php' language Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 26083,platforms/php/webapps/26083.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - sign_in.php language Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 26084,platforms/php/webapps/26084.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - archive.php language Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 26085,platforms/php/webapps/26085.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - jax_guestbook.php Multiple Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 @@ -28395,7 +28395,7 @@ id,file,description,date,author,platform,type,port 26324,platforms/php/webapps/26324.txt,"TellMe 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-05,"Donnie Werner",php,webapps,0 26335,platforms/asp/webapps/26335.txt,"Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities",2005-10-07,"farhad koosha",asp,webapps,0 26337,platforms/php/webapps/26337.php,"Cyphor 0.19 - lostpwd.php nick Field SQL Injection",2005-10-08,rgod,php,webapps,0 -26338,platforms/php/webapps/26338.txt,"Cyphor 0.19 - newmsg.php fid Parameter SQL Injection",2005-10-08,retrogod@aliceposta.it,php,webapps,0 +26338,platforms/php/webapps/26338.txt,"Cyphor 0.19 - 'newmsg.php' fid Parameter SQL Injection",2005-10-08,retrogod@aliceposta.it,php,webapps,0 26339,platforms/php/webapps/26339.txt,"Cyphor 0.19 - footer.php t_login Parameter Cross-Site Scripting",2005-10-08,retrogod@aliceposta.it,php,webapps,0 26343,platforms/php/webapps/26343.txt,"Accelerated E Solutions - SQL Injection",2005-10-11,"Andysheh Soltani",php,webapps,0 26344,platforms/cgi/webapps/26344.txt,"WebGUI 6.x - Arbitrary Command Execution",2005-10-12,"David Maciejak",cgi,webapps,0 @@ -28425,7 +28425,7 @@ id,file,description,date,author,platform,type,port 26372,platforms/php/webapps/26372.txt,"MySource 2.14 - mimeDecode.php PEAR_PATH Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 26373,platforms/php/webapps/26373.txt,"MySource 2.14 - mime.php PEAR_PATH Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 26377,platforms/php/webapps/26377.txt,"PHP-Nuke Search Module - modules.php Directory Traversal",2005-10-19,sp3x@securityreason.com,php,webapps,0 -26378,platforms/php/webapps/26378.txt,"Chipmunk Forum - newtopic.php forumID Parameter Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 +26378,platforms/php/webapps/26378.txt,"Chipmunk Forum - 'newtopic.php' forumID Parameter Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 26379,platforms/php/webapps/26379.txt,"Chipmunk Forum - quote.php forumID Parameter Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 26380,platforms/php/webapps/26380.txt,"Chipmunk Forum - recommend.php ID Parameter Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 26381,platforms/php/webapps/26381.txt,"Chipmunk Directory - recommend.php entryID Parameter Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 @@ -28457,10 +28457,10 @@ id,file,description,date,author,platform,type,port 26415,platforms/hardware/webapps/26415.txt,"Linksys X3000 1.0.03 build 001 - Multiple Vulnerabilities",2013-06-24,m-1-k-3,hardware,webapps,0 26416,platforms/php/webapps/26416.txt,"Elemata CMS RC3.0 - 'global.php id Parameter' SQL Injection",2013-06-24,"CWH Underground",php,webapps,0 26827,platforms/php/webapps/26827.txt,"QuickPayPro 3.1 - popups.edit.php popupid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 -26423,platforms/php/webapps/26423.txt,"Mantis 0.19.2/1.0 - Bug_sponsorship_list_view_inc.php File Inclusion",2005-10-26,"Andreas Sandblad",php,webapps,0 +26423,platforms/php/webapps/26423.txt,"Mantis 0.19.2/1.0 - 'Bug_sponsorship_list_view_inc.php' File Inclusion",2005-10-26,"Andreas Sandblad",php,webapps,0 26425,platforms/php/webapps/26425.pl,"Woltlab 1.1/2.x - Info-DB Info_db.php Multiple SQL Injection",2005-10-26,admin@batznet.com,php,webapps,0 26426,platforms/asp/webapps/26426.html,"Techno Dreams Multiple Scripts - Multiple SQL Injections",2005-10-26,"farhad koosha",asp,webapps,0 -26427,platforms/php/webapps/26427.txt,"GCards 1.43 - news.php SQL Injection",2005-10-26,svsecurity,php,webapps,0 +26427,platforms/php/webapps/26427.txt,"GCards 1.43 - 'news.php' SQL Injection",2005-10-26,svsecurity,php,webapps,0 26428,platforms/php/webapps/26428.html,"Search Enhanced Module 1.1/2.0 for PHP-Nuke - HTML Injection",2005-10-26,bhfh01,php,webapps,0 26429,platforms/asp/webapps/26429.txt,"Novell ZENworks Patch Management 6.0.52 - computers/default.asp Direction Parameter SQL Injection",2005-10-27,"Dennis Rand",asp,webapps,0 26430,platforms/asp/webapps/26430.txt,"Novell ZENworks Patch Management 6.0.52 - reports/default.asp Multiple Parameter SQL Injection",2005-10-27,"Dennis Rand",asp,webapps,0 @@ -28513,7 +28513,7 @@ id,file,description,date,author,platform,type,port 26490,platforms/php/webapps/26490.txt,"TikiWiki 1.9 - Tiki-view_forum_thread.php Cross-Site Scripting",2005-11-09,"Moritz Naumann",php,webapps,0 26496,platforms/hardware/webapps/26496.txt,"eFile Wifi Transfer Manager 1.0 - Multiple Vulnerabilities",2013-06-30,Vulnerability-Lab,hardware,webapps,8080 26499,platforms/php/webapps/26499.txt,"PHPSysInfo 2.x - Multiple Input Validation Vulnerabilities",2005-11-11,anonymous,php,webapps,0 -26500,platforms/php/webapps/26500.txt,"PHPWebThings 1.4 - download.php File Parameter SQL Injection",2005-11-12,A.1.M,php,webapps,0 +26500,platforms/php/webapps/26500.txt,"PHPWebThings 1.4 - 'download.php' File Parameter SQL Injection",2005-11-12,A.1.M,php,webapps,0 26501,platforms/php/webapps/26501.txt,"ActiveCampaign 1-2-All Broadcast Email 4.0 - Admin Control Panel 'Username' SQL Injection",2005-11-12,bhs_team,php,webapps,0 26502,platforms/php/webapps/26502.txt,"Help Center Live 1.0/1.2/2.0 - module.php Local File Inclusion",2005-11-14,"HACKERS PAL",php,webapps,0 26503,platforms/php/webapps/26503.txt,"Wizz Forum - ForumAuthDetails.php AuthID Parameter SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 @@ -28637,7 +28637,7 @@ id,file,description,date,author,platform,type,port 26644,platforms/php/webapps/26644.txt,"SearchSolutions 1.2/1.3 - Multiple Products Cross-Site Scripting Vulnerabilities",2005-11-28,r0t,php,webapps,0 26645,platforms/php/webapps/26645.txt,"ASP-Rider 1.6 - default.asp SQL Injection",2005-11-29,info@hoder.com,php,webapps,0 26646,platforms/php/webapps/26646.txt,"PHP Upload Center - 'index.php' Directory Traversal",2005-11-29,liz0,php,webapps,0 -26647,platforms/php/webapps/26647.txt,"Fantastic Scripts Fantastic News 2.1.1 - news.php SQL Injection",2005-11-29,r0t3d3Vil,php,webapps,0 +26647,platforms/php/webapps/26647.txt,"Fantastic Scripts Fantastic News 2.1.1 - 'news.php' SQL Injection",2005-11-29,r0t3d3Vil,php,webapps,0 26649,platforms/php/webapps/26649.txt,"DMANews 0.9 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 26650,platforms/php/webapps/26650.txt,"Entergal MX 2.0 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 26651,platforms/php/webapps/26651.txt,"BosDates 4.0 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 @@ -28689,7 +28689,7 @@ id,file,description,date,author,platform,type,port 26700,platforms/jsp/webapps/26700.txt,"Java Search Engine 0.9.34 - search.jsp Cross-Site Scripting",2005-12-02,r0t,jsp,webapps,0 26701,platforms/asp/webapps/26701.txt,"ASPS Shopping Cart Lite 2.1/Professional 2.9 d - adv_search.asp srch_product_name Parameter Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26702,platforms/asp/webapps/26702.txt,"ASPS Shopping Cart Lite 2.1/Professional 2.9 d - bsearch.asp b_search Parameter Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 -26704,platforms/asp/webapps/26704.txt,"Solupress News 1.0 - search.asp Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 +26704,platforms/asp/webapps/26704.txt,"Solupress News 1.0 - 'search.asp' Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26705,platforms/asp/webapps/26705.txt,"SiteBeater News 4.0 - Archive.asp Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26706,platforms/php/webapps/26706.txt,"PHP-Fusion 6.0.109 - 'messages.php' SQL Injection",2005-12-03,"Nolan West",php,webapps,0 26707,platforms/php/webapps/26707.txt,"Alisveristr E-Commerce Login - Multiple SQL Injections",2005-12-03,B3g0k,php,webapps,0 @@ -28903,8 +28903,8 @@ id,file,description,date,author,platform,type,port 26960,platforms/php/webapps/26960.txt,"Papoo 2.1.2 - Guestbook.php menuid Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26961,platforms/php/webapps/26961.txt,"Papoo 2.1.2 - print.php Multiple Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26962,platforms/php/webapps/26962.txt,"PHPSlash 0.8.1 - 'article.php' SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 -26963,platforms/asp/webapps/26963.txt,"Quantum Art QP7.Enterprise - news_and_events_new.asp p_news_id Parameter SQL Injection",2005-12-21,r0t3d3Vil,asp,webapps,0 -26964,platforms/asp/webapps/26964.txt,"Quantum Art QP7.Enterprise - news.asp p_news_id Parameter SQL Injection",2005-12-21,r0t3d3Vil,asp,webapps,0 +26963,platforms/asp/webapps/26963.txt,"Quantum Art QP7.Enterprise - 'news_and_events_new.asp' p_news_id Parameter SQL Injection",2005-12-21,r0t3d3Vil,asp,webapps,0 +26964,platforms/asp/webapps/26964.txt,"Quantum Art QP7.Enterprise - 'news.asp' p_news_id Parameter SQL Injection",2005-12-21,r0t3d3Vil,asp,webapps,0 26965,platforms/php/webapps/26965.txt,"MusicBox 2.3 - 'type' Parameter SQL Injection",2005-12-22,"Medo HaCKer",php,webapps,0 26968,platforms/php/webapps/26968.txt,"SyntaxCMS - Search Query Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 26969,platforms/asp/webapps/26969.txt,"Tangora Portal CMS 4.0 - Action Parameter Cross-Site Scripting",2005-12-22,r0t3d3Vil,asp,webapps,0 @@ -29050,7 +29050,7 @@ id,file,description,date,author,platform,type,port 27149,platforms/php/webapps/27149.txt,"Ashwebstudio Ashnews 0.83 - Cross-Site Scripting",2006-01-30,0o_zeus_o0,php,webapps,0 27151,platforms/asp/webapps/27151.txt,"Daffodil CRM 1.5 - Userlogin.asp SQL Injection",2006-01-30,preben@watchcom.no,asp,webapps,0 27153,platforms/php/webapps/27153.txt,"Cerberus Helpdesk 2.7 - Clients.