From 47d7100c18777e63aabe37b893f17b7d1f6a93fb Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Mon, 21 Mar 2016 05:03:44 +0000 Subject: [PATCH] DB: 2016-03-21 1 new exploits IRIX Multiple Buffer Overflow Exploits (LsD) IRIX - Multiple Buffer Overflow Exploits (LsD) Oracle Database PL/SQL Statement Multiple SQL Injection Exploits Oracle Database PL/SQL Statement - Multiple SQL Injection Exploits Wordpress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit WordPress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit Wordpress <= 1.5.1.3 - Remote Code Execution (0Day) WordPress <= 1.5.1.3 - Remote Code Execution (0Day) Wordpress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit) WordPress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit) Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (meta) Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (Metasploit) HP-UX FTP Server Preauthentication Directory Listing Exploit (meta) Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (meta) HP-UX <= 11.11 lpd Remote Command Execution Exploit (meta) CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (meta) HP-UX FTP Server Preauthentication Directory Listing Exploit (Metasploit) Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (Metasploit) HP-UX <= 11.11 lpd Remote Command Execution Exploit (Metasploit) CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (Metasploit) Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (meta) Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (Metasploit) WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (meta) WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (Metasploit) Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (meta) Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (Metasploit) Windows XP/2003 Metafile Escape() Code Execution Exploit (meta) Windows XP/2003 Metafile Escape() Code Execution Exploit (Metasploit) Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (meta) Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (Metasploit) Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (meta) Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (Metasploit) SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (meta) SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (Metasploit) Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (meta) Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (Metasploit) Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (meta) Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (Metasploit) PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (meta) PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (Metasploit) PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (meta) PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (Metasploit) RealVNC 4.1.0 - 4.1.1 - (Null Authentication) Auth Bypass Exploit (meta) RealVNC 4.1.0 - 4.1.1 - (Null Authentication) Auth Bypass Exploit (Metasploit) CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (meta) CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (Metasploit) TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (meta) TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (Metasploit) Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (meta) OpenLDAP 2.2.29 - Remote Denial of Service Exploit (meta) Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (Metasploit) OpenLDAP 2.2.29 - Remote Denial of Service Exploit (Metasploit) Broadcom Wireless Driver Probe Response SSID Overflow Exploit (meta) D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (meta) Broadcom Wireless Driver Probe Response SSID Overflow Exploit (Metasploit) D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (Metasploit) VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (meta) VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (Metasploit) Wordpress 2.0.5 - Trackback UTF-7 - Remote SQL Injection Exploit WordPress 2.0.5 - Trackback UTF-7 - Remote SQL Injection Exploit Berlios GPSD <= 2.7 - Remote Format String Exploit (meta) Berlios GPSD <= 2.7 - Remote Format String Exploit (Metasploit) FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (meta) FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (Metasploit) Wordpress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit WordPress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit 3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (meta) 3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (Metasploit) Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (meta) Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (Metasploit) IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (meta) IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (Metasploit) NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (meta) NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (Metasploit) Wordpress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit WordPress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (meta) AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (Metasploit) Wordpress plugin wp-Table <= 1.43 - (inc_dir) RFI Vulnerability Wordpress plugin wordTube <= 1.43 - (wpPATH) RFI Vulnerability WordPress plugin wp-Table <= 1.43 - (inc_dir) RFI Vulnerability WordPress plugin wordTube <= 1.43 - (wpPATH) RFI Vulnerability Wordpress plugin myflash <= 1.00 - (wppath) RFI Vulnerability WordPress plugin myflash <= 1.00 - (wppath) RFI Vulnerability Wordpress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit SNMPc <= 7.0.18 - Remote Denial of Service Exploit (meta) SNMPc <= 7.0.18 - Remote Denial of Service Exploit (Metasploit) Wordpress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit WordPress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (meta) CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (Metasploit) Wordpress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub) WordPress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub) eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (meta) eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (Metasploit) Wordpress Plugin PictPress <= 0.91 - Remote File Disclosure Vulnerability WordPress Plugin PictPress <= 0.91 - Remote File Disclosure Vulnerability Wordpress <= 2.3.1 - Charset Remote SQL Injection Vulnerability WordPress <= 2.3.1 - Charset Remote SQL Injection Vulnerability Wordpress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability WordPress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability Wordpress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability WordPress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability Wordpress Plugin WP-Cal 0.3 - editevent.php SQL Injection Vulnerability Wordpress plugin fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection Vulnerability WordPress plugin fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability Wordpress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit WordPress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit Wordpress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit WordPress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit Wordpress Plugin Wordspew - Remote SQL Injection Vulnerability WordPress Plugin Wordspew - Remote SQL Injection Vulnerability Wordpress Plugin st_newsletter - Remote SQL Injection Vulnerability WordPress Plugin st_newsletter - Remote SQL Injection Vulnerability Wordpress MU < 1.3.2 - active_plugins option Code Execution Exploit WordPress MU < 1.3.2 - active_plugins option Code Execution Exploit Wordpress Plugin Simple Forum 2.0-2.1 - SQL Injection Vulnerability Wordpress Plugin Simple Forum 1.10-1.11 - SQL Injection Vulnerability WordPress Plugin Simple Forum 2.0-2.1 - SQL Injection Vulnerability WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection Vulnerability Wordpress Photo album Remote - SQL Injection Vulnerability WordPress Photo album Remote - SQL Injection Vulnerability Wordpress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities WordPress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities Wordpress Plugin Download - (dl_id) SQL Injection Vulnerability WordPress Plugin Download - (dl_id) SQL Injection Vulnerability Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (meta) Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (Metasploit) Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (meta) Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (Metasploit) Wordpress Plugin Spreadsheet <= 0.6 - SQL Injection Vulnerability WordPress Plugin Spreadsheet <= 0.6 - SQL Injection Vulnerability HP StorageWorks NSI Double Take Remote Overflow Exploit (meta) HP StorageWorks NSI Double Take Remote Overflow Exploit (Metasploit) BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta) BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (Metasploit) Wordpress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (meta) CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (Metasploit) Wordpress 2.6.1 - SQL Column Truncation Vulnerability WordPress 2.6.1 - SQL Column Truncation Vulnerability Wordpress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (meta) Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (Metasploit) WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (meta) WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (Metasploit) ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (meta) ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (Metasploit) Wordpress Plugin st_newsletter - (stnl_iframe.php) SQL Injection Vuln WordPress Plugin st_newsletter - (stnl_iframe.php) SQL Injection Vuln PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (meta) PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (Metasploit) Wordpress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit WordPress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (meta) GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (Metasploit) GE Proficy Real Time Information Portal Credentials Leak Sniffer (meta) GE Proficy Real Time Information Portal Credentials Leak Sniffer (Metasploit) Wordpress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD Vuln WordPress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD Vuln Wordpress plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability WordPress plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability OpenHelpDesk 1.0.100 eval() Code Execution Exploit (meta) OpenHelpDesk 1.0.100 eval() Code Execution Exploit (Metasploit) Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta) Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (Metasploit) Wordpress MU < 2.7 - 'HOST' HTTP Header XSS Vulnerability WordPress MU < 2.7 - 'HOST' HTTP Header XSS Vulnerability Wordpress Plugin fMoblog 2.1 - (id) SQL Injection Vulnerability WordPress Plugin fMoblog 2.1 - (id) SQL Injection Vulnerability VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (meta) VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (Metasploit) ASP Product Catalog 1.0 (XSS/DD) Multiple Remote Exploits ASP Product Catalog 1.0 - (XSS/DD) Multiple Remote Exploits 32bit FTP - (PASV) Reply Client Remote Overflow Exploit (meta) 32bit FTP - (PASV) Reply Client Remote Overflow Exploit (Metasploit) Wordpress Plugin Lytebox - (wp-lytebox) Local File Inclusion Vulnerability WordPress Plugin Lytebox - (wp-lytebox) Local File Inclusion Vulnerability Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler BoF Exploit (meta) Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler BoF Exploit (Metasploit) Green Dam 3.17 URL Processing Buffer Overflow Exploit (meta) Green Dam 3.17 URL Processing Buffer Overflow Exploit (Metasploit) HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (meta) HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (Metasploit) Wordpress 2.8.1 - (url) Remote Cross-Site Scripting Exploit WordPress 2.8.1 - (url) Remote Cross-Site Scripting Exploit Cisco WLC 4402 - Basic Auth Remote Denial of Service (meta) Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit) Wordpress <= 2.8.3 - Remote Admin Reset Password Vulnerability WordPress <= 2.8.3 - Remote Admin Reset Password Vulnerability Wordpress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution WordPress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (meta) ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (Metasploit) Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (meta) Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (Metasploit) SIDVault 2.0e Windows Remote Buffer Overflow Exploit (meta) SIDVault 2.0e Windows Remote Buffer Overflow Exploit (Metasploit) Wordpress Image Manager Plugins - Shell Upload Vulnerability WordPress Image Manager Plugins - Shell Upload Vulnerability HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Meta) HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Metasploit) Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (meta) Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (Metasploit) gAlan 0.2.1 - Universal Buffer Overflow Exploit (meta) gAlan 0.2.1 - Universal Buffer Overflow Exploit (Metasploit) Audio Workstation 6.4.2.4.3 pls Buffer Overflow (meta) Audio Workstation 6.4.2.4.3 pls Buffer Overflow (Metasploit) Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (meta) Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (Metasploit) Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (meta) Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (Metasploit) Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Meta) Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Metasploit) Wordpress <= 2.9 - DoS (0day) WordPress <= 2.9 - DoS (0day) Wordpress Events Plugin - SQL Injection Vulnerability WordPress Events Plugin - SQL Injection Vulnerability PlayMeNow 7.3 & 7.4 - Buffer Overflow (meta) PlayMeNow 7.3 & 7.4 - Buffer Overflow (Metasploit) Soritong 1.0 - Universal BOF-SEH (META) Soritong 1.0 - Universal BOF-SEH (Metasploit) Audiotran 1.4.1 (PLS File) Stack Overflow (meta) Audiotran 1.4.1 (PLS File) Stack Overflow (Metasploit) AOL 9.5 Phobos.Playlist 'Import()' Buffer Overflow Exploit (Meta) AOL 9.5 Phobos.Playlist 'Import()' Buffer Overflow Exploit (Metasploit) Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (meta) Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (Metasploit) Easy FTP Server 1.7.0.2 - CWD Remote BoF (MSF Module) Easy FTP Server 1.7.0.2 - CWD Remote BoF (Metasploit) Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta) Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (Metasploit) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (meta) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit) Wordpress Plugin NextGEN Gallery <= 1.5.1 - XSS Vulnerability WordPress Plugin NextGEN Gallery <= 1.5.1 - XSS Vulnerability Winamp 5.572 - whatsnew.txt SEH (meta) Winamp 5.572 - whatsnew.txt SEH (Metasploit) WM Downloader 3.0.0.9 - Buffer Overflow (Meta) WM Downloader 3.0.0.9 - Buffer Overflow (Metasploit) TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Meta) TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Metasploit) IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Meta) IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Metasploit) BlazeDVD 6.0 - Buffer Overflow Exploit (Meta) BlazeDVD 6.0 - Buffer Overflow Exploit (Metasploit) Simple:Press Wordpress Plugin 4.3.0 - SQL Injection Vulnerability Simple:Press WordPress Plugin 4.3.0 - SQL Injection Vulnerability Wordpress Firestats - Remote Configuration File Download WordPress Firestats - Remote Configuration File Download MoreAmp SEH Buffer Overflow (meta) MoreAmp SEH Buffer Overflow (Metasploit) Hero DVD - Buffer Overflow Exploit (meta) Hero DVD - Buffer Overflow Exploit (Metasploit) Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (meta) Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (Metasploit) Wordpress Events Manager Extended Plugin - Persistent XSS Vulnerability WordPress Events Manager Extended Plugin - Persistent XSS Vulnerability Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (meta) Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (Metasploit) MP3 Workstation 9.2.1.1.2 - SEH Exploit (MSF) MP3 Workstation 9.2.1.1.2 - SEH Exploit (Metasploit) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (MSF) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) Wordpress Event Registration Plugin 5.32 - SQL Injection Vulnerability WordPress Event Registration Plugin 5.32 - SQL Injection Vulnerability Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (msf) Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit) TFTPUtil GUI 1.4.5 - DoS (Meta) TFTPUtil GUI 1.4.5 - DoS (Metasploit) Wordpress do_trackbacks() function - SQL Injection Vulnerability WordPress do_trackbacks() function - SQL Injection Vulnerability Create a New User with UID 0 - ARM (Meta) Create a New User with UID 0 - ARM (Metasploit) Comment Rating 2.9.23 Wordpress Plugin - Multiple Vulnerabilities Comment Rating 2.9.23 WordPress Plugin - Multiple Vulnerabilities Z-Vote 1.1 Wordpress Plugin - SQL Injection Vulnerability Z-Vote 1.1 WordPress Plugin - SQL Injection Vulnerability GigPress 2.1.10 Wordpress Plugin - Stored XSS Vulnerability Relevanssi 2.7.2 Wordpress Plugin - Stored XSS Vulnerability GigPress 2.1.10 WordPress Plugin - Stored XSS Vulnerability Relevanssi 2.7.2 WordPress Plugin - Stored XSS Vulnerability Wordpress Plugin Forum Server 1.6.5 - SQL Injection Vulnerability IWantOneButton 3.0.1 Wordpress Plugin - Multiple Vulnerabilities WordPress Plugin Forum Server 1.6.5 - SQL Injection Vulnerability IWantOneButton 3.0.1 WordPress Plugin - Multiple Vulnerabilities jQuery Mega Menu 1.0 Wordpress Plugin - Local File Inclusion OPS Old Post Spinner 2.2.1 Wordpress Plugin - LFI Vulnerability jQuery Mega Menu 1.0 WordPress Plugin - Local File Inclusion OPS Old Post Spinner 2.2.1 WordPress Plugin - LFI Vulnerability PHP Speedy <= 0.5.2 Wordpress Plugin - (admin_container.php) Remote Code Execution Exploit PHP Speedy <= 0.5.2 WordPress Plugin - (admin_container.php) Remote Code Execution Exploit GRAND Flash Album Gallery 0.55 Wordpress Plugin - Multiple Vulnerabilities GRAND Flash Album Gallery 0.55 WordPress Plugin - Multiple Vulnerabilities Wordpress plugin BackWPup - Remote and Local Code Execution Vulnerability WordPress plugin BackWPup - Remote and Local Code Execution Vulnerability Wordpress Plugin Custom Pages 0.5.0.1 - LFI Vulnerability WordPress Plugin Custom Pages 0.5.0.1 - LFI Vulnerability Microsoft Word 2003 - Record Parsing Buffer Overflow (meta) (MS09-027) Microsoft Word 2003 - Record Parsing Buffer Overflow (Metasploit) (MS09-027) Wordpress Plugin Is-human <= 1.4.2 - Remote Command Execution Vulnerability WordPress Plugin Is-human <= 1.4.2 - Remote Command Execution Vulnerability Wordpress Beer Recipes Plugin 1.0 - XSS WordPress Beer Recipes Plugin 1.0 - XSS Word List Builder 1.0 - Buffer Overflow Exploit (MSF) Word List Builder 1.0 - Buffer Overflow Exploit (Metasploit) Wordtrainer 3.0 - (.ord) Buffer Overflow Vulnerability (MSF) Wordtrainer 3.0 - (.ord) Buffer Overflow Vulnerability (Metasploit) Freefloat FTP Server Buffer Overflow Vulnerability (MSF) CoolPlayer Portable 2.19.2 - Buffer Overflow (MSF) Freefloat FTP Server Buffer Overflow Vulnerability (Metasploit) CoolPlayer Portable 2.19.2 - Buffer Overflow (Metasploit) Freefloat FTP Server MKD Buffer Overflow (MSF) Freefloat FTP Server MKD Buffer Overflow (Metasploit) FreeFloat FTP Server REST Buffer Overflow (MSF) FreeFloat FTP Server REST Buffer Overflow (Metasploit) Joomla 1.5 com_virtuemart <= 1.1.7 - Blind time-based SQL Injection (MSF) Joomla 1.5 com_virtuemart <= 1.1.7 - Blind time-based SQL Injection (Metasploit) Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (MSF) (0day) Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (Metasploit) (0day) ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (MSF) ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (MSF) ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (Metasploit) ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (Metasploit) FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (MSF) FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (Metasploit) Wordpress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit WordPress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit Wordpress Plugin Symposium <= 0.64 - SQL Injection Vulnerability WordPress Plugin Symposium <= 0.64 - SQL Injection Vulnerability Wordpress Plugin DS FAQ <= 1.3.2 - SQL Injection Vulnerability Wordpress Plugin Forum <= 1.7.8 - SQL Injection Vulnerability WordPress Plugin DS FAQ <= 1.3.2 - SQL Injection Vulnerability WordPress Plugin Forum <= 1.7.8 - SQL Injection Vulnerability Solarftp 2.1.2 - PASV Buffer Overflow Exploit (MSF) Solarftp 2.1.2 - PASV Buffer Overflow Exploit (Metasploit) Wordpress Plugin audio gallery playlist <= 0.12 - SQL Injection WordPress Plugin audio gallery playlist <= 0.12 - SQL Injection Wordpress grapefile plugin <= 1.1 - Arbitrary File Upload WordPress grapefile plugin <= 1.1 - Arbitrary File Upload Wordpress Plugin Bannerize <= 2.8.6 - SQL Injection WordPress Plugin Bannerize <= 2.8.6 - SQL Injection Wordpress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (MSF) WordPress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (Metasploit) BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (MSF) BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (Metasploit) Wordpress Event Registration plugin <= 5.44 - SQL Injection Vulnerability WordPress Event Registration plugin <= 5.44 - SQL Injection Vulnerability Wordpress Plugin Forum Server <= 1.7 - SQL Injection Vulnerability WordPress Plugin Forum Server <= 1.7 - SQL Injection Vulnerability Wordpress Plugin e-Commerce <= 3.8.6 - SQL Injection Vulnerability WordPress Plugin e-Commerce <= 3.8.6 - SQL Injection Vulnerability Wordpress TheCartPress Plugin 1.1.1 - Remote File Inclusion Wordpress AllWebMenus Plugin 1.1.3 - Remote File Inclusion Wordpress WPEasyStats Plugin 1.8 - Remote File Inclusion Wordpress Annonces Plugin 1.2.0.0 - Remote File Inclusion Wordpress Livesig Plugin 0.4 - Remote File Inclusion Wordpress Disclosure Policy Plugin 1.0 - Remote File Inclusion Wordpress Mailing List Plugin 1.3.2 - Remote File Inclusion Wordpress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion Wordpress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion Wordpress Relocate Upload Plugin 0.14 - Remote File Inclusion WordPress TheCartPress Plugin 1.1.1 - Remote File Inclusion WordPress AllWebMenus Plugin 1.1.3 - Remote File Inclusion WordPress WPEasyStats Plugin 1.8 - Remote File Inclusion WordPress Annonces Plugin 1.2.0.0 - Remote File Inclusion WordPress Livesig Plugin 0.4 - Remote File Inclusion WordPress Disclosure Policy Plugin 1.0 - Remote File Inclusion WordPress Mailing List Plugin 1.3.2 - Remote File Inclusion WordPress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion WordPress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion WordPress Relocate Upload Plugin 0.14 - Remote File Inclusion Multiple Wordpress Plugin - timthumb.php Vulnerabilites Multiple WordPress Plugin - timthumb.php Vulnerabilites ScriptFTP 3.3 - Remote Buffer Overflow (MSF) ScriptFTP 3.3 - Remote Buffer Overflow (Metasploit) Wordpress Plugin Bannerize <= 2.8.7 - SQL Injection Vulnerability WordPress Plugin Bannerize <= 2.8.7 - SQL Injection Vulnerability Wordpress Plugin Photo Album Plus <= 4.1.1 - SQL Injection Vulnerability WordPress Plugin Photo Album Plus <= 4.1.1 - SQL Injection Vulnerability Wordpress Plugin Glossary - SQL Injection WordPress Plugin Glossary - SQL Injection Wordpress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution WordPress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution Wordpress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection WordPress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection Wordpress Mailing List Plugin - Arbitrary File Download WordPress Mailing List Plugin - Arbitrary File Download Wordpress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload WordPress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload Wordpress Age Verification Plugin <= 0.4 - Open Redirect WordPress Age Verification Plugin <= 0.4 - Open Redirect Wordpress Count-per-day plugin - Multiple Vulnerabilities WordPress Count-per-day plugin - Multiple Vulnerabilities Wordpress <= 3.3.1 - Multiple Vulnerabilities WordPress <= 3.3.1 - Multiple Vulnerabilities Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (MSF Module) Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit) DJ Studio Pro 5.1.6.5.2 SEH Exploit MSF DJ Studio Pro 5.1.6.5.2 - SEH Exploit (Metasploit) Sysax 5.53 SSH Username Buffer Overflow (msf) Sysax 5.53 SSH Username Buffer Overflow (Metasploit) RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (MSF) RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (Metasploit) Buddypress plugin of Wordpress - Remote SQL Injection Buddypress plugin of WordPress - Remote SQL Injection Wordpress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities WordPress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities Wordpress 3.3.1 - Multiple CSRF Vulnerabilities WordPress 3.3.1 - Multiple CSRF Vulnerabilities Wordpress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS WordPress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS Wordpress WP-Property Plugin 1.35.0 - Arbitrary File Upload Wordpress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload Wordpress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities Wordpress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload Wordpress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload WordPress WP-Property Plugin 1.35.0 - Arbitrary File Upload WordPress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload WordPress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities WordPress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload WordPress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload Wordpress Asset Manager Plugin 0.2 - Arbitrary File Upload Wordpress Font Uploader Plugin 1.2.4 - Arbitrary File Upload WordPress Asset Manager Plugin 0.2 - Arbitrary File Upload WordPress Font Uploader Plugin 1.2.4 - Arbitrary File Upload Wordpress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload Wordpress Gallery Plugin 3.06 - Arbitrary File Upload WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload WordPress Gallery Plugin 3.06 - Arbitrary File Upload Wordpress Front File Manager Plugin 0.1 - Arbitrary File Upload Wordpress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure Vulnerability WordPress Front File Manager Plugin 0.1 - Arbitrary File Upload WordPress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure Vulnerability Wordpress Front End Upload 0.5.3 - Arbitrary File Upload Wordpress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload Wordpress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure WordPress Front End Upload 0.5.3 - Arbitrary File Upload WordPress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload WordPress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure Wordpress Plugin: Newsletter 1.5 - Remote File Disclosure Vulnerability Wordpress RBX Gallery Plugin 2.1 - Arbitrary File Upload Wordpress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure Wordpress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure Wordpress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure Wordpress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload WordPress Plugin: Newsletter 1.5 - Remote File Disclosure Vulnerability WordPress RBX Gallery Plugin 2.1 - Arbitrary File Upload WordPress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure WordPress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure WordPress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure WordPress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload Wordpress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload WordPress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload Wordpress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability WordPress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability Wordpress User Meta 1.1.1 - Arbitrary File Upload Vulnerability Wordpress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability Wordpress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability Wordpress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability Wordpress Mac Photo Gallery 2.7 - Arbitrary File Upload Wordpress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability Wordpress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload Vulnerability WordPress User Meta 1.1.1 - Arbitrary File Upload Vulnerability WordPress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability WordPress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability WordPress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability WordPress Mac Photo Gallery 2.7 - Arbitrary File Upload WordPress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability WordPress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload Vulnerability Wordpress Automatic Plugin 2.0.3 - SQL Injection WordPress Automatic Plugin 2.0.3 - SQL Injection Wordpress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload WordPress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta) UoW imapd 10.234/12.264 COPY Buffer Overflow (meta) UoW imapd 10.234/12.264 LSUB Buffer Overflow (Metasploit) UoW imapd 10.234/12.264 COPY Buffer Overflow (Metasploit) Wordpress Diary/Notebook Site5 Theme Email Spoofing WordPress Diary/Notebook Site5 Theme Email Spoofing Wordpress Plugin Effective Lead Management 3.0.0 - Persistent XSS WordPress Plugin Effective Lead Management 3.0.0 - Persistent XSS Wordpress Plugin ThreeWP Email Reflector 1.13 - Stored XSS WordPress Plugin ThreeWP Email Reflector 1.13 - Stored XSS Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change (MSF) Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change (Metasploit) Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability (msf) Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability (Metasploit) Wordpress Count per Day Plugin 3.2.3 - XSS Vulnerability WordPress Count per Day Plugin 3.2.3 - XSS Vulnerability Wordpress HD Webplayer 1.1 - SQL Injection Vulnerability WordPress HD Webplayer 1.1 - SQL Injection Vulnerability Wordpress Plugin spider calendar - Multiple Vulnerabilities WordPress Plugin spider calendar - Multiple Vulnerabilities FireStorm Professional Real Estate Wordpress Plugin 2.06.01 - SQL Injection Vulnerability FireStorm Professional Real Estate WordPress Plugin 2.06.01 - SQL Injection Vulnerability ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (MSF) ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (Metasploit) Wordpress Easy Webinar Plugin - Blind SQL Injection Vulnerability WordPress Easy Webinar Plugin - Blind SQL Injection Vulnerability Wordpress bbpress Plugin - Multiple Vulnerabilities WordPress bbpress Plugin - Multiple Vulnerabilities Wordpress All Video Gallery 1.1 - SQL Injection Vulnerability WordPress All Video Gallery 1.1 - SQL Injection Vulnerability Wordpress Spider Catalog 1.1 - HTML Code Injection and Cross-Site scripting WordPress Spider Catalog 1.1 - HTML Code Injection and Cross-Site scripting Wordpress Facebook Survey 1.0 - SQL Injection Vulnerability WordPress Facebook Survey 1.0 - SQL Injection Vulnerability Wordpress 0.6/0.7 Blog.Header.PHP - SQL Injection Vulnerabilities WordPress 0.6/0.7 Blog.Header.PHP - SQL Injection Vulnerabilities Portable phpMyAdmin Wordpress Plugin - Authentication Bypass Portable phpMyAdmin WordPress Plugin - Authentication Bypass Cisco IOS 12 MSFC2 Malformed Layer 2 Frame Denial of Service Vulnerability Cisco IOS 12 MSFC2 - Malformed Layer 2 Frame Denial of Service Vulnerability BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (MSF) BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (Metasploit) Jenkins CI Script Console Command Execution MSF Module Jenkins CI Script Console - Command Execution (Metasploit) Wordpress plugin Ripe HD FLV Player - SQL Injection Vulnerability WordPress plugin Ripe HD FLV Player - SQL Injection Vulnerability Wordpress Developer Formatter - CSRF Vulnerability WordPress Developer Formatter - CSRF Vulnerability Wordpress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities Wordpress 1.2 - Wp-login.PHP HTTP Response Splitting Vulnerability WordPress 1.2 - Wp-login.PHP HTTP Response Splitting Vulnerability Wordpress Mathjax Latex Plugin 1.1 - CSRF Vulnerability WordPress Mathjax Latex Plugin 1.1 - CSRF Vulnerability Wordpress FuneralPress Plugin 1.1.6 - Persistent XSS WordPress FuneralPress Plugin 1.1.6 - Persistent XSS Wordpress W3 Total Cache - PHP Code Execution WordPress W3 Total Cache - PHP Code Execution Wordpress wp-FileManager - Arbitrary File Download Vulnerability WordPress wp-FileManager - Arbitrary File Download Vulnerability Wordpress 1.5 - Post.PHP Cross-Site Scripting Vulnerability WordPress 1.5 - Post.PHP Cross-Site Scripting Vulnerability Wordpress User Role Editor Plugin 3.12 - CSRF Vulnerability Wordpress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities Wordpress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities WordPress User Role Editor Plugin 3.12 - CSRF Vulnerability WordPress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities WordPress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities Wordpress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities WordPress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities AudioCoder (.lst) - Buffer Overflow (msf) AudioCoder (.lst) - Buffer Overflow (Metasploit) Wordpress Spicy Blogroll Plugin - File Inclusion Vulnerability WordPress Spicy Blogroll Plugin - File Inclusion Vulnerability PCMan FTP Server 2.0.7 - Remote Exploit (msf) PCMan FTP Server 2.0.7 - Remote Exploit (Metasploit) HP Data Protector CMD Install Service Vulnerability (msf) HP Data Protector CMD Install Service Vulnerability (Metasploit) Wordpress Plugin Better WP Security - Stored XSS WordPress Plugin Better WP Security - Stored XSS Wordpress Booking Calendar 4.1.4 - CSRF Vulnerability WordPress Booking Calendar 4.1.4 - CSRF Vulnerability Wordpress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability WordPress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability Wordpress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities WordPress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities WordPress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities Wordpress ThinkIT Plugin 0.1 - Multiple Vulnerabilities WordPress ThinkIT Plugin 0.1 - Multiple Vulnerabilities freeFTPd 1.0.10 PASS Command SEH Overflow (msf) freeFTPd 1.0.10 PASS Command SEH Overflow (Metasploit) PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (MSF) PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (Metasploit) Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability WP-DB Backup For Wordpress 1.6/1.7 Edit.PHP - Directory Traversal Vulnerability WP-DB Backup For WordPress 1.6/1.7 Edit.PHP - Directory Traversal Vulnerability Western Digital Arkeia Remote Code Execution (msf module) Western Digital Arkeia Remote Code Execution (Metasploit) Wordpress Lazy SEO plugin 1.1.9 - Shell Upload Vulnerability WordPress Lazy SEO plugin 1.1.9 - Shell Upload Vulnerability Wordpress NOSpamPTI Plugin - Blind SQL Injection WordPress NOSpamPTI Plugin - Blind SQL Injection Wordpress Quick Contact Form Plugin 6.0 - Persistent XSS WordPress Quick Contact Form Plugin 6.0 - Persistent XSS Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities WordPress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day) Dexs PM System WordPress Plugin - Authenticated Persistent XSS (0day) Wordpress Plugin Realty - Blind SQL Injection WordPress Plugin Realty - Blind SQL Injection Wordpress 1.x/2.0.x - Template.PHP HTML Injection Vulnerability WordPress 1.x/2.0.x - Template.PHP HTML Injection Vulnerability Wordpress Highlight Premium Theme - CSRF File Upload Vulnerability WordPress Highlight Premium Theme - CSRF File Upload Vulnerability Wordpress 2.1.1 - Post.PHP Cross-Site Scripting Vulnerability WordPress 2.1.1 - Post.PHP Cross-Site Scripting Vulnerability Wordpress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities Wordpress 1.x/2.0.x - Templates.PHP Cross-Site Scripting Vulnerability WordPress 1.x/2.0.x - Templates.PHP Cross-Site Scripting Vulnerability Wordpress Euclid Theme 1.x.x - CSRF Vulnerability Wordpress Dimension Theme - CSRF Vulnerability Wordpress Amplus Theme - CSRF Vulnerability Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability WordPress Euclid Theme 1.x.x - CSRF Vulnerability WordPress Dimension Theme - CSRF Vulnerability WordPress Amplus Theme - CSRF Vulnerability WordPress Make A Statement (MaS) Theme - CSRF Vulnerability Wordpress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting WordPress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting Wordpress Orange Themes - CSRF File Upload Vulnerability WordPress Orange Themes - CSRF File Upload Vulnerability Wordpress Formcraft Plugin - SQL Injection Vulnerability WordPress Formcraft Plugin - SQL Injection Vulnerability Wordpress page-flip-image-gallery Plugins - Remote File Upload WordPress page-flip-image-gallery Plugins - Remote File Upload Wordpress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit WordPress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit Wordpress Dandelion Theme - Arbitry File Upload WordPress Dandelion Theme - Arbitry File Upload Wordpress Frontend Upload Plugin - Arbitrary File Upload Wordpress Buddypress Plugin 1.9.1 - Privilege Escalation WordPress Frontend Upload Plugin - Arbitrary File Upload WordPress Buddypress Plugin 1.9.1 - Privilege Escalation Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities WordPress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities Wordpress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection WordPress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection Wordpress VideoWhisper 4.27.3 - Multiple Vulnerabilities WordPress VideoWhisper 4.27.3 - Multiple Vulnerabilities Gold MP4 Player 3.3 - Universal SEH Exploit (MSF) Gold MP4 Player 3.3 - Universal SEH Exploit (Metasploit) Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion WordPress Ajax Pagination Plugin 1.1 - Local File Inclusion Wordpress XCloner Plugin 3.1.0 - CSRF Vulnerability WordPress XCloner Plugin 3.1.0 - CSRF Vulnerability Wordpress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities Wordpress Twitget Plugin 3.3.1 - Multiple Vulnerabilities WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities WordPress Twitget Plugin 3.3.1 - Multiple Vulnerabilities Wordpress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload WordPress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload Wordpress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities WordPress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities Wireshark CAPWAP Dissector - Denial of Service (msf) Wireshark CAPWAP Dissector - Denial of Service (Metasploit) Wordpress Participants Database 1.5.4.8 - SQL Injection WordPress Participants Database 1.5.4.8 - SQL Injection Wordpress TimThumb 2.8.13 WebShot - Remote Code Execution (0day) WordPress TimThumb 2.8.13 WebShot - Remote Code Execution (0day) Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities WordPress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability (meta) Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability (Metasploit) Wordpress MailPoet - (wysija-newsletters) Unauthenticated File Upload WordPress MailPoet - (wysija-newsletters) Unauthenticated File Upload Gigya Socialize Plugin 1.0/1.1.x for Wordpress - Cross-Site Scripting Vulnerability Gigya Socialize Plugin 1.0/1.1.x for WordPress - Cross-Site Scripting Vulnerability Wordpress Plugin Gallery Objects 0.4 - SQL Injection WordPress Plugin Gallery Objects 0.4 - SQL Injection Wordpress WP BackupPlus - Database And Files Backup Download (0day) WordPress WP BackupPlus - Database And Files Backup Download (0day) Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities WordPress Video Gallery Plugin 2.5 - Multiple Vulnerabilities Disqus for Wordpress 2.7.5 - Admin Stored CSRF and XSS Disqus for WordPress 2.7.5 - Admin Stored CSRF and XSS Wordpress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection WordPress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection Wordpress Plugins Premium Gallery Manager - Unauthenticated Configuration Access Vulnerability WordPress Plugins Premium Gallery Manager - Unauthenticated Configuration Access Vulnerability Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability WordPress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability Wordpress Bulk Delete Users by Email Plugin 1.0 - CSRF WordPress Bulk Delete Users by Email Plugin 1.0 - CSRF Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities WordPress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities Wordpress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit) WordPress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit) Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities WordPress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities GNU bash Environment Variable Command Injection (MSF) GNU bash Environment Variable Command Injection (Metasploit) Wordpress All In One WP Security Plugin 3.8.2 - SQL Injection WordPress All In One WP Security Plugin 3.8.2 - SQL Injection All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability All In One WordPress Firewall 3.8.3 - Persistent XSS Vulnerability Bash - CGI RCE (MSF) Shellshock Exploit Bash - CGI RCE (Metasploit) Shellshock Exploit Wordpress InfusionSoft Plugin - Upload Vulnerability WordPress InfusionSoft Plugin - Upload Vulnerability Creative Contact Form (Wordpress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability Creative Contact Form (WordPress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability Wordpress CP Multi View Event Calendar 1.01 - SQL Injection WordPress CP Multi View Event Calendar 1.01 - SQL Injection XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities XCloner WordPress/Joomla! Plugin - Multiple Vulnerabilities Another Wordpress Classifieds Plugin - SQL Injection Another WordPress Classifieds Plugin - SQL Injection Wordpress SP Client Document Manager Plugin 2.4.1 - SQL Injection WordPress SP Client Document Manager Plugin 2.4.1 - SQL Injection Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF) Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (Metasploit) Wordpress CM Download Manager Plugin 2.0.0 - Code Injection WordPress CM Download Manager Plugin 2.0.0 - Code Injection Wordpress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability Wordpress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability WordPress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability WordPress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability Wordpress Google Document Embedder 2.5.14 - SQL Injection WordPress Google Document Embedder 2.5.14 - SQL Injection Wordpress DB Backup Plugin - Arbitrary File Download WordPress DB Backup Plugin - Arbitrary File Download Wordpress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit WordPress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit Wordpress < 4.0.1 - Denial of Service WordPress < 4.0.1 - Denial of Service Wordpress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability WordPress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability CodeArt Google MP3 Player Wordpress Plugin - File Disclosure Download CodeArt Google MP3 Player WordPress Plugin - File Disclosure Download Wordpress Ajax Store Locator 1.2 - Arbitrary File Download WordPress Ajax Store Locator 1.2 - Arbitrary File Download Wordpress Plugin Symposium 14.10 - SQL Injection WordPress Plugin Symposium 14.10 - SQL Injection Wordpress Download Manager 2.7.4 - Remote Code Execution Vulnerability WordPress Download Manager 2.7.4 - Remote Code Execution Vulnerability Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit WordPress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit Live Wire 2.3.1 For Wordpress - Multiple Security Vulnerabilities Live Wire 2.3.1 For WordPress - Multiple Security Vulnerabilities The Gazette Edition 2.9.4 For Wordpress - Multiple Security Vulnerabilities The Gazette Edition 2.9.4 For WordPress - Multiple Security Vulnerabilities Wordpress Pie Register Plugin 2.0.13 - Privilege Escalation WordPress Pie Register Plugin 2.0.13 - Privilege Escalation Wordpress Cforms Plugin 14.7 - Remote Code Execution WordPress Cforms Plugin 14.7 - Remote Code Execution Wordpress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload WordPress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload Wordpress Video Gallery 2.7.0 - SQL Injection Vulnerability WordPress Video Gallery 2.7.0 - SQL Injection Vulnerability Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection WordPress Survey and Poll Plugin 1.1 - Blind SQL Injection Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (MSF) Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (Metasploit) Calculated Fields Form Wordpress Plugin <= 1.0.10 - Remote SQL Injection Vulnerability Calculated Fields Form WordPress Plugin <= 1.0.10 - Remote SQL Injection Vulnerability Wordpress Theme Photocrati 4.x.x - SQL Injection & XSS WordPress Theme Photocrati 4.x.x - SQL Injection & XSS Wordpress Theme DesignFolio Plus 1.2 - Arbitrary File Upload Vulnerability WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload Vulnerability Wordpress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload Wordpress Marketplace 2.4.0 - Arbitrary File Download WordPress Marketplace 2.4.0 - Arbitrary File Download Wordpress Plugin Slider Revolution <= 4.1.4 - Arbitrary File Download vulnerability WordPress Plugin Slider Revolution <= 4.1.4 - Arbitrary File Download vulnerability Wordpress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download Vulnerability WordPress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download Vulnerability Wordpress Business Intelligence Plugin - SQL injection WordPress Business Intelligence Plugin - SQL injection Wordpress Video Gallery Plugin 2.8 - Multiple CSRF Vulnerabilities WordPress Video Gallery Plugin 2.8 - Multiple CSRF Vulnerabilities Wordpress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities Wordpress Simple Ads Manager Plugin - Multiple SQL Injection Wordpress Simple Ads Manager 2.5.94 - Arbitrary File Upload Wordpress Simple Ads Manager - Information Disclosure WordPress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities WordPress Simple Ads Manager Plugin - Multiple SQL Injection WordPress Simple Ads Manager 2.5.94 - Arbitrary File Upload WordPress Simple Ads Manager - Information Disclosure Wordpress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection WordPress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection Wordpress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload WordPress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload Wordpress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure Vulnerability Wordpress Duplicator <= 0.5.14 - SQL Injection & CSRF WordPress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure Vulnerability WordPress Duplicator <= 0.5.14 - SQL Injection & CSRF Wordpress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload Vulnerability WordPress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload Vulnerability Wordpress Video Gallery 2.8 - SQL Injection WordPress Video Gallery 2.8 - SQL Injection Wordpress Ajax Store Locator 1.2 - SQL Injection Vulnerability WordPress Ajax Store Locator 1.2 - SQL Injection Vulnerability Wordpress NEX-Forms < 3.0 - SQL Injection Vulnerability WordPress NEX-Forms < 3.0 - SQL Injection Vulnerability Wordpress Reflex Gallery Upload Vulnerability Wordpress N-Media Website Contact Form Upload Vulnerability Wordpress Creative Contact Form Upload Vulnerability Wordpress Work The Flow Upload Vulnerability WordPress Reflex Gallery Upload Vulnerability WordPress N-Media Website Contact Form Upload Vulnerability WordPress Creative Contact Form Upload Vulnerability WordPress Work The Flow Upload Vulnerability Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi (2) Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi (2) RM Downloader 2.7.5.400 - Local Buffer Overflow (MSF) RM Downloader 2.7.5.400 - Local Buffer Overflow (Metasploit) Wordpress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS & CSRF & File Upload WordPress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS & CSRF & File Upload Wordpress Freshmail Unauthenticated SQL Injection WordPress Freshmail Unauthenticated SQL Injection Wordpress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion WordPress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion Wordpress RevSlider File Upload and Execute Vulnerability WordPress RevSlider File Upload and Execute Vulnerability Wordpress Ad Inserter Plugin 1.5.2 - CSRF Vulnerability WordPress Ad Inserter Plugin 1.5.2 - CSRF Vulnerability Wordpress N-Media Website Contact Form with File Upload 1.3.4 - File Upload WordPress N-Media Website Contact Form with File Upload 1.3.4 - File Upload Wordpress History Collection <= 1.1.1 - Arbitrary File Download WordPress History Collection <= 1.1.1 - Arbitrary File Download Wordpress Video Gallery Plugin 2.8 Arbitrary Mail Relay WordPress Video Gallery Plugin 2.8 Arbitrary Mail Relay Wordpress MailChimp Subscribe Forms 1.1 Remote Code Execution Wordpress church_admin Plugin 0.800 Stored XSS WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution WordPress church_admin Plugin 0.800 Stored XSS Wordpress Really Simple Guest Post <= 1.0.6 - File Include WordPress Really Simple Guest Post <= 1.0.6 - File Include Wordpress RobotCPA Plugin V5 - Local File Inclusion WordPress RobotCPA Plugin V5 - Local File Inclusion Wordpress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities Wordpress Plugin 'WP Mobile Edition' - LFI Vulnerability WordPress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities WordPress Plugin 'WP Mobile Edition' - LFI Vulnerability Wordpress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download Wordpress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download Wordpress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection WordPress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection Wordpress Finder 'order' Parameter Cross Site Scripting Vulnerability WordPress Finder 'order' Parameter Cross Site Scripting Vulnerability Wordpress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities WordPress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities Wordpress White-Label Framework 2.0.6 - XSS Vulnerability WordPress White-Label Framework 2.0.6 - XSS Vulnerability Wordpress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability WordPress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability Wordpress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability WordPress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability Wordpress Ajax Load More 2.8.1.1 - PHP Upload Vulnerability WordPress Ajax Load More 2.8.1.1 - PHP Upload Vulnerability Wordpress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities Wordpress Plugin Sell Download v1.0.16 - Local File Disclosure Wordpress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities WordPress Plugin Sell Download v1.0.16 - Local File Disclosure WordPress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities Wordpress Plugin WP Easy Poll 1.1.3 - XSS and CSRF WordPress Plugin WP Easy Poll 1.1.3 - XSS and CSRF Siemens Simatic S7 1200 CPU Command Module (MSF) Siemens Simatic S7 1200 CPU Command Module (Metasploit) Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection Wordpress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability WordPress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability Wordpress Site Import Plugin 1.0.1 - Local and Remote File Inclusion WordPress Site Import Plugin 1.0.1 - Local and Remote File Inclusion Wildfly - WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass --- files.csv | 865 ++++++++++++++-------------- platforms/windows/webapps/39573.txt | 23 + 2 files changed, 456 insertions(+), 432 deletions(-) create mode 100755 platforms/windows/webapps/39573.txt diff --git a/files.csv b/files.csv index 1390995ee..1abd2fb14 100755 --- a/files.csv +++ b/files.csv @@ -310,7 +310,7 @@ id,file,description,date,author,platform,type,port 331,platforms/linux/local/331.c,"LibXt XtAppInitialize() Overflow *xterm Exploit",1997-05-14,"Ming Zhang",linux,local,0 332,platforms/solaris/local/332.sh,"Solaris 2.5.0/2.5.1 ps & chkey Data Buffer Exploit",1997-05-19,"Joe Zbiciak",solaris,local,0 333,platforms/aix/local/333.c,"AIX 4.2 /usr/dt/bin/dtterm Local Buffer Overflow Exploit",1997-05-27,"Georgi Guninski",aix,local,0 -334,platforms/irix/local/334.c,"IRIX Multiple Buffer Overflow Exploits (LsD)",1997-05-25,LSD-PLaNET,irix,local,0 +334,platforms/irix/local/334.c,"IRIX - Multiple Buffer Overflow Exploits (LsD)",1997-05-25,LSD-PLaNET,irix,local,0 335,platforms/aix/local/335.c,"AIX lquerylv Local Root Buffer Overflow Exploit",1997-05-26,"Georgi Guninski",aix,local,0 336,platforms/irix/local/336.c,"IRIX /bin/login Local Buffer Overflow Exploit",1997-05-26,"David Hedley",irix,local,0 337,platforms/irix/local/337.c,"IRIX 5.3 /usr/sbin/iwsh Local Root Buffer Overflow",1997-05-27,"David Hedley",irix,local,0 @@ -752,7 +752,7 @@ id,file,description,date,author,platform,type,port 930,platforms/windows/remote/930.html,"Microsoft Internet Explorer DHTML Object Memory Corruption Exploit",2005-04-12,Skylined,windows,remote,0 931,platforms/windows/dos/931.html,"Microsoft Internet Explorer DHTML Object Handling Vulns (MS05-020)",2005-04-12,Skylined,windows,dos,0 932,platforms/windows/local/932.sql,"Oracle Database Server <= 10.1.0.2 - Buffer Overflow Exploit",2005-04-13,"Esteban Fayo",windows,local,0 -933,platforms/windows/local/933.sql,"Oracle Database PL/SQL Statement Multiple SQL Injection Exploits",2005-04-13,"Esteban Fayo",windows,local,0 +933,platforms/windows/local/933.sql,"Oracle Database PL/SQL Statement - Multiple SQL Injection Exploits",2005-04-13,"Esteban Fayo",windows,local,0 934,platforms/linux/remote/934.c,"gld 1.4 (Postfix Greylisting Daemon) Remote Format String Exploit",2005-04-13,Xpl017Elz,linux,remote,2525 935,platforms/windows/local/935.c,"Morpheus <= 4.8 - Local Chat Passwords Disclosure Exploit",2005-04-13,Kozan,windows,local,0 936,platforms/windows/local/936.c,"DeluxeFtp 6.x - Local Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 @@ -885,7 +885,7 @@ id,file,description,date,author,platform,type,port 1074,platforms/solaris/local/1074.c,"Solaris 9 / 10 - ld.so Local Root Exploit (2)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1075,platforms/windows/remote/1075.c,"Microsoft Windows Message Queuing BoF Universal Exploit (MS05-017) (v.0.3)",2005-06-29,houseofdabus,windows,remote,2103 1076,platforms/php/webapps/1076.py,"phpBB 2.0.15 (highlight) Remote PHP Code Execution",2005-06-29,rattle,php,webapps,0 -1077,platforms/php/webapps/1077.pl,"Wordpress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit",2005-06-30,"James Bercegay",php,webapps,0 +1077,platforms/php/webapps/1077.pl,"WordPress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit",2005-06-30,"James Bercegay",php,webapps,0 1078,platforms/php/webapps/1078.pl,"XML-RPC Library <= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit",2005-07-01,ilo--,php,webapps,0 1079,platforms/windows/remote/1079.html,"Microsoft Internet Explorer (javaprxy.dll) COM Object Remote Exploit",2005-07-05,k-otik,windows,remote,0 1080,platforms/php/webapps/1080.pl,"phpBB 2.0.15 (highlight) Database Authentication Details Exploit",2005-07-03,SecureD,php,webapps,0 @@ -944,10 +944,10 @@ id,file,description,date,author,platform,type,port 1138,platforms/linux/remote/1138.c,"nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit",2005-08-05,CoKi,linux,remote,0 1139,platforms/linux/remote/1139.c,"Ethereal 10.x AFP Protocol Dissector Remote Format String Exploit",2005-08-06,vade79,linux,remote,0 1140,platforms/php/webapps/1140.php,"Flatnuke <= 2.5.5 - Remote Code Execution",2005-08-08,rgod,php,webapps,0 -1142,platforms/php/webapps/1142.php,"Wordpress <= 1.5.1.3 - Remote Code Execution (0Day)",2005-08-09,Kartoffelguru,php,webapps,0 +1142,platforms/php/webapps/1142.php,"WordPress <= 1.5.1.3 - Remote Code Execution (0Day)",2005-08-09,Kartoffelguru,php,webapps,0 1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 (rdpwd.sys) Remote Kernel DoS Exploit",2005-08-09,"Tom Ferris",windows,dos,0 1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 -1145,platforms/php/webapps/1145.pm,"Wordpress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit)",2005-08-10,str0ke,php,webapps,0 +1145,platforms/php/webapps/1145.pm,"WordPress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit)",2005-08-10,str0ke,php,webapps,0 1146,platforms/windows/remote/1146.c,"Microsoft Windows Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec Remote File Access Exploit (windows)",2005-08-11,N/A,windows,remote,10000 1149,platforms/windows/remote/1149.