diff --git a/files.csv b/files.csv index 1390995ee..1abd2fb14 100755 --- a/files.csv +++ b/files.csv @@ -310,7 +310,7 @@ id,file,description,date,author,platform,type,port 331,platforms/linux/local/331.c,"LibXt XtAppInitialize() Overflow *xterm Exploit",1997-05-14,"Ming Zhang",linux,local,0 332,platforms/solaris/local/332.sh,"Solaris 2.5.0/2.5.1 ps & chkey Data Buffer Exploit",1997-05-19,"Joe Zbiciak",solaris,local,0 333,platforms/aix/local/333.c,"AIX 4.2 /usr/dt/bin/dtterm Local Buffer Overflow Exploit",1997-05-27,"Georgi Guninski",aix,local,0 -334,platforms/irix/local/334.c,"IRIX Multiple Buffer Overflow Exploits (LsD)",1997-05-25,LSD-PLaNET,irix,local,0 +334,platforms/irix/local/334.c,"IRIX - Multiple Buffer Overflow Exploits (LsD)",1997-05-25,LSD-PLaNET,irix,local,0 335,platforms/aix/local/335.c,"AIX lquerylv Local Root Buffer Overflow Exploit",1997-05-26,"Georgi Guninski",aix,local,0 336,platforms/irix/local/336.c,"IRIX /bin/login Local Buffer Overflow Exploit",1997-05-26,"David Hedley",irix,local,0 337,platforms/irix/local/337.c,"IRIX 5.3 /usr/sbin/iwsh Local Root Buffer Overflow",1997-05-27,"David Hedley",irix,local,0 @@ -752,7 +752,7 @@ id,file,description,date,author,platform,type,port 930,platforms/windows/remote/930.html,"Microsoft Internet Explorer DHTML Object Memory Corruption Exploit",2005-04-12,Skylined,windows,remote,0 931,platforms/windows/dos/931.html,"Microsoft Internet Explorer DHTML Object Handling Vulns (MS05-020)",2005-04-12,Skylined,windows,dos,0 932,platforms/windows/local/932.sql,"Oracle Database Server <= 10.1.0.2 - Buffer Overflow Exploit",2005-04-13,"Esteban Fayo",windows,local,0 -933,platforms/windows/local/933.sql,"Oracle Database PL/SQL Statement Multiple SQL Injection Exploits",2005-04-13,"Esteban Fayo",windows,local,0 +933,platforms/windows/local/933.sql,"Oracle Database PL/SQL Statement - Multiple SQL Injection Exploits",2005-04-13,"Esteban Fayo",windows,local,0 934,platforms/linux/remote/934.c,"gld 1.4 (Postfix Greylisting Daemon) Remote Format String Exploit",2005-04-13,Xpl017Elz,linux,remote,2525 935,platforms/windows/local/935.c,"Morpheus <= 4.8 - Local Chat Passwords Disclosure Exploit",2005-04-13,Kozan,windows,local,0 936,platforms/windows/local/936.c,"DeluxeFtp 6.x - Local Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 @@ -885,7 +885,7 @@ id,file,description,date,author,platform,type,port 1074,platforms/solaris/local/1074.c,"Solaris 9 / 10 - ld.so Local Root Exploit (2)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1075,platforms/windows/remote/1075.c,"Microsoft Windows Message Queuing BoF Universal Exploit (MS05-017) (v.0.3)",2005-06-29,houseofdabus,windows,remote,2103 1076,platforms/php/webapps/1076.py,"phpBB 2.0.15 (highlight) Remote PHP Code Execution",2005-06-29,rattle,php,webapps,0 -1077,platforms/php/webapps/1077.pl,"Wordpress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit",2005-06-30,"James Bercegay",php,webapps,0 +1077,platforms/php/webapps/1077.pl,"WordPress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit",2005-06-30,"James Bercegay",php,webapps,0 1078,platforms/php/webapps/1078.pl,"XML-RPC Library <= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit",2005-07-01,ilo--,php,webapps,0 1079,platforms/windows/remote/1079.html,"Microsoft Internet Explorer (javaprxy.dll) COM Object Remote Exploit",2005-07-05,k-otik,windows,remote,0 1080,platforms/php/webapps/1080.pl,"phpBB 2.0.15 (highlight) Database Authentication Details Exploit",2005-07-03,SecureD,php,webapps,0 @@ -944,10 +944,10 @@ id,file,description,date,author,platform,type,port 1138,platforms/linux/remote/1138.c,"nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit",2005-08-05,CoKi,linux,remote,0 1139,platforms/linux/remote/1139.c,"Ethereal 10.x AFP Protocol Dissector Remote Format String Exploit",2005-08-06,vade79,linux,remote,0 1140,platforms/php/webapps/1140.php,"Flatnuke <= 2.5.5 - Remote Code Execution",2005-08-08,rgod,php,webapps,0 -1142,platforms/php/webapps/1142.php,"Wordpress <= 1.5.1.3 - Remote Code Execution (0Day)",2005-08-09,Kartoffelguru,php,webapps,0 +1142,platforms/php/webapps/1142.php,"WordPress <= 1.5.1.3 - Remote Code Execution (0Day)",2005-08-09,Kartoffelguru,php,webapps,0 1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 (rdpwd.sys) Remote Kernel DoS Exploit",2005-08-09,"Tom Ferris",windows,dos,0 1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 -1145,platforms/php/webapps/1145.pm,"Wordpress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit)",2005-08-10,str0ke,php,webapps,0 +1145,platforms/php/webapps/1145.pm,"WordPress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit)",2005-08-10,str0ke,php,webapps,0 1146,platforms/windows/remote/1146.c,"Microsoft Windows Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec Remote File Access Exploit (windows)",2005-08-11,N/A,windows,remote,10000 1149,platforms/windows/remote/1149.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 @@ -1028,7 +1028,7 @@ id,file,description,date,author,platform,type,port 1233,platforms/multiple/dos/1233.html,"Mozilla Firefox <= 1.0.7 - Integer Overflow Denial of Service Exploit",2005-09-26,"Georgi Guninski",multiple,dos,0 1234,platforms/bsd/remote/1234.c,"GNU Mailutils imap4d 0.6 (search) Remote Format String Exploit (fbsd)",2005-09-26,"Angelo Rosiello",bsd,remote,143 1235,platforms/windows/dos/1235.c,"MultiTheftAuto 0.5 patch 1 Server Crash and MOTD Deletion Exploit",2005-09-26,"Luigi Auriemma",windows,dos,0 -1236,platforms/cgi/webapps/1236.pm,"Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (meta)",2005-09-27,"Nicolas Gregoire",cgi,webapps,0 +1236,platforms/cgi/webapps/1236.pm,"Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (Metasploit)",2005-09-27,"Nicolas Gregoire",cgi,webapps,0 1237,platforms/php/webapps/1237.php,"PHP-Fusion 6.00.109 (msg_send) SQL Injection Exploit",2005-09-28,rgod,php,webapps,0 1238,platforms/linux/remote/1238.c,"Prozilla <= 1.3.7.4 (ftpsearch) Results Handling Buffer Overflow Exploit",2005-10-02,taviso,linux,remote,8080 1239,platforms/windows/dos/1239.c,"Virtools Web Player <= 3.0.0.100 - Buffer Overflow DoS Exploit",2005-10-02,"Luigi Auriemma",windows,dos,0 @@ -1050,10 +1050,10 @@ id,file,description,date,author,platform,type,port 1256,platforms/multiple/dos/1256.pl,"Lynx <= 2.8.6dev.13 - Remote Buffer Overflow Exploit (PoC)",2005-10-17,"Ulf Harnhammar",multiple,dos,0 1257,platforms/multiple/dos/1257.html,"Mozilla (Firefox <= 1.0.7) (Mozilla <= 1.7.12) Denial of Service Exploit",2005-10-17,Kubbo,multiple,dos,0 1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 - (resetcore.php) Remote SQL Injection Exploit",2005-10-18,rgod,linux,remote,0 -1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server Preauthentication Directory Listing Exploit (meta)",2005-10-19,Optyx,hp-ux,remote,0 -1260,platforms/windows/remote/1260.pm,"Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (meta)",2005-10-19,"H D Moore",windows,remote,80 -1261,platforms/hp-ux/remote/1261.pm,"HP-UX <= 11.11 lpd Remote Command Execution Exploit (meta)",2005-10-19,"H D Moore",hp-ux,remote,515 -1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (meta)",2005-10-19,"H D Moore",windows,remote,4105 +1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server Preauthentication Directory Listing Exploit (Metasploit)",2005-10-19,Optyx,hp-ux,remote,0 +1260,platforms/windows/remote/1260.pm,"Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (Metasploit)",2005-10-19,"H D Moore",windows,remote,80 +1261,platforms/hp-ux/remote/1261.pm,"HP-UX <= 11.11 lpd Remote Command Execution Exploit (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515 +1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (Metasploit)",2005-10-19,"H D Moore",windows,remote,4105 1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (linux)",2005-10-20,"Kevin Finisterre",multiple,remote,13722 1264,platforms/windows/remote/1264.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (Win32)",2005-10-20,"Kevin Finisterre",windows,remote,13722 1265,platforms/osx/remote/1265.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (OS X)",2005-10-20,"Kevin Finisterre",osx,remote,13722 @@ -1069,7 +1069,7 @@ id,file,description,date,author,platform,type,port 1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6.0 (mshtmled.dll) Denial of Service Exploit",2005-10-28,"Tom Ferris",windows,dos,0 1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit",2005-10-29,ATmaCA,windows,remote,0 1278,platforms/php/webapps/1278.pl,"Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit",2005-10-31,RusH,php,webapps,0 -1279,platforms/windows/remote/1279.pm,"Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (meta)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 +1279,platforms/windows/remote/1279.pm,"Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (Metasploit)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 1280,platforms/php/webapps/1280.pl,"VuBB Forum RC1 (m) Remote SQL Injection Exploit",2005-11-02,Devil-00,php,webapps,0 1281,platforms/windows/dos/1281.c,"Battle Carry <= .005 Socket Termination Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 1282,platforms/windows/dos/1282.c,"Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 @@ -1082,7 +1082,7 @@ id,file,description,date,author,platform,type,port 1289,platforms/php/webapps/1289.php,"CuteNews <= 1.4.1 (shell inject) Remote Command Execution Exploit",2005-11-03,rgod,php,webapps,0 1290,platforms/linux/remote/1290.pl,"gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (ppc)",2005-11-04,"Kevin Finisterre",linux,remote,0 1291,platforms/linux/remote/1291.pl,"gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (x86)",2005-11-04,"Kevin Finisterre",linux,remote,0 -1292,platforms/multiple/remote/1292.pm,"WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (meta)",2005-11-04,"David Maciejak",multiple,remote,21 +1292,platforms/multiple/remote/1292.pm,"WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 (MKD/CWD) Remote Root Exploit",2005-11-05,kingcope,linux,remote,21 1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x module (vBulletin/IPB) Remote SQL Injection Exploit",2005-11-06,B~HFH,php,webapps,0 1297,platforms/linux/local/1297.py,"F-Secure Internet Gatekeeper for Linux < 2.15.484 - Local Root Exploit",2005-11-07,"Xavier de Leon",linux,local,0 @@ -1151,7 +1151,7 @@ id,file,description,date,author,platform,type,port 1378,platforms/windows/remote/1378.py,"MailEnable Enterprise Edition 1.1 - (EXAMINE) Buffer Overflow Exploit",2005-12-19,muts,windows,remote,0 1379,platforms/php/webapps/1379.php,"PHPGedView <= 3.3.7 - Arbitrary Remote Code Execution Exploit",2005-12-20,rgod,php,webapps,0 1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 - (IMAPd) Remote Overflow Exploit",2005-12-20,muts,windows,remote,143 -1381,platforms/windows/remote/1381.pm,"Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (meta)",2005-12-20,redsand,windows,remote,21 +1381,platforms/windows/remote/1381.pm,"Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (Metasploit)",2005-12-20,redsand,windows,remote,21 1382,platforms/php/webapps/1382.pl,"phpBB <= 2.0.18 - Remote Bruteforce/Dictionary Attack Tool (updated)",2006-02-20,DarkFig,php,webapps,0 1383,platforms/php/webapps/1383.txt,"phpBB <= 2.0.18 - Remote XSS Cookie Disclosure Exploit",2005-12-21,jet,php,webapps,0 1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 (rating) Parameter Remote SQL Injection Exploit",2005-12-23,krasza,php,webapps,0 @@ -1159,7 +1159,7 @@ id,file,description,date,author,platform,type,port 1388,platforms/php/webapps/1388.pl,"phpBB <= 2.0.17 (signature_bbcode_uid) Remote Command Exploit",2005-12-24,RusH,php,webapps,0 1389,platforms/windows/dos/1389.html,"Microsoft Internet Explorer 6.0 - (mshtml.dll datasrc) Denial of Service Vuln",2005-12-27,BuHa,windows,dos,0 1390,platforms/multiple/dos/1390.c,"BZFlag <= 2.0.4 (undelimited string) Denial of Service Exploit",2005-12-27,"Luigi Auriemma",multiple,dos,0 -1391,platforms/windows/remote/1391.pm,"Windows XP/2003 Metafile Escape() Code Execution Exploit (meta)",2005-12-27,"H D Moore",windows,remote,0 +1391,platforms/windows/remote/1391.pm,"Windows XP/2003 Metafile Escape() Code Execution Exploit (Metasploit)",2005-12-27,"H D Moore",windows,remote,0 1394,platforms/windows/dos/1394.html,"Microsoft Internet Explorer 6.0 (mshtml.dll div) Denial of Service Exploit",2005-12-29,rgod,windows,dos,0 1395,platforms/php/webapps/1395.php,"phpDocumentor <= 1.3.0 rc4 - Remote Commands Execution Exploit",2005-12-29,rgod,php,webapps,0 1396,platforms/windows/dos/1396.cpp,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (cpp)",2005-12-29,Lympex,windows,dos,0 @@ -1198,17 +1198,17 @@ id,file,description,date,author,platform,type,port 1447,platforms/hardware/dos/1447.c,"Cisco Aironet Wireless Access Points Memory Exhaustion ARP Attack DoS",2006-01-25,Pasv,hardware,dos,0 1448,platforms/windows/remote/1448.pl,"Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow PoC",2006-01-25,"Critical Security",windows,remote,0 1449,platforms/linux/local/1449.c,"SquirrelMail 3.1 Change Passwd Plugin Local Buffer Overflow Exploit",2006-01-25,"rod hedor",linux,local,0 -1452,platforms/windows/remote/1452.pm,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (meta)",2006-01-25,redsand,windows,remote,21 +1452,platforms/windows/remote/1452.pm,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)",2006-01-25,redsand,windows,remote,21 1453,platforms/php/webapps/1453.pl,"Phpclanwebsite 1.23.1 (par) Remote SQL Injection Exploit",2006-01-25,matrix_killer,php,webapps,0 1455,platforms/windows/local/1455.txt,"Oracle Database Server 9i/10g (XML) Buffer Overflow Exploit",2006-01-26,Argeniss,windows,local,0 1456,platforms/linux/remote/1456.c,"SHOUTcast <= 1.9.4 File Request Format String Exploit (Leaked)",2006-01-28,crash-x,linux,remote,8000 1457,platforms/php/webapps/1457.txt,"phpBB <= 2.0.19 - XSS Remote Cookie Disclosure Exploit",2006-01-29,threesixthousan,php,webapps,0 1458,platforms/windows/remote/1458.cpp,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (0Day)",2006-01-29,ATmaCA,windows,remote,0 1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 (cookie) Remote Command Execution Exploit",2006-01-30,cijfer,php,webapps,0 -1460,platforms/windows/remote/1460.pm,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (meta)",2006-01-31,"H D Moore",windows,remote,0 +1460,platforms/windows/remote/1460.pm,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (Metasploit)",2006-01-31,"H D Moore",windows,remote,0 1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod <= 1.3 - SQL Injection Exploit",2006-01-31,SkOd,php,webapps,0 1462,platforms/windows/remote/1462.cpp,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (cpp)",2006-01-31,HolyGhost,windows,remote,21 -1463,platforms/windows/remote/1463.pm,"SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (meta)",2006-02-01,y0,windows,remote,21 +1463,platforms/windows/remote/1463.pm,"SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (Metasploit)",2006-02-01,y0,windows,remote,21 1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 (telnetd) Remote Denial of Service Exploit",2006-02-02,"Fabian Ramirez",hardware,dos,0 1465,platforms/windows/local/1465.c,"Microsoft Windows - ACLs Local Privilege Escalation Exploit (Updated)",2006-02-12,"Andres Tarasco",windows,local,0 1466,platforms/windows/remote/1466.pl,"eXchange POP3 5.0.050203 (rcpt to) Remote Buffer Overflow Exploit",2006-02-03,"securma massine",windows,remote,25 @@ -1246,7 +1246,7 @@ id,file,description,date,author,platform,type,port 1501,platforms/php/webapps/1501.php,"PHPKIT <= 1.6.1R2 (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 1502,platforms/windows/remote/1502.py,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 1503,platforms/php/webapps/1503.pl,"YapBB <= 1.2 (cfgIncludeDirectory) Remote Command Execution Exploit",2006-02-16,cijfer,php,webapps,0 -1504,platforms/windows/remote/1504.pm,"Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (meta)",2006-02-17,"H D Moore",windows,remote,0 +1504,platforms/windows/remote/1504.pm,"Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (Metasploit)",2006-02-17,"H D Moore",windows,remote,0 1505,platforms/windows/remote/1505.html,"Microsoft Windows Media Player 10 - Plugin Overflow Exploit (MS06-006)",2006-02-17,"Matthew Murphy",windows,remote,0 1506,platforms/windows/remote/1506.c,"Microsoft Windows - Color Management Module Overflow Exploit (MS05-036) (2)",2006-02-17,darkeagle,windows,remote,0 1508,platforms/cgi/webapps/1508.pl,"AWStats < 6.4 (referer) Remote Command Execution Exploit",2006-02-17,RusH,cgi,webapps,0 @@ -1304,7 +1304,7 @@ id,file,description,date,author,platform,type,port 1560,platforms/windows/dos/1560.c,"Cube <= 2005_08_29 - Multiple BoF/Crash Vulnerabilities Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 1561,platforms/php/webapps/1561.pl,"OWL Intranet Engine 0.82 (xrms_file_root) Code Execution Exploit",2006-03-07,rgod,php,webapps,0 1562,platforms/asp/webapps/1562.pl,"CilemNews System <= 1.1 (yazdir.asp haber_id) SQL Injection Exploit",2006-03-07,nukedx,asp,webapps,0 -1563,platforms/php/webapps/1563.pm,"Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (meta)",2006-03-07,sirh0t,php,webapps,0 +1563,platforms/php/webapps/1563.pm,"Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (Metasploit)",2006-03-07,sirh0t,php,webapps,0 1564,platforms/windows/dos/1564.c,"Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities Exploit",2006-03-07,"Luigi Auriemma",windows,dos,0 1565,platforms/windows/remote/1565.pl,"RevilloC MailServer 1.21 (USER) Remote Buffer Overflow Exploit PoC",2006-03-07,"securma massine",windows,remote,110 1566,platforms/php/webapps/1566.php,"Gallery <= 2.0.3 - stepOrder[] Remote Commands Execution Exploit",2006-03-08,rgod,php,webapps,0 @@ -1365,7 +1365,7 @@ id,file,description,date,author,platform,type,port 1623,platforms/asp/webapps/1623.pl,"EzASPSite <= 2.0 RC3 (Scheme) Remote SQL Injection Exploit",2006-03-29,nukedx,asp,webapps,0 1624,platforms/tru64/local/1624.pl,"Tru64 UNIX 5.0 (Rev. 910) rdist NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 1625,platforms/tru64/local/1625.pl,"Tru64 UNIX 5.0 (Rev. 910) edauth NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 -1626,platforms/windows/remote/1626.pm,"PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (meta)",2006-03-30,"H D Moore",windows,remote,7144 +1626,platforms/windows/remote/1626.pm,"PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (Metasploit)",2006-03-30,"H D Moore",windows,remote,7144 1627,platforms/php/webapps/1627.php,"Claroline <= 1.7.4 (scormExport.inc.php) Remote Code Execution Exploit",2006-03-30,rgod,php,webapps,0 1628,platforms/windows/remote/1628.cpp,"Microsoft Internet Explorer (createTextRang) Download Shellcoded Exploit (2)",2006-03-31,ATmaCA,windows,remote,0 1629,platforms/php/webapps/1629.pl,"SQuery <= 4.5 (libpath) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 @@ -1499,13 +1499,13 @@ id,file,description,date,author,platform,type,port 1784,platforms/windows/dos/1784.txt,"raydium <= svn 309 - Multiple Vulnerabilities Exploit",2006-05-14,"Luigi Auriemma",windows,dos,0 1785,platforms/php/webapps/1785.php,"Sugar Suite Open Source <= 4.2 (OptimisticLock) Remote Exploit",2006-05-14,rgod,php,webapps,0 1787,platforms/windows/remote/1787.py,"freeSSHd <= 1.0.9 Key Exchange Algorithm Buffer Overflow Exploit",2006-05-15,"Tauqeer Ahmad",windows,remote,22 -1788,platforms/windows/remote/1788.pm,"PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (meta)",2006-05-15,y0,windows,remote,0 +1788,platforms/windows/remote/1788.pm,"PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (Metasploit)",2006-05-15,y0,windows,remote,0 1789,platforms/php/webapps/1789.txt,"TR Newsportal <= 0.36tr1 (poll.php) Remote File Inclusion Vulnerability",2006-05-15,Kacper,php,webapps,0 1790,platforms/php/webapps/1790.txt,"Squirrelcart <= 2.2.0 (cart_content.php) Remote Inclusion Vulnerability",2006-05-15,OLiBekaS,php,webapps,0 1791,platforms/multiple/remote/1791.patch,"RealVNC 4.1.0 - 4.1.1 - VNC Null Authentication Bypass (Patched EXE)",2006-05-16,redsand,multiple,remote,5900 1792,platforms/windows/dos/1792.txt,"GNUnet <= 0.7.0d - (Empty UDP Packet) Remote Denial of Service Exploit",2006-05-15,"Luigi Auriemma",windows,dos,0 1793,platforms/php/webapps/1793.pl,"DeluxeBB <= 1.06 (name) Remote SQL Injection Exploit (mq=off)",2006-05-15,KingOfSka,php,webapps,0 -1794,platforms/multiple/remote/1794.pm,"RealVNC 4.1.0 - 4.1.1 - (Null Authentication) Auth Bypass Exploit (meta)",2006-05-15,"H D Moore",multiple,remote,5900 +1794,platforms/multiple/remote/1794.pm,"RealVNC 4.1.0 - 4.1.1 - (Null Authentication) Auth Bypass Exploit (Metasploit)",2006-05-15,"H D Moore",multiple,remote,5900 1795,platforms/php/webapps/1795.txt,"ezusermanager <= 1.6 - Remote File Inclusion Vulnerability",2006-05-15,OLiBekaS,php,webapps,0 1796,platforms/php/webapps/1796.php,"PHP-Fusion <= 6.00.306 (srch_where) SQL Injection Exploit",2006-05-16,rgod,php,webapps,0 1797,platforms/php/webapps/1797.php,"DeluxeBB <= 1.06 (Attachment mod_mime) Remote Exploit",2006-05-16,rgod,php,webapps,0 @@ -1623,7 +1623,7 @@ id,file,description,date,author,platform,type,port 1912,platforms/php/webapps/1912.txt,"The Bible Portal Project <= 2.12 - (destination) File Include Vulnerability",2006-06-14,Kacper,php,webapps,0 1913,platforms/php/webapps/1913.txt,"Php Blue Dragon CMS <= 2.9.1 - (template.php) File Include Vulnerability",2006-06-14,"Federico Fazzi",php,webapps,0 1914,platforms/php/webapps/1914.txt,"Content-Builder (CMS) <= 0.7.2 - Multiple Include Vulnerabilities",2006-06-14,Kacper,php,webapps,0 -1915,platforms/windows/remote/1915.pm,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (meta)",2006-06-15,c0rrupt,windows,remote,0 +1915,platforms/windows/remote/1915.pm,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (Metasploit)",2006-06-15,c0rrupt,windows,remote,0 1916,platforms/php/webapps/1916.txt,"DeluxeBB <= 1.06 (templatefolder) Remote File Include Vulnerabilities",2006-06-15,"Andreas Sandblad",php,webapps,0 1917,platforms/windows/local/1917.pl,"Pico Zip 4.01 (Long Filename) Buffer Overflow Exploit",2006-06-15,c0rrupt,windows,local,0 1918,platforms/php/webapps/1918.php,"bitweaver <= 1.3 (tmpImagePath) Attachment mod_mime Exploit",2006-06-15,rgod,php,webapps,0 @@ -1807,7 +1807,7 @@ id,file,description,date,author,platform,type,port 2107,platforms/osx/local/2107.pl,"Mac OS X <= 10.4.7 - fetchmail Privilege Escalation Exploit (ppc)",2006-08-01,"Kevin Finisterre",osx,local,0 2108,platforms/osx/local/2108.sh,"Mac OS X <= 10.4.7 - fetchmail Privilege Escalation Exploit",2006-08-01,"Kevin Finisterre",osx,local,0 2109,platforms/php/webapps/2109.txt,"WoW Roster <= 1.70 (/lib/phpbb.php) Remote File Include Vulnerability",2006-08-02,|peti,php,webapps,0 -2110,platforms/php/webapps/2110.pm,"TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (meta)",2006-08-02,"David Maciejak",php,webapps,0 +2110,platforms/php/webapps/2110.pm,"TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 2111,platforms/osx/local/2111.pl,"Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local BoF Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 2113,platforms/php/webapps/2113.txt,"SaveWeb Portal <= 3.4 (SITE_Path) Remote File Inclusion Vulnerabilities",2006-08-02,"Mehmet Ince",php,webapps,0 2114,platforms/php/webapps/2114.htm,"TinyPHP Forum <= 3.6 (makeadmin) Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 @@ -2417,8 +2417,8 @@ id,file,description,date,author,platform,type,port 2726,platforms/php/webapps/2726.txt,"Agora 1.4 RC1 (MysqlfinderAdmin.php) Remote File Include Vulnerability",2006-11-06,the_day,php,webapps,0 2727,platforms/php/webapps/2727.txt,"OpenEMR <= 2.8.1 (srcdir) Multiple Remote File Inclusion Vulnerabilities",2006-11-06,the_day,php,webapps,0 2728,platforms/php/webapps/2728.txt,"Article Script <= 1.6.3 (rss.php) Remote SQL Injection Vulnerability",2006-11-06,Liz0ziM,php,webapps,0 -2729,platforms/windows/remote/2729.pm,"Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (meta)",2006-11-06,"Evgeny Legerov",windows,remote,2049 -2730,platforms/linux/dos/2730.pm,"OpenLDAP 2.2.29 - Remote Denial of Service Exploit (meta)",2006-11-06,"Evgeny Legerov",linux,dos,0 +2729,platforms/windows/remote/2729.pm,"Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (Metasploit)",2006-11-06,"Evgeny Legerov",windows,remote,2049 +2730,platforms/linux/dos/2730.pm,"OpenLDAP 2.2.29 - Remote Denial of Service Exploit (Metasploit)",2006-11-06,"Evgeny Legerov",linux,dos,0 2731,platforms/php/webapps/2731.pl,"iPrimal Forums (admin/index.php) Change User Password Exploit",2006-11-06,Bl0od3r,php,webapps,0 2732,platforms/php/webapps/2732.txt,"PHPGiggle 12.08 - (CFG_PHPGIGGLE_ROOT) File Include Vulnerability",2006-11-06,ajann,php,webapps,0 2733,platforms/php/webapps/2733.txt,"iWare Pro <= 5.0.4 (chat_panel.php) Remote Code Execution Vulnerability",2006-11-07,nuffsaid,php,webapps,0 @@ -2458,8 +2458,8 @@ id,file,description,date,author,platform,type,port 2767,platforms/php/webapps/2767.txt,"StoryStream 4.0 (baseDir) Remote File Include Vulnerabilities",2006-11-12,v1per-haCker,php,webapps,0 2768,platforms/php/webapps/2768.txt,"contentnow 1.30 (local/upload/delete) Multiple Vulnerabilities",2006-11-13,r0ut3r,php,webapps,0 2769,platforms/php/webapps/2769.php,"Quick.Cart <= 2.0 (actions_client/gallery.php) Local File Include Exploit",2006-11-13,Kacper,php,webapps,0 -2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver Probe Response SSID Overflow Exploit (meta)",2006-11-13,"H D Moore",windows,remote,0 -2771,platforms/windows/remote/2771.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (meta)",2006-11-13,"H D Moore",windows,remote,0 +2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver Probe Response SSID Overflow Exploit (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 +2771,platforms/windows/remote/2771.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 2772,platforms/asp/webapps/2772.htm,"Online Event Registration <= 2.0 (save_profile.asp) Pass Change Exploit",2006-11-13,ajann,asp,webapps,0 2773,platforms/asp/webapps/2773.txt,"Estate Agent Manager <= 1.3 - (default.asp) Login Bypass Vulnerability",2006-11-13,ajann,asp,webapps,0 2774,platforms/asp/webapps/2774.txt,"Property Pro 1.0 (vir_Login.asp) Remote Login Bypass Vulnerability",2006-11-13,ajann,asp,webapps,0 @@ -2546,7 +2546,7 @@ id,file,description,date,author,platform,type,port 2866,platforms/windows/remote/2866.html,"Acer LunchApp.APlunch (ActiveX Control) Command Execution Exploit",2006-11-30,"Tan Chew Keong",windows,remote,0 2867,platforms/php/webapps/2867.php,"PHPGraphy 0.9.12 - Privilege Escalation / Commands Execution Exploit",2006-11-30,rgod,php,webapps,0 2869,platforms/php/webapps/2869.php,"Serendipity <= 1.0.3 (comment.php) Local File Include Exploit",2006-11-30,Kacper,php,webapps,0 -2870,platforms/windows/remote/2870.rb,"VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (meta)",2006-11-30,"Greg Linares",windows,remote,0 +2870,platforms/windows/remote/2870.rb,"VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (Metasploit)",2006-11-30,"Greg Linares",windows,remote,0 2871,platforms/php/webapps/2871.txt,"LDU <= 8.x (polls.php) Remote SQL Injection Vulnerability",2006-11-30,ajann,php,webapps,0 2872,platforms/windows/local/2872.c,"VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (c)",2006-11-30,Expanders,windows,local,0 2873,platforms/windows/local/2873.c,"AtomixMP3 <= 2.3 - (.M3U) Buffer Overflow Exploit",2006-11-30,"Greg Linares",windows,local,0 @@ -2767,11 +2767,11 @@ id,file,description,date,author,platform,type,port 3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 (GET) Remote Buffer Overflow Exploit meta",2007-01-07,"Jacopo Cervini",windows,remote,80 3093,platforms/php/webapps/3093.txt,"AllMyGuests <= 0.3.0 (AMG_serverpath) Remote Inclusion Vulnerabilities",2007-01-07,beks,php,webapps,0 3094,platforms/bsd/local/3094.c,"OpenBSD 3.x - 4.0 vga_ioctl() Local Root Exploit",2007-01-07,"Critical Security",bsd,local,0 -3095,platforms/php/webapps/3095.py,"Wordpress 2.0.5 - Trackback UTF-7 - Remote SQL Injection Exploit",2007-01-07,"Stefan Esser",php,webapps,0 +3095,platforms/php/webapps/3095.py,"WordPress 2.0.5 - Trackback UTF-7 - Remote SQL Injection Exploit",2007-01-07,"Stefan Esser",php,webapps,0 3096,platforms/php/webapps/3096.txt,"AllMyLinks <= 0.5.0 - (index.php) Remote File Include Vulnerability",2007-01-07,GoLd_M,php,webapps,0 3097,platforms/php/webapps/3097.txt,"AllMyVisitors 0.4.0 (index.php) Remote File Inclusion Vulnerability",2007-01-07,bd0rk,php,webapps,0 3098,platforms/osx/dos/3098.html,"OmniWeb 5.5.1 Javascript alert() Remote Format String PoC",2007-01-07,MoAB,osx,dos,0 -3099,platforms/linux/remote/3099.pm,"Berlios GPSD <= 2.7 - Remote Format String Exploit (meta)",2007-01-08,Enseirb,linux,remote,2947 +3099,platforms/linux/remote/3099.pm,"Berlios GPSD <= 2.7 - Remote Format String Exploit (Metasploit)",2007-01-08,Enseirb,linux,remote,2947 3100,platforms/php/webapps/3100.txt,"Magic Photo Storage Website - _config[site_path] File Include Vuln",2007-01-08,k1tk4t,php,webapps,0 3101,platforms/multiple/dos/3101.py,"Opera <= 9.10 JPG Image DHT Marker Heap Corruption Vulnerabilities",2007-01-08,posidron,multiple,dos,0 3102,platforms/osx/local/3102.rb,"Application Enhancer (APE) 2.0.2 - Local Privilege Escalation Exploit",2007-01-08,MoAB,osx,local,0 @@ -2779,9 +2779,9 @@ id,file,description,date,author,platform,type,port 3104,platforms/php/webapps/3104.txt,"PPC Search Engine 1.61 (INC) Multiple Remote File Include Vulnerabilities",2007-01-09,IbnuSina,php,webapps,0 3105,platforms/asp/webapps/3105.txt,"MOTIONBORG Web Real Estate <= 2.1 - SQL Injection Vulnerability",2007-01-09,ajann,asp,webapps,0 3106,platforms/php/webapps/3106.txt,"uniForum <= 4 - (wbsearch.aspx) Remote SQL Injection Vulnerability",2007-01-09,ajann,php,webapps,0 -3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (meta)",2007-01-09,"Jacopo Cervini",windows,remote,21 +3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Include Exploit",2007-01-09,DeltahackingTEAM,php,webapps,0 -3109,platforms/php/webapps/3109.php,"Wordpress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit",2007-01-10,rgod,php,webapps,0 +3109,platforms/php/webapps/3109.php,"WordPress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit",2007-01-10,rgod,php,webapps,0 3110,platforms/osx/dos/3110.rb,"Mac OS X 10.4.8 Apple Finder DMG Volume Name Memory Corruption PoC",2007-01-09,MoAB,osx,dos,0 3111,platforms/windows/dos/3111.pl,"Microsoft Windows - Explorer (WMF) CreateBrushIndirect DoS Exploit",2007-01-13,cyanid-E,windows,dos,0 3112,platforms/windows/dos/3112.py,"eIQnetworks Network Security Analyzer Null Pointer Dereference Exploit",2007-01-10,"Ethan Hunt",windows,dos,0 @@ -2840,7 +2840,7 @@ id,file,description,date,author,platform,type,port 3167,platforms/osx/dos/3167.c,"Mac OS X 10.4.x Kernel shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 3168,platforms/windows/remote/3168.java,"Sun Microsystems Java GIF File Parsing Memory Corruption Exploit",2007-01-21,luoluo,windows,remote,0 3169,platforms/php/webapps/3169.txt,"WebChat 0.77 (defines.php WEBCHATPATH) Remote File Include Vuln",2007-01-21,v1per-haCker,php,webapps,0 -3170,platforms/windows/remote/3170.pm,"3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (meta)",2007-01-21,Enseirb,windows,remote,69 +3170,platforms/windows/remote/3170.pm,"3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)",2007-01-21,Enseirb,windows,remote,69 3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 (index.php gen) Remote File Include Exploit",2007-01-21,DeltahackingTEAM,php,webapps,0 3172,platforms/php/webapps/3172.php,"webSPELL 4.01.02 (gallery.php) Remote Blind SQL Injection Exploit",2007-01-21,r00t,php,webapps,0 3173,platforms/osx/local/3173.rb,"Mac OS X 10.4.8 - System Preferences Local Privilege Escalation Exploit",2007-01-21,MoAB,osx,local,0 @@ -2933,7 +2933,7 @@ id,file,description,date,author,platform,type,port 3262,platforms/php/webapps/3262.php,"Woltlab Burning Board Lite <= 1.0.2pl3e (pms.php) SQL Injection Exploit",2007-02-03,rgod,php,webapps,0 3263,platforms/php/webapps/3263.txt,"KDPics <= 1.11 (exif.php lib_path) Remote File Include Vulnerability",2007-02-03,AsTrex,php,webapps,0 3264,platforms/windows/remote/3264.pl,"Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit",2007-02-04,"Jacopo Cervini",windows,remote,25 -3265,platforms/windows/remote/3265.pm,"Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (meta)",2007-02-04,"Jacopo Cervini",windows,remote,25 +3265,platforms/windows/remote/3265.pm,"Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (Metasploit)",2007-02-04,"Jacopo Cervini",windows,remote,25 3266,platforms/php/webapps/3266.txt,"Flip 2.01 final (previewtheme.php inc_path) RFI Vulnerability",2007-02-04,GoLd_M,php,webapps,0 3267,platforms/php/webapps/3267.txt,"Geeklog 2 (BaseView.php) Remote File Inclusion Vulnerability",2007-02-05,GoLd_M,php,webapps,0 3268,platforms/php/webapps/3268.txt,"SMA-DB <= 0.3.9 (settings.php) Remote File Inclusion Vulnerability",2007-02-05,"ThE dE@Th",php,webapps,0 @@ -3002,7 +3002,7 @@ id,file,description,date,author,platform,type,port 3332,platforms/php/webapps/3332.pl,"Xpression News 1.0.1 (archives.php) Remote File Disclosure Exploit",2007-02-18,r0ut3r,php,webapps,0 3333,platforms/linux/local/3333.pl,"ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow Exploit (2)",2007-02-19,Revenge,linux,local,0 3334,platforms/php/webapps/3334.asp,"PHP-Nuke Module Emporium <= 2.3.0 - Remote SQL Injection Exploit",2007-02-19,ajann,php,webapps,0 -3335,platforms/windows/remote/3335.pm,"IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (meta)",2007-02-19,"Jacopo Cervini",windows,remote,21 +3335,platforms/windows/remote/3335.pm,"IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (Metasploit)",2007-02-19,"Jacopo Cervini",windows,remote,21 3336,platforms/php/webapps/3336.txt,"Ultimate Fun Book 1.02 (function.php) Remote File Include Vulnerability",2007-02-20,kezzap66345,php,webapps,0 3337,platforms/php/webapps/3337.php,"NukeSentinel 2.5.05 (nsbypass.php) Blind SQL Injection Exploit",2007-02-20,DarkFig,php,webapps,0 3338,platforms/php/webapps/3338.php,"NukeSentinel 2.5.05 - (nukesentinel.php) File Disclosure Exploit",2007-02-20,DarkFig,php,webapps,0 @@ -3248,7 +3248,7 @@ id,file,description,date,author,platform,type,port 3586,platforms/linux/dos/3586.php,"PHP 4.4.5 / 4.4.6 session_decode() Double Free Exploit PoC",2007-03-27,"Stefan Esser",linux,dos,0 3587,platforms/linux/local/3587.c,"Linux Kernel <= 2.6.20 with DCCP Support - Memory Disclosure Exploit (1)",2007-03-27,"Robert Swiecki",linux,local,0 3588,platforms/php/webapps/3588.pl,"XOOPS module Articles <= 1.02 (print.php id) SQL Injection Exploit",2007-03-27,WiLdBoY,php,webapps,0 -3589,platforms/windows/remote/3589.pm,"NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (meta)",2007-03-27,skillTube,windows,remote,80 +3589,platforms/windows/remote/3589.pm,"NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (Metasploit)",2007-03-27,skillTube,windows,remote,80 3590,platforms/php/webapps/3590.htm,"Joomla Component D4JeZine <= 2.8 - Remote BLIND SQL Injection Exploit",2007-03-27,ajann,php,webapps,0 3591,platforms/php/webapps/3591.txt,"PHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability",2007-03-27,"ThE TiGeR",php,webapps,0 3592,platforms/php/webapps/3592.htm,"Web Content System 2.7.1 - Remote File Inclusion Exploit",2007-03-27,kezzap66345,php,webapps,0 @@ -3312,13 +3312,13 @@ id,file,description,date,author,platform,type,port 3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) <= 1.2.3 - Remote Code Execution Exploit",2007-04-03,DarkFig,php,webapps,0 3654,platforms/multiple/remote/3654.pl,"HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit",2007-04-03,"Isma Khan",multiple,remote,0 3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit",2007-04-03,ajann,php,webapps,0 -3656,platforms/php/webapps/3656.pl,"Wordpress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit",2007-04-03,"Sumit Siddharth",php,webapps,0 +3656,platforms/php/webapps/3656.pl,"WordPress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit",2007-04-03,"Sumit Siddharth",php,webapps,0 3657,platforms/php/webapps/3657.txt,"MySpeach <= 3.0.7 - Remote/Local File Inclusion Vulnerability",2007-04-03,Xst3nZ,php,webapps,0 3658,platforms/php/webapps/3658.htm,"phpMyNewsletter 0.6.10 (customize.php l) RFI Vulnerability",2007-04-04,frog-m@n,php,webapps,0 3659,platforms/php/webapps/3659.txt,"AROUNDMe 0.7.7 - Multiple Remote File Inclusion Vulnerabilities",2007-04-04,kezzap66345,php,webapps,0 3660,platforms/php/webapps/3660.pl,"CyBoards PHP Lite 1.21 (script_path) Remote File Include Exploit",2007-04-04,bd0rk,php,webapps,0 3661,platforms/windows/remote/3661.pl,"HP Mercury Quality Center Spider90.ocx ProgColor Overflow Exploit",2007-04-04,ri0t,windows,remote,0 -3662,platforms/windows/remote/3662.rb,"AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (meta)",2007-04-04,"Krad Chad",windows,remote,0 +3662,platforms/windows/remote/3662.rb,"AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (Metasploit)",2007-04-04,"Krad Chad",windows,remote,0 3663,platforms/php/webapps/3663.htm,"XOOPS Module WF-Snippets <= 1.02 (c) BLIND SQL Injection Exploit",2007-04-04,ajann,php,webapps,0 3664,platforms/windows/local/3664.txt,"TrueCrypt 4.3 - Privilege Escalation Exploit",2007-04-04,"Marco Ivaldi",windows,local,0 3665,platforms/php/webapps/3665.htm,"Mutant 0.9.2 mutant_functions.php Remote File Inclusion Exploit",2007-04-04,bd0rk,php,webapps,0 @@ -3478,11 +3478,11 @@ id,file,description,date,author,platform,type,port 3821,platforms/linux/remote/3821.c,"3proxy 0.5.3g proxy.c logurl() Remote Buffer Overflow Exploit (linux)",2007-04-30,vade79,linux,remote,0 3822,platforms/windows/remote/3822.c,"3proxy 0.5.3g proxy.c logurl() Remote Buffer Overflow Exploit (Win32)",2007-04-30,vade79,windows,remote,0 3823,platforms/windows/local/3823.c,"Winamp <= 5.34 - (.mp4) Code Execution Exploit",2007-04-30,Marsu,windows,local,0 -3824,platforms/php/webapps/3824.txt,"Wordpress plugin wp-Table <= 1.43 - (inc_dir) RFI Vulnerability",2007-05-01,K-159,php,webapps,0 -3825,platforms/php/webapps/3825.txt,"Wordpress plugin wordTube <= 1.43 - (wpPATH) RFI Vulnerability",2007-05-01,K-159,php,webapps,0 +3824,platforms/php/webapps/3824.txt,"WordPress plugin wp-Table <= 1.43 - (inc_dir) RFI Vulnerability",2007-05-01,K-159,php,webapps,0 +3825,platforms/php/webapps/3825.txt,"WordPress plugin wordTube <= 1.43 - (wpPATH) RFI Vulnerability",2007-05-01,K-159,php,webapps,0 3826,platforms/windows/dos/3826.html,"PowerPoint Viewer OCX 3.2 (ActiveX Control) Denial of Service Exploit",2007-05-01,shinnai,windows,dos,0 3827,platforms/php/webapps/3827.txt,"Sendcard <= 3.4.1 (sendcard.php form) Local File Inclusion Vulnerability",2007-05-01,ettee,php,webapps,0 -3828,platforms/php/webapps/3828.txt,"Wordpress plugin myflash <= 1.00 - (wppath) RFI Vulnerability",2007-05-01,Crackers_Child,php,webapps,0 +3828,platforms/php/webapps/3828.txt,"WordPress plugin myflash <= 1.00 - (wppath) RFI Vulnerability",2007-05-01,Crackers_Child,php,webapps,0 3829,platforms/linux/remote/3829.c,"3proxy 0.5.3g proxy.c logurl() Remote Overflow Exploit (exec-shield)",2007-05-02,Xpl017Elz,linux,remote,0 3830,platforms/windows/dos/3830.html,"Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service Exploit",2007-05-02,shinnai,windows,dos,0 3831,platforms/asp/webapps/3831.txt,"PStruh-CZ 1.3/1.5 - (download.asp File) File Disclosure Vulnerability",2007-05-02,Dj7xpl,asp,webapps,0 @@ -3612,7 +3612,7 @@ id,file,description,date,author,platform,type,port 3957,platforms/php/webapps/3957.php,"AlstraSoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 3958,platforms/php/webapps/3958.php,"AlstraSoft Template Seller Pro <= 3.25 Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 3959,platforms/php/webapps/3959.php,"AlstraSoft Template Seller Pro <= 3.25 - Remote Code Execution Exploit",2007-05-20,BlackHawk,php,webapps,0 -3960,platforms/php/webapps/3960.php,"Wordpress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 +3960,platforms/php/webapps/3960.php,"WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 3961,platforms/windows/remote/3961.html,"LeadTools Raster Variant (LTRVR14e.dll) Remote File Overwrite Exploit",2007-05-21,shinnai,windows,remote,0 3962,platforms/php/webapps/3962.txt,"Ol Bookmarks Manager 0.7.4 (root) Remote File Inclusion Vulnerabilities",2007-05-21,"ThE TiGeR",php,webapps,0 3963,platforms/php/webapps/3963.txt,"TutorialCMS <= 1.01 - Authentication Bypass Vulnerability",2007-05-21,Silentz,php,webapps,0 @@ -3684,13 +3684,13 @@ id,file,description,date,author,platform,type,port 4030,platforms/php/webapps/4030.php,"EQdkp <= 1.3.2 (listmembers.php rank) Remote SQL Injection Exploit",2007-06-04,Silentz,php,webapps,0 4031,platforms/php/webapps/4031.txt,"Madirish Webmail 2.0 (addressbook.php) Remote File Inclusion Vuln",2007-06-04,BoZKuRTSeRDaR,php,webapps,0 4032,platforms/tru64/remote/4032.pl,"HP Tru64 - Remote Secure Shell User Enumeration Exploit",2007-06-04,bunker,tru64,remote,0 -4033,platforms/windows/dos/4033.rb,"SNMPc <= 7.0.18 - Remote Denial of Service Exploit (meta)",2007-06-04,"En Douli",windows,dos,0 +4033,platforms/windows/dos/4033.rb,"SNMPc <= 7.0.18 - Remote Denial of Service Exploit (Metasploit)",2007-06-04,"En Douli",windows,dos,0 4034,platforms/php/webapps/4034.txt,"Kravchuk letter script 1.0 (scdir) Remote File Inclusion Vulnerabilities",2007-06-05,"Mehmet Ince",php,webapps,0 4035,platforms/php/webapps/4035.txt,"Comicsense 0.2 (index.php epi) Remote SQL Injection Vulnerability",2007-06-05,s0cratex,php,webapps,0 4036,platforms/php/webapps/4036.php,"PBLang <= 4.67.16.a Remote Code Execution Exploit",2007-06-06,Silentz,php,webapps,0 4037,platforms/php/webapps/4037.pl,"Comicsense 0.2 (index.php epi) Remote SQL Injection Exploit",2007-06-06,Silentz,php,webapps,0 4038,platforms/multiple/dos/4038.pl,"DRDoS - Distributed Reflection Denial of Service",2007-06-06,whoppix,multiple,dos,0 -4039,platforms/php/webapps/4039.txt,"Wordpress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit",2007-06-06,Slappter,php,webapps,0 +4039,platforms/php/webapps/4039.txt,"WordPress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit",2007-06-06,Slappter,php,webapps,0 4040,platforms/asp/webapps/4040.txt,"Kartli Alisveris Sistemi 1.0 - Remote SQL Injection Vulnerability",2007-06-06,kerem125,asp,webapps,0 4041,platforms/php/webapps/4041.htm,"NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion Exploit",2007-06-07,GoLd_M,php,webapps,0 4042,platforms/windows/remote/4042.html,"Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow Exploit",2007-06-07,Excepti0n,windows,remote,0 @@ -4005,7 +4005,7 @@ id,file,description,date,author,platform,type,port 4357,platforms/windows/remote/4357.html,"Telecom Italy Alice Messenger Remote registry key manipulation Exploit",2007-09-03,rgod,windows,remote,0 4358,platforms/php/webapps/4358.txt,"STPHPLibrary (STPHPLIB_DIR) Remote File Inclusion Vulnerability",2007-09-03,leetsecurity,php,webapps,0 4359,platforms/multiple/dos/4359.txt,"Apple Quicktime < 7.2 - SMIL Remote Integer Overflow PoC",2007-09-03,"David Vaartjes",multiple,dos,0 -4360,platforms/windows/remote/4360.rb,"CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (meta)",2007-09-03,"Patrick Webster",windows,remote,0 +4360,platforms/windows/remote/4360.rb,"CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (Metasploit)",2007-09-03,"Patrick Webster",windows,remote,0 4361,platforms/windows/local/4361.pl,"Microsoft Visual Basic 6.0 VBP_Open OLE Local CodeExec Exploit",2007-09-04,Koshi,windows,local,0 4362,platforms/linux/remote/4362.pl,"Web Oddity Web Server 0.09b - Directory Transversal Exploit",2007-09-04,Katatafish,linux,remote,0 4363,platforms/php/webapps/4363.txt,"PHPOF <= 20040226 (DB_adodb.class.php) RFI Vulnerability",2007-09-04,"ThE TiGeR",php,webapps,0 @@ -4042,7 +4042,7 @@ id,file,description,date,author,platform,type,port 4394,platforms/windows/remote/4394.html,"Microsoft Visual Studio 6.0 - (VBTOVSI.DLL 1.0.0.0) File Overwrite Exploit",2007-09-11,shinnai,windows,remote,0 4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 (root_path) Remote File Inclusion Vulnerability",2007-09-11,"Rootshell Security",php,webapps,0 4396,platforms/php/webapps/4396.txt,"X-Cart <= ? Multiple Remote File Inclusion Vulnerabilities",2007-09-11,aLiiF,php,webapps,0 -4397,platforms/php/webapps/4397.rb,"Wordpress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub)",2007-09-14,"Lance M. Havok",php,webapps,0 +4397,platforms/php/webapps/4397.rb,"WordPress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub)",2007-09-14,"Lance M. Havok",php,webapps,0 4398,platforms/windows/remote/4398.html,"Microsoft SQL Server Distributed Management Objects BoF Exploit",2007-09-12,96sysim,windows,remote,0 4399,platforms/multiple/remote/4399.html,"Apple Quicktime (Multiple Browsers) Command Execution PoC (0day)",2007-09-12,pdp,multiple,remote,0 4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 (id) Remote SQL Injection Vulnerability",2007-09-13,Houssamix,php,webapps,0 @@ -4210,7 +4210,7 @@ id,file,description,date,author,platform,type,port 4563,platforms/php/webapps/4563.txt,"PHP-Nuke platinum 7.6.b.5 - Remote File Inclusion Vulnerability",2007-10-23,BiNgZa,php,webapps,0 4564,platforms/multiple/local/4564.txt,"Oracle 10g CTX_DOC.MARKUP SQL Injection Exploit",2007-10-23,sh2kerr,multiple,local,0 4565,platforms/php/webapps/4565.txt,"PHP Image 1.2 - Multiple Remote File Inclusion Vulnerabilities",2007-10-23,Civi,php,webapps,0 -4566,platforms/windows/remote/4566.rb,"eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (meta)",2007-10-24,ri0t,windows,remote,10616 +4566,platforms/windows/remote/4566.rb,"eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (Metasploit)",2007-10-24,ri0t,windows,remote,10616 4567,platforms/multiple/remote/4567.pl,"Jakarta Slide <= 2.1 RC1 - Remote File Disclosure Exploit",2007-10-24,kingcope,multiple,remote,0 4568,platforms/php/webapps/4568.txt,"TikiWiki <= 1.9.8.1 - Local File Inclusion Vulnerabilities",2007-10-25,L4teral,php,webapps,0 4569,platforms/windows/dos/4569.pl,"CA BrightStor HSM <= r11.5 - Remote Stack Based Overflow / DoS",2007-10-27,"Nice Name Crew",windows,dos,0 @@ -4338,7 +4338,7 @@ id,file,description,date,author,platform,type,port 4692,platforms/hardware/dos/4692.pl,"Cisco Phone 7940 - Remote Denial of Service Exploit",2007-12-05,MADYNES,hardware,dos,0 4693,platforms/php/webapps/4693.txt,"SineCMS <= 2.3.4 Calendar Remote SQL Injection Vulnerability",2007-12-05,KiNgOfThEwOrLd,php,webapps,0 4694,platforms/php/webapps/4694.txt,"ezContents 1.4.5 (index.php link) Remote File Disclosure Vulnerability",2007-12-05,p4imi0,php,webapps,0 -4695,platforms/php/webapps/4695.txt,"Wordpress Plugin PictPress <= 0.91 - Remote File Disclosure Vulnerability",2007-12-05,GoLd_M,php,webapps,0 +4695,platforms/php/webapps/4695.txt,"WordPress Plugin PictPress <= 0.91 - Remote File Disclosure Vulnerability",2007-12-05,GoLd_M,php,webapps,0 4696,platforms/php/webapps/4696.txt,"SerWeb <= 2.0.0 dev1 2007-02-20 - Multiple RFI / LFI Vulnerabilities",2007-12-06,GoLd_M,php,webapps,0 4697,platforms/asp/webapps/4697.txt,"MWOpen E-Commerce leggi_commenti.asp Remote SQL Injection",2007-12-06,KiNgOfThEwOrLd,asp,webapps,0 4698,platforms/linux/local/4698.c,"Send ICMP Nasty Garbage (sing) Append File Logrotate Exploit",2007-12-06,bannedit,linux,local,0 @@ -4364,7 +4364,7 @@ id,file,description,date,author,platform,type,port 4718,platforms/php/webapps/4718.rb,"SquirrelMail G/PGP Plugin deletekey() Command Injection Exploit",2007-12-11,Backdoored,php,webapps,0 4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make (index.php template) Local File Inclusion Vuln",2007-12-11,MhZ91,php,webapps,0 4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks ActiveX Remote Code Execution Exploit",2007-12-11,porkythepig,windows,remote,0 -4721,platforms/php/webapps/4721.txt,"Wordpress <= 2.3.1 - Charset Remote SQL Injection Vulnerability",2007-12-11,"Abel Cheung",php,webapps,0 +4721,platforms/php/webapps/4721.txt,"WordPress <= 2.3.1 - Charset Remote SQL Injection Vulnerability",2007-12-11,"Abel Cheung",php,webapps,0 4722,platforms/php/webapps/4722.txt,"viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion Vulnerability",2007-12-11,RoMaNcYxHaCkEr,php,webapps,0 4723,platforms/osx/dos/4723.c,"Apple Mac OS X xnu <= 1228.0 - super_blob Local kernel Denial of Service PoC",2007-12-12,mu-b,osx,dos,0 4724,platforms/windows/remote/4724.py,"HP OpenView Network Node Manager 07.50 - CGI Remote BoF Exploit",2007-12-12,muts,windows,remote,80 @@ -4485,7 +4485,7 @@ id,file,description,date,author,platform,type,port 4841,platforms/php/webapps/4841.txt,"Invision Power Board <= 2.1.7 - ACTIVE XSS/SQL Injection Exploit",2008-01-05,"Eugene Minaev",php,webapps,0 4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 4843,platforms/php/webapps/4843.txt,"modx CMS 0.9.6.1 - Multiple Vulnerabilities",2008-01-05,BugReport.IR,php,webapps,0 -4844,platforms/php/webapps/4844.txt,"Wordpress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability",2008-01-06,Houssamix,php,webapps,0 +4844,platforms/php/webapps/4844.txt,"WordPress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability",2008-01-06,Houssamix,php,webapps,0 4845,platforms/php/webapps/4845.pl,"RunCMS Newbb_plus <= 0.92 Client IP Remote SQL Injection Exploit",2008-01-06,"Eugene Minaev",php,webapps,0 4846,platforms/php/webapps/4846.txt,"Uebimiau Web-Mail 2.7.10/2.7.2 - Remote File Disclosure Vulnerability",2008-01-06,"Eugene Minaev",php,webapps,0 4847,platforms/php/webapps/4847.txt,"XOOPS mod_gallery Zend_Hash_key + Extract RFI Vulnerability",2008-01-06,"Eugene Minaev",php,webapps,0 @@ -4579,7 +4579,7 @@ id,file,description,date,author,platform,type,port 4936,platforms/php/webapps/4936.txt,"Gradman <= 0.1.3 (info.php tabla) Local File Inclusion Vulnerability",2008-01-18,Syndr0me,php,webapps,0 4937,platforms/php/webapps/4937.txt,"Small Axe 0.3.1 (linkbar.php cfile) Remote File Inclusion Vulnerability",2008-01-18,RoMaNcYxHaCkEr,php,webapps,0 4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - (.dsr) File Handling BoF Exploit",2008-01-18,shinnai,windows,local,0 -4939,platforms/php/webapps/4939.txt,"Wordpress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability",2008-01-19,"websec Team",php,webapps,0 +4939,platforms/php/webapps/4939.txt,"WordPress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability",2008-01-19,"websec Team",php,webapps,0 4940,platforms/php/webapps/4940.pl,"Mini File Host 1.2.1 (upload.php language) Local File Inclusion Exploit",2008-01-20,shinmai,php,webapps,0 4941,platforms/hardware/remote/4941.txt,"Belkin Wireless G Plus MIMO Router F5D9230-4 - Auth Bypass Vulnerability",2008-01-20,DarkFig,hardware,remote,0 4942,platforms/php/webapps/4942.txt,"TikiWiki < 1.9.9 tiki-listmovies.php Directory Traversal Vulnerability",2008-01-20,Sha0,php,webapps,0 @@ -4631,8 +4631,8 @@ id,file,description,date,author,platform,type,port 4989,platforms/php/webapps/4989.txt,"simple forum 3.2 (fd/XSS) Multiple Vulnerabilities",2008-01-26,tomplixsee,php,webapps,0 4990,platforms/php/webapps/4990.txt,"phpIP 4.3.2 Numerous Remote SQL Injection Vulnerabilities",2008-01-26,"Charles Hooper",php,webapps,0 4991,platforms/php/webapps/4991.txt,"Bubbling Library 1.32 - Multiple Local File Inclusion Vulnerabilities",2008-01-26,Stack,php,webapps,0 -4992,platforms/php/webapps/4992.txt,"Wordpress Plugin WP-Cal 0.3 - editevent.php SQL Injection Vulnerability",2008-01-27,Houssamix,php,webapps,0 -4993,platforms/php/webapps/4993.txt,"Wordpress