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 -27154,platforms/php/webapps/27154.txt,"Farsinews 2.1 - Loginout.php Remote File Inclusion",2006-01-31,"Hamid Ebadi",php,webapps,0 +27154,platforms/php/webapps/27154.txt,"Farsinews 2.1 - 'Loginout.php' Remote File Inclusion",2006-01-31,"Hamid Ebadi",php,webapps,0 27155,platforms/php/webapps/27155.txt,"MyBB 1.0/1.1 - 'index.php' Referrer Cookie SQL Injection",2006-01-31,Devil-00,php,webapps,0 27156,platforms/php/webapps/27156.txt,"SZUserMgnt 1.4 - 'Username' Parameter SQL Injection",2006-02-01,"Aliaksandr Hartsuyeu",php,webapps,0 27157,platforms/php/webapps/27157.txt,"SPIP 1.8/1.9 - Multiple SQL Injections",2006-02-01,Siegfried,php,webapps,0 @@ -29072,7 +29072,7 @@ id,file,description,date,author,platform,type,port 27176,platforms/php/webapps/27176.txt,"Papoo 2.1.x - Multiple Cross-Site Scripting Vulnerabilities",2006-02-09,"Dj Eyes",php,webapps,0 27177,platforms/hardware/webapps/27177.html,"TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root Exploit",2013-07-28,"Jacob Holcomb",hardware,webapps,0 27361,platforms/php/webapps/27361.txt,"Invision Power Board 2.1.5 - showtopic SQL Injection",2006-03-06,Mr.SNAKE,php,webapps,0 -27183,platforms/php/webapps/27183.txt,"Farsinews 2.1/2.5 - show_archives.php template Parameter Traversal Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 +27183,platforms/php/webapps/27183.txt,"Farsinews 2.1/2.5 - 'show_archives.php' template Parameter Traversal Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 27184,platforms/php/webapps/27184.txt,"HiveMail 1.2.2/1.3 - addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 27185,platforms/php/webapps/27185.txt,"HiveMail 1.2.2/1.3 - folders.update.php folderid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 27186,platforms/php/webapps/27186.txt,"HiveMail 1.2.2/1.3 - 'index.php' $_SERVER['PHP_SELF'] Cross-Site Scripting",2006-02-11,"GulfTech Security",php,webapps,0 @@ -29271,7 +29271,7 @@ id,file,description,date,author,platform,type,port 27451,platforms/cgi/webapps/27451.txt,"Verisign MPKI 6.0 - Haydn.exe Cross-Site Scripting",2006-03-20,"Alberto Soli",cgi,webapps,0 27454,platforms/php/webapps/27454.txt,"Motorola - BlueTooth Interface Dialog Spoofing",2006-03-22,kspecial,php,webapps,0 27455,platforms/cfm/webapps/27455.txt,"1WebCalendar 4.0 - viewEvent.cfm EventID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 -27456,platforms/cfm/webapps/27456.txt,"1WebCalendar 4.0 - /news/newsView.cfm NewsID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 +27456,platforms/cfm/webapps/27456.txt,"1WebCalendar 4.0 - '/news/newsView.cfm' NewsID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 27457,platforms/cfm/webapps/27457.txt,"1WebCalendar 4.0 - mainCal.cfm SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 27458,platforms/php/webapps/27458.txt,"EasyMoblog 0.5 - Img.php Cross-Site Scripting",2006-03-23,FarhadKey,php,webapps,0 27459,platforms/php/webapps/27459.txt,"CoMoblog 1.0 - Img.php Cross-Site Scripting",2006-03-23,FarhadKey,php,webapps,0 @@ -29350,7 +29350,7 @@ id,file,description,date,author,platform,type,port 27552,platforms/asp/webapps/27552.txt,"ISP Site Man - admin_login.asp SQL Injection",2006-04-01,s3rv3r_hack3r,asp,webapps,0 27558,platforms/jsp/webapps/27558.txt,"Bugzero 4.3.1 - query.jsp msg Parameter Cross-Site Scripting",2006-04-03,r0t,jsp,webapps,0 27559,platforms/jsp/webapps/27559.txt,"Bugzero 4.3.1 - edit.jsp Multiple Parameter Cross-Site Scripting",2006-04-03,r0t,jsp,webapps,0 -27560,platforms/php/webapps/27560.txt,"aWebNews 1.2 - visview.php _GET['cid'] Parameter SQL Injection",2006-04-03,"Aliaksandr Hartsuyeu",php,webapps,0 +27560,platforms/php/webapps/27560.txt,"aWebNews 1.2 - 'visview.php' _GET['cid'] Parameter SQL Injection",2006-04-03,"Aliaksandr Hartsuyeu",php,webapps,0 27561,platforms/cgi/webapps/27561.txt,"Web-APP.net WebAPP 0.9.x - index.cgi Multiple Parameter Cross-Site Scripting",2006-04-03,r0t,cgi,webapps,0 27562,platforms/cgi/webapps/27562.txt,"Web-APP.net WebAPP 0.9.x - mods/calendar/index.cgi vsSD Parameter Cross-Site Scripting",2006-04-03,r0t,cgi,webapps,0 27563,platforms/php/webapps/27563.txt,"LucidCMS 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-04-03,"Rusydi Hasan",php,webapps,0 @@ -29406,14 +29406,14 @@ id,file,description,date,author,platform,type,port 27632,platforms/php/webapps/27632.txt,"phpMyAdmin 2.7 - 'sql.php' Cross-Site Scripting",2005-10-31,p0w3r,php,webapps,0 27638,platforms/php/webapps/27638.pl,"SimpleBBS 1.0.6/1.0.7/1.1 - Arbitrary Command Execution",2006-04-13,rUnViRuS,php,webapps,0 27642,platforms/php/webapps/27642.txt,"AR-Blog 5.2 - print.php Cross-Site Scripting",2006-04-14,ALMOKANN3,php,webapps,0 -27643,platforms/php/webapps/27643.php,"PHPAlbum 0.2.2/0.2.3/4.1 - Language.php File Inclusion",2006-04-15,rgod,php,webapps,0 +27643,platforms/php/webapps/27643.php,"PHPAlbum 0.2.2/0.2.3/4.1 - 'Language.php' File Inclusion",2006-04-15,rgod,php,webapps,0 27644,platforms/php/webapps/27644.txt,"PlanetSearch + - Planetsearchplus.php Cross-Site Scripting",2006-04-13,d4igoro,php,webapps,0 27645,platforms/php/webapps/27645.txt,"PowerClan 1.14 - 'member.php' SQL Injection",2006-04-13,d4igoro,php,webapps,0 27646,platforms/php/webapps/27646.txt,"LifeType 1.0.3 - 'index.php' Cross-Site Scripting",2006-04-13,"Rusydi Hasan",php,webapps,0 27647,platforms/php/webapps/27647.txt,"Papoo 2.1.x - print.php Cross-Site Scripting",2006-04-14,"Rusydi Hasan",php,webapps,0 27648,platforms/php/webapps/27648.txt,"MODx CMS 0.9.1 - 'index.php' Cross-Site Scripting",2006-04-14,"Rusydi Hasan",php,webapps,0 27649,platforms/php/webapps/27649.txt,"MODx CMS 0.9.1 - 'index.php' Directory Traversal",2006-04-14,"Rusydi Hasan",php,webapps,0 -27650,platforms/php/webapps/27650.txt,"Farsinews 2.1/2.5 - search.php Cross-Site Scripting",2006-04-14,"amin emami",php,webapps,0 +27650,platforms/php/webapps/27650.txt,"Farsinews 2.1/2.5 - 'search.php' Cross-Site Scripting",2006-04-14,"amin emami",php,webapps,0 27651,platforms/php/webapps/27651.txt,"Tiny Web Gallery 1.4 - 'index.php' Cross-Site Scripting",2006-04-15,Qex,php,webapps,0 27652,platforms/php/webapps/27652.txt,"Quack Chat 1.0 - Multiple Vulnerabilities",2013-08-17,"Dylan Irzi",php,webapps,80 27970,platforms/php/webapps/27970.txt,"CyBoards PHP Lite 1.21/1.25 - Common.php Remote File Inclusion",2006-06-05,SpC-x,php,webapps,0 @@ -29549,7 +29549,7 @@ id,file,description,date,author,platform,type,port 27816,platforms/asp/webapps/27816.txt,"CyberBuild - browse0.htm ProductIndex Parameter Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 27817,platforms/asp/webapps/27817.txt,"CyberBuild - result.asp Multiple Parameter Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 27818,platforms/php/webapps/27818.txt,"Invision Power Board 2.0/2.1 - 'index.php' SQL Injection",2006-05-04,almaster,php,webapps,0 -27819,platforms/php/webapps/27819.txt,"CuteNews 1.4.1 - search.php Multiple Parameter Cross-Site Scripting",2006-05-05,NST,php,webapps,0 +27819,platforms/php/webapps/27819.txt,"CuteNews 1.4.1 - 'search.php' Multiple Parameter Cross-Site Scripting",2006-05-05,NST,php,webapps,0 27821,platforms/php/webapps/27821.html,"OpenFAQ 0.4 - Validate.php HTML Injection",2006-05-06,"Kamil Sienicki",php,webapps,0 27822,platforms/php/webapps/27822.txt,"MyBloggie 2.1.2/2.1.3 - BBCode IMG Tag HTML Injection",2006-05-06,zerogue,php,webapps,0 27823,platforms/php/webapps/27823.txt,"openEngine 1.7/1.8 - Template Unauthorized Access",2006-05-08,ck@caroli.info,php,webapps,0 @@ -29605,9 +29605,9 @@ id,file,description,date,author,platform,type,port 27895,platforms/cgi/webapps/27895.txt,"Cosmoshop 8.10.78/8.11.106 - Lshop.cgi SQL Injection",2006-05-18,l0om,cgi,webapps,0 27896,platforms/asp/webapps/27896.txt,"ASPBB 0.5.2 - default.asp action Parameter Cross-Site Scripting",2006-05-18,TeufeL,asp,webapps,0 27897,platforms/asp/webapps/27897.txt,"ASPBB 0.5.2 - profile.asp get Parameter Cross-Site Scripting",2006-05-18,TeufeL,asp,webapps,0 -27898,platforms/asp/webapps/27898.txt,"CodeAvalanche News 1.2 - default.asp SQL Injection",2006-05-19,omnipresent,asp,webapps,0 +27898,platforms/asp/webapps/27898.txt,"CodeAvalanche News 1.2 - 'default.asp' SQL Injection",2006-05-19,omnipresent,asp,webapps,0 27899,platforms/php/webapps/27899.txt,"JemWeb DownloadControl 1.0 - DC.php SQL Injection",2006-05-19,Luny,php,webapps,0 -27900,platforms/php/webapps/27900.txt,"Artmedic NewsLetter 4.1 - Log.php Remote Script Execution",2006-05-19,C.Schmitz,php,webapps,0 +27900,platforms/php/webapps/27900.txt,"Artmedic NewsLetter 4.1 - 'Log.php' Remote Script Execution",2006-05-19,C.Schmitz,php,webapps,0 27904,platforms/php/webapps/27904.txt,"DoceboLms 2.0.x/3.0.x / DoceboKms 3.0.3 / Docebo CMS 3.0.x - Multiple Remote File Inclusion",2006-05-23,Kacper,php,webapps,0 27905,platforms/php/webapps/27905.txt,"DoceboLms 2.0.x - Lang Parameter Multiple Remote File Inclusion",2006-05-26,beford,php,webapps,0 27907,platforms/php/webapps/27907.txt,"SaPHPLesson 2.0 - show.php SQL Injection",2006-05-27,SwEET-DeViL,php,webapps,0 @@ -29804,7 +29804,7 @@ id,file,description,date,author,platform,type,port 28193,platforms/asp/webapps/28193.txt,"Webvizyon - SayfalaAltList.asp SQL Injection",2006-07-08,StorMBoY,asp,webapps,0 28195,platforms/php/webapps/28195.txt,"RW::Download - stats.php Remote File Inclusion",2006-07-08,StorMBoY,php,webapps,0 28199,platforms/php/webapps/28199.txt,"Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusion",2006-07-09,h4ntu,php,webapps,0 -28200,platforms/php/webapps/28200.txt,"Farsinews 3.0 - Tiny_mce_gzip.php Directory Traversal",2006-07-10,armin390,php,webapps,0 +28200,platforms/php/webapps/28200.txt,"Farsinews 3.0 - 'Tiny_mce_gzip.php' Directory Traversal",2006-07-10,armin390,php,webapps,0 28201,platforms/php/webapps/28201.txt,"Graffiti Forums 1.0 - Topics.php SQL Injection",2006-07-10,Paisterist,php,webapps,0 28203,platforms/asp/webapps/28203.txt,"Hosting Controller 1.x - error.asp Cross-Site Scripting",2006-07-11,Dea7h,asp,webapps,0 28204,platforms/php/webapps/28204.txt,"SaPHPLesson 2.0 - add.php SQL Injection",2006-07-11,C.B.B.L,php,webapps,0 @@ -29924,8 +29924,8 @@ id,file,description,date,author,platform,type,port 28411,platforms/php/webapps/28411.txt,"DieselScripts Job Site - Forgot.php Multiple Cross-Site Scripting Vulnerabilities",2006-08-21,night_warrior771,php,webapps,0 28412,platforms/php/webapps/28412.txt,"DieselScripts DieselPay - 'index.php' Cross-Site Scripting",2006-08-21,night_warrior771,php,webapps,0 28413,platforms/php/webapps/28413.txt,"cPanel 10.x - dohtaccess.html dir Parameter Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 -28414,platforms/php/webapps/28414.txt,"cPanel 10.x - editit.html file Parameter Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 -28415,platforms/php/webapps/28415.txt,"cPanel 10.x - showfile.html file Parameter Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 +28414,platforms/php/webapps/28414.txt,"cPanel 10.x - 'editit.html' File Parameter Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 +28415,platforms/php/webapps/28415.txt,"cPanel 10.x - 'showfile.html' File Parameter Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 28416,platforms/php/webapps/28416.txt,"Mambo Component EstateAgent 1.0.2 - MosConfig_absolute_path Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 28417,platforms/php/webapps/28417.txt,"ToendaCMS 0.x/1.0.x - TCMS_Administer Parameter Remote File Inclusion",2006-08-21,You_You,php,webapps,0 28418,platforms/php/webapps/28418.txt,"PHProjekt Content Management Module 0.6.1 - Multiple Remote File Inclusion",2006-08-21,"the master",php,webapps,0 @@ -29951,7 +29951,7 @@ id,file,description,date,author,platform,type,port 28444,platforms/php/webapps/28444.txt,"Alstrasoft Template Seller - Config[Template_Path] Multiple Remote File Inclusion",2006-08-30,night_warrior771,php,webapps,0 28446,platforms/php/webapps/28446.txt,"HLstats 1.34 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-08-30,MC.Iglo,php,webapps,0 28447,platforms/php/webapps/28447.php,"osCommerce 2.1/2.2 - product_info.php SQL Injection",2006-08-30,"James Bercegay",php,webapps,0 -28749,platforms/php/webapps/28749.txt,"osCommerce 2.2 - admin/newsletters.php page Parameter Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 +28749,platforms/php/webapps/28749.txt,"osCommerce 2.2 - 'admin/newsletters.php' page Parameter Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28750,platforms/php/webapps/28750.txt,"osCommerce 2.2 - admin/orders_status.php page Parameter Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28751,platforms/php/webapps/28751.txt,"osCommerce 2.2 - admin/products_attributes.php page Parameter Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28464,platforms/php/webapps/28464.txt,"VisualShapers EZContents 2.0.3 - Headeruserdata.php SQL Injection",2006-08-30,DarkFig,php,webapps,0 @@ -29965,7 +29965,7 @@ id,file,description,date,author,platform,type,port 28455,platforms/php/webapps/28455.txt,"EZContents 2.0 - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28456,platforms/php/webapps/28456.txt,"EZContents 2.0.3 - showguestbook.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28457,platforms/php/webapps/28457.txt,"EZContents 2.0.3 - showlinks.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 -28458,platforms/php/webapps/28458.txt,"EZContents 2.0.3 - shownews.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28458,platforms/php/webapps/28458.txt,"EZContents 2.0.3 - 'shownews.php' GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28459,platforms/php/webapps/28459.txt,"EZContents 2.0.3 - showpoll.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28460,platforms/php/webapps/28460.txt,"EZContents 2.0.3 - review_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28461,platforms/php/webapps/28461.txt,"EZContents 2.0.3 - search.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 @@ -30027,10 +30027,10 @@ id,file,description,date,author,platform,type,port 28546,platforms/php/webapps/28546.txt,"e107 website system 0.7.5 - download.php Query String (PATH_INFO) Parameter Cross-Site Scripting",2006-09-13,zark0vac,php,webapps,0 28547,platforms/php/webapps/28547.txt,"e107 website system 0.7.5 - admin.php Query String (PATH_INFO) Parameter Cross-Site Scripting",2006-09-13,zark0vac,php,webapps,0 28548,platforms/php/webapps/28548.txt,"e107 website system 0.7.5 - fpw.php Query String (PATH_INFO) Parameter Cross-Site Scripting",2006-09-13,zark0vac,php,webapps,0 -28549,platforms/php/webapps/28549.txt,"e107 website system 0.7.5 - news.php Query String (PATH_INFO) Parameter Cross-Site Scripting",2006-09-13,zark0vac,php,webapps,0 +28549,platforms/php/webapps/28549.txt,"e107 website system 0.7.5 - 'news.php' Query String 'PATH_INFO' Parameter Cross-Site Scripting",2006-09-13,zark0vac,php,webapps,0 28551,platforms/php/webapps/28551.txt,"e107 website system 0.7.5 - search.php Query String (PATH_INFO) Parameter Cross-Site Scripting",2006-09-13,zark0vac,php,webapps,0 28552,platforms/php/webapps/28552.txt,"e107 website system 0.7.5 - signup.php Query String (PATH_INFO) Parameter Cross-Site Scripting",2006-09-13,zark0vac,php,webapps,0 -28554,platforms/php/webapps/28554.txt,"e107 website system 0.7.5 - submitnews.php Query String (PATH_INFO) Parameter Cross-Site Scripting",2006-09-13,zark0vac,php,webapps,0 +28554,platforms/php/webapps/28554.txt,"e107 website system 0.7.5 - 'submitnews.php' Query String 'PATH_INFO' Parameter Cross-Site Scripting",2006-09-13,zark0vac,php,webapps,0 28555,platforms/hardware/webapps/28555.txt,"Good for Enterprise 2.2.2.1611 - Cross-Site Scripting",2013-09-25,Mario,hardware,webapps,0 28556,platforms/php/webapps/28556.txt,"e107 website system 0.7.5 - user.php Query String (PATH_INFO) Parameter Cross-Site Scripting",2006-09-13,zark0vac,php,webapps,0 28557,platforms/php/webapps/28557.txt,"X2CRM 3.4.1 - Multiple Vulnerabilities",2013-09-25,"High-Tech Bridge SA",php,webapps,80 @@ -30073,7 +30073,7 @@ id,file,description,date,author,platform,type,port 28598,platforms/php/webapps/28598.txt,"IDevSpot BizDirectory 1.9 - Multiple Cross-Site Scripting Vulnerabilities",2006-09-18,s3rv3r_hack3r,php,webapps,0 28599,platforms/php/webapps/28599.txt,"NixieAffiliate 1.9 - lostpassword.php Cross-Site Scripting",2006-09-18,s3rv3r_hack3r,php,webapps,0 28600,platforms/asp/webapps/28600.txt,"EShoppingPro 1.0 - Search_Run.asp SQL Injection",2006-09-18,ajann,asp,webapps,0 -28601,platforms/php/webapps/28601.txt,"PT News 1.7.8 - search.php Cross-Site Scripting",2006-09-18,Snake,php,webapps,0 +28601,platforms/php/webapps/28601.txt,"PT News 1.7.8 - 'search.php' Cross-Site Scripting",2006-09-18,Snake,php,webapps,0 28603,platforms/php/webapps/28603.txt,"Innovate Portal 2.0 - 'index.php' Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 28604,platforms/php/webapps/28604.txt,"ESyndiCat 1.5 - search.php Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 28605,platforms/jsp/webapps/28605.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - downloadfile Servlet Traversal Arbitrary File Access",2006-09-20,"Tan Chew Keong",jsp,webapps,0 @@ -30135,7 +30135,7 @@ id,file,description,date,author,platform,type,port 28669,platforms/php/webapps/28669.txt,"BirdBlog 1.x - user.php uid Parameter Cross-Site Scripting",2006-09-25,Root3r_H3ll,php,webapps,0 28670,platforms/php/webapps/28670.txt,"DanPHPSupport 0.5 - 'index.php' page Parameter Cross-Site Scripting",2006-09-25,You_You,php,webapps,0 28671,platforms/php/webapps/28671.txt,"DanPHPSupport 0.5 - admin.php do Parameter Cross-Site Scripting",2006-09-25,You_You,php,webapps,0 -28672,platforms/php/webapps/28672.pl,"BBSNew 2.0.1 - index2.php Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 +28672,platforms/php/webapps/28672.pl,"BBSNew 2.0.1 - 'index2.php' Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28673,platforms/php/webapps/28673.txt,"Exporia 0.3 - Common.php Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28674,platforms/php/webapps/28674.pl,"Back-End CMS 0.4.5 - admin/index.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28675,platforms/php/webapps/28675.txt,"Back-End CMS 0.4.5 - Facts.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 @@ -30143,10 +30143,10 @@ id,file,description,date,author,platform,type,port 28684,platforms/php/webapps/28684.txt,"Gnew 2013.1 - Multiple Vulnerabilities (2)",2013-10-02,"High-Tech Bridge SA",php,webapps,80 28685,platforms/php/webapps/28685.txt,"GLPI 0.84.1 - Multiple Vulnerabilities",2013-10-02,"High-Tech Bridge SA",php,webapps,0 28686,platforms/php/webapps/28686.txt,"My-BIC 0.6.5 - Mybic_Server.php Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 -28687,platforms/php/webapps/28687.txt,"PHP_news 2.0 - user_user.