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 @@ -1028,7 +1028,7 @@ id,file,description,date,author,platform,type,port 1233,platforms/multiple/dos/1233.html,"Mozilla Firefox <= 1.0.7 - Integer Overflow Denial of Service Exploit",2005-09-26,"Georgi Guninski",multiple,dos,0 1234,platforms/bsd/remote/1234.c,"GNU Mailutils imap4d 0.6 (search) Remote Format String Exploit (fbsd)",2005-09-26,"Angelo Rosiello",bsd,remote,143 1235,platforms/windows/dos/1235.c,"MultiTheftAuto 0.5 patch 1 Server Crash and MOTD Deletion Exploit",2005-09-26,"Luigi Auriemma",windows,dos,0 -1236,platforms/cgi/webapps/1236.pm,"Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (meta)",2005-09-27,"Nicolas Gregoire",cgi,webapps,0 +1236,platforms/cgi/webapps/1236.pm,"Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (Metasploit)",2005-09-27,"Nicolas Gregoire",cgi,webapps,0 1237,platforms/php/webapps/1237.php,"PHP-Fusion 6.00.109 (msg_send) SQL Injection Exploit",2005-09-28,rgod,php,webapps,0 1238,platforms/linux/remote/1238.c,"Prozilla <= 1.3.7.4 (ftpsearch) Results Handling Buffer Overflow Exploit",2005-10-02,taviso,linux,remote,8080 1239,platforms/windows/dos/1239.c,"Virtools Web Player <= 3.0.0.100 - Buffer Overflow DoS Exploit",2005-10-02,"Luigi Auriemma",windows,dos,0 @@ -1050,10 +1050,10 @@ id,file,description,date,author,platform,type,port 1256,platforms/multiple/dos/1256.pl,"Lynx <= 2.8.6dev.13 - Remote Buffer Overflow Exploit (PoC)",2005-10-17,"Ulf Harnhammar",multiple,dos,0 1257,platforms/multiple/dos/1257.html,"Mozilla (Firefox <= 1.0.7) (Mozilla <= 1.7.12) Denial of Service Exploit",2005-10-17,Kubbo,multiple,dos,0 1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 - (resetcore.php) Remote SQL Injection Exploit",2005-10-18,rgod,linux,remote,0 -1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server Preauthentication Directory Listing Exploit (meta)",2005-10-19,Optyx,hp-ux,remote,0 -1260,platforms/windows/remote/1260.pm,"Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (meta)",2005-10-19,"H D Moore",windows,remote,80 -1261,platforms/hp-ux/remote/1261.pm,"HP-UX <= 11.11 lpd Remote Command Execution Exploit (meta)",2005-10-19,"H D Moore",hp-ux,remote,515 -1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (meta)",2005-10-19,"H D Moore",windows,remote,4105 +1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server Preauthentication Directory Listing Exploit (Metasploit)",2005-10-19,Optyx,hp-ux,remote,0 +1260,platforms/windows/remote/1260.pm,"Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (Metasploit)",2005-10-19,"H D Moore",windows,remote,80 +1261,platforms/hp-ux/remote/1261.pm,"HP-UX <= 11.11 lpd Remote Command Execution Exploit (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515 +1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (Metasploit)",2005-10-19,"H D Moore",windows,remote,4105 1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (linux)",2005-10-20,"Kevin Finisterre",multiple,remote,13722 1264,platforms/windows/remote/1264.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (Win32)",2005-10-20,"Kevin Finisterre",windows,remote,13722 1265,platforms/osx/remote/1265.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (OS X)",2005-10-20,"Kevin Finisterre",osx,remote,13722 @@ -1069,7 +1069,7 @@ id,file,description,date,author,platform,type,port 1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6.0 (mshtmled.dll) Denial of Service Exploit",2005-10-28,"Tom Ferris",windows,dos,0 1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit",2005-10-29,ATmaCA,windows,remote,0 1278,platforms/php/webapps/1278.pl,"Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit",2005-10-31,RusH,php,webapps,0 -1279,platforms/windows/remote/1279.pm,"Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (meta)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 +1279,platforms/windows/remote/1279.pm,"Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (Metasploit)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 1280,platforms/php/webapps/1280.pl,"VuBB Forum RC1 (m) Remote SQL Injection Exploit",2005-11-02,Devil-00,php,webapps,0 1281,platforms/windows/dos/1281.c,"Battle Carry <= .005 Socket Termination Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 1282,platforms/windows/dos/1282.c,"Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 @@ -1082,7 +1082,7 @@ id,file,description,date,author,platform,type,port 1289,platforms/php/webapps/1289.php,"CuteNews <= 1.4.1 (shell inject) Remote Command Execution Exploit",2005-11-03,rgod,php,webapps,0 1290,platforms/linux/remote/1290.pl,"gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (ppc)",2005-11-04,"Kevin Finisterre",linux,remote,0 1291,platforms/linux/remote/1291.pl,"gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (x86)",2005-11-04,"Kevin Finisterre",linux,remote,0 -1292,platforms/multiple/remote/1292.pm,"WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (meta)",2005-11-04,"David Maciejak",multiple,remote,21 +1292,platforms/multiple/remote/1292.pm,"WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 (MKD/CWD) Remote Root Exploit",2005-11-05,kingcope,linux,remote,21 1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x module (vBulletin/IPB) Remote SQL Injection Exploit",2005-11-06,B~HFH,php,webapps,0 1297,platforms/linux/local/1297.py,"F-Secure Internet Gatekeeper for Linux < 2.15.484 - Local Root Exploit",2005-11-07,"Xavier de Leon",linux,local,0 @@ -1151,7 +1151,7 @@ id,file,description,date,author,platform,type,port 1378,platforms/windows/remote/1378.py,"MailEnable Enterprise Edition 1.1 - (EXAMINE) Buffer Overflow Exploit",2005-12-19,muts,windows,remote,0 1379,platforms/php/webapps/1379.php,"PHPGedView <= 3.3.7 - Arbitrary Remote Code Execution Exploit",2005-12-20,rgod,php,webapps,0 1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 - (IMAPd) Remote Overflow Exploit",2005-12-20,muts,windows,remote,143 -1381,platforms/windows/remote/1381.pm,"Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (meta)",2005-12-20,redsand,windows,remote,21 +1381,platforms/windows/remote/1381.pm,"Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (Metasploit)",2005-12-20,redsand,windows,remote,21 1382,platforms/php/webapps/1382.pl,"phpBB <= 2.0.18 - Remote Bruteforce/Dictionary Attack Tool (updated)",2006-02-20,DarkFig,php,webapps,0 1383,platforms/php/webapps/1383.txt,"phpBB <= 2.0.18 - Remote XSS Cookie Disclosure Exploit",2005-12-21,jet,php,webapps,0 1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 (rating) Parameter Remote SQL Injection Exploit",2005-12-23,krasza,php,webapps,0 @@ -1159,7 +1159,7 @@ id,file,description,date,author,platform,type,port 1388,platforms/php/webapps/1388.pl,"phpBB <= 2.0.17 (signature_bbcode_uid) Remote Command Exploit",2005-12-24,RusH,php,webapps,0 1389,platforms/windows/dos/1389.html,"Microsoft Internet Explorer 6.0 - (mshtml.dll datasrc) Denial of Service Vuln",2005-12-27,BuHa,windows,dos,0 1390,platforms/multiple/dos/1390.c,"BZFlag <= 2.0.4 (undelimited string) Denial of Service Exploit",2005-12-27,"Luigi Auriemma",multiple,dos,0 -1391,platforms/windows/remote/1391.pm,"Windows XP/2003 Metafile Escape() Code Execution Exploit (meta)",2005-12-27,"H D Moore",windows,remote,0 +1391,platforms/windows/remote/1391.pm,"Windows XP/2003 Metafile Escape() Code Execution Exploit (Metasploit)",2005-12-27,"H D Moore",windows,remote,0 1394,platforms/windows/dos/1394.html,"Microsoft Internet Explorer 6.0 (mshtml.dll div) Denial of Service Exploit",2005-12-29,rgod,windows,dos,0 1395,platforms/php/webapps/1395.php,"phpDocumentor <= 1.3.0 rc4 - Remote Commands Execution Exploit",2005-12-29,rgod,php,webapps,0 1396,platforms/windows/dos/1396.cpp,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (cpp)",2005-12-29,Lympex,windows,dos,0 @@ -1198,17 +1198,17 @@ id,file,description,date,author,platform,type,port 1447,platforms/hardware/dos/1447.c,"Cisco Aironet Wireless Access Points Memory Exhaustion ARP Attack DoS",2006-01-25,Pasv,hardware,dos,0 1448,platforms/windows/remote/1448.pl,"Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow PoC",2006-01-25,"Critical Security",windows,remote,0 1449,platforms/linux/local/1449.c,"SquirrelMail 3.1 Change Passwd Plugin Local Buffer Overflow Exploit",2006-01-25,"rod hedor",linux,local,0 -1452,platforms/windows/remote/1452.pm,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (meta)",2006-01-25,redsand,windows,remote,21 +1452,platforms/windows/remote/1452.pm,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)",2006-01-25,redsand,windows,remote,21 1453,platforms/php/webapps/1453.pl,"Phpclanwebsite 1.23.1 (par) Remote SQL Injection Exploit",2006-01-25,matrix_killer,php,webapps,0 1455,platforms/windows/local/1455.txt,"Oracle Database Server 9i/10g (XML) Buffer Overflow Exploit",2006-01-26,Argeniss,windows,local,0 1456,platforms/linux/remote/1456.c,"SHOUTcast <= 1.9.4 File Request Format String Exploit (Leaked)",2006-01-28,crash-x,linux,remote,8000 1457,platforms/php/webapps/1457.txt,"phpBB <= 2.0.19 - XSS Remote Cookie Disclosure Exploit",2006-01-29,threesixthousan,php,webapps,0 1458,platforms/windows/remote/1458.cpp,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (0Day)",2006-01-29,ATmaCA,windows,remote,0 1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 (cookie) Remote Command Execution Exploit",2006-01-30,cijfer,php,webapps,0 -1460,platforms/windows/remote/1460.pm,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (meta)",2006-01-31,"H D Moore",windows,remote,0 +1460,platforms/windows/remote/1460.pm,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (Metasploit)",2006-01-31,"H D Moore",windows,remote,0 1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod <= 1.3 - SQL Injection Exploit",2006-01-31,SkOd,php,webapps,0 1462,platforms/windows/remote/1462.cpp,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (cpp)",2006-01-31,HolyGhost,windows,remote,21 -1463,platforms/windows/remote/1463.pm,"SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (meta)",2006-02-01,y0,windows,remote,21 +1463,platforms/windows/remote/1463.pm,"SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (Metasploit)",2006-02-01,y0,windows,remote,21 1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 (telnetd) Remote Denial of Service Exploit",2006-02-02,"Fabian Ramirez",hardware,dos,0 1465,platforms/windows/local/1465.c,"Microsoft Windows - ACLs Local Privilege Escalation Exploit (Updated)",2006-02-12,"Andres Tarasco",windows,local,0 1466,platforms/windows/remote/1466.pl,"eXchange POP3 5.0.050203 (rcpt to) Remote Buffer Overflow Exploit",2006-02-03,"securma massine",windows,remote,25 @@ -1246,7 +1246,7 @@ id,file,description,date,author,platform,type,port 1501,platforms/php/webapps/1501.php,"PHPKIT <= 1.6.1R2 (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 1502,platforms/windows/remote/1502.py,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 1503,platforms/php/webapps/1503.pl,"YapBB <= 1.2 (cfgIncludeDirectory) Remote Command Execution Exploit",2006-02-16,cijfer,php,webapps,0 -1504,platforms/windows/remote/1504.pm,"Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (meta)",2006-02-17,"H D Moore",windows,remote,0 +1504,platforms/windows/remote/1504.pm,"Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (Metasploit)",2006-02-17,"H D Moore",windows,remote,0 1505,platforms/windows/remote/1505.html,"Microsoft Windows Media Player 10 - Plugin Overflow Exploit (MS06-006)",2006-02-17,"Matthew Murphy",windows,remote,0 1506,platforms/windows/remote/1506.c,"Microsoft Windows - Color Management Module Overflow Exploit (MS05-036) (2)",2006-02-17,darkeagle,windows,remote,0 1508,platforms/cgi/webapps/1508.pl,"AWStats < 6.4 (referer) Remote Command Execution Exploit",2006-02-17,RusH,cgi,webapps,0 @@ -1304,7 +1304,7 @@ id,file,description,date,author,platform,type,port 1560,platforms/windows/dos/1560.c,"Cube <= 2005_08_29 - Multiple BoF/Crash Vulnerabilities Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 1561,platforms/php/webapps/1561.pl,"OWL Intranet Engine 0.82 (xrms_file_root) Code Execution Exploit",2006-03-07,rgod,php,webapps,0 1562,platforms/asp/webapps/1562.pl,"CilemNews System <= 1.1 (yazdir.asp haber_id) SQL Injection Exploit",2006-03-07,nukedx,asp,webapps,0 -1563,platforms/php/webapps/1563.pm,"Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (meta)",2006-03-07,sirh0t,php,webapps,0 +1563,platforms/php/webapps/1563.pm,"Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (Metasploit)",2006-03-07,sirh0t,php,webapps,0 1564,platforms/windows/dos/1564.c,"Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities Exploit",2006-03-07,"Luigi Auriemma",windows,dos,0 1565,platforms/windows/remote/1565.pl,"RevilloC MailServer 1.21 (USER) Remote Buffer Overflow Exploit PoC",2006-03-07,"securma massine",windows,remote,110 1566,platforms/php/webapps/1566.php,"Gallery <= 2.0.3 - stepOrder[] Remote Commands Execution Exploit",2006-03-08,rgod,php,webapps,0 @@ -1365,7 +1365,7 @@ id,file,description,date,author,platform,type,port 1623,platforms/asp/webapps/1623.pl,"EzASPSite <= 2.0 RC3 (Scheme) Remote SQL Injection Exploit",2006-03-29,nukedx,asp,webapps,0 1624,platforms/tru64/local/1624.pl,"Tru64 UNIX 5.0 (Rev. 910) rdist NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 1625,platforms/tru64/local/1625.pl,"Tru64 UNIX 5.0 (Rev. 910) edauth NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 -1626,platforms/windows/remote/1626.pm,"PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (meta)",2006-03-30,"H D Moore",windows,remote,7144 +1626,platforms/windows/remote/1626.pm,"PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (Metasploit)",2006-03-30,"H D Moore",windows,remote,7144 1627,platforms/php/webapps/1627.php,"Claroline <= 1.7.4 (scormExport.inc.php) Remote Code Execution Exploit",2006-03-30,rgod,php,webapps,0 1628,platforms/windows/remote/1628.cpp,"Microsoft Internet Explorer (createTextRang) Download Shellcoded Exploit (2)",2006-03-31,ATmaCA,windows,remote,0 1629,platforms/php/webapps/1629.pl,"SQuery <= 4.5 (libpath) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 @@ -1499,13 +1499,13 @@ id,file,description,date,author,platform,type,port 1784,platforms/windows/dos/1784.txt,"raydium <= svn 309 - Multiple Vulnerabilities Exploit",2006-05-14,"Luigi Auriemma",windows,dos,0 1785,platforms/php/webapps/1785.php,"Sugar Suite Open Source <= 4.2 (OptimisticLock) Remote Exploit",2006-05-14,rgod,php,webapps,0 1787,platforms/windows/remote/1787.py,"freeSSHd <= 1.0.9 Key Exchange Algorithm Buffer Overflow Exploit",2006-05-15,"Tauqeer Ahmad",windows,remote,22 -1788,platforms/windows/remote/1788.pm,"PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (meta)",2006-05-15,y0,windows,remote,0 +1788,platforms/windows/remote/1788.pm,"PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (Metasploit)",2006-05-15,y0,windows,remote,0 1789,platforms/php/webapps/1789.txt,"TR Newsportal <= 0.36tr1 (poll.php) Remote File Inclusion Vulnerability",2006-05-15,Kacper,php,webapps,0 1790,platforms/php/webapps/1790.txt,"Squirrelcart <= 2.2.0 (cart_content.php) Remote Inclusion Vulnerability",2006-05-15,OLiBekaS,php,webapps,0 1791,platforms/multiple/remote/1791.patch,"RealVNC 4.1.0 - 4.1.1 - VNC Null Authentication Bypass (Patched EXE)",2006-05-16,redsand,multiple,remote,5900 1792,platforms/windows/dos/1792.txt,"GNUnet <= 0.7.0d - (Empty UDP Packet) Remote Denial of Service Exploit",2006-05-15,"Luigi Auriemma",windows,dos,0 1793,platforms/php/webapps/1793.pl,"DeluxeBB <= 1.06 (name) Remote SQL Injection Exploit (mq=off)",2006-05-15,KingOfSka,php,webapps,0 -1794,platforms/multiple/remote/1794.pm,"RealVNC 4.1.0 - 4.1.1 - (Null Authentication) Auth Bypass Exploit (meta)",2006-05-15,"H D Moore",multiple,remote,5900 +1794,platforms/multiple/remote/1794.pm,"RealVNC 4.1.0 - 4.1.1 - (Null Authentication) Auth Bypass Exploit (Metasploit)",2006-05-15,"H D Moore",multiple,remote,5900 1795,platforms/php/webapps/1795.txt,"ezusermanager <= 1.6 - Remote File Inclusion Vulnerability",2006-05-15,OLiBekaS,php,webapps,0 1796,platforms/php/webapps/1796.php,"PHP-Fusion <= 6.00.306 (srch_where) SQL Injection Exploit",2006-05-16,rgod,php,webapps,0 1797,platforms/php/webapps/1797.php,"DeluxeBB <= 1.06 (Attachment mod_mime) Remote Exploit",2006-05-16,rgod,php,webapps,0 @@ -1623,7 +1623,7 @@ id,file,description,date,author,platform,type,port 1912,platforms/php/webapps/1912.txt,"The Bible Portal Project <= 2.12 - (destination) File Include Vulnerability",2006-06-14,Kacper,php,webapps,0 1913,platforms/php/webapps/1913.txt,"Php Blue Dragon CMS <= 2.9.1 - (template.php) File Include Vulnerability",2006-06-14,"Federico Fazzi",php,webapps,0 1914,platforms/php/webapps/1914.txt,"Content-Builder (CMS) <= 0.7.2 - Multiple Include Vulnerabilities",2006-06-14,Kacper,php,webapps,0 -1915,platforms/windows/remote/1915.pm,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (meta)",2006-06-15,c0rrupt,windows,remote,0 +1915,platforms/windows/remote/1915.pm,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (Metasploit)",2006-06-15,c0rrupt,windows,remote,0 1916,platforms/php/webapps/1916.txt,"DeluxeBB <= 1.06 (templatefolder) Remote File Include Vulnerabilities",2006-06-15,"Andreas Sandblad",php,webapps,0 1917,platforms/windows/local/1917.pl,"Pico Zip 4.01 (Long Filename) Buffer Overflow Exploit",2006-06-15,c0rrupt,windows,local,0 1918,platforms/php/webapps/1918.php,"bitweaver <= 1.3 (tmpImagePath) Attachment mod_mime Exploit",2006-06-15,rgod,php,webapps,0 @@ -1807,7 +1807,7 @@ id,file,description,date,author,platform,type,port 2107,platforms/osx/local/2107.pl,"Mac OS X <= 10.4.7 - fetchmail Privilege Escalation Exploit (ppc)",2006-08-01,"Kevin Finisterre",osx,local,0 2108,platforms/osx/local/2108.sh,"Mac OS X <= 10.4.7 - fetchmail Privilege Escalation Exploit",2006-08-01,"Kevin Finisterre",osx,local,0 2109,platforms/php/webapps/2109.txt,"WoW Roster <= 1.70 (/lib/phpbb.php) Remote File Include Vulnerability",2006-08-02,|peti,php,webapps,0 -2110,platforms/php/webapps/2110.pm,"TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (meta)",2006-08-02,"David Maciejak",php,webapps,0 +2110,platforms/php/webapps/2110.pm,"TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 2111,platforms/osx/local/2111.pl,"Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local BoF Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 2113,platforms/php/webapps/2113.txt,"SaveWeb Portal <= 3.4 (SITE_Path) Remote File Inclusion Vulnerabilities",2006-08-02,"Mehmet Ince",php,webapps,0 2114,platforms/php/webapps/2114.htm,"TinyPHP Forum <= 3.6 (makeadmin) Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 @@ -2417,8 +2417,8 @@ id,file,description,date,author,platform,type,port 2726,platforms/php/webapps/2726.txt,"Agora 1.4 RC1 (MysqlfinderAdmin.php) Remote File Include Vulnerability",2006-11-06,the_day,php,webapps,0 2727,platforms/php/webapps/2727.txt,"OpenEMR <= 2.8.1 (srcdir) Multiple Remote File Inclusion Vulnerabilities",2006-11-06,the_day,php,webapps,0 2728,platforms/php/webapps/2728.txt,"Article Script <= 1.6.3 (rss.php) Remote SQL Injection Vulnerability",2006-11-06,Liz0ziM,php,webapps,0 -2729,platforms/windows/remote/2729.pm,"Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (meta)",2006-11-06,"Evgeny Legerov",windows,remote,2049 -2730,platforms/linux/dos/2730.pm,"OpenLDAP 2.2.29 - Remote Denial of Service Exploit (meta)",2006-11-06,"Evgeny Legerov",linux,dos,0 +2729,platforms/windows/remote/2729.pm,"Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (Metasploit)",2006-11-06,"Evgeny Legerov",windows,remote,2049 +2730,platforms/linux/dos/2730.pm,"OpenLDAP 2.2.29 - Remote Denial of Service Exploit (Metasploit)",2006-11-06,"Evgeny Legerov",linux,dos,0 2731,platforms/php/webapps/2731.pl,"iPrimal Forums (admin/index.php) Change User Password Exploit",2006-11-06,Bl0od3r,php,webapps,0 2732,platforms/php/webapps/2732.txt,"PHPGiggle 12.08 - (CFG_PHPGIGGLE_ROOT) File Include Vulnerability",2006-11-06,ajann,php,webapps,0 2733,platforms/php/webapps/2733.txt,"iWare Pro <= 5.0.4 (chat_panel.php) Remote Code Execution Vulnerability",2006-11-07,nuffsaid,php,webapps,0 @@ -2458,8 +2458,8 @@ id,file,description,date,author,platform,type,port 2767,platforms/php/webapps/2767.txt,"StoryStream 4.0 (baseDir) Remote File Include Vulnerabilities",2006-11-12,v1per-haCker,php,webapps,0 2768,platforms/php/webapps/2768.txt,"contentnow 1.30 (local/upload/delete) Multiple Vulnerabilities",2006-11-13,r0ut3r,php,webapps,0 2769,platforms/php/webapps/2769.php,"Quick.Cart <= 2.0 (actions_client/gallery.php) Local File Include Exploit",2006-11-13,Kacper,php,webapps,0 -2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver Probe Response SSID Overflow Exploit (meta)",2006-11-13,"H D Moore",windows,remote,0 -2771,platforms/windows/remote/2771.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (meta)",2006-11-13,"H D Moore",windows,remote,0 +2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver Probe Response SSID Overflow Exploit (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 +2771,platforms/windows/remote/2771.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 2772,platforms/asp/webapps/2772.htm,"Online Event Registration <= 2.0 (save_profile.asp) Pass Change Exploit",2006-11-13,ajann,asp,webapps,0 2773,platforms/asp/webapps/2773.txt,"Estate Agent Manager <= 1.3 - (default.asp) Login Bypass Vulnerability",2006-11-13,ajann,asp,webapps,0 2774,platforms/asp/webapps/2774.txt,"Property Pro 1.0 (vir_Login.asp) Remote Login Bypass Vulnerability",2006-11-13,ajann,asp,webapps,0 @@ -2546,7 +2546,7 @@ id,file,description,date,author,platform,type,port 2866,platforms/windows/remote/2866.html,"Acer LunchApp.APlunch (ActiveX Control) Command Execution Exploit",2006-11-30,"Tan Chew Keong",windows,remote,0 2867,platforms/php/webapps/2867.php,"PHPGraphy 0.9.12 - Privilege Escalation / Commands Execution Exploit",2006-11-30,rgod,php,webapps,0 2869,platforms/php/webapps/2869.php,"Serendipity <= 1.0.3 (comment.php) Local File Include Exploit",2006-11-30,Kacper,php,webapps,0 -2870,platforms/windows/remote/2870.rb,"VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (meta)",2006-11-30,"Greg Linares",windows,remote,0 +2870,platforms/windows/remote/2870.rb,"VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (Metasploit)",2006-11-30,"Greg Linares",windows,remote,0 2871,platforms/php/webapps/2871.txt,"LDU <= 8.x (polls.php) Remote SQL Injection Vulnerability",2006-11-30,ajann,php,webapps,0 2872,platforms/windows/local/2872.c,"VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (c)",2006-11-30,Expanders,windows,local,0 2873,platforms/windows/local/2873.c,"AtomixMP3 <= 2.3 - (.M3U) Buffer Overflow Exploit",2006-11-30,"Greg Linares",windows,local,0 @@ -2767,11 +2767,11 @@ id,file,description,date,author,platform,type,port 3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 (GET) Remote Buffer Overflow Exploit meta",2007-01-07,"Jacopo Cervini",windows,remote,80 3093,platforms/php/webapps/3093.txt,"AllMyGuests <= 0.3.0 (AMG_serverpath) Remote Inclusion Vulnerabilities",2007-01-07,beks,php,webapps,0 3094,platforms/bsd/local/3094.c,"OpenBSD 3.x - 4.0 vga_ioctl() Local Root Exploit",2007-01-07,"Critical Security",bsd,local,0 -3095,platforms/php/webapps/3095.py,"Wordpress 2.0.5 - Trackback UTF-7 - Remote SQL Injection Exploit",2007-01-07,"Stefan Esser",php,webapps,0 +3095,platforms/php/webapps/3095.py,"WordPress 2.0.5 - Trackback UTF-7 - Remote SQL Injection Exploit",2007-01-07,"Stefan Esser",php,webapps,0 3096,platforms/php/webapps/3096.txt,"AllMyLinks <= 0.5.0 - (index.php) Remote File Include Vulnerability",2007-01-07,GoLd_M,php,webapps,0 3097,platforms/php/webapps/3097.txt,"AllMyVisitors 0.4.0 (index.php) Remote File Inclusion Vulnerability",2007-01-07,bd0rk,php,webapps,0 3098,platforms/osx/dos/3098.html,"OmniWeb 5.5.1 Javascript alert() Remote Format String PoC",2007-01-07,MoAB,osx,dos,0 -3099,platforms/linux/remote/3099.pm,"Berlios GPSD <= 2.7 - Remote Format String Exploit (meta)",2007-01-08,Enseirb,linux,remote,2947 +3099,platforms/linux/remote/3099.pm,"Berlios GPSD <= 2.7 - Remote Format String Exploit (Metasploit)",2007-01-08,Enseirb,linux,remote,2947 3100,platforms/php/webapps/3100.txt,"Magic Photo Storage Website - _config[site_path] File Include Vuln",2007-01-08,k1tk4t,php,webapps,0 3101,platforms/multiple/dos/3101.py,"Opera <= 9.10 JPG Image DHT Marker Heap Corruption Vulnerabilities",2007-01-08,posidron,multiple,dos,0 3102,platforms/osx/local/3102.rb,"Application Enhancer (APE) 2.0.2 - Local Privilege Escalation Exploit",2007-01-08,MoAB,osx,local,0 @@ -2779,9 +2779,9 @@ id,file,description,date,author,platform,type,port 3104,platforms/php/webapps/3104.txt,"PPC Search Engine 1.61 (INC) Multiple Remote File Include Vulnerabilities",2007-01-09,IbnuSina,php,webapps,0 3105,platforms/asp/webapps/3105.txt,"MOTIONBORG Web Real Estate <= 2.1 - SQL Injection Vulnerability",2007-01-09,ajann,asp,webapps,0 3106,platforms/php/webapps/3106.txt,"uniForum <= 4 - (wbsearch.aspx) Remote SQL Injection Vulnerability",2007-01-09,ajann,php,webapps,0 -3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (meta)",2007-01-09,"Jacopo Cervini",windows,remote,21 +3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Include Exploit",2007-01-09,DeltahackingTEAM,php,webapps,0 -3109,platforms/php/webapps/3109.php,"Wordpress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit",2007-01-10,rgod,php,webapps,0 +3109,platforms/php/webapps/3109.php,"WordPress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit",2007-01-10,rgod,php,webapps,0 3110,platforms/osx/dos/3110.rb,"Mac OS X 10.4.8 Apple Finder DMG Volume Name Memory Corruption PoC",2007-01-09,MoAB,osx,dos,0 3111,platforms/windows/dos/3111.pl,"Microsoft Windows - Explorer (WMF) CreateBrushIndirect DoS Exploit",2007-01-13,cyanid-E,windows,dos,0 3112,platforms/windows/dos/3112.py,"eIQnetworks Network Security Analyzer Null Pointer Dereference Exploit",2007-01-10,"Ethan Hunt",windows,dos,0 @@ -2840,7 +2840,7 @@ id,file,description,date,author,platform,type,port 3167,platforms/osx/dos/3167.c,"Mac OS X 10.4.x Kernel shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 3168,platforms/windows/remote/3168.java,"Sun Microsystems Java GIF File Parsing Memory Corruption Exploit",2007-01-21,luoluo,windows,remote,0 3169,platforms/php/webapps/3169.txt,"WebChat 0.77 (defines.php WEBCHATPATH) Remote File Include Vuln",2007-01-21,v1per-haCker,php,webapps,0 -3170,platforms/windows/remote/3170.pm,"3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (meta)",2007-01-21,Enseirb,windows,remote,69 +3170,platforms/windows/remote/3170.pm,"3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)",2007-01-21,Enseirb,windows,remote,69 3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 (index.php gen) Remote File Include Exploit",2007-01-21,DeltahackingTEAM,php,webapps,0 3172,platforms/php/webapps/3172.php,"webSPELL 4.01.02 (gallery.php) Remote Blind SQL Injection Exploit",2007-01-21,r00t,php,webapps,0 3173,platforms/osx/local/3173.rb,"Mac OS X 10.4.8 - System Preferences Local Privilege Escalation Exploit",2007-01-21,MoAB,osx,local,0 @@ -2933,7 +2933,7 @@ id,file,description,date,author,platform,type,port 3262,platforms/php/webapps/3262.php,"Woltlab Burning Board Lite <= 1.0.2pl3e (pms.php) SQL Injection Exploit",2007-02-03,rgod,php,webapps,0 3263,platforms/php/webapps/3263.txt,"KDPics <= 1.11 (exif.php lib_path) Remote File Include Vulnerability",2007-02-03,AsTrex,php,webapps,0 3264,platforms/windows/remote/3264.pl,"Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit",2007-02-04,"Jacopo Cervini",windows,remote,25 -3265,platforms/windows/remote/3265.pm,"Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (meta)",2007-02-04,"Jacopo Cervini",windows,remote,25 +3265,platforms/windows/remote/3265.pm,"Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (Metasploit)",2007-02-04,"Jacopo Cervini",windows,remote,25 3266,platforms/php/webapps/3266.txt,"Flip 2.01 final (previewtheme.php inc_path) RFI Vulnerability",2007-02-04,GoLd_M,php,webapps,0 3267,platforms/php/webapps/3267.txt,"Geeklog 2 (BaseView.php) Remote File Inclusion Vulnerability",2007-02-05,GoLd_M,php,webapps,0 3268,platforms/php/webapps/3268.txt,"SMA-DB <= 0.3.9 (settings.php) Remote File Inclusion Vulnerability",2007-02-05,"ThE dE@Th",php,webapps,0 @@ -3002,7 +3002,7 @@ id,file,description,date,author,platform,type,port 3332,platforms/php/webapps/3332.pl,"Xpression News 1.0.1 (archives.php) Remote File Disclosure Exploit",2007-02-18,r0ut3r,php,webapps,0 3333,platforms/linux/local/3333.pl,"ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow Exploit (2)",2007-02-19,Revenge,linux,local,0 3334,platforms/php/webapps/3334.asp,"PHP-Nuke Module Emporium <= 2.3.0 - Remote SQL Injection Exploit",2007-02-19,ajann,php,webapps,0 -3335,platforms/windows/remote/3335.pm,"IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (meta)",2007-02-19,"Jacopo Cervini",windows,remote,21 +3335,platforms/windows/remote/3335.pm,"IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (Metasploit)",2007-02-19,"Jacopo Cervini",windows,remote,21 3336,platforms/php/webapps/3336.txt,"Ultimate Fun Book 1.02 (function.php) Remote File Include Vulnerability",2007-02-20,kezzap66345,php,webapps,0 3337,platforms/php/webapps/3337.php,"NukeSentinel 2.5.05 (nsbypass.php) Blind SQL Injection Exploit",2007-02-20,DarkFig,php,webapps,0 3338,platforms/php/webapps/3338.php,"NukeSentinel 2.5.05 - (nukesentinel.php) File Disclosure Exploit",2007-02-20,DarkFig,php,webapps,0 @@ -3248,7 +3248,7 @@ id,file,description,date,author,platform,type,port 3586,platforms/linux/dos/3586.php,"PHP 4.4.5 / 4.4.6 session_decode() Double Free Exploit PoC",2007-03-27,"Stefan Esser",linux,dos,0 3587,platforms/linux/local/3587.c,"Linux Kernel <= 2.6.20 with DCCP Support - Memory Disclosure Exploit (1)",2007-03-27,"Robert Swiecki",linux,local,0 3588,platforms/php/webapps/3588.pl,"XOOPS module Articles <= 1.02 (print.php id) SQL Injection Exploit",2007-03-27,WiLdBoY,php,webapps,0 -3589,platforms/windows/remote/3589.pm,"NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (meta)",2007-03-27,skillTube,windows,remote,80 +3589,platforms/windows/remote/3589.pm,"NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (Metasploit)",2007-03-27,skillTube,windows,remote,80 3590,platforms/php/webapps/3590.htm,"Joomla Component D4JeZine <= 2.8 - Remote BLIND SQL Injection Exploit",2007-03-27,ajann,php,webapps,0 3591,platforms/php/webapps/3591.txt,"PHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability",2007-03-27,"ThE TiGeR",php,webapps,0 3592,platforms/php/webapps/3592.htm,"Web Content System 2.7.1 - Remote File Inclusion Exploit",2007-03-27,kezzap66345,php,webapps,0 @@ -3312,13 +3312,13 @@ id,file,description,date,author,platform,type,port 3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) <= 1.2.3 - Remote Code Execution Exploit",2007-04-03,DarkFig,php,webapps,0 3654,platforms/multiple/remote/3654.pl,"HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit",2007-04-03,"Isma Khan",multiple,remote,0 3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit",2007-04-03,ajann,php,webapps,0 -3656,platforms/php/webapps/3656.pl,"Wordpress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit",2007-04-03,"Sumit Siddharth",php,webapps,0 +3656,platforms/php/webapps/3656.pl,"WordPress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit",2007-04-03,"Sumit Siddharth",php,webapps,0 3657,platforms/php/webapps/3657.txt,"MySpeach <= 3.0.7 - Remote/Local File Inclusion Vulnerability",2007-04-03,Xst3nZ,php,webapps,0 3658,platforms/php/webapps/3658.htm,"phpMyNewsletter 0.6.10 (customize.php l) RFI Vulnerability",2007-04-04,frog-m@n,php,webapps,0 3659,platforms/php/webapps/3659.txt,"AROUNDMe 0.7.7 - Multiple Remote File Inclusion Vulnerabilities",2007-04-04,kezzap66345,php,webapps,0 3660,platforms/php/webapps/3660.pl,"CyBoards PHP Lite 1.21 (script_path) Remote File Include Exploit",2007-04-04,bd0rk,php,webapps,0 3661,platforms/windows/remote/3661.pl,"HP Mercury Quality Center Spider90.ocx ProgColor Overflow Exploit",2007-04-04,ri0t,windows,remote,0 -3662,platforms/windows/remote/3662.rb,"AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (meta)",2007-04-04,"Krad Chad",windows,remote,0 +3662,platforms/windows/remote/3662.rb,"AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (Metasploit)",2007-04-04,"Krad Chad",windows,remote,0 3663,platforms/php/webapps/3663.htm,"XOOPS Module WF-Snippets <= 1.02 (c) BLIND SQL Injection Exploit",2007-04-04,ajann,php,webapps,0 3664,platforms/windows/local/3664.txt,"TrueCrypt 4.3 - Privilege Escalation Exploit",2007-04-04,"Marco Ivaldi",windows,local,0 3665,platforms/php/webapps/3665.htm,"Mutant 0.9.2 mutant_functions.php Remote File Inclusion Exploit",2007-04-04,bd0rk,php,webapps,0 @@ -3478,11 +3478,11 @@ id,file,description,date,author,platform,type,port 3821,platforms/linux/remote/3821.c,"3proxy 0.5.3g proxy.c logurl() Remote Buffer Overflow Exploit (linux)",2007-04-30,vade79,linux,remote,0 3822,platforms/windows/remote/3822.c,"3proxy 0.5.3g proxy.c logurl() Remote Buffer Overflow Exploit (Win32)",2007-04-30,vade79,windows,remote,0 3823,platforms/windows/local/3823.c,"Winamp <= 5.34 - (.mp4) Code Execution Exploit",2007-04-30,Marsu,windows,local,0 -3824,platforms/php/webapps/3824.txt,"Wordpress plugin wp-Table <= 1.43 - (inc_dir) RFI Vulnerability",2007-05-01,K-159,php,webapps,0 -3825,platforms/php/webapps/3825.txt,"Wordpress plugin wordTube <= 1.43 - (wpPATH) RFI Vulnerability",2007-05-01,K-159,php,webapps,0 +3824,platforms/php/webapps/3824.txt,"WordPress plugin wp-Table <= 1.43 - (inc_dir) RFI Vulnerability",2007-05-01,K-159,php,webapps,0 +3825,platforms/php/webapps/3825.txt,"WordPress plugin wordTube <= 1.43 - (wpPATH) RFI Vulnerability",2007-05-01,K-159,php,webapps,0 3826,platforms/windows/dos/3826.html,"PowerPoint Viewer OCX 3.2 (ActiveX Control) Denial of Service Exploit",2007-05-01,shinnai,windows,dos,0 3827,platforms/php/webapps/3827.txt,"Sendcard <= 3.4.1 (sendcard.php form) Local File Inclusion Vulnerability",2007-05-01,ettee,php,webapps,0 -3828,platforms/php/webapps/3828.txt,"Wordpress plugin myflash <= 1.00 - (wppath) RFI Vulnerability",2007-05-01,Crackers_Child,php,webapps,0 +3828,platforms/php/webapps/3828.txt,"WordPress plugin myflash <= 1.00 - (wppath) RFI Vulnerability",2007-05-01,Crackers_Child,php,webapps,0 3829,platforms/linux/remote/3829.c,"3proxy 0.5.3g proxy.c logurl() Remote Overflow Exploit (exec-shield)",2007-05-02,Xpl017Elz,linux,remote,0 3830,platforms/windows/dos/3830.html,"Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service Exploit",2007-05-02,shinnai,windows,dos,0 3831,platforms/asp/webapps/3831.txt,"PStruh-CZ 1.3/1.5 - (download.asp File) File Disclosure Vulnerability",2007-05-02,Dj7xpl,asp,webapps,0 @@ -3612,7 +3612,7 @@ id,file,description,date,author,platform,type,port 3957,platforms/php/webapps/3957.php,"AlstraSoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 3958,platforms/php/webapps/3958.php,"AlstraSoft Template Seller Pro <= 3.25 Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 3959,platforms/php/webapps/3959.php,"AlstraSoft Template Seller Pro <= 3.25 - Remote Code Execution Exploit",2007-05-20,BlackHawk,php,webapps,0 -3960,platforms/php/webapps/3960.php,"Wordpress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 +3960,platforms/php/webapps/3960.php,"WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 3961,platforms/windows/remote/3961.html,"LeadTools Raster Variant (LTRVR14e.dll) Remote File Overwrite Exploit",2007-05-21,shinnai,windows,remote,0 3962,platforms/php/webapps/3962.txt,"Ol Bookmarks Manager 0.7.4 (root) Remote File Inclusion Vulnerabilities",2007-05-21,"ThE TiGeR",php,webapps,0 3963,platforms/php/webapps/3963.txt,"TutorialCMS <= 1.01 - Authentication Bypass Vulnerability",2007-05-21,Silentz,php,webapps,0 @@ -3684,13 +3684,13 @@ id,file,description,date,author,platform,type,port 4030,platforms/php/webapps/4030.php,"EQdkp <= 1.3.2 (listmembers.php rank) Remote SQL Injection Exploit",2007-06-04,Silentz,php,webapps,0 4031,platforms/php/webapps/4031.txt,"Madirish Webmail 2.0 (addressbook.php) Remote File Inclusion Vuln",2007-06-04,BoZKuRTSeRDaR,php,webapps,0 4032,platforms/tru64/remote/4032.pl,"HP Tru64 - Remote Secure Shell User Enumeration Exploit",2007-06-04,bunker,tru64,remote,0 -4033,platforms/windows/dos/4033.rb,"SNMPc <= 7.0.18 - Remote Denial of Service Exploit (meta)",2007-06-04,"En Douli",windows,dos,0 +4033,platforms/windows/dos/4033.rb,"SNMPc <= 7.0.18 - Remote Denial of Service Exploit (Metasploit)",2007-06-04,"En Douli",windows,dos,0 4034,platforms/php/webapps/4034.txt,"Kravchuk letter script 1.0 (scdir) Remote File Inclusion Vulnerabilities",2007-06-05,"Mehmet Ince",php,webapps,0 4035,platforms/php/webapps/4035.txt,"Comicsense 0.2 (index.php epi) Remote SQL Injection Vulnerability",2007-06-05,s0cratex,php,webapps,0 4036,platforms/php/webapps/4036.php,"PBLang <= 4.67.16.a Remote Code Execution Exploit",2007-06-06,Silentz,php,webapps,0 4037,platforms/php/webapps/4037.pl,"Comicsense 0.2 (index.php epi) Remote SQL Injection Exploit",2007-06-06,Silentz,php,webapps,0 4038,platforms/multiple/dos/4038.pl,"DRDoS - Distributed Reflection Denial of Service",2007-06-06,whoppix,multiple,dos,0 -4039,platforms/php/webapps/4039.txt,"Wordpress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit",2007-06-06,Slappter,php,webapps,0 +4039,platforms/php/webapps/4039.txt,"WordPress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit",2007-06-06,Slappter,php,webapps,0 4040,platforms/asp/webapps/4040.txt,"Kartli Alisveris Sistemi 1.0 - Remote SQL Injection Vulnerability",2007-06-06,kerem125,asp,webapps,0 4041,platforms/php/webapps/4041.htm,"NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion Exploit",2007-06-07,GoLd_M,php,webapps,0 4042,platforms/windows/remote/4042.html,"Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow Exploit",2007-06-07,Excepti0n,windows,remote,0 @@ -4005,7 +4005,7 @@ id,file,description,date,author,platform,type,port 4357,platforms/windows/remote/4357.html,"Telecom Italy Alice Messenger Remote registry key manipulation Exploit",2007-09-03,rgod,windows,remote,0 4358,platforms/php/webapps/4358.txt,"STPHPLibrary (STPHPLIB_DIR) Remote File Inclusion Vulnerability",2007-09-03,leetsecurity,php,webapps,0 4359,platforms/multiple/dos/4359.txt,"Apple Quicktime < 7.2 - SMIL Remote Integer Overflow PoC",2007-09-03,"David Vaartjes",multiple,dos,0 -4360,platforms/windows/remote/4360.rb,"CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (meta)",2007-09-03,"Patrick Webster",windows,remote,0 +4360,platforms/windows/remote/4360.rb,"CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (Metasploit)",2007-09-03,"Patrick Webster",windows,remote,0 4361,platforms/windows/local/4361.pl,"Microsoft Visual Basic 6.0 VBP_Open OLE Local CodeExec Exploit",2007-09-04,Koshi,windows,local,0 4362,platforms/linux/remote/4362.pl,"Web Oddity Web Server 0.09b - Directory Transversal Exploit",2007-09-04,Katatafish,linux,remote,0 4363,platforms/php/webapps/4363.txt,"PHPOF <= 20040226 (DB_adodb.class.php) RFI Vulnerability",2007-09-04,"ThE TiGeR",php,webapps,0 @@ -4042,7 +4042,7 @@ id,file,description,date,author,platform,type,port 4394,platforms/windows/remote/4394.html,"Microsoft Visual Studio 6.0 - (VBTOVSI.DLL 1.0.0.0) File Overwrite Exploit",2007-09-11,shinnai,windows,remote,0 4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 (root_path) Remote File Inclusion Vulnerability",2007-09-11,"Rootshell Security",php,webapps,0 4396,platforms/php/webapps/4396.txt,"X-Cart <= ? Multiple Remote File Inclusion Vulnerabilities",2007-09-11,aLiiF,php,webapps,0 -4397,platforms/php/webapps/4397.rb,"Wordpress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub)",2007-09-14,"Lance M. Havok",php,webapps,0 +4397,platforms/php/webapps/4397.rb,"WordPress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub)",2007-09-14,"Lance M. Havok",php,webapps,0 4398,platforms/windows/remote/4398.html,"Microsoft SQL Server Distributed Management Objects BoF Exploit",2007-09-12,96sysim,windows,remote,0 4399,platforms/multiple/remote/4399.html,"Apple Quicktime (Multiple Browsers) Command Execution PoC (0day)",2007-09-12,pdp,multiple,remote,0 4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 (id) Remote SQL Injection Vulnerability",2007-09-13,Houssamix,php,webapps,0 @@ -4210,7 +4210,7 @@ id,file,description,date,author,platform,type,port 4563,platforms/php/webapps/4563.txt,"PHP-Nuke platinum 7.6.b.5 - Remote File Inclusion Vulnerability",2007-10-23,BiNgZa,php,webapps,0 4564,platforms/multiple/local/4564.txt,"Oracle 10g CTX_DOC.MARKUP SQL Injection Exploit",2007-10-23,sh2kerr,multiple,local,0 4565,platforms/php/webapps/4565.txt,"PHP Image 1.2 - Multiple Remote File Inclusion Vulnerabilities",2007-10-23,Civi,php,webapps,0 -4566,platforms/windows/remote/4566.rb,"eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (meta)",2007-10-24,ri0t,windows,remote,10616 +4566,platforms/windows/remote/4566.rb,"eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (Metasploit)",2007-10-24,ri0t,windows,remote,10616 4567,platforms/multiple/remote/4567.pl,"Jakarta Slide <= 2.1 RC1 - Remote File Disclosure Exploit",2007-10-24,kingcope,multiple,remote,0 4568,platforms/php/webapps/4568.txt,"TikiWiki <= 1.9.8.1 - Local File Inclusion Vulnerabilities",2007-10-25,L4teral,php,webapps,0 4569,platforms/windows/dos/4569.pl,"CA BrightStor HSM <= r11.5 - Remote Stack Based Overflow / DoS",2007-10-27,"Nice Name Crew",windows,dos,0 @@ -4338,7 +4338,7 @@ id,file,description,date,author,platform,type,port 4692,platforms/hardware/dos/4692.pl,"Cisco Phone 7940 - Remote Denial of Service Exploit",2007-12-05,MADYNES,hardware,dos,0 4693,platforms/php/webapps/4693.txt,"SineCMS <= 2.3.4 Calendar Remote SQL Injection Vulnerability",2007-12-05,KiNgOfThEwOrLd,php,webapps,0 4694,platforms/php/webapps/4694.txt,"ezContents 1.4.5 (index.php link) Remote File Disclosure Vulnerability",2007-12-05,p4imi0,php,webapps,0 -4695,platforms/php/webapps/4695.txt,"Wordpress Plugin PictPress <= 0.91 - Remote File Disclosure Vulnerability",2007-12-05,GoLd_M,php,webapps,0 +4695,platforms/php/webapps/4695.txt,"WordPress Plugin PictPress <= 0.91 - Remote File Disclosure Vulnerability",2007-12-05,GoLd_M,php,webapps,0 4696,platforms/php/webapps/4696.txt,"SerWeb <= 2.0.0 dev1 2007-02-20 - Multiple RFI / LFI Vulnerabilities",2007-12-06,GoLd_M,php,webapps,0 4697,platforms/asp/webapps/4697.txt,"MWOpen E-Commerce leggi_commenti.asp Remote SQL Injection",2007-12-06,KiNgOfThEwOrLd,asp,webapps,0 4698,platforms/linux/local/4698.c,"Send ICMP Nasty Garbage (sing) Append File Logrotate Exploit",2007-12-06,bannedit,linux,local,0 @@ -4364,7 +4364,7 @@ id,file,description,date,author,platform,type,port 4718,platforms/php/webapps/4718.rb,"SquirrelMail G/PGP Plugin deletekey() Command Injection Exploit",2007-12-11,Backdoored,php,webapps,0 4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make (index.php template) Local File Inclusion Vuln",2007-12-11,MhZ91,php,webapps,0 4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks ActiveX Remote Code Execution Exploit",2007-12-11,porkythepig,windows,remote,0 -4721,platforms/php/webapps/4721.txt,"Wordpress <= 2.3.1 - Charset Remote SQL Injection Vulnerability",2007-12-11,"Abel Cheung",php,webapps,0 +4721,platforms/php/webapps/4721.txt,"WordPress <= 2.3.1 - Charset Remote SQL Injection Vulnerability",2007-12-11,"Abel Cheung",php,webapps,0 4722,platforms/php/webapps/4722.txt,"viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion Vulnerability",2007-12-11,RoMaNcYxHaCkEr,php,webapps,0 4723,platforms/osx/dos/4723.c,"Apple Mac OS X xnu <= 1228.0 - super_blob Local kernel Denial of Service PoC",2007-12-12,mu-b,osx,dos,0 4724,platforms/windows/remote/4724.py,"HP OpenView Network Node Manager 07.50 - CGI Remote BoF Exploit",2007-12-12,muts,windows,remote,80 @@ -4485,7 +4485,7 @@ id,file,description,date,author,platform,type,port 4841,platforms/php/webapps/4841.txt,"Invision Power Board <= 2.1.7 - ACTIVE XSS/SQL Injection Exploit",2008-01-05,"Eugene Minaev",php,webapps,0 4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 4843,platforms/php/webapps/4843.txt,"modx CMS 0.9.6.1 - Multiple Vulnerabilities",2008-01-05,BugReport.IR,php,webapps,0 -4844,platforms/php/webapps/4844.txt,"Wordpress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability",2008-01-06,Houssamix,php,webapps,0 +4844,platforms/php/webapps/4844.txt,"WordPress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability",2008-01-06,Houssamix,php,webapps,0 4845,platforms/php/webapps/4845.pl,"RunCMS Newbb_plus <= 0.92 Client IP Remote SQL Injection Exploit",2008-01-06,"Eugene Minaev",php,webapps,0 4846,platforms/php/webapps/4846.txt,"Uebimiau Web-Mail 2.7.10/2.7.2 - Remote File Disclosure Vulnerability",2008-01-06,"Eugene Minaev",php,webapps,0 4847,platforms/php/webapps/4847.txt,"XOOPS mod_gallery Zend_Hash_key + Extract RFI Vulnerability",2008-01-06,"Eugene Minaev",php,webapps,0 @@ -4579,7 +4579,7 @@ id,file,description,date,author,platform,type,port 4936,platforms/php/webapps/4936.txt,"Gradman <= 0.1.3 (info.php tabla) Local File Inclusion Vulnerability",2008-01-18,Syndr0me,php,webapps,0 4937,platforms/php/webapps/4937.txt,"Small Axe 0.3.1 (linkbar.php cfile) Remote File Inclusion Vulnerability",2008-01-18,RoMaNcYxHaCkEr,php,webapps,0 4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - (.dsr) File Handling BoF Exploit",2008-01-18,shinnai,windows,local,0 -4939,platforms/php/webapps/4939.txt,"Wordpress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability",2008-01-19,"websec Team",php,webapps,0 +4939,platforms/php/webapps/4939.txt,"WordPress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability",2008-01-19,"websec Team",php,webapps,0 4940,platforms/php/webapps/4940.pl,"Mini File Host 1.2.1 (upload.php language) Local File Inclusion Exploit",2008-01-20,shinmai,php,webapps,0 4941,platforms/hardware/remote/4941.txt,"Belkin Wireless G Plus MIMO Router F5D9230-4 - Auth Bypass Vulnerability",2008-01-20,DarkFig,hardware,remote,0 4942,platforms/php/webapps/4942.txt,"TikiWiki < 1.9.9 tiki-listmovies.php Directory Traversal Vulnerability",2008-01-20,Sha0,php,webapps,0 @@ -4631,8 +4631,8 @@ id,file,description,date,author,platform,type,port 4989,platforms/php/webapps/4989.txt,"simple forum 3.2 (fd/XSS) Multiple Vulnerabilities",2008-01-26,tomplixsee,php,webapps,0 4990,platforms/php/webapps/4990.txt,"phpIP 4.3.2 Numerous Remote SQL Injection Vulnerabilities",2008-01-26,"Charles Hooper",php,webapps,0 4991,platforms/php/webapps/4991.txt,"Bubbling Library 1.32 - Multiple Local File Inclusion Vulnerabilities",2008-01-26,Stack,php,webapps,0 -4992,platforms/php/webapps/4992.txt,"Wordpress Plugin WP-Cal 0.3 - editevent.php SQL Injection Vulnerability",2008-01-27,Houssamix,php,webapps,0 -4993,platforms/php/webapps/4993.txt,"Wordpress plugin fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability",2008-01-27,Houssamix,php,webapps,0 +4992,platforms/php/webapps/4992.txt,"WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection Vulnerability",2008-01-27,Houssamix,php,webapps,0 +4993,platforms/php/webapps/4993.txt,"WordPress plugin fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability",2008-01-27,Houssamix,php,webapps,0 4994,platforms/multiple/local/4994.sql,"Oracle 10g R1 pitrig_drop PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 xdb.xdb_pitrig_pkg PLSQL Injection (change sys password)",2008-01-28,sh2kerr,multiple,local,0 @@ -4652,11 +4652,11 @@ id,file,description,date,author,platform,type,port 5010,platforms/php/webapps/5010.txt,"Mambo Component Glossary 2.0 (catid) SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 5011,platforms/php/webapps/5011.txt,"Mambo Component musepoes (aid) Remote SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 5012,platforms/php/webapps/5012.pl,"Connectix Boards <= 0.8.2 template_path Remote File Inclusion Exploit",2008-01-30,Houssamix,php,webapps,0 -5013,platforms/php/webapps/5013.php,"Wordpress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 +5013,platforms/php/webapps/5013.php,"WordPress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 5014,platforms/php/webapps/5014.txt,"Mambo Component Recipes 1.00 (id) Remote SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 5015,platforms/php/webapps/5015.txt,"Mambo Component jokes 1.0 (cat) SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 5016,platforms/php/webapps/5016.txt,"Mambo Component EstateAgent 0.1 - Remote SQL Injection Vulnerability",2008-01-30,S@BUN,php,webapps,0 -5017,platforms/php/webapps/5017.php,"Wordpress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 +5017,platforms/php/webapps/5017.php,"WordPress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 5018,platforms/php/webapps/5018.pl,"ibProArcade <= 3.3.0 - Remote SQL Injection Exploit",2008-01-30,RST/GHC,php,webapps,0 5019,platforms/php/webapps/5019.txt,"Coppermine Photo Gallery 1.4.14 - Remote Command Execution Exploit",2008-01-30,waraxe,php,webapps,0 5020,platforms/php/webapps/5020.txt,"Joomla Component ChronoForms 2.3.5 RFI Vulnerabilities",2008-01-30,Crackers_Child,php,webapps,0 @@ -4675,7 +4675,7 @@ id,file,description,date,author,platform,type,port 5035,platforms/php/webapps/5035.txt,"WordPress Plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities",2008-02-02,NBBN,php,webapps,0 5036,platforms/windows/dos/5036.pl,"Titan FTP Server 6.03 (USER/PASS) Remote Heap Overflow PoC",2008-02-02,securfrog,windows,dos,0 5037,platforms/php/webapps/5037.txt,"The Everything Development System <= Pre-1.0 - SQL Injection Vuln",2008-02-02,sub,php,webapps,0 -5039,platforms/php/webapps/5039.txt,"Wordpress Plugin Wordspew - Remote SQL Injection Vulnerability",2008-02-02,S@BUN,php,webapps,0 +5039,platforms/php/webapps/5039.txt,"WordPress Plugin Wordspew - Remote SQL Injection Vulnerability",2008-02-02,S@BUN,php,webapps,0 5040,platforms/php/webapps/5040.txt,"BookmarkX script 2007 (topicid) Remote SQL Injection Vulnerability",2008-02-02,S@BUN,php,webapps,0 5041,platforms/php/webapps/5041.txt,"phpShop <= 0.8.1 - Remote SQL Injection / Filter Bypass Vulnerabilities",2008-02-02,"the redc0ders",php,webapps,0 5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - (id) XSS / Remote SQL Injection Exploit",2008-02-02,"Khashayar Fereidani",php,webapps,0 @@ -4689,7 +4689,7 @@ id,file,description,date,author,platform,type,port 5050,platforms/php/webapps/5050.pl,"A-Blog 2 - (id) XSS / Remote SQL Injection Exploit",2008-02-03,"Khashayar Fereidani",php,webapps,0 5051,platforms/windows/remote/5051.html,"Yahoo! Music Jukebox 2.2 AddButton() ActiveX Remote BoF Exploit (3)",2008-02-03,Elazar,windows,remote,0 5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid ActiveX mediagrid.dll AddBitmap() BoF Exploit",2008-02-03,Elazar,windows,remote,0 -5053,platforms/php/webapps/5053.txt,"Wordpress Plugin st_newsletter - Remote SQL Injection Vulnerability",2008-02-03,S@BUN,php,webapps,0 +5053,platforms/php/webapps/5053.txt,"WordPress Plugin st_newsletter - Remote SQL Injection Vulnerability",2008-02-03,S@BUN,php,webapps,0 5054,platforms/hardware/dos/5054.c,"MicroTik RouterOS <= 3.2 SNMPd snmp-set Denial of Service Exploit",2008-02-03,ShadOS,hardware,dos,0 5055,platforms/php/webapps/5055.txt,"Joomla Component Marketplace 1.1.1 - SQL Injection Vulnerability",2008-02-03,"SoSo H H",php,webapps,0 5056,platforms/php/webapps/5056.txt,"ITechBids 5.0 (bidhistory.php item_id) Remote SQL Injection Vulnerability",2008-02-04,QTRinux,php,webapps,0 @@ -4702,7 +4702,7 @@ id,file,description,date,author,platform,type,port 5063,platforms/windows/dos/5063.pl,"NERO Media Player <= 1.4.0.35b M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 5064,platforms/php/webapps/5064.txt,"All Club CMS <= 0.0.2 index.php Remote SQL Injection Vulnerability",2008-02-05,ka0x,php,webapps,0 5065,platforms/php/webapps/5065.txt,"Photokorn Gallery 1.543 (pic) SQL Injection Vulnerability",2008-02-05,you_kn0w,php,webapps,0 -5066,platforms/php/webapps/5066.php,"Wordpress MU < 1.3.2 - active_plugins option Code Execution Exploit",2008-02-05,"Alexander Concha",php,webapps,0 +5066,platforms/php/webapps/5066.php,"WordPress MU < 1.3.2 - active_plugins option Code Execution Exploit",2008-02-05,"Alexander Concha",php,webapps,0 5067,platforms/windows/dos/5067.pl,"dBpowerAMP Audio Player Release 2 M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 5068,platforms/php/webapps/5068.txt,"OpenSiteAdmin <= 0.9.1.1 - Multiple File Inclusion Vulnerabilities",2008-02-06,Trancek,php,webapps,0 5069,platforms/windows/remote/5069.pl,"dBpowerAMP Audio Player Release 2 M3U File Buffer Overflow Exploit",2008-02-06,securfrog,windows,remote,0 @@ -4762,8 +4762,8 @@ id,file,description,date,author,platform,type,port 5123,platforms/php/webapps/5123.txt,"Scribe <= 0.2 (index.php page) Local File Inclusion Vulnerability",2008-02-14,muuratsalo,php,webapps,0 5124,platforms/php/webapps/5124.txt,"freePHPgallery 0.6 Cookie Local File Inclusion Vulnerability",2008-02-14,MhZ91,php,webapps,0 5125,platforms/php/webapps/5125.txt,"PHP Live! <= 3.2.2 (questid) Remote SQL Injection Vulnerability",2008-02-14,Xar,php,webapps,0 -5126,platforms/php/webapps/5126.txt,"Wordpress Plugin Simple Forum 2.0-2.1 - SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 -5127,platforms/php/webapps/5127.txt,"Wordpress Plugin Simple Forum 1.10-1.11 - SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 +5126,platforms/php/webapps/5126.txt,"WordPress Plugin Simple Forum 2.0-2.1 - SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 +5127,platforms/php/webapps/5127.txt,"WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection Vulnerability",2008-02-15,S@BUN,php,webapps,0 5128,platforms/php/webapps/5128.txt,"Mambo Component Quran <= 1.1 (surano) SQL Injection Vulnerability",2008-02-15,Don,php,webapps,0 5129,platforms/php/webapps/5129.txt,"TRUC 0.11.0 (download.php) Remote File Disclosure Vulnerability",2008-02-16,GoLd_M,php,webapps,0 5130,platforms/php/webapps/5130.txt,"AuraCMS 1.62 - Multiple Remote SQL Injection Exploit",2008-02-16,NTOS-Team,php,webapps,0 @@ -4771,7 +4771,7 @@ id,file,description,date,author,platform,type,port 5132,platforms/php/webapps/5132.txt,"Joomla Component jooget <= 2.6.8 - Remote SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 5133,platforms/php/webapps/5133.txt,"Mambo Component Ricette 1.0 - Remote SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 5134,platforms/php/webapps/5134.txt,"Joomla Component com_galeria Remote SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 -5135,platforms/php/webapps/5135.txt,"Wordpress Photo album Remote - SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 +5135,platforms/php/webapps/5135.txt,"WordPress Photo album Remote - SQL Injection Vulnerability",2008-02-16,S@BUN,php,webapps,0 5136,platforms/php/webapps/5136.txt,"PHPizabi 0.848b C1 HFP1 - Remote File Upload Vulnerability",2008-02-17,ZoRLu,php,webapps,0 5137,platforms/php/webapps/5137.txt,"XPWeb 3.3.2 (Download.php url) Remote File Disclosure Vulnerability",2008-02-17,GoLd_M,php,webapps,0 5138,platforms/php/webapps/5138.txt,"Joomla Component astatsPRO 1.0 refer.php SQL Injection Vulnerability",2008-02-18,ka0x,php,webapps,0 @@ -4830,7 +4830,7 @@ id,file,description,date,author,platform,type,port 5191,platforms/multiple/dos/5191.c,"Apple Mac OS X xnu <= 1228.3.13 - IPv6-ipcomp Remote kernel DoS PoC",2008-02-26,mu-b,multiple,dos,0 5192,platforms/php/webapps/5192.pl,"Nukedit 4.9.x - Remote Create Admin Exploit",2008-02-26,r3dm0v3,php,webapps,0 5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5) BoF Exploit",2008-02-26,rgod,windows,remote,0 -5194,platforms/php/webapps/5194.txt,"Wordpress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 +5194,platforms/php/webapps/5194.txt,"WordPress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 5195,platforms/php/webapps/5195.txt,"Mambo Component Simpleboard 1.0.3 (catid) SQL Injection Vulnerability",2008-02-27,"it's my",php,webapps,0 5196,platforms/php/webapps/5196.pl,"EazyPortal <= 1.0 (COOKIE) Remote SQL Injection Exploit",2008-02-27,Iron,php,webapps,0 5197,platforms/php/webapps/5197.txt,"GROUP-E 1.6.41 (head_auth.php) Remote File Inclusion Vulnerability",2008-02-27,CraCkEr,php,webapps,0 @@ -4958,7 +4958,7 @@ id,file,description,date,author,platform,type,port 5323,platforms/php/webapps/5323.pl,"mxBB Module mx_blogs 2.0.0-beta Remote File Inclusion Exploit",2008-03-30,bd0rk,php,webapps,0 5324,platforms/php/webapps/5324.txt,"KISGB <= (tmp_theme) 5.1.1 - Local File Inclusion Vulnerability",2008-03-30,Cr@zy_King,php,webapps,0 5325,platforms/php/webapps/5325.txt,"JShop 1.x - 2.x (page.php xPage) Local File Inclusion Vulnerability",2008-03-30,v0l4arrra,php,webapps,0 -5326,platforms/php/webapps/5326.txt,"Wordpress Plugin Download - (dl_id) SQL Injection Vulnerability",2008-03-31,BL4CK,php,webapps,0 +5326,platforms/php/webapps/5326.txt,"WordPress Plugin Download - (dl_id) SQL Injection Vulnerability",2008-03-31,BL4CK,php,webapps,0 5327,platforms/windows/dos/5327.txt,"Microsoft Windows - Explorer Unspecified .DOC File Denial of Service Exploit",2008-03-31,"Iron Team",windows,dos,0 5328,platforms/php/webapps/5328.txt,"phpSpamManager 0.53b (body.php) Remote File Disclosure Vulnerability",2008-03-31,GoLd_M,php,webapps,0 5329,platforms/php/webapps/5329.txt,"Woltlab Burning Board Addon JGS-Treffen SQL Injection Vulnerability",2008-03-31,N/A,php,webapps,0 @@ -4998,7 +4998,7 @@ id,file,description,date,author,platform,type,port 5363,platforms/php/webapps/5363.txt,"Affiliate Directory (cat_id) Remote SQL Injection Vulnerbility",2008-04-04,t0pP8uZz,php,webapps,0 5364,platforms/php/webapps/5364.txt,"PHP Photo Gallery 1.0 (photo_id) SQL Injection Vulnerability",2008-04-04,t0pP8uZz,php,webapps,0 5365,platforms/php/webapps/5365.txt,"Blogator-script 0.95 (incl_page) Remote File Inclusion Vulnerability",2008-04-04,JIKO,php,webapps,0 -5366,platforms/solaris/remote/5366.rb,"Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (meta)",2008-04-04,I)ruid,solaris,remote,0 +5366,platforms/solaris/remote/5366.rb,"Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (Metasploit)",2008-04-04,I)ruid,solaris,remote,0 5367,platforms/php/webapps/5367.pl,"PIGMy-SQL <= 1.4.1 (getdata.php id) Blind SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 5368,platforms/php/webapps/5368.txt,"Blogator-script 0.95 (id_art) Remote SQL Injection Vulnerability",2008-04-04,"Virangar Security",php,webapps,0 5369,platforms/php/webapps/5369.txt,"Dragoon 0.1 (lng) Local File Inclusion Vulnerability",2008-04-04,w0cker,php,webapps,0 @@ -5092,7 +5092,7 @@ id,file,description,date,author,platform,type,port 5458,platforms/linux/dos/5458.txt,"xine-lib <= 1.1.12 NSF demuxer Stack Overflow Vulnerability PoC",2008-04-16,"Guido Landi",linux,dos,0 5459,platforms/php/webapps/5459.txt,"e107 module 123 flash chat 6.8.0 - Remote File Inclusion Vulnerability",2008-04-17,by_casper41,php,webapps,0 5460,platforms/windows/dos/5460.html,"Microsoft Works 7 WkImgSrv.dll ActiveX Denial of Service PoC",2008-04-17,"Shennan Wang",windows,dos,0 -5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (meta)",2008-04-17,oveRet,windows,remote,0 +5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (Metasploit)",2008-04-17,oveRet,windows,remote,0 5462,platforms/windows/local/5462.py,"DivX Player 6.6.0 - .SRT File SEH Buffer Overflow Exploit",2008-04-18,muts,windows,local,0 5463,platforms/php/webapps/5463.txt,"Grape Statistics 0.2a (location) Remote File Inclusion Vulnerability",2008-04-18,MajnOoNxHaCkEr,php,webapps,0 5464,platforms/php/webapps/5464.txt,"5th Avenue Shopping Cart (category_ID) SQL Injection Vulnerability",2008-04-18,"Aria-Security Team",php,webapps,0 @@ -5117,7 +5117,7 @@ id,file,description,date,author,platform,type,port 5483,platforms/php/webapps/5483.txt,"TR News 2.1 (nb) Remote SQL Injection Vulnerability",2008-04-21,His0k4,php,webapps,0 5484,platforms/php/webapps/5484.txt,"Joomla Component FlippingBook 1.0.4 - SQL Injection Vulnerability",2008-04-22,cO2,php,webapps,0 5485,platforms/php/webapps/5485.pl,"Web Calendar <= 4.1 - Blind SQL Injection Exploit",2008-04-22,t0pP8uZz,php,webapps,0 -5486,platforms/php/webapps/5486.txt,"Wordpress Plugin Spreadsheet <= 0.6 - SQL Injection Vulnerability",2008-04-22,1ten0.0net1,php,webapps,0 +5486,platforms/php/webapps/5486.txt,"WordPress Plugin Spreadsheet <= 0.6 - SQL Injection Vulnerability",2008-04-22,1ten0.0net1,php,webapps,0 5487,platforms/php/webapps/5487.txt,"E RESERV 2.1 (index.php ID_loc) SQL Injection Vulnerability",2008-04-23,JIKO,php,webapps,0 5488,platforms/php/webapps/5488.txt,"Joomla Component Filiale 1.0.4 (idFiliale) SQL Injection Vulnerability",2008-04-23,str0xo,php,webapps,0 5489,platforms/windows/remote/5489.html,"Zune Software - ActiveX Arbitrary File Overwrite Exploit",2008-04-23,"ilion security",windows,remote,0 @@ -5359,7 +5359,7 @@ id,file,description,date,author,platform,type,port 5734,platforms/php/webapps/5734.pl,"Joomla Component JooBlog 0.1.1 - Blind SQL Injection Exploit",2008-06-03,His0k4,php,webapps,0 5736,platforms/php/webapps/5736.txt,"1Book Guestbook Script - Code Execution Vulnerability",2008-06-03,JIKO,php,webapps,0 5737,platforms/php/webapps/5737.pl,"Joomla Component jotloader <= 1.2.1.a - BlindSQL Injection Exploit",2008-06-04,His0k4,php,webapps,0 -5738,platforms/windows/remote/5738.rb,"HP StorageWorks NSI Double Take Remote Overflow Exploit (meta)",2008-06-04,ri0t,windows,remote,1100 +5738,platforms/windows/remote/5738.rb,"HP StorageWorks NSI Double Take Remote Overflow Exploit (Metasploit)",2008-06-04,ri0t,windows,remote,1100 5739,platforms/php/webapps/5739.txt,"PHP-Address Book <= 3.1.5 (SQL/XSS) Multiple Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 5740,platforms/php/webapps/5740.pl,"Joomla Component EasyBook 1.1 (gbid) SQL Injection Exploit",2008-06-04,ZAMUT,php,webapps,0 5741,platforms/windows/remote/5741.html,"Akamai Download Manager < 2.2.3.7 - ActiveX Remote Download Exploit",2008-06-04,cocoruder,windows,remote,0 @@ -5734,12 +5734,12 @@ id,file,description,date,author,platform,type,port 6119,platforms/asp/webapps/6119.txt,"Pre Survey Poll (default.asp catid) SQL Injection Vulnerability",2008-07-22,DreamTurk,asp,webapps,0 6120,platforms/minix/dos/6120.txt,"minix 3.1.2a tty panic Local Denial of Service Vulnerability",2008-07-23,kokanin,minix,dos,0 6121,platforms/windows/remote/6121.c,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (c)",2008-07-23,r0ut3r,windows,remote,0 -6122,platforms/multiple/remote/6122.rb,"BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)",2008-07-23,I)ruid,multiple,remote,0 +6122,platforms/multiple/remote/6122.rb,"BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (Metasploit)",2008-07-23,I)ruid,multiple,remote,0 6123,platforms/multiple/remote/6123.py,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (py)",2008-07-24,"Julien Desfossez",multiple,remote,0 6124,platforms/windows/remote/6124.c,"Microsoft Access (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit",2008-07-24,callAX,windows,remote,0 6125,platforms/php/webapps/6125.txt,"Atom PhotoBlog 1.1.5b1 (photoId) Remote SQL Injection Vulnerability",2008-07-24,Mr.SQL,php,webapps,0 6126,platforms/php/webapps/6126.txt,"ibase <= 2.03 (download.php) Remote File Disclosure Vulnerability",2008-07-24,Dyshoo,php,webapps,0 -6127,platforms/php/webapps/6127.htm,"Wordpress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 +6127,platforms/php/webapps/6127.htm,"WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 (id) Remote SQL Injection Vulnerability",2008-07-24,IRAQI,php,webapps,0 6129,platforms/minix/dos/6129.txt,"minix 3.1.2a tty panic Remote Denial of Service Vulnerability",2008-07-25,kokanin,minix,dos,0 6130,platforms/multiple/remote/6130.c,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (c)",2008-07-25,"Marc Bevand",multiple,remote,0 @@ -5967,7 +5967,7 @@ id,file,description,date,author,platform,type,port 6383,platforms/php/webapps/6383.txt,"EsFaq 2.0 (idcat) Remote SQL Injection Vulnerability",2008-09-05,SuB-ZeRo,php,webapps,0 6385,platforms/php/webapps/6385.txt,"Vastal I-Tech Shaadi Zone 1.0.9 (tage) SQL Injection Vulnerability",2008-09-05,e.wiZz!,php,webapps,0 6386,platforms/windows/dos/6386.html,"Google Chrome Browser 0.2.149.27 Inspect Element DoS Exploit",2008-09-05,Metacortex,windows,dos,0 -6387,platforms/windows/remote/6387.rb,"CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (meta)",2008-09-05,"Kevin Finisterre",windows,remote,2022 +6387,platforms/windows/remote/6387.rb,"CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (Metasploit)",2008-09-05,"Kevin Finisterre",windows,remote,2022 6388,platforms/php/webapps/6388.txt,"Vastal I-Tech Dating Zone (fage) SQL Injection Vulnerability",2008-09-06,ZoRLu,php,webapps,0 6389,platforms/windows/local/6389.cpp,"Numark Cue 5.0 rev 2 - Local .M3U File Stack Buffer Overflow Exploit",2008-09-06,"fl0 fl0w",windows,local,0 6390,platforms/php/webapps/6390.txt,"IntegraMOD 1.4.x - (Insecure Directory) Download Database Vulnerability",2008-09-06,TheJT,php,webapps,0 @@ -5977,7 +5977,7 @@ id,file,description,date,author,platform,type,port 6394,platforms/hardware/dos/6394.pl,"Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC",2008-09-07,"Alex Hernandez",hardware,dos,0 6395,platforms/php/webapps/6395.txt,"Masir Camp E-Shop Module <= 3.0 (ordercode) SQL Injection Vuln",2008-09-07,BugReport.IR,php,webapps,0 6396,platforms/php/webapps/6396.txt,"Alstrasoft Forum (cat) Remote SQL Injection Vulnerability",2008-09-07,r45c4l,php,webapps,0 -6397,platforms/php/webapps/6397.txt,"Wordpress 2.6.1 - SQL Column Truncation Vulnerability",2008-09-07,irk4z,php,webapps,0 +6397,platforms/php/webapps/6397.txt,"WordPress 2.6.1 - SQL Column Truncation Vulnerability",2008-09-07,irk4z,php,webapps,0 6398,platforms/php/webapps/6398.txt,"E-Shop Shopping Cart Script (search_results.php) SQL Injection Vuln",2008-09-07,Mormoroth,php,webapps,0 6401,platforms/php/webapps/6401.txt,"Alstrasoft Forum (catid) Remote SQL Injection Vulnerability",2008-09-09,r45c4l,php,webapps,0 6402,platforms/php/webapps/6402.txt,"Stash 1.0.3 - Multiple SQL Injection Vulnerabilities",2008-09-09,"Khashayar Fereidani",php,webapps,0 @@ -5997,7 +5997,7 @@ id,file,description,date,author,platform,type,port 6417,platforms/php/webapps/6417.txt,"Availscript Jobs Portal Script (jid) SQL Injection Vulnerability (auth)",2008-09-10,InjEctOr5,php,webapps,0 6419,platforms/php/webapps/6419.txt,"Zanfi CMS lite 2.1 / Jaw Portal free - (fckeditor) Arbitrary File Upload Vuln",2008-09-10,reptil,php,webapps,0 6420,platforms/asp/webapps/6420.txt,"aspwebalbum 3.2 - Multiple Vulnerabilities",2008-09-10,e.wiZz!,asp,webapps,0 -6421,platforms/php/webapps/6421.php,"Wordpress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit",2008-09-10,iso^kpsbr,php,webapps,0 +6421,platforms/php/webapps/6421.php,"WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit",2008-09-10,iso^kpsbr,php,webapps,0 6422,platforms/php/webapps/6422.txt,"phpvid 1.1 (xss/SQL) Multiple Vulnerabilities",2008-09-10,r45c4l,php,webapps,0 6423,platforms/php/webapps/6423.txt,"Zanfi CMS lite / Jaw Portal free (page) SQL Injection Vulnerability",2008-09-10,Cru3l.b0y,php,webapps,0 6424,platforms/windows/dos/6424.html,"Adobe Acrobat 9 - ActiveX Remote Denial of Service Exploit",2008-09-11,"Jeremy Brown",windows,dos,0 @@ -6037,7 +6037,7 @@ id,file,description,date,author,platform,type,port 6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite Remote SQL Injection Vulnerabilities",2008-09-14,~!Dok_tOR!