plugin fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability",2008-01-27,Houssamix,php,webapps,0 +4992,platforms/php/webapps/4992.txt,"WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection Vulnerability",2008-01-27,Houssamix,php,webapps,0 +4993,platforms/php/webapps/4993.txt,"WordPress plugin fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability",2008-01-27,Houssamix,php,webapps,0 4994,platforms/multiple/local/4994.sql,"Oracle 10g R1 pitrig_drop PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 xdb.xdb_pitrig_pkg PLSQL Injection (change sys password)",2008-01-28,sh2kerr,multiple,local,0 @@ -4652,11 +4652,11 @@ id,file,description,date,author,platform,type,port 5010,platforms/php/webapps/5010.txt,"Mambo Component Glossary 2.0 (catid) SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 5011,platforms/php/webapps/5011.txt,"Mambo Component musepoes (aid) Remote SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 5012,platforms/php/webapps/5012.pl,"Connectix Boards <= 0.8.2 template_path Remote File Inclusion Exploit",2008-01-30,Houssamix,php,webapps,0 -5013,platforms/php/webapps/5013.php,"Wordpress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 +5013,platforms/php/webapps/5013.php,"WordPress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 5014,platforms/php/webapps/5014.txt,"Mambo Component Recipes 1.00 (id) Remote SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 5015,platforms/php/webapps/5015.txt,"Mambo Component jokes 1.0 (cat) SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 5016,platforms/php/webapps/5016.txt,"Mambo Component EstateAgent 0.1 - Remote SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 -5017,platforms/php/webapps/5017.php,"Wordpress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 +5017,platforms/php/webapps/5017.php,"WordPress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 5018,platforms/php/webapps/5018.pl,"ibProArcade <= 3.3.0 - Remote SQL Injection Exploit",2008-01-30,RST/GHC,php,webapps,0 5019,platforms/php/webapps/5019.txt,"Coppermine Photo Gallery 1.4.14 - Remote Command Execution Exploit",2008-01-30,waraxe,php,webapps,0 5020,platforms/php/webapps/5020.txt,"Joomla Component ChronoForms 2.3.5 RFI Vulnerabilities",2008-01-30,Crackers_Child,php,webapps,0 @@ -4675,7 +4675,7 @@ id,file,description,date,author,platform,type,port 5035,platforms/php/webapps/5035.txt,"WordPress Plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities",2008-02-02,NBBN,php,webapps,0 5036,platforms/windows/dos/5036.pl,"Titan FTP Server 6.03 (USER/PASS) Remote Heap Overflow PoC",2008-02-02,securfrog,windows,dos,0 5037,platforms/php/webapps/5037.txt,"The Everything Development System <= Pre-1.0 - SQL Injection Vuln",2008-02-02,sub,php,webapps,0 -5039,platforms/php/webapps/5039.txt,"Wordpress Plugin Wordspew - Remote SQL Injection Vulnerability",2008-02-02,S@BUN,php,webapps,0 +5039,platforms/php/webapps/5039.txt,"WordPress Plugin Wordspew - Remote SQL Injection Vulnerability",2008-02-02,S@BUN,php,webapps,0 5040,platforms/php/webapps/5040.txt,"BookmarkX script 2007 (topicid) Remote SQL Injection Vulnerability",2008-02-02,S@BUN,php,webapps,0 5041,platforms/php/webapps/5041.txt,"phpShop <= 0.8.1 - Remote SQL Injection / Filter Bypass Vulnerabilities",2008-02-02,"the redc0ders",php,webapps,0 5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - (id) XSS / Remote SQL Injection Exploit",2008-02-02,"Khashayar Fereidani",php,webapps,0 @@ -4689,7 +4689,7 @@ id,file,description,date,author,platform,type,port 5050,platforms/php/webapps/5050.pl,"A-Blog 2 - (id) XSS / Remote SQL Injection Exploit",2008-02-03,"Khashayar Fereidani",php,webapps,0 5051,platforms/windows/remote/5051.html,"Yahoo! Music Jukebox 2.2 AddButton() ActiveX Remote BoF Exploit (3)",2008-02-03,Elazar,windows,remote,0 5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid ActiveX mediagrid.dll AddBitmap() BoF Exploit",2008-02-03,Elazar,windows,remote,0 -5053,platforms/php/webapps/5053.txt,"Wordpress Plugin st_newsletter - Remote SQL Injection Vulnerability",2008-02-03,S@BUN,php,webapps,0 +5053,platforms/php/webapps/5053.txt,"WordPress Plugin st_newsletter - Remote SQL Injection Vulnerability",2008-02-03,S@BUN,php,webapps,0 5054,platforms/hardware/dos/5054.c,"MicroTik RouterOS <= 3.2 SNMPd snmp-set Denial of Service Exploit",2008-02-03,ShadOS,hardware,dos,0 5055,platforms/php/webapps/5055.txt,"Joomla Component Marketplace 1.1.1 - SQL Injection Vulnerability",2008-02-03,"SoSo H H",php,webapps,0 5056,platforms/php/webapps/5056.txt,"ITechBids 5.0 (bidhistory.php item_id) Remote SQL Injection Vulnerability",2008-02-04,QTRinux,php,webapps,0 @@ -4702,7 +4702,7 @@ id,file,description,date,author,platform,type,port 5063,platforms/windows/dos/5063.pl,"NERO Media Player <= 1.4.0.35b M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 5064,platforms/php/webapps/5064.txt,"All Club CMS <= 0.0.2 index.php Remote SQL Injection Vulnerability",2008-02-05,ka0x,php,webapps,0 5065,platforms/php/webapps/5065.txt,"Photokorn Gallery 1.543 (pic) SQL Injection Vulnerability",2008-02-05,you_kn0w,php,webapps,0 -5066,platforms/php/webapps/5066.php,"Wordpress MU < 1.3.2 - active_plugins option Code Execution Exploit",2008-02-05,"Alexander Concha",php,webapps,0 +5066,platforms/php/webapps/5066.php,"WordPress MU < 1.3.2 - active_plugins option Code Execution Exploit",2008-02-05,"Alexander Concha",php,webapps,0 5067,platforms/windows/dos/5067.pl,"dBpowerAMP Audio Player Release 2 M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 5068,platforms/php/webapps/5068.txt,"OpenSiteAdmin <= 0.9.1.1 - Multiple File Inclusion Vulnerabilities",2008-02-06,Trancek,php,webapps,0 5069,platforms/windows/remote/5069.pl,"dBpowerAMP Audio Player Release 2 M3U File Buffer Overflow Exploit",2008-02-06,securfrog,windows,remote,0 @@ -4762,8 +4762,8 @@ id,file,description,date,author,platform,type,port 5123,platforms/php/webapps/5123.txt,"Scribe <= 0.2 (index.php page) Local File Inclusion Vulnerability",2008-02-14,muuratsalo,php,webapps,0 5124,platforms/php/webapps/5124.txt,"freePHPgallery 0.6 Cookie Local File Inclusion Vulnerability",2008-02-14,MhZ91,php,webapps,0 5125,platforms/php/webapps/5125.txt,"PHP Live! <= 3.2.2 (questid) Remote SQL Injection Vulnerability",2008-02-14,Xar,php,webapps,0 -5126,platforms/php/webapps/5126.txt,"Wordpress Plugin Simple Forum 2.0-2.1 - SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 -5127,platforms/php/webapps/5127.txt,"Wordpress Plugin Simple Forum 1.10-1.11 - SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 +5126,platforms/php/webapps/5126.txt,"WordPress Plugin Simple Forum 2.0-2.1 - SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 +5127,platforms/php/webapps/5127.txt,"WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 5128,platforms/php/webapps/5128.txt,"Mambo Component Quran <= 1.1 (surano) SQL Injection Vulnerability",2008-02-15,Don,php,webapps,0 5129,platforms/php/webapps/5129.txt,"TRUC 0.11.0 (download.php) Remote File Disclosure Vulnerability",2008-02-16,GoLd_M,php,webapps,0 5130,platforms/php/webapps/5130.txt,"AuraCMS 1.62 - Multiple Remote SQL Injection Exploit",2008-02-16,NTOS-Team,php,webapps,0 @@ -4771,7 +4771,7 @@ id,file,description,date,author,platform,type,port 5132,platforms/php/webapps/5132.txt,"Joomla Component jooget <= 2.6.8 - Remote SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 5133,platforms/php/webapps/5133.txt,"Mambo Component Ricette 1.0 - Remote SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 5134,platforms/php/webapps/5134.txt,"Joomla Component com_galeria Remote SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 -5135,platforms/php/webapps/5135.txt,"Wordpress Photo album Remote - SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 +5135,platforms/php/webapps/5135.txt,"WordPress Photo album Remote - SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 5136,platforms/php/webapps/5136.txt,"PHPizabi 0.848b C1 HFP1 - Remote File Upload Vulnerability",2008-02-17,ZoRLu,php,webapps,0 5137,platforms/php/webapps/5137.txt,"XPWeb 3.3.2 (Download.php url) Remote File Disclosure Vulnerability",2008-02-17,GoLd_M,php,webapps,0 5138,platforms/php/webapps/5138.txt,"Joomla Component astatsPRO 1.0 refer.php SQL Injection Vulnerability",2008-02-18,ka0x,php,webapps,0 @@ -4830,7 +4830,7 @@ id,file,description,date,author,platform,type,port 5191,platforms/multiple/dos/5191.c,"Apple Mac OS X xnu <= 1228.3.13 - IPv6-ipcomp Remote kernel DoS PoC",2008-02-26,mu-b,multiple,dos,0 5192,platforms/php/webapps/5192.pl,"Nukedit 4.9.x - Remote Create Admin Exploit",2008-02-26,r3dm0v3,php,webapps,0 5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5) BoF Exploit",2008-02-26,rgod,windows,remote,0 -5194,platforms/php/webapps/5194.txt,"Wordpress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 +5194,platforms/php/webapps/5194.txt,"WordPress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 5195,platforms/php/webapps/5195.txt,"Mambo Component Simpleboard 1.0.3 (catid) SQL Injection Vulnerability",2008-02-27,"it's my",php,webapps,0 5196,platforms/php/webapps/5196.pl,"EazyPortal <= 1.0 (COOKIE) Remote SQL Injection Exploit",2008-02-27,Iron,php,webapps,0 5197,platforms/php/webapps/5197.txt,"GROUP-E 1.6.41 (head_auth.php) Remote File Inclusion Vulnerability",2008-02-27,CraCkEr,php,webapps,0 @@ -4958,7 +4958,7 @@ id,file,description,date,author,platform,type,port 5323,platforms/php/webapps/5323.pl,"mxBB Module mx_blogs 2.0.0-beta Remote File Inclusion Exploit",2008-03-30,bd0rk,php,webapps,0 5324,platforms/php/webapps/5324.txt,"KISGB <= (tmp_theme) 5.1.1 - Local File Inclusion Vulnerability",2008-03-30,Cr@zy_King,php,webapps,0 5325,platforms/php/webapps/5325.txt,"JShop 1.x - 2.x (page.php xPage) Local File Inclusion Vulnerability",2008-03-30,v0l4arrra,php,webapps,0 -5326,platforms/php/webapps/5326.txt,"Wordpress Plugin Download - (dl_id) SQL Injection Vulnerability",2008-03-31,BL4CK,php,webapps,0 +5326,platforms/php/webapps/5326.txt,"WordPress Plugin Download - (dl_id) SQL Injection Vulnerability",2008-03-31,BL4CK,php,webapps,0 5327,platforms/windows/dos/5327.txt,"Microsoft Windows - Explorer Unspecified .DOC File Denial of Service Exploit",2008-03-31,"Iron Team",windows,dos,0 5328,platforms/php/webapps/5328.txt,"phpSpamManager 0.53b (body.php) Remote File Disclosure Vulnerability",2008-03-31,GoLd_M,php,webapps,0 5329,platforms/php/webapps/5329.txt,"Woltlab Burning Board Addon JGS-Treffen SQL Injection Vulnerability",2008-03-31,N/A,php,webapps,0 @@ -4998,7 +4998,7 @@ id,file,description,date,author,platform,type,port 5363,platforms/php/webapps/5363.txt,"Affiliate Directory (cat_id) Remote SQL Injection Vulnerbility",2008-04-04,t0pP8uZz,php,webapps,0 5364,platforms/php/webapps/5364.txt,"PHP Photo Gallery 1.0 (photo_id) SQL Injection Vulnerability",2008-04-04,t0pP8uZz,php,webapps,0 5365,platforms/php/webapps/5365.txt,"Blogator-script 0.95 (incl_page) Remote File Inclusion Vulnerability",2008-04-04,JIKO,php,webapps,0 -5366,platforms/solaris/remote/5366.rb,"Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (meta)",2008-04-04,I)ruid,solaris,remote,0 +5366,platforms/solaris/remote/5366.rb,"Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (Metasploit)",2008-04-04,I)ruid,solaris,remote,0 5367,platforms/php/webapps/5367.pl,"PIGMy-SQL <= 1.4.1 (getdata.php id) Blind SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 5368,platforms/php/webapps/5368.txt,"Blogator-script 0.95 (id_art) Remote SQL Injection Vulnerability",2008-04-04,"Virangar Security",php,webapps,0 5369,platforms/php/webapps/5369.txt,"Dragoon 0.1 (lng) Local File Inclusion Vulnerability",2008-04-04,w0cker,php,webapps,0 @@ -5092,7 +5092,7 @@ id,file,description,date,author,platform,type,port 5458,platforms/linux/dos/5458.txt,"xine-lib <= 1.1.12 NSF demuxer Stack Overflow Vulnerability PoC",2008-04-16,"Guido Landi",linux,dos,0 5459,platforms/php/webapps/5459.txt,"e107 module 123 flash chat 6.8.0 - Remote File Inclusion Vulnerability",2008-04-17,by_casper41,php,webapps,0 5460,platforms/windows/dos/5460.html,"Microsoft Works 7 WkImgSrv.dll ActiveX Denial of Service PoC",2008-04-17,"Shennan Wang",windows,dos,0 -5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (meta)",2008-04-17,oveRet,windows,remote,0 +5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (Metasploit)",2008-04-17,oveRet,windows,remote,0 5462,platforms/windows/local/5462.py,"DivX Player 6.6.0 - .SRT File SEH Buffer Overflow Exploit",2008-04-18,muts,windows,local,0 5463,platforms/php/webapps/5463.txt,"Grape Statistics 0.2a (location) Remote File Inclusion Vulnerability",2008-04-18,MajnOoNxHaCkEr,php,webapps,0 5464,platforms/php/webapps/5464.txt,"5th Avenue Shopping Cart (category_ID) SQL Injection Vulnerability",2008-04-18,"Aria-Security Team",php,webapps,0 @@ -5117,7 +5117,7 @@ id,file,description,date,author,platform,type,port 5483,platforms/php/webapps/5483.txt,"TR News 2.1 (nb) Remote SQL Injection Vulnerability",2008-04-21,His0k4,php,webapps,0 5484,platforms/php/webapps/5484.txt,"Joomla Component FlippingBook 1.0.4 - SQL Injection Vulnerability",2008-04-22,cO2,php,webapps,0 5485,platforms/php/webapps/5485.pl,"Web Calendar <= 4.1 - Blind SQL Injection Exploit",2008-04-22,t0pP8uZz,php,webapps,0 -5486,platforms/php/webapps/5486.txt,"Wordpress Plugin Spreadsheet <= 0.6 - SQL Injection Vulnerability",2008-04-22,1ten0.0net1,php,webapps,0 +5486,platforms/php/webapps/5486.txt,"WordPress Plugin Spreadsheet <= 0.6 - SQL Injection Vulnerability",2008-04-22,1ten0.0net1,php,webapps,0 5487,platforms/php/webapps/5487.txt,"E RESERV 2.1 (index.php ID_loc) SQL Injection Vulnerability",2008-04-23,JIKO,php,webapps,0 5488,platforms/php/webapps/5488.txt,"Joomla Component Filiale 1.0.4 (idFiliale) SQL Injection Vulnerability",2008-04-23,str0xo,php,webapps,0 5489,platforms/windows/remote/5489.html,"Zune Software - ActiveX Arbitrary File Overwrite Exploit",2008-04-23,"ilion security",windows,remote,0 @@ -5359,7 +5359,7 @@ id,file,description,date,author,platform,type,port 5734,platforms/php/webapps/5734.pl,"Joomla Component JooBlog 0.1.1 - Blind SQL Injection Exploit",2008-06-03,His0k4,php,webapps,0 5736,platforms/php/webapps/5736.txt,"1Book Guestbook Script - Code Execution Vulnerability",2008-06-03,JIKO,php,webapps,0 5737,platforms/php/webapps/5737.pl,"Joomla Component jotloader <= 1.2.1.a - BlindSQL Injection Exploit",2008-06-04,His0k4,php,webapps,0 -5738,platforms/windows/remote/5738.rb,"HP StorageWorks NSI Double Take Remote Overflow Exploit (meta)",2008-06-04,ri0t,windows,remote,1100 +5738,platforms/windows/remote/5738.rb,"HP StorageWorks NSI Double Take Remote Overflow Exploit (Metasploit)",2008-06-04,ri0t,windows,remote,1100 5739,platforms/php/webapps/5739.txt,"PHP-Address Book <= 3.1.5 (SQL/XSS) Multiple Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 5740,platforms/php/webapps/5740.pl,"Joomla Component EasyBook 1.1 (gbid) SQL Injection Exploit",2008-06-04,ZAMUT,php,webapps,0 5741,platforms/windows/remote/5741.html,"Akamai Download Manager < 2.2.3.7 - ActiveX Remote Download Exploit",2008-06-04,cocoruder,windows,remote,0 @@ -5734,12 +5734,12 @@ id,file,description,date,author,platform,type,port 6119,platforms/asp/webapps/6119.txt,"Pre Survey Poll (default.asp catid) SQL Injection Vulnerability",2008-07-22,DreamTurk,asp,webapps,0 6120,platforms/minix/dos/6120.txt,"minix 3.1.2a tty panic Local Denial of Service Vulnerability",2008-07-23,kokanin,minix,dos,0 6121,platforms/windows/remote/6121.c,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (c)",2008-07-23,r0ut3r,windows,remote,0 -6122,platforms/multiple/remote/6122.rb,"BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)",2008-07-23,I)ruid,multiple,remote,0 +6122,platforms/multiple/remote/6122.rb,"BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (Metasploit)",2008-07-23,I)ruid,multiple,remote,0 6123,platforms/multiple/remote/6123.py,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (py)",2008-07-24,"Julien Desfossez",multiple,remote,0 6124,platforms/windows/remote/6124.c,"Microsoft Access (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit",2008-07-24,callAX,windows,remote,0 6125,platforms/php/webapps/6125.txt,"Atom PhotoBlog 1.1.5b1 (photoId) Remote SQL Injection Vulnerability",2008-07-24,Mr.SQL,php,webapps,0 6126,platforms/php/webapps/6126.txt,"ibase <= 2.03 (download.php) Remote File Disclosure Vulnerability",2008-07-24,Dyshoo,php,webapps,0 -6127,platforms/php/webapps/6127.htm,"Wordpress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 +6127,platforms/php/webapps/6127.htm,"WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 (id) Remote SQL Injection Vulnerability",2008-07-24,IRAQI,php,webapps,0 6129,platforms/minix/dos/6129.txt,"minix 3.1.2a tty panic Remote Denial of Service Vulnerability",2008-07-25,kokanin,minix,dos,0 6130,platforms/multiple/remote/6130.c,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (c)",2008-07-25,"Marc Bevand",multiple,remote,0 @@ -5967,7 +5967,7 @@ id,file,description,date,author,platform,type,port 6383,platforms/php/webapps/6383.txt,"EsFaq 2.0 (idcat) Remote SQL Injection Vulnerability",2008-09-05,SuB-ZeRo,php,webapps,0 6385,platforms/php/webapps/6385.txt,"Vastal I-Tech Shaadi Zone 1.0.9 (tage) SQL Injection Vulnerability",2008-09-05,e.wiZz!,php,webapps,0 6386,platforms/windows/dos/6386.html,"Google Chrome Browser 0.2.149.27 Inspect Element DoS Exploit",2008-09-05,Metacortex,windows,dos,0 -6387,platforms/windows/remote/6387.rb,"CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (meta)",2008-09-05,"Kevin Finisterre",windows,remote,2022 +6387,platforms/windows/remote/6387.rb,"CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (Metasploit)",2008-09-05,"Kevin Finisterre",windows,remote,2022 6388,platforms/php/webapps/6388.txt,"Vastal I-Tech Dating Zone (fage) SQL Injection Vulnerability",2008-09-06,ZoRLu,php,webapps,0 6389,platforms/windows/local/6389.cpp,"Numark Cue 5.0 rev 2 - Local .M3U File Stack Buffer Overflow Exploit",2008-09-06,"fl0 fl0w",windows,local,0 6390,platforms/php/webapps/6390.txt,"IntegraMOD 1.4.x - (Insecure Directory) Download Database Vulnerability",2008-09-06,TheJT,php,webapps,0 @@ -5977,7 +5977,7 @@ id,file,description,date,author,platform,type,port 6394,platforms/hardware/dos/6394.pl,"Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC",2008-09-07,"Alex Hernandez",hardware,dos,0 6395,platforms/php/webapps/6395.txt,"Masir Camp E-Shop Module <= 3.0 (ordercode) SQL Injection Vuln",2008-09-07,BugReport.IR,php,webapps,0 6396,platforms/php/webapps/6396.txt,"Alstrasoft Forum (cat) Remote SQL Injection Vulnerability",2008-09-07,r45c4l,php,webapps,0 -6397,platforms/php/webapps/6397.txt,"Wordpress 2.6.1 - SQL Column Truncation Vulnerability",2008-09-07,irk4z,php,webapps,0 +6397,platforms/php/webapps/6397.txt,"WordPress 2.6.1 - SQL Column Truncation Vulnerability",2008-09-07,irk4z,php,webapps,0 6398,platforms/php/webapps/6398.txt,"E-Shop Shopping Cart Script (search_results.php) SQL Injection Vuln",2008-09-07,Mormoroth,php,webapps,0 6401,platforms/php/webapps/6401.txt,"Alstrasoft Forum (catid) Remote SQL Injection Vulnerability",2008-09-09,r45c4l,php,webapps,0 6402,platforms/php/webapps/6402.txt,"Stash 1.0.3 - Multiple SQL Injection Vulnerabilities",2008-09-09,"Khashayar Fereidani",php,webapps,0 @@ -5997,7 +5997,7 @@ id,file,description,date,author,platform,type,port 6417,platforms/php/webapps/6417.txt,"Availscript Jobs Portal Script (jid) SQL Injection Vulnerability (auth)",2008-09-10,InjEctOr5,php,webapps,0 6419,platforms/php/webapps/6419.txt,"Zanfi CMS lite 2.1 / Jaw Portal free - (fckeditor) Arbitrary File Upload Vuln",2008-09-10,reptil,php,webapps,0 6420,platforms/asp/webapps/6420.txt,"aspwebalbum 3.2 - Multiple Vulnerabilities",2008-09-10,e.wiZz!,asp,webapps,0 -6421,platforms/php/webapps/6421.php,"Wordpress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit",2008-09-10,iso^kpsbr,php,webapps,0 +6421,platforms/php/webapps/6421.php,"WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit",2008-09-10,iso^kpsbr,php,webapps,0 6422,platforms/php/webapps/6422.txt,"phpvid 1.1 (xss/SQL) Multiple Vulnerabilities",2008-09-10,r45c4l,php,webapps,0 6423,platforms/php/webapps/6423.txt,"Zanfi CMS lite / Jaw Portal free (page) SQL Injection Vulnerability",2008-09-10,Cru3l.b0y,php,webapps,0 6424,platforms/windows/dos/6424.html,"Adobe Acrobat 9 - ActiveX Remote Denial of Service Exploit",2008-09-11,"Jeremy Brown",windows,dos,0 @@ -6037,7 +6037,7 @@ id,file,description,date,author,platform,type,port 6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite Remote SQL Injection Vulnerabilities",2008-09-14,~!Dok_tOR!~,php,webapps,0 6461,platforms/php/webapps/6461.txt,"Cpanel <= 11.x (Fantastico) LFI Vulnerability (sec bypass)",2008-09-14,joker_1,php,webapps,0 6462,platforms/php/webapps/6462.pl,"CzarNews <= 1.20 (Cookie) Remote SQL Injection Exploit",2008-09-15,StAkeR,php,webapps,0 -6463,platforms/windows/dos/6463.rb,"Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (meta)",2008-09-15,"Javier Vicente Vallejo",windows,dos,0 +6463,platforms/windows/dos/6463.rb,"Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (Metasploit)",2008-09-15,"Javier Vicente Vallejo",windows,dos,0 6464,platforms/php/webapps/6464.txt,"CzarNews <= 1.20 (Account Hijacking) Remote SQL Injection Vuln",2008-09-15,0ut0fbound,php,webapps,0 6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings (search.php c) SQL Injection Vulnerability",2008-09-15,JosS,php,webapps,0 6466,platforms/php/webapps/6466.txt,"Link Bid Script 1.5 - Multiple Remote SQL Injection Vulnerabilities",2008-09-15,SirGod,php,webapps,0 @@ -6048,7 +6048,7 @@ id,file,description,date,author,platform,type,port 6471,platforms/multiple/dos/6471.pl,"QuickTime 7.5.5 / ITunes 8.0 - Remote off by one Crash Exploit",2008-09-16,securfrog,multiple,dos,0 6472,platforms/multiple/dos/6472.c,"Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - (.forward) Local DoS Exploit",2008-09-16,"Albert Sellares",multiple,dos,0 6473,platforms/php/webapps/6473.txt,"phpRealty 0.3 (INC) Remote File Inclusion Vulnerability",2008-09-17,ka0x,php,webapps,0 -6474,platforms/windows/dos/6474.rb,"WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (meta)",2008-09-17,"belay tows",windows,dos,0 +6474,platforms/windows/dos/6474.rb,"WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (Metasploit)",2008-09-17,"belay tows",windows,dos,0 6475,platforms/php/webapps/6475.txt,"PHP Crawler 0.8 (footer) Remote File Inclusion Vulnerability",2008-09-17,Piker,php,webapps,0 6476,platforms/hardware/remote/6476.html,"Cisco Router HTTP Administration CSRF Command Execution Exploit",2008-09-17,"Jeremy Brown",hardware,remote,0 6477,platforms/hardware/remote/6477.html,"Cisco Router - HTTP Administration CSRF Command Execution Exploit (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 @@ -6141,7 +6141,7 @@ id,file,description,date,author,platform,type,port 6567,platforms/php/webapps/6567.pl,"Libra PHP File Manager <= 1.18/2.0 - Local File Inclusion Exploit",2008-09-25,Pepelux,php,webapps,0 6568,platforms/php/webapps/6568.txt,"PHP infoBoard 7 - Plus Insecure Cookie Handling Vulnerability",2008-09-25,Stack,php,webapps,0 6569,platforms/php/webapps/6569.txt,"Vikingboard <= 0.2 Beta SQL Column Truncation Vulnerability",2008-09-25,StAkeR,php,webapps,0 -6570,platforms/windows/remote/6570.rb,"ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (meta)",2008-09-25,"Kevin Finisterre",windows,remote,0 +6570,platforms/windows/remote/6570.rb,"ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (Metasploit)",2008-09-25,"Kevin Finisterre",windows,remote,0 6571,platforms/php/webapps/6571.txt,"openengine <= 2.0 beta4 - Remote File Inclusion Vulnerability",2008-09-25,dun,php,webapps,0 6572,platforms/php/webapps/6572.txt,"Atomic Photo Album 1.1.0pre4 (XSS/SQL) Remote Vulnerabilities",2008-09-25,d3v1l,php,webapps,0 6573,platforms/php/webapps/6573.pl,"LanSuite 3.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-09-25,Stack,php,webapps,0 @@ -6343,7 +6343,7 @@ id,file,description,date,author,platform,type,port 6774,platforms/windows/remote/6774.html,"Hummingbird Deployment Wizard 2008 Registry Values Creation/Change",2008-10-17,shinnai,windows,remote,0 6775,platforms/solaris/dos/6775.c,"Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit",2008-10-17,"Federico L. Bossi Bonin",solaris,dos,0 6776,platforms/windows/remote/6776.html,"Hummingbird Deployment Wizard 2008 - ActiveX File Execution(2)",2008-10-17,shinnai,windows,remote,0 -6777,platforms/php/webapps/6777.txt,"Wordpress Plugin st_newsletter - (stnl_iframe.php) SQL Injection Vuln",2008-10-17,r45c4l,php,webapps,0 +6777,platforms/php/webapps/6777.txt,"WordPress Plugin st_newsletter - (stnl_iframe.php) SQL Injection Vuln",2008-10-17,r45c4l,php,webapps,0 6778,platforms/php/webapps/6778.pl,"XOOPS Module GesGaleri (kategorino) Remote SQL Injection Exploit",2008-10-18,EcHoLL,php,webapps,0 6779,platforms/php/webapps/6779.txt,"phpFastNews 1.0.0 Insecure Cookie Handling Vulnerability",2008-10-18,Qabandi,php,webapps,0 6780,platforms/php/webapps/6780.txt,"zeeproperty (adid) Remote SQL Injection Vulnerability",2008-10-18,"Hussin X",php,webapps,0 @@ -6402,7 +6402,7 @@ id,file,description,date,author,platform,type,port 6835,platforms/php/webapps/6835.txt,"BuzzyWall 1.3.1 (download id) Remote File Disclosure Vulnerability",2008-10-24,b3hz4d,php,webapps,0 6836,platforms/php/webapps/6836.txt,"Tlnews 2.2 Insecure Cookie Handling Vulnerability",2008-10-25,x0r,php,webapps,0 6837,platforms/php/webapps/6837.txt,"Kasra CMS (index.php) Multiple SQL Injection Vulnerabilities",2008-10-25,G4N0K,php,webapps,0 -6838,platforms/windows/dos/6838.rb,"PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (meta)",2008-10-25,"Saint Patrick",windows,dos,0 +6838,platforms/windows/dos/6838.rb,"PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (Metasploit)",2008-10-25,"Saint Patrick",windows,dos,0 6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions (gotourl.php id) SQL Injection Vuln",2008-10-26,"Hussin X",php,webapps,0 6840,platforms/windows/remote/6840.html,"PowerTCP FTP module Multiple Technique Exploit (SEH/HeapSpray)",2008-10-26,"Shahriyar Jalayeri",windows,remote,0 6841,platforms/windows/remote/6841.txt,"Microsoft Windows Server - Code Execution Exploit (MS08-067) (Universal)",2008-10-26,EMM,windows,remote,135 @@ -6431,7 +6431,7 @@ id,file,description,date,author,platform,type,port 6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability",2008-10-29,GoLd_M,cgi,webapps,0 6865,platforms/php/webapps/6865.txt,"e107 plugin fm pro 1 - (fd/upload/dt) Multiple Vulnerabilities",2008-10-29,GoLd_M,php,webapps,0 6866,platforms/php/webapps/6866.pl,"7Shop <= 1.1 - Remote Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 -6867,platforms/php/webapps/6867.pl,"Wordpress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 +6867,platforms/php/webapps/6867.pl,"WordPress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 6868,platforms/php/webapps/6868.pl,"Mambo Component SimpleBoard <= 1.0.1 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 6869,platforms/php/webapps/6869.txt,"WebCards <= 1.3 - Remote SQL Injection Vulnerability",2008-10-29,t0pP8uZz,php,webapps,0 6870,platforms/windows/remote/6870.html,"MW6 Aztec ActiveX (Aztec.dll) Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 @@ -6484,7 +6484,7 @@ id,file,description,date,author,platform,type,port 6918,platforms/php/webapps/6918.txt,"SFS EZ Auction (viewfaqs.php cat) Blind SQL Injection Vulnerability",2008-10-31,Stack,php,webapps,0 6919,platforms/php/webapps/6919.txt,"SFS EZ Career (content.php topic) SQL Injection Vulnerability",2008-10-31,Stack,php,webapps,0 6920,platforms/php/webapps/6920.txt,"SFS EZ Top Sites (topsite.php ts) Remote SQL Injection Vulnerability",2008-10-31,Stack,php,webapps,0 -6921,platforms/windows/remote/6921.rb,"GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (meta)",2008-11-01,"Kevin Finisterre",windows,remote,0 +6921,platforms/windows/remote/6921.rb,"GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (Metasploit)",2008-11-01,"Kevin Finisterre",windows,remote,0 6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore (where) Remote SQL Injection Vulnerability",2008-11-01,ZoRLu,php,webapps,0 6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site (directory.php cat) SQL Injection Vulnerability",2008-11-01,Hakxer,php,webapps,0 6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats (id) Remote SQL Injection Vulnerability",2008-11-01,ZoRLu,php,webapps,0 @@ -6615,7 +6615,7 @@ id,file,description,date,author,platform,type,port 7053,platforms/php/webapps/7053.txt,"Myiosoft EasyBookMarker 4 - (Parent) SQL Injection Vulnerability",2008-11-07,G4N0K,php,webapps,0 7054,platforms/windows/local/7054.txt,"Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation Exploit",2008-11-07,"NT Internals",windows,local,0 7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 - Authentication Bypass Config Download Vulnerability",2008-11-07,hkm,hardware,remote,0 -7056,platforms/windows/remote/7056.rb,"GE Proficy Real Time Information Portal Credentials Leak Sniffer (meta)",2008-11-08,"Kevin Finisterre",windows,remote,0 +7056,platforms/windows/remote/7056.rb,"GE Proficy Real Time Information Portal Credentials Leak Sniffer (Metasploit)",2008-11-08,"Kevin Finisterre",windows,remote,0 7057,platforms/php/webapps/7057.pl,"MemHT Portal <= 4.0 - Remote Code Execution Exploit",2008-11-08,Ams,php,webapps,0 7058,platforms/php/webapps/7058.txt,"zeeproperty 1.0 (upload/XSS) Multiple Vulnerabilities",2008-11-08,ZoRLu,php,webapps,0 7059,platforms/php/webapps/7059.txt,"Enthusiast 3.1.4 (show_joined.php path) Remote File Inclusion Vuln",2008-11-08,BugReport.IR,php,webapps,0 @@ -7084,7 +7084,7 @@ id,file,description,date,author,platform,type,port 7540,platforms/php/webapps/7540.txt,"phpg 1.6 - (XSS/Path Disclosure/DoS) Multiple Vulnerabilities",2008-12-21,"Anarchy Angel",php,webapps,0 7541,platforms/php/webapps/7541.pl,"RSS Simple News (news.php pid) Remote SQL Injection Exploit",2008-12-22,Piker,php,webapps,0 7542,platforms/php/webapps/7542.txt,"Text Lines Rearrange Script - (filename) File Disclosure Vulnerability",2008-12-22,SirGod,php,webapps,0 -7543,platforms/php/webapps/7543.txt,"Wordpress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD Vuln",2008-12-22,GoLd_M,php,webapps,0 +7543,platforms/php/webapps/7543.txt,"WordPress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD Vuln",2008-12-22,GoLd_M,php,webapps,0 7544,platforms/php/webapps/7544.txt,"Pligg 9.9.5b (check_url.php url) Upload Shell/SQL Injection Exploit",2008-12-22,Ams,php,webapps,0 7545,platforms/php/webapps/7545.txt,"yourplace <= 1.0.2 - Multiple Vulnerabilities + rce Exploit",2008-12-22,Osirys,php,webapps,0 7546,platforms/php/webapps/7546.txt,"Joomla Component Volunteer 2.0 (job_id) SQL Injection Vulnerability",2008-12-22,boom3rang,php,webapps,0 @@ -7276,7 +7276,7 @@ id,file,description,date,author,platform,type,port 7735,platforms/php/webapps/7735.pl,"Simple Machines Forum - Destroyer 0.1",2009-01-12,Xianur0,php,webapps,0 7736,platforms/asp/webapps/7736.htm,"Comersus Shopping Cart <= 6.0 - Remote User Pass Exploit",2009-01-12,ajann,asp,webapps,0 7737,platforms/windows/dos/7737.py,"Triologic Media Player 7 - (.m3u) Local Heap Buffer Overflow PoC",2009-01-12,zAx,windows,dos,0 -7738,platforms/php/webapps/7738.txt,"Wordpress plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability",2009-01-12,seomafia,php,webapps,0 +7738,platforms/php/webapps/7738.txt,"WordPress plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability",2009-01-12,seomafia,php,webapps,0 7739,platforms/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 - (Download File) Insecure Method Exploit",2009-01-12,"Alfons Luja",windows,remote,0 7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Remote File Upload Vulnerability",2009-01-12,ahmadbady,php,webapps,0 7741,platforms/asp/webapps/7741.txt,"dMx READY (25 Products) Remote Database Disclosure Vulnerability",2009-01-12,Cyber-Zone,asp,webapps,0 @@ -7480,7 +7480,7 @@ id,file,description,date,author,platform,type,port 7946,platforms/php/webapps/7946.txt,"sourdough 0.3.5 - Remote File Inclusion Vulnerability",2009-02-02,ahmadbady,php,webapps,0 7947,platforms/php/webapps/7947.pl,"eVision CMS 2.0 - Remote Code Execution Exploit",2009-02-02,Osirys,php,webapps,0 7948,platforms/php/webapps/7948.php,"phpslash <= 0.8.1.1 - Remote Code Execution Exploit",2009-02-02,DarkFig,php,webapps,0 -7949,platforms/php/webapps/7949.rb,"OpenHelpDesk 1.0.100 eval() Code Execution Exploit (meta)",2009-02-02,LSO,php,webapps,0 +7949,platforms/php/webapps/7949.rb,"OpenHelpDesk 1.0.100 eval() Code Execution Exploit (Metasploit)",2009-02-02,LSO,php,webapps,0 18164,platforms/android/webapps/18164.php,"Android 'content://' URI - Multiple Information Disclosure Vulnerabilities",2011-11-28,"Thomas Cannon",android,webapps,0 7951,platforms/php/webapps/7951.txt,"WholeHogSoftware Ware Support Insecure Cookie Handling Vulnerability",2009-02-03,Stack,php,webapps,0 7952,platforms/php/webapps/7952.txt,"WholeHogSoftware Password Protect Insecure Cookie Handling Vuln",2009-02-03,Stack,php,webapps,0 @@ -7601,7 +7601,7 @@ id,file,description,date,author,platform,type,port 8071,platforms/php/webapps/8071.txt,"S-CMS 1.1 Stable Insecure Cookie Handling / Mass Page Delete Vulns",2009-02-17,x0r,php,webapps,0 8072,platforms/php/webapps/8072.txt,"pHNews Alpha 1 (header.php mod) SQL Injection Vulnerability",2009-02-17,x0r,php,webapps,0 8073,platforms/php/webapps/8073.txt,"pHNews Alpha 1 (genbackup.php) Database Disclosure Vulnerability",2009-02-17,x0r,php,webapps,0 -8074,platforms/multiple/local/8074.rb,"Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta)",2009-02-18,sh2kerr,multiple,local,0 +8074,platforms/multiple/local/8074.rb,"Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (Metasploit)",2009-02-18,sh2kerr,multiple,local,0 8075,platforms/php/webapps/8075.pl,"Firepack (admin/ref.php) Remote Code Execution Exploit",2009-02-18,Lidloses_Auge,php,webapps,0 8076,platforms/php/webapps/8076.txt,"smNews 1.0 - Auth Bypass/Column Truncation Vulnerabilities",2009-02-18,x0r,php,webapps,0 8077,platforms/windows/dos/8077.html,"Microsoft Internet Explorer 7 - Memory Corruption PoC (MS09-002)",2009-02-18,N/A,windows,dos,0 @@ -7712,7 +7712,7 @@ id,file,description,date,author,platform,type,port 8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 (playlist) Universal SEH Overwrite Exploit",2009-03-10,His0k4,windows,local,0 8194,platforms/php/webapps/8194.txt,"PHP-Fusion Mod Book Panel (course_id) SQL Injection Vulnerability",2009-03-10,SuB-ZeRo,php,webapps,0 8195,platforms/php/webapps/8195.txt,"WeBid <= 0.7.3 RC9 - Multiple Remote File Inclusion Vulnerabilities",2009-03-10,K-159,php,webapps,0 -8196,platforms/php/webapps/8196.txt,"Wordpress MU < 2.7 - 'HOST' HTTP Header XSS Vulnerability",2009-03-10,"Juan Galiana Lara",php,webapps,0 +8196,platforms/php/webapps/8196.txt,"WordPress MU < 2.7 - 'HOST' HTTP Header XSS Vulnerability",2009-03-10,"Juan Galiana Lara",php,webapps,0 8197,platforms/php/webapps/8197.txt,"Joomla Djice Shoutbox 1.0 Permanent XSS Vulnerability",2009-03-10,XaDoS,php,webapps,0 8198,platforms/php/webapps/8198.pl,"RoomPHPlanning <= 1.6 (userform.php) Create Admin User Exploit",2009-03-10,"Jonathan Salwan",php,webapps,0 8200,platforms/windows/remote/8200.pl,"GuildFTPd FTP Server 0.999.14 - Remote Delete Files Exploit",2009-03-10,"Jonathan Salwan",windows,remote,0 @@ -7740,7 +7740,7 @@ id,file,description,date,author,platform,type,port 8226,platforms/php/webapps/8226.txt,"PHPRunner 4.2 (SearchOption) Blind SQL Injection Vulnerability",2009-03-17,BugReport.IR,php,webapps,0 8227,platforms/windows/remote/8227.pl,"Talkative IRC 0.4.4.16 - Remote Stack Overflow Exploit (SEH)",2009-03-17,LiquidWorm,windows,remote,0 8228,platforms/php/webapps/8228.txt,"GDL 4.x - (node) Remote SQL Injection Vulnerability",2009-03-17,g4t3w4y,php,webapps,0 -8229,platforms/php/webapps/8229.txt,"Wordpress Plugin fMoblog 2.1 - (id) SQL Injection Vulnerability",2009-03-17,"strange kevin",php,webapps,0 +8229,platforms/php/webapps/8229.txt,"WordPress Plugin fMoblog 2.1 - (id) SQL Injection Vulnerability",2009-03-17,"strange kevin",php,webapps,0 8230,platforms/php/webapps/8230.txt,"Mega File Hosting Script 1.2 (cross.php url) RFI Vulnerability",2009-03-17,Garry,php,webapps,0 8231,platforms/windows/local/8231.php,"CDex 1.70b2 - (.ogg) Local Buffer Overflow Exploit (xp/ sp3)",2009-03-18,Nine:Situations:Group,windows,local,0 8232,platforms/windows/dos/8232.py,"Chasys Media Player 1.1 - (.pls) Local Buffer Overflow PoC (SEH)",2009-03-18,zAx,windows,dos,0 @@ -7836,7 +7836,7 @@ id,file,description,date,author,platform,type,port 8323,platforms/php/webapps/8323.txt,"Community CMS 0.5 - Multiple SQL Injection Vulnerabilities",2009-03-31,"Salvatore Fresta",php,webapps,0 8324,platforms/php/webapps/8324.php,"Podcast Generator <= 1.1 - Remote Code Execution Exploit",2009-03-31,BlackHawk,php,webapps,0 8325,platforms/windows/dos/8325.py,"Safari 3.2.2/4b (nested elements) XML Parsing Remote Crash Exploit",2009-03-31,"Ahmed Obied",windows,dos,0 -8326,platforms/php/webapps/8326.rb,"VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (meta)",2009-03-31,waraxe,php,webapps,0 +8326,platforms/php/webapps/8326.rb,"VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (Metasploit)",2009-03-31,waraxe,php,webapps,0 8327,platforms/php/webapps/8327.txt,"virtuemart <= 1.1.2 - Multiple Vulnerabilities",2009-03-31,waraxe,php,webapps,0 8328,platforms/php/webapps/8328.txt,"webEdition <= 6.0.0.4 (WE_LANGUAGE) Local File Inclusion Vulnerability",2009-03-31,"Salvatore Fresta",php,webapps,0 8329,platforms/php/webapps/8329.txt,"JobHut 1.2 - Remote Password Change/Delete/Activate User Vulnerability",2009-03-31,"ThE g0bL!N",php,webapps,0 @@ -7925,7 +7925,7 @@ id,file,description,date,author,platform,type,port 8415,platforms/php/webapps/8415.txt,"FreznoShop 1.3.0 (id) Remote SQL Injection Vulnerability",2009-04-13,NoGe,php,webapps,0 8416,platforms/windows/local/8416.pl,"Mini-stream Ripper 3.0.1.1 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 8417,platforms/php/webapps/8417.txt,"e107 Plugin userjournals_menu (blog.id) SQL Injection Vulnerability",2009-04-13,boom3rang,php,webapps,0 -8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 (XSS/DD) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 +8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - (XSS/DD) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 8419,platforms/windows/remote/8419.pl,"ftpdmin 0.96 - Arbitrary File Disclosure Exploit",2009-04-13,Stack,windows,remote,21 8420,platforms/windows/local/8420.py,"BulletProof FTP Client 2009 - (.bps) Buffer Overflow Exploit (SEH)",2009-04-13,His0k4,windows,local,0 8421,platforms/windows/remote/8421.py,"Steamcast (HTTP Request) Remote Buffer Overflow Exploit (SEH) (1)",2009-04-13,His0k4,windows,remote,8000 @@ -8128,7 +8128,7 @@ id,file,description,date,author,platform,type,port 8620,platforms/windows/local/8620.pl,"Sorinara Streaming Audio Player 0.9 - (.m3u) Local Stack Overflow Exploit",2009-05-05,Stack,windows,local,0 8621,platforms/windows/remote/8621.py,"32bit FTP (09.04.24) - (CWD Response) Universal Seh Overwrite Exploit",2009-05-05,His0k4,windows,remote,0 8622,platforms/php/webapps/8622.pl,"webSPELL <= 4.2.0e (page) Remote Blind SQL Injection Exploit",2009-05-07,DNX,php,webapps,0 -8623,platforms/windows/remote/8623.rb,"32bit FTP - (PASV) Reply Client Remote Overflow Exploit (meta)",2009-05-07,His0k4,windows,remote,0 +8623,platforms/windows/remote/8623.rb,"32bit FTP - (PASV) Reply Client Remote Overflow Exploit (Metasploit)",2009-05-07,His0k4,windows,remote,0 8624,platforms/windows/local/8624.pl,"Soritong MP3 Player 1.0 - Local Buffer Overflow Exploit (SEH)",2009-05-07,Stack,windows,local,0 8625,platforms/windows/dos/8625.pl,"Sorinara Streaming Audio Player 0.9 - (.PLA) Local Stack Overflow PoC",2009-05-07,GoLd_M,windows,dos,0 8626,platforms/php/webapps/8626.txt,"TCPDB 3.8 - Arbitrary Add Admin Account Vulnerability",2009-05-07,Mr.tro0oqy,php,webapps,0 @@ -8290,7 +8290,7 @@ id,file,description,date,author,platform,type,port 8788,platforms/php/webapps/8788.txt,"Mole Adult Portal Script (profile.php user_id) SQL Injection Vulnerability",2009-05-26,Qabandi,php,webapps,0 8789,platforms/windows/local/8789.py,"Slayer 2.4 (skin) Universal Buffer Overflow Exploit (SEH)",2009-05-26,SuNHouSe2,windows,local,0 8790,platforms/php/webapps/8790.pl,"cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion Exploit",2009-05-26,StAkeR,php,webapps,0 -8791,platforms/php/webapps/8791.txt,"Wordpress Plugin Lytebox - (wp-lytebox) Local File Inclusion Vulnerability",2009-05-26,TurkGuvenligi,php,webapps,0 +8791,platforms/php/webapps/8791.txt,"WordPress Plugin Lytebox - (wp-lytebox) Local File Inclusion Vulnerability",2009-05-26,TurkGuvenligi,php,webapps,0 8792,platforms/php/webapps/8792.txt,"Webradev Download Protect 1.0 - Remote File Inclusion Vulnerabilities",2009-05-26,asL-Sabia,php,webapps,0 8793,platforms/php/webapps/8793.txt,"eZoneScripts Hotornot2 Script (Admin Bypass) Multiple Remote Vulns",2009-05-26,"sniper code",php,webapps,0 8794,platforms/multiple/dos/8794.htm,"Mozilla Firefox (unclamped loop) Denial of Service Exploit",2009-05-26,"Thierry Zoller",multiple,dos,0 @@ -8358,7 +8358,7 @@ id,file,description,date,author,platform,type,port 8858,platforms/php/webapps/8858.txt,"propertymax pro free (sql/XSS) Multiple Vulnerabilities",2009-06-02,SirGod,php,webapps,0 8859,platforms/asp/webapps/8859.txt,"WebEyes Guest Book 3 - (yorum.asp mesajid) SQL Injection Vulnerability",2009-06-02,Bl@ckbe@rD,asp,webapps,0 8860,platforms/php/webapps/8860.txt,"podcast generator <= 1.2 - globals[] Multiple Vulnerabilities",2009-06-02,StAkeR,php,webapps,0 -8861,platforms/osx/remote/8861.rb,"Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler BoF Exploit (meta)",2009-06-03,"Will Drewry",osx,remote,0 +8861,platforms/osx/remote/8861.rb,"Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler BoF Exploit (Metasploit)",2009-06-03,"Will Drewry",osx,remote,0 8862,platforms/windows/dos/8862.txt,"Apple QuickTime Image Description Atom Sign Extension PoC",2009-06-03,webDEViL,windows,dos,0 8863,platforms/windows/local/8863.c,"Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow PoC (SEH)",2009-06-03,"fl0 fl0w",windows,local,0 8864,platforms/php/webapps/8864.txt,"My Mini Bill (orderid) Remote SQL Injection Vulnerability",2009-06-03,"ThE g0bL!N",php,webapps,0 @@ -8461,7 +8461,7 @@ id,file,description,date,author,platform,type,port 8966,platforms/php/webapps/8966.txt,"phportal 1 - (topicler.php id) Remote SQL Injection Vulnerability",2009-06-15,"Mehmet Ince",php,webapps,0 8967,platforms/php/webapps/8967.txt,"The Recipe Script 5 - Remote XSS Vulnerability",2009-06-15,"ThE g0bL!N",php,webapps,0 8968,platforms/php/webapps/8968.txt,"Joomla Component com_jumi (fileid) Blind SQL Injection Exploit",2009-06-15,"Chip d3 bi0s",php,webapps,0 -8969,platforms/windows/remote/8969.rb,"Green Dam 3.17 URL Processing Buffer Overflow Exploit (meta)",2009-06-16,Trancer,windows,remote,0 +8969,platforms/windows/remote/8969.rb,"Green Dam 3.17 URL Processing Buffer Overflow Exploit (Metasploit)",2009-06-16,Trancer,windows,remote,0 8970,platforms/windows/remote/8970.txt,"McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write Vuln",2009-06-16,callAX,windows,remote,0 8971,platforms/windows/dos/8971.pl,"Carom3D 5.06 Unicode Buffer Overrun/DoS Vulnerability",2009-06-16,LiquidWorm,windows,dos,0 8974,platforms/php/webapps/8974.txt,"XOOPS <= 2.3.3 - Remote File Disclosure Vulnerability (.htaccess)",2009-06-16,daath,php,webapps,0 @@ -8494,7 +8494,7 @@ id,file,description,date,author,platform,type,port 9004,platforms/php/webapps/9004.txt,"Zen Cart 1.3.8 - Remote Code Execution Exploit",2009-06-23,BlackH,php,webapps,0 9005,platforms/php/webapps/9005.py,"Zen Cart 1.3.8 - Remote SQL Execution Exploit",2009-06-23,BlackH,php,webapps,0 9006,platforms/windows/dos/9006.py,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos Exploit",2009-06-23,Nibin,windows,dos,0 -9007,platforms/windows/dos/9007.rb,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (meta)",2009-06-23,Nibin,windows,dos,0 +9007,platforms/windows/dos/9007.rb,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (Metasploit)",2009-06-23,Nibin,windows,dos,0 9008,platforms/php/webapps/9008.txt,"phpCollegeExchange 0.1.5c (RFI/LFI/XSS) Multiple Vulnerabilities",2009-06-23,CraCkEr,php,webapps,0 9009,platforms/php/webapps/9009.txt,"BASE <= 1.2.4 (Auth Bypass) Insecure Cookie Handling Vulnerability",2009-06-24,"Tim Medin",php,webapps,0 9010,platforms/php/webapps/9010.txt,"Glossword <= 1.8.11 (index.php x) Local File Inclusion Vulnerability",2009-06-24,t0fx,php,webapps,0 @@ -8724,7 +8724,7 @@ id,file,description,date,author,platform,type,port 9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (Font tags) Remote Buffer Overflow Exploit (osx)",2009-07-24,Dr_IDE,osx,remote,0 9248,platforms/php/webapps/9248.txt,"SaphpLesson 4.0 - (Auth Bypass) SQL Injection Vulnerability",2009-07-24,SwEET-DeViL,php,webapps,0 9249,platforms/php/webapps/9249.txt,"Xoops Celepar Module Qas (codigo) SQL Injection Vulnerability",2009-07-24,s4r4d0,php,webapps,0 -9250,platforms/php/webapps/9250.sh,"Wordpress 2.8.1 - (url) Remote Cross-Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 +9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - (url) Remote Cross-Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 9251,platforms/php/webapps/9251.txt,"Deonixscripts Templates Management 1.3 - SQL Injection Vulnerability",2009-07-24,d3b4g,php,webapps,0 9252,platforms/php/webapps/9252.txt,"Scripteen Free Image Hosting Script 2.3 - SQL Injection Exploit",2009-07-24,Coksnuss,php,webapps,0 9253,platforms/windows/dos/9253.html,"Microsoft Internet Explorer 7/8 findText Unicode Parsing Crash Exploit",2009-07-24,Hong10,windows,dos,0 @@ -8742,7 +8742,7 @@ id,file,description,date,author,platform,type,port 9265,platforms/linux/dos/9265.c,"ISC DHCP dhclient < 3.1.2p1 - Remote Buffer Overflow PoC",2009-07-27,"Jon Oberheide",linux,dos,0 9266,platforms/php/webapps/9266.txt,"iwiccle 1.01 - (LFI/SQL) Multiple Vulnerabilities",2009-07-27,SirGod,php,webapps,0 9267,platforms/php/webapps/9267.txt,"VS PANEL 7.5.5 (Cat_ID) SQL Injection Vulnerability (patched?)",2009-07-27,octopos,php,webapps,0 -9268,platforms/hardware/dos/9268.rb,"Cisco WLC 4402 - Basic Auth Remote Denial of Service (meta)",2009-07-27,"Christoph Bott",hardware,dos,0 +9268,platforms/hardware/dos/9268.rb,"Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit)",2009-07-27,"Christoph Bott",hardware,dos,0 9269,platforms/php/webapps/9269.txt,"PHP Paid 4 Mail Script (home.php page) Remote File Inclusion Vuln",2009-07-27,int_main();,php,webapps,0 9270,platforms/php/webapps/9270.txt,"Super Mod System 3.0 - (s) SQL Injection Vulnerability",2009-07-27,MizoZ,php,webapps,0 9271,platforms/php/webapps/9271.txt,"Inout Adserver (id) Remote SQL Injection Vulnerability",2009-07-27,boom3rang,php,webapps,0 @@ -8878,7 +8878,7 @@ id,file,description,date,author,platform,type,port 9407,platforms/php/webapps/9407.txt,"CMS Made Simple <= 1.6.2 - Local File Disclosure Vulnerability",2009-08-10,IHTeam,php,webapps,0 9408,platforms/php/webapps/9408.php,"Joomla Component Kunena Forums (com_kunena) bSQL Injection Exploit",2009-08-10,"ilker Kandemir",php,webapps,0 9409,platforms/windows/local/9409.pl,"MediaCoder 0.7.1.4490 - (.lst/.m3u) Universal BoF Exploit (SEH)",2009-08-10,hack4love,windows,local,0 -9410,platforms/php/webapps/9410.txt,"Wordpress <= 2.8.3 - Remote Admin Reset Password Vulnerability",2009-08-11,"laurent gaffié ",php,webapps,0 +9410,platforms/php/webapps/9410.txt,"WordPress <= 2.8.3 - Remote Admin Reset Password Vulnerability",2009-08-11,"laurent gaffié ",php,webapps,0 9411,platforms/windows/dos/9411.cpp,"Embedthis Appweb 3.0b.2-4 - Remote Buffer Overflow PoC",2009-08-11,"fl0 fl0w",windows,dos,0 9412,platforms/windows/local/9412.