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 -28688,platforms/php/webapps/28688.txt,"PHP_news 2.0 - admin/news.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 -28689,platforms/php/webapps/28689.txt,"PHP_news 2.0 - admin/catagory.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 -28690,platforms/php/webapps/28690.txt,"PHP_news 2.0 - creat_news_all.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 +28687,platforms/php/webapps/28687.txt,"PHP_news 2.0 - 'user_user.php' language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 +28688,platforms/php/webapps/28688.txt,"PHP_news 2.0 - 'admin/news.php' language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 +28689,platforms/php/webapps/28689.txt,"PHP_news 2.0 - 'admin/catagory.php' language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 +28690,platforms/php/webapps/28690.txt,"PHP_news 2.0 - 'creat_news_all.php' language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28691,platforms/php/webapps/28691.txt,"Quickblogger 1.4 - Remote File Inclusion",2006-09-25,You_You,php,webapps,0 28692,platforms/php/webapps/28692.txt,"Phoenix Evolution CMS - 'index.php' Multiple Parameter Cross-Site Scripting",2006-09-26,Root3r_H3ll,php,webapps,0 28693,platforms/php/webapps/28693.txt,"Phoenix Evolution CMS - modules/pageedit/index.php pageid Parameter Cross-Site Scripting",2006-09-26,Root3r_H3ll,php,webapps,0 @@ -30215,7 +30215,7 @@ id,file,description,date,author,platform,type,port 28781,platforms/php/webapps/28781.txt,"BlueShoes Framework 4.6 - GoogleSearch.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 28782,platforms/php/webapps/28782.txt,"Tagit2b - DelTagUser.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 28783,platforms/php/webapps/28783.txt,"MySQLDumper 1.21 - 'sql.php' Cross-Site Scripting",2006-10-10,Crackers_Child,php,webapps,0 -28784,platforms/php/webapps/28784.txt,"Gcards 1.13 - Addnews.php Remote File Inclusion",2006-10-11,"DeatH VirUs",php,webapps,0 +28784,platforms/php/webapps/28784.txt,"Gcards 1.13 - 'Addnews.php' Remote File Inclusion",2006-10-11,"DeatH VirUs",php,webapps,0 28786,platforms/php/webapps/28786.pl,"CommunityPortals 1.0 - bug.php Remote File Inclusion",2006-10-11,"Nima Salehi",php,webapps,0 28787,platforms/php/webapps/28787.txt,"Dokeos 1.6.4 - Multiple Remote File Inclusions Vulnerabilities",2006-10-11,viper-haCker,php,webapps,0 28790,platforms/php/webapps/28790.txt,"phpList 2.x - Public Pages MultipleCross-Site Scripting Vulnerabilities",2006-10-12,"Michiel Dethmers",php,webapps,0 @@ -30296,7 +30296,7 @@ id,file,description,date,author,platform,type,port 28898,platforms/php/webapps/28898.txt,"FreeWebShop 2.2 - 'index.php' SQL Injection",2006-11-02,Spiked,php,webapps,0 28899,platforms/php/webapps/28899.txt,"NewP News Publishing System 1.0 - Class.Database.php Remote File Inclusion",2006-11-07,navairum,php,webapps,0 28900,platforms/php/webapps/28900.txt,"ac4p Mobile - 'index.php' Multiple Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0 -28901,platforms/php/webapps/28901.txt,"ac4p Mobile - MobileNews.php Multiple Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0 +28901,platforms/php/webapps/28901.txt,"ac4p Mobile - 'MobileNews.php' Multiple Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0 28902,platforms/php/webapps/28902.txt,"ac4p Mobile - 'polls.php' Multiple Parameter Cross-Site Scripting (1)",2006-11-03,AL-garnei,php,webapps,0 28903,platforms/php/webapps/28903.txt,"ac4p Mobile - send.php cats Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0 28904,platforms/php/webapps/28904.txt,"ac4p Mobile - up.php Multiple Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0 @@ -30339,7 +30339,7 @@ id,file,description,date,author,platform,type,port 28945,platforms/php/webapps/28945.txt,"PHPMyChat Plus 1.9 - Multiple Local File Inclusion",2006-11-08,ajann,php,webapps,0 28946,platforms/php/webapps/28946.txt,"Portix-PHP 0.4.2 - Multiple SQL Injections",2006-11-08,"Benjamin Moss",php,webapps,0 28947,platforms/php/webapps/28947.txt,"Speedywiki 2.0/2.1 - Multiple Input Validation Vulnerabilities",2006-11-08,"laurent gaffie",php,webapps,0 -28949,platforms/php/webapps/28949.txt,"bitweaver 1.x - newsletters/edition.php tk Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 +28949,platforms/php/webapps/28949.txt,"bitweaver 1.x - 'newsletters/edition.php' tk Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 28950,platforms/php/webapps/28950.txt,"LandShop 0.6.3 - ls.php Multiple Parameter Cross-Site Scripting",2006-11-09,"laurent gaffie",php,webapps,0 28951,platforms/php/webapps/28951.txt,"LandShop 0.6.3 - ls.php Multiple Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 28952,platforms/php/webapps/28952.txt,"Omnistar Article Manager - Multiple SQL Injections",2006-11-09,"Benjamin Moss",php,webapps,0 @@ -30363,7 +30363,7 @@ id,file,description,date,author,platform,type,port 28979,platforms/linux/webapps/28979.txt,"DornCMS Application 1.4 - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,linux,webapps,0 28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 - 'functions.php' Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0 28982,platforms/php/webapps/28982.txt,"cPanel 10 - seldir.html dir Parameter Cross-Site Scripting",2006-11-13,"Aria-Security Team",php,webapps,0 -28983,platforms/php/webapps/28983.txt,"cPanel 10 - newuser.html Multiple Parameter Cross-Site Scripting",2006-11-13,"Aria-Security Team",php,webapps,0 +28983,platforms/php/webapps/28983.txt,"cPanel 10 - 'newuser.html' Multiple Parameter Cross-Site Scripting",2006-11-13,"Aria-Security Team",php,webapps,0 28985,platforms/asp/webapps/28985.txt,"20/20 Real Estate 3.2 - listings.asp SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 28986,platforms/asp/webapps/28986.asp,"ASP Portal 2.0/3.x/4.0 - Default1.asp SQL Injection",2006-11-13,ajann,asp,webapps,0 28988,platforms/php/webapps/28988.txt,"Roundcube Webmail 0.1 - 'index.php' Cross-Site Scripting",2006-11-13,RSnake,php,webapps,0 @@ -30580,9 +30580,9 @@ id,file,description,date,author,platform,type,port 29264,platforms/php/webapps/29264.txt,"Onpub CMS 1.4 / 1.5 - Multiple SQL Injections",2013-10-28,Vulnerability-Lab,php,webapps,0 29265,platforms/php/webapps/29265.txt,"ILIAS eLearning CMS 4.3.4 < 4.4 - Persistent Cross-Site Scripting",2013-10-29,Vulnerability-Lab,php,webapps,0 29266,platforms/hardware/webapps/29266.txt,"Stem Innovation - 'IZON' Hard-Coded Credentials",2013-10-29,"Mark Stanislav",hardware,webapps,0 -29267,platforms/php/webapps/29267.txt,"ProNews 1.5 - admin/change.php Multiple Parameter Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29268,platforms/php/webapps/29268.txt,"ProNews 1.5 - lire-avis.php aa Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29269,platforms/php/webapps/29269.txt,"ProNews 1.5 - lire-avis.php aa Parameter Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29267,platforms/php/webapps/29267.txt,"ProNews 1.5 - 'admin/change.php' Multiple Parameter Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29268,platforms/php/webapps/29268.txt,"ProNews 1.5 - 'lire-avis.php' aa Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 +29269,platforms/php/webapps/29269.txt,"ProNews 1.5 - 'lire-avis.php' aa Parameter Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 29270,platforms/php/webapps/29270.txt,"MXBB Profile Control Panel 0.91c - Module Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 29271,platforms/asp/webapps/29271.txt,"AppIntellect SpotLight CRM - 'login.asp' SQL Injection",2006-12-09,ajann,asp,webapps,0 29272,platforms/php/webapps/29272.txt,"CMS Made Simple 1.0.2 - 'SearchInput' Parameter Cross-Site Scripting",2006-12-11,Nicokiller,php,webapps,0 @@ -30731,7 +30731,7 @@ id,file,description,date,author,platform,type,port 29484,platforms/php/webapps/29484.txt,"Indexu 5.0/5.3 - search.php keyword Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29485,platforms/php/webapps/29485.txt,"Indexu 5.0/5.3 - register.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29486,platforms/php/webapps/29486.txt,"Indexu 5.0/5.3 - power_search.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 -29487,platforms/php/webapps/29487.txt,"Indexu 5.0/5.3 - new.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 +29487,platforms/php/webapps/29487.txt,"Indexu 5.0/5.3 - 'new.php' Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29488,platforms/php/webapps/29488.txt,"Indexu 5.0/5.3 - mailing_list.php Multiple Variables Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29489,platforms/php/webapps/29489.txt,"Indexu 5.0/5.3 - 'login.php' Error_msg Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29491,platforms/php/webapps/29491.txt,"MyBloggie 2.1.5 - 'index.php' Cross-Site Scripting",2007-01-17,CorryL,php,webapps,0 @@ -30799,10 +30799,10 @@ id,file,description,date,author,platform,type,port 29559,platforms/php/webapps/29559.txt,"EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities",2007-02-02,"Tal Argoni",php,webapps,0 29560,platforms/php/webapps/29560.txt,"PHPProbid 5.24 - Lang.php Remote File Inclusion",2007-02-02,"Hasadya Raed",php,webapps,0 29561,platforms/php/webapps/29561.txt,"Uebimiau 2.7.10 - 'index.php' Cross-Site Scripting",2007-02-02,Doz,php,webapps,0 -29562,platforms/php/webapps/29562.txt,"PortailPHP 2 - mod_news/index.php chemin Parameter Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 +29562,platforms/php/webapps/29562.txt,"PortailPHP 2 - 'mod_news/index.php' chemin Parameter Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 29563,platforms/php/webapps/29563.txt,"PortailPHP 2 - mod_news/goodies.php chemin Parameter Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 -29564,platforms/php/webapps/29564.txt,"PortailPHP 2 - mod_news/index.