~,php,webapps,0 6461,platforms/php/webapps/6461.txt,"Cpanel <= 11.x (Fantastico) LFI Vulnerability (sec bypass)",2008-09-14,joker_1,php,webapps,0 6462,platforms/php/webapps/6462.pl,"CzarNews <= 1.20 (Cookie) Remote SQL Injection Exploit",2008-09-15,StAkeR,php,webapps,0 -6463,platforms/windows/dos/6463.rb,"Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (meta)",2008-09-15,"Javier Vicente Vallejo",windows,dos,0 +6463,platforms/windows/dos/6463.rb,"Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (Metasploit)",2008-09-15,"Javier Vicente Vallejo",windows,dos,0 6464,platforms/php/webapps/6464.txt,"CzarNews <= 1.20 (Account Hijacking) Remote SQL Injection Vuln",2008-09-15,0ut0fbound,php,webapps,0 6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings (search.php c) SQL Injection Vulnerability",2008-09-15,JosS,php,webapps,0 6466,platforms/php/webapps/6466.txt,"Link Bid Script 1.5 - Multiple Remote SQL Injection Vulnerabilities",2008-09-15,SirGod,php,webapps,0 @@ -6048,7 +6048,7 @@ id,file,description,date,author,platform,type,port 6471,platforms/multiple/dos/6471.pl,"QuickTime 7.5.5 / ITunes 8.0 - Remote off by one Crash Exploit",2008-09-16,securfrog,multiple,dos,0 6472,platforms/multiple/dos/6472.c,"Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - (.forward) Local DoS Exploit",2008-09-16,"Albert Sellares",multiple,dos,0 6473,platforms/php/webapps/6473.txt,"phpRealty 0.3 (INC) Remote File Inclusion Vulnerability",2008-09-17,ka0x,php,webapps,0 -6474,platforms/windows/dos/6474.rb,"WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (meta)",2008-09-17,"belay tows",windows,dos,0 +6474,platforms/windows/dos/6474.rb,"WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (Metasploit)",2008-09-17,"belay tows",windows,dos,0 6475,platforms/php/webapps/6475.txt,"PHP Crawler 0.8 (footer) Remote File Inclusion Vulnerability",2008-09-17,Piker,php,webapps,0 6476,platforms/hardware/remote/6476.html,"Cisco Router HTTP Administration CSRF Command Execution Exploit",2008-09-17,"Jeremy Brown",hardware,remote,0 6477,platforms/hardware/remote/6477.html,"Cisco Router - HTTP Administration CSRF Command Execution Exploit (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 @@ -6141,7 +6141,7 @@ id,file,description,date,author,platform,type,port 6567,platforms/php/webapps/6567.pl,"Libra PHP File Manager <= 1.18/2.0 - Local File Inclusion Exploit",2008-09-25,Pepelux,php,webapps,0 6568,platforms/php/webapps/6568.txt,"PHP infoBoard 7 - Plus Insecure Cookie Handling Vulnerability",2008-09-25,Stack,php,webapps,0 6569,platforms/php/webapps/6569.txt,"Vikingboard <= 0.2 Beta SQL Column Truncation Vulnerability",2008-09-25,StAkeR,php,webapps,0 -6570,platforms/windows/remote/6570.rb,"ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (meta)",2008-09-25,"Kevin Finisterre",windows,remote,0 +6570,platforms/windows/remote/6570.rb,"ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (Metasploit)",2008-09-25,"Kevin Finisterre",windows,remote,0 6571,platforms/php/webapps/6571.txt,"openengine <= 2.0 beta4 - Remote File Inclusion Vulnerability",2008-09-25,dun,php,webapps,0 6572,platforms/php/webapps/6572.txt,"Atomic Photo Album 1.1.0pre4 (XSS/SQL) Remote Vulnerabilities",2008-09-25,d3v1l,php,webapps,0 6573,platforms/php/webapps/6573.pl,"LanSuite 3.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-09-25,Stack,php,webapps,0 @@ -6343,7 +6343,7 @@ id,file,description,date,author,platform,type,port 6774,platforms/windows/remote/6774.html,"Hummingbird Deployment Wizard 2008 Registry Values Creation/Change",2008-10-17,shinnai,windows,remote,0 6775,platforms/solaris/dos/6775.c,"Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit",2008-10-17,"Federico L. Bossi Bonin",solaris,dos,0 6776,platforms/windows/remote/6776.html,"Hummingbird Deployment Wizard 2008 - ActiveX File Execution(2)",2008-10-17,shinnai,windows,remote,0 -6777,platforms/php/webapps/6777.txt,"Wordpress Plugin st_newsletter - (stnl_iframe.php) SQL Injection Vuln",2008-10-17,r45c4l,php,webapps,0 +6777,platforms/php/webapps/6777.txt,"WordPress Plugin st_newsletter - (stnl_iframe.php) SQL Injection Vuln",2008-10-17,r45c4l,php,webapps,0 6778,platforms/php/webapps/6778.pl,"XOOPS Module GesGaleri (kategorino) Remote SQL Injection Exploit",2008-10-18,EcHoLL,php,webapps,0 6779,platforms/php/webapps/6779.txt,"phpFastNews 1.0.0 Insecure Cookie Handling Vulnerability",2008-10-18,Qabandi,php,webapps,0 6780,platforms/php/webapps/6780.txt,"zeeproperty (adid) Remote SQL Injection Vulnerability",2008-10-18,"Hussin X",php,webapps,0 @@ -6402,7 +6402,7 @@ id,file,description,date,author,platform,type,port 6835,platforms/php/webapps/6835.txt,"BuzzyWall 1.3.1 (download id) Remote File Disclosure Vulnerability",2008-10-24,b3hz4d,php,webapps,0 6836,platforms/php/webapps/6836.txt,"Tlnews 2.2 Insecure Cookie Handling Vulnerability",2008-10-25,x0r,php,webapps,0 6837,platforms/php/webapps/6837.txt,"Kasra CMS (index.php) Multiple SQL Injection Vulnerabilities",2008-10-25,G4N0K,php,webapps,0 -6838,platforms/windows/dos/6838.rb,"PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (meta)",2008-10-25,"Saint Patrick",windows,dos,0 +6838,platforms/windows/dos/6838.rb,"PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (Metasploit)",2008-10-25,"Saint Patrick",windows,dos,0 6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions (gotourl.php id) SQL Injection Vuln",2008-10-26,"Hussin X",php,webapps,0 6840,platforms/windows/remote/6840.html,"PowerTCP FTP module Multiple Technique Exploit (SEH/HeapSpray)",2008-10-26,"Shahriyar Jalayeri",windows,remote,0 6841,platforms/windows/remote/6841.txt,"Microsoft Windows Server - Code Execution Exploit (MS08-067) (Universal)",2008-10-26,EMM,windows,remote,135 @@ -6431,7 +6431,7 @@ id,file,description,date,author,platform,type,port 6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability",2008-10-29,GoLd_M,cgi,webapps,0 6865,platforms/php/webapps/6865.txt,"e107 plugin fm pro 1 - (fd/upload/dt) Multiple Vulnerabilities",2008-10-29,GoLd_M,php,webapps,0 6866,platforms/php/webapps/6866.pl,"7Shop <= 1.1 - Remote Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 -6867,platforms/php/webapps/6867.pl,"Wordpress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 +6867,platforms/php/webapps/6867.pl,"WordPress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 6868,platforms/php/webapps/6868.pl,"Mambo Component SimpleBoard <= 1.0.1 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 6869,platforms/php/webapps/6869.txt,"WebCards <= 1.3 - Remote SQL Injection Vulnerability",2008-10-29,t0pP8uZz,php,webapps,0 6870,platforms/windows/remote/6870.html,"MW6 Aztec ActiveX (Aztec.dll) Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 @@ -6484,7 +6484,7 @@ id,file,description,date,author,platform,type,port 6918,platforms/php/webapps/6918.txt,"SFS EZ Auction (viewfaqs.php cat) Blind SQL Injection Vulnerability",2008-10-31,Stack,php,webapps,0 6919,platforms/php/webapps/6919.txt,"SFS EZ Career (content.php topic) SQL Injection Vulnerability",2008-10-31,Stack,php,webapps,0 6920,platforms/php/webapps/6920.txt,"SFS EZ Top Sites (topsite.php ts) Remote SQL Injection Vulnerability",2008-10-31,Stack,php,webapps,0 -6921,platforms/windows/remote/6921.rb,"GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (meta)",2008-11-01,"Kevin Finisterre",windows,remote,0 +6921,platforms/windows/remote/6921.rb,"GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (Metasploit)",2008-11-01,"Kevin Finisterre",windows,remote,0 6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore (where) Remote SQL Injection Vulnerability",2008-11-01,ZoRLu,php,webapps,0 6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site (directory.php cat) SQL Injection Vulnerability",2008-11-01,Hakxer,php,webapps,0 6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats (id) Remote SQL Injection Vulnerability",2008-11-01,ZoRLu,php,webapps,0 @@ -6615,7 +6615,7 @@ id,file,description,date,author,platform,type,port 7053,platforms/php/webapps/7053.txt,"Myiosoft EasyBookMarker 4 - (Parent) SQL Injection Vulnerability",2008-11-07,G4N0K,php,webapps,0 7054,platforms/windows/local/7054.txt,"Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation Exploit",2008-11-07,"NT Internals",windows,local,0 7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 - Authentication Bypass Config Download Vulnerability",2008-11-07,hkm,hardware,remote,0 -7056,platforms/windows/remote/7056.rb,"GE Proficy Real Time Information Portal Credentials Leak Sniffer (meta)",2008-11-08,"Kevin Finisterre",windows,remote,0 +7056,platforms/windows/remote/7056.rb,"GE Proficy Real Time Information Portal Credentials Leak Sniffer (Metasploit)",2008-11-08,"Kevin Finisterre",windows,remote,0 7057,platforms/php/webapps/7057.pl,"MemHT Portal <= 4.0 - Remote Code Execution Exploit",2008-11-08,Ams,php,webapps,0 7058,platforms/php/webapps/7058.txt,"zeeproperty 1.0 (upload/XSS) Multiple Vulnerabilities",2008-11-08,ZoRLu,php,webapps,0 7059,platforms/php/webapps/7059.txt,"Enthusiast 3.1.4 (show_joined.php path) Remote File Inclusion Vuln",2008-11-08,BugReport.IR,php,webapps,0 @@ -7084,7 +7084,7 @@ id,file,description,date,author,platform,type,port 7540,platforms/php/webapps/7540.txt,"phpg 1.6 - (XSS/Path Disclosure/DoS) Multiple Vulnerabilities",2008-12-21,"Anarchy Angel",php,webapps,0 7541,platforms/php/webapps/7541.pl,"RSS Simple News (news.php pid) Remote SQL Injection Exploit",2008-12-22,Piker,php,webapps,0 7542,platforms/php/webapps/7542.txt,"Text Lines Rearrange Script - (filename) File Disclosure Vulnerability",2008-12-22,SirGod,php,webapps,0 -7543,platforms/php/webapps/7543.txt,"Wordpress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD Vuln",2008-12-22,GoLd_M,php,webapps,0 +7543,platforms/php/webapps/7543.txt,"WordPress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD Vuln",2008-12-22,GoLd_M,php,webapps,0 7544,platforms/php/webapps/7544.txt,"Pligg 9.9.5b (check_url.php url) Upload Shell/SQL Injection Exploit",2008-12-22,Ams,php,webapps,0 7545,platforms/php/webapps/7545.txt,"yourplace <= 1.0.2 - Multiple Vulnerabilities + rce Exploit",2008-12-22,Osirys,php,webapps,0 7546,platforms/php/webapps/7546.txt,"Joomla Component Volunteer 2.0 (job_id) SQL Injection Vulnerability",2008-12-22,boom3rang,php,webapps,0 @@ -7276,7 +7276,7 @@ id,file,description,date,author,platform,type,port 7735,platforms/php/webapps/7735.pl,"Simple Machines Forum - Destroyer 0.1",2009-01-12,Xianur0,php,webapps,0 7736,platforms/asp/webapps/7736.htm,"Comersus Shopping Cart <= 6.0 - Remote User Pass Exploit",2009-01-12,ajann,asp,webapps,0 7737,platforms/windows/dos/7737.py,"Triologic Media Player 7 - (.m3u) Local Heap Buffer Overflow PoC",2009-01-12,zAx,windows,dos,0 -7738,platforms/php/webapps/7738.txt,"Wordpress plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability",2009-01-12,seomafia,php,webapps,0 +7738,platforms/php/webapps/7738.txt,"WordPress plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability",2009-01-12,seomafia,php,webapps,0 7739,platforms/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 - (Download File) Insecure Method Exploit",2009-01-12,"Alfons Luja",windows,remote,0 7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Remote File Upload Vulnerability",2009-01-12,ahmadbady,php,webapps,0 7741,platforms/asp/webapps/7741.txt,"dMx READY (25 Products) Remote Database Disclosure Vulnerability",2009-01-12,Cyber-Zone,asp,webapps,0 @@ -7480,7 +7480,7 @@ id,file,description,date,author,platform,type,port 7946,platforms/php/webapps/7946.txt,"sourdough 0.3.5 - Remote File Inclusion Vulnerability",2009-02-02,ahmadbady,php,webapps,0 7947,platforms/php/webapps/7947.pl,"eVision CMS 2.0 - Remote Code Execution Exploit",2009-02-02,Osirys,php,webapps,0 7948,platforms/php/webapps/7948.php,"phpslash <= 0.8.1.1 - Remote Code Execution Exploit",2009-02-02,DarkFig,php,webapps,0 -7949,platforms/php/webapps/7949.rb,"OpenHelpDesk 1.0.100 eval() Code Execution Exploit (meta)",2009-02-02,LSO,php,webapps,0 +7949,platforms/php/webapps/7949.rb,"OpenHelpDesk 1.0.100 eval() Code Execution Exploit (Metasploit)",2009-02-02,LSO,php,webapps,0 18164,platforms/android/webapps/18164.php,"Android 'content://' URI - Multiple Information Disclosure Vulnerabilities",2011-11-28,"Thomas Cannon",android,webapps,0 7951,platforms/php/webapps/7951.txt,"WholeHogSoftware Ware Support Insecure Cookie Handling Vulnerability",2009-02-03,Stack,php,webapps,0 7952,platforms/php/webapps/7952.txt,"WholeHogSoftware Password Protect Insecure Cookie Handling Vuln",2009-02-03,Stack,php,webapps,0 @@ -7601,7 +7601,7 @@ id,file,description,date,author,platform,type,port 8071,platforms/php/webapps/8071.txt,"S-CMS 1.1 Stable Insecure Cookie Handling / Mass Page Delete Vulns",2009-02-17,x0r,php,webapps,0 8072,platforms/php/webapps/8072.txt,"pHNews Alpha 1 (header.php mod) SQL Injection Vulnerability",2009-02-17,x0r,php,webapps,0 8073,platforms/php/webapps/8073.txt,"pHNews Alpha 1 (genbackup.php) Database Disclosure Vulnerability",2009-02-17,x0r,php,webapps,0 -8074,platforms/multiple/local/8074.rb,"Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta)",2009-02-18,sh2kerr,multiple,local,0 +8074,platforms/multiple/local/8074.rb,"Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (Metasploit)",2009-02-18,sh2kerr,multiple,local,0 8075,platforms/php/webapps/8075.pl,"Firepack (admin/ref.php) Remote Code Execution Exploit",2009-02-18,Lidloses_Auge,php,webapps,0 8076,platforms/php/webapps/8076.txt,"smNews 1.0 - Auth Bypass/Column Truncation Vulnerabilities",2009-02-18,x0r,php,webapps,0 8077,platforms/windows/dos/8077.html,"Microsoft Internet Explorer 7 - Memory Corruption PoC (MS09-002)",2009-02-18,N/A,windows,dos,0 @@ -7712,7 +7712,7 @@ id,file,description,date,author,platform,type,port 8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 (playlist) Universal SEH Overwrite Exploit",2009-03-10,His0k4,windows,local,0 8194,platforms/php/webapps/8194.txt,"PHP-Fusion Mod Book Panel (course_id) SQL Injection Vulnerability",2009-03-10,SuB-ZeRo,php,webapps,0 8195,platforms/php/webapps/8195.txt,"WeBid <= 0.7.3 RC9 - Multiple Remote File Inclusion Vulnerabilities",2009-03-10,K-159,php,webapps,0 -8196,platforms/php/webapps/8196.txt,"Wordpress MU < 2.7 - 'HOST' HTTP Header XSS Vulnerability",2009-03-10,"Juan Galiana Lara",php,webapps,0 +8196,platforms/php/webapps/8196.txt,"WordPress MU < 2.7 - 'HOST' HTTP Header XSS Vulnerability",2009-03-10,"Juan Galiana Lara",php,webapps,0 8197,platforms/php/webapps/8197.txt,"Joomla Djice Shoutbox 1.0 Permanent XSS Vulnerability",2009-03-10,XaDoS,php,webapps,0 8198,platforms/php/webapps/8198.pl,"RoomPHPlanning <= 1.6 (userform.php) Create Admin User Exploit",2009-03-10,"Jonathan Salwan",php,webapps,0 8200,platforms/windows/remote/8200.pl,"GuildFTPd FTP Server 0.999.14 - Remote Delete Files Exploit",2009-03-10,"Jonathan Salwan",windows,remote,0 @@ -7740,7 +7740,7 @@ id,file,description,date,author,platform,type,port 8226,platforms/php/webapps/8226.txt,"PHPRunner 4.2 (SearchOption) Blind SQL Injection Vulnerability",2009-03-17,BugReport.IR,php,webapps,0 8227,platforms/windows/remote/8227.pl,"Talkative IRC 0.4.4.16 - Remote Stack Overflow Exploit (SEH)",2009-03-17,LiquidWorm,windows,remote,0 8228,platforms/php/webapps/8228.txt,"GDL 4.x - (node) Remote SQL Injection Vulnerability",2009-03-17,g4t3w4y,php,webapps,0 -8229,platforms/php/webapps/8229.txt,"Wordpress Plugin fMoblog 2.1 - (id) SQL Injection Vulnerability",2009-03-17,"strange kevin",php,webapps,0 +8229,platforms/php/webapps/8229.txt,"WordPress Plugin fMoblog 2.1 - (id) SQL Injection Vulnerability",2009-03-17,"strange kevin",php,webapps,0 8230,platforms/php/webapps/8230.txt,"Mega File Hosting Script 1.2 (cross.php url) RFI Vulnerability",2009-03-17,Garry,php,webapps,0 8231,platforms/windows/local/8231.php,"CDex 1.70b2 - (.ogg) Local Buffer Overflow Exploit (xp/ sp3)",2009-03-18,Nine:Situations:Group,windows,local,0 8232,platforms/windows/dos/8232.py,"Chasys Media Player 1.1 - (.pls) Local Buffer Overflow PoC (SEH)",2009-03-18,zAx,windows,dos,0 @@ -7836,7 +7836,7 @@ id,file,description,date,author,platform,type,port 8323,platforms/php/webapps/8323.txt,"Community CMS 0.5 - Multiple SQL Injection Vulnerabilities",2009-03-31,"Salvatore Fresta",php,webapps,0 8324,platforms/php/webapps/8324.php,"Podcast Generator <= 1.1 - Remote Code Execution Exploit",2009-03-31,BlackHawk,php,webapps,0 8325,platforms/windows/dos/8325.py,"Safari 3.2.2/4b (nested elements) XML Parsing Remote Crash Exploit",2009-03-31,"Ahmed Obied",windows,dos,0 -8326,platforms/php/webapps/8326.rb,"VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (meta)",2009-03-31,waraxe,php,webapps,0 +8326,platforms/php/webapps/8326.rb,"VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (Metasploit)",2009-03-31,waraxe,php,webapps,0 8327,platforms/php/webapps/8327.txt,"virtuemart <= 1.1.2 - Multiple Vulnerabilities",2009-03-31,waraxe,php,webapps,0 8328,platforms/php/webapps/8328.txt,"webEdition <= 6.0.0.4 (WE_LANGUAGE) Local File Inclusion Vulnerability",2009-03-31,"Salvatore Fresta",php,webapps,0 8329,platforms/php/webapps/8329.txt,"JobHut 1.2 - Remote Password Change/Delete/Activate User Vulnerability",2009-03-31,"ThE g0bL!N",php,webapps,0 @@ -7925,7 +7925,7 @@ id,file,description,date,author,platform,type,port 8415,platforms/php/webapps/8415.txt,"FreznoShop 1.3.0 (id) Remote SQL Injection Vulnerability",2009-04-13,NoGe,php,webapps,0 8416,platforms/windows/local/8416.pl,"Mini-stream Ripper 3.0.1.1 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 8417,platforms/php/webapps/8417.txt,"e107 Plugin userjournals_menu (blog.id) SQL Injection Vulnerability",2009-04-13,boom3rang,php,webapps,0 -8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 (XSS/DD) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 +8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - (XSS/DD) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 8419,platforms/windows/remote/8419.pl,"ftpdmin 0.96 - Arbitrary File Disclosure Exploit",2009-04-13,Stack,windows,remote,21 8420,platforms/windows/local/8420.py,"BulletProof FTP Client 2009 - (.bps) Buffer Overflow Exploit (SEH)",2009-04-13,His0k4,windows,local,0 8421,platforms/windows/remote/8421.py,"Steamcast (HTTP Request) Remote Buffer Overflow Exploit (SEH) (1)",2009-04-13,His0k4,windows,remote,8000 @@ -8128,7 +8128,7 @@ id,file,description,date,author,platform,type,port 8620,platforms/windows/local/8620.pl,"Sorinara Streaming Audio Player 0.9 - (.m3u) Local Stack Overflow Exploit",2009-05-05,Stack,windows,local,0 8621,platforms/windows/remote/8621.py,"32bit FTP (09.04.24) - (CWD Response) Universal Seh Overwrite Exploit",2009-05-05,His0k4,windows,remote,0 8622,platforms/php/webapps/8622.pl,"webSPELL <= 4.2.0e (page) Remote Blind SQL Injection Exploit",2009-05-07,DNX,php,webapps,0 -8623,platforms/windows/remote/8623.rb,"32bit FTP - (PASV) Reply Client Remote Overflow Exploit (meta)",2009-05-07,His0k4,windows,remote,0 +8623,platforms/windows/remote/8623.rb,"32bit FTP - (PASV) Reply Client Remote Overflow Exploit (Metasploit)",2009-05-07,His0k4,windows,remote,0 8624,platforms/windows/local/8624.pl,"Soritong MP3 Player 1.0 - Local Buffer Overflow Exploit (SEH)",2009-05-07,Stack,windows,local,0 8625,platforms/windows/dos/8625.pl,"Sorinara Streaming Audio Player 0.9 - (.PLA) Local Stack Overflow PoC",2009-05-07,GoLd_M,windows,dos,0 8626,platforms/php/webapps/8626.txt,"TCPDB 3.8 - Arbitrary Add Admin Account Vulnerability",2009-05-07,Mr.tro0oqy,php,webapps,0 @@ -8290,7 +8290,7 @@ id,file,description,date,author,platform,type,port 8788,platforms/php/webapps/8788.txt,"Mole Adult Portal Script (profile.php user_id) SQL Injection Vulnerability",2009-05-26,Qabandi,php,webapps,0 8789,platforms/windows/local/8789.py,"Slayer 2.4 (skin) Universal Buffer Overflow Exploit (SEH)",2009-05-26,SuNHouSe2,windows,local,0 8790,platforms/php/webapps/8790.pl,"cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion Exploit",2009-05-26,StAkeR,php,webapps,0 -8791,platforms/php/webapps/8791.txt,"Wordpress Plugin Lytebox - (wp-lytebox) Local File Inclusion Vulnerability",2009-05-26,TurkGuvenligi,php,webapps,0 +8791,platforms/php/webapps/8791.txt,"WordPress Plugin Lytebox - (wp-lytebox) Local File Inclusion Vulnerability",2009-05-26,TurkGuvenligi,php,webapps,0 8792,platforms/php/webapps/8792.txt,"Webradev Download Protect 1.0 - Remote File Inclusion Vulnerabilities",2009-05-26,asL-Sabia,php,webapps,0 8793,platforms/php/webapps/8793.txt,"eZoneScripts Hotornot2 Script (Admin Bypass) Multiple Remote Vulns",2009-05-26,"sniper code",php,webapps,0 8794,platforms/multiple/dos/8794.htm,"Mozilla Firefox (unclamped loop) Denial of Service Exploit",2009-05-26,"Thierry Zoller",multiple,dos,0 @@ -8358,7 +8358,7 @@ id,file,description,date,author,platform,type,port 8858,platforms/php/webapps/8858.txt,"propertymax pro free (sql/XSS) Multiple Vulnerabilities",2009-06-02,SirGod,php,webapps,0 8859,platforms/asp/webapps/8859.txt,"WebEyes Guest Book 3 - (yorum.asp mesajid) SQL Injection Vulnerability",2009-06-02,Bl@ckbe@rD,asp,webapps,0 8860,platforms/php/webapps/8860.txt,"podcast generator <= 1.2 - globals[] Multiple Vulnerabilities",2009-06-02,StAkeR,php,webapps,0 -8861,platforms/osx/remote/8861.rb,"Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler BoF Exploit (meta)",2009-06-03,"Will Drewry",osx,remote,0 +8861,platforms/osx/remote/8861.rb,"Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler BoF Exploit (Metasploit)",2009-06-03,"Will Drewry",osx,remote,0 8862,platforms/windows/dos/8862.txt,"Apple QuickTime Image Description Atom Sign Extension PoC",2009-06-03,webDEViL,windows,dos,0 8863,platforms/windows/local/8863.c,"Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow PoC (SEH)",2009-06-03,"fl0 fl0w",windows,local,0 8864,platforms/php/webapps/8864.txt,"My Mini Bill (orderid) Remote SQL Injection Vulnerability",2009-06-03,"ThE g0bL!N",php,webapps,0 @@ -8461,7 +8461,7 @@ id,file,description,date,author,platform,type,port 8966,platforms/php/webapps/8966.txt,"phportal 1 - (topicler.php id) Remote SQL Injection Vulnerability",2009-06-15,"Mehmet Ince",php,webapps,0 8967,platforms/php/webapps/8967.txt,"The Recipe Script 5 - Remote XSS Vulnerability",2009-06-15,"ThE g0bL!N",php,webapps,0 8968,platforms/php/webapps/8968.txt,"Joomla Component com_jumi (fileid) Blind SQL Injection Exploit",2009-06-15,"Chip d3 bi0s",php,webapps,0 -8969,platforms/windows/remote/8969.rb,"Green Dam 3.17 URL Processing Buffer Overflow Exploit (meta)",2009-06-16,Trancer,windows,remote,0 +8969,platforms/windows/remote/8969.rb,"Green Dam 3.17 URL Processing Buffer Overflow Exploit (Metasploit)",2009-06-16,Trancer,windows,remote,0 8970,platforms/windows/remote/8970.txt,"McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write Vuln",2009-06-16,callAX,windows,remote,0 8971,platforms/windows/dos/8971.pl,"Carom3D 5.06 Unicode Buffer Overrun/DoS Vulnerability",2009-06-16,LiquidWorm,windows,dos,0 8974,platforms/php/webapps/8974.txt,"XOOPS <= 2.3.3 - Remote File Disclosure Vulnerability (.htaccess)",2009-06-16,daath,php,webapps,0 @@ -8494,7 +8494,7 @@ id,file,description,date,author,platform,type,port 9004,platforms/php/webapps/9004.txt,"Zen Cart 1.3.8 - Remote Code Execution Exploit",2009-06-23,BlackH,php,webapps,0 9005,platforms/php/webapps/9005.py,"Zen Cart 1.3.8 - Remote SQL Execution Exploit",2009-06-23,BlackH,php,webapps,0 9006,platforms/windows/dos/9006.py,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos Exploit",2009-06-23,Nibin,windows,dos,0 -9007,platforms/windows/dos/9007.rb,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (meta)",2009-06-23,Nibin,windows,dos,0 +9007,platforms/windows/dos/9007.rb,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (Metasploit)",2009-06-23,Nibin,windows,dos,0 9008,platforms/php/webapps/9008.txt,"phpCollegeExchange 0.1.5c (RFI/LFI/XSS) Multiple Vulnerabilities",2009-06-23,CraCkEr,php,webapps,0 9009,platforms/php/webapps/9009.txt,"BASE <= 1.2.4 (Auth Bypass) Insecure Cookie Handling Vulnerability",2009-06-24,"Tim Medin",php,webapps,0 9010,platforms/php/webapps/9010.txt,"Glossword <= 1.8.11 (index.php x) Local File Inclusion Vulnerability",2009-06-24,t0fx,php,webapps,0 @@ -8724,7 +8724,7 @@ id,file,description,date,author,platform,type,port 9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (Font tags) Remote Buffer Overflow Exploit (osx)",2009-07-24,Dr_IDE,osx,remote,0 9248,platforms/php/webapps/9248.txt,"SaphpLesson 4.0 - (Auth Bypass) SQL Injection Vulnerability",2009-07-24,SwEET-DeViL,php,webapps,0 9249,platforms/php/webapps/9249.txt,"Xoops Celepar Module Qas (codigo) SQL Injection Vulnerability",2009-07-24,s4r4d0,php,webapps,0 -9250,platforms/php/webapps/9250.sh,"Wordpress 2.8.1 - (url) Remote Cross-Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 +9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - (url) Remote Cross-Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 9251,platforms/php/webapps/9251.txt,"Deonixscripts Templates Management 1.3 - SQL Injection Vulnerability",2009-07-24,d3b4g,php,webapps,0 9252,platforms/php/webapps/9252.txt,"Scripteen Free Image Hosting Script 2.3 - SQL Injection Exploit",2009-07-24,Coksnuss,php,webapps,0 9253,platforms/windows/dos/9253.html,"Microsoft Internet Explorer 7/8 findText Unicode Parsing Crash Exploit",2009-07-24,Hong10,windows,dos,0 @@ -8742,7 +8742,7 @@ id,file,description,date,author,platform,type,port 9265,platforms/linux/dos/9265.c,"ISC DHCP dhclient < 3.1.2p1 - Remote Buffer Overflow PoC",2009-07-27,"Jon Oberheide",linux,dos,0 9266,platforms/php/webapps/9266.txt,"iwiccle 1.01 - (LFI/SQL) Multiple Vulnerabilities",2009-07-27,SirGod,php,webapps,0 9267,platforms/php/webapps/9267.txt,"VS PANEL 7.5.5 (Cat_ID) SQL Injection Vulnerability (patched?)",2009-07-27,octopos,php,webapps,0 -9268,platforms/hardware/dos/9268.rb,"Cisco WLC 4402 - Basic Auth Remote Denial of Service (meta)",2009-07-27,"Christoph Bott",hardware,dos,0 +9268,platforms/hardware/dos/9268.rb,"Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit)",2009-07-27,"Christoph Bott",hardware,dos,0 9269,platforms/php/webapps/9269.txt,"PHP Paid 4 Mail Script (home.php page) Remote File Inclusion Vuln",2009-07-27,int_main();,php,webapps,0 9270,platforms/php/webapps/9270.txt,"Super Mod System 3.0 - (s) SQL Injection Vulnerability",2009-07-27,MizoZ,php,webapps,0 9271,platforms/php/webapps/9271.txt,"Inout Adserver (id) Remote SQL Injection Vulnerability",2009-07-27,boom3rang,php,webapps,0 @@ -8878,7 +8878,7 @@ id,file,description,date,author,platform,type,port 9407,platforms/php/webapps/9407.txt,"CMS Made Simple <= 1.6.2 - Local File Disclosure Vulnerability",2009-08-10,IHTeam,php,webapps,0 9408,platforms/php/webapps/9408.php,"Joomla Component Kunena Forums (com_kunena) bSQL Injection Exploit",2009-08-10,"ilker Kandemir",php,webapps,0 9409,platforms/windows/local/9409.pl,"MediaCoder 0.7.1.4490 - (.lst/.m3u) Universal BoF Exploit (SEH)",2009-08-10,hack4love,windows,local,0 -9410,platforms/php/webapps/9410.txt,"Wordpress <= 2.8.3 - Remote Admin Reset Password Vulnerability",2009-08-11,"laurent gaffié ",php,webapps,0 +9410,platforms/php/webapps/9410.txt,"WordPress <= 2.8.3 - Remote Admin Reset Password Vulnerability",2009-08-11,"laurent gaffié ",php,webapps,0 9411,platforms/windows/dos/9411.cpp,"Embedthis Appweb 3.0b.2-4 - Remote Buffer Overflow PoC",2009-08-11,"fl0 fl0w",windows,dos,0 9412,platforms/windows/local/9412.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH)",2009-08-11,ahwak2000,windows,local,0 9413,platforms/php/webapps/9413.txt,"Joomla Component idoblog 1.1b30 (com_idoblog) SQL Injection Vuln",2009-08-11,kkr,php,webapps,0 @@ -8897,7 +8897,7 @@ id,file,description,date,author,platform,type,port 9428,platforms/windows/local/9428.pl,"pIPL 2.5.0 - (.PLS /.PL) Universal Local Buffer Exploit (SEH)",2009-08-13,hack4love,windows,local,0 9429,platforms/windows/dos/9429.py,"EmbedThis Appweb 3.0B.2-4 - Multiple Remote Buffer Overflow PoC",2009-08-13,Dr_IDE,windows,dos,0 9430,platforms/php/webapps/9430.pl,"JBLOG 1.5.1 - Remote SQL Table Backup Exploit",2009-08-13,Ams,php,webapps,0 -9431,platforms/php/webapps/9431.txt,"Wordpress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 +9431,platforms/php/webapps/9431.txt,"WordPress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 9432,platforms/hardware/remote/9432.txt,"THOMSON ST585 (user.ini) Arbitrary Download Vulnerability",2009-08-13,"aBo MoHaMeD",hardware,remote,0 9433,platforms/php/webapps/9433.txt,"Gazelle CMS 1.0 - Remote Arbitrary Shell Upload Vulnerability",2009-08-13,RoMaNcYxHaCkEr,php,webapps,0 9434,platforms/php/webapps/9434.txt,"tgs CMS 0.x (xss/sql/fd) Multiple Vulnerabilities",2009-08-13,[]ViZiOn,php,webapps,0 @@ -8973,14 +8973,14 @@ id,file,description,date,author,platform,type,port 9505,platforms/php/webapps/9505.txt,"Geeklog <= 1.6.0sr1 - Remote Arbitrary File Upload Vulnerability",2009-08-24,JaL0h,php,webapps,0 9506,platforms/windows/dos/9506.pl,"FLIP Flash Album Deluxe 1.8.407.1 - (.fft) Crash PoC",2009-08-24,the_Edit0r,windows,dos,0 9507,platforms/windows/dos/9507.pl,"AiO (All into One) Flash Mixer 3 - (.afp) Crash PoC",2009-08-24,the_Edit0r,windows,dos,0 -9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (meta)",2009-08-25,His0k4,windows,remote,0 +9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (Metasploit)",2009-08-25,His0k4,windows,remote,0 9509,platforms/windows/local/9509.pl,"Media Jukebox 8 - (.M3U) Universal Local Buffer Exploit (SEH)",2009-08-25,hack4love,windows,local,0 9510,platforms/php/webapps/9510.txt,"Joomla Component com_siirler 1.2 (sid) SQL Injection Vulnerability",2009-08-25,v3n0m,php,webapps,0 9511,platforms/php/webapps/9511.txt,"Turnkey Arcade Script (id) Remote SQL Injection Vulnerability",2009-08-25,Red-D3v1L,php,webapps,0 9512,platforms/php/webapps/9512.txt,"TCPDB 3.8 - Remote Content Change Bypass Vulnerabilities",2009-08-25,Securitylab.ir,php,webapps,0 9513,platforms/linux/local/9513.c,"Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure",2009-08-25,"Jon Oberheide",linux,local,0 9514,platforms/hardware/dos/9514.py,"Xerox WorkCentre Multiple Models Denial of Service Exploit",2009-08-25,"Henri Lindberg",hardware,dos,0 -9515,platforms/windows/dos/9515.txt,"Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (meta)",2009-08-25,"Francis Provencher",windows,dos,0 +9515,platforms/windows/dos/9515.txt,"Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (Metasploit)",2009-08-25,"Francis Provencher",windows,dos,0 9516,platforms/windows/dos/9516.txt,"Novell Client for Windows 2000/XP ActiveX Remote DoS Vulnerability",2009-08-25,"Francis Provencher",windows,dos,0 9517,platforms/windows/dos/9517.txt,"Lotus note connector for Blackberry Manager 5.0.0.11 - ActiveX DoS Vuln",2009-08-25,"Francis Provencher",windows,dos,0 9518,platforms/php/webapps/9518.txt,"EMO Breader Manager (video.php movie) SQL Injection Vulnerability",2009-08-25,Mr.SQL,php,webapps,0 @@ -9054,7 +9054,7 @@ id,file,description,date,author,platform,type,port 9589,platforms/windows/local/9589.pl,"OTSTurntables 1.00.027 - (.m3u/ofl) Local Universal BoF Exploit (SEH)",2009-09-04,hack4love,windows,local,0 9590,platforms/php/webapps/9590.c,"Zeroboard 4.1 pl7 now_connect() Remote Code Execution Exploit",2009-09-04,SpeeDr00t,php,webapps,0 9591,platforms/php/webapps/9591.txt,"Ticket Support Script (ticket.php) Remote Shell Upload Vulnerability",2009-09-04,InjEctOr5,php,webapps,0 -9592,platforms/windows/remote/9592.rb,"SIDVault 2.0e Windows Remote Buffer Overflow Exploit (meta)",2009-09-04,His0k4,windows,remote,389 +9592,platforms/windows/remote/9592.rb,"SIDVault 2.0e Windows Remote Buffer Overflow Exploit (Metasploit)",2009-09-04,His0k4,windows,remote,389 9593,platforms/php/webapps/9593.txt,"Joomla Compenent com_joomlub (aid) SQL Injection Vulnerability",2009-09-04,"599eme Man",php,webapps,0 9594,platforms/windows/dos/9594.txt,"Windows Vista/7 SMB2.0 Negotiate Protocol Request Remote BSOD Vuln",2009-09-09,"laurent gaffie",windows,dos,0 9595,platforms/linux/local/9595.c,"HTMLDOC 1.8.27 (html File Handling) Stack Buffer Overflow Exploit",2009-09-09,"Pankaj Kohli",linux,local,0 @@ -9612,7 +9612,7 @@ id,file,description,date,author,platform,type,port 10322,platforms/windows/local/10322.py,"Audacity 1.2.6 (gro File) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - (hhp) Buffer Overflow Exploit (Universal)",2009-12-05,Dz_attacker,windows,local,0 10324,platforms/php/webapps/10324.txt,"phpshop 0.8.1 - Multiple Vulnerabilities",2009-12-05,"Andrea Fabrizi",php,webapps,0 -10325,platforms/php/webapps/10325.txt,"Wordpress Image Manager Plugins - Shell Upload Vulnerability",2009-12-05,DigitALL,php,webapps,0 +10325,platforms/php/webapps/10325.txt,"WordPress Image Manager Plugins - Shell Upload Vulnerability",2009-12-05,DigitALL,php,webapps,0 10326,platforms/multiple/local/10326.txt,"Ghostscript < 8.64 - 'gdevpdtb.c' Buffer Overflow Vulnerability",2009-02-03,"Wolfgang Hamann",multiple,local,0 10327,platforms/multiple/dos/10327.txt,"Ghostscript 'CCITTFax' Decoding Filter - Denial of Service Vulnerability",2009-04-01,"Red Hat",multiple,dos,0 10329,platforms/php/webapps/10329.txt,"AROUNDMe <= 1.1 (language_path) Remote File Include Exploit",2009-12-06,"cr4wl3r ",php,webapps,0 @@ -9621,16 +9621,16 @@ id,file,description,date,author,platform,type,port 10332,platforms/windows/local/10332.rb,"IDEAL Administration 2009 9.7 - Buffer Overflow - Metasploit Universal",2009-12-06,dookie,windows,local,0 10333,platforms/windows/dos/10333.py,"VLC Media Player 1.0.3 smb:// URI Handling Remote Stack Overflow PoC",2009-12-06,Dr_IDE,windows,dos,0 10334,platforms/multiple/dos/10334.py,"VLC Media Player <= 1.0.3 RTSP Buffer Overflow PoC (OSX/Linux)",2009-12-06,Dr_IDE,multiple,dos,0 -10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Meta)",2009-12-07,loneferret,windows,local,0 +10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Metasploit)",2009-12-07,loneferret,windows,local,0 10337,platforms/php/webapps/10337.txt,"Chipmunk Newsletter Persistant XSS Vulnerability",2009-12-07,mr_me,php,webapps,0 10338,platforms/linux/dos/10338.pl,"Polipo 1.0.4 - Remote Memory Corruption PoC (0day)",2009-12-07,"Jeremy Brown",linux,dos,0 10339,platforms/windows/local/10339.pl,"gAlan 0.2.1 - Buffer Overflow Exploit (0day)",2009-12-07,"Jeremy Brown",windows,local,0 10340,platforms/windows/remote/10340.pl,"Multiple Symantec Products Intel Common Base Agent Remote Command Execution",2009-04-28,kingcope,windows,remote,0 10341,platforms/php/webapps/10341.txt,"SiSplet CMS <= 2008-01-24 - Multiple Remote File Include Exploit",2009-12-07,"cr4wl3r ",php,webapps,0 10343,platforms/windows/dos/10343.txt,"Kingsoft Internet Security 9 - Denial of Services",2009-11-05,"Francis Provencher",windows,dos,0 -10344,platforms/windows/local/10344.rb,"Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (meta)",2009-12-07,dookie,windows,local,0 +10344,platforms/windows/local/10344.rb,"Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (Metasploit)",2009-12-07,dookie,windows,local,0 10345,platforms/windows/local/10345.py,"gAlan - (.galan) Universal Buffer Overflow Exploit",2009-12-07,Dz_attacker,windows,local,0 -10346,platforms/windows/local/10346.rb,"gAlan 0.2.1 - Universal Buffer Overflow Exploit (meta)",2009-12-07,loneferret,windows,local,0 +10346,platforms/windows/local/10346.rb,"gAlan 0.2.1 - Universal Buffer Overflow Exploit (Metasploit)",2009-12-07,loneferret,windows,local,0 10347,platforms/hardware/webapps/10347.txt,"Barracuda IMFirewall 620 Vulnerability",2009-12-07,Global-Evolution,hardware,webapps,0 10349,platforms/linux/dos/10349.py,"CoreHTTP Web server <= 0.5.3.1 - off-by-one Buffer Overflow Vulnerability",2009-12-02,"Patroklos Argyroudis",linux,dos,80 10350,platforms/php/webapps/10350.txt,"IRAN N.E.T E-commerce Group SQL Injection Vulnerability",2009-12-08,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 @@ -9644,9 +9644,9 @@ id,file,description,date,author,platform,type,port 10359,platforms/windows/local/10359.py,"Audio Workstation 6.4.2.4.0 - (.pls) Universal Local BoF Exploit",2009-12-09,mr_me,windows,local,0 10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 (Auth Bypass) Remote SQL Injection",2009-12-09,"AnTi SeCuRe",php,webapps,0 10362,platforms/hardware/remote/10362.txt,"THOMSON TG585n 7.4.3.2 (user.ini) Arbitrary Download Vulnerability",2009-12-09,"AnTi SeCuRe",hardware,remote,0 -10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 pls Buffer Overflow (meta)",2009-12-09,dookie,windows,local,0 +10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 pls Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,local,0 10364,platforms/php/webapps/10364.txt,"TestLink Test Management and Execution System - Multiple XSS and Injection Vulnerabilities",2009-12-09,"Core Security",php,webapps,0 -10365,platforms/windows/remote/10365.rb,"Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (meta)",2009-12-09,dookie,windows,remote,0 +10365,platforms/windows/remote/10365.rb,"Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (Metasploit)",2009-12-09,dookie,windows,remote,0 10366,platforms/php/webapps/10366.txt,"Joomla Component com_jsjobs 1.0.5.6 - SQL Injection Vulnerabilities",2009-12-10,kaMtiEz,php,webapps,0 10367,platforms/php/webapps/10367.txt,"Joomla Component com_jphoto SQL Injection Vulnerability - (id)",2009-12-10,kaMtiEz,php,webapps,0 10368,platforms/asp/webapps/10368.txt,"Free ASP Upload Shell Upload Vulnerability",2009-12-10,Mr.aFiR,asp,webapps,0 @@ -9963,10 +9963,10 @@ id,file,description,date,author,platform,type,port 10741,platforms/php/webapps/10741.txt,"cybershade CMS 0.2 - Remote File Inclusion Vulnerability",2009-12-27,Mr.SeCreT,php,webapps,0 10742,platforms/php/webapps/10742.txt,"Joomla Component com_dhforum SQL Injection Vulnerability",2009-12-27,"ViRuSMaN ",php,webapps,0 10743,platforms/php/webapps/10743.txt,"phPay 2.2a - Backup Vulnerability",2009-12-26,indoushka,php,webapps,0 -10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (meta)",2009-12-27,dijital1,windows,local,0 +10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (Metasploit)",2009-12-27,dijital1,windows,local,0 10745,platforms/windows/local/10745.c,"Mini-stream ripper 3.0.1.1 - (.pls) Local Universal Buffer Overflow Exploit",2009-12-27,mr_me,windows,local,0 10747,platforms/windows/local/10747.py,"Mini-Stream Exploit for Windows XP SP2 and SP3",2009-12-27,dijital1,windows,local,0 -10748,platforms/windows/local/10748.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Meta)",2009-12-27,dijital1,windows,local,0 +10748,platforms/windows/local/10748.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Metasploit)",2009-12-27,dijital1,windows,local,0 10750,platforms/php/webapps/10750.txt,"Mambo Component Material Suche 1.0 - SQL Injection",2009-12-27,Gamoscu,php,webapps,0 10751,platforms/php/webapps/10751.txt,"Koobi Pro 6.1 - Gallery (img_id)",2009-12-27,BILGE_KAGAN,php,webapps,0 10752,platforms/multiple/webapps/10752.txt,"Yonja Remote File Upload Vulnerability",2009-12-28,indoushka,multiple,webapps,80 @@ -10029,7 +10029,7 @@ id,file,description,date,author,platform,type,port 10822,platforms/php/webapps/10822.txt,"Joomla Component com_rd_download Local File Disclosure Vulnerability",2009-12-30,FL0RiX,php,webapps,0 10823,platforms/asp/webapps/10823.txt,"UranyumSoft Ýlan Servisi - Database Disclosure Vulnerability",2009-12-30,LionTurk,asp,webapps,0 10824,platforms/php/webapps/10824.txt,"K-Rate SQL Injection Vulnerability",2009-12-30,e.wiZz,php,webapps,0 -10825,platforms/php/dos/10825.sh,"Wordpress <= 2.9 - DoS (0day)",2009-12-31,emgent,php,dos,80 +10825,platforms/php/dos/10825.sh,"WordPress <= 2.9 - DoS (0day)",2009-12-31,emgent,php,dos,80 10826,platforms/php/dos/10826.sh,"Drupal <= 6.16 and 5.21 - DoS (0day)",2009-12-31,emgent,php,dos,80 10827,platforms/windows/local/10827.rb,"DJ Studio Pro 5.1.6.5.2 SEH Exploit",2009-12-30,"Sébastien Duquette",windows,local,0 10828,platforms/php/webapps/10828.txt,"vBulletin ads_saed 1.5 (bnnr.php) SQL Injection Vulnerability",2009-12-30,"Hussin X",php,webapps,0 @@ -10090,7 +10090,7 @@ id,file,description,date,author,platform,type,port 10923,platforms/php/webapps/10923.txt,"superlink script <= 1.0 - (id) SQL Injection Vulnerability",2010-01-02,Red-D3v1L,php,webapps,0 10924,platforms/php/webapps/10924.txt,"AL-Athkat.2.0 - Cross-Site Scripting Vulnerability",2010-01-02,indoushka,php,webapps,0 10928,platforms/php/webapps/10928.txt,"Joomla Component com_dailymeals LFI Vulnerability",2010-01-02,FL0RiX,php,webapps,0 -10929,platforms/php/webapps/10929.txt,"Wordpress Events Plugin - SQL Injection Vulnerability",2010-01-02,Red-D3v1L,php,webapps,0 +10929,platforms/php/webapps/10929.txt,"WordPress Events Plugin - SQL Injection Vulnerability",2010-01-02,Red-D3v1L,php,webapps,0 10930,platforms/php/webapps/10930.txt,"Left 4 Dead Stats 1.1 - SQL Injection Vulnerability",2010-01-02,Sora,php,webapps,0 10931,platforms/php/webapps/10931.txt,"X7CHAT 1.3.6b - Add Admin Exploit",2010-01-02,d4rk-h4ck3r,php,webapps,0 10936,platforms/windows/local/10936.c,"PlayMeNow - Malformed M3U Playlist BoF (Windows XP SP2 French)",2010-01-03,bibi-info,windows,local,0 @@ -10137,7 +10137,7 @@ id,file,description,date,author,platform,type,port 11005,platforms/asp/webapps/11005.txt,"KMSoft Guestbook 1.0 - Database Disclosure Vulnerability",2010-01-04,LionTurk,asp,webapps,0 11008,platforms/asp/webapps/11008.txt,"YP Portal MS-Pro Surumu 1.0 DB Download Vulnerability",2010-01-05,indoushka,asp,webapps,0 11009,platforms/multiple/dos/11009.pl,"Novell Netware CIFS And AFP Remote Memory Consumption DoS",2010-01-05,"Francis Provencher",multiple,dos,0 -11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 & 7.4 - Buffer Overflow (meta)",2010-01-06,blake,windows,local,0 +11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 & 7.4 - Buffer Overflow (Metasploit)",2010-01-06,blake,windows,local,0 11012,platforms/php/webapps/11012.txt,"ITaco Group ITaco.biz (view_news) SQL Injection Vulnerability",2010-01-06,Err0R,php,webapps,0 11013,platforms/php/webapps/11013.txt,"PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/Xss)",2010-01-06,"Zer0 Thunder",php,webapps,0 11014,platforms/php/webapps/11014.txt,"Myuploader - Upload Shell Exploit",2010-01-06,S2K9,php,webapps,0 @@ -10197,7 +10197,7 @@ id,file,description,date,author,platform,type,port 11088,platforms/php/webapps/11088.txt,"Joomla Component com_jcollection Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11089,platforms/php/webapps/11089.txt,"Joomla Component com_jvideodirect Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11090,platforms/php/webapps/11090.txt,"Joomla Component com_jashowcase Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 -11093,platforms/windows/local/11093.rb,"Soritong 1.0 - Universal BOF-SEH (META)",2010-01-10,fb1h2s,windows,local,0 +11093,platforms/windows/local/11093.rb,"Soritong 1.0 - Universal BOF-SEH (Metasploit)",2010-01-10,fb1h2s,windows,local,0 11094,platforms/php/webapps/11094.txt,"Simply Classified 0.2 - XSS & CSRF Vulnerabilities",2010-01-10,mr_me,php,webapps,0 11095,platforms/windows/dos/11095.txt,"YPOPS! 