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH)",2009-08-11,ahwak2000,windows,local,0 9413,platforms/php/webapps/9413.txt,"Joomla Component idoblog 1.1b30 (com_idoblog) SQL Injection Vuln",2009-08-11,kkr,php,webapps,0 @@ -8897,7 +8897,7 @@ id,file,description,date,author,platform,type,port 9428,platforms/windows/local/9428.pl,"pIPL 2.5.0 - (.PLS /.PL) Universal Local Buffer Exploit (SEH)",2009-08-13,hack4love,windows,local,0 9429,platforms/windows/dos/9429.py,"EmbedThis Appweb 3.0B.2-4 - Multiple Remote Buffer Overflow PoC",2009-08-13,Dr_IDE,windows,dos,0 9430,platforms/php/webapps/9430.pl,"JBLOG 1.5.1 - Remote SQL Table Backup Exploit",2009-08-13,Ams,php,webapps,0 -9431,platforms/php/webapps/9431.txt,"Wordpress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 +9431,platforms/php/webapps/9431.txt,"WordPress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 9432,platforms/hardware/remote/9432.txt,"THOMSON ST585 (user.ini) Arbitrary Download Vulnerability",2009-08-13,"aBo MoHaMeD",hardware,remote,0 9433,platforms/php/webapps/9433.txt,"Gazelle CMS 1.0 - Remote Arbitrary Shell Upload Vulnerability",2009-08-13,RoMaNcYxHaCkEr,php,webapps,0 9434,platforms/php/webapps/9434.txt,"tgs CMS 0.x (xss/sql/fd) Multiple Vulnerabilities",2009-08-13,[]ViZiOn,php,webapps,0 @@ -8973,14 +8973,14 @@ id,file,description,date,author,platform,type,port 9505,platforms/php/webapps/9505.txt,"Geeklog <= 1.6.0sr1 - Remote Arbitrary File Upload Vulnerability",2009-08-24,JaL0h,php,webapps,0 9506,platforms/windows/dos/9506.pl,"FLIP Flash Album Deluxe 1.8.407.1 - (.fft) Crash PoC",2009-08-24,the_Edit0r,windows,dos,0 9507,platforms/windows/dos/9507.pl,"AiO (All into One) Flash Mixer 3 - (.afp) Crash PoC",2009-08-24,the_Edit0r,windows,dos,0 -9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (meta)",2009-08-25,His0k4,windows,remote,0 +9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (Metasploit)",2009-08-25,His0k4,windows,remote,0 9509,platforms/windows/local/9509.pl,"Media Jukebox 8 - (.M3U) Universal Local Buffer Exploit (SEH)",2009-08-25,hack4love,windows,local,0 9510,platforms/php/webapps/9510.txt,"Joomla Component com_siirler 1.2 (sid) SQL Injection Vulnerability",2009-08-25,v3n0m,php,webapps,0 9511,platforms/php/webapps/9511.txt,"Turnkey Arcade Script (id) Remote SQL Injection Vulnerability",2009-08-25,Red-D3v1L,php,webapps,0 9512,platforms/php/webapps/9512.txt,"TCPDB 3.8 - Remote Content Change Bypass Vulnerabilities",2009-08-25,Securitylab.ir,php,webapps,0 9513,platforms/linux/local/9513.c,"Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure",2009-08-25,"Jon Oberheide",linux,local,0 9514,platforms/hardware/dos/9514.py,"Xerox WorkCentre Multiple Models Denial of Service Exploit",2009-08-25,"Henri Lindberg",hardware,dos,0 -9515,platforms/windows/dos/9515.txt,"Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (meta)",2009-08-25,"Francis Provencher",windows,dos,0 +9515,platforms/windows/dos/9515.txt,"Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (Metasploit)",2009-08-25,"Francis Provencher",windows,dos,0 9516,platforms/windows/dos/9516.txt,"Novell Client for Windows 2000/XP ActiveX Remote DoS Vulnerability",2009-08-25,"Francis Provencher",windows,dos,0 9517,platforms/windows/dos/9517.txt,"Lotus note connector for Blackberry Manager 5.0.0.11 - ActiveX DoS Vuln",2009-08-25,"Francis Provencher",windows,dos,0 9518,platforms/php/webapps/9518.txt,"EMO Breader Manager (video.php movie) SQL Injection Vulnerability",2009-08-25,Mr.SQL,php,webapps,0 @@ -9054,7 +9054,7 @@ id,file,description,date,author,platform,type,port 9589,platforms/windows/local/9589.pl,"OTSTurntables 1.00.027 - (.m3u/ofl) Local Universal BoF Exploit (SEH)",2009-09-04,hack4love,windows,local,0 9590,platforms/php/webapps/9590.c,"Zeroboard 4.1 pl7 now_connect() Remote Code Execution Exploit",2009-09-04,SpeeDr00t,php,webapps,0 9591,platforms/php/webapps/9591.txt,"Ticket Support Script (ticket.php) Remote Shell Upload Vulnerability",2009-09-04,InjEctOr5,php,webapps,0 -9592,platforms/windows/remote/9592.rb,"SIDVault 2.0e Windows Remote Buffer Overflow Exploit (meta)",2009-09-04,His0k4,windows,remote,389 +9592,platforms/windows/remote/9592.rb,"SIDVault 2.0e Windows Remote Buffer Overflow Exploit (Metasploit)",2009-09-04,His0k4,windows,remote,389 9593,platforms/php/webapps/9593.txt,"Joomla Compenent com_joomlub (aid) SQL Injection Vulnerability",2009-09-04,"599eme Man",php,webapps,0 9594,platforms/windows/dos/9594.txt,"Windows Vista/7 SMB2.0 Negotiate Protocol Request Remote BSOD Vuln",2009-09-09,"laurent gaffie",windows,dos,0 9595,platforms/linux/local/9595.c,"HTMLDOC 1.8.27 (html File Handling) Stack Buffer Overflow Exploit",2009-09-09,"Pankaj Kohli",linux,local,0 @@ -9612,7 +9612,7 @@ id,file,description,date,author,platform,type,port 10322,platforms/windows/local/10322.py,"Audacity 1.2.6 (gro File) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - (hhp) Buffer Overflow Exploit (Universal)",2009-12-05,Dz_attacker,windows,local,0 10324,platforms/php/webapps/10324.txt,"phpshop 0.8.1 - Multiple Vulnerabilities",2009-12-05,"Andrea Fabrizi",php,webapps,0 -10325,platforms/php/webapps/10325.txt,"Wordpress Image Manager Plugins - Shell Upload Vulnerability",2009-12-05,DigitALL,php,webapps,0 +10325,platforms/php/webapps/10325.txt,"WordPress Image Manager Plugins - Shell Upload Vulnerability",2009-12-05,DigitALL,php,webapps,0 10326,platforms/multiple/local/10326.txt,"Ghostscript < 8.64 - 'gdevpdtb.c' Buffer Overflow Vulnerability",2009-02-03,"Wolfgang Hamann",multiple,local,0 10327,platforms/multiple/dos/10327.txt,"Ghostscript 'CCITTFax' Decoding Filter - Denial of Service Vulnerability",2009-04-01,"Red Hat",multiple,dos,0 10329,platforms/php/webapps/10329.txt,"AROUNDMe <= 1.1 (language_path) Remote File Include Exploit",2009-12-06,"cr4wl3r ",php,webapps,0 @@ -9621,16 +9621,16 @@ id,file,description,date,author,platform,type,port 10332,platforms/windows/local/10332.rb,"IDEAL Administration 2009 9.7 - Buffer Overflow - Metasploit Universal",2009-12-06,dookie,windows,local,0 10333,platforms/windows/dos/10333.py,"VLC Media Player 1.0.3 smb:// URI Handling Remote Stack Overflow PoC",2009-12-06,Dr_IDE,windows,dos,0 10334,platforms/multiple/dos/10334.py,"VLC Media Player <= 1.0.3 RTSP Buffer Overflow PoC (OSX/Linux)",2009-12-06,Dr_IDE,multiple,dos,0 -10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Meta)",2009-12-07,loneferret,windows,local,0 +10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Metasploit)",2009-12-07,loneferret,windows,local,0 10337,platforms/php/webapps/10337.txt,"Chipmunk Newsletter Persistant XSS Vulnerability",2009-12-07,mr_me,php,webapps,0 10338,platforms/linux/dos/10338.pl,"Polipo 1.0.4 - Remote Memory Corruption PoC (0day)",2009-12-07,"Jeremy Brown",linux,dos,0 10339,platforms/windows/local/10339.pl,"gAlan 0.2.1 - Buffer Overflow Exploit (0day)",2009-12-07,"Jeremy Brown",windows,local,0 10340,platforms/windows/remote/10340.pl,"Multiple Symantec Products Intel Common Base Agent Remote Command Execution",2009-04-28,kingcope,windows,remote,0 10341,platforms/php/webapps/10341.txt,"SiSplet CMS <= 2008-01-24 - Multiple Remote File Include Exploit",2009-12-07,"cr4wl3r ",php,webapps,0 10343,platforms/windows/dos/10343.txt,"Kingsoft Internet Security 9 - Denial of Services",2009-11-05,"Francis Provencher",windows,dos,0 -10344,platforms/windows/local/10344.rb,"Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (meta)",2009-12-07,dookie,windows,local,0 +10344,platforms/windows/local/10344.rb,"Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (Metasploit)",2009-12-07,dookie,windows,local,0 10345,platforms/windows/local/10345.py,"gAlan - (.galan) Universal Buffer Overflow Exploit",2009-12-07,Dz_attacker,windows,local,0 -10346,platforms/windows/local/10346.rb,"gAlan 0.2.1 - Universal Buffer Overflow Exploit (meta)",2009-12-07,loneferret,windows,local,0 +10346,platforms/windows/local/10346.rb,"gAlan 0.2.1 - Universal Buffer Overflow Exploit (Metasploit)",2009-12-07,loneferret,windows,local,0 10347,platforms/hardware/webapps/10347.txt,"Barracuda IMFirewall 620 Vulnerability",2009-12-07,Global-Evolution,hardware,webapps,0 10349,platforms/linux/dos/10349.py,"CoreHTTP Web server <= 0.5.3.1 - off-by-one Buffer Overflow Vulnerability",2009-12-02,"Patroklos Argyroudis",linux,dos,80 10350,platforms/php/webapps/10350.txt,"IRAN N.E.T E-commerce Group SQL Injection Vulnerability",2009-12-08,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 @@ -9644,9 +9644,9 @@ id,file,description,date,author,platform,type,port 10359,platforms/windows/local/10359.py,"Audio Workstation 6.4.2.4.0 - (.pls) Universal Local BoF Exploit",2009-12-09,mr_me,windows,local,0 10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 (Auth Bypass) Remote SQL Injection",2009-12-09,"AnTi SeCuRe",php,webapps,0 10362,platforms/hardware/remote/10362.txt,"THOMSON TG585n 7.4.3.2 (user.ini) Arbitrary Download Vulnerability",2009-12-09,"AnTi SeCuRe",hardware,remote,0 -10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 pls Buffer Overflow (meta)",2009-12-09,dookie,windows,local,0 +10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 pls Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,local,0 10364,platforms/php/webapps/10364.txt,"TestLink Test Management and Execution System - Multiple XSS and Injection Vulnerabilities",2009-12-09,"Core Security",php,webapps,0 -10365,platforms/windows/remote/10365.rb,"Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (meta)",2009-12-09,dookie,windows,remote,0 +10365,platforms/windows/remote/10365.rb,"Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (Metasploit)",2009-12-09,dookie,windows,remote,0 10366,platforms/php/webapps/10366.txt,"Joomla Component com_jsjobs 1.0.5.6 - SQL Injection Vulnerabilities",2009-12-10,kaMtiEz,php,webapps,0 10367,platforms/php/webapps/10367.txt,"Joomla Component com_jphoto SQL Injection Vulnerability - (id)",2009-12-10,kaMtiEz,php,webapps,0 10368,platforms/asp/webapps/10368.txt,"Free ASP Upload Shell Upload Vulnerability",2009-12-10,Mr.aFiR,asp,webapps,0 @@ -9963,10 +9963,10 @@ id,file,description,date,author,platform,type,port 10741,platforms/php/webapps/10741.txt,"cybershade CMS 0.2 - Remote File Inclusion Vulnerability",2009-12-27,Mr.SeCreT,php,webapps,0 10742,platforms/php/webapps/10742.txt,"Joomla Component com_dhforum SQL Injection Vulnerability",2009-12-27,"ViRuSMaN ",php,webapps,0 10743,platforms/php/webapps/10743.txt,"phPay 2.2a - Backup Vulnerability",2009-12-26,indoushka,php,webapps,0 -10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (meta)",2009-12-27,dijital1,windows,local,0 +10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (Metasploit)",2009-12-27,dijital1,windows,local,0 10745,platforms/windows/local/10745.c,"Mini-stream ripper 3.0.1.1 - (.pls) Local Universal Buffer Overflow Exploit",2009-12-27,mr_me,windows,local,0 10747,platforms/windows/local/10747.py,"Mini-Stream Exploit for Windows XP SP2 and SP3",2009-12-27,dijital1,windows,local,0 -10748,platforms/windows/local/10748.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Meta)",2009-12-27,dijital1,windows,local,0 +10748,platforms/windows/local/10748.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Metasploit)",2009-12-27,dijital1,windows,local,0 10750,platforms/php/webapps/10750.txt,"Mambo Component Material Suche 1.0 - SQL Injection",2009-12-27,Gamoscu,php,webapps,0 10751,platforms/php/webapps/10751.txt,"Koobi Pro 6.1 - Gallery (img_id)",2009-12-27,BILGE_KAGAN,php,webapps,0 10752,platforms/multiple/webapps/10752.txt,"Yonja Remote File Upload Vulnerability",2009-12-28,indoushka,multiple,webapps,80 @@ -10029,7 +10029,7 @@ id,file,description,date,author,platform,type,port 10822,platforms/php/webapps/10822.txt,"Joomla Component com_rd_download Local File Disclosure Vulnerability",2009-12-30,FL0RiX,php,webapps,0 10823,platforms/asp/webapps/10823.txt,"UranyumSoft Ýlan Servisi - Database Disclosure Vulnerability",2009-12-30,LionTurk,asp,webapps,0 10824,platforms/php/webapps/10824.txt,"K-Rate SQL Injection Vulnerability",2009-12-30,e.wiZz,php,webapps,0 -10825,platforms/php/dos/10825.sh,"Wordpress <= 2.9 - DoS (0day)",2009-12-31,emgent,php,dos,80 +10825,platforms/php/dos/10825.sh,"WordPress <= 2.9 - DoS (0day)",2009-12-31,emgent,php,dos,80 10826,platforms/php/dos/10826.sh,"Drupal <= 6.16 and 5.21 - DoS (0day)",2009-12-31,emgent,php,dos,80 10827,platforms/windows/local/10827.rb,"DJ Studio Pro 5.1.6.5.2 SEH Exploit",2009-12-30,"Sébastien Duquette",windows,local,0 10828,platforms/php/webapps/10828.txt,"vBulletin ads_saed 1.5 (bnnr.php) SQL Injection Vulnerability",2009-12-30,"Hussin X",php,webapps,0 @@ -10090,7 +10090,7 @@ id,file,description,date,author,platform,type,port 10923,platforms/php/webapps/10923.txt,"superlink script <= 1.0 - (id) SQL Injection Vulnerability",2010-01-02,Red-D3v1L,php,webapps,0 10924,platforms/php/webapps/10924.txt,"AL-Athkat.2.0 - Cross-Site Scripting Vulnerability",2010-01-02,indoushka,php,webapps,0 10928,platforms/php/webapps/10928.txt,"Joomla Component com_dailymeals LFI Vulnerability",2010-01-02,FL0RiX,php,webapps,0 -10929,platforms/php/webapps/10929.txt,"Wordpress Events Plugin - SQL Injection Vulnerability",2010-01-02,Red-D3v1L,php,webapps,0 +10929,platforms/php/webapps/10929.txt,"WordPress Events Plugin - SQL Injection Vulnerability",2010-01-02,Red-D3v1L,php,webapps,0 10930,platforms/php/webapps/10930.txt,"Left 4 Dead Stats 1.1 - SQL Injection Vulnerability",2010-01-02,Sora,php,webapps,0 10931,platforms/php/webapps/10931.txt,"X7CHAT 1.3.6b - Add Admin Exploit",2010-01-02,d4rk-h4ck3r,php,webapps,0 10936,platforms/windows/local/10936.c,"PlayMeNow - Malformed M3U Playlist BoF (Windows XP SP2 French)",2010-01-03,bibi-info,windows,local,0 @@ -10137,7 +10137,7 @@ id,file,description,date,author,platform,type,port 11005,platforms/asp/webapps/11005.txt,"KMSoft Guestbook 1.0 - Database Disclosure Vulnerability",2010-01-04,LionTurk,asp,webapps,0 11008,platforms/asp/webapps/11008.txt,"YP Portal MS-Pro Surumu 1.0 DB Download Vulnerability",2010-01-05,indoushka,asp,webapps,0 11009,platforms/multiple/dos/11009.pl,"Novell Netware CIFS And AFP Remote Memory Consumption DoS",2010-01-05,"Francis Provencher",multiple,dos,0 -11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 & 7.4 - Buffer Overflow (meta)",2010-01-06,blake,windows,local,0 +11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 & 7.4 - Buffer Overflow (Metasploit)",2010-01-06,blake,windows,local,0 11012,platforms/php/webapps/11012.txt,"ITaco Group ITaco.biz (view_news) SQL Injection Vulnerability",2010-01-06,Err0R,php,webapps,0 11013,platforms/php/webapps/11013.txt,"PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/Xss)",2010-01-06,"Zer0 Thunder",php,webapps,0 11014,platforms/php/webapps/11014.txt,"Myuploader - Upload Shell Exploit",2010-01-06,S2K9,php,webapps,0 @@ -10197,7 +10197,7 @@ id,file,description,date,author,platform,type,port 11088,platforms/php/webapps/11088.txt,"Joomla Component com_jcollection Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11089,platforms/php/webapps/11089.txt,"Joomla Component com_jvideodirect Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11090,platforms/php/webapps/11090.txt,"Joomla Component com_jashowcase Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 -11093,platforms/windows/local/11093.rb,"Soritong 1.0 - Universal BOF-SEH (META)",2010-01-10,fb1h2s,windows,local,0 +11093,platforms/windows/local/11093.rb,"Soritong 1.0 - Universal BOF-SEH (Metasploit)",2010-01-10,fb1h2s,windows,local,0 11094,platforms/php/webapps/11094.txt,"Simply Classified 0.2 - XSS & CSRF Vulnerabilities",2010-01-10,mr_me,php,webapps,0 11095,platforms/windows/dos/11095.txt,"YPOPS! 0.9.7.3 - Buffer Overflow (SEH)",2010-01-10,blake,windows,dos,0 11096,platforms/asp/webapps/11096.txt,"ABB 1.1 - Forum Remote Database Disclosure Vulnerability",2010-01-10,"ViRuSMaN ",asp,webapps,0 @@ -10208,7 +10208,7 @@ id,file,description,date,author,platform,type,port 11104,platforms/php/webapps/11104.txt,"CMScontrol 7.x File Upload",2010-01-11,Cyber_945,php,webapps,0 11106,platforms/multiple/dos/11106.bat,"Nuked KLan <= 1.7.7 & <= SP4 DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 11107,platforms/php/webapps/11107.txt,"gridcc script 1.0 (sql/XSS) Multiple Vulnerabilities",2010-01-11,Red-D3v1L,php,webapps,0 -11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 (PLS File) Stack Overflow (meta)",2010-01-11,dookie,windows,local,0 +11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 (PLS File) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 11110,platforms/php/webapps/11110.txt,"Image Hosting Script Remote shell upload Vulnerability",2010-01-11,R3d-D3V!L,php,webapps,0 11111,platforms/php/webapps/11111.txt,"FAQEngine 4.24.00 - Remote File Inclusion Vulnerability",2010-01-11,kaMtiEz,php,webapps,0 11112,platforms/windows/local/11112.c,"HTMLDOC 1.9.x-r1629 - Local .html Buffer Overflow (Win32) Exploit",2010-01-11,"fl0 fl0w",windows,local,0 @@ -10323,7 +10323,7 @@ id,file,description,date,author,platform,type,port 11254,platforms/windows/dos/11254.pl,"P2GChinchilla HTTP Server 1.1.1 - Denial of Service Exploit",2010-01-24,"Zer0 Thunder",windows,dos,0 11255,platforms/windows/local/11255.pl,"Winamp 5.572 - whatsnew.txt Stack Overflow Exploit",2010-01-25,Dz_attacker,windows,local,0 11256,platforms/windows/local/11256.pl,"Winamp 5.572 - whatsnew.txt Local Buffer Overflow Exploit (Windows XP SP3 DE)",2010-01-25,NeoCortex,windows,local,0 -11257,platforms/windows/remote/11257.rb,"AOL 9.5 Phobos.Playlist 'Import()' Buffer Overflow Exploit (Meta)",2010-01-25,Trancer,windows,remote,0 +11257,platforms/windows/remote/11257.rb,"AOL 9.5 Phobos.Playlist 'Import()' Buffer Overflow Exploit (Metasploit)",2010-01-25,Trancer,windows,remote,0 11258,platforms/php/webapps/11258.html,"Status2k Remote Add Admin Exploit",2010-01-25,alnjm33,php,webapps,0 11260,platforms/windows/dos/11260.txt,"AIC Audio Player 1.4.1.587 - Local Crash PoC",2010-01-26,b0telh0,windows,dos,0 11261,platforms/php/webapps/11261.txt,"UGiA PHP UPLOADER 0.2 - Shell Upload Vulnerability",2010-01-26,indoushka,php,webapps,0 @@ -10463,7 +10463,7 @@ id,file,description,date,author,platform,type,port 11415,platforms/php/webapps/11415.txt,"Izumi <= 1.1.0 (RFI/LFI) Multiple Include Vulnerability",2010-02-12,"cr4wl3r ",php,webapps,0 11416,platforms/php/webapps/11416.txt,"Alqatari Group 1.0 - Blind SQL Injection Vulnerability",2010-02-12,Red-D3v1L,php,webapps,0 11420,platforms/windows/remote/11420.py,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit",2010-02-12,Lincoln,windows,remote,0 -11422,platforms/windows/remote/11422.rb,"Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (meta)",2010-02-12,Dz_attacker,windows,remote,0 +11422,platforms/windows/remote/11422.rb,"Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (Metasploit)",2010-02-12,Dz_attacker,windows,remote,0 11424,platforms/php/webapps/11424.txt,"cms made simple 1.6.6 - Multiple Vulnerabilities",2010-02-12,"Beenu Arora",php,webapps,0 11425,platforms/php/webapps/11425.txt,"daChooch Remote SQL Injection Vulnerability",2010-02-12,snakespc,php,webapps,0 11426,platforms/multiple/dos/11426.txt,"Browser address bar characters into a small feature",2010-02-12,"Pouya Daneshmand",multiple,dos,0 @@ -10670,7 +10670,7 @@ id,file,description,date,author,platform,type,port 11663,platforms/windows/local/11663.txt,"Lenovo Hotkey Driver <= 5.33 - Privilege Escalation",2010-03-09,"Chilik Tamir",windows,local,0 11666,platforms/php/webapps/11666.txt,"Uebimiau Webmail 3.2.0-2.0 - Email Disclosure",2010-03-09,"Z3r0c0re, R4vax",php,webapps,0 11667,platforms/php/webapps/11667.txt,"Joomla Component com_hezacontent 1.0 - SQL Injection Vulnerability (id)",2010-03-09,kaMtiEz,php,webapps,0 -11668,platforms/windows/remote/11668.rb,"Easy FTP Server 1.7.0.2 - CWD Remote BoF (MSF Module)",2010-03-09,blake,windows,remote,0 +11668,platforms/windows/remote/11668.rb,"Easy FTP Server 1.7.0.2 - CWD Remote BoF (Metasploit)",2010-03-09,blake,windows,remote,0 11669,platforms/windows/dos/11669.py,"JAD java decompiler 1.5.8g (argument) Local Crash",2010-03-09,l3D,windows,dos,0 11670,platforms/windows/dos/11670.py,"JAD java decompiler 1.5.8g (.class) Stack Overflow DoS",2010-03-09,l3D,windows,dos,0 11671,platforms/php/webapps/11671.txt,"mhproducts kleinanzeigenmarkt search.php SQL Injection",2010-03-09,"Easy Laster",php,webapps,0 @@ -10684,7 +10684,7 @@ id,file,description,date,author,platform,type,port 11681,platforms/php/webapps/11681.txt,"ispCP Omega <= 1.0.4 - Remote File Include Vulnerability",2010-03-10,"cr4wl3r ",php,webapps,0 14092,platforms/windows/local/14092.c,"Kingsoft Writer 2010 - Stack Buffer Overflow",2010-06-28,"fl0 fl0w",windows,local,0 11682,platforms/windows/local/11682.py,"Mini-stream Ripper 3.0.1.1 - (.m3u) HREF Buffer Overflow",2010-03-10,l3D,windows,local,0 -11683,platforms/windows/remote/11683.rb,"Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)",2010-03-10,Trancer,windows,remote,0 +11683,platforms/windows/remote/11683.rb,"Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (Metasploit)",2010-03-10,Trancer,windows,remote,0 11684,platforms/php/webapps/11684.txt,"Joomla com_about Remote SQL Injection Vulnerability",2010-03-11,snakespc,php,webapps,0 11685,platforms/php/webapps/11685.txt,"ATutor 1.6.4 - Multiple Cross-Site Scripting",2010-03-11,ITSecTeam,php,webapps,0 11686,platforms/php/webapps/11686.txt,"ANE CMD CRSF - Add Admin",2010-03-11,"pratul agrawal",php,webapps,0 @@ -10741,7 +10741,7 @@ id,file,description,date,author,platform,type,port 11739,platforms/php/webapps/11739.txt,"PHP Classifieds 7.5 - Blind SQL Injection Vulnerability",2010-03-15,ITSecTeam,php,webapps,0 11740,platforms/php/webapps/11740.txt,"Ninja RSS Syndicator 1.0.8 - Local File Include",2010-03-15,jdc,php,webapps,0 11741,platforms/php/webapps/11741.txt,"Phenix 3.5b - SQL Injection Vulnerability",2010-03-15,ITSecTeam,php,webapps,0 -11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (meta)",2010-03-15,blake,windows,remote,0 +11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)",2010-03-15,blake,windows,remote,0 11743,platforms/php/webapps/11743.txt,"Joomla component com_rpx Ulti RPX 2.1.0 - Local File Include",2010-03-15,jdc,php,webapps,0 11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script Cross-Site Scripting Vulnerability",2010-03-15,indoushka,php,webapps,0 11745,platforms/php/webapps/11745.txt,"FreeHost 1.00 - Upload Vulnerability",2010-03-15,indoushka,php,webapps,0 @@ -11052,7 +11052,7 @@ id,file,description,date,author,platform,type,port 12095,platforms/linux/dos/12095.txt,"Virata EmWeb R6.0.1 - Remote Crash Vulnerability",2010-04-06,"Jobert Abma",linux,dos,0 12096,platforms/windows/dos/12096.txt,"Juke 4.0.2 DoS Multiple Files",2010-04-06,anonymous,windows,dos,0 12097,platforms/php/webapps/12097.txt,"Joomla Component XOBBIX - prodid SQL Injection Vulnerability",2010-04-06,AntiSecurity,php,webapps,0 -12098,platforms/php/webapps/12098.txt,"Wordpress Plugin NextGEN Gallery <= 1.5.1 - XSS Vulnerability",2010-04-06,"Alejandro Rodriguez",php,webapps,0 +12098,platforms/php/webapps/12098.txt,"WordPress Plugin NextGEN Gallery <= 1.5.1 - XSS Vulnerability",2010-04-06,"Alejandro Rodriguez",php,webapps,0 12100,platforms/asp/webapps/12100.txt,"Espinas CMS SQL Injection Vulnerability",2010-04-07,"Pouya Daneshmand",asp,webapps,0 12101,platforms/php/webapps/12101.txt,"Joomla Component aWiki com_awiki Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 12102,platforms/php/webapps/12102.txt,"Joomla Component VJDEO com_vjdeo 1.0 - LFI Vulnerability",2010-04-07,"Angela Zhang",php,webapps,0 @@ -11196,7 +11196,7 @@ id,file,description,date,author,platform,type,port 12251,platforms/php/webapps/12251.php,"Camiro-CMS_beta-0.1 - (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-15,eidelweiss,php,webapps,0 12252,platforms/hardware/dos/12252.txt,"IBM BladeCenter Management Module - DoS Vulnerability",2010-04-15,"Alexey Sintsov",hardware,dos,0 12254,platforms/php/webapps/12254.txt,"FCKEditor Core - (FileManager - test.html) Remote Arbitrary File Upload Exploit",2010-04-16,Mr.MLL,php,webapps,0 -12255,platforms/windows/local/12255.rb,"Winamp 5.572 - whatsnew.txt SEH (meta)",2010-04-16,blake,windows,local,0 +12255,platforms/windows/local/12255.rb,"Winamp 5.572 - whatsnew.txt SEH (Metasploit)",2010-04-16,blake,windows,local,0 12256,platforms/php/webapps/12256.txt,"ilchClan <= 1.0.5B SQL Injection Vulnerability Exploit",2010-04-16,"Easy Laster",php,webapps,0 12257,platforms/php/webapps/12257.txt,"joomla component com_manager 1.5.3 - (id) SQL Injection Vulnerability",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0 12258,platforms/windows/dos/12258.py,"Windows - SMB Client-Side Bug Proof of Concept (MS10-006)",2010-04-16,"laurent gaffie",windows,dos,0 @@ -11312,7 +11312,7 @@ id,file,description,date,author,platform,type,port 12385,platforms/php/webapps/12385.html,"TR Forum 1.5 - Insert Admin CSRF Vulnerability",2010-04-25,EL-KAHINA,php,webapps,0 12386,platforms/php/webapps/12386.txt,"PHP Classifieds 6.09 - E-mail Dump Vulnerability",2010-04-25,indoushka,php,webapps,0 12387,platforms/php/webapps/12387.sh,"webessence 1.0.2 - Multiple Vulnerabilities",2010-04-25,"white_sheep, R00T_ATI and epicfail",php,webapps,0 -12388,platforms/windows/local/12388.rb,"WM Downloader 3.0.0.9 - Buffer Overflow (Meta)",2010-04-25,blake,windows,local,0 +12388,platforms/windows/local/12388.rb,"WM Downloader 3.0.0.9 - Buffer Overflow (Metasploit)",2010-04-25,blake,windows,local,0 12395,platforms/php/webapps/12395.txt,"2daybiz Advanced Poll Script XSS and Authentication Bypass",2010-04-26,Sid3^effects,php,webapps,0 12396,platforms/php/webapps/12396.txt,"OpenCominterne 1.01 - Local File Include Vulnerability",2010-04-26,"cr4wl3r ",php,webapps,0 12398,platforms/php/webapps/12398.txt,"Opencourrier 2.03beta (RFI/LFI) Multiple File Include Vulnerability",2010-04-26,"cr4wl3r ",php,webapps,0 @@ -11438,14 +11438,14 @@ id,file,description,date,author,platform,type,port 12527,platforms/asp/dos/12527.txt,"Administrador de Contenidos - Admin Login Bypass Vulnerability",2010-05-07,Ra3cH,asp,dos,0 12528,platforms/windows/local/12528.pl,"AVCON H323Call Buffer Overflow",2010-05-07,"Dillon Beresford",windows,local,0 12529,platforms/windows/dos/12529.py,"ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64) LZH archive parsing PoC Exploit",2010-05-07,"Oleksiuk Dmitry, eSage Lab",windows,dos,0 -12530,platforms/windows/dos/12530.rb,"TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Meta)",2010-05-08,"Jeremiah Talamantes",windows,dos,0 +12530,platforms/windows/dos/12530.rb,"TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Metasploit)",2010-05-08,"Jeremiah Talamantes",windows,dos,0 12531,platforms/windows/dos/12531.pl,"GeoHttpServer Remote DoS Vulnerability",2010-05-08,aviho1,windows,dos,0 12532,platforms/php/webapps/12532.txt,"B2B Classic Trading Script (offers.php) SQL Injection Vulnerability",2010-05-08,v3n0m,php,webapps,0 12533,platforms/php/webapps/12533.txt,"big.asp - SQL Injection Vulnerability",2010-05-08,Ra3cH,php,webapps,0 12534,platforms/php/webapps/12534.txt,"PHP Link Manager 1.7 - Url Redirection Bug",2010-05-08,ITSecTeam,php,webapps,0 12535,platforms/php/webapps/12535.txt,"phpscripte24 Countdown Standart Rückwärts Auktions System - SQL Injection",2010-05-08,"Easy Laster",php,webapps,0 12539,platforms/php/webapps/12539.txt,"Joomla Component com_articleman Upload Vulnerability",2010-05-08,Sid3^effects,php,webapps,0 -12540,platforms/windows/local/12540.rb,"IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Meta)",2010-05-08,blake,windows,local,0 +12540,platforms/windows/local/12540.rb,"IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Metasploit)",2010-05-08,blake,windows,local,0 12541,platforms/windows/dos/12541.php,"Dolphin 2.0 - (.elf) Local Daniel Of Service",2010-05-09,"Yakir Wizman",windows,dos,0 12542,platforms/php/webapps/12542.rb,"phpscripte24 Shop System SQL Injection Vulnerability Exploit",2010-05-09,"Easy Laster",php,webapps,0 12543,platforms/php/webapps/12543.rb,"Alibaba Clone <= 3.0 (Special) - SQL Injection Vulnerability Exploit",2010-05-09,"Easy Laster",php,webapps,0 @@ -12397,7 +12397,7 @@ id,file,description,date,author,platform,type,port 14074,platforms/php/webapps/14074.rb,"2daybiz Polls Script SQL Injection Vulnerability Exploit",2010-06-27,"Easy Laster",php,webapps,0 14075,platforms/php/webapps/14075.rb,"2daybiz Freelance Script SQL Injection Vulnerability Exploit",2010-06-27,"Easy Laster",php,webapps,0 14076,platforms/php/webapps/14076.rb,"2daybiz Photo Sharing Script SQL Injection Vulnerability",2010-06-27,"Easy Laster",php,webapps,0 -14077,platforms/windows/local/14077.rb,"BlazeDVD 6.0 - Buffer Overflow Exploit (Meta)",2010-06-27,blake,windows,local,0 +14077,platforms/windows/local/14077.rb,"BlazeDVD 6.0 - Buffer Overflow Exploit (Metasploit)",2010-06-27,blake,windows,local,0 14078,platforms/php/webapps/14078.txt,"Bilder Upload Script - Datei Upload 1.09 - Remote Shell Upload Vulnerability",2010-06-27,Mr.Benladen,php,webapps,0 14079,platforms/php/webapps/14079.txt,"i-netsolution Job Search Engine SQL Injection Vulnerability",2010-06-27,Sid3^effects,php,webapps,0 14080,platforms/php/webapps/14080.txt,"I-Net MLM Script Engine SQL Injection Vulnerability",2010-06-27,Sid3^effects,php,webapps,0 @@ -12486,7 +12486,7 @@ id,file,description,date,author,platform,type,port 14208,platforms/php/webapps/14208.txt,"Sandbox 2.0.2 - Local File Inclusion Vulnerability",2010-07-04,saudi0hacker,php,webapps,0 14196,platforms/php/webapps/14196.txt,"Joomla SocialAds Component com_socialads Persistent XSS Vulnerability",2010-07-03,Sid3^effects,php,webapps,0 14197,platforms/php/webapps/14197.txt,"iScripts MultiCart 2.2 - Multiple SQL Injection Vulnerability",2010-07-03,"Salvatore Fresta",php,webapps,0 -14198,platforms/php/webapps/14198.txt,"Simple:Press Wordpress Plugin 4.3.0 - SQL Injection Vulnerability",2010-07-04,"ADEO Security",php,webapps,0 +14198,platforms/php/webapps/14198.txt,"Simple:Press WordPress Plugin 4.3.0 - SQL Injection Vulnerability",2010-07-04,"ADEO Security",php,webapps,0 14199,platforms/php/webapps/14199.txt,"phpaaCMS 0.3.1 - (show.php?id=) SQL Injection Vulnerability",2010-07-04,Shafiq-Ur-Rehman,php,webapps,0 14200,platforms/windows/remote/14200.html,"Registry OCX 1.5 - ActiveX Buffer Overflow Exploit",2010-07-04,blake,windows,remote,0 14201,platforms/php/webapps/14201.txt,"phpaaCMS (list.php?id) SQL Injection Vulnerability",2010-07-04,CoBRa_21,php,webapps,0 @@ -12577,7 +12577,7 @@ id,file,description,date,author,platform,type,port 14305,platforms/linux/shellcode/14305.c,"Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) (49 bytes)",2010-07-09,10n1z3d,linux,shellcode,0 14306,platforms/php/webapps/14306.txt,"HoloCMS 9.0.47 (news.php) SQL Injection Vulnerability",2010-07-09,GlaDiaT0R,php,webapps,0 14309,platforms/windows/remote/14309.html,"RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow",2010-07-09,blake,windows,remote,0 -14308,platforms/php/webapps/14308.txt,"Wordpress Firestats - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 +14308,platforms/php/webapps/14308.txt,"WordPress Firestats - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 HTTP Server Remote Integer Overflow DoS",2010-10-23,d0lc3,windows,dos,0 14310,platforms/php/webapps/14310.js,"DotDefender <= 3.8-5 - No Authentication Remote Code Execution Through XSS",2010-07-09,rAWjAW,php,webapps,80 14313,platforms/php/webapps/14313.txt,"Joomla MyHome Component (com_myhome) Blind SQL Injection Vulnerability",2010-07-10,Sid3^effects,php,webapps,0 @@ -12644,7 +12644,7 @@ id,file,description,date,author,platform,type,port 14393,platforms/php/webapps/14393.txt,"Calendarix (cal_cat.php) SQL Injection Vulnerability",2010-07-17,SixP4ck3r,php,webapps,0 14394,platforms/php/webapps/14394.txt,"Joomla Component (com_spa) SQL Injection Vulnerability",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 14395,platforms/php/webapps/14395.txt,"Joomla Component (com_staticxt) SQL Injection Vulnerability",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 -14397,platforms/windows/local/14397.rb,"MoreAmp SEH Buffer Overflow (meta)",2010-07-17,Madjix,windows,local,0 +14397,platforms/windows/local/14397.rb,"MoreAmp SEH Buffer Overflow (Metasploit)",2010-07-17,Madjix,windows,local,0 14404,platforms/php/webapps/14404.txt,"Kayako eSupport (functions.php) 3.70.02 - SQL Injection Vulnerability",2010-07-18,ScOrPiOn,php,webapps,0 14405,platforms/php/webapps/14405.txt,"PHP-Fusion Remote Command Execution Vulnerability",2010-07-18,"ViRuS Qalaa",php,webapps,0 14399,platforms/windows/remote/14399.py,"Easy FTP Server 1.7.0.11 - MKD Command Remote Buffer Overflow Exploit (Post Auth)",2010-07-17,"Karn Ganeshen",windows,remote,0 @@ -12657,7 +12657,7 @@ id,file,description,date,author,platform,type,port 14408,platforms/windows/dos/14408.py,"Really Simple IM 1.3beta DoS Proof of Concept",2010-07-18,loneferret,windows,dos,0 14409,platforms/aix/remote/14409.pl,"AIX5l with FTP-Server Remote Root Hash Disclosure Exploit",2010-07-18,kingcope,aix,remote,0 14410,platforms/php/webapps/14410.txt,"rapidCMS 2.0 - Authentication Bypass",2010-07-18,Mahjong,php,webapps,0 -14412,platforms/windows/remote/14412.rb,"Hero DVD - Buffer Overflow Exploit (meta)",2010-07-19,Madjix,windows,remote,0 +14412,platforms/windows/remote/14412.rb,"Hero DVD - Buffer Overflow Exploit (Metasploit)",2010-07-19,Madjix,windows,remote,0 14413,platforms/windows/dos/14413.txt,"Microsoft Internet Explorer 7.0 - DoS Microsoft Clip Organizer Multiple Insecure ActiveX Control",2010-07-20,"Beenu Arora",windows,dos,0 14414,platforms/windows/dos/14414.txt,"Unreal Tournament 3 2.1 - 'STEAMBLOB' Command Remote Denial of Service Vulnerability",2010-07-20,"Luigi Auriemma",windows,dos,0 14415,platforms/php/webapps/14415.html,"EZ-Oscommerce 3.1 - Remote File Upload",2010-07-20,indoushka,php,webapps,0 @@ -12690,7 +12690,7 @@ id,file,description,date,author,platform,type,port 14448,platforms/php/webapps/14448.txt,"Joomla Component (com_golfcourseguide) 0.9.6.0 (beta) & 1 (beta) - SQL Injection Vulnerability",2010-07-23,Valentin,php,webapps,0 14449,platforms/php/webapps/14449.txt,"Joomla Component (com_huruhelpdesk) SQL Injection Vulnerability",2010-07-23,Amine_92,php,webapps,0 14450,platforms/php/webapps/14450.txt,"Joomla Component (com_iproperty) SQL Injection Vulnerability",2010-07-23,Amine_92,php,webapps,0 -14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (meta)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 +14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (Metasploit)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 14452,platforms/linux/dos/14452.txt,"Ubuntu 10.04 LTS - Lucid Lynx ftp Client 0.17-19build1 ACCT - Buffer Overflow",2010-07-23,d0lc3,linux,dos,0 14453,platforms/php/webapps/14453.txt,"PhotoPost PHP 4.6.5 (ecard.php) SQL Injection Vulnerability",2010-07-23,CoBRa_21,php,webapps,0 14454,platforms/php/webapps/14454.txt,"ValidForm Builder script Remote Command Execution Vulnerability",2010-07-23,"HaCkEr arar",php,webapps,0 @@ -13032,7 +13032,7 @@ id,file,description,date,author,platform,type,port 14916,platforms/windows/dos/14916.py,"HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution",2010-09-06,Abysssec,windows,dos,0 14919,platforms/asp/webapps/14919.txt,"Micronetsoft Rental Property Management Website SQL Injection Vulnerability",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 14922,platforms/php/webapps/14922.txt,"Joomla Component Aardvertiser 2.1 Free Blind SQL Injection Vulnerability",2010-09-06,"Stephan Sattler",php,webapps,0 -14923,platforms/php/webapps/14923.txt,"Wordpress Events Manager Extended Plugin - Persistent XSS Vulnerability",2010-09-06,Craw,php,webapps,0 +14923,platforms/php/webapps/14923.txt,"WordPress Events Manager Extended Plugin - Persistent XSS Vulnerability",2010-09-06,Craw,php,webapps,0 14931,platforms/php/webapps/14931.php,"java Bridge 5.5 - Directory Traversal Vulnerability",2010-09-07,Saxtor,php,webapps,0 14925,platforms/linux/remote/14925.txt,"weborf <= 0.12.2 - Directory Traversal Vulnerability",2010-09-07,Rew,linux,remote,0 14927,platforms/php/webapps/14927.txt,"dynpage <= 1.0 - Multiple Vulnerabilities (0day)",2010-09-07,Abysssec,php,webapps,0 @@ -13134,14 +13134,14 @@ id,file,description,date,author,platform,type,port 15069,platforms/windows/local/15069.py,"Acoustica Audio Converter Pro 1.1 (build 25) - Heap Overflow (.mp3.wav.ogg.wma) PoC",2010-09-21,"Carlos Mario Penagos Hollmann",windows,local,0 15070,platforms/php/webapps/15070.txt,"ibPhotohost 1.1.2 - SQL Injection",2010-09-21,fred777,php,webapps,0 15071,platforms/windows/remote/15071.txt,"Softek Barcode Reader Toolkit ActiveX 7.1.4.14 (SoftekATL.dll) Buffer Overflow PoC",2010-09-21,LiquidWorm,windows,remote,0 -15072,platforms/windows/remote/15072.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (meta)",2010-09-21,Trancer,windows,remote,0 +15072,platforms/windows/remote/15072.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (Metasploit)",2010-09-21,Trancer,windows,remote,0 15073,platforms/windows/remote/15073.rb,"Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit",2010-09-21,Trancer,windows,remote,0 15074,platforms/linux/local/15074.sh,"Ubuntu Linux - 'mountall' - Local Privilege Escalation Vulnerability",2010-09-21,fuzz,linux,local,0 15075,platforms/php/webapps/15075.txt,"wpQuiz 2.7 - Authentication Bypass Vulnerability",2010-09-21,KnocKout,php,webapps,0 15076,platforms/windows/dos/15076.py,"Adobe Shockwave Director tSAC - Chunk Memory Corruption",2010-09-22,Abysssec,windows,dos,0 15078,platforms/asp/webapps/15078.txt,"gausCMS - Multiple Vulnerabilities",2010-09-22,Abysssec,asp,webapps,0 15080,platforms/php/webapps/15080.txt,"Skybluecanvas 1.1-r248 - Cross-Site Request Forgery Vulnirability",2010-09-22,Sweet,php,webapps,0 -15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - SEH Exploit (MSF)",2010-09-22,Madjix,windows,local,0 +15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - SEH Exploit (Metasploit)",2010-09-22,Madjix,windows,local,0 15082,platforms/php/webapps/15082.txt,"BSI Hotel Booking System Admin 1.4 & 2.0 - Login Bypass Vulnerability",2010-09-22,K-159,php,webapps,0 15084,platforms/php/webapps/15084.txt,"Joomla TimeTrack Component 1.2.4 - Component Multiple SQL Injection Vulnerabilities",2010-09-22,"Salvatore Fresta",php,webapps,0 15085,platforms/php/webapps/15085.txt,"Joomla Component (com_ezautos) SQL Injection Vulnerability",2010-09-22,Gamoscu,php,webapps,0 @@ -13201,7 +13201,7 @@ id,file,description,date,author,platform,type,port 15165,platforms/php/webapps/15165.txt,"zen cart 1.3.9f - Multiple Vulnerabilities",2010-10-01,LiquidWorm,php,webapps,0 15166,platforms/php/webapps/15166.txt,"Zen Cart 1.3.9f (typefilter) - Local File Inclusion Vulnerability",2010-10-01,LiquidWorm,php,webapps,0 15167,platforms/windows/dos/15167.txt,"Microsoft IIS 6.0 ASP Stack Overflow (Stack Exhaustion) Denial of Service (MS10-065)",2010-10-01,kingcope,windows,dos,0 -15168,platforms/windows/remote/15168.rb,"Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (MSF)",2010-10-01,Trancer,windows,remote,0 +15168,platforms/windows/remote/15168.rb,"Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit)",2010-10-01,Trancer,windows,remote,0 15169,platforms/php/webapps/15169.txt,"Evaria Content Management System 1.1 File Disclosure Vulnerability",2010-10-01,"khayeye shotor",php,webapps,0 15174,platforms/php/webapps/15174.txt,"tiki wiki CMS groupware 5.2 - Multiple Vulnerabilities",2010-10-01,"John Leitch",php,webapps,0 15173,platforms/php/webapps/15173.txt,"phpMyShopping 1.0.1505 - Multiple Vulnerabilities",2010-10-01,Metropolis,php,webapps,0 @@ -13492,7 +13492,7 @@ id,file,description,date,author,platform,type,port 15509,platforms/php/webapps/15509.txt,"Build a Niche Store 3.0 - (BANS) Authentication Bypass Vulnerability",2010-11-13,"ThunDEr HeaD",php,webapps,0 15510,platforms/php/webapps/15510.txt,"AWCM 2.1 final - Remote File Inclusion Vulnerability",2010-11-13,LoSt.HaCkEr,php,webapps,0 15512,platforms/php/webapps/15512.py,"DBSite Remote SQL Injection Vulnerability",2010-11-13,God_Of_Pain,php,webapps,0 -15513,platforms/php/webapps/15513.txt,"Wordpress Event Registration Plugin 5.32 - SQL Injection Vulnerability",2010-11-13,k3m4n9i,php,webapps,0 +15513,platforms/php/webapps/15513.txt,"WordPress Event Registration Plugin 5.32 - SQL Injection Vulnerability",2010-11-13,k3m4n9i,php,webapps,0 15514,platforms/windows/dos/15514.txt,"Foxit Reader 4.1.1 - Stack Overflow Vulnerability",2010-11-13,dookie,windows,dos,0 15515,platforms/php/webapps/15515.txt,"Invision Power Board 3 - search_app SQL Injection Vulnerability",2010-11-13,"Lord Tittis3000",php,webapps,0 15516,platforms/php/webapps/15516.txt,"EasyJobPortal Shell Upload Vulnerability",2010-11-13,MeGo,php,webapps,0 @@ -13594,7 +13594,7 @@ id,file,description,date,author,platform,type,port 15655,platforms/windows/remote/15655.html,"J-Integra 2.11 - ActiveX SetIdentity() Buffer Overflow Exploit",2010-12-01,Dr_IDE,windows,remote,0 15656,platforms/php/webapps/15656.txt,"LittlePhpGallery 1.0.2 - Local File Inclusion",2010-12-01,"kire bozorge khavarmian",php,webapps,0 15657,platforms/windows/dos/15657.txt,"FreeTrim MP3 2.2.3 - Denial of Service Vulnerability",2010-12-02,h1ch4m,windows,dos,0 -15658,platforms/windows/remote/15658.rb,"Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (msf)",2010-12-02,bz1p,windows,remote,0 +15658,platforms/windows/remote/15658.rb,"Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)",2010-12-02,bz1p,windows,remote,0 15659,platforms/php/webapps/15659.txt,"Contenido CMS 4.8.12 - XSS Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15660,platforms/php/webapps/15660.txt,"etomite 1.1 - Multiple Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15661,platforms/asp/webapps/15661.txt,"Ananda Real Estate 3.4 (list.asp) Multiple SQL Injection",2010-12-02,underground-stockholm.com,asp,webapps,0 @@ -13608,7 +13608,7 @@ id,file,description,date,author,platform,type,port 15670,platforms/windows/dos/15670.pl,"Free Audio Converter 7.1.5 - Denial of Service Vulnerability PoC",2010-12-04,h1ch4m,windows,dos,0 15671,platforms/windows/dos/15671.pl,"WaveMax Sound Editor 4.5.1 - Denial of Service PoC",2010-12-04,h1ch4m,windows,dos,0 15673,platforms/asp/webapps/15673.txt,"Dejcom Market CMS (showbrand.aspx) SQL Injection",2010-12-04,Mormoroth,asp,webapps,0 -15674,platforms/windows/dos/15674.rb,"TFTPUtil GUI 1.4.5 - DoS (Meta)",2010-12-04,"Vuk Ivanovic",windows,dos,0 +15674,platforms/windows/dos/15674.rb,"TFTPUtil GUI 1.4.5 - DoS (Metasploit)",2010-12-04,"Vuk Ivanovic",windows,dos,0 15675,platforms/hardware/webapps/15675.txt,"Multiple Linksys Router CSRF Vulnerabilities",2010-12-04,"Martin Barbella",hardware,webapps,0 15676,platforms/multiple/dos/15676.txt,"Wireshark LDSS Dissector Buffer Overflow Vulnerability",2010-12-04,"Nephi Johnson",multiple,dos,0 15677,platforms/asp/webapps/15677.txt,"T-Dreams Cars Ads Package 2.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 @@ -13618,7 +13618,7 @@ id,file,description,date,author,platform,type,port 15681,platforms/asp/webapps/15681.txt,"ASPSiteware JobPost 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15682,platforms/asp/webapps/15682.txt,"ASPSiteware ASP Gallery 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15683,platforms/asp/webapps/15683.txt,"ASPSiteware Contact Directory 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 -15684,platforms/php/webapps/15684.txt,"Wordpress do_trackbacks() function - SQL Injection Vulnerability",2010-12-05,M4g,php,webapps,0 +15684,platforms/php/webapps/15684.txt,"WordPress do_trackbacks() function - SQL Injection Vulnerability",2010-12-05,M4g,php,webapps,0 15685,platforms/php/webapps/15685.html,"phpKF Forum 1.80 profil_degistir.php CSRF Exploit",2010-12-05,FreWaL,php,webapps,0 15686,platforms/asp/webapps/15686.txt,"Gatesoft Docusafe 4.1.0 - SQL Injection Vulnerability",2010-12-05,R4dc0re,asp,webapps,0 15687,platforms/asp/webapps/15687.txt,"Ecommercemax Solutions Digital Goods Seller SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 @@ -13646,7 +13646,7 @@ id,file,description,date,author,platform,type,port 15745,platforms/linux/local/15745.txt,"IBM Tivoli Storage Manager (TSM) Local Root",2010-12-15,"Kryptos Logic",linux,local,0 15710,platforms/multiple/webapps/15710.txt,"Apache Archiva 1.0 - 1.3.1 - CSRF Vulnerability",2010-12-09,"Anatolia Security",multiple,webapps,0 15711,platforms/php/webapps/15711.pl,"Abtp Portal Project 0.1.0 - LFI Exploit",2010-12-09,Br0ly,php,webapps,0 -15712,platforms/arm/shellcode/15712.rb,"Create a New User with UID 0 - ARM (Meta)",2010-12-09,"Jonathan Salwan",arm,shellcode,0 +15712,platforms/arm/shellcode/15712.rb,"Create a New User with UID 0 - ARM (Metasploit)",2010-12-09,"Jonathan Salwan",arm,shellcode,0 15717,platforms/multiple/remote/15717.txt,"VMware Tools update OS Command Injection",2010-12-09,"Nahuel Grisolia",multiple,remote,0 15714,platforms/php/webapps/15714.txt,"Joomla JE Auto Component 1.0 - SQL Injection Vulnerability",2010-12-09,"Salvatore Fresta",php,webapps,0 15715,platforms/php/webapps/15715.txt,"CMScout 2.09 - CSRF Vulnerability",2010-12-09,"High-Tech Bridge SA",php,webapps,0 @@ -13958,7 +13958,7 @@ id,file,description,date,author,platform,type,port 16120,platforms/windows/dos/16120.py,"Hanso Player 1.4.0.0 - Buffer Overflow - DoS Skinfile",2011-02-06,badc0re,windows,dos,0 16121,platforms/windows/dos/16121.py,"Hanso Converter 1.1.0 - BufferOverflow Denial of Service",2011-02-06,badc0re,windows,dos,0 16122,platforms/php/webapps/16122.txt,"Dew-NewPHPLinks 2.1b (index.php) - SQL Injection Vulnerability",2011-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 -16221,platforms/php/webapps/16221.txt,"Comment Rating 2.9.23 Wordpress Plugin - Multiple Vulnerabilities",2011-02-23,"High-Tech Bridge SA",php,webapps,0 +16221,platforms/php/webapps/16221.txt,"Comment Rating 2.9.23 WordPress Plugin - Multiple Vulnerabilities",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16127,platforms/php/webapps/16127.txt,"T-Content Managment System Multiple Vulnerabilities",2011-02-07,"Daniel Godoy",php,webapps,0 16128,platforms/php/webapps/16128.txt,"jakcms 2.0 pro rc5 - Stored XSS via useragent http header injection",2011-02-07,"Saif El-Sherei",php,webapps,0 16129,platforms/linux/dos/16129.txt,"ProFTPD mod_sftp - Integer Overflow DoS PoC",2011-02-07,kingcope,linux,dos,0 @@ -14034,7 +14034,7 @@ id,file,description,date,author,platform,type,port 16222,platforms/php/webapps/16222.txt,"course registration management system 2.1 - Multiple Vulnerabilities",2011-02-23,"AutoSec Tools",php,webapps,0 16223,platforms/php/webapps/16223.txt,"VidiScript SQL Injection Vulnerability",2011-02-23,ThEtA.Nu,php,webapps,0 16220,platforms/php/webapps/16220.py,"ProQuiz 2.0.0b Arbitrary Upload Vulnerability",2011-02-23,"AutoSec Tools",php,webapps,0 -16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 Wordpress Plugin - SQL Injection Vulnerability",2011-02-23,"High-Tech Bridge SA",php,webapps,0 +16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 WordPress Plugin - SQL Injection Vulnerability",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16213,platforms/php/webapps/16213.txt,"Hyena Cart (index.php) SQL Injection Vulnerability",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16214,platforms/php/webapps/16214.txt,"tplSoccerStats (player.php) SQL Injection Vulnerability",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16217,platforms/php/webapps/16217.txt,"bitweaver 2.8.1 Persistent XSS Vulnerability",2011-02-23,lemlajt,php,webapps,0 @@ -14043,11 +14043,11 @@ id,file,description,date,author,platform,type,port 16229,platforms/ios/remote/16229.txt,"iOS myDBLite 1.1.10 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 16230,platforms/windows/dos/16230.py,"Victory FTP Server 5.0 - Denial of Service Exploit",2011-02-24,"C4SS!0 G0M3S",windows,dos,0 16231,platforms/ios/remote/16231.txt,"iOS Share 1.