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 -29565,platforms/php/webapps/29565.txt,"PortailPHP 2 - mod_news/goodies.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 +29564,platforms/php/webapps/29564.txt,"PortailPHP 2 - 'mod_news/index.php' chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 +29565,platforms/php/webapps/29565.txt,"PortailPHP 2 - 'mod_news/goodies.php' chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 29566,platforms/php/webapps/29566.txt,"PortailPHP 2 - mod_search/index.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 29567,platforms/cfm/webapps/29567.txt,"Adobe ColdFusion 6/7 - User_Agent Error Page Cross-Site Scripting",2007-02-05,digi7al64,cfm,webapps,0 29568,platforms/php/webapps/29568.txt,"Coppermine Photo Gallery 1.4.10 - Multiple Remote File Inclusion / Local File Inclusion",2007-02-05,anonymous,php,webapps,0 @@ -30810,7 +30810,7 @@ id,file,description,date,author,platform,type,port 29570,platforms/hardware/webapps/29570.txt,"TOSHIBA e-Studio 232/233/282/283 - Cross-Site Request Forgery (Change Admin Password)",2013-11-13,"Hubert Gradek",hardware,webapps,0 29571,platforms/php/webapps/29571.txt,"SYSCP 1.2.15 - System Control Panel CronJob Arbitrary Code Execution",2007-02-07,"Daniel Schulte",php,webapps,0 29572,platforms/php/webapps/29572.txt,"cPanel 11 - PassWDMySQL Cross-Site Scripting",2007-02-08,s3rv3r_hack3r,php,webapps,0 -29574,platforms/php/webapps/29574.php,"eXtreme File Hosting - Arbitrary .RAR File Upload",2007-02-09,"hamed bazargani",php,webapps,0 +29574,platforms/php/webapps/29574.php,"eXtreme File Hosting - Arbitrary '.RAR' File Upload",2007-02-09,"hamed bazargani",php,webapps,0 29576,platforms/jsp/webapps/29576.txt,"Atlassian JIRA 3.7.3 - BrowseProject.JSPA Cross-Site Scripting",2007-02-09,BL4CK,jsp,webapps,0 29578,platforms/php/webapps/29578.txt,"Tagit! Tagit2b 2.1.B Build 2 - tagviewer.php Multiple Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29579,platforms/php/webapps/29579.txt,"Tagit! Tagit2b 2.1.B Build 2 - tag_process.php Multiple Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 @@ -30849,7 +30849,7 @@ id,file,description,date,author,platform,type,port 29622,platforms/asp/webapps/29622.txt,"Design4Online - Userpages2 Page.asp SQL Injection",2007-02-20,xoron,asp,webapps,0 29623,platforms/cgi/webapps/29623.txt,"Google Desktop - Cross-Site Scripting",2007-02-21,"Yair Amit",cgi,webapps,0 29624,platforms/php/webapps/29624.txt,"CedStat 1.31 - 'index.php' Cross-Site Scripting",2007-02-21,sn0oPy,php,webapps,0 -29625,platforms/php/webapps/29625.txt,"phpTrafficA 1.4.1 - plotStat.php file Parameter Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 +29625,platforms/php/webapps/29625.txt,"phpTrafficA 1.4.1 - 'plotStat.php' File Parameter Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 29626,platforms/php/webapps/29626.txt,"phpTrafficA 1.4.1 - banref.php lang Parameter Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 29627,platforms/php/webapps/29627.php,"Magic News Plus 1.0.2 - preview.php PHP_script_path Parameter Remote File Inclusion",2007-02-21,"HACKERS PAL",php,webapps,0 29628,platforms/php/webapps/29628.txt,"Magic News Plus 1.0.2 - news.php link_Parameters Parameter Cross-Site Scripting",2007-02-21,"HACKERS PAL",php,webapps,0 @@ -30897,9 +30897,9 @@ id,file,description,date,author,platform,type,port 29675,platforms/asp/webapps/29675.txt,"Kaseya < 6.3.0.2 - Arbitrary File Upload",2013-11-18,Security-Assessment.com,asp,webapps,0 29789,platforms/php/webapps/29789.txt,"LimeSurvey 2.00+ (build 131107) - Multiple Vulnerabilities",2013-11-23,LiquidWorm,php,webapps,0 29694,platforms/php/webapps/29694.txt,"S9Y Serendipity 1.1.1 - 'index.php' SQL Injection",2007-03-01,Samenspender,php,webapps,0 -29696,platforms/php/webapps/29696.txt,"aWebNews 1.1 - listing.php path_to_news Parameter Remote File Inclusion",2007-03-01,mostafa_ragab,php,webapps,0 -29697,platforms/php/webapps/29697.txt,"Built2go News Manager 1.0 Blog - news.php Multiple Parameter Cross-Site Scripting",2007-03-01,the_Edit0r,php,webapps,0 -29698,platforms/php/webapps/29698.txt,"Built2go News Manager 1.0 Blog - rating.php nid Parameter Cross-Site Scripting",2007-03-01,the_Edit0r,php,webapps,0 +29696,platforms/php/webapps/29696.txt,"aWebNews 1.1 - 'listing.php' path_to_news Parameter Remote File Inclusion",2007-03-01,mostafa_ragab,php,webapps,0 +29697,platforms/php/webapps/29697.txt,"Built2go News Manager 1.0 Blog - 'news.php' Multiple Parameter Cross-Site Scripting",2007-03-01,the_Edit0r,php,webapps,0 +29698,platforms/php/webapps/29698.txt,"Built2go News Manager 1.0 Blog - 'rating.php' nid Parameter Cross-Site Scripting",2007-03-01,the_Edit0r,php,webapps,0 29700,platforms/php/webapps/29700.txt,"Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities",2007-03-02,Samenspender,php,webapps,0 29701,platforms/php/webapps/29701.txt,"WordPress 2.1.1 - Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 29702,platforms/php/webapps/29702.txt,"WordPress 2.1.1 - 'wp-includes/theme.php' iz Variable Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 @@ -30917,8 +30917,8 @@ id,file,description,date,author,platform,type,port 29727,platforms/php/webapps/29727.txt,"Premod SubDog 2 - includes/functions_kb.php phpbb_root_path Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29728,platforms/php/webapps/29728.txt,"Premod SubDog 2 - includes/themen_portal_mitte.php phpbb_root_path Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29729,platforms/php/webapps/29729.txt,"Premod SubDog 2 - includes/logger_engine.php phpbb_root_path Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 -29730,platforms/php/webapps/29730.txt,"SoftNews 4.1/5.5 - engine/init.php root_dir Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 -29731,platforms/php/webapps/29731.txt,"SoftNews 4.1/5.5 - engine/Ajax/editnews.php root_dir Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 +29730,platforms/php/webapps/29730.txt,"SoftNews 4.1/5.5 - 'engine/init.php' root_dir Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 +29731,platforms/php/webapps/29731.txt,"SoftNews 4.1/5.5 - 'engine/Ajax/editnews.php' root_dir Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29733,platforms/php/webapps/29733.txt,"PHP-Nuke 8.2.4 - Multiple Vulnerabilities",2013-11-20,"Sojobo dev team",php,webapps,80 29736,platforms/php/webapps/29736.txt,"ClipShare 1.5.3 - 'ADODB-Connection.Inc.php' Remote File Inclusion",2007-03-12,"RaeD Hasadya",php,webapps,0 29737,platforms/php/webapps/29737.txt,"Weekly Drawing Contest 0.0.1 - Check_Vote.php Local File Inclusion",2007-03-13,"BorN To K!LL",php,webapps,0 @@ -31071,9 +31071,9 @@ id,file,description,date,author,platform,type,port 29899,platforms/php/webapps/29899.txt,"MyNewsGroups 0.6 - Include.php Remote File Inclusion",2007-04-25,"Ali and Saeid",php,webapps,0 29902,platforms/php/webapps/29902.txt,"PHPMyTGP 1.4 - AddVIP.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 29903,platforms/php/webapps/29903.txt,"Ahhp Portal - 'page.php' Multiple Remote File Inclusion",2007-04-25,CodeXpLoder'tq,php,webapps,0 -29904,platforms/php/webapps/29904.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2archives.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 -29905,platforms/php/webapps/29905.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2categories.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 -29906,platforms/php/webapps/29906.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2mail.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 +29904,platforms/php/webapps/29904.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2archives.php' b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 +29905,platforms/php/webapps/29905.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2categories.php' b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 +29906,platforms/php/webapps/29906.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2mail.php' b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 29907,platforms/php/webapps/29907.txt,"Comus 2.0 - Accept.