0.9.7.3 - Buffer Overflow (SEH)",2010-01-10,blake,windows,dos,0 11096,platforms/asp/webapps/11096.txt,"ABB 1.1 - Forum Remote Database Disclosure Vulnerability",2010-01-10,"ViRuSMaN ",asp,webapps,0 @@ -10208,7 +10208,7 @@ id,file,description,date,author,platform,type,port 11104,platforms/php/webapps/11104.txt,"CMScontrol 7.x File Upload",2010-01-11,Cyber_945,php,webapps,0 11106,platforms/multiple/dos/11106.bat,"Nuked KLan <= 1.7.7 & <= SP4 DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 11107,platforms/php/webapps/11107.txt,"gridcc script 1.0 (sql/XSS) Multiple Vulnerabilities",2010-01-11,Red-D3v1L,php,webapps,0 -11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 (PLS File) Stack Overflow (meta)",2010-01-11,dookie,windows,local,0 +11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 (PLS File) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 11110,platforms/php/webapps/11110.txt,"Image Hosting Script Remote shell upload Vulnerability",2010-01-11,R3d-D3V!L,php,webapps,0 11111,platforms/php/webapps/11111.txt,"FAQEngine 4.24.00 - Remote File Inclusion Vulnerability",2010-01-11,kaMtiEz,php,webapps,0 11112,platforms/windows/local/11112.c,"HTMLDOC 1.9.x-r1629 - Local .html Buffer Overflow (Win32) Exploit",2010-01-11,"fl0 fl0w",windows,local,0 @@ -10323,7 +10323,7 @@ id,file,description,date,author,platform,type,port 11254,platforms/windows/dos/11254.pl,"P2GChinchilla HTTP Server 1.1.1 - Denial of Service Exploit",2010-01-24,"Zer0 Thunder",windows,dos,0 11255,platforms/windows/local/11255.pl,"Winamp 5.572 - whatsnew.txt Stack Overflow Exploit",2010-01-25,Dz_attacker,windows,local,0 11256,platforms/windows/local/11256.pl,"Winamp 5.572 - whatsnew.txt Local Buffer Overflow Exploit (Windows XP SP3 DE)",2010-01-25,NeoCortex,windows,local,0 -11257,platforms/windows/remote/11257.rb,"AOL 9.5 Phobos.Playlist 'Import()' Buffer Overflow Exploit (Meta)",2010-01-25,Trancer,windows,remote,0 +11257,platforms/windows/remote/11257.rb,"AOL 9.5 Phobos.Playlist 'Import()' Buffer Overflow Exploit (Metasploit)",2010-01-25,Trancer,windows,remote,0 11258,platforms/php/webapps/11258.html,"Status2k Remote Add Admin Exploit",2010-01-25,alnjm33,php,webapps,0 11260,platforms/windows/dos/11260.txt,"AIC Audio Player 1.4.1.587 - Local Crash PoC",2010-01-26,b0telh0,windows,dos,0 11261,platforms/php/webapps/11261.txt,"UGiA PHP UPLOADER 0.2 - Shell Upload Vulnerability",2010-01-26,indoushka,php,webapps,0 @@ -10463,7 +10463,7 @@ id,file,description,date,author,platform,type,port 11415,platforms/php/webapps/11415.txt,"Izumi <= 1.1.0 (RFI/LFI) Multiple Include Vulnerability",2010-02-12,"cr4wl3r ",php,webapps,0 11416,platforms/php/webapps/11416.txt,"Alqatari Group 1.0 - Blind SQL Injection Vulnerability",2010-02-12,Red-D3v1L,php,webapps,0 11420,platforms/windows/remote/11420.py,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit",2010-02-12,Lincoln,windows,remote,0 -11422,platforms/windows/remote/11422.rb,"Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (meta)",2010-02-12,Dz_attacker,windows,remote,0 +11422,platforms/windows/remote/11422.rb,"Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (Metasploit)",2010-02-12,Dz_attacker,windows,remote,0 11424,platforms/php/webapps/11424.txt,"cms made simple 1.6.6 - Multiple Vulnerabilities",2010-02-12,"Beenu Arora",php,webapps,0 11425,platforms/php/webapps/11425.txt,"daChooch Remote SQL Injection Vulnerability",2010-02-12,snakespc,php,webapps,0 11426,platforms/multiple/dos/11426.txt,"Browser address bar characters into a small feature",2010-02-12,"Pouya Daneshmand",multiple,dos,0 @@ -10670,7 +10670,7 @@ id,file,description,date,author,platform,type,port 11663,platforms/windows/local/11663.txt,"Lenovo Hotkey Driver <= 5.33 - Privilege Escalation",2010-03-09,"Chilik Tamir",windows,local,0 11666,platforms/php/webapps/11666.txt,"Uebimiau Webmail 3.2.0-2.0 - Email Disclosure",2010-03-09,"Z3r0c0re, R4vax",php,webapps,0 11667,platforms/php/webapps/11667.txt,"Joomla Component com_hezacontent 1.0 - SQL Injection Vulnerability (id)",2010-03-09,kaMtiEz,php,webapps,0 -11668,platforms/windows/remote/11668.rb,"Easy FTP Server 1.7.0.2 - CWD Remote BoF (MSF Module)",2010-03-09,blake,windows,remote,0 +11668,platforms/windows/remote/11668.rb,"Easy FTP Server 1.7.0.2 - CWD Remote BoF (Metasploit)",2010-03-09,blake,windows,remote,0 11669,platforms/windows/dos/11669.py,"JAD java decompiler 1.5.8g (argument) Local Crash",2010-03-09,l3D,windows,dos,0 11670,platforms/windows/dos/11670.py,"JAD java decompiler 1.5.8g (.class) Stack Overflow DoS",2010-03-09,l3D,windows,dos,0 11671,platforms/php/webapps/11671.txt,"mhproducts kleinanzeigenmarkt search.php SQL Injection",2010-03-09,"Easy Laster",php,webapps,0 @@ -10684,7 +10684,7 @@ id,file,description,date,author,platform,type,port 11681,platforms/php/webapps/11681.txt,"ispCP Omega <= 1.0.4 - Remote File Include Vulnerability",2010-03-10,"cr4wl3r ",php,webapps,0 14092,platforms/windows/local/14092.c,"Kingsoft Writer 2010 - Stack Buffer Overflow",2010-06-28,"fl0 fl0w",windows,local,0 11682,platforms/windows/local/11682.py,"Mini-stream Ripper 3.0.1.1 - (.m3u) HREF Buffer Overflow",2010-03-10,l3D,windows,local,0 -11683,platforms/windows/remote/11683.rb,"Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)",2010-03-10,Trancer,windows,remote,0 +11683,platforms/windows/remote/11683.rb,"Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (Metasploit)",2010-03-10,Trancer,windows,remote,0 11684,platforms/php/webapps/11684.txt,"Joomla com_about Remote SQL Injection Vulnerability",2010-03-11,snakespc,php,webapps,0 11685,platforms/php/webapps/11685.txt,"ATutor 1.6.4 - Multiple Cross-Site Scripting",2010-03-11,ITSecTeam,php,webapps,0 11686,platforms/php/webapps/11686.txt,"ANE CMD CRSF - Add Admin",2010-03-11,"pratul agrawal",php,webapps,0 @@ -10741,7 +10741,7 @@ id,file,description,date,author,platform,type,port 11739,platforms/php/webapps/11739.txt,"PHP Classifieds 7.5 - Blind SQL Injection Vulnerability",2010-03-15,ITSecTeam,php,webapps,0 11740,platforms/php/webapps/11740.txt,"Ninja RSS Syndicator 1.0.8 - Local File Include",2010-03-15,jdc,php,webapps,0 11741,platforms/php/webapps/11741.txt,"Phenix 3.5b - SQL Injection Vulnerability",2010-03-15,ITSecTeam,php,webapps,0 -11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (meta)",2010-03-15,blake,windows,remote,0 +11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)",2010-03-15,blake,windows,remote,0 11743,platforms/php/webapps/11743.txt,"Joomla component com_rpx Ulti RPX 2.1.0 - Local File Include",2010-03-15,jdc,php,webapps,0 11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script Cross-Site Scripting Vulnerability",2010-03-15,indoushka,php,webapps,0 11745,platforms/php/webapps/11745.txt,"FreeHost 1.00 - Upload Vulnerability",2010-03-15,indoushka,php,webapps,0 @@ -11052,7 +11052,7 @@ id,file,description,date,author,platform,type,port 12095,platforms/linux/dos/12095.txt,"Virata EmWeb R6.0.1 - Remote Crash Vulnerability",2010-04-06,"Jobert Abma",linux,dos,0 12096,platforms/windows/dos/12096.txt,"Juke 4.0.2 DoS Multiple Files",2010-04-06,anonymous,windows,dos,0 12097,platforms/php/webapps/12097.txt,"Joomla Component XOBBIX - prodid SQL Injection Vulnerability",2010-04-06,AntiSecurity,php,webapps,0 -12098,platforms/php/webapps/12098.txt,"Wordpress Plugin NextGEN Gallery <= 1.5.1 - XSS Vulnerability",2010-04-06,"Alejandro Rodriguez",php,webapps,0 +12098,platforms/php/webapps/12098.txt,"WordPress Plugin NextGEN Gallery <= 1.5.1 - XSS Vulnerability",2010-04-06,"Alejandro Rodriguez",php,webapps,0 12100,platforms/asp/webapps/12100.txt,"Espinas CMS SQL Injection Vulnerability",2010-04-07,"Pouya Daneshmand",asp,webapps,0 12101,platforms/php/webapps/12101.txt,"Joomla Component aWiki com_awiki Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 12102,platforms/php/webapps/12102.txt,"Joomla Component VJDEO com_vjdeo 1.0 - LFI Vulnerability",2010-04-07,"Angela Zhang",php,webapps,0 @@ -11196,7 +11196,7 @@ id,file,description,date,author,platform,type,port 12251,platforms/php/webapps/12251.php,"Camiro-CMS_beta-0.1 - (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-15,eidelweiss,php,webapps,0 12252,platforms/hardware/dos/12252.txt,"IBM BladeCenter Management Module - DoS Vulnerability",2010-04-15,"Alexey Sintsov",hardware,dos,0 12254,platforms/php/webapps/12254.txt,"FCKEditor Core - (FileManager - test.html) Remote Arbitrary File Upload Exploit",2010-04-16,Mr.MLL,php,webapps,0 -12255,platforms/windows/local/12255.rb,"Winamp 5.572 - whatsnew.txt SEH (meta)",2010-04-16,blake,windows,local,0 +12255,platforms/windows/local/12255.rb,"Winamp 5.572 - whatsnew.txt SEH (Metasploit)",2010-04-16,blake,windows,local,0 12256,platforms/php/webapps/12256.txt,"ilchClan <= 1.0.5B SQL Injection Vulnerability Exploit",2010-04-16,"Easy Laster",php,webapps,0 12257,platforms/php/webapps/12257.txt,"joomla component com_manager 1.5.3 - (id) SQL Injection Vulnerability",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0 12258,platforms/windows/dos/12258.py,"Windows - SMB Client-Side Bug Proof of Concept (MS10-006)",2010-04-16,"laurent gaffie",windows,dos,0 @@ -11312,7 +11312,7 @@ id,file,description,date,author,platform,type,port 12385,platforms/php/webapps/12385.html,"TR Forum 1.5 - Insert Admin CSRF Vulnerability",2010-04-25,EL-KAHINA,php,webapps,0 12386,platforms/php/webapps/12386.txt,"PHP Classifieds 6.09 - E-mail Dump Vulnerability",2010-04-25,indoushka,php,webapps,0 12387,platforms/php/webapps/12387.sh,"webessence 1.0.2 - Multiple Vulnerabilities",2010-04-25,"white_sheep, R00T_ATI and epicfail",php,webapps,0 -12388,platforms/windows/local/12388.rb,"WM Downloader 3.0.0.9 - Buffer Overflow (Meta)",2010-04-25,blake,windows,local,0 +12388,platforms/windows/local/12388.rb,"WM Downloader 3.0.0.9 - Buffer Overflow (Metasploit)",2010-04-25,blake,windows,local,0 12395,platforms/php/webapps/12395.txt,"2daybiz Advanced Poll Script XSS and Authentication Bypass",2010-04-26,Sid3^effects,php,webapps,0 12396,platforms/php/webapps/12396.txt,"OpenCominterne 1.01 - Local File Include Vulnerability",2010-04-26,"cr4wl3r ",php,webapps,0 12398,platforms/php/webapps/12398.txt,"Opencourrier 2.03beta (RFI/LFI) Multiple File Include Vulnerability",2010-04-26,"cr4wl3r ",php,webapps,0 @@ -11438,14 +11438,14 @@ id,file,description,date,author,platform,type,port 12527,platforms/asp/dos/12527.txt,"Administrador de Contenidos - Admin Login Bypass Vulnerability",2010-05-07,Ra3cH,asp,dos,0 12528,platforms/windows/local/12528.pl,"AVCON H323Call Buffer Overflow",2010-05-07,"Dillon Beresford",windows,local,0 12529,platforms/windows/dos/12529.py,"ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64) LZH archive parsing PoC Exploit",2010-05-07,"Oleksiuk Dmitry, eSage Lab",windows,dos,0 -12530,platforms/windows/dos/12530.rb,"TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Meta)",2010-05-08,"Jeremiah Talamantes",windows,dos,0 +12530,platforms/windows/dos/12530.rb,"TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Metasploit)",2010-05-08,"Jeremiah Talamantes",windows,dos,0 12531,platforms/windows/dos/12531.pl,"GeoHttpServer Remote DoS Vulnerability",2010-05-08,aviho1,windows,dos,0 12532,platforms/php/webapps/12532.txt,"B2B Classic Trading Script (offers.php) SQL Injection Vulnerability",2010-05-08,v3n0m,php,webapps,0 12533,platforms/php/webapps/12533.txt,"big.asp - SQL Injection Vulnerability",2010-05-08,Ra3cH,php,webapps,0 12534,platforms/php/webapps/12534.txt,"PHP Link Manager 1.7 - Url Redirection Bug",2010-05-08,ITSecTeam,php,webapps,0 12535,platforms/php/webapps/12535.txt,"phpscripte24 Countdown Standart Rückwärts Auktions System - SQL Injection",2010-05-08,"Easy Laster",php,webapps,0 12539,platforms/php/webapps/12539.txt,"Joomla Component com_articleman Upload Vulnerability",2010-05-08,Sid3^effects,php,webapps,0 -12540,platforms/windows/local/12540.rb,"IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Meta)",2010-05-08,blake,windows,local,0 +12540,platforms/windows/local/12540.rb,"IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Metasploit)",2010-05-08,blake,windows,local,0 12541,platforms/windows/dos/12541.php,"Dolphin 2.0 - (.elf) Local Daniel Of Service",2010-05-09,"Yakir Wizman",windows,dos,0 12542,platforms/php/webapps/12542.rb,"phpscripte24 Shop System SQL Injection Vulnerability Exploit",2010-05-09,"Easy Laster",php,webapps,0 12543,platforms/php/webapps/12543.rb,"Alibaba Clone <= 3.0 (Special) - SQL Injection Vulnerability Exploit",2010-05-09,"Easy Laster",php,webapps,0 @@ -12397,7 +12397,7 @@ id,file,description,date,author,platform,type,port 14074,platforms/php/webapps/14074.rb,"2daybiz Polls Script SQL Injection Vulnerability Exploit",2010-06-27,"Easy Laster",php,webapps,0 14075,platforms/php/webapps/14075.rb,"2daybiz Freelance Script SQL Injection Vulnerability Exploit",2010-06-27,"Easy Laster",php,webapps,0 14076,platforms/php/webapps/14076.rb,"2daybiz Photo Sharing Script SQL Injection Vulnerability",2010-06-27,"Easy Laster",php,webapps,0 -14077,platforms/windows/local/14077.rb,"BlazeDVD 6.0 - Buffer Overflow Exploit (Meta)",2010-06-27,blake,windows,local,0 +14077,platforms/windows/local/14077.rb,"BlazeDVD 6.0 - Buffer Overflow Exploit (Metasploit)",2010-06-27,blake,windows,local,0 14078,platforms/php/webapps/14078.txt,"Bilder Upload Script - Datei Upload 1.09 - Remote Shell Upload Vulnerability",2010-06-27,Mr.Benladen,php,webapps,0 14079,platforms/php/webapps/14079.txt,"i-netsolution Job Search Engine SQL Injection Vulnerability",2010-06-27,Sid3^effects,php,webapps,0 14080,platforms/php/webapps/14080.txt,"I-Net MLM Script Engine SQL Injection Vulnerability",2010-06-27,Sid3^effects,php,webapps,0 @@ -12486,7 +12486,7 @@ id,file,description,date,author,platform,type,port 14208,platforms/php/webapps/14208.txt,"Sandbox 2.0.2 - Local File Inclusion Vulnerability",2010-07-04,saudi0hacker,php,webapps,0 14196,platforms/php/webapps/14196.txt,"Joomla SocialAds Component com_socialads Persistent XSS Vulnerability",2010-07-03,Sid3^effects,php,webapps,0 14197,platforms/php/webapps/14197.txt,"iScripts MultiCart 2.2 - Multiple SQL Injection Vulnerability",2010-07-03,"Salvatore Fresta",php,webapps,0 -14198,platforms/php/webapps/14198.txt,"Simple:Press Wordpress Plugin 4.3.0 - SQL Injection Vulnerability",2010-07-04,"ADEO Security",php,webapps,0 +14198,platforms/php/webapps/14198.txt,"Simple:Press WordPress Plugin 4.3.0 - SQL Injection Vulnerability",2010-07-04,"ADEO Security",php,webapps,0 14199,platforms/php/webapps/14199.txt,"phpaaCMS 0.3.1 - (show.php?id=) SQL Injection Vulnerability",2010-07-04,Shafiq-Ur-Rehman,php,webapps,0 14200,platforms/windows/remote/14200.html,"Registry OCX 1.5 - ActiveX Buffer Overflow Exploit",2010-07-04,blake,windows,remote,0 14201,platforms/php/webapps/14201.txt,"phpaaCMS (list.php?id) SQL Injection Vulnerability",2010-07-04,CoBRa_21,php,webapps,0 @@ -12577,7 +12577,7 @@ id,file,description,date,author,platform,type,port 14305,platforms/linux/shellcode/14305.c,"Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) (49 bytes)",2010-07-09,10n1z3d,linux,shellcode,0 14306,platforms/php/webapps/14306.txt,"HoloCMS 9.0.47 (news.php) SQL Injection Vulnerability",2010-07-09,GlaDiaT0R,php,webapps,0 14309,platforms/windows/remote/14309.html,"RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow",2010-07-09,blake,windows,remote,0 -14308,platforms/php/webapps/14308.txt,"Wordpress Firestats - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 +14308,platforms/php/webapps/14308.txt,"WordPress Firestats - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 HTTP Server Remote Integer Overflow DoS",2010-10-23,d0lc3,windows,dos,0 14310,platforms/php/webapps/14310.js,"DotDefender <= 3.8-5 - No Authentication Remote Code Execution Through XSS",2010-07-09,rAWjAW,php,webapps,80 14313,platforms/php/webapps/14313.txt,"Joomla MyHome Component (com_myhome) Blind SQL Injection Vulnerability",2010-07-10,Sid3^effects,php,webapps,0 @@ -12644,7 +12644,7 @@ id,file,description,date,author,platform,type,port 14393,platforms/php/webapps/14393.txt,"Calendarix (cal_cat.php) SQL Injection Vulnerability",2010-07-17,SixP4ck3r,php,webapps,0 14394,platforms/php/webapps/14394.txt,"Joomla Component (com_spa) SQL Injection Vulnerability",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 14395,platforms/php/webapps/14395.txt,"Joomla Component (com_staticxt) SQL Injection Vulnerability",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 -14397,platforms/windows/local/14397.rb,"MoreAmp SEH Buffer Overflow (meta)",2010-07-17,Madjix,windows,local,0 +14397,platforms/windows/local/14397.rb,"MoreAmp SEH Buffer Overflow (Metasploit)",2010-07-17,Madjix,windows,local,0 14404,platforms/php/webapps/14404.txt,"Kayako eSupport (functions.php) 3.70.02 - SQL Injection Vulnerability",2010-07-18,ScOrPiOn,php,webapps,0 14405,platforms/php/webapps/14405.txt,"PHP-Fusion Remote Command Execution Vulnerability",2010-07-18,"ViRuS Qalaa",php,webapps,0 14399,platforms/windows/remote/14399.py,"Easy FTP Server 1.7.0.11 - MKD Command Remote Buffer Overflow Exploit (Post Auth)",2010-07-17,"Karn Ganeshen",windows,remote,0 @@ -12657,7 +12657,7 @@ id,file,description,date,author,platform,type,port 14408,platforms/windows/dos/14408.py,"Really Simple IM 1.3beta DoS Proof of Concept",2010-07-18,loneferret,windows,dos,0 14409,platforms/aix/remote/14409.pl,"AIX5l with FTP-Server Remote Root Hash Disclosure Exploit",2010-07-18,kingcope,aix,remote,0 14410,platforms/php/webapps/14410.txt,"rapidCMS 2.0 - Authentication Bypass",2010-07-18,Mahjong,php,webapps,0 -14412,platforms/windows/remote/14412.rb,"Hero DVD - Buffer Overflow Exploit (meta)",2010-07-19,Madjix,windows,remote,0 +14412,platforms/windows/remote/14412.rb,"Hero DVD - Buffer Overflow Exploit (Metasploit)",2010-07-19,Madjix,windows,remote,0 14413,platforms/windows/dos/14413.txt,"Microsoft Internet Explorer 7.0 - DoS Microsoft Clip Organizer Multiple Insecure ActiveX Control",2010-07-20,"Beenu Arora",windows,dos,0 14414,platforms/windows/dos/14414.txt,"Unreal Tournament 3 2.1 - 'STEAMBLOB' Command Remote Denial of Service Vulnerability",2010-07-20,"Luigi Auriemma",windows,dos,0 14415,platforms/php/webapps/14415.html,"EZ-Oscommerce 3.1 - Remote File Upload",2010-07-20,indoushka,php,webapps,0 @@ -12690,7 +12690,7 @@ id,file,description,date,author,platform,type,port 14448,platforms/php/webapps/14448.txt,"Joomla Component (com_golfcourseguide) 0.9.6.0 (beta) & 1 (beta) - SQL Injection Vulnerability",2010-07-23,Valentin,php,webapps,0 14449,platforms/php/webapps/14449.txt,"Joomla Component (com_huruhelpdesk) SQL Injection Vulnerability",2010-07-23,Amine_92,php,webapps,0 14450,platforms/php/webapps/14450.txt,"Joomla Component (com_iproperty) SQL Injection Vulnerability",2010-07-23,Amine_92,php,webapps,0 -14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (meta)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 +14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (Metasploit)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 14452,platforms/linux/dos/14452.txt,"Ubuntu 10.04 LTS - Lucid Lynx ftp Client 0.17-19build1 ACCT - Buffer Overflow",2010-07-23,d0lc3,linux,dos,0 14453,platforms/php/webapps/14453.txt,"PhotoPost PHP 4.6.5 (ecard.php) SQL Injection Vulnerability",2010-07-23,CoBRa_21,php,webapps,0 14454,platforms/php/webapps/14454.txt,"ValidForm Builder script Remote Command Execution Vulnerability",2010-07-23,"HaCkEr arar",php,webapps,0 @@ -13032,7 +13032,7 @@ id,file,description,date,author,platform,type,port 14916,platforms/windows/dos/14916.py,"HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution",2010-09-06,Abysssec,windows,dos,0 14919,platforms/asp/webapps/14919.txt,"Micronetsoft Rental Property Management Website SQL Injection Vulnerability",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 14922,platforms/php/webapps/14922.txt,"Joomla Component Aardvertiser 2.1 Free Blind SQL Injection Vulnerability",2010-09-06,"Stephan Sattler",php,webapps,0 -14923,platforms/php/webapps/14923.txt,"Wordpress Events Manager Extended Plugin - Persistent XSS Vulnerability",2010-09-06,Craw,php,webapps,0 +14923,platforms/php/webapps/14923.txt,"WordPress Events Manager Extended Plugin - Persistent XSS Vulnerability",2010-09-06,Craw,php,webapps,0 14931,platforms/php/webapps/14931.php,"java Bridge 5.5 - Directory Traversal Vulnerability",2010-09-07,Saxtor,php,webapps,0 14925,platforms/linux/remote/14925.txt,"weborf <= 0.12.2 - Directory Traversal Vulnerability",2010-09-07,Rew,linux,remote,0 14927,platforms/php/webapps/14927.txt,"dynpage <= 1.0 - Multiple Vulnerabilities (0day)",2010-09-07,Abysssec,php,webapps,0 @@ -13134,14 +13134,14 @@ id,file,description,date,author,platform,type,port 15069,platforms/windows/local/15069.py,"Acoustica Audio Converter Pro 1.1 (build 25) - Heap Overflow (.mp3.wav.ogg.wma) PoC",2010-09-21,"Carlos Mario Penagos Hollmann",windows,local,0 15070,platforms/php/webapps/15070.txt,"ibPhotohost 1.1.2 - SQL Injection",2010-09-21,fred777,php,webapps,0 15071,platforms/windows/remote/15071.txt,"Softek Barcode Reader Toolkit ActiveX 7.1.4.14 (SoftekATL.dll) Buffer Overflow PoC",2010-09-21,LiquidWorm,windows,remote,0 -15072,platforms/windows/remote/15072.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (meta)",2010-09-21,Trancer,windows,remote,0 +15072,platforms/windows/remote/15072.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (Metasploit)",2010-09-21,Trancer,windows,remote,0 15073,platforms/windows/remote/15073.rb,"Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit",2010-09-21,Trancer,windows,remote,0 15074,platforms/linux/local/15074.sh,"Ubuntu Linux - 'mountall' - Local Privilege Escalation Vulnerability",2010-09-21,fuzz,linux,local,0 15075,platforms/php/webapps/15075.txt,"wpQuiz 2.7 - Authentication Bypass Vulnerability",2010-09-21,KnocKout,php,webapps,0 15076,platforms/windows/dos/15076.py,"Adobe Shockwave Director tSAC - Chunk Memory Corruption",2010-09-22,Abysssec,windows,dos,0 15078,platforms/asp/webapps/15078.txt,"gausCMS - Multiple Vulnerabilities",2010-09-22,Abysssec,asp,webapps,0 15080,platforms/php/webapps/15080.txt,"Skybluecanvas 1.1-r248 - Cross-Site Request Forgery Vulnirability",2010-09-22,Sweet,php,webapps,0 -15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - SEH Exploit (MSF)",2010-09-22,Madjix,windows,local,0 +15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - SEH Exploit (Metasploit)",2010-09-22,Madjix,windows,local,0 15082,platforms/php/webapps/15082.txt,"BSI Hotel Booking System Admin 1.4 & 2.0 - Login Bypass Vulnerability",2010-09-22,K-159,php,webapps,0 15084,platforms/php/webapps/15084.txt,"Joomla TimeTrack Component 1.2.4 - Component Multiple SQL Injection Vulnerabilities",2010-09-22,"Salvatore Fresta",php,webapps,0 15085,platforms/php/webapps/15085.txt,"Joomla Component (com_ezautos) SQL Injection Vulnerability",2010-09-22,Gamoscu,php,webapps,0 @@ -13201,7 +13201,7 @@ id,file,description,date,author,platform,type,port 15165,platforms/php/webapps/15165.txt,"zen cart 1.3.9f - Multiple Vulnerabilities",2010-10-01,LiquidWorm,php,webapps,0 15166,platforms/php/webapps/15166.txt,"Zen Cart 1.3.9f (typefilter) - Local File Inclusion Vulnerability",2010-10-01,LiquidWorm,php,webapps,0 15167,platforms/windows/dos/15167.txt,"Microsoft IIS 6.0 ASP Stack Overflow (Stack Exhaustion) Denial of Service (MS10-065)",2010-10-01,kingcope,windows,dos,0 -15168,platforms/windows/remote/15168.rb,"Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (MSF)",2010-10-01,Trancer,windows,remote,0 +15168,platforms/windows/remote/15168.rb,"Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit)",2010-10-01,Trancer,windows,remote,0 15169,platforms/php/webapps/15169.txt,"Evaria Content Management System 1.1 File Disclosure Vulnerability",2010-10-01,"khayeye shotor",php,webapps,0 15174,platforms/php/webapps/15174.txt,"tiki wiki CMS groupware 5.2 - Multiple Vulnerabilities",2010-10-01,"John Leitch",php,webapps,0 15173,platforms/php/webapps/15173.txt,"phpMyShopping 1.0.1505 - Multiple Vulnerabilities",2010-10-01,Metropolis,php,webapps,0 @@ -13492,7 +13492,7 @@ id,file,description,date,author,platform,type,port 15509,platforms/php/webapps/15509.txt,"Build a Niche Store 3.0 - (BANS) Authentication Bypass Vulnerability",2010-11-13,"ThunDEr HeaD",php,webapps,0 15510,platforms/php/webapps/15510.txt,"AWCM 2.1 final - Remote File Inclusion Vulnerability",2010-11-13,LoSt.HaCkEr,php,webapps,0 15512,platforms/php/webapps/15512.py,"DBSite Remote SQL Injection Vulnerability",2010-11-13,God_Of_Pain,php,webapps,0 -15513,platforms/php/webapps/15513.txt,"Wordpress Event Registration Plugin 5.32 - SQL Injection Vulnerability",2010-11-13,k3m4n9i,php,webapps,0 +15513,platforms/php/webapps/15513.txt,"WordPress Event Registration Plugin 5.32 - SQL Injection Vulnerability",2010-11-13,k3m4n9i,php,webapps,0 15514,platforms/windows/dos/15514.txt,"Foxit Reader 4.1.1 - Stack Overflow Vulnerability",2010-11-13,dookie,windows,dos,0 15515,platforms/php/webapps/15515.txt,"Invision Power Board 3 - search_app SQL Injection Vulnerability",2010-11-13,"Lord Tittis3000",php,webapps,0 15516,platforms/php/webapps/15516.txt,"EasyJobPortal Shell Upload Vulnerability",2010-11-13,MeGo,php,webapps,0 @@ -13594,7 +13594,7 @@ id,file,description,date,author,platform,type,port 15655,platforms/windows/remote/15655.html,"J-Integra 2.11 - ActiveX SetIdentity() Buffer Overflow Exploit",2010-12-01,Dr_IDE,windows,remote,0 15656,platforms/php/webapps/15656.txt,"LittlePhpGallery 1.0.2 - Local File Inclusion",2010-12-01,"kire bozorge khavarmian",php,webapps,0 15657,platforms/windows/dos/15657.txt,"FreeTrim MP3 2.2.3 - Denial of Service Vulnerability",2010-12-02,h1ch4m,windows,dos,0 -15658,platforms/windows/remote/15658.rb,"Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (msf)",2010-12-02,bz1p,windows,remote,0 +15658,platforms/windows/remote/15658.rb,"Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)",2010-12-02,bz1p,windows,remote,0 15659,platforms/php/webapps/15659.txt,"Contenido CMS 4.8.12 - XSS Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15660,platforms/php/webapps/15660.txt,"etomite 1.1 - Multiple Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15661,platforms/asp/webapps/15661.txt,"Ananda Real Estate 3.4 (list.asp) Multiple SQL Injection",2010-12-02,underground-stockholm.com,asp,webapps,0 @@ -13608,7 +13608,7 @@ id,file,description,date,author,platform,type,port 15670,platforms/windows/dos/15670.pl,"Free Audio Converter 7.1.5 - Denial of Service Vulnerability PoC",2010-12-04,h1ch4m,windows,dos,0 15671,platforms/windows/dos/15671.pl,"WaveMax Sound Editor 4.5.1 - Denial of Service PoC",2010-12-04,h1ch4m,windows,dos,0 15673,platforms/asp/webapps/15673.txt,"Dejcom Market CMS (showbrand.aspx) SQL Injection",2010-12-04,Mormoroth,asp,webapps,0 -15674,platforms/windows/dos/15674.rb,"TFTPUtil GUI 1.4.5 - DoS (Meta)",2010-12-04,"Vuk Ivanovic",windows,dos,0 +15674,platforms/windows/dos/15674.rb,"TFTPUtil GUI 1.4.5 - DoS (Metasploit)",2010-12-04,"Vuk Ivanovic",windows,dos,0 15675,platforms/hardware/webapps/15675.txt,"Multiple Linksys Router CSRF Vulnerabilities",2010-12-04,"Martin Barbella",hardware,webapps,0 15676,platforms/multiple/dos/15676.txt,"Wireshark LDSS Dissector Buffer Overflow Vulnerability",2010-12-04,"Nephi Johnson",multiple,dos,0 15677,platforms/asp/webapps/15677.txt,"T-Dreams Cars Ads Package 2.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 @@ -13618,7 +13618,7 @@ id,file,description,date,author,platform,type,port 15681,platforms/asp/webapps/15681.txt,"ASPSiteware JobPost 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15682,platforms/asp/webapps/15682.txt,"ASPSiteware ASP Gallery 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15683,platforms/asp/webapps/15683.txt,"ASPSiteware Contact Directory 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 -15684,platforms/php/webapps/15684.txt,"Wordpress do_trackbacks() function - SQL Injection Vulnerability",2010-12-05,M4g,php,webapps,0 +15684,platforms/php/webapps/15684.txt,"WordPress do_trackbacks() function - SQL Injection Vulnerability",2010-12-05,M4g,php,webapps,0 15685,platforms/php/webapps/15685.html,"phpKF Forum 1.80 profil_degistir.php CSRF Exploit",2010-12-05,FreWaL,php,webapps,0 15686,platforms/asp/webapps/15686.txt,"Gatesoft Docusafe 4.1.0 - SQL Injection Vulnerability",2010-12-05,R4dc0re,asp,webapps,0 15687,platforms/asp/webapps/15687.txt,"Ecommercemax Solutions Digital Goods Seller SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 @@ -13646,7 +13646,7 @@ id,file,description,date,author,platform,type,port 15745,platforms/linux/local/15745.txt,"IBM Tivoli Storage Manager (TSM) Local Root",2010-12-15,"Kryptos Logic",linux,local,0 15710,platforms/multiple/webapps/15710.txt,"Apache Archiva 1.0 - 1.3.1 - CSRF Vulnerability",2010-12-09,"Anatolia Security",multiple,webapps,0 15711,platforms/php/webapps/15711.pl,"Abtp Portal Project 0.1.0 - LFI Exploit",2010-12-09,Br0ly,php,webapps,0 -15712,platforms/arm/shellcode/15712.rb,"Create a New User with UID 0 - ARM (Meta)",2010-12-09,"Jonathan Salwan",arm,shellcode,0 +15712,platforms/arm/shellcode/15712.rb,"Create a New User with UID 0 - ARM (Metasploit)",2010-12-09,"Jonathan Salwan",arm,shellcode,0 15717,platforms/multiple/remote/15717.txt,"VMware Tools update OS Command Injection",2010-12-09,"Nahuel Grisolia",multiple,remote,0 15714,platforms/php/webapps/15714.txt,"Joomla JE Auto Component 1.0 - SQL Injection Vulnerability",2010-12-09,"Salvatore Fresta",php,webapps,0 15715,platforms/php/webapps/15715.txt,"CMScout 2.09 - CSRF Vulnerability",2010-12-09,"High-Tech Bridge SA",php,webapps,0 @@ -13958,7 +13958,7 @@ id,file,description,date,author,platform,type,port 16120,platforms/windows/dos/16120.py,"Hanso Player 1.4.0.0 - Buffer Overflow - DoS Skinfile",2011-02-06,badc0re,windows,dos,0 16121,platforms/windows/dos/16121.py,"Hanso Converter 1.1.0 - BufferOverflow Denial of Service",2011-02-06,badc0re,windows,dos,0 16122,platforms/php/webapps/16122.txt,"Dew-NewPHPLinks 2.1b (index.php) - SQL Injection Vulnerability",2011-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 -16221,platforms/php/webapps/16221.txt,"Comment Rating 2.9.23 Wordpress Plugin - Multiple Vulnerabilities",2011-02-23,"High-Tech Bridge SA",php,webapps,0 +16221,platforms/php/webapps/16221.txt,"Comment Rating 2.9.23 WordPress Plugin - Multiple Vulnerabilities",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16127,platforms/php/webapps/16127.txt,"T-Content Managment System Multiple Vulnerabilities",2011-02-07,"Daniel Godoy",php,webapps,0 16128,platforms/php/webapps/16128.txt,"jakcms 2.0 pro rc5 - Stored XSS via useragent http header injection",2011-02-07,"Saif El-Sherei",php,webapps,0 16129,platforms/linux/dos/16129.txt,"ProFTPD mod_sftp - Integer Overflow DoS PoC",2011-02-07,kingcope,linux,dos,0 @@ -14034,7 +14034,7 @@ id,file,description,date,author,platform,type,port 16222,platforms/php/webapps/16222.txt,"course registration management system 2.1 - Multiple Vulnerabilities",2011-02-23,"AutoSec Tools",php,webapps,0 16223,platforms/php/webapps/16223.txt,"VidiScript SQL Injection Vulnerability",2011-02-23,ThEtA.Nu,php,webapps,0 16220,platforms/php/webapps/16220.py,"ProQuiz 2.0.0b Arbitrary Upload Vulnerability",2011-02-23,"AutoSec Tools",php,webapps,0 -16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 Wordpress Plugin - SQL Injection Vulnerability",2011-02-23,"High-Tech Bridge SA",php,webapps,0 +16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 WordPress Plugin - SQL Injection Vulnerability",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16213,platforms/php/webapps/16213.txt,"Hyena Cart (index.php) SQL Injection Vulnerability",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16214,platforms/php/webapps/16214.txt,"tplSoccerStats (player.php) SQL Injection Vulnerability",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16217,platforms/php/webapps/16217.txt,"bitweaver 2.8.1 Persistent XSS Vulnerability",2011-02-23,lemlajt,php,webapps,0 @@ -14043,11 +14043,11 @@ id,file,description,date,author,platform,type,port 16229,platforms/ios/remote/16229.txt,"iOS myDBLite 1.1.10 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 16230,platforms/windows/dos/16230.py,"Victory FTP Server 5.0 - Denial of Service Exploit",2011-02-24,"C4SS!0 G0M3S",windows,dos,0 16231,platforms/ios/remote/16231.txt,"iOS Share 1.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 -16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 Wordpress Plugin - Stored XSS Vulnerability",2011-02-24,"Saif El-Sherei",php,webapps,0 -16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 Wordpress Plugin - Stored XSS Vulnerability",2011-02-24,"Saif El-Sherei",php,webapps,0 +16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 WordPress Plugin - Stored XSS Vulnerability",2011-02-24,"Saif El-Sherei",php,webapps,0 +16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 WordPress Plugin - Stored XSS Vulnerability",2011-02-24,"Saif El-Sherei",php,webapps,0 16234,platforms/netware/dos/16234.rb,"Novell Netware RPC XNFS xdrDecodeString Vulnerability",2011-02-24,"Francis Provencher",netware,dos,0 -16235,platforms/php/webapps/16235.txt,"Wordpress Plugin Forum Server 1.6.5 - SQL Injection Vulnerability",2011-02-24,"High-Tech Bridge SA",php,webapps,0 -16236,platforms/php/webapps/16236.txt,"IWantOneButton 3.0.1 Wordpress Plugin - Multiple Vulnerabilities",2011-02-24,"High-Tech Bridge SA",php,webapps,0 +16235,platforms/php/webapps/16235.txt,"WordPress Plugin Forum Server 1.6.5 - SQL Injection Vulnerability",2011-02-24,"High-Tech Bridge SA",php,webapps,0 +16236,platforms/php/webapps/16236.txt,"IWantOneButton 3.0.1 WordPress Plugin - Multiple Vulnerabilities",2011-02-24,"High-Tech Bridge SA",php,webapps,0 16237,platforms/windows/dos/16237.py,"Elecard MPEG Player 5.7 - Local Buffer Overflow PoC (SEH)",2011-02-24,badc0re,windows,dos,0 16238,platforms/hardware/remote/16238.txt,"iphone ishred 1.93 - Directory Traversal",2011-02-24,"Khashayar Fereidani",hardware,remote,0 16239,platforms/hardware/remote/16239.txt,"iPhone Guitar Directory Traversal",2011-02-24,"Khashayar Fereidani",hardware,remote,0 @@ -14061,8 +14061,8 @@ id,file,description,date,author,platform,type,port 16247,platforms/php/webapps/16247.txt,"Pragyan CMS 3.0 - Multiple Vulnerabilities",2011-02-25,"Villy and Abhishek Lyall",php,webapps,0 16248,platforms/windows/dos/16248.pl,"eXPert PDF Reader 4.0 NULL Pointer Dereference and Heap Corruption",2011-02-26,LiquidWorm,windows,dos,0 16249,platforms/php/webapps/16249.txt,"phreebooks r30rc4 - Multiple Vulnerabilities",2011-02-26,"AutoSec Tools",php,webapps,0 -16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 Wordpress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 -16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 Wordpress Plugin - LFI Vulnerability",2011-02-26,"AutoSec Tools",php,webapps,0 +16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 WordPress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 +16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 WordPress Plugin - LFI Vulnerability",2011-02-26,"AutoSec Tools",php,webapps,0 16252,platforms/hardware/webapps/16252.html,"Linksys Cisco WAG120N CSRF Vulnerability",2011-02-26,"Khashayar Fereidani",hardware,webapps,0 16255,platforms/windows/dos/16255.pl,"Magic Music Editor - (.cda) Denial of Service",2011-02-28,"AtT4CKxT3rR0r1ST ",windows,dos,0 16256,platforms/php/webapps/16256.txt,"DO-CMS - Multiple SQL Injection Vulnerabilities",2011-02-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -14078,7 +14078,7 @@ id,file,description,date,author,platform,type,port 16268,platforms/php/webapps/16268.pl,"cChatBox for vBulletin 3.6.8 and 3.7.x SQL Injection Vulnerability",2011-03-02,DSecurity,php,webapps,0 16270,platforms/linux/dos/16270.c,"vsftpd 2.3.2 - Denial of Service Vulnerability",2011-03-02,"Maksymilian Arciemowicz",linux,dos,0 16271,platforms/ios/remote/16271.txt,"iOS TIOD 1.3.3 - Directory Traversal",2011-03-03,"R3d@l3rt, H@ckk3y",ios,remote,0 -16273,platforms/php/webapps/16273.php,"PHP Speedy <= 0.5.2 Wordpress Plugin - (admin_container.php) Remote Code Execution Exploit",2011-03-04,mr_me,php,webapps,0 +16273,platforms/php/webapps/16273.php,"PHP Speedy <= 0.5.2 WordPress Plugin - (admin_container.php) Remote Code Execution Exploit",2011-03-04,mr_me,php,webapps,0 16274,platforms/jsp/webapps/16274.pl,"JBoss Application Server Remote Exploit",2011-03-04,kingcope,jsp,webapps,0 16275,platforms/hardware/remote/16275.txt,"Comtrend ADSL Router CT-5367 C01_R12 - Remote Root",2011-03-04,"Todor Donev",hardware,remote,0 16276,platforms/php/webapps/16276.txt,"ADAN Neuronlabs (view.php) SQL Injection Vulnerability",2011-03-04,IRAQ_JAGUAR,php,webapps,0 @@ -14746,7 +14746,7 @@ id,file,description,date,author,platform,type,port 16943,platforms/windows/dos/16943.pl,"Movavi VideoSuite 8.0 SlideShow jpg Local Crash PoC",2011-03-08,KedAns-Dz,windows,dos,0 16944,platforms/windows/dos/16944.pl,"Movavi VideoSuite 8.0 Movie Editor avi Local Crash PoC",2011-03-08,KedAns-Dz,windows,dos,0 16945,platforms/hardware/dos/16945.pl,"Nokia N97 m3u Playlist Crash PoC",2011-03-08,KedAns-Dz,hardware,dos,0 -16947,platforms/php/webapps/16947.txt,"GRAND Flash Album Gallery 0.55 Wordpress Plugin - Multiple Vulnerabilities",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +16947,platforms/php/webapps/16947.txt,"GRAND Flash Album Gallery 0.55 WordPress Plugin - Multiple Vulnerabilities",2011-03-08,"High-Tech Bridge SA",php,webapps,0 16948,platforms/php/webapps/16948.txt,"Esselbach Storyteller CMS System 1.8 - SQL Injection Vulnerability",2011-03-09,Shamus,php,webapps,0 16949,platforms/php/webapps/16949.php,"maian weblog <= 4.0 - Remote Blind SQL Injection",2011-03-09,mr_me,php,webapps,0 16950,platforms/php/webapps/16950.txt,"recordpress 0.3.1 - Multiple Vulnerabilities",2011-03-09,"Khashayar Fereidani",php,webapps,0 @@ -14845,7 +14845,7 @@ id,file,description,date,author,platform,type,port 17053,platforms/windows/remote/17053.txt,"wodWebServer.NET 1.3.3 - Directory Traversal",2011-03-27,"AutoSec Tools",windows,remote,0 17054,platforms/php/webapps/17054.txt,"webedition CMS 6.1.0.2 - Multiple Vulnerabilities",2011-03-27,"AutoSec Tools",php,webapps,0 17055,platforms/php/webapps/17055.txt,"Honey Soft Web Solution Multiple Vulnerabilities",2011-03-28,**RoAd_KiLlEr**,php,webapps,0 -17056,platforms/php/webapps/17056.txt,"Wordpress plugin BackWPup - Remote and Local Code Execution Vulnerability",2011-03-28,"Sense of Security",php,webapps,0 +17056,platforms/php/webapps/17056.txt,"WordPress plugin BackWPup - Remote and Local Code Execution Vulnerability",2011-03-28,"Sense of Security",php,webapps,0 17057,platforms/php/webapps/17057.txt,"webEdition CMS Local File Inclusion Vulnerability",2011-03-28,eidelweiss,php,webapps,0 17058,platforms/linux/remote/17058.rb,"Distributed Ruby Send instance_eval/syscall Code Execution",2011-03-27,metasploit,linux,remote,0 17061,platforms/php/webapps/17061.txt,"Andy's PHP Knowledgebase Project 0.95.4 - SQL Injection",2011-03-29,"AutoSec Tools",php,webapps,0 @@ -14902,7 +14902,7 @@ id,file,description,date,author,platform,type,port 17116,platforms/hardware/webapps/17116.txt,"Longshine Multiple Print Servers Cross-Site Scripting Vulnerability",2011-04-04,b0telh0,hardware,webapps,0 17117,platforms/hardware/webapps/17117.txt,"Planet FPS-1101 - Cross-Site Scripting Vulnerability",2011-04-04,b0telh0,hardware,webapps,0 17118,platforms/php/webapps/17118.txt,"OpenEMR 4.0.0 - Multiple Vulnerabilities",2011-04-05,"AutoSec Tools",php,webapps,0 -17119,platforms/php/webapps/17119.txt,"Wordpress Plugin Custom Pages 0.5.0.1 - LFI Vulnerability",2011-04-05,"AutoSec Tools",php,webapps,0 +17119,platforms/php/webapps/17119.txt,"WordPress Plugin Custom Pages 0.5.0.1 - LFI Vulnerability",2011-04-05,"AutoSec Tools",php,webapps,0 17120,platforms/multiple/dos/17120.c,"GNU glibc < 2.12.2 - 'fnmatch()' Function Stack Corruption Vulnerability",2011-02-25,"Simon Berry-Byrne",multiple,dos,0 17181,platforms/linux/remote/17181.pl,"FiSH-irssi 0.99 - Evil ircd Buffer Overflow",2011-04-17,"Caleb James DeLisle",linux,remote,0 17124,platforms/windows/local/17124.pl,"MPlayer (r33064 Lite) Buffer Overflow + ROP Exploit",2011-04-06,Nate_M,windows,local,0 @@ -14954,7 +14954,7 @@ id,file,description,date,author,platform,type,port 17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger <= 2.8.33 Post-authentication Local File Include/Edit Vulnerability",2011-04-15,bitform,multiple,webapps,0 17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability",2011-04-16,metasploit,windows,remote,0 17176,platforms/asp/webapps/17176.txt,"SoftXMLCMS Shell Upload Vulnerability",2011-04-16,Alexander,asp,webapps,0 -17177,platforms/windows/local/17177.rb,"Microsoft Word 2003 - Record Parsing Buffer Overflow (meta) (MS09-027)",2011-04-16,"Andrew King",windows,local,0 +17177,platforms/windows/local/17177.rb,"Microsoft Word 2003 - Record Parsing Buffer Overflow (Metasploit) (MS09-027)",2011-04-16,"Andrew King",windows,local,0 17183,platforms/php/webapps/17183.txt,"osPHPSite SQL Injection Vulnerability",2011-04-17,"vir0e5 ",php,webapps,0 17188,platforms/windows/dos/17188.txt,"IBM Tivoli Directory Server SASL Bind Request Remote Code Execution",2011-04-19,"Francis Provencher",windows,dos,0 17187,platforms/windows/remote/17187.txt,"Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP+ASLR bypass)",2011-04-19,Abysssec,windows,remote,0 @@ -15044,7 +15044,7 @@ id,file,description,date,author,platform,type,port 17296,platforms/php/webapps/17296.txt,"NoticeBoardPro 1.0 - Multiple Vulnerabilities",2011-05-16,"AutoSec Tools",php,webapps,0 17297,platforms/php/webapps/17297.txt,"Jcow 4.2.1 - LFI Vulnerability",2011-05-16,"AutoSec Tools",php,webapps,0 17298,platforms/netware/dos/17298.txt,"Novell Netware eDirectory - DoS Vulnerability",2011-05-16,nSense,netware,dos,0 -17299,platforms/php/webapps/17299.txt,"Wordpress Plugin Is-human <= 1.4.2 - Remote Command Execution Vulnerability",2011-05-17,neworder,php,webapps,0 +17299,platforms/php/webapps/17299.txt,"WordPress Plugin Is-human <= 1.4.2 - Remote Command Execution Vulnerability",2011-05-17,neworder,php,webapps,0 17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS <= 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow",2011-05-16,metasploit,windows,remote,0 17302,platforms/windows/local/17302.py,"Sonique 1.96 - (.m3u) Buffer Overflow",2011-05-17,sinfulsecurity,windows,local,0 17301,platforms/php/webapps/17301.txt,"Pligg 1.1.4 - SQL Injection Vulnerability",2011-05-17,Null-0x00,php,webapps,0 @@ -15170,7 +15170,7 @@ id,file,description,date,author,platform,type,port 17448,platforms/windows/remote/17448.rb,"Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)",2011-06-23,metasploit,windows,remote,0 17451,platforms/windows/local/17451.rb,"Microsoft Office Visio VISIODWG.DLL DXF File Handling Vulnerability",2011-06-26,metasploit,windows,local,0 17452,platforms/php/webapps/17452.txt,"JoomlaXi Persistent XSS Vulnerability",2011-06-26,"Karthik R",php,webapps,0 -17453,platforms/php/webapps/17453.txt,"Wordpress Beer Recipes Plugin 1.0 - XSS",2011-06-26,TheUzuki.',php,webapps,0 +17453,platforms/php/webapps/17453.txt,"WordPress Beer Recipes Plugin 1.0 - XSS",2011-06-26,TheUzuki.',php,webapps,0 17457,platforms/php/webapps/17457.txt,"rgboard 4.2.1 - SQL Injection Vulnerability",2011-06-28,hamt0ry,php,webapps,0 17458,platforms/windows/dos/17458.txt,"HP Data Protector 6.20 - Multiple Vulnerabilities",2011-06-29,"Core Security",windows,dos,0 17459,platforms/windows/local/17459.txt,"Valve Steam Client Application 1559/1559 - Local Privilege Escalation",2011-06-29,LiquidWorm,windows,local,0 @@ -15201,17 +15201,17 @@ id,file,description,date,author,platform,type,port 17486,platforms/multiple/local/17486.php,"PHP 5.3.6 - Buffer Overflow PoC (ROP)",2011-07-04,"Jonathan Salwan",multiple,local,0 17487,platforms/php/webapps/17487.php,"WeBid <= 1.0.2 (converter.php) Remote Code Execution Exploit",2011-07-04,EgiX,php,webapps,0 17488,platforms/windows/local/17488.txt,"Adobe Reader 5.1 - XFDF Buffer Overflow Vulnerability (SEH)",2011-07-04,extraexploit,windows,local,0 -17489,platforms/windows/local/17489.rb,"Word List Builder 1.0 - Buffer Overflow Exploit (MSF)",2011-07-04,"James Fitts",windows,local,0 +17489,platforms/windows/local/17489.rb,"Word List Builder 1.0 - Buffer Overflow Exploit (Metasploit)",2011-07-04,"James Fitts",windows,local,0 17490,platforms/windows/remote/17490.rb,"HP OmniInet.exe Opcode 20 - Buffer Overflow",2011-07-04,metasploit,windows,remote,0 -17492,platforms/windows/local/17492.rb,"Wordtrainer 3.0 - (.ord) Buffer Overflow Vulnerability (MSF)",2011-07-05,"James Fitts",windows,local,0 +17492,platforms/windows/local/17492.rb,"Wordtrainer 3.0 - (.ord) Buffer Overflow Vulnerability (Metasploit)",2011-07-05,"James Fitts",windows,local,0 17491,platforms/unix/remote/17491.rb,"VSFTPD 2.3.4 - Backdoor Command Execution",2011-07-05,metasploit,unix,remote,0 17493,platforms/asp/webapps/17493.txt,"DmxReady Secure Document Library 1.2 - SQL Injection Vulnerability",2011-07-05,Bellatrix,asp,webapps,0 17509,platforms/windows/dos/17509.pl,"ZipWiz 2005 5.0 - (.zip) Buffer Corruption Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 17495,platforms/php/webapps/17495.txt,"BbZL.PhP File Inclusion Exploit",2011-07-06,"Number 7",php,webapps,0 17496,platforms/php/webapps/17496.txt,"Joomla 1.6.3 - CSRF Exploit",2011-07-06,"Luis Santana",php,webapps,0 17497,platforms/windows/dos/17497.txt,"ESTsoft ALPlayer 2.0 - ASX Playlist File Handling Buffer Overflow Vulnerability",2011-07-06,LiquidWorm,windows,dos,0 -17498,platforms/windows/remote/17498.rb,"Freefloat FTP Server Buffer Overflow Vulnerability (MSF)",2011-07-07,"James Fitts",windows,remote,0 -17499,platforms/windows/local/17499.rb,"CoolPlayer Portable 2.19.2 - Buffer Overflow (MSF)",2011-07-07,"James Fitts",windows,local,0 +17498,platforms/windows/remote/17498.rb,"Freefloat FTP Server Buffer Overflow Vulnerability (Metasploit)",2011-07-07,"James Fitts",windows,remote,0 +17499,platforms/windows/local/17499.rb,"CoolPlayer Portable 2.19.2 - Buffer Overflow (Metasploit)",2011-07-07,"James Fitts",windows,local,0 17500,platforms/php/webapps/17500.txt,"LuxCal Web Calendar 2.4.2 & 2.5.0 - SQL Injection Vulnerability",2011-07-07,kaMtiEz,php,webapps,0 17501,platforms/hardware/dos/17501.py,"Dlink DSL-2650U DoS/PoC",2011-07-07,"Li'el Fridman",hardware,dos,0 17502,platforms/windows/local/17502.rb,"MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflow",2011-07-07,metasploit,windows,local,0 @@ -15243,14 +15243,14 @@ id,file,description,date,author,platform,type,port 17536,platforms/windows/remote/17536.rb,"HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow",2011-07-16,metasploit,windows,remote,0 17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow",2011-07-16,metasploit,windows,remote,0 17539,platforms/windows/remote/17539.rb,"FreeFloat FTP Server 1.00 - MKD Buffer Overflow Exploit",2011-07-17,"C4SS!0 G0M3S",windows,remote,0 -17540,platforms/windows/remote/17540.rb,"Freefloat FTP Server MKD Buffer Overflow (MSF)",2011-07-18,"James Fitts",windows,remote,0 +17540,platforms/windows/remote/17540.rb,"Freefloat FTP Server MKD Buffer Overflow (Metasploit)",2011-07-18,"James Fitts",windows,remote,0 17543,platforms/windows/remote/17543.rb,"Iconics GENESIS32 9.21.201.01 - Integer Overflow",2011-07-17,metasploit,windows,remote,0 17544,platforms/windows/dos/17544.txt,"GDI+ - CreateDashedPath Integer Overflow in gdiplus.dll",2011-07-18,Abysssec,windows,dos,0 17545,platforms/win32/shellcode/17545.txt,"win32/PerfectXp-pc1/sp3 (Tr) Add Admin Shellcode 112 bytes",2011-07-18,KaHPeSeSe,win32,shellcode,0 17546,platforms/windows/remote/17546.py,"FreeFloat FTP Server 1.0 - REST & PASV Buffer Overflow Exploit",2011-07-18,"C4SS!0 G0M3S",windows,remote,0 17553,platforms/php/webapps/17553.txt,"Appointment Booking Pro Joomla Component LFI Vulnerability",2011-07-20,"Don Tukulesto",php,webapps,0 17554,platforms/php/webapps/17554.txt,"Mevin Basic PHP Events Lister 2.03 - CSRF Vulnerabilities",2011-07-21,Crazy_Hacker,php,webapps,0 -17548,platforms/windows/remote/17548.rb,"FreeFloat FTP Server REST Buffer Overflow (MSF)",2011-07-19,KaHPeSeSe,windows,remote,0 +17548,platforms/windows/remote/17548.rb,"FreeFloat FTP Server REST Buffer Overflow (Metasploit)",2011-07-19,KaHPeSeSe,windows,remote,0 17549,platforms/multiple/dos/17549.txt,"Lotus Domino SMTP Router & Email Server and Client - DoS",2011-07-19,Unknown,multiple,dos,0 17550,platforms/windows/remote/17550.py,"FreeFloat FTP Server 1.0 - ACCL Buffer Overflow Exploit",2011-07-19,mortis,windows,remote,0 17551,platforms/jsp/webapps/17551.txt,"Oracle Sun GlassFish Enterprise Server - Stored XSS Vulnerability",2011-07-20,"Sense of Security",jsp,webapps,0 @@ -15274,7 +15274,7 @@ id,file,description,date,author,platform,type,port 17575,platforms/windows/remote/17575.txt,"Safari 5.0.5 - SVG Remote Code Execution Exploit (DEP Bypass)",2011-07-26,Abysssec,windows,remote,0 17577,platforms/cgi/webapps/17577.txt,"SWAT Samba Web Administration Tool Cross-Site Request Forgery PoC",2011-07-27,"Narendra Shinde",cgi,webapps,0 17578,platforms/windows/remote/17578.txt,"MinaliC Webserver 2.0 - Remote Source Disclosure",2011-07-27,X-h4ck,windows,remote,0 -17579,platforms/php/webapps/17579.rb,"Joomla 1.5 com_virtuemart <= 1.1.7 - Blind time-based SQL Injection (MSF)",2011-07-28,TecR0c,php,webapps,0 +17579,platforms/php/webapps/17579.rb,"Joomla 1.5 com_virtuemart <= 1.1.7 - Blind time-based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0 17580,platforms/windows/dos/17580.py,"MyWebServer 1.0.3 - Denial of Service",2011-07-28,X-h4ck,windows,dos,0 17581,platforms/windows/remote/17581.txt,"MyWebServer 1.0.3 - Arbitrary File Download",2011-07-28,X-h4ck,windows,remote,0 17582,platforms/windows/dos/17582.txt,"Citrix XenApp / XenDesktop - Stack-Based Buffer Overflow",2011-07-28,"n.runs AG",windows,dos,0 @@ -15282,7 +15282,7 @@ id,file,description,date,author,platform,type,port 17584,platforms/php/webapps/17584.php,"cFTP <= 0.1 (r80) Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0 17586,platforms/jsp/webapps/17586.txt,"ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple XSS Vulnerabilities",2011-07-29,"Narendra Shinde",jsp,webapps,0 17587,platforms/php/webapps/17587.txt,"Link Station Pro Multiple Vulnerabilities",2011-07-30,"$#4d0\/\/[r007k17]",php,webapps,0 -17588,platforms/windows/remote/17588.rb,"Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (MSF) (0day)",2011-07-31,mr_me,windows,remote,0 +17588,platforms/windows/remote/17588.rb,"Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (Metasploit) (0day)",2011-07-31,mr_me,windows,remote,0 17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0 17591,platforms/php/webapps/17591.txt,"Joomla Component (com_obSuggest) Local File Inclusion Vulnerability",2011-07-31,v3n0m,php,webapps,0 17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 - CSRF Vulnerability",2011-08-01,Xadpritox,php,webapps,0 @@ -15294,14 +15294,14 @@ id,file,description,date,author,platform,type,port 17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server DoS",2011-08-03,"Craig Freyman",windows,dos,0 17602,platforms/php/webapps/17602.txt,"WordPress TimThumb Plugin 1.32 - Remote Code Execution",2011-08-03,MaXe,php,webapps,0 17603,platforms/php/webapps/17603.txt,"Joomla Component (com_jdirectory) SQL Injection Vulnerability",2011-08-03,"Caddy Dz",php,webapps,0 -17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 -17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 +17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 +17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17606,platforms/multiple/webapps/17606.txt,"DZYGroup CMS Portal Multiple SQL Injection Vulnerabilities",2011-08-04,Netrondoank,multiple,webapps,0 -17607,platforms/windows/local/17607.rb,"FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 +17607,platforms/windows/local/17607.rb,"FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17610,platforms/multiple/dos/17610.py,"OpenSLP 1.2.1 & < 1647 trunk - Denial of Service Exploit",2011-08-05,"Nicolas Gregoire",multiple,dos,0 17611,platforms/linux/local/17611.pl,"Unrar 3.9.3 - Local Stack Overflow Exploit",2011-08-05,ZadYree,linux,local,0 17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 OBJECT mChannel Remote Code Execution Exploit (DEP bypass)",2011-08-05,Rh0,windows,remote,0 -17613,platforms/php/webapps/17613.php,"Wordpress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit",2011-08-05,IHTeam,php,webapps,0 +17613,platforms/php/webapps/17613.php,"WordPress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit",2011-08-05,IHTeam,php,webapps,0 17614,platforms/hp-ux/remote/17614.sh,"HP Data Protector Remote Shell for HP-UX",2011-08-05,"Adrian Puente Z.",hp-ux,remote,0 17615,platforms/jsp/webapps/17615.rb,"Sun/Oracle GlassFish Server Authenticated Code Execution",2011-08-05,metasploit,jsp,webapps,0 17616,platforms/php/webapps/17616.txt,"WordPress ProPlayer plugin <= 4.7.7 - SQL Injection Vulnerability",2011-08-05,"Miroslav Stampar",php,webapps,0 @@ -15354,19 +15354,19 @@ id,file,description,date,author,platform,type,port 17676,platforms/windows/dos/17676.py,"Notepad++ NppFTP plugin LIST command Remote Heap Overflow PoC",2011-08-17,0in,windows,dos,0 17677,platforms/php/webapps/17677.txt,"WordPress File Groups plugin <= 1.1.2 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 17678,platforms/php/webapps/17678.txt,"WordPress Contus HD FLV Player plugin <= 1.3 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 -17679,platforms/php/webapps/17679.txt,"Wordpress Plugin Symposium <= 0.64 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 +17679,platforms/php/webapps/17679.txt,"WordPress Plugin Symposium <= 0.64 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 17680,platforms/php/webapps/17680.txt,"WordPress Easy Contact Form Lite Plugin <= 1.0.7 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 17681,platforms/php/webapps/17681.txt,"WordPress OdiHost Newsletter plugin <= 1.0 - SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 17682,platforms/php/webapps/17682.php,"Contrexx Shopsystem <= 2.2 SP3 (catId) - Blind SQL Injection",2011-08-17,Penguin,php,webapps,0 -17683,platforms/php/webapps/17683.txt,"Wordpress Plugin DS FAQ <= 1.3.2 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 -17684,platforms/php/webapps/17684.txt,"Wordpress Plugin Forum <= 1.7.8 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 +17683,platforms/php/webapps/17683.txt,"WordPress Plugin DS FAQ <= 1.3.2 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 +17684,platforms/php/webapps/17684.txt,"WordPress Plugin Forum <= 1.7.8 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17685,platforms/php/webapps/17685.txt,"Elgg <= 1.7.10 - Multiple Vulnerabilities",2011-08-18,"Aung Khant",php,webapps,0 17686,platforms/php/webapps/17686.txt,"WordPress Ajax Gallery plugin <= 3.0 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17687,platforms/php/webapps/17687.txt,"WordPress Global Content Blocks plugin <= 1.2 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17688,platforms/php/webapps/17688.txt,"WordPress Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17689,platforms/php/webapps/17689.txt,"WordPress Menu Creator plugin <= 1.1.7 - SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17691,platforms/multiple/remote/17691.rb,"Apache Struts < 2.2.0 - Remote Command Execution",2011-08-19,metasploit,multiple,remote,0 -17692,platforms/windows/remote/17692.rb,"Solarftp 2.1.2 - PASV Buffer Overflow Exploit (MSF)",2011-08-19,Qnix,windows,remote,0 +17692,platforms/windows/remote/17692.rb,"Solarftp 2.1.2 - PASV Buffer Overflow Exploit (Metasploit)",2011-08-19,Qnix,windows,remote,0 17695,platforms/php/webapps/17695.txt,"phpMyRealty <= 1.0.7 - SQL Injection Vulnerability",2011-08-19,H4T$A,php,webapps,0 17694,platforms/php/webapps/17694.txt,"network tracker .95 - Stored XSS",2011-08-19,G13,php,webapps,0 17696,platforms/multiple/dos/17696.pl,"Apache httpd Remote Denial of Service (memory exhaustion)",2011-08-19,kingcope,multiple,dos,0 @@ -15423,15 +15423,15 @@ id,file,description,date,author,platform,type,port 17753,platforms/php/webapps/17753.txt,"FileBox - File Hosting & Sharing Script 1.5 - SQL Injection Vulnerability",2011-08-30,SubhashDasyam,php,webapps,0 17754,platforms/windows/local/17754.c,"DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP+ASLR Bypass)",2011-08-30,sickness,windows,local,0 17755,platforms/php/webapps/17755.txt,"WordPress Crawl Rate Tracker plugin <= 2.0.2 - SQL Injection Vulnerability",2011-08-30,"Miroslav Stampar",php,webapps,0 -17756,platforms/php/webapps/17756.txt,"Wordpress Plugin audio gallery playlist <= 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17756,platforms/php/webapps/17756.txt,"WordPress Plugin audio gallery playlist <= 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 17757,platforms/php/webapps/17757.txt,"WordPress yolink Search plugin <= 1.1.4 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 17758,platforms/php/webapps/17758.txt,"WordPress PureHTML plugin <= 1.0.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 17759,platforms/php/webapps/17759.txt,"WordPress Couponer plugin <= 1.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17760,platforms/php/webapps/17760.txt,"Wordpress grapefile plugin <= 1.1 - Arbitrary File Upload",2011-08-31,"Hrvoje Spoljar",php,webapps,0 +17760,platforms/php/webapps/17760.txt,"WordPress grapefile plugin <= 1.1 - Arbitrary File Upload",2011-08-31,"Hrvoje Spoljar",php,webapps,0 17761,platforms/php/webapps/17761.txt,"WordPress Plugin image gallery with slideshow <= 1.5 - Multiple Vulnerabilities",2011-08-31,"Hrvoje Spoljar",php,webapps,0 17762,platforms/windows/remote/17762.rb,"Citrix Gateway - ActiveX Control Stack Based Buffer Overflow Vulnerability",2011-08-31,metasploit,windows,remote,0 17763,platforms/php/webapps/17763.txt,"WordPress Donation plugin <= 1.0 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 -17764,platforms/php/webapps/17764.txt,"Wordpress Plugin Bannerize <= 2.8.6 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 +17764,platforms/php/webapps/17764.txt,"WordPress Plugin Bannerize <= 2.8.6 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 17766,platforms/windows/webapps/17766.txt,"NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities",2011-09-01,"Narendra Shinde",windows,webapps,0 17767,platforms/php/webapps/17767.txt,"WordPress SearchAutocomplete plugin <= 1.0.8 - SQL Injection Vulnerability",2011-09-01,"Miroslav Stampar",php,webapps,0 17770,platforms/windows/local/17770.rb,"DVD X Player 5.5 - (.plf) PlayList Buffer Overflow",2011-09-01,metasploit,windows,local,0 @@ -15462,7 +15462,7 @@ id,file,description,date,author,platform,type,port 17797,platforms/php/webapps/17797.txt,"WordPress Paid Downloads plugin <= 2.01 - SQL Injection Vulnerability",2011-09-08,"Miroslav Stampar",php,webapps,0 17798,platforms/php/webapps/17798.txt,"WordPress Community Events plugin <= 1.2.1 - SQL Injection Vulnerability",2011-09-08,"Miroslav Stampar",php,webapps,0 17800,platforms/php/webapps/17800.txt,"AM4SS 1.2 - CSRF add admin Vulnerability",2011-09-08,"red virus",php,webapps,0 -17801,platforms/php/webapps/17801.rb,"Wordpress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (MSF)",2011-09-08,"Ben Schmidt",php,webapps,0 +17801,platforms/php/webapps/17801.rb,"WordPress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (Metasploit)",2011-09-08,"Ben Schmidt",php,webapps,0 17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro (SEH DEP + ASLR Bypass) Exploit",2011-09-08,Rew,windows,local,0 21788,platforms/windows/dos/21788.pl,"FastStone Image Viewer 4.6 - ReadAVonIP Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 21787,platforms/php/webapps/21787.rb,"MyAuth3 - Blind SQL Injection",2012-10-07,"Marcio Almeida",php,webapps,0 @@ -15470,10 +15470,10 @@ id,file,description,date,author,platform,type,port 17807,platforms/php/webapps/17807.txt,"OpenCart 1.5.1.2 - Blind SQL Vulnerability",2011-09-08,"RiRes Walid",php,webapps,0 17808,platforms/php/webapps/17808.txt,"WordPress WP-Filebase Download Manager plugin <= 0.2.9 - SQL Injection Vulnerability",2011-09-09,"Miroslav Stampar",php,webapps,0 17809,platforms/php/webapps/17809.txt,"WordPress A to Z Category Listing plugin <= 1.3 - SQL Injection Vulnerability",2011-09-09,"Miroslav Stampar",php,webapps,0 -17810,platforms/windows/remote/17810.rb,"BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (MSF)",2011-09-09,"SecPod Research",windows,remote,0 +17810,platforms/windows/remote/17810.rb,"BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (Metasploit)",2011-09-09,"SecPod Research",windows,remote,0 17811,platforms/php/webapps/17811.txt,"MYRE Real Estate Software Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 17813,platforms/php/webapps/17813.txt,"Xataface WebAuction and Xataface Librarian DB - Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 -17814,platforms/php/webapps/17814.txt,"Wordpress Event Registration plugin <= 5.44 - SQL Injection Vulnerability",2011-09-09,serk,php,webapps,0 +17814,platforms/php/webapps/17814.txt,"WordPress Event Registration plugin <= 5.44 - SQL Injection Vulnerability",2011-09-09,serk,php,webapps,0 17815,platforms/windows/dos/17815.py,"MelOn Player 1.0.11.x - Denial of Service PoC",2011-09-09,modpr0be,windows,dos,0 17816,platforms/php/webapps/17816.txt,"WordPress Tune Library plugin <= 2.17 - SQL Injection Vulnerability",2011-09-10,"Miroslav Stampar",php,webapps,0 17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone (.zip) Buffer Overflow Exploit (0day)",2011-09-12,mr_me,windows,local,0 @@ -15488,10 +15488,10 @@ id,file,description,date,author,platform,type,port 21785,platforms/windows/dos/21785.pl,"HCView WriteAV Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI <= 1.13 - Coreservice.exe Stack Buffer Overflow",2011-09-12,metasploit,windows,remote,0 17829,platforms/php/webapps/17829.txt,"dotProject 2.1.5 - SQL Injection Vulnerability",2011-09-13,sherl0ck_,php,webapps,0 -17828,platforms/php/webapps/17828.txt,"Wordpress Plugin Forum Server <= 1.7 - SQL Injection Vulnerability",2011-09-13,"Miroslav Stampar",php,webapps,0 +17828,platforms/php/webapps/17828.txt,"WordPress Plugin Forum Server <= 1.7 - SQL Injection Vulnerability",2011-09-13,"Miroslav Stampar",php,webapps,0 17830,platforms/windows/dos/17830.txt,"Microsoft WINS Service <= 5.2.3790.4520 - Memory Corruption",2011-09-13,"Luigi Auriemma",windows,dos,0 17831,platforms/windows/dos/17831.txt,"Microsoft WINS ECommEndDlg Input Validation Error",2011-09-13,"Core Security",windows,dos,0 -17832,platforms/php/webapps/17832.txt,"Wordpress Plugin e-Commerce <= 3.8.6 - SQL Injection Vulnerability",2011-09-14,"Miroslav Stampar",php,webapps,0 +17832,platforms/php/webapps/17832.txt,"WordPress Plugin e-Commerce <= 3.8.6 - SQL Injection Vulnerability",2011-09-14,"Miroslav Stampar",php,webapps,0 17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone <= 5.3.11.1230 - Stack Buffer Overflow",2011-09-13,metasploit,windows,local,0 17835,platforms/windows/dos/17835.txt,"Beckhoff TwinCAT <= 2.11.0.2004 - Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 17836,platforms/windows/dos/17836.txt,"Equis MetaStock <= 11 Use After Free",2011-09-14,"Luigi Auriemma",windows,dos,0 @@ -15516,19 +15516,19 @@ id,file,description,date,author,platform,type,port 17854,platforms/windows/local/17854.py,"MY MP3 Player 3.0 m3u Exploit DEP Bypass",2011-09-17,blake,windows,local,0 17855,platforms/windows/remote/17855.rb,"DaqFactory HMI NETB Request Overflow",2011-09-18,metasploit,windows,remote,0 17856,platforms/windows/dos/17856.py,"KnFTP 1.0.0 Server Multiple Buffer Overflow Exploit (DoS PoC)",2011-09-18,loneferret,windows,dos,21 -17860,platforms/php/webapps/17860.txt,"Wordpress TheCartPress Plugin 1.1.1 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17861,platforms/php/webapps/17861.txt,"Wordpress AllWebMenus Plugin 1.1.3 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17862,platforms/php/webapps/17862.txt,"Wordpress WPEasyStats Plugin 1.8 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17863,platforms/php/webapps/17863.txt,"Wordpress Annonces Plugin 1.2.0.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17864,platforms/php/webapps/17864.txt,"Wordpress Livesig Plugin 0.4 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17865,platforms/php/webapps/17865.txt,"Wordpress Disclosure Policy Plugin 1.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17866,platforms/php/webapps/17866.txt,"Wordpress Mailing List Plugin 1.3.2 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17867,platforms/php/webapps/17867.txt,"Wordpress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17868,platforms/php/webapps/17868.txt,"Wordpress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17869,platforms/php/webapps/17869.txt,"Wordpress Relocate Upload Plugin 0.14 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17860,platforms/php/webapps/17860.txt,"WordPress TheCartPress Plugin 1.1.1 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17861,platforms/php/webapps/17861.txt,"WordPress AllWebMenus Plugin 1.1.3 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17862,platforms/php/webapps/17862.txt,"WordPress WPEasyStats Plugin 1.8 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17863,platforms/php/webapps/17863.txt,"WordPress Annonces Plugin 1.2.0.