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 -16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 Wordpress Plugin - Stored XSS Vulnerability",2011-02-24,"Saif El-Sherei",php,webapps,0 -16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 Wordpress Plugin - Stored XSS Vulnerability",2011-02-24,"Saif El-Sherei",php,webapps,0 +16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 WordPress Plugin - Stored XSS Vulnerability",2011-02-24,"Saif El-Sherei",php,webapps,0 +16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 WordPress Plugin - Stored XSS Vulnerability",2011-02-24,"Saif El-Sherei",php,webapps,0 16234,platforms/netware/dos/16234.rb,"Novell Netware RPC XNFS xdrDecodeString Vulnerability",2011-02-24,"Francis Provencher",netware,dos,0 -16235,platforms/php/webapps/16235.txt,"Wordpress Plugin Forum Server 1.6.5 - SQL Injection Vulnerability",2011-02-24,"High-Tech Bridge SA",php,webapps,0 -16236,platforms/php/webapps/16236.txt,"IWantOneButton 3.0.1 Wordpress Plugin - Multiple Vulnerabilities",2011-02-24,"High-Tech Bridge SA",php,webapps,0 +16235,platforms/php/webapps/16235.txt,"WordPress Plugin Forum Server 1.6.5 - SQL Injection Vulnerability",2011-02-24,"High-Tech Bridge SA",php,webapps,0 +16236,platforms/php/webapps/16236.txt,"IWantOneButton 3.0.1 WordPress Plugin - Multiple Vulnerabilities",2011-02-24,"High-Tech Bridge SA",php,webapps,0 16237,platforms/windows/dos/16237.py,"Elecard MPEG Player 5.7 - Local Buffer Overflow PoC (SEH)",2011-02-24,badc0re,windows,dos,0 16238,platforms/hardware/remote/16238.txt,"iphone ishred 1.93 - Directory Traversal",2011-02-24,"Khashayar Fereidani",hardware,remote,0 16239,platforms/hardware/remote/16239.txt,"iPhone Guitar Directory Traversal",2011-02-24,"Khashayar Fereidani",hardware,remote,0 @@ -14061,8 +14061,8 @@ id,file,description,date,author,platform,type,port 16247,platforms/php/webapps/16247.txt,"Pragyan CMS 3.0 - Multiple Vulnerabilities",2011-02-25,"Villy and Abhishek Lyall",php,webapps,0 16248,platforms/windows/dos/16248.pl,"eXPert PDF Reader 4.0 NULL Pointer Dereference and Heap Corruption",2011-02-26,LiquidWorm,windows,dos,0 16249,platforms/php/webapps/16249.txt,"phreebooks r30rc4 - Multiple Vulnerabilities",2011-02-26,"AutoSec Tools",php,webapps,0 -16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 Wordpress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 -16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 Wordpress Plugin - LFI Vulnerability",2011-02-26,"AutoSec Tools",php,webapps,0 +16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 WordPress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 +16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 WordPress Plugin - LFI Vulnerability",2011-02-26,"AutoSec Tools",php,webapps,0 16252,platforms/hardware/webapps/16252.html,"Linksys Cisco WAG120N CSRF Vulnerability",2011-02-26,"Khashayar Fereidani",hardware,webapps,0 16255,platforms/windows/dos/16255.pl,"Magic Music Editor - (.cda) Denial of Service",2011-02-28,"AtT4CKxT3rR0r1ST ",windows,dos,0 16256,platforms/php/webapps/16256.txt,"DO-CMS - Multiple SQL Injection Vulnerabilities",2011-02-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -14078,7 +14078,7 @@ id,file,description,date,author,platform,type,port 16268,platforms/php/webapps/16268.pl,"cChatBox for vBulletin 3.6.8 and 3.7.x SQL Injection Vulnerability",2011-03-02,DSecurity,php,webapps,0 16270,platforms/linux/dos/16270.c,"vsftpd 2.3.2 - Denial of Service Vulnerability",2011-03-02,"Maksymilian Arciemowicz",linux,dos,0 16271,platforms/ios/remote/16271.txt,"iOS TIOD 1.3.3 - Directory Traversal",2011-03-03,"R3d@l3rt, H@ckk3y",ios,remote,0 -16273,platforms/php/webapps/16273.php,"PHP Speedy <= 0.5.2 Wordpress Plugin - (admin_container.php) Remote Code Execution Exploit",2011-03-04,mr_me,php,webapps,0 +16273,platforms/php/webapps/16273.php,"PHP Speedy <= 0.5.2 WordPress Plugin - (admin_container.php) Remote Code Execution Exploit",2011-03-04,mr_me,php,webapps,0 16274,platforms/jsp/webapps/16274.pl,"JBoss Application Server Remote Exploit",2011-03-04,kingcope,jsp,webapps,0 16275,platforms/hardware/remote/16275.txt,"Comtrend ADSL Router CT-5367 C01_R12 - Remote Root",2011-03-04,"Todor Donev",hardware,remote,0 16276,platforms/php/webapps/16276.txt,"ADAN Neuronlabs (view.php) SQL Injection Vulnerability",2011-03-04,IRAQ_JAGUAR,php,webapps,0 @@ -14746,7 +14746,7 @@ id,file,description,date,author,platform,type,port 16943,platforms/windows/dos/16943.pl,"Movavi VideoSuite 8.0 SlideShow jpg Local Crash PoC",2011-03-08,KedAns-Dz,windows,dos,0 16944,platforms/windows/dos/16944.pl,"Movavi VideoSuite 8.0 Movie Editor avi Local Crash PoC",2011-03-08,KedAns-Dz,windows,dos,0 16945,platforms/hardware/dos/16945.pl,"Nokia N97 m3u Playlist Crash PoC",2011-03-08,KedAns-Dz,hardware,dos,0 -16947,platforms/php/webapps/16947.txt,"GRAND Flash Album Gallery 0.55 Wordpress Plugin - Multiple Vulnerabilities",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +16947,platforms/php/webapps/16947.txt,"GRAND Flash Album Gallery 0.55 WordPress Plugin - Multiple Vulnerabilities",2011-03-08,"High-Tech Bridge SA",php,webapps,0 16948,platforms/php/webapps/16948.txt,"Esselbach Storyteller CMS System 1.8 - SQL Injection Vulnerability",2011-03-09,Shamus,php,webapps,0 16949,platforms/php/webapps/16949.php,"maian weblog <= 4.0 - Remote Blind SQL Injection",2011-03-09,mr_me,php,webapps,0 16950,platforms/php/webapps/16950.txt,"recordpress 0.3.1 - Multiple Vulnerabilities",2011-03-09,"Khashayar Fereidani",php,webapps,0 @@ -14845,7 +14845,7 @@ id,file,description,date,author,platform,type,port 17053,platforms/windows/remote/17053.txt,"wodWebServer.NET 1.3.3 - Directory Traversal",2011-03-27,"AutoSec Tools",windows,remote,0 17054,platforms/php/webapps/17054.txt,"webedition CMS 6.1.0.2 - Multiple Vulnerabilities",2011-03-27,"AutoSec Tools",php,webapps,0 17055,platforms/php/webapps/17055.txt,"Honey Soft Web Solution Multiple Vulnerabilities",2011-03-28,**RoAd_KiLlEr**,php,webapps,0 -17056,platforms/php/webapps/17056.txt,"Wordpress plugin BackWPup - Remote and Local Code Execution Vulnerability",2011-03-28,"Sense of Security",php,webapps,0 +17056,platforms/php/webapps/17056.txt,"WordPress plugin BackWPup - Remote and Local Code Execution Vulnerability",2011-03-28,"Sense of Security",php,webapps,0 17057,platforms/php/webapps/17057.txt,"webEdition CMS Local File Inclusion Vulnerability",2011-03-28,eidelweiss,php,webapps,0 17058,platforms/linux/remote/17058.rb,"Distributed Ruby Send instance_eval/syscall Code Execution",2011-03-27,metasploit,linux,remote,0 17061,platforms/php/webapps/17061.txt,"Andy's PHP Knowledgebase Project 0.95.4 - SQL Injection",2011-03-29,"AutoSec Tools",php,webapps,0 @@ -14902,7 +14902,7 @@ id,file,description,date,author,platform,type,port 17116,platforms/hardware/webapps/17116.txt,"Longshine Multiple Print Servers Cross-Site Scripting Vulnerability",2011-04-04,b0telh0,hardware,webapps,0 17117,platforms/hardware/webapps/17117.txt,"Planet FPS-1101 - Cross-Site Scripting Vulnerability",2011-04-04,b0telh0,hardware,webapps,0 17118,platforms/php/webapps/17118.txt,"OpenEMR 4.0.0 - Multiple Vulnerabilities",2011-04-05,"AutoSec Tools",php,webapps,0 -17119,platforms/php/webapps/17119.txt,"Wordpress Plugin Custom Pages 0.5.0.1 - LFI Vulnerability",2011-04-05,"AutoSec Tools",php,webapps,0 +17119,platforms/php/webapps/17119.txt,"WordPress Plugin Custom Pages 0.5.0.1 - LFI Vulnerability",2011-04-05,"AutoSec Tools",php,webapps,0 17120,platforms/multiple/dos/17120.c,"GNU glibc < 2.12.2 - 'fnmatch()' Function Stack Corruption Vulnerability",2011-02-25,"Simon Berry-Byrne",multiple,dos,0 17181,platforms/linux/remote/17181.pl,"FiSH-irssi 0.99 - Evil ircd Buffer Overflow",2011-04-17,"Caleb James DeLisle",linux,remote,0 17124,platforms/windows/local/17124.pl,"MPlayer (r33064 Lite) Buffer Overflow + ROP Exploit",2011-04-06,Nate_M,windows,local,0 @@ -14954,7 +14954,7 @@ id,file,description,date,author,platform,type,port 17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger <= 2.8.33 Post-authentication Local File Include/Edit Vulnerability",2011-04-15,bitform,multiple,webapps,0 17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability",2011-04-16,metasploit,windows,remote,0 17176,platforms/asp/webapps/17176.txt,"SoftXMLCMS Shell Upload Vulnerability",2011-04-16,Alexander,asp,webapps,0 -17177,platforms/windows/local/17177.rb,"Microsoft Word 2003 - Record Parsing Buffer Overflow (meta) (MS09-027)",2011-04-16,"Andrew King",windows,local,0 +17177,platforms/windows/local/17177.rb,"Microsoft Word 2003 - Record Parsing Buffer Overflow (Metasploit) (MS09-027)",2011-04-16,"Andrew King",windows,local,0 17183,platforms/php/webapps/17183.txt,"osPHPSite SQL Injection Vulnerability",2011-04-17,"vir0e5 ",php,webapps,0 17188,platforms/windows/dos/17188.txt,"IBM Tivoli Directory Server SASL Bind Request Remote Code Execution",2011-04-19,"Francis Provencher",windows,dos,0 17187,platforms/windows/remote/17187.txt,"Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP+ASLR bypass)",2011-04-19,Abysssec,windows,remote,0 @@ -15044,7 +15044,7 @@ id,file,description,date,author,platform,type,port 17296,platforms/php/webapps/17296.txt,"NoticeBoardPro 1.0 - Multiple Vulnerabilities",2011-05-16,"AutoSec Tools",php,webapps,0 17297,platforms/php/webapps/17297.txt,"Jcow 4.2.1 - LFI Vulnerability",2011-05-16,"AutoSec Tools",php,webapps,0 17298,platforms/netware/dos/17298.txt,"Novell Netware eDirectory - DoS Vulnerability",2011-05-16,nSense,netware,dos,0 -17299,platforms/php/webapps/17299.txt,"Wordpress Plugin Is-human <= 1.4.2 - Remote Command Execution Vulnerability",2011-05-17,neworder,php,webapps,0 +17299,platforms/php/webapps/17299.txt,"WordPress Plugin Is-human <= 1.4.2 - Remote Command Execution Vulnerability",2011-05-17,neworder,php,webapps,0 17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS <= 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow",2011-05-16,metasploit,windows,remote,0 17302,platforms/windows/local/17302.py,"Sonique 1.96 - (.m3u) Buffer Overflow",2011-05-17,sinfulsecurity,windows,local,0 17301,platforms/php/webapps/17301.txt,"Pligg 1.1.4 - SQL Injection Vulnerability",2011-05-17,Null-0x00,php,webapps,0 @@ -15170,7 +15170,7 @@ id,file,description,date,author,platform,type,port 17448,platforms/windows/remote/17448.rb,"Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)",2011-06-23,metasploit,windows,remote,0 17451,platforms/windows/local/17451.rb,"Microsoft Office Visio VISIODWG.DLL DXF File Handling Vulnerability",2011-06-26,metasploit,windows,local,0 17452,platforms/php/webapps/17452.txt,"JoomlaXi Persistent XSS Vulnerability",2011-06-26,"Karthik R",php,webapps,0 -17453,platforms/php/webapps/17453.txt,"Wordpress Beer Recipes Plugin 1.0 - XSS",2011-06-26,TheUzuki.',php,webapps,0 +17453,platforms/php/webapps/17453.txt,"WordPress Beer Recipes Plugin 1.0 - XSS",2011-06-26,TheUzuki.',php,webapps,0 17457,platforms/php/webapps/17457.txt,"rgboard 4.2.1 - SQL Injection Vulnerability",2011-06-28,hamt0ry,php,webapps,0 17458,platforms/windows/dos/17458.txt,"HP Data Protector 6.20 - Multiple Vulnerabilities",2011-06-29,"Core Security",windows,dos,0 17459,platforms/windows/local/17459.txt,"Valve Steam Client Application 1559/1559 - Local Privilege Escalation",2011-06-29,LiquidWorm,windows,local,0 @@ -15201,17 +15201,17 @@ id,file,description,date,author,platform,type,port 17486,platforms/multiple/local/17486.php,"PHP 5.3.6 - Buffer Overflow PoC (ROP)",2011-07-04,"Jonathan Salwan",multiple,local,0 17487,platforms/php/webapps/17487.php,"WeBid <= 1.0.2 (converter.php) Remote Code Execution Exploit",2011-07-04,EgiX,php,webapps,0 17488,platforms/windows/local/17488.txt,"Adobe Reader 5.1 - XFDF Buffer Overflow Vulnerability (SEH)",2011-07-04,extraexploit,windows,local,0 -17489,platforms/windows/local/17489.rb,"Word List Builder 1.0 - Buffer Overflow Exploit (MSF)",2011-07-04,"James Fitts",windows,local,0 +17489,platforms/windows/local/17489.rb,"Word List Builder 1.0 - Buffer Overflow Exploit (Metasploit)",2011-07-04,"James Fitts",windows,local,0 17490,platforms/windows/remote/17490.rb,"HP OmniInet.exe Opcode 20 - Buffer Overflow",2011-07-04,metasploit,windows,remote,0 -17492,platforms/windows/local/17492.rb,"Wordtrainer 3.0 - (.ord) Buffer Overflow Vulnerability (MSF)",2011-07-05,"James Fitts",windows,local,0 +17492,platforms/windows/local/17492.rb,"Wordtrainer 3.0 - (.ord) Buffer Overflow Vulnerability (Metasploit)",2011-07-05,"James Fitts",windows,local,0 17491,platforms/unix/remote/17491.rb,"VSFTPD 2.3.4 - Backdoor Command Execution",2011-07-05,metasploit,unix,remote,0 17493,platforms/asp/webapps/17493.txt,"DmxReady Secure Document Library 1.2 - SQL Injection Vulnerability",2011-07-05,Bellatrix,asp,webapps,0 17509,platforms/windows/dos/17509.pl,"ZipWiz 2005 5.0 - (.zip) Buffer Corruption Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 17495,platforms/php/webapps/17495.txt,"BbZL.PhP File Inclusion Exploit",2011-07-06,"Number 7",php,webapps,0 17496,platforms/php/webapps/17496.txt,"Joomla 1.6.3 - CSRF Exploit",2011-07-06,"Luis Santana",php,webapps,0 17497,platforms/windows/dos/17497.txt,"ESTsoft ALPlayer 2.0 - ASX Playlist File Handling Buffer Overflow Vulnerability",2011-07-06,LiquidWorm,windows,dos,0 -17498,platforms/windows/remote/17498.rb,"Freefloat FTP Server Buffer Overflow Vulnerability (MSF)",2011-07-07,"James Fitts",windows,remote,0 -17499,platforms/windows/local/17499.rb,"CoolPlayer Portable 2.19.2 - Buffer Overflow (MSF)",2011-07-07,"James Fitts",windows,local,0 +17498,platforms/windows/remote/17498.rb,"Freefloat FTP Server Buffer Overflow Vulnerability (Metasploit)",2011-07-07,"James Fitts",windows,remote,0 +17499,platforms/windows/local/17499.rb,"CoolPlayer Portable 2.19.2 - Buffer Overflow (Metasploit)",2011-07-07,"James Fitts",windows,local,0 17500,platforms/php/webapps/17500.txt,"LuxCal Web Calendar 2.4.2 & 2.5.0 - SQL Injection Vulnerability",2011-07-07,kaMtiEz,php,webapps,0 17501,platforms/hardware/dos/17501.py,"Dlink DSL-2650U DoS/PoC",2011-07-07,"Li'el Fridman",hardware,dos,0 17502,platforms/windows/local/17502.rb,"MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflow",2011-07-07,metasploit,windows,local,0 @@ -15243,14 +15243,14 @@ id,file,description,date,author,platform,type,port 17536,platforms/windows/remote/17536.rb,"HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow",2011-07-16,metasploit,windows,remote,0 17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow",2011-07-16,metasploit,windows,remote,0 17539,platforms/windows/remote/17539.rb,"FreeFloat FTP Server 1.00 - MKD Buffer Overflow Exploit",2011-07-17,"C4SS!0 G0M3S",windows,remote,0 -17540,platforms/windows/remote/17540.rb,"Freefloat FTP Server MKD Buffer Overflow (MSF)",2011-07-18,"James Fitts",windows,remote,0 +17540,platforms/windows/remote/17540.rb,"Freefloat FTP Server MKD Buffer Overflow (Metasploit)",2011-07-18,"James Fitts",windows,remote,0 17543,platforms/windows/remote/17543.rb,"Iconics GENESIS32 9.21.201.01 - Integer Overflow",2011-07-17,metasploit,windows,remote,0 17544,platforms/windows/dos/17544.txt,"GDI+ - CreateDashedPath Integer Overflow in gdiplus.dll",2011-07-18,Abysssec,windows,dos,0 17545,platforms/win32/shellcode/17545.txt,"win32/PerfectXp-pc1/sp3 (Tr) Add Admin Shellcode 112 bytes",2011-07-18,KaHPeSeSe,win32,shellcode,0 17546,platforms/windows/remote/17546.py,"FreeFloat FTP Server 1.0 - REST & PASV Buffer Overflow Exploit",2011-07-18,"C4SS!0 G0M3S",windows,remote,0 17553,platforms/php/webapps/17553.txt,"Appointment Booking Pro Joomla Component LFI Vulnerability",2011-07-20,"Don Tukulesto",php,webapps,0 17554,platforms/php/webapps/17554.txt,"Mevin Basic PHP Events Lister 2.03 - CSRF Vulnerabilities",2011-07-21,Crazy_Hacker,php,webapps,0 -17548,platforms/windows/remote/17548.rb,"FreeFloat FTP Server REST Buffer Overflow (MSF)",2011-07-19,KaHPeSeSe,windows,remote,0 +17548,platforms/windows/remote/17548.rb,"FreeFloat FTP Server REST Buffer Overflow (Metasploit)",2011-07-19,KaHPeSeSe,windows,remote,0 17549,platforms/multiple/dos/17549.txt,"Lotus Domino SMTP Router & Email Server and Client - DoS",2011-07-19,Unknown,multiple,dos,0 17550,platforms/windows/remote/17550.py,"FreeFloat FTP Server 1.0 - ACCL Buffer Overflow Exploit",2011-07-19,mortis,windows,remote,0 17551,platforms/jsp/webapps/17551.txt,"Oracle Sun GlassFish Enterprise Server - Stored XSS Vulnerability",2011-07-20,"Sense of Security",jsp,webapps,0 @@ -15274,7 +15274,7 @@ id,file,description,date,author,platform,type,port 17575,platforms/windows/remote/17575.txt,"Safari 5.0.5 - SVG Remote Code Execution Exploit (DEP Bypass)",2011-07-26,Abysssec,windows,remote,0 17577,platforms/cgi/webapps/17577.txt,"SWAT Samba Web Administration Tool Cross-Site Request Forgery PoC",2011-07-27,"Narendra Shinde",cgi,webapps,0 17578,platforms/windows/remote/17578.txt,"MinaliC Webserver 2.0 - Remote Source Disclosure",2011-07-27,X-h4ck,windows,remote,0 -17579,platforms/php/webapps/17579.rb,"Joomla 1.5 com_virtuemart <= 1.1.7 - Blind time-based SQL Injection (MSF)",2011-07-28,TecR0c,php,webapps,0 +17579,platforms/php/webapps/17579.rb,"Joomla 1.5 com_virtuemart <= 1.1.7 - Blind time-based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0 17580,platforms/windows/dos/17580.py,"MyWebServer 1.0.3 - Denial of Service",2011-07-28,X-h4ck,windows,dos,0 17581,platforms/windows/remote/17581.txt,"MyWebServer 1.0.3 - Arbitrary File Download",2011-07-28,X-h4ck,windows,remote,0 17582,platforms/windows/dos/17582.txt,"Citrix XenApp / XenDesktop - Stack-Based Buffer Overflow",2011-07-28,"n.runs AG",windows,dos,0 @@ -15282,7 +15282,7 @@ id,file,description,date,author,platform,type,port 17584,platforms/php/webapps/17584.php,"cFTP <= 0.1 (r80) Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0 17586,platforms/jsp/webapps/17586.txt,"ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple XSS Vulnerabilities",2011-07-29,"Narendra Shinde",jsp,webapps,0 17587,platforms/php/webapps/17587.txt,"Link Station Pro Multiple Vulnerabilities",2011-07-30,"$#4d0\/\/[r007k17]",php,webapps,0 -17588,platforms/windows/remote/17588.rb,"Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (MSF) (0day)",2011-07-31,mr_me,windows,remote,0 +17588,platforms/windows/remote/17588.rb,"Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (Metasploit) (0day)",2011-07-31,mr_me,windows,remote,0 17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0 17591,platforms/php/webapps/17591.txt,"Joomla Component (com_obSuggest) Local File Inclusion Vulnerability",2011-07-31,v3n0m,php,webapps,0 17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 - CSRF Vulnerability",2011-08-01,Xadpritox,php,webapps,0 @@ -15294,14 +15294,14 @@ id,file,description,date,author,platform,type,port 17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server DoS",2011-08-03,"Craig Freyman",windows,dos,0 17602,platforms/php/webapps/17602.txt,"WordPress TimThumb Plugin 1.32 - Remote Code Execution",2011-08-03,MaXe,php,webapps,0 17603,platforms/php/webapps/17603.txt,"Joomla Component (com_jdirectory) SQL Injection Vulnerability",2011-08-03,"Caddy Dz",php,webapps,0 -17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 -17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 +17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 +17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17606,platforms/multiple/webapps/17606.txt,"DZYGroup CMS Portal Multiple SQL Injection Vulnerabilities",2011-08-04,Netrondoank,multiple,webapps,0 -17607,platforms/windows/local/17607.rb,"FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 +17607,platforms/windows/local/17607.rb,"FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17610,platforms/multiple/dos/17610.py,"OpenSLP 1.2.1 & < 1647 trunk - Denial of Service Exploit",2011-08-05,"Nicolas Gregoire",multiple,dos,0 17611,platforms/linux/local/17611.pl,"Unrar 3.9.3 - Local Stack Overflow Exploit",2011-08-05,ZadYree,linux,local,0 17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 OBJECT mChannel Remote Code Execution Exploit (DEP bypass)",2011-08-05,Rh0,windows,remote,0 -17613,platforms/php/webapps/17613.php,"Wordpress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit",2011-08-05,IHTeam,php,webapps,0 +17613,platforms/php/webapps/17613.php,"WordPress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit",2011-08-05,IHTeam,php,webapps,0 17614,platforms/hp-ux/remote/17614.sh,"HP Data Protector Remote Shell for HP-UX",2011-08-05,"Adrian Puente Z.",hp-ux,remote,0 17615,platforms/jsp/webapps/17615.rb,"Sun/Oracle GlassFish Server Authenticated Code Execution",2011-08-05,metasploit,jsp,webapps,0 17616,platforms/php/webapps/17616.txt,"WordPress ProPlayer plugin <= 4.7.7 - SQL Injection Vulnerability",2011-08-05,"Miroslav Stampar",php,webapps,0 @@ -15354,19 +15354,19 @@ id,file,description,date,author,platform,type,port 17676,platforms/windows/dos/17676.py,"Notepad++ NppFTP plugin LIST command Remote Heap Overflow PoC",2011-08-17,0in,windows,dos,0 17677,platforms/php/webapps/17677.txt,"WordPress File Groups plugin <= 1.1.2 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 17678,platforms/php/webapps/17678.txt,"WordPress Contus HD FLV Player plugin <= 1.3 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 -17679,platforms/php/webapps/17679.txt,"Wordpress Plugin Symposium <= 0.64 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 +17679,platforms/php/webapps/17679.txt,"WordPress Plugin Symposium <= 0.64 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 17680,platforms/php/webapps/17680.txt,"WordPress Easy Contact Form Lite Plugin <= 1.0.7 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 17681,platforms/php/webapps/17681.txt,"WordPress OdiHost Newsletter plugin <= 1.0 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 17682,platforms/php/webapps/17682.php,"Contrexx Shopsystem <= 2.2 SP3 (catId) - Blind SQL Injection",2011-08-17,Penguin,php,webapps,0 -17683,platforms/php/webapps/17683.txt,"Wordpress Plugin DS FAQ <= 1.3.2 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 -17684,platforms/php/webapps/17684.txt,"Wordpress Plugin Forum <= 1.7.8 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 +17683,platforms/php/webapps/17683.txt,"WordPress Plugin DS FAQ <= 1.3.2 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 +17684,platforms/php/webapps/17684.txt,"WordPress Plugin Forum <= 1.7.8 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17685,platforms/php/webapps/17685.txt,"Elgg <= 1.7.10 - Multiple Vulnerabilities",2011-08-18,"Aung Khant",php,webapps,0 17686,platforms/php/webapps/17686.txt,"WordPress Ajax Gallery plugin <= 3.0 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17687,platforms/php/webapps/17687.txt,"WordPress Global Content Blocks plugin <= 1.2 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17688,platforms/php/webapps/17688.txt,"WordPress Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17689,platforms/php/webapps/17689.txt,"WordPress Menu Creator plugin <= 1.1.7 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17691,platforms/multiple/remote/17691.rb,"Apache Struts < 2.2.0 - Remote Command Execution",2011-08-19,metasploit,multiple,remote,0 -17692,platforms/windows/remote/17692.rb,"Solarftp 2.1.2 - PASV Buffer Overflow Exploit (MSF)",2011-08-19,Qnix,windows,remote,0 +17692,platforms/windows/remote/17692.rb,"Solarftp 2.1.2 - PASV Buffer Overflow Exploit (Metasploit)",2011-08-19,Qnix,windows,remote,0 17695,platforms/php/webapps/17695.txt,"phpMyRealty <= 1.0.7 - SQL Injection Vulnerability",2011-08-19,H4T$A,php,webapps,0 17694,platforms/php/webapps/17694.txt,"network tracker .95 - Stored XSS",2011-08-19,G13,php,webapps,0 17696,platforms/multiple/dos/17696.pl,"Apache httpd Remote Denial of Service (memory exhaustion)",2011-08-19,kingcope,multiple,dos,0 @@ -15423,15 +15423,15 @@ id,file,description,date,author,platform,type,port 17753,platforms/php/webapps/17753.txt,"FileBox - File Hosting & Sharing Script 1.5 - SQL Injection Vulnerability",2011-08-30,SubhashDasyam,php,webapps,0 17754,platforms/windows/local/17754.c,"DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP+ASLR Bypass)",2011-08-30,sickness,windows,local,0 17755,platforms/php/webapps/17755.txt,"WordPress Crawl Rate Tracker plugin <= 2.0.2 - SQL Injection Vulnerability",2011-08-30,"Miroslav Stampar",php,webapps,0 -17756,platforms/php/webapps/17756.txt,"Wordpress Plugin audio gallery playlist <= 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17756,platforms/php/webapps/17756.txt,"WordPress Plugin audio gallery playlist <= 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 17757,platforms/php/webapps/17757.txt,"WordPress yolink Search plugin <= 1.1.4 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 17758,platforms/php/webapps/17758.txt,"WordPress PureHTML plugin <= 1.0.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 17759,platforms/php/webapps/17759.txt,"WordPress Couponer plugin <= 1.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17760,platforms/php/webapps/17760.txt,"Wordpress grapefile plugin <= 1.1 - Arbitrary File Upload",2011-08-31,"Hrvoje Spoljar",php,webapps,0 +17760,platforms/php/webapps/17760.txt,"WordPress grapefile plugin <= 1.1 - Arbitrary File Upload",2011-08-31,"Hrvoje Spoljar",php,webapps,0 17761,platforms/php/webapps/17761.txt,"WordPress Plugin image gallery with slideshow <= 1.5 - Multiple Vulnerabilities",2011-08-31,"Hrvoje Spoljar",php,webapps,0 17762,platforms/windows/remote/17762.rb,"Citrix Gateway - ActiveX Control Stack Based Buffer Overflow Vulnerability",2011-08-31,metasploit,windows,remote,0 17763,platforms/php/webapps/17763.txt,"WordPress Donation plugin <= 1.0 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 -17764,platforms/php/webapps/17764.txt,"Wordpress Plugin Bannerize <= 2.8.6 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 +17764,platforms/php/webapps/17764.txt,"WordPress Plugin Bannerize <= 2.8.6 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 17766,platforms/windows/webapps/17766.txt,"NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities",2011-09-01,"Narendra Shinde",windows,webapps,0 17767,platforms/php/webapps/17767.txt,"WordPress SearchAutocomplete plugin <= 1.0.8 - SQL Injection Vulnerability",2011-09-01,"Miroslav Stampar",php,webapps,0 17770,platforms/windows/local/17770.rb,"DVD X Player 5.5 - (.plf) PlayList Buffer Overflow",2011-09-01,metasploit,windows,local,0 @@ -15462,7 +15462,7 @@ id,file,description,date,author,platform,type,port 17797,platforms/php/webapps/17797.txt,"WordPress Paid Downloads plugin <= 2.01 - SQL Injection Vulnerability",2011-09-08,"Miroslav Stampar",php,webapps,0 17798,platforms/php/webapps/17798.txt,"WordPress Community Events plugin <= 1.2.1 - SQL Injection Vulnerability",2011-09-08,"Miroslav Stampar",php,webapps,0 17800,platforms/php/webapps/17800.txt,"AM4SS 1.2 - CSRF add admin Vulnerability",2011-09-08,"red virus",php,webapps,0 -17801,platforms/php/webapps/17801.rb,"Wordpress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (MSF)",2011-09-08,"Ben Schmidt",php,webapps,0 +17801,platforms/php/webapps/17801.rb,"WordPress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (Metasploit)",2011-09-08,"Ben Schmidt",php,webapps,0 17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro (SEH DEP + ASLR Bypass) Exploit",2011-09-08,Rew,windows,local,0 21788,platforms/windows/dos/21788.pl,"FastStone Image Viewer 4.6 - ReadAVonIP Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 21787,platforms/php/webapps/21787.rb,"MyAuth3 - Blind SQL Injection",2012-10-07,"Marcio Almeida",php,webapps,0 @@ -15470,10 +15470,10 @@ id,file,description,date,author,platform,type,port 17807,platforms/php/webapps/17807.txt,"OpenCart 1.5.1.2 - Blind SQL Vulnerability",2011-09-08,"RiRes Walid",php,webapps,0 17808,platforms/php/webapps/17808.txt,"WordPress WP-Filebase Download Manager plugin <= 0.2.9 - SQL Injection Vulnerability",2011-09-09,"Miroslav Stampar",php,webapps,0 17809,platforms/php/webapps/17809.txt,"WordPress A to Z Category Listing plugin <= 1.3 - SQL Injection Vulnerability",2011-09-09,"Miroslav Stampar",php,webapps,0 -17810,platforms/windows/remote/17810.rb,"BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (MSF)",2011-09-09,"SecPod Research",windows,remote,0 +17810,platforms/windows/remote/17810.rb,"BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (Metasploit)",2011-09-09,"SecPod Research",windows,remote,0 17811,platforms/php/webapps/17811.txt,"MYRE Real Estate Software Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 17813,platforms/php/webapps/17813.txt,"Xataface WebAuction and Xataface Librarian DB - Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 -17814,platforms/php/webapps/17814.txt,"Wordpress Event Registration plugin <= 5.44 - SQL Injection Vulnerability",2011-09-09,serk,php,webapps,0 +17814,platforms/php/webapps/17814.txt,"WordPress Event Registration plugin <= 5.44 - SQL Injection Vulnerability",2011-09-09,serk,php,webapps,0 17815,platforms/windows/dos/17815.py,"MelOn Player 1.0.11.x - Denial of Service PoC",2011-09-09,modpr0be,windows,dos,0 17816,platforms/php/webapps/17816.txt,"WordPress Tune Library plugin <= 2.17 - SQL Injection Vulnerability",2011-09-10,"Miroslav Stampar",php,webapps,0 17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone (.zip) Buffer Overflow Exploit (0day)",2011-09-12,mr_me,windows,local,0 @@ -15488,10 +15488,10 @@ id,file,description,date,author,platform,type,port 21785,platforms/windows/dos/21785.pl,"HCView WriteAV Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI <= 1.13 - Coreservice.exe Stack Buffer Overflow",2011-09-12,metasploit,windows,remote,0 17829,platforms/php/webapps/17829.txt,"dotProject 2.1.5 - SQL Injection Vulnerability",2011-09-13,sherl0ck_,php,webapps,0 -17828,platforms/php/webapps/17828.txt,"Wordpress Plugin Forum Server <= 1.7 - SQL Injection Vulnerability",2011-09-13,"Miroslav Stampar",php,webapps,0 +17828,platforms/php/webapps/17828.txt,"WordPress Plugin Forum Server <= 1.7 - SQL Injection Vulnerability",2011-09-13,"Miroslav Stampar",php,webapps,0 17830,platforms/windows/dos/17830.txt,"Microsoft WINS Service <= 5.2.3790.4520 - Memory Corruption",2011-09-13,"Luigi Auriemma",windows,dos,0 17831,platforms/windows/dos/17831.txt,"Microsoft WINS ECommEndDlg Input Validation Error",2011-09-13,"Core Security",windows,dos,0 -17832,platforms/php/webapps/17832.txt,"Wordpress Plugin e-Commerce <= 3.8.6 - SQL Injection Vulnerability",2011-09-14,"Miroslav Stampar",php,webapps,0 +17832,platforms/php/webapps/17832.txt,"WordPress Plugin e-Commerce <= 3.8.6 - SQL Injection Vulnerability",2011-09-14,"Miroslav Stampar",php,webapps,0 17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone <= 5.3.11.1230 - Stack Buffer Overflow",2011-09-13,metasploit,windows,local,0 17835,platforms/windows/dos/17835.txt,"Beckhoff TwinCAT <= 2.11.0.2004 - Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 17836,platforms/windows/dos/17836.txt,"Equis MetaStock <= 11 Use After Free",2011-09-14,"Luigi Auriemma",windows,dos,0 @@ -15516,19 +15516,19 @@ id,file,description,date,author,platform,type,port 17854,platforms/windows/local/17854.py,"MY MP3 Player 3.0 m3u Exploit DEP Bypass",2011-09-17,blake,windows,local,0 17855,platforms/windows/remote/17855.rb,"DaqFactory HMI NETB Request Overflow",2011-09-18,metasploit,windows,remote,0 17856,platforms/windows/dos/17856.py,"KnFTP 1.0.0 Server Multiple Buffer Overflow Exploit (DoS PoC)",2011-09-18,loneferret,windows,dos,21 -17860,platforms/php/webapps/17860.txt,"Wordpress TheCartPress Plugin 1.1.1 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17861,platforms/php/webapps/17861.txt,"Wordpress AllWebMenus Plugin 1.1.3 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17862,platforms/php/webapps/17862.txt,"Wordpress WPEasyStats Plugin 1.8 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17863,platforms/php/webapps/17863.txt,"Wordpress Annonces Plugin 1.2.0.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17864,platforms/php/webapps/17864.txt,"Wordpress Livesig Plugin 0.4 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17865,platforms/php/webapps/17865.txt,"Wordpress Disclosure Policy Plugin 1.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17866,platforms/php/webapps/17866.txt,"Wordpress Mailing List Plugin 1.3.2 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17867,platforms/php/webapps/17867.txt,"Wordpress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17868,platforms/php/webapps/17868.txt,"Wordpress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17869,platforms/php/webapps/17869.txt,"Wordpress Relocate Upload Plugin 0.14 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17860,platforms/php/webapps/17860.txt,"WordPress TheCartPress Plugin 1.1.1 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17861,platforms/php/webapps/17861.txt,"WordPress AllWebMenus Plugin 1.1.3 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17862,platforms/php/webapps/17862.txt,"WordPress WPEasyStats Plugin 1.8 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17863,platforms/php/webapps/17863.txt,"WordPress Annonces Plugin 1.2.0.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17864,platforms/php/webapps/17864.txt,"WordPress Livesig Plugin 0.4 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17865,platforms/php/webapps/17865.txt,"WordPress Disclosure Policy Plugin 1.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17866,platforms/php/webapps/17866.txt,"WordPress Mailing List Plugin 1.3.2 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17867,platforms/php/webapps/17867.txt,"WordPress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17868,platforms/php/webapps/17868.txt,"WordPress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17869,platforms/php/webapps/17869.txt,"WordPress Relocate Upload Plugin 0.14 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 17870,platforms/windows/remote/17870.pl,"KnFTP 1.0.0 Server - 'USER' command Remote Buffer Overflow Exploit",2011-09-19,mr.pr0n,windows,remote,0 17871,platforms/hardware/webapps/17871.txt,"Cisco TelePresence Multiple Vulnerabilities - SOS-11-010",2011-09-19,"Sense of Security",hardware,webapps,0 -17872,platforms/php/webapps/17872.txt,"Multiple Wordpress Plugin - timthumb.php Vulnerabilites",2011-09-19,"Ben Schmidt",php,webapps,0 +17872,platforms/php/webapps/17872.txt,"Multiple WordPress Plugin - timthumb.php Vulnerabilites",2011-09-19,"Ben Schmidt",php,webapps,0 17873,platforms/windows/webapps/17873.txt,"SharePoint 2007/2010 and DotNetNuke < 6 - File disclosure via XEE",2011-09-20,"Nicolas Gregoire",windows,webapps,0 17874,platforms/hardware/webapps/17874.txt,"NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF",2011-09-20,"Sense of Security",hardware,webapps,0 17876,platforms/windows/remote/17876.py,"ScriptFTP <= 3.3 - Remote Buffer Overflow (LIST)",2011-09-20,modpr0be,windows,remote,0 @@ -15557,9 +15557,9 @@ id,file,description,date,author,platform,type,port 17901,platforms/osx/dos/17901.c,"Mac OS X < 10.6.7 Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 17902,platforms/windows/local/17902.c,"Norman Security Suite 8 - (nprosec.sys) Local Privilege Escalation (0day)",2011-09-28,Xst3nZ,windows,local,0 17903,platforms/windows/dos/17903.txt,"NCSS <= 07.1.21 Array Overflow with Write2",2011-09-29,"Luigi Auriemma",windows,dos,0 -17904,platforms/windows/remote/17904.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (MSF)",2011-09-29,otoy,windows,remote,0 +17904,platforms/windows/remote/17904.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (Metasploit)",2011-09-29,otoy,windows,remote,0 17905,platforms/php/webapps/17905.txt,"Typo3 File Disclosure",2011-09-29,"Number 7",php,webapps,0 -17906,platforms/php/webapps/17906.txt,"Wordpress Plugin Bannerize <= 2.8.7 - SQL Injection Vulnerability",2011-09-30,"Miroslav Stampar",php,webapps,0 +17906,platforms/php/webapps/17906.txt,"WordPress Plugin Bannerize <= 2.8.7 - SQL Injection Vulnerability",2011-09-30,"Miroslav Stampar",php,webapps,0 17908,platforms/freebsd/dos/17908.sh,"FreeBSD UIPC socket heap Overflow proof-of-concept",2011-09-30,"Shaun Colley",freebsd,dos,0 17909,platforms/php/webapps/17909.txt,"MARINET CMS (room.php) <= Blind SQL Vulnerability",2011-09-30,"BHG Security Center",php,webapps,0 17911,platforms/php/webapps/17911.php,"Feed on Feeds <= 0.5 - Remote PHP Code Injection Exploit",2011-09-30,EgiX,php,webapps,0 @@ -15621,7 +15621,7 @@ id,file,description,date,author,platform,type,port 17980,platforms/php/webapps/17980.txt,"WordPress Contact Form plugin <= 2.7.5 - SQL Injection",2011-10-14,Skraps,php,webapps,0 17981,platforms/windows/dos/17981.py,"Windows - TCP/IP Stack Denial of Service (MS11-064)",2011-10-15,"Byoungyoung Lee",windows,dos,0 17982,platforms/windows/dos/17982.pl,"BlueZone Desktop .zap file Local Denial of Service Vulnerability",2011-10-15,Silent_Dream,windows,dos,0 -17983,platforms/php/webapps/17983.txt,"Wordpress Plugin Photo Album Plus <= 4.1.1 - SQL Injection Vulnerability",2011-10-15,Skraps,php,webapps,0 +17983,platforms/php/webapps/17983.txt,"WordPress Plugin Photo Album Plus <= 4.1.1 - SQL Injection Vulnerability",2011-10-15,Skraps,php,webapps,0 17985,platforms/windows/local/17985.rb,"Real Networks Netzip Classic 7.5.1 86 File Parsing Buffer Overflow",2011-10-16,metasploit,windows,local,0 17984,platforms/php/webapps/17984.txt,"Ruubikcms 1.1.0 - (/extra/image.php) Local File Inclusion",2011-10-16,"Sangyun YOO",php,webapps,0 17986,platforms/osx/remote/17986.rb,"Apple Safari file:// Arbitrary Code Execution",2011-10-17,metasploit,osx,remote,0 @@ -15684,7 +15684,7 @@ id,file,description,date,author,platform,type,port 18051,platforms/windows/remote/18051.txt,"BroadWin WebAccess SCADA/HMI Client Remote Code Execution",2011-10-31,Snake,windows,remote,0 18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC",2011-10-31,rgod,windows,dos,0 18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress <= 3.1.4 - Stored XSS",2011-10-31,"Paul Loftness",php,webapps,0 -18055,platforms/php/webapps/18055.txt,"Wordpress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 +18055,platforms/php/webapps/18055.txt,"WordPress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 MiniSMTP Server Remote Exploit",2011-10-31,"Dillon Beresford",windows,remote,0 18058,platforms/php/webapps/18058.txt,"Joomla Component Alameda (com_alameda) 1.0 - SQL Injection",2011-10-31,kaMtiEz,php,webapps,0 @@ -15732,7 +15732,7 @@ id,file,description,date,author,platform,type,port 18110,platforms/php/webapps/18110.txt,"CMS 4.x.x Zorder (SQL Injection Vul)",2011-11-13,"KraL BeNiM",php,webapps,0 18119,platforms/windows/dos/18119.rb,"Attachmate Reflection FTP Client Heap Overflow",2011-11-16,"Francis Provencher",windows,dos,0 18120,platforms/linux/dos/18120.py,"FleaHttpd Remote Denial of Service Exploit",2011-11-16,condis,linux,dos,80 -18111,platforms/php/webapps/18111.php,"Wordpress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 +18111,platforms/php/webapps/18111.php,"WordPress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 18132,platforms/php/webapps/18132.php,"Support Incident Tracker <= 3.65 (translate.php) Remote Code Execution",2011-11-19,EgiX,php,webapps,0 18112,platforms/windows/dos/18112.txt,"optima apiftp server <= 1.5.2.13 - Multiple Vulnerabilities",2011-11-14,"Luigi Auriemma",windows,dos,0 18113,platforms/windows/local/18113.rb,"Mini-Stream RM-MP3 Converter 3.1.2.1 - (.pls) Stack Buffer Overflow",2011-11-14,metasploit,windows,local,0 @@ -15820,7 +15820,7 @@ id,file,description,date,author,platform,type,port 18227,platforms/linux_mips/shellcode/18227.c,"Linux/MIPS - reboot() - 32 bytes",2011-12-10,rigan,linux_mips,shellcode,0 18228,platforms/linux/local/18228.sh,"Acpid 1:2.0.10-1ubuntu2 - Privilege Boundary Crossing Vulnerability",2011-12-10,otr,linux,local,0 18230,platforms/php/webapps/18230.txt,"FCMS <= 2.7.2 CMS - Multiple Stored XSS Vulnerability",2011-12-10,"Ahmed Elhady Mohamed",php,webapps,0 -18231,platforms/php/webapps/18231.txt,"Wordpress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0 +18231,platforms/php/webapps/18231.txt,"WordPress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0 18232,platforms/php/webapps/18232.txt,"FCMS <= 2.7.2 CMS - Multiple CSRF Vulnerabilities",2011-12-11,"Ahmed Elhady Mohamed",php,webapps,0 18233,platforms/php/webapps/18233.txt,"Xoops 2.5.4 - Blind SQL Injection",2011-12-11,blkhtc0rp,php,webapps,0 18235,platforms/windows/remote/18235.pl,"zFTPServer Suite 6.0.0.52 - 'rmdir' Directory Traversal",2011-12-11,"Stefan Schurtz",windows,remote,0 @@ -15851,12 +15851,12 @@ id,file,description,date,author,platform,type,port 18272,platforms/windows/dos/18272.py,"Windows Explorer Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 18274,platforms/php/webapps/18274.txt,"openemr 4 - Multiple Vulnerabilities",2011-12-25,Level,php,webapps,0 18275,platforms/win64/dos/18275.txt,"GdiDrawStream BSoD using Safari",2011-12-18,webDEViL,win64,dos,0 -18276,platforms/php/webapps/18276.txt,"Wordpress Mailing List Plugin - Arbitrary File Download",2011-12-26,6Scan,php,webapps,0 +18276,platforms/php/webapps/18276.txt,"WordPress Mailing List Plugin - Arbitrary File Download",2011-12-26,6Scan,php,webapps,0 18277,platforms/php/webapps/18277.txt,"Free Image Hosting Script Arbitrary File Upload Vulnerability",2011-12-26,ySecurity,php,webapps,0 18278,platforms/linux/dos/18278.txt,"Nagios Plugin check_ups Local Buffer Overflow PoC",2011-12-26,"Stefan Schurtz",linux,dos,0 18280,platforms/linux/remote/18280.c,"Telnetd encrypt_keyid - Remote Root Function Pointer Overwrite",2011-12-26,"NighterMan and BatchDrake",linux,remote,0 18283,platforms/windows/remote/18283.rb,"CoCSoft Stream Down 6.8.0 - Universal Exploit (Metasploit)",2011-12-27,"Fady Mohammed Osman",windows,remote,0 -18412,platforms/php/webapps/18412.php,"Wordpress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload",2012-01-23,EgiX,php,webapps,0 +18412,platforms/php/webapps/18412.php,"WordPress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload",2012-01-23,EgiX,php,webapps,0 18287,platforms/php/webapps/18287.php,"Joomla Module Simple File Upload 1.3 - Remote Code Execution",2011-12-28,gmda,php,webapps,0 18285,platforms/windows/dos/18285.py,"VLC 1.1.11 (libav) libavcodec_plugin.dll DoS",2011-12-28,"Mitchell Adair",windows,dos,0 18288,platforms/php/webapps/18288.txt,"DIY-CMS blog mod SQL Injection Vulnerability",2011-12-29,snup,php,webapps,0 @@ -15906,12 +15906,12 @@ id,file,description,date,author,platform,type,port 18347,platforms/php/webapps/18347.txt,"Pragyan CMS 3.0 - Remote File Disclosure",2012-01-10,Or4nG.M4N,php,webapps,0 18348,platforms/php/webapps/18348.txt,"w-cms 2.01 - Multiple Vulnerabilities",2012-01-10,th3.g4m3_0v3r,php,webapps,0 18349,platforms/windows/local/18349.pl,"Blade API Monitor 3.6.9.2 Unicode Stack Buffer Overflow",2012-01-10,FullMetalFouad,windows,local,0 -18350,platforms/php/webapps/18350.txt,"Wordpress Age Verification Plugin <= 0.4 - Open Redirect",2012-01-10,"Gianluca Brindisi",php,webapps,0 +18350,platforms/php/webapps/18350.txt,"WordPress Age Verification Plugin <= 0.4 - Open Redirect",2012-01-10,"Gianluca Brindisi",php,webapps,0 18351,platforms/netware/dos/18351.txt,"Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution",2012-01-10,"Francis Provencher",netware,dos,0 18352,platforms/php/webapps/18352.txt,"YABSoft Advanced Image Hosting Script SQL Injection Vulnerability",2012-01-12,"Robert Cooper",php,webapps,0 18353,platforms/php/webapps/18353.txt,"WordPress wp-autoyoutube plugin - Blind SQL Injection Vulnerability",2012-01-12,longrifle0x,php,webapps,0 18354,platforms/windows/remote/18354.py,"WorldMail imapd 3.0 SEH Overflow (egg hunter)",2012-01-12,TheXero,windows,remote,0 -18355,platforms/php/webapps/18355.txt,"Wordpress Count-per-day plugin - Multiple Vulnerabilities",2012-01-12,6Scan,php,webapps,0 +18355,platforms/php/webapps/18355.txt,"WordPress Count-per-day plugin - Multiple Vulnerabilities",2012-01-12,6Scan,php,webapps,0 18356,platforms/php/webapps/18356.txt,"Tine 2.0 - Maischa - Multiple Cross-Site Scripting Vulnerabilities",2012-01-13,Vulnerability-Lab,php,webapps,0 18357,platforms/php/webapps/18357.txt,"Pragyan CMS 2.6.1 - Arbitrary File Upload Vulnerability",2012-01-13,Dr.KroOoZ,php,webapps,0 18373,platforms/jsp/webapps/18373.txt,"Cloupia End-to-end FlexPod Management Directory Traversal",2012-01-15,"Chris Rock",jsp,webapps,0 @@ -15963,10 +15963,10 @@ id,file,description,date,author,platform,type,port 18413,platforms/php/webapps/18413.txt,"SpamTitan Application 5.08x - SQL Injection Vulnerability",2012-01-23,Vulnerability-Lab,php,webapps,0 18701,platforms/php/webapps/18701.txt,"phpPaleo - Local File Inclusion",2012-04-04,"Mark Stanislav",php,webapps,0 18416,platforms/jsp/webapps/18416.txt,"stoneware webnetwork6 - Multiple Vulnerabilities",2012-01-24,"Jacob Holcomb",jsp,webapps,0 -18417,platforms/php/webapps/18417.txt,"Wordpress <= 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 +18417,platforms/php/webapps/18417.txt,"WordPress <= 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 18418,platforms/php/webapps/18418.html,"VR GPub 4.0 - CSRF Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0 18419,platforms/php/webapps/18419.html,"phplist 2.10.9 - CSRF/XSS Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0 -18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (MSF Module)",2012-01-26,"Craig Freyman",windows,remote,0 +18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0 18422,platforms/php/webapps/18422.txt,"Peel SHOPPING 2.8& 2.9 - XSS/SQL Injections Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0 18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server magentservice.exe Overflow",2012-01-27,metasploit,windows,remote,0 18424,platforms/php/webapps/18424.rb,"vBSEO <= 3.6.0 - _proc_deutf()_ Remote PHP Code Injection Exploit",2012-01-27,EgiX,php,webapps,0 @@ -16032,7 +16032,7 @@ id,file,description,date,author,platform,type,port 18497,platforms/php/webapps/18497.txt,"4PSA CMS SQL Injection Vulnerabilities",2012-02-19,"BHG Security Center",php,webapps,0 18498,platforms/php/webapps/18498.html,"SyndeoCMS <= 3.0 - CSRF Vulnerability",2012-02-19,"Ivano Binetti",php,webapps,0 18500,platforms/windows/local/18500.py,"Blade API Monitor Unicode Bypass (Serial Number BOF)",2012-02-20,b33f,windows,local,0 -18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 SEH Exploit MSF",2012-02-20,Death-Shadow-Dark,windows,local,0 +18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit (Metasploit)",2012-02-20,Death-Shadow-Dark,windows,local,0 18502,platforms/php/webapps/18502.html,"PlumeCMS <= 1.2.4 - CSRF Vulnerability",2012-02-20,"Ivano Binetti",php,webapps,0 18503,platforms/hardware/webapps/18503.txt,"Cisco Linksys WAG54GS CSRF Change Admin Password",2012-02-21,"Ivano Binetti",hardware,webapps,0 18504,platforms/hardware/webapps/18504.txt,"Sagem F@ST 2604 - CSRF Vulnerability (ADSL Router)",2012-02-22,"KinG Of PiraTeS",hardware,webapps,0 @@ -16085,7 +16085,7 @@ id,file,description,date,author,platform,type,port 18554,platforms/php/webapps/18554.txt,"Timesheet Next Gen 1.5.2 - Multiple SQLi",2012-03-03,G13,php,webapps,0 18555,platforms/windows/remote/18555.txt,"FlashFXP 4.1.8.1701 - Buffer Overflow Vulnerability",2012-03-03,Vulnerability-Lab,windows,remote,0 18556,platforms/php/webapps/18556.txt,"Endian UTM Firewall 2.4.x & 2.5.0 - Multiple Web Vulnerabilities",2012-03-03,Vulnerability-Lab,php,webapps,0 -18557,platforms/windows/remote/18557.rb,"Sysax 5.53 SSH Username Buffer Overflow (msf)",2012-03-04,metasploit,windows,remote,0 +18557,platforms/windows/remote/18557.rb,"Sysax 5.53 SSH Username Buffer Overflow (Metasploit)",2012-03-04,metasploit,windows,remote,0 18558,platforms/php/webapps/18558.txt,"DZCP (deV!L_z Clanportal) Witze Addon 0.9 - SQL Injection Vulnerability",2012-03-04,"Easy Laster",php,webapps,0 18559,platforms/php/webapps/18559.txt,"AneCMS 2e2c583 - LFI Exploit",2012-03-04,"I2sec-Jong Hwan Park",php,webapps,0 18566,platforms/asp/webapps/18566.txt,"Iciniti Store - SQL Injection",2012-03-07,"Sense of Security",asp,webapps,0 @@ -16125,7 +16125,7 @@ id,file,description,date,author,platform,type,port 18608,platforms/php/webapps/18608.txt,"FlexCMS 3.2.1 - Persistent XSS for logged in users",2012-03-16,storm,php,webapps,0 18609,platforms/php/webapps/18609.txt,"FlexCMS 3.2.1 - Multiple CSRF Vulnerabilities",2012-03-16,"Ivano Binetti",php,webapps,0 18610,platforms/windows/remote/18610.pl,"Tiny Server 1.1.5 - Arbitrary File Disclosure Exploit",2012-03-16,KaHPeSeSe,windows,remote,0 -18611,platforms/windows/local/18611.rb,"RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (MSF)",2012-03-16,KaHPeSeSe,windows,local,0 +18611,platforms/windows/local/18611.rb,"RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (Metasploit)",2012-03-16,KaHPeSeSe,windows,local,0 18704,platforms/windows/remote/18704.txt,"Quest vWorkspace 7.5 Connection Broker Client ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite PoC",2012-04-05,rgod,windows,remote,0 18705,platforms/hardware/dos/18705.txt,"Sony Bravia Remote Denial of Service",2012-04-05,"Gabriel Menezes Nunes",hardware,dos,0 18613,platforms/php/webapps/18613.txt,"ASP Classifieds SQL Injection",2012-03-17,r45c4l,php,webapps,0 @@ -16191,7 +16191,7 @@ id,file,description,date,author,platform,type,port 18687,platforms/php/webapps/18687.txt,"Landshop 0.9.2 - Multiple Web Vulnerabilities",2012-03-31,Vulnerability-Lab,php,webapps,0 18688,platforms/hardware/dos/18688.txt,"EMC Data Protection Advisor 5.8.1 - Denial of Service",2012-03-31,"Luigi Auriemma",hardware,dos,0 18689,platforms/php/webapps/18689.txt,"Woltlab Burning Board 2.2 / 2.3 - [WN]KT KickTipp 3.1 - Remote SQL Injection",2012-03-31,"Easy Laster",php,webapps,0 -18690,platforms/php/webapps/18690.txt,"Buddypress plugin of Wordpress - Remote SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 +18690,platforms/php/webapps/18690.txt,"Buddypress plugin of WordPress - Remote SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 18691,platforms/windows/dos/18691.rb,"FoxPlayer 2.6.0 - Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0 18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - (.aiff) Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH&DEP&ASLR",2012-04-03,b33f,windows,local,0 @@ -16262,11 +16262,11 @@ id,file,description,date,author,platform,type,port 18783,platforms/linux/local/18783.txt,"mount.cifs chdir() Arbitrary Root File Identification",2012-04-25,Sha0,linux,local,0 18788,platforms/php/webapps/18788.txt,"php volunteer management 1.0.2 - Multiple Vulnerabilities",2012-04-26,G13,php,webapps,0 18785,platforms/linux/local/18785.txt,"Parallels PLESK 9.x - Insecure Permissions",2012-04-26,"Nicolas Krassas",linux,local,0 -18787,platforms/php/webapps/18787.txt,"Wordpress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 +18787,platforms/php/webapps/18787.txt,"WordPress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 18797,platforms/linux/webapps/18797.rb,"WebCalendar 1.2.4 Pre-Auth Remote Code Injection",2012-04-29,metasploit,linux,webapps,0 18798,platforms/php/webapps/18798.txt,"Soco CMS Local File Include Vulnerability",2012-04-29,"BHG Security Center",php,webapps,0 18799,platforms/windows/dos/18799.py,"Remote-Anything Player 5.60.15 - Denial of Service",2012-04-29,"Saint Patrick",windows,dos,0 -18791,platforms/php/webapps/18791.txt,"Wordpress 3.3.1 - Multiple CSRF Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0 +18791,platforms/php/webapps/18791.txt,"WordPress 3.3.1 - Multiple CSRF Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0 18792,platforms/windows/local/18792.rb,"CPE17 Autorun Killer <= 1.7.1 - Stack Buffer Overflow Exploit",2012-04-27,"Xenithz xpt",windows,local,0 18793,platforms/php/webapps/18793.txt,"Axous 1.1.0 - SQL Injection Vulnerabilitiy",2012-04-27,"H4ckCity Secuirty TeaM",php,webapps,0 18833,platforms/windows/remote/18833.rb,"Solarwinds Storage Manager 5.1.0 - SQL Injection",2012-05-04,metasploit,windows,remote,0 @@ -16277,7 +16277,7 @@ id,file,description,date,author,platform,type,port 18803,platforms/php/webapps/18803.txt,"Opial CMS 2.