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 29908,platforms/php/webapps/29908.txt,"SunShop Shopping Cart 3.5/4.0 - Multiple Remote File Inclusion",2007-04-25,s3rv3r_hack3r,php,webapps,0 29909,platforms/php/webapps/29909.txt,"HYIP Manager Pro - Multiple Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 @@ -31155,20 +31155,20 @@ id,file,description,date,author,platform,type,port 30066,platforms/php/webapps/30066.txt,"Jetbox CMS 2.1 - Multiple SQL Injections",2007-05-21,"Jesper Jurcenoks",php,webapps,0 30068,platforms/php/webapps/30068.txt,"Jetbox CMS 2.1 - Login Variable Cross-Site Scripting",2007-05-22,"Jesper Jurcenoks",php,webapps,0 30070,platforms/php/webapps/30070.html,"ClonusWiki 0.5 - 'index.php' HTML Injection",2007-05-22,"John Martinelli",php,webapps,0 -30071,platforms/php/webapps/30071.txt,"ABC Excel Parser Pro 4.0 - Parser_Path Remote File Inclusion",2007-05-22,the_Edit0r,php,webapps,0 +30071,platforms/php/webapps/30071.txt,"ABC Excel Parser Pro 4.0 - 'Parser_Path' Remote File Inclusion",2007-05-22,the_Edit0r,php,webapps,0 30073,platforms/php/webapps/30073.txt,"GMTT Music Distro 1.2 - ShowOwn.php Cross-Site Scripting",2007-05-22,CorryL,php,webapps,0 30075,platforms/php/webapps/30075.txt,"phpPgAdmin 4.1.1 - 'SQLEDIT.php' Cross-Site Scripting",2007-05-23,"Michal Majchrowicz",php,webapps,0 30076,platforms/php/webapps/30076.txt,"WYYS 1.0 - 'index.php' Cross-Site Scripting",2007-05-23,vagrant,php,webapps,0 30077,platforms/asp/webapps/30077.txt,"Cisco CallManager 4.1 - Search Form Cross-Site Scripting",2007-05-23,"Marc Ruef",asp,webapps,0 30079,platforms/php/webapps/30079.txt,"2z Project 0.9.5 - 'rating.php' Cross-Site Scripting",2007-05-23,"Janek Vind",php,webapps,0 -30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 - news.asp Cross-Site Scripting",2007-05-24,vagrant,php,webapps,0 +30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 - 'news.asp' Cross-Site Scripting",2007-05-24,vagrant,php,webapps,0 30082,platforms/php/webapps/30082.txt,"GNUTurk - Mods.php Cross-Site Scripting",2007-05-25,vagrant,php,webapps,0 30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 - (mod_notification) Persistent Cross-Site Scripting",2013-12-06,LiquidWorm,php,webapps,0 30084,platforms/php/webapps/30084.php,"WordPress Plugin page-flip-image-gallery - Arbitrary File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 - 'index.php' Cross-Site Scripting",2007-05-25,newbinaryfile,php,webapps,0 30087,platforms/php/webapps/30087.txt,"Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 30088,platforms/php/webapps/30088.txt,"Pligg CMS 9.5 - Reset Forgotten Password Security Bypass",2007-05-25,"242th section",php,webapps,0 -30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 - news.php SQL Injection",2007-05-28,"Jesper Jurcenoks",php,webapps,0 +30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 - 'news.php' SQL Injection",2007-05-28,"Jesper Jurcenoks",php,webapps,0 30097,platforms/php/webapps/30097.txt,"UebiMiau 2.7.10 - demo/pop3/error.php selected_theme Parameter Cross-Site Scripting",2007-05-29,"Michal Majchrowicz",php,webapps,0 30098,platforms/php/webapps/30098.txt,"UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Variable Full Path Disclosure",2007-05-29,"Michal Majchrowicz",php,webapps,0 30099,platforms/php/webapps/30099.txt,"DGNews 2.1 - NewsID Parameter SQL Injection",2007-05-28,"laurent gaffie",php,webapps,0 @@ -31454,7 +31454,7 @@ id,file,description,date,author,platform,type,port 30640,platforms/php/webapps/30640.txt,"Stuffed Guys Stuffed Tracker - Multiple Cross-Site Scripting Vulnerabilities",2007-10-04,"Aria-Security Team",php,webapps,0 30641,platforms/php/webapps/30641.txt,"AfterLogic MailBee WebMail Pro 3.x - 'login.php' mode Parameter Cross-Site Scripting",2007-10-05,"Ivan Sanchez",php,webapps,0 30642,platforms/php/webapps/30642.txt,"AfterLogic MailBee WebMail Pro 3.x - default.asp mode2 Parameter Cross-Site Scripting",2007-10-05,"Ivan Sanchez",php,webapps,0 -30647,platforms/php/webapps/30647.txt,"SNewsCMS 2.1 - News_page.php Cross-Site Scripting",2007-10-08,medconsultation.ru,php,webapps,0 +30647,platforms/php/webapps/30647.txt,"SNewsCMS 2.1 - 'News_page.php' Cross-Site Scripting",2007-10-08,medconsultation.ru,php,webapps,0 30649,platforms/cgi/webapps/30649.txt,"NetWin DNews - Dnewsweb.exe Multiple Cross-Site Scripting Vulnerabilities",2007-10-09,Doz,cgi,webapps,0 30651,platforms/php/webapps/30651.txt,"Joomla! Component WebMaster-Tips.net Joomla! RSS Feed Reader 1.0 - Remote File Inclusion",2007-10-10,Cyber-Crime,php,webapps,0 30653,platforms/php/webapps/30653.txt,"phpMyAdmin 2.11.1 - setup.php Cross-Site Scripting",2007-10-09,"Omer Singer",php,webapps,0 @@ -31569,18 +31569,18 @@ id,file,description,date,author,platform,type,port 30830,platforms/php/webapps/30830.txt,"Ossigeno CMS 2.2_pre1 - upload/xax/ossigeno/admin/uninstall_module.php level Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30831,platforms/php/webapps/30831.txt,"Ossigeno CMS 2.2_pre1 - ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php ossigeno Parameter Remote File Inclusion",2007-11-30,ShAy6oOoN,php,webapps,0 30836,platforms/php/webapps/30836.txt,"bcoos 1.0.10 - 'ratefile.php' SQL Injection",2007-11-30,Lostmon,php,webapps,0 -30841,platforms/asp/webapps/30841.txt,"Absolute News Manager .NET 5.1 - pages/default.aspx template Variable Remote File Access",2007-12-04,"Adrian Pastor",asp,webapps,0 -30842,platforms/asp/webapps/30842.txt,"Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx Multiple Parameter SQL Injection",2007-12-04,"Adrian Pastor",asp,webapps,0 -30843,platforms/asp/webapps/30843.txt,"Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx rmore Parameter Cross-Site Scripting",2007-12-04,"Adrian Pastor",asp,webapps,0 -30844,platforms/asp/webapps/30844.txt,"Absolute News Manager .NET 5.1 - pages/default.aspx template Parameter Cross-Site Scripting",2007-12-04,"Adrian Pastor",asp,webapps,0 -30845,platforms/asp/webapps/30845.txt,"Absolute News Manager .NET 5.1 - getpath.aspx Direct Request Error Message Information",2007-12-04,"Adrian Pastor",asp,webapps,0 +30841,platforms/asp/webapps/30841.txt,"Absolute News Manager .NET 5.1 - 'pages/default.aspx' template Variable Remote File Access",2007-12-04,"Adrian Pastor",asp,webapps,0 +30842,platforms/asp/webapps/30842.txt,"Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple Parameter SQL Injection",2007-12-04,"Adrian Pastor",asp,webapps,0 +30843,platforms/asp/webapps/30843.txt,"Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' rmore Parameter Cross-Site Scripting",2007-12-04,"Adrian Pastor",asp,webapps,0 +30844,platforms/asp/webapps/30844.txt,"Absolute News Manager .NET 5.1 - 'pages/default.aspx' template Parameter Cross-Site Scripting",2007-12-04,"Adrian Pastor",asp,webapps,0 +30845,platforms/asp/webapps/30845.txt,"Absolute News Manager .NET 5.1 - 'getpath.aspx' Direct Request Error Message Information",2007-12-04,"Adrian Pastor",asp,webapps,0 30846,platforms/php/webapps/30846.txt,"phpMyChat 0.14.5 - chat/deluser.php3 LIMIT Parameter Cross-Site Scripting",2007-12-04,beenudel1986,php,webapps,0 30847,platforms/php/webapps/30847.txt,"phpMyChat 0.14.5 - chat/users_popupL.php3 Multiple Parameter Cross-Site Scripting",2007-12-04,beenudel1986,php,webapps,0 30848,platforms/php/webapps/30848.txt,"Joomla! Component Content 1.5 RC3 - 'view' Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 30849,platforms/php/webapps/30849.txt,"Joomla! Component com_search 1.5 RC3 - 'index.php' Multiple Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 30851,platforms/php/webapps/30851.txt,"VisualShapers EZContents 1.4.5 - File Disclosure",2007-12-05,p4imi0,php,webapps,0 30852,platforms/php/webapps/30852.txt,"Kayako SupportSuite 3.0.32 - PHP_SELF Trigger_Error Function Cross-Site Scripting",2007-12-06,imei,php,webapps,0 -30853,platforms/php/webapps/30853.txt,"OpenNewsletter 2.5 - Compose.php Cross-Site Scripting",2007-12-06,Manu,php,webapps,0 +30853,platforms/php/webapps/30853.txt,"OpenNewsletter 2.5 - 'Compose.php' Cross-Site Scripting",2007-12-06,Manu,php,webapps,0 30854,platforms/php/webapps/30854.sh,"wwwstats 3.21 - Clickstats.php Multiple HTML Injection Vulnerabilities",2007-12-15,"Jesus Olmos Gonzalez",php,webapps,0 30855,platforms/asp/webapps/30855.txt,"WebDoc 3.0 - Multiple SQL Injections",2007-12-07,Chrysalid,asp,webapps,0 30857,platforms/php/webapps/30857.txt,"webSPELL 4.1.2 - usergallery.php galleryID Parameter Cross-Site Scripting",2007-12-10,Brainhead,php,webapps,0 @@ -31912,8 +31912,8 @@ id,file,description,date,author,platform,type,port 31374,platforms/php/webapps/31374.txt,"EasyImageCatalogue 1.31 - addcomment.php d Parameter Cross-Site Scripting",2008-03-12,ZoRLu,php,webapps,0 31375,platforms/php/webapps/31375.txt,"Drake CMS 0.4.11 RC8 - 'd_root' Parameter Local File Inclusion",2008-03-10,THE_MILLER,php,webapps,0 31377,platforms/php/webapps/31377.txt,"PHP-Nuke Hadith Module - 'cat' Parameter SQL Injection",2008-03-10,Lovebug,php,webapps,0 -31379,platforms/php/webapps/31379.txt,"EncapsGallery 1.11.2 - watermark.php file Parameter Cross-Site Scripting",2008-03-10,ZoRLu,php,webapps,0 -31380,platforms/php/webapps/31380.txt,"EncapsGallery 1.11.2 - catalog_watermark.php file Parameter Cross-Site Scripting",2008-03-10,ZoRLu,php,webapps,0 +31379,platforms/php/webapps/31379.txt,"EncapsGallery 1.11.2 - 'watermark.php' File Parameter Cross-Site Scripting",2008-03-10,ZoRLu,php,webapps,0 +31380,platforms/php/webapps/31380.txt,"EncapsGallery 1.11.2 - 'catalog_watermark.php' file Parameter Cross-Site Scripting",2008-03-10,ZoRLu,php,webapps,0 31382,platforms/php/webapps/31382.txt,"Joomla! / Mambo Component ensenanzas - 'id' Parameter SQL Injection",2008-03-11,The-0utl4w,php,webapps,0 31383,platforms/php/webapps/31383.txt,"PHP-Nuke NukeC30 3.0 Module - 'id_catg' Parameter SQL Injection",2008-03-11,Houssamix,php,webapps,0 31384,platforms/php/webapps/31384.txt,"PHP-Nuke zClassifieds Module - 'cat' Parameter SQL Injection",2008-03-11,Lovebug,php,webapps,0 @@ -31991,7 +31991,7 @@ id,file,description,date,author,platform,type,port 31492,platforms/php/webapps/31492.txt,"Quick Classifieds 1.0 - controlpannel/alterCats.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31493,platforms/php/webapps/31493.txt,"Quick Classifieds 1.0 - controlpannel/alterFeatured.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31494,platforms/php/webapps/31494.txt,"Quick Classifieds 1.0 - controlpannel/alterHomepage.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31495,platforms/php/webapps/31495.txt,"Quick Classifieds 1.0 - controlpannel/alterNews.