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17864,platforms/php/webapps/17864.txt,"WordPress Livesig Plugin 0.4 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17865,platforms/php/webapps/17865.txt,"WordPress Disclosure Policy Plugin 1.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17866,platforms/php/webapps/17866.txt,"WordPress Mailing List Plugin 1.3.2 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17867,platforms/php/webapps/17867.txt,"WordPress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17868,platforms/php/webapps/17868.txt,"WordPress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17869,platforms/php/webapps/17869.txt,"WordPress Relocate Upload Plugin 0.14 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 17870,platforms/windows/remote/17870.pl,"KnFTP 1.0.0 Server - 'USER' command Remote Buffer Overflow Exploit",2011-09-19,mr.pr0n,windows,remote,0 17871,platforms/hardware/webapps/17871.txt,"Cisco TelePresence Multiple Vulnerabilities - SOS-11-010",2011-09-19,"Sense of Security",hardware,webapps,0 -17872,platforms/php/webapps/17872.txt,"Multiple Wordpress Plugin - timthumb.php Vulnerabilites",2011-09-19,"Ben Schmidt",php,webapps,0 +17872,platforms/php/webapps/17872.txt,"Multiple WordPress Plugin - timthumb.php Vulnerabilites",2011-09-19,"Ben Schmidt",php,webapps,0 17873,platforms/windows/webapps/17873.txt,"SharePoint 2007/2010 and DotNetNuke < 6 - File disclosure via XEE",2011-09-20,"Nicolas Gregoire",windows,webapps,0 17874,platforms/hardware/webapps/17874.txt,"NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF",2011-09-20,"Sense of Security",hardware,webapps,0 17876,platforms/windows/remote/17876.py,"ScriptFTP <= 3.3 - Remote Buffer Overflow (LIST)",2011-09-20,modpr0be,windows,remote,0 @@ -15557,9 +15557,9 @@ id,file,description,date,author,platform,type,port 17901,platforms/osx/dos/17901.c,"Mac OS X < 10.6.7 Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 17902,platforms/windows/local/17902.c,"Norman Security Suite 8 - (nprosec.sys) Local Privilege Escalation (0day)",2011-09-28,Xst3nZ,windows,local,0 17903,platforms/windows/dos/17903.txt,"NCSS <= 07.1.21 Array Overflow with Write2",2011-09-29,"Luigi Auriemma",windows,dos,0 -17904,platforms/windows/remote/17904.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (MSF)",2011-09-29,otoy,windows,remote,0 +17904,platforms/windows/remote/17904.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (Metasploit)",2011-09-29,otoy,windows,remote,0 17905,platforms/php/webapps/17905.txt,"Typo3 File Disclosure",2011-09-29,"Number 7",php,webapps,0 -17906,platforms/php/webapps/17906.txt,"Wordpress Plugin Bannerize <= 2.8.7 - SQL Injection Vulnerability",2011-09-30,"Miroslav Stampar",php,webapps,0 +17906,platforms/php/webapps/17906.txt,"WordPress Plugin Bannerize <= 2.8.7 - SQL Injection Vulnerability",2011-09-30,"Miroslav Stampar",php,webapps,0 17908,platforms/freebsd/dos/17908.sh,"FreeBSD UIPC socket heap Overflow proof-of-concept",2011-09-30,"Shaun Colley",freebsd,dos,0 17909,platforms/php/webapps/17909.txt,"MARINET CMS (room.php) <= Blind SQL Vulnerability",2011-09-30,"BHG Security Center",php,webapps,0 17911,platforms/php/webapps/17911.php,"Feed on Feeds <= 0.5 - Remote PHP Code Injection Exploit",2011-09-30,EgiX,php,webapps,0 @@ -15621,7 +15621,7 @@ id,file,description,date,author,platform,type,port 17980,platforms/php/webapps/17980.txt,"WordPress Contact Form plugin <= 2.7.5 - SQL Injection",2011-10-14,Skraps,php,webapps,0 17981,platforms/windows/dos/17981.py,"Windows - TCP/IP Stack Denial of Service (MS11-064)",2011-10-15,"Byoungyoung Lee",windows,dos,0 17982,platforms/windows/dos/17982.pl,"BlueZone Desktop .zap file Local Denial of Service Vulnerability",2011-10-15,Silent_Dream,windows,dos,0 -17983,platforms/php/webapps/17983.txt,"Wordpress Plugin Photo Album Plus <= 4.1.1 - SQL Injection Vulnerability",2011-10-15,Skraps,php,webapps,0 +17983,platforms/php/webapps/17983.txt,"WordPress Plugin Photo Album Plus <= 4.1.1 - SQL Injection Vulnerability",2011-10-15,Skraps,php,webapps,0 17985,platforms/windows/local/17985.rb,"Real Networks Netzip Classic 7.5.1 86 File Parsing Buffer Overflow",2011-10-16,metasploit,windows,local,0 17984,platforms/php/webapps/17984.txt,"Ruubikcms 1.1.0 - (/extra/image.php) Local File Inclusion",2011-10-16,"Sangyun YOO",php,webapps,0 17986,platforms/osx/remote/17986.rb,"Apple Safari file:// Arbitrary Code Execution",2011-10-17,metasploit,osx,remote,0 @@ -15684,7 +15684,7 @@ id,file,description,date,author,platform,type,port 18051,platforms/windows/remote/18051.txt,"BroadWin WebAccess SCADA/HMI Client Remote Code Execution",2011-10-31,Snake,windows,remote,0 18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC",2011-10-31,rgod,windows,dos,0 18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress <= 3.1.4 - Stored XSS",2011-10-31,"Paul Loftness",php,webapps,0 -18055,platforms/php/webapps/18055.txt,"Wordpress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 +18055,platforms/php/webapps/18055.txt,"WordPress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 MiniSMTP Server Remote Exploit",2011-10-31,"Dillon Beresford",windows,remote,0 18058,platforms/php/webapps/18058.txt,"Joomla Component Alameda (com_alameda) 1.0 - SQL Injection",2011-10-31,kaMtiEz,php,webapps,0 @@ -15732,7 +15732,7 @@ id,file,description,date,author,platform,type,port 18110,platforms/php/webapps/18110.txt,"CMS 4.x.x Zorder (SQL Injection Vul)",2011-11-13,"KraL BeNiM",php,webapps,0 18119,platforms/windows/dos/18119.rb,"Attachmate Reflection FTP Client Heap Overflow",2011-11-16,"Francis Provencher",windows,dos,0 18120,platforms/linux/dos/18120.py,"FleaHttpd Remote Denial of Service Exploit",2011-11-16,condis,linux,dos,80 -18111,platforms/php/webapps/18111.php,"Wordpress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 +18111,platforms/php/webapps/18111.php,"WordPress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 18132,platforms/php/webapps/18132.php,"Support Incident Tracker <= 3.65 (translate.php) Remote Code Execution",2011-11-19,EgiX,php,webapps,0 18112,platforms/windows/dos/18112.txt,"optima apiftp server <= 1.5.2.13 - Multiple Vulnerabilities",2011-11-14,"Luigi Auriemma",windows,dos,0 18113,platforms/windows/local/18113.rb,"Mini-Stream RM-MP3 Converter 3.1.2.1 - (.pls) Stack Buffer Overflow",2011-11-14,metasploit,windows,local,0 @@ -15820,7 +15820,7 @@ id,file,description,date,author,platform,type,port 18227,platforms/linux_mips/shellcode/18227.c,"Linux/MIPS - reboot() - 32 bytes",2011-12-10,rigan,linux_mips,shellcode,0 18228,platforms/linux/local/18228.sh,"Acpid 1:2.0.10-1ubuntu2 - Privilege Boundary Crossing Vulnerability",2011-12-10,otr,linux,local,0 18230,platforms/php/webapps/18230.txt,"FCMS <= 2.7.2 CMS - Multiple Stored XSS Vulnerability",2011-12-10,"Ahmed Elhady Mohamed",php,webapps,0 -18231,platforms/php/webapps/18231.txt,"Wordpress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0 +18231,platforms/php/webapps/18231.txt,"WordPress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0 18232,platforms/php/webapps/18232.txt,"FCMS <= 2.7.2 CMS - Multiple CSRF Vulnerabilities",2011-12-11,"Ahmed Elhady Mohamed",php,webapps,0 18233,platforms/php/webapps/18233.txt,"Xoops 2.5.4 - Blind SQL Injection",2011-12-11,blkhtc0rp,php,webapps,0 18235,platforms/windows/remote/18235.pl,"zFTPServer Suite 6.0.0.52 - 'rmdir' Directory Traversal",2011-12-11,"Stefan Schurtz",windows,remote,0 @@ -15851,12 +15851,12 @@ id,file,description,date,author,platform,type,port 18272,platforms/windows/dos/18272.py,"Windows Explorer Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 18274,platforms/php/webapps/18274.txt,"openemr 4 - Multiple Vulnerabilities",2011-12-25,Level,php,webapps,0 18275,platforms/win64/dos/18275.txt,"GdiDrawStream BSoD using Safari",2011-12-18,webDEViL,win64,dos,0 -18276,platforms/php/webapps/18276.txt,"Wordpress Mailing List Plugin - Arbitrary File Download",2011-12-26,6Scan,php,webapps,0 +18276,platforms/php/webapps/18276.txt,"WordPress Mailing List Plugin - Arbitrary File Download",2011-12-26,6Scan,php,webapps,0 18277,platforms/php/webapps/18277.txt,"Free Image Hosting Script Arbitrary File Upload Vulnerability",2011-12-26,ySecurity,php,webapps,0 18278,platforms/linux/dos/18278.txt,"Nagios Plugin check_ups Local Buffer Overflow PoC",2011-12-26,"Stefan Schurtz",linux,dos,0 18280,platforms/linux/remote/18280.c,"Telnetd encrypt_keyid - Remote Root Function Pointer Overwrite",2011-12-26,"NighterMan and BatchDrake",linux,remote,0 18283,platforms/windows/remote/18283.rb,"CoCSoft Stream Down 6.8.0 - Universal Exploit (Metasploit)",2011-12-27,"Fady Mohammed Osman",windows,remote,0 -18412,platforms/php/webapps/18412.php,"Wordpress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload",2012-01-23,EgiX,php,webapps,0 +18412,platforms/php/webapps/18412.php,"WordPress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload",2012-01-23,EgiX,php,webapps,0 18287,platforms/php/webapps/18287.php,"Joomla Module Simple File Upload 1.3 - Remote Code Execution",2011-12-28,gmda,php,webapps,0 18285,platforms/windows/dos/18285.py,"VLC 1.1.11 (libav) libavcodec_plugin.dll DoS",2011-12-28,"Mitchell Adair",windows,dos,0 18288,platforms/php/webapps/18288.txt,"DIY-CMS blog mod SQL Injection Vulnerability",2011-12-29,snup,php,webapps,0 @@ -15906,12 +15906,12 @@ id,file,description,date,author,platform,type,port 18347,platforms/php/webapps/18347.txt,"Pragyan CMS 3.0 - Remote File Disclosure",2012-01-10,Or4nG.M4N,php,webapps,0 18348,platforms/php/webapps/18348.txt,"w-cms 2.01 - Multiple Vulnerabilities",2012-01-10,th3.g4m3_0v3r,php,webapps,0 18349,platforms/windows/local/18349.pl,"Blade API Monitor 3.6.9.2 Unicode Stack Buffer Overflow",2012-01-10,FullMetalFouad,windows,local,0 -18350,platforms/php/webapps/18350.txt,"Wordpress Age Verification Plugin <= 0.4 - Open Redirect",2012-01-10,"Gianluca Brindisi",php,webapps,0 +18350,platforms/php/webapps/18350.txt,"WordPress Age Verification Plugin <= 0.4 - Open Redirect",2012-01-10,"Gianluca Brindisi",php,webapps,0 18351,platforms/netware/dos/18351.txt,"Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution",2012-01-10,"Francis Provencher",netware,dos,0 18352,platforms/php/webapps/18352.txt,"YABSoft Advanced Image Hosting Script SQL Injection Vulnerability",2012-01-12,"Robert Cooper",php,webapps,0 18353,platforms/php/webapps/18353.txt,"WordPress wp-autoyoutube plugin - Blind SQL Injection Vulnerability",2012-01-12,longrifle0x,php,webapps,0 18354,platforms/windows/remote/18354.py,"WorldMail imapd 3.0 SEH Overflow (egg hunter)",2012-01-12,TheXero,windows,remote,0 -18355,platforms/php/webapps/18355.txt,"Wordpress Count-per-day plugin - Multiple Vulnerabilities",2012-01-12,6Scan,php,webapps,0 +18355,platforms/php/webapps/18355.txt,"WordPress Count-per-day plugin - Multiple Vulnerabilities",2012-01-12,6Scan,php,webapps,0 18356,platforms/php/webapps/18356.txt,"Tine 2.0 - Maischa - Multiple Cross-Site Scripting Vulnerabilities",2012-01-13,Vulnerability-Lab,php,webapps,0 18357,platforms/php/webapps/18357.txt,"Pragyan CMS 2.6.1 - Arbitrary File Upload Vulnerability",2012-01-13,Dr.KroOoZ,php,webapps,0 18373,platforms/jsp/webapps/18373.txt,"Cloupia End-to-end FlexPod Management Directory Traversal",2012-01-15,"Chris Rock",jsp,webapps,0 @@ -15963,10 +15963,10 @@ id,file,description,date,author,platform,type,port 18413,platforms/php/webapps/18413.txt,"SpamTitan Application 5.08x - SQL Injection Vulnerability",2012-01-23,Vulnerability-Lab,php,webapps,0 18701,platforms/php/webapps/18701.txt,"phpPaleo - Local File Inclusion",2012-04-04,"Mark Stanislav",php,webapps,0 18416,platforms/jsp/webapps/18416.txt,"stoneware webnetwork6 - Multiple Vulnerabilities",2012-01-24,"Jacob Holcomb",jsp,webapps,0 -18417,platforms/php/webapps/18417.txt,"Wordpress <= 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 +18417,platforms/php/webapps/18417.txt,"WordPress <= 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 18418,platforms/php/webapps/18418.html,"VR GPub 4.0 - CSRF Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0 18419,platforms/php/webapps/18419.html,"phplist 2.10.9 - CSRF/XSS Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0 -18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (MSF Module)",2012-01-26,"Craig Freyman",windows,remote,0 +18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0 18422,platforms/php/webapps/18422.txt,"Peel SHOPPING 2.8& 2.9 - XSS/SQL Injections Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0 18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server magentservice.exe Overflow",2012-01-27,metasploit,windows,remote,0 18424,platforms/php/webapps/18424.rb,"vBSEO <= 3.6.0 - _proc_deutf()_ Remote PHP Code Injection Exploit",2012-01-27,EgiX,php,webapps,0 @@ -16032,7 +16032,7 @@ id,file,description,date,author,platform,type,port 18497,platforms/php/webapps/18497.txt,"4PSA CMS SQL Injection Vulnerabilities",2012-02-19,"BHG Security Center",php,webapps,0 18498,platforms/php/webapps/18498.html,"SyndeoCMS <= 3.0 - CSRF Vulnerability",2012-02-19,"Ivano Binetti",php,webapps,0 18500,platforms/windows/local/18500.py,"Blade API Monitor Unicode Bypass (Serial Number BOF)",2012-02-20,b33f,windows,local,0 -18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 SEH Exploit MSF",2012-02-20,Death-Shadow-Dark,windows,local,0 +18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit (Metasploit)",2012-02-20,Death-Shadow-Dark,windows,local,0 18502,platforms/php/webapps/18502.html,"PlumeCMS <= 1.2.4 - CSRF Vulnerability",2012-02-20,"Ivano Binetti",php,webapps,0 18503,platforms/hardware/webapps/18503.txt,"Cisco Linksys WAG54GS CSRF Change Admin Password",2012-02-21,"Ivano Binetti",hardware,webapps,0 18504,platforms/hardware/webapps/18504.txt,"Sagem F@ST 2604 - CSRF Vulnerability (ADSL Router)",2012-02-22,"KinG Of PiraTeS",hardware,webapps,0 @@ -16085,7 +16085,7 @@ id,file,description,date,author,platform,type,port 18554,platforms/php/webapps/18554.txt,"Timesheet Next Gen 1.5.2 - Multiple SQLi",2012-03-03,G13,php,webapps,0 18555,platforms/windows/remote/18555.txt,"FlashFXP 4.1.8.1701 - Buffer Overflow Vulnerability",2012-03-03,Vulnerability-Lab,windows,remote,0 18556,platforms/php/webapps/18556.txt,"Endian UTM Firewall 2.4.x & 2.5.0 - Multiple Web Vulnerabilities",2012-03-03,Vulnerability-Lab,php,webapps,0 -18557,platforms/windows/remote/18557.rb,"Sysax 5.53 SSH Username Buffer Overflow (msf)",2012-03-04,metasploit,windows,remote,0 +18557,platforms/windows/remote/18557.rb,"Sysax 5.53 SSH Username Buffer Overflow (Metasploit)",2012-03-04,metasploit,windows,remote,0 18558,platforms/php/webapps/18558.txt,"DZCP (deV!L_z Clanportal) Witze Addon 0.9 - SQL Injection Vulnerability",2012-03-04,"Easy Laster",php,webapps,0 18559,platforms/php/webapps/18559.txt,"AneCMS 2e2c583 - LFI Exploit",2012-03-04,"I2sec-Jong Hwan Park",php,webapps,0 18566,platforms/asp/webapps/18566.txt,"Iciniti Store - SQL Injection",2012-03-07,"Sense of Security",asp,webapps,0 @@ -16125,7 +16125,7 @@ id,file,description,date,author,platform,type,port 18608,platforms/php/webapps/18608.txt,"FlexCMS 3.2.1 - Persistent XSS for logged in users",2012-03-16,storm,php,webapps,0 18609,platforms/php/webapps/18609.txt,"FlexCMS 3.2.1 - Multiple CSRF Vulnerabilities",2012-03-16,"Ivano Binetti",php,webapps,0 18610,platforms/windows/remote/18610.pl,"Tiny Server 1.1.5 - Arbitrary File Disclosure Exploit",2012-03-16,KaHPeSeSe,windows,remote,0 -18611,platforms/windows/local/18611.rb,"RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (MSF)",2012-03-16,KaHPeSeSe,windows,local,0 +18611,platforms/windows/local/18611.rb,"RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (Metasploit)",2012-03-16,KaHPeSeSe,windows,local,0 18704,platforms/windows/remote/18704.txt,"Quest vWorkspace 7.5 Connection Broker Client ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite PoC",2012-04-05,rgod,windows,remote,0 18705,platforms/hardware/dos/18705.txt,"Sony Bravia Remote Denial of Service",2012-04-05,"Gabriel Menezes Nunes",hardware,dos,0 18613,platforms/php/webapps/18613.txt,"ASP Classifieds SQL Injection",2012-03-17,r45c4l,php,webapps,0 @@ -16191,7 +16191,7 @@ id,file,description,date,author,platform,type,port 18687,platforms/php/webapps/18687.txt,"Landshop 0.9.2 - Multiple Web Vulnerabilities",2012-03-31,Vulnerability-Lab,php,webapps,0 18688,platforms/hardware/dos/18688.txt,"EMC Data Protection Advisor 5.8.1 - Denial of Service",2012-03-31,"Luigi Auriemma",hardware,dos,0 18689,platforms/php/webapps/18689.txt,"Woltlab Burning Board 2.2 / 2.3 - [WN]KT KickTipp 3.1 - Remote SQL Injection",2012-03-31,"Easy Laster",php,webapps,0 -18690,platforms/php/webapps/18690.txt,"Buddypress plugin of Wordpress - Remote SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 +18690,platforms/php/webapps/18690.txt,"Buddypress plugin of WordPress - Remote SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 18691,platforms/windows/dos/18691.rb,"FoxPlayer 2.6.0 - Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0 18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - (.aiff) Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH&DEP&ASLR",2012-04-03,b33f,windows,local,0 @@ -16262,11 +16262,11 @@ id,file,description,date,author,platform,type,port 18783,platforms/linux/local/18783.txt,"mount.cifs chdir() Arbitrary Root File Identification",2012-04-25,Sha0,linux,local,0 18788,platforms/php/webapps/18788.txt,"php volunteer management 1.0.2 - Multiple Vulnerabilities",2012-04-26,G13,php,webapps,0 18785,platforms/linux/local/18785.txt,"Parallels PLESK 9.x - Insecure Permissions",2012-04-26,"Nicolas Krassas",linux,local,0 -18787,platforms/php/webapps/18787.txt,"Wordpress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 +18787,platforms/php/webapps/18787.txt,"WordPress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 18797,platforms/linux/webapps/18797.rb,"WebCalendar 1.2.4 Pre-Auth Remote Code Injection",2012-04-29,metasploit,linux,webapps,0 18798,platforms/php/webapps/18798.txt,"Soco CMS Local File Include Vulnerability",2012-04-29,"BHG Security Center",php,webapps,0 18799,platforms/windows/dos/18799.py,"Remote-Anything Player 5.60.15 - Denial of Service",2012-04-29,"Saint Patrick",windows,dos,0 -18791,platforms/php/webapps/18791.txt,"Wordpress 3.3.1 - Multiple CSRF Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0 +18791,platforms/php/webapps/18791.txt,"WordPress 3.3.1 - Multiple CSRF Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0 18792,platforms/windows/local/18792.rb,"CPE17 Autorun Killer <= 1.7.1 - Stack Buffer Overflow Exploit",2012-04-27,"Xenithz xpt",windows,local,0 18793,platforms/php/webapps/18793.txt,"Axous 1.1.0 - SQL Injection Vulnerabilitiy",2012-04-27,"H4ckCity Secuirty TeaM",php,webapps,0 18833,platforms/windows/remote/18833.rb,"Solarwinds Storage Manager 5.1.0 - SQL Injection",2012-05-04,metasploit,windows,remote,0 @@ -16277,7 +16277,7 @@ id,file,description,date,author,platform,type,port 18803,platforms/php/webapps/18803.txt,"Opial CMS 2.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18804,platforms/php/webapps/18804.txt,"DIY CMS 1.0 Poll - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18805,platforms/windows/remote/18805.txt,"McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX GetObject() Exploit",2012-04-30,rgod,windows,remote,0 -18806,platforms/php/webapps/18806.txt,"Wordpress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS",2012-05-01,"Mehmet Ince",php,webapps,0 +18806,platforms/php/webapps/18806.txt,"WordPress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS",2012-05-01,"Mehmet Ince",php,webapps,0 18814,platforms/php/webapps/18814.txt,"MyClientBase 0.12 - Multiple Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 SEH Overwrite",2012-05-01,blake,windows,local,0 18809,platforms/php/webapps/18809.txt,"GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 @@ -16406,44 +16406,44 @@ id,file,description,date,author,platform,type,port 18973,platforms/windows/remote/18973.rb,"GIMP script-fu Server Buffer Overflow",2012-06-02,metasploit,windows,remote,0 18974,platforms/php/webapps/18974.txt,"Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Stored XSS",2012-06-02,"Henry Hoggard",php,webapps,0 18986,platforms/windows/remote/18986.rb,"Sielco Sistemi Winlog <= 2.07.16 - Buffer Overflow",2012-06-05,m-1-k-3,windows,remote,0 -18987,platforms/php/webapps/18987.php,"Wordpress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18988,platforms/php/webapps/18988.php,"Wordpress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18989,platforms/php/webapps/18989.php,"Wordpress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 -18990,platforms/php/webapps/18990.php,"Wordpress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18991,platforms/php/webapps/18991.php,"Wordpress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18987,platforms/php/webapps/18987.php,"WordPress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18988,platforms/php/webapps/18988.php,"WordPress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18989,platforms/php/webapps/18989.php,"WordPress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 +18990,platforms/php/webapps/18990.php,"WordPress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18991,platforms/php/webapps/18991.php,"WordPress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 19027,platforms/windows/remote/19027.rb,"Samsung NET-i viewer Multiple ActiveX BackupToAvi() Remote Overflow",2012-06-08,metasploit,windows,remote,0 -18993,platforms/php/webapps/18993.php,"Wordpress Asset Manager Plugin 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18994,platforms/php/webapps/18994.php,"Wordpress Font Uploader Plugin 1.2.4 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18993,platforms/php/webapps/18993.php,"WordPress Asset Manager Plugin 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18994,platforms/php/webapps/18994.php,"WordPress Font Uploader Plugin 1.2.4 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 19026,platforms/windows/remote/19026.rb,"Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow",2012-06-08,metasploit,windows,remote,0 -18997,platforms/php/webapps/18997.php,"Wordpress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 -18998,platforms/php/webapps/18998.php,"Wordpress Gallery Plugin 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18997,platforms/php/webapps/18997.php,"WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18998,platforms/php/webapps/18998.php,"WordPress Gallery Plugin 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 18999,platforms/php/webapps/18999.php,"SN News <= 1.2 - (visualiza.php) SQL Injection",2012-06-06,WhiteCollarGroup,php,webapps,0 19000,platforms/windows/dos/19000.py,"Audio Editor Master 5.4.1.217 - Denial of Service Vulnerability",2012-06-06,Onying,windows,dos,0 -19012,platforms/php/webapps/19012.txt,"Wordpress Front File Manager Plugin 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0 -19013,platforms/php/webapps/19013.txt,"Wordpress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure Vulnerability",2012-06-08,"Sammy FORGIT",php,webapps,0 +19012,platforms/php/webapps/19012.txt,"WordPress Front File Manager Plugin 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0 +19013,platforms/php/webapps/19013.txt,"WordPress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure Vulnerability",2012-06-08,"Sammy FORGIT",php,webapps,0 19005,platforms/php/webapps/19005.txt,"SN News <= 1.2 - (/admin/loger.php) Admin Bypass SQL Injection",2012-06-07,"Yakir Wizman",php,webapps,0 19006,platforms/windows/local/19006.py,"Lattice Semiconductor PAC-Designer 6.21 - (.PAC) Exploit",2012-06-07,b33f,windows,local,0 19002,platforms/windows/remote/19002.rb,"Microsoft Windows OLE Object File Handling Remote Code Execution",2012-06-06,metasploit,windows,remote,0 19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Stored XSS",2012-06-06,"Henry Hoggard",php,webapps,0 19030,platforms/windows/remote/19030.rb,"Tom Sawyer Software GET Extension Factory Remote Code Execution",2012-06-10,metasploit,windows,remote,0 19007,platforms/php/webapps/19007.php,"PHPNet <= 1.8 (ler.php) SQL Injection",2012-06-07,WhiteCollarGroup,php,webapps,0 -19008,platforms/php/webapps/19008.php,"Wordpress Front End Upload 0.5.3 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 -19009,platforms/php/webapps/19009.php,"Wordpress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 -19016,platforms/php/webapps/19016.txt,"Wordpress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19008,platforms/php/webapps/19008.php,"WordPress Front End Upload 0.5.3 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 +19009,platforms/php/webapps/19009.php,"WordPress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 +19016,platforms/php/webapps/19016.txt,"WordPress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 19029,platforms/php/webapps/19029.py,"phpAcounts 0.5.3 - SQL Injection",2012-06-08,loneferret,php,webapps,0 -19018,platforms/php/webapps/19018.txt,"Wordpress Plugin: Newsletter 1.5 - Remote File Disclosure Vulnerability",2012-06-08,"Sammy FORGIT",php,webapps,0 -19019,platforms/php/webapps/19019.php,"Wordpress RBX Gallery Plugin 2.1 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 -19020,platforms/php/webapps/19020.txt,"Wordpress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19021,platforms/php/webapps/19021.txt,"Wordpress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19022,platforms/php/webapps/19022.txt,"Wordpress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19023,platforms/php/webapps/19023.php,"Wordpress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 +19018,platforms/php/webapps/19018.txt,"WordPress Plugin: Newsletter 1.5 - Remote File Disclosure Vulnerability",2012-06-08,"Sammy FORGIT",php,webapps,0 +19019,platforms/php/webapps/19019.php,"WordPress RBX Gallery Plugin 2.1 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 +19020,platforms/php/webapps/19020.txt,"WordPress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19021,platforms/php/webapps/19021.txt,"WordPress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19022,platforms/php/webapps/19022.txt,"WordPress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19023,platforms/php/webapps/19023.php,"WordPress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 19011,platforms/php/webapps/19011.txt,"Webspell FIRSTBORN Movie-Addon Blind SQL Injection Vulnerability",2012-06-08,"Easy Laster",php,webapps,0 19028,platforms/linux/remote/19028.txt,"Berkeley Sendmail 5.58 DEBUG Vulnerability",1988-08-01,anonymous,linux,remote,0 19031,platforms/php/webapps/19031.txt,"Webspell dailyinput Movie Addon 4.2.x SQL Injection Vulnerability",2012-06-10,"Easy Laster",php,webapps,0 19033,platforms/windows/remote/19033.txt,"Microsoft iis 6.0 and 7.5 - Multiple Vulnerabilities",2012-06-10,kingcope,windows,remote,0 19034,platforms/windows/dos/19034.cpp,"PEamp (.mp3) Memory Corruption PoC",2012-06-10,Ayrbyte,windows,dos,0 19035,platforms/php/webapps/19035.txt,"freepost 0.1 r1 - Multiple Vulnerabilities",2012-06-10,"ThE g0bL!N",php,webapps,0 -19036,platforms/php/webapps/19036.php,"Wordpress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0 +19036,platforms/php/webapps/19036.php,"WordPress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0 19037,platforms/windows/local/19037.rb,"Microsoft Office - ClickOnce Unsafe Object Package Handling Vulnerability (MS12-005)",2012-06-11,metasploit,windows,local,0 19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 - Arbitrary PHP File Upload Vulnerability",2012-06-10,metasploit,php,webapps,0 19039,platforms/bsd/remote/19039.txt,"BSD 4.2 fingerd Buffer Overflow Vulnerability",1988-10-01,anonymous,bsd,remote,0 @@ -16457,15 +16457,15 @@ id,file,description,date,author,platform,type,port 19047,platforms/aix/remote/19047.txt,"Stalker Internet Mail Server 1.6 - Buffer Overflow Vulnerability",2001-09-12,"David Luyer",aix,remote,0 19048,platforms/aix/remote/19048.txt,"IRIX <= 6.4 pfdisplay.cgi Vulnerability",1998-04-07,"J.A. Gutierrez",aix,remote,0 19049,platforms/aix/dos/19049.txt,"BSDI <= 4.0 tcpmux / inetd Crash Vulnerability",1998-04-07,"Mark Schaefer",aix,dos,0 -19050,platforms/php/webapps/19050.txt,"Wordpress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19050,platforms/php/webapps/19050.txt,"WordPress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 19051,platforms/php/webapps/19051.txt,"ClanSuite 2.9 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19052,platforms/php/webapps/19052.txt,"Wordpress User Meta 1.1.1 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19053,platforms/php/webapps/19053.txt,"Wordpress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19054,platforms/php/webapps/19054.txt,"Wordpress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19055,platforms/php/webapps/19055.txt,"Wordpress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19056,platforms/php/webapps/19056.txt,"Wordpress Mac Photo Gallery 2.7 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19057,platforms/php/webapps/19057.txt,"Wordpress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19058,platforms/php/webapps/19058.txt,"Wordpress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19052,platforms/php/webapps/19052.txt,"WordPress User Meta 1.1.1 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19053,platforms/php/webapps/19053.txt,"WordPress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19054,platforms/php/webapps/19054.txt,"WordPress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19055,platforms/php/webapps/19055.txt,"WordPress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19056,platforms/php/webapps/19056.txt,"WordPress Mac Photo Gallery 2.7 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19057,platforms/php/webapps/19057.txt,"WordPress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19058,platforms/php/webapps/19058.txt,"WordPress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 19059,platforms/php/webapps/19059.php,"Agora-Project 2.12.11 - Arbitrary File Upload Vulnerability",2012-06-11,Misa3l,php,webapps,0 19060,platforms/php/webapps/19060.php,"TheBlog <= 2.0 - Multiple Vulnerabilities",2012-06-11,WhiteCollarGroup,php,webapps,0 19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager NETLS_LICENSE_FILE Vulnerability",1996-04-05,"Arthur Hagen",irix,local,0 @@ -16578,7 +16578,7 @@ id,file,description,date,author,platform,type,port 19184,platforms/windows/dos/19184.pl,"Karafun Player 1.20.86 - (.m3u) Crash PoC",2012-06-16,Styxosaurus,windows,dos,0 19185,platforms/hardware/webapps/19185.txt,"Huawei HG866 - Authentication Bypass",2012-06-16,hkm,hardware,webapps,0 19186,platforms/windows/remote/19186.rb,"Microsoft XML Core Services MSXML Uninitialized Memory Corruption",2012-06-16,metasploit,windows,remote,0 -19187,platforms/php/webapps/19187.txt,"Wordpress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 +19187,platforms/php/webapps/19187.txt,"WordPress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 19188,platforms/php/webapps/19188.txt,"Nuked Klan SP CMS 4.5 - SQL Injection Vulnerability",2012-06-16,Vulnerability-Lab,php,webapps,0 19189,platforms/php/webapps/19189.txt,"iScripts EasyCreate CMS 2.0 - Multiple Vulnerabilities",2012-06-16,Vulnerability-Lab,php,webapps,0 19389,platforms/windows/dos/19389.txt,"Kingview Touchview 6.53 - Multiple Heap Overflow Vulnerabilities",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 @@ -16777,7 +16777,7 @@ id,file,description,date,author,platform,type,port 19380,platforms/multiple/dos/19380.txt,"Ipswitch IMail 5.0/6.0 Web Service Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 19393,platforms/windows/dos/19393.py,"Able2Doc and Able2Doc Professional 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19394,platforms/asp/webapps/19394.txt,"Parodia 6.8 employer-profile.asp SQL Injection",2012-06-25,"Carlos Mario Penagos Hollmann",asp,webapps,0 -19398,platforms/php/webapps/19398.txt,"Wordpress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 +19398,platforms/php/webapps/19398.txt,"WordPress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 19408,platforms/php/webapps/19408.txt,"Zend Framework Local File Disclosure",2012-06-27,"SEC Consult",php,webapps,0 19403,platforms/php/webapps/19403.rb,"SugarCRM <= 6.3.1 unserialize() PHP Code Execution",2012-06-26,metasploit,php,webapps,0 29039,platforms/windows/dos/29039.py,"Kerio MailServer 5.x/6.x - Remote LDAP Denial of Service Vulnerability",2006-11-15,"Evgeny Legerov",windows,dos,0 @@ -17208,8 +17208,8 @@ id,file,description,date,author,platform,type,port 19845,platforms/windows/remote/19845.pl,"Microsoft FrontPage 98 Server Extensions for IIS_Microsoft InterDev 1.0 Filename Obfuscation",2000-04-14,"rain forest puppy",windows,remote,0 19846,platforms/windows/remote/19846.pl,"Microsoft FrontPage 98 Server Extensions for IIS_Microsoft InterDev 1.0 - Buffer Overflow Vulnerability",2000-04-14,"Richie & Beto",windows,remote,0 19847,platforms/unix/remote/19847.c,"UoW imapd 10.234/12.264 - Buffer Overflow Vulnerabilities",2002-08-01,"Gabriel A. Maggiotti",unix,remote,0 -19848,platforms/unix/remote/19848.pm,"UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta)",2000-04-16,vlad902,unix,remote,0 -19849,platforms/unix/remote/19849.pm,"UoW imapd 10.234/12.264 COPY Buffer Overflow (meta)",2000-04-16,vlad902,unix,remote,0 +19848,platforms/unix/remote/19848.pm,"UoW imapd 10.234/12.264 LSUB Buffer Overflow (Metasploit)",2000-04-16,vlad902,unix,remote,0 +19849,platforms/unix/remote/19849.pm,"UoW imapd 10.234/12.264 COPY Buffer Overflow (Metasploit)",2000-04-16,vlad902,unix,remote,0 19850,platforms/linux/dos/19850.c,"RedHat Linux 6.x - X Font Server DoS and Buffer Overflow Vulnerabilities",2000-04-16,"Michal Zalewski",linux,dos,0 19851,platforms/qnx/local/19851.c,"QSSL QNX 4.25 A crypt() Vulnerability",2000-04-15,Sean,qnx,local,0 19852,platforms/cgi/remote/19852.txt,"dansie shopping cart 3.0.4 - Multiple Vulnerabilities",2000-04-14,"tombow & Randy Janinda",cgi,remote,0 @@ -17222,7 +17222,7 @@ id,file,description,date,author,platform,type,port 19904,platforms/unix/local/19904.txt,"Intel Corporation NetStructure 7110 Undocumented Password Vulnerability",2000-05-08,"Stake Inc",unix,local,0 19859,platforms/hardware/webapps/19859.txt,"Vivotek Cameras Sensitive Information Disclosure",2012-07-16,GothicX,hardware,webapps,0 19960,platforms/windows/dos/19960.txt,"Oracle Outside-In FPX File Parsing Heap Overflow",2012-07-20,"Francis Provencher",windows,dos,0 -19862,platforms/php/webapps/19862.pl,"Wordpress Diary/Notebook Site5 Theme Email Spoofing",2012-07-16,bwall,php,webapps,0 +19862,platforms/php/webapps/19862.pl,"WordPress Diary/Notebook Site5 Theme Email Spoofing",2012-07-16,bwall,php,webapps,0 19863,platforms/php/webapps/19863.txt,"CakePHP 2.x-2.2.0-RC2 XXE Injection",2012-07-16,"Pawel Wylecial",php,webapps,0 19864,platforms/php/webapps/19864.txt,"VamCart 0.9 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 19865,platforms/php/webapps/19865.txt,"PBBoard 2.1.4 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 @@ -17604,7 +17604,7 @@ id,file,description,date,author,platform,type,port 20298,platforms/windows/remote/20298.c,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal Vulnerability (1)",2000-10-17,"Gabriel Maggiotti",windows,remote,0 20268,platforms/php/webapps/20268.txt,"Tickets CAD 2.20G Multiple Vulnerabilities",2012-08-05,chap0,php,webapps,0 20269,platforms/windows/remote/20269.txt,"Microsoft IIS 5.0 Indexed Directory Disclosure Vulnerability",2000-10-04,"David Litchfield",windows,remote,0 -20270,platforms/php/webapps/20270.txt,"Wordpress Plugin Effective Lead Management 3.0.0 - Persistent XSS",2012-08-05,"Chris Kellum",php,webapps,0 +20270,platforms/php/webapps/20270.txt,"WordPress Plugin Effective Lead Management 3.0.0 - Persistent XSS",2012-08-05,"Chris Kellum",php,webapps,0 20271,platforms/openbsd/dos/20271.c,"OpenBSD 2.x Pending ARP Request Remote DoS Vulnerability",2000-10-05,skyper,openbsd,dos,0 20272,platforms/windows/dos/20272.pl,"Apache 1.2.5/1.3.1 & UnityMail 2.0 - MIME Header DoS Vulnerability",1998-08-02,L.Facq,windows,dos,0 20273,platforms/cgi/remote/20273.txt,"Moreover CGI script - File Disclosure Vulnerability",2000-10-02,CDI,cgi,remote,0 @@ -17695,7 +17695,7 @@ id,file,description,date,author,platform,type,port 20362,platforms/windows/webapps/20362.py,"smartermail free 9.2 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20363,platforms/windows/webapps/20363.py,"surgemail 6.0a4 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20364,platforms/php/webapps/20364.py,"t-dah webmail client 3.2.0-2.3 - Stored XSS",2012-08-08,loneferret,php,webapps,0 -20365,platforms/php/webapps/20365.py,"Wordpress Plugin ThreeWP Email Reflector 1.13 - Stored XSS",2012-08-08,loneferret,php,webapps,0 +20365,platforms/php/webapps/20365.py,"WordPress Plugin ThreeWP Email Reflector 1.13 - Stored XSS",2012-08-08,loneferret,php,webapps,0 20366,platforms/windows/webapps/20366.py,"winwebmail server 3.8.1.6 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20367,platforms/windows/webapps/20367.py,"xeams email server 4.4 build 5720 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20368,platforms/windows/webapps/20368.py,"IBM Proventia Network Mail Security System 2.5 - POST File Read",2012-08-08,muts,windows,webapps,0 @@ -17863,7 +17863,7 @@ id,file,description,date,author,platform,type,port 20537,platforms/multiple/remote/20537.txt,"Borland/Inprise Interbase 4.0/5.0/6.0 Backdoor Password Vulnerability",2001-01-10,"Frank Schlottmann-Goedde",multiple,remote,0 20538,platforms/php/webapps/20538.txt,"Basilix Webmail 0.9.7 Incorrect File Permissions Vulnerability",2001-01-11,"Tamer Sahin",php,webapps,0 20539,platforms/php/webapps/20539.txt,"MobileCartly 1.0 - Remote File Upload Vulnerability",2012-08-15,ICheer_No0M,php,webapps,0 -20706,platforms/linux/webapps/20706.rb,"Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change (MSF)",2012-08-21,Kc57,linux,webapps,0 +20706,platforms/linux/webapps/20706.rb,"Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change (Metasploit)",2012-08-21,Kc57,linux,webapps,0 20541,platforms/php/webapps/20541.txt,"MaxForum 1.0.0 - Local File Inclusion",2012-08-15,ahwak2000,php,webapps,0 20705,platforms/multiple/dos/20705.py,"sap netweaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities",2012-08-21,"Core Security",multiple,dos,0 20704,platforms/php/webapps/20704.txt,"Clipbucket 2.5 - Directory Traversal",2012-08-21,loneferret,php,webapps,0 @@ -17969,7 +17969,7 @@ id,file,description,date,author,platform,type,port 20646,platforms/unix/remote/20646.c,"LICQ 0.85/1.0.1/1.0.2 - Remote Buffer Overflow Vulnerability",2000-12-26,"Stan Bubrouski",unix,remote,0 20647,platforms/windows/remote/20647.c,"Atrium Software Mercur Mail Server 3.3 EXPN Buffer Overflow Vulnerability",2001-02-23,"Martin Rakhmanoff",windows,remote,0 20648,platforms/solaris/remote/20648.c,"Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability",2001-03-15,"Last Stage of Delirium",solaris,remote,0 -20649,platforms/solaris/remote/20649.pm,"Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability (msf)",2001-03-15,vlad902,solaris,remote,0 +20649,platforms/solaris/remote/20649.pm,"Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability (Metasploit)",2001-03-15,vlad902,solaris,remote,0 20650,platforms/windows/dos/20650.txt,"Sapio WebReflex 1.55 GET Denial of Service Vulnerability",2001-02-27,slipy,windows,dos,0 20651,platforms/windows/local/20651.txt,"datawizards ftpxq 2.0.93 - Directory Traversal Vulnerability",2001-02-28,joetesta,windows,local,0 20652,platforms/hardware/remote/20652.txt,"Cisco IOS 11.x/12.0 ILMI SNMP Community String Vulnerability",2001-02-27,pask,hardware,remote,0 @@ -18166,7 +18166,7 @@ id,file,description,date,author,platform,type,port 20857,platforms/php/webapps/20857.txt,"web@all CMS 2.0 - Multiple Vulnerabilities",2012-08-27,LiquidWorm,php,webapps,0 20859,platforms/php/webapps/20859.txt,"vlinks 2.0.3 (site.php id parameter) SQL Injection",2012-08-27,JIKO,php,webapps,0 20861,platforms/win64/local/20861.txt,"Microsoft Windows Kernel Intel x64 SYSRET PoC",2012-08-27,"Shahriyar Jalayeri",win64,local,0 -20862,platforms/php/webapps/20862.txt,"Wordpress Count per Day Plugin 3.2.3 - XSS Vulnerability",2012-08-27,Crim3R,php,webapps,0 +20862,platforms/php/webapps/20862.txt,"WordPress Count per Day Plugin 3.2.3 - XSS Vulnerability",2012-08-27,Crim3R,php,webapps,0 20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability",2012-08-27,LiquidWorm,php,webapps,0 20864,platforms/asp/webapps/20864.txt,"Elcom CMS 7.4.10 Community Manager Insecure File Upload",2012-08-27,"Sense of Security",asp,webapps,0 20865,platforms/java/remote/20865.rb,"Java 7 Applet Remote Code Execution",2012-08-27,metasploit,java,remote,0 @@ -18221,7 +18221,7 @@ id,file,description,date,author,platform,type,port 20915,platforms/windows/local/20915.py,"ActFax 4.31 - Local Privilege Escalation Exploit",2012-08-29,"Craig Freyman",windows,local,0 20916,platforms/cgi/remote/20916.pl,"cgiCentral WebStore 400 - Arbitrary Command Execution Vulnerability",2001-05-06,"Igor Dobrovitski",cgi,remote,0 20917,platforms/windows/dos/20917.txt,"Winlog Lite SCADA HMI system SEH 0verwrite Vulnerability",2012-08-29,Ciph3r,windows,dos,0 -20918,platforms/php/webapps/20918.txt,"Wordpress HD Webplayer 1.1 - SQL Injection Vulnerability",2012-08-29,JoinSe7en,php,webapps,0 +20918,platforms/php/webapps/20918.txt,"WordPress HD Webplayer 1.1 - SQL Injection Vulnerability",2012-08-29,JoinSe7en,php,webapps,0 20955,platforms/windows/dos/20955.pl,"Internet Download Manager - Memory Corruption Vulnerability",2012-08-31,Dark-Puzzle,windows,dos,0 20922,platforms/osx/dos/20922.txt,"Rumpus FTP Server 1.3.x/2.0.3 - Stack Overflow DoS Vulnerability",2001-06-12,"Jass Seljamaa",osx,dos,0 20923,platforms/unix/local/20923.c,"LPRng 3.6.x Failure To Drop Supplementary Groups Vulnerability",2001-06-07,zen-parse,unix,local,0 @@ -18990,7 +18990,7 @@ id,file,description,date,author,platform,type,port 21711,platforms/windows/remote/21711.html,"Microsoft Outlook Express 5/6 MHTML URL Handler File Rendering Vulnerability",2002-08-15,http-equiv,windows,remote,0 21712,platforms/windows/dos/21712.txt,"Google Toolbar 1.1.60 - Search Function Denial of Service Vulnerability",2002-08-15,onet,windows,dos,0 21713,platforms/windows/local/21713.py,"Exploit: NCMedia Sound Editor Pro 7.5.1 - SEH & DEP",2012-10-03,b33f,windows,local,0 -21715,platforms/php/webapps/21715.txt,"Wordpress Plugin spider calendar - Multiple Vulnerabilities",2012-10-03,D4NB4R,php,webapps,0 +21715,platforms/php/webapps/21715.txt,"WordPress Plugin spider calendar - Multiple Vulnerabilities",2012-10-03,D4NB4R,php,webapps,0 21716,platforms/php/webapps/21716.txt,"Omnistar Mailer 7.2 - Multiple Vulnerabilities",2012-10-03,Vulnerability-Lab,php,webapps,0 21717,platforms/windows/remote/21717.txt,"Microsoft Windows XP HCP URI Handler Abuse Vulnerability",2002-08-15,"Shane Hird",windows,remote,0 21718,platforms/windows/remote/21718.txt,"Microsoft SQL 2000/7.0 - Agent Jobs Privilege Elevation Vulnerability",2002-08-15,"David Litchfield",windows,remote,0 @@ -19334,7 +19334,7 @@ id,file,description,date,author,platform,type,port 22068,platforms/unix/dos/22068.pl,"Apache 1.3.x & Tomcat 4.0.x/4.1.x Mod_JK - Chunked Encoding Denial of Service Vulnerability",2002-12-04,Sapient2003,unix,dos,0 22069,platforms/multiple/local/22069.py,"Oracle Database Authentication Protocol Security Bypass",2012-10-18,"Esteban Martinez Fayo",multiple,local,0 22070,platforms/windows/webapps/22070.py,"otrs 3.1 - Stored XSS Vulnerability",2012-10-18,"Mike Eduard",windows,webapps,0 -22071,platforms/php/webapps/22071.txt,"FireStorm Professional Real Estate Wordpress Plugin 2.06.01 - SQL Injection Vulnerability",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0 +22071,platforms/php/webapps/22071.txt,"FireStorm Professional Real Estate WordPress Plugin 2.06.01 - SQL Injection Vulnerability",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0 22074,platforms/osx/dos/22074.txt,"Apple Mac OS X 10.2.2 - Directory Kernel Panic Denial of Service",2002-11-07,shibby,osx,dos,0 22075,platforms/php/webapps/22075.txt,"Ultimate PHP Board 1.0 final beta ViewTopic.PHP Directory Contents Browsing",2002-11-08,euronymous,php,webapps,0 22076,platforms/php/webapps/22076.txt,"Ultimate PHP Board Board 1.0 final beta ViewTopic.PHP Cross-Site Scripting Vulnerability",2002-11-08,euronymous,php,webapps,0 @@ -19355,7 +19355,7 @@ id,file,description,date,author,platform,type,port 22091,platforms/linux/remote/22091.c,"zkfingerd SysLog 0.9.1 Format String Vulnerability",2002-12-16,"Marceta Milos",linux,remote,0 22092,platforms/multiple/webapps/22092.py,"ManageEngine Security Manager Plus <= 5.5 build 5505 Path Traversal",2012-10-19,xistence,multiple,webapps,0 22093,platforms/multiple/remote/22093.py,"ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM/root SQLi",2012-10-19,xistence,multiple,remote,0 -22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (MSF)",2012-10-19,xistence,windows,remote,0 +22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (Metasploit)",2012-10-19,xistence,windows,remote,0 22097,platforms/php/webapps/22097.txt,"Joomla Freestyle Support 1.9.1.1447 (com_fss) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22098,platforms/php/webapps/22098.txt,"Joomla Tags (index.php tag parameter) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22099,platforms/php/webapps/22099.txt,"CMSQLITE 1.3.2 - Multiple Vulnerabiltiies",2012-10-19,Vulnerability-Lab,php,webapps,0 @@ -19555,7 +19555,7 @@ id,file,description,date,author,platform,type,port 22296,platforms/multiple/remote/22296.txt,"Axis Communications HTTP Server 2.x Messages Information Disclosure Vulnerability",2003-02-28,"Martin Eiszner",multiple,remote,0 22297,platforms/php/webapps/22297.pl,"Typo3 3.5 b5 Showpic.PHP File Enumeration Vulnerability",2003-02-28,"Martin Eiszner",php,webapps,0 22298,platforms/php/webapps/22298.txt,"Typo3 3.5 b5 Translations.PHP Remote File Include Vulnerability",2003-02-28,"Martin Eiszner",php,webapps,0 -22300,platforms/php/webapps/22300.txt,"Wordpress Easy Webinar Plugin - Blind SQL Injection Vulnerability",2012-10-28,"Robert Cooper",php,webapps,0 +22300,platforms/php/webapps/22300.txt,"WordPress Easy Webinar Plugin - Blind SQL Injection Vulnerability",2012-10-28,"Robert Cooper",php,webapps,0 22301,platforms/windows/remote/22301.html,"Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath BOF",2012-10-28,b33f,windows,remote,0 22302,platforms/windows/dos/22302.rb,"hMailServer 5.3.3 IMAP Remote Crash PoC",2012-10-28,"John Smith",windows,dos,0 22303,platforms/windows/dos/22303.pl,"Microsoft Windows Help program (WinHlp32.exe) Crash PoC",2012-10-28,coolkaveh,windows,dos,0 @@ -19648,7 +19648,7 @@ id,file,description,date,author,platform,type,port 22393,platforms/php/webapps/22393.txt,"OSCommerce 2.1/2.2 Checkout_Payment.PHP Error Output Cross-Site Scripting Vulnerability",2003-03-20,"iProyectos group",php,webapps,0 22394,platforms/hardware/remote/22394.txt,"Check Point FW-1 Syslog Daemon Unfiltered Escape Sequence Vulnerability",2003-03-21,"Dr. Peter Bieringer",hardware,remote,0 22395,platforms/windows/dos/22395.txt,"eDonkey Clients 0.44/0.45 - Multiple Chat Dialog Resource Consumption Vulnerability",2003-03-21,"Auriemma Luigi",windows,dos,0 -22396,platforms/php/webapps/22396.txt,"Wordpress bbpress Plugin - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 +22396,platforms/php/webapps/22396.txt,"WordPress bbpress Plugin - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 22397,platforms/windows/dos/22397.txt,"SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference",2012-11-01,"Lucas Apa",windows,dos,0 22398,platforms/php/webapps/22398.php,"Invision Power Board <= 3.3.4 - _unserialize()_ PHP Code Execution",2012-11-01,EgiX,php,webapps,0 22399,platforms/php/webapps/22399.txt,"Endpoint Protector 4.0.4.2 - Multiple Persistent XSS",2012-11-01,"CYBSEC Labs",php,webapps,0 @@ -19677,7 +19677,7 @@ id,file,description,date,author,platform,type,port 22424,platforms/php/webapps/22424.txt,"PHP-Nuke 6.0/6.5 Forum Module - Viewforum.PHP SQL Injection Vulnerability",2003-03-25,frog,php,webapps,0 22425,platforms/php/dos/22425.php,"PHP 4.x socket_recv() Signed Integer Memory Corruption Vulnerability",2003-03-26,"Sir Mordred",php,dos,0 22426,platforms/php/dos/22426.php,"PHP 4.x socket_recvfrom() Signed Integer Memory Corruption Vulnerability",2003-03-26,"Sir Mordred",php,dos,0 -22427,platforms/php/webapps/22427.txt,"Wordpress All Video Gallery 1.1 - SQL Injection Vulnerability",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 +22427,platforms/php/webapps/22427.txt,"WordPress All Video Gallery 1.1 - SQL Injection Vulnerability",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 22521,platforms/php/webapps/22521.c,"XMB Forum 1.8 Member.PHP SQL Injection Vulnerability",2003-04-22,zeez@bbugs.org,php,webapps,0 22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics - SQL Injection Vulnerability",2012-11-02,Juno_okyo,php,webapps,0 22430,platforms/php/webapps/22430.txt,"PrestaShop <= 1.5.1 Persistent XSS",2012-11-02,"David Sopas",php,webapps,0 @@ -19713,7 +19713,7 @@ id,file,description,date,author,platform,type,port 22460,platforms/windows/dos/22460.txt,"Abyss Web Server 1.1.2 Incomplete HTTP Request Denial of Service Vulnerability",2003-04-05,"Auriemma Luigi",windows,dos,0 22461,platforms/php/webapps/22461.txt,"Invision Board 1.1.1 functions.php SQL Injection Vulnerability",2003-04-05,"Gossi The Dog",php,webapps,0 22462,platforms/multiple/remote/22462.txt,"Interbase 6.x External Table File Verification Vulnerability",2003-04-05,"Kotala Zdenek",multiple,remote,0 -22463,platforms/php/webapps/22463.txt,"Wordpress Spider Catalog 1.1 - HTML Code Injection and Cross-Site scripting",2012-11-04,D4NB4R,php,webapps,0 +22463,platforms/php/webapps/22463.txt,"WordPress Spider Catalog 1.1 - HTML Code Injection and Cross-Site scripting",2012-11-04,D4NB4R,php,webapps,0 22464,platforms/windows/dos/22464.txt,"Adobe Reader 11.0.0 - Stack Overflow Crash PoC",2012-11-04,coolkaveh,windows,dos,0 22465,platforms/windows/local/22465.txt,"Sysax FTP Automation Server 5.33 - Local Privilege Escalation",2012-11-04,"Craig Freyman",windows,local,0 22466,platforms/windows/remote/22466.py,"BigAnt Server 2.52 SP5 - SEH Stack Overflow ROP-based Exploit (ASLR + DEP bypass)",2012-11-04,"Lorenzo Cantoni",windows,remote,0 @@ -20094,7 +20094,7 @@ id,file,description,date,author,platform,type,port 22850,platforms/windows/dos/22850.txt,"Microsoft Office OneNote 2010 Crash PoC",2012-11-20,coolkaveh,windows,dos,0 22851,platforms/windows/local/22851.py,"FormatFactory 3.0.1 - Profile File Handling Buffer Overflow",2012-11-20,"Julien Ahrens",windows,local,0 22852,platforms/multiple/webapps/22852.txt,"SonicWALL CDP 5040 6.x - Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,multiple,webapps,0 -22853,platforms/php/webapps/22853.txt,"Wordpress Facebook Survey 1.0 - SQL Injection Vulnerability",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 +22853,platforms/php/webapps/22853.txt,"WordPress Facebook Survey 1.0 - SQL Injection Vulnerability",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 22854,platforms/windows/remote/22854.txt,"LAN.FS Messenger 2.4 - Command Execution Vulnerability",2012-11-20,Vulnerability-Lab,windows,remote,0 22855,platforms/windows/dos/22855.txt,"Apple QuickTime 7.7.2 Targa image Buffer Overflow",2012-11-20,"Senator of Pirates",windows,dos,0 22856,platforms/linux/remote/22856.rb,"Narcissus Image Configuration Passthru Vulnerability",2012-11-21,metasploit,linux,remote,0 @@ -20441,7 +20441,7 @@ id,file,description,date,author,platform,type,port 23210,platforms/windows/local/23210.c,"Microsoft Windows XP/2000 PostThreadMessage() Arbitrary Process Killing Vulnerability",2003-10-02,"Brett Moore",windows,local,0 23211,platforms/windows/remote/23211.cpp,"EarthStation 5 - Search Service Remote File Deletion Vulnerabililty",2003-10-03,"random nut",windows,remote,0 23212,platforms/hardware/remote/23212.txt,"Cisco LEAP Password Disclosure Weakness",2003-10-03,"Cisco Security",hardware,remote,0 -23213,platforms/php/webapps/23213.txt,"Wordpress 0.6/0.7 Blog.Header.PHP - SQL Injection Vulnerabilities",2003-10-03,"Seth Woolley",php,webapps,0 +23213,platforms/php/webapps/23213.txt,"WordPress 0.6/0.7 Blog.Header.PHP - SQL Injection Vulnerabilities",2003-10-03,"Seth Woolley",php,webapps,0 23214,platforms/cgi/webapps/23214.txt,"Sun Cobalt RaQ 1.1/2.0/3.0/4.0 Message.CGI Cross-Site Scripting Vulnerability",2003-10-03,"Lorenzo Hernandez Garcia-Hierro",cgi,webapps,0 23215,platforms/windows/dos/23215.html,"Microsoft Internet Explorer 6 Absolute Position Block Denial of Service Vulnerability",2003-10-03,"Nick Johnson",windows,dos,0 23216,platforms/windows/dos/23216.txt,"Microsoft Word 97/98/2002 Malformed Document Denial of Service Vulnerability",2003-10-03,"Bahaa Naamneh",windows,dos,0 @@ -20583,7 +20583,7 @@ id,file,description,date,author,platform,type,port 23353,platforms/php/webapps/23353.txt,"MyYoutube MyBB Plugin 1.0 - SQL Injection",2012-12-13,Zixem,php,webapps,0 23354,platforms/php/webapps/23354.txt,"MyBB AJAX Chat - Persistent XSS Vulnerability",2012-12-13,"Mr. P-teo",php,webapps,0 23355,platforms/php/webapps/23355.txt,"Facebook Profile MyBB Plugin 2.4 - Persistant XSS",2012-12-13,limb0,php,webapps,0 -23356,platforms/php/webapps/23356.txt,"Portable phpMyAdmin Wordpress Plugin - Authentication Bypass",2012-12-13,"Mark Stanislav",php,webapps,0 +23356,platforms/php/webapps/23356.txt,"Portable phpMyAdmin WordPress Plugin - Authentication Bypass",2012-12-13,"Mark Stanislav",php,webapps,0 23384,platforms/php/webapps/23384.txt,"Koch Roland Rolis Guestbook 1.0 $path Remote File Include Vulnerability",2003-11-17,"RusH security team",php,webapps,0 23385,platforms/multiple/remote/23385.txt,"PostMaster 3.16/3.17 Proxy Service Cross-Site Scripting Vulnerability",2003-11-17,"Ziv Kamir",multiple,remote,0 23382,platforms/php/webapps/23382.txt,"Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting",2012-12-14,s3m00t,php,webapps,0 @@ -20856,7 +20856,7 @@ id,file,description,date,author,platform,type,port 23635,platforms/asp/webapps/23635.txt,"Niti Telecom Caravan Business Server 2.00-03D Remote Directory Traversal Vulnerability",2004-02-02,dr_insane,asp,webapps,0 23636,platforms/php/webapps/23636.txt,"Qualiteam X-Cart 3.x general.php perl_binary Parameter Arbitrary Command Execution",2004-02-03,Philip,php,webapps,0 23637,platforms/php/webapps/23637.txt,"Qualiteam X-Cart 3.x upgrade.php perl_binary Parameter Arbitrary Command Execution",2004-02-03,Philip,php,webapps,0 -23638,platforms/hardware/dos/23638.pl,"Cisco IOS 12 MSFC2 Malformed Layer 2 Frame Denial of Service Vulnerability",2004-02-03,blackangels,hardware,dos,0 +23638,platforms/hardware/dos/23638.pl,"Cisco IOS 12 MSFC2 - Malformed Layer 2 Frame Denial of Service Vulnerability",2004-02-03,blackangels,hardware,dos,0 23639,platforms/php/webapps/23639.txt,"Qualiteam X-Cart 3.x - Multiple Remote Information Disclosure Vulnerabilities",2004-02-03,Philip,php,webapps,0 23640,platforms/php/webapps/23640.txt,"phpMyAdmin 2.x Export.PHP File Disclosure Vulnerability",2004-02-03,"Cedric Cochin",php,webapps,0 23641,platforms/multiple/dos/23641.txt,"Cauldron Chaser 1.4/1.5 - Remote Denial of Service Vulnerability (1)",2004-02-03,"Luigi Auriemma",multiple,dos,0 @@ -20991,7 +20991,7 @@ id,file,description,date,author,platform,type,port 23780,platforms/windows/dos/23780.py,"Aktiv Player 2.80 Crash PoC",2012-12-31,IndonesiaGokilTeam,windows,dos,0 23781,platforms/php/webapps/23781.txt,"MyBB (editpost.php posthash) - SQL Injection Vulnerability",2012-12-31,"Joshua Rogers",php,webapps,0 23782,platforms/php/webapps/23782.txt,"Joomla Spider Calendar (index.php date param) Blind SQL Injection Vulnerability",2012-12-31,Red-D3v1L,php,webapps,0 -23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (MSF)",2012-12-31,"Craig Freyman",windows,local,0 +23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (Metasploit)",2012-12-31,"Craig Freyman",windows,local,0 24047,platforms/php/webapps/24047.txt,"Protector System 1.15 b1 index.php SQL Injection",2004-04-23,waraxe,php,webapps,0 24048,platforms/php/webapps/24048.txt,"Protector System 1.15 blocker_query.php Multiple Parameter XSS",2004-04-23,waraxe,php,webapps,0 24046,platforms/php/webapps/24046.txt,"Fusionphp Fusion News 3.6.1 - Cross-Site Scripting Vulnerability",2004-04-23,DarkBicho,php,webapps,0 @@ -21398,7 +21398,7 @@ id,file,description,date,author,platform,type,port 24204,platforms/multiple/webapps/24204.pl,"SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Root/SYSTEM Exploit",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0 24205,platforms/linux/remote/24205.txt,"Novell NCP Pre-Auth Remote Root Exploit",2013-01-18,"Gary Nilson",linux,remote,0 24230,platforms/hardware/remote/24230.txt,"BT Voyager 2000 Wireless ADSL Router SNMP Community String Information Disclosure Vulnerability",2004-06-22,"Konstantin V. Gavrilenko",hardware,remote,0 -24206,platforms/multiple/remote/24206.rb,"Jenkins CI Script Console Command Execution MSF Module",2013-01-18,"Spencer McIntyre",multiple,remote,0 +24206,platforms/multiple/remote/24206.rb,"Jenkins CI Script Console - Command Execution (Metasploit)",2013-01-18,"Spencer McIntyre",multiple,remote,0 24207,platforms/windows/local/24207.c,"NVidia Display Driver Service (Nsvr) Exploit",2013-01-18,"Jon Bailey",windows,local,0 24208,platforms/windows/dos/24208.c,"FreeIPS 1.0 Protected Service Denial of Service Vulnerability",2004-06-14,shawnwebb@softhome.net,windows,dos,0 24209,platforms/windows/dos/24209.txt,"Sygate Personal Firewall Pro 5.5 - Local Denial of Service Vulnerability",2004-06-14,"Tan Chew Keong",windows,dos,0 @@ -21421,7 +21421,7 @@ id,file,description,date,author,platform,type,port 24226,platforms/hardware/remote/24226.txt,"D-Link AirPlus DI-614+_ DI-624_ DI-704 DHCP Log HTML Injection Vulnerability",2004-06-21,c3rb3r,hardware,remote,0 24227,platforms/php/webapps/24227.txt,"SqWebMail 4.0.4.20040524 - Email Header HTML Injection Vulnerability",2004-06-21,"Luca Legato",php,webapps,0 24228,platforms/php/webapps/24228.txt,"Joomla com_collector Component Arbitrary File Upload Vulnerability",2013-01-19,"Red Dragon_al",php,webapps,0 -24229,platforms/php/webapps/24229.txt,"Wordpress plugin Ripe HD FLV Player - SQL Injection Vulnerability",2013-01-19,Zikou-16,php,webapps,0 +24229,platforms/php/webapps/24229.txt,"WordPress plugin Ripe HD FLV Player - SQL Injection Vulnerability",2013-01-19,Zikou-16,php,webapps,0 24231,platforms/php/webapps/24231.txt,"ArbitroWeb PHP Proxy 0.5/0.6 - Cross-Site Scripting Vulnerability",2004-06-22,"Josh Gilmour",php,webapps,0 24232,platforms/php/webapps/24232.txt,"PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - Multiple Vulnerabilities",2004-06-23,"Janek Vind",php,webapps,0 24233,platforms/freebsd/dos/24233.c,"FreeBSD 4.10/5.x - execve() Unaligned Memory Access Denial of Service Vulnerability",2004-06-23,"Marceta Milos",freebsd,dos,0 @@ -21485,7 +21485,7 @@ id,file,description,date,author,platform,type,port 24291,platforms/php/webapps/24291.txt,"Outblaze Webmail - HTML Injection Vulnerability",2004-07-19,DarkBicho,php,webapps,0 24292,platforms/php/webapps/24292.txt,"Adam Ismay Print Topic Mod 1.0 - SQL Injection Vulnerability",2004-07-19,"Bartek Nowotarski",php,webapps,0 24293,platforms/sco/local/24293.c,"SCO Multi-channel Memorandum Distribution Facility Multiple Vulnerabilities",2004-07-20,"Ramon Valle",sco,local,0 -24294,platforms/php/webapps/24294.txt,"Wordpress Developer Formatter - CSRF Vulnerability",2013-01-22,"Junaid Hussain",php,webapps,0 +24294,platforms/php/webapps/24294.txt,"WordPress Developer Formatter - CSRF Vulnerability",2013-01-22,"Junaid Hussain",php,webapps,0 24295,platforms/php/webapps/24295.txt,"Adult Webmaster Script Password Disclosure Vulnerability",2013-01-22,"Dshellnoi Unix",php,webapps,0 24356,platforms/php/webapps/24356.txt,"Moodle 1.x - 'post.php' Cross-Site Scripting Vulnerability",2004-08-16,"Javier Ubilla",php,webapps,0 24296,platforms/php/webapps/24296.txt,"Nucleus CMS 3.0_Blog:CMS 3_PunBB 1.x Common.PHP Remote File Include Vulnerability",2004-07-20,"Radek Hulan",php,webapps,0 @@ -21717,7 +21717,7 @@ id,file,description,date,author,platform,type,port 24549,platforms/php/remote/24549.rb,"PolarPearCMS PHP File Upload Vulnerability",2013-02-26,metasploit,php,remote,0 24550,platforms/hardware/webapps/24550.txt,"WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities",2013-02-26,Vulnerability-Lab,hardware,webapps,0 24551,platforms/php/webapps/24551.txt,"Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability",2013-02-27,EgiX,php,webapps,0 -24552,platforms/php/webapps/24552.txt,"Wordpress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 +24552,platforms/php/webapps/24552.txt,"WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 24555,platforms/linux/local/24555.c,"Archlinux x86-64 3.3.x - 3.7.x x86-64 - sock_diag_handlers[] Local Root",2013-02-27,sd,linux,local,0 24556,platforms/windows/dos/24556.py,"Hanso Player 2.1.0 - (.m3u) Buffer Overflow Vulnerability",2013-03-01,metacom,windows,dos,0 24557,platforms/windows/remote/24557.py,"Sami FTP Server 2.0.1 LIST Command Buffer Overflow",2013-03-01,superkojiman,windows,remote,0 @@ -21827,7 +21827,7 @@ id,file,description,date,author,platform,type,port 24664,platforms/php/webapps/24664.txt,"DCP-Portal 3.7/4.x/5.x - Multiple HTML Injection Vulnerabilities",2004-10-06,"Alexander Antipov",php,webapps,0 24665,platforms/php/webapps/24665.txt,"DCP-Portal 3.7/4.x/5.x Calendar.PHP HTTP Response Splitting Vulnerability",2004-10-06,"Alexander Antipov",php,webapps,0 24666,platforms/asp/webapps/24666.txt,"Microsoft ASP.NET 1.x URI Canonicalization Unauthorized Web Access Vulnerability",2004-10-06,anonymous,asp,webapps,0 -24667,platforms/php/webapps/24667.txt,"Wordpress 1.2 - Wp-login.PHP HTTP Response Splitting Vulnerability",2004-10-07,"Chaotic Evil",php,webapps,0 +24667,platforms/php/webapps/24667.txt,"WordPress 1.2 - Wp-login.PHP HTTP Response Splitting Vulnerability",2004-10-07,"Chaotic Evil",php,webapps,0 24668,platforms/multiple/dos/24668.txt,"Jera Technology Flash Messaging Server 5.2 - Remote Denial of Service Vulnerability",2004-10-07,"Luigi Auriemma",multiple,dos,0 24669,platforms/linux/remote/24669.txt,"MySQL 3.x/4.x ALTER TABLE/RENAME Forces Old Permission Checks",2004-10-08,"Oleksandr Byelkin",linux,remote,0 24670,platforms/asp/webapps/24670.txt,"Go Smart Inc GoSmart Message Board Multiple Input Validation Vulnerabilities",2004-10-11,"Positive Technologies",asp,webapps,0 @@ -21870,7 +21870,7 @@ id,file,description,date,author,platform,type,port 24922,platforms/multiple/webapps/24922.txt,"OTRS 3.x - FAQ Module Persistent XSS",2013-04-08,"Luigi Vezzoso",multiple,webapps,0 24707,platforms/multiple/remote/24707.txt,"Google Desktop Search Remote Cross-Site Scripting Vulnerability",2004-10-26,"Salvatore Aranzulla",multiple,remote,0 24708,platforms/windows/dos/24708.txt,"Quicksilver Master of Orion III 1.2.5 - Multiple Remote Denial of Service Vulnerabilities",2004-10-27,"Luigi Auriemma",windows,dos,0 -24889,platforms/php/webapps/24889.txt,"Wordpress Mathjax Latex Plugin 1.1 - CSRF Vulnerability",2013-03-26,"Junaid Hussain",php,webapps,0 +24889,platforms/php/webapps/24889.txt,"WordPress Mathjax Latex Plugin 1.1 - CSRF Vulnerability",2013-03-26,"Junaid Hussain",php,webapps,0 24890,platforms/windows/remote/24890.rb,"ActFax 5.01 RAW Server Buffer Overflow",2013-03-26,metasploit,windows,remote,0 24710,platforms/multiple/dos/24710.txt,"id software quake ii server 3.2 - Multiple Vulnerabilities",2004-10-27,"Richard Stanway",multiple,dos,0 24711,platforms/php/remote/24711.php,"PHP 4.x/5 cURL Open_Basedir Restriction Bypass Vulnerability",2004-10-28,FraMe,php,remote,0 @@ -22066,7 +22066,7 @@ id,file,description,date,author,platform,type,port 24910,platforms/windows/local/24910.txt,"VirtualDJ Pro/Home <= 7.3 - Buffer Overflow Vulnerability",2013-04-02,"Alexandro Sánchez Bach",windows,local,0 24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 (index.php p param) - Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 24913,platforms/php/webapps/24913.txt,"Network Weathermap 0.97a (editor.php) - Persistent XSS",2013-04-02,"Daniel Ricardo dos Santos",php,webapps,0 -24914,platforms/php/webapps/24914.txt,"Wordpress FuneralPress Plugin 1.1.6 - Persistent XSS",2013-04-02,"Rob Armstrong",php,webapps,0 +24914,platforms/php/webapps/24914.txt,"WordPress FuneralPress Plugin 1.1.6 - Persistent XSS",2013-04-02,"Rob Armstrong",php,webapps,0 24915,platforms/multiple/webapps/24915.txt,"Aspen 0.8 - Directory Traversal",2013-04-02,"Daniel Ricardo dos Santos",multiple,webapps,0 24916,platforms/hardware/webapps/24916.txt,"Netgear WNR1000 - Authentication Bypass",2013-04-02,"Roberto Paleari",hardware,webapps,0 24919,platforms/windows/local/24919.py,"HexChat 2.9.4 - Local Exploit",2013-04-07,"Matt Andreko",windows,local,0 @@ -22294,7 +22294,7 @@ id,file,description,date,author,platform,type,port 25134,platforms/linux/local/25134.c,"sudo 1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass",2013-05-01,aeon,linux,local,0 25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - (Date Parameter) Cross-Site Scripting Vulnerability",2013-05-01,demonalex,windows,dos,0 25136,platforms/php/remote/25136.rb,"phpMyAdmin Authenticated Remote Code Execution via preg_replace()",2013-05-01,metasploit,php,remote,0 -25137,platforms/php/remote/25137.rb,"Wordpress W3 Total Cache - PHP Code Execution",2013-05-01,metasploit,php,remote,0 +25137,platforms/php/remote/25137.rb,"WordPress W3 Total Cache - PHP Code Execution",2013-05-01,metasploit,php,remote,0 25138,platforms/hardware/webapps/25138.txt,"D-Link IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25139,platforms/hardware/webapps/25139.txt,"Vivotek IP Cameras Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25140,platforms/windows/dos/25140.txt,"WPS Office Wpsio.dll - Stack Buffer Overflow Vulnerability",2013-05-01,Zhangjiantao,windows,dos,0 @@ -22583,7 +22583,7 @@ id,file,description,date,author,platform,type,port 25437,platforms/php/webapps/25437.txt,"eGroupWare 1.0 index.php cats_app Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 25438,platforms/php/webapps/25438.txt,"MVNForum 1.0 - Search Cross-Site Scripting Vulnerability",2005-04-18,"hoang yen",php,webapps,0 25439,platforms/multiple/dos/25439.c,"Multiple Vendor TCP Session Acknowledgement Number Denial of Service Vulnerability",2004-12-13,"Antonio M. D. S. Fortes",multiple,dos,0 -25440,platforms/php/webapps/25440.txt,"Wordpress wp-FileManager - Arbitrary File Download Vulnerability",2013-05-14,ByEge,php,webapps,0 +25440,platforms/php/webapps/25440.txt,"WordPress wp-FileManager - Arbitrary File Download Vulnerability",2013-05-14,ByEge,php,webapps,0 25441,platforms/php/webapps/25441.txt,"IPB (Invision Power Board) 1.x? / 2.x / 3.x - Admin Account Takeover",2013-05-14,"John JEAN",php,webapps,0 25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - (invoicefunctions.php id param) SQL Injection Vulnerability",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 25443,platforms/windows/dos/25443.txt,"Quick Search 1.1.0.189 - Buffer Overflow Vulnerability (SEH)",2013-05-14,ariarat,windows,dos,0 @@ -22828,7 +22828,7 @@ id,file,description,date,author,platform,type,port 25679,platforms/php/webapps/25679.txt,"JGS-Portal 3.0.1/3.0.2 jgs_portal_sponsor.php id Parameter SQL Injection",2005-05-16,deluxe@security-project.org,php,webapps,0 25680,platforms/windows/dos/25680.txt,"War Times Remote Game Server Denial of Service Vulnerability",2005-05-17,"Luigi Auriemma",windows,dos,0 25681,platforms/php/webapps/25681.php,"FusionPHP Fusion News 3.3/3.6 X-ForwordedFor PHP Script Code Injection Vulnerability",2005-05-24,"Network security team",php,webapps,0 -25682,platforms/php/webapps/25682.txt,"Wordpress 1.5 - Post.PHP Cross-Site Scripting Vulnerability",2005-05-17,"Thomas Waldegger",php,webapps,0 +25682,platforms/php/webapps/25682.txt,"WordPress 1.5 - Post.PHP Cross-Site Scripting Vulnerability",2005-05-17,"Thomas Waldegger",php,webapps,0 25683,platforms/php/webapps/25683.txt,"Help Center Live 1.0/1.2.x - Multiple Input Validation Vulnerabilities",2005-05-24,"GulfTech Security",php,webapps,0 25684,platforms/hardware/remote/25684.html,"D-Link DSL Router Remote Authentication Bypass Vulnerability",2005-05-19,"Francesco Orro",hardware,remote,0 25685,platforms/jsp/webapps/25685.txt,"Sun JavaMail 1.3 API MimeMessage Infromation Disclosure Vulnerability",2005-05-19,"Ricky Latt",jsp,webapps,0 @@ -22866,9 +22866,9 @@ id,file,description,date,author,platform,type,port 25716,platforms/php/webapps/25716.py,"AVE.CMS <= 2.09 (index.php module param) - Blind SQL Injection Exploit",2013-05-26,mr.pr0n,php,webapps,0 25718,platforms/hardware/local/25718.txt,"Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution",2013-05-26,Vulnerability-Lab,hardware,local,0 25719,platforms/windows/dos/25719.txt,"Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities",2013-05-26,Vulnerability-Lab,windows,dos,0 -25721,platforms/php/webapps/25721.txt,"Wordpress User Role Editor Plugin 3.12 - CSRF Vulnerability",2013-05-26,"Henry Hoggard",php,webapps,0 -25723,platforms/php/webapps/25723.txt,"Wordpress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 -25724,platforms/php/webapps/25724.txt,"Wordpress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 +25721,platforms/php/webapps/25721.txt,"WordPress User Role Editor Plugin 3.12 - CSRF Vulnerability",2013-05-26,"Henry Hoggard",php,webapps,0 +25723,platforms/php/webapps/25723.txt,"WordPress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 +25724,platforms/php/webapps/25724.txt,"WordPress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 25725,platforms/windows/local/25725.rb,"AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass",2013-05-26,metasploit,windows,local,0 25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 (menager.php playlist_id param) - SQL Injection Vulnerability",2013-05-26,Rooster(XEKA),php,webapps,0 25727,platforms/php/webapps/25727.txt,"BookReview 1.0 add_review.htm Multiple Parameter XSS",2005-05-26,Lostmon,php,webapps,0 @@ -23277,7 +23277,7 @@ id,file,description,date,author,platform,type,port 26121,platforms/php/webapps/26121.txt,"FunkBoard 0.66 profile.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 26122,platforms/php/webapps/26122.txt,"FunkBoard 0.66 register.php Multiple Parameter XSS",2005-08-08,rgod,php,webapps,0 26123,platforms/multiple/remote/26123.rb,"Java Web Start Double Quote Injection Remote Code Execution",2013-06-11,Rh0,multiple,remote,0 -26124,platforms/php/webapps/26124.txt,"Wordpress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities",2013-06-11,expl0i13r,php,webapps,0 +26124,platforms/php/webapps/26124.txt,"WordPress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities",2013-06-11,expl0i13r,php,webapps,0 26125,platforms/php/webapps/26125.txt,"Weathermap 0.97c (editor.php mapname param) - Local File Inclusion",2013-06-11,"Anthony Dubuissez",php,webapps,0 26126,platforms/php/webapps/26126.txt,"NanoBB 0.7 - Multiple Vulnerabilities",2013-06-11,"CWH Underground",php,webapps,0 26127,platforms/php/webapps/26127.txt,"TriggerTG TClanPortal 3.0 - Multiple SQL Injection Vulnerabilities",2005-08-09,admin@batznet.com,php,webapps,0 @@ -23656,7 +23656,7 @@ id,file,description,date,author,platform,type,port 26519,platforms/windows/dos/26519.py,"AVS Media Player 4.1.11.100 - (.ac3) Denial of Service",2013-07-01,metacom,windows,dos,0 26520,platforms/windows/local/26520.py,"Static HTTP Server 1.0 - SEH Overflow",2013-07-01,"Jacob Holcomb",windows,local,0 26521,platforms/php/webapps/26521.txt,"C.P.Sub 4.5 - Authentication Bypass",2013-07-01,Chako,php,webapps,0 -26523,platforms/windows/local/26523.rb,"AudioCoder (.lst) - Buffer Overflow (msf)",2013-07-01,Asesino04,windows,local,0 +26523,platforms/windows/local/26523.rb,"AudioCoder (.lst) - Buffer Overflow (Metasploit)",2013-07-01,Asesino04,windows,local,0 27437,platforms/php/webapps/27437.txt,"Invision Power Services Invision Board 2.0.4 index.php st Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 26525,platforms/windows/local/26525.py,"Adrenalin Player 2.2.5.3 - (.wvx) SEH Buffer Overflow",2013-07-01,MrXors,windows,local,0 26526,platforms/windows/dos/26526.py,"VLC Media Player 2.0.7 - (.png) Crash PoC",2013-07-01,"Kevin Fujimoto",windows,dos,0 @@ -23933,7 +23933,7 @@ id,file,description,date,author,platform,type,port 26801,platforms/php/webapps/26801.txt,"Snipe Gallery 3.1.4 - search.php keyword Parameter XSS",2005-12-13,r0t,php,webapps,0 26802,platforms/hardware/dos/26802.py,"Tri-PLC Nano-10 r81 - Denial of Service",2013-07-13,Sapling,hardware,dos,0 27438,platforms/php/webapps/27438.txt,"Invision Power Services Invision Board 2.0.4 Calendar Action Multiple Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 -26804,platforms/php/webapps/26804.txt,"Wordpress Spicy Blogroll Plugin - File Inclusion Vulnerability",2013-07-13,Ahlspiess,php,webapps,0 +26804,platforms/php/webapps/26804.txt,"WordPress Spicy Blogroll Plugin - File Inclusion Vulnerability",2013-07-13,Ahlspiess,php,webapps,0 26805,platforms/windows/local/26805.rb,"Corel PDF Fusion Stack Buffer Overflow",2013-07-13,metasploit,windows,local,0 26806,platforms/asp/webapps/26806.txt,"BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",asp,webapps,0 26807,platforms/windows/webapps/26807.txt,"McAfee ePO 4.6.6 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",windows,webapps,0 @@ -24133,7 +24133,7 @@ id,file,description,date,author,platform,type,port 27633,platforms/php/webapps/27633.txt,"MyBB 1.10 Member.PHP Cross-Site Scripting Vulnerability",2006-04-12,o.y.6,php,webapps,0 27005,platforms/hardware/webapps/27005.txt,"Barracuda LB_ SVF_ WAF & WEF - Multiple Vulnerabilities",2013-07-22,Vulnerability-Lab,hardware,webapps,0 27006,platforms/hardware/webapps/27006.txt,"Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability",2013-07-22,Vulnerability-Lab,hardware,webapps,0 -27007,platforms/windows/remote/27007.rb,"PCMan FTP Server 2.0.7 - Remote Exploit (msf)",2013-07-22,MSJ,windows,remote,21 +27007,platforms/windows/remote/27007.rb,"PCMan FTP Server 2.0.7 - Remote Exploit (Metasploit)",2013-07-22,MSJ,windows,remote,21 27439,platforms/php/webapps/27439.txt,"Invision Power Services Invision Board 2.0.4 Print Action t Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 27440,platforms/php/webapps/27440.txt,"Invision Power Services Invision Board 2.0.4 Mail Action MID Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 27441,platforms/php/webapps/27441.txt,"Invision Power Services Invision Board 2.0.4 Help Action HID Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 @@ -24403,7 +24403,7 @@ id,file,description,date,author,platform,type,port 27494,platforms/php/webapps/27494.txt,"PHPmyfamily 1.4.1 Track.PHP Cross-Site Scripting Vulnerability",2006-03-28,matrix_killer,php,webapps,0 27495,platforms/php/webapps/27495.txt,"phpCOIN 1.2 mod_print.php fs Parameter XSS",2006-03-28,r0t,php,webapps,0 27496,platforms/php/webapps/27496.txt,"phpCOIN 1.2 mod.php fs Parameter XSS",2006-03-28,r0t,php,webapps,0 -27271,platforms/windows/remote/27271.rb,"HP Data Protector CMD Install Service Vulnerability (msf)",2013-08-02,"Ben Turner",windows,remote,0 +27271,platforms/windows/remote/27271.rb,"HP Data Protector CMD Install Service Vulnerability (Metasploit)",2013-08-02,"Ben Turner",windows,remote,0 27272,platforms/php/webapps/27272.txt,"SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload",2013-08-02,spyk2r,php,webapps,0 27273,platforms/windows/dos/27273.txt,"TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) - Crash PoC",2013-08-02,d3b4g,windows,dos,0 27274,platforms/php/webapps/27274.txt,"Ginkgo CMS (index.php rang param) - SQL Injection",2013-08-02,Raw-x,php,webapps,0 @@ -24421,7 +24421,7 @@ id,file,description,date,author,platform,type,port 27287,platforms/php/webapps/27287.txt,"Cotonti 0.9.13 - SQL Injection Vulnerability",2013-08-02,"High-Tech Bridge SA",php,webapps,0 27288,platforms/hardware/webapps/27288.txt,"Western Digital My Net Wireless Routers - Password Disclosure",2013-08-02,"Kyle Lovett",hardware,webapps,0 27289,platforms/hardware/webapps/27289.txt,"TP-Link TL-SC3171 IP Cameras - Multiple Vulnerabilities",2013-08-02,"Core Security",hardware,webapps,0 -27290,platforms/php/webapps/27290.txt,"Wordpress Plugin Better WP Security - Stored XSS",2013-08-02,"Richard Warren",php,webapps,0 +27290,platforms/php/webapps/27290.txt,"WordPress Plugin Better WP Security - Stored XSS",2013-08-02,"Richard Warren",php,webapps,0 27291,platforms/windows/webapps/27291.txt,"Oracle Hyperion 11 - Directory Traversal",2013-08-02,"Richard Warren",windows,webapps,19000 27292,platforms/windows/dos/27292.py,"EchoVNC Viewer Remote DoS Vulnerability",2013-08-02,Z3r0n3,windows,dos,0 27293,platforms/php/remote/27293.rb,"PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution",2013-08-02,metasploit,php,remote,7443 @@ -24524,11 +24524,11 @@ id,file,description,date,author,platform,type,port 27396,platforms/php/webapps/27396.txt,"txtForum 1.0.3/1.0.4 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-09,"Nenad Jovanovic",php,webapps,0 27397,platforms/linux/remote/27397.txt,"Apache suEXEC - Privilege Elevation / Information Disclosure",2013-08-07,kingcope,linux,remote,0 27398,platforms/php/webapps/27398.txt,"Pluck CMS 4.7 - HTML Code Injection",2013-08-07,"Yashar shahinzadeh",php,webapps,0 -27399,platforms/php/webapps/27399.txt,"Wordpress Booking Calendar 4.1.4 - CSRF Vulnerability",2013-08-07,"Dylan Irzi",php,webapps,0 +27399,platforms/php/webapps/27399.txt,"WordPress Booking Calendar 4.1.4 - CSRF Vulnerability",2013-08-07,"Dylan Irzi",php,webapps,0 27400,platforms/windows/remote/27400.py,"HP Data Protector Arbitrary Remote Command Execution",2013-08-07,"Alessandro Di Pinto and Claudio Moletta",windows,remote,0 27401,platforms/windows/remote/27401.py,"(Gabriel's FTP Server) Open & Compact FTP Server <= 1.2 - Auth Bypass & Directory Traversal SAM Retrieval Exploit",2013-08-07,Wireghoul,windows,remote,0 27402,platforms/hardware/webapps/27402.txt,"Hikvision IP Cameras 4.1.0 b130111 - Multiple Vulnerabilities",2013-08-07,"Core Security",hardware,webapps,0 -27403,platforms/php/webapps/27403.txt,"Wordpress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability",2013-08-07,RogueCoder,php,webapps,0 +27403,platforms/php/webapps/27403.txt,"WordPress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability",2013-08-07,RogueCoder,php,webapps,0 27405,platforms/php/webapps/27405.txt,"Joomla Sectionex Component 2.5.96 - SQL Injection Vulnerability",2013-08-07,"Matias Fontanini",php,webapps,0 27406,platforms/windows/webapps/27406.txt,"McAfee Superscan 4.0 - XSS Vulnerability",2013-08-07,"Trustwave's SpiderLabs",windows,webapps,0 27407,platforms/windows/dos/27407.pl,"UnrealIRCd 3.x - Remote Denial of Service Vulnerability",2006-03-09,"Brandon Milner",windows,dos,0 @@ -24640,7 +24640,7 @@ id,file,description,date,author,platform,type,port 27527,platforms/multiple/remote/27527.rb,"Ruby on Rails Known Secret Session Cookie Remote Code Execution",2013-08-12,metasploit,multiple,remote,0 27529,platforms/php/remote/27529.rb,"OpenX Backdoor PHP Code Execution",2013-08-12,metasploit,php,remote,0 27530,platforms/multiple/remote/27530.rb,"Squash YAML Code Execution",2013-08-12,metasploit,multiple,remote,0 -27531,platforms/php/webapps/27531.txt,"Wordpress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 +27531,platforms/php/webapps/27531.txt,"WordPress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 27532,platforms/php/webapps/27532.txt,"Joomla redSHOP Component 1.2 - SQL Injection",2013-08-12,"Matias Fontanini",php,webapps,0 27534,platforms/php/webapps/27534.txt,"MediaSlash Gallery Index.PHP Remote File Include Vulnerability",2006-03-30,"Morocco Security Team",php,webapps,0 27535,platforms/php/webapps/27535.txt,"O2PHP Oxygen 1.0/1.1 Post.PHP SQL Injection Vulnerability",2006-03-30,"Morocco Security Team",php,webapps,0 @@ -24808,7 +24808,7 @@ id,file,description,date,author,platform,type,port 28062,platforms/asp/webapps/28062.txt,"Cisco CallManager 3.x/4.x Web Interface ccmuser/logon.asp XSS",2006-06-19,"Jake Reynolds",asp,webapps,0 28700,platforms/php/webapps/28700.txt,"CubeCart 3.0.x view_order.php order_id Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28053,platforms/hardware/webapps/28053.txt,"Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities",2013-09-03,"Kyle Lovett",hardware,webapps,0 -28054,platforms/php/webapps/28054.txt,"Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 +28054,platforms/php/webapps/28054.txt,"WordPress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 27700,platforms/windows/dos/27700.py,"VLC Player 2.0.8 - (.m3u) Local Crash PoC",2013-08-19,Asesino04,windows,dos,0 27707,platforms/php/webapps/27707.txt,"I-RATER Platinum Common.PHP Remote File Include Vulnerability",2006-04-20,r0t,php,webapps,0 27708,platforms/php/webapps/27708.txt,"EasyGallery 1.17 EasyGallery.PHP Cross-Site Scripting Vulnerability",2006-04-20,botan,php,webapps,0 @@ -24859,7 +24859,7 @@ id,file,description,date,author,platform,type,port 27747,platforms/windows/remote/27747.pl,"freeFTPd 1.0.10 (PASS Command) - SEH Buffer Overflow",2013-08-21,Wireghoul,windows,remote,21 27749,platforms/hardware/dos/27749.rb,"Schneider Electric PLC ETY Series Ethernet Controller - Denial of Service",2013-08-21,"Arash Abedian",hardware,dos,0 27750,platforms/php/webapps/27750.py,"Bitbot C2 Panel gate2.php - Multiple Vulnerabilities",2013-08-21,bwall,php,webapps,0 -27751,platforms/php/webapps/27751.txt,"Wordpress ThinkIT Plugin 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 +27751,platforms/php/webapps/27751.txt,"WordPress ThinkIT Plugin 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 27752,platforms/unix/remote/27752.rb,"Graphite Web Unsafe Pickle Handling",2013-08-21,metasploit,unix,remote,0 27753,platforms/hardware/webapps/27753.txt,"Samsung DVR Firmware 1.10 - Authentication Bypass",2013-08-21,"Andrea Fabrizi",hardware,webapps,80 27754,platforms/windows/remote/27754.txt,"Oracle Java BytePackedRaster.verify() Signed Integer Overflow",2013-08-21,"Packet Storm",windows,remote,0 @@ -25239,7 +25239,7 @@ id,file,description,date,author,platform,type,port 28167,platforms/php/webapps/28167.txt,"Invision Power Board 1.x/2.x - Multiple SQL Injection Vulnerabilities",2006-07-05,"CrAzY CrAcKeR",php,webapps,0 28168,platforms/php/webapps/28168.txt,"Blog:CMS 4.1 Thumb.PHP Remote File Include Vulnerability",2006-07-05,"EllipSiS Security",php,webapps,0 28169,platforms/windows/dos/28169.html,"Microsoft Internet Explorer 5.0.1/6.0 Structured Graphics Control Denial of Service Vulnerability",2006-07-06,hdm,windows,dos,0 -28170,platforms/windows/remote/28170.rb,"freeFTPd 1.0.10 PASS Command SEH Overflow (msf)",2013-09-09,"Muhamad Fadzil Ramli",windows,remote,21 +28170,platforms/windows/remote/28170.rb,"freeFTPd 1.0.10 PASS Command SEH Overflow (Metasploit)",2013-09-09,"Muhamad Fadzil Ramli",windows,remote,21 28171,platforms/php/webapps/28171.txt,"Zyxware Health Monitoring System - Multiple Vulnerabilities",2013-09-09,"Sarahma Security",php,webapps,0 28273,platforms/php/webapps/28273.txt,"PHPSavant Savant2 stylesheet.php mosConfig_absolute_path Parameter Remote File Inclusion",2006-07-25,botan,php,webapps,0 28174,platforms/php/webapps/28174.txt,"Moodle 2.3.8_ 2.4.5 - Multiple Vulnerabilities",2013-09-09,"Ciaran McNally",php,webapps,0 @@ -25391,7 +25391,7 @@ id,file,description,date,author,platform,type,port 28325,platforms/php/webapps/28325.txt,"OZJournals 1.5 - Multiple Input Validation Vulnerabilities",2006-08-02,Luny,php,webapps,0 28326,platforms/php/webapps/28326.txt,"VWar 1.x war.php page Parameter XSS",2006-08-03,mfoxhacker,php,webapps,0 28327,platforms/php/webapps/28327.txt,"VWar 1.x war.php Multiple Parameter SQL Injection",2006-08-03,mfoxhacker,php,webapps,0 -28328,platforms/windows/remote/28328.rb,"PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (MSF)",2013-09-17,"Rick Flores",windows,remote,21 +28328,platforms/windows/remote/28328.rb,"PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (Metasploit)",2013-09-17,"Rick Flores",windows,remote,21 28329,platforms/php/webapps/28329.txt,"OpenEMR 4.1.1 Patch 14 - Multiple Vulnerabilities",2013-09-17,xistence,php,webapps,0 28330,platforms/php/webapps/28330.txt,"Western Digital Arkeia Appliance 10.0.10 - Multiple Vulnerabilities",2013-09-17,xistence,php,webapps,0 28331,platforms/windows/remote/28331.txt,"Oracle Java ShortComponentRaster.verify() Memory Corruption",2013-09-17,"Packet Storm",windows,remote,0 @@ -25440,12 +25440,12 @@ id,file,description,date,author,platform,type,port 28374,platforms/windows/remote/28374.txt,"IPCheck Server Monitor 5.x - Directory Traversal Vulnerability",2006-08-10,"Tassi Raeburn",windows,remote,0 28375,platforms/windows/dos/28375.pl,"TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability",2013-09-18,LiquidWorm,windows,dos,0 28376,platforms/windows/remote/28376.html,"McKesson ActiveX File/Environmental Variable Enumeration",2013-09-18,blake,windows,remote,0 -28377,platforms/php/webapps/28377.txt,"Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability",2013-09-18,Vulnerability-Lab,php,webapps,0 +28377,platforms/php/webapps/28377.txt,"WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability",2013-09-18,Vulnerability-Lab,php,webapps,0 28378,platforms/php/webapps/28378.txt,"MyWebland miniBloggie 1.0 Fname Remote File Include Vulnerability",2006-08-10,sh3ll,php,webapps,0 28379,platforms/php/webapps/28379.txt,"WEBinsta Mailing List Manager 1.3 Install3.PHP Remote File Include Vulnerability",2006-08-10,"Philipp Niedziela",php,webapps,0 28380,platforms/linux/dos/28380.txt,"Mozilla Firefox 1.0.x JavaScript Handler Race Condition Memory Corruption Vulnerability",2006-08-12,"Michal Zalewski",linux,dos,0 28381,platforms/windows/dos/28381.txt,"Microsoft windows xp/2000/2003 help Multiple Vulnerabilities",2006-08-12,"Benjamin Tobias Franz",windows,dos,0 -28382,platforms/php/webapps/28382.txt,"WP-DB Backup For Wordpress 1.6/1.7 Edit.PHP - Directory Traversal Vulnerability",2006-08-14,"marc & shb",php,webapps,0 +28382,platforms/php/webapps/28382.txt,"WP-DB Backup For WordPress 1.6/1.7 Edit.PHP - Directory Traversal Vulnerability",2006-08-14,"marc & shb",php,webapps,0 28383,platforms/linux/dos/28383.txt,"ImageMagick 6.x SGI Image File Remote Heap Buffer Overflow Vulnerability",2006-08-14,"Damian Put",linux,dos,0 28384,platforms/linux/dos/28384.txt,"Libmusicbrainz 2.0.2/2.1.x - Multiple Buffer Overflow Vulnerabilities",2006-08-14,"Luigi Auriemma",linux,dos,0 28385,platforms/asp/webapps/28385.txt,"BlaBla 4U Multiple Cross-Site Scripting Vulnerabilities",2006-08-14,Vampire,asp,webapps,0 @@ -25468,7 +25468,7 @@ id,file,description,date,author,platform,type,port 28404,platforms/php/webapps/28404.txt,"Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Include Vulnerabilities",2006-08-18,Crackers_Child,php,webapps,0 28405,platforms/linux/local/28405.txt,"Roxio Toast 7 - DejaVu Component PATH Variable Local Privilege Escalation Vulnerability",2006-08-18,Netragard,linux,local,0 28406,platforms/php/webapps/28406.txt,"XennoBB 1.0.x/2.2 Icon_Topic SQL Injection Vulnerability",2006-08-19,"Chris Boulton",php,webapps,0 -28407,platforms/php/remote/28407.rb,"Western Digital Arkeia Remote Code Execution (msf module)",2013-09-20,xistence,php,remote,0 +28407,platforms/php/remote/28407.rb,"Western Digital Arkeia Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 28408,platforms/php/remote/28408.rb,"OpenEMR 4.1.1 Patch 14 - SQLi Privilege Escalation Remote Code Execution",2013-09-20,xistence,php,remote,0 28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 (index.php onlyforuser param) - SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 28410,platforms/php/webapps/28410.txt,"Mambo Display MOSBot Manager Component mosConfig_absolute_path Remote File Include Vulnerability",2006-08-21,O.U.T.L.A.W,php,webapps,0 @@ -25520,7 +25520,7 @@ id,file,description,date,author,platform,type,port 28468,platforms/php/webapps/28468.txt,"YACS 6.6.1 - Multiple Remote File Include Vulnerabilities",2006-09-01,MATASANOS,php,webapps,0 28450,platforms/hardware/remote/28450.py,"FiberHome Modem Router HG-110 - Authentication Bypass To Remote Change DNS Servers",2013-09-22,"Javier Perez",hardware,remote,0 28451,platforms/windows/dos/28451.txt,"Share KM 1.0.19 - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 -28452,platforms/php/webapps/28452.txt,"Wordpress Lazy SEO plugin 1.1.9 - Shell Upload Vulnerability",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 +28452,platforms/php/webapps/28452.txt,"WordPress Lazy SEO plugin 1.1.9 - Shell Upload Vulnerability",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 28453,platforms/php/webapps/28453.txt,"ezContents 2.0.3 - event_list.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28454,platforms/php/webapps/28454.txt,"ezContents 2.0.3 - calendar.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28455,platforms/php/webapps/28455.txt,"ezContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 @@ -25542,7 +25542,7 @@ id,file,description,date,author,platform,type,port 28482,platforms/windows/remote/28482.rb,"Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071)",2013-09-23,metasploit,windows,remote,0 28483,platforms/php/remote/28483.rb,"GLPI install.php Remote Command Execution",2013-09-23,metasploit,php,remote,80 28484,platforms/hardware/remote/28484.rb,"Linksys WRT110 - Remote Command Execution",2013-09-23,metasploit,hardware,remote,0 -28485,platforms/php/webapps/28485.txt,"Wordpress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 +28485,platforms/php/webapps/28485.txt,"WordPress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 28486,platforms/php/webapps/28486.txt,"In-Portal In-Link 2.3.4 ADODB_DIR.PHP Remote File Include Vulnerability",2006-09-04,"Saudi Hackrz",php,webapps,0 28487,platforms/php/webapps/28487.txt,"PHP-Nuke MyHeadlines 4.3.1 Module Cross-Site Scripting Vulnerability",2006-09-04,"Thomas Pollet",php,webapps,0 28488,platforms/php/webapps/28488.php,"PHP-Proxima 6.0 BB_Smilies.PHP Local File Include Vulnerability",2006-09-04,Kacper,php,webapps,0 @@ -25854,7 +25854,7 @@ id,file,description,date,author,platform,type,port 29213,platforms/windows/local/29213.pl,"Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)",2013-10-26,"Mike Czumak",windows,local,0 28806,platforms/linux/local/28806.txt,"davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit",2013-10-08,"Lorenzo Cantoni",linux,local,0 28807,platforms/php/webapps/28807.py,"WHMCS 5.2.7 - SQL Injection Vulnerability",2013-10-08,localhost.re,php,webapps,0 -28808,platforms/php/webapps/28808.txt,"Wordpress Quick Contact Form Plugin 6.0 - Persistent XSS",2013-10-08,Zy0d0x,php,webapps,0 +28808,platforms/php/webapps/28808.txt,"WordPress Quick Contact Form Plugin 6.0 - Persistent XSS",2013-10-08,Zy0d0x,php,webapps,0 28809,platforms/windows/remote/28809.rb,"HP LoadRunner magentproc.exe Overflow",2013-10-08,metasploit,windows,remote,443 28810,platforms/unix/remote/28810.rb,"GestioIP Remote Command Execution",2013-10-08,metasploit,unix,remote,0 28811,platforms/osx/dos/28811.txt,"Apple Motion 5.0.7 Integer Overflow Vulnerability",2013-10-08,"Jean Pascal Pereira",osx,dos,0 @@ -26004,7 +26004,7 @@ id,file,description,date,author,platform,type,port 28955,platforms/windows/local/28955.py,"Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow SEH",2013-10-14,metacom,windows,local,0 28956,platforms/php/webapps/28956.txt,"StatusNet/Laconica 0.7.4_ 0.8.2_ 0.9.0beta3 - Arbitrary File Reading",2013-10-14,spiderboy,php,webapps,80 28957,platforms/android/dos/28957.txt,"Android Zygote - Socket Vulnerability Fork bomb Attack",2013-10-14,"Luca Verderame",android,dos,0 -28959,platforms/php/webapps/28959.txt,"Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 +28959,platforms/php/webapps/28959.txt,"WordPress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 28960,platforms/php/webapps/28960.py,"aMSN 0.98.9 Web App - Multiple Vulnerabilities",2013-10-14,drone,php,webapps,80 29086,platforms/asp/webapps/29086.txt,"ActiveNews Manager activenews_view.asp articleID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 28962,platforms/multiple/remote/28962.rb,"VMware Hyperic HQ Groovy Script-Console Java Execution",2013-10-14,metasploit,multiple,remote,0 @@ -26015,7 +26015,7 @@ id,file,description,date,author,platform,type,port 28967,platforms/php/webapps/28967.txt,"ExoPHPdesk 1.2 Pipe.PHP Remote File Include Vulnerability",2006-11-11,Firewall1954,php,webapps,0 28968,platforms/windows/remote/28968.html,"Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow",2013-10-15,blake,windows,remote,0 28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow",2013-10-15,metacom,windows,local,0 -28970,platforms/php/webapps/28970.txt,"Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day)",2013-10-15,TheXero,php,webapps,80 +28970,platforms/php/webapps/28970.txt,"Dexs PM System WordPress Plugin - Authenticated Persistent XSS (0day)",2013-10-15,TheXero,php,webapps,80 28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 (exportcsv.php sondage param) - SQL Injection",2013-10-15,drone,php,webapps,80 28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection and Remote Code Execution",2013-10-15,"Jason Kratzer",unix,webapps,0 28973,platforms/windows/remote/28973.rb,"HP Data Protector Cell Request Service Buffer Overflow",2013-10-15,metasploit,windows,remote,0 @@ -26070,7 +26070,7 @@ id,file,description,date,author,platform,type,port 29018,platforms/php/webapps/29018.txt,"Plesk 7.5/8.0 - login_up.php3 - XSS",2006-11-14,"David Vieira-Kurz",php,webapps,0 29019,platforms/php/webapps/29019.txt,"Zikula CMS 1.3.5 - Multiple Vulnerabilities",2013-10-17,Vulnerability-Lab,php,webapps,0 29020,platforms/php/webapps/29020.txt,"Quick Paypal Payments 3.0 - Presistant XSS (0day)",2013-10-17,Zy0d0x,php,webapps,80 -29021,platforms/php/webapps/29021.txt,"Wordpress Plugin Realty - Blind SQL Injection",2013-10-17,Napsterakos,php,webapps,80 +29021,platforms/php/webapps/29021.txt,"WordPress Plugin Realty - Blind SQL Injection",2013-10-17,Napsterakos,php,webapps,80 29023,platforms/php/webapps/29023.txt,"Woltlab Burning Board Regenbogenwiese 2007 Addon - SQL Injection Exploit",2013-10-17,"Easy Laster",php,webapps,0 29024,platforms/asp/webapps/29024.txt,"Inventory Manager Multiple Input Validation Vulnerabilities",2006-11-14,"laurent gaffie",asp,webapps,0 29025,platforms/asp/webapps/29025.txt,"Evolve Merchant Viewcart.ASP SQL Injection Vulnerability",2006-11-14,"laurent gaffie",asp,webapps,0 @@ -26373,7 +26373,7 @@ id,file,description,date,author,platform,type,port 29354,platforms/php/webapps/29354.txt,"pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting Web Vulnerabilities",2013-11-01,Vulnerability-Lab,php,webapps,0 29473,platforms/linux/dos/29473.txt,"Squid Proxy 2.5/2.6 FTP URI Remote Denial of Service Vulnerability",2007-01-16,"David Duncan Ross Palmer",linux,dos,0 29474,platforms/php/webapps/29474.txt,"Scriptme SmE 1.21 File Mailer Login SQL Injection Vulnerability",2007-01-16,CorryL,php,webapps,0 -29356,platforms/php/webapps/29356.txt,"Wordpress 1.x/2.0.x - Template.PHP HTML Injection Vulnerability",2006-12-27,"David Kierznowski",php,webapps,0 +29356,platforms/php/webapps/29356.txt,"WordPress 1.x/2.0.x - Template.PHP HTML Injection Vulnerability",2006-12-27,"David Kierznowski",php,webapps,0 29357,platforms/asp/webapps/29357.txt,"Hosting Controller 7C FolderManager.ASPX Directory Traversal Vulnerability",2006-12-27,KAPDA,asp,webapps,0 29358,platforms/asp/webapps/29358.txt,"DMXReady Secure Login Manager 1.0 login.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 29359,platforms/asp/webapps/29359.txt,"DMXReady Secure Login Manager 1.0 content.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 @@ -26570,7 +26570,7 @@ id,file,description,date,author,platform,type,port 29522,platforms/php/webapps/29522.py,"WordPress 1.x/2.0.x - Pingback SourceURI Denial of Service and Information Disclosure Vulnerability",2007-01-24,"Blake Matheny",php,webapps,0 29523,platforms/osx/dos/29523.txt,"Apple 10.4.x Software Update Format String Vulnerability",2007-01-25,kf,osx,dos,0 29524,platforms/windows/remote/29524.txt,"Microsoft Word 2000 - Malformed Function Code Execution Vulnerability",2007-01-25,Symantec,windows,remote,0 -29525,platforms/php/webapps/29525.txt,"Wordpress Highlight Premium Theme - CSRF File Upload Vulnerability",2013-11-10,DevilScreaM,php,webapps,0 +29525,platforms/php/webapps/29525.txt,"WordPress Highlight Premium Theme - CSRF File Upload Vulnerability",2013-11-10,DevilScreaM,php,webapps,0 29547,platforms/windows/local/29547.rb,"VideoSpirit Pro 1.90 - (SEH) Buffer Overflow",2013-11-12,metacom,windows,local,0 29527,platforms/linux/remote/29527.pl,"Xine 0.99.4 M3U Remote Format String Vulnerability",2007-01-03,"Kevin Finisterre",linux,remote,0 29528,platforms/php/local/29528.txt,"PHP 5.2 - FOpen Safe_Mode Restriction-Bypass Vulnerability",2007-01-26,"Maksymilian Arciemowicz",php,local,0 @@ -26591,9 +26591,9 @@ id,file,description,date,author,platform,type,port 29679,platforms/php/webapps/29679.html,"PHPBB2 Admin_Ug_Auth.PHP Administrative Security Bypass Vulnerability",2007-02-26,"Hasadya Raed",php,webapps,0 29680,platforms/php/webapps/29680.html,"SQLiteManager 1.2 Main.PHP Multiple HTML Injection Vulnerabilities",2007-02-26,"Simon Bonnard",php,webapps,0 29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 index.PHP Local File Include Vulnerability",2007-02-26,"D. Matscheko",php,webapps,0 -29682,platforms/php/webapps/29682.txt,"Wordpress 2.1.1 - Post.PHP Cross-Site Scripting Vulnerability",2007-02-26,Samenspender,php,webapps,0 +29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - Post.PHP Cross-Site Scripting Vulnerability",2007-02-26,Samenspender,php,webapps,0 29683,platforms/linux/dos/29683.txt,"Linux Kernel 2.6.x - Audit Subsystems Local Denial of Service Vulnerability",2007-02-27,"Steve Grubb",linux,dos,0 -29684,platforms/php/webapps/29684.txt,"Wordpress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 +29684,platforms/php/webapps/29684.txt,"WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 29685,platforms/windows/remote/29685.txt,"Nullsoft Shoutcast 1.9.7 Logfile HTML Injection Vulnerability",2007-02-27,SaMuschie,windows,remote,0 29686,platforms/windows/remote/29686.txt,"Adobe Acrobat/Adobe Reader <= 7.0.9 - Information Disclosure Vulnerability",2007-02-28,pdp,windows,remote,0 29687,platforms/windows/remote/29687.py,"HyperBook Guestbook 1.3 GBConfiguration.DAT Hashed Password Information Disclosure Vulnerability",2007-02-28,PeTrO,windows,remote,0 @@ -26652,7 +26652,7 @@ id,file,description,date,author,platform,type,port 29595,platforms/linux/remote/29595.txt,"PHP RRD Browser 0.2 P Parameter Directory Traversal Vulnerability",2007-02-12,"Sebastian Wolfgarten",linux,remote,0 29596,platforms/asp/webapps/29596.txt,"EWay 4 Default.APSX Cross-Site Scripting Vulnerability",2007-02-12,"BLacK ZeRo",asp,webapps,0 29597,platforms/asp/webapps/29597.txt,"Community Server SearchResults.ASPX Cross-Site Scripting Vulnerability",2007-02-12,BL4CK,asp,webapps,0 -29598,platforms/php/webapps/29598.txt,"Wordpress 1.x/2.0.x - Templates.PHP Cross-Site Scripting Vulnerability",2007-02-12,PsychoGun,php,webapps,0 +29598,platforms/php/webapps/29598.txt,"WordPress 1.x/2.0.x - Templates.PHP Cross-Site Scripting Vulnerability",2007-02-12,PsychoGun,php,webapps,0 29599,platforms/php/webapps/29599.txt,"TaskFreak! 0.5.5 Error.PHP Cross-Site Scripting Vulnerability",2007-02-13,Spiked,php,webapps,0 29600,platforms/asp/webapps/29600.txt,"Fullaspsite ASP Hosting Site listmain.asp cat Parameter XSS",2007-02-13,ShaFuck31,asp,webapps,0 29601,platforms/asp/webapps/29601.txt,"Fullaspsite ASP Hosting Site listmain.asp cat Parameter SQL Injection",2007-02-13,ShaFuck31,asp,webapps,0 @@ -26721,10 +26721,10 @@ id,file,description,date,author,platform,type,port 29664,platforms/windows/dos/29664.txt,"Microsoft Office Publisher 2007 - Remote Denial of Service (DoS) Vulnerability",2007-02-26,"Tom Ferris",windows,dos,0 29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Include Vulnerability",2007-02-26,"Simon Bonnard",php,webapps,0 29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI close_window.cgi Buffer Overflow",2013-11-18,metasploit,hardware,remote,80 -29667,platforms/php/webapps/29667.txt,"Wordpress Euclid Theme 1.x.x - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 -29668,platforms/php/webapps/29668.txt,"Wordpress Dimension Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 -29669,platforms/php/webapps/29669.txt,"Wordpress Amplus Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 -29670,platforms/php/webapps/29670.txt,"Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 +29667,platforms/php/webapps/29667.txt,"WordPress Euclid Theme 1.x.x - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 +29668,platforms/php/webapps/29668.txt,"WordPress Dimension Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 +29669,platforms/php/webapps/29669.txt,"WordPress Amplus Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 +29670,platforms/php/webapps/29670.txt,"WordPress Make A Statement (MaS) Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 30367,platforms/php/webapps/30367.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 admin/membersearch.php Multiple Parameter XSS",2007-07-23,Lostmon,php,webapps,0 30187,platforms/multiple/dos/30187.txt,"Mbedthis AppWeb 2.2.2 URL Protocol Format String Vulnerability",2007-06-12,"Nir Rachmel",multiple,dos,0 30188,platforms/windows/dos/30188.txt,"Apple Safari Feed URI Denial of Service Vulnerability",2007-05-13,"Moshe Ben-Abu",windows,dos,0 @@ -26837,7 +26837,7 @@ id,file,description,date,author,platform,type,port 29787,platforms/windows/dos/29787.py,"HP Jetdirect FTP Print Server RERT Command Denial of Service Vulnerability",2007-01-18,Handrix,windows,dos,0 29788,platforms/php/remote/29788.php,"PHP <= 4.4.4 Zip_Entry_Read() Integer Overflow Vulnerability",2007-03-27,"Stefan Esser",php,remote,0 30783,platforms/windows/local/30783.py,"CCProxy 7.3 - Integer Overflow Exploit",2014-01-07,Mr.XHat,windows,local,0 -30105,platforms/php/webapps/30105.txt,"Wordpress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 +30105,platforms/php/webapps/30105.txt,"WordPress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 30157,platforms/php/webapps/30157.txt,"Joomla JD-Wiki 1.0.2 dwpage.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30158,platforms/php/webapps/30158.txt,"Joomla JD-Wiki 1.0.2 wantedpages.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30107,platforms/php/webapps/30107.txt,"Ovidentia 7.9.6 - Multiple Vulnerabilities",2013-12-08,sajith,php,webapps,0 @@ -27047,7 +27047,7 @@ id,file,description,date,author,platform,type,port 29943,platforms/windows/dos/29943.c,"Progress WebSpeed 3.0/3.1 - Denial of Service Vulnerability",2007-05-02,"Eelko Neven",windows,dos,0 29944,platforms/php/webapps/29944.pl,"PHPSecurityAdmin 4.0.2 Logout.PHP Remote File Include Vulnerability",2007-05-03,"ilker Kandemir",php,webapps,0 29945,platforms/hardware/remote/29945.txt,"D-Link DSL-G624T Var:RelaodHref Cross-Site Scripting Vulnerability",2007-05-03,"Tim Brown",hardware,remote,0 -29946,platforms/php/webapps/29946.txt,"Wordpress Orange Themes - CSRF File Upload Vulnerability",2013-12-01,"Jje Incovers",php,webapps,0 +29946,platforms/php/webapps/29946.txt,"WordPress Orange Themes - CSRF File Upload Vulnerability",2013-12-01,"Jje Incovers",php,webapps,0 30197,platforms/php/webapps/30197.txt,"WSPortal 1.0 Content.PHP SQL Injection Vulnerability",2007-06-18,"Jesper Jurcenoks",php,webapps,0 30198,platforms/asp/webapps/30198.txt,"TDizin Arama.ASP Cross-Site Scripting Vulnerability",2007-06-18,GeFORC3,asp,webapps,0 30199,platforms/cgi/webapps/30199.txt,"WebIf OutConfig Parameter Local File Include Vulnerability",2007-06-18,maiosyet,cgi,webapps,0 @@ -27100,7 +27100,7 @@ id,file,description,date,author,platform,type,port 29998,platforms/php/webapps/29998.txt,"Campsite 2.6.1 User.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29999,platforms/php/webapps/29999.txt,"Campsite 2.6.1 UserType.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30000,platforms/ios/webapps/30000.txt,"Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities",2013-12-02,Vulnerability-Lab,ios,webapps,0 -30002,platforms/php/webapps/30002.txt,"Wordpress Formcraft Plugin - SQL Injection Vulnerability",2013-12-02,"Ashiyane Digital Security Team",php,webapps,0 +30002,platforms/php/webapps/30002.txt,"WordPress Formcraft Plugin - SQL Injection Vulnerability",2013-12-02,"Ashiyane Digital Security Team",php,webapps,0 30003,platforms/php/webapps/30003.txt,"Campsite 2.6.1 implementation/management/configuration.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30004,platforms/php/webapps/30004.txt,"Campsite 2.6.1 implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30005,platforms/php/webapps/30005.txt,"Campsite 2.6.1 - LocalizerConfig.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 @@ -27134,7 +27134,7 @@ id,file,description,date,author,platform,type,port 30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 News.ASP Cross-Site Scripting Vulnerability",2007-05-24,vagrant,php,webapps,0 30082,platforms/php/webapps/30082.txt,"GNUTurk Mods.PHP Cross-Site Scripting Vulnerability",2007-05-25,vagrant,php,webapps,0 30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting Vulnerability",2013-12-06,LiquidWorm,php,webapps,0 -30084,platforms/php/webapps/30084.php,"Wordpress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 +30084,platforms/php/webapps/30084.php,"WordPress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 Index.PHP Cross-Site Scripting Vulnerability",2007-05-25,newbinaryfile,php,webapps,0 30087,platforms/php/webapps/30087.txt,"Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 30088,platforms/php/webapps/30088.txt,"Pligg 9.5 Reset Forgotten Password Security Bypass Vulnerability",2007-05-25,"242th section",php,webapps,0 @@ -27344,7 +27344,7 @@ id,file,description,date,author,platform,type,port 30440,platforms/cgi/webapps/30440.txt,"WebEvent <= 4.03 Webevent.CGI Cross-Site Scripting Vulnerability",2007-07-31,d3hydr8,cgi,webapps,0 30441,platforms/windows/remote/30441.html,"BlueSkyChat ActiveX Control 8.1.2 - Buffer Overflow Vulnerability",2007-07-31,"Code Audit Labs",windows,remote,0 30442,platforms/php/webapps/30442.txt,"WebDirector Index.PHP Cross-Site Scripting Vulnerability",2007-08-01,r0t,php,webapps,0 -30443,platforms/php/webapps/30443.txt,"Wordpress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit",2013-12-23,"Interference Security",php,webapps,80 +30443,platforms/php/webapps/30443.txt,"WordPress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit",2013-12-23,"Interference Security",php,webapps,80 30444,platforms/linux/dos/30444.txt,"KDE Konqueror <= 3.5.7 Assert Denial of Service Vulnerability",2007-03-05,"Thomas Waldegger",linux,dos,0 30445,platforms/php/webapps/30445.txt,"Joomla Tour de France Pool 1.0.1 Module mosConfig_absolute_path Remote File Include Vulnerability",2007-08-02,Yollubunlar.Org,php,webapps,0 30446,platforms/asp/webapps/30446.txt,"Hunkaray Okul Portali 1.1 Duyuruoku.ASP SQL Injection Vulnerability",2007-08-02,Yollubunlar.Org,asp,webapps,0 @@ -28312,7 +28312,7 @@ id,file,description,date,author,platform,type,port 31420,platforms/php/webapps/31420.txt,"Eventy Online Scheduler 1.8 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31421,platforms/php/webapps/31421.txt,"Booking Calendar - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31423,platforms/windows/webapps/31423.txt,"IBM Business Process Manager - User Account Reconfiguration",2014-02-05,0in,windows,webapps,0 -31424,platforms/php/webapps/31424.txt,"Wordpress Dandelion Theme - Arbitry File Upload",2014-02-05,TheBlackMonster,php,webapps,80 +31424,platforms/php/webapps/31424.txt,"WordPress Dandelion Theme - Arbitry File Upload",2014-02-05,TheBlackMonster,php,webapps,80 31425,platforms/hardware/webapps/31425.txt,"D-Link DIR-100 - Multiple Vulnerabilities",2014-02-05,"Felix Richter",hardware,webapps,80 31426,platforms/php/webapps/31426.txt,"Plogger 1.0 (RC1) - Multiple Vulnerabilities",2014-02-05,killall-9,php,webapps,80 31427,platforms/php/webapps/31427.txt,"ownCloud 6.0.0a - Multiple Vulnerabilities",2014-02-05,absane,php,webapps,80 @@ -28443,8 +28443,8 @@ id,file,description,date,author,platform,type,port 31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 - 'setup.php' Cross-Site Scripting Vulnerability",2008-03-31,ZoRLu,php,webapps,0 31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 - Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0 31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Router - CSRF Vulnerability",2014-02-11,killall-9,hardware,webapps,80 -31570,platforms/php/webapps/31570.txt,"Wordpress Frontend Upload Plugin - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 -31571,platforms/php/webapps/31571.txt,"Wordpress Buddypress Plugin 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 +31570,platforms/php/webapps/31570.txt,"WordPress Frontend Upload Plugin - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 +31571,platforms/php/webapps/31571.txt,"WordPress Buddypress Plugin 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 32215,platforms/php/webapps/32215.txt,"RMSOFT Downloads Plus (rmdp) 1.5/1.7 Module for XOOPS search.php key Parameter XSS",2008-08-09,Lostmon,php,webapps,0 32216,platforms/php/webapps/32216.txt,"RMSOFT Downloads Plus (rmdp) 1.5/1.7 Module for XOOPS down.php id Parameter XSS",2008-08-09,Lostmon,php,webapps,0 31573,platforms/ios/webapps/31573.txt,"WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities",2014-02-11,Vulnerability-Lab,ios,webapps,8880 @@ -28630,7 +28630,7 @@ id,file,description,date,author,platform,type,port 31765,platforms/hardware/webapps/31765.txt,"Barracuda Message Archiver 650 - Persistent XSS Vulnerability",2014-02-19,Vulnerability-Lab,hardware,webapps,3378 31766,platforms/windows/local/31766.rb,"Audiotran - (.PLS) Stack Buffer Overflow",2014-02-19,metasploit,windows,local,0 31767,platforms/multiple/remote/31767.rb,"MediaWiki Thumb.php - Remote Command Execution",2014-02-19,metasploit,multiple,remote,80 -31768,platforms/php/webapps/31768.txt,"Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 +31768,platforms/php/webapps/31768.txt,"WordPress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 31769,platforms/windows/remote/31769.html,"Ourgame 'GLIEDown2.dll' ActiveX Control - Remote Code Execution Vulnerability",2008-05-08,anonymous,windows,remote,0 31770,platforms/multiple/remote/31770.txt,"Oracle Application Server Portal 10g - Authentication Bypass Vulnerability",2008-05-09,"Deniz Cevik",multiple,remote,0 31771,platforms/php/webapps/31771.txt,"cPanel 11.x - scripts2/knowlegebase issue Parameter XSS",2008-05-09,"Matteo Carli",php,webapps,0 @@ -28696,7 +28696,7 @@ id,file,description,date,author,platform,type,port 31831,platforms/windows/remote/31831.py,"SolidWorks Workgroup PDM 2014 SP2 - Arbitrary File Write Vulnerability",2014-02-22,"Mohamed Shetta",windows,remote,30000 32045,platforms/php/webapps/32045.txt,"eSyndiCat 2.2 - 'register.