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18804,platforms/php/webapps/18804.txt,"DIY CMS 1.0 Poll - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18805,platforms/windows/remote/18805.txt,"McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX GetObject() Exploit",2012-04-30,rgod,windows,remote,0 -18806,platforms/php/webapps/18806.txt,"Wordpress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS",2012-05-01,"Mehmet Ince",php,webapps,0 +18806,platforms/php/webapps/18806.txt,"WordPress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS",2012-05-01,"Mehmet Ince",php,webapps,0 18814,platforms/php/webapps/18814.txt,"MyClientBase 0.12 - Multiple Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 SEH Overwrite",2012-05-01,blake,windows,local,0 18809,platforms/php/webapps/18809.txt,"GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 @@ -16406,44 +16406,44 @@ id,file,description,date,author,platform,type,port 18973,platforms/windows/remote/18973.rb,"GIMP script-fu Server Buffer Overflow",2012-06-02,metasploit,windows,remote,0 18974,platforms/php/webapps/18974.txt,"Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Stored XSS",2012-06-02,"Henry Hoggard",php,webapps,0 18986,platforms/windows/remote/18986.rb,"Sielco Sistemi Winlog <= 2.07.16 - Buffer Overflow",2012-06-05,m-1-k-3,windows,remote,0 -18987,platforms/php/webapps/18987.php,"Wordpress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18988,platforms/php/webapps/18988.php,"Wordpress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18989,platforms/php/webapps/18989.php,"Wordpress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 -18990,platforms/php/webapps/18990.php,"Wordpress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18991,platforms/php/webapps/18991.php,"Wordpress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18987,platforms/php/webapps/18987.php,"WordPress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18988,platforms/php/webapps/18988.php,"WordPress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18989,platforms/php/webapps/18989.php,"WordPress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 +18990,platforms/php/webapps/18990.php,"WordPress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18991,platforms/php/webapps/18991.php,"WordPress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 19027,platforms/windows/remote/19027.rb,"Samsung NET-i viewer Multiple ActiveX BackupToAvi() Remote Overflow",2012-06-08,metasploit,windows,remote,0 -18993,platforms/php/webapps/18993.php,"Wordpress Asset Manager Plugin 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18994,platforms/php/webapps/18994.php,"Wordpress Font Uploader Plugin 1.2.4 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18993,platforms/php/webapps/18993.php,"WordPress Asset Manager Plugin 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18994,platforms/php/webapps/18994.php,"WordPress Font Uploader Plugin 1.2.4 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 19026,platforms/windows/remote/19026.rb,"Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow",2012-06-08,metasploit,windows,remote,0 -18997,platforms/php/webapps/18997.php,"Wordpress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 -18998,platforms/php/webapps/18998.php,"Wordpress Gallery Plugin 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18997,platforms/php/webapps/18997.php,"WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18998,platforms/php/webapps/18998.php,"WordPress Gallery Plugin 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 18999,platforms/php/webapps/18999.php,"SN News <= 1.2 - (visualiza.php) SQL Injection",2012-06-06,WhiteCollarGroup,php,webapps,0 19000,platforms/windows/dos/19000.py,"Audio Editor Master 5.4.1.217 - Denial of Service Vulnerability",2012-06-06,Onying,windows,dos,0 -19012,platforms/php/webapps/19012.txt,"Wordpress Front File Manager Plugin 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0 -19013,platforms/php/webapps/19013.txt,"Wordpress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure Vulnerability",2012-06-08,"Sammy FORGIT",php,webapps,0 +19012,platforms/php/webapps/19012.txt,"WordPress Front File Manager Plugin 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0 +19013,platforms/php/webapps/19013.txt,"WordPress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure Vulnerability",2012-06-08,"Sammy FORGIT",php,webapps,0 19005,platforms/php/webapps/19005.txt,"SN News <= 1.2 - (/admin/loger.php) Admin Bypass SQL Injection",2012-06-07,"Yakir Wizman",php,webapps,0 19006,platforms/windows/local/19006.py,"Lattice Semiconductor PAC-Designer 6.21 - (.PAC) Exploit",2012-06-07,b33f,windows,local,0 19002,platforms/windows/remote/19002.rb,"Microsoft Windows OLE Object File Handling Remote Code Execution",2012-06-06,metasploit,windows,remote,0 19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Stored XSS",2012-06-06,"Henry Hoggard",php,webapps,0 19030,platforms/windows/remote/19030.rb,"Tom Sawyer Software GET Extension Factory Remote Code Execution",2012-06-10,metasploit,windows,remote,0 19007,platforms/php/webapps/19007.php,"PHPNet <= 1.8 (ler.php) SQL Injection",2012-06-07,WhiteCollarGroup,php,webapps,0 -19008,platforms/php/webapps/19008.php,"Wordpress Front End Upload 0.5.3 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 -19009,platforms/php/webapps/19009.php,"Wordpress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 -19016,platforms/php/webapps/19016.txt,"Wordpress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19008,platforms/php/webapps/19008.php,"WordPress Front End Upload 0.5.3 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 +19009,platforms/php/webapps/19009.php,"WordPress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 +19016,platforms/php/webapps/19016.txt,"WordPress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 19029,platforms/php/webapps/19029.py,"phpAcounts 0.5.3 - SQL Injection",2012-06-08,loneferret,php,webapps,0 -19018,platforms/php/webapps/19018.txt,"Wordpress Plugin: Newsletter 1.5 - Remote File Disclosure Vulnerability",2012-06-08,"Sammy FORGIT",php,webapps,0 -19019,platforms/php/webapps/19019.php,"Wordpress RBX Gallery Plugin 2.1 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 -19020,platforms/php/webapps/19020.txt,"Wordpress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19021,platforms/php/webapps/19021.txt,"Wordpress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19022,platforms/php/webapps/19022.txt,"Wordpress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19023,platforms/php/webapps/19023.php,"Wordpress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 +19018,platforms/php/webapps/19018.txt,"WordPress Plugin: Newsletter 1.5 - Remote File Disclosure Vulnerability",2012-06-08,"Sammy FORGIT",php,webapps,0 +19019,platforms/php/webapps/19019.php,"WordPress RBX Gallery Plugin 2.1 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 +19020,platforms/php/webapps/19020.txt,"WordPress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19021,platforms/php/webapps/19021.txt,"WordPress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19022,platforms/php/webapps/19022.txt,"WordPress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19023,platforms/php/webapps/19023.php,"WordPress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 19011,platforms/php/webapps/19011.txt,"Webspell FIRSTBORN Movie-Addon Blind SQL Injection Vulnerability",2012-06-08,"Easy Laster",php,webapps,0 19028,platforms/linux/remote/19028.txt,"Berkeley Sendmail 5.58 DEBUG Vulnerability",1988-08-01,anonymous,linux,remote,0 19031,platforms/php/webapps/19031.txt,"Webspell dailyinput Movie Addon 4.2.x SQL Injection Vulnerability",2012-06-10,"Easy Laster",php,webapps,0 19033,platforms/windows/remote/19033.txt,"Microsoft iis 6.0 and 7.5 - Multiple Vulnerabilities",2012-06-10,kingcope,windows,remote,0 19034,platforms/windows/dos/19034.cpp,"PEamp (.mp3) Memory Corruption PoC",2012-06-10,Ayrbyte,windows,dos,0 19035,platforms/php/webapps/19035.txt,"freepost 0.1 r1 - Multiple Vulnerabilities",2012-06-10,"ThE g0bL!N",php,webapps,0 -19036,platforms/php/webapps/19036.php,"Wordpress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0 +19036,platforms/php/webapps/19036.php,"WordPress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0 19037,platforms/windows/local/19037.rb,"Microsoft Office - ClickOnce Unsafe Object Package Handling Vulnerability (MS12-005)",2012-06-11,metasploit,windows,local,0 19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 - Arbitrary PHP File Upload Vulnerability",2012-06-10,metasploit,php,webapps,0 19039,platforms/bsd/remote/19039.txt,"BSD 4.2 fingerd Buffer Overflow Vulnerability",1988-10-01,anonymous,bsd,remote,0 @@ -16457,15 +16457,15 @@ id,file,description,date,author,platform,type,port 19047,platforms/aix/remote/19047.txt,"Stalker Internet Mail Server 1.6 - Buffer Overflow Vulnerability",2001-09-12,"David Luyer",aix,remote,0 19048,platforms/aix/remote/19048.txt,"IRIX <= 6.4 pfdisplay.cgi Vulnerability",1998-04-07,"J.A. Gutierrez",aix,remote,0 19049,platforms/aix/dos/19049.txt,"BSDI <= 4.0 tcpmux / inetd Crash Vulnerability",1998-04-07,"Mark Schaefer",aix,dos,0 -19050,platforms/php/webapps/19050.txt,"Wordpress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19050,platforms/php/webapps/19050.txt,"WordPress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 19051,platforms/php/webapps/19051.txt,"ClanSuite 2.9 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19052,platforms/php/webapps/19052.txt,"Wordpress User Meta 1.1.1 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19053,platforms/php/webapps/19053.txt,"Wordpress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19054,platforms/php/webapps/19054.txt,"Wordpress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19055,platforms/php/webapps/19055.txt,"Wordpress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19056,platforms/php/webapps/19056.txt,"Wordpress Mac Photo Gallery 2.7 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19057,platforms/php/webapps/19057.txt,"Wordpress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19058,platforms/php/webapps/19058.txt,"Wordpress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19052,platforms/php/webapps/19052.txt,"WordPress User Meta 1.1.1 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19053,platforms/php/webapps/19053.txt,"WordPress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19054,platforms/php/webapps/19054.txt,"WordPress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19055,platforms/php/webapps/19055.txt,"WordPress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19056,platforms/php/webapps/19056.txt,"WordPress Mac Photo Gallery 2.7 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19057,platforms/php/webapps/19057.txt,"WordPress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19058,platforms/php/webapps/19058.txt,"WordPress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 19059,platforms/php/webapps/19059.php,"Agora-Project 2.12.11 - Arbitrary File Upload Vulnerability",2012-06-11,Misa3l,php,webapps,0 19060,platforms/php/webapps/19060.php,"TheBlog <= 2.0 - Multiple Vulnerabilities",2012-06-11,WhiteCollarGroup,php,webapps,0 19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager NETLS_LICENSE_FILE Vulnerability",1996-04-05,"Arthur Hagen",irix,local,0 @@ -16578,7 +16578,7 @@ id,file,description,date,author,platform,type,port 19184,platforms/windows/dos/19184.pl,"Karafun Player 1.20.86 - (.m3u) Crash PoC",2012-06-16,Styxosaurus,windows,dos,0 19185,platforms/hardware/webapps/19185.txt,"Huawei HG866 - Authentication Bypass",2012-06-16,hkm,hardware,webapps,0 19186,platforms/windows/remote/19186.rb,"Microsoft XML Core Services MSXML Uninitialized Memory Corruption",2012-06-16,metasploit,windows,remote,0 -19187,platforms/php/webapps/19187.txt,"Wordpress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 +19187,platforms/php/webapps/19187.txt,"WordPress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 19188,platforms/php/webapps/19188.txt,"Nuked Klan SP CMS 4.5 - SQL Injection Vulnerability",2012-06-16,Vulnerability-Lab,php,webapps,0 19189,platforms/php/webapps/19189.txt,"iScripts EasyCreate CMS 2.0 - Multiple Vulnerabilities",2012-06-16,Vulnerability-Lab,php,webapps,0 19389,platforms/windows/dos/19389.txt,"Kingview Touchview 6.53 - Multiple Heap Overflow Vulnerabilities",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 @@ -16777,7 +16777,7 @@ id,file,description,date,author,platform,type,port 19380,platforms/multiple/dos/19380.txt,"Ipswitch IMail 5.0/6.0 Web Service Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 19393,platforms/windows/dos/19393.py,"Able2Doc and Able2Doc Professional 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19394,platforms/asp/webapps/19394.txt,"Parodia 6.8 employer-profile.asp SQL Injection",2012-06-25,"Carlos Mario Penagos Hollmann",asp,webapps,0 -19398,platforms/php/webapps/19398.txt,"Wordpress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 +19398,platforms/php/webapps/19398.txt,"WordPress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 19408,platforms/php/webapps/19408.txt,"Zend Framework Local File Disclosure",2012-06-27,"SEC Consult",php,webapps,0 19403,platforms/php/webapps/19403.rb,"SugarCRM <= 6.3.1 unserialize() PHP Code Execution",2012-06-26,metasploit,php,webapps,0 29039,platforms/windows/dos/29039.py,"Kerio MailServer 5.x/6.x - Remote LDAP Denial of Service Vulnerability",2006-11-15,"Evgeny Legerov",windows,dos,0 @@ -17208,8 +17208,8 @@ id,file,description,date,author,platform,type,port 19845,platforms/windows/remote/19845.pl,"Microsoft FrontPage 98 Server Extensions for IIS_Microsoft InterDev 1.0 Filename Obfuscation",2000-04-14,"rain forest puppy",windows,remote,0 19846,platforms/windows/remote/19846.pl,"Microsoft FrontPage 98 Server Extensions for IIS_Microsoft InterDev 1.0 - Buffer Overflow Vulnerability",2000-04-14,"Richie & Beto",windows,remote,0 19847,platforms/unix/remote/19847.c,"UoW imapd 10.234/12.264 - Buffer Overflow Vulnerabilities",2002-08-01,"Gabriel A. Maggiotti",unix,remote,0 -19848,platforms/unix/remote/19848.pm,"UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta)",2000-04-16,vlad902,unix,remote,0 -19849,platforms/unix/remote/19849.pm,"UoW imapd 10.234/12.264 COPY Buffer Overflow (meta)",2000-04-16,vlad902,unix,remote,0 +19848,platforms/unix/remote/19848.pm,"UoW imapd 10.234/12.264 LSUB Buffer Overflow (Metasploit)",2000-04-16,vlad902,unix,remote,0 +19849,platforms/unix/remote/19849.pm,"UoW imapd 10.234/12.264 COPY Buffer Overflow (Metasploit)",2000-04-16,vlad902,unix,remote,0 19850,platforms/linux/dos/19850.c,"RedHat Linux 6.x - X Font Server DoS and Buffer Overflow Vulnerabilities",2000-04-16,"Michal Zalewski",linux,dos,0 19851,platforms/qnx/local/19851.c,"QSSL QNX 4.25 A crypt() Vulnerability",2000-04-15,Sean,qnx,local,0 19852,platforms/cgi/remote/19852.txt,"dansie shopping cart 3.0.4 - Multiple Vulnerabilities",2000-04-14,"tombow & Randy Janinda",cgi,remote,0 @@ -17222,7 +17222,7 @@ id,file,description,date,author,platform,type,port 19904,platforms/unix/local/19904.txt,"Intel Corporation NetStructure 7110 Undocumented Password Vulnerability",2000-05-08,"Stake Inc",unix,local,0 19859,platforms/hardware/webapps/19859.txt,"Vivotek Cameras Sensitive Information Disclosure",2012-07-16,GothicX,hardware,webapps,0 19960,platforms/windows/dos/19960.txt,"Oracle Outside-In FPX File Parsing Heap Overflow",2012-07-20,"Francis Provencher",windows,dos,0 -19862,platforms/php/webapps/19862.pl,"Wordpress Diary/Notebook Site5 Theme Email Spoofing",2012-07-16,bwall,php,webapps,0 +19862,platforms/php/webapps/19862.pl,"WordPress Diary/Notebook Site5 Theme Email Spoofing",2012-07-16,bwall,php,webapps,0 19863,platforms/php/webapps/19863.txt,"CakePHP 2.x-2.2.0-RC2 XXE Injection",2012-07-16,"Pawel Wylecial",php,webapps,0 19864,platforms/php/webapps/19864.txt,"VamCart 0.9 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 19865,platforms/php/webapps/19865.txt,"PBBoard 2.1.4 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 @@ -17604,7 +17604,7 @@ id,file,description,date,author,platform,type,port 20298,platforms/windows/remote/20298.c,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal Vulnerability (1)",2000-10-17,"Gabriel Maggiotti",windows,remote,0 20268,platforms/php/webapps/20268.txt,"Tickets CAD 2.20G Multiple Vulnerabilities",2012-08-05,chap0,php,webapps,0 20269,platforms/windows/remote/20269.txt,"Microsoft IIS 5.0 Indexed Directory Disclosure Vulnerability",2000-10-04,"David Litchfield",windows,remote,0 -20270,platforms/php/webapps/20270.txt,"Wordpress Plugin Effective Lead Management 3.0.0 - Persistent XSS",2012-08-05,"Chris Kellum",php,webapps,0 +20270,platforms/php/webapps/20270.txt,"WordPress Plugin Effective Lead Management 3.0.0 - Persistent XSS",2012-08-05,"Chris Kellum",php,webapps,0 20271,platforms/openbsd/dos/20271.c,"OpenBSD 2.x Pending ARP Request Remote DoS Vulnerability",2000-10-05,skyper,openbsd,dos,0 20272,platforms/windows/dos/20272.pl,"Apache 1.2.5/1.3.1 & UnityMail 2.0 - MIME Header DoS Vulnerability",1998-08-02,L.Facq,windows,dos,0 20273,platforms/cgi/remote/20273.txt,"Moreover CGI script - File Disclosure Vulnerability",2000-10-02,CDI,cgi,remote,0 @@ -17695,7 +17695,7 @@ id,file,description,date,author,platform,type,port 20362,platforms/windows/webapps/20362.py,"smartermail free 9.2 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20363,platforms/windows/webapps/20363.py,"surgemail 6.0a4 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20364,platforms/php/webapps/20364.py,"t-dah webmail client 3.2.0-2.3 - Stored XSS",2012-08-08,loneferret,php,webapps,0 -20365,platforms/php/webapps/20365.py,"Wordpress Plugin ThreeWP Email Reflector 1.13 - Stored XSS",2012-08-08,loneferret,php,webapps,0 +20365,platforms/php/webapps/20365.py,"WordPress Plugin ThreeWP Email Reflector 1.13 - Stored XSS",2012-08-08,loneferret,php,webapps,0 20366,platforms/windows/webapps/20366.py,"winwebmail server 3.8.1.6 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20367,platforms/windows/webapps/20367.py,"xeams email server 4.4 build 5720 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20368,platforms/windows/webapps/20368.py,"IBM Proventia Network Mail Security System 2.5 - POST File Read",2012-08-08,muts,windows,webapps,0 @@ -17863,7 +17863,7 @@ id,file,description,date,author,platform,type,port 20537,platforms/multiple/remote/20537.txt,"Borland/Inprise Interbase 4.0/5.0/6.0 Backdoor Password Vulnerability",2001-01-10,"Frank Schlottmann-Goedde",multiple,remote,0 20538,platforms/php/webapps/20538.txt,"Basilix Webmail 0.9.7 Incorrect File Permissions Vulnerability",2001-01-11,"Tamer Sahin",php,webapps,0 20539,platforms/php/webapps/20539.txt,"MobileCartly 1.0 - Remote File Upload Vulnerability",2012-08-15,ICheer_No0M,php,webapps,0 -20706,platforms/linux/webapps/20706.rb,"Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change (MSF)",2012-08-21,Kc57,linux,webapps,0 +20706,platforms/linux/webapps/20706.rb,"Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change (Metasploit)",2012-08-21,Kc57,linux,webapps,0 20541,platforms/php/webapps/20541.txt,"MaxForum 1.0.0 - Local File Inclusion",2012-08-15,ahwak2000,php,webapps,0 20705,platforms/multiple/dos/20705.py,"sap netweaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities",2012-08-21,"Core Security",multiple,dos,0 20704,platforms/php/webapps/20704.txt,"Clipbucket 2.5 - Directory Traversal",2012-08-21,loneferret,php,webapps,0 @@ -17969,7 +17969,7 @@ id,file,description,date,author,platform,type,port 20646,platforms/unix/remote/20646.c,"LICQ 0.85/1.0.1/1.0.2 - Remote Buffer Overflow Vulnerability",2000-12-26,"Stan Bubrouski",unix,remote,0 20647,platforms/windows/remote/20647.c,"Atrium Software Mercur Mail Server 3.3 EXPN Buffer Overflow Vulnerability",2001-02-23,"Martin Rakhmanoff",windows,remote,0 20648,platforms/solaris/remote/20648.c,"Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability",2001-03-15,"Last Stage of Delirium",solaris,remote,0 -20649,platforms/solaris/remote/20649.pm,"Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability (msf)",2001-03-15,vlad902,solaris,remote,0 +20649,platforms/solaris/remote/20649.pm,"Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability (Metasploit)",2001-03-15,vlad902,solaris,remote,0 20650,platforms/windows/dos/20650.txt,"Sapio WebReflex 1.55 GET Denial of Service Vulnerability",2001-02-27,slipy,windows,dos,0 20651,platforms/windows/local/20651.txt,"datawizards ftpxq 2.0.93 - Directory Traversal Vulnerability",2001-02-28,joetesta,windows,local,0 20652,platforms/hardware/remote/20652.txt,"Cisco IOS 11.x/12.0 ILMI SNMP Community String Vulnerability",2001-02-27,pask,hardware,remote,0 @@ -18166,7 +18166,7 @@ id,file,description,date,author,platform,type,port 20857,platforms/php/webapps/20857.txt,"web@all CMS 2.0 - Multiple Vulnerabilities",2012-08-27,LiquidWorm,php,webapps,0 20859,platforms/php/webapps/20859.txt,"vlinks 2.0.3 (site.php id parameter) SQL Injection",2012-08-27,JIKO,php,webapps,0 20861,platforms/win64/local/20861.txt,"Microsoft Windows Kernel Intel x64 SYSRET PoC",2012-08-27,"Shahriyar Jalayeri",win64,local,0 -20862,platforms/php/webapps/20862.txt,"Wordpress Count per Day Plugin 3.2.3 - XSS Vulnerability",2012-08-27,Crim3R,php,webapps,0 +20862,platforms/php/webapps/20862.txt,"WordPress Count per Day Plugin 3.2.3 - XSS Vulnerability",2012-08-27,Crim3R,php,webapps,0 20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability",2012-08-27,LiquidWorm,php,webapps,0 20864,platforms/asp/webapps/20864.txt,"Elcom CMS 7.4.10 Community Manager Insecure File Upload",2012-08-27,"Sense of Security",asp,webapps,0 20865,platforms/java/remote/20865.rb,"Java 7 Applet Remote Code Execution",2012-08-27,metasploit,java,remote,0 @@ -18221,7 +18221,7 @@ id,file,description,date,author,platform,type,port 20915,platforms/windows/local/20915.py,"ActFax 4.31 - Local Privilege Escalation Exploit",2012-08-29,"Craig Freyman",windows,local,0 20916,platforms/cgi/remote/20916.pl,"cgiCentral WebStore 400 - Arbitrary Command Execution Vulnerability",2001-05-06,"Igor Dobrovitski",cgi,remote,0 20917,platforms/windows/dos/20917.txt,"Winlog Lite SCADA HMI system SEH 0verwrite Vulnerability",2012-08-29,Ciph3r,windows,dos,0 -20918,platforms/php/webapps/20918.txt,"Wordpress HD Webplayer 1.1 - SQL Injection Vulnerability",2012-08-29,JoinSe7en,php,webapps,0 +20918,platforms/php/webapps/20918.txt,"WordPress HD Webplayer 1.1 - SQL Injection Vulnerability",2012-08-29,JoinSe7en,php,webapps,0 20955,platforms/windows/dos/20955.pl,"Internet Download Manager - Memory Corruption Vulnerability",2012-08-31,Dark-Puzzle,windows,dos,0 20922,platforms/osx/dos/20922.txt,"Rumpus FTP Server 1.3.x/2.0.3 - Stack Overflow DoS Vulnerability",2001-06-12,"Jass Seljamaa",osx,dos,0 20923,platforms/unix/local/20923.c,"LPRng 3.6.x Failure To Drop Supplementary Groups Vulnerability",2001-06-07,zen-parse,unix,local,0 @@ -18990,7 +18990,7 @@ id,file,description,date,author,platform,type,port 21711,platforms/windows/remote/21711.html,"Microsoft Outlook Express 5/6 MHTML URL Handler File Rendering Vulnerability",2002-08-15,http-equiv,windows,remote,0 21712,platforms/windows/dos/21712.txt,"Google Toolbar 1.1.60 - Search Function Denial of Service Vulnerability",2002-08-15,onet,windows,dos,0 21713,platforms/windows/local/21713.py,"Exploit: NCMedia Sound Editor Pro 7.5.1 - SEH & DEP",2012-10-03,b33f,windows,local,0 -21715,platforms/php/webapps/21715.txt,"Wordpress Plugin spider calendar - Multiple Vulnerabilities",2012-10-03,D4NB4R,php,webapps,0 +21715,platforms/php/webapps/21715.txt,"WordPress Plugin spider calendar - Multiple Vulnerabilities",2012-10-03,D4NB4R,php,webapps,0 21716,platforms/php/webapps/21716.txt,"Omnistar Mailer 7.2 - Multiple Vulnerabilities",2012-10-03,Vulnerability-Lab,php,webapps,0 21717,platforms/windows/remote/21717.txt,"Microsoft Windows XP HCP URI Handler Abuse Vulnerability",2002-08-15,"Shane Hird",windows,remote,0 21718,platforms/windows/remote/21718.txt,"Microsoft SQL 2000/7.0 - Agent Jobs Privilege Elevation Vulnerability",2002-08-15,"David Litchfield",windows,remote,0 @@ -19334,7 +19334,7 @@ id,file,description,date,author,platform,type,port 22068,platforms/unix/dos/22068.pl,"Apache 1.3.x & Tomcat 4.0.x/4.1.x Mod_JK - Chunked Encoding Denial of Service Vulnerability",2002-12-04,Sapient2003,unix,dos,0 22069,platforms/multiple/local/22069.py,"Oracle Database Authentication Protocol Security Bypass",2012-10-18,"Esteban Martinez Fayo",multiple,local,0 22070,platforms/windows/webapps/22070.py,"otrs 3.1 - Stored XSS Vulnerability",2012-10-18,"Mike Eduard",windows,webapps,0 -22071,platforms/php/webapps/22071.txt,"FireStorm Professional Real Estate Wordpress Plugin 2.06.01 - SQL Injection Vulnerability",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0 +22071,platforms/php/webapps/22071.txt,"FireStorm Professional Real Estate WordPress Plugin 2.06.01 - SQL Injection Vulnerability",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0 22074,platforms/osx/dos/22074.txt,"Apple Mac OS X 10.2.2 - Directory Kernel Panic Denial of Service",2002-11-07,shibby,osx,dos,0 22075,platforms/php/webapps/22075.txt,"Ultimate PHP Board 1.0 final beta ViewTopic.PHP Directory Contents Browsing",2002-11-08,euronymous,php,webapps,0 22076,platforms/php/webapps/22076.txt,"Ultimate PHP Board Board 1.0 final beta ViewTopic.PHP Cross-Site Scripting Vulnerability",2002-11-08,euronymous,php,webapps,0 @@ -19355,7 +19355,7 @@ id,file,description,date,author,platform,type,port 22091,platforms/linux/remote/22091.c,"zkfingerd SysLog 0.9.1 Format String Vulnerability",2002-12-16,"Marceta Milos",linux,remote,0 22092,platforms/multiple/webapps/22092.py,"ManageEngine Security Manager Plus <= 5.5 build 5505 Path Traversal",2012-10-19,xistence,multiple,webapps,0 22093,platforms/multiple/remote/22093.py,"ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM/root SQLi",2012-10-19,xistence,multiple,remote,0 -22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (MSF)",2012-10-19,xistence,windows,remote,0 +22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (Metasploit)",2012-10-19,xistence,windows,remote,0 22097,platforms/php/webapps/22097.txt,"Joomla Freestyle Support 1.9.1.1447 (com_fss) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22098,platforms/php/webapps/22098.txt,"Joomla Tags (index.php tag parameter) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22099,platforms/php/webapps/22099.txt,"CMSQLITE 1.3.2 - Multiple Vulnerabiltiies",2012-10-19,Vulnerability-Lab,php,webapps,0 @@ -19555,7 +19555,7 @@ id,file,description,date,author,platform,type,port 22296,platforms/multiple/remote/22296.txt,"Axis Communications HTTP Server 2.x Messages Information Disclosure Vulnerability",2003-02-28,"Martin Eiszner",multiple,remote,0 22297,platforms/php/webapps/22297.pl,"Typo3 3.5 b5 Showpic.PHP File Enumeration Vulnerability",2003-02-28,"Martin Eiszner",php,webapps,0 22298,platforms/php/webapps/22298.txt,"Typo3 3.5 b5 Translations.PHP Remote File Include Vulnerability",2003-02-28,"Martin Eiszner",php,webapps,0 -22300,platforms/php/webapps/22300.txt,"Wordpress Easy Webinar Plugin - Blind SQL Injection Vulnerability",2012-10-28,"Robert Cooper",php,webapps,0 +22300,platforms/php/webapps/22300.txt,"WordPress Easy Webinar Plugin - Blind SQL Injection Vulnerability",2012-10-28,"Robert Cooper",php,webapps,0 22301,platforms/windows/remote/22301.html,"Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath BOF",2012-10-28,b33f,windows,remote,0 22302,platforms/windows/dos/22302.rb,"hMailServer 5.3.3 IMAP Remote Crash PoC",2012-10-28,"John Smith",windows,dos,0 22303,platforms/windows/dos/22303.pl,"Microsoft Windows Help program (WinHlp32.exe) Crash PoC",2012-10-28,coolkaveh,windows,dos,0 @@ -19648,7 +19648,7 @@ id,file,description,date,author,platform,type,port 22393,platforms/php/webapps/22393.txt,"OSCommerce 2.1/2.2 Checkout_Payment.PHP Error Output Cross-Site Scripting Vulnerability",2003-03-20,"iProyectos group",php,webapps,0 22394,platforms/hardware/remote/22394.txt,"Check Point FW-1 Syslog Daemon Unfiltered Escape Sequence Vulnerability",2003-03-21,"Dr. Peter Bieringer",hardware,remote,0 22395,platforms/windows/dos/22395.txt,"eDonkey Clients 0.44/0.45 - Multiple Chat Dialog Resource Consumption Vulnerability",2003-03-21,"Auriemma Luigi",windows,dos,0 -22396,platforms/php/webapps/22396.txt,"Wordpress bbpress Plugin - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 +22396,platforms/php/webapps/22396.txt,"WordPress bbpress Plugin - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 22397,platforms/windows/dos/22397.txt,"SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference",2012-11-01,"Lucas Apa",windows,dos,0 22398,platforms/php/webapps/22398.php,"Invision Power Board <= 3.3.4 - _unserialize()_ PHP Code Execution",2012-11-01,EgiX,php,webapps,0 22399,platforms/php/webapps/22399.txt,"Endpoint Protector 4.0.4.2 - Multiple Persistent XSS",2012-11-01,"CYBSEC Labs",php,webapps,0 @@ -19677,7 +19677,7 @@ id,file,description,date,author,platform,type,port 22424,platforms/php/webapps/22424.txt,"PHP-Nuke 6.0/6.5 Forum Module - Viewforum.PHP SQL Injection Vulnerability",2003-03-25,frog,php,webapps,0 22425,platforms/php/dos/22425.php,"PHP 4.x socket_recv() Signed Integer Memory Corruption Vulnerability",2003-03-26,"Sir Mordred",php,dos,0 22426,platforms/php/dos/22426.php,"PHP 4.x socket_recvfrom() Signed Integer Memory Corruption Vulnerability",2003-03-26,"Sir Mordred",php,dos,0 -22427,platforms/php/webapps/22427.txt,"Wordpress All Video Gallery 1.1 - SQL Injection Vulnerability",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 +22427,platforms/php/webapps/22427.txt,"WordPress All Video Gallery 1.1 - SQL Injection Vulnerability",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 22521,platforms/php/webapps/22521.c,"XMB Forum 1.8 Member.PHP SQL Injection Vulnerability",2003-04-22,zeez@bbugs.org,php,webapps,0 22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics - SQL Injection Vulnerability",2012-11-02,Juno_okyo,php,webapps,0 22430,platforms/php/webapps/22430.txt,"PrestaShop <= 1.5.1 Persistent XSS",2012-11-02,"David Sopas",php,webapps,0 @@ -19713,7 +19713,7 @@ id,file,description,date,author,platform,type,port 22460,platforms/windows/dos/22460.txt,"Abyss Web Server 1.1.2 Incomplete HTTP Request Denial of Service Vulnerability",2003-04-05,"Auriemma Luigi",windows,dos,0 22461,platforms/php/webapps/22461.txt,"Invision Board 1.1.1 functions.php SQL Injection Vulnerability",2003-04-05,"Gossi The Dog",php,webapps,0 22462,platforms/multiple/remote/22462.txt,"Interbase 6.x External Table File Verification Vulnerability",2003-04-05,"Kotala Zdenek",multiple,remote,0 -22463,platforms/php/webapps/22463.txt,"Wordpress Spider Catalog 1.1 - HTML Code Injection and Cross-Site scripting",2012-11-04,D4NB4R,php,webapps,0 +22463,platforms/php/webapps/22463.txt,"WordPress Spider Catalog 1.1 - HTML Code Injection and Cross-Site scripting",2012-11-04,D4NB4R,php,webapps,0 22464,platforms/windows/dos/22464.txt,"Adobe Reader 11.0.0 - Stack Overflow Crash PoC",2012-11-04,coolkaveh,windows,dos,0 22465,platforms/windows/local/22465.txt,"Sysax FTP Automation Server 5.33 - Local Privilege Escalation",2012-11-04,"Craig Freyman",windows,local,0 22466,platforms/windows/remote/22466.py,"BigAnt Server 2.52 SP5 - SEH Stack Overflow ROP-based Exploit (ASLR + DEP bypass)",2012-11-04,"Lorenzo Cantoni",windows,remote,0 @@ -20094,7 +20094,7 @@ id,file,description,date,author,platform,type,port 22850,platforms/windows/dos/22850.txt,"Microsoft Office OneNote 2010 Crash PoC",2012-11-20,coolkaveh,windows,dos,0 22851,platforms/windows/local/22851.py,"FormatFactory 3.0.1 - Profile File Handling Buffer Overflow",2012-11-20,"Julien Ahrens",windows,local,0 22852,platforms/multiple/webapps/22852.txt,"SonicWALL CDP 5040 6.x - Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,multiple,webapps,0 -22853,platforms/php/webapps/22853.txt,"Wordpress Facebook Survey 1.0 - SQL Injection Vulnerability",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 +22853,platforms/php/webapps/22853.txt,"WordPress Facebook Survey 1.0 - SQL Injection Vulnerability",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 22854,platforms/windows/remote/22854.txt,"LAN.FS Messenger 2.4 - Command Execution Vulnerability",2012-11-20,Vulnerability-Lab,windows,remote,0 22855,platforms/windows/dos/22855.txt,"Apple QuickTime 7.7.2 Targa image Buffer Overflow",2012-11-20,"Senator of Pirates",windows,dos,0 22856,platforms/linux/remote/22856.rb,"Narcissus Image Configuration Passthru Vulnerability",2012-11-21,metasploit,linux,remote,0 @@ -20441,7 +20441,7 @@ id,file,description,date,author,platform,type,port 23210,platforms/windows/local/23210.c,"Microsoft Windows XP/2000 PostThreadMessage() Arbitrary Process Killing Vulnerability",2003-10-02,"Brett Moore",windows,local,0 23211,platforms/windows/remote/23211.cpp,"EarthStation 5 - Search Service Remote File Deletion Vulnerabililty",2003-10-03,"random nut",windows,remote,0 23212,platforms/hardware/remote/23212.txt,"Cisco LEAP Password Disclosure Weakness",2003-10-03,"Cisco Security",hardware,remote,0 -23213,platforms/php/webapps/23213.txt,"Wordpress 0.6/0.7 Blog.Header.PHP - SQL Injection Vulnerabilities",2003-10-03,"Seth Woolley",php,webapps,0 +23213,platforms/php/webapps/23213.txt,"WordPress 0.6/0.7 Blog.Header.PHP - SQL Injection Vulnerabilities",2003-10-03,"Seth Woolley",php,webapps,0 23214,platforms/cgi/webapps/23214.txt,"Sun Cobalt RaQ 1.1/2.0/3.0/4.0 Message.CGI Cross-Site Scripting Vulnerability",2003-10-03,"Lorenzo Hernandez Garcia-Hierro",cgi,webapps,0 23215,platforms/windows/dos/23215.html,"Microsoft Internet Explorer 6 Absolute Position Block Denial of Service Vulnerability",2003-10-03,"Nick Johnson",windows,dos,0 23216,platforms/windows/dos/23216.txt,"Microsoft Word 97/98/2002 Malformed Document Denial of Service Vulnerability",2003-10-03,"Bahaa Naamneh",windows,dos,0 @@ -20583,7 +20583,7 @@ id,file,description,date,author,platform,type,port 23353,platforms/php/webapps/23353.txt,"MyYoutube MyBB Plugin 1.0 - SQL Injection",2012-12-13,Zixem,php,webapps,0 23354,platforms/php/webapps/23354.txt,"MyBB AJAX Chat - Persistent XSS Vulnerability",2012-12-13,"Mr. P-teo",php,webapps,0 23355,platforms/php/webapps/23355.txt,"Facebook Profile MyBB Plugin 2.4 - Persistant XSS",2012-12-13,limb0,php,webapps,0 -23356,platforms/php/webapps/23356.txt,"Portable phpMyAdmin Wordpress Plugin - Authentication Bypass",2012-12-13,"Mark Stanislav",php,webapps,0 +23356,platforms/php/webapps/23356.txt,"Portable phpMyAdmin WordPress Plugin - Authentication Bypass",2012-12-13,"Mark Stanislav",php,webapps,0 23384,platforms/php/webapps/23384.txt,"Koch Roland Rolis Guestbook 1.0 $path Remote File Include Vulnerability",2003-11-17,"RusH security team",php,webapps,0 23385,platforms/multiple/remote/23385.txt,"PostMaster 3.16/3.17 Proxy Service Cross-Site Scripting Vulnerability",2003-11-17,"Ziv Kamir",multiple,remote,0 23382,platforms/php/webapps/23382.txt,"Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting",2012-12-14,s3m00t,php,webapps,0 @@ -20856,7 +20856,7 @@ id,file,description,date,author,platform,type,port 23635,platforms/asp/webapps/23635.txt,"Niti Telecom Caravan Business Server 2.00-03D Remote Directory Traversal Vulnerability",2004-02-02,dr_insane,asp,webapps,0 23636,platforms/php/webapps/23636.txt,"Qualiteam X-Cart 3.x general.php perl_binary Parameter Arbitrary Command Execution",2004-02-03,Philip,php,webapps,0 23637,platforms/php/webapps/23637.txt,"Qualiteam X-Cart 3.x upgrade.php perl_binary Parameter Arbitrary Command Execution",2004-02-03,Philip,php,webapps,0 -23638,platforms/hardware/dos/23638.pl,"Cisco IOS 12 MSFC2 Malformed Layer 2 Frame Denial of Service Vulnerability",2004-02-03,blackangels,hardware,dos,0 +23638,platforms/hardware/dos/23638.pl,"Cisco IOS 12 MSFC2 - Malformed Layer 2 Frame Denial of Service Vulnerability",2004-02-03,blackangels,hardware,dos,0 23639,platforms/php/webapps/23639.txt,"Qualiteam X-Cart 3.x - Multiple Remote Information Disclosure Vulnerabilities",2004-02-03,Philip,php,webapps,0 23640,platforms/php/webapps/23640.txt,"phpMyAdmin 2.x Export.PHP File Disclosure Vulnerability",2004-02-03,"Cedric Cochin",php,webapps,0 23641,platforms/multiple/dos/23641.txt,"Cauldron Chaser 1.4/1.5 - Remote Denial of Service Vulnerability (1)",2004-02-03,"Luigi Auriemma",multiple,dos,0 @@ -20991,7 +20991,7 @@ id,file,description,date,author,platform,type,port 23780,platforms/windows/dos/23780.py,"Aktiv Player 2.80 Crash PoC",2012-12-31,IndonesiaGokilTeam,windows,dos,0 23781,platforms/php/webapps/23781.txt,"MyBB (editpost.php posthash) - SQL Injection Vulnerability",2012-12-31,"Joshua Rogers",php,webapps,0 23782,platforms/php/webapps/23782.txt,"Joomla Spider Calendar (index.php date param) Blind SQL Injection Vulnerability",2012-12-31,Red-D3v1L,php,webapps,0 -23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (MSF)",2012-12-31,"Craig Freyman",windows,local,0 +23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (Metasploit)",2012-12-31,"Craig Freyman",windows,local,0 24047,platforms/php/webapps/24047.txt,"Protector System 1.15 b1 index.php SQL Injection",2004-04-23,waraxe,php,webapps,0 24048,platforms/php/webapps/24048.txt,"Protector System 1.15 blocker_query.php Multiple Parameter XSS",2004-04-23,waraxe,php,webapps,0 24046,platforms/php/webapps/24046.txt,"Fusionphp Fusion News 3.6.1 - Cross-Site Scripting Vulnerability",2004-04-23,DarkBicho,php,webapps,0 @@ -21398,7 +21398,7 @@ id,file,description,date,author,platform,type,port 24204,platforms/multiple/webapps/24204.pl,"SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Root/SYSTEM Exploit",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0 24205,platforms/linux/remote/24205.txt,"Novell NCP Pre-Auth Remote Root Exploit",2013-01-18,"Gary Nilson",linux,remote,0 24230,platforms/hardware/remote/24230.txt,"BT Voyager 2000 Wireless ADSL Router SNMP Community String Information Disclosure Vulnerability",2004-06-22,"Konstantin V. Gavrilenko",hardware,remote,0 -24206,platforms/multiple/remote/24206.rb,"Jenkins CI Script Console Command Execution MSF Module",2013-01-18,"Spencer McIntyre",multiple,remote,0 +24206,platforms/multiple/remote/24206.rb,"Jenkins CI Script Console - Command Execution (Metasploit)",2013-01-18,"Spencer McIntyre",multiple,remote,0 24207,platforms/windows/local/24207.c,"NVidia Display Driver Service (Nsvr) Exploit",2013-01-18,"Jon Bailey",windows,local,0 24208,platforms/windows/dos/24208.c,"FreeIPS 1.0 Protected Service Denial of Service Vulnerability",2004-06-14,shawnwebb@softhome.net,windows,dos,0 24209,platforms/windows/dos/24209.txt,"Sygate Personal Firewall Pro 5.5 - Local Denial of Service Vulnerability",2004-06-14,"Tan Chew Keong",windows,dos,0 @@ -21421,7 +21421,7 @@ id,file,description,date,author,platform,type,port 24226,platforms/hardware/remote/24226.txt,"D-Link AirPlus DI-614+_ DI-624_ DI-704 DHCP Log HTML Injection Vulnerability",2004-06-21,c3rb3r,hardware,remote,0 24227,platforms/php/webapps/24227.txt,"SqWebMail 4.0.4.20040524 - Email Header HTML Injection Vulnerability",2004-06-21,"Luca Legato",php,webapps,0 24228,platforms/php/webapps/24228.txt,"Joomla com_collector Component Arbitrary File Upload Vulnerability",2013-01-19,"Red Dragon_al",php,webapps,0 -24229,platforms/php/webapps/24229.txt,"Wordpress plugin Ripe HD FLV Player - SQL Injection Vulnerability",2013-01-19,Zikou-16,php,webapps,0 +24229,platforms/php/webapps/24229.txt,"WordPress plugin Ripe HD FLV Player - SQL Injection Vulnerability",2013-01-19,Zikou-16,php,webapps,0 24231,platforms/php/webapps/24231.txt,"ArbitroWeb PHP Proxy 0.5/0.6 - Cross-Site Scripting Vulnerability",2004-06-22,"Josh Gilmour",php,webapps,0 24232,platforms/php/webapps/24232.txt,"PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - Multiple Vulnerabilities",2004-06-23,"Janek Vind",php,webapps,0 24233,platforms/freebsd/dos/24233.c,"FreeBSD 4.10/5.x - execve() Unaligned Memory Access Denial of Service Vulnerability",2004-06-23,"Marceta Milos",freebsd,dos,0 @@ -21485,7 +21485,7 @@ id,file,description,date,author,platform,type,port 24291,platforms/php/webapps/24291.txt,"Outblaze Webmail - HTML Injection Vulnerability",2004-07-19,DarkBicho,php,webapps,0 24292,platforms/php/webapps/24292.txt,"Adam Ismay Print Topic Mod 1.0 - SQL Injection Vulnerability",2004-07-19,"Bartek Nowotarski",php,webapps,0 24293,platforms/sco/local/24293.c,"SCO Multi-channel Memorandum Distribution Facility Multiple Vulnerabilities",2004-07-20,"Ramon Valle",sco,local,0 -24294,platforms/php/webapps/24294.txt,"Wordpress Developer Formatter - CSRF Vulnerability",2013-01-22,"Junaid Hussain",php,webapps,0 +24294,platforms/php/webapps/24294.txt,"WordPress Developer Formatter - CSRF Vulnerability",2013-01-22,"Junaid Hussain",php,webapps,0 24295,platforms/php/webapps/24295.txt,"Adult Webmaster Script Password Disclosure Vulnerability",2013-01-22,"Dshellnoi Unix",php,webapps,0 24356,platforms/php/webapps/24356.txt,"Moodle 1.x - 'post.php' Cross-Site Scripting Vulnerability",2004-08-16,"Javier Ubilla",php,webapps,0 24296,platforms/php/webapps/24296.txt,"Nucleus CMS 3.0_Blog:CMS 3_PunBB 1.x Common.PHP Remote File Include Vulnerability",2004-07-20,"Radek Hulan",php,webapps,0 @@ -21717,7 +21717,7 @@ id,file,description,date,author,platform,type,port 24549,platforms/php/remote/24549.rb,"PolarPearCMS PHP File Upload Vulnerability",2013-02-26,metasploit,php,remote,0 24550,platforms/hardware/webapps/24550.txt,"WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities",2013-02-26,Vulnerability-Lab,hardware,webapps,0 24551,platforms/php/webapps/24551.txt,"Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability",2013-02-27,EgiX,php,webapps,0 -24552,platforms/php/webapps/24552.txt,"Wordpress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 +24552,platforms/php/webapps/24552.txt,"WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 24555,platforms/linux/local/24555.c,"Archlinux x86-64 3.3.x - 3.7.x x86-64 - sock_diag_handlers[] Local Root",2013-02-27,sd,linux,local,0 24556,platforms/windows/dos/24556.py,"Hanso Player 2.1.0 - (.m3u) Buffer Overflow Vulnerability",2013-03-01,metacom,windows,dos,0 24557,platforms/windows/remote/24557.py,"Sami FTP Server 2.0.1 LIST Command Buffer Overflow",2013-03-01,superkojiman,windows,remote,0 @@ -21827,7 +21827,7 @@ id,file,description,date,author,platform,type,port 24664,platforms/php/webapps/24664.txt,"DCP-Portal 3.7/4.x/5.x - Multiple HTML Injection Vulnerabilities",2004-10-06,"Alexander Antipov",php,webapps,0 24665,platforms/php/webapps/24665.txt,"DCP-Portal 3.7/4.x/5.x Calendar.PHP HTTP Response Splitting Vulnerability",2004-10-06,"Alexander Antipov",php,webapps,0 24666,platforms/asp/webapps/24666.txt,"Microsoft ASP.NET 1.x URI Canonicalization Unauthorized Web Access Vulnerability",2004-10-06,anonymous,asp,webapps,0 -24667,platforms/php/webapps/24667.txt,"Wordpress 1.2 - Wp-login.PHP HTTP Response Splitting Vulnerability",2004-10-07,"Chaotic Evil",php,webapps,0 +24667,platforms/php/webapps/24667.txt,"WordPress 1.2 - Wp-login.PHP HTTP Response Splitting Vulnerability",2004-10-07,"Chaotic Evil",php,webapps,0 24668,platforms/multiple/dos/24668.txt,"Jera Technology Flash Messaging Server 5.2 - Remote Denial of Service Vulnerability",2004-10-07,"Luigi Auriemma",multiple,dos,0 24669,platforms/linux/remote/24669.txt,"MySQL 3.x/4.x ALTER TABLE/RENAME Forces Old Permission Checks",2004-10-08,"Oleksandr Byelkin",linux,remote,0 24670,platforms/asp/webapps/24670.txt,"Go Smart Inc GoSmart Message Board Multiple Input Validation Vulnerabilities",2004-10-11,"Positive Technologies",asp,webapps,0 @@ -21870,7 +21870,7 @@ id,file,description,date,author,platform,type,port 24922,platforms/multiple/webapps/24922.txt,"OTRS 3.x - FAQ Module Persistent XSS",2013-04-08,"Luigi Vezzoso",multiple,webapps,0 24707,platforms/multiple/remote/24707.txt,"Google Desktop Search Remote Cross-Site Scripting Vulnerability",2004-10-26,"Salvatore Aranzulla",multiple,remote,0 24708,platforms/windows/dos/24708.txt,"Quicksilver Master of Orion III 1.2.5 - Multiple Remote Denial of Service Vulnerabilities",2004-10-27,"Luigi Auriemma",windows,dos,0 -24889,platforms/php/webapps/24889.txt,"Wordpress Mathjax Latex Plugin 1.1 - CSRF Vulnerability",2013-03-26,"Junaid Hussain",php,webapps,0 +24889,platforms/php/webapps/24889.txt,"WordPress Mathjax Latex Plugin 1.1 - CSRF Vulnerability",2013-03-26,"Junaid Hussain",php,webapps,0 24890,platforms/windows/remote/24890.rb,"ActFax 5.01 RAW Server Buffer Overflow",2013-03-26,metasploit,windows,remote,0 24710,platforms/multiple/dos/24710.txt,"id software quake ii server 3.2 - Multiple Vulnerabilities",2004-10-27,"Richard Stanway",multiple,dos,0 24711,platforms/php/remote/24711.php,"PHP 4.x/5 cURL Open_Basedir Restriction Bypass Vulnerability",2004-10-28,FraMe,php,remote,0 @@ -22066,7 +22066,7 @@ id,file,description,date,author,platform,type,port 24910,platforms/windows/local/24910.txt,"VirtualDJ Pro/Home <= 7.3 - Buffer Overflow Vulnerability",2013-04-02,"Alexandro Sánchez Bach",windows,local,0 24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 (index.php p param) - Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 24913,platforms/php/webapps/24913.txt,"Network Weathermap 0.97a (editor.php) - Persistent XSS",2013-04-02,"Daniel Ricardo dos Santos",php,webapps,0 -24914,platforms/php/webapps/24914.txt,"Wordpress FuneralPress Plugin 1.1.6 - Persistent XSS",2013-04-02,"Rob Armstrong",php,webapps,0 +24914,platforms/php/webapps/24914.txt,"WordPress FuneralPress Plugin 1.1.6 - Persistent XSS",2013-04-02,"Rob Armstrong",php,webapps,0 24915,platforms/multiple/webapps/24915.txt,"Aspen 0.8 - Directory Traversal",2013-04-02,"Daniel Ricardo dos Santos",multiple,webapps,0 24916,platforms/hardware/webapps/24916.txt,"Netgear WNR1000 - Authentication Bypass",2013-04-02,"Roberto Paleari",hardware,webapps,0 24919,platforms/windows/local/24919.py,"HexChat 2.9.4 - Local Exploit",2013-04-07,"Matt Andreko",windows,local,0 @@ -22294,7 +22294,7 @@ id,file,description,date,author,platform,type,port 25134,platforms/linux/local/25134.c,"sudo 1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass",2013-05-01,aeon,linux,local,0 25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - (Date Parameter) Cross-Site Scripting Vulnerability",2013-05-01,demonalex,windows,dos,0 25136,platforms/php/remote/25136.rb,"phpMyAdmin Authenticated Remote Code Execution via preg_replace()",2013-05-01,metasploit,php,remote,0 -25137,platforms/php/remote/25137.rb,"Wordpress W3 Total Cache - PHP Code Execution",2013-05-01,metasploit,php,remote,0 +25137,platforms/php/remote/25137.rb,"WordPress W3 Total Cache - PHP Code Execution",2013-05-01,metasploit,php,remote,0 25138,platforms/hardware/webapps/25138.txt,"D-Link IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25139,platforms/hardware/webapps/25139.txt,"Vivotek IP Cameras Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25140,platforms/windows/dos/25140.txt,"WPS Office Wpsio.dll - Stack Buffer Overflow Vulnerability",2013-05-01,Zhangjiantao,windows,dos,0 @@ -22583,7 +22583,7 @@ id,file,description,date,author,platform,type,port 25437,platforms/php/webapps/25437.txt,"eGroupWare 1.0 index.php cats_app Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 25438,platforms/php/webapps/25438.txt,"MVNForum 1.0 - Search Cross-Site Scripting Vulnerability",2005-04-18,"hoang yen",php,webapps,0 25439,platforms/multiple/dos/25439.c,"Multiple Vendor TCP Session Acknowledgement Number Denial of Service Vulnerability",2004-12-13,"Antonio M. D. S. Fortes",multiple,dos,0 -25440,platforms/php/webapps/25440.txt,"Wordpress wp-FileManager - Arbitrary File Download Vulnerability",2013-05-14,ByEge,php,webapps,0 +25440,platforms/php/webapps/25440.txt,"WordPress wp-FileManager - Arbitrary File Download Vulnerability",2013-05-14,ByEge,php,webapps,0 25441,platforms/php/webapps/25441.txt,"IPB (Invision Power Board) 1.x? / 2.x / 3.x - Admin Account Takeover",2013-05-14,"John JEAN",php,webapps,0 25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - (invoicefunctions.php id param) SQL Injection Vulnerability",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 25443,platforms/windows/dos/25443.txt,"Quick Search 1.1.0.189 - Buffer Overflow Vulnerability (SEH)",2013-05-14,ariarat,windows,dos,0 @@ -22828,7 +22828,7 @@ id,file,description,date,author,platform,type,port 25679,platforms/php/webapps/25679.txt,"JGS-Portal 3.0.1/3.0.2 jgs_portal_sponsor.php id Parameter SQL Injection",2005-05-16,deluxe@security-project.org,php,webapps,0 25680,platforms/windows/dos/25680.txt,"War Times Remote Game Server Denial of Service Vulnerability",2005-05-17,"Luigi Auriemma",windows,dos,0 25681,platforms/php/webapps/25681.php,"FusionPHP Fusion News 3.3/3.6 X-ForwordedFor PHP Script Code Injection Vulnerability",2005-05-24,"Network security team",php,webapps,0 -25682,platforms/php/webapps/25682.txt,"Wordpress 1.5 - Post.PHP Cross-Site Scripting Vulnerability",2005-05-17,"Thomas Waldegger",php,webapps,0 +25682,platforms/php/webapps/25682.txt,"WordPress 1.5 - Post.PHP Cross-Site Scripting Vulnerability",2005-05-17,"Thomas Waldegger",php,webapps,0 25683,platforms/php/webapps/25683.txt,"Help Center Live 1.0/1.2.x - Multiple Input Validation Vulnerabilities",2005-05-24,"GulfTech Security",php,webapps,0 25684,platforms/hardware/remote/25684.html,"D-Link DSL Router Remote Authentication Bypass Vulnerability",2005-05-19,"Francesco Orro",hardware,remote,0 25685,platforms/jsp/webapps/25685.txt,"Sun JavaMail 1.3 API MimeMessage Infromation Disclosure Vulnerability",2005-05-19,"Ricky Latt",jsp,webapps,0 @@ -22866,9 +22866,9 @@ id,file,description,date,author,platform,type,port 25716,platforms/php/webapps/25716.py,"AVE.CMS <= 2.09 (index.php module param) - Blind SQL Injection Exploit",2013-05-26,mr.pr0n,php,webapps,0 25718,platforms/hardware/local/25718.txt,"Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution",2013-05-26,Vulnerability-Lab,hardware,local,0 25719,platforms/windows/dos/25719.txt,"Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities",2013-05-26,Vulnerability-Lab,windows,dos,0 -25721,platforms/php/webapps/25721.txt,"Wordpress User Role Editor Plugin 3.12 - CSRF Vulnerability",2013-05-26,"Henry Hoggard",php,webapps,0 -25723,platforms/php/webapps/25723.txt,"Wordpress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 -25724,platforms/php/webapps/25724.txt,"Wordpress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 +25721,platforms/php/webapps/25721.txt,"WordPress User Role Editor Plugin 3.12 - CSRF Vulnerability",2013-05-26,"Henry Hoggard",php,webapps,0 +25723,platforms/php/webapps/25723.txt,"WordPress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 +25724,platforms/php/webapps/25724.txt,"WordPress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 25725,platforms/windows/local/25725.rb,"AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass",2013-05-26,metasploit,windows,local,0 25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 (menager.php playlist_id param) - SQL Injection Vulnerability",2013-05-26,Rooster(XEKA),php,webapps,0 25727,platforms/php/webapps/25727.txt,"BookReview 1.0 add_review.htm Multiple Parameter XSS",2005-05-26,Lostmon,php,webapps,0 @@ -23277,7 +23277,7 @@ id,file,description,date,author,platform,type,port 26121,platforms/php/webapps/26121.txt,"FunkBoard 0.66 profile.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 26122,platforms/php/webapps/26122.txt,"FunkBoard 0.66 register.