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31495,platforms/php/webapps/31495.txt,"Quick Classifieds 1.0 - 'controlpannel/alterNews.php3' DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31496,platforms/php/webapps/31496.txt,"Quick Classifieds 1.0 - controlpannel/alterTheme.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31497,platforms/php/webapps/31497.txt,"Quick Classifieds 1.0 - controlpannel/color_help.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31498,platforms/php/webapps/31498.txt,"Quick Classifieds 1.0 - controlpannel/createdb.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 @@ -31999,7 +31999,7 @@ id,file,description,date,author,platform,type,port 31500,platforms/php/webapps/31500.txt,"Quick Classifieds 1.0 - controlpannel/createHomepage.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31501,platforms/php/webapps/31501.txt,"Quick Classifieds 1.0 - controlpannel/createL.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31502,platforms/php/webapps/31502.txt,"Quick Classifieds 1.0 - controlpannel/createM.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31503,platforms/php/webapps/31503.txt,"Quick Classifieds 1.0 - controlpannel/createNews.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31503,platforms/php/webapps/31503.txt,"Quick Classifieds 1.0 - 'controlpannel/createNews.php3' DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31504,platforms/php/webapps/31504.txt,"Quick Classifieds 1.0 - controlpannel/createP.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31505,platforms/php/webapps/31505.txt,"Quick Classifieds 1.0 - controlpannel/createS.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31506,platforms/php/webapps/31506.txt,"Quick Classifieds 1.0 - controlpannel/createT.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 @@ -32196,8 +32196,8 @@ id,file,description,date,author,platform,type,port 31798,platforms/php/webapps/31798.txt,"philboard 0.5 - W1L3D4_konuoku.asp id Parameter SQL Injection",2008-05-14,U238,php,webapps,0 31799,platforms/php/webapps/31799.txt,"philboard 0.5 - W1L3D4_konuya_mesaj_yaz.asp Multiple Parameter SQL Injection",2008-05-14,U238,php,webapps,0 31800,platforms/php/webapps/31800.pl,"SunShop Shopping Cart 3.5.1 - 'index.php' SQL Injection",2008-05-15,irvian,php,webapps,0 -31801,platforms/php/webapps/31801.txt,"ACGV News 0.9.1 - glossaire.php id Parameter SQL Injection",2008-05-16,ZoRLu,php,webapps,0 -31802,platforms/php/webapps/31802.txt,"ACGV News 0.9.1 - glossaire.php id Parameter Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 +31801,platforms/php/webapps/31801.txt,"ACGV News 0.9.1 - 'glossaire.php' id Parameter SQL Injection",2008-05-16,ZoRLu,php,webapps,0 +31802,platforms/php/webapps/31802.txt,"ACGV News 0.9.1 - 'glossaire.php' id Parameter Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 31803,platforms/php/webapps/31803.txt,"AN Guestbook 0.4 - 'send_email.php' Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 31804,platforms/php/webapps/31804.txt,"Digital Hive 2.0 - 'base_include.php' Local File Inclusion",2008-05-16,ZoRLu,php,webapps,0 31805,platforms/php/webapps/31805.txt,"PHP-Nuke 'KuiraniKerim' Module - 'sid' Parameter SQL Injection",2008-05-17,Lovebug,php,webapps,0 @@ -32292,7 +32292,7 @@ id,file,description,date,author,platform,type,port 31952,platforms/php/webapps/31952.txt,"Chipmunk Blog - 'archive.php' Cross-Site Scripting",2008-06-23,sl4xUz,php,webapps,0 31953,platforms/php/webapps/31953.txt,"Chipmunk Blog - 'cat.php' Cross-Site Scripting",2008-06-23,sl4xUz,php,webapps,0 31954,platforms/php/webapps/31954.txt,"Benja CMS 0.1 - /admin/admin_edit_submenu.php URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 -31955,platforms/php/webapps/31955.txt,"Benja CMS 0.1 - /admin/admin_new_submenu.php URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 +31955,platforms/php/webapps/31955.txt,"Benja CMS 0.1 - '/admin/admin_new_submenu.php' URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 31956,platforms/php/webapps/31956.txt,"Benja CMS 0.1 - /admin/admin_edit_topmenu.php URL Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 31960,platforms/php/webapps/31960.txt,"A+ PHP Scripts News Management System 0.3 - Multiple Input Validation Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 31961,platforms/php/webapps/31961.txt,"GDL 4.2 - Multiple Vulnerabilities",2014-02-27,ByEge,php,webapps,80 @@ -32365,7 +32365,7 @@ id,file,description,date,author,platform,type,port 32063,platforms/php/webapps/32063.txt,"Claroline 1.8.9 - document/document.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32064,platforms/php/webapps/32064.txt,"Claroline 1.8.9 - exercise/exercise.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32065,platforms/php/webapps/32065.txt,"Claroline 1.8.9 - group/group_space.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32066,platforms/php/webapps/32066.txt,"Claroline 1.8.9 - phpBB/newtopic.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32066,platforms/php/webapps/32066.txt,"Claroline 1.8.9 - 'phpBB/newtopic.php' URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32067,platforms/php/webapps/32067.txt,"Claroline 1.8.9 - phpBB/reply.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32068,platforms/php/webapps/32068.txt,"Claroline 1.8.9 - phpBB/viewtopic.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32069,platforms/php/webapps/32069.txt,"Claroline 1.8.9 - wiki/wiki.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 @@ -32496,9 +32496,9 @@ id,file,description,date,author,platform,type,port 33409,platforms/php/webapps/33409.txt,"Article Directory - 'login.php' SQL Injection",2009-12-16,"R3d D3v!L",php,webapps,0 32285,platforms/php/webapps/32285.txt,"vBulletin 3.6.10/3.7.2 - '$newpm[title]' Parameter Cross-Site Scripting",2008-08-20,"Core Security",php,webapps,0 32263,platforms/php/webapps/32263.txt,"Fonality trixbox - 'mac' Parameter Remote Code Injection",2014-03-14,i-Hmx,php,webapps,80 -32264,platforms/php/webapps/32264.txt,"Freeway 1.4.1.171 - french/account_newsletters.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 +32264,platforms/php/webapps/32264.txt,"Freeway 1.4.1.171 - 'french/account_newsletters.php' language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32265,platforms/php/webapps/32265.txt,"Freeway 1.4.1.171 - includes/modules/faqdesk/faqdesk_article_require.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 -32266,platforms/php/webapps/32266.txt,"Freeway 1.4.1.171 - includes/modules/newsdesk/newsdesk_article_require.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 +32266,platforms/php/webapps/32266.txt,"Freeway 1.4.1.171 - 'includes/modules/newsdesk/newsdesk_article_require.php' language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32267,platforms/php/webapps/32267.txt,"Freeway 1.4.1.171 - templates/Freeway/boxes/card1.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32268,platforms/php/webapps/32268.txt,"Freeway 1.4.1.171 - templates/Freeway/boxes/loginbox.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32269,platforms/php/webapps/32269.txt,"Freeway 1.4.1.171 - templates/Freeway/boxes/whos_online.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 @@ -32595,7 +32595,7 @@ id,file,description,date,author,platform,type,port 32461,platforms/php/webapps/32461.txt,"AmpJuke 0.7.5 - 'index.php' SQL Injection",2008-10-03,S_DLA_S,php,webapps,0 32462,platforms/php/webapps/32462.txt,"Simple Machines Forum (SMF) 1.1.6 - HTTP POST Request Filter Security Bypass",2008-10-06,WHK,php,webapps,0 32463,platforms/php/webapps/32463.txt,"PHP Web Explorer 0.99b - main.php refer Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 -32464,platforms/php/webapps/32464.txt,"PHP Web Explorer 0.99b - edit.php file Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 +32464,platforms/php/webapps/32464.txt,"PHP Web Explorer 0.99b - 'edit.php' File Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 32467,platforms/php/webapps/32467.txt,"Opera Web Browser 8.51 - URI redirection Remote Code Execution",2008-10-08,MATASANOS,php,webapps,0 32468,platforms/php/webapps/32468.txt,"DFFFrameworkAPI - 'DFF_config[dir_include]' Parameter Multiple Remote File Inclusion",2008-10-08,GoLd_M,php,webapps,0 32473,platforms/php/webapps/32473.txt,"Joomla! Component com_jeux - 'id' Parameter SQL Injection",2008-10-11,H!tm@N,php,webapps,0 @@ -33694,7 +33694,7 @@ id,file,description,date,author,platform,type,port 34467,platforms/php/webapps/34467.txt,"Edit-X PHP CMS - 'search_text' Parameter Cross-Site Scripting",2010-08-13,"High-Tech Bridge SA",php,webapps,0 34468,platforms/php/webapps/34468.html,"Mystic 0.1.4 - Multiple Cross-Site Scripting Vulnerabilities",2010-08-10,"High-Tech Bridge SA",php,webapps,0 34469,platforms/php/webapps/34469.html,"Onyx - Multiple Cross-Site Scripting Vulnerabilities",2010-08-10,"High-Tech Bridge SA",php,webapps,0 -34470,platforms/php/webapps/34470.txt,"Beex - news.php navaction Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 +34470,platforms/php/webapps/34470.txt,"Beex - 'news.php' navaction Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 34471,platforms/php/webapps/34471.txt,"Beex - partneralle.php navaction Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 34472,platforms/php/webapps/34472.txt,"PHPMass Real Estate - 'view_map.php' Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 34473,platforms/php/webapps/34473.txt,"Property Watch - email.php videoid Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 @@ -33757,7 +33757,7 @@ id,file,description,date,author,platform,type,port 34563,platforms/php/webapps/34563.txt,"OneCMS 2.6.1 - 'index.php' Cross-Site Scripting",2010-09-02,anT!