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-10,Fugitif,php,webapps,0 31833,platforms/php/webapps/31833.txt,"ILIAS 4.4.1 - Multiple Vulnerabilities",2014-02-22,HauntIT,php,webapps,80 -31834,platforms/php/webapps/31834.txt,"Wordpress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 +31834,platforms/php/webapps/31834.txt,"WordPress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 31835,platforms/php/webapps/31835.txt,"SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-22,"Omer Singer",php,webapps,0 31836,platforms/php/webapps/31836.txt,"WordPress Upload File Plugin 'wp-uploadfile.php' - SQL Injection Vulnerability",2008-05-24,eserg.ru,php,webapps,0 31837,platforms/php/webapps/31837.txt,"DZOIC Handshakes 3.5 - 'fname' Parameter SQL Injection Vulnerability",2008-05-24,"Ali Jasbi",php,webapps,0 @@ -28849,7 +28849,7 @@ id,file,description,date,author,platform,type,port 31982,platforms/php/webapps/31982.txt,"Webuzo 2.1.3 - Multiple Vulnerabilities",2014-02-28,Mahendra,php,webapps,80 32134,platforms/php/webapps/32134.txt,"H0tturk Panel 'gizli.php' Remote File Include Vulnerability",2008-07-31,U238,php,webapps,0 31983,platforms/multiple/webapps/31983.txt,"Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities",2014-02-28,"SEC Consult",multiple,webapps,32400 -31986,platforms/php/webapps/31986.txt,"Wordpress VideoWhisper 4.27.3 - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 +31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY gefebt.exe Remote Code Execution",2014-02-28,metasploit,windows,remote,80 31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow",2014-02-28,metasploit,windows,local,0 31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 (SalesInquiry.php SortBy param) - SQL Injection Vulnerability",2014-02-28,HauntIT,php,webapps,80 @@ -29159,7 +29159,7 @@ id,file,description,date,author,platform,type,port 32325,platforms/php/webapps/32325.txt,"XRms 1.99.2 cases/some.php case_title Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32326,platforms/php/webapps/32326.txt,"XRms 1.99.2 files/some.php file_id Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32327,platforms/php/webapps/32327.txt,"XRms 1.99.2 reports/custom/mileage.php starting Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 -32329,platforms/windows/dos/32329.rb,"Gold MP4 Player 3.3 - Universal SEH Exploit (MSF)",2014-03-17,"Revin Hadi Saputra",windows,dos,0 +32329,platforms/windows/dos/32329.rb,"Gold MP4 Player 3.3 - Universal SEH Exploit (Metasploit)",2014-03-17,"Revin Hadi Saputra",windows,dos,0 32330,platforms/php/webapps/32330.txt,"OpenSupports 2.0 - Blind SQL Injection",2014-03-17,indoushka,php,webapps,0 32331,platforms/php/webapps/32331.txt,"Joomla AJAX Shoutbox <= 1.6 - Remote SQL Injection Vulnerability",2014-03-17,"Ibrahim Raafat",php,webapps,0 32333,platforms/ios/dos/32333.txt,"iOS 7 - Kernel Mode Memory Corruption",2014-03-17,"Andy Davis",ios,dos,0 @@ -29406,7 +29406,7 @@ id,file,description,date,author,platform,type,port 32618,platforms/php/remote/32618.txt,"plexusCMS 0.5 - XSS Remote Shell Exploit & Credentials Leak",2014-03-31,neglomaniac,php,remote,0 32619,platforms/ios/webapps/32619.txt,"PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,52789 32620,platforms/ios/webapps/32620.txt,"Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,8080 -32622,platforms/php/webapps/32622.txt,"Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion",2014-03-31,"Glyn Wintle",php,webapps,80 +32622,platforms/php/webapps/32622.txt,"WordPress Ajax Pagination Plugin 1.1 - Local File Inclusion",2014-03-31,"Glyn Wintle",php,webapps,80 32623,platforms/multiple/webapps/32623.txt,"EMC Cloud Tiering Appliance 10.0 - Unauthenticated XXE Arbitrary File Read",2014-03-31,"Brandon Perry",multiple,webapps,0 32624,platforms/php/webapps/32624.txt,"PHP JOBWEBSITE PRO siteadmin/forgot.php adname Parameter SQL Injection",2008-12-01,Pouya_Server,php,webapps,0 32625,platforms/php/webapps/32625.txt,"PHP JOBWEBSITE PRO siteadmin/forgot.php Multiple Parameter XSS",2008-12-01,Pouya_Server,php,webapps,0 @@ -29485,7 +29485,7 @@ id,file,description,date,author,platform,type,port 32698,platforms/php/webapps/32698.txt,"SolucionXpressPro 'main.php' SQL Injection Vulnerability",2009-01-05,Ehsan_Hp200,php,webapps,0 32699,platforms/windows/remote/32699.txt,"Google Chrome 1.0.154.36 - FTP Client PASV Port Scan Information Disclosure Vulnerability",2009-01-05,"Aditya K Sood",windows,remote,0 32700,platforms/linux/local/32700.rb,"ibstat $PATH - Privilege Escalation",2014-04-04,metasploit,linux,local,0 -32701,platforms/php/webapps/32701.txt,"Wordpress XCloner Plugin 3.1.0 - CSRF Vulnerability",2014-04-04,"High-Tech Bridge SA",php,webapps,80 +32701,platforms/php/webapps/32701.txt,"WordPress XCloner Plugin 3.1.0 - CSRF Vulnerability",2014-04-04,"High-Tech Bridge SA",php,webapps,80 32702,platforms/hardware/dos/32702.txt,"A10 Networks ACOS 2.7.0-P2(build: 53) - Buffer Overflow",2014-04-04,"Francesco Perna",hardware,dos,80 32703,platforms/ios/webapps/32703.txt,"Private Photo+Video 1.1 Pro iOS - Persistent Vulnerability",2014-04-05,Vulnerability-Lab,ios,webapps,0 32704,platforms/windows/dos/32704.pl,"MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service (DOS) Vulnerability",2014-04-05,LiquidWorm,windows,dos,0 @@ -29643,8 +29643,8 @@ id,file,description,date,author,platform,type,port 32864,platforms/java/webapps/32864.txt,"Sun Java System Communications Express 6.3 - 'UWCMain' Cross-Site Scripting Vulnerability",2009-05-20,"SCS team",java,webapps,0 32865,platforms/multiple/dos/32865.py,"WhatsApp < 2.11.7 - Remote Crash",2014-04-14,"Jaime Sánchez",multiple,dos,0 32866,platforms/ios/webapps/32866.txt,"PDF Album 1.7 iOS - File Include Web Vulnerability",2014-04-14,Vulnerability-Lab,ios,webapps,0 -32867,platforms/php/webapps/32867.txt,"Wordpress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 -32868,platforms/php/webapps/32868.txt,"Wordpress Twitget Plugin 3.3.1 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 +32867,platforms/php/webapps/32867.txt,"WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 +32868,platforms/php/webapps/32868.txt,"WordPress Twitget Plugin 3.3.1 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 32869,platforms/linux/webapps/32869.rb,"eScan Web Management Console Command Injection",2014-04-14,metasploit,linux,webapps,10080 32870,platforms/cgi/webapps/32870.txt,"AWStats <= 6.4 - 'awstats.pl' Multiple Path Disclosure Vulnerability",2009-04-19,r0t,cgi,webapps,0 32871,platforms/php/webapps/32871.txt,"ExpressionEngine 1.6 Avtaar Name HTML Injection Vulnerability",2009-03-22,"Adam Baldwin",php,webapps,0 @@ -29775,7 +29775,7 @@ id,file,description,date,author,platform,type,port 33000,platforms/php/webapps/33000.txt,"Cacti <= 0.8.7 - 'data_input.php' Cross-Site Scripting Vulnerability",2009-05-15,fgeek,php,webapps,0 33001,platforms/php/webapps/33001.ssh,"Kingsoft Webshield 1.1.0.62 - Cross-Site scripting and Remote Command Execution Vulnerability",2009-05-20,inking,php,webapps,0 33002,platforms/php/webapps/33002.txt,"Profense 2.2.20/2.4.2 Web Application Firewall Security Bypass Vulnerabilities",2009-05-20,EnableSecurity,php,webapps,0 -33003,platforms/php/webapps/33003.txt,"Wordpress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 +33003,platforms/php/webapps/33003.txt,"WordPress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 (dompdf.php read param) - Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 33005,platforms/php/webapps/33005.txt,"WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion",2014-04-24,"SEC Consult",php,webapps,80 33006,platforms/php/webapps/33006.txt,"AlienVault 4.3.1 - Unauthenticated SQL Injection",2014-04-24,"Sasha Zivojinovic",php,webapps,443 @@ -29845,7 +29845,7 @@ id,file,description,date,author,platform,type,port 33072,platforms/php/webapps/33072.txt,"Adem 0.5.1 - Local File Inclusion",2014-04-28,JIKO,php,webapps,80 33073,platforms/linux/dos/33073.c,"NTP ntpd monlist Query Reflection - Denial of Service",2014-04-28,"Danilo PC",linux,dos,123 33075,platforms/php/webapps/33075.txt,"GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection",2014-04-28,Esac,php,webapps,80 -33076,platforms/php/webapps/33076.txt,"Wordpress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities",2014-04-28,"Everett Griffiths",php,webapps,80 +33076,platforms/php/webapps/33076.txt,"WordPress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities",2014-04-28,"Everett Griffiths",php,webapps,80 33078,platforms/multiple/remote/33078.txt,"HP ProCurve Threat Management Services zl ST.1.0.090213 Module CRL Security Bypass Vulnerability",2009-06-13,anonymous,multiple,remote,0 33079,platforms/multiple/remote/33079.txt,"Oracle Weblogic Server 10.3 - 'console-help.portal' Cross-Site Scripting Vulnerability",2009-06-14,"Alexandr Polyakov",multiple,remote,0 33080,platforms/multiple/dos/33080.txt,"Oracle 11.1 Database Network Foundation Heap Memory Corruption Vulnerability",2009-06-14,"Dennis Yurichev",multiple,dos,0 @@ -30269,7 +30269,7 @@ id,file,description,date,author,platform,type,port 33553,platforms/multiple/remote/33553.txt,"Sun Java System Web Server 6.1/7.0 Digest Authentication Remote Buffer Overflow Vulnerability",2010-01-21,Intevydis,multiple,remote,0 33554,platforms/linux/remote/33554.py,"TORQUE Resource Manager 2.5.x-2.5.13 - Stack Based Buffer Overflow Stub",2014-05-28,bwall,linux,remote,0 33555,platforms/php/webapps/33555.txt,"AuraCMS 3.0 - Multiple Vulnerabilities",2014-05-28,"Mustafa ALTINKAYNAK",php,webapps,0 -33556,platforms/multiple/dos/33556.rb,"Wireshark CAPWAP Dissector - Denial of Service (msf)",2014-05-28,j0sm1,multiple,dos,5247 +33556,platforms/multiple/dos/33556.rb,"Wireshark CAPWAP Dissector - Denial of Service (Metasploit)",2014-05-28,j0sm1,multiple,dos,5247 33557,platforms/php/webapps/33557.txt,"Sharetronix 3.3 - Multiple Vulnerabilities",2014-05-28,"High-Tech Bridge SA",php,webapps,80 33558,platforms/php/webapps/33558.txt,"cPanel and WHM 11.25 - 'failurl' Parameter HTTP Response Splitting Vulnerability",2010-01-21,Trancer,php,webapps,0 33559,platforms/multiple/dos/33559.txt,"Sun Java System Web Server 7.0 Update 6 - 'admin' Server Denial of Service Vulnerability",2010-01-22,Intevydis,multiple,dos,0 @@ -30304,7 +30304,7 @@ id,file,description,date,author,platform,type,port 33607,platforms/multiple/dos/33607.html,"Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial Of Service Vulnerability",2010-02-07,"599eme Man",multiple,dos,0 33608,platforms/windows/dos/33608.html,"Apple Safari 4.0.4 - Remote Denial Of Service Vulnerability",2010-02-07,"599eme Man",windows,dos,0 33610,platforms/windows/remote/33610.py,"Easy File Management Web Server 5.3 - UserID Remote Buffer Overflow (ROP)",2014-06-01,"Julien Ahrens",windows,remote,80 -33613,platforms/php/webapps/33613.txt,"Wordpress Participants Database 1.5.4.8 - SQL Injection",2014-06-02,"Yarubo Research Team",php,webapps,80 +33613,platforms/php/webapps/33613.txt,"WordPress Participants Database 1.5.4.8 - SQL Injection",2014-06-02,"Yarubo Research Team",php,webapps,80 33614,platforms/linux/local/33614.c,"dbus-glib pam_fprintd - Local Root Exploit",2014-06-02,"Sebastian Krahmer",linux,local,0 33615,platforms/multiple/remote/33615.txt,"JDownloader 'JDExternInterface.java' Remote Code Execution Vulnerability",2010-02-08,apoc,multiple,remote,0 33616,platforms/multiple/remote/33616.txt,"Mongoose 2.8 Space String Remote File Disclosure Vulnerability",2010-02-08,"Pouya Daneshmand",multiple,remote,0 @@ -30510,7 +30510,7 @@ id,file,description,date,author,platform,type,port 33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - (zero_transact_article.php article_id POST parameter) SQL Injection Vulnerability",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 33849,platforms/windows/dos/33849.txt,"netKar PRO 1.1 - (.nkuser) File Creation NULL Pointer Denial Of Service Vulnerability",2014-06-13,"A reliable source",windows,dos,0 33850,platforms/linux/dos/33850.txt,"memcached 1.4.2 Memory Consumption Remote Denial of Service Vulnerability",2010-04-27,fallenpegasus,linux,dos,0 -33851,platforms/php/webapps/33851.txt,"Wordpress TimThumb 2.8.13 WebShot - Remote Code Execution (0day)",2014-06-24,@u0x,php,webapps,0 +33851,platforms/php/webapps/33851.txt,"WordPress TimThumb 2.8.13 WebShot - Remote Code Execution (0day)",2014-06-24,@u0x,php,webapps,0 33868,platforms/multiple/remote/33868.txt,"Apache ActiveMQ 5.2/5.3 Source Code Information Disclosure Vulnerability",2010-04-22,"Veerendra G.G",multiple,remote,0 33860,platforms/windows/dos/33860.html,"Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035)",2014-06-24,"Drozdova Liudmila",windows,dos,0 33854,platforms/php/webapps/33854.txt,"vBulletin Two-Step External Link Module 'externalredirect.php' Cross-Site Scripting Vulnerability",2010-04-20,"Edgard Chammas",php,webapps,0 @@ -30553,11 +30553,11 @@ id,file,description,date,author,platform,type,port 33893,platforms/windows/local/33893.rb,"Registry Symlink - IE Sandbox Escape (MS13-097)",2014-06-27,metasploit,windows,local,0 33894,platforms/multiple/webapps/33894.txt,"Python CGIHTTPServer Encoded Path Traversal",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 33895,platforms/cgi/webapps/33895.txt,"Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities",2014-06-27,"BGA Security",cgi,webapps,20001 -33896,platforms/php/webapps/33896.txt,"Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities",2014-06-27,dxw,php,webapps,80 +33896,platforms/php/webapps/33896.txt,"WordPress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities",2014-06-27,dxw,php,webapps,80 33897,platforms/multiple/webapps/33897.txt,"Endeca Latitude 2.2.2 - CSRF Vulnerability",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 33899,platforms/linux/local/33899.txt,"chkrootkit 0.49 - Local Root Vulnerability",2014-06-28,"Thomas Stangner",linux,local,0 33900,platforms/windows/remote/33900.pl,"Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability",2010-04-26,Madjix,windows,remote,0 -33901,platforms/windows/remote/33901.rb,"Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability (meta)",2010-04-26,blake,windows,remote,0 +33901,platforms/windows/remote/33901.rb,"Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability (Metasploit)",2010-04-26,blake,windows,remote,0 34102,platforms/linux/dos/34102.py,"ACME micro_httpd - Denial of Service",2014-07-18,"Yuval tisf Nativ",linux,dos,80 33904,platforms/linux/local/33904.txt,"check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition Exploit",2014-06-28,"Dawid Golunski",linux,local,0 33905,platforms/multiple/remote/33905.txt,"Apache ActiveMQ 5.3 - 'admin/queueBrowse' Cross-Site Scripting Vulnerability",2010-04-28,"arun kethipelly",multiple,remote,0 @@ -30635,7 +30635,7 @@ id,file,description,date,author,platform,type,port 33987,platforms/php/webapps/33987.txt,"PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-Site Scripting Vulnerability",2010-01-03,indoushka,php,webapps,0 34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0 33990,platforms/multiple/remote/33990.rb,"Gitlist Unauthenticated Remote Command Execution",2014-07-07,metasploit,multiple,remote,80 -33991,platforms/php/remote/33991.rb,"Wordpress MailPoet - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,metasploit,php,remote,80 +33991,platforms/php/remote/33991.rb,"WordPress MailPoet - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,metasploit,php,remote,80 33992,platforms/asp/webapps/33992.txt,"Platnik 8.1.1 - Multiple SQL Injection Vulnerabilities",2010-05-17,podatnik386,asp,webapps,0 33993,platforms/php/webapps/33993.txt,"Planet Script 1.x - 'idomains.php' Cross-Site Scripting Vulnerability",2010-05-14,Mr.ThieF,php,webapps,0 33994,platforms/php/webapps/33994.txt,"PonVFTP Insecure Cookie Authentication Bypass Vulnerability",2010-05-17,SkuLL-HackeR,php,webapps,0 @@ -30726,7 +30726,7 @@ id,file,description,date,author,platform,type,port 34082,platforms/php/webapps/34082.txt,"Obsession-Design Image-Gallery 1.1 - 'display.php' Cross-Site Scripting Vulnerability",2010-01-02,kaMtiEz,php,webapps,0 34083,platforms/php/webapps/34083.txt,"Western Digital My Book World Edition 1.1.16 - 'lang' Parameter Cross-Site Scripting Vulnerabilities",2009-12-30,emgent,php,webapps,0 34084,platforms/php/webapps/34084.txt,"L2Web LineWeb 1.0.5 - Multiple Input Validation Vulnerabilities",2010-01-06,"Ignacio Garrido",php,webapps,0 -34085,platforms/php/webapps/34085.txt,"Gigya Socialize Plugin 1.0/1.1.x for Wordpress - Cross-Site Scripting Vulnerability",2010-06-04,MustLive,php,webapps,0 +34085,platforms/php/webapps/34085.txt,"Gigya Socialize Plugin 1.0/1.1.x for WordPress - Cross-Site Scripting Vulnerability",2010-06-04,MustLive,php,webapps,0 34137,platforms/php/webapps/34137.txt,"Joomla! 'com_videowhisper_2wvc' Component Cross-Site Scripting Vulnerability",2010-06-10,Sid3^effects,php,webapps,0 34088,platforms/android/remote/34088.html,"Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability",2014-07-16,c0otlass,android,remote,0 34089,platforms/php/webapps/34089.txt,"Bilboplanet 2.0 - Multiple XSS Vulnerabilities",2014-07-16,"Vivek N",php,webapps,80 @@ -30756,7 +30756,7 @@ id,file,description,date,author,platform,type,port 34139,platforms/php/webapps/34139.txt,"Yamamah Photo Gallery 1.00 - 'download.php' Local File Disclosure Vulnerability",2010-06-13,mat,php,webapps,0 34140,platforms/php/webapps/34140.txt,"AneCMS 1.x - 'modules/blog/index.php' HTML Injection Vulnerability",2010-06-11,"High-Tech Bridge SA",php,webapps,0 34113,platforms/php/webapps/34113.py,"SilverStripe CMS 2.4 File Renaming Security Bypass Vulnerability",2010-06-09,"John Leitch",php,webapps,0 -34105,platforms/php/webapps/34105.txt,"Wordpress Plugin Gallery Objects 0.4 - SQL Injection",2014-07-18,"Claudio Viviani",php,webapps,80 +34105,platforms/php/webapps/34105.txt,"WordPress Plugin Gallery Objects 0.4 - SQL Injection",2014-07-18,"Claudio Viviani",php,webapps,80 34106,platforms/php/webapps/34106.txt,"cPanel 11.25 Image Manager 'target' Parameter Local File Include Vulnerability",2010-06-07,"AnTi SeCuRe",php,webapps,0 34107,platforms/php/webapps/34107.txt,"boastMachine 3.1 - 'key' Parameter Cross-Site Scripting Vulnerability",2010-06-07,"High-Tech Bridge SA",php,webapps,0 34108,platforms/java/webapps/34108.txt,"PRTG Traffic Grapher 6.2.1 - 'url' Parameter Cross-Site Scripting Vulnerability",2009-01-08,"Patrick Webster",java,webapps,0 @@ -30764,7 +30764,7 @@ id,file,description,date,author,platform,type,port 34110,platforms/php/webapps/34110.txt,"PG Auto Pro SQL Injection and Cross-Site Scripting Vulnerabilities",2010-06-09,Sid3^effects,php,webapps,0 34111,platforms/multiple/webapps/34111.txt,"GREEZLE - Global Real Estate Agent Login Multiple SQL Injection Vulnerabilities",2010-06-09,"L0rd CrusAd3r",multiple,webapps,0 34339,platforms/php/webapps/34339.txt,"Pligg 1.0.4 - 'search.php' Cross-Site Scripting Vulnerability",2010-07-15,"High-Tech Bridge SA",php,webapps,0 -34124,platforms/php/webapps/34124.txt,"Wordpress WP BackupPlus - Database And Files Backup Download (0day)",2014-07-20,pSyCh0_3D,php,webapps,0 +34124,platforms/php/webapps/34124.txt,"WordPress WP BackupPlus - Database And Files Backup Download (0day)",2014-07-20,pSyCh0_3D,php,webapps,0 34130,platforms/linux/webapps/34130.rb,"Raritan PowerIQ 4.1.0 - SQL Injection Vulnerability",2014-07-21,"Brandon Perry",linux,webapps,80 34126,platforms/windows/remote/34126.txt,"Microsoft Help and Support Center 'sysinfo/sysinfomain.htm' Cross-Site Scripting Weakness",2010-06-10,"Tavis Ormandy",windows,remote,0 34127,platforms/php/webapps/34127.txt,"Arab Portal 2.2 - 'members.php' SQL Injection Vulnerability",2010-06-10,SwEET-DeViL,php,webapps,0 @@ -30774,7 +30774,7 @@ id,file,description,date,author,platform,type,port 34132,platforms/php/remote/34132.txt,"IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities",2014-07-21,"Alejandro Alvarez Bravo",php,remote,443 34133,platforms/linux/dos/34133.txt,"Apache 2.4.7 mod_status Scoreboard Handling Race Condition",2014-07-21,"Marek Kroemeke",linux,dos,0 34134,platforms/lin_amd64/local/34134.c,"Linux Kernel - ptrace/sysret - Local Privilege Escalation",2014-07-21,"Vitaly Nikolenko",lin_amd64,local,0 -34161,platforms/php/webapps/34161.txt,"Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",php,webapps,80 +34161,platforms/php/webapps/34161.txt,"WordPress Video Gallery Plugin 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",php,webapps,80 34135,platforms/windows/dos/34135.py,"DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation",2014-07-22,drone,windows,dos,0 34149,platforms/hardware/webapps/34149.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure Vulnerability",2014-07-23,"Dolev Farhi",hardware,webapps,0 34158,platforms/windows/dos/34158.txt,"Chrome Engine 4 - Denial Of Service Vulnerability",2010-06-17,"Luigi Auriemma",windows,dos,0 @@ -30857,7 +30857,7 @@ id,file,description,date,author,platform,type,port 34239,platforms/php/webapps/34239.txt,"Status2k Server Monitoring Software - Multiple Vulnerabilities",2014-08-02,"Shayan S",php,webapps,80 34240,platforms/ios/webapps/34240.txt,"TigerCom iFolder+ 1.2 iOS - Multiple Vulnerabilities",2014-08-02,Vulnerability-Lab,ios,webapps,8080 34241,platforms/linux/webapps/34241.txt,"ISPConfig 3.0.54p1 - Authenticated Admin Local Root Vulnerability",2014-08-02,mra,linux,webapps,8080 -34336,platforms/php/webapps/34336.html,"Disqus for Wordpress 2.7.5 - Admin Stored CSRF and XSS",2014-08-14,"Nik Cubrilovic",php,webapps,80 +34336,platforms/php/webapps/34336.html,"Disqus for WordPress 2.7.5 - Admin Stored CSRF and XSS",2014-08-14,"Nik Cubrilovic",php,webapps,80 34337,platforms/php/webapps/34337.txt,"Gekko Web Builder 9.0 - 'index.php' Cross-Site Scripting Vulnerability",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34338,platforms/php/webapps/34338.html,"Pixie 1.0.4 HTML Injection and Cross-Site Scripting Vulnerabilities",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34243,platforms/ios/webapps/34243.txt,"Photo WiFi Transfer 1.01 - Directory Traversal Vulnerability",2014-08-02,Vulnerability-Lab,ios,webapps,8080 @@ -31109,7 +31109,7 @@ id,file,description,date,author,platform,type,port 34521,platforms/linux/dos/34521.txt,"Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial Of Service Vulnerability",2010-08-20,"Shane Bester",linux,dos,0 34522,platforms/linux/dos/34522.txt,"Oracle MySQL < 5.1.49 - 'DDL' Statements Denial Of Service Vulnerability",2010-07-09,"Elena Stepanova",linux,dos,0 34523,platforms/multiple/remote/34523.txt,"Nagios XI 'users.php' SQL Injection Vulnerability",2010-08-24,"Adam Baldwin",multiple,remote,0 -34524,platforms/php/webapps/34524.txt,"Wordpress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 +34524,platforms/php/webapps/34524.txt,"WordPress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Stored XSS (Python Exploit)",2014-09-02,"Dolev Farhi",multiple,webapps,0 34637,platforms/php/webapps/34637.txt,"Joomla Spider Form Maker <= 3.4 - SQLInjection",2014-09-12,"Claudio Viviani",php,webapps,0 34532,platforms/windows/remote/34532.c,"Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Execution Vulnerability",2010-08-25,storm,windows,remote,0 @@ -31121,7 +31121,7 @@ id,file,description,date,author,platform,type,port 34535,platforms/php/webapps/34535.txt,"Valarsoft WebMatic 3.0.5 - Multiple HTML Injection Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 34536,platforms/php/webapps/34536.txt,"CompuCMS - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 34537,platforms/linux/local/34537.txt,"EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation Weaknesses",2010-08-26,"Micha Riser",linux,local,0 -34538,platforms/php/webapps/34538.txt,"Wordpress Plugins Premium Gallery Manager - Unauthenticated Configuration Access Vulnerability",2014-09-05,Hannaichi,php,webapps,80 +34538,platforms/php/webapps/34538.txt,"WordPress Plugins Premium Gallery Manager - Unauthenticated Configuration Access Vulnerability",2014-09-05,Hannaichi,php,webapps,80 34539,platforms/php/webapps/34539.txt,"MyBB User Social Networks Plugin 1.2 - Stored XSS",2014-09-05,"Fikri Fadzil",php,webapps,80 34540,platforms/windows/dos/34540.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit",2014-09-05,"Robert Kugler",windows,dos,0 34541,platforms/php/webapps/34541.txt,"WebsiteKit Gbplus Name and Body Fields HTML Injection Vulnerabilities",2010-08-29,MiND,php,webapps,0 @@ -31136,7 +31136,7 @@ id,file,description,date,author,platform,type,port 34550,platforms/php/webapps/34550.txt,"Datemill search.php st Parameter XSS",2009-09-10,Moudi,php,webapps,0 34551,platforms/php/webapps/34551.txt,"IP Board 3.x - CSRF Token hjiacking",2014-09-07,"Piotr S.",php,webapps,0 34552,platforms/php/webapps/34552.txt,"LoadedCommerce7 - Systemic Query Factory Vulnerability",2014-09-07,Breaking.Technology,php,webapps,0 -34553,platforms/php/webapps/34553.txt,"Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability",2014-09-07,Att4ck3r.ir,php,webapps,0 +34553,platforms/php/webapps/34553.txt,"WordPress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability",2014-09-07,Att4ck3r.ir,php,webapps,0 34555,platforms/php/webapps/34555.txt,"PhpOnlineChat 3.0 - XSS",2014-09-07,"N0 Feel",php,webapps,0 34604,platforms/php/webapps/34604.php,"BlueCMS 1.6 - 'X-Forwarded-For' Header SQL Injection Vulnerability",2010-09-06,cnryan,php,webapps,0 34558,platforms/php/webapps/34558.txt,"Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities",2010-09-01,"High-Tech Bridge SA",php,webapps,0 @@ -31150,7 +31150,7 @@ id,file,description,date,author,platform,type,port 34578,platforms/php/webapps/34578.txt,"WordPress Acento Theme (view-pdf.php file param) - Arbitrary File Download",2014-09-08,alieye,php,webapps,80 34581,platforms/php/webapps/34581.txt,"Zen Cart 1.5.3 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34571,platforms/php/webapps/34571.py,"Joomla Spider Calendar <= 3.2.6 - SQL Injection",2014-09-08,"Claudio Viviani",php,webapps,0 -34572,platforms/php/webapps/34572.txt,"Wordpress Bulk Delete Users by Email Plugin 1.0 - CSRF",2014-09-08,"Fikri Fadzil",php,webapps,0 +34572,platforms/php/webapps/34572.txt,"WordPress Bulk Delete Users by Email Plugin 1.0 - CSRF",2014-09-08,"Fikri Fadzil",php,webapps,0 34580,platforms/php/webapps/34580.txt,"phpMyFAQ 2.8.X - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34579,platforms/php/webapps/34579.txt,"vBulletin 5.1.X - Persistent Cross-Site Scripting",2014-09-08,smash,php,webapps,80 34924,platforms/windows/webapps/34924.txt,"BMC Track-It! - Multiple Vulnerabilities",2014-10-09,"Pedro Ribeiro",windows,webapps,0 @@ -31161,7 +31161,7 @@ id,file,description,date,author,platform,type,port 34586,platforms/php/webapps/34586.txt,"Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities",2014-09-08,"Eldar Marcussen",php,webapps,80 34587,platforms/multiple/webapps/34587.txt,"Jenkins 1.578 - Multiple Vulnerabilities",2014-09-08,JoeV,multiple,webapps,8090 34588,platforms/aix/dos/34588.txt,"PHP Stock Management System 1.02 - Multiple Vulnerabilty",2014-09-09,jsass,aix,dos,0 -34589,platforms/php/webapps/34589.txt,"Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities",2014-09-09,"Fikri Fadzil",php,webapps,0 +34589,platforms/php/webapps/34589.txt,"WordPress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities",2014-09-09,"Fikri Fadzil",php,webapps,0 34592,platforms/linux/shellcode/34592.c,"Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash",2014-09-09,"Ali Razmjoo",linux,shellcode,0 34593,platforms/php/webapps/34593.txt,"Parallels Plesk Sitebuilder 9.5 - Multiple Vulnerabilities",2014-09-09,alieye,php,webapps,0 34595,platforms/linux/remote/34595.py,"ALCASAR 2.8 - Remote Root Code Execution Vulnerability",2014-09-09,eF,linux,remote,80 @@ -31248,7 +31248,7 @@ id,file,description,date,author,platform,type,port 34678,platforms/php/webapps/34678.txt,"WebStatCaffe stat/pageviewerschart.php date Parameter XSS",2009-08-29,Moudi,php,webapps,0 34679,platforms/php/webapps/34679.txt,"WebStatCaffe stat/referer.php date Parameter XSS",2009-08-29,Moudi,php,webapps,0 34680,platforms/hardware/webapps/34680.txt,"ZTE ZXDSL-931VII - Unauthenticated Configuration Dump",2014-09-16,"L0ukanik0-s S0kniaku0l",hardware,webapps,0 -34681,platforms/php/webapps/34681.txt,"Wordpress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit)",2014-09-16,"Claudio Viviani",php,webapps,0 +34681,platforms/php/webapps/34681.txt,"WordPress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit)",2014-09-16,"Claudio Viviani",php,webapps,0 34682,platforms/ios/webapps/34682.txt,"USB&WiFi Flash Drive 1.3 iOS - Code Execution Vulnerability",2014-09-16,Vulnerability-Lab,ios,webapps,8080 34685,platforms/windows/remote/34685.py,"Basic Web Server 1.0 - Directory Traversal and Denial of Service Vulnerabilities",2010-09-19,"John Leitch",windows,remote,0 34686,platforms/windows/remote/34686.txt,"YelloSoft Pinky 1.0 - Directory Traversal Vulnerability",2010-09-16,"John Leitch",windows,remote,0 @@ -31325,7 +31325,7 @@ id,file,description,date,author,platform,type,port 34759,platforms/php/webapps/34759.txt,"Glype 1.4.9 - Local Address Filter Bypass",2014-09-24,Securify,php,webapps,80 34760,platforms/php/webapps/34760.txt,"Restaurant Script (PizzaInn Project) - Stored XSS",2014-09-24,"Kenneth F. Belva",php,webapps,80 34761,platforms/php/webapps/34761.txt,"webEdition 6.3.8.0 (SVN-Revision: 6985) - Path Traversal",2014-09-24,"High-Tech Bridge SA",php,webapps,80 -34762,platforms/php/webapps/34762.txt,"Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 +34762,platforms/php/webapps/34762.txt,"WordPress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 34763,platforms/php/webapps/34763.txt,"OsClass 3.4.1 (index.php file param) - Local File Inclusion",2014-09-25,Netsparker,php,webapps,80 34764,platforms/php/webapps/34764.txt,"Cart Engine 3.0 - Multiple Vulnerabilities",2014-09-25,"Quantum Leap",php,webapps,80 34765,platforms/linux/remote/34765.txt,"GNU Bash - Environment Variable Command Injection (ShellShock)",2014-09-25,"Stephane Chazelas",linux,remote,0 @@ -31340,7 +31340,7 @@ id,file,description,date,author,platform,type,port 34774,platforms/php/webapps/34774.txt,"Hotscripts Type PHP Clone Script feedback.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 34775,platforms/php/webapps/34775.txt,"Hotscripts Type PHP Clone Script index.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 34776,platforms/php/webapps/34776.txt,"Hotscripts Type PHP Clone Script lostpassword.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 -34777,platforms/cgi/remote/34777.rb,"GNU bash Environment Variable Command Injection (MSF)",2014-09-25,"Shaun Colley",cgi,remote,0 +34777,platforms/cgi/remote/34777.rb,"GNU bash Environment Variable Command Injection (Metasploit)",2014-09-25,"Shaun Colley",cgi,remote,0 34778,platforms/lin_x86/shellcode/34778.c,"Linux/x86 - Add map in /etc/hosts file",2014-09-25,"Javier Tejedor",lin_x86,shellcode,0 34779,platforms/hardware/webapps/34779.pl,"Nucom ADSL ADSLR5000UN ISP Credentials Disclosure",2014-09-25,"Sebastián Magof",hardware,webapps,80 34783,platforms/php/webapps/34783.txt,"Scriptsez Ultimate Poll 'demo_page.php' Cross-Site Scripting Vulnerability",2009-07-16,Moudi,php,webapps,0 @@ -31359,7 +31359,7 @@ id,file,description,date,author,platform,type,port 34796,platforms/multiple/remote/34796.txt,"Oracle MySQL < 5.1.50 - Privilege Escalation Vulnerability",2010-08-03,"Libing Song",multiple,remote,0 34797,platforms/php/webapps/34797.txt,"SurgeMail SurgeWeb 4.3e Cross-Site Scripting Vulnerability",2010-10-04,"Kerem Kocaer",php,webapps,0 34782,platforms/php/webapps/34782.txt,"NetArt Media Car Portal 2.0 - 'car' Parameter SQL Injection Vulnerability",2010-09-27,RoAd_KiLlEr,php,webapps,0 -34781,platforms/php/webapps/34781.txt,"Wordpress All In One WP Security Plugin 3.8.2 - SQL Injection",2014-09-25,"High-Tech Bridge SA",php,webapps,80 +34781,platforms/php/webapps/34781.txt,"WordPress All In One WP Security Plugin 3.8.2 - SQL Injection",2014-09-25,"High-Tech Bridge SA",php,webapps,80 34798,platforms/php/webapps/34798.txt,"ITS SCADA Username - SQL Injection Vulnerability",2010-10-04,"Eugene Salov",php,webapps,0 34816,platforms/ios/webapps/34816.txt,"GS Foto Uebertraeger 3.0 iOS - File Include Vulnerability",2014-09-29,Vulnerability-Lab,ios,webapps,0 34800,platforms/php/webapps/34800.txt,"Typo3 JobControl 2.14.0 - Cross-Site Scripting / SQL Injection",2014-09-27,"Adler Freiheit",php,webapps,0 @@ -31404,7 +31404,7 @@ id,file,description,date,author,platform,type,port 34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 (joblogs.php jobid param) - SQL Injection",2014-10-02,wishnusakti,php,webapps,80 34852,platforms/windows/webapps/34852.txt,"Rejetto HTTP File Server (HFS) 2.3a_ 2.3b_ 2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",windows,webapps,80 34853,platforms/windows/remote/34853.c,"PowerDVD 5.0.1107 - 'trigger.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-10-19,"Inj3cti0n P4ck3t",windows,remote,0 -34854,platforms/php/webapps/34854.txt,"All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability",2014-10-02,Vulnerability-Lab,php,webapps,80 +34854,platforms/php/webapps/34854.txt,"All In One WordPress Firewall 3.8.3 - Persistent XSS Vulnerability",2014-10-02,Vulnerability-Lab,php,webapps,80 34855,platforms/windows/dos/34855.pl,"ALPHA Player 2.4 - (.bmp) Buffer Overflow Vulnerability",2010-10-19,anT!-Tr0J4n,windows,dos,0 34856,platforms/windows/remote/34856.py,"Kolibri Webserver 2.0 - Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass",2014-10-02,tekwizz123,windows,remote,80 34857,platforms/windows/dos/34857.txt,"TeamSpeak Client 3.0.14 - Buffer Overflow Vulnerability",2014-10-02,"SpyEye and Christian Galeon",windows,dos,0 @@ -31443,7 +31443,7 @@ id,file,description,date,author,platform,type,port 34892,platforms/php/webapps/34892.txt,"pecio CMS 2.0.5 - 'target' Parameter Cross-Site Scripting Vulnerability",2010-10-21,"Antu Sanadi",php,webapps,0 34893,platforms/php/webapps/34893.txt,"PHP Scripts Now Multiple Products bios.php rank Parameter XSS",2009-07-20,"599eme Man",php,webapps,0 34894,platforms/php/webapps/34894.txt,"PHP Scripts Now Multiple Products bios.php rank Parameter SQL Injection",2009-07-20,"599eme Man",php,webapps,0 -34895,platforms/cgi/webapps/34895.rb,"Bash - CGI RCE (MSF) Shellshock Exploit",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0 +34895,platforms/cgi/webapps/34895.rb,"Bash - CGI RCE (Metasploit) Shellshock Exploit",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0 34896,platforms/linux/remote/34896.py,"Postfix SMTP - Shellshock Exploit",2014-10-06,"Phil Blank",linux,remote,0 34922,platforms/php/webapps/34922.txt,"Creative Contact Form - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",php,webapps,0 35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injection Vulnerabilities",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31469,7 +31469,7 @@ id,file,description,date,author,platform,type,port 34919,platforms/php/webapps/34919.txt,"SkyBlueCanvas 1.1 r237 - 'admin.php' Directory Traversal Vulnerability",2009-07-16,MaXe,php,webapps,0 34920,platforms/asp/webapps/34920.txt,"HttpCombiner ASP.NET - Remote File Disclosure Vulnerability",2014-10-07,"Le Ngoc Son",asp,webapps,0 34921,platforms/windows/local/34921.pl,"Asx to Mp3 2.7.5 - Stack Overflow",2014-10-07,"Amir Tavakolian",windows,local,0 -34925,platforms/php/remote/34925.rb,"Wordpress InfusionSoft Plugin - Upload Vulnerability",2014-10-09,metasploit,php,remote,80 +34925,platforms/php/remote/34925.rb,"WordPress InfusionSoft Plugin - Upload Vulnerability",2014-10-09,metasploit,php,remote,80 34926,platforms/windows/remote/34926.rb,"Rejetto HttpFileServer Remote Command Execution",2014-10-09,metasploit,windows,remote,80 34927,platforms/unix/remote/34927.rb,"F5 iControl Remote Root Command Execution",2014-10-09,metasploit,unix,remote,443 34928,platforms/jsp/webapps/34928.txt,"DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities",2014-10-09,"Digital Misfits",jsp,webapps,0 @@ -31586,7 +31586,7 @@ id,file,description,date,author,platform,type,port 35566,platforms/php/webapps/35566.txt,"Yaws-Wiki 1.88-1 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2011-04-04,"Michael Brooks",php,webapps,0 35055,platforms/windows/remote/35055.py,"Windows OLE - Remote Code Execution _Sandworm_ Exploit (MS14-060)",2014-10-25,"Mike Czumak",windows,remote,0 35056,platforms/hardware/webapps/35056.txt,"Dell EqualLogic Storage - Directory Traversal",2014-10-25,"XLabs Security",hardware,webapps,0 -35057,platforms/php/webapps/35057.py,"Creative Contact Form (Wordpress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability",2014-10-25,"Claudio Viviani",php,webapps,0 +35057,platforms/php/webapps/35057.py,"Creative Contact Form (WordPress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability",2014-10-25,"Claudio Viviani",php,webapps,0 35058,platforms/bsd/dos/35058.c,"OpenBSD <= 5.5 - Local Kernel Panic",2014-10-25,nitr0us,bsd,dos,0 35059,platforms/ios/webapps/35059.txt,"File Manager 4.2.10 iOS - Code Execution Vulnerability",2014-10-25,Vulnerability-Lab,ios,webapps,0 35127,platforms/jsp/webapps/35127.txt,"Progress OpenEdge 11.2 - Directory Traversal",2014-10-31,"XLabs Security",jsp,webapps,9090 @@ -31603,7 +31603,7 @@ id,file,description,date,author,platform,type,port 35070,platforms/hardware/remote/35070.txt,"pfSense status_graph.php if Parameter XSS",2010-11-08,"dave b",hardware,remote,0 35071,platforms/hardware/remote/35071.txt,"pfSense interfaces.php if Parameter XSS",2010-11-08,"dave b",hardware,remote,0 35072,platforms/php/webapps/35072.txt,"Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam Multiple Vulnerabilities",2010-12-08,"Justin Klein Keane",php,webapps,0 -35073,platforms/php/webapps/35073.txt,"Wordpress CP Multi View Event Calendar 1.01 - SQL Injection",2014-10-27,"Claudio Viviani",php,webapps,80 +35073,platforms/php/webapps/35073.txt,"WordPress CP Multi View Event Calendar 1.01 - SQL Injection",2014-10-27,"Claudio Viviani",php,webapps,80 35074,platforms/windows/local/35074.py,"Free WMA MP3 Converter 1.8 - (.wav) Buffer Overflow",2014-10-27,metacom,windows,local,0 35075,platforms/hardware/webapps/35075.txt,"CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities",2014-10-27,LiquidWorm,hardware,webapps,0 35076,platforms/multiple/webapps/35076.py,"HP Operations Agent Remote XSS iFrame Injection",2014-10-27,"Matt Schmidt",multiple,webapps,383 @@ -31669,7 +31669,7 @@ id,file,description,date,author,platform,type,port 35136,platforms/php/webapps/35136.txt,"WordPress Accept Signups Plugin 0.1 - 'email' Parameter Cross-Site Scripting Vulnerability",2010-12-22,clshack,php,webapps,0 35137,platforms/php/webapps/35137.txt,"Social Share 'vote.php' HTTP Response Splitting Vulnerability",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0 35138,platforms/php/webapps/35138.txt,"Esotalk CMS 1.0.0g4 - XSS Vulnerability",2014-11-02,evi1m0,php,webapps,0 -35212,platforms/php/webapps/35212.txt,"XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities",2014-11-10,"Larry W. Cashdollar",php,webapps,80 +35212,platforms/php/webapps/35212.txt,"XCloner WordPress/Joomla! Plugin - Multiple Vulnerabilities",2014-11-10,"Larry W. Cashdollar",php,webapps,80 35140,platforms/php/webapps/35140.txt,"MyBB 1.6 - search.php keywords Parameter SQL Injection",2010-12-23,"Aung Khant",php,webapps,0 35141,platforms/php/webapps/35141.txt,"MyBB 1.6 - private.php keywords Parameter SQL Injection",2010-12-23,"Aung Khant",php,webapps,0 35142,platforms/php/webapps/35142.txt,"Social Share 'search' Parameter Cross-Site Scripting Vulnerability",2010-12-23,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31725,9 +31725,9 @@ id,file,description,date,author,platform,type,port 35202,platforms/windows/dos/35202.py,"Microsoft Internet Explorer 11 - Denial Of Service",2014-11-10,"Behrooz Abbassi",windows,dos,0 35203,platforms/hardware/webapps/35203.txt,"ZTE ZXDSL 831CII - Insecure Direct Object Reference",2014-11-10,"Paulos Yibelo",hardware,webapps,0 35205,platforms/linux/shellcode/35205.txt,"Position independent & Alphanumeric 64-bit execve(_/bin/sh\0__NULL_NULL); (87 bytes)",2014-11-10,Breaking.Technology,linux,shellcode,0 -35204,platforms/php/webapps/35204.txt,"Another Wordpress Classifieds Plugin - SQL Injection",2014-11-10,dill,php,webapps,0 +35204,platforms/php/webapps/35204.txt,"Another WordPress Classifieds Plugin - SQL Injection",2014-11-10,dill,php,webapps,0 35206,platforms/php/webapps/35206.txt,"PHP-Fusion 7.02.07 - SQL Injection",2014-11-10,"XLabs Security",php,webapps,0 -35313,platforms/php/webapps/35313.txt,"Wordpress SP Client Document Manager Plugin 2.4.1 - SQL Injection",2014-11-21,"ITAS Team",php,webapps,80 +35313,platforms/php/webapps/35313.txt,"WordPress SP Client Document Manager Plugin 2.4.1 - SQL Injection",2014-11-21,"ITAS Team",php,webapps,80 35208,platforms/hardware/webapps/35208.txt,"Barracuda - Multiple Anauthentificated Logfile Download",2014-11-10,4CKnowLedge,hardware,webapps,0 35292,platforms/php/webapps/35292.html,"vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-30,MaXe,php,webapps,0 35291,platforms/php/webapps/35291.txt,"Vanilla Forums 2.0.16 - 'Target' Parameter Cross-Site Scripting Vulnerability",2011-01-27,"YGN Ethical Hacker Group",php,webapps,0 @@ -31749,7 +31749,7 @@ id,file,description,date,author,platform,type,port 35227,platforms/php/webapps/35227.txt,"Alguest 1.1c-patched 'elimina' Parameter SQL Injection Vulnerability",2011-01-14,"Aliaksandr Hartsuyeu",php,webapps,0 35228,platforms/php/webapps/35228.txt,"CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-15,NLSecurity,php,webapps,0 35229,platforms/windows/remote/35229.html,"Microsoft Internet Explorer <= 11 - OLE Automation Array Remote Code Execution (1)",2014-11-13,yuange,windows,remote,0 -35230,platforms/windows/remote/35230.rb,"Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF)",2014-11-13,"Wesley Neelen & Rik van Duijn",windows,remote,0 +35230,platforms/windows/remote/35230.rb,"Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (Metasploit)",2014-11-13,"Wesley Neelen & Rik van Duijn",windows,remote,0 35231,platforms/php/webapps/35231.txt,"Advanced Webhost Billing System 2.9.2 - 'oid' Parameter SQL Injection Vulnerability",2011-01-16,ShivX,php,webapps,0 35232,platforms/linux/remote/35232.txt,"Pango Font Parsing 'pangoft2-render.c' Heap Corruption Vulnerability",2011-01-18,"Dan Rosenberg",linux,remote,0 35233,platforms/multiple/webapps/35233.txt,"B-Cumulus 'tagcloud' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-01-18,MustLive,multiple,webapps,0 @@ -31829,7 +31829,7 @@ id,file,description,date,author,platform,type,port 35381,platforms/php/webapps/35381.txt,"xEpan 1.0.1 - CSRF Vulnerability",2014-11-26,"High-Tech Bridge SA",php,webapps,80 35322,platforms/windows/local/35322.txt,"Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation",2014-11-22,LiquidWorm,windows,local,0 35323,platforms/php/webapps/35323.md,"MyBB <= 1.8.2 - unset_globals() Function Bypass and Remote Code Execution Vulnerability",2014-11-22,"Taoguang Chen",php,webapps,0 -35324,platforms/php/webapps/35324.txt,"Wordpress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 +35324,platforms/php/webapps/35324.txt,"WordPress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 35325,platforms/hardware/webapps/35325.txt,"Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 35326,platforms/windows/dos/35326.cpp,"Microsoft Windows - Win32k.sys Denial of Service",2014-11-22,Kedamsky,windows,dos,0 35380,platforms/php/remote/35380.rb,"Pandora Fms SQLi Remote Code Execution",2014-11-26,metasploit,php,remote,80 @@ -31846,8 +31846,8 @@ id,file,description,date,author,platform,type,port 35337,platforms/php/webapps/35337.txt,"TaskFreak 0.6.4 print_list.php Multiple Parameter XSS",2011-02-12,LiquidWorm,php,webapps,0 35338,platforms/php/webapps/35338.txt,"TaskFreak 0.6.4 rss.php HTTP Referer Header XSS",2011-02-12,LiquidWorm,php,webapps,0 35339,platforms/multiple/dos/35339.txt,"JourneyMap 5.0.0RC2 Ultimate Edition - DoS (Resource Consumption)",2014-11-24,CovertCodes,multiple,dos,0 -35340,platforms/php/webapps/35340.txt,"Wordpress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability",2014-11-24,"Claudio Viviani",php,webapps,0 -35341,platforms/php/webapps/35341.py,"Wordpress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability",2014-11-24,"Claudio Viviani",php,webapps,0 +35340,platforms/php/webapps/35340.txt,"WordPress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability",2014-11-24,"Claudio Viviani",php,webapps,0 +35341,platforms/php/webapps/35341.py,"WordPress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability",2014-11-24,"Claudio Viviani",php,webapps,0 35342,platforms/aix/dos/35342.txt,"RobotStats 1.0 - HTML Injection Vulnerability",2014-11-24,"ZoRLu Bugrahan",aix,dos,0 35343,platforms/php/webapps/35343.txt,"Smarty Template Engine <= 2.6.9 - '$smarty.template' PHP Code Injection Vulnerability",2011-02-09,jonieske,php,webapps,0 35344,platforms/php/webapps/35344.txt,"RobotStats 1.0 - (robot param) SQL Injection Vulnerability",2014-11-24,"ZoRLu Bugrahan",php,webapps,0 @@ -31875,19 +31875,19 @@ id,file,description,date,author,platform,type,port 35367,platforms/php/webapps/35367.txt,"crea8social 1.3 - Stored XSS Vulnerability",2014-11-25,"Halil Dalabasmaz",php,webapps,80 35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 Malformed Packet NULL Pointer Dereference Remote Denial Of Service Vulnerability",2011-02-22,"Luigi Auriemma",multiple,dos,0 35370,platforms/linux/local/35370.c,"Linux Kernel - libfutex - Local Root for RHEL/CentOS 7.0.1406",2014-11-25,"Kaiqu Chen",linux,local,0 -35371,platforms/php/webapps/35371.txt,"Wordpress Google Document Embedder 2.5.14 - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 +35371,platforms/php/webapps/35371.txt,"WordPress Google Document Embedder 2.5.14 - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 35372,platforms/hardware/webapps/35372.rb,"Arris VAP2500 - Authentication Bypass",2014-11-25,HeadlessZeke,hardware,webapps,80 35373,platforms/php/webapps/35373.txt,"WordPress GD Star Rating Plugin 1.9.7 - 'wpfn' Parameter Cross-Site Scripting Vulnerability",2011-02-22,"High-Tech Bridge SA",php,webapps,0 35374,platforms/php/webapps/35374.txt,"IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting Vulnerability",2011-02-22,andrew,php,webapps,0 35375,platforms/php/webapps/35375.txt,"Vanilla Forums 2.0.17.x - 'p' Parameter Cross-Site Scripting Vulnerability",2011-02-22,"Aung Khant",php,webapps,0 35376,platforms/php/webapps/35376.txt,"mySeatXT 0.164 - 'lang' Parameter Local File Include Vulnerability",2011-02-16,"AutoSec Tools",php,webapps,0 35377,platforms/windows/local/35377.rb,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - (.wax) SEH Buffer Overflow",2014-11-26,"Muhamad Fadzil Ramli",windows,local,0 -35378,platforms/php/webapps/35378.txt,"Wordpress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 +35378,platforms/php/webapps/35378.txt,"WordPress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 35379,platforms/windows/dos/35379.go,"Elipse E3 - HTTP Denial of Service",2014-11-26,firebitsbr,windows,dos,80 35382,platforms/android/dos/35382.txt,"Android WAPPushManager - SQL Injection",2014-11-26,"Baidu X-Team",android,dos,0 35383,platforms/cgi/webapps/35383.rb,"Device42 WAN Emulator 2.3 Traceroute Command Injection",2014-11-26,"Brandon Perry",cgi,webapps,80 35384,platforms/cgi/webapps/35384.rb,"Device42 WAN Emulator 2.3 Ping Command Injection",2014-11-26,"Brandon Perry",cgi,webapps,80 -35385,platforms/php/webapps/35385.pl,"Wordpress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit",2014-11-26,"Simo Ben Youssef",php,webapps,80 +35385,platforms/php/webapps/35385.pl,"WordPress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit",2014-11-26,"Simo Ben Youssef",php,webapps,80 35386,platforms/linux/remote/35386.txt,"Logwatch Log File - Special Characters Local Privilege Escalation Vulnerability",2011-02-24,"Dominik George",linux,remote,0 35387,platforms/php/webapps/35387.txt,"phpShop 0.8.1 - 'page' Parameter Cross-Site Scripting Vulnerability",2011-02-25,"Aung Khant",php,webapps,0 35395,platforms/windows/local/35395.txt,"CCH Wolters Kluwer PFX Engagement <= 7.1 - Local Privilege Escalation",2014-11-28,"Information Paradox",windows,local,0 @@ -31913,7 +31913,7 @@ id,file,description,date,author,platform,type,port 35411,platforms/asp/webapps/35411.txt,"Kodak InSite 5.5.2 Troubleshooting/DiagnosticReport.asp HeaderWarning Parameter XSS",2011-03-07,Dionach,asp,webapps,0 35412,platforms/asp/webapps/35412.txt,"Kodak InSite 5.5.2 Pages/login.aspx Language Parameter XSS",2011-03-07,Dionach,asp,webapps,0 35413,platforms/php/dos/35413.php,"WordPress <= 4.0 - Denial of Service Exploit",2014-12-01,SECURELI.com,php,dos,80 -35414,platforms/php/dos/35414.txt,"Wordpress < 4.0.1 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 +35414,platforms/php/dos/35414.txt,"WordPress < 4.0.1 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 35415,platforms/php/dos/35415.txt,"Drupal < 7.34 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 35416,platforms/php/webapps/35416.txt,"Interleave 5.5.0.2 - 'basicstats.php' Multiple Cross-Site Scripting Vulnerabilities",2011-03-03,"AutoSec Tools",php,webapps,0 35417,platforms/php/webapps/35417.php,"WS Interactive Automne 4.1 - 'admin/upload-controler.php' Remote Arbitrary File Upload Vulnerability",2011-03-08,"AutoSec Tools",php,webapps,0 @@ -31937,7 +31937,7 @@ id,file,description,date,author,platform,type,port 35436,platforms/php/webapps/35436.txt,"Xinha 0.96 - 'spell-check-savedicts.php' Multiple HTML Injection Vulnerabilities",2011-03-10,"John Leitch",php,webapps,0 35437,platforms/multiple/dos/35437.pl,"Air Contacts Lite HTTP Packet Denial Of Service Vulnerability",2011-02-09,"Rodrigo Escobar",multiple,dos,0 35438,platforms/cgi/webapps/35438.txt,"CosmoShop 10.05.00 - Multiple Cross-Site Scripting and SQL Injection Vulnerabilities",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0 -35439,platforms/php/webapps/35439.txt,"Wordpress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability",2014-12-02,"Kacper Szurek",php,webapps,80 +35439,platforms/php/webapps/35439.txt,"WordPress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability",2014-12-02,"Kacper Szurek",php,webapps,80 35440,platforms/osx/local/35440.rb,"Mac OS X - IOKit Keyboard Driver Root Privilege Escalation",2014-12-02,metasploit,osx,local,0 35441,platforms/multiple/remote/35441.rb,"Tincd Post-Authentication Remote TCP Stack Buffer Overflow",2014-12-02,metasploit,multiple,remote,655 35442,platforms/hardware/webapps/35442.txt,"EntryPass N5200 - Credentials Exposure",2014-12-02,"RedTeam Pentesting",hardware,webapps,0 @@ -31957,7 +31957,7 @@ id,file,description,date,author,platform,type,port 35456,platforms/php/webapps/35456.txt,"BoutikOne rss_promo.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35457,platforms/php/webapps/35457.txt,"BoutikOne rss_top10.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35459,platforms/php/webapps/35459.txt,"Cart66 Lite WordPress Ecommerce 1.5.1.17 - Blind SQL Injection",2014-12-03,"Kacper Szurek",php,webapps,80 -35460,platforms/php/webapps/35460.txt,"CodeArt Google MP3 Player Wordpress Plugin - File Disclosure Download",2014-12-03,"QK14 Team",php,webapps,80 +35460,platforms/php/webapps/35460.txt,"CodeArt Google MP3 Player WordPress Plugin - File Disclosure Download",2014-12-03,"QK14 Team",php,webapps,80 35564,platforms/php/webapps/35564.txt,"DoceboLms 4.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-03,LiquidWorm,php,webapps,0 35565,platforms/php/webapps/35565.txt,"Anantasoft Gazelle CMS - 1.0 - Cross-Site Scripting and SQL Injection Vulnerabilities",2011-04-04,"kurdish hackers team",php,webapps,0 35462,platforms/hardware/webapps/35462.txt,"Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities",2014-12-04,Crash,hardware,webapps,80 @@ -31988,7 +31988,7 @@ id,file,description,date,author,platform,type,port 35489,platforms/multiple/dos/35489.pl,"Perl 5.x - 'Perl_reg_numbered_buff_fetch()' Function Remote Denial of Service Vulnerability",2011-03-23,"Vladimir Perepelitsa",multiple,dos,0 35490,platforms/php/webapps/35490.txt,"IceHrm 7.1 - Multiple Vulnerabilities",2014-12-08,LiquidWorm,php,webapps,0 35492,platforms/php/webapps/35492.txt,"Free Article Submissions 1.0 - SQL Injection Vulnerability",2014-12-08,BarrabravaZ,php,webapps,0 -35493,platforms/php/webapps/35493.txt,"Wordpress Ajax Store Locator 1.2 - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 +35493,platforms/php/webapps/35493.txt,"WordPress Ajax Store Locator 1.2 - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 35518,platforms/php/webapps/35518.txt,"OpenEMR 4.1.2(7) - Multiple SQL Injection Vulnerabilities",2014-12-10,Portcullis,php,webapps,80 35495,platforms/multiple/remote/35495.txt,"Advantech/BroadWin SCADA WebAccess 7.0 - Multiple Remote Security Vulnerabilities",2011-03-23,"Ruben Santamarta ",multiple,remote,0 35496,platforms/php/webapps/35496.txt,"MC Content Manager 10.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-24,MustLive,php,webapps,0 @@ -32004,7 +32004,7 @@ id,file,description,date,author,platform,type,port 35674,platforms/php/webapps/35674.txt,"WordPress WP Photo Album Plugin 1.5.1 - 'id' Parameter Cross-Site Scripting Vulnerability",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35675,platforms/php/webapps/35675.txt,"Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-27,"Emilio Pinna",php,webapps,0 35676,platforms/cgi/webapps/35676.txt,"BackupPC 3.x - 'index.cgi' Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",cgi,webapps,0 -35505,platforms/php/webapps/35505.txt,"Wordpress Plugin Symposium 14.10 - SQL Injection",2014-12-09,"Kacper Szurek",php,webapps,0 +35505,platforms/php/webapps/35505.txt,"WordPress Plugin Symposium 14.10 - SQL Injection",2014-12-09,"Kacper Szurek",php,webapps,0 35506,platforms/php/webapps/35506.pl,"Flat Calendar 1.1 - HTML Injection Exploit",2014-12-09,"ZoRLu Bugrahan",php,webapps,0 35507,platforms/windows/dos/35507.pl,"DivX Player 7 - Multiple Remote Buffer Overflow Vulnerabilities",2011-03-27,KedAns-Dz,windows,dos,0 35508,platforms/php/webapps/35508.txt,"Cetera eCommerce Multiple Cross-Site Scripting and SQL Injection Vulnerabilities",2011-03-27,MustLive,php,webapps,0 @@ -32032,7 +32032,7 @@ id,file,description,date,author,platform,type,port 35530,platforms/windows/dos/35530.py,"Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit DoS (.m3u)",2014-12-15,s-dz,windows,dos,0 35531,platforms/windows/dos/35531.py,"Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit DoS (.lst)",2014-12-15,s-dz,windows,dos,0 35532,platforms/windows/dos/35532.py,"jaangle 0.98i.977 - Denial of Service Vulnerability",2014-12-15,s-dz,windows,dos,0 -35533,platforms/php/webapps/35533.py,"Wordpress Download Manager 2.7.4 - Remote Code Execution Vulnerability",2014-12-15,"Claudio Viviani",php,webapps,0 +35533,platforms/php/webapps/35533.py,"WordPress Download Manager 2.7.4 - Remote Code Execution Vulnerability",2014-12-15,"Claudio Viviani",php,webapps,0 35548,platforms/php/webapps/35548.txt,"InTerra Blog Machine 1.84 - 'subject' Parameter HTML Injection Vulnerability",2011-03-31,"High-Tech Bridge SA",php,webapps,0 35535,platforms/php/webapps/35535.php,"PHPads <= 213607 - Authentication Bypass / Password Change Exploit",2014-12-15,"Shaker msallm",php,webapps,0 35539,platforms/php/dos/35539.txt,"phpMyAdmin 4.0.x / 4.1.x / 4.2.x - DoS",2014-12-15,"Javer Nieto and Andres Rojas",php,dos,0 @@ -32042,7 +32042,7 @@ id,file,description,date,author,platform,type,port 35563,platforms/windows/remote/35563.pl,"EasyPHP 5.3.5.0 - 'index.php' Arbitrary File Download Vulnerability",2011-04-03,KedAns-Dz,windows,remote,0 35541,platforms/php/webapps/35541.txt,"ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling",2014-12-15,"Adler Freiheit",php,webapps,0 35556,platforms/hardware/webapps/35556.txt,"CIK Telecom VoIP router SVG6000RW - Privilege Escalation and Command Execution",2014-12-17,Chako,hardware,webapps,0 -35543,platforms/php/webapps/35543.txt,"Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit",2014-12-15,"Claudio Viviani",php,webapps,0 +35543,platforms/php/webapps/35543.txt,"WordPress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit",2014-12-15,"Claudio Viviani",php,webapps,0 35549,platforms/unix/remote/35549.rb,"ActualAnalyzer 'ant' Cookie Command Execution",2014-12-16,metasploit,unix,remote,80 35545,platforms/php/remote/35545.rb,"Tuleap PHP Unserialize Code Execution",2014-12-15,metasploit,php,remote,80 35547,platforms/php/webapps/35547.txt,"ICJobSite 1.1 - 'pid' Parameter SQL Injection Vulnerability",2011-03-30,RoAd_KiLlEr,php,webapps,0 @@ -32085,12 +32085,12 @@ id,file,description,date,author,platform,type,port 35600,platforms/linux/dos/35600.c,"Linux Kernel 2.6.x - 'inotify_init1()' Double Free Local Denial of Service Vulnerability",2011-04-11,anonymous,linux,dos,0 35601,platforms/php/webapps/35601.txt,"Etki Video PRO 2.0 izle.asp id Parameter SQL Injection",2011-04-11,Kurd-Team,php,webapps,0 35602,platforms/php/webapps/35602.txt,"Etki Video PRO 2.0 kategori.asp cat Parameter SQL Injection",2011-04-11,Kurd-Team,php,webapps,0 -35603,platforms/php/webapps/35603.txt,"Live Wire 2.3.1 For Wordpress - Multiple Security Vulnerabilities",2011-04-11,MustLive,php,webapps,0 +35603,platforms/php/webapps/35603.txt,"Live Wire 2.3.1 For WordPress - Multiple Security Vulnerabilities",2011-04-11,MustLive,php,webapps,0 35604,platforms/php/webapps/35604.txt,"eForum 1.1 - '/eforum.php' Arbitrary File Upload Vulnerability",2011-04-09,QSecure,php,webapps,0 35605,platforms/php/webapps/35605.txt,"Lazarus Guestbook 1.22 - Multiple Vulnerabilities",2014-12-24,TaurusOmar,php,webapps,80 35606,platforms/linux/remote/35606.txt,"MIT Kerberos 5 kadmind Change Password Feature Remote Code Execution Vulnerability",2011-04-11,"Felipe Ortega",linux,remote,0 35607,platforms/php/webapps/35607.txt,"Spellchecker Plugin 3.1 for WordPress - 'general.php' Local and Remote File Include Vulnerabilities",2011-04-12,"Dr Trojan",php,webapps,0 -35608,platforms/php/webapps/35608.txt,"The Gazette Edition 2.9.4 For Wordpress - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0 +35608,platforms/php/webapps/35608.txt,"The Gazette Edition 2.9.4 For WordPress - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0 35609,platforms/php/webapps/35609.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35610,platforms/php/webapps/35610.txt,"Plogger 1.0 RC1 - 'gallery_name' Parameter Cross-Site Scripting Vulnerability",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35611,platforms/php/webapps/35611.txt,"Website Baker 2.8.1 - Multiple SQL Injection Vulnerabilities",2011-04-12,"High-Tech Bridge SA",php,webapps,0 @@ -32287,7 +32287,7 @@ id,file,description,date,author,platform,type,port 35820,platforms/linux/dos/35820.c,"Linux Kernel 2.6.x - KSM Local Denial of Service Vulnerability",2011-06-02,"Andrea Righi",linux,dos,0 35821,platforms/windows/local/35821.txt,"Sim Editor 6.6 - Stack Based Buffer Overflow",2015-01-16,"Osanda Malith",windows,local,0 35822,platforms/windows/remote/35822.html,"Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution",2015-01-19,"Praveen Darshanam",windows,remote,0 -35823,platforms/php/webapps/35823.txt,"Wordpress Pie Register Plugin 2.0.13 - Privilege Escalation",2015-01-16,"Kacper Szurek",php,webapps,80 +35823,platforms/php/webapps/35823.txt,"WordPress Pie Register Plugin 2.0.13 - Privilege Escalation",2015-01-16,"Kacper Szurek",php,webapps,80 35824,platforms/php/webapps/35824.txt,"vBulletin vBExperience 3 'sortorder' Parameter Cross Site Scripting Vulnerability",2011-06-06,Mr.ThieF,php,webapps,0 35985,platforms/php/webapps/35985.txt,"Support Incident Tracker (SiT!) 3.63 p1 - report_marketing.php exc[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35986,platforms/php/webapps/35986.txt,"Support Incident Tracker (SiT!) 3.63 p1 - billable_incidents.php sites[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 @@ -32347,7 +32347,7 @@ id,file,description,date,author,platform,type,port 35876,platforms/windows/dos/35876.html,"Easewe FTP OCX ActiveX Control 4.5.0.9 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities",2011-06-22,"High-Tech Bridge SA",windows,dos,0 35877,platforms/php/webapps/35877.txt,"Sitemagic CMS 'SMTpl' Parameter Directory Traversal Vulnerability",2011-06-23,"Andrea Bocchetti",php,webapps,0 35878,platforms/php/webapps/35878.txt,"ecommerceMajor - SQL Injection And Authentication bypass",2015-01-22,"Manish Tanwar",php,webapps,0 -35879,platforms/php/webapps/35879.txt,"Wordpress Cforms Plugin 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0 +35879,platforms/php/webapps/35879.txt,"WordPress Cforms Plugin 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0 35880,platforms/windows/remote/35880.html,"LEADTOOLS Imaging LEADSmtp ActiveX Control 'SaveMessage()' Insecure Method Vulnerability",2011-06-23,"High-Tech Bridge SA",windows,remote,0 35881,platforms/windows/remote/35881.c,"xAurora 10.00 - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution Vulnerability",2011-06-24,"Zer0 Thunder",windows,remote,0 35882,platforms/php/webapps/35882.txt,"Nodesforum '_nodesforum_node' Parameter SQL Injection Vulnerability",2011-06-23,"Andrea Bocchetti",php,webapps,0 @@ -32388,7 +32388,7 @@ id,file,description,date,author,platform,type,port 35991,platforms/php/webapps/35991.txt,"Pragyan CMS 3.0 - SQL Injection",2015-02-04,"Steffen Rösemann",php,webapps,80 35914,platforms/php/webapps/35914.txt,"ferretCMS 1.0.4-alpha - Multiple Vulnerabilities",2015-01-26,"Steffen Rösemann",php,webapps,80 35915,platforms/multiple/webapps/35915.txt,"Symantec Data Center Security - Multiple Vulnerabilities",2015-01-26,"SEC Consult",multiple,webapps,0 -35916,platforms/php/webapps/35916.txt,"Wordpress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 +35916,platforms/php/webapps/35916.txt,"WordPress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 35917,platforms/hardware/remote/35917.txt,"D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit",2015-01-27,"Todor Donev",hardware,remote,0 35918,platforms/multiple/remote/35918.c,"IBM DB2 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution Vulnerability",2011-06-30,"Tim Brown",multiple,remote,0 35919,platforms/bsd/remote/35919.c,"NetBSD 5.1 Multiple 'libc/net' Functions Stack Buffer Overflow Vulnerability",2011-07-01,"Maksymilian Arciemowicz",bsd,remote,0 @@ -32482,7 +32482,7 @@ id,file,description,date,author,platform,type,port 36028,platforms/php/webapps/36028.txt,"u5CMS 3.9.3 - (thumb.php) Local File Inclusion Vulnerability",2015-02-09,LiquidWorm,php,webapps,0 36029,platforms/php/webapps/36029.txt,"u5CMS 3.9.3 - Multiple Stored And Reflected XSS Vulnerabilities",2015-02-09,LiquidWorm,php,webapps,0 36031,platforms/php/webapps/36031.txt,"StaMPi - Local File Inclusion",2015-02-09,"e . V . E . L",php,webapps,0 -36058,platforms/php/webapps/36058.txt,"Wordpress Video Gallery 2.7.0 - SQL Injection Vulnerability",2015-02-12,"Claudio Viviani",php,webapps,0 +36058,platforms/php/webapps/36058.txt,"WordPress Video Gallery 2.7.0 - SQL Injection Vulnerability",2015-02-12,"Claudio Viviani",php,webapps,0 36032,platforms/php/webapps/36032.txt,"Softbiz Recipes Portal Script Multiple Cross Site Scripting Vulnerabilities",2011-08-05,Net.Edit0r,php,webapps,0 36033,platforms/php/webapps/36033.txt,"Search Network 2.0 - 'query' Parameter Cross Site Scripting Vulnerability",2011-08-08,darkTR,php,webapps,0 36034,platforms/php/webapps/36034.txt,"OpenEMR 4.0 Multiple Cross Site Scripting Vulnerabilities",2011-08-09,"Houssam Sahli",php,webapps,0 @@ -32503,7 +32503,7 @@ id,file,description,date,author,platform,type,port 36051,platforms/php/webapps/36051.txt,"WordPress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross Site Scripting Vulnerabilities",2011-08-17,"High-Tech Bridge SA",php,webapps,0 36052,platforms/windows/local/36052.c,"SoftSphere DefenseWall FW/IPS 3.24 - Privilege Escalation",2015-02-11,"Parvez Anwar",windows,local,0 36053,platforms/windows/local/36053.