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 26123,platforms/multiple/remote/26123.rb,"Java Web Start Double Quote Injection Remote Code Execution",2013-06-11,Rh0,multiple,remote,0 -26124,platforms/php/webapps/26124.txt,"Wordpress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities",2013-06-11,expl0i13r,php,webapps,0 +26124,platforms/php/webapps/26124.txt,"WordPress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities",2013-06-11,expl0i13r,php,webapps,0 26125,platforms/php/webapps/26125.txt,"Weathermap 0.97c (editor.php mapname param) - Local File Inclusion",2013-06-11,"Anthony Dubuissez",php,webapps,0 26126,platforms/php/webapps/26126.txt,"NanoBB 0.7 - Multiple Vulnerabilities",2013-06-11,"CWH Underground",php,webapps,0 26127,platforms/php/webapps/26127.txt,"TriggerTG TClanPortal 3.0 - Multiple SQL Injection Vulnerabilities",2005-08-09,admin@batznet.com,php,webapps,0 @@ -23656,7 +23656,7 @@ id,file,description,date,author,platform,type,port 26519,platforms/windows/dos/26519.py,"AVS Media Player 4.1.11.100 - (.ac3) Denial of Service",2013-07-01,metacom,windows,dos,0 26520,platforms/windows/local/26520.py,"Static HTTP Server 1.0 - SEH Overflow",2013-07-01,"Jacob Holcomb",windows,local,0 26521,platforms/php/webapps/26521.txt,"C.P.Sub 4.5 - Authentication Bypass",2013-07-01,Chako,php,webapps,0 -26523,platforms/windows/local/26523.rb,"AudioCoder (.lst) - Buffer Overflow (msf)",2013-07-01,Asesino04,windows,local,0 +26523,platforms/windows/local/26523.rb,"AudioCoder (.lst) - Buffer Overflow (Metasploit)",2013-07-01,Asesino04,windows,local,0 27437,platforms/php/webapps/27437.txt,"Invision Power Services Invision Board 2.0.4 index.php st Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 26525,platforms/windows/local/26525.py,"Adrenalin Player 2.2.5.3 - (.wvx) SEH Buffer Overflow",2013-07-01,MrXors,windows,local,0 26526,platforms/windows/dos/26526.py,"VLC Media Player 2.0.7 - (.png) Crash PoC",2013-07-01,"Kevin Fujimoto",windows,dos,0 @@ -23933,7 +23933,7 @@ id,file,description,date,author,platform,type,port 26801,platforms/php/webapps/26801.txt,"Snipe Gallery 3.1.4 - search.php keyword Parameter XSS",2005-12-13,r0t,php,webapps,0 26802,platforms/hardware/dos/26802.py,"Tri-PLC Nano-10 r81 - Denial of Service",2013-07-13,Sapling,hardware,dos,0 27438,platforms/php/webapps/27438.txt,"Invision Power Services Invision Board 2.0.4 Calendar Action Multiple Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 -26804,platforms/php/webapps/26804.txt,"Wordpress Spicy Blogroll Plugin - File Inclusion Vulnerability",2013-07-13,Ahlspiess,php,webapps,0 +26804,platforms/php/webapps/26804.txt,"WordPress Spicy Blogroll Plugin - File Inclusion Vulnerability",2013-07-13,Ahlspiess,php,webapps,0 26805,platforms/windows/local/26805.rb,"Corel PDF Fusion Stack Buffer Overflow",2013-07-13,metasploit,windows,local,0 26806,platforms/asp/webapps/26806.txt,"BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",asp,webapps,0 26807,platforms/windows/webapps/26807.txt,"McAfee ePO 4.6.6 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",windows,webapps,0 @@ -24133,7 +24133,7 @@ id,file,description,date,author,platform,type,port 27633,platforms/php/webapps/27633.txt,"MyBB 1.10 Member.PHP Cross-Site Scripting Vulnerability",2006-04-12,o.y.6,php,webapps,0 27005,platforms/hardware/webapps/27005.txt,"Barracuda LB_ SVF_ WAF & WEF - Multiple Vulnerabilities",2013-07-22,Vulnerability-Lab,hardware,webapps,0 27006,platforms/hardware/webapps/27006.txt,"Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability",2013-07-22,Vulnerability-Lab,hardware,webapps,0 -27007,platforms/windows/remote/27007.rb,"PCMan FTP Server 2.0.7 - Remote Exploit (msf)",2013-07-22,MSJ,windows,remote,21 +27007,platforms/windows/remote/27007.rb,"PCMan FTP Server 2.0.7 - Remote Exploit (Metasploit)",2013-07-22,MSJ,windows,remote,21 27439,platforms/php/webapps/27439.txt,"Invision Power Services Invision Board 2.0.4 Print Action t Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 27440,platforms/php/webapps/27440.txt,"Invision Power Services Invision Board 2.0.4 Mail Action MID Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 27441,platforms/php/webapps/27441.txt,"Invision Power Services Invision Board 2.0.4 Help Action HID Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 @@ -24403,7 +24403,7 @@ id,file,description,date,author,platform,type,port 27494,platforms/php/webapps/27494.txt,"PHPmyfamily 1.4.1 Track.PHP Cross-Site Scripting Vulnerability",2006-03-28,matrix_killer,php,webapps,0 27495,platforms/php/webapps/27495.txt,"phpCOIN 1.2 mod_print.php fs Parameter XSS",2006-03-28,r0t,php,webapps,0 27496,platforms/php/webapps/27496.txt,"phpCOIN 1.2 mod.php fs Parameter XSS",2006-03-28,r0t,php,webapps,0 -27271,platforms/windows/remote/27271.rb,"HP Data Protector CMD Install Service Vulnerability (msf)",2013-08-02,"Ben Turner",windows,remote,0 +27271,platforms/windows/remote/27271.rb,"HP Data Protector CMD Install Service Vulnerability (Metasploit)",2013-08-02,"Ben Turner",windows,remote,0 27272,platforms/php/webapps/27272.txt,"SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload",2013-08-02,spyk2r,php,webapps,0 27273,platforms/windows/dos/27273.txt,"TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) - Crash PoC",2013-08-02,d3b4g,windows,dos,0 27274,platforms/php/webapps/27274.txt,"Ginkgo CMS (index.php rang param) - SQL Injection",2013-08-02,Raw-x,php,webapps,0 @@ -24421,7 +24421,7 @@ id,file,description,date,author,platform,type,port 27287,platforms/php/webapps/27287.txt,"Cotonti 0.9.13 - SQL Injection Vulnerability",2013-08-02,"High-Tech Bridge SA",php,webapps,0 27288,platforms/hardware/webapps/27288.txt,"Western Digital My Net Wireless Routers - Password Disclosure",2013-08-02,"Kyle Lovett",hardware,webapps,0 27289,platforms/hardware/webapps/27289.txt,"TP-Link TL-SC3171 IP Cameras - Multiple Vulnerabilities",2013-08-02,"Core Security",hardware,webapps,0 -27290,platforms/php/webapps/27290.txt,"Wordpress Plugin Better WP Security - Stored XSS",2013-08-02,"Richard Warren",php,webapps,0 +27290,platforms/php/webapps/27290.txt,"WordPress Plugin Better WP Security - Stored XSS",2013-08-02,"Richard Warren",php,webapps,0 27291,platforms/windows/webapps/27291.txt,"Oracle Hyperion 11 - Directory Traversal",2013-08-02,"Richard Warren",windows,webapps,19000 27292,platforms/windows/dos/27292.py,"EchoVNC Viewer Remote DoS Vulnerability",2013-08-02,Z3r0n3,windows,dos,0 27293,platforms/php/remote/27293.rb,"PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution",2013-08-02,metasploit,php,remote,7443 @@ -24524,11 +24524,11 @@ id,file,description,date,author,platform,type,port 27396,platforms/php/webapps/27396.txt,"txtForum 1.0.3/1.0.4 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-09,"Nenad Jovanovic",php,webapps,0 27397,platforms/linux/remote/27397.txt,"Apache suEXEC - Privilege Elevation / Information Disclosure",2013-08-07,kingcope,linux,remote,0 27398,platforms/php/webapps/27398.txt,"Pluck CMS 4.7 - HTML Code Injection",2013-08-07,"Yashar shahinzadeh",php,webapps,0 -27399,platforms/php/webapps/27399.txt,"Wordpress Booking Calendar 4.1.4 - CSRF Vulnerability",2013-08-07,"Dylan Irzi",php,webapps,0 +27399,platforms/php/webapps/27399.txt,"WordPress Booking Calendar 4.1.4 - CSRF Vulnerability",2013-08-07,"Dylan Irzi",php,webapps,0 27400,platforms/windows/remote/27400.py,"HP Data Protector Arbitrary Remote Command Execution",2013-08-07,"Alessandro Di Pinto and Claudio Moletta",windows,remote,0 27401,platforms/windows/remote/27401.py,"(Gabriel's FTP Server) Open & Compact FTP Server <= 1.2 - Auth Bypass & Directory Traversal SAM Retrieval Exploit",2013-08-07,Wireghoul,windows,remote,0 27402,platforms/hardware/webapps/27402.txt,"Hikvision IP Cameras 4.1.0 b130111 - Multiple Vulnerabilities",2013-08-07,"Core Security",hardware,webapps,0 -27403,platforms/php/webapps/27403.txt,"Wordpress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability",2013-08-07,RogueCoder,php,webapps,0 +27403,platforms/php/webapps/27403.txt,"WordPress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability",2013-08-07,RogueCoder,php,webapps,0 27405,platforms/php/webapps/27405.txt,"Joomla Sectionex Component 2.5.96 - SQL Injection Vulnerability",2013-08-07,"Matias Fontanini",php,webapps,0 27406,platforms/windows/webapps/27406.txt,"McAfee Superscan 4.0 - XSS Vulnerability",2013-08-07,"Trustwave's SpiderLabs",windows,webapps,0 27407,platforms/windows/dos/27407.pl,"UnrealIRCd 3.x - Remote Denial of Service Vulnerability",2006-03-09,"Brandon Milner",windows,dos,0 @@ -24640,7 +24640,7 @@ id,file,description,date,author,platform,type,port 27527,platforms/multiple/remote/27527.rb,"Ruby on Rails Known Secret Session Cookie Remote Code Execution",2013-08-12,metasploit,multiple,remote,0 27529,platforms/php/remote/27529.rb,"OpenX Backdoor PHP Code Execution",2013-08-12,metasploit,php,remote,0 27530,platforms/multiple/remote/27530.rb,"Squash YAML Code Execution",2013-08-12,metasploit,multiple,remote,0 -27531,platforms/php/webapps/27531.txt,"Wordpress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 +27531,platforms/php/webapps/27531.txt,"WordPress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 27532,platforms/php/webapps/27532.txt,"Joomla redSHOP Component 1.2 - SQL Injection",2013-08-12,"Matias Fontanini",php,webapps,0 27534,platforms/php/webapps/27534.txt,"MediaSlash Gallery Index.PHP Remote File Include Vulnerability",2006-03-30,"Morocco Security Team",php,webapps,0 27535,platforms/php/webapps/27535.txt,"O2PHP Oxygen 1.0/1.1 Post.PHP SQL Injection Vulnerability",2006-03-30,"Morocco Security Team",php,webapps,0 @@ -24808,7 +24808,7 @@ id,file,description,date,author,platform,type,port 28062,platforms/asp/webapps/28062.txt,"Cisco CallManager 3.x/4.x Web Interface ccmuser/logon.asp XSS",2006-06-19,"Jake Reynolds",asp,webapps,0 28700,platforms/php/webapps/28700.txt,"CubeCart 3.0.x view_order.php order_id Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28053,platforms/hardware/webapps/28053.txt,"Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities",2013-09-03,"Kyle Lovett",hardware,webapps,0 -28054,platforms/php/webapps/28054.txt,"Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 +28054,platforms/php/webapps/28054.txt,"WordPress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 27700,platforms/windows/dos/27700.py,"VLC Player 2.0.8 - (.m3u) Local Crash PoC",2013-08-19,Asesino04,windows,dos,0 27707,platforms/php/webapps/27707.txt,"I-RATER Platinum Common.PHP Remote File Include Vulnerability",2006-04-20,r0t,php,webapps,0 27708,platforms/php/webapps/27708.txt,"EasyGallery 1.17 EasyGallery.PHP Cross-Site Scripting Vulnerability",2006-04-20,botan,php,webapps,0 @@ -24859,7 +24859,7 @@ id,file,description,date,author,platform,type,port 27747,platforms/windows/remote/27747.pl,"freeFTPd 1.0.10 (PASS Command) - SEH Buffer Overflow",2013-08-21,Wireghoul,windows,remote,21 27749,platforms/hardware/dos/27749.rb,"Schneider Electric PLC ETY Series Ethernet Controller - Denial of Service",2013-08-21,"Arash Abedian",hardware,dos,0 27750,platforms/php/webapps/27750.py,"Bitbot C2 Panel gate2.php - Multiple Vulnerabilities",2013-08-21,bwall,php,webapps,0 -27751,platforms/php/webapps/27751.txt,"Wordpress ThinkIT Plugin 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 +27751,platforms/php/webapps/27751.txt,"WordPress ThinkIT Plugin 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 27752,platforms/unix/remote/27752.rb,"Graphite Web Unsafe Pickle Handling",2013-08-21,metasploit,unix,remote,0 27753,platforms/hardware/webapps/27753.txt,"Samsung DVR Firmware 1.10 - Authentication Bypass",2013-08-21,"Andrea Fabrizi",hardware,webapps,80 27754,platforms/windows/remote/27754.txt,"Oracle Java BytePackedRaster.verify() Signed Integer Overflow",2013-08-21,"Packet Storm",windows,remote,0 @@ -25239,7 +25239,7 @@ id,file,description,date,author,platform,type,port 28167,platforms/php/webapps/28167.txt,"Invision Power Board 1.x/2.x - Multiple SQL Injection Vulnerabilities",2006-07-05,"CrAzY CrAcKeR",php,webapps,0 28168,platforms/php/webapps/28168.txt,"Blog:CMS 4.1 Thumb.PHP Remote File Include Vulnerability",2006-07-05,"EllipSiS Security",php,webapps,0 28169,platforms/windows/dos/28169.html,"Microsoft Internet Explorer 5.0.1/6.0 Structured Graphics Control Denial of Service Vulnerability",2006-07-06,hdm,windows,dos,0 -28170,platforms/windows/remote/28170.rb,"freeFTPd 1.0.10 PASS Command SEH Overflow (msf)",2013-09-09,"Muhamad Fadzil Ramli",windows,remote,21 +28170,platforms/windows/remote/28170.rb,"freeFTPd 1.0.10 PASS Command SEH Overflow (Metasploit)",2013-09-09,"Muhamad Fadzil Ramli",windows,remote,21 28171,platforms/php/webapps/28171.txt,"Zyxware Health Monitoring System - Multiple Vulnerabilities",2013-09-09,"Sarahma Security",php,webapps,0 28273,platforms/php/webapps/28273.txt,"PHPSavant Savant2 stylesheet.php mosConfig_absolute_path Parameter Remote File Inclusion",2006-07-25,botan,php,webapps,0 28174,platforms/php/webapps/28174.txt,"Moodle 2.3.8_ 2.4.5 - Multiple Vulnerabilities",2013-09-09,"Ciaran McNally",php,webapps,0 @@ -25391,7 +25391,7 @@ id,file,description,date,author,platform,type,port 28325,platforms/php/webapps/28325.txt,"OZJournals 1.5 - Multiple Input Validation Vulnerabilities",2006-08-02,Luny,php,webapps,0 28326,platforms/php/webapps/28326.txt,"VWar 1.x war.php page Parameter XSS",2006-08-03,mfoxhacker,php,webapps,0 28327,platforms/php/webapps/28327.txt,"VWar 1.x war.php Multiple Parameter SQL Injection",2006-08-03,mfoxhacker,php,webapps,0 -28328,platforms/windows/remote/28328.rb,"PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (MSF)",2013-09-17,"Rick Flores",windows,remote,21 +28328,platforms/windows/remote/28328.rb,"PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (Metasploit)",2013-09-17,"Rick Flores",windows,remote,21 28329,platforms/php/webapps/28329.txt,"OpenEMR 4.1.1 Patch 14 - Multiple Vulnerabilities",2013-09-17,xistence,php,webapps,0 28330,platforms/php/webapps/28330.txt,"Western Digital Arkeia Appliance 10.0.10 - Multiple Vulnerabilities",2013-09-17,xistence,php,webapps,0 28331,platforms/windows/remote/28331.txt,"Oracle Java ShortComponentRaster.verify() Memory Corruption",2013-09-17,"Packet Storm",windows,remote,0 @@ -25440,12 +25440,12 @@ id,file,description,date,author,platform,type,port 28374,platforms/windows/remote/28374.txt,"IPCheck Server Monitor 5.x - Directory Traversal Vulnerability",2006-08-10,"Tassi Raeburn",windows,remote,0 28375,platforms/windows/dos/28375.pl,"TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability",2013-09-18,LiquidWorm,windows,dos,0 28376,platforms/windows/remote/28376.html,"McKesson ActiveX File/Environmental Variable Enumeration",2013-09-18,blake,windows,remote,0 -28377,platforms/php/webapps/28377.txt,"Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability",2013-09-18,Vulnerability-Lab,php,webapps,0 +28377,platforms/php/webapps/28377.txt,"WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability",2013-09-18,Vulnerability-Lab,php,webapps,0 28378,platforms/php/webapps/28378.txt,"MyWebland miniBloggie 1.0 Fname Remote File Include Vulnerability",2006-08-10,sh3ll,php,webapps,0 28379,platforms/php/webapps/28379.txt,"WEBinsta Mailing List Manager 1.3 Install3.PHP Remote File Include Vulnerability",2006-08-10,"Philipp Niedziela",php,webapps,0 28380,platforms/linux/dos/28380.txt,"Mozilla Firefox 1.0.x JavaScript Handler Race Condition Memory Corruption Vulnerability",2006-08-12,"Michal Zalewski",linux,dos,0 28381,platforms/windows/dos/28381.txt,"Microsoft windows xp/2000/2003 help Multiple Vulnerabilities",2006-08-12,"Benjamin Tobias Franz",windows,dos,0 -28382,platforms/php/webapps/28382.txt,"WP-DB Backup For Wordpress 1.6/1.7 Edit.PHP - Directory Traversal Vulnerability",2006-08-14,"marc & shb",php,webapps,0 +28382,platforms/php/webapps/28382.txt,"WP-DB Backup For WordPress 1.6/1.7 Edit.PHP - Directory Traversal Vulnerability",2006-08-14,"marc & shb",php,webapps,0 28383,platforms/linux/dos/28383.txt,"ImageMagick 6.x SGI Image File Remote Heap Buffer Overflow Vulnerability",2006-08-14,"Damian Put",linux,dos,0 28384,platforms/linux/dos/28384.txt,"Libmusicbrainz 2.0.2/2.1.x - Multiple Buffer Overflow Vulnerabilities",2006-08-14,"Luigi Auriemma",linux,dos,0 28385,platforms/asp/webapps/28385.txt,"BlaBla 4U Multiple Cross-Site Scripting Vulnerabilities",2006-08-14,Vampire,asp,webapps,0 @@ -25468,7 +25468,7 @@ id,file,description,date,author,platform,type,port 28404,platforms/php/webapps/28404.txt,"Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Include Vulnerabilities",2006-08-18,Crackers_Child,php,webapps,0 28405,platforms/linux/local/28405.txt,"Roxio Toast 7 - DejaVu Component PATH Variable Local Privilege Escalation Vulnerability",2006-08-18,Netragard,linux,local,0 28406,platforms/php/webapps/28406.txt,"XennoBB 1.0.x/2.2 Icon_Topic SQL Injection Vulnerability",2006-08-19,"Chris Boulton",php,webapps,0 -28407,platforms/php/remote/28407.rb,"Western Digital Arkeia Remote Code Execution (msf module)",2013-09-20,xistence,php,remote,0 +28407,platforms/php/remote/28407.rb,"Western Digital Arkeia Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 28408,platforms/php/remote/28408.rb,"OpenEMR 4.1.1 Patch 14 - SQLi Privilege Escalation Remote Code Execution",2013-09-20,xistence,php,remote,0 28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 (index.php onlyforuser param) - SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 28410,platforms/php/webapps/28410.txt,"Mambo Display MOSBot Manager Component mosConfig_absolute_path Remote File Include Vulnerability",2006-08-21,O.U.T.L.A.W,php,webapps,0 @@ -25520,7 +25520,7 @@ id,file,description,date,author,platform,type,port 28468,platforms/php/webapps/28468.txt,"YACS 6.6.1 - Multiple Remote File Include Vulnerabilities",2006-09-01,MATASANOS,php,webapps,0 28450,platforms/hardware/remote/28450.py,"FiberHome Modem Router HG-110 - Authentication Bypass To Remote Change DNS Servers",2013-09-22,"Javier Perez",hardware,remote,0 28451,platforms/windows/dos/28451.txt,"Share KM 1.0.19 - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 -28452,platforms/php/webapps/28452.txt,"Wordpress Lazy SEO plugin 1.1.9 - Shell Upload Vulnerability",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 +28452,platforms/php/webapps/28452.txt,"WordPress Lazy SEO plugin 1.1.9 - Shell Upload Vulnerability",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 28453,platforms/php/webapps/28453.txt,"ezContents 2.0.3 - event_list.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28454,platforms/php/webapps/28454.txt,"ezContents 2.0.3 - calendar.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28455,platforms/php/webapps/28455.txt,"ezContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 @@ -25542,7 +25542,7 @@ id,file,description,date,author,platform,type,port 28482,platforms/windows/remote/28482.rb,"Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071)",2013-09-23,metasploit,windows,remote,0 28483,platforms/php/remote/28483.rb,"GLPI install.php Remote Command Execution",2013-09-23,metasploit,php,remote,80 28484,platforms/hardware/remote/28484.rb,"Linksys WRT110 - Remote Command Execution",2013-09-23,metasploit,hardware,remote,0 -28485,platforms/php/webapps/28485.txt,"Wordpress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 +28485,platforms/php/webapps/28485.txt,"WordPress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 28486,platforms/php/webapps/28486.txt,"In-Portal In-Link 2.3.4 ADODB_DIR.PHP Remote File Include Vulnerability",2006-09-04,"Saudi Hackrz",php,webapps,0 28487,platforms/php/webapps/28487.txt,"PHP-Nuke MyHeadlines 4.3.1 Module Cross-Site Scripting Vulnerability",2006-09-04,"Thomas Pollet",php,webapps,0 28488,platforms/php/webapps/28488.php,"PHP-Proxima 6.0 BB_Smilies.PHP Local File Include Vulnerability",2006-09-04,Kacper,php,webapps,0 @@ -25854,7 +25854,7 @@ id,file,description,date,author,platform,type,port 29213,platforms/windows/local/29213.pl,"Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)",2013-10-26,"Mike Czumak",windows,local,0 28806,platforms/linux/local/28806.txt,"davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit",2013-10-08,"Lorenzo Cantoni",linux,local,0 28807,platforms/php/webapps/28807.py,"WHMCS 5.2.7 - SQL Injection Vulnerability",2013-10-08,localhost.re,php,webapps,0 -28808,platforms/php/webapps/28808.txt,"Wordpress Quick Contact Form Plugin 6.0 - Persistent XSS",2013-10-08,Zy0d0x,php,webapps,0 +28808,platforms/php/webapps/28808.txt,"WordPress Quick Contact Form Plugin 6.0 - Persistent XSS",2013-10-08,Zy0d0x,php,webapps,0 28809,platforms/windows/remote/28809.rb,"HP LoadRunner magentproc.exe Overflow",2013-10-08,metasploit,windows,remote,443 28810,platforms/unix/remote/28810.rb,"GestioIP Remote Command Execution",2013-10-08,metasploit,unix,remote,0 28811,platforms/osx/dos/28811.txt,"Apple Motion 5.0.7 Integer Overflow Vulnerability",2013-10-08,"Jean Pascal Pereira",osx,dos,0 @@ -26004,7 +26004,7 @@ id,file,description,date,author,platform,type,port 28955,platforms/windows/local/28955.py,"Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow SEH",2013-10-14,metacom,windows,local,0 28956,platforms/php/webapps/28956.txt,"StatusNet/Laconica 0.7.4_ 0.8.2_ 0.9.0beta3 - Arbitrary File Reading",2013-10-14,spiderboy,php,webapps,80 28957,platforms/android/dos/28957.txt,"Android Zygote - Socket Vulnerability Fork bomb Attack",2013-10-14,"Luca Verderame",android,dos,0 -28959,platforms/php/webapps/28959.txt,"Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 +28959,platforms/php/webapps/28959.txt,"WordPress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 28960,platforms/php/webapps/28960.py,"aMSN 0.98.9 Web App - Multiple Vulnerabilities",2013-10-14,drone,php,webapps,80 29086,platforms/asp/webapps/29086.txt,"ActiveNews Manager activenews_view.asp articleID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 28962,platforms/multiple/remote/28962.rb,"VMware Hyperic HQ Groovy Script-Console Java Execution",2013-10-14,metasploit,multiple,remote,0 @@ -26015,7 +26015,7 @@ id,file,description,date,author,platform,type,port 28967,platforms/php/webapps/28967.txt,"ExoPHPdesk 1.2 Pipe.PHP Remote File Include Vulnerability",2006-11-11,Firewall1954,php,webapps,0 28968,platforms/windows/remote/28968.html,"Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow",2013-10-15,blake,windows,remote,0 28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow",2013-10-15,metacom,windows,local,0 -28970,platforms/php/webapps/28970.txt,"Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day)",2013-10-15,TheXero,php,webapps,80 +28970,platforms/php/webapps/28970.txt,"Dexs PM System WordPress Plugin - Authenticated Persistent XSS (0day)",2013-10-15,TheXero,php,webapps,80 28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 (exportcsv.php sondage param) - SQL Injection",2013-10-15,drone,php,webapps,80 28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection and Remote Code Execution",2013-10-15,"Jason Kratzer",unix,webapps,0 28973,platforms/windows/remote/28973.rb,"HP Data Protector Cell Request Service Buffer Overflow",2013-10-15,metasploit,windows,remote,0 @@ -26070,7 +26070,7 @@ id,file,description,date,author,platform,type,port 29018,platforms/php/webapps/29018.txt,"Plesk 7.5/8.0 - login_up.php3 - XSS",2006-11-14,"David Vieira-Kurz",php,webapps,0 29019,platforms/php/webapps/29019.txt,"Zikula CMS 1.3.5 - Multiple Vulnerabilities",2013-10-17,Vulnerability-Lab,php,webapps,0 29020,platforms/php/webapps/29020.txt,"Quick Paypal Payments 3.0 - Presistant XSS (0day)",2013-10-17,Zy0d0x,php,webapps,80 -29021,platforms/php/webapps/29021.txt,"Wordpress Plugin Realty - Blind SQL Injection",2013-10-17,Napsterakos,php,webapps,80 +29021,platforms/php/webapps/29021.txt,"WordPress Plugin Realty - Blind SQL Injection",2013-10-17,Napsterakos,php,webapps,80 29023,platforms/php/webapps/29023.txt,"Woltlab Burning Board Regenbogenwiese 2007 Addon - SQL Injection Exploit",2013-10-17,"Easy Laster",php,webapps,0 29024,platforms/asp/webapps/29024.txt,"Inventory Manager Multiple Input Validation Vulnerabilities",2006-11-14,"laurent gaffie",asp,webapps,0 29025,platforms/asp/webapps/29025.txt,"Evolve Merchant Viewcart.ASP SQL Injection Vulnerability",2006-11-14,"laurent gaffie",asp,webapps,0 @@ -26373,7 +26373,7 @@ id,file,description,date,author,platform,type,port 29354,platforms/php/webapps/29354.txt,"pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting Web Vulnerabilities",2013-11-01,Vulnerability-Lab,php,webapps,0 29473,platforms/linux/dos/29473.txt,"Squid Proxy 2.5/2.6 FTP URI Remote Denial of Service Vulnerability",2007-01-16,"David Duncan Ross Palmer",linux,dos,0 29474,platforms/php/webapps/29474.txt,"Scriptme SmE 1.21 File Mailer Login SQL Injection Vulnerability",2007-01-16,CorryL,php,webapps,0 -29356,platforms/php/webapps/29356.txt,"Wordpress 1.x/2.0.x - Template.PHP HTML Injection Vulnerability",2006-12-27,"David Kierznowski",php,webapps,0 +29356,platforms/php/webapps/29356.txt,"WordPress 1.x/2.0.x - Template.PHP HTML Injection Vulnerability",2006-12-27,"David Kierznowski",php,webapps,0 29357,platforms/asp/webapps/29357.txt,"Hosting Controller 7C FolderManager.ASPX Directory Traversal Vulnerability",2006-12-27,KAPDA,asp,webapps,0 29358,platforms/asp/webapps/29358.txt,"DMXReady Secure Login Manager 1.0 login.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 29359,platforms/asp/webapps/29359.txt,"DMXReady Secure Login Manager 1.0 content.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 @@ -26570,7 +26570,7 @@ id,file,description,date,author,platform,type,port 29522,platforms/php/webapps/29522.py,"WordPress 1.x/2.0.x - Pingback SourceURI Denial of Service and Information Disclosure Vulnerability",2007-01-24,"Blake Matheny",php,webapps,0 29523,platforms/osx/dos/29523.txt,"Apple 10.4.x Software Update Format String Vulnerability",2007-01-25,kf,osx,dos,0 29524,platforms/windows/remote/29524.txt,"Microsoft Word 2000 - Malformed Function Code Execution Vulnerability",2007-01-25,Symantec,windows,remote,0 -29525,platforms/php/webapps/29525.txt,"Wordpress Highlight Premium Theme - CSRF File Upload Vulnerability",2013-11-10,DevilScreaM,php,webapps,0 +29525,platforms/php/webapps/29525.txt,"WordPress Highlight Premium Theme - CSRF File Upload Vulnerability",2013-11-10,DevilScreaM,php,webapps,0 29547,platforms/windows/local/29547.rb,"VideoSpirit Pro 1.90 - (SEH) Buffer Overflow",2013-11-12,metacom,windows,local,0 29527,platforms/linux/remote/29527.pl,"Xine 0.99.4 M3U Remote Format String Vulnerability",2007-01-03,"Kevin Finisterre",linux,remote,0 29528,platforms/php/local/29528.txt,"PHP 5.2 - FOpen Safe_Mode Restriction-Bypass Vulnerability",2007-01-26,"Maksymilian Arciemowicz",php,local,0 @@ -26591,9 +26591,9 @@ id,file,description,date,author,platform,type,port 29679,platforms/php/webapps/29679.html,"PHPBB2 Admin_Ug_Auth.PHP Administrative Security Bypass Vulnerability",2007-02-26,"Hasadya Raed",php,webapps,0 29680,platforms/php/webapps/29680.html,"SQLiteManager 1.2 Main.PHP Multiple HTML Injection Vulnerabilities",2007-02-26,"Simon Bonnard",php,webapps,0 29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 index.PHP Local File Include Vulnerability",2007-02-26,"D. Matscheko",php,webapps,0 -29682,platforms/php/webapps/29682.txt,"Wordpress 2.1.1 - Post.PHP Cross-Site Scripting Vulnerability",2007-02-26,Samenspender,php,webapps,0 +29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - Post.PHP Cross-Site Scripting Vulnerability",2007-02-26,Samenspender,php,webapps,0 29683,platforms/linux/dos/29683.txt,"Linux Kernel 2.6.x - Audit Subsystems Local Denial of Service Vulnerability",2007-02-27,"Steve Grubb",linux,dos,0 -29684,platforms/php/webapps/29684.txt,"Wordpress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 +29684,platforms/php/webapps/29684.txt,"WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 29685,platforms/windows/remote/29685.txt,"Nullsoft Shoutcast 1.9.7 Logfile HTML Injection Vulnerability",2007-02-27,SaMuschie,windows,remote,0 29686,platforms/windows/remote/29686.txt,"Adobe Acrobat/Adobe Reader <= 7.0.9 - Information Disclosure Vulnerability",2007-02-28,pdp,windows,remote,0 29687,platforms/windows/remote/29687.py,"HyperBook Guestbook 1.3 GBConfiguration.DAT Hashed Password Information Disclosure Vulnerability",2007-02-28,PeTrO,windows,remote,0 @@ -26652,7 +26652,7 @@ id,file,description,date,author,platform,type,port 29595,platforms/linux/remote/29595.txt,"PHP RRD Browser 0.2 P Parameter Directory Traversal Vulnerability",2007-02-12,"Sebastian Wolfgarten",linux,remote,0 29596,platforms/asp/webapps/29596.txt,"EWay 4 Default.APSX Cross-Site Scripting Vulnerability",2007-02-12,"BLacK ZeRo",asp,webapps,0 29597,platforms/asp/webapps/29597.txt,"Community Server SearchResults.ASPX Cross-Site Scripting Vulnerability",2007-02-12,BL4CK,asp,webapps,0 -29598,platforms/php/webapps/29598.txt,"Wordpress 1.x/2.0.x - Templates.PHP Cross-Site Scripting Vulnerability",2007-02-12,PsychoGun,php,webapps,0 +29598,platforms/php/webapps/29598.txt,"WordPress 1.x/2.0.x - Templates.PHP Cross-Site Scripting Vulnerability",2007-02-12,PsychoGun,php,webapps,0 29599,platforms/php/webapps/29599.txt,"TaskFreak! 0.5.5 Error.PHP Cross-Site Scripting Vulnerability",2007-02-13,Spiked,php,webapps,0 29600,platforms/asp/webapps/29600.txt,"Fullaspsite ASP Hosting Site listmain.asp cat Parameter XSS",2007-02-13,ShaFuck31,asp,webapps,0 29601,platforms/asp/webapps/29601.txt,"Fullaspsite ASP Hosting Site listmain.asp cat Parameter SQL Injection",2007-02-13,ShaFuck31,asp,webapps,0 @@ -26721,10 +26721,10 @@ id,file,description,date,author,platform,type,port 29664,platforms/windows/dos/29664.txt,"Microsoft Office Publisher 2007 - Remote Denial of Service (DoS) Vulnerability",2007-02-26,"Tom Ferris",windows,dos,0 29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Include Vulnerability",2007-02-26,"Simon Bonnard",php,webapps,0 29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI close_window.cgi Buffer Overflow",2013-11-18,metasploit,hardware,remote,80 -29667,platforms/php/webapps/29667.txt,"Wordpress Euclid Theme 1.x.x - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 -29668,platforms/php/webapps/29668.txt,"Wordpress Dimension Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 -29669,platforms/php/webapps/29669.txt,"Wordpress Amplus Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 -29670,platforms/php/webapps/29670.txt,"Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 +29667,platforms/php/webapps/29667.txt,"WordPress Euclid Theme 1.x.x - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 +29668,platforms/php/webapps/29668.txt,"WordPress Dimension Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 +29669,platforms/php/webapps/29669.txt,"WordPress Amplus Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 +29670,platforms/php/webapps/29670.txt,"WordPress Make A Statement (MaS) Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 30367,platforms/php/webapps/30367.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 admin/membersearch.php Multiple Parameter XSS",2007-07-23,Lostmon,php,webapps,0 30187,platforms/multiple/dos/30187.txt,"Mbedthis AppWeb 2.2.2 URL Protocol Format String Vulnerability",2007-06-12,"Nir Rachmel",multiple,dos,0 30188,platforms/windows/dos/30188.txt,"Apple Safari Feed URI Denial of Service Vulnerability",2007-05-13,"Moshe Ben-Abu",windows,dos,0 @@ -26837,7 +26837,7 @@ id,file,description,date,author,platform,type,port 29787,platforms/windows/dos/29787.py,"HP Jetdirect FTP Print Server RERT Command Denial of Service Vulnerability",2007-01-18,Handrix,windows,dos,0 29788,platforms/php/remote/29788.php,"PHP <= 4.4.4 Zip_Entry_Read() Integer Overflow Vulnerability",2007-03-27,"Stefan Esser",php,remote,0 30783,platforms/windows/local/30783.py,"CCProxy 7.3 - Integer Overflow Exploit",2014-01-07,Mr.XHat,windows,local,0 -30105,platforms/php/webapps/30105.txt,"Wordpress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 +30105,platforms/php/webapps/30105.txt,"WordPress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 30157,platforms/php/webapps/30157.txt,"Joomla JD-Wiki 1.0.2 dwpage.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30158,platforms/php/webapps/30158.txt,"Joomla JD-Wiki 1.0.2 wantedpages.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30107,platforms/php/webapps/30107.txt,"Ovidentia 7.9.6 - Multiple Vulnerabilities",2013-12-08,sajith,php,webapps,0 @@ -27047,7 +27047,7 @@ id,file,description,date,author,platform,type,port 29943,platforms/windows/dos/29943.c,"Progress WebSpeed 3.0/3.1 - Denial of Service Vulnerability",2007-05-02,"Eelko Neven",windows,dos,0 29944,platforms/php/webapps/29944.pl,"PHPSecurityAdmin 4.0.2 Logout.PHP Remote File Include Vulnerability",2007-05-03,"ilker Kandemir",php,webapps,0 29945,platforms/hardware/remote/29945.txt,"D-Link DSL-G624T Var:RelaodHref Cross-Site Scripting Vulnerability",2007-05-03,"Tim Brown",hardware,remote,0 -29946,platforms/php/webapps/29946.txt,"Wordpress Orange Themes - CSRF File Upload Vulnerability",2013-12-01,"Jje Incovers",php,webapps,0 +29946,platforms/php/webapps/29946.txt,"WordPress Orange Themes - CSRF File Upload Vulnerability",2013-12-01,"Jje Incovers",php,webapps,0 30197,platforms/php/webapps/30197.txt,"WSPortal 1.0 Content.PHP SQL Injection Vulnerability",2007-06-18,"Jesper Jurcenoks",php,webapps,0 30198,platforms/asp/webapps/30198.txt,"TDizin Arama.ASP Cross-Site Scripting Vulnerability",2007-06-18,GeFORC3,asp,webapps,0 30199,platforms/cgi/webapps/30199.txt,"WebIf OutConfig Parameter Local File Include Vulnerability",2007-06-18,maiosyet,cgi,webapps,0 @@ -27100,7 +27100,7 @@ id,file,description,date,author,platform,type,port 29998,platforms/php/webapps/29998.txt,"Campsite 2.6.1 User.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29999,platforms/php/webapps/29999.txt,"Campsite 2.6.1 UserType.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30000,platforms/ios/webapps/30000.txt,"Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities",2013-12-02,Vulnerability-Lab,ios,webapps,0 -30002,platforms/php/webapps/30002.txt,"Wordpress Formcraft Plugin - SQL Injection Vulnerability",2013-12-02,"Ashiyane Digital Security Team",php,webapps,0 +30002,platforms/php/webapps/30002.txt,"WordPress Formcraft Plugin - SQL Injection Vulnerability",2013-12-02,"Ashiyane Digital Security Team",php,webapps,0 30003,platforms/php/webapps/30003.txt,"Campsite 2.6.1 implementation/management/configuration.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30004,platforms/php/webapps/30004.txt,"Campsite 2.6.1 implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30005,platforms/php/webapps/30005.txt,"Campsite 2.6.1 - LocalizerConfig.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 @@ -27134,7 +27134,7 @@ id,file,description,date,author,platform,type,port 30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 News.ASP Cross-Site Scripting Vulnerability",2007-05-24,vagrant,php,webapps,0 30082,platforms/php/webapps/30082.txt,"GNUTurk Mods.PHP Cross-Site Scripting Vulnerability",2007-05-25,vagrant,php,webapps,0 30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting Vulnerability",2013-12-06,LiquidWorm,php,webapps,0 -30084,platforms/php/webapps/30084.php,"Wordpress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 +30084,platforms/php/webapps/30084.php,"WordPress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 Index.PHP Cross-Site Scripting Vulnerability",2007-05-25,newbinaryfile,php,webapps,0 30087,platforms/php/webapps/30087.txt,"Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 30088,platforms/php/webapps/30088.txt,"Pligg 9.5 Reset Forgotten Password Security Bypass Vulnerability",2007-05-25,"242th section",php,webapps,0 @@ -27344,7 +27344,7 @@ id,file,description,date,author,platform,type,port 30440,platforms/cgi/webapps/30440.txt,"WebEvent <= 4.03 Webevent.CGI Cross-Site Scripting Vulnerability",2007-07-31,d3hydr8,cgi,webapps,0 30441,platforms/windows/remote/30441.html,"BlueSkyChat ActiveX Control 8.1.2 - Buffer Overflow Vulnerability",2007-07-31,"Code Audit Labs",windows,remote,0 30442,platforms/php/webapps/30442.txt,"WebDirector Index.PHP Cross-Site Scripting Vulnerability",2007-08-01,r0t,php,webapps,0 -30443,platforms/php/webapps/30443.txt,"Wordpress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit",2013-12-23,"Interference Security",php,webapps,80 +30443,platforms/php/webapps/30443.txt,"WordPress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit",2013-12-23,"Interference Security",php,webapps,80 30444,platforms/linux/dos/30444.txt,"KDE Konqueror <= 3.5.7 Assert Denial of Service Vulnerability",2007-03-05,"Thomas Waldegger",linux,dos,0 30445,platforms/php/webapps/30445.txt,"Joomla Tour de France Pool 1.0.1 Module mosConfig_absolute_path Remote File Include Vulnerability",2007-08-02,Yollubunlar.Org,php,webapps,0 30446,platforms/asp/webapps/30446.txt,"Hunkaray Okul Portali 1.1 Duyuruoku.ASP SQL Injection Vulnerability",2007-08-02,Yollubunlar.Org,asp,webapps,0 @@ -28312,7 +28312,7 @@ id,file,description,date,author,platform,type,port 31420,platforms/php/webapps/31420.txt,"Eventy Online Scheduler 1.8 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31421,platforms/php/webapps/31421.txt,"Booking Calendar - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31423,platforms/windows/webapps/31423.txt,"IBM Business Process Manager - User Account Reconfiguration",2014-02-05,0in,windows,webapps,0 -31424,platforms/php/webapps/31424.txt,"Wordpress Dandelion Theme - Arbitry File Upload",2014-02-05,TheBlackMonster,php,webapps,80 +31424,platforms/php/webapps/31424.txt,"WordPress Dandelion Theme - Arbitry File Upload",2014-02-05,TheBlackMonster,php,webapps,80 31425,platforms/hardware/webapps/31425.txt,"D-Link DIR-100 - Multiple Vulnerabilities",2014-02-05,"Felix Richter",hardware,webapps,80 31426,platforms/php/webapps/31426.txt,"Plogger 1.0 (RC1) - Multiple Vulnerabilities",2014-02-05,killall-9,php,webapps,80 31427,platforms/php/webapps/31427.txt,"ownCloud 6.0.0a - Multiple Vulnerabilities",2014-02-05,absane,php,webapps,80 @@ -28443,8 +28443,8 @@ id,file,description,date,author,platform,type,port 31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 - 'setup.php' Cross-Site Scripting Vulnerability",2008-03-31,ZoRLu,php,webapps,0 31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 - Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0 31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Router - CSRF Vulnerability",2014-02-11,killall-9,hardware,webapps,80 -31570,platforms/php/webapps/31570.txt,"Wordpress Frontend Upload Plugin - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 -31571,platforms/php/webapps/31571.txt,"Wordpress Buddypress Plugin 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 +31570,platforms/php/webapps/31570.txt,"WordPress Frontend Upload Plugin - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 +31571,platforms/php/webapps/31571.txt,"WordPress Buddypress Plugin 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 32215,platforms/php/webapps/32215.txt,"RMSOFT Downloads Plus (rmdp) 1.5/1.7 Module for XOOPS search.php key Parameter XSS",2008-08-09,Lostmon,php,webapps,0 32216,platforms/php/webapps/32216.txt,"RMSOFT Downloads Plus (rmdp) 1.5/1.7 Module for XOOPS down.php id Parameter XSS",2008-08-09,Lostmon,php,webapps,0 31573,platforms/ios/webapps/31573.txt,"WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities",2014-02-11,Vulnerability-Lab,ios,webapps,8880 @@ -28630,7 +28630,7 @@ id,file,description,date,author,platform,type,port 31765,platforms/hardware/webapps/31765.txt,"Barracuda Message Archiver 650 - Persistent XSS Vulnerability",2014-02-19,Vulnerability-Lab,hardware,webapps,3378 31766,platforms/windows/local/31766.rb,"Audiotran - (.PLS) Stack Buffer Overflow",2014-02-19,metasploit,windows,local,0 31767,platforms/multiple/remote/31767.rb,"MediaWiki Thumb.php - Remote Command Execution",2014-02-19,metasploit,multiple,remote,80 -31768,platforms/php/webapps/31768.txt,"Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 +31768,platforms/php/webapps/31768.txt,"WordPress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 31769,platforms/windows/remote/31769.html,"Ourgame 'GLIEDown2.dll' ActiveX Control - Remote Code Execution Vulnerability",2008-05-08,anonymous,windows,remote,0 31770,platforms/multiple/remote/31770.txt,"Oracle Application Server Portal 10g - Authentication Bypass Vulnerability",2008-05-09,"Deniz Cevik",multiple,remote,0 31771,platforms/php/webapps/31771.txt,"cPanel 11.x - scripts2/knowlegebase issue Parameter XSS",2008-05-09,"Matteo Carli",php,webapps,0 @@ -28696,7 +28696,7 @@ id,file,description,date,author,platform,type,port 31831,platforms/windows/remote/31831.py,"SolidWorks Workgroup PDM 2014 SP2 - Arbitrary File Write Vulnerability",2014-02-22,"Mohamed Shetta",windows,remote,30000 32045,platforms/php/webapps/32045.txt,"eSyndiCat 2.2 - 'register.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-10,Fugitif,php,webapps,0 31833,platforms/php/webapps/31833.txt,"ILIAS 4.4.1 - Multiple Vulnerabilities",2014-02-22,HauntIT,php,webapps,80 -31834,platforms/php/webapps/31834.txt,"Wordpress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 +31834,platforms/php/webapps/31834.txt,"WordPress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 31835,platforms/php/webapps/31835.txt,"SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-22,"Omer Singer",php,webapps,0 31836,platforms/php/webapps/31836.txt,"WordPress Upload File Plugin 'wp-uploadfile.php' - SQL Injection Vulnerability",2008-05-24,eserg.ru,php,webapps,0 31837,platforms/php/webapps/31837.txt,"DZOIC Handshakes 3.5 - 'fname' Parameter SQL Injection Vulnerability",2008-05-24,"Ali Jasbi",php,webapps,0 @@ -28849,7 +28849,7 @@ id,file,description,date,author,platform,type,port 31982,platforms/php/webapps/31982.txt,"Webuzo 2.1.3 - Multiple Vulnerabilities",2014-02-28,Mahendra,php,webapps,80 32134,platforms/php/webapps/32134.txt,"H0tturk Panel 'gizli.php' Remote File Include Vulnerability",2008-07-31,U238,php,webapps,0 31983,platforms/multiple/webapps/31983.txt,"Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities",2014-02-28,"SEC Consult",multiple,webapps,32400 -31986,platforms/php/webapps/31986.txt,"Wordpress VideoWhisper 4.27.3 - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 +31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY gefebt.exe Remote Code Execution",2014-02-28,metasploit,windows,remote,80 31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow",2014-02-28,metasploit,windows,local,0 31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 (SalesInquiry.php SortBy param) - SQL Injection Vulnerability",2014-02-28,HauntIT,php,webapps,80 @@ -29159,7 +29159,7 @@ id,file,description,date,author,platform,type,port 32325,platforms/php/webapps/32325.txt,"XRms 1.99.2 cases/some.php case_title Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32326,platforms/php/webapps/32326.txt,"XRms 1.99.2 files/some.php file_id Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32327,platforms/php/webapps/32327.txt,"XRms 1.99.2 reports/custom/mileage.php starting Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 -32329,platforms/windows/dos/32329.rb,"Gold MP4 Player 3.3 - Universal SEH Exploit (MSF)",2014-03-17,"Revin Hadi Saputra",windows,dos,0 +32329,platforms/windows/dos/32329.rb,"Gold MP4 Player 3.3 - Universal SEH Exploit (Metasploit)",2014-03-17,"Revin Hadi Saputra",windows,dos,0 32330,platforms/php/webapps/32330.txt,"OpenSupports 2.0 - Blind SQL Injection",2014-03-17,indoushka,php,webapps,0 32331,platforms/php/webapps/32331.txt,"Joomla AJAX Shoutbox <= 1.6 - Remote SQL Injection Vulnerability",2014-03-17,"Ibrahim Raafat",php,webapps,0 32333,platforms/ios/dos/32333.txt,"iOS 7 - Kernel Mode Memory Corruption",2014-03-17,"Andy Davis",ios,dos,0 @@ -29406,7 +29406,7 @@ id,file,description,date,author,platform,type,port 32618,platforms/php/remote/32618.txt,"plexusCMS 0.5 - XSS Remote Shell Exploit & Credentials Leak",2014-03-31,neglomaniac,php,remote,0 32619,platforms/ios/webapps/32619.txt,"PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,52789 32620,platforms/ios/webapps/32620.txt,"Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,8080 -32622,platforms/php/webapps/32622.txt,"Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion",2014-03-31,"Glyn Wintle",php,webapps,80 +32622,platforms/php/webapps/32622.txt,"WordPress Ajax Pagination Plugin 1.1 - Local File Inclusion",2014-03-31,"Glyn Wintle",php,webapps,80 32623,platforms/multiple/webapps/32623.txt,"EMC Cloud Tiering Appliance 10.0 - Unauthenticated XXE Arbitrary File Read",2014-03-31,"Brandon Perry",multiple,webapps,0 32624,platforms/php/webapps/32624.txt,"PHP JOBWEBSITE PRO siteadmin/forgot.php adname Parameter SQL Injection",2008-12-01,Pouya_Server,php,webapps,0 32625,platforms/php/webapps/32625.txt,"PHP JOBWEBSITE PRO siteadmin/forgot.php Multiple Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 @@ -29485,7 +29485,7 @@ id,file,description,date,author,platform,type,port 32698,platforms/php/webapps/32698.txt,"SolucionXpressPro 'main.php' SQL Injection Vulnerability",2009-01-05,Ehsan_Hp200,php,webapps,0 32699,platforms/windows/remote/32699.txt,"Google Chrome 1.0.154.36 - FTP Client PASV Port Scan Information Disclosure Vulnerability",2009-01-05,"Aditya K Sood",windows,remote,0 32700,platforms/linux/local/32700.rb,"ibstat $PATH - Privilege Escalation",2014-04-04,metasploit,linux,local,0 -32701,platforms/php/webapps/32701.txt,"Wordpress XCloner Plugin 3.1.0 - CSRF Vulnerability",2014-04-04,"High-Tech Bridge SA",php,webapps,80 +32701,platforms/php/webapps/32701.txt,"WordPress XCloner Plugin 3.1.0 - CSRF Vulnerability",2014-04-04,"High-Tech Bridge SA",php,webapps,80 32702,platforms/hardware/dos/32702.txt,"A10 Networks ACOS 2.7.0-P2(build: 53) - Buffer Overflow",2014-04-04,"Francesco Perna",hardware,dos,80 32703,platforms/ios/webapps/32703.txt,"Private Photo+Video 1.1 Pro iOS - Persistent Vulnerability",2014-04-05,Vulnerability-Lab,ios,webapps,0 32704,platforms/windows/dos/32704.pl,"MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service (DOS) Vulnerability",2014-04-05,LiquidWorm,windows,dos,0 @@ -29643,8 +29643,8 @@ id,file,description,date,author,platform,type,port 32864,platforms/java/webapps/32864.txt,"Sun Java System Communications Express 6.3 - 'UWCMain' Cross-Site Scripting Vulnerability",2009-05-20,"SCS team",java,webapps,0 32865,platforms/multiple/dos/32865.py,"WhatsApp < 2.11.7 - Remote Crash",2014-04-14,"Jaime Sánchez",multiple,dos,0 32866,platforms/ios/webapps/32866.txt,"PDF Album 1.7 iOS - File Include Web Vulnerability",2014-04-14,Vulnerability-Lab,ios,webapps,0 -32867,platforms/php/webapps/32867.txt,"Wordpress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 -32868,platforms/php/webapps/32868.txt,"Wordpress Twitget Plugin 3.3.1 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 +32867,platforms/php/webapps/32867.txt,"WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 +32868,platforms/php/webapps/32868.txt,"WordPress Twitget Plugin 3.3.1 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 32869,platforms/linux/webapps/32869.rb,"eScan Web Management Console Command Injection",2014-04-14,metasploit,linux,webapps,10080 32870,platforms/cgi/webapps/32870.txt,"AWStats <= 6.4 - 'awstats.pl' Multiple Path Disclosure Vulnerability",2009-04-19,r0t,cgi,webapps,0 32871,platforms/php/webapps/32871.txt,"ExpressionEngine 1.6 Avtaar Name HTML Injection Vulnerability",2009-03-22,"Adam Baldwin",php,webapps,0 @@ -29775,7 +29775,7 @@ id,file,description,date,author,platform,type,port 33000,platforms/php/webapps/33000.txt,"Cacti <= 0.8.7 - 'data_input.php' Cross-Site Scripting Vulnerability",2009-05-15,fgeek,php,webapps,0 33001,platforms/php/webapps/33001.ssh,"Kingsoft Webshield 1.1.0.62 - Cross-Site scripting and Remote Command Execution Vulnerability",2009-05-20,inking,php,webapps,0 33002,platforms/php/webapps/33002.txt,"Profense 2.2.20/2.4.2 Web Application Firewall Security Bypass Vulnerabilities",2009-05-20,EnableSecurity,php,webapps,0 -33003,platforms/php/webapps/33003.txt,"Wordpress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 +33003,platforms/php/webapps/33003.txt,"WordPress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 (dompdf.php read param) - Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 33005,platforms/php/webapps/33005.txt,"WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion",2014-04-24,"SEC Consult",php,webapps,80 33006,platforms/php/webapps/33006.txt,"AlienVault 4.3.1 - Unauthenticated SQL Injection",2014-04-24,"Sasha Zivojinovic",php,webapps,443 @@ -29845,7 +29845,7 @@ id,file,description,date,author,platform,type,port 33072,platforms/php/webapps/33072.txt,"Adem 0.5.1 - Local File Inclusion",2014-04-28,JIKO,php,webapps,80 33073,platforms/linux/dos/33073.c,"NTP ntpd monlist Query Reflection - Denial of Service",2014-04-28,"Danilo PC",linux,dos,123 33075,platforms/php/webapps/33075.txt,"GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection",2014-04-28,Esac,php,webapps,80 -33076,platforms/php/webapps/33076.txt,"Wordpress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities",2014-04-28,"Everett Griffiths",php,webapps,80 +33076,platforms/php/webapps/33076.txt,"WordPress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities",2014-04-28,"Everett Griffiths",php,webapps,80 33078,platforms/multiple/remote/33078.txt,"HP ProCurve Threat Management Services zl ST.1.0.090213 Module CRL Security Bypass Vulnerability",2009-06-13,anonymous,multiple,remote,0 33079,platforms/multiple/remote/33079.txt,"Oracle Weblogic Server 10.3 - 'console-help.portal' Cross-Site Scripting Vulnerability",2009-06-14,"Alexandr Polyakov",multiple,remote,0 33080,platforms/multiple/dos/33080.txt,"Oracle 11.1 Database Network Foundation Heap Memory Corruption Vulnerability",2009-06-14,"Dennis Yurichev",multiple,dos,0 @@ -30269,7 +30269,7 @@ id,file,description,date,author,platform,type,port 33553,platforms/multiple/remote/33553.txt,"Sun Java System Web Server 6.1/7.0 Digest Authentication Remote Buffer Overflow Vulnerability",2010-01-21,Intevydis,multiple,remote,0 33554,platforms/linux/remote/33554.py,"TORQUE Resource Manager 2.5.x-2.5.13 - Stack Based Buffer Overflow Stub",2014-05-28,bwall,linux,remote,0 33555,platforms/php/webapps/33555.txt,"AuraCMS 3.0 - Multiple Vulnerabilities",2014-05-28,"Mustafa ALTINKAYNAK",php,webapps,0 -33556,platforms/multiple/dos/33556.rb,"Wireshark CAPWAP Dissector - Denial of Service (msf)",2014-05-28,j0sm1,multiple,dos,5247 +33556,platforms/multiple/dos/33556.rb,"Wireshark CAPWAP Dissector - Denial of Service (Metasploit)",2014-05-28,j0sm1,multiple,dos,5247 33557,platforms/php/webapps/33557.txt,"Sharetronix 3.3 - Multiple Vulnerabilities",2014-05-28,"High-Tech Bridge SA",php,webapps,80 33558,platforms/php/webapps/33558.txt,"cPanel and WHM 11.25 - 'failurl' Parameter HTTP Response Splitting Vulnerability",2010-01-21,Trancer,php,webapps,0 33559,platforms/multiple/dos/33559.txt,"Sun Java System Web Server 7.0 Update 6 - 'admin' Server Denial of Service Vulnerability",2010-01-22,Intevydis,multiple,dos,0 @@ -30304,7 +30304,7 @@ id,file,description,date,author,platform,type,port 33607,platforms/multiple/dos/33607.html,"Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial Of Service Vulnerability",2010-02-07,"599eme Man",multiple,dos,0 33608,platforms/windows/dos/33608.html,"Apple Safari 4.0.4 - Remote Denial Of Service Vulnerability",2010-02-07,"599eme Man",windows,dos,0 33610,platforms/windows/remote/33610.py,"Easy File Management Web Server 5.3 - UserID Remote Buffer Overflow (ROP)",2014-06-01,"Julien Ahrens",windows,remote,80 -33613,platforms/php/webapps/33613.txt,"Wordpress Participants Database 1.5.4.8 - SQL Injection",2014-06-02,"Yarubo Research Team",php,webapps,80 +33613,platforms/php/webapps/33613.txt,"WordPress Participants Database 1.5.4.8 - SQL Injection",2014-06-02,"Yarubo Research Team",php,webapps,80 33614,platforms/linux/local/33614.c,"dbus-glib pam_fprintd - Local Root Exploit",2014-06-02,"Sebastian Krahmer",linux,local,0 33615,platforms/multiple/remote/33615.txt,"JDownloader 'JDExternInterface.java' Remote Code Execution Vulnerability",2010-02-08,apoc,multiple,remote,0 33616,platforms/multiple/remote/33616.txt,"Mongoose 2.8 Space String Remote File Disclosure Vulnerability",2010-02-08,"Pouya Daneshmand",multiple,remote,0 @@ -30510,7 +30510,7 @@ id,file,description,date,author,platform,type,port 33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - (zero_transact_article.php article_id POST parameter) SQL Injection Vulnerability",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 33849,platforms/windows/dos/33849.txt,"netKar PRO 1.1 - (.nkuser) File Creation NULL Pointer Denial Of Service Vulnerability",2014-06-13,"A reliable source",windows,dos,0 33850,platforms/linux/dos/33850.txt,"memcached 1.4.2 Memory Consumption Remote Denial of Service Vulnerability",2010-04-27,fallenpegasus,linux,dos,0 -33851,platforms/php/webapps/33851.txt,"Wordpress TimThumb 2.8.13 WebShot - Remote Code Execution (0day)",2014-06-24,@u0x,php,webapps,0 +33851,platforms/php/webapps/33851.txt,"WordPress TimThumb 2.8.13 WebShot - Remote Code Execution (0day)",2014-06-24,@u0x,php,webapps,0 33868,platforms/multiple/remote/33868.txt,"Apache ActiveMQ 5.2/5.3 Source Code Information Disclosure Vulnerability",2010-04-22,"Veerendra G.G",multiple,remote,0 33860,platforms/windows/dos/33860.html,"Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035)",2014-06-24,"Drozdova Liudmila",windows,dos,0 33854,platforms/php/webapps/33854.txt,"vBulletin Two-Step External Link Module 'externalredirect.php' Cross-Site Scripting Vulnerability",2010-04-20,"Edgard Chammas",php,webapps,0 @@ -30553,11 +30553,11 @@ id,file,description,date,author,platform,type,port 33893,platforms/windows/local/33893.rb,"Registry Symlink - IE Sandbox Escape (MS13-097)",2014-06-27,metasploit,windows,local,0 33894,platforms/multiple/webapps/33894.txt,"Python CGIHTTPServer Encoded Path Traversal",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 33895,platforms/cgi/webapps/33895.txt,"Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities",2014-06-27,"BGA Security",cgi,webapps,20001 -33896,platforms/php/webapps/33896.txt,"Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities",2014-06-27,dxw,php,webapps,80 +33896,platforms/php/webapps/33896.txt,"WordPress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities",2014-06-27,dxw,php,webapps,80 33897,platforms/multiple/webapps/33897.txt,"Endeca Latitude 2.2.2 - CSRF Vulnerability",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 33899,platforms/linux/local/33899.txt,"chkrootkit 0.49 - Local Root Vulnerability",2014-06-28,"Thomas Stangner",linux,local,0 33900,platforms/windows/remote/33900.pl,"Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability",2010-04-26,Madjix,windows,remote,0 -33901,platforms/windows/remote/33901.rb,"Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability (meta)",2010-04-26,blake,windows,remote,0 +33901,platforms/windows/remote/33901.rb,"Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability (Metasploit)",2010-04-26,blake,windows,remote,0 34102,platforms/linux/dos/34102.py,"ACME micro_httpd - Denial of Service",2014-07-18,"Yuval tisf Nativ",linux,dos,80 33904,platforms/linux/local/33904.txt,"check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition Exploit",2014-06-28,"Dawid Golunski",linux,local,0 33905,platforms/multiple/remote/33905.txt,"Apache ActiveMQ 5.3 - 'admin/queueBrowse' Cross-Site Scripting Vulnerability",2010-04-28,"arun kethipelly",multiple,remote,0 @@ -30635,7 +30635,7 @@ id,file,description,date,author,platform,type,port 33987,platforms/php/webapps/33987.txt,"PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-Site Scripting Vulnerability",2010-01-03,indoushka,php,webapps,0 34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0 33990,platforms/multiple/remote/33990.rb,"Gitlist Unauthenticated Remote Command Execution",2014-07-07,metasploit,multiple,remote,80 -33991,platforms/php/remote/33991.rb,"Wordpress MailPoet - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,metasploit,php,remote,80 +33991,platforms/php/remote/33991.rb,"WordPress MailPoet - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,metasploit,php,remote,80 33992,platforms/asp/webapps/33992.txt,"Platnik 8.1.1 - Multiple SQL Injection Vulnerabilities",2010-05-17,podatnik386,asp,webapps,0 33993,platforms/php/webapps/33993.txt,"Planet Script 1.x - 'idomains.php' Cross-Site Scripting Vulnerability",2010-05-14,Mr.ThieF,php,webapps,0 33994,platforms/php/webapps/33994.txt,"PonVFTP Insecure Cookie Authentication Bypass Vulnerability",2010-05-17,SkuLL-HackeR,php,webapps,0 @@ -30726,7 +30726,7 @@ id,file,description,date,author,platform,type,port 34082,platforms/php/webapps/34082.txt,"Obsession-Design Image-Gallery 1.1 - 'display.php' Cross-Site Scripting Vulnerability",2010-01-02,kaMtiEz,php,webapps,0 34083,platforms/php/webapps/34083.txt,"Western Digital My Book World Edition 1.1.16 - 'lang' Parameter Cross-Site Scripting Vulnerabilities",2009-12-30,emgent,php,webapps,0 34084,platforms/php/webapps/34084.txt,"L2Web LineWeb 1.0.5 - Multiple Input Validation Vulnerabilities",2010-01-06,"Ignacio Garrido",php,webapps,0 -34085,platforms/php/webapps/34085.txt,"Gigya Socialize Plugin 1.0/1.1.x for Wordpress - Cross-Site Scripting Vulnerability",2010-06-04,MustLive,php,webapps,0 +34085,platforms/php/webapps/34085.txt,"Gigya Socialize Plugin 1.0/1.1.x for WordPress - Cross-Site Scripting Vulnerability",2010-06-04,MustLive,php,webapps,0 34137,platforms/php/webapps/34137.txt,"Joomla! 