-Tr0J4n,php,webapps,0 34564,platforms/php/webapps/34564.txt,"CMS WebManager-Pro - 'c.php' SQL Injection",2010-09-02,MustLive,php,webapps,0 34565,platforms/php/webapps/34565.txt,"NuSOAP 0.9.5 - 'nusoap.php' Cross-Site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 -34578,platforms/php/webapps/34578.txt,"WordPress Theme Acento - 'view-pdf.php file Parameter' Arbitrary File Download",2014-09-08,alieye,php,webapps,80 +34578,platforms/php/webapps/34578.txt,"WordPress Theme Acento - 'view-pdf.php' File Parameter Arbitrary File Download",2014-09-08,alieye,php,webapps,80 34581,platforms/php/webapps/34581.txt,"Zen Cart 1.5.3 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34571,platforms/php/webapps/34571.py,"Joomla! Component Spider Calendar 3.2.6 - SQL Injection",2014-09-08,"Claudio Viviani",php,webapps,0 34572,platforms/php/webapps/34572.txt,"WordPress Plugin Bulk Delete Users by Email 1.0 - Cross-Site Request Forgery",2014-09-08,"Fikri Fadzil",php,webapps,0 @@ -34085,7 +34085,7 @@ id,file,description,date,author,platform,type,port 35057,platforms/php/webapps/35057.py,"WordPress Plugin 0.9.7 / Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload",2014-10-25,"Claudio Viviani",php,webapps,0 35127,platforms/jsp/webapps/35127.txt,"Progress OpenEdge 11.2 - Directory Traversal",2014-10-31,"XLabs Security",jsp,webapps,9090 35060,platforms/php/webapps/35060.txt,"Aigaion 1.3.4 - 'ID' Parameter SQL Injection",2010-12-07,KnocKout,php,webapps,0 -35063,platforms/php/webapps/35063.txt,"Zimplit CMS - zimplit.php file Parameter Cross-Site Scripting",2010-12-07,"High-Tech Bridge SA",php,webapps,0 +35063,platforms/php/webapps/35063.txt,"Zimplit CMS - 'zimplit.php' File Parameter Cross-Site Scripting",2010-12-07,"High-Tech Bridge SA",php,webapps,0 35064,platforms/php/webapps/35064.txt,"Zimplit CMS - English_manual_version_2.php client Parameter Cross-Site Scripting",2010-12-07,"High-Tech Bridge SA",php,webapps,0 35065,platforms/asp/webapps/35065.txt,"SolarWinds Orion Network Performance Monitor (NPM) 10.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-07,x0skel,asp,webapps,0 35066,platforms/php/webapps/35066.txt,"WordPress Plugin Processing Embed 0.5 - 'pluginurl' Parameter Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 @@ -34613,7 +34613,7 @@ id,file,description,date,author,platform,type,port 35943,platforms/php/webapps/35943.txt,"Chyrp 2.x - admin/help.php Multiple Parameter Cross-Site Scripting",2011-07-13,Wireghoul,php,webapps,0 35944,platforms/php/webapps/35944.txt,"Chyrp 2.x - includes/JavaScript.php action Parameter Cross-Site Scripting",2011-07-13,Wireghoul,php,webapps,0 35945,platforms/php/webapps/35945.txt,"Chyrp 2.x - URI action Parameter Traversal Local File Inclusion",2011-07-29,Wireghoul,php,webapps,0 -35946,platforms/php/webapps/35946.txt,"Chyrp 2.x - includes/lib/gz.php file Parameter Traversal Arbitrary File Access",2011-07-29,Wireghoul,php,webapps,0 +35946,platforms/php/webapps/35946.txt,"Chyrp 2.x - 'includes/lib/gz.php' File Parameter Traversal Arbitrary File Access",2011-07-29,Wireghoul,php,webapps,0 35947,platforms/php/webapps/35947.txt,"Chyrp 2.x - swfupload Extension upload_handler.php Arbitrary File Upload / Arbitrary PHP Code Execution",2011-07-29,Wireghoul,php,webapps,0 35950,platforms/php/webapps/35950.txt,"NPDS CMS REvolution-13 - SQL Injection",2015-01-24,"Narendra Bhati",php,webapps,80 35954,platforms/php/webapps/35954.txt,"Auto Web Toolbox - 'id' Parameter SQL Injection",2011-07-15,Lazmania61,php,webapps,0 @@ -35086,7 +35086,7 @@ id,file,description,date,author,platform,type,port 36648,platforms/php/webapps/36648.txt,"OpenEMR 4.1 - Interface/patient_file/encounter/trend_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36649,platforms/php/webapps/36649.txt,"OpenEMR 4.1 - Interface/patient_file/encounter/load_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36650,platforms/php/webapps/36650.txt,"OpenEMR 4.1 - contrib/acog/print_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 -36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 - Interface/fax/fax_dispatch.php file Parameter exec() Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 +36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 - 'Interface/fax/fax_dispatch.php' File Parameter exec() Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0 36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 - 'server_id' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0 36656,platforms/php/webapps/36656.txt,"GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-02-02,sonyy,php,webapps,0 @@ -35346,7 +35346,7 @@ id,file,description,date,author,platform,type,port 37043,platforms/php/webapps/37043.txt,"osCMax 2.5 - admin/stats_customers.php sorted Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37044,platforms/php/webapps/37044.txt,"osCMax 2.5 - admin/information_manager.php information_id Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37045,platforms/php/webapps/37045.txt,"osCMax 2.5 - admin/geo_zones.php zID Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 -37046,platforms/php/webapps/37046.txt,"osCMax 2.5 - admin/new_attributes_include.php Multiple Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 +37046,platforms/php/webapps/37046.txt,"osCMax 2.5 - 'admin/new_attributes_include.php' Multiple Parameter Cross-Site Scripting",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37047,platforms/php/webapps/37047.html,"osCMax 2.5 - admin/login.php 'Username' Parameter SQL Injection",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37048,platforms/php/webapps/37048.txt,"osCMax 2.5 - admin/stats_monthly_sales.php status Parameter SQL Injection",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37050,platforms/php/webapps/37050.txt,"Chronosite 5.12 - SQL Injection",2015-05-18,Wadeek,php,webapps,0 @@ -35511,7 +35511,7 @@ id,file,description,date,author,platform,type,port 37312,platforms/php/webapps/37312.txt,"pragmaMx 1.12.1 - modules.php URI Cross-Site Scripting",2012-05-23,"High-Tech Bridge SA",php,webapps,0 37313,platforms/php/webapps/37313.txt,"pragmaMx 1.12.1 - includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php img_url Parameter Cross-Site Scripting",2012-05-23,"High-Tech Bridge SA",php,webapps,0 37314,platforms/php/webapps/37314.txt,"Yellow Duck Framework 2.0 Beta1 - Local File Disclosure",2012-05-23,L3b-r1'z,php,webapps,0 -37315,platforms/php/webapps/37315.txt,"PHPCollab 2.5 - uploadfile.php Crafted Request Arbitrary Non-PHP File Upload",2012-05-24,"team ' and 1=1--",php,webapps,0 +37315,platforms/php/webapps/37315.txt,"PHPCollab 2.5 - 'uploadfile.php' Crafted Request Arbitrary Non-PHP File Upload",2012-05-24,"team ' and 1=1--",php,webapps,0 37257,platforms/php/webapps/37257.txt,"FiverrScript - Cross-Site Request Forgery (Add Admin)",2015-06-10,"Mahmoud Gamal",php,webapps,80 37258,platforms/hardware/webapps/37258.py,"GeoVision (GeoHttpServer) Webcams - Remote File Disclosure",2015-06-10,"Viktor Minin",hardware,webapps,0 37259,platforms/php/webapps/37259.txt,"ISPConfig 3.0.5.4p6 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",php,webapps,443 @@ -35903,7 +35903,7 @@ id,file,description,date,author,platform,type,port 37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - Cross-Site Request Forgery (Add Admin)",2015-08-24,"Arash Khazaei",php,webapps,80 37956,platforms/php/webapps/37956.txt,"WordPress Theme GeoPlaces3 - Arbitrary File Upload",2015-08-24,Mdn_Newbie,php,webapps,80 37959,platforms/php/webapps/37959.txt,"BSW Gallery - 'uploadpic.php' Arbitrary File Upload",2012-10-18,cr4wl3r,php,webapps,0 -37960,platforms/php/webapps/37960.txt,"Amateur Photographer's Image Gallery - force-download.php file Parameter Information Disclosure",2012-10-18,cr4wl3r,php,webapps,0 +37960,platforms/php/webapps/37960.txt,"Amateur Photographer's Image Gallery - 'force-download.php' File Parameter Information Disclosure",2012-10-18,cr4wl3r,php,webapps,0 37961,platforms/php/webapps/37961.txt,"Amateur Photographer's Image Gallery - plist.php albumid Parameter SQL Injection",2012-10-18,cr4wl3r,php,webapps,0 37962,platforms/php/webapps/37962.txt,"Amateur Photographer's Image Gallery - plist.php albumid Parameter Cross-Site Scripting",2012-10-18,cr4wl3r,php,webapps,0 37963,platforms/php/webapps/37963.txt,"Amateur Photographer's Image Gallery - fullscreen.php albumid Parameter SQL Injection",2012-10-18,cr4wl3r,php,webapps,0 @@ -36530,7 +36530,7 @@ id,file,description,date,author,platform,type,port 39174,platforms/php/webapps/39174.txt,"Caldera - /costview2/printers.php tr Parameter SQL Injection",2014-05-07,"Thomas Fischer",php,webapps,0 39176,platforms/php/webapps/39176.html,"TOA - Cross-Site Request Forgery",2014-05-08,"High-Tech Bridge",php,webapps,0 39178,platforms/php/webapps/39178.txt,"CMS Touch - pages.php Page_ID Parameter SQL Injection",2014-05-08,indoushka,php,webapps,0 -39179,platforms/php/webapps/39179.txt,"CMS Touch - news.php News_ID Parameter SQL Injection",2014-05-08,indoushka,php,webapps,0 +39179,platforms/php/webapps/39179.txt,"CMS Touch - 'news.php' News_ID Parameter SQL Injection",2014-05-08,indoushka,php,webapps,0 39184,platforms/hardware/webapps/39184.txt,"MediaAccess TG788vn - Unauthenticated File Disclosure",2016-01-06,0x4148,hardware,webapps,0 39187,platforms/asp/webapps/39187.txt,"CIS Manager - 'email' Parameter SQL Injection",2014-05-16,Edge,asp,webapps,0 39188,platforms/php/webapps/39188.txt,"Glossaire Module for XOOPS - '/modules/glossaire/glossaire-aff.php' SQL Injection",2014-05-19,AtT4CKxT3rR0r1ST,php,webapps,0