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow",2015-02-11,"dogo h@ck",windows,local,0 -36054,platforms/php/webapps/36054.txt,"Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection",2015-02-11,"Securely (Yoo Hee man)",php,webapps,80 +36054,platforms/php/webapps/36054.txt,"WordPress Survey and Poll Plugin 1.1 - Blind SQL Injection",2015-02-11,"Securely (Yoo Hee man)",php,webapps,80 36055,platforms/php/webapps/36055.txt,"Pandora FMS 5.1 SP1 - SQL Injection Vulnerability",2015-02-11,Vulnerability-Lab,php,webapps,8080 36056,platforms/windows/remote/36056.rb,"Achat 0.150 beta7 - Buffer Overflow",2015-02-11,metasploit,windows,remote,9256 36057,platforms/cgi/webapps/36057.txt,"IBM Endpoint Manager - Stored XSS Vulnerability",2015-02-11,"RedTeam Pentesting",cgi,webapps,52311 @@ -32598,7 +32598,7 @@ id,file,description,date,author,platform,type,port 36154,platforms/php/webapps/36154.txt,"Beehive Forum 1.4.4 - Stored XSS Vulnerability",2015-02-23,"Halil Dalabasmaz",php,webapps,0 36155,platforms/php/webapps/36155.php,"WeBid 1.1.1 Unrestricted File Upload Exploit",2015-02-23,"CWH Underground",php,webapps,80 36156,platforms/php/webapps/36156.txt,"Clipbucket 2.7 RC3 0.9 - Blind SQL Injection",2015-02-23,"CWH Underground",php,webapps,80 -36157,platforms/php/webapps/36157.rb,"Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (MSF)",2015-02-23,"Pablo González",php,webapps,80 +36157,platforms/php/webapps/36157.rb,"Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (Metasploit)",2015-02-23,"Pablo González",php,webapps,80 36158,platforms/php/dos/36158.txt,"PHP DateTime Use After Free Vulnerability",2015-02-23,"Taoguang Chen",php,dos,0 36159,platforms/php/webapps/36159.txt,"Zeuscart v.4 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 36160,platforms/php/webapps/36160.txt,"phpBugTracker 1.6.0 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 @@ -32672,7 +32672,7 @@ id,file,description,date,author,platform,type,port 36227,platforms/php/webapps/36227.txt,"Joomla! Sgicatalog Component 1.0 - 'id' Parameter SQL Injection Vulnerability",2011-10-12,"BHG Security Center",php,webapps,0 36228,platforms/php/webapps/36228.txt,"BugFree 2.1.3 Multiple Cross Site Scripting Vulnerabilities",2011-10-12,"High-Tech Bridge SA",php,webapps,0 36229,platforms/linux/local/36229.py,"VFU 4.10-1.1 - Move Entry Buffer Overflow",2015-02-25,"Bas van den Berg",linux,local,0 -36230,platforms/php/webapps/36230.txt,"Calculated Fields Form Wordpress Plugin <= 1.0.10 - Remote SQL Injection Vulnerability",2015-03-02,"Ibrahim Raafat",php,webapps,0 +36230,platforms/php/webapps/36230.txt,"Calculated Fields Form WordPress Plugin <= 1.0.10 - Remote SQL Injection Vulnerability",2015-03-02,"Ibrahim Raafat",php,webapps,0 36231,platforms/php/webapps/36231.py,"GoAutoDial CE 2.0 - Shell Upload",2015-02-28,R-73eN,php,webapps,0 36232,platforms/php/webapps/36232.txt,"vBulletin vBSEO 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability",2015-03-02,Net.Edit0r,php,webapps,80 36233,platforms/php/webapps/36233.txt,"WordPress Pretty Link Plugin 1.4.56 - Multiple Cross Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 @@ -32684,7 +32684,7 @@ id,file,description,date,author,platform,type,port 36239,platforms/hardware/remote/36239.txt,"Check Point UTM-1 Edge and Safe 8.2.43 Multiple Security Vulnerabilities",2011-10-18,"Richard Brain",hardware,remote,0 36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 - 'index.php' Cross Site Scripting and SQL Injection Vulnerabilities",2011-10-18,"Stefan Schurtz",php,webapps,0 36241,platforms/hardware/webapps/36241.txt,"Sagem F@st 3304-V2 - LFI",2015-03-03,"Loudiyi Mohamed",hardware,webapps,0 -36242,platforms/php/webapps/36242.txt,"Wordpress Theme Photocrati 4.x.x - SQL Injection & XSS",2015-03-03,ayastar,php,webapps,0 +36242,platforms/php/webapps/36242.txt,"WordPress Theme Photocrati 4.x.x - SQL Injection & XSS",2015-03-03,ayastar,php,webapps,0 36243,platforms/php/webapps/36243.txt,"WordPress cp-multi-view-calendar <= 1.1.4 - SQL Injection vulnerabilities",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 36246,platforms/multiple/remote/36246.txt,"Splunk <= 4.1.6 'segment' Parameter Cross Site Scripting Vulnerability",2011-10-20,"Filip Palian",multiple,remote,0 36247,platforms/multiple/dos/36247.txt,"Splunk <= 4.1.6 Web component Remote Denial of Service Vulnerability",2011-10-20,"Filip Palian",multiple,dos,0 @@ -32806,9 +32806,9 @@ id,file,description,date,author,platform,type,port 36369,platforms/xml/webapps/36369.txt,"Citrix Netscaler NS10.5 - WAF Bypass Via HTTP Header Pollution",2015-03-12,"BGA Security",xml,webapps,0 36370,platforms/linux/remote/36370.txt,"ArcSight Logger - Arbitrary File Upload (Code Execution)",2015-03-13,"Horoszkiewicz Julian ISP_",linux,remote,0 36371,platforms/php/webapps/36371.txt,"Codiad 2.5.3 - LFI Vulnerability",2015-03-12,"TUNISIAN CYBER",php,webapps,0 -36372,platforms/php/webapps/36372.txt,"Wordpress Theme DesignFolio Plus 1.2 - Arbitrary File Upload Vulnerability",2015-03-04,CrashBandicot,php,webapps,0 +36372,platforms/php/webapps/36372.txt,"WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload Vulnerability",2015-03-04,CrashBandicot,php,webapps,0 36373,platforms/php/webapps/36373.txt,"Joomla Simple Photo Gallery 1.0 - Arbitrary File Upload",2015-03-10,CrashBandicot,php,webapps,0 -36374,platforms/php/webapps/36374.txt,"Wordpress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 +36374,platforms/php/webapps/36374.txt,"WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 36375,platforms/asp/webapps/36375.txt,"Virtual Vertex Muster 6.1.6 Web Interface Directory Traversal Vulnerability",2011-11-29,"Nick Freeman",asp,webapps,0 36376,platforms/windows/remote/36376.txt,"Oxide WebServer Directory Traversal Vulnerability",2011-11-29,demonalex,windows,remote,0 36377,platforms/multiple/dos/36377.txt,"CoDeSys 3.4 HTTP POST Request NULL Pointer Content-Length Parsing Remote DoS",2011-11-30,"Luigi Auriemma",multiple,dos,0 @@ -32900,7 +32900,7 @@ id,file,description,date,author,platform,type,port 36463,platforms/php/webapps/36463.txt,"Telescope <= 0.9.2 - Markdown Persistent XSS",2015-03-21,shubs,php,webapps,0 36464,platforms/php/webapps/36464.txt,"Joomla Spider FAQ Component - SQL Injection Vulnerability",2015-03-22,"Manish Tanwar",php,webapps,0 36465,platforms/windows/local/36465.py,"Free MP3 CD Ripper 2.6 - Local Buffer Overflow",2015-03-22,"TUNISIAN CYBER",windows,local,0 -36466,platforms/php/webapps/36466.txt,"Wordpress Marketplace 2.4.0 - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 +36466,platforms/php/webapps/36466.txt,"WordPress Marketplace 2.4.0 - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 36468,platforms/php/webapps/36468.txt,"PHP Booking Calendar 10e 'page_info_message' Parameter Cross Site Scripting Vulnerability",2011-12-19,G13,php,webapps,0 36469,platforms/php/webapps/36469.txt,"Joomla! 'com_tsonymf' Component 'idofitem' Parameter SQL Injection Vulnerability",2011-12-20,CoBRa_21,php,webapps,0 36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware <= 8.1 'show_errors' Parameter HTML Injection Vulnerability",2011-12-20,"Stefan Schurtz",php,webapps,0 @@ -32979,9 +32979,9 @@ id,file,description,date,author,platform,type,port 36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website 'ringtones.php' Multiple Cross Site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0 36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 Multiple 'index.php' Cross Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 36553,platforms/java/webapps/36553.java,"JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution",2015-03-30,ikki,java,webapps,0 -36554,platforms/php/webapps/36554.txt,"Wordpress Plugin Slider Revolution <= 4.1.4 - Arbitrary File Download vulnerability",2015-03-30,"Claudio Viviani",php,webapps,0 +36554,platforms/php/webapps/36554.txt,"WordPress Plugin Slider Revolution <= 4.1.4 - Arbitrary File Download vulnerability",2015-03-30,"Claudio Viviani",php,webapps,0 36747,platforms/linux/local/36747.c,"Fedora abrt Race Condition Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 -36559,platforms/php/webapps/36559.txt,"Wordpress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download Vulnerability",2015-03-30,ACC3SS,php,webapps,0 +36559,platforms/php/webapps/36559.txt,"WordPress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download Vulnerability",2015-03-30,ACC3SS,php,webapps,0 36560,platforms/php/webapps/36560.txt,"Joomla Gallery WD Component - SQL Injection Vulnerability",2015-03-30,CrashBandicot,php,webapps,0 36561,platforms/php/webapps/36561.txt,"Joomla Contact Form Maker 1.0.1 Component - SQL injection vulnerability",2015-03-30,"TUNISIAN CYBER",php,webapps,0 36562,platforms/linux/remote/36562.txt,"Apache Spark Cluster 1.3.x - Arbitary Code Execution",2015-03-30,"Akhil Das",linux,remote,0 @@ -33022,7 +33022,7 @@ id,file,description,date,author,platform,type,port 36597,platforms/php/webapps/36597.txt,"Joomla! 'com_bulkenquery' Component 'controller' Parameter Local File Include Vulnerability",2012-01-21,the_cyber_nuxbie,php,webapps,0 36598,platforms/php/webapps/36598.txt,"Joomla! 'com_kp' Component 'controller' Parameter Local File Include Vulnerability",2012-01-21,the_cyber_nuxbie,php,webapps,0 36599,platforms/asp/webapps/36599.txt,"Raven 1.0 - 'connector.asp' Arbitrary File Upload Vulnerability",2012-01-21,HELLBOY,asp,webapps,0 -36600,platforms/php/webapps/36600.txt,"Wordpress Business Intelligence Plugin - SQL injection",2015-04-02,"Jagriti Sahu",php,webapps,80 +36600,platforms/php/webapps/36600.txt,"WordPress Business Intelligence Plugin - SQL injection",2015-04-02,"Jagriti Sahu",php,webapps,80 36601,platforms/php/webapps/36601.txt,"Joomla Spider Random Article Component - SQL Injection",2015-04-02,"Jagriti Sahu",php,webapps,80 36620,platforms/php/webapps/36620.txt,"WordPress YouSayToo auto-publishing Plugin 1.0 - 'submit' Parameter Cross Site Scripting Vulnerability",2012-01-24,"H4ckCity Security Team",php,webapps,0 36602,platforms/windows/remote/36602.html,"Webgate WESP SDK 1.2 ChangePassword Stack Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 @@ -33031,12 +33031,12 @@ id,file,description,date,author,platform,type,port 36606,platforms/windows/remote/36606.html,"WebGate eDVR Manager 2.6.4 SiteChannel Property Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36607,platforms/windows/remote/36607.html,"WebGate eDVR Manager 2.6.4 Connect Method Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36609,platforms/multiple/webapps/36609.txt,"Kemp Load Master 7.1.16 - Multiple Vulnerabilities",2015-04-02,"Roberto Suggi Liverani",multiple,webapps,80 -36610,platforms/php/webapps/36610.txt,"Wordpress Video Gallery Plugin 2.8 - Multiple CSRF Vulnerabilities",2015-04-02,Divya,php,webapps,80 +36610,platforms/php/webapps/36610.txt,"WordPress Video Gallery Plugin 2.8 - Multiple CSRF Vulnerabilities",2015-04-02,Divya,php,webapps,80 36611,platforms/php/webapps/36611.txt,"Multiple UpThemes WordPress Themes - Arbitrary File Upload",2015-04-02,Divya,php,webapps,80 -36612,platforms/php/webapps/36612.txt,"Wordpress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities",2015-04-02,Divya,php,webapps,80 -36613,platforms/php/webapps/36613.txt,"Wordpress Simple Ads Manager Plugin - Multiple SQL Injection",2015-04-02,"ITAS Team",php,webapps,80 -36614,platforms/php/webapps/36614.txt,"Wordpress Simple Ads Manager 2.5.94 - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 -36615,platforms/php/webapps/36615.txt,"Wordpress Simple Ads Manager - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 +36612,platforms/php/webapps/36612.txt,"WordPress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities",2015-04-02,Divya,php,webapps,80 +36613,platforms/php/webapps/36613.txt,"WordPress Simple Ads Manager Plugin - Multiple SQL Injection",2015-04-02,"ITAS Team",php,webapps,80 +36614,platforms/php/webapps/36614.txt,"WordPress Simple Ads Manager 2.5.94 - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 +36615,platforms/php/webapps/36615.txt,"WordPress Simple Ads Manager - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 36616,platforms/php/webapps/36616.txt,"phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection",2015-04-02,@u0x,php,webapps,80 36617,platforms/php/webapps/36617.txt,"WordPress VideoWhisper Video Presentation 3.31.17 - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 36618,platforms/php/webapps/36618.txt,"VideoWhisper Video Conference Integration 4.91.8 - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 @@ -33096,7 +33096,7 @@ id,file,description,date,author,platform,type,port 36674,platforms/php/webapps/36674.txt,"Shareaholic 7.6.0.3 - XSS",2015-04-08,"Kacper Szurek",php,webapps,80 36675,platforms/php/webapps/36675.txt,"Balero CMS 0.7.2 - Multiple Blind SQL Injection Vulnerabilities",2015-04-08,LiquidWorm,php,webapps,80 36676,platforms/php/webapps/36676.html,"Balero CMS 0.7.2 - Multiple JS/HTML Injection Vulnerabilities",2015-04-08,LiquidWorm,php,webapps,80 -36677,platforms/php/webapps/36677.txt,"Wordpress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 +36677,platforms/php/webapps/36677.txt,"WordPress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 36678,platforms/jsp/webapps/36678.txt,"ZENworks Configuration Management 11.3.1 - Remote Code Execution",2015-04-08,"Pedro Ribeiro",jsp,webapps,0 36679,platforms/windows/remote/36679.rb,"Solarwinds Firewall Security Manager 6.6.5 - Client Session Handling Vulnerability",2015-04-08,metasploit,windows,remote,0 36680,platforms/hardware/remote/36680.txt,"Multiple Trendnet Camera Products Remote Security Bypass Vulnerability",2012-02-10,console-cowboys,hardware,remote,0 @@ -33110,7 +33110,7 @@ id,file,description,date,author,platform,type,port 36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h 'path_to_admin/product.php' Cross Site Request Forgery Vulnerability",2012-02-10,DisK0nn3cT,php,webapps,0 36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0 36690,platforms/linux/remote/36690.rb,"Barracuda Firmware <= 5.0.0.012 - Post Auth Remote Root exploit",2015-04-09,xort,linux,remote,8000 -36691,platforms/php/webapps/36691.txt,"Wordpress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 +36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 36692,platforms/osx/local/36692.py,"Mac OS X < 10.7.5_ 10.8.2_ 10.9.5 10.10.2 - rootpipe Local Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 36693,platforms/php/webapps/36693.txt,"RabbitWiki 'title' Parameter Cross Site Scripting Vulnerability",2012-02-10,sonyy,php,webapps,0 36694,platforms/php/webapps/36694.txt,"eFront Community++ 3.6.10 SQL Injection and Multiple HTML Injection Vulnerabilities",2012-02-12,"Benjamin Kunz Mejri",php,webapps,0 @@ -33151,10 +33151,10 @@ id,file,description,date,author,platform,type,port 36730,platforms/php/webapps/36730.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_ipaddr.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36731,platforms/php/webapps/36731.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_iplink.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36732,platforms/php/webapps/36732.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_ports.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36733,platforms/php/webapps/36733.txt,"Wordpress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure Vulnerability",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 -36735,platforms/php/webapps/36735.txt,"Wordpress Duplicator <= 0.5.14 - SQL Injection & CSRF",2015-04-13,"Claudio Viviani",php,webapps,0 +36733,platforms/php/webapps/36733.txt,"WordPress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure Vulnerability",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 +36735,platforms/php/webapps/36735.txt,"WordPress Duplicator <= 0.5.14 - SQL Injection & CSRF",2015-04-13,"Claudio Viviani",php,webapps,0 36736,platforms/php/webapps/36736.txt,"Traidnt Up 3.0 - SQL Injection",2015-04-13,"Ali Trixx",php,webapps,0 -36738,platforms/php/webapps/36738.txt,"Wordpress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload Vulnerability",2015-04-13,"Claudio Viviani",php,webapps,0 +36738,platforms/php/webapps/36738.txt,"WordPress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload Vulnerability",2015-04-13,"Claudio Viviani",php,webapps,0 36746,platforms/linux/local/36746.c,"Apport/Abrt - Local Root Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 36761,platforms/php/webapps/36761.txt,"WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion Exploit",2015-04-14,LiquidWorm,php,webapps,80 36741,platforms/linux/dos/36741.py,"Samba < 3.6.2 x86 - PoC",2015-04-13,sleepya,linux,dos,0 @@ -33165,7 +33165,7 @@ id,file,description,date,author,platform,type,port 36752,platforms/php/webapps/36752.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_sensor.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36753,platforms/php/webapps/36753.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_time.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36754,platforms/php/webapps/36754.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_uaddr.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36751,platforms/php/webapps/36751.txt,"Wordpress Video Gallery 2.8 - SQL Injection",2015-04-14,"Claudio Viviani",php,webapps,80 +36751,platforms/php/webapps/36751.txt,"WordPress Video Gallery 2.8 - SQL Injection",2015-04-14,"Claudio Viviani",php,webapps,80 36750,platforms/lin_x86-64/shellcode/36750.c,"linux/x86 setreuid(0_ 0) + execve(_/sbin/halt_) + exit(0) (49 bytes)",2015-04-14,"Febriyanto Nugroho",lin_x86-64,shellcode,0 36755,platforms/php/webapps/36755.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_user.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36756,platforms/windows/remote/36756.html,"Samsung iPOLiS ReadConfigValue Remote Code Execution",2015-04-14,"Praveen Darshanam",windows,remote,0 @@ -33188,7 +33188,7 @@ id,file,description,date,author,platform,type,port 36774,platforms/php/webapps/36774.txt,"WordPress MiwoFTP Plugin 1.0.5 - Arbitrary File Download Exploit",2015-04-15,"Necmettin COSKUN",php,webapps,0 36807,platforms/php/webapps/36807.txt,"GoAutoDial 3.3-1406088000 - Multiple Vulnerabilities",2015-04-21,"Chris McCurley",php,webapps,80 36776,platforms/windows/dos/36776.py,"MS Windows (HTTP.sys) - HTTP Request Parsing DoS (MS15-034)",2015-04-16,"laurent gaffie",windows,dos,80 -36777,platforms/php/webapps/36777.txt,"Wordpress Ajax Store Locator 1.2 - SQL Injection Vulnerability",2015-04-16,"Claudio Viviani",php,webapps,80 +36777,platforms/php/webapps/36777.txt,"WordPress Ajax Store Locator 1.2 - SQL Injection Vulnerability",2015-04-16,"Claudio Viviani",php,webapps,80 36778,platforms/lin_x86/shellcode/36778.c,"Linux/x86 execve _/bin/sh_ - shellcode (35 bytes)",2015-04-17,"Mohammad Reza Espargham",lin_x86,shellcode,0 36779,platforms/win32/shellcode/36779.c,"win32/xp sp3 Create (_file.txt_) (83 bytes)",2015-04-17,"TUNISIAN CYBER",win32,shellcode,0 36780,platforms/win32/shellcode/36780.c,"win32/xp sp3 - Restart computer",2015-04-17,"TUNISIAN CYBER",win32,shellcode,0 @@ -33209,17 +33209,17 @@ id,file,description,date,author,platform,type,port 36797,platforms/ios/webapps/36797.txt,"Mobile Drive HD 1.8 - File Include Web Vulnerability",2015-04-21,Vulnerability-Lab,ios,webapps,0 36798,platforms/ios/webapps/36798.txt,"Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability",2015-04-21,Vulnerability-Lab,ios,webapps,0 36799,platforms/bsd/local/36799.c,"OpenBSD <= 5.6 - Multiple Local Kernel Panics",2015-04-21,nitr0us,bsd,local,0 -36800,platforms/php/webapps/36800.txt,"Wordpress NEX-Forms < 3.0 - SQL Injection Vulnerability",2015-04-21,"Claudio Viviani",php,webapps,0 +36800,platforms/php/webapps/36800.txt,"WordPress NEX-Forms < 3.0 - SQL Injection Vulnerability",2015-04-21,"Claudio Viviani",php,webapps,0 36801,platforms/php/webapps/36801.txt,"WordPress MiwoFTP Plugin <= 1.0.5 - Arbitrary File Download",2015-04-21,"dadou dz",php,webapps,0 36802,platforms/php/webapps/36802.txt,"WordPress Tune Library Plugin 1.5.4 - SQL Injection Vulnerability",2015-04-21,"Hannes Trunde",php,webapps,0 36803,platforms/linux/remote/36803.py,"ProFTPd 1.3.5 (mod_copy) - Remote Command Execution",2015-04-21,R-73eN,linux,remote,0 36804,platforms/php/webapps/36804.pl,"MediaSuite CMS - Artibary File Disclosure Exploit",2015-04-21,"KnocKout inj3ct0r",php,webapps,0 36805,platforms/php/webapps/36805.txt,"WordPress Community Events Plugin 1.3.5 - SQL Injection Vulnerability",2015-04-21,"Hannes Trunde",php,webapps,0 36808,platforms/windows/remote/36808.rb,"Adobe Flash Player copyPixelsToByteArray Integer Overflow",2015-04-21,metasploit,windows,remote,0 -36809,platforms/php/remote/36809.rb,"Wordpress Reflex Gallery Upload Vulnerability",2015-04-21,metasploit,php,remote,80 -36810,platforms/php/remote/36810.rb,"Wordpress N-Media Website Contact Form Upload Vulnerability",2015-04-21,metasploit,php,remote,80 -36811,platforms/php/remote/36811.rb,"Wordpress Creative Contact Form Upload Vulnerability",2015-04-21,metasploit,php,remote,80 -36812,platforms/php/remote/36812.rb,"Wordpress Work The Flow Upload Vulnerability",2015-04-21,metasploit,php,remote,80 +36809,platforms/php/remote/36809.rb,"WordPress Reflex Gallery Upload Vulnerability",2015-04-21,metasploit,php,remote,80 +36810,platforms/php/remote/36810.rb,"WordPress N-Media Website Contact Form Upload Vulnerability",2015-04-21,metasploit,php,remote,80 +36811,platforms/php/remote/36811.rb,"WordPress Creative Contact Form Upload Vulnerability",2015-04-21,metasploit,php,remote,80 +36812,platforms/php/remote/36812.rb,"WordPress Work The Flow Upload Vulnerability",2015-04-21,metasploit,php,remote,80 36813,platforms/hardware/local/36813.txt,"ADB Backup Archive Path Traversal File Overwrite",2015-04-21,"Imre Rad",hardware,local,0 36814,platforms/osx/dos/36814.c,"Mac OS X - Local Denial of Service",2015-04-21,"Maxime Villard",osx,dos,0 36815,platforms/cfm/webapps/36815.txt,"BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File Retrieval/Deletion",2015-04-21,Portcullis,cfm,webapps,80 @@ -33233,8 +33233,8 @@ id,file,description,date,author,platform,type,port 36820,platforms/linux/local/36820.txt,"Ubuntu usb-creator 0.2.x - Local Privilege Escalation",2015-04-23,"Tavis Ormandy",linux,local,0 36821,platforms/php/webapps/36821.txt,"WebUI 1.5b6 - Remote Code Execution Vulnerability",2015-04-23,"TUNISIAN CYBER",php,webapps,0 36822,platforms/windows/local/36822.pl,"Quick Search 1.1.0.189 - 'search textbox' Unicode SEH egghunter Buffer Overflow",2015-04-23,"Tomislav Paskalev",windows,local,0 -36823,platforms/php/webapps/36823.txt,"Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi",2015-04-23,"Felipe Molina",php,webapps,0 -36824,platforms/php/webapps/36824.txt,"Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi (2)",2015-04-23,"Felipe Molina",php,webapps,0 +36823,platforms/php/webapps/36823.txt,"Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi",2015-04-23,"Felipe Molina",php,webapps,0 +36824,platforms/php/webapps/36824.txt,"Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi (2)",2015-04-23,"Felipe Molina",php,webapps,0 36825,platforms/hardware/dos/36825.php,"ZYXEL P-660HN-T1H_IPv6 - Remote Configuration Editor / Web Server DoS",2015-04-23,"Koorosh Ghorbani",hardware,dos,80 36826,platforms/windows/local/36826.pl,"Free MP3 CD Ripper 2.6 2.8 (.wav) - SEH Based Buffer Overflow",2015-04-23,ThreatActor,windows,local,0 36827,platforms/windows/local/36827.py,"Free MP3 CD Ripper 2.6 2.8 (.wav) - SEH Based Buffer Overflow (W7 - DEP Bypass)",2015-04-24,naxxo,windows,local,0 @@ -33306,7 +33306,7 @@ id,file,description,date,author,platform,type,port 36915,platforms/windows/remote/36915.txt,"NetDecision 4.6.1 Multiple Directory Traversal Vulnerabilities",2012-03-07,"Luigi Auriemma",windows,remote,0 36916,platforms/php/webapps/36916.txt,"Exponent CMS 2.0 - 'src' Parameter SQL Injection Vulnerability",2012-03-07,"Rob Miller",php,webapps,0 36917,platforms/php/webapps/36917.txt,"OSClass 2.3.x Directory Traversal and Arbitrary File Upload Vulnerabilities",2012-03-07,"Filippo Cavallarin",php,webapps,0 -36909,platforms/windows/local/36909.rb,"RM Downloader 2.7.5.400 - Local Buffer Overflow (MSF)",2015-05-04,"TUNISIAN CYBER",windows,local,0 +36909,platforms/windows/local/36909.rb,"RM Downloader 2.7.5.400 - Local Buffer Overflow (Metasploit)",2015-05-04,"TUNISIAN CYBER",windows,local,0 36910,platforms/php/webapps/36910.txt,"Open Realty 2.5.x 'select_users_template' Parameter Local File Include Vulnerability",2012-03-05,"Aung Khant",php,webapps,0 36911,platforms/php/webapps/36911.txt,"11in1 CMS 1.2.1 admin/comments topicID Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0 36912,platforms/php/webapps/36912.txt,"11in1 CMS 1.2.1 admin/tps id Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0 @@ -33318,7 +33318,7 @@ id,file,description,date,author,platform,type,port 36921,platforms/lin_x86/shellcode/36921.c,"Linux x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode (58 Bytes)",2015-05-06,"Oleg Boytsev",lin_x86,shellcode,0 36922,platforms/ios/webapps/36922.txt,"vPhoto-Album 4.2 iOS - File Include Web Vulnerability",2015-05-06,Vulnerability-Lab,ios,webapps,0 36906,platforms/linux/dos/36906.txt,"Apache Xerces-C XML Parser < 3.1.2 - DoS POC",2015-05-04,beford,linux,dos,0 -36907,platforms/php/webapps/36907.txt,"Wordpress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS & CSRF & File Upload",2015-05-04,"Felipe Molina",php,webapps,0 +36907,platforms/php/webapps/36907.txt,"WordPress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS & CSRF & File Upload",2015-05-04,"Felipe Molina",php,webapps,0 36908,platforms/lin_x86/shellcode/36908.c,"linux/x86 - exit(0) (6 bytes)",2015-05-04,"Febriyanto Nugroho",lin_x86,shellcode,0 36965,platforms/php/webapps/36965.txt,"Omnistar Live Cross Site Scripting and SQL Injection Vulnerabilities",2012-03-13,sonyy,php,webapps,0 36966,platforms/linux/local/36966.txt,"LightDM 1.0.6 Arbitrary File Deletion Vulnerability",2012-03-13,"Ryan Lortie",linux,local,0 @@ -33334,7 +33334,7 @@ id,file,description,date,author,platform,type,port 36927,platforms/php/webapps/36927.txt,"ToendaCMS 1.6.2 setup/index.php site Parameter Traversal Local File Inclusion",2012-03-08,AkaStep,php,webapps,0 36928,platforms/windows/local/36928.py,"Macro Toolworks 7.5 Local Buffer Overflow Vulnerability",2012-03-08,"Julien Ahrens",windows,local,0 36929,platforms/jsp/webapps/36929.txt,"Ilient SysAid 8.5.5 Multiple Cross Site Scripting and HTML Injection Vulnerabilities",2012-03-08,"Julien Ahrens",jsp,webapps,0 -36930,platforms/multiple/webapps/36930.txt,"Wordpress Freshmail Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 +36930,platforms/multiple/webapps/36930.txt,"WordPress Freshmail Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 36931,platforms/hardware/remote/36931.txt,"Barracuda CudaTel Communication Server 2.0.029.1 Multiple HTML Injection Vulnerabilities",2012-03-08,"Benjamin Kunz Mejri",hardware,remote,0 36932,platforms/windows/remote/36932.py,"RealVNC 4.1.0 and 4.1.1 - Authentication Bypass Exploit",2012-05-13,fdiskyou,windows,remote,5900 36933,platforms/linux/remote/36933.py,"ShellShock dhclient Bash Environment Variable Command Injection PoC",2014-09-29,fdiskyou,linux,remote,0 @@ -33356,16 +33356,16 @@ id,file,description,date,author,platform,type,port 36949,platforms/php/webapps/36949.txt,"Xeams <= 4.5 Build 5755 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5272 36950,platforms/php/webapps/36950.txt,"Syncrify Server <= 3.6 Build 833 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5800 36951,platforms/php/webapps/36951.txt,"SynaMan <= 3.4 Build 1436 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 -36952,platforms/php/webapps/36952.txt,"Wordpress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 +36952,platforms/php/webapps/36952.txt,"WordPress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 36953,platforms/php/webapps/36953.txt,"SynTail <= 1.5 Build 566 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin <= 4.2.4 - CSRF Vulnerability",2015-05-08,Evex,php,webapps,80 36955,platforms/osx/remote/36955.py,"MacKeeper URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0 36956,platforms/windows/remote/36956.rb,"Adobe Flash Player domainMemory ByteArray Use After Free",2015-05-08,metasploit,windows,remote,0 -36957,platforms/php/remote/36957.rb,"Wordpress RevSlider File Upload and Execute Vulnerability",2015-05-08,metasploit,php,remote,80 +36957,platforms/php/remote/36957.rb,"WordPress RevSlider File Upload and Execute Vulnerability",2015-05-08,metasploit,php,remote,80 36958,platforms/php/webapps/36958.txt,"WordPress Ultimate Profile Builder Plugin 2.3.3 - CSRF Vulnerability",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36959,platforms/php/webapps/36959.txt,"WordPress ClickBank Ads Plugin 1.7 - CSRF Vulnerability",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36960,platforms/windows/webapps/36960.txt,"Manage Engine Asset Explorer 6.1.0 Build: 6110 - CSRF Vulnerability",2015-05-08,"Kaustubh G. Padwad",windows,webapps,8080 -36961,platforms/php/webapps/36961.txt,"Wordpress Ad Inserter Plugin 1.5.2 - CSRF Vulnerability",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 +36961,platforms/php/webapps/36961.txt,"WordPress Ad Inserter Plugin 1.5.2 - CSRF Vulnerability",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36962,platforms/windows/remote/36962.rb,"Adobe Flash Player NetConnection Type Confusion",2015-05-08,metasploit,windows,remote,0 36963,platforms/linux/webapps/36963.txt,"Alienvault OSSIM/USM 4.14_ 4.15_ and 5.0 - Multiple Vulnerabilities",2015-05-08,"Peter Lapp",linux,webapps,0 36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management Arbitrary File Upload",2015-05-08,metasploit,java,remote,443 @@ -33374,7 +33374,7 @@ id,file,description,date,author,platform,type,port 36976,platforms/cgi/webapps/36976.txt,"WebGlimpse 2.x 'wgarcmin.cgi' Path Disclosure Vulnerability",2012-03-18,Websecurity,cgi,webapps,0 36977,platforms/php/webapps/36977.pl,"CreateVision CreateVision CMS 'id' Parameter SQL Injection Vulnerability",2012-03-11,"Zwierzchowski Oskar",php,webapps,0 36978,platforms/hardware/webapps/36978.txt,"ZTE F660 - Remote Config Download",2015-05-11,"Daniel Cisa",hardware,webapps,0 -36979,platforms/php/webapps/36979.sh,"Wordpress N-Media Website Contact Form with File Upload 1.3.4 - File Upload",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 +36979,platforms/php/webapps/36979.sh,"WordPress N-Media Website Contact Form with File Upload 1.3.4 - File Upload",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 36980,platforms/windows/local/36980.py,"VideoCharge Express 3.16.3.04 - BOF Exploit",2015-05-11,evil_comrade,windows,local,0 36981,platforms/windows/local/36981.py,"VideoCharge Professional + Express Vanilla 3.18.4.04 - BOF Exploit",2015-05-11,evil_comrade,windows,local,0 36982,platforms/windows/local/36982.py,"VideoCharge Vanilla 3.16.4.06 - BOF Exploit",2015-05-11,evil_comrade,windows,local,0 @@ -33490,7 +33490,7 @@ id,file,description,date,author,platform,type,port 37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass and Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0 37098,platforms/windows/local/37098.txt,"Microsoft Windows - Local Privilege Escalation (MS15-010)",2015-05-25,"Sky lake",windows,local,0 37253,platforms/php/webapps/37253.txt,"Paypal Currency Converter Basic For Woocommerce File Read",2015-06-10,Kuroi'SH,php,webapps,0 -37254,platforms/php/webapps/37254.txt,"Wordpress History Collection <= 1.1.1 - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 +37254,platforms/php/webapps/37254.txt,"WordPress History Collection <= 1.1.1 - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 37255,platforms/php/webapps/37255.txt,"Pandora FMS 5.0_ 5.1 - Authentication Bypass",2015-06-10,"Manuel Mancera",php,webapps,0 37100,platforms/php/webapps/37100.txt,"Waylu CMS 'products_xx.php' SQL Injection and HTML Injection Vulnerabilities",2012-04-20,TheCyberNuxbie,php,webapps,0 37101,platforms/php/webapps/37101.txt,"Joomla CCNewsLetter Module 1.0.7 'id' Parameter SQL Injection Vulnerability",2012-04-23,E1nzte1N,php,webapps,0 @@ -33498,13 +33498,13 @@ id,file,description,date,author,platform,type,port 37103,platforms/php/webapps/37103.txt,"concrete5 5.5.2.1 Information Disclosure_ SQL Injection and Cross Site Scripting Vulnerabilities",2012-04-26,"Jakub Galczyk",php,webapps,0 37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 'jsoncallback' Parameter Cross Site Scripting Vulnerability",2012-04-26,"Jakub Galczyk",php,webapps,0 37105,platforms/php/webapps/37105.txt,"Quick.CMS 4.0 - 'p' Parameter Cross Site Scripting Vulnerability",2012-04-26,"Jakub Galczyk",php,webapps,0 -37106,platforms/php/webapps/37106.txt,"Wordpress Video Gallery Plugin 2.8 Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 +37106,platforms/php/webapps/37106.txt,"WordPress Video Gallery Plugin 2.8 Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 37107,platforms/php/webapps/37107.txt,"WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 37108,platforms/php/webapps/37108.txt,"WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 37109,platforms/php/webapps/37109.txt,"WordPress GigPress Plugin 2.3.8 - SQL Injection",2015-05-26,"Adrián M. F.",php,webapps,80 37110,platforms/java/webapps/37110.py,"Apache Jackrabbit WebDAV XXE Exploit",2015-05-26,"Mikhail Egorov",java,webapps,8080 -37111,platforms/php/webapps/37111.txt,"Wordpress MailChimp Subscribe Forms 1.1 Remote Code Execution",2015-05-26,woodspeed,php,webapps,80 -37112,platforms/php/webapps/37112.txt,"Wordpress church_admin Plugin 0.800 Stored XSS",2015-05-26,woodspeed,php,webapps,80 +37111,platforms/php/webapps/37111.txt,"WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution",2015-05-26,woodspeed,php,webapps,80 +37112,platforms/php/webapps/37112.txt,"WordPress church_admin Plugin 0.800 Stored XSS",2015-05-26,woodspeed,php,webapps,80 37113,platforms/php/webapps/37113.txt,"Wordpess Simple Photo Gallery 1.7.8 Blind SQL Injection",2015-05-26,woodspeed,php,webapps,80 37114,platforms/jsp/webapps/37114.txt,"Sendio ESP Information Disclosure Vulnerability",2015-05-26,"Core Security",jsp,webapps,80 37115,platforms/perl/webapps/37115.txt,"Clickheat 1.13+ Remote Command Execution",2015-05-26,"Calum Hutton",perl,webapps,0 @@ -33594,12 +33594,12 @@ id,file,description,date,author,platform,type,port 37206,platforms/php/webapps/37206.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 demo/phpThumb.demo.showpic.php title Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0 37207,platforms/php/webapps/37207.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 demo/phpThumb.demo.random.php dir Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0 37208,platforms/php/webapps/37208.txt,"backupDB() 1.2.7a 'onlyDB' Parameter Cross Site Scripting Vulnerability",2012-05-16,LiquidWorm,php,webapps,0 -37209,platforms/php/webapps/37209.txt,"Wordpress Really Simple Guest Post <= 1.0.6 - File Include",2015-06-05,Kuroi'SH,php,webapps,0 +37209,platforms/php/webapps/37209.txt,"WordPress Really Simple Guest Post <= 1.0.6 - File Include",2015-06-05,Kuroi'SH,php,webapps,0 37211,platforms/windows/local/37211.html,"1 Click Audio Converter 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37212,platforms/windows/local/37212.html,"1 Click Extract Audio 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37213,platforms/ios/webapps/37213.txt,"WiFi HD 8.1 - Directory Traversal and Denial of Service",2015-06-06,"Wh1t3Rh1n0 (Michael Allen)",ios,webapps,0 37214,platforms/hardware/webapps/37214.txt,"Broadlight Residential Gateway DI3124 - Unauthenticated Remote DNS Change",2015-06-06,"Todor Donev",hardware,webapps,0 -37252,platforms/php/webapps/37252.txt,"Wordpress RobotCPA Plugin V5 - Local File Inclusion",2015-06-10,T3N38R15,php,webapps,80 +37252,platforms/php/webapps/37252.txt,"WordPress RobotCPA Plugin V5 - Local File Inclusion",2015-06-10,T3N38R15,php,webapps,80 37216,platforms/php/webapps/37216.txt,"Unijimpe Captcha 'captchademo.php' Cross Site Scripting Vulnerability",2012-05-16,"Daniel Godoy",php,webapps,0 37217,platforms/php/webapps/37217.txt,"Artiphp 5.5.0 Neo - 'index.php' Multiple Cross Site Scripting Vulnerabilities",2012-05-17,"Gjoko Krstic",php,webapps,0 37218,platforms/jsp/dos/37218.txt,"Atlassian Tempo 6.4.3_ JIRA 5.0 0_ Gliffy 3.7.0 - XML Parsing Denial of Service Vulnerability",2012-05-17,anonymous,jsp,dos,0 @@ -33626,8 +33626,8 @@ id,file,description,date,author,platform,type,port 37239,platforms/windows/dos/37239.html,"Microsoft Internet Explorer 11 - Crash PoC",2015-06-08,"Pawel Wylecial",windows,dos,0 37240,platforms/hardware/webapps/37240.txt,"D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37241,platforms/hardware/webapps/37241.txt,"D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 -37243,platforms/php/webapps/37243.txt,"Wordpress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 -37244,platforms/php/webapps/37244.txt,"Wordpress Plugin 'WP Mobile Edition' - LFI Vulnerability",2015-06-08,"Ali Khalil",php,webapps,0 +37243,platforms/php/webapps/37243.txt,"WordPress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 +37244,platforms/php/webapps/37244.txt,"WordPress Plugin 'WP Mobile Edition' - LFI Vulnerability",2015-06-08,"Ali Khalil",php,webapps,0 37245,platforms/php/webapps/37245.txt,"Pasworld detail.php - Blind Sql Injection Vulnerability",2015-06-08,"Sebastian khan",php,webapps,0 37266,platforms/php/webapps/37266.txt,"ClickHeat <= 1.14 Change Admin Password CSRF",2015-06-12,"David Shanahan",php,webapps,80 37249,platforms/linux/dos/37249.py,"Libmimedir VCF Memory Corruption PoC",2015-06-10,"Jeremy Brown",linux,dos,0 @@ -33855,7 +33855,7 @@ id,file,description,date,author,platform,type,port 37492,platforms/ios/webapps/37492.txt,"WK UDID v1.0.1 iOS - Command Inject Vulnerability",2015-07-05,Vulnerability-Lab,ios,webapps,0 37534,platforms/php/webapps/37534.txt,"WordPress Easy2Map Plugin 1.24 - SQL Injection",2015-07-08,"Larry W. Cashdollar",php,webapps,80 37535,platforms/windows/local/37535.txt,"Blueberry Express 5.9.0.3678 - SEH Buffer Overflow",2015-07-08,Vulnerability-Lab,windows,local,0 -37494,platforms/php/webapps/37494.txt,"Wordpress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 +37494,platforms/php/webapps/37494.txt,"WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 37495,platforms/lin_x86/shellcode/37495.py,"Linux x86 /bin/sh ROT7 Encoded Shellcode",2015-07-05,"Artem T",lin_x86,shellcode,0 37500,platforms/php/webapps/37500.txt,"Funeral Script PHP Cross Site Scripting and SQL Injection Vulnerabilities",2012-06-17,snup,php,webapps,0 37501,platforms/php/webapps/37501.rb,"WordPress Generic Plugin Arbitrary File Upload Vulnerability",2012-07-13,KedAns-Dz,php,webapps,0 @@ -33912,8 +33912,8 @@ id,file,description,date,author,platform,type,port 37556,platforms/php/webapps/37556.txt,"Distimo Monitor Multiple Cross Site Scripting Vulnerabilities",2012-08-01,"Benjamin Kunz Mejri",php,webapps,0 37557,platforms/java/webapps/37557.txt,"ManageEngine Applications Manager Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2012-08-01,"Ibrahim El-Sayed",java,webapps,0 37558,platforms/windows/dos/37558.txt,"Notepad++ 6.7.3 - Crash PoC",2015-07-10,"Rahul Pratap Singh",windows,dos,0 -37559,platforms/php/webapps/37559.txt,"Wordpress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 -37560,platforms/php/webapps/37560.txt,"Wordpress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 +37559,platforms/php/webapps/37559.txt,"WordPress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 +37560,platforms/php/webapps/37560.txt,"WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 37562,platforms/multiple/dos/37562.pl,"NTPD MON_GETLIST Query Amplification Denial of Service",2015-07-10,"Todor Donev",multiple,dos,123 37567,platforms/php/webapps/37567.txt,"tekno.Portal 0.1b 'link.php' SQL Injection Vulnerability",2012-08-01,Socket_0x03,php,webapps,0 37568,platforms/windows/dos/37568.pl,"VLC Media Player '.3gp' File Divide-By-Zero Denial of Service Vulnerability",2012-08-02,Dark-Puzzle,windows,dos,0 @@ -34016,7 +34016,7 @@ id,file,description,date,author,platform,type,port 37674,platforms/php/webapps/37674.txt,"PHP Web Scripts Text Exchange Pro 'page' Parameter Local File Include Vulnerability",2012-08-24,"Yakir Wizman",php,webapps,0 37675,platforms/php/webapps/37675.txt,"Joomla! Komento Component 'cid' Parameter SQL Injection Vulnerability",2012-08-27,Crim3R,php,webapps,0 37676,platforms/asp/webapps/37676.txt,"Power-eCommerce Multiple Cross Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 -37677,platforms/php/webapps/37677.txt,"Wordpress Finder 'order' Parameter Cross Site Scripting Vulnerability",2012-08-25,Crim3R,php,webapps,0 +37677,platforms/php/webapps/37677.txt,"WordPress Finder 'order' Parameter Cross Site Scripting Vulnerability",2012-08-25,Crim3R,php,webapps,0 37678,platforms/asp/webapps/37678.txt,"Web Wiz Forums Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 37679,platforms/php/webapps/37679.txt,"LibGuides Multiple Cross Site Scripting Vulnerabilities",2012-08-25,Crim3R,php,webapps,0 37680,platforms/php/webapps/37680.txt,"Mihalism Multi Host 'users.php' Cross Site Scripting Vulnerability",2012-08-25,Explo!ter,php,webapps,0 @@ -34090,7 +34090,7 @@ id,file,description,date,author,platform,type,port 37754,platforms/php/webapps/37754.txt,"WordPress Candidate Application Form Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 37755,platforms/windows/local/37755.c,"Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)",2015-08-12,"Tomislav Paskalev",windows,local,0 37947,platforms/multiple/remote/37947.txt,"LiteSpeed Web Server 'gtitle' parameter Cross Site Scripting Vulnerability",2012-03-12,K1P0D,multiple,remote,0 -37948,platforms/php/webapps/37948.txt,"Wordpress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities",2012-10-17,waraxe,php,webapps,0 +37948,platforms/php/webapps/37948.txt,"WordPress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities",2012-10-17,waraxe,php,webapps,0 37949,platforms/linux/remote/37949.txt,"ModSecurity POST Parameters Security Bypass Vulnerability",2012-10-17,"Bernhard Mueller",linux,remote,0 37950,platforms/php/webapps/37950.txt,"jCore /admin/index.php path Parameter XSS",2012-10-17,"High-Tech Bridge",php,webapps,0 37951,platforms/windows/remote/37951.py,"Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0 @@ -34417,11 +34417,11 @@ id,file,description,date,author,platform,type,port 38096,platforms/linux/remote/38096.rb,"Endian Firewall Proxy Password Change Command Injection",2015-09-07,metasploit,linux,remote,10443 38097,platforms/hardware/webapps/38097.txt,"NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation",2015-09-07,"Elliott Lewis",hardware,webapps,80 38098,platforms/jsp/webapps/38098.txt,"JSPMySQL Administrador - Multiple Vulnerabilities",2015-09-07,hyp3rlinx,jsp,webapps,8081 -38105,platforms/php/webapps/38105.txt,"Wordpress White-Label Framework 2.0.6 - XSS Vulnerability",2015-09-08,Outlasted,php,webapps,80 +38105,platforms/php/webapps/38105.txt,"WordPress White-Label Framework 2.0.6 - XSS Vulnerability",2015-09-08,Outlasted,php,webapps,80 38108,platforms/windows/dos/38108.txt,"Advantech WebAccess 8.0_ 3.4.3 ActiveX - Multiple Vulnerabilities",2015-09-08,"Praveen Darshanam",windows,dos,0 38109,platforms/linux/remote/38109.pl,"Oracle MySQL and MariaDB Insecure Salt Generation Security Bypass Weakness",2012-12-06,kingcope,linux,remote,0 38110,platforms/php/webapps/38110.txt,"DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities",2015-09-08,"Ashiyane Digital Security Team",php,webapps,0 -38111,platforms/php/webapps/38111.txt,"Wordpress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability",2012-12-07,"Aditya Balapure",php,webapps,0 +38111,platforms/php/webapps/38111.txt,"WordPress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability",2012-12-07,"Aditya Balapure",php,webapps,0 38112,platforms/php/webapps/38112.txt,"FOOT Gestion 'id' Parameter SQL Injection Vulnerability",2012-12-07,"Emmanuel Farcy",php,webapps,0 38113,platforms/php/webapps/38113.php,"VBulletin ajaxReg Module SQL Injection Vulnerability",2012-12-08,"Cold Zero",php,webapps,0 38114,platforms/cgi/webapps/38114.html,"Smartphone Pentest Framework Multiple Remote Command Execution Vulnerabilities",2012-12-10,"High-Tech Bridge",cgi,webapps,0 @@ -34772,7 +34772,7 @@ id,file,description,date,author,platform,type,port 38481,platforms/hardware/remote/38481.html,"D-Link DIR-865L Cross Site Request Forgery Vulnerability",2013-04-19,"Jacob Holcomb",hardware,remote,0 38482,platforms/php/webapps/38482.txt,"Crafty Syntax Live Help <= 3.1.2 Remote File Include and Path Disclosure Vulnerabilities",2013-04-19,ITTIHACK,php,webapps,0 38483,platforms/hardware/dos/38483.txt,"TP-LINK TL-WR741N and TL-WR741ND Routers Multiple Denial of Service Vulnerabilities",2013-04-19,W1ckerMan,hardware,dos,0 -38484,platforms/php/webapps/38484.rb,"Wordpress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability",2015-10-18,PizzaHatHacker,php,webapps,0 +38484,platforms/php/webapps/38484.rb,"WordPress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability",2015-10-18,PizzaHatHacker,php,webapps,0 38485,platforms/windows/dos/38485.py,"VLC 2.2.1 libvlccore - (.mp3) Stack Overflow",2015-10-18,"Andrea Sindoni",windows,dos,0 38486,platforms/windows/local/38486.py,"Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow",2015-10-18,"yokoacc, nudragn, rungga_reksya",windows,local,0 38487,platforms/php/webapps/38487.txt,"WordPress Colormix Theme Multiple Security Vulnerablities",2013-04-21,MustLive,php,webapps,0 @@ -34939,7 +34939,7 @@ id,file,description,date,author,platform,type,port 38657,platforms/hardware/webapps/38657.html,"Arris TG1682G Modem - Stored XSS Vulnerability",2015-11-09,Nu11By73,hardware,webapps,0 39374,platforms/osx/dos/39374.c,"OS X Kernel - IOAccelMemoryInfoUserClient Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 38659,platforms/windows/dos/38659.py,"POP Peeper 4.0.1 - SEH Over-Write",2015-11-09,Un_N0n,windows,dos,0 -38660,platforms/php/remote/38660.rb,"Wordpress Ajax Load More 2.8.1.1 - PHP Upload Vulnerability",2015-11-09,metasploit,php,remote,0 +38660,platforms/php/remote/38660.rb,"WordPress Ajax Load More 2.8.1.1 - PHP Upload Vulnerability",2015-11-09,metasploit,php,remote,0 38661,platforms/php/webapps/38661.txt,"TestLink 1.9.14 - CSRF Vulnerability",2015-11-09,"Aravind C Ajayan, Balagopal N",php,webapps,0 38662,platforms/multiple/dos/38662.txt,"FreeType 2.6.1 TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read",2015-11-09,"Google Security Research",multiple,dos,0 38663,platforms/hardware/remote/38663.txt,"Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems",2015-11-10,"Murat Sahin",hardware,remote,0 @@ -35138,9 +35138,9 @@ id,file,description,date,author,platform,type,port 38864,platforms/php/webapps/38864.php,"NeoBill /install/include/solidstate.php Multiple Parameter SQL Injection",2013-12-06,KedAns-Dz,php,webapps,0 38865,platforms/php/webapps/38865.txt,"NeoBill /install/index.php language Parameter Traversal Local File Inclusion",2013-12-06,KedAns-Dz,php,webapps,0 39563,platforms/php/webapps/39563.txt,"Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities",2016-03-15,Security-Assessment.com,php,webapps,80 -38867,platforms/php/webapps/38867.txt,"Wordpress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 -38868,platforms/php/webapps/38868.txt,"Wordpress Plugin Sell Download v1.0.16 - Local File Disclosure",2015-12-04,KedAns-Dz,php,webapps,0 -38869,platforms/php/webapps/38869.txt,"Wordpress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 +38867,platforms/php/webapps/38867.txt,"WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 +38868,platforms/php/webapps/38868.txt,"WordPress Plugin Sell Download v1.0.16 - Local File Disclosure",2015-12-04,KedAns-Dz,php,webapps,0 +38869,platforms/php/webapps/38869.txt,"WordPress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 38870,platforms/php/webapps/38870.txt,"WordPress Easy Career Openings Plugin 'jobid' Parameter SQL Injection Vulnerability",2013-12-06,Iranian_Dark_Coders_Team,php,webapps,0 38871,platforms/windows/local/38871.txt,"Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions",2015-12-06,loneferret,windows,local,0 38872,platforms/php/webapps/38872.php,"WordPress PhotoSmash Galleries Plugin 'bwbps-uploader.php' Arbitrary File Upload Vulnerability",2013-12-08,"Ashiyane Digital Security Team",php,webapps,0 @@ -35184,7 +35184,7 @@ id,file,description,date,author,platform,type,port 38912,platforms/windows/remote/38912.txt,"Microsoft Windows Media Center Link File Incorrectly Resolved Reference",2015-12-09,"Core Security",windows,remote,0 38913,platforms/hardware/webapps/38913.txt,"WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities",2015-12-09,alimp5,hardware,webapps,0 38914,platforms/hardware/webapps/38914.txt,"WIMAX MT711x - Multiple Vulnerabilities",2015-12-09,alimp5,hardware,webapps,0 -38915,platforms/php/webapps/38915.txt,"Wordpress Plugin WP Easy Poll 1.1.3 - XSS and CSRF",2015-12-09,Mysticism,php,webapps,80 +38915,platforms/php/webapps/38915.txt,"WordPress Plugin WP Easy Poll 1.1.3 - XSS and CSRF",2015-12-09,Mysticism,php,webapps,80 38916,platforms/windows/dos/38916.html,"IE 11.0.9600.18097 COmWindowProxy::SwitchMarkup NULL PTR",2015-12-09,"Marcin Ressel",windows,dos,0 38917,platforms/osx/dos/38917.txt,"MacOS X 10.11 FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 38918,platforms/windows/remote/38918.txt,"Microsoft Office / COM Object els.dll DLL Planting (MS15-134)",2015-12-09,"Google Security Research",windows,remote,0 @@ -35233,7 +35233,7 @@ id,file,description,date,author,platform,type,port 39097,platforms/linux/remote/39097.txt,"Red Hat Piranha Remote Security Bypass Vulnerability",2013-12-11,"Andreas Schiermeier",linux,remote,0 39098,platforms/php/webapps/39098.txt,"Joomla! Wire Immogest Component 'index.php' SQL Injection Vulnerability",2014-02-17,MR.XpR,php,webapps,0 39057,platforms/php/webapps/39057.txt,"Dell Kace 1000 Systems Management Appliance DS-2014-001 Multiple SQL Injection Vulnerabilities",2014-01-13,"Rohan Stelling",php,webapps,0 -38964,platforms/hardware/remote/38964.rb,"Siemens Simatic S7 1200 CPU Command Module (MSF)",2015-12-14,"Nguyen Manh Hung",hardware,remote,102 +38964,platforms/hardware/remote/38964.rb,"Siemens Simatic S7 1200 CPU Command Module (Metasploit)",2015-12-14,"Nguyen Manh Hung",hardware,remote,102 39095,platforms/php/webapps/39095.pl,"MyBB 'misc.php' Remote Denial of Service Vulnerability",2014-02-12,Amir,php,webapps,0 38968,platforms/windows/remote/38968.txt,"Microsoft Office / COM Object DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)",2015-12-14,"Google Security Research",windows,remote,0 38969,platforms/multiple/dos/38969.txt,"Adobe Flash Type Confusion in IExternalizable.readExternal When Performing Local Serialization",2015-12-14,"Google Security Research",multiple,dos,0 @@ -35561,7 +35561,7 @@ id,file,description,date,author,platform,type,port 39306,platforms/php/webapps/39306.html,"pfSense Firewall <= 2.2.5 - Config File CSRF",2016-01-25,"Aatif Shahdad",php,webapps,443 39375,platforms/osx/dos/39375.c,"OS X Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39308,platforms/linux/dos/39308.c,"Linux Kernel - prima WLAN Driver Heap Overflow",2016-01-25,"Shawn the R0ck",linux,dos,0 -39309,platforms/php/webapps/39309.txt,"Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection",2016-01-25,"i0akiN SEC-LABORATORY",php,webapps,80 +39309,platforms/php/webapps/39309.txt,"WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection",2016-01-25,"i0akiN SEC-LABORATORY",php,webapps,80 39310,platforms/windows/local/39310.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2 (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39311,platforms/windows/local/39311.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39312,platforms/lin_x86-64/shellcode/39312.c,"x86_64 Linux xor/not/div Encoded execve Shellcode",2016-01-25,"Sathish kumar",lin_x86-64,shellcode,0 @@ -35571,7 +35571,7 @@ id,file,description,date,author,platform,type,port 39316,platforms/hardware/remote/39316.pl,"Multiple Aztech Modem Routers Session Hijacking Vulnerability",2014-09-15,"Eric Fajardo",hardware,remote,0 39317,platforms/php/webapps/39317.txt,"WordPress Wordfence Security Plugin Multiple Vulnerabilities",2014-09-14,Voxel@Night,php,webapps,0 39318,platforms/multiple/remote/39318.txt,"Laravel 'Hash::make()' Function Password Truncation Security Weakness",2014-09-16,"Pichaya Morimoto",multiple,remote,0 -39319,platforms/php/webapps/39319.txt,"Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 +39319,platforms/php/webapps/39319.txt,"WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 39320,platforms/php/webapps/39320.txt,"Gongwalker API Manager 1.1 - Blind SQL Injection",2016-01-26,HaHwul,php,webapps,80 39321,platforms/multiple/dos/39321.txt,"pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39322,platforms/multiple/dos/39322.txt,"pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 @@ -35788,13 +35788,13 @@ id,file,description,date,author,platform,type,port 39549,platforms/linux/local/39549.txt,"Exim < 4.86.2 - Local Root Privilege Escalation",2016-03-10,"Dawid Golunski",linux,local,0 39550,platforms/multiple/dos/39550.py,"libotr <= 4.1.0 - Memory Corruption",2016-03-10,"X41 D-Sec GmbH",multiple,dos,0 39551,platforms/multiple/dos/39551.txt,"Putty pscp <= 0.66 - Stack Buffer Overwrite",2016-03-10,tintinweb,multiple,dos,0 -39552,platforms/php/webapps/39552.txt,"Wordpress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability",2016-03-11,"Colette Chamberland",php,webapps,80 +39552,platforms/php/webapps/39552.txt,"WordPress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability",2016-03-11,"Colette Chamberland",php,webapps,80 39553,platforms/php/webapps/39553.txt,"WordPress DZS Videogallery Plugin <=8.60 - Multiple Vulnerabilities",2016-03-11,"Colette Chamberland",php,webapps,80 39554,platforms/php/remote/39554.rb,"PHP Utility Belt Remote Code Execution",2016-03-11,metasploit,php,remote,80 39555,platforms/linux/dos/39555.txt,"RHEL 7.1 Kernel - snd-usb-audio Crash PoC",2016-03-14,"OpenSource Security",linux,dos,0 39556,platforms/linux/dos/39556.txt,"RHEL 7.1 Kernel - iowarrior driver Crash PoC",2016-03-14,"OpenSource Security",linux,dos,0 39557,platforms/windows/dos/39557.py,"Zortam Mp3 Media Studio 20.15 - SEH Overflow DoS",2016-03-14,INSECT.B,windows,dos,0 -39558,platforms/php/webapps/39558.txt,"Wordpress Site Import Plugin 1.0.1 - Local and Remote File Inclusion",2016-03-14,Wadeek,php,webapps,80 +39558,platforms/php/webapps/39558.txt,"WordPress Site Import Plugin 1.0.1 - Local and Remote File Inclusion",2016-03-14,Wadeek,php,webapps,80 39559,platforms/php/webapps/39559.txt,"TeamPass 2.1.24 - Multiple Vulnerabilities",2016-03-14,"Vincent Malguy",php,webapps,80 39560,platforms/windows/dos/39560.txt,"Windows Kernel ATMFD.DLL OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 39561,platforms/windows/dos/39561.txt,"Windows Kernel ATMFD.DLL OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 @@ -35805,3 +35805,4 @@ id,file,description,date,author,platform,type,port 39569,platforms/multiple/remote/39569.py,"OpenSSH <= 7.2p1 - xauth Injection",2016-03-16,tintinweb,multiple,remote,22 39570,platforms/freebsd_x86-64/dos/39570.c,"FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow",2016-03-16,"Core Security",freebsd_x86-64,dos,0 39572,platforms/php/webapps/39572.txt,"PivotX 2.3.11 - Directory Traversal",2016-03-17,"Curesec Research Team",php,webapps,80 +39573,platforms/windows/webapps/39573.txt,"Wildfly - WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass",2016-03-20,"Tal Solomon of Palantir Security",windows,webapps,0 diff --git a/platforms/windows/webapps/39573.txt b/platforms/windows/webapps/39573.txt new file mode 100755 index 000000000..ca7a13e11 --- /dev/null +++ b/platforms/windows/webapps/39573.txt @@ -0,0 +1,23 @@ +Exploit Title: Wildfly: WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass +Date: 09.02.16 +Exploit Author: Tal Solomon of Palantir Security +Vendor Homepage: https://bugzilla.redhat.com/show_bug.cgi?id=1305937 +Software Link: http://wildfly.org/downloads/ +Version: This issue effects versions of Wildfly prior to 10.0.0.Final, including 9.0.2.Final, and 8.2.1.Final. +Tested on: Windows +CVE : CVE-2016-0793 + +An information disclosure of the content of restricted files WEB-INF and META-INF via filter mechanism was reported. Servlet filter restriction mechanism is enforced by two code checks: + +if (path.startsWith("/META-INF") || path.startsWith("META-INF") || path.startsWith("/WEB-INF") || path.startsWith("WEB-INF")) { + return false; +} + +private boolean isForbiddenPath(String path) { + return path.equalsIgnoreCase("/meta-inf/") || path.regionMatches(true, 0, "/web-inf/", 0, "/web-inf/".length()); +} + +which can be bypassed using lower case and adding meaningless character to path. + +Proof of Concept Video: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39573.zip