'com_videowhisper_2wvc' Component Cross-Site Scripting Vulnerability",2010-06-10,Sid3^effects,php,webapps,0 34088,platforms/android/remote/34088.html,"Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability",2014-07-16,c0otlass,android,remote,0 34089,platforms/php/webapps/34089.txt,"Bilboplanet 2.0 - Multiple XSS Vulnerabilities",2014-07-16,"Vivek N",php,webapps,80 @@ -30756,7 +30756,7 @@ id,file,description,date,author,platform,type,port 34139,platforms/php/webapps/34139.txt,"Yamamah Photo Gallery 1.00 - 'download.php' Local File Disclosure Vulnerability",2010-06-13,mat,php,webapps,0 34140,platforms/php/webapps/34140.txt,"AneCMS 1.x - 'modules/blog/index.php' HTML Injection Vulnerability",2010-06-11,"High-Tech Bridge SA",php,webapps,0 34113,platforms/php/webapps/34113.py,"SilverStripe CMS 2.4 File Renaming Security Bypass Vulnerability",2010-06-09,"John Leitch",php,webapps,0 -34105,platforms/php/webapps/34105.txt,"Wordpress Plugin Gallery Objects 0.4 - SQL Injection",2014-07-18,"Claudio Viviani",php,webapps,80 +34105,platforms/php/webapps/34105.txt,"WordPress Plugin Gallery Objects 0.4 - SQL Injection",2014-07-18,"Claudio Viviani",php,webapps,80 34106,platforms/php/webapps/34106.txt,"cPanel 11.25 Image Manager 'target' Parameter Local File Include Vulnerability",2010-06-07,"AnTi SeCuRe",php,webapps,0 34107,platforms/php/webapps/34107.txt,"boastMachine 3.1 - 'key' Parameter Cross-Site Scripting Vulnerability",2010-06-07,"High-Tech Bridge SA",php,webapps,0 34108,platforms/java/webapps/34108.txt,"PRTG Traffic Grapher 6.2.1 - 'url' Parameter Cross-Site Scripting Vulnerability",2009-01-08,"Patrick Webster",java,webapps,0 @@ -30764,7 +30764,7 @@ id,file,description,date,author,platform,type,port 34110,platforms/php/webapps/34110.txt,"PG Auto Pro SQL Injection and Cross-Site Scripting Vulnerabilities",2010-06-09,Sid3^effects,php,webapps,0 34111,platforms/multiple/webapps/34111.txt,"GREEZLE - Global Real Estate Agent Login Multiple SQL Injection Vulnerabilities",2010-06-09,"L0rd CrusAd3r",multiple,webapps,0 34339,platforms/php/webapps/34339.txt,"Pligg 1.0.4 - 'search.php' Cross-Site Scripting Vulnerability",2010-07-15,"High-Tech Bridge SA",php,webapps,0 -34124,platforms/php/webapps/34124.txt,"Wordpress WP BackupPlus - Database And Files Backup Download (0day)",2014-07-20,pSyCh0_3D,php,webapps,0 +34124,platforms/php/webapps/34124.txt,"WordPress WP BackupPlus - Database And Files Backup Download (0day)",2014-07-20,pSyCh0_3D,php,webapps,0 34130,platforms/linux/webapps/34130.rb,"Raritan PowerIQ 4.1.0 - SQL Injection Vulnerability",2014-07-21,"Brandon Perry",linux,webapps,80 34126,platforms/windows/remote/34126.txt,"Microsoft Help and Support Center 'sysinfo/sysinfomain.htm' Cross-Site Scripting Weakness",2010-06-10,"Tavis Ormandy",windows,remote,0 34127,platforms/php/webapps/34127.txt,"Arab Portal 2.2 - 'members.php' SQL Injection Vulnerability",2010-06-10,SwEET-DeViL,php,webapps,0 @@ -30774,7 +30774,7 @@ id,file,description,date,author,platform,type,port 34132,platforms/php/remote/34132.txt,"IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities",2014-07-21,"Alejandro Alvarez Bravo",php,remote,443 34133,platforms/linux/dos/34133.txt,"Apache 2.4.7 mod_status Scoreboard Handling Race Condition",2014-07-21,"Marek Kroemeke",linux,dos,0 34134,platforms/lin_amd64/local/34134.c,"Linux Kernel - ptrace/sysret - Local Privilege Escalation",2014-07-21,"Vitaly Nikolenko",lin_amd64,local,0 -34161,platforms/php/webapps/34161.txt,"Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",php,webapps,80 +34161,platforms/php/webapps/34161.txt,"WordPress Video Gallery Plugin 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",php,webapps,80 34135,platforms/windows/dos/34135.py,"DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation",2014-07-22,drone,windows,dos,0 34149,platforms/hardware/webapps/34149.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure Vulnerability",2014-07-23,"Dolev Farhi",hardware,webapps,0 34158,platforms/windows/dos/34158.txt,"Chrome Engine 4 - Denial Of Service Vulnerability",2010-06-17,"Luigi Auriemma",windows,dos,0 @@ -30857,7 +30857,7 @@ id,file,description,date,author,platform,type,port 34239,platforms/php/webapps/34239.txt,"Status2k Server Monitoring Software - Multiple Vulnerabilities",2014-08-02,"Shayan S",php,webapps,80 34240,platforms/ios/webapps/34240.txt,"TigerCom iFolder+ 1.2 iOS - Multiple Vulnerabilities",2014-08-02,Vulnerability-Lab,ios,webapps,8080 34241,platforms/linux/webapps/34241.txt,"ISPConfig 3.0.54p1 - Authenticated Admin Local Root Vulnerability",2014-08-02,mra,linux,webapps,8080 -34336,platforms/php/webapps/34336.html,"Disqus for Wordpress 2.7.5 - Admin Stored CSRF and XSS",2014-08-14,"Nik Cubrilovic",php,webapps,80 +34336,platforms/php/webapps/34336.html,"Disqus for WordPress 2.7.5 - Admin Stored CSRF and XSS",2014-08-14,"Nik Cubrilovic",php,webapps,80 34337,platforms/php/webapps/34337.txt,"Gekko Web Builder 9.0 - 'index.php' Cross-Site Scripting Vulnerability",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34338,platforms/php/webapps/34338.html,"Pixie 1.0.4 HTML Injection and Cross-Site Scripting Vulnerabilities",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34243,platforms/ios/webapps/34243.txt,"Photo WiFi Transfer 1.01 - Directory Traversal Vulnerability",2014-08-02,Vulnerability-Lab,ios,webapps,8080 @@ -31109,7 +31109,7 @@ id,file,description,date,author,platform,type,port 34521,platforms/linux/dos/34521.txt,"Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial Of Service Vulnerability",2010-08-20,"Shane Bester",linux,dos,0 34522,platforms/linux/dos/34522.txt,"Oracle MySQL < 5.1.49 - 'DDL' Statements Denial Of Service Vulnerability",2010-07-09,"Elena Stepanova",linux,dos,0 34523,platforms/multiple/remote/34523.txt,"Nagios XI 'users.php' SQL Injection Vulnerability",2010-08-24,"Adam Baldwin",multiple,remote,0 -34524,platforms/php/webapps/34524.txt,"Wordpress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 +34524,platforms/php/webapps/34524.txt,"WordPress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Stored XSS (Python Exploit)",2014-09-02,"Dolev Farhi",multiple,webapps,0 34637,platforms/php/webapps/34637.txt,"Joomla Spider Form Maker <= 3.4 - SQLInjection",2014-09-12,"Claudio Viviani",php,webapps,0 34532,platforms/windows/remote/34532.c,"Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Execution Vulnerability",2010-08-25,storm,windows,remote,0 @@ -31121,7 +31121,7 @@ id,file,description,date,author,platform,type,port 34535,platforms/php/webapps/34535.txt,"Valarsoft WebMatic 3.0.5 - Multiple HTML Injection Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 34536,platforms/php/webapps/34536.txt,"CompuCMS - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 34537,platforms/linux/local/34537.txt,"EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation Weaknesses",2010-08-26,"Micha Riser",linux,local,0 -34538,platforms/php/webapps/34538.txt,"Wordpress Plugins Premium Gallery Manager - Unauthenticated Configuration Access Vulnerability",2014-09-05,Hannaichi,php,webapps,80 +34538,platforms/php/webapps/34538.txt,"WordPress Plugins Premium Gallery Manager - Unauthenticated Configuration Access Vulnerability",2014-09-05,Hannaichi,php,webapps,80 34539,platforms/php/webapps/34539.txt,"MyBB User Social Networks Plugin 1.2 - Stored XSS",2014-09-05,"Fikri Fadzil",php,webapps,80 34540,platforms/windows/dos/34540.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit",2014-09-05,"Robert Kugler",windows,dos,0 34541,platforms/php/webapps/34541.txt,"WebsiteKit Gbplus Name and Body Fields HTML Injection Vulnerabilities",2010-08-29,MiND,php,webapps,0 @@ -31136,7 +31136,7 @@ id,file,description,date,author,platform,type,port 34550,platforms/php/webapps/34550.txt,"Datemill search.php st Parameter XSS",2009-09-10,Moudi,php,webapps,0 34551,platforms/php/webapps/34551.txt,"IP Board 3.x - CSRF Token hjiacking",2014-09-07,"Piotr S.",php,webapps,0 34552,platforms/php/webapps/34552.txt,"LoadedCommerce7 - Systemic Query Factory Vulnerability",2014-09-07,Breaking.Technology,php,webapps,0 -34553,platforms/php/webapps/34553.txt,"Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability",2014-09-07,Att4ck3r.ir,php,webapps,0 +34553,platforms/php/webapps/34553.txt,"WordPress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability",2014-09-07,Att4ck3r.ir,php,webapps,0 34555,platforms/php/webapps/34555.txt,"PhpOnlineChat 3.0 - XSS",2014-09-07,"N0 Feel",php,webapps,0 34604,platforms/php/webapps/34604.php,"BlueCMS 1.6 - 'X-Forwarded-For' Header SQL Injection Vulnerability",2010-09-06,cnryan,php,webapps,0 34558,platforms/php/webapps/34558.txt,"Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities",2010-09-01,"High-Tech Bridge SA",php,webapps,0 @@ -31150,7 +31150,7 @@ id,file,description,date,author,platform,type,port 34578,platforms/php/webapps/34578.txt,"WordPress Acento Theme (view-pdf.php file param) - Arbitrary File Download",2014-09-08,alieye,php,webapps,80 34581,platforms/php/webapps/34581.txt,"Zen Cart 1.5.3 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34571,platforms/php/webapps/34571.py,"Joomla Spider Calendar <= 3.2.6 - SQL Injection",2014-09-08,"Claudio Viviani",php,webapps,0 -34572,platforms/php/webapps/34572.txt,"Wordpress Bulk Delete Users by Email Plugin 1.0 - CSRF",2014-09-08,"Fikri Fadzil",php,webapps,0 +34572,platforms/php/webapps/34572.txt,"WordPress Bulk Delete Users by Email Plugin 1.0 - CSRF",2014-09-08,"Fikri Fadzil",php,webapps,0 34580,platforms/php/webapps/34580.txt,"phpMyFAQ 2.8.X - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34579,platforms/php/webapps/34579.txt,"vBulletin 5.1.X - Persistent Cross-Site Scripting",2014-09-08,smash,php,webapps,80 34924,platforms/windows/webapps/34924.txt,"BMC Track-It! - Multiple Vulnerabilities",2014-10-09,"Pedro Ribeiro",windows,webapps,0 @@ -31161,7 +31161,7 @@ id,file,description,date,author,platform,type,port 34586,platforms/php/webapps/34586.txt,"Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities",2014-09-08,"Eldar Marcussen",php,webapps,80 34587,platforms/multiple/webapps/34587.txt,"Jenkins 1.578 - Multiple Vulnerabilities",2014-09-08,JoeV,multiple,webapps,8090 34588,platforms/aix/dos/34588.txt,"PHP Stock Management System 1.02 - Multiple Vulnerabilty",2014-09-09,jsass,aix,dos,0 -34589,platforms/php/webapps/34589.txt,"Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities",2014-09-09,"Fikri Fadzil",php,webapps,0 +34589,platforms/php/webapps/34589.txt,"WordPress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities",2014-09-09,"Fikri Fadzil",php,webapps,0 34592,platforms/linux/shellcode/34592.c,"Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash",2014-09-09,"Ali Razmjoo",linux,shellcode,0 34593,platforms/php/webapps/34593.txt,"Parallels Plesk Sitebuilder 9.5 - Multiple Vulnerabilities",2014-09-09,alieye,php,webapps,0 34595,platforms/linux/remote/34595.py,"ALCASAR 2.8 - Remote Root Code Execution Vulnerability",2014-09-09,eF,linux,remote,80 @@ -31248,7 +31248,7 @@ id,file,description,date,author,platform,type,port 34678,platforms/php/webapps/34678.txt,"WebStatCaffe stat/pageviewerschart.php date Parameter XSS",2009-08-29,Moudi,php,webapps,0 34679,platforms/php/webapps/34679.txt,"WebStatCaffe stat/referer.php date Parameter XSS",2009-08-29,Moudi,php,webapps,0 34680,platforms/hardware/webapps/34680.txt,"ZTE ZXDSL-931VII - Unauthenticated Configuration Dump",2014-09-16,"L0ukanik0-s S0kniaku0l",hardware,webapps,0 -34681,platforms/php/webapps/34681.txt,"Wordpress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit)",2014-09-16,"Claudio Viviani",php,webapps,0 +34681,platforms/php/webapps/34681.txt,"WordPress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit)",2014-09-16,"Claudio Viviani",php,webapps,0 34682,platforms/ios/webapps/34682.txt,"USB&WiFi Flash Drive 1.3 iOS - Code Execution Vulnerability",2014-09-16,Vulnerability-Lab,ios,webapps,8080 34685,platforms/windows/remote/34685.py,"Basic Web Server 1.0 - Directory Traversal and Denial of Service Vulnerabilities",2010-09-19,"John Leitch",windows,remote,0 34686,platforms/windows/remote/34686.txt,"YelloSoft Pinky 1.0 - Directory Traversal Vulnerability",2010-09-16,"John Leitch",windows,remote,0 @@ -31325,7 +31325,7 @@ id,file,description,date,author,platform,type,port 34759,platforms/php/webapps/34759.txt,"Glype 1.4.9 - Local Address Filter Bypass",2014-09-24,Securify,php,webapps,80 34760,platforms/php/webapps/34760.txt,"Restaurant Script (PizzaInn Project) - Stored XSS",2014-09-24,"Kenneth F. Belva",php,webapps,80 34761,platforms/php/webapps/34761.txt,"webEdition 6.3.8.0 (SVN-Revision: 6985) - Path Traversal",2014-09-24,"High-Tech Bridge SA",php,webapps,80 -34762,platforms/php/webapps/34762.txt,"Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 +34762,platforms/php/webapps/34762.txt,"WordPress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 34763,platforms/php/webapps/34763.txt,"OsClass 3.4.1 (index.php file param) - Local File Inclusion",2014-09-25,Netsparker,php,webapps,80 34764,platforms/php/webapps/34764.txt,"Cart Engine 3.0 - Multiple Vulnerabilities",2014-09-25,"Quantum Leap",php,webapps,80 34765,platforms/linux/remote/34765.txt,"GNU Bash - Environment Variable Command Injection (ShellShock)",2014-09-25,"Stephane Chazelas",linux,remote,0 @@ -31340,7 +31340,7 @@ id,file,description,date,author,platform,type,port 34774,platforms/php/webapps/34774.txt,"Hotscripts Type PHP Clone Script feedback.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 34775,platforms/php/webapps/34775.txt,"Hotscripts Type PHP Clone Script index.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 34776,platforms/php/webapps/34776.txt,"Hotscripts Type PHP Clone Script lostpassword.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 -34777,platforms/cgi/remote/34777.rb,"GNU bash Environment Variable Command Injection (MSF)",2014-09-25,"Shaun Colley",cgi,remote,0 +34777,platforms/cgi/remote/34777.rb,"GNU bash Environment Variable Command Injection (Metasploit)",2014-09-25,"Shaun Colley",cgi,remote,0 34778,platforms/lin_x86/shellcode/34778.c,"Linux/x86 - Add map in /etc/hosts file",2014-09-25,"Javier Tejedor",lin_x86,shellcode,0 34779,platforms/hardware/webapps/34779.pl,"Nucom ADSL ADSLR5000UN ISP Credentials Disclosure",2014-09-25,"Sebastián Magof",hardware,webapps,80 34783,platforms/php/webapps/34783.txt,"Scriptsez Ultimate Poll 'demo_page.php' Cross-Site Scripting Vulnerability",2009-07-16,Moudi,php,webapps,0 @@ -31359,7 +31359,7 @@ id,file,description,date,author,platform,type,port 34796,platforms/multiple/remote/34796.txt,"Oracle MySQL < 5.1.50 - Privilege Escalation Vulnerability",2010-08-03,"Libing Song",multiple,remote,0 34797,platforms/php/webapps/34797.txt,"SurgeMail SurgeWeb 4.3e Cross-Site Scripting Vulnerability",2010-10-04,"Kerem Kocaer",php,webapps,0 34782,platforms/php/webapps/34782.txt,"NetArt Media Car Portal 2.0 - 'car' Parameter SQL Injection Vulnerability",2010-09-27,RoAd_KiLlEr,php,webapps,0 -34781,platforms/php/webapps/34781.txt,"Wordpress All In One WP Security Plugin 3.8.2 - SQL Injection",2014-09-25,"High-Tech Bridge SA",php,webapps,80 +34781,platforms/php/webapps/34781.txt,"WordPress All In One WP Security Plugin 3.8.2 - SQL Injection",2014-09-25,"High-Tech Bridge SA",php,webapps,80 34798,platforms/php/webapps/34798.txt,"ITS SCADA Username - SQL Injection Vulnerability",2010-10-04,"Eugene Salov",php,webapps,0 34816,platforms/ios/webapps/34816.txt,"GS Foto Uebertraeger 3.0 iOS - File Include Vulnerability",2014-09-29,Vulnerability-Lab,ios,webapps,0 34800,platforms/php/webapps/34800.txt,"Typo3 JobControl 2.14.0 - Cross-Site Scripting / SQL Injection",2014-09-27,"Adler Freiheit",php,webapps,0 @@ -31404,7 +31404,7 @@ id,file,description,date,author,platform,type,port 34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 (joblogs.php jobid param) - SQL Injection",2014-10-02,wishnusakti,php,webapps,80 34852,platforms/windows/webapps/34852.txt,"Rejetto HTTP File Server (HFS) 2.3a_ 2.3b_ 2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",windows,webapps,80 34853,platforms/windows/remote/34853.c,"PowerDVD 5.0.1107 - 'trigger.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-10-19,"Inj3cti0n P4ck3t",windows,remote,0 -34854,platforms/php/webapps/34854.txt,"All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability",2014-10-02,Vulnerability-Lab,php,webapps,80 +34854,platforms/php/webapps/34854.txt,"All In One WordPress Firewall 3.8.3 - Persistent XSS Vulnerability",2014-10-02,Vulnerability-Lab,php,webapps,80 34855,platforms/windows/dos/34855.pl,"ALPHA Player 2.4 - (.bmp) Buffer Overflow Vulnerability",2010-10-19,anT!-Tr0J4n,windows,dos,0 34856,platforms/windows/remote/34856.py,"Kolibri Webserver 2.0 - Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass",2014-10-02,tekwizz123,windows,remote,80 34857,platforms/windows/dos/34857.txt,"TeamSpeak Client 3.0.14 - Buffer Overflow Vulnerability",2014-10-02,"SpyEye and Christian Galeon",windows,dos,0 @@ -31443,7 +31443,7 @@ id,file,description,date,author,platform,type,port 34892,platforms/php/webapps/34892.txt,"pecio CMS 2.0.5 - 'target' Parameter Cross-Site Scripting Vulnerability",2010-10-21,"Antu Sanadi",php,webapps,0 34893,platforms/php/webapps/34893.txt,"PHP Scripts Now Multiple Products bios.php rank Parameter XSS",2009-07-20,"599eme Man",php,webapps,0 34894,platforms/php/webapps/34894.txt,"PHP Scripts Now Multiple Products bios.php rank Parameter SQL Injection",2009-07-20,"599eme Man",php,webapps,0 -34895,platforms/cgi/webapps/34895.rb,"Bash - CGI RCE (MSF) Shellshock Exploit",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0 +34895,platforms/cgi/webapps/34895.rb,"Bash - CGI RCE (Metasploit) Shellshock Exploit",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0 34896,platforms/linux/remote/34896.py,"Postfix SMTP - Shellshock Exploit",2014-10-06,"Phil Blank",linux,remote,0 34922,platforms/php/webapps/34922.txt,"Creative Contact Form - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",php,webapps,0 35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injection Vulnerabilities",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31469,7 +31469,7 @@ id,file,description,date,author,platform,type,port 34919,platforms/php/webapps/34919.txt,"SkyBlueCanvas 1.1 r237 - 'admin.php' Directory Traversal Vulnerability",2009-07-16,MaXe,php,webapps,0 34920,platforms/asp/webapps/34920.txt,"HttpCombiner ASP.NET - Remote File Disclosure Vulnerability",2014-10-07,"Le Ngoc Son",asp,webapps,0 34921,platforms/windows/local/34921.pl,"Asx to Mp3 2.7.5 - Stack Overflow",2014-10-07,"Amir Tavakolian",windows,local,0 -34925,platforms/php/remote/34925.rb,"Wordpress InfusionSoft Plugin - Upload Vulnerability",2014-10-09,metasploit,php,remote,80 +34925,platforms/php/remote/34925.rb,"WordPress InfusionSoft Plugin - Upload Vulnerability",2014-10-09,metasploit,php,remote,80 34926,platforms/windows/remote/34926.rb,"Rejetto HttpFileServer Remote Command Execution",2014-10-09,metasploit,windows,remote,80 34927,platforms/unix/remote/34927.rb,"F5 iControl Remote Root Command Execution",2014-10-09,metasploit,unix,remote,443 34928,platforms/jsp/webapps/34928.txt,"DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities",2014-10-09,"Digital Misfits",jsp,webapps,0 @@ -31586,7 +31586,7 @@ id,file,description,date,author,platform,type,port 35566,platforms/php/webapps/35566.txt,"Yaws-Wiki 1.88-1 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2011-04-04,"Michael Brooks",php,webapps,0 35055,platforms/windows/remote/35055.py,"Windows OLE - Remote Code Execution _Sandworm_ Exploit (MS14-060)",2014-10-25,"Mike Czumak",windows,remote,0 35056,platforms/hardware/webapps/35056.txt,"Dell EqualLogic Storage - Directory Traversal",2014-10-25,"XLabs Security",hardware,webapps,0 -35057,platforms/php/webapps/35057.py,"Creative Contact Form (Wordpress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability",2014-10-25,"Claudio Viviani",php,webapps,0 +35057,platforms/php/webapps/35057.py,"Creative Contact Form (WordPress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability",2014-10-25,"Claudio Viviani",php,webapps,0 35058,platforms/bsd/dos/35058.c,"OpenBSD <= 5.5 - Local Kernel Panic",2014-10-25,nitr0us,bsd,dos,0 35059,platforms/ios/webapps/35059.txt,"File Manager 4.2.10 iOS - Code Execution Vulnerability",2014-10-25,Vulnerability-Lab,ios,webapps,0 35127,platforms/jsp/webapps/35127.txt,"Progress OpenEdge 11.2 - Directory Traversal",2014-10-31,"XLabs Security",jsp,webapps,9090 @@ -31603,7 +31603,7 @@ id,file,description,date,author,platform,type,port 35070,platforms/hardware/remote/35070.txt,"pfSense status_graph.php if Parameter XSS",2010-11-08,"dave b",hardware,remote,0 35071,platforms/hardware/remote/35071.txt,"pfSense interfaces.php if Parameter XSS",2010-11-08,"dave b",hardware,remote,0 35072,platforms/php/webapps/35072.txt,"Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam Multiple Vulnerabilities",2010-12-08,"Justin Klein Keane",php,webapps,0 -35073,platforms/php/webapps/35073.txt,"Wordpress CP Multi View Event Calendar 1.01 - SQL Injection",2014-10-27,"Claudio Viviani",php,webapps,80 +35073,platforms/php/webapps/35073.txt,"WordPress CP Multi View Event Calendar 1.01 - SQL Injection",2014-10-27,"Claudio Viviani",php,webapps,80 35074,platforms/windows/local/35074.py,"Free WMA MP3 Converter 1.8 - (.wav) Buffer Overflow",2014-10-27,metacom,windows,local,0 35075,platforms/hardware/webapps/35075.txt,"CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities",2014-10-27,LiquidWorm,hardware,webapps,0 35076,platforms/multiple/webapps/35076.py,"HP Operations Agent Remote XSS iFrame Injection",2014-10-27,"Matt Schmidt",multiple,webapps,383 @@ -31669,7 +31669,7 @@ id,file,description,date,author,platform,type,port 35136,platforms/php/webapps/35136.txt,"WordPress Accept Signups Plugin 0.1 - 'email' Parameter Cross-Site Scripting Vulnerability",2010-12-22,clshack,php,webapps,0 35137,platforms/php/webapps/35137.txt,"Social Share 'vote.php' HTTP Response Splitting Vulnerability",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0 35138,platforms/php/webapps/35138.txt,"Esotalk CMS 1.0.0g4 - XSS Vulnerability",2014-11-02,evi1m0,php,webapps,0 -35212,platforms/php/webapps/35212.txt,"XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities",2014-11-10,"Larry W. Cashdollar",php,webapps,80 +35212,platforms/php/webapps/35212.txt,"XCloner WordPress/Joomla! Plugin - Multiple Vulnerabilities",2014-11-10,"Larry W. Cashdollar",php,webapps,80 35140,platforms/php/webapps/35140.txt,"MyBB 1.6 - search.php keywords Parameter SQL Injection",2010-12-23,"Aung Khant",php,webapps,0 35141,platforms/php/webapps/35141.txt,"MyBB 1.6 - private.php keywords Parameter SQL Injection",2010-12-23,"Aung Khant",php,webapps,0 35142,platforms/php/webapps/35142.txt,"Social Share 'search' Parameter Cross-Site Scripting Vulnerability",2010-12-23,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31725,9 +31725,9 @@ id,file,description,date,author,platform,type,port 35202,platforms/windows/dos/35202.py,"Microsoft Internet Explorer 11 - Denial Of Service",2014-11-10,"Behrooz Abbassi",windows,dos,0 35203,platforms/hardware/webapps/35203.txt,"ZTE ZXDSL 831CII - Insecure Direct Object Reference",2014-11-10,"Paulos Yibelo",hardware,webapps,0 35205,platforms/linux/shellcode/35205.txt,"Position independent & Alphanumeric 64-bit execve(_/bin/sh\0__NULL_NULL); (87 bytes)",2014-11-10,Breaking.Technology,linux,shellcode,0 -35204,platforms/php/webapps/35204.txt,"Another Wordpress Classifieds Plugin - SQL Injection",2014-11-10,dill,php,webapps,0 +35204,platforms/php/webapps/35204.txt,"Another WordPress Classifieds Plugin - SQL Injection",2014-11-10,dill,php,webapps,0 35206,platforms/php/webapps/35206.txt,"PHP-Fusion 7.02.07 - SQL Injection",2014-11-10,"XLabs Security",php,webapps,0 -35313,platforms/php/webapps/35313.txt,"Wordpress SP Client Document Manager Plugin 2.4.1 - SQL Injection",2014-11-21,"ITAS Team",php,webapps,80 +35313,platforms/php/webapps/35313.txt,"WordPress SP Client Document Manager Plugin 2.4.1 - SQL Injection",2014-11-21,"ITAS Team",php,webapps,80 35208,platforms/hardware/webapps/35208.txt,"Barracuda - Multiple Anauthentificated Logfile Download",2014-11-10,4CKnowLedge,hardware,webapps,0 35292,platforms/php/webapps/35292.html,"vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-30,MaXe,php,webapps,0 35291,platforms/php/webapps/35291.txt,"Vanilla Forums 2.0.16 - 'Target' Parameter Cross-Site Scripting Vulnerability",2011-01-27,"YGN Ethical Hacker Group",php,webapps,0 @@ -31749,7 +31749,7 @@ id,file,description,date,author,platform,type,port 35227,platforms/php/webapps/35227.txt,"Alguest 1.1c-patched 'elimina' Parameter SQL Injection Vulnerability",2011-01-14,"Aliaksandr Hartsuyeu",php,webapps,0 35228,platforms/php/webapps/35228.txt,"CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-15,NLSecurity,php,webapps,0 35229,platforms/windows/remote/35229.html,"Microsoft Internet Explorer <= 11 - OLE Automation Array Remote Code Execution (1)",2014-11-13,yuange,windows,remote,0 -35230,platforms/windows/remote/35230.rb,"Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF)",2014-11-13,"Wesley Neelen & Rik van Duijn",windows,remote,0 +35230,platforms/windows/remote/35230.rb,"Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (Metasploit)",2014-11-13,"Wesley Neelen & Rik van Duijn",windows,remote,0 35231,platforms/php/webapps/35231.txt,"Advanced Webhost Billing System 2.9.2 - 'oid' Parameter SQL Injection Vulnerability",2011-01-16,ShivX,php,webapps,0 35232,platforms/linux/remote/35232.txt,"Pango Font Parsing 'pangoft2-render.c' Heap Corruption Vulnerability",2011-01-18,"Dan Rosenberg",linux,remote,0 35233,platforms/multiple/webapps/35233.txt,"B-Cumulus 'tagcloud' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-01-18,MustLive,multiple,webapps,0 @@ -31829,7 +31829,7 @@ id,file,description,date,author,platform,type,port 35381,platforms/php/webapps/35381.txt,"xEpan 1.0.1 - CSRF Vulnerability",2014-11-26,"High-Tech Bridge SA",php,webapps,80 35322,platforms/windows/local/35322.txt,"Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation",2014-11-22,LiquidWorm,windows,local,0 35323,platforms/php/webapps/35323.md,"MyBB <= 1.8.2 - unset_globals() Function Bypass and Remote Code Execution Vulnerability",2014-11-22,"Taoguang Chen",php,webapps,0 -35324,platforms/php/webapps/35324.txt,"Wordpress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 +35324,platforms/php/webapps/35324.txt,"WordPress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 35325,platforms/hardware/webapps/35325.txt,"Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 35326,platforms/windows/dos/35326.cpp,"Microsoft Windows - Win32k.sys Denial of Service",2014-11-22,Kedamsky,windows,dos,0 35380,platforms/php/remote/35380.rb,"Pandora Fms SQLi Remote Code Execution",2014-11-26,metasploit,php,remote,80 @@ -31846,8 +31846,8 @@ id,file,description,date,author,platform,type,port 35337,platforms/php/webapps/35337.txt,"TaskFreak 0.6.4 print_list.php Multiple Parameter XSS",2011-02-12,LiquidWorm,php,webapps,0 35338,platforms/php/webapps/35338.txt,"TaskFreak 0.6.4 rss.php HTTP Referer Header XSS",2011-02-12,LiquidWorm,php,webapps,0 35339,platforms/multiple/dos/35339.txt,"JourneyMap 5.0.0RC2 Ultimate Edition - DoS (Resource Consumption)",2014-11-24,CovertCodes,multiple,dos,0 -35340,platforms/php/webapps/35340.txt,"Wordpress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability",2014-11-24,"Claudio Viviani",php,webapps,0 -35341,platforms/php/webapps/35341.py,"Wordpress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability",2014-11-24,"Claudio Viviani",php,webapps,0 +35340,platforms/php/webapps/35340.txt,"WordPress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability",2014-11-24,"Claudio Viviani",php,webapps,0 +35341,platforms/php/webapps/35341.py,"WordPress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability",2014-11-24,"Claudio Viviani",php,webapps,0 35342,platforms/aix/dos/35342.txt,"RobotStats 1.0 - HTML Injection Vulnerability",2014-11-24,"ZoRLu Bugrahan",aix,dos,0 35343,platforms/php/webapps/35343.txt,"Smarty Template Engine <= 2.6.9 - '$smarty.template' PHP Code Injection Vulnerability",2011-02-09,jonieske,php,webapps,0 35344,platforms/php/webapps/35344.txt,"RobotStats 1.0 - (robot param) SQL Injection Vulnerability",2014-11-24,"ZoRLu Bugrahan",php,webapps,0 @@ -31875,19 +31875,19 @@ id,file,description,date,author,platform,type,port 35367,platforms/php/webapps/35367.txt,"crea8social 1.3 - Stored XSS Vulnerability",2014-11-25,"Halil Dalabasmaz",php,webapps,80 35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 Malformed Packet NULL Pointer Dereference Remote Denial Of Service Vulnerability",2011-02-22,"Luigi Auriemma",multiple,dos,0 35370,platforms/linux/local/35370.c,"Linux Kernel - libfutex - Local Root for RHEL/CentOS 7.0.1406",2014-11-25,"Kaiqu Chen",linux,local,0 -35371,platforms/php/webapps/35371.txt,"Wordpress Google Document Embedder 2.5.14 - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 +35371,platforms/php/webapps/35371.txt,"WordPress Google Document Embedder 2.5.14 - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 35372,platforms/hardware/webapps/35372.rb,"Arris VAP2500 - Authentication Bypass",2014-11-25,HeadlessZeke,hardware,webapps,80 35373,platforms/php/webapps/35373.txt,"WordPress GD Star Rating Plugin 1.9.7 - 'wpfn' Parameter Cross-Site Scripting Vulnerability",2011-02-22,"High-Tech Bridge SA",php,webapps,0 35374,platforms/php/webapps/35374.txt,"IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting Vulnerability",2011-02-22,andrew,php,webapps,0 35375,platforms/php/webapps/35375.txt,"Vanilla Forums 2.0.17.x - 'p' Parameter Cross-Site Scripting Vulnerability",2011-02-22,"Aung Khant",php,webapps,0 35376,platforms/php/webapps/35376.txt,"mySeatXT 0.164 - 'lang' Parameter Local File Include Vulnerability",2011-02-16,"AutoSec Tools",php,webapps,0 35377,platforms/windows/local/35377.rb,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - (.wax) SEH Buffer Overflow",2014-11-26,"Muhamad Fadzil Ramli",windows,local,0 -35378,platforms/php/webapps/35378.txt,"Wordpress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 +35378,platforms/php/webapps/35378.txt,"WordPress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 35379,platforms/windows/dos/35379.go,"Elipse E3 - HTTP Denial of Service",2014-11-26,firebitsbr,windows,dos,80 35382,platforms/android/dos/35382.txt,"Android WAPPushManager - SQL Injection",2014-11-26,"Baidu X-Team",android,dos,0 35383,platforms/cgi/webapps/35383.rb,"Device42 WAN Emulator 2.3 Traceroute Command Injection",2014-11-26,"Brandon Perry",cgi,webapps,80 35384,platforms/cgi/webapps/35384.rb,"Device42 WAN Emulator 2.3 Ping Command Injection",2014-11-26,"Brandon Perry",cgi,webapps,80 -35385,platforms/php/webapps/35385.pl,"Wordpress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit",2014-11-26,"Simo Ben Youssef",php,webapps,80 +35385,platforms/php/webapps/35385.pl,"WordPress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit",2014-11-26,"Simo Ben Youssef",php,webapps,80 35386,platforms/linux/remote/35386.txt,"Logwatch Log File - Special Characters Local Privilege Escalation Vulnerability",2011-02-24,"Dominik George",linux,remote,0 35387,platforms/php/webapps/35387.txt,"phpShop 0.8.1 - 'page' Parameter Cross-Site Scripting Vulnerability",2011-02-25,"Aung Khant",php,webapps,0 35395,platforms/windows/local/35395.txt,"CCH Wolters Kluwer PFX Engagement <= 7.1 - Local Privilege Escalation",2014-11-28,"Information Paradox",windows,local,0 @@ -31913,7 +31913,7 @@ id,file,description,date,author,platform,type,port 35411,platforms/asp/webapps/35411.txt,"Kodak InSite 5.5.2 Troubleshooting/DiagnosticReport.asp HeaderWarning Parameter XSS",2011-03-07,Dionach,asp,webapps,0 35412,platforms/asp/webapps/35412.txt,"Kodak InSite 5.5.2 Pages/login.aspx Language Parameter XSS",2011-03-07,Dionach,asp,webapps,0 35413,platforms/php/dos/35413.php,"WordPress <= 4.0 - Denial of Service Exploit",2014-12-01,SECURELI.com,php,dos,80 -35414,platforms/php/dos/35414.txt,"Wordpress < 4.0.1 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 +35414,platforms/php/dos/35414.txt,"WordPress < 4.0.1 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 35415,platforms/php/dos/35415.txt,"Drupal < 7.34 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 35416,platforms/php/webapps/35416.txt,"Interleave 5.5.0.2 - 'basicstats.php' Multiple Cross-Site Scripting Vulnerabilities",2011-03-03,"AutoSec Tools",php,webapps,0 35417,platforms/php/webapps/35417.php,"WS Interactive Automne 4.1 - 'admin/upload-controler.php' Remote Arbitrary File Upload Vulnerability",2011-03-08,"AutoSec Tools",php,webapps,0 @@ -31937,7 +31937,7 @@ id,file,description,date,author,platform,type,port 35436,platforms/php/webapps/35436.txt,"Xinha 0.96 - 'spell-check-savedicts.php' Multiple HTML Injection Vulnerabilities",2011-03-10,"John Leitch",php,webapps,0 35437,platforms/multiple/dos/35437.pl,"Air Contacts Lite HTTP Packet Denial Of Service Vulnerability",2011-02-09,"Rodrigo Escobar",multiple,dos,0 35438,platforms/cgi/webapps/35438.txt,"CosmoShop 10.05.00 - Multiple Cross-Site Scripting and SQL Injection Vulnerabilities",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0 -35439,platforms/php/webapps/35439.txt,"Wordpress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability",2014-12-02,"Kacper Szurek",php,webapps,80 +35439,platforms/php/webapps/35439.txt,"WordPress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability",2014-12-02,"Kacper Szurek",php,webapps,80 35440,platforms/osx/local/35440.rb,"Mac OS X - IOKit Keyboard Driver Root Privilege Escalation",2014-12-02,metasploit,osx,local,0 35441,platforms/multiple/remote/35441.rb,"Tincd Post-Authentication Remote TCP Stack Buffer Overflow",2014-12-02,metasploit,multiple,remote,655 35442,platforms/hardware/webapps/35442.txt,"EntryPass N5200 - Credentials Exposure",2014-12-02,"RedTeam Pentesting",hardware,webapps,0 @@ -31957,7 +31957,7 @@ id,file,description,date,author,platform,type,port 35456,platforms/php/webapps/35456.txt,"BoutikOne rss_promo.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35457,platforms/php/webapps/35457.txt,"BoutikOne rss_top10.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35459,platforms/php/webapps/35459.txt,"Cart66 Lite WordPress Ecommerce 1.5.1.17 - Blind SQL Injection",2014-12-03,"Kacper Szurek",php,webapps,80 -35460,platforms/php/webapps/35460.txt,"CodeArt Google MP3 Player Wordpress Plugin - File Disclosure Download",2014-12-03,"QK14 Team",php,webapps,80 +35460,platforms/php/webapps/35460.txt,"CodeArt Google MP3 Player WordPress Plugin - File Disclosure Download",2014-12-03,"QK14 Team",php,webapps,80 35564,platforms/php/webapps/35564.txt,"DoceboLms 4.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-03,LiquidWorm,php,webapps,0 35565,platforms/php/webapps/35565.txt,"Anantasoft Gazelle CMS - 1.0 - Cross-Site Scripting and SQL Injection Vulnerabilities",2011-04-04,"kurdish hackers team",php,webapps,0 35462,platforms/hardware/webapps/35462.txt,"Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities",2014-12-04,Crash,hardware,webapps,80 @@ -31988,7 +31988,7 @@ id,file,description,date,author,platform,type,port 35489,platforms/multiple/dos/35489.pl,"Perl 5.x - 'Perl_reg_numbered_buff_fetch()' Function Remote Denial of Service Vulnerability",2011-03-23,"Vladimir Perepelitsa",multiple,dos,0 35490,platforms/php/webapps/35490.txt,"IceHrm 7.1 - Multiple Vulnerabilities",2014-12-08,LiquidWorm,php,webapps,0 35492,platforms/php/webapps/35492.txt,"Free Article Submissions 1.0 - SQL Injection Vulnerability",2014-12-08,BarrabravaZ,php,webapps,0 -35493,platforms/php/webapps/35493.txt,"Wordpress Ajax Store Locator 1.2 - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 +35493,platforms/php/webapps/35493.txt,"WordPress Ajax Store Locator 1.2 - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 35518,platforms/php/webapps/35518.txt,"OpenEMR 4.1.2(7) - Multiple SQL Injection Vulnerabilities",2014-12-10,Portcullis,php,webapps,80 35495,platforms/multiple/remote/35495.txt,"Advantech/BroadWin SCADA WebAccess 7.0 - Multiple Remote Security Vulnerabilities",2011-03-23,"Ruben Santamarta ",multiple,remote,0 35496,platforms/php/webapps/35496.txt,"MC Content Manager 10.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-24,MustLive,php,webapps,0 @@ -32004,7 +32004,7 @@ id,file,description,date,author,platform,type,port 35674,platforms/php/webapps/35674.txt,"WordPress WP Photo Album Plugin 1.5.1 - 'id' Parameter Cross-Site Scripting Vulnerability",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35675,platforms/php/webapps/35675.txt,"Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-27,"Emilio Pinna",php,webapps,0 35676,platforms/cgi/webapps/35676.txt,"BackupPC 3.x - 'index.cgi' Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",cgi,webapps,0 -35505,platforms/php/webapps/35505.txt,"Wordpress Plugin Symposium 14.10 - SQL Injection",2014-12-09,"Kacper Szurek",php,webapps,0 +35505,platforms/php/webapps/35505.txt,"WordPress Plugin Symposium 14.10 - SQL Injection",2014-12-09,"Kacper Szurek",php,webapps,0 35506,platforms/php/webapps/35506.pl,"Flat Calendar 1.1 - HTML Injection Exploit",2014-12-09,"ZoRLu Bugrahan",php,webapps,0 35507,platforms/windows/dos/35507.pl,"DivX Player 7 - Multiple Remote Buffer Overflow Vulnerabilities",2011-03-27,KedAns-Dz,windows,dos,0 35508,platforms/php/webapps/35508.txt,"Cetera eCommerce Multiple Cross-Site Scripting and SQL Injection Vulnerabilities",2011-03-27,MustLive,php,webapps,0 @@ -32032,7 +32032,7 @@ id,file,description,date,author,platform,type,port 35530,platforms/windows/dos/35530.py,"Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit DoS (.m3u)",2014-12-15,s-dz,windows,dos,0 35531,platforms/windows/dos/35531.py,"Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit DoS (.lst)",2014-12-15,s-dz,windows,dos,0 35532,platforms/windows/dos/35532.py,"jaangle 0.98i.977 - Denial of Service Vulnerability",2014-12-15,s-dz,windows,dos,0 -35533,platforms/php/webapps/35533.py,"Wordpress Download Manager 2.7.4 - Remote Code Execution Vulnerability",2014-12-15,"Claudio Viviani",php,webapps,0 +35533,platforms/php/webapps/35533.py,"WordPress Download Manager 2.7.4 - Remote Code Execution Vulnerability",2014-12-15,"Claudio Viviani",php,webapps,0 35548,platforms/php/webapps/35548.txt,"InTerra Blog Machine 1.84 - 'subject' Parameter HTML Injection Vulnerability",2011-03-31,"High-Tech Bridge SA",php,webapps,0 35535,platforms/php/webapps/35535.php,"PHPads <= 213607 - Authentication Bypass / Password Change Exploit",2014-12-15,"Shaker msallm",php,webapps,0 35539,platforms/php/dos/35539.txt,"phpMyAdmin 4.0.x / 4.1.x / 4.2.x - DoS",2014-12-15,"Javer Nieto and Andres Rojas",php,dos,0 @@ -32042,7 +32042,7 @@ id,file,description,date,author,platform,type,port 35563,platforms/windows/remote/35563.pl,"EasyPHP 5.3.5.0 - 'index.php' Arbitrary File Download Vulnerability",2011-04-03,KedAns-Dz,windows,remote,0 35541,platforms/php/webapps/35541.txt,"ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling",2014-12-15,"Adler Freiheit",php,webapps,0 35556,platforms/hardware/webapps/35556.txt,"CIK Telecom VoIP router SVG6000RW - Privilege Escalation and Command Execution",2014-12-17,Chako,hardware,webapps,0 -35543,platforms/php/webapps/35543.txt,"Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit",2014-12-15,"Claudio Viviani",php,webapps,0 +35543,platforms/php/webapps/35543.txt,"WordPress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit",2014-12-15,"Claudio Viviani",php,webapps,0 35549,platforms/unix/remote/35549.rb,"ActualAnalyzer 'ant' Cookie Command Execution",2014-12-16,metasploit,unix,remote,80 35545,platforms/php/remote/35545.rb,"Tuleap PHP Unserialize Code Execution",2014-12-15,metasploit,php,remote,80 35547,platforms/php/webapps/35547.txt,"ICJobSite 1.1 - 'pid' Parameter SQL Injection Vulnerability",2011-03-30,RoAd_KiLlEr,php,webapps,0 @@ -32085,12 +32085,12 @@ id,file,description,date,author,platform,type,port 35600,platforms/linux/dos/35600.c,"Linux Kernel 2.6.x - 'inotify_init1()' Double Free Local Denial of Service Vulnerability",2011-04-11,anonymous,linux,dos,0 35601,platforms/php/webapps/35601.txt,"Etki Video PRO 2.0 izle.asp id Parameter SQL Injection",2011-04-11,Kurd-Team,php,webapps,0 35602,platforms/php/webapps/35602.txt,"Etki Video PRO 2.0 kategori.asp cat Parameter SQL Injection",2011-04-11,Kurd-Team,php,webapps,0 -35603,platforms/php/webapps/35603.txt,"Live Wire 2.3.1 For Wordpress - Multiple Security Vulnerabilities",2011-04-11,MustLive,php,webapps,0 +35603,platforms/php/webapps/35603.txt,"Live Wire 2.3.1 For WordPress - Multiple Security Vulnerabilities",2011-04-11,MustLive,php,webapps,0 35604,platforms/php/webapps/35604.txt,"eForum 1.1 - '/eforum.php' Arbitrary File Upload Vulnerability",2011-04-09,QSecure,php,webapps,0 35605,platforms/php/webapps/35605.txt,"Lazarus Guestbook 1.22 - Multiple Vulnerabilities",2014-12-24,TaurusOmar,php,webapps,80 35606,platforms/linux/remote/35606.txt,"MIT Kerberos 5 kadmind Change Password Feature Remote Code Execution Vulnerability",2011-04-11,"Felipe Ortega",linux,remote,0 35607,platforms/php/webapps/35607.txt,"Spellchecker Plugin 3.1 for WordPress - 'general.php' Local and Remote File Include Vulnerabilities",2011-04-12,"Dr Trojan",php,webapps,0 -35608,platforms/php/webapps/35608.txt,"The Gazette Edition 2.9.4 For Wordpress - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0 +35608,platforms/php/webapps/35608.txt,"The Gazette Edition 2.9.4 For WordPress - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0 35609,platforms/php/webapps/35609.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35610,platforms/php/webapps/35610.txt,"Plogger 1.0 RC1 - 'gallery_name' Parameter Cross-Site Scripting Vulnerability",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35611,platforms/php/webapps/35611.txt,"Website Baker 2.8.1 - Multiple SQL Injection Vulnerabilities",2011-04-12,"High-Tech Bridge SA",php,webapps,0 @@ -32287,7 +32287,7 @@ id,file,description,date,author,platform,type,port 35820,platforms/linux/dos/35820.c,"Linux Kernel 2.6.x - KSM Local Denial of Service Vulnerability",2011-06-02,"Andrea Righi",linux,dos,0 35821,platforms/windows/local/35821.txt,"Sim Editor 6.6 - Stack Based Buffer Overflow",2015-01-16,"Osanda Malith",windows,local,0 35822,platforms/windows/remote/35822.html,"Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution",2015-01-19,"Praveen Darshanam",windows,remote,0 -35823,platforms/php/webapps/35823.txt,"Wordpress Pie Register Plugin 2.0.13 - Privilege Escalation",2015-01-16,"Kacper Szurek",php,webapps,80 +35823,platforms/php/webapps/35823.txt,"WordPress Pie Register Plugin 2.0.13 - Privilege Escalation",2015-01-16,"Kacper Szurek",php,webapps,80 35824,platforms/php/webapps/35824.txt,"vBulletin vBExperience 3 'sortorder' Parameter Cross Site Scripting Vulnerability",2011-06-06,Mr.ThieF,php,webapps,0 35985,platforms/php/webapps/35985.txt,"Support Incident Tracker (SiT!) 3.63 p1 - report_marketing.php exc[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35986,platforms/php/webapps/35986.txt,"Support Incident Tracker (SiT!) 3.63 p1 - billable_incidents.php sites[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 @@ -32347,7 +32347,7 @@ id,file,description,date,author,platform,type,port 35876,platforms/windows/dos/35876.html,"Easewe FTP OCX ActiveX Control 4.5.0.9 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities",2011-06-22,"High-Tech Bridge SA",windows,dos,0 35877,platforms/php/webapps/35877.txt,"Sitemagic CMS 'SMTpl' Parameter Directory Traversal Vulnerability",2011-06-23,"Andrea Bocchetti",php,webapps,0 35878,platforms/php/webapps/35878.txt,"ecommerceMajor - SQL Injection And Authentication bypass",2015-01-22,"Manish Tanwar",php,webapps,0 -35879,platforms/php/webapps/35879.txt,"Wordpress Cforms Plugin 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0 +35879,platforms/php/webapps/35879.txt,"WordPress Cforms Plugin 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0 35880,platforms/windows/remote/35880.html,"LEADTOOLS Imaging LEADSmtp ActiveX Control 'SaveMessage()' Insecure Method Vulnerability",2011-06-23,"High-Tech Bridge SA",windows,remote,0 35881,platforms/windows/remote/35881.c,"xAurora 10.00 - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution Vulnerability",2011-06-24,"Zer0 Thunder",windows,remote,0 35882,platforms/php/webapps/35882.txt,"Nodesforum '_nodesforum_node' Parameter SQL Injection Vulnerability",2011-06-23,"Andrea Bocchetti",php,webapps,0 @@ -32388,7 +32388,7 @@ id,file,description,date,author,platform,type,port 35991,platforms/php/webapps/35991.txt,"Pragyan CMS 3.0 - SQL Injection",2015-02-04,"Steffen Rösemann",php,webapps,80 35914,platforms/php/webapps/35914.txt,"ferretCMS 1.0.4-alpha - Multiple Vulnerabilities",2015-01-26,"Steffen Rösemann",php,webapps,80 35915,platforms/multiple/webapps/35915.txt,"Symantec Data Center Security - Multiple Vulnerabilities",2015-01-26,"SEC Consult",multiple,webapps,0 -35916,platforms/php/webapps/35916.txt,"Wordpress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 +35916,platforms/php/webapps/35916.txt,"WordPress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 35917,platforms/hardware/remote/35917.txt,"D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit",2015-01-27,"Todor Donev",hardware,remote,0 35918,platforms/multiple/remote/35918.c,"IBM DB2 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution Vulnerability",2011-06-30,"Tim Brown",multiple,remote,0 35919,platforms/bsd/remote/35919.c,"NetBSD 5.1 Multiple 'libc/net' Functions Stack Buffer Overflow Vulnerability",2011-07-01,"Maksymilian Arciemowicz",bsd,remote,0 @@ -32482,7 +32482,7 @@ id,file,description,date,author,platform,type,port 36028,platforms/php/webapps/36028.txt,"u5CMS 3.9.3 - (thumb.php) Local File Inclusion Vulnerability",2015-02-09,LiquidWorm,php,webapps,0 36029,platforms/php/webapps/36029.txt,"u5CMS 3.9.3 - Multiple Stored And Reflected XSS Vulnerabilities",2015-02-09,LiquidWorm,php,webapps,0 36031,platforms/php/webapps/36031.txt,"StaMPi - Local File Inclusion",2015-02-09,"e . V . E . L",php,webapps,0 -36058,platforms/php/webapps/36058.txt,"Wordpress Video Gallery 2.7.0 - SQL Injection Vulnerability",2015-02-12,"Claudio Viviani",php,webapps,0 +36058,platforms/php/webapps/36058.txt,"WordPress Video Gallery 2.7.0 - SQL Injection Vulnerability",2015-02-12,"Claudio Viviani",php,webapps,0 36032,platforms/php/webapps/36032.txt,"Softbiz Recipes Portal Script Multiple Cross Site Scripting Vulnerabilities",2011-08-05,Net.Edit0r,php,webapps,0 36033,platforms/php/webapps/36033.txt,"Search Network 2.0 - 'query' Parameter Cross Site Scripting Vulnerability",2011-08-08,darkTR,php,webapps,0 36034,platforms/php/webapps/36034.txt,"OpenEMR 4.0 Multiple Cross Site Scripting Vulnerabilities",2011-08-09,"Houssam Sahli",php,webapps,0 @@ -32503,7 +32503,7 @@ id,file,description,date,author,platform,type,port 36051,platforms/php/webapps/36051.txt,"WordPress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross Site Scripting Vulnerabilities",2011-08-17,"High-Tech Bridge SA",php,webapps,0 36052,platforms/windows/local/36052.c,"SoftSphere DefenseWall FW/IPS 3.24 - Privilege Escalation",2015-02-11,"Parvez Anwar",windows,local,0 36053,platforms/windows/local/36053.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow",2015-02-11,"dogo h@ck",windows,local,0 -36054,platforms/php/webapps/36054.txt,"Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection",2015-02-11,"Securely (Yoo Hee man)",php,webapps,80 +36054,platforms/php/webapps/36054.txt,"WordPress Survey and Poll Plugin 1.1 - Blind SQL Injection",2015-02-11,"Securely (Yoo Hee man)",php,webapps,80 36055,platforms/php/webapps/36055.txt,"Pandora FMS 5.1 SP1 - SQL Injection Vulnerability",2015-02-11,Vulnerability-Lab,php,webapps,8080 36056,platforms/windows/remote/36056.rb,"Achat 0.150 beta7 - Buffer Overflow",2015-02-11,metasploit,windows,remote,9256 36057,platforms/cgi/webapps/36057.txt,"IBM Endpoint Manager - Stored XSS Vulnerability",2015-02-11,"RedTeam Pentesting",cgi,webapps,52311 @@ -32598,7 +32598,7 @@ id,file,description,date,author,platform,type,port 36154,platforms/php/webapps/36154.txt,"Beehive Forum 1.4.4 - Stored XSS Vulnerability",2015-02-23,"Halil Dalabasmaz",php,webapps,0 36155,platforms/php/webapps/36155.php,"WeBid 1.1.1 Unrestricted File Upload Exploit",2015-02-23,"CWH Underground",php,webapps,80 36156,platforms/php/webapps/36156.txt,"Clipbucket 2.7 RC3 0.9 - Blind SQL Injection",2015-02-23,"CWH Underground",php,webapps,80 -36157,platforms/php/webapps/36157.rb,"Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (MSF)",2015-02-23,"Pablo González",php,webapps,80 +36157,platforms/php/webapps/36157.rb,"Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (Metasploit)",2015-02-23,"Pablo González",php,webapps,80 36158,platforms/php/dos/36158.txt,"PHP DateTime Use After Free Vulnerability",2015-02-23,"Taoguang Chen",php,dos,0 36159,platforms/php/webapps/36159.txt,"Zeuscart v.4 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 36160,platforms/php/webapps/36160.txt,"phpBugTracker 1.6.0 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 @@ -32672,7 +32672,7 @@ id,file,description,date,author,platform,type,port 36227,platforms/php/webapps/36227.txt,"Joomla! Sgicatalog Component 1.0 - 'id' Parameter SQL Injection Vulnerability",2011-10-12,"BHG Security Center",php,webapps,0 36228,platforms/php/webapps/36228.txt,"BugFree 2.1.3 Multiple Cross Site Scripting Vulnerabilities",2011-10-12,"High-Tech Bridge SA",php,webapps,0 36229,platforms/linux/local/36229.py,"VFU 4.10-1.1 - Move Entry Buffer Overflow",2015-02-25,"Bas van den Berg",linux,local,0 -36230,platforms/php/webapps/36230.txt,"Calculated Fields Form Wordpress Plugin <= 1.0.10 - Remote SQL Injection Vulnerability",2015-03-02,"Ibrahim Raafat",php,webapps,0 +36230,platforms/php/webapps/36230.txt,"Calculated Fields Form WordPress Plugin <= 1.0.10 - Remote SQL Injection Vulnerability",2015-03-02,"Ibrahim Raafat",php,webapps,0 36231,platforms/php/webapps/36231.py,"GoAutoDial CE 2.0 - Shell Upload",2015-02-28,R-73eN,php,webapps,0 36232,platforms/php/webapps/36232.txt,"vBulletin vBSEO 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability",2015-03-02,Net.Edit0r,php,webapps,80 36233,platforms/php/webapps/36233.txt,"WordPress Pretty Link Plugin 1.4.56 - Multiple Cross Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 @@ -32684,7 +32684,7 @@ id,file,description,date,author,platform,type,port 36239,platforms/hardware/remote/36239.txt,"Check Point UTM-1 Edge and Safe 8.2.43 Multiple Security Vulnerabilities",2011-10-18,"Richard Brain",hardware,remote,0 36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 - 'index.php' Cross Site Scripting and SQL Injection Vulnerabilities",2011-10-18,"Stefan Schurtz",php,webapps,0 36241,platforms/hardware/webapps/36241.txt,"Sagem F@st 3304-V2 - LFI",2015-03-03,"Loudiyi Mohamed",hardware,webapps,0 -36242,platforms/php/webapps/36242.txt,"Wordpress Theme Photocrati 4.x.x - SQL Injection & XSS",2015-03-03,ayastar,php,webapps,0 +36242,platforms/php/webapps/36242.txt,"WordPress Theme Photocrati 4.x.x - SQL Injection & XSS",2015-03-03,ayastar,php,webapps,0 36243,platforms/php/webapps/36243.txt,"WordPress cp-multi-view-calendar <= 1.1.4 - SQL Injection vulnerabilities",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 36246,platforms/multiple/remote/36246.txt,"Splunk <= 4.1.6 'segment' Parameter Cross Site Scripting Vulnerability",2011-10-20,"Filip Palian",multiple,remote,0 36247,platforms/multiple/dos/36247.txt,"Splunk <= 4.1.6 Web component Remote Denial of Service Vulnerability",2011-10-20,"Filip Palian",multiple,dos,0 @@ -32806,9 +32806,9 @@ id,file,description,date,author,platform,type,port 36369,platforms/xml/webapps/36369.txt,"Citrix Netscaler NS10.5 - WAF Bypass Via HTTP Header Pollution",2015-03-12,"BGA Security",xml,webapps,0 36370,platforms/linux/remote/36370.txt,"ArcSight Logger - Arbitrary File Upload (Code Execution)",2015-03-13,"Horoszkiewicz Julian ISP_",linux,remote,0 36371,platforms/php/webapps/36371.txt,"Codiad 2.5.3 - LFI Vulnerability",2015-03-12,"TUNISIAN CYBER",php,webapps,0 -36372,platforms/php/webapps/36372.txt,"Wordpress Theme DesignFolio Plus 1.2 - Arbitrary File Upload Vulnerability",2015-03-04,CrashBandicot,php,webapps,0 +36372,platforms/php/webapps/36372.txt,"WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload Vulnerability",2015-03-04,CrashBandicot,php,webapps,0 36373,platforms/php/webapps/36373.txt,"Joomla Simple Photo Gallery 1.0 - Arbitrary File Upload",2015-03-10,CrashBandicot,php,webapps,0 -36374,platforms/php/webapps/36374.txt,"Wordpress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 +36374,platforms/php/webapps/36374.txt,"WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 36375,platforms/asp/webapps/36375.txt,"Virtual Vertex Muster 6.1.6 Web Interface Directory Traversal Vulnerability",2011-11-29,"Nick Freeman",asp,webapps,0 36376,platforms/windows/remote/36376.txt,"Oxide WebServer Directory Traversal Vulnerability",2011-11-29,demonalex,windows,remote,0 36377,platforms/multiple/dos/36377.txt,"CoDeSys 3.4 HTTP POST Request NULL Pointer Content-Length Parsing Remote DoS",2011-11-30,"Luigi Auriemma",multiple,dos,0 @@ -32900,7 +32900,7 @@ id,file,description,date,author,platform,type,port 36463,platforms/php/webapps/36463.txt,"Telescope <= 0.9.2 - Markdown Persistent XSS",2015-03-21,shubs,php,webapps,0 36464,platforms/php/webapps/36464.txt,"Joomla Spider FAQ Component - SQL Injection Vulnerability",2015-03-22,"Manish Tanwar",php,webapps,0 36465,platforms/windows/local/36465.py,"Free MP3 CD Ripper 2.6 - Local Buffer Overflow",2015-03-22,"TUNISIAN CYBER",windows,local,0 -36466,platforms/php/webapps/36466.txt,"Wordpress Marketplace 2.4.0 - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 +36466,platforms/php/webapps/36466.txt,"WordPress Marketplace 2.4.0 - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 36468,platforms/php/webapps/36468.txt,"PHP Booking Calendar 10e 'page_info_message' Parameter Cross Site Scripting Vulnerability",2011-12-19,G13,php,webapps,0 36469,platforms/php/webapps/36469.txt,"Joomla! 'com_tsonymf' Component 'idofitem' Parameter SQL Injection Vulnerability",2011-12-20,CoBRa_21,php,webapps,0 36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware <= 8.1 'show_errors' Parameter HTML Injection Vulnerability",2011-12-20,"Stefan Schurtz",php,webapps,0 @@ -32979,9 +32979,9 @@ id,file,description,date,author,platform,type,port 36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website 'ringtones.php' Multiple Cross Site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0 36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 Multiple 'index.php' Cross Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 36553,platforms/java/webapps/36553.java,"JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution",2015-03-30,ikki,java,webapps,0 -36554,platforms/php/webapps/36554.txt,"Wordpress Plugin Slider Revolution <= 4.1.4 - Arbitrary File Download vulnerability",2015-03-30,"Claudio Viviani",php,webapps,0 +36554,platforms/php/webapps/36554.txt,"WordPress Plugin Slider Revolution <= 4.1.4 - Arbitrary File Download vulnerability",2015-03-30,"Claudio Viviani",php,webapps,0 36747,platforms/linux/local/36747.c,"Fedora abrt Race Condition Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 -36559,platforms/php/webapps/36559.txt,"Wordpress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download Vulnerability",2015-03-30,ACC3SS,php,webapps,0 +36559,platforms/php/webapps/36559.txt,"WordPress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download Vulnerability",2015-03-30,ACC3SS,php,webapps,0 36560,platforms/php/webapps/36560.txt,"Joomla Gallery WD Component - SQL Injection Vulnerability",2015-03-30,CrashBandicot,php,webapps,0 36561,platforms/php/webapps/36561.txt,"Joomla Contact Form Maker 1.0.1 Component - SQL injection vulnerability",2015-03-30,"TUNISIAN CYBER",php,webapps,0 36562,platforms/linux/remote/36562.txt,"Apache Spark Cluster 1.3.x - Arbitary Code Execution",2015-03-30,"Akhil Das",linux,remote,0 @@ -33022,7 +33022,7 @@ id,file,description,date,author,platform,type,port 36597,platforms/php/webapps/36597.txt,"Joomla! 'com_bulkenquery' Component 'controller' Parameter Local File Include Vulnerability",2012-01-21,the_cyber_nuxbie,php,webapps,0 36598,platforms/php/webapps/36598.txt,"Joomla! 'com_kp' Component 'controller' Parameter Local File Include Vulnerability",2012-01-21,the_cyber_nuxbie,php,webapps,0 36599,platforms/asp/webapps/36599.txt,"Raven 1.0 - 'connector.asp' Arbitrary File Upload Vulnerability",2012-01-21,HELLBOY,asp,webapps,0 -36600,platforms/php/webapps/36600.txt,"Wordpress Business Intelligence Plugin - SQL injection",2015-04-02,"Jagriti Sahu",php,webapps,80 +36600,platforms/php/webapps/36600.txt,"WordPress Business Intelligence Plugin - SQL injection",2015-04-02,"Jagriti Sahu",php,webapps,80 36601,platforms/php/webapps/36601.txt,"Joomla Spider Random Article Component - SQL Injection",2015-04-02,"Jagriti Sahu",php,webapps,80 36620,platforms/php/webapps/36620.txt,"WordPress YouSayToo auto-publishing Plugin 1.0 - 'submit' Parameter Cross Site Scripting Vulnerability",2012-01-24,"H4ckCity Security Team",php,webapps,0 36602,platforms/windows/remote/36602.html,"Webgate WESP SDK 1.2 ChangePassword Stack Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 @@ -33031,12 +33031,12 @@ id,file,description,date,author,platform,type,port 36606,platforms/windows/remote/36606.html,"WebGate eDVR Manager 2.6.4 SiteChannel Property Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36607,platforms/windows/remote/36607.html,"WebGate eDVR Manager 2.6.4 Connect Method Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36609,platforms/multiple/webapps/36609.txt,"Kemp Load Master 7.1.16 - Multiple Vulnerabilities",2015-04-02,"Roberto Suggi Liverani",multiple,webapps,80 -36610,platforms/php/webapps/36610.txt,"Wordpress Video Gallery Plugin 2.8 - Multiple CSRF Vulnerabilities",2015-04-02,Divya,php,webapps,80 +36610,platforms/php/webapps/36610.txt,"WordPress Video Gallery Plugin 2.8 - Multiple CSRF Vulnerabilities",2015-04-02,Divya,php,webapps,80 36611,platforms/php/webapps/36611.txt,"Multiple UpThemes WordPress Themes - Arbitrary File Upload",2015-04-02,Divya,php,webapps,80 -36612,platforms/php/webapps/36612.txt,"Wordpress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities",2015-04-02,Divya,php,webapps,80 -36613,platforms/php/webapps/36613.txt,"Wordpress Simple Ads Manager Plugin - Multiple SQL Injection",2015-04-02,"ITAS Team",php,webapps,80 -36614,platforms/php/webapps/36614.txt,"Wordpress Simple Ads Manager 2.5.94 - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 -36615,platforms/php/webapps/36615.txt,"Wordpress Simple Ads Manager - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 +36612,platforms/php/webapps/36612.txt,"WordPress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities",2015-04-02,Divya,php,webapps,80 +36613,platforms/php/webapps/36613.txt,"WordPress Simple Ads Manager Plugin - Multiple SQL Injection",2015-04-02,"ITAS Team",php,webapps,80 +36614,platforms/php/webapps/36614.txt,"WordPress Simple Ads Manager 2.5.94 - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 +36615,platforms/php/webapps/36615.txt,"WordPress Simple Ads Manager - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 36616,platforms/php/webapps/36616.txt,"phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection",2015-04-02,@u0x,php,webapps,80 36617,platforms/php/webapps/36617.txt,"WordPress VideoWhisper Video Presentation 3.31.17 - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 36618,platforms/php/webapps/36618.txt,"VideoWhisper Video Conference Integration 4.91.8 - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 @@ -33096,7 +33096,7 @@ id,file,description,date,author,platform,type,port 36674,platforms/php/webapps/36674.txt,"Shareaholic 7.6.0.3 - XSS",2015-04-08,"Kacper Szurek",php,webapps,80 36675,platforms/php/webapps/36675.txt,"Balero CMS 0.7.2 - Multiple Blind SQL Injection Vulnerabilities",2015-04-08,LiquidWorm,php,webapps,80 36676,platforms/php/webapps/36676.html,"Balero CMS 0.7.2 - Multiple JS/HTML Injection Vulnerabilities",2015-04-08,LiquidWorm,php,webapps,80 -36677,platforms/php/webapps/36677.txt,"Wordpress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 +36677,platforms/php/webapps/36677.txt,"WordPress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 36678,platforms/jsp/webapps/36678.txt,"ZENworks Configuration Management 11.3.1 - Remote Code Execution",2015-04-08,"Pedro Ribeiro",jsp,webapps,0 36679,platforms/windows/remote/36679.rb,"Solarwinds Firewall Security Manager 6.6.5 - Client Session Handling Vulnerability",2015-04-08,metasploit,windows,remote,0 36680,platforms/hardware/remote/36680.txt,"Multiple Trendnet Camera Products Remote Security Bypass Vulnerability",2012-02-10,console-cowboys,hardware,remote,0 @@ -33110,7 +33110,7 @@ id,file,description,date,author,platform,type,port 36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h 'path_to_admin/product.php' Cross Site Request Forgery Vulnerability",2012-02-10,DisK0nn3cT,php,webapps,0 36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0 36690,platforms/linux/remote/36690.rb,"Barracuda Firmware <= 5.0.0.012 - Post Auth Remote Root exploit",2015-04-09,xort,linux,remote,8000 -36691,platforms/php/webapps/36691.txt,"Wordpress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 +36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 36692,platforms/osx/local/36692.py,"Mac OS X < 10.7.5_ 10.8.2_ 10.9.5 10.10.2 - rootpipe Local Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 36693,platforms/php/webapps/36693.txt,"RabbitWiki 'title' Parameter Cross Site Scripting Vulnerability",2012-02-10,sonyy,php,webapps,0 36694,platforms/php/webapps/36694.txt,"eFront Community++ 3.6.10 SQL Injection and Multiple HTML Injection Vulnerabilities",2012-02-12,"Benjamin Kunz Mejri",php,webapps,0 @@ -33151,10 +33151,10 @@ id,file,description,date,author,platform,type,port 36730,platforms/php/webapps/36730.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_ipaddr.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36731,platforms/php/webapps/36731.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_iplink.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36732,platforms/php/webapps/36732.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_ports.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36733,platforms/php/webapps/36733.txt,"Wordpress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure Vulnerability",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 -36735,platforms/php/webapps/36735.txt,"Wordpress Duplicator <= 0.5.14 - SQL Injection & CSRF",2015-04-13,"Claudio Viviani",php,webapps,0 +36733,platforms/php/webapps/36733.txt,"WordPress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure Vulnerability",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 +36735,platforms/php/webapps/36735.txt,"WordPress Duplicator <= 0.5.14 - SQL Injection & CSRF",2015-04-13,"Claudio Viviani",php,webapps,0 36736,platforms/php/webapps/36736.txt,"Traidnt Up 3.0 - SQL Injection",2015-04-13,"Ali Trixx",php,webapps,0 -36738,platforms/php/webapps/36738.txt,"Wordpress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload Vulnerability",2015-04-13,"Claudio Viviani",php,webapps,0 +36738,platforms/php/webapps/36738.txt,"WordPress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload Vulnerability",2015-04-13,"Claudio Viviani",php,webapps,0 36746,platforms/linux/local/36746.c,"Apport/Abrt - Local Root Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 36761,platforms/php/webapps/36761.txt,"WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion Exploit",2015-04-14,LiquidWorm,php,webapps,80 36741,platforms/linux/dos/36741.py,"Samba < 3.6.2 x86 - PoC",2015-04-13,sleepya,linux,dos,0 @@ -33165,7 +33165,7 @@ id,file,description,date,author,platform,type,port 36752,platforms/php/webapps/36752.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_sensor.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36753,platforms/php/webapps/36753.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_time.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36754,platforms/php/webapps/36754.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_uaddr.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36751,platforms/php/webapps/36751.txt,"Wordpress Video Gallery 2.8 - SQL Injection",2015-04-14,"Claudio Viviani",php,webapps,80 +36751,platforms/php/webapps/36751.txt,"WordPress Video Gallery 2.8 - SQL Injection",2015-04-14,"Claudio Viviani",php,webapps,80 36750,platforms/lin_x86-64/shellcode/36750.c,"linux/x86 setreuid(0_ 0) + execve(_/sbin/halt_) + exit(0) (49 bytes)",2015-04-14,"Febriyanto Nugroho",lin_x86-64,shellcode,0 36755,platforms/php/webapps/36755.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_user.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36756,platforms/windows/remote/36756.html,"Samsung iPOLiS ReadConfigValue Remote Code Execution",2015-04-14,"Praveen Darshanam",windows,remote,0 @@ -33188,7 +33188,7 @@ id,file,description,date,author,platform,type,port 36774,platforms/php/webapps/36774.txt,"WordPress MiwoFTP Plugin 1.0.5 - Arbitrary File Download Exploit",2015-04-15,"Necmettin COSKUN",php,webapps,0 36807,platforms/php/webapps/36807.txt,"GoAutoDial 3.3-1406088000 - Multiple Vulnerabilities",2015-04-21,"Chris McCurley",php,webapps,80 36776,platforms/windows/dos/36776.py,"MS Windows (HTTP.sys) - HTTP Request Parsing DoS (MS15-034)",2015-04-16,"laurent gaffie",windows,dos,80 -36777,platforms/php/webapps/36777.txt,"Wordpress Ajax Store Locator 1.2 - SQL Injection Vulnerability",2015-04-16,"Claudio Viviani",php,webapps,80 +36777,platforms/php/webapps/36777.txt,"WordPress Ajax Store Locator 1.2 - SQL Injection Vulnerability",2015-04-16,"Claudio Viviani",php,webapps,80 36778,platforms/lin_x86/shellcode/36778.c,"Linux/x86 execve _/bin/sh_ - shellcode (35 bytes)",2015-04-17,"Mohammad Reza Espargham",lin_x86,shellcode,0 36779,platforms/win32/shellcode/36779.c,"win32/xp sp3 Create (_file.txt_) (83 bytes)",2015-04-17,"TUNISIAN CYBER",win32,shellcode,0 36780,platforms/win32/shellcode/36780.c,"win32/xp sp3 - Restart computer",2015-04-17,"TUNISIAN CYBER",win32,shellcode,0 @@ -33209,17 +33209,17 @@ id,file,description,date,author,platform,type,port 36797,platforms/ios/webapps/36797.txt,"Mobile Drive HD 1.8 - File Include Web Vulnerability",2015-04-21,Vulnerability-Lab,ios,webapps,0 36798,platforms/ios/webapps/36798.txt,"Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability",2015-04-21,Vulnerability-Lab,ios,webapps,0 36799,platforms/bsd/local/36799.c,"OpenBSD <= 5.6 - Multiple Local Kernel Panics",2015-04-21,nitr0us,bsd,local,0 -36800,platforms/php/webapps/36800.txt,"Wordpress NEX-Forms < 3.0 - SQL Injection Vulnerability",2015-04-21,"Claudio Viviani",php,webapps,0 +36800,platforms/php/webapps/36800.txt,"WordPress NEX-Forms < 3.0 - SQL Injection Vulnerability",2015-04-21,"Claudio Viviani",php,webapps,0 36801,platforms/php/webapps/36801.txt,"WordPress MiwoFTP Plugin <= 1.0.5 - Arbitrary File Download",2015-04-21,"dadou dz",php,webapps,0 36802,platforms/php/webapps/36802.txt,"WordPress Tune Library Plugin 1.5.4 - SQL Injection Vulnerability",2015-04-21,"Hannes Trunde",php,webapps,0 36803,platforms/linux/remote/36803.py,"ProFTPd 1.3.5 (mod_copy) - Remote Command Execution",2015-04-21,R-73eN,linux,remote,0 36804,platforms/php/webapps/36804.pl,"MediaSuite CMS - Artibary File Disclosure Exploit",2015-04-21,"KnocKout inj3ct0r",php,webapps,0 36805,platforms/php/webapps/36805.txt,"WordPress Community Events Plugin 1.3.5 - SQL Injection Vulnerability",2015-04-21,"Hannes Trunde",php,webapps,0 36808,platforms/windows/remote/36808.rb,"Adobe Flash Player copyPixelsToByteArray Integer Overflow",2015-04-21,metasploit,windows,remote,0 -36809,platforms/php/remote/36809.rb,"Wordpress Reflex Gallery Upload Vulnerability",2015-04-21,metasploit,php,remote,80 -36810,platforms/php/remote/36810.rb,"Wordpress N-Media Website Contact Form Upload Vulnerability",2015-04-21,metasploit,php,remote,80 -36811,platforms/php/remote/36811.rb,"Wordpress Creative Contact Form Upload Vulnerability",2015-04-21,metasploit,php,remote,80 -36812,platforms/php/remote/36812.rb,"Wordpress Work The Flow Upload Vulnerability",2015-04-21,metasploit,php,remote,80 +36809,platforms/php/remote/36809.rb,"WordPress Reflex Gallery Upload Vulnerability",2015-04-21,metasploit,php,remote,80 +36810,platforms/php/remote/36810.rb,"WordPress N-Media Website Contact Form Upload Vulnerability",2015-04-21,metasploit,php,remote,80 +36811,platforms/php/remote/36811.rb,"WordPress Creative Contact Form Upload Vulnerability",2015-04-21,metasploit,php,remote,80 +36812,platforms/php/remote/36812.rb,"WordPress Work The Flow Upload Vulnerability",2015-04-21,metasploit,php,remote,80 36813,platforms/hardware/local/36813.txt,"ADB Backup Archive Path Traversal File Overwrite",2015-04-21,"Imre Rad",hardware,local,0 36814,platforms/osx/dos/36814.c,"Mac OS X - Local Denial of Service",2015-04-21,"Maxime Villard",osx,dos,0 36815,platforms/cfm/webapps/36815.txt,"BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File Retrieval/Deletion",2015-04-21,Portcullis,cfm,webapps,80 @@ -33233,8 +33233,8 @@ id,file,description,date,author,platform,type,port 36820,platforms/linux/local/36820.txt,"Ubuntu usb-creator 0.2.x - Local Privilege Escalation",2015-04-23,"Tavis Ormandy",linux,local,0 36821,platforms/php/webapps/36821.txt,"WebUI 1.5b6 - Remote Code Execution Vulnerability",2015-04-23,"TUNISIAN CYBER",php,webapps,0 36822,platforms/windows/local/36822.pl,"Quick Search 1.1.0.189 - 'search textbox' Unicode SEH egghunter Buffer Overflow",2015-04-23,"Tomislav Paskalev",windows,local,0 -36823,platforms/php/webapps/36823.txt,"Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi",2015-04-23,"Felipe Molina",php,webapps,0 -36824,platforms/php/webapps/36824.txt,"Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi (2)",2015-04-23,"Felipe Molina",php,webapps,0 +36823,platforms/php/webapps/36823.txt,"Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi",2015-04-23,"Felipe Molina",php,webapps,0 +36824,platforms/php/webapps/36824.txt,"Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi (2)",2015-04-23,"Felipe Molina",php,webapps,0 36825,platforms/hardware/dos/36825.php,"ZYXEL P-660HN-T1H_IPv6 - Remote Configuration Editor / Web Server DoS",2015-04-23,"Koorosh Ghorbani",hardware,dos,80 36826,platforms/windows/local/36826.pl,"Free MP3 CD Ripper 2.6 2.8 (.wav) - SEH Based Buffer Overflow",2015-04-23,ThreatActor,windows,local,0 36827,platforms/windows/local/36827.py,"Free MP3 CD Ripper 2.6 2.8 (.wav) - SEH Based Buffer Overflow (W7 - DEP Bypass)",2015-04-24,naxxo,windows,local,0 @@ -33306,7 +33306,7 @@ id,file,description,date,author,platform,type,port 36915,platforms/windows/remote/36915.txt,"NetDecision 4.6.1 Multiple Directory Traversal Vulnerabilities",2012-03-07,"Luigi Auriemma",windows,remote,0 36916,platforms/php/webapps/36916.txt,"Exponent CMS 2.0 - 'src' Parameter SQL Injection Vulnerability",2012-03-07,"Rob Miller",php,webapps,0 36917,platforms/php/webapps/36917.txt,"OSClass 2.3.x Directory Traversal and Arbitrary File Upload Vulnerabilities",2012-03-07,"Filippo Cavallarin",php,webapps,0 -36909,platforms/windows/local/36909.rb,"RM Downloader 2.7.5.400 - Local Buffer Overflow (MSF)",2015-05-04,"TUNISIAN CYBER",windows,local,0 +36909,platforms/windows/local/36909.rb,"RM Downloader 2.7.5.400 - Local Buffer Overflow (Metasploit)",2015-05-04,"TUNISIAN CYBER",windows,local,0 36910,platforms/php/webapps/36910.txt,"Open Realty 2.5.x 'select_users_template' Parameter Local File Include Vulnerability",2012-03-05,"Aung Khant",php,webapps,0 36911,platforms/php/webapps/36911.txt,"11in1 CMS 1.2.1 admin/comments topicID Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0 36912,platforms/php/webapps/36912.txt,"11in1 CMS 1.2.1 admin/tps id Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0 @@ -33318,7 +33318,7 @@ id,file,description,date,author,platform,type,port 36921,platforms/lin_x86/shellcode/36921.c,"Linux x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode (58 Bytes)",2015-05-06,"Oleg Boytsev",lin_x86,shellcode,0 36922,platforms/ios/webapps/36922.txt,"vPhoto-Album 4.2 iOS - File Include Web Vulnerability",2015-05-06,Vulnerability-Lab,ios,webapps,0 36906,platforms/linux/dos/36906.txt,"Apache Xerces-C XML Parser < 3.1.2 - DoS POC",2015-05-04,beford,linux,dos,0 -36907,platforms/php/webapps/36907.txt,"Wordpress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS & CSRF & File Upload",2015-05-04,"Felipe Molina",php,webapps,0 +36907,platforms/php/webapps/36907.txt,"WordPress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS & CSRF & File Upload",2015-05-04,"Felipe Molina",php,webapps,0 36908,platforms/lin_x86/shellcode/36908.c,"linux/x86 - exit(0) (6 bytes)",2015-05-04,"Febriyanto Nugroho",lin_x86,shellcode,0 36965,platforms/php/webapps/36965.txt,"Omnistar Live Cross Site Scripting and SQL Injection Vulnerabilities",2012-03-13,sonyy,php,webapps,0 36966,platforms/linux/local/36966.txt,"LightDM 1.0.6 Arbitrary File Deletion Vulnerability",2012-03-13,"Ryan Lortie",linux,local,0 @@ -33334,7 +33334,7 @@ id,file,description,date,author,platform,type,port 36927,platforms/php/webapps/36927.txt,"ToendaCMS 1.6.2 setup/index.php site Parameter Traversal Local File Inclusion",2012-03-08,AkaStep,php,webapps,0 36928,platforms/windows/local/36928.py,"Macro Toolworks 7.5 Local Buffer Overflow Vulnerability",2012-03-08,"Julien Ahrens",windows,local,0 36929,platforms/jsp/webapps/36929.txt,"Ilient SysAid 8.5.5 Multiple Cross Site Scripting and HTML Injection Vulnerabilities",2012-03-08,"Julien Ahrens",jsp,webapps,0 -36930,platforms/multiple/webapps/36930.txt,"Wordpress Freshmail Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 +36930,platforms/multiple/webapps/36930.txt,"WordPress Freshmail Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 36931,platforms/hardware/remote/36931.txt,"Barracuda CudaTel Communication Server 2.0.029.1 Multiple HTML Injection Vulnerabilities",2012-03-08,"Benjamin Kunz Mejri",hardware,remote,0 36932,platforms/windows/remote/36932.py,"RealVNC 4.1.0 and 4.1.1 - Authentication Bypass Exploit",2012-05-13,fdiskyou,windows,remote,5900 36933,platforms/linux/remote/36933.py,"ShellShock dhclient Bash Environment Variable Command Injection PoC",2014-09-29,fdiskyou,linux,remote,0 @@ -33356,16 +33356,16 @@ id,file,description,date,author,platform,type,port 36949,platforms/php/webapps/36949.txt,"Xeams <= 4.5 Build 5755 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5272 36950,platforms/php/webapps/36950.txt,"Syncrify Server <= 3.6 Build 833 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5800 36951,platforms/php/webapps/36951.txt,"SynaMan <= 3.4 Build 1436 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 -36952,platforms/php/webapps/36952.txt,"Wordpress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 +36952,platforms/php/webapps/36952.txt,"WordPress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 36953,platforms/php/webapps/36953.txt,"SynTail <= 1.5 Build 566 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin <= 4.2.4 - CSRF Vulnerability",2015-05-08,Evex,php,webapps,80 36955,platforms/osx/remote/36955.py,"MacKeeper URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0 36956,platforms/windows/remote/36956.rb,"Adobe Flash Player domainMemory ByteArray Use After Free",2015-05-08,metasploit,windows,remote,0 -36957,platforms/php/remote/36957.rb,"Wordpress RevSlider File Upload and Execute Vulnerability",2015-05-08,metasploit,php,remote,80 +36957,platforms/php/remote/36957.rb,"WordPress RevSlider File Upload and Execute Vulnerability",2015-05-08,metasploit,php,remote,80 36958,platforms/php/webapps/36958.txt,"WordPress Ultimate Profile Builder Plugin 2.3.3 - CSRF Vulnerability",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36959,platforms/php/webapps/36959.txt,"WordPress ClickBank Ads Plugin 1.7 - CSRF Vulnerability",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36960,platforms/windows/webapps/36960.txt,"Manage Engine Asset Explorer 6.1.0 Build: 6110 - CSRF Vulnerability",2015-05-08,"Kaustubh G. Padwad",windows,webapps,8080 -36961,platforms/php/webapps/36961.txt,"Wordpress Ad Inserter Plugin 1.5.2 - CSRF Vulnerability",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 +36961,platforms/php/webapps/36961.txt,"WordPress Ad Inserter Plugin 1.5.2 - CSRF Vulnerability",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36962,platforms/windows/remote/36962.rb,"Adobe Flash Player NetConnection Type Confusion",2015-05-08,metasploit,windows,remote,0 36963,platforms/linux/webapps/36963.txt,"Alienvault OSSIM/USM 4.14_ 4.15_ and 5.0 - Multiple Vulnerabilities",2015-05-08,"Peter Lapp",linux,webapps,0 36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management Arbitrary File Upload",2015-05-08,metasploit,java,remote,443 @@ -33374,7 +33374,7 @@ id,file,description,date,author,platform,type,port 36976,platforms/cgi/webapps/36976.txt,"WebGlimpse 2.x 'wgarcmin.cgi' Path Disclosure Vulnerability",2012-03-18,Websecurity,cgi,webapps,0 36977,platforms/php/webapps/36977.pl,"CreateVision CreateVision CMS 'id' Parameter SQL Injection Vulnerability",2012-03-11,"Zwierzchowski Oskar",php,webapps,0 36978,platforms/hardware/webapps/36978.txt,"ZTE F660 - Remote Config Download",2015-05-11,"Daniel Cisa",hardware,webapps,0 -36979,platforms/php/webapps/36979.sh,"Wordpress N-Media Website Contact Form with File Upload 1.3.4 - File Upload",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 +36979,platforms/php/webapps/36979.sh,"WordPress N-Media Website Contact Form with File Upload 1.3.4 - File Upload",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 36980,platforms/windows/local/36980.py,"VideoCharge Express 3.16.3.04 - BOF Exploit",2015-05-11,evil_comrade,windows,local,0 36981,platforms/windows/local/36981.py,"VideoCharge Professional + Express Vanilla 3.18.4.04 - BOF Exploit",2015-05-11,evil_comrade,windows,local,0 36982,platforms/windows/local/36982.py,"VideoCharge Vanilla 3.16.4.06 - BOF Exploit",2015-05-11,evil_comrade,windows,local,0 @@ -33490,7 +33490,7 @@ id,file,description,date,author,platform,type,port 37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass and Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0 37098,platforms/windows/local/37098.txt,"Microsoft Windows - Local Privilege Escalation (MS15-010)",2015-05-25,"Sky lake",windows,local,0 37253,platforms/php/webapps/37253.txt,"Paypal Currency Converter Basic For Woocommerce File Read",2015-06-10,Kuroi'SH,php,webapps,0 -37254,platforms/php/webapps/37254.txt,"Wordpress History Collection <= 1.1.1 - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 +37254,platforms/php/webapps/37254.txt,"WordPress History Collection <= 1.1.1 - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 37255,platforms/php/webapps/37255.txt,"Pandora FMS 5.0_ 5.1 - Authentication Bypass",2015-06-10,"Manuel Mancera",php,webapps,0 37100,platforms/php/webapps/37100.txt,"Waylu CMS 'products_xx.php' SQL Injection and HTML Injection Vulnerabilities",2012-04-20,TheCyberNuxbie,php,webapps,0 37101,platforms/php/webapps/37101.txt,"Joomla CCNewsLetter Module 1.0.7 'id' Parameter SQL Injection Vulnerability",2012-04-23,E1nzte1N,php,webapps,0 @@ -33498,13 +33498,13 @@ id,file,description,date,author,platform,type,port 37103,platforms/php/webapps/37103.txt,"concrete5 5.5.2.1 Information Disclosure_ SQL Injection and Cross Site Scripting Vulnerabilities",2012-04-26,"Jakub Galczyk",php,webapps,0 37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 'jsoncallback' Parameter Cross Site Scripting Vulnerability",2012-04-26,"Jakub Galczyk",php,webapps,0 37105,platforms/php/webapps/37105.txt,"Quick.CMS 4.0 - 'p' Parameter Cross Site Scripting Vulnerability",2012-04-26,"Jakub Galczyk",php,webapps,0 -37106,platforms/php/webapps/37106.txt,"Wordpress Video Gallery Plugin 2.8 Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 +37106,platforms/php/webapps/37106.txt,"WordPress Video Gallery Plugin 2.8 Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 37107,platforms/php/webapps/37107.txt,"WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 37108,platforms/php/webapps/37108.txt,"WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 37109,platforms/php/webapps/37109.txt,"WordPress GigPress Plugin 2.3.8 - SQL Injection",2015-05-26,"Adrián M. F.",php,webapps,80 37110,platforms/java/webapps/37110.py,"Apache Jackrabbit WebDAV XXE Exploit",2015-05-26,"Mikhail Egorov",java,webapps,8080 -37111,platforms/php/webapps/37111.txt,"Wordpress MailChimp Subscribe Forms 1.1 Remote Code Execution",2015-05-26,woodspeed,php,webapps,80 -37112,platforms/php/webapps/37112.txt,"Wordpress church_admin Plugin 0.800 Stored XSS",2015-05-26,woodspeed,php,webapps,80 +37111,platforms/php/webapps/37111.txt,"WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution",2015-05-26,woodspeed,php,webapps,80 +37112,platforms/php/webapps/37112.txt,"WordPress church_admin Plugin 0.800 Stored XSS",2015-05-26,woodspeed,php,webapps,80 37113,platforms/php/webapps/37113.txt,"Wordpess Simple Photo Gallery 1.7.8 Blind SQL Injection",2015-05-26,woodspeed,php,webapps,80 37114,platforms/jsp/webapps/37114.txt,"Sendio ESP Information Disclosure Vulnerability",2015-05-26,"Core Security",jsp,webapps,80 37115,platforms/perl/webapps/37115.txt,"Clickheat 1.13+ Remote Command Execution",2015-05-26,"Calum Hutton",perl,webapps,0 @@ -33594,12 +33594,12 @@ id,file,description,date,author,platform,type,port 37206,platforms/php/webapps/37206.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 demo/phpThumb.demo.showpic.php title Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0 37207,platforms/php/webapps/37207.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 demo/phpThumb.demo.random.php dir Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0 37208,platforms/php/webapps/37208.txt,"backupDB() 1.2.7a 'onlyDB' Parameter Cross Site Scripting Vulnerability",2012-05-16,LiquidWorm,php,webapps,0 -37209,platforms/php/webapps/37209.txt,"Wordpress Really Simple Guest Post <= 1.0.6 - File Include",2015-06-05,Kuroi'SH,php,webapps,0 +37209,platforms/php/webapps/37209.txt,"WordPress Really Simple Guest Post <= 1.0.6 - File Include",2015-06-05,Kuroi'SH,php,webapps,0 37211,platforms/windows/local/37211.html,"1 Click Audio Converter 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37212,platforms/windows/local/37212.html,"1 Click Extract Audio 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37213,platforms/ios/webapps/37213.txt,"WiFi HD 8.1 - Directory Traversal and Denial of Service",2015-06-06,"Wh1t3Rh1n0 (Michael Allen)",ios,webapps,0 37214,platforms/hardware/webapps/37214.txt,"Broadlight Residential Gateway DI3124 - Unauthenticated Remote DNS Change",2015-06-06,"Todor Donev",hardware,webapps,0 -37252,platforms/php/webapps/37252.txt,"Wordpress RobotCPA Plugin V5 - Local File Inclusion",2015-06-10,T3N38R15,php,webapps,80 +37252,platforms/php/webapps/37252.txt,"WordPress RobotCPA Plugin V5 - Local File Inclusion",2015-06-10,T3N38R15,php,webapps,80 37216,platforms/php/webapps/37216.txt,"Unijimpe Captcha 'captchademo.php' Cross Site Scripting Vulnerability",2012-05-16,"Daniel Godoy",php,webapps,0 37217,platforms/php/webapps/37217.txt,"Artiphp 5.5.0 Neo - 'index.php' Multiple Cross Site Scripting Vulnerabilities",2012-05-17,"Gjoko Krstic",php,webapps,0 37218,platforms/jsp/dos/37218.txt,"Atlassian Tempo 6.4.3_ JIRA 5.0 0_ Gliffy 3.7.0 - XML Parsing Denial of Service Vulnerability",2012-05-17,anonymous,jsp,dos,0 @@ -33626,8 +33626,8 @@ id,file,description,date,author,platform,type,port 37239,platforms/windows/dos/37239.html,"Microsoft Internet Explorer 11 - Crash PoC",2015-06-08,"Pawel Wylecial",windows,dos,0 37240,platforms/hardware/webapps/37240.txt,"D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37241,platforms/hardware/webapps/37241.txt,"D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 -37243,platforms/php/webapps/37243.txt,"Wordpress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 -37244,platforms/php/webapps/37244.txt,"Wordpress Plugin 'WP Mobile Edition' - LFI Vulnerability",2015-06-08,"Ali Khalil",php,webapps,0 +37243,platforms/php/webapps/37243.txt,"WordPress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 +37244,platforms/php/webapps/37244.txt,"WordPress Plugin 'WP Mobile Edition' - LFI Vulnerability",2015-06-08,"Ali Khalil",php,webapps,0 37245,platforms/php/webapps/37245.txt,"Pasworld detail.php - Blind Sql Injection Vulnerability",2015-06-08,"Sebastian khan",php,webapps,0 37266,platforms/php/webapps/37266.txt,"ClickHeat <= 1.14 Change Admin Password CSRF",2015-06-12,"David Shanahan",php,webapps,80 37249,platforms/linux/dos/37249.py,"Libmimedir VCF Memory Corruption PoC",2015-06-10,"Jeremy Brown",linux,dos,0 @@ -33855,7 +33855,7 @@ id,file,description,date,author,platform,type,port 37492,platforms/ios/webapps/37492.txt,"WK UDID v1.0.1 iOS - Command Inject Vulnerability",2015-07-05,Vulnerability-Lab,ios,webapps,0 37534,platforms/php/webapps/37534.txt,"WordPress Easy2Map Plugin 1.24 - SQL Injection",2015-07-08,"Larry W. Cashdollar",php,webapps,80 37535,platforms/windows/local/37535.txt,"Blueberry Express 5.9.0.3678 - SEH Buffer Overflow",2015-07-08,Vulnerability-Lab,windows,local,0 -37494,platforms/php/webapps/37494.txt,"Wordpress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 +37494,platforms/php/webapps/37494.txt,"WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 37495,platforms/lin_x86/shellcode/37495.py,"Linux x86 /bin/sh ROT7 Encoded Shellcode",2015-07-05,"Artem T",lin_x86,shellcode,0 37500,platforms/php/webapps/37500.txt,"Funeral Script PHP Cross Site Scripting and SQL Injection Vulnerabilities",2012-06-17,snup,php,webapps,0 37501,platforms/php/webapps/37501.rb,"WordPress Generic Plugin Arbitrary File Upload Vulnerability",2012-07-13,KedAns-Dz,php,webapps,0 @@ -33912,8 +33912,8 @@ id,file,description,date,author,platform,type,port 37556,platforms/php/webapps/37556.txt,"Distimo Monitor Multiple Cross Site Scripting Vulnerabilities",2012-08-01,"Benjamin Kunz Mejri",php,webapps,0 37557,platforms/java/webapps/37557.txt,"ManageEngine Applications Manager Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2012-08-01,"Ibrahim El-Sayed",java,webapps,0 37558,platforms/windows/dos/37558.txt,"Notepad++ 6.7.3 - Crash PoC",2015-07-10,"Rahul Pratap Singh",windows,dos,0 -37559,platforms/php/webapps/37559.txt,"Wordpress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 -37560,platforms/php/webapps/37560.txt,"Wordpress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 +37559,platforms/php/webapps/37559.txt,"WordPress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 +37560,platforms/php/webapps/37560.txt,"WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 37562,platforms/multiple/dos/37562.pl,"NTPD MON_GETLIST Query Amplification Denial of Service",2015-07-10,"Todor Donev",multiple,dos,123 37567,platforms/php/webapps/37567.txt,"tekno.Portal 0.1b 'link.php' SQL Injection Vulnerability",2012-08-01,Socket_0x03,php,webapps,0 37568,platforms/windows/dos/37568.pl,"VLC Media Player '.3gp' File Divide-By-Zero Denial of Service Vulnerability",2012-08-02,Dark-Puzzle,windows,dos,0 @@ -34016,7 +34016,7 @@ id,file,description,date,author,platform,type,port 37674,platforms/php/webapps/37674.txt,"PHP Web Scripts Text Exchange Pro 'page' Parameter Local File Include Vulnerability",2012-08-24,"Yakir Wizman",php,webapps,0 37675,platforms/php/webapps/37675.txt,"Joomla! Komento Component 'cid' Parameter SQL Injection Vulnerability",2012-08-27,Crim3R,php,webapps,0 37676,platforms/asp/webapps/37676.txt,"Power-eCommerce Multiple Cross Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 -37677,platforms/php/webapps/37677.txt,"Wordpress Finder 'order' Parameter Cross Site Scripting Vulnerability",2012-08-25,Crim3R,php,webapps,0 +37677,platforms/php/webapps/37677.txt,"WordPress Finder 'order' Parameter Cross Site Scripting Vulnerability",2012-08-25,Crim3R,php,webapps,0 37678,platforms/asp/webapps/37678.txt,"Web Wiz Forums Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 37679,platforms/php/webapps/37679.txt,"LibGuides Multiple Cross Site Scripting Vulnerabilities",2012-08-25,Crim3R,php,webapps,0 37680,platforms/php/webapps/37680.txt,"Mihalism Multi Host 'users.php' Cross Site Scripting Vulnerability",2012-08-25,Explo!ter,php,webapps,0 @@ -34090,7 +34090,7 @@ id,file,description,date,author,platform,type,port 37754,platforms/php/webapps/37754.txt,"WordPress Candidate Application Form Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 37755,platforms/windows/local/37755.c,"Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)",2015-08-12,"Tomislav Paskalev",windows,local,0 37947,platforms/multiple/remote/37947.txt,"LiteSpeed Web Server 'gtitle' parameter Cross Site Scripting Vulnerability",2012-03-12,K1P0D,multiple,remote,0 -37948,platforms/php/webapps/37948.txt,"Wordpress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities",2012-10-17,waraxe,php,webapps,0 +37948,platforms/php/webapps/37948.txt,"WordPress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities",2012-10-17,waraxe,php,webapps,0 37949,platforms/linux/remote/37949.txt,"ModSecurity POST Parameters Security Bypass Vulnerability",2012-10-17,"Bernhard Mueller",linux,remote,0 37950,platforms/php/webapps/37950.txt,"jCore /admin/index.php path Parameter XSS",2012-10-17,"High-Tech Bridge",php,webapps,0 37951,platforms/windows/remote/37951.py,"Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0 @@ -34417,11 +34417,11 @@ id,file,description,date,author,platform,type,port 38096,platforms/linux/remote/38096.rb,"Endian Firewall Proxy Password Change Command Injection",2015-09-07,metasploit,linux,remote,10443 38097,platforms/hardware/webapps/38097.txt,"NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation",2015-09-07,"Elliott Lewis",hardware,webapps,80 38098,platforms/jsp/webapps/38098.txt,"JSPMySQL Administrador - Multiple Vulnerabilities",2015-09-07,hyp3rlinx,jsp,webapps,8081 -38105,platforms/php/webapps/38105.txt,"Wordpress White-Label Framework 2.0.6 - XSS Vulnerability",2015-09-08,Outlasted,php,webapps,80 +38105,platforms/php/webapps/38105.txt,"WordPress White-Label Framework 2.0.6 - XSS Vulnerability",2015-09-08,Outlasted,php,webapps,80 38108,platforms/windows/dos/38108.txt,"Advantech WebAccess 8.0_ 3.4.3 ActiveX - Multiple Vulnerabilities",2015-09-08,"Praveen Darshanam",windows,dos,0 38109,platforms/linux/remote/38109.pl,"Oracle MySQL and MariaDB Insecure Salt Generation Security Bypass Weakness",2012-12-06,kingcope,linux,remote,0 38110,platforms/php/webapps/38110.txt,"DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities",2015-09-08,"Ashiyane Digital Security Team",php,webapps,0 -38111,platforms/php/webapps/38111.txt,"Wordpress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability",2012-12-07,"Aditya Balapure",php,webapps,0 +38111,platforms/php/webapps/38111.txt,"WordPress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability",2012-12-07,"Aditya Balapure",php,webapps,0 38112,platforms/php/webapps/38112.txt,"FOOT Gestion 'id' Parameter SQL Injection Vulnerability",2012-12-07,"Emmanuel Farcy",php,webapps,0 38113,platforms/php/webapps/38113.php,"VBulletin ajaxReg Module SQL Injection Vulnerability",2012-12-08,"Cold Zero",php,webapps,0 38114,platforms/cgi/webapps/38114.html,"Smartphone Pentest Framework Multiple Remote Command Execution Vulnerabilities",2012-12-10,"High-Tech Bridge",cgi,webapps,0 @@ -34772,7 +34772,7 @@ id,file,description,date,author,platform,type,port 38481,platforms/hardware/remote/38481.html,"D-Link DIR-865L Cross Site Request Forgery Vulnerability",2013-04-19,"Jacob Holcomb",hardware,remote,0 38482,platforms/php/webapps/38482.txt,"Crafty Syntax Live Help <= 3.1.2 Remote File Include and Path Disclosure Vulnerabilities",2013-04-19,ITTIHACK,php,webapps,0 38483,platforms/hardware/dos/38483.txt,"TP-LINK TL-WR741N and TL-WR741ND Routers Multiple Denial of Service Vulnerabilities",2013-04-19,W1ckerMan,hardware,dos,0 -38484,platforms/php/webapps/38484.rb,"Wordpress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability",2015-10-18,PizzaHatHacker,php,webapps,0 +38484,platforms/php/webapps/38484.rb,"WordPress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability",2015-10-18,PizzaHatHacker,php,webapps,0 38485,platforms/windows/dos/38485.py,"VLC 2.2.1 libvlccore - (.mp3) Stack Overflow",2015-10-18,"Andrea Sindoni",windows,dos,0 38486,platforms/windows/local/38486.py,"Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow",2015-10-18,"yokoacc, nudragn, rungga_reksya",windows,local,0 38487,platforms/php/webapps/38487.txt,"WordPress Colormix Theme Multiple Security Vulnerablities",2013-04-21,MustLive,php,webapps,0 @@ -34939,7 +34939,7 @@ id,file,description,date,author,platform,type,port 38657,platforms/hardware/webapps/38657.html,"Arris TG1682G Modem - Stored XSS Vulnerability",2015-11-09,Nu11By73,hardware,webapps,0 39374,platforms/osx/dos/39374.c,"OS X Kernel - IOAccelMemoryInfoUserClient Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 38659,platforms/windows/dos/38659.py,"POP Peeper 4.0.1 - SEH Over-Write",2015-11-09,Un_N0n,windows,dos,0 -38660,platforms/php/remote/38660.rb,"Wordpress Ajax Load More 2.8.1.1 - PHP Upload Vulnerability",2015-11-09,metasploit,php,remote,0 +38660,platforms/php/remote/38660.rb,"WordPress Ajax Load More 2.8.1.1 - PHP Upload Vulnerability",2015-11-09,metasploit,php,remote,0 38661,platforms/php/webapps/38661.txt,"TestLink 1.9.14 - CSRF Vulnerability",2015-11-09,"Aravind C Ajayan, Balagopal N",php,webapps,0 38662,platforms/multiple/dos/38662.txt,"FreeType 2.6.1 TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read",2015-11-09,"Google Security Research",multiple,dos,0 38663,platforms/hardware/remote/38663.txt,"Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems",2015-11-10,"Murat Sahin",hardware,remote,0 @@ -35138,9 +35138,9 @@ id,file,description,date,author,platform,type,port 38864,platforms/php/webapps/38864.php,"NeoBill /install/include/solidstate.php Multiple Parameter SQL Injection",2013-12-06,KedAns-Dz,php,webapps,0 38865,platforms/php/webapps/38865.txt,"NeoBill /install/index.php language Parameter Traversal Local File Inclusion",2013-12-06,KedAns-Dz,php,webapps,0 39563,platforms/php/webapps/39563.txt,"Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities",2016-03-15,Security-Assessment.com,php,webapps,80 -38867,platforms/php/webapps/38867.txt,"Wordpress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 -38868,platforms/php/webapps/38868.txt,"Wordpress Plugin Sell Download v1.0.16 - Local File Disclosure",2015-12-04,KedAns-Dz,php,webapps,0 -38869,platforms/php/webapps/38869.txt,"Wordpress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 +38867,platforms/php/webapps/38867.txt,"WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 +38868,platforms/php/webapps/38868.txt,"WordPress Plugin Sell Download v1.0.16 - Local File Disclosure",2015-12-04,KedAns-Dz,php,webapps,0 +38869,platforms/php/webapps/38869.txt,"WordPress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 38870,platforms/php/webapps/38870.txt,"WordPress Easy Career Openings Plugin 'jobid' Parameter SQL Injection Vulnerability",2013-12-06,Iranian_Dark_Coders_Team,php,webapps,0 38871,platforms/windows/local/38871.txt,"Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions",2015-12-06,loneferret,windows,local,0 38872,platforms/php/webapps/38872.php,"WordPress PhotoSmash Galleries Plugin 'bwbps-uploader.php' Arbitrary File Upload Vulnerability",2013-12-08,"Ashiyane Digital Security Team",php,webapps,0 @@ -35184,7 +35184,7 @@ id,file,description,date,author,platform,type,port 38912,platforms/windows/remote/38912.txt,"Microsoft Windows Media Center Link File Incorrectly Resolved Reference",2015-12-09,"Core Security",windows,remote,0 38913,platforms/hardware/webapps/38913.txt,"WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities",2015-12-09,alimp5,hardware,webapps,0 38914,platforms/hardware/webapps/38914.txt,"WIMAX MT711x - Multiple Vulnerabilities",2015-12-09,alimp5,hardware,webapps,0 -38915,platforms/php/webapps/38915.txt,"Wordpress Plugin WP Easy Poll 1.1.3 - XSS and CSRF",2015-12-09,Mysticism,php,webapps,80 +38915,platforms/php/webapps/38915.txt,"WordPress Plugin WP Easy Poll 1.1.3 - XSS and CSRF",2015-12-09,Mysticism,php,webapps,80 38916,platforms/windows/dos/38916.html,"IE 11.0.9600.18097 COmWindowProxy::SwitchMarkup NULL PTR",2015-12-09,"Marcin Ressel",windows,dos,0 38917,platforms/osx/dos/38917.txt,"MacOS X 10.11 FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 38918,platforms/windows/remote/38918.txt,"Microsoft Office / COM Object els.dll DLL Planting (MS15-134)",2015-12-09,"Google Security Research",windows,remote,0 @@ -35233,7 +35233,7 @@ id,file,description,date,author,platform,type,port 39097,platforms/linux/remote/39097.txt,"Red Hat Piranha Remote Security Bypass Vulnerability",2013-12-11,"Andreas Schiermeier",linux,remote,0 39098,platforms/php/webapps/39098.txt,"Joomla! Wire Immogest Component 'index.php' SQL Injection Vulnerability",2014-02-17,MR.XpR,php,webapps,0 39057,platforms/php/webapps/39057.txt,"Dell Kace 1000 Systems Management Appliance DS-2014-001 Multiple SQL Injection Vulnerabilities",2014-01-13,"Rohan Stelling",php,webapps,0 -38964,platforms/hardware/remote/38964.rb,"Siemens Simatic S7 1200 CPU Command Module (MSF)",2015-12-14,"Nguyen Manh Hung",hardware,remote,102 +38964,platforms/hardware/remote/38964.rb,"Siemens Simatic S7 1200 CPU Command Module (Metasploit)",2015-12-14,"Nguyen Manh Hung",hardware,remote,102 39095,platforms/php/webapps/39095.pl,"MyBB 'misc.php' Remote Denial of Service Vulnerability",2014-02-12,Amir,php,webapps,0 38968,platforms/windows/remote/38968.txt,"Microsoft Office / COM Object DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)",2015-12-14,"Google Security Research",windows,remote,0 38969,platforms/multiple/dos/38969.txt,"Adobe Flash Type Confusion in IExternalizable.readExternal When Performing Local Serialization",2015-12-14,"Google Security Research",multiple,dos,0 @@ -35561,7 +35561,7 @@ id,file,description,date,author,platform,type,port 39306,platforms/php/webapps/39306.html,"pfSense Firewall <= 2.2.5 - Config File CSRF",2016-01-25,"Aatif Shahdad",php,webapps,443 39375,platforms/osx/dos/39375.c,"OS X Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39308,platforms/linux/dos/39308.c,"Linux Kernel - prima WLAN Driver Heap Overflow",2016-01-25,"Shawn the R0ck",linux,dos,0 -39309,platforms/php/webapps/39309.txt,"Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection",2016-01-25,"i0akiN SEC-LABORATORY",php,webapps,80 +39309,platforms/php/webapps/39309.txt,"WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection",2016-01-25,"i0akiN SEC-LABORATORY",php,webapps,80 39310,platforms/windows/local/39310.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2 (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39311,platforms/windows/local/39311.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39312,platforms/lin_x86-64/shellcode/39312.c,"x86_64 Linux xor/not/div Encoded execve Shellcode",2016-01-25,"Sathish kumar",lin_x86-64,shellcode,0 @@ -35571,7 +35571,7 @@ id,file,description,date,author,platform,type,port 39316,platforms/hardware/remote/39316.pl,"Multiple Aztech Modem Routers Session Hijacking Vulnerability",2014-09-15,"Eric Fajardo",hardware,remote,0 39317,platforms/php/webapps/39317.txt,"WordPress Wordfence Security Plugin Multiple Vulnerabilities",2014-09-14,Voxel@Night,php,webapps,0 39318,platforms/multiple/remote/39318.txt,"Laravel 'Hash::make()' Function Password Truncation Security Weakness",2014-09-16,"Pichaya Morimoto",multiple,remote,0 -39319,platforms/php/webapps/39319.txt,"Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 +39319,platforms/php/webapps/39319.txt,"WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 39320,platforms/php/webapps/39320.txt,"Gongwalker API Manager 1.1 - Blind SQL Injection",2016-01-26,HaHwul,php,webapps,80 39321,platforms/multiple/dos/39321.txt,"pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39322,platforms/multiple/dos/39322.txt,"pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 @@ -35788,13 +35788,13 @@ id,file,description,date,author,platform,type,port 39549,platforms/linux/local/39549.txt,"Exim < 4.86.2 - Local Root Privilege Escalation",2016-03-10,"Dawid Golunski",linux,local,0 39550,platforms/multiple/dos/39550.py,"libotr <= 4.1.0 - Memory Corruption",2016-03-10,"X41 D-Sec GmbH",multiple,dos,0 39551,platforms/multiple/dos/39551.txt,"Putty pscp <= 0.66 - Stack Buffer Overwrite",2016-03-10,tintinweb,multiple,dos,0 -39552,platforms/php/webapps/39552.txt,"Wordpress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability",2016-03-11,"Colette Chamberland",php,webapps,80 +39552,platforms/php/webapps/39552.txt,"WordPress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability",2016-03-11,"Colette Chamberland",php,webapps,80 39553,platforms/php/webapps/39553.txt,"WordPress DZS Videogallery Plugin <=8.60 - Multiple Vulnerabilities",2016-03-11,"Colette Chamberland",php,webapps,80 39554,platforms/php/remote/39554.rb,"PHP Utility Belt Remote Code Execution",2016-03-11,metasploit,php,remote,80 39555,platforms/linux/dos/39555.txt,"RHEL 7.1 Kernel - snd-usb-audio Crash PoC",2016-03-14,"OpenSource Security",linux,dos,0 39556,platforms/linux/dos/39556.txt,"RHEL 7.1 Kernel - iowarrior driver Crash PoC",2016-03-14,"OpenSource Security",linux,dos,0 39557,platforms/windows/dos/39557.py,"Zortam Mp3 Media Studio 20.15 - SEH Overflow DoS",2016-03-14,INSECT.B,windows,dos,0 -39558,platforms/php/webapps/39558.txt,"Wordpress Site Import Plugin 1.0.1 - Local and Remote File Inclusion",2016-03-14,Wadeek,php,webapps,80 +39558,platforms/php/webapps/39558.txt,"WordPress Site Import Plugin 1.0.1 - Local and Remote File Inclusion",2016-03-14,Wadeek,php,webapps,80 39559,platforms/php/webapps/39559.txt,"TeamPass 2.1.24 - Multiple Vulnerabilities",2016-03-14,"Vincent Malguy",php,webapps,80 39560,platforms/windows/dos/39560.txt,"Windows Kernel ATMFD.DLL OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 39561,platforms/windows/dos/39561.txt,"Windows Kernel ATMFD.DLL OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 @@ -35805,3 +35805,4 @@ id,file,description,date,author,platform,type,port 39569,platforms/multiple/remote/39569.py,"OpenSSH <= 7.2p1 - xauth Injection",2016-03-16,tintinweb,multiple,remote,22 39570,platforms/freebsd_x86-64/dos/39570.c,"FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow",2016-03-16,"Core Security",freebsd_x86-64,dos,0 39572,platforms/php/webapps/39572.txt,"PivotX 2.3.11 - Directory Traversal",2016-03-17,"Curesec Research Team",php,webapps,80 +39573,platforms/windows/webapps/39573.txt,"Wildfly - WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass",2016-03-20,"Tal Solomon of Palantir Security",windows,webapps,0 diff --git a/platforms/windows/webapps/39573.txt b/platforms/windows/webapps/39573.txt new file mode 100755 index 000000000..ca7a13e11 --- /dev/null +++ b/platforms/windows/webapps/39573.txt @@ -0,0 +1,23 @@ +Exploit Title: Wildfly: WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass +Date: 09.02.16 +Exploit Author: Tal Solomon of Palantir Security +Vendor Homepage: https://bugzilla.redhat.com/show_bug.cgi?id=1305937 +Software Link: http://wildfly.org/downloads/ +Version: This issue effects versions of Wildfly prior to 10.0.0.Final, including 9.0.2.Final, and 8.2.1.Final. +Tested on: Windows +CVE : CVE-2016-0793 + +An information disclosure of the content of restricted files WEB-INF and META-INF via filter mechanism was reported. Servlet filter restriction mechanism is enforced by two code checks: + +if (path.startsWith("/META-INF") || path.startsWith("META-INF") || path.startsWith("/WEB-INF") || path.startsWith("WEB-INF")) { + return false; +} + +private boolean isForbiddenPath(String path) { + return path.equalsIgnoreCase("/meta-inf/") || path.regionMatches(true, 0, "/web-inf/", 0, "/web-inf/".length()); +} + +which can be bypassed using lower case and adding meaningless character to path. + +Proof of Concept Video: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39573.zip